aws-sdk-core 3.131.1 → 3.168.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (76) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +244 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-core/arn.rb +13 -0
  5. data/lib/aws-sdk-core/binary/encode_handler.rb +12 -1
  6. data/lib/aws-sdk-core/endpoints/condition.rb +36 -0
  7. data/lib/aws-sdk-core/endpoints/endpoint.rb +17 -0
  8. data/lib/aws-sdk-core/endpoints/endpoint_rule.rb +71 -0
  9. data/lib/aws-sdk-core/endpoints/error_rule.rb +37 -0
  10. data/lib/aws-sdk-core/endpoints/function.rb +75 -0
  11. data/lib/aws-sdk-core/endpoints/matchers.rb +127 -0
  12. data/lib/aws-sdk-core/endpoints/reference.rb +26 -0
  13. data/lib/aws-sdk-core/endpoints/rule.rb +20 -0
  14. data/lib/aws-sdk-core/endpoints/rule_set.rb +47 -0
  15. data/lib/aws-sdk-core/endpoints/rules_provider.rb +32 -0
  16. data/lib/aws-sdk-core/endpoints/templater.rb +52 -0
  17. data/lib/aws-sdk-core/endpoints/tree_rule.rb +40 -0
  18. data/lib/aws-sdk-core/endpoints/url.rb +59 -0
  19. data/lib/aws-sdk-core/endpoints.rb +74 -0
  20. data/lib/aws-sdk-core/errors.rb +13 -0
  21. data/lib/aws-sdk-core/json/error_handler.rb +10 -1
  22. data/lib/aws-sdk-core/pageable_response.rb +7 -0
  23. data/lib/aws-sdk-core/plugins/bearer_authorization.rb +67 -0
  24. data/lib/aws-sdk-core/plugins/credentials_configuration.rb +24 -0
  25. data/lib/aws-sdk-core/plugins/endpoint_discovery.rb +6 -2
  26. data/lib/aws-sdk-core/plugins/jsonvalue_converter.rb +34 -6
  27. data/lib/aws-sdk-core/plugins/recursion_detection.rb +14 -3
  28. data/lib/aws-sdk-core/plugins/regional_endpoint.rb +5 -0
  29. data/lib/aws-sdk-core/plugins/sign.rb +190 -0
  30. data/lib/aws-sdk-core/plugins/signature_v2.rb +1 -0
  31. data/lib/aws-sdk-core/plugins/signature_v4.rb +13 -7
  32. data/lib/aws-sdk-core/refreshing_token.rb +71 -0
  33. data/lib/aws-sdk-core/rest/handler.rb +1 -1
  34. data/lib/aws-sdk-core/rest/request/headers.rb +2 -6
  35. data/lib/aws-sdk-core/shared_config.rb +76 -5
  36. data/lib/aws-sdk-core/sso_credentials.rb +79 -44
  37. data/lib/aws-sdk-core/sso_token_provider.rb +135 -0
  38. data/lib/aws-sdk-core/static_token_provider.rb +14 -0
  39. data/lib/aws-sdk-core/structure.rb +6 -4
  40. data/lib/aws-sdk-core/token.rb +31 -0
  41. data/lib/aws-sdk-core/token_provider.rb +15 -0
  42. data/lib/aws-sdk-core/token_provider_chain.rb +51 -0
  43. data/lib/aws-sdk-core/xml/error_handler.rb +7 -0
  44. data/lib/aws-sdk-core.rb +14 -0
  45. data/lib/aws-sdk-sso/client.rb +51 -11
  46. data/lib/aws-sdk-sso/endpoint_parameters.rb +66 -0
  47. data/lib/aws-sdk-sso/endpoint_provider.rb +112 -0
  48. data/lib/aws-sdk-sso/endpoints.rb +71 -0
  49. data/lib/aws-sdk-sso/plugins/endpoints.rb +76 -0
  50. data/lib/aws-sdk-sso/types.rb +8 -8
  51. data/lib/aws-sdk-sso.rb +5 -1
  52. data/lib/aws-sdk-ssooidc/client.rb +606 -0
  53. data/lib/aws-sdk-ssooidc/client_api.rb +216 -0
  54. data/lib/aws-sdk-ssooidc/customizations.rb +1 -0
  55. data/lib/aws-sdk-ssooidc/endpoint_parameters.rb +66 -0
  56. data/lib/aws-sdk-ssooidc/endpoint_provider.rb +111 -0
  57. data/lib/aws-sdk-ssooidc/endpoints.rb +57 -0
  58. data/lib/aws-sdk-ssooidc/errors.rb +290 -0
  59. data/lib/aws-sdk-ssooidc/plugins/endpoints.rb +74 -0
  60. data/lib/aws-sdk-ssooidc/resource.rb +26 -0
  61. data/lib/aws-sdk-ssooidc/types.rb +534 -0
  62. data/lib/aws-sdk-ssooidc.rb +59 -0
  63. data/lib/aws-sdk-sts/client.rb +141 -124
  64. data/lib/aws-sdk-sts/endpoint_parameters.rb +78 -0
  65. data/lib/aws-sdk-sts/endpoint_provider.rb +229 -0
  66. data/lib/aws-sdk-sts/endpoints.rb +135 -0
  67. data/lib/aws-sdk-sts/plugins/endpoints.rb +84 -0
  68. data/lib/aws-sdk-sts/presigner.rb +13 -15
  69. data/lib/aws-sdk-sts/types.rb +79 -69
  70. data/lib/aws-sdk-sts.rb +5 -1
  71. data/lib/seahorse/client/async_base.rb +0 -1
  72. data/lib/seahorse/client/configuration.rb +2 -2
  73. data/lib/seahorse/client/h2/connection.rb +2 -5
  74. data/lib/seahorse/client/plugins/request_callback.rb +9 -9
  75. data/lib/seahorse/util.rb +4 -0
  76. metadata +47 -6
@@ -0,0 +1,135 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ class SSOTokenProvider
5
+
6
+ include TokenProvider
7
+ include RefreshingToken
8
+
9
+ # @api private
10
+ SSO_REQUIRED_OPTS = [:sso_region, :sso_session].freeze
11
+
12
+ # @api private
13
+ SSO_LOGIN_GUIDANCE = 'The SSO session associated with this profile has '\
14
+ 'expired or is otherwise invalid. To refresh this SSO session run '\
15
+ 'aws sso login with the corresponding profile.'.freeze
16
+
17
+ # @option options [required, String] :sso_region The AWS region where the
18
+ # SSO directory for the given sso_start_url is hosted.
19
+ #
20
+ # @option options [required, String] :sso_session The SSO Session used to
21
+ # for fetching this token.
22
+ #
23
+ # @option options [SSOOIDC::Client] :client Optional `SSOOIDC::Client`. If not
24
+ # provided, a client will be constructed.
25
+ #
26
+ # @option options [Callable] before_refresh Proc called before
27
+ # credentials are refreshed. `before_refresh` is called
28
+ # with an instance of this object when
29
+ # AWS credentials are required and need to be refreshed.
30
+ def initialize(options = {})
31
+
32
+ missing_keys = SSO_REQUIRED_OPTS.select { |k| options[k].nil? }
33
+ unless missing_keys.empty?
34
+ raise ArgumentError, "Missing required keys: #{missing_keys}"
35
+ end
36
+
37
+ @sso_session = options.delete(:sso_session)
38
+ @sso_region = options.delete(:sso_region)
39
+
40
+ options[:region] = @sso_region
41
+ options[:credentials] = nil
42
+ options[:token_provider] = nil
43
+ @client = options[:client] || Aws::SSOOIDC::Client.new(options)
44
+
45
+ super
46
+ end
47
+
48
+ # @return [SSOOIDC::Client]
49
+ attr_reader :client
50
+
51
+ private
52
+
53
+ def refresh
54
+ # token is valid and not in refresh window - do not refresh it.
55
+ return if @token && @token.expiration && !near_expiration?
56
+
57
+ # token may not exist or is out of the expiration window
58
+ # attempt to refresh from disk first (another process/application may have refreshed already)
59
+ token_json = read_cached_token
60
+ @token = Token.new(token_json['accessToken'], token_json['expiresAt'])
61
+ return if @token && @token.expiration && !near_expiration?
62
+
63
+ # The token is expired and needs to be refreshed
64
+ if can_refresh_token?(token_json)
65
+ begin
66
+ current_time = Time.now
67
+ resp = @client.create_token(
68
+ grant_type: 'refresh_token',
69
+ client_id: token_json['clientId'],
70
+ client_secret: token_json['clientSecret'],
71
+ refresh_token: token_json['refreshToken']
72
+ )
73
+ token_json['accessToken'] = resp.access_token
74
+ token_json['expiresAt'] = current_time + resp.expires_in
75
+ @token = Token.new(token_json['accessToken'], token_json['expiresAt'])
76
+
77
+ if resp.refresh_token
78
+ token_json['refreshToken'] = resp.refresh_token
79
+ else
80
+ token_json.delete('refreshToken')
81
+ end
82
+
83
+ update_token_cache(token_json)
84
+ rescue
85
+ # refresh has failed, continue attempting to use the token if its not hard expired
86
+ end
87
+ end
88
+
89
+ if !@token.expiration || @token.expiration < Time.now
90
+ # Token is hard expired, raise an exception
91
+ raise Errors::InvalidSSOToken, 'Token is invalid and failed to refresh.'
92
+ end
93
+ end
94
+
95
+ def read_cached_token
96
+ cached_token = Json.load(File.read(sso_cache_file))
97
+ # validation
98
+ unless cached_token['accessToken'] && cached_token['expiresAt']
99
+ raise ArgumentError, 'Missing required field(s)'
100
+ end
101
+ cached_token['expiresAt'] = Time.parse(cached_token['expiresAt'])
102
+ cached_token
103
+ rescue Errno::ENOENT, Aws::Json::ParseError, ArgumentError
104
+ raise Errors::InvalidSSOToken, SSO_LOGIN_GUIDANCE
105
+ end
106
+
107
+ def update_token_cache(token_json)
108
+ cached_token = token_json.dup
109
+ cached_token['expiresAt'] = cached_token['expiresAt'].iso8601
110
+ File.write(sso_cache_file, Json.dump(cached_token))
111
+ end
112
+
113
+ def sso_cache_file
114
+ sso_session_sha1 = OpenSSL::Digest::SHA1.hexdigest(@sso_session.encode('utf-8'))
115
+ File.join(Dir.home, '.aws', 'sso', 'cache', "#{sso_session_sha1}.json")
116
+ rescue ArgumentError
117
+ # Dir.home raises ArgumentError when ENV['home'] is not set
118
+ raise ArgumentError, "Unable to load sso_cache_file: ENV['HOME'] is not set."
119
+ end
120
+
121
+ # return true if all required fields are present
122
+ # return false if registrationExpiresAt exists and is later than now
123
+ def can_refresh_token?(token_json)
124
+ if token_json['clientId'] &&
125
+ token_json['clientSecret'] &&
126
+ token_json['refreshToken']
127
+
128
+ return !token_json['registrationExpiresAt'] ||
129
+ Time.parse(token_json['registrationExpiresAt']) > Time.now
130
+ else
131
+ false
132
+ end
133
+ end
134
+ end
135
+ end
@@ -0,0 +1,14 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ class StaticTokenProvider
5
+
6
+ include TokenProvider
7
+
8
+ # @param [String] token
9
+ # @param [Time] expiration
10
+ def initialize(token, expiration=nil)
11
+ @token = Token.new(token, expiration)
12
+ end
13
+ end
14
+ end
@@ -28,18 +28,20 @@ module Aws
28
28
  # in stdlib Struct.
29
29
  #
30
30
  # @return [Hash]
31
- def to_h(obj = self)
31
+ def to_h(obj = self, options = {})
32
32
  case obj
33
33
  when Struct
34
34
  obj.each_pair.with_object({}) do |(member, value), hash|
35
- hash[member] = to_hash(value) unless value.nil?
35
+ member = member.to_s if options[:as_json]
36
+ hash[member] = to_hash(value, options) unless value.nil?
36
37
  end
37
38
  when Hash
38
39
  obj.each.with_object({}) do |(key, value), hash|
39
- hash[key] = to_hash(value)
40
+ key = key.to_s if options[:as_json]
41
+ hash[key] = to_hash(value, options)
40
42
  end
41
43
  when Array
42
- obj.collect { |value| to_hash(value) }
44
+ obj.collect { |value| to_hash(value, options) }
43
45
  else
44
46
  obj
45
47
  end
@@ -0,0 +1,31 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ class Token
5
+
6
+ # @param [String] token
7
+ # @param [Time] expiration
8
+ def initialize(token, expiration=nil)
9
+ @token = token
10
+ @expiration = expiration
11
+ end
12
+
13
+ # @return [String, nil]
14
+ attr_reader :token
15
+
16
+ # @return [Time, nil]
17
+ attr_reader :expiration
18
+
19
+ # @return [Boolean] Returns `true` if token is set
20
+ def set?
21
+ !token.nil? && !token.empty?
22
+ end
23
+
24
+ # Removing the token from the default inspect string.
25
+ # @api private
26
+ def inspect
27
+ "#<#{self.class.name} token=[FILTERED]> expiration=#{expiration}>"
28
+ end
29
+
30
+ end
31
+ end
@@ -0,0 +1,15 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ module TokenProvider
5
+
6
+ # @return [Token]
7
+ attr_reader :token
8
+
9
+ # @return [Boolean]
10
+ def set?
11
+ !!token && token.set?
12
+ end
13
+
14
+ end
15
+ end
@@ -0,0 +1,51 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ # @api private
5
+ class TokenProviderChain
6
+ def initialize(config = nil)
7
+ @config = config
8
+ end
9
+
10
+ # @return [TokenProvider, nil]
11
+ def resolve
12
+ providers.each do |method_name, options|
13
+ provider = send(method_name, options.merge(config: @config))
14
+ return provider if provider && provider.set?
15
+ end
16
+ nil
17
+ end
18
+
19
+ private
20
+
21
+ def providers
22
+ [
23
+ [:static_profile_sso_token, {}],
24
+ [:sso_token, {}]
25
+ ]
26
+ end
27
+
28
+ def static_profile_sso_token(options)
29
+ if Aws.shared_config.config_enabled? && options[:config] && options[:config].profile
30
+ Aws.shared_config.sso_token_from_config(
31
+ profile: options[:config].profile
32
+ )
33
+ end
34
+ end
35
+
36
+
37
+ def sso_token(options)
38
+ profile_name = determine_profile_name(options)
39
+ if Aws.shared_config.config_enabled?
40
+ Aws.shared_config.sso_token_from_config(profile: profile_name)
41
+ end
42
+ rescue Errors::NoSuchProfileError
43
+ nil
44
+ end
45
+
46
+ def determine_profile_name(options)
47
+ (options[:config] && options[:config].profile) || ENV['AWS_PROFILE'] || ENV['AWS_DEFAULT_PROFILE'] || 'default'
48
+ end
49
+
50
+ end
51
+ end
@@ -24,6 +24,7 @@ module Aws
24
24
  else
25
25
  code, message, data = extract_error(body, context)
26
26
  end
27
+ context[:request_id] = request_id(body)
27
28
  errors_module = context.client.class.errors_module
28
29
  error_class = errors_module.error_class(code).new(context, message, data)
29
30
  error_class
@@ -94,6 +95,12 @@ module Aws
94
95
  end
95
96
  end
96
97
 
98
+ def request_id(body)
99
+ if matches = body.match(/<RequestId>(.+?)<\/RequestId>/m)
100
+ matches[1]
101
+ end
102
+ end
103
+
97
104
  def unescape(str)
98
105
  CGI.unescapeHTML(str)
99
106
  end
data/lib/aws-sdk-core.rb CHANGED
@@ -20,6 +20,15 @@ require_relative 'aws-sdk-core/shared_credentials'
20
20
  require_relative 'aws-sdk-core/process_credentials'
21
21
  require_relative 'aws-sdk-core/sso_credentials'
22
22
 
23
+ # tokens and token providers
24
+ require_relative 'aws-sdk-core/token'
25
+ require_relative 'aws-sdk-core/token_provider'
26
+ require_relative 'aws-sdk-core/static_token_provider'
27
+ require_relative 'aws-sdk-core/refreshing_token'
28
+ require_relative 'aws-sdk-core/sso_token_provider'
29
+ require_relative 'aws-sdk-core/token_provider_chain'
30
+ require_relative 'aws-sdk-core/plugins/bearer_authorization'
31
+
23
32
  # client modules
24
33
 
25
34
  require_relative 'aws-sdk-core/client_stubs'
@@ -88,6 +97,10 @@ require_relative 'aws-sdk-core/arn'
88
97
  require_relative 'aws-sdk-core/arn_parser'
89
98
  require_relative 'aws-sdk-core/ec2_metadata'
90
99
 
100
+ # dynamic endpoints
101
+ require_relative 'aws-sdk-core/endpoints'
102
+ require_relative 'aws-sdk-core/plugins/signature_v4'
103
+
91
104
  # defaults
92
105
  require_relative 'aws-defaults'
93
106
 
@@ -99,6 +112,7 @@ require_relative 'aws-sdk-sts'
99
112
 
100
113
  # aws-sdk-sso is included to support Aws::SSOCredentials
101
114
  require_relative 'aws-sdk-sso'
115
+ require_relative 'aws-sdk-ssooidc'
102
116
 
103
117
  module Aws
104
118
 
@@ -30,7 +30,7 @@ require 'aws-sdk-core/plugins/http_checksum.rb'
30
30
  require 'aws-sdk-core/plugins/checksum_algorithm.rb'
31
31
  require 'aws-sdk-core/plugins/defaults_mode.rb'
32
32
  require 'aws-sdk-core/plugins/recursion_detection.rb'
33
- require 'aws-sdk-core/plugins/signature_v4.rb'
33
+ require 'aws-sdk-core/plugins/sign.rb'
34
34
  require 'aws-sdk-core/plugins/protocols/rest_json.rb'
35
35
 
36
36
  Aws::Plugins::GlobalConfiguration.add_identifier(:sso)
@@ -79,8 +79,9 @@ module Aws::SSO
79
79
  add_plugin(Aws::Plugins::ChecksumAlgorithm)
80
80
  add_plugin(Aws::Plugins::DefaultsMode)
81
81
  add_plugin(Aws::Plugins::RecursionDetection)
82
- add_plugin(Aws::Plugins::SignatureV4)
82
+ add_plugin(Aws::Plugins::Sign)
83
83
  add_plugin(Aws::Plugins::Protocols::RestJson)
84
+ add_plugin(Aws::SSO::Plugins::Endpoints)
84
85
 
85
86
  # @overload initialize(options)
86
87
  # @param [Hash] options
@@ -287,6 +288,19 @@ module Aws::SSO
287
288
  # ** Please note ** When response stubbing is enabled, no HTTP
288
289
  # requests are made, and retries are disabled.
289
290
  #
291
+ # @option options [Aws::TokenProvider] :token_provider
292
+ # A Bearer Token Provider. This can be an instance of any one of the
293
+ # following classes:
294
+ #
295
+ # * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
296
+ # tokens.
297
+ #
298
+ # * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
299
+ # access token generated from `aws login`.
300
+ #
301
+ # When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
302
+ # will be used to search for tokens configured for your profile in shared configuration files.
303
+ #
290
304
  # @option options [Boolean] :use_dualstack_endpoint
291
305
  # When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
292
306
  # will be used if available.
@@ -300,6 +314,9 @@ module Aws::SSO
300
314
  # When `true`, request parameters are validated before
301
315
  # sending the request.
302
316
  #
317
+ # @option options [Aws::SSO::EndpointProvider] :endpoint_provider
318
+ # The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::SSO::EndpointParameters`
319
+ #
303
320
  # @option options [URI::HTTP,String] :http_proxy A proxy to send
304
321
  # requests through. Formatted like 'http://proxy.com:123'.
305
322
  #
@@ -362,7 +379,8 @@ module Aws::SSO
362
379
  #
363
380
  # @option params [required, String] :access_token
364
381
  # The token issued by the `CreateToken` API call. For more information,
365
- # see [CreateToken][1] in the *AWS SSO OIDC API Reference Guide*.
382
+ # see [CreateToken][1] in the *IAM Identity Center OIDC API Reference
383
+ # Guide*.
366
384
  #
367
385
  #
368
386
  #
@@ -407,7 +425,8 @@ module Aws::SSO
407
425
  #
408
426
  # @option params [required, String] :access_token
409
427
  # The token issued by the `CreateToken` API call. For more information,
410
- # see [CreateToken][1] in the *AWS SSO OIDC API Reference Guide*.
428
+ # see [CreateToken][1] in the *IAM Identity Center OIDC API Reference
429
+ # Guide*.
411
430
  #
412
431
  #
413
432
  #
@@ -450,8 +469,8 @@ module Aws::SSO
450
469
 
451
470
  # Lists all AWS accounts assigned to the user. These AWS accounts are
452
471
  # assigned by the administrator of the account. For more information,
453
- # see [Assign User Access][1] in the *AWS SSO User Guide*. This
454
- # operation returns a paginated response.
472
+ # see [Assign User Access][1] in the *IAM Identity Center User Guide*.
473
+ # This operation returns a paginated response.
455
474
  #
456
475
  #
457
476
  #
@@ -466,7 +485,8 @@ module Aws::SSO
466
485
  #
467
486
  # @option params [required, String] :access_token
468
487
  # The token issued by the `CreateToken` API call. For more information,
469
- # see [CreateToken][1] in the *AWS SSO OIDC API Reference Guide*.
488
+ # see [CreateToken][1] in the *IAM Identity Center OIDC API Reference
489
+ # Guide*.
470
490
  #
471
491
  #
472
492
  #
@@ -504,12 +524,32 @@ module Aws::SSO
504
524
  req.send_request(options)
505
525
  end
506
526
 
507
- # Removes the client- and server-side session that is associated with
508
- # the user.
527
+ # Removes the locally stored SSO tokens from the client-side cache and
528
+ # sends an API call to the IAM Identity Center service to invalidate the
529
+ # corresponding server-side IAM Identity Center sign in session.
530
+ #
531
+ # <note markdown="1"> If a user uses IAM Identity Center to access the AWS CLI, the user’s
532
+ # IAM Identity Center sign in session is used to obtain an IAM session,
533
+ # as specified in the corresponding IAM Identity Center permission set.
534
+ # More specifically, IAM Identity Center assumes an IAM role in the
535
+ # target account on behalf of the user, and the corresponding temporary
536
+ # AWS credentials are returned to the client.
537
+ #
538
+ # After user logout, any existing IAM role sessions that were created by
539
+ # using IAM Identity Center permission sets continue based on the
540
+ # duration configured in the permission set. For more information, see
541
+ # [User authentications][1] in the *IAM Identity Center User Guide*.
542
+ #
543
+ # </note>
544
+ #
545
+ #
546
+ #
547
+ # [1]: https://docs.aws.amazon.com/singlesignon/latest/userguide/authconcept.html
509
548
  #
510
549
  # @option params [required, String] :access_token
511
550
  # The token issued by the `CreateToken` API call. For more information,
512
- # see [CreateToken][1] in the *AWS SSO OIDC API Reference Guide*.
551
+ # see [CreateToken][1] in the *IAM Identity Center OIDC API Reference
552
+ # Guide*.
513
553
  #
514
554
  #
515
555
  #
@@ -545,7 +585,7 @@ module Aws::SSO
545
585
  params: params,
546
586
  config: config)
547
587
  context[:gem_name] = 'aws-sdk-core'
548
- context[:gem_version] = '3.131.1'
588
+ context[:gem_version] = '3.168.1'
549
589
  Seahorse::Client::Request.new(handlers, context)
550
590
  end
551
591
 
@@ -0,0 +1,66 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+ module Aws::SSO
11
+ # Endpoint parameters used to influence endpoints per request.
12
+ #
13
+ # @!attribute region
14
+ # The AWS region used to dispatch the request.
15
+ #
16
+ # @return [String]
17
+ #
18
+ # @!attribute use_dual_stack
19
+ # When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.
20
+ #
21
+ # @return [Boolean]
22
+ #
23
+ # @!attribute use_fips
24
+ # When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.
25
+ #
26
+ # @return [Boolean]
27
+ #
28
+ # @!attribute endpoint
29
+ # Override the endpoint used to send this request
30
+ #
31
+ # @return [String]
32
+ #
33
+ EndpointParameters = Struct.new(
34
+ :region,
35
+ :use_dual_stack,
36
+ :use_fips,
37
+ :endpoint,
38
+ ) do
39
+ include Aws::Structure
40
+
41
+ # @api private
42
+ class << self
43
+ PARAM_MAP = {
44
+ 'Region' => :region,
45
+ 'UseDualStack' => :use_dual_stack,
46
+ 'UseFIPS' => :use_fips,
47
+ 'Endpoint' => :endpoint,
48
+ }.freeze
49
+ end
50
+
51
+ def initialize(options = {})
52
+ self[:region] = options[:region]
53
+ self[:use_dual_stack] = options[:use_dual_stack]
54
+ self[:use_dual_stack] = false if self[:use_dual_stack].nil?
55
+ if self[:use_dual_stack].nil?
56
+ raise ArgumentError, "Missing required EndpointParameter: :use_dual_stack"
57
+ end
58
+ self[:use_fips] = options[:use_fips]
59
+ self[:use_fips] = false if self[:use_fips].nil?
60
+ if self[:use_fips].nil?
61
+ raise ArgumentError, "Missing required EndpointParameter: :use_fips"
62
+ end
63
+ self[:endpoint] = options[:endpoint]
64
+ end
65
+ end
66
+ end
@@ -0,0 +1,112 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+ module Aws::SSO
11
+ class EndpointProvider
12
+ def initialize(rule_set = nil)
13
+ @@rule_set ||= begin
14
+ endpoint_rules = Aws::Json.load(Base64.decode64(RULES))
15
+ Aws::Endpoints::RuleSet.new(
16
+ version: endpoint_rules['version'],
17
+ service_id: endpoint_rules['serviceId'],
18
+ parameters: endpoint_rules['parameters'],
19
+ rules: endpoint_rules['rules']
20
+ )
21
+ end
22
+ @provider = Aws::Endpoints::RulesProvider.new(rule_set || @@rule_set)
23
+ end
24
+
25
+ def resolve_endpoint(parameters)
26
+ @provider.resolve_endpoint(parameters)
27
+ end
28
+
29
+ # @api private
30
+ RULES = <<-JSON
31
+ eyJ2ZXJzaW9uIjoiMS4wIiwicGFyYW1ldGVycyI6eyJSZWdpb24iOnsiYnVp
32
+ bHRJbiI6IkFXUzo6UmVnaW9uIiwicmVxdWlyZWQiOmZhbHNlLCJkb2N1bWVu
33
+ dGF0aW9uIjoiVGhlIEFXUyByZWdpb24gdXNlZCB0byBkaXNwYXRjaCB0aGUg
34
+ cmVxdWVzdC4iLCJ0eXBlIjoiU3RyaW5nIn0sIlVzZUR1YWxTdGFjayI6eyJi
35
+ dWlsdEluIjoiQVdTOjpVc2VEdWFsU3RhY2siLCJyZXF1aXJlZCI6dHJ1ZSwi
36
+ ZGVmYXVsdCI6ZmFsc2UsImRvY3VtZW50YXRpb24iOiJXaGVuIHRydWUsIHVz
37
+ ZSB0aGUgZHVhbC1zdGFjayBlbmRwb2ludC4gSWYgdGhlIGNvbmZpZ3VyZWQg
38
+ ZW5kcG9pbnQgZG9lcyBub3Qgc3VwcG9ydCBkdWFsLXN0YWNrLCBkaXNwYXRj
39
+ aGluZyB0aGUgcmVxdWVzdCBNQVkgcmV0dXJuIGFuIGVycm9yLiIsInR5cGUi
40
+ OiJCb29sZWFuIn0sIlVzZUZJUFMiOnsiYnVpbHRJbiI6IkFXUzo6VXNlRklQ
41
+ UyIsInJlcXVpcmVkIjp0cnVlLCJkZWZhdWx0IjpmYWxzZSwiZG9jdW1lbnRh
42
+ dGlvbiI6IldoZW4gdHJ1ZSwgc2VuZCB0aGlzIHJlcXVlc3QgdG8gdGhlIEZJ
43
+ UFMtY29tcGxpYW50IHJlZ2lvbmFsIGVuZHBvaW50LiBJZiB0aGUgY29uZmln
44
+ dXJlZCBlbmRwb2ludCBkb2VzIG5vdCBoYXZlIGEgRklQUyBjb21wbGlhbnQg
45
+ ZW5kcG9pbnQsIGRpc3BhdGNoaW5nIHRoZSByZXF1ZXN0IHdpbGwgcmV0dXJu
46
+ IGFuIGVycm9yLiIsInR5cGUiOiJCb29sZWFuIn0sIkVuZHBvaW50Ijp7ImJ1
47
+ aWx0SW4iOiJTREs6OkVuZHBvaW50IiwicmVxdWlyZWQiOmZhbHNlLCJkb2N1
48
+ bWVudGF0aW9uIjoiT3ZlcnJpZGUgdGhlIGVuZHBvaW50IHVzZWQgdG8gc2Vu
49
+ ZCB0aGlzIHJlcXVlc3QiLCJ0eXBlIjoiU3RyaW5nIn19LCJydWxlcyI6W3si
50
+ Y29uZGl0aW9ucyI6W3siZm4iOiJhd3MucGFydGl0aW9uIiwiYXJndiI6W3si
51
+ cmVmIjoiUmVnaW9uIn1dLCJhc3NpZ24iOiJQYXJ0aXRpb25SZXN1bHQifV0s
52
+ InR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOlt7ImZuIjoi
53
+ aXNTZXQiLCJhcmd2IjpbeyJyZWYiOiJFbmRwb2ludCJ9XX0seyJmbiI6InBh
54
+ cnNlVVJMIiwiYXJndiI6W3sicmVmIjoiRW5kcG9pbnQifV0sImFzc2lnbiI6
55
+ InVybCJ9XSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0aW9ucyI6
56
+ W3siZm4iOiJib29sZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoiVXNlRklQ
57
+ UyJ9LHRydWVdfV0sImVycm9yIjoiSW52YWxpZCBDb25maWd1cmF0aW9uOiBG
58
+ SVBTIGFuZCBjdXN0b20gZW5kcG9pbnQgYXJlIG5vdCBzdXBwb3J0ZWQiLCJ0
59
+ eXBlIjoiZXJyb3IifSx7ImNvbmRpdGlvbnMiOltdLCJ0eXBlIjoidHJlZSIs
60
+ InJ1bGVzIjpbeyJjb25kaXRpb25zIjpbeyJmbiI6ImJvb2xlYW5FcXVhbHMi
61
+ LCJhcmd2IjpbeyJyZWYiOiJVc2VEdWFsU3RhY2sifSx0cnVlXX1dLCJlcnJv
62
+ ciI6IkludmFsaWQgQ29uZmlndXJhdGlvbjogRHVhbHN0YWNrIGFuZCBjdXN0
63
+ b20gZW5kcG9pbnQgYXJlIG5vdCBzdXBwb3J0ZWQiLCJ0eXBlIjoiZXJyb3Ii
64
+ fSx7ImNvbmRpdGlvbnMiOltdLCJlbmRwb2ludCI6eyJ1cmwiOnsicmVmIjoi
65
+ RW5kcG9pbnQifSwicHJvcGVydGllcyI6e30sImhlYWRlcnMiOnt9fSwidHlw
66
+ ZSI6ImVuZHBvaW50In1dfV19LHsiY29uZGl0aW9ucyI6W3siZm4iOiJib29s
67
+ ZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoiVXNlRklQUyJ9LHRydWVdfSx7
68
+ ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt7InJlZiI6IlVzZUR1YWxT
69
+ dGFjayJ9LHRydWVdfV0sInR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRp
70
+ dGlvbnMiOlt7ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt0cnVlLHsi
71
+ Zm4iOiJnZXRBdHRyIiwiYXJndiI6W3sicmVmIjoiUGFydGl0aW9uUmVzdWx0
72
+ In0sInN1cHBvcnRzRklQUyJdfV19LHsiZm4iOiJib29sZWFuRXF1YWxzIiwi
73
+ YXJndiI6W3RydWUseyJmbiI6ImdldEF0dHIiLCJhcmd2IjpbeyJyZWYiOiJQ
74
+ YXJ0aXRpb25SZXN1bHQifSwic3VwcG9ydHNEdWFsU3RhY2siXX1dfV0sInR5
75
+ cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOltdLCJlbmRwb2lu
76
+ dCI6eyJ1cmwiOiJodHRwczovL3BvcnRhbC5zc28tZmlwcy57UmVnaW9ufS57
77
+ UGFydGl0aW9uUmVzdWx0I2R1YWxTdGFja0Ruc1N1ZmZpeH0iLCJwcm9wZXJ0
78
+ aWVzIjp7fSwiaGVhZGVycyI6e319LCJ0eXBlIjoiZW5kcG9pbnQifV19LHsi
79
+ Y29uZGl0aW9ucyI6W10sImVycm9yIjoiRklQUyBhbmQgRHVhbFN0YWNrIGFy
80
+ ZSBlbmFibGVkLCBidXQgdGhpcyBwYXJ0aXRpb24gZG9lcyBub3Qgc3VwcG9y
81
+ dCBvbmUgb3IgYm90aCIsInR5cGUiOiJlcnJvciJ9XX0seyJjb25kaXRpb25z
82
+ IjpbeyJmbiI6ImJvb2xlYW5FcXVhbHMiLCJhcmd2IjpbeyJyZWYiOiJVc2VG
83
+ SVBTIn0sdHJ1ZV19XSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0
84
+ aW9ucyI6W3siZm4iOiJib29sZWFuRXF1YWxzIiwiYXJndiI6W3RydWUseyJm
85
+ biI6ImdldEF0dHIiLCJhcmd2IjpbeyJyZWYiOiJQYXJ0aXRpb25SZXN1bHQi
86
+ fSwic3VwcG9ydHNGSVBTIl19XX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpb
87
+ eyJjb25kaXRpb25zIjpbXSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29u
88
+ ZGl0aW9ucyI6W10sImVuZHBvaW50Ijp7InVybCI6Imh0dHBzOi8vcG9ydGFs
89
+ LnNzby1maXBzLntSZWdpb259LntQYXJ0aXRpb25SZXN1bHQjZG5zU3VmZml4
90
+ fSIsInByb3BlcnRpZXMiOnt9LCJoZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRw
91
+ b2ludCJ9XX1dfSx7ImNvbmRpdGlvbnMiOltdLCJlcnJvciI6IkZJUFMgaXMg
92
+ ZW5hYmxlZCBidXQgdGhpcyBwYXJ0aXRpb24gZG9lcyBub3Qgc3VwcG9ydCBG
93
+ SVBTIiwidHlwZSI6ImVycm9yIn1dfSx7ImNvbmRpdGlvbnMiOlt7ImZuIjoi
94
+ Ym9vbGVhbkVxdWFscyIsImFyZ3YiOlt7InJlZiI6IlVzZUR1YWxTdGFjayJ9
95
+ LHRydWVdfV0sInR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMi
96
+ Olt7ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt0cnVlLHsiZm4iOiJn
97
+ ZXRBdHRyIiwiYXJndiI6W3sicmVmIjoiUGFydGl0aW9uUmVzdWx0In0sInN1
98
+ cHBvcnRzRHVhbFN0YWNrIl19XX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpb
99
+ eyJjb25kaXRpb25zIjpbXSwiZW5kcG9pbnQiOnsidXJsIjoiaHR0cHM6Ly9w
100
+ b3J0YWwuc3NvLntSZWdpb259LntQYXJ0aXRpb25SZXN1bHQjZHVhbFN0YWNr
101
+ RG5zU3VmZml4fSIsInByb3BlcnRpZXMiOnt9LCJoZWFkZXJzIjp7fX0sInR5
102
+ cGUiOiJlbmRwb2ludCJ9XX0seyJjb25kaXRpb25zIjpbXSwiZXJyb3IiOiJE
103
+ dWFsU3RhY2sgaXMgZW5hYmxlZCBidXQgdGhpcyBwYXJ0aXRpb24gZG9lcyBu
104
+ b3Qgc3VwcG9ydCBEdWFsU3RhY2siLCJ0eXBlIjoiZXJyb3IifV19LHsiY29u
105
+ ZGl0aW9ucyI6W10sImVuZHBvaW50Ijp7InVybCI6Imh0dHBzOi8vcG9ydGFs
106
+ LnNzby57UmVnaW9ufS57UGFydGl0aW9uUmVzdWx0I2Ruc1N1ZmZpeH0iLCJw
107
+ cm9wZXJ0aWVzIjp7fSwiaGVhZGVycyI6e319LCJ0eXBlIjoiZW5kcG9pbnQi
108
+ fV19XX0=
109
+
110
+ JSON
111
+ end
112
+ end