diff --git a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ChildProfileCredentialsProviderFactory.java b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ChildProfileCredentialsProviderFactory.java index 620e32decfe2..d7f6c0c25848 100644 --- a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ChildProfileCredentialsProviderFactory.java +++ b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ChildProfileCredentialsProviderFactory.java @@ -38,7 +38,9 @@ public interface ChildProfileCredentialsProviderFactory { * provider. This credentials provider should be closed when it is no longer used. * @param profile The profile that should be used to load the configuration necessary to create the child credentials * provider. + * @param source A string list of {@link software.amazon.awssdk.core.useragent.BusinessMetricFeatureId} denoting + * previous credentials providers that are chained with this one. * @return The credentials provider with permissions derived from the source credentials provider and profile. */ - AwsCredentialsProvider create(AwsCredentialsProvider sourceCredentialsProvider, Profile profile); -} + AwsCredentialsProvider create(AwsCredentialsProvider sourceCredentialsProvider, Profile profile, String source); +} \ No newline at end of file diff --git a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ContainerCredentialsProvider.java b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ContainerCredentialsProvider.java index efec7ffce6bd..5fd4fc709319 100644 --- a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ContainerCredentialsProvider.java +++ b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ContainerCredentialsProvider.java @@ -39,6 +39,7 @@ import software.amazon.awssdk.auth.credentials.internal.HttpCredentialsLoader.LoadedCredentials; import software.amazon.awssdk.core.SdkSystemSetting; import software.amazon.awssdk.core.exception.SdkClientException; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.core.util.SdkUserAgent; import software.amazon.awssdk.regions.util.ResourcesEndpointProvider; import software.amazon.awssdk.regions.util.ResourcesEndpointRetryPolicy; @@ -72,7 +73,7 @@ public final class ContainerCredentialsProvider implements HttpCredentialsProvider, ToCopyableBuilder { - private static final String PROVIDER_NAME = "ContainerCredentialsProvider"; + private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_HTTP.value(); private static final Predicate IS_LOOPBACK_ADDRESS = InetAddress::isLoopbackAddress; private static final Predicate ALLOWED_HOSTS_RULES = IS_LOOPBACK_ADDRESS; private static final String HTTPS = "https"; @@ -90,6 +91,7 @@ public final class ContainerCredentialsProvider private final Boolean asyncCredentialUpdateEnabled; private final String asyncThreadName; + private final String source; /** * @see #builder() @@ -98,7 +100,8 @@ private ContainerCredentialsProvider(BuilderImpl builder) { this.endpoint = builder.endpoint; this.asyncCredentialUpdateEnabled = builder.asyncCredentialUpdateEnabled; this.asyncThreadName = builder.asyncThreadName; - this.httpCredentialsLoader = HttpCredentialsLoader.create(PROVIDER_NAME); + this.source = builder.source; + this.httpCredentialsLoader = HttpCredentialsLoader.create(providerName()); if (Boolean.TRUE.equals(builder.asyncCredentialUpdateEnabled)) { Validate.paramNotBlank(builder.asyncThreadName, "asyncThreadName"); @@ -160,6 +163,14 @@ private Instant prefetchTime(Instant expiration) { return ComparableUtils.minimum(oneHourFromNow, fifteenMinutesBeforeExpiration); } + private String providerName() { + String providerName = PROVIDER_NAME; + if (source != null && !source.isEmpty()) { + providerName = String.format("%s,%s", source, providerName); + } + return providerName; + } + @Override public AwsCredentials resolveCredentials() { return credentialsCache.get(); @@ -318,6 +329,7 @@ private static final class BuilderImpl implements Builder { private String endpoint; private Boolean asyncCredentialUpdateEnabled; private String asyncThreadName; + private String source; private BuilderImpl() { asyncThreadName("container-credentials-provider"); @@ -327,6 +339,7 @@ private BuilderImpl(ContainerCredentialsProvider credentialsProvider) { this.endpoint = credentialsProvider.endpoint; this.asyncCredentialUpdateEnabled = credentialsProvider.asyncCredentialUpdateEnabled; this.asyncThreadName = credentialsProvider.asyncThreadName; + this.source = credentialsProvider.source; } @Override @@ -359,6 +372,17 @@ public void setAsyncThreadName(String asyncThreadName) { asyncThreadName(asyncThreadName); } + @Override + public Builder source(String source) { + this.source = source; + return this; + } + + public void setSource(String source) { + source(source); + } + + @Override public ContainerCredentialsProvider build() { return new ContainerCredentialsProvider(this); diff --git a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/EnvironmentVariableCredentialsProvider.java b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/EnvironmentVariableCredentialsProvider.java index e05c24eed05a..7a7303fe98d8 100644 --- a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/EnvironmentVariableCredentialsProvider.java +++ b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/EnvironmentVariableCredentialsProvider.java @@ -18,6 +18,7 @@ import java.util.Optional; import software.amazon.awssdk.annotations.SdkPublicApi; import software.amazon.awssdk.auth.credentials.internal.SystemSettingsCredentialsProvider; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.utils.SystemSetting; import software.amazon.awssdk.utils.ToString; @@ -28,7 +29,7 @@ @SdkPublicApi public final class EnvironmentVariableCredentialsProvider extends SystemSettingsCredentialsProvider { - private static final String PROVIDER_NAME = "EnvironmentVariableCredentialsProvider"; + private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_ENV_VARS.value(); private EnvironmentVariableCredentialsProvider() { } diff --git a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/HttpCredentialsProvider.java b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/HttpCredentialsProvider.java index ccc7e7aa7101..b93d23606ad4 100644 --- a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/HttpCredentialsProvider.java +++ b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/HttpCredentialsProvider.java @@ -16,6 +16,7 @@ package software.amazon.awssdk.auth.credentials; import software.amazon.awssdk.annotations.SdkPublicApi; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.utils.SdkAutoCloseable; /** @@ -48,6 +49,14 @@ interface Builder { private static final Logger log = Logger.loggerFor(InstanceProfileCredentialsProvider.class); - private static final String PROVIDER_NAME = "InstanceProfileCredentialsProvider"; + private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_IMDS.value(); private static final String EC2_METADATA_TOKEN_HEADER = "x-aws-ec2-metadata-token"; private static final String SECURITY_CREDENTIALS_RESOURCE = "/latest/meta-data/iam/security-credentials/"; private static final String TOKEN_RESOURCE = "/latest/api/token"; @@ -89,6 +90,7 @@ public final class InstanceProfileCredentialsProvider private final Supplier profileFile; private final String profileName; + private final String source; /** * @see #builder() @@ -102,8 +104,9 @@ private InstanceProfileCredentialsProvider(BuilderImpl builder) { .orElseGet(() -> ProfileFileSupplier.fixedProfileFile(ProfileFile.defaultProfileFile())); this.profileName = Optional.ofNullable(builder.profileName) .orElseGet(ProfileFileSystemSetting.AWS_PROFILE::getStringValueOrThrow); + this.source = builder.source; - this.httpCredentialsLoader = HttpCredentialsLoader.create(PROVIDER_NAME); + this.httpCredentialsLoader = HttpCredentialsLoader.create(providerName()); this.configProvider = Ec2MetadataConfigProvider.builder() .profileFile(profileFile) @@ -196,6 +199,14 @@ private Instant prefetchTime(Instant expiration) { return now.plus(maximum(timeUntilExpiration.dividedBy(2), Duration.ofMinutes(5))); } + private String providerName() { + String providerName = PROVIDER_NAME; + if (source != null && !source.isEmpty()) { + providerName = String.format("%s,%s", source, providerName); + } + return providerName; + } + @Override public void close() { credentialsCache.close(); @@ -346,6 +357,7 @@ static final class BuilderImpl implements Builder { private String asyncThreadName; private Supplier profileFile; private String profileName; + private String source; private BuilderImpl() { asyncThreadName("instance-profile-credentials-provider"); @@ -358,6 +370,7 @@ private BuilderImpl(InstanceProfileCredentialsProvider provider) { this.asyncThreadName = provider.asyncThreadName; this.profileFile = provider.profileFile; this.profileName = provider.profileName; + this.source = provider.source; } Builder clock(Clock clock) { @@ -426,6 +439,16 @@ public void setProfileName(String profileName) { profileName(profileName); } + @Override + public Builder source(String source) { + this.source = source; + return this; + } + + public void setSource(String source) { + source(source); + } + @Override public InstanceProfileCredentialsProvider build() { return new InstanceProfileCredentialsProvider(this); diff --git a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ProcessCredentialsProvider.java b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ProcessCredentialsProvider.java index e27d511d0887..dbe8f4c70328 100644 --- a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ProcessCredentialsProvider.java +++ b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/ProcessCredentialsProvider.java @@ -25,12 +25,14 @@ import java.util.Collections; import java.util.List; import software.amazon.awssdk.annotations.SdkPublicApi; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.protocols.jsoncore.JsonNode; import software.amazon.awssdk.protocols.jsoncore.JsonNodeParser; import software.amazon.awssdk.utils.DateUtils; import software.amazon.awssdk.utils.IoUtils; import software.amazon.awssdk.utils.Platform; import software.amazon.awssdk.utils.SdkAutoCloseable; +import software.amazon.awssdk.utils.StringUtils; import software.amazon.awssdk.utils.ToString; import software.amazon.awssdk.utils.Validate; import software.amazon.awssdk.utils.builder.CopyableBuilder; @@ -64,7 +66,7 @@ public final class ProcessCredentialsProvider implements AwsCredentialsProvider, SdkAutoCloseable, ToCopyableBuilder { - private static final String PROVIDER_NAME = "ProcessCredentialsProvider"; + private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_PROCESS.value(); private static final JsonNodeParser PARSER = JsonNodeParser.builder() .removeErrorLocations(true) .build(); @@ -73,6 +75,7 @@ public final class ProcessCredentialsProvider private final Duration credentialRefreshThreshold; private final long processOutputLimit; private final String staticAccountId; + private final String source; private final CachedSupplier processCredentialCache; @@ -93,6 +96,7 @@ private ProcessCredentialsProvider(Builder builder) { this.commandAsListOfStringsFromBuilder = builder.commandAsListOfStrings; this.asyncCredentialUpdateEnabled = builder.asyncCredentialUpdateEnabled; this.staticAccountId = builder.staticAccountId; + this.source = builder.source; CachedSupplier.Builder cacheBuilder = CachedSupplier.builder(this::refreshCredentials) .cachedValueName(toString()); @@ -192,13 +196,13 @@ private AwsCredentials credentials(JsonNode credentialsJson) { .sessionToken(sessionToken) .expirationTime(credentialExpirationTime(credentialsJson)) .accountId(resolvedAccountId) - .providerName(PROVIDER_NAME) + .providerName(providerName()) .build() : AwsBasicCredentials.builder() .accessKeyId(accessKeyId) .secretAccessKey(secretAccessKey) .accountId(resolvedAccountId) - .providerName(PROVIDER_NAME) + .providerName(providerName()) .build(); } @@ -250,6 +254,14 @@ private String executeCommand() throws IOException, InterruptedException { } } + private String providerName() { + String providerName = PROVIDER_NAME; + if (!StringUtils.isEmpty(this.source)) { + providerName = String.format("%s,%s", this.source, providerName); + } + return providerName; + } + @Override public void close() { processCredentialCache.close(); @@ -270,6 +282,7 @@ public static class Builder implements CopyableBuilder new ProfileCredentialsUtils(profileFile, p, credentialsSourceResolver) .credentialsProvider(children)) .orElseThrow(this::noSourceCredentialsException); - - return stsCredentialsProviderFactory().create(sourceCredentialsProvider, profile); + String source = BusinessMetricFeatureId.CREDENTIALS_PROFILE_SOURCE_PROFILE.value(); + return stsCredentialsProviderFactory().create(sourceCredentialsProvider, profile, source); } /** @@ -260,18 +272,20 @@ private AwsCredentialsProvider roleAndCredentialSourceBasedProfileCredentialsPro requireProperties(ProfileProperty.CREDENTIAL_SOURCE); CredentialSourceType credentialSource = CredentialSourceType.parse(properties.get(ProfileProperty.CREDENTIAL_SOURCE)); - AwsCredentialsProvider credentialsProvider = credentialSourceCredentialProvider(credentialSource); - return stsCredentialsProviderFactory().create(credentialsProvider, profile); + String source = BusinessMetricFeatureId.CREDENTIALS_PROFILE_NAMED_PROVIDER.value(); + AwsCredentialsProvider credentialsProvider = credentialSourceCredentialProvider(credentialSource, source); + return stsCredentialsProviderFactory().create(credentialsProvider, profile, source); } - private AwsCredentialsProvider credentialSourceCredentialProvider(CredentialSourceType credentialSource) { + private AwsCredentialsProvider credentialSourceCredentialProvider(CredentialSourceType credentialSource, String source) { switch (credentialSource) { case ECS_CONTAINER: - return ContainerCredentialsProvider.builder().build(); + return ContainerCredentialsProvider.builder().source(source).build(); case EC2_INSTANCE_METADATA: return InstanceProfileCredentialsProvider.builder() .profileFile(profileFile) .profileName(name) + .source(source) .build(); case ENVIRONMENT: return AwsCredentialsProviderChain.builder() diff --git a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/internal/WebIdentityTokenCredentialProperties.java b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/internal/WebIdentityTokenCredentialProperties.java index 91391909b7a8..ea9c273772bf 100644 --- a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/internal/WebIdentityTokenCredentialProperties.java +++ b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/internal/WebIdentityTokenCredentialProperties.java @@ -32,6 +32,7 @@ public class WebIdentityTokenCredentialProperties { private final Duration prefetchTime; private final Duration staleTime; private final Duration roleSessionDuration; + private final String source; private WebIdentityTokenCredentialProperties(Builder builder) { this.roleArn = builder.roleArn; @@ -41,6 +42,7 @@ private WebIdentityTokenCredentialProperties(Builder builder) { this.prefetchTime = builder.prefetchTime; this.staleTime = builder.staleTime; this.roleSessionDuration = builder.roleSessionDuration; + this.source = builder.source; } public String roleArn() { @@ -71,6 +73,10 @@ public Duration roleSessionDuration() { return this.roleSessionDuration; } + public String source() { + return source; + } + public static Builder builder() { return new Builder(); } @@ -83,6 +89,7 @@ public static final class Builder { private Duration prefetchTime; private Duration staleTime; private Duration roleSessionDuration; + private String source; public Builder roleArn(String roleArn) { this.roleArn = roleArn; @@ -119,6 +126,11 @@ public Builder roleSessionDuration(Duration roleSessionDuration) { return this; } + public Builder source(String source) { + this.source = source; + return this; + } + public WebIdentityTokenCredentialProperties build() { return new WebIdentityTokenCredentialProperties(this); } diff --git a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/ContainerCredentialsProviderTest.java b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/ContainerCredentialsProviderTest.java index 0f20fe51a5a6..08283e024e86 100644 --- a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/ContainerCredentialsProviderTest.java +++ b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/ContainerCredentialsProviderTest.java @@ -31,6 +31,7 @@ import org.junit.ClassRule; import org.junit.Test; import software.amazon.awssdk.core.exception.SdkClientException; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.core.util.SdkUserAgent; import software.amazon.awssdk.testutils.EnvironmentVariableHelper; @@ -86,7 +87,7 @@ public void testGetCredentialsReturnsValidResponseFromEcsEndpoint() { assertThat(credentials.accessKeyId()).isEqualTo(ACCESS_KEY_ID); assertThat(credentials.secretAccessKey()).isEqualTo(SECRET_ACCESS_KEY); assertThat(credentials.sessionToken()).isEqualTo(TOKEN); - assertThat(credentials.providerName()).isPresent().contains("ContainerCredentialsProvider"); + assertThat(credentials.providerName()).isPresent().contains(BusinessMetricFeatureId.CREDENTIALS_HTTP.value()); } /** diff --git a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/InstanceProfileCredentialsProviderTest.java b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/InstanceProfileCredentialsProviderTest.java index c54a2ca3d4d1..af3f95b6a564 100644 --- a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/InstanceProfileCredentialsProviderTest.java +++ b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/InstanceProfileCredentialsProviderTest.java @@ -55,6 +55,7 @@ import org.junit.jupiter.params.provider.ValueSource; import software.amazon.awssdk.core.SdkSystemSetting; import software.amazon.awssdk.core.exception.SdkClientException; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.core.util.SdkUserAgent; import software.amazon.awssdk.profiles.ProfileFile; import software.amazon.awssdk.profiles.ProfileFileSupplier; @@ -137,7 +138,7 @@ public void resolveCredentials_usesTokenByDefault() { AwsCredentials credentials = provider.resolveCredentials(); assertThat(credentials.accessKeyId()).isEqualTo("ACCESS_KEY_ID"); assertThat(credentials.secretAccessKey()).isEqualTo("SECRET_ACCESS_KEY"); - assertThat(credentials.providerName()).isPresent().contains("InstanceProfileCredentialsProvider"); + assertThat(credentials.providerName()).isPresent().contains(BusinessMetricFeatureId.CREDENTIALS_IMDS.value()); verifyImdsCallWithToken(); } diff --git a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/ProcessCredentialsProviderTest.java b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/ProcessCredentialsProviderTest.java index 0fdedff07646..28bdec2af536 100644 --- a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/ProcessCredentialsProviderTest.java +++ b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/ProcessCredentialsProviderTest.java @@ -36,6 +36,7 @@ import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.Arguments; import org.junit.jupiter.params.provider.MethodSource; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.utils.DateUtils; import software.amazon.awssdk.utils.IoUtils; import software.amazon.awssdk.utils.Platform; @@ -133,7 +134,7 @@ void staticCredentialsWithAccountIdCanBeLoaded() { } @Test - public void staticCredentials_commandAsListOfStrings_CanBeLoaded() { + void staticCredentials_commandAsListOfStrings_CanBeLoaded() { AwsCredentials credentials = ProcessCredentialsProvider.builder() .command(Arrays.asList(scriptLocation, "accessKeyId", "secretAccessKey")) @@ -143,7 +144,7 @@ public void staticCredentials_commandAsListOfStrings_CanBeLoaded() { assertThat(credentials).isInstanceOf(AwsBasicCredentials.class); assertThat(credentials.accessKeyId()).isEqualTo("accessKeyId"); assertThat(credentials.secretAccessKey()).isEqualTo("secretAccessKey"); - assertThat(credentials.providerName()).isPresent().contains("ProcessCredentialsProvider"); + assertThat(credentials.providerName()).isPresent().hasValue(BusinessMetricFeatureId.CREDENTIALS_PROCESS.value()); } @Test @@ -186,11 +187,13 @@ void sessionCredentialsWithStaticAccountIdCanBeLoaded() { scriptLocation, ACCESS_KEY_ID, SECRET_ACCESS_KEY, expiration)) .credentialRefreshThreshold(Duration.ofSeconds(1)) .staticAccountId("staticAccountId") + .source("v") .build(); AwsCredentials credentials = credentialsProvider.resolveCredentials(); verifySessionCredentials(credentials, expiration); assertThat(credentials.accountId()).isPresent().hasValue("staticAccountId"); + assertThat(credentials.providerName()).isPresent().hasValue("v,w"); } private void verifySessionCredentials(AwsCredentials credentials, String expiration) { diff --git a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/StaticCredentialsProviderTest.java b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/StaticCredentialsProviderTest.java index d02b633dfd2e..bcfac6bee652 100644 --- a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/StaticCredentialsProviderTest.java +++ b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/StaticCredentialsProviderTest.java @@ -19,6 +19,7 @@ import static org.assertj.core.api.Assertions.assertThatThrownBy; import org.junit.jupiter.api.Test; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; class StaticCredentialsProviderTest { @Test @@ -39,16 +40,16 @@ void getAwsCredentialsWithAccountId_ReturnsSameCredentials() { .build(); AwsCredentials actualCredentials = StaticCredentialsProvider.create(credentials).resolveCredentials(); assertThat(actualCredentials).isEqualTo(credentials); + assertThat(actualCredentials.providerName()).isPresent().contains(BusinessMetricFeatureId.CREDENTIALS_CODE.value()); } - @Test void getSessionAwsCredentials_ReturnsSameCredentials() { AwsSessionCredentials credentials = AwsSessionCredentials.create("akid", "skid", "token"); AwsCredentials actualCredentials = StaticCredentialsProvider.create(credentials).resolveCredentials(); assertThat(credentials).isEqualTo(actualCredentials); assertThat(credentials.providerName()).isNotPresent(); - assertThat(actualCredentials.providerName()).isPresent(); + assertThat(actualCredentials.providerName()).isPresent().contains(BusinessMetricFeatureId.CREDENTIALS_CODE.value()); } @Test diff --git a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/SystemSettingCredentialsProvidersTest.java b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/SystemSettingCredentialsProvidersTest.java index 8961c5d0a18c..f7ac8a6928c2 100644 --- a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/SystemSettingCredentialsProvidersTest.java +++ b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/SystemSettingCredentialsProvidersTest.java @@ -29,6 +29,7 @@ import org.junit.jupiter.params.provider.MethodSource; import software.amazon.awssdk.core.SdkSystemSetting; import software.amazon.awssdk.core.exception.SdkClientException; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.testutils.EnvironmentVariableHelper; import software.amazon.awssdk.utils.Pair; @@ -66,7 +67,9 @@ void configureEnvVars_resolveCredentials(String description, configureEnvironmentVariables(systemSettings); EnvironmentVariableCredentialsProvider provider = EnvironmentVariableCredentialsProvider.create(); if (expected != null) { - assertThat(provider.resolveCredentials()).satisfies(expected); + AwsCredentials resolvedCredentials = provider.resolveCredentials(); + assertThat(resolvedCredentials).satisfies(expected); + assertThat(resolvedCredentials.providerName()).isPresent().contains(BusinessMetricFeatureId.CREDENTIALS_ENV_VARS.value()); } else { assertThatThrownBy(provider::resolveCredentials).isInstanceOf(SdkClientException.class); } @@ -80,7 +83,10 @@ void configureSystemProperties_resolveCredentials(String description, configureSystemProperties(systemSettings); SystemPropertyCredentialsProvider provider = SystemPropertyCredentialsProvider.create(); if (expected != null) { - assertThat(provider.resolveCredentials()).satisfies(expected); + AwsCredentials resolvedCredentials = provider.resolveCredentials(); + assertThat(resolvedCredentials).satisfies(expected); + assertThat(resolvedCredentials.providerName()).isPresent().contains(BusinessMetricFeatureId.CREDENTIALS_JVM_SYSTEM_PROPERTIES.value()); + } else { assertThatThrownBy(provider::resolveCredentials).isInstanceOf(SdkClientException.class); } diff --git a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/SystemSettingsCredentialsProviderTest.java b/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/SystemSettingsCredentialsProviderTest.java deleted file mode 100644 index 81905de526ac..000000000000 --- a/core/auth/src/test/java/software/amazon/awssdk/auth/credentials/SystemSettingsCredentialsProviderTest.java +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"). - * You may not use this file except in compliance with the License. - * A copy of the License is located at - * - * http://aws.amazon.com/apache2.0 - * - * or in the "license" file accompanying this file. This file is distributed - * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the License for the specific language governing - * permissions and limitations under the License. - */ - -package software.amazon.awssdk.auth.credentials; - -import static org.assertj.core.api.Assertions.assertThat; - -import org.junit.jupiter.api.AfterAll; -import org.junit.jupiter.api.BeforeAll; -import org.junit.jupiter.api.Test; -import software.amazon.awssdk.core.SdkSystemSetting; -import software.amazon.awssdk.testutils.EnvironmentVariableHelper; - -class SystemSettingsCredentialsProviderTest { - - private static final EnvironmentVariableHelper ENVIRONMENT_VARIABLE_HELPER = new EnvironmentVariableHelper(); - - @BeforeAll - public static void methodSetup() { - System.setProperty(SdkSystemSetting.AWS_ACCESS_KEY_ID.property(), "akid1"); - System.setProperty(SdkSystemSetting.AWS_SECRET_ACCESS_KEY.property(), "skid1"); - ENVIRONMENT_VARIABLE_HELPER.set(SdkSystemSetting.AWS_ACCESS_KEY_ID.environmentVariable(), "akid2"); - ENVIRONMENT_VARIABLE_HELPER.set(SdkSystemSetting.AWS_SECRET_ACCESS_KEY.environmentVariable(), "skid2"); - } - - @AfterAll - public static void teardown() { - System.clearProperty(SdkSystemSetting.AWS_ACCESS_KEY_ID.property()); - System.clearProperty(SdkSystemSetting.AWS_SECRET_ACCESS_KEY.property()); - ENVIRONMENT_VARIABLE_HELPER.reset(); - } - - @Test - void systemPropertyCredentialsProvider_resolveCredentials_returnsCredentialsWithProvider() { - AwsCredentials credentials = SystemPropertyCredentialsProvider.create().resolveCredentials(); - assertThat(credentials.accessKeyId()).isEqualTo("akid1"); - assertThat(credentials.secretAccessKey()).isEqualTo("skid1"); - assertThat(credentials.providerName()).isPresent().contains("SystemPropertyCredentialsProvider"); - } - - @Test - void environmentVariableCredentialsProvider_resolveCredentials_returnsCredentialsWithProvider() { - AwsCredentials credentials = EnvironmentVariableCredentialsProvider.create().resolveCredentials(); - assertThat(credentials.accessKeyId()).isEqualTo("akid2"); - assertThat(credentials.secretAccessKey()).isEqualTo("skid2"); - assertThat(credentials.providerName()).isPresent().contains("EnvironmentVariableCredentialsProvider"); - } -} diff --git a/core/sdk-core/src/main/java/software/amazon/awssdk/core/useragent/BusinessMetricFeatureId.java b/core/sdk-core/src/main/java/software/amazon/awssdk/core/useragent/BusinessMetricFeatureId.java index 3779726894da..b374f235f0b7 100644 --- a/core/sdk-core/src/main/java/software/amazon/awssdk/core/useragent/BusinessMetricFeatureId.java +++ b/core/sdk-core/src/main/java/software/amazon/awssdk/core/useragent/BusinessMetricFeatureId.java @@ -22,8 +22,8 @@ /** * An enum class representing a short form of identity providers to record in the UA string. * - * Unimplemented metrics: I,J,K,M,O,S,U-c,e-[latest] - * Unsupported metrics (these will never be added): A,H + * Unimplemented metrics: I,J,K,M,O,S,U-c + * Unsupported metrics (these will never be added): A,H,x,y,1,2 */ @SdkProtectedApi public enum BusinessMetricFeatureId { @@ -41,6 +41,27 @@ public enum BusinessMetricFeatureId { ACCOUNT_ID_MODE_REQUIRED("R"), RESOLVED_ACCOUNT_ID("T"), DDB_MAPPER("d"), + CREDENTIALS_CODE("e"), //StaticCredentialsProvider + CREDENTIALS_JVM_SYSTEM_PROPERTIES("f"), //SystemPropertyCredentialsProvider + CREDENTIALS_ENV_VARS("g"), //EnvironmentVariableCredentialsProvider + CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN("h"), //WebIdentityTokenFileCredentialsProvider + CREDENTIALS_STS_ASSUME_ROLE("i"), //StsAssumeRoleCredentialsProvider + CREDENTIALS_STS_ASSUME_ROLE_SAML("j"), //StsAssumeRoleWithSamlCredentialsProvider + CREDENTIALS_STS_ASSUME_ROLE_WEB_ID("k"), //StsAssumeRoleWithWebIdentityCredentialsProvider + CREDENTIALS_STS_FEDERATION_TOKEN("l"), //StsGetFederationTokenCredentialsProvider + CREDENTIALS_STS_SESSION_TOKEN("m"), //StsGetSessionTokenCredentialsProvider + CREDENTIALS_PROFILE("n"), // ProfileCredentialsProvider and static credentials/session credentials + CREDENTIALS_PROFILE_SOURCE_PROFILE("o"), //ProfileCredentialsProvider + other providers + CREDENTIALS_PROFILE_NAMED_PROVIDER("p"), //ProfileCredentialsProvider + InstanceProfile or ContainerCredentialsProvider + CREDENTIALS_PROFILE_STS_WEB_ID_TOKEN("q"), //ProfileCredentialsProvider + StsAssumeRoleWithWebIdentityCredentialsProvider + CREDENTIALS_PROFILE_SSO("r"), //ProfileCredentialsProvider + SsoCredentialsProvider + CREDENTIALS_SSO("s"), //SsoCredentialsProvider + CREDENTIALS_PROFILE_SSO_LEGACY("t"), //ProfileCredentialsProvider + SsoCredentialsProvider + CREDENTIALS_SSO_LEGACY("u"), //Not used, "CREDENTIALS_SSO" will always be applied. For legacy, look for "t,s" + CREDENTIALS_PROFILE_PROCESS("v"), //ProfileCredentialsProvider + ProcessCredentialsProvider + CREDENTIALS_PROCESS("w"), //ProcessCredentialsProvider + CREDENTIALS_HTTP("z"), //ContainerCredentialsProvider + CREDENTIALS_IMDS("0"), //InstanceProfileCredentialsProvider UNKNOWN("Unknown"); private static final Map VALUE_MAP = diff --git a/pom.xml b/pom.xml index c8c6e4a21a9b..6f13d3fcbd4a 100644 --- a/pom.xml +++ b/pom.xml @@ -631,7 +631,7 @@ annotations arns - auth + auth-crt aws-core crt-core diff --git a/services/sso/src/main/java/software/amazon/awssdk/services/sso/auth/SsoCredentialsProvider.java b/services/sso/src/main/java/software/amazon/awssdk/services/sso/auth/SsoCredentialsProvider.java index ce4fbaf2ca97..5002595877e6 100644 --- a/services/sso/src/main/java/software/amazon/awssdk/services/sso/auth/SsoCredentialsProvider.java +++ b/services/sso/src/main/java/software/amazon/awssdk/services/sso/auth/SsoCredentialsProvider.java @@ -25,11 +25,13 @@ import software.amazon.awssdk.auth.credentials.AwsCredentials; import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider; import software.amazon.awssdk.auth.credentials.AwsSessionCredentials; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sso.SsoClient; import software.amazon.awssdk.services.sso.internal.SessionCredentialsHolder; import software.amazon.awssdk.services.sso.model.GetRoleCredentialsRequest; import software.amazon.awssdk.services.sso.model.RoleCredentials; import software.amazon.awssdk.utils.SdkAutoCloseable; +import software.amazon.awssdk.utils.StringUtils; import software.amazon.awssdk.utils.builder.CopyableBuilder; import software.amazon.awssdk.utils.builder.ToCopyableBuilder; import software.amazon.awssdk.utils.cache.CachedSupplier; @@ -51,7 +53,7 @@ @SdkPublicApi public final class SsoCredentialsProvider implements AwsCredentialsProvider, SdkAutoCloseable, ToCopyableBuilder { - private static final String PROVIDER_NAME = "SsoCredentialsProvider"; + private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_SSO.value(); private static final Duration DEFAULT_STALE_TIME = Duration.ofMinutes(1); private static final Duration DEFAULT_PREFETCH_TIME = Duration.ofMinutes(5); @@ -59,6 +61,7 @@ public final class SsoCredentialsProvider implements AwsCredentialsProvider, Sdk private static final String ASYNC_THREAD_NAME = "sdk-sso-credentials-provider"; private final Supplier getRoleCredentialsRequestSupplier; + private final String source; private final SsoClient ssoClient; private final Duration staleTime; @@ -77,6 +80,7 @@ private SsoCredentialsProvider(BuilderImpl builder) { this.staleTime = Optional.ofNullable(builder.staleTime).orElse(DEFAULT_STALE_TIME); this.prefetchTime = Optional.ofNullable(builder.prefetchTime).orElse(DEFAULT_PREFETCH_TIME); + this.source = builder.source; this.asyncCredentialUpdateEnabled = builder.asyncCredentialUpdateEnabled; CachedSupplier.Builder cacheBuilder = @@ -95,11 +99,11 @@ private SsoCredentialsProvider(BuilderImpl builder) { */ private RefreshResult updateSsoCredentials() { SessionCredentialsHolder credentials = getUpdatedCredentials(ssoClient); - Instant acutalTokenExpiration = credentials.sessionCredentialsExpiration(); + Instant actualTokenExpiration = credentials.sessionCredentialsExpiration(); return RefreshResult.builder(credentials) - .staleTime(acutalTokenExpiration.minus(staleTime)) - .prefetchTime(acutalTokenExpiration.minus(prefetchTime)) + .staleTime(actualTokenExpiration.minus(staleTime)) + .prefetchTime(actualTokenExpiration.minus(prefetchTime)) .build(); } @@ -112,11 +116,19 @@ private SessionCredentialsHolder getUpdatedCredentials(SsoClient ssoClient) { .secretAccessKey(roleCredentials.secretAccessKey()) .sessionToken(roleCredentials.sessionToken()) .accountId(request.accountId()) - .providerName(PROVIDER_NAME) + .providerName(providerName()) .build(); return new SessionCredentialsHolder(sessionCredentials, Instant.ofEpochMilli(roleCredentials.expiration())); } + private String providerName() { + String providerName = PROVIDER_NAME; + if (!StringUtils.isEmpty(this.source)) { + providerName = String.format("%s,%s", this.source, providerName); + } + return providerName; + } + /** * The amount of time, relative to session token expiration, that the cached credentials are considered stale and * should no longer be used. All threads will block until the value is updated. @@ -206,6 +218,12 @@ public interface Builder extends CopyableBuilder getRoleCredentialsRequestSupplier); + /** + * An optional string list of {@link software.amazon.awssdk.core.useragent.BusinessMetricFeatureId} denoting previous + * credentials providers that are chained with this one. + */ + Builder source(String source); + /** * Create a {@link SsoCredentialsProvider} using the configuration applied to this builder. * @return @@ -220,6 +238,7 @@ protected static final class BuilderImpl implements Builder { private Duration staleTime; private Duration prefetchTime; private Supplier getRoleCredentialsRequestSupplier; + private String source; BuilderImpl() { @@ -231,6 +250,7 @@ public BuilderImpl(SsoCredentialsProvider provider) { this.staleTime = provider.staleTime; this.prefetchTime = provider.prefetchTime; this.getRoleCredentialsRequestSupplier = provider.getRoleCredentialsRequestSupplier; + this.source = provider.source; } @Override @@ -268,6 +288,12 @@ public Builder refreshRequest(Supplier getRoleCredent return this; } + @Override + public Builder source(String source) { + this.source = source; + return this; + } + @Override public SsoCredentialsProvider build() { return new SsoCredentialsProvider(this); diff --git a/services/sso/src/main/java/software/amazon/awssdk/services/sso/auth/SsoProfileCredentialsProviderFactory.java b/services/sso/src/main/java/software/amazon/awssdk/services/sso/auth/SsoProfileCredentialsProviderFactory.java index f3b910c3e1fa..c1a03fcfdc57 100644 --- a/services/sso/src/main/java/software/amazon/awssdk/services/sso/auth/SsoProfileCredentialsProviderFactory.java +++ b/services/sso/src/main/java/software/amazon/awssdk/services/sso/auth/SsoProfileCredentialsProviderFactory.java @@ -63,10 +63,7 @@ public class SsoProfileCredentialsProviderFactory implements ProfileCredentialsP */ @Override public AwsCredentialsProvider create(ProfileProviderCredentialsContext credentialsContext) { - return new SsoProfileCredentialsProvider(credentialsContext.profile(), - credentialsContext.profileFile(), - sdkTokenProvider(credentialsContext.profile(), - credentialsContext.profileFile())); + return new SsoProfileCredentialsProvider(credentialsContext, sdkTokenProvider(credentialsContext)); } /** @@ -74,26 +71,27 @@ public AwsCredentialsProvider create(ProfileProviderCredentialsContext credentia * This method is only used for testing. */ @SdkTestInternalApi - public AwsCredentialsProvider create(Profile profile, ProfileFile profileFile, + public AwsCredentialsProvider create(ProfileProviderCredentialsContext credentialsContext, SdkTokenProvider tokenProvider) { - return new SsoProfileCredentialsProvider(profile, profileFile, tokenProvider); + return new SsoProfileCredentialsProvider(credentialsContext, tokenProvider); } /** * A wrapper for a {@link SsoCredentialsProvider} that is returned by this factory when {@link - * #create(ProfileProviderCredentialsContext)} * or {@link #create(Profile, ProfileFile, SdkTokenProvider)} is invoked. This - * wrapper is important because it ensures * the parent credentials provider is closed when the sso credentials provider is no - * longer needed. + * #create(ProfileProviderCredentialsContext)} * or {@link #create(ProfileProviderCredentialsContext, SdkTokenProvider)} + * is invoked. This wrapper is important because it ensures * the parent credentials provider is closed when the sso + * credentials provider is no longer needed. */ private static final class SsoProfileCredentialsProvider implements AwsCredentialsProvider, SdkAutoCloseable { private final SsoClient ssoClient; private final SsoCredentialsProvider credentialsProvider; - private SsoProfileCredentialsProvider(Profile profile, ProfileFile profileFile, + private SsoProfileCredentialsProvider(ProfileProviderCredentialsContext credentialsContext, SdkTokenProvider tokenProvider) { + Profile profile = credentialsContext.profile(); String ssoAccountId = profile.properties().get(ProfileProperty.SSO_ACCOUNT_ID); String ssoRoleName = profile.properties().get(ProfileProperty.SSO_ROLE_NAME); - String ssoRegion = regionFromProfileOrSession(profile, profileFile); + String ssoRegion = regionFromProfileOrSession(profile, credentialsContext.profileFile()); this.ssoClient = SsoClient.builder() .credentialsProvider(AnonymousCredentialsProvider.create()) @@ -114,12 +112,14 @@ private SsoProfileCredentialsProvider(Profile profile, ProfileFile profileFile, this.credentialsProvider = SsoCredentialsProvider.builder() .ssoClient(ssoClient) .refreshRequest(supplier) + .source(credentialsContext.source()) .build(); } @Override public AwsCredentials resolveCredentials() { return this.credentialsProvider.resolveCredentials(); + // } @Override @@ -157,7 +157,9 @@ private static Profile ssoSessionInProfile(String sessionName, ProfileFile profi return ssoProfile; } - private static SdkTokenProvider sdkTokenProvider(Profile profile, ProfileFile profileFile) { + private static SdkTokenProvider sdkTokenProvider(ProfileProviderCredentialsContext credentialsContext) { + Profile profile = credentialsContext.profile(); + ProfileFile profileFile = credentialsContext.profileFile(); Optional ssoSession = profile.property(ProfileSection.SSO_SESSION.getPropertyKeyName()); @@ -172,11 +174,9 @@ private static SdkTokenProvider sdkTokenProvider(Profile profile, ProfileFile pr .profileFile(() -> profileFile) .profileName(profile.name()) .build()); - } else { - return new SsoAccessTokenProvider(generateCachedTokenPath( - profile.properties().get(ProfileProperty.SSO_START_URL), TOKEN_DIRECTORY)); - } + return new SsoAccessTokenProvider(generateCachedTokenPath(profile.properties().get(ProfileProperty.SSO_START_URL), + TOKEN_DIRECTORY)); } private static void validateCommonProfileProperties(Profile profile, Profile ssoSessionProfileFile, String propertyName) { diff --git a/services/sso/src/test/java/software/amazon/awssdk/services/sso/auth/SsoCredentialsProviderTest.java b/services/sso/src/test/java/software/amazon/awssdk/services/sso/auth/SsoCredentialsProviderTest.java index 9540a77ba6c6..d7be6cdd852c 100644 --- a/services/sso/src/test/java/software/amazon/awssdk/services/sso/auth/SsoCredentialsProviderTest.java +++ b/services/sso/src/test/java/software/amazon/awssdk/services/sso/auth/SsoCredentialsProviderTest.java @@ -27,6 +27,7 @@ import org.junit.jupiter.api.Test; import org.mockito.Mockito; import software.amazon.awssdk.auth.credentials.AwsSessionCredentials; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sso.SsoClient; import software.amazon.awssdk.services.sso.model.GetRoleCredentialsRequest; import software.amazon.awssdk.services.sso.model.GetRoleCredentialsResponse; @@ -136,7 +137,7 @@ private void callClientWithCredentialsProvider(Instant credentialsExpirationDate assertThat(actualCredentials.accessKeyId()).isEqualTo("a"); assertThat(actualCredentials.secretAccessKey()).isEqualTo("b"); assertThat(actualCredentials.sessionToken()).isEqualTo("c"); - assertThat(actualCredentials.providerName()).isPresent().contains("SsoCredentialsProvider"); + assertThat(actualCredentials.providerName()).isPresent().contains(BusinessMetricFeatureId.CREDENTIALS_SSO.value()); assertThat(actualCredentials.accountId()).isPresent().contains("123456789"); } } diff --git a/services/sso/src/test/java/software/amazon/awssdk/services/sso/auth/SsoProfileCredentialsProviderFactoryTest.java b/services/sso/src/test/java/software/amazon/awssdk/services/sso/auth/SsoProfileCredentialsProviderFactoryTest.java index c5cb2b57834d..8da326bf589f 100644 --- a/services/sso/src/test/java/software/amazon/awssdk/services/sso/auth/SsoProfileCredentialsProviderFactoryTest.java +++ b/services/sso/src/test/java/software/amazon/awssdk/services/sso/auth/SsoProfileCredentialsProviderFactoryTest.java @@ -79,9 +79,12 @@ public void createSsoCredentialsProviderWithFactorySucceed() throws IOException cachedTokenFilePath); SsoProfileCredentialsProviderFactory factory = new SsoProfileCredentialsProviderFactory(); - assertThat(factory.create(profileFile.profile("foo").get(), - profileFile, - tokenProvider)).isInstanceOf(AwsCredentialsProvider.class); + assertThat(factory.create(ProfileProviderCredentialsContext.builder() + .profile(profileFile.profile("foo").get()) + .profileFile(profileFile) + .build(), + tokenProvider)) + .isInstanceOf(AwsCredentialsProvider.class); } private Path prepareTestCachedTokenFile(String tokenFileContent, String generatedTokenFileName) throws IOException { @@ -169,7 +172,10 @@ public void tokenResolvedFromTokenProvider(@Mock SdkTokenProvider sdkTokenProvid "sso_start_url=https//d-abc123.awsapps.com/start"); SsoProfileCredentialsProviderFactory factory = new SsoProfileCredentialsProviderFactory(); when(sdkTokenProvider.resolveToken()).thenReturn(SsoAccessToken.builder().accessToken("sample").expiresAt(Instant.now()).build()); - AwsCredentialsProvider credentialsProvider = factory.create(profileFile.profile("test").get(), profileFile, sdkTokenProvider); + AwsCredentialsProvider credentialsProvider = factory.create(ProfileProviderCredentialsContext.builder() + .profile(profileFile.profile("test").get()) + .profileFile(profileFile) + .build(), sdkTokenProvider); try { credentialsProvider.resolveCredentials(); } catch (Exception e) { diff --git a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleCredentialsProvider.java b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleCredentialsProvider.java index a59570be0103..0c0758484716 100644 --- a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleCredentialsProvider.java +++ b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleCredentialsProvider.java @@ -25,6 +25,7 @@ import software.amazon.awssdk.annotations.ThreadSafe; import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider; import software.amazon.awssdk.auth.credentials.AwsSessionCredentials; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.model.AssumeRoleRequest; import software.amazon.awssdk.services.sts.model.AssumeRoleResponse; @@ -49,8 +50,9 @@ public final class StsAssumeRoleCredentialsProvider extends StsCredentialsProvider implements ToCopyableBuilder { - private static final String PROVIDER_NAME = "StsAssumeRoleCredentialsProvider"; + private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_STS_ASSUME_ROLE.value(); private final Supplier assumeRoleRequestSupplier; + private final String source; /** * @see #builder() @@ -60,6 +62,7 @@ private StsAssumeRoleCredentialsProvider(Builder builder) { Validate.notNull(builder.assumeRoleRequestSupplier, "Assume role request must not be null."); this.assumeRoleRequestSupplier = builder.assumeRoleRequestSupplier; + this.source = builder.source; } /** @@ -75,13 +78,13 @@ protected AwsSessionCredentials getUpdatedCredentials(StsClient stsClient) { Validate.notNull(assumeRoleRequest, "Assume role request must not be null."); AssumeRoleResponse assumeRoleResponse = stsClient.assumeRole(assumeRoleRequest); return fromStsCredentials(assumeRoleResponse.credentials(), - PROVIDER_NAME, + resolvedProviderName(), accountIdFromArn(assumeRoleResponse.assumedRoleUser())); } @Override public String toString() { - return ToString.builder(PROVIDER_NAME) + return ToString.builder(resolvedProviderName()) .add("refreshRequest", assumeRoleRequestSupplier) .build(); } @@ -96,6 +99,13 @@ String providerName() { return PROVIDER_NAME; } + private String resolvedProviderName() { + if (source != null && !source.isEmpty()) { + return String.format("%s,%s", source, providerName()); + } + return providerName(); + } + /** * A builder (created by {@link StsAssumeRoleCredentialsProvider#builder()}) for creating a * {@link StsAssumeRoleCredentialsProvider}. @@ -103,6 +113,7 @@ String providerName() { @NotThreadSafe public static final class Builder extends BaseBuilder { private Supplier assumeRoleRequestSupplier; + private String source; private Builder() { super(StsAssumeRoleCredentialsProvider::new); @@ -145,6 +156,15 @@ public Builder refreshRequest(Consumer assumeRoleRequ return refreshRequest(AssumeRoleRequest.builder().applyMutation(assumeRoleRequest).build()); } + /** + * An optional string list of {@link software.amazon.awssdk.core.useragent.BusinessMetricFeatureId} denoting previous + * credentials providers that are chained with this one. + */ + public Builder source(String source) { + this.source = source; + return this; + } + @Override public StsAssumeRoleCredentialsProvider build() { return super.build(); diff --git a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithSamlCredentialsProvider.java b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithSamlCredentialsProvider.java index 6d99b555e311..a2fd62466251 100644 --- a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithSamlCredentialsProvider.java +++ b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithSamlCredentialsProvider.java @@ -25,6 +25,7 @@ import software.amazon.awssdk.annotations.ThreadSafe; import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider; import software.amazon.awssdk.auth.credentials.AwsSessionCredentials; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.model.AssumeRoleWithSamlRequest; import software.amazon.awssdk.services.sts.model.AssumeRoleWithSamlResponse; @@ -48,7 +49,7 @@ public final class StsAssumeRoleWithSamlCredentialsProvider extends StsCredentialsProvider implements ToCopyableBuilder { - private static final String PROVIDER_NAME = "StsAssumeRoleWithSamlCredentialsProvider"; + private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_STS_ASSUME_ROLE_SAML.value(); private final Supplier assumeRoleWithSamlRequestSupplier; diff --git a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithWebIdentityCredentialsProvider.java b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithWebIdentityCredentialsProvider.java index 4cbb325f7458..a79441814af7 100644 --- a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithWebIdentityCredentialsProvider.java +++ b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithWebIdentityCredentialsProvider.java @@ -26,7 +26,9 @@ import software.amazon.awssdk.annotations.ThreadSafe; import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider; import software.amazon.awssdk.auth.credentials.AwsSessionCredentials; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; +import software.amazon.awssdk.services.sts.internal.AssumeRoleWithWebIdentityRequestSupplier; import software.amazon.awssdk.services.sts.model.AssumeRoleWithWebIdentityRequest; import software.amazon.awssdk.services.sts.model.AssumeRoleWithWebIdentityResponse; import software.amazon.awssdk.utils.builder.ToCopyableBuilder; @@ -49,7 +51,7 @@ public final class StsAssumeRoleWithWebIdentityCredentialsProvider extends StsCredentialsProvider implements ToCopyableBuilder { - private static final String PROVIDER_NAME = "StsAssumeRoleWithWebIdentityCredentialsProvider"; + private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_STS_ASSUME_ROLE_WEB_ID.value(); private final Supplier assumeRoleWithWebIdentityRequest; /** @@ -75,7 +77,7 @@ protected AwsSessionCredentials getUpdatedCredentials(StsClient stsClient) { notNull(request, "AssumeRoleWithWebIdentityRequest can't be null"); AssumeRoleWithWebIdentityResponse assumeRoleResponse = stsClient.assumeRoleWithWebIdentity(request); return fromStsCredentials(assumeRoleResponse.credentials(), - PROVIDER_NAME, + providerName(), accountIdFromArn(assumeRoleResponse.assumedRoleUser())); } @@ -86,7 +88,14 @@ public Builder toBuilder() { @Override String providerName() { - return PROVIDER_NAME; + String providerName = PROVIDER_NAME; + if (assumeRoleWithWebIdentityRequest instanceof AssumeRoleWithWebIdentityRequestSupplier) { + String source = ((AssumeRoleWithWebIdentityRequestSupplier) assumeRoleWithWebIdentityRequest).source(); + if (source != null && !source.isEmpty()) { + providerName = String.format("%s,%s", source, providerName); + } + } + return providerName; } /** diff --git a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsCredentialsProvider.java b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsCredentialsProvider.java index e19a6bf4b9f6..9a48441f2c80 100644 --- a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsCredentialsProvider.java +++ b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsCredentialsProvider.java @@ -222,7 +222,6 @@ public B prefetchTime(Duration prefetchTime) { return (B) this; } - /** * Build the credentials provider using the configuration applied to this builder. */ diff --git a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsGetFederationTokenCredentialsProvider.java b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsGetFederationTokenCredentialsProvider.java index da28815b686e..02aa3605cf8f 100644 --- a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsGetFederationTokenCredentialsProvider.java +++ b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsGetFederationTokenCredentialsProvider.java @@ -23,6 +23,7 @@ import software.amazon.awssdk.annotations.ThreadSafe; import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider; import software.amazon.awssdk.auth.credentials.AwsSessionCredentials; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.endpoints.internal.Arn; import software.amazon.awssdk.services.sts.model.FederatedUser; @@ -48,7 +49,7 @@ public class StsGetFederationTokenCredentialsProvider extends StsCredentialsProvider implements ToCopyableBuilder { - private static final String PROVIDER_NAME = "StsGetFederationTokenCredentialsProvider"; + private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_STS_FEDERATION_TOKEN.value(); private final GetFederationTokenRequest getFederationTokenRequest; diff --git a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsGetSessionTokenCredentialsProvider.java b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsGetSessionTokenCredentialsProvider.java index 8ca66114d2be..ac0b0e090efe 100644 --- a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsGetSessionTokenCredentialsProvider.java +++ b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsGetSessionTokenCredentialsProvider.java @@ -23,6 +23,7 @@ import software.amazon.awssdk.annotations.ThreadSafe; import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider; import software.amazon.awssdk.auth.credentials.AwsSessionCredentials; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.model.GetSessionTokenRequest; import software.amazon.awssdk.services.sts.model.GetSessionTokenResponse; @@ -46,7 +47,7 @@ public class StsGetSessionTokenCredentialsProvider extends StsCredentialsProvider implements ToCopyableBuilder { - private static final String PROVIDER_NAME = "StsGetSessionTokenCredentialsProvider"; + private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_STS_SESSION_TOKEN.value(); private final GetSessionTokenRequest getSessionTokenRequest; diff --git a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenFileCredentialsProvider.java b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenFileCredentialsProvider.java index c812da56e21e..f48e16570280 100644 --- a/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenFileCredentialsProvider.java +++ b/services/sts/src/main/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenFileCredentialsProvider.java @@ -22,6 +22,7 @@ import java.nio.file.Path; import java.nio.file.Paths; +import java.util.Optional; import java.util.function.Consumer; import java.util.function.Supplier; import software.amazon.awssdk.annotations.SdkPublicApi; @@ -30,6 +31,7 @@ import software.amazon.awssdk.auth.credentials.AwsSessionCredentials; import software.amazon.awssdk.auth.credentials.internal.WebIdentityTokenCredentialProperties; import software.amazon.awssdk.core.SdkSystemSetting; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.internal.AssumeRoleWithWebIdentityRequestSupplier; import software.amazon.awssdk.services.sts.model.AssumeRoleWithWebIdentityRequest; @@ -56,7 +58,7 @@ public final class StsWebIdentityTokenFileCredentialsProvider extends StsCredentialsProvider implements ToCopyableBuilder { - private static final String PROVIDER_NAME = "StsWebIdentityTokenFileCredentialsProvider"; + private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN.value(); private final AwsCredentialsProvider credentialsProvider; private final RuntimeException loadException; @@ -132,7 +134,16 @@ public AwsCredentials resolveCredentials() { if (loadException != null) { throw loadException; } - return credentialsProvider.resolveCredentials(); + AwsCredentials awsCredentials = credentialsProvider.resolveCredentials(); + if (awsCredentials instanceof AwsSessionCredentials) { + AwsSessionCredentials sessionCredentials = (AwsSessionCredentials) awsCredentials; + Optional providerName = awsCredentials.providerName(); + if (providerName.isPresent()) { + return sessionCredentials.copy(s -> s.providerName(providerName.get() + "," + PROVIDER_NAME)); + } + return sessionCredentials; + } + return awsCredentials; } @Override diff --git a/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/AssumeRoleWithWebIdentityRequestSupplier.java b/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/AssumeRoleWithWebIdentityRequestSupplier.java index 03b91890af8a..45ce94e2622b 100644 --- a/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/AssumeRoleWithWebIdentityRequestSupplier.java +++ b/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/AssumeRoleWithWebIdentityRequestSupplier.java @@ -28,15 +28,14 @@ @SdkInternalApi public class AssumeRoleWithWebIdentityRequestSupplier implements Supplier { - private final AssumeRoleWithWebIdentityRequest request; private final Path webIdentityTokenFile; + private final String source; public AssumeRoleWithWebIdentityRequestSupplier(Builder builder) { - this.request = builder.request; this.webIdentityTokenFile = builder.webIdentityTokenFile; - + this.source = builder.source; } public static Builder builder() { @@ -48,6 +47,10 @@ public AssumeRoleWithWebIdentityRequest get() { return request.toBuilder().webIdentityToken(getToken(webIdentityTokenFile)).build(); } + public String source() { + return source; + } + //file extraction private String getToken(Path file) { try (InputStream webIdentityTokenStream = Files.newInputStream(file)) { @@ -63,13 +66,15 @@ public static class Builder { private Path webIdentityTokenFile; + private String source; public Builder assumeRoleWithWebIdentityRequest(AssumeRoleWithWebIdentityRequest request) { this.request = request; return this; } - public Builder webIdentityTokenFile(Path webIdentityTokenFile) { + public Builder webIdentityTokenFile(Path + webIdentityTokenFile) { this.webIdentityTokenFile = webIdentityTokenFile; return this; } @@ -79,5 +84,9 @@ public AssumeRoleWithWebIdentityRequestSupplier build() { } + public Builder source(String source) { + this.source = source; + return this; + } } } \ No newline at end of file diff --git a/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/StsProfileCredentialsProviderFactory.java b/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/StsProfileCredentialsProviderFactory.java index 4e5559e73680..40e4c76eb770 100644 --- a/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/StsProfileCredentialsProviderFactory.java +++ b/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/StsProfileCredentialsProviderFactory.java @@ -41,21 +41,21 @@ public final class StsProfileCredentialsProviderFactory implements ChildProfileC + "'%s' profile."; @Override - public AwsCredentialsProvider create(AwsCredentialsProvider sourceCredentialsProvider, Profile profile) { - return new StsProfileCredentialsProvider(sourceCredentialsProvider, profile); + public AwsCredentialsProvider create(AwsCredentialsProvider sourceCredentialsProvider, Profile profile, String source) { + return new StsProfileCredentialsProvider(sourceCredentialsProvider, profile, source); } /** * A wrapper for a {@link StsAssumeRoleCredentialsProvider} that is returned by this factory when - * {@link #create(AwsCredentialsProvider, Profile)} is invoked. This wrapper is important because it ensures the parent - * credentials provider is closed when the assume-role credentials provider is no longer needed. + * {@link #create(AwsCredentialsProvider, Profile, String)} is invoked. This wrapper is important because it ensures the + * parent credentials provider is closed when the assume-role credentials provider is no longer needed. */ private static final class StsProfileCredentialsProvider implements AwsCredentialsProvider, SdkAutoCloseable { private final StsClient stsClient; private final AwsCredentialsProvider parentCredentialsProvider; private final StsAssumeRoleCredentialsProvider credentialsProvider; - private StsProfileCredentialsProvider(AwsCredentialsProvider parentCredentialsProvider, Profile profile) { + private StsProfileCredentialsProvider(AwsCredentialsProvider parentCredentialsProvider, Profile profile, String source) { String roleArn = requireProperty(profile, ProfileProperty.ROLE_ARN); String roleSessionName = profile.property(ProfileProperty.ROLE_SESSION_NAME) .orElseGet(() -> "aws-sdk-java-" + System.currentTimeMillis()); @@ -76,6 +76,7 @@ private StsProfileCredentialsProvider(AwsCredentialsProvider parentCredentialsPr this.credentialsProvider = StsAssumeRoleCredentialsProvider.builder() .stsClient(stsClient) .refreshRequest(assumeRoleRequest) + .source(source) .build(); } diff --git a/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/StsWebIdentityCredentialsProviderFactory.java b/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/StsWebIdentityCredentialsProviderFactory.java index 86340d4f857d..508415676a64 100644 --- a/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/StsWebIdentityCredentialsProviderFactory.java +++ b/services/sts/src/main/java/software/amazon/awssdk/services/sts/internal/StsWebIdentityCredentialsProviderFactory.java @@ -87,6 +87,7 @@ private StsWebIdentityCredentialsProvider(WebIdentityTokenCredentialProperties c AssumeRoleWithWebIdentityRequestSupplier.builder() .assumeRoleWithWebIdentityRequest(requestBuilder.build()) .webIdentityTokenFile(credentialProperties.webIdentityTokenFile()) + .source(credentialProperties.source()) .build(); StsAssumeRoleWithWebIdentityCredentialsProvider.Builder builder = diff --git a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleCredentialsProviderTest.java b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleCredentialsProviderTest.java index e4d7b6c6bc5c..b36cd6e67613 100644 --- a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleCredentialsProviderTest.java +++ b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleCredentialsProviderTest.java @@ -15,6 +15,7 @@ package software.amazon.awssdk.services.sts.auth; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.model.AssumeRoleRequest; import software.amazon.awssdk.services.sts.model.AssumeRoleResponse; @@ -51,6 +52,6 @@ protected AssumeRoleResponse callClient(StsClient client, AssumeRoleRequest requ @Override protected String providerName() { - return "StsAssumeRoleCredentialsProvider"; + return BusinessMetricFeatureId.CREDENTIALS_STS_ASSUME_ROLE.value(); } } diff --git a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithSamlCredentialsProviderTest.java b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithSamlCredentialsProviderTest.java index fb4729f98f79..34c503ac37da 100644 --- a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithSamlCredentialsProviderTest.java +++ b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithSamlCredentialsProviderTest.java @@ -15,6 +15,7 @@ package software.amazon.awssdk.services.sts.auth; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.auth.StsAssumeRoleWithSamlCredentialsProvider.Builder; import software.amazon.awssdk.services.sts.model.AssumeRoleWithSamlRequest; @@ -54,6 +55,6 @@ protected AssumeRoleWithSamlResponse callClient(StsClient client, AssumeRoleWith @Override protected String providerName() { - return "StsAssumeRoleWithSamlCredentialsProvider"; + return BusinessMetricFeatureId.CREDENTIALS_STS_ASSUME_ROLE_SAML.value(); } } diff --git a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithWebIdentityCredentialsProviderTest.java b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithWebIdentityCredentialsProviderTest.java index d037597897a2..8f1e1c4808c3 100644 --- a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithWebIdentityCredentialsProviderTest.java +++ b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsAssumeRoleWithWebIdentityCredentialsProviderTest.java @@ -15,6 +15,7 @@ package software.amazon.awssdk.services.sts.auth; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.auth.StsAssumeRoleWithWebIdentityCredentialsProvider.Builder; import software.amazon.awssdk.services.sts.model.AssumeRoleWithWebIdentityRequest; @@ -53,6 +54,6 @@ protected AssumeRoleWithWebIdentityResponse callClient(StsClient client, AssumeR @Override protected String providerName() { - return "StsAssumeRoleWithWebIdentityCredentialsProvider"; + return BusinessMetricFeatureId.CREDENTIALS_STS_ASSUME_ROLE_WEB_ID.value(); } } diff --git a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsGetFederationTokenCredentialsProviderTest.java b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsGetFederationTokenCredentialsProviderTest.java index bdc50a817aaa..b5154f646ff6 100644 --- a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsGetFederationTokenCredentialsProviderTest.java +++ b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsGetFederationTokenCredentialsProviderTest.java @@ -15,6 +15,7 @@ package software.amazon.awssdk.services.sts.auth; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.auth.StsGetFederationTokenCredentialsProvider.Builder; import software.amazon.awssdk.services.sts.model.AssumedRoleUser; @@ -54,6 +55,6 @@ protected GetFederationTokenResponse callClient(StsClient client, GetFederationT @Override protected String providerName() { - return "StsGetFederationTokenCredentialsProvider"; + return BusinessMetricFeatureId.CREDENTIALS_STS_FEDERATION_TOKEN.value(); } } diff --git a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsGetSessionTokenCredentialsProviderTest.java b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsGetSessionTokenCredentialsProviderTest.java index 18f9feadf796..1ab263152602 100644 --- a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsGetSessionTokenCredentialsProviderTest.java +++ b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsGetSessionTokenCredentialsProviderTest.java @@ -15,6 +15,7 @@ package software.amazon.awssdk.services.sts.auth; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.auth.StsGetSessionTokenCredentialsProvider.Builder; import software.amazon.awssdk.services.sts.model.AssumedRoleUser; @@ -52,6 +53,6 @@ protected GetSessionTokenResponse callClient(StsClient client, GetSessionTokenRe @Override protected String providerName() { - return "StsGetSessionTokenCredentialsProvider"; + return BusinessMetricFeatureId.CREDENTIALS_STS_SESSION_TOKEN.value(); } } diff --git a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenCredentialProviderTest.java b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenCredentialProviderTest.java index c66feee50b6b..5fc6c7bd2031 100644 --- a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenCredentialProviderTest.java +++ b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenCredentialProviderTest.java @@ -45,7 +45,7 @@ class StsWebIdentityTokenCredentialProviderTest { @BeforeEach - public void setUp() { + public void setUp() { String webIdentityTokenPath = Paths.get("src/test/resources/token.jwt").toAbsolutePath().toString(); ENVIRONMENT_VARIABLE_HELPER.set(SdkSystemSetting.AWS_ROLE_ARN.environmentVariable(), "someRole"); ENVIRONMENT_VARIABLE_HELPER.set(SdkSystemSetting.AWS_WEB_IDENTITY_TOKEN_FILE.environmentVariable(), webIdentityTokenPath); @@ -59,7 +59,6 @@ public void cleanUp(){ @Test void createAssumeRoleWithWebIdentityTokenCredentialsProviderWithoutStsClient_throws_Exception() { - Assert.assertThrows(NullPointerException.class, () -> StsWebIdentityTokenFileCredentialsProvider.builder().refreshRequest(r -> r.build()).build()); } diff --git a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenCredentialsProviderBaseTest.java b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenCredentialsProviderBaseTest.java index cb3ca75140bf..2fe7fe6ae1f8 100644 --- a/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenCredentialsProviderBaseTest.java +++ b/services/sts/src/test/java/software/amazon/awssdk/services/sts/auth/StsWebIdentityTokenCredentialsProviderBaseTest.java @@ -22,9 +22,9 @@ import java.nio.file.Path; import java.nio.file.Paths; import org.junit.jupiter.api.AfterEach; -import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.BeforeEach; import software.amazon.awssdk.core.SdkSystemSetting; +import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId; import software.amazon.awssdk.services.sts.StsClient; import software.amazon.awssdk.services.sts.auth.StsWebIdentityTokenFileCredentialsProvider.Builder; import software.amazon.awssdk.services.sts.model.AssumeRoleWithWebIdentityRequest; @@ -83,7 +83,8 @@ protected AssumeRoleWithWebIdentityResponse callClient(StsClient client, AssumeR @Override protected String providerName() { - return "StsAssumeRoleWithWebIdentityCredentialsProvider"; + return String.format("%s,%s", BusinessMetricFeatureId.CREDENTIALS_STS_ASSUME_ROLE_WEB_ID, + BusinessMetricFeatureId.CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN.value()); } private String getToken(Path file) {