aws-sdk-core 3.131.1 → 3.188.0

data/lib/aws-sdk-core/json/parser.rb

@@ -10,8 +10,9 @@ module Aws
       include Seahorse::Model::Shapes
 
       # @param [Seahorse::Model::ShapeRef] rules
-      def initialize(rules)
+      def initialize(rules, query_compatible: false)
         @rules = rules
+        @query_compatible = query_compatible
       end
 
       # @param [String<JSON>] json
@@ -28,10 +29,26 @@ module Aws
           member_name, member_ref = shape.member_by_location_name(key)
           if member_ref
             target[member_name] = parse_ref(member_ref, value)
-          elsif shape.union
+          elsif shape.union && key != '__type'
             target[:unknown] = { 'name' => key, 'value' => value }
           end
         end
+        # In services that were previously Query/XML, members that were
+        # "flattened" defaulted to empty lists. In JSON, these values are nil,
+        # which is backwards incompatible. To preserve backwards compatibility,
+        # we set a default value of [] for these members.
+        if @query_compatible
+          ref.shape.members.each do |member_name, member_target|
+            next unless target[member_name].nil?
+
+            if flattened_list?(member_target.shape)
+              target[member_name] = []
+            elsif flattened_map?(member_target.shape)
+              target[member_name] = {}
+            end
+          end
+        end
+
         if shape.union
           # convert to subclass
           member_subclass = shape.member_subclass(target.member).new
@@ -79,6 +96,14 @@ module Aws
         value.is_a?(Numeric) ? Time.at(value) : Time.parse(value)
       end
 
+      def flattened_list?(shape)
+        shape.is_a?(ListShape) && shape.flattened
+      end
+
+      def flattened_map?(shape)
+        shape.is_a?(MapShape) && shape.flattened
+      end
+
     end
   end
 end

data/lib/aws-sdk-core/log/formatter.rb

@@ -26,6 +26,8 @@ module Aws
     #
     # You can put any of these placeholders into you pattern.
     #
+    #   * `:region` - The region configured for the client.
+    #
     #   * `:client_class` - The name of the client class.
     #
     #   * `:operation` - The name of the client request method.
@@ -116,6 +118,10 @@ module Aws
 
       private
 
+      def _region(response)
+        response.context.config.region
+      end
+
       def _client_class(response)
         response.context.client.class.name
       end

data/lib/aws-sdk-core/pageable_response.rb

@@ -146,6 +146,13 @@ module Aws
         data.to_h
       end
 
+      def as_json(_options = {})
+        data.to_h(data, as_json: true)
+      end
+
+      def to_json(options = {})
+        as_json.to_json(options)
+      end
     end
 
     # The actual decorator module implementation. It is in a distinct module
@@ -194,7 +201,9 @@ module Aws
       def next_response(params)
         params = next_page_params(params)
         request = context.client.build_request(context.operation_name, params)
-        request.send_request
+        Aws::Plugins::UserAgent.feature('paginator') do
+          request.send_request
+        end
       end
 
       def next_page_params(params)

data/lib/aws-sdk-core/param_validator.rb

@@ -6,7 +6,7 @@ module Aws
 
     include Seahorse::Model::Shapes
 
-    EXPECTED_GOT = "expected %s to be %s, got value %s (class: %s) instead."
+    EXPECTED_GOT = 'expected %s to be %s, got class %s instead.'
 
     # @param [Seahorse::Model::Shapes::ShapeRef] rules
     # @param [Hash] params
@@ -230,7 +230,7 @@ module Aws
     end
 
     def expected_got(context, expected, got)
-      EXPECTED_GOT % [context, expected, got.inspect, got.class.name]
+      EXPECTED_GOT % [context, expected, got.class.name]
     end
 
   end

data/lib/aws-sdk-core/plugins/bearer_authorization.rb

@@ -0,0 +1,67 @@
+# frozen_string_literal: true
+
+module Aws
+  # @api private
+  module Plugins
+    # @api private
+    class BearerAuthorization < Seahorse::Client::Plugin
+
+      option(:token_provider,
+             required: false,
+             doc_type: 'Aws::TokenProvider',
+             docstring: <<-DOCS
+A Bearer Token Provider. This can be an instance of any one of the
+following classes:
+
+* `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
+  tokens.
+
+* `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
+  access token generated from `aws login`.
+
+When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
+will be used to search for tokens configured for your profile in shared configuration files.
+      DOCS
+      ) do |config|
+        if config.stub_responses
+          StaticTokenProvider.new('token')
+        else
+          TokenProviderChain.new(config).resolve
+        end
+      end
+
+
+      def add_handlers(handlers, cfg)
+        bearer_operations =
+          if cfg.api.metadata['signatureVersion'] == 'bearer'
+            # select operations where authtype is either not set or is bearer
+            cfg.api.operation_names.select do |o|
+              !cfg.api.operation(o)['authtype'] || cfg.api.operation(o)['authtype'] == 'bearer'
+            end
+          else # service is not bearer auth
+            # select only operations where authtype is explicitly bearer
+            cfg.api.operation_names.select do |o|
+              cfg.api.operation(o)['authtype'] == 'bearer'
+            end
+          end
+        handlers.add(Handler, step: :sign, operations: bearer_operations)
+      end
+
+      class Handler < Seahorse::Client::Handler
+        def call(context)
+          if context.http_request.endpoint.scheme != 'https'
+            raise ArgumentError, 'Unable to use bearer authorization on non https endpoint.'
+          end
+
+          token_provider = context.config.token_provider
+          if token_provider && token_provider.set?
+            context.http_request.headers['Authorization'] = "Bearer #{token_provider.token.token}"
+          else
+            raise Errors::MissingBearerTokenError
+          end
+          @handler.call(context)
+        end
+      end
+    end
+  end
+end

data/lib/aws-sdk-core/plugins/checksum_algorithm.rb

@@ -314,7 +314,7 @@ module Aws
           @io.rewind
         end
 
-        def read(length, buf)
+        def read(length, buf = nil)
           # account for possible leftover bytes at the end, if we have trailer bytes, send them
           if @trailer_io
             return @trailer_io.read(length, buf)

data/lib/aws-sdk-core/plugins/credentials_configuration.rb

@@ -76,6 +76,30 @@ locations will be searched for credentials:
 
       option(:instance_profile_credentials_timeout, 1)
 
+      option(:token_provider,
+             required: false,
+             doc_type: 'Aws::TokenProvider',
+             docstring: <<-DOCS
+A Bearer Token Provider. This can be an instance of any one of the
+following classes:
+
+* `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
+  tokens.
+
+* `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
+  access token generated from `aws login`.
+
+When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
+will be used to search for tokens configured for your profile in shared configuration files.
+      DOCS
+      ) do |config|
+        if config.stub_responses
+          StaticTokenProvider.new('token')
+        else
+          TokenProviderChain.new(config).resolve
+        end
+      end
+
     end
   end
 end

data/lib/aws-sdk-core/plugins/endpoint_discovery.rb

@@ -72,7 +72,11 @@ the background every 60 secs (default). Defaults to `false`.
               context,
               Aws::Util.str_2_bool(discovery_cfg["required"])
             )
-            context.http_request.endpoint = _valid_uri(endpoint.address) if endpoint
+            if endpoint
+              context.http_request.endpoint = _valid_uri(endpoint.address)
+              # Skips dynamic endpoint usage, use this endpoint instead
+              context[:discovered_endpoint] = true
+            end
             if endpoint || context.config.endpoint_discovery
               _apply_endpoint_discovery_user_agent(context)
             end
@@ -100,7 +104,7 @@ the background every 60 secs (default). Defaults to `false`.
         end
 
         def _discover_endpoint(ctx, required)
-          cache = ctx.config.endpoint_cache 
+          cache = ctx.config.endpoint_cache
           key = cache.extract_key(ctx)
 
           if required

data/lib/aws-sdk-core/plugins/jsonvalue_converter.rb

@@ -11,15 +11,43 @@ module Aws
 
         def call(context)
           context.operation.input.shape.members.each do |m, ref|
-            if ref['jsonvalue']
-              param_value = context.params[m]
-              unless param_value.respond_to?(:to_json)
-                raise ArgumentError, "The value of params[#{m}] is not JSON serializable."
+            convert_jsonvalue(m, ref, context.params, 'params')
+          end
+          @handler.call(context)
+        end
+
+        def convert_jsonvalue(m, ref, params, context)
+          return if params.nil? || !params.key?(m)
+
+          if ref['jsonvalue']
+            params[m] = serialize_jsonvalue(params[m], "#{context}[#{m}]")
+          else
+            case ref.shape
+            when Seahorse::Model::Shapes::StructureShape
+              ref.shape.members.each do |member_m, ref|
+                convert_jsonvalue(member_m, ref, params[m], "#{context}[#{m}]")
+              end
+            when Seahorse::Model::Shapes::ListShape
+              if ref.shape.member['jsonvalue']
+                params[m] = params[m].each_with_index.map do |v, i|
+                  serialize_jsonvalue(v, "#{context}[#{m}][#{i}]")
+                end
+              end
+            when Seahorse::Model::Shapes::MapShape
+              if ref.shape.value['jsonvalue']
+                params[m].each do |k, v|
+                  params[m][k] = serialize_jsonvalue(v, "#{context}[#{m}][#{k}]")
+                end
               end
-              context.params[m] = param_value.to_json
             end
           end
-          @handler.call(context)
+        end
+
+        def serialize_jsonvalue(v, context)
+          unless v.respond_to?(:to_json)
+            raise ArgumentError, "The value of #{context} is not JSON serializable."
+          end
+          v.to_json
         end
 
       end

data/lib/aws-sdk-core/plugins/recursion_detection.rb

@@ -9,14 +9,25 @@ module Aws
       class Handler < Seahorse::Client::Handler
         def call(context)
 
-          unless context.http_request.headers.key?('x-amz-trace-id')
+          unless context.http_request.headers.key?('x-amzn-trace-id')
             if ENV['AWS_LAMBDA_FUNCTION_NAME'] &&
-              (trace_id = ENV['_X_AMZ_TRACE_ID'])
-              context.http_request.headers['x-amz-trace-id'] = trace_id
+              (trace_id = validate_header(ENV['_X_AMZN_TRACE_ID']))
+              context.http_request.headers['x-amzn-trace-id'] = trace_id
             end
           end
           @handler.call(context)
         end
+
+        private
+        def validate_header(header_value)
+          return unless header_value
+
+          if (header_value.chars & (0..31).map(&:chr)).any?
+            raise ArgumentError, 'Invalid _X_AMZN_TRACE_ID value: '\
+              'contains ASCII control characters'
+          end
+          header_value
+        end
       end
 
       # should be at the end of build so that

data/lib/aws-sdk-core/plugins/regional_endpoint.rb

@@ -43,43 +43,25 @@ is set to `true`.
         resolve_use_fips_endpoint(cfg)
       end
 
+      # This option signals whether :endpoint was provided or not.
+      # Legacy endpoints must continue to be generated at client time.
       option(:regional_endpoint, false)
 
+      option(:ignore_configured_endpoint_urls,
+        doc_type: 'Boolean',
+        docstring: <<-DOCS) do |cfg|
+Setting to true disables use of endpoint URLs provided via environment 
+variables and the shared configuration file.
+        DOCS
+        resolve_ignore_configured_endpoint_urls(cfg)
+      end
+
       option(:endpoint, doc_type: String, docstring: <<-DOCS) do |cfg|
 The client endpoint is normally constructed from the `:region`
 option. You should only configure an `:endpoint` when connecting
 to test or custom endpoints. This should be a valid HTTP(S) URI.
         DOCS
-        endpoint_prefix = cfg.api.metadata['endpointPrefix']
-        if cfg.region && endpoint_prefix
-          if cfg.respond_to?(:sts_regional_endpoints)
-            sts_regional = cfg.sts_regional_endpoints
-          end
-
-          # check region is a valid RFC host label
-          unless Seahorse::Util.host_label?(cfg.region)
-            raise Errors::InvalidRegionError
-          end
-
-          region = cfg.region
-          new_region = region.gsub('fips-', '').gsub('-fips', '')
-          if region != new_region
-            warn("Legacy region #{region} was transformed to #{new_region}."\
-                 '`use_fips_endpoint` config was set to true.')
-            cfg.override_config(:use_fips_endpoint, true)
-            cfg.override_config(:region, new_region)
-          end
-
-          Aws::Partitions::EndpointProvider.resolve(
-            cfg.region,
-            endpoint_prefix,
-            sts_regional,
-            {
-              dualstack: cfg.use_dualstack_endpoint,
-              fips: cfg.use_fips_endpoint
-            }
-          )
-        end
+        resolve_endpoint(cfg)
       end
 
       def after_initialize(client)
@@ -112,6 +94,105 @@ to test or custom endpoints. This should be a valid HTTP(S) URI.
           value ||= Aws.shared_config.use_fips_endpoint(profile: cfg.profile)
           Aws::Util.str_2_bool(value) || false
         end
+
+        def resolve_ignore_configured_endpoint_urls(cfg)
+          value = ENV['AWS_IGNORE_CONFIGURED_ENDPOINT_URLS']
+          value ||= Aws.shared_config.ignore_configured_endpoint_urls(profile: cfg.profile)
+          Aws::Util.str_2_bool(value&.downcase) || false
+        end
+
+        # NOTE: with Endpoints 2.0, some of this logic is deprecated
+        # but because new old service gems may depend on new core versions
+        # we must preserve that behavior.
+        # Additional behavior controls the setting of the custom SDK::Endpoint
+        # parameter.
+        # When the `regional_endpoint` config is set to true - this indicates to
+        # Endpoints2.0 that a custom endpoint has NOT been configured by the user.
+        def resolve_endpoint(cfg)
+          endpoint = resolve_custom_config_endpoint(cfg)
+          endpoint_prefix = cfg.api.metadata['endpointPrefix']
+
+          return endpoint unless endpoint.nil? && cfg.region && endpoint_prefix
+
+          validate_region!(cfg.region)
+          handle_legacy_pseudo_regions(cfg)
+
+          # set regional_endpoint flag - this indicates to Endpoints 2.0
+          # that a custom endpoint has NOT been configured by the user
+          cfg.override_config(:regional_endpoint, true)
+
+          resolve_legacy_endpoint(cfg)
+        end
+
+        # get a custom configured endpoint from ENV or configuration
+        def resolve_custom_config_endpoint(cfg)
+          return if cfg.ignore_configured_endpoint_urls
+
+
+          env_service_endpoint(cfg) || env_global_endpoint(cfg) || shared_config_endpoint(cfg)
+        end
+
+        def env_service_endpoint(cfg)
+          service_id = cfg.api.metadata['serviceId'] || cfg.api.metadata['endpointPrefix']
+          env_service_id = service_id.gsub(" ", "_").upcase
+          return unless endpoint = ENV["AWS_ENDPOINT_URL_#{env_service_id}"]
+
+          cfg.logger&.debug(
+            "Endpoint configured from ENV['AWS_ENDPOINT_URL_#{env_service_id}']: #{endpoint}\n")
+          endpoint
+        end
+
+        def env_global_endpoint(cfg)
+          return unless endpoint = ENV['AWS_ENDPOINT_URL']
+
+          cfg.logger&.debug(
+            "Endpoint configured from ENV['AWS_ENDPOINT_URL']: #{endpoint}\n")
+          endpoint
+        end
+
+        def shared_config_endpoint(cfg)
+          service_id = cfg.api.metadata['serviceId'] || cfg.api.metadata['endpointPrefix']
+          return unless endpoint = Aws.shared_config.configured_endpoint(profile: cfg.profile, service_id: service_id)
+
+          cfg.logger&.debug(
+            "Endpoint configured from shared config(profile: #{cfg.profile}): #{endpoint}\n")
+          endpoint
+        end
+
+        # check region is a valid RFC host label
+        def validate_region!(region)
+          unless Seahorse::Util.host_label?(region)
+            raise Errors::InvalidRegionError
+          end
+        end
+
+        def handle_legacy_pseudo_regions(cfg)
+          region = cfg.region
+          new_region = region.gsub('fips-', '').gsub('-fips', '')
+          if region != new_region
+            warn("Legacy region #{region} was transformed to #{new_region}."\
+                 '`use_fips_endpoint` config was set to true.')
+            cfg.override_config(:use_fips_endpoint, true)
+            cfg.override_config(:region, new_region)
+          end
+        end
+        # set a default endpoint in config using legacy (endpoints.json) resolver
+        def resolve_legacy_endpoint(cfg)
+          endpoint_prefix = cfg.api.metadata['endpointPrefix']
+          if cfg.respond_to?(:sts_regional_endpoints)
+            sts_regional = cfg.sts_regional_endpoints
+          end
+
+          Aws::Partitions::EndpointProvider.resolve(
+            cfg.region,
+            endpoint_prefix,
+            sts_regional,
+            {
+              dualstack: cfg.use_dualstack_endpoint,
+              fips: cfg.use_fips_endpoint
+            }
+          )
+        end
       end
     end
   end