rebase: Bump github.com/aws/aws-sdk-go-v2/service/sts

Bumps [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2) from 1.20.0 to 1.21.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.20.0...service/s3/v1.21.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
This commit is contained in:
dependabot[bot] 2023-08-01 12:43:19 +00:00 committed by mergify[bot]
parent 2acf7fc622
commit f9310c84f4
41 changed files with 3161 additions and 78 deletions

12
go.mod
View File

@ -5,7 +5,7 @@ go 1.20
require (
github.com/IBM/keyprotect-go-client v0.10.0
github.com/aws/aws-sdk-go v1.44.313
github.com/aws/aws-sdk-go-v2/service/sts v1.20.0
github.com/aws/aws-sdk-go-v2/service/sts v1.21.0
github.com/ceph/ceph-csi/api v0.0.0-00010101000000-000000000000
// TODO: API for managing subvolume metadata and snapshot metadata requires `ceph_ci_untested` build-tag
github.com/ceph/go-ceph v0.22.0
@ -54,11 +54,11 @@ require (
github.com/antlr/antlr4/runtime/Go/antlr v1.4.10 // indirect
github.com/armon/go-metrics v0.3.10 // indirect
github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a // indirect
github.com/aws/aws-sdk-go-v2 v1.19.0 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.35 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.29 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.29 // indirect
github.com/aws/smithy-go v1.13.5 // indirect
github.com/aws/aws-sdk-go-v2 v1.20.0 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.37 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.31 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.31 // indirect
github.com/aws/smithy-go v1.14.0 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/blang/semver/v4 v4.0.0 // indirect
github.com/cenkalti/backoff/v3 v3.2.2 // indirect

24
go.sum
View File

@ -156,18 +156,18 @@ github.com/aws/aws-sdk-go v1.25.37/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpi
github.com/aws/aws-sdk-go v1.25.41/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
github.com/aws/aws-sdk-go v1.44.313 h1:u6EuNQqgAmi09GEZ5g/XGHLF0XV31WcdU5rnHyIBHBc=
github.com/aws/aws-sdk-go v1.44.313/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
github.com/aws/aws-sdk-go-v2 v1.19.0 h1:klAT+y3pGFBU/qVf1uzwttpBbiuozJYWzNLHioyDJ+k=
github.com/aws/aws-sdk-go-v2 v1.19.0/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.35 h1:hMUCiE3Zi5AHrRNGf5j985u0WyqI6r2NULhUfo0N/No=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.35/go.mod h1:ipR5PvpSPqIqL5Mi82BxLnfMkHVbmco8kUwO2xrCi0M=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.29 h1:yOpYx+FTBdpk/g+sBU6Cb1H0U/TLEcYYp66mYqsPpcc=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.29/go.mod h1:M/eUABlDbw2uVrdAn+UsI6M727qp2fxkp8K0ejcBDUY=
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.29 h1:IiDolu/eLmuB18DRZibj77n1hHQT7z12jnGO7Ze3pLc=
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.29/go.mod h1:fDbkK4o7fpPXWn8YAPmTieAMuB9mk/VgvW64uaUqxd4=
github.com/aws/aws-sdk-go-v2/service/sts v1.20.0 h1:jKmIOO+dFvCPuIhhM8u0Dy3dtd590n2kEDSYiGHoI98=
github.com/aws/aws-sdk-go-v2/service/sts v1.20.0/go.mod h1:yVGZA1CPkmUhBdA039jXNJJG7/6t+G+EBWmFq23xqnY=
github.com/aws/smithy-go v1.13.5 h1:hgz0X/DX0dGqTYpGALqXJoRKRj5oQ7150i5FdTePzO8=
github.com/aws/smithy-go v1.13.5/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
github.com/aws/aws-sdk-go-v2 v1.20.0 h1:INUDpYLt4oiPOJl0XwZDK2OVAVf0Rzo+MGVTv9f+gy8=
github.com/aws/aws-sdk-go-v2 v1.20.0/go.mod h1:uWOr0m0jDsiWw8nnXiqZ+YG6LdvAlGYDLLf2NmHZoy4=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.37 h1:zr/gxAZkMcvP71ZhQOcvdm8ReLjFgIXnIn0fw5AM7mo=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.37/go.mod h1:Pdn4j43v49Kk6+82spO3Tu5gSeQXRsxo56ePPQAvFiA=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.31 h1:0HCMIkAkVY9KMgueD8tf4bRTUanzEYvhw7KkPXIMpO0=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.31/go.mod h1:fTJDMe8LOFYtqiFFFeHA+SVMAwqLhoq0kcInYoLa9Js=
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.31 h1:auGDJ0aLZahF5SPvkJ6WcUuX7iQ7kyl2MamV7Tm8QBk=
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.31/go.mod h1:3+lloe3sZuBQw1aBc5MyndvodzQlyqCZ7x1QPDHaWP4=
github.com/aws/aws-sdk-go-v2/service/sts v1.21.0 h1:HI1YIL5Q9FtucxF5tcNpzCEyLnkeUcqg6xtOx8u09S4=
github.com/aws/aws-sdk-go-v2/service/sts v1.21.0/go.mod h1:G8SbvL0rFk4WOJroU8tKBczhsbhj2p/YY7qeJezJ3CI=
github.com/aws/smithy-go v1.14.0 h1:+X90sB94fizKjDmwb4vyl2cTTPXTE5E2G/1mjByb0io=
github.com/aws/smithy-go v1.14.0/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
github.com/baiyubin/aliyun-sts-go-sdk v0.0.0-20180326062324-cfa1a18b161f/go.mod h1:AuiFmCCPBSrqvVMvuqFuk0qogytodnVFVSN5CeJB8Gc=
github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=
github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=

View File

@ -68,6 +68,12 @@ type Config struct {
//
// See the `aws.EndpointResolverWithOptions` documentation for additional
// usage information.
//
// Deprecated: with the release of endpoint resolution v2 in API clients,
// EndpointResolver and EndpointResolverWithOptions are deprecated.
// Providing a value for this field will likely prevent you from using
// newer endpoint-related service features. See API client options
// EndpointResolverV2 and BaseEndpoint.
EndpointResolverWithOptions EndpointResolverWithOptions
// RetryMaxAttempts specifies the maximum number attempts an API client

View File

@ -3,4 +3,4 @@
package aws
// goModuleVersion is the tagged release for this module
const goModuleVersion = "1.19.0"
const goModuleVersion = "1.20.0"

View File

@ -2,6 +2,7 @@ package middleware
import (
"context"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/smithy-go/middleware"
@ -42,12 +43,13 @@ func (s RegisterServiceMetadata) HandleInitialize(
// service metadata keys for storing and lookup of runtime stack information.
type (
serviceIDKey struct{}
signingNameKey struct{}
signingRegionKey struct{}
regionKey struct{}
operationNameKey struct{}
partitionIDKey struct{}
serviceIDKey struct{}
signingNameKey struct{}
signingRegionKey struct{}
regionKey struct{}
operationNameKey struct{}
partitionIDKey struct{}
requiresLegacyEndpointsKey struct{}
)
// GetServiceID retrieves the service id from the context.
@ -104,6 +106,25 @@ func GetPartitionID(ctx context.Context) string {
return v
}
// GetRequiresLegacyEndpoints the flag used to indicate if legacy endpoint
// customizations need to be executed.
//
// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues
// to clear all stack values.
func GetRequiresLegacyEndpoints(ctx context.Context) bool {
v, _ := middleware.GetStackValue(ctx, requiresLegacyEndpointsKey{}).(bool)
return v
}
// SetRequiresLegacyEndpoints set or modifies the flag indicated that
// legacy endpoint customizations are needed.
//
// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues
// to clear all stack values.
func SetRequiresLegacyEndpoints(ctx context.Context, value bool) context.Context {
return middleware.WithStackValue(ctx, requiresLegacyEndpointsKey{}, value)
}
// SetSigningName set or modifies the signing name on the context.
//
// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues

View File

@ -12,6 +12,7 @@ import (
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
v4Internal "github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4"
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
"github.com/aws/aws-sdk-go-v2/internal/sdk"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
@ -301,11 +302,23 @@ func (s *SignHTTPRequestMiddleware) HandleFinalize(ctx context.Context, in middl
return out, metadata, &SigningError{Err: fmt.Errorf("failed to retrieve credentials: %w", err)}
}
err = s.signer.SignHTTP(ctx, credentials, req.Request, payloadHash, signingName, signingRegion, sdk.NowTime(),
signerOptions := []func(o *SignerOptions){
func(o *SignerOptions) {
o.Logger = middleware.GetLogger(ctx)
o.LogSigning = s.logSigning
},
}
// existing DisableURIPathEscaping is equivalent in purpose
// to authentication scheme property DisableDoubleEncoding
disableDoubleEncoding, overridden := internalauth.GetDisableDoubleEncoding(ctx)
if overridden {
signerOptions = append(signerOptions, func(o *SignerOptions) {
o.DisableURIPathEscaping = disableDoubleEncoding
})
}
err = s.signer.SignHTTP(ctx, credentials, req.Request, payloadHash, signingName, signingRegion, sdk.NowTime(), signerOptions...)
if err != nil {
return out, metadata, &SigningError{Err: fmt.Errorf("failed to sign http request, %w", err)}
}

View File

@ -335,7 +335,7 @@ func (s Signer) SignHTTP(ctx context.Context, credentials aws.Credentials, r *ht
//
// expires := 20 * time.Minute
// query := req.URL.Query()
// query.Set("X-Amz-Expires", strconv.FormatInt(int64(expires/time.Second), 10)
// query.Set("X-Amz-Expires", strconv.FormatInt(int64(expires/time.Second), 10))
// req.URL.RawQuery = query.Encode()
//
// This method does not modify the provided request.

View File

@ -0,0 +1,186 @@
package auth
import (
"context"
"fmt"
smithy "github.com/aws/smithy-go"
"github.com/aws/smithy-go/middleware"
)
// SigV4 is a constant representing
// Authentication Scheme Signature Version 4
const SigV4 = "sigv4"
// SigV4A is a constant representing
// Authentication Scheme Signature Version 4A
const SigV4A = "sigv4a"
// None is a constant representing the
// None Authentication Scheme
const None = "none"
// SupportedSchemes is a data structure
// that indicates the list of supported AWS
// authentication schemes
var SupportedSchemes = map[string]bool{
SigV4: true,
SigV4A: true,
None: true,
}
// AuthenticationScheme is a representation of
// AWS authentication schemes
type AuthenticationScheme interface {
isAuthenticationScheme()
}
// AuthenticationSchemeV4 is a AWS SigV4 representation
type AuthenticationSchemeV4 struct {
Name string
SigningName *string
SigningRegion *string
DisableDoubleEncoding *bool
}
func (a *AuthenticationSchemeV4) isAuthenticationScheme() {}
// AuthenticationSchemeV4A is a AWS SigV4A representation
type AuthenticationSchemeV4A struct {
Name string
SigningName *string
SigningRegionSet []string
DisableDoubleEncoding *bool
}
func (a *AuthenticationSchemeV4A) isAuthenticationScheme() {}
// AuthenticationSchemeNone is a representation for the none auth scheme
type AuthenticationSchemeNone struct{}
func (a *AuthenticationSchemeNone) isAuthenticationScheme() {}
// NoAuthenticationSchemesFoundError is used in signaling
// that no authentication schemes have been specified.
type NoAuthenticationSchemesFoundError struct{}
func (e *NoAuthenticationSchemesFoundError) Error() string {
return fmt.Sprint("No authentication schemes specified.")
}
// UnSupportedAuthenticationSchemeSpecifiedError is used in
// signaling that only unsupported authentication schemes
// were specified.
type UnSupportedAuthenticationSchemeSpecifiedError struct {
UnsupportedSchemes []string
}
func (e *UnSupportedAuthenticationSchemeSpecifiedError) Error() string {
return fmt.Sprint("Unsupported authentication scheme specified.")
}
// GetAuthenticationSchemes extracts the relevant authentication scheme data
// into a custom strongly typed Go data structure.
func GetAuthenticationSchemes(p *smithy.Properties) ([]AuthenticationScheme, error) {
var result []AuthenticationScheme
if !p.Has("authSchemes") {
return nil, &NoAuthenticationSchemesFoundError{}
}
authSchemes, _ := p.Get("authSchemes").([]interface{})
var unsupportedSchemes []string
for _, scheme := range authSchemes {
authScheme, _ := scheme.(map[string]interface{})
switch authScheme["name"] {
case SigV4:
v4Scheme := AuthenticationSchemeV4{
Name: SigV4,
SigningName: getSigningName(authScheme),
SigningRegion: getSigningRegion(authScheme),
DisableDoubleEncoding: getDisableDoubleEncoding(authScheme),
}
result = append(result, AuthenticationScheme(&v4Scheme))
case SigV4A:
v4aScheme := AuthenticationSchemeV4A{
Name: SigV4A,
SigningName: getSigningName(authScheme),
SigningRegionSet: getSigningRegionSet(authScheme),
DisableDoubleEncoding: getDisableDoubleEncoding(authScheme),
}
result = append(result, AuthenticationScheme(&v4aScheme))
case None:
noneScheme := AuthenticationSchemeNone{}
result = append(result, AuthenticationScheme(&noneScheme))
default:
unsupportedSchemes = append(unsupportedSchemes, authScheme["name"].(string))
continue
}
}
if len(result) == 0 {
return nil, &UnSupportedAuthenticationSchemeSpecifiedError{
UnsupportedSchemes: unsupportedSchemes,
}
}
return result, nil
}
type disableDoubleEncoding struct{}
// SetDisableDoubleEncoding sets or modifies the disable double encoding option
// on the context.
//
// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues
// to clear all stack values.
func SetDisableDoubleEncoding(ctx context.Context, value bool) context.Context {
return middleware.WithStackValue(ctx, disableDoubleEncoding{}, value)
}
// GetDisableDoubleEncoding retrieves the disable double encoding option
// from the context.
//
// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues
// to clear all stack values.
func GetDisableDoubleEncoding(ctx context.Context) (value bool, ok bool) {
value, ok = middleware.GetStackValue(ctx, disableDoubleEncoding{}).(bool)
return value, ok
}
func getSigningName(authScheme map[string]interface{}) *string {
signingName, ok := authScheme["signingName"].(string)
if !ok || signingName == "" {
return nil
}
return &signingName
}
func getSigningRegionSet(authScheme map[string]interface{}) []string {
untypedSigningRegionSet, ok := authScheme["signingRegionSet"].([]interface{})
if !ok {
return nil
}
signingRegionSet := []string{}
for _, item := range untypedSigningRegionSet {
signingRegionSet = append(signingRegionSet, item.(string))
}
return signingRegionSet
}
func getSigningRegion(authScheme map[string]interface{}) *string {
signingRegion, ok := authScheme["signingRegion"].(string)
if !ok || signingRegion == "" {
return nil
}
return &signingRegion
}
func getDisableDoubleEncoding(authScheme map[string]interface{}) *bool {
disableDoubleEncoding, ok := authScheme["disableDoubleEncoding"].(bool)
if !ok {
return nil
}
return &disableDoubleEncoding
}

View File

@ -1,3 +1,11 @@
# v1.1.37 (2023-07-31)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.1.36 (2023-07-28)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.1.35 (2023-07-13)
* **Dependency Update**: Updated to the latest SDK module versions

View File

@ -3,4 +3,4 @@
package configsources
// goModuleVersion is the tagged release for this module
const goModuleVersion = "1.1.35"
const goModuleVersion = "1.1.37"

View File

@ -0,0 +1,94 @@
package awsrulesfn
import (
"strings"
)
// ARN provides AWS ARN components broken out into a data structure.
type ARN struct {
Partition string
Service string
Region string
AccountId string
ResourceId OptionalStringSlice
}
const (
arnDelimiters = ":"
resourceDelimiters = "/:"
arnSections = 6
arnPrefix = "arn:"
// zero-indexed
sectionPartition = 1
sectionService = 2
sectionRegion = 3
sectionAccountID = 4
sectionResource = 5
)
// ParseARN returns an [ARN] value parsed from the input string provided. If
// the ARN cannot be parsed nil will be returned, and error added to
// [ErrorCollector].
func ParseARN(input string) *ARN {
if !strings.HasPrefix(input, arnPrefix) {
return nil
}
sections := strings.SplitN(input, arnDelimiters, arnSections)
if numSections := len(sections); numSections != arnSections {
return nil
}
if sections[sectionPartition] == "" {
return nil
}
if sections[sectionService] == "" {
return nil
}
if sections[sectionResource] == "" {
return nil
}
return &ARN{
Partition: sections[sectionPartition],
Service: sections[sectionService],
Region: sections[sectionRegion],
AccountId: sections[sectionAccountID],
ResourceId: splitResource(sections[sectionResource]),
}
}
// splitResource splits the resource components by the ARN resource delimiters.
func splitResource(v string) []string {
var parts []string
var offset int
for offset <= len(v) {
idx := strings.IndexAny(v[offset:], "/:")
if idx < 0 {
parts = append(parts, v[offset:])
break
}
parts = append(parts, v[offset:idx+offset])
offset += idx + 1
}
return parts
}
// OptionalStringSlice provides a helper to safely get the index of a string
// slice that may be out of bounds. Returns pointer to string if index is
// valid. Otherwise returns nil.
type OptionalStringSlice []string
// Get returns a string pointer of the string at index i if the index is valid.
// Otherwise returns nil.
func (s OptionalStringSlice) Get(i int) *string {
if i < 0 || i >= len(s) {
return nil
}
v := s[i]
return &v
}

View File

@ -0,0 +1,3 @@
// Package awsrulesfn provides AWS focused endpoint rule functions for
// evaluating endpoint resolution rules.
package awsrulesfn

View File

@ -0,0 +1,7 @@
//go:build codegen
// +build codegen
package awsrulesfn
//go:generate go run -tags codegen ./internal/partition/codegen.go -model partitions.json -output partitions.go
//go:generate gofmt -w -s .

View File

@ -0,0 +1,51 @@
package awsrulesfn
import (
"net"
"strings"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// IsVirtualHostableS3Bucket returns if the input is a DNS compatible bucket
// name and can be used with Amazon S3 virtual hosted style addressing. Similar
// to [rulesfn.IsValidHostLabel] with the added restriction that the length of label
// must be [3:63] characters long, all lowercase, and not formatted as an IP
// address.
func IsVirtualHostableS3Bucket(input string, allowSubDomains bool) bool {
// input should not be formatted as an IP address
// NOTE: this will technically trip up on IPv6 hosts with zone IDs, but
// validation further down will catch that anyway (it's guaranteed to have
// unfriendly characters % and : if that's the case)
if net.ParseIP(input) != nil {
return false
}
var labels []string
if allowSubDomains {
labels = strings.Split(input, ".")
} else {
labels = []string{input}
}
for _, label := range labels {
// validate special length constraints
if l := len(label); l < 3 || l > 63 {
return false
}
// Validate no capital letters
for _, r := range label {
if r >= 'A' && r <= 'Z' {
return false
}
}
// Validate valid host label
if !smithyhttp.ValidHostLabel(label) {
return false
}
}
return true
}

View File

@ -0,0 +1,75 @@
package awsrulesfn
import "regexp"
// Partition provides the metadata describing an AWS partition.
type Partition struct {
ID string `json:"id"`
Regions map[string]RegionOverrides `json:"regions"`
RegionRegex string `json:"regionRegex"`
DefaultConfig PartitionConfig `json:"outputs"`
}
// PartitionConfig provides the endpoint metadata for an AWS region or partition.
type PartitionConfig struct {
Name string `json:"name"`
DnsSuffix string `json:"dnsSuffix"`
DualStackDnsSuffix string `json:"dualStackDnsSuffix"`
SupportsFIPS bool `json:"supportsFIPS"`
SupportsDualStack bool `json:"supportsDualStack"`
}
type RegionOverrides struct {
Name *string `json:"name"`
DnsSuffix *string `json:"dnsSuffix"`
DualStackDnsSuffix *string `json:"dualStackDnsSuffix"`
SupportsFIPS *bool `json:"supportsFIPS"`
SupportsDualStack *bool `json:"supportsDualStack"`
}
const defaultPartition = "aws"
func getPartition(partitions []Partition, region string) *PartitionConfig {
for _, partition := range partitions {
if v, ok := partition.Regions[region]; ok {
p := mergeOverrides(partition.DefaultConfig, v)
return &p
}
}
for _, partition := range partitions {
regionRegex := regexp.MustCompile(partition.RegionRegex)
if regionRegex.MatchString(region) {
v := partition.DefaultConfig
return &v
}
}
for _, partition := range partitions {
if partition.ID == defaultPartition {
v := partition.DefaultConfig
return &v
}
}
return nil
}
func mergeOverrides(into PartitionConfig, from RegionOverrides) PartitionConfig {
if from.Name != nil {
into.Name = *from.Name
}
if from.DnsSuffix != nil {
into.DnsSuffix = *from.DnsSuffix
}
if from.DualStackDnsSuffix != nil {
into.DualStackDnsSuffix = *from.DualStackDnsSuffix
}
if from.SupportsFIPS != nil {
into.SupportsFIPS = *from.SupportsFIPS
}
if from.SupportsDualStack != nil {
into.SupportsDualStack = *from.SupportsDualStack
}
return into
}

View File

@ -0,0 +1,343 @@
// Code generated by endpoint/awsrulesfn/internal/partition. DO NOT EDIT.
package awsrulesfn
// GetPartition returns an AWS [Partition] for the region provided. If the
// partition cannot be determined nil will be returned.
func GetPartition(region string) *PartitionConfig {
return getPartition(partitions, region)
}
var partitions = []Partition{
{
ID: "aws",
RegionRegex: "^(us|eu|ap|sa|ca|me|af)\\-\\w+\\-\\d+$",
DefaultConfig: PartitionConfig{
Name: "aws",
DnsSuffix: "amazonaws.com",
DualStackDnsSuffix: "api.aws",
SupportsFIPS: true,
SupportsDualStack: true,
},
Regions: map[string]RegionOverrides{
"af-south-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"ap-east-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"ap-northeast-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"ap-northeast-2": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"ap-northeast-3": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"ap-south-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"ap-south-2": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"ap-southeast-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"ap-southeast-2": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"ap-southeast-3": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"aws-global": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"ca-central-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"eu-central-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"eu-central-2": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"eu-north-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"eu-south-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"eu-south-2": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"eu-west-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"eu-west-2": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"eu-west-3": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"me-central-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"me-south-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"sa-east-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"us-east-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"us-east-2": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"us-west-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"us-west-2": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
},
},
{
ID: "aws-cn",
RegionRegex: "^cn\\-\\w+\\-\\d+$",
DefaultConfig: PartitionConfig{
Name: "aws-cn",
DnsSuffix: "amazonaws.com.cn",
DualStackDnsSuffix: "api.amazonwebservices.com.cn",
SupportsFIPS: true,
SupportsDualStack: true,
},
Regions: map[string]RegionOverrides{
"aws-cn-global": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"cn-north-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"cn-northwest-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
},
},
{
ID: "aws-us-gov",
RegionRegex: "^us\\-gov\\-\\w+\\-\\d+$",
DefaultConfig: PartitionConfig{
Name: "aws-us-gov",
DnsSuffix: "amazonaws.com",
DualStackDnsSuffix: "api.aws",
SupportsFIPS: true,
SupportsDualStack: true,
},
Regions: map[string]RegionOverrides{
"aws-us-gov-global": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"us-gov-east-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"us-gov-west-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
},
},
{
ID: "aws-iso",
RegionRegex: "^us\\-iso\\-\\w+\\-\\d+$",
DefaultConfig: PartitionConfig{
Name: "aws-iso",
DnsSuffix: "c2s.ic.gov",
DualStackDnsSuffix: "c2s.ic.gov",
SupportsFIPS: true,
SupportsDualStack: false,
},
Regions: map[string]RegionOverrides{
"aws-iso-global": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"us-iso-east-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"us-iso-west-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
},
},
{
ID: "aws-iso-b",
RegionRegex: "^us\\-isob\\-\\w+\\-\\d+$",
DefaultConfig: PartitionConfig{
Name: "aws-iso-b",
DnsSuffix: "sc2s.sgov.gov",
DualStackDnsSuffix: "sc2s.sgov.gov",
SupportsFIPS: true,
SupportsDualStack: false,
},
Regions: map[string]RegionOverrides{
"aws-iso-b-global": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
"us-isob-east-1": {
Name: nil,
DnsSuffix: nil,
DualStackDnsSuffix: nil,
SupportsFIPS: nil,
SupportsDualStack: nil,
},
},
},
}

View File

@ -0,0 +1,203 @@
{
"partitions" : [ {
"id" : "aws",
"outputs" : {
"dnsSuffix" : "amazonaws.com",
"dualStackDnsSuffix" : "api.aws",
"name" : "aws",
"supportsDualStack" : true,
"supportsFIPS" : true
},
"regionRegex" : "^(us|eu|ap|sa|ca|me|af)\\-\\w+\\-\\d+$",
"regions" : {
"af-south-1" : {
"description" : "Africa (Cape Town)"
},
"ap-east-1" : {
"description" : "Asia Pacific (Hong Kong)"
},
"ap-northeast-1" : {
"description" : "Asia Pacific (Tokyo)"
},
"ap-northeast-2" : {
"description" : "Asia Pacific (Seoul)"
},
"ap-northeast-3" : {
"description" : "Asia Pacific (Osaka)"
},
"ap-south-1" : {
"description" : "Asia Pacific (Mumbai)"
},
"ap-south-2" : {
"description" : "Asia Pacific (Hyderabad)"
},
"ap-southeast-1" : {
"description" : "Asia Pacific (Singapore)"
},
"ap-southeast-2" : {
"description" : "Asia Pacific (Sydney)"
},
"ap-southeast-3" : {
"description" : "Asia Pacific (Jakarta)"
},
"ap-southeast-4" : {
"description" : "Asia Pacific (Melbourne)"
},
"aws-global" : {
"description" : "AWS Standard global region"
},
"ca-central-1" : {
"description" : "Canada (Central)"
},
"eu-central-1" : {
"description" : "Europe (Frankfurt)"
},
"eu-central-2" : {
"description" : "Europe (Zurich)"
},
"eu-north-1" : {
"description" : "Europe (Stockholm)"
},
"eu-south-1" : {
"description" : "Europe (Milan)"
},
"eu-south-2" : {
"description" : "Europe (Spain)"
},
"eu-west-1" : {
"description" : "Europe (Ireland)"
},
"eu-west-2" : {
"description" : "Europe (London)"
},
"eu-west-3" : {
"description" : "Europe (Paris)"
},
"me-central-1" : {
"description" : "Middle East (UAE)"
},
"me-south-1" : {
"description" : "Middle East (Bahrain)"
},
"sa-east-1" : {
"description" : "South America (Sao Paulo)"
},
"us-east-1" : {
"description" : "US East (N. Virginia)"
},
"us-east-2" : {
"description" : "US East (Ohio)"
},
"us-west-1" : {
"description" : "US West (N. California)"
},
"us-west-2" : {
"description" : "US West (Oregon)"
}
}
}, {
"id" : "aws-cn",
"outputs" : {
"dnsSuffix" : "amazonaws.com.cn",
"dualStackDnsSuffix" : "api.amazonwebservices.com.cn",
"name" : "aws-cn",
"supportsDualStack" : true,
"supportsFIPS" : true
},
"regionRegex" : "^cn\\-\\w+\\-\\d+$",
"regions" : {
"aws-cn-global" : {
"description" : "AWS China global region"
},
"cn-north-1" : {
"description" : "China (Beijing)"
},
"cn-northwest-1" : {
"description" : "China (Ningxia)"
}
}
}, {
"id" : "aws-us-gov",
"outputs" : {
"dnsSuffix" : "amazonaws.com",
"dualStackDnsSuffix" : "api.aws",
"name" : "aws-us-gov",
"supportsDualStack" : true,
"supportsFIPS" : true
},
"regionRegex" : "^us\\-gov\\-\\w+\\-\\d+$",
"regions" : {
"aws-us-gov-global" : {
"description" : "AWS GovCloud (US) global region"
},
"us-gov-east-1" : {
"description" : "AWS GovCloud (US-East)"
},
"us-gov-west-1" : {
"description" : "AWS GovCloud (US-West)"
}
}
}, {
"id" : "aws-iso",
"outputs" : {
"dnsSuffix" : "c2s.ic.gov",
"dualStackDnsSuffix" : "c2s.ic.gov",
"name" : "aws-iso",
"supportsDualStack" : false,
"supportsFIPS" : true
},
"regionRegex" : "^us\\-iso\\-\\w+\\-\\d+$",
"regions" : {
"aws-iso-global" : {
"description" : "AWS ISO (US) global region"
},
"us-iso-east-1" : {
"description" : "US ISO East"
},
"us-iso-west-1" : {
"description" : "US ISO WEST"
}
}
}, {
"id" : "aws-iso-b",
"outputs" : {
"dnsSuffix" : "sc2s.sgov.gov",
"dualStackDnsSuffix" : "sc2s.sgov.gov",
"name" : "aws-iso-b",
"supportsDualStack" : false,
"supportsFIPS" : true
},
"regionRegex" : "^us\\-isob\\-\\w+\\-\\d+$",
"regions" : {
"aws-iso-b-global" : {
"description" : "AWS ISOB (US) global region"
},
"us-isob-east-1" : {
"description" : "US ISOB East (Ohio)"
}
}
}, {
"id" : "aws-iso-e",
"outputs" : {
"dnsSuffix" : "cloud.adc-e.uk",
"dualStackDnsSuffix" : "cloud.adc-e.uk",
"name" : "aws-iso-e",
"supportsDualStack" : false,
"supportsFIPS" : true
},
"regionRegex" : "^eu\\-isoe\\-\\w+\\-\\d+$",
"regions" : { }
}, {
"id" : "aws-iso-f",
"outputs" : {
"dnsSuffix" : "csp.hci.ic.gov",
"dualStackDnsSuffix" : "csp.hci.ic.gov",
"name" : "aws-iso-f",
"supportsDualStack" : false,
"supportsFIPS" : true
},
"regionRegex" : "^us\\-isof\\-\\w+\\-\\d+$",
"regions" : { }
} ],
"version" : "1.1"
}

View File

@ -1,3 +1,11 @@
# v2.4.31 (2023-07-31)
* **Dependency Update**: Updated to the latest SDK module versions
# v2.4.30 (2023-07-28)
* **Dependency Update**: Updated to the latest SDK module versions
# v2.4.29 (2023-07-13)
* **Dependency Update**: Updated to the latest SDK module versions

View File

@ -3,4 +3,4 @@
package endpoints
// goModuleVersion is the tagged release for this module
const goModuleVersion = "2.4.29"
const goModuleVersion = "2.4.31"

View File

@ -1,3 +1,11 @@
# v1.9.31 (2023-07-31)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.9.30 (2023-07-28)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.9.29 (2023-07-13)
* **Dependency Update**: Updated to the latest SDK module versions

View File

@ -3,4 +3,4 @@
package presignedurl
// goModuleVersion is the tagged release for this module
const goModuleVersion = "1.9.29"
const goModuleVersion = "1.9.31"

View File

@ -1,3 +1,12 @@
# v1.21.0 (2023-07-31)
* **Feature**: Adds support for smithy-modeled endpoint resolution. A new rules-based endpoint resolution will be added to the SDK which will supercede and deprecate existing endpoint resolution. Specifically, EndpointResolver will be deprecated while BaseEndpoint and EndpointResolverV2 will take its place. For more information, please see the Endpoints section in our Developer Guide.
* **Dependency Update**: Updated to the latest SDK module versions
# v1.20.1 (2023-07-28)
* **Dependency Update**: Updated to the latest SDK module versions
# v1.20.0 (2023-07-25)
* **Feature**: API updates for the AWS Security Token Service

View File

@ -4,6 +4,7 @@ package sts
import (
"context"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/aws/defaults"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
@ -48,8 +49,6 @@ func New(options Options, optFns ...func(*Options)) *Client {
resolveHTTPSignerV4(&options)
resolveDefaultEndpointConfiguration(&options)
for _, fn := range optFns {
fn(&options)
}
@ -70,6 +69,11 @@ type Options struct {
// The optional application specific identifier appended to the User-Agent header.
AppID string
// This endpoint will be given as input to an EndpointResolverV2. It is used for
// providing a custom base endpoint that is subject to modifications by the
// processing EndpointResolverV2.
BaseEndpoint *string
// Configures the events that will be sent to the configured logger.
ClientLogMode aws.ClientLogMode
@ -84,8 +88,18 @@ type Options struct {
EndpointOptions EndpointResolverOptions
// The service endpoint resolver.
//
// Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a
// value for this field will likely prevent you from using any endpoint-related
// service features released after the introduction of EndpointResolverV2 and
// BaseEndpoint. To migrate an EndpointResolver implementation that uses a custom
// endpoint, set the client option BaseEndpoint instead.
EndpointResolver EndpointResolver
// Resolves the endpoint used for a particular service. This should be used over
// the deprecated EndpointResolver
EndpointResolverV2 EndpointResolverV2
// Signature Version 4 (SigV4) Signer
HTTPSignerV4 HTTPSignerV4
@ -144,14 +158,25 @@ func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) {
}
}
// WithEndpointResolver returns a functional option for setting the Client's
// EndpointResolver option.
// Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for
// this field will likely prevent you from using any endpoint-related service
// features released after the introduction of EndpointResolverV2 and BaseEndpoint.
// To migrate an EndpointResolver implementation that uses a custom endpoint, set
// the client option BaseEndpoint instead.
func WithEndpointResolver(v EndpointResolver) func(*Options) {
return func(o *Options) {
o.EndpointResolver = v
}
}
// WithEndpointResolverV2 returns a functional option for setting the Client's
// EndpointResolverV2 option.
func WithEndpointResolverV2(v EndpointResolverV2) func(*Options) {
return func(o *Options) {
o.EndpointResolverV2 = v
}
}
type HTTPClient interface {
Do(*http.Request) (*http.Response, error)
}
@ -168,6 +193,8 @@ func (c *Client) invokeOperation(ctx context.Context, opID string, params interf
ctx = middleware.ClearStackValues(ctx)
stack := middleware.NewStack(opID, smithyhttp.NewStackRequest)
options := c.options.Copy()
resolveEndpointResolverV2(&options)
for _, fn := range optFns {
fn(&options)
}
@ -202,6 +229,30 @@ func (c *Client) invokeOperation(ctx context.Context, opID string, params interf
type noSmithyDocumentSerde = smithydocument.NoSerde
type legacyEndpointContextSetter struct {
LegacyResolver EndpointResolver
}
func (*legacyEndpointContextSetter) ID() string {
return "legacyEndpointContextSetter"
}
func (m *legacyEndpointContextSetter) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) (
out middleware.InitializeOutput, metadata middleware.Metadata, err error,
) {
if m.LegacyResolver != nil {
ctx = awsmiddleware.SetRequiresLegacyEndpoints(ctx, true)
}
return next.HandleInitialize(ctx, in)
}
func addlegacyEndpointContextSetter(stack *middleware.Stack, o Options) error {
return stack.Initialize.Add(&legacyEndpointContextSetter{
LegacyResolver: o.EndpointResolver,
}, middleware.Before)
}
func resolveDefaultLogger(o *Options) {
if o.Logger != nil {
return
@ -350,7 +401,7 @@ func resolveAWSEndpointResolver(cfg aws.Config, o *Options) {
if cfg.EndpointResolver == nil && cfg.EndpointResolverWithOptions == nil {
return
}
o.EndpointResolver = withEndpointResolver(cfg.EndpointResolver, cfg.EndpointResolverWithOptions, NewDefaultEndpointResolver())
o.EndpointResolver = withEndpointResolver(cfg.EndpointResolver, cfg.EndpointResolverWithOptions)
}
func addClientUserAgent(stack *middleware.Stack, options Options) error {
@ -547,3 +598,32 @@ func addRequestResponseLogging(stack *middleware.Stack, o Options) error {
LogResponseWithBody: o.ClientLogMode.IsResponseWithBody(),
}, middleware.After)
}
type endpointDisableHTTPSMiddleware struct {
EndpointDisableHTTPS bool
}
func (*endpointDisableHTTPSMiddleware) ID() string {
return "endpointDisableHTTPSMiddleware"
}
func (m *endpointDisableHTTPSMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.EndpointDisableHTTPS && !smithyhttp.GetHostnameImmutable(ctx) {
req.URL.Scheme = "http"
}
return next.HandleSerialize(ctx, in)
}
func addendpointDisableHTTPSMiddleware(stack *middleware.Stack, o Options) error {
return stack.Serialize.Insert(&endpointDisableHTTPSMiddleware{
EndpointDisableHTTPS: o.EndpointOptions.DisableHTTPS,
}, "OperationSerializer", middleware.Before)
}

View File

@ -4,9 +4,14 @@ package sts
import (
"context"
"errors"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
"github.com/aws/aws-sdk-go-v2/service/sts/types"
smithyendpoints "github.com/aws/smithy-go/endpoints"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
@ -330,6 +335,9 @@ func (c *Client) addOperationAssumeRoleMiddlewares(stack *middleware.Stack, opti
if err != nil {
return err
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
@ -366,6 +374,9 @@ func (c *Client) addOperationAssumeRoleMiddlewares(stack *middleware.Stack, opti
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addAssumeRoleResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addOpAssumeRoleValidationMiddleware(stack); err != nil {
return err
}
@ -384,6 +395,9 @@ func (c *Client) addOperationAssumeRoleMiddlewares(stack *middleware.Stack, opti
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
@ -419,3 +433,126 @@ func (c *PresignClient) PresignAssumeRole(ctx context.Context, params *AssumeRol
out := result.(*v4.PresignedHTTPRequest)
return out, nil
}
type opAssumeRoleResolveEndpointMiddleware struct {
EndpointResolver EndpointResolverV2
BuiltInResolver builtInParameterResolver
}
func (*opAssumeRoleResolveEndpointMiddleware) ID() string {
return "ResolveEndpointV2"
}
func (m *opAssumeRoleResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleSerialize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.EndpointResolver == nil {
return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
}
params := EndpointParameters{}
m.BuiltInResolver.ResolveBuiltIns(&params)
var resolvedEndpoint smithyendpoints.Endpoint
resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params)
if err != nil {
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
req.URL = &resolvedEndpoint.URI
for k := range resolvedEndpoint.Headers {
req.Header.Set(
k,
resolvedEndpoint.Headers.Get(k),
)
}
authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties)
if err != nil {
var nfe *internalauth.NoAuthenticationSchemesFoundError
if errors.As(err, &nfe) {
// if no auth scheme is found, default to sigv4
signingName := "sts"
signingRegion := m.BuiltInResolver.(*builtInResolver).Region
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
}
var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError
if errors.As(err, &ue) {
return out, metadata, fmt.Errorf(
"This operation requests signer version(s) %v but the client only supports %v",
ue.UnsupportedSchemes,
internalauth.SupportedSchemes,
)
}
}
for _, authScheme := range authSchemes {
switch authScheme.(type) {
case *internalauth.AuthenticationSchemeV4:
v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4)
var signingName, signingRegion string
if v4Scheme.SigningName == nil {
signingName = "sts"
} else {
signingName = *v4Scheme.SigningName
}
if v4Scheme.SigningRegion == nil {
signingRegion = m.BuiltInResolver.(*builtInResolver).Region
} else {
signingRegion = *v4Scheme.SigningRegion
}
if v4Scheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
break
case *internalauth.AuthenticationSchemeV4A:
v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A)
if v4aScheme.SigningName == nil {
v4aScheme.SigningName = aws.String("sts")
}
if v4aScheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName)
ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0])
break
case *internalauth.AuthenticationSchemeNone:
break
}
}
return next.HandleSerialize(ctx, in)
}
func addAssumeRoleResolveEndpointMiddleware(stack *middleware.Stack, options Options) error {
return stack.Serialize.Insert(&opAssumeRoleResolveEndpointMiddleware{
EndpointResolver: options.EndpointResolverV2,
BuiltInResolver: &builtInResolver{
Region: options.Region,
UseDualStack: options.EndpointOptions.UseDualStackEndpoint,
UseFIPS: options.EndpointOptions.UseFIPSEndpoint,
Endpoint: options.BaseEndpoint,
},
}, "ResolveEndpoint", middleware.After)
}

View File

@ -4,8 +4,13 @@ package sts
import (
"context"
"errors"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
"github.com/aws/aws-sdk-go-v2/service/sts/types"
smithyendpoints "github.com/aws/smithy-go/endpoints"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
@ -284,6 +289,9 @@ func (c *Client) addOperationAssumeRoleWithSAMLMiddlewares(stack *middleware.Sta
if err != nil {
return err
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
@ -314,6 +322,9 @@ func (c *Client) addOperationAssumeRoleWithSAMLMiddlewares(stack *middleware.Sta
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addAssumeRoleWithSAMLResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addOpAssumeRoleWithSAMLValidationMiddleware(stack); err != nil {
return err
}
@ -332,6 +343,9 @@ func (c *Client) addOperationAssumeRoleWithSAMLMiddlewares(stack *middleware.Sta
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
@ -343,3 +357,126 @@ func newServiceMetadataMiddleware_opAssumeRoleWithSAML(region string) *awsmiddle
OperationName: "AssumeRoleWithSAML",
}
}
type opAssumeRoleWithSAMLResolveEndpointMiddleware struct {
EndpointResolver EndpointResolverV2
BuiltInResolver builtInParameterResolver
}
func (*opAssumeRoleWithSAMLResolveEndpointMiddleware) ID() string {
return "ResolveEndpointV2"
}
func (m *opAssumeRoleWithSAMLResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleSerialize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.EndpointResolver == nil {
return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
}
params := EndpointParameters{}
m.BuiltInResolver.ResolveBuiltIns(&params)
var resolvedEndpoint smithyendpoints.Endpoint
resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params)
if err != nil {
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
req.URL = &resolvedEndpoint.URI
for k := range resolvedEndpoint.Headers {
req.Header.Set(
k,
resolvedEndpoint.Headers.Get(k),
)
}
authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties)
if err != nil {
var nfe *internalauth.NoAuthenticationSchemesFoundError
if errors.As(err, &nfe) {
// if no auth scheme is found, default to sigv4
signingName := "sts"
signingRegion := m.BuiltInResolver.(*builtInResolver).Region
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
}
var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError
if errors.As(err, &ue) {
return out, metadata, fmt.Errorf(
"This operation requests signer version(s) %v but the client only supports %v",
ue.UnsupportedSchemes,
internalauth.SupportedSchemes,
)
}
}
for _, authScheme := range authSchemes {
switch authScheme.(type) {
case *internalauth.AuthenticationSchemeV4:
v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4)
var signingName, signingRegion string
if v4Scheme.SigningName == nil {
signingName = "sts"
} else {
signingName = *v4Scheme.SigningName
}
if v4Scheme.SigningRegion == nil {
signingRegion = m.BuiltInResolver.(*builtInResolver).Region
} else {
signingRegion = *v4Scheme.SigningRegion
}
if v4Scheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
break
case *internalauth.AuthenticationSchemeV4A:
v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A)
if v4aScheme.SigningName == nil {
v4aScheme.SigningName = aws.String("sts")
}
if v4aScheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName)
ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0])
break
case *internalauth.AuthenticationSchemeNone:
break
}
}
return next.HandleSerialize(ctx, in)
}
func addAssumeRoleWithSAMLResolveEndpointMiddleware(stack *middleware.Stack, options Options) error {
return stack.Serialize.Insert(&opAssumeRoleWithSAMLResolveEndpointMiddleware{
EndpointResolver: options.EndpointResolverV2,
BuiltInResolver: &builtInResolver{
Region: options.Region,
UseDualStack: options.EndpointOptions.UseDualStackEndpoint,
UseFIPS: options.EndpointOptions.UseFIPSEndpoint,
Endpoint: options.BaseEndpoint,
},
}, "ResolveEndpoint", middleware.After)
}

View File

@ -4,8 +4,13 @@ package sts
import (
"context"
"errors"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
"github.com/aws/aws-sdk-go-v2/service/sts/types"
smithyendpoints "github.com/aws/smithy-go/endpoints"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
@ -303,6 +308,9 @@ func (c *Client) addOperationAssumeRoleWithWebIdentityMiddlewares(stack *middlew
if err != nil {
return err
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
@ -333,6 +341,9 @@ func (c *Client) addOperationAssumeRoleWithWebIdentityMiddlewares(stack *middlew
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addAssumeRoleWithWebIdentityResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addOpAssumeRoleWithWebIdentityValidationMiddleware(stack); err != nil {
return err
}
@ -351,6 +362,9 @@ func (c *Client) addOperationAssumeRoleWithWebIdentityMiddlewares(stack *middlew
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
@ -362,3 +376,126 @@ func newServiceMetadataMiddleware_opAssumeRoleWithWebIdentity(region string) *aw
OperationName: "AssumeRoleWithWebIdentity",
}
}
type opAssumeRoleWithWebIdentityResolveEndpointMiddleware struct {
EndpointResolver EndpointResolverV2
BuiltInResolver builtInParameterResolver
}
func (*opAssumeRoleWithWebIdentityResolveEndpointMiddleware) ID() string {
return "ResolveEndpointV2"
}
func (m *opAssumeRoleWithWebIdentityResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleSerialize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.EndpointResolver == nil {
return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
}
params := EndpointParameters{}
m.BuiltInResolver.ResolveBuiltIns(&params)
var resolvedEndpoint smithyendpoints.Endpoint
resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params)
if err != nil {
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
req.URL = &resolvedEndpoint.URI
for k := range resolvedEndpoint.Headers {
req.Header.Set(
k,
resolvedEndpoint.Headers.Get(k),
)
}
authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties)
if err != nil {
var nfe *internalauth.NoAuthenticationSchemesFoundError
if errors.As(err, &nfe) {
// if no auth scheme is found, default to sigv4
signingName := "sts"
signingRegion := m.BuiltInResolver.(*builtInResolver).Region
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
}
var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError
if errors.As(err, &ue) {
return out, metadata, fmt.Errorf(
"This operation requests signer version(s) %v but the client only supports %v",
ue.UnsupportedSchemes,
internalauth.SupportedSchemes,
)
}
}
for _, authScheme := range authSchemes {
switch authScheme.(type) {
case *internalauth.AuthenticationSchemeV4:
v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4)
var signingName, signingRegion string
if v4Scheme.SigningName == nil {
signingName = "sts"
} else {
signingName = *v4Scheme.SigningName
}
if v4Scheme.SigningRegion == nil {
signingRegion = m.BuiltInResolver.(*builtInResolver).Region
} else {
signingRegion = *v4Scheme.SigningRegion
}
if v4Scheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
break
case *internalauth.AuthenticationSchemeV4A:
v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A)
if v4aScheme.SigningName == nil {
v4aScheme.SigningName = aws.String("sts")
}
if v4aScheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName)
ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0])
break
case *internalauth.AuthenticationSchemeNone:
break
}
}
return next.HandleSerialize(ctx, in)
}
func addAssumeRoleWithWebIdentityResolveEndpointMiddleware(stack *middleware.Stack, options Options) error {
return stack.Serialize.Insert(&opAssumeRoleWithWebIdentityResolveEndpointMiddleware{
EndpointResolver: options.EndpointResolverV2,
BuiltInResolver: &builtInResolver{
Region: options.Region,
UseDualStack: options.EndpointOptions.UseDualStackEndpoint,
UseFIPS: options.EndpointOptions.UseFIPSEndpoint,
Endpoint: options.BaseEndpoint,
},
}, "ResolveEndpoint", middleware.After)
}

View File

@ -4,8 +4,13 @@ package sts
import (
"context"
"errors"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
smithyendpoints "github.com/aws/smithy-go/endpoints"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
@ -81,6 +86,9 @@ func (c *Client) addOperationDecodeAuthorizationMessageMiddlewares(stack *middle
if err != nil {
return err
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
@ -117,6 +125,9 @@ func (c *Client) addOperationDecodeAuthorizationMessageMiddlewares(stack *middle
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addDecodeAuthorizationMessageResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addOpDecodeAuthorizationMessageValidationMiddleware(stack); err != nil {
return err
}
@ -135,6 +146,9 @@ func (c *Client) addOperationDecodeAuthorizationMessageMiddlewares(stack *middle
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
@ -146,3 +160,126 @@ func newServiceMetadataMiddleware_opDecodeAuthorizationMessage(region string) *a
OperationName: "DecodeAuthorizationMessage",
}
}
type opDecodeAuthorizationMessageResolveEndpointMiddleware struct {
EndpointResolver EndpointResolverV2
BuiltInResolver builtInParameterResolver
}
func (*opDecodeAuthorizationMessageResolveEndpointMiddleware) ID() string {
return "ResolveEndpointV2"
}
func (m *opDecodeAuthorizationMessageResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleSerialize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.EndpointResolver == nil {
return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
}
params := EndpointParameters{}
m.BuiltInResolver.ResolveBuiltIns(&params)
var resolvedEndpoint smithyendpoints.Endpoint
resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params)
if err != nil {
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
req.URL = &resolvedEndpoint.URI
for k := range resolvedEndpoint.Headers {
req.Header.Set(
k,
resolvedEndpoint.Headers.Get(k),
)
}
authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties)
if err != nil {
var nfe *internalauth.NoAuthenticationSchemesFoundError
if errors.As(err, &nfe) {
// if no auth scheme is found, default to sigv4
signingName := "sts"
signingRegion := m.BuiltInResolver.(*builtInResolver).Region
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
}
var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError
if errors.As(err, &ue) {
return out, metadata, fmt.Errorf(
"This operation requests signer version(s) %v but the client only supports %v",
ue.UnsupportedSchemes,
internalauth.SupportedSchemes,
)
}
}
for _, authScheme := range authSchemes {
switch authScheme.(type) {
case *internalauth.AuthenticationSchemeV4:
v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4)
var signingName, signingRegion string
if v4Scheme.SigningName == nil {
signingName = "sts"
} else {
signingName = *v4Scheme.SigningName
}
if v4Scheme.SigningRegion == nil {
signingRegion = m.BuiltInResolver.(*builtInResolver).Region
} else {
signingRegion = *v4Scheme.SigningRegion
}
if v4Scheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
break
case *internalauth.AuthenticationSchemeV4A:
v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A)
if v4aScheme.SigningName == nil {
v4aScheme.SigningName = aws.String("sts")
}
if v4aScheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName)
ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0])
break
case *internalauth.AuthenticationSchemeNone:
break
}
}
return next.HandleSerialize(ctx, in)
}
func addDecodeAuthorizationMessageResolveEndpointMiddleware(stack *middleware.Stack, options Options) error {
return stack.Serialize.Insert(&opDecodeAuthorizationMessageResolveEndpointMiddleware{
EndpointResolver: options.EndpointResolverV2,
BuiltInResolver: &builtInResolver{
Region: options.Region,
UseDualStack: options.EndpointOptions.UseDualStackEndpoint,
UseFIPS: options.EndpointOptions.UseFIPSEndpoint,
Endpoint: options.BaseEndpoint,
},
}, "ResolveEndpoint", middleware.After)
}

View File

@ -4,8 +4,13 @@ package sts
import (
"context"
"errors"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
smithyendpoints "github.com/aws/smithy-go/endpoints"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
@ -74,6 +79,9 @@ func (c *Client) addOperationGetAccessKeyInfoMiddlewares(stack *middleware.Stack
if err != nil {
return err
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
@ -110,6 +118,9 @@ func (c *Client) addOperationGetAccessKeyInfoMiddlewares(stack *middleware.Stack
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addGetAccessKeyInfoResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addOpGetAccessKeyInfoValidationMiddleware(stack); err != nil {
return err
}
@ -128,6 +139,9 @@ func (c *Client) addOperationGetAccessKeyInfoMiddlewares(stack *middleware.Stack
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
@ -139,3 +153,126 @@ func newServiceMetadataMiddleware_opGetAccessKeyInfo(region string) *awsmiddlewa
OperationName: "GetAccessKeyInfo",
}
}
type opGetAccessKeyInfoResolveEndpointMiddleware struct {
EndpointResolver EndpointResolverV2
BuiltInResolver builtInParameterResolver
}
func (*opGetAccessKeyInfoResolveEndpointMiddleware) ID() string {
return "ResolveEndpointV2"
}
func (m *opGetAccessKeyInfoResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleSerialize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.EndpointResolver == nil {
return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
}
params := EndpointParameters{}
m.BuiltInResolver.ResolveBuiltIns(&params)
var resolvedEndpoint smithyendpoints.Endpoint
resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params)
if err != nil {
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
req.URL = &resolvedEndpoint.URI
for k := range resolvedEndpoint.Headers {
req.Header.Set(
k,
resolvedEndpoint.Headers.Get(k),
)
}
authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties)
if err != nil {
var nfe *internalauth.NoAuthenticationSchemesFoundError
if errors.As(err, &nfe) {
// if no auth scheme is found, default to sigv4
signingName := "sts"
signingRegion := m.BuiltInResolver.(*builtInResolver).Region
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
}
var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError
if errors.As(err, &ue) {
return out, metadata, fmt.Errorf(
"This operation requests signer version(s) %v but the client only supports %v",
ue.UnsupportedSchemes,
internalauth.SupportedSchemes,
)
}
}
for _, authScheme := range authSchemes {
switch authScheme.(type) {
case *internalauth.AuthenticationSchemeV4:
v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4)
var signingName, signingRegion string
if v4Scheme.SigningName == nil {
signingName = "sts"
} else {
signingName = *v4Scheme.SigningName
}
if v4Scheme.SigningRegion == nil {
signingRegion = m.BuiltInResolver.(*builtInResolver).Region
} else {
signingRegion = *v4Scheme.SigningRegion
}
if v4Scheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
break
case *internalauth.AuthenticationSchemeV4A:
v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A)
if v4aScheme.SigningName == nil {
v4aScheme.SigningName = aws.String("sts")
}
if v4aScheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName)
ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0])
break
case *internalauth.AuthenticationSchemeNone:
break
}
}
return next.HandleSerialize(ctx, in)
}
func addGetAccessKeyInfoResolveEndpointMiddleware(stack *middleware.Stack, options Options) error {
return stack.Serialize.Insert(&opGetAccessKeyInfoResolveEndpointMiddleware{
EndpointResolver: options.EndpointResolverV2,
BuiltInResolver: &builtInResolver{
Region: options.Region,
UseDualStack: options.EndpointOptions.UseDualStackEndpoint,
UseFIPS: options.EndpointOptions.UseFIPSEndpoint,
Endpoint: options.BaseEndpoint,
},
}, "ResolveEndpoint", middleware.After)
}

View File

@ -4,8 +4,13 @@ package sts
import (
"context"
"errors"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
smithyendpoints "github.com/aws/smithy-go/endpoints"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
@ -69,6 +74,9 @@ func (c *Client) addOperationGetCallerIdentityMiddlewares(stack *middleware.Stac
if err != nil {
return err
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
@ -105,6 +113,9 @@ func (c *Client) addOperationGetCallerIdentityMiddlewares(stack *middleware.Stac
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addGetCallerIdentityResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetCallerIdentity(options.Region), middleware.Before); err != nil {
return err
}
@ -120,6 +131,9 @@ func (c *Client) addOperationGetCallerIdentityMiddlewares(stack *middleware.Stac
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
@ -155,3 +169,126 @@ func (c *PresignClient) PresignGetCallerIdentity(ctx context.Context, params *Ge
out := result.(*v4.PresignedHTTPRequest)
return out, nil
}
type opGetCallerIdentityResolveEndpointMiddleware struct {
EndpointResolver EndpointResolverV2
BuiltInResolver builtInParameterResolver
}
func (*opGetCallerIdentityResolveEndpointMiddleware) ID() string {
return "ResolveEndpointV2"
}
func (m *opGetCallerIdentityResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleSerialize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.EndpointResolver == nil {
return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
}
params := EndpointParameters{}
m.BuiltInResolver.ResolveBuiltIns(&params)
var resolvedEndpoint smithyendpoints.Endpoint
resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params)
if err != nil {
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
req.URL = &resolvedEndpoint.URI
for k := range resolvedEndpoint.Headers {
req.Header.Set(
k,
resolvedEndpoint.Headers.Get(k),
)
}
authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties)
if err != nil {
var nfe *internalauth.NoAuthenticationSchemesFoundError
if errors.As(err, &nfe) {
// if no auth scheme is found, default to sigv4
signingName := "sts"
signingRegion := m.BuiltInResolver.(*builtInResolver).Region
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
}
var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError
if errors.As(err, &ue) {
return out, metadata, fmt.Errorf(
"This operation requests signer version(s) %v but the client only supports %v",
ue.UnsupportedSchemes,
internalauth.SupportedSchemes,
)
}
}
for _, authScheme := range authSchemes {
switch authScheme.(type) {
case *internalauth.AuthenticationSchemeV4:
v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4)
var signingName, signingRegion string
if v4Scheme.SigningName == nil {
signingName = "sts"
} else {
signingName = *v4Scheme.SigningName
}
if v4Scheme.SigningRegion == nil {
signingRegion = m.BuiltInResolver.(*builtInResolver).Region
} else {
signingRegion = *v4Scheme.SigningRegion
}
if v4Scheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
break
case *internalauth.AuthenticationSchemeV4A:
v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A)
if v4aScheme.SigningName == nil {
v4aScheme.SigningName = aws.String("sts")
}
if v4aScheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName)
ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0])
break
case *internalauth.AuthenticationSchemeNone:
break
}
}
return next.HandleSerialize(ctx, in)
}
func addGetCallerIdentityResolveEndpointMiddleware(stack *middleware.Stack, options Options) error {
return stack.Serialize.Insert(&opGetCallerIdentityResolveEndpointMiddleware{
EndpointResolver: options.EndpointResolverV2,
BuiltInResolver: &builtInResolver{
Region: options.Region,
UseDualStack: options.EndpointOptions.UseDualStackEndpoint,
UseFIPS: options.EndpointOptions.UseFIPSEndpoint,
Endpoint: options.BaseEndpoint,
},
}, "ResolveEndpoint", middleware.After)
}

View File

@ -4,9 +4,14 @@ package sts
import (
"context"
"errors"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
"github.com/aws/aws-sdk-go-v2/service/sts/types"
smithyendpoints "github.com/aws/smithy-go/endpoints"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
@ -241,6 +246,9 @@ func (c *Client) addOperationGetFederationTokenMiddlewares(stack *middleware.Sta
if err != nil {
return err
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
@ -277,6 +285,9 @@ func (c *Client) addOperationGetFederationTokenMiddlewares(stack *middleware.Sta
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addGetFederationTokenResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = addOpGetFederationTokenValidationMiddleware(stack); err != nil {
return err
}
@ -295,6 +306,9 @@ func (c *Client) addOperationGetFederationTokenMiddlewares(stack *middleware.Sta
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
@ -306,3 +320,126 @@ func newServiceMetadataMiddleware_opGetFederationToken(region string) *awsmiddle
OperationName: "GetFederationToken",
}
}
type opGetFederationTokenResolveEndpointMiddleware struct {
EndpointResolver EndpointResolverV2
BuiltInResolver builtInParameterResolver
}
func (*opGetFederationTokenResolveEndpointMiddleware) ID() string {
return "ResolveEndpointV2"
}
func (m *opGetFederationTokenResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleSerialize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.EndpointResolver == nil {
return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
}
params := EndpointParameters{}
m.BuiltInResolver.ResolveBuiltIns(&params)
var resolvedEndpoint smithyendpoints.Endpoint
resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params)
if err != nil {
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
req.URL = &resolvedEndpoint.URI
for k := range resolvedEndpoint.Headers {
req.Header.Set(
k,
resolvedEndpoint.Headers.Get(k),
)
}
authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties)
if err != nil {
var nfe *internalauth.NoAuthenticationSchemesFoundError
if errors.As(err, &nfe) {
// if no auth scheme is found, default to sigv4
signingName := "sts"
signingRegion := m.BuiltInResolver.(*builtInResolver).Region
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
}
var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError
if errors.As(err, &ue) {
return out, metadata, fmt.Errorf(
"This operation requests signer version(s) %v but the client only supports %v",
ue.UnsupportedSchemes,
internalauth.SupportedSchemes,
)
}
}
for _, authScheme := range authSchemes {
switch authScheme.(type) {
case *internalauth.AuthenticationSchemeV4:
v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4)
var signingName, signingRegion string
if v4Scheme.SigningName == nil {
signingName = "sts"
} else {
signingName = *v4Scheme.SigningName
}
if v4Scheme.SigningRegion == nil {
signingRegion = m.BuiltInResolver.(*builtInResolver).Region
} else {
signingRegion = *v4Scheme.SigningRegion
}
if v4Scheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
break
case *internalauth.AuthenticationSchemeV4A:
v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A)
if v4aScheme.SigningName == nil {
v4aScheme.SigningName = aws.String("sts")
}
if v4aScheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName)
ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0])
break
case *internalauth.AuthenticationSchemeNone:
break
}
}
return next.HandleSerialize(ctx, in)
}
func addGetFederationTokenResolveEndpointMiddleware(stack *middleware.Stack, options Options) error {
return stack.Serialize.Insert(&opGetFederationTokenResolveEndpointMiddleware{
EndpointResolver: options.EndpointResolverV2,
BuiltInResolver: &builtInResolver{
Region: options.Region,
UseDualStack: options.EndpointOptions.UseDualStackEndpoint,
UseFIPS: options.EndpointOptions.UseFIPSEndpoint,
Endpoint: options.BaseEndpoint,
},
}, "ResolveEndpoint", middleware.After)
}

View File

@ -4,9 +4,14 @@ package sts
import (
"context"
"errors"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
internalauth "github.com/aws/aws-sdk-go-v2/internal/auth"
"github.com/aws/aws-sdk-go-v2/service/sts/types"
smithyendpoints "github.com/aws/smithy-go/endpoints"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
@ -127,6 +132,9 @@ func (c *Client) addOperationGetSessionTokenMiddlewares(stack *middleware.Stack,
if err != nil {
return err
}
if err = addlegacyEndpointContextSetter(stack, options); err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
@ -163,6 +171,9 @@ func (c *Client) addOperationGetSessionTokenMiddlewares(stack *middleware.Stack,
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addGetSessionTokenResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetSessionToken(options.Region), middleware.Before); err != nil {
return err
}
@ -178,6 +189,9 @@ func (c *Client) addOperationGetSessionTokenMiddlewares(stack *middleware.Stack,
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil {
return err
}
return nil
}
@ -189,3 +203,126 @@ func newServiceMetadataMiddleware_opGetSessionToken(region string) *awsmiddlewar
OperationName: "GetSessionToken",
}
}
type opGetSessionTokenResolveEndpointMiddleware struct {
EndpointResolver EndpointResolverV2
BuiltInResolver builtInParameterResolver
}
func (*opGetSessionTokenResolveEndpointMiddleware) ID() string {
return "ResolveEndpointV2"
}
func (m *opGetSessionTokenResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleSerialize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.EndpointResolver == nil {
return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
}
params := EndpointParameters{}
m.BuiltInResolver.ResolveBuiltIns(&params)
var resolvedEndpoint smithyendpoints.Endpoint
resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params)
if err != nil {
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
req.URL = &resolvedEndpoint.URI
for k := range resolvedEndpoint.Headers {
req.Header.Set(
k,
resolvedEndpoint.Headers.Get(k),
)
}
authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties)
if err != nil {
var nfe *internalauth.NoAuthenticationSchemesFoundError
if errors.As(err, &nfe) {
// if no auth scheme is found, default to sigv4
signingName := "sts"
signingRegion := m.BuiltInResolver.(*builtInResolver).Region
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
}
var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError
if errors.As(err, &ue) {
return out, metadata, fmt.Errorf(
"This operation requests signer version(s) %v but the client only supports %v",
ue.UnsupportedSchemes,
internalauth.SupportedSchemes,
)
}
}
for _, authScheme := range authSchemes {
switch authScheme.(type) {
case *internalauth.AuthenticationSchemeV4:
v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4)
var signingName, signingRegion string
if v4Scheme.SigningName == nil {
signingName = "sts"
} else {
signingName = *v4Scheme.SigningName
}
if v4Scheme.SigningRegion == nil {
signingRegion = m.BuiltInResolver.(*builtInResolver).Region
} else {
signingRegion = *v4Scheme.SigningRegion
}
if v4Scheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, signingName)
ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion)
break
case *internalauth.AuthenticationSchemeV4A:
v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A)
if v4aScheme.SigningName == nil {
v4aScheme.SigningName = aws.String("sts")
}
if v4aScheme.DisableDoubleEncoding != nil {
// The signer sets an equivalent value at client initialization time.
// Setting this context value will cause the signer to extract it
// and override the value set at client initialization time.
ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding)
}
ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName)
ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0])
break
case *internalauth.AuthenticationSchemeNone:
break
}
}
return next.HandleSerialize(ctx, in)
}
func addGetSessionTokenResolveEndpointMiddleware(stack *middleware.Stack, options Options) error {
return stack.Serialize.Insert(&opGetSessionTokenResolveEndpointMiddleware{
EndpointResolver: options.EndpointResolverV2,
BuiltInResolver: &builtInResolver{
Region: options.Region,
UseDualStack: options.EndpointOptions.UseDualStackEndpoint,
UseFIPS: options.EndpointOptions.UseFIPSEndpoint,
Endpoint: options.BaseEndpoint,
},
}, "ResolveEndpoint", middleware.After)
}

View File

@ -8,9 +8,14 @@ import (
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn"
internalendpoints "github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints"
smithy "github.com/aws/smithy-go"
smithyendpoints "github.com/aws/smithy-go/endpoints"
"github.com/aws/smithy-go/middleware"
"github.com/aws/smithy-go/ptr"
smithyhttp "github.com/aws/smithy-go/transport/http"
"net/http"
"net/url"
"strings"
)
@ -39,13 +44,6 @@ func (fn EndpointResolverFunc) ResolveEndpoint(region string, options EndpointRe
return fn(region, options)
}
func resolveDefaultEndpointConfiguration(o *Options) {
if o.EndpointResolver != nil {
return
}
o.EndpointResolver = NewDefaultEndpointResolver()
}
// EndpointResolverFromURL returns an EndpointResolver configured using the
// provided endpoint url. By default, the resolved endpoint resolver uses the
// client region as signing region, and the endpoint source is set to
@ -79,6 +77,10 @@ func (*ResolveEndpoint) ID() string {
func (m *ResolveEndpoint) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
if !awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleSerialize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
@ -94,6 +96,11 @@ func (m *ResolveEndpoint) HandleSerialize(ctx context.Context, in middleware.Ser
var endpoint aws.Endpoint
endpoint, err = m.Resolver.ResolveEndpoint(awsmiddleware.GetRegion(ctx), eo)
if err != nil {
nf := (&aws.EndpointNotFoundError{})
if errors.As(err, &nf) {
ctx = awsmiddleware.SetRequiresLegacyEndpoints(ctx, false)
return next.HandleSerialize(ctx, in)
}
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
@ -129,27 +136,10 @@ func removeResolveEndpointMiddleware(stack *middleware.Stack) error {
type wrappedEndpointResolver struct {
awsResolver aws.EndpointResolverWithOptions
resolver EndpointResolver
}
func (w *wrappedEndpointResolver) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error) {
if w.awsResolver == nil {
goto fallback
}
endpoint, err = w.awsResolver.ResolveEndpoint(ServiceID, region, options)
if err == nil {
return endpoint, nil
}
if nf := (&aws.EndpointNotFoundError{}); !errors.As(err, &nf) {
return endpoint, err
}
fallback:
if w.resolver == nil {
return endpoint, fmt.Errorf("default endpoint resolver provided was nil")
}
return w.resolver.ResolveEndpoint(region, options)
return w.awsResolver.ResolveEndpoint(ServiceID, region, options)
}
type awsEndpointResolverAdaptor func(service, region string) (aws.Endpoint, error)
@ -160,12 +150,13 @@ func (a awsEndpointResolverAdaptor) ResolveEndpoint(service, region string, opti
var _ aws.EndpointResolverWithOptions = awsEndpointResolverAdaptor(nil)
// withEndpointResolver returns an EndpointResolver that first delegates endpoint resolution to the awsResolver.
// If awsResolver returns aws.EndpointNotFoundError error, the resolver will use the the provided
// fallbackResolver for resolution.
// withEndpointResolver returns an aws.EndpointResolverWithOptions that first delegates endpoint resolution to the awsResolver.
// If awsResolver returns aws.EndpointNotFoundError error, the v1 resolver middleware will swallow the error,
// and set an appropriate context flag such that fallback will occur when EndpointResolverV2 is invoked
// via its middleware.
//
// fallbackResolver must not be nil
func withEndpointResolver(awsResolver aws.EndpointResolver, awsResolverWithOptions aws.EndpointResolverWithOptions, fallbackResolver EndpointResolver) EndpointResolver {
// If another error (besides aws.EndpointNotFoundError) is returned, then that error will be propagated.
func withEndpointResolver(awsResolver aws.EndpointResolver, awsResolverWithOptions aws.EndpointResolverWithOptions) EndpointResolver {
var resolver aws.EndpointResolverWithOptions
if awsResolverWithOptions != nil {
@ -176,7 +167,6 @@ func withEndpointResolver(awsResolver aws.EndpointResolver, awsResolverWithOptio
return &wrappedEndpointResolver{
awsResolver: resolver,
resolver: fallbackResolver,
}
}
@ -198,3 +188,789 @@ func finalizeClientEndpointResolverOptions(options *Options) {
}
}
func resolveEndpointResolverV2(options *Options) {
if options.EndpointResolverV2 == nil {
options.EndpointResolverV2 = NewDefaultEndpointResolverV2()
}
}
// Utility function to aid with translating pseudo-regions to classical regions
// with the appropriate setting indicated by the pseudo-region
func mapPseudoRegion(pr string) (region string, fips aws.FIPSEndpointState) {
const fipsInfix = "-fips-"
const fipsPrefix = "fips-"
const fipsSuffix = "-fips"
if strings.Contains(pr, fipsInfix) ||
strings.Contains(pr, fipsPrefix) ||
strings.Contains(pr, fipsSuffix) {
region = strings.ReplaceAll(strings.ReplaceAll(strings.ReplaceAll(
pr, fipsInfix, "-"), fipsPrefix, ""), fipsSuffix, "")
fips = aws.FIPSEndpointStateEnabled
} else {
region = pr
}
return region, fips
}
// builtInParameterResolver is the interface responsible for resolving BuiltIn
// values during the sourcing of EndpointParameters
type builtInParameterResolver interface {
ResolveBuiltIns(*EndpointParameters) error
}
// builtInResolver resolves modeled BuiltIn values using only the members defined
// below.
type builtInResolver struct {
// The AWS region used to dispatch the request.
Region string
// Sourced BuiltIn value in a historical enabled or disabled state.
UseDualStack aws.DualStackEndpointState
// Sourced BuiltIn value in a historical enabled or disabled state.
UseFIPS aws.FIPSEndpointState
// Base endpoint that can potentially be modified during Endpoint resolution.
Endpoint *string
// Whether the global endpoint should be used, rather then the regional endpoint
// for us-east-1.
UseGlobalEndpoint bool
}
// Invoked at runtime to resolve BuiltIn Values. Only resolution code specific to
// each BuiltIn value is generated.
func (b *builtInResolver) ResolveBuiltIns(params *EndpointParameters) error {
region, _ := mapPseudoRegion(b.Region)
if len(region) == 0 {
return fmt.Errorf("Could not resolve AWS::Region")
} else {
params.Region = aws.String(region)
}
if b.UseDualStack == aws.DualStackEndpointStateEnabled {
params.UseDualStack = aws.Bool(true)
} else {
params.UseDualStack = aws.Bool(false)
}
if b.UseFIPS == aws.FIPSEndpointStateEnabled {
params.UseFIPS = aws.Bool(true)
} else {
params.UseFIPS = aws.Bool(false)
}
params.Endpoint = b.Endpoint
params.UseGlobalEndpoint = aws.Bool(b.UseGlobalEndpoint)
return nil
}
// EndpointParameters provides the parameters that influence how endpoints are
// resolved.
type EndpointParameters struct {
// The AWS region used to dispatch the request.
//
// Parameter is
// required.
//
// AWS::Region
Region *string
// When true, use the dual-stack endpoint. If the configured endpoint does not
// support dual-stack, dispatching the request MAY return an error.
//
// Defaults to
// false if no value is provided.
//
// AWS::UseDualStack
UseDualStack *bool
// When true, send this request to the FIPS-compliant regional endpoint. If the
// configured endpoint does not have a FIPS compliant endpoint, dispatching the
// request will return an error.
//
// Defaults to false if no value is
// provided.
//
// AWS::UseFIPS
UseFIPS *bool
// Override the endpoint used to send this request
//
// Parameter is
// required.
//
// SDK::Endpoint
Endpoint *string
// Whether the global endpoint should be used, rather then the regional endpoint
// for us-east-1.
//
// Defaults to false if no value is
// provided.
//
// AWS::STS::UseGlobalEndpoint
UseGlobalEndpoint *bool
}
// ValidateRequired validates required parameters are set.
func (p EndpointParameters) ValidateRequired() error {
if p.UseDualStack == nil {
return fmt.Errorf("parameter UseDualStack is required")
}
if p.UseFIPS == nil {
return fmt.Errorf("parameter UseFIPS is required")
}
if p.UseGlobalEndpoint == nil {
return fmt.Errorf("parameter UseGlobalEndpoint is required")
}
return nil
}
// WithDefaults returns a shallow copy of EndpointParameterswith default values
// applied to members where applicable.
func (p EndpointParameters) WithDefaults() EndpointParameters {
if p.UseDualStack == nil {
p.UseDualStack = ptr.Bool(false)
}
if p.UseFIPS == nil {
p.UseFIPS = ptr.Bool(false)
}
if p.UseGlobalEndpoint == nil {
p.UseGlobalEndpoint = ptr.Bool(false)
}
return p
}
// EndpointResolverV2 provides the interface for resolving service endpoints.
type EndpointResolverV2 interface {
// ResolveEndpoint attempts to resolve the endpoint with the provided options,
// returning the endpoint if found. Otherwise an error is returned.
ResolveEndpoint(ctx context.Context, params EndpointParameters) (
smithyendpoints.Endpoint, error,
)
}
// resolver provides the implementation for resolving endpoints.
type resolver struct{}
func NewDefaultEndpointResolverV2() EndpointResolverV2 {
return &resolver{}
}
// ResolveEndpoint attempts to resolve the endpoint with the provided options,
// returning the endpoint if found. Otherwise an error is returned.
func (r *resolver) ResolveEndpoint(
ctx context.Context, params EndpointParameters,
) (
endpoint smithyendpoints.Endpoint, err error,
) {
params = params.WithDefaults()
if err = params.ValidateRequired(); err != nil {
return endpoint, fmt.Errorf("endpoint parameters are not valid, %w", err)
}
_UseDualStack := *params.UseDualStack
_UseFIPS := *params.UseFIPS
_UseGlobalEndpoint := *params.UseGlobalEndpoint
if _UseGlobalEndpoint == true {
if !(params.Endpoint != nil) {
if exprVal := params.Region; exprVal != nil {
_Region := *exprVal
_ = _Region
if exprVal := awsrulesfn.GetPartition(_Region); exprVal != nil {
_PartitionResult := *exprVal
_ = _PartitionResult
if _UseFIPS == false {
if _UseDualStack == false {
if _Region == "ap-northeast-1" {
uriString := "https://sts.amazonaws.com"
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
},
})
return out
}(),
}, nil
}
if _Region == "ap-south-1" {
uriString := "https://sts.amazonaws.com"
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
},
})
return out
}(),
}, nil
}
if _Region == "ap-southeast-1" {
uriString := "https://sts.amazonaws.com"
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
},
})
return out
}(),
}, nil
}
if _Region == "ap-southeast-2" {
uriString := "https://sts.amazonaws.com"
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
},
})
return out
}(),
}, nil
}
if _Region == "aws-global" {
uriString := "https://sts.amazonaws.com"
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
},
})
return out
}(),
}, nil
}
if _Region == "ca-central-1" {
uriString := "https://sts.amazonaws.com"
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
},
})
return out
}(),
}, nil
}
if _Region == "eu-central-1" {
uriString := "https://sts.amazonaws.com"
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
},
})
return out
}(),
}, nil
}
if _Region == "eu-north-1" {
uriString := "https://sts.amazonaws.com"
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
},
})
return out
}(),
}, nil
}
if _Region == "eu-west-1" {
uriString := "https://sts.amazonaws.com"
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
},
})
return out
}(),
}, nil
}
if _Region == "eu-west-2" {
uriString := "https://sts.amazonaws.com"
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
},
})
return out
}(),
}, nil
}
if _Region == "eu-west-3" {
uriString := "https://sts.amazonaws.com"
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
},
})
return out
}(),
}, nil
}
if _Region == "sa-east-1" {
uriString := "https://sts.amazonaws.com"
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
},
})
return out
}(),
}, nil
}
if _Region == "us-east-1" {
uriString := "https://sts.amazonaws.com"
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
},
})
return out
}(),
}, nil
}
if _Region == "us-east-2" {
uriString := "https://sts.amazonaws.com"
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
},
})
return out
}(),
}, nil
}
if _Region == "us-west-1" {
uriString := "https://sts.amazonaws.com"
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
},
})
return out
}(),
}, nil
}
if _Region == "us-west-2" {
uriString := "https://sts.amazonaws.com"
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
},
})
return out
}(),
}, nil
}
uriString := func() string {
var out strings.Builder
out.WriteString("https://sts.")
out.WriteString(_Region)
out.WriteString(".")
out.WriteString(_PartitionResult.DnsSuffix)
return out.String()
}()
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": _Region,
},
})
return out
}(),
}, nil
}
}
}
}
}
}
if exprVal := params.Endpoint; exprVal != nil {
_Endpoint := *exprVal
_ = _Endpoint
if _UseFIPS == true {
return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: FIPS and custom endpoint are not supported")
}
if _UseDualStack == true {
return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Dualstack and custom endpoint are not supported")
}
uriString := _Endpoint
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
}, nil
}
if exprVal := params.Region; exprVal != nil {
_Region := *exprVal
_ = _Region
if exprVal := awsrulesfn.GetPartition(_Region); exprVal != nil {
_PartitionResult := *exprVal
_ = _PartitionResult
if _UseFIPS == true {
if _UseDualStack == true {
if true == _PartitionResult.SupportsFIPS {
if true == _PartitionResult.SupportsDualStack {
uriString := func() string {
var out strings.Builder
out.WriteString("https://sts-fips.")
out.WriteString(_Region)
out.WriteString(".")
out.WriteString(_PartitionResult.DualStackDnsSuffix)
return out.String()
}()
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
}, nil
}
}
return endpoint, fmt.Errorf("endpoint rule error, %s", "FIPS and DualStack are enabled, but this partition does not support one or both")
}
}
if _UseFIPS == true {
if true == _PartitionResult.SupportsFIPS {
if "aws-us-gov" == _PartitionResult.Name {
uriString := func() string {
var out strings.Builder
out.WriteString("https://sts.")
out.WriteString(_Region)
out.WriteString(".amazonaws.com")
return out.String()
}()
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
}, nil
}
uriString := func() string {
var out strings.Builder
out.WriteString("https://sts-fips.")
out.WriteString(_Region)
out.WriteString(".")
out.WriteString(_PartitionResult.DnsSuffix)
return out.String()
}()
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
}, nil
}
return endpoint, fmt.Errorf("endpoint rule error, %s", "FIPS is enabled but this partition does not support FIPS")
}
if _UseDualStack == true {
if true == _PartitionResult.SupportsDualStack {
uriString := func() string {
var out strings.Builder
out.WriteString("https://sts.")
out.WriteString(_Region)
out.WriteString(".")
out.WriteString(_PartitionResult.DualStackDnsSuffix)
return out.String()
}()
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
}, nil
}
return endpoint, fmt.Errorf("endpoint rule error, %s", "DualStack is enabled but this partition does not support DualStack")
}
if _Region == "aws-global" {
uriString := "https://sts.amazonaws.com"
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
Properties: func() smithy.Properties {
var out smithy.Properties
out.Set("authSchemes", []interface{}{
map[string]interface{}{
"name": "sigv4",
"signingName": "sts",
"signingRegion": "us-east-1",
},
})
return out
}(),
}, nil
}
uriString := func() string {
var out strings.Builder
out.WriteString("https://sts.")
out.WriteString(_Region)
out.WriteString(".")
out.WriteString(_PartitionResult.DnsSuffix)
return out.String()
}()
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
}, nil
}
return endpoint, fmt.Errorf("Endpoint resolution failed. Invalid operation or environment input.")
}
return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Missing Region")
}

View File

@ -4,7 +4,8 @@
"github.com/aws/aws-sdk-go-v2/internal/configsources": "v0.0.0-00010101000000-000000000000",
"github.com/aws/aws-sdk-go-v2/internal/endpoints/v2": "v2.0.0-00010101000000-000000000000",
"github.com/aws/aws-sdk-go-v2/service/internal/presigned-url": "v1.0.7",
"github.com/aws/smithy-go": "v1.4.0"
"github.com/aws/smithy-go": "v1.4.0",
"github.com/google/go-cmp": "v0.5.4"
},
"files": [
"api_client.go",
@ -20,6 +21,7 @@
"deserializers.go",
"doc.go",
"endpoints.go",
"endpoints_test.go",
"generated.json",
"internal/endpoints/endpoints.go",
"internal/endpoints/endpoints_test.go",

View File

@ -3,4 +3,4 @@
package sts
// goModuleVersion is the tagged release for this module
const goModuleVersion = "1.20.0"
const goModuleVersion = "1.21.0"

View File

@ -20,3 +20,7 @@ target/
build/
*/out/
*/*/out/
# VS Code
bin/
.vscode/

View File

@ -1,3 +1,8 @@
# Release (2023-07-31)
## General Highlights
* **Feature**: Adds support for smithy-modeled endpoint resolution.
# Release (2022-12-02)
* No change notes available for this release.

View File

@ -26,10 +26,17 @@ type Encoder struct {
header http.Header
}
// NewEncoder creates a new encoder from the passed in request. All query and
// NewEncoder creates a new encoder from the passed in request. It assumes that
// raw path contains no valuable information at this point, so it passes in path
// as path and raw path for subsequent trans
func NewEncoder(path, query string, headers http.Header) (*Encoder, error) {
return NewEncoderWithRawPath(path, path, query, headers)
}
// NewHTTPBindingEncoder creates a new encoder from the passed in request. All query and
// header values will be added on top of the request's existing values. Overwriting
// duplicate values.
func NewEncoder(path, query string, headers http.Header) (*Encoder, error) {
func NewEncoderWithRawPath(path, rawPath, query string, headers http.Header) (*Encoder, error) {
parseQuery, err := url.ParseQuery(query)
if err != nil {
return nil, fmt.Errorf("failed to parse query string: %w", err)
@ -37,7 +44,7 @@ func NewEncoder(path, query string, headers http.Header) (*Encoder, error) {
e := &Encoder{
path: []byte(path),
rawPath: []byte(path),
rawPath: []byte(rawPath),
query: parseQuery,
header: headers.Clone(),
}

23
vendor/github.com/aws/smithy-go/endpoints/endpoint.go generated vendored Normal file
View File

@ -0,0 +1,23 @@
package transport
import (
"net/http"
"net/url"
"github.com/aws/smithy-go"
)
// Endpoint is the endpoint object returned by Endpoint resolution V2
type Endpoint struct {
// The complete URL minimally specfiying the scheme and host.
// May optionally specify the port and base path component.
URI url.URL
// An optional set of headers to be sent using transport layer headers.
Headers http.Header
// A grab-bag property map of endpoint attributes. The
// values present here are subject to change, or being add/removed at any
// time.
Properties smithy.Properties
}

View File

@ -3,4 +3,4 @@
package smithy
// goModuleVersion is the tagged release for this module
const goModuleVersion = "1.13.5"
const goModuleVersion = "1.14.0"

52
vendor/github.com/aws/smithy-go/properties.go generated vendored Normal file
View File

@ -0,0 +1,52 @@
package smithy
// PropertiesReader provides an interface for reading metadata from the
// underlying metadata container.
type PropertiesReader interface {
Get(key interface{}) interface{}
}
// Properties provides storing and reading metadata values. Keys may be any
// comparable value type. Get and set will panic if key is not a comparable
// value type.
//
// Properties uses lazy initialization, and Set method must be called as an
// addressable value, or pointer. Not doing so may cause key/value pair to not
// be set.
type Properties struct {
values map[interface{}]interface{}
}
// Get attempts to retrieve the value the key points to. Returns nil if the
// key was not found.
//
// Panics if key type is not comparable.
func (m *Properties) Get(key interface{}) interface{} {
return m.values[key]
}
// Set stores the value pointed to by the key. If a value already exists at
// that key it will be replaced with the new value.
//
// Set method must be called as an addressable value, or pointer. If Set is not
// called as an addressable value or pointer, the key value pair being set may
// be lost.
//
// Panics if the key type is not comparable.
func (m *Properties) Set(key, value interface{}) {
if m.values == nil {
m.values = map[interface{}]interface{}{}
}
m.values[key] = value
}
// Has returns whether the key exists in the metadata.
//
// Panics if the key type is not comparable.
func (m *Properties) Has(key interface{}) bool {
if m.values == nil {
return false
}
_, ok := m.values[key]
return ok
}

15
vendor/modules.txt vendored
View File

@ -65,7 +65,7 @@ github.com/aws/aws-sdk-go/service/sso/ssoiface
github.com/aws/aws-sdk-go/service/ssooidc
github.com/aws/aws-sdk-go/service/sts
github.com/aws/aws-sdk-go/service/sts/stsiface
# github.com/aws/aws-sdk-go-v2 v1.19.0
# github.com/aws/aws-sdk-go-v2 v1.20.0
## explicit; go 1.15
github.com/aws/aws-sdk-go-v2/aws
github.com/aws/aws-sdk-go-v2/aws/defaults
@ -77,26 +77,28 @@ github.com/aws/aws-sdk-go-v2/aws/retry
github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4
github.com/aws/aws-sdk-go-v2/aws/signer/v4
github.com/aws/aws-sdk-go-v2/aws/transport/http
github.com/aws/aws-sdk-go-v2/internal/auth
github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn
github.com/aws/aws-sdk-go-v2/internal/rand
github.com/aws/aws-sdk-go-v2/internal/sdk
github.com/aws/aws-sdk-go-v2/internal/strings
github.com/aws/aws-sdk-go-v2/internal/sync/singleflight
github.com/aws/aws-sdk-go-v2/internal/timeconv
# github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.35
# github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.37
## explicit; go 1.15
github.com/aws/aws-sdk-go-v2/internal/configsources
# github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.29
# github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.31
## explicit; go 1.15
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2
# github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.29
# github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.31
## explicit; go 1.15
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url
# github.com/aws/aws-sdk-go-v2/service/sts v1.20.0
# github.com/aws/aws-sdk-go-v2/service/sts v1.21.0
## explicit; go 1.15
github.com/aws/aws-sdk-go-v2/service/sts
github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints
github.com/aws/aws-sdk-go-v2/service/sts/types
# github.com/aws/smithy-go v1.13.5
# github.com/aws/smithy-go v1.14.0
## explicit; go 1.15
github.com/aws/smithy-go
github.com/aws/smithy-go/auth/bearer
@ -105,6 +107,7 @@ github.com/aws/smithy-go/document
github.com/aws/smithy-go/encoding
github.com/aws/smithy-go/encoding/httpbinding
github.com/aws/smithy-go/encoding/xml
github.com/aws/smithy-go/endpoints
github.com/aws/smithy-go/internal/sync/singleflight
github.com/aws/smithy-go/io
github.com/aws/smithy-go/logging