aws/signer/v4: Refactor SigV4 Signer #519

skmcgrail · 2020-03-30T18:45:01Z

Refactors the SigV4 signing interface to match our design direction based on previous worth with EventStream support in the V1 SDK.

To maintain backwards comparability with the existing request handlers and to not immediately break users the existing interfaces and behaviors have been kept the same, but utilize the redesign signer underneath.

=== Breaking Change --- * `aws/endpoints`: Several functions and types have been removed * Removes `DecodeModel` and `DecodeModelOptions` from the package ([#509](#509)) * Remove Region Constants, Partition Constants, and types use for exploring the endpoint data model ([#512](#512)) * `service/s3/s3crypto`: Package and associated encryption/decryption clients have been removed from the SDK ([#511](#511)) * `aws/external`: Removes several export constants and types ([#508](#508)) * No longer exports AWS environment constants used by the external environment configuration loader * `DefaultSharedConfigProfile` is now defined an exported constant * `aws`: `ErrMissingRegion`, `ErrMissingEndpoint`, `ErrStaticCredentialsEmpty` are now concrete error types ([#510](#510)) Services --- * Synced the V2 SDK with latest AWS service API definitions. SDK Features --- * `aws/signer/v4`: New methods `SignHTTP` and `PresignHTTP` have been added ([#519](#519)) * `SignHTTP` replaces `Sign`, and usage of `Sign` should be migrated before it's removal at a later date * `PresignHTTP` replaces `Presign`, and usage of `Presign` should be migrated before it's removal at a later date * `DisableRequestBodyOverwrite` and `UnsignedPayload` are now deprecated options and have no effect on `SignHTTP` or `PresignHTTP`. These options will be removed at a later date. * `aws/external`: Add Support for setting a default fallback region and resolving region from EC2 IMDS ([#523](#523)) * `WithDefaultRegion` helper has been added which can be passed to `LoadDefaultAWSConfig` * This helper can be used to configure a default fallback region in the event a region fails to be resolved from other sources * Support has been added to resolve region using EC2 IMDS when available * The IMDS region will be used if region as not found configured in either the shared config or the process environment. * Fixes [#244](#244) * Fixes [#515](#515) SDK Enhancements --- * `service/dynamodb/expression`: Add IsSet helper for ConditionBuilder and KeyConditionBuilder ([#494](#494)) * Adds a IsSet helper for ConditionBuilder and KeyConditionBuilder to make it easier to determine if the condition builders have any conditions added to them. * Implements [#493](#493). * `internal/ini`: Normalize Section keys to lowercase ([#495](#495)) * Update's SDK's ini utility to store all keys as lowercase. This brings the SDK inline with the AWS CLI's behavior. SDK Bugs --- * `internal/sdk`: Fix SDK's UUID utility to handle partial read ([#536](#536)) * Fixes the SDK's UUID utility to correctly handle partial reads from its crypto rand source. This error was sometimes causing the SDK's InvocationID value to fail to be obtained, due to a partial read from crypto.Rand. * Fix [#534](#534) * `aws/defaults`: Fix request metadata headers causing signature errors ([#536](#536)) * Fixes the SDK's adding the request metadata headers in the wrong location within the request handler stack. This created a situation where a request that was retried would sign the new attempt using the old value of the header. The header value would then be changed before sending the request. * Fix [#533](#533) * Fix [#521](#521)

Breaking Change --- * `aws/endpoints`: Several functions and types have been removed * Removes `DecodeModel` and `DecodeModelOptions` from the package ([#509](#509)) * Remove Region Constants, Partition Constants, and types use for exploring the endpoint data model ([#512](#512)) * `service/s3/s3crypto`: Package and associated encryption/decryption clients have been removed from the SDK ([#511](#511)) * `aws/external`: Removes several export constants and types ([#508](#508)) * No longer exports AWS environment constants used by the external environment configuration loader * `DefaultSharedConfigProfile` is now defined an exported constant * `aws`: `ErrMissingRegion`, `ErrMissingEndpoint`, `ErrStaticCredentialsEmpty` are now concrete error types ([#510](#510)) Services --- * Synced the V2 SDK with latest AWS service API definitions. SDK Features --- * `aws/signer/v4`: New methods `SignHTTP` and `PresignHTTP` have been added ([#519](#519)) * `SignHTTP` replaces `Sign`, and usage of `Sign` should be migrated before it's removal at a later date * `PresignHTTP` replaces `Presign`, and usage of `Presign` should be migrated before it's removal at a later date * `DisableRequestBodyOverwrite` and `UnsignedPayload` are now deprecated options and have no effect on `SignHTTP` or `PresignHTTP`. These options will be removed at a later date. * `aws/external`: Add Support for setting a default fallback region and resolving region from EC2 IMDS ([#523](#523)) * `WithDefaultRegion` helper has been added which can be passed to `LoadDefaultAWSConfig` * This helper can be used to configure a default fallback region in the event a region fails to be resolved from other sources * Support has been added to resolve region using EC2 IMDS when available * The IMDS region will be used if region as not found configured in either the shared config or the process environment. * Fixes [#244](#244) * Fixes [#515](#515) SDK Enhancements --- * `service/dynamodb/expression`: Add IsSet helper for ConditionBuilder and KeyConditionBuilder ([#494](#494)) * Adds a IsSet helper for ConditionBuilder and KeyConditionBuilder to make it easier to determine if the condition builders have any conditions added to them. * Implements [#493](#493). * `internal/ini`: Normalize Section keys to lowercase ([#495](#495)) * Update's SDK's ini utility to store all keys as lowercase. This brings the SDK inline with the AWS CLI's behavior. SDK Bugs --- * `internal/sdk`: Fix SDK's UUID utility to handle partial read ([#536](#536)) * Fixes the SDK's UUID utility to correctly handle partial reads from its crypto rand source. This error was sometimes causing the SDK's InvocationID value to fail to be obtained, due to a partial read from crypto.Rand. * Fix [#534](#534) * `aws/defaults`: Fix request metadata headers causing signature errors ([#536](#536)) * Fixes the SDK's adding the request metadata headers in the wrong location within the request handler stack. This created a situation where a request that was retried would sign the new attempt using the old value of the header. The header value would then be changed before sending the request. * Fix [#533](#533) * Fix [#521](#521)

skmcgrail requested a review from jasdel March 30, 2020 18:45

skmcgrail force-pushed the sigv4/interfaceChanges branch from 6e1c95a to dcf7189 Compare March 30, 2020 19:22

aws/signer/v4: Refactor SigV4 Signer

b8cc0e3

skmcgrail force-pushed the sigv4/interfaceChanges branch from dcf7189 to b8cc0e3 Compare March 30, 2020 19:28

jasdel approved these changes Mar 30, 2020

View reviewed changes

Add CHANGELOG_PENDING.md entry

f18799d

skmcgrail merged commit 109e066 into aws:master Mar 30, 2020

skmcgrail deleted the sigv4/interfaceChanges branch April 16, 2020 17:25

jasdel mentioned this pull request Apr 21, 2020

Release v0.21.0 (2020-04-21) #539

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

aws/signer/v4: Refactor SigV4 Signer #519

aws/signer/v4: Refactor SigV4 Signer #519

skmcgrail commented Mar 30, 2020

aws/signer/v4: Refactor SigV4 Signer #519

aws/signer/v4: Refactor SigV4 Signer #519

Conversation

skmcgrail commented Mar 30, 2020