2021-05-14 22:12:47 +00:00
|
|
|
//! This module provides a low level http interface for working with AWS
|
|
|
|
//! It also provides an option to operate outside the AWS ecosystem through
|
|
|
|
//! the makeRequest call with a null signingOptions.
|
|
|
|
//!
|
|
|
|
//! Typical usage:
|
|
|
|
//! const client = awshttp.AwsHttp.init(allocator);
|
|
|
|
//! defer client.deinit()
|
|
|
|
//! const result = client.callApi (or client.makeRequest)
|
|
|
|
//! defer result.deinit();
|
2021-05-14 19:37:00 +00:00
|
|
|
const std = @import("std");
|
2022-01-12 17:18:16 +00:00
|
|
|
const base = @import("aws_http_base.zig");
|
|
|
|
const signing = @import("aws_signing.zig");
|
|
|
|
const credentials = @import("aws_credentials.zig");
|
|
|
|
const zfetch = @import("zfetch");
|
2022-01-20 05:17:44 +00:00
|
|
|
const tls = @import("iguanaTLS");
|
2021-05-14 19:37:00 +00:00
|
|
|
|
|
|
|
const CN_NORTH_1_HASH = std.hash_map.hashString("cn-north-1");
|
|
|
|
const CN_NORTHWEST_1_HASH = std.hash_map.hashString("cn-northwest-1");
|
|
|
|
const US_ISO_EAST_1_HASH = std.hash_map.hashString("us-iso-east-1");
|
|
|
|
const US_ISOB_EAST_1_HASH = std.hash_map.hashString("us-isob-east-1");
|
|
|
|
|
2022-01-12 17:18:16 +00:00
|
|
|
const log = std.log.scoped(.awshttp);
|
2021-05-14 19:37:00 +00:00
|
|
|
|
2022-01-20 05:17:44 +00:00
|
|
|
const amazon_root_ca_1 = @embedFile("../Amazon_Root_CA_1.pem");
|
|
|
|
|
|
|
|
pub const default_root_ca = amazon_root_ca_1;
|
|
|
|
|
2021-05-14 19:37:00 +00:00
|
|
|
pub const AwsError = error{
|
|
|
|
AddHeaderError,
|
|
|
|
AlpnError,
|
|
|
|
CredentialsError,
|
|
|
|
HttpClientConnectError,
|
|
|
|
HttpRequestError,
|
|
|
|
SignableError,
|
|
|
|
SigningInitiationError,
|
|
|
|
TlsError,
|
|
|
|
RequestCreateError,
|
|
|
|
SetupConnectionError,
|
|
|
|
StatusCodeError,
|
|
|
|
SetRequestMethodError,
|
|
|
|
SetRequestPathError,
|
|
|
|
};
|
|
|
|
|
|
|
|
pub const Options = struct {
|
|
|
|
region: []const u8 = "aws-global",
|
|
|
|
dualstack: bool = false,
|
2021-06-09 23:25:49 +00:00
|
|
|
sigv4_service_name: ?[]const u8 = null,
|
2021-05-14 19:37:00 +00:00
|
|
|
};
|
|
|
|
|
2022-01-12 17:18:16 +00:00
|
|
|
pub const Header = base.Header;
|
|
|
|
pub const HttpRequest = base.Request;
|
|
|
|
pub const HttpResult = base.Result;
|
2021-05-14 19:37:00 +00:00
|
|
|
|
|
|
|
const EndPoint = struct {
|
|
|
|
uri: []const u8,
|
|
|
|
host: []const u8,
|
|
|
|
scheme: []const u8,
|
|
|
|
port: u16,
|
2021-12-23 16:51:48 +00:00
|
|
|
allocator: std.mem.Allocator,
|
2021-05-14 19:37:00 +00:00
|
|
|
|
|
|
|
fn deinit(self: EndPoint) void {
|
|
|
|
self.allocator.free(self.uri);
|
|
|
|
}
|
|
|
|
};
|
|
|
|
pub const AwsHttp = struct {
|
2021-12-23 16:51:48 +00:00
|
|
|
allocator: std.mem.Allocator,
|
2022-01-20 05:17:44 +00:00
|
|
|
trust_chain: ?tls.x509.CertificateChain,
|
2021-05-14 19:37:00 +00:00
|
|
|
|
|
|
|
const Self = @This();
|
|
|
|
|
2022-01-20 05:17:44 +00:00
|
|
|
/// Recommend usage is init(allocator, awshttp.default_root_ca)
|
|
|
|
/// Passing null for root_pem will result in no TLS verification
|
|
|
|
pub fn init(allocator: std.mem.Allocator, root_pem: ?[]const u8) !Self {
|
|
|
|
var trust_chain: ?tls.x509.CertificateChain = null;
|
|
|
|
if (root_pem) |p| {
|
|
|
|
var fbs = std.io.fixedBufferStream(p);
|
|
|
|
trust_chain = try tls.x509.CertificateChain.from_pem(allocator, fbs.reader());
|
|
|
|
}
|
|
|
|
return Self{
|
2021-05-14 19:37:00 +00:00
|
|
|
.allocator = allocator,
|
2022-01-20 05:17:44 +00:00
|
|
|
.trust_chain = trust_chain,
|
2022-01-11 05:49:59 +00:00
|
|
|
// .credentialsProvider = // creds provider could be useful
|
2021-05-14 19:37:00 +00:00
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
pub fn deinit(self: *AwsHttp) void {
|
2022-01-20 05:17:44 +00:00
|
|
|
if (self.trust_chain) |c| c.deinit();
|
2022-01-12 17:18:16 +00:00
|
|
|
_ = self;
|
|
|
|
log.debug("Deinit complete", .{});
|
2021-05-14 19:37:00 +00:00
|
|
|
}
|
|
|
|
|
2021-05-14 22:12:47 +00:00
|
|
|
/// callApi allows the calling of AWS APIs through a higher-level interface.
|
|
|
|
/// It will calculate the appropriate endpoint and action parameters for the
|
|
|
|
/// service called, and will set up the signing options. The return
|
|
|
|
/// value is simply a raw HttpResult
|
2021-07-24 07:22:06 +00:00
|
|
|
pub fn callApi(self: Self, service: []const u8, request: HttpRequest, options: Options) !HttpResult {
|
2021-05-14 19:37:00 +00:00
|
|
|
const endpoint = try regionSubDomain(self.allocator, service, options.region, options.dualstack);
|
|
|
|
defer endpoint.deinit();
|
2022-01-12 17:18:16 +00:00
|
|
|
log.debug("Calling endpoint {s}", .{endpoint.uri});
|
|
|
|
const creds = try credentials.getCredentials(self.allocator);
|
|
|
|
// defer allocator.free(), except sometimes we don't need freeing...
|
|
|
|
const signing_config: signing.Config = .{
|
2021-05-14 19:37:00 +00:00
|
|
|
.region = options.region,
|
2022-01-12 17:18:16 +00:00
|
|
|
.service = options.sigv4_service_name orelse service,
|
|
|
|
.credentials = creds,
|
2021-05-14 19:37:00 +00:00
|
|
|
};
|
2022-01-12 17:18:16 +00:00
|
|
|
return try self.makeRequest(endpoint, request, signing_config);
|
2021-05-14 19:37:00 +00:00
|
|
|
}
|
|
|
|
|
2021-05-14 22:12:47 +00:00
|
|
|
/// makeRequest is a low level http/https function that can be used inside
|
|
|
|
/// or outside the context of AWS services. To use it outside AWS, simply
|
|
|
|
/// pass a null value in for signing_options.
|
|
|
|
///
|
|
|
|
/// Otherwise, it will simply take a URL endpoint (without path information),
|
|
|
|
/// HTTP method (e.g. GET, POST, etc.), and request body.
|
|
|
|
///
|
2022-01-20 05:22:25 +00:00
|
|
|
/// At the moment this does not allow changing headers, but addtional
|
|
|
|
/// ones are possible. This is likely to change. Current headers are:
|
2021-05-14 22:12:47 +00:00
|
|
|
///
|
|
|
|
/// Accept: application/json
|
|
|
|
/// User-Agent: zig-aws 1.0, Powered by the AWS Common Runtime.
|
|
|
|
/// Content-Type: application/x-www-form-urlencoded
|
|
|
|
/// Content-Length: (length of body)
|
|
|
|
///
|
|
|
|
/// Return value is an HttpResult, which will need the caller to deinit().
|
2022-01-12 17:18:16 +00:00
|
|
|
pub fn makeRequest(self: Self, endpoint: EndPoint, request: HttpRequest, signing_config: ?signing.Config) !HttpResult {
|
2022-01-20 02:58:53 +00:00
|
|
|
var request_cp = request;
|
|
|
|
|
|
|
|
log.debug("Path: {s}", .{request_cp.path});
|
|
|
|
log.debug("Query: {s}", .{request_cp.query});
|
|
|
|
log.debug("Method: {s}", .{request_cp.method});
|
|
|
|
log.debug("body length: {d}", .{request_cp.body.len});
|
|
|
|
log.debug("Body\n====\n{s}\n====", .{request_cp.body});
|
2021-05-14 19:37:00 +00:00
|
|
|
|
2022-01-20 02:58:53 +00:00
|
|
|
var request_headers = std.ArrayList(base.Header).init(self.allocator);
|
|
|
|
defer request_headers.deinit();
|
|
|
|
|
|
|
|
const len = try addHeaders(self.allocator, &request_headers, endpoint.host, request_cp.body, request_cp.content_type, request_cp.headers);
|
|
|
|
defer if (len) |l| self.allocator.free(l);
|
|
|
|
request_cp.headers = request_headers.items;
|
|
|
|
|
2022-01-20 03:12:50 +00:00
|
|
|
if (signing_config) |opts| request_cp = try signing.signRequest(self.allocator, request_cp, opts);
|
2022-01-20 02:58:53 +00:00
|
|
|
defer {
|
|
|
|
if (signing_config) |opts| {
|
|
|
|
signing.freeSignedRequest(self.allocator, &request_cp, opts);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-01-12 17:18:16 +00:00
|
|
|
try zfetch.init(); // This only does anything on Windows. Not sure how performant it is to do this on every request
|
|
|
|
defer zfetch.deinit();
|
|
|
|
var headers = zfetch.Headers.init(self.allocator);
|
|
|
|
defer headers.deinit();
|
2022-01-20 02:58:53 +00:00
|
|
|
for (request_cp.headers) |header|
|
2022-01-12 17:18:16 +00:00
|
|
|
try headers.appendValue(header.name, header.value);
|
2022-01-20 02:58:53 +00:00
|
|
|
log.debug("All Request Headers (zfetch):", .{});
|
2022-01-20 03:29:58 +00:00
|
|
|
for (headers.list.items) |h| {
|
2022-01-17 21:45:10 +00:00
|
|
|
log.debug("\t{s}: {s}", .{ h.name, h.value });
|
2022-01-20 03:29:58 +00:00
|
|
|
}
|
2022-01-13 01:22:51 +00:00
|
|
|
|
2022-01-20 03:29:58 +00:00
|
|
|
const url = try std.fmt.allocPrint(self.allocator, "{s}{s}", .{ endpoint.uri, request.path });
|
|
|
|
defer self.allocator.free(url);
|
|
|
|
log.debug("Request url: {s}", .{url});
|
2022-01-20 05:17:44 +00:00
|
|
|
var req = try zfetch.Request.init(self.allocator, url, self.trust_chain);
|
2022-01-17 21:45:10 +00:00
|
|
|
defer req.deinit();
|
2022-01-12 17:18:16 +00:00
|
|
|
|
2022-01-20 02:58:53 +00:00
|
|
|
const method = std.meta.stringToEnum(zfetch.Method, request_cp.method).?;
|
|
|
|
try req.do(method, headers, if (request_cp.body.len == 0) null else request_cp.body);
|
2022-01-12 17:18:16 +00:00
|
|
|
|
|
|
|
// TODO: Timeout - is this now above us?
|
|
|
|
log.debug("request_complete. Response code {d}: {s}", .{ req.status.code, req.status.reason });
|
2022-01-17 21:45:10 +00:00
|
|
|
log.debug("Response headers:", .{});
|
2022-01-12 17:18:16 +00:00
|
|
|
var resp_headers = try std.ArrayList(Header).initCapacity(self.allocator, req.headers.list.items.len);
|
2022-01-17 21:45:10 +00:00
|
|
|
defer resp_headers.deinit();
|
|
|
|
var content_length: usize = 0;
|
2022-01-12 17:18:16 +00:00
|
|
|
for (req.headers.list.items) |h| {
|
|
|
|
log.debug(" {s}: {s}", .{ h.name, h.value });
|
2022-01-17 21:45:10 +00:00
|
|
|
resp_headers.appendAssumeCapacity(.{
|
|
|
|
.name = try (self.allocator.dupe(u8, h.name)),
|
|
|
|
.value = try (self.allocator.dupe(u8, h.value)),
|
|
|
|
});
|
|
|
|
if (content_length == 0 and std.ascii.eqlIgnoreCase("content-length", h.name))
|
|
|
|
content_length = std.fmt.parseInt(usize, h.value, 10) catch 0;
|
2022-01-12 17:18:16 +00:00
|
|
|
}
|
|
|
|
const reader = req.reader();
|
|
|
|
var buf: [65535]u8 = undefined;
|
2022-01-17 21:45:10 +00:00
|
|
|
var resp_payload = try std.ArrayList(u8).initCapacity(self.allocator, content_length);
|
|
|
|
defer resp_payload.deinit();
|
|
|
|
|
2022-01-12 17:18:16 +00:00
|
|
|
while (true) {
|
|
|
|
const read = try reader.read(&buf);
|
2022-01-17 21:45:10 +00:00
|
|
|
try resp_payload.appendSlice(buf[0..read]);
|
2022-01-12 17:18:16 +00:00
|
|
|
if (read == 0) break;
|
2021-05-14 19:37:00 +00:00
|
|
|
}
|
2022-01-17 21:45:10 +00:00
|
|
|
log.debug("raw response body:\n{s}", .{resp_payload.items});
|
2021-05-14 22:12:47 +00:00
|
|
|
|
2021-05-14 19:37:00 +00:00
|
|
|
const rc = HttpResult{
|
2022-01-12 17:18:16 +00:00
|
|
|
.response_code = req.status.code,
|
2022-01-17 21:45:10 +00:00
|
|
|
.body = resp_payload.toOwnedSlice(),
|
2022-01-12 17:18:16 +00:00
|
|
|
.headers = resp_headers.toOwnedSlice(),
|
2021-06-18 21:06:58 +00:00
|
|
|
.allocator = self.allocator,
|
2021-05-14 19:37:00 +00:00
|
|
|
};
|
|
|
|
return rc;
|
|
|
|
}
|
2022-01-13 01:22:51 +00:00
|
|
|
};
|
2021-05-14 19:37:00 +00:00
|
|
|
|
2022-01-20 02:58:53 +00:00
|
|
|
fn addHeaders(allocator: std.mem.Allocator, headers: *std.ArrayList(base.Header), host: []const u8, body: []const u8, content_type: []const u8, additional_headers: []Header) !?[]const u8 {
|
|
|
|
try headers.append(.{ .name = "Accept", .value = "application/json" });
|
|
|
|
try headers.append(.{ .name = "Host", .value = host });
|
|
|
|
try headers.append(.{ .name = "User-Agent", .value = "zig-aws 1.0, Powered by the AWS Common Runtime." });
|
|
|
|
try headers.append(.{ .name = "Content-Type", .value = content_type });
|
|
|
|
try headers.appendSlice(additional_headers);
|
2022-01-13 01:22:51 +00:00
|
|
|
if (body.len > 0) {
|
|
|
|
const len = try std.fmt.allocPrint(allocator, "{d}", .{body.len});
|
2022-01-20 02:58:53 +00:00
|
|
|
try headers.append(.{ .name = "Content-Length", .value = len });
|
|
|
|
return len;
|
2021-05-14 19:37:00 +00:00
|
|
|
}
|
2022-01-20 02:58:53 +00:00
|
|
|
return null;
|
2022-01-13 01:22:51 +00:00
|
|
|
}
|
2021-05-14 19:37:00 +00:00
|
|
|
|
2021-12-23 16:51:48 +00:00
|
|
|
fn regionSubDomain(allocator: std.mem.Allocator, service: []const u8, region: []const u8, useDualStack: bool) !EndPoint {
|
2021-05-14 19:37:00 +00:00
|
|
|
const environment_override = std.os.getenv("AWS_ENDPOINT_URL");
|
|
|
|
if (environment_override) |override| {
|
2021-06-18 20:48:31 +00:00
|
|
|
const uri = try allocator.dupeZ(u8, override);
|
2021-05-14 19:37:00 +00:00
|
|
|
return endPointFromUri(allocator, uri);
|
|
|
|
}
|
|
|
|
// Fallback to us-east-1 if global endpoint does not exist.
|
|
|
|
const realregion = if (std.mem.eql(u8, region, "aws-global")) "us-east-1" else region;
|
|
|
|
const dualstack = if (useDualStack) ".dualstack" else "";
|
|
|
|
|
|
|
|
const domain = switch (std.hash_map.hashString(region)) {
|
|
|
|
US_ISO_EAST_1_HASH => "c2s.ic.gov",
|
|
|
|
CN_NORTH_1_HASH, CN_NORTHWEST_1_HASH => "amazonaws.com.cn",
|
|
|
|
US_ISOB_EAST_1_HASH => "sc2s.sgov.gov",
|
|
|
|
else => "amazonaws.com",
|
|
|
|
};
|
|
|
|
|
2021-06-18 20:48:31 +00:00
|
|
|
const uri = try std.fmt.allocPrintZ(allocator, "https://{s}{s}.{s}.{s}", .{ service, dualstack, realregion, domain });
|
2021-05-14 19:37:00 +00:00
|
|
|
const host = uri["https://".len..];
|
2022-01-12 17:18:16 +00:00
|
|
|
log.debug("host: {s}, scheme: {s}, port: {}", .{ host, "https", 443 });
|
2021-05-14 19:37:00 +00:00
|
|
|
return EndPoint{
|
|
|
|
.uri = uri,
|
|
|
|
.host = host,
|
|
|
|
.scheme = "https",
|
|
|
|
.port = 443,
|
|
|
|
.allocator = allocator,
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
/// creates an endpoint from a uri string.
|
|
|
|
///
|
|
|
|
/// allocator: Will be used only to construct the EndPoint struct
|
|
|
|
/// uri: string constructed in such a way that deallocation is needed
|
2021-12-23 16:51:48 +00:00
|
|
|
fn endPointFromUri(allocator: std.mem.Allocator, uri: []const u8) !EndPoint {
|
2021-05-14 19:37:00 +00:00
|
|
|
var scheme: []const u8 = "";
|
|
|
|
var host: []const u8 = "";
|
|
|
|
var port: u16 = 443;
|
|
|
|
var host_start: usize = 0;
|
|
|
|
var host_end: usize = 0;
|
|
|
|
for (uri) |ch, i| {
|
|
|
|
switch (ch) {
|
|
|
|
':' => {
|
|
|
|
if (!std.mem.eql(u8, scheme, "")) {
|
|
|
|
// here to end is port - this is likely a bug if ipv6 address used
|
|
|
|
const rest_of_uri = uri[i + 1 ..];
|
|
|
|
port = try std.fmt.parseUnsigned(u16, rest_of_uri, 10);
|
|
|
|
host_end = i;
|
|
|
|
}
|
|
|
|
},
|
|
|
|
'/' => {
|
|
|
|
if (host_start == 0) {
|
|
|
|
host_start = i + 2;
|
|
|
|
scheme = uri[0 .. i - 1];
|
|
|
|
if (std.mem.eql(u8, scheme, "http")) {
|
|
|
|
port = 80;
|
|
|
|
} else {
|
|
|
|
port = 443;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
},
|
|
|
|
else => continue,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (host_end == 0) {
|
|
|
|
host_end = uri.len;
|
|
|
|
}
|
|
|
|
host = uri[host_start..host_end];
|
|
|
|
|
2022-01-12 17:18:16 +00:00
|
|
|
log.debug("host: {s}, scheme: {s}, port: {}", .{ host, scheme, port });
|
2021-05-14 19:37:00 +00:00
|
|
|
return EndPoint{
|
|
|
|
.uri = uri,
|
|
|
|
.host = host,
|
|
|
|
.scheme = scheme,
|
|
|
|
.allocator = allocator,
|
|
|
|
.port = port,
|
|
|
|
};
|
|
|
|
}
|