aws
diff --git a/‎.changes/2.10.88.json
Lines changed: 21 additions & 0 deletions b/‎.changes/2.10.88.json
Lines changed: 21 additions & 0 deletions
diff --git a/‎CHANGELOG.md
Lines changed: 12 additions & 0 deletions b/‎CHANGELOG.md
Lines changed: 12 additions & 0 deletions
diff --git a/‎README.md
Lines changed: 4 additions & 4 deletions b/‎README.md
Lines changed: 4 additions & 4 deletions
diff --git a/‎aws-sdk-java/pom.xml
Lines changed: 1 addition & 1 deletion b/‎aws-sdk-java/pom.xml
Lines changed: 1 addition & 1 deletion
diff --git a/‎bom-internal/pom.xml
Lines changed: 1 addition & 1 deletion b/‎bom-internal/pom.xml
Lines changed: 1 addition & 1 deletion
diff --git a/‎bom/pom.xml
Lines changed: 1 addition & 1 deletion b/‎bom/pom.xml
Lines changed: 1 addition & 1 deletion
diff --git a/‎bundle/pom.xml
Lines changed: 1 addition & 1 deletion b/‎bundle/pom.xml
Lines changed: 1 addition & 1 deletion
diff --git a/‎codegen-lite-maven-plugin/pom.xml
Lines changed: 1 addition & 1 deletion b/‎codegen-lite-maven-plugin/pom.xml
Lines changed: 1 addition & 1 deletion
diff --git a/‎codegen-lite/pom.xml
Lines changed: 1 addition & 1 deletion b/‎codegen-lite/pom.xml
Lines changed: 1 addition & 1 deletion
diff --git a/‎codegen-maven-plugin/pom.xml
Lines changed: 1 addition & 1 deletion b/‎codegen-maven-plugin/pom.xml
Lines changed: 1 addition & 1 deletion
diff --git a/‎codegen/pom.xml
Lines changed: 1 addition & 1 deletion b/‎codegen/pom.xml
Lines changed: 1 addition & 1 deletion
diff --git a/‎core/annotations/pom.xml
Lines changed: 1 addition & 1 deletion b/‎core/annotations/pom.xml
Lines changed: 1 addition & 1 deletion
diff --git a/‎core/arns/pom.xml
Lines changed: 1 addition & 1 deletion b/‎core/arns/pom.xml
Lines changed: 1 addition & 1 deletion
diff --git a/‎core/auth/pom.xml
Lines changed: 1 addition & 1 deletion b/‎core/auth/pom.xml
Lines changed: 1 addition & 1 deletion
diff --git a/‎core/auth/src/main/java/software/amazon/awssdk/auth/signer/internal/AbstractAws4Signer.java
Lines changed: 19 additions & 20 deletions b/‎core/auth/src/main/java/software/amazon/awssdk/auth/signer/internal/AbstractAws4Signer.java
Lines changed: 19 additions & 20 deletions
diff --git a/‎core/auth/src/main/java/software/amazon/awssdk/auth/signer/internal/BaseAsyncAws4Signer.java
Lines changed: 1 addition & 6 deletions b/‎core/auth/src/main/java/software/amazon/awssdk/auth/signer/internal/BaseAsyncAws4Signer.java
Lines changed: 1 addition & 6 deletions
diff --git a/‎core/auth/src/main/java/software/amazon/awssdk/auth/signer/internal/BaseEventStreamAsyncAws4Signer.java
Lines changed: 18 additions & 9 deletions b/‎core/auth/src/main/java/software/amazon/awssdk/auth/signer/internal/BaseEventStreamAsyncAws4Signer.java
Lines changed: 18 additions & 9 deletions
diff --git a/‎core/auth/src/main/java/software/amazon/awssdk/auth/signer/internal/SignerKey.java
Lines changed: 9 additions & 11 deletions b/‎core/auth/src/main/java/software/amazon/awssdk/auth/signer/internal/SignerKey.java
Lines changed: 9 additions & 11 deletions
@@ -0,0 +1,21 @@
+{
+    "version": "2.10.88",
+    "date": "2020-03-17",
+    "entries": [
+        {
+            "type": "feature",
+            "category": "AWS Elemental MediaConvert",
+            "description": "AWS Elemental MediaConvert SDK has added support for: AV1 encoding in File Group MP4, DASH and CMAF DASH outputs; PCM/WAV audio output in MPEG2-TS containers; and Opus audio in Webm inputs."
+        },
+        {
+            "type": "feature",
+            "category": "AWS SDK for Java v2",
+            "description": "Updated service endpoint metadata."
+        },
+        {
+            "type": "bugfix",
+            "category": "AWS SDK for Java v2",
+            "description": "Fix an issue where the signing key is created only once at the start of the request for event streaming requests. This causes requests that span two or more days to have signing errors once the date changes because the signing key was derived only once using the date at the beginning of the request."
+        }
+    ]
+}
@@ -1,3 +1,15 @@
+# __2.10.88__ __2020-03-17__
+## __AWS Elemental MediaConvert__
+  - ### Features
+    - AWS Elemental MediaConvert SDK has added support for: AV1 encoding in File Group MP4, DASH and CMAF DASH outputs; PCM/WAV audio output in MPEG2-TS containers; and Opus audio in Webm inputs.
+
+## __AWS SDK for Java v2__
+  - ### Features
+    - Updated service endpoint metadata.
+
+  - ### Bugfixes
+    - Fix an issue where the signing key is created only once at the start of the request for event streaming requests. This causes requests that span two or more days to have signing errors once the date changes because the signing key was derived only once using the date at the beginning of the request.
+
 # __2.10.87__ __2020-03-16__
 ## __AWS S3 Control__
   - ### Features
 
@@ -48,7 +48,7 @@ To automatically manage module versions (currently all modules have the same ver
     <dependency>
       <groupId>software.amazon.awssdk</groupId>
       <artifactId>bom</artifactId>
-      <version>2.10.87</version>
+      <version>2.10.88</version>
       <type>pom</type>
       <scope>import</scope>
     </dependency>
@@ -82,12 +82,12 @@ Alternatively you can add dependencies for the specific services you use only:
 <dependency>
   <groupId>software.amazon.awssdk</groupId>
   <artifactId>ec2</artifactId>
-  <version>2.10.87</version>
+  <version>2.10.88</version>
 </dependency>
 <dependency>
   <groupId>software.amazon.awssdk</groupId>
   <artifactId>s3</artifactId>
-  <version>2.10.87</version>
+  <version>2.10.88</version>
 </dependency>
 ```
 
@@ -99,7 +99,7 @@ You can import the whole SDK into your project (includes *ALL* services). Please
 <dependency>
   <groupId>software.amazon.awssdk</groupId>
   <artifactId>aws-sdk-java</artifactId>
-  <version>2.10.87</version>
+  <version>2.10.88</version>
 </dependency>
 ```
 
 
@@ -19,7 +19,7 @@
     <parent>
         <groupId>software.amazon.awssdk</groupId>
         <artifactId>aws-sdk-java-pom</artifactId>
-        <version>2.10.87</version>
+        <version>2.10.88</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <artifactId>aws-sdk-java</artifactId>
 
@@ -20,7 +20,7 @@
     <parent>
         <artifactId>aws-sdk-java-pom</artifactId>
         <groupId>software.amazon.awssdk</groupId>
-        <version>2.10.87</version>
+        <version>2.10.88</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 
 
@@ -19,7 +19,7 @@
     <parent>
         <groupId>software.amazon.awssdk</groupId>
         <artifactId>aws-sdk-java-pom</artifactId>
-        <version>2.10.87</version>
+        <version>2.10.88</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <artifactId>bom</artifactId>
 
@@ -21,7 +21,7 @@
     <parent>
         <groupId>software.amazon.awssdk</groupId>
         <artifactId>aws-sdk-java-pom</artifactId>
-        <version>2.10.87</version>
+        <version>2.10.88</version>
     </parent>
     <artifactId>bundle</artifactId>
     <packaging>jar</packaging>
 
@@ -22,7 +22,7 @@
     <parent>
         <groupId>software.amazon.awssdk</groupId>
         <artifactId>aws-sdk-java-pom</artifactId>
-        <version>2.10.87</version>
+        <version>2.10.88</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <artifactId>codegen-lite-maven-plugin</artifactId>
 
@@ -21,7 +21,7 @@
     <parent>
         <groupId>software.amazon.awssdk</groupId>
         <artifactId>aws-sdk-java-pom</artifactId>
-        <version>2.10.87</version>
+        <version>2.10.88</version>
     </parent>
     <artifactId>codegen-lite</artifactId>
     <name>AWS Java SDK :: Code Generator Lite</name>
 
@@ -22,7 +22,7 @@
     <parent>
         <groupId>software.amazon.awssdk</groupId>
         <artifactId>aws-sdk-java-pom</artifactId>
-        <version>2.10.87</version>
+        <version>2.10.88</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <artifactId>codegen-maven-plugin</artifactId>
 
@@ -21,7 +21,7 @@
     <parent>
         <groupId>software.amazon.awssdk</groupId>
         <artifactId>aws-sdk-java-pom</artifactId>
-        <version>2.10.87</version>
+        <version>2.10.88</version>
     </parent>
     <artifactId>codegen</artifactId>
     <name>AWS Java SDK :: Code Generator</name>
 
@@ -20,7 +20,7 @@
     <parent>
         <artifactId>core</artifactId>
         <groupId>software.amazon.awssdk</groupId>
-        <version>2.10.87</version>
+        <version>2.10.88</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 
 
@@ -20,7 +20,7 @@
     <parent>
         <artifactId>core</artifactId>
         <groupId>software.amazon.awssdk</groupId>
-        <version>2.10.87</version>
+        <version>2.10.88</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 
 
@@ -22,7 +22,7 @@
     <parent>
         <groupId>software.amazon.awssdk</groupId>
         <artifactId>core</artifactId>
-        <version>2.10.87</version>
+        <version>2.10.88</version>
     </parent>
 
     <artifactId>auth</artifactId>
 
@@ -15,16 +15,15 @@
 
 package software.amazon.awssdk.auth.signer.internal;
 
-import static software.amazon.awssdk.utils.DateUtils.numberOfDaysSinceEpoch;
 import static software.amazon.awssdk.utils.StringUtils.lowerCase;
 
 import java.io.InputStream;
 import java.nio.charset.Charset;
+import java.time.Instant;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
 import java.util.Map;
-import java.util.concurrent.TimeUnit;
 import software.amazon.awssdk.annotations.SdkInternalApi;
 import software.amazon.awssdk.auth.credentials.AwsCredentials;
 import software.amazon.awssdk.auth.credentials.AwsSessionCredentials;
@@ -160,24 +159,28 @@ protected abstract void processRequestPayload(SdkHttpFullRequest.Builder mutable
      * http://docs.aws.amazon
      * .com/general/latest/gr/sigv4-calculate-signature.html
      */
-    protected byte[] deriveSigningKey(AwsCredentials credentials, Aws4SignerRequestParams signerRequestParams) {
-
-        String cacheKey = computeSigningCacheKeyName(credentials, signerRequestParams);
-        long daysSinceEpochSigningDate = numberOfDaysSinceEpoch(signerRequestParams.getRequestSigningDateTimeMilli());
+    protected final byte[] deriveSigningKey(AwsCredentials credentials, Aws4SignerRequestParams signerRequestParams) {
+        return deriveSigningKey(credentials,
+                Instant.ofEpochMilli(signerRequestParams.getRequestSigningDateTimeMilli()),
+                signerRequestParams.getRegionName(),
+                signerRequestParams.getServiceSigningName());
+    }
 
+    protected final byte[] deriveSigningKey(AwsCredentials credentials, Instant signingInstant, String region, String service) {
+        String cacheKey = createSigningCacheKeyName(credentials, region, service);
         SignerKey signerKey = SIGNER_CACHE.get(cacheKey);
 
-        if (signerKey != null && daysSinceEpochSigningDate == signerKey.getNumberOfDaysSinceEpoch()) {
+        if (signerKey != null && signerKey.isValidForDate(signingInstant)) {
             return signerKey.getSigningKey();
         }
 
         LOG.trace(() -> "Generating a new signing key as the signing key not available in the cache for the date: " +
-            TimeUnit.DAYS.toMillis(daysSinceEpochSigningDate));
+                signingInstant.toEpochMilli());
         byte[] signingKey = newSigningKey(credentials,
-            signerRequestParams.getFormattedRequestSigningDate(),
-            signerRequestParams.getRegionName(),
-            signerRequestParams.getServiceSigningName());
-        SIGNER_CACHE.add(cacheKey, new SignerKey(daysSinceEpochSigningDate, signingKey));
+                Aws4SignerUtils.formatDateStamp(signingInstant),
+                region,
+                service);
+        SIGNER_CACHE.add(cacheKey, new SignerKey(signingInstant, signingKey));
         return signingKey;
     }
 
@@ -228,14 +231,10 @@ private String createStringToSign(String canonicalRequest,
         return stringToSign;
     }
 
-
-    /**
-     * Computes the name to be used to reference the signing key in the cache.
-     */
-    private String computeSigningCacheKeyName(AwsCredentials credentials,
-                                              Aws4SignerRequestParams signerRequestParams) {
-        return credentials.secretAccessKey() + "-" + signerRequestParams.getRegionName() + "-" +
-               signerRequestParams.getServiceSigningName();
+    private String createSigningCacheKeyName(AwsCredentials credentials,
+                                             String regionName,
+                                             String serviceName) {
+        return credentials.secretAccessKey() + "-" + regionName + "-" + serviceName;
     }
 
     /**
 
@@ -20,7 +20,6 @@
 import java.util.regex.Pattern;
 import software.amazon.awssdk.annotations.SdkInternalApi;
 import software.amazon.awssdk.annotations.SdkTestInternalApi;
-import software.amazon.awssdk.auth.credentials.AwsCredentials;
 import software.amazon.awssdk.auth.signer.params.Aws4SignerParams;
 import software.amazon.awssdk.core.async.AsyncRequestBody;
 import software.amazon.awssdk.core.exception.SdkClientException;
@@ -57,11 +56,8 @@ public AsyncRequestBody signAsyncRequestBody(SdkHttpFullRequest request, AsyncRe
     @SdkTestInternalApi
     protected final AsyncRequestBody signAsync(SdkHttpFullRequest request, AsyncRequestBody asyncRequestBody,
                                                Aws4SignerRequestParams requestParams, Aws4SignerParams signingParams) {
-        AwsCredentials sanitizedCredentials = sanitizeCredentials(signingParams.awsCredentials());
-        byte[] signingKey = deriveSigningKey(sanitizedCredentials, requestParams);
-
         String headerSignature = getHeaderSignature(request);
-        return transformRequestProvider(headerSignature, signingKey, requestParams, signingParams, asyncRequestBody);
+        return transformRequestProvider(headerSignature, requestParams, signingParams, asyncRequestBody);
     }
 
     /**
@@ -70,7 +66,6 @@ protected final AsyncRequestBody signAsync(SdkHttpFullRequest request, AsyncRequ
      * Can be overriden by subclasses to provide specific signing method
      */
     protected abstract AsyncRequestBody transformRequestProvider(String headerSignature,
-                                                                 byte[] signingKey,
                                                                  Aws4SignerRequestParams signerRequestParams,
                                                                  Aws4SignerParams signerParams,
                                                                  AsyncRequestBody asyncRequestBody);
 
@@ -28,6 +28,7 @@
 import org.reactivestreams.Publisher;
 import org.reactivestreams.Subscriber;
 import software.amazon.awssdk.annotations.SdkInternalApi;
+import software.amazon.awssdk.auth.credentials.AwsCredentials;
 import software.amazon.awssdk.auth.signer.params.Aws4SignerParams;
 import software.amazon.awssdk.core.async.AsyncRequestBody;
 import software.amazon.awssdk.core.async.SdkPublisher;
@@ -67,7 +68,6 @@ public SdkHttpFullRequest sign(SdkHttpFullRequest request, Aws4SignerParams sign
 
     @Override
     protected AsyncRequestBody transformRequestProvider(String headerSignature,
-                                                        byte[] signingKey,
                                                         Aws4SignerRequestParams signerRequestParams,
                                                         Aws4SignerParams signerParams,
                                                         AsyncRequestBody asyncRequestBody) {
@@ -80,7 +80,8 @@ protected AsyncRequestBody transformRequestProvider(String headerSignature,
          * Map publisher with signing function
          */
         Publisher<ByteBuffer> publisherWithSignedFrame =
-            transformRequestBodyPublisher(publisherWithTrailingEmptyFrame, headerSignature, signingKey, signerRequestParams);
+            transformRequestBodyPublisher(publisherWithTrailingEmptyFrame, headerSignature,
+                                          signerParams.awsCredentials(), signerRequestParams);
 
         AsyncRequestBody transformedRequestBody = AsyncRequestBody.fromPublisher(publisherWithSignedFrame);
 
@@ -105,16 +106,16 @@ private static Publisher<ByteBuffer> appendEmptyFrame(Publisher<ByteBuffer> publ
     }
 
     private Publisher<ByteBuffer> transformRequestBodyPublisher(Publisher<ByteBuffer> publisher, String headerSignature,
-                                                                byte[] signingKey, Aws4SignerRequestParams signerRequestParams) {
+                                                                AwsCredentials credentials,
+                                                                Aws4SignerRequestParams signerRequestParams) {
         return SdkPublisher.adapt(publisher)
-                           .map(getDataFrameSigner(headerSignature, signingKey, signerRequestParams));
+                           .map(getDataFrameSigner(headerSignature, credentials, signerRequestParams));
     }
 
-    private Function<ByteBuffer, ByteBuffer> getDataFrameSigner(String headerSignature, byte[] signingKey,
+    private Function<ByteBuffer, ByteBuffer> getDataFrameSigner(String headerSignature,
+                                                                AwsCredentials credentials,
                                                                 Aws4SignerRequestParams signerRequestParams) {
         return new Function<ByteBuffer, ByteBuffer>() {
-
-            final byte[] key = signingKey;
             final Aws4SignerRequestParams requestParams = signerRequestParams;
 
             /**
@@ -131,11 +132,20 @@ public ByteBuffer apply(ByteBuffer byteBuffer) {
                 Instant signingInstant = requestParams.getSigningClock().instant();
                 nonSignatureHeaders.put(EVENT_STREAM_DATE, HeaderValue.fromTimestamp(signingInstant));
 
+                /**
+                 * Derive Signing Key
+                 */
+                AwsCredentials sanitizedCredentials = sanitizeCredentials(credentials);
+                byte[] signingKey = deriveSigningKey(sanitizedCredentials,
+                                                     signingInstant,
+                                                     requestParams.getRegionName(),
+                                                     requestParams.getServiceSigningName());
                 /**
                  * Calculate rolling signature
                  */
+
                 byte[] payload = byteBuffer.array();
-                byte[] signatureBytes = signEventStream(priorSignature, key, signingInstant, requestParams,
+                byte[] signatureBytes = signEventStream(priorSignature, signingKey, signingInstant, requestParams,
                                                         nonSignatureHeaders, payload);
                 priorSignature = BinaryUtils.toHex(signatureBytes);
 
@@ -249,5 +259,4 @@ public Optional<Long> contentLength() {
             return transformedRequestBody.contentLength();
         }
     }
-
 }
@@ -15,8 +15,10 @@
 
 package software.amazon.awssdk.auth.signer.internal;
 
+import java.time.Instant;
 import software.amazon.awssdk.annotations.Immutable;
 import software.amazon.awssdk.annotations.SdkInternalApi;
+import software.amazon.awssdk.utils.DateUtils;
 
 /**
  * Holds the signing key and the number of days since epoch for the date for
@@ -26,29 +28,25 @@
 @SdkInternalApi
 public final class SignerKey {
 
-    private final long numberOfDaysSinceEpoch;
+    private final long daysSinceEpoch;
 
     private final byte[] signingKey;
 
-    public SignerKey(long numberOfDaysSinceEpoch, byte[] signingKey) {
-        if (numberOfDaysSinceEpoch <= 0L) {
+    public SignerKey(Instant date, byte[] signingKey) {
+        if (date == null) {
             throw new IllegalArgumentException(
-                    "Not able to cache signing key. Signing date to be cached is invalid");
+                    "Not able to cache signing key. Signing date to be is null");
         }
         if (signingKey == null) {
             throw new IllegalArgumentException(
                     "Not able to cache signing key. Signing Key to be cached are null");
         }
-        this.numberOfDaysSinceEpoch = numberOfDaysSinceEpoch;
+        this.daysSinceEpoch = DateUtils.numberOfDaysSinceEpoch(date.toEpochMilli());
         this.signingKey = signingKey.clone();
     }
 
-    /**
-     * Returns the number of days since epoch for the date used for generating
-     * signing key.
-     */
-    public long getNumberOfDaysSinceEpoch() {
-        return numberOfDaysSinceEpoch;
+    public boolean isValidForDate(Instant other) {
+        return daysSinceEpoch == DateUtils.numberOfDaysSinceEpoch(other.toEpochMilli());
     }
 
     /**