VictoriaMetrics/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/endpoints.go

551 lines
17 KiB
Go
Raw Normal View History

// Code generated by smithy-go-codegen DO NOT EDIT.
package ssooidc
import (
"context"
"errors"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
2023-11-02 21:03:35 +01:00
internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources"
2023-11-16 20:20:27 +01:00
"github.com/aws/aws-sdk-go-v2/internal/endpoints"
2023-08-11 16:16:25 +02:00
"github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn"
internalendpoints "github.com/aws/aws-sdk-go-v2/service/ssooidc/internal/endpoints"
2023-11-16 20:20:27 +01:00
smithyauth "github.com/aws/smithy-go/auth"
2023-08-11 16:16:25 +02:00
smithyendpoints "github.com/aws/smithy-go/endpoints"
"github.com/aws/smithy-go/middleware"
2023-08-11 16:16:25 +02:00
"github.com/aws/smithy-go/ptr"
smithyhttp "github.com/aws/smithy-go/transport/http"
2023-08-11 16:16:25 +02:00
"net/http"
"net/url"
2023-11-02 21:03:35 +01:00
"os"
"strings"
)
// EndpointResolverOptions is the service endpoint resolver options
type EndpointResolverOptions = internalendpoints.Options
// EndpointResolver interface for resolving service endpoints.
type EndpointResolver interface {
ResolveEndpoint(region string, options EndpointResolverOptions) (aws.Endpoint, error)
}
var _ EndpointResolver = &internalendpoints.Resolver{}
// NewDefaultEndpointResolver constructs a new service endpoint resolver
func NewDefaultEndpointResolver() *internalendpoints.Resolver {
return internalendpoints.New()
}
// EndpointResolverFunc is a helper utility that wraps a function so it satisfies
// the EndpointResolver interface. This is useful when you want to add additional
// endpoint resolving logic, or stub out specific endpoints with custom values.
type EndpointResolverFunc func(region string, options EndpointResolverOptions) (aws.Endpoint, error)
func (fn EndpointResolverFunc) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error) {
return fn(region, options)
}
// EndpointResolverFromURL returns an EndpointResolver configured using the
// provided endpoint url. By default, the resolved endpoint resolver uses the
// client region as signing region, and the endpoint source is set to
// EndpointSourceCustom.You can provide functional options to configure endpoint
// values for the resolved endpoint.
func EndpointResolverFromURL(url string, optFns ...func(*aws.Endpoint)) EndpointResolver {
e := aws.Endpoint{URL: url, Source: aws.EndpointSourceCustom}
for _, fn := range optFns {
fn(&e)
}
return EndpointResolverFunc(
func(region string, options EndpointResolverOptions) (aws.Endpoint, error) {
if len(e.SigningRegion) == 0 {
e.SigningRegion = region
}
return e, nil
},
)
}
type ResolveEndpoint struct {
Resolver EndpointResolver
Options EndpointResolverOptions
}
func (*ResolveEndpoint) ID() string {
return "ResolveEndpoint"
}
func (m *ResolveEndpoint) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
out middleware.SerializeOutput, metadata middleware.Metadata, err error,
) {
2023-08-11 16:16:25 +02:00
if !awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleSerialize(ctx, in)
}
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.Resolver == nil {
return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
}
eo := m.Options
eo.Logger = middleware.GetLogger(ctx)
var endpoint aws.Endpoint
endpoint, err = m.Resolver.ResolveEndpoint(awsmiddleware.GetRegion(ctx), eo)
if err != nil {
2023-08-11 16:16:25 +02:00
nf := (&aws.EndpointNotFoundError{})
if errors.As(err, &nf) {
ctx = awsmiddleware.SetRequiresLegacyEndpoints(ctx, false)
return next.HandleSerialize(ctx, in)
}
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
req.URL, err = url.Parse(endpoint.URL)
if err != nil {
return out, metadata, fmt.Errorf("failed to parse endpoint URL: %w", err)
}
if len(awsmiddleware.GetSigningName(ctx)) == 0 {
signingName := endpoint.SigningName
if len(signingName) == 0 {
2023-12-11 09:48:36 +01:00
signingName = "sso-oauth"
}
ctx = awsmiddleware.SetSigningName(ctx, signingName)
}
ctx = awsmiddleware.SetEndpointSource(ctx, endpoint.Source)
ctx = smithyhttp.SetHostnameImmutable(ctx, endpoint.HostnameImmutable)
ctx = awsmiddleware.SetSigningRegion(ctx, endpoint.SigningRegion)
ctx = awsmiddleware.SetPartitionID(ctx, endpoint.PartitionID)
return next.HandleSerialize(ctx, in)
}
func addResolveEndpointMiddleware(stack *middleware.Stack, o Options) error {
return stack.Serialize.Insert(&ResolveEndpoint{
Resolver: o.EndpointResolver,
Options: o.EndpointOptions,
}, "OperationSerializer", middleware.Before)
}
func removeResolveEndpointMiddleware(stack *middleware.Stack) error {
_, err := stack.Serialize.Remove((&ResolveEndpoint{}).ID())
return err
}
type wrappedEndpointResolver struct {
awsResolver aws.EndpointResolverWithOptions
}
func (w *wrappedEndpointResolver) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error) {
2023-08-11 16:16:25 +02:00
return w.awsResolver.ResolveEndpoint(ServiceID, region, options)
}
type awsEndpointResolverAdaptor func(service, region string) (aws.Endpoint, error)
func (a awsEndpointResolverAdaptor) ResolveEndpoint(service, region string, options ...interface{}) (aws.Endpoint, error) {
return a(service, region)
}
var _ aws.EndpointResolverWithOptions = awsEndpointResolverAdaptor(nil)
2023-08-11 16:16:25 +02:00
// withEndpointResolver returns an aws.EndpointResolverWithOptions that first delegates endpoint resolution to the awsResolver.
// If awsResolver returns aws.EndpointNotFoundError error, the v1 resolver middleware will swallow the error,
// and set an appropriate context flag such that fallback will occur when EndpointResolverV2 is invoked
// via its middleware.
//
2023-08-11 16:16:25 +02:00
// If another error (besides aws.EndpointNotFoundError) is returned, then that error will be propagated.
func withEndpointResolver(awsResolver aws.EndpointResolver, awsResolverWithOptions aws.EndpointResolverWithOptions) EndpointResolver {
var resolver aws.EndpointResolverWithOptions
if awsResolverWithOptions != nil {
resolver = awsResolverWithOptions
} else if awsResolver != nil {
resolver = awsEndpointResolverAdaptor(awsResolver.ResolveEndpoint)
}
return &wrappedEndpointResolver{
awsResolver: resolver,
}
}
func finalizeClientEndpointResolverOptions(options *Options) {
options.EndpointOptions.LogDeprecated = options.ClientLogMode.IsDeprecatedUsage()
if len(options.EndpointOptions.ResolvedRegion) == 0 {
const fipsInfix = "-fips-"
const fipsPrefix = "fips-"
const fipsSuffix = "-fips"
if strings.Contains(options.Region, fipsInfix) ||
strings.Contains(options.Region, fipsPrefix) ||
strings.Contains(options.Region, fipsSuffix) {
options.EndpointOptions.ResolvedRegion = strings.ReplaceAll(strings.ReplaceAll(strings.ReplaceAll(
options.Region, fipsInfix, "-"), fipsPrefix, ""), fipsSuffix, "")
options.EndpointOptions.UseFIPSEndpoint = aws.FIPSEndpointStateEnabled
}
}
}
2023-08-11 16:16:25 +02:00
func resolveEndpointResolverV2(options *Options) {
if options.EndpointResolverV2 == nil {
options.EndpointResolverV2 = NewDefaultEndpointResolverV2()
}
}
2023-11-02 21:03:35 +01:00
func resolveBaseEndpoint(cfg aws.Config, o *Options) {
if cfg.BaseEndpoint != nil {
o.BaseEndpoint = cfg.BaseEndpoint
}
_, g := os.LookupEnv("AWS_ENDPOINT_URL")
_, s := os.LookupEnv("AWS_ENDPOINT_URL_SSO_OIDC")
if g && !s {
return
}
value, found, err := internalConfig.ResolveServiceBaseEndpoint(context.Background(), "SSO OIDC", cfg.ConfigSources)
if found && err == nil {
o.BaseEndpoint = &value
}
}
2024-02-24 02:22:39 +01:00
func bindRegion(region string) *string {
if region == "" {
return nil
}
return aws.String(endpoints.MapFIPSRegion(region))
}
2023-08-11 16:16:25 +02:00
// EndpointParameters provides the parameters that influence how endpoints are
// resolved.
type EndpointParameters struct {
// The AWS region used to dispatch the request.
//
// Parameter is
// required.
//
// AWS::Region
Region *string
// When true, use the dual-stack endpoint. If the configured endpoint does not
// support dual-stack, dispatching the request MAY return an error.
//
// Defaults to
// false if no value is provided.
//
// AWS::UseDualStack
UseDualStack *bool
// When true, send this request to the FIPS-compliant regional endpoint. If the
// configured endpoint does not have a FIPS compliant endpoint, dispatching the
// request will return an error.
//
// Defaults to false if no value is
// provided.
//
// AWS::UseFIPS
UseFIPS *bool
// Override the endpoint used to send this request
//
// Parameter is
// required.
//
// SDK::Endpoint
Endpoint *string
}
// ValidateRequired validates required parameters are set.
func (p EndpointParameters) ValidateRequired() error {
if p.UseDualStack == nil {
return fmt.Errorf("parameter UseDualStack is required")
}
if p.UseFIPS == nil {
return fmt.Errorf("parameter UseFIPS is required")
}
return nil
}
// WithDefaults returns a shallow copy of EndpointParameterswith default values
// applied to members where applicable.
func (p EndpointParameters) WithDefaults() EndpointParameters {
if p.UseDualStack == nil {
p.UseDualStack = ptr.Bool(false)
}
if p.UseFIPS == nil {
p.UseFIPS = ptr.Bool(false)
}
return p
}
2024-07-03 00:00:09 +02:00
type stringSlice []string
func (s stringSlice) Get(i int) *string {
if i < 0 || i >= len(s) {
return nil
}
v := s[i]
return &v
}
2023-08-11 16:16:25 +02:00
// EndpointResolverV2 provides the interface for resolving service endpoints.
type EndpointResolverV2 interface {
// ResolveEndpoint attempts to resolve the endpoint with the provided options,
// returning the endpoint if found. Otherwise an error is returned.
ResolveEndpoint(ctx context.Context, params EndpointParameters) (
smithyendpoints.Endpoint, error,
)
}
// resolver provides the implementation for resolving endpoints.
type resolver struct{}
func NewDefaultEndpointResolverV2() EndpointResolverV2 {
return &resolver{}
}
// ResolveEndpoint attempts to resolve the endpoint with the provided options,
// returning the endpoint if found. Otherwise an error is returned.
func (r *resolver) ResolveEndpoint(
ctx context.Context, params EndpointParameters,
) (
endpoint smithyendpoints.Endpoint, err error,
) {
params = params.WithDefaults()
if err = params.ValidateRequired(); err != nil {
return endpoint, fmt.Errorf("endpoint parameters are not valid, %w", err)
}
_UseDualStack := *params.UseDualStack
_UseFIPS := *params.UseFIPS
if exprVal := params.Endpoint; exprVal != nil {
_Endpoint := *exprVal
_ = _Endpoint
if _UseFIPS == true {
return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: FIPS and custom endpoint are not supported")
}
if _UseDualStack == true {
return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Dualstack and custom endpoint are not supported")
}
uriString := _Endpoint
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
}, nil
}
if exprVal := params.Region; exprVal != nil {
_Region := *exprVal
_ = _Region
if exprVal := awsrulesfn.GetPartition(_Region); exprVal != nil {
_PartitionResult := *exprVal
_ = _PartitionResult
if _UseFIPS == true {
if _UseDualStack == true {
if true == _PartitionResult.SupportsFIPS {
if true == _PartitionResult.SupportsDualStack {
uriString := func() string {
var out strings.Builder
out.WriteString("https://oidc-fips.")
out.WriteString(_Region)
out.WriteString(".")
out.WriteString(_PartitionResult.DualStackDnsSuffix)
return out.String()
}()
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
}, nil
}
}
return endpoint, fmt.Errorf("endpoint rule error, %s", "FIPS and DualStack are enabled, but this partition does not support one or both")
}
}
if _UseFIPS == true {
2023-12-11 09:48:36 +01:00
if _PartitionResult.SupportsFIPS == true {
if _PartitionResult.Name == "aws-us-gov" {
2023-10-02 21:49:16 +02:00
uriString := func() string {
var out strings.Builder
out.WriteString("https://oidc.")
out.WriteString(_Region)
out.WriteString(".amazonaws.com")
return out.String()
}()
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
}, nil
}
2023-08-11 16:16:25 +02:00
uriString := func() string {
var out strings.Builder
out.WriteString("https://oidc-fips.")
out.WriteString(_Region)
out.WriteString(".")
out.WriteString(_PartitionResult.DnsSuffix)
return out.String()
}()
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
}, nil
}
return endpoint, fmt.Errorf("endpoint rule error, %s", "FIPS is enabled but this partition does not support FIPS")
}
if _UseDualStack == true {
if true == _PartitionResult.SupportsDualStack {
uriString := func() string {
var out strings.Builder
out.WriteString("https://oidc.")
out.WriteString(_Region)
out.WriteString(".")
out.WriteString(_PartitionResult.DualStackDnsSuffix)
return out.String()
}()
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
}, nil
}
return endpoint, fmt.Errorf("endpoint rule error, %s", "DualStack is enabled but this partition does not support DualStack")
}
uriString := func() string {
var out strings.Builder
out.WriteString("https://oidc.")
out.WriteString(_Region)
out.WriteString(".")
out.WriteString(_PartitionResult.DnsSuffix)
return out.String()
}()
uri, err := url.Parse(uriString)
if err != nil {
return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString)
}
return smithyendpoints.Endpoint{
URI: *uri,
Headers: http.Header{},
}, nil
}
return endpoint, fmt.Errorf("Endpoint resolution failed. Invalid operation or environment input.")
}
return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Missing Region")
}
2023-11-16 20:20:27 +01:00
type endpointParamsBinder interface {
bindEndpointParams(*EndpointParameters)
}
2024-06-24 23:08:47 +02:00
func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters {
2023-11-16 20:20:27 +01:00
params := &EndpointParameters{}
2024-02-24 02:22:39 +01:00
params.Region = bindRegion(options.Region)
2023-11-16 20:20:27 +01:00
params.UseDualStack = aws.Bool(options.EndpointOptions.UseDualStackEndpoint == aws.DualStackEndpointStateEnabled)
params.UseFIPS = aws.Bool(options.EndpointOptions.UseFIPSEndpoint == aws.FIPSEndpointStateEnabled)
params.Endpoint = options.BaseEndpoint
if b, ok := input.(endpointParamsBinder); ok {
b.bindEndpointParams(params)
}
return params
}
type resolveEndpointV2Middleware struct {
options Options
}
func (*resolveEndpointV2Middleware) ID() string {
return "ResolveEndpointV2"
}
func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
) {
if awsmiddleware.GetRequiresLegacyEndpoints(ctx) {
return next.HandleFinalize(ctx, in)
}
2024-06-24 23:08:47 +02:00
if err := checkAccountID(getIdentity(ctx), m.options.AccountIDEndpointMode); err != nil {
return out, metadata, fmt.Errorf("invalid accountID set: %w", err)
}
2023-11-16 20:20:27 +01:00
req, ok := in.Request.(*smithyhttp.Request)
if !ok {
return out, metadata, fmt.Errorf("unknown transport type %T", in.Request)
}
if m.options.EndpointResolverV2 == nil {
return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil")
}
2024-06-24 23:08:47 +02:00
params := bindEndpointParams(ctx, getOperationInput(ctx), m.options)
2023-11-16 20:20:27 +01:00
endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params)
if err != nil {
return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err)
}
if endpt.URI.RawPath == "" && req.URL.RawPath != "" {
endpt.URI.RawPath = endpt.URI.Path
}
req.URL.Scheme = endpt.URI.Scheme
req.URL.Host = endpt.URI.Host
req.URL.Path = smithyhttp.JoinPath(endpt.URI.Path, req.URL.Path)
req.URL.RawPath = smithyhttp.JoinPath(endpt.URI.RawPath, req.URL.RawPath)
for k := range endpt.Headers {
req.Header.Set(k, endpt.Headers.Get(k))
}
rscheme := getResolvedAuthScheme(ctx)
if rscheme == nil {
return out, metadata, fmt.Errorf("no resolved auth scheme")
}
opts, _ := smithyauth.GetAuthOptions(&endpt.Properties)
for _, o := range opts {
rscheme.SignerProperties.SetAll(&o.SignerProperties)
}
return next.HandleFinalize(ctx, in)
}