Unverified Commit 25ea4a97 authored by Russell Cohen's avatar Russell Cohen Committed by GitHub
Browse files

Fix SigningRegion override Bug (#326) 

This diff fixes a bug where the default AWS endpoint resolver was erroneously overriding the signing service with the name of the service, even when a signing service override was present in the models.
parent f2b34421

aws/rust-runtime/aws-endpoint/src/lib.rs

+40 −2
Original line number Diff line number Diff line
@@ -112,7 +112,7 @@ impl ResolveAwsEndpoint for DefaultAwsEndpointResolver { 
        Ok(AwsEndpoint {

            endpoint: Endpoint::mutable(uri),

            signing_region: Some(region.clone().into()),

            signing_service: Some(SigningService::from_static(self.service)),

            signing_service: None,

        })

    }

}
@@ -199,8 +199,12 @@ mod test { 
    use smithy_http::middleware::MapRequest;

    use smithy_http::operation;



    use crate::{set_endpoint_resolver, AwsEndpointStage, DefaultAwsEndpointResolver};

    use crate::{

        set_endpoint_resolver, AwsEndpoint, AwsEndpointStage, BoxError, DefaultAwsEndpointResolver,

        ResolveAwsEndpoint,

    };

    use http::header::HOST;

    use smithy_http::endpoint::Endpoint;



    #[test]

    fn default_endpoint_updates_request() {
@@ -211,6 +215,7 @@ mod test { 
        {

            let mut conf = req.config_mut();

            conf.insert(region.clone());

            conf.insert(SigningService::from_static("kinesis"));

            set_endpoint_resolver(&mut conf, provider);

        };

        let req = AwsEndpointStage.apply(req).expect("should succeed");
@@ -233,4 +238,37 @@ mod test { 
            "kinesis.us-east-1.amazonaws.com"

        );

    }



    #[test]

    fn sets_service_override_when_set() {

        struct ServiceOverrideResolver;

        impl ResolveAwsEndpoint for ServiceOverrideResolver {

            fn endpoint(&self, _region: &Region) -> Result<AwsEndpoint, BoxError> {

                Ok(AwsEndpoint {

                    endpoint: Endpoint::immutable(Uri::from_static("http://www.service.com")),

                    signing_service: Some(SigningService::from_static("qldb-override")),

                    signing_region: Some(SigningRegion::from(Region::new("us-east-override"))),

                })

            }

        }

        let provider = Arc::new(ServiceOverrideResolver);

        let req = http::Request::new(SdkBody::from(""));

        let region = Region::new("us-east-1");

        let mut req = operation::Request::new(req);

        {

            let mut conf = req.config_mut();

            conf.insert(region.clone());

            conf.insert(SigningService::from_static("kinesis"));

            set_endpoint_resolver(&mut conf, provider);

        };

        let req = AwsEndpointStage.apply(req).expect("should succeed");

        assert_eq!(

            req.config().get(),

            Some(&SigningRegion::from(Region::new("us-east-override")))

        );

        assert_eq!(

            req.config().get(),

            Some(&SigningService::from_static("qldb-override"))

        );

    }

}

aws/rust-runtime/aws-hyper/tests/e2e_test.rs

+3 −1
Original line number Diff line number Diff line
@@ -11,6 +11,7 @@ use aws_hyper::test_connection::TestConnection; 
use aws_hyper::{Client, RetryConfig};

use aws_sig_auth::signer::OperationSigningConfig;

use aws_types::region::Region;

use aws_types::SigningService;

use bytes::Bytes;

use http::header::{AUTHORIZATION, HOST, USER_AGENT};

use http::{Response, Uri};
@@ -84,6 +85,7 @@ fn test_operation() -> Operation<TestOperationParser, AwsErrorRetryPolicy> { 
            );

            conf.insert(Region::new("test-region"));

            conf.insert(OperationSigningConfig::default_config());

            conf.insert(SigningService::from_static("test-service-signing"));

            conf.insert(UNIX_EPOCH + Duration::from_secs(1613414417));

            conf.insert(AwsUserAgent::for_tests());

            Result::<_, Infallible>::Ok(req)
@@ -98,7 +100,7 @@ async fn e2e_test() { 
        .header(USER_AGENT, "aws-sdk-rust/0.123.test os/windows/XPSP3 lang/rust/1.50.0")

        .header("x-amz-user-agent", "aws-sdk-rust/0.123.test api/test-service/0.123 os/windows/XPSP3 lang/rust/1.50.0")

        .header(HOST, "test-service.test-region.amazonaws.com")

        .header(AUTHORIZATION, "AWS4-HMAC-SHA256 Credential=access_key/20210215/test-region/test-service/aws4_request, SignedHeaders=host, Signature=b4bccc6f03b22e88b9e52a60314d4629c5d159a7cc2de25b1d687b3e5e480d2c")

        .header(AUTHORIZATION, "AWS4-HMAC-SHA256 Credential=access_key/20210215/test-region/test-service-signing/aws4_request, SignedHeaders=host, Signature=5ebafc2fc4a104b63a1f87ffe829e6eb860a48db8c105a7921b82ee3dc02f1b8")

        .header("x-amz-date", "20210215T184017Z")

        .uri(Uri::from_static("https://test-service.test-region.amazonaws.com/"))

        .body(SdkBody::from("request body")).unwrap();

aws/rust-runtime/aws-sig-auth/src/middleware.rs

+2 −0
Original line number Diff line number Diff line
@@ -123,6 +123,7 @@ mod test { 
    use aws_auth::CredentialsProvider;

    use aws_endpoint::{set_endpoint_resolver, AwsEndpointStage, DefaultAwsEndpointResolver};

    use aws_types::region::Region;

    use aws_types::SigningService;

    use http::header::AUTHORIZATION;

    use smithy_http::body::SdkBody;

    use smithy_http::middleware::MapRequest;
@@ -141,6 +142,7 @@ mod test { 
            .augment(|req, conf| {

                conf.insert(region.clone());

                conf.insert(UNIX_EPOCH + Duration::new(1611160427, 0));

                conf.insert(SigningService::from_static("kinesis"));

                set_endpoint_resolver(conf, provider);

                Result::<_, Infallible>::Ok(req)

            })