Skip to content

Add main auth scheme interfaces #3999

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
May 16, 2023
Merged

Add main auth scheme interfaces #3999

merged 3 commits into from
May 16, 2023

Conversation

gosar
Copy link
Contributor

@gosar gosar commented May 11, 2023
edited
Loading

Motivation and Context

As part of Smithy Reference Architecture, we are defining new Identity and Auth components. It introduces auth scheme and auth scheme resolution. This changes adds some of the auth scheme interfaces.

Modifications

Adding the main auth scheme interfaces here. Specific auth scheme interfaces like AwsV4HttpAuthScheme will be added in separate PR, after the corresponding signer interfaces are merged in #3997.

Note, I think the names may be subject to change as there are offline discussions happening on those. But I'd rather get these current names in and continue working on subsequent changes, and rename later, if needed.

Testing

./mvnw clean install -pl :http-auth-spi successful locally.

Screenshots (if appropriate)

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)

Checklist

  • I have read the CONTRIBUTING document
  • Local run of mvn install succeeds
  • My code follows the code style of this project
  • My change requires a change to the Javadoc documentation
  • I have updated the Javadoc documentation accordingly
  • I have added tests to cover my changes
  • All new and existing tests passed
  • I have added a changelog entry. Adding a new entry must be accomplished by running the scripts/new-change script and following the instructions. Commit the new file created by the script in .changes/next-release with your changes.
  • My change is to implement 1.11 parity feature and I have updated LaunchChangelog

License

  • I confirm that this pull request can be released under the Apache 2 license

@gosar gosar requested a review from a team as a code owner May 11, 2023 21:50
@gosar gosar requested a review from cenedhryn May 11, 2023 21:52
gosar
gosar commented May 11, 2023
View reviewed changes
core/http-auth-spi/src/main/java/software/amazon/awssdk/http/auth/spi/HttpAuthOption.java Outdated
Comment on lines 68 to 81
/**
* Interface for operating on an {@link IdentityProperty} value.
*/
@FunctionalInterface
interface IdentityPropertyConsumer<T> extends BiConsumer<IdentityProperty<T>, T> {
}

/**
* Interface for operating on an {@link SignerProperty} value.
*/
@FunctionalInterface
interface SignerPropertyConsumer {
<T> void accept(SignerProperty<T> propertyKey, T propertyValue);
}
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For the Consumers I did 2 different options. The Signer is as defined in the design doc. But using the BiConsumer seems to simplify the implementation - see DefaultHttpAuthOption. Do you think we should go the BiConsumer route?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes. I can't think of a downside, and it's less verbose.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, so building on command line didn't show any warnings, but IntelliJ shows me these warnings.

    void forEachIdentityProperty(IdentityPropertyConsumer consumer);

-> Raw use of parameterized class 'IdentityPropertyConsumer'

and

        identityProperties.forEach(consumer);

-> Unchecked assignment: 'software.amazon.awssdk.http.auth.spi.HttpAuthOption.IdentityPropertyConsumer' to 'java.util.function.BiConsumer<? super software.amazon.awssdk.identity.spi.IdentityProperty<?>,? super java.lang.Object>'

If I try to fix these, by adding type parameter <T> to forEachIdentityProperty:

    <T> void forEachIdentityProperty(IdentityPropertyConsumer<T> consumer);

I'm left with compiler error on

        identityProperties.forEach(consumer);

-> 'forEach(java.util.function.BiConsumer<? super software.amazon.awssdk.identity.spi.IdentityProperty<?>,? super java.lang.Object>)' in 'java.util.Map' cannot be applied to '(software.amazon.awssdk.http.auth.spi.HttpAuthOption.IdentityPropertyConsumer<T>)'

Even if I go with the other approach, like in SignerPropertyConsumer, the forEachSignerProperty() implementation as a cast with warning

            SignerProperty<T> property = (SignerProperty<T>) p;

-> Unchecked cast: 'software.amazon.awssdk.http.auth.spi.SignerProperty<capture<?>>' to 'software.amazon.awssdk.http.auth.spi.SignerProperty<T>'

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With ^, I started initially to think the Raw use of parameterized class 'IdentityPropertyConsumer' warning is ok to live with. But then realized that with this

    interface IdentityPropertyConsumer<T> extends BiConsumer<IdentityProperty<T>, T> {
    }

when instantiating the consumer would be tied to a specific type which may not be good. I feel I'm unsure what is better, until I try to write a real consumer.

Copy link
Contributor Author

@gosar gosar May 15, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm removing the <T> from IdentityPropertyConsumer<T> to not make the consumer tied to a type. This makes the interfaces match the original in the design doc.

...h-spi/src/main/java/software/amazon/awssdk/http/auth/spi/internal/DefaultHttpAuthOption.java
Comment on lines +61 to +64
for (SignerProperty<?> p : signerProperties.keySet()) {
SignerProperty<T> property = (SignerProperty<T>) p;
consumer.accept(property, this.signerProperty(property));
}
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe there is a better way to do this.

@sonarqubecloud
Copy link

SonarCloud Quality Gate failed.    Quality Gate failed

Bug C 3 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 79 Code Smells

46.6% 46.6% Coverage
3.3% 3.3% Duplication

@gosar gosar merged commit 64d5212 into feature/master/sra-identity-auth May 16, 2023
@gosar gosar deleted the gosar/sra-ia-scheme-interfaces branch May 16, 2023 00:05
@gosar gosar mentioned this pull request Sep 12, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cenedhryn cenedhryn cenedhryn approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gosar @cenedhryn