[IMDS] Surface area review comments (#3681)

* Surface area review
- removed getters on client builder public interface
- rename MetadataResponse to Ec2MetadataResponse
- add builder-consumer for retry policy
- add DefaultSdkAsyncHttpClientBuilder and DefaultSdkHttpClientBuilder to client builders
- remove duplication in BaseEc2MetadataClient constructors
- TokenResponseHandler cleanup
- Updated ttl header logic if not found in response headers
- use SdkHttpClient.Builder in IMDS Client Builder interface
- Javadoc
- Async Http Request Handlers refactor
- add test for mutual exclusion of http client and http client builder in IMDS client builders
- dont retry on bad response format from server

Author: L-Applin

core/imds/src/main/java/software/amazon/awssdk/imds/Ec2MetadataAsyncClient.java

@@ -31,22 +31,27 @@
 public interface Ec2MetadataAsyncClient extends SdkAutoCloseable {
 
     /**
-     * Gets the specified instance metadata value by the given path.
+     * Gets the specified instance metadata value by the given path. For more information about instance metadata, check the
+     * <a href=https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html>Instance metadata documentation</a>.
      *
      * @param path Input path
      * @return A CompletableFuture that completes when the MetadataResponse is made available.
      */
-    CompletableFuture<MetadataResponse> get(String path);
+    CompletableFuture<Ec2MetadataResponse> get(String path);
 
     /**
      * Create an {@link Ec2MetadataAsyncClient} instance using the default values.
      *
-     * @return
+     * @return the client instance.
      */
     static Ec2MetadataAsyncClient create() {
         return builder().build();
     }
 
+    /**
+     * Creates a builder for an async client instance.
+     * @return the newly created builder instance.
+     */
     static Ec2MetadataAsyncClient.Builder builder() {
         return DefaultEc2MetadataAsyncClient.builder();
     }
@@ -84,5 +89,15 @@ interface Builder extends Ec2MetadataClientBuilder<Ec2MetadataAsyncClient.Builde
          * @return a reference to this builder
          */
         Builder httpClient(SdkAsyncHttpClient httpClient);
+
+        /**
+         * An http client builder used to retrieve an instance of an {@link SdkAsyncHttpClient}. If specified, the Ec2
+         * Metadata Client will use the instance returned by the builder and manage its lifetime by closing the http client
+         * once the Ec2 Client itself is closed.
+         *
+         * @param builder the builder to used to retrieve an instance.
+         * @return a reference to this builder
+         */
+        Builder httpClient(SdkAsyncHttpClient.Builder<?> builder);
     }
 }

core/imds/src/main/java/software/amazon/awssdk/imds/Ec2MetadataClient.java

@@ -30,14 +30,18 @@
 public interface Ec2MetadataClient extends SdkAutoCloseable {
 
     /**
-     * Gets the specified instance metadata value by the given path.
+     * Gets the specified instance metadata value by the given path. For more information about instance metadata, check the
+     * <a href=https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html>Instance metadata documentation</a>
+     *
      * @param path  Input path
      * @return Instance metadata value as part of MetadataResponse Object
      */
-    MetadataResponse get(String path);
+    Ec2MetadataResponse get(String path);
 
     /**
      * Create an {@link Ec2MetadataClient} instance using the default values.
+     *
+     * @return the client instance.
      */
     static Ec2MetadataClient create() {
         return builder().build();
@@ -69,6 +73,15 @@ interface Builder extends Ec2MetadataClientBuilder<Ec2MetadataClient.Builder, Ec
          */
         Builder httpClient(SdkHttpClient httpClient);
 
+        /**
+         * A http client builder used to retrieve an instance of an {@link SdkHttpClient}. If specified, the Ec2 Metadata Client
+         * will use the instance returned by the builder and manage its lifetime by closing the http client once the Ec2 Client
+         * itself is closed.
+         *
+         * @param builder the builder to used to retrieve an instance.
+         * @return a reference to this builder
+         */
+        Builder httpClient(SdkHttpClient.Builder<?> builder);
     }
 
 }

core/imds/src/main/java/software/amazon/awssdk/imds/Ec2MetadataClientBuilder.java

@@ -17,14 +17,15 @@
 
 import java.net.URI;
 import java.time.Duration;
+import java.util.function.Consumer;
 import software.amazon.awssdk.annotations.SdkPublicApi;
 import software.amazon.awssdk.core.retry.RetryMode;
 import software.amazon.awssdk.core.retry.backoff.BackoffStrategy;
 import software.amazon.awssdk.imds.internal.Ec2MetadataEndpointProvider;
 import software.amazon.awssdk.utils.builder.SdkBuilder;
 
 /**
- * Base shared builder interface for Ec2MetadataClient
+ * Base shared builder interface for Ec2MetadataClients, sync and async.
  * @param <B> the Builder Type
  * @param <T> the Ec2MetadataClient Type
  */
@@ -33,15 +34,30 @@ public interface Ec2MetadataClientBuilder<B, T> extends SdkBuilder<Ec2MetadataCl
     /**
      * Define the retry policy which includes the number of retry attempts for any failed request.
      * <p>
-     * If not specified, defaults to 3 retry attempts and a {@link BackoffStrategy#defaultStrategy()}  backoff strategy} that
-     * uses {@link RetryMode#STANDARD}
+     * If not specified, defaults to 3 retry attempts and a {@link BackoffStrategy#defaultStrategy()} backoff strategy} that
+     * uses {@link RetryMode#STANDARD}. Can be also specified by using the
+     * {@link Ec2MetadataClientBuilder#retryPolicy(Consumer)} method. if any of the retryPolicy methods are called multiple times,
+     * only the last invocation will be considered.
      *
      * @param retryPolicy The retry policy which includes the number of retry attempts for any failed request.
      * @return a reference to this builder
      */
     B retryPolicy(Ec2MetadataRetryPolicy retryPolicy);
 
-    Ec2MetadataRetryPolicy getRetryPolicy();
+    /**
+     * Define the retry policy which includes the number of retry attempts for any failed request. Can be used instead of
+     * {@link Ec2MetadataClientBuilder#retryPolicy(Ec2MetadataRetryPolicy)} to use a "fluent consumer" syntax. User
+     * <em>should not</em> manually build the builder in the consumer.
+     * <p>
+     * If not specified, defaults to 3 retry attempts and a {@link BackoffStrategy#defaultStrategy()} backoff strategy} that
+     * uses {@link RetryMode#STANDARD}. Can be also specified by using the
+     * {@link Ec2MetadataClientBuilder#retryPolicy(Ec2MetadataRetryPolicy)} method. if any of the retryPolicy methods are
+     * called multiple times, only the last invocation will be considered.
+     *
+     * @param builderConsumer the consumer
+     * @return a reference to this builder
+     */
+    B retryPolicy(Consumer<Ec2MetadataRetryPolicy.Builder> builderConsumer);
 
     /**
      * Define the endpoint of IMDS.
@@ -54,8 +70,6 @@ public interface Ec2MetadataClientBuilder<B, T> extends SdkBuilder<Ec2MetadataCl
      */
     B endpoint(URI endpoint);
 
-    URI getEndpoint();
-
     /**
      * Define the Time to live (TTL) of the token. The token represents a logical session. The TTL specifies the length of time
      * that the token is valid and, therefore, the duration of the session. Defaults to 21,600 seconds (6 hours) if not specified.
@@ -65,8 +79,6 @@ public interface Ec2MetadataClientBuilder<B, T> extends SdkBuilder<Ec2MetadataCl
      */
     B tokenTtl(Duration tokenTtl);
 
-    Duration getTokenTtl();
-
     /**
      * Define the endpoint mode of IMDS. Supported values include IPv4 and IPv6. Used to determine the endpoint of the IMDS
      * Client only if {@link Ec2MetadataClientBuilder#endpoint(URI)} is not specified. Only one of both endpoint or endpoint mode
@@ -80,7 +92,4 @@ public interface Ec2MetadataClientBuilder<B, T> extends SdkBuilder<Ec2MetadataCl
      */
     B endpointMode(EndpointMode endpointMode);
 
-    EndpointMode getEndpointMode();
-
-
 }

core/imds/src/main/java/software/amazon/awssdk/imds/MetadataResponse.java renamed to core/imds/src/main/java/software/amazon/awssdk/imds/Ec2MetadataResponse.java

@@ -28,28 +28,28 @@
 import software.amazon.awssdk.utils.Validate;
 
 /**
- * The class is used for response handling and parsing the metadata fetched by the get call in the {@link Ec2MetadataClient}
- * interface.
- * The class provides convenience methods to the users to parse the metadata as a String, List and Document.
+ * This class is used for response handling and parsing the metadata fetched by the get call in the {@link Ec2MetadataClient}
+ * interface. It provides convenience methods to the users to parse the metadata as a String and List. Also provides
+ * ways to parse the metadata as Document type if it is in the json format.
  */
 @SdkPublicApi
-public final class MetadataResponse {
+public final class Ec2MetadataResponse {
 
     private static final JsonNodeParser JSON_NODE_PARSER = JsonNode.parserBuilder().removeErrorLocations(true).build();
 
     private final String body;
 
-    private MetadataResponse(String body) {
+    private Ec2MetadataResponse(String body) {
         this.body = Validate.notNull(body, "Metadata is null");
     }
 
     /**
-     * Create a {@link MetadataResponse} with the given body as it's content.
+     * Create a {@link Ec2MetadataResponse} with the given body as it's content.
      * @param body the content of the response
-     * @return a {@link MetadataResponse} with the given body as it's content.
+     * @return a {@link Ec2MetadataResponse} with the given body as it's content.
      */
-    public static MetadataResponse create(String body) {
-        return new MetadataResponse(body);
+    public static Ec2MetadataResponse create(String body) {
+        return new Ec2MetadataResponse(body);
     }
 
     /**
@@ -86,7 +86,7 @@ public boolean equals(Object o) {
         if (o == null || getClass() != o.getClass()) {
             return false;
         }
-        MetadataResponse that = (MetadataResponse) o;
+        Ec2MetadataResponse that = (Ec2MetadataResponse) o;
         return body.equals(that.body);
     }
 

core/imds/src/main/java/software/amazon/awssdk/imds/Ec2MetadataRetryPolicy.java

@@ -38,7 +38,7 @@ public final class Ec2MetadataRetryPolicy implements ToCopyableBuilder<Ec2Metada
     private static final int DEFAULT_RETRY_ATTEMPTS = 3;
 
     private final BackoffStrategy backoffStrategy;
-    private final int numRetries;
+    private final Integer numRetries;
 
     private Ec2MetadataRetryPolicy(BuilderImpl builder) {
 
@@ -58,7 +58,7 @@ public boolean equals(Object obj) {
         }
         Ec2MetadataRetryPolicy ec2MetadataRetryPolicy = (Ec2MetadataRetryPolicy) obj;
 
-        if (numRetries != ec2MetadataRetryPolicy.numRetries) {
+        if (!Objects.equals(numRetries, ec2MetadataRetryPolicy.numRetries)) {
             return false;
         }
         return Objects.equals(backoffStrategy, ec2MetadataRetryPolicy.backoffStrategy);
@@ -122,8 +122,6 @@ public interface Builder extends CopyableBuilder<Ec2MetadataRetryPolicy.Builder,
          */
         Builder numRetries(Integer numRetries);
 
-        @Override
-        Ec2MetadataRetryPolicy build();
     }
 
     private static final class BuilderImpl implements Builder {

core/imds/src/main/java/software/amazon/awssdk/imds/internal/AsyncHttpRequestHelper.java

@@ -15,17 +15,25 @@
 
 package software.amazon.awssdk.imds.internal;
 
+import static software.amazon.awssdk.imds.internal.BaseEc2MetadataClient.uncheckedInputStreamToUtf8;
+import static software.amazon.awssdk.imds.internal.RequestMarshaller.EC2_METADATA_TOKEN_TTL_HEADER;
+
 import java.time.Duration;
+import java.util.Optional;
 import java.util.concurrent.CompletableFuture;
-import java.util.function.Consumer;
 import java.util.function.Function;
 import software.amazon.awssdk.annotations.SdkInternalApi;
+import software.amazon.awssdk.core.exception.RetryableException;
+import software.amazon.awssdk.core.exception.SdkClientException;
 import software.amazon.awssdk.core.http.HttpResponseHandler;
 import software.amazon.awssdk.core.interceptor.ExecutionAttributes;
 import software.amazon.awssdk.core.internal.http.TransformingAsyncResponseHandler;
 import software.amazon.awssdk.core.internal.http.async.AsyncResponseHandler;
 import software.amazon.awssdk.core.internal.http.async.SimpleHttpContentPublisher;
+import software.amazon.awssdk.http.AbortableInputStream;
+import software.amazon.awssdk.http.HttpStatusFamily;
 import software.amazon.awssdk.http.SdkHttpFullRequest;
+import software.amazon.awssdk.http.SdkHttpFullResponse;
 import software.amazon.awssdk.http.async.AsyncExecuteRequest;
 import software.amazon.awssdk.http.async.SdkAsyncHttpClient;
 import software.amazon.awssdk.http.async.SdkHttpContentPublisher;
@@ -41,28 +49,22 @@ private AsyncHttpRequestHelper() {
     public static CompletableFuture<String> sendAsyncMetadataRequest(SdkAsyncHttpClient httpClient,
                                                                      SdkHttpFullRequest baseRequest,
                                                                      CompletableFuture<?> parentFuture) {
-        StringResponseHandler stringResponseHandler = new StringResponseHandler();
-        return sendAsync(httpClient, baseRequest, stringResponseHandler, stringResponseHandler::setFuture, parentFuture);
+        return sendAsync(httpClient, baseRequest, AsyncHttpRequestHelper::handleResponse, parentFuture);
     }
 
-    public static CompletableFuture<Token> sendAsyncTokenRequest(Duration ttlSeconds,
-                                                                 SdkAsyncHttpClient httpClient,
+    public static CompletableFuture<Token> sendAsyncTokenRequest(SdkAsyncHttpClient httpClient,
                                                                  SdkHttpFullRequest baseRequest) {
-        TokenResponseHandler tokenResponseHandler = new TokenResponseHandler(ttlSeconds.getSeconds());
-        return sendAsync(httpClient, baseRequest, tokenResponseHandler, tokenResponseHandler::setFuture, null);
+        return sendAsync(httpClient, baseRequest, AsyncHttpRequestHelper::handleTokenResponse, null);
     }
 
-    static <T> CompletableFuture<T> sendAsync(SdkAsyncHttpClient client,
-                                              SdkHttpFullRequest request,
-                                              HttpResponseHandler<T> handler,
-                                              Consumer<CompletableFuture<T>> withFuture,
-                                              CompletableFuture<?> parentFuture) {
+    private static <T> CompletableFuture<T> sendAsync(SdkAsyncHttpClient client,
+                                                      SdkHttpFullRequest request,
+                                                      HttpResponseHandler<T> handler,
+                                                      CompletableFuture<?> parentFuture) {
         SdkHttpContentPublisher requestContentPublisher = new SimpleHttpContentPublisher(request);
-        TransformingAsyncResponseHandler<T> responseHandler = new AsyncResponseHandler<>(handler,
-                                                                                             Function.identity(),
-                                                                                             new ExecutionAttributes());
+        TransformingAsyncResponseHandler<T> responseHandler =
+            new AsyncResponseHandler<>(handler, Function.identity(), new ExecutionAttributes());
         CompletableFuture<T> responseHandlerFuture = responseHandler.prepare();
-        withFuture.accept(responseHandlerFuture);
         AsyncExecuteRequest metadataRequest = AsyncExecuteRequest.builder()
                                                                  .request(request)
                                                                  .requestContentPublisher(requestContentPublisher)
@@ -74,7 +76,39 @@ static <T> CompletableFuture<T> sendAsync(SdkAsyncHttpClient client,
             CompletableFutureUtils.forwardExceptionTo(parentFuture, responseHandlerFuture);
         }
         return responseHandlerFuture;
+    }
+
+    private static String handleResponse(SdkHttpFullResponse response, ExecutionAttributes executionAttributes) {
+        HttpStatusFamily statusCode = HttpStatusFamily.of(response.statusCode());
+        AbortableInputStream inputStream =
+            response.content().orElseThrow(() -> SdkClientException.create("Unexpected error: empty response content"));
+        String responseContent = uncheckedInputStreamToUtf8(inputStream);
+
+        // non-retryable error
+        if (statusCode.isOneOf(HttpStatusFamily.CLIENT_ERROR)) {
+            throw SdkClientException.builder().message(responseContent).build();
+        }
 
+        // retryable error
+        if (statusCode.isOneOf(HttpStatusFamily.SERVER_ERROR)) {
+            throw RetryableException.create(responseContent);
+        }
+        return responseContent;
     }
 
+    private static Token handleTokenResponse(SdkHttpFullResponse response, ExecutionAttributes executionAttributes) {
+        String tokenValue = handleResponse(response, executionAttributes);
+        Optional<String> ttl = response.firstMatchingHeader(EC2_METADATA_TOKEN_TTL_HEADER);
+
+        if (!ttl.isPresent()) {
+            throw SdkClientException.create(EC2_METADATA_TOKEN_TTL_HEADER + " header not found in token response");
+        }
+        try {
+            Duration ttlDuration = Duration.ofSeconds(Long.parseLong(ttl.get()));
+            return new Token(tokenValue, ttlDuration);
+        } catch (NumberFormatException nfe) {
+            throw SdkClientException.create(
+                "Invalid token format received from IMDS server. Token received:  " + tokenValue, nfe);
+        }
+    }
 }

core/imds/src/main/java/software/amazon/awssdk/imds/internal/BaseEc2MetadataClient.java

@@ -25,7 +25,6 @@
 import software.amazon.awssdk.core.retry.RetryPolicyContext;
 import software.amazon.awssdk.http.AbortableInputStream;
 import software.amazon.awssdk.http.SdkHttpConfigurationOption;
-import software.amazon.awssdk.imds.Ec2MetadataClientBuilder;
 import software.amazon.awssdk.imds.Ec2MetadataRetryPolicy;
 import software.amazon.awssdk.imds.EndpointMode;
 import software.amazon.awssdk.utils.AttributeMap;
@@ -50,16 +49,23 @@ public abstract class BaseEc2MetadataClient {
     protected final RequestMarshaller requestMarshaller;
     protected final Duration tokenTtl;
 
-    protected BaseEc2MetadataClient(Ec2MetadataClientBuilder<?, ?> builder) {
-        this.retryPolicy = Validate.getOrDefault(builder.getRetryPolicy(), Ec2MetadataRetryPolicy.builder()::build);
-        this.tokenTtl = Validate.getOrDefault(builder.getTokenTtl(), () -> DEFAULT_TOKEN_TTL);
-        this.endpoint = getEndpoint(builder);
+    private BaseEc2MetadataClient(Ec2MetadataRetryPolicy retryPolicy, Duration tokenTtl, URI endpoint,
+                                  EndpointMode endpointMode) {
+        this.retryPolicy = Validate.getOrDefault(retryPolicy, Ec2MetadataRetryPolicy.builder()::build);
+        this.tokenTtl = Validate.getOrDefault(tokenTtl, () -> DEFAULT_TOKEN_TTL);
+        this.endpoint = getEndpoint(endpoint, endpointMode);
         this.requestMarshaller = new RequestMarshaller(this.endpoint);
     }
 
-    private URI getEndpoint(Ec2MetadataClientBuilder<?, ?> builder) {
-        URI builderEndpoint = builder.getEndpoint();
-        EndpointMode builderEndpointMode = builder.getEndpointMode();
+    protected BaseEc2MetadataClient(DefaultEc2MetadataClient.Ec2MetadataBuilder builder) {
+        this(builder.getRetryPolicy(), builder.getTokenTtl(), builder.getEndpoint(), builder.getEndpointMode());
+    }
+
+    protected BaseEc2MetadataClient(DefaultEc2MetadataAsyncClient.Ec2MetadataAsyncBuilder builder) {
+        this(builder.getRetryPolicy(), builder.getTokenTtl(), builder.getEndpoint(), builder.getEndpointMode());
+    }
+
+    private URI getEndpoint(URI builderEndpoint, EndpointMode builderEndpointMode) {
         Validate.mutuallyExclusive("Only one of 'endpoint' or 'endpointMode' must be specified, but not both",
                                    builderEndpoint, builderEndpointMode);
         if (builderEndpoint != null) {