Log signed event for easier debugging

In case of future bugs related to event stream signing, this should help in
debuggging to see the contents of the message in an easier to read format.

Author: dagnir

core/auth/src/main/java/software/amazon/awssdk/auth/signer/internal/BaseEventStreamAsyncAws4Signer.java

@@ -20,7 +20,9 @@
 import java.nio.ByteBuffer;
 import java.nio.charset.StandardCharsets;
 import java.time.Instant;
+import java.util.Arrays;
 import java.util.HashMap;
+import java.util.Iterator;
 import java.util.Map;
 import java.util.Optional;
 import java.util.TreeMap;
@@ -143,7 +145,6 @@ public ByteBuffer apply(ByteBuffer byteBuffer) {
                 /**
                  * Calculate rolling signature
                  */
-
                 byte[] payload = byteBuffer.array();
                 byte[] signatureBytes = signEventStream(priorSignature, signingKey, signingInstant, requestParams,
                                                         nonSignatureHeaders, payload);
@@ -160,6 +161,13 @@ public ByteBuffer apply(ByteBuffer byteBuffer) {
                  * Encode signed event to byte
                  */
                 Message signedMessage = new Message(sortHeaders(headers), payload);
+
+                if (LOG.isLoggingLevelEnabled("trace")) {
+                    LOG.trace(() -> "Signed message: " + toDebugString(signedMessage, false));
+                } else {
+                    LOG.debug(() -> "Signed message: " + toDebugString(signedMessage, true));
+                }
+
                 return signedMessage.toByteBuffer();
             }
         };
@@ -259,4 +267,35 @@ public Optional<Long> contentLength() {
             return transformedRequestBody.contentLength();
         }
     }
+
+    static String toDebugString(Message m, boolean truncatePayload) {
+        StringBuilder sb = new StringBuilder("Message = {headers={");
+        Map<String, HeaderValue> headers = m.getHeaders();
+
+        Iterator<Map.Entry<String, HeaderValue>> headersIter = headers.entrySet().iterator();
+
+        while (headersIter.hasNext()) {
+            Map.Entry<String, HeaderValue> h = headersIter.next();
+
+            sb.append(h.getKey()).append("={").append(h.getValue().toString()).append("}");
+
+            if (headersIter.hasNext()) {
+                sb.append(", ");
+            }
+        }
+
+        sb.append("}, payload=");
+
+        byte[] payload = m.getPayload();
+
+        byte[] payloadToLog;
+        if (truncatePayload) {
+            // Would be nice if BinaryUtils.toHex() could take an array index range instead so we don't need to copy
+            payloadToLog = Arrays.copyOf(payload, Math.min(32, payload.length));
+        } else {
+            payloadToLog = payload;
+        }
+
+        return sb.append(BinaryUtils.toHex(payloadToLog)).append("}").toString();
+    }
 }

core/auth/src/test/java/software/amazon/awssdk/auth/signer/internal/BaseEventStreamAsyncAws4SignerTest.java

@@ -0,0 +1,78 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License").
+ * You may not use this file except in compliance with the License.
+ * A copy of the License is located at
+ *
+ *  http://aws.amazon.com/apache2.0
+ *
+ * or in the "license" file accompanying this file. This file is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+
+package software.amazon.awssdk.auth.signer.internal;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import java.util.Arrays;
+import java.util.LinkedHashMap;
+import java.util.Map;
+import java.util.Random;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import software.amazon.awssdk.utils.BinaryUtils;
+import software.amazon.eventstream.HeaderValue;
+import software.amazon.eventstream.Message;
+
+public class BaseEventStreamAsyncAws4SignerTest {
+    private static Map<String, HeaderValue> headers;
+
+    @BeforeClass
+    public static void setup() {
+        headers = new LinkedHashMap<>();
+        headers.put("header1", HeaderValue.fromInteger(42));
+        headers.put("header2", HeaderValue.fromBoolean(false));
+        headers.put("header3", HeaderValue.fromString("Hello world"));
+    }
+
+    @Test
+    public void toDebugString_emptyPayload_generatesCorrectString() {
+        Message m = new Message(headers, new byte[0]);
+
+        assertThat(BaseEventStreamAsyncAws4Signer.toDebugString(m, false))
+                .isEqualTo("Message = {headers={header1={42}, header2={false}, header3={\"Hello world\"}}, payload=}");
+    }
+
+    @Test
+    public void toDebugString_noHeaders_emptyPayload_generatesCorrectString() {
+        Message m = new Message(new LinkedHashMap<>(), new byte[0]);
+
+        assertThat(BaseEventStreamAsyncAws4Signer.toDebugString(m, false))
+                .isEqualTo("Message = {headers={}, payload=}");
+    }
+
+    @Test
+    public void toDebugString_largePayload_truncate_generatesCorrectString() {
+        byte[] payload = new byte[128];
+        new Random().nextBytes(payload);
+        Message m = new Message(headers, payload);
+
+        byte[] first32 = Arrays.copyOf(payload, 32);
+        String expectedPayloadString = BinaryUtils.toHex(first32);
+        assertThat(BaseEventStreamAsyncAws4Signer.toDebugString(m, true))
+                .isEqualTo("Message = {headers={header1={42}, header2={false}, header3={\"Hello world\"}}, payload=" + expectedPayloadString + "}");
+    }
+
+    @Test
+    public void toDebugString_largePayload_noTruncate_generatesCorrectString() {
+        byte[] payload = new byte[128];
+        new Random().nextBytes(payload);
+        Message m = new Message(headers, payload);
+
+        String expectedPayloadString = BinaryUtils.toHex(payload);
+        assertThat(BaseEventStreamAsyncAws4Signer.toDebugString(m, false))
+                .isEqualTo("Message = {headers={header1={42}, header2={false}, header3={\"Hello world\"}}, payload=" + expectedPayloadString + "}");
+    }
+}