Unverified Commit 10e915b6 authored by ysaito1001's avatar ysaito1001 Committed by GitHub
Browse files

Replace Arc with SharedCredentialsProvider in credentials_provider builder methods (#2227) 

* Stop exposing `Arc` in `credentials_provider` builder methods

This commit rectifies the signature changes made to `credentials_provider`
builder methods in https://github.com/awslabs/smithy-rs/pull/2122

.
The PR in question removed `SharedCredentialsProvider` and the builder
methods started taking `ProvideCredentials` in `Arc` instead. This causes
a problem for us to evolve the API in the future as the API forces the user
to be aware of the implementation detail that we use `Arc`.

* Update comments for `SharedCredentialsCache`

* Fix unresolved doc links to `ProvideCredentials`

This commit fixes unresolved doc links to `ProvideCredentials` in
`aws_credential_types::lazy_caching`.

* Update CHANGELOG.next.toml

Co-authored-by: default avatarYuki Saito <awsaito@amazon.com>
parent d9ea56d3

CHANGELOG.next.toml

+8 −11
Original line number Diff line number Diff line
@@ -155,7 +155,6 @@ After: 
```rust

use aws_credential_types::cache::CredentialsCache;

use aws_types::provider::ProvideCredentials;

use std::sync::Arc;



fn make_provider() -> impl ProvideCredentials {

    // --snip--
@@ -164,7 +163,7 @@ fn make_provider() -> impl ProvideCredentials { 
// Wrapping a result of `make_provider` in `LazyCredentialsCache` is done automatically.

let sdk_config = aws_config::from_env()

    .credentials_cache(CredentialsCache::lazy()) // This line can be omitted because it is on by default.

    .credentials_provider(Arc::new(make_provider()))

    .credentials_provider(make_provider())

    .load()

    .await;
@@ -201,7 +200,6 @@ After: 
```rust

use aws_credential_types::cache::CredentialsCache;

use aws_types::provider::ProvideCredentials;

use std::sync::Arc;

use std::time::Duration;



fn make_provider() -> impl ProvideCredentials {
@@ -214,7 +212,7 @@ let sdk_config = aws_config::from_env() 
            .load_timeout(Duration::from_secs(60)) // Configures timeout.

            .into_credentials_cache(),

    )

    .credentials_provider(Arc::new(make_provider()))

    .credentials_provider(make_provider())

    .load()

    .await;
@@ -253,7 +251,6 @@ After: 
```rust

use aws_config::default_provider::credentials::default_provider;

use aws_credential_types::cache::CredentialsCache;

use std::sync::Arc;

use std::time::Duration;



// Previously used methods no longer exist on the builder for `DefaultCredentialsChain`.
@@ -266,7 +263,7 @@ let sdk_config = aws_config::from_env() 
            .default_credential_expiration(Duration::from_secs(20 * 60))

            .into_credentials_cache(),

    )

    .credentials_provider(Arc::new(credentials_provider))

    .credentials_provider(credentials_provider)

    .load()

    .await;
@@ -275,13 +272,13 @@ let client = aws_sdk_s3::Client::new(&sdk_config); 


</details>

"""

references = ["smithy-rs#2122"]

references = ["smithy-rs#2122", "smithy-rs#2227"]

meta = { "breaking" = true, "tada" = false, "bug" = false }

author = "ysaito1001"



[[aws-sdk-rust]]

message = """

The introduction of `CredentialsCache` comes with an accompanying type `SharedCredentialsCache`. This replaces `SharedCredentialsProvider` and as a result, `aws_http::auth:set_provider` has been updated to `aws_http::auth::set_credentials_cache`.

The introduction of `CredentialsCache` comes with an accompanying type `SharedCredentialsCache`, which we will store in the property bag instead of a `SharedCredentialsProvider`. As a result, `aws_http::auth:set_provider` has been updated to `aws_http::auth::set_credentials_cache`.



Before:

```rust
@@ -303,23 +300,23 @@ After: 
```rust

use aws_credential_types::Credentials;

use aws_credential_types::cache::{CredentialsCache, SharedCredentialsCache};

use aws_credential_types::provider::SharedCredentialsProvider;

use aws_http::auth::set_credentials_cache;

use aws_smithy_http::body::SdkBody;

use aws_smithy_http::operation;

use std::sync::Arc;



let mut req = operation::Request::new(http::Request::new(SdkBody::from("some body")));

let credentials = Credentials::new("example", "example", None, None, "my_provider_name");

let credentials_cache = CredentialsCache::lazy_builder()

    .into_credentials_cache()

    .create_cache(Arc::new(credentials));

    .create_cache(SharedCredentialsProvider::new(credentials));

set_credentials_cache(

    &mut req.properties_mut(),

    SharedCredentialsCache::new(credentials_cache),

);

```

"""

references = ["smithy-rs#2122"]

references = ["smithy-rs#2122", "smithy-rs#2227"]

meta = { "breaking" = true, "tada" = false, "bug" = false }

author = "ysaito1001"

aws/rust-runtime/aws-config/external-types.toml

+1 −0
Original line number Diff line number Diff line
@@ -6,6 +6,7 @@ allowed_external_types = [ 
   "aws_credential_types::cache::CredentialsCache",

   "aws_credential_types::provider::ProvideCredentials",

   "aws_credential_types::provider::Result",

   "aws_credential_types::provider::SharedCredentialsProvider",

   "aws_sdk_sts::model::PolicyDescriptorType",

   "aws_smithy_async::rt::sleep::AsyncSleep",

   "aws_smithy_client::bounds::SmithyConnector",

aws/rust-runtime/aws-config/src/lib.rs

+6 −7
Original line number Diff line number Diff line
@@ -151,7 +151,7 @@ mod loader { 
    use std::sync::Arc;



    use aws_credential_types::cache::CredentialsCache;

    use aws_credential_types::provider::ProvideCredentials;

    use aws_credential_types::provider::{ProvideCredentials, SharedCredentialsProvider};

    use aws_smithy_async::rt::sleep::{default_async_sleep, AsyncSleep};

    use aws_smithy_client::http_connector::{ConnectorSettings, HttpConnector};

    use aws_smithy_types::retry::RetryConfig;
@@ -179,7 +179,7 @@ mod loader { 
    pub struct ConfigLoader {

        app_name: Option<AppName>,

        credentials_cache: Option<CredentialsCache>,

        credentials_provider: Option<Arc<dyn ProvideCredentials>>,

        credentials_provider: Option<SharedCredentialsProvider>,

        endpoint_resolver: Option<Arc<dyn ResolveAwsEndpoint>>,

        endpoint_url: Option<String>,

        region: Option<Box<dyn ProvideRegion>>,
@@ -326,22 +326,21 @@ mod loader { 
        /// Override the credentials provider but load the default value for region:

        /// ```no_run

        /// # use aws_credential_types::Credentials;

        /// # use std::sync::Arc;

        /// # fn create_my_credential_provider() -> Credentials {

        /// #     Credentials::new("example", "example", None, None, "example")

        /// # }

        /// # async fn create_config() {

        /// let config = aws_config::from_env()

        ///     .credentials_provider(Arc::new(create_my_credential_provider()))

        ///     .credentials_provider(create_my_credential_provider())

        ///     .load()

        ///     .await;

        /// # }

        /// ```

        pub fn credentials_provider(

            mut self,

            credentials_provider: Arc<dyn ProvideCredentials>,

            credentials_provider: impl ProvideCredentials + 'static,

        ) -> Self {

            self.credentials_provider = Some(credentials_provider);

            self.credentials_provider = Some(SharedCredentialsProvider::new(credentials_provider));

            self

        }
@@ -600,7 +599,7 @@ mod loader { 
            } else {

                let mut builder = credentials::DefaultCredentialsChain::builder().configure(conf);

                builder.set_region(region.clone());

                Arc::new(builder.build().await)

                SharedCredentialsProvider::new(builder.build().await)

            };



            let endpoint_resolver = self.endpoint_resolver;

aws/rust-runtime/aws-credential-types/src/cache.rs

+7 −7
Original line number Diff line number Diff line
@@ -11,7 +11,7 @@ mod lazy_caching; 
pub use expiring_cache::ExpiringCache;

pub use lazy_caching::Builder as LazyBuilder;



use crate::provider::{future, ProvideCredentials};

use crate::provider::{future, SharedCredentialsProvider};

use std::sync::Arc;



/// Asynchronous Cached Credentials Provider
@@ -24,13 +24,13 @@ pub trait ProvideCachedCredentials: Send + Sync + std::fmt::Debug { 


/// Credentials cache wrapper that may be shared

///

/// Newtype wrapper around ProvideCachedCredentials that implements Clone using an internal

/// Arc.

/// Newtype wrapper around `ProvideCachedCredentials` that implements `Clone` using an internal

/// `Arc`.

#[derive(Clone, Debug)]

pub struct SharedCredentialsCache(Arc<dyn ProvideCachedCredentials>);



impl SharedCredentialsCache {

    /// Create a new `SharedCredentialsCache` from `ProvideCredentialsCache`

    /// Create a new `SharedCredentialsCache` from `ProvideCachedCredentials`

    ///

    /// The given `cache` will be wrapped in an internal `Arc`. If your

    /// cache is already in an `Arc`, use `SharedCredentialsCache::from(cache)` instead.
@@ -73,11 +73,11 @@ pub(crate) enum Inner { 
/// use aws_credential_types::Credentials;

/// use aws_credential_types::cache::CredentialsCache;

/// use aws_credential_types::credential_fn::provide_credentials_fn;

/// use std::sync::Arc;

/// use aws_credential_types::provider::SharedCredentialsProvider;

///

/// let credentials_cache = CredentialsCache::lazy_builder()

///     .into_credentials_cache()

///     .create_cache(Arc::new(provide_credentials_fn(|| async {

///     .create_cache(SharedCredentialsProvider::new(provide_credentials_fn(|| async {

///         // An async process to retrieve credentials would go here:

///         Ok(Credentials::new(

///             "example",
@@ -105,7 +105,7 @@ impl CredentialsCache { 
    }



    /// Creates a [`SharedCredentialsCache`] wrapping a concrete caching implementation.

    pub fn create_cache(self, provider: Arc<dyn ProvideCredentials>) -> SharedCredentialsCache {

    pub fn create_cache(self, provider: SharedCredentialsProvider) -> SharedCredentialsCache {

        match self.inner {

            Inner::Lazy(builder) => SharedCredentialsCache::new(builder.build(provider)),

        }

aws/rust-runtime/aws-credential-types/src/cache/lazy_caching.rs

+15 −13
Original line number Diff line number Diff line
@@ -13,6 +13,7 @@ use aws_smithy_async::rt::sleep::AsyncSleep; 
use tracing::{debug, info, info_span, Instrument};



use crate::cache::{ExpiringCache, ProvideCachedCredentials};

use crate::provider::SharedCredentialsProvider;

use crate::provider::{error::CredentialsError, future, ProvideCredentials};

use crate::time_source::TimeSource;
@@ -25,7 +26,7 @@ pub(crate) struct LazyCredentialsCache { 
    time: TimeSource,

    sleeper: Arc<dyn AsyncSleep>,

    cache: ExpiringCache<Credentials, CredentialsError>,

    provider: Arc<dyn ProvideCredentials>,

    provider: SharedCredentialsProvider,

    load_timeout: Duration,

    default_credential_expiration: Duration,

}
@@ -34,7 +35,7 @@ impl LazyCredentialsCache { 
    fn new(

        time: TimeSource,

        sleeper: Arc<dyn AsyncSleep>,

        provider: Arc<dyn ProvideCredentials>,

        provider: SharedCredentialsProvider,

        load_timeout: Duration,

        default_credential_expiration: Duration,

        buffer_time: Duration,
@@ -110,7 +111,7 @@ mod builder { 
    use std::time::Duration;



    use crate::cache::{CredentialsCache, Inner};

    use crate::provider::ProvideCredentials;

    use crate::provider::SharedCredentialsProvider;

    use aws_smithy_async::rt::sleep::{default_async_sleep, AsyncSleep};



    use super::TimeSource;
@@ -122,9 +123,9 @@ mod builder { 
    /// Builder for constructing a `LazyCredentialsCache`.

    ///

    /// `LazyCredentialsCache` implements [`ProvideCachedCredentials`](crate::cache::ProvideCachedCredentials) by caching

    /// credentials that it loads by calling a user-provided [`ProvideCredentials`] implementation.

    /// credentials that it loads by calling a user-provided [`ProvideCredentials`](crate::provider::ProvideCredentials) implementation.

    ///

    /// For example, you can provide a [`ProvideCredentials`] implementation that calls

    /// For example, you can provide a [`ProvideCredentials`](crate::provider::ProvideCredentials) implementation that calls

    /// AWS STS's AssumeRole operation to get temporary credentials, and `LazyCredentialsCache`

    /// will cache those credentials until they expire.

    ///
@@ -178,7 +179,7 @@ mod builder { 
            self

        }



        /// Timeout for the given [`ProvideCredentials`] implementation.

        /// Timeout for the given [`ProvideCredentials`](crate::provider::ProvideCredentials) implementation.

        ///

        /// Defaults to 5 seconds.

        pub fn load_timeout(mut self, timeout: Duration) -> Self {
@@ -186,7 +187,7 @@ mod builder { 
            self

        }



        /// Timeout for the given [`ProvideCredentials`] implementation.

        /// Timeout for the given [`ProvideCredentials`](crate::provider::ProvideCredentials) implementation.

        ///

        /// Defaults to 5 seconds.

        pub fn set_load_timeout(&mut self, timeout: Option<Duration>) -> &mut Self {
@@ -220,7 +221,7 @@ mod builder { 


        /// Default expiration time to set on credentials if they don't have an expiration time.

        ///

        /// This is only used if the given [`ProvideCredentials`] returns

        /// This is only used if the given [`ProvideCredentials`](crate::provider::ProvideCredentials) returns

        /// [`Credentials`](crate::Credentials) that don't have their `expiry` set.

        /// This must be at least 15 minutes.

        ///
@@ -232,7 +233,7 @@ mod builder { 


        /// Default expiration time to set on credentials if they don't have an expiration time.

        ///

        /// This is only used if the given [`ProvideCredentials`] returns

        /// This is only used if the given [`ProvideCredentials`](crate::provider::ProvideCredentials) returns

        /// [`Credentials`](crate::Credentials) that don't have their `expiry` set.

        /// This must be at least 15 minutes.

        ///
@@ -258,7 +259,7 @@ mod builder { 
        /// This will panic if no `sleep` implementation is given and if no default crate features

        /// are used. By default, the [`TokioSleep`](aws_smithy_async::rt::sleep::TokioSleep)

        /// implementation will be set automatically.

        pub(crate) fn build(self, provider: Arc<dyn ProvideCredentials>) -> LazyCredentialsCache {

        pub(crate) fn build(self, provider: SharedCredentialsProvider) -> LazyCredentialsCache {

            let default_credential_expiration = self

                .default_credential_expiration

                .unwrap_or(DEFAULT_CREDENTIAL_EXPIRATION);
@@ -289,6 +290,7 @@ mod tests { 
    use tracing::info;

    use tracing_test::traced_test;



    use crate::provider::SharedCredentialsProvider;

    use crate::{

        cache::ProvideCachedCredentials, credential_fn::provide_credentials_fn,

        provider::error::CredentialsError, time_source::TestingTimeSource, Credentials,
@@ -307,7 +309,7 @@ mod tests { 
        LazyCredentialsCache::new(

            time,

            Arc::new(TokioSleep::new()),

            Arc::new(provide_credentials_fn(move || {

            SharedCredentialsProvider::new(provide_credentials_fn(move || {

                let list = load_list.clone();

                async move {

                    let next = list.lock().unwrap().remove(0);
@@ -341,7 +343,7 @@ mod tests { 
    #[tokio::test]

    async fn initial_populate_credentials() {

        let time = TestingTimeSource::new(UNIX_EPOCH);

        let provider = Arc::new(provide_credentials_fn(|| async {

        let provider = SharedCredentialsProvider::new(provide_credentials_fn(|| async {

            info!("refreshing the credentials");

            Ok(credentials(1000))

        }));
@@ -464,7 +466,7 @@ mod tests { 
        let credentials_cache = LazyCredentialsCache::new(

            TimeSource::testing(&time),

            Arc::new(TokioSleep::new()),

            Arc::new(provide_credentials_fn(|| async {

            SharedCredentialsProvider::new(provide_credentials_fn(|| async {

                aws_smithy_async::future::never::Never::new().await;

                Ok(credentials(1000))

            })),