src

Go monorepo.
git clone git://code.dwrz.net/src
Log | Files | Refs

api_op_DecodeAuthorizationMessage.go (5765B)

      1 // Code generated by smithy-go-codegen DO NOT EDIT.
      2 
      3 package sts
      4 
      5 import (
      6 	"context"
      7 	"fmt"
      8 	awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
      9 	"github.com/aws/smithy-go/middleware"
     10 	smithyhttp "github.com/aws/smithy-go/transport/http"
     11 )
     12 
     13 // Decodes additional information about the authorization status of a request from
     14 // an encoded message returned in response to an Amazon Web Services request. For
     15 // example, if a user is not authorized to perform an operation that he or she has
     16 // requested, the request returns a Client.UnauthorizedOperation response (an HTTP
     17 // 403 response). Some Amazon Web Services operations additionally return an
     18 // encoded message that can provide details about this authorization failure. Only
     19 // certain Amazon Web Services operations return an encoded authorization message.
     20 // The documentation for an individual operation indicates whether that operation
     21 // returns an encoded message in addition to returning an HTTP code. The message is
     22 // encoded because the details of the authorization status can contain privileged
     23 // information that the user who requested the operation should not see. To decode
     24 // an authorization status message, a user must be granted permissions through an
     25 // IAM policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html)
     26 // to request the DecodeAuthorizationMessage ( sts:DecodeAuthorizationMessage )
     27 // action. The decoded message includes the following type of information:
     28 //   - Whether the request was denied due to an explicit deny or due to the
     29 //     absence of an explicit allow. For more information, see Determining Whether a
     30 //     Request is Allowed or Denied (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-denyallow)
     31 //     in the IAM User Guide.
     32 //   - The principal who made the request.
     33 //   - The requested action.
     34 //   - The requested resource.
     35 //   - The values of condition keys in the context of the user's request.
     36 func (c *Client) DecodeAuthorizationMessage(ctx context.Context, params *DecodeAuthorizationMessageInput, optFns ...func(*Options)) (*DecodeAuthorizationMessageOutput, error) {
     37 	if params == nil {
     38 		params = &DecodeAuthorizationMessageInput{}
     39 	}
     40 
     41 	result, metadata, err := c.invokeOperation(ctx, "DecodeAuthorizationMessage", params, optFns, c.addOperationDecodeAuthorizationMessageMiddlewares)
     42 	if err != nil {
     43 		return nil, err
     44 	}
     45 
     46 	out := result.(*DecodeAuthorizationMessageOutput)
     47 	out.ResultMetadata = metadata
     48 	return out, nil
     49 }
     50 
     51 type DecodeAuthorizationMessageInput struct {
     52 
     53 	// The encoded message that was returned with the response.
     54 	//
     55 	// This member is required.
     56 	EncodedMessage *string
     57 
     58 	noSmithyDocumentSerde
     59 }
     60 
     61 // A document that contains additional information about the authorization status
     62 // of a request from an encoded message that is returned in response to an Amazon
     63 // Web Services request.
     64 type DecodeAuthorizationMessageOutput struct {
     65 
     66 	// The API returns a response with the decoded message.
     67 	DecodedMessage *string
     68 
     69 	// Metadata pertaining to the operation's result.
     70 	ResultMetadata middleware.Metadata
     71 
     72 	noSmithyDocumentSerde
     73 }
     74 
     75 func (c *Client) addOperationDecodeAuthorizationMessageMiddlewares(stack *middleware.Stack, options Options) (err error) {
     76 	if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
     77 		return err
     78 	}
     79 	err = stack.Serialize.Add(&awsAwsquery_serializeOpDecodeAuthorizationMessage{}, middleware.After)
     80 	if err != nil {
     81 		return err
     82 	}
     83 	err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDecodeAuthorizationMessage{}, middleware.After)
     84 	if err != nil {
     85 		return err
     86 	}
     87 	if err := addProtocolFinalizerMiddlewares(stack, options, "DecodeAuthorizationMessage"); err != nil {
     88 		return fmt.Errorf("add protocol finalizers: %v", err)
     89 	}
     90 
     91 	if err = addlegacyEndpointContextSetter(stack, options); err != nil {
     92 		return err
     93 	}
     94 	if err = addSetLoggerMiddleware(stack, options); err != nil {
     95 		return err
     96 	}
     97 	if err = addClientRequestID(stack); err != nil {
     98 		return err
     99 	}
    100 	if err = addComputeContentLength(stack); err != nil {
    101 		return err
    102 	}
    103 	if err = addResolveEndpointMiddleware(stack, options); err != nil {
    104 		return err
    105 	}
    106 	if err = addComputePayloadSHA256(stack); err != nil {
    107 		return err
    108 	}
    109 	if err = addRetry(stack, options); err != nil {
    110 		return err
    111 	}
    112 	if err = addRawResponseToMetadata(stack); err != nil {
    113 		return err
    114 	}
    115 	if err = addRecordResponseTiming(stack); err != nil {
    116 		return err
    117 	}
    118 	if err = addClientUserAgent(stack, options); err != nil {
    119 		return err
    120 	}
    121 	if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
    122 		return err
    123 	}
    124 	if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
    125 		return err
    126 	}
    127 	if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
    128 		return err
    129 	}
    130 	if err = addOpDecodeAuthorizationMessageValidationMiddleware(stack); err != nil {
    131 		return err
    132 	}
    133 	if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDecodeAuthorizationMessage(options.Region), middleware.Before); err != nil {
    134 		return err
    135 	}
    136 	if err = addRecursionDetection(stack); err != nil {
    137 		return err
    138 	}
    139 	if err = addRequestIDRetrieverMiddleware(stack); err != nil {
    140 		return err
    141 	}
    142 	if err = addResponseErrorMiddleware(stack); err != nil {
    143 		return err
    144 	}
    145 	if err = addRequestResponseLogging(stack, options); err != nil {
    146 		return err
    147 	}
    148 	if err = addDisableHTTPSMiddleware(stack, options); err != nil {
    149 		return err
    150 	}
    151 	return nil
    152 }
    153 
    154 func newServiceMetadataMiddleware_opDecodeAuthorizationMessage(region string) *awsmiddleware.RegisterServiceMetadata {
    155 	return &awsmiddleware.RegisterServiceMetadata{
    156 		Region:        region,
    157 		ServiceID:     ServiceID,
    158 		OperationName: "DecodeAuthorizationMessage",
    159 	}
    160 }