aws-sdk-core 3.129.0 → 3.130.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ed3d2d582fb74767dc5f0d2211e65c95f0c6513ea3b251ac91fe9e4911ca10cb
4
- data.tar.gz: c8b4261e45c2ec02e5c38ccc3f37cf7cce3de1ad47f5fe6a31b8e6cfe773d5f4
3
+ metadata.gz: dffefda7cd68861a99856de10c4774c57ffcdb1c3f22d16eacb0a2096a5e5c32
4
+ data.tar.gz: 60628acc0b4bb23629da2de4b5f821c91037e2e7c0b56b63dbdc4e7b771f2167
5
5
  SHA512:
6
- metadata.gz: da350fda9592e059be2b4fd2d355e580f8e2cfa7c638bdf2524564073441b96543d0e00444a69209e6950a902ba98828aceee1740ccbb7a58d755638883fdc27
7
- data.tar.gz: 4ec8d06a538e401bd9864564daa04cbad71c546872fe98b4b43c5796f69f00fa492f5be203f456e5db13231b7dfe3a2df26661cafc0a0d787c545cfcfccc7792
6
+ metadata.gz: 6b16327c66f2fb83c9dceeec13cb5d0f9cbb519b5f999c27aa3e9f0ee0824a0545bc8b5bcc48823242fadf07b03c83fc196207a1806c7f162736bd1073af37db
7
+ data.tar.gz: 0540f8d1095132e67d9d00841b2c6c594870e5addf3de30a228a0e091bcb83280aef8270a2fe3af31815ea3c354abeebe637fa4aa2d27917e51d201a9c397f2b
data/CHANGELOG.md CHANGED
@@ -1,6 +1,23 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 3.130.1 (2022-04-12)
5
+ ------------------
6
+
7
+ * Issue - Don't call `refresh!` on non-refreshable `Credentials` when retrying errors (#2685).
8
+
9
+ 3.130.0 (2022-03-11)
10
+ ------------------
11
+
12
+ * Feature - Asynchronously refresh AWS credentials (#2641).
13
+
14
+ * Issue - Add x-amz-region-set to list of headers deleted for re-sign.
15
+
16
+ 3.129.1 (2022-03-10)
17
+ ------------------
18
+
19
+ * Issue - Make stubs thread safe by creating new responses for each operation call (#2675).
20
+
4
21
  3.129.0 (2022-03-08)
5
22
  ------------------
6
23
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 3.129.0
1
+ 3.130.1
@@ -54,6 +54,7 @@ module Aws
54
54
  end
55
55
  end
56
56
  @client = client_opts[:client] || STS::Client.new(client_opts)
57
+ @async_refresh = true
57
58
  super
58
59
  end
59
60
 
@@ -17,7 +17,7 @@ module Aws
17
17
  # ...
18
18
  # )
19
19
  # For full list of parameters accepted
20
- # @see Aws::STS::Client#assume_role_with_web_identity
20
+ # @see Aws::STS::Client#assume_role_with_web_identity
21
21
  #
22
22
  #
23
23
  # If you omit `:client` option, a new {STS::Client} object will be
@@ -48,6 +48,7 @@ module Aws
48
48
  client_opts = {}
49
49
  @assume_role_web_identity_params = {}
50
50
  @token_file = options.delete(:web_identity_token_file)
51
+ @async_refresh = true
51
52
  options.each_pair do |key, value|
52
53
  if self.class.assume_role_web_identity_options.include?(key)
53
54
  @assume_role_web_identity_params[key] = value
@@ -262,13 +262,17 @@ module Aws
262
262
  end
263
263
 
264
264
  def convert_stub(operation_name, stub)
265
- case stub
265
+ stub = case stub
266
266
  when Proc then stub
267
267
  when Exception, Class then { error: stub }
268
268
  when String then service_error_stub(stub)
269
269
  when Hash then http_response_stub(operation_name, stub)
270
270
  else { data: stub }
271
271
  end
272
+ if Hash === stub
273
+ stub[:mutex] = Mutex.new
274
+ end
275
+ stub
272
276
  end
273
277
 
274
278
  def service_error_stub(error_code)
@@ -62,6 +62,7 @@ module Aws
62
62
  @http_read_timeout = options[:http_read_timeout] || 5
63
63
  @http_debug_output = options[:http_debug_output]
64
64
  @backoff = backoff(options[:backoff])
65
+ @async_refresh = false
65
66
  super
66
67
  end
67
68
 
@@ -79,6 +79,7 @@ module Aws
79
79
  @token_ttl = options[:token_ttl] || 21_600
80
80
  @token = nil
81
81
  @no_refresh_until = nil
82
+ @async_refresh = false
82
83
  super
83
84
  end
84
85
 
@@ -313,12 +313,17 @@ a clock skew correction and retry requests with skewed client clocks.
313
313
 
314
314
  def retry_request(context, error)
315
315
  context.retries += 1
316
- context.config.credentials.refresh! if error.expired_credentials?
316
+ context.config.credentials.refresh! if refresh_credentials?(context, error)
317
317
  context.http_request.body.rewind
318
318
  context.http_response.reset
319
319
  call(context)
320
320
  end
321
321
 
322
+ def refresh_credentials?(context, error)
323
+ error.expired_credentials? &&
324
+ context.config.credentials.respond_to?(:refresh!)
325
+ end
326
+
322
327
  def add_retry_headers(context)
323
328
  request_pairs = {
324
329
  'attempt' => context.retries,
@@ -383,7 +388,7 @@ a clock skew correction and retry requests with skewed client clocks.
383
388
  def retry_request(context, error)
384
389
  delay_retry(context)
385
390
  context.retries += 1
386
- context.config.credentials.refresh! if error.expired_credentials?
391
+ context.config.credentials.refresh! if refresh_credentials?(context, error)
387
392
  context.http_request.body.rewind
388
393
  context.http_response.reset
389
394
  call(context)
@@ -399,6 +404,11 @@ a clock skew correction and retry requests with skewed client clocks.
399
404
  response_truncatable?(context)
400
405
  end
401
406
 
407
+ def refresh_credentials?(context, error)
408
+ error.expired_credentials? &&
409
+ context.config.credentials.respond_to?(:refresh!)
410
+ end
411
+
402
412
  def retry_limit(context)
403
413
  context.config.retry_limit
404
414
  end
@@ -98,6 +98,7 @@ module Aws
98
98
  req.headers.delete('Authorization')
99
99
  req.headers.delete('X-Amz-Security-Token')
100
100
  req.headers.delete('X-Amz-Date')
101
+ req.headers.delete('x-Amz-Region-Set')
101
102
 
102
103
  if context.config.respond_to?(:clock_skew) &&
103
104
  context.config.clock_skew &&
@@ -51,7 +51,11 @@ requests are made, and retries are disabled.
51
51
  stub = context.client.next_stub(context)
52
52
  resp = Seahorse::Client::Response.new(context: context)
53
53
  async_mode = context.client.is_a? Seahorse::Client::AsyncBase
54
- apply_stub(stub, resp, async_mode)
54
+ if Hash === stub && stub[:mutex]
55
+ stub[:mutex].synchronize { apply_stub(stub, resp, async_mode) }
56
+ else
57
+ apply_stub(stub, resp, async_mode)
58
+ end
55
59
 
56
60
  async_mode ? Seahorse::Client::AsyncResponse.new(
57
61
  context: context, stream: context[:input_event_stream_handler].event_emitter.stream, sync_queue: Queue.new) : resp
@@ -27,6 +27,7 @@ module Aws
27
27
  def initialize(process)
28
28
  @process = process
29
29
  @credentials = credentials_from_process(@process)
30
+ @async_refresh = false
30
31
 
31
32
  super
32
33
  end
@@ -73,9 +74,9 @@ module Aws
73
74
  @credentials = credentials_from_process(@process)
74
75
  end
75
76
 
76
- def near_expiration?
77
+ def near_expiration?(expiration_length)
77
78
  # are we within 5 minutes of expiration?
78
- @expiration && (Time.now.to_i + 5 * 60) > @expiration.to_i
79
+ @expiration && (Time.now.to_i + expiration_length) > @expiration.to_i
79
80
  end
80
81
  end
81
82
  end
@@ -17,6 +17,9 @@ module Aws
17
17
  # @api private
18
18
  module RefreshingCredentials
19
19
 
20
+ SYNC_EXPIRATION_LENGTH = 300 # 5 minutes
21
+ ASYNC_EXPIRATION_LENGTH = 600 # 10 minutes
22
+
20
23
  def initialize(options = {})
21
24
  @mutex = Mutex.new
22
25
  @before_refresh = options.delete(:before_refresh) if Hash === options
@@ -27,13 +30,13 @@ module Aws
27
30
 
28
31
  # @return [Credentials]
29
32
  def credentials
30
- refresh_if_near_expiration
33
+ refresh_if_near_expiration!
31
34
  @credentials
32
35
  end
33
36
 
34
37
  # @return [Time,nil]
35
38
  def expiration
36
- refresh_if_near_expiration
39
+ refresh_if_near_expiration!
37
40
  @expiration
38
41
  end
39
42
 
@@ -49,24 +52,39 @@ module Aws
49
52
 
50
53
  private
51
54
 
52
- # Refreshes instance metadata credentials if they are within
53
- # 5 minutes of expiration.
54
- def refresh_if_near_expiration
55
- if near_expiration?
55
+ # Refreshes credentials asynchronously and synchronously.
56
+ # If we are near to expiration, block while getting new credentials.
57
+ # Otherwise, if we're approaching expiration, use the existing credentials
58
+ # but attempt a refresh in the background.
59
+ def refresh_if_near_expiration!
60
+ # Note: This check is an optimization. Rather than acquire the mutex on every #refresh_if_near_expiration
61
+ # call, we check before doing so, and then we check within the mutex to avoid a race condition.
62
+ # See issue: https://github.com/aws/aws-sdk-ruby/issues/2641 for more info.
63
+ if near_expiration?(SYNC_EXPIRATION_LENGTH)
56
64
  @mutex.synchronize do
57
- if near_expiration?
65
+ if near_expiration?(SYNC_EXPIRATION_LENGTH)
58
66
  @before_refresh.call(self) if @before_refresh
59
-
60
67
  refresh
61
68
  end
62
69
  end
70
+ elsif @async_refresh && near_expiration?(ASYNC_EXPIRATION_LENGTH)
71
+ unless @mutex.locked?
72
+ Thread.new do
73
+ @mutex.synchronize do
74
+ if near_expiration?(ASYNC_EXPIRATION_LENGTH)
75
+ @before_refresh.call(self) if @before_refresh
76
+ refresh
77
+ end
78
+ end
79
+ end
80
+ end
63
81
  end
64
82
  end
65
83
 
66
- def near_expiration?
84
+ def near_expiration?(expiration_length)
67
85
  if @expiration
68
- # are we within 5 minutes of expiration?
69
- (Time.now.to_i + 5 * 60) > @expiration.to_i
86
+ # Are we within expiration?
87
+ (Time.now.to_i + expiration_length) > @expiration.to_i
70
88
  else
71
89
  true
72
90
  end
@@ -86,6 +86,7 @@ module Aws
86
86
  options[:region] = @sso_region
87
87
  options[:credentials] = nil
88
88
  @client = options[:client] || Aws::SSO::Client.new(options)
89
+ @async_refresh = true
89
90
  super
90
91
  end
91
92
 
@@ -545,7 +545,7 @@ module Aws::SSO
545
545
  params: params,
546
546
  config: config)
547
547
  context[:gem_name] = 'aws-sdk-core'
548
- context[:gem_version] = '3.129.0'
548
+ context[:gem_version] = '3.130.1'
549
549
  Seahorse::Client::Request.new(handlers, context)
550
550
  end
551
551
 
data/lib/aws-sdk-sso.rb CHANGED
@@ -50,6 +50,6 @@ require_relative 'aws-sdk-sso/customizations'
50
50
  # @!group service
51
51
  module Aws::SSO
52
52
 
53
- GEM_VERSION = '3.129.0'
53
+ GEM_VERSION = '3.130.1'
54
54
 
55
55
  end
@@ -2290,7 +2290,7 @@ module Aws::STS
2290
2290
  params: params,
2291
2291
  config: config)
2292
2292
  context[:gem_name] = 'aws-sdk-core'
2293
- context[:gem_version] = '3.129.0'
2293
+ context[:gem_version] = '3.130.1'
2294
2294
  Seahorse::Client::Request.new(handlers, context)
2295
2295
  end
2296
2296
 
data/lib/aws-sdk-sts.rb CHANGED
@@ -50,6 +50,6 @@ require_relative 'aws-sdk-sts/customizations'
50
50
  # @!group service
51
51
  module Aws::STS
52
52
 
53
- GEM_VERSION = '3.129.0'
53
+ GEM_VERSION = '3.130.1'
54
54
 
55
55
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.129.0
4
+ version: 3.130.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-03-08 00:00:00.000000000 Z
11
+ date: 2022-04-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jmespath