Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Custom Authentication Scheme Issue #3034

Closed
moconn68 opened this issue Oct 6, 2023 · 0 comments · Fixed by #3087
Closed

Custom Authentication Scheme Issue #3034

moconn68 opened this issue Oct 6, 2023 · 0 comments · Fixed by #3087
Assignees
@jdisanti
Labels
bug Something isn't working client

Comments

@moconn68
Copy link

moconn68 commented Oct 6, 2023

Description

When creating a custom authentication workflow via the orchestrator using a RuntimePlugin per this discussion post, the authentication plugin is overwritten by the model default. In my case this default is no auth, so the authentication token headers were never used and my requests were rejected from the server. I am able to work around this using an Interceptor per this snippet, but per office hours discussion this is not the idiomatic way and the issue with RutimePlugins should be resolved.

Context

Reproduction

  • Create some simple authentication middleware via RuntimePlugin per the discussion post linked above
  • Using the following test, evaluate the trace logs and examine the authentication workflow and the final (lack of) headers:
    struct TestEndpointResolver;

    impl<T> ResolveEndpoint<T> for TestEndpointResolver {
        fn resolve_endpoint(&self, _params: &T) -> aws_smithy_http::endpoint::Result {
            Ok(::aws_smithy_types::endpoint::Endpoint::builder()
                .url(ENDPOINT_URL_STR)
                .property(
                    "authSchemes",
                    vec![::aws_smithy_types::Document::from({
                        let mut out = ::std::collections::HashMap::<
                            String,
                            ::aws_smithy_types::Document,
                        >::new();
                        out.insert("name".to_string(), "schemeid".to_string().into());
                        out
                    })],
                )
                .build())
        }
    }
    #[tokio::test]
    async fn proxy_test() {
        tracing_subscriber::fmt::init();
        let (server, request) = capture_request(None);
        let config = Config::builder()
            .http_connector(server)
            .endpoint_resolver(TestEndpointResolver {})
            .runtime_plugin(super::AuthRuntimePlugin::new())
            .build();
        let client = Client::from_conf(config);

        let _ = dbg!(client.get_client_configuration().send().await);
        let r = request.expect_request();
        dbg!(&r);
        assert!(r.headers().is_empty());
    }

Run with RUST_LOGS=trace cargo test proxy_test

Smithy version

v0.56.1

Relevant modifications

N/A

Environment/Deployment Peculiarities

Code running on a custom embedded Linux-based stack
@jdisanti jdisanti added bug Something isn't working client labels Oct 6, 2023
@jdisanti jdisanti self-assigned this Oct 18, 2023
rcoh added a commit that referenced this issue Oct 20, 2023
@rcoh
reproducer for #3034
dd0a023
rcoh added a commit that referenced this issue Oct 23, 2023
@rcoh
reproducer for #3034
b471b46
@rcoh rcoh mentioned this issue Oct 23, 2023
Merged
2 tasks
github-merge-queue bot pushed a commit that referenced this issue Oct 24, 2023
@rcoh
Fix bug where Custom Auth Schemes were not respected (#3087)
12bed90 
## Motivation and Context
- Fixes #3034
## Description
Because AuthSchemeOptions were being registered at the operation level,
there was no way for them to be overridden by customer-provided runtime
plugins. This moves them into a separate plugin that is added at
Client/Default priority.

## Testing
- new unit test

## Checklist
<!--- If a checkbox below is not applicable, then please DELETE it
rather than leaving it unchecked -->
- [x] I have updated `CHANGELOG.next.toml` if I made changes to the
smithy-rs codegen or runtime crates
- [x] I have updated `CHANGELOG.next.toml` if I made changes to the AWS
SDK, generated SDK code, or SDK runtime crates

----

_By submitting this pull request, I confirm that you can use, modify,
copy, and redistribute this contribution, under the terms of your
choice._
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jdisanti jdisanti

Labels
bug Something isn't working client
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix bug where Custom Auth Schemes were not respected smithy-lang/smithy-rs
2 participants
@jdisanti @moconn68