From 27ef646047f33dcee04c1744b9560bcce7e35ac0 Mon Sep 17 00:00:00 2001
From: yitingb <118219519+yitingb@users.noreply.github.com>
Date: Thu, 8 Aug 2024 21:38:29 -0700
Subject: [PATCH] chore(fips): update endpoint overwrite method (#435)
---
benchmark/pom.xml | 2 +-
pom.xml | 6 +++---
.../OfflineAuthenticationTest.java | 14 ++++++++++++--
.../auth/iot/GreengrassV2DataClientFactory.java | 15 ++++++++++++++-
4 files changed, 30 insertions(+), 7 deletions(-)
diff --git a/benchmark/pom.xml b/benchmark/pom.xml
index f74254be3..d438227f7 100644
--- a/benchmark/pom.xml
+++ b/benchmark/pom.xml
@@ -37,7 +37,7 @@
com.aws.greengrass
nucleus
- 2.6.0-SNAPSHOT
+ 2.13.0-SNAPSHOT
com.aws.greengrass
diff --git a/pom.xml b/pom.xml
index 24c478c34..f2fbec64c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@
software.amazon.awssdk
bom
- 2.17.81
+ 2.20.138
pom
import
@@ -73,13 +73,13 @@
com.aws.greengrass
nucleus
- 2.6.0-SNAPSHOT
+ 2.13.0-SNAPSHOT
provided
com.aws.greengrass
nucleus
- 2.6.0-SNAPSHOT
+ 2.13.0-SNAPSHOT
test-jar
test
diff --git a/src/integrationtests/java/com/aws/greengrass/integrationtests/certificateauthority/OfflineAuthenticationTest.java b/src/integrationtests/java/com/aws/greengrass/integrationtests/certificateauthority/OfflineAuthenticationTest.java
index 5a0f2142d..587931615 100644
--- a/src/integrationtests/java/com/aws/greengrass/integrationtests/certificateauthority/OfflineAuthenticationTest.java
+++ b/src/integrationtests/java/com/aws/greengrass/integrationtests/certificateauthority/OfflineAuthenticationTest.java
@@ -20,6 +20,7 @@
import com.aws.greengrass.clientdevices.auth.iot.NetworkStateFake;
import com.aws.greengrass.dependency.State;
import com.aws.greengrass.lifecyclemanager.Kernel;
+import com.aws.greengrass.mqttclient.MqttRequestException;
import com.aws.greengrass.mqttclient.spool.SpoolerStoreException;
import com.aws.greengrass.testcommons.testutilities.GGExtension;
@@ -46,6 +47,7 @@
import java.util.List;
import java.util.Optional;
import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import java.util.function.Supplier;
@@ -172,7 +174,8 @@ void GIVEN_clientDevice_WHEN_verifyingItsIdentity_THEN_pemStored(ExtensionContex
@Test
void GIVEN_clientConnectsWhileOnline_WHEN_offline_THEN_clientCanConnect(ExtensionContext context) throws Exception {
ignoreExceptionOfType(context, NoSuchFileException.class);
-
+ ignoreExceptionOfType(context, MqttRequestException.class);
+ ignoreExceptionOfType(context, ExecutionException.class);
// Given
network.goOnline();
@@ -198,7 +201,8 @@ void GIVEN_clientConnectsWhileOnline_WHEN_offline_THEN_clientCanConnect(Extensio
void GIVEN_clientConnectsWhileOnline_WHEN_offlineAndTtlExpired_THEN_clientCanNotConnect(ExtensionContext context)
throws Exception {
ignoreExceptionOfType(context, NoSuchFileException.class);
-
+ ignoreExceptionOfType(context, MqttRequestException.class);
+ ignoreExceptionOfType(context, ExecutionException.class);
// Given
network.goOnline();
Instant now = Instant.now();
@@ -230,6 +234,8 @@ void GIVEN_clientConnectsWhileOnline_WHEN_offlineAndTtlExpired_THEN_clientCanNot
void GIVEN_clientConnectsWhileOnline_WHEN_offlineAndCertificateRevoked_THEN_backOnlineAndClientRejected(
ExtensionContext context) throws Exception {
ignoreExceptionOfType(context, NoSuchFileException.class);
+ ignoreExceptionOfType(context, MqttRequestException.class);
+ ignoreExceptionOfType(context, ExecutionException.class);
// Given
network.goOnline();
@@ -260,6 +266,8 @@ void GIVEN_clientConnectsWhileOnline_WHEN_offlineAndCertificateRevoked_THEN_back
void GIVEN_clientConnectsWhileOnline_WHEN_offlineAndCertDetachedFromThing_THEN_backOnlineAndClientRejected(
ExtensionContext context) throws Exception {
ignoreExceptionOfType(context, NoSuchFileException.class);
+ ignoreExceptionOfType(context, MqttRequestException.class);
+ ignoreExceptionOfType(context, ExecutionException.class);
// Given
network.goOnline();
@@ -291,6 +299,8 @@ void GIVEN_clientConnectsWhileOnline_WHEN_storedPemIsCorrupted_THEN_clientCanSti
ExtensionContext context) throws Exception {
ignoreExceptionOfType(context, NoSuchFileException.class);
ignoreExceptionOfType(context, InvalidCertificateException.class);
+ ignoreExceptionOfType(context, MqttRequestException.class);
+ ignoreExceptionOfType(context, ExecutionException.class);
// Given
network.goOnline();
diff --git a/src/main/java/com/aws/greengrass/clientdevices/auth/iot/GreengrassV2DataClientFactory.java b/src/main/java/com/aws/greengrass/clientdevices/auth/iot/GreengrassV2DataClientFactory.java
index 42d57bf64..ceb3b4c33 100644
--- a/src/main/java/com/aws/greengrass/clientdevices/auth/iot/GreengrassV2DataClientFactory.java
+++ b/src/main/java/com/aws/greengrass/clientdevices/auth/iot/GreengrassV2DataClientFactory.java
@@ -13,12 +13,16 @@
import software.amazon.awssdk.auth.credentials.AnonymousCredentialsProvider;
import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration;
import software.amazon.awssdk.core.retry.RetryPolicy;
+import software.amazon.awssdk.endpoints.Endpoint;
import software.amazon.awssdk.http.apache.ApacheHttpClient;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.greengrassv2data.GreengrassV2DataClient;
import software.amazon.awssdk.services.greengrassv2data.GreengrassV2DataClientBuilder;
+import software.amazon.awssdk.services.greengrassv2data.endpoints.GreengrassV2DataEndpointParams;
+import software.amazon.awssdk.services.greengrassv2data.endpoints.GreengrassV2DataEndpointProvider;
import java.net.URI;
+import java.util.concurrent.CompletableFuture;
import javax.inject.Inject;
/**
@@ -51,14 +55,23 @@ public GreengrassV2DataClient getClient() throws DeviceConfigurationException {
String ggServiceEndpoint = ClientConfigurationUtils.getGreengrassServiceEndpoint(deviceConfiguration);
ApacheHttpClient.Builder httpClient = ClientConfigurationUtils.getConfiguredClientBuilder(deviceConfiguration);
+ GreengrassV2DataEndpointProvider endpointProvider = new GreengrassV2DataEndpointProvider() {
+ @Override
+ public CompletableFuture resolveEndpoint(GreengrassV2DataEndpointParams endpointParams) {
+ return CompletableFuture.supplyAsync(() -> Endpoint.builder()
+ .url(URI.create(ggServiceEndpoint))
+ .build());
+ }
+ };
+
GreengrassV2DataClientBuilder clientBuilder =
GreengrassV2DataClient.builder().credentialsProvider(AnonymousCredentialsProvider.create())
+ .endpointProvider(endpointProvider)
.httpClientBuilder(httpClient.useIdleConnectionReaper(false))
.overrideConfiguration(ClientOverrideConfiguration.builder()
.retryPolicy(RetryPolicy.none()).build());
clientBuilder.region(Region.of(awsRegion));
- clientBuilder.endpointOverride(URI.create(ggServiceEndpoint));
return clientBuilder.build();
}