aws-sdk-core 3.131.1 → 3.168.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (76) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +244 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-core/arn.rb +13 -0
  5. data/lib/aws-sdk-core/binary/encode_handler.rb +12 -1
  6. data/lib/aws-sdk-core/endpoints/condition.rb +36 -0
  7. data/lib/aws-sdk-core/endpoints/endpoint.rb +17 -0
  8. data/lib/aws-sdk-core/endpoints/endpoint_rule.rb +71 -0
  9. data/lib/aws-sdk-core/endpoints/error_rule.rb +37 -0
  10. data/lib/aws-sdk-core/endpoints/function.rb +75 -0
  11. data/lib/aws-sdk-core/endpoints/matchers.rb +127 -0
  12. data/lib/aws-sdk-core/endpoints/reference.rb +26 -0
  13. data/lib/aws-sdk-core/endpoints/rule.rb +20 -0
  14. data/lib/aws-sdk-core/endpoints/rule_set.rb +47 -0
  15. data/lib/aws-sdk-core/endpoints/rules_provider.rb +32 -0
  16. data/lib/aws-sdk-core/endpoints/templater.rb +52 -0
  17. data/lib/aws-sdk-core/endpoints/tree_rule.rb +40 -0
  18. data/lib/aws-sdk-core/endpoints/url.rb +59 -0
  19. data/lib/aws-sdk-core/endpoints.rb +74 -0
  20. data/lib/aws-sdk-core/errors.rb +13 -0
  21. data/lib/aws-sdk-core/json/error_handler.rb +10 -1
  22. data/lib/aws-sdk-core/pageable_response.rb +7 -0
  23. data/lib/aws-sdk-core/plugins/bearer_authorization.rb +67 -0
  24. data/lib/aws-sdk-core/plugins/credentials_configuration.rb +24 -0
  25. data/lib/aws-sdk-core/plugins/endpoint_discovery.rb +6 -2
  26. data/lib/aws-sdk-core/plugins/jsonvalue_converter.rb +34 -6
  27. data/lib/aws-sdk-core/plugins/recursion_detection.rb +14 -3
  28. data/lib/aws-sdk-core/plugins/regional_endpoint.rb +5 -0
  29. data/lib/aws-sdk-core/plugins/sign.rb +190 -0
  30. data/lib/aws-sdk-core/plugins/signature_v2.rb +1 -0
  31. data/lib/aws-sdk-core/plugins/signature_v4.rb +13 -7
  32. data/lib/aws-sdk-core/refreshing_token.rb +71 -0
  33. data/lib/aws-sdk-core/rest/handler.rb +1 -1
  34. data/lib/aws-sdk-core/rest/request/headers.rb +2 -6
  35. data/lib/aws-sdk-core/shared_config.rb +76 -5
  36. data/lib/aws-sdk-core/sso_credentials.rb +79 -44
  37. data/lib/aws-sdk-core/sso_token_provider.rb +135 -0
  38. data/lib/aws-sdk-core/static_token_provider.rb +14 -0
  39. data/lib/aws-sdk-core/structure.rb +6 -4
  40. data/lib/aws-sdk-core/token.rb +31 -0
  41. data/lib/aws-sdk-core/token_provider.rb +15 -0
  42. data/lib/aws-sdk-core/token_provider_chain.rb +51 -0
  43. data/lib/aws-sdk-core/xml/error_handler.rb +7 -0
  44. data/lib/aws-sdk-core.rb +14 -0
  45. data/lib/aws-sdk-sso/client.rb +51 -11
  46. data/lib/aws-sdk-sso/endpoint_parameters.rb +66 -0
  47. data/lib/aws-sdk-sso/endpoint_provider.rb +112 -0
  48. data/lib/aws-sdk-sso/endpoints.rb +71 -0
  49. data/lib/aws-sdk-sso/plugins/endpoints.rb +76 -0
  50. data/lib/aws-sdk-sso/types.rb +8 -8
  51. data/lib/aws-sdk-sso.rb +5 -1
  52. data/lib/aws-sdk-ssooidc/client.rb +606 -0
  53. data/lib/aws-sdk-ssooidc/client_api.rb +216 -0
  54. data/lib/aws-sdk-ssooidc/customizations.rb +1 -0
  55. data/lib/aws-sdk-ssooidc/endpoint_parameters.rb +66 -0
  56. data/lib/aws-sdk-ssooidc/endpoint_provider.rb +111 -0
  57. data/lib/aws-sdk-ssooidc/endpoints.rb +57 -0
  58. data/lib/aws-sdk-ssooidc/errors.rb +290 -0
  59. data/lib/aws-sdk-ssooidc/plugins/endpoints.rb +74 -0
  60. data/lib/aws-sdk-ssooidc/resource.rb +26 -0
  61. data/lib/aws-sdk-ssooidc/types.rb +534 -0
  62. data/lib/aws-sdk-ssooidc.rb +59 -0
  63. data/lib/aws-sdk-sts/client.rb +141 -124
  64. data/lib/aws-sdk-sts/endpoint_parameters.rb +78 -0
  65. data/lib/aws-sdk-sts/endpoint_provider.rb +229 -0
  66. data/lib/aws-sdk-sts/endpoints.rb +135 -0
  67. data/lib/aws-sdk-sts/plugins/endpoints.rb +84 -0
  68. data/lib/aws-sdk-sts/presigner.rb +13 -15
  69. data/lib/aws-sdk-sts/types.rb +79 -69
  70. data/lib/aws-sdk-sts.rb +5 -1
  71. data/lib/seahorse/client/async_base.rb +0 -1
  72. data/lib/seahorse/client/configuration.rb +2 -2
  73. data/lib/seahorse/client/h2/connection.rb +2 -5
  74. data/lib/seahorse/client/plugins/request_callback.rb +9 -9
  75. data/lib/seahorse/util.rb +4 -0
  76. metadata +47 -6
@@ -0,0 +1,135 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ class SSOTokenProvider
5
+
6
+ include TokenProvider
7
+ include RefreshingToken
8
+
9
+ # @api private
10
+ SSO_REQUIRED_OPTS = [:sso_region, :sso_session].freeze
11
+
12
+ # @api private
13
+ SSO_LOGIN_GUIDANCE = 'The SSO session associated with this profile has '\
14
+ 'expired or is otherwise invalid. To refresh this SSO session run '\
15
+ 'aws sso login with the corresponding profile.'.freeze
16
+
17
+ # @option options [required, String] :sso_region The AWS region where the
18
+ # SSO directory for the given sso_start_url is hosted.
19
+ #
20
+ # @option options [required, String] :sso_session The SSO Session used to
21
+ # for fetching this token.
22
+ #
23
+ # @option options [SSOOIDC::Client] :client Optional `SSOOIDC::Client`. If not
24
+ # provided, a client will be constructed.
25
+ #
26
+ # @option options [Callable] before_refresh Proc called before
27
+ # credentials are refreshed. `before_refresh` is called
28
+ # with an instance of this object when
29
+ # AWS credentials are required and need to be refreshed.
30
+ def initialize(options = {})
31
+
32
+ missing_keys = SSO_REQUIRED_OPTS.select { |k| options[k].nil? }
33
+ unless missing_keys.empty?
34
+ raise ArgumentError, "Missing required keys: #{missing_keys}"
35
+ end
36
+
37
+ @sso_session = options.delete(:sso_session)
38
+ @sso_region = options.delete(:sso_region)
39
+
40
+ options[:region] = @sso_region
41
+ options[:credentials] = nil
42
+ options[:token_provider] = nil
43
+ @client = options[:client] || Aws::SSOOIDC::Client.new(options)
44
+
45
+ super
46
+ end
47
+
48
+ # @return [SSOOIDC::Client]
49
+ attr_reader :client
50
+
51
+ private
52
+
53
+ def refresh
54
+ # token is valid and not in refresh window - do not refresh it.
55
+ return if @token && @token.expiration && !near_expiration?
56
+
57
+ # token may not exist or is out of the expiration window
58
+ # attempt to refresh from disk first (another process/application may have refreshed already)
59
+ token_json = read_cached_token
60
+ @token = Token.new(token_json['accessToken'], token_json['expiresAt'])
61
+ return if @token && @token.expiration && !near_expiration?
62
+
63
+ # The token is expired and needs to be refreshed
64
+ if can_refresh_token?(token_json)
65
+ begin
66
+ current_time = Time.now
67
+ resp = @client.create_token(
68
+ grant_type: 'refresh_token',
69
+ client_id: token_json['clientId'],
70
+ client_secret: token_json['clientSecret'],
71
+ refresh_token: token_json['refreshToken']
72
+ )
73
+ token_json['accessToken'] = resp.access_token
74
+ token_json['expiresAt'] = current_time + resp.expires_in
75
+ @token = Token.new(token_json['accessToken'], token_json['expiresAt'])
76
+
77
+ if resp.refresh_token
78
+ token_json['refreshToken'] = resp.refresh_token
79
+ else
80
+ token_json.delete('refreshToken')
81
+ end
82
+
83
+ update_token_cache(token_json)
84
+ rescue
85
+ # refresh has failed, continue attempting to use the token if its not hard expired
86
+ end
87
+ end
88
+
89
+ if !@token.expiration || @token.expiration < Time.now
90
+ # Token is hard expired, raise an exception
91
+ raise Errors::InvalidSSOToken, 'Token is invalid and failed to refresh.'
92
+ end
93
+ end
94
+
95
+ def read_cached_token
96
+ cached_token = Json.load(File.read(sso_cache_file))
97
+ # validation
98
+ unless cached_token['accessToken'] && cached_token['expiresAt']
99
+ raise ArgumentError, 'Missing required field(s)'
100
+ end
101
+ cached_token['expiresAt'] = Time.parse(cached_token['expiresAt'])
102
+ cached_token
103
+ rescue Errno::ENOENT, Aws::Json::ParseError, ArgumentError
104
+ raise Errors::InvalidSSOToken, SSO_LOGIN_GUIDANCE
105
+ end
106
+
107
+ def update_token_cache(token_json)
108
+ cached_token = token_json.dup
109
+ cached_token['expiresAt'] = cached_token['expiresAt'].iso8601
110
+ File.write(sso_cache_file, Json.dump(cached_token))
111
+ end
112
+
113
+ def sso_cache_file
114
+ sso_session_sha1 = OpenSSL::Digest::SHA1.hexdigest(@sso_session.encode('utf-8'))
115
+ File.join(Dir.home, '.aws', 'sso', 'cache', "#{sso_session_sha1}.json")
116
+ rescue ArgumentError
117
+ # Dir.home raises ArgumentError when ENV['home'] is not set
118
+ raise ArgumentError, "Unable to load sso_cache_file: ENV['HOME'] is not set."
119
+ end
120
+
121
+ # return true if all required fields are present
122
+ # return false if registrationExpiresAt exists and is later than now
123
+ def can_refresh_token?(token_json)
124
+ if token_json['clientId'] &&
125
+ token_json['clientSecret'] &&
126
+ token_json['refreshToken']
127
+
128
+ return !token_json['registrationExpiresAt'] ||
129
+ Time.parse(token_json['registrationExpiresAt']) > Time.now
130
+ else
131
+ false
132
+ end
133
+ end
134
+ end
135
+ end
@@ -0,0 +1,14 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ class StaticTokenProvider
5
+
6
+ include TokenProvider
7
+
8
+ # @param [String] token
9
+ # @param [Time] expiration
10
+ def initialize(token, expiration=nil)
11
+ @token = Token.new(token, expiration)
12
+ end
13
+ end
14
+ end
@@ -28,18 +28,20 @@ module Aws
28
28
  # in stdlib Struct.
29
29
  #
30
30
  # @return [Hash]
31
- def to_h(obj = self)
31
+ def to_h(obj = self, options = {})
32
32
  case obj
33
33
  when Struct
34
34
  obj.each_pair.with_object({}) do |(member, value), hash|
35
- hash[member] = to_hash(value) unless value.nil?
35
+ member = member.to_s if options[:as_json]
36
+ hash[member] = to_hash(value, options) unless value.nil?
36
37
  end
37
38
  when Hash
38
39
  obj.each.with_object({}) do |(key, value), hash|
39
- hash[key] = to_hash(value)
40
+ key = key.to_s if options[:as_json]
41
+ hash[key] = to_hash(value, options)
40
42
  end
41
43
  when Array
42
- obj.collect { |value| to_hash(value) }
44
+ obj.collect { |value| to_hash(value, options) }
43
45
  else
44
46
  obj
45
47
  end
@@ -0,0 +1,31 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ class Token
5
+
6
+ # @param [String] token
7
+ # @param [Time] expiration
8
+ def initialize(token, expiration=nil)
9
+ @token = token
10
+ @expiration = expiration
11
+ end
12
+
13
+ # @return [String, nil]
14
+ attr_reader :token
15
+
16
+ # @return [Time, nil]
17
+ attr_reader :expiration
18
+
19
+ # @return [Boolean] Returns `true` if token is set
20
+ def set?
21
+ !token.nil? && !token.empty?
22
+ end
23
+
24
+ # Removing the token from the default inspect string.
25
+ # @api private
26
+ def inspect
27
+ "#<#{self.class.name} token=[FILTERED]> expiration=#{expiration}>"
28
+ end
29
+
30
+ end
31
+ end
@@ -0,0 +1,15 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ module TokenProvider
5
+
6
+ # @return [Token]
7
+ attr_reader :token
8
+
9
+ # @return [Boolean]
10
+ def set?
11
+ !!token && token.set?
12
+ end
13
+
14
+ end
15
+ end
@@ -0,0 +1,51 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ # @api private
5
+ class TokenProviderChain
6
+ def initialize(config = nil)
7
+ @config = config
8
+ end
9
+
10
+ # @return [TokenProvider, nil]
11
+ def resolve
12
+ providers.each do |method_name, options|
13
+ provider = send(method_name, options.merge(config: @config))
14
+ return provider if provider && provider.set?
15
+ end
16
+ nil
17
+ end
18
+
19
+ private
20
+
21
+ def providers
22
+ [
23
+ [:static_profile_sso_token, {}],
24
+ [:sso_token, {}]
25
+ ]
26
+ end
27
+
28
+ def static_profile_sso_token(options)
29
+ if Aws.shared_config.config_enabled? && options[:config] && options[:config].profile
30
+ Aws.shared_config.sso_token_from_config(
31
+ profile: options[:config].profile
32
+ )
33
+ end
34
+ end
35
+
36
+
37
+ def sso_token(options)
38
+ profile_name = determine_profile_name(options)
39
+ if Aws.shared_config.config_enabled?
40
+ Aws.shared_config.sso_token_from_config(profile: profile_name)
41
+ end
42
+ rescue Errors::NoSuchProfileError
43
+ nil
44
+ end
45
+
46
+ def determine_profile_name(options)
47
+ (options[:config] && options[:config].profile) || ENV['AWS_PROFILE'] || ENV['AWS_DEFAULT_PROFILE'] || 'default'
48
+ end
49
+
50
+ end
51
+ end
@@ -24,6 +24,7 @@ module Aws
24
24
  else
25
25
  code, message, data = extract_error(body, context)
26
26
  end
27
+ context[:request_id] = request_id(body)
27
28
  errors_module = context.client.class.errors_module
28
29
  error_class = errors_module.error_class(code).new(context, message, data)
29
30
  error_class
@@ -94,6 +95,12 @@ module Aws
94
95
  end
95
96
  end
96
97
 
98
+ def request_id(body)
99
+ if matches = body.match(/<RequestId>(.+?)<\/RequestId>/m)
100
+ matches[1]
101
+ end
102
+ end
103
+
97
104
  def unescape(str)
98
105
  CGI.unescapeHTML(str)
99
106
  end
data/lib/aws-sdk-core.rb CHANGED
@@ -20,6 +20,15 @@ require_relative 'aws-sdk-core/shared_credentials'
20
20
  require_relative 'aws-sdk-core/process_credentials'
21
21
  require_relative 'aws-sdk-core/sso_credentials'
22
22
 
23
+ # tokens and token providers
24
+ require_relative 'aws-sdk-core/token'
25
+ require_relative 'aws-sdk-core/token_provider'
26
+ require_relative 'aws-sdk-core/static_token_provider'
27
+ require_relative 'aws-sdk-core/refreshing_token'
28
+ require_relative 'aws-sdk-core/sso_token_provider'
29
+ require_relative 'aws-sdk-core/token_provider_chain'
30
+ require_relative 'aws-sdk-core/plugins/bearer_authorization'
31
+
23
32
  # client modules
24
33
 
25
34
  require_relative 'aws-sdk-core/client_stubs'
@@ -88,6 +97,10 @@ require_relative 'aws-sdk-core/arn'
88
97
  require_relative 'aws-sdk-core/arn_parser'
89
98
  require_relative 'aws-sdk-core/ec2_metadata'
90
99
 
100
+ # dynamic endpoints
101
+ require_relative 'aws-sdk-core/endpoints'
102
+ require_relative 'aws-sdk-core/plugins/signature_v4'
103
+
91
104
  # defaults
92
105
  require_relative 'aws-defaults'
93
106
 
@@ -99,6 +112,7 @@ require_relative 'aws-sdk-sts'
99
112
 
100
113
  # aws-sdk-sso is included to support Aws::SSOCredentials
101
114
  require_relative 'aws-sdk-sso'
115
+ require_relative 'aws-sdk-ssooidc'
102
116
 
103
117
  module Aws
104
118
 
@@ -30,7 +30,7 @@ require 'aws-sdk-core/plugins/http_checksum.rb'
30
30
  require 'aws-sdk-core/plugins/checksum_algorithm.rb'
31
31
  require 'aws-sdk-core/plugins/defaults_mode.rb'
32
32
  require 'aws-sdk-core/plugins/recursion_detection.rb'
33
- require 'aws-sdk-core/plugins/signature_v4.rb'
33
+ require 'aws-sdk-core/plugins/sign.rb'
34
34
  require 'aws-sdk-core/plugins/protocols/rest_json.rb'
35
35
 
36
36
  Aws::Plugins::GlobalConfiguration.add_identifier(:sso)
@@ -79,8 +79,9 @@ module Aws::SSO
79
79
  add_plugin(Aws::Plugins::ChecksumAlgorithm)
80
80
  add_plugin(Aws::Plugins::DefaultsMode)
81
81
  add_plugin(Aws::Plugins::RecursionDetection)
82
- add_plugin(Aws::Plugins::SignatureV4)
82
+ add_plugin(Aws::Plugins::Sign)
83
83
  add_plugin(Aws::Plugins::Protocols::RestJson)
84
+ add_plugin(Aws::SSO::Plugins::Endpoints)
84
85
 
85
86
  # @overload initialize(options)
86
87
  # @param [Hash] options
@@ -287,6 +288,19 @@ module Aws::SSO
287
288
  # ** Please note ** When response stubbing is enabled, no HTTP
288
289
  # requests are made, and retries are disabled.
289
290
  #
291
+ # @option options [Aws::TokenProvider] :token_provider
292
+ # A Bearer Token Provider. This can be an instance of any one of the
293
+ # following classes:
294
+ #
295
+ # * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
296
+ # tokens.
297
+ #
298
+ # * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
299
+ # access token generated from `aws login`.
300
+ #
301
+ # When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
302
+ # will be used to search for tokens configured for your profile in shared configuration files.
303
+ #
290
304
  # @option options [Boolean] :use_dualstack_endpoint
291
305
  # When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
292
306
  # will be used if available.
@@ -300,6 +314,9 @@ module Aws::SSO
300
314
  # When `true`, request parameters are validated before
301
315
  # sending the request.
302
316
  #
317
+ # @option options [Aws::SSO::EndpointProvider] :endpoint_provider
318
+ # The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::SSO::EndpointParameters`
319
+ #
303
320
  # @option options [URI::HTTP,String] :http_proxy A proxy to send
304
321
  # requests through. Formatted like 'http://proxy.com:123'.
305
322
  #
@@ -362,7 +379,8 @@ module Aws::SSO
362
379
  #
363
380
  # @option params [required, String] :access_token
364
381
  # The token issued by the `CreateToken` API call. For more information,
365
- # see [CreateToken][1] in the *AWS SSO OIDC API Reference Guide*.
382
+ # see [CreateToken][1] in the *IAM Identity Center OIDC API Reference
383
+ # Guide*.
366
384
  #
367
385
  #
368
386
  #
@@ -407,7 +425,8 @@ module Aws::SSO
407
425
  #
408
426
  # @option params [required, String] :access_token
409
427
  # The token issued by the `CreateToken` API call. For more information,
410
- # see [CreateToken][1] in the *AWS SSO OIDC API Reference Guide*.
428
+ # see [CreateToken][1] in the *IAM Identity Center OIDC API Reference
429
+ # Guide*.
411
430
  #
412
431
  #
413
432
  #
@@ -450,8 +469,8 @@ module Aws::SSO
450
469
 
451
470
  # Lists all AWS accounts assigned to the user. These AWS accounts are
452
471
  # assigned by the administrator of the account. For more information,
453
- # see [Assign User Access][1] in the *AWS SSO User Guide*. This
454
- # operation returns a paginated response.
472
+ # see [Assign User Access][1] in the *IAM Identity Center User Guide*.
473
+ # This operation returns a paginated response.
455
474
  #
456
475
  #
457
476
  #
@@ -466,7 +485,8 @@ module Aws::SSO
466
485
  #
467
486
  # @option params [required, String] :access_token
468
487
  # The token issued by the `CreateToken` API call. For more information,
469
- # see [CreateToken][1] in the *AWS SSO OIDC API Reference Guide*.
488
+ # see [CreateToken][1] in the *IAM Identity Center OIDC API Reference
489
+ # Guide*.
470
490
  #
471
491
  #
472
492
  #
@@ -504,12 +524,32 @@ module Aws::SSO
504
524
  req.send_request(options)
505
525
  end
506
526
 
507
- # Removes the client- and server-side session that is associated with
508
- # the user.
527
+ # Removes the locally stored SSO tokens from the client-side cache and
528
+ # sends an API call to the IAM Identity Center service to invalidate the
529
+ # corresponding server-side IAM Identity Center sign in session.
530
+ #
531
+ # <note markdown="1"> If a user uses IAM Identity Center to access the AWS CLI, the user’s
532
+ # IAM Identity Center sign in session is used to obtain an IAM session,
533
+ # as specified in the corresponding IAM Identity Center permission set.
534
+ # More specifically, IAM Identity Center assumes an IAM role in the
535
+ # target account on behalf of the user, and the corresponding temporary
536
+ # AWS credentials are returned to the client.
537
+ #
538
+ # After user logout, any existing IAM role sessions that were created by
539
+ # using IAM Identity Center permission sets continue based on the
540
+ # duration configured in the permission set. For more information, see
541
+ # [User authentications][1] in the *IAM Identity Center User Guide*.
542
+ #
543
+ # </note>
544
+ #
545
+ #
546
+ #
547
+ # [1]: https://docs.aws.amazon.com/singlesignon/latest/userguide/authconcept.html
509
548
  #
510
549
  # @option params [required, String] :access_token
511
550
  # The token issued by the `CreateToken` API call. For more information,
512
- # see [CreateToken][1] in the *AWS SSO OIDC API Reference Guide*.
551
+ # see [CreateToken][1] in the *IAM Identity Center OIDC API Reference
552
+ # Guide*.
513
553
  #
514
554
  #
515
555
  #
@@ -545,7 +585,7 @@ module Aws::SSO
545
585
  params: params,
546
586
  config: config)
547
587
  context[:gem_name] = 'aws-sdk-core'
548
- context[:gem_version] = '3.131.1'
588
+ context[:gem_version] = '3.168.1'
549
589
  Seahorse::Client::Request.new(handlers, context)
550
590
  end
551
591
 
@@ -0,0 +1,66 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+ module Aws::SSO
11
+ # Endpoint parameters used to influence endpoints per request.
12
+ #
13
+ # @!attribute region
14
+ # The AWS region used to dispatch the request.
15
+ #
16
+ # @return [String]
17
+ #
18
+ # @!attribute use_dual_stack
19
+ # When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.
20
+ #
21
+ # @return [Boolean]
22
+ #
23
+ # @!attribute use_fips
24
+ # When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.
25
+ #
26
+ # @return [Boolean]
27
+ #
28
+ # @!attribute endpoint
29
+ # Override the endpoint used to send this request
30
+ #
31
+ # @return [String]
32
+ #
33
+ EndpointParameters = Struct.new(
34
+ :region,
35
+ :use_dual_stack,
36
+ :use_fips,
37
+ :endpoint,
38
+ ) do
39
+ include Aws::Structure
40
+
41
+ # @api private
42
+ class << self
43
+ PARAM_MAP = {
44
+ 'Region' => :region,
45
+ 'UseDualStack' => :use_dual_stack,
46
+ 'UseFIPS' => :use_fips,
47
+ 'Endpoint' => :endpoint,
48
+ }.freeze
49
+ end
50
+
51
+ def initialize(options = {})
52
+ self[:region] = options[:region]
53
+ self[:use_dual_stack] = options[:use_dual_stack]
54
+ self[:use_dual_stack] = false if self[:use_dual_stack].nil?
55
+ if self[:use_dual_stack].nil?
56
+ raise ArgumentError, "Missing required EndpointParameter: :use_dual_stack"
57
+ end
58
+ self[:use_fips] = options[:use_fips]
59
+ self[:use_fips] = false if self[:use_fips].nil?
60
+ if self[:use_fips].nil?
61
+ raise ArgumentError, "Missing required EndpointParameter: :use_fips"
62
+ end
63
+ self[:endpoint] = options[:endpoint]
64
+ end
65
+ end
66
+ end
@@ -0,0 +1,112 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+ module Aws::SSO
11
+ class EndpointProvider
12
+ def initialize(rule_set = nil)
13
+ @@rule_set ||= begin
14
+ endpoint_rules = Aws::Json.load(Base64.decode64(RULES))
15
+ Aws::Endpoints::RuleSet.new(
16
+ version: endpoint_rules['version'],
17
+ service_id: endpoint_rules['serviceId'],
18
+ parameters: endpoint_rules['parameters'],
19
+ rules: endpoint_rules['rules']
20
+ )
21
+ end
22
+ @provider = Aws::Endpoints::RulesProvider.new(rule_set || @@rule_set)
23
+ end
24
+
25
+ def resolve_endpoint(parameters)
26
+ @provider.resolve_endpoint(parameters)
27
+ end
28
+
29
+ # @api private
30
+ RULES = <<-JSON
31
+ eyJ2ZXJzaW9uIjoiMS4wIiwicGFyYW1ldGVycyI6eyJSZWdpb24iOnsiYnVp
32
+ bHRJbiI6IkFXUzo6UmVnaW9uIiwicmVxdWlyZWQiOmZhbHNlLCJkb2N1bWVu
33
+ dGF0aW9uIjoiVGhlIEFXUyByZWdpb24gdXNlZCB0byBkaXNwYXRjaCB0aGUg
34
+ cmVxdWVzdC4iLCJ0eXBlIjoiU3RyaW5nIn0sIlVzZUR1YWxTdGFjayI6eyJi
35
+ dWlsdEluIjoiQVdTOjpVc2VEdWFsU3RhY2siLCJyZXF1aXJlZCI6dHJ1ZSwi
36
+ ZGVmYXVsdCI6ZmFsc2UsImRvY3VtZW50YXRpb24iOiJXaGVuIHRydWUsIHVz
37
+ ZSB0aGUgZHVhbC1zdGFjayBlbmRwb2ludC4gSWYgdGhlIGNvbmZpZ3VyZWQg
38
+ ZW5kcG9pbnQgZG9lcyBub3Qgc3VwcG9ydCBkdWFsLXN0YWNrLCBkaXNwYXRj
39
+ aGluZyB0aGUgcmVxdWVzdCBNQVkgcmV0dXJuIGFuIGVycm9yLiIsInR5cGUi
40
+ OiJCb29sZWFuIn0sIlVzZUZJUFMiOnsiYnVpbHRJbiI6IkFXUzo6VXNlRklQ
41
+ UyIsInJlcXVpcmVkIjp0cnVlLCJkZWZhdWx0IjpmYWxzZSwiZG9jdW1lbnRh
42
+ dGlvbiI6IldoZW4gdHJ1ZSwgc2VuZCB0aGlzIHJlcXVlc3QgdG8gdGhlIEZJ
43
+ UFMtY29tcGxpYW50IHJlZ2lvbmFsIGVuZHBvaW50LiBJZiB0aGUgY29uZmln
44
+ dXJlZCBlbmRwb2ludCBkb2VzIG5vdCBoYXZlIGEgRklQUyBjb21wbGlhbnQg
45
+ ZW5kcG9pbnQsIGRpc3BhdGNoaW5nIHRoZSByZXF1ZXN0IHdpbGwgcmV0dXJu
46
+ IGFuIGVycm9yLiIsInR5cGUiOiJCb29sZWFuIn0sIkVuZHBvaW50Ijp7ImJ1
47
+ aWx0SW4iOiJTREs6OkVuZHBvaW50IiwicmVxdWlyZWQiOmZhbHNlLCJkb2N1
48
+ bWVudGF0aW9uIjoiT3ZlcnJpZGUgdGhlIGVuZHBvaW50IHVzZWQgdG8gc2Vu
49
+ ZCB0aGlzIHJlcXVlc3QiLCJ0eXBlIjoiU3RyaW5nIn19LCJydWxlcyI6W3si
50
+ Y29uZGl0aW9ucyI6W3siZm4iOiJhd3MucGFydGl0aW9uIiwiYXJndiI6W3si
51
+ cmVmIjoiUmVnaW9uIn1dLCJhc3NpZ24iOiJQYXJ0aXRpb25SZXN1bHQifV0s
52
+ InR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOlt7ImZuIjoi
53
+ aXNTZXQiLCJhcmd2IjpbeyJyZWYiOiJFbmRwb2ludCJ9XX0seyJmbiI6InBh
54
+ cnNlVVJMIiwiYXJndiI6W3sicmVmIjoiRW5kcG9pbnQifV0sImFzc2lnbiI6
55
+ InVybCJ9XSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0aW9ucyI6
56
+ W3siZm4iOiJib29sZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoiVXNlRklQ
57
+ UyJ9LHRydWVdfV0sImVycm9yIjoiSW52YWxpZCBDb25maWd1cmF0aW9uOiBG
58
+ SVBTIGFuZCBjdXN0b20gZW5kcG9pbnQgYXJlIG5vdCBzdXBwb3J0ZWQiLCJ0
59
+ eXBlIjoiZXJyb3IifSx7ImNvbmRpdGlvbnMiOltdLCJ0eXBlIjoidHJlZSIs
60
+ InJ1bGVzIjpbeyJjb25kaXRpb25zIjpbeyJmbiI6ImJvb2xlYW5FcXVhbHMi
61
+ LCJhcmd2IjpbeyJyZWYiOiJVc2VEdWFsU3RhY2sifSx0cnVlXX1dLCJlcnJv
62
+ ciI6IkludmFsaWQgQ29uZmlndXJhdGlvbjogRHVhbHN0YWNrIGFuZCBjdXN0
63
+ b20gZW5kcG9pbnQgYXJlIG5vdCBzdXBwb3J0ZWQiLCJ0eXBlIjoiZXJyb3Ii
64
+ fSx7ImNvbmRpdGlvbnMiOltdLCJlbmRwb2ludCI6eyJ1cmwiOnsicmVmIjoi
65
+ RW5kcG9pbnQifSwicHJvcGVydGllcyI6e30sImhlYWRlcnMiOnt9fSwidHlw
66
+ ZSI6ImVuZHBvaW50In1dfV19LHsiY29uZGl0aW9ucyI6W3siZm4iOiJib29s
67
+ ZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoiVXNlRklQUyJ9LHRydWVdfSx7
68
+ ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt7InJlZiI6IlVzZUR1YWxT
69
+ dGFjayJ9LHRydWVdfV0sInR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRp
70
+ dGlvbnMiOlt7ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt0cnVlLHsi
71
+ Zm4iOiJnZXRBdHRyIiwiYXJndiI6W3sicmVmIjoiUGFydGl0aW9uUmVzdWx0
72
+ In0sInN1cHBvcnRzRklQUyJdfV19LHsiZm4iOiJib29sZWFuRXF1YWxzIiwi
73
+ YXJndiI6W3RydWUseyJmbiI6ImdldEF0dHIiLCJhcmd2IjpbeyJyZWYiOiJQ
74
+ YXJ0aXRpb25SZXN1bHQifSwic3VwcG9ydHNEdWFsU3RhY2siXX1dfV0sInR5
75
+ cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOltdLCJlbmRwb2lu
76
+ dCI6eyJ1cmwiOiJodHRwczovL3BvcnRhbC5zc28tZmlwcy57UmVnaW9ufS57
77
+ UGFydGl0aW9uUmVzdWx0I2R1YWxTdGFja0Ruc1N1ZmZpeH0iLCJwcm9wZXJ0
78
+ aWVzIjp7fSwiaGVhZGVycyI6e319LCJ0eXBlIjoiZW5kcG9pbnQifV19LHsi
79
+ Y29uZGl0aW9ucyI6W10sImVycm9yIjoiRklQUyBhbmQgRHVhbFN0YWNrIGFy
80
+ ZSBlbmFibGVkLCBidXQgdGhpcyBwYXJ0aXRpb24gZG9lcyBub3Qgc3VwcG9y
81
+ dCBvbmUgb3IgYm90aCIsInR5cGUiOiJlcnJvciJ9XX0seyJjb25kaXRpb25z
82
+ IjpbeyJmbiI6ImJvb2xlYW5FcXVhbHMiLCJhcmd2IjpbeyJyZWYiOiJVc2VG
83
+ SVBTIn0sdHJ1ZV19XSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0
84
+ aW9ucyI6W3siZm4iOiJib29sZWFuRXF1YWxzIiwiYXJndiI6W3RydWUseyJm
85
+ biI6ImdldEF0dHIiLCJhcmd2IjpbeyJyZWYiOiJQYXJ0aXRpb25SZXN1bHQi
86
+ fSwic3VwcG9ydHNGSVBTIl19XX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpb
87
+ eyJjb25kaXRpb25zIjpbXSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29u
88
+ ZGl0aW9ucyI6W10sImVuZHBvaW50Ijp7InVybCI6Imh0dHBzOi8vcG9ydGFs
89
+ LnNzby1maXBzLntSZWdpb259LntQYXJ0aXRpb25SZXN1bHQjZG5zU3VmZml4
90
+ fSIsInByb3BlcnRpZXMiOnt9LCJoZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRw
91
+ b2ludCJ9XX1dfSx7ImNvbmRpdGlvbnMiOltdLCJlcnJvciI6IkZJUFMgaXMg
92
+ ZW5hYmxlZCBidXQgdGhpcyBwYXJ0aXRpb24gZG9lcyBub3Qgc3VwcG9ydCBG
93
+ SVBTIiwidHlwZSI6ImVycm9yIn1dfSx7ImNvbmRpdGlvbnMiOlt7ImZuIjoi
94
+ Ym9vbGVhbkVxdWFscyIsImFyZ3YiOlt7InJlZiI6IlVzZUR1YWxTdGFjayJ9
95
+ LHRydWVdfV0sInR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMi
96
+ Olt7ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt0cnVlLHsiZm4iOiJn
97
+ ZXRBdHRyIiwiYXJndiI6W3sicmVmIjoiUGFydGl0aW9uUmVzdWx0In0sInN1
98
+ cHBvcnRzRHVhbFN0YWNrIl19XX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpb
99
+ eyJjb25kaXRpb25zIjpbXSwiZW5kcG9pbnQiOnsidXJsIjoiaHR0cHM6Ly9w
100
+ b3J0YWwuc3NvLntSZWdpb259LntQYXJ0aXRpb25SZXN1bHQjZHVhbFN0YWNr
101
+ RG5zU3VmZml4fSIsInByb3BlcnRpZXMiOnt9LCJoZWFkZXJzIjp7fX0sInR5
102
+ cGUiOiJlbmRwb2ludCJ9XX0seyJjb25kaXRpb25zIjpbXSwiZXJyb3IiOiJE
103
+ dWFsU3RhY2sgaXMgZW5hYmxlZCBidXQgdGhpcyBwYXJ0aXRpb24gZG9lcyBu
104
+ b3Qgc3VwcG9ydCBEdWFsU3RhY2siLCJ0eXBlIjoiZXJyb3IifV19LHsiY29u
105
+ ZGl0aW9ucyI6W10sImVuZHBvaW50Ijp7InVybCI6Imh0dHBzOi8vcG9ydGFs
106
+ LnNzby57UmVnaW9ufS57UGFydGl0aW9uUmVzdWx0I2Ruc1N1ZmZpeH0iLCJw
107
+ cm9wZXJ0aWVzIjp7fSwiaGVhZGVycyI6e319LCJ0eXBlIjoiZW5kcG9pbnQi
108
+ fV19XX0=
109
+
110
+ JSON
111
+ end
112
+ end