AWS SDK

/*

 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.

 * SPDX-License-Identifier: Apache-2.0

 */

import aws.sdk.kotlin.gradle.dsl.configurePublishing

import aws.sdk.kotlin.gradle.util.typedProp

import org.jetbrains.kotlin.gradle.dsl.JvmTarget

import java.time.LocalDateTime

plugins {

    `maven-publish`

    `dokka-convention`

    alias(libs.plugins.aws.kotlin.repo.tools.kmp) apply false

}

                        }

                        // Run the tests with the classpath containing the compile dependencies (including 'main'),

                        // runtime dependencies, and the outputs of this compilation:

                        classpath = compileDependencyFiles + runtimeDependencyFiles + output.allOutputs

                        // Run only the tests from this compilation's outputs:

                        testClassesDirs = output.classesDirs

                        useJUnitPlatform()

                        // model a random input to enable re-running e2e tests back to back without

                        // up-to-date checks or cache getting in the way

                        inputs.property("integration.datetime", LocalDateTime.now())

                        systemProperty("org.slf4j.simpleLogger.defaultLogLevel", System.getProperty("org.slf4j.simpleLogger.defaultLogLevel", "WARN"))

                    }

                }

            }

        }

    }

    tasks.withType<org.jetbrains.kotlin.gradle.tasks.KotlinCompile> {

        compilerOptions {

            allWarningsAsErrors.set(false) // FIXME Tons of errors occur in generated code

            jvmTarget.set(JvmTarget.JVM_1_8) // fixes outgoing variant metadata: https://github.com/smithy-lang/smithy-kotlin/issues/258

            freeCompilerArgs.add("-Xjdk-release=1.8")

        }

    }

    configurePublishing("aws-sdk-kotlin")

    publishing {

        publications.all {

            if (this !is MavenPublication) return@all

            project.afterEvaluate {

                val sdkId = project.typedProp<String>("aws.sdk.id") ?: error("service build `${project.name}` is missing `aws.sdk.id` property required for publishing")

                pom.properties.put("aws.sdk.id", sdkId)

            }

        }

    }

/**

 * Validate the way service clients can be constructed.

 *

 * These are written against S3 but apply generically to any client.

 */

class CreateClientTest {

    @Test

    fun testMissingRegion() {

        // Should _not_ throw an exception since region is optional

    }

    @Test

    fun testDefaults() {

        S3Client { region = "us-east-2" }.use { }

    }

    @Test

    fun testFromEnvironmentWithOverrides() = runTest {

        S3Client.fromEnvironment { region = "us-east-2" }.use { }

import aws.sdk.kotlin.services.s3.S3Client

import aws.sdk.kotlin.services.s3.model.CreateSessionRequest

import aws.sdk.kotlin.services.s3.model.CreateSessionResponse

import aws.sdk.kotlin.services.s3.model.SessionCredentials

import aws.smithy.kotlin.runtime.auth.awscredentials.Credentials

import aws.smithy.kotlin.runtime.io.use

import aws.smithy.kotlin.runtime.operation.ExecutionContext

import aws.smithy.kotlin.runtime.time.ManualClock

import kotlinx.coroutines.*

import kotlinx.coroutines.test.runTest

import kotlin.time.ComparableTimeMark

import kotlin.time.Duration.Companion.milliseconds

import kotlin.time.Duration.Companion.minutes

import kotlin.time.Duration.Companion.seconds

import kotlin.time.TestTimeSource

private val DEFAULT_BASE_CREDENTIALS = Credentials("accessKeyId", "secretAccessKey", "sessionToken")

class DefaultS3ExpressCredentialsProviderTest {

    @Test

    fun testCreateSessionCredentials() = runTest {

        val timeSource = TestTimeSource()

        val clock = ManualClock()

        val expectedCredentials = SessionCredentials {

            accessKeyId = "access"

            secretAccessKey = "secret"

            sessionToken = "session"

            expiration = clock.now() + 5.minutes

        }

            DefaultS3ExpressCredentialsProvider(timeSource, clock).use { provider ->

                val credentials = provider.createSessionCredentials(

                    S3ExpressCredentialsCacheKey("bucket", DEFAULT_BASE_CREDENTIALS),

                    client,

                )

                assertFalse(credentials.isExpired)

                assertEquals(timeSource.markNow() + 5.minutes, credentials.expiresAt)

            }

        }

    @Test

    fun testSyncRefresh() = runTest {

        val timeSource = TestTimeSource()

        val clock = ManualClock()

        // Entry expired 30 seconds ago, next `resolve` call should trigger a sync refresh

        val cache = S3ExpressCredentialsCache()

        val entry = getCacheEntry(timeSource.markNow() - 30.seconds)

        cache.put(entry.key, entry.value)

        val expectedCredentials = SessionCredentials {

            accessKeyId = "access"

            secretAccessKey = "secret"

            sessionToken = "session"

            expiration = clock.now() + 5.minutes

        }

            DefaultS3ExpressCredentialsProvider(timeSource, clock, cache, refreshBuffer = 1.minutes).use { provider ->

                val attributes = ExecutionContext.build {

                    this.attributes[S3Attributes.ExpressClient] = testClient

                    this.attributes[S3Attributes.Bucket] = "bucket"

                }

                provider.resolve(attributes)

            }

            assertEquals(1, testClient.numCreateSession)

        }

    @Test

    fun testAsyncRefresh() = runTest {

        val timeSource = TestTimeSource()

        val clock = ManualClock()

        // Entry expires in 30 seconds, refresh buffer is 1 minute. Next `resolve` call should trigger the async refresh

        val cache = S3ExpressCredentialsCache()

        val entry = getCacheEntry(timeSource.markNow() + 30.seconds)

        cache.put(entry.key, entry.value)

        val expectedCredentials = SessionCredentials {

            accessKeyId = "access"

            secretAccessKey = "secret"

            sessionToken = "session"

            expiration = clock.now() + 5.minutes

        }

            val provider = DefaultS3ExpressCredentialsProvider(timeSource, clock, cache, refreshBuffer = 1.minutes)

            val attributes = ExecutionContext.build {

                this.attributes[S3Attributes.ExpressClient] = testClient

                this.attributes[S3Attributes.Bucket] = "bucket"

            }

            provider.resolve(attributes)

            // allow the async refresh to initiate before closing the provider

            runBlocking { delay(500.milliseconds) }

            provider.close()

            provider.coroutineContext.job.join()

            assertEquals(1, testClient.numCreateSession)

        }

    @Test

    fun testAsyncRefreshDebounce() = runTest {

        val timeSource = TestTimeSource()

        val clock = ManualClock()

        // Entry expires in 30 seconds, refresh buffer is 1 minute. Next `resolve` call should trigger the async refresh

        val cache = S3ExpressCredentialsCache()

        val entry = getCacheEntry(expiration = timeSource.markNow() + 30.seconds)

        cache.put(entry.key, entry.value)

        val expectedCredentials = SessionCredentials {

            accessKeyId = "access"

            secretAccessKey = "secret"

            sessionToken = "session"

            expiration = clock.now() + 5.minutes

        }

            val provider = DefaultS3ExpressCredentialsProvider(timeSource, clock, cache, refreshBuffer = 1.minutes)

            val attributes = ExecutionContext.build {

                this.attributes[S3Attributes.ExpressClient] = testClient

                this.attributes[S3Attributes.Bucket] = "bucket"

            }

            val calls = (1..5).map {

                async { provider.resolve(attributes) }

            }

            calls.awaitAll()

            // allow the async refresh to initiate before closing the provider

            runBlocking { delay(500.milliseconds) }

            provider.close()

            provider.coroutineContext.job.join()

            assertEquals(1, testClient.numCreateSession)

        }

    @Test

    fun testAsyncRefreshHandlesFailures() = runTest {

        val timeSource = TestTimeSource()

        val clock = ManualClock()

        // Entry expires in 30 seconds, refresh buffer is 1 minute. Next `resolve` call should trigger the async refresh

        val cache = S3ExpressCredentialsCache()

        val successEntry = getCacheEntry(timeSource.markNow() + 30.seconds, bucket = "SuccessfulBucket")

        val failedEntry = getCacheEntry(timeSource.markNow() + 30.seconds, bucket = "ExceptionBucket")

        cache.put(successEntry.key, successEntry.value)

        cache.put(failedEntry.key, failedEntry.value)

        val expectedCredentials = SessionCredentials {

            accessKeyId = "access"

            secretAccessKey = "secret"

            sessionToken = "session"

            expiration = clock.now() + 5.minutes

        }

        // client should throw an exception when `ExceptionBucket` credentials are fetched, but it should be caught

            val provider = DefaultS3ExpressCredentialsProvider(timeSource, clock, cache, refreshBuffer = 1.minutes)

            val attributes = ExecutionContext.build {

                this.attributes[S3Attributes.ExpressClient] = testClient

                this.attributes[S3Attributes.Bucket] = "ExceptionBucket"

            }

            provider.resolve(attributes)

            withTimeout(5.seconds) {

                while (testClient.numCreateSession != 1) {

                    yield()

                }

            }

            assertEquals(1, testClient.numCreateSession)

            attributes[S3Attributes.Bucket] = "SuccessfulBucket"

            provider.resolve(attributes)

            withTimeout(5.seconds) {

                while (testClient.numCreateSession != 2) {

                    yield()

                }

            }

            provider.close()

            provider.coroutineContext.job.join()

            assertEquals(2, testClient.numCreateSession)

        }

    @Test

    fun testAsyncRefreshClosesImmediately() = runTest {

        val timeSource = TestTimeSource()

        val clock = ManualClock()

        // Entry expires in 30 seconds, refresh buffer is 1 minute. Next `resolve` call should trigger the async refresh

        val cache = S3ExpressCredentialsCache()

        val entry = getCacheEntry(timeSource.markNow() + 30.seconds)

        cache.put(entry.key, entry.value)

        val expectedCredentials = SessionCredentials {

            accessKeyId = "access"

            secretAccessKey = "secret"

            sessionToken = "session"

            expiration = clock.now() + 5.minutes

        }

        val provider = DefaultS3ExpressCredentialsProvider(timeSource, clock, cache, refreshBuffer = 1.minutes)

            override suspend fun createSession(input: CreateSessionRequest): CreateSessionResponse {

                delay(10.seconds)

                numCreateSession += 1

                return CreateSessionResponse { credentials = expectedCredentials }

            }

        }

            val attributes = ExecutionContext.build {

                this.attributes[S3Attributes.ExpressClient] = blockingTestS3Client

                this.attributes[S3Attributes.Bucket] = "bucket"

            }

            withTimeout(5.seconds) {

                provider.resolve(attributes)

                provider.close()

            }

            assertEquals(0, blockingTestS3Client.numCreateSession)

        }

    /**

     * Get an instance of [Map.Entry<S3ExpressCredentialsCacheKey, S3ExpressCredentialsCacheValue>] using the given [expiration],

     * [bucket], and optional [bootstrapCredentials] and [sessionCredentials].

     */

    private fun getCacheEntry(

        expiration: ComparableTimeMark,

        bucket: String = "bucket",

        bootstrapCredentials: Credentials = Credentials(accessKeyId = "accessKeyId", secretAccessKey = "secretAccessKey", sessionToken = "sessionToken"),

        sessionCredentials: Credentials = Credentials(accessKeyId = "s3AccessKeyId", secretAccessKey = "s3SecretAccessKey", sessionToken = "s3SessionToken"),

    ): S3ExpressCredentialsCacheEntry = mapOf(

        S3ExpressCredentialsCacheKey(bucket, bootstrapCredentials) to S3ExpressCredentialsCacheValue(ExpiringValue(sessionCredentials, expiration)),

    ).entries.first()

    /**

     * A test S3Client used to mock calls to s3:CreateSession.

     * @param expectedCredentials the expected session credentials returned from s3:CreateSession

     * @param client the base S3 client used to implement other operations, though they are unused.

     * @param throwExceptionOnBucketNamed an optional bucket name, which when specified and present in the [CreateSessionRequest], will

     * cause the client to throw an exception instead of returning credentials. Used for testing s3:CreateSession failures.

     */

    private open inner class TestS3Client(

        val expectedCredentials: SessionCredentials,

        val baseCredentials: Credentials = DEFAULT_BASE_CREDENTIALS,

        val client: S3Client = S3Client { credentialsProvider = StaticCredentialsProvider(baseCredentials) },

        val throwExceptionOnBucketNamed: String? = null,

    ) : S3Client by client {

        var numCreateSession = 0

        override suspend fun createSession(input: CreateSessionRequest): CreateSessionResponse {

            numCreateSession += 1

            throwExceptionOnBucketNamed?.let {

                if (input.bucket == it) {

                    throw Exception("Failed to create session credentials for bucket: $throwExceptionOnBucketNamed")

                }

            }

            return CreateSessionResponse { credentials = expectedCredentials }

        }

    }

}

import aws.sdk.kotlin.runtime.auth.credentials.StaticCredentialsProvider

import aws.sdk.kotlin.services.s3.S3Client

import aws.sdk.kotlin.services.s3.model.GetObjectRequest

import aws.smithy.kotlin.runtime.http.Headers

import aws.smithy.kotlin.runtime.http.HeadersBuilder

import aws.smithy.kotlin.runtime.http.HttpBody

import aws.smithy.kotlin.runtime.http.HttpStatusCode

import aws.smithy.kotlin.runtime.http.response.HttpResponse

import aws.smithy.kotlin.runtime.httptest.buildTestConnection

import aws.smithy.kotlin.runtime.time.Instant

import kotlinx.coroutines.test.runTest

import kotlin.test.Test

import kotlin.test.assertEquals

import kotlin.test.assertNull

class ExpiresFieldInterceptorTest {

    private fun newTestClient(

        status: HttpStatusCode = HttpStatusCode.OK,

        headers: Headers = Headers.Empty,

    ): S3Client =

        S3Client {

            region = "us-east-1"

            credentialsProvider = StaticCredentialsProvider {

                accessKeyId = "accessKeyId"

                secretAccessKey = "secretAccessKey"

            }

            httpClient = buildTestConnection {

                expect(HttpResponse(status, headers, body = HttpBody.Empty))

            }

        }

    @Test

    fun testHandlesParsableExpiresField() = runTest {

        val expectedHeaders = HeadersBuilder().apply {

            append("Expires", "Mon, 1 Apr 2024 00:00:00 +0000")

        }.build()

            s3.getObject(

                GetObjectRequest {

                    bucket = "test"

                    key = "key"

                },

            ) {

                assertEquals(Instant.fromEpochSeconds(1711929600), it.expires)

                assertEquals("Mon, 1 Apr 2024 00:00:00 +0000", it.expiresString)

            }

        }

    @Test

    fun testHandlesUnparsableExpiresField() = runTest {

        val invalidExpiresField = "Tomorrow or maybe the day after?"

        val expectedHeaders = HeadersBuilder().apply {

            append("Expires", invalidExpiresField)

        }.build()

            s3.getObject(

                GetObjectRequest {

                    bucket = "test"

                    key = "key"

                },

            ) {

                assertNull(it.expires)

                assertEquals(invalidExpiresField, it.expiresString)

            }

        }

}

import aws.sdk.kotlin.services.s3.deleteObject

import aws.sdk.kotlin.services.s3.deleteObjects

import aws.sdk.kotlin.services.s3.model.S3Exception

import aws.smithy.kotlin.runtime.auth.awscredentials.Credentials

import aws.smithy.kotlin.runtime.auth.awscredentials.CredentialsProvider

import aws.smithy.kotlin.runtime.collections.Attributes

import aws.smithy.kotlin.runtime.http.HttpBody

import aws.smithy.kotlin.runtime.http.HttpStatusCode

import aws.smithy.kotlin.runtime.http.response.HttpResponse

import aws.smithy.kotlin.runtime.httptest.buildTestConnection

import kotlinx.coroutines.test.runTest

import kotlin.test.Test

import kotlin.test.assertEquals

import kotlin.test.assertFailsWith

private const val REQUEST_ID = "K2H6N7ZGQT6WHCEG"

private const val EXT_REQUEST_ID = "WWoZlnK4pTjKCYn6eNV7GgOurabfqLkjbSyqTvDMGBaI9uwzyNhSaDhOCPs8paFGye7S6b/AB3A="

class Handle200ErrorsInterceptorTest {

    object TestCredentialsProvider : CredentialsProvider {

        override suspend fun resolve(attributes: Attributes): Credentials = Credentials("AKID", "SECRET")

    }

    private val errorResponsePayload = """

            <Error>

                <Code>SlowDown</Code>

                <Message>Please reduce your request rate.</Message>

                <RequestId>$REQUEST_ID</RequestId>

                <HostId>$EXT_REQUEST_ID</HostId>

            </Error>

    """.trimIndent().encodeToByteArray()

    private fun newTestClient(

        status: HttpStatusCode = HttpStatusCode.OK,

        payload: ByteArray = errorResponsePayload,

    ): S3Client =

        S3Client {

            region = "us-east-1"

            credentialsProvider = TestCredentialsProvider

            retryStrategy {

                maxAttempts = 1

            }

            httpClient = buildTestConnection {

                expect(HttpResponse(status, body = HttpBody.fromBytes(payload)))

            }

        }

    fun assertException(ex: S3Exception) {

        val expectedMessage = "Please reduce your request rate."

        assertEquals("SlowDown", ex.sdkErrorMetadata.errorCode)

        assertEquals(expectedMessage, ex.sdkErrorMetadata.errorMessage)

        assertEquals("$expectedMessage, Request ID: $REQUEST_ID, Extended request ID: $EXT_REQUEST_ID", ex.message)

        assertEquals(REQUEST_ID, ex.sdkErrorMetadata.requestId)

        assertEquals(EXT_REQUEST_ID, ex.sdkErrorMetadata.requestId2)

    }

    @Test

    fun testHandle200ErrorsWithNoExpectedBody() = runTest {

            val ex = assertFailsWith<S3Exception> {

                s3.deleteObject {

                    bucket = "test"

                    key = "key"

                }

            }

            assertException(ex)

        }

    @Test

    fun testHandle200ErrorsWithExpectedBody() = runTest {

            val ex = assertFailsWith<S3Exception> {

                s3.deleteObjects { bucket = "test" }

            }

            assertException(ex)

        }

    @Test

    fun testNonErrorPayload() = runTest {

        val payload = """

           <?xml version="1.0" encoding="UTF-8"?>

           <DeleteResult>

              <Deleted>

                 <Key>my-key</Key>

              </Deleted>

           </DeleteResult>

        """.trimIndent().encodeToByteArray()

        val s3 = newTestClient(payload = payload)

        val response = s3.deleteObjects { bucket = "test" }

        assertEquals("my-key", response.deleted?.first()?.key)

    }

    @Test

    fun testErrorPayloadUnmodified() = runTest {

        val payload = """

           <?xml version="1.0" encoding="UTF-8"?>

            <Error>

                <Code>FooError</Code>

                <Message>Please use less foos.</Message>

                <RequestId>rid</RequestId>

                <HostId>rid2</HostId>

            </Error>

        """.trimIndent().encodeToByteArray()

            val ex = assertFailsWith<S3Exception> {

                s3.deleteObjects { bucket = "test" }

            }

            val expectedMessage = "Please use less foos."

            assertEquals("$expectedMessage, Request ID: rid, Extended request ID: rid2", ex.message)

            assertEquals(expectedMessage, ex.sdkErrorMetadata.errorMessage)

            assertEquals("FooError", ex.sdkErrorMetadata.errorCode)

            assertEquals("rid", ex.sdkErrorMetadata.requestId)

            assertEquals("rid2", ex.sdkErrorMetadata.requestId2)

        }

}

    private lateinit var testBucket: String

    @BeforeAll

    fun createResources(): Unit = runBlocking {

        testBucket = S3TestUtils.getTestBucket(client)

    }

    @AfterAll

    fun cleanup() = runBlocking {

        S3TestUtils.deleteBucketAndAllContents(client, testBucket)

    }

    // ListParts has a strange pagination termination condition via [IsTerminated]. Verify it actually works correctly.

    @Test

    fun testListPartsPagination() = runBlocking {

        val chunk = "!".repeat(5 * 1024 * 1024).encodeToByteArray() // Parts must be at least 5MB

        val expectedParts = (1..10).toList()

        val id = client.createMultipartUpload {

            bucket = testBucket

 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.

 * SPDX-License-Identifier: Apache-2.0

 */

package aws.sdk.kotlin.e2etest

import aws.sdk.kotlin.services.s3.*

import aws.sdk.kotlin.services.s3.model.*

import aws.sdk.kotlin.testing.PRINTABLE_CHARS

import aws.sdk.kotlin.testing.withAllEngines

import aws.smithy.kotlin.runtime.client.ProtocolRequestInterceptorContext

import aws.smithy.kotlin.runtime.hashing.sha256

import aws.smithy.kotlin.runtime.http.HttpException

import aws.smithy.kotlin.runtime.http.interceptors.HttpInterceptor

import aws.smithy.kotlin.runtime.http.request.HttpRequest

import aws.smithy.kotlin.runtime.testing.RandomTempFile

import aws.smithy.kotlin.runtime.text.encoding.encodeToHex

import kotlinx.coroutines.flow.flow

import kotlinx.coroutines.flow.toList

import org.junit.jupiter.api.AfterAll

import org.junit.jupiter.api.BeforeAll

import org.junit.jupiter.api.TestInstance

import java.io.File

import kotlin.test.*

import kotlin.time.Duration.Companion.seconds

/**

 * Tests for bucket operations and presigner

 */

@TestInstance(TestInstance.Lifecycle.PER_CLASS)

class S3BucketOpsIntegrationTest {

    private val client = S3Client {

        region = S3TestUtils.DEFAULT_REGION

    }

    private lateinit var testBucket: String

    @BeforeAll

    fun createResources(): Unit = runBlocking {

        testBucket = S3TestUtils.getTestBucket(client)

    }

    @AfterAll

    fun cleanup() = runBlocking {

        S3TestUtils.deleteBucketAndAllContents(client, testBucket)

    }

    @Test

    fun testPutObjectFromMemory(): Unit = runBlocking {

        val contents = """

            A lep is a ball.

            A tay is a hammer.

            A korf is a tiger.

            A flix is a comb.

            A wogsin is a gift.