aws_smithy_runtime/client/auth/
no_auth.rs

1/*
2 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
3 * SPDX-License-Identifier: Apache-2.0
4 */
5
6//! The [`NoAuthRuntimePlugin`] and supporting code.
7
8use crate::client::identity::no_auth::NoAuthIdentityResolver;
9use aws_smithy_runtime_api::box_error::BoxError;
10use aws_smithy_runtime_api::client::auth::{
11    AuthScheme, AuthSchemeEndpointConfig, AuthSchemeId, SharedAuthScheme, Sign,
12};
13use aws_smithy_runtime_api::client::identity::{Identity, SharedIdentityResolver};
14use aws_smithy_runtime_api::client::orchestrator::HttpRequest;
15use aws_smithy_runtime_api::client::runtime_components::{
16    GetIdentityResolver, RuntimeComponents, RuntimeComponentsBuilder,
17};
18use aws_smithy_runtime_api::client::runtime_plugin::RuntimePlugin;
19use aws_smithy_types::config_bag::ConfigBag;
20use std::borrow::Cow;
21
22/// Auth scheme ID for "no auth".
23pub const NO_AUTH_SCHEME_ID: AuthSchemeId = AuthSchemeId::new("no_auth");
24
25/// A [`RuntimePlugin`] that registers a "no auth" identity resolver and auth scheme.
26///
27/// This plugin can be used to disable authentication in certain cases, such as when there is
28/// a Smithy `@optionalAuth` trait.
29#[non_exhaustive]
30#[derive(Debug)]
31pub struct NoAuthRuntimePlugin(RuntimeComponentsBuilder);
32
33impl Default for NoAuthRuntimePlugin {
34    fn default() -> Self {
35        Self::new()
36    }
37}
38
39impl NoAuthRuntimePlugin {
40    /// Creates a new `NoAuthRuntimePlugin`.
41    pub fn new() -> Self {
42        Self(
43            RuntimeComponentsBuilder::new("NoAuthRuntimePlugin")
44                .with_identity_resolver(
45                    NO_AUTH_SCHEME_ID,
46                    SharedIdentityResolver::new(NoAuthIdentityResolver::new()),
47                )
48                .with_auth_scheme(SharedAuthScheme::new(NoAuthScheme::new())),
49        )
50    }
51}
52
53impl RuntimePlugin for NoAuthRuntimePlugin {
54    fn runtime_components(
55        &self,
56        _: &RuntimeComponentsBuilder,
57    ) -> Cow<'_, RuntimeComponentsBuilder> {
58        Cow::Borrowed(&self.0)
59    }
60}
61
62/// The "no auth" auth scheme.
63///
64/// The orchestrator requires an auth scheme, so Smithy's `@optionalAuth` trait is implemented
65/// by placing a "no auth" auth scheme at the end of the auth scheme options list so that it is
66/// used if there's no identity resolver available for the other auth schemes. It's also used
67/// for models that don't have auth at all.
68#[derive(Debug, Default)]
69pub struct NoAuthScheme {
70    signer: NoAuthSigner,
71}
72
73impl NoAuthScheme {
74    /// Creates a new `NoAuthScheme`.
75    pub fn new() -> Self {
76        Self::default()
77    }
78}
79
80#[derive(Debug, Default)]
81struct NoAuthSigner;
82
83impl Sign for NoAuthSigner {
84    fn sign_http_request(
85        &self,
86        _request: &mut HttpRequest,
87        _identity: &Identity,
88        _auth_scheme_endpoint_config: AuthSchemeEndpointConfig<'_>,
89        _runtime_components: &RuntimeComponents,
90        _config_bag: &ConfigBag,
91    ) -> Result<(), BoxError> {
92        Ok(())
93    }
94}
95
96impl AuthScheme for NoAuthScheme {
97    fn scheme_id(&self) -> AuthSchemeId {
98        NO_AUTH_SCHEME_ID
99    }
100
101    fn identity_resolver(
102        &self,
103        identity_resolvers: &dyn GetIdentityResolver,
104    ) -> Option<SharedIdentityResolver> {
105        identity_resolvers.identity_resolver(NO_AUTH_SCHEME_ID)
106    }
107
108    fn signer(&self) -> &dyn Sign {
109        &self.signer
110    }
111}