aws-sdk-core 3.114.1 → 3.130.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (67) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +216 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-defaults/default_configuration.rb +153 -0
  5. data/lib/aws-defaults/defaults_mode_config_resolver.rb +107 -0
  6. data/lib/aws-defaults.rb +3 -0
  7. data/lib/aws-sdk-core/assume_role_credentials.rb +19 -0
  8. data/lib/aws-sdk-core/assume_role_web_identity_credentials.rb +7 -1
  9. data/lib/aws-sdk-core/client_stubs.rb +5 -1
  10. data/lib/aws-sdk-core/credential_provider_chain.rb +2 -1
  11. data/lib/aws-sdk-core/ec2_metadata.rb +27 -7
  12. data/lib/aws-sdk-core/ecs_credentials.rb +5 -0
  13. data/lib/aws-sdk-core/errors.rb +5 -1
  14. data/lib/aws-sdk-core/instance_profile_credentials.rb +119 -18
  15. data/lib/aws-sdk-core/json/json_engine.rb +10 -8
  16. data/lib/aws-sdk-core/json/oj_engine.rb +33 -6
  17. data/lib/aws-sdk-core/json/parser.rb +8 -0
  18. data/lib/aws-sdk-core/json.rb +8 -26
  19. data/lib/aws-sdk-core/log/param_filter.rb +9 -1
  20. data/lib/aws-sdk-core/pageable_response.rb +72 -26
  21. data/lib/aws-sdk-core/pager.rb +3 -0
  22. data/lib/aws-sdk-core/param_validator.rb +29 -0
  23. data/lib/aws-sdk-core/plugins/checksum_algorithm.rb +340 -0
  24. data/lib/aws-sdk-core/plugins/credentials_configuration.rb +3 -1
  25. data/lib/aws-sdk-core/plugins/defaults_mode.rb +40 -0
  26. data/lib/aws-sdk-core/plugins/http_checksum.rb +8 -1
  27. data/lib/aws-sdk-core/plugins/protocols/api_gateway.rb +17 -0
  28. data/lib/aws-sdk-core/plugins/protocols/rest_json.rb +16 -1
  29. data/lib/aws-sdk-core/plugins/recursion_detection.rb +27 -0
  30. data/lib/aws-sdk-core/plugins/regional_endpoint.rb +47 -1
  31. data/lib/aws-sdk-core/plugins/response_paging.rb +1 -1
  32. data/lib/aws-sdk-core/plugins/retries/error_inspector.rb +5 -3
  33. data/lib/aws-sdk-core/plugins/retry_errors.rb +21 -5
  34. data/lib/aws-sdk-core/plugins/signature_v4.rb +15 -24
  35. data/lib/aws-sdk-core/plugins/stub_responses.rb +5 -1
  36. data/lib/aws-sdk-core/process_credentials.rb +3 -2
  37. data/lib/aws-sdk-core/refreshing_credentials.rb +40 -11
  38. data/lib/aws-sdk-core/rest/request/body.rb +19 -1
  39. data/lib/aws-sdk-core/rest/request/headers.rb +18 -6
  40. data/lib/aws-sdk-core/rest/response/headers.rb +3 -1
  41. data/lib/aws-sdk-core/shared_config.rb +27 -8
  42. data/lib/aws-sdk-core/shared_credentials.rb +7 -1
  43. data/lib/aws-sdk-core/sso_credentials.rb +8 -3
  44. data/lib/aws-sdk-core/structure.rb +10 -1
  45. data/lib/aws-sdk-core/xml/parser/engines/ox.rb +1 -1
  46. data/lib/aws-sdk-core/xml/parser/engines/rexml.rb +0 -8
  47. data/lib/aws-sdk-core/xml/parser/frame.rb +23 -0
  48. data/lib/aws-sdk-core.rb +6 -0
  49. data/lib/aws-sdk-sso/client.rb +27 -5
  50. data/lib/aws-sdk-sso.rb +1 -1
  51. data/lib/aws-sdk-sts/client.rb +424 -415
  52. data/lib/aws-sdk-sts/plugins/sts_regional_endpoints.rb +5 -1
  53. data/lib/aws-sdk-sts/presigner.rb +7 -1
  54. data/lib/aws-sdk-sts/types.rb +199 -181
  55. data/lib/aws-sdk-sts.rb +1 -1
  56. data/lib/seahorse/client/configuration.rb +4 -0
  57. data/lib/seahorse/client/h2/connection.rb +14 -11
  58. data/lib/seahorse/client/h2/handler.rb +4 -5
  59. data/lib/seahorse/client/net_http/connection_pool.rb +7 -0
  60. data/lib/seahorse/client/net_http/handler.rb +15 -7
  61. data/lib/seahorse/client/net_http/patches.rb +13 -84
  62. data/lib/seahorse/client/plugins/content_length.rb +11 -5
  63. data/lib/seahorse/client/plugins/net_http.rb +33 -2
  64. data/lib/seahorse/model/operation.rb +3 -0
  65. data/lib/seahorse/model/shapes.rb +25 -0
  66. metadata +11 -6
  67. data/lib/aws-sdk-sso/plugins/content_type.rb +0 -25
@@ -12,32 +12,22 @@ module Aws
12
12
  end
13
13
 
14
14
  option(:sigv4_name) do |cfg|
15
- cfg.api.metadata['signingName'] || cfg.api.metadata['endpointPrefix']
15
+ signingName = if cfg.region
16
+ Aws::Partitions::EndpointProvider.signing_service(
17
+ cfg.region, cfg.api.metadata['endpointPrefix']
18
+ )
19
+ end
20
+ signingName || cfg.api.metadata['signingName'] || cfg.api.metadata['endpointPrefix']
16
21
  end
17
22
 
18
23
  option(:sigv4_region) do |cfg|
19
-
20
- # The signature version 4 signing region is most
21
- # commonly the configured region. There are a few
22
- # notable exceptions:
23
- #
24
- # * Some services have a global endpoint to the entire
25
- # partition. For example, when constructing a route53
26
- # client for a region like "us-west-2", we will
27
- # always use "route53.amazonaws.com". This endpoint
28
- # is actually global to the entire partition,
29
- # and must be signed as "us-east-1".
30
- #
31
- # * When the region is configured, but it is configured
32
- # to a non region, such as "aws-global". This is similar
33
- # to the previous case. We use the Aws::Partitions::EndpointProvider
34
- # to resolve to the actual signing region.
35
- #
36
- prefix = cfg.api.metadata['endpointPrefix']
37
- if prefix && cfg.endpoint.to_s.match(/#{prefix}\.amazonaws\.com/)
38
- 'us-east-1'
39
- elsif cfg.region
40
- Aws::Partitions::EndpointProvider.signing_region(cfg.region, cfg.sigv4_name)
24
+ if cfg.region
25
+ if cfg.respond_to?(:sts_regional_endpoints)
26
+ sts_regional = cfg.sts_regional_endpoints
27
+ end
28
+ Aws::Partitions::EndpointProvider.signing_region(
29
+ cfg.region, cfg.api.metadata['endpointPrefix'], sts_regional
30
+ )
41
31
  end
42
32
  end
43
33
 
@@ -108,6 +98,7 @@ module Aws
108
98
  req.headers.delete('Authorization')
109
99
  req.headers.delete('X-Amz-Security-Token')
110
100
  req.headers.delete('X-Amz-Date')
101
+ req.headers.delete('x-Amz-Region-Set')
111
102
 
112
103
  if context.config.respond_to?(:clock_skew) &&
113
104
  context.config.clock_skew &&
@@ -144,7 +135,7 @@ module Aws
144
135
  def apply_authtype(context)
145
136
  if context.operation['authtype'].eql?('v4-unsigned-body') &&
146
137
  context.http_request.endpoint.scheme.eql?('https')
147
- context.http_request.headers['X-Amz-Content-Sha256'] = 'UNSIGNED-PAYLOAD'
138
+ context.http_request.headers['X-Amz-Content-Sha256'] ||= 'UNSIGNED-PAYLOAD'
148
139
  end
149
140
  context
150
141
  end
@@ -51,7 +51,11 @@ requests are made, and retries are disabled.
51
51
  stub = context.client.next_stub(context)
52
52
  resp = Seahorse::Client::Response.new(context: context)
53
53
  async_mode = context.client.is_a? Seahorse::Client::AsyncBase
54
- apply_stub(stub, resp, async_mode)
54
+ if Hash === stub && stub[:mutex]
55
+ stub[:mutex].synchronize { apply_stub(stub, resp, async_mode) }
56
+ else
57
+ apply_stub(stub, resp, async_mode)
58
+ end
55
59
 
56
60
  async_mode ? Seahorse::Client::AsyncResponse.new(
57
61
  context: context, stream: context[:input_event_stream_handler].event_emitter.stream, sync_queue: Queue.new) : resp
@@ -27,6 +27,7 @@ module Aws
27
27
  def initialize(process)
28
28
  @process = process
29
29
  @credentials = credentials_from_process(@process)
30
+ @async_refresh = false
30
31
 
31
32
  super
32
33
  end
@@ -73,9 +74,9 @@ module Aws
73
74
  @credentials = credentials_from_process(@process)
74
75
  end
75
76
 
76
- def near_expiration?
77
+ def near_expiration?(expiration_length)
77
78
  # are we within 5 minutes of expiration?
78
- @expiration && (Time.now.to_i + 5 * 60) > @expiration.to_i
79
+ @expiration && (Time.now.to_i + expiration_length) > @expiration.to_i
79
80
  end
80
81
  end
81
82
  end
@@ -17,45 +17,74 @@ module Aws
17
17
  # @api private
18
18
  module RefreshingCredentials
19
19
 
20
+ SYNC_EXPIRATION_LENGTH = 300 # 5 minutes
21
+ ASYNC_EXPIRATION_LENGTH = 600 # 10 minutes
22
+
20
23
  def initialize(options = {})
21
24
  @mutex = Mutex.new
25
+ @before_refresh = options.delete(:before_refresh) if Hash === options
26
+
27
+ @before_refresh.call(self) if @before_refresh
22
28
  refresh
23
29
  end
24
30
 
25
31
  # @return [Credentials]
26
32
  def credentials
27
- refresh_if_near_expiration
33
+ refresh_if_near_expiration!
28
34
  @credentials
29
35
  end
30
36
 
31
37
  # @return [Time,nil]
32
38
  def expiration
33
- refresh_if_near_expiration
39
+ refresh_if_near_expiration!
34
40
  @expiration
35
41
  end
36
42
 
37
43
  # Refresh credentials.
38
44
  # @return [void]
39
45
  def refresh!
40
- @mutex.synchronize { refresh }
46
+ @mutex.synchronize do
47
+ @before_refresh.call(self) if @before_refresh
48
+
49
+ refresh
50
+ end
41
51
  end
42
52
 
43
53
  private
44
54
 
45
- # Refreshes instance metadata credentials if they are within
46
- # 5 minutes of expiration.
47
- def refresh_if_near_expiration
48
- if near_expiration?
55
+ # Refreshes credentials asynchronously and synchronously.
56
+ # If we are near to expiration, block while getting new credentials.
57
+ # Otherwise, if we're approaching expiration, use the existing credentials
58
+ # but attempt a refresh in the background.
59
+ def refresh_if_near_expiration!
60
+ # Note: This check is an optimization. Rather than acquire the mutex on every #refresh_if_near_expiration
61
+ # call, we check before doing so, and then we check within the mutex to avoid a race condition.
62
+ # See issue: https://github.com/aws/aws-sdk-ruby/issues/2641 for more info.
63
+ if near_expiration?(SYNC_EXPIRATION_LENGTH)
49
64
  @mutex.synchronize do
50
- refresh if near_expiration?
65
+ if near_expiration?(SYNC_EXPIRATION_LENGTH)
66
+ @before_refresh.call(self) if @before_refresh
67
+ refresh
68
+ end
69
+ end
70
+ elsif @async_refresh && near_expiration?(ASYNC_EXPIRATION_LENGTH)
71
+ unless @mutex.locked?
72
+ Thread.new do
73
+ @mutex.synchronize do
74
+ if near_expiration?(ASYNC_EXPIRATION_LENGTH)
75
+ @before_refresh.call(self) if @before_refresh
76
+ refresh
77
+ end
78
+ end
79
+ end
51
80
  end
52
81
  end
53
82
  end
54
83
 
55
- def near_expiration?
84
+ def near_expiration?(expiration_length)
56
85
  if @expiration
57
- # are we within 5 minutes of expiration?
58
- (Time.now.to_i + 5 * 60) > @expiration.to_i
86
+ # Are we within expiration?
87
+ (Time.now.to_i + expiration_length) > @expiration.to_i
59
88
  else
60
89
  true
61
90
  end
@@ -17,11 +17,29 @@ module Aws
17
17
  # @param [Seahorse::Client::Http::Request] http_req
18
18
  # @param [Hash] params
19
19
  def apply(http_req, params)
20
- http_req.body = build_body(params)
20
+ body = build_body(params)
21
+ # for rest-json, ensure we send at least an empty object
22
+ # don't send an empty object for streaming? case.
23
+ if body.nil? && @serializer_class == Json::Builder &&
24
+ modeled_body? && !streaming?
25
+ body = '{}'
26
+ end
27
+ http_req.body = body
21
28
  end
22
29
 
23
30
  private
24
31
 
32
+ # operation is modeled for body when it is modeled for a payload
33
+ # either with payload trait or normal members.
34
+ def modeled_body?
35
+ return true if @rules[:payload]
36
+ @rules.shape.members.each do |member|
37
+ _name, shape = member
38
+ return true if shape.location.nil?
39
+ end
40
+ false
41
+ end
42
+
25
43
  def build_body(params)
26
44
  if streaming?
27
45
  params[@rules[:payload]]
@@ -32,11 +32,11 @@ module Aws
32
32
 
33
33
  def apply_header_value(headers, ref, value)
34
34
  value = apply_json_trait(value) if ref['jsonvalue']
35
- headers[ref.location_name] =
36
- case ref.shape
37
- when TimestampShape then timestamp(ref, value)
38
- else value.to_s
39
- end
35
+ case ref.shape
36
+ when TimestampShape then headers[ref.location_name] = timestamp(ref, value)
37
+ when ListShape then list(headers, ref, value)
38
+ else headers[ref.location_name] = value.to_s
39
+ end
40
40
  end
41
41
 
42
42
  def timestamp(ref, value)
@@ -49,6 +49,18 @@ module Aws
49
49
  end
50
50
  end
51
51
 
52
+ def list(headers, ref, value)
53
+ return if !value || value.empty?
54
+ headers[ref.location_name] = value
55
+ .compact
56
+ .map { |s| escape_header_list_string(s.to_s) }
57
+ .join(",")
58
+ end
59
+
60
+ def escape_header_list_string(s)
61
+ (s.include?('"') || s.include?(",")) ? "\"#{s.gsub('"', '\"')}\"" : s
62
+ end
63
+
52
64
  def apply_header_map(headers, ref, values)
53
65
  prefix = ref.location_name || ''
54
66
  values.each_pair do |name, value|
@@ -57,7 +69,7 @@ module Aws
57
69
  end
58
70
 
59
71
  # With complex headers value in json syntax,
60
- # base64 encodes value to aviod weird characters
72
+ # base64 encodes value to avoid weird characters
61
73
  # causing potential issues in headers
62
74
  def apply_json_trait(value)
63
75
  Base64.strict_encode64(value)
@@ -40,8 +40,10 @@ module Aws
40
40
  when IntegerShape then value.to_i
41
41
  when FloatShape then value.to_f
42
42
  when BooleanShape then value == 'true'
43
+ when ListShape then
44
+ value.split(",").map { |v| cast_value(ref.shape.member, v) }
43
45
  when TimestampShape
44
- if value =~ /\d+(\.\d*)/
46
+ if value =~ /^\d+(\.\d*)/
45
47
  Time.at(value.to_f)
46
48
  elsif value =~ /^\d+$/
47
49
  Time.at(value.to_i)
@@ -100,7 +100,7 @@ module Aws
100
100
  # or `nil` if no valid credentials were found.
101
101
  def credentials(opts = {})
102
102
  p = opts[:profile] || @profile_name
103
- validate_profile_exists(p) if credentials_present?
103
+ validate_profile_exists(p)
104
104
  if (credentials = credentials_from_shared(p, opts))
105
105
  credentials
106
106
  elsif (credentials = credentials_from_config(p, opts))
@@ -163,6 +163,10 @@ module Aws
163
163
  :ca_bundle,
164
164
  :credential_process,
165
165
  :endpoint_discovery_enabled,
166
+ :use_dualstack_endpoint,
167
+ :use_fips_endpoint,
168
+ :ec2_metadata_service_endpoint,
169
+ :ec2_metadata_service_endpoint_mode,
166
170
  :max_attempts,
167
171
  :retry_mode,
168
172
  :adaptive_retry_wait_to_fill,
@@ -173,7 +177,9 @@ module Aws
173
177
  :csm_port,
174
178
  :sts_regional_endpoints,
175
179
  :s3_use_arn_region,
176
- :s3_us_east_1_regional_endpoint
180
+ :s3_us_east_1_regional_endpoint,
181
+ :s3_disable_multiregion_access_points,
182
+ :defaults_mode
177
183
  )
178
184
 
179
185
  private
@@ -189,11 +195,6 @@ module Aws
189
195
  value
190
196
  end
191
197
 
192
- def credentials_present?
193
- (@parsed_credentials && !@parsed_credentials.empty?) ||
194
- (@parsed_config && !@parsed_config.empty?)
195
- end
196
-
197
198
  def assume_role_from_profile(cfg, profile, opts, chain_config)
198
199
  if cfg && prof_cfg = cfg[profile]
199
200
  opts[:source_profile] ||= prof_cfg['source_profile']
@@ -205,6 +206,7 @@ module Aws
205
206
  'a credential_source. For assume role credentials, must '\
206
207
  'provide only source_profile or credential_source, not both.'
207
208
  elsif opts[:source_profile]
209
+ opts[:visited_profiles] ||= Set.new
208
210
  opts[:credentials] = resolve_source_profile(opts[:source_profile], opts)
209
211
  if opts[:credentials]
210
212
  opts[:role_session_name] ||= prof_cfg['role_session_name']
@@ -214,6 +216,7 @@ module Aws
214
216
  opts[:external_id] ||= prof_cfg['external_id']
215
217
  opts[:serial_number] ||= prof_cfg['mfa_serial']
216
218
  opts[:profile] = opts.delete(:source_profile)
219
+ opts.delete(:visited_profiles)
217
220
  AssumeRoleCredentials.new(opts)
218
221
  else
219
222
  raise Errors::NoSourceProfileError,
@@ -246,8 +249,21 @@ module Aws
246
249
  end
247
250
 
248
251
  def resolve_source_profile(profile, opts = {})
252
+ if opts[:visited_profiles] && opts[:visited_profiles].include?(profile)
253
+ raise Errors::SourceProfileCircularReferenceError
254
+ end
255
+ opts[:visited_profiles].add(profile) if opts[:visited_profiles]
256
+
257
+ profile_config = @parsed_credentials[profile]
258
+ if @config_enabled
259
+ profile_config ||= @parsed_config[profile]
260
+ end
261
+
249
262
  if (creds = credentials(profile: profile))
250
263
  creds # static credentials
264
+ elsif profile_config && profile_config['source_profile']
265
+ opts.delete(:source_profile)
266
+ assume_role_credentials_from_config(opts.merge(profile: profile))
251
267
  elsif (provider = assume_role_web_identity_credentials_from_config(opts.merge(profile: profile)))
252
268
  provider.credentials if provider.credentials.set?
253
269
  elsif (provider = assume_role_process_credentials_from_config(profile))
@@ -274,7 +290,10 @@ module Aws
274
290
 
275
291
  def assume_role_process_credentials_from_config(profile)
276
292
  validate_profile_exists(profile)
277
- credential_process = @parsed_config[profile]['credential_process']
293
+ credential_process = @parsed_credentials.fetch(profile, {})['credential_process']
294
+ if @parsed_config
295
+ credential_process ||= @parsed_config.fetch(profile, {})['credential_process']
296
+ end
278
297
  ProcessCredentials.new(credential_process) if credential_process
279
298
  end
280
299
 
@@ -14,11 +14,17 @@ module Aws
14
14
  'aws_session_token' => 'session_token',
15
15
  }
16
16
 
17
- # Constructs a new SharedCredentials object. This will load AWS access
17
+ # Constructs a new SharedCredentials object. This will load static
18
+ # (access_key_id, secret_access_key and session_token) AWS access
18
19
  # credentials from an ini file, which supports profiles. The default
19
20
  # profile name is 'default'. You can specify the profile name with the
20
21
  # `ENV['AWS_PROFILE']` or with the `:profile_name` option.
21
22
  #
23
+ # To use credentials from the default credential resolution chain
24
+ # create a client without the credential option specified.
25
+ # You may access the resolved credentials through
26
+ # `client.config.credentials`.
27
+ #
22
28
  # @option [String] :path Path to the shared file. Defaults
23
29
  # to "#{Dir.home}/.aws/credentials".
24
30
  #
@@ -8,8 +8,7 @@ module Aws
8
8
  # AWS CLI with the correct profile.
9
9
  #
10
10
  # For more background on AWS SSO see the official
11
- # {what is SSO}[https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html]
12
- # page.
11
+ # {https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html what is SSO Userguide}
13
12
  #
14
13
  # ## Refreshing Credentials from SSO
15
14
  #
@@ -64,6 +63,11 @@ module Aws
64
63
  #
65
64
  # @option options [SSO::Client] :client Optional `SSO::Client`. If not
66
65
  # provided, a client will be constructed.
66
+ #
67
+ # @option options [Callable] before_refresh Proc called before
68
+ # credentials are refreshed. `before_refresh` is called
69
+ # with an instance of this object when
70
+ # AWS credentials are required and need to be refreshed.
67
71
  def initialize(options = {})
68
72
 
69
73
  missing_keys = SSO_REQUIRED_OPTS.select { |k| options[k].nil? }
@@ -82,6 +86,7 @@ module Aws
82
86
  options[:region] = @sso_region
83
87
  options[:credentials] = nil
84
88
  @client = options[:client] || Aws::SSO::Client.new(options)
89
+ @async_refresh = true
85
90
  super
86
91
  end
87
92
 
@@ -101,7 +106,7 @@ module Aws
101
106
  raise ArgumentError, 'Cached SSO Token is expired.'
102
107
  end
103
108
  cached_token
104
- rescue Aws::Json::ParseError, ArgumentError
109
+ rescue Errno::ENOENT, Aws::Json::ParseError, ArgumentError
105
110
  raise Errors::InvalidSSOCredentials, SSO_LOGIN_GUIDANCE
106
111
  end
107
112
 
@@ -70,11 +70,20 @@ module Aws
70
70
  end
71
71
 
72
72
  end
73
+
74
+ module Union
75
+ def member
76
+ self.members.select { |k| self[k] != nil }.first
77
+ end
78
+
79
+ def value
80
+ self[member] if member
81
+ end
82
+ end
73
83
  end
74
84
 
75
85
  # @api private
76
86
  class EmptyStructure < Struct.new('AwsEmptyStructure')
77
87
  include(Aws::Structure)
78
88
  end
79
-
80
89
  end
@@ -16,7 +16,7 @@ module Aws
16
16
  Ox.sax_parse(
17
17
  @stack, StringIO.new(xml),
18
18
  :convert_special => true,
19
- :skip => :skip_white
19
+ :skip => :skip_return
20
20
  )
21
21
  end
22
22
 
@@ -1,16 +1,8 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- use_system_rexml = ((RUBY_VERSION <=> "2.0.0") < 0)
4
- if use_system_rexml
5
- require "rbconfig"
6
- $LOAD_PATH.unshift(RbConfig::CONFIG["rubylibdir"])
7
- end
8
-
9
3
  require 'rexml/document'
10
4
  require 'rexml/streamlistener'
11
5
 
12
- $LOAD_PATH.shift if use_system_rexml
13
-
14
6
  module Aws
15
7
  module Xml
16
8
  class Parser
@@ -95,6 +95,8 @@ module Aws
95
95
  def child_frame(xml_name)
96
96
  if @member = @members[xml_name]
97
97
  Frame.new(xml_name, self, @member[:ref])
98
+ elsif @ref.shape.union
99
+ UnknownMemberFrame.new(xml_name, self, nil, @result)
98
100
  else
99
101
  NullFrame.new(xml_name, self)
100
102
  end
@@ -106,10 +108,24 @@ module Aws
106
108
  @result[@member[:name]][child.key.result] = child.value.result
107
109
  when FlatListFrame
108
110
  @result[@member[:name]] << child.result
111
+ when UnknownMemberFrame
112
+ @result[:unknown] = { 'name' => child.path.last, 'value' => child.result }
109
113
  when NullFrame
110
114
  else
111
115
  @result[@member[:name]] = child.result
112
116
  end
117
+
118
+ if @ref.shape.union
119
+ # a union may only have one member set
120
+ # convert to the union subclass
121
+ # The default Struct created will have defaults set for all values
122
+ # This also sets only one of the values leaving everything else nil
123
+ # as required for unions
124
+ set_member_name = @member ? @member[:name] : :unknown
125
+ member_subclass = @ref.shape.member_subclass(set_member_name).new # shape.member_subclass(target.member).new
126
+ member_subclass[set_member_name] = @result[set_member_name]
127
+ @result = member_subclass
128
+ end
113
129
  end
114
130
 
115
131
  private
@@ -242,6 +258,12 @@ module Aws
242
258
  end
243
259
  end
244
260
 
261
+ class UnknownMemberFrame < Frame
262
+ def result
263
+ @text.join
264
+ end
265
+ end
266
+
245
267
  class BlobFrame < Frame
246
268
  def result
247
269
  @text.empty? ? nil : Base64.decode64(@text.join)
@@ -302,6 +324,7 @@ module Aws
302
324
  MapShape => MapFrame,
303
325
  StringShape => StringFrame,
304
326
  StructureShape => StructureFrame,
327
+ UnionShape => StructureFrame,
305
328
  TimestampShape => TimestampFrame,
306
329
  }
307
330
 
data/lib/aws-sdk-core.rb CHANGED
@@ -88,6 +88,12 @@ require_relative 'aws-sdk-core/arn'
88
88
  require_relative 'aws-sdk-core/arn_parser'
89
89
  require_relative 'aws-sdk-core/ec2_metadata'
90
90
 
91
+ # defaults
92
+ require_relative 'aws-defaults'
93
+
94
+ # plugins
95
+ # loaded through building STS or SSO ..
96
+
91
97
  # aws-sdk-sts is included to support Aws::AssumeRoleCredentials
92
98
  require_relative 'aws-sdk-sts'
93
99
 
@@ -27,9 +27,11 @@ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
27
27
  require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
28
28
  require 'aws-sdk-core/plugins/transfer_encoding.rb'
29
29
  require 'aws-sdk-core/plugins/http_checksum.rb'
30
+ require 'aws-sdk-core/plugins/checksum_algorithm.rb'
31
+ require 'aws-sdk-core/plugins/defaults_mode.rb'
32
+ require 'aws-sdk-core/plugins/recursion_detection.rb'
30
33
  require 'aws-sdk-core/plugins/signature_v4.rb'
31
34
  require 'aws-sdk-core/plugins/protocols/rest_json.rb'
32
- require 'aws-sdk-sso/plugins/content_type.rb'
33
35
 
34
36
  Aws::Plugins::GlobalConfiguration.add_identifier(:sso)
35
37
 
@@ -74,9 +76,11 @@ module Aws::SSO
74
76
  add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
75
77
  add_plugin(Aws::Plugins::TransferEncoding)
76
78
  add_plugin(Aws::Plugins::HttpChecksum)
79
+ add_plugin(Aws::Plugins::ChecksumAlgorithm)
80
+ add_plugin(Aws::Plugins::DefaultsMode)
81
+ add_plugin(Aws::Plugins::RecursionDetection)
77
82
  add_plugin(Aws::Plugins::SignatureV4)
78
83
  add_plugin(Aws::Plugins::Protocols::RestJson)
79
- add_plugin(Aws::SSO::Plugins::ContentType)
80
84
 
81
85
  # @overload initialize(options)
82
86
  # @param [Hash] options
@@ -121,7 +125,9 @@ module Aws::SSO
121
125
  # * EC2/ECS IMDS instance profile - When used by default, the timeouts
122
126
  # are very aggressive. Construct and pass an instance of
123
127
  # `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
124
- # enable retries and extended timeouts.
128
+ # enable retries and extended timeouts. Instance profile credential
129
+ # fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED']
130
+ # to true.
125
131
  #
126
132
  # @option options [required, String] :region
127
133
  # The AWS region to connect to. The configured `:region` is
@@ -175,6 +181,10 @@ module Aws::SSO
175
181
  # Used only in `standard` and adaptive retry modes. Specifies whether to apply
176
182
  # a clock skew correction and retry requests with skewed client clocks.
177
183
  #
184
+ # @option options [String] :defaults_mode ("legacy")
185
+ # See {Aws::DefaultsModeConfiguration} for a list of the
186
+ # accepted modes and the configuration defaults that are included.
187
+ #
178
188
  # @option options [Boolean] :disable_host_prefix_injection (false)
179
189
  # Set to true to disable SDK automatically adding host prefix
180
190
  # to default service endpoint when available.
@@ -277,6 +287,15 @@ module Aws::SSO
277
287
  # ** Please note ** When response stubbing is enabled, no HTTP
278
288
  # requests are made, and retries are disabled.
279
289
  #
290
+ # @option options [Boolean] :use_dualstack_endpoint
291
+ # When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
292
+ # will be used if available.
293
+ #
294
+ # @option options [Boolean] :use_fips_endpoint
295
+ # When set to `true`, fips compatible endpoints will be used if available.
296
+ # When a `fips` region is used, the region is normalized and this config
297
+ # is set to `true`.
298
+ #
280
299
  # @option options [Boolean] :validate_params (true)
281
300
  # When `true`, request parameters are validated before
282
301
  # sending the request.
@@ -288,7 +307,7 @@ module Aws::SSO
288
307
  # seconds to wait when opening a HTTP session before raising a
289
308
  # `Timeout::Error`.
290
309
  #
291
- # @option options [Integer] :http_read_timeout (60) The default
310
+ # @option options [Float] :http_read_timeout (60) The default
292
311
  # number of seconds to wait for response data. This value can
293
312
  # safely be set per-request on the session.
294
313
  #
@@ -304,6 +323,9 @@ module Aws::SSO
304
323
  # disables this behaviour. This value can safely be set per
305
324
  # request on the session.
306
325
  #
326
+ # @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
327
+ # in seconds.
328
+ #
307
329
  # @option options [Boolean] :http_wire_trace (false) When `true`,
308
330
  # HTTP debug output will be sent to the `:logger`.
309
331
  #
@@ -523,7 +545,7 @@ module Aws::SSO
523
545
  params: params,
524
546
  config: config)
525
547
  context[:gem_name] = 'aws-sdk-core'
526
- context[:gem_version] = '3.114.1'
548
+ context[:gem_version] = '3.130.1'
527
549
  Seahorse::Client::Request.new(handlers, context)
528
550
  end
529
551
 
data/lib/aws-sdk-sso.rb CHANGED
@@ -50,6 +50,6 @@ require_relative 'aws-sdk-sso/customizations'
50
50
  # @!group service
51
51
  module Aws::SSO
52
52
 
53
- GEM_VERSION = '3.114.1'
53
+ GEM_VERSION = '3.130.1'
54
54
 
55
55
  end