aws-sdk-core 3.129.1 → 3.130.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 49ca96451c7816e538a74ba800cbc2ade4fcfb7a9d712fea2cc6da12deca1172
4
- data.tar.gz: 12431a75db151e6c918707c1e592a1810849eebdc437cc41564cb06d536227fc
3
+ metadata.gz: d7804cbac83996a95b2cacbd808389798eb0b461229a9e8e2a966cd28d599aa6
4
+ data.tar.gz: ce3557bcbd4d6a5edaa1bc99fbd7e75f9b2e23eb6fadb8be06a69b91e2e8a4a7
5
5
  SHA512:
6
- metadata.gz: 6f59af7600dc1f0e76566543cadf66b65f838c195d0a24c962043cf38cbbb190ee5be73daa968acbe332dd9490d9fadd89882e3a6d87f60c2f6f8ef1150f382d
7
- data.tar.gz: 56baca1bd31275d8aa749890f0fe02d0e02b6d01df8c9596573efc3c269e6145bfaedbb813ae0aa03982dbc7ea2d35f9a84e58a9b3323304d78e70aab18b0947
6
+ metadata.gz: d1d0b4ec0b478389290d84409869ed012e4a2ce6408d3dc5c46c618771cc970d9086eb4686dd64b740ebd5eeafe7cc0e8b6fa63d3f89202e8f2841d9a203bdbb
7
+ data.tar.gz: f4c41ffb85d712bcaf8701aa61a886837517df23e14a53c2b9201d86bfcc1fd41b5b8badded9f91aeb0ee77553c9e2af80b4c82d1e249486b5630afc1582939c
data/CHANGELOG.md CHANGED
@@ -1,6 +1,13 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 3.130.0 (2022-03-11)
5
+ ------------------
6
+
7
+ * Feature - Asynchronously refresh AWS credentials (#2641).
8
+
9
+ * Issue - Add x-amz-region-set to list of headers deleted for re-sign.
10
+
4
11
  3.129.1 (2022-03-10)
5
12
  ------------------
6
13
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 3.129.1
1
+ 3.130.0
@@ -54,6 +54,7 @@ module Aws
54
54
  end
55
55
  end
56
56
  @client = client_opts[:client] || STS::Client.new(client_opts)
57
+ @async_refresh = true
57
58
  super
58
59
  end
59
60
 
@@ -17,7 +17,7 @@ module Aws
17
17
  # ...
18
18
  # )
19
19
  # For full list of parameters accepted
20
- # @see Aws::STS::Client#assume_role_with_web_identity
20
+ # @see Aws::STS::Client#assume_role_with_web_identity
21
21
  #
22
22
  #
23
23
  # If you omit `:client` option, a new {STS::Client} object will be
@@ -48,6 +48,7 @@ module Aws
48
48
  client_opts = {}
49
49
  @assume_role_web_identity_params = {}
50
50
  @token_file = options.delete(:web_identity_token_file)
51
+ @async_refresh = true
51
52
  options.each_pair do |key, value|
52
53
  if self.class.assume_role_web_identity_options.include?(key)
53
54
  @assume_role_web_identity_params[key] = value
@@ -62,6 +62,7 @@ module Aws
62
62
  @http_read_timeout = options[:http_read_timeout] || 5
63
63
  @http_debug_output = options[:http_debug_output]
64
64
  @backoff = backoff(options[:backoff])
65
+ @async_refresh = false
65
66
  super
66
67
  end
67
68
 
@@ -79,6 +79,7 @@ module Aws
79
79
  @token_ttl = options[:token_ttl] || 21_600
80
80
  @token = nil
81
81
  @no_refresh_until = nil
82
+ @async_refresh = false
82
83
  super
83
84
  end
84
85
 
@@ -98,6 +98,7 @@ module Aws
98
98
  req.headers.delete('Authorization')
99
99
  req.headers.delete('X-Amz-Security-Token')
100
100
  req.headers.delete('X-Amz-Date')
101
+ req.headers.delete('x-Amz-Region-Set')
101
102
 
102
103
  if context.config.respond_to?(:clock_skew) &&
103
104
  context.config.clock_skew &&
@@ -27,6 +27,7 @@ module Aws
27
27
  def initialize(process)
28
28
  @process = process
29
29
  @credentials = credentials_from_process(@process)
30
+ @async_refresh = false
30
31
 
31
32
  super
32
33
  end
@@ -73,9 +74,9 @@ module Aws
73
74
  @credentials = credentials_from_process(@process)
74
75
  end
75
76
 
76
- def near_expiration?
77
+ def near_expiration?(expiration_length)
77
78
  # are we within 5 minutes of expiration?
78
- @expiration && (Time.now.to_i + 5 * 60) > @expiration.to_i
79
+ @expiration && (Time.now.to_i + expiration_length) > @expiration.to_i
79
80
  end
80
81
  end
81
82
  end
@@ -17,6 +17,9 @@ module Aws
17
17
  # @api private
18
18
  module RefreshingCredentials
19
19
 
20
+ SYNC_EXPIRATION_LENGTH = 300 # 5 minutes
21
+ ASYNC_EXPIRATION_LENGTH = 600 # 10 minutes
22
+
20
23
  def initialize(options = {})
21
24
  @mutex = Mutex.new
22
25
  @before_refresh = options.delete(:before_refresh) if Hash === options
@@ -27,13 +30,13 @@ module Aws
27
30
 
28
31
  # @return [Credentials]
29
32
  def credentials
30
- refresh_if_near_expiration
33
+ refresh_if_near_expiration!
31
34
  @credentials
32
35
  end
33
36
 
34
37
  # @return [Time,nil]
35
38
  def expiration
36
- refresh_if_near_expiration
39
+ refresh_if_near_expiration!
37
40
  @expiration
38
41
  end
39
42
 
@@ -49,24 +52,39 @@ module Aws
49
52
 
50
53
  private
51
54
 
52
- # Refreshes instance metadata credentials if they are within
53
- # 5 minutes of expiration.
54
- def refresh_if_near_expiration
55
- if near_expiration?
55
+ # Refreshes credentials asynchronously and synchronously.
56
+ # If we are near to expiration, block while getting new credentials.
57
+ # Otherwise, if we're approaching expiration, use the existing credentials
58
+ # but attempt a refresh in the background.
59
+ def refresh_if_near_expiration!
60
+ # Note: This check is an optimization. Rather than acquire the mutex on every #refresh_if_near_expiration
61
+ # call, we check before doing so, and then we check within the mutex to avoid a race condition.
62
+ # See issue: https://github.com/aws/aws-sdk-ruby/issues/2641 for more info.
63
+ if near_expiration?(SYNC_EXPIRATION_LENGTH)
56
64
  @mutex.synchronize do
57
- if near_expiration?
65
+ if near_expiration?(SYNC_EXPIRATION_LENGTH)
58
66
  @before_refresh.call(self) if @before_refresh
59
-
60
67
  refresh
61
68
  end
62
69
  end
70
+ elsif @async_refresh && near_expiration?(ASYNC_EXPIRATION_LENGTH)
71
+ unless @mutex.locked?
72
+ Thread.new do
73
+ @mutex.synchronize do
74
+ if near_expiration?(ASYNC_EXPIRATION_LENGTH)
75
+ @before_refresh.call(self) if @before_refresh
76
+ refresh
77
+ end
78
+ end
79
+ end
80
+ end
63
81
  end
64
82
  end
65
83
 
66
- def near_expiration?
84
+ def near_expiration?(expiration_length)
67
85
  if @expiration
68
- # are we within 5 minutes of expiration?
69
- (Time.now.to_i + 5 * 60) > @expiration.to_i
86
+ # Are we within expiration?
87
+ (Time.now.to_i + expiration_length) > @expiration.to_i
70
88
  else
71
89
  true
72
90
  end
@@ -86,6 +86,7 @@ module Aws
86
86
  options[:region] = @sso_region
87
87
  options[:credentials] = nil
88
88
  @client = options[:client] || Aws::SSO::Client.new(options)
89
+ @async_refresh = true
89
90
  super
90
91
  end
91
92
 
@@ -545,7 +545,7 @@ module Aws::SSO
545
545
  params: params,
546
546
  config: config)
547
547
  context[:gem_name] = 'aws-sdk-core'
548
- context[:gem_version] = '3.129.1'
548
+ context[:gem_version] = '3.130.0'
549
549
  Seahorse::Client::Request.new(handlers, context)
550
550
  end
551
551
 
data/lib/aws-sdk-sso.rb CHANGED
@@ -50,6 +50,6 @@ require_relative 'aws-sdk-sso/customizations'
50
50
  # @!group service
51
51
  module Aws::SSO
52
52
 
53
- GEM_VERSION = '3.129.1'
53
+ GEM_VERSION = '3.130.0'
54
54
 
55
55
  end
@@ -2290,7 +2290,7 @@ module Aws::STS
2290
2290
  params: params,
2291
2291
  config: config)
2292
2292
  context[:gem_name] = 'aws-sdk-core'
2293
- context[:gem_version] = '3.129.1'
2293
+ context[:gem_version] = '3.130.0'
2294
2294
  Seahorse::Client::Request.new(handlers, context)
2295
2295
  end
2296
2296
 
data/lib/aws-sdk-sts.rb CHANGED
@@ -50,6 +50,6 @@ require_relative 'aws-sdk-sts/customizations'
50
50
  # @!group service
51
51
  module Aws::STS
52
52
 
53
- GEM_VERSION = '3.129.1'
53
+ GEM_VERSION = '3.130.0'
54
54
 
55
55
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.129.1
4
+ version: 3.130.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-03-10 00:00:00.000000000 Z
11
+ date: 2022-03-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jmespath