...

Source file src/github.com/aws/aws-sdk-go-v2/service/sts/api_op_DecodeAuthorizationMessage.go

Documentation: github.com/aws/aws-sdk-go-v2/service/sts 

     1  // Code generated by smithy-go-codegen DO NOT EDIT.
     2  
     3  package sts
     4  
     5  import (
     6  	"context"
     7  	"fmt"
     8  	awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
     9  	"github.com/aws/smithy-go/middleware"
    10  	smithyhttp "github.com/aws/smithy-go/transport/http"
    11  )
    12  
    13  // Decodes additional information about the authorization status of a request from
    14  // an encoded message returned in response to an Amazon Web Services request. For
    15  // example, if a user is not authorized to perform an operation that he or she has
    16  // requested, the request returns a Client.UnauthorizedOperation response (an HTTP
    17  // 403 response). Some Amazon Web Services operations additionally return an
    18  // encoded message that can provide details about this authorization failure. Only
    19  // certain Amazon Web Services operations return an encoded authorization message.
    20  // The documentation for an individual operation indicates whether that operation
    21  // returns an encoded message in addition to returning an HTTP code. The message is
    22  // encoded because the details of the authorization status can contain privileged
    23  // information that the user who requested the operation should not see. To decode
    24  // an authorization status message, a user must be granted permissions through an
    25  // IAM policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html)
    26  // to request the DecodeAuthorizationMessage ( sts:DecodeAuthorizationMessage )
    27  // action. The decoded message includes the following type of information:
    28  //   - Whether the request was denied due to an explicit deny or due to the
    29  //     absence of an explicit allow. For more information, see Determining Whether a
    30  //     Request is Allowed or Denied (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-denyallow)
    31  //     in the IAM User Guide.
    32  //   - The principal who made the request.
    33  //   - The requested action.
    34  //   - The requested resource.
    35  //   - The values of condition keys in the context of the user's request.
    36  func (c *Client) DecodeAuthorizationMessage(ctx context.Context, params *DecodeAuthorizationMessageInput, optFns ...func(*Options)) (*DecodeAuthorizationMessageOutput, error) {
    37  	if params == nil {
    38  		params = &DecodeAuthorizationMessageInput{}
    39  	}
    40  
    41  	result, metadata, err := c.invokeOperation(ctx, "DecodeAuthorizationMessage", params, optFns, c.addOperationDecodeAuthorizationMessageMiddlewares)
    42  	if err != nil {
    43  		return nil, err
    44  	}
    45  
    46  	out := result.(*DecodeAuthorizationMessageOutput)
    47  	out.ResultMetadata = metadata
    48  	return out, nil
    49  }
    50  
    51  type DecodeAuthorizationMessageInput struct {
    52  
    53  	// The encoded message that was returned with the response.
    54  	//
    55  	// This member is required.
    56  	EncodedMessage *string
    57  
    58  	noSmithyDocumentSerde
    59  }
    60  
    61  // A document that contains additional information about the authorization status
    62  // of a request from an encoded message that is returned in response to an Amazon
    63  // Web Services request.
    64  type DecodeAuthorizationMessageOutput struct {
    65  
    66  	// The API returns a response with the decoded message.
    67  	DecodedMessage *string
    68  
    69  	// Metadata pertaining to the operation's result.
    70  	ResultMetadata middleware.Metadata
    71  
    72  	noSmithyDocumentSerde
    73  }
    74  
    75  func (c *Client) addOperationDecodeAuthorizationMessageMiddlewares(stack *middleware.Stack, options Options) (err error) {
    76  	if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
    77  		return err
    78  	}
    79  	err = stack.Serialize.Add(&awsAwsquery_serializeOpDecodeAuthorizationMessage{}, middleware.After)
    80  	if err != nil {
    81  		return err
    82  	}
    83  	err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDecodeAuthorizationMessage{}, middleware.After)
    84  	if err != nil {
    85  		return err
    86  	}
    87  	if err := addProtocolFinalizerMiddlewares(stack, options, "DecodeAuthorizationMessage"); err != nil {
    88  		return fmt.Errorf("add protocol finalizers: %v", err)
    89  	}
    90  
    91  	if err = addlegacyEndpointContextSetter(stack, options); err != nil {
    92  		return err
    93  	}
    94  	if err = addSetLoggerMiddleware(stack, options); err != nil {
    95  		return err
    96  	}
    97  	if err = addClientRequestID(stack); err != nil {
    98  		return err
    99  	}
   100  	if err = addComputeContentLength(stack); err != nil {
   101  		return err
   102  	}
   103  	if err = addResolveEndpointMiddleware(stack, options); err != nil {
   104  		return err
   105  	}
   106  	if err = addComputePayloadSHA256(stack); err != nil {
   107  		return err
   108  	}
   109  	if err = addRetry(stack, options); err != nil {
   110  		return err
   111  	}
   112  	if err = addRawResponseToMetadata(stack); err != nil {
   113  		return err
   114  	}
   115  	if err = addRecordResponseTiming(stack); err != nil {
   116  		return err
   117  	}
   118  	if err = addClientUserAgent(stack, options); err != nil {
   119  		return err
   120  	}
   121  	if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
   122  		return err
   123  	}
   124  	if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
   125  		return err
   126  	}
   127  	if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
   128  		return err
   129  	}
   130  	if err = addOpDecodeAuthorizationMessageValidationMiddleware(stack); err != nil {
   131  		return err
   132  	}
   133  	if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDecodeAuthorizationMessage(options.Region), middleware.Before); err != nil {
   134  		return err
   135  	}
   136  	if err = addRecursionDetection(stack); err != nil {
   137  		return err
   138  	}
   139  	if err = addRequestIDRetrieverMiddleware(stack); err != nil {
   140  		return err
   141  	}
   142  	if err = addResponseErrorMiddleware(stack); err != nil {
   143  		return err
   144  	}
   145  	if err = addRequestResponseLogging(stack, options); err != nil {
   146  		return err
   147  	}
   148  	if err = addDisableHTTPSMiddleware(stack, options); err != nil {
   149  		return err
   150  	}
   151  	return nil
   152  }
   153  
   154  func newServiceMetadataMiddleware_opDecodeAuthorizationMessage(region string) *awsmiddleware.RegisterServiceMetadata {
   155  	return &awsmiddleware.RegisterServiceMetadata{
   156  		Region:        region,
   157  		ServiceID:     ServiceID,
   158  		OperationName: "DecodeAuthorizationMessage",
   159  	}
   160  }
   161  

View as plain text