Rule
11 months ago
Ruleset
11 months ago
EndpointDefinitionProvider.php
11 months ago
EndpointProviderV2.php
11 months ago
EndpointV2Middleware.php
11 months ago
EndpointV2SerializerTrait.php
11 months ago
EndpointV2Middleware.php
307 lines
| 1 | <?php |
| 2 | namespace Aws\EndpointV2; |
| 3 | |
| 4 | use Aws\Api\Operation; |
| 5 | use Aws\Api\Service; |
| 6 | use Aws\CommandInterface; |
| 7 | use Closure; |
| 8 | use GuzzleHttp\Promise\Promise; |
| 9 | |
| 10 | /** |
| 11 | * Handles endpoint rule evaluation and endpoint resolution. |
| 12 | * |
| 13 | * IMPORTANT: this middleware must be added to the "build" step. |
| 14 | * Specifically, it must precede the 'builder' step. |
| 15 | * |
| 16 | * @internal |
| 17 | */ |
| 18 | class EndpointV2Middleware |
| 19 | { |
| 20 | private static $validAuthSchemes = [ |
| 21 | 'sigv4' => true, |
| 22 | 'sigv4a' => true, |
| 23 | 'none' => true, |
| 24 | 'bearer' => true, |
| 25 | 'sigv4-s3express' => true |
| 26 | ]; |
| 27 | |
| 28 | /** @var callable */ |
| 29 | private $nextHandler; |
| 30 | |
| 31 | /** @var EndpointProviderV2 */ |
| 32 | private $endpointProvider; |
| 33 | |
| 34 | /** @var Service */ |
| 35 | private $api; |
| 36 | |
| 37 | /** @var array */ |
| 38 | private $clientArgs; |
| 39 | |
| 40 | /** |
| 41 | * Create a middleware wrapper function |
| 42 | * |
| 43 | * @param EndpointProviderV2 $endpointProvider |
| 44 | * @param Service $api |
| 45 | * @param array $args |
| 46 | * |
| 47 | * @return Closure |
| 48 | */ |
| 49 | public static function wrap( |
| 50 | EndpointProviderV2 $endpointProvider, |
| 51 | Service $api, |
| 52 | array $args |
| 53 | ) : Closure |
| 54 | { |
| 55 | return function (callable $handler) use ($endpointProvider, $api, $args) { |
| 56 | return new self($handler, $endpointProvider, $api, $args); |
| 57 | }; |
| 58 | } |
| 59 | |
| 60 | /** |
| 61 | * @param callable $nextHandler |
| 62 | * @param EndpointProviderV2 $endpointProvider |
| 63 | * @param Service $api |
| 64 | * @param array $args |
| 65 | */ |
| 66 | public function __construct( |
| 67 | callable $nextHandler, |
| 68 | EndpointProviderV2 $endpointProvider, |
| 69 | Service $api, |
| 70 | array $args |
| 71 | ) |
| 72 | { |
| 73 | $this->nextHandler = $nextHandler; |
| 74 | $this->endpointProvider = $endpointProvider; |
| 75 | $this->api = $api; |
| 76 | $this->clientArgs = $args; |
| 77 | } |
| 78 | |
| 79 | /** |
| 80 | * @param CommandInterface $command |
| 81 | * |
| 82 | * @return Promise |
| 83 | */ |
| 84 | public function __invoke(CommandInterface $command) |
| 85 | { |
| 86 | $nextHandler = $this->nextHandler; |
| 87 | $operation = $this->api->getOperation($command->getName()); |
| 88 | $commandArgs = $command->toArray(); |
| 89 | |
| 90 | $providerArgs = $this->resolveArgs($commandArgs, $operation); |
| 91 | $endpoint = $this->endpointProvider->resolveEndpoint($providerArgs); |
| 92 | |
| 93 | if (!empty($authSchemes = $endpoint->getProperty('authSchemes'))) { |
| 94 | $this->applyAuthScheme( |
| 95 | $authSchemes, |
| 96 | $command |
| 97 | ); |
| 98 | } |
| 99 | |
| 100 | return $nextHandler($command, $endpoint); |
| 101 | } |
| 102 | |
| 103 | /** |
| 104 | * Resolves client, context params, static context params and endpoint provider |
| 105 | * arguments provided at the command level. |
| 106 | * |
| 107 | * @param array $commandArgs |
| 108 | * @param Operation $operation |
| 109 | * |
| 110 | * @return array |
| 111 | */ |
| 112 | private function resolveArgs(array $commandArgs, Operation $operation) : array |
| 113 | { |
| 114 | $rulesetParams = $this->endpointProvider->getRuleset()->getParameters(); |
| 115 | $endpointCommandArgs = $this->filterEndpointCommandArgs( |
| 116 | $rulesetParams, |
| 117 | $commandArgs |
| 118 | ); |
| 119 | $staticContextParams = $this->bindStaticContextParams( |
| 120 | $operation->getStaticContextParams() |
| 121 | ); |
| 122 | $contextParams = $this->bindContextParams( |
| 123 | $commandArgs, $operation->getContextParams() |
| 124 | ); |
| 125 | |
| 126 | return array_merge( |
| 127 | $this->clientArgs, |
| 128 | $contextParams, |
| 129 | $staticContextParams, |
| 130 | $endpointCommandArgs |
| 131 | ); |
| 132 | } |
| 133 | |
| 134 | /** |
| 135 | * Compares Ruleset parameters against Command arguments |
| 136 | * to create a mapping of arguments to pass into the |
| 137 | * endpoint provider for endpoint resolution. |
| 138 | * |
| 139 | * @param array $rulesetParams |
| 140 | * @param array $commandArgs |
| 141 | * @return array |
| 142 | */ |
| 143 | private function filterEndpointCommandArgs( |
| 144 | array $rulesetParams, |
| 145 | array $commandArgs |
| 146 | ) : array |
| 147 | { |
| 148 | $endpointMiddlewareOpts = [ |
| 149 | '@use_dual_stack_endpoint' => 'UseDualStack', |
| 150 | '@use_accelerate_endpoint' => 'Accelerate', |
| 151 | '@use_path_style_endpoint' => 'ForcePathStyle' |
| 152 | ]; |
| 153 | |
| 154 | $filteredArgs = []; |
| 155 | |
| 156 | foreach($rulesetParams as $name => $value) { |
| 157 | if (isset($commandArgs[$name])) { |
| 158 | if (!empty($value->getBuiltIn())) { |
| 159 | continue; |
| 160 | } |
| 161 | $filteredArgs[$name] = $commandArgs[$name]; |
| 162 | } |
| 163 | } |
| 164 | |
| 165 | if ($this->api->getServiceName() === 's3') { |
| 166 | foreach($endpointMiddlewareOpts as $optionName => $newValue) { |
| 167 | if (isset($commandArgs[$optionName])) { |
| 168 | $filteredArgs[$newValue] = $commandArgs[$optionName]; |
| 169 | } |
| 170 | } |
| 171 | } |
| 172 | |
| 173 | return $filteredArgs; |
| 174 | } |
| 175 | |
| 176 | /** |
| 177 | * Binds static context params to their corresponding values. |
| 178 | * |
| 179 | * @param $staticContextParams |
| 180 | * |
| 181 | * @return array |
| 182 | */ |
| 183 | private function bindStaticContextParams($staticContextParams) : array |
| 184 | { |
| 185 | $scopedParams = []; |
| 186 | |
| 187 | forEach($staticContextParams as $paramName => $paramValue) { |
| 188 | $scopedParams[$paramName] = $paramValue['value']; |
| 189 | } |
| 190 | |
| 191 | return $scopedParams; |
| 192 | } |
| 193 | |
| 194 | /** |
| 195 | * Binds context params to their corresponding values found in |
| 196 | * command arguments. |
| 197 | * |
| 198 | * @param array $commandArgs |
| 199 | * @param array $contextParams |
| 200 | * |
| 201 | * @return array |
| 202 | */ |
| 203 | private function bindContextParams( |
| 204 | array $commandArgs, |
| 205 | array $contextParams |
| 206 | ) : array |
| 207 | { |
| 208 | $scopedParams = []; |
| 209 | |
| 210 | foreach($contextParams as $name => $spec) { |
| 211 | if (isset($commandArgs[$spec['shape']])) { |
| 212 | $scopedParams[$name] = $commandArgs[$spec['shape']]; |
| 213 | } |
| 214 | } |
| 215 | |
| 216 | return $scopedParams; |
| 217 | } |
| 218 | |
| 219 | /** |
| 220 | * Applies resolved auth schemes to the command object. |
| 221 | * |
| 222 | * @param $authSchemes |
| 223 | * @param $command |
| 224 | * |
| 225 | * @return void |
| 226 | */ |
| 227 | private function applyAuthScheme( |
| 228 | array $authSchemes, |
| 229 | CommandInterface $command |
| 230 | ) : void |
| 231 | { |
| 232 | $authScheme = $this->resolveAuthScheme($authSchemes); |
| 233 | $command->setAuthSchemes($authScheme); |
| 234 | } |
| 235 | |
| 236 | /** |
| 237 | * Returns the first compatible auth scheme in an endpoint object's |
| 238 | * auth schemes. |
| 239 | * |
| 240 | * @param array $authSchemes |
| 241 | * |
| 242 | * @return array |
| 243 | */ |
| 244 | private function resolveAuthScheme(array $authSchemes) : array |
| 245 | { |
| 246 | $invalidAuthSchemes = []; |
| 247 | |
| 248 | foreach($authSchemes as $authScheme) { |
| 249 | if (isset(self::$validAuthSchemes[$authScheme['name']])) { |
| 250 | return $this->normalizeAuthScheme($authScheme); |
| 251 | } else { |
| 252 | $invalidAuthSchemes[] = "`{$authScheme['name']}`"; |
| 253 | } |
| 254 | } |
| 255 | |
| 256 | $invalidAuthSchemesString = implode(', ', $invalidAuthSchemes); |
| 257 | $validAuthSchemesString = '`' |
| 258 | . implode('`, `', array_keys(self::$validAuthSchemes)) |
| 259 | . '`'; |
| 260 | throw new \InvalidArgumentException( |
| 261 | "This operation requests {$invalidAuthSchemesString}" |
| 262 | . " auth schemes, but the client only supports {$validAuthSchemesString}." |
| 263 | ); |
| 264 | } |
| 265 | |
| 266 | /** |
| 267 | * Normalizes an auth scheme's name, signing region or signing region set |
| 268 | * to the auth keys recognized by the SDK. |
| 269 | * |
| 270 | * @param array $authScheme |
| 271 | * @return array |
| 272 | */ |
| 273 | private function normalizeAuthScheme(array $authScheme) : array |
| 274 | { |
| 275 | /* |
| 276 | sigv4a will contain a regionSet property. which is guaranteed to be `*` |
| 277 | for now. The SigV4 class handles this automatically for now. It seems |
| 278 | complexity will be added here in the future. |
| 279 | */ |
| 280 | $normalizedAuthScheme = []; |
| 281 | |
| 282 | if (isset($authScheme['disableDoubleEncoding']) |
| 283 | && $authScheme['disableDoubleEncoding'] === true |
| 284 | && $authScheme['name'] !== 'sigv4a' |
| 285 | && $authScheme['name'] !== 'sigv4-s3express' |
| 286 | ) { |
| 287 | $normalizedAuthScheme['version'] = 's3v4'; |
| 288 | } elseif ($authScheme['name'] === 'none') { |
| 289 | $normalizedAuthScheme['version'] = 'anonymous'; |
| 290 | } |
| 291 | else { |
| 292 | $normalizedAuthScheme['version'] = str_replace( |
| 293 | 'sig', '', $authScheme['name'] |
| 294 | ); |
| 295 | } |
| 296 | |
| 297 | $normalizedAuthScheme['name'] = isset($authScheme['signingName']) ? |
| 298 | $authScheme['signingName'] : null; |
| 299 | $normalizedAuthScheme['region'] = isset($authScheme['signingRegion']) ? |
| 300 | $authScheme['signingRegion'] : null; |
| 301 | $normalizedAuthScheme['signingRegionSet'] = isset($authScheme['signingRegionSet']) ? |
| 302 | $authScheme['signingRegionSet'] : null; |
| 303 | |
| 304 | return $normalizedAuthScheme; |
| 305 | } |
| 306 | } |
| 307 |