diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 2cb7944e8e8..3077b65e71e 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -41,35 +41,6 @@ jobs: - name: Test run: make ci-test-no-generate - deprecated-unix-tests: - needs: unix-tests - name: Deprecated Go version Unix SDK Tests - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest, macos-latest] - go-version: [1.15, 1.16, 1.17, 1.18] - exclude: - - os: macos-latest - go-version: 1.15 - - os: macos-latest - go-version: 1.16 - steps: - - uses: actions/checkout@v2 - - - name: Set up Go - uses: actions/setup-go@v2 - with: - go-version: ${{ matrix.go-version }} - - - name: Find smithy-go - env: - RUNNER_TMPDIR: ${{ runner.temp }} - run: ./ci-find-smithy-go.sh - - - name: Test - run: make ci-test-no-generate - windows-tests: name: Windows SDK Tests runs-on: ${{ matrix.os }} @@ -95,30 +66,3 @@ jobs: - name: Test run: make vet build unit-test - - deprecated-windows-tests: - needs: windows-tests - name: Deprecated Go version Windows SDK Tests - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [windows-latest] - go-version: [1.15, 1.16, 1.17, 1.18] - env: - EACHMODULE_SKIP: "internal\\repotools\\changes" - steps: - - uses: actions/checkout@v2 - - - name: Set up Go - uses: actions/setup-go@v2 - with: - go-version: ${{ matrix.go-version }} - - - name: Find smithy-go - shell: bash - env: - RUNNER_TMPDIR: ${{ runner.temp }} - run: ./ci-find-smithy-go.sh - - - name: Test - run: make vet build unit-test diff --git a/internal/auth/go.mod b/internal/auth/go.mod new file mode 100644 index 00000000000..bc18c0829e5 --- /dev/null +++ b/internal/auth/go.mod @@ -0,0 +1,15 @@ +module github.com/aws/aws-sdk-go-v2/internal/auth + +go 1.15 + +require ( + github.com/aws/aws-sdk-go-v2 v1.21.0 + github.com/aws/aws-sdk-go-v2/internal/v4a v1.1.4 + github.com/aws/smithy-go v1.14.2 +) + +replace github.com/aws/aws-sdk-go-v2 => ../../ + +replace github.com/aws/aws-sdk-go-v2/internal/auth => ../../internal/auth + +replace github.com/aws/smithy-go => ../../../smithy-go diff --git a/internal/auth/go.sum b/internal/auth/go.sum new file mode 100644 index 00000000000..15dedb955f9 --- /dev/null +++ b/internal/auth/go.sum @@ -0,0 +1,11 @@ +github.com/aws/aws-sdk-go-v2/internal/v4a v1.1.4 h1:6lJvvkQ9HmbHZ4h/IEwclwv2mrTW8Uq1SOB/kXy0mfw= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.1.4/go.mod h1:1PrKYwxTM+zjpw9Y41KFtoJCQrJ34Z47Y4VgVbfndjo= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg= +github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= +github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/internal/auth/smithy/credentials_adapter.go b/internal/auth/smithy/credentials_adapter.go new file mode 100644 index 00000000000..accecfa00d7 --- /dev/null +++ b/internal/auth/smithy/credentials_adapter.go @@ -0,0 +1,42 @@ +package smithy + +import ( + "context" + "fmt" + "time" + + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/smithy-go" + "github.com/aws/smithy-go/auth" +) + +// CredentialsAdapter adapts aws.Credentials to auth.Identity. +type CredentialsAdapter struct { + creds aws.Credentials +} + +var _ auth.Identity = (*CredentialsAdapter)(nil) + +// Expiration returns the time of expiration for the credentials. +func (v *CredentialsAdapter) Expiration() time.Time { + return v.creds.Expires +} + +// CredentialsProviderAdapter adapts aws.CredentialsProvider to auth.IdentityResolver. +type CredentialsProviderAdapter struct { + provider aws.CredentialsProvider +} + +var _ (auth.IdentityResolver) = (*CredentialsProviderAdapter)(nil) + +// GetIdentity retrieves AWS credentials using the underlying provider. +func (v *CredentialsProviderAdapter) GetIdentity(ctx context.Context, _ *smithy.Properties) ( + auth.Identity, error, +) { + creds, err := v.provider.Retrieve(ctx) + if err != nil { + return nil, fmt.Errorf("get credentials: %v", err) + } + + return &CredentialsAdapter{creds: creds}, nil +} diff --git a/internal/auth/smithy/smithy.go b/internal/auth/smithy/smithy.go new file mode 100644 index 00000000000..42b45867339 --- /dev/null +++ b/internal/auth/smithy/smithy.go @@ -0,0 +1,2 @@ +// Package smithy adapts concrete AWS auth and signing types to the generic smithy versions. +package smithy diff --git a/internal/auth/smithy/v4asigner_adapter.go b/internal/auth/smithy/v4asigner_adapter.go new file mode 100644 index 00000000000..c50b2e09bb5 --- /dev/null +++ b/internal/auth/smithy/v4asigner_adapter.go @@ -0,0 +1,60 @@ +package smithy + +import ( + "context" + "fmt" + "net/http" + "time" + + v4 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + "github.com/aws/aws-sdk-go-v2/internal/sdk" + "github.com/aws/aws-sdk-go-v2/internal/v4a" + "github.com/aws/smithy-go" + "github.com/aws/smithy-go/auth" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// V4ACredentialsAdapter adapts v4a.Credentials to auth.Identity. +type V4ACredentialsAdapter struct { + creds v4a.Credentials +} + +var _ (smithyhttp.Signer) = (*V4ASignerAdapter)(nil) + +// Expiration returns the time of expiration for the credentials. +func (v *V4ACredentialsAdapter) Expiration() time.Time { + return v.creds.Expires +} + +// V4ASignerAdapter adapts v4a.HTTPSigner to smithy http.Signer. +type V4ASignerAdapter struct { + signer v4a.HTTPSigner +} + +var _ (smithyhttp.Signer) = (*V4ASignerAdapter)(nil) + +// SignRequest signs the request with the provided identity. +func (v *V4ASignerAdapter) SignRequest(ctx context.Context, r *http.Request, identity auth.Identity, props *smithy.Properties) error { + ca, ok := identity.(*V4ACredentialsAdapter) + if !ok { + return fmt.Errorf("unexpected identity type: %T", identity) + } + + name, ok := smithyhttp.GetSigV4ASigningName(props) + if !ok { + return fmt.Errorf("sigv4a signing name is required") + } + + regions, ok := smithyhttp.GetSigV4ASigningRegions(props) + if !ok { + return fmt.Errorf("sigv4a signing region set is required") + } + + hash := v4.GetPayloadHash(ctx) + err := v.signer.SignHTTP(ctx, ca.creds, r, hash, name, regions, sdk.NowTime()) + if err != nil { + return fmt.Errorf("sign http: %v", err) + } + + return nil +} diff --git a/internal/auth/smithy/v4signer_adapter.go b/internal/auth/smithy/v4signer_adapter.go new file mode 100644 index 00000000000..2c1ab1c6196 --- /dev/null +++ b/internal/auth/smithy/v4signer_adapter.go @@ -0,0 +1,46 @@ +package smithy + +import ( + "context" + "fmt" + "net/http" + + v4 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + "github.com/aws/aws-sdk-go-v2/internal/sdk" + "github.com/aws/smithy-go" + "github.com/aws/smithy-go/auth" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// V4SignerAdapter adapts v4.HTTPSigner to smithy http.Signer. +type V4SignerAdapter struct { + signer v4.HTTPSigner +} + +var _ (smithyhttp.Signer) = (*V4SignerAdapter)(nil) + +// SignRequest signs the request with the provided identity. +func (v *V4SignerAdapter) SignRequest(ctx context.Context, r *http.Request, identity auth.Identity, props *smithy.Properties) error { + ca, ok := identity.(*CredentialsAdapter) + if !ok { + return fmt.Errorf("unexpected identity type: %T", identity) + } + + name, ok := smithyhttp.GetSigV4SigningName(props) + if !ok { + return fmt.Errorf("sigv4 signing name is required") + } + + region, ok := smithyhttp.GetSigV4SigningRegion(props) + if !ok { + return fmt.Errorf("sigv4 signing region is required") + } + + hash := v4.GetPayloadHash(ctx) + err := v.signer.SignHTTP(ctx, ca.creds, r, hash, name, region, sdk.NowTime()) + if err != nil { + return fmt.Errorf("sign http: %v", err) + } + + return nil +}