auth.go (8291B)
1 // Code generated by smithy-go-codegen DO NOT EDIT. 2 3 package route53 4 5 import ( 6 "context" 7 "fmt" 8 awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" 9 smithy "github.com/aws/smithy-go" 10 smithyauth "github.com/aws/smithy-go/auth" 11 "github.com/aws/smithy-go/middleware" 12 smithyhttp "github.com/aws/smithy-go/transport/http" 13 ) 14 15 func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { 16 params.Region = options.Region 17 } 18 19 type setLegacyContextSigningOptionsMiddleware struct { 20 } 21 22 func (*setLegacyContextSigningOptionsMiddleware) ID() string { 23 return "setLegacyContextSigningOptions" 24 } 25 26 func (m *setLegacyContextSigningOptionsMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( 27 out middleware.FinalizeOutput, metadata middleware.Metadata, err error, 28 ) { 29 rscheme := getResolvedAuthScheme(ctx) 30 schemeID := rscheme.Scheme.SchemeID() 31 32 if sn := awsmiddleware.GetSigningName(ctx); sn != "" { 33 if schemeID == "aws.auth#sigv4" { 34 smithyhttp.SetSigV4SigningName(&rscheme.SignerProperties, sn) 35 } else if schemeID == "aws.auth#sigv4a" { 36 smithyhttp.SetSigV4ASigningName(&rscheme.SignerProperties, sn) 37 } 38 } 39 40 if sr := awsmiddleware.GetSigningRegion(ctx); sr != "" { 41 if schemeID == "aws.auth#sigv4" { 42 smithyhttp.SetSigV4SigningRegion(&rscheme.SignerProperties, sr) 43 } else if schemeID == "aws.auth#sigv4a" { 44 smithyhttp.SetSigV4ASigningRegions(&rscheme.SignerProperties, []string{sr}) 45 } 46 } 47 48 return next.HandleFinalize(ctx, in) 49 } 50 51 func addSetLegacyContextSigningOptionsMiddleware(stack *middleware.Stack) error { 52 return stack.Finalize.Insert(&setLegacyContextSigningOptionsMiddleware{}, "Signing", middleware.Before) 53 } 54 55 type withAnonymous struct { 56 resolver AuthSchemeResolver 57 } 58 59 var _ AuthSchemeResolver = (*withAnonymous)(nil) 60 61 func (v *withAnonymous) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { 62 opts, err := v.resolver.ResolveAuthSchemes(ctx, params) 63 if err != nil { 64 return nil, err 65 } 66 67 opts = append(opts, &smithyauth.Option{ 68 SchemeID: smithyauth.SchemeIDAnonymous, 69 }) 70 return opts, nil 71 } 72 73 func wrapWithAnonymousAuth(options *Options) { 74 if _, ok := options.AuthSchemeResolver.(*defaultAuthSchemeResolver); !ok { 75 return 76 } 77 78 options.AuthSchemeResolver = &withAnonymous{ 79 resolver: options.AuthSchemeResolver, 80 } 81 } 82 83 // AuthResolverParameters contains the set of inputs necessary for auth scheme 84 // resolution. 85 type AuthResolverParameters struct { 86 // The name of the operation being invoked. 87 Operation string 88 89 // The region in which the operation is being invoked. 90 Region string 91 } 92 93 func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { 94 params := &AuthResolverParameters{ 95 Operation: operation, 96 } 97 98 bindAuthParamsRegion(params, input, options) 99 100 return params 101 } 102 103 // AuthSchemeResolver returns a set of possible authentication options for an 104 // operation. 105 type AuthSchemeResolver interface { 106 ResolveAuthSchemes(context.Context, *AuthResolverParameters) ([]*smithyauth.Option, error) 107 } 108 109 type defaultAuthSchemeResolver struct{} 110 111 var _ AuthSchemeResolver = (*defaultAuthSchemeResolver)(nil) 112 113 func (*defaultAuthSchemeResolver) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { 114 if overrides, ok := operationAuthOptions[params.Operation]; ok { 115 return overrides(params), nil 116 } 117 return serviceAuthOptions(params), nil 118 } 119 120 var operationAuthOptions = map[string]func(*AuthResolverParameters) []*smithyauth.Option{} 121 122 func serviceAuthOptions(params *AuthResolverParameters) []*smithyauth.Option { 123 return []*smithyauth.Option{ 124 { 125 SchemeID: smithyauth.SchemeIDSigV4, 126 SignerProperties: func() smithy.Properties { 127 var props smithy.Properties 128 smithyhttp.SetSigV4SigningName(&props, "route53") 129 smithyhttp.SetSigV4SigningRegion(&props, params.Region) 130 return props 131 }(), 132 }, 133 } 134 } 135 136 type resolveAuthSchemeMiddleware struct { 137 operation string 138 options Options 139 } 140 141 func (*resolveAuthSchemeMiddleware) ID() string { 142 return "ResolveAuthScheme" 143 } 144 145 func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( 146 out middleware.FinalizeOutput, metadata middleware.Metadata, err error, 147 ) { 148 params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) 149 options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) 150 if err != nil { 151 return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) 152 } 153 154 scheme, ok := m.selectScheme(options) 155 if !ok { 156 return out, metadata, fmt.Errorf("could not select an auth scheme") 157 } 158 159 ctx = setResolvedAuthScheme(ctx, scheme) 160 return next.HandleFinalize(ctx, in) 161 } 162 163 func (m *resolveAuthSchemeMiddleware) selectScheme(options []*smithyauth.Option) (*resolvedAuthScheme, bool) { 164 for _, option := range options { 165 if option.SchemeID == smithyauth.SchemeIDAnonymous { 166 return newResolvedAuthScheme(smithyhttp.NewAnonymousScheme(), option), true 167 } 168 169 for _, scheme := range m.options.AuthSchemes { 170 if scheme.SchemeID() != option.SchemeID { 171 continue 172 } 173 174 if scheme.IdentityResolver(m.options) != nil { 175 return newResolvedAuthScheme(scheme, option), true 176 } 177 } 178 } 179 180 return nil, false 181 } 182 183 type resolvedAuthSchemeKey struct{} 184 185 type resolvedAuthScheme struct { 186 Scheme smithyhttp.AuthScheme 187 IdentityProperties smithy.Properties 188 SignerProperties smithy.Properties 189 } 190 191 func newResolvedAuthScheme(scheme smithyhttp.AuthScheme, option *smithyauth.Option) *resolvedAuthScheme { 192 return &resolvedAuthScheme{ 193 Scheme: scheme, 194 IdentityProperties: option.IdentityProperties, 195 SignerProperties: option.SignerProperties, 196 } 197 } 198 199 func setResolvedAuthScheme(ctx context.Context, scheme *resolvedAuthScheme) context.Context { 200 return middleware.WithStackValue(ctx, resolvedAuthSchemeKey{}, scheme) 201 } 202 203 func getResolvedAuthScheme(ctx context.Context) *resolvedAuthScheme { 204 v, _ := middleware.GetStackValue(ctx, resolvedAuthSchemeKey{}).(*resolvedAuthScheme) 205 return v 206 } 207 208 type getIdentityMiddleware struct { 209 options Options 210 } 211 212 func (*getIdentityMiddleware) ID() string { 213 return "GetIdentity" 214 } 215 216 func (m *getIdentityMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( 217 out middleware.FinalizeOutput, metadata middleware.Metadata, err error, 218 ) { 219 rscheme := getResolvedAuthScheme(ctx) 220 if rscheme == nil { 221 return out, metadata, fmt.Errorf("no resolved auth scheme") 222 } 223 224 resolver := rscheme.Scheme.IdentityResolver(m.options) 225 if resolver == nil { 226 return out, metadata, fmt.Errorf("no identity resolver") 227 } 228 229 identity, err := resolver.GetIdentity(ctx, rscheme.IdentityProperties) 230 if err != nil { 231 return out, metadata, fmt.Errorf("get identity: %w", err) 232 } 233 234 ctx = setIdentity(ctx, identity) 235 return next.HandleFinalize(ctx, in) 236 } 237 238 type identityKey struct{} 239 240 func setIdentity(ctx context.Context, identity smithyauth.Identity) context.Context { 241 return middleware.WithStackValue(ctx, identityKey{}, identity) 242 } 243 244 func getIdentity(ctx context.Context) smithyauth.Identity { 245 v, _ := middleware.GetStackValue(ctx, identityKey{}).(smithyauth.Identity) 246 return v 247 } 248 249 type signRequestMiddleware struct { 250 } 251 252 func (*signRequestMiddleware) ID() string { 253 return "Signing" 254 } 255 256 func (m *signRequestMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( 257 out middleware.FinalizeOutput, metadata middleware.Metadata, err error, 258 ) { 259 req, ok := in.Request.(*smithyhttp.Request) 260 if !ok { 261 return out, metadata, fmt.Errorf("unexpected transport type %T", in.Request) 262 } 263 264 rscheme := getResolvedAuthScheme(ctx) 265 if rscheme == nil { 266 return out, metadata, fmt.Errorf("no resolved auth scheme") 267 } 268 269 identity := getIdentity(ctx) 270 if identity == nil { 271 return out, metadata, fmt.Errorf("no identity") 272 } 273 274 signer := rscheme.Scheme.Signer() 275 if signer == nil { 276 return out, metadata, fmt.Errorf("no signer") 277 } 278 279 if err := signer.SignRequest(ctx, req, identity, rscheme.SignerProperties); err != nil { 280 return out, metadata, fmt.Errorf("sign request: %w", err) 281 } 282 283 return next.HandleFinalize(ctx, in) 284 }