Commit b76f6a02 authored by Trevor Pounds's avatar Trevor Pounds

Update Godeps to aws-sdk-go v0.9.9.

parent 82363356
...@@ -30,58 +30,53 @@ ...@@ -30,58 +30,53 @@
}, },
{ {
"ImportPath": "github.com/aws/aws-sdk-go/aws", "ImportPath": "github.com/aws/aws-sdk-go/aws",
"Comment": "v0.6.0-7-gcea3a42", "Comment": "v0.9.9",
"Rev": "cea3a425fc2d887d102e406ec2f8b37a57abd82f" "Rev": "c4ae871ffc03691a7b039fa751a1e7afee56e920"
},
{
"ImportPath": "github.com/aws/aws-sdk-go/internal/apierr",
"Comment": "v0.6.0-7-gcea3a42",
"Rev": "cea3a425fc2d887d102e406ec2f8b37a57abd82f"
}, },
{ {
"ImportPath": "github.com/aws/aws-sdk-go/internal/endpoints", "ImportPath": "github.com/aws/aws-sdk-go/internal/endpoints",
"Comment": "v0.6.0-7-gcea3a42", "Comment": "v0.9.9",
"Rev": "cea3a425fc2d887d102e406ec2f8b37a57abd82f" "Rev": "c4ae871ffc03691a7b039fa751a1e7afee56e920"
}, },
{ {
"ImportPath": "github.com/aws/aws-sdk-go/internal/protocol/ec2query", "ImportPath": "github.com/aws/aws-sdk-go/internal/protocol/ec2query",
"Comment": "v0.6.0-7-gcea3a42", "Comment": "v0.9.9",
"Rev": "cea3a425fc2d887d102e406ec2f8b37a57abd82f" "Rev": "c4ae871ffc03691a7b039fa751a1e7afee56e920"
}, },
{ {
"ImportPath": "github.com/aws/aws-sdk-go/internal/protocol/query", "ImportPath": "github.com/aws/aws-sdk-go/internal/protocol/query",
"Comment": "v0.6.0-7-gcea3a42", "Comment": "v0.9.9",
"Rev": "cea3a425fc2d887d102e406ec2f8b37a57abd82f" "Rev": "c4ae871ffc03691a7b039fa751a1e7afee56e920"
}, },
{ {
"ImportPath": "github.com/aws/aws-sdk-go/internal/protocol/rest", "ImportPath": "github.com/aws/aws-sdk-go/internal/protocol/rest",
"Comment": "v0.6.0-7-gcea3a42", "Comment": "v0.9.9",
"Rev": "cea3a425fc2d887d102e406ec2f8b37a57abd82f" "Rev": "c4ae871ffc03691a7b039fa751a1e7afee56e920"
}, },
{ {
"ImportPath": "github.com/aws/aws-sdk-go/internal/protocol/xml/xmlutil", "ImportPath": "github.com/aws/aws-sdk-go/internal/protocol/xml/xmlutil",
"Comment": "v0.6.0-7-gcea3a42", "Comment": "v0.9.9",
"Rev": "cea3a425fc2d887d102e406ec2f8b37a57abd82f" "Rev": "c4ae871ffc03691a7b039fa751a1e7afee56e920"
}, },
{ {
"ImportPath": "github.com/aws/aws-sdk-go/internal/signer/v4", "ImportPath": "github.com/aws/aws-sdk-go/internal/signer/v4",
"Comment": "v0.6.0-7-gcea3a42", "Comment": "v0.9.9",
"Rev": "cea3a425fc2d887d102e406ec2f8b37a57abd82f" "Rev": "c4ae871ffc03691a7b039fa751a1e7afee56e920"
}, },
{ {
"ImportPath": "github.com/aws/aws-sdk-go/service/autoscaling", "ImportPath": "github.com/aws/aws-sdk-go/service/autoscaling",
"Comment": "v0.6.0-7-gcea3a42", "Comment": "v0.9.9",
"Rev": "cea3a425fc2d887d102e406ec2f8b37a57abd82f" "Rev": "c4ae871ffc03691a7b039fa751a1e7afee56e920"
}, },
{ {
"ImportPath": "github.com/aws/aws-sdk-go/service/ec2", "ImportPath": "github.com/aws/aws-sdk-go/service/ec2",
"Comment": "v0.6.0-7-gcea3a42", "Comment": "v0.9.9",
"Rev": "cea3a425fc2d887d102e406ec2f8b37a57abd82f" "Rev": "c4ae871ffc03691a7b039fa751a1e7afee56e920"
}, },
{ {
"ImportPath": "github.com/aws/aws-sdk-go/service/elb", "ImportPath": "github.com/aws/aws-sdk-go/service/elb",
"Comment": "v0.6.0-7-gcea3a42", "Comment": "v0.9.9",
"Rev": "cea3a425fc2d887d102e406ec2f8b37a57abd82f" "Rev": "c4ae871ffc03691a7b039fa751a1e7afee56e920"
}, },
{ {
"ImportPath": "github.com/beorn7/perks/quantile", "ImportPath": "github.com/beorn7/perks/quantile",
......
...@@ -10,23 +10,23 @@ package awserr ...@@ -10,23 +10,23 @@ package awserr
// //
// Example: // Example:
// //
// output, err := s3manage.Upload(svc, input, opts) // output, err := s3manage.Upload(svc, input, opts)
// if err != nil { // if err != nil {
// if awsErr, ok := err.(awserr.Error); ok { // if awsErr, ok := err.(awserr.Error); ok {
// // Get error details // // Get error details
// log.Println("Error:", err.Code(), err.Message()) // log.Println("Error:", err.Code(), err.Message())
// //
// Prints out full error message, including original error if there was one. // // Prints out full error message, including original error if there was one.
// log.Println("Error:", err.Error()) // log.Println("Error:", err.Error())
// //
// // Get original error // // Get original error
// if origErr := err.Err(); origErr != nil { // if origErr := err.Err(); origErr != nil {
// // operate on original error. // // operate on original error.
// } // }
// } else { // } else {
// fmt.Println(err.Error()) // fmt.Println(err.Error())
// } // }
// } // }
// //
type Error interface { type Error interface {
// Satisfy the generic error interface. // Satisfy the generic error interface.
...@@ -42,6 +42,17 @@ type Error interface { ...@@ -42,6 +42,17 @@ type Error interface {
OrigErr() error OrigErr() error
} }
// New returns an Error object described by the code, message, and origErr.
//
// If origErr satisfies the Error interface it will not be wrapped within a new
// Error object and will instead be returned.
func New(code, message string, origErr error) Error {
if e, ok := origErr.(Error); ok && e != nil {
return e
}
return newBaseError(code, message, origErr)
}
// A RequestFailure is an interface to extract request failure information from // A RequestFailure is an interface to extract request failure information from
// an Error such as the request ID of the failed request returned by a service. // an Error such as the request ID of the failed request returned by a service.
// RequestFailures may not always have a requestID value if the request failed // RequestFailures may not always have a requestID value if the request failed
...@@ -86,3 +97,9 @@ type RequestFailure interface { ...@@ -86,3 +97,9 @@ type RequestFailure interface {
// to a connection error. // to a connection error.
RequestID() string RequestID() string
} }
// NewRequestFailure returns a new request error wrapper for the given Error
// provided.
func NewRequestFailure(err Error, statusCode int, reqID string) RequestFailure {
return newRequestError(err, statusCode, reqID)
}
// Package apierr represents API error types. package awserr
package apierr
import "fmt" import "fmt"
// A BaseError wraps the code and message which defines an error. It also // SprintError returns a string of the formatted error code.
//
// Both extra and origErr are optional. If they are included their lines
// will be added, but if they are not included their lines will be ignored.
func SprintError(code, message, extra string, origErr error) string {
msg := fmt.Sprintf("%s: %s", code, message)
if extra != "" {
msg = fmt.Sprintf("%s\n\t%s", msg, extra)
}
if origErr != nil {
msg = fmt.Sprintf("%s\ncaused by: %s", msg, origErr.Error())
}
return msg
}
// A baseError wraps the code and message which defines an error. It also
// can be used to wrap an original error object. // can be used to wrap an original error object.
// //
// Should be used as the root for errors satisfying the awserr.Error. Also // Should be used as the root for errors satisfying the awserr.Error. Also
// for any error which does not fit into a specific error wrapper type. // for any error which does not fit into a specific error wrapper type.
type BaseError struct { type baseError struct {
// Classification of error // Classification of error
code string code string
...@@ -20,7 +34,7 @@ type BaseError struct { ...@@ -20,7 +34,7 @@ type BaseError struct {
origErr error origErr error
} }
// New returns an error object for the code, message, and err. // newBaseError returns an error object for the code, message, and err.
// //
// code is a short no whitespace phrase depicting the classification of // code is a short no whitespace phrase depicting the classification of
// the error that is being created. // the error that is being created.
...@@ -28,8 +42,8 @@ type BaseError struct { ...@@ -28,8 +42,8 @@ type BaseError struct {
// message is the free flow string containing detailed information about the error. // message is the free flow string containing detailed information about the error.
// //
// origErr is the error object which will be nested under the new error to be returned. // origErr is the error object which will be nested under the new error to be returned.
func New(code, message string, origErr error) *BaseError { func newBaseError(code, message string, origErr error) *baseError {
return &BaseError{ return &baseError{
code: code, code: code,
message: message, message: message,
origErr: origErr, origErr: origErr,
...@@ -41,75 +55,56 @@ func New(code, message string, origErr error) *BaseError { ...@@ -41,75 +55,56 @@ func New(code, message string, origErr error) *BaseError {
// See ErrorWithExtra for formatting. // See ErrorWithExtra for formatting.
// //
// Satisfies the error interface. // Satisfies the error interface.
func (b *BaseError) Error() string { func (b baseError) Error() string {
return b.ErrorWithExtra("") return SprintError(b.code, b.message, "", b.origErr)
} }
// String returns the string representation of the error. // String returns the string representation of the error.
// Alias for Error to satisfy the stringer interface. // Alias for Error to satisfy the stringer interface.
func (b *BaseError) String() string { func (b baseError) String() string {
return b.Error() return b.Error()
} }
// Code returns the short phrase depicting the classification of the error. // Code returns the short phrase depicting the classification of the error.
func (b *BaseError) Code() string { func (b baseError) Code() string {
return b.code return b.code
} }
// Message returns the error details message. // Message returns the error details message.
func (b *BaseError) Message() string { func (b baseError) Message() string {
return b.message return b.message
} }
// OrigErr returns the original error if one was set. Nil is returned if no error // OrigErr returns the original error if one was set. Nil is returned if no error
// was set. // was set.
func (b *BaseError) OrigErr() error { func (b baseError) OrigErr() error {
return b.origErr return b.origErr
} }
// ErrorWithExtra is a helper method to add an extra string to the stratified // So that the Error interface type can be included as an anonymous field
// error message. The extra message will be added on the next line below the // in the requestError struct and not conflict with the error.Error() method.
// error message like the following: type awsError Error
//
// <error code>: <error message>
// <extra message>
//
// If there is a original error the error will be included on a new line.
//
// <error code>: <error message>
// <extra message>
// caused by: <original error>
func (b *BaseError) ErrorWithExtra(extra string) string {
msg := fmt.Sprintf("%s: %s", b.code, b.message)
if extra != "" {
msg = fmt.Sprintf("%s\n\t%s", msg, extra)
}
if b.origErr != nil {
msg = fmt.Sprintf("%s\ncaused by: %s", msg, b.origErr.Error())
}
return msg
}
// A RequestError wraps a request or service error. // A requestError wraps a request or service error.
// //
// Composed of BaseError for code, message, and original error. // Composed of baseError for code, message, and original error.
type RequestError struct { type requestError struct {
*BaseError awsError
statusCode int statusCode int
requestID string requestID string
} }
// NewRequestError returns a wrapped error with additional information for request // newRequestError returns a wrapped error with additional information for request
// status code, and service requestID. // status code, and service requestID.
// //
// Should be used to wrap all request which involve service requests. Even if // Should be used to wrap all request which involve service requests. Even if
// the request failed without a service response, but had an HTTP status code // the request failed without a service response, but had an HTTP status code
// that may be meaningful. // that may be meaningful.
// //
// Also wraps original errors via the BaseError. // Also wraps original errors via the baseError.
func NewRequestError(base *BaseError, statusCode int, requestID string) *RequestError { func newRequestError(err Error, statusCode int, requestID string) *requestError {
return &RequestError{ return &requestError{
BaseError: base, awsError: err,
statusCode: statusCode, statusCode: statusCode,
requestID: requestID, requestID: requestID,
} }
...@@ -117,23 +112,24 @@ func NewRequestError(base *BaseError, statusCode int, requestID string) *Request ...@@ -117,23 +112,24 @@ func NewRequestError(base *BaseError, statusCode int, requestID string) *Request
// Error returns the string representation of the error. // Error returns the string representation of the error.
// Satisfies the error interface. // Satisfies the error interface.
func (r *RequestError) Error() string { func (r requestError) Error() string {
return r.ErrorWithExtra(fmt.Sprintf("status code: %d, request id: [%s]", extra := fmt.Sprintf("status code: %d, request id: %s",
r.statusCode, r.requestID)) r.statusCode, r.requestID)
return SprintError(r.Code(), r.Message(), extra, r.OrigErr())
} }
// String returns the string representation of the error. // String returns the string representation of the error.
// Alias for Error to satisfy the stringer interface. // Alias for Error to satisfy the stringer interface.
func (r *RequestError) String() string { func (r requestError) String() string {
return r.Error() return r.Error()
} }
// StatusCode returns the wrapped status code for the error // StatusCode returns the wrapped status code for the error
func (r *RequestError) StatusCode() int { func (r requestError) StatusCode() int {
return r.statusCode return r.statusCode
} }
// RequestID returns the wrapped requestID // RequestID returns the wrapped requestID
func (r *RequestError) RequestID() string { func (r requestError) RequestID() string {
return r.requestID return r.requestID
} }
...@@ -70,12 +70,20 @@ func rcopy(dst, src reflect.Value, root bool) { ...@@ -70,12 +70,20 @@ func rcopy(dst, src reflect.Value, root bool) {
} }
} }
case reflect.Slice: case reflect.Slice:
if src.IsNil() {
break
}
s := reflect.MakeSlice(src.Type(), src.Len(), src.Cap()) s := reflect.MakeSlice(src.Type(), src.Len(), src.Cap())
dst.Set(s) dst.Set(s)
for i := 0; i < src.Len(); i++ { for i := 0; i < src.Len(); i++ {
rcopy(dst.Index(i), src.Index(i), false) rcopy(dst.Index(i), src.Index(i), false)
} }
case reflect.Map: case reflect.Map:
if src.IsNil() {
break
}
s := reflect.MakeMap(src.Type()) s := reflect.MakeMap(src.Type())
dst.Set(s) dst.Set(s)
for _, k := range src.MapKeys() { for _, k := range src.MapKeys() {
......
...@@ -27,7 +27,7 @@ func ExampleCopy() { ...@@ -27,7 +27,7 @@ func ExampleCopy() {
awsutil.Copy(&f2, f1) awsutil.Copy(&f2, f1)
// Print the result // Print the result
fmt.Println(awsutil.StringValue(f2)) fmt.Println(awsutil.Prettify(f2))
// Output: // Output:
// { // {
...@@ -80,18 +80,26 @@ func TestCopy(t *testing.T) { ...@@ -80,18 +80,26 @@ func TestCopy(t *testing.T) {
func TestCopyIgnoreNilMembers(t *testing.T) { func TestCopyIgnoreNilMembers(t *testing.T) {
type Foo struct { type Foo struct {
A *string A *string
B []string
C map[string]string
} }
f := &Foo{} f := &Foo{}
assert.Nil(t, f.A) assert.Nil(t, f.A)
assert.Nil(t, f.B)
assert.Nil(t, f.C)
var f2 Foo var f2 Foo
awsutil.Copy(&f2, f) awsutil.Copy(&f2, f)
assert.Nil(t, f2.A) assert.Nil(t, f2.A)
assert.Nil(t, f2.B)
assert.Nil(t, f2.C)
fcopy := awsutil.CopyOf(f) fcopy := awsutil.CopyOf(f)
f3 := fcopy.(*Foo) f3 := fcopy.(*Foo)
assert.Nil(t, f3.A) assert.Nil(t, f3.A)
assert.Nil(t, f3.B)
assert.Nil(t, f3.C)
} }
func TestCopyPrimitive(t *testing.T) { func TestCopyPrimitive(t *testing.T) {
...@@ -183,7 +191,7 @@ func ExampleCopyOf() { ...@@ -183,7 +191,7 @@ func ExampleCopyOf() {
var f2 *Foo = v.(*Foo) var f2 *Foo = v.(*Foo)
// Print the result // Print the result
fmt.Println(awsutil.StringValue(f2)) fmt.Println(awsutil.Prettify(f2))
// Output: // Output:
// { // {
......
...@@ -81,6 +81,12 @@ func rValuesAtPath(v interface{}, path string, create bool, caseSensitive bool) ...@@ -81,6 +81,12 @@ func rValuesAtPath(v interface{}, path string, create bool, caseSensitive bool)
value = reflect.Indirect(value) value = reflect.Indirect(value)
} }
if value.Kind() == reflect.Slice || value.Kind() == reflect.Map {
if !create && value.IsNil() {
value = reflect.ValueOf(nil)
}
}
if value.IsValid() { if value.IsValid() {
nextvals = append(nextvals, value) nextvals = append(nextvals, value)
} }
...@@ -118,6 +124,12 @@ func rValuesAtPath(v interface{}, path string, create bool, caseSensitive bool) ...@@ -118,6 +124,12 @@ func rValuesAtPath(v interface{}, path string, create bool, caseSensitive bool)
} }
value = reflect.Indirect(value.Index(i)) value = reflect.Indirect(value.Index(i))
if value.Kind() == reflect.Slice || value.Kind() == reflect.Map {
if !create && value.IsNil() {
value = reflect.ValueOf(nil)
}
}
if value.IsValid() { if value.IsValid() {
nextvals = append(nextvals, value) nextvals = append(nextvals, value)
} }
......
...@@ -16,8 +16,8 @@ type Struct struct { ...@@ -16,8 +16,8 @@ type Struct struct {
} }
var data = Struct{ var data = Struct{
A: []Struct{Struct{C: "value1"}, Struct{C: "value2"}, Struct{C: "value3"}}, A: []Struct{{C: "value1"}, {C: "value2"}, {C: "value3"}},
z: []Struct{Struct{C: "value1"}, Struct{C: "value2"}, Struct{C: "value3"}}, z: []Struct{{C: "value1"}, {C: "value2"}, {C: "value3"}},
B: &Struct{B: &Struct{C: "terminal"}, D: &Struct{C: "terminal2"}}, B: &Struct{B: &Struct{C: "terminal"}, D: &Struct{C: "terminal2"}},
C: "initial", C: "initial",
} }
...@@ -44,6 +44,7 @@ func TestValueAtPathFailure(t *testing.T) { ...@@ -44,6 +44,7 @@ func TestValueAtPathFailure(t *testing.T) {
assert.Equal(t, []interface{}{}, awsutil.ValuesAtPath(data, "B.B.C.Z")) assert.Equal(t, []interface{}{}, awsutil.ValuesAtPath(data, "B.B.C.Z"))
assert.Equal(t, []interface{}(nil), awsutil.ValuesAtPath(data, "z[-1].C")) assert.Equal(t, []interface{}(nil), awsutil.ValuesAtPath(data, "z[-1].C"))
assert.Equal(t, []interface{}{}, awsutil.ValuesAtPath(nil, "A.B.C")) assert.Equal(t, []interface{}{}, awsutil.ValuesAtPath(nil, "A.B.C"))
assert.Equal(t, []interface{}{}, awsutil.ValuesAtPath(Struct{}, "A"))
} }
func TestSetValueAtPathSuccess(t *testing.T) { func TestSetValueAtPathSuccess(t *testing.T) {
...@@ -62,4 +63,6 @@ func TestSetValueAtPathSuccess(t *testing.T) { ...@@ -62,4 +63,6 @@ func TestSetValueAtPathSuccess(t *testing.T) {
var s2 Struct var s2 Struct
awsutil.SetValueAtAnyPath(&s2, "b.b.c", "test0") awsutil.SetValueAtAnyPath(&s2, "b.b.c", "test0")
assert.Equal(t, "test0", s2.B.B.C) assert.Equal(t, "test0", s2.B.B.C)
awsutil.SetValueAtAnyPath(&s2, "A", []Struct{{}})
assert.Equal(t, []Struct{{}}, s2.A)
} }
...@@ -8,16 +8,16 @@ import ( ...@@ -8,16 +8,16 @@ import (
"strings" "strings"
) )
// StringValue returns the string representation of a value. // Prettify returns the string representation of a value.
func StringValue(i interface{}) string { func Prettify(i interface{}) string {
var buf bytes.Buffer var buf bytes.Buffer
stringValue(reflect.ValueOf(i), 0, &buf) prettify(reflect.ValueOf(i), 0, &buf)
return buf.String() return buf.String()
} }
// stringValue will recursively walk value v to build a textual // prettify will recursively walk value v to build a textual
// representation of the value. // representation of the value.
func stringValue(v reflect.Value, indent int, buf *bytes.Buffer) { func prettify(v reflect.Value, indent int, buf *bytes.Buffer) {
for v.Kind() == reflect.Ptr { for v.Kind() == reflect.Ptr {
v = v.Elem() v = v.Elem()
} }
...@@ -52,7 +52,7 @@ func stringValue(v reflect.Value, indent int, buf *bytes.Buffer) { ...@@ -52,7 +52,7 @@ func stringValue(v reflect.Value, indent int, buf *bytes.Buffer) {
val := v.FieldByName(n) val := v.FieldByName(n)
buf.WriteString(strings.Repeat(" ", indent+2)) buf.WriteString(strings.Repeat(" ", indent+2))
buf.WriteString(n + ": ") buf.WriteString(n + ": ")
stringValue(val, indent+2, buf) prettify(val, indent+2, buf)
if i < len(names)-1 { if i < len(names)-1 {
buf.WriteString(",\n") buf.WriteString(",\n")
...@@ -68,7 +68,7 @@ func stringValue(v reflect.Value, indent int, buf *bytes.Buffer) { ...@@ -68,7 +68,7 @@ func stringValue(v reflect.Value, indent int, buf *bytes.Buffer) {
buf.WriteString("[" + nl) buf.WriteString("[" + nl)
for i := 0; i < v.Len(); i++ { for i := 0; i < v.Len(); i++ {
buf.WriteString(id2) buf.WriteString(id2)
stringValue(v.Index(i), indent+2, buf) prettify(v.Index(i), indent+2, buf)
if i < v.Len()-1 { if i < v.Len()-1 {
buf.WriteString("," + nl) buf.WriteString("," + nl)
...@@ -82,7 +82,7 @@ func stringValue(v reflect.Value, indent int, buf *bytes.Buffer) { ...@@ -82,7 +82,7 @@ func stringValue(v reflect.Value, indent int, buf *bytes.Buffer) {
for i, k := range v.MapKeys() { for i, k := range v.MapKeys() {
buf.WriteString(strings.Repeat(" ", indent+2)) buf.WriteString(strings.Repeat(" ", indent+2))
buf.WriteString(k.String() + ": ") buf.WriteString(k.String() + ": ")
stringValue(v.MapIndex(k), indent+2, buf) prettify(v.MapIndex(k), indent+2, buf)
if i < v.Len()-1 { if i < v.Len()-1 {
buf.WriteString(",\n") buf.WriteString(",\n")
......
package aws
import (
"net/http"
"reflect"
"testing"
"github.com/aws/aws-sdk-go/aws/credentials"
)
var testCredentials = credentials.NewStaticCredentials("AKID", "SECRET", "SESSION")
var copyTestConfig = Config{
Credentials: testCredentials,
Endpoint: String("CopyTestEndpoint"),
Region: String("COPY_TEST_AWS_REGION"),
DisableSSL: Bool(true),
HTTPClient: http.DefaultClient,
LogLevel: LogLevel(LogDebug),
Logger: NewDefaultLogger(),
MaxRetries: Int(DefaultRetries),
DisableParamValidation: Bool(true),
DisableComputeChecksums: Bool(true),
S3ForcePathStyle: Bool(true),
}
func TestCopy(t *testing.T) {
want := copyTestConfig
got := copyTestConfig.Copy()
if !reflect.DeepEqual(*got, want) {
t.Errorf("Copy() = %+v", got)
t.Errorf(" want %+v", want)
}
}
func TestCopyReturnsNewInstance(t *testing.T) {
want := copyTestConfig
got := copyTestConfig.Copy()
if got == &want {
t.Errorf("Copy() = %p; want different instance as source %p", got, &want)
}
}
var mergeTestZeroValueConfig = Config{}
var mergeTestConfig = Config{
Credentials: testCredentials,
Endpoint: String("MergeTestEndpoint"),
Region: String("MERGE_TEST_AWS_REGION"),
DisableSSL: Bool(true),
HTTPClient: http.DefaultClient,
LogLevel: LogLevel(LogDebug),
Logger: NewDefaultLogger(),
MaxRetries: Int(10),
DisableParamValidation: Bool(true),
DisableComputeChecksums: Bool(true),
S3ForcePathStyle: Bool(true),
}
var mergeTests = []struct {
cfg *Config
in *Config
want *Config
}{
{&Config{}, nil, &Config{}},
{&Config{}, &mergeTestZeroValueConfig, &Config{}},
{&Config{}, &mergeTestConfig, &mergeTestConfig},
}
func TestMerge(t *testing.T) {
for i, tt := range mergeTests {
got := tt.cfg.Merge(tt.in)
if !reflect.DeepEqual(got, tt.want) {
t.Errorf("Config %d %+v", i, tt.cfg)
t.Errorf(" Merge(%+v)", tt.in)
t.Errorf(" got %+v", got)
t.Errorf(" want %+v", tt.want)
}
}
}
package aws
import "time"
// String returns a pointer to of the string value passed in.
func String(v string) *string {
return &v
}
// StringValue returns the value of the string pointer passed in or
// "" if the pointer is nil.
func StringValue(v *string) string {
if v != nil {
return *v
}
return ""
}
// StringSlice converts a slice of string values into a slice of
// string pointers
func StringSlice(src []string) []*string {
dst := make([]*string, len(src))
for i := 0; i < len(src); i++ {
dst[i] = &(src[i])
}
return dst
}
// StringValueSlice converts a slice of string pointers into a slice of
// string values
func StringValueSlice(src []*string) []string {
dst := make([]string, len(src))
for i := 0; i < len(src); i++ {
if src[i] != nil {
dst[i] = *(src[i])
}
}
return dst
}
// StringMap converts a string map of string values into a string
// map of string pointers
func StringMap(src map[string]string) map[string]*string {
dst := make(map[string]*string)
for k, val := range src {
v := val
dst[k] = &v
}
return dst
}
// StringValueMap converts a string map of string pointers into a string
// map of string values
func StringValueMap(src map[string]*string) map[string]string {
dst := make(map[string]string)
for k, val := range src {
if val != nil {
dst[k] = *val
}
}
return dst
}
// Bool returns a pointer to of the bool value passed in.
func Bool(v bool) *bool {
return &v
}
// BoolValue returns the value of the bool pointer passed in or
// false if the pointer is nil.
func BoolValue(v *bool) bool {
if v != nil {
return *v
}
return false
}
// BoolSlice converts a slice of bool values into a slice of
// bool pointers
func BoolSlice(src []bool) []*bool {
dst := make([]*bool, len(src))
for i := 0; i < len(src); i++ {
dst[i] = &(src[i])
}
return dst
}
// BoolValueSlice converts a slice of bool pointers into a slice of
// bool values
func BoolValueSlice(src []*bool) []bool {
dst := make([]bool, len(src))
for i := 0; i < len(src); i++ {
if src[i] != nil {
dst[i] = *(src[i])
}
}
return dst
}
// BoolMap converts a string map of bool values into a string
// map of bool pointers
func BoolMap(src map[string]bool) map[string]*bool {
dst := make(map[string]*bool)
for k, val := range src {
v := val
dst[k] = &v
}
return dst
}
// BoolValueMap converts a string map of bool pointers into a string
// map of bool values
func BoolValueMap(src map[string]*bool) map[string]bool {
dst := make(map[string]bool)
for k, val := range src {
if val != nil {
dst[k] = *val
}
}
return dst
}
// Int returns a pointer to of the int value passed in.
func Int(v int) *int {
return &v
}
// IntValue returns the value of the int pointer passed in or
// 0 if the pointer is nil.
func IntValue(v *int) int {
if v != nil {
return *v
}
return 0
}
// IntSlice converts a slice of int values into a slice of
// int pointers
func IntSlice(src []int) []*int {
dst := make([]*int, len(src))
for i := 0; i < len(src); i++ {
dst[i] = &(src[i])
}
return dst
}
// IntValueSlice converts a slice of int pointers into a slice of
// int values
func IntValueSlice(src []*int) []int {
dst := make([]int, len(src))
for i := 0; i < len(src); i++ {
if src[i] != nil {
dst[i] = *(src[i])
}
}
return dst
}
// IntMap converts a string map of int values into a string
// map of int pointers
func IntMap(src map[string]int) map[string]*int {
dst := make(map[string]*int)
for k, val := range src {
v := val
dst[k] = &v
}
return dst
}
// IntValueMap converts a string map of int pointers into a string
// map of int values
func IntValueMap(src map[string]*int) map[string]int {
dst := make(map[string]int)
for k, val := range src {
if val != nil {
dst[k] = *val
}
}
return dst
}
// Int64 returns a pointer to of the int64 value passed in.
func Int64(v int64) *int64 {
return &v
}
// Int64Value returns the value of the int64 pointer passed in or
// 0 if the pointer is nil.
func Int64Value(v *int64) int64 {
if v != nil {
return *v
}
return 0
}
// Int64Slice converts a slice of int64 values into a slice of
// int64 pointers
func Int64Slice(src []int64) []*int64 {
dst := make([]*int64, len(src))
for i := 0; i < len(src); i++ {
dst[i] = &(src[i])
}
return dst
}
// Int64ValueSlice converts a slice of int64 pointers into a slice of
// int64 values
func Int64ValueSlice(src []*int64) []int64 {
dst := make([]int64, len(src))
for i := 0; i < len(src); i++ {
if src[i] != nil {
dst[i] = *(src[i])
}
}
return dst
}
// Int64Map converts a string map of int64 values into a string
// map of int64 pointers
func Int64Map(src map[string]int64) map[string]*int64 {
dst := make(map[string]*int64)
for k, val := range src {
v := val
dst[k] = &v
}
return dst
}
// Int64ValueMap converts a string map of int64 pointers into a string
// map of int64 values
func Int64ValueMap(src map[string]*int64) map[string]int64 {
dst := make(map[string]int64)
for k, val := range src {
if val != nil {
dst[k] = *val
}
}
return dst
}
// Float64 returns a pointer to of the float64 value passed in.
func Float64(v float64) *float64 {
return &v
}
// Float64Value returns the value of the float64 pointer passed in or
// 0 if the pointer is nil.
func Float64Value(v *float64) float64 {
if v != nil {
return *v
}
return 0
}
// Float64Slice converts a slice of float64 values into a slice of
// float64 pointers
func Float64Slice(src []float64) []*float64 {
dst := make([]*float64, len(src))
for i := 0; i < len(src); i++ {
dst[i] = &(src[i])
}
return dst
}
// Float64ValueSlice converts a slice of float64 pointers into a slice of
// float64 values
func Float64ValueSlice(src []*float64) []float64 {
dst := make([]float64, len(src))
for i := 0; i < len(src); i++ {
if src[i] != nil {
dst[i] = *(src[i])
}
}
return dst
}
// Float64Map converts a string map of float64 values into a string
// map of float64 pointers
func Float64Map(src map[string]float64) map[string]*float64 {
dst := make(map[string]*float64)
for k, val := range src {
v := val
dst[k] = &v
}
return dst
}
// Float64ValueMap converts a string map of float64 pointers into a string
// map of float64 values
func Float64ValueMap(src map[string]*float64) map[string]float64 {
dst := make(map[string]float64)
for k, val := range src {
if val != nil {
dst[k] = *val
}
}
return dst
}
// Time returns a pointer to of the time.Time value passed in.
func Time(v time.Time) *time.Time {
return &v
}
// TimeValue returns the value of the time.Time pointer passed in or
// time.Time{} if the pointer is nil.
func TimeValue(v *time.Time) time.Time {
if v != nil {
return *v
}
return time.Time{}
}
// TimeSlice converts a slice of time.Time values into a slice of
// time.Time pointers
func TimeSlice(src []time.Time) []*time.Time {
dst := make([]*time.Time, len(src))
for i := 0; i < len(src); i++ {
dst[i] = &(src[i])
}
return dst
}
// TimeValueSlice converts a slice of time.Time pointers into a slice of
// time.Time values
func TimeValueSlice(src []*time.Time) []time.Time {
dst := make([]time.Time, len(src))
for i := 0; i < len(src); i++ {
if src[i] != nil {
dst[i] = *(src[i])
}
}
return dst
}
// TimeMap converts a string map of time.Time values into a string
// map of time.Time pointers
func TimeMap(src map[string]time.Time) map[string]*time.Time {
dst := make(map[string]*time.Time)
for k, val := range src {
v := val
dst[k] = &v
}
return dst
}
// TimeValueMap converts a string map of time.Time pointers into a string
// map of time.Time values
func TimeValueMap(src map[string]*time.Time) map[string]time.Time {
dst := make(map[string]time.Time)
for k, val := range src {
if val != nil {
dst[k] = *val
}
}
return dst
}
package aws package corehandlers
import ( import (
"bytes" "bytes"
...@@ -9,16 +9,12 @@ import ( ...@@ -9,16 +9,12 @@ import (
"net/url" "net/url"
"regexp" "regexp"
"strconv" "strconv"
"time"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/internal/apierr" "github.com/aws/aws-sdk-go/aws/request"
) )
var sleepDelay = func(delay time.Duration) {
time.Sleep(delay)
}
// Interface for matching types which also have a Len method. // Interface for matching types which also have a Len method.
type lener interface { type lener interface {
Len() int Len() int
...@@ -27,7 +23,7 @@ type lener interface { ...@@ -27,7 +23,7 @@ type lener interface {
// BuildContentLength builds the content length of a request based on the body, // BuildContentLength builds the content length of a request based on the body,
// or will use the HTTPRequest.Header's "Content-Length" if defined. If unable // or will use the HTTPRequest.Header's "Content-Length" if defined. If unable
// to determine request body length and no "Content-Length" was specified it will panic. // to determine request body length and no "Content-Length" was specified it will panic.
func BuildContentLength(r *Request) { var BuildContentLengthHandler = request.NamedHandler{"core.BuildContentLengthHandler", func(r *request.Request) {
if slength := r.HTTPRequest.Header.Get("Content-Length"); slength != "" { if slength := r.HTTPRequest.Header.Get("Content-Length"); slength != "" {
length, _ := strconv.ParseInt(slength, 10, 64) length, _ := strconv.ParseInt(slength, 10, 64)
r.HTTPRequest.ContentLength = length r.HTTPRequest.ContentLength = length
...@@ -41,27 +37,27 @@ func BuildContentLength(r *Request) { ...@@ -41,27 +37,27 @@ func BuildContentLength(r *Request) {
case lener: case lener:
length = int64(body.Len()) length = int64(body.Len())
case io.Seeker: case io.Seeker:
r.bodyStart, _ = body.Seek(0, 1) r.BodyStart, _ = body.Seek(0, 1)
end, _ := body.Seek(0, 2) end, _ := body.Seek(0, 2)
body.Seek(r.bodyStart, 0) // make sure to seek back to original location body.Seek(r.BodyStart, 0) // make sure to seek back to original location
length = end - r.bodyStart length = end - r.BodyStart
default: default:
panic("Cannot get length of body, must provide `ContentLength`") panic("Cannot get length of body, must provide `ContentLength`")
} }
r.HTTPRequest.ContentLength = length r.HTTPRequest.ContentLength = length
r.HTTPRequest.Header.Set("Content-Length", fmt.Sprintf("%d", length)) r.HTTPRequest.Header.Set("Content-Length", fmt.Sprintf("%d", length))
} }}
// UserAgentHandler is a request handler for injecting User agent into requests. // UserAgentHandler is a request handler for injecting User agent into requests.
func UserAgentHandler(r *Request) { var UserAgentHandler = request.NamedHandler{"core.UserAgentHandler", func(r *request.Request) {
r.HTTPRequest.Header.Set("User-Agent", SDKName+"/"+SDKVersion) r.HTTPRequest.Header.Set("User-Agent", aws.SDKName+"/"+aws.SDKVersion)
} }}
var reStatusCode = regexp.MustCompile(`^(\d+)`) var reStatusCode = regexp.MustCompile(`^(\d{3})`)
// SendHandler is a request handler to send service request using HTTP client. // SendHandler is a request handler to send service request using HTTP client.
func SendHandler(r *Request) { var SendHandler = request.NamedHandler{"core.SendHandler", func(r *request.Request) {
var err error var err error
r.HTTPResponse, err = r.Service.Config.HTTPClient.Do(r.HTTPRequest) r.HTTPResponse, err = r.Service.Config.HTTPClient.Do(r.HTTPRequest)
if err != nil { if err != nil {
...@@ -69,8 +65,8 @@ func SendHandler(r *Request) { ...@@ -69,8 +65,8 @@ func SendHandler(r *Request) {
// response. e.g. 301 without location header comes back as string // response. e.g. 301 without location header comes back as string
// error and r.HTTPResponse is nil. Other url redirect errors will // error and r.HTTPResponse is nil. Other url redirect errors will
// comeback in a similar method. // comeback in a similar method.
if e, ok := err.(*url.Error); ok { if e, ok := err.(*url.Error); ok && e.Err != nil {
if s := reStatusCode.FindStringSubmatch(e.Error()); s != nil { if s := reStatusCode.FindStringSubmatch(e.Err.Error()); s != nil {
code, _ := strconv.ParseInt(s[1], 10, 64) code, _ := strconv.ParseInt(s[1], 10, 64)
r.HTTPResponse = &http.Response{ r.HTTPResponse = &http.Response{
StatusCode: int(code), StatusCode: int(code),
...@@ -80,68 +76,61 @@ func SendHandler(r *Request) { ...@@ -80,68 +76,61 @@ func SendHandler(r *Request) {
return return
} }
} }
if r.HTTPResponse == nil {
// Add a dummy request response object to ensure the HTTPResponse
// value is consistent.
r.HTTPResponse = &http.Response{
StatusCode: int(0),
Status: http.StatusText(int(0)),
Body: ioutil.NopCloser(bytes.NewReader([]byte{})),
}
}
// Catch all other request errors. // Catch all other request errors.
r.Error = apierr.New("RequestError", "send request failed", err) r.Error = awserr.New("RequestError", "send request failed", err)
r.Retryable.Set(true) // network errors are retryable r.Retryable = aws.Bool(true) // network errors are retryable
} }
} }}
// ValidateResponseHandler is a request handler to validate service response. // ValidateResponseHandler is a request handler to validate service response.
func ValidateResponseHandler(r *Request) { var ValidateResponseHandler = request.NamedHandler{"core.ValidateResponseHandler", func(r *request.Request) {
if r.HTTPResponse.StatusCode == 0 || r.HTTPResponse.StatusCode >= 300 { if r.HTTPResponse.StatusCode == 0 || r.HTTPResponse.StatusCode >= 300 {
// this may be replaced by an UnmarshalError handler // this may be replaced by an UnmarshalError handler
r.Error = apierr.New("UnknownError", "unknown error", nil) r.Error = awserr.New("UnknownError", "unknown error", nil)
} }
} }}
// AfterRetryHandler performs final checks to determine if the request should // AfterRetryHandler performs final checks to determine if the request should
// be retried and how long to delay. // be retried and how long to delay.
func AfterRetryHandler(r *Request) { var AfterRetryHandler = request.NamedHandler{"core.AfterRetryHandler", func(r *request.Request) {
// If one of the other handlers already set the retry state // If one of the other handlers already set the retry state
// we don't want to override it based on the service's state // we don't want to override it based on the service's state
if !r.Retryable.IsSet() { if r.Retryable == nil {
r.Retryable.Set(r.Service.ShouldRetry(r)) r.Retryable = aws.Bool(r.ShouldRetry(r))
} }
if r.WillRetry() { if r.WillRetry() {
r.RetryDelay = r.Service.RetryRules(r) r.RetryDelay = r.RetryRules(r)
sleepDelay(r.RetryDelay) r.Service.Config.SleepDelay(r.RetryDelay)
// when the expired token exception occurs the credentials // when the expired token exception occurs the credentials
// need to be expired locally so that the next request to // need to be expired locally so that the next request to
// get credentials will trigger a credentials refresh. // get credentials will trigger a credentials refresh.
if r.Error != nil { if r.IsErrorExpired() {
if err, ok := r.Error.(awserr.Error); ok { r.Service.Config.Credentials.Expire()
if isCodeExpiredCreds(err.Code()) {
r.Config.Credentials.Expire()
// The credentials will need to be resigned with new credentials
r.signed = false
}
}
} }
r.RetryCount++ r.RetryCount++
r.Error = nil r.Error = nil
} }
} }}
var (
// ErrMissingRegion is an error that is returned if region configuration is
// not found.
ErrMissingRegion error = apierr.New("MissingRegion", "could not find region configuration", nil)
// ErrMissingEndpoint is an error that is returned if an endpoint cannot be
// resolved for a service.
ErrMissingEndpoint error = apierr.New("MissingEndpoint", "'Endpoint' configuration is required for this service", nil)
)
// ValidateEndpointHandler is a request handler to validate a request had the // ValidateEndpointHandler is a request handler to validate a request had the
// appropriate Region and Endpoint set. Will set r.Error if the endpoint or // appropriate Region and Endpoint set. Will set r.Error if the endpoint or
// region is not valid. // region is not valid.
func ValidateEndpointHandler(r *Request) { var ValidateEndpointHandler = request.NamedHandler{"core.ValidateEndpointHandler", func(r *request.Request) {
if r.Service.SigningRegion == "" && r.Service.Config.Region == "" { if r.Service.SigningRegion == "" && aws.StringValue(r.Service.Config.Region) == "" {
r.Error = ErrMissingRegion r.Error = aws.ErrMissingRegion
} else if r.Service.Endpoint == "" { } else if r.Service.Endpoint == "" {
r.Error = ErrMissingEndpoint r.Error = aws.ErrMissingEndpoint
} }
} }}
package aws package corehandlers_test
import ( import (
"fmt"
"net/http" "net/http"
"os" "os"
"testing" "testing"
"github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/internal/apierr"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/corehandlers"
"github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/aws/service"
) )
func TestValidateEndpointHandler(t *testing.T) { func TestValidateEndpointHandler(t *testing.T) {
os.Clearenv() os.Clearenv()
svc := NewService(&Config{Region: "us-west-2"}) svc := service.New(aws.NewConfig().WithRegion("us-west-2"))
svc.Handlers.Clear() svc.Handlers.Clear()
svc.Handlers.Validate.PushBack(ValidateEndpointHandler) svc.Handlers.Validate.PushBackNamed(corehandlers.ValidateEndpointHandler)
req := NewRequest(svc, &Operation{Name: "Operation"}, nil, nil) req := svc.NewRequest(&request.Operation{Name: "Operation"}, nil, nil)
err := req.Build() err := req.Build()
assert.NoError(t, err) assert.NoError(t, err)
...@@ -24,24 +30,24 @@ func TestValidateEndpointHandler(t *testing.T) { ...@@ -24,24 +30,24 @@ func TestValidateEndpointHandler(t *testing.T) {
func TestValidateEndpointHandlerErrorRegion(t *testing.T) { func TestValidateEndpointHandlerErrorRegion(t *testing.T) {
os.Clearenv() os.Clearenv()
svc := NewService(nil) svc := service.New(nil)
svc.Handlers.Clear() svc.Handlers.Clear()
svc.Handlers.Validate.PushBack(ValidateEndpointHandler) svc.Handlers.Validate.PushBackNamed(corehandlers.ValidateEndpointHandler)
req := NewRequest(svc, &Operation{Name: "Operation"}, nil, nil) req := svc.NewRequest(&request.Operation{Name: "Operation"}, nil, nil)
err := req.Build() err := req.Build()
assert.Error(t, err) assert.Error(t, err)
assert.Equal(t, ErrMissingRegion, err) assert.Equal(t, aws.ErrMissingRegion, err)
} }
type mockCredsProvider struct { type mockCredsProvider struct {
expired bool expired bool
retreiveCalled bool retrieveCalled bool
} }
func (m *mockCredsProvider) Retrieve() (credentials.Value, error) { func (m *mockCredsProvider) Retrieve() (credentials.Value, error) {
m.retreiveCalled = true m.retrieveCalled = true
return credentials.Value{}, nil return credentials.Value{}, nil
} }
...@@ -52,30 +58,50 @@ func (m *mockCredsProvider) IsExpired() bool { ...@@ -52,30 +58,50 @@ func (m *mockCredsProvider) IsExpired() bool {
func TestAfterRetryRefreshCreds(t *testing.T) { func TestAfterRetryRefreshCreds(t *testing.T) {
os.Clearenv() os.Clearenv()
credProvider := &mockCredsProvider{} credProvider := &mockCredsProvider{}
svc := NewService(&Config{Credentials: credentials.NewCredentials(credProvider), MaxRetries: 1}) svc := service.New(&aws.Config{Credentials: credentials.NewCredentials(credProvider), MaxRetries: aws.Int(1)})
svc.Handlers.Clear() svc.Handlers.Clear()
svc.Handlers.ValidateResponse.PushBack(func(r *Request) { svc.Handlers.ValidateResponse.PushBack(func(r *request.Request) {
r.Error = apierr.New("UnknownError", "", nil) r.Error = awserr.New("UnknownError", "", nil)
r.HTTPResponse = &http.Response{StatusCode: 400} r.HTTPResponse = &http.Response{StatusCode: 400}
}) })
svc.Handlers.UnmarshalError.PushBack(func(r *Request) { svc.Handlers.UnmarshalError.PushBack(func(r *request.Request) {
r.Error = apierr.New("ExpiredTokenException", "", nil) r.Error = awserr.New("ExpiredTokenException", "", nil)
})
svc.Handlers.AfterRetry.PushBack(func(r *Request) {
AfterRetryHandler(r)
}) })
svc.Handlers.AfterRetry.PushBackNamed(corehandlers.AfterRetryHandler)
assert.True(t, svc.Config.Credentials.IsExpired(), "Expect to start out expired") assert.True(t, svc.Config.Credentials.IsExpired(), "Expect to start out expired")
assert.False(t, credProvider.retreiveCalled) assert.False(t, credProvider.retrieveCalled)
req := NewRequest(svc, &Operation{Name: "Operation"}, nil, nil) req := svc.NewRequest(&request.Operation{Name: "Operation"}, nil, nil)
req.Send() req.Send()
assert.True(t, svc.Config.Credentials.IsExpired()) assert.True(t, svc.Config.Credentials.IsExpired())
assert.False(t, credProvider.retreiveCalled) assert.False(t, credProvider.retrieveCalled)
_, err := svc.Config.Credentials.Get() _, err := svc.Config.Credentials.Get()
assert.NoError(t, err) assert.NoError(t, err)
assert.True(t, credProvider.retreiveCalled) assert.True(t, credProvider.retrieveCalled)
}
type testSendHandlerTransport struct{}
func (t *testSendHandlerTransport) RoundTrip(r *http.Request) (*http.Response, error) {
return nil, fmt.Errorf("mock error")
}
func TestSendHandlerError(t *testing.T) {
svc := service.New(&aws.Config{
HTTPClient: &http.Client{
Transport: &testSendHandlerTransport{},
},
})
svc.Handlers.Clear()
svc.Handlers.Send.PushBackNamed(corehandlers.SendHandler)
r := svc.NewRequest(&request.Operation{Name: "Operation"}, nil, nil)
r.Send()
assert.Error(t, r.Error)
assert.NotNil(t, r.HTTPResponse)
} }
package aws package corehandlers
import ( import (
"fmt" "fmt"
"reflect" "reflect"
"strconv"
"strings" "strings"
"github.com/aws/aws-sdk-go/internal/apierr" "github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/request"
) )
// ValidateParameters is a request handler to validate the input parameters. // ValidateParameters is a request handler to validate the input parameters.
// Validating parameters only has meaning if done prior to the request being sent. // Validating parameters only has meaning if done prior to the request being sent.
func ValidateParameters(r *Request) { var ValidateParametersHandler = request.NamedHandler{"core.ValidateParametersHandler", func(r *request.Request) {
if r.ParamsFilled() { if r.ParamsFilled() {
v := validator{errors: []string{}} v := validator{errors: []string{}}
v.validateAny(reflect.ValueOf(r.Params), "") v.validateAny(reflect.ValueOf(r.Params), "")
...@@ -18,10 +20,10 @@ func ValidateParameters(r *Request) { ...@@ -18,10 +20,10 @@ func ValidateParameters(r *Request) {
if count := len(v.errors); count > 0 { if count := len(v.errors); count > 0 {
format := "%d validation errors:\n- %s" format := "%d validation errors:\n- %s"
msg := fmt.Sprintf(format, count, strings.Join(v.errors, "\n- ")) msg := fmt.Sprintf(format, count, strings.Join(v.errors, "\n- "))
r.Error = apierr.New("InvalidParameter", msg, nil) r.Error = awserr.New("InvalidParameter", msg, nil)
} }
} }
} }}
// A validator validates values. Collects validations errors which occurs. // A validator validates values. Collects validations errors which occurs.
type validator struct { type validator struct {
...@@ -65,25 +67,78 @@ func (v *validator) validateStruct(value reflect.Value, path string) { ...@@ -65,25 +67,78 @@ func (v *validator) validateStruct(value reflect.Value, path string) {
} }
fvalue := value.FieldByName(f.Name) fvalue := value.FieldByName(f.Name)
notset := false err := validateField(f, fvalue, validateFieldRequired, validateFieldMin)
if f.Tag.Get("required") != "" { if err != nil {
switch fvalue.Kind() { v.errors = append(v.errors, fmt.Sprintf("%s: %s", err.Error(), path+prefix+f.Name))
case reflect.Ptr, reflect.Slice, reflect.Map: continue
if fvalue.IsNil() { }
notset = true
} v.validateAny(fvalue, path+prefix+f.Name)
default: }
if !fvalue.IsValid() { }
notset = true
} type validatorFunc func(f reflect.StructField, fvalue reflect.Value) error
}
func validateField(f reflect.StructField, fvalue reflect.Value, funcs ...validatorFunc) error {
for _, fn := range funcs {
if err := fn(f, fvalue); err != nil {
return err
}
}
return nil
}
// Validates that a field has a valid value provided for required fields.
func validateFieldRequired(f reflect.StructField, fvalue reflect.Value) error {
if f.Tag.Get("required") == "" {
return nil
}
switch fvalue.Kind() {
case reflect.Ptr, reflect.Slice, reflect.Map:
if fvalue.IsNil() {
return fmt.Errorf("missing required parameter")
}
default:
if !fvalue.IsValid() {
return fmt.Errorf("missing required parameter")
} }
}
return nil
}
if notset { // Validates that if a value is provided for a field, that value must be at
msg := "missing required parameter: " + path + prefix + f.Name // least a minimum length.
v.errors = append(v.errors, msg) func validateFieldMin(f reflect.StructField, fvalue reflect.Value) error {
} else { minStr := f.Tag.Get("min")
v.validateAny(fvalue, path+prefix+f.Name) if minStr == "" {
return nil
}
min, _ := strconv.ParseInt(minStr, 10, 64)
kind := fvalue.Kind()
if kind == reflect.Ptr {
if fvalue.IsNil() {
return nil
} }
fvalue = fvalue.Elem()
}
switch fvalue.Kind() {
case reflect.String:
if int64(fvalue.Len()) < min {
return fmt.Errorf("field too short, minimum length %d", min)
}
case reflect.Slice, reflect.Map:
if fvalue.IsNil() {
return nil
}
if int64(fvalue.Len()) < min {
return fmt.Errorf("field too short, minimum length %d", min)
}
// TODO min can also apply to number minimum value.
} }
return nil
} }
package aws_test package corehandlers_test
import ( import (
"testing" "testing"
"github.com/stretchr/testify/assert"
"github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/awserr"
"github.com/stretchr/testify/assert" "github.com/aws/aws-sdk-go/aws/corehandlers"
"github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/aws/service"
"github.com/aws/aws-sdk-go/aws/service/serviceinfo"
"github.com/stretchr/testify/require"
) )
var service = func() *aws.Service { var testSvc = func() *service.Service {
s := &aws.Service{ s := &service.Service{
Config: &aws.Config{}, ServiceInfo: serviceinfo.ServiceInfo{
ServiceName: "mock-service", Config: &aws.Config{},
APIVersion: "2015-01-01", ServiceName: "mock-service",
APIVersion: "2015-01-01",
},
} }
return s return s
}() }()
...@@ -41,44 +49,86 @@ func TestNoErrors(t *testing.T) { ...@@ -41,44 +49,86 @@ func TestNoErrors(t *testing.T) {
input := &StructShape{ input := &StructShape{
RequiredList: []*ConditionalStructShape{}, RequiredList: []*ConditionalStructShape{},
RequiredMap: map[string]*ConditionalStructShape{ RequiredMap: map[string]*ConditionalStructShape{
"key1": &ConditionalStructShape{Name: aws.String("Name")}, "key1": {Name: aws.String("Name")},
"key2": &ConditionalStructShape{Name: aws.String("Name")}, "key2": {Name: aws.String("Name")},
}, },
RequiredBool: aws.Boolean(true), RequiredBool: aws.Bool(true),
OptionalStruct: &ConditionalStructShape{Name: aws.String("Name")}, OptionalStruct: &ConditionalStructShape{Name: aws.String("Name")},
} }
req := aws.NewRequest(service, &aws.Operation{}, input, nil) req := testSvc.NewRequest(&request.Operation{}, input, nil)
aws.ValidateParameters(req) corehandlers.ValidateParametersHandler.Fn(req)
assert.NoError(t, req.Error) require.NoError(t, req.Error)
} }
func TestMissingRequiredParameters(t *testing.T) { func TestMissingRequiredParameters(t *testing.T) {
input := &StructShape{} input := &StructShape{}
req := aws.NewRequest(service, &aws.Operation{}, input, nil) req := testSvc.NewRequest(&request.Operation{}, input, nil)
aws.ValidateParameters(req) corehandlers.ValidateParametersHandler.Fn(req)
assert.Error(t, req.Error) require.Error(t, req.Error)
assert.Equal(t, "InvalidParameter", req.Error.(awserr.Error).Code()) assert.Equal(t, "InvalidParameter", req.Error.(awserr.Error).Code())
assert.Equal(t, "3 validation errors:\n- missing required parameter: RequiredList\n- missing required parameter: RequiredMap\n- missing required parameter: RequiredBool", req.Error.(awserr.Error).Message()) assert.Equal(t, "3 validation errors:\n- missing required parameter: RequiredList\n- missing required parameter: RequiredMap\n- missing required parameter: RequiredBool", req.Error.(awserr.Error).Message())
} }
func TestNestedMissingRequiredParameters(t *testing.T) { func TestNestedMissingRequiredParameters(t *testing.T) {
input := &StructShape{ input := &StructShape{
RequiredList: []*ConditionalStructShape{&ConditionalStructShape{}}, RequiredList: []*ConditionalStructShape{{}},
RequiredMap: map[string]*ConditionalStructShape{ RequiredMap: map[string]*ConditionalStructShape{
"key1": &ConditionalStructShape{Name: aws.String("Name")}, "key1": {Name: aws.String("Name")},
"key2": &ConditionalStructShape{}, "key2": {},
}, },
RequiredBool: aws.Boolean(true), RequiredBool: aws.Bool(true),
OptionalStruct: &ConditionalStructShape{}, OptionalStruct: &ConditionalStructShape{},
} }
req := aws.NewRequest(service, &aws.Operation{}, input, nil) req := testSvc.NewRequest(&request.Operation{}, input, nil)
aws.ValidateParameters(req) corehandlers.ValidateParametersHandler.Fn(req)
assert.Error(t, req.Error) require.Error(t, req.Error)
assert.Equal(t, "InvalidParameter", req.Error.(awserr.Error).Code()) assert.Equal(t, "InvalidParameter", req.Error.(awserr.Error).Code())
assert.Equal(t, "3 validation errors:\n- missing required parameter: RequiredList[0].Name\n- missing required parameter: RequiredMap[\"key2\"].Name\n- missing required parameter: OptionalStruct.Name", req.Error.(awserr.Error).Message()) assert.Equal(t, "3 validation errors:\n- missing required parameter: RequiredList[0].Name\n- missing required parameter: RequiredMap[\"key2\"].Name\n- missing required parameter: OptionalStruct.Name", req.Error.(awserr.Error).Message())
}
type testInput struct {
StringField string `min:"5"`
PtrStrField *string `min:"2"`
ListField []string `min:"3"`
MapField map[string]string `min:"4"`
}
var testsFieldMin = []struct {
err awserr.Error
in testInput
}{
{
err: awserr.New("InvalidParameter", "1 validation errors:\n- field too short, minimum length 5: StringField", nil),
in: testInput{StringField: "abcd"},
},
{
err: awserr.New("InvalidParameter", "2 validation errors:\n- field too short, minimum length 5: StringField\n- field too short, minimum length 3: ListField", nil),
in: testInput{StringField: "abcd", ListField: []string{"a", "b"}},
},
{
err: awserr.New("InvalidParameter", "3 validation errors:\n- field too short, minimum length 5: StringField\n- field too short, minimum length 3: ListField\n- field too short, minimum length 4: MapField", nil),
in: testInput{StringField: "abcd", ListField: []string{"a", "b"}, MapField: map[string]string{"a": "a", "b": "b"}},
},
{
err: awserr.New("InvalidParameter", "1 validation errors:\n- field too short, minimum length 2: PtrStrField", nil),
in: testInput{StringField: "abcde", PtrStrField: aws.String("v")},
},
{
err: nil,
in: testInput{StringField: "abcde", PtrStrField: aws.String("value"),
ListField: []string{"a", "b", "c"}, MapField: map[string]string{"a": "a", "b": "b", "c": "c", "d": "d"}},
},
}
func TestValidateFieldMinParameter(t *testing.T) {
for i, c := range testsFieldMin {
req := testSvc.NewRequest(&request.Operation{}, &c.in, nil)
corehandlers.ValidateParametersHandler.Fn(req)
require.Equal(t, c.err, req.Error, "%d case failed", i)
}
} }
package credentials package credentials
import ( import (
"github.com/aws/aws-sdk-go/internal/apierr" "github.com/aws/aws-sdk-go/aws/awserr"
) )
var ( var (
// ErrNoValidProvidersFoundInChain Is returned when there are no valid // ErrNoValidProvidersFoundInChain Is returned when there are no valid
// providers in the ChainProvider. // providers in the ChainProvider.
ErrNoValidProvidersFoundInChain = apierr.New("NoCredentialProviders", "no valid providers in chain", nil) //
// @readonly
ErrNoValidProvidersFoundInChain = awserr.New("NoCredentialProviders", "no valid providers in chain", nil)
) )
// A ChainProvider will search for a provider which returns credentials // A ChainProvider will search for a provider which returns credentials
...@@ -36,7 +38,9 @@ var ( ...@@ -36,7 +38,9 @@ var (
// &EnvProvider{}, // &EnvProvider{},
// &EC2RoleProvider{}, // &EC2RoleProvider{},
// }) // })
// creds.Retrieve() //
// // Usage of ChainCredentials with aws.Config
// svc := ec2.New(&aws.Config{Credentials: creds})
// //
type ChainProvider struct { type ChainProvider struct {
Providers []Provider Providers []Provider
......
...@@ -3,15 +3,15 @@ package credentials ...@@ -3,15 +3,15 @@ package credentials
import ( import (
"testing" "testing"
"github.com/aws/aws-sdk-go/internal/apierr" "github.com/aws/aws-sdk-go/aws/awserr"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
func TestChainProviderGet(t *testing.T) { func TestChainProviderGet(t *testing.T) {
p := &ChainProvider{ p := &ChainProvider{
Providers: []Provider{ Providers: []Provider{
&stubProvider{err: apierr.New("FirstError", "first provider error", nil)}, &stubProvider{err: awserr.New("FirstError", "first provider error", nil)},
&stubProvider{err: apierr.New("SecondError", "second provider error", nil)}, &stubProvider{err: awserr.New("SecondError", "second provider error", nil)},
&stubProvider{ &stubProvider{
creds: Value{ creds: Value{
AccessKeyID: "AKID", AccessKeyID: "AKID",
...@@ -62,8 +62,8 @@ func TestChainProviderWithNoProvider(t *testing.T) { ...@@ -62,8 +62,8 @@ func TestChainProviderWithNoProvider(t *testing.T) {
func TestChainProviderWithNoValidProvider(t *testing.T) { func TestChainProviderWithNoValidProvider(t *testing.T) {
p := &ChainProvider{ p := &ChainProvider{
Providers: []Provider{ Providers: []Provider{
&stubProvider{err: apierr.New("FirstError", "first provider error", nil)}, &stubProvider{err: awserr.New("FirstError", "first provider error", nil)},
&stubProvider{err: apierr.New("SecondError", "second provider error", nil)}, &stubProvider{err: awserr.New("SecondError", "second provider error", nil)},
}, },
} }
......
...@@ -63,6 +63,7 @@ import ( ...@@ -63,6 +63,7 @@ import (
// svc := s3.New(&aws.Config{Credentials: AnonymousCredentials}) // svc := s3.New(&aws.Config{Credentials: AnonymousCredentials})
// // Access public S3 buckets. // // Access public S3 buckets.
// //
// @readonly
var AnonymousCredentials = NewStaticCredentials("", "", "") var AnonymousCredentials = NewStaticCredentials("", "", "")
// A Value is the AWS credentials value for individual credential fields. // A Value is the AWS credentials value for individual credential fields.
...@@ -93,6 +94,50 @@ type Provider interface { ...@@ -93,6 +94,50 @@ type Provider interface {
IsExpired() bool IsExpired() bool
} }
// A Expiry provides shared expiration logic to be used by credentials
// providers to implement expiry functionality.
//
// The best method to use this struct is as an anonymous field within the
// provider's struct.
//
// Example:
// type EC2RoleProvider struct {
// Expiry
// ...
// }
type Expiry struct {
// The date/time when to expire on
expiration time.Time
// If set will be used by IsExpired to determine the current time.
// Defaults to time.Now if CurrentTime is not set. Available for testing
// to be able to mock out the current time.
CurrentTime func() time.Time
}
// SetExpiration sets the expiration IsExpired will check when called.
//
// If window is greater than 0 the expiration time will be reduced by the
// window value.
//
// Using a window is helpful to trigger credentials to expire sooner than
// the expiration time given to ensure no requests are made with expired
// tokens.
func (e *Expiry) SetExpiration(expiration time.Time, window time.Duration) {
e.expiration = expiration
if window > 0 {
e.expiration = e.expiration.Add(-window)
}
}
// IsExpired returns if the credentials are expired.
func (e *Expiry) IsExpired() bool {
if e.CurrentTime == nil {
e.CurrentTime = time.Now
}
return e.expiration.Before(e.CurrentTime())
}
// A Credentials provides synchronous safe retrieval of AWS credentials Value. // A Credentials provides synchronous safe retrieval of AWS credentials Value.
// Credentials will cache the credentials value until they expire. Once the value // Credentials will cache the credentials value until they expire. Once the value
// expires the next Get will attempt to retrieve valid credentials. // expires the next Get will attempt to retrieve valid credentials.
...@@ -173,6 +218,3 @@ func (c *Credentials) IsExpired() bool { ...@@ -173,6 +218,3 @@ func (c *Credentials) IsExpired() bool {
func (c *Credentials) isExpired() bool { func (c *Credentials) isExpired() bool {
return c.forceRefresh || c.provider.IsExpired() return c.forceRefresh || c.provider.IsExpired()
} }
// Provide a stub-able time.Now for unit tests so expiry can be tested.
var currentTime = time.Now
...@@ -4,7 +4,6 @@ import ( ...@@ -4,7 +4,6 @@ import (
"testing" "testing"
"github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/internal/apierr"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
...@@ -40,7 +39,7 @@ func TestCredentialsGet(t *testing.T) { ...@@ -40,7 +39,7 @@ func TestCredentialsGet(t *testing.T) {
} }
func TestCredentialsGetWithError(t *testing.T) { func TestCredentialsGetWithError(t *testing.T) {
c := NewCredentials(&stubProvider{err: apierr.New("provider error", "", nil), expired: true}) c := NewCredentials(&stubProvider{err: awserr.New("provider error", "", nil), expired: true})
_, err := c.Get() _, err := c.Get()
assert.Equal(t, "provider error", err.(awserr.Error).Code(), "Expected provider error") assert.Equal(t, "provider error", err.(awserr.Error).Code(), "Expected provider error")
......
package credentials package ec2rolecreds
import ( import (
"bufio" "bufio"
"encoding/json" "encoding/json"
"fmt" "fmt"
"net/http" "path"
"strings"
"time" "time"
"github.com/aws/aws-sdk-go/internal/apierr" "github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/aws/ec2metadata"
) )
const metadataCredentialsEndpoint = "http://169.254.169.254/latest/meta-data/iam/security-credentials/"
// A EC2RoleProvider retrieves credentials from the EC2 service, and keeps track if // A EC2RoleProvider retrieves credentials from the EC2 service, and keeps track if
// those credentials are expired. // those credentials are expired.
// //
// Example how to configure the EC2RoleProvider with custom http Client, Endpoint // Example how to configure the EC2RoleProvider with custom http Client, Endpoint
// or ExpiryWindow // or ExpiryWindow
// //
// p := &credentials.EC2RoleProvider{ // p := &ec2rolecreds.EC2RoleProvider{
// // Pass in a custom timeout to be used when requesting // // Pass in a custom timeout to be used when requesting
// // IAM EC2 Role credentials. // // IAM EC2 Role credentials.
// Client: &http.Client{ // Client: &http.Client{
...@@ -31,13 +32,11 @@ const metadataCredentialsEndpoint = "http://169.254.169.254/latest/meta-data/iam ...@@ -31,13 +32,11 @@ const metadataCredentialsEndpoint = "http://169.254.169.254/latest/meta-data/iam
// // specified the credentials will be expired early // // specified the credentials will be expired early
// ExpiryWindow: 0, // ExpiryWindow: 0,
// } // }
//
type EC2RoleProvider struct { type EC2RoleProvider struct {
// Endpoint must be fully quantified URL credentials.Expiry
Endpoint string
// HTTP client to use when connecting to EC2 service // EC2Metadata client to use when connecting to EC2 metadata service
Client *http.Client Client *ec2metadata.Client
// ExpiryWindow will allow the credentials to trigger refreshing prior to // ExpiryWindow will allow the credentials to trigger refreshing prior to
// the credentials actually expiring. This is beneficial so race conditions // the credentials actually expiring. This is beneficial so race conditions
...@@ -49,12 +48,9 @@ type EC2RoleProvider struct { ...@@ -49,12 +48,9 @@ type EC2RoleProvider struct {
// //
// If ExpiryWindow is 0 or less it will be ignored. // If ExpiryWindow is 0 or less it will be ignored.
ExpiryWindow time.Duration ExpiryWindow time.Duration
// The date/time at which the credentials expire.
expiresOn time.Time
} }
// NewEC2RoleCredentials returns a pointer to a new Credentials object // NewCredentials returns a pointer to a new Credentials object
// wrapping the EC2RoleProvider. // wrapping the EC2RoleProvider.
// //
// Takes a custom http.Client which can be configured for custom handling of // Takes a custom http.Client which can be configured for custom handling of
...@@ -66,9 +62,8 @@ type EC2RoleProvider struct { ...@@ -66,9 +62,8 @@ type EC2RoleProvider struct {
// Window is the expiry window that will be subtracted from the expiry returned // Window is the expiry window that will be subtracted from the expiry returned
// by the role credential request. This is done so that the credentials will // by the role credential request. This is done so that the credentials will
// expire sooner than their actual lifespan. // expire sooner than their actual lifespan.
func NewEC2RoleCredentials(client *http.Client, endpoint string, window time.Duration) *Credentials { func NewCredentials(client *ec2metadata.Client, window time.Duration) *credentials.Credentials {
return NewCredentials(&EC2RoleProvider{ return credentials.NewCredentials(&EC2RoleProvider{
Endpoint: endpoint,
Client: client, Client: client,
ExpiryWindow: window, ExpiryWindow: window,
}) })
...@@ -77,73 +72,67 @@ func NewEC2RoleCredentials(client *http.Client, endpoint string, window time.Dur ...@@ -77,73 +72,67 @@ func NewEC2RoleCredentials(client *http.Client, endpoint string, window time.Dur
// Retrieve retrieves credentials from the EC2 service. // Retrieve retrieves credentials from the EC2 service.
// Error will be returned if the request fails, or unable to extract // Error will be returned if the request fails, or unable to extract
// the desired credentials. // the desired credentials.
func (m *EC2RoleProvider) Retrieve() (Value, error) { func (m *EC2RoleProvider) Retrieve() (credentials.Value, error) {
if m.Client == nil { if m.Client == nil {
m.Client = http.DefaultClient m.Client = ec2metadata.New(nil)
}
if m.Endpoint == "" {
m.Endpoint = metadataCredentialsEndpoint
} }
credsList, err := requestCredList(m.Client, m.Endpoint) credsList, err := requestCredList(m.Client)
if err != nil { if err != nil {
return Value{}, err return credentials.Value{}, err
} }
if len(credsList) == 0 { if len(credsList) == 0 {
return Value{}, apierr.New("EmptyEC2RoleList", "empty EC2 Role list", nil) return credentials.Value{}, awserr.New("EmptyEC2RoleList", "empty EC2 Role list", nil)
} }
credsName := credsList[0] credsName := credsList[0]
roleCreds, err := requestCred(m.Client, m.Endpoint, credsName) roleCreds, err := requestCred(m.Client, credsName)
if err != nil { if err != nil {
return Value{}, err return credentials.Value{}, err
} }
m.expiresOn = roleCreds.Expiration m.SetExpiration(roleCreds.Expiration, m.ExpiryWindow)
if m.ExpiryWindow > 0 {
// Offset based on expiry window if set.
m.expiresOn = m.expiresOn.Add(-m.ExpiryWindow)
}
return Value{ return credentials.Value{
AccessKeyID: roleCreds.AccessKeyID, AccessKeyID: roleCreds.AccessKeyID,
SecretAccessKey: roleCreds.SecretAccessKey, SecretAccessKey: roleCreds.SecretAccessKey,
SessionToken: roleCreds.Token, SessionToken: roleCreds.Token,
}, nil }, nil
} }
// IsExpired returns if the credentials are expired.
func (m *EC2RoleProvider) IsExpired() bool {
return m.expiresOn.Before(currentTime())
}
// A ec2RoleCredRespBody provides the shape for deserializing credential // A ec2RoleCredRespBody provides the shape for deserializing credential
// request responses. // request responses.
type ec2RoleCredRespBody struct { type ec2RoleCredRespBody struct {
// Success State
Expiration time.Time Expiration time.Time
AccessKeyID string AccessKeyID string
SecretAccessKey string SecretAccessKey string
Token string Token string
// Error state
Code string
Message string
} }
const iamSecurityCredsPath = "/iam/security-credentials"
// requestCredList requests a list of credentials from the EC2 service. // requestCredList requests a list of credentials from the EC2 service.
// If there are no credentials, or there is an error making or receiving the request // If there are no credentials, or there is an error making or receiving the request
func requestCredList(client *http.Client, endpoint string) ([]string, error) { func requestCredList(client *ec2metadata.Client) ([]string, error) {
resp, err := client.Get(endpoint) resp, err := client.GetMetadata(iamSecurityCredsPath)
if err != nil { if err != nil {
return nil, apierr.New("ListEC2Role", "failed to list EC2 Roles", err) return nil, awserr.New("EC2RoleRequestError", "failed to list EC2 Roles", err)
} }
defer resp.Body.Close()
credsList := []string{} credsList := []string{}
s := bufio.NewScanner(resp.Body) s := bufio.NewScanner(strings.NewReader(resp))
for s.Scan() { for s.Scan() {
credsList = append(credsList, s.Text()) credsList = append(credsList, s.Text())
} }
if err := s.Err(); err != nil { if err := s.Err(); err != nil {
return nil, apierr.New("ReadEC2Role", "failed to read list of EC2 Roles", err) return nil, awserr.New("SerializationError", "failed to read list of EC2 Roles", err)
} }
return credsList, nil return credsList, nil
...@@ -153,20 +142,26 @@ func requestCredList(client *http.Client, endpoint string) ([]string, error) { ...@@ -153,20 +142,26 @@ func requestCredList(client *http.Client, endpoint string) ([]string, error) {
// //
// If the credentials cannot be found, or there is an error reading the response // If the credentials cannot be found, or there is an error reading the response
// and error will be returned. // and error will be returned.
func requestCred(client *http.Client, endpoint, credsName string) (*ec2RoleCredRespBody, error) { func requestCred(client *ec2metadata.Client, credsName string) (ec2RoleCredRespBody, error) {
resp, err := client.Get(endpoint + credsName) resp, err := client.GetMetadata(path.Join(iamSecurityCredsPath, credsName))
if err != nil { if err != nil {
return nil, apierr.New("GetEC2RoleCredentials", return ec2RoleCredRespBody{},
fmt.Sprintf("failed to get %s EC2 Role credentials", credsName), awserr.New("EC2RoleRequestError",
err) fmt.Sprintf("failed to get %s EC2 Role credentials", credsName),
err)
}
respCreds := ec2RoleCredRespBody{}
if err := json.NewDecoder(strings.NewReader(resp)).Decode(&respCreds); err != nil {
return ec2RoleCredRespBody{},
awserr.New("SerializationError",
fmt.Sprintf("failed to decode %s EC2 Role credentials", credsName),
err)
} }
defer resp.Body.Close()
respCreds := &ec2RoleCredRespBody{} if respCreds.Code != "Success" {
if err := json.NewDecoder(resp.Body).Decode(respCreds); err != nil { // If an error code was returned something failed requesting the role.
return nil, apierr.New("DecodeEC2RoleCredentials", return ec2RoleCredRespBody{}, awserr.New(respCreds.Code, respCreds.Message, nil)
fmt.Sprintf("failed to decode %s EC2 Role credentials", credsName),
err)
} }
return respCreds, nil return respCreds, nil
......
package credentials package ec2rolecreds_test
import ( import (
"fmt" "fmt"
"github.com/stretchr/testify/assert"
"net/http" "net/http"
"net/http/httptest" "net/http/httptest"
"testing" "testing"
"time" "time"
"github.com/stretchr/testify/assert"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds"
"github.com/aws/aws-sdk-go/aws/ec2metadata"
) )
func initTestServer(expireOn string) *httptest.Server { const credsRespTmpl = `{
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { "Code": "Success",
if r.RequestURI == "/" { "Type": "AWS-HMAC",
fmt.Fprintln(w, "/creds")
} else {
fmt.Fprintf(w, `{
"AccessKeyId" : "accessKey", "AccessKeyId" : "accessKey",
"SecretAccessKey" : "secret", "SecretAccessKey" : "secret",
"Token" : "token", "Token" : "token",
"Expiration" : "%s" "Expiration" : "%s",
}`, expireOn) "LastUpdated" : "2009-11-23T0:00:00Z"
}`
const credsFailRespTmpl = `{
"Code": "ErrorCode",
"Message": "ErrorMsg",
"LastUpdated": "2009-11-23T0:00:00Z"
}`
func initTestServer(expireOn string, failAssume bool) *httptest.Server {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.URL.Path == "/latest/meta-data/iam/security-credentials" {
fmt.Fprintln(w, "RoleName")
} else if r.URL.Path == "/latest/meta-data/iam/security-credentials/RoleName" {
if failAssume {
fmt.Fprintf(w, credsFailRespTmpl)
} else {
fmt.Fprintf(w, credsRespTmpl, expireOn)
}
} else {
http.Error(w, "bad request", http.StatusBadRequest)
} }
})) }))
...@@ -27,10 +50,12 @@ func initTestServer(expireOn string) *httptest.Server { ...@@ -27,10 +50,12 @@ func initTestServer(expireOn string) *httptest.Server {
} }
func TestEC2RoleProvider(t *testing.T) { func TestEC2RoleProvider(t *testing.T) {
server := initTestServer("2014-12-16T01:51:37Z") server := initTestServer("2014-12-16T01:51:37Z", false)
defer server.Close() defer server.Close()
p := &EC2RoleProvider{Client: http.DefaultClient, Endpoint: server.URL} p := &ec2rolecreds.EC2RoleProvider{
Client: ec2metadata.New(&ec2metadata.Config{Endpoint: aws.String(server.URL + "/latest")}),
}
creds, err := p.Retrieve() creds, err := p.Retrieve()
assert.Nil(t, err, "Expect no error") assert.Nil(t, err, "Expect no error")
...@@ -40,15 +65,35 @@ func TestEC2RoleProvider(t *testing.T) { ...@@ -40,15 +65,35 @@ func TestEC2RoleProvider(t *testing.T) {
assert.Equal(t, "token", creds.SessionToken, "Expect session token to match") assert.Equal(t, "token", creds.SessionToken, "Expect session token to match")
} }
func TestEC2RoleProviderFailAssume(t *testing.T) {
server := initTestServer("2014-12-16T01:51:37Z", true)
defer server.Close()
p := &ec2rolecreds.EC2RoleProvider{
Client: ec2metadata.New(&ec2metadata.Config{Endpoint: aws.String(server.URL + "/latest")}),
}
creds, err := p.Retrieve()
assert.Error(t, err, "Expect error")
e := err.(awserr.Error)
assert.Equal(t, "ErrorCode", e.Code())
assert.Equal(t, "ErrorMsg", e.Message())
assert.Nil(t, e.OrigErr())
assert.Equal(t, "", creds.AccessKeyID, "Expect access key ID to match")
assert.Equal(t, "", creds.SecretAccessKey, "Expect secret access key to match")
assert.Equal(t, "", creds.SessionToken, "Expect session token to match")
}
func TestEC2RoleProviderIsExpired(t *testing.T) { func TestEC2RoleProviderIsExpired(t *testing.T) {
server := initTestServer("2014-12-16T01:51:37Z") server := initTestServer("2014-12-16T01:51:37Z", false)
defer server.Close() defer server.Close()
p := &EC2RoleProvider{Client: http.DefaultClient, Endpoint: server.URL} p := &ec2rolecreds.EC2RoleProvider{
defer func() { Client: ec2metadata.New(&ec2metadata.Config{Endpoint: aws.String(server.URL + "/latest")}),
currentTime = time.Now }
}() p.CurrentTime = func() time.Time {
currentTime = func() time.Time {
return time.Date(2014, 12, 15, 21, 26, 0, 0, time.UTC) return time.Date(2014, 12, 15, 21, 26, 0, 0, time.UTC)
} }
...@@ -59,7 +104,7 @@ func TestEC2RoleProviderIsExpired(t *testing.T) { ...@@ -59,7 +104,7 @@ func TestEC2RoleProviderIsExpired(t *testing.T) {
assert.False(t, p.IsExpired(), "Expect creds to not be expired after retrieve.") assert.False(t, p.IsExpired(), "Expect creds to not be expired after retrieve.")
currentTime = func() time.Time { p.CurrentTime = func() time.Time {
return time.Date(3014, 12, 15, 21, 26, 0, 0, time.UTC) return time.Date(3014, 12, 15, 21, 26, 0, 0, time.UTC)
} }
...@@ -67,14 +112,14 @@ func TestEC2RoleProviderIsExpired(t *testing.T) { ...@@ -67,14 +112,14 @@ func TestEC2RoleProviderIsExpired(t *testing.T) {
} }
func TestEC2RoleProviderExpiryWindowIsExpired(t *testing.T) { func TestEC2RoleProviderExpiryWindowIsExpired(t *testing.T) {
server := initTestServer("2014-12-16T01:51:37Z") server := initTestServer("2014-12-16T01:51:37Z", false)
defer server.Close() defer server.Close()
p := &EC2RoleProvider{Client: http.DefaultClient, Endpoint: server.URL, ExpiryWindow: time.Hour * 1} p := &ec2rolecreds.EC2RoleProvider{
defer func() { Client: ec2metadata.New(&ec2metadata.Config{Endpoint: aws.String(server.URL + "/latest")}),
currentTime = time.Now ExpiryWindow: time.Hour * 1,
}() }
currentTime = func() time.Time { p.CurrentTime = func() time.Time {
return time.Date(2014, 12, 15, 0, 51, 37, 0, time.UTC) return time.Date(2014, 12, 15, 0, 51, 37, 0, time.UTC)
} }
...@@ -85,7 +130,7 @@ func TestEC2RoleProviderExpiryWindowIsExpired(t *testing.T) { ...@@ -85,7 +130,7 @@ func TestEC2RoleProviderExpiryWindowIsExpired(t *testing.T) {
assert.False(t, p.IsExpired(), "Expect creds to not be expired after retrieve.") assert.False(t, p.IsExpired(), "Expect creds to not be expired after retrieve.")
currentTime = func() time.Time { p.CurrentTime = func() time.Time {
return time.Date(2014, 12, 16, 0, 55, 37, 0, time.UTC) return time.Date(2014, 12, 16, 0, 55, 37, 0, time.UTC)
} }
...@@ -93,10 +138,12 @@ func TestEC2RoleProviderExpiryWindowIsExpired(t *testing.T) { ...@@ -93,10 +138,12 @@ func TestEC2RoleProviderExpiryWindowIsExpired(t *testing.T) {
} }
func BenchmarkEC2RoleProvider(b *testing.B) { func BenchmarkEC2RoleProvider(b *testing.B) {
server := initTestServer("2014-12-16T01:51:37Z") server := initTestServer("2014-12-16T01:51:37Z", false)
defer server.Close() defer server.Close()
p := &EC2RoleProvider{Client: http.DefaultClient, Endpoint: server.URL} p := &ec2rolecreds.EC2RoleProvider{
Client: ec2metadata.New(&ec2metadata.Config{Endpoint: aws.String(server.URL + "/latest")}),
}
_, err := p.Retrieve() _, err := p.Retrieve()
if err != nil { if err != nil {
b.Fatal(err) b.Fatal(err)
......
...@@ -3,24 +3,30 @@ package credentials ...@@ -3,24 +3,30 @@ package credentials
import ( import (
"os" "os"
"github.com/aws/aws-sdk-go/internal/apierr" "github.com/aws/aws-sdk-go/aws/awserr"
) )
var ( var (
// ErrAccessKeyIDNotFound is returned when the AWS Access Key ID can't be // ErrAccessKeyIDNotFound is returned when the AWS Access Key ID can't be
// found in the process's environment. // found in the process's environment.
ErrAccessKeyIDNotFound = apierr.New("EnvAccessKeyNotFound", "AWS_ACCESS_KEY_ID or AWS_ACCESS_KEY not found in environment", nil) //
// @readonly
ErrAccessKeyIDNotFound = awserr.New("EnvAccessKeyNotFound", "AWS_ACCESS_KEY_ID or AWS_ACCESS_KEY not found in environment", nil)
// ErrSecretAccessKeyNotFound is returned when the AWS Secret Access Key // ErrSecretAccessKeyNotFound is returned when the AWS Secret Access Key
// can't be found in the process's environment. // can't be found in the process's environment.
ErrSecretAccessKeyNotFound = apierr.New("EnvSecretNotFound", "AWS_SECRET_ACCESS_KEY or AWS_SECRET_KEY not found in environment", nil) //
// @readonly
ErrSecretAccessKeyNotFound = awserr.New("EnvSecretNotFound", "AWS_SECRET_ACCESS_KEY or AWS_SECRET_KEY not found in environment", nil)
) )
// A EnvProvider retrieves credentials from the environment variables of the // A EnvProvider retrieves credentials from the environment variables of the
// running process. Environment credentials never expire. // running process. Environment credentials never expire.
// //
// Environment variables used: // Environment variables used:
// - Access Key ID: AWS_ACCESS_KEY_ID or AWS_ACCESS_KEY //
// - Secret Access Key: AWS_SECRET_ACCESS_KEY or AWS_SECRET_KEY // * Access Key ID: AWS_ACCESS_KEY_ID or AWS_ACCESS_KEY
// * Secret Access Key: AWS_SECRET_ACCESS_KEY or AWS_SECRET_KEY
type EnvProvider struct { type EnvProvider struct {
retrieved bool retrieved bool
} }
......
...@@ -7,12 +7,14 @@ import ( ...@@ -7,12 +7,14 @@ import (
"github.com/vaughan0/go-ini" "github.com/vaughan0/go-ini"
"github.com/aws/aws-sdk-go/internal/apierr" "github.com/aws/aws-sdk-go/aws/awserr"
) )
var ( var (
// ErrSharedCredentialsHomeNotFound is emitted when the user directory cannot be found. // ErrSharedCredentialsHomeNotFound is emitted when the user directory cannot be found.
ErrSharedCredentialsHomeNotFound = apierr.New("UserHomeNotFound", "user home directory not found.", nil) //
// @readonly
ErrSharedCredentialsHomeNotFound = awserr.New("UserHomeNotFound", "user home directory not found.", nil)
) )
// A SharedCredentialsProvider retrieves credentials from the current user's home // A SharedCredentialsProvider retrieves credentials from the current user's home
...@@ -20,8 +22,12 @@ var ( ...@@ -20,8 +22,12 @@ var (
// //
// Profile ini file example: $HOME/.aws/credentials // Profile ini file example: $HOME/.aws/credentials
type SharedCredentialsProvider struct { type SharedCredentialsProvider struct {
// Path to the shared credentials file. If empty will default to current user's // Path to the shared credentials file.
// home directory. //
// If empty will look for "AWS_SHARED_CREDENTIALS_FILE" env variable. If the
// env value is empty will default to current user's home directory.
// Linux/OSX: "$HOME/.aws/credentials"
// Windows: "%USERPROFILE%\.aws\credentials"
Filename string Filename string
// AWS Profile to extract credentials from the shared credentials file. If empty // AWS Profile to extract credentials from the shared credentials file. If empty
...@@ -72,20 +78,20 @@ func (p *SharedCredentialsProvider) IsExpired() bool { ...@@ -72,20 +78,20 @@ func (p *SharedCredentialsProvider) IsExpired() bool {
func loadProfile(filename, profile string) (Value, error) { func loadProfile(filename, profile string) (Value, error) {
config, err := ini.LoadFile(filename) config, err := ini.LoadFile(filename)
if err != nil { if err != nil {
return Value{}, apierr.New("SharedCredsLoad", "failed to load shared credentials file", err) return Value{}, awserr.New("SharedCredsLoad", "failed to load shared credentials file", err)
} }
iniProfile := config.Section(profile) iniProfile := config.Section(profile)
id, ok := iniProfile["aws_access_key_id"] id, ok := iniProfile["aws_access_key_id"]
if !ok { if !ok {
return Value{}, apierr.New("SharedCredsAccessKey", return Value{}, awserr.New("SharedCredsAccessKey",
fmt.Sprintf("shared credentials %s in %s did not contain aws_access_key_id", profile, filename), fmt.Sprintf("shared credentials %s in %s did not contain aws_access_key_id", profile, filename),
nil) nil)
} }
secret, ok := iniProfile["aws_secret_access_key"] secret, ok := iniProfile["aws_secret_access_key"]
if !ok { if !ok {
return Value{}, apierr.New("SharedCredsSecret", return Value{}, awserr.New("SharedCredsSecret",
fmt.Sprintf("shared credentials %s in %s did not contain aws_secret_access_key", profile, filename), fmt.Sprintf("shared credentials %s in %s did not contain aws_secret_access_key", profile, filename),
nil) nil)
} }
...@@ -104,6 +110,10 @@ func loadProfile(filename, profile string) (Value, error) { ...@@ -104,6 +110,10 @@ func loadProfile(filename, profile string) (Value, error) {
// Will return an error if the user's home directory path cannot be found. // Will return an error if the user's home directory path cannot be found.
func (p *SharedCredentialsProvider) filename() (string, error) { func (p *SharedCredentialsProvider) filename() (string, error) {
if p.Filename == "" { if p.Filename == "" {
if p.Filename = os.Getenv("AWS_SHARED_CREDENTIALS_FILE"); p.Filename != "" {
return p.Filename, nil
}
homeDir := os.Getenv("HOME") // *nix homeDir := os.Getenv("HOME") // *nix
if homeDir == "" { // Windows if homeDir == "" { // Windows
homeDir = os.Getenv("USERPROFILE") homeDir = os.Getenv("USERPROFILE")
......
...@@ -31,6 +31,19 @@ func TestSharedCredentialsProviderIsExpired(t *testing.T) { ...@@ -31,6 +31,19 @@ func TestSharedCredentialsProviderIsExpired(t *testing.T) {
assert.False(t, p.IsExpired(), "Expect creds to not be expired after retrieve") assert.False(t, p.IsExpired(), "Expect creds to not be expired after retrieve")
} }
func TestSharedCredentialsProviderWithAWS_SHARED_CREDENTIALS_FILE(t *testing.T) {
os.Clearenv()
os.Setenv("AWS_SHARED_CREDENTIALS_FILE", "example.ini")
p := SharedCredentialsProvider{}
creds, err := p.Retrieve()
assert.Nil(t, err, "Expect no error")
assert.Equal(t, "accessKey", creds.AccessKeyID, "Expect access key ID to match")
assert.Equal(t, "secret", creds.SecretAccessKey, "Expect secret access key to match")
assert.Equal(t, "token", creds.SessionToken, "Expect session token to match")
}
func TestSharedCredentialsProviderWithAWS_PROFILE(t *testing.T) { func TestSharedCredentialsProviderWithAWS_PROFILE(t *testing.T) {
os.Clearenv() os.Clearenv()
os.Setenv("AWS_PROFILE", "no_token") os.Setenv("AWS_PROFILE", "no_token")
...@@ -66,12 +79,10 @@ func BenchmarkSharedCredentialsProvider(b *testing.B) { ...@@ -66,12 +79,10 @@ func BenchmarkSharedCredentialsProvider(b *testing.B) {
} }
b.ResetTimer() b.ResetTimer()
b.RunParallel(func(pb *testing.PB) { for i := 0; i < b.N; i++ {
for pb.Next() { _, err := p.Retrieve()
_, err := p.Retrieve() if err != nil {
if err != nil { b.Fatal(err)
b.Fatal(err)
}
} }
}) }
} }
package credentials package credentials
import ( import (
"github.com/aws/aws-sdk-go/internal/apierr" "github.com/aws/aws-sdk-go/aws/awserr"
) )
var ( var (
// ErrStaticCredentialsEmpty is emitted when static credentials are empty. // ErrStaticCredentialsEmpty is emitted when static credentials are empty.
ErrStaticCredentialsEmpty = apierr.New("EmptyStaticCreds", "static credentials are empty", nil) //
// @readonly
ErrStaticCredentialsEmpty = awserr.New("EmptyStaticCreds", "static credentials are empty", nil)
) )
// A StaticProvider is a set of credentials which are set pragmatically, // A StaticProvider is a set of credentials which are set pragmatically,
......
// Package stscreds are credential Providers to retrieve STS AWS credentials.
//
// STS provides multiple ways to retrieve credentials which can be used when making
// future AWS service API operation calls.
package stscreds
import (
"fmt"
"time"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/service/sts"
)
// AssumeRoler represents the minimal subset of the STS client API used by this provider.
type AssumeRoler interface {
AssumeRole(input *sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error)
}
// AssumeRoleProvider retrieves temporary credentials from the STS service, and
// keeps track of their expiration time. This provider must be used explicitly,
// as it is not included in the credentials chain.
//
// Example how to configure a service to use this provider:
//
// config := &aws.Config{
// Credentials: stscreds.NewCredentials(nil, "arn-of-the-role-to-assume", 10*time.Second),
// })
// // Use config for creating your AWS service.
//
// Example how to obtain customised credentials:
//
// provider := &stscreds.Provider{
// // Extend the duration to 1 hour.
// Duration: time.Hour,
// // Custom role name.
// RoleSessionName: "custom-session-name",
// }
// creds := credentials.NewCredentials(provider)
//
type AssumeRoleProvider struct {
credentials.Expiry
// Custom STS client. If not set the default STS client will be used.
Client AssumeRoler
// Role to be assumed.
RoleARN string
// Session name, if you wish to reuse the credentials elsewhere.
RoleSessionName string
// Expiry duration of the STS credentials. Defaults to 15 minutes if not set.
Duration time.Duration
// Optional ExternalID to pass along, defaults to nil if not set.
ExternalID *string
// ExpiryWindow will allow the credentials to trigger refreshing prior to
// the credentials actually expiring. This is beneficial so race conditions
// with expiring credentials do not cause request to fail unexpectedly
// due to ExpiredTokenException exceptions.
//
// So a ExpiryWindow of 10s would cause calls to IsExpired() to return true
// 10 seconds before the credentials are actually expired.
//
// If ExpiryWindow is 0 or less it will be ignored.
ExpiryWindow time.Duration
}
// NewCredentials returns a pointer to a new Credentials object wrapping the
// AssumeRoleProvider. The credentials will expire every 15 minutes and the
// role will be named after a nanosecond timestamp of this operation.
//
// The sts and roleARN parameters are used for building the "AssumeRole" call.
// Pass nil as sts to use the default client.
//
// Window is the expiry window that will be subtracted from the expiry returned
// by the role credential request. This is done so that the credentials will
// expire sooner than their actual lifespan.
func NewCredentials(client AssumeRoler, roleARN string, window time.Duration) *credentials.Credentials {
return credentials.NewCredentials(&AssumeRoleProvider{
Client: client,
RoleARN: roleARN,
ExpiryWindow: window,
})
}
// Retrieve generates a new set of temporary credentials using STS.
func (p *AssumeRoleProvider) Retrieve() (credentials.Value, error) {
// Apply defaults where parameters are not set.
if p.Client == nil {
p.Client = sts.New(nil)
}
if p.RoleSessionName == "" {
// Try to work out a role name that will hopefully end up unique.
p.RoleSessionName = fmt.Sprintf("%d", time.Now().UTC().UnixNano())
}
if p.Duration == 0 {
// Expire as often as AWS permits.
p.Duration = 15 * time.Minute
}
roleOutput, err := p.Client.AssumeRole(&sts.AssumeRoleInput{
DurationSeconds: aws.Int64(int64(p.Duration / time.Second)),
RoleArn: aws.String(p.RoleARN),
RoleSessionName: aws.String(p.RoleSessionName),
ExternalId: p.ExternalID,
})
if err != nil {
return credentials.Value{}, err
}
// We will proactively generate new credentials before they expire.
p.SetExpiration(*roleOutput.Credentials.Expiration, p.ExpiryWindow)
return credentials.Value{
AccessKeyID: *roleOutput.Credentials.AccessKeyId,
SecretAccessKey: *roleOutput.Credentials.SecretAccessKey,
SessionToken: *roleOutput.Credentials.SessionToken,
}, nil
}
package stscreds
import (
"testing"
"time"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/sts"
"github.com/stretchr/testify/assert"
)
type stubSTS struct {
}
func (s *stubSTS) AssumeRole(input *sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error) {
expiry := time.Now().Add(60 * time.Minute)
return &sts.AssumeRoleOutput{
Credentials: &sts.Credentials{
// Just reflect the role arn to the provider.
AccessKeyId: input.RoleArn,
SecretAccessKey: aws.String("assumedSecretAccessKey"),
SessionToken: aws.String("assumedSessionToken"),
Expiration: &expiry,
},
}, nil
}
func TestAssumeRoleProvider(t *testing.T) {
stub := &stubSTS{}
p := &AssumeRoleProvider{
Client: stub,
RoleARN: "roleARN",
}
creds, err := p.Retrieve()
assert.Nil(t, err, "Expect no error")
assert.Equal(t, "roleARN", creds.AccessKeyID, "Expect access key ID to be reflected role ARN")
assert.Equal(t, "assumedSecretAccessKey", creds.SecretAccessKey, "Expect secret access key to match")
assert.Equal(t, "assumedSessionToken", creds.SessionToken, "Expect session token to match")
}
func BenchmarkAssumeRoleProvider(b *testing.B) {
stub := &stubSTS{}
p := &AssumeRoleProvider{
Client: stub,
RoleARN: "roleARN",
}
b.ResetTimer()
b.RunParallel(func(pb *testing.PB) {
for pb.Next() {
_, err := p.Retrieve()
if err != nil {
b.Fatal(err)
}
}
})
}
package defaults
import (
"net/http"
"os"
"time"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds"
)
// DefaultChainCredentials is a Credentials which will find the first available
// credentials Value from the list of Providers.
//
// This should be used in the default case. Once the type of credentials are
// known switching to the specific Credentials will be more efficient.
var DefaultChainCredentials = credentials.NewChainCredentials(
[]credentials.Provider{
&credentials.EnvProvider{},
&credentials.SharedCredentialsProvider{Filename: "", Profile: ""},
&ec2rolecreds.EC2RoleProvider{ExpiryWindow: 5 * time.Minute},
})
// DefaultConfig is the default all service configuration will be based off of.
// By default, all clients use this structure for initialization options unless
// a custom configuration object is passed in.
//
// You may modify this global structure to change all default configuration
// in the SDK. Note that configuration options are copied by value, so any
// modifications must happen before constructing a client.
var DefaultConfig = aws.NewConfig().
WithCredentials(DefaultChainCredentials).
WithRegion(os.Getenv("AWS_REGION")).
WithHTTPClient(http.DefaultClient).
WithMaxRetries(aws.DefaultRetries).
WithLogger(aws.NewDefaultLogger()).
WithLogLevel(aws.LogOff).
WithSleepDelay(time.Sleep)
package ec2metadata
import (
"path"
"github.com/aws/aws-sdk-go/aws/request"
)
// GetMetadata uses the path provided to request
func (c *Client) GetMetadata(p string) (string, error) {
op := &request.Operation{
Name: "GetMetadata",
HTTPMethod: "GET",
HTTPPath: path.Join("/", "meta-data", p),
}
output := &metadataOutput{}
req := request.New(c.Service.ServiceInfo, c.Service.Handlers, c.Service.Retryer, op, nil, output)
return output.Content, req.Send()
}
// Region returns the region the instance is running in.
func (c *Client) Region() (string, error) {
resp, err := c.GetMetadata("placement/availability-zone")
if err != nil {
return "", err
}
// returns region without the suffix. Eg: us-west-2a becomes us-west-2
return resp[:len(resp)-1], nil
}
// Available returns if the application has access to the EC2 Metadata service.
// Can be used to determine if application is running within an EC2 Instance and
// the metadata service is available.
func (c *Client) Available() bool {
if _, err := c.GetMetadata("instance-id"); err != nil {
return false
}
return true
}
package ec2metadata_test
import (
"bytes"
"io/ioutil"
"net/http"
"net/http/httptest"
"path"
"testing"
"github.com/stretchr/testify/assert"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/ec2metadata"
"github.com/aws/aws-sdk-go/aws/request"
)
func initTestServer(path string, resp string) *httptest.Server {
return httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.RequestURI != path {
http.Error(w, "not found", http.StatusNotFound)
return
}
w.Write([]byte(resp))
}))
}
func TestEndpoint(t *testing.T) {
c := ec2metadata.New(&ec2metadata.Config{})
op := &request.Operation{
Name: "GetMetadata",
HTTPMethod: "GET",
HTTPPath: path.Join("/", "meta-data", "testpath"),
}
req := c.Service.NewRequest(op, nil, nil)
assert.Equal(t, "http://169.254.169.254/latest", req.Service.Endpoint)
assert.Equal(t, "http://169.254.169.254/latest/meta-data/testpath", req.HTTPRequest.URL.String())
}
func TestGetMetadata(t *testing.T) {
server := initTestServer(
"/latest/meta-data/some/path",
"success", // real response includes suffix
)
defer server.Close()
c := ec2metadata.New(&ec2metadata.Config{Endpoint: aws.String(server.URL + "/latest")})
resp, err := c.GetMetadata("some/path")
assert.NoError(t, err)
assert.Equal(t, "success", resp)
}
func TestGetRegion(t *testing.T) {
server := initTestServer(
"/latest/meta-data/placement/availability-zone",
"us-west-2a", // real response includes suffix
)
defer server.Close()
c := ec2metadata.New(&ec2metadata.Config{Endpoint: aws.String(server.URL + "/latest")})
region, err := c.Region()
assert.NoError(t, err)
assert.Equal(t, "us-west-2", region)
}
func TestMetadataAvailable(t *testing.T) {
server := initTestServer(
"/latest/meta-data/instance-id",
"instance-id",
)
defer server.Close()
c := ec2metadata.New(&ec2metadata.Config{Endpoint: aws.String(server.URL + "/latest")})
available := c.Available()
assert.True(t, available)
}
func TestMetadataNotAvailable(t *testing.T) {
c := ec2metadata.New(nil)
c.Handlers.Send.Clear()
c.Handlers.Send.PushBack(func(r *request.Request) {
r.HTTPResponse = &http.Response{
StatusCode: int(0),
Status: http.StatusText(int(0)),
Body: ioutil.NopCloser(bytes.NewReader([]byte{})),
}
r.Error = awserr.New("RequestError", "send request failed", nil)
r.Retryable = aws.Bool(true) // network errors are retryable
})
available := c.Available()
assert.False(t, available)
}
package ec2metadata
import (
"io/ioutil"
"net/http"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/aws/service"
"github.com/aws/aws-sdk-go/aws/service/serviceinfo"
)
// DefaultRetries states the default number of times the service client will
// attempt to retry a failed request before failing.
const DefaultRetries = 3
// A Config provides the configuration for the EC2 Metadata service.
type Config struct {
// An optional endpoint URL (hostname only or fully qualified URI)
// that overrides the default service endpoint for a client. Set this
// to nil, or `""` to use the default service endpoint.
Endpoint *string
// The HTTP client to use when sending requests. Defaults to
// `http.DefaultClient`.
HTTPClient *http.Client
// An integer value representing the logging level. The default log level
// is zero (LogOff), which represents no logging. To enable logging set
// to a LogLevel Value.
Logger aws.Logger
// The logger writer interface to write logging messages to. Defaults to
// standard out.
LogLevel *aws.LogLevelType
// The maximum number of times that a request will be retried for failures.
// Defaults to DefaultRetries for the number of retries to be performed
// per request.
MaxRetries *int
}
// A Client is an EC2 Metadata service Client.
type Client struct {
*service.Service
}
// New creates a new instance of the EC2 Metadata service client.
//
// In the general use case the configuration for this service client should not
// be needed and `nil` can be provided. Configuration is only needed if the
// `ec2metadata.Config` defaults need to be overridden. Eg. Setting LogLevel.
//
// @note This configuration will NOT be merged with the default AWS service
// client configuration `defaults.DefaultConfig`. Due to circular dependencies
// with the defaults package and credentials EC2 Role Provider.
func New(config *Config) *Client {
service := &service.Service{
ServiceInfo: serviceinfo.ServiceInfo{
Config: copyConfig(config),
ServiceName: "Client",
Endpoint: "http://169.254.169.254/latest",
APIVersion: "latest",
},
}
service.Initialize()
service.Handlers.Unmarshal.PushBack(unmarshalHandler)
service.Handlers.UnmarshalError.PushBack(unmarshalError)
service.Handlers.Validate.Clear()
service.Handlers.Validate.PushBack(validateEndpointHandler)
return &Client{service}
}
func copyConfig(config *Config) *aws.Config {
if config == nil {
config = &Config{}
}
c := &aws.Config{
Credentials: credentials.AnonymousCredentials,
Endpoint: config.Endpoint,
HTTPClient: config.HTTPClient,
Logger: config.Logger,
LogLevel: config.LogLevel,
MaxRetries: config.MaxRetries,
}
if c.HTTPClient == nil {
c.HTTPClient = http.DefaultClient
}
if c.Logger == nil {
c.Logger = aws.NewDefaultLogger()
}
if c.LogLevel == nil {
c.LogLevel = aws.LogLevel(aws.LogOff)
}
if c.MaxRetries == nil {
c.MaxRetries = aws.Int(DefaultRetries)
}
return c
}
type metadataOutput struct {
Content string
}
func unmarshalHandler(r *request.Request) {
defer r.HTTPResponse.Body.Close()
b, err := ioutil.ReadAll(r.HTTPResponse.Body)
if err != nil {
r.Error = awserr.New("SerializationError", "unable to unmarshal EC2 metadata respose", err)
}
data := r.Data.(*metadataOutput)
data.Content = string(b)
}
func unmarshalError(r *request.Request) {
defer r.HTTPResponse.Body.Close()
_, err := ioutil.ReadAll(r.HTTPResponse.Body)
if err != nil {
r.Error = awserr.New("SerializationError", "unable to unmarshal EC2 metadata error respose", err)
}
// TODO extract the error...
}
func validateEndpointHandler(r *request.Request) {
if r.Service.Endpoint == "" {
r.Error = aws.ErrMissingEndpoint
}
}
package aws
import "github.com/aws/aws-sdk-go/aws/awserr"
var (
// ErrMissingRegion is an error that is returned if region configuration is
// not found.
//
// @readonly
ErrMissingRegion error = awserr.New("MissingRegion", "could not find region configuration", nil)
// ErrMissingEndpoint is an error that is returned if an endpoint cannot be
// resolved for a service.
//
// @readonly
ErrMissingEndpoint error = awserr.New("MissingEndpoint", "'Endpoint' configuration is required for this service", nil)
)
package aws
import (
"log"
"os"
)
// A LogLevelType defines the level logging should be performed at. Used to instruct
// the SDK which statements should be logged.
type LogLevelType uint
// LogLevel returns the pointer to a LogLevel. Should be used to workaround
// not being able to take the address of a non-composite literal.
func LogLevel(l LogLevelType) *LogLevelType {
return &l
}
// Value returns the LogLevel value or the default value LogOff if the LogLevel
// is nil. Safe to use on nil value LogLevelTypes.
func (l *LogLevelType) Value() LogLevelType {
if l != nil {
return *l
}
return LogOff
}
// Matches returns true if the v LogLevel is enabled by this LogLevel. Should be
// used with logging sub levels. Is safe to use on nil value LogLevelTypes. If
// LogLevel is nill, will default to LogOff comparison.
func (l *LogLevelType) Matches(v LogLevelType) bool {
c := l.Value()
return c&v == v
}
// AtLeast returns true if this LogLevel is at least high enough to satisfies v.
// Is safe to use on nil value LogLevelTypes. If LogLevel is nill, will default
// to LogOff comparison.
func (l *LogLevelType) AtLeast(v LogLevelType) bool {
c := l.Value()
return c >= v
}
const (
// LogOff states that no logging should be performed by the SDK. This is the
// default state of the SDK, and should be use to disable all logging.
LogOff LogLevelType = iota * 0x1000
// LogDebug state that debug output should be logged by the SDK. This should
// be used to inspect request made and responses received.
LogDebug
)
// Debug Logging Sub Levels
const (
// LogDebugWithSigning states that the SDK should log request signing and
// presigning events. This should be used to log the signing details of
// requests for debugging. Will also enable LogDebug.
LogDebugWithSigning LogLevelType = LogDebug | (1 << iota)
// LogDebugWithHTTPBody states the SDK should log HTTP request and response
// HTTP bodys in addition to the headers and path. This should be used to
// see the body content of requests and responses made while using the SDK
// Will also enable LogDebug.
LogDebugWithHTTPBody
// LogDebugWithRequestRetries states the SDK should log when service requests will
// be retried. This should be used to log when you want to log when service
// requests are being retried. Will also enable LogDebug.
LogDebugWithRequestRetries
// LogDebugWithRequestErrors states the SDK should log when service requests fail
// to build, send, validate, or unmarshal.
LogDebugWithRequestErrors
)
// A Logger is a minimalistic interface for the SDK to log messages to. Should
// be used to provide custom logging writers for the SDK to use.
type Logger interface {
Log(...interface{})
}
// NewDefaultLogger returns a Logger which will write log messages to stdout, and
// use same formatting runes as the stdlib log.Logger
func NewDefaultLogger() Logger {
return &defaultLogger{
logger: log.New(os.Stdout, "", log.LstdFlags),
}
}
// A defaultLogger provides a minimalistic logger satisfying the Logger interface.
type defaultLogger struct {
logger *log.Logger
}
// Log logs the parameters to the stdlib logger. See log.Println.
func (l defaultLogger) Log(args ...interface{}) {
l.logger.Println(args...)
}
package aws package request
// A Handlers provides a collection of request handlers for various // A Handlers provides a collection of request handlers for various
// stages of handling requests. // stages of handling requests.
...@@ -15,8 +15,8 @@ type Handlers struct { ...@@ -15,8 +15,8 @@ type Handlers struct {
AfterRetry HandlerList AfterRetry HandlerList
} }
// copy returns of this handler's lists. // Copy returns of this handler's lists.
func (h *Handlers) copy() Handlers { func (h *Handlers) Copy() Handlers {
return Handlers{ return Handlers{
Validate: h.Validate.copy(), Validate: h.Validate.copy(),
Build: h.Build.copy(), Build: h.Build.copy(),
...@@ -47,19 +47,25 @@ func (h *Handlers) Clear() { ...@@ -47,19 +47,25 @@ func (h *Handlers) Clear() {
// A HandlerList manages zero or more handlers in a list. // A HandlerList manages zero or more handlers in a list.
type HandlerList struct { type HandlerList struct {
list []func(*Request) list []NamedHandler
}
// A NamedHandler is a struct that contains a name and function callback.
type NamedHandler struct {
Name string
Fn func(*Request)
} }
// copy creates a copy of the handler list. // copy creates a copy of the handler list.
func (l *HandlerList) copy() HandlerList { func (l *HandlerList) copy() HandlerList {
var n HandlerList var n HandlerList
n.list = append([]func(*Request){}, l.list...) n.list = append([]NamedHandler{}, l.list...)
return n return n
} }
// Clear clears the handler list. // Clear clears the handler list.
func (l *HandlerList) Clear() { func (l *HandlerList) Clear() {
l.list = []func(*Request){} l.list = []NamedHandler{}
} }
// Len returns the number of handlers in the list. // Len returns the number of handlers in the list.
...@@ -67,19 +73,40 @@ func (l *HandlerList) Len() int { ...@@ -67,19 +73,40 @@ func (l *HandlerList) Len() int {
return len(l.list) return len(l.list)
} }
// PushBack pushes handlers f to the back of the handler list. // PushBack pushes handler f to the back of the handler list.
func (l *HandlerList) PushBack(f ...func(*Request)) { func (l *HandlerList) PushBack(f func(*Request)) {
l.list = append(l.list, f...) l.list = append(l.list, NamedHandler{"__anonymous", f})
} }
// PushFront pushes handlers f to the front of the handler list. // PushFront pushes handler f to the front of the handler list.
func (l *HandlerList) PushFront(f ...func(*Request)) { func (l *HandlerList) PushFront(f func(*Request)) {
l.list = append(f, l.list...) l.list = append([]NamedHandler{{"__anonymous", f}}, l.list...)
}
// PushBackNamed pushes named handler f to the back of the handler list.
func (l *HandlerList) PushBackNamed(n NamedHandler) {
l.list = append(l.list, n)
}
// PushFrontNamed pushes named handler f to the front of the handler list.
func (l *HandlerList) PushFrontNamed(n NamedHandler) {
l.list = append([]NamedHandler{n}, l.list...)
}
// Remove removes a NamedHandler n
func (l *HandlerList) Remove(n NamedHandler) {
newlist := []NamedHandler{}
for _, m := range l.list {
if m.Name != n.Name {
newlist = append(newlist, m)
}
}
l.list = newlist
} }
// Run executes all handlers in the list with a given request object. // Run executes all handlers in the list with a given request object.
func (l *HandlerList) Run(r *Request) { func (l *HandlerList) Run(r *Request) {
for _, f := range l.list { for _, f := range l.list {
f(r) f.Fn(r)
} }
} }
package aws package request_test
import ( import (
"testing" "testing"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/request"
) )
func TestHandlerList(t *testing.T) { func TestHandlerList(t *testing.T) {
s := "" s := ""
r := &Request{} r := &request.Request{}
l := HandlerList{} l := request.HandlerList{}
l.PushBack(func(r *Request) { l.PushBack(func(r *request.Request) {
s += "a" s += "a"
r.Data = s r.Data = s
}) })
...@@ -20,12 +23,25 @@ func TestHandlerList(t *testing.T) { ...@@ -20,12 +23,25 @@ func TestHandlerList(t *testing.T) {
} }
func TestMultipleHandlers(t *testing.T) { func TestMultipleHandlers(t *testing.T) {
r := &Request{} r := &request.Request{}
l := HandlerList{} l := request.HandlerList{}
l.PushBack(func(r *Request) { r.Data = nil }) l.PushBack(func(r *request.Request) { r.Data = nil })
l.PushFront(func(r *Request) { r.Data = Boolean(true) }) l.PushFront(func(r *request.Request) { r.Data = aws.Bool(true) })
l.Run(r) l.Run(r)
if r.Data != nil { if r.Data != nil {
t.Error("Expected handler to execute") t.Error("Expected handler to execute")
} }
} }
func TestNamedHandlers(t *testing.T) {
l := request.HandlerList{}
named := request.NamedHandler{"Name", func(r *request.Request) {}}
named2 := request.NamedHandler{"NotName", func(r *request.Request) {}}
l.PushBackNamed(named)
l.PushBackNamed(named)
l.PushBackNamed(named2)
l.PushBack(func(r *request.Request) {})
assert.Equal(t, 4, l.Len())
l.Remove(named)
assert.Equal(t, 2, l.Len())
}
package aws package request
import ( import (
"bytes" "bytes"
"fmt"
"io" "io"
"io/ioutil" "io/ioutil"
"net/http" "net/http"
...@@ -10,12 +11,15 @@ import ( ...@@ -10,12 +11,15 @@ import (
"strings" "strings"
"time" "time"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awsutil" "github.com/aws/aws-sdk-go/aws/awsutil"
"github.com/aws/aws-sdk-go/aws/service/serviceinfo"
) )
// A Request is the service request to be made. // A Request is the service request to be made.
type Request struct { type Request struct {
*Service Retryer
Service serviceinfo.ServiceInfo
Handlers Handlers Handlers Handlers
Time time.Time Time time.Time
ExpireTime time.Duration ExpireTime time.Duration
...@@ -23,17 +27,16 @@ type Request struct { ...@@ -23,17 +27,16 @@ type Request struct {
HTTPRequest *http.Request HTTPRequest *http.Request
HTTPResponse *http.Response HTTPResponse *http.Response
Body io.ReadSeeker Body io.ReadSeeker
bodyStart int64 // offset from beginning of Body that the request body starts BodyStart int64 // offset from beginning of Body that the request body starts
Params interface{} Params interface{}
Error error Error error
Data interface{} Data interface{}
RequestID string RequestID string
RetryCount uint RetryCount uint
Retryable SettableBool Retryable *bool
RetryDelay time.Duration RetryDelay time.Duration
built bool built bool
signed bool
} }
// An Operation is the service API operation to be made. // An Operation is the service API operation to be made.
...@@ -52,13 +55,13 @@ type Paginator struct { ...@@ -52,13 +55,13 @@ type Paginator struct {
TruncationToken string TruncationToken string
} }
// NewRequest returns a new Request pointer for the service API // New returns a new Request pointer for the service API
// operation and parameters. // operation and parameters.
// //
// Params is any value of input parameters to be the request payload. // Params is any value of input parameters to be the request payload.
// Data is pointer value to an object which the request's response // Data is pointer value to an object which the request's response
// payload will be deserialized to. // payload will be deserialized to.
func NewRequest(service *Service, operation *Operation, params interface{}, data interface{}) *Request { func New(service serviceinfo.ServiceInfo, handlers Handlers, retryer Retryer, operation *Operation, params interface{}, data interface{}) *Request {
method := operation.HTTPMethod method := operation.HTTPMethod
if method == "" { if method == "" {
method = "POST" method = "POST"
...@@ -72,8 +75,9 @@ func NewRequest(service *Service, operation *Operation, params interface{}, data ...@@ -72,8 +75,9 @@ func NewRequest(service *Service, operation *Operation, params interface{}, data
httpReq.URL, _ = url.Parse(service.Endpoint + p) httpReq.URL, _ = url.Parse(service.Endpoint + p)
r := &Request{ r := &Request{
Retryer: retryer,
Service: service, Service: service,
Handlers: service.Handlers.copy(), Handlers: handlers.Copy(),
Time: time.Now(), Time: time.Now(),
ExpireTime: 0, ExpireTime: 0,
Operation: operation, Operation: operation,
...@@ -90,7 +94,7 @@ func NewRequest(service *Service, operation *Operation, params interface{}, data ...@@ -90,7 +94,7 @@ func NewRequest(service *Service, operation *Operation, params interface{}, data
// WillRetry returns if the request's can be retried. // WillRetry returns if the request's can be retried.
func (r *Request) WillRetry() bool { func (r *Request) WillRetry() bool {
return r.Error != nil && r.Retryable.Get() && r.RetryCount < r.Service.MaxRetries() return r.Error != nil && aws.BoolValue(r.Retryable) && r.RetryCount < r.MaxRetries()
} }
// ParamsFilled returns if the request's parameters have been populated // ParamsFilled returns if the request's parameters have been populated
...@@ -135,6 +139,20 @@ func (r *Request) Presign(expireTime time.Duration) (string, error) { ...@@ -135,6 +139,20 @@ func (r *Request) Presign(expireTime time.Duration) (string, error) {
return r.HTTPRequest.URL.String(), nil return r.HTTPRequest.URL.String(), nil
} }
func debugLogReqError(r *Request, stage string, retrying bool, err error) {
if !r.Service.Config.LogLevel.Matches(aws.LogDebugWithRequestErrors) {
return
}
retryStr := "not retrying"
if retrying {
retryStr = "will retry"
}
r.Service.Config.Logger.Log(fmt.Sprintf("DEBUG: %s %s/%s failed, %s, error %v",
stage, r.Service.ServiceName, r.Operation.Name, retryStr, err))
}
// Build will build the request's object so it can be signed and sent // Build will build the request's object so it can be signed and sent
// to the service. Build will also validate all the request's parameters. // to the service. Build will also validate all the request's parameters.
// Anny additional build Handlers set on this request will be run // Anny additional build Handlers set on this request will be run
...@@ -150,6 +168,7 @@ func (r *Request) Build() error { ...@@ -150,6 +168,7 @@ func (r *Request) Build() error {
r.Error = nil r.Error = nil
r.Handlers.Validate.Run(r) r.Handlers.Validate.Run(r)
if r.Error != nil { if r.Error != nil {
debugLogReqError(r, "Validate Request", false, r.Error)
return r.Error return r.Error
} }
r.Handlers.Build.Run(r) r.Handlers.Build.Run(r)
...@@ -164,17 +183,13 @@ func (r *Request) Build() error { ...@@ -164,17 +183,13 @@ func (r *Request) Build() error {
// Send will build the request prior to signing. All Sign Handlers will // Send will build the request prior to signing. All Sign Handlers will
// be executed in the order they were set. // be executed in the order they were set.
func (r *Request) Sign() error { func (r *Request) Sign() error {
if r.signed {
return r.Error
}
r.Build() r.Build()
if r.Error != nil { if r.Error != nil {
debugLogReqError(r, "Build Request", false, r.Error)
return r.Error return r.Error
} }
r.Handlers.Sign.Run(r) r.Handlers.Sign.Run(r)
r.signed = r.Error != nil
return r.Error return r.Error
} }
...@@ -189,42 +204,57 @@ func (r *Request) Send() error { ...@@ -189,42 +204,57 @@ func (r *Request) Send() error {
return r.Error return r.Error
} }
if r.Retryable.Get() { if aws.BoolValue(r.Retryable) {
if r.Service.Config.LogLevel.Matches(aws.LogDebugWithRequestRetries) {
r.Service.Config.Logger.Log(fmt.Sprintf("DEBUG: Retrying Request %s/%s, attempt %d",
r.Service.ServiceName, r.Operation.Name, r.RetryCount))
}
// Re-seek the body back to the original point in for a retry so that // Re-seek the body back to the original point in for a retry so that
// send will send the body's contents again in the upcoming request. // send will send the body's contents again in the upcoming request.
r.Body.Seek(r.bodyStart, 0) r.Body.Seek(r.BodyStart, 0)
r.HTTPRequest.Body = ioutil.NopCloser(r.Body)
} }
r.Retryable.Reset() r.Retryable = nil
r.Handlers.Send.Run(r) r.Handlers.Send.Run(r)
if r.Error != nil { if r.Error != nil {
err := r.Error
r.Handlers.Retry.Run(r) r.Handlers.Retry.Run(r)
r.Handlers.AfterRetry.Run(r) r.Handlers.AfterRetry.Run(r)
if r.Error != nil { if r.Error != nil {
debugLogReqError(r, "Send Request", false, r.Error)
return r.Error return r.Error
} }
debugLogReqError(r, "Send Request", true, err)
continue continue
} }
r.Handlers.UnmarshalMeta.Run(r) r.Handlers.UnmarshalMeta.Run(r)
r.Handlers.ValidateResponse.Run(r) r.Handlers.ValidateResponse.Run(r)
if r.Error != nil { if r.Error != nil {
err := r.Error
r.Handlers.UnmarshalError.Run(r) r.Handlers.UnmarshalError.Run(r)
r.Handlers.Retry.Run(r) r.Handlers.Retry.Run(r)
r.Handlers.AfterRetry.Run(r) r.Handlers.AfterRetry.Run(r)
if r.Error != nil { if r.Error != nil {
debugLogReqError(r, "Validate Response", false, r.Error)
return r.Error return r.Error
} }
debugLogReqError(r, "Validate Response", true, err)
continue continue
} }
r.Handlers.Unmarshal.Run(r) r.Handlers.Unmarshal.Run(r)
if r.Error != nil { if r.Error != nil {
err := r.Error
r.Handlers.Retry.Run(r) r.Handlers.Retry.Run(r)
r.Handlers.AfterRetry.Run(r) r.Handlers.AfterRetry.Run(r)
if r.Error != nil { if r.Error != nil {
debugLogReqError(r, "Unmarshal Response", false, r.Error)
return r.Error return r.Error
} }
debugLogReqError(r, "Unmarshal Response", true, err)
continue continue
} }
...@@ -285,7 +315,7 @@ func (r *Request) NextPage() *Request { ...@@ -285,7 +315,7 @@ func (r *Request) NextPage() *Request {
} }
data := reflect.New(reflect.TypeOf(r.Data).Elem()).Interface() data := reflect.New(reflect.TypeOf(r.Data).Elem()).Interface()
nr := NewRequest(r.Service, r.Operation, awsutil.CopyOf(r.Params), data) nr := New(r.Service, r.Handlers, r.Retryer, r.Operation, awsutil.CopyOf(r.Params), data)
for i, intok := range nr.Operation.InputTokens { for i, intok := range nr.Operation.InputTokens {
awsutil.SetValueAtAnyPath(nr.Params, intok, tokens[i]) awsutil.SetValueAtAnyPath(nr.Params, intok, tokens[i])
} }
......
package aws package request_test
import ( import (
"bytes" "bytes"
...@@ -7,13 +7,14 @@ import ( ...@@ -7,13 +7,14 @@ import (
"io" "io"
"io/ioutil" "io/ioutil"
"net/http" "net/http"
"reflect"
"testing" "testing"
"time" "time"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/credentials" "github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/internal/apierr" "github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/aws/service"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
...@@ -25,7 +26,7 @@ func body(str string) io.ReadCloser { ...@@ -25,7 +26,7 @@ func body(str string) io.ReadCloser {
return ioutil.NopCloser(bytes.NewReader([]byte(str))) return ioutil.NopCloser(bytes.NewReader([]byte(str)))
} }
func unmarshal(req *Request) { func unmarshal(req *request.Request) {
defer req.HTTPResponse.Body.Close() defer req.HTTPResponse.Body.Close()
if req.Data != nil { if req.Data != nil {
json.NewDecoder(req.HTTPResponse.Body).Decode(req.Data) json.NewDecoder(req.HTTPResponse.Body).Decode(req.Data)
...@@ -33,15 +34,15 @@ func unmarshal(req *Request) { ...@@ -33,15 +34,15 @@ func unmarshal(req *Request) {
return return
} }
func unmarshalError(req *Request) { func unmarshalError(req *request.Request) {
bodyBytes, err := ioutil.ReadAll(req.HTTPResponse.Body) bodyBytes, err := ioutil.ReadAll(req.HTTPResponse.Body)
if err != nil { if err != nil {
req.Error = apierr.New("UnmarshaleError", req.HTTPResponse.Status, err) req.Error = awserr.New("UnmarshaleError", req.HTTPResponse.Status, err)
return return
} }
if len(bodyBytes) == 0 { if len(bodyBytes) == 0 {
req.Error = apierr.NewRequestError( req.Error = awserr.NewRequestFailure(
apierr.New("UnmarshaleError", req.HTTPResponse.Status, fmt.Errorf("empty body")), awserr.New("UnmarshaleError", req.HTTPResponse.Status, fmt.Errorf("empty body")),
req.HTTPResponse.StatusCode, req.HTTPResponse.StatusCode,
"", "",
) )
...@@ -49,11 +50,11 @@ func unmarshalError(req *Request) { ...@@ -49,11 +50,11 @@ func unmarshalError(req *Request) {
} }
var jsonErr jsonErrorResponse var jsonErr jsonErrorResponse
if err := json.Unmarshal(bodyBytes, &jsonErr); err != nil { if err := json.Unmarshal(bodyBytes, &jsonErr); err != nil {
req.Error = apierr.New("UnmarshaleError", "JSON unmarshal", err) req.Error = awserr.New("UnmarshaleError", "JSON unmarshal", err)
return return
} }
req.Error = apierr.NewRequestError( req.Error = awserr.NewRequestFailure(
apierr.New(jsonErr.Code, jsonErr.Message, nil), awserr.New(jsonErr.Code, jsonErr.Message, nil),
req.HTTPResponse.StatusCode, req.HTTPResponse.StatusCode,
"", "",
) )
...@@ -68,22 +69,22 @@ type jsonErrorResponse struct { ...@@ -68,22 +69,22 @@ type jsonErrorResponse struct {
func TestRequestRecoverRetry5xx(t *testing.T) { func TestRequestRecoverRetry5xx(t *testing.T) {
reqNum := 0 reqNum := 0
reqs := []http.Response{ reqs := []http.Response{
http.Response{StatusCode: 500, Body: body(`{"__type":"UnknownError","message":"An error occurred."}`)}, {StatusCode: 500, Body: body(`{"__type":"UnknownError","message":"An error occurred."}`)},
http.Response{StatusCode: 501, Body: body(`{"__type":"UnknownError","message":"An error occurred."}`)}, {StatusCode: 501, Body: body(`{"__type":"UnknownError","message":"An error occurred."}`)},
http.Response{StatusCode: 200, Body: body(`{"data":"valid"}`)}, {StatusCode: 200, Body: body(`{"data":"valid"}`)},
} }
s := NewService(&Config{MaxRetries: 10}) s := service.New(aws.NewConfig().WithMaxRetries(10))
s.Handlers.Validate.Clear() s.Handlers.Validate.Clear()
s.Handlers.Unmarshal.PushBack(unmarshal) s.Handlers.Unmarshal.PushBack(unmarshal)
s.Handlers.UnmarshalError.PushBack(unmarshalError) s.Handlers.UnmarshalError.PushBack(unmarshalError)
s.Handlers.Send.Clear() // mock sending s.Handlers.Send.Clear() // mock sending
s.Handlers.Send.PushBack(func(r *Request) { s.Handlers.Send.PushBack(func(r *request.Request) {
r.HTTPResponse = &reqs[reqNum] r.HTTPResponse = &reqs[reqNum]
reqNum++ reqNum++
}) })
out := &testData{} out := &testData{}
r := NewRequest(s, &Operation{Name: "Operation"}, nil, out) r := s.NewRequest(&request.Operation{Name: "Operation"}, nil, out)
err := r.Send() err := r.Send()
assert.Nil(t, err) assert.Nil(t, err)
assert.Equal(t, 2, int(r.RetryCount)) assert.Equal(t, 2, int(r.RetryCount))
...@@ -94,22 +95,22 @@ func TestRequestRecoverRetry5xx(t *testing.T) { ...@@ -94,22 +95,22 @@ func TestRequestRecoverRetry5xx(t *testing.T) {
func TestRequestRecoverRetry4xxRetryable(t *testing.T) { func TestRequestRecoverRetry4xxRetryable(t *testing.T) {
reqNum := 0 reqNum := 0
reqs := []http.Response{ reqs := []http.Response{
http.Response{StatusCode: 400, Body: body(`{"__type":"Throttling","message":"Rate exceeded."}`)}, {StatusCode: 400, Body: body(`{"__type":"Throttling","message":"Rate exceeded."}`)},
http.Response{StatusCode: 429, Body: body(`{"__type":"ProvisionedThroughputExceededException","message":"Rate exceeded."}`)}, {StatusCode: 429, Body: body(`{"__type":"ProvisionedThroughputExceededException","message":"Rate exceeded."}`)},
http.Response{StatusCode: 200, Body: body(`{"data":"valid"}`)}, {StatusCode: 200, Body: body(`{"data":"valid"}`)},
} }
s := NewService(&Config{MaxRetries: 10}) s := service.New(aws.NewConfig().WithMaxRetries(10))
s.Handlers.Validate.Clear() s.Handlers.Validate.Clear()
s.Handlers.Unmarshal.PushBack(unmarshal) s.Handlers.Unmarshal.PushBack(unmarshal)
s.Handlers.UnmarshalError.PushBack(unmarshalError) s.Handlers.UnmarshalError.PushBack(unmarshalError)
s.Handlers.Send.Clear() // mock sending s.Handlers.Send.Clear() // mock sending
s.Handlers.Send.PushBack(func(r *Request) { s.Handlers.Send.PushBack(func(r *request.Request) {
r.HTTPResponse = &reqs[reqNum] r.HTTPResponse = &reqs[reqNum]
reqNum++ reqNum++
}) })
out := &testData{} out := &testData{}
r := NewRequest(s, &Operation{Name: "Operation"}, nil, out) r := s.NewRequest(&request.Operation{Name: "Operation"}, nil, out)
err := r.Send() err := r.Send()
assert.Nil(t, err) assert.Nil(t, err)
assert.Equal(t, 2, int(r.RetryCount)) assert.Equal(t, 2, int(r.RetryCount))
...@@ -118,16 +119,16 @@ func TestRequestRecoverRetry4xxRetryable(t *testing.T) { ...@@ -118,16 +119,16 @@ func TestRequestRecoverRetry4xxRetryable(t *testing.T) {
// test that retries don't occur for 4xx status codes with a response type that can't be retried // test that retries don't occur for 4xx status codes with a response type that can't be retried
func TestRequest4xxUnretryable(t *testing.T) { func TestRequest4xxUnretryable(t *testing.T) {
s := NewService(&Config{MaxRetries: 10}) s := service.New(aws.NewConfig().WithMaxRetries(10))
s.Handlers.Validate.Clear() s.Handlers.Validate.Clear()
s.Handlers.Unmarshal.PushBack(unmarshal) s.Handlers.Unmarshal.PushBack(unmarshal)
s.Handlers.UnmarshalError.PushBack(unmarshalError) s.Handlers.UnmarshalError.PushBack(unmarshalError)
s.Handlers.Send.Clear() // mock sending s.Handlers.Send.Clear() // mock sending
s.Handlers.Send.PushBack(func(r *Request) { s.Handlers.Send.PushBack(func(r *request.Request) {
r.HTTPResponse = &http.Response{StatusCode: 401, Body: body(`{"__type":"SignatureDoesNotMatch","message":"Signature does not match."}`)} r.HTTPResponse = &http.Response{StatusCode: 401, Body: body(`{"__type":"SignatureDoesNotMatch","message":"Signature does not match."}`)}
}) })
out := &testData{} out := &testData{}
r := NewRequest(s, &Operation{Name: "Operation"}, nil, out) r := s.NewRequest(&request.Operation{Name: "Operation"}, nil, out)
err := r.Send() err := r.Send()
assert.NotNil(t, err) assert.NotNil(t, err)
if e, ok := err.(awserr.RequestFailure); ok { if e, ok := err.(awserr.RequestFailure); ok {
...@@ -142,28 +143,28 @@ func TestRequest4xxUnretryable(t *testing.T) { ...@@ -142,28 +143,28 @@ func TestRequest4xxUnretryable(t *testing.T) {
func TestRequestExhaustRetries(t *testing.T) { func TestRequestExhaustRetries(t *testing.T) {
delays := []time.Duration{} delays := []time.Duration{}
sleepDelay = func(delay time.Duration) { sleepDelay := func(delay time.Duration) {
delays = append(delays, delay) delays = append(delays, delay)
} }
reqNum := 0 reqNum := 0
reqs := []http.Response{ reqs := []http.Response{
http.Response{StatusCode: 500, Body: body(`{"__type":"UnknownError","message":"An error occurred."}`)}, {StatusCode: 500, Body: body(`{"__type":"UnknownError","message":"An error occurred."}`)},
http.Response{StatusCode: 500, Body: body(`{"__type":"UnknownError","message":"An error occurred."}`)}, {StatusCode: 500, Body: body(`{"__type":"UnknownError","message":"An error occurred."}`)},
http.Response{StatusCode: 500, Body: body(`{"__type":"UnknownError","message":"An error occurred."}`)}, {StatusCode: 500, Body: body(`{"__type":"UnknownError","message":"An error occurred."}`)},
http.Response{StatusCode: 500, Body: body(`{"__type":"UnknownError","message":"An error occurred."}`)}, {StatusCode: 500, Body: body(`{"__type":"UnknownError","message":"An error occurred."}`)},
} }
s := NewService(&Config{MaxRetries: -1}) s := service.New(aws.NewConfig().WithMaxRetries(aws.DefaultRetries).WithSleepDelay(sleepDelay))
s.Handlers.Validate.Clear() s.Handlers.Validate.Clear()
s.Handlers.Unmarshal.PushBack(unmarshal) s.Handlers.Unmarshal.PushBack(unmarshal)
s.Handlers.UnmarshalError.PushBack(unmarshalError) s.Handlers.UnmarshalError.PushBack(unmarshalError)
s.Handlers.Send.Clear() // mock sending s.Handlers.Send.Clear() // mock sending
s.Handlers.Send.PushBack(func(r *Request) { s.Handlers.Send.PushBack(func(r *request.Request) {
r.HTTPResponse = &reqs[reqNum] r.HTTPResponse = &reqs[reqNum]
reqNum++ reqNum++
}) })
r := NewRequest(s, &Operation{Name: "Operation"}, nil, nil) r := s.NewRequest(&request.Operation{Name: "Operation"}, nil, nil)
err := r.Send() err := r.Send()
assert.NotNil(t, err) assert.NotNil(t, err)
if e, ok := err.(awserr.RequestFailure); ok { if e, ok := err.(awserr.RequestFailure); ok {
...@@ -174,18 +175,25 @@ func TestRequestExhaustRetries(t *testing.T) { ...@@ -174,18 +175,25 @@ func TestRequestExhaustRetries(t *testing.T) {
assert.Equal(t, "UnknownError", err.(awserr.Error).Code()) assert.Equal(t, "UnknownError", err.(awserr.Error).Code())
assert.Equal(t, "An error occurred.", err.(awserr.Error).Message()) assert.Equal(t, "An error occurred.", err.(awserr.Error).Message())
assert.Equal(t, 3, int(r.RetryCount)) assert.Equal(t, 3, int(r.RetryCount))
assert.True(t, reflect.DeepEqual([]time.Duration{30 * time.Millisecond, 60 * time.Millisecond, 120 * time.Millisecond}, delays))
expectDelays := []struct{ min, max time.Duration }{{30, 59}, {60, 118}, {120, 236}}
for i, v := range delays {
min := expectDelays[i].min * time.Millisecond
max := expectDelays[i].max * time.Millisecond
assert.True(t, min <= v && v <= max,
"Expect delay to be within range, i:%d, v:%s, min:%s, max:%s", i, v, min, max)
}
} }
// test that the request is retried after the credentials are expired. // test that the request is retried after the credentials are expired.
func TestRequestRecoverExpiredCreds(t *testing.T) { func TestRequestRecoverExpiredCreds(t *testing.T) {
reqNum := 0 reqNum := 0
reqs := []http.Response{ reqs := []http.Response{
http.Response{StatusCode: 400, Body: body(`{"__type":"ExpiredTokenException","message":"expired token"}`)}, {StatusCode: 400, Body: body(`{"__type":"ExpiredTokenException","message":"expired token"}`)},
http.Response{StatusCode: 200, Body: body(`{"data":"valid"}`)}, {StatusCode: 200, Body: body(`{"data":"valid"}`)},
} }
s := NewService(&Config{MaxRetries: 10, Credentials: credentials.NewStaticCredentials("AKID", "SECRET", "")}) s := service.New(&aws.Config{MaxRetries: aws.Int(10), Credentials: credentials.NewStaticCredentials("AKID", "SECRET", "")})
s.Handlers.Validate.Clear() s.Handlers.Validate.Clear()
s.Handlers.Unmarshal.PushBack(unmarshal) s.Handlers.Unmarshal.PushBack(unmarshal)
s.Handlers.UnmarshalError.PushBack(unmarshalError) s.Handlers.UnmarshalError.PushBack(unmarshalError)
...@@ -193,21 +201,21 @@ func TestRequestRecoverExpiredCreds(t *testing.T) { ...@@ -193,21 +201,21 @@ func TestRequestRecoverExpiredCreds(t *testing.T) {
credExpiredBeforeRetry := false credExpiredBeforeRetry := false
credExpiredAfterRetry := false credExpiredAfterRetry := false
s.Handlers.AfterRetry.PushBack(func(r *Request) { s.Handlers.AfterRetry.PushBack(func(r *request.Request) {
credExpiredAfterRetry = r.Config.Credentials.IsExpired() credExpiredAfterRetry = r.Service.Config.Credentials.IsExpired()
}) })
s.Handlers.Sign.Clear() s.Handlers.Sign.Clear()
s.Handlers.Sign.PushBack(func(r *Request) { s.Handlers.Sign.PushBack(func(r *request.Request) {
r.Config.Credentials.Get() r.Service.Config.Credentials.Get()
}) })
s.Handlers.Send.Clear() // mock sending s.Handlers.Send.Clear() // mock sending
s.Handlers.Send.PushBack(func(r *Request) { s.Handlers.Send.PushBack(func(r *request.Request) {
r.HTTPResponse = &reqs[reqNum] r.HTTPResponse = &reqs[reqNum]
reqNum++ reqNum++
}) })
out := &testData{} out := &testData{}
r := NewRequest(s, &Operation{Name: "Operation"}, nil, out) r := s.NewRequest(&request.Operation{Name: "Operation"}, nil, out)
err := r.Send() err := r.Send()
assert.Nil(t, err) assert.Nil(t, err)
......
package request
import (
"time"
"github.com/aws/aws-sdk-go/aws/awserr"
)
// Retryer is an interface to control retry logic for a given service.
// The default implementation used by most services is the service.DefaultRetryer
// structure, which contains basic retry logic using exponential backoff.
type Retryer interface {
RetryRules(*Request) time.Duration
ShouldRetry(*Request) bool
MaxRetries() uint
}
// retryableCodes is a collection of service response codes which are retry-able
// without any further action.
var retryableCodes = map[string]struct{}{
"RequestError": {},
"ProvisionedThroughputExceededException": {},
"Throttling": {},
"ThrottlingException": {},
"RequestLimitExceeded": {},
"RequestThrottled": {},
}
// credsExpiredCodes is a collection of error codes which signify the credentials
// need to be refreshed. Expired tokens require refreshing of credentials, and
// resigning before the request can be retried.
var credsExpiredCodes = map[string]struct{}{
"ExpiredToken": {},
"ExpiredTokenException": {},
"RequestExpired": {}, // EC2 Only
}
func isCodeRetryable(code string) bool {
if _, ok := retryableCodes[code]; ok {
return true
}
return isCodeExpiredCreds(code)
}
func isCodeExpiredCreds(code string) bool {
_, ok := credsExpiredCodes[code]
return ok
}
// IsErrorRetryable returns whether the error is retryable, based on its Code.
// Returns false if the request has no Error set.
func (r *Request) IsErrorRetryable() bool {
if r.Error != nil {
if err, ok := r.Error.(awserr.Error); ok {
return isCodeRetryable(err.Code())
}
}
return false
}
// IsErrorExpired returns whether the error code is a credential expiry error.
// Returns false if the request has no Error set.
func (r *Request) IsErrorExpired() bool {
if r.Error != nil {
if err, ok := r.Error.(awserr.Error); ok {
return isCodeExpiredCreds(err.Code())
}
}
return false
}
package aws
import (
"fmt"
"math"
"net/http"
"net/http/httputil"
"regexp"
"time"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/internal/endpoints"
)
// A Service implements the base service request and response handling
// used by all services.
type Service struct {
Config *Config
Handlers Handlers
ManualSend bool
ServiceName string
APIVersion string
Endpoint string
SigningName string
SigningRegion string
JSONVersion string
TargetPrefix string
RetryRules func(*Request) time.Duration
ShouldRetry func(*Request) bool
DefaultMaxRetries uint
}
var schemeRE = regexp.MustCompile("^([^:]+)://")
// NewService will return a pointer to a new Server object initialized.
func NewService(config *Config) *Service {
svc := &Service{Config: config}
svc.Initialize()
return svc
}
// Initialize initializes the service.
func (s *Service) Initialize() {
if s.Config == nil {
s.Config = &Config{}
}
if s.Config.HTTPClient == nil {
s.Config.HTTPClient = http.DefaultClient
}
if s.RetryRules == nil {
s.RetryRules = retryRules
}
if s.ShouldRetry == nil {
s.ShouldRetry = shouldRetry
}
s.DefaultMaxRetries = 3
s.Handlers.Validate.PushBack(ValidateEndpointHandler)
s.Handlers.Build.PushBack(UserAgentHandler)
s.Handlers.Sign.PushBack(BuildContentLength)
s.Handlers.Send.PushBack(SendHandler)
s.Handlers.AfterRetry.PushBack(AfterRetryHandler)
s.Handlers.ValidateResponse.PushBack(ValidateResponseHandler)
s.AddDebugHandlers()
s.buildEndpoint()
if !s.Config.DisableParamValidation {
s.Handlers.Validate.PushBack(ValidateParameters)
}
}
// buildEndpoint builds the endpoint values the service will use to make requests with.
func (s *Service) buildEndpoint() {
if s.Config.Endpoint != "" {
s.Endpoint = s.Config.Endpoint
} else {
s.Endpoint, s.SigningRegion =
endpoints.EndpointForRegion(s.ServiceName, s.Config.Region)
}
if s.Endpoint != "" && !schemeRE.MatchString(s.Endpoint) {
scheme := "https"
if s.Config.DisableSSL {
scheme = "http"
}
s.Endpoint = scheme + "://" + s.Endpoint
}
}
// AddDebugHandlers injects debug logging handlers into the service to log request
// debug information.
func (s *Service) AddDebugHandlers() {
out := s.Config.Logger
if s.Config.LogLevel == 0 {
return
}
s.Handlers.Send.PushFront(func(r *Request) {
logBody := r.Config.LogHTTPBody
dumpedBody, _ := httputil.DumpRequestOut(r.HTTPRequest, logBody)
fmt.Fprintf(out, "---[ REQUEST POST-SIGN ]-----------------------------\n")
fmt.Fprintf(out, "%s\n", string(dumpedBody))
fmt.Fprintf(out, "-----------------------------------------------------\n")
})
s.Handlers.Send.PushBack(func(r *Request) {
fmt.Fprintf(out, "---[ RESPONSE ]--------------------------------------\n")
if r.HTTPResponse != nil {
logBody := r.Config.LogHTTPBody
dumpedBody, _ := httputil.DumpResponse(r.HTTPResponse, logBody)
fmt.Fprintf(out, "%s\n", string(dumpedBody))
} else if r.Error != nil {
fmt.Fprintf(out, "%s\n", r.Error)
}
fmt.Fprintf(out, "-----------------------------------------------------\n")
})
}
// MaxRetries returns the number of maximum returns the service will use to make
// an individual API request.
func (s *Service) MaxRetries() uint {
if s.Config.MaxRetries < 0 {
return s.DefaultMaxRetries
}
return uint(s.Config.MaxRetries)
}
// retryRules returns the delay duration before retrying this request again
func retryRules(r *Request) time.Duration {
delay := time.Duration(math.Pow(2, float64(r.RetryCount))) * 30
return delay * time.Millisecond
}
// retryableCodes is a collection of service response codes which are retry-able
// without any further action.
var retryableCodes = map[string]struct{}{
"RequestError": struct{}{},
"ProvisionedThroughputExceededException": struct{}{},
"Throttling": struct{}{},
}
// credsExpiredCodes is a collection of error codes which signify the credentials
// need to be refreshed. Expired tokens require refreshing of credentials, and
// resigning before the request can be retried.
var credsExpiredCodes = map[string]struct{}{
"ExpiredToken": struct{}{},
"ExpiredTokenException": struct{}{},
"RequestExpired": struct{}{}, // EC2 Only
}
func isCodeRetryable(code string) bool {
if _, ok := retryableCodes[code]; ok {
return true
}
return isCodeExpiredCreds(code)
}
func isCodeExpiredCreds(code string) bool {
_, ok := credsExpiredCodes[code]
return ok
}
// shouldRetry returns if the request should be retried.
func shouldRetry(r *Request) bool {
if r.HTTPResponse.StatusCode >= 500 {
return true
}
if r.Error != nil {
if err, ok := r.Error.(awserr.Error); ok {
return isCodeRetryable(err.Code())
}
}
return false
}
package service
import (
"math"
"math/rand"
"time"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/request"
)
// DefaultRetryer implements basic retry logic using exponential backoff for
// most services. If you want to implement custom retry logic, implement the
// request.Retryer interface or create a structure type that composes this
// struct and override the specific methods. For example, to override only
// the MaxRetries method:
//
// type retryer struct {
// service.DefaultRetryer
// }
//
// // This implementation always has 100 max retries
// func (d retryer) MaxRetries() uint { return 100 }
type DefaultRetryer struct {
*Service
}
// MaxRetries returns the number of maximum returns the service will use to make
// an individual API request.
func (d DefaultRetryer) MaxRetries() uint {
if aws.IntValue(d.Service.Config.MaxRetries) < 0 {
return d.DefaultMaxRetries
}
return uint(aws.IntValue(d.Service.Config.MaxRetries))
}
var seededRand = rand.New(rand.NewSource(time.Now().UnixNano()))
// RetryRules returns the delay duration before retrying this request again
func (d DefaultRetryer) RetryRules(r *request.Request) time.Duration {
delay := int(math.Pow(2, float64(r.RetryCount))) * (seededRand.Intn(30) + 30)
return time.Duration(delay) * time.Millisecond
}
// ShouldRetry returns if the request should be retried.
func (d DefaultRetryer) ShouldRetry(r *request.Request) bool {
if r.HTTPResponse.StatusCode >= 500 {
return true
}
return r.IsErrorRetryable()
}
package service
import (
"fmt"
"io/ioutil"
"net/http"
"net/http/httputil"
"regexp"
"time"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/corehandlers"
"github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/aws/service/serviceinfo"
"github.com/aws/aws-sdk-go/internal/endpoints"
)
// A Service implements the base service request and response handling
// used by all services.
type Service struct {
serviceinfo.ServiceInfo
request.Retryer
DefaultMaxRetries uint
Handlers request.Handlers
}
var schemeRE = regexp.MustCompile("^([^:]+)://")
// New will return a pointer to a new Server object initialized.
func New(config *aws.Config) *Service {
svc := &Service{ServiceInfo: serviceinfo.ServiceInfo{Config: config}}
svc.Initialize()
return svc
}
// Initialize initializes the service.
func (s *Service) Initialize() {
if s.Config == nil {
s.Config = &aws.Config{}
}
if s.Config.HTTPClient == nil {
s.Config.HTTPClient = http.DefaultClient
}
if s.Config.SleepDelay == nil {
s.Config.SleepDelay = time.Sleep
}
s.Retryer = DefaultRetryer{s}
s.DefaultMaxRetries = 3
s.Handlers.Validate.PushBackNamed(corehandlers.ValidateEndpointHandler)
s.Handlers.Build.PushBackNamed(corehandlers.UserAgentHandler)
s.Handlers.Sign.PushBackNamed(corehandlers.BuildContentLengthHandler)
s.Handlers.Send.PushBackNamed(corehandlers.SendHandler)
s.Handlers.AfterRetry.PushBackNamed(corehandlers.AfterRetryHandler)
s.Handlers.ValidateResponse.PushBackNamed(corehandlers.ValidateResponseHandler)
if !aws.BoolValue(s.Config.DisableParamValidation) {
s.Handlers.Validate.PushBackNamed(corehandlers.ValidateParametersHandler)
}
s.AddDebugHandlers()
s.buildEndpoint()
}
// NewRequest returns a new Request pointer for the service API
// operation and parameters.
func (s *Service) NewRequest(operation *request.Operation, params interface{}, data interface{}) *request.Request {
return request.New(s.ServiceInfo, s.Handlers, s.Retryer, operation, params, data)
}
// buildEndpoint builds the endpoint values the service will use to make requests with.
func (s *Service) buildEndpoint() {
if aws.StringValue(s.Config.Endpoint) != "" {
s.Endpoint = *s.Config.Endpoint
} else if s.Endpoint == "" {
s.Endpoint, s.SigningRegion =
endpoints.EndpointForRegion(s.ServiceName, aws.StringValue(s.Config.Region))
}
if s.Endpoint != "" && !schemeRE.MatchString(s.Endpoint) {
scheme := "https"
if aws.BoolValue(s.Config.DisableSSL) {
scheme = "http"
}
s.Endpoint = scheme + "://" + s.Endpoint
}
}
// AddDebugHandlers injects debug logging handlers into the service to log request
// debug information.
func (s *Service) AddDebugHandlers() {
if !s.Config.LogLevel.AtLeast(aws.LogDebug) {
return
}
s.Handlers.Send.PushFront(logRequest)
s.Handlers.Send.PushBack(logResponse)
}
const logReqMsg = `DEBUG: Request %s/%s Details:
---[ REQUEST POST-SIGN ]-----------------------------
%s
-----------------------------------------------------`
func logRequest(r *request.Request) {
logBody := r.Service.Config.LogLevel.Matches(aws.LogDebugWithHTTPBody)
dumpedBody, _ := httputil.DumpRequestOut(r.HTTPRequest, logBody)
if logBody {
// Reset the request body because dumpRequest will re-wrap the r.HTTPRequest's
// Body as a NoOpCloser and will not be reset after read by the HTTP
// client reader.
r.Body.Seek(r.BodyStart, 0)
r.HTTPRequest.Body = ioutil.NopCloser(r.Body)
}
r.Service.Config.Logger.Log(fmt.Sprintf(logReqMsg, r.Service.ServiceName, r.Operation.Name, string(dumpedBody)))
}
const logRespMsg = `DEBUG: Response %s/%s Details:
---[ RESPONSE ]--------------------------------------
%s
-----------------------------------------------------`
func logResponse(r *request.Request) {
var msg = "no reponse data"
if r.HTTPResponse != nil {
logBody := r.Service.Config.LogLevel.Matches(aws.LogDebugWithHTTPBody)
dumpedBody, _ := httputil.DumpResponse(r.HTTPResponse, logBody)
msg = string(dumpedBody)
} else if r.Error != nil {
msg = r.Error.Error()
}
r.Service.Config.Logger.Log(fmt.Sprintf(logRespMsg, r.Service.ServiceName, r.Operation.Name, msg))
}
package serviceinfo
import "github.com/aws/aws-sdk-go/aws"
// ServiceInfo wraps immutable data from the service.Service structure.
type ServiceInfo struct {
Config *aws.Config
ServiceName string
APIVersion string
Endpoint string
SigningName string
SigningRegion string
JSONVersion string
TargetPrefix string
}
package aws package aws
import ( import (
"fmt"
"io" "io"
"time" "sync"
) )
// String converts a Go string into a string pointer.
func String(v string) *string {
return &v
}
// Boolean converts a Go bool into a boolean pointer.
func Boolean(v bool) *bool {
return &v
}
// Long converts a Go int64 into a long pointer.
func Long(v int64) *int64 {
return &v
}
// Double converts a Go float64 into a double pointer.
func Double(v float64) *float64 {
return &v
}
// Time converts a Go Time into a Time pointer
func Time(t time.Time) *time.Time {
return &t
}
// ReadSeekCloser wraps a io.Reader returning a ReaderSeakerCloser // ReadSeekCloser wraps a io.Reader returning a ReaderSeakerCloser
func ReadSeekCloser(r io.Reader) ReaderSeekerCloser { func ReadSeekCloser(r io.Reader) ReaderSeekerCloser {
return ReaderSeekerCloser{r} return ReaderSeekerCloser{r}
...@@ -81,51 +55,34 @@ func (r ReaderSeekerCloser) Close() error { ...@@ -81,51 +55,34 @@ func (r ReaderSeekerCloser) Close() error {
return nil return nil
} }
// A SettableBool provides a boolean value which includes the state if // A WriteAtBuffer provides a in memory buffer supporting the io.WriterAt interface
// the value was set or unset. The set state is in addition to the value's // Can be used with the s3manager.Downloader to download content to a buffer
// value(true|false) // in memory. Safe to use concurrently.
type SettableBool struct { type WriteAtBuffer struct {
value bool buf []byte
set bool m sync.Mutex
} }
// SetBool returns a SettableBool with a value set // WriteAt writes a slice of bytes to a buffer starting at the position provided
func SetBool(value bool) SettableBool { // The number of bytes written will be returned, or error. Can overwrite previous
return SettableBool{value: value, set: true} // written slices if the write ats overlap.
} func (b *WriteAtBuffer) WriteAt(p []byte, pos int64) (n int, err error) {
b.m.Lock()
defer b.m.Unlock()
// Get returns the value. Will always be false if the SettableBool was not set. expLen := pos + int64(len(p))
func (b *SettableBool) Get() bool { if int64(len(b.buf)) < expLen {
if !b.set { newBuf := make([]byte, expLen)
return false copy(newBuf, b.buf)
b.buf = newBuf
} }
return b.value copy(b.buf[pos:], p)
} return len(p), nil
// Set sets the value and updates the state that the value has been set.
func (b *SettableBool) Set(value bool) {
b.value = value
b.set = true
}
// IsSet returns if the value has been set
func (b *SettableBool) IsSet() bool {
return b.set
}
// Reset resets the state and value of the SettableBool to its initial default
// state of not set and zero value.
func (b *SettableBool) Reset() {
b.value = false
b.set = false
}
// String returns the string representation of the value if set. Zero if not set.
func (b *SettableBool) String() string {
return fmt.Sprintf("%t", b.Get())
} }
// GoString returns the string representation of the SettableBool value and state // Bytes returns a slice of bytes written to the buffer.
func (b *SettableBool) GoString() string { func (b *WriteAtBuffer) Bytes() []byte {
return fmt.Sprintf("Bool{value:%t, set:%t}", b.value, b.set) b.m.Lock()
defer b.m.Unlock()
return b.buf[:len(b.buf):len(b.buf)]
} }
package aws
import (
"math/rand"
"testing"
"github.com/stretchr/testify/assert"
)
func TestWriteAtBuffer(t *testing.T) {
b := &WriteAtBuffer{}
n, err := b.WriteAt([]byte{1}, 0)
assert.NoError(t, err)
assert.Equal(t, 1, n)
n, err = b.WriteAt([]byte{1, 1, 1}, 5)
assert.NoError(t, err)
assert.Equal(t, 3, n)
n, err = b.WriteAt([]byte{2}, 1)
assert.NoError(t, err)
assert.Equal(t, 1, n)
n, err = b.WriteAt([]byte{3}, 2)
assert.NoError(t, err)
assert.Equal(t, 1, n)
assert.Equal(t, []byte{1, 2, 3, 0, 0, 1, 1, 1}, b.Bytes())
}
func BenchmarkWriteAtBuffer(b *testing.B) {
buf := &WriteAtBuffer{}
r := rand.New(rand.NewSource(1))
b.ResetTimer()
for i := 0; i < b.N; i++ {
to := r.Intn(10) * 4096
bs := make([]byte, to)
buf.WriteAt(bs, r.Int63n(10)*4096)
}
}
func BenchmarkWriteAtBufferParallel(b *testing.B) {
buf := &WriteAtBuffer{}
r := rand.New(rand.NewSource(1))
b.ResetTimer()
b.RunParallel(func(pb *testing.PB) {
for pb.Next() {
to := r.Intn(10) * 4096
bs := make([]byte, to)
buf.WriteAt(bs, r.Int63n(10)*4096)
}
})
}
...@@ -5,4 +5,4 @@ package aws ...@@ -5,4 +5,4 @@ package aws
const SDKName = "aws-sdk-go" const SDKName = "aws-sdk-go"
// SDKVersion is the version of this SDK // SDKVersion is the version of this SDK
const SDKVersion = "0.6.0" const SDKVersion = "0.9.9"
...@@ -2,6 +2,7 @@ ...@@ -2,6 +2,7 @@
package endpoints package endpoints
//go:generate go run ../model/cli/gen-endpoints/main.go endpoints.json endpoints_map.go //go:generate go run ../model/cli/gen-endpoints/main.go endpoints.json endpoints_map.go
//go:generate gofmt -s -w endpoints_map.go
import "strings" import "strings"
......
...@@ -15,74 +15,74 @@ type endpointEntry struct { ...@@ -15,74 +15,74 @@ type endpointEntry struct {
var endpointsMap = endpointStruct{ var endpointsMap = endpointStruct{
Version: 2, Version: 2,
Endpoints: map[string]endpointEntry{ Endpoints: map[string]endpointEntry{
"*/*": endpointEntry{ "*/*": {
Endpoint: "{service}.{region}.amazonaws.com", Endpoint: "{service}.{region}.amazonaws.com",
}, },
"*/cloudfront": endpointEntry{ "*/cloudfront": {
Endpoint: "cloudfront.amazonaws.com", Endpoint: "cloudfront.amazonaws.com",
SigningRegion: "us-east-1", SigningRegion: "us-east-1",
}, },
"*/cloudsearchdomain": endpointEntry{ "*/cloudsearchdomain": {
Endpoint: "", Endpoint: "",
SigningRegion: "us-east-1", SigningRegion: "us-east-1",
}, },
"*/iam": endpointEntry{ "*/iam": {
Endpoint: "iam.amazonaws.com", Endpoint: "iam.amazonaws.com",
SigningRegion: "us-east-1", SigningRegion: "us-east-1",
}, },
"*/importexport": endpointEntry{ "*/importexport": {
Endpoint: "importexport.amazonaws.com", Endpoint: "importexport.amazonaws.com",
SigningRegion: "us-east-1", SigningRegion: "us-east-1",
}, },
"*/route53": endpointEntry{ "*/route53": {
Endpoint: "route53.amazonaws.com", Endpoint: "route53.amazonaws.com",
SigningRegion: "us-east-1", SigningRegion: "us-east-1",
}, },
"*/sts": endpointEntry{ "*/sts": {
Endpoint: "sts.amazonaws.com", Endpoint: "sts.amazonaws.com",
SigningRegion: "us-east-1", SigningRegion: "us-east-1",
}, },
"ap-northeast-1/s3": endpointEntry{ "ap-northeast-1/s3": {
Endpoint: "s3-{region}.amazonaws.com", Endpoint: "s3-{region}.amazonaws.com",
}, },
"ap-southeast-1/s3": endpointEntry{ "ap-southeast-1/s3": {
Endpoint: "s3-{region}.amazonaws.com", Endpoint: "s3-{region}.amazonaws.com",
}, },
"ap-southeast-2/s3": endpointEntry{ "ap-southeast-2/s3": {
Endpoint: "s3-{region}.amazonaws.com", Endpoint: "s3-{region}.amazonaws.com",
}, },
"cn-north-1/*": endpointEntry{ "cn-north-1/*": {
Endpoint: "{service}.{region}.amazonaws.com.cn", Endpoint: "{service}.{region}.amazonaws.com.cn",
}, },
"eu-central-1/s3": endpointEntry{ "eu-central-1/s3": {
Endpoint: "{service}.{region}.amazonaws.com", Endpoint: "{service}.{region}.amazonaws.com",
}, },
"eu-west-1/s3": endpointEntry{ "eu-west-1/s3": {
Endpoint: "s3-{region}.amazonaws.com", Endpoint: "s3-{region}.amazonaws.com",
}, },
"sa-east-1/s3": endpointEntry{ "sa-east-1/s3": {
Endpoint: "s3-{region}.amazonaws.com", Endpoint: "s3-{region}.amazonaws.com",
}, },
"us-east-1/s3": endpointEntry{ "us-east-1/s3": {
Endpoint: "s3.amazonaws.com", Endpoint: "s3.amazonaws.com",
}, },
"us-east-1/sdb": endpointEntry{ "us-east-1/sdb": {
Endpoint: "sdb.amazonaws.com", Endpoint: "sdb.amazonaws.com",
SigningRegion: "us-east-1", SigningRegion: "us-east-1",
}, },
"us-gov-west-1/iam": endpointEntry{ "us-gov-west-1/iam": {
Endpoint: "iam.us-gov.amazonaws.com", Endpoint: "iam.us-gov.amazonaws.com",
}, },
"us-gov-west-1/s3": endpointEntry{ "us-gov-west-1/s3": {
Endpoint: "s3-{region}.amazonaws.com", Endpoint: "s3-{region}.amazonaws.com",
}, },
"us-gov-west-1/sts": endpointEntry{ "us-gov-west-1/sts": {
Endpoint: "sts.us-gov-west-1.amazonaws.com", Endpoint: "sts.us-gov-west-1.amazonaws.com",
}, },
"us-west-1/s3": endpointEntry{ "us-west-1/s3": {
Endpoint: "s3-{region}.amazonaws.com", Endpoint: "s3-{region}.amazonaws.com",
}, },
"us-west-2/s3": endpointEntry{ "us-west-2/s3": {
Endpoint: "s3-{region}.amazonaws.com", Endpoint: "s3-{region}.amazonaws.com",
}, },
}, },
......
...@@ -6,19 +6,19 @@ package ec2query ...@@ -6,19 +6,19 @@ package ec2query
import ( import (
"net/url" "net/url"
"github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/internal/apierr" "github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/internal/protocol/query/queryutil" "github.com/aws/aws-sdk-go/internal/protocol/query/queryutil"
) )
// Build builds a request for the EC2 protocol. // Build builds a request for the EC2 protocol.
func Build(r *aws.Request) { func Build(r *request.Request) {
body := url.Values{ body := url.Values{
"Action": {r.Operation.Name}, "Action": {r.Operation.Name},
"Version": {r.Service.APIVersion}, "Version": {r.Service.APIVersion},
} }
if err := queryutil.Parse(body, r.Params, true); err != nil { if err := queryutil.Parse(body, r.Params, true); err != nil {
r.Error = apierr.New("Marshal", "failed encoding EC2 Query request", err) r.Error = awserr.New("SerializationError", "failed encoding EC2 Query request", err)
} }
if r.ExpireTime == 0 { if r.ExpireTime == 0 {
......
...@@ -6,26 +6,26 @@ import ( ...@@ -6,26 +6,26 @@ import (
"encoding/xml" "encoding/xml"
"io" "io"
"github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/internal/apierr" "github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/internal/protocol/xml/xmlutil" "github.com/aws/aws-sdk-go/internal/protocol/xml/xmlutil"
) )
// Unmarshal unmarshals a response body for the EC2 protocol. // Unmarshal unmarshals a response body for the EC2 protocol.
func Unmarshal(r *aws.Request) { func Unmarshal(r *request.Request) {
defer r.HTTPResponse.Body.Close() defer r.HTTPResponse.Body.Close()
if r.DataFilled() { if r.DataFilled() {
decoder := xml.NewDecoder(r.HTTPResponse.Body) decoder := xml.NewDecoder(r.HTTPResponse.Body)
err := xmlutil.UnmarshalXML(r.Data, decoder, "") err := xmlutil.UnmarshalXML(r.Data, decoder, "")
if err != nil { if err != nil {
r.Error = apierr.New("Unmarshal", "failed decoding EC2 Query response", err) r.Error = awserr.New("SerializationError", "failed decoding EC2 Query response", err)
return return
} }
} }
} }
// UnmarshalMeta unmarshals response headers for the EC2 protocol. // UnmarshalMeta unmarshals response headers for the EC2 protocol.
func UnmarshalMeta(r *aws.Request) { func UnmarshalMeta(r *request.Request) {
// TODO implement unmarshaling of request IDs // TODO implement unmarshaling of request IDs
} }
...@@ -37,16 +37,16 @@ type xmlErrorResponse struct { ...@@ -37,16 +37,16 @@ type xmlErrorResponse struct {
} }
// UnmarshalError unmarshals a response error for the EC2 protocol. // UnmarshalError unmarshals a response error for the EC2 protocol.
func UnmarshalError(r *aws.Request) { func UnmarshalError(r *request.Request) {
defer r.HTTPResponse.Body.Close() defer r.HTTPResponse.Body.Close()
resp := &xmlErrorResponse{} resp := &xmlErrorResponse{}
err := xml.NewDecoder(r.HTTPResponse.Body).Decode(resp) err := xml.NewDecoder(r.HTTPResponse.Body).Decode(resp)
if err != nil && err != io.EOF { if err != nil && err != io.EOF {
r.Error = apierr.New("Unmarshal", "failed decoding EC2 Query error response", err) r.Error = awserr.New("SerializationError", "failed decoding EC2 Query error response", err)
} else { } else {
r.Error = apierr.NewRequestError( r.Error = awserr.NewRequestFailure(
apierr.New(resp.Code, resp.Message, nil), awserr.New(resp.Code, resp.Message, nil),
r.HTTPResponse.StatusCode, r.HTTPResponse.StatusCode,
resp.RequestID, resp.RequestID,
) )
......
...@@ -6,19 +6,19 @@ package query ...@@ -6,19 +6,19 @@ package query
import ( import (
"net/url" "net/url"
"github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/internal/apierr" "github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/internal/protocol/query/queryutil" "github.com/aws/aws-sdk-go/internal/protocol/query/queryutil"
) )
// Build builds a request for an AWS Query service. // Build builds a request for an AWS Query service.
func Build(r *aws.Request) { func Build(r *request.Request) {
body := url.Values{ body := url.Values{
"Action": {r.Operation.Name}, "Action": {r.Operation.Name},
"Version": {r.Service.APIVersion}, "Version": {r.Service.APIVersion},
} }
if err := queryutil.Parse(body, r.Params, false); err != nil { if err := queryutil.Parse(body, r.Params, false); err != nil {
r.Error = apierr.New("Marshal", "failed encoding Query request", err) r.Error = awserr.New("SerializationError", "failed encoding Query request", err)
return return
} }
......
...@@ -5,25 +5,25 @@ package query ...@@ -5,25 +5,25 @@ package query
import ( import (
"encoding/xml" "encoding/xml"
"github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/internal/apierr" "github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/internal/protocol/xml/xmlutil" "github.com/aws/aws-sdk-go/internal/protocol/xml/xmlutil"
) )
// Unmarshal unmarshals a response for an AWS Query service. // Unmarshal unmarshals a response for an AWS Query service.
func Unmarshal(r *aws.Request) { func Unmarshal(r *request.Request) {
defer r.HTTPResponse.Body.Close() defer r.HTTPResponse.Body.Close()
if r.DataFilled() { if r.DataFilled() {
decoder := xml.NewDecoder(r.HTTPResponse.Body) decoder := xml.NewDecoder(r.HTTPResponse.Body)
err := xmlutil.UnmarshalXML(r.Data, decoder, r.Operation.Name+"Result") err := xmlutil.UnmarshalXML(r.Data, decoder, r.Operation.Name+"Result")
if err != nil { if err != nil {
r.Error = apierr.New("Unmarshal", "failed decoding Query response", err) r.Error = awserr.New("SerializationError", "failed decoding Query response", err)
return return
} }
} }
} }
// UnmarshalMeta unmarshals header response values for an AWS Query service. // UnmarshalMeta unmarshals header response values for an AWS Query service.
func UnmarshalMeta(r *aws.Request) { func UnmarshalMeta(r *request.Request) {
// TODO implement unmarshaling of request IDs // TODO implement unmarshaling of request IDs
} }
...@@ -4,8 +4,8 @@ import ( ...@@ -4,8 +4,8 @@ import (
"encoding/xml" "encoding/xml"
"io" "io"
"github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/internal/apierr" "github.com/aws/aws-sdk-go/aws/request"
) )
type xmlErrorResponse struct { type xmlErrorResponse struct {
...@@ -16,16 +16,16 @@ type xmlErrorResponse struct { ...@@ -16,16 +16,16 @@ type xmlErrorResponse struct {
} }
// UnmarshalError unmarshals an error response for an AWS Query service. // UnmarshalError unmarshals an error response for an AWS Query service.
func UnmarshalError(r *aws.Request) { func UnmarshalError(r *request.Request) {
defer r.HTTPResponse.Body.Close() defer r.HTTPResponse.Body.Close()
resp := &xmlErrorResponse{} resp := &xmlErrorResponse{}
err := xml.NewDecoder(r.HTTPResponse.Body).Decode(resp) err := xml.NewDecoder(r.HTTPResponse.Body).Decode(resp)
if err != nil && err != io.EOF { if err != nil && err != io.EOF {
r.Error = apierr.New("Unmarshal", "failed to decode query XML error response", err) r.Error = awserr.New("SerializationError", "failed to decode query XML error response", err)
} else { } else {
r.Error = apierr.NewRequestError( r.Error = awserr.NewRequestFailure(
apierr.New(resp.Code, resp.Message, nil), awserr.New(resp.Code, resp.Message, nil),
r.HTTPResponse.StatusCode, r.HTTPResponse.StatusCode,
resp.RequestID, resp.RequestID,
) )
......
// Package rest provides RESTful serialisation of AWS requests and responses. // Package rest provides RESTful serialization of AWS requests and responses.
package rest package rest
import ( import (
...@@ -13,8 +13,8 @@ import ( ...@@ -13,8 +13,8 @@ import (
"strings" "strings"
"time" "time"
"github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/internal/apierr" "github.com/aws/aws-sdk-go/aws/request"
) )
// RFC822 returns an RFC822 formatted timestamp for AWS protocols // RFC822 returns an RFC822 formatted timestamp for AWS protocols
...@@ -37,7 +37,7 @@ func init() { ...@@ -37,7 +37,7 @@ func init() {
} }
// Build builds the REST component of a service request. // Build builds the REST component of a service request.
func Build(r *aws.Request) { func Build(r *request.Request) {
if r.ParamsFilled() { if r.ParamsFilled() {
v := reflect.ValueOf(r.Params).Elem() v := reflect.ValueOf(r.Params).Elem()
buildLocationElements(r, v) buildLocationElements(r, v)
...@@ -45,7 +45,7 @@ func Build(r *aws.Request) { ...@@ -45,7 +45,7 @@ func Build(r *aws.Request) {
} }
} }
func buildLocationElements(r *aws.Request, v reflect.Value) { func buildLocationElements(r *request.Request, v reflect.Value) {
query := r.HTTPRequest.URL.Query() query := r.HTTPRequest.URL.Query()
for i := 0; i < v.NumField(); i++ { for i := 0; i < v.NumField(); i++ {
...@@ -87,7 +87,7 @@ func buildLocationElements(r *aws.Request, v reflect.Value) { ...@@ -87,7 +87,7 @@ func buildLocationElements(r *aws.Request, v reflect.Value) {
updatePath(r.HTTPRequest.URL, r.HTTPRequest.URL.Path) updatePath(r.HTTPRequest.URL, r.HTTPRequest.URL.Path)
} }
func buildBody(r *aws.Request, v reflect.Value) { func buildBody(r *request.Request, v reflect.Value) {
if field, ok := v.Type().FieldByName("SDKShapeTraits"); ok { if field, ok := v.Type().FieldByName("SDKShapeTraits"); ok {
if payloadName := field.Tag.Get("payload"); payloadName != "" { if payloadName := field.Tag.Get("payload"); payloadName != "" {
pfield, _ := v.Type().FieldByName(payloadName) pfield, _ := v.Type().FieldByName(payloadName)
...@@ -102,7 +102,7 @@ func buildBody(r *aws.Request, v reflect.Value) { ...@@ -102,7 +102,7 @@ func buildBody(r *aws.Request, v reflect.Value) {
case string: case string:
r.SetStringBody(reader) r.SetStringBody(reader)
default: default:
r.Error = apierr.New("Marshal", r.Error = awserr.New("SerializationError",
"failed to encode REST request", "failed to encode REST request",
fmt.Errorf("unknown payload type %s", payload.Type())) fmt.Errorf("unknown payload type %s", payload.Type()))
} }
...@@ -112,30 +112,30 @@ func buildBody(r *aws.Request, v reflect.Value) { ...@@ -112,30 +112,30 @@ func buildBody(r *aws.Request, v reflect.Value) {
} }
} }
func buildHeader(r *aws.Request, v reflect.Value, name string) { func buildHeader(r *request.Request, v reflect.Value, name string) {
str, err := convertType(v) str, err := convertType(v)
if err != nil { if err != nil {
r.Error = apierr.New("Marshal", "failed to encode REST request", err) r.Error = awserr.New("SerializationError", "failed to encode REST request", err)
} else if str != nil { } else if str != nil {
r.HTTPRequest.Header.Add(name, *str) r.HTTPRequest.Header.Add(name, *str)
} }
} }
func buildHeaderMap(r *aws.Request, v reflect.Value, prefix string) { func buildHeaderMap(r *request.Request, v reflect.Value, prefix string) {
for _, key := range v.MapKeys() { for _, key := range v.MapKeys() {
str, err := convertType(v.MapIndex(key)) str, err := convertType(v.MapIndex(key))
if err != nil { if err != nil {
r.Error = apierr.New("Marshal", "failed to encode REST request", err) r.Error = awserr.New("SerializationError", "failed to encode REST request", err)
} else if str != nil { } else if str != nil {
r.HTTPRequest.Header.Add(prefix+key.String(), *str) r.HTTPRequest.Header.Add(prefix+key.String(), *str)
} }
} }
} }
func buildURI(r *aws.Request, v reflect.Value, name string) { func buildURI(r *request.Request, v reflect.Value, name string) {
value, err := convertType(v) value, err := convertType(v)
if err != nil { if err != nil {
r.Error = apierr.New("Marshal", "failed to encode REST request", err) r.Error = awserr.New("SerializationError", "failed to encode REST request", err)
} else if value != nil { } else if value != nil {
uri := r.HTTPRequest.URL.Path uri := r.HTTPRequest.URL.Path
uri = strings.Replace(uri, "{"+name+"}", EscapePath(*value, true), -1) uri = strings.Replace(uri, "{"+name+"}", EscapePath(*value, true), -1)
...@@ -144,10 +144,10 @@ func buildURI(r *aws.Request, v reflect.Value, name string) { ...@@ -144,10 +144,10 @@ func buildURI(r *aws.Request, v reflect.Value, name string) {
} }
} }
func buildQueryString(r *aws.Request, v reflect.Value, name string, query url.Values) { func buildQueryString(r *request.Request, v reflect.Value, name string, query url.Values) {
str, err := convertType(v) str, err := convertType(v)
if err != nil { if err != nil {
r.Error = apierr.New("Marshal", "failed to encode REST request", err) r.Error = awserr.New("SerializationError", "failed to encode REST request", err)
} else if str != nil { } else if str != nil {
query.Set(name, *str) query.Set(name, *str)
} }
...@@ -156,8 +156,13 @@ func buildQueryString(r *aws.Request, v reflect.Value, name string, query url.Va ...@@ -156,8 +156,13 @@ func buildQueryString(r *aws.Request, v reflect.Value, name string, query url.Va
func updatePath(url *url.URL, urlPath string) { func updatePath(url *url.URL, urlPath string) {
scheme, query := url.Scheme, url.RawQuery scheme, query := url.Scheme, url.RawQuery
hasSlash := strings.HasSuffix(urlPath, "/")
// clean up path // clean up path
urlPath = path.Clean(urlPath) urlPath = path.Clean(urlPath)
if hasSlash && !strings.HasSuffix(urlPath, "/") {
urlPath += "/"
}
// get formatted URL minus scheme so we can build this into Opaque // get formatted URL minus scheme so we can build this into Opaque
url.Scheme, url.Path, url.RawQuery = "", "", "" url.Scheme, url.Path, url.RawQuery = "", "", ""
......
...@@ -11,19 +11,28 @@ import ( ...@@ -11,19 +11,28 @@ import (
"time" "time"
"github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/internal/apierr" "github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/request"
) )
// Unmarshal unmarshals the REST component of a response in a REST service. // Unmarshal unmarshals the REST component of a response in a REST service.
func Unmarshal(r *aws.Request) { func Unmarshal(r *request.Request) {
if r.DataFilled() { if r.DataFilled() {
v := reflect.Indirect(reflect.ValueOf(r.Data)) v := reflect.Indirect(reflect.ValueOf(r.Data))
unmarshalBody(r, v) unmarshalBody(r, v)
}
}
// UnmarshalMeta unmarshals the REST metadata of a response in a REST service
func UnmarshalMeta(r *request.Request) {
r.RequestID = r.HTTPResponse.Header.Get("X-Amzn-Requestid")
if r.DataFilled() {
v := reflect.Indirect(reflect.ValueOf(r.Data))
unmarshalLocationElements(r, v) unmarshalLocationElements(r, v)
} }
} }
func unmarshalBody(r *aws.Request, v reflect.Value) { func unmarshalBody(r *request.Request, v reflect.Value) {
if field, ok := v.Type().FieldByName("SDKShapeTraits"); ok { if field, ok := v.Type().FieldByName("SDKShapeTraits"); ok {
if payloadName := field.Tag.Get("payload"); payloadName != "" { if payloadName := field.Tag.Get("payload"); payloadName != "" {
pfield, _ := v.Type().FieldByName(payloadName) pfield, _ := v.Type().FieldByName(payloadName)
...@@ -34,14 +43,14 @@ func unmarshalBody(r *aws.Request, v reflect.Value) { ...@@ -34,14 +43,14 @@ func unmarshalBody(r *aws.Request, v reflect.Value) {
case []byte: case []byte:
b, err := ioutil.ReadAll(r.HTTPResponse.Body) b, err := ioutil.ReadAll(r.HTTPResponse.Body)
if err != nil { if err != nil {
r.Error = apierr.New("Unmarshal", "failed to decode REST response", err) r.Error = awserr.New("SerializationError", "failed to decode REST response", err)
} else { } else {
payload.Set(reflect.ValueOf(b)) payload.Set(reflect.ValueOf(b))
} }
case *string: case *string:
b, err := ioutil.ReadAll(r.HTTPResponse.Body) b, err := ioutil.ReadAll(r.HTTPResponse.Body)
if err != nil { if err != nil {
r.Error = apierr.New("Unmarshal", "failed to decode REST response", err) r.Error = awserr.New("SerializationError", "failed to decode REST response", err)
} else { } else {
str := string(b) str := string(b)
payload.Set(reflect.ValueOf(&str)) payload.Set(reflect.ValueOf(&str))
...@@ -53,7 +62,7 @@ func unmarshalBody(r *aws.Request, v reflect.Value) { ...@@ -53,7 +62,7 @@ func unmarshalBody(r *aws.Request, v reflect.Value) {
case "aws.ReadSeekCloser", "io.ReadCloser": case "aws.ReadSeekCloser", "io.ReadCloser":
payload.Set(reflect.ValueOf(r.HTTPResponse.Body)) payload.Set(reflect.ValueOf(r.HTTPResponse.Body))
default: default:
r.Error = apierr.New("Unmarshal", r.Error = awserr.New("SerializationError",
"failed to decode REST response", "failed to decode REST response",
fmt.Errorf("unknown payload type %s", payload.Type())) fmt.Errorf("unknown payload type %s", payload.Type()))
} }
...@@ -64,7 +73,7 @@ func unmarshalBody(r *aws.Request, v reflect.Value) { ...@@ -64,7 +73,7 @@ func unmarshalBody(r *aws.Request, v reflect.Value) {
} }
} }
func unmarshalLocationElements(r *aws.Request, v reflect.Value) { func unmarshalLocationElements(r *request.Request, v reflect.Value) {
for i := 0; i < v.NumField(); i++ { for i := 0; i < v.NumField(); i++ {
m, field := v.Field(i), v.Type().Field(i) m, field := v.Field(i), v.Type().Field(i)
if n := field.Name; n[0:1] == strings.ToLower(n[0:1]) { if n := field.Name; n[0:1] == strings.ToLower(n[0:1]) {
...@@ -83,14 +92,14 @@ func unmarshalLocationElements(r *aws.Request, v reflect.Value) { ...@@ -83,14 +92,14 @@ func unmarshalLocationElements(r *aws.Request, v reflect.Value) {
case "header": case "header":
err := unmarshalHeader(m, r.HTTPResponse.Header.Get(name)) err := unmarshalHeader(m, r.HTTPResponse.Header.Get(name))
if err != nil { if err != nil {
r.Error = apierr.New("Unmarshal", "failed to decode REST response", err) r.Error = awserr.New("SerializationError", "failed to decode REST response", err)
break break
} }
case "headers": case "headers":
prefix := field.Tag.Get("locationName") prefix := field.Tag.Get("locationName")
err := unmarshalHeaderMap(m, r.HTTPResponse.Header, prefix) err := unmarshalHeaderMap(m, r.HTTPResponse.Header, prefix)
if err != nil { if err != nil {
r.Error = apierr.New("Unmarshal", "failed to decode REST response", err) r.Error = awserr.New("SerializationError", "failed to decode REST response", err)
break break
} }
} }
......
...@@ -114,7 +114,7 @@ func parseStruct(r reflect.Value, node *XMLNode, tag reflect.StructTag) error { ...@@ -114,7 +114,7 @@ func parseStruct(r reflect.Value, node *XMLNode, tag reflect.StructTag) error {
for _, a := range node.Attr { for _, a := range node.Attr {
if name == a.Name.Local { if name == a.Name.Local {
// turn this into a text node for de-serializing // turn this into a text node for de-serializing
elems = []*XMLNode{&XMLNode{Text: a.Value}} elems = []*XMLNode{{Text: a.Value}}
} }
} }
} }
......
...@@ -14,10 +14,10 @@ import ( ...@@ -14,10 +14,10 @@ import (
"strings" "strings"
"time" "time"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/credentials" "github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/internal/protocol/rest" "github.com/aws/aws-sdk-go/internal/protocol/rest"
"github.com/aws/aws-sdk-go/aws"
) )
const ( const (
...@@ -34,18 +34,17 @@ var ignoredHeaders = map[string]bool{ ...@@ -34,18 +34,17 @@ var ignoredHeaders = map[string]bool{
} }
type signer struct { type signer struct {
Request *http.Request Request *http.Request
Time time.Time Time time.Time
ExpireTime time.Duration ExpireTime time.Duration
ServiceName string ServiceName string
Region string Region string
AccessKeyID string CredValues credentials.Value
SecretAccessKey string Credentials *credentials.Credentials
SessionToken string Query url.Values
Query url.Values Body io.ReadSeeker
Body io.ReadSeeker Debug aws.LogLevelType
Debug uint Logger aws.Logger
Logger io.Writer
isPresign bool isPresign bool
formattedTime string formattedTime string
...@@ -65,21 +64,16 @@ type signer struct { ...@@ -65,21 +64,16 @@ type signer struct {
// Will sign the requests with the service config's Credentials object // Will sign the requests with the service config's Credentials object
// Signing is skipped if the credentials is the credentials.AnonymousCredentials // Signing is skipped if the credentials is the credentials.AnonymousCredentials
// object. // object.
func Sign(req *aws.Request) { func Sign(req *request.Request) {
// If the request does not need to be signed ignore the signing of the // If the request does not need to be signed ignore the signing of the
// request if the AnonymousCredentials object is used. // request if the AnonymousCredentials object is used.
if req.Service.Config.Credentials == credentials.AnonymousCredentials { if req.Service.Config.Credentials == credentials.AnonymousCredentials {
return return
} }
creds, err := req.Service.Config.Credentials.Get()
if err != nil {
req.Error = err
return
}
region := req.Service.SigningRegion region := req.Service.SigningRegion
if region == "" { if region == "" {
region = req.Service.Config.Region region = aws.StringValue(req.Service.Config.Region)
} }
name := req.Service.SigningName name := req.Service.SigningName
...@@ -88,53 +82,86 @@ func Sign(req *aws.Request) { ...@@ -88,53 +82,86 @@ func Sign(req *aws.Request) {
} }
s := signer{ s := signer{
Request: req.HTTPRequest, Request: req.HTTPRequest,
Time: req.Time, Time: req.Time,
ExpireTime: req.ExpireTime, ExpireTime: req.ExpireTime,
Query: req.HTTPRequest.URL.Query(), Query: req.HTTPRequest.URL.Query(),
Body: req.Body, Body: req.Body,
ServiceName: name, ServiceName: name,
Region: region, Region: region,
AccessKeyID: creds.AccessKeyID, Credentials: req.Service.Config.Credentials,
SecretAccessKey: creds.SecretAccessKey, Debug: req.Service.Config.LogLevel.Value(),
SessionToken: creds.SessionToken, Logger: req.Service.Config.Logger,
Debug: req.Service.Config.LogLevel,
Logger: req.Service.Config.Logger,
} }
s.sign()
return req.Error = s.sign()
} }
func (v4 *signer) sign() { func (v4 *signer) sign() error {
if v4.ExpireTime != 0 { if v4.ExpireTime != 0 {
v4.isPresign = true v4.isPresign = true
} }
if v4.isRequestSigned() {
if !v4.Credentials.IsExpired() {
// If the request is already signed, and the credentials have not
// expired yet ignore the signing request.
return nil
}
// The credentials have expired for this request. The current signing
// is invalid, and needs to be request because the request will fail.
if v4.isPresign {
v4.removePresign()
// Update the request's query string to ensure the values stays in
// sync in the case retrieving the new credentials fails.
v4.Request.URL.RawQuery = v4.Query.Encode()
}
}
var err error
v4.CredValues, err = v4.Credentials.Get()
if err != nil {
return err
}
if v4.isPresign { if v4.isPresign {
v4.Query.Set("X-Amz-Algorithm", authHeaderPrefix) v4.Query.Set("X-Amz-Algorithm", authHeaderPrefix)
if v4.SessionToken != "" { if v4.CredValues.SessionToken != "" {
v4.Query.Set("X-Amz-Security-Token", v4.SessionToken) v4.Query.Set("X-Amz-Security-Token", v4.CredValues.SessionToken)
} else { } else {
v4.Query.Del("X-Amz-Security-Token") v4.Query.Del("X-Amz-Security-Token")
} }
} else if v4.SessionToken != "" { } else if v4.CredValues.SessionToken != "" {
v4.Request.Header.Set("X-Amz-Security-Token", v4.SessionToken) v4.Request.Header.Set("X-Amz-Security-Token", v4.CredValues.SessionToken)
} }
v4.build() v4.build()
if v4.Debug > 0 { if v4.Debug.Matches(aws.LogDebugWithSigning) {
out := v4.Logger v4.logSigningInfo()
fmt.Fprintf(out, "---[ CANONICAL STRING ]-----------------------------\n")
fmt.Fprintln(out, v4.canonicalString)
fmt.Fprintf(out, "---[ STRING TO SIGN ]--------------------------------\n")
fmt.Fprintln(out, v4.stringToSign)
if v4.isPresign {
fmt.Fprintf(out, "---[ SIGNED URL ]--------------------------------\n")
fmt.Fprintln(out, v4.Request.URL)
}
fmt.Fprintf(out, "-----------------------------------------------------\n")
} }
return nil
}
const logSignInfoMsg = `DEBUG: Request Signiture:
---[ CANONICAL STRING ]-----------------------------
%s
---[ STRING TO SIGN ]--------------------------------
%s%s
-----------------------------------------------------`
const logSignedURLMsg = `
---[ SIGNED URL ]------------------------------------
%s`
func (v4 *signer) logSigningInfo() {
signedURLMsg := ""
if v4.isPresign {
signedURLMsg = fmt.Sprintf(logSignedURLMsg, v4.Request.URL.String())
}
msg := fmt.Sprintf(logSignInfoMsg, v4.canonicalString, v4.stringToSign, signedURLMsg)
v4.Logger.Log(msg)
} }
func (v4 *signer) build() { func (v4 *signer) build() {
...@@ -152,7 +179,7 @@ func (v4 *signer) build() { ...@@ -152,7 +179,7 @@ func (v4 *signer) build() {
v4.Request.URL.RawQuery += "&X-Amz-Signature=" + v4.signature v4.Request.URL.RawQuery += "&X-Amz-Signature=" + v4.signature
} else { } else {
parts := []string{ parts := []string{
authHeaderPrefix + " Credential=" + v4.AccessKeyID + "/" + v4.credentialString, authHeaderPrefix + " Credential=" + v4.CredValues.AccessKeyID + "/" + v4.credentialString,
"SignedHeaders=" + v4.signedHeaders, "SignedHeaders=" + v4.signedHeaders,
"Signature=" + v4.signature, "Signature=" + v4.signature,
} }
...@@ -182,7 +209,7 @@ func (v4 *signer) buildCredentialString() { ...@@ -182,7 +209,7 @@ func (v4 *signer) buildCredentialString() {
}, "/") }, "/")
if v4.isPresign { if v4.isPresign {
v4.Query.Set("X-Amz-Credential", v4.AccessKeyID+"/"+v4.credentialString) v4.Query.Set("X-Amz-Credential", v4.CredValues.AccessKeyID+"/"+v4.credentialString)
} }
} }
...@@ -269,7 +296,7 @@ func (v4 *signer) buildStringToSign() { ...@@ -269,7 +296,7 @@ func (v4 *signer) buildStringToSign() {
} }
func (v4 *signer) buildSignature() { func (v4 *signer) buildSignature() {
secret := v4.SecretAccessKey secret := v4.CredValues.SecretAccessKey
date := makeHmac([]byte("AWS4"+secret), []byte(v4.formattedShortTime)) date := makeHmac([]byte("AWS4"+secret), []byte(v4.formattedShortTime))
region := makeHmac(date, []byte(v4.Region)) region := makeHmac(date, []byte(v4.Region))
service := makeHmac(region, []byte(v4.ServiceName)) service := makeHmac(region, []byte(v4.ServiceName))
...@@ -293,6 +320,29 @@ func (v4 *signer) bodyDigest() string { ...@@ -293,6 +320,29 @@ func (v4 *signer) bodyDigest() string {
return hash return hash
} }
// isRequestSigned returns if the request is currently signed or presigned
func (v4 *signer) isRequestSigned() bool {
if v4.isPresign && v4.Query.Get("X-Amz-Signature") != "" {
return true
}
if v4.Request.Header.Get("Authorization") != "" {
return true
}
return false
}
// unsign removes signing flags for both signed and presigned requests.
func (v4 *signer) removePresign() {
v4.Query.Del("X-Amz-Algorithm")
v4.Query.Del("X-Amz-Signature")
v4.Query.Del("X-Amz-Security-Token")
v4.Query.Del("X-Amz-Date")
v4.Query.Del("X-Amz-Expires")
v4.Query.Del("X-Amz-Credential")
v4.Query.Del("X-Amz-SignedHeaders")
}
func makeHmac(key []byte, data []byte) []byte { func makeHmac(key []byte, data []byte) []byte {
hash := hmac.New(sha256.New, key) hash := hmac.New(sha256.New, key)
hash.Write(data) hash.Write(data)
...@@ -306,21 +356,10 @@ func makeSha256(data []byte) []byte { ...@@ -306,21 +356,10 @@ func makeSha256(data []byte) []byte {
} }
func makeSha256Reader(reader io.ReadSeeker) []byte { func makeSha256Reader(reader io.ReadSeeker) []byte {
packet := make([]byte, 4096)
hash := sha256.New() hash := sha256.New()
start, _ := reader.Seek(0, 1) start, _ := reader.Seek(0, 1)
defer reader.Seek(start, 0) defer reader.Seek(start, 0)
for { io.Copy(hash, reader)
n, err := reader.Read(packet)
if n > 0 {
hash.Write(packet[0:n])
}
if err == io.EOF || n == 0 {
break
}
}
return hash.Sum(nil) return hash.Sum(nil)
} }
...@@ -8,6 +8,8 @@ import ( ...@@ -8,6 +8,8 @@ import (
"github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/credentials" "github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/aws/service"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
...@@ -22,16 +24,14 @@ func buildSigner(serviceName string, region string, signTime time.Time, expireTi ...@@ -22,16 +24,14 @@ func buildSigner(serviceName string, region string, signTime time.Time, expireTi
req.Header.Add("X-Amz-Meta-Other-Header", "some-value=!@#$%^&* (+)") req.Header.Add("X-Amz-Meta-Other-Header", "some-value=!@#$%^&* (+)")
return signer{ return signer{
Request: req, Request: req,
Time: signTime, Time: signTime,
ExpireTime: expireTime, ExpireTime: expireTime,
Query: req.URL.Query(), Query: req.URL.Query(),
Body: reader, Body: reader,
ServiceName: serviceName, ServiceName: serviceName,
Region: region, Region: region,
AccessKeyID: "AKID", Credentials: credentials.NewStaticCredentials("AKID", "SECRET", "SESSION"),
SecretAccessKey: "SECRET",
SessionToken: "SESSION",
} }
} }
...@@ -118,9 +118,9 @@ func TestSignPrecomputedBodyChecksum(t *testing.T) { ...@@ -118,9 +118,9 @@ func TestSignPrecomputedBodyChecksum(t *testing.T) {
} }
func TestAnonymousCredentials(t *testing.T) { func TestAnonymousCredentials(t *testing.T) {
r := aws.NewRequest( svc := service.New(&aws.Config{Credentials: credentials.AnonymousCredentials})
aws.NewService(&aws.Config{Credentials: credentials.AnonymousCredentials}), r := svc.NewRequest(
&aws.Operation{ &request.Operation{
Name: "BatchGetItem", Name: "BatchGetItem",
HTTPMethod: "POST", HTTPMethod: "POST",
HTTPPath: "/", HTTPPath: "/",
...@@ -141,6 +141,97 @@ func TestAnonymousCredentials(t *testing.T) { ...@@ -141,6 +141,97 @@ func TestAnonymousCredentials(t *testing.T) {
assert.Empty(t, hQ.Get("X-Amz-Date")) assert.Empty(t, hQ.Get("X-Amz-Date"))
} }
func TestIgnoreResignRequestWithValidCreds(t *testing.T) {
svc := service.New(&aws.Config{
Credentials: credentials.NewStaticCredentials("AKID", "SECRET", "SESSION"),
Region: aws.String("us-west-2"),
})
r := svc.NewRequest(
&request.Operation{
Name: "BatchGetItem",
HTTPMethod: "POST",
HTTPPath: "/",
},
nil,
nil,
)
Sign(r)
sig := r.HTTPRequest.Header.Get("Authorization")
Sign(r)
assert.Equal(t, sig, r.HTTPRequest.Header.Get("Authorization"))
}
func TestIgnorePreResignRequestWithValidCreds(t *testing.T) {
svc := service.New(&aws.Config{
Credentials: credentials.NewStaticCredentials("AKID", "SECRET", "SESSION"),
Region: aws.String("us-west-2"),
})
r := svc.NewRequest(
&request.Operation{
Name: "BatchGetItem",
HTTPMethod: "POST",
HTTPPath: "/",
},
nil,
nil,
)
r.ExpireTime = time.Minute * 10
Sign(r)
sig := r.HTTPRequest.Header.Get("X-Amz-Signature")
Sign(r)
assert.Equal(t, sig, r.HTTPRequest.Header.Get("X-Amz-Signature"))
}
func TestResignRequestExpiredCreds(t *testing.T) {
creds := credentials.NewStaticCredentials("AKID", "SECRET", "SESSION")
svc := service.New(&aws.Config{Credentials: creds})
r := svc.NewRequest(
&request.Operation{
Name: "BatchGetItem",
HTTPMethod: "POST",
HTTPPath: "/",
},
nil,
nil,
)
Sign(r)
querySig := r.HTTPRequest.Header.Get("Authorization")
creds.Expire()
Sign(r)
assert.NotEqual(t, querySig, r.HTTPRequest.Header.Get("Authorization"))
}
func TestPreResignRequestExpiredCreds(t *testing.T) {
provider := &credentials.StaticProvider{credentials.Value{"AKID", "SECRET", "SESSION"}}
creds := credentials.NewCredentials(provider)
svc := service.New(&aws.Config{Credentials: creds})
r := svc.NewRequest(
&request.Operation{
Name: "BatchGetItem",
HTTPMethod: "POST",
HTTPPath: "/",
},
nil,
nil,
)
r.ExpireTime = time.Minute * 10
Sign(r)
querySig := r.HTTPRequest.URL.Query().Get("X-Amz-Signature")
creds.Expire()
r.Time = time.Now().Add(time.Hour * 48)
Sign(r)
assert.NotEqual(t, querySig, r.HTTPRequest.URL.Query().Get("X-Amz-Signature"))
}
func BenchmarkPresignRequest(b *testing.B) { func BenchmarkPresignRequest(b *testing.B) {
signer := buildSigner("dynamodb", "us-east-1", time.Now(), 300*time.Second, "{}") signer := buildSigner("dynamodb", "us-east-1", time.Now(), 300*time.Second, "{}")
for i := 0; i < b.N; i++ { for i := 0; i < b.N; i++ {
......
This source diff could not be displayed because it is too large. You can view the blob instead.
This source diff could not be displayed because it is too large. You can view the blob instead.
This source diff could not be displayed because it is too large. You can view the blob instead.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment