Fix S3Express utils and tests for auth scheme resolution pipeline migration

[S-Saranya1]

Motivation and Context

After moving auth scheme resolution and endpoint resolution from interceptors to pipeline stages (#6755, #6820), S3ExpressUtils methods that checked RESOLVED_ENDPOINT or SELECTED_AUTH_SCHEME no longer work at interceptor time, these values aren't set until the pipeline stages run (after all interceptors).

Modifications

• S3ExpressUtils — replaced checks that depended on RESOLVED_ENDPOINT and SELECTED_AUTH_SCHEME with bucket name suffix check (--x-s3) and auth scheme options check, which work before pipeline stages run.
• EnableTrailingChecksumInterceptor and DefaultS3CrtAsyncClient — updated to use the new S3ExpressUtils methods.
• EndpointResolverUtilsSpec (codegen) — pass resolved endpoint directly to business metric method instead of reading from execution attributes.
• Test interceptors — added null guard for host parsing and moved SELECTED_AUTH_SCHEME read to beforeTransmission where it's available.

Testing

Ran existing S3Express tests.

Screenshots (if appropriate)

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)

Checklist

• I have read the CONTRIBUTING document
• Local run of mvn install succeeds
• My code follows the code style of this project
• My change requires a change to the Javadoc documentation
• I have updated the Javadoc documentation accordingly
• I have added tests to cover my changes
• All new and existing tests passed
• I have added a changelog entry. Adding a new entry must be accomplished by running the scripts/new-change script and following the instructions. Commit the new file created by the script in .changes/next-release with your changes.
• My change is to implement 1.11 parity feature and I have updated LaunchChangelog

License

• I confirm that this pull request can be released under the Apache 2 license

[joviegas]

Can we make it as a Constant ?

[S-Saranya1]

Done

[joviegas]

Nit/Not blocking query: The endpoint ruleset

aws-sdk-java-v2/services/s3/src/main/resources/codegen-resources/endpoint-rule-set.json

Lines 261 to 280 in 2619c3d

	"fn": "substring",
	"argv": [
	{
	"ref": "Bucket"
	},
	0,
	6,
	true
	],
	"assign": "bucketSuffix"
	},
	{
	"fn": "stringEquals",
	"argv": [
	{
	"ref": "bucketSuffix"
	},
	"--x-s3"
	]
	}

determines S3Express by checking if the bucket name ends with --x-s3. This ruleset is auto-updated without SDK code changes. isS3ExpressBucket duplicates this logic with a hardcoded endsWith("--x-s3"). If the service adds a new S3Express suffix (say, --exp-s3) in a future ruleset update, this hardcoded check would silently fail to match. Is it possible to add a test that validates the S3Express suffix in the ruleset matches what isS3ExpressBucket checks, so we catch any mismatch when the ruleset updates?

[S-Saranya1]

yeah makes sense, added tests for this.

[joviegas]

The previous code checked SELECTED_AUTH_SCHEME, which is set by S3AuthSchemeInterceptor.beforeExecution. The new isS3ExpressAuthRequest
depends on AUTH_SCHEME_OPTIONS_RESOLVER being available. If null, it silently returns false.
Do we have tests verifying USE_S3_EXPRESS_AUTH is correctly set in the CRT path for:

1. S3 Express bucket with default config → USE_S3_EXPRESS_AUTH is true
2. S3 Express bucket with disableS3ExpressSessionAuth(true) → USE_S3_EXPRESS_AUTH is false

[S-Saranya1]

We dont have any currently, added tests for these cases.

[joviegas]

Can we please assert rulesetSuffix is equal to "--x-s3" ?

[S-Saranya1]

Done

[joviegas]

Approved with comment to add assertion to make sure "--x-s3" = rulesetSuffix

    void isS3ExpressBucket_suffixMatchesEndpointRuleset() throws IOException {

[github-actions]

This pull request has been closed and the conversation has been locked. Comments on closed PRs are hard for our team to see. If you need more assistance, please open a new issue that references this one.