RubyGems - aws-sdk-core - Versions diffs - 3.131.1 → 3.188.0 - Mend

aws-sdk-core 3.131.1 → 3.188.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (100) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +459 -0
data/VERSION +1 -1
data/lib/aws-defaults/default_configuration.rb +4 -4
data/lib/aws-sdk-core/arn.rb +13 -0
data/lib/aws-sdk-core/binary/encode_handler.rb +12 -1
data/lib/aws-sdk-core/credential_provider.rb +3 -0
data/lib/aws-sdk-core/credential_provider_chain.rb +8 -5
data/lib/aws-sdk-core/ecs_credentials.rb +177 -53
data/lib/aws-sdk-core/endpoints/condition.rb +41 -0
data/lib/aws-sdk-core/endpoints/endpoint.rb +17 -0
data/lib/aws-sdk-core/endpoints/endpoint_rule.rb +75 -0
data/lib/aws-sdk-core/endpoints/error_rule.rb +42 -0
data/lib/aws-sdk-core/endpoints/function.rb +80 -0
data/lib/aws-sdk-core/endpoints/matchers.rb +131 -0
data/lib/aws-sdk-core/endpoints/reference.rb +31 -0
data/lib/aws-sdk-core/endpoints/rule.rb +25 -0
data/lib/aws-sdk-core/endpoints/rule_set.rb +52 -0
data/lib/aws-sdk-core/endpoints/rules_provider.rb +37 -0
data/lib/aws-sdk-core/endpoints/templater.rb +58 -0
data/lib/aws-sdk-core/endpoints/tree_rule.rb +45 -0
data/lib/aws-sdk-core/endpoints/url.rb +60 -0
data/lib/aws-sdk-core/endpoints.rb +78 -0
data/lib/aws-sdk-core/errors.rb +14 -1
data/lib/aws-sdk-core/ini_parser.rb +7 -0
data/lib/aws-sdk-core/instance_profile_credentials.rb +52 -30
data/lib/aws-sdk-core/json/error_handler.rb +20 -1
data/lib/aws-sdk-core/json/handler.rb +8 -1
data/lib/aws-sdk-core/json/parser.rb +27 -2
data/lib/aws-sdk-core/log/formatter.rb +6 -0
data/lib/aws-sdk-core/pageable_response.rb +10 -1
data/lib/aws-sdk-core/param_validator.rb +2 -2
data/lib/aws-sdk-core/plugins/bearer_authorization.rb +67 -0
data/lib/aws-sdk-core/plugins/checksum_algorithm.rb +1 -1
data/lib/aws-sdk-core/plugins/credentials_configuration.rb +24 -0
data/lib/aws-sdk-core/plugins/endpoint_discovery.rb +6 -2
data/lib/aws-sdk-core/plugins/jsonvalue_converter.rb +34 -6
data/lib/aws-sdk-core/plugins/recursion_detection.rb +14 -3
data/lib/aws-sdk-core/plugins/regional_endpoint.rb +111 -30
data/lib/aws-sdk-core/plugins/request_compression.rb +217 -0
data/lib/aws-sdk-core/plugins/retries/error_inspector.rb +2 -1
data/lib/aws-sdk-core/plugins/sign.rb +201 -0
data/lib/aws-sdk-core/plugins/signature_v2.rb +1 -0
data/lib/aws-sdk-core/plugins/signature_v4.rb +13 -7
data/lib/aws-sdk-core/plugins/user_agent.rb +117 -14
data/lib/aws-sdk-core/refreshing_credentials.rb +0 -6
data/lib/aws-sdk-core/refreshing_token.rb +71 -0
data/lib/aws-sdk-core/rest/handler.rb +1 -1
data/lib/aws-sdk-core/rest/request/headers.rb +2 -6
data/lib/aws-sdk-core/rest/request/querystring_builder.rb +43 -29
data/lib/aws-sdk-core/shared_config.rb +106 -6
data/lib/aws-sdk-core/sso_credentials.rb +80 -45
data/lib/aws-sdk-core/sso_token_provider.rb +135 -0
data/lib/aws-sdk-core/static_token_provider.rb +14 -0
data/lib/aws-sdk-core/structure.rb +6 -4
data/lib/aws-sdk-core/stubbing/stub_data.rb +11 -0
data/lib/aws-sdk-core/token.rb +31 -0
data/lib/aws-sdk-core/token_provider.rb +15 -0
data/lib/aws-sdk-core/token_provider_chain.rb +51 -0
data/lib/aws-sdk-core/waiters/poller.rb +3 -1
data/lib/aws-sdk-core/xml/error_handler.rb +7 -0
data/lib/aws-sdk-core/xml/parser/engines/oga.rb +2 -0
data/lib/aws-sdk-core.rb +14 -0
data/lib/aws-sdk-sso/client.rb +71 -11
data/lib/aws-sdk-sso/endpoint_parameters.rb +66 -0
data/lib/aws-sdk-sso/endpoint_provider.rb +57 -0
data/lib/aws-sdk-sso/endpoints.rb +72 -0
data/lib/aws-sdk-sso/plugins/endpoints.rb +76 -0
data/lib/aws-sdk-sso/types.rb +8 -43
data/lib/aws-sdk-sso.rb +5 -1
data/lib/aws-sdk-ssooidc/client.rb +935 -0
data/lib/aws-sdk-ssooidc/client_api.rb +271 -0
data/lib/aws-sdk-ssooidc/customizations.rb +1 -0
data/lib/aws-sdk-ssooidc/endpoint_parameters.rb +66 -0
data/lib/aws-sdk-ssooidc/endpoint_provider.rb +57 -0
data/lib/aws-sdk-ssooidc/endpoints.rb +72 -0
data/lib/aws-sdk-ssooidc/errors.rb +321 -0
data/lib/aws-sdk-ssooidc/plugins/endpoints.rb +76 -0
data/lib/aws-sdk-ssooidc/resource.rb +26 -0
data/lib/aws-sdk-ssooidc/types.rb +755 -0
data/lib/aws-sdk-ssooidc.rb +59 -0
data/lib/aws-sdk-sts/client.rb +298 -245
data/lib/aws-sdk-sts/client_api.rb +12 -1
data/lib/aws-sdk-sts/endpoint_parameters.rb +78 -0
data/lib/aws-sdk-sts/endpoint_provider.rb +112 -0
data/lib/aws-sdk-sts/endpoints.rb +136 -0
data/lib/aws-sdk-sts/plugins/endpoints.rb +84 -0
data/lib/aws-sdk-sts/presigner.rb +14 -16
data/lib/aws-sdk-sts/types.rb +128 -197
data/lib/aws-sdk-sts.rb +5 -1
data/lib/seahorse/client/async_base.rb +0 -1
data/lib/seahorse/client/configuration.rb +1 -5
data/lib/seahorse/client/h2/connection.rb +12 -11
data/lib/seahorse/client/net_http/patches.rb +1 -4
data/lib/seahorse/client/plugins/h2.rb +3 -3
data/lib/seahorse/client/plugins/request_callback.rb +40 -9
data/lib/seahorse/client/response.rb +6 -0
data/lib/seahorse/model/operation.rb +3 -0
data/lib/seahorse/util.rb +4 -0
metadata +49 -7

data/lib/aws-sdk-sts/client_api.rb CHANGED Viewed

@@ -43,6 +43,8 @@ module Aws::STS
     NameQualifier = Shapes::StringShape.new(name: 'NameQualifier')
     PackedPolicyTooLargeException = Shapes::StructureShape.new(name: 'PackedPolicyTooLargeException')
     PolicyDescriptorType = Shapes::StructureShape.new(name: 'PolicyDescriptorType')
+    ProvidedContext = Shapes::StructureShape.new(name: 'ProvidedContext')
+    ProvidedContextsListType = Shapes::ListShape.new(name: 'ProvidedContextsListType')
     RegionDisabledException = Shapes::StructureShape.new(name: 'RegionDisabledException')
     SAMLAssertionType = Shapes::StringShape.new(name: 'SAMLAssertionType')
     Subject = Shapes::StringShape.new(name: 'Subject')
@@ -54,6 +56,7 @@ module Aws::STS
     arnType = Shapes::StringShape.new(name: 'arnType')
     assumedRoleIdType = Shapes::StringShape.new(name: 'assumedRoleIdType')
     clientTokenType = Shapes::StringShape.new(name: 'clientTokenType')
+    contextAssertionType = Shapes::StringShape.new(name: 'contextAssertionType')
     dateType = Shapes::TimestampShape.new(name: 'dateType')
     decodedMessageType = Shapes::StringShape.new(name: 'decodedMessageType')
     durationSecondsType = Shapes::IntegerShape.new(name: 'durationSecondsType')
@@ -81,6 +84,7 @@ module Aws::STS
     tagValueType = Shapes::StringShape.new(name: 'tagValueType')
     tokenCodeType = Shapes::StringShape.new(name: 'tokenCodeType')
     tokenType = Shapes::StringShape.new(name: 'tokenType')
+    unrestrictedSessionPolicyDocumentType = Shapes::StringShape.new(name: 'unrestrictedSessionPolicyDocumentType')
     urlType = Shapes::StringShape.new(name: 'urlType')
     userIdType = Shapes::StringShape.new(name: 'userIdType')
     userNameType = Shapes::StringShape.new(name: 'userNameType')
@@ -89,7 +93,7 @@ module Aws::STS
     AssumeRoleRequest.add_member(:role_arn, Shapes::ShapeRef.new(shape: arnType, required: true, location_name: "RoleArn"))
     AssumeRoleRequest.add_member(:role_session_name, Shapes::ShapeRef.new(shape: roleSessionNameType, required: true, location_name: "RoleSessionName"))
     AssumeRoleRequest.add_member(:policy_arns, Shapes::ShapeRef.new(shape: policyDescriptorListType, location_name: "PolicyArns"))
-    AssumeRoleRequest.add_member(:policy, Shapes::ShapeRef.new(shape: sessionPolicyDocumentType, location_name: "Policy"))
+    AssumeRoleRequest.add_member(:policy, Shapes::ShapeRef.new(shape: unrestrictedSessionPolicyDocumentType, location_name: "Policy"))
     AssumeRoleRequest.add_member(:duration_seconds, Shapes::ShapeRef.new(shape: roleDurationSecondsType, location_name: "DurationSeconds"))
     AssumeRoleRequest.add_member(:tags, Shapes::ShapeRef.new(shape: tagListType, location_name: "Tags"))
     AssumeRoleRequest.add_member(:transitive_tag_keys, Shapes::ShapeRef.new(shape: tagKeyListType, location_name: "TransitiveTagKeys"))
@@ -97,6 +101,7 @@ module Aws::STS
     AssumeRoleRequest.add_member(:serial_number, Shapes::ShapeRef.new(shape: serialNumberType, location_name: "SerialNumber"))
     AssumeRoleRequest.add_member(:token_code, Shapes::ShapeRef.new(shape: tokenCodeType, location_name: "TokenCode"))
     AssumeRoleRequest.add_member(:source_identity, Shapes::ShapeRef.new(shape: sourceIdentityType, location_name: "SourceIdentity"))
+    AssumeRoleRequest.add_member(:provided_contexts, Shapes::ShapeRef.new(shape: ProvidedContextsListType, location_name: "ProvidedContexts"))
     AssumeRoleRequest.struct_class = Types::AssumeRoleRequest
     AssumeRoleResponse.add_member(:credentials, Shapes::ShapeRef.new(shape: Credentials, location_name: "Credentials"))
@@ -219,6 +224,12 @@ module Aws::STS
     PolicyDescriptorType.add_member(:arn, Shapes::ShapeRef.new(shape: arnType, location_name: "arn"))
     PolicyDescriptorType.struct_class = Types::PolicyDescriptorType
+    ProvidedContext.add_member(:provider_arn, Shapes::ShapeRef.new(shape: arnType, location_name: "ProviderArn"))
+    ProvidedContext.add_member(:context_assertion, Shapes::ShapeRef.new(shape: contextAssertionType, location_name: "ContextAssertion"))
+    ProvidedContext.struct_class = Types::ProvidedContext
+    ProvidedContextsListType.member = Shapes::ShapeRef.new(shape: ProvidedContext)
     RegionDisabledException.add_member(:message, Shapes::ShapeRef.new(shape: regionDisabledMessage, location_name: "message"))
     RegionDisabledException.struct_class = Types::RegionDisabledException

data/lib/aws-sdk-sts/endpoint_parameters.rb ADDED Viewed

@@ -0,0 +1,78 @@
+# frozen_string_literal: true
+# WARNING ABOUT GENERATED CODE
+#
+# This file is generated. See the contributing guide for more information:
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
+#
+# WARNING ABOUT GENERATED CODE
+module Aws::STS
+  # Endpoint parameters used to influence endpoints per request.
+  #
+  # @!attribute region
+  #   The AWS region used to dispatch the request.
+  #
+  #   @return [String]
+  #
+  # @!attribute use_dual_stack
+  #   When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.
+  #
+  #   @return [Boolean]
+  #
+  # @!attribute use_fips
+  #   When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.
+  #
+  #   @return [Boolean]
+  #
+  # @!attribute endpoint
+  #   Override the endpoint used to send this request
+  #
+  #   @return [String]
+  #
+  # @!attribute use_global_endpoint
+  #   Whether the global endpoint should be used, rather then the regional endpoint for us-east-1.
+  #
+  #   @return [Boolean]
+  #
+  EndpointParameters = Struct.new(
+    :region,
+    :use_dual_stack,
+    :use_fips,
+    :endpoint,
+    :use_global_endpoint,
+  ) do
+    include Aws::Structure
+    # @api private
+    class << self
+      PARAM_MAP = {
+        'Region' => :region,
+        'UseDualStack' => :use_dual_stack,
+        'UseFIPS' => :use_fips,
+        'Endpoint' => :endpoint,
+        'UseGlobalEndpoint' => :use_global_endpoint,
+      }.freeze
+    end
+    def initialize(options = {})
+      self[:region] = options[:region]
+      self[:use_dual_stack] = options[:use_dual_stack]
+      self[:use_dual_stack] = false if self[:use_dual_stack].nil?
+      if self[:use_dual_stack].nil?
+        raise ArgumentError, "Missing required EndpointParameter: :use_dual_stack"
+      end
+      self[:use_fips] = options[:use_fips]
+      self[:use_fips] = false if self[:use_fips].nil?
+      if self[:use_fips].nil?
+        raise ArgumentError, "Missing required EndpointParameter: :use_fips"
+      end
+      self[:endpoint] = options[:endpoint]
+      self[:use_global_endpoint] = options[:use_global_endpoint]
+      self[:use_global_endpoint] = false if self[:use_global_endpoint].nil?
+      if self[:use_global_endpoint].nil?
+        raise ArgumentError, "Missing required EndpointParameter: :use_global_endpoint"
+      end
+    end
+  end
+end

data/lib/aws-sdk-sts/endpoint_provider.rb ADDED Viewed

@@ -0,0 +1,112 @@
+# frozen_string_literal: true
+# WARNING ABOUT GENERATED CODE
+#
+# This file is generated. See the contributing guide for more information:
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
+#
+# WARNING ABOUT GENERATED CODE
+module Aws::STS
+  class EndpointProvider
+    def resolve_endpoint(parameters)
+      region = parameters.region
+      use_dual_stack = parameters.use_dual_stack
+      use_fips = parameters.use_fips
+      endpoint = parameters.endpoint
+      use_global_endpoint = parameters.use_global_endpoint
+      if Aws::Endpoints::Matchers.boolean_equals?(use_global_endpoint, true) && Aws::Endpoints::Matchers.not(Aws::Endpoints::Matchers.set?(endpoint)) && Aws::Endpoints::Matchers.set?(region) && (partition_result = Aws::Endpoints::Matchers.aws_partition(region)) && Aws::Endpoints::Matchers.boolean_equals?(use_fips, false) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, false)
+        if Aws::Endpoints::Matchers.string_equals?(region, "ap-northeast-1")
+          return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
+        end
+        if Aws::Endpoints::Matchers.string_equals?(region, "ap-south-1")
+          return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
+        end
+        if Aws::Endpoints::Matchers.string_equals?(region, "ap-southeast-1")
+          return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
+        end
+        if Aws::Endpoints::Matchers.string_equals?(region, "ap-southeast-2")
+          return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
+        end
+        if Aws::Endpoints::Matchers.string_equals?(region, "aws-global")
+          return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
+        end
+        if Aws::Endpoints::Matchers.string_equals?(region, "ca-central-1")
+          return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
+        end
+        if Aws::Endpoints::Matchers.string_equals?(region, "eu-central-1")
+          return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
+        end
+        if Aws::Endpoints::Matchers.string_equals?(region, "eu-north-1")
+          return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
+        end
+        if Aws::Endpoints::Matchers.string_equals?(region, "eu-west-1")
+          return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
+        end
+        if Aws::Endpoints::Matchers.string_equals?(region, "eu-west-2")
+          return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
+        end
+        if Aws::Endpoints::Matchers.string_equals?(region, "eu-west-3")
+          return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
+        end
+        if Aws::Endpoints::Matchers.string_equals?(region, "sa-east-1")
+          return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
+        end
+        if Aws::Endpoints::Matchers.string_equals?(region, "us-east-1")
+          return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
+        end
+        if Aws::Endpoints::Matchers.string_equals?(region, "us-east-2")
+          return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
+        end
+        if Aws::Endpoints::Matchers.string_equals?(region, "us-west-1")
+          return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
+        end
+        if Aws::Endpoints::Matchers.string_equals?(region, "us-west-2")
+          return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
+        end
+        return Aws::Endpoints::Endpoint.new(url: "https://sts.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"#{region}"}]})
+      end
+      if Aws::Endpoints::Matchers.set?(endpoint)
+        if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
+          raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
+        end
+        if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
+          raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
+        end
+        return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
+      end
+      if Aws::Endpoints::Matchers.set?(region)
+        if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
+          if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
+            if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
+              return Aws::Endpoints::Endpoint.new(url: "https://sts-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
+            end
+            raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
+          end
+          if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
+            if Aws::Endpoints::Matchers.boolean_equals?(Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"), true)
+              if Aws::Endpoints::Matchers.string_equals?(Aws::Endpoints::Matchers.attr(partition_result, "name"), "aws-us-gov")
+                return Aws::Endpoints::Endpoint.new(url: "https://sts.#{region}.amazonaws.com", headers: {}, properties: {})
+              end
+              return Aws::Endpoints::Endpoint.new(url: "https://sts-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
+            end
+            raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
+          end
+          if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
+            if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
+              return Aws::Endpoints::Endpoint.new(url: "https://sts.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
+            end
+            raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
+          end
+          if Aws::Endpoints::Matchers.string_equals?(region, "aws-global")
+            return Aws::Endpoints::Endpoint.new(url: "https://sts.amazonaws.com", headers: {}, properties: {"authSchemes"=>[{"name"=>"sigv4", "signingName"=>"sts", "signingRegion"=>"us-east-1"}]})
+          end
+          return Aws::Endpoints::Endpoint.new(url: "https://sts.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
+        end
+      end
+      raise ArgumentError, "Invalid Configuration: Missing Region"
+      raise ArgumentError, 'No endpoint could be resolved'
+    end
+  end
+end

data/lib/aws-sdk-sts/endpoints.rb ADDED Viewed

@@ -0,0 +1,136 @@
+# frozen_string_literal: true
+# WARNING ABOUT GENERATED CODE
+#
+# This file is generated. See the contributing guide for more information:
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
+#
+# WARNING ABOUT GENERATED CODE
+module Aws::STS
+  # @api private
+  module Endpoints
+    class AssumeRole
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::STS::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+          use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
+        )
+      end
+    end
+    class AssumeRoleWithSAML
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::STS::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+          use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
+        )
+      end
+    end
+    class AssumeRoleWithWebIdentity
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::STS::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+          use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
+        )
+      end
+    end
+    class DecodeAuthorizationMessage
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::STS::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+          use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
+        )
+      end
+    end
+    class GetAccessKeyInfo
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::STS::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+          use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
+        )
+      end
+    end
+    class GetCallerIdentity
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::STS::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+          use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
+        )
+      end
+    end
+    class GetFederationToken
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::STS::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+          use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
+        )
+      end
+    end
+    class GetSessionToken
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::STS::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+          use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
+        )
+      end
+    end
+  end
+end

data/lib/aws-sdk-sts/plugins/endpoints.rb ADDED Viewed

@@ -0,0 +1,84 @@
+# frozen_string_literal: true
+# WARNING ABOUT GENERATED CODE
+#
+# This file is generated. See the contributing guide for more information:
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
+#
+# WARNING ABOUT GENERATED CODE
+module Aws::STS
+  module Plugins
+    class Endpoints < Seahorse::Client::Plugin
+      option(
+        :endpoint_provider,
+        doc_type: 'Aws::STS::EndpointProvider',
+        docstring: 'The endpoint provider used to resolve endpoints. Any '\
+                   'object that responds to `#resolve_endpoint(parameters)` '\
+                   'where `parameters` is a Struct similar to '\
+                   '`Aws::STS::EndpointParameters`'
+      ) do |cfg|
+        Aws::STS::EndpointProvider.new
+      end
+      # @api private
+      class Handler < Seahorse::Client::Handler
+        def call(context)
+          # If endpoint was discovered, do not resolve or apply the endpoint.
+          unless context[:discovered_endpoint]
+            params = parameters_for_operation(context)
+            endpoint = context.config.endpoint_provider.resolve_endpoint(params)
+            context.http_request.endpoint = endpoint.url
+            apply_endpoint_headers(context, endpoint.headers)
+          end
+          context[:endpoint_params] = params
+          context[:auth_scheme] =
+            Aws::Endpoints.resolve_auth_scheme(context, endpoint)
+          @handler.call(context)
+        end
+        private
+        def apply_endpoint_headers(context, headers)
+          headers.each do |key, values|
+            value = values
+              .compact
+              .map { |s| Seahorse::Util.escape_header_list_string(s.to_s) }
+              .join(',')
+            context.http_request.headers[key] = value
+          end
+        end
+        def parameters_for_operation(context)
+          case context.operation_name
+          when :assume_role
+            Aws::STS::Endpoints::AssumeRole.build(context)
+          when :assume_role_with_saml
+            Aws::STS::Endpoints::AssumeRoleWithSAML.build(context)
+          when :assume_role_with_web_identity
+            Aws::STS::Endpoints::AssumeRoleWithWebIdentity.build(context)
+          when :decode_authorization_message
+            Aws::STS::Endpoints::DecodeAuthorizationMessage.build(context)
+          when :get_access_key_info
+            Aws::STS::Endpoints::GetAccessKeyInfo.build(context)
+          when :get_caller_identity
+            Aws::STS::Endpoints::GetCallerIdentity.build(context)
+          when :get_federation_token
+            Aws::STS::Endpoints::GetFederationToken.build(context)
+          when :get_session_token
+            Aws::STS::Endpoints::GetSessionToken.build(context)
+          end
+        end
+      end
+      def add_handlers(handlers, _config)
+        handlers.add(Handler, step: :build, priority: 75)
+      end
+    end
+  end
+end

data/lib/aws-sdk-sts/presigner.rb CHANGED Viewed

@@ -35,10 +35,11 @@ module Aws
       #   )
       #
       # This can be easily converted to a token used by the EKS service:
-      # {https://ruby-doc.org/stdlib-2.3.1/libdoc/base64/rdoc/Base64.html#method-i-encode64}
+      # {https://docs.ruby-lang.org/en/3.2/Base64.html#method-i-encode64}
       # "k8s-aws-v1." + Base64.urlsafe_encode64(url).chomp("==")
       def get_caller_identity_presigned_url(options = {})
-        req = @client.build_request(:get_session_token, {})
+        req = @client.build_request(:get_caller_identity, {})
+        context = req.context
         param_list = Aws::Query::ParamList.new
         param_list.set('Action', 'GetCallerIdentity')
@@ -46,26 +47,23 @@ module Aws
         Aws::Query::EC2ParamBuilder.new(param_list)
           .apply(req.context.operation.input, {})
-        signer = Aws::Sigv4::Signer.new(
-          service: 'sts',
-          region: req.context.config.region,
-          credentials_provider: req.context.config.credentials
+        endpoint_params = Aws::STS::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          use_global_endpoint: context.config.sts_regional_endpoints == 'legacy'
         )
+        endpoint = context.config.endpoint_provider
+                          .resolve_endpoint(endpoint_params)
+        auth_scheme = Aws::Endpoints.resolve_auth_scheme(context, endpoint)
-        url = Aws::Partitions::EndpointProvider.resolve(
-          req.context.config.region,
-          'sts',
-          req.context.config.sts_regional_endpoints,
-          {
-            dualstack: req.context.config.use_dualstack_endpoint,
-            fips: req.context.config.use_fips_endpoint
-          }
+        signer = Aws::Plugins::Sign.signer_for(
+          auth_scheme, context.config
         )
-        url += "/?#{param_list}"
         signer.presign_url(
           http_method: 'GET',
-          url: url,
+          url: "#{endpoint.url}/?#{param_list}",
           body: '',
           headers: options[:headers]
         ).to_s