aws-sdk-cognitoidentity 1.18.0 → 1.23.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 2a929492c6fe75beb54608d0a0709e8381c02216
-  data.tar.gz: f87af3b70a55459cc7272042ad9d35e09611a4a8
+SHA256:
+  metadata.gz: 232de08ece1960d1995b723cfdc79ce65be249403ec1e3afd4dd90dd3be68d3d
+  data.tar.gz: 48c3b4f6dc7fcd8c1bc3bbecb16c1f93b7361b9c5d4fe7f555a83728593efad9
 SHA512:
-  metadata.gz: 0e0966f0ac702b7d2d535287d60ea4b6e8a51d6ef7535ebb6e57b427db782c7b069d08c20b3a30b95ba1853cab3ec9a8fd7d5c517fba937b3a3c75b3e4475430
-  data.tar.gz: 2373c7ae205f7aae0b14670aa3923eca243239e20382a85b710fc0ff21d91a6e113f4236f75eda4dd94fccd2e0253708d69fa3767f437c69921e86992c38e468
+  metadata.gz: b33b2e1018bd6856e63d0834776bb87e257fd738741fea4a3cdbdc44e42f3465e1fa8dfe2ab89eb51dba9747c274ce9e66d8d72b542d1ea603d8d124c9af178e
+  data.tar.gz: 826e3e6100535f1ec505a4b50ae509c9e99fcbbd77197371ecc0ee358c8e762a091ec06d9c2a99e99db51e57632ec4677e640c0eca92290ef0b48f9f534bf389

data/lib/aws-sdk-cognitoidentity.rb

@@ -24,17 +24,20 @@ require_relative 'aws-sdk-cognitoidentity/customizations'
 # methods each accept a hash of request parameters and return a response
 # structure.
 #
+#     cognito_identity = Aws::CognitoIdentity::Client.new
+#     resp = cognito_identity.create_identity_pool(params)
+#
 # See {Client} for more information.
 #
 # # Errors
 #
-# Errors returned from Amazon Cognito Identity all
-# extend {Errors::ServiceError}.
+# Errors returned from Amazon Cognito Identity are defined in the
+# {Errors} module and all extend {Errors::ServiceError}.
 #
 #     begin
 #       # do stuff
 #     rescue Aws::CognitoIdentity::Errors::ServiceError
-#       # rescues all service API errors
+#       # rescues all Amazon Cognito Identity API errors
 #     end
 #
 # See {Errors} for more information.
@@ -42,6 +45,6 @@ require_relative 'aws-sdk-cognitoidentity/customizations'
 # @service
 module Aws::CognitoIdentity
 
-  GEM_VERSION = '1.18.0'
+  GEM_VERSION = '1.23.1'
 
 end

data/lib/aws-sdk-cognitoidentity/client.rb

@@ -24,12 +24,25 @@ require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
 require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
 require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
 require 'aws-sdk-core/plugins/transfer_encoding.rb'
+require 'aws-sdk-core/plugins/http_checksum.rb'
 require 'aws-sdk-core/plugins/signature_v4.rb'
 require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
 
 Aws::Plugins::GlobalConfiguration.add_identifier(:cognitoidentity)
 
 module Aws::CognitoIdentity
+  # An API client for CognitoIdentity.  To construct a client, you need to configure a `:region` and `:credentials`.
+  #
+  #     client = Aws::CognitoIdentity::Client.new(
+  #       region: region_name,
+  #       credentials: credentials,
+  #       # ...
+  #     )
+  #
+  # For details on configuring region and credentials see
+  # the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
+  #
+  # See {#initialize} for a full list of supported configuration options.
   class Client < Seahorse::Client::Base
 
     include Aws::ClientStubs
@@ -57,6 +70,7 @@ module Aws::CognitoIdentity
     add_plugin(Aws::Plugins::ClientMetricsPlugin)
     add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
     add_plugin(Aws::Plugins::TransferEncoding)
+    add_plugin(Aws::Plugins::HttpChecksum)
     add_plugin(Aws::Plugins::SignatureV4)
     add_plugin(Aws::Plugins::Protocols::JsonRpc)
 
@@ -93,7 +107,7 @@ module Aws::CognitoIdentity
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
     #     used to determine the service `:endpoint`. When not passed,
-    #     a default `:region` is search for in the following locations:
+    #     a default `:region` is searched for in the following locations:
     #
     #     * `Aws.config[:region]`
     #     * `ENV['AWS_REGION']`
@@ -108,6 +122,12 @@ module Aws::CognitoIdentity
     #     When set to `true`, a thread polling for endpoints will be running in
     #     the background every 60 secs (default). Defaults to `false`.
     #
+    #   @option options [Boolean] :adaptive_retry_wait_to_fill (true)
+    #     Used only in `adaptive` retry mode.  When true, the request will sleep
+    #     until there is sufficent client side capacity to retry the request.
+    #     When false, the request will raise a `RetryCapacityNotAvailableError` and will
+    #     not retry instead of sleeping.
+    #
     #   @option options [Boolean] :client_side_monitoring (false)
     #     When `true`, client-side metrics will be collected for all API requests from
     #     this client.
@@ -132,6 +152,10 @@ module Aws::CognitoIdentity
     #     When `true`, an attempt is made to coerce request parameters into
     #     the required types.
     #
+    #   @option options [Boolean] :correct_clock_skew (true)
+    #     Used only in `standard` and adaptive retry modes. Specifies whether to apply
+    #     a clock skew correction and retry requests with skewed client clocks.
+    #
     #   @option options [Boolean] :disable_host_prefix_injection (false)
     #     Set to true to disable SDK automatically adding host prefix
     #     to default service endpoint when available.
@@ -139,7 +163,7 @@ module Aws::CognitoIdentity
     #   @option options [String] :endpoint
     #     The client endpoint is normally constructed from the `:region`
     #     option. You should only configure an `:endpoint` when connecting
-    #     to test endpoints. This should be avalid HTTP(S) URI.
+    #     to test or custom endpoints. This should be a valid HTTP(S) URI.
     #
     #   @option options [Integer] :endpoint_cache_max_entries (1000)
     #     Used for the maximum size limit of the LRU cache storing endpoints data
@@ -154,7 +178,7 @@ module Aws::CognitoIdentity
     #     requests fetching endpoints information. Defaults to 60 sec.
     #
     #   @option options [Boolean] :endpoint_discovery (false)
-    #     When set to `true`, endpoint discovery will be enabled for operations when available. Defaults to `false`.
+    #     When set to `true`, endpoint discovery will be enabled for operations when available.
     #
     #   @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
     #     The log formatter.
@@ -166,15 +190,29 @@ module Aws::CognitoIdentity
     #     The Logger instance to send log messages to.  If this option
     #     is not set, logging will be disabled.
     #
+    #   @option options [Integer] :max_attempts (3)
+    #     An integer representing the maximum number attempts that will be made for
+    #     a single request, including the initial attempt.  For example,
+    #     setting this value to 5 will result in a request being retried up to
+    #     4 times. Used in `standard` and `adaptive` retry modes.
+    #
     #   @option options [String] :profile ("default")
     #     Used when loading credentials from the shared credentials file
     #     at HOME/.aws/credentials.  When not specified, 'default' is used.
     #
+    #   @option options [Proc] :retry_backoff
+    #     A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
+    #     This option is only used in the `legacy` retry mode.
+    #
     #   @option options [Float] :retry_base_delay (0.3)
-    #     The base delay in seconds used by the default backoff function.
+    #     The base delay in seconds used by the default backoff function. This option
+    #     is only used in the `legacy` retry mode.
     #
     #   @option options [Symbol] :retry_jitter (:none)
-    #     A delay randomiser function used by the default backoff function. Some predefined functions can be referenced by name - :none, :equal, :full, otherwise a Proc that takes and returns a number.
+    #     A delay randomiser function used by the default backoff function.
+    #     Some predefined functions can be referenced by name - :none, :equal, :full,
+    #     otherwise a Proc that takes and returns a number. This option is only used
+    #     in the `legacy` retry mode.
     #
     #     @see https://www.awsarchitectureblog.com/2015/03/backoff.html
     #
@@ -182,11 +220,30 @@ module Aws::CognitoIdentity
     #     The maximum number of times to retry failed requests.  Only
     #     ~ 500 level server errors and certain ~ 400 level client errors
     #     are retried.  Generally, these are throttling errors, data
-    #     checksum errors, networking errors, timeout errors and auth
-    #     errors from expired credentials.
+    #     checksum errors, networking errors, timeout errors, auth errors,
+    #     endpoint discovery, and errors from expired credentials.
+    #     This option is only used in the `legacy` retry mode.
     #
     #   @option options [Integer] :retry_max_delay (0)
-    #     The maximum number of seconds to delay between retries (0 for no limit) used by the default backoff function.
+    #     The maximum number of seconds to delay between retries (0 for no limit)
+    #     used by the default backoff function. This option is only used in the
+    #     `legacy` retry mode.
+    #
+    #   @option options [String] :retry_mode ("legacy")
+    #     Specifies which retry algorithm to use. Values are:
+    #
+    #     * `legacy` - The pre-existing retry behavior.  This is default value if
+    #       no retry mode is provided.
+    #
+    #     * `standard` - A standardized set of retry rules across the AWS SDKs.
+    #       This includes support for retry quotas, which limit the number of
+    #       unsuccessful retries a client can make.
+    #
+    #     * `adaptive` - An experimental retry mode that includes all the
+    #       functionality of `standard` mode along with automatic client side
+    #       throttling.  This is a provisional mode that may change behavior
+    #       in the future.
+    #
     #
     #   @option options [String] :secret_access_key
     #
@@ -219,16 +276,15 @@ module Aws::CognitoIdentity
     #     requests through.  Formatted like 'http://proxy.com:123'.
     #
     #   @option options [Float] :http_open_timeout (15) The number of
-    #     seconds to wait when opening a HTTP session before rasing a
+    #     seconds to wait when opening a HTTP session before raising a
     #     `Timeout::Error`.
     #
     #   @option options [Integer] :http_read_timeout (60) The default
     #     number of seconds to wait for response data.  This value can
-    #     safely be set
-    #     per-request on the session yeidled by {#session_for}.
+    #     safely be set per-request on the session.
     #
     #   @option options [Float] :http_idle_timeout (5) The number of
-    #     seconds a connection is allowed to sit idble before it is
+    #     seconds a connection is allowed to sit idle before it is
     #     considered stale.  Stale connections are closed and removed
     #     from the pool before making a request.
     #
@@ -237,7 +293,7 @@ module Aws::CognitoIdentity
     #     request body.  This option has no effect unless the request has
     #     "Expect" header set to "100-continue".  Defaults to `nil` which
     #     disables this behaviour.  This value can safely be set per
-    #     request on the session yeidled by {#session_for}.
+    #     request on the session.
     #
     #   @option options [Boolean] :http_wire_trace (false) When `true`,
     #     HTTP debug output will be sent to the `:logger`.
@@ -1435,7 +1491,7 @@ module Aws::CognitoIdentity
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-cognitoidentity'
-      context[:gem_version] = '1.18.0'
+      context[:gem_version] = '1.23.1'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-cognitoidentity/customizations.rb

@@ -1,7 +1 @@
-# WARNING ABOUT GENERATED CODE
-#
-# This file is generated. See the contributing for info on making contributions:
-# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
-#
-# WARNING ABOUT GENERATED CODE
-
+require 'aws-sdk-cognitoidentity/customizations/cognito_identity_credentials'

data/lib/aws-sdk-cognitoidentity/customizations/cognito_identity_credentials.rb

@@ -0,0 +1,132 @@
+require 'set'
+require 'securerandom'
+require 'base64'
+
+module Aws
+  module CognitoIdentity
+    # An auto-refreshing credential provider that
+    # represents credentials retrieved from STS Web Identity Federation using
+    # the Amazon Cognito Identity service.
+    #
+    # This provider gets credentials using the
+    # {Client.get_credentials_for_identity} service operation, which
+    # requires either an `identity_id` or an `identity_pool_id` (Amazon Cognito
+    # Identity Pool ID), which is used to call {Client.get_id} to
+    # obtain an `identity_id` automatically.
+    #
+    # In addition, if this credential provider is used to provide authenticated
+    # login, the `logins` map may be set to the tokens provided by the
+    # respective identity providers. See {#initialize} for an example on
+    # creating a credentials object with proper property values.
+    #
+    # ## Refreshing Credentials from Identity Service
+    #
+    # The CognitoIdentityCredentials will auto-refresh the AWS credentials from
+    # Cognito.  In addition to AWS credentials expiring after a given amount of
+    # time, the login token from the identity provider will also expire.
+    # Once this token expires, it will not be usable to refresh AWS credentials,
+    # and another token will be needed. The SDK does not manage refreshing of
+    # the token value, but this can be done through a "refresh token"
+    # supported by most identity providers. Consult the documentation for
+    # the identity provider for refreshing tokens. Once the refreshed token is
+    # acquired, you should make sure to update this new token in the
+    # CognitoIdentityCredentials object's {logins} property. The following
+    # code will update the WebIdentityToken, assuming you have retrieved
+    # an updated token from the identity provider:
+    #
+    #     AWS.config.credentials.logins['graph.facebook.com'] = updatedToken;
+    #     AWS.config.credentials.refresh!  # required only if authentication state has changed
+    #
+    # The CognitoIdentityCredentials also provides a `before_refresh` callback
+    # that can be used to help manage refreshing identity provider tokens.
+    # `before_refresh` is called when AWS credentials are required and need
+    # to be refreshed and it has access to the CognitoIdentityCredentials object.
+    class CognitoIdentityCredentials
+
+      include CredentialProvider
+      include RefreshingCredentials
+
+      # @param [Hash] options
+      # @option options [String] :identity_id the Cognito identity_id.  Required
+      #   unless identity_pool_id is given. A unique
+      #   identifier in the format REGION:GUID
+      #
+      # @option options [String] :identity_pool_id Required unless identity_id
+      #   is provided. A Amazon Cognito
+      #   Identity Pool ID)in the format REGION:GUID.
+      #
+      # @option options [Hash<String,String>] :logins A set of optional
+      #   name-value pairs that map provider names to provider tokens.
+      #   The name-value pair will follow the syntax
+      #   "provider_name": "provider_user_identifier".
+      #
+      # @option options [String] :custom_role_arn  The Amazon Resource
+      #   Name (ARN) of the role to be assumed when multiple roles were received
+      #   in the token from the identity provider. For example, a SAML-based
+      #   identity provider. This parameter is optional for identity providers
+      #   that do not support role customization.
+      #
+      # @option options [Callable] before_refresh Proc called before
+      #   credentials are refreshed from Cognito.  Useful for updating logins/
+      #   auth tokens. `before_refresh` is called when AWS credentials are
+      #   required and need to be refreshed. Login tokens can be refreshed using
+      #   the following example:
+      #
+      #      before_refresh = Proc.new do |cognito_credentials| do
+      #        cognito_credentials.logins['graph.facebook.com'] = update_token
+      #      end
+      #
+      # @option options [STS::CognitoIdentity] :client Optional CognitoIdentity
+      #   client. If not provided, a client will be constructed.
+      def initialize(options = {})
+        @identity_pool_id = options.delete(:identity_pool_id)
+        @identity_id = options.delete(:identity_id)
+        @custom_role_arn = options.delete(:custom_role_arn)
+        @logins = options.delete(:logins) || {}
+        @before_refresh = options.delete(:before_refresh)
+
+        if !@identity_pool_id && !@identity_id
+          raise ArgumentError,
+                'Must provide either identity_pool_id or identity_id'
+        end
+
+        @client = options[:client] || CognitoIdentity::Client.new(
+          options.merge(credentials: false)
+        )
+        super
+      end
+
+      # @return [CognitoIdentity::Client]
+      attr_reader :client
+
+      # @return [Hash<String,String>]
+      attr_accessor :logins
+
+      # @return [String]
+      def identity_id
+        @identity_id ||= @client
+                         .get_id(identity_pool_id: @identity_pool_id)
+                         .identity_id
+      end
+
+      private
+
+      def refresh
+        @before_refresh.call(self) if @before_refresh
+
+        resp = @client.get_credentials_for_identity(
+          identity_id: identity_id,
+          custom_role_arn: @custom_role_arn
+        )
+
+        @credentials = Credentials.new(
+          resp.credentials.access_key_id,
+          resp.credentials.secret_key,
+          resp.credentials.session_token
+        )
+        @expiration = resp.credentials.expiration
+      end
+    end
+  end
+end
+

data/lib/aws-sdk-cognitoidentity/errors.rb

@@ -6,6 +6,39 @@
 # WARNING ABOUT GENERATED CODE
 
 module Aws::CognitoIdentity
+
+  # When CognitoIdentity returns an error response, the Ruby SDK constructs and raises an error.
+  # These errors all extend Aws::CognitoIdentity::Errors::ServiceError < {Aws::Errors::ServiceError}
+  #
+  # You can rescue all CognitoIdentity errors using ServiceError:
+  #
+  #     begin
+  #       # do stuff
+  #     rescue Aws::CognitoIdentity::Errors::ServiceError
+  #       # rescues all CognitoIdentity API errors
+  #     end
+  #
+  #
+  # ## Request Context
+  # ServiceError objects have a {Aws::Errors::ServiceError#context #context} method that returns
+  # information about the request that generated the error.
+  # See {Seahorse::Client::RequestContext} for more information.
+  #
+  # ## Error Classes
+  # * {ConcurrentModificationException}
+  # * {DeveloperUserAlreadyRegisteredException}
+  # * {ExternalServiceException}
+  # * {InternalErrorException}
+  # * {InvalidIdentityPoolConfigurationException}
+  # * {InvalidParameterException}
+  # * {LimitExceededException}
+  # * {NotAuthorizedException}
+  # * {ResourceConflictException}
+  # * {ResourceNotFoundException}
+  # * {TooManyRequestsException}
+  #
+  # Additionally, error classes are dynamically generated for service errors based on the error code
+  # if they are not defined above.
   module Errors
 
     extend Aws::Errors::DynamicErrors
@@ -23,7 +56,6 @@ module Aws::CognitoIdentity
       def message
         @message || @data[:message]
       end
-
     end
 
     class DeveloperUserAlreadyRegisteredException < ServiceError
@@ -39,7 +71,6 @@ module Aws::CognitoIdentity
       def message
         @message || @data[:message]
       end
-
     end
 
     class ExternalServiceException < ServiceError
@@ -55,7 +86,6 @@ module Aws::CognitoIdentity
       def message
         @message || @data[:message]
       end
-
     end
 
     class InternalErrorException < ServiceError
@@ -71,7 +101,6 @@ module Aws::CognitoIdentity
       def message
         @message || @data[:message]
       end
-
     end
 
     class InvalidIdentityPoolConfigurationException < ServiceError
@@ -87,7 +116,6 @@ module Aws::CognitoIdentity
       def message
         @message || @data[:message]
       end
-
     end
 
     class InvalidParameterException < ServiceError
@@ -103,7 +131,6 @@ module Aws::CognitoIdentity
       def message
         @message || @data[:message]
       end
-
     end
 
     class LimitExceededException < ServiceError
@@ -119,7 +146,6 @@ module Aws::CognitoIdentity
       def message
         @message || @data[:message]
       end
-
     end
 
     class NotAuthorizedException < ServiceError
@@ -135,7 +161,6 @@ module Aws::CognitoIdentity
       def message
         @message || @data[:message]
       end
-
     end
 
     class ResourceConflictException < ServiceError
@@ -151,7 +176,6 @@ module Aws::CognitoIdentity
       def message
         @message || @data[:message]
       end
-
     end
 
     class ResourceNotFoundException < ServiceError
@@ -167,7 +191,6 @@ module Aws::CognitoIdentity
       def message
         @message || @data[:message]
       end
-
     end
 
     class TooManyRequestsException < ServiceError
@@ -183,7 +206,6 @@ module Aws::CognitoIdentity
       def message
         @message || @data[:message]
       end
-
     end
 
   end

data/lib/aws-sdk-cognitoidentity/resource.rb

@@ -6,6 +6,7 @@
 # WARNING ABOUT GENERATED CODE
 
 module Aws::CognitoIdentity
+
   class Resource
 
     # @param options ({})

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-cognitoidentity
 version: !ruby/object:Gem::Version
-  version: 1.18.0
+  version: 1.23.1
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-11-08 00:00:00.000000000 Z
+date: 2020-06-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.71.0
+        version: 3.99.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.71.0
+        version: 3.99.0
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
   requirement: !ruby/object:Gem::Requirement
@@ -56,6 +56,7 @@ files:
 - lib/aws-sdk-cognitoidentity/client.rb
 - lib/aws-sdk-cognitoidentity/client_api.rb
 - lib/aws-sdk-cognitoidentity/customizations.rb
+- lib/aws-sdk-cognitoidentity/customizations/cognito_identity_credentials.rb
 - lib/aws-sdk-cognitoidentity/errors.rb
 - lib/aws-sdk-cognitoidentity/resource.rb
 - lib/aws-sdk-cognitoidentity/types.rb
@@ -81,7 +82,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2.3
+rubygems_version: 2.7.6.2
 signing_key: 
 specification_version: 4
 summary: AWS SDK for Ruby - Amazon Cognito Identity