SSO Credentials Changes

gems/smithy-client/lib/smithy-client/http_api_key_provider.rb

@@ -8,7 +8,7 @@ class HttpApiKeyProvider
 
       # @param [String] key
       def initialize(key)
-        @identity = Identities::HttpApiKey.new(key: key)
+        @identity = Identities::ApiKey.new(key: key)
       end
     end
   end

gems/smithy-client/lib/smithy-client/http_bearer_provider.rb

@@ -2,13 +2,13 @@
 
 module Smithy
   module Client
-    # Returns an HTTP Bearer identity
+    # Returns a Token identity
     class HttpBearerProvider
       include IdentityProvider
 
       # @param [String] token
       def initialize(token)
-        @identity = Identities::HttpBearer.new(token: token)
+        @identity = Identities::Token.new(token: token)
       end
     end
   end

gems/smithy-client/lib/smithy-client/identities/api_key.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Smithy
+  module Client
+    module Identities
+      # Identity class for API Key authentication.
+      class ApiKey < Identity
+        def initialize(key:, **)
+          @key = key
+          super(**)
+        end
+
+        # @return [String, nil]
+        attr_reader :key
+
+        # Removing the key from the default inspect string.
+        # @api private
+        def inspect
+          super.gsub(/@key="(\\"|[^"])*"/, '@key=[FILTERED]')
+        end
+      end
+    end
+  end
+end

gems/smithy-client/lib/smithy-client/identities/http_bearer.rb → gems/smithy-client/lib/smithy-client/identities/token.rb

@@ -3,15 +3,21 @@
 module Smithy
   module Client
     module Identities
-      # Identity class for HTTP Bearer token authentication.
-      class HttpBearer < Identity
+      # Identity class for token authentication.
+      class Token < Identity
         def initialize(token:, **)
           @token = token
           super(**)
         end
 
         # @return [String, nil]
         attr_reader :token
+
+        # Removing the token from the default inspect string.
+        # @api private
+        def inspect
+          super.gsub(/@token="(\\"|[^"])*"/, '@token=[FILTERED]')
+        end
       end
     end
   end

gems/smithy-client/lib/smithy-client/plugins/http_api_key_auth.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 require_relative '../http_api_key_provider'
-require_relative '../identities/http_api_key'
+require_relative '../identities/api_key'
 
 module Smithy
   module Client

gems/smithy-client/lib/smithy-client/plugins/http_bearer_auth.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 require_relative '../http_bearer_provider'
-require_relative '../identities/http_bearer'
+require_relative '../identities/token'
 
 module Smithy
   module Client

gems/smithy-client/sig/smithy-client/identities/http_bearer.rbs → gems/smithy-client/sig/smithy-client/identities/token.rbs

@@ -1,7 +1,7 @@
 module Smithy
   module Client
     module Identities
-      class HttpBearer < Identity
+      class Token < Identity
         def initialize: (token: String, **untyped options) -> void
         attr_reader token: String
       end

gems/smithy-client/spec/smithy-client/plugins/resolve_auth_spec.rb

@@ -36,7 +36,7 @@ module Plugins
           client_class.add_plugin(HttpApiKeyAuth)
           resp = client.operation
           expect(resp.context.auth[:scheme_id]).to equal('smithy.api#httpApiKeyAuth')
-          expect(resp.context.auth[:identity]).to be_a(Identities::HttpApiKey)
+          expect(resp.context.auth[:identity]).to be_a(Identities::ApiKey)
         end
 
         it 'resolves auth for http basic auth' do
@@ -52,7 +52,7 @@ module Plugins
           client_class.add_plugin(HttpBearerAuth)
           resp = client.operation
           expect(resp.context.auth[:scheme_id]).to equal('smithy.api#httpBearerAuth')
-          expect(resp.context.auth[:identity]).to be_a(Identities::HttpBearer)
+          expect(resp.context.auth[:identity]).to be_a(Identities::Token)
         end
 
         it 'resolves auth for http digest auth' do

gems/smithy/lib/smithy/views/client/auth_resolver.rb

@@ -93,10 +93,12 @@ def operation_auth_schemes(operation)
           if operation_auth?(operation)
             operation_auth = operation_traits.fetch('smithy.api#auth', [])
             add_auth_schemes_from_auth_trait(auth_schemes, operation_auth)
+          elsif optional_operation_auth?(operation)
+            auth_schemes = service_auth_schemes << 'smithy.api#noAuth'
+            auth_schemes.uniq!
           else
             add_registered_auth_schemes(auth_schemes, operation_traits)
           end
-          auth_schemes << 'smithy.api#optionalAuth' if operation_traits.key?('smithy.api#optionalAuth')
           auth_schemes << 'smithy.api#noAuth' if auth_schemes.empty?
           auth_schemes
         end

gems/smithy/spec/fixtures/auth/auth_trait/model.json

@@ -36,6 +36,18 @@
                 "smithy.api#auth": []
             }
         },
+        "smithy.ruby.tests#OperationF": {
+            "type": "operation",
+            "input": {
+                "target": "smithy.api#Unit"
+            },
+            "output": {
+                "target": "smithy.api#Unit"
+            },
+            "traits": {
+                "smithy.api#optionalAuth": {}
+            }
+        },
         "smithy.ruby.tests#ServiceWithAuthTrait": {
             "type": "service",
             "version": "2020-01-29",
@@ -48,6 +60,9 @@
                 },
                 {
                     "target": "smithy.ruby.tests#OperationE"
+                },
+                {
+                    "target": "smithy.ruby.tests#OperationF"
                 }
             ],
             "traits": {

gems/smithy/spec/fixtures/auth/auth_trait/model.smithy

@@ -12,6 +12,7 @@ service ServiceWithAuthTrait {
         OperationC
         OperationD
         OperationE
+        OperationF
     ]
 }
 
@@ -29,4 +30,10 @@ operation OperationD {}
 // This operation has the @auth trait and is bound to a service with the
 // @auth trait. This operation does not support any authentication schemes.
 @auth([])
-operation OperationE {}
+operation OperationE {}
+
+// This operation has the @optionalAuth trait and is bound to a service
+// with the @auth trait. The effective set of authentication schemes it
+// supports are: httpBasicAuth, httpDigestAuth, and noAuth
+@optionalAuth
+operation OperationF {}

gems/smithy/spec/fixtures/auth/no_auth/model.json

@@ -0,0 +1,38 @@
+{
+    "smithy": "2.0",
+    "shapes": {
+        "smithy.ruby.tests#OperationH": {
+            "type": "operation",
+            "input": {
+                "target": "smithy.api#Unit"
+            },
+            "output": {
+                "target": "smithy.api#Unit"
+            }
+        },
+        "smithy.ruby.tests#OperationI": {
+            "type": "operation",
+            "input": {
+                "target": "smithy.api#Unit"
+            },
+            "output": {
+                "target": "smithy.api#Unit"
+            },
+            "traits": {
+                "smithy.api#optionalAuth": {}
+            }
+        },
+        "smithy.ruby.tests#ServiceWithNoAuth": {
+            "type": "service",
+            "version": "2020-01-29",
+            "operations": [
+                {
+                    "target": "smithy.ruby.tests#OperationH"
+                },
+                {
+                    "target": "smithy.ruby.tests#OperationI"
+                }
+            ]
+        }
+    }
+}

gems/smithy/spec/fixtures/auth/no_auth/model.smithy

@@ -0,0 +1,20 @@
+$version: "2.0"
+
+namespace smithy.ruby.tests
+
+service ServiceWithNoAuth {
+    version: "2020-01-29"
+    operations: [
+        OperationH
+        OperationI
+    ]
+}
+
+// This operation does not have the @auth trait and is bound to a service
+// without the @auth trait. This operation does not support any authentication schemes.
+operation OperationH {}
+
+// This operation has the @optionalAuth trait and is bound to a service
+// without the @auth trait. This operation does not support any authentication schemes.
+@optionalAuth
+operation OperationI {}

gems/smithy/spec/fixtures/auth/no_auth_trait/model.json

@@ -24,6 +24,18 @@
                 ]
             }
         },
+        "smithy.ruby.tests#OperationG": {
+            "type": "operation",
+            "input": {
+                "target": "smithy.api#Unit"
+            },
+            "output": {
+                "target": "smithy.api#Unit"
+            },
+            "traits": {
+                "smithy.api#optionalAuth": {}
+            }
+        },
         "smithy.ruby.tests#ServiceWithNoAuthTrait": {
             "type": "service",
             "version": "2020-01-29",
@@ -33,6 +45,9 @@
                 },
                 {
                     "target": "smithy.ruby.tests#OperationB"
+                },
+                {
+                    "target": "smithy.ruby.tests#OperationG"
                 }
             ],
             "traits": {

gems/smithy/spec/fixtures/auth/no_auth_trait/model.smithy

@@ -10,6 +10,7 @@ service ServiceWithNoAuthTrait {
     operations: [
         OperationA
         OperationB
+        OperationG
     ]
 }
 
@@ -23,3 +24,9 @@ operation OperationA {}
 // supports are: httpDigestAuth.
 @auth([httpDigestAuth])
 operation OperationB {}
+
+// This operation has the @optionalAuth trait and is bound to a service
+// without the @auth trait. The effective set of authentication schemes it
+// supports are: httpBasicAuth, httpDigestAuth, httpBearerAuth, and noAuth
+@optionalAuth
+operation OperationG {}

gems/smithy/spec/interfaces/client/auth_resolver_spec.rb

@@ -24,6 +24,13 @@
           auth_options = subject.resolve(params)
           expect(auth_options).to eq(['smithy.api#httpDigestAuth'])
         end
+
+        it 'returns the auth options for the operation with the optionalAuth trait' do
+          params = NoAuthTrait::AuthParameters.new(operation_name: :operation_g)
+          auth_options = subject.resolve(params)
+          expect(auth_options).to eq(%w[smithy.api#httpBasicAuth smithy.api#httpBearerAuth smithy.api#httpDigestAuth
+                                        smithy.api#noAuth])
+        end
       end
     end
 
@@ -51,6 +58,32 @@
           auth_options = subject.resolve(params)
           expect(auth_options).to eq(['smithy.api#noAuth'])
         end
+
+        it 'returns the auth options for the operation with the optionalAuth trait' do
+          params = AuthTrait::AuthParameters.new(operation_name: :operation_f)
+          auth_options = subject.resolve(params)
+          expect(auth_options).to eq(%w[smithy.api#httpBasicAuth smithy.api#httpDigestAuth smithy.api#noAuth])
+        end
+      end
+    end
+
+    context context do
+      include_context context, 'NoAuth', fixture: 'auth/no_auth'
+
+      subject { NoAuth::AuthResolver.new }
+
+      describe '#resolve' do
+        it 'returns the auth options for the operation with no auth traits' do
+          params = NoAuth::AuthParameters.new(operation_name: :operation_h)
+          auth_options = subject.resolve(params)
+          expect(auth_options).to eq(['smithy.api#noAuth'])
+        end
+
+        it 'returns the auth options for the operation with the optionalAuth trait' do
+          params = NoAuth::AuthParameters.new(operation_name: :operation_i)
+          auth_options = subject.resolve(params)
+          expect(auth_options).to eq(['smithy.api#noAuth'])
+        end
       end
     end
   end

projections/shapes/lib/shapes/endpoint_provider.rb

@@ -13,6 +13,7 @@ def resolve(parameters)
         return Smithy::Client::EndpointRules::Endpoint.new(uri: parameters.endpoint)
       end
       raise ArgumentError, "Endpoint is not set - you must configure an endpoint."
+
     end
   end
 end

projections/weather/lib/weather/endpoint_provider.rb

@@ -13,6 +13,7 @@ def resolve(parameters)
         return Smithy::Client::EndpointRules::Endpoint.new(uri: parameters.endpoint)
       end
       raise ArgumentError, "Endpoint is not set - you must configure an endpoint."
+
     end
   end
 end