aws-sdk-java-v2 icon indicating copy to clipboard operation
aws-sdk-java-v2 copied to clipboard

Published 20 hours ago verified publisher icon aws

STS not supported with native builds due to missing reflect-config

Open elrob opened this issue 3 years ago • 3 comments

Describe the bug

With STS service included as a dependency, the default credentials provider skips STS in the chain as StsWebIdentityCredentialsProviderFactory.class needs to be included in reflect-config.json

Including it manually fixes it. But other clients like S3 have reflect-config.json so STS should too.

Expected behavior

Within a native build, the STS credentials provider should be included as part of the default credentials provider chain if it is included as a dependency.

Current behavior

Even with STS service included as a dependency, the default credentials provider skips STS in the chain as StsWebIdentityCredentialsProviderFactory.class needs to be included in reflect-config.json

Steps to Reproduce

It occurs here: https://github.com/aws/aws-sdk-java-v2/blob/584ccb59e770177aeaa4c3b6bda4e24015b8ece9/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/internal/WebIdentityCredentialsUtils.java#L46

This use of reflection means the software.amazon.awssdk.services.sts.internal.StsWebIdentityCredentialsProviderFactory is not picked up in a native build unless it is explicitly included in reflect-config.json.

Possible Solution

Create reflect-config.json for STS client package (like S3 etc) and include software.amazon.awssdk.services.sts.internal.StsWebIdentityCredentialsProviderFactory in it.

Context

No response

AWS Java SDK version used

latest

JDK version used

11

Operating System and version

linux

elrob avatar Jan 23 '22 14:01 elrob

Original native image compilation support was added here: https://github.com/aws/aws-sdk-java-v2/commit/b9d26ef42fe5dd8a366eefca1844f2071547f2d2 (sts was left out)

elrob avatar Jan 25 '22 06:01 elrob

Hi @elrob thank you for calling our attention to this. Marking as a bug.

debora-ito avatar Jan 27 '22 01:01 debora-ito

Is it possible to get this fixed ?

nicolas-vivot avatar May 31 '22 01:05 nicolas-vivot

This is still an issue, here is how you can add the hint in Spring Boot 3 and Kotlin:

@Configuration
@ImportRuntimeHints(StsRuntineHints::class)
class AwsStsRuntimeHints

class StsRuntineHints : RuntimeHintsRegistrar {
    override fun registerHints(hints: RuntimeHints, classLoader: ClassLoader?) {
        hints.reflection().registerType(StsWebIdentityCredentialsProviderFactory::class.java)
    }
}

eduanb avatar Feb 18 '23 09:02 eduanb