Minor update to error handling when cert cant bve loaded

alextwoods · alextwoods · commit 5211d8360e1c · 2025-11-11T10:36:38.000-08:00
diff --git a/services/signin/pom.xml b/services/signin/pom.xml
@@ -56,5 +56,10 @@
             <artifactId>http-auth-aws</artifactId>
             <version>${awsjavasdk.version}</version>
         </dependency>
+        <dependency>
+            <groupId>software.amazon.awssdk</groupId>
+            <artifactId>profiles</artifactId>
+            <version>${awsjavasdk.version}</version>
+        </dependency>
     </dependencies>
 </project>
diff --git a/services/signin/src/main/java/software/amazon/awssdk/services/signin/internal/DpopAuthPlugin.java b/services/signin/src/main/java/software/amazon/awssdk/services/signin/internal/DpopAuthPlugin.java
@@ -21,6 +21,7 @@
 import software.amazon.awssdk.annotations.SdkInternalApi;
 import software.amazon.awssdk.core.SdkPlugin;
 import software.amazon.awssdk.core.SdkServiceClientConfiguration;
+import software.amazon.awssdk.core.exception.SdkClientException;
 import software.amazon.awssdk.http.auth.spi.scheme.AuthSchemeOption;
 import software.amazon.awssdk.http.auth.spi.scheme.AuthSchemeProvider;
 import software.amazon.awssdk.identity.spi.IdentityProvider;
@@ -63,7 +64,11 @@ public void configureClient(SdkServiceClientConfiguration.Builder config) {
         // the refresh request takes the clientId/refreshToken sourced from the access token on disk as input
         // so we must sign the request with the dpopKey loaded from the same load.  IE: do not read the
         // access token file twice!
-        scb.putAuthScheme(DpopAuthScheme.create(StaticDpopIdentityProvider.create(dpopKeyPem)));
+        try {
+            scb.putAuthScheme(DpopAuthScheme.create(StaticDpopIdentityProvider.create(dpopKeyPem)));
+        } catch (Exception e) {
+            throw SdkClientException.create("Unable to refresh Login credentials. Please reauthenticate ", e);
+        }
     }
 
     private static class DpopAuthSchemeProvider implements SigninAuthSchemeProvider {
diff --git a/services/signin/src/main/java/software/amazon/awssdk/services/signin/internal/EcKeyLoader.java b/services/signin/src/main/java/software/amazon/awssdk/services/signin/internal/EcKeyLoader.java
@@ -121,7 +121,6 @@ private static class ParsedEcKey {
         byte[] publicBytes;
     }
 
-
     /**
      * Follows the SEC1 / RFC 5915 ASN.1 format: PrivateKeyInfo ::= SEQUENCE { version INTEGER (0), privateKeyAlgorithm
      * AlgorithmIdentifier, -- ecPublicKey + curve OID privateKey OCTET STRING -- contains the SEC1 DER parameters [0]

Original file line number	Diff line number	Diff line change
`@@ -121,7 +121,6 @@ private static class ParsedEcKey {`
`121`	`121`	`byte[] publicBytes;`
`122`	`122`	`}`
`123`	`123`
`124`		`-`
`125`	`124`	`/**`
`126`	`125`	`* Follows the SEC1 / RFC 5915 ASN.1 format: PrivateKeyInfo ::= SEQUENCE { version INTEGER (0), privateKeyAlgorithm`
`127`	`126`	`* AlgorithmIdentifier, -- ecPublicKey + curve OID privateKey OCTET STRING -- contains the SEC1 DER parameters [0]`