Merge branch 'aws:main' into main

README.md

@@ -115,7 +115,7 @@ See memory requirements for the latest release [here](https://aws.github.io/aws-
 
 #### AWS IoT Device Shadow
 
-The AWS IoT Device Shadow library enables you to store and retrieve the current state one or more shadows of every registered device. A device’s shadow is a persistent, virtual representation of your device that you can interact with from AWS IoT Core even if the device is offline. The device state is captured in its "shadow" is represented as a [JSON](https://www.json.org/) document. The device can send commands over MQTT to get, update and delete its latest state as well as receive notifications over MQTT about changes in its state. The device’s shadow(s) are uniquely identified by the name of the corresponding "thing", a representation of a specific device or logical entity on the AWS Cloud. See [Managing Devices with AWS IoT](https://docs.aws.amazon.com/iot/latest/developerguide/iot-thing-management.html) for more information on IoT "thing". This library supports named shadows, a feature of the AWS IoT Device Shadow service that allows you to create multiple shadows for a single IoT device. More details about AWS IoT Device Shadow can be found in [AWS IoT documentation](https://docs.aws.amazon.com/iot/latest/developerguide/iot-device-shadows.html).
+The [AWS IoT Device Shadow](https://github.com/aws/device-shadow-for-aws-iot-embedded-sdk) library enables you to store and retrieve the current state one or more shadows of every registered device. A device’s shadow is a persistent, virtual representation of your device that you can interact with from AWS IoT Core even if the device is offline. The device state is captured in its "shadow" is represented as a [JSON](https://www.json.org/) document. The device can send commands over MQTT to get, update and delete its latest state as well as receive notifications over MQTT about changes in its state. The device’s shadow(s) are uniquely identified by the name of the corresponding "thing", a representation of a specific device or logical entity on the AWS Cloud. See [Managing Devices with AWS IoT](https://docs.aws.amazon.com/iot/latest/developerguide/iot-thing-management.html) for more information on IoT "thing". This library supports named shadows, a feature of the AWS IoT Device Shadow service that allows you to create multiple shadows for a single IoT device. More details about AWS IoT Device Shadow can be found in [AWS IoT documentation](https://docs.aws.amazon.com/iot/latest/developerguide/iot-device-shadows.html).
 
 The AWS IoT Device Shadow library has no dependencies on additional libraries other than the standard C library. It also doesn’t have any platform dependencies, such as threading or synchronization. It can be used with any MQTT library and any JSON library (see [demos](demos/shadow) with coreMQTT and coreJSON).
 

demos/http/http_demo_s3_download/http_demo_s3_download.c

@@ -1524,20 +1524,19 @@ static bool getS3ObjectFileSize( size_t * pFileSize,
 /**
  * @brief Entry point of demo.
  *
- * This example, using a pre-signed URL,  resolves a S3 domain, establishes a
- * TCP connection, validates the server's certificate using the root CA
- * certificate defined in the config header, then finally performs a TLS
- * handshake with the HTTP server so that all communication is encrypted. After
- * which, the HTTP Client library API is used to download the S3 file (by
- * sending multiple GET requests, filling up the response buffer each time until
- * all parts are downloaded). If any request fails, an error code is returned.
+ * This example connects to AWS IoT Core Credential Provider, obtains temporary
+ * AWS credentials, resolves an S3 domain, establishes a TCP connection, validates
+ * the server's certificate using the root CA certificate defined in the config
+ * header, then finally performs a TLS handshake with the HTTP server so that all
+ * communication is encrypted. After which, the HTTP Client library API is used
+ * to download the S3 file (by sending multiple GET requests, filling up the
+ * response buffer each time until all parts are downloaded). If any request
+ * fails, an error code is returned.
  *
  * @note This example is single-threaded and uses statically allocated memory.
  *
- * @note This demo requires user-generated pre-signed URLs to be pasted into
- * demo_config.h. Please use the provided script "presigned_urls_gen.py"
- * (located in located in demos/http/common/src) to generate these URLs. For
- * detailed instructions, see the accompanied README.md.
+ * @note This demo requires the credential provider endpoint and role to be pasted
+ * into demo_config.h, along with the S3 bucket name, region and object key.
  *
  * @note If your file requires more than 99 range requests to S3 (depending on
  * the size of the file and the length specified in RANGE_REQUEST_LENGTH), your

demos/mqtt/mqtt_demo_mutual_auth/mqtt_demo_mutual_auth.c

@@ -241,15 +241,24 @@
 #define TRANSPORT_SEND_RECV_TIMEOUT_MS           ( 500 )
 
 /**
- * @brief The MQTT metrics string expected by AWS IoT.
+ * @brief The MQTT metrics parameters expected by AWS IoT.
  */
-#define METRICS_STRING                           "?SDK=" OS_NAME "&Version=" OS_VERSION "&Platform=" HARDWARE_PLATFORM_NAME "&MQTTLib=" MQTT_LIB
+#define METRICS_PARAMETERS                       "SDK=" OS_NAME "&Version=" OS_VERSION "&Platform=" HARDWARE_PLATFORM_NAME "&MQTTLib=" MQTT_LIB
+
+/**
+ * @brief The MQTT metrics string to be appended if #CLIENT_USERNAME doesn't contain parameter.
+ */
+#define METRICS_STRING                           "?" METRICS_PARAMETERS
 
 /**
  * @brief The length of the MQTT metrics string expected by AWS IoT.
  */
 #define METRICS_STRING_LENGTH                    ( ( uint16_t ) ( sizeof( METRICS_STRING ) - 1 ) )
 
+/**
+ * @brief The MQTT metrics string to be appended if #CLIENT_USERNAME contains parameters.
+ */
+#define METRICS_STRING_APPEND                    "&" METRICS_PARAMETERS
 
 #ifdef CLIENT_USERNAME
 
@@ -259,7 +268,16 @@
  * This is to support both metrics reporting and username/password based client
  * authentication by AWS IoT.
  */
-    #define CLIENT_USERNAME_WITH_METRICS    CLIENT_USERNAME METRICS_STRING
+    #define CLIENT_USERNAME_WITH_METRICS      CLIENT_USERNAME METRICS_STRING
+
+/**
+ * @brief Append the username with the metrics string if #CLIENT_USERNAME contains parameter.
+ *
+ * #CLIENT_USERNAME can be appended with extra parameters like authorizer, token
+ * and signature. Use the #METRICS_STRING_APPEND if parameters are already appended
+ * in #CLIENT_USERNAME.
+ */
+    #define CLIENT_USERNAME_APPEND_METRICS    CLIENT_USERNAME METRICS_STRING_APPEND
 #endif
 
 /**
@@ -1105,6 +1123,10 @@ static int establishMqttSession( MQTTContext_t * pMqttContext,
     MQTTStatus_t mqttStatus;
     MQTTConnectInfo_t connectInfo = { 0 };
 
+    #ifdef CLIENT_USERNAME
+        void * pMemchrPtr;
+    #endif
+
     assert( pMqttContext != NULL );
     assert( pSessionPresent != NULL );
 
@@ -1147,11 +1169,22 @@ static int establishMqttSession( MQTTContext_t * pMqttContext,
      * the metrics string is appended to the username to support both client
      * authentication and metrics collection. */
     #ifdef CLIENT_USERNAME
-        connectInfo.pUserName = CLIENT_USERNAME_WITH_METRICS;
-        connectInfo.userNameLength = strlen( CLIENT_USERNAME_WITH_METRICS );
+        pMemchrPtr = memchr( CLIENT_USERNAME, '?', strlen( CLIENT_USERNAME ) );
+
+        if( pMemchrPtr != NULL )
+        {
+            connectInfo.pUserName = CLIENT_USERNAME_APPEND_METRICS;
+            connectInfo.userNameLength = strlen( CLIENT_USERNAME_APPEND_METRICS );
+        }
+        else
+        {
+            connectInfo.pUserName = CLIENT_USERNAME_WITH_METRICS;
+            connectInfo.userNameLength = strlen( CLIENT_USERNAME_WITH_METRICS );
+        }
+
         connectInfo.pPassword = CLIENT_PASSWORD;
         connectInfo.passwordLength = strlen( CLIENT_PASSWORD );
-    #else
+    #else /* ifdef CLIENT_USERNAME */
         connectInfo.pUserName = METRICS_STRING;
         connectInfo.userNameLength = METRICS_STRING_LENGTH;
         /* Password for authentication is not used. */