From e34c7b303740fc71dc5dba0c050efac581683e4e Mon Sep 17 00:00:00 2001 From: Saranya Somepalli Date: Mon, 29 Sep 2025 09:15:43 -0700 Subject: [PATCH] Revert "Add Business Metrics for Credential Providers (#6443)" This reverts commit 19720d9f043281586459b53ac718e2a5bd3786c9. --- .../feature-AWSSDKforJavav2-c2d8ec6.json | 6 - ...hildProfileCredentialsProviderFactory.java | 42 +-- .../ContainerCredentialsProvider.java | 30 +-- ...nvironmentVariableCredentialsProvider.java | 6 +- .../credentials/HttpCredentialsProvider.java | 11 - .../InstanceProfileCredentialsProvider.java | 32 +-- .../ProcessCredentialsProvider.java | 32 +-- .../ProfileProviderCredentialsContext.java | 34 +-- .../StaticCredentialsProvider.java | 19 +- .../SystemPropertyCredentialsProvider.java | 6 +- ...bIdentityTokenFileCredentialsProvider.java | 3 - .../internal/ProfileCredentialsUtils.java | 56 +--- .../WebIdentityTokenCredentialProperties.java | 12 - .../ContainerCredentialsProviderTest.java | 10 +- ...nstanceProfileCredentialsProviderTest.java | 17 +- .../ProcessCredentialsProviderTest.java | 11 +- .../StaticCredentialsProviderTest.java | 4 +- ...SystemSettingCredentialsProvidersTest.java | 23 +- ...SystemSettingsCredentialsProviderTest.java | 4 +- .../pipeline/stages/ApplyUserAgentStage.java | 45 ++-- .../useragent/BusinessMetricFeatureId.java | 23 +- .../stages/ApplyUserAgentStageTest.java | 4 +- .../sso/auth/SsoCredentialsProvider.java | 38 +-- .../SsoProfileCredentialsProviderFactory.java | 31 +-- .../sso/auth/SsoCredentialsProviderTest.java | 3 +- ...ProfileCredentialsProviderFactoryTest.java | 14 +- .../StsAssumeRoleCredentialsProvider.java | 27 +- ...AssumeRoleWithSamlCredentialsProvider.java | 31 +-- ...oleWithWebIdentityCredentialsProvider.java | 31 +-- ...GetFederationTokenCredentialsProvider.java | 31 +-- ...StsGetSessionTokenCredentialsProvider.java | 31 +-- ...bIdentityTokenFileCredentialsProvider.java | 17 +- ...umeRoleWithWebIdentityRequestSupplier.java | 16 +- .../StsProfileCredentialsProviderFactory.java | 13 +- ...WebIdentityCredentialsProviderFactory.java | 4 +- .../StsAssumeRoleCredentialsProviderTest.java | 3 +- ...meRoleWithSamlCredentialsProviderTest.java | 3 +- ...ithWebIdentityCredentialsProviderTest.java | 3 +- ...ederationTokenCredentialsProviderTest.java | 3 +- ...etSessionTokenCredentialsProviderTest.java | 3 +- ...ntityTokenCredentialsProviderBaseTest.java | 4 +- test/auth-tests/pom.xml | 10 - ...ainerCredentialsProviderUserAgentTest.java | 204 --------------- ...iableCredentialsProviderUserAgentTest.java | 129 --------- .../source/ImdsUserAgentProviderTest.java | 186 ------------- ...ocessCredentialsProviderUserAgentTest.java | 157 ----------- ...rofileCredentialProviderUserAgentTest.java | 150 ----------- ...pertyCredentialsProviderUserAgentTest.java | 123 --------- .../auth/source/UserAgentProviderTest.java | 6 +- .../StsCredentialsProviderUserAgentTest.java | 245 ------------------ 50 files changed, 126 insertions(+), 1820 deletions(-) delete mode 100644 .changes/next-release/feature-AWSSDKforJavav2-c2d8ec6.json delete mode 100644 test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/ContainerCredentialsProviderUserAgentTest.java delete mode 100644 test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/EnvironmentVariableCredentialsProviderUserAgentTest.java delete mode 100644 test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/ImdsUserAgentProviderTest.java delete mode 100644 test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/ProcessCredentialsProviderUserAgentTest.java delete mode 100644 test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/ProfileCredentialProviderUserAgentTest.java delete mode 100644 test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/SystemPropertyCredentialsProviderUserAgentTest.java delete mode 100644 test/auth-tests/src/it/java/software/amazon/awssdk/auth/sts/StsCredentialsProviderUserAgentTest.java diff --git a/.changes/next-release/feature-AWSSDKforJavav2-c2d8ec6.json b/.changes/next-release/feature-AWSSDKforJavav2-c2d8ec6.json deleted file mode 100644 index 3ddf00d7bf2e..000000000000 --- a/.changes/next-release/feature-AWSSDKforJavav2-c2d8ec6.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "type": "feature", - "category": "AWS SDK for Java v2", - "contributor": "", - "description": "Adds business metrics tracking for credential providers and S3_Express_Bucket." -} diff --git a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ChildProfileCredentialsProviderFactory.java b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ChildProfileCredentialsProviderFactory.java index 8c7fd93c4816..620e32decfe2 100644 --- a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ChildProfileCredentialsProviderFactory.java +++ b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ChildProfileCredentialsProviderFactory.java @@ -40,45 +40,5 @@ public interface ChildProfileCredentialsProviderFactory { * provider. * @return The credentials provider with permissions derived from the source credentials provider and profile. */ - default AwsCredentialsProvider create(AwsCredentialsProvider sourceCredentialsProvider, Profile profile) { - ChildProfileCredentialsRequest request = new ChildProfileCredentialsRequest(sourceCredentialsProvider, profile, null); - return create(request); - } - - /** - * Create a credentials provider for the provided profile, using the provided source credentials provider to authenticate - * with AWS. In the case of STS, the returned credentials provider is for a role that has been assumed, and the provided - * source credentials provider is the credentials that should be used to authenticate that the user is allowed to assume - * that role. - * - * @param request The request containing all parameters needed to create the child credentials provider. - * @return The credentials provider with permissions derived from the request parameters. - */ - AwsCredentialsProvider create(ChildProfileCredentialsRequest request); - - final class ChildProfileCredentialsRequest { - private final AwsCredentialsProvider sourceCredentialsProvider; - private final Profile profile; - private final String sourceFeatureId; - - public ChildProfileCredentialsRequest(AwsCredentialsProvider sourceCredentialsProvider, - Profile profile, - String sourceFeatureId) { - this.sourceCredentialsProvider = sourceCredentialsProvider; - this.profile = profile; - this.sourceFeatureId = sourceFeatureId; - } - - public AwsCredentialsProvider sourceCredentialsProvider() { - return sourceCredentialsProvider; - } - - public Profile profile() { - return profile; - } - - public String sourceFeatureId() { - return sourceFeatureId; - } - } + AwsCredentialsProvider create(AwsCredentialsProvider sourceCredentialsProvider, Profile profile); } diff --git a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ContainerCredentialsProvider.java b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ContainerCredentialsProvider.java index 03ed0a2441b1..efec7ffce6bd 100644 --- a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ContainerCredentialsProvider.java +++ b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ContainerCredentialsProvider.java @@ -39,7 +39,6 @@ import software.amazon.awssdk.auth.credentials.internal.HttpCredentialsLoader.LoadedCredentials; import software.amazon.awssdk.core.SdkSystemSetting; import software.amazon.awssdk.core.exception.SdkClientException; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.core.util.SdkUserAgent; import software.amazon.awssdk.regions.util.ResourcesEndpointProvider; import software.amazon.awssdk.regions.util.ResourcesEndpointRetryPolicy; @@ -73,8 +72,7 @@ public final class ContainerCredentialsProvider implements HttpCredentialsProvider, ToCopyableBuilder { - private static final String CLASS_NAME = "ContainerCredentialsProvider"; - private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_HTTP.value(); + private static final String PROVIDER_NAME = "ContainerCredentialsProvider"; private static final Predicate IS_LOOPBACK_ADDRESS = InetAddress::isLoopbackAddress; private static final Predicate ALLOWED_HOSTS_RULES = IS_LOOPBACK_ADDRESS; private static final String HTTPS = "https"; @@ -92,8 +90,6 @@ public final class ContainerCredentialsProvider private final Boolean asyncCredentialUpdateEnabled; private final String asyncThreadName; - private final String sourceFeatureId; - private final String providerName; /** * @see #builder() @@ -102,11 +98,7 @@ private ContainerCredentialsProvider(BuilderImpl builder) { this.endpoint = builder.endpoint; this.asyncCredentialUpdateEnabled = builder.asyncCredentialUpdateEnabled; this.asyncThreadName = builder.asyncThreadName; - this.sourceFeatureId = builder.sourceFeatureId; - this.providerName = StringUtils.isEmpty(builder.sourceFeatureId) - ? PROVIDER_NAME - : builder.sourceFeatureId + "," + PROVIDER_NAME; - this.httpCredentialsLoader = HttpCredentialsLoader.create(providerName()); + this.httpCredentialsLoader = HttpCredentialsLoader.create(PROVIDER_NAME); if (Boolean.TRUE.equals(builder.asyncCredentialUpdateEnabled)) { Validate.paramNotBlank(builder.asyncThreadName, "asyncThreadName"); @@ -134,7 +126,7 @@ public static Builder builder() { @Override public String toString() { - return ToString.create(CLASS_NAME); + return ToString.create(PROVIDER_NAME); } private RefreshResult refreshCredentials() { @@ -168,10 +160,6 @@ private Instant prefetchTime(Instant expiration) { return ComparableUtils.minimum(oneHourFromNow, fifteenMinutesBeforeExpiration); } - private String providerName() { - return this.providerName; - } - @Override public AwsCredentials resolveCredentials() { return credentialsCache.get(); @@ -330,7 +318,6 @@ private static final class BuilderImpl implements Builder { private String endpoint; private Boolean asyncCredentialUpdateEnabled; private String asyncThreadName; - private String sourceFeatureId; private BuilderImpl() { asyncThreadName("container-credentials-provider"); @@ -340,7 +327,6 @@ private BuilderImpl(ContainerCredentialsProvider credentialsProvider) { this.endpoint = credentialsProvider.endpoint; this.asyncCredentialUpdateEnabled = credentialsProvider.asyncCredentialUpdateEnabled; this.asyncThreadName = credentialsProvider.asyncThreadName; - this.sourceFeatureId = credentialsProvider.sourceFeatureId; } @Override @@ -373,16 +359,6 @@ public void setAsyncThreadName(String asyncThreadName) { asyncThreadName(asyncThreadName); } - @Override - public Builder sourceFeatureId(String sourceFeatureId) { - this.sourceFeatureId = sourceFeatureId; - return this; - } - - public void setSourceFeatureId(String sourceFeatureId) { - sourceFeatureId(sourceFeatureId); - } - @Override public ContainerCredentialsProvider build() { return new ContainerCredentialsProvider(this); diff --git a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/EnvironmentVariableCredentialsProvider.java b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/EnvironmentVariableCredentialsProvider.java index f7eb0df32e6b..e05c24eed05a 100644 --- a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/EnvironmentVariableCredentialsProvider.java +++ b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/EnvironmentVariableCredentialsProvider.java @@ -18,7 +18,6 @@ import java.util.Optional; import software.amazon.awssdk.annotations.SdkPublicApi; import software.amazon.awssdk.auth.credentials.internal.SystemSettingsCredentialsProvider; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.utils.SystemSetting; import software.amazon.awssdk.utils.ToString; @@ -29,8 +28,7 @@ @SdkPublicApi public final class EnvironmentVariableCredentialsProvider extends SystemSettingsCredentialsProvider { - private static final String CLASS_NAME = "EnvironmentVariableCredentialsProvider"; - private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_ENV_VARS.value(); + private static final String PROVIDER_NAME = "EnvironmentVariableCredentialsProvider"; private EnvironmentVariableCredentialsProvider() { } @@ -54,6 +52,6 @@ protected String provider() { @Override public String toString() { - return ToString.create(CLASS_NAME); + return ToString.create(PROVIDER_NAME); } } diff --git a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/HttpCredentialsProvider.java b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/HttpCredentialsProvider.java index 4138639cbca1..ccc7e7aa7101 100644 --- a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/HttpCredentialsProvider.java +++ b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/HttpCredentialsProvider.java @@ -16,7 +16,6 @@ package software.amazon.awssdk.auth.credentials; import software.amazon.awssdk.annotations.SdkPublicApi; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.utils.SdkAutoCloseable; /** @@ -49,16 +48,6 @@ interface BuilderNote: This method is primarily intended for use by AWS SDK internal components - * and should not be used directly by external users.

- */ - default BuilderT sourceFeatureId(String sourceFeatureId) { - throw new UnsupportedOperationException(); - } - /** * Build the credentials provider based on the configuration on this builder. */ diff --git a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/InstanceProfileCredentialsProvider.java b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/InstanceProfileCredentialsProvider.java index 34f2a189cb34..b1ddc5d7faef 100644 --- a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/InstanceProfileCredentialsProvider.java +++ b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/InstanceProfileCredentialsProvider.java @@ -37,7 +37,6 @@ import software.amazon.awssdk.core.SdkSystemSetting; import software.amazon.awssdk.core.exception.SdkClientException; import software.amazon.awssdk.core.exception.SdkServiceException; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.profiles.ProfileFile; import software.amazon.awssdk.profiles.ProfileFileSupplier; import software.amazon.awssdk.profiles.ProfileFileSystemSetting; @@ -45,7 +44,6 @@ import software.amazon.awssdk.regions.util.HttpResourcesUtils; import software.amazon.awssdk.regions.util.ResourcesEndpointProvider; import software.amazon.awssdk.utils.Logger; -import software.amazon.awssdk.utils.StringUtils; import software.amazon.awssdk.utils.ToString; import software.amazon.awssdk.utils.Validate; import software.amazon.awssdk.utils.builder.CopyableBuilder; @@ -69,8 +67,7 @@ public final class InstanceProfileCredentialsProvider implements HttpCredentialsProvider, ToCopyableBuilder { private static final Logger log = Logger.loggerFor(InstanceProfileCredentialsProvider.class); - private static final String CLASS_NAME = "InstanceProfileCredentialsProvider"; - private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_IMDS.value(); + private static final String PROVIDER_NAME = "InstanceProfileCredentialsProvider"; private static final String EC2_METADATA_TOKEN_HEADER = "x-aws-ec2-metadata-token"; private static final String SECURITY_CREDENTIALS_RESOURCE = "/latest/meta-data/iam/security-credentials/"; private static final String TOKEN_RESOURCE = "/latest/api/token"; @@ -93,9 +90,6 @@ public final class InstanceProfileCredentialsProvider private final Duration staleTime; - private final String sourceFeatureId; - private final String providerName; - /** * @see #builder() */ @@ -108,12 +102,8 @@ private InstanceProfileCredentialsProvider(BuilderImpl builder) { .orElseGet(() -> ProfileFileSupplier.fixedProfileFile(ProfileFile.defaultProfileFile())); this.profileName = Optional.ofNullable(builder.profileName) .orElseGet(ProfileFileSystemSetting.AWS_PROFILE::getStringValueOrThrow); - this.sourceFeatureId = builder.sourceFeatureId; - this.providerName = StringUtils.isEmpty(builder.sourceFeatureId) - ? PROVIDER_NAME - : builder.sourceFeatureId + "," + PROVIDER_NAME; - this.httpCredentialsLoader = HttpCredentialsLoader.create(providerName()); + this.httpCredentialsLoader = HttpCredentialsLoader.create(PROVIDER_NAME); this.configProvider = Ec2MetadataConfigProvider.builder() .profileFile(profileFile) @@ -212,13 +202,9 @@ public void close() { credentialsCache.close(); } - private String providerName() { - return this.providerName; - } - @Override public String toString() { - return ToString.create(CLASS_NAME); + return ToString.create(PROVIDER_NAME); } private ResourcesEndpointProvider createEndpointProvider() { @@ -386,7 +372,6 @@ static final class BuilderImpl implements Builder { private Supplier profileFile; private String profileName; private Duration staleTime; - private String sourceFeatureId; private BuilderImpl() { asyncThreadName("instance-profile-credentials-provider"); @@ -400,7 +385,6 @@ private BuilderImpl(InstanceProfileCredentialsProvider provider) { this.profileFile = provider.profileFile; this.profileName = provider.profileName; this.staleTime = provider.staleTime; - this.sourceFeatureId = provider.sourceFeatureId; } Builder clock(Clock clock) { @@ -479,16 +463,6 @@ public void setStaleTime(Duration duration) { staleTime(duration); } - @Override - public Builder sourceFeatureId(String sourceFeatureId) { - this.sourceFeatureId = sourceFeatureId; - return this; - } - - public void setSourceFeatureId(String sourceFeatureId) { - sourceFeatureId(sourceFeatureId); - } - @Override public InstanceProfileCredentialsProvider build() { return new InstanceProfileCredentialsProvider(this); diff --git a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ProcessCredentialsProvider.java b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ProcessCredentialsProvider.java index 840b820e8f30..e27d511d0887 100644 --- a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ProcessCredentialsProvider.java +++ b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ProcessCredentialsProvider.java @@ -25,14 +25,12 @@ import java.util.Collections; import java.util.List; import software.amazon.awssdk.annotations.SdkPublicApi; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.protocols.jsoncore.JsonNode; import software.amazon.awssdk.protocols.jsoncore.JsonNodeParser; import software.amazon.awssdk.utils.DateUtils; import software.amazon.awssdk.utils.IoUtils; import software.amazon.awssdk.utils.Platform; import software.amazon.awssdk.utils.SdkAutoCloseable; -import software.amazon.awssdk.utils.StringUtils; import software.amazon.awssdk.utils.ToString; import software.amazon.awssdk.utils.Validate; import software.amazon.awssdk.utils.builder.CopyableBuilder; @@ -66,8 +64,7 @@ public final class ProcessCredentialsProvider implements AwsCredentialsProvider, SdkAutoCloseable, ToCopyableBuilder { - private static final String CLASS_NAME = "ProcessCredentialsProvider"; - private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_PROCESS.value(); + private static final String PROVIDER_NAME = "ProcessCredentialsProvider"; private static final JsonNodeParser PARSER = JsonNodeParser.builder() .removeErrorLocations(true) .build(); @@ -85,9 +82,6 @@ public final class ProcessCredentialsProvider private final Boolean asyncCredentialUpdateEnabled; - private final String sourceFeatureId; - private final String providerName; - /** * @see #builder() */ @@ -99,10 +93,6 @@ private ProcessCredentialsProvider(Builder builder) { this.commandAsListOfStringsFromBuilder = builder.commandAsListOfStrings; this.asyncCredentialUpdateEnabled = builder.asyncCredentialUpdateEnabled; this.staticAccountId = builder.staticAccountId; - this.sourceFeatureId = builder.sourceFeatureId; - this.providerName = StringUtils.isEmpty(builder.sourceFeatureId) - ? PROVIDER_NAME - : builder.sourceFeatureId + "," + PROVIDER_NAME; CachedSupplier.Builder cacheBuilder = CachedSupplier.builder(this::refreshCredentials) .cachedValueName(toString()); @@ -181,10 +171,6 @@ private JsonNode parseProcessOutput(String processOutput) { return credentialsJson; } - private String providerName() { - return this.providerName; - } - /** * Parse the process output to retrieve the credentials. */ @@ -206,13 +192,13 @@ private AwsCredentials credentials(JsonNode credentialsJson) { .sessionToken(sessionToken) .expirationTime(credentialExpirationTime(credentialsJson)) .accountId(resolvedAccountId) - .providerName(providerName()) + .providerName(PROVIDER_NAME) .build() : AwsBasicCredentials.builder() .accessKeyId(accessKeyId) .secretAccessKey(secretAccessKey) .accountId(resolvedAccountId) - .providerName(providerName()) + .providerName(PROVIDER_NAME) .build(); } @@ -284,7 +270,6 @@ public static class Builder implements CopyableBuilder c.providerName(PROVIDER_NAME)); + return ((AwsBasicCredentials) credentials).copy(c -> c.providerName(PROVIDER_NAME)); } if (credentials instanceof AwsSessionCredentials) { - AwsSessionCredentials sessionCreds = (AwsSessionCredentials) credentials; - if (sessionCreds.providerName() - .map(BusinessMetricFeatureId.CREDENTIALS_PROFILE.value()::equals) - .orElse(false)) { - return sessionCreds; - } - return sessionCreds.copy(c -> c.providerName(PROVIDER_NAME)); + return ((AwsSessionCredentials) credentials).copy(c -> c.providerName(PROVIDER_NAME)); } return credentials; } diff --git a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/SystemPropertyCredentialsProvider.java b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/SystemPropertyCredentialsProvider.java index 94ff10a0b1c5..bcc7d77af4e6 100644 --- a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/SystemPropertyCredentialsProvider.java +++ b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/SystemPropertyCredentialsProvider.java @@ -18,7 +18,6 @@ import java.util.Optional; import software.amazon.awssdk.annotations.SdkPublicApi; import software.amazon.awssdk.auth.credentials.internal.SystemSettingsCredentialsProvider; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.utils.SystemSetting; import software.amazon.awssdk.utils.ToString; @@ -29,8 +28,7 @@ @SdkPublicApi public final class SystemPropertyCredentialsProvider extends SystemSettingsCredentialsProvider { - private static final String CLASS_NAME = "SystemPropertyCredentialsProvider"; - private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_JVM_SYSTEM_PROPERTIES.value(); + private static final String PROVIDER_NAME = "SystemPropertyCredentialsProvider"; private SystemPropertyCredentialsProvider() { } @@ -54,6 +52,6 @@ protected String provider() { @Override public String toString() { - return ToString.create(CLASS_NAME); + return ToString.create(PROVIDER_NAME); } } diff --git a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/WebIdentityTokenFileCredentialsProvider.java b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/WebIdentityTokenFileCredentialsProvider.java index d93bcb070d97..6e5f68473809 100644 --- a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/WebIdentityTokenFileCredentialsProvider.java +++ b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/WebIdentityTokenFileCredentialsProvider.java @@ -24,7 +24,6 @@ import software.amazon.awssdk.auth.credentials.internal.WebIdentityCredentialsUtils; import software.amazon.awssdk.auth.credentials.internal.WebIdentityTokenCredentialProperties; import software.amazon.awssdk.core.SdkSystemSetting; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.utils.IoUtils; import software.amazon.awssdk.utils.SdkAutoCloseable; import software.amazon.awssdk.utils.ToString; @@ -109,8 +108,6 @@ private WebIdentityTokenFileCredentialsProvider(BuilderImpl builder) { .prefetchTime(prefetchTime) .staleTime(staleTime) .roleSessionDuration(roleSessionDuration) - .sourceFeatureId(BusinessMetricFeatureId - .CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN.value()) .build(); credentialsProvider = WebIdentityCredentialsUtils.factory().create(credentialProperties); diff --git a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/internal/ProfileCredentialsUtils.java b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/internal/ProfileCredentialsUtils.java index 317ebae76081..22da5e9986fd 100644 --- a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/internal/ProfileCredentialsUtils.java +++ b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/internal/ProfileCredentialsUtils.java @@ -40,7 +40,6 @@ import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider; import software.amazon.awssdk.auth.credentials.SystemPropertyCredentialsProvider; import software.amazon.awssdk.core.internal.util.ClassLoaderHelper; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.profiles.Profile; import software.amazon.awssdk.profiles.ProfileFile; import software.amazon.awssdk.profiles.ProfileProperty; @@ -162,7 +161,6 @@ private AwsCredentialsProvider basicProfileCredentialsProvider() { .accessKeyId(properties.get(ProfileProperty.AWS_ACCESS_KEY_ID)) .secretAccessKey(properties.get(ProfileProperty.AWS_SECRET_ACCESS_KEY)) .accountId(properties.get(ProfileProperty.AWS_ACCOUNT_ID)) - .providerName(BusinessMetricFeatureId.CREDENTIALS_PROFILE.value()) .build(); return StaticCredentialsProvider.create(credentials); } @@ -179,7 +177,6 @@ private AwsCredentialsProvider sessionProfileCredentialsProvider() { .secretAccessKey(properties.get(ProfileProperty.AWS_SECRET_ACCESS_KEY)) .sessionToken(properties.get(ProfileProperty.AWS_SESSION_TOKEN)) .accountId(properties.get(ProfileProperty.AWS_ACCOUNT_ID)) - .providerName(BusinessMetricFeatureId.CREDENTIALS_PROFILE.value()) .build(); return StaticCredentialsProvider.create(credentials); } @@ -190,7 +187,6 @@ private AwsCredentialsProvider credentialProcessCredentialsProvider() { return ProcessCredentialsProvider.builder() .command(properties.get(ProfileProperty.CREDENTIAL_PROCESS)) .staticAccountId(properties.get(ProfileProperty.AWS_ACCOUNT_ID)) - .sourceFeatureId(BusinessMetricFeatureId.CREDENTIALS_PROFILE_PROCESS.value()) .build(); } @@ -199,16 +195,10 @@ private AwsCredentialsProvider credentialProcessCredentialsProvider() { */ private AwsCredentialsProvider ssoProfileCredentialsProvider() { validateRequiredPropertiesForSsoCredentialsProvider(); - boolean isLegacy = isLegacySsoConfiguration(); - String sourceFeatureId = isLegacy ? - BusinessMetricFeatureId.CREDENTIALS_PROFILE_SSO_LEGACY.value() : - BusinessMetricFeatureId.CREDENTIALS_PROFILE_SSO.value(); - return ssoCredentialsProviderFactory().create( ProfileProviderCredentialsContext.builder() .profile(profile) .profileFile(profileFile) - .sourceFeatureId(sourceFeatureId) .build()); } @@ -221,10 +211,6 @@ private void validateRequiredPropertiesForSsoCredentialsProvider() { } } - private boolean isLegacySsoConfiguration() { - return !properties.containsKey(ProfileSection.SSO_SESSION.getPropertyKeyName()); - } - private AwsCredentialsProvider roleAndWebIdentityTokenProfileCredentialsProvider() { requireProperties(ProfileProperty.ROLE_ARN, ProfileProperty.WEB_IDENTITY_TOKEN_FILE); @@ -237,8 +223,6 @@ private AwsCredentialsProvider roleAndWebIdentityTokenProfileCredentialsProvider .roleArn(roleArn) .roleSessionName(roleSessionName) .webIdentityTokenFile(webIdentityTokenFile) - .sourceFeatureId(BusinessMetricFeatureId - .CREDENTIALS_PROFILE_STS_WEB_ID_TOKEN.value()) .build(); return WebIdentityCredentialsUtils.factory().create(credentialProperties); @@ -265,8 +249,7 @@ private AwsCredentialsProvider roleAndSourceProfileBasedProfileCredentialsProvid .credentialsProvider(children)) .orElseThrow(this::noSourceCredentialsException); - String sourceFeatureId = BusinessMetricFeatureId.CREDENTIALS_PROFILE_SOURCE_PROFILE.value(); - return createStsCredentialsProviderWithMetrics(sourceCredentialsProvider, sourceFeatureId); + return stsCredentialsProviderFactory().create(sourceCredentialsProvider, profile); } /** @@ -277,10 +260,8 @@ private AwsCredentialsProvider roleAndCredentialSourceBasedProfileCredentialsPro requireProperties(ProfileProperty.CREDENTIAL_SOURCE); CredentialSourceType credentialSource = CredentialSourceType.parse(properties.get(ProfileProperty.CREDENTIAL_SOURCE)); - String profileSource = BusinessMetricFeatureId.CREDENTIALS_PROFILE_NAMED_PROVIDER.value(); AwsCredentialsProvider credentialsProvider = credentialSourceCredentialProvider(credentialSource); - - return createStsCredentialsProviderWithMetrics(credentialsProvider, profileSource); + return stsCredentialsProviderFactory().create(credentialsProvider, profile); } private AwsCredentialsProvider credentialSourceCredentialProvider(CredentialSourceType credentialSource) { @@ -317,39 +298,6 @@ private IllegalStateException noSourceCredentialsException() { return new IllegalStateException(error); } - /** - * Extract business metrics from a credentials provider by resolving credentials and checking the provider name. - * This is used to propagate business metrics from source credentials to assume role operations. - */ - private String extractBusinessMetricsFromProvider(AwsCredentialsProvider credentialsProvider) { - try { - AwsCredentials credentials = credentialsProvider.resolveCredentials(); - return credentials.providerName().orElse(null); - } catch (Exception e) { - return null; - } - } - - /** - * Helper method to create STS credentials provider with business metrics propagation. - * This method extracts business metrics from the source credentials provider and combines them - * with the profile-level business metrics before creating the STS credentials provider. - */ - private AwsCredentialsProvider createStsCredentialsProviderWithMetrics(AwsCredentialsProvider sourceCredentialsProvider, - String profileMetric) { - String sourceMetrics = extractBusinessMetricsFromProvider(sourceCredentialsProvider); - - String combinedSource = profileMetric; - if (sourceMetrics != null && !sourceMetrics.isEmpty()) { - combinedSource = profileMetric + "," + sourceMetrics; - } - - ChildProfileCredentialsProviderFactory.ChildProfileCredentialsRequest request = - new ChildProfileCredentialsProviderFactory - .ChildProfileCredentialsRequest(sourceCredentialsProvider, profile, combinedSource); - return stsCredentialsProviderFactory().create(request); - } - /** * Load the factory that can be used to create the STS credentials provider, assuming it is on the classpath. */ diff --git a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/internal/WebIdentityTokenCredentialProperties.java b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/internal/WebIdentityTokenCredentialProperties.java index 6b31f6540b0a..91391909b7a8 100644 --- a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/internal/WebIdentityTokenCredentialProperties.java +++ b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/internal/WebIdentityTokenCredentialProperties.java @@ -32,7 +32,6 @@ public class WebIdentityTokenCredentialProperties { private final Duration prefetchTime; private final Duration staleTime; private final Duration roleSessionDuration; - private final String sourceFeatureId; private WebIdentityTokenCredentialProperties(Builder builder) { this.roleArn = builder.roleArn; @@ -42,7 +41,6 @@ private WebIdentityTokenCredentialProperties(Builder builder) { this.prefetchTime = builder.prefetchTime; this.staleTime = builder.staleTime; this.roleSessionDuration = builder.roleSessionDuration; - this.sourceFeatureId = builder.sourceFeatureId; } public String roleArn() { @@ -73,10 +71,6 @@ public Duration roleSessionDuration() { return this.roleSessionDuration; } - public String sourceFeatureId() { - return sourceFeatureId; - } - public static Builder builder() { return new Builder(); } @@ -89,7 +83,6 @@ public static final class Builder { private Duration prefetchTime; private Duration staleTime; private Duration roleSessionDuration; - private String sourceFeatureId; public Builder roleArn(String roleArn) { this.roleArn = roleArn; @@ -126,11 +119,6 @@ public Builder roleSessionDuration(Duration roleSessionDuration) { return this; } - public Builder sourceFeatureId(String sourceFeatureId) { - this.sourceFeatureId = sourceFeatureId; - return this; - } - public WebIdentityTokenCredentialProperties build() { return new WebIdentityTokenCredentialProperties(this); } diff --git a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/ContainerCredentialsProviderTest.java b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/ContainerCredentialsProviderTest.java index 568c82724f3b..0f20fe51a5a6 100644 --- a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/ContainerCredentialsProviderTest.java +++ b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/ContainerCredentialsProviderTest.java @@ -31,7 +31,6 @@ import org.junit.ClassRule; import org.junit.Test; import software.amazon.awssdk.core.exception.SdkClientException; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.core.util.SdkUserAgent; import software.amazon.awssdk.testutils.EnvironmentVariableHelper; @@ -74,13 +73,8 @@ public void testEnvVariableNotSet() { .resolveCredentials(); } - @Test - public void testClassName() { - assertThat(credentialsProvider.toString()).contains("ContainerCredentialsProvider"); - } - /** - * Tests that the getCredentials returns a valid response from endpoint. + * Tests that the getCredentials returns a value when it receives a valid 200 response from endpoint. */ @Test public void testGetCredentialsReturnsValidResponseFromEcsEndpoint() { @@ -92,7 +86,7 @@ public void testGetCredentialsReturnsValidResponseFromEcsEndpoint() { assertThat(credentials.accessKeyId()).isEqualTo(ACCESS_KEY_ID); assertThat(credentials.secretAccessKey()).isEqualTo(SECRET_ACCESS_KEY); assertThat(credentials.sessionToken()).isEqualTo(TOKEN); - assertThat(credentials.providerName()).isPresent().contains(BusinessMetricFeatureId.CREDENTIALS_HTTP.value()); + assertThat(credentials.providerName()).isPresent().contains("ContainerCredentialsProvider"); } /** diff --git a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/InstanceProfileCredentialsProviderTest.java b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/InstanceProfileCredentialsProviderTest.java index 055967055c25..671e591b17b5 100644 --- a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/InstanceProfileCredentialsProviderTest.java +++ b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/InstanceProfileCredentialsProviderTest.java @@ -63,7 +63,6 @@ import org.mockito.Mockito; import software.amazon.awssdk.core.SdkSystemSetting; import software.amazon.awssdk.core.exception.SdkClientException; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.core.util.SdkUserAgent; import software.amazon.awssdk.identity.spi.AwsCredentialsIdentity; import software.amazon.awssdk.profiles.ProfileFile; @@ -144,12 +143,6 @@ private void verifyImdsCallInsecure() { .withHeader(USER_AGENT_HEADER, equalTo(USER_AGENT))); } - @Test - void testClassName() { - InstanceProfileCredentialsProvider provider = InstanceProfileCredentialsProvider.builder().build(); - assertThat(provider.toString()).contains("InstanceProfileCredentialsProvider"); - } - @Test void resolveCredentials_usesTokenByDefault() { stubSecureCredentialsResponse(aResponse().withBody(STUB_CREDENTIALS)); @@ -157,7 +150,7 @@ void resolveCredentials_usesTokenByDefault() { AwsCredentials credentials = provider.resolveCredentials(); assertThat(credentials.accessKeyId()).isEqualTo("ACCESS_KEY_ID"); assertThat(credentials.secretAccessKey()).isEqualTo("SECRET_ACCESS_KEY"); - assertThat(credentials.providerName()).isPresent().contains(BusinessMetricFeatureId.CREDENTIALS_IMDS.value()); + assertThat(credentials.providerName()).isPresent().contains("InstanceProfileCredentialsProvider"); verifyImdsCallWithToken(); } @@ -169,7 +162,7 @@ void resolveCredentials_WhenConnectionDelaySetToHighValue() { AwsCredentials credentials = provider.resolveCredentials(); assertThat(credentials.accessKeyId()).isEqualTo("ACCESS_KEY_ID"); assertThat(credentials.secretAccessKey()).isEqualTo("SECRET_ACCESS_KEY"); - assertThat(credentials.providerName()).isPresent().contains(BusinessMetricFeatureId.CREDENTIALS_IMDS.value()); + assertThat(credentials.providerName()).isPresent().contains("InstanceProfileCredentialsProvider"); verifyImdsCallWithToken(); } @@ -193,7 +186,7 @@ void resolveIdentity_WhenConnectionDelaySetToHighValue() { AwsCredentialsIdentity credentialsIdentity = provider.resolveIdentity().join(); assertThat(credentialsIdentity.accessKeyId()).isEqualTo("ACCESS_KEY_ID"); assertThat(credentialsIdentity.secretAccessKey()).isEqualTo("SECRET_ACCESS_KEY"); - assertThat(credentialsIdentity.providerName()).isPresent().contains(BusinessMetricFeatureId.CREDENTIALS_IMDS.value()); + assertThat(credentialsIdentity.providerName()).isPresent().contains("InstanceProfileCredentialsProvider"); verifyImdsCallWithToken(); } @@ -656,7 +649,7 @@ void shouldNotRetry_whenSucceeds() { AwsCredentials credentials = provider.resolveCredentials(); assertThat(credentials.accessKeyId()).isEqualTo("ACCESS_KEY_ID"); assertThat(credentials.secretAccessKey()).isEqualTo("SECRET_ACCESS_KEY"); - assertThat(credentials.providerName()).isPresent().contains(BusinessMetricFeatureId.CREDENTIALS_IMDS.value()); + assertThat(credentials.providerName()).isPresent().contains("InstanceProfileCredentialsProvider"); verifyImdsCallWithToken(); WireMock.verify(exactly(1), getRequestedFor(urlPathEqualTo(CREDENTIALS_RESOURCE_PATH + "some-profile"))); } @@ -687,7 +680,7 @@ public void checkPermission(Permission perm) { // Verify credentials are correctly resolved from instance profile assertThat(credentials.accessKeyId()).isEqualTo("ACCESS_KEY_ID"); assertThat(credentials.secretAccessKey()).isEqualTo("SECRET_ACCESS_KEY"); - assertThat(credentials.providerName()).isPresent().contains(BusinessMetricFeatureId.CREDENTIALS_IMDS.value()); + assertThat(credentials.providerName()).isPresent().contains("InstanceProfileCredentialsProvider"); // Verify IMDS was called verifyImdsCallWithToken(); diff --git a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/ProcessCredentialsProviderTest.java b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/ProcessCredentialsProviderTest.java index be21f7a6b56f..0fdedff07646 100644 --- a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/ProcessCredentialsProviderTest.java +++ b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/ProcessCredentialsProviderTest.java @@ -36,7 +36,6 @@ import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.Arguments; import org.junit.jupiter.params.provider.MethodSource; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.utils.DateUtils; import software.amazon.awssdk.utils.IoUtils; import software.amazon.awssdk.utils.Platform; @@ -71,12 +70,6 @@ static void teardown() { } } - @Test - void testToString() { - ProcessCredentialsProvider provider = ProcessCredentialsProvider.builder().command("test").build(); - assertThat(provider.toString()).contains("ProcessCredentialsProvider"); - } - @ParameterizedTest(name = "{index} - {0}") @MethodSource("staticCredentialsValues") void staticCredentialsCanBeLoaded(String description, String staticAccountId, Optional expectedValue, @@ -150,7 +143,7 @@ public void staticCredentials_commandAsListOfStrings_CanBeLoaded() { assertThat(credentials).isInstanceOf(AwsBasicCredentials.class); assertThat(credentials.accessKeyId()).isEqualTo("accessKeyId"); assertThat(credentials.secretAccessKey()).isEqualTo("secretAccessKey"); - assertThat(credentials.providerName()).isPresent().hasValue(BusinessMetricFeatureId.CREDENTIALS_PROCESS.value()); + assertThat(credentials.providerName()).isPresent().contains("ProcessCredentialsProvider"); } @Test @@ -193,13 +186,11 @@ void sessionCredentialsWithStaticAccountIdCanBeLoaded() { scriptLocation, ACCESS_KEY_ID, SECRET_ACCESS_KEY, expiration)) .credentialRefreshThreshold(Duration.ofSeconds(1)) .staticAccountId("staticAccountId") - .sourceFeatureId("v") .build(); AwsCredentials credentials = credentialsProvider.resolveCredentials(); verifySessionCredentials(credentials, expiration); assertThat(credentials.accountId()).isPresent().hasValue("staticAccountId"); - assertThat(credentials.providerName()).isPresent().hasValue("v,w"); } private void verifySessionCredentials(AwsCredentials credentials, String expiration) { diff --git a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/StaticCredentialsProviderTest.java b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/StaticCredentialsProviderTest.java index 5502610543b1..d02b633dfd2e 100644 --- a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/StaticCredentialsProviderTest.java +++ b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/StaticCredentialsProviderTest.java @@ -19,7 +19,6 @@ import static org.assertj.core.api.Assertions.assertThatThrownBy; import org.junit.jupiter.api.Test; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; class StaticCredentialsProviderTest { @Test @@ -40,7 +39,6 @@ void getAwsCredentialsWithAccountId_ReturnsSameCredentials() { .build(); AwsCredentials actualCredentials = StaticCredentialsProvider.create(credentials).resolveCredentials(); assertThat(actualCredentials).isEqualTo(credentials); - assertThat(actualCredentials.providerName()).isPresent().contains(BusinessMetricFeatureId.CREDENTIALS_CODE.value()); } @@ -50,7 +48,7 @@ void getSessionAwsCredentials_ReturnsSameCredentials() { AwsCredentials actualCredentials = StaticCredentialsProvider.create(credentials).resolveCredentials(); assertThat(credentials).isEqualTo(actualCredentials); assertThat(credentials.providerName()).isNotPresent(); - assertThat(actualCredentials.providerName()).isPresent().contains(BusinessMetricFeatureId.CREDENTIALS_CODE.value()); + assertThat(actualCredentials.providerName()).isPresent(); } @Test diff --git a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/SystemSettingCredentialsProvidersTest.java b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/SystemSettingCredentialsProvidersTest.java index 9ecc620a5af4..8961c5d0a18c 100644 --- a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/SystemSettingCredentialsProvidersTest.java +++ b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/SystemSettingCredentialsProvidersTest.java @@ -22,16 +22,13 @@ import java.util.List; import java.util.Optional; import java.util.function.Consumer; -import org.assertj.core.api.Assertions; import org.junit.jupiter.api.AfterEach; import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.Test; import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.Arguments; import org.junit.jupiter.params.provider.MethodSource; import software.amazon.awssdk.core.SdkSystemSetting; import software.amazon.awssdk.core.exception.SdkClientException; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.testutils.EnvironmentVariableHelper; import software.amazon.awssdk.utils.Pair; @@ -69,9 +66,7 @@ void configureEnvVars_resolveCredentials(String description, configureEnvironmentVariables(systemSettings); EnvironmentVariableCredentialsProvider provider = EnvironmentVariableCredentialsProvider.create(); if (expected != null) { - AwsCredentials resolvedCredentials = provider.resolveCredentials(); - assertThat(resolvedCredentials).satisfies(expected); - assertThat(resolvedCredentials.providerName()).isPresent().contains(BusinessMetricFeatureId.CREDENTIALS_ENV_VARS.value()); + assertThat(provider.resolveCredentials()).satisfies(expected); } else { assertThatThrownBy(provider::resolveCredentials).isInstanceOf(SdkClientException.class); } @@ -85,9 +80,7 @@ void configureSystemProperties_resolveCredentials(String description, configureSystemProperties(systemSettings); SystemPropertyCredentialsProvider provider = SystemPropertyCredentialsProvider.create(); if (expected != null) { - AwsCredentials resolvedCredentials = provider.resolveCredentials(); - assertThat(resolvedCredentials).satisfies(expected); - assertThat(resolvedCredentials.providerName()).isPresent().contains(BusinessMetricFeatureId.CREDENTIALS_JVM_SYSTEM_PROPERTIES.value()); + assertThat(provider.resolveCredentials()).satisfies(expected); } else { assertThatThrownBy(provider::resolveCredentials).isInstanceOf(SdkClientException.class); } @@ -130,18 +123,6 @@ private static List config() { ); } - @Test - void testEnvVarsClassName() { - EnvironmentVariableCredentialsProvider provider = EnvironmentVariableCredentialsProvider.create(); - Assertions.assertThat(provider.toString()).contains("EnvironmentVariableCredentialsProvider"); - } - - @Test - void testSystemPropertyClassName() { - SystemPropertyCredentialsProvider provider = SystemPropertyCredentialsProvider.create(); - Assertions.assertThat(provider.toString()).contains("SystemPropertyCredentialsProvider"); - } - private void configureEnvironmentVariables(List> systemSettings) { for (Pair setting : systemSettings) { ENVIRONMENT_VARIABLE_HELPER.set(setting.left(), setting.right()); diff --git a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/SystemSettingsCredentialsProviderTest.java b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/SystemSettingsCredentialsProviderTest.java index 95cfc899460f..81905de526ac 100644 --- a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/SystemSettingsCredentialsProviderTest.java +++ b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/SystemSettingsCredentialsProviderTest.java @@ -47,7 +47,7 @@ void systemPropertyCredentialsProvider_resolveCredentials_returnsCredentialsWith AwsCredentials credentials = SystemPropertyCredentialsProvider.create().resolveCredentials(); assertThat(credentials.accessKeyId()).isEqualTo("akid1"); assertThat(credentials.secretAccessKey()).isEqualTo("skid1"); - assertThat(credentials.providerName()).isPresent().contains("f"); + assertThat(credentials.providerName()).isPresent().contains("SystemPropertyCredentialsProvider"); } @Test @@ -55,6 +55,6 @@ void environmentVariableCredentialsProvider_resolveCredentials_returnsCredential AwsCredentials credentials = EnvironmentVariableCredentialsProvider.create().resolveCredentials(); assertThat(credentials.accessKeyId()).isEqualTo("akid2"); assertThat(credentials.secretAccessKey()).isEqualTo("skid2"); - assertThat(credentials.providerName()).isPresent().contains("g"); + assertThat(credentials.providerName()).isPresent().contains("EnvironmentVariableCredentialsProvider"); } } diff --git a/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/pipeline/stages/ApplyUserAgentStage.java b/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/pipeline/stages/ApplyUserAgentStage.java index 744b1f4a5d8d..ef1e3fb2cc9d 100644 --- a/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/pipeline/stages/ApplyUserAgentStage.java +++ b/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/http/pipeline/stages/ApplyUserAgentStage.java @@ -15,20 +15,23 @@ package software.amazon.awssdk.core.internal.http.pipeline.stages; +import static software.amazon.awssdk.core.internal.useragent.UserAgentConstant.AUTH_SOURCE; import static software.amazon.awssdk.core.internal.useragent.UserAgentConstant.BUSINESS_METADATA; +import static software.amazon.awssdk.core.internal.useragent.UserAgentConstant.CONFIG_METADATA; import static software.amazon.awssdk.core.internal.useragent.UserAgentConstant.SLASH; import static software.amazon.awssdk.core.internal.useragent.UserAgentConstant.SPACE; import static software.amazon.awssdk.core.internal.useragent.UserAgentConstant.appendSpaceAndField; +import static software.amazon.awssdk.core.internal.useragent.UserAgentConstant.uaPair; import static software.amazon.awssdk.utils.StringUtils.trim; import java.util.ArrayList; -import java.util.Arrays; import java.util.Collection; -import java.util.Collections; import java.util.List; import java.util.Optional; +import java.util.concurrent.CompletableFuture; import software.amazon.awssdk.annotations.SdkInternalApi; import software.amazon.awssdk.core.ApiName; +import software.amazon.awssdk.core.SelectedAuthScheme; import software.amazon.awssdk.core.client.config.SdkAdvancedClientOption; import software.amazon.awssdk.core.client.config.SdkClientConfiguration; import software.amazon.awssdk.core.client.config.SdkClientOption; @@ -37,10 +40,12 @@ import software.amazon.awssdk.core.internal.http.HttpClientDependencies; import software.amazon.awssdk.core.internal.http.RequestExecutionContext; import software.amazon.awssdk.core.internal.http.pipeline.MutableRequestToRequestPipeline; +import software.amazon.awssdk.core.internal.useragent.IdentityProviderNameMapping; import software.amazon.awssdk.core.useragent.AdditionalMetadata; import software.amazon.awssdk.core.useragent.BusinessMetricCollection; import software.amazon.awssdk.http.SdkHttpFullRequest; import software.amazon.awssdk.identity.spi.Identity; +import software.amazon.awssdk.utils.CollectionUtils; import software.amazon.awssdk.utils.CompletableFutureUtils; import software.amazon.awssdk.utils.Logger; import software.amazon.awssdk.utils.Pair; @@ -113,6 +118,10 @@ private String finalizeUserAgent(RequestExecutionContext context) { userAgentMetadata.forEach(s -> javaUserAgent.append(SPACE).append(s)); } + //add remaining SDK user agent properties + identityProviderName(context.executionAttributes()).ifPresent( + authSource -> appendSpaceAndField(javaUserAgent, CONFIG_METADATA, uaPair(AUTH_SOURCE, authSource))); + Optional businessMetrics = getBusinessMetricsString(context.executionAttributes(), groupedApiNames.right()); businessMetrics.ifPresent( metrics -> appendSpaceAndField(javaUserAgent, BUSINESS_METADATA, metrics) @@ -147,33 +156,29 @@ private static Optional getBusinessMetricsString(ExecutionAttributes exe Collection metricsFromApiNames) { BusinessMetricCollection businessMetrics = executionAttributes.getAttribute(SdkInternalExecutionAttribute.BUSINESS_METRICS); + if (businessMetrics == null && CollectionUtils.isNullOrEmpty(metricsFromApiNames)) { + return Optional.empty(); + } if (businessMetrics == null) { businessMetrics = new BusinessMetricCollection(); } businessMetrics.merge(metricsFromApiNames); + return Optional.of(businessMetrics.asBoundedString()); + } - credentialProviderBusinessMetrics(executionAttributes).ifPresent(businessMetrics::merge); - - if (businessMetrics.recordedMetrics().isEmpty()) { + private static Optional identityProviderName(ExecutionAttributes executionAttributes) { + SelectedAuthScheme selectedAuthScheme = executionAttributes + .getAttribute(SdkInternalExecutionAttribute.SELECTED_AUTH_SCHEME); + if (selectedAuthScheme == null) { return Optional.empty(); } - - return Optional.of(businessMetrics.asBoundedString()); + return providerNameFromIdentity(selectedAuthScheme); } - private static Optional> credentialProviderBusinessMetrics( - ExecutionAttributes executionAttributes) { - return Optional.ofNullable( - executionAttributes.getAttribute(SdkInternalExecutionAttribute.SELECTED_AUTH_SCHEME)) - .map(selectedAuthScheme -> - CompletableFutureUtils.joinLikeSync(selectedAuthScheme.identity())) - .flatMap(Identity::providerName) - .map(providerName -> { - if (StringUtils.isBlank(providerName)) { - return Collections.emptyList(); - } - return Arrays.asList(providerName.split(",")); - }); + private static Optional providerNameFromIdentity(SelectedAuthScheme selectedAuthScheme) { + CompletableFuture identityFuture = selectedAuthScheme.identity(); + T identity = CompletableFutureUtils.joinLikeSync(identityFuture); + return identity.providerName().flatMap(IdentityProviderNameMapping::mapFrom); } /** diff --git a/core/sdk-core/src/main/java/software/amazon/awssdk/core/useragent/BusinessMetricFeatureId.java b/core/sdk-core/src/main/java/software/amazon/awssdk/core/useragent/BusinessMetricFeatureId.java index 884f57bf5691..7f1483d56895 100644 --- a/core/sdk-core/src/main/java/software/amazon/awssdk/core/useragent/BusinessMetricFeatureId.java +++ b/core/sdk-core/src/main/java/software/amazon/awssdk/core/useragent/BusinessMetricFeatureId.java @@ -22,7 +22,7 @@ /** * An enum class representing a short form of identity providers to record in the UA string. * - * Unimplemented metrics: I,J,K,M,O,S,U-c + * Unimplemented metrics: I,J,K,M,O,S,U-c,e-[latest] * Unsupported metrics (these will never be added): A,H */ @SdkProtectedApi @@ -42,27 +42,6 @@ public enum BusinessMetricFeatureId { RESOLVED_ACCOUNT_ID("T"), DDB_MAPPER("d"), BEARER_SERVICE_ENV_VARS("3"), - CREDENTIALS_CODE("e"), - CREDENTIALS_JVM_SYSTEM_PROPERTIES("f"), - CREDENTIALS_ENV_VARS("g"), - CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN("h"), - CREDENTIALS_STS_ASSUME_ROLE("i"), - CREDENTIALS_STS_ASSUME_ROLE_SAML("j"), - CREDENTIALS_STS_ASSUME_ROLE_WEB_ID("k"), - CREDENTIALS_STS_FEDERATION_TOKEN("l"), - CREDENTIALS_STS_SESSION_TOKEN("m"), - CREDENTIALS_PROFILE("n"), - CREDENTIALS_PROFILE_SOURCE_PROFILE("o"), - CREDENTIALS_PROFILE_NAMED_PROVIDER("p"), - CREDENTIALS_PROFILE_STS_WEB_ID_TOKEN("q"), - CREDENTIALS_PROFILE_SSO("r"), - CREDENTIALS_SSO("s"), - CREDENTIALS_PROFILE_SSO_LEGACY("t"), - CREDENTIALS_SSO_LEGACY("u"), - CREDENTIALS_PROFILE_PROCESS("v"), - CREDENTIALS_PROCESS("w"), - CREDENTIALS_HTTP("z"), - CREDENTIALS_IMDS("0"), UNKNOWN("Unknown"); private static final Map VALUE_MAP = diff --git a/core/sdk-core/src/test/java/software/amazon/awssdk/core/internal/http/pipeline/stages/ApplyUserAgentStageTest.java b/core/sdk-core/src/test/java/software/amazon/awssdk/core/internal/http/pipeline/stages/ApplyUserAgentStageTest.java index 4db0103b7e3c..d02654a78071 100644 --- a/core/sdk-core/src/test/java/software/amazon/awssdk/core/internal/http/pipeline/stages/ApplyUserAgentStageTest.java +++ b/core/sdk-core/src/test/java/software/amazon/awssdk/core/internal/http/pipeline/stages/ApplyUserAgentStageTest.java @@ -60,7 +60,7 @@ public class ApplyUserAgentStageTest { (HttpSigner) Mockito.mock(HttpSigner.class), AuthSchemeOption.builder().schemeId("mock").build()); - private static final String PROVIDER_SOURCE = "w"; + private static final String PROVIDER_SOURCE = "ProcessCredentialsProvider"; private static final AwsCredentialsIdentity IDENTITY_WITHOUT_SOURCE = AwsCredentialsIdentity.create("akid", "secret"); @@ -149,7 +149,7 @@ public void when_identityContainsProvider_authSourceIsPresent() throws Exception List userAgentHeaders = request.headers().get(HEADER_USER_AGENT); assertThat(userAgentHeaders).isNotNull().hasSize(1); - assertThat(userAgentHeaders.get(0)).contains("m/w"); + assertThat(userAgentHeaders.get(0)).contains("auth-source#proc"); } private static HttpClientDependencies dependencies(String clientUserAgent) { diff --git a/services/sso/src/main/java/software/amazon/awssdk/services/sso/auth/SsoCredentialsProvider.java b/services/sso/src/main/java/software/amazon/awssdk/services/sso/auth/SsoCredentialsProvider.java index e0e406b58464..ce4fbaf2ca97 100644 --- a/services/sso/src/main/java/software/amazon/awssdk/services/sso/auth/SsoCredentialsProvider.java +++ b/services/sso/src/main/java/software/amazon/awssdk/services/sso/auth/SsoCredentialsProvider.java @@ -25,13 +25,11 @@ import software.amazon.awssdk.auth.credentials.AwsCredentials; import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider; import software.amazon.awssdk.auth.credentials.AwsSessionCredentials; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sso.SsoClient; import software.amazon.awssdk.services.sso.internal.SessionCredentialsHolder; import software.amazon.awssdk.services.sso.model.GetRoleCredentialsRequest; import software.amazon.awssdk.services.sso.model.RoleCredentials; import software.amazon.awssdk.utils.SdkAutoCloseable; -import software.amazon.awssdk.utils.StringUtils; import software.amazon.awssdk.utils.builder.CopyableBuilder; import software.amazon.awssdk.utils.builder.ToCopyableBuilder; import software.amazon.awssdk.utils.cache.CachedSupplier; @@ -53,7 +51,7 @@ @SdkPublicApi public final class SsoCredentialsProvider implements AwsCredentialsProvider, SdkAutoCloseable, ToCopyableBuilder { - private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_SSO.value(); + private static final String PROVIDER_NAME = "SsoCredentialsProvider"; private static final Duration DEFAULT_STALE_TIME = Duration.ofMinutes(1); private static final Duration DEFAULT_PREFETCH_TIME = Duration.ofMinutes(5); @@ -61,8 +59,6 @@ public final class SsoCredentialsProvider implements AwsCredentialsProvider, Sdk private static final String ASYNC_THREAD_NAME = "sdk-sso-credentials-provider"; private final Supplier getRoleCredentialsRequestSupplier; - private final String sourceFeatureId; - private final String providerName; private final SsoClient ssoClient; private final Duration staleTime; @@ -81,11 +77,6 @@ private SsoCredentialsProvider(BuilderImpl builder) { this.staleTime = Optional.ofNullable(builder.staleTime).orElse(DEFAULT_STALE_TIME); this.prefetchTime = Optional.ofNullable(builder.prefetchTime).orElse(DEFAULT_PREFETCH_TIME); - this.sourceFeatureId = builder.sourceFeatureId; - - this.providerName = StringUtils.isEmpty(builder.sourceFeatureId) - ? PROVIDER_NAME - : builder.sourceFeatureId + "," + PROVIDER_NAME; this.asyncCredentialUpdateEnabled = builder.asyncCredentialUpdateEnabled; CachedSupplier.Builder cacheBuilder = @@ -104,11 +95,11 @@ private SsoCredentialsProvider(BuilderImpl builder) { */ private RefreshResult updateSsoCredentials() { SessionCredentialsHolder credentials = getUpdatedCredentials(ssoClient); - Instant actualTokenExpiration = credentials.sessionCredentialsExpiration(); + Instant acutalTokenExpiration = credentials.sessionCredentialsExpiration(); return RefreshResult.builder(credentials) - .staleTime(actualTokenExpiration.minus(staleTime)) - .prefetchTime(actualTokenExpiration.minus(prefetchTime)) + .staleTime(acutalTokenExpiration.minus(staleTime)) + .prefetchTime(acutalTokenExpiration.minus(prefetchTime)) .build(); } @@ -121,15 +112,11 @@ private SessionCredentialsHolder getUpdatedCredentials(SsoClient ssoClient) { .secretAccessKey(roleCredentials.secretAccessKey()) .sessionToken(roleCredentials.sessionToken()) .accountId(request.accountId()) - .providerName(providerName()) + .providerName(PROVIDER_NAME) .build(); return new SessionCredentialsHolder(sessionCredentials, Instant.ofEpochMilli(roleCredentials.expiration())); } - private String providerName() { - return this.providerName; - } - /** * The amount of time, relative to session token expiration, that the cached credentials are considered stale and * should no longer be used. All threads will block until the value is updated. @@ -219,13 +206,6 @@ public interface Builder extends CopyableBuilder getRoleCredentialsRequestSupplier); - /** - * An optional string list of {@link BusinessMetricFeatureId} denoting previous - * credentials providers that are chained with this one. This method is primarily intended for use by AWS SDK internal - * components and should not be used directly by external users. - */ - Builder sourceFeatureId(String sourceFeatureId); - /** * Create a {@link SsoCredentialsProvider} using the configuration applied to this builder. * @return @@ -240,7 +220,6 @@ protected static final class BuilderImpl implements Builder { private Duration staleTime; private Duration prefetchTime; private Supplier getRoleCredentialsRequestSupplier; - private String sourceFeatureId; BuilderImpl() { @@ -252,7 +231,6 @@ public BuilderImpl(SsoCredentialsProvider provider) { this.staleTime = provider.staleTime; this.prefetchTime = provider.prefetchTime; this.getRoleCredentialsRequestSupplier = provider.getRoleCredentialsRequestSupplier; - this.sourceFeatureId = provider.sourceFeatureId; } @Override @@ -290,12 +268,6 @@ public Builder refreshRequest(Supplier getRoleCredent return this; } - @Override - public Builder sourceFeatureId(String sourceFeatureId) { - this.sourceFeatureId = sourceFeatureId; - return this; - } - @Override public SsoCredentialsProvider build() { return new SsoCredentialsProvider(this); diff --git a/services/sso/src/main/java/software/amazon/awssdk/services/sso/auth/SsoProfileCredentialsProviderFactory.java b/services/sso/src/main/java/software/amazon/awssdk/services/sso/auth/SsoProfileCredentialsProviderFactory.java index 9584f22f4576..f3b910c3e1fa 100644 --- a/services/sso/src/main/java/software/amazon/awssdk/services/sso/auth/SsoProfileCredentialsProviderFactory.java +++ b/services/sso/src/main/java/software/amazon/awssdk/services/sso/auth/SsoProfileCredentialsProviderFactory.java @@ -63,7 +63,10 @@ public class SsoProfileCredentialsProviderFactory implements ProfileCredentialsP */ @Override public AwsCredentialsProvider create(ProfileProviderCredentialsContext credentialsContext) { - return new SsoProfileCredentialsProvider(credentialsContext, sdkTokenProvider(credentialsContext)); + return new SsoProfileCredentialsProvider(credentialsContext.profile(), + credentialsContext.profileFile(), + sdkTokenProvider(credentialsContext.profile(), + credentialsContext.profileFile())); } /** @@ -71,27 +74,26 @@ public AwsCredentialsProvider create(ProfileProviderCredentialsContext credentia * This method is only used for testing. */ @SdkTestInternalApi - public AwsCredentialsProvider create(ProfileProviderCredentialsContext credentialsContext, + public AwsCredentialsProvider create(Profile profile, ProfileFile profileFile, SdkTokenProvider tokenProvider) { - return new SsoProfileCredentialsProvider(credentialsContext, tokenProvider); + return new SsoProfileCredentialsProvider(profile, profileFile, tokenProvider); } /** * A wrapper for a {@link SsoCredentialsProvider} that is returned by this factory when {@link - * #create(ProfileProviderCredentialsContext)} * or {@link #create(ProfileProviderCredentialsContext, SdkTokenProvider)} - * is invoked. This wrapper is important because it ensures * the parent credentials provider is closed when the sso - * credentials provider is no longer needed. + * #create(ProfileProviderCredentialsContext)} * or {@link #create(Profile, ProfileFile, SdkTokenProvider)} is invoked. This + * wrapper is important because it ensures * the parent credentials provider is closed when the sso credentials provider is no + * longer needed. */ private static final class SsoProfileCredentialsProvider implements AwsCredentialsProvider, SdkAutoCloseable { private final SsoClient ssoClient; private final SsoCredentialsProvider credentialsProvider; - private SsoProfileCredentialsProvider(ProfileProviderCredentialsContext credentialsContext, + private SsoProfileCredentialsProvider(Profile profile, ProfileFile profileFile, SdkTokenProvider tokenProvider) { - Profile profile = credentialsContext.profile(); String ssoAccountId = profile.properties().get(ProfileProperty.SSO_ACCOUNT_ID); String ssoRoleName = profile.properties().get(ProfileProperty.SSO_ROLE_NAME); - String ssoRegion = regionFromProfileOrSession(profile, credentialsContext.profileFile()); + String ssoRegion = regionFromProfileOrSession(profile, profileFile); this.ssoClient = SsoClient.builder() .credentialsProvider(AnonymousCredentialsProvider.create()) @@ -112,7 +114,6 @@ private SsoProfileCredentialsProvider(ProfileProviderCredentialsContext credenti this.credentialsProvider = SsoCredentialsProvider.builder() .ssoClient(ssoClient) .refreshRequest(supplier) - .sourceFeatureId(credentialsContext.sourceFeatureId()) .build(); } @@ -156,9 +157,7 @@ private static Profile ssoSessionInProfile(String sessionName, ProfileFile profi return ssoProfile; } - private static SdkTokenProvider sdkTokenProvider(ProfileProviderCredentialsContext credentialsContext) { - Profile profile = credentialsContext.profile(); - ProfileFile profileFile = credentialsContext.profileFile(); + private static SdkTokenProvider sdkTokenProvider(Profile profile, ProfileFile profileFile) { Optional ssoSession = profile.property(ProfileSection.SSO_SESSION.getPropertyKeyName()); @@ -173,9 +172,11 @@ private static SdkTokenProvider sdkTokenProvider(ProfileProviderCredentialsConte .profileFile(() -> profileFile) .profileName(profile.name()) .build()); + } else { + return new SsoAccessTokenProvider(generateCachedTokenPath( + profile.properties().get(ProfileProperty.SSO_START_URL), TOKEN_DIRECTORY)); + } - return new SsoAccessTokenProvider(generateCachedTokenPath(profile.properties().get(ProfileProperty.SSO_START_URL), - TOKEN_DIRECTORY)); } private static void validateCommonProfileProperties(Profile profile, Profile ssoSessionProfileFile, String propertyName) { diff --git a/services/sso/src/test/java/software/amazon/awssdk/services/sso/auth/SsoCredentialsProviderTest.java b/services/sso/src/test/java/software/amazon/awssdk/services/sso/auth/SsoCredentialsProviderTest.java index d7be6cdd852c..9540a77ba6c6 100644 --- a/services/sso/src/test/java/software/amazon/awssdk/services/sso/auth/SsoCredentialsProviderTest.java +++ b/services/sso/src/test/java/software/amazon/awssdk/services/sso/auth/SsoCredentialsProviderTest.java @@ -27,7 +27,6 @@ import org.junit.jupiter.api.Test; import org.mockito.Mockito; import software.amazon.awssdk.auth.credentials.AwsSessionCredentials; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sso.SsoClient; import software.amazon.awssdk.services.sso.model.GetRoleCredentialsRequest; import software.amazon.awssdk.services.sso.model.GetRoleCredentialsResponse; @@ -137,7 +136,7 @@ private void callClientWithCredentialsProvider(Instant credentialsExpirationDate assertThat(actualCredentials.accessKeyId()).isEqualTo("a"); assertThat(actualCredentials.secretAccessKey()).isEqualTo("b"); assertThat(actualCredentials.sessionToken()).isEqualTo("c"); - assertThat(actualCredentials.providerName()).isPresent().contains(BusinessMetricFeatureId.CREDENTIALS_SSO.value()); + assertThat(actualCredentials.providerName()).isPresent().contains("SsoCredentialsProvider"); assertThat(actualCredentials.accountId()).isPresent().contains("123456789"); } } diff --git a/services/sso/src/test/java/software/amazon/awssdk/services/sso/auth/SsoProfileCredentialsProviderFactoryTest.java b/services/sso/src/test/java/software/amazon/awssdk/services/sso/auth/SsoProfileCredentialsProviderFactoryTest.java index 8da326bf589f..c5cb2b57834d 100644 --- a/services/sso/src/test/java/software/amazon/awssdk/services/sso/auth/SsoProfileCredentialsProviderFactoryTest.java +++ b/services/sso/src/test/java/software/amazon/awssdk/services/sso/auth/SsoProfileCredentialsProviderFactoryTest.java @@ -79,12 +79,9 @@ public void createSsoCredentialsProviderWithFactorySucceed() throws IOException cachedTokenFilePath); SsoProfileCredentialsProviderFactory factory = new SsoProfileCredentialsProviderFactory(); - assertThat(factory.create(ProfileProviderCredentialsContext.builder() - .profile(profileFile.profile("foo").get()) - .profileFile(profileFile) - .build(), - tokenProvider)) - .isInstanceOf(AwsCredentialsProvider.class); + assertThat(factory.create(profileFile.profile("foo").get(), + profileFile, + tokenProvider)).isInstanceOf(AwsCredentialsProvider.class); } private Path prepareTestCachedTokenFile(String tokenFileContent, String generatedTokenFileName) throws IOException { @@ -172,10 +169,7 @@ public void tokenResolvedFromTokenProvider(@Mock SdkTokenProvider sdkTokenProvid "sso_start_url=https//d-abc123.awsapps.com/start"); SsoProfileCredentialsProviderFactory factory = new SsoProfileCredentialsProviderFactory(); when(sdkTokenProvider.resolveToken()).thenReturn(SsoAccessToken.builder().accessToken("sample").expiresAt(Instant.now()).build()); - AwsCredentialsProvider credentialsProvider = factory.create(ProfileProviderCredentialsContext.builder() - .profile(profileFile.profile("test").get()) - .profileFile(profileFile) - .build(), sdkTokenProvider); + AwsCredentialsProvider credentialsProvider = factory.create(profileFile.profile("test").get(), profileFile, sdkTokenProvider); try { credentialsProvider.resolveCredentials(); } catch (Exception e) { diff --git a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleCredentialsProvider.java b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleCredentialsProvider.java index 34a2dcd76f90..a59570be0103 100644 --- a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleCredentialsProvider.java +++ b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleCredentialsProvider.java @@ -25,11 +25,9 @@ import software.amazon.awssdk.annotations.ThreadSafe; import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider; import software.amazon.awssdk.auth.credentials.AwsSessionCredentials; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.model.AssumeRoleRequest; import software.amazon.awssdk.services.sts.model.AssumeRoleResponse; -import software.amazon.awssdk.utils.StringUtils; import software.amazon.awssdk.utils.ToString; import software.amazon.awssdk.utils.Validate; import software.amazon.awssdk.utils.builder.ToCopyableBuilder; @@ -51,10 +49,8 @@ public final class StsAssumeRoleCredentialsProvider extends StsCredentialsProvider implements ToCopyableBuilder { - private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_STS_ASSUME_ROLE.value(); + private static final String PROVIDER_NAME = "StsAssumeRoleCredentialsProvider"; private final Supplier assumeRoleRequestSupplier; - private final String sourceFeatureId; - private final String providerName; /** * @see #builder() @@ -64,10 +60,6 @@ private StsAssumeRoleCredentialsProvider(Builder builder) { Validate.notNull(builder.assumeRoleRequestSupplier, "Assume role request must not be null."); this.assumeRoleRequestSupplier = builder.assumeRoleRequestSupplier; - this.sourceFeatureId = builder.sourceFeatureId; - this.providerName = StringUtils.isEmpty(builder.sourceFeatureId) - ? PROVIDER_NAME - : builder.sourceFeatureId + "," + PROVIDER_NAME; } /** @@ -83,7 +75,7 @@ protected AwsSessionCredentials getUpdatedCredentials(StsClient stsClient) { Validate.notNull(assumeRoleRequest, "Assume role request must not be null."); AssumeRoleResponse assumeRoleResponse = stsClient.assumeRole(assumeRoleRequest); return fromStsCredentials(assumeRoleResponse.credentials(), - providerName(), + PROVIDER_NAME, accountIdFromArn(assumeRoleResponse.assumedRoleUser())); } @@ -101,7 +93,7 @@ public Builder toBuilder() { @Override String providerName() { - return this.providerName; + return PROVIDER_NAME; } /** @@ -111,7 +103,6 @@ String providerName() { @NotThreadSafe public static final class Builder extends BaseBuilder { private Supplier assumeRoleRequestSupplier; - private String sourceFeatureId; private Builder() { super(StsAssumeRoleCredentialsProvider::new); @@ -120,7 +111,6 @@ private Builder() { private Builder(StsAssumeRoleCredentialsProvider provider) { super(StsAssumeRoleCredentialsProvider::new, provider); this.assumeRoleRequestSupplier = provider.assumeRoleRequestSupplier; - this.sourceFeatureId = provider.sourceFeatureId; } /** @@ -155,17 +145,6 @@ public Builder refreshRequest(Consumer assumeRoleRequ return refreshRequest(AssumeRoleRequest.builder().applyMutation(assumeRoleRequest).build()); } - /** - * An optional string list of {@link BusinessMetricFeatureId} denoting previous credentials providers - * that are chained with this one. - *

Note: This method is primarily intended for use by AWS SDK internal components - * and should not be used directly by external users.

- */ - public Builder sourceFeatureId(String sourceFeatureId) { - this.sourceFeatureId = sourceFeatureId; - return this; - } - @Override public StsAssumeRoleCredentialsProvider build() { return super.build(); diff --git a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithSamlCredentialsProvider.java b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithSamlCredentialsProvider.java index 4845b1b61c7b..6d99b555e311 100644 --- a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithSamlCredentialsProvider.java +++ b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithSamlCredentialsProvider.java @@ -25,11 +25,9 @@ import software.amazon.awssdk.annotations.ThreadSafe; import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider; import software.amazon.awssdk.auth.credentials.AwsSessionCredentials; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.model.AssumeRoleWithSamlRequest; import software.amazon.awssdk.services.sts.model.AssumeRoleWithSamlResponse; -import software.amazon.awssdk.utils.StringUtils; import software.amazon.awssdk.utils.Validate; import software.amazon.awssdk.utils.builder.ToCopyableBuilder; @@ -50,10 +48,8 @@ public final class StsAssumeRoleWithSamlCredentialsProvider extends StsCredentialsProvider implements ToCopyableBuilder { - private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_STS_ASSUME_ROLE_SAML.value(); + private static final String PROVIDER_NAME = "StsAssumeRoleWithSamlCredentialsProvider"; private final Supplier assumeRoleWithSamlRequestSupplier; - private final String sourceFeatureId; - private final String providerName; /** @@ -64,10 +60,6 @@ private StsAssumeRoleWithSamlCredentialsProvider(Builder builder) { Validate.notNull(builder.assumeRoleWithSamlRequestSupplier, "Assume role with SAML request must not be null."); this.assumeRoleWithSamlRequestSupplier = builder.assumeRoleWithSamlRequestSupplier; - this.sourceFeatureId = builder.sourceFeatureId; - this.providerName = StringUtils.isEmpty(builder.sourceFeatureId) - ? PROVIDER_NAME - : builder.sourceFeatureId + "," + PROVIDER_NAME; } /** @@ -83,7 +75,7 @@ protected AwsSessionCredentials getUpdatedCredentials(StsClient stsClient) { Validate.notNull(assumeRoleWithSamlRequest, "Assume role with saml request must not be null."); AssumeRoleWithSamlResponse assumeRoleResponse = stsClient.assumeRoleWithSAML(assumeRoleWithSamlRequest); return fromStsCredentials(assumeRoleResponse.credentials(), - providerName(), + PROVIDER_NAME, accountIdFromArn(assumeRoleResponse.assumedRoleUser())); } @@ -94,7 +86,7 @@ public Builder toBuilder() { @Override String providerName() { - return this.providerName; + return PROVIDER_NAME; } /** @@ -104,7 +96,6 @@ String providerName() { @NotThreadSafe public static final class Builder extends BaseBuilder { private Supplier assumeRoleWithSamlRequestSupplier; - private String sourceFeatureId; private Builder() { super(StsAssumeRoleWithSamlCredentialsProvider::new); @@ -113,7 +104,6 @@ private Builder() { public Builder(StsAssumeRoleWithSamlCredentialsProvider provider) { super(StsAssumeRoleWithSamlCredentialsProvider::new, provider); this.assumeRoleWithSamlRequestSupplier = provider.assumeRoleWithSamlRequestSupplier; - this.sourceFeatureId = provider.sourceFeatureId; } /** @@ -148,21 +138,6 @@ public Builder refreshRequest(Consumer assume return refreshRequest(AssumeRoleWithSamlRequest.builder().applyMutation(assumeRoleWithSamlRequest).build()); } - /** - * Configure the source of this credentials provider. This is used for business metrics tracking - * to identify the credential provider chain. - * - *

Note: This method is primarily intended for use by AWS SDK internal components - * and should not be used directly by external users.

- * - * @param sourceFeatureId The source identifier for business metrics tracking. - * @return This object for chained calls. - */ - public Builder sourceFeatureId(String sourceFeatureId) { - this.sourceFeatureId = sourceFeatureId; - return this; - } - @Override public StsAssumeRoleWithSamlCredentialsProvider build() { return super.build(); diff --git a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithWebIdentityCredentialsProvider.java b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithWebIdentityCredentialsProvider.java index 1d14fe6fefe1..4cbb325f7458 100644 --- a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithWebIdentityCredentialsProvider.java +++ b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithWebIdentityCredentialsProvider.java @@ -26,11 +26,9 @@ import software.amazon.awssdk.annotations.ThreadSafe; import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider; import software.amazon.awssdk.auth.credentials.AwsSessionCredentials; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.model.AssumeRoleWithWebIdentityRequest; import software.amazon.awssdk.services.sts.model.AssumeRoleWithWebIdentityResponse; -import software.amazon.awssdk.utils.StringUtils; import software.amazon.awssdk.utils.builder.ToCopyableBuilder; /** @@ -51,10 +49,8 @@ public final class StsAssumeRoleWithWebIdentityCredentialsProvider extends StsCredentialsProvider implements ToCopyableBuilder { - private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_STS_ASSUME_ROLE_WEB_ID.value(); + private static final String PROVIDER_NAME = "StsAssumeRoleWithWebIdentityCredentialsProvider"; private final Supplier assumeRoleWithWebIdentityRequest; - private final String sourceFeatureId; - private final String providerName; /** * @see #builder() @@ -64,10 +60,6 @@ private StsAssumeRoleWithWebIdentityCredentialsProvider(Builder builder) { notNull(builder.assumeRoleWithWebIdentityRequestSupplier, "Assume role with web identity request must not be null."); this.assumeRoleWithWebIdentityRequest = builder.assumeRoleWithWebIdentityRequestSupplier; - this.sourceFeatureId = builder.sourceFeatureId; - this.providerName = StringUtils.isEmpty(builder.sourceFeatureId) - ? PROVIDER_NAME - : builder.sourceFeatureId + "," + PROVIDER_NAME; } /** @@ -83,7 +75,7 @@ protected AwsSessionCredentials getUpdatedCredentials(StsClient stsClient) { notNull(request, "AssumeRoleWithWebIdentityRequest can't be null"); AssumeRoleWithWebIdentityResponse assumeRoleResponse = stsClient.assumeRoleWithWebIdentity(request); return fromStsCredentials(assumeRoleResponse.credentials(), - providerName(), + PROVIDER_NAME, accountIdFromArn(assumeRoleResponse.assumedRoleUser())); } @@ -94,7 +86,7 @@ public Builder toBuilder() { @Override String providerName() { - return this.providerName; + return PROVIDER_NAME; } /** @@ -104,7 +96,6 @@ String providerName() { @NotThreadSafe public static final class Builder extends BaseBuilder { private Supplier assumeRoleWithWebIdentityRequestSupplier; - private String sourceFeatureId; private Builder() { super(StsAssumeRoleWithWebIdentityCredentialsProvider::new); @@ -113,7 +104,6 @@ private Builder() { public Builder(StsAssumeRoleWithWebIdentityCredentialsProvider provider) { super(StsAssumeRoleWithWebIdentityCredentialsProvider::new, provider); this.assumeRoleWithWebIdentityRequestSupplier = provider.assumeRoleWithWebIdentityRequest; - this.sourceFeatureId = provider.sourceFeatureId; } /** @@ -149,21 +139,6 @@ public Builder refreshRequest(Consumer .build()); } - /** - * Configure the source of this credentials provider. This is used for business metrics tracking - * to identify the credential provider chain. - * - *

Note: This method is primarily intended for use by AWS SDK internal components - * and should not be used directly by external users.

- * - * @param sourceFeatureId The source identifier for business metrics tracking. - * @return This object for chained calls. - */ - public Builder sourceFeatureId(String sourceFeatureId) { - this.sourceFeatureId = sourceFeatureId; - return this; - } - @Override public StsAssumeRoleWithWebIdentityCredentialsProvider build() { return super.build(); diff --git a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsGetFederationTokenCredentialsProvider.java b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsGetFederationTokenCredentialsProvider.java index b0f78cdbbba9..da28815b686e 100644 --- a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsGetFederationTokenCredentialsProvider.java +++ b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsGetFederationTokenCredentialsProvider.java @@ -23,13 +23,11 @@ import software.amazon.awssdk.annotations.ThreadSafe; import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider; import software.amazon.awssdk.auth.credentials.AwsSessionCredentials; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.endpoints.internal.Arn; import software.amazon.awssdk.services.sts.model.FederatedUser; import software.amazon.awssdk.services.sts.model.GetFederationTokenRequest; import software.amazon.awssdk.services.sts.model.GetFederationTokenResponse; -import software.amazon.awssdk.utils.StringUtils; import software.amazon.awssdk.utils.Validate; import software.amazon.awssdk.utils.builder.ToCopyableBuilder; @@ -50,11 +48,9 @@ public class StsGetFederationTokenCredentialsProvider extends StsCredentialsProvider implements ToCopyableBuilder { - private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_STS_FEDERATION_TOKEN.value(); + private static final String PROVIDER_NAME = "StsGetFederationTokenCredentialsProvider"; private final GetFederationTokenRequest getFederationTokenRequest; - private final String sourceFeatureId; - private final String providerName; /** * @see #builder() @@ -64,10 +60,6 @@ private StsGetFederationTokenCredentialsProvider(Builder builder) { Validate.notNull(builder.getFederationTokenRequest, "Get session token request must not be null."); this.getFederationTokenRequest = builder.getFederationTokenRequest; - this.sourceFeatureId = builder.sourceFeatureId; - this.providerName = StringUtils.isEmpty(builder.sourceFeatureId) - ? PROVIDER_NAME - : builder.sourceFeatureId + "," + PROVIDER_NAME; } /** @@ -81,7 +73,7 @@ public static Builder builder() { protected AwsSessionCredentials getUpdatedCredentials(StsClient stsClient) { GetFederationTokenResponse federationToken = stsClient.getFederationToken(getFederationTokenRequest); return fromStsCredentials(federationToken.credentials(), - providerName(), + PROVIDER_NAME, accountIdFromArn(federationToken.federatedUser())); } @@ -101,7 +93,7 @@ public Builder toBuilder() { @Override String providerName() { - return this.providerName; + return PROVIDER_NAME; } /** @@ -111,7 +103,6 @@ String providerName() { @NotThreadSafe public static final class Builder extends BaseBuilder { private GetFederationTokenRequest getFederationTokenRequest; - private String sourceFeatureId; private Builder() { super(StsGetFederationTokenCredentialsProvider::new); @@ -120,7 +111,6 @@ private Builder() { public Builder(StsGetFederationTokenCredentialsProvider provider) { super(StsGetFederationTokenCredentialsProvider::new, provider); this.getFederationTokenRequest = provider.getFederationTokenRequest; - this.sourceFeatureId = provider.sourceFeatureId; } /** @@ -144,21 +134,6 @@ public Builder refreshRequest(Consumer getFed return refreshRequest(GetFederationTokenRequest.builder().applyMutation(getFederationTokenRequest).build()); } - /** - * Configure the source of this credentials provider. This is used for business metrics tracking - * to identify the credential provider chain. - * - *

Note: This method is primarily intended for use by AWS SDK internal components - * and should not be used directly by external users.

- * - * @param sourceFeatureId The source identifier for business metrics tracking. - * @return This object for chained calls. - */ - public Builder sourceFeatureId(String sourceFeatureId) { - this.sourceFeatureId = sourceFeatureId; - return this; - } - @Override public StsGetFederationTokenCredentialsProvider build() { return super.build(); diff --git a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsGetSessionTokenCredentialsProvider.java b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsGetSessionTokenCredentialsProvider.java index 1c31532ba5c4..8ca66114d2be 100644 --- a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsGetSessionTokenCredentialsProvider.java +++ b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsGetSessionTokenCredentialsProvider.java @@ -23,11 +23,9 @@ import software.amazon.awssdk.annotations.ThreadSafe; import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider; import software.amazon.awssdk.auth.credentials.AwsSessionCredentials; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.model.GetSessionTokenRequest; import software.amazon.awssdk.services.sts.model.GetSessionTokenResponse; -import software.amazon.awssdk.utils.StringUtils; import software.amazon.awssdk.utils.Validate; import software.amazon.awssdk.utils.builder.ToCopyableBuilder; @@ -48,11 +46,9 @@ public class StsGetSessionTokenCredentialsProvider extends StsCredentialsProvider implements ToCopyableBuilder { - private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_STS_SESSION_TOKEN.value(); + private static final String PROVIDER_NAME = "StsGetSessionTokenCredentialsProvider"; private final GetSessionTokenRequest getSessionTokenRequest; - private final String sourceFeatureId; - private final String providerName; /** * @see #builder() @@ -62,10 +58,6 @@ private StsGetSessionTokenCredentialsProvider(Builder builder) { Validate.notNull(builder.getSessionTokenRequest, "Get session token request must not be null."); this.getSessionTokenRequest = builder.getSessionTokenRequest; - this.sourceFeatureId = builder.sourceFeatureId; - this.providerName = StringUtils.isEmpty(builder.sourceFeatureId) - ? PROVIDER_NAME - : builder.sourceFeatureId + "," + PROVIDER_NAME; } /** @@ -78,7 +70,7 @@ public static Builder builder() { @Override protected AwsSessionCredentials getUpdatedCredentials(StsClient stsClient) { GetSessionTokenResponse sessionToken = stsClient.getSessionToken(getSessionTokenRequest); - return fromStsCredentials(sessionToken.credentials(), providerName()); + return fromStsCredentials(sessionToken.credentials(), PROVIDER_NAME); } @Override @@ -88,7 +80,7 @@ public Builder toBuilder() { @Override String providerName() { - return this.providerName; + return PROVIDER_NAME; } /** @@ -98,7 +90,6 @@ String providerName() { @NotThreadSafe public static final class Builder extends BaseBuilder { private GetSessionTokenRequest getSessionTokenRequest = GetSessionTokenRequest.builder().build(); - private String sourceFeatureId; private Builder() { super(StsGetSessionTokenCredentialsProvider::new); @@ -107,7 +98,6 @@ private Builder() { public Builder(StsGetSessionTokenCredentialsProvider provider) { super(StsGetSessionTokenCredentialsProvider::new, provider); this.getSessionTokenRequest = provider.getSessionTokenRequest; - this.sourceFeatureId = provider.sourceFeatureId; } /** @@ -132,21 +122,6 @@ public Builder refreshRequest(GetSessionTokenRequest getSessionTokenRequest) { public Builder refreshRequest(Consumer getFederationTokenRequest) { return refreshRequest(GetSessionTokenRequest.builder().applyMutation(getFederationTokenRequest).build()); } - - /** - * Configure the source of this credentials provider. This is used for business metrics tracking - * to identify the credential provider chain. - * - *

Note: This method is primarily intended for use by AWS SDK internal components - * and should not be used directly by external users.

- * - * @param sourceFeatureId The source identifier for business metrics tracking. - * @return This object for chained calls. - */ - public Builder sourceFeatureId(String sourceFeatureId) { - this.sourceFeatureId = sourceFeatureId; - return this; - } @Override public StsGetSessionTokenCredentialsProvider build() { diff --git a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenFileCredentialsProvider.java b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenFileCredentialsProvider.java index c4ca16469e8b..c812da56e21e 100644 --- a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenFileCredentialsProvider.java +++ b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenFileCredentialsProvider.java @@ -22,7 +22,6 @@ import java.nio.file.Path; import java.nio.file.Paths; -import java.util.Optional; import java.util.function.Consumer; import java.util.function.Supplier; import software.amazon.awssdk.annotations.SdkPublicApi; @@ -31,7 +30,6 @@ import software.amazon.awssdk.auth.credentials.AwsSessionCredentials; import software.amazon.awssdk.auth.credentials.internal.WebIdentityTokenCredentialProperties; import software.amazon.awssdk.core.SdkSystemSetting; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.internal.AssumeRoleWithWebIdentityRequestSupplier; import software.amazon.awssdk.services.sts.model.AssumeRoleWithWebIdentityRequest; @@ -58,7 +56,7 @@ public final class StsWebIdentityTokenFileCredentialsProvider extends StsCredentialsProvider implements ToCopyableBuilder { - private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN.value(); + private static final String PROVIDER_NAME = "StsWebIdentityTokenFileCredentialsProvider"; private final AwsCredentialsProvider credentialsProvider; private final RuntimeException loadException; @@ -134,16 +132,7 @@ public AwsCredentials resolveCredentials() { if (loadException != null) { throw loadException; } - AwsCredentials awsCredentials = credentialsProvider.resolveCredentials(); - if (awsCredentials instanceof AwsSessionCredentials) { - AwsSessionCredentials sessionCredentials = (AwsSessionCredentials) awsCredentials; - Optional providerName = awsCredentials.providerName(); - if (providerName.isPresent() && !providerName.get().isEmpty()) { - return sessionCredentials.copy(s -> s.providerName(providerName.get() + "," + PROVIDER_NAME)); - } - return sessionCredentials.copy(s -> s.providerName(PROVIDER_NAME)); - } - return awsCredentials; + return credentialsProvider.resolveCredentials(); } @Override @@ -314,4 +303,4 @@ public StsWebIdentityTokenFileCredentialsProvider build() { } } -} +} \ No newline at end of file diff --git a/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/AssumeRoleWithWebIdentityRequestSupplier.java b/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/AssumeRoleWithWebIdentityRequestSupplier.java index 696658493f08..03b91890af8a 100644 --- a/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/AssumeRoleWithWebIdentityRequestSupplier.java +++ b/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/AssumeRoleWithWebIdentityRequestSupplier.java @@ -20,7 +20,6 @@ import java.io.UncheckedIOException; import java.nio.file.Files; import java.nio.file.Path; -import java.util.Optional; import java.util.function.Supplier; import software.amazon.awssdk.annotations.SdkInternalApi; import software.amazon.awssdk.services.sts.model.AssumeRoleWithWebIdentityRequest; @@ -32,13 +31,12 @@ public class AssumeRoleWithWebIdentityRequestSupplier implements Supplier sourceFeatureId() { - return Optional.ofNullable(sourceFeatureId); - } - //file extraction private String getToken(Path file) { try (InputStream webIdentityTokenStream = Files.newInputStream(file)) { @@ -69,7 +63,6 @@ public static class Builder { private Path webIdentityTokenFile; - private String sourceFeatureId; public Builder assumeRoleWithWebIdentityRequest(AssumeRoleWithWebIdentityRequest request) { this.request = request; @@ -85,11 +78,6 @@ public AssumeRoleWithWebIdentityRequestSupplier build() { return new AssumeRoleWithWebIdentityRequestSupplier(this); } - public Builder sourceFeatureId(String sourceFeatureId) { - this.sourceFeatureId = sourceFeatureId; - return this; - } - } -} +} \ No newline at end of file diff --git a/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/StsProfileCredentialsProviderFactory.java b/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/StsProfileCredentialsProviderFactory.java index d50e6155f488..4e5559e73680 100644 --- a/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/StsProfileCredentialsProviderFactory.java +++ b/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/StsProfileCredentialsProviderFactory.java @@ -41,23 +41,21 @@ public final class StsProfileCredentialsProviderFactory implements ChildProfileC + "'%s' profile."; @Override - public AwsCredentialsProvider create(ChildProfileCredentialsRequest request) { - return new StsProfileCredentialsProvider(request.sourceCredentialsProvider(), request.profile(), - request.sourceFeatureId()); + public AwsCredentialsProvider create(AwsCredentialsProvider sourceCredentialsProvider, Profile profile) { + return new StsProfileCredentialsProvider(sourceCredentialsProvider, profile); } /** * A wrapper for a {@link StsAssumeRoleCredentialsProvider} that is returned by this factory when - * {@link #create(ChildProfileCredentialsRequest)} is invoked. This wrapper is important because it ensures the - * parent credentials provider is closed when the assume-role credentials provider is no longer needed. + * {@link #create(AwsCredentialsProvider, Profile)} is invoked. This wrapper is important because it ensures the parent + * credentials provider is closed when the assume-role credentials provider is no longer needed. */ private static final class StsProfileCredentialsProvider implements AwsCredentialsProvider, SdkAutoCloseable { private final StsClient stsClient; private final AwsCredentialsProvider parentCredentialsProvider; private final StsAssumeRoleCredentialsProvider credentialsProvider; - private StsProfileCredentialsProvider(AwsCredentialsProvider parentCredentialsProvider, Profile profile, - String sourceFeatureId) { + private StsProfileCredentialsProvider(AwsCredentialsProvider parentCredentialsProvider, Profile profile) { String roleArn = requireProperty(profile, ProfileProperty.ROLE_ARN); String roleSessionName = profile.property(ProfileProperty.ROLE_SESSION_NAME) .orElseGet(() -> "aws-sdk-java-" + System.currentTimeMillis()); @@ -78,7 +76,6 @@ private StsProfileCredentialsProvider(AwsCredentialsProvider parentCredentialsPr this.credentialsProvider = StsAssumeRoleCredentialsProvider.builder() .stsClient(stsClient) .refreshRequest(assumeRoleRequest) - .sourceFeatureId(sourceFeatureId) .build(); } diff --git a/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/StsWebIdentityCredentialsProviderFactory.java b/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/StsWebIdentityCredentialsProviderFactory.java index f1ffad1950cd..86340d4f857d 100644 --- a/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/StsWebIdentityCredentialsProviderFactory.java +++ b/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/StsWebIdentityCredentialsProviderFactory.java @@ -87,15 +87,13 @@ private StsWebIdentityCredentialsProvider(WebIdentityTokenCredentialProperties c AssumeRoleWithWebIdentityRequestSupplier.builder() .assumeRoleWithWebIdentityRequest(requestBuilder.build()) .webIdentityTokenFile(credentialProperties.webIdentityTokenFile()) - .sourceFeatureId(credentialProperties.sourceFeatureId()) .build(); StsAssumeRoleWithWebIdentityCredentialsProvider.Builder builder = StsAssumeRoleWithWebIdentityCredentialsProvider.builder() .asyncCredentialUpdateEnabled(asyncCredentialUpdateEnabled) .stsClient(stsClient) - .refreshRequest(supplier) - .sourceFeatureId(credentialProperties.sourceFeatureId()); + .refreshRequest(supplier); if (credentialProperties.prefetchTime() != null) { builder.prefetchTime(credentialProperties.prefetchTime()); diff --git a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleCredentialsProviderTest.java b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleCredentialsProviderTest.java index b36cd6e67613..e4d7b6c6bc5c 100644 --- a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleCredentialsProviderTest.java +++ b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleCredentialsProviderTest.java @@ -15,7 +15,6 @@ package software.amazon.awssdk.services.sts.auth; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.model.AssumeRoleRequest; import software.amazon.awssdk.services.sts.model.AssumeRoleResponse; @@ -52,6 +51,6 @@ protected AssumeRoleResponse callClient(StsClient client, AssumeRoleRequest requ @Override protected String providerName() { - return BusinessMetricFeatureId.CREDENTIALS_STS_ASSUME_ROLE.value(); + return "StsAssumeRoleCredentialsProvider"; } } diff --git a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithSamlCredentialsProviderTest.java b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithSamlCredentialsProviderTest.java index 34c503ac37da..fb4729f98f79 100644 --- a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithSamlCredentialsProviderTest.java +++ b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithSamlCredentialsProviderTest.java @@ -15,7 +15,6 @@ package software.amazon.awssdk.services.sts.auth; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.auth.StsAssumeRoleWithSamlCredentialsProvider.Builder; import software.amazon.awssdk.services.sts.model.AssumeRoleWithSamlRequest; @@ -55,6 +54,6 @@ protected AssumeRoleWithSamlResponse callClient(StsClient client, AssumeRoleWith @Override protected String providerName() { - return BusinessMetricFeatureId.CREDENTIALS_STS_ASSUME_ROLE_SAML.value(); + return "StsAssumeRoleWithSamlCredentialsProvider"; } } diff --git a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithWebIdentityCredentialsProviderTest.java b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithWebIdentityCredentialsProviderTest.java index 8f1e1c4808c3..d037597897a2 100644 --- a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithWebIdentityCredentialsProviderTest.java +++ b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithWebIdentityCredentialsProviderTest.java @@ -15,7 +15,6 @@ package software.amazon.awssdk.services.sts.auth; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.auth.StsAssumeRoleWithWebIdentityCredentialsProvider.Builder; import software.amazon.awssdk.services.sts.model.AssumeRoleWithWebIdentityRequest; @@ -54,6 +53,6 @@ protected AssumeRoleWithWebIdentityResponse callClient(StsClient client, AssumeR @Override protected String providerName() { - return BusinessMetricFeatureId.CREDENTIALS_STS_ASSUME_ROLE_WEB_ID.value(); + return "StsAssumeRoleWithWebIdentityCredentialsProvider"; } } diff --git a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsGetFederationTokenCredentialsProviderTest.java b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsGetFederationTokenCredentialsProviderTest.java index b5154f646ff6..bdc50a817aaa 100644 --- a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsGetFederationTokenCredentialsProviderTest.java +++ b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsGetFederationTokenCredentialsProviderTest.java @@ -15,7 +15,6 @@ package software.amazon.awssdk.services.sts.auth; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.auth.StsGetFederationTokenCredentialsProvider.Builder; import software.amazon.awssdk.services.sts.model.AssumedRoleUser; @@ -55,6 +54,6 @@ protected GetFederationTokenResponse callClient(StsClient client, GetFederationT @Override protected String providerName() { - return BusinessMetricFeatureId.CREDENTIALS_STS_FEDERATION_TOKEN.value(); + return "StsGetFederationTokenCredentialsProvider"; } } diff --git a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsGetSessionTokenCredentialsProviderTest.java b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsGetSessionTokenCredentialsProviderTest.java index 1ab263152602..18f9feadf796 100644 --- a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsGetSessionTokenCredentialsProviderTest.java +++ b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsGetSessionTokenCredentialsProviderTest.java @@ -15,7 +15,6 @@ package software.amazon.awssdk.services.sts.auth; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.auth.StsGetSessionTokenCredentialsProvider.Builder; import software.amazon.awssdk.services.sts.model.AssumedRoleUser; @@ -53,6 +52,6 @@ protected GetSessionTokenResponse callClient(StsClient client, GetSessionTokenRe @Override protected String providerName() { - return BusinessMetricFeatureId.CREDENTIALS_STS_SESSION_TOKEN.value(); + return "StsGetSessionTokenCredentialsProvider"; } } diff --git a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenCredentialsProviderBaseTest.java b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenCredentialsProviderBaseTest.java index 7d64f194edde..cb3ca75140bf 100644 --- a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenCredentialsProviderBaseTest.java +++ b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenCredentialsProviderBaseTest.java @@ -25,7 +25,6 @@ import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.BeforeEach; import software.amazon.awssdk.core.SdkSystemSetting; -import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.auth.StsWebIdentityTokenFileCredentialsProvider.Builder; import software.amazon.awssdk.services.sts.model.AssumeRoleWithWebIdentityRequest; @@ -84,8 +83,7 @@ protected AssumeRoleWithWebIdentityResponse callClient(StsClient client, AssumeR @Override protected String providerName() { - return String.format("%s,%s", BusinessMetricFeatureId.CREDENTIALS_STS_ASSUME_ROLE_WEB_ID, - BusinessMetricFeatureId.CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN.value()); + return "StsAssumeRoleWithWebIdentityCredentialsProvider"; } private String getToken(Path file) { diff --git a/test/auth-tests/pom.xml b/test/auth-tests/pom.xml index fc1da8f24f29..d65c94e0516c 100644 --- a/test/auth-tests/pom.xml +++ b/test/auth-tests/pom.xml @@ -65,12 +65,6 @@ ${awsjavasdk.version} test - - software.amazon.awssdk - regions - ${awsjavasdk.version} - test - software.amazon.awssdk ssooidc @@ -147,10 +141,6 @@ log4j-slf4j-impl test - - software.amazon.awssdk - test-utils - diff --git a/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/ContainerCredentialsProviderUserAgentTest.java b/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/ContainerCredentialsProviderUserAgentTest.java deleted file mode 100644 index f64591fefd5b..000000000000 --- a/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/ContainerCredentialsProviderUserAgentTest.java +++ /dev/null @@ -1,204 +0,0 @@ -/* - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"). - * You may not use this file except in compliance with the License. - * A copy of the License is located at - * - * http://aws.amazon.com/apache2.0 - * - * or in the "license" file accompanying this file. This file is distributed - * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the License for the specific language governing - * permissions and limitations under the License. - */ - -package software.amazon.awssdk.auth.source; - -import static com.github.tomakehurst.wiremock.client.WireMock.aResponse; -import static com.github.tomakehurst.wiremock.client.WireMock.get; -import static com.github.tomakehurst.wiremock.client.WireMock.urlPathEqualTo; -import static com.github.tomakehurst.wiremock.core.WireMockConfiguration.wireMockConfig; -import static org.assertj.core.api.Assertions.assertThat; - -import com.github.tomakehurst.wiremock.junit5.WireMockExtension; -import java.time.Duration; -import java.time.Instant; -import java.util.List; -import java.util.stream.Stream; -import org.junit.jupiter.api.AfterAll; -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.extension.RegisterExtension; -import org.junit.jupiter.params.ParameterizedTest; -import org.junit.jupiter.params.provider.Arguments; -import org.junit.jupiter.params.provider.MethodSource; -import software.amazon.awssdk.auth.credentials.ContainerCredentialsProvider; -import software.amazon.awssdk.core.SdkSystemSetting; -import software.amazon.awssdk.http.AbortableInputStream; -import software.amazon.awssdk.http.HttpExecuteResponse; -import software.amazon.awssdk.http.SdkHttpClient; -import software.amazon.awssdk.http.SdkHttpRequest; -import software.amazon.awssdk.http.SdkHttpResponse; -import software.amazon.awssdk.identity.spi.AwsCredentialsIdentity; -import software.amazon.awssdk.identity.spi.IdentityProvider; -import software.amazon.awssdk.services.sts.StsClient; -import software.amazon.awssdk.testutils.service.http.MockSyncHttpClient; -import software.amazon.awssdk.utils.DateUtils; -import software.amazon.awssdk.utils.StringInputStream; - -/** - * Test class to verify that ContainerCredentialsProvider correctly includes - * business metrics in the User-Agent header. This test focuses specifically on the - * CREDENTIALS_HTTP ("z") business metric feature ID. - */ -class ContainerCredentialsProviderUserAgentTest { - private static final String CONTAINER_CREDENTIALS_PATH = "/v2/credentials/test-role-arn"; - private static final String CONTAINER_SERVICE_ENDPOINT = "http://localhost:"; - - private MockSyncHttpClient mockHttpClient; - - @RegisterExtension - static WireMockExtension wireMockServer = WireMockExtension.newInstance() - .options(wireMockConfig().dynamicPort()) - .configureStaticDsl(true) - .build(); - - @BeforeEach - public void setup() { - - System.setProperty(SdkSystemSetting.AWS_CONTAINER_SERVICE_ENDPOINT.property(), - CONTAINER_SERVICE_ENDPOINT + wireMockServer.getPort()); - System.setProperty(SdkSystemSetting.AWS_CONTAINER_CREDENTIALS_RELATIVE_URI.property(), - CONTAINER_CREDENTIALS_PATH); - - mockHttpClient = new MockSyncHttpClient(); - mockHttpClient.stubNextResponse(mockStsResponse()); - - stubContainerCredentialsResponses(); - } - - @AfterAll - public static void teardown() { - System.clearProperty(SdkSystemSetting.AWS_CONTAINER_SERVICE_ENDPOINT.property()); - System.clearProperty(SdkSystemSetting.AWS_CONTAINER_CREDENTIALS_RELATIVE_URI.property()); - System.clearProperty(SdkSystemSetting.AWS_CONTAINER_AUTHORIZATION_TOKEN.property()); - } - - private static HttpExecuteResponse mockStsResponse() { - return HttpExecuteResponse.builder() - .response(SdkHttpResponse.builder().statusCode(200).build()) - .responseBody(AbortableInputStream.create(new StringInputStream(""))) - .build(); - } - - private void stubContainerCredentialsResponses() { - String credentialsResponse = createCredentialsResponse("ACCESS_KEY_ID", "SECRET_ACCESS_KEY", null); - wireMockServer.stubFor(get(urlPathEqualTo(CONTAINER_CREDENTIALS_PATH)) - .willReturn(aResponse().withBody(credentialsResponse))); - } - - private void stubContainerCredentialsResponsesWithSessionToken() { - String credentialsResponse = createCredentialsResponse("ACCESS_KEY_ID", "SECRET_ACCESS_KEY", "SESSION_TOKEN"); - wireMockServer.stubFor(get(urlPathEqualTo(CONTAINER_CREDENTIALS_PATH)) - .willReturn(aResponse().withBody(credentialsResponse))); - } - - private void stubContainerCredentialsResponsesWithAuthToken() { - System.setProperty(SdkSystemSetting.AWS_CONTAINER_AUTHORIZATION_TOKEN.property(), "test-auth-token"); - - String credentialsResponse = createCredentialsResponse("ACCESS_KEY_ID", "SECRET_ACCESS_KEY", null); - wireMockServer.stubFor(get(urlPathEqualTo(CONTAINER_CREDENTIALS_PATH)) - .willReturn(aResponse().withBody(credentialsResponse))); - } - - private String createCredentialsResponse(String accessKeyId, String secretAccessKey, String sessionToken) { - StringBuilder response = new StringBuilder(); - response.append("{"); - response.append("\"AccessKeyId\":\"").append(accessKeyId).append("\","); - response.append("\"SecretAccessKey\":\"").append(secretAccessKey).append("\","); - if (sessionToken != null) { - response.append("\"Token\":\"").append(sessionToken).append("\","); - } - response.append("\"Expiration\":\"").append(DateUtils.formatIso8601Date(Instant.now().plus(Duration.ofHours(1)))).append("\""); - response.append("}"); - return response.toString(); - } - - @ParameterizedTest - @MethodSource("containerCredentialProviders") - void userAgentString_containsContainerBusinessMetric_WhenUsingContainerCredentials( - IdentityProvider provider, String expected) throws Exception { - - stsClient(provider, mockHttpClient).getCallerIdentity(); - - SdkHttpRequest lastRequest = mockHttpClient.getLastRequest(); - assertThat(lastRequest).isNotNull(); - - List userAgentHeaders = lastRequest.headers().get("User-Agent"); - assertThat(userAgentHeaders).isNotNull().hasSize(1); - assertThat(userAgentHeaders.get(0)).contains(expected); - } - - private static Stream containerCredentialProviders() { - return Stream.of( - Arguments.of(ContainerCredentialsProvider.create(), "m/D,z"), - - Arguments.of(ContainerCredentialsProvider.builder() - .endpoint(CONTAINER_SERVICE_ENDPOINT + wireMockServer.getPort()) - .build(), "m/D,z") - ); - } - - @ParameterizedTest - @MethodSource("containerCredentialProvidersWithSessionToken") - void userAgentString_containsContainerBusinessMetric_WhenUsingContainerCredentialsWithSessionToken( - IdentityProvider provider, String expected) throws Exception { - - stubContainerCredentialsResponsesWithSessionToken(); - - stsClient(provider, mockHttpClient).getCallerIdentity(); - - SdkHttpRequest lastRequest = mockHttpClient.getLastRequest(); - assertThat(lastRequest).isNotNull(); - - List userAgentHeaders = lastRequest.headers().get("User-Agent"); - assertThat(userAgentHeaders).isNotNull().hasSize(1); - assertThat(userAgentHeaders.get(0)).contains(expected); - } - - private static Stream containerCredentialProvidersWithSessionToken() { - return Stream.of( - Arguments.of(ContainerCredentialsProvider.create(), "m/D,z") - ); - } - - @ParameterizedTest - @MethodSource("containerCredentialProvidersWithAuthToken") - void userAgentString_containsContainerBusinessMetric_WhenUsingContainerCredentialsWithAuthToken( - IdentityProvider provider, String expected) throws Exception { - - stubContainerCredentialsResponsesWithAuthToken(); - - stsClient(provider, mockHttpClient).getCallerIdentity(); - - SdkHttpRequest lastRequest = mockHttpClient.getLastRequest(); - assertThat(lastRequest).isNotNull(); - - List userAgentHeaders = lastRequest.headers().get("User-Agent"); - assertThat(userAgentHeaders).isNotNull().hasSize(1); - assertThat(userAgentHeaders.get(0)).contains(expected); - } - - private static Stream containerCredentialProvidersWithAuthToken() { - return Stream.of( - Arguments.of(ContainerCredentialsProvider.create(), "m/D,z") - ); - } - - private static StsClient stsClient(IdentityProvider provider, SdkHttpClient httpClient) { - return StsClient.builder() - .credentialsProvider(provider) - .httpClient(httpClient) - .build(); - } -} diff --git a/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/EnvironmentVariableCredentialsProviderUserAgentTest.java b/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/EnvironmentVariableCredentialsProviderUserAgentTest.java deleted file mode 100644 index 8c171a3ed57a..000000000000 --- a/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/EnvironmentVariableCredentialsProviderUserAgentTest.java +++ /dev/null @@ -1,129 +0,0 @@ -/* - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"). - * You may not use this file except in compliance with the License. - * A copy of the License is located at - * - * http://aws.amazon.com/apache2.0 - * - * or in the "license" file accompanying this file. This file is distributed - * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the License for the specific language governing - * permissions and limitations under the License. - */ - -package software.amazon.awssdk.auth.source; - -import static org.assertj.core.api.Assertions.assertThat; - -import java.util.List; -import java.util.stream.Stream; -import org.junit.jupiter.api.AfterAll; -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.params.ParameterizedTest; -import org.junit.jupiter.params.provider.Arguments; -import org.junit.jupiter.params.provider.MethodSource; -import software.amazon.awssdk.auth.credentials.EnvironmentVariableCredentialsProvider; -import software.amazon.awssdk.core.SdkSystemSetting; -import software.amazon.awssdk.http.AbortableInputStream; -import software.amazon.awssdk.http.HttpExecuteResponse; -import software.amazon.awssdk.http.SdkHttpClient; -import software.amazon.awssdk.http.SdkHttpRequest; -import software.amazon.awssdk.http.SdkHttpResponse; -import software.amazon.awssdk.identity.spi.AwsCredentialsIdentity; -import software.amazon.awssdk.identity.spi.IdentityProvider; -import software.amazon.awssdk.services.sts.StsClient; -import software.amazon.awssdk.testutils.service.http.MockSyncHttpClient; -import software.amazon.awssdk.utils.StringInputStream; -import software.amazon.awssdk.testutils.EnvironmentVariableHelper; - -/** - * Test class to verify that EnvironmentVariableCredentialsProvider correctly includes - * business metrics in the User-Agent header. This test focuses specifically on the - * CREDENTIALS_ENV_VARS ("g") business metric feature ID. - */ -class EnvironmentVariableCredentialsProviderUserAgentTest { - - private MockSyncHttpClient mockHttpClient; - private static final EnvironmentVariableHelper ENVIRONMENT_VARIABLE_HELPER = new EnvironmentVariableHelper(); - - @BeforeEach - public void setup() { - - // Configure environment variable credentials - System.setProperty(SdkSystemSetting.AWS_ACCESS_KEY_ID.property(), "test-access-key"); - System.setProperty(SdkSystemSetting.AWS_SECRET_ACCESS_KEY.property(), "test-secret-key"); - ENVIRONMENT_VARIABLE_HELPER.set(SdkSystemSetting.AWS_ACCESS_KEY_ID.environmentVariable(), "akid2"); - ENVIRONMENT_VARIABLE_HELPER.set(SdkSystemSetting.AWS_SECRET_ACCESS_KEY.environmentVariable(), "skid2"); - - mockHttpClient = new MockSyncHttpClient(); - mockHttpClient.stubNextResponse(mockStsResponse()); - } - - @AfterAll - public static void teardown() { - System.clearProperty(SdkSystemSetting.AWS_ACCESS_KEY_ID.property()); - System.clearProperty(SdkSystemSetting.AWS_SECRET_ACCESS_KEY.property()); - System.clearProperty(SdkSystemSetting.AWS_SESSION_TOKEN.property()); - } - - private static HttpExecuteResponse mockStsResponse() { - return HttpExecuteResponse.builder() - .response(SdkHttpResponse.builder().statusCode(200).build()) - .responseBody(AbortableInputStream.create(new StringInputStream(""))) - .build(); - } - - @ParameterizedTest - @MethodSource("environmentVariableCredentialProviders") - void userAgentString_containsEnvironmentVariableBusinessMetric_WhenUsingEnvironmentVariableCredentials( - IdentityProvider provider, String expected) throws Exception { - - stsClient(provider, mockHttpClient).getCallerIdentity(); - - SdkHttpRequest lastRequest = mockHttpClient.getLastRequest(); - assertThat(lastRequest).isNotNull(); - - List userAgentHeaders = lastRequest.headers().get("User-Agent"); - assertThat(userAgentHeaders).isNotNull().hasSize(1); - assertThat(userAgentHeaders.get(0)).contains(expected); - - } - - private static Stream environmentVariableCredentialProviders() { - return Stream.of( - Arguments.of(EnvironmentVariableCredentialsProvider.create(), "m/D,g") - ); - } - - @ParameterizedTest - @MethodSource("environmentVariableCredentialProvidersWithSessionToken") - void userAgentString_containsEnvironmentVariableBusinessMetric_WhenUsingEnvironmentVariableCredentialsWithSessionToken( - IdentityProvider provider, String expected) throws Exception { - - System.setProperty(SdkSystemSetting.AWS_SESSION_TOKEN.property(), "test-session-token"); - - stsClient(provider, mockHttpClient).getCallerIdentity(); - - SdkHttpRequest lastRequest = mockHttpClient.getLastRequest(); - assertThat(lastRequest).isNotNull(); - - List userAgentHeaders = lastRequest.headers().get("User-Agent"); - assertThat(userAgentHeaders).isNotNull().hasSize(1); - assertThat(userAgentHeaders.get(0)).contains(expected); - } - - private static Stream environmentVariableCredentialProvidersWithSessionToken() { - return Stream.of( - Arguments.of(EnvironmentVariableCredentialsProvider.create(), "m/D,g") - ); - } - - private static StsClient stsClient(IdentityProvider provider, SdkHttpClient httpClient) { - return StsClient.builder() - .credentialsProvider(provider) - .httpClient(httpClient) - .build(); - } -} diff --git a/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/ImdsUserAgentProviderTest.java b/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/ImdsUserAgentProviderTest.java deleted file mode 100644 index 07bf771d62c9..000000000000 --- a/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/ImdsUserAgentProviderTest.java +++ /dev/null @@ -1,186 +0,0 @@ -/* - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"). - * You may not use this file except in compliance with the License. - * A copy of the License is located at - * - * http://aws.amazon.com/apache2.0 - * - * or in the "license" file accompanying this file. This file is distributed - * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the License for the specific language governing - * permissions and limitations under the License. - */ - -package software.amazon.awssdk.auth.source; - -import static com.github.tomakehurst.wiremock.client.WireMock.aResponse; -import static com.github.tomakehurst.wiremock.client.WireMock.get; -import static com.github.tomakehurst.wiremock.client.WireMock.put; -import static com.github.tomakehurst.wiremock.client.WireMock.urlPathEqualTo; -import static com.github.tomakehurst.wiremock.core.WireMockConfiguration.wireMockConfig; -import static org.assertj.core.api.Assertions.assertThat; - -import com.github.tomakehurst.wiremock.junit5.WireMockExtension; -import java.time.Duration; -import java.time.Instant; -import java.util.List; -import java.util.stream.Stream; -import org.junit.jupiter.api.AfterAll; -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.extension.RegisterExtension; -import org.junit.jupiter.params.ParameterizedTest; -import org.junit.jupiter.params.provider.Arguments; -import org.junit.jupiter.params.provider.MethodSource; -import software.amazon.awssdk.auth.credentials.InstanceProfileCredentialsProvider; -import software.amazon.awssdk.core.SdkSystemSetting; -import software.amazon.awssdk.http.AbortableInputStream; -import software.amazon.awssdk.http.HttpExecuteResponse; -import software.amazon.awssdk.http.SdkHttpClient; -import software.amazon.awssdk.http.SdkHttpRequest; -import software.amazon.awssdk.http.SdkHttpResponse; -import software.amazon.awssdk.identity.spi.AwsCredentialsIdentity; -import software.amazon.awssdk.identity.spi.IdentityProvider; -import software.amazon.awssdk.services.sts.StsClient; -import software.amazon.awssdk.testutils.service.http.MockSyncHttpClient; -import software.amazon.awssdk.utils.DateUtils; -import software.amazon.awssdk.utils.StringInputStream; - -/** - * Test class to verify that InstanceProfileCredentialsProvider (IMDS) correctly includes - * business metrics in the User-Agent header. - */ -class ImdsUserAgentProviderTest { - private static final String TOKEN_RESOURCE_PATH = "/latest/api/token"; - private static final String CREDENTIALS_RESOURCE_PATH = "/latest/meta-data/iam/security-credentials/"; - private static final String TEST_ROLE_NAME = "test-role"; - private static final String TOKEN_STUB = "test-token"; - - private MockSyncHttpClient mockHttpClient; - - @RegisterExtension - static WireMockExtension wireMockServer = WireMockExtension.newInstance() - .options(wireMockConfig().dynamicPort()) - .configureStaticDsl(true) - .build(); - - @BeforeEach - public void setup() { - - System.setProperty(SdkSystemSetting.AWS_EC2_METADATA_SERVICE_ENDPOINT.property(), - "http://localhost:" + wireMockServer.getPort()); - - mockHttpClient = new MockSyncHttpClient(); - mockHttpClient.stubNextResponse(mockStsResponse()); - - stubImdsResponses(); - } - - @AfterAll - public static void teardown() { - System.clearProperty(SdkSystemSetting.AWS_EC2_METADATA_SERVICE_ENDPOINT.property()); - } - - private static HttpExecuteResponse mockStsResponse() { - return HttpExecuteResponse.builder() - .response(SdkHttpResponse.builder().statusCode(200).build()) - .responseBody(AbortableInputStream.create(new StringInputStream(""))) - .build(); - } - - private void stubImdsResponses() { - wireMockServer.stubFor(put(urlPathEqualTo(TOKEN_RESOURCE_PATH)) - .willReturn(aResponse().withBody(TOKEN_STUB))); - - wireMockServer.stubFor(get(urlPathEqualTo(CREDENTIALS_RESOURCE_PATH)) - .willReturn(aResponse().withBody(TEST_ROLE_NAME))); - - String credentialsResponse = createCredentialsResponse("ACCESS_KEY_ID", "SECRET_ACCESS_KEY", - null); - wireMockServer.stubFor(get(urlPathEqualTo(CREDENTIALS_RESOURCE_PATH + TEST_ROLE_NAME)) - .willReturn(aResponse().withBody(credentialsResponse))); - } - - private void stubImdsResponsesWithSessionToken() { - wireMockServer.stubFor(put(urlPathEqualTo(TOKEN_RESOURCE_PATH)) - .willReturn(aResponse().withBody(TOKEN_STUB))); - - wireMockServer.stubFor(get(urlPathEqualTo(CREDENTIALS_RESOURCE_PATH)) - .willReturn(aResponse().withBody(TEST_ROLE_NAME))); - - String credentialsResponse = createCredentialsResponse("ACCESS_KEY_ID", "SECRET_ACCESS_KEY", - "SESSION_TOKEN"); - wireMockServer.stubFor(get(urlPathEqualTo(CREDENTIALS_RESOURCE_PATH + TEST_ROLE_NAME)) - .willReturn(aResponse().withBody(credentialsResponse))); - } - - private String createCredentialsResponse(String accessKeyId, String secretAccessKey, String sessionToken) { - StringBuilder response = new StringBuilder(); - response.append("{"); - response.append("\"AccessKeyId\":\"").append(accessKeyId).append("\","); - response.append("\"SecretAccessKey\":\"").append(secretAccessKey).append("\","); - if (sessionToken != null) { - response.append("\"Token\":\"").append(sessionToken).append("\","); - } - response.append("\"Expiration\":\"").append(DateUtils.formatIso8601Date(Instant.now().plus(Duration.ofHours(1)))) - .append("\""); - response.append("}"); - return response.toString(); - } - - @ParameterizedTest - @MethodSource("imdsCredentialProviders") - void userAgentString_containsImdsBusinessMetric_WhenUsingInstanceProfileCredentials( - IdentityProvider provider, String expected) throws Exception { - - stsClient(provider, mockHttpClient).getCallerIdentity(); - - SdkHttpRequest lastRequest = mockHttpClient.getLastRequest(); - assertThat(lastRequest).isNotNull(); - - List userAgentHeaders = lastRequest.headers().get("User-Agent"); - assertThat(userAgentHeaders).isNotNull().hasSize(1); - assertThat(userAgentHeaders.get(0)).contains(expected); - } - - private static Stream imdsCredentialProviders() { - return Stream.of( - Arguments.of(InstanceProfileCredentialsProvider.create(), "m/D,0"), - - Arguments.of(InstanceProfileCredentialsProvider.builder() - .endpoint("http://localhost:" + wireMockServer.getPort()) - .build(), "m/D,0") - ); - } - - @ParameterizedTest - @MethodSource("imdsCredentialProvidersWithSessionToken") - void userAgentString_containsImdsBusinessMetric_WhenUsingInstanceProfileCredentialsWithSessionToken( - IdentityProvider provider, String expected) throws Exception { - - stubImdsResponsesWithSessionToken(); - - stsClient(provider, mockHttpClient).getCallerIdentity(); - - SdkHttpRequest lastRequest = mockHttpClient.getLastRequest(); - assertThat(lastRequest).isNotNull(); - - List userAgentHeaders = lastRequest.headers().get("User-Agent"); - assertThat(userAgentHeaders).isNotNull().hasSize(1); - assertThat(userAgentHeaders.get(0)).contains(expected); - } - - private static Stream imdsCredentialProvidersWithSessionToken() { - return Stream.of( - Arguments.of(InstanceProfileCredentialsProvider.create(), "m/D,0") - ); - } - - private static StsClient stsClient(IdentityProvider provider, SdkHttpClient httpClient) { - return StsClient.builder() - .credentialsProvider(provider) - .httpClient(httpClient) - .build(); - } -} diff --git a/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/ProcessCredentialsProviderUserAgentTest.java b/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/ProcessCredentialsProviderUserAgentTest.java deleted file mode 100644 index 0731a48b071f..000000000000 --- a/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/ProcessCredentialsProviderUserAgentTest.java +++ /dev/null @@ -1,157 +0,0 @@ -/* - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"). - * You may not use this file except in compliance with the License. - * A copy of the License is located at - * - * http://aws.amazon.com/apache2.0 - * - * or in the "license" file accompanying this file. This file is distributed - * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the License for the specific language governing - * permissions and limitations under the License. - */ - -package software.amazon.awssdk.auth.source; - -import static org.assertj.core.api.Assertions.assertThat; - -import java.time.Instant; -import java.time.temporal.ChronoUnit; -import java.util.Arrays; -import java.util.List; -import java.util.stream.Stream; -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.params.ParameterizedTest; -import org.junit.jupiter.params.provider.Arguments; -import org.junit.jupiter.params.provider.MethodSource; -import software.amazon.awssdk.auth.credentials.ProcessCredentialsProvider; -import software.amazon.awssdk.http.AbortableInputStream; -import software.amazon.awssdk.http.HttpExecuteResponse; -import software.amazon.awssdk.http.SdkHttpClient; -import software.amazon.awssdk.http.SdkHttpRequest; -import software.amazon.awssdk.http.SdkHttpResponse; -import software.amazon.awssdk.identity.spi.AwsCredentialsIdentity; -import software.amazon.awssdk.identity.spi.IdentityProvider; -import software.amazon.awssdk.services.sts.StsClient; -import software.amazon.awssdk.testutils.service.http.MockSyncHttpClient; -import software.amazon.awssdk.utils.DateUtils; -import software.amazon.awssdk.utils.StringInputStream; - -/** - * Test class to verify that ProcessCredentialsProvider correctly includes - * business metrics in the User-Agent header. This test focuses specifically on the - * CREDENTIALS_PROCESS ("w") business metric feature ID. - */ -class ProcessCredentialsProviderUserAgentTest { - - private MockSyncHttpClient mockHttpClient; - - @BeforeEach - public void setup() { - mockHttpClient = new MockSyncHttpClient(); - mockHttpClient.stubNextResponse(mockStsResponse()); - } - - private static HttpExecuteResponse mockStsResponse() { - return HttpExecuteResponse.builder() - .response(SdkHttpResponse.builder().statusCode(200).build()) - .responseBody(AbortableInputStream.create(new StringInputStream(""))) - .build(); - } - - @ParameterizedTest - @MethodSource("processCredentialProviders") - void userAgentString_containsProcessBusinessMetric_WhenUsingProcessCredentials( - IdentityProvider provider, String expected) throws Exception { - - stsClient(provider, mockHttpClient).getCallerIdentity(); - - SdkHttpRequest lastRequest = mockHttpClient.getLastRequest(); - assertThat(lastRequest).isNotNull(); - - List userAgentHeaders = lastRequest.headers().get("User-Agent"); - assertThat(userAgentHeaders).isNotNull().hasSize(1); - assertThat(userAgentHeaders.get(0)).contains(expected); - } - - private static Stream processCredentialProviders() { - String mockCommand = createMockCredentialsCommand(false); - List mockCommandList = createMockCredentialsCommandList(false); - - return Stream.of( - Arguments.of(ProcessCredentialsProvider.builder() - .command(mockCommand) - .build(), "m/D,w"), - - Arguments.of(ProcessCredentialsProvider.builder() - .command(mockCommandList) - .build(), "m/D,w") - ); - } - - @ParameterizedTest - @MethodSource("processCredentialProvidersWithSessionToken") - void userAgentString_containsProcessBusinessMetric_WhenUsingProcessCredentialsWithSessionToken( - IdentityProvider provider, String expected) throws Exception { - - stsClient(provider, mockHttpClient).getCallerIdentity(); - - SdkHttpRequest lastRequest = mockHttpClient.getLastRequest(); - assertThat(lastRequest).isNotNull(); - - List userAgentHeaders = lastRequest.headers().get("User-Agent"); - assertThat(userAgentHeaders).isNotNull().hasSize(1); - assertThat(userAgentHeaders.get(0)).contains(expected); - } - - private static Stream processCredentialProvidersWithSessionToken() { - String mockCommand = createMockCredentialsCommand(true); - - return Stream.of( - Arguments.of(ProcessCredentialsProvider.builder() - .command(mockCommand) - .build(), "m/D,w") - ); - } - - private static String createMockCredentialsCommand(boolean includeSessionToken) { - String credentialsJson = createCredentialsJson(includeSessionToken); - - return "echo '" + credentialsJson + "'"; - } - - private static List createMockCredentialsCommandList(boolean includeSessionToken) { - String credentialsJson = createCredentialsJson(includeSessionToken); - - // Use echo command as a list - return Arrays.asList("echo", credentialsJson); - } - - private static String createCredentialsJson(boolean includeSessionToken) { - StringBuilder json = new StringBuilder(); - json.append("{"); - json.append("\"Version\": 1,"); - json.append("\"AccessKeyId\": \"test-access-key\","); - json.append("\"SecretAccessKey\": \"test-secret-key\""); - - if (includeSessionToken) { - json.append(",\"SessionToken\": \"test-session-token\""); - } - - // Add expiration time (1 hour from now) - String expiration = DateUtils.formatIso8601Date(Instant.now().plus(1, ChronoUnit.HOURS)); - json.append(",\"Expiration\": \"").append(expiration).append("\""); - - json.append("}"); - return json.toString(); - } - - private static StsClient stsClient(IdentityProvider provider, SdkHttpClient httpClient) { - return StsClient.builder() - .credentialsProvider(provider) - .httpClient(httpClient) - .build(); - } -} diff --git a/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/ProfileCredentialProviderUserAgentTest.java b/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/ProfileCredentialProviderUserAgentTest.java deleted file mode 100644 index 1bf7a1ecd3b7..000000000000 --- a/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/ProfileCredentialProviderUserAgentTest.java +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"). - * You may not use this file except in compliance with the License. - * A copy of the License is located at - * - * http://aws.amazon.com/apache2.0 - * - * or in the "license" file accompanying this file. This file is distributed - * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the License for the specific language governing - * permissions and limitations under the License. - */ - -package software.amazon.awssdk.auth.source; - -import static org.assertj.core.api.Assertions.assertThat; - -import java.io.IOException; -import java.nio.file.Files; -import java.nio.file.Path; -import java.util.List; -import org.junit.jupiter.api.AfterEach; -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.Test; -import software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider; -import software.amazon.awssdk.http.AbortableInputStream; -import software.amazon.awssdk.http.HttpExecuteResponse; -import software.amazon.awssdk.http.SdkHttpRequest; -import software.amazon.awssdk.http.SdkHttpResponse; -import software.amazon.awssdk.profiles.ProfileFile; -import software.amazon.awssdk.services.sts.StsClient; -import software.amazon.awssdk.testutils.service.http.MockSyncHttpClient; -import software.amazon.awssdk.utils.StringInputStream; - -/** - * Test class to verify Profile credentials provider business metrics. - */ -class ProfileCredentialProviderUserAgentTest { - - private MockSyncHttpClient mockHttpClient; - private Path tempConfigFile; - - @BeforeEach - public void setup() { - mockHttpClient = new MockSyncHttpClient(); - mockHttpClient.stubNextResponse(mockStsResponse()); - } - - @AfterEach - public void teardown() throws IOException { - if (tempConfigFile != null && Files.exists(tempConfigFile)) { - Files.delete(tempConfigFile); - } - } - - private static HttpExecuteResponse mockStsResponse() { - return HttpExecuteResponse.builder() - .response(SdkHttpResponse.builder().statusCode(200).build()) - .responseBody(AbortableInputStream.create(new StringInputStream(""))) - .build(); - } - - // Basic profile credentials - Expected Feature ID: "n" - @Test - void basicProfileCredentials_containsFeatureIdN() throws Exception { - String configContent = - "[profile A]\n" + - "aws_access_key_id = abc123\n" + - "aws_secret_access_key = def456\n"; - - tempConfigFile = Files.createTempFile("aws-config-basic-", ".tmp"); - Files.write(tempConfigFile, configContent.getBytes()); - - ProfileFile profileFile = ProfileFile.builder() - .content(tempConfigFile) - .type(ProfileFile.Type.CONFIGURATION) - .build(); - - ProfileCredentialsProvider credentialsProvider = ProfileCredentialsProvider.builder() - .profileFile(profileFile) - .profileName("A") - .build(); - - StsClient stsClient = StsClient.builder() - .credentialsProvider(credentialsProvider) - .httpClient(mockHttpClient) - .build(); - - stsClient.getCallerIdentity(); - - assertThat(mockHttpClient.getRequests()).hasSize(1); - - SdkHttpRequest lastRequest = mockHttpClient.getLastRequest(); - assertThat(lastRequest).isNotNull(); - - List userAgentHeaders = lastRequest.headers().get("User-Agent"); - assertThat(userAgentHeaders).isNotNull().hasSize(1); - String userAgent = userAgentHeaders.get(0); - - assertThat(userAgent).contains("m/D,n"); - - credentialsProvider.close(); - stsClient.close(); - } - - //Profile with credential_process - Expected Feature IDs: "v,w" - @Test - void profileWithCredentialProcess_containsFeatureIdVW() throws Exception { - String configContent = - "[profile A]\n" + - "credential_process = echo '{\"Version\": 1, \"AccessKeyId\": \"abc123\", \"SecretAccessKey\": \"def456\"}'\n"; - - tempConfigFile = Files.createTempFile("aws-config-process-", ".tmp"); - Files.write(tempConfigFile, configContent.getBytes()); - - ProfileFile profileFile = ProfileFile.builder() - .content(tempConfigFile) - .type(ProfileFile.Type.CONFIGURATION) - .build(); - - ProfileCredentialsProvider credentialsProvider = ProfileCredentialsProvider.builder() - .profileFile(profileFile) - .profileName("A") - .build(); - - StsClient stsClient = StsClient.builder() - .credentialsProvider(credentialsProvider) - .httpClient(mockHttpClient) - .build(); - - stsClient.getCallerIdentity(); - - assertThat(mockHttpClient.getRequests()).hasSize(1); - - SdkHttpRequest lastRequest = mockHttpClient.getLastRequest(); - assertThat(lastRequest).isNotNull(); - - List userAgentHeaders = lastRequest.headers().get("User-Agent"); - assertThat(userAgentHeaders).isNotNull().hasSize(1); - String userAgent = userAgentHeaders.get(0); - - assertThat(userAgent).contains("m/D,v,w"); - - credentialsProvider.close(); - stsClient.close(); - } - -} diff --git a/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/SystemPropertyCredentialsProviderUserAgentTest.java b/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/SystemPropertyCredentialsProviderUserAgentTest.java deleted file mode 100644 index de57169198fb..000000000000 --- a/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/SystemPropertyCredentialsProviderUserAgentTest.java +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"). - * You may not use this file except in compliance with the License. - * A copy of the License is located at - * - * http://aws.amazon.com/apache2.0 - * - * or in the "license" file accompanying this file. This file is distributed - * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the License for the specific language governing - * permissions and limitations under the License. - */ - -package software.amazon.awssdk.auth.source; - -import static org.assertj.core.api.Assertions.assertThat; - -import java.util.List; -import java.util.stream.Stream; -import org.junit.jupiter.api.AfterAll; -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.params.ParameterizedTest; -import org.junit.jupiter.params.provider.Arguments; -import org.junit.jupiter.params.provider.MethodSource; -import software.amazon.awssdk.auth.credentials.SystemPropertyCredentialsProvider; -import software.amazon.awssdk.http.AbortableInputStream; -import software.amazon.awssdk.http.HttpExecuteResponse; -import software.amazon.awssdk.http.SdkHttpClient; -import software.amazon.awssdk.http.SdkHttpRequest; -import software.amazon.awssdk.http.SdkHttpResponse; -import software.amazon.awssdk.identity.spi.AwsCredentialsIdentity; -import software.amazon.awssdk.identity.spi.IdentityProvider; -import software.amazon.awssdk.services.sts.StsClient; -import software.amazon.awssdk.testutils.service.http.MockSyncHttpClient; -import software.amazon.awssdk.utils.StringInputStream; - -/** - * Test class to verify that SystemPropertyCredentialsProvider correctly includes - * business metrics in the User-Agent header. This test focuses specifically on the - * CREDENTIALS_JVM_SYSTEM_PROPERTIES ("f") business metric feature ID. - */ -class SystemPropertyCredentialsProviderUserAgentTest { - - private MockSyncHttpClient mockHttpClient; - - @BeforeEach - public void setup() { - - System.setProperty("aws.accessKeyId", "test-access-key"); - System.setProperty("aws.secretAccessKey", "test-secret-key"); - - // Setup mock HTTP client for STS calls - mockHttpClient = new MockSyncHttpClient(); - mockHttpClient.stubNextResponse(mockStsResponse()); - } - - @AfterAll - public static void teardown() { - System.clearProperty("aws.accessKeyId"); - System.clearProperty("aws.secretAccessKey"); - System.clearProperty("aws.sessionToken"); - } - - private static HttpExecuteResponse mockStsResponse() { - return HttpExecuteResponse.builder() - .response(SdkHttpResponse.builder().statusCode(200).build()) - .responseBody(AbortableInputStream.create(new StringInputStream(""))) - .build(); - } - - @ParameterizedTest - @MethodSource("systemPropertyCredentialProviders") - void userAgentString_containsSystemPropertyBusinessMetric_WhenUsingSystemPropertyCredentials( - IdentityProvider provider, String expected) throws Exception { - - stsClient(provider, mockHttpClient).getCallerIdentity(); - - SdkHttpRequest lastRequest = mockHttpClient.getLastRequest(); - assertThat(lastRequest).isNotNull(); - - List userAgentHeaders = lastRequest.headers().get("User-Agent"); - assertThat(userAgentHeaders).isNotNull().hasSize(1); - assertThat(userAgentHeaders.get(0)).contains(expected); - } - - private static Stream systemPropertyCredentialProviders() { - return Stream.of( - Arguments.of(SystemPropertyCredentialsProvider.create(), "m/D,f") - ); - } - - @ParameterizedTest - @MethodSource("systemPropertyCredentialProvidersWithSessionToken") - void userAgentString_containsSystemPropertyBusinessMetric_WhenUsingSystemPropertyCredentialsWithSessionToken( - IdentityProvider provider, String expected) throws Exception { - - System.setProperty("aws.sessionToken", "test-session-token"); - - stsClient(provider, mockHttpClient).getCallerIdentity(); - - SdkHttpRequest lastRequest = mockHttpClient.getLastRequest(); - assertThat(lastRequest).isNotNull(); - - List userAgentHeaders = lastRequest.headers().get("User-Agent"); - assertThat(userAgentHeaders).isNotNull().hasSize(1); - assertThat(userAgentHeaders.get(0)).contains(expected); - } - - private static Stream systemPropertyCredentialProvidersWithSessionToken() { - return Stream.of( - Arguments.of(SystemPropertyCredentialsProvider.create(), "m/D,f") - ); - } - - private static StsClient stsClient(IdentityProvider provider, SdkHttpClient httpClient) { - return StsClient.builder() - .credentialsProvider(provider) - .httpClient(httpClient) - .build(); - } -} diff --git a/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/UserAgentProviderTest.java b/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/UserAgentProviderTest.java index 4ee93a9afd32..ffe82176afff 100644 --- a/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/UserAgentProviderTest.java +++ b/test/auth-tests/src/it/java/software/amazon/awssdk/auth/source/UserAgentProviderTest.java @@ -46,7 +46,7 @@ class UserAgentProviderTest { private MockSyncHttpClient mockHttpClient; @BeforeEach - public void setup() { + public void setup() throws UnsupportedEncodingException { mockHttpClient = new MockSyncHttpClient(); mockHttpClient.stubNextResponse(mockResponse()); } @@ -74,8 +74,8 @@ void userAgentString_containsCredentialProviderNames_IfPresent(IdentityProvider< private static Stream credentialProviders() { return Stream.of( - Arguments.of(StaticCredentialsProvider.create(SESSION_IDENTITY), "m/D,e"), - Arguments.of(StaticCredentialsProvider.create(BASIC_IDENTITY), "m/D,e") + Arguments.of(StaticCredentialsProvider.create(SESSION_IDENTITY), "stat"), + Arguments.of(StaticCredentialsProvider.create(BASIC_IDENTITY), "stat") ); } diff --git a/test/auth-tests/src/it/java/software/amazon/awssdk/auth/sts/StsCredentialsProviderUserAgentTest.java b/test/auth-tests/src/it/java/software/amazon/awssdk/auth/sts/StsCredentialsProviderUserAgentTest.java deleted file mode 100644 index 57c3d7aa1294..000000000000 --- a/test/auth-tests/src/it/java/software/amazon/awssdk/auth/sts/StsCredentialsProviderUserAgentTest.java +++ /dev/null @@ -1,245 +0,0 @@ -/* - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"). - * You may not use this file except in compliance with the License. - * A copy of the License is located at - * - * http://aws.amazon.com/apache2.0 - * - * or in the "license" file accompanying this file. This file is distributed - * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the License for the specific language governing - * permissions and limitations under the License. - */ - -package software.amazon.awssdk.auth.sts; - -import static org.assertj.core.api.Assertions.assertThat; - -import java.nio.file.Files; -import java.nio.file.Path; -import java.util.List; -import java.util.stream.Stream; -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.params.ParameterizedTest; -import org.junit.jupiter.params.provider.Arguments; -import org.junit.jupiter.params.provider.MethodSource; -import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider; -import software.amazon.awssdk.auth.credentials.AwsBasicCredentials; -import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider; -import software.amazon.awssdk.http.AbortableInputStream; -import software.amazon.awssdk.http.HttpExecuteResponse; -import software.amazon.awssdk.http.SdkHttpRequest; -import software.amazon.awssdk.http.SdkHttpResponse; -import software.amazon.awssdk.services.sts.StsClient; -import software.amazon.awssdk.services.sts.auth.StsAssumeRoleCredentialsProvider; -import software.amazon.awssdk.services.sts.auth.StsAssumeRoleWithSamlCredentialsProvider; -import software.amazon.awssdk.services.sts.auth.StsAssumeRoleWithWebIdentityCredentialsProvider; -import software.amazon.awssdk.services.sts.auth.StsGetFederationTokenCredentialsProvider; -import software.amazon.awssdk.services.sts.auth.StsGetSessionTokenCredentialsProvider; -import software.amazon.awssdk.services.sts.auth.StsWebIdentityTokenFileCredentialsProvider; -import software.amazon.awssdk.core.SdkSystemSetting; -import software.amazon.awssdk.testutils.service.http.MockSyncHttpClient; -import software.amazon.awssdk.utils.StringInputStream; - -/** - * Tests STS credentials provider business metrics emission in User-Agent headers. - * - * Tests the following business metrics: - * - CREDENTIALS_STS_ASSUME_ROLE("i") - StsAssumeRoleCredentialsProvider - * - CREDENTIALS_STS_ASSUME_ROLE_SAML("j") - StsAssumeRoleWithSamlCredentialsProvider - * - CREDENTIALS_STS_ASSUME_ROLE_WEB_ID("k") - StsAssumeRoleWithWebIdentityCredentialsProvider - * - CREDENTIALS_STS_FEDERATION_TOKEN("l") - StsGetFederationTokenCredentialsProvider - * - CREDENTIALS_STS_SESSION_TOKEN("m") - StsGetSessionTokenCredentialsProvider - * - CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN("h") - WebIdentityTokenFileCredentialsProvider - */ -class StsCredentialsProviderUserAgentTest { - - private MockSyncHttpClient mockHttpClient; - - @BeforeEach - public void setup() { - mockHttpClient = new MockSyncHttpClient(); - mockHttpClient.stubNextResponse(mockStsResponse()); - } - - @ParameterizedTest - @MethodSource("stsCredentialsProviders") - void stsCredentialsProvider_emitsCorrectBusinessMetrics(AwsCredentialsProvider provider, - String expected, - String providerName) throws Exception { - StsClient stsClient = StsClient.builder() - .credentialsProvider(provider) - .httpClient(mockHttpClient) - .build(); - - stsClient.getCallerIdentity(); - - SdkHttpRequest lastRequest = mockHttpClient.getLastRequest(); - assertThat(lastRequest).isNotNull(); - - List userAgentHeaders = lastRequest.headers().get("User-Agent"); - assertThat(userAgentHeaders).isNotNull().hasSize(1); - assertThat(userAgentHeaders.get(0)).contains(expected); - - stsClient.close(); - } - - private static Stream stsCredentialsProviders() throws Exception { - return Stream.of( - Arguments.of(createAssumeRoleProvider(), "m/D,i", "StsAssumeRoleCredentialsProvider"), - Arguments.of(createAssumeRoleWithSamlProvider(), "m/D,j", "StsAssumeRoleWithSamlCredentialsProvider"), - Arguments.of(createAssumeRoleWithWebIdentityProvider(), "m/D,k", "StsAssumeRoleWithWebIdentityCredentialsProvider"), - Arguments.of(createFederationTokenProvider(), "m/D,l", "StsGetFederationTokenCredentialsProvider"), - Arguments.of(createSessionTokenProvider(), "m/D,m", "StsGetSessionTokenCredentialsProvider"), - Arguments.of(createWebIdentityTokenFileProvider(), "m/D,k,h", "StsWebIdentityTokenFileCredentialsProvider") - ); - } - - private static AwsCredentialsProvider createAssumeRoleProvider() { - MockSyncHttpClient mockHttpClient = new MockSyncHttpClient(); - mockHttpClient.stubNextResponse(createStsResponse("AssumeRole")); - - AwsBasicCredentials staticCredentials = AwsBasicCredentials.create("AKIATEST", "test-secret"); - - StsClient stsClient = StsClient.builder() - .httpClient(mockHttpClient) - .credentialsProvider(StaticCredentialsProvider.create(staticCredentials)) - .build(); - - return StsAssumeRoleCredentialsProvider.builder() - .stsClient(stsClient) - .refreshRequest(r -> r.roleArn("arn:aws:iam::123456789012:role/TestRole") - .roleSessionName("test-session")) - .build(); - } - - private static AwsCredentialsProvider createAssumeRoleWithSamlProvider() { - MockSyncHttpClient mockHttpClient = new MockSyncHttpClient(); - mockHttpClient.stubNextResponse(createStsResponse("AssumeRoleWithSAML")); - - StsClient stsClient = StsClient.builder() - .httpClient(mockHttpClient) - .build(); - - String samlAssertion = "PHNhbWw6QXNzZXJ0aW9uPjwvc2FtbDpBc3NlcnRpb24+"; - - return StsAssumeRoleWithSamlCredentialsProvider.builder() - .stsClient(stsClient) - .refreshRequest(r -> r.roleArn("arn:aws:iam::123456789012:role/TestRole") - .principalArn("arn:aws:iam::123456789012:saml-provider/TestProvider") - .samlAssertion(samlAssertion)) - .build(); - } - - private static AwsCredentialsProvider createAssumeRoleWithWebIdentityProvider() { - MockSyncHttpClient mockHttpClient = new MockSyncHttpClient(); - mockHttpClient.stubNextResponse(createStsResponse("AssumeRoleWithWebIdentity")); - - StsClient stsClient = StsClient.builder() - .httpClient(mockHttpClient) - .region(software.amazon.awssdk.regions.Region.US_EAST_1) - .build(); - - String webIdentityToken = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"; - - return StsAssumeRoleWithWebIdentityCredentialsProvider.builder() - .stsClient(stsClient) - .refreshRequest(r -> r.roleArn("arn:aws:iam::123456789012:role/TestRole") - .webIdentityToken(webIdentityToken) - .roleSessionName("test-session")) - .build(); - } - - private static AwsCredentialsProvider createFederationTokenProvider() { - MockSyncHttpClient mockHttpClient = new MockSyncHttpClient(); - mockHttpClient.stubNextResponse(createStsResponse("GetFederationToken")); - - AwsBasicCredentials staticCredentials = AwsBasicCredentials.create("AKIATEST", "test-secret"); - - StsClient stsClient = StsClient.builder() - .httpClient(mockHttpClient) - .credentialsProvider(StaticCredentialsProvider.create(staticCredentials)) - .build(); - - return StsGetFederationTokenCredentialsProvider.builder() - .stsClient(stsClient) - .refreshRequest(r -> r.name("test-user")) - .build(); - } - - private static AwsCredentialsProvider createSessionTokenProvider() { - MockSyncHttpClient mockHttpClient = new MockSyncHttpClient(); - mockHttpClient.stubNextResponse(createStsResponse("GetSessionToken")); - - AwsBasicCredentials staticCredentials = AwsBasicCredentials.create("AKIATEST", "test-secret"); - - StsClient stsClient = StsClient.builder() - .httpClient(mockHttpClient) - .credentialsProvider(StaticCredentialsProvider.create(staticCredentials)) - .build(); - - return StsGetSessionTokenCredentialsProvider.builder() - .stsClient(stsClient) - .build(); - } - - private static AwsCredentialsProvider createWebIdentityTokenFileProvider() throws Exception { - // Create temporary token file - Path tempTokenFile = Files.createTempFile("test-token", ".jwt"); - Files.write(tempTokenFile, "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c".getBytes()); - - System.setProperty(SdkSystemSetting.AWS_ROLE_ARN.property(), "arn:aws:iam::123456789012:role/TestRole"); - System.setProperty(SdkSystemSetting.AWS_WEB_IDENTITY_TOKEN_FILE.property(), tempTokenFile.toString()); - System.setProperty(SdkSystemSetting.AWS_ROLE_SESSION_NAME.property(), "test-session"); - - MockSyncHttpClient mockHttpClient = new MockSyncHttpClient(); - mockHttpClient.stubNextResponse(createStsResponse("AssumeRoleWithWebIdentity")); - - StsClient stsClient = StsClient.builder() - .httpClient(mockHttpClient) - .build(); - - return StsWebIdentityTokenFileCredentialsProvider.builder() - .stsClient(stsClient) - .build(); - } - - private static HttpExecuteResponse mockStsResponse() { - String getCallerIdentityResponseBody = "\n" + - " \n" + - " arn:aws:sts::123456789012:assumed-role/TestRole/test-session\n" + - " AROATEST:test-session\n" + - " 123456789012\n" + - " \n" + - ""; - - return HttpExecuteResponse.builder() - .response(SdkHttpResponse.builder().statusCode(200).build()) - .responseBody(AbortableInputStream.create(new StringInputStream(getCallerIdentityResponseBody))) - .build(); - } - - private static HttpExecuteResponse createStsResponse(String operation) { - String responseBody = "\n" - + " \n" - + " \n" - + " AKIATEST\n" - + " test-secret\n" - + " test-session-token\n" - + " 2099-12-31T23:59:59Z\n" - + " \n" - + " \n" - + " arn:aws:sts::123456789012:assumed-role/TestRole/test-session\n" - + " AROATEST:test-session\n" - + " \n" - + " \n" - + ""; - - return HttpExecuteResponse.builder() - .response(SdkHttpResponse.builder().statusCode(200).build()) - .responseBody(AbortableInputStream.create(new StringInputStream(responseBody))) - .build(); - } -}