aws-sdk-core 3.150.0 → 3.166.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6e48c7a4f814d1be349fc135259cf773061e0b433c1dd1227b4e1dff040725cc
-  data.tar.gz: 8fe44d28c5302975a2590296d5af2e2eb6337e79a9c38f4f07c380728974c1ad
+  metadata.gz: a81b60918988fd7ee9366d79ced7e41bae6f7f2e55cffe4a0e5eb1cc1cd9c9c3
+  data.tar.gz: 5facaa68ef59e079763525a392996dfdce6495e0c187a5b001df78be71648abb
 SHA512:
-  metadata.gz: c17d6185b0dbcccde742918b1a78ec4fa73b7235216f99ff83b44eb7b4282cb2925cc6deaa0cd79a5f1e7f9acef0e074279279bf318d252352954aa38a7c1648
-  data.tar.gz: 679cbcc65fedea907a6aab89e4bd86b04bac83ca61d4f1c00b21f2e3c0e595f20a06f07ab1b49b2c68cb63091b005804dfcc771b9c5a0abe6238a43e398e4c06
+  metadata.gz: b3ee6e89b330461fd71923488bbc657a4f359d2e082e7ea9d5300279234843ce20a59b2a22620f282e252dc89c8d9c3b18fcfe7206898fe8f8ed6af2ce5fff81
+  data.tar.gz: 5ffab77f4bf826684b99ffda8dd6877be3382bcfe70816147f25fb1d13349c14c66b923dd45bf5510e81c569ce46f0f3967f478a061df802332c5b3f2a5059e9

data/CHANGELOG.md

@@ -1,6 +1,104 @@
 Unreleased Changes
 ------------------
 
+3.166.0 (2022-10-26)
+------------------
+
+* Feature - Updated Aws::STS::Client with the latest API changes.
+
+* Feature - Updated Aws::SSOOIDC::Client with the latest API changes.
+
+* Feature - Updated Aws::SSO::Client with the latest API changes.
+
+3.165.1 (2022-10-25)
+------------------
+
+* Issue - Require the SignatureV4 plugin to fix compatability with older `aws-sdk-s3` versions (#2774).
+
+3.165.0 (2022-10-25)
+------------------
+
+* Feature - Updated Aws::SSOOIDC::Client with the latest API changes.
+
+* Feature - Updated Aws::SSO::Client with the latest API changes.
+
+* Feature - Add support for service gems to dynamically determine their own endpoints via modeling. Service gems now generate a plugin called "Endpoints" that defines configuration for EndpointProvider, a new public type, and any client config related to endpoints. Endpoint providers will resolve values using another new public type, Endpoint Parameters, generated for each service. The plugin will use the endpoint provider to resolve an endpoint and then apply it to the request prior to serialization. Endpoint providers can be composed to change endpoint resolution logic, i.e. for testing. In addition to endpoints, the endpoint provider may also override the authentication scheme (auth scheme) which details how the request should be signed for the endpoint. A new "Sign" plugin in core replaces the SignatureV4 plugin that will generically sign any type of auth scheme that a service might have.
+
+3.164.0 (2022-10-21)
+------------------
+
+* Feature - Updated Aws::SSOOIDC::Client with the latest API changes.
+
+3.163.0 (2022-10-20)
+------------------
+
+* Feature - Updated Aws::SSOOIDC::Client with the latest API changes.
+
+3.162.0 (2022-10-19)
+------------------
+
+* Feature - Updated Aws::SSOOIDC::Client with the latest API changes.
+
+3.161.0 (2022-10-18)
+------------------
+
+* Feature - Support AwsQueryCompatible trait to read error code from x-amzn-query-error header.
+
+3.160.0 (2022-10-13)
+------------------
+
+* Feature - Updated Aws::SSO::Client with the latest API changes.
+
+3.159.0 (2022-10-07)
+------------------
+
+* Feature - Updated Aws::SSO::Client with the latest API changes.
+
+3.158.1 (2022-10-06)
+------------------
+
+* Issue - Ensure that the ReadCallbackIO is always unwrapped (#2761).
+
+3.158.0 (2022-09-30)
+------------------
+
+* Feature - Updated Aws::SSO::Client with the latest API changes.
+
+3.157.0 (2022-09-29)
+------------------
+
+* Feature - Updated Aws::SSO::Client with the latest API changes.
+
+3.156.0 (2022-09-27)
+------------------
+
+* Feature - Updated Aws::SSO::Client with the latest API changes.
+
+3.155.0 (2022-09-26)
+------------------
+
+* Feature - Updated Aws::SSO::Client with the latest API changes.
+
+3.154.0 (2022-09-23)
+------------------
+
+* Feature - Updated Aws::SSO::Client with the latest API changes.
+
+3.153.0 (2022-09-22)
+------------------
+
+* Feature - Updated Aws::SSO::Client with the latest API changes.
+
+3.152.0 (2022-09-21)
+------------------
+
+* Feature - Updated Aws::SSO::Client with the latest API changes.
+
+3.151.0 (2022-09-20)
+------------------
+
+* Feature - Updated Aws::SSO::Client with the latest API changes.
+
 3.150.0 (2022-09-19)
 ------------------
 
@@ -78,6 +176,8 @@ Unreleased Changes
 
 * Feature - Updated Aws::SSO::Client with the latest API changes.
 
+* Feature - Updated Aws::SSOOIDC::Client with the latest API changes.
+
 3.135.0 (2022-08-24)
 ------------------
 
@@ -89,12 +189,13 @@ Unreleased Changes
 * Feature - Updated Aws::SSO::Client with the latest API changes.
 
 * Feature - Add support for Bearer Token Authentication and TokenProviders.
+
 * Issue - Validate that `_X_AMZN_TRACE_ID` ENV value contains only valid, non-control characters.
 
 3.133.0 (2022-08-22)
 ------------------
 
-* Feature - Moved functionality from `aws-sdk-ssoidc` into core.
+* Feature - Moved functionality from `aws-sdk-ssooidc` into core.
 
 3.132.0 (2022-08-08)
 ------------------

data/VERSION

@@ -1 +1 @@
-3.150.0
+3.166.0

data/lib/aws-sdk-core/arn.rb

@@ -88,5 +88,18 @@ module Aws
         resource: @resource
       }
     end
+
+    # Return the ARN as JSON
+    #
+    # @return [Hash]
+    def as_json(_options = nil)
+      {
+        'partition' => @partition,
+        'service' => @service,
+        'region' => @region,
+        'accountId' => @account_id,
+        'resource' => @resource
+      }
+    end
   end
 end

data/lib/aws-sdk-core/binary/encode_handler.rb

@@ -13,7 +13,7 @@ module Aws
             context.config.api.metadata['protocol'],
             eventstream_member,
             context.operation.input,
-            context.config.sigv4_signer
+            signer_for(context)
           )
           context[:input_event_emitter] = input_es_handler.event_emitter
         end
@@ -22,6 +22,17 @@ module Aws
 
       private
 
+      def signer_for(context)
+        # New endpoint/signing logic, use the auth scheme to make a signer
+        if context[:auth_scheme]
+          Aws::Plugins::Sign.signer_for(context[:auth_scheme], context.config)
+        else
+          # Previous implementation always assumed sigv4_signer from config.
+          # Relies only on sigv4 signing (and plugin) for event stream services
+          context.config.sigv4_signer
+        end
+      end
+
       def eventstream_input?(ctx)
         ctx.operation.input.shape.members.each do |_, ref|
           return ref if ref.eventstream

data/lib/aws-sdk-core/endpoints/condition.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+module Aws
+  module Endpoints
+    # @api private
+    class Condition
+      def initialize(fn:, argv:, assign: nil)
+        @fn = Function.new(fn: fn, argv: argv)
+        @assign = assign
+        @assigned = {}
+      end
+
+      attr_reader :fn
+      attr_reader :argv
+      attr_reader :assign
+
+      attr_reader :assigned
+
+      def match?(parameters, assigns)
+        output = @fn.call(parameters, assigns)
+        @assigned = @assigned.merge({ @assign => output }) if @assign
+        output
+      end
+
+      def self.from_json(conditions_json)
+        conditions_json.each.with_object([]) do |condition, conditions|
+          conditions << new(
+            fn: condition['fn'],
+            argv: condition['argv'],
+            assign: condition['assign']
+          )
+        end
+      end
+    end
+  end
+end

data/lib/aws-sdk-core/endpoints/endpoint.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Aws
+  module Endpoints
+    class Endpoint
+      def initialize(url:, properties: {}, headers: {})
+        @url = url
+        @properties = properties
+        @headers = headers
+      end
+
+      attr_reader :url
+      attr_reader :properties
+      attr_reader :headers
+    end
+  end
+end

data/lib/aws-sdk-core/endpoints/endpoint_rule.rb

@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+
+module Aws
+  module Endpoints
+    # @api private
+    class EndpointRule < Rule
+      def initialize(type: 'endpoint', conditions:, endpoint:,
+                     documentation: nil)
+        @type = type
+        @conditions = Condition.from_json(conditions)
+        @endpoint = endpoint
+        @documentation = documentation
+      end
+
+      attr_reader :type
+      attr_reader :conditions
+      attr_reader :endpoint
+      attr_reader :documentation
+
+      def match(parameters, assigned = {})
+        assigns = assigned.dup
+        matched = conditions.all? do |condition|
+          output = condition.match?(parameters, assigns)
+          assigns = assigns.merge(condition.assigned) if condition.assign
+          output
+        end
+        resolved_endpoint(parameters, assigns) if matched
+      end
+
+      def resolved_endpoint(parameters, assigns)
+        Endpoint.new(
+          url: resolve_value(@endpoint['url'], parameters, assigns),
+          properties: resolve_properties(
+            @endpoint['properties'] || {},
+            parameters,
+            assigns
+          ),
+          headers: resolve_headers(parameters, assigns)
+        )
+      end
+
+      private
+
+      def resolve_headers(parameters, assigns)
+        (@endpoint['headers'] || {}).each.with_object({}) do |(key, arr), headers|
+          headers[key] = []
+          arr.each do |value|
+            headers[key] << resolve_value(value, parameters, assigns)
+          end
+        end
+      end
+
+      def resolve_properties(obj, parameters, assigns)
+        case obj
+        when Hash
+          obj.each.with_object({}) do |(key, value), hash|
+            hash[key] = resolve_properties(value, parameters, assigns)
+          end
+        when Array
+          obj.collect { |value| resolve_properties(value, parameters, assigns) }
+        else
+          if obj.is_a?(String)
+            Templater.resolve(obj, parameters, assigns)
+          else
+            obj
+          end
+        end
+      end
+    end
+  end
+end

data/lib/aws-sdk-core/endpoints/error_rule.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module Aws
+  module Endpoints
+    # @api private
+    class ErrorRule < Rule
+      def initialize(type: 'error', conditions:, error: nil, documentation: nil)
+        @type = type
+        @conditions = Condition.from_json(conditions)
+        @error = error
+        @documentation = documentation
+      end
+
+      attr_reader :type
+      attr_reader :conditions
+      attr_reader :error
+      attr_reader :documentation
+
+      def match(parameters, assigned = {})
+        assigns = assigned.dup
+        matched = conditions.all? do |condition|
+          output = condition.match?(parameters, assigns)
+          assigns = assigns.merge(condition.assigned) if condition.assign
+          output
+        end
+        resolved_error(parameters, assigns) if matched
+      end
+
+      private
+
+      def resolved_error(parameters, assigns)
+        error = resolve_value(@error, parameters, assigns)
+        ArgumentError.new(error)
+      end
+    end
+  end
+end

data/lib/aws-sdk-core/endpoints/function.rb

@@ -0,0 +1,75 @@
+# frozen_string_literal: true
+
+module Aws
+  module Endpoints
+    # @api private
+    class Function
+      def initialize(fn:, argv:)
+        @fn = fn
+        @argv = build_argv(argv)
+      end
+
+      attr_reader :fn
+      attr_reader :argv
+
+      def call(parameters, assigns)
+        args = []
+        @argv.each do |arg|
+          if arg.is_a?(Reference)
+            args << arg.resolve(parameters, assigns)
+          elsif arg.is_a?(Function)
+            args << arg.call(parameters, assigns)
+          else
+            if arg.is_a?(String)
+              arg = Templater.resolve(arg, parameters, assigns)
+            end
+            args << arg
+          end
+        end
+
+        case @fn
+        when 'isSet'
+          Matchers.set?(*args)
+        when 'not'
+          Matchers.not(*args)
+        when 'getAttr'
+          Matchers.attr(*args)
+        when 'substring'
+          Matchers.substring(*args)
+        when 'stringEquals'
+          Matchers.string_equals?(*args)
+        when 'booleanEquals'
+          Matchers.boolean_equals?(*args)
+        when 'uriEncode'
+          Matchers.uri_encode(*args)
+        when 'parseURL'
+          Matchers.parse_url(*args)
+        when 'isValidHostLabel'
+          Matchers.valid_host_label?(*args)
+        when 'aws.partition'
+          Matchers.aws_partition(*args)
+        when 'aws.parseArn'
+          Matchers.aws_parse_arn(*args)
+        when 'aws.isVirtualHostableS3Bucket'
+          Matchers.aws_virtual_hostable_s3_bucket?(*args)
+        else
+          raise "Function not found: #{@fn}"
+        end
+      end
+
+      private
+
+      def build_argv(argv_json)
+        argv_json.each.with_object([]) do |arg, argv|
+          argv << if arg.is_a?(Hash) && arg['ref']
+                    Reference.new(ref: arg['ref'])
+                  elsif arg.is_a?(Hash) && arg['fn']
+                    Function.new(fn: arg['fn'], argv: arg['argv'])
+                  else
+                    arg
+                  end
+        end
+      end
+    end
+  end
+end

data/lib/aws-sdk-core/endpoints/matchers.rb

@@ -0,0 +1,127 @@
+# frozen_string_literal: true
+
+require 'cgi'
+
+module Aws
+  module Endpoints
+    # generic matcher functions for service endpoints
+    # @api private
+    module Matchers
+      # Regex that extracts anything in square brackets
+      BRACKET_REGEX = /\[(.*?)\]/.freeze
+
+      # CORE
+
+      # isSet(value: Option<T>) bool
+      def self.set?(value)
+        !value.nil?
+      end
+
+      # not(value: bool) bool
+      def self.not(bool)
+        !bool
+      end
+
+      # getAttr(value: Object | Array, path: string) Document
+      def self.attr(value, path)
+        parts = path.split('.')
+
+        val = if (index = parts.first[BRACKET_REGEX, 1])
+                # remove brackets and index from part before indexing
+                value[parts.first.gsub(BRACKET_REGEX, '')][index.to_i]
+              else
+                value[parts.first]
+              end
+
+        if parts.size == 1
+          val
+        else
+          attr(val, parts.slice(1..-1).join('.'))
+        end
+      end
+
+      def self.substring(input, start, stop, reverse)
+        return nil if start >= stop || input.size < stop
+
+        return nil if input.chars.any? { |c| c.ord > 127 }
+
+        return input[start...stop] unless reverse
+
+        r_start = input.size - stop
+        r_stop = input.size - start
+        input[r_start...r_stop]
+      end
+
+      # stringEquals(value1: string, value2: string) bool
+      def self.string_equals?(value1, value2)
+        value1 == value2
+      end
+
+      # booleanEquals(value1: bool, value2: bool) bool
+      def self.boolean_equals?(value1, value2)
+        value1 == value2
+      end
+
+      # uriEncode(value: string) string
+      def self.uri_encode(value)
+        CGI.escape(value.encode('UTF-8')).gsub('+', '%20').gsub('%7E', '~')
+      end
+
+      # parseUrl(value: string) Option<URL>
+      def self.parse_url(value)
+        URL.new(value).as_json
+      rescue ArgumentError, URI::InvalidURIError
+        nil
+      end
+
+      # isValidHostLabel(value: string, allowSubDomains: bool) bool
+      def self.valid_host_label?(value, allow_sub_domains = false)
+        return false if value.empty?
+
+        if allow_sub_domains
+          labels = value.split('.')
+          return labels.all? { |l| valid_host_label?(l) }
+        end
+
+        value =~ /\A(?!-)[a-zA-Z0-9-]{1,63}(?<!-)\z/
+      end
+
+      # AWS
+
+      # aws.partition(value: string) Option<Partition>
+      def self.aws_partition(value)
+        partition =
+          Aws::Partitions.find { |p| p.region?(value) } ||
+          Aws::Partitions.find { |p| value.match(p.region_regex) } ||
+          Aws::Partitions.find { |p| p.name == 'aws' }
+
+        return nil unless partition
+
+        partition.metadata
+      end
+
+      # aws.parseArn(value: string) Option<ARN>
+      def self.aws_parse_arn(value)
+        arn = Aws::ARNParser.parse(value)
+        json = arn.as_json
+        # HACK: because of poor naming and also requirement of splitting
+        resource = json.delete('resource')
+        json['resourceId'] = resource.split(%r{[:\/]}, -1)
+        json
+      rescue Aws::Errors::InvalidARNError
+        nil
+      end
+
+      # aws.isVirtualHostableS3Bucket(value: string, allowSubDomains: bool) bool
+      def self.aws_virtual_hostable_s3_bucket?(value, allow_sub_domains = false)
+        !!(value.size < 64 &&
+          # regular naming rules
+          value =~ /^[a-z0-9][a-z0-9\-#{'.' if allow_sub_domains}]+[a-z0-9]$/ &&
+          # not IP address
+          value !~ /(\d+\.){3}\d+/ &&
+          # no dash and hyphen together
+          value !~ /[.-]{2}/)
+      end
+    end
+  end
+end

data/lib/aws-sdk-core/endpoints/reference.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module Aws
+  module Endpoints
+    # @api private
+    class Reference
+      def initialize(ref:)
+        @ref = ref
+      end
+
+      attr_reader :ref
+
+      def resolve(parameters, assigns)
+        if parameters.class.singleton_class::PARAM_MAP.key?(@ref)
+          member_name = parameters.class.singleton_class::PARAM_MAP[@ref]
+          parameters[member_name]
+        elsif assigns.key?(@ref)
+          assigns[@ref]
+        else
+          raise ArgumentError,
+                "Reference #{@ref} is not a param or an assigned value."
+        end
+      end
+    end
+  end
+end

data/lib/aws-sdk-core/endpoints/rule.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module Aws
+  module Endpoints
+    # @api private
+    class Rule
+      # Resolves a value that is a function, reference, or template string.
+      def resolve_value(value, parameters, assigns)
+        if value.is_a?(Hash) && value['fn']
+          Function.new(fn: value['fn'], argv: value['argv'])
+                  .call(parameters, assigns)
+        elsif value.is_a?(Hash) && value['ref']
+          Reference.new(ref: value['ref']).resolve(parameters, assigns)
+        else
+          Templater.resolve(value, parameters, assigns)
+        end
+      end
+    end
+  end
+end

data/lib/aws-sdk-core/endpoints/rule_set.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+module Aws
+  module Endpoints
+    # @api private
+    class RuleSet
+      def initialize(version:, service_id:, parameters:, rules:)
+        @version = version
+        @service_id = service_id
+        @parameters = parameters
+        @rules = RuleSet.rules_from_json(rules || [])
+      end
+
+      attr_reader :version
+      attr_reader :service_id
+      attr_reader :parameters
+      attr_reader :rules
+
+      def self.rules_from_json(rules_json)
+        rules_json.each.with_object([]) do |rule, rules|
+          if rule['type'] == 'endpoint'
+            rules << EndpointRule.new(
+              conditions: rule['conditions'],
+              endpoint: rule['endpoint'],
+              documentation: rule['documentation']
+            )
+          elsif rule['type'] == 'error'
+            rules << ErrorRule.new(
+              conditions: rule['conditions'],
+              error: rule['error'],
+              documentation: rule['documentation']
+            )
+          elsif rule['type'] == 'tree'
+            rules << TreeRule.new(
+              conditions: rule['conditions'],
+              rules: rule['rules'],
+              documentation: rule['documentation']
+            )
+          else
+            # should not happen
+            raise "Unknown endpoint rule type: #{rule}"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/aws-sdk-core/endpoints/rules_provider.rb

@@ -0,0 +1,32 @@
+module Aws
+  module Endpoints
+    # @api private
+    class RulesProvider
+      def initialize(rule_set)
+        @rule_set = rule_set
+      end
+
+      def resolve_endpoint(parameters)
+        obj = resolve_rules(parameters)
+        case obj
+        when Endpoint
+          obj
+        when ArgumentError
+          raise obj
+        else
+          raise ArgumentError, 'No endpoint could be resolved'
+        end
+      end
+
+      private
+
+      def resolve_rules(parameters)
+        @rule_set.rules.each do |rule|
+          output = rule.match(parameters)
+          return output if output
+        end
+        nil
+      end
+    end
+  end
+end