Merge remote-tracking branch 'origin/smithy-rs-release-1.x.y' into merge-smithy-rs-release-1.x.y-to-main

Author: ysaito1001

CHANGELOG.md

@@ -1,4 +1,10 @@
 <!-- Do not manually edit this file. Use the `changelogger` tool. -->
+December 1st, 2023
+==================
+**New this release:**
+- (client, [smithy-rs#3278](https://github.com/smithy-lang/smithy-rs/issues/3278)) `RuntimeComponentsBuilder::push_identity_resolver` is now deprecated since it does not replace the existing identity resolver of a given auth scheme ID. Use `RuntimeComponentsBuilder::set_identity_resolver` instead.
+
+
 November 27th, 2023
 ===================
 **New this release:**

aws/SDK_CHANGELOG.next.json

@@ -6,159 +6,90 @@
   "smithy-rs": [],
   "aws-sdk-rust": [
     {
-      "message": "Add configurable stalled-stream protection for downloads.\n\nWhen making HTTP calls,\nit's possible for a connection to 'stall out' and emit no more data due to server-side issues.\nIn the event this happens, it's desirable for the stream to error out as quickly as possible.\nWhile timeouts can protect you from this issue, they aren't adaptive to the amount of data\nbeing sent and so must be configured specifically for each use case. When enabled, stalled-stream\nprotection will ensure that bad streams error out quickly, regardless of the amount of data being\ndownloaded.\n\nProtection is enabled by default for all clients but can be configured or disabled.\nSee [this discussion](https://github.com/awslabs/aws-sdk-rust/discussions/956) for more details.\n",
-      "meta": {
-        "bug": false,
-        "breaking": true,
-        "tada": true
-      },
-      "author": "Velfi",
-      "references": [
-        "smithy-rs#3202"
-      ],
-      "since-commit": "f66f9246bccc376462ef47aec5707569fca214f5",
-      "age": 5
-    },
-    {
-      "message": "Make certain types for EMR Serverless optional. Previously, they defaulted to 0, but this created invalid requests.",
+      "message": "Make properties of S3Control PublicAccessBlockConfiguration optional. Previously, they defaulted to false, but this created invalid requests.",
       "meta": {
         "bug": true,
         "breaking": true,
         "tada": false
       },
       "author": "milesziemer",
       "references": [
-        "smithy-rs#3217"
+        "smithy-rs#3246"
       ],
-      "since-commit": "f66f9246bccc376462ef47aec5707569fca214f5",
+      "since-commit": "e155c3048b9989fe406ef575d461ea01dfaf294c",
       "age": 5
     },
     {
-      "message": "Prevent multiplication overflow in backoff computation",
+      "message": "Allow `--` to be used in bucket names for S3",
       "meta": {
         "bug": true,
         "breaking": false,
         "tada": false
       },
       "author": "rcoh",
       "references": [
-        "smithy-rs#3229",
-        "aws-sdk-rust#960"
-      ],
-      "since-commit": "f66f9246bccc376462ef47aec5707569fca214f5",
-      "age": 5
-    },
-    {
-      "message": "Make some types for various services optional. Previously, they defaulted to 0, but this created invalid requests.",
-      "meta": {
-        "bug": true,
-        "breaking": true,
-        "tada": false
-      },
-      "author": "milesziemer",
-      "references": [
-        "smithy-rs#3228"
-      ],
-      "since-commit": "f66f9246bccc376462ef47aec5707569fca214f5",
-      "age": 5
-    },
-    {
-      "message": "Types/functions that were deprecated in previous releases were removed. Unfortunately, some of these deprecations\nwere ignored by the Rust compiler (we found out later that `#[deprecated]` on `pub use` doesn't work). See\nthe [deprecations removal list](https://github.com/smithy-lang/smithy-rs/discussions/3223) for more details.\n",
-      "meta": {
-        "bug": false,
-        "breaking": true,
-        "tada": false
-      },
-      "author": "jdisanti",
-      "references": [
-        "smithy-rs#3222"
-      ],
-      "since-commit": "f66f9246bccc376462ef47aec5707569fca214f5",
-      "age": 5
-    },
-    {
-      "message": "Add `Display` impl for `DateTime`.",
-      "meta": {
-        "bug": false,
-        "breaking": false,
-        "tada": true
-      },
-      "author": "HakanVardarr",
-      "references": [
-        "smithy-rs#3183"
+        "smithy-rs#3253"
       ],
-      "since-commit": "f66f9246bccc376462ef47aec5707569fca214f5",
-      "age": 5
+      "since-commit": "48e3c95a3f10eebd5a637f8e7670c4232cdabbe4",
+      "age": 4
     },
     {
-      "message": "Types/functions that were previously `#[doc(hidden)]` in `aws-config`, `aws-inlineable`, `aws-types`, and the SDK crates are now visible. For those that are not intended to be used directly, they are called out in their docs as such.",
+      "message": "Retry additional classes of H2 errors (H2 GoAway & H2 ResetStream)",
       "meta": {
         "bug": false,
         "breaking": false,
         "tada": false
       },
-      "author": "ysaito1001",
+      "author": "rcoh",
       "references": [
-        "smithy-rs#3226"
+        "aws-sdk-rust#738",
+        "aws-sdk-rust#858"
       ],
-      "since-commit": "f66f9246bccc376462ef47aec5707569fca214f5",
-      "age": 5
+      "since-commit": "88970ba88ef45266aade152c7c1da8e90b24c0d7",
+      "age": 2
     },
     {
-      "message": "Make properties of S3Control PublicAccessBlockConfiguration optional. Previously, they defaulted to false, but this created invalid requests.",
+      "message": "Make some properties for IoT types optional. Previously, they defaulted to false, but that isn't how the service actual works.",
       "meta": {
         "bug": true,
         "breaking": true,
         "tada": false
       },
       "author": "milesziemer",
       "references": [
-        "smithy-rs#3246"
+        "smithy-rs#3256"
       ],
-      "since-commit": "e155c3048b9989fe406ef575d461ea01dfaf294c",
-      "age": 4
+      "since-commit": "88970ba88ef45266aade152c7c1da8e90b24c0d7",
+      "age": 2
     },
     {
-      "message": "Allow `--` to be used in bucket names for S3",
+      "message": "Fix `config::Builder::set_credentials_provider` to override a credentials provider previously set.",
       "meta": {
         "bug": true,
         "breaking": false,
         "tada": false
       },
-      "author": "rcoh",
+      "author": "ysaito1001",
       "references": [
-        "smithy-rs#3253"
+        "aws-sdk-rust#973",
+        "smithy-rs#3278"
       ],
-      "since-commit": "48e3c95a3f10eebd5a637f8e7670c4232cdabbe4",
-      "age": 3
+      "since-commit": "529b3f03e2b945ea2e5e879183ccfd8e74b7377c",
+      "age": 1
     },
     {
-      "message": "Retry additional classes of H2 errors (H2 GoAway & H2 ResetStream)",
+      "message": "`config::Config::credentials_provider` has been broken since `release-2023-11-15` and is now marked as `deprecated` explicitly.",
       "meta": {
         "bug": false,
         "breaking": false,
         "tada": false
       },
-      "author": "rcoh",
-      "references": [
-        "aws-sdk-rust#738",
-        "aws-sdk-rust#858"
-      ],
-      "since-commit": "88970ba88ef45266aade152c7c1da8e90b24c0d7",
-      "age": 1
-    },
-    {
-      "message": "Make some properties for IoT types optional. Previously, they defaulted to false, but that isn't how the service actual works.",
-      "meta": {
-        "bug": true,
-        "breaking": true,
-        "tada": false
-      },
-      "author": "milesziemer",
+      "author": "ysaito1001",
       "references": [
-        "smithy-rs#3256"
+        "smithy-rs#3251",
+        "smithy-rs#3278"
       ],
-      "since-commit": "88970ba88ef45266aade152c7c1da8e90b24c0d7",
+      "since-commit": "529b3f03e2b945ea2e5e879183ccfd8e74b7377c",
       "age": 1
     }
   ],

aws/sdk-codegen/src/main/kotlin/software/amazon/smithy/rustsdk/AwsCargoDependency.kt

@@ -10,7 +10,7 @@ import software.amazon.smithy.rust.codegen.core.smithy.RuntimeConfig
 import software.amazon.smithy.rust.codegen.core.smithy.crateLocation
 
 fun RuntimeConfig.awsRuntimeCrate(name: String, features: Set<String> = setOf()): CargoDependency =
-    CargoDependency(name, awsRoot().crateLocation(null), features = features)
+    CargoDependency(name, awsRoot().crateLocation(name), features = features)
 
 object AwsCargoDependency {
     fun awsConfig(runtimeConfig: RuntimeConfig) = runtimeConfig.awsRuntimeCrate("aws-config")

aws/sdk-codegen/src/main/kotlin/software/amazon/smithy/rustsdk/CredentialProviders.kt

@@ -81,9 +81,10 @@ class CredentialProviderConfig(private val codegenContext: ClientCodegenContext)
             ServiceConfig.ConfigImpl -> {
                 rustTemplate(
                     """
-                    /// Returns the credentials provider for this service
+                    /// This function was intended to be removed, and has been broken since release-2023-11-15 as it always returns a `None`. Do not use.
+                    ##[deprecated(note = "This function was intended to be removed, and has been broken since release-2023-11-15 as it always returns a `None`. Do not use.")]
                     pub fn credentials_provider(&self) -> Option<#{SharedCredentialsProvider}> {
-                        self.config.load::<#{SharedCredentialsProvider}>().cloned()
+                        #{None}
                     }
                     """,
                     *codegenScope,
@@ -118,13 +119,13 @@ class CredentialProviderConfig(private val codegenContext: ClientCodegenContext)
                         if (codegenContext.serviceShape.supportedAuthSchemes().contains("sigv4a")) {
                             featureGateBlock("sigv4a") {
                                 rustTemplate(
-                                    "self.runtime_components.push_identity_resolver(#{SIGV4A_SCHEME_ID}, credentials_provider.clone());",
+                                    "self.runtime_components.set_identity_resolver(#{SIGV4A_SCHEME_ID}, credentials_provider.clone());",
                                     *codegenScope,
                                 )
                             }
                         }
                         rustTemplate(
-                            "self.runtime_components.push_identity_resolver(#{SIGV4_SCHEME_ID}, credentials_provider);",
+                            "self.runtime_components.set_identity_resolver(#{SIGV4_SCHEME_ID}, credentials_provider);",
                             *codegenScope,
                         )
                     }

aws/sdk-codegen/src/test/kotlin/software/amazon/smithy/rustsdk/CredentialProviderConfigTest.kt

@@ -30,7 +30,7 @@ internal class CredentialProviderConfigTest {
                     val moduleName = ctx.moduleUseName()
                     rustTemplate(
                         """
-                        let (http_client, _rx) = #{capture_request}(None);
+                        let (http_client, _rx) = #{capture_request}(#{None});
                         let client_config = $moduleName::Config::builder()
                             .http_client(http_client)
                             .build();
@@ -62,4 +62,71 @@ internal class CredentialProviderConfigTest {
             }
         }
     }
+
+    @Test
+    fun `configuring credentials provider on builder should replace what was previously set`() {
+        awsSdkIntegrationTest(SdkCodegenIntegrationTest.model) { ctx, rustCrate ->
+            val rc = ctx.runtimeConfig
+            val codegenScope = arrayOf(
+                *RuntimeType.preludeScope,
+                "capture_request" to RuntimeType.captureRequest(rc),
+                "Credentials" to AwsRuntimeType.awsCredentialTypesTestUtil(rc)
+                    .resolve("Credentials"),
+                "Region" to AwsRuntimeType.awsTypes(rc).resolve("region::Region"),
+                "SdkConfig" to AwsRuntimeType.awsTypes(rc).resolve("sdk_config::SdkConfig"),
+                "SharedCredentialsProvider" to AwsRuntimeType.awsCredentialTypes(rc)
+                    .resolve("provider::SharedCredentialsProvider"),
+            )
+            rustCrate.integrationTest("credentials_provider") {
+                // per https://github.com/awslabs/aws-sdk-rust/issues/973
+                tokioTest("configuring_credentials_provider_on_builder_should_replace_what_was_previously_set") {
+                    val moduleName = ctx.moduleUseName()
+                    rustTemplate(
+                        """
+                        let (http_client, rx) = #{capture_request}(#{None});
+
+                        let replace_me = #{Credentials}::new(
+                            "replace_me",
+                            "replace_me",
+                            #{None},
+                            #{None},
+                            "replace_me",
+                        );
+                        let sdk_config = #{SdkConfig}::builder()
+                            .credentials_provider(
+                                #{SharedCredentialsProvider}::new(replace_me),
+                            )
+                            .region(#{Region}::new("us-west-2"))
+                            .build();
+
+                        let expected = #{Credentials}::new(
+                            "expected_credential",
+                            "expected_credential",
+                            #{None},
+                            #{None},
+                            "expected_credential",
+                        );
+                        let conf = $moduleName::config::Builder::from(&sdk_config)
+                            .http_client(http_client)
+                            .credentials_provider(expected)
+                            .build();
+
+                        let client = $moduleName::Client::from_conf(conf);
+
+                        let _ = client
+                            .some_operation()
+                            .send()
+                            .await
+                            .expect("success");
+
+                        let req = rx.expect_request();
+                        let auth_header = req.headers().get("AUTHORIZATION").unwrap();
+                        assert!(auth_header.contains("expected_credential"), "{auth_header}");
+                        """,
+                        *codegenScope,
+                    )
+                }
+            }
+        }
+    }
 }

aws/sdk/integration-tests/kms/tests/integration.rs

@@ -52,7 +52,7 @@ async fn generate_random() {
             .header("content-type", "application/x-amz-json-1.1")
             .header("x-amz-target", "TrentService.GenerateRandom")
             .header("content-length", "20")
-            .header("authorization", "AWS4-HMAC-SHA256 Credential=ANOTREAL/20090213/us-east-1/kms/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date;x-amz-security-token;x-amz-target;x-amz-user-agent, Signature=703f72fe50c310e3ee1a7a106df947b980cb91bc8bad7a4a603b057096603aed")
+            .header("authorization", "AWS4-HMAC-SHA256 Credential=ANOTREAL/20090213/us-east-1/kms/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date;x-amz-target;x-amz-user-agent, Signature=53dcf70f6f852cb576185dcabef5aaa3d068704cf1b7ea7dc644efeaa46674d7")
             .header("x-amz-date", "20090213T233130Z")
             .header("user-agent", "aws-sdk-rust/0.123.test os/windows/XPSP3 lang/rust/1.50.0")
             .header("x-amz-user-agent", "aws-sdk-rust/0.123.test api/test-service/0.123 os/windows/XPSP3 lang/rust/1.50.0")

aws/sdk/integration-tests/qldbsession/tests/integration.rs

@@ -20,7 +20,7 @@ async fn signv4_use_correct_service_name() {
             .header("content-type", "application/x-amz-json-1.0")
             .header("x-amz-target", "QLDBSession.SendCommand")
             .header("content-length", "49")
-            .header("authorization", "AWS4-HMAC-SHA256 Credential=ANOTREAL/20090213/us-east-1/qldb/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date;x-amz-security-token;x-amz-target;x-amz-user-agent, Signature=e8d50282fa369adf05f33a5b32e3ce2a7582edc902312c59de311001a97426d9")
+            .header("authorization", "AWS4-HMAC-SHA256 Credential=ANOTREAL/20090213/us-east-1/qldb/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date;x-amz-target;x-amz-user-agent, Signature=9a07c60550504d015fb9a2b0f1b175a4d906651f9dd4ee44bebb32a802d03815")
             // qldbsession uses the signing name 'qldb' in signature _________________________^^^^
             .header("x-amz-date", "20090213T233130Z")
             .header("user-agent", "aws-sdk-rust/0.123.test os/windows/XPSP3 lang/rust/1.50.0")

aws/sdk/integration-tests/s3/tests/naughty-string-metadata.rs

@@ -88,7 +88,7 @@ async fn test_s3_signer_with_naughty_string_metadata() {
 
     // This is a snapshot test taken from a known working test result
     let snapshot_signature =
-        "Signature=733dba2f1ca3c9a39f4eef3a6750a71eff00297cd765408ad3cef5dcdc44d642";
+        "Signature=a5115604df66219874a9e5a8eab4c9f7a28c992ab2d918037a285756c019f3b2";
     assert!(
         auth_header .contains(snapshot_signature),
         "authorization header signature did not match expected signature: got {}, expected it to contain {}",

aws/sdk/integration-tests/s3/tests/normalize-uri-path.rs

@@ -41,7 +41,7 @@ async fn test_operation_should_not_normalize_uri_path() {
     let expected_uri = "https://test-bucket-ad7c9f01-7f7b-4669-b550-75cc6d4df0f1.s3.us-east-1.amazonaws.com/a/.././b.txt?x-id=PutObject";
     assert_eq!(actual_uri, expected_uri);
 
-    let expected_sig = "Signature=404fb9502378c8f46fb83544848c42d29d55610a14b4bed9577542e49e549d08";
+    let expected_sig = "Signature=2ac540538c84dc2616d92fb51d4fc6146ccd9ccc1ee85f518a1a686c5ef97b86";
     assert!(
         actual_auth.contains(expected_sig),
         "authorization header signature did not match expected signature: expected {} but not found in {}",

aws/sdk/integration-tests/s3/tests/query-strings-are-correctly-encoded.rs

@@ -45,7 +45,7 @@ async fn test_s3_signer_query_string_with_all_valid_chars() {
 
     // This is a snapshot test taken from a known working test result
     let snapshot_signature =
-        "Signature=740feb1de3968a643e68fb1a17c415d98dd6a1cc28782fb1ef6157586548c747";
+        "Signature=9a931d20606f93fa4e5553602866a9b5ccac2cd42b54ae5a4b17e4614fb443ce";
     assert!(
         auth_header
             .contains(snapshot_signature),