diff --git a/aws/rust-runtime/Cargo.lock b/aws/rust-runtime/Cargo.lock index ed1feb400e..51b755bf45 100644 --- a/aws/rust-runtime/Cargo.lock +++ b/aws/rust-runtime/Cargo.lock @@ -184,7 +184,7 @@ version = "0.60.3" [[package]] name = "aws-sigv4" -version = "1.2.5" +version = "1.2.6" dependencies = [ "aws-credential-types", "aws-smithy-eventstream", diff --git a/aws/rust-runtime/aws-sigv4/Cargo.toml b/aws/rust-runtime/aws-sigv4/Cargo.toml index 0d247d5436..cc80e15908 100644 --- a/aws/rust-runtime/aws-sigv4/Cargo.toml +++ b/aws/rust-runtime/aws-sigv4/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "aws-sigv4" -version = "1.2.5" +version = "1.2.6" authors = ["AWS Rust SDK Team ", "David Barsky "] description = "SigV4 signer for HTTP requests and Event Stream messages." edition = "2021" diff --git a/aws/rust-runtime/aws-sigv4/src/http_request/sign.rs b/aws/rust-runtime/aws-sigv4/src/http_request/sign.rs index 414570791d..4fdcc4b8a1 100644 --- a/aws/rust-runtime/aws-sigv4/src/http_request/sign.rs +++ b/aws/rust-runtime/aws-sigv4/src/http_request/sign.rs @@ -19,6 +19,8 @@ use std::borrow::Cow; use std::fmt::{Debug, Formatter}; use std::str; +const LOG_SIGNABLE_BODY: &str = "LOG_SIGNABLE_BODY"; + /// Represents all of the information necessary to sign an HTTP request. #[derive(Debug)] #[non_exhaustive] @@ -72,7 +74,7 @@ impl<'a> SignableRequest<'a> { } /// A signable HTTP request body -#[derive(Debug, Clone, Eq, PartialEq)] +#[derive(Clone, Eq, PartialEq)] #[non_exhaustive] pub enum SignableBody<'a> { /// A body composed of a slice of bytes @@ -93,6 +95,30 @@ pub enum SignableBody<'a> { StreamingUnsignedPayloadTrailer, } +/// Formats the value using the given formatter. To print the body data, set the environment variable `LOG_SIGNABLE_BODY=true`. +impl<'a> Debug for SignableBody<'a> { + fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result { + let should_log_signable_body = std::env::var(LOG_SIGNABLE_BODY) + .map(|v| v.eq_ignore_ascii_case("true")) + .unwrap_or_default(); + match self { + Self::Bytes(arg0) => { + if should_log_signable_body { + f.debug_tuple("Bytes").field(arg0).finish() + } else { + let redacted = format!("** REDACTED **. To print {body_size} bytes of raw data, set environment variable `LOG_SIGNABLE_BODY=true`", body_size = arg0.len()); + f.debug_tuple("Bytes").field(&redacted).finish() + } + } + Self::UnsignedPayload => write!(f, "UnsignedPayload"), + Self::Precomputed(arg0) => f.debug_tuple("Precomputed").field(arg0).finish(), + Self::StreamingUnsignedPayloadTrailer => { + write!(f, "StreamingUnsignedPayloadTrailer") + } + } + } +} + impl SignableBody<'_> { /// Create a new empty signable body pub fn empty() -> SignableBody<'static> { @@ -1121,4 +1147,22 @@ mod tests { request.uri().path_and_query().unwrap().to_string() ); } + + #[test] + fn test_debug_signable_body() { + let sut = SignableBody::Bytes(b"hello signable body"); + assert_eq!( + "Bytes(\"** REDACTED **. To print 19 bytes of raw data, set environment variable `LOG_SIGNABLE_BODY=true`\")", + format!("{sut:?}") + ); + + let sut = SignableBody::UnsignedPayload; + assert_eq!("UnsignedPayload", format!("{sut:?}")); + + let sut = SignableBody::Precomputed("precomputed".to_owned()); + assert_eq!("Precomputed(\"precomputed\")", format!("{sut:?}")); + + let sut = SignableBody::StreamingUnsignedPayloadTrailer; + assert_eq!("StreamingUnsignedPayloadTrailer", format!("{sut:?}")); + } }