fix(STS) fix duplicate regions casusing bad hostnames

fixes #45
Kong · Feb 13, 2023 · c75ed47 · c75ed47
1 parent c47b007
commit c75ed47
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -150,6 +150,12 @@ Release process:
 1. upload using: `VERSION=x.y.z APIKEY=abc... make upload`
 1. test installing the rock from LuaRocks
 
+### unreleased
+
+- fix: STS regional endpoints woudl re-inject the region on every authentication
+  (after a token expired), causing bad hostnames to be used
+  [#45](https://github.com/Kong/lua-resty-aws/issues/45)
+
 ### 1.1.2 (7-Dec-2022)
 
 - fix: auto detection scheme and default to tls [#42](https://github.com/Kong/lua-resty-aws/pull/42)

diff --git a/src/resty/aws/init.lua b/src/resty/aws/init.lua
@@ -322,9 +322,13 @@ local function generate_service_methods(service)
         -- we use regional endpoints, see
         -- https://github.com/aws/aws-sdk-js/blob/307e82673b48577fce4389e4ce03f95064e8fe0d/lib/services/sts.js#L78-L82
         assert(service.config.region, "region is required when using STS regional endpoints")
-        local pre, post = service.config.endpoint:match("^(.+)(%.amazonaws%.com)$")
-        service.config.endpoint = pre .. "." .. service.config.region .. post
-        service.config.signingRegion = service.config.region
+
+        if not service.config._regionalEndpointInjected then
+          local pre, post = service.config.endpoint:match("^(.+)(%.amazonaws%.com)$")
+          service.config.endpoint = pre .. "." .. service.config.region .. post
+          service.config.signingRegion = service.config.region
+          service.config._regionalEndpointInjected = true
+        end
       end
 
       local old_sig