aws/endpoints: Workaround CloudHSMv2 signing name not modeled (#111)

Provides a endpoint customization as a workaround CloudHSMv2 not
modeling the service's signing name correctly. When the model is
eventually updated this change should be removed.

V2 port of aws/aws-sdk-go#1751

Author: jasdel

aws/endpoints/decode.go

@@ -4,6 +4,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
+	"os"
 
 	"github.com/aws/aws-sdk-go-v2/aws/awserr"
 )
@@ -84,11 +85,34 @@ func decodeV3Endpoints(modelDef modelDefinition, opts DecodeModelOptions) (*Reso
 		custAddEC2Metadata(p)
 		custAddS3DualStack(p)
 		custSetUnresolveServices(p)
+
+		custFixCloudHSMv2SigningName(p)
 	}
 
 	return &Resolver{partitions: ps}, nil
 }
 
+func custFixCloudHSMv2SigningName(p *partition) {
+	// Workaround for aws/aws-sdk-go#1745 until the endpoint model can be
+	// fixed upstream. TODO remove this once the endpoints model is updated.
+
+	s, ok := p.Services["cloudhsmv2"]
+	if !ok {
+		return
+	}
+
+	if len(s.Defaults.CredentialScope.Service) != 0 {
+		fmt.Fprintf(os.Stderr, "cloudhsmv2 signing name already set, ignoring override.\n")
+		// If the value is already set don't override
+		return
+	}
+
+	s.Defaults.CredentialScope.Service = "cloudhsm"
+	fmt.Fprintf(os.Stderr, "cloudhsmv2 signing name not set, overriding.\n")
+
+	p.Services["cloudhsmv2"] = s
+}
+
 func custAddS3DualStack(p *partition) {
 	if p.ID != "aws" {
 		return

aws/endpoints/decode_test.go

@@ -115,3 +115,126 @@ func TestDecodeModelOptionsSet(t *testing.T) {
 		t.Errorf("expect %v options got %v", expect, actual)
 	}
 }
+
+func TestDecode_CustFixCloudHSMv2SigningName(t *testing.T) {
+	cases := []struct {
+		Doc    string
+		Expect string
+	}{
+		{
+			Doc: `
+{
+  "version": 3,
+  "partitions": [
+    {
+      "defaults": {
+        "hostname": "{service}.{region}.{dnsSuffix}",
+        "protocols": [
+          "https"
+        ],
+        "signatureVersions": [
+          "v4"
+        ]
+      },
+      "dnsSuffix": "amazonaws.com",
+      "partition": "aws",
+      "partitionName": "AWS Standard",
+      "regionRegex": "^(us|eu|ap|sa|ca)\\-\\w+\\-\\d+$",
+      "regions": {
+        "ap-northeast-1": {
+          "description": "Asia Pacific (Tokyo)"
+        },
+        "us-east-1": {
+          "description": "US East (N. Virginia)"
+        }
+      },
+      "services": {
+        "cloudhsmv2": {
+          "endpoints": {
+             "us-east-1": {}
+          }
+        },
+        "s3": {
+          "endpoints": {
+             "ap-northeast-1": {}
+          }
+        }
+      }
+    }
+  ]
+}`,
+			Expect: "cloudhsm",
+		},
+		{
+			Doc: `
+{
+  "version": 3,
+  "partitions": [
+    {
+      "defaults": {
+        "hostname": "{service}.{region}.{dnsSuffix}",
+        "protocols": [
+          "https"
+        ],
+        "signatureVersions": [
+          "v4"
+        ]
+      },
+      "dnsSuffix": "amazonaws.com",
+      "partition": "aws",
+      "partitionName": "AWS Standard",
+      "regionRegex": "^(us|eu|ap|sa|ca)\\-\\w+\\-\\d+$",
+      "regions": {
+        "ap-northeast-1": {
+          "description": "Asia Pacific (Tokyo)"
+        },
+        "us-east-1": {
+          "description": "US East (N. Virginia)"
+        }
+      },
+      "services": {
+        "cloudhsmv2": {
+          "defaults": {
+             "credentialScope": {
+                 "service": "coolSigningName"
+             }
+          },
+          "endpoints": {
+			  "us-east-1": {}
+          }
+        },
+        "s3": {
+          "endpoints": {
+             "ap-northeast-1": {}
+          }
+        }
+      }
+    }
+  ]
+}`,
+			Expect: "coolSigningName",
+		},
+	}
+
+	for i, c := range cases {
+		resolver, err := DecodeModel(strings.NewReader(c.Doc))
+		if err != nil {
+			t.Fatalf("%d, expected no error, got %v", i, err)
+		}
+
+		p := resolver.partitions[0]
+		defaults := p.Services["cloudhsmv2"].Defaults
+		if e, a := c.Expect, defaults.CredentialScope.Service; e != a {
+			t.Errorf("%d, expect %v, got %v", i, e, a)
+		}
+
+		endpoint, err := resolver.ResolveEndpoint("cloudhsmv2", "us-east-1")
+		if err != nil {
+			t.Fatalf("%d, failed to resolve endpoint, %v", i, err)
+		}
+
+		if e, a := c.Expect, endpoint.SigningName; e != a {
+			t.Errorf("%d, expected %q go %q", i, e, a)
+		}
+	}
+}

aws/endpoints/defaults.go

@@ -0,0 +1,17 @@
+// +build integration
+
+//Package cloudhsmv2 provides gucumber integration tests support.
+package cloudhsmv2
+
+import (
+	"github.com/aws/aws-sdk-go-v2/internal/awstesting/integration"
+	_ "github.com/aws/aws-sdk-go-v2/internal/awstesting/integration/smoke"
+	"github.com/aws/aws-sdk-go-v2/service/cloudhsmv2"
+	"github.com/gucumber/gucumber"
+)
+
+func init() {
+	gucumber.Before("@cloudhsmv2", func() {
+		gucumber.World["client"] = cloudhsmv2.New(integration.Config())
+	})
+}

internal/awstesting/integration/smoke/cloudhsmv2/client.go

@@ -0,0 +1,7 @@
+# language: en
+@cloudhsmv2 @client
+Feature: Amazon CloudHSMv2
+
+  Scenario: Making a request
+    When I call the "DescribeBackups" API
+    Then the request should be successful