Implement `SsoTokenProvider` (#2917) (068ad039) · Commits · Public Repositories / Smithy Rust

.github/workflows/ci-tls.yml

+1 −1

Original line number	Diff line number	Diff line
		@@ -59,7 +59,7 @@ jobs:
		run: ../smithy-rs/tools/ci-scripts/configure-tls/configure-badssl
		- name: Build SDK
		working-directory: smithy-rs
		run: ./gradlew :aws:sdk:assemble -Paws.services=+sts,+sso
		run: ./gradlew :aws:sdk:assemble -Paws.services=+sts,+sso,+ssooidc
		- name: Build trytls
		shell: bash
		working-directory: trytls

.github/workflows/pull-request-bot.yml

+1 −1

Original line number	Diff line number	Diff line
		@@ -106,7 +106,7 @@ jobs:
		# included since aws-config depends on them. Transcribe Streaming and DynamoDB (paginators/waiters) were chosen
		# below to stay small while still representing most features. Combined, they are about ~20MB at time of writing.
		run: \|
		./gradlew -Paws.services=+sts,+sso,+transcribestreaming,+dynamodb :aws:sdk:assemble
		./gradlew -Paws.services=+sts,+sso,+ssooidc,+transcribestreaming,+dynamodb :aws:sdk:assemble

		# Copy the Server runtime crate(s) in
		cp -r rust-runtime/aws-smithy-http-server rust-runtime/aws-smithy-http-server-python rust-runtime/aws-smithy-http-server-typescript aws/sdk/build/aws-sdk/sdk

CHANGELOG.next.toml

+18 −0

Original line number	Diff line number	Diff line
		@@ -11,6 +11,18 @@
		# meta = { "breaking" = false, "tada" = false, "bug" = false, "target" = "client \| server \| all"}
		# author = "rcoh"

		[[aws-sdk-rust]]
		message = "(Behavior Break!) The SSO credentials provider is no longer enabled by default in `aws-config`, and so SSO profile config will no longer work out of box. The `credentials-sso` feature in `aws-config` was removed from the default features, and renamed to `sso`. If you need credentials from SSO, then enable the `sso` feature in `aws-config`."
		references = ["smithy-rs#2917"]
		meta = { "breaking" = true, "tada" = false, "bug" = false }
		author = "jdisanti"

		[[aws-sdk-rust]]
		message = "The `SsoCredentialsProvider` now supports token refresh and is compatible with the token cache file paths the latest AWS CLI uses."
		references = ["smithy-rs#2917", "aws-sdk-rust#703", "aws-sdk-rust#699"]
		meta = { "breaking" = false, "tada" = true, "bug" = false }
		author = "jdisanti"

		[[smithy-rs]]
		message = "HTTP connector configuration has changed significantly. See the [upgrade guidance](https://github.com/awslabs/smithy-rs/discussions/3022) for details."
		references = ["smithy-rs#3011"]
		@@ -390,3 +402,9 @@ message = "[`PresignedRequest`](https://docs.rs/aws-sdk-s3/latest/aws_sdk_s3/pre
		references = ["smithy-rs#3059"]
		meta = { "breaking" = true, "tada" = false, "bug" = false }
		author = "rcoh"

		[[smithy-rs]]
		message = "`RuntimeComponents` have been added as an argument to the `IdentityResolver::resolve_identity` trait function."
		references = ["smithy-rs#2917"]
		meta = { "breaking" = true, "tada" = false, "bug" = false, "target" = "client"}
		author = "jdisanti"

aws/rust-runtime/aws-config/Cargo.toml

+7 −4

Original line number	Diff line number	Diff line
		@@ -13,9 +13,9 @@ client-hyper = ["aws-smithy-runtime/connector-hyper-0-14-x"]
		rustls = ["aws-smithy-runtime/tls-rustls", "client-hyper"]
		allow-compilation = [] # our tests use `cargo test --all-features` and native-tls breaks CI
		rt-tokio = ["aws-smithy-async/rt-tokio", "aws-smithy-runtime/rt-tokio", "tokio/rt"]
		credentials-sso = ["dep:aws-sdk-sso", "dep:ring", "dep:hex", "dep:zeroize"]
		sso = ["dep:aws-sdk-sso", "dep:aws-sdk-ssooidc", "dep:ring", "dep:hex", "dep:zeroize", "aws-smithy-runtime-api/http-auth"]

		default = ["client-hyper", "rustls", "rt-tokio", "credentials-sso"]
		default = ["client-hyper", "rustls", "rt-tokio"]

		[dependencies]
		aws-credential-types = { path = "../../sdk/build/aws-sdk/sdk/aws-credential-types" }
		@@ -46,8 +46,13 @@ ring = { version = "0.16", optional = true }
		hex = { version = "0.4.3", optional = true }
		zeroize = { version = "1", optional = true }

		# implementation detail of SSO OIDC `CreateToken` for SSO token providers
		aws-sdk-ssooidc = { path = "../../sdk/build/aws-sdk/sdk/ssooidc", default-features = false, optional = true }

		[dev-dependencies]
		aws-credential-types = { path = "../../sdk/build/aws-sdk/sdk/aws-credential-types", features = ["test-util"] }
		aws-smithy-runtime = { path = "../../sdk/build/aws-sdk/sdk/aws-smithy-runtime", features = ["client", "connector-hyper-0-14-x", "test-util"] }
		aws-smithy-runtime-api = { path = "../../sdk/build/aws-sdk/sdk/aws-smithy-runtime-api", features = ["test-util"] }
		futures-util = { version = "0.3.16", default-features = false }
		tracing-test = "0.2.1"
		tracing-subscriber = { version = "0.3.16", features = ["fmt", "json"] }
		@@ -61,8 +66,6 @@ arbitrary = "1.3"
		serde = { version = "1", features = ["derive"] }
		serde_json = "1"

		aws-credential-types = { path = "../../sdk/build/aws-sdk/sdk/aws-credential-types", features = ["test-util"] }

		# used for a usage example
		hyper-rustls = { version = "0.24", features = ["webpki-tokio", "http2", "http1"] }
		aws-smithy-async = { path = "../../sdk/build/aws-sdk/sdk/aws-smithy-async", features = ["rt-tokio", "test-util"] }

aws/rust-runtime/aws-config/external-types.toml

+1 −0

Original line number	Diff line number	Diff line
		@@ -20,6 +20,7 @@ allowed_external_types = [
		"aws_smithy_runtime_api::client::dns::SharedDnsResolver",
		"aws_smithy_runtime_api::client::http::HttpClient",
		"aws_smithy_runtime_api::client::http::SharedHttpClient",
		"aws_smithy_runtime_api::client::identity::ResolveIdentity",
		"aws_smithy_types::retry",
		"aws_smithy_types::retry::*",
		"aws_smithy_types::timeout",