From 34f2eb7e3bd1ccdcba0c5359928d709263496714 Mon Sep 17 00:00:00 2001 From: sbaluja Date: Fri, 28 Nov 2025 13:22:18 -0500 Subject: [PATCH 1/7] Multi auth request level resolution --- .../aws/core/AmazonWebServiceRequest.h | 3 + .../include/aws/core/auth/AWSAuthSigner.h | 3 + .../include/smithy/client/AwsSmithyClient.h | 23 ++-- .../AwsSmithyClientAsyncRequestContext.h | 8 +- .../built-in/BearerTokenAuthSchemeOption.h | 2 +- .../identity/auth/built-in/NoAuthScheme.h | 76 +++++++++++ .../auth/built-in/NoAuthSchemeOption.h | 15 ++ .../impl/AwsBearerTokenIdentityImpl.h | 4 +- .../resolver/AwsBearerTokenIdentityResolver.h | 2 +- .../signer/built-in/BearerTokenSigner.h | 2 +- .../identity/signer/built-in/NoAuthSigner.h | 51 +++++++ .../smithy/client/AwsSmithyClientBase.cpp | 27 ++-- .../smithy/identity/AuthSchemeOption.cpp | 2 + .../smithy/client/SmithyClientTest.cpp | 129 ++++++++++++++++++ .../domainmodels/c2j/C2jOperation.java | 1 + .../codegeneration/Operation.java | 10 ++ .../codegeneration/ServiceModel.java | 8 +- .../codegeneration/cpp/CppViewHelper.java | 30 +++- .../cpp/CborCppClientGenerator.java | 3 +- .../generators/cpp/CppClientGenerator.java | 33 +++-- .../cpp/JsonCppClientGenerator.java | 3 +- .../cpp/QueryCppClientGenerator.java | 2 + .../cpp/s3/S3RestXmlCppClientGenerator.java | 2 +- .../C2jModelToGeneratorModelTransformer.java | 1 + .../velocity/cpp/RequestHeader.vm | 3 + .../cpp/ServiceClientHeaderConstructors.vm | 9 +- .../ServiceClientHeaderLegacyConstructors.vm | 7 +- .../cpp/ServiceClientSourceHeaders.vm | 2 +- .../velocity/cpp/cbor/CborRequestSource.vm | 19 +++ .../cpp/cbor/CborServiceClientSource.vm | 2 +- .../model/ServiceClientModelHeaderInclude.vm | 2 +- .../velocity/cpp/json/JsonRequestSource.vm | 21 ++- .../cpp/json/JsonServiceClientSource.vm | 2 +- .../cpp/queryxml/QueryRequestSource.vm | 9 ++ .../cpp/smithy/SmithyClientSourceInit.vm | 29 +++- .../velocity/cpp/xml/XmlRequestSource.vm | 20 ++- 36 files changed, 500 insertions(+), 65 deletions(-) create mode 100644 src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/NoAuthScheme.h create mode 100644 src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/NoAuthSchemeOption.h create mode 100644 src/aws-cpp-sdk-core/include/smithy/identity/signer/built-in/NoAuthSigner.h diff --git a/src/aws-cpp-sdk-core/include/aws/core/AmazonWebServiceRequest.h b/src/aws-cpp-sdk-core/include/aws/core/AmazonWebServiceRequest.h index a16c939a31c..77b8e9d72aa 100644 --- a/src/aws-cpp-sdk-core/include/aws/core/AmazonWebServiceRequest.h +++ b/src/aws-cpp-sdk-core/include/aws/core/AmazonWebServiceRequest.h @@ -19,6 +19,7 @@ #include #include #include +#include namespace Aws { @@ -231,6 +232,8 @@ namespace Aws RetryContext GetRetryContext() const { return m_retryContext; } void SetRetryContext(const RetryContext& context) const { m_retryContext = context; } + + virtual Aws::Vector GetRequestSpecificSupportedAuth() const { return {}; } protected: /** * Default does nothing. Override this to convert what would otherwise be the payload of the diff --git a/src/aws-cpp-sdk-core/include/aws/core/auth/AWSAuthSigner.h b/src/aws-cpp-sdk-core/include/aws/core/auth/AWSAuthSigner.h index 0c4a26dbd32..58a40376ba1 100644 --- a/src/aws-cpp-sdk-core/include/aws/core/auth/AWSAuthSigner.h +++ b/src/aws-cpp-sdk-core/include/aws/core/auth/AWSAuthSigner.h @@ -12,4 +12,7 @@ #include #include +#include +#include + // This is a header that represents old legacy all-in-one header to maintain backward compatibility diff --git a/src/aws-cpp-sdk-core/include/smithy/client/AwsSmithyClient.h b/src/aws-cpp-sdk-core/include/smithy/client/AwsSmithyClient.h index b5eeb8f7d12..97b387fec36 100644 --- a/src/aws-cpp-sdk-core/include/smithy/client/AwsSmithyClient.h +++ b/src/aws-cpp-sdk-core/include/smithy/client/AwsSmithyClient.h @@ -188,7 +188,7 @@ namespace client } } - Aws::Vector authSchemeOptions = m_authSchemeResolver->resolveAuthScheme(identityParams); + Aws::Vector authSchemeOptions = ctx.m_authResolver == nullptr ? m_authSchemeResolver->resolveAuthScheme(identityParams) : ctx.m_authResolver->resolveAuthScheme(identityParams); auto authSchemeOptionIt = std::find_if(authSchemeOptions.begin(), authSchemeOptions.end(), [this](const AuthSchemeOption& opt) @@ -352,15 +352,18 @@ namespace client GetContextEndpointParametersOutcome GetContextEndpointParametersImpl(const AwsSmithyClientAsyncRequestContext& ctx) const { Aws::Vector endpointParameters; - const auto resolvedAccountId = ctx.m_awsIdentity->accountId(); - const auto resolvedNonEmptyAccountId = resolvedAccountId.has_value() && !resolvedAccountId.value().empty(); - // Set user agent if account ID was resolved in identity provider - if (resolvedNonEmptyAccountId) { - ctx.m_pRequest->AddUserAgentFeature(Aws::Client::UserAgentFeature::RESOLVED_ACCOUNT_ID); - } - // Only set EP param if client configuration does not have a configured account ID and we resolved a account id - if (resolvedNonEmptyAccountId && m_clientConfiguration.accountId.empty()) { - endpointParameters.emplace_back("AccountId", resolvedAccountId.value(), Aws::Endpoint::EndpointParameter::ParameterOrigin::OPERATION_CONTEXT); + //nullptr indicates we're using noAuth and therefore there is no identity + if (ctx.m_awsIdentity != nullptr) { + const auto resolvedAccountId = ctx.m_awsIdentity->accountId(); + const auto resolvedNonEmptyAccountId = resolvedAccountId.has_value() && !resolvedAccountId.value().empty(); + // Set user agent if account ID was resolved in identity provider + if (resolvedNonEmptyAccountId) { + ctx.m_pRequest->AddUserAgentFeature(Aws::Client::UserAgentFeature::RESOLVED_ACCOUNT_ID); + } + // Only set EP param if client configuration does not have a configured account ID and we resolved a account id + if (resolvedNonEmptyAccountId && m_clientConfiguration.accountId.empty()) { + endpointParameters.emplace_back("AccountId", resolvedAccountId.value(), Aws::Endpoint::EndpointParameter::ParameterOrigin::OPERATION_CONTEXT); + } } return endpointParameters; } diff --git a/src/aws-cpp-sdk-core/include/smithy/client/AwsSmithyClientAsyncRequestContext.h b/src/aws-cpp-sdk-core/include/smithy/client/AwsSmithyClientAsyncRequestContext.h index 3f7ad64f122..cf12dc8088d 100644 --- a/src/aws-cpp-sdk-core/include/smithy/client/AwsSmithyClientAsyncRequestContext.h +++ b/src/aws-cpp-sdk-core/include/smithy/client/AwsSmithyClientAsyncRequestContext.h @@ -12,6 +12,7 @@ #include #include #include +#include namespace smithy { @@ -71,18 +72,21 @@ namespace smithy std::shared_ptr m_pExecutor; std::shared_ptr m_interceptorContext; std::shared_ptr m_awsIdentity; + std::shared_ptr> m_authResolver; AwsSmithyClientAsyncRequestContext() = default; AwsSmithyClientAsyncRequestContext( Aws::AmazonWebServiceRequest const * const request, const char* requestName, - std::shared_ptr pExecutor): + std::shared_ptr pExecutor, + std::shared_ptr> authResolver): m_invocationId{Aws::Utils::UUID::PseudoRandomUUID()}, m_pRequest{request}, m_requestName{requestName ? requestName : m_pRequest ? m_pRequest->GetServiceRequestName() : ""}, m_retryCount{0}, - m_pExecutor{pExecutor} + m_pExecutor{pExecutor}, + m_authResolver{authResolver} { } diff --git a/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/BearerTokenAuthSchemeOption.h b/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/BearerTokenAuthSchemeOption.h index 2fbf4bec104..cb77773a1b0 100644 --- a/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/BearerTokenAuthSchemeOption.h +++ b/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/BearerTokenAuthSchemeOption.h @@ -12,6 +12,6 @@ struct BearerTokenAuthSchemeOption static AuthSchemeOption bearerTokenAuthSchemeOption; }; -AuthSchemeOption BearerTokenAuthSchemeOption::bearerTokenAuthSchemeOption = +inline AuthSchemeOption BearerTokenAuthSchemeOption::bearerTokenAuthSchemeOption = AuthSchemeOption("smithy.api#HTTPBearerAuth"); } // namespace smithy \ No newline at end of file diff --git a/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/NoAuthScheme.h b/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/NoAuthScheme.h new file mode 100644 index 00000000000..2324f638358 --- /dev/null +++ b/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/NoAuthScheme.h @@ -0,0 +1,76 @@ +/** +* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ +#pragma once + +#include +#include + +#include +#include + +namespace smithy { + constexpr char NOAUTH[] = "smithy.api#noAuth"; + + class NoAuthScheme : public AuthScheme + { + public: + using AwsCredentialIdentityResolverT = IdentityResolverBase; + using AwsCredentialSignerT = AwsSignerBase; + + explicit NoAuthScheme() + : AuthScheme(NOAUTH), + m_signer{Aws::MakeShared("NoAuthScheme")} + { + assert(m_signer); + } + + explicit NoAuthScheme(std::shared_ptr identityResolver, + const Aws::String& serviceName, + const Aws::String& region) + : AuthScheme(NOAUTH), + m_signer{Aws::MakeShared("NoAuthScheme")} + { + AWS_UNREFERENCED_PARAM(identityResolver); + AWS_UNREFERENCED_PARAM(serviceName); + AWS_UNREFERENCED_PARAM(region); + assert(m_signer); + } + + explicit NoAuthScheme(const Aws::String& serviceName, + const Aws::String& region) + : NoAuthScheme(nullptr, serviceName, region) + { + assert(m_signer); + } + + //legacy constructors + explicit NoAuthScheme(std::shared_ptr identityResolver, const Aws::String& serviceName, const Aws::String& region, Aws::Client::AWSAuthV4Signer::PayloadSigningPolicy policy, bool urlEscape) + : AuthScheme(NOAUTH), + m_signer{Aws::MakeShared("NoAuthScheme")} + { + AWS_UNREFERENCED_PARAM(identityResolver); + AWS_UNREFERENCED_PARAM(serviceName); + AWS_UNREFERENCED_PARAM(region); + AWS_UNREFERENCED_PARAM(policy); + AWS_UNREFERENCED_PARAM(urlEscape); + assert(m_signer); + } + + virtual ~NoAuthScheme() = default; + + std::shared_ptr identityResolver() override + { + return nullptr; + } + + std::shared_ptr signer() override + { + return m_signer; + } + + protected: + std::shared_ptr m_signer; + }; +} \ No newline at end of file diff --git a/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/NoAuthSchemeOption.h b/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/NoAuthSchemeOption.h new file mode 100644 index 00000000000..463a1395755 --- /dev/null +++ b/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/NoAuthSchemeOption.h @@ -0,0 +1,15 @@ +/** +* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ +#pragma once + +#include +#include + +namespace smithy { + struct NoAuthSchemeOption + { + static SMITHY_API AuthSchemeOption noAuthSchemeOption; + }; +} \ No newline at end of file diff --git a/src/aws-cpp-sdk-core/include/smithy/identity/identity/impl/AwsBearerTokenIdentityImpl.h b/src/aws-cpp-sdk-core/include/smithy/identity/identity/impl/AwsBearerTokenIdentityImpl.h index b9ca17748f2..926766df73e 100644 --- a/src/aws-cpp-sdk-core/include/smithy/identity/identity/impl/AwsBearerTokenIdentityImpl.h +++ b/src/aws-cpp-sdk-core/include/smithy/identity/identity/impl/AwsBearerTokenIdentityImpl.h @@ -8,9 +8,9 @@ #include namespace smithy { -const Aws::String &AwsBearerTokenIdentity::token() const { return m_token; } +inline const Aws::String &AwsBearerTokenIdentity::token() const { return m_token; } -Aws::Crt::Optional +inline Aws::Crt::Optional AwsBearerTokenIdentity::expiration() const { return m_expiration; diff --git a/src/aws-cpp-sdk-core/include/smithy/identity/resolver/AwsBearerTokenIdentityResolver.h b/src/aws-cpp-sdk-core/include/smithy/identity/resolver/AwsBearerTokenIdentityResolver.h index 833990a5814..3af5947ecbc 100644 --- a/src/aws-cpp-sdk-core/include/smithy/identity/resolver/AwsBearerTokenIdentityResolver.h +++ b/src/aws-cpp-sdk-core/include/smithy/identity/resolver/AwsBearerTokenIdentityResolver.h @@ -104,7 +104,7 @@ class DefaultAwsBearerTokenIdentityResolver : AwsBearerTokenIdentityResolver(Aws::Vector>{ Aws::MakeShared("SSOBearerTokenProvider")}){}; }; -const char +inline const char AwsBearerTokenIdentityResolver::BEARER_TOKEN_PROVIDER_CHAIN_LOG_TAG[] = "BearerTokenProvider"; diff --git a/src/aws-cpp-sdk-core/include/smithy/identity/signer/built-in/BearerTokenSigner.h b/src/aws-cpp-sdk-core/include/smithy/identity/signer/built-in/BearerTokenSigner.h index 5695443a343..03887407f71 100644 --- a/src/aws-cpp-sdk-core/include/smithy/identity/signer/built-in/BearerTokenSigner.h +++ b/src/aws-cpp-sdk-core/include/smithy/identity/signer/built-in/BearerTokenSigner.h @@ -71,5 +71,5 @@ class BearerTokenSigner : public AwsSignerBase Aws::String m_region; }; -const char BearerTokenSigner::LOGGING_TAG[] = "BearerTokenSigner"; +inline const char BearerTokenSigner::LOGGING_TAG[] = "BearerTokenSigner"; } // namespace smithy diff --git a/src/aws-cpp-sdk-core/include/smithy/identity/signer/built-in/NoAuthSigner.h b/src/aws-cpp-sdk-core/include/smithy/identity/signer/built-in/NoAuthSigner.h new file mode 100644 index 00000000000..63418efba88 --- /dev/null +++ b/src/aws-cpp-sdk-core/include/smithy/identity/signer/built-in/NoAuthSigner.h @@ -0,0 +1,51 @@ +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ +#pragma once + +#include +#include +#include + +namespace smithy { + /** + * A smithy NoAuth signer wrapper on top of legacy SDK null signer + */ + class AwsNoAuthSigner : public AwsSignerBase { + public: + explicit AwsNoAuthSigner() + : legacySigner() + { + } + + SigningFutureOutcome sign(std::shared_ptr httpRequest, const AwsCredentialIdentityBase& identity, SigningProperties properties) override + { + AWS_UNREFERENCED_PARAM(identity); + AWS_UNREFERENCED_PARAM(properties); + assert(httpRequest); + bool success = legacySigner.SignRequest(*httpRequest); + if (success) + { + return SigningFutureOutcome(std::move(httpRequest)); + } + return SigningError(Aws::Client::CoreErrors::MEMORY_ALLOCATION, "", "Failed to sign the request with noauth", false); + } + + SigningFutureOutcome presign(std::shared_ptr httpRequest, const AwsCredentialIdentityBase& identity, SigningProperties properties, const Aws::String& region, const Aws::String& serviceName, long long expirationTimeInSeconds) override + { + AWS_UNREFERENCED_PARAM(httpRequest); + AWS_UNREFERENCED_PARAM(identity); + AWS_UNREFERENCED_PARAM(properties); + AWS_UNREFERENCED_PARAM(region); + AWS_UNREFERENCED_PARAM(serviceName); + AWS_UNREFERENCED_PARAM(expirationTimeInSeconds); + return SigningFutureOutcome(std::move(httpRequest)); + } + + virtual ~AwsNoAuthSigner() = default; + + protected: + Aws::Client::AWSNullSigner legacySigner; + }; +} \ No newline at end of file diff --git a/src/aws-cpp-sdk-core/source/smithy/client/AwsSmithyClientBase.cpp b/src/aws-cpp-sdk-core/source/smithy/client/AwsSmithyClientBase.cpp index 1bc123eb8d9..b06fb94a322 100644 --- a/src/aws-cpp-sdk-core/source/smithy/client/AwsSmithyClientBase.cpp +++ b/src/aws-cpp-sdk-core/source/smithy/client/AwsSmithyClientBase.cpp @@ -22,7 +22,7 @@ #include #include #include - +#include using namespace smithy::client; using namespace smithy::interceptor; @@ -195,14 +195,16 @@ bool AwsSmithyClientBase::ResolveIdentityAuth( assert(pRequestCtx->m_authSchemeOption.schemeId); // resolve identity - auto identityOutcome = this->ResolveIdentity(*pRequestCtx); - if (!identityOutcome.IsSuccess()) - { - responseHandler(std::move(identityOutcome)); - return false; + if (strcmp(authSchemeOptionOutcome.GetResult().schemeId, smithy::NOAUTH) != 0) { + auto identityOutcome = this->ResolveIdentity(*pRequestCtx); + if (!identityOutcome.IsSuccess()) + { + responseHandler(std::move(identityOutcome)); + return false; + } + pRequestCtx->m_awsIdentity = std::move(identityOutcome.GetResultWithOwnership()); } - - pRequestCtx->m_awsIdentity = std::move(identityOutcome.GetResultWithOwnership()); + // get endpoint params from operation context const auto contextEndpointParameters = this->GetContextEndpointParameters(*pRequestCtx); @@ -254,9 +256,9 @@ void AwsSmithyClientBase::MakeRequestAsync(Aws::AmazonWebServiceRequest const* c AWS_LOGSTREAM_FATAL(AWS_SMITHY_CLIENT_LOG, "Unable to continue AWSClient request: response handler is missing!"); return; } - + auto authResolver = request->GetRequestSpecificSupportedAuth().empty() ? nullptr : Aws::MakeShared>(AWS_SMITHY_CLIENT_LOG, request->GetRequestSpecificSupportedAuth()); std::shared_ptr pRequestCtx = - Aws::MakeShared(AWS_SMITHY_CLIENT_LOG, request, requestName, pExecutor ); + Aws::MakeShared(AWS_SMITHY_CLIENT_LOG, request, requestName, pExecutor, authResolver); if (!pRequestCtx) { AWS_LOGSTREAM_ERROR(AWS_SMITHY_CLIENT_LOG, "Failed to allocate an AwsSmithyClientAsyncRequestContext under a shared ptr"); @@ -702,8 +704,9 @@ AwsSmithyClientBase::ResolveEndpointOutcome AwsSmithyClientBase::ResolveEndpoint { outcome = std::move(asyncOutcome); }; - - std::shared_ptr pRequestCtx = Aws::MakeShared(AWS_SMITHY_CLIENT_LOG, request, requestName, nullptr); + + auto authResolver = request->GetRequestSpecificSupportedAuth().empty() ? nullptr : Aws::MakeShared>(AWS_SMITHY_CLIENT_LOG, request->GetRequestSpecificSupportedAuth()); + std::shared_ptr pRequestCtx = Aws::MakeShared(AWS_SMITHY_CLIENT_LOG, request, requestName, nullptr, authResolver); if (!pRequestCtx) { AWS_LOGSTREAM_ERROR(AWS_SMITHY_CLIENT_LOG, "Failed to allocate an AwsSmithyClientAsyncRequestContext under a shared ptr"); diff --git a/src/aws-cpp-sdk-core/source/smithy/identity/AuthSchemeOption.cpp b/src/aws-cpp-sdk-core/source/smithy/identity/AuthSchemeOption.cpp index db145fc1931..35c31a46de6 100644 --- a/src/aws-cpp-sdk-core/source/smithy/identity/AuthSchemeOption.cpp +++ b/src/aws-cpp-sdk-core/source/smithy/identity/AuthSchemeOption.cpp @@ -4,7 +4,9 @@ */ #include #include +#include using namespace smithy; AuthSchemeOption SigV4AuthSchemeOption::sigV4AuthSchemeOption = AuthSchemeOption("aws.auth#sigv4"); AuthSchemeOption SigV4aAuthSchemeOption::sigV4aAuthSchemeOption = AuthSchemeOption("aws.auth#sigv4a"); +AuthSchemeOption NoAuthSchemeOption::noAuthSchemeOption = AuthSchemeOption("smithy.api#noAuth"); diff --git a/tests/aws-cpp-sdk-core-tests/smithy/client/SmithyClientTest.cpp b/tests/aws-cpp-sdk-core-tests/smithy/client/SmithyClientTest.cpp index 4b14cfd5418..c2b138dd1f9 100644 --- a/tests/aws-cpp-sdk-core-tests/smithy/client/SmithyClientTest.cpp +++ b/tests/aws-cpp-sdk-core-tests/smithy/client/SmithyClientTest.cpp @@ -550,6 +550,135 @@ TEST_F(SmithyClientTest, testBearerPreference) { "Bearer testBearerToken"); } +TEST_F(SmithyClientTest, testOperationOnlySupportsSigV4aPreferenceBearer) { + + std::shared_ptr authSchemeResolver = Aws::MakeShared >(ALLOCATION_TAG, Aws::Vector({smithy::SigV4aAuthSchemeOption::sigV4aAuthSchemeOption, smithy::SigV4AuthSchemeOption::sigV4AuthSchemeOption, smithy::BearerTokenAuthSchemeOption::bearerTokenAuthSchemeOption})); + + Aws::UnorderedMap authSchemesMap; + + //add mock credentials provider for the test to the credentials provider chain + AddCredentialsProvider(Aws::MakeShared("TestCredentialsProviderChain")); + + //create resolver with the credentials provider chain + auto credentialsResolver = Aws::MakeShared(ALLOCATION_TAG, credsProviderChain); + + Aws::String key{smithy::SigV4aAuthSchemeOption::sigV4aAuthSchemeOption.schemeId}; + SigVariant val{smithy::SigV4aAuthScheme( credentialsResolver, "MyService", "us-west-2")}; + + authSchemesMap.emplace(key, val); + + Aws::String key2{smithy::SigV4AuthSchemeOption::sigV4AuthSchemeOption.schemeId}; + SigVariant val2{smithy::SigV4AuthScheme( credentialsResolver, "MyService", "us-west-2")}; + + authSchemesMap.emplace(key2, val2); + + Aws::String key3{smithy::BearerTokenAuthSchemeOption::bearerTokenAuthSchemeOption.schemeId}; + SigVariant val3{smithy::BearerTokenAuthScheme( Aws::MakeShared(ALLOCATION_TAG), "MyService", "us-west-2")}; + + authSchemesMap.emplace(key3, val3); + + clientConfig.authPreferences = {smithy::BEARER_PREFERENCE}; + std::shared_ptr ptr = Aws::MakeShared( + ALLOCATION_TAG, + clientConfig, + "MyService", + httpClient, + errorMarshaller, + endPointProvider, + authSchemeResolver, + authSchemesMap); + smithy::client::AwsSmithyClientAsyncRequestContext ctx; + ctx.m_pRequest = nullptr; + + //Operation/Request only supports sigv4a while client supports all 3 + std::shared_ptr requestAuthSchemeResolver = Aws::MakeShared >(ALLOCATION_TAG, Aws::Vector({smithy::SigV4aAuthSchemeOption::sigV4aAuthSchemeOption })); + ctx.m_authResolver = requestAuthSchemeResolver; + + auto res = ptr->SelectAuthSchemeOption(ctx); + EXPECT_EQ(res.IsSuccess(), true); + EXPECT_EQ(res.GetResult().schemeId, key); + ctx.m_authSchemeOption = res.GetResultWithOwnership(); + ctx.m_awsIdentity = ptr->ResolveIdentity(ctx).GetResultWithOwnership(); + + Aws::String uri{"https://treasureisland-cb93079d-24a0-4862-8es2-88456ead.xyz.amazonaws.com"}; + + std::shared_ptr httpRequest(Aws::Http::CreateHttpRequest(uri, Aws::Http::HttpMethod::HTTP_GET, Aws::Utils::Stream::DefaultResponseStreamFactoryMethod)); + + auto res2 = ptr->SignRequest(httpRequest, ctx); + + EXPECT_EQ(res2.IsSuccess(), true); + EXPECT_TRUE(!res2.GetResult()->GetSigningAccessKey().empty()); + EXPECT_FALSE(res2.GetResult()->GetUri().GetURIString(true).empty()); +} + +TEST_F(SmithyClientTest, testOperationOnlySupportsBearerPreferenceSigV4a) { + + std::shared_ptr authSchemeResolver = Aws::MakeShared >(ALLOCATION_TAG, Aws::Vector({smithy::SigV4aAuthSchemeOption::sigV4aAuthSchemeOption, smithy::SigV4AuthSchemeOption::sigV4AuthSchemeOption, smithy::BearerTokenAuthSchemeOption::bearerTokenAuthSchemeOption})); + + Aws::UnorderedMap authSchemesMap; + + //add mock credentials provider for the test to the credentials provider chain + AddCredentialsProvider(Aws::MakeShared("TestCredentialsProviderChain")); + + //create resolver with the credentials provider chain + auto credentialsResolver = Aws::MakeShared(ALLOCATION_TAG, credsProviderChain); + + Aws::String key{smithy::BearerTokenAuthSchemeOption::bearerTokenAuthSchemeOption.schemeId}; + SigVariant val{smithy::BearerTokenAuthScheme( Aws::MakeShared(ALLOCATION_TAG), "MyService", "us-west-2")}; + + authSchemesMap.emplace(key, val); + + Aws::String key2{smithy::SigV4aAuthSchemeOption::sigV4aAuthSchemeOption.schemeId}; + SigVariant val2{smithy::SigV4aAuthScheme( credentialsResolver, "MyService", "us-west-2")}; + + authSchemesMap.emplace(key2, val2); + + Aws::String key3{smithy::SigV4AuthSchemeOption::sigV4AuthSchemeOption.schemeId}; + SigVariant val3{smithy::SigV4AuthScheme( credentialsResolver, "MyService", "us-west-2")}; + + authSchemesMap.emplace(key3, val3); + + clientConfig.authPreferences = {smithy::SIGV4A_PREFERENCE}; + std::shared_ptr ptr = Aws::MakeShared( + ALLOCATION_TAG, + clientConfig, + "MyService", + httpClient, + errorMarshaller, + endPointProvider, + authSchemeResolver, + authSchemesMap); + smithy::client::AwsSmithyClientAsyncRequestContext ctx; + ctx.m_pRequest = nullptr; + + //Operation/Request only supports sigv4a while client supports all 3 + std::shared_ptr requestAuthSchemeResolver = Aws::MakeShared >(ALLOCATION_TAG, Aws::Vector({smithy::BearerTokenAuthSchemeOption::bearerTokenAuthSchemeOption })); + ctx.m_authResolver = requestAuthSchemeResolver; + + auto res = ptr->SelectAuthSchemeOption(ctx); + EXPECT_EQ(res.IsSuccess(), true); + EXPECT_EQ(res.GetResult().schemeId, key); + ctx.m_authSchemeOption = res.GetResultWithOwnership(); + ctx.m_awsIdentity = ptr->ResolveIdentity(ctx).GetResultWithOwnership(); + + Aws::String uri{ + "https://" + "treasureisland-cb93079d-24a0-4862-8es2-88456ead.xyz.amazonaws.com"}; + + std::shared_ptr httpRequest( + Aws::Http::CreateHttpRequest( + uri, Aws::Http::HttpMethod::HTTP_GET, + Aws::Utils::Stream::DefaultResponseStreamFactoryMethod)); + + auto res2 = ptr->SignRequest(httpRequest, ctx); + + EXPECT_EQ(res2.IsSuccess(), true); + + EXPECT_TRUE(!res2.GetResult()->GetHeaderValue("authorization").empty()); + EXPECT_EQ(res2.GetResult()->GetHeaderValue("authorization"), + "Bearer testBearerToken"); +} + struct SampleConfiguration: public Aws::Client::ClientConfiguration { Aws::String localToService{"whatever"}; }; diff --git a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/c2j/C2jOperation.java b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/c2j/C2jOperation.java index 88babf19075..b7b96b3262d 100644 --- a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/c2j/C2jOperation.java +++ b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/c2j/C2jOperation.java @@ -18,6 +18,7 @@ public class C2jOperation { private String authtype; private String authorizer; private C2jHttp http; + List auth; private C2jShapeMember input; private C2jShapeMember output; private List errors; diff --git a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/Operation.java b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/Operation.java index c2276386c11..5faabefd5ed 100644 --- a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/Operation.java +++ b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/Operation.java @@ -95,4 +95,14 @@ public boolean hasRequest() { public void addRequest(final ShapeMember request) { this.request = request; } + + public boolean hasSigV4Auth() { return auth != null && auth.contains("aws.auth#sigv4"); } + + public boolean hasSigV4aAuth() { + return auth != null && auth.contains("aws.auth#sigv4a"); + } + + public boolean hasBearerAuth() { + return auth != null && auth.contains("smithy.api#httpBearerAuth"); + } } diff --git a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/ServiceModel.java b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/ServiceModel.java index 0a0e00580b4..81a24905298 100644 --- a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/ServiceModel.java +++ b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/ServiceModel.java @@ -51,25 +51,25 @@ public boolean hasSigV4Auth() { if(metadata.getSignatureVersion().equals("v4") || metadata.getSignatureVersion().equals("s3v4")) { return true; } - return operations.values().parallelStream().anyMatch(operation -> operation.getSignerName().equals("Aws::Auth::SIGV4_SIGNER")); + return authSchemes.contains("aws.auth#sigv4") || operations.values().parallelStream().anyMatch(operation -> operation.getSignerName().equals("Aws::Auth::SIGV4_SIGNER")); } public boolean hasSigV4aAuth() { - return operations.values().parallelStream().anyMatch(operation -> operation.getSignerName().equals("Aws::Auth::ASYMMETRIC_SIGV4_SIGNER")); + return authSchemes.contains("aws.auth#sigv4a") || operations.values().parallelStream().anyMatch(operation -> operation.getSignerName().equals("Aws::Auth::SIGV4A_SIGNER")); } public boolean hasBearerAuth() { if(metadata.getSignatureVersion().equals("bearer")) { return true; } - return operations.values().parallelStream().anyMatch(operation -> operation.getSignerName().equals("Aws::Auth::BEARER_SIGNER")); + return authSchemes.contains("smithy.api#httpBearerAuth") || operations.values().parallelStream().anyMatch(operation -> operation.getSignerName().equals("Aws::Auth::BEARER_SIGNER")); } public boolean hasOnlyBearerAuth() { if(!metadata.getSignatureVersion().equals("bearer")) { return false; } - return operations.values().parallelStream().allMatch(operation -> operation.getSignerName().equals("Aws::Auth::BEARER_SIGNER")); + return authSchemes.size() == 1 && operations.values().parallelStream().allMatch(operation -> operation.getSignerName().equals("Aws::Auth::BEARER_SIGNER")); } public boolean hasServiceSpecificClientConfig() { diff --git a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/cpp/CppViewHelper.java b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/cpp/CppViewHelper.java index d919b074ab9..1782394e500 100644 --- a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/cpp/CppViewHelper.java +++ b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/cpp/CppViewHelper.java @@ -5,9 +5,8 @@ package com.amazonaws.util.awsclientgenerator.domainmodels.codegeneration.cpp; -import com.amazonaws.util.awsclientgenerator.domainmodels.codegeneration.Metadata; -import com.amazonaws.util.awsclientgenerator.domainmodels.codegeneration.Shape; -import com.amazonaws.util.awsclientgenerator.domainmodels.codegeneration.ShapeMember; +import com.amazonaws.util.awsclientgenerator.domainmodels.codegeneration.*; +import com.amazonaws.util.awsclientgenerator.generators.cpp.CppClientGenerator; import com.amazonaws.util.awsclientgenerator.transform.CoreErrors; import com.google.common.base.CaseFormat; import com.google.common.collect.ImmutableMap; @@ -33,6 +32,7 @@ public class CppViewHelper { private static final Map CORAL_PROTOCOL_TO_CONTENT_TYPE_MAPPING = new HashMap<>(); private static final Map CORAL_PROTOCOL_TO_PAYLOAD_TYPE_MAPPING = new HashMap<>(); private static final Map C2J_TIMESTAMP_FORMAT_TO_CPP_DATE_TIME_FORMAT = new HashMap<>(); + private static final Map CORAL_AUTH_TO_SCHEME_MAPPING = new HashMap<>(); private static final Set FORBIDDEN_FUNCTION_NAMES = ImmutableSet.builder() @@ -122,6 +122,15 @@ public class CppViewHelper { C2J_TIMESTAMP_FORMAT_TO_CPP_DATE_TIME_FORMAT.put("rfc822", "RFC822"); C2J_TIMESTAMP_FORMAT_TO_CPP_DATE_TIME_FORMAT.put("iso8601", "ISO_8601"); + + CORAL_AUTH_TO_SCHEME_MAPPING.put("aws.auth#sigv4", "smithy::SigV4AuthSchemeOption::sigV4AuthSchemeOption"); + CORAL_AUTH_TO_SCHEME_MAPPING.put("aws.auth#sigv4a", "smithy::SigV4aAuthSchemeOption::sigV4aAuthSchemeOption"); + CORAL_AUTH_TO_SCHEME_MAPPING.put("smithy.api#httpBearerAuth", "smithy::BearerTokenAuthSchemeOption::bearerTokenAuthSchemeOption"); + CORAL_AUTH_TO_SCHEME_MAPPING.put("bearer", "smithy::BearerTokenAuthSchemeOption::bearerTokenAuthSchemeOption"); + CORAL_AUTH_TO_SCHEME_MAPPING.put("v4", "smithy::SigV4AuthSchemeOption::sigV4AuthSchemeOption"); + CORAL_AUTH_TO_SCHEME_MAPPING.put("v2", "smithy::SigV4AuthSchemeOption::sigV4AuthSchemeOption"); + CORAL_AUTH_TO_SCHEME_MAPPING.put("sigv4-s3express", "S3ExpressSigV4AuthSchemeOption::s3ExpressSigV4AuthSchemeOption"); + CORAL_AUTH_TO_SCHEME_MAPPING.put("smithy.api#noAuth", "smithy::NoAuthSchemeOption::noAuthSchemeOption"); } private static final ImmutableMap EVENT_STREAM_HEADER_ACCESSORS = ImmutableMap.of( @@ -609,4 +618,19 @@ public static String getEventStreamHeaderValue(final String variableName, final } return value; } + + public static String computeAuthSchemes(final Operation op) { + if(op.getAuth() == null || op.getAuth().isEmpty()) { + return ""; + } + return op.getAuth().stream() + .map(key -> { + if (CORAL_AUTH_TO_SCHEME_MAPPING.containsKey(key)) { + return CORAL_AUTH_TO_SCHEME_MAPPING.get(key); + } + else { + throw new RuntimeException(String.format("Unknown auth scheme (%s) for operation: %s", op.getName(), key)); + } + }).collect(Collectors.joining(",")); + } } diff --git a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/CborCppClientGenerator.java b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/CborCppClientGenerator.java index 737c3c989ad..30a999a3c03 100644 --- a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/CborCppClientGenerator.java +++ b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/CborCppClientGenerator.java @@ -117,6 +117,8 @@ protected SdkFileEntry generateModelSourceFile(ServiceModel serviceModel, Map.En Template template; VelocityContext context = createContext(serviceModel); + context.put("operation", serviceModel.getOperationForRequestShapeName(shape.getName())); + if (shape.isRequest() && (shape.hasStreamMembers() || shape.hasEventStreamMembers())) { if (shape.hasEventStreamMembers()) { HashMap headersMap = new HashMap<>(10); @@ -146,7 +148,6 @@ else if (shape.isResult()) { template = velocityEngine.getTemplate("/com/amazonaws/util/awsclientgenerator/velocity/cpp/cbor/CborSubObjectSource.vm", StandardCharsets.UTF_8.name()); } - context.put("operation", serviceModel.getOperationForRequestShapeName(shape.getName())); context.put("shape", shape); context.put("typeInfo", new CppShapeInformation(shape, serviceModel)); context.put("CppViewHelper", CppCborViewHelper.class); diff --git a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/CppClientGenerator.java b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/CppClientGenerator.java index 3e0fb7803a7..edefbb2045a 100644 --- a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/CppClientGenerator.java +++ b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/CppClientGenerator.java @@ -728,6 +728,9 @@ protected SdkFileEntry generateClientSmithyHeaderFile(final ServiceModel service context.put("CppViewHelper", CppViewHelper.class); context.put("RequestlessOperations", requestlessOperations); selectAuthschemeResolver(serviceModel, context); + List allAuthSchemes = getUpdatedAuthSchemesFromOperations(serviceModel); + context.put("AuthSchemeVariants", allAuthSchemes.stream().map(this::mapAuthSchemes).filter(scheme -> !scheme.isEmpty()).collect(Collectors.joining(","))); + String fileName = String.format("include/aws/%s/%sClient.h", serviceModel.getMetadata().getProjectName(), serviceModel.getMetadata().getClassNamePrefix()); @@ -746,8 +749,6 @@ private void selectAuthschemeResolver(final ServiceModel serviceModel, VelocityC { throw new RuntimeException(String.format("authSchemes '%s'",serviceModel.getAuthSchemes().stream().collect(Collectors.toList()))); } - context.put("AuthSchemeVariants", serviceModel.getAuthSchemes().stream().map(this::mapAuthSchemes).collect(Collectors.joining(","))); - context.put("AuthSchemeOptions", serviceModel.getAuthSchemes().stream().map(this::mapAuthSchemeOptions).collect(Collectors.joining(","))); } protected SdkFileEntry GenerateSmithyClientSourceFile(final ServiceModel serviceModel, int i, Optional templateFile) { @@ -758,7 +759,12 @@ protected SdkFileEntry GenerateSmithyClientSourceFile(final ServiceModel service VelocityContext context = createContext(serviceModel); context.put("CppViewHelper", CppViewHelper.class); selectAuthschemeResolver(serviceModel, context); - context.put("AuthSchemeMapEntries", createAuthSchemeMapEntries(serviceModel)); + context.put("AuthSchemeOptions", serviceModel.getAuthSchemes().stream().map(this::mapAuthSchemeOptions).filter(scheme -> !scheme.isEmpty()).collect(Collectors.joining(","))); + + //We want to make sure the authSchemeMapEntries includes all possible auths, even the ones supported in specific operations + List allAuthSchemes = getUpdatedAuthSchemesFromOperations(serviceModel); + context.put("AuthSchemeVariants", allAuthSchemes.stream().map(this::mapAuthSchemes).filter(scheme -> !scheme.isEmpty()).collect(Collectors.joining(","))); + context.put("AuthSchemeMapEntries", createAuthSchemeMapEntries(allAuthSchemes)); context.put("AuthSchemes", getSupportedAuthSchemes(serviceModel)); final String fileName; @@ -793,6 +799,8 @@ protected SdkFileEntry GenerateLegacyClientSourceFile(final ServiceModel service private static final Map AuthSchemeMapping = ImmutableMap.of( "aws.auth#sigv4", "smithy::SigV4AuthScheme", "aws.auth#sigv4a", "smithy::SigV4aAuthScheme", + "smithy.api#httpBearerAuth", "smithy::BearerTokenAuthScheme", + "smithy.api#noAuth", "smithy::NoAuthScheme", "bearer", "smithy::BearerTokenAuthScheme", "v4","smithy::SigV4AuthScheme", "sigv4-s3express","S3ExpressSigV4AuthScheme", @@ -817,6 +825,8 @@ protected String mapAuthSchemeOptions(final String authSchemeName) { private static final Map SchemeIdMapping = ImmutableMap.of( "aws.auth#sigv4", "smithy::SigV4AuthSchemeOption::sigV4AuthSchemeOption", "aws.auth#sigv4a", "smithy::SigV4aAuthSchemeOption::sigV4aAuthSchemeOption", + "smithy.api#httpBearerAuth", "smithy::BearerTokenAuthSchemeOption::bearerTokenAuthSchemeOption", + "smithy.api#noAuth", "smithy::NoAuthSchemeOption::noAuthSchemeOption", "bearer", "smithy::BearerTokenAuthSchemeOption::bearerTokenAuthSchemeOption", "v4", "smithy::SigV4AuthSchemeOption::sigV4AuthSchemeOption", "sigv4-s3express", "S3ExpressSigV4AuthSchemeOption::s3ExpressSigV4AuthSchemeOption", @@ -826,6 +836,7 @@ protected String mapAuthSchemeOptions(final String authSchemeName) { protected static final Map ResolverMapping = ImmutableMap.of( "aws.auth#sigv4", "GenericAuthSchemeResolver", "aws.auth#sigv4a", "GenericAuthSchemeResolver", + "smithy.api#httpBearerAuth", "GenericAuthSchemeResolver", "bearer", "GenericAuthSchemeResolver", "v4", "GenericAuthSchemeResolver", "v2", "GenericAuthSchemeResolver" @@ -835,6 +846,14 @@ protected String mapAuthSchemeOptions(final String authSchemeName) { private static final String SchemeMapFormat = "%s.schemeId, %s"; protected List createAuthSchemeMapEntries(final ServiceModel serviceModel) { return getSupportedAuthSchemes(serviceModel).stream() + .filter(authScheme -> !SchemeIdMapping.get(authScheme).isEmpty()) + .map(authScheme -> String.format(SchemeMapFormat, SchemeIdMapping.get(authScheme), AuthSchemeMapping.get(authScheme))) + .collect(Collectors.toList()); + } + + protected List createAuthSchemeMapEntries(final List authSchemes) { + return authSchemes.stream() + .filter(authScheme -> !SchemeIdMapping.get(authScheme).isEmpty()) .map(authScheme -> String.format(SchemeMapFormat, SchemeIdMapping.get(authScheme), AuthSchemeMapping.get(authScheme))) .collect(Collectors.toList()); } @@ -938,10 +957,9 @@ protected void updateAuthSchemesFromEndpointRules(ServiceModel serviceModel, Str } - protected void updateAuthSchemesFromOperations(ServiceModel serviceModel) + protected List getUpdatedAuthSchemesFromOperations(ServiceModel serviceModel) { - List authschemes = new ArrayList<>(serviceModel.getAuthSchemes()); - Set authSchemeSet = new HashSet<>(authschemes); + Set authSchemeSet = new HashSet<>(serviceModel.getAuthSchemes()); serviceModel.getOperations().values().forEach(operation -> { if (operation.getAuth() == null) { @@ -953,12 +971,11 @@ protected void updateAuthSchemesFromOperations(ServiceModel serviceModel) } // only add if it's not already present in the authSchemeSet if (!authSchemeSet.contains(authScheme)) { - serviceModel.getAuthSchemes().add(authScheme); authSchemeSet.add(authScheme); } }); }); - serviceModel.setAuthSchemes(authschemes); + return new ArrayList<>(authSchemeSet); } //auth schemes can be named differently in endpoints/operations, this is a mapping private static final Map AuthSchemeNameMapping = ImmutableMap.of( diff --git a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/JsonCppClientGenerator.java b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/JsonCppClientGenerator.java index 72bea867640..b5f9f3d625f 100644 --- a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/JsonCppClientGenerator.java +++ b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/JsonCppClientGenerator.java @@ -116,6 +116,8 @@ protected SdkFileEntry generateModelSourceFile(ServiceModel serviceModel, Map.En Template template; VelocityContext context = createContext(serviceModel); + context.put("operation", serviceModel.getOperationForRequestShapeName(shape.getName())); + if (shape.isRequest() && (shape.hasStreamMembers() || shape.hasEventStreamMembers())) { if (shape.hasEventStreamMembers()) { HashMap headersMap = new HashMap<>(10); @@ -136,7 +138,6 @@ else if (shape.isResult()) { template = velocityEngine.getTemplate("/com/amazonaws/util/awsclientgenerator/velocity/cpp/json/JsonSubObjectSource.vm", StandardCharsets.UTF_8.name()); } - context.put("operation", serviceModel.getOperationForRequestShapeName(shape.getName())); context.put("shape", shape); context.put("typeInfo", new CppShapeInformation(shape, serviceModel)); context.put("CppViewHelper", CppViewHelper.class); diff --git a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/QueryCppClientGenerator.java b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/QueryCppClientGenerator.java index fea79da2a8a..fb64e9e6849 100644 --- a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/QueryCppClientGenerator.java +++ b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/QueryCppClientGenerator.java @@ -132,6 +132,8 @@ protected SdkFileEntry generateModelSourceFile(ServiceModel serviceModel, Map.En Template template = null; VelocityContext context = createContext(serviceModel); + context.put("operation", serviceModel.getOperationForRequestShapeName(shape.getName())); + if (shape.isStructure() && shape.isReferenced()) { if (shape.isRequest()) { template = velocityEngine.getTemplate("/com/amazonaws/util/awsclientgenerator/velocity/cpp/queryxml/QueryRequestSource.vm", StandardCharsets.UTF_8.name()); diff --git a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/s3/S3RestXmlCppClientGenerator.java b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/s3/S3RestXmlCppClientGenerator.java index 3f3f74e81d7..5d97a643b6e 100644 --- a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/s3/S3RestXmlCppClientGenerator.java +++ b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/generators/cpp/s3/S3RestXmlCppClientGenerator.java @@ -198,7 +198,7 @@ public SdkFileEntry[] generateSourceFiles(ServiceModel serviceModel) throws Exce if(serviceModel.isUseSmithyClient()) { updateAuthSchemesFromEndpointRules(serviceModel, serviceModel.getRawEndpointRules()); - updateAuthSchemesFromOperations(serviceModel); + serviceModel.setAuthSchemes(getUpdatedAuthSchemesFromOperations(serviceModel)); } // Add ID2 and RequestId to GetObjectResult diff --git a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/transform/C2jModelToGeneratorModelTransformer.java b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/transform/C2jModelToGeneratorModelTransformer.java index cfa0b9f2e2d..1838d2c7b59 100644 --- a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/transform/C2jModelToGeneratorModelTransformer.java +++ b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/transform/C2jModelToGeneratorModelTransformer.java @@ -610,6 +610,7 @@ Operation convertOperation(C2jOperation c2jOperation) { operation.setDocumentation(formatDocumentation(crossLinkedShapeDocs, 9)); operation.setAuthtype(c2jOperation.getAuthtype()); + operation.setAuth(c2jOperation.getAuth()); operation.setAuthorizer(c2jOperation.getAuthorizer()); if (c2jOperation.getEndpoint() != null) { operation.setEndpoint(convertEndpoint(c2jOperation.getEndpoint())); diff --git a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/RequestHeader.vm b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/RequestHeader.vm index b7327a2f6a3..4516a24155a 100644 --- a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/RequestHeader.vm +++ b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/RequestHeader.vm @@ -77,6 +77,9 @@ namespace Model ${exportMacro} Aws::Http::HeaderValueCollection GetRequestSpecificHeaders() const override; #end +#if($serviceModel.useSmithyClient && $operation.auth) + ${exportMacro} Aws::Vector GetRequestSpecificSupportedAuth() const override; +#end #if($shape.hasEmbeddedErrors()) ${exportMacro} bool HasEmbeddedError(IOStream &body, const Http::HeaderValueCollection &header) const override; #end diff --git a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/ServiceClientHeaderConstructors.vm b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/ServiceClientHeaderConstructors.vm index 945b03097f7..adcacef025b 100644 --- a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/ServiceClientHeaderConstructors.vm +++ b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/ServiceClientHeaderConstructors.vm @@ -69,7 +69,7 @@ ${className}& operator=(${className} &&rhs) noexcept; #end #if($serviceModel.endpointRules && $serviceNamespace != "S3Crt") -#if($serviceModel.hasOnlyBearerAuth()) +#if(($serviceModel.hasBearerAuth() && $serviceModel.useSmithyClient) || $serviceModel.hasOnlyBearerAuth()) #set($bearerAddCtorArgs = {}) #foreach ($ctorKey in ["signPayloads", "useVirtualAddressing", "USEast1RegionalEndpoint"]) #if($additionalCtorArgs.containsKey($ctorKey))#set($addArgDummy = $bearerAddCtorArgs.put($ctorKey, $additionalCtorArgs.get($ctorKey)))#end @@ -78,16 +78,15 @@ * Initializes client to use BearerTokenAuthSignerProvider, with default http client factory, and optional client config. */ ${className}(const Aws::Auth::BearerTokenAuthSignerProvider& bearerTokenProvider, -#if($serviceModel.endpointRules) ${clsWSpace} std::shared_ptr<${metadata.classNamePrefix}EndpointProviderBase> endpointProvider = ${endpointsProviderDefaultCtorDummy}, -#end ${clsWSpace} const ${clientConfigurationCls}& clientConfiguration = ${clientConfigurationCls}()#if($bearerAddCtorArgs.isEmpty()));#else,#end #foreach($ctorArgument in $bearerAddCtorArgs) ${clsWSpace} ${ctorArgument}#if( $foreach.hasNext ),#else);#end #end -#else##if($serviceModel.hasOnlyBearerAuth()) +#end ###if( ($serviceModel.hasBearerAuth() && $serviceModel.useSmithyClient) || ($serviceModel.hasOnlyBearerAuth())) +#if(!$serviceModel.hasOnlyBearerAuth()) #set($defCredsChainCtor = {}) #foreach ($ctorKey in ["signPayloads", "useVirtualAddressing", "USEast1RegionalEndpoint", "additionalCredentialProvider"]) #if($additionalCtorArgs.containsKey($ctorKey))#set($addArgDummy = $defCredsChainCtor.put($ctorKey, $additionalCtorArgs.get($ctorKey)))#end @@ -144,7 +143,7 @@ ${clsWSpace} ${ctorArgument}#if( $foreach.hasNext ),#else);#end #end -#end##if($serviceModel.hasOnlyBearerAuth()) +#end##if(!$serviceModel.hasOnlyBearerAuth()) #if($metadata.standalone || $metadata.apigateway) #set($standaloneCredsCtor = {}) diff --git a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/ServiceClientHeaderLegacyConstructors.vm b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/ServiceClientHeaderLegacyConstructors.vm index 8cf1fabc0fc..0443a594746 100644 --- a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/ServiceClientHeaderLegacyConstructors.vm +++ b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/ServiceClientHeaderLegacyConstructors.vm @@ -28,7 +28,7 @@ #set($clientConfigurationNamespace = "Client") #end #set($clsWSpace = $className.replaceAll(".", " ")) -#if($serviceModel.hasOnlyBearerAuth()) +#if(($serviceModel.hasBearerAuth() && $serviceModel.useSmithyClient) || $serviceModel.hasOnlyBearerAuth()) #set($bearerAddCtorArgs = {}) #foreach ($ctorKey in ["signPayloads", "useVirtualAddressing", "USEast1RegionalEndpoint"]) #if($additionalCtorArgs.containsKey($ctorKey))#set($addArgDummy = $bearerAddCtorArgs.put($ctorKey, $additionalCtorArgs.get($ctorKey)))#end @@ -43,7 +43,8 @@ ${clsWSpace} ${ctorArgument}#if( $foreach.hasNext ),#else);#end #end -#else##if($serviceModel.hasOnlyBearerAuth()) +#end##if(($serviceModel.hasBearerAuth() && $serviceModel.useSmithyClient) || $serviceModel.hasOnlyBearerAuth()) +#if(!$serviceModel.hasOnlyBearerAuth()) #set($defCredsChainCtor = {}) #foreach ($ctorKey in ["signPayloads", "useVirtualAddressing", "USEast1RegionalEndpoint", "additionalCredentialProvider"]) #if($additionalCtorArgs.containsKey($ctorKey))#set($addArgDummy = $defCredsChainCtor.put($ctorKey, $additionalCtorArgs.get($ctorKey)))#end @@ -90,7 +91,7 @@ ${clsWSpace} ${ctorArgument}#if( $foreach.hasNext ),#else);#end #end -#end##if($serviceModel.hasOnlyBearerAuth()) +#end##if(!$serviceModel.hasOnlyBearerAuth()) #if($metadata.standalone || $metadata.apigateway) #set($standaloneCredsCtor = {}) diff --git a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/ServiceClientSourceHeaders.vm b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/ServiceClientSourceHeaders.vm index 5f2520f09fb..fbaf190c7cf 100644 --- a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/ServiceClientSourceHeaders.vm +++ b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/ServiceClientSourceHeaders.vm @@ -30,7 +30,7 @@ \#include #end #end -#if($serviceModel.hasBearerAuth()) +#if(($serviceModel.hasBearerAuth() && $serviceModel.useSmithyClient) || $serviceModel.hasOnlyBearerAuth()) \#include #end #foreach($operation in $serviceModel.operations) diff --git a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/cbor/CborRequestSource.vm b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/cbor/CborRequestSource.vm index 1ed5555938c..e8494b2ec1c 100644 --- a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/cbor/CborRequestSource.vm +++ b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/cbor/CborRequestSource.vm @@ -14,6 +14,17 @@ #foreach($header in $typeInfo.sourceIncludes) \#include $header #end +#if($serviceModel.useSmithyClient) +#if($operation.hasSigV4aAuth()) +\#include +#end +#if($operation.hasSigV4Auth()) +\#include +#end +#if($operation.hasBearerAuth()) +\#include +#end +#end ###if($serviceModel.useSmithyClient) \#include #if(${CppViewHelper.hasListMemberUsedForHeader($shape)}) @@ -81,6 +92,14 @@ #parse($presignerTemplate) } + #end + + #if($serviceModel.useSmithyClient && $operation.auth) + Aws::Vector ${typeInfo.className}::GetRequestSpecificSupportedAuth() const + { + Aws::Vector authOptions{$CppViewHelper.computeAuthSchemes($operation)}; + return authOptions; + } #end #parse("com/amazonaws/util/awsclientgenerator/velocity/cpp/common/model/ModelGetEndpointRulesContextParamDefinition.vm") #parse("com/amazonaws/util/awsclientgenerator/velocity/cpp/ModelClassChecksumMembers.vm") diff --git a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/cbor/CborServiceClientSource.vm b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/cbor/CborServiceClientSource.vm index ac0c75656b0..60e3a3925b5 100644 --- a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/cbor/CborServiceClientSource.vm +++ b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/cbor/CborServiceClientSource.vm @@ -6,7 +6,7 @@ #set($serviceNamespace = $metadata.namespace) #set($className = "${metadata.classNamePrefix}Client") \#include -#if($serviceModel.hasBearerAuth()) +#if(($serviceModel.hasBearerAuth() && $serviceModel.useSmithyClient) || $serviceModel.hasOnlyBearerAuth()) \#include #end #if($serviceModel.hasSigV4Auth()) diff --git a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/common/model/ServiceClientModelHeaderInclude.vm b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/common/model/ServiceClientModelHeaderInclude.vm index 8610d4a8c14..f4b64bdb975 100644 --- a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/common/model/ServiceClientModelHeaderInclude.vm +++ b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/common/model/ServiceClientModelHeaderInclude.vm @@ -61,7 +61,7 @@ namespace Aws namespace Auth { -#if($serviceModel.hasBearerAuth()) +#if(($serviceModel.hasBearerAuth() && $serviceModel.useSmithyClient) || $serviceModel.hasOnlyBearerAuth()) class BearerTokenAuthSignerProvider; #end #if($serviceModel.hasSigV4Auth()) diff --git a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/json/JsonRequestSource.vm b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/json/JsonRequestSource.vm index ad45bba3376..35923b2c8d8 100644 --- a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/json/JsonRequestSource.vm +++ b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/json/JsonRequestSource.vm @@ -14,7 +14,17 @@ #foreach($header in $typeInfo.sourceIncludes) \#include $header #end - +#if($serviceModel.useSmithyClient) +#if($operation.hasSigV4aAuth()) +\#include +#end +#if($operation.hasSigV4Auth()) +\#include +#end +#if($operation.hasBearerAuth()) +\#include +#end +#end ###if($serviceModel.useSmithyClient) \#include #if(${CppViewHelper.hasListMemberUsedForHeader($shape)}) \#include @@ -69,6 +79,15 @@ void ${typeInfo.className}::DumpBodyToUrl(Aws::Http::URI& uri ) const } #end + +#if($serviceModel.useSmithyClient && $operation.auth) +Aws::Vector ${typeInfo.className}::GetRequestSpecificSupportedAuth() const +{ + Aws::Vector authOptions{$CppViewHelper.computeAuthSchemes($operation)}; + return authOptions; +} +#end + #parse("com/amazonaws/util/awsclientgenerator/velocity/cpp/common/model/ModelGetEndpointRulesContextParamDefinition.vm") #parse("com/amazonaws/util/awsclientgenerator/velocity/cpp/ModelClassChecksumMembers.vm") #parse("com/amazonaws/util/awsclientgenerator/velocity/cpp/ModelClassRequiredCompression.vm") diff --git a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/json/JsonServiceClientSource.vm b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/json/JsonServiceClientSource.vm index da4175ad333..ad76a6a595b 100644 --- a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/json/JsonServiceClientSource.vm +++ b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/json/JsonServiceClientSource.vm @@ -6,7 +6,7 @@ #set($serviceNamespace = $metadata.namespace) #set($className = "${metadata.classNamePrefix}Client") \#include -#if($serviceModel.hasBearerAuth()) +#if(($serviceModel.hasBearerAuth() && $serviceModel.useSmithyClient) || $serviceModel.hasOnlyBearerAuth()) \#include #end #if($serviceModel.hasSigV4Auth()) diff --git a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/queryxml/QueryRequestSource.vm b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/queryxml/QueryRequestSource.vm index 3a83cad90a8..149288b6cc4 100644 --- a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/queryxml/QueryRequestSource.vm +++ b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/queryxml/QueryRequestSource.vm @@ -89,6 +89,15 @@ Aws::Http::HeaderValueCollection ${typeInfo.className}::GetRequestSpecificHeader return headers; } #end + +#if($serviceModel.useSmithyClient && $operation.auth) +Aws::Vector ${typeInfo.className}::GetRequestSpecificSupportedAuth() const + { + Aws::Vector authOptions{$CppViewHelper.computeAuthSchemes($operation)}; + return authOptions; + } +#end + #parse("com/amazonaws/util/awsclientgenerator/velocity/cpp/common/model/ModelGetEndpointRulesContextParamDefinition.vm") #parse("com/amazonaws/util/awsclientgenerator/velocity/cpp/ModelClassChecksumMembers.vm") #parse("com/amazonaws/util/awsclientgenerator/velocity/cpp/ModelClassRequiredCompression.vm") diff --git a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/smithy/SmithyClientSourceInit.vm b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/smithy/SmithyClientSourceInit.vm index 5be03661570..4ff6a95e5c2 100644 --- a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/smithy/SmithyClientSourceInit.vm +++ b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/smithy/SmithyClientSourceInit.vm @@ -1,6 +1,6 @@ #set($clientConfiguration = ${serviceNamespace} + "::" + ${metadata.classNamePrefix} + "ClientConfiguration") #set($s3_express_auth = "sigv4-s3express") -#if($serviceModel.hasOnlyBearerAuth()) +#if($serviceModel.hasBearerAuth()) ##BEARER TOKEN AUTH PROVIDER C-TOR ${className}::${className}(const Aws::Auth::BearerTokenAuthSignerProvider& bearerTokenProvider, std::shared_ptr<${metadata.classNamePrefix}EndpointProviderBase> endpointProvider, @@ -14,7 +14,11 @@ ${className}::${className}(const Aws::Auth::BearerTokenAuthSignerProvider& beare Aws::MakeShared>(ALLOCATION_TAG, Aws::Vector({$AuthSchemeOptions})), { #foreach($entry in $AuthSchemeMapEntries) - {${entry}{Aws::MakeShared(ALLOCATION_TAG, bearerTokenProvider), GetServiceName(), clientConfiguration.region}}, + #if($entry.contains("smithy::BearerTokenAuthScheme")) + {${entry}{Aws::MakeShared(ALLOCATION_TAG, bearerTokenProvider), GetServiceName(), clientConfiguration.region}}, + #else + {${entry}{GetServiceName(), clientConfiguration.region}}, + #end #end }) { @@ -31,7 +35,11 @@ ${className}::${className}(const Aws::Auth::BearerTokenAuthSignerProvider& beare Aws::MakeShared>(ALLOCATION_TAG, Aws::Vector({$AuthSchemeOptions})), { #foreach($entry in $AuthSchemeMapEntries) - {${entry}{Aws::MakeShared(ALLOCATION_TAG, bearerTokenProvider), GetServiceName(), clientConfiguration.region}}, + #if($entry.contains("smithy::BearerTokenAuthScheme")) + {${entry}{Aws::MakeShared(ALLOCATION_TAG, bearerTokenProvider), GetServiceName(), clientConfiguration.region}}, + #else + {${entry}{GetServiceName(), clientConfiguration.region}}, + #end #end }) { @@ -39,7 +47,8 @@ ${className}::${className}(const Aws::Auth::BearerTokenAuthSignerProvider& beare ## END OF BEARER TOKEN AUTH PROVIDER C-TOR -#else +#end +#if(!$serviceModel.hasOnlyBearerAuth()) ${className}::${className}(const ${clientConfiguration}& clientConfiguration, std::shared_ptr<${metadata.classNamePrefix}EndpointProviderBase> endpointProvider) : AwsSmithyClientT(clientConfiguration, @@ -113,8 +122,10 @@ ${className}::${className}(const AWSCredentials& credentials, }() #else #foreach($entry in $AuthSchemeMapEntries) +#if(!$entry.contains("smithy::BearerTokenAuthScheme")) {${entry}{Aws::MakeShared(ALLOCATION_TAG, credentials), GetServiceName(), clientConfiguration.region}}, #end +#end #end }) {} @@ -153,8 +164,10 @@ ${className}::${className}(const std::shared_ptr& creden }() #else #foreach($entry in $AuthSchemeMapEntries) +#if(!$entry.contains("smithy::BearerTokenAuthScheme")) {${entry}{ Aws::MakeShared(ALLOCATION_TAG, credentialsProvider), GetServiceName(), clientConfiguration.region}}, #end +#end #end }) {} @@ -288,7 +301,11 @@ ${className}::${className}(const Client::ClientConfiguration& clientConfiguratio #end { #foreach($entry in $AuthSchemeMapEntries) +#if($entry.contains("smithy::BearerTokenAuthScheme")) + {${entry}{Aws::MakeShared(ALLOCATION_TAG), GetServiceName(), clientConfiguration.region}}, +#else {$entry{Aws::MakeShared(ALLOCATION_TAG), GetServiceName(), clientConfiguration.region}}, +#end #end }) {} @@ -308,7 +325,9 @@ ${className}::${className}(const AWSCredentials& credentials, #end { #foreach($entry in $AuthSchemeMapEntries) +#if(!$entry.contains("smithy::BearerTokenAuthScheme")) {$entry{Aws::MakeShared(ALLOCATION_TAG, credentials), GetServiceName(), clientConfiguration.region}}, +#end #end }) {} @@ -327,7 +346,9 @@ ${className}::${className}(const std::shared_ptr& creden Aws::MakeShared(ALLOCATION_TAG, ${metadata.classNamePrefix}EndpointProvider, ${clientConfiguration}), #end { #foreach($entry in $AuthSchemeMapEntries) +#if(!$entry.contains("smithy::BearerTokenAuthScheme")) {$entry{Aws::MakeShared(ALLOCATION_TAG, credentialsProvider), GetServiceName(), clientConfiguration.region}}, +#end #end }) {} diff --git a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/xml/XmlRequestSource.vm b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/xml/XmlRequestSource.vm index 9ea9f9789ef..c461342e02a 100644 --- a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/xml/XmlRequestSource.vm +++ b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/xml/XmlRequestSource.vm @@ -18,7 +18,17 @@ #foreach($header in $typeInfo.sourceIncludes) \#include $header #end - +#if($serviceModel.useSmithyClient) +#if($operation.hasSigV4aAuth()) +\#include +#end +#if($operation.hasSigV4Auth()) +\#include +#end +#if($operation.hasBearerAuth()) +\#include +#end +#end ###if($serviceModel.useSmithyClient) \#include #if(${CppViewHelper.hasListMemberUsedForHeader($shape)}) \#include @@ -132,6 +142,14 @@ Aws::Http::HeaderValueCollection ${typeInfo.className}::GetRequestSpecificHeader return headers; } #end + +#if($serviceModel.useSmithyClient && $operation.auth) +Aws::Vector ${typeInfo.className}::GetRequestSpecificSupportedAuth() const +{ + Aws::Vector authOptions{$CppViewHelper.computeAuthSchemes($operation)}; + return authOptions; +} +#end #parse("com/amazonaws/util/awsclientgenerator/velocity/cpp/common/model/ModelGetEndpointRulesContextParamDefinition.vm") #parse("com/amazonaws/util/awsclientgenerator/velocity/cpp/ModelClassChecksumMembers.vm") #parse("com/amazonaws/util/awsclientgenerator/velocity/cpp/ModelClassRequiredCompression.vm") From 756ba4219be0fc47d3c382a2ae0da9dea6eff34a Mon Sep 17 00:00:00 2001 From: sbaluja Date: Fri, 28 Nov 2025 14:16:37 -0500 Subject: [PATCH 2/7] Fix inline variables error --- .../smithy/identity/auth/built-in/BearerTokenAuthSchemeOption.h | 2 +- .../smithy/identity/resolver/AwsBearerTokenIdentityResolver.h | 2 +- .../include/smithy/identity/signer/built-in/BearerTokenSigner.h | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/BearerTokenAuthSchemeOption.h b/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/BearerTokenAuthSchemeOption.h index cb77773a1b0..2fbf4bec104 100644 --- a/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/BearerTokenAuthSchemeOption.h +++ b/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/BearerTokenAuthSchemeOption.h @@ -12,6 +12,6 @@ struct BearerTokenAuthSchemeOption static AuthSchemeOption bearerTokenAuthSchemeOption; }; -inline AuthSchemeOption BearerTokenAuthSchemeOption::bearerTokenAuthSchemeOption = +AuthSchemeOption BearerTokenAuthSchemeOption::bearerTokenAuthSchemeOption = AuthSchemeOption("smithy.api#HTTPBearerAuth"); } // namespace smithy \ No newline at end of file diff --git a/src/aws-cpp-sdk-core/include/smithy/identity/resolver/AwsBearerTokenIdentityResolver.h b/src/aws-cpp-sdk-core/include/smithy/identity/resolver/AwsBearerTokenIdentityResolver.h index 3af5947ecbc..833990a5814 100644 --- a/src/aws-cpp-sdk-core/include/smithy/identity/resolver/AwsBearerTokenIdentityResolver.h +++ b/src/aws-cpp-sdk-core/include/smithy/identity/resolver/AwsBearerTokenIdentityResolver.h @@ -104,7 +104,7 @@ class DefaultAwsBearerTokenIdentityResolver : AwsBearerTokenIdentityResolver(Aws::Vector>{ Aws::MakeShared("SSOBearerTokenProvider")}){}; }; -inline const char +const char AwsBearerTokenIdentityResolver::BEARER_TOKEN_PROVIDER_CHAIN_LOG_TAG[] = "BearerTokenProvider"; diff --git a/src/aws-cpp-sdk-core/include/smithy/identity/signer/built-in/BearerTokenSigner.h b/src/aws-cpp-sdk-core/include/smithy/identity/signer/built-in/BearerTokenSigner.h index 03887407f71..5695443a343 100644 --- a/src/aws-cpp-sdk-core/include/smithy/identity/signer/built-in/BearerTokenSigner.h +++ b/src/aws-cpp-sdk-core/include/smithy/identity/signer/built-in/BearerTokenSigner.h @@ -71,5 +71,5 @@ class BearerTokenSigner : public AwsSignerBase Aws::String m_region; }; -inline const char BearerTokenSigner::LOGGING_TAG[] = "BearerTokenSigner"; +const char BearerTokenSigner::LOGGING_TAG[] = "BearerTokenSigner"; } // namespace smithy From 8b554b170456f5a4a8bd7e2a438cf682c97be11c Mon Sep 17 00:00:00 2001 From: sbaluja Date: Mon, 1 Dec 2025 16:02:55 -0500 Subject: [PATCH 3/7] Add noAuthIdentityResolver instead of nullptr, fix include headers --- .../include/aws/core/auth/AWSAuthSigner.h | 4 --- .../include/smithy/client/AwsSmithyClient.h | 21 ++++++------- .../identity/auth/built-in/NoAuthScheme.h | 17 ++++++++--- .../built-in/NoAuthIdentityResolver.h | 30 +++++++++++++++++++ .../smithy/client/AwsSmithyClientBase.cpp | 15 +++++----- .../codegeneration/Operation.java | 4 +++ .../codegeneration/ServiceModel.java | 10 +++++-- .../velocity/cpp/cbor/CborRequestSource.vm | 3 ++ .../velocity/cpp/json/JsonRequestSource.vm | 3 ++ .../velocity/cpp/smithy/SmithyClientHeader.vm | 3 ++ .../velocity/cpp/xml/XmlRequestSource.vm | 3 ++ 11 files changed, 82 insertions(+), 31 deletions(-) create mode 100644 src/aws-cpp-sdk-core/include/smithy/identity/resolver/built-in/NoAuthIdentityResolver.h diff --git a/src/aws-cpp-sdk-core/include/aws/core/auth/AWSAuthSigner.h b/src/aws-cpp-sdk-core/include/aws/core/auth/AWSAuthSigner.h index 58a40376ba1..6abfc5c3ddd 100644 --- a/src/aws-cpp-sdk-core/include/aws/core/auth/AWSAuthSigner.h +++ b/src/aws-cpp-sdk-core/include/aws/core/auth/AWSAuthSigner.h @@ -11,8 +11,4 @@ #include #include #include - -#include -#include - // This is a header that represents old legacy all-in-one header to maintain backward compatibility diff --git a/src/aws-cpp-sdk-core/include/smithy/client/AwsSmithyClient.h b/src/aws-cpp-sdk-core/include/smithy/client/AwsSmithyClient.h index 97b387fec36..b6e22084fc1 100644 --- a/src/aws-cpp-sdk-core/include/smithy/client/AwsSmithyClient.h +++ b/src/aws-cpp-sdk-core/include/smithy/client/AwsSmithyClient.h @@ -352,18 +352,15 @@ namespace client GetContextEndpointParametersOutcome GetContextEndpointParametersImpl(const AwsSmithyClientAsyncRequestContext& ctx) const { Aws::Vector endpointParameters; - //nullptr indicates we're using noAuth and therefore there is no identity - if (ctx.m_awsIdentity != nullptr) { - const auto resolvedAccountId = ctx.m_awsIdentity->accountId(); - const auto resolvedNonEmptyAccountId = resolvedAccountId.has_value() && !resolvedAccountId.value().empty(); - // Set user agent if account ID was resolved in identity provider - if (resolvedNonEmptyAccountId) { - ctx.m_pRequest->AddUserAgentFeature(Aws::Client::UserAgentFeature::RESOLVED_ACCOUNT_ID); - } - // Only set EP param if client configuration does not have a configured account ID and we resolved a account id - if (resolvedNonEmptyAccountId && m_clientConfiguration.accountId.empty()) { - endpointParameters.emplace_back("AccountId", resolvedAccountId.value(), Aws::Endpoint::EndpointParameter::ParameterOrigin::OPERATION_CONTEXT); - } + const auto resolvedAccountId = ctx.m_awsIdentity->accountId(); + const auto resolvedNonEmptyAccountId = resolvedAccountId.has_value() && !resolvedAccountId.value().empty(); + // Set user agent if account ID was resolved in identity provider + if (resolvedNonEmptyAccountId) { + ctx.m_pRequest->AddUserAgentFeature(Aws::Client::UserAgentFeature::RESOLVED_ACCOUNT_ID); + } + // Only set EP param if client configuration does not have a configured account ID and we resolved a account id + if (resolvedNonEmptyAccountId && m_clientConfiguration.accountId.empty()) { + endpointParameters.emplace_back("AccountId", resolvedAccountId.value(), Aws::Endpoint::EndpointParameter::ParameterOrigin::OPERATION_CONTEXT); } return endpointParameters; } diff --git a/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/NoAuthScheme.h b/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/NoAuthScheme.h index 2324f638358..18d6f38389a 100644 --- a/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/NoAuthScheme.h +++ b/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/NoAuthScheme.h @@ -9,6 +9,7 @@ #include #include +#include namespace smithy { constexpr char NOAUTH[] = "smithy.api#noAuth"; @@ -21,21 +22,25 @@ namespace smithy { explicit NoAuthScheme() : AuthScheme(NOAUTH), - m_signer{Aws::MakeShared("NoAuthScheme")} + m_signer{Aws::MakeShared("NoAuthScheme")}, + m_identityResolver{Aws::MakeShared("NoAuthScheme")} { assert(m_signer); + assert(m_identityResolver); } explicit NoAuthScheme(std::shared_ptr identityResolver, const Aws::String& serviceName, const Aws::String& region) : AuthScheme(NOAUTH), - m_signer{Aws::MakeShared("NoAuthScheme")} + m_signer{Aws::MakeShared("NoAuthScheme")}, + m_identityResolver{Aws::MakeShared("NoAuthScheme")} { AWS_UNREFERENCED_PARAM(identityResolver); AWS_UNREFERENCED_PARAM(serviceName); AWS_UNREFERENCED_PARAM(region); assert(m_signer); + assert(m_identityResolver); } explicit NoAuthScheme(const Aws::String& serviceName, @@ -43,12 +48,14 @@ namespace smithy { : NoAuthScheme(nullptr, serviceName, region) { assert(m_signer); + assert(m_identityResolver); } //legacy constructors explicit NoAuthScheme(std::shared_ptr identityResolver, const Aws::String& serviceName, const Aws::String& region, Aws::Client::AWSAuthV4Signer::PayloadSigningPolicy policy, bool urlEscape) : AuthScheme(NOAUTH), - m_signer{Aws::MakeShared("NoAuthScheme")} + m_signer{Aws::MakeShared("NoAuthScheme")}, + m_identityResolver{Aws::MakeShared("NoAuthScheme")} { AWS_UNREFERENCED_PARAM(identityResolver); AWS_UNREFERENCED_PARAM(serviceName); @@ -56,13 +63,14 @@ namespace smithy { AWS_UNREFERENCED_PARAM(policy); AWS_UNREFERENCED_PARAM(urlEscape); assert(m_signer); + assert(m_identityResolver); } virtual ~NoAuthScheme() = default; std::shared_ptr identityResolver() override { - return nullptr; + return m_identityResolver; } std::shared_ptr signer() override @@ -72,5 +80,6 @@ namespace smithy { protected: std::shared_ptr m_signer; + std::shared_ptr m_identityResolver; }; } \ No newline at end of file diff --git a/src/aws-cpp-sdk-core/include/smithy/identity/resolver/built-in/NoAuthIdentityResolver.h b/src/aws-cpp-sdk-core/include/smithy/identity/resolver/built-in/NoAuthIdentityResolver.h new file mode 100644 index 00000000000..f64ad3b8ac2 --- /dev/null +++ b/src/aws-cpp-sdk-core/include/smithy/identity/resolver/built-in/NoAuthIdentityResolver.h @@ -0,0 +1,30 @@ +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ +#pragma once + +#include + +#include + +namespace smithy { + /** + * A no-auth identity resolver that returns empty credentials for unauthenticated requests + */ + class NoAuthIdentityResolver : public AwsCredentialIdentityResolver { + public: + NoAuthIdentityResolver() = default; + virtual ~NoAuthIdentityResolver() = default; + + ResolveIdentityFutureOutcome getIdentity(const IdentityProperties& identityProperties, const AdditionalParameters& additionalParameters) override + { + AWS_UNREFERENCED_PARAM(identityProperties); + AWS_UNREFERENCED_PARAM(additionalParameters); + + auto smithyCreds = Aws::MakeUnique("NoAuthIdentityResolver"); + // Return empty identity for no-auth scenarios + return {std::move(smithyCreds)}; + } + }; +} \ No newline at end of file diff --git a/src/aws-cpp-sdk-core/source/smithy/client/AwsSmithyClientBase.cpp b/src/aws-cpp-sdk-core/source/smithy/client/AwsSmithyClientBase.cpp index b06fb94a322..e799ab5a5a1 100644 --- a/src/aws-cpp-sdk-core/source/smithy/client/AwsSmithyClientBase.cpp +++ b/src/aws-cpp-sdk-core/source/smithy/client/AwsSmithyClientBase.cpp @@ -195,15 +195,14 @@ bool AwsSmithyClientBase::ResolveIdentityAuth( assert(pRequestCtx->m_authSchemeOption.schemeId); // resolve identity - if (strcmp(authSchemeOptionOutcome.GetResult().schemeId, smithy::NOAUTH) != 0) { - auto identityOutcome = this->ResolveIdentity(*pRequestCtx); - if (!identityOutcome.IsSuccess()) - { - responseHandler(std::move(identityOutcome)); - return false; - } - pRequestCtx->m_awsIdentity = std::move(identityOutcome.GetResultWithOwnership()); + auto identityOutcome = this->ResolveIdentity(*pRequestCtx); + if (!identityOutcome.IsSuccess()) + { + responseHandler(std::move(identityOutcome)); + return false; } + pRequestCtx->m_awsIdentity = std::move(identityOutcome.GetResultWithOwnership()); + // get endpoint params from operation context diff --git a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/Operation.java b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/Operation.java index 5faabefd5ed..1623c099b11 100644 --- a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/Operation.java +++ b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/Operation.java @@ -102,6 +102,10 @@ public boolean hasSigV4aAuth() { return auth != null && auth.contains("aws.auth#sigv4a"); } + public boolean hasNoAuth() { + return auth != null && auth.contains("smithy.api#noAuth"); + } + public boolean hasBearerAuth() { return auth != null && auth.contains("smithy.api#httpBearerAuth"); } diff --git a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/ServiceModel.java b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/ServiceModel.java index 81a24905298..ec8beba134b 100644 --- a/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/ServiceModel.java +++ b/tools/code-generation/generator/src/main/java/com/amazonaws/util/awsclientgenerator/domainmodels/codegeneration/ServiceModel.java @@ -51,18 +51,22 @@ public boolean hasSigV4Auth() { if(metadata.getSignatureVersion().equals("v4") || metadata.getSignatureVersion().equals("s3v4")) { return true; } - return authSchemes.contains("aws.auth#sigv4") || operations.values().parallelStream().anyMatch(operation -> operation.getSignerName().equals("Aws::Auth::SIGV4_SIGNER")); + return authSchemes.contains("aws.auth#sigv4") || operations.values().parallelStream().anyMatch(operation -> operation.getSignerName().equals("Aws::Auth::SIGV4_SIGNER") || operation.hasSigV4Auth()); } public boolean hasSigV4aAuth() { - return authSchemes.contains("aws.auth#sigv4a") || operations.values().parallelStream().anyMatch(operation -> operation.getSignerName().equals("Aws::Auth::SIGV4A_SIGNER")); + return authSchemes.contains("aws.auth#sigv4a") || operations.values().parallelStream().anyMatch(operation -> operation.getSignerName().equals("Aws::Auth::SIGV4A_SIGNER") || operation.hasSigV4aAuth()); + } + + public boolean hasNoAuth() { + return authSchemes.contains("smithy.api#noAuth") || operations.values().parallelStream().anyMatch(operation -> operation.getSignerName().equals("Aws::Auth::NULL_SIGNER") || operation.hasNoAuth()); } public boolean hasBearerAuth() { if(metadata.getSignatureVersion().equals("bearer")) { return true; } - return authSchemes.contains("smithy.api#httpBearerAuth") || operations.values().parallelStream().anyMatch(operation -> operation.getSignerName().equals("Aws::Auth::BEARER_SIGNER")); + return authSchemes.contains("smithy.api#httpBearerAuth") || operations.values().parallelStream().anyMatch(operation -> operation.getSignerName().equals("Aws::Auth::BEARER_SIGNER") || operation.hasBearerAuth()); } public boolean hasOnlyBearerAuth() { diff --git a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/cbor/CborRequestSource.vm b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/cbor/CborRequestSource.vm index e8494b2ec1c..6e8dd16d06f 100644 --- a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/cbor/CborRequestSource.vm +++ b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/cbor/CborRequestSource.vm @@ -24,6 +24,9 @@ #if($operation.hasBearerAuth()) \#include #end +#if($operation.hasNoAuth()) +\#include +#end #end ###if($serviceModel.useSmithyClient) \#include diff --git a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/json/JsonRequestSource.vm b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/json/JsonRequestSource.vm index 35923b2c8d8..b775ad68351 100644 --- a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/json/JsonRequestSource.vm +++ b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/json/JsonRequestSource.vm @@ -24,6 +24,9 @@ #if($operation.hasBearerAuth()) \#include #end +#if($operation.hasNoAuth()) +\#include +#end #end ###if($serviceModel.useSmithyClient) \#include #if(${CppViewHelper.hasListMemberUsedForHeader($shape)}) diff --git a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/smithy/SmithyClientHeader.vm b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/smithy/SmithyClientHeader.vm index b10b2c429d9..7d9e54e533d 100644 --- a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/smithy/SmithyClientHeader.vm +++ b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/smithy/SmithyClientHeader.vm @@ -27,6 +27,9 @@ #if($serviceModel.hasSigV4aAuth()) \#include #end +#if($serviceModel.hasNoAuth()) +\#include +#end \#include \#include \#include diff --git a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/xml/XmlRequestSource.vm b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/xml/XmlRequestSource.vm index c461342e02a..83dabaeac6f 100644 --- a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/xml/XmlRequestSource.vm +++ b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/xml/XmlRequestSource.vm @@ -28,6 +28,9 @@ #if($operation.hasBearerAuth()) \#include #end +#if($operation.hasNoAuth()) +\#include +#end #end ###if($serviceModel.useSmithyClient) \#include #if(${CppViewHelper.hasListMemberUsedForHeader($shape)}) From c217e3cd1a9fce7b0d3f5f75952d390dac424f08 Mon Sep 17 00:00:00 2001 From: sbiscigl Date: Tue, 2 Dec 2025 16:51:50 -0500 Subject: [PATCH 4/7] remove unused var --- .../source/config/AWSConfigFileProfileConfigLoader.cpp | 1 - 1 file changed, 1 deletion(-) diff --git a/src/aws-cpp-sdk-core/source/config/AWSConfigFileProfileConfigLoader.cpp b/src/aws-cpp-sdk-core/source/config/AWSConfigFileProfileConfigLoader.cpp index 083f92d80c4..5e286926bd6 100644 --- a/src/aws-cpp-sdk-core/source/config/AWSConfigFileProfileConfigLoader.cpp +++ b/src/aws-cpp-sdk-core/source/config/AWSConfigFileProfileConfigLoader.cpp @@ -42,7 +42,6 @@ namespace Aws static const char SSO_SESSION_SECTION[] = "sso-session"; static const char SERVICES_SECTION[] = "services"; static const char ENDPOINT_URL_KEY[] = "endpoint_url"; - static const char IGNORE_CONFIGURED_ENDPOINT_URLS_KEY[] = "ignore_configured_endpoint_urls"; static const char DEFAULTS_MODE_KEY[] = "defaults_mode"; static const char EQ = '='; static const char LEFT_BRACKET = '['; From 3f0dd551dd6fbe3f305f82f7d28b47a8394c3b89 Mon Sep 17 00:00:00 2001 From: sbaluja Date: Wed, 3 Dec 2025 16:55:40 -0500 Subject: [PATCH 5/7] Bearer token to follow single definition rule for linker issues (logging tag definitions) --- .../auth/built-in/BearerTokenAuthSchemeOption.h | 13 ++++++------- .../resolver/AwsBearerTokenIdentityResolver.h | 9 ++------- .../identity/signer/built-in/BearerTokenSigner.h | 4 +--- .../source/smithy/identity/AuthSchemeOption.cpp | 2 ++ 4 files changed, 11 insertions(+), 17 deletions(-) diff --git a/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/BearerTokenAuthSchemeOption.h b/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/BearerTokenAuthSchemeOption.h index 2fbf4bec104..fb706136142 100644 --- a/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/BearerTokenAuthSchemeOption.h +++ b/src/aws-cpp-sdk-core/include/smithy/identity/auth/built-in/BearerTokenAuthSchemeOption.h @@ -4,14 +4,13 @@ */ #pragma once +#include #include + namespace smithy { -struct BearerTokenAuthSchemeOption -{ - static AuthSchemeOption bearerTokenAuthSchemeOption; -}; - -AuthSchemeOption BearerTokenAuthSchemeOption::bearerTokenAuthSchemeOption = - AuthSchemeOption("smithy.api#HTTPBearerAuth"); + struct BearerTokenAuthSchemeOption + { + static SMITHY_API AuthSchemeOption bearerTokenAuthSchemeOption; + }; } // namespace smithy \ No newline at end of file diff --git a/src/aws-cpp-sdk-core/include/smithy/identity/resolver/AwsBearerTokenIdentityResolver.h b/src/aws-cpp-sdk-core/include/smithy/identity/resolver/AwsBearerTokenIdentityResolver.h index 833990a5814..e04e73d925c 100644 --- a/src/aws-cpp-sdk-core/include/smithy/identity/resolver/AwsBearerTokenIdentityResolver.h +++ b/src/aws-cpp-sdk-core/include/smithy/identity/resolver/AwsBearerTokenIdentityResolver.h @@ -17,8 +17,6 @@ class AwsBearerTokenIdentityResolver : public IdentityResolverBase { public: - static const char BEARER_TOKEN_PROVIDER_CHAIN_LOG_TAG[]; - using IdentityT = AwsBearerTokenIdentity; virtual ~AwsBearerTokenIdentityResolver() = default; @@ -57,7 +55,7 @@ class AwsBearerTokenIdentityResolver if (!bearerTokenProvider) { AWS_LOGSTREAM_FATAL( - BEARER_TOKEN_PROVIDER_CHAIN_LOG_TAG, + "BearerTokenProvider", "Unexpected nullptr in " "DefaultBearerTokenProviderChain::m_providerChain"); return Aws::Client::AWSError( @@ -70,7 +68,7 @@ class AwsBearerTokenIdentityResolver if (!bearerToken.IsExpiredOrEmpty()) { auto outcomePtr = Aws::MakeUnique( - BEARER_TOKEN_PROVIDER_CHAIN_LOG_TAG); + "BearerTokenProvider"); outcomePtr->token() = bearerToken.GetToken(); outcomePtr->expiration() = bearerToken.GetExpiration(); return ResolveIdentityFutureOutcome(std::move(outcomePtr)); @@ -104,8 +102,5 @@ class DefaultAwsBearerTokenIdentityResolver : AwsBearerTokenIdentityResolver(Aws::Vector>{ Aws::MakeShared("SSOBearerTokenProvider")}){}; }; -const char - AwsBearerTokenIdentityResolver::BEARER_TOKEN_PROVIDER_CHAIN_LOG_TAG[] = - "BearerTokenProvider"; } // namespace smithy \ No newline at end of file diff --git a/src/aws-cpp-sdk-core/include/smithy/identity/signer/built-in/BearerTokenSigner.h b/src/aws-cpp-sdk-core/include/smithy/identity/signer/built-in/BearerTokenSigner.h index 5695443a343..036ece8f8cd 100644 --- a/src/aws-cpp-sdk-core/include/smithy/identity/signer/built-in/BearerTokenSigner.h +++ b/src/aws-cpp-sdk-core/include/smithy/identity/signer/built-in/BearerTokenSigner.h @@ -21,7 +21,6 @@ class BearerTokenSigner : public AwsSignerBase { public: - static const char LOGGING_TAG[]; using BearerTokenAuthSchemeParameters = smithy::DefaultAuthSchemeResolverParameters; @@ -44,7 +43,7 @@ class BearerTokenSigner : public AwsSignerBase // security when making requests with bearer tokens. // https://datatracker.ietf.org/doc/html/rfc6750 AWS_LOGSTREAM_ERROR( - LOGGING_TAG, + "BearerTokenSigner", "HTTPS scheme must be used with a bearer token authorization"); return SigningError( Aws::Client::CoreErrors::INVALID_PARAMETER_VALUE, "", @@ -71,5 +70,4 @@ class BearerTokenSigner : public AwsSignerBase Aws::String m_region; }; -const char BearerTokenSigner::LOGGING_TAG[] = "BearerTokenSigner"; } // namespace smithy diff --git a/src/aws-cpp-sdk-core/source/smithy/identity/AuthSchemeOption.cpp b/src/aws-cpp-sdk-core/source/smithy/identity/AuthSchemeOption.cpp index 35c31a46de6..c8524822ec0 100644 --- a/src/aws-cpp-sdk-core/source/smithy/identity/AuthSchemeOption.cpp +++ b/src/aws-cpp-sdk-core/source/smithy/identity/AuthSchemeOption.cpp @@ -5,8 +5,10 @@ #include #include #include +#include using namespace smithy; AuthSchemeOption SigV4AuthSchemeOption::sigV4AuthSchemeOption = AuthSchemeOption("aws.auth#sigv4"); AuthSchemeOption SigV4aAuthSchemeOption::sigV4aAuthSchemeOption = AuthSchemeOption("aws.auth#sigv4a"); AuthSchemeOption NoAuthSchemeOption::noAuthSchemeOption = AuthSchemeOption("smithy.api#noAuth"); +AuthSchemeOption BearerTokenAuthSchemeOption::bearerTokenAuthSchemeOption = AuthSchemeOption("smithy.api#HTTPBearerAuth"); From f3856e4f31bfc9cf1fe1a03824a3eb555e52c636 Mon Sep 17 00:00:00 2001 From: sbaluja Date: Wed, 3 Dec 2025 16:57:18 -0500 Subject: [PATCH 6/7] Fix request includes from NoAuthScheme.h to NoAuthSchemeOption.h --- .../awsclientgenerator/velocity/cpp/cbor/CborRequestSource.vm | 2 +- .../awsclientgenerator/velocity/cpp/json/JsonRequestSource.vm | 2 +- .../awsclientgenerator/velocity/cpp/xml/XmlRequestSource.vm | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/cbor/CborRequestSource.vm b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/cbor/CborRequestSource.vm index 6e8dd16d06f..4496da0608a 100644 --- a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/cbor/CborRequestSource.vm +++ b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/cbor/CborRequestSource.vm @@ -25,7 +25,7 @@ \#include #end #if($operation.hasNoAuth()) -\#include +\#include #end #end ###if($serviceModel.useSmithyClient) diff --git a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/json/JsonRequestSource.vm b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/json/JsonRequestSource.vm index b775ad68351..9bd6a21d4dc 100644 --- a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/json/JsonRequestSource.vm +++ b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/json/JsonRequestSource.vm @@ -25,7 +25,7 @@ \#include #end #if($operation.hasNoAuth()) -\#include +\#include #end #end ###if($serviceModel.useSmithyClient) \#include diff --git a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/xml/XmlRequestSource.vm b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/xml/XmlRequestSource.vm index 83dabaeac6f..063f7c5e118 100644 --- a/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/xml/XmlRequestSource.vm +++ b/tools/code-generation/generator/src/main/resources/com/amazonaws/util/awsclientgenerator/velocity/cpp/xml/XmlRequestSource.vm @@ -29,7 +29,7 @@ \#include #end #if($operation.hasNoAuth()) -\#include +\#include #end #end ###if($serviceModel.useSmithyClient) \#include From cf4264b6f86b9ead60d80eea276fe330fd2d25a8 Mon Sep 17 00:00:00 2001 From: sbaluja Date: Thu, 4 Dec 2025 11:52:44 -0500 Subject: [PATCH 7/7] Revert "remove unused var" This reverts commit d7aeff825fe672403a6a0c7aaab2f65a60dfe2dd. --- .../source/config/AWSConfigFileProfileConfigLoader.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/src/aws-cpp-sdk-core/source/config/AWSConfigFileProfileConfigLoader.cpp b/src/aws-cpp-sdk-core/source/config/AWSConfigFileProfileConfigLoader.cpp index 5e286926bd6..083f92d80c4 100644 --- a/src/aws-cpp-sdk-core/source/config/AWSConfigFileProfileConfigLoader.cpp +++ b/src/aws-cpp-sdk-core/source/config/AWSConfigFileProfileConfigLoader.cpp @@ -42,6 +42,7 @@ namespace Aws static const char SSO_SESSION_SECTION[] = "sso-session"; static const char SERVICES_SECTION[] = "services"; static const char ENDPOINT_URL_KEY[] = "endpoint_url"; + static const char IGNORE_CONFIGURED_ENDPOINT_URLS_KEY[] = "ignore_configured_endpoint_urls"; static const char DEFAULTS_MODE_KEY[] = "defaults_mode"; static const char EQ = '='; static const char LEFT_BRACKET = '[';