From e1a582d9d8278af1b0466238693106e7f6248169 Mon Sep 17 00:00:00 2001
From: Meena Peri <meenapk@amazon.com>
Date: Mon, 2 Oct 2023 12:43:50 -0500
Subject: [PATCH] Java Auth and auth lib changes v1.0

---
 clients/sellingpartner-api-aa-java/README.md  |  8 +++---
 .../templates/ApiClient.mustache              | 15 ++++++++--
 .../swagger-codegen/templates/api.mustache    | 28 ++++++++++---------
 3 files changed, 32 insertions(+), 19 deletions(-)

diff --git a/clients/sellingpartner-api-aa-java/README.md b/clients/sellingpartner-api-aa-java/README.md
index 1b9acfd..44620d6 100644
--- a/clients/sellingpartner-api-aa-java/README.md
+++ b/clients/sellingpartner-api-aa-java/README.md
@@ -66,10 +66,10 @@ AWSAuthenticationCredentialsProvider awsAuthenticationCredentialsProvider = AWSA
                .build();
                
 com.squareup.okhttp.Request signedRequest = new 
-     AWSSigV4Signer(awsAuthenticationCredentialsProvider.getCredentials())
+     AWSSigV4Signer(awsAuthenticationCredentialsProvider)
     .sign(request);
-
 ```
+Note **AWSSigV4 Authentication is now optional**
 
 ## LWAAccessTokenCache
 Interface to implement cache for access token that is returned in LWAClient and reuse the access token until time to live.
@@ -79,7 +79,6 @@ Interface to set and get rateLimit configurations that are used with RateLimiter
 
 *Example*
 ```
-
 com.squareup.okhttp.Request request = new Request.Builder()
     .url(...)
     ...
@@ -89,8 +88,9 @@ com.squareup.okhttp.Request request = new Request.Builder()
                 .rateLimitPermit(...)
                 .waitTimeOutInMilliSeconds(...)
                 .build();
-
 ```
+## Version
+Selling Partner API Authentication/Authorization Library version 1.0
 
 ## Resources
 This package features Mustache templates designed for use with [swagger codegen](https://swagger.io/tools/swagger-codegen/). 
diff --git a/clients/sellingpartner-api-aa-java/resources/swagger-codegen/templates/ApiClient.mustache b/clients/sellingpartner-api-aa-java/resources/swagger-codegen/templates/ApiClient.mustache
index 993d2e2..bf10a3f 100644
--- a/clients/sellingpartner-api-aa-java/resources/swagger-codegen/templates/ApiClient.mustache
+++ b/clients/sellingpartner-api-aa-java/resources/swagger-codegen/templates/ApiClient.mustache
@@ -1049,11 +1049,22 @@ public class ApiClient {
         }
 
         request = lwaAuthorizationSigner.sign(request);
-        request = awsSigV4Signer.sign(request);
-
+        // Only sign the request using awsSigV4Signer if its setup and request is to an AmazonBusiness endpoint
+        if(awsSigV4Signer != null && isABEndpoint()) {
+            request = awsSigV4Signer.sign(request);
+        }
         return request;
     }
 
+    /**
+    * Find if the endpoint is for AmazonBusiness
+    *
+    * @return True, if client is setup with an AmazonBusiness endpoint else return false
+    */
+    public boolean isABEndpoint() {
+        return basePath.contains("business-api.amazon.com");
+    }
+
     /**
      * Build full URL by concatenating base path, the given sub path and query parameters.
      *
diff --git a/clients/sellingpartner-api-aa-java/resources/swagger-codegen/templates/api.mustache b/clients/sellingpartner-api-aa-java/resources/swagger-codegen/templates/api.mustache
index 8850f1a..19c7c8f 100644
--- a/clients/sellingpartner-api-aa-java/resources/swagger-codegen/templates/api.mustache
+++ b/clients/sellingpartner-api-aa-java/resources/swagger-codegen/templates/api.mustache
@@ -333,10 +333,6 @@ public class {{classname}} {
         
 
         public {{classname}} build() {
-            if (awsAuthenticationCredentials == null && awsAuthenticationCustomCredentialsProvider == null) {
-                throw new RuntimeException("Neither AWSAuthenticationCredentials or AWSAuthenticationCustomCredentialsProvider are set");
-            }
-
             if (lwaAuthorizationCredentials == null) {
                 throw new RuntimeException("LWAAuthorizationCredentials not set");
             }
@@ -345,15 +341,16 @@ public class {{classname}} {
                 throw new RuntimeException("Endpoint not set");
             }
 
-            AWSSigV4Signer awsSigV4Signer;
+            AWSSigV4Signer awsSigV4Signer = null;
             if (awsAuthenticationCustomCredentialsProvider != null ) {
                 awsSigV4Signer = new AWSSigV4Signer(awsAuthenticationCustomCredentialsProvider);
             }
-            else if (awsAuthenticationCredentialsProvider == null) {
-                awsSigV4Signer = new AWSSigV4Signer(awsAuthenticationCredentials);
-            }
-            else {
-                awsSigV4Signer = new AWSSigV4Signer(awsAuthenticationCredentials,awsAuthenticationCredentialsProvider);
+            else if (awsAuthenticationCredentials != null) {
+                if (awsAuthenticationCredentialsProvider == null) {
+                    awsSigV4Signer = new AWSSigV4Signer(awsAuthenticationCredentials);
+                } else {
+                    awsSigV4Signer = new AWSSigV4Signer(awsAuthenticationCredentials, awsAuthenticationCredentialsProvider);
+                }
             }
             
             LWAAuthorizationSigner lwaAuthorizationSigner = null;            
@@ -367,11 +364,16 @@ public class {{classname}} {
                  lwaAuthorizationSigner = new LWAAuthorizationSigner(lwaAuthorizationCredentials,lwaAccessTokenCache);
             }
 
-            return new {{classname}}(new ApiClient()
-                .setAWSSigV4Signer(awsSigV4Signer)
+            ApiClient apiClient = new ApiClient()
                 .setLWAAuthorizationSigner(lwaAuthorizationSigner)
                 .setBasePath(endpoint)
-                .setRateLimiter(rateLimitConfiguration));
+                .setRateLimiter(rateLimitConfiguration);
+
+            if (awsSigV4Signer != null) {
+                apiClient.setAWSSigV4Signer(awsSigV4Signer);
+            }
+
+            return new {{classname}}(apiClient);
         }
     }
 }