aws · gosar · May 24, 2023 · May 16, 2023 · May 16, 2023 · May 16, 2023
diff --git a/core/http-auth-spi/pom.xml b/core/http-auth-spi/pom.xml
@@ -70,6 +70,11 @@
             <artifactId>equalsverifier</artifactId>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>org.mockito</groupId>
+            <artifactId>mockito-core</artifactId>
+            <scope>test</scope>
+        </dependency>
     </dependencies>
 
     <build>

diff --git a/core/http-auth-spi/src/main/java/software/amazon/awssdk/http/auth/spi/HttpAuthOption.java b/core/http-auth-spi/src/main/java/software/amazon/awssdk/http/auth/spi/HttpAuthOption.java
@@ -81,7 +81,7 @@ interface SignerPropertyConsumer {
     }
 
     interface Builder extends SdkBuilder<Builder, HttpAuthOption> {
-        <T> Builder schemeId(String schemeId);
+        Builder schemeId(String schemeId);
 
         <T> Builder putIdentityProperty(IdentityProperty<T> key, T value);
 

diff --git a/core/http-auth-spi/src/main/java/software/amazon/awssdk/http/auth/spi/HttpAuthScheme.java b/core/http-auth-spi/src/main/java/software/amazon/awssdk/http/auth/spi/HttpAuthScheme.java
@@ -58,5 +58,5 @@ public interface HttpAuthScheme<T extends Identity> {
      * Retrieve the signer associated with this authentication scheme. This signer is guaranteed to support the identity
      * generated by the identity provider in this authentication scheme.
      */
-    HttpSigner signer();
+    HttpSigner<T> signer();
 }
diff --git a/core/http-auth-spi/src/main/java/software/amazon/awssdk/http/auth/spi/HttpSignRequest.java b/core/http-auth-spi/src/main/java/software/amazon/awssdk/http/auth/spi/HttpSignRequest.java
@@ -21,23 +21,26 @@
 import software.amazon.awssdk.annotations.ThreadSafe;
 import software.amazon.awssdk.http.SdkHttpRequest;
 import software.amazon.awssdk.http.auth.spi.internal.DefaultHttpSignRequest;
+import software.amazon.awssdk.identity.spi.Identity;
 import software.amazon.awssdk.utils.builder.SdkBuilder;
 
 /**
- * Represents a request to be signed by {@link HttpSigner}.
+ * Input parameters to sign a request using {@link HttpSigner}.
  *
- * @param <PayloadT> The type of payload of this request.
+ * @param <PayloadT> The type of payload of the request.
+ * @param <IdentityT> The type of the identity.
  */
 @SdkPublicApi
 @Immutable
 @ThreadSafe
-public interface HttpSignRequest<PayloadT> {
+public interface HttpSignRequest<PayloadT, IdentityT extends Identity> {
 
     /**
      * Get a new builder for creating a {@link HttpSignRequest}.
      */
-    static <T> Builder<T> builder(Class<T> payloadType) {
-        return new DefaultHttpSignRequest.BuilderImpl(payloadType);
+    static <PayloadT, IdentityT extends Identity> Builder<PayloadT, IdentityT> builder(Class<PayloadT> payloadType,
+                                                                                       Class<IdentityT> identityType) {
+        return new DefaultHttpSignRequest.BuilderImpl<>(payloadType);
     }
 
     /**
@@ -55,29 +58,37 @@ static <T> Builder<T> builder(Class<T> payloadType) {
      */
     Optional<PayloadT> payload();
 
+    IdentityT identity();
+
     /**
-     * Returns the property that the {@link HttpSigner} can use during signing.
+     * Returns the value of a property that the {@link HttpSigner} can use during signing.
      */
     <T> T property(SignerProperty<T> property);
 
     /**
      * A builder for a {@link HttpSignRequest}.
      */
-    interface Builder<PayloadT> extends SdkBuilder<Builder<PayloadT>, HttpSignRequest> {
+    interface Builder<PayloadT, IdentityT extends Identity>
+        extends SdkBuilder<Builder<PayloadT, IdentityT>, HttpSignRequest<PayloadT, IdentityT>> {
 
         /**
          * Set the HTTP request object, without the request body payload.
          */
-        Builder request(SdkHttpRequest request);
+        Builder<PayloadT, IdentityT> request(SdkHttpRequest request);
+
+        /**
+         * Set the body payload of the request. A payload is optional. By default, the payload will be empty.
+         */
+        Builder<PayloadT, IdentityT> payload(PayloadT payload);
 
         /**
          * Set the body payload of the request. A payload is optional. By default, the payload will be empty.
          */
-        Builder payload(PayloadT payload);
+        Builder<PayloadT, IdentityT> identity(IdentityT identity);
 
         /**
          * Set a property that the {@link HttpSigner} can use during signing.
          */
-        <T> Builder putProperty(SignerProperty<T> key, T value);
+        <T> Builder<PayloadT, IdentityT> putProperty(SignerProperty<T> key, T value);
     }
 }
diff --git a/core/http-auth-spi/src/main/java/software/amazon/awssdk/http/auth/spi/HttpSigner.java b/core/http-auth-spi/src/main/java/software/amazon/awssdk/http/auth/spi/HttpSigner.java
@@ -16,30 +16,65 @@
 package software.amazon.awssdk.http.auth.spi;
 
 import java.nio.ByteBuffer;
+import java.util.function.Consumer;
 import org.reactivestreams.Publisher;
 import software.amazon.awssdk.annotations.SdkPublicApi;
 import software.amazon.awssdk.http.ContentStreamProvider;
+import software.amazon.awssdk.http.auth.spi.internal.DefaultHttpSignRequest;
+import software.amazon.awssdk.identity.spi.Identity;
 
 /**
  * Interface for the process of modifying a request destined for a service so that the service can authenticate the SDK
- * customer’s identity
+ * customer’s identity.
+ *
+ * @param <IdentityT> The type of the identity.
  */
 @SdkPublicApi
-public interface HttpSigner {
+public interface HttpSigner<IdentityT extends Identity> {
+
+    /**
+     * Method that takes in inputs to sign a request with sync payload and returns a signed version of the request.
+     *
+     * @param request The inputs to sign a request.
+     * @return A signed version of the request.
+     */
+    SignedHttpRequest<ContentStreamProvider> sign(HttpSignRequest<ContentStreamProvider, IdentityT> request);
+
+    /**
+     * Method that takes in inputs to sign a request with sync payload and returns a signed version of the request.
+     * <p>
+     * Similar to {@link #sign(HttpSignRequest)}, but takes a lambda to configure a new {@link HttpSignRequest.Builder}. This
+     * removes the need to call {@link HttpSignRequest#builder(Class, Class)}} and {@link HttpSignRequest.Builder#build()}.
+     *
+     * @param consumer A {@link Consumer} to which an empty {@link HttpSignRequest.Builder} will be given.
+     * @return A signed version of the request.
+     */
+    default SignedHttpRequest<ContentStreamProvider> sign(
+        Consumer<HttpSignRequest.Builder<ContentStreamProvider, IdentityT>> consumer) {
+        return sign(new DefaultHttpSignRequest.BuilderImpl<ContentStreamProvider, IdentityT>(ContentStreamProvider.class)
+                        .applyMutation(consumer).build());
+    }
 
     /**
-     * Method that takes in a request and returns a signed version of the request.
+     * Method that takes in inputs to sign a request with async payload and returns a signed version of the request.
      *
-     * @param request The request to sign, with sync payload
-     * @return A signed version of the input request
+     * @param request The inputs to sign a request.
+     * @return A signed version of the request.
      */
-    SignedHttpRequest<ContentStreamProvider> sign(HttpSignRequest<? extends ContentStreamProvider> request);
+    SignedHttpRequest<Publisher<ByteBuffer>> signAsync(HttpSignRequest<Publisher<ByteBuffer>, IdentityT> request);
 
     /**
-     * Method that takes in a request and returns a signed version of the request.
+     * Method that takes in inputs to sign a request with async payload and returns a signed version of the request.
+     * <p>
+     * Similar to {@link #signAsync(HttpSignRequest)}, but takes a lambda to configure a new {@link HttpSignRequest.Builder}. This
+     * removes the need to call {@link HttpSignRequest#builder(Class, Class)}} and {@link HttpSignRequest.Builder#build()}.
      *
-     * @param request The request to sign, with async payload
-     * @return A signed version of the input request
+     * @param consumer A {@link Consumer} to which an empty {@link HttpSignRequest.Builder} will be given.
+     * @return A signed version of the request.
      */
-    SignedHttpRequest<Publisher<ByteBuffer>> signAsync(HttpSignRequest<? extends Publisher<? extends ByteBuffer>> request);
+    default SignedHttpRequest<Publisher<ByteBuffer>> signAsync(
+        Consumer<HttpSignRequest.Builder<Publisher<ByteBuffer>, IdentityT>> consumer) {
+        return signAsync(new DefaultHttpSignRequest.BuilderImpl<Publisher<ByteBuffer>, IdentityT>((Class)Publisher.class)
+                        .applyMutation(consumer).build());
+    }
 }
diff --git a/core/http-auth-spi/src/main/java/software/amazon/awssdk/http/auth/spi/SignedHttpRequest.java b/core/http-auth-spi/src/main/java/software/amazon/awssdk/http/auth/spi/SignedHttpRequest.java
@@ -26,7 +26,7 @@
 /**
  * Represents a request that has been signed by {@link HttpSigner}.
  *
- * @param <PayloadT> The type of payload of this request.
+ * @param <PayloadT> The type of payload of the request.
  */
 @SdkPublicApi
 @Immutable
@@ -37,7 +37,7 @@ public interface SignedHttpRequest<PayloadT> {
      * Get a new builder for creating a {@link SignedHttpRequest}.
      */
     static <T> Builder<T> builder(Class<T> payloadType) {
-        return new DefaultSignedHttpRequest.BuilderImpl(payloadType);
+        return new DefaultSignedHttpRequest.BuilderImpl<>(payloadType);
     }
 
     /**
@@ -58,16 +58,16 @@ static <T> Builder<T> builder(Class<T> payloadType) {
     /**
      * A builder for a {@link SignedHttpRequest}.
      */
-    interface Builder<PayloadT> extends SdkBuilder<Builder<PayloadT>, SignedHttpRequest> {
+    interface Builder<PayloadT> extends SdkBuilder<Builder<PayloadT>, SignedHttpRequest<PayloadT>> {
 
         /**
          * Set the HTTP request object, without the request body payload.
          */
-        Builder request(SdkHttpRequest request);
+        Builder<PayloadT> request(SdkHttpRequest request);
 
         /**
          * Set the body payload of the request. A payload is optional. By default, the payload will be empty.
          */
-        Builder payload(PayloadT payload);
+        Builder<PayloadT> payload(PayloadT payload);
     }
 }
diff --git a/core/http-auth-spi/src/main/java/software/amazon/awssdk/http/auth/spi/SignerProperty.java b/core/http-auth-spi/src/main/java/software/amazon/awssdk/http/auth/spi/SignerProperty.java
@@ -24,7 +24,7 @@
 
 /**
  * A strongly-typed property for input to an {@link HttpSigner}.
- * @param <T> The type of the attribute.
+ * @param <T> The type of the property.
  */
 @SdkPublicApi
 @Immutable

diff --git a/...pi/src/main/java/software/amazon/awssdk/http/auth/spi/internal/DefaultHttpAuthOption.java b/...pi/src/main/java/software/amazon/awssdk/http/auth/spi/internal/DefaultHttpAuthOption.java
@@ -83,7 +83,7 @@ public static final class BuilderImpl implements Builder {
         private final Map<SignerProperty<?>, Object> signerProperties = new HashMap<>();
 
         @Override
-        public <T> Builder schemeId(String schemeId) {
+        public Builder schemeId(String schemeId) {
             this.schemeId = schemeId;
             return this;
         }

diff --git a/...i/src/main/java/software/amazon/awssdk/http/auth/spi/internal/DefaultHttpSignRequest.java b/...i/src/main/java/software/amazon/awssdk/http/auth/spi/internal/DefaultHttpSignRequest.java
@@ -22,21 +22,24 @@
 import software.amazon.awssdk.http.SdkHttpRequest;
 import software.amazon.awssdk.http.auth.spi.HttpSignRequest;
 import software.amazon.awssdk.http.auth.spi.SignerProperty;
+import software.amazon.awssdk.identity.spi.Identity;
 import software.amazon.awssdk.utils.ToString;
 import software.amazon.awssdk.utils.Validate;
 
 @SdkInternalApi
-public final class DefaultHttpSignRequest<PayloadT> implements HttpSignRequest<PayloadT> {
+public final class DefaultHttpSignRequest<PayloadT, IdentityT extends Identity> implements HttpSignRequest<PayloadT, IdentityT> {
 
     private final Class<PayloadT> payloadType;
     private final SdkHttpRequest request;
     private final PayloadT payload;
+    private final IdentityT identity;
     private final Map<SignerProperty<?>, Object> properties;
 
-    DefaultHttpSignRequest(BuilderImpl<PayloadT>  builder) {
+    DefaultHttpSignRequest(BuilderImpl<PayloadT, IdentityT>  builder) {
         this.payloadType = Validate.paramNotNull(builder.payloadType, "payloadType");
         this.request = Validate.paramNotNull(builder.request, "request");
         this.payload = builder.payload;
+        this.identity = Validate.paramNotNull(builder.identity, "identity");
         this.properties = new HashMap<>(builder.properties);
     }
 
@@ -51,10 +54,15 @@ public SdkHttpRequest request() {
     }
 
     @Override
-    public Optional payload() {
+    public Optional<PayloadT> payload() {
         return payload == null ? Optional.empty() : Optional.of(payload);
     }
 
+    @Override
+    public IdentityT identity() {
+        return identity;
+    }
+
     @Override
     public <T> T property(SignerProperty<T> property) {
         return (T) properties.get(property);
@@ -70,37 +78,44 @@ public String toString() {
     }
 
 
-    public static final class BuilderImpl<PayloadT> implements Builder<PayloadT> {
+    public static final class BuilderImpl<PayloadT, IdentityT extends Identity> implements Builder<PayloadT, IdentityT> {
         private final Class<PayloadT> payloadType;
         private SdkHttpRequest request;
         private PayloadT payload;
+        private IdentityT identity;
         private final Map<SignerProperty<?>, Object> properties = new HashMap<>();
 
         public BuilderImpl(Class<PayloadT> payloadType) {
             this.payloadType = payloadType;
         }
 
         @Override
-        public Builder request(SdkHttpRequest request) {
+        public Builder<PayloadT, IdentityT> request(SdkHttpRequest request) {
             this.request = request;
             return this;
         }
 
         @Override
-        public Builder payload(PayloadT payload) {
+        public Builder<PayloadT, IdentityT> payload(PayloadT payload) {
             this.payload = payload;
             return this;
         }
 
         @Override
-        public <T> Builder putProperty(SignerProperty<T> key, T value) {
+        public Builder<PayloadT, IdentityT> identity(IdentityT identity) {
+            this.identity = identity;
+            return this;
+        }
+
+        @Override
+        public <T> Builder<PayloadT, IdentityT> putProperty(SignerProperty<T> key, T value) {
             this.properties.put(key, value);
             return this;
         }
 
         @Override
-        public HttpSignRequest build() {
-            return new DefaultHttpSignRequest(this);
+        public HttpSignRequest<PayloadT, IdentityT> build() {
+            return new DefaultHttpSignRequest<>(this);
         }
     }
 }
diff --git a/...src/main/java/software/amazon/awssdk/http/auth/spi/internal/DefaultSignedHttpRequest.java b/...src/main/java/software/amazon/awssdk/http/auth/spi/internal/DefaultSignedHttpRequest.java
@@ -46,7 +46,7 @@ public SdkHttpRequest request() {
     }
 
     @Override
-    public Optional payload() {
+    public Optional<PayloadT> payload() {
         return payload == null ? Optional.empty() : Optional.of(payload);
     }
 
@@ -68,20 +68,20 @@ public BuilderImpl(Class<PayloadT> payloadType) {
         }
 
         @Override
-        public Builder request(SdkHttpRequest request) {
+        public Builder<PayloadT> request(SdkHttpRequest request) {
             this.request = request;
             return this;
         }
 
         @Override
-        public Builder payload(PayloadT payload) {
+        public Builder<PayloadT> payload(PayloadT payload) {
             this.payload = payload;
             return this;
         }
 
         @Override
-        public SignedHttpRequest build() {
-            return new DefaultSignedHttpRequest(this);
+        public SignedHttpRequest<PayloadT> build() {
+            return new DefaultSignedHttpRequest<>(this);
         }
     }
 }