Multi auth selection (Client level) #3608
Conversation
generated/src/aws-cpp-sdk-dynamodb/include/aws/dynamodb/DynamoDBClient.h
Outdated
Show resolved
Hide resolved
| * Authentication scheme preferences in order of preference. | ||
| * First available auth scheme will be used for each operation. | ||
| */ | ||
| Aws::Vector<Aws::String> authPreferences; |
There was a problem hiding this comment.
not sure if we should put this on the top level ClientConfiguration object, should it be code-genned on the service specific client configuration? that gives us two advantages, only smithy clients witll have it, and additionally we can make it a Aws::Array of constant space.
src/aws-cpp-sdk-core/include/smithy/identity/auth/AuthSchemeResolverBase.h
Outdated
Show resolved
Hide resolved
| * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
| * SPDX-License-Identifier: Apache-2.0. | ||
| */ | ||
| #pragma once |
There was a problem hiding this comment.
cant remove installed headers, you can make the header point to something new, but removing installed headers can and will break customers if any of their code includes this header.
|
|
||
| Aws::Vector<AuthSchemeOption> filtered; | ||
| for (const auto& pref : preferences) { | ||
| auto prefSchemeIt = AUTH_SCHEME_NAME_TO_ID.find(Aws::Utils::StringUtils::ToLower(pref.c_str())); |
There was a problem hiding this comment.
is there a way to code generate AUTH_SCHEME_NAME_TO_ID so that we dont have all the mappings, just the ones we know are relevant? and would that simplfy any assumptions?
There was a problem hiding this comment.
we could probably do this, but it's gonna add complexity with little benefit imo. Since we construct GenericAuthResolver as part of the code gen, we could also construct with the mappings, and pass it down to the base class where the mapping is needed. Maybe missing something, but given that this is a 4 key/pair value lookup I don't think there's any gains here
52770bf to
b2d9986
Compare
Issue #, if available:
Description of changes:
This PR adds support for client-level auth resolution. It includes replacement of current authResolvers to be more generic, and allows for customers to set preferences for authentication methods.
Check all that applies:
Check which platforms you have built SDK on to verify the correctness of this PR.
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.