-
Notifications
You must be signed in to change notification settings - Fork 124
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add AwsSigV4 signing functionality #279
Conversation
Signed-off-by: Harsha Vamsi Kalluri <[email protected]>
Signed-off-by: Harsha Vamsi Kalluri <[email protected]>
did we want to bump the minor version to reflect the new feature? https://github.com/opensearch-project/opensearch-js/blob/main/package.json#L14 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is so awesome! Thank you so much.
Might need to ping docs team to prepare themselves and then release this.
lib/AwsV4Signer.d.ts
Outdated
region: string; | ||
} | ||
|
||
export interface AwsV4SignerResponse { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: is Response
standard? If it is I'm cool with it but for me feels like Response for something that is happening pre-flight feels off
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Comment for nits and questions.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a great start! Haven't looked at the detailed implementation yet. Consider #187 (comment) and other comments in that issue.
My biggest ask is to refactor this in some kind of optional, namespaced module. This is vendor-specific code and thus I don't think it should be included by default in everybody's client usage. WDYT?
README.md
Outdated
}, | ||
}; | ||
|
||
var response = await client.indices.create({ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is identical to the samples above? Maybe we should break up the examples to specific sections (indexing, searching, AWS Sigv4 Signing...?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The reason why it lives in a separate code block is just because of the difference in the imports and the way the client is initialized. Because the signer needs credentials, it's an async call. Felt like maybe the two should be written separately.
My assumption was that this would go as a 2.x release instead of a 2.0.x? I could be wrong. Does it make sense to bump version here or a separate commit before the release? |
Signed-off-by: Harsha Vamsi Kalluri <[email protected]>
8f871b3
to
caf4d74
Compare
Signed-off-by: Harsha Vamsi Kalluri <[email protected]>
I agree with you. I've separated out the signer from the main injection point and users will have to require it explicitly to use it. |
Yes, if there are no breaking changes and only new features, this is 2.1 per semver. After release we should have incremented the patch version to 2.0.1. So please bump the version in package.json to 2.1.0 as part of this PR?
Here. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Excellent. I have some asks re:naming of classes/namespaces. Let's get that right since these are hard to change later?
Also license checker is complaining, I didn't look at the errors, needs to be 🍏.
README.md
Outdated
```javascript | ||
const endpoint = ""; // OpenSearch domain URL e.g. https://search-xxx.region.es.amazonaws.com | ||
const { Client } = require('@opensearch-project/opensearch'); | ||
const AwsV4Signer = require('@opensearch-project/opensearch/AwsV4Signer'); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think I'd want it to match above (must have) and be namespaced under aws
if possible (not sure that's the right thing to do here).
const { AwsSigv4Signer } = require ('@opensearch-project/opensearch/aws')
WDYT?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This sounds right. I fixed the namespace to allow this kind of import.
lib/aws/AwsV4Signer.d.ts
Outdated
import Connection from '../Connection'; | ||
import * as http from 'http'; | ||
|
||
interface AwsV4SignerOptions { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So technically this is "AwsSigv4". I think we should align with other implementations such as Aws::Sigv4::Signer
in Java and include "sig" and lowercase the "v", so AwsSigv4Signer...
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, let's have them be consistent. I renamed everything.
Signed-off-by: Harsha Vamsi Kalluri <[email protected]>
Signed-off-by: Harsha Vamsi Kalluri <[email protected]>
@dblock looks like Not sure what the course of action here is. |
README.md
Outdated
console.log(response.body); | ||
|
||
// Add a document to the index. | ||
var document = { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All of the examples here look very similar to the already existing ones. I see that initializing the client is different, can we provide may be just one example here so we don't duplicate all the test data?
Also, consider moving this to a USER_GUIDE since the number of examples is increasing, might make the README very long.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1, but I also think we can break this up in this PR or do it in another PR, so no hard ask from me. FYI I do like what they have done in the .NET client: https://github.com/opensearch-project/opensearch-net/blob/main/USER_GUIDE.md
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@VachaShah @dblock I've split the code snippets into a new USER_GUIDE. wdyt?
Add it to the list of approved licenses in package.json in this PR, while I go check with someone paid to say whether this is A-OK or not. |
package.json
Outdated
@@ -77,6 +88,8 @@ | |||
"xmlbuilder2": "^2.4.1" | |||
}, | |||
"dependencies": { | |||
"@aws-sdk/credential-provider-node": "^3.154.0", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So does this become a hard dependency for this package? Meaning if I am not doing AWS sigv4, am I still dragging this module in? Can it be avoided? Asking again because I'd like not to drag any vendor specific components in by default.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removed this dependency like I mentioned below. We are still depending on the aws4 library which we cannot do away(unless we want to re-write all of that implementation) if we want to support signing natively in the client.
Signed-off-by: Harsha Vamsi Kalluri <[email protected]>
Signed-off-by: Harsha Vamsi Kalluri <[email protected]>
Signed-off-by: Harsha Vamsi Kalluri <[email protected]>
I just realized that we do not need that package. A user should just get the credentials from his machine and pass them in as arguments. We don't need to deal with that license now. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I still have the question on whether we are now requiring vendor-specific aws4 for all scenarios and whether there's a way to avoid that? I've opened #288.
+Some nits.
USER_GUIDE.md
Outdated
}); | ||
``` | ||
|
||
## Initializing a Client with AWS SigV4 Signing |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit: To authenticate with the Amazon OpenSearch Service use AwsSigv4Signer
.
USER_GUIDE.md
Outdated
} | ||
``` | ||
|
||
## Creating an Index |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Pick one or the other in the headings?
a) "Create an Index", "Add a Document", "Delete ..."
b) "Creating an Index", "Adding a Document", "Deleting ..."
@harshavamsi Looks like you'll also need to rebase/resolve conflicts in README. I think this is almost done! |
Signed-off-by: Harsha Vamsi Kalluri <[email protected]>
Signed-off-by: rawpixel-vincent <[email protected]>
Signed-off-by: rawpixel-vincent <[email protected]>
Signed-off-by: rawpixel-vincent <[email protected]>
Signed-off-by: rawpixel-vincent <[email protected]>
Signed-off-by: rawpixel-vincent <[email protected]>
Signed-off-by: rawpixel-vincent <[email protected]>
@dblock @harshavamsi good for me 🎉 thank you for allowing me to contribute on this! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have some more asks around tests (I think matching file names is a must have), easy stuff.
USER_GUIDE.md
Outdated
// The Client will refresh the Credentials only when they are expired. | ||
// With AWS SDK V2, Credentials.refreshPromise is used when available to refresh the credentials. | ||
|
||
// Example with AWS SDK V3: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What's the default? Do I need to always implement getCredentials()
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes there is no default, getCredentials is required.
if not given an error is thrown, it's one of the test case.
I think the wording above make that clear, but it seems not, how can we update it to make it clear that getCredentials()
is required?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe we can provide a default version?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure what you mean, those two examples are not meant to be copy/pasted, although they would work in the majority of case if people do copy/paste them.
I've tried to make it clear in the comment above how getCredentials()
should be implemented.
I think it is good enough, although as discussed we can make it more clear by splitting the code example for v2 and v3.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
okay I got you, in my opinion giving a default is not the best idea as this is the kind of thing that should be thought out, and it could lead to confusion for consumer using different version of the sdk or just expecting this library to handle the credentials the way they think it should.
a default getCredentials() method could look very different between implementations and there would be good arguments for every implementation as why it should be the default.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
that would also mean adding aws-sdk as a peer-dependency / optional-dependency or something like that.. I think it's best to leave it to the users that implement it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree with @rawpixel-vincent . This allows the user to use the library and implementation of his choice. Looking at community driven implementations of sigv4 there are users using both types of implementations and aws sdk versions.
expired = true; | ||
} | ||
// AWS SDK V2, alternative to needsRefresh and expired. | ||
else if (currentCredentials.expireTime && currentCredentials.expireTime < new Date()) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
< or <=?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it's better to be strict in that case for the following reasons:
- previous library would renew the credentials on every requests as now we are refreshing the credentials only when needed
- this condition will probably never been triggered, issue is with the AWS.Credentials object definition that gives 3 different way to test if a Credentials object is expired
- mainly because under heavy load it's possible that between the time we check the credentials expiration and the time the request is made the Credentials would be expired, so although that condition seems strict, it isn't.
I think it's good like this, but if it's blocker, maybe we can think of exposing an option that gives that choice to the user
something like:
new Client(
...AwsSigV4({
...,
timeMarginBeforeRenewalMs: 1000 * 60
})
)
// then that condition would be something like
else if (currentCredentials.expireTime && currentCredentials.expireTime < new Date(Date.now() - (opts.timeMarginBeforeRenewalMs || 0)) {
fwiw, I'm good with the current implementation until proven it's an issue, some feedback from users would help to find out.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think we should bother with this unless we have some feedback from aws sdk V2 users.
From the aws docs this condition will not be triggered. But because the Credentials object gives those 3 props, for the sake of following the specs it makes sense to test all possible properties.
// AWS SDK V2, needsRefresh should be available.
else if (typeof currentCredentials.needsRefresh === 'function') {
expired = currentCredentials.needsRefresh();
}
// AWS SDK V2, alternative to needsRefresh.
else if (currentCredentials.expired === true) {
expired = true;
}
// AWS SDK V2, alternative to needsRefresh and expired.
else if (currentCredentials.expireTime && currentCredentials.expireTime < new Date()) {
expired = true;
}
If the Credentials object is consistent in aws sdk v2, Credentials.needsRefresh()
will always be used.
that point you made and my answer is still relevant for aws sdk v3, in v3 the Credentials object expose only Credentials.expiration
to test if the credentials are expired.
With a Credentials object from aws sdk V3, this is the only condition that will execute
// AWS SDK V3, Credentials.expiration is a Date object
else if (currentCredentials.expiration && currentCredentials.expiration < new Date()) {
expired = true;
}
fwiw, this is the full block that check if the credentials have expired (or haven't been acquired yet)
const currentCredentials = credentialsState.credentials;
let expired = false;
if (!currentCredentials) {
// Credentials haven't been acquired yet.
expired = true;
}
// AWS SDK V2, needsRefresh should be available.
else if (typeof currentCredentials.needsRefresh === 'function') {
expired = currentCredentials.needsRefresh();
}
// AWS SDK V2, alternative to needsRefresh.
else if (currentCredentials.expired === true) {
expired = true;
}
// AWS SDK V2, alternative to needsRefresh and expired.
else if (currentCredentials.expireTime && currentCredentials.expireTime < new Date()) {
expired = true;
}
// AWS SDK V3, Credentials.expiration is a Date object
else if (currentCredentials.expiration && currentCredentials.expiration < new Date()) {
expired = true;
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This explanation looks good to me. Looks like the built-in functions from the library can handle this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
@harshavamsi I wait for your feedback on the review from @dblock and then let me know if you want to address it or leave it to me 🙏🏻 |
Signed-off-by: Harsha Vamsi Kalluri <[email protected]>
@rawpixel-vincent @dblock I've made changes where you've requested them. I've addressed the comments as well. |
I merged this, great work! |
I opened #290 for a possible improvement. |
For the record, I got a confirmation that 0BSD was OK if we ever need it. |
@harshavamsi @dblock the tests are not running after they been moved to lib/aws see #294 |
The backport to
To backport manually, run these commands in your terminal: # Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add .worktrees/backport-1.x 1.x
# Navigate to the new working tree
cd .worktrees/backport-1.x
# Create a new branch
git switch --create backport/backport-279-to-1.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 70a26d36c9e0111753ba186f3aae34b1d2c3e712
# Push it to GitHub
git push --set-upstream origin backport/backport-279-to-1.x
# Go back to the original working tree
cd ../..
# Delete the working tree
git worktree remove .worktrees/backport-1.x Then, create a pull request where the |
* Add AwsSigV4 signing functionality Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Adlicense text to signer types Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Pulling aws signer into separate namespace Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Adding separate injection point for v4Signer Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Fix name spacing and bump version Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Typo in readme Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Adding 0BSD to allow license Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Split code snippets into USER GUIDE Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Remove un-used package and update license Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Fix language in user guide Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Add types to dev dependencies Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Update USER_GUIDE.md Co-authored-by: Graeme <[email protected]> Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * add credentials refresh options Signed-off-by: rawpixel-vincent <[email protected]> * fix AwsSigv4Signer type with Promise Signed-off-by: rawpixel-vincent <[email protected]> * remove JSDoc Signed-off-by: rawpixel-vincent <[email protected]> * update example usage Signed-off-by: rawpixel-vincent <[email protected]> * update credentials refresh strategy Signed-off-by: rawpixel-vincent <[email protected]> * update credentials refresh and expiration Signed-off-by: rawpixel-vincent <[email protected]> * fix types Signed-off-by: rawpixel-vincent <[email protected]> * add failure to refresh credentials test case Signed-off-by: rawpixel-vincent <[email protected]> * cleanup and comments Signed-off-by: rawpixel-vincent <[email protected]> * clarify code example in the docs Signed-off-by: rawpixel-vincent <[email protected]> * remove explicit async from code example Signed-off-by: rawpixel-vincent <[email protected]> * remove unused credentialsState.acquiredAt Signed-off-by: rawpixel-vincent <[email protected]> * Minor doc and misc fixes Signed-off-by: Harsha Vamsi Kalluri <[email protected]> Signed-off-by: Harsha Vamsi Kalluri <[email protected]> Signed-off-by: rawpixel-vincent <[email protected]> Co-authored-by: Graeme <[email protected]> Co-authored-by: rawpixel-vincent <[email protected]> (cherry picked from commit 70a26d3)
* Add AwsSigV4 signing functionality Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Adlicense text to signer types Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Pulling aws signer into separate namespace Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Adding separate injection point for v4Signer Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Fix name spacing and bump version Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Typo in readme Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Adding 0BSD to allow license Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Split code snippets into USER GUIDE Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Remove un-used package and update license Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Fix language in user guide Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Add types to dev dependencies Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Update USER_GUIDE.md Co-authored-by: Graeme <[email protected]> Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * add credentials refresh options Signed-off-by: rawpixel-vincent <[email protected]> * fix AwsSigv4Signer type with Promise Signed-off-by: rawpixel-vincent <[email protected]> * remove JSDoc Signed-off-by: rawpixel-vincent <[email protected]> * update example usage Signed-off-by: rawpixel-vincent <[email protected]> * update credentials refresh strategy Signed-off-by: rawpixel-vincent <[email protected]> * update credentials refresh and expiration Signed-off-by: rawpixel-vincent <[email protected]> * fix types Signed-off-by: rawpixel-vincent <[email protected]> * add failure to refresh credentials test case Signed-off-by: rawpixel-vincent <[email protected]> * cleanup and comments Signed-off-by: rawpixel-vincent <[email protected]> * clarify code example in the docs Signed-off-by: rawpixel-vincent <[email protected]> * remove explicit async from code example Signed-off-by: rawpixel-vincent <[email protected]> * remove unused credentialsState.acquiredAt Signed-off-by: rawpixel-vincent <[email protected]> * Minor doc and misc fixes Signed-off-by: Harsha Vamsi Kalluri <[email protected]> Signed-off-by: Harsha Vamsi Kalluri <[email protected]> Signed-off-by: rawpixel-vincent <[email protected]> Co-authored-by: Graeme <[email protected]> Co-authored-by: rawpixel-vincent <[email protected]> (cherry picked from commit 70a26d3)
* Add AwsSigV4 signing functionality Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Adlicense text to signer types Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Pulling aws signer into separate namespace Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Adding separate injection point for v4Signer Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Fix name spacing and bump version Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Typo in readme Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Adding 0BSD to allow license Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Split code snippets into USER GUIDE Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Remove un-used package and update license Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Fix language in user guide Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Add types to dev dependencies Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Update USER_GUIDE.md Co-authored-by: Graeme <[email protected]> Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * add credentials refresh options Signed-off-by: rawpixel-vincent <[email protected]> * fix AwsSigv4Signer type with Promise Signed-off-by: rawpixel-vincent <[email protected]> * remove JSDoc Signed-off-by: rawpixel-vincent <[email protected]> * update example usage Signed-off-by: rawpixel-vincent <[email protected]> * update credentials refresh strategy Signed-off-by: rawpixel-vincent <[email protected]> * update credentials refresh and expiration Signed-off-by: rawpixel-vincent <[email protected]> * fix types Signed-off-by: rawpixel-vincent <[email protected]> * add failure to refresh credentials test case Signed-off-by: rawpixel-vincent <[email protected]> * cleanup and comments Signed-off-by: rawpixel-vincent <[email protected]> * clarify code example in the docs Signed-off-by: rawpixel-vincent <[email protected]> * remove explicit async from code example Signed-off-by: rawpixel-vincent <[email protected]> * remove unused credentialsState.acquiredAt Signed-off-by: rawpixel-vincent <[email protected]> * Minor doc and misc fixes Signed-off-by: Harsha Vamsi Kalluri <[email protected]> Signed-off-by: Harsha Vamsi Kalluri <[email protected]> Signed-off-by: rawpixel-vincent <[email protected]> Co-authored-by: Graeme <[email protected]> Co-authored-by: rawpixel-vincent <[email protected]> (cherry picked from commit 70a26d3)
* Add AwsSigV4 signing functionality Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Adlicense text to signer types Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Pulling aws signer into separate namespace Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Adding separate injection point for v4Signer Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Fix name spacing and bump version Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Typo in readme Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Adding 0BSD to allow license Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Split code snippets into USER GUIDE Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Remove un-used package and update license Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Fix language in user guide Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Add types to dev dependencies Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Update USER_GUIDE.md Co-authored-by: Graeme <[email protected]> Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * add credentials refresh options Signed-off-by: rawpixel-vincent <[email protected]> * fix AwsSigv4Signer type with Promise Signed-off-by: rawpixel-vincent <[email protected]> * remove JSDoc Signed-off-by: rawpixel-vincent <[email protected]> * update example usage Signed-off-by: rawpixel-vincent <[email protected]> * update credentials refresh strategy Signed-off-by: rawpixel-vincent <[email protected]> * update credentials refresh and expiration Signed-off-by: rawpixel-vincent <[email protected]> * fix types Signed-off-by: rawpixel-vincent <[email protected]> * add failure to refresh credentials test case Signed-off-by: rawpixel-vincent <[email protected]> * cleanup and comments Signed-off-by: rawpixel-vincent <[email protected]> * clarify code example in the docs Signed-off-by: rawpixel-vincent <[email protected]> * remove explicit async from code example Signed-off-by: rawpixel-vincent <[email protected]> * remove unused credentialsState.acquiredAt Signed-off-by: rawpixel-vincent <[email protected]> * Minor doc and misc fixes Signed-off-by: Harsha Vamsi Kalluri <[email protected]> Signed-off-by: Harsha Vamsi Kalluri <[email protected]> Signed-off-by: rawpixel-vincent <[email protected]> Co-authored-by: Graeme <[email protected]> Co-authored-by: rawpixel-vincent <[email protected]> (cherry picked from commit 70a26d3)
* Add AwsSigV4 signing functionality Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Adlicense text to signer types Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Pulling aws signer into separate namespace Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Adding separate injection point for v4Signer Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Fix name spacing and bump version Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Typo in readme Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Adding 0BSD to allow license Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Split code snippets into USER GUIDE Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Remove un-used package and update license Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Fix language in user guide Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Add types to dev dependencies Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Update USER_GUIDE.md Co-authored-by: Graeme <[email protected]> Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * add credentials refresh options Signed-off-by: rawpixel-vincent <[email protected]> * fix AwsSigv4Signer type with Promise Signed-off-by: rawpixel-vincent <[email protected]> * remove JSDoc Signed-off-by: rawpixel-vincent <[email protected]> * update example usage Signed-off-by: rawpixel-vincent <[email protected]> * update credentials refresh strategy Signed-off-by: rawpixel-vincent <[email protected]> * update credentials refresh and expiration Signed-off-by: rawpixel-vincent <[email protected]> * fix types Signed-off-by: rawpixel-vincent <[email protected]> * add failure to refresh credentials test case Signed-off-by: rawpixel-vincent <[email protected]> * cleanup and comments Signed-off-by: rawpixel-vincent <[email protected]> * clarify code example in the docs Signed-off-by: rawpixel-vincent <[email protected]> * remove explicit async from code example Signed-off-by: rawpixel-vincent <[email protected]> * remove unused credentialsState.acquiredAt Signed-off-by: rawpixel-vincent <[email protected]> * Minor doc and misc fixes Signed-off-by: Harsha Vamsi Kalluri <[email protected]> Signed-off-by: Harsha Vamsi Kalluri <[email protected]> Signed-off-by: rawpixel-vincent <[email protected]> Co-authored-by: Graeme <[email protected]> Co-authored-by: rawpixel-vincent <[email protected]> (cherry picked from commit 70a26d3)
* Add AwsSigV4 signing functionality Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Adlicense text to signer types Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Pulling aws signer into separate namespace Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Adding separate injection point for v4Signer Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Fix name spacing and bump version Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Typo in readme Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Adding 0BSD to allow license Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Split code snippets into USER GUIDE Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Remove un-used package and update license Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Fix language in user guide Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Add types to dev dependencies Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * Update USER_GUIDE.md Co-authored-by: Graeme <[email protected]> Signed-off-by: Harsha Vamsi Kalluri <[email protected]> * add credentials refresh options Signed-off-by: rawpixel-vincent <[email protected]> * fix AwsSigv4Signer type with Promise Signed-off-by: rawpixel-vincent <[email protected]> * remove JSDoc Signed-off-by: rawpixel-vincent <[email protected]> * update example usage Signed-off-by: rawpixel-vincent <[email protected]> * update credentials refresh strategy Signed-off-by: rawpixel-vincent <[email protected]> * update credentials refresh and expiration Signed-off-by: rawpixel-vincent <[email protected]> * fix types Signed-off-by: rawpixel-vincent <[email protected]> * add failure to refresh credentials test case Signed-off-by: rawpixel-vincent <[email protected]> * cleanup and comments Signed-off-by: rawpixel-vincent <[email protected]> * clarify code example in the docs Signed-off-by: rawpixel-vincent <[email protected]> * remove explicit async from code example Signed-off-by: rawpixel-vincent <[email protected]> * remove unused credentialsState.acquiredAt Signed-off-by: rawpixel-vincent <[email protected]> * Minor doc and misc fixes Signed-off-by: Harsha Vamsi Kalluri <[email protected]> Signed-off-by: Harsha Vamsi Kalluri <[email protected]> Signed-off-by: rawpixel-vincent <[email protected]> Co-authored-by: Graeme <[email protected]> Co-authored-by: rawpixel-vincent <[email protected]> Signed-off-by: Miki <[email protected]>
* Manually sync CHANGELOG.md, release-drafter.yml, RELEASING.md, and USER_GUIDE.md * Version Bump: 2.3.0 (opensearch-project#546) * Upgrade and secure the backport workflow (opensearch-project#547) * Add serialization and deserialization of numerals larger than `Number.MAX_SAFE_INTEGER` (opensearch-project#544) * Add upgrading NPM to all workflows running older Node.js versions (opensearch-project#545) * Bump @types/node from 20.1.4 to 20.2.5 (opensearch-project#528) * Bump @aws-sdk/types from 3.329.0 to 3.341.0 (opensearch-project#527) * Bump ora from 6.3.0 to 6.3.1 (opensearch-project#524) * Bump node-fetch from 3.2.10 to 3.3.1 (opensearch-project#526) * Bump eslint from 8.39.0 to 8.41.0 (opensearch-project#525) * Bump @types/node from 18.16.0 to 20.1.4 (opensearch-project#518) * Bump xmlbuilder2 from 3.1.0 to 3.1.1 (opensearch-project#519) * Bump semver from 7.3.8 to 7.5.1 (opensearch-project#520) * Added timursaurus to MAINTAINERS.md (opensearch-project#517) * Bump @aws-sdk/types from 3.257.0 to 3.329.0 (opensearch-project#516) * Bump @babel/eslint-parser from 7.21.3 to 7.21.8 (opensearch-project#513) * Bump simple-git from 3.17.0 to 3.18.0 (opensearch-project#512) * Bump xmlbuilder2 from 3.0.2 to 3.1.0 (opensearch-project#503) * Bump eslint from 8.38.0 to 8.39.0 (opensearch-project#504) * Bump @types/node from 18.15.11 to 18.16.0 (opensearch-project#499) * Bump ora from 6.1.2 to 6.3.0 (opensearch-project#500) * Bump prettier from 2.8.7 to 2.8.8 (opensearch-project#501) * Implemented Docker Image caching for `integration-unreleased` workflow (opensearch-project#498) * [Bug] Fixed bundler.yml (opensearch-project#497) * Bumped Version 2.2.1 In preparation for release (opensearch-project#495) * Bump @types/node from 18.15.10 to 18.15.11 (opensearch-project#493) * Bump eslint from 8.33.0 to 8.38.0 (opensearch-project#494) * Bump rimraf from 4.4.0 to 5.0.0 (opensearch-project#492) * [CCI] feat: add missing createConnection type (opensearch-project#490) * Add Search guide (opensearch-project#489) * Create search guide (opensearch-project#488) * [CCI] Create advanced index actions guide (opensearch-project#483) * [CCI] Connection `request` method callback (opensearch-project#478) * feat: NotCompatibleError (opensearch-project#484) * Bump @babel/eslint-parser from 7.19.1 to 7.21.3 (opensearch-project#486) * Bump jsdoc from 4.0.0 to 4.0.2 (opensearch-project#485) * Bump prettier from 2.8.4 to 2.8.7 (opensearch-project#487) * Create document lifecycle guide (opensearch-project#481) * Create index lifecycle guide (opensearch-project#482) * Create bulk guide (opensearch-project#480) * [CCI] Create index_template guide (opensearch-project#479) * Bump split2 from 4.1.0 to 4.2.0 (opensearch-project#467) * Bump deepmerge from 4.3.0 to 4.3.1 (opensearch-project#468) * Bump @types/node from 18.15.3 to 18.15.10 (opensearch-project#462) * Bump eslint-config-prettier from 8.6.0 to 8.8.0 (opensearch-project#463) * [CCI] Update developerGuide regarding yarn troubleshoot steps (opensearch-project#456) * [CCI] Bump caniuse-lite from 1.0.30001249 to 1.0.30001469 (opensearch-project#459) * added the solution for the possible error during yarn installation on Windows OS (opensearch-project#453) * Fixed deprecation warnings (opensearch-project#446) * [CCI] Don't run tests on PRs with doc changes only (opensearch-project#441) * [CCI] Add pull request template (opensearch-project#440) * Bump @types/node from 17.0.45 to 18.15.3 (opensearch-project#448) * Bump simple-git from 3.16.0 to 3.17.0 (opensearch-project#447) * [CCI] Update Developer Guide (opensearch-project#436) * [CCI] Remove waitCluster in Integration Tests (opensearch-project#423) * Bump tsd from 0.25.0 to 0.27.0 (opensearch-project#431) * Bump rimraf from 4.1.1 to 4.4.0 (opensearch-project#432) * [CCI] doc: fix grammar (opensearch-project#427) * Fix deprecated folder mapping "./" in the "exports" field (opensearch-project#416) * [CCI] fix: pass required `data` argument to SerializationError class (opensearch-project#419) * Bump tap from 16.3.0 to 16.3.4 (opensearch-project#413) * [CCI] Refactor: Remove unnecessary `data` argument when invoking `OpenSearchClientError` (opensearch-project#421) * Bump deepmerge from 4.2.2 to 4.3.0 (opensearch-project#414) * Updated Maintainers list and changelogs (opensearch-project#409) * Downgraded @types/node to 17 from 18 due to breaking changes. (opensearch-project#405) * Bump aws4 from 1.11.0 to 1.12.0 (opensearch-project#406) * Bump prettier from 2.8.3 to 2.8.4 (opensearch-project#407) * Bump minimist from 1.2.7 to 1.2.8 (opensearch-project#388) * Bump tsd from 0.24.1 to 0.25.0 (opensearch-project#389) * Add missing types for AwsSigv4SignerOptions.service (opensearch-project#377) * Created untriaged issue workflow. (opensearch-project#386) Daniel (dB.) Doubrovkine* 2/14/23, 12:14 PM * Bump dezalgo from 1.0.3 to 1.0.4 (opensearch-project#383) * Bump simple-statistics from 7.7.0 to 7.8.3 (opensearch-project#384) * Bump eslint from 8.32.0 to 8.33.0 (opensearch-project#379) * Allow fields in BulkOperation to be optional (opensearch-project#378) * Bump @types/node from 18.11.18 to 18.11.19 (opensearch-project#380) * Bump ora from 5.4.1 to 6.1.2 (opensearch-project#376) * Bump @aws-sdk/types from 3.226.0 to 3.257.0 (opensearch-project#375) * Bump secure-json-parse from 2.4.0 to 2.7.0 (opensearch-project#369) * Bump simple-git from 3.15.1 to 3.16.0 (opensearch-project#373) * Updated user guide to include Amazon OpenSearch Serverless (opensearch-project#372) * Added Support for AOSS (opensearch-project#366) * Bump rimraf from 3.0.2 to 4.1.1 (opensearch-project#370) * Bump eslint-config-prettier from 8.5.0 to 8.6.0 (opensearch-project#368) * Bump hpagent from 0.1.2 to 1.2.0 (opensearch-project#361) * Bump eslint from 8.30.0 to 8.32.0 (opensearch-project#362) * Fixed missing namespace for API-PIT endpoints (opensearch-project#364) * Bump prettier from 2.7.1 to 2.8.3 (opensearch-project#363) * Ensure Dependabot PR workflow retriggers on label change (opensearch-project#360) * Added point in time APIs (opensearch-project#348) * Bump @types/node from 15.14.7 to 18.11.18 (opensearch-project#353) * Bump split2 from 3.2.2 to 4.1.0 (opensearch-project#354) * Bump json5 from 2.2.0 to 2.2.3 (opensearch-project#359) * Bump @aws-sdk/types from 3.190.0 to 3.226.0 (opensearch-project#355) * Updated MAINTAINERS.md to match recommended opensearch-project format. (opensearch-project#358) Daniel (dB.) Doubrovkine* 1/6/23, 8:36 AM * Bump minimist from 1.2.6 to 1.2.7 (opensearch-project#350) * Bump eslint from 7.32.0 to 8.30.0 (opensearch-project#346) * Bump eslint-plugin-prettier from 4.0.0 to 4.2.1 (opensearch-project#351) * Removed test artifacts from gh_pages workflow (opensearch-project#347) * Bump minimatch from 3.0.4 to 3.1.2 (opensearch-project#345) * Bump xmlbuilder2 from 2.4.1 to 3.0.2 (opensearch-project#321) * Implement JSDOC (opensearch-project#337) * Added skip-changelog label (opensearch-project#339) * Bumps simple-git from 3.4.0 to 3.15.0 (opensearch-project#341) * [FEATURE] Allow overriding the aws service identifier in AwsSigv4Signer (opensearch-project#333) * Add release details and bump the jenkins lib version (opensearch-project#319) * Bump Version from 2.1.0 to 2.1.1 (opensearch-project#318) * Bump semver from 7.3.7 to 7.3.8 (opensearch-project#313) * Add release workflows (opensearch-project#317) * issue opensearch-project#291 mutability of headers (opensearch-project#311) * Bump tsd from 0.22.0 to 0.24.1 (opensearch-project#312) * Add changelog and changelog verifier (opensearch-project#306) * Bump prettier from 2.6.2 to 2.7.1 (opensearch-project#310) * Bump @aws-sdk/types from 3.160.0 to 3.190.0 (opensearch-project#309) * Bump node-fetch from 2.6.7 to 3.2.10 (opensearch-project#281) * Update Maintainers List (opensearch-project#308) * Implemented Retry for OpenSearch Container (opensearch-project#304) * Feature/add default credentials provider (opensearch-project#295) * Fix new line problem between diffs (opensearch-project#302) * Removed Unused Variables (opensearch-project#301) * fix awssigv4signer.test.js tests not running (opensearch-project#294) * fix: support TS resolution for .mjs (opensearch-project#296) * Add AwsSigV4 signing functionality (opensearch-project#279) * Fix opensearch-project#253 Cannot read property 'then' of null in Transport.js issue. (opensearch-project#283) * Bump simple-git from 3.5.0 to 3.13.0 (opensearch-project#286) * Bump semver from 7.3.5 to 7.3.7 (opensearch-project#280) * Adds bulk example to README (opensearch-project#277) * Adding Dependabot configuration (opensearch-project#278) * Removing OpenDistro integration tests (opensearch-project#271) * Upgrade dependencies (opensearch-project#272) * fix: add missing memory circuit breaker options (opensearch-project#266) * feat: allow `doc` overwrite in `onDocument` (opensearch-project#263) * Adding link checker workflow (opensearch-project#262) * Using standardized templates from .github (opensearch-project#249) * Adding new OpenSearch versions and updating compatibility matrix (opensearch-project#257) Signed-off-by: Miki <[email protected]>
Signed-off-by: Harsha Vamsi Kalluri [email protected]
Description
Adds the ability to sign requests natively using awsSigV4. An example is given in the README on how to sign every request.
Issues Resolved
Fixes #252
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.