mirror of https://github.com/tidwall/tile38.git
Updated dependencies
This commit is contained in:
parent
43cd87dc3a
commit
b1dc463c41
40
go.mod
40
go.mod
|
@ -4,44 +4,38 @@ go 1.13
|
|||
|
||||
require (
|
||||
github.com/Shopify/sarama v1.26.4
|
||||
github.com/Shopify/toxiproxy v2.1.4+incompatible // indirect
|
||||
github.com/aws/aws-sdk-go v1.17.14
|
||||
github.com/aws/aws-sdk-go v1.34.29
|
||||
github.com/cespare/xxhash v1.1.0 // indirect
|
||||
github.com/eclipse/paho.mqtt.golang v1.1.0
|
||||
github.com/golang/protobuf v0.0.0-20170920220647-130e6b02ab05
|
||||
github.com/gomodule/redigo v2.0.1-0.20181026001555-e8fc0692a7e2+incompatible
|
||||
github.com/mmcloughlin/geohash v0.0.0-20181009053802-f7f2bcae3294
|
||||
github.com/eclipse/paho.mqtt.golang v1.2.0
|
||||
github.com/golang/protobuf v1.4.2
|
||||
github.com/gomodule/redigo v1.8.2
|
||||
github.com/mmcloughlin/geohash v0.10.0
|
||||
github.com/nats-io/gnatsd v1.4.1 // indirect
|
||||
github.com/nats-io/go-nats v1.6.0
|
||||
github.com/nats-io/nuid v1.0.0 // indirect
|
||||
github.com/peterh/liner v1.0.1-0.20170902204657-a37ad3984311
|
||||
github.com/pierrec/xxHash v0.1.1 // indirect
|
||||
github.com/streadway/amqp v0.0.0-20170926065634-cefed15a0bd8
|
||||
github.com/stretchr/testify v1.4.0 // indirect
|
||||
github.com/tidwall/btree v0.0.0-20170113224114-9876f1454cf0
|
||||
github.com/peterh/liner v1.2.0
|
||||
github.com/streadway/amqp v1.0.0
|
||||
github.com/tidwall/btree v0.0.0-20191029221954-400434d76274
|
||||
github.com/tidwall/buntdb v1.1.0
|
||||
github.com/tidwall/cities v0.0.0-20190730194520-dbe1ae0b862c // indirect
|
||||
github.com/tidwall/geoindex v1.1.0
|
||||
github.com/tidwall/geojson v1.1.13
|
||||
github.com/tidwall/gjson v1.3.2
|
||||
github.com/tidwall/geojson v1.2.3
|
||||
github.com/tidwall/gjson v1.6.1
|
||||
github.com/tidwall/grect v0.0.0-20161006141115-ba9a043346eb // indirect
|
||||
github.com/tidwall/lotsa v0.0.0-20180225195211-a03631ac7f1c // indirect
|
||||
github.com/tidwall/match v1.0.1
|
||||
github.com/tidwall/pretty v1.0.0
|
||||
github.com/tidwall/rbang v1.1.0
|
||||
github.com/tidwall/pretty v1.0.2
|
||||
github.com/tidwall/rbang v1.2.2
|
||||
github.com/tidwall/redbench v0.0.0-20181110173744-17c5b5b864a4
|
||||
github.com/tidwall/redcon v0.0.0-20171003141744-3df12143a4fe
|
||||
github.com/tidwall/redcon v1.3.2
|
||||
github.com/tidwall/resp v0.0.0-20160908231031-b2b1a7ca20e3
|
||||
github.com/tidwall/rhh v1.1.0
|
||||
github.com/tidwall/rtree v0.0.0-20180113144539-6cd427091e0e // indirect
|
||||
github.com/tidwall/sjson v1.0.2
|
||||
github.com/tidwall/sjson v1.1.1
|
||||
github.com/tidwall/tinybtree v0.0.0-20181217131827-de5932d649b5
|
||||
github.com/tidwall/tinyqueue v0.0.0-20180302190814-1e39f5511563 // indirect
|
||||
github.com/yuin/gopher-lua v0.0.0-20170915035107-eb1c7299435c
|
||||
github.com/yuin/gopher-lua v0.0.0-20200816102855-ee81675732da
|
||||
golang.org/x/crypto v0.0.0-20200204104054-c9f3fb736b72
|
||||
golang.org/x/net v0.0.0-20200202094626-16171245cfb2
|
||||
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e // indirect
|
||||
google.golang.org/genproto v0.0.0-20171002232614-f676e0f3ac63 // indirect
|
||||
google.golang.org/grpc v1.6.0
|
||||
layeh.com/gopher-json v0.0.0-20161224164157-c128cc74278b
|
||||
google.golang.org/grpc v1.32.0
|
||||
layeh.com/gopher-json v0.0.0-20190114024228-97fed8db8427
|
||||
)
|
||||
|
|
113
go.sum
113
go.sum
|
@ -1,3 +1,5 @@
|
|||
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
|
||||
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
||||
github.com/OneOfOne/xxhash v1.2.2 h1:KMrpdQIwFcEqXDklaen+P1axHaj9BSKzvpUUfnHldSE=
|
||||
github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
|
||||
github.com/Shopify/sarama v1.13.0 h1:R+4WFsmMzUxN2uiGzWXoY9apBAQnARC+B+wYvy/kC3k=
|
||||
|
@ -8,8 +10,16 @@ github.com/Shopify/toxiproxy v2.1.4+incompatible h1:TKdv8HiTLgE5wdJuEML90aBgNWso
|
|||
github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI=
|
||||
github.com/aws/aws-sdk-go v1.17.14 h1:IjqZDIQoLyZ48A93BxVrZOaIGgZPRi4nXt6WQUMJplY=
|
||||
github.com/aws/aws-sdk-go v1.17.14/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
|
||||
github.com/aws/aws-sdk-go v1.34.29 h1:4Yw8eC4nCXiIVmHJO5PD4oh0vI/df5o6cYTVzFV7vWA=
|
||||
github.com/aws/aws-sdk-go v1.34.29/go.mod h1:H7NKnBqNVzoTJpGfLrQkkD+ytBA93eiDYi/+8rV9s48=
|
||||
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
|
||||
github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko=
|
||||
github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
|
||||
github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
|
||||
github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
|
||||
github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
|
||||
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
|
||||
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
|
||||
github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
|
||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||
|
@ -28,18 +38,41 @@ github.com/eapache/queue v1.1.0 h1:YOEu7KNc61ntiQlcEeUIoDTJ2o8mQznoNvUhiigpIqc=
|
|||
github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I=
|
||||
github.com/eclipse/paho.mqtt.golang v1.1.0 h1:Em29HD1CwLHdRFnX7yfg+kBjHHw6DSDok9I+ia4znT4=
|
||||
github.com/eclipse/paho.mqtt.golang v1.1.0/go.mod h1:H9keYFcgq3Qr5OUJm/JZI/i6U7joQ8SYLhZwfeOo6Ts=
|
||||
github.com/eclipse/paho.mqtt.golang v1.2.0 h1:1F8mhG9+aO5/xpdtFkW4SxOJB67ukuDC3t2y2qayIX0=
|
||||
github.com/eclipse/paho.mqtt.golang v1.2.0/go.mod h1:H9keYFcgq3Qr5OUJm/JZI/i6U7joQ8SYLhZwfeOo6Ts=
|
||||
github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
|
||||
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
|
||||
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
|
||||
github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g=
|
||||
github.com/frankban/quicktest v1.7.2/go.mod h1:jaStnuzAqU1AJdCO0l53JDCJrVDKcS03DbaAcR7Ks/o=
|
||||
github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
|
||||
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
|
||||
github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
|
||||
github.com/golang/protobuf v0.0.0-20170920220647-130e6b02ab05 h1:Kesru7U6Mhpf/x7rthxAKnr586VFmoE2NdEvkOKvfjg=
|
||||
github.com/golang/protobuf v0.0.0-20170920220647-130e6b02ab05/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||
github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||
github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
|
||||
github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
|
||||
github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
|
||||
github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
|
||||
github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
|
||||
github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
|
||||
github.com/golang/protobuf v1.4.2 h1:+Z5KGCizgyZCbGh1KZqA0fcLLkwbsjIzS4aV2v7wJX0=
|
||||
github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
|
||||
github.com/golang/snappy v0.0.0-20170215233205-553a64147049 h1:K9KHZbXKpGydfDN0aZrsoHpLJlZsBrGMFWbgLDGnPZk=
|
||||
github.com/golang/snappy v0.0.0-20170215233205-553a64147049/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
|
||||
github.com/golang/snappy v0.0.1 h1:Qgr9rKW7uDUkrbSmQeiDsGa8SjGyCOGtuasMWwvp2P4=
|
||||
github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
|
||||
github.com/gomodule/redigo v1.7.0 h1:ZKld1VOtsGhAe37E7wMxEDgAlGM5dvFY+DiOhSkhP9Y=
|
||||
github.com/gomodule/redigo v1.8.2 h1:H5XSIre1MB5NbPYFp+i1NBbb5qN1W8Y8YAQoAYbkm8k=
|
||||
github.com/gomodule/redigo v1.8.2/go.mod h1:P9dn9mFrCBvWhGE1wpxx6fgq7BAeLBk+UUUzlpkBYO0=
|
||||
github.com/gomodule/redigo v2.0.0+incompatible h1:K/R+8tc58AaqLkqG2Ol3Qk+DR/TlNuhuh457pBFPtt0=
|
||||
github.com/gomodule/redigo v2.0.1-0.20181026001555-e8fc0692a7e2+incompatible h1:H4S5GVLXZxCnS6q3+HrRBu/ObgobnAHg92tWG8cLfX8=
|
||||
github.com/gomodule/redigo v2.0.1-0.20181026001555-e8fc0692a7e2+incompatible/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4=
|
||||
github.com/gomodule/redigo/redis v0.0.0-do-not-use h1:J7XIp6Kau0WoyT4JtXHT3Ei0gA1KkSc6bc87j9v9WIo=
|
||||
github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
|
||||
github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
|
||||
github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
|
||||
github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||
github.com/hashicorp/go-uuid v1.0.2 h1:cfejS+Tpcp13yd5nYHWDI6qVCny6wyX2Mt5SGur2IGE=
|
||||
|
@ -48,14 +81,21 @@ github.com/jcmturner/gofork v1.0.0 h1:J7uCkflzTEhUZ64xqKnkDxq3kzc96ajM1Gli5ktUem
|
|||
github.com/jcmturner/gofork v1.0.0/go.mod h1:MK8+TM0La+2rjBD4jE12Kj1pCCxK7d2LK/UM3ncEo0o=
|
||||
github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af h1:pmfjZENx5imkbgOkpRUYLnmbU7UEFbjtDA2hxJ1ichM=
|
||||
github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
|
||||
github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
|
||||
github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
|
||||
github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
|
||||
github.com/klauspost/compress v1.9.8 h1:VMAMUUOh+gaxKTMk+zqbjsSjsIcUcL/LF4o63i82QyA=
|
||||
github.com/klauspost/compress v1.9.8/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A=
|
||||
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
|
||||
github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
|
||||
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
||||
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||
github.com/mattn/go-runewidth v0.0.3 h1:a+kO+98RDGEfo6asOGMmpodZq4FNtnGP54yps8BzLR4=
|
||||
github.com/mattn/go-runewidth v0.0.3/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU=
|
||||
github.com/mmcloughlin/geohash v0.0.0-20181009053802-f7f2bcae3294 h1:QlTAK00UrY80KK9Da+foE04AjxhXFrgp87aZB6yfU5c=
|
||||
github.com/mmcloughlin/geohash v0.0.0-20181009053802-f7f2bcae3294/go.mod h1:oNZxQo5yWJh0eMQEP/8hwQuVx9Z9tjwFUqcTB1SmG0c=
|
||||
github.com/mmcloughlin/geohash v0.10.0 h1:9w1HchfDfdeLc+jFEf/04D27KP7E2QmpDu52wPbJWRE=
|
||||
github.com/mmcloughlin/geohash v0.10.0/go.mod h1:oNZxQo5yWJh0eMQEP/8hwQuVx9Z9tjwFUqcTB1SmG0c=
|
||||
github.com/nats-io/gnatsd v1.4.1 h1:RconcfDeWpKCD6QIIwiVFcvForlXpWeJP7i5/lDLy44=
|
||||
github.com/nats-io/gnatsd v1.4.1/go.mod h1:nqco77VO78hLCJpIcVfygDP2rPGfsEHkGTUk94uh5DQ=
|
||||
github.com/nats-io/go-nats v1.6.0 h1:FznPwMfrVwGnSCh7JTXyJDRW0TIkD4Tr+M1LPJt9T70=
|
||||
|
@ -64,14 +104,18 @@ github.com/nats-io/nuid v1.0.0 h1:44QGdhbiANq8ZCbUkdn6W5bqtg+mHuDE4wOUuxxndFs=
|
|||
github.com/nats-io/nuid v1.0.0/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c=
|
||||
github.com/peterh/liner v1.0.1-0.20170902204657-a37ad3984311 h1:IQrJrnseUVEdTXQpnWjks3LRNuYyydpK+A4k6oYXYHk=
|
||||
github.com/peterh/liner v1.0.1-0.20170902204657-a37ad3984311/go.mod h1:xIteQHvHuaLYG9IFj6mSxM0fCKrs34IrEQUhOYuGPHc=
|
||||
github.com/peterh/liner v1.2.0 h1:w/UPXyl5GfahFxcTOz2j9wCIHNI+pUPr2laqpojKNCg=
|
||||
github.com/peterh/liner v1.2.0/go.mod h1:CRroGNssyjTd/qIG2FyxByd2S8JEAZXBl4qUrZf8GS0=
|
||||
github.com/pierrec/lz4 v1.0.1 h1:w6GMGWSsCI04fTM8wQRdnW74MuJISakuUU0onU0TYB4=
|
||||
github.com/pierrec/lz4 v1.0.1/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
|
||||
github.com/pierrec/lz4 v2.4.1+incompatible h1:mFe7ttWaflA46Mhqh+jUfjp2qTbPYxLB2/OyBppH9dg=
|
||||
github.com/pierrec/lz4 v2.4.1+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
|
||||
github.com/pierrec/xxHash v0.1.1 h1:KP4NrV9023xp3M4FkTYfcXqWigsOCImL1ANJ7sh5vg4=
|
||||
github.com/pierrec/xxHash v0.1.1/go.mod h1:w2waW5Zoa/Wc4Yqe0wgrIYAGKqRMf7czn2HNKXmuL+I=
|
||||
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||
github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
|
||||
github.com/rcrowley/go-metrics v0.0.0-20161128210544-1f30fe9094a5 h1:gwcdIpH6NU2iF8CmcqD+CP6+1CkRBOhHaPR+iu6raBY=
|
||||
github.com/rcrowley/go-metrics v0.0.0-20161128210544-1f30fe9094a5/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
|
||||
github.com/rcrowley/go-metrics v0.0.0-20190826022208-cac0b30c2563 h1:dY6ETXrvDG7Sa4vE8ZQG4yqWg6UnOcbqTAahkV813vQ=
|
||||
|
@ -80,17 +124,26 @@ github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72 h1:qLC7fQah7D6K1
|
|||
github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
|
||||
github.com/streadway/amqp v0.0.0-20170926065634-cefed15a0bd8 h1:q2L3Zhh0RscQeFIJRFshSq3DtZPE0ts8q3F+oyUxw/c=
|
||||
github.com/streadway/amqp v0.0.0-20170926065634-cefed15a0bd8/go.mod h1:1WNBiOZtZQLpVAyu0iTduoJL9hEsMloAK5XWrtW0xdY=
|
||||
github.com/streadway/amqp v1.0.0 h1:kuuDrUJFZL1QYL9hUNuCxNObNzB0bV/ZG5jV3RWAQgo=
|
||||
github.com/streadway/amqp v1.0.0/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw=
|
||||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||
github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
|
||||
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
|
||||
github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
|
||||
github.com/tidwall/btree v0.0.0-20170113224114-9876f1454cf0 h1:QnyrPZZvPmR0AtJCxxfCtI1qN+fYpKTKJ/5opWmZ34k=
|
||||
github.com/tidwall/btree v0.0.0-20170113224114-9876f1454cf0/go.mod h1:huei1BkDWJ3/sLXmO+bsCNELL+Bp2Kks9OLyQFkzvA8=
|
||||
github.com/tidwall/btree v0.0.0-20191029221954-400434d76274 h1:G6Z6HvJuPjG6XfNGi/feOATzeJrfgTNJY+rGrHbA04E=
|
||||
github.com/tidwall/btree v0.0.0-20191029221954-400434d76274/go.mod h1:huei1BkDWJ3/sLXmO+bsCNELL+Bp2Kks9OLyQFkzvA8=
|
||||
github.com/tidwall/buntdb v1.1.0 h1:H6LzK59KiNjf1nHVPFrYj4Qnl8d8YLBsYamdL8N+Bao=
|
||||
github.com/tidwall/buntdb v1.1.0/go.mod h1:Y39xhcDW10WlyYXeLgGftXVbjtM0QP+/kpz8xl9cbzE=
|
||||
github.com/tidwall/buntdb v1.1.2 h1:noCrqQXL9EKMtcdwJcmuVKSEjqu1ua99RHHgbLTEHRo=
|
||||
github.com/tidwall/buntdb v1.1.2/go.mod h1:xAzi36Hir4FarpSHyfuZ6JzPJdjRZ8QlLZSntE2mqlI=
|
||||
github.com/tidwall/cities v0.0.0-20190730194520-dbe1ae0b862c h1:K/6v4woP8qym96ZKorm6mbOhEs3xhlJoEQWiJ5WT7mw=
|
||||
github.com/tidwall/cities v0.0.0-20190730194520-dbe1ae0b862c/go.mod h1:lV/HDp2gCcRcHJWqgt6Di54GiDrTZwh1aG2ZUPNbqa4=
|
||||
github.com/tidwall/geoindex v1.1.0 h1:d/pGCgKUonfQINd1235kKqx9gWBU4N7GjDS9WvbPvLY=
|
||||
github.com/tidwall/geoindex v1.1.0/go.mod h1:3gTa91BW+eiVIipuR6aU1Y9Sa0q75b1teE/NP2vfsTc=
|
||||
github.com/tidwall/geoindex v1.4.0 h1:6O8bwdRrNDwLzPSb6AhuyBW27PSa24Pa4I70fnoiBGI=
|
||||
github.com/tidwall/geoindex v1.4.0/go.mod h1:3gTa91BW+eiVIipuR6aU1Y9Sa0q75b1teE/NP2vfsTc=
|
||||
github.com/tidwall/geojson v1.1.8 h1:n/WT/PG0OEHrxUJQoeqkupWDt3pwbHMynl6OF9xKIM0=
|
||||
github.com/tidwall/geojson v1.1.8/go.mod h1:tBjfxeALRFLc25LLpjtWzy2nIrNmW1ze1EAhLtd8+QQ=
|
||||
github.com/tidwall/geojson v1.1.10 h1:ALzsrTn62pq65DudSQpYDjjCUaq6dP1XQm51GVYgJyo=
|
||||
|
@ -99,22 +152,37 @@ github.com/tidwall/geojson v1.1.12 h1:Ol83kqH2zeYJHP16xteZtr8VRukIXeF/TqVvJodM41
|
|||
github.com/tidwall/geojson v1.1.12/go.mod h1:tBjfxeALRFLc25LLpjtWzy2nIrNmW1ze1EAhLtd8+QQ=
|
||||
github.com/tidwall/geojson v1.1.13 h1:P7f58SrQgyb9k3HjKStRLug4i/0U+1MJ00f/4Z92wcM=
|
||||
github.com/tidwall/geojson v1.1.13/go.mod h1:tBjfxeALRFLc25LLpjtWzy2nIrNmW1ze1EAhLtd8+QQ=
|
||||
github.com/tidwall/geojson v1.2.3 h1:z//3h73oC+EkQ1TQr0oLbk7fKtGqAYkhSILtFZi1j8w=
|
||||
github.com/tidwall/geojson v1.2.3/go.mod h1:tBjfxeALRFLc25LLpjtWzy2nIrNmW1ze1EAhLtd8+QQ=
|
||||
github.com/tidwall/gjson v1.3.2 h1:+7p3qQFaH3fOMXAJSrdZwGKcOO/lYdGS0HqGhPqDdTI=
|
||||
github.com/tidwall/gjson v1.3.2/go.mod h1:P256ACg0Mn+j1RXIDXoss50DeIABTYK1PULOJHhxOls=
|
||||
github.com/tidwall/gjson v1.3.4/go.mod h1:P256ACg0Mn+j1RXIDXoss50DeIABTYK1PULOJHhxOls=
|
||||
github.com/tidwall/gjson v1.6.0/go.mod h1:P256ACg0Mn+j1RXIDXoss50DeIABTYK1PULOJHhxOls=
|
||||
github.com/tidwall/gjson v1.6.1 h1:LRbvNuNuvAiISWg6gxLEFuCe72UKy5hDqhxW/8183ws=
|
||||
github.com/tidwall/gjson v1.6.1/go.mod h1:BaHyNc5bjzYkPqgLq7mdVzeiRtULKULXLgZFKsxEHI0=
|
||||
github.com/tidwall/grect v0.0.0-20161006141115-ba9a043346eb h1:5NSYaAdrnblKByzd7XByQEJVT8+9v0W/tIY0Oo4OwrE=
|
||||
github.com/tidwall/grect v0.0.0-20161006141115-ba9a043346eb/go.mod h1:lKYYLFIr9OIgdgrtgkZ9zgRxRdvPYsExnYBsEAd8W5M=
|
||||
github.com/tidwall/lotsa v0.0.0-20180225195211-a03631ac7f1c h1:RPDCLM+i790uM7bB5TqKW5eFKbX1k5zZUsHVhZd2r/c=
|
||||
github.com/tidwall/lotsa v0.0.0-20180225195211-a03631ac7f1c/go.mod h1:X6NiU+4yHA3fE3Puvpnn1XMDrFZrE9JO2/w+UMuqgR8=
|
||||
github.com/tidwall/lotsa v1.0.1 h1:w4gpDvI7RdkgbMC0q5ndKqG2ffrwCgerUY/gM2TYkH4=
|
||||
github.com/tidwall/lotsa v1.0.1/go.mod h1:X6NiU+4yHA3fE3Puvpnn1XMDrFZrE9JO2/w+UMuqgR8=
|
||||
github.com/tidwall/match v1.0.1 h1:PnKP62LPNxHKTwvHHZZzdOAOCtsJTjo6dZLCwpKm5xc=
|
||||
github.com/tidwall/match v1.0.1/go.mod h1:LujAq0jyVjBy028G1WhWfIzbpQfMO8bBZ6Tyb0+pL9E=
|
||||
github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4=
|
||||
github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
|
||||
github.com/tidwall/pretty v1.0.1/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
|
||||
github.com/tidwall/pretty v1.0.2 h1:Z7S3cePv9Jwm1KwS0513MRaoUe3S01WPbLNV40pwWZU=
|
||||
github.com/tidwall/pretty v1.0.2/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
|
||||
github.com/tidwall/rbang v1.1.0 h1:egck3fUlFlNj93odJC1TdcqFCcqfWq0qMH6HTwpXWUQ=
|
||||
github.com/tidwall/rbang v1.1.0/go.mod h1:aMGOM1Wj50tooEO/0aO9j+7gyHUs3bUW0t4Q+xiuOjg=
|
||||
github.com/tidwall/rbang v1.2.2 h1:j5JZDSsybpGzCabqFpabaQNU5MCmIrlThXVUF7LD99I=
|
||||
github.com/tidwall/rbang v1.2.2/go.mod h1:aMGOM1Wj50tooEO/0aO9j+7gyHUs3bUW0t4Q+xiuOjg=
|
||||
github.com/tidwall/redbench v0.0.0-20181110173744-17c5b5b864a4 h1:W7pJCltjA/nrESHhV47Y01p2gFdInOY9qkq69uEzN0o=
|
||||
github.com/tidwall/redbench v0.0.0-20181110173744-17c5b5b864a4/go.mod h1:zxcRGCq/JcqV48YjK9WxBNJL7JSpMzbLXaHvMcnanKQ=
|
||||
github.com/tidwall/redcon v0.0.0-20171003141744-3df12143a4fe h1:GtV/vMtn3FYTSRAoIgQqcjc4/Huw16xy5t7djUnzc6k=
|
||||
github.com/tidwall/redcon v0.0.0-20171003141744-3df12143a4fe/go.mod h1:bdYBm4rlcWpst2XMwKVzWDF9CoUxEbUmM7CQrKeOZas=
|
||||
github.com/tidwall/redcon v1.3.2 h1:8INx/Nm3VSUbDUT16TH1rMgYQsbXNqy9xcX70edHXbo=
|
||||
github.com/tidwall/redcon v1.3.2/go.mod h1:bdYBm4rlcWpst2XMwKVzWDF9CoUxEbUmM7CQrKeOZas=
|
||||
github.com/tidwall/resp v0.0.0-20160908231031-b2b1a7ca20e3 h1:+weN0RLHfv5fugOSyHPxbY9feCqi6JnLBFsq8Jvx7/E=
|
||||
github.com/tidwall/resp v0.0.0-20160908231031-b2b1a7ca20e3/go.mod h1:18xEj855iMY2bK6tNF2A4x+nZy5gWO1iO7OOl3jETKw=
|
||||
github.com/tidwall/rhh v1.1.0 h1:U+3RGzEB6VoBBkLlsAaF3ThjwZ0JGibplJhDin5Ub/Y=
|
||||
|
@ -123,28 +191,48 @@ github.com/tidwall/rtree v0.0.0-20180113144539-6cd427091e0e h1:+NL1GDIUOKxVfbp2K
|
|||
github.com/tidwall/rtree v0.0.0-20180113144539-6cd427091e0e/go.mod h1:/h+UnNGt0IhNNJLkGikcdcJqm66zGD/uJGMRxK/9+Ao=
|
||||
github.com/tidwall/sjson v1.0.2 h1:WHiiu9LsxPZazjIUPC1EGBuUqQVWJksZszl9BasNNjg=
|
||||
github.com/tidwall/sjson v1.0.2/go.mod h1:bURseu1nuBkFpIES5cz6zBtjmYeOQmEESshn7VpF15Y=
|
||||
github.com/tidwall/sjson v1.1.1 h1:7h1vk049Jnd5EH9NyzNiEuwYW4b5qgreBbqRC19AS3U=
|
||||
github.com/tidwall/sjson v1.1.1/go.mod h1:yvVuSnpEQv5cYIrO+AT6kw4QVfd5SDZoGIS7/5+fZFs=
|
||||
github.com/tidwall/tinybtree v0.0.0-20181217131827-de5932d649b5 h1:NaGfypx6656w6iRmXK0buWGuYashbcFttdPe00DKUcE=
|
||||
github.com/tidwall/tinybtree v0.0.0-20181217131827-de5932d649b5/go.mod h1:0aFQG6KLQz3j57CeVgXlmKO3RSQ3myhJn2H+r84IgSY=
|
||||
github.com/tidwall/tinybtree v1.0.1 h1:g1kLLw/dCJgtH14AFqUoob0MtSfThw4xQILCGMQd8J8=
|
||||
github.com/tidwall/tinybtree v1.0.1/go.mod h1:0aFQG6KLQz3j57CeVgXlmKO3RSQ3myhJn2H+r84IgSY=
|
||||
github.com/tidwall/tinyqueue v0.0.0-20180302190814-1e39f5511563 h1:Otn9S136ELckZ3KKDyCkxapfufrqDqwmGjcHfAyXRrE=
|
||||
github.com/tidwall/tinyqueue v0.0.0-20180302190814-1e39f5511563/go.mod h1:mLqSmt7Dv/CNneF2wfcChfN1rvapyQr01LGKnKex0DQ=
|
||||
github.com/xdg/scram v0.0.0-20180814205039-7eeb5667e42c/go.mod h1:lB8K/P019DLNhemzwFU4jHLhdvlE6uDZjXFejJXr49I=
|
||||
github.com/xdg/stringprep v1.0.0/go.mod h1:Jhud4/sHMO4oL310DaZAKk9ZaJ08SJfe+sJh0HrGL1Y=
|
||||
github.com/yuin/gopher-lua v0.0.0-20170915035107-eb1c7299435c h1:BXhbeVl63cTUicr+Q/D0/BNPw59IsIcyv2cB1/xHRps=
|
||||
github.com/yuin/gopher-lua v0.0.0-20170915035107-eb1c7299435c/go.mod h1:aEV29XrmTYFr3CiRxZeGHpkvbwq+prZduBqMaascyCU=
|
||||
github.com/yuin/gopher-lua v0.0.0-20200816102855-ee81675732da h1:NimzV1aGyq29m5ukMK0AMWEhFaL/lrEOaephfuoiARg=
|
||||
github.com/yuin/gopher-lua v0.0.0-20200816102855-ee81675732da/go.mod h1:E1AXubJBdNmFERAOucpDIxNzeGfLzg0mYh+UfMWdChA=
|
||||
golang.org/x/crypto v0.0.0-20170930174604-9419663f5a44 h1:9lP3x0pW80sDI6t1UMSLA4to18W7R7imwAI/sWS9S8Q=
|
||||
golang.org/x/crypto v0.0.0-20170930174604-9419663f5a44/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
|
||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||
golang.org/x/crypto v0.0.0-20200204104054-c9f3fb736b72 h1:+ELyKg6m8UBf0nPFSqD0mi7zUfwPyXo23HNjMnXPz7w=
|
||||
golang.org/x/crypto v0.0.0-20200204104054-c9f3fb736b72/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
|
||||
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
|
||||
golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
|
||||
golang.org/x/net v0.0.0-20171004034648-a04bdaca5b32 h1:NjAulLPqFTaOxQu5S4qUMqscSu+mQdu+wMY0nfqSkuk=
|
||||
golang.org/x/net v0.0.0-20171004034648-a04bdaca5b32/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||
golang.org/x/net v0.0.0-20200202094626-16171245cfb2 h1:CCH4IOTTfewWjGOlSp+zGcjutRKlBEZQ6wTn8ozI/nI=
|
||||
golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
||||
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e h1:vcxGaoTs7kV8m5Np9uUNQin4BrLOthgV7252N8V+FwY=
|
||||
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sys v0.0.0-20170927054621-314a259e304f h1:iUy6hSM2lPBGm2d9HgXq1GqYPwcJvA8ihnWauXggYMs=
|
||||
golang.org/x/sys v0.0.0-20170927054621-314a259e304f/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20190204203706-41f3e6584952/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20190412213103-97732733099d h1:+R4KGOnez64A81RvjARKc4UT5/tI9ujCIVX+P5KiHuI=
|
||||
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
|
@ -154,11 +242,32 @@ golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
|||
golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
|
||||
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
|
||||
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||
golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||
golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
|
||||
golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
||||
golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
|
||||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
|
||||
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
|
||||
google.golang.org/genproto v0.0.0-20171002232614-f676e0f3ac63 h1:yNBw5bwywOTguAu+h6SkCUaWdEZ7ZXgfiwb2YTN1eQw=
|
||||
google.golang.org/genproto v0.0.0-20171002232614-f676e0f3ac63/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
|
||||
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
|
||||
google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55 h1:gSJIx1SDwno+2ElGhA4+qG2zF97qiUzTM+rQ0klBOcE=
|
||||
google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
|
||||
google.golang.org/grpc v1.6.0 h1:vaySXtNtPrLJFCiET8QXtfBrqq16ynklmFGaZwLcd1M=
|
||||
google.golang.org/grpc v1.6.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw=
|
||||
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
|
||||
google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
|
||||
google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
|
||||
google.golang.org/grpc v1.32.0 h1:zWTV+LMdc3kaiJMSTOFz2UgSBgx8RNQoTGiZu3fR9S0=
|
||||
google.golang.org/grpc v1.32.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
|
||||
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
|
||||
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
|
||||
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
|
||||
google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
|
||||
google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
|
||||
google.golang.org/protobuf v1.23.0 h1:4MY060fB1DLGMB/7MBTLnwQUY6+F09GEiz6SsrNqyzM=
|
||||
google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
|
@ -174,5 +283,9 @@ gopkg.in/jcmturner/rpc.v1 v1.1.0/go.mod h1:YIdkC4XfD6GXbzje11McwsDuOlZQSb9W4vfLv
|
|||
gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
|
||||
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||
layeh.com/gopher-json v0.0.0-20161224164157-c128cc74278b h1:ZfaWvT/nGlYq3Id9DDvsgmRzAfPotitRJmD7ymWZPK0=
|
||||
layeh.com/gopher-json v0.0.0-20161224164157-c128cc74278b/go.mod h1:ivKkcY8Zxw5ba0jldhZCYYQfGdb2K6u9tbYK1AwMIBc=
|
||||
layeh.com/gopher-json v0.0.0-20190114024228-97fed8db8427 h1:RZkKxMR3jbQxdCEcglq3j7wY3PRJIopAwBlx1RE71X0=
|
||||
layeh.com/gopher-json v0.0.0-20190114024228-97fed8db8427/go.mod h1:ivKkcY8Zxw5ba0jldhZCYYQfGdb2K6u9tbYK1AwMIBc=
|
||||
|
|
|
@ -16,11 +16,11 @@ func json_JSET_basic_test(mc *mockServer) error {
|
|||
{"JGET", "mykey", "myid1"}, {`{"hello":"planet"}`},
|
||||
{"JSET", "mykey", "myid1", "user.name.last", "tom"}, {"OK"},
|
||||
{"JSET", "mykey", "myid1", "user.name.first", "andrew"}, {"OK"},
|
||||
{"JGET", "mykey", "myid1"}, {`{"user":{"name":{"first":"andrew","last":"tom"}},"hello":"planet"}`},
|
||||
{"JGET", "mykey", "myid1"}, {`{"hello":"planet","user":{"name":{"last":"tom","first":"andrew"}}}`},
|
||||
{"JDEL", "mykey", "myid1", "user.name.last"}, {1},
|
||||
{"JGET", "mykey", "myid1"}, {`{"user":{"name":{"first":"andrew"}},"hello":"planet"}`},
|
||||
{"JGET", "mykey", "myid1"}, {`{"hello":"planet","user":{"name":{"first":"andrew"}}}`},
|
||||
{"JDEL", "mykey", "myid1", "user.name.last"}, {0},
|
||||
{"JGET", "mykey", "myid1"}, {`{"user":{"name":{"first":"andrew"}},"hello":"planet"}`},
|
||||
{"JGET", "mykey", "myid1"}, {`{"hello":"planet","user":{"name":{"first":"andrew"}}}`},
|
||||
{"JDEL", "mykey2", "myid1", "user.name.last"}, {0},
|
||||
})
|
||||
}
|
||||
|
|
|
@ -138,8 +138,27 @@ type RequestFailure interface {
|
|||
RequestID() string
|
||||
}
|
||||
|
||||
// NewRequestFailure returns a new request error wrapper for the given Error
|
||||
// provided.
|
||||
// NewRequestFailure returns a wrapped error with additional information for
|
||||
// request status code, and service requestID.
|
||||
//
|
||||
// Should be used to wrap all request which involve service requests. Even if
|
||||
// the request failed without a service response, but had an HTTP status code
|
||||
// that may be meaningful.
|
||||
func NewRequestFailure(err Error, statusCode int, reqID string) RequestFailure {
|
||||
return newRequestError(err, statusCode, reqID)
|
||||
}
|
||||
|
||||
// UnmarshalError provides the interface for the SDK failing to unmarshal data.
|
||||
type UnmarshalError interface {
|
||||
awsError
|
||||
Bytes() []byte
|
||||
}
|
||||
|
||||
// NewUnmarshalError returns an initialized UnmarshalError error wrapper adding
|
||||
// the bytes that fail to unmarshal to the error.
|
||||
func NewUnmarshalError(err error, msg string, bytes []byte) UnmarshalError {
|
||||
return &unmarshalError{
|
||||
awsError: New("UnmarshalError", msg, err),
|
||||
bytes: bytes,
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,6 +1,9 @@
|
|||
package awserr
|
||||
|
||||
import "fmt"
|
||||
import (
|
||||
"encoding/hex"
|
||||
"fmt"
|
||||
)
|
||||
|
||||
// SprintError returns a string of the formatted error code.
|
||||
//
|
||||
|
@ -119,6 +122,7 @@ type requestError struct {
|
|||
awsError
|
||||
statusCode int
|
||||
requestID string
|
||||
bytes []byte
|
||||
}
|
||||
|
||||
// newRequestError returns a wrapped error with additional information for
|
||||
|
@ -170,6 +174,29 @@ func (r requestError) OrigErrs() []error {
|
|||
return []error{r.OrigErr()}
|
||||
}
|
||||
|
||||
type unmarshalError struct {
|
||||
awsError
|
||||
bytes []byte
|
||||
}
|
||||
|
||||
// Error returns the string representation of the error.
|
||||
// Satisfies the error interface.
|
||||
func (e unmarshalError) Error() string {
|
||||
extra := hex.Dump(e.bytes)
|
||||
return SprintError(e.Code(), e.Message(), extra, e.OrigErr())
|
||||
}
|
||||
|
||||
// String returns the string representation of the error.
|
||||
// Alias for Error to satisfy the stringer interface.
|
||||
func (e unmarshalError) String() string {
|
||||
return e.Error()
|
||||
}
|
||||
|
||||
// Bytes returns the bytes that failed to unmarshal.
|
||||
func (e unmarshalError) Bytes() []byte {
|
||||
return e.bytes
|
||||
}
|
||||
|
||||
// An error list that satisfies the golang interface
|
||||
type errorList []error
|
||||
|
||||
|
@ -181,7 +208,7 @@ func (e errorList) Error() string {
|
|||
// How do we want to handle the array size being zero
|
||||
if size := len(e); size > 0 {
|
||||
for i := 0; i < size; i++ {
|
||||
msg += fmt.Sprintf("%s", e[i].Error())
|
||||
msg += e[i].Error()
|
||||
// We check the next index to see if it is within the slice.
|
||||
// If it is, then we append a newline. We do this, because unit tests
|
||||
// could be broken with the additional '\n'
|
||||
|
|
|
@ -15,7 +15,7 @@ func DeepEqual(a, b interface{}) bool {
|
|||
rb := reflect.Indirect(reflect.ValueOf(b))
|
||||
|
||||
if raValid, rbValid := ra.IsValid(), rb.IsValid(); !raValid && !rbValid {
|
||||
// If the elements are both nil, and of the same type the are equal
|
||||
// If the elements are both nil, and of the same type they are equal
|
||||
// If they are of different types they are not equal
|
||||
return reflect.TypeOf(a) == reflect.TypeOf(b)
|
||||
} else if raValid != rbValid {
|
||||
|
|
|
@ -70,7 +70,7 @@ func rValuesAtPath(v interface{}, path string, createPath, caseSensitive, nilTer
|
|||
value = value.FieldByNameFunc(func(name string) bool {
|
||||
if c == name {
|
||||
return true
|
||||
} else if !caseSensitive && strings.ToLower(name) == strings.ToLower(c) {
|
||||
} else if !caseSensitive && strings.EqualFold(name, c) {
|
||||
return true
|
||||
}
|
||||
return false
|
||||
|
@ -185,14 +185,13 @@ func ValuesAtPath(i interface{}, path string) ([]interface{}, error) {
|
|||
// SetValueAtPath sets a value at the case insensitive lexical path inside
|
||||
// of a structure.
|
||||
func SetValueAtPath(i interface{}, path string, v interface{}) {
|
||||
if rvals := rValuesAtPath(i, path, true, false, v == nil); rvals != nil {
|
||||
rvals := rValuesAtPath(i, path, true, false, v == nil)
|
||||
for _, rval := range rvals {
|
||||
if rval.Kind() == reflect.Ptr && rval.IsNil() {
|
||||
continue
|
||||
}
|
||||
setValue(rval, v)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func setValue(dstVal reflect.Value, src interface{}) {
|
||||
|
|
|
@ -12,6 +12,7 @@ import (
|
|||
type Config struct {
|
||||
Config *aws.Config
|
||||
Handlers request.Handlers
|
||||
PartitionID string
|
||||
Endpoint string
|
||||
SigningRegion string
|
||||
SigningName string
|
||||
|
@ -64,7 +65,7 @@ func New(cfg aws.Config, info metadata.ClientInfo, handlers request.Handlers, op
|
|||
default:
|
||||
maxRetries := aws.IntValue(cfg.MaxRetries)
|
||||
if cfg.MaxRetries == nil || maxRetries == aws.UseServiceDefaultRetries {
|
||||
maxRetries = 3
|
||||
maxRetries = DefaultRetryerMaxNumRetries
|
||||
}
|
||||
svc.Retryer = DefaultRetryer{NumMaxRetries: maxRetries}
|
||||
}
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
package client
|
||||
|
||||
import (
|
||||
"math"
|
||||
"strconv"
|
||||
"time"
|
||||
|
||||
|
@ -9,82 +10,142 @@ import (
|
|||
)
|
||||
|
||||
// DefaultRetryer implements basic retry logic using exponential backoff for
|
||||
// most services. If you want to implement custom retry logic, implement the
|
||||
// request.Retryer interface or create a structure type that composes this
|
||||
// struct and override the specific methods. For example, to override only
|
||||
// the MaxRetries method:
|
||||
// most services. If you want to implement custom retry logic, you can implement the
|
||||
// request.Retryer interface.
|
||||
//
|
||||
// type retryer struct {
|
||||
// client.DefaultRetryer
|
||||
// }
|
||||
//
|
||||
// // This implementation always has 100 max retries
|
||||
// func (d retryer) MaxRetries() int { return 100 }
|
||||
type DefaultRetryer struct {
|
||||
// Num max Retries is the number of max retries that will be performed.
|
||||
// By default, this is zero.
|
||||
NumMaxRetries int
|
||||
|
||||
// MinRetryDelay is the minimum retry delay after which retry will be performed.
|
||||
// If not set, the value is 0ns.
|
||||
MinRetryDelay time.Duration
|
||||
|
||||
// MinThrottleRetryDelay is the minimum retry delay when throttled.
|
||||
// If not set, the value is 0ns.
|
||||
MinThrottleDelay time.Duration
|
||||
|
||||
// MaxRetryDelay is the maximum retry delay before which retry must be performed.
|
||||
// If not set, the value is 0ns.
|
||||
MaxRetryDelay time.Duration
|
||||
|
||||
// MaxThrottleDelay is the maximum retry delay when throttled.
|
||||
// If not set, the value is 0ns.
|
||||
MaxThrottleDelay time.Duration
|
||||
}
|
||||
|
||||
const (
|
||||
// DefaultRetryerMaxNumRetries sets maximum number of retries
|
||||
DefaultRetryerMaxNumRetries = 3
|
||||
|
||||
// DefaultRetryerMinRetryDelay sets minimum retry delay
|
||||
DefaultRetryerMinRetryDelay = 30 * time.Millisecond
|
||||
|
||||
// DefaultRetryerMinThrottleDelay sets minimum delay when throttled
|
||||
DefaultRetryerMinThrottleDelay = 500 * time.Millisecond
|
||||
|
||||
// DefaultRetryerMaxRetryDelay sets maximum retry delay
|
||||
DefaultRetryerMaxRetryDelay = 300 * time.Second
|
||||
|
||||
// DefaultRetryerMaxThrottleDelay sets maximum delay when throttled
|
||||
DefaultRetryerMaxThrottleDelay = 300 * time.Second
|
||||
)
|
||||
|
||||
// MaxRetries returns the number of maximum returns the service will use to make
|
||||
// an individual API request.
|
||||
func (d DefaultRetryer) MaxRetries() int {
|
||||
return d.NumMaxRetries
|
||||
}
|
||||
|
||||
// setRetryerDefaults sets the default values of the retryer if not set
|
||||
func (d *DefaultRetryer) setRetryerDefaults() {
|
||||
if d.MinRetryDelay == 0 {
|
||||
d.MinRetryDelay = DefaultRetryerMinRetryDelay
|
||||
}
|
||||
if d.MaxRetryDelay == 0 {
|
||||
d.MaxRetryDelay = DefaultRetryerMaxRetryDelay
|
||||
}
|
||||
if d.MinThrottleDelay == 0 {
|
||||
d.MinThrottleDelay = DefaultRetryerMinThrottleDelay
|
||||
}
|
||||
if d.MaxThrottleDelay == 0 {
|
||||
d.MaxThrottleDelay = DefaultRetryerMaxThrottleDelay
|
||||
}
|
||||
}
|
||||
|
||||
// RetryRules returns the delay duration before retrying this request again
|
||||
func (d DefaultRetryer) RetryRules(r *request.Request) time.Duration {
|
||||
// Set the upper limit of delay in retrying at ~five minutes
|
||||
minTime := 30
|
||||
throttle := d.shouldThrottle(r)
|
||||
if throttle {
|
||||
if delay, ok := getRetryDelay(r); ok {
|
||||
return delay
|
||||
|
||||
// if number of max retries is zero, no retries will be performed.
|
||||
if d.NumMaxRetries == 0 {
|
||||
return 0
|
||||
}
|
||||
|
||||
minTime = 500
|
||||
// Sets default value for retryer members
|
||||
d.setRetryerDefaults()
|
||||
|
||||
// minDelay is the minimum retryer delay
|
||||
minDelay := d.MinRetryDelay
|
||||
|
||||
var initialDelay time.Duration
|
||||
|
||||
isThrottle := r.IsErrorThrottle()
|
||||
if isThrottle {
|
||||
if delay, ok := getRetryAfterDelay(r); ok {
|
||||
initialDelay = delay
|
||||
}
|
||||
minDelay = d.MinThrottleDelay
|
||||
}
|
||||
|
||||
retryCount := r.RetryCount
|
||||
if throttle && retryCount > 8 {
|
||||
retryCount = 8
|
||||
} else if retryCount > 13 {
|
||||
retryCount = 13
|
||||
|
||||
// maxDelay the maximum retryer delay
|
||||
maxDelay := d.MaxRetryDelay
|
||||
|
||||
if isThrottle {
|
||||
maxDelay = d.MaxThrottleDelay
|
||||
}
|
||||
|
||||
delay := (1 << uint(retryCount)) * (sdkrand.SeededRand.Intn(minTime) + minTime)
|
||||
return time.Duration(delay) * time.Millisecond
|
||||
var delay time.Duration
|
||||
|
||||
// Logic to cap the retry count based on the minDelay provided
|
||||
actualRetryCount := int(math.Log2(float64(minDelay))) + 1
|
||||
if actualRetryCount < 63-retryCount {
|
||||
delay = time.Duration(1<<uint64(retryCount)) * getJitterDelay(minDelay)
|
||||
if delay > maxDelay {
|
||||
delay = getJitterDelay(maxDelay / 2)
|
||||
}
|
||||
} else {
|
||||
delay = getJitterDelay(maxDelay / 2)
|
||||
}
|
||||
return delay + initialDelay
|
||||
}
|
||||
|
||||
// getJitterDelay returns a jittered delay for retry
|
||||
func getJitterDelay(duration time.Duration) time.Duration {
|
||||
return time.Duration(sdkrand.SeededRand.Int63n(int64(duration)) + int64(duration))
|
||||
}
|
||||
|
||||
// ShouldRetry returns true if the request should be retried.
|
||||
func (d DefaultRetryer) ShouldRetry(r *request.Request) bool {
|
||||
|
||||
// ShouldRetry returns false if number of max retries is 0.
|
||||
if d.NumMaxRetries == 0 {
|
||||
return false
|
||||
}
|
||||
|
||||
// If one of the other handlers already set the retry state
|
||||
// we don't want to override it based on the service's state
|
||||
if r.Retryable != nil {
|
||||
return *r.Retryable
|
||||
}
|
||||
|
||||
if r.HTTPResponse.StatusCode >= 500 && r.HTTPResponse.StatusCode != 501 {
|
||||
return true
|
||||
}
|
||||
return r.IsErrorRetryable() || d.shouldThrottle(r)
|
||||
}
|
||||
|
||||
// ShouldThrottle returns true if the request should be throttled.
|
||||
func (d DefaultRetryer) shouldThrottle(r *request.Request) bool {
|
||||
switch r.HTTPResponse.StatusCode {
|
||||
case 429:
|
||||
case 502:
|
||||
case 503:
|
||||
case 504:
|
||||
default:
|
||||
return r.IsErrorThrottle()
|
||||
}
|
||||
|
||||
return true
|
||||
return r.IsErrorRetryable() || r.IsErrorThrottle()
|
||||
}
|
||||
|
||||
// This will look in the Retry-After header, RFC 7231, for how long
|
||||
// it will wait before attempting another request
|
||||
func getRetryDelay(r *request.Request) (time.Duration, bool) {
|
||||
func getRetryAfterDelay(r *request.Request) (time.Duration, bool) {
|
||||
if !canUseRetryAfterHeader(r) {
|
||||
return 0, false
|
||||
}
|
||||
|
|
|
@ -67,10 +67,14 @@ func logRequest(r *request.Request) {
|
|||
if !bodySeekable {
|
||||
r.SetReaderBody(aws.ReadSeekCloser(r.HTTPRequest.Body))
|
||||
}
|
||||
// Reset the request body because dumpRequest will re-wrap the r.HTTPRequest's
|
||||
// Body as a NoOpCloser and will not be reset after read by the HTTP
|
||||
// client reader.
|
||||
r.ResetBody()
|
||||
// Reset the request body because dumpRequest will re-wrap the
|
||||
// r.HTTPRequest's Body as a NoOpCloser and will not be reset after
|
||||
// read by the HTTP client reader.
|
||||
if err := r.Error; err != nil {
|
||||
r.Config.Logger.Log(fmt.Sprintf(logReqErrMsg,
|
||||
r.ClientInfo.ServiceName, r.Operation.Name, err))
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
r.Config.Logger.Log(fmt.Sprintf(logReqMsg,
|
||||
|
|
|
@ -5,6 +5,7 @@ type ClientInfo struct {
|
|||
ServiceName string
|
||||
ServiceID string
|
||||
APIVersion string
|
||||
PartitionID string
|
||||
Endpoint string
|
||||
SigningName string
|
||||
SigningRegion string
|
||||
|
|
|
@ -0,0 +1,28 @@
|
|||
package client
|
||||
|
||||
import (
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
)
|
||||
|
||||
// NoOpRetryer provides a retryer that performs no retries.
|
||||
// It should be used when we do not want retries to be performed.
|
||||
type NoOpRetryer struct{}
|
||||
|
||||
// MaxRetries returns the number of maximum returns the service will use to make
|
||||
// an individual API; For NoOpRetryer the MaxRetries will always be zero.
|
||||
func (d NoOpRetryer) MaxRetries() int {
|
||||
return 0
|
||||
}
|
||||
|
||||
// ShouldRetry will always return false for NoOpRetryer, as it should never retry.
|
||||
func (d NoOpRetryer) ShouldRetry(_ *request.Request) bool {
|
||||
return false
|
||||
}
|
||||
|
||||
// RetryRules returns the delay duration before retrying this request again;
|
||||
// since NoOpRetryer does not retry, RetryRules always returns 0.
|
||||
func (d NoOpRetryer) RetryRules(_ *request.Request) time.Duration {
|
||||
return 0
|
||||
}
|
|
@ -20,7 +20,7 @@ type RequestRetryer interface{}
|
|||
// A Config provides service configuration for service clients. By default,
|
||||
// all clients will use the defaults.DefaultConfig structure.
|
||||
//
|
||||
// // Create Session with MaxRetry configuration to be shared by multiple
|
||||
// // Create Session with MaxRetries configuration to be shared by multiple
|
||||
// // service clients.
|
||||
// sess := session.Must(session.NewSession(&aws.Config{
|
||||
// MaxRetries: aws.Int(3),
|
||||
|
@ -43,7 +43,7 @@ type Config struct {
|
|||
|
||||
// An optional endpoint URL (hostname only or fully qualified URI)
|
||||
// that overrides the default generated endpoint for a client. Set this
|
||||
// to `""` to use the default generated endpoint.
|
||||
// to `nil` or the value to `""` to use the default generated endpoint.
|
||||
//
|
||||
// Note: You must still provide a `Region` value when specifying an
|
||||
// endpoint for a client.
|
||||
|
@ -138,7 +138,7 @@ type Config struct {
|
|||
// `ExpectContinueTimeout` for information on adjusting the continue wait
|
||||
// timeout. https://golang.org/pkg/net/http/#Transport
|
||||
//
|
||||
// You should use this flag to disble 100-Continue if you experience issues
|
||||
// You should use this flag to disable 100-Continue if you experience issues
|
||||
// with proxies or third party S3 compatible services.
|
||||
S3Disable100Continue *bool
|
||||
|
||||
|
@ -161,6 +161,17 @@ type Config struct {
|
|||
// on GetObject API calls.
|
||||
S3DisableContentMD5Validation *bool
|
||||
|
||||
// Set this to `true` to have the S3 service client to use the region specified
|
||||
// in the ARN, when an ARN is provided as an argument to a bucket parameter.
|
||||
S3UseARNRegion *bool
|
||||
|
||||
// Set this to `true` to enable the SDK to unmarshal API response header maps to
|
||||
// normalized lower case map keys.
|
||||
//
|
||||
// For example S3's X-Amz-Meta prefixed header will be unmarshaled to lower case
|
||||
// Metadata member's map keys. The value of the header in the map is unaffected.
|
||||
LowerCaseHeaderMaps *bool
|
||||
|
||||
// Set this to `true` to disable the EC2Metadata client from overriding the
|
||||
// default http.Client's Timeout. This is helpful if you do not want the
|
||||
// EC2Metadata client to create a new http.Client. This options is only
|
||||
|
@ -172,7 +183,7 @@ type Config struct {
|
|||
//
|
||||
// Example:
|
||||
// sess := session.Must(session.NewSession(aws.NewConfig()
|
||||
// .WithEC2MetadataDiableTimeoutOverride(true)))
|
||||
// .WithEC2MetadataDisableTimeoutOverride(true)))
|
||||
//
|
||||
// svc := s3.New(sess)
|
||||
//
|
||||
|
@ -183,7 +194,7 @@ type Config struct {
|
|||
// both IPv4 and IPv6 addressing.
|
||||
//
|
||||
// Setting this for a service which does not support dual stack will fail
|
||||
// to make requets. It is not recommended to set this value on the session
|
||||
// to make requests. It is not recommended to set this value on the session
|
||||
// as it will apply to all service clients created with the session. Even
|
||||
// services which don't support dual stack endpoints.
|
||||
//
|
||||
|
@ -227,6 +238,7 @@ type Config struct {
|
|||
|
||||
// EnableEndpointDiscovery will allow for endpoint discovery on operations that
|
||||
// have the definition in its model. By default, endpoint discovery is off.
|
||||
// To use EndpointDiscovery, Endpoint should be unset or set to an empty string.
|
||||
//
|
||||
// Example:
|
||||
// sess := session.Must(session.NewSession(&aws.Config{
|
||||
|
@ -246,12 +258,18 @@ type Config struct {
|
|||
// Disabling this feature is useful when you want to use local endpoints
|
||||
// for testing that do not support the modeled host prefix pattern.
|
||||
DisableEndpointHostPrefix *bool
|
||||
|
||||
// STSRegionalEndpoint will enable regional or legacy endpoint resolving
|
||||
STSRegionalEndpoint endpoints.STSRegionalEndpoint
|
||||
|
||||
// S3UsEast1RegionalEndpoint will enable regional or legacy endpoint resolving
|
||||
S3UsEast1RegionalEndpoint endpoints.S3UsEast1RegionalEndpoint
|
||||
}
|
||||
|
||||
// NewConfig returns a new Config pointer that can be chained with builder
|
||||
// methods to set multiple configuration values inline without using pointers.
|
||||
//
|
||||
// // Create Session with MaxRetry configuration to be shared by multiple
|
||||
// // Create Session with MaxRetries configuration to be shared by multiple
|
||||
// // service clients.
|
||||
// sess := session.Must(session.NewSession(aws.NewConfig().
|
||||
// WithMaxRetries(3),
|
||||
|
@ -379,6 +397,13 @@ func (c *Config) WithS3DisableContentMD5Validation(enable bool) *Config {
|
|||
|
||||
}
|
||||
|
||||
// WithS3UseARNRegion sets a config S3UseARNRegion value and
|
||||
// returning a Config pointer for chaining
|
||||
func (c *Config) WithS3UseARNRegion(enable bool) *Config {
|
||||
c.S3UseARNRegion = &enable
|
||||
return c
|
||||
}
|
||||
|
||||
// WithUseDualStack sets a config UseDualStack value returning a Config
|
||||
// pointer for chaining.
|
||||
func (c *Config) WithUseDualStack(enable bool) *Config {
|
||||
|
@ -420,6 +445,20 @@ func (c *Config) MergeIn(cfgs ...*Config) {
|
|||
}
|
||||
}
|
||||
|
||||
// WithSTSRegionalEndpoint will set whether or not to use regional endpoint flag
|
||||
// when resolving the endpoint for a service
|
||||
func (c *Config) WithSTSRegionalEndpoint(sre endpoints.STSRegionalEndpoint) *Config {
|
||||
c.STSRegionalEndpoint = sre
|
||||
return c
|
||||
}
|
||||
|
||||
// WithS3UsEast1RegionalEndpoint will set whether or not to use regional endpoint flag
|
||||
// when resolving the endpoint for a service
|
||||
func (c *Config) WithS3UsEast1RegionalEndpoint(sre endpoints.S3UsEast1RegionalEndpoint) *Config {
|
||||
c.S3UsEast1RegionalEndpoint = sre
|
||||
return c
|
||||
}
|
||||
|
||||
func mergeInConfig(dst *Config, other *Config) {
|
||||
if other == nil {
|
||||
return
|
||||
|
@ -493,6 +532,10 @@ func mergeInConfig(dst *Config, other *Config) {
|
|||
dst.S3DisableContentMD5Validation = other.S3DisableContentMD5Validation
|
||||
}
|
||||
|
||||
if other.S3UseARNRegion != nil {
|
||||
dst.S3UseARNRegion = other.S3UseARNRegion
|
||||
}
|
||||
|
||||
if other.UseDualStack != nil {
|
||||
dst.UseDualStack = other.UseDualStack
|
||||
}
|
||||
|
@ -520,6 +563,14 @@ func mergeInConfig(dst *Config, other *Config) {
|
|||
if other.DisableEndpointHostPrefix != nil {
|
||||
dst.DisableEndpointHostPrefix = other.DisableEndpointHostPrefix
|
||||
}
|
||||
|
||||
if other.STSRegionalEndpoint != endpoints.UnsetSTSEndpoint {
|
||||
dst.STSRegionalEndpoint = other.STSRegionalEndpoint
|
||||
}
|
||||
|
||||
if other.S3UsEast1RegionalEndpoint != endpoints.UnsetS3UsEast1Endpoint {
|
||||
dst.S3UsEast1RegionalEndpoint = other.S3UsEast1RegionalEndpoint
|
||||
}
|
||||
}
|
||||
|
||||
// Copy will return a shallow copy of the Config object. If any additional
|
||||
|
|
|
@ -2,42 +2,8 @@
|
|||
|
||||
package aws
|
||||
|
||||
import "time"
|
||||
|
||||
// An emptyCtx is a copy of the Go 1.7 context.emptyCtx type. This is copied to
|
||||
// provide a 1.6 and 1.5 safe version of context that is compatible with Go
|
||||
// 1.7's Context.
|
||||
//
|
||||
// An emptyCtx is never canceled, has no values, and has no deadline. It is not
|
||||
// struct{}, since vars of this type must have distinct addresses.
|
||||
type emptyCtx int
|
||||
|
||||
func (*emptyCtx) Deadline() (deadline time.Time, ok bool) {
|
||||
return
|
||||
}
|
||||
|
||||
func (*emptyCtx) Done() <-chan struct{} {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (*emptyCtx) Err() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (*emptyCtx) Value(key interface{}) interface{} {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (e *emptyCtx) String() string {
|
||||
switch e {
|
||||
case backgroundCtx:
|
||||
return "aws.BackgroundContext"
|
||||
}
|
||||
return "unknown empty Context"
|
||||
}
|
||||
|
||||
var (
|
||||
backgroundCtx = new(emptyCtx)
|
||||
import (
|
||||
"github.com/aws/aws-sdk-go/internal/context"
|
||||
)
|
||||
|
||||
// BackgroundContext returns a context that will never be canceled, has no
|
||||
|
@ -52,5 +18,5 @@ var (
|
|||
//
|
||||
// See https://golang.org/pkg/context for more information on Contexts.
|
||||
func BackgroundContext() Context {
|
||||
return backgroundCtx
|
||||
return context.BackgroundCtx
|
||||
}
|
||||
|
|
|
@ -179,6 +179,242 @@ func IntValueMap(src map[string]*int) map[string]int {
|
|||
return dst
|
||||
}
|
||||
|
||||
// Uint returns a pointer to the uint value passed in.
|
||||
func Uint(v uint) *uint {
|
||||
return &v
|
||||
}
|
||||
|
||||
// UintValue returns the value of the uint pointer passed in or
|
||||
// 0 if the pointer is nil.
|
||||
func UintValue(v *uint) uint {
|
||||
if v != nil {
|
||||
return *v
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
// UintSlice converts a slice of uint values uinto a slice of
|
||||
// uint pointers
|
||||
func UintSlice(src []uint) []*uint {
|
||||
dst := make([]*uint, len(src))
|
||||
for i := 0; i < len(src); i++ {
|
||||
dst[i] = &(src[i])
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// UintValueSlice converts a slice of uint pointers uinto a slice of
|
||||
// uint values
|
||||
func UintValueSlice(src []*uint) []uint {
|
||||
dst := make([]uint, len(src))
|
||||
for i := 0; i < len(src); i++ {
|
||||
if src[i] != nil {
|
||||
dst[i] = *(src[i])
|
||||
}
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// UintMap converts a string map of uint values uinto a string
|
||||
// map of uint pointers
|
||||
func UintMap(src map[string]uint) map[string]*uint {
|
||||
dst := make(map[string]*uint)
|
||||
for k, val := range src {
|
||||
v := val
|
||||
dst[k] = &v
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// UintValueMap converts a string map of uint pointers uinto a string
|
||||
// map of uint values
|
||||
func UintValueMap(src map[string]*uint) map[string]uint {
|
||||
dst := make(map[string]uint)
|
||||
for k, val := range src {
|
||||
if val != nil {
|
||||
dst[k] = *val
|
||||
}
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Int8 returns a pointer to the int8 value passed in.
|
||||
func Int8(v int8) *int8 {
|
||||
return &v
|
||||
}
|
||||
|
||||
// Int8Value returns the value of the int8 pointer passed in or
|
||||
// 0 if the pointer is nil.
|
||||
func Int8Value(v *int8) int8 {
|
||||
if v != nil {
|
||||
return *v
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
// Int8Slice converts a slice of int8 values into a slice of
|
||||
// int8 pointers
|
||||
func Int8Slice(src []int8) []*int8 {
|
||||
dst := make([]*int8, len(src))
|
||||
for i := 0; i < len(src); i++ {
|
||||
dst[i] = &(src[i])
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Int8ValueSlice converts a slice of int8 pointers into a slice of
|
||||
// int8 values
|
||||
func Int8ValueSlice(src []*int8) []int8 {
|
||||
dst := make([]int8, len(src))
|
||||
for i := 0; i < len(src); i++ {
|
||||
if src[i] != nil {
|
||||
dst[i] = *(src[i])
|
||||
}
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Int8Map converts a string map of int8 values into a string
|
||||
// map of int8 pointers
|
||||
func Int8Map(src map[string]int8) map[string]*int8 {
|
||||
dst := make(map[string]*int8)
|
||||
for k, val := range src {
|
||||
v := val
|
||||
dst[k] = &v
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Int8ValueMap converts a string map of int8 pointers into a string
|
||||
// map of int8 values
|
||||
func Int8ValueMap(src map[string]*int8) map[string]int8 {
|
||||
dst := make(map[string]int8)
|
||||
for k, val := range src {
|
||||
if val != nil {
|
||||
dst[k] = *val
|
||||
}
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Int16 returns a pointer to the int16 value passed in.
|
||||
func Int16(v int16) *int16 {
|
||||
return &v
|
||||
}
|
||||
|
||||
// Int16Value returns the value of the int16 pointer passed in or
|
||||
// 0 if the pointer is nil.
|
||||
func Int16Value(v *int16) int16 {
|
||||
if v != nil {
|
||||
return *v
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
// Int16Slice converts a slice of int16 values into a slice of
|
||||
// int16 pointers
|
||||
func Int16Slice(src []int16) []*int16 {
|
||||
dst := make([]*int16, len(src))
|
||||
for i := 0; i < len(src); i++ {
|
||||
dst[i] = &(src[i])
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Int16ValueSlice converts a slice of int16 pointers into a slice of
|
||||
// int16 values
|
||||
func Int16ValueSlice(src []*int16) []int16 {
|
||||
dst := make([]int16, len(src))
|
||||
for i := 0; i < len(src); i++ {
|
||||
if src[i] != nil {
|
||||
dst[i] = *(src[i])
|
||||
}
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Int16Map converts a string map of int16 values into a string
|
||||
// map of int16 pointers
|
||||
func Int16Map(src map[string]int16) map[string]*int16 {
|
||||
dst := make(map[string]*int16)
|
||||
for k, val := range src {
|
||||
v := val
|
||||
dst[k] = &v
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Int16ValueMap converts a string map of int16 pointers into a string
|
||||
// map of int16 values
|
||||
func Int16ValueMap(src map[string]*int16) map[string]int16 {
|
||||
dst := make(map[string]int16)
|
||||
for k, val := range src {
|
||||
if val != nil {
|
||||
dst[k] = *val
|
||||
}
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Int32 returns a pointer to the int32 value passed in.
|
||||
func Int32(v int32) *int32 {
|
||||
return &v
|
||||
}
|
||||
|
||||
// Int32Value returns the value of the int32 pointer passed in or
|
||||
// 0 if the pointer is nil.
|
||||
func Int32Value(v *int32) int32 {
|
||||
if v != nil {
|
||||
return *v
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
// Int32Slice converts a slice of int32 values into a slice of
|
||||
// int32 pointers
|
||||
func Int32Slice(src []int32) []*int32 {
|
||||
dst := make([]*int32, len(src))
|
||||
for i := 0; i < len(src); i++ {
|
||||
dst[i] = &(src[i])
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Int32ValueSlice converts a slice of int32 pointers into a slice of
|
||||
// int32 values
|
||||
func Int32ValueSlice(src []*int32) []int32 {
|
||||
dst := make([]int32, len(src))
|
||||
for i := 0; i < len(src); i++ {
|
||||
if src[i] != nil {
|
||||
dst[i] = *(src[i])
|
||||
}
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Int32Map converts a string map of int32 values into a string
|
||||
// map of int32 pointers
|
||||
func Int32Map(src map[string]int32) map[string]*int32 {
|
||||
dst := make(map[string]*int32)
|
||||
for k, val := range src {
|
||||
v := val
|
||||
dst[k] = &v
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Int32ValueMap converts a string map of int32 pointers into a string
|
||||
// map of int32 values
|
||||
func Int32ValueMap(src map[string]*int32) map[string]int32 {
|
||||
dst := make(map[string]int32)
|
||||
for k, val := range src {
|
||||
if val != nil {
|
||||
dst[k] = *val
|
||||
}
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Int64 returns a pointer to the int64 value passed in.
|
||||
func Int64(v int64) *int64 {
|
||||
return &v
|
||||
|
@ -238,6 +474,301 @@ func Int64ValueMap(src map[string]*int64) map[string]int64 {
|
|||
return dst
|
||||
}
|
||||
|
||||
// Uint8 returns a pointer to the uint8 value passed in.
|
||||
func Uint8(v uint8) *uint8 {
|
||||
return &v
|
||||
}
|
||||
|
||||
// Uint8Value returns the value of the uint8 pointer passed in or
|
||||
// 0 if the pointer is nil.
|
||||
func Uint8Value(v *uint8) uint8 {
|
||||
if v != nil {
|
||||
return *v
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
// Uint8Slice converts a slice of uint8 values into a slice of
|
||||
// uint8 pointers
|
||||
func Uint8Slice(src []uint8) []*uint8 {
|
||||
dst := make([]*uint8, len(src))
|
||||
for i := 0; i < len(src); i++ {
|
||||
dst[i] = &(src[i])
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Uint8ValueSlice converts a slice of uint8 pointers into a slice of
|
||||
// uint8 values
|
||||
func Uint8ValueSlice(src []*uint8) []uint8 {
|
||||
dst := make([]uint8, len(src))
|
||||
for i := 0; i < len(src); i++ {
|
||||
if src[i] != nil {
|
||||
dst[i] = *(src[i])
|
||||
}
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Uint8Map converts a string map of uint8 values into a string
|
||||
// map of uint8 pointers
|
||||
func Uint8Map(src map[string]uint8) map[string]*uint8 {
|
||||
dst := make(map[string]*uint8)
|
||||
for k, val := range src {
|
||||
v := val
|
||||
dst[k] = &v
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Uint8ValueMap converts a string map of uint8 pointers into a string
|
||||
// map of uint8 values
|
||||
func Uint8ValueMap(src map[string]*uint8) map[string]uint8 {
|
||||
dst := make(map[string]uint8)
|
||||
for k, val := range src {
|
||||
if val != nil {
|
||||
dst[k] = *val
|
||||
}
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Uint16 returns a pointer to the uint16 value passed in.
|
||||
func Uint16(v uint16) *uint16 {
|
||||
return &v
|
||||
}
|
||||
|
||||
// Uint16Value returns the value of the uint16 pointer passed in or
|
||||
// 0 if the pointer is nil.
|
||||
func Uint16Value(v *uint16) uint16 {
|
||||
if v != nil {
|
||||
return *v
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
// Uint16Slice converts a slice of uint16 values into a slice of
|
||||
// uint16 pointers
|
||||
func Uint16Slice(src []uint16) []*uint16 {
|
||||
dst := make([]*uint16, len(src))
|
||||
for i := 0; i < len(src); i++ {
|
||||
dst[i] = &(src[i])
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Uint16ValueSlice converts a slice of uint16 pointers into a slice of
|
||||
// uint16 values
|
||||
func Uint16ValueSlice(src []*uint16) []uint16 {
|
||||
dst := make([]uint16, len(src))
|
||||
for i := 0; i < len(src); i++ {
|
||||
if src[i] != nil {
|
||||
dst[i] = *(src[i])
|
||||
}
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Uint16Map converts a string map of uint16 values into a string
|
||||
// map of uint16 pointers
|
||||
func Uint16Map(src map[string]uint16) map[string]*uint16 {
|
||||
dst := make(map[string]*uint16)
|
||||
for k, val := range src {
|
||||
v := val
|
||||
dst[k] = &v
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Uint16ValueMap converts a string map of uint16 pointers into a string
|
||||
// map of uint16 values
|
||||
func Uint16ValueMap(src map[string]*uint16) map[string]uint16 {
|
||||
dst := make(map[string]uint16)
|
||||
for k, val := range src {
|
||||
if val != nil {
|
||||
dst[k] = *val
|
||||
}
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Uint32 returns a pointer to the uint32 value passed in.
|
||||
func Uint32(v uint32) *uint32 {
|
||||
return &v
|
||||
}
|
||||
|
||||
// Uint32Value returns the value of the uint32 pointer passed in or
|
||||
// 0 if the pointer is nil.
|
||||
func Uint32Value(v *uint32) uint32 {
|
||||
if v != nil {
|
||||
return *v
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
// Uint32Slice converts a slice of uint32 values into a slice of
|
||||
// uint32 pointers
|
||||
func Uint32Slice(src []uint32) []*uint32 {
|
||||
dst := make([]*uint32, len(src))
|
||||
for i := 0; i < len(src); i++ {
|
||||
dst[i] = &(src[i])
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Uint32ValueSlice converts a slice of uint32 pointers into a slice of
|
||||
// uint32 values
|
||||
func Uint32ValueSlice(src []*uint32) []uint32 {
|
||||
dst := make([]uint32, len(src))
|
||||
for i := 0; i < len(src); i++ {
|
||||
if src[i] != nil {
|
||||
dst[i] = *(src[i])
|
||||
}
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Uint32Map converts a string map of uint32 values into a string
|
||||
// map of uint32 pointers
|
||||
func Uint32Map(src map[string]uint32) map[string]*uint32 {
|
||||
dst := make(map[string]*uint32)
|
||||
for k, val := range src {
|
||||
v := val
|
||||
dst[k] = &v
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Uint32ValueMap converts a string map of uint32 pointers into a string
|
||||
// map of uint32 values
|
||||
func Uint32ValueMap(src map[string]*uint32) map[string]uint32 {
|
||||
dst := make(map[string]uint32)
|
||||
for k, val := range src {
|
||||
if val != nil {
|
||||
dst[k] = *val
|
||||
}
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Uint64 returns a pointer to the uint64 value passed in.
|
||||
func Uint64(v uint64) *uint64 {
|
||||
return &v
|
||||
}
|
||||
|
||||
// Uint64Value returns the value of the uint64 pointer passed in or
|
||||
// 0 if the pointer is nil.
|
||||
func Uint64Value(v *uint64) uint64 {
|
||||
if v != nil {
|
||||
return *v
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
// Uint64Slice converts a slice of uint64 values into a slice of
|
||||
// uint64 pointers
|
||||
func Uint64Slice(src []uint64) []*uint64 {
|
||||
dst := make([]*uint64, len(src))
|
||||
for i := 0; i < len(src); i++ {
|
||||
dst[i] = &(src[i])
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Uint64ValueSlice converts a slice of uint64 pointers into a slice of
|
||||
// uint64 values
|
||||
func Uint64ValueSlice(src []*uint64) []uint64 {
|
||||
dst := make([]uint64, len(src))
|
||||
for i := 0; i < len(src); i++ {
|
||||
if src[i] != nil {
|
||||
dst[i] = *(src[i])
|
||||
}
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Uint64Map converts a string map of uint64 values into a string
|
||||
// map of uint64 pointers
|
||||
func Uint64Map(src map[string]uint64) map[string]*uint64 {
|
||||
dst := make(map[string]*uint64)
|
||||
for k, val := range src {
|
||||
v := val
|
||||
dst[k] = &v
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Uint64ValueMap converts a string map of uint64 pointers into a string
|
||||
// map of uint64 values
|
||||
func Uint64ValueMap(src map[string]*uint64) map[string]uint64 {
|
||||
dst := make(map[string]uint64)
|
||||
for k, val := range src {
|
||||
if val != nil {
|
||||
dst[k] = *val
|
||||
}
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Float32 returns a pointer to the float32 value passed in.
|
||||
func Float32(v float32) *float32 {
|
||||
return &v
|
||||
}
|
||||
|
||||
// Float32Value returns the value of the float32 pointer passed in or
|
||||
// 0 if the pointer is nil.
|
||||
func Float32Value(v *float32) float32 {
|
||||
if v != nil {
|
||||
return *v
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
// Float32Slice converts a slice of float32 values into a slice of
|
||||
// float32 pointers
|
||||
func Float32Slice(src []float32) []*float32 {
|
||||
dst := make([]*float32, len(src))
|
||||
for i := 0; i < len(src); i++ {
|
||||
dst[i] = &(src[i])
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Float32ValueSlice converts a slice of float32 pointers into a slice of
|
||||
// float32 values
|
||||
func Float32ValueSlice(src []*float32) []float32 {
|
||||
dst := make([]float32, len(src))
|
||||
for i := 0; i < len(src); i++ {
|
||||
if src[i] != nil {
|
||||
dst[i] = *(src[i])
|
||||
}
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Float32Map converts a string map of float32 values into a string
|
||||
// map of float32 pointers
|
||||
func Float32Map(src map[string]float32) map[string]*float32 {
|
||||
dst := make(map[string]*float32)
|
||||
for k, val := range src {
|
||||
v := val
|
||||
dst[k] = &v
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Float32ValueMap converts a string map of float32 pointers into a string
|
||||
// map of float32 values
|
||||
func Float32ValueMap(src map[string]*float32) map[string]float32 {
|
||||
dst := make(map[string]float32)
|
||||
for k, val := range src {
|
||||
if val != nil {
|
||||
dst[k] = *val
|
||||
}
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
// Float64 returns a pointer to the float64 value passed in.
|
||||
func Float64(v float64) *float64 {
|
||||
return &v
|
||||
|
|
|
@ -159,9 +159,9 @@ func handleSendError(r *request.Request, err error) {
|
|||
Body: ioutil.NopCloser(bytes.NewReader([]byte{})),
|
||||
}
|
||||
}
|
||||
// Catch all other request errors.
|
||||
r.Error = awserr.New("RequestError", "send request failed", err)
|
||||
r.Retryable = aws.Bool(true) // network errors are retryable
|
||||
// Catch all request errors, and let the default retrier determine
|
||||
// if the error is retryable.
|
||||
r.Error = awserr.New(request.ErrCodeRequestError, "send request failed", err)
|
||||
|
||||
// Override the error with a context canceled error, if that was canceled.
|
||||
ctx := r.Context()
|
||||
|
@ -184,7 +184,9 @@ var ValidateResponseHandler = request.NamedHandler{Name: "core.ValidateResponseH
|
|||
|
||||
// AfterRetryHandler performs final checks to determine if the request should
|
||||
// be retried and how long to delay.
|
||||
var AfterRetryHandler = request.NamedHandler{Name: "core.AfterRetryHandler", Fn: func(r *request.Request) {
|
||||
var AfterRetryHandler = request.NamedHandler{
|
||||
Name: "core.AfterRetryHandler",
|
||||
Fn: func(r *request.Request) {
|
||||
// If one of the other handlers already set the retry state
|
||||
// we don't want to override it based on the service's state
|
||||
if r.Retryable == nil || aws.BoolValue(r.Config.EnforceShouldRetryCheck) {
|
||||
|
@ -214,7 +216,7 @@ var AfterRetryHandler = request.NamedHandler{Name: "core.AfterRetryHandler", Fn:
|
|||
r.RetryCount++
|
||||
r.Error = nil
|
||||
}
|
||||
}}
|
||||
}}
|
||||
|
||||
// ValidateEndpointHandler is a request handler to validate a request had the
|
||||
// appropriate Region and Endpoint set. Will set r.Error if the endpoint or
|
||||
|
@ -223,6 +225,8 @@ var ValidateEndpointHandler = request.NamedHandler{Name: "core.ValidateEndpointH
|
|||
if r.ClientInfo.SigningRegion == "" && aws.StringValue(r.Config.Region) == "" {
|
||||
r.Error = aws.ErrMissingRegion
|
||||
} else if r.ClientInfo.Endpoint == "" {
|
||||
// Was any endpoint provided by the user, or one was derived by the
|
||||
// SDK's endpoint resolver?
|
||||
r.Error = aws.ErrMissingEndpoint
|
||||
}
|
||||
}}
|
||||
|
|
22
vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.5.go
generated
vendored
Normal file
22
vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.5.go
generated
vendored
Normal file
|
@ -0,0 +1,22 @@
|
|||
// +build !go1.7
|
||||
|
||||
package credentials
|
||||
|
||||
import (
|
||||
"github.com/aws/aws-sdk-go/internal/context"
|
||||
)
|
||||
|
||||
// backgroundContext returns a context that will never be canceled, has no
|
||||
// values, and no deadline. This context is used by the SDK to provide
|
||||
// backwards compatibility with non-context API operations and functionality.
|
||||
//
|
||||
// Go 1.6 and before:
|
||||
// This context function is equivalent to context.Background in the Go stdlib.
|
||||
//
|
||||
// Go 1.7 and later:
|
||||
// The context returned will be the value returned by context.Background()
|
||||
//
|
||||
// See https://golang.org/pkg/context for more information on Contexts.
|
||||
func backgroundContext() Context {
|
||||
return context.BackgroundCtx
|
||||
}
|
20
vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.7.go
generated
vendored
Normal file
20
vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.7.go
generated
vendored
Normal file
|
@ -0,0 +1,20 @@
|
|||
// +build go1.7
|
||||
|
||||
package credentials
|
||||
|
||||
import "context"
|
||||
|
||||
// backgroundContext returns a context that will never be canceled, has no
|
||||
// values, and no deadline. This context is used by the SDK to provide
|
||||
// backwards compatibility with non-context API operations and functionality.
|
||||
//
|
||||
// Go 1.6 and before:
|
||||
// This context function is equivalent to context.Background in the Go stdlib.
|
||||
//
|
||||
// Go 1.7 and later:
|
||||
// The context returned will be the value returned by context.Background()
|
||||
//
|
||||
// See https://golang.org/pkg/context for more information on Contexts.
|
||||
func backgroundContext() Context {
|
||||
return context.Background()
|
||||
}
|
|
@ -0,0 +1,39 @@
|
|||
// +build !go1.9
|
||||
|
||||
package credentials
|
||||
|
||||
import "time"
|
||||
|
||||
// Context is an copy of the Go v1.7 stdlib's context.Context interface.
|
||||
// It is represented as a SDK interface to enable you to use the "WithContext"
|
||||
// API methods with Go v1.6 and a Context type such as golang.org/x/net/context.
|
||||
//
|
||||
// This type, aws.Context, and context.Context are equivalent.
|
||||
//
|
||||
// See https://golang.org/pkg/context on how to use contexts.
|
||||
type Context interface {
|
||||
// Deadline returns the time when work done on behalf of this context
|
||||
// should be canceled. Deadline returns ok==false when no deadline is
|
||||
// set. Successive calls to Deadline return the same results.
|
||||
Deadline() (deadline time.Time, ok bool)
|
||||
|
||||
// Done returns a channel that's closed when work done on behalf of this
|
||||
// context should be canceled. Done may return nil if this context can
|
||||
// never be canceled. Successive calls to Done return the same value.
|
||||
Done() <-chan struct{}
|
||||
|
||||
// Err returns a non-nil error value after Done is closed. Err returns
|
||||
// Canceled if the context was canceled or DeadlineExceeded if the
|
||||
// context's deadline passed. No other values for Err are defined.
|
||||
// After Done is closed, successive calls to Err return the same value.
|
||||
Err() error
|
||||
|
||||
// Value returns the value associated with this context for key, or nil
|
||||
// if no value is associated with key. Successive calls to Value with
|
||||
// the same key returns the same result.
|
||||
//
|
||||
// Use context values only for request-scoped data that transits
|
||||
// processes and API boundaries, not for passing optional parameters to
|
||||
// functions.
|
||||
Value(key interface{}) interface{}
|
||||
}
|
|
@ -0,0 +1,13 @@
|
|||
// +build go1.9
|
||||
|
||||
package credentials
|
||||
|
||||
import "context"
|
||||
|
||||
// Context is an alias of the Go stdlib's context.Context interface.
|
||||
// It can be used within the SDK's API operation "WithContext" methods.
|
||||
//
|
||||
// This type, aws.Context, and context.Context are equivalent.
|
||||
//
|
||||
// See https://golang.org/pkg/context on how to use contexts.
|
||||
type Context = context.Context
|
|
@ -50,9 +50,11 @@ package credentials
|
|||
|
||||
import (
|
||||
"fmt"
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"sync"
|
||||
"sync/atomic"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/internal/sync/singleflight"
|
||||
)
|
||||
|
||||
// AnonymousCredentials is an empty Credential object that can be used as
|
||||
|
@ -83,6 +85,12 @@ type Value struct {
|
|||
ProviderName string
|
||||
}
|
||||
|
||||
// HasKeys returns if the credentials Value has both AccessKeyID and
|
||||
// SecretAccessKey value set.
|
||||
func (v Value) HasKeys() bool {
|
||||
return len(v.AccessKeyID) != 0 && len(v.SecretAccessKey) != 0
|
||||
}
|
||||
|
||||
// A Provider is the interface for any component which will provide credentials
|
||||
// Value. A provider is required to manage its own Expired state, and what to
|
||||
// be expired means.
|
||||
|
@ -99,6 +107,13 @@ type Provider interface {
|
|||
IsExpired() bool
|
||||
}
|
||||
|
||||
// ProviderWithContext is a Provider that can retrieve credentials with a Context
|
||||
type ProviderWithContext interface {
|
||||
Provider
|
||||
|
||||
RetrieveWithContext(Context) (Value, error)
|
||||
}
|
||||
|
||||
// An Expirer is an interface that Providers can implement to expose the expiration
|
||||
// time, if known. If the Provider cannot accurately provide this info,
|
||||
// it should not implement this interface.
|
||||
|
@ -190,20 +205,68 @@ func (e *Expiry) ExpiresAt() time.Time {
|
|||
// first instance of the credentials Value. All calls to Get() after that
|
||||
// will return the cached credentials Value until IsExpired() returns true.
|
||||
type Credentials struct {
|
||||
creds Value
|
||||
forceRefresh bool
|
||||
|
||||
m sync.RWMutex
|
||||
creds atomic.Value
|
||||
sf singleflight.Group
|
||||
|
||||
provider Provider
|
||||
}
|
||||
|
||||
// NewCredentials returns a pointer to a new Credentials with the provider set.
|
||||
func NewCredentials(provider Provider) *Credentials {
|
||||
return &Credentials{
|
||||
c := &Credentials{
|
||||
provider: provider,
|
||||
forceRefresh: true,
|
||||
}
|
||||
c.creds.Store(Value{})
|
||||
return c
|
||||
}
|
||||
|
||||
// GetWithContext returns the credentials value, or error if the credentials
|
||||
// Value failed to be retrieved. Will return early if the passed in context is
|
||||
// canceled.
|
||||
//
|
||||
// Will return the cached credentials Value if it has not expired. If the
|
||||
// credentials Value has expired the Provider's Retrieve() will be called
|
||||
// to refresh the credentials.
|
||||
//
|
||||
// If Credentials.Expire() was called the credentials Value will be force
|
||||
// expired, and the next call to Get() will cause them to be refreshed.
|
||||
//
|
||||
// Passed in Context is equivalent to aws.Context, and context.Context.
|
||||
func (c *Credentials) GetWithContext(ctx Context) (Value, error) {
|
||||
if curCreds := c.creds.Load(); !c.isExpired(curCreds) {
|
||||
return curCreds.(Value), nil
|
||||
}
|
||||
|
||||
// Cannot pass context down to the actual retrieve, because the first
|
||||
// context would cancel the whole group when there is not direct
|
||||
// association of items in the group.
|
||||
resCh := c.sf.DoChan("", func() (interface{}, error) {
|
||||
return c.singleRetrieve(&suppressedContext{ctx})
|
||||
})
|
||||
select {
|
||||
case res := <-resCh:
|
||||
return res.Val.(Value), res.Err
|
||||
case <-ctx.Done():
|
||||
return Value{}, awserr.New("RequestCanceled",
|
||||
"request context canceled", ctx.Err())
|
||||
}
|
||||
}
|
||||
|
||||
func (c *Credentials) singleRetrieve(ctx Context) (creds interface{}, err error) {
|
||||
if curCreds := c.creds.Load(); !c.isExpired(curCreds) {
|
||||
return curCreds.(Value), nil
|
||||
}
|
||||
|
||||
if p, ok := c.provider.(ProviderWithContext); ok {
|
||||
creds, err = p.RetrieveWithContext(ctx)
|
||||
} else {
|
||||
creds, err = c.provider.Retrieve()
|
||||
}
|
||||
if err == nil {
|
||||
c.creds.Store(creds)
|
||||
}
|
||||
|
||||
return creds, err
|
||||
}
|
||||
|
||||
// Get returns the credentials value, or error if the credentials Value failed
|
||||
|
@ -216,30 +279,7 @@ func NewCredentials(provider Provider) *Credentials {
|
|||
// If Credentials.Expire() was called the credentials Value will be force
|
||||
// expired, and the next call to Get() will cause them to be refreshed.
|
||||
func (c *Credentials) Get() (Value, error) {
|
||||
// Check the cached credentials first with just the read lock.
|
||||
c.m.RLock()
|
||||
if !c.isExpired() {
|
||||
creds := c.creds
|
||||
c.m.RUnlock()
|
||||
return creds, nil
|
||||
}
|
||||
c.m.RUnlock()
|
||||
|
||||
// Credentials are expired need to retrieve the credentials taking the full
|
||||
// lock.
|
||||
c.m.Lock()
|
||||
defer c.m.Unlock()
|
||||
|
||||
if c.isExpired() {
|
||||
creds, err := c.provider.Retrieve()
|
||||
if err != nil {
|
||||
return Value{}, err
|
||||
}
|
||||
c.creds = creds
|
||||
c.forceRefresh = false
|
||||
}
|
||||
|
||||
return c.creds, nil
|
||||
return c.GetWithContext(backgroundContext())
|
||||
}
|
||||
|
||||
// Expire expires the credentials and forces them to be retrieved on the
|
||||
|
@ -248,10 +288,7 @@ func (c *Credentials) Get() (Value, error) {
|
|||
// This will override the Provider's expired state, and force Credentials
|
||||
// to call the Provider's Retrieve().
|
||||
func (c *Credentials) Expire() {
|
||||
c.m.Lock()
|
||||
defer c.m.Unlock()
|
||||
|
||||
c.forceRefresh = true
|
||||
c.creds.Store(Value{})
|
||||
}
|
||||
|
||||
// IsExpired returns if the credentials are no longer valid, and need
|
||||
|
@ -260,33 +297,43 @@ func (c *Credentials) Expire() {
|
|||
// If the Credentials were forced to be expired with Expire() this will
|
||||
// reflect that override.
|
||||
func (c *Credentials) IsExpired() bool {
|
||||
c.m.RLock()
|
||||
defer c.m.RUnlock()
|
||||
|
||||
return c.isExpired()
|
||||
return c.isExpired(c.creds.Load())
|
||||
}
|
||||
|
||||
// isExpired helper method wrapping the definition of expired credentials.
|
||||
func (c *Credentials) isExpired() bool {
|
||||
return c.forceRefresh || c.provider.IsExpired()
|
||||
func (c *Credentials) isExpired(creds interface{}) bool {
|
||||
return creds == nil || creds.(Value) == Value{} || c.provider.IsExpired()
|
||||
}
|
||||
|
||||
// ExpiresAt provides access to the functionality of the Expirer interface of
|
||||
// the underlying Provider, if it supports that interface. Otherwise, it returns
|
||||
// an error.
|
||||
func (c *Credentials) ExpiresAt() (time.Time, error) {
|
||||
c.m.RLock()
|
||||
defer c.m.RUnlock()
|
||||
|
||||
expirer, ok := c.provider.(Expirer)
|
||||
if !ok {
|
||||
return time.Time{}, awserr.New("ProviderNotExpirer",
|
||||
fmt.Sprintf("provider %s does not support ExpiresAt()", c.creds.ProviderName),
|
||||
fmt.Sprintf("provider %s does not support ExpiresAt()", c.creds.Load().(Value).ProviderName),
|
||||
nil)
|
||||
}
|
||||
if c.forceRefresh {
|
||||
if c.creds.Load().(Value) == (Value{}) {
|
||||
// set expiration time to the distant past
|
||||
return time.Time{}, nil
|
||||
}
|
||||
return expirer.ExpiresAt(), nil
|
||||
}
|
||||
|
||||
type suppressedContext struct {
|
||||
Context
|
||||
}
|
||||
|
||||
func (s *suppressedContext) Deadline() (deadline time.Time, ok bool) {
|
||||
return time.Time{}, false
|
||||
}
|
||||
|
||||
func (s *suppressedContext) Done() <-chan struct{} {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *suppressedContext) Err() error {
|
||||
return nil
|
||||
}
|
||||
|
|
26
vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/ec2_role_provider.go
generated
vendored
26
vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/ec2_role_provider.go
generated
vendored
|
@ -7,10 +7,12 @@ import (
|
|||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/client"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials"
|
||||
"github.com/aws/aws-sdk-go/aws/ec2metadata"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
"github.com/aws/aws-sdk-go/internal/sdkuri"
|
||||
)
|
||||
|
||||
|
@ -86,7 +88,14 @@ func NewCredentialsWithClient(client *ec2metadata.EC2Metadata, options ...func(*
|
|||
// Error will be returned if the request fails, or unable to extract
|
||||
// the desired credentials.
|
||||
func (m *EC2RoleProvider) Retrieve() (credentials.Value, error) {
|
||||
credsList, err := requestCredList(m.Client)
|
||||
return m.RetrieveWithContext(aws.BackgroundContext())
|
||||
}
|
||||
|
||||
// RetrieveWithContext retrieves credentials from the EC2 service.
|
||||
// Error will be returned if the request fails, or unable to extract
|
||||
// the desired credentials.
|
||||
func (m *EC2RoleProvider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) {
|
||||
credsList, err := requestCredList(ctx, m.Client)
|
||||
if err != nil {
|
||||
return credentials.Value{ProviderName: ProviderName}, err
|
||||
}
|
||||
|
@ -96,7 +105,7 @@ func (m *EC2RoleProvider) Retrieve() (credentials.Value, error) {
|
|||
}
|
||||
credsName := credsList[0]
|
||||
|
||||
roleCreds, err := requestCred(m.Client, credsName)
|
||||
roleCreds, err := requestCred(ctx, m.Client, credsName)
|
||||
if err != nil {
|
||||
return credentials.Value{ProviderName: ProviderName}, err
|
||||
}
|
||||
|
@ -129,8 +138,8 @@ const iamSecurityCredsPath = "iam/security-credentials/"
|
|||
|
||||
// requestCredList requests a list of credentials from the EC2 service.
|
||||
// If there are no credentials, or there is an error making or receiving the request
|
||||
func requestCredList(client *ec2metadata.EC2Metadata) ([]string, error) {
|
||||
resp, err := client.GetMetadata(iamSecurityCredsPath)
|
||||
func requestCredList(ctx aws.Context, client *ec2metadata.EC2Metadata) ([]string, error) {
|
||||
resp, err := client.GetMetadataWithContext(ctx, iamSecurityCredsPath)
|
||||
if err != nil {
|
||||
return nil, awserr.New("EC2RoleRequestError", "no EC2 instance role found", err)
|
||||
}
|
||||
|
@ -142,7 +151,8 @@ func requestCredList(client *ec2metadata.EC2Metadata) ([]string, error) {
|
|||
}
|
||||
|
||||
if err := s.Err(); err != nil {
|
||||
return nil, awserr.New("SerializationError", "failed to read EC2 instance role from metadata service", err)
|
||||
return nil, awserr.New(request.ErrCodeSerialization,
|
||||
"failed to read EC2 instance role from metadata service", err)
|
||||
}
|
||||
|
||||
return credsList, nil
|
||||
|
@ -152,8 +162,8 @@ func requestCredList(client *ec2metadata.EC2Metadata) ([]string, error) {
|
|||
//
|
||||
// If the credentials cannot be found, or there is an error reading the response
|
||||
// and error will be returned.
|
||||
func requestCred(client *ec2metadata.EC2Metadata, credsName string) (ec2RoleCredRespBody, error) {
|
||||
resp, err := client.GetMetadata(sdkuri.PathJoin(iamSecurityCredsPath, credsName))
|
||||
func requestCred(ctx aws.Context, client *ec2metadata.EC2Metadata, credsName string) (ec2RoleCredRespBody, error) {
|
||||
resp, err := client.GetMetadataWithContext(ctx, sdkuri.PathJoin(iamSecurityCredsPath, credsName))
|
||||
if err != nil {
|
||||
return ec2RoleCredRespBody{},
|
||||
awserr.New("EC2RoleRequestError",
|
||||
|
@ -164,7 +174,7 @@ func requestCred(client *ec2metadata.EC2Metadata, credsName string) (ec2RoleCred
|
|||
respCreds := ec2RoleCredRespBody{}
|
||||
if err := json.NewDecoder(strings.NewReader(resp)).Decode(&respCreds); err != nil {
|
||||
return ec2RoleCredRespBody{},
|
||||
awserr.New("SerializationError",
|
||||
awserr.New(request.ErrCodeSerialization,
|
||||
fmt.Sprintf("failed to decode %s EC2 instance role credentials", credsName),
|
||||
err)
|
||||
}
|
||||
|
|
|
@ -39,6 +39,7 @@ import (
|
|||
"github.com/aws/aws-sdk-go/aws/client/metadata"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
"github.com/aws/aws-sdk-go/private/protocol/json/jsonutil"
|
||||
)
|
||||
|
||||
// ProviderName is the name of the credentials provider.
|
||||
|
@ -97,8 +98,8 @@ func NewProviderClient(cfg aws.Config, handlers request.Handlers, endpoint strin
|
|||
return p
|
||||
}
|
||||
|
||||
// NewCredentialsClient returns a Credentials wrapper for retrieving credentials
|
||||
// from an arbitrary endpoint concurrently. The client will request the
|
||||
// NewCredentialsClient returns a pointer to a new Credentials object
|
||||
// wrapping the endpoint credentials Provider.
|
||||
func NewCredentialsClient(cfg aws.Config, handlers request.Handlers, endpoint string, options ...func(*Provider)) *credentials.Credentials {
|
||||
return credentials.NewCredentials(NewProviderClient(cfg, handlers, endpoint, options...))
|
||||
}
|
||||
|
@ -115,7 +116,13 @@ func (p *Provider) IsExpired() bool {
|
|||
// Retrieve will attempt to request the credentials from the endpoint the Provider
|
||||
// was configured for. And error will be returned if the retrieval fails.
|
||||
func (p *Provider) Retrieve() (credentials.Value, error) {
|
||||
resp, err := p.getCredentials()
|
||||
return p.RetrieveWithContext(aws.BackgroundContext())
|
||||
}
|
||||
|
||||
// RetrieveWithContext will attempt to request the credentials from the endpoint the Provider
|
||||
// was configured for. And error will be returned if the retrieval fails.
|
||||
func (p *Provider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) {
|
||||
resp, err := p.getCredentials(ctx)
|
||||
if err != nil {
|
||||
return credentials.Value{ProviderName: ProviderName},
|
||||
awserr.New("CredentialsEndpointError", "failed to load credentials", err)
|
||||
|
@ -147,7 +154,7 @@ type errorOutput struct {
|
|||
Message string `json:"message"`
|
||||
}
|
||||
|
||||
func (p *Provider) getCredentials() (*getCredentialsOutput, error) {
|
||||
func (p *Provider) getCredentials(ctx aws.Context) (*getCredentialsOutput, error) {
|
||||
op := &request.Operation{
|
||||
Name: "GetCredentials",
|
||||
HTTPMethod: "GET",
|
||||
|
@ -155,6 +162,7 @@ func (p *Provider) getCredentials() (*getCredentialsOutput, error) {
|
|||
|
||||
out := &getCredentialsOutput{}
|
||||
req := p.Client.NewRequest(op, nil, out)
|
||||
req.SetContext(ctx)
|
||||
req.HTTPRequest.Header.Set("Accept", "application/json")
|
||||
if authToken := p.AuthorizationToken; len(authToken) != 0 {
|
||||
req.HTTPRequest.Header.Set("Authorization", authToken)
|
||||
|
@ -174,7 +182,7 @@ func unmarshalHandler(r *request.Request) {
|
|||
|
||||
out := r.Data.(*getCredentialsOutput)
|
||||
if err := json.NewDecoder(r.HTTPResponse.Body).Decode(&out); err != nil {
|
||||
r.Error = awserr.New("SerializationError",
|
||||
r.Error = awserr.New(request.ErrCodeSerialization,
|
||||
"failed to decode endpoint credentials",
|
||||
err,
|
||||
)
|
||||
|
@ -185,11 +193,15 @@ func unmarshalError(r *request.Request) {
|
|||
defer r.HTTPResponse.Body.Close()
|
||||
|
||||
var errOut errorOutput
|
||||
if err := json.NewDecoder(r.HTTPResponse.Body).Decode(&errOut); err != nil {
|
||||
r.Error = awserr.New("SerializationError",
|
||||
"failed to decode endpoint credentials",
|
||||
err,
|
||||
err := jsonutil.UnmarshalJSONError(&errOut, r.HTTPResponse.Body)
|
||||
if err != nil {
|
||||
r.Error = awserr.NewRequestFailure(
|
||||
awserr.New(request.ErrCodeSerialization,
|
||||
"failed to decode error message", err),
|
||||
r.HTTPResponse.StatusCode,
|
||||
r.RequestID,
|
||||
)
|
||||
return
|
||||
}
|
||||
|
||||
// Response body format is not consistent between metadata endpoints.
|
||||
|
|
|
@ -90,6 +90,7 @@ import (
|
|||
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials"
|
||||
"github.com/aws/aws-sdk-go/internal/sdkio"
|
||||
)
|
||||
|
||||
const (
|
||||
|
@ -142,7 +143,7 @@ const (
|
|||
|
||||
// DefaultBufSize limits buffer size from growing to an enormous
|
||||
// amount due to a faulty process.
|
||||
DefaultBufSize = 1024
|
||||
DefaultBufSize = int(8 * sdkio.KibiByte)
|
||||
|
||||
// DefaultTimeout default limit on time a process can run.
|
||||
DefaultTimeout = time.Duration(1) * time.Minute
|
||||
|
|
5
vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go
generated
vendored
5
vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go
generated
vendored
|
@ -17,8 +17,9 @@ var (
|
|||
ErrSharedCredentialsHomeNotFound = awserr.New("UserHomeNotFound", "user home directory not found.", nil)
|
||||
)
|
||||
|
||||
// A SharedCredentialsProvider retrieves credentials from the current user's home
|
||||
// directory, and keeps track if those credentials are expired.
|
||||
// A SharedCredentialsProvider retrieves access key pair (access key ID,
|
||||
// secret access key, and session token if present) credentials from the current
|
||||
// user's home directory, and keeps track if those credentials are expired.
|
||||
//
|
||||
// Profile ini file example: $HOME/.aws/credentials
|
||||
type SharedCredentialsProvider struct {
|
||||
|
|
|
@ -19,7 +19,9 @@ type StaticProvider struct {
|
|||
}
|
||||
|
||||
// NewStaticCredentials returns a pointer to a new Credentials object
|
||||
// wrapping a static credentials value provider.
|
||||
// wrapping a static credentials value provider. Token is only required
|
||||
// for temporary security credentials retrieved via STS, otherwise an empty
|
||||
// string can be passed for this parameter.
|
||||
func NewStaticCredentials(id, secret, token string) *Credentials {
|
||||
return NewCredentials(&StaticProvider{Value: Value{
|
||||
AccessKeyID: id,
|
||||
|
|
73
vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go
generated
vendored
73
vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go
generated
vendored
|
@ -80,16 +80,19 @@ package stscreds
|
|||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/client"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
"github.com/aws/aws-sdk-go/internal/sdkrand"
|
||||
"github.com/aws/aws-sdk-go/service/sts"
|
||||
)
|
||||
|
||||
// StdinTokenProvider will prompt on stdout and read from stdin for a string value.
|
||||
// StdinTokenProvider will prompt on stderr and read from stdin for a string value.
|
||||
// An error is returned if reading from stdin fails.
|
||||
//
|
||||
// Use this function go read MFA tokens from stdin. The function makes no attempt
|
||||
|
@ -102,7 +105,7 @@ import (
|
|||
// Will wait forever until something is provided on the stdin.
|
||||
func StdinTokenProvider() (string, error) {
|
||||
var v string
|
||||
fmt.Printf("Assume Role MFA token code: ")
|
||||
fmt.Fprintf(os.Stderr, "Assume Role MFA token code: ")
|
||||
_, err := fmt.Scanln(&v)
|
||||
|
||||
return v, err
|
||||
|
@ -116,6 +119,10 @@ type AssumeRoler interface {
|
|||
AssumeRole(input *sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error)
|
||||
}
|
||||
|
||||
type assumeRolerWithContext interface {
|
||||
AssumeRoleWithContext(aws.Context, *sts.AssumeRoleInput, ...request.Option) (*sts.AssumeRoleOutput, error)
|
||||
}
|
||||
|
||||
// DefaultDuration is the default amount of time in minutes that the credentials
|
||||
// will be valid for.
|
||||
var DefaultDuration = time.Duration(15) * time.Minute
|
||||
|
@ -142,6 +149,13 @@ type AssumeRoleProvider struct {
|
|||
// Session name, if you wish to reuse the credentials elsewhere.
|
||||
RoleSessionName string
|
||||
|
||||
// Optional, you can pass tag key-value pairs to your session. These tags are called session tags.
|
||||
Tags []*sts.Tag
|
||||
|
||||
// A list of keys for session tags that you want to set as transitive.
|
||||
// If you set a tag key as transitive, the corresponding key and value passes to subsequent sessions in a role chain.
|
||||
TransitiveTagKeys []*string
|
||||
|
||||
// Expiry duration of the STS credentials. Defaults to 15 minutes if not set.
|
||||
Duration time.Duration
|
||||
|
||||
|
@ -155,6 +169,29 @@ type AssumeRoleProvider struct {
|
|||
// size.
|
||||
Policy *string
|
||||
|
||||
// The ARNs of IAM managed policies you want to use as managed session policies.
|
||||
// The policies must exist in the same account as the role.
|
||||
//
|
||||
// This parameter is optional. You can provide up to 10 managed policy ARNs.
|
||||
// However, the plain text that you use for both inline and managed session
|
||||
// policies can't exceed 2,048 characters.
|
||||
//
|
||||
// An AWS conversion compresses the passed session policies and session tags
|
||||
// into a packed binary format that has a separate limit. Your request can fail
|
||||
// for this limit even if your plain text meets the other requirements. The
|
||||
// PackedPolicySize response element indicates by percentage how close the policies
|
||||
// and tags for your request are to the upper size limit.
|
||||
//
|
||||
// Passing policies to this operation returns new temporary credentials. The
|
||||
// resulting session's permissions are the intersection of the role's identity-based
|
||||
// policy and the session policies. You can use the role's temporary credentials
|
||||
// in subsequent AWS API calls to access resources in the account that owns
|
||||
// the role. You cannot use session policies to grant more permissions than
|
||||
// those allowed by the identity-based policy of the role that is being assumed.
|
||||
// For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
|
||||
// in the IAM User Guide.
|
||||
PolicyArns []*sts.PolicyDescriptorType
|
||||
|
||||
// The identification number of the MFA device that is associated with the user
|
||||
// who is making the AssumeRole call. Specify this value if the trust policy
|
||||
// of the role being assumed includes a condition that requires MFA authentication.
|
||||
|
@ -193,6 +230,18 @@ type AssumeRoleProvider struct {
|
|||
//
|
||||
// If ExpiryWindow is 0 or less it will be ignored.
|
||||
ExpiryWindow time.Duration
|
||||
|
||||
// MaxJitterFrac reduces the effective Duration of each credential requested
|
||||
// by a random percentage between 0 and MaxJitterFraction. MaxJitterFrac must
|
||||
// have a value between 0 and 1. Any other value may lead to expected behavior.
|
||||
// With a MaxJitterFrac value of 0, default) will no jitter will be used.
|
||||
//
|
||||
// For example, with a Duration of 30m and a MaxJitterFrac of 0.1, the
|
||||
// AssumeRole call will be made with an arbitrary Duration between 27m and
|
||||
// 30m.
|
||||
//
|
||||
// MaxJitterFrac should not be negative.
|
||||
MaxJitterFrac float64
|
||||
}
|
||||
|
||||
// NewCredentials returns a pointer to a new Credentials object wrapping the
|
||||
|
@ -244,7 +293,11 @@ func NewCredentialsWithClient(svc AssumeRoler, roleARN string, options ...func(*
|
|||
|
||||
// Retrieve generates a new set of temporary credentials using STS.
|
||||
func (p *AssumeRoleProvider) Retrieve() (credentials.Value, error) {
|
||||
return p.RetrieveWithContext(aws.BackgroundContext())
|
||||
}
|
||||
|
||||
// RetrieveWithContext generates a new set of temporary credentials using STS.
|
||||
func (p *AssumeRoleProvider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) {
|
||||
// Apply defaults where parameters are not set.
|
||||
if p.RoleSessionName == "" {
|
||||
// Try to work out a role name that will hopefully end up unique.
|
||||
|
@ -254,11 +307,15 @@ func (p *AssumeRoleProvider) Retrieve() (credentials.Value, error) {
|
|||
// Expire as often as AWS permits.
|
||||
p.Duration = DefaultDuration
|
||||
}
|
||||
jitter := time.Duration(sdkrand.SeededRand.Float64() * p.MaxJitterFrac * float64(p.Duration))
|
||||
input := &sts.AssumeRoleInput{
|
||||
DurationSeconds: aws.Int64(int64(p.Duration / time.Second)),
|
||||
DurationSeconds: aws.Int64(int64((p.Duration - jitter) / time.Second)),
|
||||
RoleArn: aws.String(p.RoleARN),
|
||||
RoleSessionName: aws.String(p.RoleSessionName),
|
||||
ExternalId: p.ExternalID,
|
||||
Tags: p.Tags,
|
||||
PolicyArns: p.PolicyArns,
|
||||
TransitiveTagKeys: p.TransitiveTagKeys,
|
||||
}
|
||||
if p.Policy != nil {
|
||||
input.Policy = p.Policy
|
||||
|
@ -281,7 +338,15 @@ func (p *AssumeRoleProvider) Retrieve() (credentials.Value, error) {
|
|||
}
|
||||
}
|
||||
|
||||
roleOutput, err := p.Client.AssumeRole(input)
|
||||
var roleOutput *sts.AssumeRoleOutput
|
||||
var err error
|
||||
|
||||
if c, ok := p.Client.(assumeRolerWithContext); ok {
|
||||
roleOutput, err = c.AssumeRoleWithContext(ctx, input)
|
||||
} else {
|
||||
roleOutput, err = p.Client.AssumeRole(input)
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
return credentials.Value{ProviderName: ProviderName}, err
|
||||
}
|
||||
|
|
154
vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go
generated
vendored
Normal file
154
vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go
generated
vendored
Normal file
|
@ -0,0 +1,154 @@
|
|||
package stscreds
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"strconv"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/client"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials"
|
||||
"github.com/aws/aws-sdk-go/service/sts"
|
||||
"github.com/aws/aws-sdk-go/service/sts/stsiface"
|
||||
)
|
||||
|
||||
const (
|
||||
// ErrCodeWebIdentity will be used as an error code when constructing
|
||||
// a new error to be returned during session creation or retrieval.
|
||||
ErrCodeWebIdentity = "WebIdentityErr"
|
||||
|
||||
// WebIdentityProviderName is the web identity provider name
|
||||
WebIdentityProviderName = "WebIdentityCredentials"
|
||||
)
|
||||
|
||||
// now is used to return a time.Time object representing
|
||||
// the current time. This can be used to easily test and
|
||||
// compare test values.
|
||||
var now = time.Now
|
||||
|
||||
// TokenFetcher shuold return WebIdentity token bytes or an error
|
||||
type TokenFetcher interface {
|
||||
FetchToken(credentials.Context) ([]byte, error)
|
||||
}
|
||||
|
||||
// FetchTokenPath is a path to a WebIdentity token file
|
||||
type FetchTokenPath string
|
||||
|
||||
// FetchToken returns a token by reading from the filesystem
|
||||
func (f FetchTokenPath) FetchToken(ctx credentials.Context) ([]byte, error) {
|
||||
data, err := ioutil.ReadFile(string(f))
|
||||
if err != nil {
|
||||
errMsg := fmt.Sprintf("unable to read file at %s", f)
|
||||
return nil, awserr.New(ErrCodeWebIdentity, errMsg, err)
|
||||
}
|
||||
return data, nil
|
||||
}
|
||||
|
||||
// WebIdentityRoleProvider is used to retrieve credentials using
|
||||
// an OIDC token.
|
||||
type WebIdentityRoleProvider struct {
|
||||
credentials.Expiry
|
||||
PolicyArns []*sts.PolicyDescriptorType
|
||||
|
||||
// Duration the STS credentials will be valid for. Truncated to seconds.
|
||||
// If unset, the assumed role will use AssumeRoleWithWebIdentity's default
|
||||
// expiry duration. See
|
||||
// https://docs.aws.amazon.com/sdk-for-go/api/service/sts/#STS.AssumeRoleWithWebIdentity
|
||||
// for more information.
|
||||
Duration time.Duration
|
||||
|
||||
// The amount of time the credentials will be refreshed before they expire.
|
||||
// This is useful refresh credentials before they expire to reduce risk of
|
||||
// using credentials as they expire. If unset, will default to no expiry
|
||||
// window.
|
||||
ExpiryWindow time.Duration
|
||||
|
||||
client stsiface.STSAPI
|
||||
|
||||
tokenFetcher TokenFetcher
|
||||
roleARN string
|
||||
roleSessionName string
|
||||
}
|
||||
|
||||
// NewWebIdentityCredentials will return a new set of credentials with a given
|
||||
// configuration, role arn, and token file path.
|
||||
func NewWebIdentityCredentials(c client.ConfigProvider, roleARN, roleSessionName, path string) *credentials.Credentials {
|
||||
svc := sts.New(c)
|
||||
p := NewWebIdentityRoleProvider(svc, roleARN, roleSessionName, path)
|
||||
return credentials.NewCredentials(p)
|
||||
}
|
||||
|
||||
// NewWebIdentityRoleProvider will return a new WebIdentityRoleProvider with the
|
||||
// provided stsiface.STSAPI
|
||||
func NewWebIdentityRoleProvider(svc stsiface.STSAPI, roleARN, roleSessionName, path string) *WebIdentityRoleProvider {
|
||||
return NewWebIdentityRoleProviderWithToken(svc, roleARN, roleSessionName, FetchTokenPath(path))
|
||||
}
|
||||
|
||||
// NewWebIdentityRoleProviderWithToken will return a new WebIdentityRoleProvider with the
|
||||
// provided stsiface.STSAPI and a TokenFetcher
|
||||
func NewWebIdentityRoleProviderWithToken(svc stsiface.STSAPI, roleARN, roleSessionName string, tokenFetcher TokenFetcher) *WebIdentityRoleProvider {
|
||||
return &WebIdentityRoleProvider{
|
||||
client: svc,
|
||||
tokenFetcher: tokenFetcher,
|
||||
roleARN: roleARN,
|
||||
roleSessionName: roleSessionName,
|
||||
}
|
||||
}
|
||||
|
||||
// Retrieve will attempt to assume a role from a token which is located at
|
||||
// 'WebIdentityTokenFilePath' specified destination and if that is empty an
|
||||
// error will be returned.
|
||||
func (p *WebIdentityRoleProvider) Retrieve() (credentials.Value, error) {
|
||||
return p.RetrieveWithContext(aws.BackgroundContext())
|
||||
}
|
||||
|
||||
// RetrieveWithContext will attempt to assume a role from a token which is located at
|
||||
// 'WebIdentityTokenFilePath' specified destination and if that is empty an
|
||||
// error will be returned.
|
||||
func (p *WebIdentityRoleProvider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) {
|
||||
b, err := p.tokenFetcher.FetchToken(ctx)
|
||||
if err != nil {
|
||||
return credentials.Value{}, awserr.New(ErrCodeWebIdentity, "failed fetching WebIdentity token: ", err)
|
||||
}
|
||||
|
||||
sessionName := p.roleSessionName
|
||||
if len(sessionName) == 0 {
|
||||
// session name is used to uniquely identify a session. This simply
|
||||
// uses unix time in nanoseconds to uniquely identify sessions.
|
||||
sessionName = strconv.FormatInt(now().UnixNano(), 10)
|
||||
}
|
||||
|
||||
var duration *int64
|
||||
if p.Duration != 0 {
|
||||
duration = aws.Int64(int64(p.Duration / time.Second))
|
||||
}
|
||||
|
||||
req, resp := p.client.AssumeRoleWithWebIdentityRequest(&sts.AssumeRoleWithWebIdentityInput{
|
||||
PolicyArns: p.PolicyArns,
|
||||
RoleArn: &p.roleARN,
|
||||
RoleSessionName: &sessionName,
|
||||
WebIdentityToken: aws.String(string(b)),
|
||||
DurationSeconds: duration,
|
||||
})
|
||||
|
||||
req.SetContext(ctx)
|
||||
|
||||
// InvalidIdentityToken error is a temporary error that can occur
|
||||
// when assuming an Role with a JWT web identity token.
|
||||
req.RetryErrorCodes = append(req.RetryErrorCodes, sts.ErrCodeInvalidIdentityTokenException)
|
||||
if err := req.Send(); err != nil {
|
||||
return credentials.Value{}, awserr.New(ErrCodeWebIdentity, "failed to retrieve credentials", err)
|
||||
}
|
||||
|
||||
p.SetExpiration(aws.TimeValue(resp.Credentials.Expiration), p.ExpiryWindow)
|
||||
|
||||
value := credentials.Value{
|
||||
AccessKeyID: aws.StringValue(resp.Credentials.AccessKeyId),
|
||||
SecretAccessKey: aws.StringValue(resp.Credentials.SecretAccessKey),
|
||||
SessionToken: aws.StringValue(resp.Credentials.SessionToken),
|
||||
ProviderName: WebIdentityProviderName,
|
||||
}
|
||||
return value, nil
|
||||
}
|
|
@ -1,30 +1,61 @@
|
|||
// Package csm provides Client Side Monitoring (CSM) which enables sending metrics
|
||||
// via UDP connection. Using the Start function will enable the reporting of
|
||||
// metrics on a given port. If Start is called, with different parameters, again,
|
||||
// a panic will occur.
|
||||
// Package csm provides the Client Side Monitoring (CSM) client which enables
|
||||
// sending metrics via UDP connection to the CSM agent. This package provides
|
||||
// control options, and configuration for the CSM client. The client can be
|
||||
// controlled manually, or automatically via the SDK's Session configuration.
|
||||
//
|
||||
// Pause can be called to pause any metrics publishing on a given port. Sessions
|
||||
// that have had their handlers modified via InjectHandlers may still be used.
|
||||
// However, the handlers will act as a no-op meaning no metrics will be published.
|
||||
// Enabling CSM client via SDK's Session configuration
|
||||
//
|
||||
// The CSM client can be enabled automatically via SDK's Session configuration.
|
||||
// The SDK's session configuration enables the CSM client if the AWS_CSM_PORT
|
||||
// environment variable is set to a non-empty value.
|
||||
//
|
||||
// The configuration options for the CSM client via the SDK's session
|
||||
// configuration are:
|
||||
//
|
||||
// * AWS_CSM_PORT=<port number>
|
||||
// The port number the CSM agent will receive metrics on.
|
||||
//
|
||||
// * AWS_CSM_HOST=<hostname or ip>
|
||||
// The hostname, or IP address the CSM agent will receive metrics on.
|
||||
// Without port number.
|
||||
//
|
||||
// Manually enabling the CSM client
|
||||
//
|
||||
// The CSM client can be started, paused, and resumed manually. The Start
|
||||
// function will enable the CSM client to publish metrics to the CSM agent. It
|
||||
// is safe to call Start concurrently, but if Start is called additional times
|
||||
// with different ClientID or address it will panic.
|
||||
//
|
||||
// Example:
|
||||
// r, err := csm.Start("clientID", ":31000")
|
||||
// if err != nil {
|
||||
// panic(fmt.Errorf("failed starting CSM: %v", err))
|
||||
// }
|
||||
//
|
||||
// When controlling the CSM client manually, you must also inject its request
|
||||
// handlers into the SDK's Session configuration for the SDK's API clients to
|
||||
// publish metrics.
|
||||
//
|
||||
// sess, err := session.NewSession(&aws.Config{})
|
||||
// if err != nil {
|
||||
// panic(fmt.Errorf("failed loading session: %v", err))
|
||||
// }
|
||||
//
|
||||
// // Add CSM client's metric publishing request handlers to the SDK's
|
||||
// // Session Configuration.
|
||||
// r.InjectHandlers(&sess.Handlers)
|
||||
//
|
||||
// client := s3.New(sess)
|
||||
// resp, err := client.GetObject(&s3.GetObjectInput{
|
||||
// Bucket: aws.String("bucket"),
|
||||
// Key: aws.String("key"),
|
||||
// })
|
||||
// Controlling CSM client
|
||||
//
|
||||
// Once the CSM client has been enabled the Get function will return a Reporter
|
||||
// value that you can use to pause and resume the metrics published to the CSM
|
||||
// agent. If Get function is called before the reporter is enabled with the
|
||||
// Start function or via SDK's Session configuration nil will be returned.
|
||||
//
|
||||
// The Pause method can be called to stop the CSM client publishing metrics to
|
||||
// the CSM agent. The Continue method will resume metric publishing.
|
||||
//
|
||||
// // Get the CSM client Reporter.
|
||||
// r := csm.Get()
|
||||
//
|
||||
// // Will pause monitoring
|
||||
// r.Pause()
|
||||
|
@ -35,12 +66,4 @@
|
|||
//
|
||||
// // Resume monitoring
|
||||
// r.Continue()
|
||||
//
|
||||
// Start returns a Reporter that is used to enable or disable monitoring. If
|
||||
// access to the Reporter is required later, calling Get will return the Reporter
|
||||
// singleton.
|
||||
//
|
||||
// Example:
|
||||
// r := csm.Get()
|
||||
// r.Continue()
|
||||
package csm
|
||||
|
|
|
@ -2,6 +2,7 @@ package csm
|
|||
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
"sync"
|
||||
)
|
||||
|
||||
|
@ -9,19 +10,40 @@ var (
|
|||
lock sync.Mutex
|
||||
)
|
||||
|
||||
// Client side metric handler names
|
||||
const (
|
||||
APICallMetricHandlerName = "awscsm.SendAPICallMetric"
|
||||
APICallAttemptMetricHandlerName = "awscsm.SendAPICallAttemptMetric"
|
||||
// DefaultPort is used when no port is specified.
|
||||
DefaultPort = "31000"
|
||||
|
||||
// DefaultHost is the host that will be used when none is specified.
|
||||
DefaultHost = "127.0.0.1"
|
||||
)
|
||||
|
||||
// Start will start the a long running go routine to capture
|
||||
// AddressWithDefaults returns a CSM address built from the host and port
|
||||
// values. If the host or port is not set, default values will be used
|
||||
// instead. If host is "localhost" it will be replaced with "127.0.0.1".
|
||||
func AddressWithDefaults(host, port string) string {
|
||||
if len(host) == 0 || strings.EqualFold(host, "localhost") {
|
||||
host = DefaultHost
|
||||
}
|
||||
|
||||
if len(port) == 0 {
|
||||
port = DefaultPort
|
||||
}
|
||||
|
||||
// Only IP6 host can contain a colon
|
||||
if strings.Contains(host, ":") {
|
||||
return "[" + host + "]:" + port
|
||||
}
|
||||
|
||||
return host + ":" + port
|
||||
}
|
||||
|
||||
// Start will start a long running go routine to capture
|
||||
// client side metrics. Calling start multiple time will only
|
||||
// start the metric listener once and will panic if a different
|
||||
// client ID or port is passed in.
|
||||
//
|
||||
// Example:
|
||||
// r, err := csm.Start("clientID", "127.0.0.1:8094")
|
||||
// r, err := csm.Start("clientID", "127.0.0.1:31000")
|
||||
// if err != nil {
|
||||
// panic(fmt.Errorf("expected no error, but received %v", err))
|
||||
// }
|
||||
|
|
|
@ -16,25 +16,26 @@ var (
|
|||
|
||||
type metricChan struct {
|
||||
ch chan metric
|
||||
paused int64
|
||||
paused *int64
|
||||
}
|
||||
|
||||
func newMetricChan(size int) metricChan {
|
||||
return metricChan{
|
||||
ch: make(chan metric, size),
|
||||
paused: new(int64),
|
||||
}
|
||||
}
|
||||
|
||||
func (ch *metricChan) Pause() {
|
||||
atomic.StoreInt64(&ch.paused, pausedEnum)
|
||||
atomic.StoreInt64(ch.paused, pausedEnum)
|
||||
}
|
||||
|
||||
func (ch *metricChan) Continue() {
|
||||
atomic.StoreInt64(&ch.paused, runningEnum)
|
||||
atomic.StoreInt64(ch.paused, runningEnum)
|
||||
}
|
||||
|
||||
func (ch *metricChan) IsPaused() bool {
|
||||
v := atomic.LoadInt64(&ch.paused)
|
||||
v := atomic.LoadInt64(ch.paused)
|
||||
return v == pausedEnum
|
||||
}
|
||||
|
||||
|
|
|
@ -10,11 +10,6 @@ import (
|
|||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
)
|
||||
|
||||
const (
|
||||
// DefaultPort is used when no port is specified
|
||||
DefaultPort = "31000"
|
||||
)
|
||||
|
||||
// Reporter will gather metrics of API requests made and
|
||||
// send those metrics to the CSM endpoint.
|
||||
type Reporter struct {
|
||||
|
@ -71,7 +66,6 @@ func (rep *Reporter) sendAPICallAttemptMetric(r *request.Request) {
|
|||
|
||||
XAmzRequestID: aws.String(r.RequestID),
|
||||
|
||||
AttemptCount: aws.Int(r.RetryCount + 1),
|
||||
AttemptLatency: aws.Int(int(now.Sub(r.AttemptTime).Nanoseconds() / int64(time.Millisecond))),
|
||||
AccessKey: aws.String(creds.AccessKeyID),
|
||||
}
|
||||
|
@ -95,8 +89,8 @@ func getMetricException(err awserr.Error) metricException {
|
|||
code := err.Code()
|
||||
|
||||
switch code {
|
||||
case "RequestError",
|
||||
"SerializationError",
|
||||
case request.ErrCodeRequestError,
|
||||
request.ErrCodeSerialization,
|
||||
request.CanceledErrorCode:
|
||||
return sdkException{
|
||||
requestException{exception: code, message: msg},
|
||||
|
@ -123,7 +117,7 @@ func (rep *Reporter) sendAPICallMetric(r *request.Request) {
|
|||
Type: aws.String("ApiCall"),
|
||||
AttemptCount: aws.Int(r.RetryCount + 1),
|
||||
Region: r.Config.Region,
|
||||
Latency: aws.Int(int(time.Now().Sub(r.Time) / time.Millisecond)),
|
||||
Latency: aws.Int(int(time.Since(r.Time) / time.Millisecond)),
|
||||
XAmzRequestID: aws.String(r.RequestID),
|
||||
MaxRetriesExceeded: aws.Int(boolIntValue(r.RetryCount >= r.MaxRetries())),
|
||||
}
|
||||
|
@ -190,8 +184,9 @@ func (rep *Reporter) start() {
|
|||
}
|
||||
}
|
||||
|
||||
// Pause will pause the metric channel preventing any new metrics from
|
||||
// being added.
|
||||
// Pause will pause the metric channel preventing any new metrics from being
|
||||
// added. It is safe to call concurrently with other calls to Pause, but if
|
||||
// called concurently with Continue can lead to unexpected state.
|
||||
func (rep *Reporter) Pause() {
|
||||
lock.Lock()
|
||||
defer lock.Unlock()
|
||||
|
@ -203,8 +198,9 @@ func (rep *Reporter) Pause() {
|
|||
rep.close()
|
||||
}
|
||||
|
||||
// Continue will reopen the metric channel and allow for monitoring
|
||||
// to be resumed.
|
||||
// Continue will reopen the metric channel and allow for monitoring to be
|
||||
// resumed. It is safe to call concurrently with other calls to Continue, but
|
||||
// if called concurently with Pause can lead to unexpected state.
|
||||
func (rep *Reporter) Continue() {
|
||||
lock.Lock()
|
||||
defer lock.Unlock()
|
||||
|
@ -219,10 +215,18 @@ func (rep *Reporter) Continue() {
|
|||
rep.metricsCh.Continue()
|
||||
}
|
||||
|
||||
// Client side metric handler names
|
||||
const (
|
||||
APICallMetricHandlerName = "awscsm.SendAPICallMetric"
|
||||
APICallAttemptMetricHandlerName = "awscsm.SendAPICallAttemptMetric"
|
||||
)
|
||||
|
||||
// InjectHandlers will will enable client side metrics and inject the proper
|
||||
// handlers to handle how metrics are sent.
|
||||
//
|
||||
// Example:
|
||||
// InjectHandlers is NOT safe to call concurrently. Calling InjectHandlers
|
||||
// multiple times may lead to unexpected behavior, (e.g. duplicate metrics).
|
||||
//
|
||||
// // Start must be called in order to inject the correct handlers
|
||||
// r, err := csm.Start("clientID", "127.0.0.1:8094")
|
||||
// if err != nil {
|
||||
|
|
|
@ -4,72 +4,138 @@ import (
|
|||
"encoding/json"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
"github.com/aws/aws-sdk-go/internal/sdkuri"
|
||||
)
|
||||
|
||||
// getToken uses the duration to return a token for EC2 metadata service,
|
||||
// or an error if the request failed.
|
||||
func (c *EC2Metadata) getToken(ctx aws.Context, duration time.Duration) (tokenOutput, error) {
|
||||
op := &request.Operation{
|
||||
Name: "GetToken",
|
||||
HTTPMethod: "PUT",
|
||||
HTTPPath: "/latest/api/token",
|
||||
}
|
||||
|
||||
var output tokenOutput
|
||||
req := c.NewRequest(op, nil, &output)
|
||||
req.SetContext(ctx)
|
||||
|
||||
// remove the fetch token handler from the request handlers to avoid infinite recursion
|
||||
req.Handlers.Sign.RemoveByName(fetchTokenHandlerName)
|
||||
|
||||
// Swap the unmarshalMetadataHandler with unmarshalTokenHandler on this request.
|
||||
req.Handlers.Unmarshal.Swap(unmarshalMetadataHandlerName, unmarshalTokenHandler)
|
||||
|
||||
ttl := strconv.FormatInt(int64(duration/time.Second), 10)
|
||||
req.HTTPRequest.Header.Set(ttlHeader, ttl)
|
||||
|
||||
err := req.Send()
|
||||
|
||||
// Errors with bad request status should be returned.
|
||||
if err != nil {
|
||||
err = awserr.NewRequestFailure(
|
||||
awserr.New(req.HTTPResponse.Status, http.StatusText(req.HTTPResponse.StatusCode), err),
|
||||
req.HTTPResponse.StatusCode, req.RequestID)
|
||||
}
|
||||
|
||||
return output, err
|
||||
}
|
||||
|
||||
// GetMetadata uses the path provided to request information from the EC2
|
||||
// instance metdata service. The content will be returned as a string, or
|
||||
// instance metadata service. The content will be returned as a string, or
|
||||
// error if the request failed.
|
||||
func (c *EC2Metadata) GetMetadata(p string) (string, error) {
|
||||
return c.GetMetadataWithContext(aws.BackgroundContext(), p)
|
||||
}
|
||||
|
||||
// GetMetadataWithContext uses the path provided to request information from the EC2
|
||||
// instance metadata service. The content will be returned as a string, or
|
||||
// error if the request failed.
|
||||
func (c *EC2Metadata) GetMetadataWithContext(ctx aws.Context, p string) (string, error) {
|
||||
op := &request.Operation{
|
||||
Name: "GetMetadata",
|
||||
HTTPMethod: "GET",
|
||||
HTTPPath: sdkuri.PathJoin("/meta-data", p),
|
||||
HTTPPath: sdkuri.PathJoin("/latest/meta-data", p),
|
||||
}
|
||||
|
||||
output := &metadataOutput{}
|
||||
|
||||
req := c.NewRequest(op, nil, output)
|
||||
|
||||
return output.Content, req.Send()
|
||||
req.SetContext(ctx)
|
||||
|
||||
err := req.Send()
|
||||
return output.Content, err
|
||||
}
|
||||
|
||||
// GetUserData returns the userdata that was configured for the service. If
|
||||
// there is no user-data setup for the EC2 instance a "NotFoundError" error
|
||||
// code will be returned.
|
||||
func (c *EC2Metadata) GetUserData() (string, error) {
|
||||
return c.GetUserDataWithContext(aws.BackgroundContext())
|
||||
}
|
||||
|
||||
// GetUserDataWithContext returns the userdata that was configured for the service. If
|
||||
// there is no user-data setup for the EC2 instance a "NotFoundError" error
|
||||
// code will be returned.
|
||||
func (c *EC2Metadata) GetUserDataWithContext(ctx aws.Context) (string, error) {
|
||||
op := &request.Operation{
|
||||
Name: "GetUserData",
|
||||
HTTPMethod: "GET",
|
||||
HTTPPath: "/user-data",
|
||||
HTTPPath: "/latest/user-data",
|
||||
}
|
||||
|
||||
output := &metadataOutput{}
|
||||
req := c.NewRequest(op, nil, output)
|
||||
req.Handlers.UnmarshalError.PushBack(func(r *request.Request) {
|
||||
if r.HTTPResponse.StatusCode == http.StatusNotFound {
|
||||
r.Error = awserr.New("NotFoundError", "user-data not found", r.Error)
|
||||
}
|
||||
})
|
||||
req.SetContext(ctx)
|
||||
|
||||
return output.Content, req.Send()
|
||||
err := req.Send()
|
||||
return output.Content, err
|
||||
}
|
||||
|
||||
// GetDynamicData uses the path provided to request information from the EC2
|
||||
// instance metadata service for dynamic data. The content will be returned
|
||||
// as a string, or error if the request failed.
|
||||
func (c *EC2Metadata) GetDynamicData(p string) (string, error) {
|
||||
return c.GetDynamicDataWithContext(aws.BackgroundContext(), p)
|
||||
}
|
||||
|
||||
// GetDynamicDataWithContext uses the path provided to request information from the EC2
|
||||
// instance metadata service for dynamic data. The content will be returned
|
||||
// as a string, or error if the request failed.
|
||||
func (c *EC2Metadata) GetDynamicDataWithContext(ctx aws.Context, p string) (string, error) {
|
||||
op := &request.Operation{
|
||||
Name: "GetDynamicData",
|
||||
HTTPMethod: "GET",
|
||||
HTTPPath: sdkuri.PathJoin("/dynamic", p),
|
||||
HTTPPath: sdkuri.PathJoin("/latest/dynamic", p),
|
||||
}
|
||||
|
||||
output := &metadataOutput{}
|
||||
req := c.NewRequest(op, nil, output)
|
||||
req.SetContext(ctx)
|
||||
|
||||
return output.Content, req.Send()
|
||||
err := req.Send()
|
||||
return output.Content, err
|
||||
}
|
||||
|
||||
// GetInstanceIdentityDocument retrieves an identity document describing an
|
||||
// instance. Error is returned if the request fails or is unable to parse
|
||||
// the response.
|
||||
func (c *EC2Metadata) GetInstanceIdentityDocument() (EC2InstanceIdentityDocument, error) {
|
||||
resp, err := c.GetDynamicData("instance-identity/document")
|
||||
return c.GetInstanceIdentityDocumentWithContext(aws.BackgroundContext())
|
||||
}
|
||||
|
||||
// GetInstanceIdentityDocumentWithContext retrieves an identity document describing an
|
||||
// instance. Error is returned if the request fails or is unable to parse
|
||||
// the response.
|
||||
func (c *EC2Metadata) GetInstanceIdentityDocumentWithContext(ctx aws.Context) (EC2InstanceIdentityDocument, error) {
|
||||
resp, err := c.GetDynamicDataWithContext(ctx, "instance-identity/document")
|
||||
if err != nil {
|
||||
return EC2InstanceIdentityDocument{},
|
||||
awserr.New("EC2MetadataRequestError",
|
||||
|
@ -79,7 +145,7 @@ func (c *EC2Metadata) GetInstanceIdentityDocument() (EC2InstanceIdentityDocument
|
|||
doc := EC2InstanceIdentityDocument{}
|
||||
if err := json.NewDecoder(strings.NewReader(resp)).Decode(&doc); err != nil {
|
||||
return EC2InstanceIdentityDocument{},
|
||||
awserr.New("SerializationError",
|
||||
awserr.New(request.ErrCodeSerialization,
|
||||
"failed to decode EC2 instance identity document", err)
|
||||
}
|
||||
|
||||
|
@ -88,7 +154,12 @@ func (c *EC2Metadata) GetInstanceIdentityDocument() (EC2InstanceIdentityDocument
|
|||
|
||||
// IAMInfo retrieves IAM info from the metadata API
|
||||
func (c *EC2Metadata) IAMInfo() (EC2IAMInfo, error) {
|
||||
resp, err := c.GetMetadata("iam/info")
|
||||
return c.IAMInfoWithContext(aws.BackgroundContext())
|
||||
}
|
||||
|
||||
// IAMInfoWithContext retrieves IAM info from the metadata API
|
||||
func (c *EC2Metadata) IAMInfoWithContext(ctx aws.Context) (EC2IAMInfo, error) {
|
||||
resp, err := c.GetMetadataWithContext(ctx, "iam/info")
|
||||
if err != nil {
|
||||
return EC2IAMInfo{},
|
||||
awserr.New("EC2MetadataRequestError",
|
||||
|
@ -98,7 +169,7 @@ func (c *EC2Metadata) IAMInfo() (EC2IAMInfo, error) {
|
|||
info := EC2IAMInfo{}
|
||||
if err := json.NewDecoder(strings.NewReader(resp)).Decode(&info); err != nil {
|
||||
return EC2IAMInfo{},
|
||||
awserr.New("SerializationError",
|
||||
awserr.New(request.ErrCodeSerialization,
|
||||
"failed to decode EC2 IAM info", err)
|
||||
}
|
||||
|
||||
|
@ -113,24 +184,36 @@ func (c *EC2Metadata) IAMInfo() (EC2IAMInfo, error) {
|
|||
|
||||
// Region returns the region the instance is running in.
|
||||
func (c *EC2Metadata) Region() (string, error) {
|
||||
resp, err := c.GetMetadata("placement/availability-zone")
|
||||
return c.RegionWithContext(aws.BackgroundContext())
|
||||
}
|
||||
|
||||
// RegionWithContext returns the region the instance is running in.
|
||||
func (c *EC2Metadata) RegionWithContext(ctx aws.Context) (string, error) {
|
||||
ec2InstanceIdentityDocument, err := c.GetInstanceIdentityDocumentWithContext(ctx)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
if len(resp) == 0 {
|
||||
return "", awserr.New("EC2MetadataError", "invalid Region response", nil)
|
||||
// extract region from the ec2InstanceIdentityDocument
|
||||
region := ec2InstanceIdentityDocument.Region
|
||||
if len(region) == 0 {
|
||||
return "", awserr.New("EC2MetadataError", "invalid region received for ec2metadata instance", nil)
|
||||
}
|
||||
|
||||
// returns region without the suffix. Eg: us-west-2a becomes us-west-2
|
||||
return resp[:len(resp)-1], nil
|
||||
// returns region
|
||||
return region, nil
|
||||
}
|
||||
|
||||
// Available returns if the application has access to the EC2 Metadata service.
|
||||
// Can be used to determine if application is running within an EC2 Instance and
|
||||
// the metadata service is available.
|
||||
func (c *EC2Metadata) Available() bool {
|
||||
if _, err := c.GetMetadata("instance-id"); err != nil {
|
||||
return c.AvailableWithContext(aws.BackgroundContext())
|
||||
}
|
||||
|
||||
// AvailableWithContext returns if the application has access to the EC2 Metadata service.
|
||||
// Can be used to determine if application is running within an EC2 Instance and
|
||||
// the metadata service is available.
|
||||
func (c *EC2Metadata) AvailableWithContext(ctx aws.Context) bool {
|
||||
if _, err := c.GetMetadataWithContext(ctx, "instance-id"); err != nil {
|
||||
return false
|
||||
}
|
||||
|
||||
|
@ -150,6 +233,7 @@ type EC2IAMInfo struct {
|
|||
// an instance identity document
|
||||
type EC2InstanceIdentityDocument struct {
|
||||
DevpayProductCodes []string `json:"devpayProductCodes"`
|
||||
MarketplaceProductCodes []string `json:"marketplaceProductCodes"`
|
||||
AvailabilityZone string `json:"availabilityZone"`
|
||||
PrivateIP string `json:"privateIp"`
|
||||
Version string `json:"version"`
|
||||
|
|
|
@ -5,6 +5,10 @@
|
|||
// variable "AWS_EC2_METADATA_DISABLED=true". This environment variable set to
|
||||
// true instructs the SDK to disable the EC2 Metadata client. The client cannot
|
||||
// be used while the environment variable is set to true, (case insensitive).
|
||||
//
|
||||
// The endpoint of the EC2 IMDS client can be configured via the environment
|
||||
// variable, AWS_EC2_METADATA_SERVICE_ENDPOINT when creating the client with a
|
||||
// Session. See aws/session#Options.EC2IMDSEndpoint for more details.
|
||||
package ec2metadata
|
||||
|
||||
import (
|
||||
|
@ -12,7 +16,9 @@ import (
|
|||
"errors"
|
||||
"io"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"os"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
|
@ -24,9 +30,25 @@ import (
|
|||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
)
|
||||
|
||||
// ServiceName is the name of the service.
|
||||
const ServiceName = "ec2metadata"
|
||||
const disableServiceEnvVar = "AWS_EC2_METADATA_DISABLED"
|
||||
const (
|
||||
// ServiceName is the name of the service.
|
||||
ServiceName = "ec2metadata"
|
||||
disableServiceEnvVar = "AWS_EC2_METADATA_DISABLED"
|
||||
|
||||
// Headers for Token and TTL
|
||||
ttlHeader = "x-aws-ec2-metadata-token-ttl-seconds"
|
||||
tokenHeader = "x-aws-ec2-metadata-token"
|
||||
|
||||
// Named Handler constants
|
||||
fetchTokenHandlerName = "FetchTokenHandler"
|
||||
unmarshalMetadataHandlerName = "unmarshalMetadataHandler"
|
||||
unmarshalTokenHandlerName = "unmarshalTokenHandler"
|
||||
enableTokenProviderHandlerName = "enableTokenProviderHandler"
|
||||
|
||||
// TTL constants
|
||||
defaultTTL = 21600 * time.Second
|
||||
ttlExpirationWindow = 30 * time.Second
|
||||
)
|
||||
|
||||
// A EC2Metadata is an EC2 Metadata service Client.
|
||||
type EC2Metadata struct {
|
||||
|
@ -52,6 +74,9 @@ func New(p client.ConfigProvider, cfgs ...*aws.Config) *EC2Metadata {
|
|||
// a client when not using a session. Generally using just New with a session
|
||||
// is preferred.
|
||||
//
|
||||
// Will remove the URL path from the endpoint provided to ensure the EC2 IMDS
|
||||
// client is able to communicate with the EC2 IMDS API.
|
||||
//
|
||||
// If an unmodified HTTP client is provided from the stdlib default, or no client
|
||||
// the EC2RoleProvider's EC2Metadata HTTP client's timeout will be shortened.
|
||||
// To disable this set Config.EC2MetadataDisableTimeoutOverride to false. Enabled by default.
|
||||
|
@ -63,8 +88,19 @@ func NewClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio
|
|||
// use a shorter timeout than default because the metadata
|
||||
// service is local if it is running, and to fail faster
|
||||
// if not running on an ec2 instance.
|
||||
Timeout: 5 * time.Second,
|
||||
Timeout: 1 * time.Second,
|
||||
}
|
||||
// max number of retries on the client operation
|
||||
cfg.MaxRetries = aws.Int(2)
|
||||
}
|
||||
|
||||
if u, err := url.Parse(endpoint); err == nil {
|
||||
// Remove path from the endpoint since it will be added by requests.
|
||||
// This is an artifact of the SDK adding `/latest` to the endpoint for
|
||||
// EC2 IMDS, but this is now moved to the operation definition.
|
||||
u.Path = ""
|
||||
u.RawPath = ""
|
||||
endpoint = u.String()
|
||||
}
|
||||
|
||||
svc := &EC2Metadata{
|
||||
|
@ -80,13 +116,27 @@ func NewClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio
|
|||
),
|
||||
}
|
||||
|
||||
svc.Handlers.Unmarshal.PushBack(unmarshalHandler)
|
||||
// token provider instance
|
||||
tp := newTokenProvider(svc, defaultTTL)
|
||||
|
||||
// NamedHandler for fetching token
|
||||
svc.Handlers.Sign.PushBackNamed(request.NamedHandler{
|
||||
Name: fetchTokenHandlerName,
|
||||
Fn: tp.fetchTokenHandler,
|
||||
})
|
||||
// NamedHandler for enabling token provider
|
||||
svc.Handlers.Complete.PushBackNamed(request.NamedHandler{
|
||||
Name: enableTokenProviderHandlerName,
|
||||
Fn: tp.enableTokenProviderHandler,
|
||||
})
|
||||
|
||||
svc.Handlers.Unmarshal.PushBackNamed(unmarshalHandler)
|
||||
svc.Handlers.UnmarshalError.PushBack(unmarshalError)
|
||||
svc.Handlers.Validate.Clear()
|
||||
svc.Handlers.Validate.PushBack(validateEndpointHandler)
|
||||
|
||||
// Disable the EC2 Metadata service if the environment variable is set.
|
||||
// This shortcirctes the service's functionality to always fail to send
|
||||
// This short-circuits the service's functionality to always fail to send
|
||||
// requests.
|
||||
if strings.ToLower(os.Getenv(disableServiceEnvVar)) == "true" {
|
||||
svc.Handlers.Send.SwapNamed(request.NamedHandler{
|
||||
|
@ -107,7 +157,6 @@ func NewClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio
|
|||
for _, option := range opts {
|
||||
option(svc.Client)
|
||||
}
|
||||
|
||||
return svc
|
||||
}
|
||||
|
||||
|
@ -119,30 +168,74 @@ type metadataOutput struct {
|
|||
Content string
|
||||
}
|
||||
|
||||
func unmarshalHandler(r *request.Request) {
|
||||
type tokenOutput struct {
|
||||
Token string
|
||||
TTL time.Duration
|
||||
}
|
||||
|
||||
// unmarshal token handler is used to parse the response of a getToken operation
|
||||
var unmarshalTokenHandler = request.NamedHandler{
|
||||
Name: unmarshalTokenHandlerName,
|
||||
Fn: func(r *request.Request) {
|
||||
defer r.HTTPResponse.Body.Close()
|
||||
b := &bytes.Buffer{}
|
||||
if _, err := io.Copy(b, r.HTTPResponse.Body); err != nil {
|
||||
r.Error = awserr.New("SerializationError", "unable to unmarshal EC2 metadata respose", err)
|
||||
var b bytes.Buffer
|
||||
if _, err := io.Copy(&b, r.HTTPResponse.Body); err != nil {
|
||||
r.Error = awserr.NewRequestFailure(awserr.New(request.ErrCodeSerialization,
|
||||
"unable to unmarshal EC2 metadata response", err), r.HTTPResponse.StatusCode, r.RequestID)
|
||||
return
|
||||
}
|
||||
|
||||
v := r.HTTPResponse.Header.Get(ttlHeader)
|
||||
data, ok := r.Data.(*tokenOutput)
|
||||
if !ok {
|
||||
return
|
||||
}
|
||||
|
||||
data.Token = b.String()
|
||||
// TTL is in seconds
|
||||
i, err := strconv.ParseInt(v, 10, 64)
|
||||
if err != nil {
|
||||
r.Error = awserr.NewRequestFailure(awserr.New(request.ParamFormatErrCode,
|
||||
"unable to parse EC2 token TTL response", err), r.HTTPResponse.StatusCode, r.RequestID)
|
||||
return
|
||||
}
|
||||
t := time.Duration(i) * time.Second
|
||||
data.TTL = t
|
||||
},
|
||||
}
|
||||
|
||||
var unmarshalHandler = request.NamedHandler{
|
||||
Name: unmarshalMetadataHandlerName,
|
||||
Fn: func(r *request.Request) {
|
||||
defer r.HTTPResponse.Body.Close()
|
||||
var b bytes.Buffer
|
||||
if _, err := io.Copy(&b, r.HTTPResponse.Body); err != nil {
|
||||
r.Error = awserr.NewRequestFailure(awserr.New(request.ErrCodeSerialization,
|
||||
"unable to unmarshal EC2 metadata response", err), r.HTTPResponse.StatusCode, r.RequestID)
|
||||
return
|
||||
}
|
||||
|
||||
if data, ok := r.Data.(*metadataOutput); ok {
|
||||
data.Content = b.String()
|
||||
}
|
||||
},
|
||||
}
|
||||
|
||||
func unmarshalError(r *request.Request) {
|
||||
defer r.HTTPResponse.Body.Close()
|
||||
b := &bytes.Buffer{}
|
||||
if _, err := io.Copy(b, r.HTTPResponse.Body); err != nil {
|
||||
r.Error = awserr.New("SerializationError", "unable to unmarshal EC2 metadata error respose", err)
|
||||
var b bytes.Buffer
|
||||
|
||||
if _, err := io.Copy(&b, r.HTTPResponse.Body); err != nil {
|
||||
r.Error = awserr.NewRequestFailure(
|
||||
awserr.New(request.ErrCodeSerialization, "unable to unmarshal EC2 metadata error response", err),
|
||||
r.HTTPResponse.StatusCode, r.RequestID)
|
||||
return
|
||||
}
|
||||
|
||||
// Response body format is not consistent between metadata endpoints.
|
||||
// Grab the error message as a string and include that as the source error
|
||||
r.Error = awserr.New("EC2MetadataError", "failed to make EC2Metadata request", errors.New(b.String()))
|
||||
r.Error = awserr.NewRequestFailure(awserr.New("EC2MetadataError", "failed to make EC2Metadata request", errors.New(b.String())),
|
||||
r.HTTPResponse.StatusCode, r.RequestID)
|
||||
}
|
||||
|
||||
func validateEndpointHandler(r *request.Request) {
|
||||
|
|
92
vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go
generated
vendored
Normal file
92
vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go
generated
vendored
Normal file
|
@ -0,0 +1,92 @@
|
|||
package ec2metadata
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"sync/atomic"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
)
|
||||
|
||||
// A tokenProvider struct provides access to EC2Metadata client
|
||||
// and atomic instance of a token, along with configuredTTL for it.
|
||||
// tokenProvider also provides an atomic flag to disable the
|
||||
// fetch token operation.
|
||||
// The disabled member will use 0 as false, and 1 as true.
|
||||
type tokenProvider struct {
|
||||
client *EC2Metadata
|
||||
token atomic.Value
|
||||
configuredTTL time.Duration
|
||||
disabled uint32
|
||||
}
|
||||
|
||||
// A ec2Token struct helps use of token in EC2 Metadata service ops
|
||||
type ec2Token struct {
|
||||
token string
|
||||
credentials.Expiry
|
||||
}
|
||||
|
||||
// newTokenProvider provides a pointer to a tokenProvider instance
|
||||
func newTokenProvider(c *EC2Metadata, duration time.Duration) *tokenProvider {
|
||||
return &tokenProvider{client: c, configuredTTL: duration}
|
||||
}
|
||||
|
||||
// fetchTokenHandler fetches token for EC2Metadata service client by default.
|
||||
func (t *tokenProvider) fetchTokenHandler(r *request.Request) {
|
||||
|
||||
// short-circuits to insecure data flow if tokenProvider is disabled.
|
||||
if v := atomic.LoadUint32(&t.disabled); v == 1 {
|
||||
return
|
||||
}
|
||||
|
||||
if ec2Token, ok := t.token.Load().(ec2Token); ok && !ec2Token.IsExpired() {
|
||||
r.HTTPRequest.Header.Set(tokenHeader, ec2Token.token)
|
||||
return
|
||||
}
|
||||
|
||||
output, err := t.client.getToken(r.Context(), t.configuredTTL)
|
||||
|
||||
if err != nil {
|
||||
|
||||
// change the disabled flag on token provider to true,
|
||||
// when error is request timeout error.
|
||||
if requestFailureError, ok := err.(awserr.RequestFailure); ok {
|
||||
switch requestFailureError.StatusCode() {
|
||||
case http.StatusForbidden, http.StatusNotFound, http.StatusMethodNotAllowed:
|
||||
atomic.StoreUint32(&t.disabled, 1)
|
||||
case http.StatusBadRequest:
|
||||
r.Error = requestFailureError
|
||||
}
|
||||
|
||||
// Check if request timed out while waiting for response
|
||||
if e, ok := requestFailureError.OrigErr().(awserr.Error); ok {
|
||||
if e.Code() == request.ErrCodeRequestError {
|
||||
atomic.StoreUint32(&t.disabled, 1)
|
||||
}
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
newToken := ec2Token{
|
||||
token: output.Token,
|
||||
}
|
||||
newToken.SetExpiration(time.Now().Add(output.TTL), ttlExpirationWindow)
|
||||
t.token.Store(newToken)
|
||||
|
||||
// Inject token header to the request.
|
||||
if ec2Token, ok := t.token.Load().(ec2Token); ok {
|
||||
r.HTTPRequest.Header.Set(tokenHeader, ec2Token.token)
|
||||
}
|
||||
}
|
||||
|
||||
// enableTokenProviderHandler enables the token provider
|
||||
func (t *tokenProvider) enableTokenProviderHandler(r *request.Request) {
|
||||
// If the error code status is 401, we enable the token provider
|
||||
if e, ok := r.Error.(awserr.RequestFailure); ok && e != nil &&
|
||||
e.StatusCode() == http.StatusUnauthorized {
|
||||
atomic.StoreUint32(&t.disabled, 0)
|
||||
}
|
||||
}
|
|
@ -83,6 +83,7 @@ func decodeV3Endpoints(modelDef modelDefinition, opts DecodeModelOptions) (Resol
|
|||
p := &ps[i]
|
||||
custAddEC2Metadata(p)
|
||||
custAddS3DualStack(p)
|
||||
custRegionalS3(p)
|
||||
custRmIotDataService(p)
|
||||
custFixAppAutoscalingChina(p)
|
||||
custFixAppAutoscalingUsGov(p)
|
||||
|
@ -92,7 +93,7 @@ func decodeV3Endpoints(modelDef modelDefinition, opts DecodeModelOptions) (Resol
|
|||
}
|
||||
|
||||
func custAddS3DualStack(p *partition) {
|
||||
if p.ID != "aws" {
|
||||
if !(p.ID == "aws" || p.ID == "aws-cn" || p.ID == "aws-us-gov") {
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -100,6 +101,33 @@ func custAddS3DualStack(p *partition) {
|
|||
custAddDualstack(p, "s3-control")
|
||||
}
|
||||
|
||||
func custRegionalS3(p *partition) {
|
||||
if p.ID != "aws" {
|
||||
return
|
||||
}
|
||||
|
||||
service, ok := p.Services["s3"]
|
||||
if !ok {
|
||||
return
|
||||
}
|
||||
|
||||
// If global endpoint already exists no customization needed.
|
||||
if _, ok := service.Endpoints["aws-global"]; ok {
|
||||
return
|
||||
}
|
||||
|
||||
service.PartitionEndpoint = "aws-global"
|
||||
service.Endpoints["us-east-1"] = endpoint{}
|
||||
service.Endpoints["aws-global"] = endpoint{
|
||||
Hostname: "s3.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "us-east-1",
|
||||
},
|
||||
}
|
||||
|
||||
p.Services["s3"] = service
|
||||
}
|
||||
|
||||
func custAddDualstack(p *partition, svcName string) {
|
||||
s, ok := p.Services[svcName]
|
||||
if !ok {
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -2,7 +2,7 @@ package endpoints
|
|||
|
||||
// Service identifiers
|
||||
//
|
||||
// Deprecated: Use client package's EndpointID value instead of these
|
||||
// Deprecated: Use client package's EndpointsID value instead of these
|
||||
// ServiceIDs. These IDs are not maintained, and are out of date.
|
||||
const (
|
||||
A4bServiceID = "a4b" // A4b.
|
||||
|
|
|
@ -3,6 +3,7 @@ package endpoints
|
|||
import (
|
||||
"fmt"
|
||||
"regexp"
|
||||
"strings"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
)
|
||||
|
@ -46,6 +47,108 @@ type Options struct {
|
|||
//
|
||||
// This option is ignored if StrictMatching is enabled.
|
||||
ResolveUnknownService bool
|
||||
|
||||
// STS Regional Endpoint flag helps with resolving the STS endpoint
|
||||
STSRegionalEndpoint STSRegionalEndpoint
|
||||
|
||||
// S3 Regional Endpoint flag helps with resolving the S3 endpoint
|
||||
S3UsEast1RegionalEndpoint S3UsEast1RegionalEndpoint
|
||||
}
|
||||
|
||||
// STSRegionalEndpoint is an enum for the states of the STS Regional Endpoint
|
||||
// options.
|
||||
type STSRegionalEndpoint int
|
||||
|
||||
func (e STSRegionalEndpoint) String() string {
|
||||
switch e {
|
||||
case LegacySTSEndpoint:
|
||||
return "legacy"
|
||||
case RegionalSTSEndpoint:
|
||||
return "regional"
|
||||
case UnsetSTSEndpoint:
|
||||
return ""
|
||||
default:
|
||||
return "unknown"
|
||||
}
|
||||
}
|
||||
|
||||
const (
|
||||
|
||||
// UnsetSTSEndpoint represents that STS Regional Endpoint flag is not specified.
|
||||
UnsetSTSEndpoint STSRegionalEndpoint = iota
|
||||
|
||||
// LegacySTSEndpoint represents when STS Regional Endpoint flag is specified
|
||||
// to use legacy endpoints.
|
||||
LegacySTSEndpoint
|
||||
|
||||
// RegionalSTSEndpoint represents when STS Regional Endpoint flag is specified
|
||||
// to use regional endpoints.
|
||||
RegionalSTSEndpoint
|
||||
)
|
||||
|
||||
// GetSTSRegionalEndpoint function returns the STSRegionalEndpointFlag based
|
||||
// on the input string provided in env config or shared config by the user.
|
||||
//
|
||||
// `legacy`, `regional` are the only case-insensitive valid strings for
|
||||
// resolving the STS regional Endpoint flag.
|
||||
func GetSTSRegionalEndpoint(s string) (STSRegionalEndpoint, error) {
|
||||
switch {
|
||||
case strings.EqualFold(s, "legacy"):
|
||||
return LegacySTSEndpoint, nil
|
||||
case strings.EqualFold(s, "regional"):
|
||||
return RegionalSTSEndpoint, nil
|
||||
default:
|
||||
return UnsetSTSEndpoint, fmt.Errorf("unable to resolve the value of STSRegionalEndpoint for %v", s)
|
||||
}
|
||||
}
|
||||
|
||||
// S3UsEast1RegionalEndpoint is an enum for the states of the S3 us-east-1
|
||||
// Regional Endpoint options.
|
||||
type S3UsEast1RegionalEndpoint int
|
||||
|
||||
func (e S3UsEast1RegionalEndpoint) String() string {
|
||||
switch e {
|
||||
case LegacyS3UsEast1Endpoint:
|
||||
return "legacy"
|
||||
case RegionalS3UsEast1Endpoint:
|
||||
return "regional"
|
||||
case UnsetS3UsEast1Endpoint:
|
||||
return ""
|
||||
default:
|
||||
return "unknown"
|
||||
}
|
||||
}
|
||||
|
||||
const (
|
||||
|
||||
// UnsetS3UsEast1Endpoint represents that S3 Regional Endpoint flag is not
|
||||
// specified.
|
||||
UnsetS3UsEast1Endpoint S3UsEast1RegionalEndpoint = iota
|
||||
|
||||
// LegacyS3UsEast1Endpoint represents when S3 Regional Endpoint flag is
|
||||
// specified to use legacy endpoints.
|
||||
LegacyS3UsEast1Endpoint
|
||||
|
||||
// RegionalS3UsEast1Endpoint represents when S3 Regional Endpoint flag is
|
||||
// specified to use regional endpoints.
|
||||
RegionalS3UsEast1Endpoint
|
||||
)
|
||||
|
||||
// GetS3UsEast1RegionalEndpoint function returns the S3UsEast1RegionalEndpointFlag based
|
||||
// on the input string provided in env config or shared config by the user.
|
||||
//
|
||||
// `legacy`, `regional` are the only case-insensitive valid strings for
|
||||
// resolving the S3 regional Endpoint flag.
|
||||
func GetS3UsEast1RegionalEndpoint(s string) (S3UsEast1RegionalEndpoint, error) {
|
||||
switch {
|
||||
case strings.EqualFold(s, "legacy"):
|
||||
return LegacyS3UsEast1Endpoint, nil
|
||||
case strings.EqualFold(s, "regional"):
|
||||
return RegionalS3UsEast1Endpoint, nil
|
||||
default:
|
||||
return UnsetS3UsEast1Endpoint,
|
||||
fmt.Errorf("unable to resolve the value of S3UsEast1RegionalEndpoint for %v", s)
|
||||
}
|
||||
}
|
||||
|
||||
// Set combines all of the option functions together.
|
||||
|
@ -79,6 +182,12 @@ func ResolveUnknownServiceOption(o *Options) {
|
|||
o.ResolveUnknownService = true
|
||||
}
|
||||
|
||||
// STSRegionalEndpointOption enables the STS endpoint resolver behavior to resolve
|
||||
// STS endpoint to their regional endpoint, instead of the global endpoint.
|
||||
func STSRegionalEndpointOption(o *Options) {
|
||||
o.STSRegionalEndpoint = RegionalSTSEndpoint
|
||||
}
|
||||
|
||||
// A Resolver provides the interface for functionality to resolve endpoints.
|
||||
// The build in Partition and DefaultResolver return value satisfy this interface.
|
||||
type Resolver interface {
|
||||
|
@ -170,10 +279,13 @@ func PartitionForRegion(ps []Partition, regionID string) (Partition, bool) {
|
|||
// A Partition provides the ability to enumerate the partition's regions
|
||||
// and services.
|
||||
type Partition struct {
|
||||
id string
|
||||
id, dnsSuffix string
|
||||
p *partition
|
||||
}
|
||||
|
||||
// DNSSuffix returns the base domain name of the partition.
|
||||
func (p Partition) DNSSuffix() string { return p.dnsSuffix }
|
||||
|
||||
// ID returns the identifier of the partition.
|
||||
func (p Partition) ID() string { return p.id }
|
||||
|
||||
|
@ -191,7 +303,7 @@ func (p Partition) ID() string { return p.id }
|
|||
// require the provided service and region to be known by the partition.
|
||||
// If the endpoint cannot be strictly resolved an error will be returned. This
|
||||
// mode is useful to ensure the endpoint resolved is valid. Without
|
||||
// StrictMatching enabled the endpoint returned my look valid but may not work.
|
||||
// StrictMatching enabled the endpoint returned may look valid but may not work.
|
||||
// StrictMatching requires the SDK to be updated if you want to take advantage
|
||||
// of new regions and services expansions.
|
||||
//
|
||||
|
@ -205,7 +317,7 @@ func (p Partition) EndpointFor(service, region string, opts ...func(*Options)) (
|
|||
// Regions returns a map of Regions indexed by their ID. This is useful for
|
||||
// enumerating over the regions in a partition.
|
||||
func (p Partition) Regions() map[string]Region {
|
||||
rs := map[string]Region{}
|
||||
rs := make(map[string]Region, len(p.p.Regions))
|
||||
for id, r := range p.p.Regions {
|
||||
rs[id] = Region{
|
||||
id: id,
|
||||
|
@ -220,7 +332,7 @@ func (p Partition) Regions() map[string]Region {
|
|||
// Services returns a map of Service indexed by their ID. This is useful for
|
||||
// enumerating over the services in a partition.
|
||||
func (p Partition) Services() map[string]Service {
|
||||
ss := map[string]Service{}
|
||||
ss := make(map[string]Service, len(p.p.Services))
|
||||
for id := range p.p.Services {
|
||||
ss[id] = Service{
|
||||
id: id,
|
||||
|
@ -307,7 +419,7 @@ func (s Service) Regions() map[string]Region {
|
|||
// A region is the AWS region the service exists in. Whereas a Endpoint is
|
||||
// an URL that can be resolved to a instance of a service.
|
||||
func (s Service) Endpoints() map[string]Endpoint {
|
||||
es := map[string]Endpoint{}
|
||||
es := make(map[string]Endpoint, len(s.p.Services[s.id].Endpoints))
|
||||
for id := range s.p.Services[s.id].Endpoints {
|
||||
es[id] = Endpoint{
|
||||
id: id,
|
||||
|
@ -347,6 +459,9 @@ type ResolvedEndpoint struct {
|
|||
// The endpoint URL
|
||||
URL string
|
||||
|
||||
// The endpoint partition
|
||||
PartitionID string
|
||||
|
||||
// The region that should be used for signing requests.
|
||||
SigningRegion string
|
||||
|
||||
|
|
|
@ -0,0 +1,24 @@
|
|||
package endpoints
|
||||
|
||||
var legacyGlobalRegions = map[string]map[string]struct{}{
|
||||
"sts": {
|
||||
"ap-northeast-1": {},
|
||||
"ap-south-1": {},
|
||||
"ap-southeast-1": {},
|
||||
"ap-southeast-2": {},
|
||||
"ca-central-1": {},
|
||||
"eu-central-1": {},
|
||||
"eu-north-1": {},
|
||||
"eu-west-1": {},
|
||||
"eu-west-2": {},
|
||||
"eu-west-3": {},
|
||||
"sa-east-1": {},
|
||||
"us-east-1": {},
|
||||
"us-east-2": {},
|
||||
"us-west-1": {},
|
||||
"us-west-2": {},
|
||||
},
|
||||
"s3": {
|
||||
"us-east-1": {},
|
||||
},
|
||||
}
|
|
@ -7,6 +7,8 @@ import (
|
|||
"strings"
|
||||
)
|
||||
|
||||
var regionValidationRegex = regexp.MustCompile(`^[[:alnum:]]([[:alnum:]\-]*[[:alnum:]])?$`)
|
||||
|
||||
type partitions []partition
|
||||
|
||||
func (ps partitions) EndpointFor(service, region string, opts ...func(*Options)) (ResolvedEndpoint, error) {
|
||||
|
@ -54,6 +56,7 @@ type partition struct {
|
|||
|
||||
func (p partition) Partition() Partition {
|
||||
return Partition{
|
||||
dnsSuffix: p.DNSSuffix,
|
||||
id: p.ID,
|
||||
p: &p,
|
||||
}
|
||||
|
@ -74,24 +77,56 @@ func (p partition) canResolveEndpoint(service, region string, strictMatch bool)
|
|||
return p.RegionRegex.MatchString(region)
|
||||
}
|
||||
|
||||
func allowLegacyEmptyRegion(service string) bool {
|
||||
legacy := map[string]struct{}{
|
||||
"budgets": {},
|
||||
"ce": {},
|
||||
"chime": {},
|
||||
"cloudfront": {},
|
||||
"ec2metadata": {},
|
||||
"iam": {},
|
||||
"importexport": {},
|
||||
"organizations": {},
|
||||
"route53": {},
|
||||
"sts": {},
|
||||
"support": {},
|
||||
"waf": {},
|
||||
}
|
||||
|
||||
_, allowed := legacy[service]
|
||||
return allowed
|
||||
}
|
||||
|
||||
func (p partition) EndpointFor(service, region string, opts ...func(*Options)) (resolved ResolvedEndpoint, err error) {
|
||||
var opt Options
|
||||
opt.Set(opts...)
|
||||
|
||||
s, hasService := p.Services[service]
|
||||
if !(hasService || opt.ResolveUnknownService) {
|
||||
if len(service) == 0 || !(hasService || opt.ResolveUnknownService) {
|
||||
// Only return error if the resolver will not fallback to creating
|
||||
// endpoint based on service endpoint ID passed in.
|
||||
return resolved, NewUnknownServiceError(p.ID, service, serviceList(p.Services))
|
||||
}
|
||||
|
||||
if len(region) == 0 && allowLegacyEmptyRegion(service) && len(s.PartitionEndpoint) != 0 {
|
||||
region = s.PartitionEndpoint
|
||||
}
|
||||
|
||||
if (service == "sts" && opt.STSRegionalEndpoint != RegionalSTSEndpoint) ||
|
||||
(service == "s3" && opt.S3UsEast1RegionalEndpoint != RegionalS3UsEast1Endpoint) {
|
||||
if _, ok := legacyGlobalRegions[service][region]; ok {
|
||||
region = "aws-global"
|
||||
}
|
||||
}
|
||||
|
||||
e, hasEndpoint := s.endpointForRegion(region)
|
||||
if !hasEndpoint && opt.StrictMatching {
|
||||
if len(region) == 0 || (!hasEndpoint && opt.StrictMatching) {
|
||||
return resolved, NewUnknownEndpointError(p.ID, service, region, endpointList(s.Endpoints))
|
||||
}
|
||||
|
||||
defs := []endpoint{p.Defaults, s.Defaults}
|
||||
return e.resolve(service, region, p.DNSSuffix, defs, opt), nil
|
||||
|
||||
return e.resolve(service, p.ID, region, p.DNSSuffix, defs, opt)
|
||||
}
|
||||
|
||||
func serviceList(ss services) []string {
|
||||
|
@ -200,7 +235,7 @@ func getByPriority(s []string, p []string, def string) string {
|
|||
return s[0]
|
||||
}
|
||||
|
||||
func (e endpoint) resolve(service, region, dnsSuffix string, defs []endpoint, opts Options) ResolvedEndpoint {
|
||||
func (e endpoint) resolve(service, partitionID, region, dnsSuffix string, defs []endpoint, opts Options) (ResolvedEndpoint, error) {
|
||||
var merged endpoint
|
||||
for _, def := range defs {
|
||||
merged.mergeIn(def)
|
||||
|
@ -208,20 +243,6 @@ func (e endpoint) resolve(service, region, dnsSuffix string, defs []endpoint, op
|
|||
merged.mergeIn(e)
|
||||
e = merged
|
||||
|
||||
hostname := e.Hostname
|
||||
|
||||
// Offset the hostname for dualstack if enabled
|
||||
if opts.UseDualStack && e.HasDualStack == boxedTrue {
|
||||
hostname = e.DualStackHostname
|
||||
}
|
||||
|
||||
u := strings.Replace(hostname, "{service}", service, 1)
|
||||
u = strings.Replace(u, "{region}", region, 1)
|
||||
u = strings.Replace(u, "{dnsSuffix}", dnsSuffix, 1)
|
||||
|
||||
scheme := getEndpointScheme(e.Protocols, opts.DisableSSL)
|
||||
u = fmt.Sprintf("%s://%s", scheme, u)
|
||||
|
||||
signingRegion := e.CredentialScope.Region
|
||||
if len(signingRegion) == 0 {
|
||||
signingRegion = region
|
||||
|
@ -234,13 +255,32 @@ func (e endpoint) resolve(service, region, dnsSuffix string, defs []endpoint, op
|
|||
signingNameDerived = true
|
||||
}
|
||||
|
||||
hostname := e.Hostname
|
||||
// Offset the hostname for dualstack if enabled
|
||||
if opts.UseDualStack && e.HasDualStack == boxedTrue {
|
||||
hostname = e.DualStackHostname
|
||||
region = signingRegion
|
||||
}
|
||||
|
||||
if !validateInputRegion(region) {
|
||||
return ResolvedEndpoint{}, fmt.Errorf("invalid region identifier format provided")
|
||||
}
|
||||
|
||||
u := strings.Replace(hostname, "{service}", service, 1)
|
||||
u = strings.Replace(u, "{region}", region, 1)
|
||||
u = strings.Replace(u, "{dnsSuffix}", dnsSuffix, 1)
|
||||
|
||||
scheme := getEndpointScheme(e.Protocols, opts.DisableSSL)
|
||||
u = fmt.Sprintf("%s://%s", scheme, u)
|
||||
|
||||
return ResolvedEndpoint{
|
||||
URL: u,
|
||||
PartitionID: partitionID,
|
||||
SigningRegion: signingRegion,
|
||||
SigningName: signingName,
|
||||
SigningNameDerived: signingNameDerived,
|
||||
SigningMethod: getByPriority(e.SignatureVersions, signerPriority, defaultSigner),
|
||||
}
|
||||
}, nil
|
||||
}
|
||||
|
||||
func getEndpointScheme(protocols []string, disableSSL bool) string {
|
||||
|
@ -305,3 +345,7 @@ const (
|
|||
boxedFalse
|
||||
boxedTrue
|
||||
)
|
||||
|
||||
func validateInputRegion(region string) bool {
|
||||
return regionValidationRegex.MatchString(region)
|
||||
}
|
||||
|
|
|
@ -1,18 +1,18 @@
|
|||
// +build !appengine,!plan9
|
||||
|
||||
package request
|
||||
|
||||
import (
|
||||
"net"
|
||||
"os"
|
||||
"syscall"
|
||||
"strings"
|
||||
)
|
||||
|
||||
func isErrConnectionReset(err error) bool {
|
||||
if opErr, ok := err.(*net.OpError); ok {
|
||||
if sysErr, ok := opErr.Err.(*os.SyscallError); ok {
|
||||
return sysErr.Err == syscall.ECONNRESET
|
||||
if strings.Contains(err.Error(), "read: connection reset") {
|
||||
return false
|
||||
}
|
||||
|
||||
if strings.Contains(err.Error(), "use of closed network connection") ||
|
||||
strings.Contains(err.Error(), "connection reset") ||
|
||||
strings.Contains(err.Error(), "broken pipe") {
|
||||
return true
|
||||
}
|
||||
|
||||
return false
|
||||
|
|
|
@ -1,11 +0,0 @@
|
|||
// +build appengine plan9
|
||||
|
||||
package request
|
||||
|
||||
import (
|
||||
"strings"
|
||||
)
|
||||
|
||||
func isErrConnectionReset(err error) bool {
|
||||
return strings.Contains(err.Error(), "connection reset")
|
||||
}
|
|
@ -10,6 +10,7 @@ import (
|
|||
type Handlers struct {
|
||||
Validate HandlerList
|
||||
Build HandlerList
|
||||
BuildStream HandlerList
|
||||
Sign HandlerList
|
||||
Send HandlerList
|
||||
ValidateResponse HandlerList
|
||||
|
@ -23,11 +24,12 @@ type Handlers struct {
|
|||
Complete HandlerList
|
||||
}
|
||||
|
||||
// Copy returns of this handler's lists.
|
||||
// Copy returns a copy of this handler's lists.
|
||||
func (h *Handlers) Copy() Handlers {
|
||||
return Handlers{
|
||||
Validate: h.Validate.copy(),
|
||||
Build: h.Build.copy(),
|
||||
BuildStream: h.BuildStream.copy(),
|
||||
Sign: h.Sign.copy(),
|
||||
Send: h.Send.copy(),
|
||||
ValidateResponse: h.ValidateResponse.copy(),
|
||||
|
@ -42,10 +44,11 @@ func (h *Handlers) Copy() Handlers {
|
|||
}
|
||||
}
|
||||
|
||||
// Clear removes callback functions for all handlers
|
||||
// Clear removes callback functions for all handlers.
|
||||
func (h *Handlers) Clear() {
|
||||
h.Validate.Clear()
|
||||
h.Build.Clear()
|
||||
h.BuildStream.Clear()
|
||||
h.Send.Clear()
|
||||
h.Sign.Clear()
|
||||
h.Unmarshal.Clear()
|
||||
|
@ -59,6 +62,54 @@ func (h *Handlers) Clear() {
|
|||
h.Complete.Clear()
|
||||
}
|
||||
|
||||
// IsEmpty returns if there are no handlers in any of the handlerlists.
|
||||
func (h *Handlers) IsEmpty() bool {
|
||||
if h.Validate.Len() != 0 {
|
||||
return false
|
||||
}
|
||||
if h.Build.Len() != 0 {
|
||||
return false
|
||||
}
|
||||
if h.BuildStream.Len() != 0 {
|
||||
return false
|
||||
}
|
||||
if h.Send.Len() != 0 {
|
||||
return false
|
||||
}
|
||||
if h.Sign.Len() != 0 {
|
||||
return false
|
||||
}
|
||||
if h.Unmarshal.Len() != 0 {
|
||||
return false
|
||||
}
|
||||
if h.UnmarshalStream.Len() != 0 {
|
||||
return false
|
||||
}
|
||||
if h.UnmarshalMeta.Len() != 0 {
|
||||
return false
|
||||
}
|
||||
if h.UnmarshalError.Len() != 0 {
|
||||
return false
|
||||
}
|
||||
if h.ValidateResponse.Len() != 0 {
|
||||
return false
|
||||
}
|
||||
if h.Retry.Len() != 0 {
|
||||
return false
|
||||
}
|
||||
if h.AfterRetry.Len() != 0 {
|
||||
return false
|
||||
}
|
||||
if h.CompleteAttempt.Len() != 0 {
|
||||
return false
|
||||
}
|
||||
if h.Complete.Len() != 0 {
|
||||
return false
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
// A HandlerListRunItem represents an entry in the HandlerList which
|
||||
// is being run.
|
||||
type HandlerListRunItem struct {
|
||||
|
@ -275,3 +326,18 @@ func MakeAddToUserAgentFreeFormHandler(s string) func(*Request) {
|
|||
AddToUserAgent(r, s)
|
||||
}
|
||||
}
|
||||
|
||||
// WithSetRequestHeaders updates the operation request's HTTP header to contain
|
||||
// the header key value pairs provided. If the header key already exists in the
|
||||
// request's HTTP header set, the existing value(s) will be replaced.
|
||||
func WithSetRequestHeaders(h map[string]string) Option {
|
||||
return withRequestHeader(h).SetRequestHeaders
|
||||
}
|
||||
|
||||
type withRequestHeader map[string]string
|
||||
|
||||
func (h withRequestHeader) SetRequestHeaders(r *Request) {
|
||||
for k, v := range h {
|
||||
r.HTTPRequest.Header[k] = []string{v}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -15,12 +15,15 @@ type offsetReader struct {
|
|||
closed bool
|
||||
}
|
||||
|
||||
func newOffsetReader(buf io.ReadSeeker, offset int64) *offsetReader {
|
||||
func newOffsetReader(buf io.ReadSeeker, offset int64) (*offsetReader, error) {
|
||||
reader := &offsetReader{}
|
||||
buf.Seek(offset, sdkio.SeekStart)
|
||||
_, err := buf.Seek(offset, sdkio.SeekStart)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
reader.buf = buf
|
||||
return reader
|
||||
return reader, nil
|
||||
}
|
||||
|
||||
// Close will close the instance of the offset reader's access to
|
||||
|
@ -54,7 +57,9 @@ func (o *offsetReader) Seek(offset int64, whence int) (int64, error) {
|
|||
|
||||
// CloseAndCopy will return a new offsetReader with a copy of the old buffer
|
||||
// and close the old buffer.
|
||||
func (o *offsetReader) CloseAndCopy(offset int64) *offsetReader {
|
||||
o.Close()
|
||||
func (o *offsetReader) CloseAndCopy(offset int64) (*offsetReader, error) {
|
||||
if err := o.Close(); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return newOffsetReader(o.buf, offset)
|
||||
}
|
||||
|
|
|
@ -36,6 +36,10 @@ const (
|
|||
// API request that was canceled. Requests given a aws.Context may
|
||||
// return this error when canceled.
|
||||
CanceledErrorCode = "RequestCanceled"
|
||||
|
||||
// ErrCodeRequestError is an error preventing the SDK from continuing to
|
||||
// process the request.
|
||||
ErrCodeRequestError = "RequestError"
|
||||
)
|
||||
|
||||
// A Request is the service request to be made.
|
||||
|
@ -51,6 +55,7 @@ type Request struct {
|
|||
HTTPRequest *http.Request
|
||||
HTTPResponse *http.Response
|
||||
Body io.ReadSeeker
|
||||
streamingBody io.ReadCloser
|
||||
BodyStart int64 // offset from beginning of Body that the request body starts
|
||||
Params interface{}
|
||||
Error error
|
||||
|
@ -64,6 +69,15 @@ type Request struct {
|
|||
LastSignedAt time.Time
|
||||
DisableFollowRedirects bool
|
||||
|
||||
// Additional API error codes that should be retried. IsErrorRetryable
|
||||
// will consider these codes in addition to its built in cases.
|
||||
RetryErrorCodes []string
|
||||
|
||||
// Additional API error codes that should be retried with throttle backoff
|
||||
// delay. IsErrorThrottle will consider these codes in addition to its
|
||||
// built in cases.
|
||||
ThrottleErrorCodes []string
|
||||
|
||||
// A value greater than 0 instructs the request to be signed as Presigned URL
|
||||
// You should not set this field directly. Instead use Request's
|
||||
// Presign or PresignRequest methods.
|
||||
|
@ -90,8 +104,12 @@ type Operation struct {
|
|||
BeforePresignFn func(r *Request) error
|
||||
}
|
||||
|
||||
// New returns a new Request pointer for the service API
|
||||
// operation and parameters.
|
||||
// New returns a new Request pointer for the service API operation and
|
||||
// parameters.
|
||||
//
|
||||
// A Retryer should be provided to direct how the request is retried. If
|
||||
// Retryer is nil, a default no retry value will be used. You can use
|
||||
// NoOpRetryer in the Client package to disable retry behavior directly.
|
||||
//
|
||||
// Params is any value of input parameters to be the request payload.
|
||||
// Data is pointer value to an object which the request's response
|
||||
|
@ -99,6 +117,10 @@ type Operation struct {
|
|||
func New(cfg aws.Config, clientInfo metadata.ClientInfo, handlers Handlers,
|
||||
retryer Retryer, operation *Operation, params interface{}, data interface{}) *Request {
|
||||
|
||||
if retryer == nil {
|
||||
retryer = noOpRetryer{}
|
||||
}
|
||||
|
||||
method := operation.HTTPMethod
|
||||
if method == "" {
|
||||
method = "POST"
|
||||
|
@ -113,8 +135,6 @@ func New(cfg aws.Config, clientInfo metadata.ClientInfo, handlers Handlers,
|
|||
err = awserr.New("InvalidEndpointURL", "invalid endpoint uri", err)
|
||||
}
|
||||
|
||||
SanitizeHostForHeader(httpReq)
|
||||
|
||||
r := &Request{
|
||||
Config: cfg,
|
||||
ClientInfo: clientInfo,
|
||||
|
@ -231,6 +251,10 @@ func (r *Request) WillRetry() bool {
|
|||
return r.Error != nil && aws.BoolValue(r.Retryable) && r.RetryCount < r.MaxRetries()
|
||||
}
|
||||
|
||||
func fmtAttemptCount(retryCount, maxRetries int) string {
|
||||
return fmt.Sprintf("attempt %v/%v", retryCount, maxRetries)
|
||||
}
|
||||
|
||||
// ParamsFilled returns if the request's parameters have been populated
|
||||
// and the parameters are valid. False is returned if no parameters are
|
||||
// provided or invalid.
|
||||
|
@ -259,10 +283,28 @@ func (r *Request) SetStringBody(s string) {
|
|||
// SetReaderBody will set the request's body reader.
|
||||
func (r *Request) SetReaderBody(reader io.ReadSeeker) {
|
||||
r.Body = reader
|
||||
r.BodyStart, _ = reader.Seek(0, sdkio.SeekCurrent) // Get the Bodies current offset.
|
||||
|
||||
if aws.IsReaderSeekable(reader) {
|
||||
var err error
|
||||
// Get the Bodies current offset so retries will start from the same
|
||||
// initial position.
|
||||
r.BodyStart, err = reader.Seek(0, sdkio.SeekCurrent)
|
||||
if err != nil {
|
||||
r.Error = awserr.New(ErrCodeSerialization,
|
||||
"failed to determine start of request body", err)
|
||||
return
|
||||
}
|
||||
}
|
||||
r.ResetBody()
|
||||
}
|
||||
|
||||
// SetStreamingBody set the reader to be used for the request that will stream
|
||||
// bytes to the server. Request's Body must not be set to any reader.
|
||||
func (r *Request) SetStreamingBody(reader io.ReadCloser) {
|
||||
r.streamingBody = reader
|
||||
r.SetReaderBody(aws.ReadSeekCloser(reader))
|
||||
}
|
||||
|
||||
// Presign returns the request's signed URL. Error will be returned
|
||||
// if the signing fails. The expire parameter is only used for presigned Amazon
|
||||
// S3 API requests. All other AWS services will use a fixed expiration
|
||||
|
@ -330,16 +372,15 @@ func getPresignedURL(r *Request, expire time.Duration) (string, http.Header, err
|
|||
return r.HTTPRequest.URL.String(), r.SignedHeaderVals, nil
|
||||
}
|
||||
|
||||
func debugLogReqError(r *Request, stage string, retrying bool, err error) {
|
||||
const (
|
||||
notRetrying = "not retrying"
|
||||
)
|
||||
|
||||
func debugLogReqError(r *Request, stage, retryStr string, err error) {
|
||||
if !r.Config.LogLevel.Matches(aws.LogDebugWithRequestErrors) {
|
||||
return
|
||||
}
|
||||
|
||||
retryStr := "not retrying"
|
||||
if retrying {
|
||||
retryStr = "will retry"
|
||||
}
|
||||
|
||||
r.Config.Logger.Log(fmt.Sprintf("DEBUG: %s %s/%s failed, %s, error %v",
|
||||
stage, r.ClientInfo.ServiceName, r.Operation.Name, retryStr, err))
|
||||
}
|
||||
|
@ -358,12 +399,12 @@ func (r *Request) Build() error {
|
|||
if !r.built {
|
||||
r.Handlers.Validate.Run(r)
|
||||
if r.Error != nil {
|
||||
debugLogReqError(r, "Validate Request", false, r.Error)
|
||||
debugLogReqError(r, "Validate Request", notRetrying, r.Error)
|
||||
return r.Error
|
||||
}
|
||||
r.Handlers.Build.Run(r)
|
||||
if r.Error != nil {
|
||||
debugLogReqError(r, "Build Request", false, r.Error)
|
||||
debugLogReqError(r, "Build Request", notRetrying, r.Error)
|
||||
return r.Error
|
||||
}
|
||||
r.built = true
|
||||
|
@ -379,20 +420,30 @@ func (r *Request) Build() error {
|
|||
func (r *Request) Sign() error {
|
||||
r.Build()
|
||||
if r.Error != nil {
|
||||
debugLogReqError(r, "Build Request", false, r.Error)
|
||||
debugLogReqError(r, "Build Request", notRetrying, r.Error)
|
||||
return r.Error
|
||||
}
|
||||
|
||||
SanitizeHostForHeader(r.HTTPRequest)
|
||||
|
||||
r.Handlers.Sign.Run(r)
|
||||
return r.Error
|
||||
}
|
||||
|
||||
func (r *Request) getNextRequestBody() (io.ReadCloser, error) {
|
||||
func (r *Request) getNextRequestBody() (body io.ReadCloser, err error) {
|
||||
if r.streamingBody != nil {
|
||||
return r.streamingBody, nil
|
||||
}
|
||||
|
||||
if r.safeBody != nil {
|
||||
r.safeBody.Close()
|
||||
}
|
||||
|
||||
r.safeBody = newOffsetReader(r.Body, r.BodyStart)
|
||||
r.safeBody, err = newOffsetReader(r.Body, r.BodyStart)
|
||||
if err != nil {
|
||||
return nil, awserr.New(ErrCodeSerialization,
|
||||
"failed to get next request body reader", err)
|
||||
}
|
||||
|
||||
// Go 1.8 tightened and clarified the rules code needs to use when building
|
||||
// requests with the http package. Go 1.8 removed the automatic detection
|
||||
|
@ -409,10 +460,10 @@ func (r *Request) getNextRequestBody() (io.ReadCloser, error) {
|
|||
// Related golang/go#18257
|
||||
l, err := aws.SeekerLen(r.Body)
|
||||
if err != nil {
|
||||
return nil, awserr.New(ErrCodeSerialization, "failed to compute request body size", err)
|
||||
return nil, awserr.New(ErrCodeSerialization,
|
||||
"failed to compute request body size", err)
|
||||
}
|
||||
|
||||
var body io.ReadCloser
|
||||
if l == 0 {
|
||||
body = NoBody
|
||||
} else if l > 0 {
|
||||
|
@ -473,15 +524,13 @@ func (r *Request) Send() error {
|
|||
r.AttemptTime = time.Now()
|
||||
|
||||
if err := r.Sign(); err != nil {
|
||||
debugLogReqError(r, "Sign Request", false, err)
|
||||
debugLogReqError(r, "Sign Request", notRetrying, err)
|
||||
return err
|
||||
}
|
||||
|
||||
if err := r.sendRequest(); err == nil {
|
||||
return nil
|
||||
} else if !shouldRetryCancel(r.Error) {
|
||||
return err
|
||||
} else {
|
||||
}
|
||||
r.Handlers.Retry.Run(r)
|
||||
r.Handlers.AfterRetry.Run(r)
|
||||
|
||||
|
@ -489,13 +538,14 @@ func (r *Request) Send() error {
|
|||
return r.Error
|
||||
}
|
||||
|
||||
r.prepareRetry()
|
||||
continue
|
||||
if err := r.prepareRetry(); err != nil {
|
||||
r.Error = err
|
||||
return err
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func (r *Request) prepareRetry() {
|
||||
func (r *Request) prepareRetry() error {
|
||||
if r.Config.LogLevel.Matches(aws.LogDebugWithRequestRetries) {
|
||||
r.Config.Logger.Log(fmt.Sprintf("DEBUG: Retrying Request %s/%s, attempt %d",
|
||||
r.ClientInfo.ServiceName, r.Operation.Name, r.RetryCount))
|
||||
|
@ -506,12 +556,19 @@ func (r *Request) prepareRetry() {
|
|||
// the request's body even though the Client's Do returned.
|
||||
r.HTTPRequest = copyHTTPRequest(r.HTTPRequest, nil)
|
||||
r.ResetBody()
|
||||
if err := r.Error; err != nil {
|
||||
return awserr.New(ErrCodeSerialization,
|
||||
"failed to prepare body for retry", err)
|
||||
|
||||
}
|
||||
|
||||
// Closing response body to ensure that no response body is leaked
|
||||
// between retry attempts.
|
||||
if r.HTTPResponse != nil && r.HTTPResponse.Body != nil {
|
||||
r.HTTPResponse.Body.Close()
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (r *Request) sendRequest() (sendErr error) {
|
||||
|
@ -520,7 +577,9 @@ func (r *Request) sendRequest() (sendErr error) {
|
|||
r.Retryable = nil
|
||||
r.Handlers.Send.Run(r)
|
||||
if r.Error != nil {
|
||||
debugLogReqError(r, "Send Request", r.WillRetry(), r.Error)
|
||||
debugLogReqError(r, "Send Request",
|
||||
fmtAttemptCount(r.RetryCount, r.MaxRetries()),
|
||||
r.Error)
|
||||
return r.Error
|
||||
}
|
||||
|
||||
|
@ -528,13 +587,17 @@ func (r *Request) sendRequest() (sendErr error) {
|
|||
r.Handlers.ValidateResponse.Run(r)
|
||||
if r.Error != nil {
|
||||
r.Handlers.UnmarshalError.Run(r)
|
||||
debugLogReqError(r, "Validate Response", r.WillRetry(), r.Error)
|
||||
debugLogReqError(r, "Validate Response",
|
||||
fmtAttemptCount(r.RetryCount, r.MaxRetries()),
|
||||
r.Error)
|
||||
return r.Error
|
||||
}
|
||||
|
||||
r.Handlers.Unmarshal.Run(r)
|
||||
if r.Error != nil {
|
||||
debugLogReqError(r, "Unmarshal Response", r.WillRetry(), r.Error)
|
||||
debugLogReqError(r, "Unmarshal Response",
|
||||
fmtAttemptCount(r.RetryCount, r.MaxRetries()),
|
||||
r.Error)
|
||||
return r.Error
|
||||
}
|
||||
|
||||
|
@ -561,48 +624,6 @@ func AddToUserAgent(r *Request, s string) {
|
|||
r.HTTPRequest.Header.Set("User-Agent", s)
|
||||
}
|
||||
|
||||
type temporary interface {
|
||||
Temporary() bool
|
||||
}
|
||||
|
||||
func shouldRetryCancel(err error) bool {
|
||||
switch err := err.(type) {
|
||||
case awserr.Error:
|
||||
if err.Code() == CanceledErrorCode {
|
||||
return false
|
||||
}
|
||||
return shouldRetryCancel(err.OrigErr())
|
||||
case *url.Error:
|
||||
if strings.Contains(err.Error(), "connection refused") {
|
||||
// Refused connections should be retried as the service may not yet
|
||||
// be running on the port. Go TCP dial considers refused
|
||||
// connections as not temporary.
|
||||
return true
|
||||
}
|
||||
// *url.Error only implements Temporary after golang 1.6 but since
|
||||
// url.Error only wraps the error:
|
||||
return shouldRetryCancel(err.Err)
|
||||
case temporary:
|
||||
// If the error is temporary, we want to allow continuation of the
|
||||
// retry process
|
||||
return err.Temporary()
|
||||
case nil:
|
||||
// `awserr.Error.OrigErr()` can be nil, meaning there was an error but
|
||||
// because we don't know the cause, it is marked as retriable. See
|
||||
// TestRequest4xxUnretryable for an example.
|
||||
return true
|
||||
default:
|
||||
switch err.Error() {
|
||||
case "net/http: request canceled",
|
||||
"net/http: request canceled while waiting for connection":
|
||||
// known 1.5 error case when an http request is cancelled
|
||||
return false
|
||||
}
|
||||
// here we don't know the error; so we allow a retry.
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
||||
// SanitizeHostForHeader removes default port from host and updates request.Host
|
||||
func SanitizeHostForHeader(r *http.Request) {
|
||||
host := getHost(r)
|
||||
|
@ -618,6 +639,10 @@ func getHost(r *http.Request) string {
|
|||
return r.Host
|
||||
}
|
||||
|
||||
if r.URL == nil {
|
||||
return ""
|
||||
}
|
||||
|
||||
return r.URL.Host
|
||||
}
|
||||
|
||||
|
|
|
@ -4,6 +4,8 @@ package request
|
|||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
)
|
||||
|
||||
// NoBody is a http.NoBody reader instructing Go HTTP client to not include
|
||||
|
@ -24,7 +26,8 @@ var NoBody = http.NoBody
|
|||
func (r *Request) ResetBody() {
|
||||
body, err := r.getNextRequestBody()
|
||||
if err != nil {
|
||||
r.Error = err
|
||||
r.Error = awserr.New(ErrCodeSerialization,
|
||||
"failed to reset request body", err)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
|
@ -17,11 +17,13 @@ import (
|
|||
// does the pagination between API operations, and Paginator defines the
|
||||
// configuration that will be used per page request.
|
||||
//
|
||||
// cont := true
|
||||
// for p.Next() && cont {
|
||||
// for p.Next() {
|
||||
// data := p.Page().(*s3.ListObjectsOutput)
|
||||
// // process the page's data
|
||||
// // ...
|
||||
// // break out of loop to stop fetching additional pages
|
||||
// }
|
||||
//
|
||||
// return p.Err()
|
||||
//
|
||||
// See service client API operation Pages methods for examples how the SDK will
|
||||
|
@ -146,7 +148,7 @@ func (r *Request) nextPageTokens() []interface{} {
|
|||
return nil
|
||||
}
|
||||
case bool:
|
||||
if v == false {
|
||||
if !v {
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,32 +1,81 @@
|
|||
package request
|
||||
|
||||
import (
|
||||
"net"
|
||||
"net/url"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
)
|
||||
|
||||
// Retryer is an interface to control retry logic for a given service.
|
||||
// The default implementation used by most services is the client.DefaultRetryer
|
||||
// structure, which contains basic retry logic using exponential backoff.
|
||||
// Retryer provides the interface drive the SDK's request retry behavior. The
|
||||
// Retryer implementation is responsible for implementing exponential backoff,
|
||||
// and determine if a request API error should be retried.
|
||||
//
|
||||
// client.DefaultRetryer is the SDK's default implementation of the Retryer. It
|
||||
// uses the which uses the Request.IsErrorRetryable and Request.IsErrorThrottle
|
||||
// methods to determine if the request is retried.
|
||||
type Retryer interface {
|
||||
// RetryRules return the retry delay that should be used by the SDK before
|
||||
// making another request attempt for the failed request.
|
||||
RetryRules(*Request) time.Duration
|
||||
|
||||
// ShouldRetry returns if the failed request is retryable.
|
||||
//
|
||||
// Implementations may consider request attempt count when determining if a
|
||||
// request is retryable, but the SDK will use MaxRetries to limit the
|
||||
// number of attempts a request are made.
|
||||
ShouldRetry(*Request) bool
|
||||
|
||||
// MaxRetries is the number of times a request may be retried before
|
||||
// failing.
|
||||
MaxRetries() int
|
||||
}
|
||||
|
||||
// WithRetryer sets a config Retryer value to the given Config returning it
|
||||
// for chaining.
|
||||
// WithRetryer sets a Retryer value to the given Config returning the Config
|
||||
// value for chaining. The value must not be nil.
|
||||
func WithRetryer(cfg *aws.Config, retryer Retryer) *aws.Config {
|
||||
if retryer == nil {
|
||||
if cfg.Logger != nil {
|
||||
cfg.Logger.Log("ERROR: Request.WithRetryer called with nil retryer. Replacing with retry disabled Retryer.")
|
||||
}
|
||||
retryer = noOpRetryer{}
|
||||
}
|
||||
cfg.Retryer = retryer
|
||||
return cfg
|
||||
|
||||
}
|
||||
|
||||
// noOpRetryer is a internal no op retryer used when a request is created
|
||||
// without a retryer.
|
||||
//
|
||||
// Provides a retryer that performs no retries.
|
||||
// It should be used when we do not want retries to be performed.
|
||||
type noOpRetryer struct{}
|
||||
|
||||
// MaxRetries returns the number of maximum returns the service will use to make
|
||||
// an individual API; For NoOpRetryer the MaxRetries will always be zero.
|
||||
func (d noOpRetryer) MaxRetries() int {
|
||||
return 0
|
||||
}
|
||||
|
||||
// ShouldRetry will always return false for NoOpRetryer, as it should never retry.
|
||||
func (d noOpRetryer) ShouldRetry(_ *Request) bool {
|
||||
return false
|
||||
}
|
||||
|
||||
// RetryRules returns the delay duration before retrying this request again;
|
||||
// since NoOpRetryer does not retry, RetryRules always returns 0.
|
||||
func (d noOpRetryer) RetryRules(_ *Request) time.Duration {
|
||||
return 0
|
||||
}
|
||||
|
||||
// retryableCodes is a collection of service response codes which are retry-able
|
||||
// without any further action.
|
||||
var retryableCodes = map[string]struct{}{
|
||||
"RequestError": {},
|
||||
ErrCodeRequestError: {},
|
||||
"RequestTimeout": {},
|
||||
ErrCodeResponseTimeout: {},
|
||||
"RequestTimeoutException": {}, // Glacier's flavor of RequestTimeout
|
||||
|
@ -34,13 +83,16 @@ var retryableCodes = map[string]struct{}{
|
|||
|
||||
var throttleCodes = map[string]struct{}{
|
||||
"ProvisionedThroughputExceededException": {},
|
||||
"ThrottledException": {}, // SNS, XRay, ResourceGroupsTagging API
|
||||
"Throttling": {},
|
||||
"ThrottlingException": {},
|
||||
"RequestLimitExceeded": {},
|
||||
"RequestThrottled": {},
|
||||
"RequestThrottledException": {},
|
||||
"TooManyRequestsException": {}, // Lambda functions
|
||||
"PriorRequestNotComplete": {}, // Route53
|
||||
"TransactionInProgressException": {},
|
||||
"EC2ThrottledException": {}, // EC2
|
||||
}
|
||||
|
||||
// credsExpiredCodes is a collection of error codes which signify the credentials
|
||||
|
@ -75,10 +127,6 @@ var validParentCodes = map[string]struct{}{
|
|||
ErrCodeRead: {},
|
||||
}
|
||||
|
||||
type temporaryError interface {
|
||||
Temporary() bool
|
||||
}
|
||||
|
||||
func isNestedErrorRetryable(parentErr awserr.Error) bool {
|
||||
if parentErr == nil {
|
||||
return false
|
||||
|
@ -97,7 +145,7 @@ func isNestedErrorRetryable(parentErr awserr.Error) bool {
|
|||
return isCodeRetryable(aerr.Code())
|
||||
}
|
||||
|
||||
if t, ok := err.(temporaryError); ok {
|
||||
if t, ok := err.(temporary); ok {
|
||||
return t.Temporary() || isErrConnectionReset(err)
|
||||
}
|
||||
|
||||
|
@ -107,33 +155,91 @@ func isNestedErrorRetryable(parentErr awserr.Error) bool {
|
|||
// IsErrorRetryable returns whether the error is retryable, based on its Code.
|
||||
// Returns false if error is nil.
|
||||
func IsErrorRetryable(err error) bool {
|
||||
if err != nil {
|
||||
if aerr, ok := err.(awserr.Error); ok {
|
||||
return isCodeRetryable(aerr.Code()) || isNestedErrorRetryable(aerr)
|
||||
}
|
||||
}
|
||||
if err == nil {
|
||||
return false
|
||||
}
|
||||
return shouldRetryError(err)
|
||||
}
|
||||
|
||||
type temporary interface {
|
||||
Temporary() bool
|
||||
}
|
||||
|
||||
func shouldRetryError(origErr error) bool {
|
||||
switch err := origErr.(type) {
|
||||
case awserr.Error:
|
||||
if err.Code() == CanceledErrorCode {
|
||||
return false
|
||||
}
|
||||
if isNestedErrorRetryable(err) {
|
||||
return true
|
||||
}
|
||||
|
||||
origErr := err.OrigErr()
|
||||
var shouldRetry bool
|
||||
if origErr != nil {
|
||||
shouldRetry = shouldRetryError(origErr)
|
||||
if err.Code() == ErrCodeRequestError && !shouldRetry {
|
||||
return false
|
||||
}
|
||||
}
|
||||
if isCodeRetryable(err.Code()) {
|
||||
return true
|
||||
}
|
||||
return shouldRetry
|
||||
|
||||
case *url.Error:
|
||||
if strings.Contains(err.Error(), "connection refused") {
|
||||
// Refused connections should be retried as the service may not yet
|
||||
// be running on the port. Go TCP dial considers refused
|
||||
// connections as not temporary.
|
||||
return true
|
||||
}
|
||||
// *url.Error only implements Temporary after golang 1.6 but since
|
||||
// url.Error only wraps the error:
|
||||
return shouldRetryError(err.Err)
|
||||
|
||||
case temporary:
|
||||
if netErr, ok := err.(*net.OpError); ok && netErr.Op == "dial" {
|
||||
return true
|
||||
}
|
||||
// If the error is temporary, we want to allow continuation of the
|
||||
// retry process
|
||||
return err.Temporary() || isErrConnectionReset(origErr)
|
||||
|
||||
case nil:
|
||||
// `awserr.Error.OrigErr()` can be nil, meaning there was an error but
|
||||
// because we don't know the cause, it is marked as retryable. See
|
||||
// TestRequest4xxUnretryable for an example.
|
||||
return true
|
||||
|
||||
default:
|
||||
switch err.Error() {
|
||||
case "net/http: request canceled",
|
||||
"net/http: request canceled while waiting for connection":
|
||||
// known 1.5 error case when an http request is cancelled
|
||||
return false
|
||||
}
|
||||
// here we don't know the error; so we allow a retry.
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
||||
// IsErrorThrottle returns whether the error is to be throttled based on its code.
|
||||
// Returns false if error is nil.
|
||||
func IsErrorThrottle(err error) bool {
|
||||
if err != nil {
|
||||
if aerr, ok := err.(awserr.Error); ok {
|
||||
if aerr, ok := err.(awserr.Error); ok && aerr != nil {
|
||||
return isCodeThrottle(aerr.Code())
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
// IsErrorExpiredCreds returns whether the error code is a credential expiry error.
|
||||
// Returns false if error is nil.
|
||||
// IsErrorExpiredCreds returns whether the error code is a credential expiry
|
||||
// error. Returns false if error is nil.
|
||||
func IsErrorExpiredCreds(err error) bool {
|
||||
if err != nil {
|
||||
if aerr, ok := err.(awserr.Error); ok {
|
||||
if aerr, ok := err.(awserr.Error); ok && aerr != nil {
|
||||
return isCodeExpiredCreds(aerr.Code())
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
|
@ -142,17 +248,58 @@ func IsErrorExpiredCreds(err error) bool {
|
|||
//
|
||||
// Alias for the utility function IsErrorRetryable
|
||||
func (r *Request) IsErrorRetryable() bool {
|
||||
if isErrCode(r.Error, r.RetryErrorCodes) {
|
||||
return true
|
||||
}
|
||||
|
||||
// HTTP response status code 501 should not be retried.
|
||||
// 501 represents Not Implemented which means the request method is not
|
||||
// supported by the server and cannot be handled.
|
||||
if r.HTTPResponse != nil {
|
||||
// HTTP response status code 500 represents internal server error and
|
||||
// should be retried without any throttle.
|
||||
if r.HTTPResponse.StatusCode == 500 {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return IsErrorRetryable(r.Error)
|
||||
}
|
||||
|
||||
// IsErrorThrottle returns whether the error is to be throttled based on its code.
|
||||
// Returns false if the request has no Error set
|
||||
// IsErrorThrottle returns whether the error is to be throttled based on its
|
||||
// code. Returns false if the request has no Error set.
|
||||
//
|
||||
// Alias for the utility function IsErrorThrottle
|
||||
func (r *Request) IsErrorThrottle() bool {
|
||||
if isErrCode(r.Error, r.ThrottleErrorCodes) {
|
||||
return true
|
||||
}
|
||||
|
||||
if r.HTTPResponse != nil {
|
||||
switch r.HTTPResponse.StatusCode {
|
||||
case
|
||||
429, // error caused due to too many requests
|
||||
502, // Bad Gateway error should be throttled
|
||||
503, // caused when service is unavailable
|
||||
504: // error occurred due to gateway timeout
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
||||
return IsErrorThrottle(r.Error)
|
||||
}
|
||||
|
||||
func isErrCode(err error, codes []string) bool {
|
||||
if aerr, ok := err.(awserr.Error); ok && aerr != nil {
|
||||
for _, code := range codes {
|
||||
if code == aerr.Code() {
|
||||
return true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
// IsErrorExpired returns whether the error code is a credential expiry error.
|
||||
// Returns false if the request has no Error set.
|
||||
//
|
||||
|
|
|
@ -0,0 +1,267 @@
|
|||
package session
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials/processcreds"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
|
||||
"github.com/aws/aws-sdk-go/aws/defaults"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
"github.com/aws/aws-sdk-go/internal/shareddefaults"
|
||||
)
|
||||
|
||||
func resolveCredentials(cfg *aws.Config,
|
||||
envCfg envConfig, sharedCfg sharedConfig,
|
||||
handlers request.Handlers,
|
||||
sessOpts Options,
|
||||
) (*credentials.Credentials, error) {
|
||||
|
||||
switch {
|
||||
case len(sessOpts.Profile) != 0:
|
||||
// User explicitly provided an Profile in the session's configuration
|
||||
// so load that profile from shared config first.
|
||||
// Github(aws/aws-sdk-go#2727)
|
||||
return resolveCredsFromProfile(cfg, envCfg, sharedCfg, handlers, sessOpts)
|
||||
|
||||
case envCfg.Creds.HasKeys():
|
||||
// Environment credentials
|
||||
return credentials.NewStaticCredentialsFromCreds(envCfg.Creds), nil
|
||||
|
||||
case len(envCfg.WebIdentityTokenFilePath) != 0:
|
||||
// Web identity token from environment, RoleARN required to also be
|
||||
// set.
|
||||
return assumeWebIdentity(cfg, handlers,
|
||||
envCfg.WebIdentityTokenFilePath,
|
||||
envCfg.RoleARN,
|
||||
envCfg.RoleSessionName,
|
||||
)
|
||||
|
||||
default:
|
||||
// Fallback to the "default" credential resolution chain.
|
||||
return resolveCredsFromProfile(cfg, envCfg, sharedCfg, handlers, sessOpts)
|
||||
}
|
||||
}
|
||||
|
||||
// WebIdentityEmptyRoleARNErr will occur if 'AWS_WEB_IDENTITY_TOKEN_FILE' was set but
|
||||
// 'AWS_ROLE_ARN' was not set.
|
||||
var WebIdentityEmptyRoleARNErr = awserr.New(stscreds.ErrCodeWebIdentity, "role ARN is not set", nil)
|
||||
|
||||
// WebIdentityEmptyTokenFilePathErr will occur if 'AWS_ROLE_ARN' was set but
|
||||
// 'AWS_WEB_IDENTITY_TOKEN_FILE' was not set.
|
||||
var WebIdentityEmptyTokenFilePathErr = awserr.New(stscreds.ErrCodeWebIdentity, "token file path is not set", nil)
|
||||
|
||||
func assumeWebIdentity(cfg *aws.Config, handlers request.Handlers,
|
||||
filepath string,
|
||||
roleARN, sessionName string,
|
||||
) (*credentials.Credentials, error) {
|
||||
|
||||
if len(filepath) == 0 {
|
||||
return nil, WebIdentityEmptyTokenFilePathErr
|
||||
}
|
||||
|
||||
if len(roleARN) == 0 {
|
||||
return nil, WebIdentityEmptyRoleARNErr
|
||||
}
|
||||
|
||||
creds := stscreds.NewWebIdentityCredentials(
|
||||
&Session{
|
||||
Config: cfg,
|
||||
Handlers: handlers.Copy(),
|
||||
},
|
||||
roleARN,
|
||||
sessionName,
|
||||
filepath,
|
||||
)
|
||||
|
||||
return creds, nil
|
||||
}
|
||||
|
||||
func resolveCredsFromProfile(cfg *aws.Config,
|
||||
envCfg envConfig, sharedCfg sharedConfig,
|
||||
handlers request.Handlers,
|
||||
sessOpts Options,
|
||||
) (creds *credentials.Credentials, err error) {
|
||||
|
||||
switch {
|
||||
case sharedCfg.SourceProfile != nil:
|
||||
// Assume IAM role with credentials source from a different profile.
|
||||
creds, err = resolveCredsFromProfile(cfg, envCfg,
|
||||
*sharedCfg.SourceProfile, handlers, sessOpts,
|
||||
)
|
||||
|
||||
case sharedCfg.Creds.HasKeys():
|
||||
// Static Credentials from Shared Config/Credentials file.
|
||||
creds = credentials.NewStaticCredentialsFromCreds(
|
||||
sharedCfg.Creds,
|
||||
)
|
||||
|
||||
case len(sharedCfg.CredentialProcess) != 0:
|
||||
// Get credentials from CredentialProcess
|
||||
creds = processcreds.NewCredentials(sharedCfg.CredentialProcess)
|
||||
|
||||
case len(sharedCfg.CredentialSource) != 0:
|
||||
creds, err = resolveCredsFromSource(cfg, envCfg,
|
||||
sharedCfg, handlers, sessOpts,
|
||||
)
|
||||
|
||||
case len(sharedCfg.WebIdentityTokenFile) != 0:
|
||||
// Credentials from Assume Web Identity token require an IAM Role, and
|
||||
// that roll will be assumed. May be wrapped with another assume role
|
||||
// via SourceProfile.
|
||||
return assumeWebIdentity(cfg, handlers,
|
||||
sharedCfg.WebIdentityTokenFile,
|
||||
sharedCfg.RoleARN,
|
||||
sharedCfg.RoleSessionName,
|
||||
)
|
||||
|
||||
default:
|
||||
// Fallback to default credentials provider, include mock errors for
|
||||
// the credential chain so user can identify why credentials failed to
|
||||
// be retrieved.
|
||||
creds = credentials.NewCredentials(&credentials.ChainProvider{
|
||||
VerboseErrors: aws.BoolValue(cfg.CredentialsChainVerboseErrors),
|
||||
Providers: []credentials.Provider{
|
||||
&credProviderError{
|
||||
Err: awserr.New("EnvAccessKeyNotFound",
|
||||
"failed to find credentials in the environment.", nil),
|
||||
},
|
||||
&credProviderError{
|
||||
Err: awserr.New("SharedCredsLoad",
|
||||
fmt.Sprintf("failed to load profile, %s.", envCfg.Profile), nil),
|
||||
},
|
||||
defaults.RemoteCredProvider(*cfg, handlers),
|
||||
},
|
||||
})
|
||||
}
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if len(sharedCfg.RoleARN) > 0 {
|
||||
cfgCp := *cfg
|
||||
cfgCp.Credentials = creds
|
||||
return credsFromAssumeRole(cfgCp, handlers, sharedCfg, sessOpts)
|
||||
}
|
||||
|
||||
return creds, nil
|
||||
}
|
||||
|
||||
// valid credential source values
|
||||
const (
|
||||
credSourceEc2Metadata = "Ec2InstanceMetadata"
|
||||
credSourceEnvironment = "Environment"
|
||||
credSourceECSContainer = "EcsContainer"
|
||||
)
|
||||
|
||||
func resolveCredsFromSource(cfg *aws.Config,
|
||||
envCfg envConfig, sharedCfg sharedConfig,
|
||||
handlers request.Handlers,
|
||||
sessOpts Options,
|
||||
) (creds *credentials.Credentials, err error) {
|
||||
|
||||
switch sharedCfg.CredentialSource {
|
||||
case credSourceEc2Metadata:
|
||||
p := defaults.RemoteCredProvider(*cfg, handlers)
|
||||
creds = credentials.NewCredentials(p)
|
||||
|
||||
case credSourceEnvironment:
|
||||
creds = credentials.NewStaticCredentialsFromCreds(envCfg.Creds)
|
||||
|
||||
case credSourceECSContainer:
|
||||
if len(os.Getenv(shareddefaults.ECSCredsProviderEnvVar)) == 0 {
|
||||
return nil, ErrSharedConfigECSContainerEnvVarEmpty
|
||||
}
|
||||
|
||||
p := defaults.RemoteCredProvider(*cfg, handlers)
|
||||
creds = credentials.NewCredentials(p)
|
||||
|
||||
default:
|
||||
return nil, ErrSharedConfigInvalidCredSource
|
||||
}
|
||||
|
||||
return creds, nil
|
||||
}
|
||||
|
||||
func credsFromAssumeRole(cfg aws.Config,
|
||||
handlers request.Handlers,
|
||||
sharedCfg sharedConfig,
|
||||
sessOpts Options,
|
||||
) (*credentials.Credentials, error) {
|
||||
|
||||
if len(sharedCfg.MFASerial) != 0 && sessOpts.AssumeRoleTokenProvider == nil {
|
||||
// AssumeRole Token provider is required if doing Assume Role
|
||||
// with MFA.
|
||||
return nil, AssumeRoleTokenProviderNotSetError{}
|
||||
}
|
||||
|
||||
return stscreds.NewCredentials(
|
||||
&Session{
|
||||
Config: &cfg,
|
||||
Handlers: handlers.Copy(),
|
||||
},
|
||||
sharedCfg.RoleARN,
|
||||
func(opt *stscreds.AssumeRoleProvider) {
|
||||
opt.RoleSessionName = sharedCfg.RoleSessionName
|
||||
|
||||
if sessOpts.AssumeRoleDuration == 0 &&
|
||||
sharedCfg.AssumeRoleDuration != nil &&
|
||||
*sharedCfg.AssumeRoleDuration/time.Minute > 15 {
|
||||
opt.Duration = *sharedCfg.AssumeRoleDuration
|
||||
} else if sessOpts.AssumeRoleDuration != 0 {
|
||||
opt.Duration = sessOpts.AssumeRoleDuration
|
||||
}
|
||||
|
||||
// Assume role with external ID
|
||||
if len(sharedCfg.ExternalID) > 0 {
|
||||
opt.ExternalID = aws.String(sharedCfg.ExternalID)
|
||||
}
|
||||
|
||||
// Assume role with MFA
|
||||
if len(sharedCfg.MFASerial) > 0 {
|
||||
opt.SerialNumber = aws.String(sharedCfg.MFASerial)
|
||||
opt.TokenProvider = sessOpts.AssumeRoleTokenProvider
|
||||
}
|
||||
},
|
||||
), nil
|
||||
}
|
||||
|
||||
// AssumeRoleTokenProviderNotSetError is an error returned when creating a
|
||||
// session when the MFAToken option is not set when shared config is configured
|
||||
// load assume a role with an MFA token.
|
||||
type AssumeRoleTokenProviderNotSetError struct{}
|
||||
|
||||
// Code is the short id of the error.
|
||||
func (e AssumeRoleTokenProviderNotSetError) Code() string {
|
||||
return "AssumeRoleTokenProviderNotSetError"
|
||||
}
|
||||
|
||||
// Message is the description of the error
|
||||
func (e AssumeRoleTokenProviderNotSetError) Message() string {
|
||||
return fmt.Sprintf("assume role with MFA enabled, but AssumeRoleTokenProvider session option not set.")
|
||||
}
|
||||
|
||||
// OrigErr is the underlying error that caused the failure.
|
||||
func (e AssumeRoleTokenProviderNotSetError) OrigErr() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// Error satisfies the error interface.
|
||||
func (e AssumeRoleTokenProviderNotSetError) Error() string {
|
||||
return awserr.SprintError(e.Code(), e.Message(), "", nil)
|
||||
}
|
||||
|
||||
type credProviderError struct {
|
||||
Err error
|
||||
}
|
||||
|
||||
func (c credProviderError) Retrieve() (credentials.Value, error) {
|
||||
return credentials.Value{}, c.Err
|
||||
}
|
||||
func (c credProviderError) IsExpired() bool {
|
||||
return true
|
||||
}
|
|
@ -1,97 +1,93 @@
|
|||
/*
|
||||
Package session provides configuration for the SDK's service clients.
|
||||
|
||||
Sessions can be shared across all service clients that share the same base
|
||||
configuration. The Session is built from the SDK's default configuration and
|
||||
request handlers.
|
||||
|
||||
Sessions should be cached when possible, because creating a new Session will
|
||||
load all configuration values from the environment, and config files each time
|
||||
the Session is created. Sharing the Session value across all of your service
|
||||
clients will ensure the configuration is loaded the fewest number of times possible.
|
||||
|
||||
Concurrency
|
||||
Package session provides configuration for the SDK's service clients. Sessions
|
||||
can be shared across service clients that share the same base configuration.
|
||||
|
||||
Sessions are safe to use concurrently as long as the Session is not being
|
||||
modified. The SDK will not modify the Session once the Session has been created.
|
||||
Creating service clients concurrently from a shared Session is safe.
|
||||
modified. Sessions should be cached when possible, because creating a new
|
||||
Session will load all configuration values from the environment, and config
|
||||
files each time the Session is created. Sharing the Session value across all of
|
||||
your service clients will ensure the configuration is loaded the fewest number
|
||||
of times possible.
|
||||
|
||||
Sessions from Shared Config
|
||||
|
||||
Sessions can be created using the method above that will only load the
|
||||
additional config if the AWS_SDK_LOAD_CONFIG environment variable is set.
|
||||
Alternatively you can explicitly create a Session with shared config enabled.
|
||||
To do this you can use NewSessionWithOptions to configure how the Session will
|
||||
be created. Using the NewSessionWithOptions with SharedConfigState set to
|
||||
SharedConfigEnable will create the session as if the AWS_SDK_LOAD_CONFIG
|
||||
environment variable was set.
|
||||
|
||||
Creating Sessions
|
||||
|
||||
When creating Sessions optional aws.Config values can be passed in that will
|
||||
override the default, or loaded config values the Session is being created
|
||||
with. This allows you to provide additional, or case based, configuration
|
||||
as needed.
|
||||
Sessions options from Shared Config
|
||||
|
||||
By default NewSession will only load credentials from the shared credentials
|
||||
file (~/.aws/credentials). If the AWS_SDK_LOAD_CONFIG environment variable is
|
||||
set to a truthy value the Session will be created from the configuration
|
||||
values from the shared config (~/.aws/config) and shared credentials
|
||||
(~/.aws/credentials) files. See the section Sessions from Shared Config for
|
||||
more information.
|
||||
(~/.aws/credentials) files. Using the NewSessionWithOptions with
|
||||
SharedConfigState set to SharedConfigEnable will create the session as if the
|
||||
AWS_SDK_LOAD_CONFIG environment variable was set.
|
||||
|
||||
Create a Session with the default config and request handlers. With credentials
|
||||
region, and profile loaded from the environment and shared config automatically.
|
||||
Requires the AWS_PROFILE to be set, or "default" is used.
|
||||
Credential and config loading order
|
||||
|
||||
The Session will attempt to load configuration and credentials from the
|
||||
environment, configuration files, and other credential sources. The order
|
||||
configuration is loaded in is:
|
||||
|
||||
* Environment Variables
|
||||
* Shared Credentials file
|
||||
* Shared Configuration file (if SharedConfig is enabled)
|
||||
* EC2 Instance Metadata (credentials only)
|
||||
|
||||
The Environment variables for credentials will have precedence over shared
|
||||
config even if SharedConfig is enabled. To override this behavior, and use
|
||||
shared config credentials instead specify the session.Options.Profile, (e.g.
|
||||
when using credential_source=Environment to assume a role).
|
||||
|
||||
sess, err := session.NewSessionWithOptions(session.Options{
|
||||
Profile: "myProfile",
|
||||
})
|
||||
|
||||
Creating Sessions
|
||||
|
||||
Creating a Session without additional options will load credentials region, and
|
||||
profile loaded from the environment and shared config automatically. See,
|
||||
"Environment Variables" section for information on environment variables used
|
||||
by Session.
|
||||
|
||||
// Create Session
|
||||
sess := session.Must(session.NewSession())
|
||||
sess, err := session.NewSession()
|
||||
|
||||
|
||||
When creating Sessions optional aws.Config values can be passed in that will
|
||||
override the default, or loaded, config values the Session is being created
|
||||
with. This allows you to provide additional, or case based, configuration
|
||||
as needed.
|
||||
|
||||
// Create a Session with a custom region
|
||||
sess := session.Must(session.NewSession(&aws.Config{
|
||||
Region: aws.String("us-east-1"),
|
||||
}))
|
||||
sess, err := session.NewSession(&aws.Config{
|
||||
Region: aws.String("us-west-2"),
|
||||
})
|
||||
|
||||
// Create a S3 client instance from a session
|
||||
sess := session.Must(session.NewSession())
|
||||
|
||||
svc := s3.New(sess)
|
||||
|
||||
Create Session With Option Overrides
|
||||
|
||||
In addition to NewSession, Sessions can be created using NewSessionWithOptions.
|
||||
This func allows you to control and override how the Session will be created
|
||||
through code instead of being driven by environment variables only.
|
||||
|
||||
Use NewSessionWithOptions when you want to provide the config profile, or
|
||||
override the shared config state (AWS_SDK_LOAD_CONFIG).
|
||||
Use NewSessionWithOptions to provide additional configuration driving how the
|
||||
Session's configuration will be loaded. Such as, specifying shared config
|
||||
profile, or override the shared config state, (AWS_SDK_LOAD_CONFIG).
|
||||
|
||||
// Equivalent to session.NewSession()
|
||||
sess := session.Must(session.NewSessionWithOptions(session.Options{
|
||||
sess, err := session.NewSessionWithOptions(session.Options{
|
||||
// Options
|
||||
}))
|
||||
})
|
||||
|
||||
sess, err := session.NewSessionWithOptions(session.Options{
|
||||
// Specify profile to load for the session's config
|
||||
sess := session.Must(session.NewSessionWithOptions(session.Options{
|
||||
Profile: "profile_name",
|
||||
}))
|
||||
|
||||
// Specify profile for config and region for requests
|
||||
sess := session.Must(session.NewSessionWithOptions(session.Options{
|
||||
Config: aws.Config{Region: aws.String("us-east-1")},
|
||||
Profile: "profile_name",
|
||||
}))
|
||||
// Provide SDK Config options, such as Region.
|
||||
Config: aws.Config{
|
||||
Region: aws.String("us-west-2"),
|
||||
},
|
||||
|
||||
// Force enable Shared Config support
|
||||
sess := session.Must(session.NewSessionWithOptions(session.Options{
|
||||
SharedConfigState: session.SharedConfigEnable,
|
||||
}))
|
||||
})
|
||||
|
||||
Adding Handlers
|
||||
|
||||
You can add handlers to a session for processing HTTP requests. All service
|
||||
clients that use the session inherit the handlers. For example, the following
|
||||
handler logs every request and its payload made by a service client:
|
||||
You can add handlers to a session to decorate API operation, (e.g. adding HTTP
|
||||
headers). All clients that use the Session receive a copy of the Session's
|
||||
handlers. For example, the following request handler added to the Session logs
|
||||
every requests made.
|
||||
|
||||
// Create a session, and add additional handlers for all service
|
||||
// clients created with the Session to inherit. Adds logging handler.
|
||||
|
@ -99,22 +95,15 @@ handler logs every request and its payload made by a service client:
|
|||
|
||||
sess.Handlers.Send.PushFront(func(r *request.Request) {
|
||||
// Log every request made and its payload
|
||||
logger.Printf("Request: %s/%s, Payload: %s",
|
||||
logger.Printf("Request: %s/%s, Params: %s",
|
||||
r.ClientInfo.ServiceName, r.Operation, r.Params)
|
||||
})
|
||||
|
||||
Deprecated "New" function
|
||||
|
||||
The New session function has been deprecated because it does not provide good
|
||||
way to return errors that occur when loading the configuration files and values.
|
||||
Because of this, NewSession was created so errors can be retrieved when
|
||||
creating a session fails.
|
||||
|
||||
Shared Config Fields
|
||||
|
||||
By default the SDK will only load the shared credentials file's (~/.aws/credentials)
|
||||
credentials values, and all other config is provided by the environment variables,
|
||||
SDK defaults, and user provided aws.Config values.
|
||||
By default the SDK will only load the shared credentials file's
|
||||
(~/.aws/credentials) credentials values, and all other config is provided by
|
||||
the environment variables, SDK defaults, and user provided aws.Config values.
|
||||
|
||||
If the AWS_SDK_LOAD_CONFIG environment variable is set, or SharedConfigEnable
|
||||
option is used to create the Session the full shared config values will be
|
||||
|
@ -125,24 +114,31 @@ files have the same format.
|
|||
|
||||
If both config files are present the configuration from both files will be
|
||||
read. The Session will be created from configuration values from the shared
|
||||
credentials file (~/.aws/credentials) over those in the shared config file (~/.aws/config).
|
||||
credentials file (~/.aws/credentials) over those in the shared config file
|
||||
(~/.aws/config).
|
||||
|
||||
Credentials are the values the SDK should use for authenticating requests with
|
||||
AWS Services. They are from a configuration file will need to include both
|
||||
aws_access_key_id and aws_secret_access_key must be provided together in the
|
||||
same file to be considered valid. The values will be ignored if not a complete
|
||||
group. aws_session_token is an optional field that can be provided if both of
|
||||
the other two fields are also provided.
|
||||
Credentials are the values the SDK uses to authenticating requests with AWS
|
||||
Services. When specified in a file, both aws_access_key_id and
|
||||
aws_secret_access_key must be provided together in the same file to be
|
||||
considered valid. They will be ignored if both are not present.
|
||||
aws_session_token is an optional field that can be provided in addition to the
|
||||
other two fields.
|
||||
|
||||
aws_access_key_id = AKID
|
||||
aws_secret_access_key = SECRET
|
||||
aws_session_token = TOKEN
|
||||
|
||||
Assume Role values allow you to configure the SDK to assume an IAM role using
|
||||
a set of credentials provided in a config file via the source_profile field.
|
||||
Both "role_arn" and "source_profile" are required. The SDK supports assuming
|
||||
a role with MFA token if the session option AssumeRoleTokenProvider
|
||||
is set.
|
||||
; region only supported if SharedConfigEnabled.
|
||||
region = us-east-1
|
||||
|
||||
Assume Role configuration
|
||||
|
||||
The role_arn field allows you to configure the SDK to assume an IAM role using
|
||||
a set of credentials from another source. Such as when paired with static
|
||||
credentials, "profile_source", "credential_process", or "credential_source"
|
||||
fields. If "role_arn" is provided, a source of credentials must also be
|
||||
specified, such as "source_profile", "credential_source", or
|
||||
"credential_process".
|
||||
|
||||
role_arn = arn:aws:iam::<account_number>:role/<role_name>
|
||||
source_profile = profile_with_creds
|
||||
|
@ -150,40 +146,16 @@ is set.
|
|||
mfa_serial = <serial or mfa arn>
|
||||
role_session_name = session_name
|
||||
|
||||
Region is the region the SDK should use for looking up AWS service endpoints
|
||||
and signing requests.
|
||||
|
||||
region = us-east-1
|
||||
|
||||
Assume Role with MFA token
|
||||
|
||||
To create a session with support for assuming an IAM role with MFA set the
|
||||
session option AssumeRoleTokenProvider to a function that will prompt for the
|
||||
MFA token code when the SDK assumes the role and refreshes the role's credentials.
|
||||
This allows you to configure the SDK via the shared config to assumea role
|
||||
with MFA tokens.
|
||||
|
||||
In order for the SDK to assume a role with MFA the SharedConfigState
|
||||
session option must be set to SharedConfigEnable, or AWS_SDK_LOAD_CONFIG
|
||||
environment variable set.
|
||||
|
||||
The shared configuration instructs the SDK to assume an IAM role with MFA
|
||||
when the mfa_serial configuration field is set in the shared config
|
||||
(~/.aws/config) or shared credentials (~/.aws/credentials) file.
|
||||
|
||||
If mfa_serial is set in the configuration, the SDK will assume the role, and
|
||||
the AssumeRoleTokenProvider session option is not set an an error will
|
||||
be returned when creating the session.
|
||||
The SDK supports assuming a role with MFA token. If "mfa_serial" is set, you
|
||||
must also set the Session Option.AssumeRoleTokenProvider. The Session will fail
|
||||
to load if the AssumeRoleTokenProvider is not specified.
|
||||
|
||||
sess := session.Must(session.NewSessionWithOptions(session.Options{
|
||||
AssumeRoleTokenProvider: stscreds.StdinTokenProvider,
|
||||
}))
|
||||
|
||||
// Create service client value configured for credentials
|
||||
// from assumed role.
|
||||
svc := s3.New(sess)
|
||||
|
||||
To setup assume role outside of a session see the stscreds.AssumeRoleProvider
|
||||
To setup Assume Role outside of a session see the stscreds.AssumeRoleProvider
|
||||
documentation.
|
||||
|
||||
Environment Variables
|
||||
|
@ -269,5 +241,22 @@ over the AWS_CA_BUNDLE environment variable, and will be used if both are set.
|
|||
Setting a custom HTTPClient in the aws.Config options will override this setting.
|
||||
To use this option and custom HTTP client, the HTTP client needs to be provided
|
||||
when creating the session. Not the service client.
|
||||
|
||||
The endpoint of the EC2 IMDS client can be configured via the environment
|
||||
variable, AWS_EC2_METADATA_SERVICE_ENDPOINT when creating the client with a
|
||||
Session. See Options.EC2IMDSEndpoint for more details.
|
||||
|
||||
AWS_EC2_METADATA_SERVICE_ENDPOINT=http://169.254.169.254
|
||||
|
||||
If using an URL with an IPv6 address literal, the IPv6 address
|
||||
component must be enclosed in square brackets.
|
||||
|
||||
AWS_EC2_METADATA_SERVICE_ENDPOINT=http://[::1]
|
||||
|
||||
The custom EC2 IMDS endpoint can also be specified via the Session options.
|
||||
|
||||
sess, err := session.NewSessionWithOptions(session.Options{
|
||||
EC2IMDSEndpoint: "http://[::1]",
|
||||
})
|
||||
*/
|
||||
package session
|
||||
|
|
|
@ -1,12 +1,15 @@
|
|||
package session
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"strconv"
|
||||
"strings"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials"
|
||||
"github.com/aws/aws-sdk-go/aws/defaults"
|
||||
"github.com/aws/aws-sdk-go/aws/endpoints"
|
||||
)
|
||||
|
||||
// EnvProviderName provides a name of the provider when config is loaded from environment.
|
||||
|
@ -99,21 +102,66 @@ type envConfig struct {
|
|||
CustomCABundle string
|
||||
|
||||
csmEnabled string
|
||||
CSMEnabled bool
|
||||
CSMEnabled *bool
|
||||
CSMPort string
|
||||
CSMHost string
|
||||
CSMClientID string
|
||||
|
||||
enableEndpointDiscovery string
|
||||
// Enables endpoint discovery via environment variables.
|
||||
//
|
||||
// AWS_ENABLE_ENDPOINT_DISCOVERY=true
|
||||
EnableEndpointDiscovery *bool
|
||||
enableEndpointDiscovery string
|
||||
|
||||
// Specifies the WebIdentity token the SDK should use to assume a role
|
||||
// with.
|
||||
//
|
||||
// AWS_WEB_IDENTITY_TOKEN_FILE=file_path
|
||||
WebIdentityTokenFilePath string
|
||||
|
||||
// Specifies the IAM role arn to use when assuming an role.
|
||||
//
|
||||
// AWS_ROLE_ARN=role_arn
|
||||
RoleARN string
|
||||
|
||||
// Specifies the IAM role session name to use when assuming a role.
|
||||
//
|
||||
// AWS_ROLE_SESSION_NAME=session_name
|
||||
RoleSessionName string
|
||||
|
||||
// Specifies the STS Regional Endpoint flag for the SDK to resolve the endpoint
|
||||
// for a service.
|
||||
//
|
||||
// AWS_STS_REGIONAL_ENDPOINTS=regional
|
||||
// This can take value as `regional` or `legacy`
|
||||
STSRegionalEndpoint endpoints.STSRegionalEndpoint
|
||||
|
||||
// Specifies the S3 Regional Endpoint flag for the SDK to resolve the
|
||||
// endpoint for a service.
|
||||
//
|
||||
// AWS_S3_US_EAST_1_REGIONAL_ENDPOINT=regional
|
||||
// This can take value as `regional` or `legacy`
|
||||
S3UsEast1RegionalEndpoint endpoints.S3UsEast1RegionalEndpoint
|
||||
|
||||
// Specifies if the S3 service should allow ARNs to direct the region
|
||||
// the client's requests are sent to.
|
||||
//
|
||||
// AWS_S3_USE_ARN_REGION=true
|
||||
S3UseARNRegion bool
|
||||
|
||||
// Specifies the alternative endpoint to use for EC2 IMDS.
|
||||
//
|
||||
// AWS_EC2_METADATA_SERVICE_ENDPOINT=http://[::1]
|
||||
EC2IMDSEndpoint string
|
||||
}
|
||||
|
||||
var (
|
||||
csmEnabledEnvKey = []string{
|
||||
"AWS_CSM_ENABLED",
|
||||
}
|
||||
csmHostEnvKey = []string{
|
||||
"AWS_CSM_HOST",
|
||||
}
|
||||
csmPortEnvKey = []string{
|
||||
"AWS_CSM_PORT",
|
||||
}
|
||||
|
@ -150,6 +198,27 @@ var (
|
|||
sharedConfigFileEnvKey = []string{
|
||||
"AWS_CONFIG_FILE",
|
||||
}
|
||||
webIdentityTokenFilePathEnvKey = []string{
|
||||
"AWS_WEB_IDENTITY_TOKEN_FILE",
|
||||
}
|
||||
roleARNEnvKey = []string{
|
||||
"AWS_ROLE_ARN",
|
||||
}
|
||||
roleSessionNameEnvKey = []string{
|
||||
"AWS_ROLE_SESSION_NAME",
|
||||
}
|
||||
stsRegionalEndpointKey = []string{
|
||||
"AWS_STS_REGIONAL_ENDPOINTS",
|
||||
}
|
||||
s3UsEast1RegionalEndpoint = []string{
|
||||
"AWS_S3_US_EAST_1_REGIONAL_ENDPOINT",
|
||||
}
|
||||
s3UseARNRegionEnvKey = []string{
|
||||
"AWS_S3_USE_ARN_REGION",
|
||||
}
|
||||
ec2IMDSEndpointEnvKey = []string{
|
||||
"AWS_EC2_METADATA_SERVICE_ENDPOINT",
|
||||
}
|
||||
)
|
||||
|
||||
// loadEnvConfig retrieves the SDK's environment configuration.
|
||||
|
@ -158,7 +227,7 @@ var (
|
|||
// If the environment variable `AWS_SDK_LOAD_CONFIG` is set to a truthy value
|
||||
// the shared SDK config will be loaded in addition to the SDK's specific
|
||||
// configuration values.
|
||||
func loadEnvConfig() envConfig {
|
||||
func loadEnvConfig() (envConfig, error) {
|
||||
enableSharedConfig, _ := strconv.ParseBool(os.Getenv("AWS_SDK_LOAD_CONFIG"))
|
||||
return envConfigLoad(enableSharedConfig)
|
||||
}
|
||||
|
@ -169,30 +238,42 @@ func loadEnvConfig() envConfig {
|
|||
// Loads the shared configuration in addition to the SDK's specific configuration.
|
||||
// This will load the same values as `loadEnvConfig` if the `AWS_SDK_LOAD_CONFIG`
|
||||
// environment variable is set.
|
||||
func loadSharedEnvConfig() envConfig {
|
||||
func loadSharedEnvConfig() (envConfig, error) {
|
||||
return envConfigLoad(true)
|
||||
}
|
||||
|
||||
func envConfigLoad(enableSharedConfig bool) envConfig {
|
||||
func envConfigLoad(enableSharedConfig bool) (envConfig, error) {
|
||||
cfg := envConfig{}
|
||||
|
||||
cfg.EnableSharedConfig = enableSharedConfig
|
||||
|
||||
setFromEnvVal(&cfg.Creds.AccessKeyID, credAccessEnvKey)
|
||||
setFromEnvVal(&cfg.Creds.SecretAccessKey, credSecretEnvKey)
|
||||
setFromEnvVal(&cfg.Creds.SessionToken, credSessionEnvKey)
|
||||
// Static environment credentials
|
||||
var creds credentials.Value
|
||||
setFromEnvVal(&creds.AccessKeyID, credAccessEnvKey)
|
||||
setFromEnvVal(&creds.SecretAccessKey, credSecretEnvKey)
|
||||
setFromEnvVal(&creds.SessionToken, credSessionEnvKey)
|
||||
if creds.HasKeys() {
|
||||
// Require logical grouping of credentials
|
||||
creds.ProviderName = EnvProviderName
|
||||
cfg.Creds = creds
|
||||
}
|
||||
|
||||
// Role Metadata
|
||||
setFromEnvVal(&cfg.RoleARN, roleARNEnvKey)
|
||||
setFromEnvVal(&cfg.RoleSessionName, roleSessionNameEnvKey)
|
||||
|
||||
// Web identity environment variables
|
||||
setFromEnvVal(&cfg.WebIdentityTokenFilePath, webIdentityTokenFilePathEnvKey)
|
||||
|
||||
// CSM environment variables
|
||||
setFromEnvVal(&cfg.csmEnabled, csmEnabledEnvKey)
|
||||
setFromEnvVal(&cfg.CSMHost, csmHostEnvKey)
|
||||
setFromEnvVal(&cfg.CSMPort, csmPortEnvKey)
|
||||
setFromEnvVal(&cfg.CSMClientID, csmClientIDEnvKey)
|
||||
cfg.CSMEnabled = len(cfg.csmEnabled) > 0
|
||||
|
||||
// Require logical grouping of credentials
|
||||
if len(cfg.Creds.AccessKeyID) == 0 || len(cfg.Creds.SecretAccessKey) == 0 {
|
||||
cfg.Creds = credentials.Value{}
|
||||
} else {
|
||||
cfg.Creds.ProviderName = EnvProviderName
|
||||
if len(cfg.csmEnabled) != 0 {
|
||||
v, _ := strconv.ParseBool(cfg.csmEnabled)
|
||||
cfg.CSMEnabled = &v
|
||||
}
|
||||
|
||||
regionKeys := regionEnvKeys
|
||||
|
@ -223,12 +304,50 @@ func envConfigLoad(enableSharedConfig bool) envConfig {
|
|||
|
||||
cfg.CustomCABundle = os.Getenv("AWS_CA_BUNDLE")
|
||||
|
||||
return cfg
|
||||
var err error
|
||||
// STS Regional Endpoint variable
|
||||
for _, k := range stsRegionalEndpointKey {
|
||||
if v := os.Getenv(k); len(v) != 0 {
|
||||
cfg.STSRegionalEndpoint, err = endpoints.GetSTSRegionalEndpoint(v)
|
||||
if err != nil {
|
||||
return cfg, fmt.Errorf("failed to load, %v from env config, %v", k, err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// S3 Regional Endpoint variable
|
||||
for _, k := range s3UsEast1RegionalEndpoint {
|
||||
if v := os.Getenv(k); len(v) != 0 {
|
||||
cfg.S3UsEast1RegionalEndpoint, err = endpoints.GetS3UsEast1RegionalEndpoint(v)
|
||||
if err != nil {
|
||||
return cfg, fmt.Errorf("failed to load, %v from env config, %v", k, err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
var s3UseARNRegion string
|
||||
setFromEnvVal(&s3UseARNRegion, s3UseARNRegionEnvKey)
|
||||
if len(s3UseARNRegion) != 0 {
|
||||
switch {
|
||||
case strings.EqualFold(s3UseARNRegion, "false"):
|
||||
cfg.S3UseARNRegion = false
|
||||
case strings.EqualFold(s3UseARNRegion, "true"):
|
||||
cfg.S3UseARNRegion = true
|
||||
default:
|
||||
return envConfig{}, fmt.Errorf(
|
||||
"invalid value for environment variable, %s=%s, need true or false",
|
||||
s3UseARNRegionEnvKey[0], s3UseARNRegion)
|
||||
}
|
||||
}
|
||||
|
||||
setFromEnvVal(&cfg.EC2IMDSEndpoint, ec2IMDSEndpointEnvKey)
|
||||
|
||||
return cfg, nil
|
||||
}
|
||||
|
||||
func setFromEnvVal(dst *string, keys []string) {
|
||||
for _, k := range keys {
|
||||
if v := os.Getenv(k); len(v) > 0 {
|
||||
if v := os.Getenv(k); len(v) != 0 {
|
||||
*dst = v
|
||||
break
|
||||
}
|
||||
|
|
|
@ -8,19 +8,17 @@ import (
|
|||
"io/ioutil"
|
||||
"net/http"
|
||||
"os"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/client"
|
||||
"github.com/aws/aws-sdk-go/aws/corehandlers"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials/processcreds"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
|
||||
"github.com/aws/aws-sdk-go/aws/csm"
|
||||
"github.com/aws/aws-sdk-go/aws/defaults"
|
||||
"github.com/aws/aws-sdk-go/aws/endpoints"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
"github.com/aws/aws-sdk-go/internal/shareddefaults"
|
||||
)
|
||||
|
||||
const (
|
||||
|
@ -50,6 +48,8 @@ var ErrSharedConfigInvalidCredSource = awserr.New(ErrCodeSharedConfig, "credenti
|
|||
type Session struct {
|
||||
Config *aws.Config
|
||||
Handlers request.Handlers
|
||||
|
||||
options Options
|
||||
}
|
||||
|
||||
// New creates a new instance of the handlers merging in the provided configs
|
||||
|
@ -75,7 +75,7 @@ type Session struct {
|
|||
// func is called instead of waiting to receive an error until a request is made.
|
||||
func New(cfgs ...*aws.Config) *Session {
|
||||
// load initial config from environment
|
||||
envCfg := loadEnvConfig()
|
||||
envCfg, envErr := loadEnvConfig()
|
||||
|
||||
if envCfg.EnableSharedConfig {
|
||||
var cfg aws.Config
|
||||
|
@ -95,19 +95,28 @@ func New(cfgs ...*aws.Config) *Session {
|
|||
// Session creation failed, need to report the error and prevent
|
||||
// any requests from succeeding.
|
||||
s = &Session{Config: defaults.Config()}
|
||||
s.Config.MergeIn(cfgs...)
|
||||
s.Config.Logger.Log("ERROR:", msg, "Error:", err)
|
||||
s.Handlers.Validate.PushBack(func(r *request.Request) {
|
||||
r.Error = err
|
||||
})
|
||||
s.logDeprecatedNewSessionError(msg, err, cfgs)
|
||||
}
|
||||
|
||||
return s
|
||||
}
|
||||
|
||||
s := deprecatedNewSession(cfgs...)
|
||||
if envCfg.CSMEnabled {
|
||||
enableCSM(&s.Handlers, envCfg.CSMClientID, envCfg.CSMPort, s.Config.Logger)
|
||||
s := deprecatedNewSession(envCfg, cfgs...)
|
||||
if envErr != nil {
|
||||
msg := "failed to load env config"
|
||||
s.logDeprecatedNewSessionError(msg, envErr, cfgs)
|
||||
}
|
||||
|
||||
if csmCfg, err := loadCSMConfig(envCfg, []string{}); err != nil {
|
||||
if l := s.Config.Logger; l != nil {
|
||||
l.Log(fmt.Sprintf("ERROR: failed to load CSM configuration, %v", err))
|
||||
}
|
||||
} else if csmCfg.Enabled {
|
||||
err := enableCSM(&s.Handlers, csmCfg, s.Config.Logger)
|
||||
if err != nil {
|
||||
msg := "failed to enable CSM"
|
||||
s.logDeprecatedNewSessionError(msg, err, cfgs)
|
||||
}
|
||||
}
|
||||
|
||||
return s
|
||||
|
@ -126,7 +135,7 @@ func New(cfgs ...*aws.Config) *Session {
|
|||
// to be built with retrieving credentials with AssumeRole set in the config.
|
||||
//
|
||||
// See the NewSessionWithOptions func for information on how to override or
|
||||
// control through code how the Session will be created. Such as specifying the
|
||||
// control through code how the Session will be created, such as specifying the
|
||||
// config profile, and controlling if shared config is enabled or not.
|
||||
func NewSession(cfgs ...*aws.Config) (*Session, error) {
|
||||
opts := Options{}
|
||||
|
@ -210,6 +219,12 @@ type Options struct {
|
|||
// the config enables assume role wit MFA via the mfa_serial field.
|
||||
AssumeRoleTokenProvider func() (string, error)
|
||||
|
||||
// When the SDK's shared config is configured to assume a role this option
|
||||
// may be provided to set the expiry duration of the STS credentials.
|
||||
// Defaults to 15 minutes if not set as documented in the
|
||||
// stscreds.AssumeRoleProvider.
|
||||
AssumeRoleDuration time.Duration
|
||||
|
||||
// Reader for a custom Credentials Authority (CA) bundle in PEM format that
|
||||
// the SDK will use instead of the default system's root CA bundle. Use this
|
||||
// only if you want to replace the CA bundle the SDK uses for TLS requests.
|
||||
|
@ -224,6 +239,29 @@ type Options struct {
|
|||
// to also enable this feature. CustomCABundle session option field has priority
|
||||
// over the AWS_CA_BUNDLE environment variable, and will be used if both are set.
|
||||
CustomCABundle io.Reader
|
||||
|
||||
// The handlers that the session and all API clients will be created with.
|
||||
// This must be a complete set of handlers. Use the defaults.Handlers()
|
||||
// function to initialize this value before changing the handlers to be
|
||||
// used by the SDK.
|
||||
Handlers request.Handlers
|
||||
|
||||
// Allows specifying a custom endpoint to be used by the EC2 IMDS client
|
||||
// when making requests to the EC2 IMDS API. The must endpoint value must
|
||||
// include protocol prefix.
|
||||
//
|
||||
// If unset, will the EC2 IMDS client will use its default endpoint.
|
||||
//
|
||||
// Can also be specified via the environment variable,
|
||||
// AWS_EC2_METADATA_SERVICE_ENDPOINT.
|
||||
//
|
||||
// AWS_EC2_METADATA_SERVICE_ENDPOINT=http://169.254.169.254
|
||||
//
|
||||
// If using an URL with an IPv6 address literal, the IPv6 address
|
||||
// component must be enclosed in square brackets.
|
||||
//
|
||||
// AWS_EC2_METADATA_SERVICE_ENDPOINT=http://[::1]
|
||||
EC2IMDSEndpoint string
|
||||
}
|
||||
|
||||
// NewSessionWithOptions returns a new Session created from SDK defaults, config files,
|
||||
|
@ -257,13 +295,20 @@ type Options struct {
|
|||
// }))
|
||||
func NewSessionWithOptions(opts Options) (*Session, error) {
|
||||
var envCfg envConfig
|
||||
var err error
|
||||
if opts.SharedConfigState == SharedConfigEnable {
|
||||
envCfg = loadSharedEnvConfig()
|
||||
envCfg, err = loadSharedEnvConfig()
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to load shared config, %v", err)
|
||||
}
|
||||
} else {
|
||||
envCfg = loadEnvConfig()
|
||||
envCfg, err = loadEnvConfig()
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to load environment config, %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
if len(opts.Profile) > 0 {
|
||||
if len(opts.Profile) != 0 {
|
||||
envCfg.Profile = opts.Profile
|
||||
}
|
||||
|
||||
|
@ -303,7 +348,25 @@ func Must(sess *Session, err error) *Session {
|
|||
return sess
|
||||
}
|
||||
|
||||
func deprecatedNewSession(cfgs ...*aws.Config) *Session {
|
||||
// Wraps the endpoint resolver with a resolver that will return a custom
|
||||
// endpoint for EC2 IMDS.
|
||||
func wrapEC2IMDSEndpoint(resolver endpoints.Resolver, endpoint string) endpoints.Resolver {
|
||||
return endpoints.ResolverFunc(
|
||||
func(service, region string, opts ...func(*endpoints.Options)) (
|
||||
endpoints.ResolvedEndpoint, error,
|
||||
) {
|
||||
if service == ec2MetadataServiceID {
|
||||
return endpoints.ResolvedEndpoint{
|
||||
URL: endpoint,
|
||||
SigningName: ec2MetadataServiceID,
|
||||
SigningRegion: region,
|
||||
}, nil
|
||||
}
|
||||
return resolver.EndpointFor(service, region)
|
||||
})
|
||||
}
|
||||
|
||||
func deprecatedNewSession(envCfg envConfig, cfgs ...*aws.Config) *Session {
|
||||
cfg := defaults.Config()
|
||||
handlers := defaults.Handlers()
|
||||
|
||||
|
@ -315,6 +378,11 @@ func deprecatedNewSession(cfgs ...*aws.Config) *Session {
|
|||
// endpoints for service client configurations.
|
||||
cfg.EndpointResolver = endpoints.DefaultResolver()
|
||||
}
|
||||
|
||||
if len(envCfg.EC2IMDSEndpoint) != 0 {
|
||||
cfg.EndpointResolver = wrapEC2IMDSEndpoint(cfg.EndpointResolver, envCfg.EC2IMDSEndpoint)
|
||||
}
|
||||
|
||||
cfg.Credentials = defaults.CredChain(cfg, handlers)
|
||||
|
||||
// Reapply any passed in configs to override credentials if set
|
||||
|
@ -323,33 +391,42 @@ func deprecatedNewSession(cfgs ...*aws.Config) *Session {
|
|||
s := &Session{
|
||||
Config: cfg,
|
||||
Handlers: handlers,
|
||||
options: Options{
|
||||
EC2IMDSEndpoint: envCfg.EC2IMDSEndpoint,
|
||||
},
|
||||
}
|
||||
|
||||
initHandlers(s)
|
||||
return s
|
||||
}
|
||||
|
||||
func enableCSM(handlers *request.Handlers, clientID string, port string, logger aws.Logger) {
|
||||
func enableCSM(handlers *request.Handlers, cfg csmConfig, logger aws.Logger) error {
|
||||
if logger != nil {
|
||||
logger.Log("Enabling CSM")
|
||||
if len(port) == 0 {
|
||||
port = csm.DefaultPort
|
||||
}
|
||||
|
||||
r, err := csm.Start(clientID, "127.0.0.1:"+port)
|
||||
r, err := csm.Start(cfg.ClientID, csm.AddressWithDefaults(cfg.Host, cfg.Port))
|
||||
if err != nil {
|
||||
return
|
||||
return err
|
||||
}
|
||||
r.InjectHandlers(handlers)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func newSession(opts Options, envCfg envConfig, cfgs ...*aws.Config) (*Session, error) {
|
||||
cfg := defaults.Config()
|
||||
handlers := defaults.Handlers()
|
||||
|
||||
handlers := opts.Handlers
|
||||
if handlers.IsEmpty() {
|
||||
handlers = defaults.Handlers()
|
||||
}
|
||||
|
||||
// Get a merged version of the user provided config to determine if
|
||||
// credentials were.
|
||||
userCfg := &aws.Config{}
|
||||
userCfg.MergeIn(cfgs...)
|
||||
cfg.MergeIn(userCfg)
|
||||
|
||||
// Ordered config files will be loaded in with later files overwriting
|
||||
// previous config file values.
|
||||
|
@ -366,10 +443,18 @@ func newSession(opts Options, envCfg envConfig, cfgs ...*aws.Config) (*Session,
|
|||
}
|
||||
|
||||
// Load additional config from file(s)
|
||||
sharedCfg, err := loadSharedConfig(envCfg.Profile, cfgFiles)
|
||||
sharedCfg, err := loadSharedConfig(envCfg.Profile, cfgFiles, envCfg.EnableSharedConfig)
|
||||
if err != nil {
|
||||
if len(envCfg.Profile) == 0 && !envCfg.EnableSharedConfig && (envCfg.Creds.HasKeys() || userCfg.Credentials != nil) {
|
||||
// Special case where the user has not explicitly specified an AWS_PROFILE,
|
||||
// or session.Options.profile, shared config is not enabled, and the
|
||||
// environment has credentials, allow the shared config file to fail to
|
||||
// load since the user has already provided credentials, and nothing else
|
||||
// is required to be read file. Github(aws/aws-sdk-go#2455)
|
||||
} else if _, ok := err.(SharedConfigProfileNotExistsError); !ok {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
if err := mergeConfigSrcs(cfg, userCfg, envCfg, sharedCfg, handlers, opts); err != nil {
|
||||
return nil, err
|
||||
|
@ -378,11 +463,20 @@ func newSession(opts Options, envCfg envConfig, cfgs ...*aws.Config) (*Session,
|
|||
s := &Session{
|
||||
Config: cfg,
|
||||
Handlers: handlers,
|
||||
options: opts,
|
||||
}
|
||||
|
||||
initHandlers(s)
|
||||
if envCfg.CSMEnabled {
|
||||
enableCSM(&s.Handlers, envCfg.CSMClientID, envCfg.CSMPort, s.Config.Logger)
|
||||
|
||||
if csmCfg, err := loadCSMConfig(envCfg, cfgFiles); err != nil {
|
||||
if l := s.Config.Logger; l != nil {
|
||||
l.Log(fmt.Sprintf("ERROR: failed to load CSM configuration, %v", err))
|
||||
}
|
||||
} else if csmCfg.Enabled {
|
||||
err = enableCSM(&s.Handlers, csmCfg, s.Config.Logger)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
// Setup HTTP client with custom cert bundle if enabled
|
||||
|
@ -395,6 +489,46 @@ func newSession(opts Options, envCfg envConfig, cfgs ...*aws.Config) (*Session,
|
|||
return s, nil
|
||||
}
|
||||
|
||||
type csmConfig struct {
|
||||
Enabled bool
|
||||
Host string
|
||||
Port string
|
||||
ClientID string
|
||||
}
|
||||
|
||||
var csmProfileName = "aws_csm"
|
||||
|
||||
func loadCSMConfig(envCfg envConfig, cfgFiles []string) (csmConfig, error) {
|
||||
if envCfg.CSMEnabled != nil {
|
||||
if *envCfg.CSMEnabled {
|
||||
return csmConfig{
|
||||
Enabled: true,
|
||||
ClientID: envCfg.CSMClientID,
|
||||
Host: envCfg.CSMHost,
|
||||
Port: envCfg.CSMPort,
|
||||
}, nil
|
||||
}
|
||||
return csmConfig{}, nil
|
||||
}
|
||||
|
||||
sharedCfg, err := loadSharedConfig(csmProfileName, cfgFiles, false)
|
||||
if err != nil {
|
||||
if _, ok := err.(SharedConfigProfileNotExistsError); !ok {
|
||||
return csmConfig{}, err
|
||||
}
|
||||
}
|
||||
if sharedCfg.CSMEnabled != nil && *sharedCfg.CSMEnabled == true {
|
||||
return csmConfig{
|
||||
Enabled: true,
|
||||
ClientID: sharedCfg.CSMClientID,
|
||||
Host: sharedCfg.CSMHost,
|
||||
Port: sharedCfg.CSMPort,
|
||||
}, nil
|
||||
}
|
||||
|
||||
return csmConfig{}, nil
|
||||
}
|
||||
|
||||
func loadCustomCABundle(s *Session, bundle io.Reader) error {
|
||||
var t *http.Transport
|
||||
switch v := s.Config.HTTPClient.Transport.(type) {
|
||||
|
@ -443,9 +577,11 @@ func loadCertPool(r io.Reader) (*x509.CertPool, error) {
|
|||
return p, nil
|
||||
}
|
||||
|
||||
func mergeConfigSrcs(cfg, userCfg *aws.Config, envCfg envConfig, sharedCfg sharedConfig, handlers request.Handlers, sessOpts Options) error {
|
||||
// Merge in user provided configuration
|
||||
cfg.MergeIn(userCfg)
|
||||
func mergeConfigSrcs(cfg, userCfg *aws.Config,
|
||||
envCfg envConfig, sharedCfg sharedConfig,
|
||||
handlers request.Handlers,
|
||||
sessOpts Options,
|
||||
) error {
|
||||
|
||||
// Region if not already set by user
|
||||
if len(aws.StringValue(cfg.Region)) == 0 {
|
||||
|
@ -464,162 +600,67 @@ func mergeConfigSrcs(cfg, userCfg *aws.Config, envCfg envConfig, sharedCfg share
|
|||
}
|
||||
}
|
||||
|
||||
// Configure credentials if not already set
|
||||
if cfg.Credentials == credentials.AnonymousCredentials && userCfg.Credentials == nil {
|
||||
|
||||
// inspect the profile to see if a credential source has been specified.
|
||||
if envCfg.EnableSharedConfig && len(sharedCfg.AssumeRole.CredentialSource) > 0 {
|
||||
|
||||
// if both credential_source and source_profile have been set, return an error
|
||||
// as this is undefined behavior.
|
||||
if len(sharedCfg.AssumeRole.SourceProfile) > 0 {
|
||||
return ErrSharedConfigSourceCollision
|
||||
}
|
||||
|
||||
// valid credential source values
|
||||
const (
|
||||
credSourceEc2Metadata = "Ec2InstanceMetadata"
|
||||
credSourceEnvironment = "Environment"
|
||||
credSourceECSContainer = "EcsContainer"
|
||||
)
|
||||
|
||||
switch sharedCfg.AssumeRole.CredentialSource {
|
||||
case credSourceEc2Metadata:
|
||||
cfgCp := *cfg
|
||||
p := defaults.RemoteCredProvider(cfgCp, handlers)
|
||||
cfgCp.Credentials = credentials.NewCredentials(p)
|
||||
|
||||
if len(sharedCfg.AssumeRole.MFASerial) > 0 && sessOpts.AssumeRoleTokenProvider == nil {
|
||||
// AssumeRole Token provider is required if doing Assume Role
|
||||
// with MFA.
|
||||
return AssumeRoleTokenProviderNotSetError{}
|
||||
}
|
||||
|
||||
cfg.Credentials = assumeRoleCredentials(cfgCp, handlers, sharedCfg, sessOpts)
|
||||
case credSourceEnvironment:
|
||||
cfg.Credentials = credentials.NewStaticCredentialsFromCreds(
|
||||
envCfg.Creds,
|
||||
)
|
||||
case credSourceECSContainer:
|
||||
if len(os.Getenv(shareddefaults.ECSCredsProviderEnvVar)) == 0 {
|
||||
return ErrSharedConfigECSContainerEnvVarEmpty
|
||||
}
|
||||
|
||||
cfgCp := *cfg
|
||||
p := defaults.RemoteCredProvider(cfgCp, handlers)
|
||||
creds := credentials.NewCredentials(p)
|
||||
|
||||
cfg.Credentials = creds
|
||||
default:
|
||||
return ErrSharedConfigInvalidCredSource
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
if len(envCfg.Creds.AccessKeyID) > 0 {
|
||||
cfg.Credentials = credentials.NewStaticCredentialsFromCreds(
|
||||
envCfg.Creds,
|
||||
)
|
||||
} else if envCfg.EnableSharedConfig && len(sharedCfg.AssumeRole.RoleARN) > 0 && sharedCfg.AssumeRoleSource != nil {
|
||||
cfgCp := *cfg
|
||||
cfgCp.Credentials = credentials.NewStaticCredentialsFromCreds(
|
||||
sharedCfg.AssumeRoleSource.Creds,
|
||||
)
|
||||
|
||||
if len(sharedCfg.AssumeRole.MFASerial) > 0 && sessOpts.AssumeRoleTokenProvider == nil {
|
||||
// AssumeRole Token provider is required if doing Assume Role
|
||||
// with MFA.
|
||||
return AssumeRoleTokenProviderNotSetError{}
|
||||
}
|
||||
|
||||
cfg.Credentials = assumeRoleCredentials(cfgCp, handlers, sharedCfg, sessOpts)
|
||||
} else if len(sharedCfg.Creds.AccessKeyID) > 0 {
|
||||
cfg.Credentials = credentials.NewStaticCredentialsFromCreds(
|
||||
sharedCfg.Creds,
|
||||
)
|
||||
} else if len(sharedCfg.CredentialProcess) > 0 {
|
||||
cfg.Credentials = processcreds.NewCredentials(
|
||||
sharedCfg.CredentialProcess,
|
||||
)
|
||||
} else {
|
||||
// Fallback to default credentials provider, include mock errors
|
||||
// for the credential chain so user can identify why credentials
|
||||
// failed to be retrieved.
|
||||
cfg.Credentials = credentials.NewCredentials(&credentials.ChainProvider{
|
||||
VerboseErrors: aws.BoolValue(cfg.CredentialsChainVerboseErrors),
|
||||
Providers: []credentials.Provider{
|
||||
&credProviderError{Err: awserr.New("EnvAccessKeyNotFound", "failed to find credentials in the environment.", nil)},
|
||||
&credProviderError{Err: awserr.New("SharedCredsLoad", fmt.Sprintf("failed to load profile, %s.", envCfg.Profile), nil)},
|
||||
defaults.RemoteCredProvider(*cfg, handlers),
|
||||
},
|
||||
// Regional Endpoint flag for STS endpoint resolving
|
||||
mergeSTSRegionalEndpointConfig(cfg, []endpoints.STSRegionalEndpoint{
|
||||
userCfg.STSRegionalEndpoint,
|
||||
envCfg.STSRegionalEndpoint,
|
||||
sharedCfg.STSRegionalEndpoint,
|
||||
endpoints.LegacySTSEndpoint,
|
||||
})
|
||||
|
||||
// Regional Endpoint flag for S3 endpoint resolving
|
||||
mergeS3UsEast1RegionalEndpointConfig(cfg, []endpoints.S3UsEast1RegionalEndpoint{
|
||||
userCfg.S3UsEast1RegionalEndpoint,
|
||||
envCfg.S3UsEast1RegionalEndpoint,
|
||||
sharedCfg.S3UsEast1RegionalEndpoint,
|
||||
endpoints.LegacyS3UsEast1Endpoint,
|
||||
})
|
||||
|
||||
ec2IMDSEndpoint := sessOpts.EC2IMDSEndpoint
|
||||
if len(ec2IMDSEndpoint) == 0 {
|
||||
ec2IMDSEndpoint = envCfg.EC2IMDSEndpoint
|
||||
}
|
||||
if len(ec2IMDSEndpoint) != 0 {
|
||||
cfg.EndpointResolver = wrapEC2IMDSEndpoint(cfg.EndpointResolver, ec2IMDSEndpoint)
|
||||
}
|
||||
|
||||
// Configure credentials if not already set by the user when creating the
|
||||
// Session.
|
||||
if cfg.Credentials == credentials.AnonymousCredentials && userCfg.Credentials == nil {
|
||||
creds, err := resolveCredentials(cfg, envCfg, sharedCfg, handlers, sessOpts)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
cfg.Credentials = creds
|
||||
}
|
||||
|
||||
cfg.S3UseARNRegion = userCfg.S3UseARNRegion
|
||||
if cfg.S3UseARNRegion == nil {
|
||||
cfg.S3UseARNRegion = &envCfg.S3UseARNRegion
|
||||
}
|
||||
if cfg.S3UseARNRegion == nil {
|
||||
cfg.S3UseARNRegion = &sharedCfg.S3UseARNRegion
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func assumeRoleCredentials(cfg aws.Config, handlers request.Handlers, sharedCfg sharedConfig, sessOpts Options) *credentials.Credentials {
|
||||
return stscreds.NewCredentials(
|
||||
&Session{
|
||||
Config: &cfg,
|
||||
Handlers: handlers.Copy(),
|
||||
},
|
||||
sharedCfg.AssumeRole.RoleARN,
|
||||
func(opt *stscreds.AssumeRoleProvider) {
|
||||
opt.RoleSessionName = sharedCfg.AssumeRole.RoleSessionName
|
||||
|
||||
// Assume role with external ID
|
||||
if len(sharedCfg.AssumeRole.ExternalID) > 0 {
|
||||
opt.ExternalID = aws.String(sharedCfg.AssumeRole.ExternalID)
|
||||
func mergeSTSRegionalEndpointConfig(cfg *aws.Config, values []endpoints.STSRegionalEndpoint) {
|
||||
for _, v := range values {
|
||||
if v != endpoints.UnsetSTSEndpoint {
|
||||
cfg.STSRegionalEndpoint = v
|
||||
break
|
||||
}
|
||||
|
||||
// Assume role with MFA
|
||||
if len(sharedCfg.AssumeRole.MFASerial) > 0 {
|
||||
opt.SerialNumber = aws.String(sharedCfg.AssumeRole.MFASerial)
|
||||
opt.TokenProvider = sessOpts.AssumeRoleTokenProvider
|
||||
}
|
||||
},
|
||||
)
|
||||
}
|
||||
|
||||
// AssumeRoleTokenProviderNotSetError is an error returned when creating a session when the
|
||||
// MFAToken option is not set when shared config is configured load assume a
|
||||
// role with an MFA token.
|
||||
type AssumeRoleTokenProviderNotSetError struct{}
|
||||
|
||||
// Code is the short id of the error.
|
||||
func (e AssumeRoleTokenProviderNotSetError) Code() string {
|
||||
return "AssumeRoleTokenProviderNotSetError"
|
||||
}
|
||||
|
||||
// Message is the description of the error
|
||||
func (e AssumeRoleTokenProviderNotSetError) Message() string {
|
||||
return fmt.Sprintf("assume role with MFA enabled, but AssumeRoleTokenProvider session option not set.")
|
||||
}
|
||||
|
||||
// OrigErr is the underlying error that caused the failure.
|
||||
func (e AssumeRoleTokenProviderNotSetError) OrigErr() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// Error satisfies the error interface.
|
||||
func (e AssumeRoleTokenProviderNotSetError) Error() string {
|
||||
return awserr.SprintError(e.Code(), e.Message(), "", nil)
|
||||
}
|
||||
|
||||
type credProviderError struct {
|
||||
Err error
|
||||
}
|
||||
|
||||
var emptyCreds = credentials.Value{}
|
||||
|
||||
func (c credProviderError) Retrieve() (credentials.Value, error) {
|
||||
return credentials.Value{}, c.Err
|
||||
}
|
||||
func (c credProviderError) IsExpired() bool {
|
||||
return true
|
||||
func mergeS3UsEast1RegionalEndpointConfig(cfg *aws.Config, values []endpoints.S3UsEast1RegionalEndpoint) {
|
||||
for _, v := range values {
|
||||
if v != endpoints.UnsetS3UsEast1Endpoint {
|
||||
cfg.S3UsEast1RegionalEndpoint = v
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func initHandlers(s *Session) {
|
||||
|
@ -630,7 +671,7 @@ func initHandlers(s *Session) {
|
|||
}
|
||||
}
|
||||
|
||||
// Copy creates and returns a copy of the current Session, coping the config
|
||||
// Copy creates and returns a copy of the current Session, copying the config
|
||||
// and handlers. If any additional configs are provided they will be merged
|
||||
// on top of the Session's copied config.
|
||||
//
|
||||
|
@ -640,6 +681,7 @@ func (s *Session) Copy(cfgs ...*aws.Config) *Session {
|
|||
newSession := &Session{
|
||||
Config: s.Config.Copy(cfgs...),
|
||||
Handlers: s.Handlers.Copy(),
|
||||
options: s.options,
|
||||
}
|
||||
|
||||
initHandlers(newSession)
|
||||
|
@ -650,47 +692,69 @@ func (s *Session) Copy(cfgs ...*aws.Config) *Session {
|
|||
// ClientConfig satisfies the client.ConfigProvider interface and is used to
|
||||
// configure the service client instances. Passing the Session to the service
|
||||
// client's constructor (New) will use this method to configure the client.
|
||||
func (s *Session) ClientConfig(serviceName string, cfgs ...*aws.Config) client.Config {
|
||||
// Backwards compatibility, the error will be eaten if user calls ClientConfig
|
||||
// directly. All SDK services will use ClientconfigWithError.
|
||||
cfg, _ := s.clientConfigWithErr(serviceName, cfgs...)
|
||||
|
||||
return cfg
|
||||
}
|
||||
|
||||
func (s *Session) clientConfigWithErr(serviceName string, cfgs ...*aws.Config) (client.Config, error) {
|
||||
func (s *Session) ClientConfig(service string, cfgs ...*aws.Config) client.Config {
|
||||
s = s.Copy(cfgs...)
|
||||
|
||||
var resolved endpoints.ResolvedEndpoint
|
||||
var err error
|
||||
|
||||
region := aws.StringValue(s.Config.Region)
|
||||
resolved, err := s.resolveEndpoint(service, region, s.Config)
|
||||
if err != nil {
|
||||
s.Handlers.Validate.PushBack(func(r *request.Request) {
|
||||
if len(r.ClientInfo.Endpoint) != 0 {
|
||||
// Error occurred while resolving endpoint, but the request
|
||||
// being invoked has had an endpoint specified after the client
|
||||
// was created.
|
||||
return
|
||||
}
|
||||
r.Error = err
|
||||
})
|
||||
}
|
||||
|
||||
if endpoint := aws.StringValue(s.Config.Endpoint); len(endpoint) != 0 {
|
||||
resolved.URL = endpoints.AddScheme(endpoint, aws.BoolValue(s.Config.DisableSSL))
|
||||
resolved.SigningRegion = region
|
||||
} else {
|
||||
resolved, err = s.Config.EndpointResolver.EndpointFor(
|
||||
serviceName, region,
|
||||
return client.Config{
|
||||
Config: s.Config,
|
||||
Handlers: s.Handlers,
|
||||
PartitionID: resolved.PartitionID,
|
||||
Endpoint: resolved.URL,
|
||||
SigningRegion: resolved.SigningRegion,
|
||||
SigningNameDerived: resolved.SigningNameDerived,
|
||||
SigningName: resolved.SigningName,
|
||||
}
|
||||
}
|
||||
|
||||
const ec2MetadataServiceID = "ec2metadata"
|
||||
|
||||
func (s *Session) resolveEndpoint(service, region string, cfg *aws.Config) (endpoints.ResolvedEndpoint, error) {
|
||||
|
||||
if ep := aws.StringValue(cfg.Endpoint); len(ep) != 0 {
|
||||
return endpoints.ResolvedEndpoint{
|
||||
URL: endpoints.AddScheme(ep, aws.BoolValue(cfg.DisableSSL)),
|
||||
SigningRegion: region,
|
||||
}, nil
|
||||
}
|
||||
|
||||
resolved, err := cfg.EndpointResolver.EndpointFor(service, region,
|
||||
func(opt *endpoints.Options) {
|
||||
opt.DisableSSL = aws.BoolValue(s.Config.DisableSSL)
|
||||
opt.UseDualStack = aws.BoolValue(s.Config.UseDualStack)
|
||||
opt.DisableSSL = aws.BoolValue(cfg.DisableSSL)
|
||||
opt.UseDualStack = aws.BoolValue(cfg.UseDualStack)
|
||||
// Support for STSRegionalEndpoint where the STSRegionalEndpoint is
|
||||
// provided in envConfig or sharedConfig with envConfig getting
|
||||
// precedence.
|
||||
opt.STSRegionalEndpoint = cfg.STSRegionalEndpoint
|
||||
|
||||
// Support for S3UsEast1RegionalEndpoint where the S3UsEast1RegionalEndpoint is
|
||||
// provided in envConfig or sharedConfig with envConfig getting
|
||||
// precedence.
|
||||
opt.S3UsEast1RegionalEndpoint = cfg.S3UsEast1RegionalEndpoint
|
||||
|
||||
// Support the condition where the service is modeled but its
|
||||
// endpoint metadata is not available.
|
||||
opt.ResolveUnknownService = true
|
||||
},
|
||||
)
|
||||
if err != nil {
|
||||
return endpoints.ResolvedEndpoint{}, err
|
||||
}
|
||||
|
||||
return client.Config{
|
||||
Config: s.Config,
|
||||
Handlers: s.Handlers,
|
||||
Endpoint: resolved.URL,
|
||||
SigningRegion: resolved.SigningRegion,
|
||||
SigningNameDerived: resolved.SigningNameDerived,
|
||||
SigningName: resolved.SigningName,
|
||||
}, err
|
||||
return resolved, nil
|
||||
}
|
||||
|
||||
// ClientConfigNoResolveEndpoint is the same as ClientConfig with the exception
|
||||
|
@ -700,12 +764,9 @@ func (s *Session) ClientConfigNoResolveEndpoint(cfgs ...*aws.Config) client.Conf
|
|||
s = s.Copy(cfgs...)
|
||||
|
||||
var resolved endpoints.ResolvedEndpoint
|
||||
|
||||
region := aws.StringValue(s.Config.Region)
|
||||
|
||||
if ep := aws.StringValue(s.Config.Endpoint); len(ep) > 0 {
|
||||
resolved.URL = endpoints.AddScheme(ep, aws.BoolValue(s.Config.DisableSSL))
|
||||
resolved.SigningRegion = region
|
||||
resolved.SigningRegion = aws.StringValue(s.Config.Region)
|
||||
}
|
||||
|
||||
return client.Config{
|
||||
|
@ -717,3 +778,14 @@ func (s *Session) ClientConfigNoResolveEndpoint(cfgs ...*aws.Config) client.Conf
|
|||
SigningName: resolved.SigningName,
|
||||
}
|
||||
}
|
||||
|
||||
// logDeprecatedNewSessionError function enables error handling for session
|
||||
func (s *Session) logDeprecatedNewSessionError(msg string, err error, cfgs []*aws.Config) {
|
||||
// Session creation failed, need to report the error and prevent
|
||||
// any requests from succeeding.
|
||||
s.Config.MergeIn(cfgs...)
|
||||
s.Config.Logger.Log("ERROR:", msg, "Error:", err)
|
||||
s.Handlers.Validate.PushBack(func(r *request.Request) {
|
||||
r.Error = err
|
||||
})
|
||||
}
|
||||
|
|
|
@ -2,10 +2,11 @@ package session
|
|||
|
||||
import (
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws/endpoints"
|
||||
"github.com/aws/aws-sdk-go/internal/ini"
|
||||
)
|
||||
|
||||
|
@ -22,51 +23,69 @@ const (
|
|||
externalIDKey = `external_id` // optional
|
||||
mfaSerialKey = `mfa_serial` // optional
|
||||
roleSessionNameKey = `role_session_name` // optional
|
||||
roleDurationSecondsKey = "duration_seconds" // optional
|
||||
|
||||
// CSM options
|
||||
csmEnabledKey = `csm_enabled`
|
||||
csmHostKey = `csm_host`
|
||||
csmPortKey = `csm_port`
|
||||
csmClientIDKey = `csm_client_id`
|
||||
|
||||
// Additional Config fields
|
||||
regionKey = `region`
|
||||
|
||||
// endpoint discovery group
|
||||
enableEndpointDiscoveryKey = `endpoint_discovery_enabled` // optional
|
||||
|
||||
// External Credential Process
|
||||
credentialProcessKey = `credential_process`
|
||||
credentialProcessKey = `credential_process` // optional
|
||||
|
||||
// Web Identity Token File
|
||||
webIdentityTokenFileKey = `web_identity_token_file` // optional
|
||||
|
||||
// Additional config fields for regional or legacy endpoints
|
||||
stsRegionalEndpointSharedKey = `sts_regional_endpoints`
|
||||
|
||||
// Additional config fields for regional or legacy endpoints
|
||||
s3UsEast1RegionalSharedKey = `s3_us_east_1_regional_endpoint`
|
||||
|
||||
// DefaultSharedConfigProfile is the default profile to be used when
|
||||
// loading configuration from the config files if another profile name
|
||||
// is not provided.
|
||||
DefaultSharedConfigProfile = `default`
|
||||
)
|
||||
|
||||
type assumeRoleConfig struct {
|
||||
RoleARN string
|
||||
SourceProfile string
|
||||
CredentialSource string
|
||||
ExternalID string
|
||||
MFASerial string
|
||||
RoleSessionName string
|
||||
}
|
||||
// S3 ARN Region Usage
|
||||
s3UseARNRegionKey = "s3_use_arn_region"
|
||||
)
|
||||
|
||||
// sharedConfig represents the configuration fields of the SDK config files.
|
||||
type sharedConfig struct {
|
||||
// Credentials values from the config file. Both aws_access_key_id
|
||||
// and aws_secret_access_key must be provided together in the same file
|
||||
// to be considered valid. The values will be ignored if not a complete group.
|
||||
// aws_session_token is an optional field that can be provided if both of the
|
||||
// other two fields are also provided.
|
||||
// Credentials values from the config file. Both aws_access_key_id and
|
||||
// aws_secret_access_key must be provided together in the same file to be
|
||||
// considered valid. The values will be ignored if not a complete group.
|
||||
// aws_session_token is an optional field that can be provided if both of
|
||||
// the other two fields are also provided.
|
||||
//
|
||||
// aws_access_key_id
|
||||
// aws_secret_access_key
|
||||
// aws_session_token
|
||||
Creds credentials.Value
|
||||
|
||||
AssumeRole assumeRoleConfig
|
||||
AssumeRoleSource *sharedConfig
|
||||
|
||||
// An external process to request credentials
|
||||
CredentialSource string
|
||||
CredentialProcess string
|
||||
WebIdentityTokenFile string
|
||||
|
||||
// Region is the region the SDK should use for looking up AWS service endpoints
|
||||
// and signing requests.
|
||||
RoleARN string
|
||||
RoleSessionName string
|
||||
ExternalID string
|
||||
MFASerial string
|
||||
AssumeRoleDuration *time.Duration
|
||||
|
||||
SourceProfileName string
|
||||
SourceProfile *sharedConfig
|
||||
|
||||
// Region is the region the SDK should use for looking up AWS service
|
||||
// endpoints and signing requests.
|
||||
//
|
||||
// region
|
||||
Region string
|
||||
|
@ -76,6 +95,30 @@ type sharedConfig struct {
|
|||
//
|
||||
// endpoint_discovery_enabled = true
|
||||
EnableEndpointDiscovery *bool
|
||||
|
||||
// CSM Options
|
||||
CSMEnabled *bool
|
||||
CSMHost string
|
||||
CSMPort string
|
||||
CSMClientID string
|
||||
|
||||
// Specifies the Regional Endpoint flag for the SDK to resolve the endpoint for a service
|
||||
//
|
||||
// sts_regional_endpoints = regional
|
||||
// This can take value as `LegacySTSEndpoint` or `RegionalSTSEndpoint`
|
||||
STSRegionalEndpoint endpoints.STSRegionalEndpoint
|
||||
|
||||
// Specifies the Regional Endpoint flag for the SDK to resolve the endpoint for a service
|
||||
//
|
||||
// s3_us_east_1_regional_endpoint = regional
|
||||
// This can take value as `LegacyS3UsEast1Endpoint` or `RegionalS3UsEast1Endpoint`
|
||||
S3UsEast1RegionalEndpoint endpoints.S3UsEast1RegionalEndpoint
|
||||
|
||||
// Specifies if the S3 service should allow ARNs to direct the region
|
||||
// the client's requests are sent to.
|
||||
//
|
||||
// s3_use_arn_region=true
|
||||
S3UseARNRegion bool
|
||||
}
|
||||
|
||||
type sharedConfigFile struct {
|
||||
|
@ -83,17 +126,18 @@ type sharedConfigFile struct {
|
|||
IniData ini.Sections
|
||||
}
|
||||
|
||||
// loadSharedConfig retrieves the configuration from the list of files
|
||||
// using the profile provided. The order the files are listed will determine
|
||||
// loadSharedConfig retrieves the configuration from the list of files using
|
||||
// the profile provided. The order the files are listed will determine
|
||||
// precedence. Values in subsequent files will overwrite values defined in
|
||||
// earlier files.
|
||||
//
|
||||
// For example, given two files A and B. Both define credentials. If the order
|
||||
// of the files are A then B, B's credential values will be used instead of A's.
|
||||
// of the files are A then B, B's credential values will be used instead of
|
||||
// A's.
|
||||
//
|
||||
// See sharedConfig.setFromFile for information how the config files
|
||||
// will be loaded.
|
||||
func loadSharedConfig(profile string, filenames []string) (sharedConfig, error) {
|
||||
func loadSharedConfig(profile string, filenames []string, exOpts bool) (sharedConfig, error) {
|
||||
if len(profile) == 0 {
|
||||
profile = DefaultSharedConfigProfile
|
||||
}
|
||||
|
@ -104,16 +148,11 @@ func loadSharedConfig(profile string, filenames []string) (sharedConfig, error)
|
|||
}
|
||||
|
||||
cfg := sharedConfig{}
|
||||
if err = cfg.setFromIniFiles(profile, files); err != nil {
|
||||
profiles := map[string]struct{}{}
|
||||
if err = cfg.setFromIniFiles(profiles, profile, files, exOpts); err != nil {
|
||||
return sharedConfig{}, err
|
||||
}
|
||||
|
||||
if len(cfg.AssumeRole.SourceProfile) > 0 {
|
||||
if err := cfg.setAssumeRoleSource(profile, files); err != nil {
|
||||
return sharedConfig{}, err
|
||||
}
|
||||
}
|
||||
|
||||
return cfg, nil
|
||||
}
|
||||
|
||||
|
@ -137,60 +176,88 @@ func loadSharedConfigIniFiles(filenames []string) ([]sharedConfigFile, error) {
|
|||
return files, nil
|
||||
}
|
||||
|
||||
func (cfg *sharedConfig) setAssumeRoleSource(origProfile string, files []sharedConfigFile) error {
|
||||
var assumeRoleSrc sharedConfig
|
||||
|
||||
if len(cfg.AssumeRole.CredentialSource) > 0 {
|
||||
// setAssumeRoleSource is only called when source_profile is found.
|
||||
// If both source_profile and credential_source are set, then
|
||||
// ErrSharedConfigSourceCollision will be returned
|
||||
return ErrSharedConfigSourceCollision
|
||||
}
|
||||
|
||||
// Multiple level assume role chains are not support
|
||||
if cfg.AssumeRole.SourceProfile == origProfile {
|
||||
assumeRoleSrc = *cfg
|
||||
assumeRoleSrc.AssumeRole = assumeRoleConfig{}
|
||||
} else {
|
||||
err := assumeRoleSrc.setFromIniFiles(cfg.AssumeRole.SourceProfile, files)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
if len(assumeRoleSrc.Creds.AccessKeyID) == 0 {
|
||||
return SharedConfigAssumeRoleError{RoleARN: cfg.AssumeRole.RoleARN}
|
||||
}
|
||||
|
||||
cfg.AssumeRoleSource = &assumeRoleSrc
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (cfg *sharedConfig) setFromIniFiles(profile string, files []sharedConfigFile) error {
|
||||
func (cfg *sharedConfig) setFromIniFiles(profiles map[string]struct{}, profile string, files []sharedConfigFile, exOpts bool) error {
|
||||
// Trim files from the list that don't exist.
|
||||
var skippedFiles int
|
||||
var profileNotFoundErr error
|
||||
for _, f := range files {
|
||||
if err := cfg.setFromIniFile(profile, f); err != nil {
|
||||
if err := cfg.setFromIniFile(profile, f, exOpts); err != nil {
|
||||
if _, ok := err.(SharedConfigProfileNotExistsError); ok {
|
||||
// Ignore proviles missings
|
||||
// Ignore profiles not defined in individual files.
|
||||
profileNotFoundErr = err
|
||||
skippedFiles++
|
||||
continue
|
||||
}
|
||||
return err
|
||||
}
|
||||
}
|
||||
if skippedFiles == len(files) {
|
||||
// If all files were skipped because the profile is not found, return
|
||||
// the original profile not found error.
|
||||
return profileNotFoundErr
|
||||
}
|
||||
|
||||
if _, ok := profiles[profile]; ok {
|
||||
// if this is the second instance of the profile the Assume Role
|
||||
// options must be cleared because they are only valid for the
|
||||
// first reference of a profile. The self linked instance of the
|
||||
// profile only have credential provider options.
|
||||
cfg.clearAssumeRoleOptions()
|
||||
} else {
|
||||
// First time a profile has been seen, It must either be a assume role
|
||||
// or credentials. Assert if the credential type requires a role ARN,
|
||||
// the ARN is also set.
|
||||
if err := cfg.validateCredentialsRequireARN(profile); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
profiles[profile] = struct{}{}
|
||||
|
||||
if err := cfg.validateCredentialType(); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// Link source profiles for assume roles
|
||||
if len(cfg.SourceProfileName) != 0 {
|
||||
// Linked profile via source_profile ignore credential provider
|
||||
// options, the source profile must provide the credentials.
|
||||
cfg.clearCredentialOptions()
|
||||
|
||||
srcCfg := &sharedConfig{}
|
||||
err := srcCfg.setFromIniFiles(profiles, cfg.SourceProfileName, files, exOpts)
|
||||
if err != nil {
|
||||
// SourceProfile that doesn't exist is an error in configuration.
|
||||
if _, ok := err.(SharedConfigProfileNotExistsError); ok {
|
||||
err = SharedConfigAssumeRoleError{
|
||||
RoleARN: cfg.RoleARN,
|
||||
SourceProfile: cfg.SourceProfileName,
|
||||
}
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
if !srcCfg.hasCredentials() {
|
||||
return SharedConfigAssumeRoleError{
|
||||
RoleARN: cfg.RoleARN,
|
||||
SourceProfile: cfg.SourceProfileName,
|
||||
}
|
||||
}
|
||||
|
||||
cfg.SourceProfile = srcCfg
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// setFromFile loads the configuration from the file using
|
||||
// the profile provided. A sharedConfig pointer type value is used so that
|
||||
// multiple config file loadings can be chained.
|
||||
// setFromFile loads the configuration from the file using the profile
|
||||
// provided. A sharedConfig pointer type value is used so that multiple config
|
||||
// file loadings can be chained.
|
||||
//
|
||||
// Only loads complete logically grouped values, and will not set fields in cfg
|
||||
// for incomplete grouped values in the config. Such as credentials. For example
|
||||
// if a config file only includes aws_access_key_id but no aws_secret_access_key
|
||||
// the aws_access_key_id will be ignored.
|
||||
func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile) error {
|
||||
// for incomplete grouped values in the config. Such as credentials. For
|
||||
// example if a config file only includes aws_access_key_id but no
|
||||
// aws_secret_access_key the aws_access_key_id will be ignored.
|
||||
func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, exOpts bool) error {
|
||||
section, ok := file.IniData.GetSection(profile)
|
||||
if !ok {
|
||||
// Fallback to to alternate profile name: profile <name>
|
||||
|
@ -200,53 +267,176 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile) e
|
|||
}
|
||||
}
|
||||
|
||||
if exOpts {
|
||||
// Assume Role Parameters
|
||||
updateString(&cfg.RoleARN, section, roleArnKey)
|
||||
updateString(&cfg.ExternalID, section, externalIDKey)
|
||||
updateString(&cfg.MFASerial, section, mfaSerialKey)
|
||||
updateString(&cfg.RoleSessionName, section, roleSessionNameKey)
|
||||
updateString(&cfg.SourceProfileName, section, sourceProfileKey)
|
||||
updateString(&cfg.CredentialSource, section, credentialSourceKey)
|
||||
updateString(&cfg.Region, section, regionKey)
|
||||
|
||||
if section.Has(roleDurationSecondsKey) {
|
||||
d := time.Duration(section.Int(roleDurationSecondsKey)) * time.Second
|
||||
cfg.AssumeRoleDuration = &d
|
||||
}
|
||||
|
||||
if v := section.String(stsRegionalEndpointSharedKey); len(v) != 0 {
|
||||
sre, err := endpoints.GetSTSRegionalEndpoint(v)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to load %s from shared config, %s, %v",
|
||||
stsRegionalEndpointSharedKey, file.Filename, err)
|
||||
}
|
||||
cfg.STSRegionalEndpoint = sre
|
||||
}
|
||||
|
||||
if v := section.String(s3UsEast1RegionalSharedKey); len(v) != 0 {
|
||||
sre, err := endpoints.GetS3UsEast1RegionalEndpoint(v)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to load %s from shared config, %s, %v",
|
||||
s3UsEast1RegionalSharedKey, file.Filename, err)
|
||||
}
|
||||
cfg.S3UsEast1RegionalEndpoint = sre
|
||||
}
|
||||
}
|
||||
|
||||
updateString(&cfg.CredentialProcess, section, credentialProcessKey)
|
||||
updateString(&cfg.WebIdentityTokenFile, section, webIdentityTokenFileKey)
|
||||
|
||||
// Shared Credentials
|
||||
akid := section.String(accessKeyIDKey)
|
||||
secret := section.String(secretAccessKey)
|
||||
if len(akid) > 0 && len(secret) > 0 {
|
||||
cfg.Creds = credentials.Value{
|
||||
AccessKeyID: akid,
|
||||
SecretAccessKey: secret,
|
||||
creds := credentials.Value{
|
||||
AccessKeyID: section.String(accessKeyIDKey),
|
||||
SecretAccessKey: section.String(secretAccessKey),
|
||||
SessionToken: section.String(sessionTokenKey),
|
||||
ProviderName: fmt.Sprintf("SharedConfigCredentials: %s", file.Filename),
|
||||
}
|
||||
}
|
||||
|
||||
// Assume Role
|
||||
roleArn := section.String(roleArnKey)
|
||||
srcProfile := section.String(sourceProfileKey)
|
||||
credentialSource := section.String(credentialSourceKey)
|
||||
hasSource := len(srcProfile) > 0 || len(credentialSource) > 0
|
||||
if len(roleArn) > 0 && hasSource {
|
||||
cfg.AssumeRole = assumeRoleConfig{
|
||||
RoleARN: roleArn,
|
||||
SourceProfile: srcProfile,
|
||||
CredentialSource: credentialSource,
|
||||
ExternalID: section.String(externalIDKey),
|
||||
MFASerial: section.String(mfaSerialKey),
|
||||
RoleSessionName: section.String(roleSessionNameKey),
|
||||
}
|
||||
}
|
||||
|
||||
// `credential_process`
|
||||
if credProc := section.String(credentialProcessKey); len(credProc) > 0 {
|
||||
cfg.CredentialProcess = credProc
|
||||
}
|
||||
|
||||
// Region
|
||||
if v := section.String(regionKey); len(v) > 0 {
|
||||
cfg.Region = v
|
||||
if creds.HasKeys() {
|
||||
cfg.Creds = creds
|
||||
}
|
||||
|
||||
// Endpoint discovery
|
||||
if section.Has(enableEndpointDiscoveryKey) {
|
||||
v := section.Bool(enableEndpointDiscoveryKey)
|
||||
cfg.EnableEndpointDiscovery = &v
|
||||
updateBoolPtr(&cfg.EnableEndpointDiscovery, section, enableEndpointDiscoveryKey)
|
||||
|
||||
// CSM options
|
||||
updateBoolPtr(&cfg.CSMEnabled, section, csmEnabledKey)
|
||||
updateString(&cfg.CSMHost, section, csmHostKey)
|
||||
updateString(&cfg.CSMPort, section, csmPortKey)
|
||||
updateString(&cfg.CSMClientID, section, csmClientIDKey)
|
||||
|
||||
updateBool(&cfg.S3UseARNRegion, section, s3UseARNRegionKey)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (cfg *sharedConfig) validateCredentialsRequireARN(profile string) error {
|
||||
var credSource string
|
||||
|
||||
switch {
|
||||
case len(cfg.SourceProfileName) != 0:
|
||||
credSource = sourceProfileKey
|
||||
case len(cfg.CredentialSource) != 0:
|
||||
credSource = credentialSourceKey
|
||||
case len(cfg.WebIdentityTokenFile) != 0:
|
||||
credSource = webIdentityTokenFileKey
|
||||
}
|
||||
|
||||
if len(credSource) != 0 && len(cfg.RoleARN) == 0 {
|
||||
return CredentialRequiresARNError{
|
||||
Type: credSource,
|
||||
Profile: profile,
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (cfg *sharedConfig) validateCredentialType() error {
|
||||
// Only one or no credential type can be defined.
|
||||
if !oneOrNone(
|
||||
len(cfg.SourceProfileName) != 0,
|
||||
len(cfg.CredentialSource) != 0,
|
||||
len(cfg.CredentialProcess) != 0,
|
||||
len(cfg.WebIdentityTokenFile) != 0,
|
||||
) {
|
||||
return ErrSharedConfigSourceCollision
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (cfg *sharedConfig) hasCredentials() bool {
|
||||
switch {
|
||||
case len(cfg.SourceProfileName) != 0:
|
||||
case len(cfg.CredentialSource) != 0:
|
||||
case len(cfg.CredentialProcess) != 0:
|
||||
case len(cfg.WebIdentityTokenFile) != 0:
|
||||
case cfg.Creds.HasKeys():
|
||||
default:
|
||||
return false
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
func (cfg *sharedConfig) clearCredentialOptions() {
|
||||
cfg.CredentialSource = ""
|
||||
cfg.CredentialProcess = ""
|
||||
cfg.WebIdentityTokenFile = ""
|
||||
cfg.Creds = credentials.Value{}
|
||||
}
|
||||
|
||||
func (cfg *sharedConfig) clearAssumeRoleOptions() {
|
||||
cfg.RoleARN = ""
|
||||
cfg.ExternalID = ""
|
||||
cfg.MFASerial = ""
|
||||
cfg.RoleSessionName = ""
|
||||
cfg.SourceProfileName = ""
|
||||
}
|
||||
|
||||
func oneOrNone(bs ...bool) bool {
|
||||
var count int
|
||||
|
||||
for _, b := range bs {
|
||||
if b {
|
||||
count++
|
||||
if count > 1 {
|
||||
return false
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
// updateString will only update the dst with the value in the section key, key
|
||||
// is present in the section.
|
||||
func updateString(dst *string, section ini.Section, key string) {
|
||||
if !section.Has(key) {
|
||||
return
|
||||
}
|
||||
*dst = section.String(key)
|
||||
}
|
||||
|
||||
// updateBool will only update the dst with the value in the section key, key
|
||||
// is present in the section.
|
||||
func updateBool(dst *bool, section ini.Section, key string) {
|
||||
if !section.Has(key) {
|
||||
return
|
||||
}
|
||||
*dst = section.Bool(key)
|
||||
}
|
||||
|
||||
// updateBoolPtr will only update the dst with the value in the section key,
|
||||
// key is present in the section.
|
||||
func updateBoolPtr(dst **bool, section ini.Section, key string) {
|
||||
if !section.Has(key) {
|
||||
return
|
||||
}
|
||||
*dst = new(bool)
|
||||
**dst = section.Bool(key)
|
||||
}
|
||||
|
||||
// SharedConfigLoadError is an error for the shared config file failed to load.
|
||||
type SharedConfigLoadError struct {
|
||||
Filename string
|
||||
|
@ -305,6 +495,7 @@ func (e SharedConfigProfileNotExistsError) Error() string {
|
|||
// or not complete.
|
||||
type SharedConfigAssumeRoleError struct {
|
||||
RoleARN string
|
||||
SourceProfile string
|
||||
}
|
||||
|
||||
// Code is the short id of the error.
|
||||
|
@ -314,8 +505,10 @@ func (e SharedConfigAssumeRoleError) Code() string {
|
|||
|
||||
// Message is the description of the error
|
||||
func (e SharedConfigAssumeRoleError) Message() string {
|
||||
return fmt.Sprintf("failed to load assume role for %s, source profile has no shared credentials",
|
||||
e.RoleARN)
|
||||
return fmt.Sprintf(
|
||||
"failed to load assume role for %s, source profile %s has no shared credentials",
|
||||
e.RoleARN, e.SourceProfile,
|
||||
)
|
||||
}
|
||||
|
||||
// OrigErr is the underlying error that caused the failure.
|
||||
|
@ -327,3 +520,36 @@ func (e SharedConfigAssumeRoleError) OrigErr() error {
|
|||
func (e SharedConfigAssumeRoleError) Error() string {
|
||||
return awserr.SprintError(e.Code(), e.Message(), "", nil)
|
||||
}
|
||||
|
||||
// CredentialRequiresARNError provides the error for shared config credentials
|
||||
// that are incorrectly configured in the shared config or credentials file.
|
||||
type CredentialRequiresARNError struct {
|
||||
// type of credentials that were configured.
|
||||
Type string
|
||||
|
||||
// Profile name the credentials were in.
|
||||
Profile string
|
||||
}
|
||||
|
||||
// Code is the short id of the error.
|
||||
func (e CredentialRequiresARNError) Code() string {
|
||||
return "CredentialRequiresARNError"
|
||||
}
|
||||
|
||||
// Message is the description of the error
|
||||
func (e CredentialRequiresARNError) Message() string {
|
||||
return fmt.Sprintf(
|
||||
"credential type %s requires role_arn, profile %s",
|
||||
e.Type, e.Profile,
|
||||
)
|
||||
}
|
||||
|
||||
// OrigErr is the underlying error that caused the failure.
|
||||
func (e CredentialRequiresARNError) OrigErr() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// Error satisfies the error interface.
|
||||
func (e CredentialRequiresARNError) Error() string {
|
||||
return awserr.SprintError(e.Code(), e.Message(), "", nil)
|
||||
}
|
||||
|
|
|
@ -1,8 +1,7 @@
|
|||
package v4
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"strings"
|
||||
"github.com/aws/aws-sdk-go/internal/strings"
|
||||
)
|
||||
|
||||
// validator houses a set of rule needed for validation of a
|
||||
|
@ -61,7 +60,7 @@ type patterns []string
|
|||
// been found
|
||||
func (p patterns) IsValid(value string) bool {
|
||||
for _, pattern := range p {
|
||||
if strings.HasPrefix(http.CanonicalHeaderKey(value), pattern) {
|
||||
if strings.HasPrefixFold(value, pattern) {
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
|
13
vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.5.go
generated
vendored
Normal file
13
vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.5.go
generated
vendored
Normal file
|
@ -0,0 +1,13 @@
|
|||
// +build !go1.7
|
||||
|
||||
package v4
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
)
|
||||
|
||||
func requestContext(r *http.Request) aws.Context {
|
||||
return aws.BackgroundContext()
|
||||
}
|
13
vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.7.go
generated
vendored
Normal file
13
vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.7.go
generated
vendored
Normal file
|
@ -0,0 +1,13 @@
|
|||
// +build go1.7
|
||||
|
||||
package v4
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
)
|
||||
|
||||
func requestContext(r *http.Request) aws.Context {
|
||||
return r.Context()
|
||||
}
|
|
@ -0,0 +1,63 @@
|
|||
package v4
|
||||
|
||||
import (
|
||||
"encoding/hex"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws/credentials"
|
||||
)
|
||||
|
||||
type credentialValueProvider interface {
|
||||
Get() (credentials.Value, error)
|
||||
}
|
||||
|
||||
// StreamSigner implements signing of event stream encoded payloads
|
||||
type StreamSigner struct {
|
||||
region string
|
||||
service string
|
||||
|
||||
credentials credentialValueProvider
|
||||
|
||||
prevSig []byte
|
||||
}
|
||||
|
||||
// NewStreamSigner creates a SigV4 signer used to sign Event Stream encoded messages
|
||||
func NewStreamSigner(region, service string, seedSignature []byte, credentials *credentials.Credentials) *StreamSigner {
|
||||
return &StreamSigner{
|
||||
region: region,
|
||||
service: service,
|
||||
credentials: credentials,
|
||||
prevSig: seedSignature,
|
||||
}
|
||||
}
|
||||
|
||||
// GetSignature takes an event stream encoded headers and payload and returns a signature
|
||||
func (s *StreamSigner) GetSignature(headers, payload []byte, date time.Time) ([]byte, error) {
|
||||
credValue, err := s.credentials.Get()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
sigKey := deriveSigningKey(s.region, s.service, credValue.SecretAccessKey, date)
|
||||
|
||||
keyPath := buildSigningScope(s.region, s.service, date)
|
||||
|
||||
stringToSign := buildEventStreamStringToSign(headers, payload, s.prevSig, keyPath, date)
|
||||
|
||||
signature := hmacSHA256(sigKey, []byte(stringToSign))
|
||||
s.prevSig = signature
|
||||
|
||||
return signature, nil
|
||||
}
|
||||
|
||||
func buildEventStreamStringToSign(headers, payload, prevSig []byte, scope string, date time.Time) string {
|
||||
return strings.Join([]string{
|
||||
"AWS4-HMAC-SHA256-PAYLOAD",
|
||||
formatTime(date),
|
||||
scope,
|
||||
hex.EncodeToString(prevSig),
|
||||
hex.EncodeToString(hashSHA256(headers)),
|
||||
hex.EncodeToString(hashSHA256(payload)),
|
||||
}, "\n")
|
||||
}
|
|
@ -76,9 +76,14 @@ import (
|
|||
)
|
||||
|
||||
const (
|
||||
authorizationHeader = "Authorization"
|
||||
authHeaderSignatureElem = "Signature="
|
||||
signatureQueryKey = "X-Amz-Signature"
|
||||
|
||||
authHeaderPrefix = "AWS4-HMAC-SHA256"
|
||||
timeFormat = "20060102T150405Z"
|
||||
shortTimeFormat = "20060102"
|
||||
awsV4Request = "aws4_request"
|
||||
|
||||
// emptyStringSHA256 is a SHA256 of an empty string
|
||||
emptyStringSHA256 = `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
|
||||
|
@ -87,7 +92,7 @@ const (
|
|||
var ignoredHeaders = rules{
|
||||
blacklist{
|
||||
mapRule{
|
||||
"Authorization": struct{}{},
|
||||
authorizationHeader: struct{}{},
|
||||
"User-Agent": struct{}{},
|
||||
"X-Amzn-Trace-Id": struct{}{},
|
||||
},
|
||||
|
@ -231,8 +236,6 @@ type signingCtx struct {
|
|||
|
||||
credValues credentials.Value
|
||||
isPresign bool
|
||||
formattedTime string
|
||||
formattedShortTime string
|
||||
unsignedPayload bool
|
||||
|
||||
bodyDigest string
|
||||
|
@ -337,7 +340,7 @@ func (v4 Signer) signWithBody(r *http.Request, body io.ReadSeeker, service, regi
|
|||
}
|
||||
|
||||
var err error
|
||||
ctx.credValues, err = v4.Credentials.Get()
|
||||
ctx.credValues, err = v4.Credentials.GetWithContext(requestContext(r))
|
||||
if err != nil {
|
||||
return http.Header{}, err
|
||||
}
|
||||
|
@ -532,39 +535,56 @@ func (ctx *signingCtx) build(disableHeaderHoisting bool) error {
|
|||
ctx.buildSignature() // depends on string to sign
|
||||
|
||||
if ctx.isPresign {
|
||||
ctx.Request.URL.RawQuery += "&X-Amz-Signature=" + ctx.signature
|
||||
ctx.Request.URL.RawQuery += "&" + signatureQueryKey + "=" + ctx.signature
|
||||
} else {
|
||||
parts := []string{
|
||||
authHeaderPrefix + " Credential=" + ctx.credValues.AccessKeyID + "/" + ctx.credentialString,
|
||||
"SignedHeaders=" + ctx.signedHeaders,
|
||||
"Signature=" + ctx.signature,
|
||||
authHeaderSignatureElem + ctx.signature,
|
||||
}
|
||||
ctx.Request.Header.Set("Authorization", strings.Join(parts, ", "))
|
||||
ctx.Request.Header.Set(authorizationHeader, strings.Join(parts, ", "))
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (ctx *signingCtx) buildTime() {
|
||||
ctx.formattedTime = ctx.Time.UTC().Format(timeFormat)
|
||||
ctx.formattedShortTime = ctx.Time.UTC().Format(shortTimeFormat)
|
||||
// GetSignedRequestSignature attempts to extract the signature of the request.
|
||||
// Returning an error if the request is unsigned, or unable to extract the
|
||||
// signature.
|
||||
func GetSignedRequestSignature(r *http.Request) ([]byte, error) {
|
||||
|
||||
if auth := r.Header.Get(authorizationHeader); len(auth) != 0 {
|
||||
ps := strings.Split(auth, ", ")
|
||||
for _, p := range ps {
|
||||
if idx := strings.Index(p, authHeaderSignatureElem); idx >= 0 {
|
||||
sig := p[len(authHeaderSignatureElem):]
|
||||
if len(sig) == 0 {
|
||||
return nil, fmt.Errorf("invalid request signature authorization header")
|
||||
}
|
||||
return hex.DecodeString(sig)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if sig := r.URL.Query().Get("X-Amz-Signature"); len(sig) != 0 {
|
||||
return hex.DecodeString(sig)
|
||||
}
|
||||
|
||||
return nil, fmt.Errorf("request not signed")
|
||||
}
|
||||
|
||||
func (ctx *signingCtx) buildTime() {
|
||||
if ctx.isPresign {
|
||||
duration := int64(ctx.ExpireTime / time.Second)
|
||||
ctx.Query.Set("X-Amz-Date", ctx.formattedTime)
|
||||
ctx.Query.Set("X-Amz-Date", formatTime(ctx.Time))
|
||||
ctx.Query.Set("X-Amz-Expires", strconv.FormatInt(duration, 10))
|
||||
} else {
|
||||
ctx.Request.Header.Set("X-Amz-Date", ctx.formattedTime)
|
||||
ctx.Request.Header.Set("X-Amz-Date", formatTime(ctx.Time))
|
||||
}
|
||||
}
|
||||
|
||||
func (ctx *signingCtx) buildCredentialString() {
|
||||
ctx.credentialString = strings.Join([]string{
|
||||
ctx.formattedShortTime,
|
||||
ctx.Region,
|
||||
ctx.ServiceName,
|
||||
"aws4_request",
|
||||
}, "/")
|
||||
ctx.credentialString = buildSigningScope(ctx.Region, ctx.ServiceName, ctx.Time)
|
||||
|
||||
if ctx.isPresign {
|
||||
ctx.Query.Set("X-Amz-Credential", ctx.credValues.AccessKeyID+"/"+ctx.credentialString)
|
||||
|
@ -588,8 +608,7 @@ func (ctx *signingCtx) buildCanonicalHeaders(r rule, header http.Header) {
|
|||
var headers []string
|
||||
headers = append(headers, "host")
|
||||
for k, v := range header {
|
||||
canonicalKey := http.CanonicalHeaderKey(k)
|
||||
if !r.IsValid(canonicalKey) {
|
||||
if !r.IsValid(k) {
|
||||
continue // ignored header
|
||||
}
|
||||
if ctx.SignedHeaderVals == nil {
|
||||
|
@ -653,19 +672,15 @@ func (ctx *signingCtx) buildCanonicalString() {
|
|||
func (ctx *signingCtx) buildStringToSign() {
|
||||
ctx.stringToSign = strings.Join([]string{
|
||||
authHeaderPrefix,
|
||||
ctx.formattedTime,
|
||||
formatTime(ctx.Time),
|
||||
ctx.credentialString,
|
||||
hex.EncodeToString(makeSha256([]byte(ctx.canonicalString))),
|
||||
hex.EncodeToString(hashSHA256([]byte(ctx.canonicalString))),
|
||||
}, "\n")
|
||||
}
|
||||
|
||||
func (ctx *signingCtx) buildSignature() {
|
||||
secret := ctx.credValues.SecretAccessKey
|
||||
date := makeHmac([]byte("AWS4"+secret), []byte(ctx.formattedShortTime))
|
||||
region := makeHmac(date, []byte(ctx.Region))
|
||||
service := makeHmac(region, []byte(ctx.ServiceName))
|
||||
credentials := makeHmac(service, []byte("aws4_request"))
|
||||
signature := makeHmac(credentials, []byte(ctx.stringToSign))
|
||||
creds := deriveSigningKey(ctx.Region, ctx.ServiceName, ctx.credValues.SecretAccessKey, ctx.Time)
|
||||
signature := hmacSHA256(creds, []byte(ctx.stringToSign))
|
||||
ctx.signature = hex.EncodeToString(signature)
|
||||
}
|
||||
|
||||
|
@ -687,7 +702,11 @@ func (ctx *signingCtx) buildBodyDigest() error {
|
|||
if !aws.IsReaderSeekable(ctx.Body) {
|
||||
return fmt.Errorf("cannot use unseekable request body %T, for signed request with body", ctx.Body)
|
||||
}
|
||||
hash = hex.EncodeToString(makeSha256Reader(ctx.Body))
|
||||
hashBytes, err := makeSha256Reader(ctx.Body)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
hash = hex.EncodeToString(hashBytes)
|
||||
}
|
||||
|
||||
if includeSHA256Header {
|
||||
|
@ -722,22 +741,28 @@ func (ctx *signingCtx) removePresign() {
|
|||
ctx.Query.Del("X-Amz-SignedHeaders")
|
||||
}
|
||||
|
||||
func makeHmac(key []byte, data []byte) []byte {
|
||||
func hmacSHA256(key []byte, data []byte) []byte {
|
||||
hash := hmac.New(sha256.New, key)
|
||||
hash.Write(data)
|
||||
return hash.Sum(nil)
|
||||
}
|
||||
|
||||
func makeSha256(data []byte) []byte {
|
||||
func hashSHA256(data []byte) []byte {
|
||||
hash := sha256.New()
|
||||
hash.Write(data)
|
||||
return hash.Sum(nil)
|
||||
}
|
||||
|
||||
func makeSha256Reader(reader io.ReadSeeker) []byte {
|
||||
func makeSha256Reader(reader io.ReadSeeker) (hashBytes []byte, err error) {
|
||||
hash := sha256.New()
|
||||
start, _ := reader.Seek(0, sdkio.SeekCurrent)
|
||||
defer reader.Seek(start, sdkio.SeekStart)
|
||||
start, err := reader.Seek(0, sdkio.SeekCurrent)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
defer func() {
|
||||
// ensure error is return if unable to seek back to start of payload.
|
||||
_, err = reader.Seek(start, sdkio.SeekStart)
|
||||
}()
|
||||
|
||||
// Use CopyN to avoid allocating the 32KB buffer in io.Copy for bodies
|
||||
// smaller than 32KB. Fall back to io.Copy if we fail to determine the size.
|
||||
|
@ -748,7 +773,7 @@ func makeSha256Reader(reader io.ReadSeeker) []byte {
|
|||
io.CopyN(hash, reader, size)
|
||||
}
|
||||
|
||||
return hash.Sum(nil)
|
||||
return hash.Sum(nil), nil
|
||||
}
|
||||
|
||||
const doubleSpace = " "
|
||||
|
@ -794,3 +819,28 @@ func stripExcessSpaces(vals []string) {
|
|||
vals[i] = string(buf[:m])
|
||||
}
|
||||
}
|
||||
|
||||
func buildSigningScope(region, service string, dt time.Time) string {
|
||||
return strings.Join([]string{
|
||||
formatShortTime(dt),
|
||||
region,
|
||||
service,
|
||||
awsV4Request,
|
||||
}, "/")
|
||||
}
|
||||
|
||||
func deriveSigningKey(region, service, secretKey string, dt time.Time) []byte {
|
||||
kDate := hmacSHA256([]byte("AWS4"+secretKey), []byte(formatShortTime(dt)))
|
||||
kRegion := hmacSHA256(kDate, []byte(region))
|
||||
kService := hmacSHA256(kRegion, []byte(service))
|
||||
signingKey := hmacSHA256(kService, []byte(awsV4Request))
|
||||
return signingKey
|
||||
}
|
||||
|
||||
func formatShortTime(dt time.Time) string {
|
||||
return dt.UTC().Format(shortTimeFormat)
|
||||
}
|
||||
|
||||
func formatTime(dt time.Time) string {
|
||||
return dt.UTC().Format(timeFormat)
|
||||
}
|
||||
|
|
|
@ -2,18 +2,24 @@ package aws
|
|||
|
||||
import (
|
||||
"io"
|
||||
"strings"
|
||||
"sync"
|
||||
|
||||
"github.com/aws/aws-sdk-go/internal/sdkio"
|
||||
)
|
||||
|
||||
// ReadSeekCloser wraps a io.Reader returning a ReaderSeekerCloser. Should
|
||||
// only be used with an io.Reader that is also an io.Seeker. Doing so may
|
||||
// cause request signature errors, or request body's not sent for GET, HEAD
|
||||
// and DELETE HTTP methods.
|
||||
// ReadSeekCloser wraps a io.Reader returning a ReaderSeekerCloser. Allows the
|
||||
// SDK to accept an io.Reader that is not also an io.Seeker for unsigned
|
||||
// streaming payload API operations.
|
||||
//
|
||||
// Deprecated: Should only be used with io.ReadSeeker. If using for
|
||||
// S3 PutObject to stream content use s3manager.Uploader instead.
|
||||
// A ReadSeekCloser wrapping an nonseekable io.Reader used in an API
|
||||
// operation's input will prevent that operation being retried in the case of
|
||||
// network errors, and cause operation requests to fail if the operation
|
||||
// requires payload signing.
|
||||
//
|
||||
// Note: If using With S3 PutObject to stream an object upload The SDK's S3
|
||||
// Upload manager (s3manager.Uploader) provides support for streaming with the
|
||||
// ability to retry network errors.
|
||||
func ReadSeekCloser(r io.Reader) ReaderSeekerCloser {
|
||||
return ReaderSeekerCloser{r}
|
||||
}
|
||||
|
@ -43,7 +49,8 @@ func IsReaderSeekable(r io.Reader) bool {
|
|||
// Read reads from the reader up to size of p. The number of bytes read, and
|
||||
// error if it occurred will be returned.
|
||||
//
|
||||
// If the reader is not an io.Reader zero bytes read, and nil error will be returned.
|
||||
// If the reader is not an io.Reader zero bytes read, and nil error will be
|
||||
// returned.
|
||||
//
|
||||
// Performs the same functionality as io.Reader Read
|
||||
func (r ReaderSeekerCloser) Read(p []byte) (int, error) {
|
||||
|
@ -199,3 +206,59 @@ func (b *WriteAtBuffer) Bytes() []byte {
|
|||
defer b.m.Unlock()
|
||||
return b.buf
|
||||
}
|
||||
|
||||
// MultiCloser is a utility to close multiple io.Closers within a single
|
||||
// statement.
|
||||
type MultiCloser []io.Closer
|
||||
|
||||
// Close closes all of the io.Closers making up the MultiClosers. Any
|
||||
// errors that occur while closing will be returned in the order they
|
||||
// occur.
|
||||
func (m MultiCloser) Close() error {
|
||||
var errs errors
|
||||
for _, c := range m {
|
||||
err := c.Close()
|
||||
if err != nil {
|
||||
errs = append(errs, err)
|
||||
}
|
||||
}
|
||||
if len(errs) != 0 {
|
||||
return errs
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
type errors []error
|
||||
|
||||
func (es errors) Error() string {
|
||||
var parts []string
|
||||
for _, e := range es {
|
||||
parts = append(parts, e.Error())
|
||||
}
|
||||
|
||||
return strings.Join(parts, "\n")
|
||||
}
|
||||
|
||||
// CopySeekableBody copies the seekable body to an io.Writer
|
||||
func CopySeekableBody(dst io.Writer, src io.ReadSeeker) (int64, error) {
|
||||
curPos, err := src.Seek(0, sdkio.SeekCurrent)
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
|
||||
// copy errors may be assumed to be from the body.
|
||||
n, err := io.Copy(dst, src)
|
||||
if err != nil {
|
||||
return n, err
|
||||
}
|
||||
|
||||
// seek back to the first position after reading to reset
|
||||
// the body for transmission.
|
||||
_, err = src.Seek(curPos, sdkio.SeekStart)
|
||||
if err != nil {
|
||||
return n, err
|
||||
}
|
||||
|
||||
return n, nil
|
||||
}
|
||||
|
|
|
@ -5,4 +5,4 @@ package aws
|
|||
const SDKName = "aws-sdk-go"
|
||||
|
||||
// SDKVersion is the version of this SDK
|
||||
const SDKVersion = "1.17.14"
|
||||
const SDKVersion = "1.34.29"
|
||||
|
|
40
vendor/github.com/aws/aws-sdk-go/internal/context/background_go1.5.go
generated
vendored
Normal file
40
vendor/github.com/aws/aws-sdk-go/internal/context/background_go1.5.go
generated
vendored
Normal file
|
@ -0,0 +1,40 @@
|
|||
// +build !go1.7
|
||||
|
||||
package context
|
||||
|
||||
import "time"
|
||||
|
||||
// An emptyCtx is a copy of the Go 1.7 context.emptyCtx type. This is copied to
|
||||
// provide a 1.6 and 1.5 safe version of context that is compatible with Go
|
||||
// 1.7's Context.
|
||||
//
|
||||
// An emptyCtx is never canceled, has no values, and has no deadline. It is not
|
||||
// struct{}, since vars of this type must have distinct addresses.
|
||||
type emptyCtx int
|
||||
|
||||
func (*emptyCtx) Deadline() (deadline time.Time, ok bool) {
|
||||
return
|
||||
}
|
||||
|
||||
func (*emptyCtx) Done() <-chan struct{} {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (*emptyCtx) Err() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (*emptyCtx) Value(key interface{}) interface{} {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (e *emptyCtx) String() string {
|
||||
switch e {
|
||||
case BackgroundCtx:
|
||||
return "aws.BackgroundContext"
|
||||
}
|
||||
return "unknown empty Context"
|
||||
}
|
||||
|
||||
// BackgroundCtx is the common base context.
|
||||
var BackgroundCtx = new(emptyCtx)
|
|
@ -162,7 +162,7 @@ loop:
|
|||
if len(tokens) == 0 {
|
||||
break loop
|
||||
}
|
||||
|
||||
// if should skip is true, we skip the tokens until should skip is set to false.
|
||||
step = SkipTokenState
|
||||
}
|
||||
|
||||
|
@ -218,7 +218,7 @@ loop:
|
|||
// S -> equal_expr' expr_stmt'
|
||||
switch k.Kind {
|
||||
case ASTKindEqualExpr:
|
||||
// assiging a value to some key
|
||||
// assigning a value to some key
|
||||
k.AppendChild(newExpression(tok))
|
||||
stack.Push(newExprStatement(k))
|
||||
case ASTKindExpr:
|
||||
|
@ -250,6 +250,13 @@ loop:
|
|||
if !runeCompare(tok.Raw(), openBrace) {
|
||||
return nil, NewParseError("expected '['")
|
||||
}
|
||||
// If OpenScopeState is not at the start, we must mark the previous ast as complete
|
||||
//
|
||||
// for example: if previous ast was a skip statement;
|
||||
// we should mark it as complete before we create a new statement
|
||||
if k.Kind != ASTKindStart {
|
||||
stack.MarkComplete(k)
|
||||
}
|
||||
|
||||
stmt := newStatement()
|
||||
stack.Push(stmt)
|
||||
|
@ -304,7 +311,9 @@ loop:
|
|||
stmt := newCommentStatement(tok)
|
||||
stack.Push(stmt)
|
||||
default:
|
||||
return nil, NewParseError(fmt.Sprintf("invalid state with ASTKind %v and TokenType %v", k, tok))
|
||||
return nil, NewParseError(
|
||||
fmt.Sprintf("invalid state with ASTKind %v and TokenType %v",
|
||||
k, tok.Type()))
|
||||
}
|
||||
|
||||
if len(tokens) > 0 {
|
||||
|
@ -314,7 +323,7 @@ loop:
|
|||
|
||||
// this occurs when a statement has not been completed
|
||||
if stack.top > 1 {
|
||||
return nil, NewParseError(fmt.Sprintf("incomplete expression: %v", stack.container))
|
||||
return nil, NewParseError(fmt.Sprintf("incomplete ini expression"))
|
||||
}
|
||||
|
||||
// returns a sublist which excludes the start symbol
|
||||
|
|
|
@ -22,24 +22,24 @@ func newSkipper() skipper {
|
|||
}
|
||||
|
||||
func (s *skipper) ShouldSkip(tok Token) bool {
|
||||
// should skip state will be modified only if previous token was new line (NL);
|
||||
// and the current token is not WhiteSpace (WS).
|
||||
if s.shouldSkip &&
|
||||
s.prevTok.Type() == TokenNL &&
|
||||
tok.Type() != TokenWS {
|
||||
|
||||
s.Continue()
|
||||
return false
|
||||
}
|
||||
s.prevTok = tok
|
||||
|
||||
return s.shouldSkip
|
||||
}
|
||||
|
||||
func (s *skipper) Skip() {
|
||||
s.shouldSkip = true
|
||||
s.prevTok = emptyToken
|
||||
}
|
||||
|
||||
func (s *skipper) Continue() {
|
||||
s.shouldSkip = false
|
||||
// empty token is assigned as we return to default state, when should skip is false
|
||||
s.prevTok = emptyToken
|
||||
}
|
||||
|
|
|
@ -0,0 +1,12 @@
|
|||
package sdkio
|
||||
|
||||
const (
|
||||
// Byte is 8 bits
|
||||
Byte int64 = 1
|
||||
// KibiByte (KiB) is 1024 Bytes
|
||||
KibiByte = Byte * 1024
|
||||
// MebiByte (MiB) is 1024 KiB
|
||||
MebiByte = KibiByte * 1024
|
||||
// GibiByte (GiB) is 1024 MiB
|
||||
GibiByte = MebiByte * 1024
|
||||
)
|
|
@ -0,0 +1,15 @@
|
|||
// +build go1.10
|
||||
|
||||
package sdkmath
|
||||
|
||||
import "math"
|
||||
|
||||
// Round returns the nearest integer, rounding half away from zero.
|
||||
//
|
||||
// Special cases are:
|
||||
// Round(±0) = ±0
|
||||
// Round(±Inf) = ±Inf
|
||||
// Round(NaN) = NaN
|
||||
func Round(x float64) float64 {
|
||||
return math.Round(x)
|
||||
}
|
|
@ -0,0 +1,56 @@
|
|||
// +build !go1.10
|
||||
|
||||
package sdkmath
|
||||
|
||||
import "math"
|
||||
|
||||
// Copied from the Go standard library's (Go 1.12) math/floor.go for use in
|
||||
// Go version prior to Go 1.10.
|
||||
const (
|
||||
uvone = 0x3FF0000000000000
|
||||
mask = 0x7FF
|
||||
shift = 64 - 11 - 1
|
||||
bias = 1023
|
||||
signMask = 1 << 63
|
||||
fracMask = 1<<shift - 1
|
||||
)
|
||||
|
||||
// Round returns the nearest integer, rounding half away from zero.
|
||||
//
|
||||
// Special cases are:
|
||||
// Round(±0) = ±0
|
||||
// Round(±Inf) = ±Inf
|
||||
// Round(NaN) = NaN
|
||||
//
|
||||
// Copied from the Go standard library's (Go 1.12) math/floor.go for use in
|
||||
// Go version prior to Go 1.10.
|
||||
func Round(x float64) float64 {
|
||||
// Round is a faster implementation of:
|
||||
//
|
||||
// func Round(x float64) float64 {
|
||||
// t := Trunc(x)
|
||||
// if Abs(x-t) >= 0.5 {
|
||||
// return t + Copysign(1, x)
|
||||
// }
|
||||
// return t
|
||||
// }
|
||||
bits := math.Float64bits(x)
|
||||
e := uint(bits>>shift) & mask
|
||||
if e < bias {
|
||||
// Round abs(x) < 1 including denormals.
|
||||
bits &= signMask // +-0
|
||||
if e == bias-1 {
|
||||
bits |= uvone // +-1
|
||||
}
|
||||
} else if e < bias+shift {
|
||||
// Round any abs(x) >= 1 containing a fractional component [0,1).
|
||||
//
|
||||
// Numbers with larger exponents are returned unchanged since they
|
||||
// must be either an integer, infinity, or NaN.
|
||||
const half = 1 << (shift - 1)
|
||||
e -= bias
|
||||
bits += half >> e
|
||||
bits &^= fracMask >> e
|
||||
}
|
||||
return math.Float64frombits(bits)
|
||||
}
|
|
@ -0,0 +1,11 @@
|
|||
// +build go1.6
|
||||
|
||||
package sdkrand
|
||||
|
||||
import "math/rand"
|
||||
|
||||
// Read provides the stub for math.Rand.Read method support for go version's
|
||||
// 1.6 and greater.
|
||||
func Read(r *rand.Rand, p []byte) (int, error) {
|
||||
return r.Read(p)
|
||||
}
|
|
@ -0,0 +1,24 @@
|
|||
// +build !go1.6
|
||||
|
||||
package sdkrand
|
||||
|
||||
import "math/rand"
|
||||
|
||||
// Read backfills Go 1.6's math.Rand.Reader for Go 1.5
|
||||
func Read(r *rand.Rand, p []byte) (n int, err error) {
|
||||
// Copy of Go standard libraries math package's read function not added to
|
||||
// standard library until Go 1.6.
|
||||
var pos int8
|
||||
var val int64
|
||||
for n = 0; n < len(p); n++ {
|
||||
if pos == 0 {
|
||||
val = r.Int63()
|
||||
pos = 7
|
||||
}
|
||||
p[n] = byte(val)
|
||||
val >>= 8
|
||||
pos--
|
||||
}
|
||||
|
||||
return n, err
|
||||
}
|
|
@ -0,0 +1,11 @@
|
|||
package strings
|
||||
|
||||
import (
|
||||
"strings"
|
||||
)
|
||||
|
||||
// HasPrefixFold tests whether the string s begins with prefix, interpreted as UTF-8 strings,
|
||||
// under Unicode case-folding.
|
||||
func HasPrefixFold(s, prefix string) bool {
|
||||
return len(s) >= len(prefix) && strings.EqualFold(s[0:len(prefix)], prefix)
|
||||
}
|
27
vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/LICENSE
generated
vendored
Normal file
27
vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/LICENSE
generated
vendored
Normal file
|
@ -0,0 +1,27 @@
|
|||
Copyright (c) 2009 The Go Authors. All rights reserved.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions are
|
||||
met:
|
||||
|
||||
* Redistributions of source code must retain the above copyright
|
||||
notice, this list of conditions and the following disclaimer.
|
||||
* Redistributions in binary form must reproduce the above
|
||||
copyright notice, this list of conditions and the following disclaimer
|
||||
in the documentation and/or other materials provided with the
|
||||
distribution.
|
||||
* Neither the name of Google Inc. nor the names of its
|
||||
contributors may be used to endorse or promote products derived from
|
||||
this software without specific prior written permission.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
||||
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
||||
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
||||
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
120
vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/singleflight.go
generated
vendored
Normal file
120
vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/singleflight.go
generated
vendored
Normal file
|
@ -0,0 +1,120 @@
|
|||
// Copyright 2013 The Go Authors. All rights reserved.
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
// Package singleflight provides a duplicate function call suppression
|
||||
// mechanism.
|
||||
package singleflight
|
||||
|
||||
import "sync"
|
||||
|
||||
// call is an in-flight or completed singleflight.Do call
|
||||
type call struct {
|
||||
wg sync.WaitGroup
|
||||
|
||||
// These fields are written once before the WaitGroup is done
|
||||
// and are only read after the WaitGroup is done.
|
||||
val interface{}
|
||||
err error
|
||||
|
||||
// forgotten indicates whether Forget was called with this call's key
|
||||
// while the call was still in flight.
|
||||
forgotten bool
|
||||
|
||||
// These fields are read and written with the singleflight
|
||||
// mutex held before the WaitGroup is done, and are read but
|
||||
// not written after the WaitGroup is done.
|
||||
dups int
|
||||
chans []chan<- Result
|
||||
}
|
||||
|
||||
// Group represents a class of work and forms a namespace in
|
||||
// which units of work can be executed with duplicate suppression.
|
||||
type Group struct {
|
||||
mu sync.Mutex // protects m
|
||||
m map[string]*call // lazily initialized
|
||||
}
|
||||
|
||||
// Result holds the results of Do, so they can be passed
|
||||
// on a channel.
|
||||
type Result struct {
|
||||
Val interface{}
|
||||
Err error
|
||||
Shared bool
|
||||
}
|
||||
|
||||
// Do executes and returns the results of the given function, making
|
||||
// sure that only one execution is in-flight for a given key at a
|
||||
// time. If a duplicate comes in, the duplicate caller waits for the
|
||||
// original to complete and receives the same results.
|
||||
// The return value shared indicates whether v was given to multiple callers.
|
||||
func (g *Group) Do(key string, fn func() (interface{}, error)) (v interface{}, err error, shared bool) {
|
||||
g.mu.Lock()
|
||||
if g.m == nil {
|
||||
g.m = make(map[string]*call)
|
||||
}
|
||||
if c, ok := g.m[key]; ok {
|
||||
c.dups++
|
||||
g.mu.Unlock()
|
||||
c.wg.Wait()
|
||||
return c.val, c.err, true
|
||||
}
|
||||
c := new(call)
|
||||
c.wg.Add(1)
|
||||
g.m[key] = c
|
||||
g.mu.Unlock()
|
||||
|
||||
g.doCall(c, key, fn)
|
||||
return c.val, c.err, c.dups > 0
|
||||
}
|
||||
|
||||
// DoChan is like Do but returns a channel that will receive the
|
||||
// results when they are ready.
|
||||
func (g *Group) DoChan(key string, fn func() (interface{}, error)) <-chan Result {
|
||||
ch := make(chan Result, 1)
|
||||
g.mu.Lock()
|
||||
if g.m == nil {
|
||||
g.m = make(map[string]*call)
|
||||
}
|
||||
if c, ok := g.m[key]; ok {
|
||||
c.dups++
|
||||
c.chans = append(c.chans, ch)
|
||||
g.mu.Unlock()
|
||||
return ch
|
||||
}
|
||||
c := &call{chans: []chan<- Result{ch}}
|
||||
c.wg.Add(1)
|
||||
g.m[key] = c
|
||||
g.mu.Unlock()
|
||||
|
||||
go g.doCall(c, key, fn)
|
||||
|
||||
return ch
|
||||
}
|
||||
|
||||
// doCall handles the single call for a key.
|
||||
func (g *Group) doCall(c *call, key string, fn func() (interface{}, error)) {
|
||||
c.val, c.err = fn()
|
||||
c.wg.Done()
|
||||
|
||||
g.mu.Lock()
|
||||
if !c.forgotten {
|
||||
delete(g.m, key)
|
||||
}
|
||||
for _, ch := range c.chans {
|
||||
ch <- Result{c.val, c.err, c.dups > 0}
|
||||
}
|
||||
g.mu.Unlock()
|
||||
}
|
||||
|
||||
// Forget tells the singleflight to forget about a key. Future calls
|
||||
// to Do for this key will call the function rather than waiting for
|
||||
// an earlier call to complete.
|
||||
func (g *Group) Forget(key string) {
|
||||
g.mu.Lock()
|
||||
if c, ok := g.m[key]; ok {
|
||||
c.forgotten = true
|
||||
}
|
||||
delete(g.m, key)
|
||||
g.mu.Unlock()
|
||||
}
|
296
vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/build.go
generated
vendored
Normal file
296
vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/build.go
generated
vendored
Normal file
|
@ -0,0 +1,296 @@
|
|||
// Package jsonutil provides JSON serialization of AWS requests and responses.
|
||||
package jsonutil
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"math"
|
||||
"reflect"
|
||||
"sort"
|
||||
"strconv"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/private/protocol"
|
||||
)
|
||||
|
||||
var timeType = reflect.ValueOf(time.Time{}).Type()
|
||||
var byteSliceType = reflect.ValueOf([]byte{}).Type()
|
||||
|
||||
// BuildJSON builds a JSON string for a given object v.
|
||||
func BuildJSON(v interface{}) ([]byte, error) {
|
||||
var buf bytes.Buffer
|
||||
|
||||
err := buildAny(reflect.ValueOf(v), &buf, "")
|
||||
return buf.Bytes(), err
|
||||
}
|
||||
|
||||
func buildAny(value reflect.Value, buf *bytes.Buffer, tag reflect.StructTag) error {
|
||||
origVal := value
|
||||
value = reflect.Indirect(value)
|
||||
if !value.IsValid() {
|
||||
return nil
|
||||
}
|
||||
|
||||
vtype := value.Type()
|
||||
|
||||
t := tag.Get("type")
|
||||
if t == "" {
|
||||
switch vtype.Kind() {
|
||||
case reflect.Struct:
|
||||
// also it can't be a time object
|
||||
if value.Type() != timeType {
|
||||
t = "structure"
|
||||
}
|
||||
case reflect.Slice:
|
||||
// also it can't be a byte slice
|
||||
if _, ok := value.Interface().([]byte); !ok {
|
||||
t = "list"
|
||||
}
|
||||
case reflect.Map:
|
||||
// cannot be a JSONValue map
|
||||
if _, ok := value.Interface().(aws.JSONValue); !ok {
|
||||
t = "map"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
switch t {
|
||||
case "structure":
|
||||
if field, ok := vtype.FieldByName("_"); ok {
|
||||
tag = field.Tag
|
||||
}
|
||||
return buildStruct(value, buf, tag)
|
||||
case "list":
|
||||
return buildList(value, buf, tag)
|
||||
case "map":
|
||||
return buildMap(value, buf, tag)
|
||||
default:
|
||||
return buildScalar(origVal, buf, tag)
|
||||
}
|
||||
}
|
||||
|
||||
func buildStruct(value reflect.Value, buf *bytes.Buffer, tag reflect.StructTag) error {
|
||||
if !value.IsValid() {
|
||||
return nil
|
||||
}
|
||||
|
||||
// unwrap payloads
|
||||
if payload := tag.Get("payload"); payload != "" {
|
||||
field, _ := value.Type().FieldByName(payload)
|
||||
tag = field.Tag
|
||||
value = elemOf(value.FieldByName(payload))
|
||||
|
||||
if !value.IsValid() {
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
buf.WriteByte('{')
|
||||
|
||||
t := value.Type()
|
||||
first := true
|
||||
for i := 0; i < t.NumField(); i++ {
|
||||
member := value.Field(i)
|
||||
|
||||
// This allocates the most memory.
|
||||
// Additionally, we cannot skip nil fields due to
|
||||
// idempotency auto filling.
|
||||
field := t.Field(i)
|
||||
|
||||
if field.PkgPath != "" {
|
||||
continue // ignore unexported fields
|
||||
}
|
||||
if field.Tag.Get("json") == "-" {
|
||||
continue
|
||||
}
|
||||
if field.Tag.Get("location") != "" {
|
||||
continue // ignore non-body elements
|
||||
}
|
||||
if field.Tag.Get("ignore") != "" {
|
||||
continue
|
||||
}
|
||||
|
||||
if protocol.CanSetIdempotencyToken(member, field) {
|
||||
token := protocol.GetIdempotencyToken()
|
||||
member = reflect.ValueOf(&token)
|
||||
}
|
||||
|
||||
if (member.Kind() == reflect.Ptr || member.Kind() == reflect.Slice || member.Kind() == reflect.Map) && member.IsNil() {
|
||||
continue // ignore unset fields
|
||||
}
|
||||
|
||||
if first {
|
||||
first = false
|
||||
} else {
|
||||
buf.WriteByte(',')
|
||||
}
|
||||
|
||||
// figure out what this field is called
|
||||
name := field.Name
|
||||
if locName := field.Tag.Get("locationName"); locName != "" {
|
||||
name = locName
|
||||
}
|
||||
|
||||
writeString(name, buf)
|
||||
buf.WriteString(`:`)
|
||||
|
||||
err := buildAny(member, buf, field.Tag)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
buf.WriteString("}")
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func buildList(value reflect.Value, buf *bytes.Buffer, tag reflect.StructTag) error {
|
||||
buf.WriteString("[")
|
||||
|
||||
for i := 0; i < value.Len(); i++ {
|
||||
buildAny(value.Index(i), buf, "")
|
||||
|
||||
if i < value.Len()-1 {
|
||||
buf.WriteString(",")
|
||||
}
|
||||
}
|
||||
|
||||
buf.WriteString("]")
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
type sortedValues []reflect.Value
|
||||
|
||||
func (sv sortedValues) Len() int { return len(sv) }
|
||||
func (sv sortedValues) Swap(i, j int) { sv[i], sv[j] = sv[j], sv[i] }
|
||||
func (sv sortedValues) Less(i, j int) bool { return sv[i].String() < sv[j].String() }
|
||||
|
||||
func buildMap(value reflect.Value, buf *bytes.Buffer, tag reflect.StructTag) error {
|
||||
buf.WriteString("{")
|
||||
|
||||
sv := sortedValues(value.MapKeys())
|
||||
sort.Sort(sv)
|
||||
|
||||
for i, k := range sv {
|
||||
if i > 0 {
|
||||
buf.WriteByte(',')
|
||||
}
|
||||
|
||||
writeString(k.String(), buf)
|
||||
buf.WriteString(`:`)
|
||||
|
||||
buildAny(value.MapIndex(k), buf, "")
|
||||
}
|
||||
|
||||
buf.WriteString("}")
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func buildScalar(v reflect.Value, buf *bytes.Buffer, tag reflect.StructTag) error {
|
||||
// prevents allocation on the heap.
|
||||
scratch := [64]byte{}
|
||||
switch value := reflect.Indirect(v); value.Kind() {
|
||||
case reflect.String:
|
||||
writeString(value.String(), buf)
|
||||
case reflect.Bool:
|
||||
if value.Bool() {
|
||||
buf.WriteString("true")
|
||||
} else {
|
||||
buf.WriteString("false")
|
||||
}
|
||||
case reflect.Int64:
|
||||
buf.Write(strconv.AppendInt(scratch[:0], value.Int(), 10))
|
||||
case reflect.Float64:
|
||||
f := value.Float()
|
||||
if math.IsInf(f, 0) || math.IsNaN(f) {
|
||||
return &json.UnsupportedValueError{Value: v, Str: strconv.FormatFloat(f, 'f', -1, 64)}
|
||||
}
|
||||
buf.Write(strconv.AppendFloat(scratch[:0], f, 'f', -1, 64))
|
||||
default:
|
||||
switch converted := value.Interface().(type) {
|
||||
case time.Time:
|
||||
format := tag.Get("timestampFormat")
|
||||
if len(format) == 0 {
|
||||
format = protocol.UnixTimeFormatName
|
||||
}
|
||||
|
||||
ts := protocol.FormatTime(format, converted)
|
||||
if format != protocol.UnixTimeFormatName {
|
||||
ts = `"` + ts + `"`
|
||||
}
|
||||
|
||||
buf.WriteString(ts)
|
||||
case []byte:
|
||||
if !value.IsNil() {
|
||||
buf.WriteByte('"')
|
||||
if len(converted) < 1024 {
|
||||
// for small buffers, using Encode directly is much faster.
|
||||
dst := make([]byte, base64.StdEncoding.EncodedLen(len(converted)))
|
||||
base64.StdEncoding.Encode(dst, converted)
|
||||
buf.Write(dst)
|
||||
} else {
|
||||
// for large buffers, avoid unnecessary extra temporary
|
||||
// buffer space.
|
||||
enc := base64.NewEncoder(base64.StdEncoding, buf)
|
||||
enc.Write(converted)
|
||||
enc.Close()
|
||||
}
|
||||
buf.WriteByte('"')
|
||||
}
|
||||
case aws.JSONValue:
|
||||
str, err := protocol.EncodeJSONValue(converted, protocol.QuotedEscape)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to encode JSONValue, %v", err)
|
||||
}
|
||||
buf.WriteString(str)
|
||||
default:
|
||||
return fmt.Errorf("unsupported JSON value %v (%s)", value.Interface(), value.Type())
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
var hex = "0123456789abcdef"
|
||||
|
||||
func writeString(s string, buf *bytes.Buffer) {
|
||||
buf.WriteByte('"')
|
||||
for i := 0; i < len(s); i++ {
|
||||
if s[i] == '"' {
|
||||
buf.WriteString(`\"`)
|
||||
} else if s[i] == '\\' {
|
||||
buf.WriteString(`\\`)
|
||||
} else if s[i] == '\b' {
|
||||
buf.WriteString(`\b`)
|
||||
} else if s[i] == '\f' {
|
||||
buf.WriteString(`\f`)
|
||||
} else if s[i] == '\r' {
|
||||
buf.WriteString(`\r`)
|
||||
} else if s[i] == '\t' {
|
||||
buf.WriteString(`\t`)
|
||||
} else if s[i] == '\n' {
|
||||
buf.WriteString(`\n`)
|
||||
} else if s[i] < 32 {
|
||||
buf.WriteString("\\u00")
|
||||
buf.WriteByte(hex[s[i]>>4])
|
||||
buf.WriteByte(hex[s[i]&0xF])
|
||||
} else {
|
||||
buf.WriteByte(s[i])
|
||||
}
|
||||
}
|
||||
buf.WriteByte('"')
|
||||
}
|
||||
|
||||
// Returns the reflection element of a value, if it is a pointer.
|
||||
func elemOf(value reflect.Value) reflect.Value {
|
||||
for value.Kind() == reflect.Ptr {
|
||||
value = value.Elem()
|
||||
}
|
||||
return value
|
||||
}
|
304
vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go
generated
vendored
Normal file
304
vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go
generated
vendored
Normal file
|
@ -0,0 +1,304 @@
|
|||
package jsonutil
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io"
|
||||
"math/big"
|
||||
"reflect"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/private/protocol"
|
||||
)
|
||||
|
||||
var millisecondsFloat = new(big.Float).SetInt64(1e3)
|
||||
|
||||
// UnmarshalJSONError unmarshal's the reader's JSON document into the passed in
|
||||
// type. The value to unmarshal the json document into must be a pointer to the
|
||||
// type.
|
||||
func UnmarshalJSONError(v interface{}, stream io.Reader) error {
|
||||
var errBuf bytes.Buffer
|
||||
body := io.TeeReader(stream, &errBuf)
|
||||
|
||||
err := json.NewDecoder(body).Decode(v)
|
||||
if err != nil {
|
||||
msg := "failed decoding error message"
|
||||
if err == io.EOF {
|
||||
msg = "error message missing"
|
||||
err = nil
|
||||
}
|
||||
return awserr.NewUnmarshalError(err, msg, errBuf.Bytes())
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// UnmarshalJSON reads a stream and unmarshals the results in object v.
|
||||
func UnmarshalJSON(v interface{}, stream io.Reader) error {
|
||||
var out interface{}
|
||||
|
||||
decoder := json.NewDecoder(stream)
|
||||
decoder.UseNumber()
|
||||
err := decoder.Decode(&out)
|
||||
if err == io.EOF {
|
||||
return nil
|
||||
} else if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return unmarshaler{}.unmarshalAny(reflect.ValueOf(v), out, "")
|
||||
}
|
||||
|
||||
// UnmarshalJSONCaseInsensitive reads a stream and unmarshals the result into the
|
||||
// object v. Ignores casing for structure members.
|
||||
func UnmarshalJSONCaseInsensitive(v interface{}, stream io.Reader) error {
|
||||
var out interface{}
|
||||
|
||||
decoder := json.NewDecoder(stream)
|
||||
decoder.UseNumber()
|
||||
err := decoder.Decode(&out)
|
||||
if err == io.EOF {
|
||||
return nil
|
||||
} else if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return unmarshaler{
|
||||
caseInsensitive: true,
|
||||
}.unmarshalAny(reflect.ValueOf(v), out, "")
|
||||
}
|
||||
|
||||
type unmarshaler struct {
|
||||
caseInsensitive bool
|
||||
}
|
||||
|
||||
func (u unmarshaler) unmarshalAny(value reflect.Value, data interface{}, tag reflect.StructTag) error {
|
||||
vtype := value.Type()
|
||||
if vtype.Kind() == reflect.Ptr {
|
||||
vtype = vtype.Elem() // check kind of actual element type
|
||||
}
|
||||
|
||||
t := tag.Get("type")
|
||||
if t == "" {
|
||||
switch vtype.Kind() {
|
||||
case reflect.Struct:
|
||||
// also it can't be a time object
|
||||
if _, ok := value.Interface().(*time.Time); !ok {
|
||||
t = "structure"
|
||||
}
|
||||
case reflect.Slice:
|
||||
// also it can't be a byte slice
|
||||
if _, ok := value.Interface().([]byte); !ok {
|
||||
t = "list"
|
||||
}
|
||||
case reflect.Map:
|
||||
// cannot be a JSONValue map
|
||||
if _, ok := value.Interface().(aws.JSONValue); !ok {
|
||||
t = "map"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
switch t {
|
||||
case "structure":
|
||||
if field, ok := vtype.FieldByName("_"); ok {
|
||||
tag = field.Tag
|
||||
}
|
||||
return u.unmarshalStruct(value, data, tag)
|
||||
case "list":
|
||||
return u.unmarshalList(value, data, tag)
|
||||
case "map":
|
||||
return u.unmarshalMap(value, data, tag)
|
||||
default:
|
||||
return u.unmarshalScalar(value, data, tag)
|
||||
}
|
||||
}
|
||||
|
||||
func (u unmarshaler) unmarshalStruct(value reflect.Value, data interface{}, tag reflect.StructTag) error {
|
||||
if data == nil {
|
||||
return nil
|
||||
}
|
||||
mapData, ok := data.(map[string]interface{})
|
||||
if !ok {
|
||||
return fmt.Errorf("JSON value is not a structure (%#v)", data)
|
||||
}
|
||||
|
||||
t := value.Type()
|
||||
if value.Kind() == reflect.Ptr {
|
||||
if value.IsNil() { // create the structure if it's nil
|
||||
s := reflect.New(value.Type().Elem())
|
||||
value.Set(s)
|
||||
value = s
|
||||
}
|
||||
|
||||
value = value.Elem()
|
||||
t = t.Elem()
|
||||
}
|
||||
|
||||
// unwrap any payloads
|
||||
if payload := tag.Get("payload"); payload != "" {
|
||||
field, _ := t.FieldByName(payload)
|
||||
return u.unmarshalAny(value.FieldByName(payload), data, field.Tag)
|
||||
}
|
||||
|
||||
for i := 0; i < t.NumField(); i++ {
|
||||
field := t.Field(i)
|
||||
if field.PkgPath != "" {
|
||||
continue // ignore unexported fields
|
||||
}
|
||||
|
||||
// figure out what this field is called
|
||||
name := field.Name
|
||||
if locName := field.Tag.Get("locationName"); locName != "" {
|
||||
name = locName
|
||||
}
|
||||
if u.caseInsensitive {
|
||||
if _, ok := mapData[name]; !ok {
|
||||
// Fallback to uncased name search if the exact name didn't match.
|
||||
for kn, v := range mapData {
|
||||
if strings.EqualFold(kn, name) {
|
||||
mapData[name] = v
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
member := value.FieldByIndex(field.Index)
|
||||
err := u.unmarshalAny(member, mapData[name], field.Tag)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (u unmarshaler) unmarshalList(value reflect.Value, data interface{}, tag reflect.StructTag) error {
|
||||
if data == nil {
|
||||
return nil
|
||||
}
|
||||
listData, ok := data.([]interface{})
|
||||
if !ok {
|
||||
return fmt.Errorf("JSON value is not a list (%#v)", data)
|
||||
}
|
||||
|
||||
if value.IsNil() {
|
||||
l := len(listData)
|
||||
value.Set(reflect.MakeSlice(value.Type(), l, l))
|
||||
}
|
||||
|
||||
for i, c := range listData {
|
||||
err := u.unmarshalAny(value.Index(i), c, "")
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (u unmarshaler) unmarshalMap(value reflect.Value, data interface{}, tag reflect.StructTag) error {
|
||||
if data == nil {
|
||||
return nil
|
||||
}
|
||||
mapData, ok := data.(map[string]interface{})
|
||||
if !ok {
|
||||
return fmt.Errorf("JSON value is not a map (%#v)", data)
|
||||
}
|
||||
|
||||
if value.IsNil() {
|
||||
value.Set(reflect.MakeMap(value.Type()))
|
||||
}
|
||||
|
||||
for k, v := range mapData {
|
||||
kvalue := reflect.ValueOf(k)
|
||||
vvalue := reflect.New(value.Type().Elem()).Elem()
|
||||
|
||||
u.unmarshalAny(vvalue, v, "")
|
||||
value.SetMapIndex(kvalue, vvalue)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (u unmarshaler) unmarshalScalar(value reflect.Value, data interface{}, tag reflect.StructTag) error {
|
||||
|
||||
switch d := data.(type) {
|
||||
case nil:
|
||||
return nil // nothing to do here
|
||||
case string:
|
||||
switch value.Interface().(type) {
|
||||
case *string:
|
||||
value.Set(reflect.ValueOf(&d))
|
||||
case []byte:
|
||||
b, err := base64.StdEncoding.DecodeString(d)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
value.Set(reflect.ValueOf(b))
|
||||
case *time.Time:
|
||||
format := tag.Get("timestampFormat")
|
||||
if len(format) == 0 {
|
||||
format = protocol.ISO8601TimeFormatName
|
||||
}
|
||||
|
||||
t, err := protocol.ParseTime(format, d)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
value.Set(reflect.ValueOf(&t))
|
||||
case aws.JSONValue:
|
||||
// No need to use escaping as the value is a non-quoted string.
|
||||
v, err := protocol.DecodeJSONValue(d, protocol.NoEscape)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
value.Set(reflect.ValueOf(v))
|
||||
default:
|
||||
return fmt.Errorf("unsupported value: %v (%s)", value.Interface(), value.Type())
|
||||
}
|
||||
case json.Number:
|
||||
switch value.Interface().(type) {
|
||||
case *int64:
|
||||
// Retain the old behavior where we would just truncate the float64
|
||||
// calling d.Int64() here could cause an invalid syntax error due to the usage of strconv.ParseInt
|
||||
f, err := d.Float64()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
di := int64(f)
|
||||
value.Set(reflect.ValueOf(&di))
|
||||
case *float64:
|
||||
f, err := d.Float64()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
value.Set(reflect.ValueOf(&f))
|
||||
case *time.Time:
|
||||
float, ok := new(big.Float).SetString(d.String())
|
||||
if !ok {
|
||||
return fmt.Errorf("unsupported float time representation: %v", d.String())
|
||||
}
|
||||
float = float.Mul(float, millisecondsFloat)
|
||||
ms, _ := float.Int64()
|
||||
t := time.Unix(0, ms*1e6).UTC()
|
||||
value.Set(reflect.ValueOf(&t))
|
||||
default:
|
||||
return fmt.Errorf("unsupported value: %v (%s)", value.Interface(), value.Type())
|
||||
}
|
||||
case bool:
|
||||
switch value.Interface().(type) {
|
||||
case *bool:
|
||||
value.Set(reflect.ValueOf(&d))
|
||||
default:
|
||||
return fmt.Errorf("unsupported value: %v (%s)", value.Interface(), value.Type())
|
||||
}
|
||||
default:
|
||||
return fmt.Errorf("unsupported JSON value (%v)", data)
|
||||
}
|
||||
return nil
|
||||
}
|
|
@ -64,7 +64,7 @@ func (h HandlerPayloadMarshal) MarshalPayload(w io.Writer, v interface{}) error
|
|||
metadata.ClientInfo{},
|
||||
request.Handlers{},
|
||||
nil,
|
||||
&request.Operation{HTTPMethod: "GET"},
|
||||
&request.Operation{HTTPMethod: "PUT"},
|
||||
v,
|
||||
nil,
|
||||
)
|
||||
|
|
|
@ -0,0 +1,49 @@
|
|||
package protocol
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
)
|
||||
|
||||
// RequireHTTPMinProtocol request handler is used to enforce that
|
||||
// the target endpoint supports the given major and minor HTTP protocol version.
|
||||
type RequireHTTPMinProtocol struct {
|
||||
Major, Minor int
|
||||
}
|
||||
|
||||
// Handler will mark the request.Request with an error if the
|
||||
// target endpoint did not connect with the required HTTP protocol
|
||||
// major and minor version.
|
||||
func (p RequireHTTPMinProtocol) Handler(r *request.Request) {
|
||||
if r.Error != nil || r.HTTPResponse == nil {
|
||||
return
|
||||
}
|
||||
|
||||
if !strings.HasPrefix(r.HTTPResponse.Proto, "HTTP") {
|
||||
r.Error = newMinHTTPProtoError(p.Major, p.Minor, r)
|
||||
}
|
||||
|
||||
if r.HTTPResponse.ProtoMajor < p.Major || r.HTTPResponse.ProtoMinor < p.Minor {
|
||||
r.Error = newMinHTTPProtoError(p.Major, p.Minor, r)
|
||||
}
|
||||
}
|
||||
|
||||
// ErrCodeMinimumHTTPProtocolError error code is returned when the target endpoint
|
||||
// did not match the required HTTP major and minor protocol version.
|
||||
const ErrCodeMinimumHTTPProtocolError = "MinimumHTTPProtocolError"
|
||||
|
||||
func newMinHTTPProtoError(major, minor int, r *request.Request) error {
|
||||
return awserr.NewRequestFailure(
|
||||
awserr.New("MinimumHTTPProtocolError",
|
||||
fmt.Sprintf(
|
||||
"operation requires minimum HTTP protocol of HTTP/%d.%d, but was %s",
|
||||
major, minor, r.HTTPResponse.Proto,
|
||||
),
|
||||
nil,
|
||||
),
|
||||
r.HTTPResponse.StatusCode, r.RequestID,
|
||||
)
|
||||
}
|
|
@ -1,7 +1,7 @@
|
|||
// Package query provides serialization of AWS query requests, and responses.
|
||||
package query
|
||||
|
||||
//go:generate go run -tags codegen ../../../models/protocol_tests/generate.go ../../../models/protocol_tests/input/query.json build_test.go
|
||||
//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/input/query.json build_test.go
|
||||
|
||||
import (
|
||||
"net/url"
|
||||
|
@ -21,7 +21,7 @@ func Build(r *request.Request) {
|
|||
"Version": {r.ClientInfo.APIVersion},
|
||||
}
|
||||
if err := queryutil.Parse(body, r.Params, false); err != nil {
|
||||
r.Error = awserr.New("SerializationError", "failed encoding Query request", err)
|
||||
r.Error = awserr.New(request.ErrCodeSerialization, "failed encoding Query request", err)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
package query
|
||||
|
||||
//go:generate go run -tags codegen ../../../models/protocol_tests/generate.go ../../../models/protocol_tests/output/query.json unmarshal_test.go
|
||||
//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/output/query.json unmarshal_test.go
|
||||
|
||||
import (
|
||||
"encoding/xml"
|
||||
|
@ -24,7 +24,7 @@ func Unmarshal(r *request.Request) {
|
|||
err := xmlutil.UnmarshalXML(r.Data, decoder, r.Operation.Name+"Result")
|
||||
if err != nil {
|
||||
r.Error = awserr.NewRequestFailure(
|
||||
awserr.New("SerializationError", "failed decoding Query response", err),
|
||||
awserr.New(request.ErrCodeSerialization, "failed decoding Query response", err),
|
||||
r.HTTPResponse.StatusCode,
|
||||
r.RequestID,
|
||||
)
|
||||
|
|
|
@ -2,73 +2,68 @@ package query
|
|||
|
||||
import (
|
||||
"encoding/xml"
|
||||
"io/ioutil"
|
||||
"fmt"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
"github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil"
|
||||
)
|
||||
|
||||
// UnmarshalErrorHandler is a name request handler to unmarshal request errors
|
||||
var UnmarshalErrorHandler = request.NamedHandler{Name: "awssdk.query.UnmarshalError", Fn: UnmarshalError}
|
||||
|
||||
type xmlErrorResponse struct {
|
||||
XMLName xml.Name `xml:"ErrorResponse"`
|
||||
Code string `xml:"Error>Code"`
|
||||
Message string `xml:"Error>Message"`
|
||||
RequestID string `xml:"RequestId"`
|
||||
}
|
||||
|
||||
type xmlServiceUnavailableResponse struct {
|
||||
XMLName xml.Name `xml:"ServiceUnavailableException"`
|
||||
type xmlResponseError struct {
|
||||
xmlErrorResponse
|
||||
}
|
||||
|
||||
// UnmarshalErrorHandler is a name request handler to unmarshal request errors
|
||||
var UnmarshalErrorHandler = request.NamedHandler{Name: "awssdk.query.UnmarshalError", Fn: UnmarshalError}
|
||||
func (e *xmlResponseError) UnmarshalXML(d *xml.Decoder, start xml.StartElement) error {
|
||||
const svcUnavailableTagName = "ServiceUnavailableException"
|
||||
const errorResponseTagName = "ErrorResponse"
|
||||
|
||||
switch start.Name.Local {
|
||||
case svcUnavailableTagName:
|
||||
e.Code = svcUnavailableTagName
|
||||
e.Message = "service is unavailable"
|
||||
return d.Skip()
|
||||
|
||||
case errorResponseTagName:
|
||||
return d.DecodeElement(&e.xmlErrorResponse, &start)
|
||||
|
||||
default:
|
||||
return fmt.Errorf("unknown error response tag, %v", start)
|
||||
}
|
||||
}
|
||||
|
||||
// UnmarshalError unmarshals an error response for an AWS Query service.
|
||||
func UnmarshalError(r *request.Request) {
|
||||
defer r.HTTPResponse.Body.Close()
|
||||
|
||||
bodyBytes, err := ioutil.ReadAll(r.HTTPResponse.Body)
|
||||
var respErr xmlResponseError
|
||||
err := xmlutil.UnmarshalXMLError(&respErr, r.HTTPResponse.Body)
|
||||
if err != nil {
|
||||
r.Error = awserr.NewRequestFailure(
|
||||
awserr.New("SerializationError", "failed to read from query HTTP response body", err),
|
||||
awserr.New(request.ErrCodeSerialization,
|
||||
"failed to unmarshal error message", err),
|
||||
r.HTTPResponse.StatusCode,
|
||||
r.RequestID,
|
||||
)
|
||||
return
|
||||
}
|
||||
|
||||
// First check for specific error
|
||||
resp := xmlErrorResponse{}
|
||||
decodeErr := xml.Unmarshal(bodyBytes, &resp)
|
||||
if decodeErr == nil {
|
||||
reqID := resp.RequestID
|
||||
if reqID == "" {
|
||||
reqID := respErr.RequestID
|
||||
if len(reqID) == 0 {
|
||||
reqID = r.RequestID
|
||||
}
|
||||
|
||||
r.Error = awserr.NewRequestFailure(
|
||||
awserr.New(resp.Code, resp.Message, nil),
|
||||
awserr.New(respErr.Code, respErr.Message, nil),
|
||||
r.HTTPResponse.StatusCode,
|
||||
reqID,
|
||||
)
|
||||
return
|
||||
}
|
||||
|
||||
// Check for unhandled error
|
||||
servUnavailResp := xmlServiceUnavailableResponse{}
|
||||
unavailErr := xml.Unmarshal(bodyBytes, &servUnavailResp)
|
||||
if unavailErr == nil {
|
||||
r.Error = awserr.NewRequestFailure(
|
||||
awserr.New("ServiceUnavailableException", "service is unavailable", nil),
|
||||
r.HTTPResponse.StatusCode,
|
||||
r.RequestID,
|
||||
)
|
||||
return
|
||||
}
|
||||
|
||||
// Failed to retrieve any error message from the response body
|
||||
r.Error = awserr.NewRequestFailure(
|
||||
awserr.New("SerializationError",
|
||||
"failed to decode query XML error response", decodeErr),
|
||||
r.HTTPResponse.StatusCode,
|
||||
r.RequestID,
|
||||
)
|
||||
}
|
||||
|
|
|
@ -25,6 +25,8 @@ var noEscape [256]bool
|
|||
|
||||
var errValueNotSet = fmt.Errorf("value not set")
|
||||
|
||||
var byteSliceType = reflect.TypeOf([]byte{})
|
||||
|
||||
func init() {
|
||||
for i := 0; i < len(noEscape); i++ {
|
||||
// AWS expects every character except these to be escaped
|
||||
|
@ -94,6 +96,14 @@ func buildLocationElements(r *request.Request, v reflect.Value, buildGETQuery bo
|
|||
continue
|
||||
}
|
||||
|
||||
// Support the ability to customize values to be marshaled as a
|
||||
// blob even though they were modeled as a string. Required for S3
|
||||
// API operations like SSECustomerKey is modeled as stirng but
|
||||
// required to be base64 encoded in request.
|
||||
if field.Tag.Get("marshal-as") == "blob" {
|
||||
m = m.Convert(byteSliceType)
|
||||
}
|
||||
|
||||
var err error
|
||||
switch field.Tag.Get("location") {
|
||||
case "headers": // header maps
|
||||
|
@ -137,7 +147,7 @@ func buildBody(r *request.Request, v reflect.Value) {
|
|||
case string:
|
||||
r.SetStringBody(reader)
|
||||
default:
|
||||
r.Error = awserr.New("SerializationError",
|
||||
r.Error = awserr.New(request.ErrCodeSerialization,
|
||||
"failed to encode REST request",
|
||||
fmt.Errorf("unknown payload type %s", payload.Type()))
|
||||
}
|
||||
|
@ -152,7 +162,7 @@ func buildHeader(header *http.Header, v reflect.Value, name string, tag reflect.
|
|||
if err == errValueNotSet {
|
||||
return nil
|
||||
} else if err != nil {
|
||||
return awserr.New("SerializationError", "failed to encode REST request", err)
|
||||
return awserr.New(request.ErrCodeSerialization, "failed to encode REST request", err)
|
||||
}
|
||||
|
||||
name = strings.TrimSpace(name)
|
||||
|
@ -170,7 +180,7 @@ func buildHeaderMap(header *http.Header, v reflect.Value, tag reflect.StructTag)
|
|||
if err == errValueNotSet {
|
||||
continue
|
||||
} else if err != nil {
|
||||
return awserr.New("SerializationError", "failed to encode REST request", err)
|
||||
return awserr.New(request.ErrCodeSerialization, "failed to encode REST request", err)
|
||||
|
||||
}
|
||||
keyStr := strings.TrimSpace(key.String())
|
||||
|
@ -186,7 +196,7 @@ func buildURI(u *url.URL, v reflect.Value, name string, tag reflect.StructTag) e
|
|||
if err == errValueNotSet {
|
||||
return nil
|
||||
} else if err != nil {
|
||||
return awserr.New("SerializationError", "failed to encode REST request", err)
|
||||
return awserr.New(request.ErrCodeSerialization, "failed to encode REST request", err)
|
||||
}
|
||||
|
||||
u.Path = strings.Replace(u.Path, "{"+name+"}", value, -1)
|
||||
|
@ -219,7 +229,7 @@ func buildQueryString(query url.Values, v reflect.Value, name string, tag reflec
|
|||
if err == errValueNotSet {
|
||||
return nil
|
||||
} else if err != nil {
|
||||
return awserr.New("SerializationError", "failed to encode REST request", err)
|
||||
return awserr.New(request.ErrCodeSerialization, "failed to encode REST request", err)
|
||||
}
|
||||
query.Set(name, str)
|
||||
}
|
||||
|
|
|
@ -15,6 +15,7 @@ import (
|
|||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
awsStrings "github.com/aws/aws-sdk-go/internal/strings"
|
||||
"github.com/aws/aws-sdk-go/private/protocol"
|
||||
)
|
||||
|
||||
|
@ -28,7 +29,9 @@ var UnmarshalMetaHandler = request.NamedHandler{Name: "awssdk.rest.UnmarshalMeta
|
|||
func Unmarshal(r *request.Request) {
|
||||
if r.DataFilled() {
|
||||
v := reflect.Indirect(reflect.ValueOf(r.Data))
|
||||
unmarshalBody(r, v)
|
||||
if err := unmarshalBody(r, v); err != nil {
|
||||
r.Error = err
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -40,12 +43,21 @@ func UnmarshalMeta(r *request.Request) {
|
|||
r.RequestID = r.HTTPResponse.Header.Get("X-Amz-Request-Id")
|
||||
}
|
||||
if r.DataFilled() {
|
||||
v := reflect.Indirect(reflect.ValueOf(r.Data))
|
||||
unmarshalLocationElements(r, v)
|
||||
if err := UnmarshalResponse(r.HTTPResponse, r.Data, aws.BoolValue(r.Config.LowerCaseHeaderMaps)); err != nil {
|
||||
r.Error = err
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func unmarshalBody(r *request.Request, v reflect.Value) {
|
||||
// UnmarshalResponse attempts to unmarshal the REST response headers to
|
||||
// the data type passed in. The type must be a pointer. An error is returned
|
||||
// with any error unmarshaling the response into the target datatype.
|
||||
func UnmarshalResponse(resp *http.Response, data interface{}, lowerCaseHeaderMaps bool) error {
|
||||
v := reflect.Indirect(reflect.ValueOf(data))
|
||||
return unmarshalLocationElements(resp, v, lowerCaseHeaderMaps)
|
||||
}
|
||||
|
||||
func unmarshalBody(r *request.Request, v reflect.Value) error {
|
||||
if field, ok := v.Type().FieldByName("_"); ok {
|
||||
if payloadName := field.Tag.Get("payload"); payloadName != "" {
|
||||
pfield, _ := v.Type().FieldByName(payloadName)
|
||||
|
@ -57,35 +69,38 @@ func unmarshalBody(r *request.Request, v reflect.Value) {
|
|||
defer r.HTTPResponse.Body.Close()
|
||||
b, err := ioutil.ReadAll(r.HTTPResponse.Body)
|
||||
if err != nil {
|
||||
r.Error = awserr.New("SerializationError", "failed to decode REST response", err)
|
||||
} else {
|
||||
payload.Set(reflect.ValueOf(b))
|
||||
return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err)
|
||||
}
|
||||
|
||||
payload.Set(reflect.ValueOf(b))
|
||||
|
||||
case *string:
|
||||
defer r.HTTPResponse.Body.Close()
|
||||
b, err := ioutil.ReadAll(r.HTTPResponse.Body)
|
||||
if err != nil {
|
||||
r.Error = awserr.New("SerializationError", "failed to decode REST response", err)
|
||||
} else {
|
||||
return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err)
|
||||
}
|
||||
|
||||
str := string(b)
|
||||
payload.Set(reflect.ValueOf(&str))
|
||||
}
|
||||
|
||||
default:
|
||||
switch payload.Type().String() {
|
||||
case "io.ReadCloser":
|
||||
payload.Set(reflect.ValueOf(r.HTTPResponse.Body))
|
||||
|
||||
case "io.ReadSeeker":
|
||||
b, err := ioutil.ReadAll(r.HTTPResponse.Body)
|
||||
if err != nil {
|
||||
r.Error = awserr.New("SerializationError",
|
||||
return awserr.New(request.ErrCodeSerialization,
|
||||
"failed to read response body", err)
|
||||
return
|
||||
}
|
||||
payload.Set(reflect.ValueOf(ioutil.NopCloser(bytes.NewReader(b))))
|
||||
|
||||
default:
|
||||
io.Copy(ioutil.Discard, r.HTTPResponse.Body)
|
||||
defer r.HTTPResponse.Body.Close()
|
||||
r.Error = awserr.New("SerializationError",
|
||||
r.HTTPResponse.Body.Close()
|
||||
return awserr.New(request.ErrCodeSerialization,
|
||||
"failed to decode REST response",
|
||||
fmt.Errorf("unknown payload type %s", payload.Type()))
|
||||
}
|
||||
|
@ -94,9 +109,11 @@ func unmarshalBody(r *request.Request, v reflect.Value) {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func unmarshalLocationElements(r *request.Request, v reflect.Value) {
|
||||
func unmarshalLocationElements(resp *http.Response, v reflect.Value, lowerCaseHeaderMaps bool) error {
|
||||
for i := 0; i < v.NumField(); i++ {
|
||||
m, field := v.Field(i), v.Type().Field(i)
|
||||
if n := field.Name; n[0:1] == strings.ToLower(n[0:1]) {
|
||||
|
@ -111,26 +128,25 @@ func unmarshalLocationElements(r *request.Request, v reflect.Value) {
|
|||
|
||||
switch field.Tag.Get("location") {
|
||||
case "statusCode":
|
||||
unmarshalStatusCode(m, r.HTTPResponse.StatusCode)
|
||||
unmarshalStatusCode(m, resp.StatusCode)
|
||||
|
||||
case "header":
|
||||
err := unmarshalHeader(m, r.HTTPResponse.Header.Get(name), field.Tag)
|
||||
err := unmarshalHeader(m, resp.Header.Get(name), field.Tag)
|
||||
if err != nil {
|
||||
r.Error = awserr.New("SerializationError", "failed to decode REST response", err)
|
||||
break
|
||||
return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err)
|
||||
}
|
||||
|
||||
case "headers":
|
||||
prefix := field.Tag.Get("locationName")
|
||||
err := unmarshalHeaderMap(m, r.HTTPResponse.Header, prefix)
|
||||
err := unmarshalHeaderMap(m, resp.Header, prefix, lowerCaseHeaderMaps)
|
||||
if err != nil {
|
||||
r.Error = awserr.New("SerializationError", "failed to decode REST response", err)
|
||||
break
|
||||
awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err)
|
||||
}
|
||||
}
|
||||
}
|
||||
if r.Error != nil {
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func unmarshalStatusCode(v reflect.Value, statusCode int) {
|
||||
|
@ -145,30 +161,46 @@ func unmarshalStatusCode(v reflect.Value, statusCode int) {
|
|||
}
|
||||
}
|
||||
|
||||
func unmarshalHeaderMap(r reflect.Value, headers http.Header, prefix string) error {
|
||||
func unmarshalHeaderMap(r reflect.Value, headers http.Header, prefix string, normalize bool) error {
|
||||
if len(headers) == 0 {
|
||||
return nil
|
||||
}
|
||||
switch r.Interface().(type) {
|
||||
case map[string]*string: // we only support string map value types
|
||||
out := map[string]*string{}
|
||||
for k, v := range headers {
|
||||
if awsStrings.HasPrefixFold(k, prefix) {
|
||||
if normalize == true {
|
||||
k = strings.ToLower(k)
|
||||
} else {
|
||||
k = http.CanonicalHeaderKey(k)
|
||||
if strings.HasPrefix(strings.ToLower(k), strings.ToLower(prefix)) {
|
||||
}
|
||||
out[k[len(prefix):]] = &v[0]
|
||||
}
|
||||
}
|
||||
if len(out) != 0 {
|
||||
r.Set(reflect.ValueOf(out))
|
||||
}
|
||||
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func unmarshalHeader(v reflect.Value, header string, tag reflect.StructTag) error {
|
||||
isJSONValue := tag.Get("type") == "jsonvalue"
|
||||
if isJSONValue {
|
||||
switch tag.Get("type") {
|
||||
case "jsonvalue":
|
||||
if len(header) == 0 {
|
||||
return nil
|
||||
}
|
||||
} else if !v.IsValid() || (header == "" && v.Elem().Kind() != reflect.String) {
|
||||
case "blob":
|
||||
if len(header) == 0 {
|
||||
return nil
|
||||
}
|
||||
default:
|
||||
if !v.IsValid() || (header == "" && v.Elem().Kind() != reflect.String) {
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
switch v.Interface().(type) {
|
||||
case *string:
|
||||
|
@ -178,7 +210,7 @@ func unmarshalHeader(v reflect.Value, header string, tag reflect.StructTag) erro
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
v.Set(reflect.ValueOf(&b))
|
||||
v.Set(reflect.ValueOf(b))
|
||||
case *bool:
|
||||
b, err := strconv.ParseBool(header)
|
||||
if err != nil {
|
||||
|
|
|
@ -1,8 +1,11 @@
|
|||
package protocol
|
||||
|
||||
import (
|
||||
"math"
|
||||
"strconv"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/internal/sdkmath"
|
||||
)
|
||||
|
||||
// Names of time formats supported by the SDK
|
||||
|
@ -13,12 +16,19 @@ const (
|
|||
)
|
||||
|
||||
// Time formats supported by the SDK
|
||||
// Output time is intended to not contain decimals
|
||||
const (
|
||||
// RFC 7231#section-7.1.1.1 timetamp format. e.g Tue, 29 Apr 2014 18:30:38 GMT
|
||||
RFC822TimeFormat = "Mon, 2 Jan 2006 15:04:05 GMT"
|
||||
|
||||
// This format is used for output time without seconds precision
|
||||
RFC822OutputTimeFormat = "Mon, 02 Jan 2006 15:04:05 GMT"
|
||||
|
||||
// RFC3339 a subset of the ISO8601 timestamp format. e.g 2014-04-29T18:30:38Z
|
||||
ISO8601TimeFormat = "2006-01-02T15:04:05Z"
|
||||
ISO8601TimeFormat = "2006-01-02T15:04:05.999999999Z"
|
||||
|
||||
// This format is used for output time with fractional second precision up to milliseconds
|
||||
ISO8601OutputTimeFormat = "2006-01-02T15:04:05.999999999Z"
|
||||
)
|
||||
|
||||
// IsKnownTimestampFormat returns if the timestamp format name
|
||||
|
@ -38,15 +48,16 @@ func IsKnownTimestampFormat(name string) bool {
|
|||
|
||||
// FormatTime returns a string value of the time.
|
||||
func FormatTime(name string, t time.Time) string {
|
||||
t = t.UTC()
|
||||
t = t.UTC().Truncate(time.Millisecond)
|
||||
|
||||
switch name {
|
||||
case RFC822TimeFormatName:
|
||||
return t.Format(RFC822TimeFormat)
|
||||
return t.Format(RFC822OutputTimeFormat)
|
||||
case ISO8601TimeFormatName:
|
||||
return t.Format(ISO8601TimeFormat)
|
||||
return t.Format(ISO8601OutputTimeFormat)
|
||||
case UnixTimeFormatName:
|
||||
return strconv.FormatInt(t.Unix(), 10)
|
||||
ms := t.UnixNano() / int64(time.Millisecond)
|
||||
return strconv.FormatFloat(float64(ms)/1e3, 'f', -1, 64)
|
||||
default:
|
||||
panic("unknown timestamp format name, " + name)
|
||||
}
|
||||
|
@ -62,10 +73,12 @@ func ParseTime(formatName, value string) (time.Time, error) {
|
|||
return time.Parse(ISO8601TimeFormat, value)
|
||||
case UnixTimeFormatName:
|
||||
v, err := strconv.ParseFloat(value, 64)
|
||||
_, dec := math.Modf(v)
|
||||
dec = sdkmath.Round(dec*1e3) / 1e3 //Rounds 0.1229999 to 0.123
|
||||
if err != nil {
|
||||
return time.Time{}, err
|
||||
}
|
||||
return time.Unix(int64(v), 0), nil
|
||||
return time.Unix(int64(v), int64(dec*(1e9))), nil
|
||||
default:
|
||||
panic("unknown timestamp format name, " + formatName)
|
||||
}
|
||||
|
|
|
@ -19,3 +19,9 @@ func UnmarshalDiscardBody(r *request.Request) {
|
|||
io.Copy(ioutil.Discard, r.HTTPResponse.Body)
|
||||
r.HTTPResponse.Body.Close()
|
||||
}
|
||||
|
||||
// ResponseMetadata provides the SDK response metadata attributes.
|
||||
type ResponseMetadata struct {
|
||||
StatusCode int
|
||||
RequestID string
|
||||
}
|
||||
|
|
65
vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal_error.go
generated
vendored
Normal file
65
vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal_error.go
generated
vendored
Normal file
|
@ -0,0 +1,65 @@
|
|||
package protocol
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
)
|
||||
|
||||
// UnmarshalErrorHandler provides unmarshaling errors API response errors for
|
||||
// both typed and untyped errors.
|
||||
type UnmarshalErrorHandler struct {
|
||||
unmarshaler ErrorUnmarshaler
|
||||
}
|
||||
|
||||
// ErrorUnmarshaler is an abstract interface for concrete implementations to
|
||||
// unmarshal protocol specific response errors.
|
||||
type ErrorUnmarshaler interface {
|
||||
UnmarshalError(*http.Response, ResponseMetadata) (error, error)
|
||||
}
|
||||
|
||||
// NewUnmarshalErrorHandler returns an UnmarshalErrorHandler
|
||||
// initialized for the set of exception names to the error unmarshalers
|
||||
func NewUnmarshalErrorHandler(unmarshaler ErrorUnmarshaler) *UnmarshalErrorHandler {
|
||||
return &UnmarshalErrorHandler{
|
||||
unmarshaler: unmarshaler,
|
||||
}
|
||||
}
|
||||
|
||||
// UnmarshalErrorHandlerName is the name of the named handler.
|
||||
const UnmarshalErrorHandlerName = "awssdk.protocol.UnmarshalError"
|
||||
|
||||
// NamedHandler returns a NamedHandler for the unmarshaler using the set of
|
||||
// errors the unmarshaler was initialized for.
|
||||
func (u *UnmarshalErrorHandler) NamedHandler() request.NamedHandler {
|
||||
return request.NamedHandler{
|
||||
Name: UnmarshalErrorHandlerName,
|
||||
Fn: u.UnmarshalError,
|
||||
}
|
||||
}
|
||||
|
||||
// UnmarshalError will attempt to unmarshal the API response's error message
|
||||
// into either a generic SDK error type, or a typed error corresponding to the
|
||||
// errors exception name.
|
||||
func (u *UnmarshalErrorHandler) UnmarshalError(r *request.Request) {
|
||||
defer r.HTTPResponse.Body.Close()
|
||||
|
||||
respMeta := ResponseMetadata{
|
||||
StatusCode: r.HTTPResponse.StatusCode,
|
||||
RequestID: r.RequestID,
|
||||
}
|
||||
|
||||
v, err := u.unmarshaler.UnmarshalError(r.HTTPResponse, respMeta)
|
||||
if err != nil {
|
||||
r.Error = awserr.NewRequestFailure(
|
||||
awserr.New(request.ErrCodeSerialization,
|
||||
"failed to unmarshal response error", err),
|
||||
respMeta.StatusCode,
|
||||
respMeta.RequestID,
|
||||
)
|
||||
return
|
||||
}
|
||||
|
||||
r.Error = v
|
||||
}
|
|
@ -8,6 +8,7 @@ import (
|
|||
"reflect"
|
||||
"sort"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/private/protocol"
|
||||
|
@ -60,6 +61,14 @@ func (b *xmlBuilder) buildValue(value reflect.Value, current *XMLNode, tag refle
|
|||
return nil
|
||||
}
|
||||
|
||||
xml := tag.Get("xml")
|
||||
if len(xml) != 0 {
|
||||
name := strings.SplitAfterN(xml, ",", 2)[0]
|
||||
if name == "-" {
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
t := tag.Get("type")
|
||||
if t == "" {
|
||||
switch value.Kind() {
|
||||
|
|
32
vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/sort.go
generated
vendored
Normal file
32
vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/sort.go
generated
vendored
Normal file
|
@ -0,0 +1,32 @@
|
|||
package xmlutil
|
||||
|
||||
import (
|
||||
"encoding/xml"
|
||||
"strings"
|
||||
)
|
||||
|
||||
type xmlAttrSlice []xml.Attr
|
||||
|
||||
func (x xmlAttrSlice) Len() int {
|
||||
return len(x)
|
||||
}
|
||||
|
||||
func (x xmlAttrSlice) Less(i, j int) bool {
|
||||
spaceI, spaceJ := x[i].Name.Space, x[j].Name.Space
|
||||
localI, localJ := x[i].Name.Local, x[j].Name.Local
|
||||
valueI, valueJ := x[i].Value, x[j].Value
|
||||
|
||||
spaceCmp := strings.Compare(spaceI, spaceJ)
|
||||
localCmp := strings.Compare(localI, localJ)
|
||||
valueCmp := strings.Compare(valueI, valueJ)
|
||||
|
||||
if spaceCmp == -1 || (spaceCmp == 0 && (localCmp == -1 || (localCmp == 0 && valueCmp == -1))) {
|
||||
return true
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
func (x xmlAttrSlice) Swap(i, j int) {
|
||||
x[i], x[j] = x[j], x[i]
|
||||
}
|
|
@ -1,6 +1,7 @@
|
|||
package xmlutil
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/base64"
|
||||
"encoding/xml"
|
||||
"fmt"
|
||||
|
@ -10,9 +11,27 @@ import (
|
|||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/private/protocol"
|
||||
)
|
||||
|
||||
// UnmarshalXMLError unmarshals the XML error from the stream into the value
|
||||
// type specified. The value must be a pointer. If the message fails to
|
||||
// unmarshal, the message content will be included in the returned error as a
|
||||
// awserr.UnmarshalError.
|
||||
func UnmarshalXMLError(v interface{}, stream io.Reader) error {
|
||||
var errBuf bytes.Buffer
|
||||
body := io.TeeReader(stream, &errBuf)
|
||||
|
||||
err := xml.NewDecoder(body).Decode(v)
|
||||
if err != nil && err != io.EOF {
|
||||
return awserr.NewUnmarshalError(err,
|
||||
"failed to unmarshal error message", errBuf.Bytes())
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// UnmarshalXML deserializes an xml.Decoder into the container v. V
|
||||
// needs to match the shape of the XML expected to be decoded.
|
||||
// If the shape doesn't match unmarshaling will fail.
|
||||
|
@ -45,6 +64,14 @@ func UnmarshalXML(v interface{}, d *xml.Decoder, wrapper string) error {
|
|||
// parse deserializes any value from the XMLNode. The type tag is used to infer the type, or reflect
|
||||
// will be used to determine the type from r.
|
||||
func parse(r reflect.Value, node *XMLNode, tag reflect.StructTag) error {
|
||||
xml := tag.Get("xml")
|
||||
if len(xml) != 0 {
|
||||
name := strings.SplitAfterN(xml, ",", 2)[0]
|
||||
if name == "-" {
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
rtype := r.Type()
|
||||
if rtype.Kind() == reflect.Ptr {
|
||||
rtype = rtype.Elem() // check kind of actual element type
|
||||
|
|
13
vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/xml_to_struct.go
generated
vendored
13
vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/xml_to_struct.go
generated
vendored
|
@ -119,7 +119,18 @@ func (n *XMLNode) findElem(name string) (string, bool) {
|
|||
|
||||
// StructToXML writes an XMLNode to a xml.Encoder as tokens.
|
||||
func StructToXML(e *xml.Encoder, node *XMLNode, sorted bool) error {
|
||||
e.EncodeToken(xml.StartElement{Name: node.Name, Attr: node.Attr})
|
||||
// Sort Attributes
|
||||
attrs := node.Attr
|
||||
if sorted {
|
||||
sortedAttrs := make([]xml.Attr, len(attrs))
|
||||
for _, k := range node.Attr {
|
||||
sortedAttrs = append(sortedAttrs, k)
|
||||
}
|
||||
sort.Sort(xmlAttrSlice(sortedAttrs))
|
||||
attrs = sortedAttrs
|
||||
}
|
||||
|
||||
e.EncodeToken(xml.StartElement{Name: node.Name, Attr: attrs})
|
||||
|
||||
if node.Text != "" {
|
||||
e.EncodeToken(xml.CharData([]byte(node.Text)))
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -10,10 +10,9 @@
|
|||
// Amazon SQS moves data between distributed application components and helps
|
||||
// you decouple these components.
|
||||
//
|
||||
// Standard queues (http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/standard-queues.html)
|
||||
// are available in all regions. FIFO queues (http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html)
|
||||
// are available in the US East (N. Virginia), US East (Ohio), US West (Oregon),
|
||||
// and EU (Ireland) regions.
|
||||
// For information on the permissions you need to use this API, see Identity
|
||||
// and access management (https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-authentication-and-access-control.html)
|
||||
// in the Amazon Simple Queue Service Developer Guide.
|
||||
//
|
||||
// You can use AWS SDKs (http://aws.amazon.com/tools/#sdk) to access Amazon
|
||||
// SQS using your favorite programming language. The SDKs perform tasks such
|
||||
|
@ -29,20 +28,13 @@
|
|||
//
|
||||
// * Amazon SQS Product Page (http://aws.amazon.com/sqs/)
|
||||
//
|
||||
// * Amazon Simple Queue Service Developer Guide
|
||||
// * Amazon Simple Queue Service Developer Guide Making API Requests (https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-making-api-requests.html)
|
||||
// Amazon SQS Message Attributes (https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-message-metadata.html#sqs-message-attributes)
|
||||
// Amazon SQS Dead-Letter Queues (https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html)
|
||||
//
|
||||
// Making API Requests (http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-making-api-requests.html)
|
||||
// * Amazon SQS in the AWS CLI Command Reference (http://docs.aws.amazon.com/cli/latest/reference/sqs/index.html)
|
||||
//
|
||||
// Amazon SQS Message Attributes (http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-message-attributes.html)
|
||||
//
|
||||
// Amazon SQS Dead-Letter Queues (http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html)
|
||||
//
|
||||
// * Amazon SQS in the (http://docs.aws.amazon.com/cli/latest/reference/sqs/index.html)AWS
|
||||
// CLI Command Reference
|
||||
//
|
||||
// * Amazon Web Services General Reference
|
||||
//
|
||||
// Regions and Endpoints (http://docs.aws.amazon.com/general/latest/gr/rande.html#sqs_region)
|
||||
// * Amazon Web Services General Reference Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#sqs_region)
|
||||
//
|
||||
// See https://docs.aws.amazon.com/goto/WebAPI/sqs-2012-11-05 for more information on this service.
|
||||
//
|
||||
|
|
|
@ -31,7 +31,7 @@ var initRequest func(*request.Request)
|
|||
const (
|
||||
ServiceName = "sqs" // Name of service.
|
||||
EndpointsID = ServiceName // ID to lookup a service endpoint with.
|
||||
ServiceID = "SQS" // ServiceID is a unique identifer of a specific service.
|
||||
ServiceID = "SQS" // ServiceID is a unique identifier of a specific service.
|
||||
)
|
||||
|
||||
// New creates a new instance of the SQS client with a session.
|
||||
|
@ -39,6 +39,8 @@ const (
|
|||
// aws.Config parameter to add your extra config.
|
||||
//
|
||||
// Example:
|
||||
// mySession := session.Must(session.NewSession())
|
||||
//
|
||||
// // Create a SQS client from just a session.
|
||||
// svc := sqs.New(mySession)
|
||||
//
|
||||
|
@ -46,11 +48,11 @@ const (
|
|||
// svc := sqs.New(mySession, aws.NewConfig().WithRegion("us-west-2"))
|
||||
func New(p client.ConfigProvider, cfgs ...*aws.Config) *SQS {
|
||||
c := p.ClientConfig(EndpointsID, cfgs...)
|
||||
return newClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion, c.SigningName)
|
||||
return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName)
|
||||
}
|
||||
|
||||
// newClient creates, initializes and returns a new service client instance.
|
||||
func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegion, signingName string) *SQS {
|
||||
func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName string) *SQS {
|
||||
svc := &SQS{
|
||||
Client: client.New(
|
||||
cfg,
|
||||
|
@ -59,6 +61,7 @@ func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio
|
|||
ServiceID: ServiceID,
|
||||
SigningName: signingName,
|
||||
SigningRegion: signingRegion,
|
||||
PartitionID: partitionID,
|
||||
Endpoint: endpoint,
|
||||
APIVersion: "2012-11-05",
|
||||
},
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,11 @@
|
|||
package sts
|
||||
|
||||
import "github.com/aws/aws-sdk-go/aws/request"
|
||||
|
||||
func init() {
|
||||
initRequest = customizeRequest
|
||||
}
|
||||
|
||||
func customizeRequest(r *request.Request) {
|
||||
r.RetryErrorCodes = append(r.RetryErrorCodes, ErrCodeIDPCommunicationErrorException)
|
||||
}
|
|
@ -7,22 +7,14 @@
|
|||
// request temporary, limited-privilege credentials for AWS Identity and Access
|
||||
// Management (IAM) users or for users that you authenticate (federated users).
|
||||
// This guide provides descriptions of the STS API. For more detailed information
|
||||
// about using this service, go to Temporary Security Credentials (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html).
|
||||
//
|
||||
// As an alternative to using the API, you can use one of the AWS SDKs, which
|
||||
// consist of libraries and sample code for various programming languages and
|
||||
// platforms (Java, Ruby, .NET, iOS, Android, etc.). The SDKs provide a convenient
|
||||
// way to create programmatic access to STS. For example, the SDKs take care
|
||||
// of cryptographically signing requests, managing errors, and retrying requests
|
||||
// automatically. For information about the AWS SDKs, including how to download
|
||||
// and install them, see the Tools for Amazon Web Services page (http://aws.amazon.com/tools/).
|
||||
// about using this service, go to Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html).
|
||||
//
|
||||
// For information about setting up signatures and authorization through the
|
||||
// API, go to Signing AWS API Requests (http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html)
|
||||
// API, go to Signing AWS API Requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html)
|
||||
// in the AWS General Reference. For general information about the Query API,
|
||||
// go to Making Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html)
|
||||
// go to Making Query Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html)
|
||||
// in Using IAM. For information about using security tokens with other AWS
|
||||
// products, go to AWS Services That Work with IAM (http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html)
|
||||
// products, go to AWS Services That Work with IAM (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// If you're new to AWS and need additional technical information about a specific
|
||||
|
@ -31,14 +23,38 @@
|
|||
//
|
||||
// Endpoints
|
||||
//
|
||||
// The AWS Security Token Service (STS) has a default endpoint of https://sts.amazonaws.com
|
||||
// that maps to the US East (N. Virginia) region. Additional regions are available
|
||||
// and are activated by default. For more information, see Activating and Deactivating
|
||||
// AWS STS in an AWS Region (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
|
||||
// By default, AWS Security Token Service (STS) is available as a global service,
|
||||
// and all AWS STS requests go to a single endpoint at https://sts.amazonaws.com.
|
||||
// Global requests map to the US East (N. Virginia) region. AWS recommends using
|
||||
// Regional AWS STS endpoints instead of the global endpoint to reduce latency,
|
||||
// build in redundancy, and increase session token validity. For more information,
|
||||
// see Managing AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// For information about STS endpoints, see Regions and Endpoints (http://docs.aws.amazon.com/general/latest/gr/rande.html#sts_region)
|
||||
// in the AWS General Reference.
|
||||
// Most AWS Regions are enabled for operations in all AWS services by default.
|
||||
// Those Regions are automatically activated for use with AWS STS. Some Regions,
|
||||
// such as Asia Pacific (Hong Kong), must be manually enabled. To learn more
|
||||
// about enabling and disabling AWS Regions, see Managing AWS Regions (https://docs.aws.amazon.com/general/latest/gr/rande-manage.html)
|
||||
// in the AWS General Reference. When you enable these AWS Regions, they are
|
||||
// automatically activated for use with AWS STS. You cannot activate the STS
|
||||
// endpoint for a Region that is disabled. Tokens that are valid in all AWS
|
||||
// Regions are longer than tokens that are valid in Regions that are enabled
|
||||
// by default. Changing this setting might affect existing systems where you
|
||||
// temporarily store tokens. For more information, see Managing Global Endpoint
|
||||
// Session Tokens (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html#sts-regions-manage-tokens)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// After you activate a Region for use with AWS STS, you can direct AWS STS
|
||||
// API calls to that Region. AWS STS recommends that you provide both the Region
|
||||
// and endpoint when you make calls to a Regional endpoint. You can provide
|
||||
// the Region alone for manually enabled Regions, such as Asia Pacific (Hong
|
||||
// Kong). In this case, the calls are directed to the STS Regional endpoint.
|
||||
// However, if you provide the Region alone for Regions enabled by default,
|
||||
// the calls are directed to the global endpoint of https://sts.amazonaws.com.
|
||||
//
|
||||
// To view the list of AWS STS endpoints and whether they are active by default,
|
||||
// see Writing Code to Use AWS STS Regions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html#id_credentials_temp_enable-regions_writing_code)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// Recording API requests
|
||||
//
|
||||
|
@ -46,8 +62,28 @@
|
|||
// your AWS account and delivers log files to an Amazon S3 bucket. By using
|
||||
// information collected by CloudTrail, you can determine what requests were
|
||||
// successfully made to STS, who made the request, when it was made, and so
|
||||
// on. To learn more about CloudTrail, including how to turn it on and find
|
||||
// your log files, see the AWS CloudTrail User Guide (http://docs.aws.amazon.com/awscloudtrail/latest/userguide/what_is_cloud_trail_top_level.html).
|
||||
// on.
|
||||
//
|
||||
// If you activate AWS STS endpoints in Regions other than the default global
|
||||
// endpoint, then you must also turn on CloudTrail logging in those Regions.
|
||||
// This is necessary to record any AWS STS API calls that are made in those
|
||||
// Regions. For more information, see Turning On CloudTrail in Additional Regions
|
||||
// (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/aggregating_logs_regions_turn_on_ct.html)
|
||||
// in the AWS CloudTrail User Guide.
|
||||
//
|
||||
// AWS Security Token Service (STS) is a global service with a single endpoint
|
||||
// at https://sts.amazonaws.com. Calls to this endpoint are logged as calls
|
||||
// to a global service. However, because this endpoint is physically located
|
||||
// in the US East (N. Virginia) Region, your logs list us-east-1 as the event
|
||||
// Region. CloudTrail does not write these logs to the US East (Ohio) Region
|
||||
// unless you choose to include global service logs in that Region. CloudTrail
|
||||
// writes calls to all Regional endpoints to their respective Regions. For example,
|
||||
// calls to sts.us-east-2.amazonaws.com are published to the US East (Ohio)
|
||||
// Region and calls to sts.eu-central-1.amazonaws.com are published to the EU
|
||||
// (Frankfurt) Region.
|
||||
//
|
||||
// To learn more about CloudTrail, including how to turn it on and find your
|
||||
// log files, see the AWS CloudTrail User Guide (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/what_is_cloud_trail_top_level.html).
|
||||
//
|
||||
// See https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15 for more information on this service.
|
||||
//
|
||||
|
|
|
@ -14,11 +14,11 @@ const (
|
|||
// ErrCodeIDPCommunicationErrorException for service response error code
|
||||
// "IDPCommunicationError".
|
||||
//
|
||||
// The request could not be fulfilled because the non-AWS identity provider
|
||||
// (IDP) that was asked to verify the incoming identity token could not be reached.
|
||||
// This is often a transient error caused by network conditions. Retry the request
|
||||
// The request could not be fulfilled because the identity provider (IDP) that
|
||||
// was asked to verify the incoming identity token could not be reached. This
|
||||
// is often a transient error caused by network conditions. Retry the request
|
||||
// a limited number of times so that you don't exceed the request rate. If the
|
||||
// error persists, the non-AWS identity provider might be down or not responding.
|
||||
// error persists, the identity provider might be down or not responding.
|
||||
ErrCodeIDPCommunicationErrorException = "IDPCommunicationError"
|
||||
|
||||
// ErrCodeIDPRejectedClaimException for service response error code
|
||||
|
@ -56,9 +56,18 @@ const (
|
|||
// ErrCodePackedPolicyTooLargeException for service response error code
|
||||
// "PackedPolicyTooLarge".
|
||||
//
|
||||
// The request was rejected because the policy document was too large. The error
|
||||
// message describes how big the policy document is, in packed form, as a percentage
|
||||
// of what the API allows.
|
||||
// The request was rejected because the total packed size of the session policies
|
||||
// and session tags combined was too large. An AWS conversion compresses the
|
||||
// session policy document, session policy ARNs, and session tags into a packed
|
||||
// binary format that has a separate limit. The error message indicates by percentage
|
||||
// how close the policies and tags are to the upper size limit. For more information,
|
||||
// see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html)
|
||||
// in the IAM User Guide.
|
||||
//
|
||||
// You could receive this error even though you meet other defined session policy
|
||||
// and session tag limits. For more information, see IAM and STS Entity Character
|
||||
// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
|
||||
// in the IAM User Guide.
|
||||
ErrCodePackedPolicyTooLargeException = "PackedPolicyTooLarge"
|
||||
|
||||
// ErrCodeRegionDisabledException for service response error code
|
||||
|
@ -67,7 +76,7 @@ const (
|
|||
// STS is not activated in the requested region for the account that is being
|
||||
// asked to generate credentials. The account administrator must use the IAM
|
||||
// console to activate STS in that region. For more information, see Activating
|
||||
// and Deactivating AWS STS in an AWS Region (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
|
||||
// and Deactivating AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
|
||||
// in the IAM User Guide.
|
||||
ErrCodeRegionDisabledException = "RegionDisabledException"
|
||||
)
|
||||
|
|
|
@ -31,7 +31,7 @@ var initRequest func(*request.Request)
|
|||
const (
|
||||
ServiceName = "sts" // Name of service.
|
||||
EndpointsID = ServiceName // ID to lookup a service endpoint with.
|
||||
ServiceID = "STS" // ServiceID is a unique identifer of a specific service.
|
||||
ServiceID = "STS" // ServiceID is a unique identifier of a specific service.
|
||||
)
|
||||
|
||||
// New creates a new instance of the STS client with a session.
|
||||
|
@ -39,6 +39,8 @@ const (
|
|||
// aws.Config parameter to add your extra config.
|
||||
//
|
||||
// Example:
|
||||
// mySession := session.Must(session.NewSession())
|
||||
//
|
||||
// // Create a STS client from just a session.
|
||||
// svc := sts.New(mySession)
|
||||
//
|
||||
|
@ -46,11 +48,11 @@ const (
|
|||
// svc := sts.New(mySession, aws.NewConfig().WithRegion("us-west-2"))
|
||||
func New(p client.ConfigProvider, cfgs ...*aws.Config) *STS {
|
||||
c := p.ClientConfig(EndpointsID, cfgs...)
|
||||
return newClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion, c.SigningName)
|
||||
return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName)
|
||||
}
|
||||
|
||||
// newClient creates, initializes and returns a new service client instance.
|
||||
func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegion, signingName string) *STS {
|
||||
func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName string) *STS {
|
||||
svc := &STS{
|
||||
Client: client.New(
|
||||
cfg,
|
||||
|
@ -59,6 +61,7 @@ func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio
|
|||
ServiceID: ServiceID,
|
||||
SigningName: signingName,
|
||||
SigningRegion: signingRegion,
|
||||
PartitionID: partitionID,
|
||||
Endpoint: endpoint,
|
||||
APIVersion: "2011-06-15",
|
||||
},
|
||||
|
|
96
vendor/github.com/aws/aws-sdk-go/service/sts/stsiface/interface.go
generated
vendored
Normal file
96
vendor/github.com/aws/aws-sdk-go/service/sts/stsiface/interface.go
generated
vendored
Normal file
|
@ -0,0 +1,96 @@
|
|||
// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
|
||||
|
||||
// Package stsiface provides an interface to enable mocking the AWS Security Token Service service client
|
||||
// for testing your code.
|
||||
//
|
||||
// It is important to note that this interface will have breaking changes
|
||||
// when the service model is updated and adds new API operations, paginators,
|
||||
// and waiters.
|
||||
package stsiface
|
||||
|
||||
import (
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
"github.com/aws/aws-sdk-go/service/sts"
|
||||
)
|
||||
|
||||
// STSAPI provides an interface to enable mocking the
|
||||
// sts.STS service client's API operation,
|
||||
// paginators, and waiters. This make unit testing your code that calls out
|
||||
// to the SDK's service client's calls easier.
|
||||
//
|
||||
// The best way to use this interface is so the SDK's service client's calls
|
||||
// can be stubbed out for unit testing your code with the SDK without needing
|
||||
// to inject custom request handlers into the SDK's request pipeline.
|
||||
//
|
||||
// // myFunc uses an SDK service client to make a request to
|
||||
// // AWS Security Token Service.
|
||||
// func myFunc(svc stsiface.STSAPI) bool {
|
||||
// // Make svc.AssumeRole request
|
||||
// }
|
||||
//
|
||||
// func main() {
|
||||
// sess := session.New()
|
||||
// svc := sts.New(sess)
|
||||
//
|
||||
// myFunc(svc)
|
||||
// }
|
||||
//
|
||||
// In your _test.go file:
|
||||
//
|
||||
// // Define a mock struct to be used in your unit tests of myFunc.
|
||||
// type mockSTSClient struct {
|
||||
// stsiface.STSAPI
|
||||
// }
|
||||
// func (m *mockSTSClient) AssumeRole(input *sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error) {
|
||||
// // mock response/functionality
|
||||
// }
|
||||
//
|
||||
// func TestMyFunc(t *testing.T) {
|
||||
// // Setup Test
|
||||
// mockSvc := &mockSTSClient{}
|
||||
//
|
||||
// myfunc(mockSvc)
|
||||
//
|
||||
// // Verify myFunc's functionality
|
||||
// }
|
||||
//
|
||||
// It is important to note that this interface will have breaking changes
|
||||
// when the service model is updated and adds new API operations, paginators,
|
||||
// and waiters. Its suggested to use the pattern above for testing, or using
|
||||
// tooling to generate mocks to satisfy the interfaces.
|
||||
type STSAPI interface {
|
||||
AssumeRole(*sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error)
|
||||
AssumeRoleWithContext(aws.Context, *sts.AssumeRoleInput, ...request.Option) (*sts.AssumeRoleOutput, error)
|
||||
AssumeRoleRequest(*sts.AssumeRoleInput) (*request.Request, *sts.AssumeRoleOutput)
|
||||
|
||||
AssumeRoleWithSAML(*sts.AssumeRoleWithSAMLInput) (*sts.AssumeRoleWithSAMLOutput, error)
|
||||
AssumeRoleWithSAMLWithContext(aws.Context, *sts.AssumeRoleWithSAMLInput, ...request.Option) (*sts.AssumeRoleWithSAMLOutput, error)
|
||||
AssumeRoleWithSAMLRequest(*sts.AssumeRoleWithSAMLInput) (*request.Request, *sts.AssumeRoleWithSAMLOutput)
|
||||
|
||||
AssumeRoleWithWebIdentity(*sts.AssumeRoleWithWebIdentityInput) (*sts.AssumeRoleWithWebIdentityOutput, error)
|
||||
AssumeRoleWithWebIdentityWithContext(aws.Context, *sts.AssumeRoleWithWebIdentityInput, ...request.Option) (*sts.AssumeRoleWithWebIdentityOutput, error)
|
||||
AssumeRoleWithWebIdentityRequest(*sts.AssumeRoleWithWebIdentityInput) (*request.Request, *sts.AssumeRoleWithWebIdentityOutput)
|
||||
|
||||
DecodeAuthorizationMessage(*sts.DecodeAuthorizationMessageInput) (*sts.DecodeAuthorizationMessageOutput, error)
|
||||
DecodeAuthorizationMessageWithContext(aws.Context, *sts.DecodeAuthorizationMessageInput, ...request.Option) (*sts.DecodeAuthorizationMessageOutput, error)
|
||||
DecodeAuthorizationMessageRequest(*sts.DecodeAuthorizationMessageInput) (*request.Request, *sts.DecodeAuthorizationMessageOutput)
|
||||
|
||||
GetAccessKeyInfo(*sts.GetAccessKeyInfoInput) (*sts.GetAccessKeyInfoOutput, error)
|
||||
GetAccessKeyInfoWithContext(aws.Context, *sts.GetAccessKeyInfoInput, ...request.Option) (*sts.GetAccessKeyInfoOutput, error)
|
||||
GetAccessKeyInfoRequest(*sts.GetAccessKeyInfoInput) (*request.Request, *sts.GetAccessKeyInfoOutput)
|
||||
|
||||
GetCallerIdentity(*sts.GetCallerIdentityInput) (*sts.GetCallerIdentityOutput, error)
|
||||
GetCallerIdentityWithContext(aws.Context, *sts.GetCallerIdentityInput, ...request.Option) (*sts.GetCallerIdentityOutput, error)
|
||||
GetCallerIdentityRequest(*sts.GetCallerIdentityInput) (*request.Request, *sts.GetCallerIdentityOutput)
|
||||
|
||||
GetFederationToken(*sts.GetFederationTokenInput) (*sts.GetFederationTokenOutput, error)
|
||||
GetFederationTokenWithContext(aws.Context, *sts.GetFederationTokenInput, ...request.Option) (*sts.GetFederationTokenOutput, error)
|
||||
GetFederationTokenRequest(*sts.GetFederationTokenInput) (*request.Request, *sts.GetFederationTokenOutput)
|
||||
|
||||
GetSessionToken(*sts.GetSessionTokenInput) (*sts.GetSessionTokenOutput, error)
|
||||
GetSessionTokenWithContext(aws.Context, *sts.GetSessionTokenInput, ...request.Option) (*sts.GetSessionTokenOutput, error)
|
||||
GetSessionTokenRequest(*sts.GetSessionTokenInput) (*request.Request, *sts.GetSessionTokenOutput)
|
||||
}
|
||||
|
||||
var _ STSAPI = (*sts.STS)(nil)
|
|
@ -1,3 +1,7 @@
|
|||
|
||||
[![GoDoc](https://godoc.org/github.com/eclipse/paho.mqtt.golang?status.svg)](https://godoc.org/github.com/eclipse/paho.mqtt.golang)
|
||||
[![Go Report Card](https://goreportcard.com/badge/github.com/eclipse/paho.mqtt.golang)](https://goreportcard.com/report/github.com/eclipse/paho.mqtt.golang)
|
||||
|
||||
Eclipse Paho MQTT Go client
|
||||
===========================
|
||||
|
||||
|
|
|
@ -12,6 +12,8 @@
|
|||
* Mike Robertson
|
||||
*/
|
||||
|
||||
// Portions copyright © 2018 TIBCO Software Inc.
|
||||
|
||||
// Package mqtt provides an MQTT v3.1.1 client library.
|
||||
package mqtt
|
||||
|
||||
|
@ -19,6 +21,7 @@ import (
|
|||
"errors"
|
||||
"fmt"
|
||||
"net"
|
||||
"strings"
|
||||
"sync"
|
||||
"sync/atomic"
|
||||
"time"
|
||||
|
@ -52,18 +55,50 @@ const (
|
|||
// Numerous connection options may be specified by configuring a
|
||||
// and then supplying a ClientOptions type.
|
||||
type Client interface {
|
||||
// IsConnected returns a bool signifying whether
|
||||
// the client is connected or not.
|
||||
IsConnected() bool
|
||||
// IsConnectionOpen return a bool signifying wether the client has an active
|
||||
// connection to mqtt broker, i.e not in disconnected or reconnect mode
|
||||
IsConnectionOpen() bool
|
||||
// Connect will create a connection to the message broker, by default
|
||||
// it will attempt to connect at v3.1.1 and auto retry at v3.1 if that
|
||||
// fails
|
||||
Connect() Token
|
||||
// Disconnect will end the connection with the server, but not before waiting
|
||||
// the specified number of milliseconds to wait for existing work to be
|
||||
// completed.
|
||||
Disconnect(quiesce uint)
|
||||
// Publish will publish a message with the specified QoS and content
|
||||
// to the specified topic.
|
||||
// Returns a token to track delivery of the message to the broker
|
||||
Publish(topic string, qos byte, retained bool, payload interface{}) Token
|
||||
// Subscribe starts a new subscription. Provide a MessageHandler to be executed when
|
||||
// a message is published on the topic provided, or nil for the default handler
|
||||
Subscribe(topic string, qos byte, callback MessageHandler) Token
|
||||
// SubscribeMultiple starts a new subscription for multiple topics. Provide a MessageHandler to
|
||||
// be executed when a message is published on one of the topics provided, or nil for the
|
||||
// default handler
|
||||
SubscribeMultiple(filters map[string]byte, callback MessageHandler) Token
|
||||
// Unsubscribe will end the subscription from each of the topics provided.
|
||||
// Messages published to those topics from other clients will no longer be
|
||||
// received.
|
||||
Unsubscribe(topics ...string) Token
|
||||
// AddRoute allows you to add a handler for messages on a specific topic
|
||||
// without making a subscription. For example having a different handler
|
||||
// for parts of a wildcard subscription
|
||||
AddRoute(topic string, callback MessageHandler)
|
||||
// OptionsReader returns a ClientOptionsReader which is a copy of the clientoptions
|
||||
// in use by the client.
|
||||
OptionsReader() ClientOptionsReader
|
||||
}
|
||||
|
||||
// client implements the Client interface
|
||||
type client struct {
|
||||
lastSent atomic.Value
|
||||
lastReceived atomic.Value
|
||||
pingOutstanding int32
|
||||
status uint32
|
||||
sync.RWMutex
|
||||
messageIds
|
||||
conn net.Conn
|
||||
|
@ -77,10 +112,6 @@ type client struct {
|
|||
stop chan struct{}
|
||||
persist Store
|
||||
options ClientOptions
|
||||
pingResp *sync.Cond
|
||||
packetResp *sync.Cond
|
||||
keepaliveReset *sync.Cond
|
||||
status uint32
|
||||
workers sync.WaitGroup
|
||||
}
|
||||
|
||||
|
@ -98,13 +129,15 @@ func NewClient(o *ClientOptions) Client {
|
|||
switch c.options.ProtocolVersion {
|
||||
case 3, 4:
|
||||
c.options.protocolVersionExplicit = true
|
||||
case 0x83, 0x84:
|
||||
c.options.protocolVersionExplicit = true
|
||||
default:
|
||||
c.options.ProtocolVersion = 4
|
||||
c.options.protocolVersionExplicit = false
|
||||
}
|
||||
c.persist = c.options.Store
|
||||
c.status = disconnected
|
||||
c.messageIds = messageIds{index: make(map[uint16]Token)}
|
||||
c.messageIds = messageIds{index: make(map[uint16]tokenCompletor)}
|
||||
c.msgRouter, c.stopRouter = newRouter()
|
||||
c.msgRouter.setDefaultHandler(c.options.DefaultPublishHandler)
|
||||
if !c.options.AutoReconnect {
|
||||
|
@ -113,6 +146,9 @@ func NewClient(o *ClientOptions) Client {
|
|||
return c
|
||||
}
|
||||
|
||||
// AddRoute allows you to add a handler for messages on a specific topic
|
||||
// without making a subscription. For example having a different handler
|
||||
// for parts of a wildcard subscription
|
||||
func (c *client) AddRoute(topic string, callback MessageHandler) {
|
||||
if callback != nil {
|
||||
c.msgRouter.addRoute(topic, callback)
|
||||
|
@ -128,7 +164,21 @@ func (c *client) IsConnected() bool {
|
|||
switch {
|
||||
case status == connected:
|
||||
return true
|
||||
case c.options.AutoReconnect && status > disconnected:
|
||||
case c.options.AutoReconnect && status > connecting:
|
||||
return true
|
||||
default:
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
// IsConnectionOpen return a bool signifying whether the client has an active
|
||||
// connection to mqtt broker, i.e not in disconnected or reconnect mode
|
||||
func (c *client) IsConnectionOpen() bool {
|
||||
c.RLock()
|
||||
defer c.RUnlock()
|
||||
status := atomic.LoadUint32(&c.status)
|
||||
switch {
|
||||
case status == connected:
|
||||
return true
|
||||
default:
|
||||
return false
|
||||
|
@ -152,30 +202,39 @@ func (c *client) setConnected(status uint32) {
|
|||
//made when the client is not connected to a broker
|
||||
var ErrNotConnected = errors.New("Not Connected")
|
||||
|
||||
// Connect will create a connection to the message broker
|
||||
// If clean session is false, then a slice will
|
||||
// be returned containing Receipts for all messages
|
||||
// that were in-flight at the last disconnect.
|
||||
// If clean session is true, then any existing client
|
||||
// state will be removed.
|
||||
// Connect will create a connection to the message broker, by default
|
||||
// it will attempt to connect at v3.1.1 and auto retry at v3.1 if that
|
||||
// fails
|
||||
func (c *client) Connect() Token {
|
||||
var err error
|
||||
t := newToken(packets.Connect).(*ConnectToken)
|
||||
DEBUG.Println(CLI, "Connect()")
|
||||
|
||||
c.obound = make(chan *PacketAndToken, c.options.MessageChannelDepth)
|
||||
c.oboundP = make(chan *PacketAndToken, c.options.MessageChannelDepth)
|
||||
c.ibound = make(chan packets.ControlPacket)
|
||||
|
||||
go func() {
|
||||
c.persist.Open()
|
||||
|
||||
c.setConnected(connecting)
|
||||
c.errors = make(chan error, 1)
|
||||
c.stop = make(chan struct{})
|
||||
|
||||
var rc byte
|
||||
cm := newConnectMsgFromOptions(&c.options)
|
||||
protocolVersion := c.options.ProtocolVersion
|
||||
|
||||
if len(c.options.Servers) == 0 {
|
||||
t.setError(fmt.Errorf("No servers defined to connect to"))
|
||||
return
|
||||
}
|
||||
|
||||
for _, broker := range c.options.Servers {
|
||||
cm := newConnectMsgFromOptions(&c.options, broker)
|
||||
c.options.ProtocolVersion = protocolVersion
|
||||
CONN:
|
||||
DEBUG.Println(CLI, "about to write new connect msg")
|
||||
c.conn, err = openConnection(broker, &c.options.TLSConfig, c.options.ConnectTimeout)
|
||||
c.conn, err = openConnection(broker, c.options.TLSConfig, c.options.ConnectTimeout, c.options.HTTPHeaders)
|
||||
if err == nil {
|
||||
DEBUG.Println(CLI, "socket connected to broker")
|
||||
switch c.options.ProtocolVersion {
|
||||
|
@ -183,6 +242,14 @@ func (c *client) Connect() Token {
|
|||
DEBUG.Println(CLI, "Using MQTT 3.1 protocol")
|
||||
cm.ProtocolName = "MQIsdp"
|
||||
cm.ProtocolVersion = 3
|
||||
case 0x83:
|
||||
DEBUG.Println(CLI, "Using MQTT 3.1b protocol")
|
||||
cm.ProtocolName = "MQIsdp"
|
||||
cm.ProtocolVersion = 0x83
|
||||
case 0x84:
|
||||
DEBUG.Println(CLI, "Using MQTT 3.1.1b protocol")
|
||||
cm.ProtocolName = "MQTT"
|
||||
cm.ProtocolVersion = 0x84
|
||||
default:
|
||||
DEBUG.Println(CLI, "Using MQTT 3.1.1 protocol")
|
||||
c.options.ProtocolVersion = 4
|
||||
|
@ -191,7 +258,7 @@ func (c *client) Connect() Token {
|
|||
}
|
||||
cm.Write(c.conn)
|
||||
|
||||
rc = c.connect()
|
||||
rc, t.sessionPresent = c.connect()
|
||||
if rc != packets.Accepted {
|
||||
if c.conn != nil {
|
||||
c.conn.Close()
|
||||
|
@ -218,30 +285,23 @@ func (c *client) Connect() Token {
|
|||
|
||||
if c.conn == nil {
|
||||
ERROR.Println(CLI, "Failed to connect to a broker")
|
||||
t.returnCode = rc
|
||||
if rc != packets.ErrNetworkError {
|
||||
t.err = packets.ConnErrors[rc]
|
||||
} else {
|
||||
t.err = fmt.Errorf("%s : %s", packets.ConnErrors[rc], err)
|
||||
}
|
||||
c.setConnected(disconnected)
|
||||
c.persist.Close()
|
||||
t.flowComplete()
|
||||
t.returnCode = rc
|
||||
if rc != packets.ErrNetworkError {
|
||||
t.setError(packets.ConnErrors[rc])
|
||||
} else {
|
||||
t.setError(fmt.Errorf("%s : %s", packets.ConnErrors[rc], err))
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
c.options.protocolVersionExplicit = true
|
||||
|
||||
c.obound = make(chan *PacketAndToken, c.options.MessageChannelDepth)
|
||||
c.oboundP = make(chan *PacketAndToken, c.options.MessageChannelDepth)
|
||||
c.ibound = make(chan packets.ControlPacket)
|
||||
c.errors = make(chan error, 1)
|
||||
c.stop = make(chan struct{})
|
||||
c.pingResp = sync.NewCond(&sync.Mutex{})
|
||||
c.packetResp = sync.NewCond(&sync.Mutex{})
|
||||
c.keepaliveReset = sync.NewCond(&sync.Mutex{})
|
||||
|
||||
if c.options.KeepAlive != 0 {
|
||||
atomic.StoreInt32(&c.pingOutstanding, 0)
|
||||
c.lastReceived.Store(time.Now())
|
||||
c.lastSent.Store(time.Now())
|
||||
c.workers.Add(1)
|
||||
go keepalive(c)
|
||||
}
|
||||
|
@ -255,22 +315,19 @@ func (c *client) Connect() Token {
|
|||
go c.options.OnConnect(c)
|
||||
}
|
||||
|
||||
// Take care of any messages in the store
|
||||
//var leftovers []Receipt
|
||||
if c.options.CleanSession == false {
|
||||
//leftovers = c.resume()
|
||||
} else {
|
||||
c.persist.Reset()
|
||||
}
|
||||
|
||||
c.workers.Add(4)
|
||||
go errorWatch(c)
|
||||
|
||||
// Do not start incoming until resume has completed
|
||||
c.workers.Add(3)
|
||||
go alllogic(c)
|
||||
go outgoing(c)
|
||||
go incoming(c)
|
||||
|
||||
// Take care of any messages in the store
|
||||
if c.options.CleanSession == false {
|
||||
c.resume(c.options.ResumeSubs)
|
||||
} else {
|
||||
c.persist.Reset()
|
||||
}
|
||||
|
||||
DEBUG.Println(CLI, "exit startClient")
|
||||
t.flowComplete()
|
||||
}()
|
||||
|
@ -287,15 +344,24 @@ func (c *client) reconnect() {
|
|||
sleep = time.Duration(1 * time.Second)
|
||||
)
|
||||
|
||||
for rc != 0 && c.status != disconnected {
|
||||
cm := newConnectMsgFromOptions(&c.options)
|
||||
|
||||
for rc != 0 && atomic.LoadUint32(&c.status) != disconnected {
|
||||
for _, broker := range c.options.Servers {
|
||||
cm := newConnectMsgFromOptions(&c.options, broker)
|
||||
DEBUG.Println(CLI, "about to write new connect msg")
|
||||
c.conn, err = openConnection(broker, &c.options.TLSConfig, c.options.ConnectTimeout)
|
||||
c.Lock()
|
||||
c.conn, err = openConnection(broker, c.options.TLSConfig, c.options.ConnectTimeout, c.options.HTTPHeaders)
|
||||
c.Unlock()
|
||||
if err == nil {
|
||||
DEBUG.Println(CLI, "socket connected to broker")
|
||||
switch c.options.ProtocolVersion {
|
||||
case 0x83:
|
||||
DEBUG.Println(CLI, "Using MQTT 3.1b protocol")
|
||||
cm.ProtocolName = "MQIsdp"
|
||||
cm.ProtocolVersion = 0x83
|
||||
case 0x84:
|
||||
DEBUG.Println(CLI, "Using MQTT 3.1.1b protocol")
|
||||
cm.ProtocolName = "MQTT"
|
||||
cm.ProtocolVersion = 0x84
|
||||
case 3:
|
||||
DEBUG.Println(CLI, "Using MQTT 3.1 protocol")
|
||||
cm.ProtocolName = "MQIsdp"
|
||||
|
@ -307,7 +373,7 @@ func (c *client) reconnect() {
|
|||
}
|
||||
cm.Write(c.conn)
|
||||
|
||||
rc = c.connect()
|
||||
rc, _ = c.connect()
|
||||
if rc != packets.Accepted {
|
||||
c.conn.Close()
|
||||
c.conn = nil
|
||||
|
@ -342,52 +408,56 @@ func (c *client) reconnect() {
|
|||
return
|
||||
}
|
||||
|
||||
c.stop = make(chan struct{})
|
||||
|
||||
if c.options.KeepAlive != 0 {
|
||||
atomic.StoreInt32(&c.pingOutstanding, 0)
|
||||
c.lastReceived.Store(time.Now())
|
||||
c.lastSent.Store(time.Now())
|
||||
c.workers.Add(1)
|
||||
go keepalive(c)
|
||||
}
|
||||
|
||||
c.stop = make(chan struct{})
|
||||
|
||||
c.setConnected(connected)
|
||||
DEBUG.Println(CLI, "client is reconnected")
|
||||
if c.options.OnConnect != nil {
|
||||
go c.options.OnConnect(c)
|
||||
}
|
||||
|
||||
c.workers.Add(4)
|
||||
go errorWatch(c)
|
||||
|
||||
c.workers.Add(3)
|
||||
go alllogic(c)
|
||||
go outgoing(c)
|
||||
go incoming(c)
|
||||
|
||||
c.resume(false)
|
||||
}
|
||||
|
||||
// This function is only used for receiving a connack
|
||||
// when the connection is first started.
|
||||
// This prevents receiving incoming data while resume
|
||||
// is in progress if clean session is false.
|
||||
func (c *client) connect() byte {
|
||||
func (c *client) connect() (byte, bool) {
|
||||
DEBUG.Println(NET, "connect started")
|
||||
|
||||
ca, err := packets.ReadPacket(c.conn)
|
||||
if err != nil {
|
||||
ERROR.Println(NET, "connect got error", err)
|
||||
return packets.ErrNetworkError
|
||||
return packets.ErrNetworkError, false
|
||||
}
|
||||
if ca == nil {
|
||||
ERROR.Println(NET, "received nil packet")
|
||||
return packets.ErrNetworkError
|
||||
return packets.ErrNetworkError, false
|
||||
}
|
||||
|
||||
msg, ok := ca.(*packets.ConnackPacket)
|
||||
if !ok {
|
||||
ERROR.Println(NET, "received msg that was not CONNACK")
|
||||
return packets.ErrNetworkError
|
||||
return packets.ErrNetworkError, false
|
||||
}
|
||||
|
||||
DEBUG.Println(NET, "received connack")
|
||||
return msg.ReturnCode
|
||||
return msg.ReturnCode, msg.SessionPresent
|
||||
}
|
||||
|
||||
// Disconnect will end the connection with the server, but not before waiting
|
||||
|
@ -433,7 +503,7 @@ func (c *client) internalConnLost(err error) {
|
|||
c.closeStop()
|
||||
c.conn.Close()
|
||||
c.workers.Wait()
|
||||
if c.options.CleanSession {
|
||||
if c.options.CleanSession && !c.options.AutoReconnect {
|
||||
c.messageIds.cleanUp()
|
||||
}
|
||||
if c.options.AutoReconnect {
|
||||
|
@ -455,8 +525,23 @@ func (c *client) closeStop() {
|
|||
case <-c.stop:
|
||||
DEBUG.Println("In disconnect and stop channel is already closed")
|
||||
default:
|
||||
if c.stop != nil {
|
||||
close(c.stop)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func (c *client) closeStopRouter() {
|
||||
c.Lock()
|
||||
defer c.Unlock()
|
||||
select {
|
||||
case <-c.stopRouter:
|
||||
DEBUG.Println("In disconnect and stop channel is already closed")
|
||||
default:
|
||||
if c.stopRouter != nil {
|
||||
close(c.stopRouter)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func (c *client) closeConn() {
|
||||
|
@ -471,7 +556,8 @@ func (c *client) disconnect() {
|
|||
c.closeStop()
|
||||
c.closeConn()
|
||||
c.workers.Wait()
|
||||
close(c.stopRouter)
|
||||
c.messageIds.cleanUp()
|
||||
c.closeStopRouter()
|
||||
DEBUG.Println(CLI, "disconnected")
|
||||
c.persist.Close()
|
||||
}
|
||||
|
@ -484,8 +570,7 @@ func (c *client) Publish(topic string, qos byte, retained bool, payload interfac
|
|||
DEBUG.Println(CLI, "enter Publish")
|
||||
switch {
|
||||
case !c.IsConnected():
|
||||
token.err = ErrNotConnected
|
||||
token.flowComplete()
|
||||
token.setError(ErrNotConnected)
|
||||
return token
|
||||
case c.connectionStatus() == reconnecting && qos == 0:
|
||||
token.flowComplete()
|
||||
|
@ -501,18 +586,21 @@ func (c *client) Publish(topic string, qos byte, retained bool, payload interfac
|
|||
case []byte:
|
||||
pub.Payload = payload.([]byte)
|
||||
default:
|
||||
token.err = errors.New("Unknown payload type")
|
||||
token.flowComplete()
|
||||
token.setError(fmt.Errorf("Unknown payload type"))
|
||||
return token
|
||||
}
|
||||
|
||||
DEBUG.Println(CLI, "sending publish message, topic:", topic)
|
||||
if pub.Qos != 0 && pub.MessageID == 0 {
|
||||
pub.MessageID = c.getID(token)
|
||||
token.messageID = pub.MessageID
|
||||
}
|
||||
persistOutbound(c.persist, pub)
|
||||
if c.connectionStatus() == reconnecting {
|
||||
DEBUG.Println(CLI, "storing publish message (reconnecting), topic:", topic)
|
||||
} else {
|
||||
DEBUG.Println(CLI, "sending publish message, topic:", topic)
|
||||
c.obound <- &PacketAndToken{p: pub, t: token}
|
||||
}
|
||||
return token
|
||||
}
|
||||
|
||||
|
@ -522,19 +610,22 @@ func (c *client) Subscribe(topic string, qos byte, callback MessageHandler) Toke
|
|||
token := newToken(packets.Subscribe).(*SubscribeToken)
|
||||
DEBUG.Println(CLI, "enter Subscribe")
|
||||
if !c.IsConnected() {
|
||||
token.err = ErrNotConnected
|
||||
token.flowComplete()
|
||||
token.setError(ErrNotConnected)
|
||||
return token
|
||||
}
|
||||
sub := packets.NewControlPacket(packets.Subscribe).(*packets.SubscribePacket)
|
||||
if err := validateTopicAndQos(topic, qos); err != nil {
|
||||
token.err = err
|
||||
token.setError(err)
|
||||
return token
|
||||
}
|
||||
sub.Topics = append(sub.Topics, topic)
|
||||
sub.Qoss = append(sub.Qoss, qos)
|
||||
DEBUG.Println(CLI, sub.String())
|
||||
|
||||
if strings.HasPrefix(topic, "$share") {
|
||||
topic = strings.Join(strings.Split(topic, "/")[2:], "/")
|
||||
}
|
||||
|
||||
if callback != nil {
|
||||
c.msgRouter.addRoute(topic, callback)
|
||||
}
|
||||
|
@ -552,13 +643,12 @@ func (c *client) SubscribeMultiple(filters map[string]byte, callback MessageHand
|
|||
token := newToken(packets.Subscribe).(*SubscribeToken)
|
||||
DEBUG.Println(CLI, "enter SubscribeMultiple")
|
||||
if !c.IsConnected() {
|
||||
token.err = ErrNotConnected
|
||||
token.flowComplete()
|
||||
token.setError(ErrNotConnected)
|
||||
return token
|
||||
}
|
||||
sub := packets.NewControlPacket(packets.Subscribe).(*packets.SubscribePacket)
|
||||
if sub.Topics, sub.Qoss, err = validateSubscribeMap(filters); err != nil {
|
||||
token.err = err
|
||||
token.setError(err)
|
||||
return token
|
||||
}
|
||||
|
||||
|
@ -574,6 +664,64 @@ func (c *client) SubscribeMultiple(filters map[string]byte, callback MessageHand
|
|||
return token
|
||||
}
|
||||
|
||||
// Load all stored messages and resend them
|
||||
// Call this to ensure QOS > 1,2 even after an application crash
|
||||
func (c *client) resume(subscription bool) {
|
||||
|
||||
storedKeys := c.persist.All()
|
||||
for _, key := range storedKeys {
|
||||
packet := c.persist.Get(key)
|
||||
if packet == nil {
|
||||
continue
|
||||
}
|
||||
details := packet.Details()
|
||||
if isKeyOutbound(key) {
|
||||
switch packet.(type) {
|
||||
case *packets.SubscribePacket:
|
||||
if subscription {
|
||||
DEBUG.Println(STR, fmt.Sprintf("loaded pending subscribe (%d)", details.MessageID))
|
||||
token := newToken(packets.Subscribe).(*SubscribeToken)
|
||||
c.oboundP <- &PacketAndToken{p: packet, t: token}
|
||||
}
|
||||
case *packets.UnsubscribePacket:
|
||||
if subscription {
|
||||
DEBUG.Println(STR, fmt.Sprintf("loaded pending unsubscribe (%d)", details.MessageID))
|
||||
token := newToken(packets.Unsubscribe).(*UnsubscribeToken)
|
||||
c.oboundP <- &PacketAndToken{p: packet, t: token}
|
||||
}
|
||||
case *packets.PubrelPacket:
|
||||
DEBUG.Println(STR, fmt.Sprintf("loaded pending pubrel (%d)", details.MessageID))
|
||||
select {
|
||||
case c.oboundP <- &PacketAndToken{p: packet, t: nil}:
|
||||
case <-c.stop:
|
||||
}
|
||||
case *packets.PublishPacket:
|
||||
token := newToken(packets.Publish).(*PublishToken)
|
||||
token.messageID = details.MessageID
|
||||
c.claimID(token, details.MessageID)
|
||||
DEBUG.Println(STR, fmt.Sprintf("loaded pending publish (%d)", details.MessageID))
|
||||
DEBUG.Println(STR, details)
|
||||
c.obound <- &PacketAndToken{p: packet, t: token}
|
||||
default:
|
||||
ERROR.Println(STR, "invalid message type in store (discarded)")
|
||||
c.persist.Del(key)
|
||||
}
|
||||
} else {
|
||||
switch packet.(type) {
|
||||
case *packets.PubrelPacket, *packets.PublishPacket:
|
||||
DEBUG.Println(STR, fmt.Sprintf("loaded pending incomming (%d)", details.MessageID))
|
||||
select {
|
||||
case c.ibound <- packet:
|
||||
case <-c.stop:
|
||||
}
|
||||
default:
|
||||
ERROR.Println(STR, "invalid message type in store (discarded)")
|
||||
c.persist.Del(key)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Unsubscribe will end the subscription from each of the topics provided.
|
||||
// Messages published to those topics from other clients will no longer be
|
||||
// received.
|
||||
|
@ -581,8 +729,7 @@ func (c *client) Unsubscribe(topics ...string) Token {
|
|||
token := newToken(packets.Unsubscribe).(*UnsubscribeToken)
|
||||
DEBUG.Println(CLI, "enter Unsubscribe")
|
||||
if !c.IsConnected() {
|
||||
token.err = ErrNotConnected
|
||||
token.flowComplete()
|
||||
token.setError(ErrNotConnected)
|
||||
return token
|
||||
}
|
||||
unsub := packets.NewControlPacket(packets.Unsubscribe).(*packets.UnsubscribePacket)
|
||||
|
@ -598,6 +745,8 @@ func (c *client) Unsubscribe(topics ...string) Token {
|
|||
return token
|
||||
}
|
||||
|
||||
// OptionsReader returns a ClientOptionsReader which is a copy of the clientoptions
|
||||
// in use by the client.
|
||||
func (c *client) OptionsReader() ClientOptionsReader {
|
||||
r := ClientOptionsReader{options: &c.options}
|
||||
return r
|
||||
|
|
|
@ -18,6 +18,7 @@ import (
|
|||
"io/ioutil"
|
||||
"os"
|
||||
"path"
|
||||
"sort"
|
||||
"sync"
|
||||
|
||||
"github.com/eclipse/paho.mqtt.golang/packets"
|
||||
|
@ -150,13 +151,18 @@ func (store *FileStore) Reset() {
|
|||
|
||||
// lockless
|
||||
func (store *FileStore) all() []string {
|
||||
var err error
|
||||
var keys []string
|
||||
var files fileInfos
|
||||
|
||||
if !store.opened {
|
||||
ERROR.Println(STR, "Trying to use file store, but not open")
|
||||
return nil
|
||||
}
|
||||
keys := []string{}
|
||||
files, rderr := ioutil.ReadDir(store.directory)
|
||||
chkerr(rderr)
|
||||
|
||||
files, err = ioutil.ReadDir(store.directory)
|
||||
chkerr(err)
|
||||
sort.Sort(files)
|
||||
for _, f := range files {
|
||||
DEBUG.Println(STR, "file in All():", f.Name())
|
||||
name := f.Name()
|
||||
|
@ -233,3 +239,17 @@ func exists(file string) bool {
|
|||
}
|
||||
return true
|
||||
}
|
||||
|
||||
type fileInfos []os.FileInfo
|
||||
|
||||
func (f fileInfos) Len() int {
|
||||
return len(f)
|
||||
}
|
||||
|
||||
func (f fileInfos) Swap(i, j int) {
|
||||
f[i], f[j] = f[j], f[i]
|
||||
}
|
||||
|
||||
func (f fileInfos) Less(i, j int) bool {
|
||||
return f[i].ModTime().Before(f[j].ModTime())
|
||||
}
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue