5 files changed, 29 insertions, 12 deletions

diff --git a/src/rgw/rgw_common.cc b/src/rgw/rgw_common.cc
index e77d973958e..7ba3089f7f4 100644
--- a/src/rgw/rgw_common.cc
+++ b/src/rgw/rgw_common.cc
@@ -374,6 +374,15 @@ void set_req_state_err(req_state* s, int err_no)
 
 void dump(req_state* s)
 {
+  std::optional<Formatter::ObjectSection> error_response;
+  if (s->prot_flags & RGW_REST_IAM) {
+    error_response.emplace(*s->formatter, "ErrorResponse", RGW_REST_IAM_XMLNS);
+  } else if (s->prot_flags & RGW_REST_SNS) {
+    error_response.emplace(*s->formatter, "ErrorResponse", RGW_REST_SNS_XMLNS);
+  } else if (s->prot_flags & RGW_REST_STS) {
+    error_response.emplace(*s->formatter, "ErrorResponse", RGW_REST_STS_XMLNS);
+  }
+
   if (s->format != RGWFormat::HTML)
     s->formatter->open_object_section("Error");
   if (!s->err.err_code.empty())
@@ -385,7 +394,7 @@ void dump(req_state* s)
     s->formatter->dump_string("RequestId", s->trans_id);
   s->formatter->dump_string("HostId", s->host_id);
   if (s->format != RGWFormat::HTML)
-    s->formatter->close_section();
+    s->formatter->close_section(); // Error
 }
 
 struct str_len {
diff --git a/src/rgw/rgw_common.h b/src/rgw/rgw_common.h
index c7b09e401f1..b1dd29e9057 100644
--- a/src/rgw/rgw_common.h
+++ b/src/rgw/rgw_common.h
@@ -213,7 +213,16 @@ static inline const char* to_mime_type(const RGWFormat f)
 #define RGW_REST_WEBSITE     0x8
 #define RGW_REST_STS            0x10
 #define RGW_REST_IAM            0x20
-#define RGW_REST_SNS            0x30
+#define RGW_REST_SNS            0x40
+
+inline constexpr const char* RGW_REST_IAM_XMLNS =
+    "https://iam.amazonaws.com/doc/2010-05-08/";
+
+inline constexpr const char* RGW_REST_SNS_XMLNS =
+    "https://sns.amazonaws.com/doc/2010-03-31/";
+
+inline constexpr const char* RGW_REST_STS_XMLNS =
+    "https://sts.amazonaws.com/doc/2011-06-15/";
 
 #define RGW_SUSPENDED_USER_AUID (uint64_t)-2
 
diff --git a/src/rgw/rgw_rest_iam.h b/src/rgw/rgw_rest_iam.h
index 3e579ab35ce..c1edd201e37 100644
--- a/src/rgw/rgw_rest_iam.h
+++ b/src/rgw/rgw_rest_iam.h
@@ -7,6 +7,7 @@
 #include "rgw_auth_filters.h"
 #include "rgw_rest.h"
 
+
 class RGWHandler_REST_IAM : public RGWHandler_REST {
   const rgw::auth::StrategyRegistry& auth_registry;
   bufferlist bl_post_body;
diff --git a/src/rgw/rgw_rest_pubsub.cc b/src/rgw/rgw_rest_pubsub.cc
index 4fb1051ebf6..ec0b2ff6e86 100644
--- a/src/rgw/rgw_rest_pubsub.cc
+++ b/src/rgw/rgw_rest_pubsub.cc
@@ -23,8 +23,6 @@
 #define dout_context g_ceph_context
 #define dout_subsys ceph_subsys_rgw
 
-static const char* AWS_SNS_NS("https://sns.amazonaws.com/doc/2010-03-31/");
-
 bool verify_transport_security(CephContext *cct, const RGWEnv& env) {
   const auto is_secure = rgw_transport_is_secure(cct, env);
   if (!is_secure && g_conf().get_val<bool>("rgw_allow_notification_secrets_in_cleartext")) {
@@ -264,7 +262,7 @@ class RGWPSCreateTopicOp : public RGWOp {
     }
 
     const auto f = s->formatter;
-    f->open_object_section_in_ns("CreateTopicResponse", AWS_SNS_NS);
+    f->open_object_section_in_ns("CreateTopicResponse", RGW_REST_SNS_XMLNS);
     f->open_object_section("CreateTopicResult");
     encode_xml("TopicArn", topic_arn, f); 
     f->close_section(); // CreateTopicResult
@@ -340,7 +338,7 @@ public:
     }
 
     const auto f = s->formatter;
-    f->open_object_section_in_ns("ListTopicsResponse", AWS_SNS_NS);
+    f->open_object_section_in_ns("ListTopicsResponse", RGW_REST_SNS_XMLNS);
     f->open_object_section("ListTopicsResult");
     encode_xml("Topics", result, f); 
     f->close_section(); // ListTopicsResult
@@ -513,7 +511,7 @@ class RGWPSGetTopicAttributesOp : public RGWOp {
     }
 
     const auto f = s->formatter;
-    f->open_object_section_in_ns("GetTopicAttributesResponse", AWS_SNS_NS);
+    f->open_object_section_in_ns("GetTopicAttributesResponse", RGW_REST_SNS_XMLNS);
     f->open_object_section("GetTopicAttributesResult");
     result.dump_xml_as_attributes(f);
     f->close_section(); // GetTopicAttributesResult
@@ -701,7 +699,7 @@ class RGWPSSetTopicAttributesOp : public RGWOp {
     }
 
     const auto f = s->formatter;
-    f->open_object_section_in_ns("SetTopicAttributesResponse", AWS_SNS_NS);
+    f->open_object_section_in_ns("SetTopicAttributesResponse", RGW_REST_SNS_XMLNS);
     f->open_object_section("ResponseMetadata");
     encode_xml("RequestId", s->req_id, f);
     f->close_section();  // ResponseMetadata
@@ -799,7 +797,7 @@ class RGWPSDeleteTopicOp : public RGWOp {
     }
 
     const auto f = s->formatter;
-    f->open_object_section_in_ns("DeleteTopicResponse", AWS_SNS_NS);
+    f->open_object_section_in_ns("DeleteTopicResponse", RGW_REST_SNS_XMLNS);
     f->open_object_section("ResponseMetadata");
     encode_xml("RequestId", s->req_id, f); 
     f->close_section(); // ResponseMetadata
diff --git a/src/rgw/rgw_rest_sts.cc b/src/rgw/rgw_rest_sts.cc
index d94181f4e63..210d310313f 100644
--- a/src/rgw/rgw_rest_sts.cc
+++ b/src/rgw/rgw_rest_sts.cc
@@ -621,7 +621,7 @@ void RGWSTSGetSessionToken::execute(optional_yield y)
   op_ret = std::move(ret);
   //Dump the output
   if (op_ret == 0) {
-    s->formatter->open_object_section("GetSessionTokenResponse");
+    s->formatter->open_object_section_in_ns("GetSessionTokenResponse", RGW_REST_STS_XMLNS);
     s->formatter->open_object_section("GetSessionTokenResult");
     s->formatter->open_object_section("Credentials");
     creds.dump(s->formatter);
@@ -677,7 +677,7 @@ void RGWSTSAssumeRoleWithWebIdentity::execute(optional_yield y)
 
   //Dump the output
   if (op_ret == 0) {
-    s->formatter->open_object_section("AssumeRoleWithWebIdentityResponse");
+    s->formatter->open_object_section_in_ns("AssumeRoleWithWebIdentityResponse", RGW_REST_STS_XMLNS);
     s->formatter->open_object_section("AssumeRoleWithWebIdentityResult");
     encode_json("SubjectFromWebIdentityToken", response.sub , s->formatter);
     encode_json("Audience", response.aud , s->formatter);
@@ -738,7 +738,7 @@ void RGWSTSAssumeRole::execute(optional_yield y)
   op_ret = std::move(response.retCode);
   //Dump the output
   if (op_ret == 0) {
-    s->formatter->open_object_section("AssumeRoleResponse");
+    s->formatter->open_object_section_in_ns("AssumeRoleResponse", RGW_REST_STS_XMLNS);
     s->formatter->open_object_section("AssumeRoleResult");
     s->formatter->open_object_section("Credentials");
     response.creds.dump(s->formatter);