aws-sdk-core 3.129.0 → 3.130.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +12 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-core/assume_role_credentials.rb +1 -0
- data/lib/aws-sdk-core/assume_role_web_identity_credentials.rb +2 -1
- data/lib/aws-sdk-core/client_stubs.rb +5 -1
- data/lib/aws-sdk-core/ecs_credentials.rb +1 -0
- data/lib/aws-sdk-core/instance_profile_credentials.rb +1 -0
- data/lib/aws-sdk-core/plugins/signature_v4.rb +1 -0
- data/lib/aws-sdk-core/plugins/stub_responses.rb +5 -1
- data/lib/aws-sdk-core/process_credentials.rb +3 -2
- data/lib/aws-sdk-core/refreshing_credentials.rb +29 -11
- data/lib/aws-sdk-core/sso_credentials.rb +1 -0
- data/lib/aws-sdk-sso/client.rb +1 -1
- data/lib/aws-sdk-sso.rb +1 -1
- data/lib/aws-sdk-sts/client.rb +1 -1
- data/lib/aws-sdk-sts.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d7804cbac83996a95b2cacbd808389798eb0b461229a9e8e2a966cd28d599aa6
|
|
4
|
+
data.tar.gz: ce3557bcbd4d6a5edaa1bc99fbd7e75f9b2e23eb6fadb8be06a69b91e2e8a4a7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d1d0b4ec0b478389290d84409869ed012e4a2ce6408d3dc5c46c618771cc970d9086eb4686dd64b740ebd5eeafe7cc0e8b6fa63d3f89202e8f2841d9a203bdbb
|
|
7
|
+
data.tar.gz: f4c41ffb85d712bcaf8701aa61a886837517df23e14a53c2b9201d86bfcc1fd41b5b8badded9f91aeb0ee77553c9e2af80b4c82d1e249486b5630afc1582939c
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,18 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
3.130.0 (2022-03-11)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Asynchronously refresh AWS credentials (#2641).
|
|
8
|
+
|
|
9
|
+
* Issue - Add x-amz-region-set to list of headers deleted for re-sign.
|
|
10
|
+
|
|
11
|
+
3.129.1 (2022-03-10)
|
|
12
|
+
------------------
|
|
13
|
+
|
|
14
|
+
* Issue - Make stubs thread safe by creating new responses for each operation call (#2675).
|
|
15
|
+
|
|
4
16
|
3.129.0 (2022-03-08)
|
|
5
17
|
------------------
|
|
6
18
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
3.
|
|
1
|
+
3.130.0
|
|
@@ -17,7 +17,7 @@ module Aws
|
|
|
17
17
|
# ...
|
|
18
18
|
# )
|
|
19
19
|
# For full list of parameters accepted
|
|
20
|
-
# @see Aws::STS::Client#assume_role_with_web_identity
|
|
20
|
+
# @see Aws::STS::Client#assume_role_with_web_identity
|
|
21
21
|
#
|
|
22
22
|
#
|
|
23
23
|
# If you omit `:client` option, a new {STS::Client} object will be
|
|
@@ -48,6 +48,7 @@ module Aws
|
|
|
48
48
|
client_opts = {}
|
|
49
49
|
@assume_role_web_identity_params = {}
|
|
50
50
|
@token_file = options.delete(:web_identity_token_file)
|
|
51
|
+
@async_refresh = true
|
|
51
52
|
options.each_pair do |key, value|
|
|
52
53
|
if self.class.assume_role_web_identity_options.include?(key)
|
|
53
54
|
@assume_role_web_identity_params[key] = value
|
|
@@ -262,13 +262,17 @@ module Aws
|
|
|
262
262
|
end
|
|
263
263
|
|
|
264
264
|
def convert_stub(operation_name, stub)
|
|
265
|
-
case stub
|
|
265
|
+
stub = case stub
|
|
266
266
|
when Proc then stub
|
|
267
267
|
when Exception, Class then { error: stub }
|
|
268
268
|
when String then service_error_stub(stub)
|
|
269
269
|
when Hash then http_response_stub(operation_name, stub)
|
|
270
270
|
else { data: stub }
|
|
271
271
|
end
|
|
272
|
+
if Hash === stub
|
|
273
|
+
stub[:mutex] = Mutex.new
|
|
274
|
+
end
|
|
275
|
+
stub
|
|
272
276
|
end
|
|
273
277
|
|
|
274
278
|
def service_error_stub(error_code)
|
|
@@ -98,6 +98,7 @@ module Aws
|
|
|
98
98
|
req.headers.delete('Authorization')
|
|
99
99
|
req.headers.delete('X-Amz-Security-Token')
|
|
100
100
|
req.headers.delete('X-Amz-Date')
|
|
101
|
+
req.headers.delete('x-Amz-Region-Set')
|
|
101
102
|
|
|
102
103
|
if context.config.respond_to?(:clock_skew) &&
|
|
103
104
|
context.config.clock_skew &&
|
|
@@ -51,7 +51,11 @@ requests are made, and retries are disabled.
|
|
|
51
51
|
stub = context.client.next_stub(context)
|
|
52
52
|
resp = Seahorse::Client::Response.new(context: context)
|
|
53
53
|
async_mode = context.client.is_a? Seahorse::Client::AsyncBase
|
|
54
|
-
|
|
54
|
+
if Hash === stub && stub[:mutex]
|
|
55
|
+
stub[:mutex].synchronize { apply_stub(stub, resp, async_mode) }
|
|
56
|
+
else
|
|
57
|
+
apply_stub(stub, resp, async_mode)
|
|
58
|
+
end
|
|
55
59
|
|
|
56
60
|
async_mode ? Seahorse::Client::AsyncResponse.new(
|
|
57
61
|
context: context, stream: context[:input_event_stream_handler].event_emitter.stream, sync_queue: Queue.new) : resp
|
|
@@ -27,6 +27,7 @@ module Aws
|
|
|
27
27
|
def initialize(process)
|
|
28
28
|
@process = process
|
|
29
29
|
@credentials = credentials_from_process(@process)
|
|
30
|
+
@async_refresh = false
|
|
30
31
|
|
|
31
32
|
super
|
|
32
33
|
end
|
|
@@ -73,9 +74,9 @@ module Aws
|
|
|
73
74
|
@credentials = credentials_from_process(@process)
|
|
74
75
|
end
|
|
75
76
|
|
|
76
|
-
def near_expiration?
|
|
77
|
+
def near_expiration?(expiration_length)
|
|
77
78
|
# are we within 5 minutes of expiration?
|
|
78
|
-
@expiration && (Time.now.to_i +
|
|
79
|
+
@expiration && (Time.now.to_i + expiration_length) > @expiration.to_i
|
|
79
80
|
end
|
|
80
81
|
end
|
|
81
82
|
end
|
|
@@ -17,6 +17,9 @@ module Aws
|
|
|
17
17
|
# @api private
|
|
18
18
|
module RefreshingCredentials
|
|
19
19
|
|
|
20
|
+
SYNC_EXPIRATION_LENGTH = 300 # 5 minutes
|
|
21
|
+
ASYNC_EXPIRATION_LENGTH = 600 # 10 minutes
|
|
22
|
+
|
|
20
23
|
def initialize(options = {})
|
|
21
24
|
@mutex = Mutex.new
|
|
22
25
|
@before_refresh = options.delete(:before_refresh) if Hash === options
|
|
@@ -27,13 +30,13 @@ module Aws
|
|
|
27
30
|
|
|
28
31
|
# @return [Credentials]
|
|
29
32
|
def credentials
|
|
30
|
-
refresh_if_near_expiration
|
|
33
|
+
refresh_if_near_expiration!
|
|
31
34
|
@credentials
|
|
32
35
|
end
|
|
33
36
|
|
|
34
37
|
# @return [Time,nil]
|
|
35
38
|
def expiration
|
|
36
|
-
refresh_if_near_expiration
|
|
39
|
+
refresh_if_near_expiration!
|
|
37
40
|
@expiration
|
|
38
41
|
end
|
|
39
42
|
|
|
@@ -49,24 +52,39 @@ module Aws
|
|
|
49
52
|
|
|
50
53
|
private
|
|
51
54
|
|
|
52
|
-
# Refreshes
|
|
53
|
-
#
|
|
54
|
-
|
|
55
|
-
|
|
55
|
+
# Refreshes credentials asynchronously and synchronously.
|
|
56
|
+
# If we are near to expiration, block while getting new credentials.
|
|
57
|
+
# Otherwise, if we're approaching expiration, use the existing credentials
|
|
58
|
+
# but attempt a refresh in the background.
|
|
59
|
+
def refresh_if_near_expiration!
|
|
60
|
+
# Note: This check is an optimization. Rather than acquire the mutex on every #refresh_if_near_expiration
|
|
61
|
+
# call, we check before doing so, and then we check within the mutex to avoid a race condition.
|
|
62
|
+
# See issue: https://github.com/aws/aws-sdk-ruby/issues/2641 for more info.
|
|
63
|
+
if near_expiration?(SYNC_EXPIRATION_LENGTH)
|
|
56
64
|
@mutex.synchronize do
|
|
57
|
-
if near_expiration?
|
|
65
|
+
if near_expiration?(SYNC_EXPIRATION_LENGTH)
|
|
58
66
|
@before_refresh.call(self) if @before_refresh
|
|
59
|
-
|
|
60
67
|
refresh
|
|
61
68
|
end
|
|
62
69
|
end
|
|
70
|
+
elsif @async_refresh && near_expiration?(ASYNC_EXPIRATION_LENGTH)
|
|
71
|
+
unless @mutex.locked?
|
|
72
|
+
Thread.new do
|
|
73
|
+
@mutex.synchronize do
|
|
74
|
+
if near_expiration?(ASYNC_EXPIRATION_LENGTH)
|
|
75
|
+
@before_refresh.call(self) if @before_refresh
|
|
76
|
+
refresh
|
|
77
|
+
end
|
|
78
|
+
end
|
|
79
|
+
end
|
|
80
|
+
end
|
|
63
81
|
end
|
|
64
82
|
end
|
|
65
83
|
|
|
66
|
-
def near_expiration?
|
|
84
|
+
def near_expiration?(expiration_length)
|
|
67
85
|
if @expiration
|
|
68
|
-
#
|
|
69
|
-
(Time.now.to_i +
|
|
86
|
+
# Are we within expiration?
|
|
87
|
+
(Time.now.to_i + expiration_length) > @expiration.to_i
|
|
70
88
|
else
|
|
71
89
|
true
|
|
72
90
|
end
|
data/lib/aws-sdk-sso/client.rb
CHANGED
data/lib/aws-sdk-sso.rb
CHANGED
data/lib/aws-sdk-sts/client.rb
CHANGED
|
@@ -2290,7 +2290,7 @@ module Aws::STS
|
|
|
2290
2290
|
params: params,
|
|
2291
2291
|
config: config)
|
|
2292
2292
|
context[:gem_name] = 'aws-sdk-core'
|
|
2293
|
-
context[:gem_version] = '3.
|
|
2293
|
+
context[:gem_version] = '3.130.0'
|
|
2294
2294
|
Seahorse::Client::Request.new(handlers, context)
|
|
2295
2295
|
end
|
|
2296
2296
|
|
data/lib/aws-sdk-sts.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-core
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.130.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-03-
|
|
11
|
+
date: 2022-03-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: jmespath
|