testing

Author: pulimsr

src/aws-cpp-sdk-core/source/internal/AWSHttpResourceClient.cpp

@@ -119,7 +119,6 @@ namespace Aws
             }
             std::shared_ptr<HttpRequest> request(CreateHttpRequest(ss.str(), HttpMethod::HTTP_GET,
                                                                    Aws::Utils::Stream::DefaultResponseStreamFactoryMethod));
-
             request->SetUserAgent(m_userAgent);
 
             if (authToken)
@@ -133,6 +132,12 @@ namespace Aws
         AmazonWebServiceResult<Aws::String> AWSHttpResourceClient::GetResourceWithAWSWebServiceResult(const std::shared_ptr<HttpRequest> &httpRequest) const
         {
             AWS_LOGSTREAM_TRACE(m_logtag.c_str(), "Retrieving credentials from " << httpRequest->GetURIString());
+            Aws::Http::URI uri(httpRequest->GetURIString());
+            if (!Aws::Utils::IsValidHost(uri.GetHost())) {
+                AWS_LOGSTREAM_FATAL(m_logtag.c_str(), "Invalid endpoint host constructed: "<< uri.GetHost());
+                return {{}, {}, HttpResponseCode::REQUEST_NOT_MADE};
+            }
+
             if (!m_httpClient)
             {
                 AWS_LOGSTREAM_FATAL(m_logtag.c_str(), "Unable to get a response: missing http client!");
@@ -552,15 +557,6 @@ namespace Aws
                 ss << ".cn";
             }
 
-            Aws::Http::URI uri(ss.str());
-            if (!Aws::Utils::IsValidHost(uri.GetHost()))
-            {
-                AWS_LOGSTREAM_ERROR(STS_RESOURCE_CLIENT_LOG_TAG,
-                    "Invalid endpoint host constructed: " << uri.GetHost());
-                m_endpoint.clear();
-                return;
-            }
-
             m_endpoint =  ss.str();
 
             AWS_LOGSTREAM_INFO(STS_RESOURCE_CLIENT_LOG_TAG, "Creating STS ResourceClient with endpoint: " << m_endpoint);
@@ -696,15 +692,6 @@ namespace Aws
             {
                 ss << ".cn";
             }
-            ss.str();
-
-            Aws::Http::URI uri(ss.str());
-            if (!Aws::Utils::IsValidHost(uri.GetHost()))
-            {
-                AWS_LOGSTREAM_ERROR(SSO_RESOURCE_CLIENT_LOG_TAG,
-                    "Invalid endpoint host constructed: " << uri.GetHost());
-                return {};
-            }
 
             return ss.str();
         }

tests/aws-cpp-sdk-core-tests/aws/auth/AWSCredentialsProviderTest.cpp

@@ -956,6 +956,48 @@ sso_start_url = https://d-92671207e4.awsapps.com/start
     ASSERT_TRUE(mockHttpClient->GetAllRequestsMade().empty());
 }
 
+TEST_F(SSOCredentialsProviderTest, TestInvalidRegionCredentials)
+{
+    AWS_LOGSTREAM_DEBUG("TEST_SSO", "Preparing Test Token file in: " << m_ssoTokenFileName);
+    Aws::OFStream tokenFile(m_ssoTokenFileName.c_str(), Aws::OFStream::out | Aws::OFStream::trunc);
+    tokenFile << R"({
+    "accessToken": "base64string",
+    "expiresAt": ")";
+    tokenFile << DateTime::Now().GetYear() + 1;
+    tokenFile << R"(-01-02T00:00:00Z",
+    "region": "us-west-2",
+    "startUrl": "https://d-92671207e4.awsapps.com/start"
+})";
+    tokenFile.close();
+
+    Aws::OFStream configFile(m_configFileName.c_str(), Aws::OFStream::out | Aws::OFStream::trunc);
+    configFile << R"([default]
+sso_account_id = 012345678901
+sso_region = @amazon.com#
+sso_role_name = SampleRole
+sso_start_url = https://d-92671207e4.awsapps.com/start
+)";
+    configFile.close();
+
+    // Mock DNS/connection failure for invalid region
+    std::shared_ptr<HttpRequest> requestTmp = CreateHttpRequest(URI("https://[email protected]#.amazonaws.com/federation/credentials"), HttpMethod::HTTP_GET, Aws::Utils::Stream::DefaultResponseStreamFactoryMethod);
+    std::shared_ptr<StandardHttpResponse> dnsFailureResponse = Aws::MakeShared<StandardHttpResponse>(AllocationTag, requestTmp);
+    dnsFailureResponse->SetResponseCode(HttpResponseCode::REQUEST_NOT_MADE);
+    mockHttpClient->AddResponseToReturn(dnsFailureResponse);
+
+    Aws::Config::ReloadCachedConfigFile();
+    SSOCredentialsProvider provider;
+
+    auto creds = provider.GetAWSCredentials();
+    ASSERT_TRUE(creds.IsEmpty());
+    
+    // Check if any requests were made before calling GetMostRecentHttpRequest
+    if (!mockHttpClient->GetAllRequestsMade().empty()) {
+        auto request = mockHttpClient->GetMostRecentHttpRequest();
+        ASSERT_TRUE(request.GetURIString().find("@amazon.com#") != std::string::npos);
+    }
+}
+
 class AWSCredentialsTest : public Aws::Testing::AwsCppSdkGTestSuite
 {
 };