aws-sdk-core 2.1.10 → 2.1.11
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/apis/opsworks/2013-02-18/api-2.json +120 -1
- data/apis/rds/2014-10-31/api-2.json +1670 -133
- data/lib/aws-sdk-core/s3/presigner.rb +45 -25
- data/lib/aws-sdk-core/signers/v4.rb +16 -3
- data/lib/aws-sdk-core/version.rb +1 -1
- metadata +2 -2
@@ -31,53 +31,73 @@ module Aws
|
|
31
31
|
# @option params [Boolean] :secure (true) When `false`, a HTTP URL
|
32
32
|
# is returned instead of the default HTTPS URL.
|
33
33
|
#
|
34
|
+
# @option params [Boolean] :virtual_host (false) When `true`, the
|
35
|
+
# {#bucket} name will be used as the hostname. This will cause
|
36
|
+
# the returned URL to be 'http' and not 'https'.
|
37
|
+
#
|
34
38
|
# @raise [ArgumentError] Raises an ArgumentError if `:expires_in`
|
35
39
|
# exceeds one week.
|
36
40
|
#
|
37
41
|
def presigned_url(method, params = {})
|
38
|
-
|
39
|
-
scheme = params
|
40
|
-
|
41
|
-
request = @client.build_request(method, params)
|
42
|
-
request.handle(PresignHandler, step: :sign, priority: 99)
|
43
|
-
validate_expires_in_header(expires_in)
|
44
|
-
request.context[:presigned_expires_in] = expires_in
|
42
|
+
virtual_host = !!params.delete(:virtual_host)
|
43
|
+
scheme = http_scheme(params, virtual_host)
|
45
44
|
|
46
|
-
|
47
|
-
|
48
|
-
|
45
|
+
req = @client.build_request(method, params)
|
46
|
+
use_bucket_as_hostname(req) if virtual_host
|
47
|
+
sign_but_dont_send(req, expires_in(params), scheme)
|
48
|
+
req.send_request.data
|
49
49
|
end
|
50
50
|
|
51
51
|
private
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
52
|
+
|
53
|
+
def http_scheme(params, virtual_host)
|
54
|
+
if params.delete(:secure) == false || virtual_host
|
55
|
+
'http'
|
56
|
+
else
|
57
|
+
'https'
|
57
58
|
end
|
58
59
|
end
|
59
60
|
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
61
|
+
def expires_in(params)
|
62
|
+
if expires_in = params.delete(:expires_in)
|
63
|
+
if expires_in > ONE_WEEK
|
64
|
+
msg = "expires_in value of #{expires_in} exceeds one-week maximum"
|
65
|
+
raise ArgumentError, msg
|
66
|
+
end
|
67
|
+
expires_in
|
68
|
+
else
|
69
|
+
FIFTEEN_MINUTES
|
67
70
|
end
|
71
|
+
end
|
68
72
|
|
69
|
-
|
73
|
+
def use_bucket_as_hostname(req)
|
74
|
+
req.handlers.remove(Plugins::S3BucketDns::Handler)
|
75
|
+
req.handle do |context|
|
76
|
+
uri = context.http_request.endpoint
|
77
|
+
uri.host = context.params[:bucket]
|
78
|
+
uri.path = uri.path.sub("/#{context.params[:bucket]}", '')
|
79
|
+
@handler.call(context)
|
80
|
+
end
|
81
|
+
end
|
82
|
+
|
83
|
+
def sign_but_dont_send(req, expires_in, scheme)
|
84
|
+
req.handlers.remove(Plugins::S3RequestSigner::SigningHandler)
|
85
|
+
req.handlers.remove(Seahorse::Client::Plugins::ContentLength::Handler)
|
86
|
+
req.handle(step: :send) do |context|
|
87
|
+
context.http_request.endpoint.scheme = scheme
|
70
88
|
signer = Signers::V4.new(
|
71
89
|
context.config.credentials, 's3',
|
72
90
|
context.config.region
|
73
91
|
)
|
74
|
-
signer.presigned_url(
|
92
|
+
url = signer.presigned_url(
|
75
93
|
context.http_request,
|
76
|
-
expires_in:
|
94
|
+
expires_in: expires_in,
|
77
95
|
body_digest: "UNSIGNED-PAYLOAD"
|
78
96
|
)
|
97
|
+
Seahorse::Client::Response.new(context: context, data: url)
|
79
98
|
end
|
80
99
|
end
|
100
|
+
|
81
101
|
end
|
82
102
|
end
|
83
103
|
end
|
@@ -31,7 +31,7 @@ module Aws
|
|
31
31
|
datetime = Time.now.utc.strftime("%Y%m%dT%H%M%SZ")
|
32
32
|
body_digest = req.headers['X-Amz-Content-Sha256'] || hexdigest(req.body)
|
33
33
|
req.headers['X-Amz-Date'] = datetime
|
34
|
-
req.headers['Host'] = req.endpoint
|
34
|
+
req.headers['Host'] = host(req.endpoint)
|
35
35
|
req.headers['X-Amz-Security-Token'] = @credentials.session_token if
|
36
36
|
@credentials.session_token
|
37
37
|
req.headers['X-Amz-Content-Sha256'] ||= body_digest
|
@@ -45,13 +45,13 @@ module Aws
|
|
45
45
|
# @option options [optional, String] :body_digest The SHA256 hexdigest of
|
46
46
|
# the payload to sign. For S3, this should be the string literal
|
47
47
|
# `UNSIGNED-PAYLOAD`.
|
48
|
-
# @return [
|
48
|
+
# @return [String]
|
49
49
|
# @api private
|
50
50
|
def presigned_url(request, options = {})
|
51
51
|
now = Time.now.utc.strftime("%Y%m%dT%H%M%SZ")
|
52
52
|
body_digest = options[:body_digest] || hexdigest(request.body)
|
53
53
|
|
54
|
-
request.headers['Host'] = request.endpoint
|
54
|
+
request.headers['Host'] = host(request.endpoint)
|
55
55
|
request.headers.delete('User-Agent')
|
56
56
|
|
57
57
|
params = Aws::Query::ParamList.new
|
@@ -179,6 +179,19 @@ module Aws
|
|
179
179
|
value.match(/^".*"$/) ? value : value.gsub(/\s+/, ' ').strip
|
180
180
|
end
|
181
181
|
|
182
|
+
def host(uri)
|
183
|
+
if standard_port?(uri)
|
184
|
+
uri.host
|
185
|
+
else
|
186
|
+
"#{uri.host}:#{uri.port}"
|
187
|
+
end
|
188
|
+
end
|
189
|
+
|
190
|
+
def standard_port?(uri)
|
191
|
+
(uri.scheme == 'http' && uri.port == 80) ||
|
192
|
+
(uri.scheme == 'https' && uri.port == 443)
|
193
|
+
end
|
194
|
+
|
182
195
|
def hexdigest(value)
|
183
196
|
digest = OpenSSL::Digest::SHA256.new
|
184
197
|
if value.respond_to?(:read)
|
data/lib/aws-sdk-core/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-core
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.1.
|
4
|
+
version: 2.1.11
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-07-
|
11
|
+
date: 2015-07-30 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: jmespath
|