3 files changed, 32 insertions, 9 deletions

diff --git a/src/k2v-client/Cargo.toml b/src/k2v-client/Cargo.toml
index 7c0462a5..9f27c47d 100644
--- a/src/k2v-client/Cargo.toml
+++ b/src/k2v-client/Cargo.toml
@@ -15,6 +15,7 @@ hex.workspace = true
 http.workspace = true
 log.workspace = true
 aws-sigv4.workspace = true
+aws-sdk-config.workspace = true
 percent-encoding.workspace = true
 hyper = { workspace = true, default-features = false, features = ["client", "http1", "http2"] }
 hyper-rustls.workspace = true
diff --git a/src/k2v-client/error.rs b/src/k2v-client/error.rs
index 564ce497..aa84ee9f 100644
--- a/src/k2v-client/error.rs
+++ b/src/k2v-client/error.rs
@@ -27,7 +27,7 @@ pub enum Error {
 	#[error("deserialization error: {0}")]
 	Deserialization(#[from] serde_json::Error),
 	#[error("invalid signature parameters: {0}")]
-	SignParameters(#[from] aws_sigv4::signing_params::BuildError),
+	SignParameters(#[from] aws_sigv4::sign::v4::signing_params::BuildError),
 	#[error("could not sign request: {0}")]
 	SignRequest(#[from] aws_sigv4::http_request::SigningError),
 	#[error("request timed out")]
diff --git a/src/k2v-client/lib.rs b/src/k2v-client/lib.rs
index 4aa7a20a..4977ce85 100644
--- a/src/k2v-client/lib.rs
+++ b/src/k2v-client/lib.rs
@@ -13,7 +13,9 @@ use hyper::{body::Bytes, Body};
 use hyper::{client::connect::HttpConnector, Client as HttpClient};
 use hyper_rustls::HttpsConnector;
 
-use aws_sigv4::http_request::{sign, SignableRequest, SigningParams, SigningSettings};
+use aws_sdk_config::config::Credentials;
+use aws_sigv4::http_request::{sign, SignableBody, SignableRequest, SigningSettings};
+use aws_sigv4::sign::v4::SigningParams;
 
 use serde::de::Error as DeError;
 use serde::{Deserialize, Deserializer, Serialize, Serializer};
@@ -363,21 +365,37 @@ impl K2vClient {
 
 		// Sign request
 		let signing_settings = SigningSettings::default();
+		let identity = Credentials::new(
+			&self.config.aws_access_key_id,
+			&self.config.aws_secret_access_key,
+			None,
+			None,
+			"k2v-client",
+		)
+		.into();
 		let signing_params = SigningParams::builder()
-			.access_key(&self.config.aws_access_key_id)
-			.secret_key(&self.config.aws_secret_access_key)
+			.identity(&identity)
 			.region(&self.config.region)
-			.service_name(SERVICE)
+			.name(SERVICE)
 			.time(SystemTime::now())
 			.settings(signing_settings)
-			.build()?;
+			.build()?
+			.into();
 		// Convert the HTTP request into a signable request
-		let signable_request = SignableRequest::from(&req);
+		let signable_request = SignableRequest::new(
+			req.method().as_str(),
+			req.uri().to_string(),
+			// TODO: get rid of Unwrap
+			req.headers()
+				.iter()
+				.map(|(x, y)| (x.as_str(), y.to_str().unwrap())),
+			SignableBody::Bytes(req.body().as_ref()),
+		)?;
 
 		// Sign and then apply the signature to the request
 		let (signing_instructions, _signature) =
 			sign(signable_request, &signing_params)?.into_parts();
-		signing_instructions.apply_to_request(&mut req);
+		signing_instructions.apply_to_request_http0x(&mut req);
 
 		// Send and wait for timeout
 		let res = tokio::select! {
@@ -451,7 +469,11 @@ impl K2vClient {
 	}
 
 	fn build_url<V: AsRef<str>>(&self, partition_key: Option<&str>, query: &[(&str, V)]) -> String {
-		let mut url = format!("{}/{}", self.config.endpoint, self.config.bucket);
+		let mut url = format!(
+			"{}/{}",
+			self.config.endpoint.trim_end_matches('/'),
+			self.config.bucket
+		);
 		if let Some(pk) = partition_key {
 			url.push('/');
 			url.extend(utf8_percent_encode(pk, &PATH_ENCODE_SET));