diff --git a/.changes/3.21.json b/.changes/3.21.json new file mode 100644 index 00000000000..50ff026a919 --- /dev/null +++ b/.changes/3.21.json @@ -0,0 +1,20 @@ +{ + "date" : "2024-08-01", + "version" : "3.21", + "entries" : [ { + "type" : "bugfix", + "description" : "Fix NullPointerException that may happen when re-authenticating to Amazon Q" + }, { + "type" : "bugfix", + "description" : "Amazon Q Chat: Fixing issue with the max tabs notification not being dismissible" + }, { + "type" : "bugfix", + "description" : "Fix Amazon Q chat context menu actions show up in all chat windows" + }, { + "type" : "bugfix", + "description" : "Amazon Q Chat: Fixing issue with an incorrect input cursor position in the prompt text box" + }, { + "type" : "bugfix", + "description" : "Amazon Q Chat: Showing/hiding the scrollbars is now controlled by the OS settings" + } ] +} \ No newline at end of file diff --git a/.changes/next-release/bugfix-210408e8-f7a8-472e-921c-3757f9af0032.json b/.changes/next-release/bugfix-210408e8-f7a8-472e-921c-3757f9af0032.json deleted file mode 100644 index eb604d92f47..00000000000 --- a/.changes/next-release/bugfix-210408e8-f7a8-472e-921c-3757f9af0032.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "type" : "bugfix", - "description" : "Fix NullPointerException that may happen when re-authenticating to Amazon Q" -} \ No newline at end of file diff --git a/.changes/next-release/bugfix-5fe1eb51-f0eb-4029-a003-35e6322cef48.json b/.changes/next-release/bugfix-5fe1eb51-f0eb-4029-a003-35e6322cef48.json deleted file mode 100644 index 83f4edf5194..00000000000 --- a/.changes/next-release/bugfix-5fe1eb51-f0eb-4029-a003-35e6322cef48.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "type" : "bugfix", - "description" : "Fix Amazon Q chat context menu actions show up in all chat windows" -} \ No newline at end of file diff --git a/.changes/next-release/bugfix-662fcf96-e246-4f11-b9e9-0f19468e26af.json b/.changes/next-release/bugfix-662fcf96-e246-4f11-b9e9-0f19468e26af.json new file mode 100644 index 00000000000..834311c343b --- /dev/null +++ b/.changes/next-release/bugfix-662fcf96-e246-4f11-b9e9-0f19468e26af.json @@ -0,0 +1,4 @@ +{ + "type" : "bugfix", + "description" : "fix(Amazon Q Code Transformation): prevent empty chat bubble from appearing when starting or cancelling a transformation" +} \ No newline at end of file diff --git a/.changes/next-release/bugfix-a082ba78-f0ed-4117-8b7f-be1ca32f7ddb.json b/.changes/next-release/bugfix-a082ba78-f0ed-4117-8b7f-be1ca32f7ddb.json new file mode 100644 index 00000000000..b9b02275143 --- /dev/null +++ b/.changes/next-release/bugfix-a082ba78-f0ed-4117-8b7f-be1ca32f7ddb.json @@ -0,0 +1,4 @@ +{ + "type" : "bugfix", + "description" : "Fix inability to open files on double click and open context menu on right click in the S3 bucket viewer" +} \ No newline at end of file diff --git a/.github/workflows/qodana.yml b/.github/workflows/qodana.yml index 9fb2a7a7895..f4548aade20 100644 --- a/.github/workflows/qodana.yml +++ b/.github/workflows/qodana.yml @@ -14,9 +14,12 @@ concurrency: jobs: qodana: runs-on: ubuntu-latest + permissions: + checks: write steps: - uses: actions/checkout@v4 with: + ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 0 - name: Maximize Build Space if: runner.os == 'Linux' diff --git a/CHANGELOG.md b/CHANGELOG.md index d0b5e90c54b..8a169134814 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +# _3.21_ (2024-08-01) +- **(Bug Fix)** Fix NullPointerException that may happen when re-authenticating to Amazon Q +- **(Bug Fix)** Amazon Q Chat: Fixing issue with the max tabs notification not being dismissible +- **(Bug Fix)** Fix Amazon Q chat context menu actions show up in all chat windows +- **(Bug Fix)** Amazon Q Chat: Fixing issue with an incorrect input cursor position in the prompt text box +- **(Bug Fix)** Amazon Q Chat: Showing/hiding the scrollbars is now controlled by the OS settings + # _3.20_ (2024-07-26) - **(Bug Fix)** Fix Q chat not responding in 2023.2 and 2023.3 diff --git a/build.gradle.kts b/build.gradle.kts index ef80d59d745..778a136b053 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -13,22 +13,6 @@ plugins { } allprojects { - repositories { - val codeArtifactUrl: Provider = providers.environmentVariable("CODEARTIFACT_URL") - val codeArtifactToken: Provider = providers.environmentVariable("CODEARTIFACT_AUTH_TOKEN") - if (codeArtifactUrl.isPresent && codeArtifactToken.isPresent) { - maven { - url = uri(codeArtifactUrl.get()) - credentials { - username = "aws" - password = codeArtifactToken.get() - } - } - } - mavenCentral() - gradlePluginPortal() - } - configurations.configureEach { resolutionStrategy { // need to figure out how to fail only on non-platform dependencies diff --git a/buildSrc/src/main/kotlin/software/aws/toolkits/gradle/intellij/ToolkitIntelliJExtension.kt b/buildSrc/src/main/kotlin/software/aws/toolkits/gradle/intellij/ToolkitIntelliJExtension.kt index 9cb147dcc0e..e0c6ec6ff87 100644 --- a/buildSrc/src/main/kotlin/software/aws/toolkits/gradle/intellij/ToolkitIntelliJExtension.kt +++ b/buildSrc/src/main/kotlin/software/aws/toolkits/gradle/intellij/ToolkitIntelliJExtension.kt @@ -3,7 +3,6 @@ package software.aws.toolkits.gradle.intellij -import org.gradle.api.Action import org.gradle.api.Project import org.gradle.api.provider.Property import org.gradle.api.provider.Provider diff --git a/buildSrc/src/main/kotlin/toolkit-intellij-plugin.gradle.kts b/buildSrc/src/main/kotlin/toolkit-intellij-plugin.gradle.kts index 4839f05a1e8..5252c23e1bb 100644 --- a/buildSrc/src/main/kotlin/toolkit-intellij-plugin.gradle.kts +++ b/buildSrc/src/main/kotlin/toolkit-intellij-plugin.gradle.kts @@ -1,12 +1,10 @@ // Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import org.jetbrains.intellij.platform.gradle.IntelliJPlatformType -import org.jetbrains.intellij.platform.gradle.TestFrameworkType import org.jetbrains.intellij.platform.gradle.tasks.aware.SandboxAware import software.aws.toolkits.gradle.ciOnly import software.aws.toolkits.gradle.intellij.ToolkitIntelliJExtension -private val toolkitIntelliJ = project.extensions.create("intellijToolkit") +project.extensions.create("intellijToolkit") plugins { id("org.jetbrains.intellij.platform.module") @@ -16,14 +14,6 @@ intellijPlatform { instrumentCode = false } -// there is an issue if this is declared more than once in a project (either directly or through script plugins) -repositories { - intellijPlatform { - defaultRepositories() - jetbrainsRuntime() - } -} - dependencies { intellijPlatform { instrumentationTools() diff --git a/gradle.properties b/gradle.properties index 91fc677118c..063c4486f6a 100644 --- a/gradle.properties +++ b/gradle.properties @@ -2,7 +2,7 @@ # SPDX-License-Identifier: Apache-2.0 # Toolkit Version -toolkitVersion=3.21-SNAPSHOT +toolkitVersion=3.22-SNAPSHOT # Publish Settings publishToken= diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index d305cd97773..dd97b78c6b2 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -7,6 +7,7 @@ awsSdk = "2.26.25" commonmark = "0.22.0" detekt = "1.23.6" intellijExt = "1.1.8" +# match with /settings.gradle.kts intellijGradle = "2.0.0" intellijRemoteRobot = "0.11.22" jackson = "2.16.1" diff --git a/plugins/amazonq/codetransform/jetbrains-community/src/software/aws/toolkits/jetbrains/services/codemodernizer/CodeTransformTelemetryManager.kt b/plugins/amazonq/codetransform/jetbrains-community/src/software/aws/toolkits/jetbrains/services/codemodernizer/CodeTransformTelemetryManager.kt index 0cde3a1093f..2c51e21a50c 100644 --- a/plugins/amazonq/codetransform/jetbrains-community/src/software/aws/toolkits/jetbrains/services/codemodernizer/CodeTransformTelemetryManager.kt +++ b/plugins/amazonq/codetransform/jetbrains-community/src/software/aws/toolkits/jetbrains/services/codemodernizer/CodeTransformTelemetryManager.kt @@ -218,20 +218,12 @@ class CodeTransformTelemetryManager(private val project: Project) { } // Replace the input as needed to support Gradle and other transformation types. - fun localBuildProject(buildCommand: CodeTransformBuildCommand, telemetryErrorMessage: String?, isCanceled: Boolean = false) { - val result: Result = if (telemetryErrorMessage.isNullOrEmpty()) { - Result.Succeeded - } else if (isCanceled) { - Result.Cancelled - } else { - Result.Failed - } - + fun localBuildProject(buildCommand: CodeTransformBuildCommand, localBuildResult: Result, telemetryErrorMessage: String?) { CodetransformTelemetry.localBuildProject( codeTransformBuildCommand = buildCommand, codeTransformSessionId = sessionId, - result = result, - reason = telemetryErrorMessage, + result = localBuildResult, + reason = if (telemetryErrorMessage.isNullOrEmpty()) null else telemetryErrorMessage, ) } diff --git a/plugins/amazonq/codetransform/jetbrains-community/src/software/aws/toolkits/jetbrains/services/codemodernizer/controller/CodeTransformChatController.kt b/plugins/amazonq/codetransform/jetbrains-community/src/software/aws/toolkits/jetbrains/services/codemodernizer/controller/CodeTransformChatController.kt index cd6b915645c..74b2f1259ab 100644 --- a/plugins/amazonq/codetransform/jetbrains-community/src/software/aws/toolkits/jetbrains/services/codemodernizer/controller/CodeTransformChatController.kt +++ b/plugins/amazonq/codetransform/jetbrains-community/src/software/aws/toolkits/jetbrains/services/codemodernizer/controller/CodeTransformChatController.kt @@ -13,6 +13,7 @@ import kotlinx.coroutines.runBlocking import software.aws.toolkits.core.utils.debug import software.aws.toolkits.core.utils.error import software.aws.toolkits.core.utils.getLogger +import software.aws.toolkits.core.utils.info import software.aws.toolkits.jetbrains.services.amazonq.apps.AmazonQAppInitContext import software.aws.toolkits.jetbrains.services.amazonq.auth.AuthController import software.aws.toolkits.jetbrains.services.amazonq.auth.AuthFollowUpType @@ -214,8 +215,9 @@ class CodeTransformChatController( } // this should never throw the RuntimeException since invalid JDK case is already handled in previous validation step - val sourceJdk = ModuleUtil.findModuleForFile(moduleVirtualFile, context.project)?.tryGetJdk(context.project) ?: context.project.tryGetJdk() - ?: throw RuntimeException("Unable to determine source JDK version") + val moduleJdkVersion = ModuleUtil.findModuleForFile(moduleVirtualFile, context.project)?.tryGetJdk(context.project) + logger.info { "Found project JDK version: ${context.project.tryGetJdk()}, module JDK version: $moduleJdkVersion. Module JDK version prioritized." } + val sourceJdk = moduleJdkVersion ?: context.project.tryGetJdk() ?: throw RuntimeException("Unable to determine source JDK version") val selection = CustomerSelection( moduleVirtualFile, diff --git a/plugins/amazonq/codetransform/jetbrains-community/src/software/aws/toolkits/jetbrains/services/codemodernizer/controller/CodeTransformChatHelper.kt b/plugins/amazonq/codetransform/jetbrains-community/src/software/aws/toolkits/jetbrains/services/codemodernizer/controller/CodeTransformChatHelper.kt index 5f89f69d652..9abe1472495 100644 --- a/plugins/amazonq/codetransform/jetbrains-community/src/software/aws/toolkits/jetbrains/services/codemodernizer/controller/CodeTransformChatHelper.kt +++ b/plugins/amazonq/codetransform/jetbrains-community/src/software/aws/toolkits/jetbrains/services/codemodernizer/controller/CodeTransformChatHelper.kt @@ -48,7 +48,7 @@ class CodeTransformChatHelper( suspend fun addNewMessage( content: CodeTransformChatMessageContent, messageIdOverride: String? = null, - clearPreviousItemButtons: Boolean? = true + clearPreviousItemButtons: Boolean? = false ) { if (activeCodeTransformTabId == null || chatSessionStorage.getSession(activeCodeTransformTabId as String).isAuthenticating) { return diff --git a/plugins/amazonq/codetransform/jetbrains-community/src/software/aws/toolkits/jetbrains/services/codemodernizer/ideMaven/MavenRunnerUtils.kt b/plugins/amazonq/codetransform/jetbrains-community/src/software/aws/toolkits/jetbrains/services/codemodernizer/ideMaven/MavenRunnerUtils.kt index 3d55c4d5480..d32fa4d44d5 100644 --- a/plugins/amazonq/codetransform/jetbrains-community/src/software/aws/toolkits/jetbrains/services/codemodernizer/ideMaven/MavenRunnerUtils.kt +++ b/plugins/amazonq/codetransform/jetbrains-community/src/software/aws/toolkits/jetbrains/services/codemodernizer/ideMaven/MavenRunnerUtils.kt @@ -16,6 +16,7 @@ import software.aws.toolkits.jetbrains.services.codemodernizer.model.MavenCopyCo import software.aws.toolkits.jetbrains.services.codemodernizer.model.MavenDependencyReportCommandsResult import software.aws.toolkits.telemetry.CodeTransformBuildCommand import software.aws.toolkits.telemetry.CodeTransformMavenBuildCommand +import software.aws.toolkits.telemetry.Result import java.io.File import java.nio.file.Files import java.nio.file.Path @@ -66,8 +67,8 @@ fun runMavenCopyCommands(sourceFolder: File, buildlogBuilder: StringBuilder, log val currentTimestamp = System.currentTimeMillis() val destinationDir = Files.createTempDirectory("transformation_dependencies_temp_$currentTimestamp") val telemetry = CodeTransformTelemetryManager.getInstance(project) - var telemetryIsCancelled = false - var telemetryErrorMessage: String? = null + var telemetryErrorMessage = "" + var telemetryLocalBuildResult = Result.Succeeded logger.info { "Executing IntelliJ bundled Maven" } try { @@ -85,10 +86,10 @@ fun runMavenCopyCommands(sourceFolder: File, buildlogBuilder: StringBuilder, log logger.info { successMsg } buildlogBuilder.appendLine(successMsg) } else if (copyDependenciesRunnable.isTerminated()) { - telemetryIsCancelled = true + telemetryLocalBuildResult = Result.Cancelled return MavenCopyCommandsResult.Cancelled } else { - telemetryErrorMessage = "Maven Copy: bundled Maven failed: exitCode ${copyDependenciesRunnable.isComplete()}" + telemetryErrorMessage += "Maven Copy: bundled Maven failed. " // TODO: deprecated metric - remove after BI started using new metric emitMavenFailure("Maven Copy: bundled Maven failed: exitCode ${copyDependenciesRunnable.isComplete()}", logger, telemetry) @@ -103,14 +104,15 @@ fun runMavenCopyCommands(sourceFolder: File, buildlogBuilder: StringBuilder, log logger.info { successMsg } buildlogBuilder.appendLine(successMsg) } else if (cleanRunnable.isTerminated()) { - telemetryIsCancelled = true + telemetryLocalBuildResult = Result.Cancelled return MavenCopyCommandsResult.Cancelled } else { - telemetryErrorMessage = "Maven Clean: bundled Maven failed: exitCode ${cleanRunnable.isComplete()}" + telemetryErrorMessage += "Maven Clean: bundled Maven failed." // TODO: deprecated metric - remove after BI started using new metric emitMavenFailure("Maven Clean: bundled Maven failed: exitCode ${cleanRunnable.isComplete()}", logger, telemetry) + telemetryLocalBuildResult = Result.Failed return MavenCopyCommandsResult.Failure } @@ -123,14 +125,15 @@ fun runMavenCopyCommands(sourceFolder: File, buildlogBuilder: StringBuilder, log logger.info { successMsg } buildlogBuilder.appendLine(successMsg) } else if (installRunnable.isTerminated()) { - telemetryIsCancelled = true + telemetryLocalBuildResult = Result.Cancelled return MavenCopyCommandsResult.Cancelled } else { - telemetryErrorMessage = "Maven Install: bundled Maven failed: exitCode ${installRunnable.isComplete()}" + telemetryErrorMessage += "Maven Install: bundled Maven failed." // TODO: deprecated metric - remove after BI started using new metric emitMavenFailure("Maven Install: bundled Maven failed: exitCode ${installRunnable.isComplete()}", logger, telemetry) + telemetryLocalBuildResult = Result.Failed return MavenCopyCommandsResult.Failure } } catch (t: Throwable) { @@ -140,10 +143,11 @@ fun runMavenCopyCommands(sourceFolder: File, buildlogBuilder: StringBuilder, log val errorMessage = "IntelliJ bundled Maven executed failed: ${t.message}" logger.error(t) { errorMessage } telemetryErrorMessage = errorMessage + telemetryLocalBuildResult = Result.Failed return MavenCopyCommandsResult.Failure } finally { // emit telemetry - telemetry.localBuildProject(CodeTransformBuildCommand.IDEBundledMaven, telemetryErrorMessage, telemetryIsCancelled) + telemetry.localBuildProject(CodeTransformBuildCommand.IDEBundledMaven, telemetryLocalBuildResult, telemetryErrorMessage) } // When all commands executed successfully, show the transformation hub return MavenCopyCommandsResult.Success(destinationDir.toFile()) diff --git a/plugins/amazonq/mynah-ui/package-lock.json b/plugins/amazonq/mynah-ui/package-lock.json index e2da86914d8..7c7c9a789d3 100644 --- a/plugins/amazonq/mynah-ui/package-lock.json +++ b/plugins/amazonq/mynah-ui/package-lock.json @@ -9,7 +9,7 @@ "version": "1.0.0", "license": "ISC", "dependencies": { - "@aws/mynah-ui-chat": "npm:@aws/mynah-ui@4.15.2", + "@aws/mynah-ui-chat": "npm:@aws/mynah-ui@4.15.5", "@types/node": "^14.18.5", "fs-extra": "^10.0.1", "sanitize-html": "^2.12.1", @@ -57,10 +57,11 @@ }, "node_modules/@aws/mynah-ui-chat": { "name": "@aws/mynah-ui", - "version": "4.15.2", - "resolved": "https://registry.npmjs.org/@aws/mynah-ui/-/mynah-ui-4.15.2.tgz", - "integrity": "sha512-z2E8eDAMduM4+Pqpokj5ILyTbsXGV9TTtx9Flwi0JUzo04avZ5CbipIh2zTV6CxO5gmo5eq5u1t+cpFwSAdsag==", + "version": "4.15.5", + "resolved": "https://registry.npmjs.org/@aws/mynah-ui/-/mynah-ui-4.15.5.tgz", + "integrity": "sha512-qLeeyzaHgI9V4zet9AarHR1kL0XhHr23wWvucPfl8DcEi4gpnvL5cAUpYWgdMHv3Pmt1aajVyDjNkEGRpezgmA==", "hasInstallScript": true, + "license": "Apache License 2.0", "dependencies": { "escape-html": "^1.0.3", "just-clone": "^6.2.0", diff --git a/plugins/amazonq/mynah-ui/package.json b/plugins/amazonq/mynah-ui/package.json index 2993f36f3f6..395c18a5bf5 100644 --- a/plugins/amazonq/mynah-ui/package.json +++ b/plugins/amazonq/mynah-ui/package.json @@ -12,7 +12,7 @@ "lintfix": "eslint -c .eslintrc.js --fix --ext .ts ." }, "dependencies": { - "@aws/mynah-ui-chat": "npm:@aws/mynah-ui@4.15.2", + "@aws/mynah-ui-chat": "npm:@aws/mynah-ui@4.15.5", "@types/node": "^14.18.5", "fs-extra": "^10.0.1", "ts-node": "^10.7.0", diff --git a/plugins/core/core/build.gradle.kts b/plugins/core/core/build.gradle.kts index 53d51c179ff..32464f6cb60 100644 --- a/plugins/core/core/build.gradle.kts +++ b/plugins/core/core/build.gradle.kts @@ -18,7 +18,7 @@ dependencies { api(libs.aws.lambda) api(libs.aws.s3) api(libs.aws.sso) -// api(libs.aws.ssooidc) + api(libs.aws.ssooidc) api(libs.aws.sts) api(libs.bundles.jackson) implementation(libs.commonmark) diff --git a/plugins/core/sdk-codegen/codegen-resources/ssooidc/customization.config b/plugins/core/sdk-codegen/codegen-resources/ssooidc/customization.config deleted file mode 100644 index 2d8686d9839..00000000000 --- a/plugins/core/sdk-codegen/codegen-resources/ssooidc/customization.config +++ /dev/null @@ -1,145 +0,0 @@ -{ - "shapeModifiers": { - // Do not keep adding to this list. Make the service team do the right thing across all SDKs. - "AccessDeniedException": { - "modify": [ - { - "error_description": { - "emitPropertyName": "errorDescription", - "existingNameDeprecated": true - } - } - ] - }, - "AuthorizationPendingException": { - "modify": [ - { - "error_description": { - "emitPropertyName": "errorDescription", - "existingNameDeprecated": true - } - } - ] - }, - "ExpiredTokenException": { - "modify": [ - { - "error_description": { - "emitPropertyName": "errorDescription", - "existingNameDeprecated": true - } - } - ] - }, - "InternalServerException": { - "modify": [ - { - "error_description": { - "emitPropertyName": "errorDescription", - "existingNameDeprecated": true - } - } - ] - }, - "InvalidClientException": { - "modify": [ - { - "error_description": { - "emitPropertyName": "errorDescription", - "existingNameDeprecated": true - } - } - ] - }, - "InvalidClientMetadataException": { - "modify": [ - { - "error_description": { - "emitPropertyName": "errorDescription", - "existingNameDeprecated": true - } - } - ] - }, - "InvalidGrantException": { - "modify": [ - { - "error_description": { - "emitPropertyName": "errorDescription", - "existingNameDeprecated": true - } - } - ] - }, - "InvalidRequestException": { - "modify": [ - { - "error_description": { - "emitPropertyName": "errorDescription", - "existingNameDeprecated": true - } - } - ] - }, - "InvalidScopeException": { - "modify": [ - { - "error_description": { - "emitPropertyName": "errorDescription", - "existingNameDeprecated": true - } - } - ] - }, - "SlowDownException": { - "modify": [ - { - "error_description": { - "emitPropertyName": "errorDescription", - "existingNameDeprecated": true - } - } - ] - }, - "UnauthorizedClientException": { - "modify": [ - { - "error_description": { - "emitPropertyName": "errorDescription", - "existingNameDeprecated": true - } - } - ] - }, - "UnsupportedGrantTypeException": { - "modify": [ - { - "error_description": { - "emitPropertyName": "errorDescription", - "existingNameDeprecated": true - } - } - ] - }, - "InvalidRequestRegionException": { - "modify": [ - { - "error_description": { - "emitPropertyName": "errorDescription", - "existingNameDeprecated": true - } - } - ] - }, - "InvalidRedirectUriException": { - "modify": [ - { - "error_description": { - "emitPropertyName": "errorDescription", - "existingNameDeprecated": true - } - } - ] - } - } -} diff --git a/plugins/core/sdk-codegen/codegen-resources/ssooidc/endpoint-rule-set-1.json b/plugins/core/sdk-codegen/codegen-resources/ssooidc/endpoint-rule-set-1.json deleted file mode 100644 index c88b20d93c6..00000000000 --- a/plugins/core/sdk-codegen/codegen-resources/ssooidc/endpoint-rule-set-1.json +++ /dev/null @@ -1,339 +0,0 @@ -{ - "version": "1.0", - "parameters": { - "Region": { - "builtIn": "AWS::Region", - "required": false, - "documentation": "The AWS region used to dispatch the request.", - "type": "String" - }, - "UseDualStack": { - "builtIn": "AWS::UseDualStack", - "required": true, - "default": false, - "documentation": "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", - "type": "Boolean" - }, - "UseFIPS": { - "builtIn": "AWS::UseFIPS", - "required": true, - "default": false, - "documentation": "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", - "type": "Boolean" - }, - "Endpoint": { - "builtIn": "SDK::Endpoint", - "required": false, - "documentation": "Override the endpoint used to send this request", - "type": "String" - } - }, - "rules": [ - { - "conditions": [ - { - "fn": "isSet", - "argv": [ - { - "ref": "Endpoint" - } - ] - } - ], - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" - }, - true - ] - } - ], - "error": "Invalid Configuration: FIPS and custom endpoint are not supported", - "type": "error" - }, - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", - "type": "error" - }, - { - "conditions": [], - "endpoint": { - "url": { - "ref": "Endpoint" - }, - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ], - "type": "tree" - }, - { - "conditions": [ - { - "fn": "isSet", - "argv": [ - { - "ref": "Region" - } - ] - } - ], - "rules": [ - { - "conditions": [ - { - "fn": "aws.partition", - "argv": [ - { - "ref": "Region" - } - ], - "assign": "PartitionResult" - } - ], - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" - }, - true - ] - }, - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - }, - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://oidc-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ], - "type": "tree" - }, - { - "conditions": [], - "error": "FIPS and DualStack are enabled, but this partition does not support one or both", - "type": "error" - } - ], - "type": "tree" - }, - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" - }, - true - ] - } - ], - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - }, - true - ] - } - ], - "rules": [ - { - "conditions": [ - { - "fn": "stringEquals", - "argv": [ - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "name" - ] - }, - "aws-us-gov" - ] - } - ], - "endpoint": { - "url": "https://oidc.{Region}.amazonaws.com", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - }, - { - "conditions": [], - "endpoint": { - "url": "https://oidc-fips.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ], - "type": "tree" - }, - { - "conditions": [], - "error": "FIPS is enabled but this partition does not support FIPS", - "type": "error" - } - ], - "type": "tree" - }, - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://oidc.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ], - "type": "tree" - }, - { - "conditions": [], - "error": "DualStack is enabled but this partition does not support DualStack", - "type": "error" - } - ], - "type": "tree" - }, - { - "conditions": [], - "endpoint": { - "url": "https://oidc.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ], - "type": "tree" - } - ], - "type": "tree" - }, - { - "conditions": [], - "error": "Invalid Configuration: Missing Region", - "type": "error" - } - ] -} \ No newline at end of file diff --git a/plugins/core/sdk-codegen/codegen-resources/ssooidc/endpoint-tests-1.json b/plugins/core/sdk-codegen/codegen-resources/ssooidc/endpoint-tests-1.json deleted file mode 100644 index 638ae14a528..00000000000 --- a/plugins/core/sdk-codegen/codegen-resources/ssooidc/endpoint-tests-1.json +++ /dev/null @@ -1,561 +0,0 @@ -{ - "testCases": [ - { - "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.ap-east-1.amazonaws.com" - } - }, - "params": { - "Region": "ap-east-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.ap-northeast-1.amazonaws.com" - } - }, - "params": { - "Region": "ap-northeast-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.ap-northeast-2.amazonaws.com" - } - }, - "params": { - "Region": "ap-northeast-2", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.ap-northeast-3.amazonaws.com" - } - }, - "params": { - "Region": "ap-northeast-3", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.ap-south-1.amazonaws.com" - } - }, - "params": { - "Region": "ap-south-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.ap-southeast-1.amazonaws.com" - } - }, - "params": { - "Region": "ap-southeast-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.ap-southeast-2.amazonaws.com" - } - }, - "params": { - "Region": "ap-southeast-2", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.ca-central-1.amazonaws.com" - } - }, - "params": { - "Region": "ca-central-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.eu-central-1.amazonaws.com" - } - }, - "params": { - "Region": "eu-central-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.eu-north-1.amazonaws.com" - } - }, - "params": { - "Region": "eu-north-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.eu-south-1.amazonaws.com" - } - }, - "params": { - "Region": "eu-south-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.eu-west-1.amazonaws.com" - } - }, - "params": { - "Region": "eu-west-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.eu-west-2.amazonaws.com" - } - }, - "params": { - "Region": "eu-west-2", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.eu-west-3.amazonaws.com" - } - }, - "params": { - "Region": "eu-west-3", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.me-south-1.amazonaws.com" - } - }, - "params": { - "Region": "me-south-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.sa-east-1.amazonaws.com" - } - }, - "params": { - "Region": "sa-east-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.us-east-1.amazonaws.com" - } - }, - "params": { - "Region": "us-east-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.us-east-2.amazonaws.com" - } - }, - "params": { - "Region": "us-east-2", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.us-west-2.amazonaws.com" - } - }, - "params": { - "Region": "us-west-2", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://oidc-fips.us-east-1.api.aws" - } - }, - "params": { - "Region": "us-east-1", - "UseFIPS": true, - "UseDualStack": true - } - }, - { - "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc-fips.us-east-1.amazonaws.com" - } - }, - "params": { - "Region": "us-east-1", - "UseFIPS": true, - "UseDualStack": false - } - }, - { - "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://oidc.us-east-1.api.aws" - } - }, - "params": { - "Region": "us-east-1", - "UseFIPS": false, - "UseDualStack": true - } - }, - { - "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://oidc-fips.cn-north-1.api.amazonwebservices.com.cn" - } - }, - "params": { - "Region": "cn-north-1", - "UseFIPS": true, - "UseDualStack": true - } - }, - { - "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc-fips.cn-north-1.amazonaws.com.cn" - } - }, - "params": { - "Region": "cn-north-1", - "UseFIPS": true, - "UseDualStack": false - } - }, - { - "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://oidc.cn-north-1.api.amazonwebservices.com.cn" - } - }, - "params": { - "Region": "cn-north-1", - "UseFIPS": false, - "UseDualStack": true - } - }, - { - "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.cn-north-1.amazonaws.com.cn" - } - }, - "params": { - "Region": "cn-north-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.us-gov-east-1.amazonaws.com" - } - }, - "params": { - "Region": "us-gov-east-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.us-gov-west-1.amazonaws.com" - } - }, - "params": { - "Region": "us-gov-west-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://oidc-fips.us-gov-east-1.api.aws" - } - }, - "params": { - "Region": "us-gov-east-1", - "UseFIPS": true, - "UseDualStack": true - } - }, - { - "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.us-gov-east-1.amazonaws.com" - } - }, - "params": { - "Region": "us-gov-east-1", - "UseFIPS": true, - "UseDualStack": false - } - }, - { - "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://oidc.us-gov-east-1.api.aws" - } - }, - "params": { - "Region": "us-gov-east-1", - "UseFIPS": false, - "UseDualStack": true - } - }, - { - "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "error": "FIPS and DualStack are enabled, but this partition does not support one or both" - }, - "params": { - "Region": "us-iso-east-1", - "UseFIPS": true, - "UseDualStack": true - } - }, - { - "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc-fips.us-iso-east-1.c2s.ic.gov" - } - }, - "params": { - "Region": "us-iso-east-1", - "UseFIPS": true, - "UseDualStack": false - } - }, - { - "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "error": "DualStack is enabled but this partition does not support DualStack" - }, - "params": { - "Region": "us-iso-east-1", - "UseFIPS": false, - "UseDualStack": true - } - }, - { - "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.us-iso-east-1.c2s.ic.gov" - } - }, - "params": { - "Region": "us-iso-east-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "error": "FIPS and DualStack are enabled, but this partition does not support one or both" - }, - "params": { - "Region": "us-isob-east-1", - "UseFIPS": true, - "UseDualStack": true - } - }, - { - "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc-fips.us-isob-east-1.sc2s.sgov.gov" - } - }, - "params": { - "Region": "us-isob-east-1", - "UseFIPS": true, - "UseDualStack": false - } - }, - { - "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "error": "DualStack is enabled but this partition does not support DualStack" - }, - "params": { - "Region": "us-isob-east-1", - "UseFIPS": false, - "UseDualStack": true - } - }, - { - "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://oidc.us-isob-east-1.sc2s.sgov.gov" - } - }, - "params": { - "Region": "us-isob-east-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled", - "expect": { - "endpoint": { - "url": "https://example.com" - } - }, - "params": { - "Region": "us-east-1", - "UseFIPS": false, - "UseDualStack": false, - "Endpoint": "https://example.com" - } - }, - { - "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled", - "expect": { - "endpoint": { - "url": "https://example.com" - } - }, - "params": { - "UseFIPS": false, - "UseDualStack": false, - "Endpoint": "https://example.com" - } - }, - { - "documentation": "For custom endpoint with fips enabled and dualstack disabled", - "expect": { - "error": "Invalid Configuration: FIPS and custom endpoint are not supported" - }, - "params": { - "Region": "us-east-1", - "UseFIPS": true, - "UseDualStack": false, - "Endpoint": "https://example.com" - } - }, - { - "documentation": "For custom endpoint with fips disabled and dualstack enabled", - "expect": { - "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" - }, - "params": { - "Region": "us-east-1", - "UseFIPS": false, - "UseDualStack": true, - "Endpoint": "https://example.com" - } - }, - { - "documentation": "Missing region", - "expect": { - "error": "Invalid Configuration: Missing Region" - } - } - ], - "version": "1.0" -} \ No newline at end of file diff --git a/plugins/core/sdk-codegen/codegen-resources/ssooidc/service-2.json b/plugins/core/sdk-codegen/codegen-resources/ssooidc/service-2.json deleted file mode 100644 index 5b32e9bc707..00000000000 --- a/plugins/core/sdk-codegen/codegen-resources/ssooidc/service-2.json +++ /dev/null @@ -1,672 +0,0 @@ -{ - "version":"2.0", - "metadata":{ - "apiVersion":"2019-06-10", - "endpointPrefix":"oidc", - "jsonVersion":"1.1", - "protocol":"rest-json", - "protocols":["rest-json"], - "serviceAbbreviation":"SSO OIDC", - "serviceFullName":"AWS SSO OIDC", - "serviceId":"SSO OIDC", - "signatureVersion":"v4", - "signingName":"sso-oauth", - "uid":"sso-oidc-2019-06-10" - }, - "operations":{ - "CreateToken":{ - "name":"CreateToken", - "http":{ - "method":"POST", - "requestUri":"/token" - }, - "input":{"shape":"CreateTokenRequest"}, - "output":{"shape":"CreateTokenResponse"}, - "errors":[ - {"shape":"InvalidRequestException"}, - {"shape":"InvalidClientException"}, - {"shape":"InvalidGrantException"}, - {"shape":"UnauthorizedClientException"}, - {"shape":"UnsupportedGrantTypeException"}, - {"shape":"InvalidScopeException"}, - {"shape":"AuthorizationPendingException"}, - {"shape":"SlowDownException"}, - {"shape":"AccessDeniedException"}, - {"shape":"ExpiredTokenException"}, - {"shape":"InternalServerException"} - ], - "documentation":"

Creates and returns access and refresh tokens for clients that are authenticated using client secrets. The access token can be used to fetch short-term credentials for the assigned AWS accounts or to access application APIs using bearer authentication.

", - "authtype":"none" - }, - "CreateTokenWithIAM":{ - "name":"CreateTokenWithIAM", - "http":{ - "method":"POST", - "requestUri":"/token?aws_iam=t" - }, - "input":{"shape":"CreateTokenWithIAMRequest"}, - "output":{"shape":"CreateTokenWithIAMResponse"}, - "errors":[ - {"shape":"InvalidRequestException"}, - {"shape":"InvalidClientException"}, - {"shape":"InvalidGrantException"}, - {"shape":"UnauthorizedClientException"}, - {"shape":"UnsupportedGrantTypeException"}, - {"shape":"InvalidScopeException"}, - {"shape":"AuthorizationPendingException"}, - {"shape":"SlowDownException"}, - {"shape":"AccessDeniedException"}, - {"shape":"ExpiredTokenException"}, - {"shape":"InternalServerException"}, - {"shape":"InvalidRequestRegionException"} - ], - "documentation":"

Creates and returns access and refresh tokens for clients and applications that are authenticated using IAM entities. The access token can be used to fetch short-term credentials for the assigned Amazon Web Services accounts or to access application APIs using bearer authentication.

" - }, - "RegisterClient":{ - "name":"RegisterClient", - "http":{ - "method":"POST", - "requestUri":"/client/register" - }, - "input":{"shape":"RegisterClientRequest"}, - "output":{"shape":"RegisterClientResponse"}, - "errors":[ - {"shape":"InvalidRequestException"}, - {"shape":"InvalidScopeException"}, - {"shape":"InvalidClientMetadataException"}, - {"shape":"InternalServerException"}, - {"shape":"InvalidRedirectUriException"}, - {"shape":"UnsupportedGrantTypeException"} - ], - "documentation":"

Registers a client with IAM Identity Center. This allows clients to initiate device authorization. The output should be persisted for reuse through many authentication requests.

", - "authtype":"none" - }, - "StartDeviceAuthorization":{ - "name":"StartDeviceAuthorization", - "http":{ - "method":"POST", - "requestUri":"/device_authorization" - }, - "input":{"shape":"StartDeviceAuthorizationRequest"}, - "output":{"shape":"StartDeviceAuthorizationResponse"}, - "errors":[ - {"shape":"InvalidRequestException"}, - {"shape":"InvalidClientException"}, - {"shape":"UnauthorizedClientException"}, - {"shape":"SlowDownException"}, - {"shape":"InternalServerException"} - ], - "documentation":"

Initiates device authorization by requesting a pair of verification codes from the authorization service.

", - "authtype":"none" - } - }, - "shapes":{ - "AccessDeniedException":{ - "type":"structure", - "members":{ - "error":{ - "shape":"Error", - "documentation":"

Single error code. For this exception the value will be access_denied.

" - }, - "error_description":{ - "shape":"ErrorDescription", - "documentation":"

Human-readable text providing additional information, used to assist the client developer in understanding the error that occurred.

" - } - }, - "documentation":"

You do not have sufficient access to perform this action.

", - "error":{"httpStatusCode":400}, - "exception":true - }, - "AccessToken":{ - "type":"string", - "sensitive":true - }, - "ArnType":{"type":"string"}, - "Assertion":{ - "type":"string", - "sensitive":true - }, - "AuthCode":{"type":"string"}, - "AuthorizationPendingException":{ - "type":"structure", - "members":{ - "error":{ - "shape":"Error", - "documentation":"

Single error code. For this exception the value will be authorization_pending.

" - }, - "error_description":{ - "shape":"ErrorDescription", - "documentation":"

Human-readable text providing additional information, used to assist the client developer in understanding the error that occurred.

" - } - }, - "documentation":"

Indicates that a request to authorize a client with an access user session token is pending.

", - "error":{"httpStatusCode":400}, - "exception":true - }, - "ClientId":{"type":"string"}, - "ClientName":{"type":"string"}, - "ClientSecret":{ - "type":"string", - "sensitive":true - }, - "ClientType":{"type":"string"}, - "CodeVerifier":{ - "type":"string", - "sensitive":true - }, - "CreateTokenRequest":{ - "type":"structure", - "required":[ - "clientId", - "clientSecret", - "grantType" - ], - "members":{ - "clientId":{ - "shape":"ClientId", - "documentation":"

The unique identifier string for the client or application. This value comes from the result of the RegisterClient API.

" - }, - "clientSecret":{ - "shape":"ClientSecret", - "documentation":"

A secret string generated for the client. This value should come from the persisted result of the RegisterClient API.

" - }, - "grantType":{ - "shape":"GrantType", - "documentation":"

Supports the following OAuth grant types: Device Code and Refresh Token. Specify either of the following values, depending on the grant type that you want:

* Device Code - urn:ietf:params:oauth:grant-type:device_code

* Refresh Token - refresh_token

For information about how to obtain the device code, see the StartDeviceAuthorization topic.

" - }, - "deviceCode":{ - "shape":"DeviceCode", - "documentation":"

Used only when calling this API for the Device Code grant type. This short-term code is used to identify this authorization request. This comes from the result of the StartDeviceAuthorization API.

" - }, - "code":{ - "shape":"AuthCode", - "documentation":"

Used only when calling this API for the Authorization Code grant type. The short-term code is used to identify this authorization request. This grant type is currently unsupported for the CreateToken API.

" - }, - "refreshToken":{ - "shape":"RefreshToken", - "documentation":"

Used only when calling this API for the Refresh Token grant type. This token is used to refresh short-term tokens, such as the access token, that might expire.

For more information about the features and limitations of the current IAM Identity Center OIDC implementation, see Considerations for Using this Guide in the IAM Identity Center OIDC API Reference.

" - }, - "scope":{ - "shape":"Scopes", - "documentation":"

The list of scopes for which authorization is requested. The access token that is issued is limited to the scopes that are granted. If this value is not specified, IAM Identity Center authorizes all scopes that are configured for the client during the call to RegisterClient.

" - }, - "redirectUri":{ - "shape":"URI", - "documentation":"

Used only when calling this API for the Authorization Code grant type. This value specifies the location of the client or application that has registered to receive the authorization code.

" - }, - "codeVerifier":{ - "shape":"CodeVerifier", - "documentation":"

Used only when calling this API for the Authorization Code grant type. This value is generated by the client and presented to validate the original code challenge value the client passed at authorization time.

" - } - } - }, - "CreateTokenResponse":{ - "type":"structure", - "members":{ - "accessToken":{ - "shape":"AccessToken", - "documentation":"

A bearer token to access Amazon Web Services accounts and applications assigned to a user.

" - }, - "tokenType":{ - "shape":"TokenType", - "documentation":"

Used to notify the client that the returned token is an access token. The supported token type is Bearer.

" - }, - "expiresIn":{ - "shape":"ExpirationInSeconds", - "documentation":"

Indicates the time in seconds when an access token will expire.

" - }, - "refreshToken":{ - "shape":"RefreshToken", - "documentation":"

A token that, if present, can be used to refresh a previously issued access token that might have expired.

For more information about the features and limitations of the current IAM Identity Center OIDC implementation, see Considerations for Using this Guide in the IAM Identity Center OIDC API Reference.

" - }, - "idToken":{ - "shape":"IdToken", - "documentation":"

The idToken is not implemented or supported. For more information about the features and limitations of the current IAM Identity Center OIDC implementation, see Considerations for Using this Guide in the IAM Identity Center OIDC API Reference.

A JSON Web Token (JWT) that identifies who is associated with the issued access token.

" - } - } - }, - "CreateTokenWithIAMRequest":{ - "type":"structure", - "required":[ - "clientId", - "grantType" - ], - "members":{ - "clientId":{ - "shape":"ClientId", - "documentation":"

The unique identifier string for the client or application. This value is an application ARN that has OAuth grants configured.

" - }, - "grantType":{ - "shape":"GrantType", - "documentation":"

Supports the following OAuth grant types: Authorization Code, Refresh Token, JWT Bearer, and Token Exchange. Specify one of the following values, depending on the grant type that you want:

* Authorization Code - authorization_code

* Refresh Token - refresh_token

* JWT Bearer - urn:ietf:params:oauth:grant-type:jwt-bearer

* Token Exchange - urn:ietf:params:oauth:grant-type:token-exchange

" - }, - "code":{ - "shape":"AuthCode", - "documentation":"

Used only when calling this API for the Authorization Code grant type. This short-term code is used to identify this authorization request. The code is obtained through a redirect from IAM Identity Center to a redirect URI persisted in the Authorization Code GrantOptions for the application.

" - }, - "refreshToken":{ - "shape":"RefreshToken", - "documentation":"

Used only when calling this API for the Refresh Token grant type. This token is used to refresh short-term tokens, such as the access token, that might expire.

For more information about the features and limitations of the current IAM Identity Center OIDC implementation, see Considerations for Using this Guide in the IAM Identity Center OIDC API Reference.

" - }, - "assertion":{ - "shape":"Assertion", - "documentation":"

Used only when calling this API for the JWT Bearer grant type. This value specifies the JSON Web Token (JWT) issued by a trusted token issuer. To authorize a trusted token issuer, configure the JWT Bearer GrantOptions for the application.

" - }, - "scope":{ - "shape":"Scopes", - "documentation":"

The list of scopes for which authorization is requested. The access token that is issued is limited to the scopes that are granted. If the value is not specified, IAM Identity Center authorizes all scopes configured for the application, including the following default scopes: openid, aws, sts:identity_context.

" - }, - "redirectUri":{ - "shape":"URI", - "documentation":"

Used only when calling this API for the Authorization Code grant type. This value specifies the location of the client or application that has registered to receive the authorization code.

" - }, - "subjectToken":{ - "shape":"SubjectToken", - "documentation":"

Used only when calling this API for the Token Exchange grant type. This value specifies the subject of the exchange. The value of the subject token must be an access token issued by IAM Identity Center to a different client or application. The access token must have authorized scopes that indicate the requested application as a target audience.

" - }, - "subjectTokenType":{ - "shape":"TokenTypeURI", - "documentation":"

Used only when calling this API for the Token Exchange grant type. This value specifies the type of token that is passed as the subject of the exchange. The following value is supported:

* Access Token - urn:ietf:params:oauth:token-type:access_token

" - }, - "requestedTokenType":{ - "shape":"TokenTypeURI", - "documentation":"

Used only when calling this API for the Token Exchange grant type. This value specifies the type of token that the requester can receive. The following values are supported:

* Access Token - urn:ietf:params:oauth:token-type:access_token

* Refresh Token - urn:ietf:params:oauth:token-type:refresh_token

" - }, - "codeVerifier":{ - "shape":"CodeVerifier", - "documentation":"

Used only when calling this API for the Authorization Code grant type. This value is generated by the client and presented to validate the original code challenge value the client passed at authorization time.

" - } - } - }, - "CreateTokenWithIAMResponse":{ - "type":"structure", - "members":{ - "accessToken":{ - "shape":"AccessToken", - "documentation":"

A bearer token to access Amazon Web Services accounts and applications assigned to a user.

" - }, - "tokenType":{ - "shape":"TokenType", - "documentation":"

Used to notify the requester that the returned token is an access token. The supported token type is Bearer.

" - }, - "expiresIn":{ - "shape":"ExpirationInSeconds", - "documentation":"

Indicates the time in seconds when an access token will expire.

" - }, - "refreshToken":{ - "shape":"RefreshToken", - "documentation":"

A token that, if present, can be used to refresh a previously issued access token that might have expired.

For more information about the features and limitations of the current IAM Identity Center OIDC implementation, see Considerations for Using this Guide in the IAM Identity Center OIDC API Reference.

" - }, - "idToken":{ - "shape":"IdToken", - "documentation":"

A JSON Web Token (JWT) that identifies the user associated with the issued access token.

" - }, - "issuedTokenType":{ - "shape":"TokenTypeURI", - "documentation":"

Indicates the type of tokens that are issued by IAM Identity Center. The following values are supported:

* Access Token - urn:ietf:params:oauth:token-type:access_token

* Refresh Token - urn:ietf:params:oauth:token-type:refresh_token

" - }, - "scope":{ - "shape":"Scopes", - "documentation":"

The list of scopes for which authorization is granted. The access token that is issued is limited to the scopes that are granted.

" - } - } - }, - "DeviceCode":{"type":"string"}, - "Error":{"type":"string"}, - "ErrorDescription":{"type":"string"}, - "ExpirationInSeconds":{"type":"integer"}, - "ExpiredTokenException":{ - "type":"structure", - "members":{ - "error":{ - "shape":"Error", - "documentation":"

Single error code. For this exception the value will be expired_token.

" - }, - "error_description":{ - "shape":"ErrorDescription", - "documentation":"

Human-readable text providing additional information, used to assist the client developer in understanding the error that occurred.

" - } - }, - "documentation":"

Indicates that the token issued by the service is expired and is no longer valid.

", - "error":{"httpStatusCode":400}, - "exception":true - }, - "GrantType":{"type":"string"}, - "GrantTypes":{ - "type":"list", - "member":{"shape":"GrantType"} - }, - "IdToken":{ - "type":"string", - "sensitive":true - }, - "InternalServerException":{ - "type":"structure", - "members":{ - "error":{ - "shape":"Error", - "documentation":"

Single error code. For this exception the value will be server_error.

" - }, - "error_description":{ - "shape":"ErrorDescription", - "documentation":"

Human-readable text providing additional information, used to assist the client developer in understanding the error that occurred.

" - } - }, - "documentation":"

Indicates that an error from the service occurred while trying to process a request.

", - "error":{"httpStatusCode":500}, - "exception":true, - "fault":true - }, - "IntervalInSeconds":{"type":"integer"}, - "InvalidClientException":{ - "type":"structure", - "members":{ - "error":{ - "shape":"Error", - "documentation":"

Single error code. For this exception the value will be invalid_client.

" - }, - "error_description":{ - "shape":"ErrorDescription", - "documentation":"

Human-readable text providing additional information, used to assist the client developer in understanding the error that occurred.

" - } - }, - "documentation":"

Indicates that the clientId or clientSecret in the request is invalid. For example, this can occur when a client sends an incorrect clientId or an expired clientSecret.

", - "error":{"httpStatusCode":401}, - "exception":true - }, - "InvalidClientMetadataException":{ - "type":"structure", - "members":{ - "error":{ - "shape":"Error", - "documentation":"

Single error code. For this exception the value will be invalid_client_metadata.

" - }, - "error_description":{ - "shape":"ErrorDescription", - "documentation":"

Human-readable text providing additional information, used to assist the client developer in understanding the error that occurred.

" - } - }, - "documentation":"

Indicates that the client information sent in the request during registration is invalid.

", - "error":{"httpStatusCode":400}, - "exception":true - }, - "InvalidGrantException":{ - "type":"structure", - "members":{ - "error":{ - "shape":"Error", - "documentation":"

Single error code. For this exception the value will be invalid_grant.

" - }, - "error_description":{ - "shape":"ErrorDescription", - "documentation":"

Human-readable text providing additional information, used to assist the client developer in understanding the error that occurred.

" - } - }, - "documentation":"

Indicates that a request contains an invalid grant. This can occur if a client makes a CreateToken request with an invalid grant type.

", - "error":{"httpStatusCode":400}, - "exception":true - }, - "InvalidRedirectUriException":{ - "type":"structure", - "members":{ - "error":{ - "shape":"Error", - "documentation":"

Single error code. For this exception the value will be invalid_redirect_uri.

" - }, - "error_description":{ - "shape":"ErrorDescription", - "documentation":"

Human-readable text providing additional information, used to assist the client developer in understanding the error that occurred.

" - } - }, - "documentation":"

Indicates that one or more redirect URI in the request is not supported for this operation.

", - "error":{"httpStatusCode":400}, - "exception":true - }, - "InvalidRequestException":{ - "type":"structure", - "members":{ - "error":{ - "shape":"Error", - "documentation":"

Single error code. For this exception the value will be invalid_request.

" - }, - "error_description":{ - "shape":"ErrorDescription", - "documentation":"

Human-readable text providing additional information, used to assist the client developer in understanding the error that occurred.

" - } - }, - "documentation":"

Indicates that something is wrong with the input to the request. For example, a required parameter might be missing or out of range.

", - "error":{"httpStatusCode":400}, - "exception":true - }, - "InvalidRequestRegionException":{ - "type":"structure", - "members":{ - "error":{ - "shape":"Error", - "documentation":"

Single error code. For this exception the value will be invalid_request.

" - }, - "error_description":{ - "shape":"ErrorDescription", - "documentation":"

Human-readable text providing additional information, used to assist the client developer in understanding the error that occurred.

" - }, - "endpoint":{ - "shape":"Location", - "documentation":"

Indicates the IAM Identity Center endpoint which the requester may call with this token.

" - }, - "region":{ - "shape":"Region", - "documentation":"

Indicates the region which the requester may call with this token.

" - } - }, - "documentation":"

Indicates that a token provided as input to the request was issued by and is only usable by calling IAM Identity Center endpoints in another region.

", - "error":{"httpStatusCode":400}, - "exception":true - }, - "InvalidScopeException":{ - "type":"structure", - "members":{ - "error":{ - "shape":"Error", - "documentation":"

Single error code. For this exception the value will be invalid_scope.

" - }, - "error_description":{ - "shape":"ErrorDescription", - "documentation":"

Human-readable text providing additional information, used to assist the client developer in understanding the error that occurred.

" - } - }, - "documentation":"

Indicates that the scope provided in the request is invalid.

", - "error":{"httpStatusCode":400}, - "exception":true - }, - "Location":{"type":"string"}, - "LongTimeStampType":{"type":"long"}, - "RedirectUris":{ - "type":"list", - "member":{"shape":"URI"} - }, - "RefreshToken":{ - "type":"string", - "sensitive":true - }, - "Region":{"type":"string"}, - "RegisterClientRequest":{ - "type":"structure", - "required":[ - "clientName", - "clientType" - ], - "members":{ - "clientName":{ - "shape":"ClientName", - "documentation":"

The friendly name of the client.

" - }, - "clientType":{ - "shape":"ClientType", - "documentation":"

The type of client. The service supports only public as a client type. Anything other than public will be rejected by the service.

" - }, - "scopes":{ - "shape":"Scopes", - "documentation":"

The list of scopes that are defined by the client. Upon authorization, this list is used to restrict permissions when granting an access token.

" - }, - "redirectUris":{ - "shape":"RedirectUris", - "documentation":"

The list of redirect URI that are defined by the client. At completion of authorization, this list is used to restrict what locations the user agent can be redirected back to.

" - }, - "grantTypes":{ - "shape":"GrantTypes", - "documentation":"

The list of OAuth 2.0 grant types that are defined by the client. This list is used to restrict the token granting flows available to the client.

" - }, - "issuerUrl":{ - "shape":"URI", - "documentation":"

The IAM Identity Center Issuer URL associated with an instance of IAM Identity Center. This value is needed for user access to resources through the client.

" - }, - "entitledApplicationArn":{ - "shape":"ArnType", - "documentation":"

This IAM Identity Center application ARN is used to define administrator-managed configuration for public client access to resources. At authorization, the scopes, grants, and redirect URI available to this client will be restricted by this application resource.

" - } - } - }, - "RegisterClientResponse":{ - "type":"structure", - "members":{ - "clientId":{ - "shape":"ClientId", - "documentation":"

The unique identifier string for each client. This client uses this identifier to get authenticated by the service in subsequent calls.

" - }, - "clientSecret":{ - "shape":"ClientSecret", - "documentation":"

A secret string generated for the client. The client will use this string to get authenticated by the service in subsequent calls.

" - }, - "clientIdIssuedAt":{ - "shape":"LongTimeStampType", - "documentation":"

Indicates the time at which the clientId and clientSecret were issued.

" - }, - "clientSecretExpiresAt":{ - "shape":"LongTimeStampType", - "documentation":"

Indicates the time at which the clientId and clientSecret will become invalid.

" - }, - "authorizationEndpoint":{ - "shape":"URI", - "documentation":"

An endpoint that the client can use to request authorization.

" - }, - "tokenEndpoint":{ - "shape":"URI", - "documentation":"

An endpoint that the client can use to create tokens.

" - } - } - }, - "Scope":{"type":"string"}, - "Scopes":{ - "type":"list", - "member":{"shape":"Scope"} - }, - "SlowDownException":{ - "type":"structure", - "members":{ - "error":{ - "shape":"Error", - "documentation":"

Single error code. For this exception the value will be slow_down.

" - }, - "error_description":{ - "shape":"ErrorDescription", - "documentation":"

Human-readable text providing additional information, used to assist the client developer in understanding the error that occurred.

" - } - }, - "documentation":"

Indicates that the client is making the request too frequently and is more than the service can handle.

", - "error":{"httpStatusCode":400}, - "exception":true - }, - "StartDeviceAuthorizationRequest":{ - "type":"structure", - "required":[ - "clientId", - "clientSecret", - "startUrl" - ], - "members":{ - "clientId":{ - "shape":"ClientId", - "documentation":"

The unique identifier string for the client that is registered with IAM Identity Center. This value should come from the persisted result of the RegisterClient API operation.

" - }, - "clientSecret":{ - "shape":"ClientSecret", - "documentation":"

A secret string that is generated for the client. This value should come from the persisted result of the RegisterClient API operation.

" - }, - "startUrl":{ - "shape":"URI", - "documentation":"

The URL for the Amazon Web Services access portal. For more information, see Using the Amazon Web Services access portal in the IAM Identity Center User Guide.

" - } - } - }, - "StartDeviceAuthorizationResponse":{ - "type":"structure", - "members":{ - "deviceCode":{ - "shape":"DeviceCode", - "documentation":"

The short-lived code that is used by the device when polling for a session token.

" - }, - "userCode":{ - "shape":"UserCode", - "documentation":"

A one-time user verification code. This is needed to authorize an in-use device.

" - }, - "verificationUri":{ - "shape":"URI", - "documentation":"

The URI of the verification page that takes the userCode to authorize the device.

" - }, - "verificationUriComplete":{ - "shape":"URI", - "documentation":"

An alternate URL that the client can use to automatically launch a browser. This process skips the manual step in which the user visits the verification page and enters their code.

" - }, - "expiresIn":{ - "shape":"ExpirationInSeconds", - "documentation":"

Indicates the number of seconds in which the verification code will become invalid.

" - }, - "interval":{ - "shape":"IntervalInSeconds", - "documentation":"

Indicates the number of seconds the client must wait between attempts when polling for a session.

" - } - } - }, - "SubjectToken":{ - "type":"string", - "sensitive":true - }, - "TokenType":{"type":"string"}, - "TokenTypeURI":{"type":"string"}, - "URI":{"type":"string"}, - "UnauthorizedClientException":{ - "type":"structure", - "members":{ - "error":{ - "shape":"Error", - "documentation":"

Single error code. For this exception the value will be unauthorized_client.

" - }, - "error_description":{ - "shape":"ErrorDescription", - "documentation":"

Human-readable text providing additional information, used to assist the client developer in understanding the error that occurred.

" - } - }, - "documentation":"

Indicates that the client is not currently authorized to make the request. This can happen when a clientId is not issued for a public client.

", - "error":{"httpStatusCode":400}, - "exception":true - }, - "UnsupportedGrantTypeException":{ - "type":"structure", - "members":{ - "error":{ - "shape":"Error", - "documentation":"

Single error code. For this exception the value will be unsupported_grant_type.

" - }, - "error_description":{ - "shape":"ErrorDescription", - "documentation":"

Human-readable text providing additional information, used to assist the client developer in understanding the error that occurred.

" - } - }, - "documentation":"

Indicates that the grant type in the request is not supported by the service.

", - "error":{"httpStatusCode":400}, - "exception":true - }, - "UserCode":{"type":"string"} - }, - "documentation":"

IAM Identity Center OpenID Connect (OIDC) is a web service that enables a client (such as CLI or a native application) to register with IAM Identity Center. The service also enables the client to fetch the user’s access token upon successful authentication and authorization with IAM Identity Center.

IAM Identity Center uses the sso and identitystore API namespaces.

Considerations for Using This Guide

Before you begin using this guide, we recommend that you first review the following important information about how the IAM Identity Center OIDC service works.

  • The IAM Identity Center OIDC service currently implements only the portions of the OAuth 2.0 Device Authorization Grant standard (https://tools.ietf.org/html/rfc8628) that are necessary to enable single sign-on authentication with the CLI.

  • With older versions of the CLI, the service only emits OIDC access tokens, so to obtain a new token, users must explicitly re-authenticate. To access the OIDC flow that supports token refresh and doesn’t require re-authentication, update to the latest CLI version (1.27.10 for CLI V1 and 2.9.0 for CLI V2) with support for OIDC token refresh and configurable IAM Identity Center session durations. For more information, see Configure Amazon Web Services access portal session duration .

  • The access tokens provided by this service grant access to all Amazon Web Services account entitlements assigned to an IAM Identity Center user, not just a particular application.

  • The documentation in this guide does not describe the mechanism to convert the access token into Amazon Web Services Auth (“sigv4”) credentials for use with IAM-protected Amazon Web Services service endpoints. For more information, see GetRoleCredentials in the IAM Identity Center Portal API Reference Guide.

For general information about IAM Identity Center, see What is IAM Identity Center? in the IAM Identity Center User Guide.

" -} diff --git a/plugins/core/sdk-codegen/src/software/amazon/awssdk/services/ssooidc/SsoOidcTokenProvider.java b/plugins/core/sdk-codegen/src/software/amazon/awssdk/services/ssooidc/SsoOidcTokenProvider.java deleted file mode 100644 index c5c1501ee39..00000000000 --- a/plugins/core/sdk-codegen/src/software/amazon/awssdk/services/ssooidc/SsoOidcTokenProvider.java +++ /dev/null @@ -1,243 +0,0 @@ -/* - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"). - * You may not use this file except in compliance with the License. - * A copy of the License is located at - * - * http://aws.amazon.com/apache2.0 - * - * or in the "license" file accompanying this file. This file is distributed - * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the License for the specific language governing - * permissions and limitations under the License. - */ - -package software.amazon.awssdk.services.ssooidc; - -import java.time.Duration; -import java.time.Instant; -import java.util.function.Function; -import java.util.function.Supplier; -import software.amazon.awssdk.annotations.SdkPublicApi; -import software.amazon.awssdk.annotations.ThreadSafe; -import software.amazon.awssdk.auth.token.credentials.SdkToken; -import software.amazon.awssdk.auth.token.credentials.SdkTokenProvider; -import software.amazon.awssdk.awscore.exception.AwsServiceException; -import software.amazon.awssdk.awscore.internal.token.CachedTokenRefresher; -import software.amazon.awssdk.awscore.internal.token.TokenManager; -import software.amazon.awssdk.awscore.internal.token.TokenRefresher; -import software.amazon.awssdk.core.exception.SdkClientException; -import software.amazon.awssdk.core.exception.SdkException; -import software.amazon.awssdk.services.ssooidc.internal.OnDiskTokenManager; -import software.amazon.awssdk.services.ssooidc.internal.SsoOidcToken; -import software.amazon.awssdk.services.ssooidc.internal.SsoOidcTokenTransformer; -import software.amazon.awssdk.services.ssooidc.model.CreateTokenRequest; -import software.amazon.awssdk.utils.Logger; -import software.amazon.awssdk.utils.SdkAutoCloseable; -import software.amazon.awssdk.utils.Validate; - -/** - * Implementation of {@link SdkTokenProvider} that is capable of loading and - * storing SSO tokens to {@code ~/.aws/sso/cache}. This is also capable of - * refreshing the cached token via the SSO-OIDC service. - */ -@SdkPublicApi -@ThreadSafe -public final class SsoOidcTokenProvider implements SdkTokenProvider, SdkAutoCloseable { - - private static final Duration DEFAULT_STALE_DURATION = Duration.ofMinutes(1); - private static final Duration DEFAULT_PREFETCH_DURATION = Duration.ofMinutes(5); - private static final Logger log = Logger.loggerFor(SsoOidcTokenProvider.class); - private final TokenManager onDiskTokenManager; - - private final TokenRefresher tokenRefresher; - private final SsoOidcClient ssoOidcClient; - - private final Duration staleTime; - private final Duration prefetchTime; - - private SsoOidcTokenProvider(BuilderImpl builder) { - Validate.paramNotNull(builder.sessionName, "sessionName"); - Validate.paramNotNull(builder.ssoOidcClient, "ssoOidcClient"); - - this.ssoOidcClient = builder.ssoOidcClient; - this.staleTime = builder.staleTime == null ? DEFAULT_STALE_DURATION : builder.staleTime; - this.prefetchTime = builder.prefetchTime == null ? DEFAULT_PREFETCH_DURATION : builder.prefetchTime; - - this.onDiskTokenManager = OnDiskTokenManager.create(builder.sessionName); - - this.tokenRefresher = CachedTokenRefresher.builder() - .tokenRetriever(getDefaultSsoTokenRetriever(this.ssoOidcClient, - this.onDiskTokenManager, - this.staleTime, this.prefetchTime)) - .exceptionHandler(exceptionHandler()) - .prefetchTime(this.prefetchTime) - .staleDuration(this.staleTime) - .asyncRefreshEnabled(builder.asyncTokenUpdateEnabled) - .build(); - } - - - private Function exceptionHandler() { - return e -> { - if (e instanceof AwsServiceException) { - log.warn(() -> "Failed to fetch token.", e); - // If we fail to get token from service then fetch the previous cached token from disc. - return onDiskTokenManager.loadToken() - .orElseThrow(() -> SdkClientException.create("Unable to load SSO token")); - } - throw e; - }; - } - - @Override - public SdkToken resolveToken() { - SsoOidcToken ssoOidcToken = tokenRefresher.refreshIfStaleAndFetch(); - if (isExpired(ssoOidcToken)) { - throw SdkClientException.create("Token is expired"); - } - return ssoOidcToken; - } - - public static Builder builder() { - return new BuilderImpl(); - } - - @Override - public void close() { - tokenRefresher.close(); - } - - public interface Builder { - /** - * The sessionName used to retrieve the SSO token. - */ - Builder sessionName(String sessionName); - - /** - * - * Client to fetch token from SSO OIDC service. - */ - Builder ssoOidcClient(SsoOidcClient ssoOidcClient); - - /** - * Configure the amount of time, relative to Sso-Oidc token , that the cached tokens in refresher are considered - * stale and should no longer be used. - * - *

By default, this is 5 minute.

- */ - Builder staleTime(Duration onDiskStaleDuration); - - /** - * - * Configure the amount of time, relative to Sso-Oidc token , that the cached tokens in refresher are considered - * prefetched from service.. - */ - Builder prefetchTime(Duration prefetchTime); - - /** - * Configure whether the provider should fetch tokens asynchronously in the background. If this is true, - * threads are less likely to block when token are loaded, but additional resources are used to maintain - * the provider. - * - *

By default, this is disabled.

- */ - Builder asyncTokenUpdateEnabled(Boolean asyncTokenUpdateEnabled); - - SsoOidcTokenProvider build(); - } - - private boolean isExpired(SsoOidcToken token) { - Instant expiration = token.expirationTime().get(); - Instant now = Instant.now(); - return now.isAfter(expiration); - } - - private static boolean isWithinRefreshWindow(SsoOidcToken token, Duration staleTime) { - Instant expiration = token.expirationTime().get(); - Instant now = Instant.now(); - return expiration.isAfter(now.plus(staleTime)); - } - - private static void validateToken(SsoOidcToken token) { - Validate.notNull(token.token(), "token cannot be null"); - Validate.notNull(token.expirationTime(), "expirationTime cannot be null"); - } - - private static class BuilderImpl implements Builder { - private String sessionName; - private SsoOidcClient ssoOidcClient; - private Duration staleTime; - private Duration prefetchTime; - private Boolean asyncTokenUpdateEnabled = false; - - - private BuilderImpl() { - } - - @Override - public Builder sessionName(String sessionName) { - this.sessionName = sessionName; - return this; - } - - @Override - public Builder ssoOidcClient(SsoOidcClient ssoOidcClient) { - this.ssoOidcClient = ssoOidcClient; - return this; - } - - @Override - public Builder staleTime(Duration staleTime) { - this.staleTime = staleTime; - return this; - } - - @Override - public Builder prefetchTime(Duration prefetchTime) { - this.prefetchTime = prefetchTime; - return this; - } - - @Override - public Builder asyncTokenUpdateEnabled(Boolean asyncTokenUpdateEnabled) { - this.asyncTokenUpdateEnabled = asyncTokenUpdateEnabled; - return this; - } - - @Override - public SsoOidcTokenProvider build() { - return new SsoOidcTokenProvider(this); - } - } - - private static Supplier getDefaultSsoTokenRetriever(SsoOidcClient ssoOidcClient, - TokenManager tokenManager, - Duration staleTime, - Duration prefetchTime) { - return () -> { - SsoOidcToken baseToken = tokenManager.loadToken() - .orElseThrow(() -> SdkClientException.create("Unable to load SSO token")); - validateToken(baseToken); - - if (isWithinRefreshWindow(baseToken, staleTime) - && isWithinRefreshWindow(baseToken, prefetchTime)) { - return baseToken; - } - - SsoOidcTokenTransformer ssoOidcTokenTransformer = SsoOidcTokenTransformer.create(baseToken); - SsoOidcToken refreshToken = ssoOidcTokenTransformer.transform(ssoOidcClient.createToken( - CreateTokenRequest.builder() - .grantType("refresh_token") - .clientId(baseToken.clientId()) - .clientSecret(baseToken.clientSecret()) - .refreshToken(baseToken.refreshToken()) - .build())); - tokenManager.storeToken(refreshToken); - return refreshToken; - }; - } - - -} diff --git a/plugins/core/sdk-codegen/src/software/amazon/awssdk/services/ssooidc/internal/OnDiskTokenManager.java b/plugins/core/sdk-codegen/src/software/amazon/awssdk/services/ssooidc/internal/OnDiskTokenManager.java deleted file mode 100644 index 3c0673b799c..00000000000 --- a/plugins/core/sdk-codegen/src/software/amazon/awssdk/services/ssooidc/internal/OnDiskTokenManager.java +++ /dev/null @@ -1,181 +0,0 @@ -/* - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"). - * You may not use this file except in compliance with the License. - * A copy of the License is located at - * - * http://aws.amazon.com/apache2.0 - * - * or in the "license" file accompanying this file. This file is distributed - * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the License for the specific language governing - * permissions and limitations under the License. - */ - -package software.amazon.awssdk.services.ssooidc.internal; - -import static software.amazon.awssdk.utils.UserHomeDirectoryUtils.userHomeDirectory; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.nio.charset.StandardCharsets; -import java.nio.file.Files; -import java.nio.file.Path; -import java.nio.file.Paths; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.time.Instant; -import java.time.format.DateTimeFormatter; -import java.util.Locale; -import java.util.Optional; -import software.amazon.awssdk.annotations.SdkInternalApi; -import software.amazon.awssdk.awscore.internal.token.TokenManager; -import software.amazon.awssdk.core.exception.SdkClientException; -import software.amazon.awssdk.protocols.jsoncore.JsonNode; -import software.amazon.awssdk.protocols.jsoncore.JsonNodeParser; -import software.amazon.awssdk.thirdparty.jackson.core.JsonGenerator; -import software.amazon.awssdk.utils.BinaryUtils; -import software.amazon.awssdk.utils.IoUtils; -import software.amazon.awssdk.utils.Validate; - -/** - * Implementation of {@link TokenManager} that can load and store SSO tokens - * from and to disk. - */ -@SdkInternalApi -public final class OnDiskTokenManager implements TokenManager { - private static final Path DEFAULT_TOKEN_LOCATION = Paths.get(userHomeDirectory(), ".aws", "sso", "cache"); - - private final JsonNodeParser jsonParser = JsonNodeParser.builder().removeErrorLocations(true).build(); - - private final String sessionName; - private final Path tokenLocation; - - private OnDiskTokenManager(Path cacheLocation, String sessionName) { - Validate.notNull(cacheLocation, "cacheLocation must not be null"); - this.sessionName = Validate.notNull(sessionName, "sessionName must not be null"); - Validate.notBlank(sessionName, "sessionName must not be blank"); - String cacheKey = deriveCacheKey(sessionName); - this.tokenLocation = cacheLocation.resolve(cacheKey + ".json"); - } - - @Override - public Optional loadToken() { - if (!Files.exists(tokenLocation)) { - return Optional.empty(); - } - - try (InputStream cachedTokenStream = Files.newInputStream(tokenLocation)) { - String content = IoUtils.toUtf8String(cachedTokenStream); - return Optional.of(unmarshalToken(content)); - } catch (IOException e) { - throw SdkClientException.create("Failed to load cached token at " + tokenLocation, e); - } - } - - @Override - public void storeToken(SsoOidcToken token) { - try (OutputStream os = Files.newOutputStream(tokenLocation)) { - os.write(marshalToken(token)); - } catch (IOException e) { - throw SdkClientException.create("Unable to write token to location " + tokenLocation, e); - } - } - - @Override - public void close() { - } - - public static OnDiskTokenManager create(Path cacheLocation, String sessionName) { - return new OnDiskTokenManager(cacheLocation, sessionName); - } - - public static OnDiskTokenManager create(String sessionName) { - return create(DEFAULT_TOKEN_LOCATION, sessionName); - } - - private SsoOidcToken unmarshalToken(String contents) { - JsonNode node = jsonParser.parse(contents); - SsoOidcToken.Builder tokenBuilder = SsoOidcToken.builder(); - - JsonNode accessToken = node.field("accessToken") - .orElseThrow(() -> SdkClientException.create("required member 'accessToken' not found")); - tokenBuilder.accessToken(accessToken.text()); - - JsonNode expiresAt = node.field("expiresAt") - .orElseThrow(() -> SdkClientException.create("required member 'expiresAt' not found")); - tokenBuilder.expiresAt(Instant.parse(expiresAt.text())); - - node.field("refreshToken").map(JsonNode::text).ifPresent(tokenBuilder::refreshToken); - node.field("clientId").map(JsonNode::text).ifPresent(tokenBuilder::clientId); - node.field("clientSecret").map(JsonNode::text).ifPresent(tokenBuilder::clientSecret); - node.field("registrationExpiresAt") - .map(JsonNode::text) - .map(Instant::parse) - .ifPresent(tokenBuilder::registrationExpiresAt); - node.field("region").map(JsonNode::text).ifPresent(tokenBuilder::region); - node.field("startUrl").map(JsonNode::text).ifPresent(tokenBuilder::startUrl); - tokenBuilder.providerName(SsoOidcToken.PROVIDER_NAME); - return tokenBuilder.build(); - } - - private byte[] marshalToken(SsoOidcToken token) { - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - JsonGenerator generator = null; - try { - generator = JsonNodeParser.DEFAULT_JSON_FACTORY.createGenerator(baos); - generator.writeStartObject(); - - generator.writeStringField("accessToken", token.token()); - - generator.writeStringField("expiresAt", DateTimeFormatter.ISO_INSTANT.format(token.expirationTime().get())); - if (token.refreshToken() != null) { - generator.writeStringField("refreshToken", token.refreshToken()); - - } - if (token.clientId() != null) { - generator.writeStringField("clientId", token.clientId()); - } - - if (token.clientSecret() != null) { - generator.writeStringField("clientSecret", token.clientSecret()); - } - - if (token.registrationExpiresAt() != null) { - generator.writeStringField("registrationExpiresAt", - DateTimeFormatter.ISO_INSTANT.format(token.registrationExpiresAt())); - } - - if (token.region() != null) { - generator.writeStringField("region", token.region()); - } - - if (token.startUrl() != null) { - generator.writeStringField("startUrl", token.startUrl()); - } - generator.writeEndObject(); - - generator.close(); - return baos.toByteArray(); - } catch (IOException e) { - throw SdkClientException.create("Unable to marshal token to JSON", e); - } finally { - if (generator != null) { - IoUtils.closeQuietly(generator, null); - } - } - } - - private static String deriveCacheKey(String sessionName) { - try { - MessageDigest sha1 = MessageDigest.getInstance("sha1"); - sha1.update(sessionName.getBytes(StandardCharsets.UTF_8)); - return BinaryUtils.toHex(sha1.digest()).toLowerCase(Locale.ENGLISH); - } catch (NoSuchAlgorithmException e) { - throw SdkClientException.create("Unable to derive cache key", e); - } - } -} diff --git a/plugins/core/sdk-codegen/src/software/amazon/awssdk/services/ssooidc/internal/SsoOidcToken.java b/plugins/core/sdk-codegen/src/software/amazon/awssdk/services/ssooidc/internal/SsoOidcToken.java deleted file mode 100644 index 5f96ebe6ee5..00000000000 --- a/plugins/core/sdk-codegen/src/software/amazon/awssdk/services/ssooidc/internal/SsoOidcToken.java +++ /dev/null @@ -1,247 +0,0 @@ -/* - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"). - * You may not use this file except in compliance with the License. - * A copy of the License is located at - * - * http://aws.amazon.com/apache2.0 - * - * or in the "license" file accompanying this file. This file is distributed - * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the License for the specific language governing - * permissions and limitations under the License. - */ - -package software.amazon.awssdk.services.ssooidc.internal; - -import java.time.Instant; -import java.util.Objects; -import java.util.Optional; -import software.amazon.awssdk.annotations.SdkInternalApi; -import software.amazon.awssdk.auth.token.credentials.SdkToken; -import software.amazon.awssdk.utils.ToString; -import software.amazon.awssdk.utils.Validate; - -/** - * Represents a cached SSO token. - * - * - * { - * "accessToken": "string", - * "expiresAt": "2019-11-14T04:05:45Z", - * "refreshToken": "string", - * "clientId": "ABCDEFG323242423121312312312312312", - * "clientSecret": "ABCDE123", - * "registrationExpiresAt": "2022-03-06T19:53:17Z", - * "region": "us-west-2", - * "startUrl": "https://d-abc123.awsapps.com/start" - * } - * - */ -@SdkInternalApi -public final class SsoOidcToken implements SdkToken { - public static final String PROVIDER_NAME = "SsoOidcTokenProvider"; - private final String accessToken; - private final Instant expiresAt; - private final String refreshToken; - private final String clientId; - private final String clientSecret; - private final Instant registrationExpiresAt; - private final String region; - private final String startUrl; - private final String providerName; - - private SsoOidcToken(BuilderImpl builder) { - Validate.paramNotNull(builder.accessToken, "accessToken"); - Validate.paramNotNull(builder.expiresAt, "expiresAt"); - this.accessToken = builder.accessToken; - this.expiresAt = builder.expiresAt; - this.refreshToken = builder.refreshToken; - this.clientId = builder.clientId; - this.clientSecret = builder.clientSecret; - this.registrationExpiresAt = builder.registrationExpiresAt; - this.region = builder.region; - this.startUrl = builder.startUrl; - this.providerName = builder.providerName; - } - - @Override - public String token() { - return accessToken; - } - - @Override - public Optional expirationTime() { - return Optional.of(expiresAt); - } - - public String refreshToken() { - return refreshToken; - } - - public String clientId() { - return clientId; - } - - public String clientSecret() { - return clientSecret; - } - - public Instant registrationExpiresAt() { - return registrationExpiresAt; - } - - public String region() { - return region; - } - - public String startUrl() { - return startUrl; - } - - @Override - public boolean equals(Object o) { - if (this == o) { - return true; - } - if (o == null || getClass() != o.getClass()) { - return false; - } - - SsoOidcToken ssoOidcToken = (SsoOidcToken) o; - - return Objects.equals(accessToken, ssoOidcToken.accessToken) - && Objects.equals(expiresAt, ssoOidcToken.expiresAt) - && Objects.equals(refreshToken, ssoOidcToken.refreshToken) - && Objects.equals(clientId, ssoOidcToken.clientId) - && Objects.equals(clientSecret, ssoOidcToken.clientSecret) - && Objects.equals(registrationExpiresAt, ssoOidcToken.registrationExpiresAt) - && Objects.equals(region, ssoOidcToken.region) - && Objects.equals(startUrl, ssoOidcToken.startUrl); - } - - @Override - public int hashCode() { - int result = Objects.hashCode(accessToken); - result = 31 * result + Objects.hashCode(expiresAt); - result = 31 * result + Objects.hashCode(refreshToken); - result = 31 * result + Objects.hashCode(clientId); - result = 31 * result + Objects.hashCode(clientSecret); - result = 31 * result + Objects.hashCode(registrationExpiresAt); - result = 31 * result + Objects.hashCode(region); - result = 31 * result + Objects.hashCode(startUrl); - return result; - } - - @Override - public String toString() { - return ToString.builder("SsoOidcToken") - .add("accessToken", accessToken) - .add("expiresAt", expiresAt) - .add("refreshToken", refreshToken) - .add("clientId", clientId) - .add("clientSecret", clientSecret) - .add("registrationExpiresAt", registrationExpiresAt) - .add("region", region) - .add("startUrl", startUrl) - .build(); - } - - public static Builder builder() { - return new BuilderImpl(); - } - - public interface Builder { - Builder accessToken(String accessToken); - - Builder expiresAt(Instant expiresAt); - - Builder refreshToken(String refreshToken); - - Builder clientId(String clientId); - - Builder clientSecret(String clientSecret); - - Builder registrationExpiresAt(Instant registrationExpiresAt); - - Builder region(String region); - - Builder startUrl(String startUrl); - - Builder providerName(String providerName); - - SsoOidcToken build(); - } - - private static class BuilderImpl implements Builder { - private String accessToken; - private Instant expiresAt; - private String refreshToken; - private String clientId; - private String clientSecret; - private Instant registrationExpiresAt; - private String region; - private String startUrl; - private String providerName; - - @Override - public Builder accessToken(String accessToken) { - this.accessToken = accessToken; - return this; - } - - @Override - public Builder expiresAt(Instant expiresAt) { - this.expiresAt = expiresAt; - return this; - } - - @Override - public Builder refreshToken(String refreshToken) { - this.refreshToken = refreshToken; - return this; - } - - @Override - public Builder clientId(String clientId) { - this.clientId = clientId; - return this; - } - - @Override - public Builder clientSecret(String clientSecret) { - this.clientSecret = clientSecret; - return this; - } - - @Override - public Builder registrationExpiresAt(Instant registrationExpiresAt) { - this.registrationExpiresAt = registrationExpiresAt; - return this; - } - - @Override - public Builder region(String region) { - this.region = region; - return this; - } - - @Override - public Builder startUrl(String startUrl) { - this.startUrl = startUrl; - return this; - } - - @Override - public Builder providerName(String providerName) { - this.providerName = providerName; - return this; - } - - @Override - public SsoOidcToken build() { - return new SsoOidcToken(this); - } - } -} diff --git a/plugins/core/sdk-codegen/src/software/amazon/awssdk/services/ssooidc/internal/SsoOidcTokenTransformer.java b/plugins/core/sdk-codegen/src/software/amazon/awssdk/services/ssooidc/internal/SsoOidcTokenTransformer.java deleted file mode 100644 index feef372c41f..00000000000 --- a/plugins/core/sdk-codegen/src/software/amazon/awssdk/services/ssooidc/internal/SsoOidcTokenTransformer.java +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"). - * You may not use this file except in compliance with the License. - * A copy of the License is located at - * - * http://aws.amazon.com/apache2.0 - * - * or in the "license" file accompanying this file. This file is distributed - * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the License for the specific language governing - * permissions and limitations under the License. - */ - -package software.amazon.awssdk.services.ssooidc.internal; - -import java.time.Instant; -import software.amazon.awssdk.annotations.SdkInternalApi; -import software.amazon.awssdk.awscore.internal.token.TokenTransformer; -import software.amazon.awssdk.services.ssooidc.model.CreateTokenResponse; -import software.amazon.awssdk.utils.Validate; - -/** - * Transformer to transform CreateTokenResponse to SsoToken. - */ -@SdkInternalApi -public final class SsoOidcTokenTransformer implements TokenTransformer { - - private final SsoOidcToken baseToken; - - private SsoOidcTokenTransformer(SsoOidcToken baseToken) { - Validate.notNull(baseToken.startUrl(), "startUrl is null "); - Validate.notNull(baseToken.clientId(), "clientId is null "); - Validate.notNull(baseToken.clientSecret(), "clientSecret is null "); - this.baseToken = baseToken; - } - - public static SsoOidcTokenTransformer create(SsoOidcToken baseToken) { - Validate.paramNotNull(baseToken, "baseToken"); - return new SsoOidcTokenTransformer(baseToken); - } - - @Override - public SsoOidcToken transform(CreateTokenResponse awsResponse) { - Validate.paramNotNull(awsResponse.accessToken(), "accessToken"); - Validate.paramNotNull(awsResponse.expiresIn(), "expiresIn"); - return SsoOidcToken.builder() - .accessToken(awsResponse.accessToken()) - .refreshToken(awsResponse.refreshToken()) - .expiresAt(awsResponse.expiresIn() != null ? Instant.now().plusSeconds(awsResponse.expiresIn()) : null) - .startUrl(baseToken.startUrl()) - .registrationExpiresAt(baseToken.registrationExpiresAt()) - .region(baseToken.region()) - .clientSecret(baseToken.clientSecret()) - .clientId(baseToken.clientId()) - .providerName(SsoOidcToken.PROVIDER_NAME) - .build(); - } -} diff --git a/plugins/toolkit/jetbrains-core/src/software/aws/toolkits/jetbrains/services/s3/editor/S3TreeTable.kt b/plugins/toolkit/jetbrains-core/src/software/aws/toolkits/jetbrains/services/s3/editor/S3TreeTable.kt index 1fd09ef97bd..b8329554e9f 100644 --- a/plugins/toolkit/jetbrains-core/src/software/aws/toolkits/jetbrains/services/s3/editor/S3TreeTable.kt +++ b/plugins/toolkit/jetbrains-core/src/software/aws/toolkits/jetbrains/services/s3/editor/S3TreeTable.kt @@ -155,7 +155,7 @@ class S3TreeTable( // Do not set up Drag and Drop when in test mode since AWT is not enabled if (!ApplicationManager.getApplication().isUnitTestMode) { // Associate the drop target listener with this instance which will allow uploading by drag and drop - DropTarget(this, dropTargetListener) + DropTarget(tree, dropTargetListener) } TreeSpeedSearch.installOn( tree, @@ -170,9 +170,9 @@ class S3TreeTable( } } ) - loadMoreListener.installOn(this) - openFileListener.installOn(this) - super.addKeyListener(keyListener) + loadMoreListener.installOn(tree) + openFileListener.installOn(tree) + tree.addKeyListener(keyListener) } fun refresh() { diff --git a/plugins/toolkit/jetbrains-core/src/software/aws/toolkits/jetbrains/services/s3/editor/S3ViewerPanel.kt b/plugins/toolkit/jetbrains-core/src/software/aws/toolkits/jetbrains/services/s3/editor/S3ViewerPanel.kt index 53c1a395abb..29a331e89c7 100644 --- a/plugins/toolkit/jetbrains-core/src/software/aws/toolkits/jetbrains/services/s3/editor/S3ViewerPanel.kt +++ b/plugins/toolkit/jetbrains-core/src/software/aws/toolkits/jetbrains/services/s3/editor/S3ViewerPanel.kt @@ -115,7 +115,6 @@ class S3ViewerPanel(private val disposable: Disposable, private val project: Pro treeTable.tree.setCellRenderer(treeRenderer) val tableRenderer = DefaultTableCellRenderer().also { it.horizontalAlignment = SwingConstants.LEFT } treeTable.setDefaultRenderer(Any::class.java, tableRenderer) - return treeTable } @@ -131,11 +130,7 @@ class S3ViewerPanel(private val disposable: Disposable, private val project: Pro val actionManager = ActionManager.getInstance() val group = actionManager.getAction("aws.toolkit.s3viewer.contextMenu") as ActionGroup - PopupHandler.installPopupHandler( - treeTable, - group, - ACTION_PLACE, - ) + PopupHandler.installPopupMenu(treeTable.tree, group, ACTION_PLACE) } private companion object { diff --git a/plugins/toolkit/jetbrains-gateway/build.gradle.kts b/plugins/toolkit/jetbrains-gateway/build.gradle.kts index 604b7a6a198..284c7711225 100644 --- a/plugins/toolkit/jetbrains-gateway/build.gradle.kts +++ b/plugins/toolkit/jetbrains-gateway/build.gradle.kts @@ -66,8 +66,6 @@ listOf( dependencies { intellijPlatform { - pluginModule(project(":plugin-toolkit:jetbrains-core", "gatewayArtifacts")) - pluginVerifier() testFramework(TestFrameworkType.Bundled) @@ -75,6 +73,7 @@ dependencies { // link against :j-c: and rely on :intellij-standalone:composeJar to pull in :j-c:instrumentedJar, but gateway variant when from :jetbrains-gateway compileOnly(project(":plugin-toolkit:jetbrains-core")) + gatewayOnlyRuntimeOnly(project(":plugin-toolkit:jetbrains-core", "gatewayArtifacts")) // delete when fully split gatewayOnlyRuntimeOnly(project(":plugin-core:core")) gatewayOnlyRuntimeOnly(project(":plugin-core:jetbrains-community")) @@ -141,6 +140,10 @@ artifacts { add(gatewayResources.name, gatewayResourcesDir) } +tasks.prepareJarSearchableOptions { + enabled = false +} + tasks.jar { duplicatesStrategy = DuplicatesStrategy.WARN } diff --git a/qodana.yaml b/qodana.yaml index 3f8727d4e1c..59dffad249f 100644 --- a/qodana.yaml +++ b/qodana.yaml @@ -1,6 +1,7 @@ version: 1.0 linter: jetbrains/qodana-jvm-community:latest projectJDK: "21" +bootstrap: ./gradlew :plugin-core:sdk-codegen:generateSdks :plugin-core:jetbrains-community:generateTelemetry profile: name: qodana.recommended exclude: @@ -9,3 +10,54 @@ exclude: - .qodana dot-net: solution: ReSharper.AWS.sln +include: + - name: DevKitPropertiesMessageValidation + - name: KotlinObjectExtensionRegistration + - name: LightServiceMigrationXML + - name: IncorrectProcessCanceledExceptionHandling + - name: LightServiceMigrationCode + - name: MissingActionUpdateThread + - name: ApplicationServiceAsStaticFinalFieldOrProperty + - name: CallingMethodShouldBeRequiresBlockingContext + - name: CancellationCheckInLoops + - name: CompanionObjectInExtension + - name: ComponentRegistrationProblems + - name: ComponentNotRegistered + - name: ActionPresentationInstantiatedInCtor + - name: ExtensionClassShouldBeFinalAndNonPublic + - name: ExtensionRegisteredAsServiceOrComponent + - name: ActionIsNotPreviewFriendly + - name: FileEqualsUsage + - name: ForbiddenInSuspectContextMethod + - name: IncorrectParentDisposable + - name: IncorrectServiceRetrieving + - name: PresentationAnnotation + - name: KotlinObjectRegisteredAsExtension + - name: LightServiceMustBeFinal + - name: ListenerImplementationMustNotBeDisposable + - name: LeakableMapKey + - name: MigrateToOptControl + - name: MismatchedLightServiceLevelAndCtor + - name: SerializableCtor + - name: NonDefaultConstructor + - name: InspectionUsingGrayColors + - name: PsiElementConcatenation + - name: UseDPIAwareInsets + - name: UseDPIAwareBorders + - name: UseJBColor + - name: UseVirtualFileEquals + - name: UsePrimitiveTypes + - name: UsePluginIdEquals + - name: UsePlatformProcessAwaitExit + - name: UnspecifiedActionsPlace + - name: UnsafeVfsRecursion + - name: UnsafeReturnStatementVisitor + - name: UnresolvedPluginConfigReference + - name: UndesirableClassUsage + - name: UElementAsPsi + - name: ThreadingConcurrency + - name: StaticInitializationInExtensions + - name: StatefulEp + - name: SimplifiableServiceRetrieving + - name: QuickFixGetFamilyNameViolation + - name: TokenSetInParserDefinition diff --git a/settings.gradle.kts b/settings.gradle.kts index 44dc8c709be..c0d7fd150e8 100644 --- a/settings.gradle.kts +++ b/settings.gradle.kts @@ -1,22 +1,47 @@ // Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 import kotlin.collections.ArrayDeque +import org.jetbrains.intellij.platform.gradle.extensions.intellijPlatform -pluginManagement { - repositories { - val codeArtifactUrl: Provider = providers.environmentVariable("CODEARTIFACT_URL") - val codeArtifactToken: Provider = providers.environmentVariable("CODEARTIFACT_AUTH_TOKEN") - if (codeArtifactUrl.isPresent && codeArtifactToken.isPresent) { - println("Using CodeArtifact proxy: ${codeArtifactUrl.get()}") - maven { - url = uri(codeArtifactUrl.get()) - credentials { - username = "aws" - password = codeArtifactToken.get() - } +val codeArtifactMavenRepo = fun RepositoryHandler.(): MavenArtifactRepository? { + val codeArtifactUrl: Provider = providers.environmentVariable("CODEARTIFACT_URL") + val codeArtifactToken: Provider = providers.environmentVariable("CODEARTIFACT_AUTH_TOKEN") + return if (codeArtifactUrl.isPresent && codeArtifactToken.isPresent) { + maven { + url = uri(codeArtifactUrl.get()) + credentials { + username = "aws" + password = codeArtifactToken.get() } } - gradlePluginPortal() + } else { + null + } +}.also { + pluginManagement { + repositories { + it() + gradlePluginPortal() + } + } +} + +plugins { + id("com.github.burrunan.s3-build-cache") version "1.5" + id("com.gradle.develocity") version "3.17.5" + id("org.jetbrains.intellij.platform.settings") version "2.0.0" +} + +dependencyResolutionManagement { + repositoriesMode = RepositoriesMode.FAIL_ON_PROJECT_REPOS + repositories { + codeArtifactMavenRepo() + mavenCentral() + + intellijPlatform { + defaultRepositories() + jetbrainsRuntime() + } } } @@ -48,11 +73,6 @@ if (regionEnv.isPresent && bucketEnv.isPresent && prefixEnv.isPresent) { } } -plugins { - id("com.gradle.develocity").version("3.17.5") - id("com.github.burrunan.s3-build-cache").version("1.5") -} - develocity { buildScan { // only publish with `--scan` argument diff --git a/ui-tests/build.gradle.kts b/ui-tests/build.gradle.kts index ee9ba1e1cac..dcbf681de03 100644 --- a/ui-tests/build.gradle.kts +++ b/ui-tests/build.gradle.kts @@ -7,10 +7,6 @@ import software.aws.toolkits.gradle.jacoco.RemoteCoverage.Companion.enableRemote val remoteRobotPort: String by project val ideProfileName: String by project -repositories { - maven { url = uri("https://cache-redirector.jetbrains.com/intellij-dependencies") } -} - plugins { id("toolkit-kotlin-conventions") id("toolkit-testing")