1// Code generated by smithy-go-codegen DO NOT EDIT.
2
3package sts
4
5import (
6 "context"
7 "errors"
8 "fmt"
9 "github.com/aws/aws-sdk-go-v2/aws"
10 awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
11 internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources"
12 "github.com/aws/aws-sdk-go-v2/internal/endpoints"
13 "github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn"
14 internalendpoints "github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints"
15 smithy "github.com/aws/smithy-go"
16 smithyauth "github.com/aws/smithy-go/auth"
17 smithyendpoints "github.com/aws/smithy-go/endpoints"
18 "github.com/aws/smithy-go/middleware"
19 "github.com/aws/smithy-go/ptr"
20 smithyhttp "github.com/aws/smithy-go/transport/http"
21 "net/http"
22 "net/url"
23 "os"
24 "strings"
25)
26
27// EndpointResolverOptions is the service endpoint resolver options
28type EndpointResolverOptions = internalendpoints.Options
29
30// EndpointResolver interface for resolving service endpoints.
31type EndpointResolver interface {
32 ResolveEndpoint(region string, options EndpointResolverOptions) (aws.Endpoint, error)
33}
34
35var _ EndpointResolver = &internalendpoints.Resolver{}
36
37// NewDefaultEndpointResolver constructs a new service endpoint resolver
38func NewDefaultEndpointResolver() *internalendpoints.Resolver {
39 return internalendpoints.New()
40}
41
42// EndpointResolverFunc is a helper utility that wraps a function so it satisfies
43// the EndpointResolver interface. This is useful when you want to add additional
44// endpoint resolving logic, or stub out specific endpoints with custom values.
45type EndpointResolverFunc func(region string, options EndpointResolverOptions) (aws.Endpoint, error)
46
47func (fn EndpointResolverFunc) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error) {
48 return fn(region, options)
49}
50
51// EndpointResolverFromURL returns an EndpointResolver configured using the
52// provided endpoint url. By default, the resolved endpoint resolver uses the
53// client region as signing region, and the endpoint source is set to
54// EndpointSourceCustom.You can provide functional options to configure endpoint
55// values for the resolved endpoint.
56func EndpointResolverFromURL(url string, optFns ...func(*aws.Endpoint)) EndpointResolver {
57 e := aws.Endpoint{URL: url, Source: aws.EndpointSourceCustom}
58 for _, fn := range optFns {
59 fn(&e)
60 }
61
62 return EndpointResolverFunc(
63 func(region string, options EndpointResolverOptions) (aws.Endpoint, error) {
64 if len(e.SigningRegion) == 0 {
65 e.SigningRegion = region
66 }
67 return e, nil
68 },
69 )
70}
71
72type ResolveEndpoint struct {
73 Resolver EndpointResolver
74 Options EndpointResolverOptions
75}
76
77func (*ResolveEndpoint) ID() string {
78 return "ResolveEndpoint"
79}
80
81func (m *ResolveEndpoint) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
82 out middleware.SerializeOutput, metadata middleware.Metadata, err error,
83) {
84 if !awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
85 return next.HandleSerialize(ctx, in)
86 }
87
88 req, ok := in.Request.(*smithyhttp.Request)
89 if !ok {
90 return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
91 }
92
93 if m.Resolver == nil {
94 return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
95 }
96
97 eo := m.Options
98 eo.Logger = middleware.GetLogger(ctx)
99
100 var endpoint aws.Endpoint
101 endpoint, err = m.Resolver.ResolveEndpoint(awsmiddleware.GetRegion(ctx), eo)
102 if err != nil {
103 nf := (&aws.EndpointNotFoundError{})
104 if errors.As(err, &nf) {
105 ctx = awsmiddleware.SetRequiresLegacyEndpoints(ctx, false)
106 return next.HandleSerialize(ctx, in)
107 }
108 return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
109 }
110
111 req.URL, err = url.Parse(endpoint.URL)
112 if err != nil {
113 return out, metadata, fmt.Errorf("failed to parse endpoint URL: %w", err)
114 }
115
116 if len(awsmiddleware.GetSigningName(ctx)) == 0 {
117 signingName := endpoint.SigningName
118 if len(signingName) == 0 {
119 signingName = "sts"
120 }
121 ctx = awsmiddleware.SetSigningName(ctx, signingName)
122 }
123 ctx = awsmiddleware.SetEndpointSource(ctx, endpoint.Source)
124 ctx = smithyhttp.SetHostnameImmutable(ctx, endpoint.HostnameImmutable)
125 ctx = awsmiddleware.SetSigningRegion(ctx, endpoint.SigningRegion)
126 ctx = awsmiddleware.SetPartitionID(ctx, endpoint.PartitionID)
127 return next.HandleSerialize(ctx, in)
128}
129func addResolveEndpointMiddleware(stack *middleware.Stack, o Options) error {
130 return stack.Serialize.Insert(&ResolveEndpoint{
131 Resolver: o.EndpointResolver,
132 Options: o.EndpointOptions,
133 }, "OperationSerializer", middleware.Before)
134}
135
136func removeResolveEndpointMiddleware(stack *middleware.Stack) error {
137 _, err := stack.Serialize.Remove((&ResolveEndpoint{}).ID())
138 return err
139}
140
141type wrappedEndpointResolver struct {
142 awsResolver aws.EndpointResolverWithOptions
143}
144
145func (w *wrappedEndpointResolver) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error) {
146 return w.awsResolver.ResolveEndpoint(ServiceID, region, options)
147}
148
149type awsEndpointResolverAdaptor func(service, region string) (aws.Endpoint, error)
150
151func (a awsEndpointResolverAdaptor) ResolveEndpoint(service, region string, options ...interface{}) (aws.Endpoint, error) {
152 return a(service, region)
153}
154
155var _ aws.EndpointResolverWithOptions = awsEndpointResolverAdaptor(nil)
156
157// withEndpointResolver returns an aws.EndpointResolverWithOptions that first delegates endpoint resolution to the awsResolver.
158// If awsResolver returns aws.EndpointNotFoundError error, the v1 resolver middleware will swallow the error,
159// and set an appropriate context flag such that fallback will occur when EndpointResolverV2 is invoked
160// via its middleware.
161//
162// If another error (besides aws.EndpointNotFoundError) is returned, then that error will be propagated.
163func withEndpointResolver(awsResolver aws.EndpointResolver, awsResolverWithOptions aws.EndpointResolverWithOptions) EndpointResolver {
164 var resolver aws.EndpointResolverWithOptions
165
166 if awsResolverWithOptions != nil {
167 resolver = awsResolverWithOptions
168 } else if awsResolver != nil {
169 resolver = awsEndpointResolverAdaptor(awsResolver.ResolveEndpoint)
170 }
171
172 return &wrappedEndpointResolver{
173 awsResolver: resolver,
174 }
175}
176
177func finalizeClientEndpointResolverOptions(options *Options) {
178 options.EndpointOptions.LogDeprecated = options.ClientLogMode.IsDeprecatedUsage()
179
180 if len(options.EndpointOptions.ResolvedRegion) == 0 {
181 const fipsInfix = "-fips-"
182 const fipsPrefix = "fips-"
183 const fipsSuffix = "-fips"
184
185 if strings.Contains(options.Region, fipsInfix) ||
186 strings.Contains(options.Region, fipsPrefix) ||
187 strings.Contains(options.Region, fipsSuffix) {
188 options.EndpointOptions.ResolvedRegion = strings.ReplaceAll(strings.ReplaceAll(strings.ReplaceAll(
189 options.Region, fipsInfix, "-"), fipsPrefix, ""), fipsSuffix, "")
190 options.EndpointOptions.UseFIPSEndpoint = aws.FIPSEndpointStateEnabled
191 }
192 }
193
194}
195
196func resolveEndpointResolverV2(options *Options) {
197 if options.EndpointResolverV2 == nil {
198 options.EndpointResolverV2 = NewDefaultEndpointResolverV2()
199 }
200}
201
202func resolveBaseEndpoint(cfg aws.Config, o *Options) {
203 if cfg.BaseEndpoint != nil {
204 o.BaseEndpoint = cfg.BaseEndpoint
205 }
206
207 _, g := os.LookupEnv("AWS_ENDPOINT_URL")
208 _, s := os.LookupEnv("AWS_ENDPOINT_URL_STS")
209
210 if g && !s {
211 return
212 }
213
214 value, found, err := internalConfig.ResolveServiceBaseEndpoint(context.Background(), "STS", cfg.ConfigSources)
215 if found && err == nil {
216 o.BaseEndpoint = &value
217 }
218}
219
220func bindRegion(region string) *string {
221 if region == "" {
222 return nil
223 }
224 return aws.String(endpoints.MapFIPSRegion(region))
225}
226
227// EndpointParameters provides the parameters that influence how endpoints are
228// resolved.
229type EndpointParameters struct {
230 // The AWS region used to dispatch the request.
231 //
232 // Parameter is
233 // required.
234 //
235 // AWS::Region
236 Region *string
237
238 // When true, use the dual-stack endpoint. If the configured endpoint does not
239 // support dual-stack, dispatching the request MAY return an error.
240 //
241 // Defaults to
242 // false if no value is provided.
243 //
244 // AWS::UseDualStack
245 UseDualStack *bool
246
247 // When true, send this request to the FIPS-compliant regional endpoint. If the
248 // configured endpoint does not have a FIPS compliant endpoint, dispatching the
249 // request will return an error.
250 //
251 // Defaults to false if no value is
252 // provided.
253 //
254 // AWS::UseFIPS
255 UseFIPS *bool
256
257 // Override the endpoint used to send this request
258 //
259 // Parameter is
260 // required.
261 //
262 // SDK::Endpoint
263 Endpoint *string
264
265 // Whether the global endpoint should be used, rather then the regional endpoint
266 // for us-east-1.
267 //
268 // Defaults to false if no value is
269 // provided.
270 //
271 // AWS::STS::UseGlobalEndpoint
272 UseGlobalEndpoint *bool
273}
274
275// ValidateRequired validates required parameters are set.
276func (p EndpointParameters) ValidateRequired() error {
277 if p.UseDualStack == nil {
278 return fmt.Errorf("parameter UseDualStack is required")
279 }
280
281 if p.UseFIPS == nil {
282 return fmt.Errorf("parameter UseFIPS is required")
283 }
284
285 if p.UseGlobalEndpoint == nil {
286 return fmt.Errorf("parameter UseGlobalEndpoint is required")
287 }
288
289 return nil
290}
291
292// WithDefaults returns a shallow copy of EndpointParameterswith default values
293// applied to members where applicable.
294func (p EndpointParameters) WithDefaults() EndpointParameters {
295 if p.UseDualStack == nil {
296 p.UseDualStack = ptr.Bool(false)
297 }
298
299 if p.UseFIPS == nil {
300 p.UseFIPS = ptr.Bool(false)
301 }
302
303 if p.UseGlobalEndpoint == nil {
304 p.UseGlobalEndpoint = ptr.Bool(false)
305 }
306 return p
307}
308
309type stringSlice []string
310
311func (s stringSlice) Get(i int) *string {
312 if i < 0 || i >= len(s) {
313 return nil
314 }
315
316 v := s[i]
317 return &v
318}
319
320// EndpointResolverV2 provides the interface for resolving service endpoints.
321type EndpointResolverV2 interface {
322 // ResolveEndpoint attempts to resolve the endpoint with the provided options,
323 // returning the endpoint if found. Otherwise an error is returned.
324 ResolveEndpoint(ctx context.Context, params EndpointParameters) (
325 smithyendpoints.Endpoint, error,
326 )
327}
328
329// resolver provides the implementation for resolving endpoints.
330type resolver struct{}
331
332func NewDefaultEndpointResolverV2() EndpointResolverV2 {
333 return &resolver{}
334}
335
336// ResolveEndpoint attempts to resolve the endpoint with the provided options,
337// returning the endpoint if found. Otherwise an error is returned.
338func (r *resolver) ResolveEndpoint(
339 ctx context.Context, params EndpointParameters,
340) (
341 endpoint smithyendpoints.Endpoint, err error,
342) {
343 params = params.WithDefaults()
344 if err = params.ValidateRequired(); err != nil {
345 return endpoint, fmt.Errorf("endpoint parameters are not valid, %w", err)
346 }
347 _UseDualStack := *params.UseDualStack
348 _UseFIPS := *params.UseFIPS
349 _UseGlobalEndpoint := *params.UseGlobalEndpoint
350
351 if _UseGlobalEndpoint == true {
352 if !(params.Endpoint != nil) {
353 if exprVal := params.Region; exprVal != nil {
354 _Region := *exprVal
355 _ = _Region
356 if exprVal := awsrulesfn.GetPartition(_Region); exprVal != nil {
357 _PartitionResult := *exprVal
358 _ = _PartitionResult
359 if _UseFIPS == false {
360 if _UseDualStack == false {
361 if _Region == "ap-northeast-1" {
362 uriString := "https://sts.amazonaws.com"
363
364 uri, err := url.Parse(uriString)
365 if err != nil {
366 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
367 }
368
369 return smithyendpoints.Endpoint{
370 URI: *uri,
371 Headers: http.Header{},
372 Properties: func() smithy.Properties {
373 var out smithy.Properties
374 smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
375 {
376 SchemeID: "aws.auth#sigv4",
377 SignerProperties: func() smithy.Properties {
378 var sp smithy.Properties
379 smithyhttp.SetSigV4SigningName(&sp, "sts")
380 smithyhttp.SetSigV4ASigningName(&sp, "sts")
381
382 smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
383 return sp
384 }(),
385 },
386 })
387 return out
388 }(),
389 }, nil
390 }
391 if _Region == "ap-south-1" {
392 uriString := "https://sts.amazonaws.com"
393
394 uri, err := url.Parse(uriString)
395 if err != nil {
396 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
397 }
398
399 return smithyendpoints.Endpoint{
400 URI: *uri,
401 Headers: http.Header{},
402 Properties: func() smithy.Properties {
403 var out smithy.Properties
404 smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
405 {
406 SchemeID: "aws.auth#sigv4",
407 SignerProperties: func() smithy.Properties {
408 var sp smithy.Properties
409 smithyhttp.SetSigV4SigningName(&sp, "sts")
410 smithyhttp.SetSigV4ASigningName(&sp, "sts")
411
412 smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
413 return sp
414 }(),
415 },
416 })
417 return out
418 }(),
419 }, nil
420 }
421 if _Region == "ap-southeast-1" {
422 uriString := "https://sts.amazonaws.com"
423
424 uri, err := url.Parse(uriString)
425 if err != nil {
426 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
427 }
428
429 return smithyendpoints.Endpoint{
430 URI: *uri,
431 Headers: http.Header{},
432 Properties: func() smithy.Properties {
433 var out smithy.Properties
434 smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
435 {
436 SchemeID: "aws.auth#sigv4",
437 SignerProperties: func() smithy.Properties {
438 var sp smithy.Properties
439 smithyhttp.SetSigV4SigningName(&sp, "sts")
440 smithyhttp.SetSigV4ASigningName(&sp, "sts")
441
442 smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
443 return sp
444 }(),
445 },
446 })
447 return out
448 }(),
449 }, nil
450 }
451 if _Region == "ap-southeast-2" {
452 uriString := "https://sts.amazonaws.com"
453
454 uri, err := url.Parse(uriString)
455 if err != nil {
456 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
457 }
458
459 return smithyendpoints.Endpoint{
460 URI: *uri,
461 Headers: http.Header{},
462 Properties: func() smithy.Properties {
463 var out smithy.Properties
464 smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
465 {
466 SchemeID: "aws.auth#sigv4",
467 SignerProperties: func() smithy.Properties {
468 var sp smithy.Properties
469 smithyhttp.SetSigV4SigningName(&sp, "sts")
470 smithyhttp.SetSigV4ASigningName(&sp, "sts")
471
472 smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
473 return sp
474 }(),
475 },
476 })
477 return out
478 }(),
479 }, nil
480 }
481 if _Region == "aws-global" {
482 uriString := "https://sts.amazonaws.com"
483
484 uri, err := url.Parse(uriString)
485 if err != nil {
486 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
487 }
488
489 return smithyendpoints.Endpoint{
490 URI: *uri,
491 Headers: http.Header{},
492 Properties: func() smithy.Properties {
493 var out smithy.Properties
494 smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
495 {
496 SchemeID: "aws.auth#sigv4",
497 SignerProperties: func() smithy.Properties {
498 var sp smithy.Properties
499 smithyhttp.SetSigV4SigningName(&sp, "sts")
500 smithyhttp.SetSigV4ASigningName(&sp, "sts")
501
502 smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
503 return sp
504 }(),
505 },
506 })
507 return out
508 }(),
509 }, nil
510 }
511 if _Region == "ca-central-1" {
512 uriString := "https://sts.amazonaws.com"
513
514 uri, err := url.Parse(uriString)
515 if err != nil {
516 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
517 }
518
519 return smithyendpoints.Endpoint{
520 URI: *uri,
521 Headers: http.Header{},
522 Properties: func() smithy.Properties {
523 var out smithy.Properties
524 smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
525 {
526 SchemeID: "aws.auth#sigv4",
527 SignerProperties: func() smithy.Properties {
528 var sp smithy.Properties
529 smithyhttp.SetSigV4SigningName(&sp, "sts")
530 smithyhttp.SetSigV4ASigningName(&sp, "sts")
531
532 smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
533 return sp
534 }(),
535 },
536 })
537 return out
538 }(),
539 }, nil
540 }
541 if _Region == "eu-central-1" {
542 uriString := "https://sts.amazonaws.com"
543
544 uri, err := url.Parse(uriString)
545 if err != nil {
546 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
547 }
548
549 return smithyendpoints.Endpoint{
550 URI: *uri,
551 Headers: http.Header{},
552 Properties: func() smithy.Properties {
553 var out smithy.Properties
554 smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
555 {
556 SchemeID: "aws.auth#sigv4",
557 SignerProperties: func() smithy.Properties {
558 var sp smithy.Properties
559 smithyhttp.SetSigV4SigningName(&sp, "sts")
560 smithyhttp.SetSigV4ASigningName(&sp, "sts")
561
562 smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
563 return sp
564 }(),
565 },
566 })
567 return out
568 }(),
569 }, nil
570 }
571 if _Region == "eu-north-1" {
572 uriString := "https://sts.amazonaws.com"
573
574 uri, err := url.Parse(uriString)
575 if err != nil {
576 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
577 }
578
579 return smithyendpoints.Endpoint{
580 URI: *uri,
581 Headers: http.Header{},
582 Properties: func() smithy.Properties {
583 var out smithy.Properties
584 smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
585 {
586 SchemeID: "aws.auth#sigv4",
587 SignerProperties: func() smithy.Properties {
588 var sp smithy.Properties
589 smithyhttp.SetSigV4SigningName(&sp, "sts")
590 smithyhttp.SetSigV4ASigningName(&sp, "sts")
591
592 smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
593 return sp
594 }(),
595 },
596 })
597 return out
598 }(),
599 }, nil
600 }
601 if _Region == "eu-west-1" {
602 uriString := "https://sts.amazonaws.com"
603
604 uri, err := url.Parse(uriString)
605 if err != nil {
606 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
607 }
608
609 return smithyendpoints.Endpoint{
610 URI: *uri,
611 Headers: http.Header{},
612 Properties: func() smithy.Properties {
613 var out smithy.Properties
614 smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
615 {
616 SchemeID: "aws.auth#sigv4",
617 SignerProperties: func() smithy.Properties {
618 var sp smithy.Properties
619 smithyhttp.SetSigV4SigningName(&sp, "sts")
620 smithyhttp.SetSigV4ASigningName(&sp, "sts")
621
622 smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
623 return sp
624 }(),
625 },
626 })
627 return out
628 }(),
629 }, nil
630 }
631 if _Region == "eu-west-2" {
632 uriString := "https://sts.amazonaws.com"
633
634 uri, err := url.Parse(uriString)
635 if err != nil {
636 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
637 }
638
639 return smithyendpoints.Endpoint{
640 URI: *uri,
641 Headers: http.Header{},
642 Properties: func() smithy.Properties {
643 var out smithy.Properties
644 smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
645 {
646 SchemeID: "aws.auth#sigv4",
647 SignerProperties: func() smithy.Properties {
648 var sp smithy.Properties
649 smithyhttp.SetSigV4SigningName(&sp, "sts")
650 smithyhttp.SetSigV4ASigningName(&sp, "sts")
651
652 smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
653 return sp
654 }(),
655 },
656 })
657 return out
658 }(),
659 }, nil
660 }
661 if _Region == "eu-west-3" {
662 uriString := "https://sts.amazonaws.com"
663
664 uri, err := url.Parse(uriString)
665 if err != nil {
666 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
667 }
668
669 return smithyendpoints.Endpoint{
670 URI: *uri,
671 Headers: http.Header{},
672 Properties: func() smithy.Properties {
673 var out smithy.Properties
674 smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
675 {
676 SchemeID: "aws.auth#sigv4",
677 SignerProperties: func() smithy.Properties {
678 var sp smithy.Properties
679 smithyhttp.SetSigV4SigningName(&sp, "sts")
680 smithyhttp.SetSigV4ASigningName(&sp, "sts")
681
682 smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
683 return sp
684 }(),
685 },
686 })
687 return out
688 }(),
689 }, nil
690 }
691 if _Region == "sa-east-1" {
692 uriString := "https://sts.amazonaws.com"
693
694 uri, err := url.Parse(uriString)
695 if err != nil {
696 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
697 }
698
699 return smithyendpoints.Endpoint{
700 URI: *uri,
701 Headers: http.Header{},
702 Properties: func() smithy.Properties {
703 var out smithy.Properties
704 smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
705 {
706 SchemeID: "aws.auth#sigv4",
707 SignerProperties: func() smithy.Properties {
708 var sp smithy.Properties
709 smithyhttp.SetSigV4SigningName(&sp, "sts")
710 smithyhttp.SetSigV4ASigningName(&sp, "sts")
711
712 smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
713 return sp
714 }(),
715 },
716 })
717 return out
718 }(),
719 }, nil
720 }
721 if _Region == "us-east-1" {
722 uriString := "https://sts.amazonaws.com"
723
724 uri, err := url.Parse(uriString)
725 if err != nil {
726 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
727 }
728
729 return smithyendpoints.Endpoint{
730 URI: *uri,
731 Headers: http.Header{},
732 Properties: func() smithy.Properties {
733 var out smithy.Properties
734 smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
735 {
736 SchemeID: "aws.auth#sigv4",
737 SignerProperties: func() smithy.Properties {
738 var sp smithy.Properties
739 smithyhttp.SetSigV4SigningName(&sp, "sts")
740 smithyhttp.SetSigV4ASigningName(&sp, "sts")
741
742 smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
743 return sp
744 }(),
745 },
746 })
747 return out
748 }(),
749 }, nil
750 }
751 if _Region == "us-east-2" {
752 uriString := "https://sts.amazonaws.com"
753
754 uri, err := url.Parse(uriString)
755 if err != nil {
756 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
757 }
758
759 return smithyendpoints.Endpoint{
760 URI: *uri,
761 Headers: http.Header{},
762 Properties: func() smithy.Properties {
763 var out smithy.Properties
764 smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
765 {
766 SchemeID: "aws.auth#sigv4",
767 SignerProperties: func() smithy.Properties {
768 var sp smithy.Properties
769 smithyhttp.SetSigV4SigningName(&sp, "sts")
770 smithyhttp.SetSigV4ASigningName(&sp, "sts")
771
772 smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
773 return sp
774 }(),
775 },
776 })
777 return out
778 }(),
779 }, nil
780 }
781 if _Region == "us-west-1" {
782 uriString := "https://sts.amazonaws.com"
783
784 uri, err := url.Parse(uriString)
785 if err != nil {
786 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
787 }
788
789 return smithyendpoints.Endpoint{
790 URI: *uri,
791 Headers: http.Header{},
792 Properties: func() smithy.Properties {
793 var out smithy.Properties
794 smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
795 {
796 SchemeID: "aws.auth#sigv4",
797 SignerProperties: func() smithy.Properties {
798 var sp smithy.Properties
799 smithyhttp.SetSigV4SigningName(&sp, "sts")
800 smithyhttp.SetSigV4ASigningName(&sp, "sts")
801
802 smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
803 return sp
804 }(),
805 },
806 })
807 return out
808 }(),
809 }, nil
810 }
811 if _Region == "us-west-2" {
812 uriString := "https://sts.amazonaws.com"
813
814 uri, err := url.Parse(uriString)
815 if err != nil {
816 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
817 }
818
819 return smithyendpoints.Endpoint{
820 URI: *uri,
821 Headers: http.Header{},
822 Properties: func() smithy.Properties {
823 var out smithy.Properties
824 smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
825 {
826 SchemeID: "aws.auth#sigv4",
827 SignerProperties: func() smithy.Properties {
828 var sp smithy.Properties
829 smithyhttp.SetSigV4SigningName(&sp, "sts")
830 smithyhttp.SetSigV4ASigningName(&sp, "sts")
831
832 smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
833 return sp
834 }(),
835 },
836 })
837 return out
838 }(),
839 }, nil
840 }
841 uriString := func() string {
842 var out strings.Builder
843 out.WriteString("https://sts.")
844 out.WriteString(_Region)
845 out.WriteString(".")
846 out.WriteString(_PartitionResult.DnsSuffix)
847 return out.String()
848 }()
849
850 uri, err := url.Parse(uriString)
851 if err != nil {
852 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
853 }
854
855 return smithyendpoints.Endpoint{
856 URI: *uri,
857 Headers: http.Header{},
858 Properties: func() smithy.Properties {
859 var out smithy.Properties
860 smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
861 {
862 SchemeID: "aws.auth#sigv4",
863 SignerProperties: func() smithy.Properties {
864 var sp smithy.Properties
865 smithyhttp.SetSigV4SigningName(&sp, "sts")
866 smithyhttp.SetSigV4ASigningName(&sp, "sts")
867
868 smithyhttp.SetSigV4SigningRegion(&sp, _Region)
869 return sp
870 }(),
871 },
872 })
873 return out
874 }(),
875 }, nil
876 }
877 }
878 }
879 }
880 }
881 }
882 if exprVal := params.Endpoint; exprVal != nil {
883 _Endpoint := *exprVal
884 _ = _Endpoint
885 if _UseFIPS == true {
886 return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: FIPS and custom endpoint are not supported")
887 }
888 if _UseDualStack == true {
889 return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Dualstack and custom endpoint are not supported")
890 }
891 uriString := _Endpoint
892
893 uri, err := url.Parse(uriString)
894 if err != nil {
895 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
896 }
897
898 return smithyendpoints.Endpoint{
899 URI: *uri,
900 Headers: http.Header{},
901 }, nil
902 }
903 if exprVal := params.Region; exprVal != nil {
904 _Region := *exprVal
905 _ = _Region
906 if exprVal := awsrulesfn.GetPartition(_Region); exprVal != nil {
907 _PartitionResult := *exprVal
908 _ = _PartitionResult
909 if _UseFIPS == true {
910 if _UseDualStack == true {
911 if true == _PartitionResult.SupportsFIPS {
912 if true == _PartitionResult.SupportsDualStack {
913 uriString := func() string {
914 var out strings.Builder
915 out.WriteString("https://sts-fips.")
916 out.WriteString(_Region)
917 out.WriteString(".")
918 out.WriteString(_PartitionResult.DualStackDnsSuffix)
919 return out.String()
920 }()
921
922 uri, err := url.Parse(uriString)
923 if err != nil {
924 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
925 }
926
927 return smithyendpoints.Endpoint{
928 URI: *uri,
929 Headers: http.Header{},
930 }, nil
931 }
932 }
933 return endpoint, fmt.Errorf("endpoint rule error, %s", "FIPS and DualStack are enabled, but this partition does not support one or both")
934 }
935 }
936 if _UseFIPS == true {
937 if _PartitionResult.SupportsFIPS == true {
938 if _PartitionResult.Name == "aws-us-gov" {
939 uriString := func() string {
940 var out strings.Builder
941 out.WriteString("https://sts.")
942 out.WriteString(_Region)
943 out.WriteString(".amazonaws.com")
944 return out.String()
945 }()
946
947 uri, err := url.Parse(uriString)
948 if err != nil {
949 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
950 }
951
952 return smithyendpoints.Endpoint{
953 URI: *uri,
954 Headers: http.Header{},
955 }, nil
956 }
957 uriString := func() string {
958 var out strings.Builder
959 out.WriteString("https://sts-fips.")
960 out.WriteString(_Region)
961 out.WriteString(".")
962 out.WriteString(_PartitionResult.DnsSuffix)
963 return out.String()
964 }()
965
966 uri, err := url.Parse(uriString)
967 if err != nil {
968 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
969 }
970
971 return smithyendpoints.Endpoint{
972 URI: *uri,
973 Headers: http.Header{},
974 }, nil
975 }
976 return endpoint, fmt.Errorf("endpoint rule error, %s", "FIPS is enabled but this partition does not support FIPS")
977 }
978 if _UseDualStack == true {
979 if true == _PartitionResult.SupportsDualStack {
980 uriString := func() string {
981 var out strings.Builder
982 out.WriteString("https://sts.")
983 out.WriteString(_Region)
984 out.WriteString(".")
985 out.WriteString(_PartitionResult.DualStackDnsSuffix)
986 return out.String()
987 }()
988
989 uri, err := url.Parse(uriString)
990 if err != nil {
991 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
992 }
993
994 return smithyendpoints.Endpoint{
995 URI: *uri,
996 Headers: http.Header{},
997 }, nil
998 }
999 return endpoint, fmt.Errorf("endpoint rule error, %s", "DualStack is enabled but this partition does not support DualStack")
1000 }
1001 if _Region == "aws-global" {
1002 uriString := "https://sts.amazonaws.com"
1003
1004 uri, err := url.Parse(uriString)
1005 if err != nil {
1006 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
1007 }
1008
1009 return smithyendpoints.Endpoint{
1010 URI: *uri,
1011 Headers: http.Header{},
1012 Properties: func() smithy.Properties {
1013 var out smithy.Properties
1014 smithyauth.SetAuthOptions(&out, []*smithyauth.Option{
1015 {
1016 SchemeID: "aws.auth#sigv4",
1017 SignerProperties: func() smithy.Properties {
1018 var sp smithy.Properties
1019 smithyhttp.SetSigV4SigningName(&sp, "sts")
1020 smithyhttp.SetSigV4ASigningName(&sp, "sts")
1021
1022 smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1")
1023 return sp
1024 }(),
1025 },
1026 })
1027 return out
1028 }(),
1029 }, nil
1030 }
1031 uriString := func() string {
1032 var out strings.Builder
1033 out.WriteString("https://sts.")
1034 out.WriteString(_Region)
1035 out.WriteString(".")
1036 out.WriteString(_PartitionResult.DnsSuffix)
1037 return out.String()
1038 }()
1039
1040 uri, err := url.Parse(uriString)
1041 if err != nil {
1042 return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
1043 }
1044
1045 return smithyendpoints.Endpoint{
1046 URI: *uri,
1047 Headers: http.Header{},
1048 }, nil
1049 }
1050 return endpoint, fmt.Errorf("Endpoint resolution failed. Invalid operation or environment input.")
1051 }
1052 return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Missing Region")
1053}
1054
1055type endpointParamsBinder interface {
1056 bindEndpointParams(*EndpointParameters)
1057}
1058
1059func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters {
1060 params := &EndpointParameters{}
1061
1062 params.Region = bindRegion(options.Region)
1063 params.UseDualStack = aws.Bool(options.EndpointOptions.UseDualStackEndpoint == aws.DualStackEndpointStateEnabled)
1064 params.UseFIPS = aws.Bool(options.EndpointOptions.UseFIPSEndpoint == aws.FIPSEndpointStateEnabled)
1065 params.Endpoint = options.BaseEndpoint
1066
1067 if b, ok := input.(endpointParamsBinder); ok {
1068 b.bindEndpointParams(params)
1069 }
1070
1071 return params
1072}
1073
1074type resolveEndpointV2Middleware struct {
1075 options Options
1076}
1077
1078func (*resolveEndpointV2Middleware) ID() string {
1079 return "ResolveEndpointV2"
1080}
1081
1082func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
1083 out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
1084) {
1085 if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
1086 return next.HandleFinalize(ctx, in)
1087 }
1088
1089 if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil {
1090 return out, metadata, fmt.Errorf("invalid accountID set: %w", err)
1091 }
1092
1093 req, ok := in.Request.(*smithyhttp.Request)
1094 if !ok {
1095 return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
1096 }
1097
1098 if m.options.EndpointResolverV2 == nil {
1099 return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
1100 }
1101
1102 params := bindEndpointParams(ctx, getOperationInput(ctx), m.options)
1103 endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params)
1104 if err != nil {
1105 return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
1106 }
1107
1108 if endpt.URI.RawPath == "" && req.URL.RawPath != "" {
1109 endpt.URI.RawPath = endpt.URI.Path
1110 }
1111 req.URL.Scheme = endpt.URI.Scheme
1112 req.URL.Host = endpt.URI.Host
1113 req.URL.Path = smithyhttp.JoinPath(endpt.URI.Path, req.URL.Path)
1114 req.URL.RawPath = smithyhttp.JoinPath(endpt.URI.RawPath, req.URL.RawPath)
1115 for k := range endpt.Headers {
1116 req.Header.Set(k, endpt.Headers.Get(k))
1117 }
1118
1119 rscheme := getResolvedAuthScheme(ctx)
1120 if rscheme == nil {
1121 return out, metadata, fmt.Errorf("no resolved auth scheme")
1122 }
1123
1124 opts, _ := smithyauth.GetAuthOptions(&endpt.Properties)
1125 for _, o := range opts {
1126 rscheme.SignerProperties.SetAll(&o.SignerProperties)
1127 }
1128
1129 return next.HandleFinalize(ctx, in)
1130}