From 400dda05c89f4dd66fbdfd161ef4d43bf121b04d Mon Sep 17 00:00:00 2001
From: Zoe Wang <33073555+zoewangg@users.noreply.github.com>
Date: Thu, 27 Nov 2025 14:05:38 -0800
Subject: [PATCH] Address TODOs

---
 .../awssdk/auth/credentials/AwsBasicCredentials.java      | 1 -
 .../authcontext/AwsCredentialsAuthorizationStrategy.java  | 2 +-
 .../internal/authcontext/TokenAuthorizationStrategy.java  | 2 +-
 .../auth/aws/internal/signer/V4RequestSigningResult.java  | 2 --
 .../auth/aws/internal/signer/io/ChecksumSubscriber.java   | 4 +++-
 .../auth/aws/internal/signer/io/InMemoryPublisher.java    | 3 +--
 .../async/ChecksumCalculatingAsyncRequestBody.java        | 8 ++++----
 .../upload/UploadTransferManagerRegressionTesting.java    | 7 -------
 8 files changed, 10 insertions(+), 19 deletions(-)

diff --git a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/AwsBasicCredentials.java b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/AwsBasicCredentials.java
index 696d35aa9c15..b0a003866b3e 100644
--- a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/AwsBasicCredentials.java
+++ b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/AwsBasicCredentials.java
@@ -47,7 +47,6 @@ public final class AwsBasicCredentials implements AwsCredentials,
      * <p>
      * This should be accessed via {@link AnonymousCredentialsProvider#resolveCredentials()}.
      */
-    // TODO(sra-identity-and-auth): Check if this static member can be removed after cleanup
     @SdkInternalApi
     static final AwsBasicCredentials ANONYMOUS_CREDENTIALS = builder().validateCredentials(false).build();
 
diff --git a/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/authcontext/AwsCredentialsAuthorizationStrategy.java b/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/authcontext/AwsCredentialsAuthorizationStrategy.java
index a14e163cae1d..703bfcc21c1a 100644
--- a/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/authcontext/AwsCredentialsAuthorizationStrategy.java
+++ b/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/authcontext/AwsCredentialsAuthorizationStrategy.java
@@ -110,7 +110,7 @@ private static AwsCredentialsIdentity resolveCredentials(
             MetricCollector metricCollector) {
         Validate.notNull(credentialsProvider, "No credentials provider exists to resolve credentials from.");
 
-        // TODO(sra-identity-and-auth): internal issue SMITHY-1677. avoid join for async clients.
+        // TODO(technical-debt-reduction): internal issue JAVA-7739. avoid join for async clients.
         Pair<? extends AwsCredentialsIdentity, Duration> measured =
             MetricUtils.measureDuration(() -> CompletableFutureUtils.joinLikeSync(credentialsProvider.resolveIdentity()));
 
diff --git a/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/authcontext/TokenAuthorizationStrategy.java b/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/authcontext/TokenAuthorizationStrategy.java
index 81c0f53ddd0c..38a9e4a6c3c9 100644
--- a/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/authcontext/TokenAuthorizationStrategy.java
+++ b/core/aws-core/src/main/java/software/amazon/awssdk/awscore/internal/authcontext/TokenAuthorizationStrategy.java
@@ -87,7 +87,7 @@ private static TokenIdentity resolveToken(IdentityProvider<? extends TokenIdenti
                                               MetricCollector metricCollector) {
         Validate.notNull(tokenProvider, "No token provider exists to resolve a token from.");
 
-        // TODO(sra-identity-and-auth): internal issue SMITHY-1677. avoid join for async clients.
+        // TODO(technical-debt-reduction): internal issue JAVA-7739. avoid join for async clients.
         Pair<TokenIdentity, Duration> measured =
             MetricUtils.measureDuration(() -> CompletableFutureUtils.joinLikeSync(tokenProvider.resolveIdentity()));
         metricCollector.reportMetric(CoreMetric.TOKEN_FETCH_DURATION, measured.right());
diff --git a/core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/internal/signer/V4RequestSigningResult.java b/core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/internal/signer/V4RequestSigningResult.java
index c1ee51e51eef..8c24507927a4 100644
--- a/core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/internal/signer/V4RequestSigningResult.java
+++ b/core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/internal/signer/V4RequestSigningResult.java
@@ -22,8 +22,6 @@
  * A container for data produced during and as a result of the SigV4 request signing process.
  */
 @SdkInternalApi
-// TODO(sra-identity-auth): This is currently not @Immutable because signedRequest is a Builder. Is Builder needed? If it could
-//  hold reference to SdkHttpRequest instead, this class would be @Immutable.
 public final class V4RequestSigningResult {
     private final String contentHash;
     private final byte[] signingKey;
diff --git a/core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/internal/signer/io/ChecksumSubscriber.java b/core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/internal/signer/io/ChecksumSubscriber.java
index 8ce5e72c4290..3e1a878a1d0f 100644
--- a/core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/internal/signer/io/ChecksumSubscriber.java
+++ b/core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/internal/signer/io/ChecksumSubscriber.java
@@ -28,7 +28,9 @@
 import software.amazon.awssdk.annotations.SdkInternalApi;
 
 /**
- * A subscriber that takes a collection of checksums, and updates each checksum when it receives data.
+ * A subscriber that takes a collection of checksums, and updates each checksum when it receives data. It buffers the entire data
+ * in memory. This should only be used by non-streaming operations. Use {@link UnbufferedChecksumSubscriber} instead to avoid
+ * buffering.
  */
 @SdkInternalApi
 public final class ChecksumSubscriber implements Subscriber<ByteBuffer> {
diff --git a/core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/internal/signer/io/InMemoryPublisher.java b/core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/internal/signer/io/InMemoryPublisher.java
index 68d9c86df43c..f094ce61ad11 100644
--- a/core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/internal/signer/io/InMemoryPublisher.java
+++ b/core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/internal/signer/io/InMemoryPublisher.java
@@ -27,8 +27,7 @@
 import software.amazon.awssdk.utils.Validate;
 
 /**
- * Temporarily used for buffering all data into memory. TODO(sra-identity-auth): Remove this by supporting chunked encoding. We
- * should not buffer everything into memory.
+ * Temporarily used for buffering all data into memory.
  */
 @SdkInternalApi
 public class InMemoryPublisher implements Publisher<ByteBuffer> {
diff --git a/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/async/ChecksumCalculatingAsyncRequestBody.java b/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/async/ChecksumCalculatingAsyncRequestBody.java
index c903829d07e2..54fdd978c7e6 100644
--- a/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/async/ChecksumCalculatingAsyncRequestBody.java
+++ b/core/sdk-core/src/main/java/software/amazon/awssdk/core/internal/async/ChecksumCalculatingAsyncRequestBody.java
@@ -43,10 +43,10 @@
 import software.amazon.awssdk.utils.builder.SdkBuilder;
 
 /**
- * Wrapper class to wrap an AsyncRequestBody.
- * This will read the data in chunk format and append Checksum as trailer at the end.
- * TODO(sra-identity-and-auth): Checksum calculating logic for async client is still here and should be in
- * "http-auth-aws", more specifically, AwsChunkedV4PayloadSigner#signAsync
+ * Wrapper class to wrap an AsyncRequestBody to calculate checksum as it reads data and append Checksum as trailer at the end.
+ *
+ * <p>
+ * This is only used by non-sra code path, i.e., when a custom legacy signer is provided.
  */
 @SdkInternalApi
 public class ChecksumCalculatingAsyncRequestBody implements AsyncRequestBody {
diff --git a/test/s3-tests/src/it/java/software/amazon/awssdk/services/s3/regression/upload/UploadTransferManagerRegressionTesting.java b/test/s3-tests/src/it/java/software/amazon/awssdk/services/s3/regression/upload/UploadTransferManagerRegressionTesting.java
index 91d1f0a68a40..e0c6aca8c323 100644
--- a/test/s3-tests/src/it/java/software/amazon/awssdk/services/s3/regression/upload/UploadTransferManagerRegressionTesting.java
+++ b/test/s3-tests/src/it/java/software/amazon/awssdk/services/s3/regression/upload/UploadTransferManagerRegressionTesting.java
@@ -56,13 +56,6 @@ void putObject(UploadConfig config) throws Exception {
         Assumptions.assumeFalse(config.getBodyType() == BodyType.CONTENT_PROVIDER_WITH_LENGTH,
                                 "No way to create AsyncRequestBody by giving both an Publisher and the content length");
 
-        // Payload signing doesn't work correctly for async java based
-        // TODO(sra-identity-auth) remove when chunked encoding support is added in async code path
-        // MRAP requires body signing
-        Assumptions.assumeFalse(
-            config.isPayloadSigning() || config.getBucketType() == BucketType.MRAP,
-            "Async payload signing doesn't work with Java based clients");
-
         LOG.info(() -> "Running putObject with config: " + config);
 
         BucketType bucketType = config.getBucketType();