-
Notifications
You must be signed in to change notification settings - Fork 80
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat!: Flexible checksum v2 #1803
base: main
Are you sure you want to change the base?
Changes from all commits
452351a
5e736d2
780e3f3
8fba8dd
6922099
d1ec299
5206a1e
436757a
095890c
5e3a4b6
93264a4
d8038c0
798c31b
8ce4364
c6d69d2
efc500b
1fd98a4
696dc72
3aa8ac0
5eb46b3
a45ad36
7cf095e
2f61e67
92c45c9
472111a
b9b7f18
eabc32e
bebffb1
d6932b3
fe87cd8
7be0fbd
ccc77e0
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
// | ||
// Copyright Amazon.com Inc. or its affiliates. | ||
// All Rights Reserved. | ||
// | ||
// SPDX-License-Identifier: Apache-2.0 | ||
// | ||
|
||
import enum AWSSDKChecksums.AWSChecksumCalculationMode | ||
@_spi(FileBasedConfig) import AWSSDKCommon | ||
|
||
public enum AWSChecksumsConfig { | ||
static func requestChecksumCalculation( | ||
configValue: AWSChecksumCalculationMode?, | ||
profileName: String?, | ||
fileBasedConfig: FileBasedConfiguration | ||
) -> AWSChecksumCalculationMode { | ||
return FieldResolver( | ||
configValue: configValue, | ||
envVarName: "AWS_REQUEST_CHECKSUM_CALCULATION", | ||
configFieldName: "request_checksum_calculation", | ||
fileBasedConfig: fileBasedConfig, | ||
profileName: profileName, | ||
converter: { AWSChecksumCalculationMode(caseInsensitiveRawValue: $0) } | ||
).value ?? .whenSupported | ||
} | ||
|
||
static func responseChecksumValidation( | ||
configValue: AWSChecksumCalculationMode?, | ||
profileName: String?, | ||
fileBasedConfig: FileBasedConfiguration | ||
) -> AWSChecksumCalculationMode { | ||
return FieldResolver( | ||
configValue: configValue, | ||
envVarName: "AWS_RESPONSE_CHECKSUM_VALIDATION", | ||
configFieldName: "response_checksum_validation", | ||
fileBasedConfig: fileBasedConfig, | ||
profileName: profileName, | ||
converter: { AWSChecksumCalculationMode(caseInsensitiveRawValue: $0) } | ||
).value ?? .whenSupported | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -15,14 +15,15 @@ public struct FlexibleChecksumsResponseMiddleware<OperationStackInput, Operation | |
let CHECKSUM_HEADER_VALIDATION_PRIORITY_LIST: [String] = [ | ||
ChecksumAlgorithm.crc32c, | ||
.crc32, | ||
.crc64nvme, | ||
.sha1, | ||
.sha256 | ||
].sorted().map { $0.toString() } | ||
|
||
let validationMode: Bool | ||
let validationMode: String | ||
let priorityList: [String] | ||
|
||
public init(validationMode: Bool, priorityList: [String] = []) { | ||
public init(validationMode: String, priorityList: [String] = []) { | ||
self.validationMode = validationMode | ||
self.priorityList = !priorityList.isEmpty | ||
? withPriority(checksums: priorityList) | ||
|
@@ -31,13 +32,15 @@ public struct FlexibleChecksumsResponseMiddleware<OperationStackInput, Operation | |
|
||
private func validateChecksum(response: HTTPResponse, logger: any LogAgent, attributes: Context) async throws { | ||
// Exit if validation should not be performed | ||
if !validationMode { | ||
if validationMode != "ENABLED" && attributes.responseChecksumValidation == .whenRequired { | ||
logger.info("Checksum validation should not be performed! Skipping workflow...") | ||
return | ||
} | ||
|
||
let checksumHeaderIsPresent = priorityList.first { | ||
response.headers.value(for: "x-amz-checksum-\($0)") != nil | ||
response.headers.value(for: "x-amz-checksum-\($0)") != nil && | ||
// Checksum of checksums has "-#" at the end and should be ignored. | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. is this a new requirement? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Not necessarily a new requirement, it was just something that was left out from V1 SEP. S3 can return checksum of checksum, which ends with |
||
!(response.headers.value(for: "x-amz-checksum-\($0)")!.hasSuffix("-#")) | ||
} | ||
|
||
guard let checksumHeader = checksumHeaderIsPresent else { | ||
|
@@ -65,7 +68,8 @@ public struct FlexibleChecksumsResponseMiddleware<OperationStackInput, Operation | |
switch response.body { | ||
case .data(let data): | ||
guard let data else { | ||
throw ClientError.dataNotFound("Cannot calculate checksum of empty body!") | ||
logger.info("Response body is empty. Skipping response checksum validation...") | ||
return | ||
} | ||
|
||
let responseChecksumHasher = responseChecksum.createChecksum() | ||
|
@@ -87,7 +91,8 @@ public struct FlexibleChecksumsResponseMiddleware<OperationStackInput, Operation | |
attributes.httpResponse = response | ||
attributes.httpResponse?.body = validatingStream | ||
case .noStream: | ||
throw ClientError.dataNotFound("Cannot calculate the checksum of an empty body!") | ||
logger.info("Response body is empty. Skipping response checksum validation...") | ||
return | ||
} | ||
} | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
would be good to add comment strings explaining what these functions do / how theyre used