Allow DefaultS3Presigner.Builder to take a custom S3Configuration

Author: scheerer

.changes/next-release/feature-AWSS3-cc6ada4.json

@@ -0,0 +1,5 @@
+{
+    "category": "AWS S3", 
+    "type": "feature", 
+    "description": "Allow DefaultS3Presigner.Builder to take a custom S3Configuration"
+}

services/s3/src/main/java/software/amazon/awssdk/services/s3/internal/presigner/DefaultS3Presigner.java

@@ -98,9 +98,13 @@
 @SdkInternalApi
 public final class DefaultS3Presigner extends DefaultSdkPresigner implements S3Presigner {
     private static final AwsS3V4Signer DEFAULT_SIGNER = AwsS3V4Signer.create();
+    private static final S3Configuration DEFAULT_S3_CONFIGURATION = S3Configuration.builder()
+            .checksumValidationEnabled(false)
+            .build();
     private static final String SERVICE_NAME = "s3";
     private static final String SIGNING_NAME = "s3";
 
+    private final S3Configuration serviceConfiguration;
     private final List<ExecutionInterceptor> clientInterceptors;
     private final GetObjectRequestMarshaller getObjectRequestMarshaller;
     private final PutObjectRequestMarshaller putObjectRequestMarshaller;
@@ -112,6 +116,8 @@ public final class DefaultS3Presigner extends DefaultSdkPresigner implements S3P
     private DefaultS3Presigner(Builder b) {
         super(b);
 
+        this.serviceConfiguration = b.serviceConfiguration != null ? b.serviceConfiguration : DEFAULT_S3_CONFIGURATION;
+
         this.clientInterceptors = initializeInterceptors();
 
         // Copied from DefaultS3Client#init
@@ -236,6 +242,10 @@ public PresignedAbortMultipartUploadRequest presignAbortMultipartUpload(AbortMul
             .build();
     }
 
+    protected S3Configuration serviceConfiguration() {
+        return serviceConfiguration;
+    }
+
     /**
      * Generate a {@link PresignedRequest} from a {@link PresignedRequest} and {@link SdkRequest}.
      */
@@ -289,9 +299,7 @@ private ExecutionContext createExecutionContext(PresignRequest presignRequest, S
             .putAttribute(SdkExecutionAttribute.CLIENT_TYPE, ClientType.SYNC)
             .putAttribute(SdkExecutionAttribute.SERVICE_NAME, SERVICE_NAME)
             .putAttribute(SdkExecutionAttribute.OPERATION_NAME, operationName)
-            .putAttribute(AwsSignerExecutionAttribute.SERVICE_CONFIG, S3Configuration.builder()
-                                                                                     .checksumValidationEnabled(false)
-                                                                                     .build())
+            .putAttribute(AwsSignerExecutionAttribute.SERVICE_CONFIG, serviceConfiguration())
             .putAttribute(PRESIGNER_EXPIRATION, signatureExpiration);
 
         ExecutionInterceptorChain executionInterceptorChain = new ExecutionInterceptorChain(clientInterceptors);
@@ -464,9 +472,24 @@ private void initializePresignedRequest(PresignedRequest.Builder presignedReques
     public static final class Builder extends DefaultSdkPresigner.Builder<Builder>
         implements S3Presigner.Builder {
 
+        private S3Configuration serviceConfiguration;
+
         private Builder() {
         }
 
+        /**
+         * Allows providing a custom S3 serviceConfiguration by providing a {@link S3Configuration} object;
+         *
+         * Note: chunkedEncodingEnabled and checksumValidationEnabled do not apply to presigned requests.
+         *
+         * @param serviceConfiguration {@link S3Configuration}
+         * @return this Builder
+         */
+        public Builder serviceConfiguration(S3Configuration serviceConfiguration) {
+            this.serviceConfiguration = serviceConfiguration;
+            return this;
+        }
+
         @Override
         public S3Presigner build() {
             return new DefaultS3Presigner(this);

services/s3/src/main/java/software/amazon/awssdk/services/s3/presigner/S3Presigner.java

@@ -30,6 +30,7 @@
 import software.amazon.awssdk.http.SdkHttpClient;
 import software.amazon.awssdk.regions.Region;
 import software.amazon.awssdk.regions.providers.DefaultAwsRegionProviderChain;
+import software.amazon.awssdk.services.s3.S3Configuration;
 import software.amazon.awssdk.services.s3.internal.presigner.DefaultS3Presigner;
 import software.amazon.awssdk.services.s3.model.AbortMultipartUploadRequest;
 import software.amazon.awssdk.services.s3.model.CompleteMultipartUploadRequest;
@@ -512,6 +513,16 @@ default PresignedAbortMultipartUploadRequest presignAbortMultipartUpload(
     @SdkPublicApi
     @NotThreadSafe
     interface Builder extends SdkPresigner.Builder {
+        /**
+         * Allows providing a custom S3 serviceConfiguration by providing a {@link S3Configuration} object;
+         *
+         * Note: chunkedEncodingEnabled and checksumValidationEnabled do not apply to presigned requests.
+         *
+         * @param serviceConfiguration {@link S3Configuration}
+         * @return this Builder
+         */
+        Builder serviceConfiguration(S3Configuration serviceConfiguration);
+
         @Override
         Builder region(Region region);
 

services/s3/src/test/java/software/amazon/awssdk/services/s3/S3PresignerTest.java

@@ -30,7 +30,6 @@
 import software.amazon.awssdk.auth.credentials.AwsCredentials;
 import software.amazon.awssdk.auth.signer.AwsS3V4Signer;
 import software.amazon.awssdk.awscore.AwsRequestOverrideConfiguration;
-import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration;
 import software.amazon.awssdk.core.signer.NoOpSigner;
 import software.amazon.awssdk.regions.Region;
 import software.amazon.awssdk.services.s3.model.RequestPayer;
@@ -41,6 +40,7 @@
 @RunWith(MockitoJUnitRunner.class)
 public class S3PresignerTest {
     private static final URI FAKE_URL;
+    private static final String BUCKET = "some-bucket";
 
     private S3Presigner presigner;
 
@@ -64,8 +64,12 @@ private S3Presigner.Builder presignerBuilder() {
                           .credentialsProvider(() -> AwsBasicCredentials.create("x", "x"));
     }
 
+
     private S3Presigner generateMaximal() {
         return S3Presigner.builder()
+                          .serviceConfiguration(S3Configuration.builder()
+                                .checksumValidationEnabled(false)
+                                .build())
                           .credentialsProvider(() -> AwsBasicCredentials.create("x", "x"))
                           .region(Region.US_EAST_1)
                           .endpointOverride(FAKE_URL)
@@ -325,4 +329,128 @@ public void putObject_Sigv4PresignerHonorsSignatureDuration() {
             assertThat(Integer.parseInt(expires)).isCloseTo(1234, Offset.offset(2));
         });
     }
+
+    @Test
+    public void getObject_S3ConfigurationCanBeOverriddenToLeverageTransferAcceleration() {
+        S3Presigner presigner = presignerBuilder().serviceConfiguration(S3Configuration.builder()
+                    .accelerateModeEnabled(true)
+                    .build())
+                .build();
+
+        PresignedGetObjectRequest presignedRequest =
+                presigner.presignGetObject(r -> r.signatureDuration(Duration.ofMinutes(5))
+                        .getObjectRequest(go -> go.bucket("foo34343434")
+                                .key("bar")));
+
+
+        System.out.println(presignedRequest.url());
+
+        assertThat(presignedRequest.httpRequest().host()).contains(".s3-accelerate.");
+    }
+
+
+    @Test
+    public void accelerateEnabled_UsesVirtualAddressingWithAccelerateEndpoint() {
+        S3Presigner presigner = presignerBuilder().serviceConfiguration(S3Configuration.builder()
+                .accelerateModeEnabled(true)
+                .build())
+                .build();
+
+        PresignedGetObjectRequest presignedRequest =
+                presigner.presignGetObject(r -> r.signatureDuration(Duration.ofMinutes(5))
+                        .getObjectRequest(go -> go.bucket(BUCKET)
+                                .key("bar")));
+
+        assertThat(presignedRequest.httpRequest().host()).isEqualTo(String.format("%s.s3-accelerate.amazonaws.com", BUCKET));
+    }
+
+    /**
+     * Dualstack uses regional endpoints that support virtual addressing.
+     */
+    @Test
+    public void dualstackEnabled_UsesVirtualAddressingWithDualstackEndpoint() throws Exception {
+        S3Presigner presigner = presignerBuilder().serviceConfiguration(S3Configuration.builder()
+                .dualstackEnabled(true)
+                .build())
+                .build();
+
+        PresignedGetObjectRequest presignedRequest =
+                presigner.presignGetObject(r -> r.signatureDuration(Duration.ofMinutes(5))
+                        .getObjectRequest(go -> go.bucket(BUCKET)
+                                .key("bar")));
+
+        assertThat(presignedRequest.httpRequest().host()).contains(String.format("%s.s3.dualstack.us-west-2.amazonaws.com", BUCKET));
+    }
+
+    /**
+     * Dualstack also supports path style endpoints just like the normal endpoints.
+     */
+    @Test
+    public void dualstackAndPathStyleEnabled_UsesPathStyleAddressingWithDualstackEndpoint() throws Exception {
+        S3Presigner presigner = presignerBuilder().serviceConfiguration(S3Configuration.builder()
+                .dualstackEnabled(true)
+                .pathStyleAccessEnabled(true)
+                .build())
+                .build();
+
+        PresignedGetObjectRequest presignedRequest =
+                presigner.presignGetObject(r -> r.signatureDuration(Duration.ofMinutes(5))
+                        .getObjectRequest(go -> go.bucket(BUCKET)
+                                .key("bar")));
+
+        assertThat(presignedRequest.httpRequest().host()).isEqualTo("s3.dualstack.us-west-2.amazonaws.com");
+        assertThat(presignedRequest.url().toString()).startsWith(String.format("https://s3.dualstack.us-west-2.amazonaws.com/%s/%s?", BUCKET, "bar"));
+    }
+
+    /**
+     * When dualstack and accelerate are both enabled there is a special, global dualstack endpoint we must use.
+     */
+    @Test
+    public void dualstackAndAccelerateEnabled_UsesDualstackAccelerateEndpoint() throws Exception {
+        S3Presigner presigner = presignerBuilder().serviceConfiguration(S3Configuration.builder()
+                .dualstackEnabled(true)
+                .accelerateModeEnabled(true)
+                .build())
+                .build();
+
+        PresignedGetObjectRequest presignedRequest =
+                presigner.presignGetObject(r -> r.signatureDuration(Duration.ofMinutes(5))
+                        .getObjectRequest(go -> go.bucket(BUCKET)
+                                .key("bar")));
+
+        assertThat(presignedRequest.httpRequest().host()).isEqualTo(String.format("%s.s3-accelerate.dualstack.amazonaws.com", BUCKET));
+    }
+
+    @Test
+    public void accessPointArn_differentRegion_useArnRegionTrue() throws Exception {
+        String customEndpoint = "https://foobar-12345678910.s3-accesspoint.us-west-2.amazonaws.com";
+        String accessPointArn = "arn:aws:s3:us-west-2:12345678910:accesspoint:foobar";
+
+        S3Presigner presigner = presignerBuilder().serviceConfiguration(S3Configuration.builder()
+                .useArnRegionEnabled(true)
+                .build())
+                .build();
+
+        PresignedGetObjectRequest presignedRequest =
+                presigner.presignGetObject(r -> r.signatureDuration(Duration.ofMinutes(5))
+                        .getObjectRequest(go -> go.bucket(accessPointArn)
+                                .key("bar")));
+
+        assertThat(presignedRequest.url().toString()).startsWith(customEndpoint);
+    }
+
+    @Test
+    public void accessPointArn_differentRegion_useArnRegionFalse_throwsIllegalArgumentException() throws Exception {
+        String accessPointArn = "arn:aws:s3:us-east-1:12345678910:accesspoint:foobar";
+
+        S3Presigner presigner = presignerBuilder().serviceConfiguration(S3Configuration.builder()
+                .useArnRegionEnabled(false)
+                .build())
+                .build();
+
+        assertThatThrownBy(() -> presigner.presignGetObject(r -> r.signatureDuration(Duration.ofMinutes(5))
+                        .getObjectRequest(go -> go.bucket(accessPointArn).key("bar"))))
+                .isInstanceOf(IllegalArgumentException.class)
+                .hasMessageContaining("region");
+    }
 }