From 45b44d4a34b77afc1b9073fee0a11751e35cdc34 Mon Sep 17 00:00:00 2001
From: Noah Beard <ncbeard@amazon.com>
Date: Thu, 21 Apr 2022 18:07:43 -0400
Subject: [PATCH 1/2] Added code to use mqtt in alpnList if trying to use
 custom authorizer

---
 .../amazon/awssdk/iot/AwsIotMqttConnectionBuilder.java    | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/sdk/src/main/java/software/amazon/awssdk/iot/AwsIotMqttConnectionBuilder.java b/sdk/src/main/java/software/amazon/awssdk/iot/AwsIotMqttConnectionBuilder.java
index 7c1ff5912..91e416f1a 100644
--- a/sdk/src/main/java/software/amazon/awssdk/iot/AwsIotMqttConnectionBuilder.java
+++ b/sdk/src/main/java/software/amazon/awssdk/iot/AwsIotMqttConnectionBuilder.java
@@ -516,6 +516,14 @@ public MqttClientConnection build() {
         // This does mean that once you call build() once, modifying the tls context options or client bootstrap
         // has no affect on subsequently-created connections.
         synchronized(this) {
+            // Is this going to a custom authorizer at the correct (433) port? If so change the alpnList to "mqtt".
+            if (config.getUsername() != null) {
+                if (config.getUsername().contains("x-amz-customauthorizer-name")) {
+                    tlsOptions.alpnList.clear();
+                    tlsOptions.alpnList.add("mqtt");
+                }
+            }
+
             if (tlsOptions != null && (tlsContext == null || resetLazilyCreatedResources)) {
                 try (ClientTlsContext clientTlsContext = new ClientTlsContext(tlsOptions)) {
                     swapReferenceTo(tlsContext, clientTlsContext);

From a890203ad4c6c5cf711fbdeaf7e9bc1245afde34 Mon Sep 17 00:00:00 2001
From: Noah Beard <ncbeard@amazon.com>
Date: Thu, 21 Apr 2022 18:12:22 -0400
Subject: [PATCH 2/2] Add back port check to custom authorizer condition

---
 .../amazon/awssdk/iot/AwsIotMqttConnectionBuilder.java        | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sdk/src/main/java/software/amazon/awssdk/iot/AwsIotMqttConnectionBuilder.java b/sdk/src/main/java/software/amazon/awssdk/iot/AwsIotMqttConnectionBuilder.java
index 91e416f1a..d120922f6 100644
--- a/sdk/src/main/java/software/amazon/awssdk/iot/AwsIotMqttConnectionBuilder.java
+++ b/sdk/src/main/java/software/amazon/awssdk/iot/AwsIotMqttConnectionBuilder.java
@@ -516,9 +516,9 @@ public MqttClientConnection build() {
         // This does mean that once you call build() once, modifying the tls context options or client bootstrap
         // has no affect on subsequently-created connections.
         synchronized(this) {
-            // Is this going to a custom authorizer at the correct (433) port? If so change the alpnList to "mqtt".
+            // Is this going to a custom authorizer at the correct (443) port? If so change the alpnList to "mqtt".
             if (config.getUsername() != null) {
-                if (config.getUsername().contains("x-amz-customauthorizer-name")) {
+                if (config.getUsername().contains("x-amz-customauthorizer-name") && config.getPort() == 443) {
                     tlsOptions.alpnList.clear();
                     tlsOptions.alpnList.add("mqtt");
                 }