aws-sdk-core 3.131.1 → 3.148.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,31 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ class Token
5
+
6
+ # @param [String] token
7
+ # @param [Time] expiration
8
+ def initialize(token, expiration=nil)
9
+ @token = token
10
+ @expiration = expiration
11
+ end
12
+
13
+ # @return [String, nil]
14
+ attr_reader :token
15
+
16
+ # @return [Time, nil]
17
+ attr_reader :expiration
18
+
19
+ # @return [Boolean] Returns `true` if token is set
20
+ def set?
21
+ !token.nil? && !token.empty?
22
+ end
23
+
24
+ # Removing the token from the default inspect string.
25
+ # @api private
26
+ def inspect
27
+ "#<#{self.class.name} token=[FILTERED]> expiration=#{expiration}>"
28
+ end
29
+
30
+ end
31
+ end
@@ -0,0 +1,15 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ module TokenProvider
5
+
6
+ # @return [Token]
7
+ attr_reader :token
8
+
9
+ # @return [Boolean]
10
+ def set?
11
+ !!token && token.set?
12
+ end
13
+
14
+ end
15
+ end
@@ -0,0 +1,51 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ # @api private
5
+ class TokenProviderChain
6
+ def initialize(config = nil)
7
+ @config = config
8
+ end
9
+
10
+ # @return [TokenProvider, nil]
11
+ def resolve
12
+ providers.each do |method_name, options|
13
+ provider = send(method_name, options.merge(config: @config))
14
+ return provider if provider && provider.set?
15
+ end
16
+ nil
17
+ end
18
+
19
+ private
20
+
21
+ def providers
22
+ [
23
+ [:static_profile_sso_token, {}],
24
+ [:sso_token, {}]
25
+ ]
26
+ end
27
+
28
+ def static_profile_sso_token(options)
29
+ if Aws.shared_config.config_enabled? && options[:config] && options[:config].profile
30
+ Aws.shared_config.sso_token_from_config(
31
+ profile: options[:config].profile
32
+ )
33
+ end
34
+ end
35
+
36
+
37
+ def sso_token(options)
38
+ profile_name = determine_profile_name(options)
39
+ if Aws.shared_config.config_enabled?
40
+ Aws.shared_config.sso_token_from_config(profile: profile_name)
41
+ end
42
+ rescue Errors::NoSuchProfileError
43
+ nil
44
+ end
45
+
46
+ def determine_profile_name(options)
47
+ (options[:config] && options[:config].profile) || ENV['AWS_PROFILE'] || ENV['AWS_DEFAULT_PROFILE'] || 'default'
48
+ end
49
+
50
+ end
51
+ end
@@ -24,6 +24,7 @@ module Aws
24
24
  else
25
25
  code, message, data = extract_error(body, context)
26
26
  end
27
+ context[:request_id] = request_id(body)
27
28
  errors_module = context.client.class.errors_module
28
29
  error_class = errors_module.error_class(code).new(context, message, data)
29
30
  error_class
@@ -94,6 +95,12 @@ module Aws
94
95
  end
95
96
  end
96
97
 
98
+ def request_id(body)
99
+ if matches = body.match(/<RequestId>(.+?)<\/RequestId>/m)
100
+ matches[1]
101
+ end
102
+ end
103
+
97
104
  def unescape(str)
98
105
  CGI.unescapeHTML(str)
99
106
  end
data/lib/aws-sdk-core.rb CHANGED
@@ -20,6 +20,15 @@ require_relative 'aws-sdk-core/shared_credentials'
20
20
  require_relative 'aws-sdk-core/process_credentials'
21
21
  require_relative 'aws-sdk-core/sso_credentials'
22
22
 
23
+ # tokens and token providers
24
+ require_relative 'aws-sdk-core/token'
25
+ require_relative 'aws-sdk-core/token_provider'
26
+ require_relative 'aws-sdk-core/static_token_provider'
27
+ require_relative 'aws-sdk-core/refreshing_token'
28
+ require_relative 'aws-sdk-core/sso_token_provider'
29
+ require_relative 'aws-sdk-core/token_provider_chain'
30
+ require_relative 'aws-sdk-core/plugins/bearer_authorization'
31
+
23
32
  # client modules
24
33
 
25
34
  require_relative 'aws-sdk-core/client_stubs'
@@ -99,6 +108,7 @@ require_relative 'aws-sdk-sts'
99
108
 
100
109
  # aws-sdk-sso is included to support Aws::SSOCredentials
101
110
  require_relative 'aws-sdk-sso'
111
+ require_relative 'aws-sdk-ssooidc'
102
112
 
103
113
  module Aws
104
114
 
@@ -362,7 +362,8 @@ module Aws::SSO
362
362
  #
363
363
  # @option params [required, String] :access_token
364
364
  # The token issued by the `CreateToken` API call. For more information,
365
- # see [CreateToken][1] in the *AWS SSO OIDC API Reference Guide*.
365
+ # see [CreateToken][1] in the *IAM Identity Center OIDC API Reference
366
+ # Guide*.
366
367
  #
367
368
  #
368
369
  #
@@ -407,7 +408,8 @@ module Aws::SSO
407
408
  #
408
409
  # @option params [required, String] :access_token
409
410
  # The token issued by the `CreateToken` API call. For more information,
410
- # see [CreateToken][1] in the *AWS SSO OIDC API Reference Guide*.
411
+ # see [CreateToken][1] in the *IAM Identity Center OIDC API Reference
412
+ # Guide*.
411
413
  #
412
414
  #
413
415
  #
@@ -450,8 +452,8 @@ module Aws::SSO
450
452
 
451
453
  # Lists all AWS accounts assigned to the user. These AWS accounts are
452
454
  # assigned by the administrator of the account. For more information,
453
- # see [Assign User Access][1] in the *AWS SSO User Guide*. This
454
- # operation returns a paginated response.
455
+ # see [Assign User Access][1] in the *IAM Identity Center User Guide*.
456
+ # This operation returns a paginated response.
455
457
  #
456
458
  #
457
459
  #
@@ -466,7 +468,8 @@ module Aws::SSO
466
468
  #
467
469
  # @option params [required, String] :access_token
468
470
  # The token issued by the `CreateToken` API call. For more information,
469
- # see [CreateToken][1] in the *AWS SSO OIDC API Reference Guide*.
471
+ # see [CreateToken][1] in the *IAM Identity Center OIDC API Reference
472
+ # Guide*.
470
473
  #
471
474
  #
472
475
  #
@@ -504,12 +507,32 @@ module Aws::SSO
504
507
  req.send_request(options)
505
508
  end
506
509
 
507
- # Removes the client- and server-side session that is associated with
508
- # the user.
510
+ # Removes the locally stored SSO tokens from the client-side cache and
511
+ # sends an API call to the IAM Identity Center service to invalidate the
512
+ # corresponding server-side IAM Identity Center sign in session.
513
+ #
514
+ # <note markdown="1"> If a user uses IAM Identity Center to access the AWS CLI, the user’s
515
+ # IAM Identity Center sign in session is used to obtain an IAM session,
516
+ # as specified in the corresponding IAM Identity Center permission set.
517
+ # More specifically, IAM Identity Center assumes an IAM role in the
518
+ # target account on behalf of the user, and the corresponding temporary
519
+ # AWS credentials are returned to the client.
520
+ #
521
+ # After user logout, any existing IAM role sessions that were created by
522
+ # using IAM Identity Center permission sets continue based on the
523
+ # duration configured in the permission set. For more information, see
524
+ # [User authentications][1] in the *IAM Identity Center User Guide*.
525
+ #
526
+ # </note>
527
+ #
528
+ #
529
+ #
530
+ # [1]: https://docs.aws.amazon.com/singlesignon/latest/userguide/authconcept.html
509
531
  #
510
532
  # @option params [required, String] :access_token
511
533
  # The token issued by the `CreateToken` API call. For more information,
512
- # see [CreateToken][1] in the *AWS SSO OIDC API Reference Guide*.
534
+ # see [CreateToken][1] in the *IAM Identity Center OIDC API Reference
535
+ # Guide*.
513
536
  #
514
537
  #
515
538
  #
@@ -545,7 +568,7 @@ module Aws::SSO
545
568
  params: params,
546
569
  config: config)
547
570
  context[:gem_name] = 'aws-sdk-core'
548
- context[:gem_version] = '3.131.1'
571
+ context[:gem_version] = '3.148.0'
549
572
  Seahorse::Client::Request.new(handlers, context)
550
573
  end
551
574
 
@@ -53,8 +53,8 @@ module Aws::SSO
53
53
  #
54
54
  # @!attribute [rw] access_token
55
55
  # The token issued by the `CreateToken` API call. For more
56
- # information, see [CreateToken][1] in the *AWS SSO OIDC API Reference
57
- # Guide*.
56
+ # information, see [CreateToken][1] in the *IAM Identity Center OIDC
57
+ # API Reference Guide*.
58
58
  #
59
59
  #
60
60
  #
@@ -118,8 +118,8 @@ module Aws::SSO
118
118
  #
119
119
  # @!attribute [rw] access_token
120
120
  # The token issued by the `CreateToken` API call. For more
121
- # information, see [CreateToken][1] in the *AWS SSO OIDC API Reference
122
- # Guide*.
121
+ # information, see [CreateToken][1] in the *IAM Identity Center OIDC
122
+ # API Reference Guide*.
123
123
  #
124
124
  #
125
125
  #
@@ -179,8 +179,8 @@ module Aws::SSO
179
179
  #
180
180
  # @!attribute [rw] access_token
181
181
  # The token issued by the `CreateToken` API call. For more
182
- # information, see [CreateToken][1] in the *AWS SSO OIDC API Reference
183
- # Guide*.
182
+ # information, see [CreateToken][1] in the *IAM Identity Center OIDC
183
+ # API Reference Guide*.
184
184
  #
185
185
  #
186
186
  #
@@ -224,8 +224,8 @@ module Aws::SSO
224
224
  #
225
225
  # @!attribute [rw] access_token
226
226
  # The token issued by the `CreateToken` API call. For more
227
- # information, see [CreateToken][1] in the *AWS SSO OIDC API Reference
228
- # Guide*.
227
+ # information, see [CreateToken][1] in the *IAM Identity Center OIDC
228
+ # API Reference Guide*.
229
229
  #
230
230
  #
231
231
  #
data/lib/aws-sdk-sso.rb CHANGED
@@ -50,6 +50,6 @@ require_relative 'aws-sdk-sso/customizations'
50
50
  # @!group service
51
51
  module Aws::SSO
52
52
 
53
- GEM_VERSION = '3.131.1'
53
+ GEM_VERSION = '3.148.0'
54
54
 
55
55
  end