Open jasonmac01 opened 4 years ago
dshumm
commented
4 years ago I was gonna ask the same as I saw the feature (Amazon's Signature V4 support) was already added to the Go client generator in OpenAPI Geneator (community fork of swagger-codegen)
I'm still using a custom generator based on Swagger Codegen so prefer adding the feature in Swagger Codegen.
Ref: https://github.com/OpenAPITools/openapi-generator/pull/4784
mongoDynamo
commented
2 years ago +1
Would really like to see this handled for the reason of simplicity as well as to be a canonical example of AWS4 signing best practice. Up until now I've been adding an AWS4 utility through the use of regular Apache HTTP and AWS Apache Interceptor : https://github.com/amazon-archives/aws-request-signing-apache-interceptor
Personally would like to see this done for Java, and by virtue should also apply for Kotlin.
zbarr
commented
2 years ago +1
Swagger Codegen team,
Would there be any appetite for supporting the ability to sign requests from client SDKs, using Amazon's Signature V4 (SigV4)?
Amazon's API Gateway provides vendor extensions for modeling these requirements in Swagger and OpenAPI 3 here. These will likely be simplified in their new HTTP API offering as well in the near future.
Would you argue that it's frowned upon to support vendor extensions in the CodeGen project? Or perhaps there is some sort of "opt-in" mechanism at runtime to indicate that the user wants the vendor's extensions to be interpreted?
Disclosure
I work on the API Gateway team. We've previously generated SDKs for our customers using internal systems. We are considering a new direction whereby customers would be encouraged to use Swagger Codegen, but the lack of SigV4 signing may be a problem for many customers who use it to protect their APIs.
We are considering adding the support to this project, but would appreciate the team's opinion before digging into it.