Replace minio-go with aws-sdk-go for s3-compatible log backend (#670)

* Logs should support specifying region when using S3-compatible object store

* Use aws-sdk-go client for s3 backed logstore

* fixes vendor with aws-sdk-go dependencies

vendor/github.com/aws/aws-sdk-go/service/cognitoidentity/cognitoidentityiface/interface.go

@@ -0,0 +1,136 @@
+// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
+
+// Package cognitoidentityiface provides an interface to enable mocking the Amazon Cognito Identity service client
+// for testing your code.
+//
+// It is important to note that this interface will have breaking changes
+// when the service model is updated and adds new API operations, paginators,
+// and waiters.
+package cognitoidentityiface
+
+import (
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/request"
+	"github.com/aws/aws-sdk-go/service/cognitoidentity"
+)
+
+// CognitoIdentityAPI provides an interface to enable mocking the
+// cognitoidentity.CognitoIdentity service client's API operation,
+// paginators, and waiters. This make unit testing your code that calls out
+// to the SDK's service client's calls easier.
+//
+// The best way to use this interface is so the SDK's service client's calls
+// can be stubbed out for unit testing your code with the SDK without needing
+// to inject custom request handlers into the SDK's request pipeline.
+//
+//    // myFunc uses an SDK service client to make a request to
+//    // Amazon Cognito Identity.
+//    func myFunc(svc cognitoidentityiface.CognitoIdentityAPI) bool {
+//        // Make svc.CreateIdentityPool request
+//    }
+//
+//    func main() {
+//        sess := session.New()
+//        svc := cognitoidentity.New(sess)
+//
+//        myFunc(svc)
+//    }
+//
+// In your _test.go file:
+//
+//    // Define a mock struct to be used in your unit tests of myFunc.
+//    type mockCognitoIdentityClient struct {
+//        cognitoidentityiface.CognitoIdentityAPI
+//    }
+//    func (m *mockCognitoIdentityClient) CreateIdentityPool(input *cognitoidentity.CreateIdentityPoolInput) (*cognitoidentity.IdentityPool, error) {
+//        // mock response/functionality
+//    }
+//
+//    func TestMyFunc(t *testing.T) {
+//        // Setup Test
+//        mockSvc := &mockCognitoIdentityClient{}
+//
+//        myfunc(mockSvc)
+//
+//        // Verify myFunc's functionality
+//    }
+//
+// It is important to note that this interface will have breaking changes
+// when the service model is updated and adds new API operations, paginators,
+// and waiters. Its suggested to use the pattern above for testing, or using
+// tooling to generate mocks to satisfy the interfaces.
+type CognitoIdentityAPI interface {
+	CreateIdentityPool(*cognitoidentity.CreateIdentityPoolInput) (*cognitoidentity.IdentityPool, error)
+	CreateIdentityPoolWithContext(aws.Context, *cognitoidentity.CreateIdentityPoolInput, ...request.Option) (*cognitoidentity.IdentityPool, error)
+	CreateIdentityPoolRequest(*cognitoidentity.CreateIdentityPoolInput) (*request.Request, *cognitoidentity.IdentityPool)
+
+	DeleteIdentities(*cognitoidentity.DeleteIdentitiesInput) (*cognitoidentity.DeleteIdentitiesOutput, error)
+	DeleteIdentitiesWithContext(aws.Context, *cognitoidentity.DeleteIdentitiesInput, ...request.Option) (*cognitoidentity.DeleteIdentitiesOutput, error)
+	DeleteIdentitiesRequest(*cognitoidentity.DeleteIdentitiesInput) (*request.Request, *cognitoidentity.DeleteIdentitiesOutput)
+
+	DeleteIdentityPool(*cognitoidentity.DeleteIdentityPoolInput) (*cognitoidentity.DeleteIdentityPoolOutput, error)
+	DeleteIdentityPoolWithContext(aws.Context, *cognitoidentity.DeleteIdentityPoolInput, ...request.Option) (*cognitoidentity.DeleteIdentityPoolOutput, error)
+	DeleteIdentityPoolRequest(*cognitoidentity.DeleteIdentityPoolInput) (*request.Request, *cognitoidentity.DeleteIdentityPoolOutput)
+
+	DescribeIdentity(*cognitoidentity.DescribeIdentityInput) (*cognitoidentity.IdentityDescription, error)
+	DescribeIdentityWithContext(aws.Context, *cognitoidentity.DescribeIdentityInput, ...request.Option) (*cognitoidentity.IdentityDescription, error)
+	DescribeIdentityRequest(*cognitoidentity.DescribeIdentityInput) (*request.Request, *cognitoidentity.IdentityDescription)
+
+	DescribeIdentityPool(*cognitoidentity.DescribeIdentityPoolInput) (*cognitoidentity.IdentityPool, error)
+	DescribeIdentityPoolWithContext(aws.Context, *cognitoidentity.DescribeIdentityPoolInput, ...request.Option) (*cognitoidentity.IdentityPool, error)
+	DescribeIdentityPoolRequest(*cognitoidentity.DescribeIdentityPoolInput) (*request.Request, *cognitoidentity.IdentityPool)
+
+	GetCredentialsForIdentity(*cognitoidentity.GetCredentialsForIdentityInput) (*cognitoidentity.GetCredentialsForIdentityOutput, error)
+	GetCredentialsForIdentityWithContext(aws.Context, *cognitoidentity.GetCredentialsForIdentityInput, ...request.Option) (*cognitoidentity.GetCredentialsForIdentityOutput, error)
+	GetCredentialsForIdentityRequest(*cognitoidentity.GetCredentialsForIdentityInput) (*request.Request, *cognitoidentity.GetCredentialsForIdentityOutput)
+
+	GetId(*cognitoidentity.GetIdInput) (*cognitoidentity.GetIdOutput, error)
+	GetIdWithContext(aws.Context, *cognitoidentity.GetIdInput, ...request.Option) (*cognitoidentity.GetIdOutput, error)
+	GetIdRequest(*cognitoidentity.GetIdInput) (*request.Request, *cognitoidentity.GetIdOutput)
+
+	GetIdentityPoolRoles(*cognitoidentity.GetIdentityPoolRolesInput) (*cognitoidentity.GetIdentityPoolRolesOutput, error)
+	GetIdentityPoolRolesWithContext(aws.Context, *cognitoidentity.GetIdentityPoolRolesInput, ...request.Option) (*cognitoidentity.GetIdentityPoolRolesOutput, error)
+	GetIdentityPoolRolesRequest(*cognitoidentity.GetIdentityPoolRolesInput) (*request.Request, *cognitoidentity.GetIdentityPoolRolesOutput)
+
+	GetOpenIdToken(*cognitoidentity.GetOpenIdTokenInput) (*cognitoidentity.GetOpenIdTokenOutput, error)
+	GetOpenIdTokenWithContext(aws.Context, *cognitoidentity.GetOpenIdTokenInput, ...request.Option) (*cognitoidentity.GetOpenIdTokenOutput, error)
+	GetOpenIdTokenRequest(*cognitoidentity.GetOpenIdTokenInput) (*request.Request, *cognitoidentity.GetOpenIdTokenOutput)
+
+	GetOpenIdTokenForDeveloperIdentity(*cognitoidentity.GetOpenIdTokenForDeveloperIdentityInput) (*cognitoidentity.GetOpenIdTokenForDeveloperIdentityOutput, error)
+	GetOpenIdTokenForDeveloperIdentityWithContext(aws.Context, *cognitoidentity.GetOpenIdTokenForDeveloperIdentityInput, ...request.Option) (*cognitoidentity.GetOpenIdTokenForDeveloperIdentityOutput, error)
+	GetOpenIdTokenForDeveloperIdentityRequest(*cognitoidentity.GetOpenIdTokenForDeveloperIdentityInput) (*request.Request, *cognitoidentity.GetOpenIdTokenForDeveloperIdentityOutput)
+
+	ListIdentities(*cognitoidentity.ListIdentitiesInput) (*cognitoidentity.ListIdentitiesOutput, error)
+	ListIdentitiesWithContext(aws.Context, *cognitoidentity.ListIdentitiesInput, ...request.Option) (*cognitoidentity.ListIdentitiesOutput, error)
+	ListIdentitiesRequest(*cognitoidentity.ListIdentitiesInput) (*request.Request, *cognitoidentity.ListIdentitiesOutput)
+
+	ListIdentityPools(*cognitoidentity.ListIdentityPoolsInput) (*cognitoidentity.ListIdentityPoolsOutput, error)
+	ListIdentityPoolsWithContext(aws.Context, *cognitoidentity.ListIdentityPoolsInput, ...request.Option) (*cognitoidentity.ListIdentityPoolsOutput, error)
+	ListIdentityPoolsRequest(*cognitoidentity.ListIdentityPoolsInput) (*request.Request, *cognitoidentity.ListIdentityPoolsOutput)
+
+	LookupDeveloperIdentity(*cognitoidentity.LookupDeveloperIdentityInput) (*cognitoidentity.LookupDeveloperIdentityOutput, error)
+	LookupDeveloperIdentityWithContext(aws.Context, *cognitoidentity.LookupDeveloperIdentityInput, ...request.Option) (*cognitoidentity.LookupDeveloperIdentityOutput, error)
+	LookupDeveloperIdentityRequest(*cognitoidentity.LookupDeveloperIdentityInput) (*request.Request, *cognitoidentity.LookupDeveloperIdentityOutput)
+
+	MergeDeveloperIdentities(*cognitoidentity.MergeDeveloperIdentitiesInput) (*cognitoidentity.MergeDeveloperIdentitiesOutput, error)
+	MergeDeveloperIdentitiesWithContext(aws.Context, *cognitoidentity.MergeDeveloperIdentitiesInput, ...request.Option) (*cognitoidentity.MergeDeveloperIdentitiesOutput, error)
+	MergeDeveloperIdentitiesRequest(*cognitoidentity.MergeDeveloperIdentitiesInput) (*request.Request, *cognitoidentity.MergeDeveloperIdentitiesOutput)
+
+	SetIdentityPoolRoles(*cognitoidentity.SetIdentityPoolRolesInput) (*cognitoidentity.SetIdentityPoolRolesOutput, error)
+	SetIdentityPoolRolesWithContext(aws.Context, *cognitoidentity.SetIdentityPoolRolesInput, ...request.Option) (*cognitoidentity.SetIdentityPoolRolesOutput, error)
+	SetIdentityPoolRolesRequest(*cognitoidentity.SetIdentityPoolRolesInput) (*request.Request, *cognitoidentity.SetIdentityPoolRolesOutput)
+
+	UnlinkDeveloperIdentity(*cognitoidentity.UnlinkDeveloperIdentityInput) (*cognitoidentity.UnlinkDeveloperIdentityOutput, error)
+	UnlinkDeveloperIdentityWithContext(aws.Context, *cognitoidentity.UnlinkDeveloperIdentityInput, ...request.Option) (*cognitoidentity.UnlinkDeveloperIdentityOutput, error)
+	UnlinkDeveloperIdentityRequest(*cognitoidentity.UnlinkDeveloperIdentityInput) (*request.Request, *cognitoidentity.UnlinkDeveloperIdentityOutput)
+
+	UnlinkIdentity(*cognitoidentity.UnlinkIdentityInput) (*cognitoidentity.UnlinkIdentityOutput, error)
+	UnlinkIdentityWithContext(aws.Context, *cognitoidentity.UnlinkIdentityInput, ...request.Option) (*cognitoidentity.UnlinkIdentityOutput, error)
+	UnlinkIdentityRequest(*cognitoidentity.UnlinkIdentityInput) (*request.Request, *cognitoidentity.UnlinkIdentityOutput)
+
+	UpdateIdentityPool(*cognitoidentity.IdentityPool) (*cognitoidentity.IdentityPool, error)
+	UpdateIdentityPoolWithContext(aws.Context, *cognitoidentity.IdentityPool, ...request.Option) (*cognitoidentity.IdentityPool, error)
+	UpdateIdentityPoolRequest(*cognitoidentity.IdentityPool) (*request.Request, *cognitoidentity.IdentityPool)
+}
+
+var _ CognitoIdentityAPI = (*cognitoidentity.CognitoIdentity)(nil)

vendor/github.com/aws/aws-sdk-go/service/cognitoidentity/customizations.go

@@ -0,0 +1,12 @@
+package cognitoidentity
+
+import "github.com/aws/aws-sdk-go/aws/request"
+
+func init() {
+	initRequest = func(r *request.Request) {
+		switch r.Operation.Name {
+		case opGetOpenIdToken, opGetId, opGetCredentialsForIdentity:
+			r.Handlers.Sign.Clear() // these operations are unsigned
+		}
+	}
+}

vendor/github.com/aws/aws-sdk-go/service/cognitoidentity/customizations_test.go

@@ -0,0 +1,56 @@
+package cognitoidentity_test
+
+import (
+	"testing"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/awstesting/unit"
+	"github.com/aws/aws-sdk-go/service/cognitoidentity"
+)
+
+var svc = cognitoidentity.New(unit.Session)
+
+func TestUnsignedRequest_GetID(t *testing.T) {
+	req, _ := svc.GetIdRequest(&cognitoidentity.GetIdInput{
+		IdentityPoolId: aws.String("IdentityPoolId"),
+	})
+
+	err := req.Sign()
+	if err != nil {
+		t.Errorf("expected no error, but received %v", err)
+	}
+
+	if e, a := "", req.HTTPRequest.Header.Get("Authorization"); e != a {
+		t.Errorf("expected empty value '%v', but received, %v", e, a)
+	}
+}
+
+func TestUnsignedRequest_GetOpenIDToken(t *testing.T) {
+	req, _ := svc.GetOpenIdTokenRequest(&cognitoidentity.GetOpenIdTokenInput{
+		IdentityId: aws.String("IdentityId"),
+	})
+
+	err := req.Sign()
+	if err != nil {
+		t.Errorf("expected no error, but received %v", err)
+	}
+
+	if e, a := "", req.HTTPRequest.Header.Get("Authorization"); e != a {
+		t.Errorf("expected empty value '%v', but received, %v", e, a)
+	}
+}
+
+func TestUnsignedRequest_GetCredentialsForIdentity(t *testing.T) {
+	req, _ := svc.GetCredentialsForIdentityRequest(&cognitoidentity.GetCredentialsForIdentityInput{
+		IdentityId: aws.String("IdentityId"),
+	})
+
+	err := req.Sign()
+	if err != nil {
+		t.Errorf("expected no error, but received %v", err)
+	}
+
+	if e, a := "", req.HTTPRequest.Header.Get("Authorization"); e != a {
+		t.Errorf("expected empty value '%v', but received, %v", e, a)
+	}
+}

vendor/github.com/aws/aws-sdk-go/service/cognitoidentity/doc.go

@@ -0,0 +1,59 @@
+// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
+
+// Package cognitoidentity provides the client and types for making API
+// requests to Amazon Cognito Identity.
+//
+// Amazon Cognito is a web service that delivers scoped temporary credentials
+// to mobile devices and other untrusted environments. Amazon Cognito uniquely
+// identifies a device and supplies the user with a consistent identity over
+// the lifetime of an application.
+//
+// Using Amazon Cognito, you can enable authentication with one or more third-party
+// identity providers (Facebook, Google, or Login with Amazon), and you can
+// also choose to support unauthenticated access from your app. Cognito delivers
+// a unique identifier for each user and acts as an OpenID token provider trusted
+// by AWS Security Token Service (STS) to access temporary, limited-privilege
+// AWS credentials.
+//
+// To provide end-user credentials, first make an unsigned call to GetId. If
+// the end user is authenticated with one of the supported identity providers,
+// set the Logins map with the identity provider token. GetId returns a unique
+// identifier for the user.
+//
+// Next, make an unsigned call to GetCredentialsForIdentity. This call expects
+// the same Logins map as the GetId call, as well as the IdentityID originally
+// returned by GetId. Assuming your identity pool has been configured via the
+// SetIdentityPoolRoles operation, GetCredentialsForIdentity will return AWS
+// credentials for your use. If your pool has not been configured with SetIdentityPoolRoles,
+// or if you want to follow legacy flow, make an unsigned call to GetOpenIdToken,
+// which returns the OpenID token necessary to call STS and retrieve AWS credentials.
+// This call expects the same Logins map as the GetId call, as well as the IdentityID
+// originally returned by GetId. The token returned by GetOpenIdToken can be
+// passed to the STS operation AssumeRoleWithWebIdentity (http://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithWebIdentity.html)
+// to retrieve AWS credentials.
+//
+// If you want to use Amazon Cognito in an Android, iOS, or Unity application,
+// you will probably want to make API calls via the AWS Mobile SDK. To learn
+// more, see the AWS Mobile SDK Developer Guide (http://docs.aws.amazon.com/mobile/index.html).
+//
+// See https://docs.aws.amazon.com/goto/WebAPI/cognito-identity-2014-06-30 for more information on this service.
+//
+// See cognitoidentity package documentation for more information.
+// https://docs.aws.amazon.com/sdk-for-go/api/service/cognitoidentity/
+//
+// Using the Client
+//
+// To contact Amazon Cognito Identity with the SDK use the New function to create
+// a new service client. With that client you can make API requests to the service.
+// These clients are safe to use concurrently.
+//
+// See the SDK's documentation for more information on how to use the SDK.
+// https://docs.aws.amazon.com/sdk-for-go/api/
+//
+// See aws.Config documentation for more information on configuring SDK clients.
+// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config
+//
+// See the Amazon Cognito Identity client CognitoIdentity for more
+// information on creating client for this service.
+// https://docs.aws.amazon.com/sdk-for-go/api/service/cognitoidentity/#New
+package cognitoidentity

vendor/github.com/aws/aws-sdk-go/service/cognitoidentity/errors.go

@@ -0,0 +1,77 @@
+// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
+
+package cognitoidentity
+
+const (
+
+	// ErrCodeConcurrentModificationException for service response error code
+	// "ConcurrentModificationException".
+	//
+	// Thrown if there are parallel requests to modify a resource.
+	ErrCodeConcurrentModificationException = "ConcurrentModificationException"
+
+	// ErrCodeDeveloperUserAlreadyRegisteredException for service response error code
+	// "DeveloperUserAlreadyRegisteredException".
+	//
+	// The provided developer user identifier is already registered with Cognito
+	// under a different identity ID.
+	ErrCodeDeveloperUserAlreadyRegisteredException = "DeveloperUserAlreadyRegisteredException"
+
+	// ErrCodeExternalServiceException for service response error code
+	// "ExternalServiceException".
+	//
+	// An exception thrown when a dependent service such as Facebook or Twitter
+	// is not responding
+	ErrCodeExternalServiceException = "ExternalServiceException"
+
+	// ErrCodeInternalErrorException for service response error code
+	// "InternalErrorException".
+	//
+	// Thrown when the service encounters an error during processing the request.
+	ErrCodeInternalErrorException = "InternalErrorException"
+
+	// ErrCodeInvalidIdentityPoolConfigurationException for service response error code
+	// "InvalidIdentityPoolConfigurationException".
+	//
+	// Thrown if the identity pool has no role associated for the given auth type
+	// (auth/unauth) or if the AssumeRole fails.
+	ErrCodeInvalidIdentityPoolConfigurationException = "InvalidIdentityPoolConfigurationException"
+
+	// ErrCodeInvalidParameterException for service response error code
+	// "InvalidParameterException".
+	//
+	// Thrown for missing or bad input parameter(s).
+	ErrCodeInvalidParameterException = "InvalidParameterException"
+
+	// ErrCodeLimitExceededException for service response error code
+	// "LimitExceededException".
+	//
+	// Thrown when the total number of user pools has exceeded a preset limit.
+	ErrCodeLimitExceededException = "LimitExceededException"
+
+	// ErrCodeNotAuthorizedException for service response error code
+	// "NotAuthorizedException".
+	//
+	// Thrown when a user is not authorized to access the requested resource.
+	ErrCodeNotAuthorizedException = "NotAuthorizedException"
+
+	// ErrCodeResourceConflictException for service response error code
+	// "ResourceConflictException".
+	//
+	// Thrown when a user tries to use a login which is already linked to another
+	// account.
+	ErrCodeResourceConflictException = "ResourceConflictException"
+
+	// ErrCodeResourceNotFoundException for service response error code
+	// "ResourceNotFoundException".
+	//
+	// Thrown when the requested resource (for example, a dataset or record) does
+	// not exist.
+	ErrCodeResourceNotFoundException = "ResourceNotFoundException"
+
+	// ErrCodeTooManyRequestsException for service response error code
+	// "TooManyRequestsException".
+	//
+	// Thrown when a request is throttled.
+	ErrCodeTooManyRequestsException = "TooManyRequestsException"
+)

vendor/github.com/aws/aws-sdk-go/service/cognitoidentity/service.go

@@ -0,0 +1,95 @@
+// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
+
+package cognitoidentity
+
+import (
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/client"
+	"github.com/aws/aws-sdk-go/aws/client/metadata"
+	"github.com/aws/aws-sdk-go/aws/request"
+	"github.com/aws/aws-sdk-go/aws/signer/v4"
+	"github.com/aws/aws-sdk-go/private/protocol/jsonrpc"
+)
+
+// CognitoIdentity provides the API operation methods for making requests to
+// Amazon Cognito Identity. See this package's package overview docs
+// for details on the service.
+//
+// CognitoIdentity methods are safe to use concurrently. It is not safe to
+// modify mutate any of the struct's properties though.
+type CognitoIdentity struct {
+	*client.Client
+}
+
+// Used for custom client initialization logic
+var initClient func(*client.Client)
+
+// Used for custom request initialization logic
+var initRequest func(*request.Request)
+
+// Service information constants
+const (
+	ServiceName = "cognito-identity" // Service endpoint prefix API calls made to.
+	EndpointsID = ServiceName        // Service ID for Regions and Endpoints metadata.
+)
+
+// New creates a new instance of the CognitoIdentity client with a session.
+// If additional configuration is needed for the client instance use the optional
+// aws.Config parameter to add your extra config.
+//
+// Example:
+//     // Create a CognitoIdentity client from just a session.
+//     svc := cognitoidentity.New(mySession)
+//
+//     // Create a CognitoIdentity client with additional configuration
+//     svc := cognitoidentity.New(mySession, aws.NewConfig().WithRegion("us-west-2"))
+func New(p client.ConfigProvider, cfgs ...*aws.Config) *CognitoIdentity {
+	c := p.ClientConfig(EndpointsID, cfgs...)
+	return newClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion, c.SigningName)
+}
+
+// newClient creates, initializes and returns a new service client instance.
+func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegion, signingName string) *CognitoIdentity {
+	svc := &CognitoIdentity{
+		Client: client.New(
+			cfg,
+			metadata.ClientInfo{
+				ServiceName:   ServiceName,
+				SigningName:   signingName,
+				SigningRegion: signingRegion,
+				Endpoint:      endpoint,
+				APIVersion:    "2014-06-30",
+				JSONVersion:   "1.1",
+				TargetPrefix:  "AWSCognitoIdentityService",
+			},
+			handlers,
+		),
+	}
+
+	// Handlers
+	svc.Handlers.Sign.PushBackNamed(v4.SignRequestHandler)
+	svc.Handlers.Build.PushBackNamed(jsonrpc.BuildHandler)
+	svc.Handlers.Unmarshal.PushBackNamed(jsonrpc.UnmarshalHandler)
+	svc.Handlers.UnmarshalMeta.PushBackNamed(jsonrpc.UnmarshalMetaHandler)
+	svc.Handlers.UnmarshalError.PushBackNamed(jsonrpc.UnmarshalErrorHandler)
+
+	// Run custom client initialization if present
+	if initClient != nil {
+		initClient(svc.Client)
+	}
+
+	return svc
+}
+
+// newRequest creates a new request for a CognitoIdentity operation and runs any
+// custom request initialization.
+func (c *CognitoIdentity) newRequest(op *request.Operation, params, data interface{}) *request.Request {
+	req := c.NewRequest(op, params, data)
+
+	// Run custom request initialization if present
+	if initRequest != nil {
+		initRequest(req)
+	}
+
+	return req
+}