Add Sigv4A support for the orchestrator #2890
Conversation
| /// Auth scheme ID for SigV4a. | ||
| pub const SCHEME_ID: AuthSchemeId = AuthSchemeId::new("sigv4a"); | ||
|
|
||
| struct EndpointAuthSchemeConfig { |
There was a problem hiding this comment.
Do you foresee these supporting types (e.g., EndpointAuthSchemeConfig, SigV4SigningError, HttpSignatureType, SigningOptions, etc) ever deviating from SigV4's? If not, should we consolidate them and their shared logic so that the only difference is in the scheme ID and the signer itself?
| let signature = match params.signature_version { | ||
| SignatureVersion::V4 => { |
There was a problem hiding this comment.
Consider breaking out functions for the different versions
| val normalizeUrlPath = !disableUriPathNormalization(codegenContext.serviceShape) | ||
| rustTemplate( | ||
| """ | ||
| let mut signing_options = #{SigningOptions}::default(); |
There was a problem hiding this comment.
I'm thinking we should combine the V4 and V4a decorators so that this signing option initialization only needs to happen once (assuming the supporting types are merged).
| @@ -279,7 +279,6 @@ fun rewritePathDependency(line: String): String { | |||
| } | |||
|
|
|||
| tasks.register<Copy>("copyAllRuntimes") { | |||
| dependsOn("smithyBuildJar") | |||
There was a problem hiding this comment.
Commenting for posterity: this makes the relocate runtime tasks run without regenerating the entire SDK.
fix more broken tests remove more inapplicable tests fix incorrect signature in two tests use p256 alone when generating a key remove more unused test files
| let _ = v4a::generate_signing_key( | ||
| "AKIAIOSFODNN7EXAMPLE", | ||
| "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY", |
There was a problem hiding this comment.
you need to blackbox these otherwise it can optimize away the entire function
This includes unit tests but no e2e test. I'll work on that in a separate PR, since this one is already quite busy.
Most of the 'noise' comes from the CRT sigv4a test files I added. The were added in their own commit so that it'll be easier to filter them out during review. You can ignore all files in
aws/rust-runtime/aws-sigv4/aws-sig-v4a-test-suite/.By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.