217 217 |
|
218 218 | impl ::aws_smithy_runtime_api::client::interceptors::Intercept for AssumeRoleWithWebIdentityEndpointParamsInterceptor {
|
219 219 | fn name(&self) -> &'static str {
|
220 220 | "AssumeRoleWithWebIdentityEndpointParamsInterceptor"
|
221 221 | }
|
222 222 |
|
223 223 | fn read_before_execution(
|
224 224 | &self,
|
225 225 | context: &::aws_smithy_runtime_api::client::interceptors::context::BeforeSerializationInterceptorContextRef<
|
226 226 | '_,
|
227 227 | ::aws_smithy_runtime_api::client::interceptors::context::Input,
|
228 228 | ::aws_smithy_runtime_api::client::interceptors::context::Output,
|
229 229 | ::aws_smithy_runtime_api::client::interceptors::context::Error,
|
230 230 | >,
|
231 231 | cfg: &mut ::aws_smithy_types::config_bag::ConfigBag,
|
232 232 | ) -> ::std::result::Result<(), ::aws_smithy_runtime_api::box_error::BoxError> {
|
233 233 | let _input = context
|
234 234 | .input()
|
235 235 | .downcast_ref::<AssumeRoleWithWebIdentityInput>()
|
236 236 | .ok_or("failed to downcast to AssumeRoleWithWebIdentityInput")?;
|
237 237 |
|
238 238 | let params = crate::config::endpoint::Params::builder()
|
239 239 | .set_region(cfg.load::<::aws_types::region::Region>().map(|r| r.as_ref().to_owned()))
|
240 240 | .set_use_dual_stack(cfg.load::<::aws_types::endpoint_config::UseDualStack>().map(|ty| ty.0))
|
241 241 | .set_use_fips(cfg.load::<::aws_types::endpoint_config::UseFips>().map(|ty| ty.0))
|
242 242 | .set_endpoint(cfg.load::<::aws_types::endpoint_config::EndpointUrl>().map(|ty| ty.0.clone()))
|
243 243 | .build()
|
244 244 | .map_err(|err| {
|
245 245 | ::aws_smithy_runtime_api::client::interceptors::error::ContextAttachedError::new("endpoint params could not be built", err)
|
246 246 | })?;
|
247 + |
|
247 248 | cfg.interceptor_state()
|
248 249 | .store_put(::aws_smithy_runtime_api::client::endpoint::EndpointResolverParams::new(params));
|
250 + |
|
249 251 | ::std::result::Result::Ok(())
|
250 252 | }
|
251 253 | }
|
252 254 |
|
253 255 | // The get_* functions below are generated from JMESPath expressions in the
|
254 256 | // operationContextParams trait. They target the operation's input shape.
|
255 257 |
|
256 258 | /// Error type for the `AssumeRoleWithWebIdentityError` operation.
|
257 259 | #[non_exhaustive]
|
258 260 | #[derive(::std::fmt::Debug)]
|
259 261 | pub enum AssumeRoleWithWebIdentityError {
|
260 262 | /// <p>The web identity token that was passed is expired or is not valid. Get a new identity token from the identity provider and then retry the request.</p>
|
261 263 | ExpiredTokenException(crate::types::error::ExpiredTokenException),
|
262 264 | /// <p>The request could not be fulfilled because the identity provider (IDP) that was asked to verify the incoming identity token could not be reached. This is often a transient error caused by network conditions. Retry the request a limited number of times so that you don't exceed the request rate. If the error persists, the identity provider might be down or not responding.</p>
|
263 265 | IdpCommunicationErrorException(crate::types::error::IdpCommunicationErrorException),
|
264 266 | /// <p>The identity provider (IdP) reported that authentication failed. This might be because the claim is invalid.</p>
|
265 267 | /// <p>If this error is returned for the <code>AssumeRoleWithWebIdentity</code> operation, it can also mean that the claim has expired or has been explicitly revoked.</p>
|
266 268 | IdpRejectedClaimException(crate::types::error::IdpRejectedClaimException),
|
267 269 | /// <p>The web identity token that was passed could not be validated by Amazon Web Services. Get a new identity token from the identity provider and then retry the request.</p>
|
268 270 | InvalidIdentityTokenException(crate::types::error::InvalidIdentityTokenException),
|
269 271 | /// <p>The request was rejected because the policy document was malformed. The error message describes the specific error.</p>
|
270 272 | MalformedPolicyDocumentException(crate::types::error::MalformedPolicyDocumentException),
|
271 273 | /// <p>The request was rejected because the total packed size of the session policies and session tags combined was too large. An Amazon Web Services conversion compresses the session policy document, session policy ARNs, and session tags into a packed binary format that has a separate limit. The error message indicates by percentage how close the policies and tags are to the upper size limit. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing Session Tags in STS</a> in the <i>IAM User Guide</i>.</p>
|
272 274 | /// <p>You could receive this error even though you meet other defined session policy and session tag limits. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length">IAM and STS Entity Character Limits</a> in the <i>IAM User Guide</i>.</p>
|
273 275 | PackedPolicyTooLargeException(crate::types::error::PackedPolicyTooLargeException),
|
274 276 | /// <p>STS is not activated in the requested region for the account that is being asked to generate credentials. The account administrator must use the IAM console to activate STS in that region. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html">Activating and Deactivating Amazon Web Services STS in an Amazon Web Services Region</a> in the <i>IAM User Guide</i>.</p>
|
275 277 | RegionDisabledException(crate::types::error::RegionDisabledException),
|
276 278 | /// An unexpected error occurred (e.g., invalid JSON returned by the service or an unknown error code).
|
277 279 | #[deprecated(note = "Matching `Unhandled` directly is not forwards compatible. Instead, match using a \
|
278 280 | variable wildcard pattern and check `.code()`:
|