Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for S3 express endpoints #629

Merged
merged 6 commits into from
Dec 18, 2024
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
Store credential in middleware context
  • Loading branch information
adam-fowler committed Dec 15, 2024
commit 8ffdb87b951f39a607853b85e0d8e7a32def621c
6 changes: 6 additions & 0 deletions Sources/SotoCore/AWSClient.swift
Original file line number Diff line number Diff line change
Expand Up @@ -402,9 +402,15 @@ extension AWSClient {
try Task.checkCancellation()
// combine service and client middleware stacks
let middlewareStack = config.middleware.map { AWSDynamicMiddlewareStack($0, self.middleware) } ?? self.middleware
let credential = try await self.credentialProvider.getCredential(logger: logger)
let middlewareContext = AWSMiddlewareContext(
operation: operationName,
serviceConfig: config,
credential: StaticCredential(
accessKeyId: credential.accessKeyId,
secretAccessKey: credential.secretAccessKey,
sessionToken: credential.sessionToken
),
logger: logger
)
// run middleware stack with httpClient execute at the end
Expand Down
4 changes: 4 additions & 0 deletions Sources/SotoCore/Credential/Credential+IsEmpty.swift
Original file line number Diff line number Diff line change
Expand Up @@ -18,4 +18,8 @@ extension Credential {
func isEmpty() -> Bool {
self.accessKeyId.isEmpty || self.secretAccessKey.isEmpty
}

func getStaticCredential() -> StaticCredential {
.init(accessKeyId: accessKeyId, secretAccessKey: secretAccessKey, sessionToken: sessionToken)
}
}
2 changes: 1 addition & 1 deletion Sources/SotoCore/Credential/CredentialProvider.swift
Original file line number Diff line number Diff line change
Expand Up @@ -170,7 +170,7 @@ extension CredentialProviderFactory {
/// Don't supply any credentials
public static var empty: CredentialProviderFactory {
Self { _ in
StaticCredential(accessKeyId: "", secretAccessKey: "")
EmptyCredential()
}
}

Expand Down
24 changes: 24 additions & 0 deletions Sources/SotoCore/Credential/EmptyCredential.swift
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
//===----------------------------------------------------------------------===//
//
// This source file is part of the Soto for AWS open source project
//
// Copyright (c) 2017-2023 the Soto project authors
// Licensed under Apache License v2.0
//
// See LICENSE.txt for license information
// See CONTRIBUTORS.txt for the list of Soto project authors
//
// SPDX-License-Identifier: Apache-2.0
//
//===----------------------------------------------------------------------===//

/// Empty credentials
public struct EmptyCredential: CredentialProvider, Credential {
public var accessKeyId: String { "" }
public var secretAccessKey: String { "" }
public var sessionToken: String? { nil }

public func getCredential(logger: Logger) async throws -> any Credential {
self
}
}
1 change: 1 addition & 0 deletions Sources/SotoCore/Middleware/Middleware.swift
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ import Logging
public struct AWSMiddlewareContext: Sendable {
public var operation: String
public var serviceConfig: AWSServiceConfig
public var credential: StaticCredential
public var logger: Logger
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,10 +24,12 @@ struct SigningMiddleware: AWSMiddlewareProtocol {
@inlinable
func handle(_ request: AWSHTTPRequest, context: AWSMiddlewareContext, next: AWSMiddlewareNextHandler) async throws -> AWSHTTPResponse {
var request = request
// get credentials
let credential = try await self.credentialProvider.getCredential(logger: context.logger)
// construct signer
let signer = AWSSigner(credentials: credential, name: context.serviceConfig.signingName, region: context.serviceConfig.region.rawValue)
let signer = AWSSigner(
credentials: context.credential,
name: context.serviceConfig.signingName,
region: context.serviceConfig.region.rawValue
)
request.signHeaders(signer: signer, serviceConfig: context.serviceConfig)
return try await next(request, context)
}
Expand Down
7 changes: 6 additions & 1 deletion Tests/SotoCoreTests/AWSServiceTests.swift
Original file line number Diff line number Diff line change
Expand Up @@ -129,7 +129,12 @@ class AWSServiceTests: XCTestCase {
let service = TestService(client: client, config: createServiceConfig())
let service2 = service.with(middleware: TestMiddleware())
let request = AWSHTTPRequest(url: URL(string: "http://testurl.com")!, method: .GET, headers: [:], body: .init())
let context = AWSMiddlewareContext(operation: "TestURL", serviceConfig: service2.config, logger: TestEnvironment.logger)
let context = AWSMiddlewareContext(
operation: "TestURL",
serviceConfig: service2.config,
credential: EmptyCredential().getStaticCredential(),
logger: TestEnvironment.logger
)
let response = try await service2.config.middleware!.handle(request, context: context) { request, _ in
.init(status: .ok, headers: request.headers, body: request.body)
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ class RuntimeSelectorCredentialProviderTests: XCTestCase {
XCTAssertEqual(credential.secretAccessKey, "")
XCTAssertEqual(credential.sessionToken, nil)
let internalProvider = try await (client.credentialProvider as? RuntimeSelectorCredentialProvider)?.getCredentialProviderTask()
XCTAssert(internalProvider is StaticCredential)
XCTAssert(internalProvider is EmptyCredential)
}

func testFoundSelectorWithOneProvider() async throws {
Expand All @@ -90,7 +90,7 @@ class RuntimeSelectorCredentialProviderTests: XCTestCase {
defer { XCTAssertNoThrow(try client.syncShutdown()) }
let credential = try await client.credentialProvider.getCredential(logger: TestEnvironment.logger)
XCTAssert(credential.isEmpty())
XCTAssert(client.credentialProvider is StaticCredential)
XCTAssert(client.credentialProvider is EmptyCredential)
}

func testECSProvider() async throws {
Expand Down Expand Up @@ -188,7 +188,6 @@ class RuntimeSelectorCredentialProviderTests: XCTestCase {
defer { XCTAssertNoThrow(try client.syncShutdown()) }
_ = try await client.credentialProvider.getCredential(logger: TestEnvironment.logger)
let internalProvider = try await (client.credentialProvider as? RuntimeSelectorCredentialProvider)?.getCredentialProviderTask()
XCTAssert(internalProvider is StaticCredential)
XCTAssert((internalProvider as? StaticCredential)?.isEmpty() == true)
XCTAssert(internalProvider is EmptyCredential)
}
}