From 39532e4f960bf964f059f0f1d633829675e7f92b Mon Sep 17 00:00:00 2001
From: George Fu <kuhe@users.noreply.github.com>
Date: Fri, 6 Sep 2024 15:34:47 -0400
Subject: [PATCH] fix(codegen): use AWS SDK default credentials as sigv4
 default credentials (#6431)

---
 .../integration/AwsSdkCustomizeSigV4Auth.java   | 17 +++++++++++++++++
 .../src/clients/Weather.integ.spec.ts           |  8 ++++++++
 private/weather/package.json                    |  3 +++
 private/weather/src/runtimeConfig.browser.ts    |  1 +
 private/weather/src/runtimeConfig.ts            |  2 ++
 5 files changed, 31 insertions(+)

diff --git a/codegen/smithy-aws-typescript-codegen/src/main/java/software/amazon/smithy/aws/typescript/codegen/auth/http/integration/AwsSdkCustomizeSigV4Auth.java b/codegen/smithy-aws-typescript-codegen/src/main/java/software/amazon/smithy/aws/typescript/codegen/auth/http/integration/AwsSdkCustomizeSigV4Auth.java
index e2619fa15f31..156853ea1839 100644
--- a/codegen/smithy-aws-typescript-codegen/src/main/java/software/amazon/smithy/aws/typescript/codegen/auth/http/integration/AwsSdkCustomizeSigV4Auth.java
+++ b/codegen/smithy-aws-typescript-codegen/src/main/java/software/amazon/smithy/aws/typescript/codegen/auth/http/integration/AwsSdkCustomizeSigV4Auth.java
@@ -102,6 +102,11 @@ public Map<String, Consumer<TypeScriptWriter>> getRuntimeConfigWriters(
                         "credentialDefaultProvider", w ->
                             w.write("((_: unknown) => () => Promise.reject(new Error(\"Credential is missing\")))")
                     );
+                } else {
+                    return MapUtils.of(
+                        "credentials", w ->
+                            w.write("(() => () => Promise.reject(new Error(\"Credentials are missing\")))")
+                    );
                 }
             case NODE:
                 if (isAwsService(service)) {
@@ -133,6 +138,18 @@ public Map<String, Consumer<TypeScriptWriter>> getRuntimeConfigWriters(
                         );
                     }
                     return map;
+                } else {
+                    // isSigV4Service and !isAwsService are implied here.
+                    return MapUtils.of(
+                        "credentials", writer -> {
+                            writer
+                                .addDependency(AwsDependency.CREDENTIAL_PROVIDER_NODE)
+                                .addImport("defaultProvider", "credentialDefaultProvider",
+                                    AwsDependency.CREDENTIAL_PROVIDER_NODE)
+                                .write("credentialDefaultProvider()");
+                            AwsCredentialProviderUtils.addAwsCredentialProviderDependencies(service, writer);
+                        }
+                    );
                 }
             default:
                 return Collections.emptyMap();
diff --git a/private/aws-util-test/src/clients/Weather.integ.spec.ts b/private/aws-util-test/src/clients/Weather.integ.spec.ts
index 420808d5083d..9e45c8ab6b18 100644
--- a/private/aws-util-test/src/clients/Weather.integ.spec.ts
+++ b/private/aws-util-test/src/clients/Weather.integ.spec.ts
@@ -20,4 +20,12 @@ describe(Weather.name, () => {
 
     expect.hasAssertions();
   });
+
+  it("should be assigned a default credentials object for sigv4 auth", async () => {
+    const client = new Weather({
+      endpoint: "https://localhost",
+    });
+
+    expect(client.config.credentials).toBeDefined();
+  });
 });
diff --git a/private/weather/package.json b/private/weather/package.json
index cd76b251fd52..297c010c3f5a 100644
--- a/private/weather/package.json
+++ b/private/weather/package.json
@@ -19,7 +19,10 @@
   "dependencies": {
     "@aws-crypto/sha256-browser": "5.2.0",
     "@aws-crypto/sha256-js": "5.2.0",
+    "@aws-sdk/client-sso-oidc": "*",
+    "@aws-sdk/client-sts": "*",
     "@aws-sdk/core": "*",
+    "@aws-sdk/credential-provider-node": "*",
     "@aws-sdk/middleware-host-header": "*",
     "@aws-sdk/middleware-logger": "*",
     "@aws-sdk/middleware-recursion-detection": "*",
diff --git a/private/weather/src/runtimeConfig.browser.ts b/private/weather/src/runtimeConfig.browser.ts
index 88fee0b6cf93..6711b0d8dbbf 100644
--- a/private/weather/src/runtimeConfig.browser.ts
+++ b/private/weather/src/runtimeConfig.browser.ts
@@ -26,6 +26,7 @@ export const getRuntimeConfig = (config: WeatherClientConfig) => {
     runtime: "browser",
     defaultsMode,
     bodyLengthChecker: config?.bodyLengthChecker ?? calculateBodyLength,
+    credentials: config?.credentials ?? (() => () => Promise.reject(new Error("Credentials are missing"))),
     defaultUserAgentProvider:
       config?.defaultUserAgentProvider ?? defaultUserAgent({ clientVersion: packageInfo.version }),
     maxAttempts: config?.maxAttempts ?? DEFAULT_MAX_ATTEMPTS,
diff --git a/private/weather/src/runtimeConfig.ts b/private/weather/src/runtimeConfig.ts
index 561c3aab870c..91f1d1390e1b 100644
--- a/private/weather/src/runtimeConfig.ts
+++ b/private/weather/src/runtimeConfig.ts
@@ -2,6 +2,7 @@
 // @ts-ignore: package.json will be imported from dist folders
 import packageInfo from "../package.json"; // eslint-disable-line
 
+import { defaultProvider as credentialDefaultProvider } from "@aws-sdk/credential-provider-node";
 import { defaultUserAgent } from "@aws-sdk/util-user-agent-node";
 import { NODE_REGION_CONFIG_FILE_OPTIONS, NODE_REGION_CONFIG_OPTIONS } from "@smithy/config-resolver";
 import { Hash } from "@smithy/hash-node";
@@ -30,6 +31,7 @@ export const getRuntimeConfig = (config: WeatherClientConfig) => {
     runtime: "node",
     defaultsMode,
     bodyLengthChecker: config?.bodyLengthChecker ?? calculateBodyLength,
+    credentials: config?.credentials ?? credentialDefaultProvider(),
     defaultUserAgentProvider:
       config?.defaultUserAgentProvider ?? defaultUserAgent({ clientVersion: packageInfo.version }),
     maxAttempts: config?.maxAttempts ?? loadNodeConfig(NODE_MAX_ATTEMPT_CONFIG_OPTIONS),