Updated to use a new context class

Author: kai-ion

src/aws-cpp-sdk-core/include/aws/core/auth/AWSCredentialsProvider.h

@@ -18,6 +18,8 @@
 #include <aws/core/auth/AWSCredentials.h>
 #include <aws/core/config/AWSProfileConfigLoader.h>
 #include <aws/core/client/RetryStrategy.h>
+#include <aws/core/client/UserAgent.h>
+#include <aws/core/utils/memory/stl/AWSSet.h>
 #include <memory>
 
 namespace Aws
@@ -30,6 +32,37 @@ namespace Aws
     }
     namespace Auth
     {
+        /**
+         * Context class for credential resolution that tracks features used during credential retrieval.
+         */
+        class AWS_CORE_API CredentialsResolutionContext
+        {
+        public:
+            // Default constructor - no features tracked
+            CredentialsResolutionContext() = default;
+
+            explicit CredentialsResolutionContext(Aws::Set<Aws::Client::UserAgentFeature> features)
+                : m_features(std::move(features)) {}
+            
+            /**
+             * Add a user agent feature to track credential usage.
+             */
+            void AddUserAgentFeature(Aws::Client::UserAgentFeature feature)
+            {
+                m_features.insert(feature);
+            }
+            
+            /**
+             * Get all tracked credential features.
+             */
+            const Aws::Set<Aws::Client::UserAgentFeature>& GetUserAgentFeatures() const
+            {
+                return m_features;
+            }
+
+        private:
+            Aws::Set<Aws::Client::UserAgentFeature> m_features;
+        };
         constexpr int REFRESH_THRESHOLD = 1000 * 60 * 5;
 
         constexpr int AWS_CREDENTIAL_PROVIDER_EXPIRATION_GRACE_PERIOD = 5 * 1000;
@@ -76,10 +109,10 @@ namespace Aws
             virtual AWSCredentials GetAWSCredentials() = 0;
 
             /**
-             * Interface that allows providers to modify the request during credential retrieval.
+             * Interface that allows providers to populate context during credential retrieval.
              */
-            virtual AWSCredentials GetAWSCredentials(Aws::AmazonWebServiceRequest& request) {
-                AWS_UNREFERENCED_PARAM(request);
+            virtual AWSCredentials GetAWSCredentials(CredentialsResolutionContext& context) {
+                AWS_UNREFERENCED_PARAM(context);
                 return GetAWSCredentials();
             }
 
@@ -156,9 +189,9 @@ namespace Aws
             AWSCredentials GetAWSCredentials() override;
 
             /**
-            * New interface that adds environment credential tracking to the request.
+            * Context-based interface that adds environment credential tracking.
             */
-            AWSCredentials GetAWSCredentials(Aws::AmazonWebServiceRequest& request) override;
+            AWSCredentials GetAWSCredentials(CredentialsResolutionContext& context) override;
         };
 
         /**

src/aws-cpp-sdk-core/include/aws/core/auth/AWSCredentialsProviderChain.h

@@ -32,9 +32,9 @@ namespace Aws
             /**
              * When a credentials provider in the chain returns empty credentials,
              * We go on to the next provider until we have either exhausted the installed providers in the chain or something returns non-empty credentials.
-             * This overload passes the request to providers for user agent feature tracking.
+             * This overload populates the context with credential tracking information.
              */
-            virtual AWSCredentials GetAWSCredentials(Aws::AmazonWebServiceRequest& request);
+            virtual AWSCredentials GetAWSCredentials(CredentialsResolutionContext& context);
 
             /**
              * Gets all providers stored in this chain.

src/aws-cpp-sdk-core/include/aws/core/auth/signer/AWSAuthV4Signer.h

@@ -27,8 +27,6 @@ namespace smithy
 
 namespace Aws
 {
-    class AmazonWebServiceRequest;
-    
     namespace Http
     {
         class HttpRequest;
@@ -38,6 +36,7 @@ namespace Aws
     {
         class AWSCredentials;
         class AWSCredentialsProvider;
+        class CredentialsResolutionContext;
 
         enum class AWSSigningAlgorithm
         {
@@ -143,14 +142,6 @@ namespace Aws
              * Using m_region by default if parameter region is nullptr.
              */
             bool SignRequest(Aws::Http::HttpRequest& request, const char* region, const char* serviceName, bool signBody) const override;
-
-            /**
-             * Uses AWS Auth V4 signing method with SHA256 HMAC algorithm. If signBody is false
-             * and https is being used then the body of the payload will not be signed.
-             * This overload passes the AWS request to the credentials provider for user agent feature tracking.
-             */
-            bool SignRequest(Aws::Http::HttpRequest& request, Aws::AmazonWebServiceRequest& awsRequest, const char* region, const char* serviceName, bool signBody) const override;
-
             /**
             * Takes a request and signs the URI based on the HttpMethod, URI and other info from the request.
             * the region the signer was initialized with will be used for the signature.
@@ -192,7 +183,7 @@ namespace Aws
 
             virtual Aws::Auth::AWSCredentials GetCredentials(const std::shared_ptr<Aws::Http::ServiceSpecificParameters> &serviceSpecificParameters) const;
 
-            virtual Aws::Auth::AWSCredentials GetCredentials(Aws::AmazonWebServiceRequest& awsRequest, const std::shared_ptr<Aws::Http::ServiceSpecificParameters> &serviceSpecificParameters) const;
+            virtual Aws::Auth::AWSCredentials GetCredentials(Aws::Auth::CredentialsResolutionContext& context, const std::shared_ptr<Aws::Http::ServiceSpecificParameters> &serviceSpecificParameters) const;
 
             Aws::String GetServiceName() const { return m_serviceName; }
             Aws::String GetRegion() const { return m_region; }
@@ -202,7 +193,7 @@ namespace Aws
 
         protected:
             virtual bool ServiceRequireUnsignedPayload(const Aws::String& serviceName) const;
-            void UpdateUserAgentWithCredentialFeatures(Aws::Http::HttpRequest& request, const Aws::AmazonWebServiceRequest& awsRequest) const;
+            void UpdateUserAgentWithCredentialFeatures(Aws::Http::HttpRequest& request, const Aws::Auth::CredentialsResolutionContext& context) const;
             bool m_includeSha256HashHeader;
 
         private:

src/aws-cpp-sdk-core/source/auth/AWSCredentialsProvider.cpp

@@ -108,11 +108,11 @@ AWSCredentials EnvironmentAWSCredentialsProvider::GetAWSCredentials()
     return credentials;
 }
 
-AWSCredentials EnvironmentAWSCredentialsProvider::GetAWSCredentials(Aws::AmazonWebServiceRequest& request)
+AWSCredentials EnvironmentAWSCredentialsProvider::GetAWSCredentials(CredentialsResolutionContext& context)
 {
     AWSCredentials credentials = GetAWSCredentials();
     if (!credentials.IsEmpty()) {
-        request.AddUserAgentFeature(Aws::Client::UserAgentFeature::CREDENTIALS_ENV_VARS);
+        context.AddUserAgentFeature(Aws::Client::UserAgentFeature::CREDENTIALS_ENV_VARS);
     }
     return credentials;
 }

src/aws-cpp-sdk-core/source/auth/AWSCredentialsProviderChain.cpp

@@ -41,11 +41,11 @@ AWSCredentials AWSCredentialsProviderChain::GetAWSCredentials()
     return AWSCredentials();
 }
 
-AWSCredentials AWSCredentialsProviderChain::GetAWSCredentials(Aws::AmazonWebServiceRequest& request)
+AWSCredentials AWSCredentialsProviderChain::GetAWSCredentials(CredentialsResolutionContext& context)
 {
     ReaderLockGuard lock(m_cachedProviderLock);
     if (m_cachedProvider) {
-      AWSCredentials credentials = m_cachedProvider->GetAWSCredentials(request);
+      AWSCredentials credentials = m_cachedProvider->GetAWSCredentials(context);
       if (!credentials.GetAWSAccessKeyId().empty() && !credentials.GetAWSSecretKey().empty())
       {
         return credentials;
@@ -54,7 +54,7 @@ AWSCredentials AWSCredentialsProviderChain::GetAWSCredentials(Aws::AmazonWebServ
     lock.UpgradeToWriterLock();
     for (auto&& credentialsProvider : m_providerChain)
     {
-        AWSCredentials credentials = credentialsProvider->GetAWSCredentials(request);
+        AWSCredentials credentials = credentialsProvider->GetAWSCredentials(context);
         if (!credentials.GetAWSAccessKeyId().empty() && !credentials.GetAWSSecretKey().empty())
         {
             m_cachedProvider = credentialsProvider;

src/aws-cpp-sdk-core/source/auth/signer/AWSAuthV4Signer.cpp

@@ -7,7 +7,6 @@
 #include <aws/core/auth/signer/AWSAuthSignerCommon.h>
 #include <aws/core/auth/signer/AWSAuthSignerHelper.h>
 
-#include <aws/core/AmazonWebServiceRequest.h>
 #include <aws/core/auth/AWSCredentialsProvider.h>
 #include <aws/core/client/UserAgent.h>
 #include <aws/core/http/HttpRequest.h>
@@ -27,7 +26,6 @@
 
 #include <iomanip>
 #include <cstring>
-#include <map>
 
 using namespace Aws;
 using namespace Aws::Client;
@@ -338,16 +336,11 @@ bool AWSAuthV4Signer::SignRequestWithCreds(Aws::Http::HttpRequest& request, cons
 
 bool AWSAuthV4Signer::SignRequest(Aws::Http::HttpRequest& request, const char* region, const char* serviceName, bool signBody) const
 {
-    AWSCredentials credentials = GetCredentials(request.GetServiceSpecificParameters());
-    return SignRequestWithCreds(request, credentials, region, serviceName, signBody);
-}
-
-bool AWSAuthV4Signer::SignRequest(Aws::Http::HttpRequest& request, Aws::AmazonWebServiceRequest& awsRequest, const char* region, const char* serviceName, bool signBody) const
-{
-    AWSCredentials credentials = GetCredentials(awsRequest, request.GetServiceSpecificParameters());
+    Aws::Auth::CredentialsResolutionContext context;
+    AWSCredentials credentials = GetCredentials(context, request.GetServiceSpecificParameters());
 
-    // Update User-Agent with credential tracking features added during credential resolution
-    UpdateUserAgentWithCredentialFeatures(request, awsRequest);
+    // Update User-Agent with credential tracking features from context
+    UpdateUserAgentWithCredentialFeatures(request, context);
 
     return SignRequestWithCreds(request, credentials, region, serviceName, signBody);
 }
@@ -609,17 +602,17 @@ Aws::Auth::AWSCredentials AWSAuthV4Signer::GetCredentials(const std::shared_ptr<
     return m_credentialsProvider->GetAWSCredentials();
 }
 
-Aws::Auth::AWSCredentials AWSAuthV4Signer::GetCredentials(Aws::AmazonWebServiceRequest& awsRequest, const std::shared_ptr<Aws::Http::ServiceSpecificParameters> &serviceSpecificParameters) const {
+Aws::Auth::AWSCredentials AWSAuthV4Signer::GetCredentials(Aws::Auth::CredentialsResolutionContext& context, const std::shared_ptr<Aws::Http::ServiceSpecificParameters> &serviceSpecificParameters) const {
     AWS_UNREFERENCED_PARAM(serviceSpecificParameters);
-    return m_credentialsProvider->GetAWSCredentials(awsRequest);
+    return m_credentialsProvider->GetAWSCredentials(context);
 }
 
-void AWSAuthV4Signer::UpdateUserAgentWithCredentialFeatures(Aws::Http::HttpRequest& request, const Aws::AmazonWebServiceRequest& awsRequest) const {
+void AWSAuthV4Signer::UpdateUserAgentWithCredentialFeatures(Aws::Http::HttpRequest& request, const Aws::Auth::CredentialsResolutionContext& context) const {
     if (!request.HasHeader(USER_AGENT)) {
         return;
     }
 
-    const auto& features = awsRequest.GetUserAgentFeatures();
+    const auto& features = context.GetUserAgentFeatures();
     if (features.empty()) {
         return;
     }
@@ -682,4 +675,4 @@ void AWSAuthV4Signer::UpdateUserAgentWithCredentialFeatures(Aws::Http::HttpReque
     }
 
     request.SetUserAgent(updatedUA.str());
-}
+}