feat: support @httpApiKeyAuth trait

This adds codegen support for services and operations that use the
@httpApiKeyAuth trait.

The generated client will have a new `apiKey` config attribute. This
value will be injected into the header that's specified in the trait
by new middleware that's included in the codegen client.

Author: glb

smithy-typescript-codegen/src/main/java/software/amazon/smithy/typescript/codegen/integration/AddHttpApiKeyAuthPlugin.java

@@ -0,0 +1,178 @@
+/*
+ * Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License").
+ * You may not use this file except in compliance with the License.
+ * A copy of the License is located at
+ *
+ *  http://aws.amazon.com/apache2.0
+ *
+ * or in the "license" file accompanying this file. This file is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+
+package software.amazon.smithy.typescript.codegen.integration;
+
+import java.nio.file.Paths;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Set;
+import java.util.function.BiConsumer;
+import java.util.function.Consumer;
+import software.amazon.smithy.codegen.core.Symbol;
+import software.amazon.smithy.codegen.core.SymbolProvider;
+import software.amazon.smithy.model.Model;
+import software.amazon.smithy.model.knowledge.TopDownIndex;
+import software.amazon.smithy.model.shapes.OperationShape;
+import software.amazon.smithy.model.shapes.ServiceShape;
+import software.amazon.smithy.model.traits.HttpApiKeyAuthTrait;
+import software.amazon.smithy.model.traits.OptionalAuthTrait;
+import software.amazon.smithy.typescript.codegen.CodegenUtils;
+import software.amazon.smithy.typescript.codegen.TypeScriptSettings;
+import software.amazon.smithy.typescript.codegen.TypeScriptWriter;
+import software.amazon.smithy.utils.IoUtils;
+import software.amazon.smithy.utils.ListUtils;
+import software.amazon.smithy.utils.SmithyInternalApi;
+
+/**
+ * Add config and middleware to support a service with the @httpApiKeyAuth trait.
+ */
+@SmithyInternalApi
+public final class AddHttpApiKeyAuthPlugin implements TypeScriptIntegration {
+
+    /**
+     * Plug into code generation for the client.
+     *
+     * This adds the configuration items to the client config and plugs in the
+     * middleware to operations that need it.
+     *
+     * The middleware will inject the client's configured API key into the
+     * request as defined by the @httpApiKeyAuth trait. If the trait says to
+     * put the API key into a named header, that header will be used, optionally
+     * prefixed with a scheme. If the trait says to put the API key into a named
+     * query parameter, that query parameter will be used.
+     */
+    @Override
+    public List<RuntimeClientPlugin> getClientPlugins() {
+        return ListUtils.of(
+            // Add the config if the service uses HTTP API key authorization
+            RuntimeClientPlugin.builder()
+                .inputConfig(Symbol.builder().namespace(
+                    "./" + CodegenUtils.SOURCE_FOLDER + "/middleware/HttpApiKeyAuth", "/"
+                ).name("HttpApiKeyAuthInputConfig").build())
+                .resolvedConfig(Symbol.builder().namespace(
+                    "./" + CodegenUtils.SOURCE_FOLDER + "/middleware/HttpApiKeyAuth", "/"
+                ).name("HttpApiKeyAuthResolvedConfig").build())
+                .resolveFunction(Symbol.builder().namespace(
+                    "./" + CodegenUtils.SOURCE_FOLDER + "/middleware/HttpApiKeyAuth", "/"
+                ).name("resolveHttpApiKeyAuthConfig").build())
+                .servicePredicate((m, s) -> hasHttpApiKeyAuthTrait(s) && !areAllOptionalAuthOperations(m, s))
+                .build(),
+
+            // Add the middleware to operations that use HTTP API key authorization
+            RuntimeClientPlugin.builder()
+                .pluginFunction(Symbol.builder()
+                    .namespace("./" + CodegenUtils.SOURCE_FOLDER + "/middleware/HttpApiKeyAuth", "/")
+                    .name("getHttpApiKeyAuthPlugin")
+                    .build())
+                .additionalPluginFunctionParamsSupplier((m, s, o) -> new HashMap<String, Object>() {{
+                    // It's safe to do getTrait().get() because the operation predicate ensures that the trait exists
+                    // `in` and `name` are required attributes of the trait, `scheme` is optional
+                    put("in", s.getTrait(HttpApiKeyAuthTrait.class).get().getIn().toString());
+                    put("name", s.getTrait(HttpApiKeyAuthTrait.class).get().getName());
+                    put("scheme", s.getTrait(HttpApiKeyAuthTrait.class).get().getScheme().orElse(null));
+                }})
+                .operationPredicate((m, s, o) -> hasHttpApiKeyAuthTrait(s)
+                                                    && !operationUsesOptionalAuth(m, s, o))
+                .build()
+        );
+    }
+
+    @Override
+    public void writeAdditionalFiles(
+        TypeScriptSettings settings,
+        Model model,
+        SymbolProvider symbolProvider,
+        BiConsumer<String, Consumer<TypeScriptWriter>> writerFactory
+    ) {
+        ServiceShape service = settings.getService(model);
+
+        // If the service doesn't use HTTP API keys, we don't need to do anything and the generated
+        // code doesn't need any additional files.
+        if (!hasHttpApiKeyAuthTrait(service) || areAllOptionalAuthOperations(model, service)) {
+            return;
+        }
+
+        String noTouchNoticePrefix = "// Please do not touch this file. It's generated from a template in:\n"
+                + "// https://github.com/awslabs/smithy-typescript/blob/main/smithy-typescript-codegen/"
+                + "src/main/resources/software/amazon/smithy/aws/typescript/codegen/integration/";
+
+        // write the middleware source
+        writerFactory.accept(
+            Paths.get(CodegenUtils.SOURCE_FOLDER, "middleware", "HttpApiKeyAuth", "index.ts").toString(),
+            writer -> {
+                String source = IoUtils.readUtf8Resource(getClass(), "http-api-key-auth.ts");
+                writer.write("$L$L", noTouchNoticePrefix, "http-api-key-auth.ts");
+                writer.write("$L", source);
+            });
+
+        // write the middleware tests
+        writerFactory.accept(
+            Paths.get(CodegenUtils.SOURCE_FOLDER, "middleware", "HttpApiKeyAuth", "index.spec.ts").toString(),
+            writer -> {
+                String source = IoUtils.readUtf8Resource(getClass(), "http-api-key-auth.spec.ts");
+                writer.write("$L$L", noTouchNoticePrefix, "http-api-key-auth.spec.ts");
+                writer.write("$L", source);
+            });
+    }
+
+    /**
+     * Check if the service has the @httpApiKeyAuth trait.
+     *
+     * @param service the service shape
+     *
+     * @return true if the service has the @httpApiKeyAuth trait
+     */
+    private static boolean hasHttpApiKeyAuthTrait(ServiceShape service) {
+        return service.hasTrait(HttpApiKeyAuthTrait.class);
+    }
+
+    // derived from https://github.com/aws/aws-sdk-js-v3/blob/main/codegen/smithy-aws-typescript-codegen/src/main/java/software/amazon/smithy/aws/typescript/codegen/AddAwsAuthPlugin.java
+    private static boolean areAllOptionalAuthOperations(Model model, ServiceShape service) {
+        TopDownIndex topDownIndex = TopDownIndex.of(model);
+        Set<OperationShape> operations = topDownIndex.getContainedOperations(service);
+        for (OperationShape operation : operations) {
+            if (!operationUsesOptionalAuth(model, service, operation)) {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    // derived from https://github.com/aws/aws-sdk-js-v3/blob/main/codegen/smithy-aws-typescript-codegen/src/main/java/software/amazon/smithy/aws/typescript/codegen/AddAwsAuthPlugin.java
+    private static boolean hasOptionalAuthOperation(Model model, ServiceShape service) {
+        TopDownIndex topDownIndex = TopDownIndex.of(model);
+        Set<OperationShape> operations = topDownIndex.getContainedOperations(service);
+        for (OperationShape operation : operations) {
+            if (operationUsesOptionalAuth(model, service, operation)) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * Check if the operation has @optionalAuth, implying it doesn't need the middleware.
+     *
+     * @param model the model
+     * @param service the service shape
+     * @param operation the operation shape
+     *
+     * @return true if the operation has the @optionalAuth trait
+     */
+    private static boolean operationUsesOptionalAuth(Model model, ServiceShape service, OperationShape operation) {
+        return operation.hasTrait(OptionalAuthTrait.class);
+    }
+}

smithy-typescript-codegen/src/main/resources/META-INF/services/software.amazon.smithy.typescript.codegen.integration.TypeScriptIntegration

@@ -1,2 +1,3 @@
 software.amazon.smithy.typescript.codegen.integration.AddEventStreamDependency
-software.amazon.smithy.typescript.codegen.integration.AddChecksumRequiredDependency
+software.amazon.smithy.typescript.codegen.integration.AddChecksumRequiredDependency
+software.amazon.smithy.typescript.codegen.integration.AddHttpApiKeyAuthPlugin

smithy-typescript-codegen/src/main/resources/software/amazon/smithy/typescript/codegen/integration/http-api-key-auth.spec.ts

@@ -0,0 +1,171 @@
+import {
+  getHttpApiKeyAuthPlugin,
+  httpApiKeyAuthMiddleware,
+  resolveHttpApiKeyAuthConfig,
+} from "./index";
+import { HttpRequest } from "@aws-sdk/protocol-http";
+
+describe("resolveHttpApiKeyAuthConfig", () => {
+  it("should return the input unchanged", () => {
+    const config = {
+      apiKey: "exampleApiKey",
+    };
+    expect(resolveHttpApiKeyAuthConfig(config)).toEqual(config);
+  });
+});
+
+describe("getHttpApiKeyAuthPlugin", () => {
+  it("should apply the middleware to the stack", () => {
+    const plugin = getHttpApiKeyAuthPlugin(
+      {
+        apiKey: "exampleApiKey",
+      },
+      {
+        in: "query",
+        name: "key",
+      }
+    );
+
+    const mockAdd = jest.fn();
+    const mockOther = jest.fn();
+
+    // TODO there's got to be a better way to do this mocking
+    plugin.applyToStack({
+      add: mockAdd,
+      // we don't expect any of these others to be called
+      addRelativeTo: mockOther,
+      concat: mockOther,
+      resolve: mockOther,
+      applyToStack: mockOther,
+      use: mockOther,
+      clone: mockOther,
+      remove: mockOther,
+      removeByTag: mockOther,
+    });
+
+    expect(mockAdd.mock.calls.length).toEqual(1);
+    expect(mockOther.mock.calls.length).toEqual(0);
+  });
+});
+
+describe("httpApiKeyAuthMiddleware", () => {
+  describe("returned middleware function", () => {
+    const mockNextHandler = jest.fn();
+
+    beforeEach(() => {
+      jest.clearAllMocks();
+    });
+
+    it("should throw an error if the location is `query`", async () => {
+      const middleware = httpApiKeyAuthMiddleware(
+        {
+          apiKey: "exampleApiKey",
+        },
+        {
+          in: "query",
+          name: "key",
+        }
+      );
+
+      const handler = middleware(mockNextHandler, {});
+
+      await expect(
+        handler({
+          input: {},
+          request: new HttpRequest({}),
+        })
+      ).rejects.toThrow("query parameter is not supported");
+
+      expect(mockNextHandler.mock.calls.length).toEqual(0);
+    });
+
+    it("should throw an error if the api key has not been set", async () => {
+      const middleware = httpApiKeyAuthMiddleware(
+        {},
+        {
+          in: "header",
+          name: "auth",
+          scheme: "scheme",
+        }
+      );
+
+      const handler = middleware(mockNextHandler, {});
+
+      await expect(
+        handler({
+          input: {},
+          request: new HttpRequest({}),
+        })
+      ).rejects.toThrow("no API key was provided");
+
+      expect(mockNextHandler.mock.calls.length).toEqual(0);
+    });
+
+    it("should skip if the request is not an HttpRequest", async () => {
+      const middleware = httpApiKeyAuthMiddleware(
+        {},
+        {
+          in: "header",
+          name: "Authorization",
+        }
+      );
+
+      const handler = middleware(mockNextHandler, {});
+
+      await handler({
+        input: {},
+        request: {},
+      });
+
+      expect(mockNextHandler.mock.calls.length).toEqual(1);
+    });
+
+    it("should set the API key in the lower-cased named header", async () => {
+      const middleware = httpApiKeyAuthMiddleware(
+        {
+          apiKey: "exampleApiKey",
+        },
+        {
+          in: "header",
+          name: "Authorization",
+        }
+      );
+
+      const handler = middleware(mockNextHandler, {});
+
+      await handler({
+        input: {},
+        request: new HttpRequest({}),
+      });
+
+      expect(mockNextHandler.mock.calls.length).toEqual(1);
+      expect(
+        mockNextHandler.mock.calls[0][0].request.headers.authorization
+      ).toBe("exampleApiKey");
+    });
+
+    it("should set the API key in the named header with the provided scheme", async () => {
+      const middleware = httpApiKeyAuthMiddleware(
+        {
+          apiKey: "exampleApiKey",
+        },
+        {
+          in: "header",
+          name: "authorization",
+          scheme: "exampleScheme",
+        }
+      );
+      const handler = middleware(mockNextHandler, {});
+
+      await handler({
+        input: {},
+        request: new HttpRequest({}),
+      });
+
+      expect(mockNextHandler.mock.calls.length).toEqual(1);
+      expect(
+        mockNextHandler.mock.calls[0][0].request.headers.authorization
+      ).toBe("exampleScheme exampleApiKey");
+    });
+  });
+});