feat: Add Java Interceptor (#31)

Co-authored-by: texastony <[email protected]>

Author: lavaleri

.github/workflows/ci_test_java.yml

@@ -1,4 +1,4 @@
-# This workflow performs tests in .NET.
+# This workflow performs tests in Java.
 name: Library Java tests
 
 on: 
@@ -15,6 +15,7 @@ jobs:
           StructuredEncryption,
           DynamoDbItemEncryptor,
           DynamoDbEncryptionMiddlewareInternal,
+          DynamoDbEncryption,
         ]
         java-version: [ 8, 11, 16, 17 ]
         os: [
@@ -33,9 +34,8 @@ jobs:
         uses: aws-actions/configure-aws-credentials@v1
         with:
           aws-region: us-west-2
-          # TODO: This role was manually created.
-          role-to-assume: arn:aws:iam::370957321024:role/DDBEC-Dafny-Private-CA-Read
-          role-session-name: JavaDDBECDafnyTests
+          role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2
+          role-session-name: DDBEC-Dafny-Java-Tests
 
       - uses: actions/checkout@v3
 
@@ -78,20 +78,6 @@ jobs:
           distribution: 'corretto'
           java-version: ${{ matrix.java-version }}
 
-      # Java DafnyRuntime is not published to maven,
-      # so manually download a nightly build for 3.10.0 and grab it from there.
-      - name: Locally Cache Java DafnyRuntime
-        run: |
-          wget https://github.com/dafny-lang/dafny/releases/download/nightly/dafny-nightly-2022-12-02-edab6cc-x64-osx-10.14.2.zip 
-          unzip dafny-nightly-2022-12-02-edab6cc-x64-osx-10.14.2.zip 
-          mvn install:install-file \
-          -Dfile=dafny/DafnyRuntime.jar \
-          -DgroupId=dafny.lang \
-          -DartifactId=DafnyRuntime \
-          -Dversion=3.10.0 \
-          -DgeneratePom=true \
-          -Dpackaging=jar
-
       - name: Build ${{ matrix.library }} implementation
         shell: bash
         working-directory: ./${{ matrix.library }}

.github/workflows/ci_test_net.yml

@@ -59,6 +59,13 @@ jobs:
         working-directory: ./${{ matrix.library }}
         run: make setup_net
 
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-region: us-west-2
+          role-to-assume: arn:aws:iam::370957321024:role/GitHub-CI-DDBEC-Dafny-Role-us-west-2
+          role-session-name: DDBEC-Dafny-Net-Tests
+
       - name: Compile ${{ matrix.library }} implementation
         shell: bash
         working-directory: ./${{ matrix.library }}

.gitignore

@@ -1,4 +1,6 @@
 .idea/*
+**/.idea/*
+**/*.iml
 .vscode/*
 *.sln?*
 **/.DS_Store

DynamoDbEncryption/Makefile

@@ -0,0 +1,24 @@
+# Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0
+
+ROOT_DIR:=$(shell dirname $(realpath $(firstword $(MAKEFILE_LIST))))
+DEPS_DIR:=$(ROOT_DIR)/../private-aws-encryption-sdk-dafny-staging
+
+build_java_dependencies:
+	$(MAKE) -C $(DEPS_DIR)/StandardLibrary mvn_local_deploy
+	$(MAKE) -C $(DEPS_DIR)/AwsCryptographyPrimitives mvn_local_deploy
+	$(MAKE) -C $(DEPS_DIR)/ComAmazonawsKms mvn_local_deploy
+	$(MAKE) -C $(DEPS_DIR)/ComAmazonawsDynamodb mvn_local_deploy
+	$(MAKE) -C $(DEPS_DIR)/AwsCryptographicMaterialProviders mvn_local_deploy
+	$(MAKE) -C $(ROOT_DIR)/../StructuredEncryption mvn_local_deploy
+	$(MAKE) -C $(ROOT_DIR)/../DynamoDbItemEncryptor mvn_local_deploy
+	$(MAKE) -C $(ROOT_DIR)/../DynamoDbEncryptionMiddlewareInternal mvn_local_deploy
+
+build_java: build_java_dependencies
+	gradle -p runtimes/java build
+
+mvn_local_deploy:
+	gradle -p runtimes/java publishToMavenLocal
+
+test_java:
+	gradle -p runtimes/java test

DynamoDbEncryption/runtimes/java/.gitattributes

@@ -0,0 +1,9 @@
+#
+# https://help.github.com/articles/dealing-with-line-endings/
+#
+# Linux start script should use lf
+/gradlew        text eol=lf
+
+# These are Windows script files and should use crlf
+*.bat           text eol=crlf
+

DynamoDbEncryption/runtimes/java/.gitignore

@@ -0,0 +1,16 @@
+# Ignore Gradle project-specific cache directory
+.gradle
+
+# JetBrains
+.idea/*
+*.iml
+
+# Ignore Gradle build output directory
+build
+
+# Mac OS X
+.DS_Store
+
+# Dafny Generated Java
+src/main/dafny-generated/
+src/test/dafny-generated/

DynamoDbEncryption/runtimes/java/build.gradle.kts

@@ -0,0 +1,91 @@
+import java.net.URI
+import javax.annotation.Nullable
+
+plugins {
+    `java`
+    `java-library`
+    `maven-publish`
+}
+
+group = "software.amazon.cryptography"
+version = "1.0-SNAPSHOT"
+description = "AwsCryptographyDynamoDbEncryption"
+
+java {
+    toolchain.languageVersion.set(JavaLanguageVersion.of(8))
+    sourceSets["main"].java {
+        srcDir("src/main/java")
+    }
+    sourceSets["test"].java {
+        srcDir("src/test")
+    }
+}
+
+var caUrl: URI? = null
+@Nullable
+val caUrlStr: String? = System.getenv("CODEARTIFACT_URL_JAVA_CONVERSION")
+if (!caUrlStr.isNullOrBlank()) {
+    caUrl = URI.create(caUrlStr)
+}
+
+var caPassword: String? = null
+@Nullable
+val caPasswordString: String? = System.getenv("CODEARTIFACT_AUTH_TOKEN")
+if (!caPasswordString.isNullOrBlank()) {
+    caPassword = caPasswordString
+}
+
+repositories {
+    mavenCentral()
+    mavenLocal()
+    if (caUrl != null && caPassword != null) {
+        maven {
+            name = "CodeArtifact"
+            url = caUrl!!
+            credentials {
+                username = "aws"
+                password = caPassword!!
+            }
+        }
+    }
+}
+
+dependencies {
+    implementation("dafny.lang:DafnyRuntime:3.10.0")
+    implementation("software.amazon.dafny:conversion:1.0-SNAPSHOT")
+    implementation("software.amazon.cryptography:StandardLibrary:1.0-SNAPSHOT")
+    implementation("software.amazon.cryptography:AwsCryptographyPrimitives:1.0-SNAPSHOT")
+    implementation("software.amazon.cryptography:AwsCryptographyDynamoDbItemEncryptor:1.0-SNAPSHOT")
+    implementation("software.amazon.cryptography:AwsCryptographyDynamoDbEncryptionMiddlewareInternal:1.0-SNAPSHOT")
+    implementation("software.amazon.cryptography:AwsCryptographyStructuredEncryption:1.0-SNAPSHOT")
+    implementation("software.amazon.cryptography:AwsCryptographicMaterialProviders:1.0-SNAPSHOT")
+    implementation("software.amazon.cryptography:ComAmazonawsDynamodb:1.0-SNAPSHOT")
+    implementation("software.amazon.cryptography:ComAmazonawsKms:1.0-SNAPSHOT")
+    implementation("com.amazonaws:aws-java-sdk:1.12.347")
+    implementation(platform("software.amazon.awssdk:bom:2.19.1"))
+    implementation("software.amazon.awssdk:dynamodb")
+    implementation("software.amazon.awssdk:dynamodb-enhanced")
+    implementation("software.amazon.awssdk:kms")
+    implementation("software.amazon.awssdk:core:2.19.1")
+    implementation("com.amazonaws:aws-dynamodb-encryption-java:2.0.3")
+
+    testImplementation("org.junit.jupiter:junit-jupiter-api:5.8.1")
+    testRuntimeOnly("org.junit.jupiter:junit-jupiter-engine:5.8.1")
+}
+
+tasks.test {
+    useJUnitPlatform()
+}
+
+publishing {
+    publications.create<MavenPublication>("maven") {
+        groupId = "software.amazon.cryptography"
+        artifactId = "AwsCryptographyDynamoDbEncryption"
+        from(components["java"])
+    }
+    repositories { mavenLocal() }
+}
+
+tasks.withType<JavaCompile>() {
+    options.encoding = "UTF-8"
+}

DynamoDbEncryption/runtimes/java/gradle/wrapper/gradle-wrapper.jar

@@ -0,0 +1,6 @@
+distributionBase=GRADLE_USER_HOME
+distributionPath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-7.6-bin.zip
+networkTimeout=10000
+zipStoreBase=GRADLE_USER_HOME
+zipStorePath=wrapper/dists