• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Decision Log for Smithy Reference Architecture Identity and Auth support
2
3## Log Entry Template
4
5**Source:** (Meeting/aside/pair programming discussion/daily standup) to (discuss/implement) X
6
7**Attendees:** (names)
8
9**Closed Decisions:**
10
111. Question? Decision. Justification.
12
13**Open Decisions:**
14
151. (Old/Reopened/New) Question?
16
17## 3/31/23
18
19**Source:** Meeting for API surface area review of Identity changes made as part of SRA.
20
21**Attendees:** Anna-Karin, David, Debora, Dongie, Jay, John, Matt, Olivier, Zoe
22
23**Closed Decisions:**
24
251. **Should the new interface `AwsCredentialsIdentity` provide `create()` methods?**
26   1. Yes, to provide customers a way to easily create instances of this type without needing to depend on
27      `AwsBasicCredentials` from the `auth` module. Some duplication of code from `AwsBasicCredentials` is okay.
28   2. The implementation of `create()` can use an anonymous inner class, instead of creating a new class with a name.
292. **How should `AwsCredentialsProviderChain` support the new Identity type `AwsCredentialsIdentity`?**
30   1. `Builder.addCredentialsProvider()` can be overloaded to accept the new type.
31   2. The varargs methods `of()` and `Builder.credentialsProviders()` can be overloaded to accept the new type. This
32      would not be ambiguous when called with zero args, because according to
33      https://docs.oracle.com/javase/specs/jls/se8/html/jls-15.html#jls-15.12.2.5 the more specific method is chosen,
34      i.e., `AwsCredentialsProviderChain.of()` would invoke `of(AwsCredentialsProvider...)`.
35   3. The `Builder.credentialsProviders()` method accepting a `Collection` cannot be overloaded because both methods
36      would have the same erasure. So use a method with a different name - `credentialsIdentityProviders()`. We don't
37      want to add `Identity` to the other methods (varargs, `add`, `of`) too, as it might mislead to thinking that's a
38      different "property" of the chain. So a separate method name is used only in this one-off.
393. **How should an `IdentityResolver` define which `IdentityProperty`s it supports?**
40   1. An `IdentityResolver` should define a `public static` for each `IdentityProperty` it supports and document the
41      behavior of how it uses it during `resolveIdentity`. This will help the caller determine how to construct an
42      appropriate `ResolveIdentityRequest`.
43   2. Should there be stronger abstraction for any property?
44      1. We discussed potential use cases like metrics collector / telemetry. If we have a compelling use case, we can
45         add it later. Though it would have to be not AWS specific to be added to these generic interfaces.
46
47**Open Decisions:**
48
49None