Add more validation of arguments

alextwoods · alextwoods · commit 520bda767225 · 2025-10-27T13:00:56.000-07:00
diff --git a/services/signin/src/main/java/software/amazon/awssdk/services/signin/internal/DpopHeaderGenerator.java b/services/signin/src/main/java/software/amazon/awssdk/services/signin/internal/DpopHeaderGenerator.java
@@ -29,6 +29,7 @@
 import software.amazon.awssdk.annotations.SdkInternalApi;
 import software.amazon.awssdk.protocols.jsoncore.JsonWriter;
 import software.amazon.awssdk.utils.Pair;
+import software.amazon.awssdk.utils.Validate;
 
 /**
  * Utilities that implement rfc9449 - OAuth 2.0 Demonstrating Proof of Possession (DPoP)
@@ -65,6 +66,10 @@ private DpopHeaderGenerator() {
      * @return DPoP header value
      */
     public static String generateDPoPProofHeader(String pemContent, String endpoint, long epochSeconds, String uuid) {
+        Validate.notBlank(pemContent, "pemContent must be set.");
+        Validate.notBlank(endpoint, "endpoint must be set.");
+        Validate.notBlank(uuid, "uuid must be set.");
+
         try {
             // Load EC public and private key from PEM
             Pair<ECPrivateKey, ECPublicKey> keys = EcKeyLoader.loadSec1Pem(pemContent);
diff --git a/services/signin/src/test/java/software/amazon/awssdk/services/signin/auth/internal/DpopHeaderGeneratorTest.java b/services/signin/src/test/java/software/amazon/awssdk/services/signin/auth/internal/DpopHeaderGeneratorTest.java
@@ -86,6 +86,27 @@ public void testGenerateAndVerifyDPoPHeader() throws Exception {
         assertTrue(verified, "DPoP ES256 signature should verify correctly");
     }
 
+    @Test
+    public void missingArguments_raisesException() {
+        assertThrows(IllegalArgumentException.class, () -> {
+            DpopHeaderGenerator.generateDPoPProofHeader(
+                "", "https://example.com",
+                Instant.now().getEpochSecond(), UUID.randomUUID().toString());
+        });
+
+        assertThrows(IllegalArgumentException.class, () -> {
+            DpopHeaderGenerator.generateDPoPProofHeader(
+                VALID_TEST_PEM, "",
+                Instant.now().getEpochSecond(), UUID.randomUUID().toString());
+        });
+
+        assertThrows(IllegalArgumentException.class, () -> {
+            DpopHeaderGenerator.generateDPoPProofHeader(
+                VALID_TEST_PEM, "https://example.com",
+                Instant.now().getEpochSecond(), "");
+        });
+    }
+
     @Test
     public void invalidKey_raisesException() {
         assertThrows(IllegalArgumentException.class, () -> {
