mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2025-06-13 10:33:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

rebase: bump the github-dependencies group with 2 updates

Browse Source 
Bumps the github-dependencies group with 2 updates: [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) and [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2).


Updates `github.com/aws/aws-sdk-go` from 1.47.10 to 1.48.0
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.47.10...v1.48.0)

Updates `github.com/aws/aws-sdk-go-v2/service/sts` from 1.25.1 to 1.25.3
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.25.1...config/v1.25.3)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
This commit is contained in:
dependabot[bot]
2023-11-20 20:28:57 +00:00
committed by mergify[bot]
parent afe3873947
commit b3ce6eff97
59 changed files with 3346 additions and 1574 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go generated vendored
View File

@ -3,4 +3,4 @@
package aws
// goModuleVersion is the tagged release for this module
const goModuleVersion = "1.22.2"
const goModuleVersion = "1.23.0"

14
vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/metadata.go generated vendored
View File

@ -65,6 +65,9 @@ func GetServiceID(ctx context.Context) (v string) {
//
// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues
// to clear all stack values.
//
// Deprecated: This value is unstable. The resolved signing name is available
// in the signer properties object passed to the signer.
func GetSigningName(ctx context.Context) (v string) {
v, _ = middleware.GetStackValue(ctx, signingNameKey{}).(string)
return v
@ -74,6 +77,9 @@ func GetSigningName(ctx context.Context) (v string) {
//
// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues
// to clear all stack values.
//
// Deprecated: This value is unstable. The resolved signing region is available
// in the signer properties object passed to the signer.
func GetSigningRegion(ctx context.Context) (v string) {
v, _ = middleware.GetStackValue(ctx, signingRegionKey{}).(string)
return v
@ -125,10 +131,13 @@ func SetRequiresLegacyEndpoints(ctx context.Context, value bool) context.Context
return middleware.WithStackValue(ctx, requiresLegacyEndpointsKey{}, value)
}
// SetSigningName set or modifies the signing name on the context.
// SetSigningName set or modifies the sigv4 or sigv4a signing name on the context.
//
// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues
// to clear all stack values.
//
// Deprecated: This value is unstable. Use WithSigV4SigningName client option
// funcs instead.
func SetSigningName(ctx context.Context, value string) context.Context {
return middleware.WithStackValue(ctx, signingNameKey{}, value)
}
@ -137,6 +146,9 @@ func SetSigningName(ctx context.Context, value string) context.Context {
//
// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues
// to clear all stack values.
//
// Deprecated: This value is unstable. Use WithSigV4SigningRegion client option
// funcs instead.
func SetSigningRegion(ctx context.Context, value string) context.Context {
return middleware.WithStackValue(ctx, signingRegionKey{}, value)
}

95
vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/middleware.go generated vendored
View File

@ -58,7 +58,7 @@ func (e *SigningError) Unwrap() error {
// S3 PutObject API allows unsigned payload signing auth usage when TLS is enabled, and uses this middleware to
// dynamically switch between unsigned and signed payload based on TLS state for request.
func UseDynamicPayloadSigningMiddleware(stack *middleware.Stack) error {
_, err := stack.Build.Swap(computePayloadHashMiddlewareID, &dynamicPayloadSigningMiddleware{})
_, err := stack.Finalize.Swap(computePayloadHashMiddlewareID, &dynamicPayloadSigningMiddleware{})
return err
}
@ -71,24 +71,22 @@ func (m *dynamicPayloadSigningMiddleware) ID() string {
return computePayloadHashMiddlewareID
}
// HandleBuild sets a resolver that directs to the payload sha256 compute handler.
func (m *dynamicPayloadSigningMiddleware) HandleBuild(
ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler,
// HandleFinalize delegates SHA256 computation according to whether the request
// is TLS-enabled.
func (m *dynamicPayloadSigningMiddleware) HandleFinalize(
ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler,
) (
out middleware.BuildOutput, metadata middleware.Metadata, err error,
out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
) {
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
// if TLS is enabled, use unsigned payload when supported
if req.IsHTTPS() {
return (&unsignedPayload{}).HandleBuild(ctx, in, next)
return (&unsignedPayload{}).HandleFinalize(ctx, in, next)
}
// else fall back to signed payload
return (&computePayloadSHA256{}).HandleBuild(ctx, in, next)
return (&computePayloadSHA256{}).HandleFinalize(ctx, in, next)
}
// unsignedPayload sets the SigV4 request payload hash to unsigned.
@ -104,7 +102,7 @@ type unsignedPayload struct{}
// AddUnsignedPayloadMiddleware adds unsignedPayload to the operation
// middleware stack
func AddUnsignedPayloadMiddleware(stack *middleware.Stack) error {
return stack.Build.Add(&unsignedPayload{}, middleware.After)
return stack.Finalize.Insert(&unsignedPayload{}, "ResolveEndpointV2", middleware.After)
}
// ID returns the unsignedPayload identifier
@ -112,23 +110,16 @@ func (m *unsignedPayload) ID() string {
return computePayloadHashMiddlewareID
}
// HandleBuild sets the payload hash to be an unsigned payload
func (m *unsignedPayload) HandleBuild(
ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler,
// HandleFinalize sets the payload hash magic value to the unsigned sentinel.
func (m *unsignedPayload) HandleFinalize(
ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler,
) (
out middleware.BuildOutput, metadata middleware.Metadata, err error,
out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
) {
// This should not compute the content SHA256 if the value is already
// known. (e.g. application pre-computed SHA256 before making API call).
// Does not have any tight coupling to the X-Amz-Content-Sha256 header, if
// that header is provided a middleware must translate it into the context.
contentSHA := GetPayloadHash(ctx)
if len(contentSHA) == 0 {
contentSHA = v4Internal.UnsignedPayload
if GetPayloadHash(ctx) == "" {
ctx = SetPayloadHash(ctx, v4Internal.UnsignedPayload)
}
ctx = SetPayloadHash(ctx, contentSHA)
return next.HandleBuild(ctx, in)
return next.HandleFinalize(ctx, in)
}
// computePayloadSHA256 computes SHA256 payload hash to sign.
@ -144,13 +135,13 @@ type computePayloadSHA256 struct{}
// AddComputePayloadSHA256Middleware adds computePayloadSHA256 to the
// operation middleware stack
func AddComputePayloadSHA256Middleware(stack *middleware.Stack) error {
return stack.Build.Add(&computePayloadSHA256{}, middleware.After)
return stack.Finalize.Insert(&computePayloadSHA256{}, "ResolveEndpointV2", middleware.After)
}
// RemoveComputePayloadSHA256Middleware removes computePayloadSHA256 from the
// operation middleware stack
func RemoveComputePayloadSHA256Middleware(stack *middleware.Stack) error {
_, err := stack.Build.Remove(computePayloadHashMiddlewareID)
_, err := stack.Finalize.Remove(computePayloadHashMiddlewareID)
return err
}
@ -159,12 +150,17 @@ func (m *computePayloadSHA256) ID() string {
return computePayloadHashMiddlewareID
}
// HandleBuild compute the payload hash for the request payload
func (m *computePayloadSHA256) HandleBuild(
ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler,
// HandleFinalize computes the payload hash for the request, storing it to the
// context. This is a no-op if a caller has previously set that value.
func (m *computePayloadSHA256) HandleFinalize(
ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler,
) (
out middleware.BuildOutput, metadata middleware.Metadata, err error,
out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
) {
if GetPayloadHash(ctx) != "" {
return next.HandleFinalize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, &HashComputationError{
@ -172,14 +168,6 @@ func (m *computePayloadSHA256) HandleBuild(
}
}
// This should not compute the content SHA256 if the value is already
// known. (e.g. application pre-computed SHA256 before making API call)
// Does not have any tight coupling to the X-Amz-Content-Sha256 header, if
// that header is provided a middleware must translate it into the context.
if contentSHA := GetPayloadHash(ctx); len(contentSHA) != 0 {
return next.HandleBuild(ctx, in)
}
hash := sha256.New()
if stream := req.GetStream(); stream != nil {
_, err = io.Copy(hash, stream)
@ -198,7 +186,7 @@ func (m *computePayloadSHA256) HandleBuild(
ctx = SetPayloadHash(ctx, hex.EncodeToString(hash.Sum(nil)))
return next.HandleBuild(ctx, in)
return next.HandleFinalize(ctx, in)
}
// SwapComputePayloadSHA256ForUnsignedPayloadMiddleware replaces the
@ -207,7 +195,7 @@ func (m *computePayloadSHA256) HandleBuild(
// Use this to disable computing the Payload SHA256 checksum and instead use
// UNSIGNED-PAYLOAD for the SHA256 value.
func SwapComputePayloadSHA256ForUnsignedPayloadMiddleware(stack *middleware.Stack) error {
_, err := stack.Build.Swap(computePayloadHashMiddlewareID, &unsignedPayload{})
_, err := stack.Finalize.Swap(computePayloadHashMiddlewareID, &unsignedPayload{})
return err
}
@ -218,13 +206,13 @@ type contentSHA256Header struct{}
// AddContentSHA256HeaderMiddleware adds ContentSHA256Header to the
// operation middleware stack
func AddContentSHA256HeaderMiddleware(stack *middleware.Stack) error {
return stack.Build.Insert(&contentSHA256Header{}, computePayloadHashMiddlewareID, middleware.After)
return stack.Finalize.Insert(&contentSHA256Header{}, computePayloadHashMiddlewareID, middleware.After)
}
// RemoveContentSHA256HeaderMiddleware removes contentSHA256Header middleware
// from the operation middleware stack
func RemoveContentSHA256HeaderMiddleware(stack *middleware.Stack) error {
_, err := stack.Build.Remove((*contentSHA256Header)(nil).ID())
_, err := stack.Finalize.Remove((*contentSHA256Header)(nil).ID())
return err
}
@ -233,12 +221,12 @@ func (m *contentSHA256Header) ID() string {
return "SigV4ContentSHA256Header"
}
// HandleBuild sets the X-Amz-Content-Sha256 header value to the Payload hash
// HandleFinalize sets the X-Amz-Content-Sha256 header value to the Payload hash
// stored in the context.
func (m *contentSHA256Header) HandleBuild(
ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler,
func (m *contentSHA256Header) HandleFinalize(
ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler,
) (
out middleware.BuildOutput, metadata middleware.Metadata, err error,
out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
) {
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
@ -246,8 +234,7 @@ func (m *contentSHA256Header) HandleBuild(
}
req.Header.Set(v4Internal.ContentSHAKey, GetPayloadHash(ctx))
return next.HandleBuild(ctx, in)
return next.HandleFinalize(ctx, in)
}
// SignHTTPRequestMiddlewareOptions is the configuration options for the SignHTTPRequestMiddleware middleware.
@ -332,17 +319,17 @@ type streamingEventsPayload struct{}
// AddStreamingEventsPayload adds the streamingEventsPayload middleware to the stack.
func AddStreamingEventsPayload(stack *middleware.Stack) error {
return stack.Build.Add(&streamingEventsPayload{}, middleware.After)
return stack.Finalize.Add(&streamingEventsPayload{}, middleware.Before)
}
func (s *streamingEventsPayload) ID() string {
return computePayloadHashMiddlewareID
}
func (s *streamingEventsPayload) HandleBuild(
ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler,
func (s *streamingEventsPayload) HandleFinalize(
ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler,
) (
out middleware.BuildOutput, metadata middleware.Metadata, err error,
out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
) {
contentSHA := GetPayloadHash(ctx)
if len(contentSHA) == 0 {
@ -351,7 +338,7 @@ func (s *streamingEventsPayload) HandleBuild(
ctx = SetPayloadHash(ctx, contentSHA)
return next.HandleBuild(ctx, in)
return next.HandleFinalize(ctx, in)
}
// GetSignedRequestSignature attempts to extract the signature of the request.

45
vendor/github.com/aws/aws-sdk-go-v2/internal/auth/auth.go generated vendored Normal file
View File

@ -0,0 +1,45 @@
package auth
import (
"github.com/aws/smithy-go/auth"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// HTTPAuthScheme is the SDK's internal implementation of smithyhttp.AuthScheme
// for pre-existing implementations where the signer was added to client
// config. SDK clients will key off of this type and ensure per-operation
// updates to those signers persist on the scheme itself.
type HTTPAuthScheme struct {
schemeID string
signer smithyhttp.Signer
}
var _ smithyhttp.AuthScheme = (*HTTPAuthScheme)(nil)
// NewHTTPAuthScheme returns an auth scheme instance with the given config.
func NewHTTPAuthScheme(schemeID string, signer smithyhttp.Signer) *HTTPAuthScheme {
return &HTTPAuthScheme{
schemeID: schemeID,
signer: signer,
}
}
// SchemeID identifies the auth scheme.
func (s *HTTPAuthScheme) SchemeID() string {
return s.schemeID
}
// IdentityResolver gets the identity resolver for the auth scheme.
func (s *HTTPAuthScheme) IdentityResolver(o auth.IdentityResolverOptions) auth.IdentityResolver {
return o.GetIdentityResolver(s.schemeID)
}
// Signer gets the signer for the auth scheme.
func (s *HTTPAuthScheme) Signer() smithyhttp.Signer {
return s.signer
}
// WithSigner returns a new instance of the auth scheme with the updated signer.
func (s *HTTPAuthScheme) WithSigner(signer smithyhttp.Signer) *HTTPAuthScheme {
return NewHTTPAuthScheme(s.schemeID, signer)
}

43
vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/bearer_token_adapter.go generated vendored Normal file
View File

@ -0,0 +1,43 @@
package smithy
import (
"context"
"fmt"
"time"
"github.com/aws/smithy-go"
"github.com/aws/smithy-go/auth"
"github.com/aws/smithy-go/auth/bearer"
)
// BearerTokenAdapter adapts smithy bearer.Token to smithy auth.Identity.
type BearerTokenAdapter struct {
Token bearer.Token
}
var _ auth.Identity = (*BearerTokenAdapter)(nil)
// Expiration returns the time of expiration for the token.
func (v *BearerTokenAdapter) Expiration() time.Time {
return v.Token.Expires
}
// BearerTokenProviderAdapter adapts smithy bearer.TokenProvider to smithy
// auth.IdentityResolver.
type BearerTokenProviderAdapter struct {
Provider bearer.TokenProvider
}
var _ (auth.IdentityResolver) = (*BearerTokenProviderAdapter)(nil)
// GetIdentity retrieves a bearer token using the underlying provider.
func (v *BearerTokenProviderAdapter) GetIdentity(ctx context.Context, _ smithy.Properties) (
auth.Identity, error,
) {
token, err := v.Provider.RetrieveBearerToken(ctx)
if err != nil {
return nil, fmt.Errorf("get token: %v", err)
}
return &BearerTokenAdapter{Token: token}, nil
}

35
vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/bearer_token_signer_adapter.go generated vendored Normal file
View File

@ -0,0 +1,35 @@
package smithy
import (
"context"
"fmt"
"github.com/aws/smithy-go"
"github.com/aws/smithy-go/auth"
"github.com/aws/smithy-go/auth/bearer"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// BearerTokenSignerAdapter adapts smithy bearer.Signer to smithy http
// auth.Signer.
type BearerTokenSignerAdapter struct {
Signer bearer.Signer
}
var _ (smithyhttp.Signer) = (*BearerTokenSignerAdapter)(nil)
// SignRequest signs the request with the provided bearer token.
func (v *BearerTokenSignerAdapter) SignRequest(ctx context.Context, r *smithyhttp.Request, identity auth.Identity, _ smithy.Properties) error {
ca, ok := identity.(*BearerTokenAdapter)
if !ok {
return fmt.Errorf("unexpected identity type: %T", identity)
}
signed, err := v.Signer.SignWithBearerToken(ctx, ca.Token, r)
if err != nil {
return fmt.Errorf("sign request: %v", err)
}
*r = *signed.(*smithyhttp.Request)
return nil
}

46
vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/credentials_adapter.go generated vendored Normal file
View File

@ -0,0 +1,46 @@
package smithy
import (
"context"
"fmt"
"time"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/smithy-go"
"github.com/aws/smithy-go/auth"
)
// CredentialsAdapter adapts aws.Credentials to auth.Identity.
type CredentialsAdapter struct {
Credentials aws.Credentials
}
var _ auth.Identity = (*CredentialsAdapter)(nil)
// Expiration returns the time of expiration for the credentials.
func (v *CredentialsAdapter) Expiration() time.Time {
return v.Credentials.Expires
}
// CredentialsProviderAdapter adapts aws.CredentialsProvider to auth.IdentityResolver.
type CredentialsProviderAdapter struct {
Provider aws.CredentialsProvider
}
var _ (auth.IdentityResolver) = (*CredentialsProviderAdapter)(nil)
// GetIdentity retrieves AWS credentials using the underlying provider.
func (v *CredentialsProviderAdapter) GetIdentity(ctx context.Context, _ smithy.Properties) (
auth.Identity, error,
) {
if v.Provider == nil {
return &CredentialsAdapter{Credentials: aws.Credentials{}}, nil
}
creds, err := v.Provider.Retrieve(ctx)
if err != nil {
return nil, fmt.Errorf("get credentials: %v", err)
}
return &CredentialsAdapter{Credentials: creds}, nil
}

2
vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/smithy.go generated vendored Normal file
View File

@ -0,0 +1,2 @@
// Package smithy adapts concrete AWS auth and signing types to the generic smithy versions.
package smithy

53
vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/v4signer_adapter.go generated vendored Normal file
View File

@ -0,0 +1,53 @@
package smithy
import (
"context"
"fmt"
v4 "github.com/aws/aws-sdk-go-v2/aws/signer/v4"
"github.com/aws/aws-sdk-go-v2/internal/sdk"
"github.com/aws/smithy-go"
"github.com/aws/smithy-go/auth"
"github.com/aws/smithy-go/logging"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// V4SignerAdapter adapts v4.HTTPSigner to smithy http.Signer.
type V4SignerAdapter struct {
Signer v4.HTTPSigner
Logger logging.Logger
LogSigning bool
}
var _ (smithyhttp.Signer) = (*V4SignerAdapter)(nil)
// SignRequest signs the request with the provided identity.
func (v *V4SignerAdapter) SignRequest(ctx context.Context, r *smithyhttp.Request, identity auth.Identity, props smithy.Properties) error {
ca, ok := identity.(*CredentialsAdapter)
if !ok {
return fmt.Errorf("unexpected identity type: %T", identity)
}
name, ok := smithyhttp.GetSigV4SigningName(&props)
if !ok {
return fmt.Errorf("sigv4 signing name is required")
}
region, ok := smithyhttp.GetSigV4SigningRegion(&props)
if !ok {
return fmt.Errorf("sigv4 signing region is required")
}
hash := v4.GetPayloadHash(ctx)
err := v.Signer.SignHTTP(ctx, ca.Credentials, r.Request, hash, name, region, sdk.NowTime(), func(o *v4.SignerOptions) {
o.DisableURIPathEscaping, _ = smithyhttp.GetDisableDoubleEncoding(&props)
o.Logger = v.Logger
o.LogSigning = v.LogSigning
})
if err != nil {
return fmt.Errorf("sign http: %v", err)
}
return nil
}

4
vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md generated vendored
View File

@ -1,3 +1,7 @@
# v1.2.3 (2023-11-15)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.2.2 (2023-11-09)
* **Dependency Update**: Updated to the latest SDK module versions

2
vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go generated vendored
View File

@ -3,4 +3,4 @@
package configsources
// goModuleVersion is the tagged release for this module
const goModuleVersion = "1.2.2"
const goModuleVersion = "1.2.3"

201
vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/endpoints.go generated vendored Normal file
View File

@ -0,0 +1,201 @@
package endpoints
import (
"fmt"
"regexp"
"strings"
"github.com/aws/aws-sdk-go-v2/aws"
)
const (
defaultProtocol = "https"
defaultSigner = "v4"
)
var (
protocolPriority = []string{"https", "http"}
signerPriority = []string{"v4"}
)
// Options provide configuration needed to direct how endpoints are resolved.
type Options struct {
// Disable usage of HTTPS (TLS / SSL)
DisableHTTPS bool
}
// Partitions is a slice of partition
type Partitions []Partition
// ResolveEndpoint resolves a service endpoint for the given region and options.
func (ps Partitions) ResolveEndpoint(region string, opts Options) (aws.Endpoint, error) {
if len(ps) == 0 {
return aws.Endpoint{}, fmt.Errorf("no partitions found")
}
for i := 0; i < len(ps); i++ {
if !ps[i].canResolveEndpoint(region) {
continue
}
return ps[i].ResolveEndpoint(region, opts)
}
// fallback to first partition format to use when resolving the endpoint.
return ps[0].ResolveEndpoint(region, opts)
}
// Partition is an AWS partition description for a service and its' region endpoints.
type Partition struct {
ID string
RegionRegex *regexp.Regexp
PartitionEndpoint string
IsRegionalized bool
Defaults Endpoint
Endpoints Endpoints
}
func (p Partition) canResolveEndpoint(region string) bool {
_, ok := p.Endpoints[region]
return ok || p.RegionRegex.MatchString(region)
}
// ResolveEndpoint resolves and service endpoint for the given region and options.
func (p Partition) ResolveEndpoint(region string, options Options) (resolved aws.Endpoint, err error) {
if len(region) == 0 && len(p.PartitionEndpoint) != 0 {
region = p.PartitionEndpoint
}
e, _ := p.endpointForRegion(region)
return e.resolve(p.ID, region, p.Defaults, options), nil
}
func (p Partition) endpointForRegion(region string) (Endpoint, bool) {
if e, ok := p.Endpoints[region]; ok {
return e, true
}
if !p.IsRegionalized {
return p.Endpoints[p.PartitionEndpoint], region == p.PartitionEndpoint
}
// Unable to find any matching endpoint, return
// blank that will be used for generic endpoint creation.
return Endpoint{}, false
}
// Endpoints is a map of service config regions to endpoints
type Endpoints map[string]Endpoint
// CredentialScope is the credential scope of a region and service
type CredentialScope struct {
Region string
Service string
}
// Endpoint is a service endpoint description
type Endpoint struct {
// True if the endpoint cannot be resolved for this partition/region/service
Unresolveable aws.Ternary
Hostname string
Protocols []string
CredentialScope CredentialScope
SignatureVersions []string `json:"signatureVersions"`
}
func (e Endpoint) resolve(partition, region string, def Endpoint, options Options) aws.Endpoint {
var merged Endpoint
merged.mergeIn(def)
merged.mergeIn(e)
e = merged
var u string
if e.Unresolveable != aws.TrueTernary {
// Only attempt to resolve the endpoint if it can be resolved.
hostname := strings.Replace(e.Hostname, "{region}", region, 1)
scheme := getEndpointScheme(e.Protocols, options.DisableHTTPS)
u = scheme + "://" + hostname
}
signingRegion := e.CredentialScope.Region
if len(signingRegion) == 0 {
signingRegion = region
}
signingName := e.CredentialScope.Service
return aws.Endpoint{
URL: u,
PartitionID: partition,
SigningRegion: signingRegion,
SigningName: signingName,
SigningMethod: getByPriority(e.SignatureVersions, signerPriority, defaultSigner),
}
}
func (e *Endpoint) mergeIn(other Endpoint) {
if other.Unresolveable != aws.UnknownTernary {
e.Unresolveable = other.Unresolveable
}
if len(other.Hostname) > 0 {
e.Hostname = other.Hostname
}
if len(other.Protocols) > 0 {
e.Protocols = other.Protocols
}
if len(other.CredentialScope.Region) > 0 {
e.CredentialScope.Region = other.CredentialScope.Region
}
if len(other.CredentialScope.Service) > 0 {
e.CredentialScope.Service = other.CredentialScope.Service
}
if len(other.SignatureVersions) > 0 {
e.SignatureVersions = other.SignatureVersions
}
}
func getEndpointScheme(protocols []string, disableHTTPS bool) string {
if disableHTTPS {
return "http"
}
return getByPriority(protocols, protocolPriority, defaultProtocol)
}
func getByPriority(s []string, p []string, def string) string {
if len(s) == 0 {
return def
}
for i := 0; i < len(p); i++ {
for j := 0; j < len(s); j++ {
if s[j] == p[i] {
return s[j]
}
}
}
return s[0]
}
// MapFIPSRegion extracts the intrinsic AWS region from one that may have an
// embedded FIPS microformat.
func MapFIPSRegion(region string) string {
const fipsInfix = "-fips-"
const fipsPrefix = "fips-"
const fipsSuffix = "-fips"
if strings.Contains(region, fipsInfix) ||
strings.Contains(region, fipsPrefix) ||
strings.Contains(region, fipsSuffix) {
region = strings.ReplaceAll(region, fipsInfix, "-")
region = strings.ReplaceAll(region, fipsPrefix, "")
region = strings.ReplaceAll(region, fipsSuffix, "")
}
return region
}

4
vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md generated vendored
View File

@ -1,3 +1,7 @@
# v2.5.3 (2023-11-15)
* **Dependency Update**: Updated to the latest SDK module versions
# v2.5.2 (2023-11-09)
* **Dependency Update**: Updated to the latest SDK module versions

2
vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go generated vendored
View File

@ -3,4 +3,4 @@
package endpoints
// goModuleVersion is the tagged release for this module
const goModuleVersion = "2.5.2"
const goModuleVersion = "2.5.3"

112
vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/CHANGELOG.md generated vendored Normal file
View File

@ -0,0 +1,112 @@
# v1.10.1 (2023-11-15)
* No change notes available for this release.
# v1.10.0 (2023-10-31)
* **Feature**: **BREAKING CHANGE**: Bump minimum go version to 1.19 per the revised [go version support policy](https://aws.amazon.com/blogs/developer/aws-sdk-for-go-aligns-with-go-release-policy-on-supported-runtimes/).
# v1.9.15 (2023-10-06)
* No change notes available for this release.
# v1.9.14 (2023-08-18)
* No change notes available for this release.
# v1.9.13 (2023-08-07)
* No change notes available for this release.
# v1.9.12 (2023-07-31)
* No change notes available for this release.
# v1.9.11 (2022-12-02)
* No change notes available for this release.
# v1.9.10 (2022-10-24)
* No change notes available for this release.
# v1.9.9 (2022-09-14)
* No change notes available for this release.
# v1.9.8 (2022-09-02)
* No change notes available for this release.
# v1.9.7 (2022-08-31)
* No change notes available for this release.
# v1.9.6 (2022-08-29)
* No change notes available for this release.
# v1.9.5 (2022-08-11)
* No change notes available for this release.
# v1.9.4 (2022-08-09)
* No change notes available for this release.
# v1.9.3 (2022-06-29)
* No change notes available for this release.
# v1.9.2 (2022-06-07)
* No change notes available for this release.
# v1.9.1 (2022-03-24)
* No change notes available for this release.
# v1.9.0 (2022-03-08)
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
# v1.8.0 (2022-02-24)
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
# v1.7.0 (2022-01-14)
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
# v1.6.0 (2022-01-07)
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
# v1.5.0 (2021-11-06)
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
# v1.4.0 (2021-10-21)
* **Feature**: Updated to latest version
# v1.3.0 (2021-08-27)
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
# v1.2.2 (2021-08-04)
* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version.
# v1.2.1 (2021-07-15)
* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version
# v1.2.0 (2021-06-25)
* **Feature**: Updated `github.com/aws/smithy-go` to latest version
# v1.1.0 (2021-05-14)
* **Feature**: Constant has been added to modules to enable runtime version inspection for reporting.

202
vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/LICENSE.txt generated vendored Normal file
View File

@ -0,0 +1,202 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

176
vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/accept_encoding_gzip.go generated vendored Normal file
View File

@ -0,0 +1,176 @@
package acceptencoding
import (
"compress/gzip"
"context"
"fmt"
"io"
"github.com/aws/smithy-go"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
const acceptEncodingHeaderKey = "Accept-Encoding"
const contentEncodingHeaderKey = "Content-Encoding"
// AddAcceptEncodingGzipOptions provides the options for the
// AddAcceptEncodingGzip middleware setup.
type AddAcceptEncodingGzipOptions struct {
Enable bool
}
// AddAcceptEncodingGzip explicitly adds handling for accept-encoding GZIP
// middleware to the operation stack. This allows checksums to be correctly
// computed without disabling GZIP support.
func AddAcceptEncodingGzip(stack *middleware.Stack, options AddAcceptEncodingGzipOptions) error {
if options.Enable {
if err := stack.Finalize.Add(&EnableGzip{}, middleware.Before); err != nil {
return err
}
if err := stack.Deserialize.Insert(&DecompressGzip{}, "OperationDeserializer", middleware.After); err != nil {
return err
}
return nil
}
return stack.Finalize.Add(&DisableGzip{}, middleware.Before)
}
// DisableGzip provides the middleware that will
// disable the underlying http client automatically enabling for gzip
// decompress content-encoding support.
type DisableGzip struct{}
// ID returns the id for the middleware.
func (*DisableGzip) ID() string {
return "DisableAcceptEncodingGzip"
}
// HandleFinalize implements the FinalizeMiddleware interface.
func (*DisableGzip) HandleFinalize(
ctx context.Context, input middleware.FinalizeInput, next middleware.FinalizeHandler,
) (
output middleware.FinalizeOutput, metadata middleware.Metadata, err error,
) {
req, ok := input.Request.(*smithyhttp.Request)
if !ok {
return output, metadata, &smithy.SerializationError{
Err: fmt.Errorf("unknown request type %T", input.Request),
}
}
// Explicitly enable gzip support, this will prevent the http client from
// auto extracting the zipped content.
req.Header.Set(acceptEncodingHeaderKey, "identity")
return next.HandleFinalize(ctx, input)
}
// EnableGzip provides a middleware to enable support for
// gzip responses, with manual decompression. This prevents the underlying HTTP
// client from performing the gzip decompression automatically.
type EnableGzip struct{}
// ID returns the id for the middleware.
func (*EnableGzip) ID() string {
return "AcceptEncodingGzip"
}
// HandleFinalize implements the FinalizeMiddleware interface.
func (*EnableGzip) HandleFinalize(
ctx context.Context, input middleware.FinalizeInput, next middleware.FinalizeHandler,
) (
output middleware.FinalizeOutput, metadata middleware.Metadata, err error,
) {
req, ok := input.Request.(*smithyhttp.Request)
if !ok {
return output, metadata, &smithy.SerializationError{
Err: fmt.Errorf("unknown request type %T", input.Request),
}
}
// Explicitly enable gzip support, this will prevent the http client from
// auto extracting the zipped content.
req.Header.Set(acceptEncodingHeaderKey, "gzip")
return next.HandleFinalize(ctx, input)
}
// DecompressGzip provides the middleware for decompressing a gzip
// response from the service.
type DecompressGzip struct{}
// ID returns the id for the middleware.
func (*DecompressGzip) ID() string {
return "DecompressGzip"
}
// HandleDeserialize implements the DeserializeMiddlware interface.
func (*DecompressGzip) HandleDeserialize(
ctx context.Context, input middleware.DeserializeInput, next middleware.DeserializeHandler,
) (
output middleware.DeserializeOutput, metadata middleware.Metadata, err error,
) {
output, metadata, err = next.HandleDeserialize(ctx, input)
if err != nil {
return output, metadata, err
}
resp, ok := output.RawResponse.(*smithyhttp.Response)
if !ok {
return output, metadata, &smithy.DeserializationError{
Err: fmt.Errorf("unknown response type %T", output.RawResponse),
}
}
if v := resp.Header.Get(contentEncodingHeaderKey); v != "gzip" {
return output, metadata, err
}
// Clear content length since it will no longer be valid once the response
// body is decompressed.
resp.Header.Del("Content-Length")
resp.ContentLength = -1
resp.Body = wrapGzipReader(resp.Body)
return output, metadata, err
}
type gzipReader struct {
reader io.ReadCloser
gzip *gzip.Reader
}
func wrapGzipReader(reader io.ReadCloser) *gzipReader {
return &gzipReader{
reader: reader,
}
}
// Read wraps the gzip reader around the underlying io.Reader to extract the
// response bytes on the fly.
func (g *gzipReader) Read(b []byte) (n int, err error) {
if g.gzip == nil {
g.gzip, err = gzip.NewReader(g.reader)
if err != nil {
g.gzip = nil // ensure uninitialized gzip value isn't used in close.
return 0, fmt.Errorf("failed to decompress gzip response, %w", err)
}
}
return g.gzip.Read(b)
}
func (g *gzipReader) Close() error {
if g.gzip == nil {
return nil
}
if err := g.gzip.Close(); err != nil {
g.reader.Close()
return fmt.Errorf("failed to decompress gzip response, %w", err)
}
return g.reader.Close()
}

22
vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/doc.go generated vendored Normal file
View File

@ -0,0 +1,22 @@
/*
Package acceptencoding provides customizations associated with Accept Encoding Header.
# Accept encoding gzip
The Go HTTP client automatically supports accept-encoding and content-encoding
gzip by default. This default behavior is not desired by the SDK, and prevents
validating the response body's checksum. To prevent this the SDK must manually
control usage of content-encoding gzip.
To control content-encoding, the SDK must always set the `Accept-Encoding`
header to a value. This prevents the HTTP client from using gzip automatically.
When gzip is enabled on the API client, the SDK's customization will control
decompressing the gzip data in order to not break the checksum validation. When
gzip is disabled, the API client will disable gzip, preventing the HTTP
client's default behavior.
An `EnableAcceptEncodingGzip` option may or may not be present depending on the client using
the below middleware. The option if present can be used to enable auto decompressing
gzip by the SDK.
*/
package acceptencoding

6
vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/go_module_metadata.go generated vendored Normal file
View File

@ -0,0 +1,6 @@
// Code generated by internal/repotools/cmd/updatemodulemeta DO NOT EDIT.
package acceptencoding
// goModuleVersion is the tagged release for this module
const goModuleVersion = "1.10.1"

4
vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md generated vendored
View File

@ -1,3 +1,7 @@
# v1.10.3 (2023-11-15)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.10.2 (2023-11-09)
* **Dependency Update**: Updated to the latest SDK module versions

2
vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/go_module_metadata.go generated vendored
View File

@ -3,4 +3,4 @@
package presignedurl
// goModuleVersion is the tagged release for this module
const goModuleVersion = "1.10.2"
const goModuleVersion = "1.10.3"

8
vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md generated vendored
View File

@ -1,3 +1,11 @@
# v1.25.3 (2023-11-17)
* **Documentation**: API updates for the AWS Security Token Service
# v1.25.2 (2023-11-15)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.25.1 (2023-11-09)
* **Dependency Update**: Updated to the latest SDK module versions

280
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_client.go generated vendored
View File

@ -12,7 +12,10 @@ import (
"github.com/aws/aws-sdk-go-v2/aws/retry"
"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http"
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy"
internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources"
acceptencodingcust "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding"
presignedurlcust "github.com/aws/aws-sdk-go-v2/service/internal/presigned-url"
smithy "github.com/aws/smithy-go"
smithydocument "github.com/aws/smithy-go/document"
@ -49,10 +52,18 @@ func New(options Options, optFns ...func(*Options)) *Client {
resolveHTTPSignerV4(&options)
resolveEndpointResolverV2(&options)
resolveAuthSchemeResolver(&options)
for _, fn := range optFns {
fn(&options)
}
ignoreAnonymousAuth(&options)
resolveAuthSchemes(&options)
client := &Client{
options: options,
}
@ -60,140 +71,10 @@ func New(options Options, optFns ...func(*Options)) *Client {
return client
}
type Options struct {
// Set of options to modify how an operation is invoked. These apply to all
// operations invoked for this client. Use functional options on operation call to
// modify this list for per operation behavior.
APIOptions []func(*middleware.Stack) error
// The optional application specific identifier appended to the User-Agent header.
AppID string
// This endpoint will be given as input to an EndpointResolverV2. It is used for
// providing a custom base endpoint that is subject to modifications by the
// processing EndpointResolverV2.
BaseEndpoint *string
// Configures the events that will be sent to the configured logger.
ClientLogMode aws.ClientLogMode
// The credentials object to use when signing requests.
Credentials aws.CredentialsProvider
// The configuration DefaultsMode that the SDK should use when constructing the
// clients initial default settings.
DefaultsMode aws.DefaultsMode
// The endpoint options to be used when attempting to resolve an endpoint.
EndpointOptions EndpointResolverOptions
// The service endpoint resolver.
//
// Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a
// value for this field will likely prevent you from using any endpoint-related
// service features released after the introduction of EndpointResolverV2 and
// BaseEndpoint. To migrate an EndpointResolver implementation that uses a custom
// endpoint, set the client option BaseEndpoint instead.
EndpointResolver EndpointResolver
// Resolves the endpoint used for a particular service. This should be used over
// the deprecated EndpointResolver
EndpointResolverV2 EndpointResolverV2
// Signature Version 4 (SigV4) Signer
HTTPSignerV4 HTTPSignerV4
// The logger writer interface to write logging messages to.
Logger logging.Logger
// The region to send requests to. (Required)
Region string
// RetryMaxAttempts specifies the maximum number attempts an API client will call
// an operation that fails with a retryable error. A value of 0 is ignored, and
// will not be used to configure the API client created default retryer, or modify
// per operation call's retry max attempts. When creating a new API Clients this
// member will only be used if the Retryer Options member is nil. This value will
// be ignored if Retryer is not nil. If specified in an operation call's functional
// options with a value that is different than the constructed client's Options,
// the Client's Retryer will be wrapped to use the operation's specific
// RetryMaxAttempts value.
RetryMaxAttempts int
// RetryMode specifies the retry mode the API client will be created with, if
// Retryer option is not also specified. When creating a new API Clients this
// member will only be used if the Retryer Options member is nil. This value will
// be ignored if Retryer is not nil. Currently does not support per operation call
// overrides, may in the future.
RetryMode aws.RetryMode
// Retryer guides how HTTP requests should be retried in case of recoverable
// failures. When nil the API client will use a default retryer. The kind of
// default retry created by the API client can be changed with the RetryMode
// option.
Retryer aws.Retryer
// The RuntimeEnvironment configuration, only populated if the DefaultsMode is set
// to DefaultsModeAuto and is initialized using config.LoadDefaultConfig . You
// should not populate this structure programmatically, or rely on the values here
// within your applications.
RuntimeEnvironment aws.RuntimeEnvironment
// The initial DefaultsMode used when the client options were constructed. If the
// DefaultsMode was set to aws.DefaultsModeAuto this will store what the resolved
// value was at that point in time. Currently does not support per operation call
// overrides, may in the future.
resolvedDefaultsMode aws.DefaultsMode
// The HTTP client to invoke API calls with. Defaults to client's default HTTP
// implementation if nil.
HTTPClient HTTPClient
}
// WithAPIOptions returns a functional option for setting the Client's APIOptions
// option.
func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) {
return func(o *Options) {
o.APIOptions = append(o.APIOptions, optFns...)
}
}
// Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for
// this field will likely prevent you from using any endpoint-related service
// features released after the introduction of EndpointResolverV2 and BaseEndpoint.
// To migrate an EndpointResolver implementation that uses a custom endpoint, set
// the client option BaseEndpoint instead.
func WithEndpointResolver(v EndpointResolver) func(*Options) {
return func(o *Options) {
o.EndpointResolver = v
}
}
// WithEndpointResolverV2 returns a functional option for setting the Client's
// EndpointResolverV2 option.
func WithEndpointResolverV2(v EndpointResolverV2) func(*Options) {
return func(o *Options) {
o.EndpointResolverV2 = v
}
}
type HTTPClient interface {
Do(*http.Request) (*http.Response, error)
}
// Copy creates a clone where the APIOptions list is deep copied.
func (o Options) Copy() Options {
to := o
to.APIOptions = make([]func(*middleware.Stack) error, len(o.APIOptions))
copy(to.APIOptions, o.APIOptions)
return to
}
func (c *Client) invokeOperation(ctx context.Context, opID string, params interface{}, optFns []func(*Options), stackFns ...func(*middleware.Stack, Options) error) (result interface{}, metadata middleware.Metadata, err error) {
ctx = middleware.ClearStackValues(ctx)
stack := middleware.NewStack(opID, smithyhttp.NewStackRequest)
options := c.options.Copy()
resolveEndpointResolverV2(&options)
for _, fn := range optFns {
fn(&options)
@ -227,6 +108,63 @@ func (c *Client) invokeOperation(ctx context.Context, opID string, params interf
return result, metadata, err
}
type operationInputKey struct{}
func setOperationInput(ctx context.Context, input interface{}) context.Context {
return middleware.WithStackValue(ctx, operationInputKey{}, input)
}
func getOperationInput(ctx context.Context) interface{} {
return middleware.GetStackValue(ctx, operationInputKey{})
}
type setOperationInputMiddleware struct {
}
func (*setOperationInputMiddleware) ID() string {
return "setOperationInput"
}
func (m *setOperationInputMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
ctx = setOperationInput(ctx, in.Parameters)
return next.HandleSerialize(ctx, in)
}
func addProtocolFinalizerMiddlewares(stack *middleware.Stack, options Options, operation string) error {
if err := stack.Finalize.Add(&resolveAuthSchemeMiddleware{operation: operation, options: options}, middleware.Before); err != nil {
return fmt.Errorf("add ResolveAuthScheme: %v", err)
}
if err := stack.Finalize.Insert(&getIdentityMiddleware{options: options}, "ResolveAuthScheme", middleware.After); err != nil {
return fmt.Errorf("add GetIdentity: %v", err)
}
if err := stack.Finalize.Insert(&resolveEndpointV2Middleware{options: options}, "GetIdentity", middleware.After); err != nil {
return fmt.Errorf("add ResolveEndpointV2: %v", err)
}
if err := stack.Finalize.Insert(&signRequestMiddleware{}, "ResolveEndpointV2", middleware.After); err != nil {
return fmt.Errorf("add Signing: %v", err)
}
return nil
}
func resolveAuthSchemeResolver(options *Options) {
if options.AuthSchemeResolver == nil {
options.AuthSchemeResolver = &defaultAuthSchemeResolver{}
}
}
func resolveAuthSchemes(options *Options) {
if options.AuthSchemes == nil {
options.AuthSchemes = []smithyhttp.AuthScheme{
internalauth.NewHTTPAuthScheme("aws.auth#sigv4", &internalauthsmithy.V4SignerAdapter{
Signer: options.HTTPSignerV4,
Logger: options.Logger,
LogSigning: options.ClientLogMode.IsSigning(),
}),
}
}
}
type noSmithyDocumentSerde = smithydocument.NoSerde
type legacyEndpointContextSetter struct {
@ -417,15 +355,6 @@ func addClientUserAgent(stack *middleware.Stack, options Options) error {
return nil
}
func addHTTPSignerV4Middleware(stack *middleware.Stack, o Options) error {
mw := v4.NewSignHTTPRequestMiddleware(v4.SignHTTPRequestMiddlewareOptions{
CredentialsProvider: o.Credentials,
Signer: o.HTTPSignerV4,
LogSigning: o.ClientLogMode.IsSigning(),
})
return stack.Finalize.Add(mw, middleware.After)
}
type HTTPSignerV4 interface {
SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(*v4.SignerOptions)) error
}
@ -560,20 +489,61 @@ func withNopHTTPClientAPIOption(o *Options) {
o.HTTPClient = smithyhttp.NopClient{}
}
type presignContextPolyfillMiddleware struct {
}
func (*presignContextPolyfillMiddleware) ID() string {
return "presignContextPolyfill"
}
func (m *presignContextPolyfillMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
) {
rscheme := getResolvedAuthScheme(ctx)
if rscheme == nil {
return out, metadata, fmt.Errorf("no resolved auth scheme")
}
schemeID := rscheme.Scheme.SchemeID()
if schemeID == "aws.auth#sigv4" {
if sn, ok := smithyhttp.GetSigV4SigningName(&rscheme.SignerProperties); ok {
ctx = awsmiddleware.SetSigningName(ctx, sn)
}
if sr, ok := smithyhttp.GetSigV4SigningRegion(&rscheme.SignerProperties); ok {
ctx = awsmiddleware.SetSigningRegion(ctx, sr)
}
} else if schemeID == "aws.auth#sigv4a" {
if sn, ok := smithyhttp.GetSigV4ASigningName(&rscheme.SignerProperties); ok {
ctx = awsmiddleware.SetSigningName(ctx, sn)
}
if sr, ok := smithyhttp.GetSigV4ASigningRegions(&rscheme.SignerProperties); ok {
ctx = awsmiddleware.SetSigningRegion(ctx, sr[0])
}
}
return next.HandleFinalize(ctx, in)
}
type presignConverter PresignOptions
func (c presignConverter) convertToPresignMiddleware(stack *middleware.Stack, options Options) (err error) {
stack.Finalize.Clear()
if _, ok := stack.Finalize.Get((*acceptencodingcust.DisableGzip)(nil).ID()); ok {
stack.Finalize.Remove((*acceptencodingcust.DisableGzip)(nil).ID())
}
stack.Deserialize.Clear()
stack.Build.Remove((*awsmiddleware.ClientRequestID)(nil).ID())
stack.Build.Remove("UserAgent")
if err := stack.Finalize.Insert(&presignContextPolyfillMiddleware{}, "Signing", middleware.Before); err != nil {
return err
}
pmw := v4.NewPresignHTTPRequestMiddleware(v4.PresignHTTPRequestMiddlewareOptions{
CredentialsProvider: options.Credentials,
Presigner: c.Presigner,
LogSigning: options.ClientLogMode.IsSigning(),
})
err = stack.Finalize.Add(pmw, middleware.After)
if err != nil {
if _, err := stack.Finalize.Swap("Signing", pmw); err != nil {
return err
}
if err = smithyhttp.AddNoPayloadDefaultContentTypeRemover(stack); err != nil {
@ -600,31 +570,31 @@ func addRequestResponseLogging(stack *middleware.Stack, o Options) error {
}, middleware.After)
}
type endpointDisableHTTPSMiddleware struct {
EndpointDisableHTTPS bool
type disableHTTPSMiddleware struct {
DisableHTTPS bool
}
func (*endpointDisableHTTPSMiddleware) ID() string {
return "endpointDisableHTTPSMiddleware"
func (*disableHTTPSMiddleware) ID() string {
return "disableHTTPS"
}
func (m *endpointDisableHTTPSMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
func (m *disableHTTPSMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
) {
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.EndpointDisableHTTPS && !smithyhttp.GetHostnameImmutable(ctx) {
if m.DisableHTTPS && !smithyhttp.GetHostnameImmutable(ctx) {
req.URL.Scheme = "http"
}
return next.HandleSerialize(ctx, in)
return next.HandleFinalize(ctx, in)
}
}
func addendpointDisableHTTPSMiddleware(stack *middleware.Stack, o Options) error {
return stack.Serialize.Insert(&endpointDisableHTTPSMiddleware{
EndpointDisableHTTPS: o.EndpointOptions.DisableHTTPS,
}, "OperationSerializer", middleware.Before)
func addDisableHTTPSMiddleware(stack *middleware.Stack, o Options) error {
return stack.Finalize.Insert(&disableHTTPSMiddleware{
DisableHTTPS: o.EndpointOptions.DisableHTTPS,
}, "ResolveEndpointV2", middleware.After)
}

149
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRole.go generated vendored
View File

@ -4,14 +4,10 @@ package sts
import (
"context"
"errors"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
"github.com/aws/aws-sdk-go-v2/service/sts/types"
smithyendpoints "github.com/aws/smithy-go/endpoints"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
@ -204,7 +200,12 @@ type AssumeRoleInput struct {
// in the IAM User Guide.
PolicyArns []types.PolicyDescriptorType
// Reserved for future use.
// A list of previously acquired trusted context assertions in the format of a
// JSON array. The trusted context assertion is signed and encrypted by Amazon Web
// Services STS. The following is an example of a ProvidedContext value that
// includes a single trusted context assertion and the ARN of the context provider
// from which the trusted context assertion was generated.
// [{"ProviderArn":"arn:aws:iam::aws:contextProvider/identitycenter","ContextAssertion":"trusted-context-assertion"}]
ProvidedContexts []types.ProvidedContext
// The identification number of the MFA device that is associated with the user
@ -327,6 +328,9 @@ type AssumeRoleOutput struct {
}
func (c *Client) addOperationAssumeRoleMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpAssumeRole{}, middleware.After)
if err != nil {
return err
@ -335,6 +339,10 @@ func (c *Client) addOperationAssumeRoleMiddlewares(stack *middleware.Stack, opti
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "AssumeRole"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
@ -356,9 +364,6 @@ func (c *Client) addOperationAssumeRoleMiddlewares(stack *middleware.Stack, opti
if err = addRetryMiddlewares(stack, options); err != nil {
return err
}
if err = addHTTPSignerV4Middleware(stack, options); err != nil {
return err
}
if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil {
return err
}
@ -374,7 +379,7 @@ func (c *Client) addOperationAssumeRoleMiddlewares(stack *middleware.Stack, opti
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addAssumeRoleResolveEndpointMiddleware(stack, options); err != nil {
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpAssumeRoleValidationMiddleware(stack); err != nil {
@ -395,7 +400,7 @@ func (c *Client) addOperationAssumeRoleMiddlewares(stack *middleware.Stack, opti
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil {
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
@ -405,7 +410,6 @@ func newServiceMetadataMiddleware_opAssumeRole(region string) *awsmiddleware.Reg
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
SigningName: "sts",
OperationName: "AssumeRole",
}
}
@ -433,126 +437,3 @@ func (c *PresignClient) PresignAssumeRole(ctx context.Context, params *AssumeRol
out := result.(*v4.PresignedHTTPRequest)
return out, nil
}
type opAssumeRoleResolveEndpointMiddleware struct {
EndpointResolver EndpointResolverV2
BuiltInResolver builtInParameterResolver
}
func (*opAssumeRoleResolveEndpointMiddleware) ID() string {
return "ResolveEndpointV2"
}
func (m *opAssumeRoleResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleSerialize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.EndpointResolver == nil {
return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
}
params := EndpointParameters{}
m.BuiltInResolver.ResolveBuiltIns(&params)
var resolvedEndpoint smithyendpoints.Endpoint
resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params)
if err != nil {
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
req.URL = &resolvedEndpoint.URI
for k := range resolvedEndpoint.Headers {
req.Header.Set(
k,
resolvedEndpoint.Headers.Get(k),
)
}
authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties)
if err != nil {
var nfe *internalauth.NoAuthenticationSchemesFoundError
if errors.As(err, &nfe) {
// if no auth scheme is found, default to sigv4
signingName := "sts"
signingRegion := m.BuiltInResolver.(*builtInResolver).Region
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
}
var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError
if errors.As(err, &ue) {
return out, metadata, fmt.Errorf(
"This operation requests signer version(s) %v but the client only supports %v",
ue.UnsupportedSchemes,
internalauth.SupportedSchemes,
)
}
}
for _, authScheme := range authSchemes {
switch authScheme.(type) {
case *internalauth.AuthenticationSchemeV4:
v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4)
var signingName, signingRegion string
if v4Scheme.SigningName == nil {
signingName = "sts"
} else {
signingName = *v4Scheme.SigningName
}
if v4Scheme.SigningRegion == nil {
signingRegion = m.BuiltInResolver.(*builtInResolver).Region
} else {
signingRegion = *v4Scheme.SigningRegion
}
if v4Scheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
break
case *internalauth.AuthenticationSchemeV4A:
v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A)
if v4aScheme.SigningName == nil {
v4aScheme.SigningName = aws.String("sts")
}
if v4aScheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName)
ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0])
break
case *internalauth.AuthenticationSchemeNone:
break
}
}
return next.HandleSerialize(ctx, in)
}
func addAssumeRoleResolveEndpointMiddleware(stack *middleware.Stack, options Options) error {
return stack.Serialize.Insert(&opAssumeRoleResolveEndpointMiddleware{
EndpointResolver: options.EndpointResolverV2,
BuiltInResolver: &builtInResolver{
Region: options.Region,
UseDualStack: options.EndpointOptions.UseDualStackEndpoint,
UseFIPS: options.EndpointOptions.UseFIPSEndpoint,
Endpoint: options.BaseEndpoint,
},
}, "ResolveEndpoint", middleware.After)
}

139
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithSAML.go generated vendored
View File

@ -4,13 +4,9 @@ package sts
import (
"context"
"errors"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
"github.com/aws/aws-sdk-go-v2/service/sts/types"
smithyendpoints "github.com/aws/smithy-go/endpoints"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
@ -281,6 +277,9 @@ type AssumeRoleWithSAMLOutput struct {
}
func (c *Client) addOperationAssumeRoleWithSAMLMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpAssumeRoleWithSAML{}, middleware.After)
if err != nil {
return err
@ -289,6 +288,10 @@ func (c *Client) addOperationAssumeRoleWithSAMLMiddlewares(stack *middleware.Sta
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "AssumeRoleWithSAML"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
@ -322,7 +325,7 @@ func (c *Client) addOperationAssumeRoleWithSAMLMiddlewares(stack *middleware.Sta
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addAssumeRoleWithSAMLResolveEndpointMiddleware(stack, options); err != nil {
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpAssumeRoleWithSAMLValidationMiddleware(stack); err != nil {
@ -343,7 +346,7 @@ func (c *Client) addOperationAssumeRoleWithSAMLMiddlewares(stack *middleware.Sta
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil {
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
@ -353,130 +356,6 @@ func newServiceMetadataMiddleware_opAssumeRoleWithSAML(region string) *awsmiddle
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
SigningName: "sts",
OperationName: "AssumeRoleWithSAML",
}
}
type opAssumeRoleWithSAMLResolveEndpointMiddleware struct {
EndpointResolver EndpointResolverV2
BuiltInResolver builtInParameterResolver
}
func (*opAssumeRoleWithSAMLResolveEndpointMiddleware) ID() string {
return "ResolveEndpointV2"
}
func (m *opAssumeRoleWithSAMLResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleSerialize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.EndpointResolver == nil {
return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
}
params := EndpointParameters{}
m.BuiltInResolver.ResolveBuiltIns(&params)
var resolvedEndpoint smithyendpoints.Endpoint
resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params)
if err != nil {
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
req.URL = &resolvedEndpoint.URI
for k := range resolvedEndpoint.Headers {
req.Header.Set(
k,
resolvedEndpoint.Headers.Get(k),
)
}
authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties)
if err != nil {
var nfe *internalauth.NoAuthenticationSchemesFoundError
if errors.As(err, &nfe) {
// if no auth scheme is found, default to sigv4
signingName := "sts"
signingRegion := m.BuiltInResolver.(*builtInResolver).Region
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
}
var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError
if errors.As(err, &ue) {
return out, metadata, fmt.Errorf(
"This operation requests signer version(s) %v but the client only supports %v",
ue.UnsupportedSchemes,
internalauth.SupportedSchemes,
)
}
}
for _, authScheme := range authSchemes {
switch authScheme.(type) {
case *internalauth.AuthenticationSchemeV4:
v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4)
var signingName, signingRegion string
if v4Scheme.SigningName == nil {
signingName = "sts"
} else {
signingName = *v4Scheme.SigningName
}
if v4Scheme.SigningRegion == nil {
signingRegion = m.BuiltInResolver.(*builtInResolver).Region
} else {
signingRegion = *v4Scheme.SigningRegion
}
if v4Scheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
break
case *internalauth.AuthenticationSchemeV4A:
v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A)
if v4aScheme.SigningName == nil {
v4aScheme.SigningName = aws.String("sts")
}
if v4aScheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName)
ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0])
break
case *internalauth.AuthenticationSchemeNone:
break
}
}
return next.HandleSerialize(ctx, in)
}
func addAssumeRoleWithSAMLResolveEndpointMiddleware(stack *middleware.Stack, options Options) error {
return stack.Serialize.Insert(&opAssumeRoleWithSAMLResolveEndpointMiddleware{
EndpointResolver: options.EndpointResolverV2,
BuiltInResolver: &builtInResolver{
Region: options.Region,
UseDualStack: options.EndpointOptions.UseDualStackEndpoint,
UseFIPS: options.EndpointOptions.UseFIPSEndpoint,
Endpoint: options.BaseEndpoint,
},
}, "ResolveEndpoint", middleware.After)
}

139
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithWebIdentity.go generated vendored
View File

@ -4,13 +4,9 @@ package sts
import (
"context"
"errors"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
"github.com/aws/aws-sdk-go-v2/service/sts/types"
smithyendpoints "github.com/aws/smithy-go/endpoints"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
@ -300,6 +296,9 @@ type AssumeRoleWithWebIdentityOutput struct {
}
func (c *Client) addOperationAssumeRoleWithWebIdentityMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpAssumeRoleWithWebIdentity{}, middleware.After)
if err != nil {
return err
@ -308,6 +307,10 @@ func (c *Client) addOperationAssumeRoleWithWebIdentityMiddlewares(stack *middlew
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "AssumeRoleWithWebIdentity"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
@ -341,7 +344,7 @@ func (c *Client) addOperationAssumeRoleWithWebIdentityMiddlewares(stack *middlew
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addAssumeRoleWithWebIdentityResolveEndpointMiddleware(stack, options); err != nil {
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpAssumeRoleWithWebIdentityValidationMiddleware(stack); err != nil {
@ -362,7 +365,7 @@ func (c *Client) addOperationAssumeRoleWithWebIdentityMiddlewares(stack *middlew
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil {
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
@ -372,130 +375,6 @@ func newServiceMetadataMiddleware_opAssumeRoleWithWebIdentity(region string) *aw
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
SigningName: "sts",
OperationName: "AssumeRoleWithWebIdentity",
}
}
type opAssumeRoleWithWebIdentityResolveEndpointMiddleware struct {
EndpointResolver EndpointResolverV2
BuiltInResolver builtInParameterResolver
}
func (*opAssumeRoleWithWebIdentityResolveEndpointMiddleware) ID() string {
return "ResolveEndpointV2"
}
func (m *opAssumeRoleWithWebIdentityResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleSerialize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.EndpointResolver == nil {
return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
}
params := EndpointParameters{}
m.BuiltInResolver.ResolveBuiltIns(&params)
var resolvedEndpoint smithyendpoints.Endpoint
resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params)
if err != nil {
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
req.URL = &resolvedEndpoint.URI
for k := range resolvedEndpoint.Headers {
req.Header.Set(
k,
resolvedEndpoint.Headers.Get(k),
)
}
authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties)
if err != nil {
var nfe *internalauth.NoAuthenticationSchemesFoundError
if errors.As(err, &nfe) {
// if no auth scheme is found, default to sigv4
signingName := "sts"
signingRegion := m.BuiltInResolver.(*builtInResolver).Region
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
}
var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError
if errors.As(err, &ue) {
return out, metadata, fmt.Errorf(
"This operation requests signer version(s) %v but the client only supports %v",
ue.UnsupportedSchemes,
internalauth.SupportedSchemes,
)
}
}
for _, authScheme := range authSchemes {
switch authScheme.(type) {
case *internalauth.AuthenticationSchemeV4:
v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4)
var signingName, signingRegion string
if v4Scheme.SigningName == nil {
signingName = "sts"
} else {
signingName = *v4Scheme.SigningName
}
if v4Scheme.SigningRegion == nil {
signingRegion = m.BuiltInResolver.(*builtInResolver).Region
} else {
signingRegion = *v4Scheme.SigningRegion
}
if v4Scheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
break
case *internalauth.AuthenticationSchemeV4A:
v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A)
if v4aScheme.SigningName == nil {
v4aScheme.SigningName = aws.String("sts")
}
if v4aScheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName)
ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0])
break
case *internalauth.AuthenticationSchemeNone:
break
}
}
return next.HandleSerialize(ctx, in)
}
func addAssumeRoleWithWebIdentityResolveEndpointMiddleware(stack *middleware.Stack, options Options) error {
return stack.Serialize.Insert(&opAssumeRoleWithWebIdentityResolveEndpointMiddleware{
EndpointResolver: options.EndpointResolverV2,
BuiltInResolver: &builtInResolver{
Region: options.Region,
UseDualStack: options.EndpointOptions.UseDualStackEndpoint,
UseFIPS: options.EndpointOptions.UseFIPSEndpoint,
Endpoint: options.BaseEndpoint,
},
}, "ResolveEndpoint", middleware.After)
}

142
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_DecodeAuthorizationMessage.go generated vendored
View File

@ -4,13 +4,9 @@ package sts
import (
"context"
"errors"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
smithyendpoints "github.com/aws/smithy-go/endpoints"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
@ -78,6 +74,9 @@ type DecodeAuthorizationMessageOutput struct {
}
func (c *Client) addOperationDecodeAuthorizationMessageMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpDecodeAuthorizationMessage{}, middleware.After)
if err != nil {
return err
@ -86,6 +85,10 @@ func (c *Client) addOperationDecodeAuthorizationMessageMiddlewares(stack *middle
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "DecodeAuthorizationMessage"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
@ -107,9 +110,6 @@ func (c *Client) addOperationDecodeAuthorizationMessageMiddlewares(stack *middle
if err = addRetryMiddlewares(stack, options); err != nil {
return err
}
if err = addHTTPSignerV4Middleware(stack, options); err != nil {
return err
}
if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil {
return err
}
@ -125,7 +125,7 @@ func (c *Client) addOperationDecodeAuthorizationMessageMiddlewares(stack *middle
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addDecodeAuthorizationMessageResolveEndpointMiddleware(stack, options); err != nil {
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpDecodeAuthorizationMessageValidationMiddleware(stack); err != nil {
@ -146,7 +146,7 @@ func (c *Client) addOperationDecodeAuthorizationMessageMiddlewares(stack *middle
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil {
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
@ -156,130 +156,6 @@ func newServiceMetadataMiddleware_opDecodeAuthorizationMessage(region string) *a
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
SigningName: "sts",
OperationName: "DecodeAuthorizationMessage",
}
}
type opDecodeAuthorizationMessageResolveEndpointMiddleware struct {
EndpointResolver EndpointResolverV2
BuiltInResolver builtInParameterResolver
}
func (*opDecodeAuthorizationMessageResolveEndpointMiddleware) ID() string {
return "ResolveEndpointV2"
}
func (m *opDecodeAuthorizationMessageResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleSerialize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.EndpointResolver == nil {
return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
}
params := EndpointParameters{}
m.BuiltInResolver.ResolveBuiltIns(&params)
var resolvedEndpoint smithyendpoints.Endpoint
resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params)
if err != nil {
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
req.URL = &resolvedEndpoint.URI
for k := range resolvedEndpoint.Headers {
req.Header.Set(
k,
resolvedEndpoint.Headers.Get(k),
)
}
authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties)
if err != nil {
var nfe *internalauth.NoAuthenticationSchemesFoundError
if errors.As(err, &nfe) {
// if no auth scheme is found, default to sigv4
signingName := "sts"
signingRegion := m.BuiltInResolver.(*builtInResolver).Region
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
}
var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError
if errors.As(err, &ue) {
return out, metadata, fmt.Errorf(
"This operation requests signer version(s) %v but the client only supports %v",
ue.UnsupportedSchemes,
internalauth.SupportedSchemes,
)
}
}
for _, authScheme := range authSchemes {
switch authScheme.(type) {
case *internalauth.AuthenticationSchemeV4:
v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4)
var signingName, signingRegion string
if v4Scheme.SigningName == nil {
signingName = "sts"
} else {
signingName = *v4Scheme.SigningName
}
if v4Scheme.SigningRegion == nil {
signingRegion = m.BuiltInResolver.(*builtInResolver).Region
} else {
signingRegion = *v4Scheme.SigningRegion
}
if v4Scheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
break
case *internalauth.AuthenticationSchemeV4A:
v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A)
if v4aScheme.SigningName == nil {
v4aScheme.SigningName = aws.String("sts")
}
if v4aScheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName)
ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0])
break
case *internalauth.AuthenticationSchemeNone:
break
}
}
return next.HandleSerialize(ctx, in)
}
func addDecodeAuthorizationMessageResolveEndpointMiddleware(stack *middleware.Stack, options Options) error {
return stack.Serialize.Insert(&opDecodeAuthorizationMessageResolveEndpointMiddleware{
EndpointResolver: options.EndpointResolverV2,
BuiltInResolver: &builtInResolver{
Region: options.Region,
UseDualStack: options.EndpointOptions.UseDualStackEndpoint,
UseFIPS: options.EndpointOptions.UseFIPSEndpoint,
Endpoint: options.BaseEndpoint,
},
}, "ResolveEndpoint", middleware.After)
}

142
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetAccessKeyInfo.go generated vendored
View File

@ -4,13 +4,9 @@ package sts
import (
"context"
"errors"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
smithyendpoints "github.com/aws/smithy-go/endpoints"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
@ -71,6 +67,9 @@ type GetAccessKeyInfoOutput struct {
}
func (c *Client) addOperationGetAccessKeyInfoMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetAccessKeyInfo{}, middleware.After)
if err != nil {
return err
@ -79,6 +78,10 @@ func (c *Client) addOperationGetAccessKeyInfoMiddlewares(stack *middleware.Stack
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetAccessKeyInfo"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
@ -100,9 +103,6 @@ func (c *Client) addOperationGetAccessKeyInfoMiddlewares(stack *middleware.Stack
if err = addRetryMiddlewares(stack, options); err != nil {
return err
}
if err = addHTTPSignerV4Middleware(stack, options); err != nil {
return err
}
if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil {
return err
}
@ -118,7 +118,7 @@ func (c *Client) addOperationGetAccessKeyInfoMiddlewares(stack *middleware.Stack
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addGetAccessKeyInfoResolveEndpointMiddleware(stack, options); err != nil {
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetAccessKeyInfoValidationMiddleware(stack); err != nil {
@ -139,7 +139,7 @@ func (c *Client) addOperationGetAccessKeyInfoMiddlewares(stack *middleware.Stack
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil {
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
@ -149,130 +149,6 @@ func newServiceMetadataMiddleware_opGetAccessKeyInfo(region string) *awsmiddlewa
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
SigningName: "sts",
OperationName: "GetAccessKeyInfo",
}
}
type opGetAccessKeyInfoResolveEndpointMiddleware struct {
EndpointResolver EndpointResolverV2
BuiltInResolver builtInParameterResolver
}
func (*opGetAccessKeyInfoResolveEndpointMiddleware) ID() string {
return "ResolveEndpointV2"
}
func (m *opGetAccessKeyInfoResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleSerialize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.EndpointResolver == nil {
return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
}
params := EndpointParameters{}
m.BuiltInResolver.ResolveBuiltIns(&params)
var resolvedEndpoint smithyendpoints.Endpoint
resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params)
if err != nil {
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
req.URL = &resolvedEndpoint.URI
for k := range resolvedEndpoint.Headers {
req.Header.Set(
k,
resolvedEndpoint.Headers.Get(k),
)
}
authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties)
if err != nil {
var nfe *internalauth.NoAuthenticationSchemesFoundError
if errors.As(err, &nfe) {
// if no auth scheme is found, default to sigv4
signingName := "sts"
signingRegion := m.BuiltInResolver.(*builtInResolver).Region
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
}
var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError
if errors.As(err, &ue) {
return out, metadata, fmt.Errorf(
"This operation requests signer version(s) %v but the client only supports %v",
ue.UnsupportedSchemes,
internalauth.SupportedSchemes,
)
}
}
for _, authScheme := range authSchemes {
switch authScheme.(type) {
case *internalauth.AuthenticationSchemeV4:
v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4)
var signingName, signingRegion string
if v4Scheme.SigningName == nil {
signingName = "sts"
} else {
signingName = *v4Scheme.SigningName
}
if v4Scheme.SigningRegion == nil {
signingRegion = m.BuiltInResolver.(*builtInResolver).Region
} else {
signingRegion = *v4Scheme.SigningRegion
}
if v4Scheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
break
case *internalauth.AuthenticationSchemeV4A:
v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A)
if v4aScheme.SigningName == nil {
v4aScheme.SigningName = aws.String("sts")
}
if v4aScheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName)
ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0])
break
case *internalauth.AuthenticationSchemeNone:
break
}
}
return next.HandleSerialize(ctx, in)
}
func addGetAccessKeyInfoResolveEndpointMiddleware(stack *middleware.Stack, options Options) error {
return stack.Serialize.Insert(&opGetAccessKeyInfoResolveEndpointMiddleware{
EndpointResolver: options.EndpointResolverV2,
BuiltInResolver: &builtInResolver{
Region: options.Region,
UseDualStack: options.EndpointOptions.UseDualStackEndpoint,
UseFIPS: options.EndpointOptions.UseFIPSEndpoint,
Endpoint: options.BaseEndpoint,
},
}, "ResolveEndpoint", middleware.After)
}

142
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetCallerIdentity.go generated vendored
View File

@ -4,13 +4,9 @@ package sts
import (
"context"
"errors"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
smithyendpoints "github.com/aws/smithy-go/endpoints"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
@ -66,6 +62,9 @@ type GetCallerIdentityOutput struct {
}
func (c *Client) addOperationGetCallerIdentityMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetCallerIdentity{}, middleware.After)
if err != nil {
return err
@ -74,6 +73,10 @@ func (c *Client) addOperationGetCallerIdentityMiddlewares(stack *middleware.Stac
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetCallerIdentity"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
@ -95,9 +98,6 @@ func (c *Client) addOperationGetCallerIdentityMiddlewares(stack *middleware.Stac
if err = addRetryMiddlewares(stack, options); err != nil {
return err
}
if err = addHTTPSignerV4Middleware(stack, options); err != nil {
return err
}
if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil {
return err
}
@ -113,7 +113,7 @@ func (c *Client) addOperationGetCallerIdentityMiddlewares(stack *middleware.Stac
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addGetCallerIdentityResolveEndpointMiddleware(stack, options); err != nil {
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetCallerIdentity(options.Region), middleware.Before); err != nil {
@ -131,7 +131,7 @@ func (c *Client) addOperationGetCallerIdentityMiddlewares(stack *middleware.Stac
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil {
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
@ -141,7 +141,6 @@ func newServiceMetadataMiddleware_opGetCallerIdentity(region string) *awsmiddlew
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
SigningName: "sts",
OperationName: "GetCallerIdentity",
}
}
@ -169,126 +168,3 @@ func (c *PresignClient) PresignGetCallerIdentity(ctx context.Context, params *Ge
out := result.(*v4.PresignedHTTPRequest)
return out, nil
}
type opGetCallerIdentityResolveEndpointMiddleware struct {
EndpointResolver EndpointResolverV2
BuiltInResolver builtInParameterResolver
}
func (*opGetCallerIdentityResolveEndpointMiddleware) ID() string {
return "ResolveEndpointV2"
}
func (m *opGetCallerIdentityResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleSerialize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.EndpointResolver == nil {
return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
}
params := EndpointParameters{}
m.BuiltInResolver.ResolveBuiltIns(&params)
var resolvedEndpoint smithyendpoints.Endpoint
resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params)
if err != nil {
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
req.URL = &resolvedEndpoint.URI
for k := range resolvedEndpoint.Headers {
req.Header.Set(
k,
resolvedEndpoint.Headers.Get(k),
)
}
authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties)
if err != nil {
var nfe *internalauth.NoAuthenticationSchemesFoundError
if errors.As(err, &nfe) {
// if no auth scheme is found, default to sigv4
signingName := "sts"
signingRegion := m.BuiltInResolver.(*builtInResolver).Region
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
}
var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError
if errors.As(err, &ue) {
return out, metadata, fmt.Errorf(
"This operation requests signer version(s) %v but the client only supports %v",
ue.UnsupportedSchemes,
internalauth.SupportedSchemes,
)
}
}
for _, authScheme := range authSchemes {
switch authScheme.(type) {
case *internalauth.AuthenticationSchemeV4:
v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4)
var signingName, signingRegion string
if v4Scheme.SigningName == nil {
signingName = "sts"
} else {
signingName = *v4Scheme.SigningName
}
if v4Scheme.SigningRegion == nil {
signingRegion = m.BuiltInResolver.(*builtInResolver).Region
} else {
signingRegion = *v4Scheme.SigningRegion
}
if v4Scheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
break
case *internalauth.AuthenticationSchemeV4A:
v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A)
if v4aScheme.SigningName == nil {
v4aScheme.SigningName = aws.String("sts")
}
if v4aScheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName)
ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0])
break
case *internalauth.AuthenticationSchemeNone:
break
}
}
return next.HandleSerialize(ctx, in)
}
func addGetCallerIdentityResolveEndpointMiddleware(stack *middleware.Stack, options Options) error {
return stack.Serialize.Insert(&opGetCallerIdentityResolveEndpointMiddleware{
EndpointResolver: options.EndpointResolverV2,
BuiltInResolver: &builtInResolver{
Region: options.Region,
UseDualStack: options.EndpointOptions.UseDualStackEndpoint,
UseFIPS: options.EndpointOptions.UseFIPSEndpoint,
Endpoint: options.BaseEndpoint,
},
}, "ResolveEndpoint", middleware.After)
}

142
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetFederationToken.go generated vendored
View File

@ -4,14 +4,10 @@ package sts
import (
"context"
"errors"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
"github.com/aws/aws-sdk-go-v2/service/sts/types"
smithyendpoints "github.com/aws/smithy-go/endpoints"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
@ -238,6 +234,9 @@ type GetFederationTokenOutput struct {
}
func (c *Client) addOperationGetFederationTokenMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetFederationToken{}, middleware.After)
if err != nil {
return err
@ -246,6 +245,10 @@ func (c *Client) addOperationGetFederationTokenMiddlewares(stack *middleware.Sta
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetFederationToken"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
@ -267,9 +270,6 @@ func (c *Client) addOperationGetFederationTokenMiddlewares(stack *middleware.Sta
if err = addRetryMiddlewares(stack, options); err != nil {
return err
}
if err = addHTTPSignerV4Middleware(stack, options); err != nil {
return err
}
if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil {
return err
}
@ -285,7 +285,7 @@ func (c *Client) addOperationGetFederationTokenMiddlewares(stack *middleware.Sta
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addGetFederationTokenResolveEndpointMiddleware(stack, options); err != nil {
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = addOpGetFederationTokenValidationMiddleware(stack); err != nil {
@ -306,7 +306,7 @@ func (c *Client) addOperationGetFederationTokenMiddlewares(stack *middleware.Sta
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil {
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
@ -316,130 +316,6 @@ func newServiceMetadataMiddleware_opGetFederationToken(region string) *awsmiddle
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
SigningName: "sts",
OperationName: "GetFederationToken",
}
}
type opGetFederationTokenResolveEndpointMiddleware struct {
EndpointResolver EndpointResolverV2
BuiltInResolver builtInParameterResolver
}
func (*opGetFederationTokenResolveEndpointMiddleware) ID() string {
return "ResolveEndpointV2"
}
func (m *opGetFederationTokenResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleSerialize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.EndpointResolver == nil {
return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
}
params := EndpointParameters{}
m.BuiltInResolver.ResolveBuiltIns(&params)
var resolvedEndpoint smithyendpoints.Endpoint
resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params)
if err != nil {
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
req.URL = &resolvedEndpoint.URI
for k := range resolvedEndpoint.Headers {
req.Header.Set(
k,
resolvedEndpoint.Headers.Get(k),
)
}
authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties)
if err != nil {
var nfe *internalauth.NoAuthenticationSchemesFoundError
if errors.As(err, &nfe) {
// if no auth scheme is found, default to sigv4
signingName := "sts"
signingRegion := m.BuiltInResolver.(*builtInResolver).Region
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
}
var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError
if errors.As(err, &ue) {
return out, metadata, fmt.Errorf(
"This operation requests signer version(s) %v but the client only supports %v",
ue.UnsupportedSchemes,
internalauth.SupportedSchemes,
)
}
}
for _, authScheme := range authSchemes {
switch authScheme.(type) {
case *internalauth.AuthenticationSchemeV4:
v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4)
var signingName, signingRegion string
if v4Scheme.SigningName == nil {
signingName = "sts"
} else {
signingName = *v4Scheme.SigningName
}
if v4Scheme.SigningRegion == nil {
signingRegion = m.BuiltInResolver.(*builtInResolver).Region
} else {
signingRegion = *v4Scheme.SigningRegion
}
if v4Scheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
break
case *internalauth.AuthenticationSchemeV4A:
v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A)
if v4aScheme.SigningName == nil {
v4aScheme.SigningName = aws.String("sts")
}
if v4aScheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName)
ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0])
break
case *internalauth.AuthenticationSchemeNone:
break
}
}
return next.HandleSerialize(ctx, in)
}
func addGetFederationTokenResolveEndpointMiddleware(stack *middleware.Stack, options Options) error {
return stack.Serialize.Insert(&opGetFederationTokenResolveEndpointMiddleware{
EndpointResolver: options.EndpointResolverV2,
BuiltInResolver: &builtInResolver{
Region: options.Region,
UseDualStack: options.EndpointOptions.UseDualStackEndpoint,
UseFIPS: options.EndpointOptions.UseFIPSEndpoint,
Endpoint: options.BaseEndpoint,
},
}, "ResolveEndpoint", middleware.After)
}

142
vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetSessionToken.go generated vendored
View File

@ -4,14 +4,10 @@ package sts
import (
"context"
"errors"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
"github.com/aws/aws-sdk-go-v2/service/sts/types"
smithyendpoints "github.com/aws/smithy-go/endpoints"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
@ -124,6 +120,9 @@ type GetSessionTokenOutput struct {
}
func (c *Client) addOperationGetSessionTokenMiddlewares(stack *middleware.Stack, options Options) (err error) {
if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
return err
}
err = stack.Serialize.Add(&awsAwsquery_serializeOpGetSessionToken{}, middleware.After)
if err != nil {
return err
@ -132,6 +131,10 @@ func (c *Client) addOperationGetSessionTokenMiddlewares(stack *middleware.Stack,
if err != nil {
return err
}
if err := addProtocolFinalizerMiddlewares(stack, options, "GetSessionToken"); err != nil {
return fmt.Errorf("add protocol finalizers: %v", err)
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
@ -153,9 +156,6 @@ func (c *Client) addOperationGetSessionTokenMiddlewares(stack *middleware.Stack,
if err = addRetryMiddlewares(stack, options); err != nil {
return err
}
if err = addHTTPSignerV4Middleware(stack, options); err != nil {
return err
}
if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil {
return err
}
@ -171,7 +171,7 @@ func (c *Client) addOperationGetSessionTokenMiddlewares(stack *middleware.Stack,
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addGetSessionTokenResolveEndpointMiddleware(stack, options); err != nil {
if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetSessionToken(options.Region), middleware.Before); err != nil {
@ -189,7 +189,7 @@ func (c *Client) addOperationGetSessionTokenMiddlewares(stack *middleware.Stack,
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil {
if err = addDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
@ -199,130 +199,6 @@ func newServiceMetadataMiddleware_opGetSessionToken(region string) *awsmiddlewar
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
SigningName: "sts",
OperationName: "GetSessionToken",
}
}
type opGetSessionTokenResolveEndpointMiddleware struct {
EndpointResolver EndpointResolverV2
BuiltInResolver builtInParameterResolver
}
func (*opGetSessionTokenResolveEndpointMiddleware) ID() string {
return "ResolveEndpointV2"
}
func (m *opGetSessionTokenResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleSerialize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.EndpointResolver == nil {
return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
}
params := EndpointParameters{}
m.BuiltInResolver.ResolveBuiltIns(&params)
var resolvedEndpoint smithyendpoints.Endpoint
resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params)
if err != nil {
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
req.URL = &resolvedEndpoint.URI
for k := range resolvedEndpoint.Headers {
req.Header.Set(
k,
resolvedEndpoint.Headers.Get(k),
)
}
authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties)
if err != nil {
var nfe *internalauth.NoAuthenticationSchemesFoundError
if errors.As(err, &nfe) {
// if no auth scheme is found, default to sigv4
signingName := "sts"
signingRegion := m.BuiltInResolver.(*builtInResolver).Region
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
}
var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError
if errors.As(err, &ue) {
return out, metadata, fmt.Errorf(
"This operation requests signer version(s) %v but the client only supports %v",
ue.UnsupportedSchemes,
internalauth.SupportedSchemes,
)
}
}
for _, authScheme := range authSchemes {
switch authScheme.(type) {
case *internalauth.AuthenticationSchemeV4:
v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4)
var signingName, signingRegion string
if v4Scheme.SigningName == nil {
signingName = "sts"
} else {
signingName = *v4Scheme.SigningName
}
if v4Scheme.SigningRegion == nil {
signingRegion = m.BuiltInResolver.(*builtInResolver).Region
} else {
signingRegion = *v4Scheme.SigningRegion
}
if v4Scheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
break
case *internalauth.AuthenticationSchemeV4A:
v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A)
if v4aScheme.SigningName == nil {
v4aScheme.SigningName = aws.String("sts")
}
if v4aScheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName)
ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0])
break
case *internalauth.AuthenticationSchemeNone:
break
}
}
return next.HandleSerialize(ctx, in)
}
func addGetSessionTokenResolveEndpointMiddleware(stack *middleware.Stack, options Options) error {
return stack.Serialize.Insert(&opGetSessionTokenResolveEndpointMiddleware{
EndpointResolver: options.EndpointResolverV2,
BuiltInResolver: &builtInResolver{
Region: options.Region,
UseDualStack: options.EndpointOptions.UseDualStackEndpoint,
UseFIPS: options.EndpointOptions.UseFIPSEndpoint,
Endpoint: options.BaseEndpoint,
},
}, "ResolveEndpoint", middleware.After)
}

290
vendor/github.com/aws/aws-sdk-go-v2/service/sts/auth.go generated vendored Normal file
View File

@ -0,0 +1,290 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package sts
import (
"context"
"fmt"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
smithy "github.com/aws/smithy-go"
smithyauth "github.com/aws/smithy-go/auth"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) {
params.Region = options.Region
}
type setLegacyContextSigningOptionsMiddleware struct {
}
func (*setLegacyContextSigningOptionsMiddleware) ID() string {
return "setLegacyContextSigningOptions"
}
func (m *setLegacyContextSigningOptionsMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
) {
rscheme := getResolvedAuthScheme(ctx)
schemeID := rscheme.Scheme.SchemeID()
if sn := awsmiddleware.GetSigningName(ctx); sn != "" {
if schemeID == "aws.auth#sigv4" {
smithyhttp.SetSigV4SigningName(&rscheme.SignerProperties, sn)
} else if schemeID == "aws.auth#sigv4a" {
smithyhttp.SetSigV4ASigningName(&rscheme.SignerProperties, sn)
}
}
if sr := awsmiddleware.GetSigningRegion(ctx); sr != "" {
if schemeID == "aws.auth#sigv4" {
smithyhttp.SetSigV4SigningRegion(&rscheme.SignerProperties, sr)
} else if schemeID == "aws.auth#sigv4a" {
smithyhttp.SetSigV4ASigningRegions(&rscheme.SignerProperties, []string{sr})
}
}
return next.HandleFinalize(ctx, in)
}
func addSetLegacyContextSigningOptionsMiddleware(stack *middleware.Stack) error {
return stack.Finalize.Insert(&setLegacyContextSigningOptionsMiddleware{}, "Signing", middleware.Before)
}
// AuthResolverParameters contains the set of inputs necessary for auth scheme
// resolution.
type AuthResolverParameters struct {
// The name of the operation being invoked.
Operation string
// The region in which the operation is being invoked.
Region string
}
func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters {
params := &AuthResolverParameters{
Operation: operation,
}
bindAuthParamsRegion(params, input, options)
return params
}
// AuthSchemeResolver returns a set of possible authentication options for an
// operation.
type AuthSchemeResolver interface {
ResolveAuthSchemes(context.Context, *AuthResolverParameters) ([]*smithyauth.Option, error)
}
type defaultAuthSchemeResolver struct{}
var _ AuthSchemeResolver = (*defaultAuthSchemeResolver)(nil)
func (*defaultAuthSchemeResolver) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) {
if overrides, ok := operationAuthOptions[params.Operation]; ok {
return overrides(params), nil
}
return serviceAuthOptions(params), nil
}
var operationAuthOptions = map[string]func(*AuthResolverParameters) []*smithyauth.Option{
"AssumeRoleWithSAML": func(params *AuthResolverParameters) []*smithyauth.Option {
return []*smithyauth.Option{
{
SchemeID: smithyauth.SchemeIDSigV4,
SignerProperties: func() smithy.Properties {
var props smithy.Properties
smithyhttp.SetSigV4SigningName(&props, "sts")
smithyhttp.SetSigV4SigningRegion(&props, params.Region)
return props
}(),
},
{SchemeID: smithyauth.SchemeIDAnonymous},
}
},
"AssumeRoleWithWebIdentity": func(params *AuthResolverParameters) []*smithyauth.Option {
return []*smithyauth.Option{
{
SchemeID: smithyauth.SchemeIDSigV4,
SignerProperties: func() smithy.Properties {
var props smithy.Properties
smithyhttp.SetSigV4SigningName(&props, "sts")
smithyhttp.SetSigV4SigningRegion(&props, params.Region)
return props
}(),
},
{SchemeID: smithyauth.SchemeIDAnonymous},
}
},
}
func serviceAuthOptions(params *AuthResolverParameters) []*smithyauth.Option {
return []*smithyauth.Option{
{
SchemeID: smithyauth.SchemeIDSigV4,
SignerProperties: func() smithy.Properties {
var props smithy.Properties
smithyhttp.SetSigV4SigningName(&props, "sts")
smithyhttp.SetSigV4SigningRegion(&props, params.Region)
return props
}(),
},
}
}
type resolveAuthSchemeMiddleware struct {
operation string
options Options
}
func (*resolveAuthSchemeMiddleware) ID() string {
return "ResolveAuthScheme"
}
func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
) {
params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options)
options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params)
if err != nil {
return out, metadata, fmt.Errorf("resolve auth scheme: %v", err)
}
scheme, ok := m.selectScheme(options)
if !ok {
return out, metadata, fmt.Errorf("could not select an auth scheme")
}
ctx = setResolvedAuthScheme(ctx, scheme)
return next.HandleFinalize(ctx, in)
}
func (m *resolveAuthSchemeMiddleware) selectScheme(options []*smithyauth.Option) (*resolvedAuthScheme, bool) {
for _, option := range options {
if option.SchemeID == smithyauth.SchemeIDAnonymous {
return newResolvedAuthScheme(smithyhttp.NewAnonymousScheme(), option), true
}
for _, scheme := range m.options.AuthSchemes {
if scheme.SchemeID() != option.SchemeID {
continue
}
if scheme.IdentityResolver(m.options) != nil {
return newResolvedAuthScheme(scheme, option), true
}
}
}
return nil, false
}
type resolvedAuthSchemeKey struct{}
type resolvedAuthScheme struct {
Scheme smithyhttp.AuthScheme
IdentityProperties smithy.Properties
SignerProperties smithy.Properties
}
func newResolvedAuthScheme(scheme smithyhttp.AuthScheme, option *smithyauth.Option) *resolvedAuthScheme {
return &resolvedAuthScheme{
Scheme: scheme,
IdentityProperties: option.IdentityProperties,
SignerProperties: option.SignerProperties,
}
}
func setResolvedAuthScheme(ctx context.Context, scheme *resolvedAuthScheme) context.Context {
return middleware.WithStackValue(ctx, resolvedAuthSchemeKey{}, scheme)
}
func getResolvedAuthScheme(ctx context.Context) *resolvedAuthScheme {
v, _ := middleware.GetStackValue(ctx, resolvedAuthSchemeKey{}).(*resolvedAuthScheme)
return v
}
type getIdentityMiddleware struct {
options Options
}
func (*getIdentityMiddleware) ID() string {
return "GetIdentity"
}
func (m *getIdentityMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
) {
rscheme := getResolvedAuthScheme(ctx)
if rscheme == nil {
return out, metadata, fmt.Errorf("no resolved auth scheme")
}
resolver := rscheme.Scheme.IdentityResolver(m.options)
if resolver == nil {
return out, metadata, fmt.Errorf("no identity resolver")
}
identity, err := resolver.GetIdentity(ctx, rscheme.IdentityProperties)
if err != nil {
return out, metadata, fmt.Errorf("get identity: %v", err)
}
ctx = setIdentity(ctx, identity)
return next.HandleFinalize(ctx, in)
}
type identityKey struct{}
func setIdentity(ctx context.Context, identity smithyauth.Identity) context.Context {
return middleware.WithStackValue(ctx, identityKey{}, identity)
}
func getIdentity(ctx context.Context) smithyauth.Identity {
v, _ := middleware.GetStackValue(ctx, identityKey{}).(smithyauth.Identity)
return v
}
type signRequestMiddleware struct {
}
func (*signRequestMiddleware) ID() string {
return "Signing"
}
func (m *signRequestMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
) {
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unexpected transport type %T", in.Request)
}
rscheme := getResolvedAuthScheme(ctx)
if rscheme == nil {
return out, metadata, fmt.Errorf("no resolved auth scheme")
}
identity := getIdentity(ctx)
if identity == nil {
return out, metadata, fmt.Errorf("no identity")
}
signer := rscheme.Scheme.Signer()
if signer == nil {
return out, metadata, fmt.Errorf("no signer")
}
if err := signer.SignRequest(ctx, req, identity, rscheme.SignerProperties); err != nil {
return out, metadata, fmt.Errorf("sign request: %v", err)
}
return next.HandleFinalize(ctx, in)
}

438
vendor/github.com/aws/aws-sdk-go-v2/service/sts/endpoints.go generated vendored
View File

@ -9,9 +9,11 @@ import (
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources"
"github.com/aws/aws-sdk-go-v2/internal/endpoints"
"github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn"
internalendpoints "github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints"
smithy "github.com/aws/smithy-go"
smithyauth "github.com/aws/smithy-go/auth"
smithyendpoints "github.com/aws/smithy-go/endpoints"
"github.com/aws/smithy-go/middleware"
"github.com/aws/smithy-go/ptr"
@ -215,77 +217,6 @@ func resolveBaseEndpoint(cfg aws.Config, o *Options) {
}
}
// Utility function to aid with translating pseudo-regions to classical regions
// with the appropriate setting indicated by the pseudo-region
func mapPseudoRegion(pr string) (region string, fips aws.FIPSEndpointState) {
const fipsInfix = "-fips-"
const fipsPrefix = "fips-"
const fipsSuffix = "-fips"
if strings.Contains(pr, fipsInfix) ||
strings.Contains(pr, fipsPrefix) ||
strings.Contains(pr, fipsSuffix) {
region = strings.ReplaceAll(strings.ReplaceAll(strings.ReplaceAll(
pr, fipsInfix, "-"), fipsPrefix, ""), fipsSuffix, "")
fips = aws.FIPSEndpointStateEnabled
} else {
region = pr
}
return region, fips
}
// builtInParameterResolver is the interface responsible for resolving BuiltIn
// values during the sourcing of EndpointParameters
type builtInParameterResolver interface {
ResolveBuiltIns(*EndpointParameters) error
}
// builtInResolver resolves modeled BuiltIn values using only the members defined
// below.
type builtInResolver struct {
// The AWS region used to dispatch the request.
Region string
// Sourced BuiltIn value in a historical enabled or disabled state.
UseDualStack aws.DualStackEndpointState
// Sourced BuiltIn value in a historical enabled or disabled state.
UseFIPS aws.FIPSEndpointState
// Base endpoint that can potentially be modified during Endpoint resolution.
Endpoint *string
// Whether the global endpoint should be used, rather then the regional endpoint
// for us-east-1.
UseGlobalEndpoint bool
}
// Invoked at runtime to resolve BuiltIn Values. Only resolution code specific to
// each BuiltIn value is generated.
func (b *builtInResolver) ResolveBuiltIns(params *EndpointParameters) error {
region, _ := mapPseudoRegion(b.Region)
if len(region) == 0 {
return fmt.Errorf("Could not resolve AWS::Region")
} else {
params.Region = aws.String(region)
}
if b.UseDualStack == aws.DualStackEndpointStateEnabled {
params.UseDualStack = aws.Bool(true)
} else {
params.UseDualStack = aws.Bool(false)
}
if b.UseFIPS == aws.FIPSEndpointStateEnabled {
params.UseFIPS = aws.Bool(true)
} else {
params.UseFIPS = aws.Bool(false)
}
params.Endpoint = b.Endpoint
params.UseGlobalEndpoint = aws.Bool(b.UseGlobalEndpoint)
return nil
}
// EndpointParameters provides the parameters that influence how endpoints are
// resolved.
type EndpointParameters struct {
@ -422,11 +353,17 @@ func (r *resolver) ResolveEndpoint(
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
{
SchemeID: "aws.auth#sigv4",
SignerProperties: func() smithy.Properties {
var sp smithy.Properties
smithyhttp.SetSigV4SigningName(&sp, "sts")
smithyhttp.SetSigV4ASigningName(&sp, "sts")
smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
return sp
}(),
},
})
return out
@ -446,11 +383,17 @@ func (r *resolver) ResolveEndpoint(
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
{
SchemeID: "aws.auth#sigv4",
SignerProperties: func() smithy.Properties {
var sp smithy.Properties
smithyhttp.SetSigV4SigningName(&sp, "sts")
smithyhttp.SetSigV4ASigningName(&sp, "sts")
smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
return sp
}(),
},
})
return out
@ -470,11 +413,17 @@ func (r *resolver) ResolveEndpoint(
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
{
SchemeID: "aws.auth#sigv4",
SignerProperties: func() smithy.Properties {
var sp smithy.Properties
smithyhttp.SetSigV4SigningName(&sp, "sts")
smithyhttp.SetSigV4ASigningName(&sp, "sts")
smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
return sp
}(),
},
})
return out
@ -494,11 +443,17 @@ func (r *resolver) ResolveEndpoint(
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
{
SchemeID: "aws.auth#sigv4",
SignerProperties: func() smithy.Properties {
var sp smithy.Properties
smithyhttp.SetSigV4SigningName(&sp, "sts")
smithyhttp.SetSigV4ASigningName(&sp, "sts")
smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
return sp
}(),
},
})
return out
@ -518,11 +473,17 @@ func (r *resolver) ResolveEndpoint(
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
{
SchemeID: "aws.auth#sigv4",
SignerProperties: func() smithy.Properties {
var sp smithy.Properties
smithyhttp.SetSigV4SigningName(&sp, "sts")
smithyhttp.SetSigV4ASigningName(&sp, "sts")
smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
return sp
}(),
},
})
return out
@ -542,11 +503,17 @@ func (r *resolver) ResolveEndpoint(
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
{
SchemeID: "aws.auth#sigv4",
SignerProperties: func() smithy.Properties {
var sp smithy.Properties
smithyhttp.SetSigV4SigningName(&sp, "sts")
smithyhttp.SetSigV4ASigningName(&sp, "sts")
smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
return sp
}(),
},
})
return out
@ -566,11 +533,17 @@ func (r *resolver) ResolveEndpoint(
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
{
SchemeID: "aws.auth#sigv4",
SignerProperties: func() smithy.Properties {
var sp smithy.Properties
smithyhttp.SetSigV4SigningName(&sp, "sts")
smithyhttp.SetSigV4ASigningName(&sp, "sts")
smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
return sp
}(),
},
})
return out
@ -590,11 +563,17 @@ func (r *resolver) ResolveEndpoint(
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
{
SchemeID: "aws.auth#sigv4",
SignerProperties: func() smithy.Properties {
var sp smithy.Properties
smithyhttp.SetSigV4SigningName(&sp, "sts")
smithyhttp.SetSigV4ASigningName(&sp, "sts")
smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
return sp
}(),
},
})
return out
@ -614,11 +593,17 @@ func (r *resolver) ResolveEndpoint(
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
{
SchemeID: "aws.auth#sigv4",
SignerProperties: func() smithy.Properties {
var sp smithy.Properties
smithyhttp.SetSigV4SigningName(&sp, "sts")
smithyhttp.SetSigV4ASigningName(&sp, "sts")
smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
return sp
}(),
},
})
return out
@ -638,11 +623,17 @@ func (r *resolver) ResolveEndpoint(
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
{
SchemeID: "aws.auth#sigv4",
SignerProperties: func() smithy.Properties {
var sp smithy.Properties
smithyhttp.SetSigV4SigningName(&sp, "sts")
smithyhttp.SetSigV4ASigningName(&sp, "sts")
smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
return sp
}(),
},
})
return out
@ -662,11 +653,17 @@ func (r *resolver) ResolveEndpoint(
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
{
SchemeID: "aws.auth#sigv4",
SignerProperties: func() smithy.Properties {
var sp smithy.Properties
smithyhttp.SetSigV4SigningName(&sp, "sts")
smithyhttp.SetSigV4ASigningName(&sp, "sts")
smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
return sp
}(),
},
})
return out
@ -686,11 +683,17 @@ func (r *resolver) ResolveEndpoint(
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
{
SchemeID: "aws.auth#sigv4",
SignerProperties: func() smithy.Properties {
var sp smithy.Properties
smithyhttp.SetSigV4SigningName(&sp, "sts")
smithyhttp.SetSigV4ASigningName(&sp, "sts")
smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
return sp
}(),
},
})
return out
@ -710,11 +713,17 @@ func (r *resolver) ResolveEndpoint(
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
{
SchemeID: "aws.auth#sigv4",
SignerProperties: func() smithy.Properties {
var sp smithy.Properties
smithyhttp.SetSigV4SigningName(&sp, "sts")
smithyhttp.SetSigV4ASigningName(&sp, "sts")
smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
return sp
}(),
},
})
return out
@ -734,11 +743,17 @@ func (r *resolver) ResolveEndpoint(
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
{
SchemeID: "aws.auth#sigv4",
SignerProperties: func() smithy.Properties {
var sp smithy.Properties
smithyhttp.SetSigV4SigningName(&sp, "sts")
smithyhttp.SetSigV4ASigningName(&sp, "sts")
smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
return sp
}(),
},
})
return out
@ -758,11 +773,17 @@ func (r *resolver) ResolveEndpoint(
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
{
SchemeID: "aws.auth#sigv4",
SignerProperties: func() smithy.Properties {
var sp smithy.Properties
smithyhttp.SetSigV4SigningName(&sp, "sts")
smithyhttp.SetSigV4ASigningName(&sp, "sts")
smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
return sp
}(),
},
})
return out
@ -782,11 +803,17 @@ func (r *resolver) ResolveEndpoint(
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
{
SchemeID: "aws.auth#sigv4",
SignerProperties: func() smithy.Properties {
var sp smithy.Properties
smithyhttp.SetSigV4SigningName(&sp, "sts")
smithyhttp.SetSigV4ASigningName(&sp, "sts")
smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
return sp
}(),
},
})
return out
@ -812,11 +839,17 @@ func (r *resolver) ResolveEndpoint(
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": _Region,
smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
{
SchemeID: "aws.auth#sigv4",
SignerProperties: func() smithy.Properties {
var sp smithy.Properties
smithyhttp.SetSigV4SigningName(&sp, "sts")
smithyhttp.SetSigV4ASigningName(&sp, "sts")
smithyhttp.SetSigV4SigningRegion(&sp, _Region)
return sp
}(),
},
})
return out
@ -883,8 +916,8 @@ func (r *resolver) ResolveEndpoint(
}
}
if _UseFIPS == true {
if true == _PartitionResult.SupportsFIPS {
if "aws-us-gov" == _PartitionResult.Name {
if _PartitionResult.SupportsFIPS == true {
if _PartitionResult.Name == "aws-us-gov" {
uriString := func() string {
var out strings.Builder
out.WriteString("https://sts.")
@ -960,11 +993,17 @@ func (r *resolver) ResolveEndpoint(
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
{
SchemeID: "aws.auth#sigv4",
SignerProperties: func() smithy.Properties {
var sp smithy.Properties
smithyhttp.SetSigV4SigningName(&sp, "sts")
smithyhttp.SetSigV4ASigningName(&sp, "sts")
smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
return sp
}(),
},
})
return out
@ -994,3 +1033,76 @@ func (r *resolver) ResolveEndpoint(
}
return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Missing Region")
}
type endpointParamsBinder interface {
bindEndpointParams(*EndpointParameters)
}
func bindEndpointParams(input interface{}, options Options) *EndpointParameters {
params := &EndpointParameters{}
params.Region = aws.String(endpoints.MapFIPSRegion(options.Region))
params.UseDualStack = aws.Bool(options.EndpointOptions.UseDualStackEndpoint == aws.DualStackEndpointStateEnabled)
params.UseFIPS = aws.Bool(options.EndpointOptions.UseFIPSEndpoint == aws.FIPSEndpointStateEnabled)
params.Endpoint = options.BaseEndpoint
if b, ok := input.(endpointParamsBinder); ok {
b.bindEndpointParams(params)
}
return params
}
type resolveEndpointV2Middleware struct {
options Options
}
func (*resolveEndpointV2Middleware) ID() string {
return "ResolveEndpointV2"
}
func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
) {
if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleFinalize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.options.EndpointResolverV2 == nil {
return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
}
params := bindEndpointParams(getOperationInput(ctx), m.options)
endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params)
if err != nil {
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
if endpt.URI.RawPath == "" && req.URL.RawPath != "" {
endpt.URI.RawPath = endpt.URI.Path
}
req.URL.Scheme = endpt.URI.Scheme
req.URL.Host = endpt.URI.Host
req.URL.Path = smithyhttp.JoinPath(endpt.URI.Path, req.URL.Path)
req.URL.RawPath = smithyhttp.JoinPath(endpt.URI.RawPath, req.URL.RawPath)
for k := range endpt.Headers {
req.Header.Set(k, endpt.Headers.Get(k))
}
rscheme := getResolvedAuthScheme(ctx)
if rscheme == nil {
return out, metadata, fmt.Errorf("no resolved auth scheme")
}
opts, _ := smithyauth.GetAuthOptions(&endpt.Properties)
for _, o := range opts {
rscheme.SignerProperties.SetAll(&o.SignerProperties)
}
return next.HandleFinalize(ctx, in)
}

3
vendor/github.com/aws/aws-sdk-go-v2/service/sts/generated.json generated vendored
View File

@ -3,6 +3,7 @@
"github.com/aws/aws-sdk-go-v2": "v1.4.0",
"github.com/aws/aws-sdk-go-v2/internal/configsources": "v0.0.0-00010101000000-000000000000",
"github.com/aws/aws-sdk-go-v2/internal/endpoints/v2": "v2.0.0-00010101000000-000000000000",
"github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding": "v1.0.5",
"github.com/aws/aws-sdk-go-v2/service/internal/presigned-url": "v1.0.7",
"github.com/aws/smithy-go": "v1.4.0",
"github.com/google/go-cmp": "v0.5.4"
@ -18,6 +19,7 @@
"api_op_GetCallerIdentity.go",
"api_op_GetFederationToken.go",
"api_op_GetSessionToken.go",
"auth.go",
"deserializers.go",
"doc.go",
"endpoints.go",
@ -26,6 +28,7 @@
"generated.json",
"internal/endpoints/endpoints.go",
"internal/endpoints/endpoints_test.go",
"options.go",
"protocol_test.go",
"serializers.go",
"types/errors.go",

2
vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go generated vendored
View File

@ -3,4 +3,4 @@
package sts
// goModuleVersion is the tagged release for this module
const goModuleVersion = "1.25.1"
const goModuleVersion = "1.25.3"

219
vendor/github.com/aws/aws-sdk-go-v2/service/sts/options.go generated vendored Normal file
View File

@ -0,0 +1,219 @@
// Code generated by smithy-go-codegen DO NOT EDIT.
package sts
import (
"context"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy"
smithyauth "github.com/aws/smithy-go/auth"
"github.com/aws/smithy-go/logging"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
"net/http"
)
type HTTPClient interface {
Do(*http.Request) (*http.Response, error)
}
type Options struct {
// Set of options to modify how an operation is invoked. These apply to all
// operations invoked for this client. Use functional options on operation call to
// modify this list for per operation behavior.
APIOptions []func(*middleware.Stack) error
// The optional application specific identifier appended to the User-Agent header.
AppID string
// This endpoint will be given as input to an EndpointResolverV2. It is used for
// providing a custom base endpoint that is subject to modifications by the
// processing EndpointResolverV2.
BaseEndpoint *string
// Configures the events that will be sent to the configured logger.
ClientLogMode aws.ClientLogMode
// The credentials object to use when signing requests.
Credentials aws.CredentialsProvider
// The configuration DefaultsMode that the SDK should use when constructing the
// clients initial default settings.
DefaultsMode aws.DefaultsMode
// The endpoint options to be used when attempting to resolve an endpoint.
EndpointOptions EndpointResolverOptions
// The service endpoint resolver.
//
// Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a
// value for this field will likely prevent you from using any endpoint-related
// service features released after the introduction of EndpointResolverV2 and
// BaseEndpoint. To migrate an EndpointResolver implementation that uses a custom
// endpoint, set the client option BaseEndpoint instead.
EndpointResolver EndpointResolver
// Resolves the endpoint used for a particular service operation. This should be
// used over the deprecated EndpointResolver.
EndpointResolverV2 EndpointResolverV2
// Signature Version 4 (SigV4) Signer
HTTPSignerV4 HTTPSignerV4
// The logger writer interface to write logging messages to.
Logger logging.Logger
// The region to send requests to. (Required)
Region string
// RetryMaxAttempts specifies the maximum number attempts an API client will call
// an operation that fails with a retryable error. A value of 0 is ignored, and
// will not be used to configure the API client created default retryer, or modify
// per operation call's retry max attempts. When creating a new API Clients this
// member will only be used if the Retryer Options member is nil. This value will
// be ignored if Retryer is not nil. If specified in an operation call's functional
// options with a value that is different than the constructed client's Options,
// the Client's Retryer will be wrapped to use the operation's specific
// RetryMaxAttempts value.
RetryMaxAttempts int
// RetryMode specifies the retry mode the API client will be created with, if
// Retryer option is not also specified. When creating a new API Clients this
// member will only be used if the Retryer Options member is nil. This value will
// be ignored if Retryer is not nil. Currently does not support per operation call
// overrides, may in the future.
RetryMode aws.RetryMode
// Retryer guides how HTTP requests should be retried in case of recoverable
// failures. When nil the API client will use a default retryer. The kind of
// default retry created by the API client can be changed with the RetryMode
// option.
Retryer aws.Retryer
// The RuntimeEnvironment configuration, only populated if the DefaultsMode is set
// to DefaultsModeAuto and is initialized using config.LoadDefaultConfig . You
// should not populate this structure programmatically, or rely on the values here
// within your applications.
RuntimeEnvironment aws.RuntimeEnvironment
// The initial DefaultsMode used when the client options were constructed. If the
// DefaultsMode was set to aws.DefaultsModeAuto this will store what the resolved
// value was at that point in time. Currently does not support per operation call
// overrides, may in the future.
resolvedDefaultsMode aws.DefaultsMode
// The HTTP client to invoke API calls with. Defaults to client's default HTTP
// implementation if nil.
HTTPClient HTTPClient
// The auth scheme resolver which determines how to authenticate for each
// operation.
AuthSchemeResolver AuthSchemeResolver
// The list of auth schemes supported by the client.
AuthSchemes []smithyhttp.AuthScheme
}
// Copy creates a clone where the APIOptions list is deep copied.
func (o Options) Copy() Options {
to := o
to.APIOptions = make([]func(*middleware.Stack) error, len(o.APIOptions))
copy(to.APIOptions, o.APIOptions)
return to
}
func (o Options) GetIdentityResolver(schemeID string) smithyauth.IdentityResolver {
if schemeID == "aws.auth#sigv4" {
return getSigV4IdentityResolver(o)
}
if schemeID == "smithy.api#noAuth" {
return &smithyauth.AnonymousIdentityResolver{}
}
return nil
}
// WithAPIOptions returns a functional option for setting the Client's APIOptions
// option.
func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) {
return func(o *Options) {
o.APIOptions = append(o.APIOptions, optFns...)
}
}
// Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for
// this field will likely prevent you from using any endpoint-related service
// features released after the introduction of EndpointResolverV2 and BaseEndpoint.
// To migrate an EndpointResolver implementation that uses a custom endpoint, set
// the client option BaseEndpoint instead.
func WithEndpointResolver(v EndpointResolver) func(*Options) {
return func(o *Options) {
o.EndpointResolver = v
}
}
// WithEndpointResolverV2 returns a functional option for setting the Client's
// EndpointResolverV2 option.
func WithEndpointResolverV2(v EndpointResolverV2) func(*Options) {
return func(o *Options) {
o.EndpointResolverV2 = v
}
}
func getSigV4IdentityResolver(o Options) smithyauth.IdentityResolver {
if o.Credentials != nil {
return &internalauthsmithy.CredentialsProviderAdapter{Provider: o.Credentials}
}
return nil
}
// WithSigV4SigningName applies an override to the authentication workflow to
// use the given signing name for SigV4-authenticated operations.
//
// This is an advanced setting. The value here is FINAL, taking precedence over
// the resolved signing name from both auth scheme resolution and endpoint
// resolution.
func WithSigV4SigningName(name string) func(*Options) {
fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) (
out middleware.InitializeOutput, metadata middleware.Metadata, err error,
) {
return next.HandleInitialize(awsmiddleware.SetSigningName(ctx, name), in)
}
return func(o *Options) {
o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error {
return s.Initialize.Add(
middleware.InitializeMiddlewareFunc("withSigV4SigningName", fn),
middleware.Before,
)
})
}
}
// WithSigV4SigningRegion applies an override to the authentication workflow to
// use the given signing region for SigV4-authenticated operations.
//
// This is an advanced setting. The value here is FINAL, taking precedence over
// the resolved signing region from both auth scheme resolution and endpoint
// resolution.
func WithSigV4SigningRegion(region string) func(*Options) {
fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) (
out middleware.InitializeOutput, metadata middleware.Metadata, err error,
) {
return next.HandleInitialize(awsmiddleware.SetSigningRegion(ctx, region), in)
}
return func(o *Options) {
o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error {
return s.Initialize.Add(
middleware.InitializeMiddlewareFunc("withSigV4SigningRegion", fn),
middleware.Before,
)
})
}
}
func ignoreAnonymousAuth(options *Options) {
if _, ok := options.Credentials.(aws.AnonymousCredentials); ok {
options.Credentials = nil
}
}

10
vendor/github.com/aws/aws-sdk-go-v2/service/sts/types/types.go generated vendored
View File

@ -89,13 +89,17 @@ type PolicyDescriptorType struct {
noSmithyDocumentSerde
}
// Reserved for future use.
// Contains information about the provided context. This includes the signed and
// encrypted trusted context assertion and the context provider ARN from which the
// trusted context assertion was generated.
type ProvidedContext struct {
// Reserved for future use.
// The signed and encrypted trusted context assertion generated by the context
// provider. The trusted context assertion is signed and encrypted by Amazon Web
// Services STS.
ContextAssertion *string
// Reserved for future use.
// The context provider ARN from which the trusted context assertion was generated.
ProviderArn *string
noSmithyDocumentSerde