Create option to specify custom options/properties in request builder to be passed down in the SignRequest during the signing stage

[HarshitGupta11]

Describe the feature

Currently only the signer options/properties are added to the SignRequest for signing, it would be nice to have custom properties in the SignRequest that are added when the request is build so that we can update custom signing flows.

Use Case

Custom Signing flows would improve as user would have some freedom to pass certain attributes that the signer can pick up. It would be good for auditing purposes as well.

Proposed Solution

Ideally we would like to have something like:

Request.Builder builder = Request.builder();
builder.setProperty(custom_property)
builder.build()

And when it comes in the signer:

public SignedRequest sign(SignRequest<? extends AwsCredentialsIdentity> toSignRequest){
    Property customProperty = toSignRequest.property(custom_property);
.
.
}

No response

Other Information

This is a example on how we used to do things in a earlier context with audit spans.
Earlier we were able to attach audit span to the request like:

  public <T extends AmazonWebServiceRequest> T beforeExecution(
      final T request) {
    ioStatisticsStore.incrementCounter(AUDIT_REQUEST_EXECUTION.getSymbol());

    // identify the span and invoke the callback
    try {
      return extractAndActivateSpanFromRequest(request)
          .beforeExecution(request);
    } catch (AuditFailureException e) {
      ioStatisticsStore.incrementCounter(AUDIT_FAILURE.getSymbol());
      throw e;
    }
  }

And retrieve it using:

  private String retrieveOperationName(SignableRequest<?> request) {
    if (request instanceof HandlerContextAware) {
      AWSAuditEventCallbacks awsAuditEventCallbacks = retrieveAttachedSpan((HandlerContextAware) request);
      if (awsAuditEventCallbacks != null) {
        String opName = awsAuditEventCallbacks.getOperationName();
        return getOpNameWithoutPrefix(opName);
      }
    }
    LOG.debug("Unable to figure out operation name from incoming request." +
            "So setting to {}", UNKNOWN_OP_NAME);
    return UNKNOWN_OP_NAME;
  }

Acknowledgements

• I may be able to implement this feature request
• This feature might incur a breaking change

AWS Java SDK version used

2.21.46

JDK version used

1.8

Operating System and version

Mac OS X

[debora-ito]

@HarshitGupta11 apologies for the long delay in replying.

We don't have plans to support custom signing flows in Java SDK v1.

This may be supported in Java SDK v2 with the recent addition of authentication schemes - we don't have a lot of documentation around it yet but we'll work on it.