diff --git a/backend/elasticsearch-aws/src/main/java/org/hibernate/search/backend/elasticsearch/aws/impl/AwsSigningRequestInterceptor.java b/backend/elasticsearch-aws/src/main/java/org/hibernate/search/backend/elasticsearch/aws/impl/AwsSigningRequestInterceptor.java index d8767030ae7..44c7bd6d37b 100644 --- a/backend/elasticsearch-aws/src/main/java/org/hibernate/search/backend/elasticsearch/aws/impl/AwsSigningRequestInterceptor.java +++ b/backend/elasticsearch-aws/src/main/java/org/hibernate/search/backend/elasticsearch/aws/impl/AwsSigningRequestInterceptor.java @@ -27,24 +27,24 @@ import org.apache.http.protocol.HttpCoreContext; import software.amazon.awssdk.auth.credentials.AwsCredentials; import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider; -import software.amazon.awssdk.auth.signer.Aws4Signer; -import software.amazon.awssdk.auth.signer.params.Aws4SignerParams; import software.amazon.awssdk.http.ContentStreamProvider; import software.amazon.awssdk.http.SdkHttpFullRequest; import software.amazon.awssdk.http.SdkHttpMethod; +import software.amazon.awssdk.http.auth.aws.signer.AwsV4HttpSigner; +import software.amazon.awssdk.http.auth.spi.signer.SignedRequest; import software.amazon.awssdk.regions.Region; class AwsSigningRequestInterceptor implements HttpRequestInterceptor { private static final Log log = LoggerFactory.make( Log.class, MethodHandles.lookup() ); - private final Aws4Signer signer; + private final AwsV4HttpSigner signer; private final Region region; private final String service; private final AwsCredentialsProvider credentialsProvider; AwsSigningRequestInterceptor(Region region, String service, AwsCredentialsProvider credentialsProvider) { - this.signer = Aws4Signer.create(); + this.signer = AwsV4HttpSigner.create(); this.region = region; this.service = service; this.credentialsProvider = credentialsProvider; @@ -68,18 +68,16 @@ private void sign(HttpRequest request, HttpContext context, HttpEntityContentStr AwsCredentials credentials = credentialsProvider.resolveCredentials(); log.tracef( "AWS credentials: %s", credentials ); - Aws4SignerParams signerParams = Aws4SignerParams.builder() - .awsCredentials( credentials ) - .signingRegion( region ) - .signingName( service ) - .build(); - - awsRequest = signer.sign( awsRequest, signerParams ); + SignedRequest signedRequest = signer.sign( r -> r.identity( credentials ) + .request( awsRequest ) + .payload( awsRequest.contentStreamProvider().orElse( null ) ) + .putProperty( AwsV4HttpSigner.SERVICE_SIGNING_NAME, service ) + .putProperty( AwsV4HttpSigner.REGION_NAME, region.id() ) ); // The AWS SDK added some headers. // Let's just override the existing headers with whatever the AWS SDK came up with. // We don't expect signing to affect anything else (path, query, content, ...). - for ( Map.Entry> header : awsRequest.headers().entrySet() ) { + for ( Map.Entry> header : signedRequest.request().headers().entrySet() ) { String name = header.getKey(); boolean first = true; for ( String value : header.getValue() ) { @@ -94,7 +92,7 @@ private void sign(HttpRequest request, HttpContext context, HttpEntityContentStr } if ( log.isTraceEnabled() ) { - log.tracef( "AWS request (after signing): %s", awsRequest ); + log.tracef( "AWS request (after signing): %s", signedRequest ); log.tracef( "HTTP request (after signing): %s", request ); } } diff --git a/build/parents/build/pom.xml b/build/parents/build/pom.xml index 06501ccd9c0..46ce07928db 100644 --- a/build/parents/build/pom.xml +++ b/build/parents/build/pom.xml @@ -81,7 +81,7 @@ https://opensearch.org/docs/${parsed-version.org.opensearch.compatible.main.majorVersion}.${parsed-version.org.opensearch.compatible.main.minorVersion} 2.11.0 - 2.25.2 + 2.26.4 2.17.1