aws-sdk-core 3.122.0 → 3.180.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +505 -0
- data/VERSION +1 -1
- data/lib/aws-defaults/default_configuration.rb +153 -0
- data/lib/aws-defaults/defaults_mode_config_resolver.rb +107 -0
- data/lib/aws-defaults.rb +3 -0
- data/lib/aws-sdk-core/arn.rb +13 -0
- data/lib/aws-sdk-core/assume_role_credentials.rb +21 -7
- data/lib/aws-sdk-core/assume_role_web_identity_credentials.rb +14 -10
- data/lib/aws-sdk-core/binary/encode_handler.rb +12 -1
- data/lib/aws-sdk-core/client_stubs.rb +5 -1
- data/lib/aws-sdk-core/credential_provider.rb +3 -0
- data/lib/aws-sdk-core/credential_provider_chain.rb +8 -5
- data/lib/aws-sdk-core/ec2_metadata.rb +3 -2
- data/lib/aws-sdk-core/ecs_credentials.rb +121 -53
- data/lib/aws-sdk-core/endpoints/condition.rb +41 -0
- data/lib/aws-sdk-core/endpoints/endpoint.rb +17 -0
- data/lib/aws-sdk-core/endpoints/endpoint_rule.rb +75 -0
- data/lib/aws-sdk-core/endpoints/error_rule.rb +42 -0
- data/lib/aws-sdk-core/endpoints/function.rb +80 -0
- data/lib/aws-sdk-core/endpoints/matchers.rb +127 -0
- data/lib/aws-sdk-core/endpoints/reference.rb +31 -0
- data/lib/aws-sdk-core/endpoints/rule.rb +25 -0
- data/lib/aws-sdk-core/endpoints/rule_set.rb +52 -0
- data/lib/aws-sdk-core/endpoints/rules_provider.rb +37 -0
- data/lib/aws-sdk-core/endpoints/templater.rb +58 -0
- data/lib/aws-sdk-core/endpoints/tree_rule.rb +45 -0
- data/lib/aws-sdk-core/endpoints/url.rb +60 -0
- data/lib/aws-sdk-core/endpoints.rb +78 -0
- data/lib/aws-sdk-core/errors.rb +14 -1
- data/lib/aws-sdk-core/ini_parser.rb +1 -1
- data/lib/aws-sdk-core/instance_profile_credentials.rb +85 -14
- data/lib/aws-sdk-core/json/error_handler.rb +20 -1
- data/lib/aws-sdk-core/log/formatter.rb +6 -0
- data/lib/aws-sdk-core/pageable_response.rb +81 -32
- data/lib/aws-sdk-core/plugins/bearer_authorization.rb +67 -0
- data/lib/aws-sdk-core/plugins/checksum_algorithm.rb +340 -0
- data/lib/aws-sdk-core/plugins/credentials_configuration.rb +27 -1
- data/lib/aws-sdk-core/plugins/defaults_mode.rb +40 -0
- data/lib/aws-sdk-core/plugins/endpoint_discovery.rb +6 -2
- data/lib/aws-sdk-core/plugins/http_checksum.rb +8 -1
- data/lib/aws-sdk-core/plugins/jsonvalue_converter.rb +34 -6
- data/lib/aws-sdk-core/plugins/recursion_detection.rb +38 -0
- data/lib/aws-sdk-core/plugins/regional_endpoint.rb +111 -30
- data/lib/aws-sdk-core/plugins/request_compression.rb +217 -0
- data/lib/aws-sdk-core/plugins/response_paging.rb +1 -1
- data/lib/aws-sdk-core/plugins/retries/error_inspector.rb +7 -4
- data/lib/aws-sdk-core/plugins/retry_errors.rb +21 -5
- data/lib/aws-sdk-core/plugins/sign.rb +201 -0
- data/lib/aws-sdk-core/plugins/signature_v2.rb +1 -0
- data/lib/aws-sdk-core/plugins/signature_v4.rb +15 -8
- data/lib/aws-sdk-core/plugins/stub_responses.rb +5 -1
- data/lib/aws-sdk-core/plugins/user_agent.rb +117 -14
- data/lib/aws-sdk-core/process_credentials.rb +9 -11
- data/lib/aws-sdk-core/refreshing_credentials.rb +41 -16
- data/lib/aws-sdk-core/refreshing_token.rb +71 -0
- data/lib/aws-sdk-core/rest/handler.rb +1 -1
- data/lib/aws-sdk-core/rest/request/headers.rb +14 -6
- data/lib/aws-sdk-core/rest/response/headers.rb +2 -0
- data/lib/aws-sdk-core/shared_config.rb +103 -12
- data/lib/aws-sdk-core/sso_credentials.rb +91 -50
- data/lib/aws-sdk-core/sso_token_provider.rb +135 -0
- data/lib/aws-sdk-core/static_token_provider.rb +14 -0
- data/lib/aws-sdk-core/structure.rb +6 -4
- data/lib/aws-sdk-core/stubbing/stub_data.rb +11 -0
- data/lib/aws-sdk-core/token.rb +31 -0
- data/lib/aws-sdk-core/token_provider.rb +15 -0
- data/lib/aws-sdk-core/token_provider_chain.rb +51 -0
- data/lib/aws-sdk-core/waiters/poller.rb +3 -1
- data/lib/aws-sdk-core/xml/error_handler.rb +7 -0
- data/lib/aws-sdk-core/xml/parser/engines/oga.rb +2 -0
- data/lib/aws-sdk-core/xml/parser/engines/ox.rb +1 -1
- data/lib/aws-sdk-core.rb +17 -0
- data/lib/aws-sdk-sso/client.rb +88 -13
- data/lib/aws-sdk-sso/endpoint_parameters.rb +66 -0
- data/lib/aws-sdk-sso/endpoint_provider.rb +51 -0
- data/lib/aws-sdk-sso/endpoints.rb +72 -0
- data/lib/aws-sdk-sso/plugins/endpoints.rb +76 -0
- data/lib/aws-sdk-sso/types.rb +8 -43
- data/lib/aws-sdk-sso.rb +5 -1
- data/lib/aws-sdk-ssooidc/client.rb +626 -0
- data/lib/aws-sdk-ssooidc/client_api.rb +216 -0
- data/lib/aws-sdk-ssooidc/customizations.rb +1 -0
- data/lib/aws-sdk-ssooidc/endpoint_parameters.rb +66 -0
- data/lib/aws-sdk-ssooidc/endpoint_provider.rb +51 -0
- data/lib/aws-sdk-ssooidc/endpoints.rb +58 -0
- data/lib/aws-sdk-ssooidc/errors.rb +290 -0
- data/lib/aws-sdk-ssooidc/plugins/endpoints.rb +74 -0
- data/lib/aws-sdk-ssooidc/resource.rb +26 -0
- data/lib/aws-sdk-ssooidc/types.rb +502 -0
- data/lib/aws-sdk-ssooidc.rb +59 -0
- data/lib/aws-sdk-sts/client.rb +394 -362
- data/lib/aws-sdk-sts/client_api.rb +10 -0
- data/lib/aws-sdk-sts/endpoint_parameters.rb +78 -0
- data/lib/aws-sdk-sts/endpoint_provider.rb +112 -0
- data/lib/aws-sdk-sts/endpoints.rb +136 -0
- data/lib/aws-sdk-sts/plugins/endpoints.rb +84 -0
- data/lib/aws-sdk-sts/plugins/sts_regional_endpoints.rb +5 -1
- data/lib/aws-sdk-sts/presigner.rb +13 -15
- data/lib/aws-sdk-sts/types.rb +154 -227
- data/lib/aws-sdk-sts.rb +5 -1
- data/lib/seahorse/client/async_base.rb +0 -1
- data/lib/seahorse/client/configuration.rb +1 -5
- data/lib/seahorse/client/h2/connection.rb +12 -11
- data/lib/seahorse/client/net_http/connection_pool.rb +7 -0
- data/lib/seahorse/client/plugins/net_http.rb +33 -2
- data/lib/seahorse/client/plugins/request_callback.rb +9 -9
- data/lib/seahorse/client/response.rb +6 -0
- data/lib/seahorse/model/operation.rb +6 -0
- data/lib/seahorse/util.rb +4 -0
- metadata +62 -8
@@ -0,0 +1,78 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative 'endpoints/rule'
|
4
|
+
require_relative 'endpoints/condition'
|
5
|
+
require_relative 'endpoints/endpoint_rule'
|
6
|
+
require_relative 'endpoints/endpoint'
|
7
|
+
require_relative 'endpoints/error_rule'
|
8
|
+
require_relative 'endpoints/function'
|
9
|
+
require_relative 'endpoints/matchers'
|
10
|
+
require_relative 'endpoints/reference'
|
11
|
+
require_relative 'endpoints/rules_provider'
|
12
|
+
require_relative 'endpoints/rule_set'
|
13
|
+
require_relative 'endpoints/templater'
|
14
|
+
require_relative 'endpoints/tree_rule'
|
15
|
+
require_relative 'endpoints/url'
|
16
|
+
|
17
|
+
module Aws
|
18
|
+
# @api private
|
19
|
+
module Endpoints
|
20
|
+
class << self
|
21
|
+
def resolve_auth_scheme(context, endpoint)
|
22
|
+
if endpoint && (auth_schemes = endpoint.properties['authSchemes'])
|
23
|
+
auth_scheme = auth_schemes.find do |scheme|
|
24
|
+
Aws::Plugins::Sign::SUPPORTED_AUTH_TYPES.include?(scheme['name'])
|
25
|
+
end
|
26
|
+
raise 'No supported auth scheme for this endpoint.' unless auth_scheme
|
27
|
+
|
28
|
+
merge_signing_defaults(auth_scheme, context.config)
|
29
|
+
else
|
30
|
+
default_auth_scheme(context)
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
private
|
35
|
+
|
36
|
+
def default_auth_scheme(context)
|
37
|
+
case default_api_authtype(context)
|
38
|
+
when 'v4', 'v4-unsigned-body'
|
39
|
+
auth_scheme = { 'name' => 'sigv4' }
|
40
|
+
merge_signing_defaults(auth_scheme, context.config)
|
41
|
+
when 's3', 's3v4'
|
42
|
+
auth_scheme = {
|
43
|
+
'name' => 'sigv4',
|
44
|
+
'disableDoubleEncoding' => true,
|
45
|
+
'disableNormalizePath' => true
|
46
|
+
}
|
47
|
+
merge_signing_defaults(auth_scheme, context.config)
|
48
|
+
when 'bearer'
|
49
|
+
{ 'name' => 'bearer' }
|
50
|
+
when 'none', nil
|
51
|
+
{ 'name' => 'none' }
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
def merge_signing_defaults(auth_scheme, config)
|
56
|
+
if %w[sigv4 sigv4a].include?(auth_scheme['name'])
|
57
|
+
auth_scheme['signingName'] ||= sigv4_name(config)
|
58
|
+
if auth_scheme['name'] == 'sigv4a'
|
59
|
+
auth_scheme['signingRegionSet'] ||= ['*']
|
60
|
+
else
|
61
|
+
auth_scheme['signingRegion'] ||= config.region
|
62
|
+
end
|
63
|
+
end
|
64
|
+
auth_scheme
|
65
|
+
end
|
66
|
+
|
67
|
+
def default_api_authtype(context)
|
68
|
+
context.config.api.operation(context.operation_name)['authtype'] ||
|
69
|
+
context.config.api.metadata['signatureVersion']
|
70
|
+
end
|
71
|
+
|
72
|
+
def sigv4_name(config)
|
73
|
+
config.api.metadata['signingName'] ||
|
74
|
+
config.api.metadata['endpointPrefix']
|
75
|
+
end
|
76
|
+
end
|
77
|
+
end
|
78
|
+
end
|
data/lib/aws-sdk-core/errors.rb
CHANGED
@@ -18,7 +18,7 @@ module Aws
|
|
18
18
|
@code = self.class.code
|
19
19
|
@context = context
|
20
20
|
@data = data
|
21
|
-
@message = message && !message.empty? ? message : self.class
|
21
|
+
@message = message && !message.empty? ? message : self.class.to_s
|
22
22
|
super(@message)
|
23
23
|
end
|
24
24
|
|
@@ -210,6 +210,19 @@ module Aws
|
|
210
210
|
# Raised when SSO Credentials are invalid
|
211
211
|
class InvalidSSOCredentials < RuntimeError; end
|
212
212
|
|
213
|
+
# Raised when SSO Token is invalid
|
214
|
+
class InvalidSSOToken < RuntimeError; end
|
215
|
+
|
216
|
+
# Raised when a client is unable to sign a request because
|
217
|
+
# the bearer token is not configured or available
|
218
|
+
class MissingBearerTokenError < RuntimeError
|
219
|
+
def initialize(*args)
|
220
|
+
msg = 'unable to sign request without token set'
|
221
|
+
super(msg)
|
222
|
+
end
|
223
|
+
end
|
224
|
+
|
225
|
+
|
213
226
|
# Raised when there is a circular reference in chained
|
214
227
|
# source_profiles
|
215
228
|
class SourceProfileCircularReferenceError < RuntimeError; end
|
@@ -17,7 +17,7 @@ module Aws
|
|
17
17
|
current_profile = named_profile[1] if named_profile
|
18
18
|
elsif current_profile
|
19
19
|
unless line.nil?
|
20
|
-
item = line.match(/^(.+?)\s*=\s*(
|
20
|
+
item = line.match(/^(.+?)\s*=\s*([^\s].*?)\s*$/)
|
21
21
|
prefix = line.match(/^(.+?)\s*=\s*$/)
|
22
22
|
end
|
23
23
|
if item && item[1].match(/^\s+/)
|
@@ -4,6 +4,11 @@ require 'time'
|
|
4
4
|
require 'net/http'
|
5
5
|
|
6
6
|
module Aws
|
7
|
+
# An auto-refreshing credential provider that loads credentials from
|
8
|
+
# EC2 instances.
|
9
|
+
#
|
10
|
+
# instance_credentials = Aws::InstanceProfileCredentials.new
|
11
|
+
# ec2 = Aws::EC2::Client.new(credentials: instance_credentials)
|
7
12
|
class InstanceProfileCredentials
|
8
13
|
include CredentialProvider
|
9
14
|
include RefreshingCredentials
|
@@ -63,6 +68,10 @@ module Aws
|
|
63
68
|
# @option options [Integer] :token_ttl Time-to-Live in seconds for EC2
|
64
69
|
# Metadata Token used for fetching Metadata Profile Credentials, defaults
|
65
70
|
# to 21600 seconds
|
71
|
+
# @option options [Callable] before_refresh Proc called before
|
72
|
+
# credentials are refreshed. `before_refresh` is called
|
73
|
+
# with an instance of this object when
|
74
|
+
# AWS credentials are required and need to be refreshed.
|
66
75
|
def initialize(options = {})
|
67
76
|
@retries = options[:retries] || 1
|
68
77
|
endpoint_mode = resolve_endpoint_mode(options)
|
@@ -74,6 +83,8 @@ module Aws
|
|
74
83
|
@backoff = backoff(options[:backoff])
|
75
84
|
@token_ttl = options[:token_ttl] || 21_600
|
76
85
|
@token = nil
|
86
|
+
@no_refresh_until = nil
|
87
|
+
@async_refresh = false
|
77
88
|
super
|
78
89
|
end
|
79
90
|
|
@@ -121,18 +132,48 @@ module Aws
|
|
121
132
|
end
|
122
133
|
|
123
134
|
def refresh
|
135
|
+
if @no_refresh_until && @no_refresh_until > Time.now
|
136
|
+
warn_expired_credentials
|
137
|
+
return
|
138
|
+
end
|
139
|
+
|
124
140
|
# Retry loading credentials up to 3 times is the instance metadata
|
125
141
|
# service is responding but is returning invalid JSON documents
|
126
142
|
# in response to the GET profile credentials call.
|
127
143
|
begin
|
128
144
|
retry_errors([Aws::Json::ParseError, StandardError], max_retries: 3) do
|
129
145
|
c = Aws::Json.load(get_credentials.to_s)
|
130
|
-
@credentials
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
135
|
-
|
146
|
+
if empty_credentials?(@credentials)
|
147
|
+
@credentials = Credentials.new(
|
148
|
+
c['AccessKeyId'],
|
149
|
+
c['SecretAccessKey'],
|
150
|
+
c['Token']
|
151
|
+
)
|
152
|
+
@expiration = c['Expiration'] ? Time.iso8601(c['Expiration']) : nil
|
153
|
+
if @expiration && @expiration < Time.now
|
154
|
+
@no_refresh_until = Time.now + refresh_offset
|
155
|
+
warn_expired_credentials
|
156
|
+
end
|
157
|
+
else
|
158
|
+
# credentials are already set, update them only if the new ones are not empty
|
159
|
+
if !c['AccessKeyId'] || c['AccessKeyId'].empty?
|
160
|
+
# error getting new credentials
|
161
|
+
@no_refresh_until = Time.now + refresh_offset
|
162
|
+
warn_expired_credentials
|
163
|
+
else
|
164
|
+
@credentials = Credentials.new(
|
165
|
+
c['AccessKeyId'],
|
166
|
+
c['SecretAccessKey'],
|
167
|
+
c['Token']
|
168
|
+
)
|
169
|
+
@expiration = c['Expiration'] ? Time.iso8601(c['Expiration']) : nil
|
170
|
+
if @expiration && @expiration < Time.now
|
171
|
+
@no_refresh_until = Time.now + refresh_offset
|
172
|
+
warn_expired_credentials
|
173
|
+
end
|
174
|
+
end
|
175
|
+
end
|
176
|
+
|
136
177
|
end
|
137
178
|
rescue Aws::Json::ParseError
|
138
179
|
raise Aws::Errors::MetadataParserError
|
@@ -153,10 +194,11 @@ module Aws
|
|
153
194
|
begin
|
154
195
|
retry_errors(NETWORK_ERRORS, max_retries: @retries) do
|
155
196
|
unless token_set?
|
197
|
+
created_time = Time.now
|
156
198
|
token_value, ttl = http_put(
|
157
199
|
conn, METADATA_TOKEN_PATH, @token_ttl
|
158
200
|
)
|
159
|
-
@token = Token.new(token_value, ttl) if token_value && ttl
|
201
|
+
@token = Token.new(token_value, ttl, created_time) if token_value && ttl
|
160
202
|
end
|
161
203
|
end
|
162
204
|
rescue *NETWORK_ERRORS
|
@@ -166,9 +208,17 @@ module Aws
|
|
166
208
|
end
|
167
209
|
|
168
210
|
token = @token.value if token_set?
|
169
|
-
|
170
|
-
|
171
|
-
|
211
|
+
|
212
|
+
begin
|
213
|
+
metadata = http_get(conn, METADATA_PATH_BASE, token)
|
214
|
+
profile_name = metadata.lines.first.strip
|
215
|
+
http_get(conn, METADATA_PATH_BASE + profile_name, token)
|
216
|
+
rescue TokenExpiredError
|
217
|
+
# Token has expired, reset it
|
218
|
+
# The next retry should fetch it
|
219
|
+
@token = nil
|
220
|
+
raise Non200Response
|
221
|
+
end
|
172
222
|
end
|
173
223
|
end
|
174
224
|
rescue
|
@@ -200,9 +250,15 @@ module Aws
|
|
200
250
|
headers = { 'User-Agent' => "aws-sdk-ruby3/#{CORE_GEM_VERSION}" }
|
201
251
|
headers['x-aws-ec2-metadata-token'] = token if token
|
202
252
|
response = connection.request(Net::HTTP::Get.new(path, headers))
|
203
|
-
raise Non200Response unless response.code.to_i == 200
|
204
253
|
|
205
|
-
response.
|
254
|
+
case response.code.to_i
|
255
|
+
when 200
|
256
|
+
response.body
|
257
|
+
when 401
|
258
|
+
raise TokenExpiredError
|
259
|
+
else
|
260
|
+
raise Non200Response
|
261
|
+
end
|
206
262
|
end
|
207
263
|
|
208
264
|
# PUT request fetch token with ttl
|
@@ -241,13 +297,28 @@ module Aws
|
|
241
297
|
end
|
242
298
|
end
|
243
299
|
|
300
|
+
def warn_expired_credentials
|
301
|
+
warn("Attempting credential expiration extension due to a credential "\
|
302
|
+
"service availability issue. A refresh of these credentials "\
|
303
|
+
"will be attempted again in 5 minutes.")
|
304
|
+
end
|
305
|
+
|
306
|
+
def empty_credentials?(creds)
|
307
|
+
!creds || !creds.access_key_id || creds.access_key_id.empty?
|
308
|
+
end
|
309
|
+
|
310
|
+
# Compute an offset for refresh with jitter
|
311
|
+
def refresh_offset
|
312
|
+
300 + rand(0..60)
|
313
|
+
end
|
314
|
+
|
244
315
|
# @api private
|
245
316
|
# Token used to fetch IMDS profile and credentials
|
246
317
|
class Token
|
247
|
-
def initialize(value, ttl)
|
318
|
+
def initialize(value, ttl, created_time = Time.now)
|
248
319
|
@ttl = ttl
|
249
320
|
@value = value
|
250
|
-
@created_time =
|
321
|
+
@created_time = created_time
|
251
322
|
end
|
252
323
|
|
253
324
|
# [String] token value
|
@@ -26,7 +26,13 @@ module Aws
|
|
26
26
|
end
|
27
27
|
|
28
28
|
def error_code(json, context)
|
29
|
-
code =
|
29
|
+
code =
|
30
|
+
if aws_query_error?(context)
|
31
|
+
error = context.http_response.headers['x-amzn-query-error'].split(';')[0]
|
32
|
+
remove_prefix(error, context)
|
33
|
+
else
|
34
|
+
json['__type']
|
35
|
+
end
|
30
36
|
code ||= json['code']
|
31
37
|
code ||= context.http_response.headers['x-amzn-errortype']
|
32
38
|
if code
|
@@ -36,6 +42,19 @@ module Aws
|
|
36
42
|
end
|
37
43
|
end
|
38
44
|
|
45
|
+
def aws_query_error?(context)
|
46
|
+
context.config.api.metadata['awsQueryCompatible'] &&
|
47
|
+
context.http_response.headers['x-amzn-query-error']
|
48
|
+
end
|
49
|
+
|
50
|
+
def remove_prefix(error_code, context)
|
51
|
+
if prefix = context.config.api.metadata['errorPrefix']
|
52
|
+
error_code.sub(/^#{prefix}/, '')
|
53
|
+
else
|
54
|
+
error_code
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
39
58
|
def error_message(code, json)
|
40
59
|
if code == 'RequestEntityTooLarge'
|
41
60
|
'Request body must be less than 1 MB'
|
@@ -26,6 +26,8 @@ module Aws
|
|
26
26
|
#
|
27
27
|
# You can put any of these placeholders into you pattern.
|
28
28
|
#
|
29
|
+
# * `:region` - The region configured for the client.
|
30
|
+
#
|
29
31
|
# * `:client_class` - The name of the client class.
|
30
32
|
#
|
31
33
|
# * `:operation` - The name of the client request method.
|
@@ -116,6 +118,10 @@ module Aws
|
|
116
118
|
|
117
119
|
private
|
118
120
|
|
121
|
+
def _region(response)
|
122
|
+
response.context.config.region
|
123
|
+
end
|
124
|
+
|
119
125
|
def _client_class(response)
|
120
126
|
response.context.client.class.name
|
121
127
|
end
|
@@ -48,11 +48,11 @@ module Aws
|
|
48
48
|
#
|
49
49
|
module PageableResponse
|
50
50
|
|
51
|
-
def self.
|
52
|
-
base.extend
|
53
|
-
base.
|
54
|
-
base.instance_variable_set(
|
55
|
-
base
|
51
|
+
def self.apply(base)
|
52
|
+
base.extend Extension
|
53
|
+
base.instance_variable_set(:@last_page, nil)
|
54
|
+
base.instance_variable_set(:@more_results, nil)
|
55
|
+
base
|
56
56
|
end
|
57
57
|
|
58
58
|
# @return [Paging::Pager]
|
@@ -62,39 +62,26 @@ module Aws
|
|
62
62
|
# when this method returns `false` will raise an error.
|
63
63
|
# @return [Boolean]
|
64
64
|
def last_page?
|
65
|
-
|
66
|
-
@last_page = !@pager.truncated?(self)
|
67
|
-
end
|
68
|
-
@last_page
|
65
|
+
# Actual implementation is in PageableResponse::Extension
|
69
66
|
end
|
70
67
|
|
71
68
|
# Returns `true` if there are more results. Calling {#next_page} will
|
72
69
|
# return the next response.
|
73
70
|
# @return [Boolean]
|
74
71
|
def next_page?
|
75
|
-
|
72
|
+
# Actual implementation is in PageableResponse::Extension
|
76
73
|
end
|
77
74
|
|
78
75
|
# @return [Seahorse::Client::Response]
|
79
76
|
def next_page(params = {})
|
80
|
-
|
81
|
-
raise LastPageError.new(self)
|
82
|
-
else
|
83
|
-
next_response(params)
|
84
|
-
end
|
77
|
+
# Actual implementation is in PageableResponse::Extension
|
85
78
|
end
|
86
79
|
|
87
80
|
# Yields the current and each following response to the given block.
|
88
81
|
# @yieldparam [Response] response
|
89
82
|
# @return [Enumerable,nil] Returns a new Enumerable if no block is given.
|
90
83
|
def each(&block)
|
91
|
-
|
92
|
-
response = self
|
93
|
-
yield(response)
|
94
|
-
until response.last_page?
|
95
|
-
response = response.next_page
|
96
|
-
yield(response)
|
97
|
-
end
|
84
|
+
# Actual implementation is in PageableResponse::Extension
|
98
85
|
end
|
99
86
|
alias each_page each
|
100
87
|
|
@@ -105,9 +92,7 @@ module Aws
|
|
105
92
|
# @return [Seahorse::Client::Response] Returns the next page of
|
106
93
|
# results.
|
107
94
|
def next_response(params)
|
108
|
-
|
109
|
-
request = context.client.build_request(context.operation_name, params)
|
110
|
-
request.send_request
|
95
|
+
# Actual implementation is in PageableResponse::Extension
|
111
96
|
end
|
112
97
|
|
113
98
|
# @param [Hash] params A hash of additional request params to
|
@@ -115,13 +100,7 @@ module Aws
|
|
115
100
|
# @return [Hash] Returns the hash of request parameters for the
|
116
101
|
# next page, merging any given params.
|
117
102
|
def next_page_params(params)
|
118
|
-
#
|
119
|
-
# Sometimes a token can be nil and merge would not include it.
|
120
|
-
tokens = @pager.tokens.values.map(&:to_sym)
|
121
|
-
|
122
|
-
params_without_tokens = context[:original_params].reject { |k, _v| tokens.include?(k) }
|
123
|
-
params_without_tokens.merge!(@pager.next_tokens(self).merge(params))
|
124
|
-
params_without_tokens
|
103
|
+
# Actual implementation is in PageableResponse::Extension
|
125
104
|
end
|
126
105
|
|
127
106
|
# Raised when calling {PageableResponse#next_page} on a pager that
|
@@ -167,6 +146,76 @@ module Aws
|
|
167
146
|
data.to_h
|
168
147
|
end
|
169
148
|
|
149
|
+
def as_json(_options = {})
|
150
|
+
data.to_h(data, as_json: true)
|
151
|
+
end
|
152
|
+
|
153
|
+
def to_json(options = {})
|
154
|
+
as_json.to_json(options)
|
155
|
+
end
|
156
|
+
end
|
157
|
+
|
158
|
+
# The actual decorator module implementation. It is in a distinct module
|
159
|
+
# so that it can be used to extend objects without busting Ruby's constant cache.
|
160
|
+
# object.extend(mod) bust the constant cache only if `mod` contains constants of its own.
|
161
|
+
# @api private
|
162
|
+
module Extension
|
163
|
+
|
164
|
+
include Enumerable
|
165
|
+
include UnsafeEnumerableMethods
|
166
|
+
|
167
|
+
attr_accessor :pager
|
168
|
+
|
169
|
+
def last_page?
|
170
|
+
if @last_page.nil?
|
171
|
+
@last_page = !@pager.truncated?(self)
|
172
|
+
end
|
173
|
+
@last_page
|
174
|
+
end
|
175
|
+
|
176
|
+
def next_page?
|
177
|
+
!last_page?
|
178
|
+
end
|
179
|
+
|
180
|
+
def next_page(params = {})
|
181
|
+
if last_page?
|
182
|
+
raise LastPageError.new(self)
|
183
|
+
else
|
184
|
+
next_response(params)
|
185
|
+
end
|
186
|
+
end
|
187
|
+
|
188
|
+
def each(&block)
|
189
|
+
return enum_for(:each_page) unless block_given?
|
190
|
+
response = self
|
191
|
+
yield(response)
|
192
|
+
until response.last_page?
|
193
|
+
response = response.next_page
|
194
|
+
yield(response)
|
195
|
+
end
|
196
|
+
end
|
197
|
+
alias each_page each
|
198
|
+
|
199
|
+
private
|
200
|
+
|
201
|
+
def next_response(params)
|
202
|
+
params = next_page_params(params)
|
203
|
+
request = context.client.build_request(context.operation_name, params)
|
204
|
+
Aws::Plugins::UserAgent.feature('paginator') do
|
205
|
+
request.send_request
|
206
|
+
end
|
207
|
+
end
|
208
|
+
|
209
|
+
def next_page_params(params)
|
210
|
+
# Remove all previous tokens from original params
|
211
|
+
# Sometimes a token can be nil and merge would not include it.
|
212
|
+
tokens = @pager.tokens.values.map(&:to_sym)
|
213
|
+
|
214
|
+
params_without_tokens = context[:original_params].reject { |k, _v| tokens.include?(k) }
|
215
|
+
params_without_tokens.merge!(@pager.next_tokens(self).merge(params))
|
216
|
+
params_without_tokens
|
217
|
+
end
|
218
|
+
|
170
219
|
end
|
171
220
|
end
|
172
221
|
end
|
@@ -0,0 +1,67 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Aws
|
4
|
+
# @api private
|
5
|
+
module Plugins
|
6
|
+
# @api private
|
7
|
+
class BearerAuthorization < Seahorse::Client::Plugin
|
8
|
+
|
9
|
+
option(:token_provider,
|
10
|
+
required: false,
|
11
|
+
doc_type: 'Aws::TokenProvider',
|
12
|
+
docstring: <<-DOCS
|
13
|
+
A Bearer Token Provider. This can be an instance of any one of the
|
14
|
+
following classes:
|
15
|
+
|
16
|
+
* `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
|
17
|
+
tokens.
|
18
|
+
|
19
|
+
* `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
|
20
|
+
access token generated from `aws login`.
|
21
|
+
|
22
|
+
When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
|
23
|
+
will be used to search for tokens configured for your profile in shared configuration files.
|
24
|
+
DOCS
|
25
|
+
) do |config|
|
26
|
+
if config.stub_responses
|
27
|
+
StaticTokenProvider.new('token')
|
28
|
+
else
|
29
|
+
TokenProviderChain.new(config).resolve
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
|
34
|
+
def add_handlers(handlers, cfg)
|
35
|
+
bearer_operations =
|
36
|
+
if cfg.api.metadata['signatureVersion'] == 'bearer'
|
37
|
+
# select operations where authtype is either not set or is bearer
|
38
|
+
cfg.api.operation_names.select do |o|
|
39
|
+
!cfg.api.operation(o)['authtype'] || cfg.api.operation(o)['authtype'] == 'bearer'
|
40
|
+
end
|
41
|
+
else # service is not bearer auth
|
42
|
+
# select only operations where authtype is explicitly bearer
|
43
|
+
cfg.api.operation_names.select do |o|
|
44
|
+
cfg.api.operation(o)['authtype'] == 'bearer'
|
45
|
+
end
|
46
|
+
end
|
47
|
+
handlers.add(Handler, step: :sign, operations: bearer_operations)
|
48
|
+
end
|
49
|
+
|
50
|
+
class Handler < Seahorse::Client::Handler
|
51
|
+
def call(context)
|
52
|
+
if context.http_request.endpoint.scheme != 'https'
|
53
|
+
raise ArgumentError, 'Unable to use bearer authorization on non https endpoint.'
|
54
|
+
end
|
55
|
+
|
56
|
+
token_provider = context.config.token_provider
|
57
|
+
if token_provider && token_provider.set?
|
58
|
+
context.http_request.headers['Authorization'] = "Bearer #{token_provider.token.token}"
|
59
|
+
else
|
60
|
+
raise Errors::MissingBearerTokenError
|
61
|
+
end
|
62
|
+
@handler.call(context)
|
63
|
+
end
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|