Fixed for two unsigned cognito-identity operations.

Fixes #882.

CHANGELOG.md

@@ -1,6 +1,14 @@
 Unreleased Changes
 ------------------
 
+* Issue - Aws::CognitoIdentity - Six operations of `Aws::CognitoIdentity::Client`
+  were whitelisted to be unsigned when sent in version 2.1.9. Two of these
+  operations were incorrectly documented in the API reference and require
+  authentication. Fixed this and added integration tests to ensure they are
+  correctly signed.
+
+  See [related GitHub issue #882](https://github.com/aws/aws-sdk-ruby/issues/882).
+
 2.1.9 (2015-07-28)
 ------------------
 

aws-sdk-core/features/cognitoidentity/step_definitions.rb

@@ -4,3 +4,27 @@
 
 After("@cognitoidentity") do
 end
+
+Given(/^I have an Aws::CognitoIdenty::Client without credentials$/) do
+  @client = Aws::CognitoIdentity::Client.new(
+    credentials: nil,
+    validate_params: false
+  )
+  expect(@client.config.credentials).to be(nil)
+end
+
+When(/^I make a (\w+) request$/) do |operation|
+  begin
+    @client.send(Seahorse::Util.underscore(operation))
+  rescue => error
+    @error = error
+  end
+end
+
+Then(/^I should not receive an Aws::CognitoIdentity::Errors::MissingAuthenticationTokenException$/) do
+  expect(@error).not_to be_kind_of(Aws::CognitoIdentity::Errors::MissingAuthenticationTokenException)
+end
+
+Then(/^I should receive a missing credentials error$/) do
+  expect(@error).to be_kind_of(Aws::Errors::MissingCredentialsError)
+end

aws-sdk-core/features/cognitoidentity/unsigned_requests.feature

@@ -0,0 +1,37 @@
+# language: en
+@cognitoidentity @unsigned-requests
+Feature: Amazon Cognito Idenity
+
+  Scenario Outline: Unsigned requests
+    Given I have an Aws::CognitoIdenty::Client without credentials
+    When I make a <operation> request
+    Then I should not receive an Aws::CognitoIdentity::Errors::MissingAuthenticationTokenException
+
+    Examples:
+      | operation                 |
+      | GetCredentialsForIdentity |
+      | GetId                     |
+      | GetOpenIdToken            |
+      | UnlinkIdentity            |
+
+  Scenario Outline: Signed requests
+    Given I have an Aws::CognitoIdenty::Client without credentials
+    When I make a <operation> request
+    Then I should receive a missing credentials error
+
+    Examples:
+      | operation                          |
+      | CreateIdentityPool                 |
+      | DeleteIdentities                   |
+      | DeleteIdentityPool                 |
+      | DescribeIdentity                   |
+      | DescribeIdentityPool               |
+      | GetIdentityPoolRoles               |
+      | GetOpenIdTokenForDeveloperIdentity |
+      | ListIdentities                     |
+      | ListIdentityPools                  |
+      | LookupDeveloperIdentity            |
+      | MergeDeveloperIdentities           |
+      | SetIdentityPoolRoles               |
+      | UnlinkDeveloperIdentity            |
+      | UpdateIdentityPool                 |

aws-sdk-core/lib/aws-sdk-core/plugins/request_signer.rb

@@ -77,8 +77,6 @@ class Handler < Seahorse::Client::Handler
           GetCredentialsForIdentity
           GetId
           GetOpenIdToken
-          ListIdentityPools
-          UnlinkDeveloperIdentity
           UnlinkIdentity
         ))