forked from TrueCloudLab/distribution
update: AWS Go SDK bump to the latest release
Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
This commit is contained in:
parent
a2613975a1
commit
6f84e87803
23 changed files with 8582 additions and 2321 deletions
2
go.mod
2
go.mod
|
@ -8,7 +8,7 @@ require (
|
||||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.6.0
|
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.6.0
|
||||||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0
|
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0
|
||||||
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.0.0
|
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.0.0
|
||||||
github.com/aws/aws-sdk-go v1.44.325
|
github.com/aws/aws-sdk-go v1.48.10
|
||||||
github.com/bshuster-repo/logrus-logstash-hook v1.0.0
|
github.com/bshuster-repo/logrus-logstash-hook v1.0.0
|
||||||
github.com/coreos/go-systemd/v22 v22.5.0
|
github.com/coreos/go-systemd/v22 v22.5.0
|
||||||
github.com/distribution/reference v0.5.0
|
github.com/distribution/reference v0.5.0
|
||||||
|
|
20
go.sum
20
go.sum
|
@ -61,8 +61,8 @@ github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuy
|
||||||
github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
|
github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
|
||||||
github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
|
github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
|
||||||
github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho=
|
github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho=
|
||||||
github.com/aws/aws-sdk-go v1.44.325 h1:jF/L99fJSq/BfiLmUOflO/aM+LwcqBm0Fe/qTK5xxuI=
|
github.com/aws/aws-sdk-go v1.48.10 h1:0LIFG3wp2Dt6PsxKWCg1Y1xRrn2vZnW5/gWdgaBalKg=
|
||||||
github.com/aws/aws-sdk-go v1.44.325/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
|
github.com/aws/aws-sdk-go v1.48.10/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
|
||||||
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
|
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
|
||||||
github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
|
github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
|
||||||
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
|
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
|
||||||
|
@ -319,7 +319,6 @@ github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gt
|
||||||
github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||||
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||||
github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||||
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
|
|
||||||
go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
|
go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
|
||||||
go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
|
go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
|
||||||
go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
|
go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
|
||||||
|
@ -341,7 +340,6 @@ golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8U
|
||||||
golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||||
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||||
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||||
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
|
||||||
golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
|
golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
|
||||||
golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
|
golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
|
||||||
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||||
|
@ -374,7 +372,6 @@ golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzB
|
||||||
golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
|
golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
|
||||||
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||||
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||||
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
|
|
||||||
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
|
@ -404,10 +401,7 @@ golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81R
|
||||||
golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
|
golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
|
||||||
golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
|
golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
|
||||||
golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
|
golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
|
||||||
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
|
|
||||||
golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||||
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
|
|
||||||
golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
|
|
||||||
golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
|
golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
|
||||||
golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
|
golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
|
||||||
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
||||||
|
@ -427,7 +421,6 @@ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJ
|
||||||
golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
|
||||||
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
|
@ -466,27 +459,19 @@ golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7w
|
||||||
golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
|
||||||
golang.org/x/sys v0.0.0-20210616045830-e2b7044e8c71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20210616045830-e2b7044e8c71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
|
||||||
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
|
||||||
golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
|
||||||
golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
|
golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
|
||||||
golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
|
||||||
golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
|
||||||
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||||
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||||
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
|
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
|
||||||
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||||
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||||
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
|
||||||
golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
|
||||||
golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
|
golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
|
||||||
golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
|
golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
|
||||||
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||||
|
@ -532,7 +517,6 @@ golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roY
|
||||||
golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
|
golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
|
||||||
golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
|
golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
|
||||||
golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
|
golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
|
||||||
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
|
|
||||||
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
|
|
4
vendor/github.com/aws/aws-sdk-go/aws/corehandlers/awsinternal.go
generated
vendored
Normal file
4
vendor/github.com/aws/aws-sdk-go/aws/corehandlers/awsinternal.go
generated
vendored
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
// DO NOT EDIT
|
||||||
|
package corehandlers
|
||||||
|
|
||||||
|
const isAwsInternal = ""
|
10
vendor/github.com/aws/aws-sdk-go/aws/corehandlers/user_agent.go
generated
vendored
10
vendor/github.com/aws/aws-sdk-go/aws/corehandlers/user_agent.go
generated
vendored
|
@ -35,3 +35,13 @@ var AddHostExecEnvUserAgentHander = request.NamedHandler{
|
||||||
request.AddToUserAgent(r, execEnvUAKey+"/"+v)
|
request.AddToUserAgent(r, execEnvUAKey+"/"+v)
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var AddAwsInternal = request.NamedHandler{
|
||||||
|
Name: "core.AddAwsInternal",
|
||||||
|
Fn: func(r *request.Request) {
|
||||||
|
if len(isAwsInternal) == 0 {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
request.AddToUserAgent(r, isAwsInternal)
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
47
vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go
generated
vendored
47
vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go
generated
vendored
|
@ -31,6 +31,8 @@ package endpointcreds
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"fmt"
|
||||||
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/aws/aws-sdk-go/aws"
|
"github.com/aws/aws-sdk-go/aws"
|
||||||
|
@ -69,7 +71,37 @@ type Provider struct {
|
||||||
|
|
||||||
// Optional authorization token value if set will be used as the value of
|
// Optional authorization token value if set will be used as the value of
|
||||||
// the Authorization header of the endpoint credential request.
|
// the Authorization header of the endpoint credential request.
|
||||||
|
//
|
||||||
|
// When constructed from environment, the provider will use the value of
|
||||||
|
// AWS_CONTAINER_AUTHORIZATION_TOKEN environment variable as the token
|
||||||
|
//
|
||||||
|
// Will be overridden if AuthorizationTokenProvider is configured
|
||||||
AuthorizationToken string
|
AuthorizationToken string
|
||||||
|
|
||||||
|
// Optional auth provider func to dynamically load the auth token from a file
|
||||||
|
// everytime a credential is retrieved
|
||||||
|
//
|
||||||
|
// When constructed from environment, the provider will read and use the content
|
||||||
|
// of the file pointed to by AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE environment variable
|
||||||
|
// as the auth token everytime credentials are retrieved
|
||||||
|
//
|
||||||
|
// Will override AuthorizationToken if configured
|
||||||
|
AuthorizationTokenProvider AuthTokenProvider
|
||||||
|
}
|
||||||
|
|
||||||
|
// AuthTokenProvider defines an interface to dynamically load a value to be passed
|
||||||
|
// for the Authorization header of a credentials request.
|
||||||
|
type AuthTokenProvider interface {
|
||||||
|
GetToken() (string, error)
|
||||||
|
}
|
||||||
|
|
||||||
|
// TokenProviderFunc is a func type implementing AuthTokenProvider interface
|
||||||
|
// and enables customizing token provider behavior
|
||||||
|
type TokenProviderFunc func() (string, error)
|
||||||
|
|
||||||
|
// GetToken func retrieves auth token according to TokenProviderFunc implementation
|
||||||
|
func (p TokenProviderFunc) GetToken() (string, error) {
|
||||||
|
return p()
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewProviderClient returns a credentials Provider for retrieving AWS credentials
|
// NewProviderClient returns a credentials Provider for retrieving AWS credentials
|
||||||
|
@ -164,7 +196,20 @@ func (p *Provider) getCredentials(ctx aws.Context) (*getCredentialsOutput, error
|
||||||
req := p.Client.NewRequest(op, nil, out)
|
req := p.Client.NewRequest(op, nil, out)
|
||||||
req.SetContext(ctx)
|
req.SetContext(ctx)
|
||||||
req.HTTPRequest.Header.Set("Accept", "application/json")
|
req.HTTPRequest.Header.Set("Accept", "application/json")
|
||||||
if authToken := p.AuthorizationToken; len(authToken) != 0 {
|
|
||||||
|
authToken := p.AuthorizationToken
|
||||||
|
var err error
|
||||||
|
if p.AuthorizationTokenProvider != nil {
|
||||||
|
authToken, err = p.AuthorizationTokenProvider.GetToken()
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("get authorization token: %v", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if strings.ContainsAny(authToken, "\r\n") {
|
||||||
|
return nil, fmt.Errorf("authorization token contains invalid newline sequence")
|
||||||
|
}
|
||||||
|
if len(authToken) != 0 {
|
||||||
req.HTTPRequest.Header.Set("Authorization", authToken)
|
req.HTTPRequest.Header.Set("Authorization", authToken)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
9
vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/token_provider.go
generated
vendored
9
vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/token_provider.go
generated
vendored
|
@ -111,6 +111,15 @@ func (p *SSOTokenProvider) refreshToken(token cachedToken) (cachedToken, error)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return cachedToken{}, fmt.Errorf("unable to refresh SSO token, %v", err)
|
return cachedToken{}, fmt.Errorf("unable to refresh SSO token, %v", err)
|
||||||
}
|
}
|
||||||
|
if createResult.ExpiresIn == nil {
|
||||||
|
return cachedToken{}, fmt.Errorf("missing required field ExpiresIn")
|
||||||
|
}
|
||||||
|
if createResult.AccessToken == nil {
|
||||||
|
return cachedToken{}, fmt.Errorf("missing required field AccessToken")
|
||||||
|
}
|
||||||
|
if createResult.RefreshToken == nil {
|
||||||
|
return cachedToken{}, fmt.Errorf("missing required field RefreshToken")
|
||||||
|
}
|
||||||
|
|
||||||
expiresAt := nowTime().Add(time.Duration(*createResult.ExpiresIn) * time.Second)
|
expiresAt := nowTime().Add(time.Duration(*createResult.ExpiresIn) * time.Second)
|
||||||
|
|
||||||
|
|
65
vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go
generated
vendored
65
vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go
generated
vendored
|
@ -9,6 +9,7 @@ package defaults
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"io/ioutil"
|
||||||
"net"
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
"net/url"
|
||||||
|
@ -74,6 +75,7 @@ func Handlers() request.Handlers {
|
||||||
handlers.Validate.PushBackNamed(corehandlers.ValidateEndpointHandler)
|
handlers.Validate.PushBackNamed(corehandlers.ValidateEndpointHandler)
|
||||||
handlers.Validate.AfterEachFn = request.HandlerListStopOnError
|
handlers.Validate.AfterEachFn = request.HandlerListStopOnError
|
||||||
handlers.Build.PushBackNamed(corehandlers.SDKVersionUserAgentHandler)
|
handlers.Build.PushBackNamed(corehandlers.SDKVersionUserAgentHandler)
|
||||||
|
handlers.Build.PushBackNamed(corehandlers.AddAwsInternal)
|
||||||
handlers.Build.PushBackNamed(corehandlers.AddHostExecEnvUserAgentHander)
|
handlers.Build.PushBackNamed(corehandlers.AddHostExecEnvUserAgentHander)
|
||||||
handlers.Build.AfterEachFn = request.HandlerListStopOnError
|
handlers.Build.AfterEachFn = request.HandlerListStopOnError
|
||||||
handlers.Sign.PushBackNamed(corehandlers.BuildContentLengthHandler)
|
handlers.Sign.PushBackNamed(corehandlers.BuildContentLengthHandler)
|
||||||
|
@ -114,9 +116,31 @@ func CredProviders(cfg *aws.Config, handlers request.Handlers) []credentials.Pro
|
||||||
|
|
||||||
const (
|
const (
|
||||||
httpProviderAuthorizationEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN"
|
httpProviderAuthorizationEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN"
|
||||||
|
httpProviderAuthFileEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE"
|
||||||
httpProviderEnvVar = "AWS_CONTAINER_CREDENTIALS_FULL_URI"
|
httpProviderEnvVar = "AWS_CONTAINER_CREDENTIALS_FULL_URI"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// direct representation of the IPv4 address for the ECS container
|
||||||
|
// "169.254.170.2"
|
||||||
|
var ecsContainerIPv4 net.IP = []byte{
|
||||||
|
169, 254, 170, 2,
|
||||||
|
}
|
||||||
|
|
||||||
|
// direct representation of the IPv4 address for the EKS container
|
||||||
|
// "169.254.170.23"
|
||||||
|
var eksContainerIPv4 net.IP = []byte{
|
||||||
|
169, 254, 170, 23,
|
||||||
|
}
|
||||||
|
|
||||||
|
// direct representation of the IPv6 address for the EKS container
|
||||||
|
// "fd00:ec2::23"
|
||||||
|
var eksContainerIPv6 net.IP = []byte{
|
||||||
|
0xFD, 0, 0xE, 0xC2,
|
||||||
|
0, 0, 0, 0,
|
||||||
|
0, 0, 0, 0,
|
||||||
|
0, 0, 0, 0x23,
|
||||||
|
}
|
||||||
|
|
||||||
// RemoteCredProvider returns a credentials provider for the default remote
|
// RemoteCredProvider returns a credentials provider for the default remote
|
||||||
// endpoints such as EC2 or ECS Roles.
|
// endpoints such as EC2 or ECS Roles.
|
||||||
func RemoteCredProvider(cfg aws.Config, handlers request.Handlers) credentials.Provider {
|
func RemoteCredProvider(cfg aws.Config, handlers request.Handlers) credentials.Provider {
|
||||||
|
@ -134,19 +158,22 @@ func RemoteCredProvider(cfg aws.Config, handlers request.Handlers) credentials.P
|
||||||
|
|
||||||
var lookupHostFn = net.LookupHost
|
var lookupHostFn = net.LookupHost
|
||||||
|
|
||||||
func isLoopbackHost(host string) (bool, error) {
|
// isAllowedHost allows host to be loopback or known ECS/EKS container IPs
|
||||||
ip := net.ParseIP(host)
|
//
|
||||||
if ip != nil {
|
// host can either be an IP address OR an unresolved hostname - resolution will
|
||||||
return ip.IsLoopback(), nil
|
// be automatically performed in the latter case
|
||||||
|
func isAllowedHost(host string) (bool, error) {
|
||||||
|
if ip := net.ParseIP(host); ip != nil {
|
||||||
|
return isIPAllowed(ip), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Host is not an ip, perform lookup
|
|
||||||
addrs, err := lookupHostFn(host)
|
addrs, err := lookupHostFn(host)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return false, err
|
return false, err
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, addr := range addrs {
|
for _, addr := range addrs {
|
||||||
if !net.ParseIP(addr).IsLoopback() {
|
if ip := net.ParseIP(addr); ip == nil || !isIPAllowed(ip) {
|
||||||
return false, nil
|
return false, nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -154,6 +181,13 @@ func isLoopbackHost(host string) (bool, error) {
|
||||||
return true, nil
|
return true, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func isIPAllowed(ip net.IP) bool {
|
||||||
|
return ip.IsLoopback() ||
|
||||||
|
ip.Equal(ecsContainerIPv4) ||
|
||||||
|
ip.Equal(eksContainerIPv4) ||
|
||||||
|
ip.Equal(eksContainerIPv6)
|
||||||
|
}
|
||||||
|
|
||||||
func localHTTPCredProvider(cfg aws.Config, handlers request.Handlers, u string) credentials.Provider {
|
func localHTTPCredProvider(cfg aws.Config, handlers request.Handlers, u string) credentials.Provider {
|
||||||
var errMsg string
|
var errMsg string
|
||||||
|
|
||||||
|
@ -164,10 +198,12 @@ func localHTTPCredProvider(cfg aws.Config, handlers request.Handlers, u string)
|
||||||
host := aws.URLHostname(parsed)
|
host := aws.URLHostname(parsed)
|
||||||
if len(host) == 0 {
|
if len(host) == 0 {
|
||||||
errMsg = "unable to parse host from local HTTP cred provider URL"
|
errMsg = "unable to parse host from local HTTP cred provider URL"
|
||||||
} else if isLoopback, loopbackErr := isLoopbackHost(host); loopbackErr != nil {
|
} else if parsed.Scheme == "http" {
|
||||||
errMsg = fmt.Sprintf("failed to resolve host %q, %v", host, loopbackErr)
|
if isAllowedHost, allowHostErr := isAllowedHost(host); allowHostErr != nil {
|
||||||
} else if !isLoopback {
|
errMsg = fmt.Sprintf("failed to resolve host %q, %v", host, allowHostErr)
|
||||||
errMsg = fmt.Sprintf("invalid endpoint host, %q, only loopback hosts are allowed.", host)
|
} else if !isAllowedHost {
|
||||||
|
errMsg = fmt.Sprintf("invalid endpoint host, %q, only loopback/ecs/eks hosts are allowed.", host)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -189,6 +225,15 @@ func httpCredProvider(cfg aws.Config, handlers request.Handlers, u string) crede
|
||||||
func(p *endpointcreds.Provider) {
|
func(p *endpointcreds.Provider) {
|
||||||
p.ExpiryWindow = 5 * time.Minute
|
p.ExpiryWindow = 5 * time.Minute
|
||||||
p.AuthorizationToken = os.Getenv(httpProviderAuthorizationEnvVar)
|
p.AuthorizationToken = os.Getenv(httpProviderAuthorizationEnvVar)
|
||||||
|
if authFilePath := os.Getenv(httpProviderAuthFileEnvVar); authFilePath != "" {
|
||||||
|
p.AuthorizationTokenProvider = endpointcreds.TokenProviderFunc(func() (string, error) {
|
||||||
|
if contents, err := ioutil.ReadFile(authFilePath); err != nil {
|
||||||
|
return "", fmt.Errorf("failed to read authorization token from %v: %v", authFilePath, err)
|
||||||
|
} else {
|
||||||
|
return string(contents), nil
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
2281
vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
generated
vendored
2281
vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
generated
vendored
File diff suppressed because it is too large
Load diff
28
vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go
generated
vendored
28
vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go
generated
vendored
|
@ -171,6 +171,12 @@ type envConfig struct {
|
||||||
// AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE=IPv6
|
// AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE=IPv6
|
||||||
EC2IMDSEndpointMode endpoints.EC2IMDSEndpointModeState
|
EC2IMDSEndpointMode endpoints.EC2IMDSEndpointModeState
|
||||||
|
|
||||||
|
// Specifies that IMDS clients should not fallback to IMDSv1 if token
|
||||||
|
// requests fail.
|
||||||
|
//
|
||||||
|
// AWS_EC2_METADATA_V1_DISABLED=true
|
||||||
|
EC2IMDSv1Disabled *bool
|
||||||
|
|
||||||
// Specifies that SDK clients must resolve a dual-stack endpoint for
|
// Specifies that SDK clients must resolve a dual-stack endpoint for
|
||||||
// services.
|
// services.
|
||||||
//
|
//
|
||||||
|
@ -251,6 +257,9 @@ var (
|
||||||
ec2IMDSEndpointModeEnvKey = []string{
|
ec2IMDSEndpointModeEnvKey = []string{
|
||||||
"AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE",
|
"AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE",
|
||||||
}
|
}
|
||||||
|
ec2MetadataV1DisabledEnvKey = []string{
|
||||||
|
"AWS_EC2_METADATA_V1_DISABLED",
|
||||||
|
}
|
||||||
useCABundleKey = []string{
|
useCABundleKey = []string{
|
||||||
"AWS_CA_BUNDLE",
|
"AWS_CA_BUNDLE",
|
||||||
}
|
}
|
||||||
|
@ -393,6 +402,7 @@ func envConfigLoad(enableSharedConfig bool) (envConfig, error) {
|
||||||
if err := setEC2IMDSEndpointMode(&cfg.EC2IMDSEndpointMode, ec2IMDSEndpointModeEnvKey); err != nil {
|
if err := setEC2IMDSEndpointMode(&cfg.EC2IMDSEndpointMode, ec2IMDSEndpointModeEnvKey); err != nil {
|
||||||
return envConfig{}, err
|
return envConfig{}, err
|
||||||
}
|
}
|
||||||
|
setBoolPtrFromEnvVal(&cfg.EC2IMDSv1Disabled, ec2MetadataV1DisabledEnvKey)
|
||||||
|
|
||||||
if err := setUseDualStackEndpointFromEnvVal(&cfg.UseDualStackEndpoint, awsUseDualStackEndpoint); err != nil {
|
if err := setUseDualStackEndpointFromEnvVal(&cfg.UseDualStackEndpoint, awsUseDualStackEndpoint); err != nil {
|
||||||
return cfg, err
|
return cfg, err
|
||||||
|
@ -414,6 +424,24 @@ func setFromEnvVal(dst *string, keys []string) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func setBoolPtrFromEnvVal(dst **bool, keys []string) {
|
||||||
|
for _, k := range keys {
|
||||||
|
value := os.Getenv(k)
|
||||||
|
if len(value) == 0 {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
switch {
|
||||||
|
case strings.EqualFold(value, "false"):
|
||||||
|
*dst = new(bool)
|
||||||
|
**dst = false
|
||||||
|
case strings.EqualFold(value, "true"):
|
||||||
|
*dst = new(bool)
|
||||||
|
**dst = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func setEC2IMDSEndpointMode(mode *endpoints.EC2IMDSEndpointModeState, keys []string) error {
|
func setEC2IMDSEndpointMode(mode *endpoints.EC2IMDSEndpointModeState, keys []string) error {
|
||||||
for _, k := range keys {
|
for _, k := range keys {
|
||||||
value := os.Getenv(k)
|
value := os.Getenv(k)
|
||||||
|
|
8
vendor/github.com/aws/aws-sdk-go/aws/session/session.go
generated
vendored
8
vendor/github.com/aws/aws-sdk-go/aws/session/session.go
generated
vendored
|
@ -779,6 +779,14 @@ func mergeConfigSrcs(cfg, userCfg *aws.Config,
|
||||||
cfg.EndpointResolver = wrapEC2IMDSEndpoint(cfg.EndpointResolver, ec2IMDSEndpoint, endpointMode)
|
cfg.EndpointResolver = wrapEC2IMDSEndpoint(cfg.EndpointResolver, ec2IMDSEndpoint, endpointMode)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
cfg.EC2MetadataEnableFallback = userCfg.EC2MetadataEnableFallback
|
||||||
|
if cfg.EC2MetadataEnableFallback == nil && envCfg.EC2IMDSv1Disabled != nil {
|
||||||
|
cfg.EC2MetadataEnableFallback = aws.Bool(!*envCfg.EC2IMDSv1Disabled)
|
||||||
|
}
|
||||||
|
if cfg.EC2MetadataEnableFallback == nil && sharedCfg.EC2IMDSv1Disabled != nil {
|
||||||
|
cfg.EC2MetadataEnableFallback = aws.Bool(!*sharedCfg.EC2IMDSv1Disabled)
|
||||||
|
}
|
||||||
|
|
||||||
cfg.S3UseARNRegion = userCfg.S3UseARNRegion
|
cfg.S3UseARNRegion = userCfg.S3UseARNRegion
|
||||||
if cfg.S3UseARNRegion == nil {
|
if cfg.S3UseARNRegion == nil {
|
||||||
cfg.S3UseARNRegion = &envCfg.S3UseARNRegion
|
cfg.S3UseARNRegion = &envCfg.S3UseARNRegion
|
||||||
|
|
35
vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go
generated
vendored
35
vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go
generated
vendored
|
@ -80,6 +80,9 @@ const (
|
||||||
// EC2 IMDS Endpoint
|
// EC2 IMDS Endpoint
|
||||||
ec2MetadataServiceEndpointKey = "ec2_metadata_service_endpoint"
|
ec2MetadataServiceEndpointKey = "ec2_metadata_service_endpoint"
|
||||||
|
|
||||||
|
// ECS IMDSv1 disable fallback
|
||||||
|
ec2MetadataV1DisabledKey = "ec2_metadata_v1_disabled"
|
||||||
|
|
||||||
// Use DualStack Endpoint Resolution
|
// Use DualStack Endpoint Resolution
|
||||||
useDualStackEndpoint = "use_dualstack_endpoint"
|
useDualStackEndpoint = "use_dualstack_endpoint"
|
||||||
|
|
||||||
|
@ -179,6 +182,12 @@ type sharedConfig struct {
|
||||||
// ec2_metadata_service_endpoint=http://fd00:ec2::254
|
// ec2_metadata_service_endpoint=http://fd00:ec2::254
|
||||||
EC2IMDSEndpoint string
|
EC2IMDSEndpoint string
|
||||||
|
|
||||||
|
// Specifies that IMDS clients should not fallback to IMDSv1 if token
|
||||||
|
// requests fail.
|
||||||
|
//
|
||||||
|
// ec2_metadata_v1_disabled=true
|
||||||
|
EC2IMDSv1Disabled *bool
|
||||||
|
|
||||||
// Specifies that SDK clients must resolve a dual-stack endpoint for
|
// Specifies that SDK clients must resolve a dual-stack endpoint for
|
||||||
// services.
|
// services.
|
||||||
//
|
//
|
||||||
|
@ -389,8 +398,15 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, e
|
||||||
updateString(&cfg.Region, section, regionKey)
|
updateString(&cfg.Region, section, regionKey)
|
||||||
updateString(&cfg.CustomCABundle, section, customCABundleKey)
|
updateString(&cfg.CustomCABundle, section, customCABundleKey)
|
||||||
|
|
||||||
|
// we're retaining a behavioral quirk with this field that existed before
|
||||||
|
// the removal of literal parsing for (aws-sdk-go-v2/#2276):
|
||||||
|
// - if the key is missing, the config field will not be set
|
||||||
|
// - if the key is set to a non-numeric, the config field will be set to 0
|
||||||
if section.Has(roleDurationSecondsKey) {
|
if section.Has(roleDurationSecondsKey) {
|
||||||
d := time.Duration(section.Int(roleDurationSecondsKey)) * time.Second
|
var d time.Duration
|
||||||
|
if v, ok := section.Int(roleDurationSecondsKey); ok {
|
||||||
|
d = time.Duration(v) * time.Second
|
||||||
|
}
|
||||||
cfg.AssumeRoleDuration = &d
|
cfg.AssumeRoleDuration = &d
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -427,6 +443,7 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, e
|
||||||
ec2MetadataServiceEndpointModeKey, file.Filename, err)
|
ec2MetadataServiceEndpointModeKey, file.Filename, err)
|
||||||
}
|
}
|
||||||
updateString(&cfg.EC2IMDSEndpoint, section, ec2MetadataServiceEndpointKey)
|
updateString(&cfg.EC2IMDSEndpoint, section, ec2MetadataServiceEndpointKey)
|
||||||
|
updateBoolPtr(&cfg.EC2IMDSv1Disabled, section, ec2MetadataV1DisabledKey)
|
||||||
|
|
||||||
updateUseDualStackEndpoint(&cfg.UseDualStackEndpoint, section, useDualStackEndpoint)
|
updateUseDualStackEndpoint(&cfg.UseDualStackEndpoint, section, useDualStackEndpoint)
|
||||||
|
|
||||||
|
@ -668,7 +685,10 @@ func updateBool(dst *bool, section ini.Section, key string) {
|
||||||
if !section.Has(key) {
|
if !section.Has(key) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
*dst = section.Bool(key)
|
|
||||||
|
// retains pre-(aws-sdk-go-v2#2276) behavior where non-bool value would resolve to false
|
||||||
|
v, _ := section.Bool(key)
|
||||||
|
*dst = v
|
||||||
}
|
}
|
||||||
|
|
||||||
// updateBoolPtr will only update the dst with the value in the section key,
|
// updateBoolPtr will only update the dst with the value in the section key,
|
||||||
|
@ -677,8 +697,11 @@ func updateBoolPtr(dst **bool, section ini.Section, key string) {
|
||||||
if !section.Has(key) {
|
if !section.Has(key) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// retains pre-(aws-sdk-go-v2#2276) behavior where non-bool value would resolve to false
|
||||||
|
v, _ := section.Bool(key)
|
||||||
*dst = new(bool)
|
*dst = new(bool)
|
||||||
**dst = section.Bool(key)
|
**dst = v
|
||||||
}
|
}
|
||||||
|
|
||||||
// SharedConfigLoadError is an error for the shared config file failed to load.
|
// SharedConfigLoadError is an error for the shared config file failed to load.
|
||||||
|
@ -805,7 +828,8 @@ func updateUseDualStackEndpoint(dst *endpoints.DualStackEndpointState, section i
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if section.Bool(key) {
|
// retains pre-(aws-sdk-go-v2/#2276) behavior where non-bool value would resolve to false
|
||||||
|
if v, _ := section.Bool(key); v {
|
||||||
*dst = endpoints.DualStackEndpointStateEnabled
|
*dst = endpoints.DualStackEndpointStateEnabled
|
||||||
} else {
|
} else {
|
||||||
*dst = endpoints.DualStackEndpointStateDisabled
|
*dst = endpoints.DualStackEndpointStateDisabled
|
||||||
|
@ -821,7 +845,8 @@ func updateUseFIPSEndpoint(dst *endpoints.FIPSEndpointState, section ini.Section
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if section.Bool(key) {
|
// retains pre-(aws-sdk-go-v2/#2276) behavior where non-bool value would resolve to false
|
||||||
|
if v, _ := section.Bool(key); v {
|
||||||
*dst = endpoints.FIPSEndpointStateEnabled
|
*dst = endpoints.FIPSEndpointStateEnabled
|
||||||
} else {
|
} else {
|
||||||
*dst = endpoints.FIPSEndpointStateDisabled
|
*dst = endpoints.FIPSEndpointStateDisabled
|
||||||
|
|
2
vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go
generated
vendored
|
@ -125,6 +125,7 @@ var requiredSignedHeaders = rules{
|
||||||
"X-Amz-Copy-Source-Server-Side-Encryption-Customer-Algorithm": struct{}{},
|
"X-Amz-Copy-Source-Server-Side-Encryption-Customer-Algorithm": struct{}{},
|
||||||
"X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key": struct{}{},
|
"X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key": struct{}{},
|
||||||
"X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key-Md5": struct{}{},
|
"X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key-Md5": struct{}{},
|
||||||
|
"X-Amz-Expected-Bucket-Owner": struct{}{},
|
||||||
"X-Amz-Grant-Full-control": struct{}{},
|
"X-Amz-Grant-Full-control": struct{}{},
|
||||||
"X-Amz-Grant-Read": struct{}{},
|
"X-Amz-Grant-Read": struct{}{},
|
||||||
"X-Amz-Grant-Read-Acp": struct{}{},
|
"X-Amz-Grant-Read-Acp": struct{}{},
|
||||||
|
@ -135,6 +136,7 @@ var requiredSignedHeaders = rules{
|
||||||
"X-Amz-Request-Payer": struct{}{},
|
"X-Amz-Request-Payer": struct{}{},
|
||||||
"X-Amz-Server-Side-Encryption": struct{}{},
|
"X-Amz-Server-Side-Encryption": struct{}{},
|
||||||
"X-Amz-Server-Side-Encryption-Aws-Kms-Key-Id": struct{}{},
|
"X-Amz-Server-Side-Encryption-Aws-Kms-Key-Id": struct{}{},
|
||||||
|
"X-Amz-Server-Side-Encryption-Context": struct{}{},
|
||||||
"X-Amz-Server-Side-Encryption-Customer-Algorithm": struct{}{},
|
"X-Amz-Server-Side-Encryption-Customer-Algorithm": struct{}{},
|
||||||
"X-Amz-Server-Side-Encryption-Customer-Key": struct{}{},
|
"X-Amz-Server-Side-Encryption-Customer-Key": struct{}{},
|
||||||
"X-Amz-Server-Side-Encryption-Customer-Key-Md5": struct{}{},
|
"X-Amz-Server-Side-Encryption-Customer-Key-Md5": struct{}{},
|
||||||
|
|
2
vendor/github.com/aws/aws-sdk-go/aws/version.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go/aws/version.go
generated
vendored
|
@ -5,4 +5,4 @@ package aws
|
||||||
const SDKName = "aws-sdk-go"
|
const SDKName = "aws-sdk-go"
|
||||||
|
|
||||||
// SDKVersion is the version of this SDK
|
// SDKVersion is the version of this SDK
|
||||||
const SDKVersion = "1.44.325"
|
const SDKVersion = "1.48.10"
|
||||||
|
|
57
vendor/github.com/aws/aws-sdk-go/internal/ini/literal_tokens.go
generated
vendored
57
vendor/github.com/aws/aws-sdk-go/internal/ini/literal_tokens.go
generated
vendored
|
@ -154,11 +154,11 @@ func (v ValueType) String() string {
|
||||||
// ValueType enums
|
// ValueType enums
|
||||||
const (
|
const (
|
||||||
NoneType = ValueType(iota)
|
NoneType = ValueType(iota)
|
||||||
DecimalType
|
DecimalType // deprecated
|
||||||
IntegerType
|
IntegerType // deprecated
|
||||||
StringType
|
StringType
|
||||||
QuotedStringType
|
QuotedStringType
|
||||||
BoolType
|
BoolType // deprecated
|
||||||
)
|
)
|
||||||
|
|
||||||
// Value is a union container
|
// Value is a union container
|
||||||
|
@ -166,9 +166,9 @@ type Value struct {
|
||||||
Type ValueType
|
Type ValueType
|
||||||
raw []rune
|
raw []rune
|
||||||
|
|
||||||
integer int64
|
integer int64 // deprecated
|
||||||
decimal float64
|
decimal float64 // deprecated
|
||||||
boolean bool
|
boolean bool // deprecated
|
||||||
str string
|
str string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -253,24 +253,6 @@ func newLitToken(b []rune) (Token, int, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
token = newToken(TokenLit, b[:n], QuotedStringType)
|
token = newToken(TokenLit, b[:n], QuotedStringType)
|
||||||
} else if isNumberValue(b) {
|
|
||||||
var base int
|
|
||||||
base, n, err = getNumericalValue(b)
|
|
||||||
if err != nil {
|
|
||||||
return token, 0, err
|
|
||||||
}
|
|
||||||
|
|
||||||
value := b[:n]
|
|
||||||
vType := IntegerType
|
|
||||||
if contains(value, '.') || hasExponent(value) {
|
|
||||||
vType = DecimalType
|
|
||||||
}
|
|
||||||
token = newToken(TokenLit, value, vType)
|
|
||||||
token.base = base
|
|
||||||
} else if isBoolValue(b) {
|
|
||||||
n, err = getBoolValue(b)
|
|
||||||
|
|
||||||
token = newToken(TokenLit, b[:n], BoolType)
|
|
||||||
} else {
|
} else {
|
||||||
n, err = getValue(b)
|
n, err = getValue(b)
|
||||||
token = newToken(TokenLit, b[:n], StringType)
|
token = newToken(TokenLit, b[:n], StringType)
|
||||||
|
@ -280,18 +262,33 @@ func newLitToken(b []rune) (Token, int, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// IntValue returns an integer value
|
// IntValue returns an integer value
|
||||||
func (v Value) IntValue() int64 {
|
func (v Value) IntValue() (int64, bool) {
|
||||||
return v.integer
|
i, err := strconv.ParseInt(string(v.raw), 0, 64)
|
||||||
|
if err != nil {
|
||||||
|
return 0, false
|
||||||
|
}
|
||||||
|
return i, true
|
||||||
}
|
}
|
||||||
|
|
||||||
// FloatValue returns a float value
|
// FloatValue returns a float value
|
||||||
func (v Value) FloatValue() float64 {
|
func (v Value) FloatValue() (float64, bool) {
|
||||||
return v.decimal
|
f, err := strconv.ParseFloat(string(v.raw), 64)
|
||||||
|
if err != nil {
|
||||||
|
return 0, false
|
||||||
|
}
|
||||||
|
return f, true
|
||||||
}
|
}
|
||||||
|
|
||||||
// BoolValue returns a bool value
|
// BoolValue returns a bool value
|
||||||
func (v Value) BoolValue() bool {
|
func (v Value) BoolValue() (bool, bool) {
|
||||||
return v.boolean
|
// we don't use ParseBool as it recognizes more than what we've
|
||||||
|
// historically supported
|
||||||
|
if isCaselessLitValue(runesTrue, v.raw) {
|
||||||
|
return true, true
|
||||||
|
} else if isCaselessLitValue(runesFalse, v.raw) {
|
||||||
|
return false, true
|
||||||
|
}
|
||||||
|
return false, false
|
||||||
}
|
}
|
||||||
|
|
||||||
func isTrimmable(r rune) bool {
|
func isTrimmable(r rune) bool {
|
||||||
|
|
6
vendor/github.com/aws/aws-sdk-go/internal/ini/visitor.go
generated
vendored
6
vendor/github.com/aws/aws-sdk-go/internal/ini/visitor.go
generated
vendored
|
@ -145,17 +145,17 @@ func (t Section) ValueType(k string) (ValueType, bool) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Bool returns a bool value at k
|
// Bool returns a bool value at k
|
||||||
func (t Section) Bool(k string) bool {
|
func (t Section) Bool(k string) (bool, bool) {
|
||||||
return t.values[k].BoolValue()
|
return t.values[k].BoolValue()
|
||||||
}
|
}
|
||||||
|
|
||||||
// Int returns an integer value at k
|
// Int returns an integer value at k
|
||||||
func (t Section) Int(k string) int64 {
|
func (t Section) Int(k string) (int64, bool) {
|
||||||
return t.values[k].IntValue()
|
return t.values[k].IntValue()
|
||||||
}
|
}
|
||||||
|
|
||||||
// Float64 returns a float value at k
|
// Float64 returns a float value at k
|
||||||
func (t Section) Float64(k string) float64 {
|
func (t Section) Float64(k string) (float64, bool) {
|
||||||
return t.values[k].FloatValue()
|
return t.values[k].FloatValue()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
7581
vendor/github.com/aws/aws-sdk-go/service/s3/api.go
generated
vendored
7581
vendor/github.com/aws/aws-sdk-go/service/s3/api.go
generated
vendored
File diff suppressed because it is too large
Load diff
9
vendor/github.com/aws/aws-sdk-go/service/s3/errors.go
generated
vendored
9
vendor/github.com/aws/aws-sdk-go/service/s3/errors.go
generated
vendored
|
@ -25,6 +25,15 @@ const (
|
||||||
// "InvalidObjectState".
|
// "InvalidObjectState".
|
||||||
//
|
//
|
||||||
// Object is archived and inaccessible until restored.
|
// Object is archived and inaccessible until restored.
|
||||||
|
//
|
||||||
|
// If the object you are retrieving is stored in the S3 Glacier Flexible Retrieval
|
||||||
|
// storage class, the S3 Glacier Deep Archive storage class, the S3 Intelligent-Tiering
|
||||||
|
// Archive Access tier, or the S3 Intelligent-Tiering Deep Archive Access tier,
|
||||||
|
// before you can retrieve the object you must first restore a copy using RestoreObject
|
||||||
|
// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html).
|
||||||
|
// Otherwise, this operation returns an InvalidObjectState error. For information
|
||||||
|
// about restoring archived objects, see Restoring Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html)
|
||||||
|
// in the Amazon S3 User Guide.
|
||||||
ErrCodeInvalidObjectState = "InvalidObjectState"
|
ErrCodeInvalidObjectState = "InvalidObjectState"
|
||||||
|
|
||||||
// ErrCodeNoSuchBucket for service response error code
|
// ErrCodeNoSuchBucket for service response error code
|
||||||
|
|
664
vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go
generated
vendored
664
vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go
generated
vendored
|
@ -56,9 +56,10 @@ func (c *SSOOIDC) CreateTokenRequest(input *CreateTokenInput) (req *request.Requ
|
||||||
|
|
||||||
// CreateToken API operation for AWS SSO OIDC.
|
// CreateToken API operation for AWS SSO OIDC.
|
||||||
//
|
//
|
||||||
// Creates and returns an access token for the authorized client. The access
|
// Creates and returns access and refresh tokens for clients that are authenticated
|
||||||
// token issued will be used to fetch short-term credentials for the assigned
|
// using client secrets. The access token can be used to fetch short-term credentials
|
||||||
// roles in the AWS account.
|
// for the assigned AWS accounts or to access application APIs using bearer
|
||||||
|
// authentication.
|
||||||
//
|
//
|
||||||
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
||||||
// with awserr.Error's Code and Message methods to get detailed information about
|
// with awserr.Error's Code and Message methods to get detailed information about
|
||||||
|
@ -133,6 +134,131 @@ func (c *SSOOIDC) CreateTokenWithContext(ctx aws.Context, input *CreateTokenInpu
|
||||||
return out, req.Send()
|
return out, req.Send()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const opCreateTokenWithIAM = "CreateTokenWithIAM"
|
||||||
|
|
||||||
|
// CreateTokenWithIAMRequest generates a "aws/request.Request" representing the
|
||||||
|
// client's request for the CreateTokenWithIAM operation. The "output" return
|
||||||
|
// value will be populated with the request's response once the request completes
|
||||||
|
// successfully.
|
||||||
|
//
|
||||||
|
// Use "Send" method on the returned Request to send the API call to the service.
|
||||||
|
// the "output" return value is not valid until after Send returns without error.
|
||||||
|
//
|
||||||
|
// See CreateTokenWithIAM for more information on using the CreateTokenWithIAM
|
||||||
|
// API call, and error handling.
|
||||||
|
//
|
||||||
|
// This method is useful when you want to inject custom logic or configuration
|
||||||
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
||||||
|
//
|
||||||
|
// // Example sending a request using the CreateTokenWithIAMRequest method.
|
||||||
|
// req, resp := client.CreateTokenWithIAMRequest(params)
|
||||||
|
//
|
||||||
|
// err := req.Send()
|
||||||
|
// if err == nil { // resp is now filled
|
||||||
|
// fmt.Println(resp)
|
||||||
|
// }
|
||||||
|
//
|
||||||
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateTokenWithIAM
|
||||||
|
func (c *SSOOIDC) CreateTokenWithIAMRequest(input *CreateTokenWithIAMInput) (req *request.Request, output *CreateTokenWithIAMOutput) {
|
||||||
|
op := &request.Operation{
|
||||||
|
Name: opCreateTokenWithIAM,
|
||||||
|
HTTPMethod: "POST",
|
||||||
|
HTTPPath: "/token?aws_iam=t",
|
||||||
|
}
|
||||||
|
|
||||||
|
if input == nil {
|
||||||
|
input = &CreateTokenWithIAMInput{}
|
||||||
|
}
|
||||||
|
|
||||||
|
output = &CreateTokenWithIAMOutput{}
|
||||||
|
req = c.newRequest(op, input, output)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// CreateTokenWithIAM API operation for AWS SSO OIDC.
|
||||||
|
//
|
||||||
|
// Creates and returns access and refresh tokens for clients and applications
|
||||||
|
// that are authenticated using IAM entities. The access token can be used to
|
||||||
|
// fetch short-term credentials for the assigned AWS accounts or to access application
|
||||||
|
// APIs using bearer authentication.
|
||||||
|
//
|
||||||
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
||||||
|
// with awserr.Error's Code and Message methods to get detailed information about
|
||||||
|
// the error.
|
||||||
|
//
|
||||||
|
// See the AWS API reference guide for AWS SSO OIDC's
|
||||||
|
// API operation CreateTokenWithIAM for usage and error information.
|
||||||
|
//
|
||||||
|
// Returned Error Types:
|
||||||
|
//
|
||||||
|
// - InvalidRequestException
|
||||||
|
// Indicates that something is wrong with the input to the request. For example,
|
||||||
|
// a required parameter might be missing or out of range.
|
||||||
|
//
|
||||||
|
// - InvalidClientException
|
||||||
|
// Indicates that the clientId or clientSecret in the request is invalid. For
|
||||||
|
// example, this can occur when a client sends an incorrect clientId or an expired
|
||||||
|
// clientSecret.
|
||||||
|
//
|
||||||
|
// - InvalidGrantException
|
||||||
|
// Indicates that a request contains an invalid grant. This can occur if a client
|
||||||
|
// makes a CreateToken request with an invalid grant type.
|
||||||
|
//
|
||||||
|
// - UnauthorizedClientException
|
||||||
|
// Indicates that the client is not currently authorized to make the request.
|
||||||
|
// This can happen when a clientId is not issued for a public client.
|
||||||
|
//
|
||||||
|
// - UnsupportedGrantTypeException
|
||||||
|
// Indicates that the grant type in the request is not supported by the service.
|
||||||
|
//
|
||||||
|
// - InvalidScopeException
|
||||||
|
// Indicates that the scope provided in the request is invalid.
|
||||||
|
//
|
||||||
|
// - AuthorizationPendingException
|
||||||
|
// Indicates that a request to authorize a client with an access user session
|
||||||
|
// token is pending.
|
||||||
|
//
|
||||||
|
// - SlowDownException
|
||||||
|
// Indicates that the client is making the request too frequently and is more
|
||||||
|
// than the service can handle.
|
||||||
|
//
|
||||||
|
// - AccessDeniedException
|
||||||
|
// You do not have sufficient access to perform this action.
|
||||||
|
//
|
||||||
|
// - ExpiredTokenException
|
||||||
|
// Indicates that the token issued by the service is expired and is no longer
|
||||||
|
// valid.
|
||||||
|
//
|
||||||
|
// - InternalServerException
|
||||||
|
// Indicates that an error from the service occurred while trying to process
|
||||||
|
// a request.
|
||||||
|
//
|
||||||
|
// - InvalidRequestRegionException
|
||||||
|
// Indicates that a token provided as input to the request was issued by and
|
||||||
|
// is only usable by calling IAM Identity Center endpoints in another region.
|
||||||
|
//
|
||||||
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateTokenWithIAM
|
||||||
|
func (c *SSOOIDC) CreateTokenWithIAM(input *CreateTokenWithIAMInput) (*CreateTokenWithIAMOutput, error) {
|
||||||
|
req, out := c.CreateTokenWithIAMRequest(input)
|
||||||
|
return out, req.Send()
|
||||||
|
}
|
||||||
|
|
||||||
|
// CreateTokenWithIAMWithContext is the same as CreateTokenWithIAM with the addition of
|
||||||
|
// the ability to pass a context and additional request options.
|
||||||
|
//
|
||||||
|
// See CreateTokenWithIAM for details on how to use this API operation.
|
||||||
|
//
|
||||||
|
// The context must be non-nil and will be used for request cancellation. If
|
||||||
|
// the context is nil a panic will occur. In the future the SDK may create
|
||||||
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
||||||
|
// for more information on using Contexts.
|
||||||
|
func (c *SSOOIDC) CreateTokenWithIAMWithContext(ctx aws.Context, input *CreateTokenWithIAMInput, opts ...request.Option) (*CreateTokenWithIAMOutput, error) {
|
||||||
|
req, out := c.CreateTokenWithIAMRequest(input)
|
||||||
|
req.SetContext(ctx)
|
||||||
|
req.ApplyOptions(opts...)
|
||||||
|
return out, req.Send()
|
||||||
|
}
|
||||||
|
|
||||||
const opRegisterClient = "RegisterClient"
|
const opRegisterClient = "RegisterClient"
|
||||||
|
|
||||||
// RegisterClientRequest generates a "aws/request.Request" representing the
|
// RegisterClientRequest generates a "aws/request.Request" representing the
|
||||||
|
@ -331,8 +457,11 @@ type AccessDeniedException struct {
|
||||||
_ struct{} `type:"structure"`
|
_ struct{} `type:"structure"`
|
||||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||||
|
|
||||||
|
// Single error code. For this exception the value will be access_denied.
|
||||||
Error_ *string `locationName:"error" type:"string"`
|
Error_ *string `locationName:"error" type:"string"`
|
||||||
|
|
||||||
|
// Human-readable text providing additional information, used to assist the
|
||||||
|
// client developer in understanding the error that occurred.
|
||||||
Error_description *string `locationName:"error_description" type:"string"`
|
Error_description *string `locationName:"error_description" type:"string"`
|
||||||
|
|
||||||
Message_ *string `locationName:"message" type:"string"`
|
Message_ *string `locationName:"message" type:"string"`
|
||||||
|
@ -400,8 +529,11 @@ type AuthorizationPendingException struct {
|
||||||
_ struct{} `type:"structure"`
|
_ struct{} `type:"structure"`
|
||||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||||
|
|
||||||
|
// Single error code. For this exception the value will be authorization_pending.
|
||||||
Error_ *string `locationName:"error" type:"string"`
|
Error_ *string `locationName:"error" type:"string"`
|
||||||
|
|
||||||
|
// Human-readable text providing additional information, used to assist the
|
||||||
|
// client developer in understanding the error that occurred.
|
||||||
Error_description *string `locationName:"error_description" type:"string"`
|
Error_description *string `locationName:"error_description" type:"string"`
|
||||||
|
|
||||||
Message_ *string `locationName:"message" type:"string"`
|
Message_ *string `locationName:"message" type:"string"`
|
||||||
|
@ -466,8 +598,8 @@ func (s *AuthorizationPendingException) RequestID() string {
|
||||||
type CreateTokenInput struct {
|
type CreateTokenInput struct {
|
||||||
_ struct{} `type:"structure"`
|
_ struct{} `type:"structure"`
|
||||||
|
|
||||||
// The unique identifier string for each client. This value should come from
|
// The unique identifier string for the client or application. This value comes
|
||||||
// the persisted result of the RegisterClient API.
|
// from the result of the RegisterClient API.
|
||||||
//
|
//
|
||||||
// ClientId is a required field
|
// ClientId is a required field
|
||||||
ClientId *string `locationName:"clientId" type:"string" required:"true"`
|
ClientId *string `locationName:"clientId" type:"string" required:"true"`
|
||||||
|
@ -475,23 +607,30 @@ type CreateTokenInput struct {
|
||||||
// A secret string generated for the client. This value should come from the
|
// A secret string generated for the client. This value should come from the
|
||||||
// persisted result of the RegisterClient API.
|
// persisted result of the RegisterClient API.
|
||||||
//
|
//
|
||||||
|
// ClientSecret is a sensitive parameter and its value will be
|
||||||
|
// replaced with "sensitive" in string returned by CreateTokenInput's
|
||||||
|
// String and GoString methods.
|
||||||
|
//
|
||||||
// ClientSecret is a required field
|
// ClientSecret is a required field
|
||||||
ClientSecret *string `locationName:"clientSecret" type:"string" required:"true"`
|
ClientSecret *string `locationName:"clientSecret" type:"string" required:"true" sensitive:"true"`
|
||||||
|
|
||||||
// The authorization code received from the authorization service. This parameter
|
// Used only when calling this API for the Authorization Code grant type. The
|
||||||
// is required to perform an authorization grant request to get access to a
|
// short-term code is used to identify this authorization request. This grant
|
||||||
// token.
|
// type is currently unsupported for the CreateToken API.
|
||||||
Code *string `locationName:"code" type:"string"`
|
Code *string `locationName:"code" type:"string"`
|
||||||
|
|
||||||
// Used only when calling this API for the device code grant type. This short-term
|
// Used only when calling this API for the Device Code grant type. This short-term
|
||||||
// code is used to identify this authentication attempt. This should come from
|
// code is used to identify this authorization request. This comes from the
|
||||||
// an in-memory reference to the result of the StartDeviceAuthorization API.
|
// result of the StartDeviceAuthorization API.
|
||||||
DeviceCode *string `locationName:"deviceCode" type:"string"`
|
DeviceCode *string `locationName:"deviceCode" type:"string"`
|
||||||
|
|
||||||
// Supports grant types for the authorization code, refresh token, and device
|
// Supports the following OAuth grant types: Device Code and Refresh Token.
|
||||||
// code request. For device code requests, specify the following value:
|
// Specify either of the following values, depending on the grant type that
|
||||||
|
// you want:
|
||||||
//
|
//
|
||||||
// urn:ietf:params:oauth:grant-type:device_code
|
// * Device Code - urn:ietf:params:oauth:grant-type:device_code
|
||||||
|
//
|
||||||
|
// * Refresh Token - refresh_token
|
||||||
//
|
//
|
||||||
// For information about how to obtain the device code, see the StartDeviceAuthorization
|
// For information about how to obtain the device code, see the StartDeviceAuthorization
|
||||||
// topic.
|
// topic.
|
||||||
|
@ -499,21 +638,28 @@ type CreateTokenInput struct {
|
||||||
// GrantType is a required field
|
// GrantType is a required field
|
||||||
GrantType *string `locationName:"grantType" type:"string" required:"true"`
|
GrantType *string `locationName:"grantType" type:"string" required:"true"`
|
||||||
|
|
||||||
// The location of the application that will receive the authorization code.
|
// Used only when calling this API for the Authorization Code grant type. This
|
||||||
// Users authorize the service to send the request to this location.
|
// value specifies the location of the client or application that has registered
|
||||||
|
// to receive the authorization code.
|
||||||
RedirectUri *string `locationName:"redirectUri" type:"string"`
|
RedirectUri *string `locationName:"redirectUri" type:"string"`
|
||||||
|
|
||||||
// Currently, refreshToken is not yet implemented and is not supported. For
|
// Used only when calling this API for the Refresh Token grant type. This token
|
||||||
// more information about the features and limitations of the current IAM Identity
|
// is used to refresh short-term tokens, such as the access token, that might
|
||||||
// Center OIDC implementation, see Considerations for Using this Guide in the
|
// expire.
|
||||||
// IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html).
|
|
||||||
//
|
//
|
||||||
// The token used to obtain an access token in the event that the access token
|
// For more information about the features and limitations of the current IAM
|
||||||
// is invalid or expired.
|
// Identity Center OIDC implementation, see Considerations for Using this Guide
|
||||||
RefreshToken *string `locationName:"refreshToken" type:"string"`
|
// in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html).
|
||||||
|
//
|
||||||
|
// RefreshToken is a sensitive parameter and its value will be
|
||||||
|
// replaced with "sensitive" in string returned by CreateTokenInput's
|
||||||
|
// String and GoString methods.
|
||||||
|
RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"`
|
||||||
|
|
||||||
// The list of scopes that is defined by the client. Upon authorization, this
|
// The list of scopes for which authorization is requested. The access token
|
||||||
// list is used to restrict permissions when granting an access token.
|
// that is issued is limited to the scopes that are granted. If this value is
|
||||||
|
// not specified, IAM Identity Center authorizes all scopes that are configured
|
||||||
|
// for the client during the call to RegisterClient.
|
||||||
Scope []*string `locationName:"scope" type:"list"`
|
Scope []*string `locationName:"scope" type:"list"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -605,31 +751,43 @@ func (s *CreateTokenInput) SetScope(v []*string) *CreateTokenInput {
|
||||||
type CreateTokenOutput struct {
|
type CreateTokenOutput struct {
|
||||||
_ struct{} `type:"structure"`
|
_ struct{} `type:"structure"`
|
||||||
|
|
||||||
// An opaque token to access IAM Identity Center resources assigned to a user.
|
// A bearer token to access AWS accounts and applications assigned to a user.
|
||||||
AccessToken *string `locationName:"accessToken" type:"string"`
|
//
|
||||||
|
// AccessToken is a sensitive parameter and its value will be
|
||||||
|
// replaced with "sensitive" in string returned by CreateTokenOutput's
|
||||||
|
// String and GoString methods.
|
||||||
|
AccessToken *string `locationName:"accessToken" type:"string" sensitive:"true"`
|
||||||
|
|
||||||
// Indicates the time in seconds when an access token will expire.
|
// Indicates the time in seconds when an access token will expire.
|
||||||
ExpiresIn *int64 `locationName:"expiresIn" type:"integer"`
|
ExpiresIn *int64 `locationName:"expiresIn" type:"integer"`
|
||||||
|
|
||||||
// Currently, idToken is not yet implemented and is not supported. For more
|
// The idToken is not implemented or supported. For more information about the
|
||||||
// information about the features and limitations of the current IAM Identity
|
// features and limitations of the current IAM Identity Center OIDC implementation,
|
||||||
// Center OIDC implementation, see Considerations for Using this Guide in the
|
// see Considerations for Using this Guide in the IAM Identity Center OIDC API
|
||||||
// IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html).
|
// Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html).
|
||||||
//
|
//
|
||||||
// The identifier of the user that associated with the access token, if present.
|
// A JSON Web Token (JWT) that identifies who is associated with the issued
|
||||||
IdToken *string `locationName:"idToken" type:"string"`
|
// access token.
|
||||||
|
//
|
||||||
|
// IdToken is a sensitive parameter and its value will be
|
||||||
|
// replaced with "sensitive" in string returned by CreateTokenOutput's
|
||||||
|
// String and GoString methods.
|
||||||
|
IdToken *string `locationName:"idToken" type:"string" sensitive:"true"`
|
||||||
|
|
||||||
// Currently, refreshToken is not yet implemented and is not supported. For
|
|
||||||
// more information about the features and limitations of the current IAM Identity
|
|
||||||
// Center OIDC implementation, see Considerations for Using this Guide in the
|
|
||||||
// IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html).
|
|
||||||
//
|
|
||||||
// A token that, if present, can be used to refresh a previously issued access
|
// A token that, if present, can be used to refresh a previously issued access
|
||||||
// token that might have expired.
|
// token that might have expired.
|
||||||
RefreshToken *string `locationName:"refreshToken" type:"string"`
|
//
|
||||||
|
// For more information about the features and limitations of the current IAM
|
||||||
|
// Identity Center OIDC implementation, see Considerations for Using this Guide
|
||||||
|
// in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html).
|
||||||
|
//
|
||||||
|
// RefreshToken is a sensitive parameter and its value will be
|
||||||
|
// replaced with "sensitive" in string returned by CreateTokenOutput's
|
||||||
|
// String and GoString methods.
|
||||||
|
RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"`
|
||||||
|
|
||||||
// Used to notify the client that the returned token is an access token. The
|
// Used to notify the client that the returned token is an access token. The
|
||||||
// supported type is BearerToken.
|
// supported token type is Bearer.
|
||||||
TokenType *string `locationName:"tokenType" type:"string"`
|
TokenType *string `locationName:"tokenType" type:"string"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -681,14 +839,312 @@ func (s *CreateTokenOutput) SetTokenType(v string) *CreateTokenOutput {
|
||||||
return s
|
return s
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type CreateTokenWithIAMInput struct {
|
||||||
|
_ struct{} `type:"structure"`
|
||||||
|
|
||||||
|
// Used only when calling this API for the JWT Bearer grant type. This value
|
||||||
|
// specifies the JSON Web Token (JWT) issued by a trusted token issuer. To authorize
|
||||||
|
// a trusted token issuer, configure the JWT Bearer GrantOptions for the application.
|
||||||
|
//
|
||||||
|
// Assertion is a sensitive parameter and its value will be
|
||||||
|
// replaced with "sensitive" in string returned by CreateTokenWithIAMInput's
|
||||||
|
// String and GoString methods.
|
||||||
|
Assertion *string `locationName:"assertion" type:"string" sensitive:"true"`
|
||||||
|
|
||||||
|
// The unique identifier string for the client or application. This value is
|
||||||
|
// an application ARN that has OAuth grants configured.
|
||||||
|
//
|
||||||
|
// ClientId is a required field
|
||||||
|
ClientId *string `locationName:"clientId" type:"string" required:"true"`
|
||||||
|
|
||||||
|
// Used only when calling this API for the Authorization Code grant type. This
|
||||||
|
// short-term code is used to identify this authorization request. The code
|
||||||
|
// is obtained through a redirect from IAM Identity Center to a redirect URI
|
||||||
|
// persisted in the Authorization Code GrantOptions for the application.
|
||||||
|
Code *string `locationName:"code" type:"string"`
|
||||||
|
|
||||||
|
// Supports the following OAuth grant types: Authorization Code, Refresh Token,
|
||||||
|
// JWT Bearer, and Token Exchange. Specify one of the following values, depending
|
||||||
|
// on the grant type that you want:
|
||||||
|
//
|
||||||
|
// * Authorization Code - authorization_code
|
||||||
|
//
|
||||||
|
// * Refresh Token - refresh_token
|
||||||
|
//
|
||||||
|
// * JWT Bearer - urn:ietf:params:oauth:grant-type:jwt-bearer
|
||||||
|
//
|
||||||
|
// * Token Exchange - urn:ietf:params:oauth:grant-type:token-exchange
|
||||||
|
//
|
||||||
|
// GrantType is a required field
|
||||||
|
GrantType *string `locationName:"grantType" type:"string" required:"true"`
|
||||||
|
|
||||||
|
// Used only when calling this API for the Authorization Code grant type. This
|
||||||
|
// value specifies the location of the client or application that has registered
|
||||||
|
// to receive the authorization code.
|
||||||
|
RedirectUri *string `locationName:"redirectUri" type:"string"`
|
||||||
|
|
||||||
|
// Used only when calling this API for the Refresh Token grant type. This token
|
||||||
|
// is used to refresh short-term tokens, such as the access token, that might
|
||||||
|
// expire.
|
||||||
|
//
|
||||||
|
// For more information about the features and limitations of the current IAM
|
||||||
|
// Identity Center OIDC implementation, see Considerations for Using this Guide
|
||||||
|
// in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html).
|
||||||
|
//
|
||||||
|
// RefreshToken is a sensitive parameter and its value will be
|
||||||
|
// replaced with "sensitive" in string returned by CreateTokenWithIAMInput's
|
||||||
|
// String and GoString methods.
|
||||||
|
RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"`
|
||||||
|
|
||||||
|
// Used only when calling this API for the Token Exchange grant type. This value
|
||||||
|
// specifies the type of token that the requester can receive. The following
|
||||||
|
// values are supported:
|
||||||
|
//
|
||||||
|
// * Access Token - urn:ietf:params:oauth:token-type:access_token
|
||||||
|
//
|
||||||
|
// * Refresh Token - urn:ietf:params:oauth:token-type:refresh_token
|
||||||
|
RequestedTokenType *string `locationName:"requestedTokenType" type:"string"`
|
||||||
|
|
||||||
|
// The list of scopes for which authorization is requested. The access token
|
||||||
|
// that is issued is limited to the scopes that are granted. If the value is
|
||||||
|
// not specified, IAM Identity Center authorizes all scopes configured for the
|
||||||
|
// application, including the following default scopes: openid, aws, sts:identity_context.
|
||||||
|
Scope []*string `locationName:"scope" type:"list"`
|
||||||
|
|
||||||
|
// Used only when calling this API for the Token Exchange grant type. This value
|
||||||
|
// specifies the subject of the exchange. The value of the subject token must
|
||||||
|
// be an access token issued by IAM Identity Center to a different client or
|
||||||
|
// application. The access token must have authorized scopes that indicate the
|
||||||
|
// requested application as a target audience.
|
||||||
|
//
|
||||||
|
// SubjectToken is a sensitive parameter and its value will be
|
||||||
|
// replaced with "sensitive" in string returned by CreateTokenWithIAMInput's
|
||||||
|
// String and GoString methods.
|
||||||
|
SubjectToken *string `locationName:"subjectToken" type:"string" sensitive:"true"`
|
||||||
|
|
||||||
|
// Used only when calling this API for the Token Exchange grant type. This value
|
||||||
|
// specifies the type of token that is passed as the subject of the exchange.
|
||||||
|
// The following value is supported:
|
||||||
|
//
|
||||||
|
// * Access Token - urn:ietf:params:oauth:token-type:access_token
|
||||||
|
SubjectTokenType *string `locationName:"subjectTokenType" type:"string"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// String returns the string representation.
|
||||||
|
//
|
||||||
|
// API parameter values that are decorated as "sensitive" in the API will not
|
||||||
|
// be included in the string output. The member name will be present, but the
|
||||||
|
// value will be replaced with "sensitive".
|
||||||
|
func (s CreateTokenWithIAMInput) String() string {
|
||||||
|
return awsutil.Prettify(s)
|
||||||
|
}
|
||||||
|
|
||||||
|
// GoString returns the string representation.
|
||||||
|
//
|
||||||
|
// API parameter values that are decorated as "sensitive" in the API will not
|
||||||
|
// be included in the string output. The member name will be present, but the
|
||||||
|
// value will be replaced with "sensitive".
|
||||||
|
func (s CreateTokenWithIAMInput) GoString() string {
|
||||||
|
return s.String()
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate inspects the fields of the type to determine if they are valid.
|
||||||
|
func (s *CreateTokenWithIAMInput) Validate() error {
|
||||||
|
invalidParams := request.ErrInvalidParams{Context: "CreateTokenWithIAMInput"}
|
||||||
|
if s.ClientId == nil {
|
||||||
|
invalidParams.Add(request.NewErrParamRequired("ClientId"))
|
||||||
|
}
|
||||||
|
if s.GrantType == nil {
|
||||||
|
invalidParams.Add(request.NewErrParamRequired("GrantType"))
|
||||||
|
}
|
||||||
|
|
||||||
|
if invalidParams.Len() > 0 {
|
||||||
|
return invalidParams
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetAssertion sets the Assertion field's value.
|
||||||
|
func (s *CreateTokenWithIAMInput) SetAssertion(v string) *CreateTokenWithIAMInput {
|
||||||
|
s.Assertion = &v
|
||||||
|
return s
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetClientId sets the ClientId field's value.
|
||||||
|
func (s *CreateTokenWithIAMInput) SetClientId(v string) *CreateTokenWithIAMInput {
|
||||||
|
s.ClientId = &v
|
||||||
|
return s
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetCode sets the Code field's value.
|
||||||
|
func (s *CreateTokenWithIAMInput) SetCode(v string) *CreateTokenWithIAMInput {
|
||||||
|
s.Code = &v
|
||||||
|
return s
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetGrantType sets the GrantType field's value.
|
||||||
|
func (s *CreateTokenWithIAMInput) SetGrantType(v string) *CreateTokenWithIAMInput {
|
||||||
|
s.GrantType = &v
|
||||||
|
return s
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetRedirectUri sets the RedirectUri field's value.
|
||||||
|
func (s *CreateTokenWithIAMInput) SetRedirectUri(v string) *CreateTokenWithIAMInput {
|
||||||
|
s.RedirectUri = &v
|
||||||
|
return s
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetRefreshToken sets the RefreshToken field's value.
|
||||||
|
func (s *CreateTokenWithIAMInput) SetRefreshToken(v string) *CreateTokenWithIAMInput {
|
||||||
|
s.RefreshToken = &v
|
||||||
|
return s
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetRequestedTokenType sets the RequestedTokenType field's value.
|
||||||
|
func (s *CreateTokenWithIAMInput) SetRequestedTokenType(v string) *CreateTokenWithIAMInput {
|
||||||
|
s.RequestedTokenType = &v
|
||||||
|
return s
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetScope sets the Scope field's value.
|
||||||
|
func (s *CreateTokenWithIAMInput) SetScope(v []*string) *CreateTokenWithIAMInput {
|
||||||
|
s.Scope = v
|
||||||
|
return s
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetSubjectToken sets the SubjectToken field's value.
|
||||||
|
func (s *CreateTokenWithIAMInput) SetSubjectToken(v string) *CreateTokenWithIAMInput {
|
||||||
|
s.SubjectToken = &v
|
||||||
|
return s
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetSubjectTokenType sets the SubjectTokenType field's value.
|
||||||
|
func (s *CreateTokenWithIAMInput) SetSubjectTokenType(v string) *CreateTokenWithIAMInput {
|
||||||
|
s.SubjectTokenType = &v
|
||||||
|
return s
|
||||||
|
}
|
||||||
|
|
||||||
|
type CreateTokenWithIAMOutput struct {
|
||||||
|
_ struct{} `type:"structure"`
|
||||||
|
|
||||||
|
// A bearer token to access AWS accounts and applications assigned to a user.
|
||||||
|
//
|
||||||
|
// AccessToken is a sensitive parameter and its value will be
|
||||||
|
// replaced with "sensitive" in string returned by CreateTokenWithIAMOutput's
|
||||||
|
// String and GoString methods.
|
||||||
|
AccessToken *string `locationName:"accessToken" type:"string" sensitive:"true"`
|
||||||
|
|
||||||
|
// Indicates the time in seconds when an access token will expire.
|
||||||
|
ExpiresIn *int64 `locationName:"expiresIn" type:"integer"`
|
||||||
|
|
||||||
|
// A JSON Web Token (JWT) that identifies the user associated with the issued
|
||||||
|
// access token.
|
||||||
|
//
|
||||||
|
// IdToken is a sensitive parameter and its value will be
|
||||||
|
// replaced with "sensitive" in string returned by CreateTokenWithIAMOutput's
|
||||||
|
// String and GoString methods.
|
||||||
|
IdToken *string `locationName:"idToken" type:"string" sensitive:"true"`
|
||||||
|
|
||||||
|
// Indicates the type of tokens that are issued by IAM Identity Center. The
|
||||||
|
// following values are supported:
|
||||||
|
//
|
||||||
|
// * Access Token - urn:ietf:params:oauth:token-type:access_token
|
||||||
|
//
|
||||||
|
// * Refresh Token - urn:ietf:params:oauth:token-type:refresh_token
|
||||||
|
IssuedTokenType *string `locationName:"issuedTokenType" type:"string"`
|
||||||
|
|
||||||
|
// A token that, if present, can be used to refresh a previously issued access
|
||||||
|
// token that might have expired.
|
||||||
|
//
|
||||||
|
// For more information about the features and limitations of the current IAM
|
||||||
|
// Identity Center OIDC implementation, see Considerations for Using this Guide
|
||||||
|
// in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html).
|
||||||
|
//
|
||||||
|
// RefreshToken is a sensitive parameter and its value will be
|
||||||
|
// replaced with "sensitive" in string returned by CreateTokenWithIAMOutput's
|
||||||
|
// String and GoString methods.
|
||||||
|
RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"`
|
||||||
|
|
||||||
|
// The list of scopes for which authorization is granted. The access token that
|
||||||
|
// is issued is limited to the scopes that are granted.
|
||||||
|
Scope []*string `locationName:"scope" type:"list"`
|
||||||
|
|
||||||
|
// Used to notify the requester that the returned token is an access token.
|
||||||
|
// The supported token type is Bearer.
|
||||||
|
TokenType *string `locationName:"tokenType" type:"string"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// String returns the string representation.
|
||||||
|
//
|
||||||
|
// API parameter values that are decorated as "sensitive" in the API will not
|
||||||
|
// be included in the string output. The member name will be present, but the
|
||||||
|
// value will be replaced with "sensitive".
|
||||||
|
func (s CreateTokenWithIAMOutput) String() string {
|
||||||
|
return awsutil.Prettify(s)
|
||||||
|
}
|
||||||
|
|
||||||
|
// GoString returns the string representation.
|
||||||
|
//
|
||||||
|
// API parameter values that are decorated as "sensitive" in the API will not
|
||||||
|
// be included in the string output. The member name will be present, but the
|
||||||
|
// value will be replaced with "sensitive".
|
||||||
|
func (s CreateTokenWithIAMOutput) GoString() string {
|
||||||
|
return s.String()
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetAccessToken sets the AccessToken field's value.
|
||||||
|
func (s *CreateTokenWithIAMOutput) SetAccessToken(v string) *CreateTokenWithIAMOutput {
|
||||||
|
s.AccessToken = &v
|
||||||
|
return s
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetExpiresIn sets the ExpiresIn field's value.
|
||||||
|
func (s *CreateTokenWithIAMOutput) SetExpiresIn(v int64) *CreateTokenWithIAMOutput {
|
||||||
|
s.ExpiresIn = &v
|
||||||
|
return s
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetIdToken sets the IdToken field's value.
|
||||||
|
func (s *CreateTokenWithIAMOutput) SetIdToken(v string) *CreateTokenWithIAMOutput {
|
||||||
|
s.IdToken = &v
|
||||||
|
return s
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetIssuedTokenType sets the IssuedTokenType field's value.
|
||||||
|
func (s *CreateTokenWithIAMOutput) SetIssuedTokenType(v string) *CreateTokenWithIAMOutput {
|
||||||
|
s.IssuedTokenType = &v
|
||||||
|
return s
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetRefreshToken sets the RefreshToken field's value.
|
||||||
|
func (s *CreateTokenWithIAMOutput) SetRefreshToken(v string) *CreateTokenWithIAMOutput {
|
||||||
|
s.RefreshToken = &v
|
||||||
|
return s
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetScope sets the Scope field's value.
|
||||||
|
func (s *CreateTokenWithIAMOutput) SetScope(v []*string) *CreateTokenWithIAMOutput {
|
||||||
|
s.Scope = v
|
||||||
|
return s
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetTokenType sets the TokenType field's value.
|
||||||
|
func (s *CreateTokenWithIAMOutput) SetTokenType(v string) *CreateTokenWithIAMOutput {
|
||||||
|
s.TokenType = &v
|
||||||
|
return s
|
||||||
|
}
|
||||||
|
|
||||||
// Indicates that the token issued by the service is expired and is no longer
|
// Indicates that the token issued by the service is expired and is no longer
|
||||||
// valid.
|
// valid.
|
||||||
type ExpiredTokenException struct {
|
type ExpiredTokenException struct {
|
||||||
_ struct{} `type:"structure"`
|
_ struct{} `type:"structure"`
|
||||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||||
|
|
||||||
|
// Single error code. For this exception the value will be expired_token.
|
||||||
Error_ *string `locationName:"error" type:"string"`
|
Error_ *string `locationName:"error" type:"string"`
|
||||||
|
|
||||||
|
// Human-readable text providing additional information, used to assist the
|
||||||
|
// client developer in understanding the error that occurred.
|
||||||
Error_description *string `locationName:"error_description" type:"string"`
|
Error_description *string `locationName:"error_description" type:"string"`
|
||||||
|
|
||||||
Message_ *string `locationName:"message" type:"string"`
|
Message_ *string `locationName:"message" type:"string"`
|
||||||
|
@ -756,8 +1212,11 @@ type InternalServerException struct {
|
||||||
_ struct{} `type:"structure"`
|
_ struct{} `type:"structure"`
|
||||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||||
|
|
||||||
|
// Single error code. For this exception the value will be server_error.
|
||||||
Error_ *string `locationName:"error" type:"string"`
|
Error_ *string `locationName:"error" type:"string"`
|
||||||
|
|
||||||
|
// Human-readable text providing additional information, used to assist the
|
||||||
|
// client developer in understanding the error that occurred.
|
||||||
Error_description *string `locationName:"error_description" type:"string"`
|
Error_description *string `locationName:"error_description" type:"string"`
|
||||||
|
|
||||||
Message_ *string `locationName:"message" type:"string"`
|
Message_ *string `locationName:"message" type:"string"`
|
||||||
|
@ -826,8 +1285,11 @@ type InvalidClientException struct {
|
||||||
_ struct{} `type:"structure"`
|
_ struct{} `type:"structure"`
|
||||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||||
|
|
||||||
|
// Single error code. For this exception the value will be invalid_client.
|
||||||
Error_ *string `locationName:"error" type:"string"`
|
Error_ *string `locationName:"error" type:"string"`
|
||||||
|
|
||||||
|
// Human-readable text providing additional information, used to assist the
|
||||||
|
// client developer in understanding the error that occurred.
|
||||||
Error_description *string `locationName:"error_description" type:"string"`
|
Error_description *string `locationName:"error_description" type:"string"`
|
||||||
|
|
||||||
Message_ *string `locationName:"message" type:"string"`
|
Message_ *string `locationName:"message" type:"string"`
|
||||||
|
@ -895,8 +1357,11 @@ type InvalidClientMetadataException struct {
|
||||||
_ struct{} `type:"structure"`
|
_ struct{} `type:"structure"`
|
||||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||||
|
|
||||||
|
// Single error code. For this exception the value will be invalid_client_metadata.
|
||||||
Error_ *string `locationName:"error" type:"string"`
|
Error_ *string `locationName:"error" type:"string"`
|
||||||
|
|
||||||
|
// Human-readable text providing additional information, used to assist the
|
||||||
|
// client developer in understanding the error that occurred.
|
||||||
Error_description *string `locationName:"error_description" type:"string"`
|
Error_description *string `locationName:"error_description" type:"string"`
|
||||||
|
|
||||||
Message_ *string `locationName:"message" type:"string"`
|
Message_ *string `locationName:"message" type:"string"`
|
||||||
|
@ -964,8 +1429,11 @@ type InvalidGrantException struct {
|
||||||
_ struct{} `type:"structure"`
|
_ struct{} `type:"structure"`
|
||||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||||
|
|
||||||
|
// Single error code. For this exception the value will be invalid_grant.
|
||||||
Error_ *string `locationName:"error" type:"string"`
|
Error_ *string `locationName:"error" type:"string"`
|
||||||
|
|
||||||
|
// Human-readable text providing additional information, used to assist the
|
||||||
|
// client developer in understanding the error that occurred.
|
||||||
Error_description *string `locationName:"error_description" type:"string"`
|
Error_description *string `locationName:"error_description" type:"string"`
|
||||||
|
|
||||||
Message_ *string `locationName:"message" type:"string"`
|
Message_ *string `locationName:"message" type:"string"`
|
||||||
|
@ -1033,8 +1501,11 @@ type InvalidRequestException struct {
|
||||||
_ struct{} `type:"structure"`
|
_ struct{} `type:"structure"`
|
||||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||||
|
|
||||||
|
// Single error code. For this exception the value will be invalid_request.
|
||||||
Error_ *string `locationName:"error" type:"string"`
|
Error_ *string `locationName:"error" type:"string"`
|
||||||
|
|
||||||
|
// Human-readable text providing additional information, used to assist the
|
||||||
|
// client developer in understanding the error that occurred.
|
||||||
Error_description *string `locationName:"error_description" type:"string"`
|
Error_description *string `locationName:"error_description" type:"string"`
|
||||||
|
|
||||||
Message_ *string `locationName:"message" type:"string"`
|
Message_ *string `locationName:"message" type:"string"`
|
||||||
|
@ -1096,13 +1567,95 @@ func (s *InvalidRequestException) RequestID() string {
|
||||||
return s.RespMetadata.RequestID
|
return s.RespMetadata.RequestID
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Indicates that a token provided as input to the request was issued by and
|
||||||
|
// is only usable by calling IAM Identity Center endpoints in another region.
|
||||||
|
type InvalidRequestRegionException struct {
|
||||||
|
_ struct{} `type:"structure"`
|
||||||
|
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||||
|
|
||||||
|
// Indicates the IAM Identity Center endpoint which the requester may call with
|
||||||
|
// this token.
|
||||||
|
Endpoint *string `locationName:"endpoint" type:"string"`
|
||||||
|
|
||||||
|
// Single error code. For this exception the value will be invalid_request.
|
||||||
|
Error_ *string `locationName:"error" type:"string"`
|
||||||
|
|
||||||
|
// Human-readable text providing additional information, used to assist the
|
||||||
|
// client developer in understanding the error that occurred.
|
||||||
|
Error_description *string `locationName:"error_description" type:"string"`
|
||||||
|
|
||||||
|
Message_ *string `locationName:"message" type:"string"`
|
||||||
|
|
||||||
|
// Indicates the region which the requester may call with this token.
|
||||||
|
Region *string `locationName:"region" type:"string"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// String returns the string representation.
|
||||||
|
//
|
||||||
|
// API parameter values that are decorated as "sensitive" in the API will not
|
||||||
|
// be included in the string output. The member name will be present, but the
|
||||||
|
// value will be replaced with "sensitive".
|
||||||
|
func (s InvalidRequestRegionException) String() string {
|
||||||
|
return awsutil.Prettify(s)
|
||||||
|
}
|
||||||
|
|
||||||
|
// GoString returns the string representation.
|
||||||
|
//
|
||||||
|
// API parameter values that are decorated as "sensitive" in the API will not
|
||||||
|
// be included in the string output. The member name will be present, but the
|
||||||
|
// value will be replaced with "sensitive".
|
||||||
|
func (s InvalidRequestRegionException) GoString() string {
|
||||||
|
return s.String()
|
||||||
|
}
|
||||||
|
|
||||||
|
func newErrorInvalidRequestRegionException(v protocol.ResponseMetadata) error {
|
||||||
|
return &InvalidRequestRegionException{
|
||||||
|
RespMetadata: v,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Code returns the exception type name.
|
||||||
|
func (s *InvalidRequestRegionException) Code() string {
|
||||||
|
return "InvalidRequestRegionException"
|
||||||
|
}
|
||||||
|
|
||||||
|
// Message returns the exception's message.
|
||||||
|
func (s *InvalidRequestRegionException) Message() string {
|
||||||
|
if s.Message_ != nil {
|
||||||
|
return *s.Message_
|
||||||
|
}
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
|
// OrigErr always returns nil, satisfies awserr.Error interface.
|
||||||
|
func (s *InvalidRequestRegionException) OrigErr() error {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (s *InvalidRequestRegionException) Error() string {
|
||||||
|
return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
|
||||||
|
}
|
||||||
|
|
||||||
|
// Status code returns the HTTP status code for the request's response error.
|
||||||
|
func (s *InvalidRequestRegionException) StatusCode() int {
|
||||||
|
return s.RespMetadata.StatusCode
|
||||||
|
}
|
||||||
|
|
||||||
|
// RequestID returns the service's response RequestID for request.
|
||||||
|
func (s *InvalidRequestRegionException) RequestID() string {
|
||||||
|
return s.RespMetadata.RequestID
|
||||||
|
}
|
||||||
|
|
||||||
// Indicates that the scope provided in the request is invalid.
|
// Indicates that the scope provided in the request is invalid.
|
||||||
type InvalidScopeException struct {
|
type InvalidScopeException struct {
|
||||||
_ struct{} `type:"structure"`
|
_ struct{} `type:"structure"`
|
||||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||||
|
|
||||||
|
// Single error code. For this exception the value will be invalid_scope.
|
||||||
Error_ *string `locationName:"error" type:"string"`
|
Error_ *string `locationName:"error" type:"string"`
|
||||||
|
|
||||||
|
// Human-readable text providing additional information, used to assist the
|
||||||
|
// client developer in understanding the error that occurred.
|
||||||
Error_description *string `locationName:"error_description" type:"string"`
|
Error_description *string `locationName:"error_description" type:"string"`
|
||||||
|
|
||||||
Message_ *string `locationName:"message" type:"string"`
|
Message_ *string `locationName:"message" type:"string"`
|
||||||
|
@ -1238,7 +1791,7 @@ func (s *RegisterClientInput) SetScopes(v []*string) *RegisterClientInput {
|
||||||
type RegisterClientOutput struct {
|
type RegisterClientOutput struct {
|
||||||
_ struct{} `type:"structure"`
|
_ struct{} `type:"structure"`
|
||||||
|
|
||||||
// The endpoint where the client can request authorization.
|
// An endpoint that the client can use to request authorization.
|
||||||
AuthorizationEndpoint *string `locationName:"authorizationEndpoint" type:"string"`
|
AuthorizationEndpoint *string `locationName:"authorizationEndpoint" type:"string"`
|
||||||
|
|
||||||
// The unique identifier string for each client. This client uses this identifier
|
// The unique identifier string for each client. This client uses this identifier
|
||||||
|
@ -1250,12 +1803,16 @@ type RegisterClientOutput struct {
|
||||||
|
|
||||||
// A secret string generated for the client. The client will use this string
|
// A secret string generated for the client. The client will use this string
|
||||||
// to get authenticated by the service in subsequent calls.
|
// to get authenticated by the service in subsequent calls.
|
||||||
ClientSecret *string `locationName:"clientSecret" type:"string"`
|
//
|
||||||
|
// ClientSecret is a sensitive parameter and its value will be
|
||||||
|
// replaced with "sensitive" in string returned by RegisterClientOutput's
|
||||||
|
// String and GoString methods.
|
||||||
|
ClientSecret *string `locationName:"clientSecret" type:"string" sensitive:"true"`
|
||||||
|
|
||||||
// Indicates the time at which the clientId and clientSecret will become invalid.
|
// Indicates the time at which the clientId and clientSecret will become invalid.
|
||||||
ClientSecretExpiresAt *int64 `locationName:"clientSecretExpiresAt" type:"long"`
|
ClientSecretExpiresAt *int64 `locationName:"clientSecretExpiresAt" type:"long"`
|
||||||
|
|
||||||
// The endpoint where the client can get an access token.
|
// An endpoint that the client can use to create tokens.
|
||||||
TokenEndpoint *string `locationName:"tokenEndpoint" type:"string"`
|
TokenEndpoint *string `locationName:"tokenEndpoint" type:"string"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1319,8 +1876,11 @@ type SlowDownException struct {
|
||||||
_ struct{} `type:"structure"`
|
_ struct{} `type:"structure"`
|
||||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||||
|
|
||||||
|
// Single error code. For this exception the value will be slow_down.
|
||||||
Error_ *string `locationName:"error" type:"string"`
|
Error_ *string `locationName:"error" type:"string"`
|
||||||
|
|
||||||
|
// Human-readable text providing additional information, used to assist the
|
||||||
|
// client developer in understanding the error that occurred.
|
||||||
Error_description *string `locationName:"error_description" type:"string"`
|
Error_description *string `locationName:"error_description" type:"string"`
|
||||||
|
|
||||||
Message_ *string `locationName:"message" type:"string"`
|
Message_ *string `locationName:"message" type:"string"`
|
||||||
|
@ -1395,11 +1955,15 @@ type StartDeviceAuthorizationInput struct {
|
||||||
// A secret string that is generated for the client. This value should come
|
// A secret string that is generated for the client. This value should come
|
||||||
// from the persisted result of the RegisterClient API operation.
|
// from the persisted result of the RegisterClient API operation.
|
||||||
//
|
//
|
||||||
|
// ClientSecret is a sensitive parameter and its value will be
|
||||||
|
// replaced with "sensitive" in string returned by StartDeviceAuthorizationInput's
|
||||||
|
// String and GoString methods.
|
||||||
|
//
|
||||||
// ClientSecret is a required field
|
// ClientSecret is a required field
|
||||||
ClientSecret *string `locationName:"clientSecret" type:"string" required:"true"`
|
ClientSecret *string `locationName:"clientSecret" type:"string" required:"true" sensitive:"true"`
|
||||||
|
|
||||||
// The URL for the AWS access portal. For more information, see Using the AWS
|
// The URL for the Amazon Web Services access portal. For more information,
|
||||||
// access portal (https://docs.aws.amazon.com/singlesignon/latest/userguide/using-the-portal.html)
|
// see Using the Amazon Web Services access portal (https://docs.aws.amazon.com/singlesignon/latest/userguide/using-the-portal.html)
|
||||||
// in the IAM Identity Center User Guide.
|
// in the IAM Identity Center User Guide.
|
||||||
//
|
//
|
||||||
// StartUrl is a required field
|
// StartUrl is a required field
|
||||||
|
@ -1550,8 +2114,11 @@ type UnauthorizedClientException struct {
|
||||||
_ struct{} `type:"structure"`
|
_ struct{} `type:"structure"`
|
||||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||||
|
|
||||||
|
// Single error code. For this exception the value will be unauthorized_client.
|
||||||
Error_ *string `locationName:"error" type:"string"`
|
Error_ *string `locationName:"error" type:"string"`
|
||||||
|
|
||||||
|
// Human-readable text providing additional information, used to assist the
|
||||||
|
// client developer in understanding the error that occurred.
|
||||||
Error_description *string `locationName:"error_description" type:"string"`
|
Error_description *string `locationName:"error_description" type:"string"`
|
||||||
|
|
||||||
Message_ *string `locationName:"message" type:"string"`
|
Message_ *string `locationName:"message" type:"string"`
|
||||||
|
@ -1618,8 +2185,11 @@ type UnsupportedGrantTypeException struct {
|
||||||
_ struct{} `type:"structure"`
|
_ struct{} `type:"structure"`
|
||||||
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
|
||||||
|
|
||||||
|
// Single error code. For this exception the value will be unsupported_grant_type.
|
||||||
Error_ *string `locationName:"error" type:"string"`
|
Error_ *string `locationName:"error" type:"string"`
|
||||||
|
|
||||||
|
// Human-readable text providing additional information, used to assist the
|
||||||
|
// client developer in understanding the error that occurred.
|
||||||
Error_description *string `locationName:"error_description" type:"string"`
|
Error_description *string `locationName:"error_description" type:"string"`
|
||||||
|
|
||||||
Message_ *string `locationName:"message" type:"string"`
|
Message_ *string `locationName:"message" type:"string"`
|
||||||
|
|
39
vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go
generated
vendored
39
vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go
generated
vendored
|
@ -3,15 +3,13 @@
|
||||||
// Package ssooidc provides the client and types for making API
|
// Package ssooidc provides the client and types for making API
|
||||||
// requests to AWS SSO OIDC.
|
// requests to AWS SSO OIDC.
|
||||||
//
|
//
|
||||||
// AWS IAM Identity Center (successor to AWS Single Sign-On) OpenID Connect
|
// IAM Identity Center OpenID Connect (OIDC) is a web service that enables a
|
||||||
// (OIDC) is a web service that enables a client (such as AWS CLI or a native
|
// client (such as CLI or a native application) to register with IAM Identity
|
||||||
// application) to register with IAM Identity Center. The service also enables
|
// Center. The service also enables the client to fetch the user’s access
|
||||||
// the client to fetch the user’s access token upon successful authentication
|
// token upon successful authentication and authorization with IAM Identity
|
||||||
// and authorization with IAM Identity Center.
|
// Center.
|
||||||
//
|
//
|
||||||
// Although AWS Single Sign-On was renamed, the sso and identitystore API namespaces
|
// IAM Identity Center uses the sso and identitystore API namespaces.
|
||||||
// will continue to retain their original name for backward compatibility purposes.
|
|
||||||
// For more information, see IAM Identity Center rename (https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html#renamed).
|
|
||||||
//
|
//
|
||||||
// # Considerations for Using This Guide
|
// # Considerations for Using This Guide
|
||||||
//
|
//
|
||||||
|
@ -22,21 +20,24 @@
|
||||||
// - The IAM Identity Center OIDC service currently implements only the portions
|
// - The IAM Identity Center OIDC service currently implements only the portions
|
||||||
// of the OAuth 2.0 Device Authorization Grant standard (https://tools.ietf.org/html/rfc8628
|
// of the OAuth 2.0 Device Authorization Grant standard (https://tools.ietf.org/html/rfc8628
|
||||||
// (https://tools.ietf.org/html/rfc8628)) that are necessary to enable single
|
// (https://tools.ietf.org/html/rfc8628)) that are necessary to enable single
|
||||||
// sign-on authentication with the AWS CLI. Support for other OIDC flows
|
// sign-on authentication with the CLI.
|
||||||
// frequently needed for native applications, such as Authorization Code
|
|
||||||
// Flow (+ PKCE), will be addressed in future releases.
|
|
||||||
//
|
//
|
||||||
// - The service emits only OIDC access tokens, such that obtaining a new
|
// - With older versions of the CLI, the service only emits OIDC access tokens,
|
||||||
// token (For example, token refresh) requires explicit user re-authentication.
|
// so to obtain a new token, users must explicitly re-authenticate. To access
|
||||||
|
// the OIDC flow that supports token refresh and doesn’t require re-authentication,
|
||||||
|
// update to the latest CLI version (1.27.10 for CLI V1 and 2.9.0 for CLI
|
||||||
|
// V2) with support for OIDC token refresh and configurable IAM Identity
|
||||||
|
// Center session durations. For more information, see Configure Amazon Web
|
||||||
|
// Services access portal session duration (https://docs.aws.amazon.com/singlesignon/latest/userguide/configure-user-session.html).
|
||||||
//
|
//
|
||||||
// - The access tokens provided by this service grant access to all AWS account
|
// - The access tokens provided by this service grant access to all Amazon
|
||||||
// entitlements assigned to an IAM Identity Center user, not just a particular
|
// Web Services account entitlements assigned to an IAM Identity Center user,
|
||||||
// application.
|
// not just a particular application.
|
||||||
//
|
//
|
||||||
// - The documentation in this guide does not describe the mechanism to convert
|
// - The documentation in this guide does not describe the mechanism to convert
|
||||||
// the access token into AWS Auth (“sigv4”) credentials for use with
|
// the access token into Amazon Web Services Auth (“sigv4”) credentials
|
||||||
// IAM-protected AWS service endpoints. For more information, see GetRoleCredentials
|
// for use with IAM-protected Amazon Web Services service endpoints. For
|
||||||
// (https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html)
|
// more information, see GetRoleCredentials (https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html)
|
||||||
// in the IAM Identity Center Portal API Reference Guide.
|
// in the IAM Identity Center Portal API Reference Guide.
|
||||||
//
|
//
|
||||||
// For general information about IAM Identity Center, see What is IAM Identity
|
// For general information about IAM Identity Center, see What is IAM Identity
|
||||||
|
|
8
vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go
generated
vendored
8
vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go
generated
vendored
|
@ -64,6 +64,13 @@ const (
|
||||||
// a required parameter might be missing or out of range.
|
// a required parameter might be missing or out of range.
|
||||||
ErrCodeInvalidRequestException = "InvalidRequestException"
|
ErrCodeInvalidRequestException = "InvalidRequestException"
|
||||||
|
|
||||||
|
// ErrCodeInvalidRequestRegionException for service response error code
|
||||||
|
// "InvalidRequestRegionException".
|
||||||
|
//
|
||||||
|
// Indicates that a token provided as input to the request was issued by and
|
||||||
|
// is only usable by calling IAM Identity Center endpoints in another region.
|
||||||
|
ErrCodeInvalidRequestRegionException = "InvalidRequestRegionException"
|
||||||
|
|
||||||
// ErrCodeInvalidScopeException for service response error code
|
// ErrCodeInvalidScopeException for service response error code
|
||||||
// "InvalidScopeException".
|
// "InvalidScopeException".
|
||||||
//
|
//
|
||||||
|
@ -100,6 +107,7 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{
|
||||||
"InvalidClientMetadataException": newErrorInvalidClientMetadataException,
|
"InvalidClientMetadataException": newErrorInvalidClientMetadataException,
|
||||||
"InvalidGrantException": newErrorInvalidGrantException,
|
"InvalidGrantException": newErrorInvalidGrantException,
|
||||||
"InvalidRequestException": newErrorInvalidRequestException,
|
"InvalidRequestException": newErrorInvalidRequestException,
|
||||||
|
"InvalidRequestRegionException": newErrorInvalidRequestRegionException,
|
||||||
"InvalidScopeException": newErrorInvalidScopeException,
|
"InvalidScopeException": newErrorInvalidScopeException,
|
||||||
"SlowDownException": newErrorSlowDownException,
|
"SlowDownException": newErrorSlowDownException,
|
||||||
"UnauthorizedClientException": newErrorUnauthorizedClientException,
|
"UnauthorizedClientException": newErrorUnauthorizedClientException,
|
||||||
|
|
2
vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go
generated
vendored
|
@ -51,7 +51,7 @@ const (
|
||||||
func New(p client.ConfigProvider, cfgs ...*aws.Config) *SSOOIDC {
|
func New(p client.ConfigProvider, cfgs ...*aws.Config) *SSOOIDC {
|
||||||
c := p.ClientConfig(EndpointsID, cfgs...)
|
c := p.ClientConfig(EndpointsID, cfgs...)
|
||||||
if c.SigningNameDerived || len(c.SigningName) == 0 {
|
if c.SigningNameDerived || len(c.SigningName) == 0 {
|
||||||
c.SigningName = "awsssooidc"
|
c.SigningName = "sso-oauth"
|
||||||
}
|
}
|
||||||
return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName, c.ResolvedRegion)
|
return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName, c.ResolvedRegion)
|
||||||
}
|
}
|
||||||
|
|
20
vendor/github.com/aws/aws-sdk-go/service/sts/api.go
generated
vendored
20
vendor/github.com/aws/aws-sdk-go/service/sts/api.go
generated
vendored
|
@ -1460,7 +1460,15 @@ type AssumeRoleInput struct {
|
||||||
// in the IAM User Guide.
|
// in the IAM User Guide.
|
||||||
PolicyArns []*PolicyDescriptorType `type:"list"`
|
PolicyArns []*PolicyDescriptorType `type:"list"`
|
||||||
|
|
||||||
// Reserved for future use.
|
// A list of previously acquired trusted context assertions in the format of
|
||||||
|
// a JSON array. The trusted context assertion is signed and encrypted by Amazon
|
||||||
|
// Web Services STS.
|
||||||
|
//
|
||||||
|
// The following is an example of a ProvidedContext value that includes a single
|
||||||
|
// trusted context assertion and the ARN of the context provider from which
|
||||||
|
// the trusted context assertion was generated.
|
||||||
|
//
|
||||||
|
// [{"ProviderArn":"arn:aws:iam::aws:contextProvider/IdentityCenter","ContextAssertion":"trusted-context-assertion"}]
|
||||||
ProvidedContexts []*ProvidedContext `type:"list"`
|
ProvidedContexts []*ProvidedContext `type:"list"`
|
||||||
|
|
||||||
// The Amazon Resource Name (ARN) of the role to assume.
|
// The Amazon Resource Name (ARN) of the role to assume.
|
||||||
|
@ -3405,14 +3413,18 @@ func (s *PolicyDescriptorType) SetArn(v string) *PolicyDescriptorType {
|
||||||
return s
|
return s
|
||||||
}
|
}
|
||||||
|
|
||||||
// Reserved for future use.
|
// Contains information about the provided context. This includes the signed
|
||||||
|
// and encrypted trusted context assertion and the context provider ARN from
|
||||||
|
// which the trusted context assertion was generated.
|
||||||
type ProvidedContext struct {
|
type ProvidedContext struct {
|
||||||
_ struct{} `type:"structure"`
|
_ struct{} `type:"structure"`
|
||||||
|
|
||||||
// Reserved for future use.
|
// The signed and encrypted trusted context assertion generated by the context
|
||||||
|
// provider. The trusted context assertion is signed and encrypted by Amazon
|
||||||
|
// Web Services STS.
|
||||||
ContextAssertion *string `min:"4" type:"string"`
|
ContextAssertion *string `min:"4" type:"string"`
|
||||||
|
|
||||||
// Reserved for future use.
|
// The context provider ARN from which the trusted context assertion was generated.
|
||||||
ProviderArn *string `min:"20" type:"string"`
|
ProviderArn *string `min:"20" type:"string"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
4
vendor/modules.txt
vendored
4
vendor/modules.txt
vendored
|
@ -91,8 +91,8 @@ github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/options
|
||||||
github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/shared
|
github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/shared
|
||||||
github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/version
|
github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/version
|
||||||
github.com/AzureAD/microsoft-authentication-library-for-go/apps/public
|
github.com/AzureAD/microsoft-authentication-library-for-go/apps/public
|
||||||
# github.com/aws/aws-sdk-go v1.44.325
|
# github.com/aws/aws-sdk-go v1.48.10
|
||||||
## explicit; go 1.11
|
## explicit; go 1.19
|
||||||
github.com/aws/aws-sdk-go/aws
|
github.com/aws/aws-sdk-go/aws
|
||||||
github.com/aws/aws-sdk-go/aws/arn
|
github.com/aws/aws-sdk-go/aws/arn
|
||||||
github.com/aws/aws-sdk-go/aws/auth/bearer
|
github.com/aws/aws-sdk-go/aws/auth/bearer
|
||||||
|
|
Loading…
Reference in a new issue