Update dependencies

vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/auth.go

@@ -0,0 +1,48 @@
+package client
+
+import (
+	"context"
+	"github.com/aws/smithy-go/middleware"
+)
+
+type getIdentityMiddleware struct {
+	options Options
+}
+
+func (*getIdentityMiddleware) ID() string {
+	return "GetIdentity"
+}
+
+func (m *getIdentityMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
+	out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
+) {
+	return next.HandleFinalize(ctx, in)
+}
+
+type signRequestMiddleware struct {
+}
+
+func (*signRequestMiddleware) ID() string {
+	return "Signing"
+}
+
+func (m *signRequestMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
+	out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
+) {
+	return next.HandleFinalize(ctx, in)
+}
+
+type resolveAuthSchemeMiddleware struct {
+	operation string
+	options   Options
+}
+
+func (*resolveAuthSchemeMiddleware) ID() string {
+	return "ResolveAuthScheme"
+}
+
+func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
+	out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
+) {
+	return next.HandleFinalize(ctx, in)
+}

vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/client.go

@@ -0,0 +1,164 @@
+package client
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/aws/aws-sdk-go-v2/aws"
+	"github.com/aws/aws-sdk-go-v2/aws/middleware"
+	"github.com/aws/aws-sdk-go-v2/aws/retry"
+	awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http"
+	"github.com/aws/smithy-go"
+	smithymiddleware "github.com/aws/smithy-go/middleware"
+	smithyhttp "github.com/aws/smithy-go/transport/http"
+)
+
+// ServiceID is the client identifer
+const ServiceID = "endpoint-credentials"
+
+// HTTPClient is a client for sending HTTP requests
+type HTTPClient interface {
+	Do(*http.Request) (*http.Response, error)
+}
+
+// Options is the endpoint client configurable options
+type Options struct {
+	// The endpoint to retrieve credentials from
+	Endpoint string
+
+	// The HTTP client to invoke API calls with. Defaults to client's default HTTP
+	// implementation if nil.
+	HTTPClient HTTPClient
+
+	// Retryer guides how HTTP requests should be retried in case of recoverable
+	// failures. When nil the API client will use a default retryer.
+	Retryer aws.Retryer
+
+	// Set of options to modify how the credentials operation is invoked.
+	APIOptions []func(*smithymiddleware.Stack) error
+}
+
+// Copy creates a copy of the API options.
+func (o Options) Copy() Options {
+	to := o
+	to.APIOptions = make([]func(*smithymiddleware.Stack) error, len(o.APIOptions))
+	copy(to.APIOptions, o.APIOptions)
+	return to
+}
+
+// Client is an client for retrieving AWS credentials from an endpoint
+type Client struct {
+	options Options
+}
+
+// New constructs a new Client from the given options
+func New(options Options, optFns ...func(*Options)) *Client {
+	options = options.Copy()
+
+	if options.HTTPClient == nil {
+		options.HTTPClient = awshttp.NewBuildableClient()
+	}
+
+	if options.Retryer == nil {
+		// Amazon-owned implementations of this endpoint are known to sometimes
+		// return plaintext responses (i.e. no Code) like normal, add a few
+		// additional status codes
+		options.Retryer = retry.NewStandard(func(o *retry.StandardOptions) {
+			o.Retryables = append(o.Retryables, retry.RetryableHTTPStatusCode{
+				Codes: map[int]struct{}{
+					http.StatusTooManyRequests: {},
+				},
+			})
+		})
+	}
+
+	for _, fn := range optFns {
+		fn(&options)
+	}
+
+	client := &Client{
+		options: options,
+	}
+
+	return client
+}
+
+// GetCredentialsInput is the input to send with the endpoint service to receive credentials.
+type GetCredentialsInput struct {
+	AuthorizationToken string
+}
+
+// GetCredentials retrieves credentials from credential endpoint
+func (c *Client) GetCredentials(ctx context.Context, params *GetCredentialsInput, optFns ...func(*Options)) (*GetCredentialsOutput, error) {
+	stack := smithymiddleware.NewStack("GetCredentials", smithyhttp.NewStackRequest)
+	options := c.options.Copy()
+	for _, fn := range optFns {
+		fn(&options)
+	}
+
+	stack.Serialize.Add(&serializeOpGetCredential{}, smithymiddleware.After)
+	stack.Build.Add(&buildEndpoint{Endpoint: options.Endpoint}, smithymiddleware.After)
+	stack.Deserialize.Add(&deserializeOpGetCredential{}, smithymiddleware.After)
+	addProtocolFinalizerMiddlewares(stack, options, "GetCredentials")
+	retry.AddRetryMiddlewares(stack, retry.AddRetryMiddlewaresOptions{Retryer: options.Retryer})
+	middleware.AddSDKAgentKey(middleware.FeatureMetadata, ServiceID)
+	smithyhttp.AddErrorCloseResponseBodyMiddleware(stack)
+	smithyhttp.AddCloseResponseBodyMiddleware(stack)
+
+	for _, fn := range options.APIOptions {
+		if err := fn(stack); err != nil {
+			return nil, err
+		}
+	}
+
+	handler := smithymiddleware.DecorateHandler(smithyhttp.NewClientHandler(options.HTTPClient), stack)
+	result, _, err := handler.Handle(ctx, params)
+	if err != nil {
+		return nil, err
+	}
+
+	return result.(*GetCredentialsOutput), err
+}
+
+// GetCredentialsOutput is the response from the credential endpoint
+type GetCredentialsOutput struct {
+	Expiration      *time.Time
+	AccessKeyID     string
+	SecretAccessKey string
+	Token           string
+}
+
+// EndpointError is an error returned from the endpoint service
+type EndpointError struct {
+	Code       string            `json:"code"`
+	Message    string            `json:"message"`
+	Fault      smithy.ErrorFault `json:"-"`
+	statusCode int               `json:"-"`
+}
+
+// Error is the error mesage string
+func (e *EndpointError) Error() string {
+	return fmt.Sprintf("%s: %s", e.Code, e.Message)
+}
+
+// ErrorCode is the error code returned by the endpoint
+func (e *EndpointError) ErrorCode() string {
+	return e.Code
+}
+
+// ErrorMessage is the error message returned by the endpoint
+func (e *EndpointError) ErrorMessage() string {
+	return e.Message
+}
+
+// ErrorFault indicates error fault classification
+func (e *EndpointError) ErrorFault() smithy.ErrorFault {
+	return e.Fault
+}
+
+// HTTPStatusCode implements retry.HTTPStatusCode.
+func (e *EndpointError) HTTPStatusCode() int {
+	return e.statusCode
+}

vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/endpoints.go

@@ -0,0 +1,20 @@
+package client
+
+import (
+	"context"
+	"github.com/aws/smithy-go/middleware"
+)
+
+type resolveEndpointV2Middleware struct {
+	options Options
+}
+
+func (*resolveEndpointV2Middleware) ID() string {
+	return "ResolveEndpointV2"
+}
+
+func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) (
+	out middleware.FinalizeOutput, metadata middleware.Metadata, err error,
+) {
+	return next.HandleFinalize(ctx, in)
+}

vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/middleware.go

@@ -0,0 +1,164 @@
+package client
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/url"
+
+	"github.com/aws/smithy-go"
+	smithymiddleware "github.com/aws/smithy-go/middleware"
+	smithyhttp "github.com/aws/smithy-go/transport/http"
+)
+
+type buildEndpoint struct {
+	Endpoint string
+}
+
+func (b *buildEndpoint) ID() string {
+	return "BuildEndpoint"
+}
+
+func (b *buildEndpoint) HandleBuild(ctx context.Context, in smithymiddleware.BuildInput, next smithymiddleware.BuildHandler) (
+	out smithymiddleware.BuildOutput, metadata smithymiddleware.Metadata, err error,
+) {
+	request, ok := in.Request.(*smithyhttp.Request)
+	if !ok {
+		return out, metadata, fmt.Errorf("unknown transport, %T", in.Request)
+	}
+
+	if len(b.Endpoint) == 0 {
+		return out, metadata, fmt.Errorf("endpoint not provided")
+	}
+
+	parsed, err := url.Parse(b.Endpoint)
+	if err != nil {
+		return out, metadata, fmt.Errorf("failed to parse endpoint, %w", err)
+	}
+
+	request.URL = parsed
+
+	return next.HandleBuild(ctx, in)
+}
+
+type serializeOpGetCredential struct{}
+
+func (s *serializeOpGetCredential) ID() string {
+	return "OperationSerializer"
+}
+
+func (s *serializeOpGetCredential) HandleSerialize(ctx context.Context, in smithymiddleware.SerializeInput, next smithymiddleware.SerializeHandler) (
+	out smithymiddleware.SerializeOutput, metadata smithymiddleware.Metadata, err error,
+) {
+	request, ok := in.Request.(*smithyhttp.Request)
+	if !ok {
+		return out, metadata, fmt.Errorf("unknown transport type, %T", in.Request)
+	}
+
+	params, ok := in.Parameters.(*GetCredentialsInput)
+	if !ok {
+		return out, metadata, fmt.Errorf("unknown input parameters, %T", in.Parameters)
+	}
+
+	const acceptHeader = "Accept"
+	request.Header[acceptHeader] = append(request.Header[acceptHeader][:0], "application/json")
+
+	if len(params.AuthorizationToken) > 0 {
+		const authHeader = "Authorization"
+		request.Header[authHeader] = append(request.Header[authHeader][:0], params.AuthorizationToken)
+	}
+
+	return next.HandleSerialize(ctx, in)
+}
+
+type deserializeOpGetCredential struct{}
+
+func (d *deserializeOpGetCredential) ID() string {
+	return "OperationDeserializer"
+}
+
+func (d *deserializeOpGetCredential) HandleDeserialize(ctx context.Context, in smithymiddleware.DeserializeInput, next smithymiddleware.DeserializeHandler) (
+	out smithymiddleware.DeserializeOutput, metadata smithymiddleware.Metadata, err error,
+) {
+	out, metadata, err = next.HandleDeserialize(ctx, in)
+	if err != nil {
+		return out, metadata, err
+	}
+
+	response, ok := out.RawResponse.(*smithyhttp.Response)
+	if !ok {
+		return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)}
+	}
+
+	if response.StatusCode < 200 || response.StatusCode >= 300 {
+		return out, metadata, deserializeError(response)
+	}
+
+	var shape *GetCredentialsOutput
+	if err = json.NewDecoder(response.Body).Decode(&shape); err != nil {
+		return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("failed to deserialize json response, %w", err)}
+	}
+
+	out.Result = shape
+	return out, metadata, err
+}
+
+func deserializeError(response *smithyhttp.Response) error {
+	// we could be talking to anything, json isn't guaranteed
+	// see https://github.com/aws/aws-sdk-go-v2/issues/2316
+	if response.Header.Get("Content-Type") == "application/json" {
+		return deserializeJSONError(response)
+	}
+
+	msg, err := io.ReadAll(response.Body)
+	if err != nil {
+		return &smithy.DeserializationError{
+			Err: fmt.Errorf("read response, %w", err),
+		}
+	}
+
+	return &EndpointError{
+		// no sensible value for Code
+		Message:    string(msg),
+		Fault:      stof(response.StatusCode),
+		statusCode: response.StatusCode,
+	}
+}
+
+func deserializeJSONError(response *smithyhttp.Response) error {
+	var errShape *EndpointError
+	if err := json.NewDecoder(response.Body).Decode(&errShape); err != nil {
+		return &smithy.DeserializationError{
+			Err: fmt.Errorf("failed to decode error message, %w", err),
+		}
+	}
+
+	errShape.Fault = stof(response.StatusCode)
+	errShape.statusCode = response.StatusCode
+	return errShape
+}
+
+// maps HTTP status code to smithy ErrorFault
+func stof(code int) smithy.ErrorFault {
+	if code >= 500 {
+		return smithy.FaultServer
+	}
+	return smithy.FaultClient
+}
+
+func addProtocolFinalizerMiddlewares(stack *smithymiddleware.Stack, options Options, operation string) error {
+	if err := stack.Finalize.Add(&resolveAuthSchemeMiddleware{operation: operation, options: options}, smithymiddleware.Before); err != nil {
+		return fmt.Errorf("add ResolveAuthScheme: %w", err)
+	}
+	if err := stack.Finalize.Insert(&getIdentityMiddleware{options: options}, "ResolveAuthScheme", smithymiddleware.After); err != nil {
+		return fmt.Errorf("add GetIdentity: %w", err)
+	}
+	if err := stack.Finalize.Insert(&resolveEndpointV2Middleware{options: options}, "GetIdentity", smithymiddleware.After); err != nil {
+		return fmt.Errorf("add ResolveEndpointV2: %w", err)
+	}
+	if err := stack.Finalize.Insert(&signRequestMiddleware{}, "ResolveEndpointV2", smithymiddleware.After); err != nil {
+		return fmt.Errorf("add Signing: %w", err)
+	}
+	return nil
+}