aws-sdk-core 3.117.0 → 3.197.2

data/lib/aws-sdk-sts.rb

@@ -15,9 +15,13 @@ end
 
 require_relative 'aws-sdk-sts/types'
 require_relative 'aws-sdk-sts/client_api'
+require_relative 'aws-sdk-sts/plugins/endpoints.rb'
 require_relative 'aws-sdk-sts/client'
 require_relative 'aws-sdk-sts/errors'
 require_relative 'aws-sdk-sts/resource'
+require_relative 'aws-sdk-sts/endpoint_parameters'
+require_relative 'aws-sdk-sts/endpoint_provider'
+require_relative 'aws-sdk-sts/endpoints'
 require_relative 'aws-sdk-sts/customizations'
 
 # This module provides support for AWS Security Token Service. This module is available in the
@@ -50,6 +54,6 @@ require_relative 'aws-sdk-sts/customizations'
 # @!group service
 module Aws::STS
 
-  GEM_VERSION = '3.117.0'
+  GEM_VERSION = '3.197.2'
 
 end

data/lib/seahorse/client/async_base.rb

@@ -5,12 +5,12 @@ module Seahorse
     class AsyncBase < Seahorse::Client::Base
 
       # default H2 plugins
+      # @api private
       @plugins = PluginList.new([
         Plugins::Endpoint,
         Plugins::H2,
         Plugins::ResponseTarget
       ])
-
       def initialize(plugins, options)
         super
         @connection = H2::Connection.new(options)
@@ -49,4 +49,3 @@ module Seahorse
     end
   end
 end
-

data/lib/seahorse/client/async_response.rb

@@ -12,24 +12,43 @@ module Seahorse
         @sync_queue = options[:sync_queue]
       end
 
+      # @return [RequestContext]
       def context
         @response.context
       end
 
+      # @return [StandardError, nil]
       def error
         @response.error
       end
 
+      # @overload on(status_code, &block)
+      #   @param [Integer] status_code The block will be
+      #     triggered only for responses with the given status code.
+      #
+      # @overload on(status_code_range, &block)
+      #   @param [Range<Integer>] status_code_range The block will be
+      #     triggered only for responses with a status code that falls
+      #     witin the given range.
+      #
+      # @return [self]
       def on(range, &block)
         @response.on(range, &block)
         self
       end
 
+      # @api private
       def on_complete(&block)
         @response.on_complete(&block)
         self
       end
 
+      # @return [Boolean] Returns `true` if the response is complete with
+      #   no error.
+      def successful?
+        @response.error.nil?
+      end
+
       def wait
         if error && context.config.raise_response_errors
           raise error

data/lib/seahorse/client/base.rb

@@ -9,6 +9,7 @@ module Seahorse
       include HandlerBuilder
 
       # default plugins
+      # @api private
       @plugins = PluginList.new([
         Plugins::Endpoint,
         Plugins::NetHttp,

data/lib/seahorse/client/configuration.rb

@@ -68,7 +68,7 @@ module Seahorse
           @block = block
         end
 
-        def call(*args) 
+        def call(*args)
           @block.call(*args)
         end
       end
@@ -195,15 +195,15 @@ module Seahorse
           @members.include?(method_name) or super
         end
 
+        def override_config(k, v)
+          @struct[k] = v
+        end
+
         private
 
         def value_at(opt_name)
           value = @struct[opt_name]
           if value.is_a?(Defaults)
-            # this config value is used by endpoint discovery
-            if opt_name == :endpoint && @struct.members.include?(:regional_endpoint)
-              @struct[:regional_endpoint] = true
-            end
             resolve_defaults(opt_name, value)
           else
             value

data/lib/seahorse/client/h2/connection.rb

@@ -1,10 +1,8 @@
 # frozen_string_literal: true
 
-if RUBY_VERSION >= '2.1'
-  begin
-    require 'http/2'
-  rescue LoadError; end
-end
+begin
+  require 'http/2'
+rescue LoadError; end
 require 'openssl'
 require 'socket'
 
@@ -45,7 +43,9 @@ module Seahorse
           @h2_client = HTTP2::Client.new(
             settings_max_concurrent_streams: max_concurrent_streams
           )
-          @logger = options[:logger] || Logger.new($stdout) if @http_wire_trace
+          @logger = if @http_wire_trace
+            options[:logger] || Logger.new($stdout)
+          end
           @chunk_size = options[:read_chunk_size] || CHUNKSIZE
           @errors = []
           @status = :ready
@@ -106,7 +106,7 @@ module Seahorse
           @mutex.synchronize {
             return if @socket_thread
             @socket_thread = Thread.new do
-              while !@socket.closed?
+              while @socket && !@socket.closed?
                 begin
                   data = @socket.read_nonblock(@chunk_size)
                   @h2_client << data
@@ -132,6 +132,7 @@ module Seahorse
                   self.close!
                 end
               end
+              @socket_thread = nil
             end
             @socket_thread.abort_on_exception = true
           }
@@ -144,10 +145,6 @@ module Seahorse
               @socket.close
               @socket = nil
             end
-            if @socket_thread
-              Thread.kill(@socket_thread)
-              @socket_thread = nil
-            end
             @status = :closed
           }
         end
@@ -185,11 +182,13 @@ module Seahorse
               @socket.flush
             end
           end
-          @h2_client.on(:frame_sent) do |frame|
-            debug_output("frame: #{frame.inspect}", :send)
-          end
-          @h2_client.on(:frame_received) do |frame|
-            debug_output("frame: #{frame.inspect}", :receive)
+          if @http_wire_trace
+            @h2_client.on(:frame_sent) do |frame|
+              debug_output("frame: #{frame.inspect}", :send)
+            end
+            @h2_client.on(:frame_received) do |frame|
+              debug_output("frame: #{frame.inspect}", :receive)
+            end
           end
         end
 

data/lib/seahorse/client/h2/handler.rb

@@ -1,10 +1,9 @@
 # frozen_string_literal: true
 
-if RUBY_VERSION >= '2.1'
-  begin
-    require 'http/2'
-  rescue LoadError; end
-end
+begin
+  require 'http/2'
+rescue LoadError; end
+
 require 'securerandom'
 
 module Seahorse
@@ -127,6 +126,7 @@ module Seahorse
         # https://http2.github.io/http2-spec/#rfc.section.8.1.2.3
         def _h2_headers(req)
           headers = {}
+          headers[':authority'] = req.endpoint.host
           headers[':method'] = req.http_method.upcase
           headers[':scheme'] = req.endpoint.scheme
           headers[':path'] = req.endpoint.path.empty? ? '/' : req.endpoint.path

data/lib/seahorse/client/net_http/connection_pool.rb

@@ -34,6 +34,7 @@ module Seahorse
           ssl_ca_bundle: nil,
           ssl_ca_directory: nil,
           ssl_ca_store: nil,
+          ssl_timeout: nil
         }
 
         # @api private
@@ -118,11 +119,7 @@ module Seahorse
         #   pool, not counting those currently in use.
         def size
           @pool_mutex.synchronize do
-            size = 0
-            @pool.each_pair do |endpoint,sessions|
-              size += sessions.size
-            end
-            size
+            @pool.values.flatten.size
           end
         end
 
@@ -141,9 +138,7 @@ module Seahorse
         # @return [nil]
         def empty!
           @pool_mutex.synchronize do
-            @pool.each_pair do |endpoint,sessions|
-              sessions.each(&:finish)
-            end
+            @pool.values.flatten.map(&:finish)
             @pool.clear
           end
           nil
@@ -187,6 +182,9 @@ module Seahorse
           #   disables this behaviour.  This value can safely be set per
           #   request on the session yielded by {#session_for}.
           #
+          # @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
+          #   in seconds.
+          #
           # @option options [Boolean] :http_wire_trace (false) When `true`,
           #   HTTP debug output will be sent to the `:logger`.
           #
@@ -248,6 +246,7 @@ module Seahorse
               :ssl_ca_bundle => options[:ssl_ca_bundle],
               :ssl_ca_directory => options[:ssl_ca_directory],
               :ssl_ca_store => options[:ssl_ca_store],
+              :ssl_timeout => options[:ssl_timeout]
             }
           end
 
@@ -285,6 +284,8 @@ module Seahorse
 
           if endpoint.scheme == 'https'
             http.use_ssl = true
+            http.ssl_timeout = ssl_timeout
+
             if ssl_verify_peer?
               http.verify_mode = OpenSSL::SSL::VERIFY_PEER
               http.ca_file = ssl_ca_bundle if ssl_ca_bundle
@@ -305,7 +306,7 @@ module Seahorse
         # @note **Must** be called behind a `@pool_mutex` synchronize block.
         def _clean
           now = Aws::Util.monotonic_milliseconds
-          @pool.each_pair do |endpoint,sessions|
+          @pool.values.each do |sessions|
             sessions.delete_if do |session|
               if session.last_used.nil? or now - session.last_used > http_idle_timeout * 1000
                 session.finish

data/lib/seahorse/client/net_http/handler.rb

@@ -74,8 +74,9 @@ module Seahorse
         # @return [void]
         def transmit(config, req, resp)
           session(config, req) do |http|
+            # Monkey patch default content-type set by Net::HTTP
+            Thread.current[:net_http_skip_default_content_type] = true
             http.request(build_net_request(req)) do |net_resp|
-
               status_code = net_resp.code.to_i
               headers = extract_headers(net_resp)
 
@@ -96,6 +97,9 @@ module Seahorse
         rescue => error
           # not retryable
           resp.signal_error(error)
+        ensure
+          # ensure we turn off monkey patch in case of error
+          Thread.current[:net_http_skip_default_content_type] = nil
         end
 
         def complete_response(req, resp, bytes_received)
@@ -147,7 +151,12 @@ module Seahorse
         def build_net_request(request)
           request_class = net_http_request_class(request)
           req = request_class.new(request.endpoint.request_uri, headers(request))
-          req.body_stream = request.body
+          # Net::HTTP adds a default Content-Type when a body is present.
+          # Set the body stream when it has an unknown size or when it is > 0.
+          if !request.body.respond_to?(:size) ||
+             (request.body.respond_to?(:size) && request.body.size > 0)
+            req.body_stream = request.body
+          end
           req
         end
 
@@ -166,14 +175,13 @@ module Seahorse
         # @return [Hash] Returns a vanilla hash of headers to send with the
         #   HTTP request.
         def headers(request)
-          # Net::HTTP adds default headers for content-type to POSTs (1.8.7+)
-          # and accept-encoding (2.0.0+). Setting a default empty value defeats
-          # this.
+          # Net::HTTP adds a default header for accept-encoding (2.0.0+).
+          # Setting a default empty value defeats this.
           #
-          # Removing these are necessary for most services to not break request
+          # Removing this is necessary for most services to not break request
           # signatures as well as dynamodb crc32 checks (these fail if the
           # response is gzipped).
-          headers = { 'content-type' => '', 'accept-encoding' => '' }
+          headers = { 'accept-encoding' => '' }
           request.headers.each_pair do |key, value|
             headers[key] = value
           end

data/lib/seahorse/client/net_http/patches.rb

@@ -11,97 +11,23 @@ module Seahorse
       module Patches
 
         def self.apply!
-          return unless RUBY_VERSION < '2.5'
-          if RUBY_VERSION >= '2.3'
-            Net::HTTP::IDEMPOTENT_METHODS_.clear
-            return
-          end
-          # no further patches needed for above versions
-
-          if RUBY_VERSION >= '2.0'
-            Net::HTTP.send(:include, Ruby_2)
-            Net::HTTP::IDEMPOTENT_METHODS_.clear
-          elsif RUBY_VERSION >= '1.9.3'
-            Net::HTTP.send(:include, Ruby_1_9_3)
-          end
-          Net::HTTP.send(:alias_method, :old_transport_request, :transport_request)
-          Net::HTTP.send(:alias_method, :transport_request, :new_transport_request)
+          Net::HTTPGenericRequest.prepend(PatchDefaultContentType)
         end
 
-        module Ruby_2
-          def new_transport_request(req)
-            count = 0
-            begin
-              begin_transport req
-              res = catch(:response) {
-                req.exec @socket, @curr_http_version, edit_path(req.path)
-                begin
-                  res = Net::HTTPResponse.read_new(@socket)
-                  res.decode_content = req.decode_content
-                end while res.kind_of?(Net::HTTPInformation)
-
-                res.uri = req.uri
-
-                res
-              }
-              res.reading_body(@socket, req.response_body_permitted?) {
-                yield res if block_given?
-              }
-            rescue Net::OpenTimeout
-              raise
-            rescue Net::ReadTimeout, IOError, EOFError,
-                   Errno::ECONNRESET, Errno::ECONNABORTED, Errno::EPIPE,
-                   # avoid a dependency on OpenSSL
-                   defined?(OpenSSL::SSL) ? OpenSSL::SSL::SSLError : IOError,
-                   Timeout::Error => exception
-              if count == 0 && Net::HTTP::IDEMPOTENT_METHODS_.include?(req.method)
-                count += 1
-                @socket.close if @socket and not @socket.closed?
-                D "Conn close because of error #{exception}, and retry"
-                if req.body_stream
-                  if req.body_stream.respond_to?(:rewind)
-                    req.body_stream.rewind
-                  else
-                    raise
-                  end
-                end
-                retry
-              end
-              D "Conn close because of error #{exception}"
-              @socket.close if @socket and not @socket.closed?
-              raise
-            end
-
-            end_transport req, res
-            res
-          rescue => exception
-            D "Conn close because of error #{exception}"
-            @socket.close if @socket and not @socket.closed?
-            raise exception
+        # For requests with bodies, Net::HTTP sets a default content type of:
+        #   'application/x-www-form-urlencoded'
+        # There are cases where we should not send content type at all.
+        # Even when no body is supplied, Net::HTTP uses a default empty body
+        # and sets it anyway. This patch disables the behavior when a Thread
+        # local variable is set.
+        module PatchDefaultContentType
+          def supply_default_content_type
+            return if Thread.current[:net_http_skip_default_content_type]
+
+            super
           end
         end
 
-        module Ruby_1_9_3
-          def new_transport_request(req)
-            begin_transport req
-            res = catch(:response) {
-              req.exec @socket, @curr_http_version, edit_path(req.path)
-              begin
-                res = Net::HTTPResponse.read_new(@socket)
-              end while res.kind_of?(Net::HTTPContinue)
-              res
-            }
-            res.reading_body(@socket, req.response_body_permitted?) {
-              yield res if block_given?
-            }
-            end_transport req, res
-            res
-          rescue => exception
-            D "Conn close because of error #{exception}"
-            @socket.close if @socket and not @socket.closed?
-            raise exception
-          end
-        end
       end
     end
   end

data/lib/seahorse/client/plugin.rb

@@ -111,7 +111,15 @@ module Seahorse
 
         def initialize(name, options = {})
           @name = name
+          # prevent unstable object shapes by ensuring
+          # order and presence of instance variables
+          @default = nil
+          @default_block = nil
+          @required = nil
+          @doc_type = nil
           @doc_default = nil
+          @docstring = nil
+          @rbs_type = nil
           options.each_pair do |opt_name, opt_value|
             self.send("#{opt_name}=", opt_value)
           end
@@ -124,6 +132,7 @@ module Seahorse
         attr_accessor :doc_type
         attr_writer :doc_default
         attr_accessor :docstring
+        attr_accessor :rbs_type
 
         def doc_default(options)
           if @doc_default.nil? && !default.is_a?(Proc)

data/lib/seahorse/client/plugins/content_length.rb

@@ -7,16 +7,22 @@ module Seahorse
 
         # @api private
         class Handler < Client::Handler
+          # https://github.com/ruby/net-http/blob/master/lib/net/http/requests.rb
+          # Methods without body are forwards compatible, because content-length
+          # may be set for requests without body but is technically incorrect.
+          METHODS_WITHOUT_BODY = Set.new(
+            %w[GET HEAD DELETE OPTIONS TRACE COPY MOVE]
+          )
 
           def call(context)
-            # If it's an IO object and not a File / String / String IO
-            if context.http_request.body.respond_to?(:size)
-              length = context.http_request.body.size
-              context.http_request.headers['Content-Length'] = length
+            body = context.http_request.body
+            method = context.http_request.http_method
+            # We use Net::HTTP with body_stream which doesn't do this by default
+            if body.respond_to?(:size) && !METHODS_WITHOUT_BODY.include?(method)
+              context.http_request.headers['Content-Length'] = body.size
             end
             @handler.call(context)
           end
-
         end
 
         handler(Handler, step: :sign, priority: 0)

data/lib/seahorse/client/plugins/h2.rb

@@ -54,9 +54,9 @@ When `true`, HTTP2 debug output will be sent to the `:logger`.
         DOCS
 
         option(:enable_alpn, default: false, doc_type: 'Boolean', docstring: <<-DOCS)
-Setting to `true` to enable ALPN in HTTP2 over TLS, requires Ruby version >= 2.3 and
-Openssl version >= 1.0.2. Defaults to false. Note: not all service HTTP2 operations
-supports ALPN on server side, please refer to service documentation.
+Set to `true` to enable ALPN in HTTP2 over TLS. Requires Openssl version >= 1.0.2.
+Defaults to false. Note: not all service HTTP2 operations supports ALPN on server
+side, please refer to service documentation.
         DOCS
 
         option(:logger)

data/lib/seahorse/client/plugins/net_http.rb

@@ -7,33 +7,96 @@ module Seahorse
     module Plugins
       class NetHttp < Plugin
 
-        option(:http_proxy, default: nil, doc_type: String, docstring: '')
+        option(:http_proxy, default: nil, doc_type: "URI::HTTP,String", docstring: <<-DOCS)
+A proxy to send requests through.  Formatted like 'http://proxy.com:123'.
+        DOCS
 
-        option(:http_open_timeout, default: 15, doc_type: Integer, docstring: '')
+        option(:http_open_timeout, default: 15, doc_type: Float, docstring: <<-DOCS) do |cfg|
+The default number of seconds to wait for response data.
+This value can safely be set per-request on the session.
+        DOCS
+          resolve_http_open_timeout(cfg)
+        end
 
-        option(:http_read_timeout, default: 60, doc_type: Integer, docstring: '')
+        option(:http_read_timeout, default: 60, doc_type: Float, docstring: <<-DOCS) do |cfg|
+The default number of seconds to wait for response data.
+This value can safely be set per-request on the session.
+        DOCS
+          resolve_http_read_timeout(cfg)
+        end
 
-        option(:http_idle_timeout, default: 5, doc_type: Integer, docstring: '')
+        option(:http_idle_timeout, default: 5, doc_type: Float, docstring: <<-DOCS)
+The number of seconds a connection is allowed to sit idle before it 
+is considered stale.  Stale connections are closed and removed from the 
+pool before making a request.
+        DOCS
 
-        option(:http_continue_timeout, default: 1, doc_type: Integer, docstring: '')
+        option(:http_continue_timeout, default: 1, doc_type: Float, docstring: <<-DOCS)
+The number of seconds to wait for a 100-continue response before sending the 
+request body.  This option has no effect unless the request has "Expect"
+header set to "100-continue".  Defaults to `nil` which  disables this 
+behaviour.  This value can safely be set per request on the session.
+          DOCS
 
-        option(:http_wire_trace, default: false, doc_type: 'Boolean', docstring: '')
+        option(:http_wire_trace, default: false, doc_type: 'Boolean', docstring: <<-DOCS)
+When `true`,  HTTP debug output will be sent to the `:logger`.
+        DOCS
 
-        option(:ssl_verify_peer, default: true, doc_type: 'Boolean', docstring: '')
+        option(:ssl_verify_peer, default: true, doc_type: 'Boolean', docstring: <<-DOCS)
+When `true`, SSL peer certificates are verified when establishing a connection.
+        DOCS
 
-        option(:ssl_ca_bundle, doc_type: String, docstring: '') do |cfg|
+        option(:ssl_ca_bundle, doc_type: String, docstring: <<-DOCS) do |cfg|
+Full path to the SSL certificate authority bundle file that should be used when 
+verifying peer certificates.  If you do not pass `:ssl_ca_bundle` or 
+`:ssl_ca_directory` the the system default will be used if available.       
+        DOCS
           ENV['AWS_CA_BUNDLE'] ||
             Aws.shared_config.ca_bundle(profile: cfg.profile) if cfg.respond_to?(:profile)
         end
 
-        option(:ssl_ca_directory, default: nil, doc_type: String, docstring: '')
+        option(:ssl_ca_directory, default: nil, doc_type: String, docstring: <<-DOCS)
+Full path of the directory that contains the unbundled SSL certificate 
+authority files for verifying peer certificates.  If you do 
+not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the system 
+default will be used if available.
+        DOCS
 
-        option(:ssl_ca_store, default: nil, doc_type: String, docstring: '')
+        option(:ssl_ca_store, default: nil, doc_type: String, docstring: <<-DOCS)
+Sets the X509::Store to verify peer certificate.
+        DOCS
+
+        option(:ssl_timeout, default: nil, doc_type: Float, docstring: 'Sets the SSL timeout in seconds') do |cfg|
+          resolve_ssl_timeout(cfg)
+        end
 
         option(:logger) # for backwards compat
 
         handler(Client::NetHttp::Handler, step: :send)
 
+        def self.resolve_http_open_timeout(cfg)
+          default_mode_value =
+            if cfg.respond_to?(:defaults_mode_config_resolver)
+              cfg.defaults_mode_config_resolver.resolve(:http_open_timeout)
+            end
+          default_mode_value || 15
+        end
+
+        def self.resolve_http_read_timeout(cfg)
+          default_mode_value =
+            if cfg.respond_to?(:defaults_mode_config_resolver)
+              cfg.defaults_mode_config_resolver.resolve(:http_read_timeout)
+            end
+          default_mode_value || 60
+        end
+
+        def self.resolve_ssl_timeout(cfg)
+          default_mode_value =
+            if cfg.respond_to?(:defaults_mode_config_resolver)
+              cfg.defaults_mode_config_resolver.resolve(:ssl_timeout)
+            end
+          default_mode_value || nil
+        end
       end
     end
   end