aws-sdk-core 3.164.0 → 3.165.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (50) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +11 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-core/arn.rb +13 -0
  5. data/lib/aws-sdk-core/binary/encode_handler.rb +12 -1
  6. data/lib/aws-sdk-core/endpoints/condition.rb +36 -0
  7. data/lib/aws-sdk-core/endpoints/endpoint.rb +17 -0
  8. data/lib/aws-sdk-core/endpoints/endpoint_rule.rb +71 -0
  9. data/lib/aws-sdk-core/endpoints/error_rule.rb +37 -0
  10. data/lib/aws-sdk-core/endpoints/function.rb +75 -0
  11. data/lib/aws-sdk-core/endpoints/matchers.rb +127 -0
  12. data/lib/aws-sdk-core/endpoints/reference.rb +26 -0
  13. data/lib/aws-sdk-core/endpoints/rule.rb +20 -0
  14. data/lib/aws-sdk-core/endpoints/rule_set.rb +47 -0
  15. data/lib/aws-sdk-core/endpoints/rules_provider.rb +32 -0
  16. data/lib/aws-sdk-core/endpoints/templater.rb +52 -0
  17. data/lib/aws-sdk-core/endpoints/tree_rule.rb +40 -0
  18. data/lib/aws-sdk-core/endpoints/url.rb +59 -0
  19. data/lib/aws-sdk-core/endpoints.rb +74 -0
  20. data/lib/aws-sdk-core/plugins/credentials_configuration.rb +24 -0
  21. data/lib/aws-sdk-core/plugins/endpoint_discovery.rb +6 -2
  22. data/lib/aws-sdk-core/plugins/regional_endpoint.rb +5 -0
  23. data/lib/aws-sdk-core/plugins/sign.rb +190 -0
  24. data/lib/aws-sdk-core/plugins/signature_v2.rb +1 -0
  25. data/lib/aws-sdk-core/plugins/signature_v4.rb +1 -0
  26. data/lib/aws-sdk-core/rest/request/headers.rb +2 -6
  27. data/lib/aws-sdk-core.rb +3 -0
  28. data/lib/aws-sdk-sso/client.rb +20 -3
  29. data/lib/aws-sdk-sso/endpoint_parameters.rb +66 -0
  30. data/lib/aws-sdk-sso/endpoint_provider.rb +112 -0
  31. data/lib/aws-sdk-sso/endpoints.rb +71 -0
  32. data/lib/aws-sdk-sso/plugins/endpoints.rb +76 -0
  33. data/lib/aws-sdk-sso.rb +5 -1
  34. data/lib/aws-sdk-ssooidc/client.rb +20 -3
  35. data/lib/aws-sdk-ssooidc/endpoint_parameters.rb +66 -0
  36. data/lib/aws-sdk-ssooidc/endpoint_provider.rb +111 -0
  37. data/lib/aws-sdk-ssooidc/endpoints.rb +57 -0
  38. data/lib/aws-sdk-ssooidc/plugins/endpoints.rb +74 -0
  39. data/lib/aws-sdk-ssooidc.rb +5 -1
  40. data/lib/aws-sdk-sts/client.rb +20 -3
  41. data/lib/aws-sdk-sts/endpoint_parameters.rb +78 -0
  42. data/lib/aws-sdk-sts/endpoint_provider.rb +229 -0
  43. data/lib/aws-sdk-sts/endpoints.rb +135 -0
  44. data/lib/aws-sdk-sts/plugins/endpoints.rb +84 -0
  45. data/lib/aws-sdk-sts/presigner.rb +13 -15
  46. data/lib/aws-sdk-sts.rb +5 -1
  47. data/lib/seahorse/client/async_base.rb +0 -1
  48. data/lib/seahorse/client/configuration.rb +2 -2
  49. data/lib/seahorse/util.rb +4 -0
  50. metadata +31 -4
@@ -0,0 +1,59 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'ipaddr'
4
+
5
+ module Aws
6
+ module Endpoints
7
+ # @api private
8
+ class URL
9
+ def initialize(url)
10
+ uri = URI(url)
11
+ @scheme = uri.scheme
12
+ # only support http and https schemes
13
+ raise ArgumentError unless %w[https http].include?(@scheme)
14
+
15
+ # do not support query
16
+ raise ArgumentError if uri.query
17
+
18
+ @authority = _authority(url, uri)
19
+ @path = uri.path
20
+ @normalized_path = uri.path + (uri.path[-1] == '/' ? '' : '/')
21
+ @is_ip = _is_ip(uri.host)
22
+ end
23
+
24
+ attr_reader :scheme
25
+ attr_reader :authority
26
+ attr_reader :path
27
+ attr_reader :normalized_path
28
+ attr_reader :is_ip
29
+
30
+ def as_json(_options = {})
31
+ {
32
+ 'scheme' => scheme,
33
+ 'authority' => authority,
34
+ 'path' => path,
35
+ 'normalizedPath' => normalized_path,
36
+ 'isIp' => is_ip
37
+ }
38
+ end
39
+
40
+ private
41
+
42
+ def _authority(url, uri)
43
+ # don't include port if it's default and not parsed originally
44
+ if uri.default_port == uri.port && !url.include?(":#{uri.port}")
45
+ uri.host
46
+ else
47
+ "#{uri.host}:#{uri.port}"
48
+ end
49
+ end
50
+
51
+ def _is_ip(authority)
52
+ IPAddr.new(authority)
53
+ true
54
+ rescue IPAddr::InvalidAddressError
55
+ false
56
+ end
57
+ end
58
+ end
59
+ end
@@ -0,0 +1,74 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative 'endpoints/rule'
4
+ require_relative 'endpoints/condition'
5
+ require_relative 'endpoints/endpoint_rule'
6
+ require_relative 'endpoints/endpoint'
7
+ require_relative 'endpoints/error_rule'
8
+ require_relative 'endpoints/function'
9
+ require_relative 'endpoints/matchers'
10
+ require_relative 'endpoints/reference'
11
+ require_relative 'endpoints/rules_provider'
12
+ require_relative 'endpoints/rule_set'
13
+ require_relative 'endpoints/templater'
14
+ require_relative 'endpoints/tree_rule'
15
+ require_relative 'endpoints/url'
16
+
17
+ module Aws
18
+ # @api private
19
+ module Endpoints
20
+ class << self
21
+ def resolve_auth_scheme(context, endpoint)
22
+ if endpoint && (auth_schemes = endpoint.properties['authSchemes'])
23
+ auth_scheme = auth_schemes.find do |scheme|
24
+ Aws::Plugins::Sign::SUPPORTED_AUTH_TYPES.include?(scheme['name'])
25
+ end
26
+ raise 'No supported auth scheme for this endpoint.' unless auth_scheme
27
+
28
+ merge_signing_defaults(auth_scheme, context.config)
29
+ else
30
+ default_auth_scheme(context)
31
+ end
32
+ end
33
+
34
+ private
35
+
36
+ def default_auth_scheme(context)
37
+ case default_api_authtype(context)
38
+ when 'v4', 'v4-unsigned-body'
39
+ auth_scheme = { 'name' => 'sigv4' }
40
+ merge_signing_defaults(auth_scheme, context.config)
41
+ when 's3', 's3v4'
42
+ auth_scheme = { 'name' => 'sigv4', 'disableDoubleEncoding' => true }
43
+ merge_signing_defaults(auth_scheme, context.config)
44
+ when 'bearer'
45
+ { 'name' => 'bearer' }
46
+ when 'none', nil
47
+ { 'name' => 'none' }
48
+ end
49
+ end
50
+
51
+ def merge_signing_defaults(auth_scheme, config)
52
+ if %w[sigv4 sigv4a].include?(auth_scheme['name'])
53
+ auth_scheme['signingName'] ||= sigv4_name(config)
54
+ if auth_scheme['name'] == 'sigv4a'
55
+ auth_scheme['signingRegionSet'] ||= ['*']
56
+ else
57
+ auth_scheme['signingRegion'] ||= config.region
58
+ end
59
+ end
60
+ auth_scheme
61
+ end
62
+
63
+ def default_api_authtype(context)
64
+ context.config.api.operation(context.operation_name)['authtype'] ||
65
+ context.config.api.metadata['signatureVersion']
66
+ end
67
+
68
+ def sigv4_name(config)
69
+ config.api.metadata['signingName'] ||
70
+ config.api.metadata['endpointPrefix']
71
+ end
72
+ end
73
+ end
74
+ end
@@ -76,6 +76,30 @@ locations will be searched for credentials:
76
76
 
77
77
  option(:instance_profile_credentials_timeout, 1)
78
78
 
79
+ option(:token_provider,
80
+ required: false,
81
+ doc_type: 'Aws::TokenProvider',
82
+ docstring: <<-DOCS
83
+ A Bearer Token Provider. This can be an instance of any one of the
84
+ following classes:
85
+
86
+ * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
87
+ tokens.
88
+
89
+ * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
90
+ access token generated from `aws login`.
91
+
92
+ When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
93
+ will be used to search for tokens configured for your profile in shared configuration files.
94
+ DOCS
95
+ ) do |config|
96
+ if config.stub_responses
97
+ StaticTokenProvider.new('token')
98
+ else
99
+ TokenProviderChain.new(config).resolve
100
+ end
101
+ end
102
+
79
103
  end
80
104
  end
81
105
  end
@@ -72,7 +72,11 @@ the background every 60 secs (default). Defaults to `false`.
72
72
  context,
73
73
  Aws::Util.str_2_bool(discovery_cfg["required"])
74
74
  )
75
- context.http_request.endpoint = _valid_uri(endpoint.address) if endpoint
75
+ if endpoint
76
+ context.http_request.endpoint = _valid_uri(endpoint.address)
77
+ # Skips dynamic endpoint usage, use this endpoint instead
78
+ context[:discovered_endpoint] = true
79
+ end
76
80
  if endpoint || context.config.endpoint_discovery
77
81
  _apply_endpoint_discovery_user_agent(context)
78
82
  end
@@ -100,7 +104,7 @@ the background every 60 secs (default). Defaults to `false`.
100
104
  end
101
105
 
102
106
  def _discover_endpoint(ctx, required)
103
- cache = ctx.config.endpoint_cache
107
+ cache = ctx.config.endpoint_cache
104
108
  key = cache.extract_key(ctx)
105
109
 
106
110
  if required
@@ -43,8 +43,13 @@ is set to `true`.
43
43
  resolve_use_fips_endpoint(cfg)
44
44
  end
45
45
 
46
+ # This option signals whether :endpoint was provided or not.
47
+ # Legacy endpoints must continue to be generated at client time.
46
48
  option(:regional_endpoint, false)
47
49
 
50
+ # NOTE: All of the defaults block code is effectively deprecated.
51
+ # Because old services can depend on this new core version, we must
52
+ # retain it.
48
53
  option(:endpoint, doc_type: String, docstring: <<-DOCS) do |cfg|
49
54
  The client endpoint is normally constructed from the `:region`
50
55
  option. You should only configure an `:endpoint` when connecting
@@ -0,0 +1,190 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'aws-sigv4'
4
+
5
+ module Aws
6
+ module Plugins
7
+ # @api private
8
+ class Sign < Seahorse::Client::Plugin
9
+ # These once had defaults. But now they are used as overrides to
10
+ # new endpoint and auth resolution.
11
+ option(:sigv4_signer)
12
+ option(:sigv4_name)
13
+ option(:sigv4_region)
14
+ option(:unsigned_operations, default: [])
15
+
16
+ supported_auth_types = %w[sigv4 bearer none]
17
+ supported_auth_types += ['sigv4a'] if Aws::Sigv4::Signer.use_crt?
18
+ SUPPORTED_AUTH_TYPES = supported_auth_types.freeze
19
+
20
+ def add_handlers(handlers, cfg)
21
+ operations = cfg.api.operation_names - cfg.unsigned_operations
22
+ handlers.add(Handler, step: :sign, operations: operations)
23
+ end
24
+
25
+ # @api private
26
+ # Return a signer with the `sign(context)` method
27
+ def self.signer_for(auth_scheme, config, region_override = nil)
28
+ case auth_scheme['name']
29
+ when 'sigv4', 'sigv4a'
30
+ SignatureV4.new(auth_scheme, config, region_override)
31
+ when 'bearer'
32
+ Bearer.new
33
+ else
34
+ NullSigner.new
35
+ end
36
+ end
37
+
38
+ class Handler < Seahorse::Client::Handler
39
+ def call(context)
40
+ signer = Sign.signer_for(
41
+ context[:auth_scheme],
42
+ context.config,
43
+ context[:sigv4_region]
44
+ )
45
+
46
+ signer.sign(context)
47
+ @handler.call(context)
48
+ end
49
+ end
50
+
51
+ # @api private
52
+ class Bearer
53
+ def initialize
54
+ end
55
+
56
+ def sign(context)
57
+ if context.http_request.endpoint.scheme != 'https'
58
+ raise ArgumentError,
59
+ 'Unable to use bearer authorization on non https endpoint.'
60
+ end
61
+
62
+ token_provider = context.config.token_provider
63
+
64
+ raise Errors::MissingBearerTokenError unless token_provider&.set?
65
+
66
+ context.http_request.headers['Authorization'] =
67
+ "Bearer #{token_provider.token.token}"
68
+ end
69
+
70
+ def presign_url(*args)
71
+ raise ArgumentError, 'Bearer auth does not support presigned urls'
72
+ end
73
+
74
+ def sign_event(*args)
75
+ raise ArgumentError, 'Bearer auth does not support event signing'
76
+ end
77
+ end
78
+
79
+ # @api private
80
+ class SignatureV4
81
+ def initialize(auth_scheme, config, region_override = nil)
82
+ scheme_name = auth_scheme['name']
83
+
84
+ unless %w[sigv4 sigv4a].include?(scheme_name)
85
+ raise ArgumentError,
86
+ "Expected sigv4 or sigv4a auth scheme, got #{scheme_name}"
87
+ end
88
+
89
+ region = if scheme_name == 'sigv4a'
90
+ auth_scheme['signingRegionSet'].first
91
+ else
92
+ auth_scheme['signingRegion']
93
+ end
94
+ begin
95
+ @signer = Aws::Sigv4::Signer.new(
96
+ service: config.sigv4_name || auth_scheme['signingName'],
97
+ region: region_override || config.sigv4_region || region,
98
+ credentials_provider: config.credentials,
99
+ signing_algorithm: scheme_name.to_sym,
100
+ uri_escape_path: !!!auth_scheme['disableDoubleEncoding'],
101
+ unsigned_headers: %w[content-length user-agent x-amzn-trace-id]
102
+ )
103
+ rescue Aws::Sigv4::Errors::MissingCredentialsError
104
+ raise Aws::Errors::MissingCredentialsError
105
+ end
106
+ end
107
+
108
+ def sign(context)
109
+ req = context.http_request
110
+
111
+ apply_authtype(context, req)
112
+ reset_signature(req)
113
+ apply_clock_skew(context, req)
114
+
115
+ # compute the signature
116
+ begin
117
+ signature = @signer.sign_request(
118
+ http_method: req.http_method,
119
+ url: req.endpoint,
120
+ headers: req.headers,
121
+ body: req.body
122
+ )
123
+ rescue Aws::Sigv4::Errors::MissingCredentialsError
124
+ # Necessary for when credentials is explicitly set to nil
125
+ raise Aws::Errors::MissingCredentialsError
126
+ end
127
+ # apply signature headers
128
+ req.headers.update(signature.headers)
129
+
130
+ # add request metadata with signature components for debugging
131
+ context[:canonical_request] = signature.canonical_request
132
+ context[:string_to_sign] = signature.string_to_sign
133
+ end
134
+
135
+ def presign_url(*args)
136
+ @signer.presign_url(*args)
137
+ end
138
+
139
+ def sign_event(*args)
140
+ @signer.sign_event(*args)
141
+ end
142
+
143
+ private
144
+
145
+ def apply_authtype(context, req)
146
+ if context.operation['authtype'].eql?('v4-unsigned-body') &&
147
+ req.endpoint.scheme.eql?('https')
148
+ req.headers['X-Amz-Content-Sha256'] ||= 'UNSIGNED-PAYLOAD'
149
+ end
150
+ end
151
+
152
+ def reset_signature(req)
153
+ # in case this request is being re-signed
154
+ req.headers.delete('Authorization')
155
+ req.headers.delete('X-Amz-Security-Token')
156
+ req.headers.delete('X-Amz-Date')
157
+ req.headers.delete('x-Amz-Region-Set')
158
+ end
159
+
160
+ def apply_clock_skew(context, req)
161
+ if context.config.respond_to?(:clock_skew) &&
162
+ context.config.clock_skew &&
163
+ context.config.correct_clock_skew
164
+
165
+ endpoint = context.http_request.endpoint
166
+ skew = context.config.clock_skew.clock_correction(endpoint)
167
+ if skew.abs.positive?
168
+ req.headers['X-Amz-Date'] =
169
+ (Time.now.utc + skew).strftime('%Y%m%dT%H%M%SZ')
170
+ end
171
+ end
172
+ end
173
+
174
+ end
175
+
176
+ # @api private
177
+ class NullSigner
178
+
179
+ def sign(context)
180
+ end
181
+
182
+ def presign_url(*args)
183
+ end
184
+
185
+ def sign_event(*args)
186
+ end
187
+ end
188
+ end
189
+ end
190
+ end
@@ -3,6 +3,7 @@
3
3
  module Aws
4
4
  module Plugins
5
5
  # @api private
6
+ # Necessary to keep after Endpoints 2.0
6
7
  class SignatureV2 < Seahorse::Client::Plugin
7
8
 
8
9
  option(:v2_signer) do |cfg|
@@ -5,6 +5,7 @@ require 'aws-sigv4'
5
5
  module Aws
6
6
  module Plugins
7
7
  # @api private
8
+ # Necessary to exist after endpoints 2.0
8
9
  class SignatureV4 < Seahorse::Client::Plugin
9
10
 
10
11
  V4_AUTH = %w[v4 v4-unsigned-payload v4-unsigned-body]
@@ -53,12 +53,8 @@ module Aws
53
53
  return if !value || value.empty?
54
54
  headers[ref.location_name] = value
55
55
  .compact
56
- .map { |s| escape_header_list_string(s.to_s) }
57
- .join(",")
58
- end
59
-
60
- def escape_header_list_string(s)
61
- (s.include?('"') || s.include?(",")) ? "\"#{s.gsub('"', '\"')}\"" : s
56
+ .map { |s| Seahorse::Util.escape_header_list_string(s.to_s) }
57
+ .join(',')
62
58
  end
63
59
 
64
60
  def apply_header_map(headers, ref, values)
data/lib/aws-sdk-core.rb CHANGED
@@ -97,6 +97,9 @@ require_relative 'aws-sdk-core/arn'
97
97
  require_relative 'aws-sdk-core/arn_parser'
98
98
  require_relative 'aws-sdk-core/ec2_metadata'
99
99
 
100
+ # dynamic endpoints
101
+ require_relative 'aws-sdk-core/endpoints'
102
+
100
103
  # defaults
101
104
  require_relative 'aws-defaults'
102
105
 
@@ -30,7 +30,7 @@ require 'aws-sdk-core/plugins/http_checksum.rb'
30
30
  require 'aws-sdk-core/plugins/checksum_algorithm.rb'
31
31
  require 'aws-sdk-core/plugins/defaults_mode.rb'
32
32
  require 'aws-sdk-core/plugins/recursion_detection.rb'
33
- require 'aws-sdk-core/plugins/signature_v4.rb'
33
+ require 'aws-sdk-core/plugins/sign.rb'
34
34
  require 'aws-sdk-core/plugins/protocols/rest_json.rb'
35
35
 
36
36
  Aws::Plugins::GlobalConfiguration.add_identifier(:sso)
@@ -79,8 +79,9 @@ module Aws::SSO
79
79
  add_plugin(Aws::Plugins::ChecksumAlgorithm)
80
80
  add_plugin(Aws::Plugins::DefaultsMode)
81
81
  add_plugin(Aws::Plugins::RecursionDetection)
82
- add_plugin(Aws::Plugins::SignatureV4)
82
+ add_plugin(Aws::Plugins::Sign)
83
83
  add_plugin(Aws::Plugins::Protocols::RestJson)
84
+ add_plugin(Aws::SSO::Plugins::Endpoints)
84
85
 
85
86
  # @overload initialize(options)
86
87
  # @param [Hash] options
@@ -287,6 +288,19 @@ module Aws::SSO
287
288
  # ** Please note ** When response stubbing is enabled, no HTTP
288
289
  # requests are made, and retries are disabled.
289
290
  #
291
+ # @option options [Aws::TokenProvider] :token_provider
292
+ # A Bearer Token Provider. This can be an instance of any one of the
293
+ # following classes:
294
+ #
295
+ # * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
296
+ # tokens.
297
+ #
298
+ # * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
299
+ # access token generated from `aws login`.
300
+ #
301
+ # When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
302
+ # will be used to search for tokens configured for your profile in shared configuration files.
303
+ #
290
304
  # @option options [Boolean] :use_dualstack_endpoint
291
305
  # When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
292
306
  # will be used if available.
@@ -300,6 +314,9 @@ module Aws::SSO
300
314
  # When `true`, request parameters are validated before
301
315
  # sending the request.
302
316
  #
317
+ # @option options [Aws::SSO::EndpointProvider] :endpoint_provider
318
+ # The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::SSO::EndpointParameters`
319
+ #
303
320
  # @option options [URI::HTTP,String] :http_proxy A proxy to send
304
321
  # requests through. Formatted like 'http://proxy.com:123'.
305
322
  #
@@ -568,7 +585,7 @@ module Aws::SSO
568
585
  params: params,
569
586
  config: config)
570
587
  context[:gem_name] = 'aws-sdk-core'
571
- context[:gem_version] = '3.164.0'
588
+ context[:gem_version] = '3.165.0'
572
589
  Seahorse::Client::Request.new(handlers, context)
573
590
  end
574
591
 
@@ -0,0 +1,66 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+ module Aws::SSO
11
+ # Endpoint parameters used to influence endpoints per request.
12
+ #
13
+ # @!attribute region
14
+ # The AWS region used to dispatch the request.
15
+ #
16
+ # @return [String]
17
+ #
18
+ # @!attribute use_dual_stack
19
+ # When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.
20
+ #
21
+ # @return [Boolean]
22
+ #
23
+ # @!attribute use_fips
24
+ # When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.
25
+ #
26
+ # @return [Boolean]
27
+ #
28
+ # @!attribute endpoint
29
+ # Override the endpoint used to send this request
30
+ #
31
+ # @return [String]
32
+ #
33
+ EndpointParameters = Struct.new(
34
+ :region,
35
+ :use_dual_stack,
36
+ :use_fips,
37
+ :endpoint,
38
+ ) do
39
+ include Aws::Structure
40
+
41
+ # @api private
42
+ class << self
43
+ PARAM_MAP = {
44
+ 'Region' => :region,
45
+ 'UseDualStack' => :use_dual_stack,
46
+ 'UseFIPS' => :use_fips,
47
+ 'Endpoint' => :endpoint,
48
+ }.freeze
49
+ end
50
+
51
+ def initialize(options = {})
52
+ self[:region] = options[:region]
53
+ self[:use_dual_stack] = options[:use_dual_stack]
54
+ self[:use_dual_stack] = false if self[:use_dual_stack].nil?
55
+ if self[:use_dual_stack].nil?
56
+ raise ArgumentError, "Missing required EndpointParameter: :use_dual_stack"
57
+ end
58
+ self[:use_fips] = options[:use_fips]
59
+ self[:use_fips] = false if self[:use_fips].nil?
60
+ if self[:use_fips].nil?
61
+ raise ArgumentError, "Missing required EndpointParameter: :use_fips"
62
+ end
63
+ self[:endpoint] = options[:endpoint]
64
+ end
65
+ end
66
+ end
@@ -0,0 +1,112 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+ module Aws::SSO
11
+ class EndpointProvider
12
+ def initialize(rule_set = nil)
13
+ @@rule_set ||= begin
14
+ endpoint_rules = Aws::Json.load(Base64.decode64(RULES))
15
+ Aws::Endpoints::RuleSet.new(
16
+ version: endpoint_rules['version'],
17
+ service_id: endpoint_rules['serviceId'],
18
+ parameters: endpoint_rules['parameters'],
19
+ rules: endpoint_rules['rules']
20
+ )
21
+ end
22
+ @provider = Aws::Endpoints::RulesProvider.new(rule_set || @@rule_set)
23
+ end
24
+
25
+ def resolve_endpoint(parameters)
26
+ @provider.resolve_endpoint(parameters)
27
+ end
28
+
29
+ # @api private
30
+ RULES = <<-JSON
31
+ eyJ2ZXJzaW9uIjoiMS4wIiwicGFyYW1ldGVycyI6eyJSZWdpb24iOnsiYnVp
32
+ bHRJbiI6IkFXUzo6UmVnaW9uIiwicmVxdWlyZWQiOmZhbHNlLCJkb2N1bWVu
33
+ dGF0aW9uIjoiVGhlIEFXUyByZWdpb24gdXNlZCB0byBkaXNwYXRjaCB0aGUg
34
+ cmVxdWVzdC4iLCJ0eXBlIjoiU3RyaW5nIn0sIlVzZUR1YWxTdGFjayI6eyJi
35
+ dWlsdEluIjoiQVdTOjpVc2VEdWFsU3RhY2siLCJyZXF1aXJlZCI6dHJ1ZSwi
36
+ ZGVmYXVsdCI6ZmFsc2UsImRvY3VtZW50YXRpb24iOiJXaGVuIHRydWUsIHVz
37
+ ZSB0aGUgZHVhbC1zdGFjayBlbmRwb2ludC4gSWYgdGhlIGNvbmZpZ3VyZWQg
38
+ ZW5kcG9pbnQgZG9lcyBub3Qgc3VwcG9ydCBkdWFsLXN0YWNrLCBkaXNwYXRj
39
+ aGluZyB0aGUgcmVxdWVzdCBNQVkgcmV0dXJuIGFuIGVycm9yLiIsInR5cGUi
40
+ OiJCb29sZWFuIn0sIlVzZUZJUFMiOnsiYnVpbHRJbiI6IkFXUzo6VXNlRklQ
41
+ UyIsInJlcXVpcmVkIjp0cnVlLCJkZWZhdWx0IjpmYWxzZSwiZG9jdW1lbnRh
42
+ dGlvbiI6IldoZW4gdHJ1ZSwgc2VuZCB0aGlzIHJlcXVlc3QgdG8gdGhlIEZJ
43
+ UFMtY29tcGxpYW50IHJlZ2lvbmFsIGVuZHBvaW50LiBJZiB0aGUgY29uZmln
44
+ dXJlZCBlbmRwb2ludCBkb2VzIG5vdCBoYXZlIGEgRklQUyBjb21wbGlhbnQg
45
+ ZW5kcG9pbnQsIGRpc3BhdGNoaW5nIHRoZSByZXF1ZXN0IHdpbGwgcmV0dXJu
46
+ IGFuIGVycm9yLiIsInR5cGUiOiJCb29sZWFuIn0sIkVuZHBvaW50Ijp7ImJ1
47
+ aWx0SW4iOiJTREs6OkVuZHBvaW50IiwicmVxdWlyZWQiOmZhbHNlLCJkb2N1
48
+ bWVudGF0aW9uIjoiT3ZlcnJpZGUgdGhlIGVuZHBvaW50IHVzZWQgdG8gc2Vu
49
+ ZCB0aGlzIHJlcXVlc3QiLCJ0eXBlIjoiU3RyaW5nIn19LCJydWxlcyI6W3si
50
+ Y29uZGl0aW9ucyI6W3siZm4iOiJhd3MucGFydGl0aW9uIiwiYXJndiI6W3si
51
+ cmVmIjoiUmVnaW9uIn1dLCJhc3NpZ24iOiJQYXJ0aXRpb25SZXN1bHQifV0s
52
+ InR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOlt7ImZuIjoi
53
+ aXNTZXQiLCJhcmd2IjpbeyJyZWYiOiJFbmRwb2ludCJ9XX0seyJmbiI6InBh
54
+ cnNlVVJMIiwiYXJndiI6W3sicmVmIjoiRW5kcG9pbnQifV0sImFzc2lnbiI6
55
+ InVybCJ9XSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0aW9ucyI6
56
+ W3siZm4iOiJib29sZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoiVXNlRklQ
57
+ UyJ9LHRydWVdfV0sImVycm9yIjoiSW52YWxpZCBDb25maWd1cmF0aW9uOiBG
58
+ SVBTIGFuZCBjdXN0b20gZW5kcG9pbnQgYXJlIG5vdCBzdXBwb3J0ZWQiLCJ0
59
+ eXBlIjoiZXJyb3IifSx7ImNvbmRpdGlvbnMiOltdLCJ0eXBlIjoidHJlZSIs
60
+ InJ1bGVzIjpbeyJjb25kaXRpb25zIjpbeyJmbiI6ImJvb2xlYW5FcXVhbHMi
61
+ LCJhcmd2IjpbeyJyZWYiOiJVc2VEdWFsU3RhY2sifSx0cnVlXX1dLCJlcnJv
62
+ ciI6IkludmFsaWQgQ29uZmlndXJhdGlvbjogRHVhbHN0YWNrIGFuZCBjdXN0
63
+ b20gZW5kcG9pbnQgYXJlIG5vdCBzdXBwb3J0ZWQiLCJ0eXBlIjoiZXJyb3Ii
64
+ fSx7ImNvbmRpdGlvbnMiOltdLCJlbmRwb2ludCI6eyJ1cmwiOnsicmVmIjoi
65
+ RW5kcG9pbnQifSwicHJvcGVydGllcyI6e30sImhlYWRlcnMiOnt9fSwidHlw
66
+ ZSI6ImVuZHBvaW50In1dfV19LHsiY29uZGl0aW9ucyI6W3siZm4iOiJib29s
67
+ ZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoiVXNlRklQUyJ9LHRydWVdfSx7
68
+ ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt7InJlZiI6IlVzZUR1YWxT
69
+ dGFjayJ9LHRydWVdfV0sInR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRp
70
+ dGlvbnMiOlt7ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt0cnVlLHsi
71
+ Zm4iOiJnZXRBdHRyIiwiYXJndiI6W3sicmVmIjoiUGFydGl0aW9uUmVzdWx0
72
+ In0sInN1cHBvcnRzRklQUyJdfV19LHsiZm4iOiJib29sZWFuRXF1YWxzIiwi
73
+ YXJndiI6W3RydWUseyJmbiI6ImdldEF0dHIiLCJhcmd2IjpbeyJyZWYiOiJQ
74
+ YXJ0aXRpb25SZXN1bHQifSwic3VwcG9ydHNEdWFsU3RhY2siXX1dfV0sInR5
75
+ cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOltdLCJlbmRwb2lu
76
+ dCI6eyJ1cmwiOiJodHRwczovL3BvcnRhbC5zc28tZmlwcy57UmVnaW9ufS57
77
+ UGFydGl0aW9uUmVzdWx0I2R1YWxTdGFja0Ruc1N1ZmZpeH0iLCJwcm9wZXJ0
78
+ aWVzIjp7fSwiaGVhZGVycyI6e319LCJ0eXBlIjoiZW5kcG9pbnQifV19LHsi
79
+ Y29uZGl0aW9ucyI6W10sImVycm9yIjoiRklQUyBhbmQgRHVhbFN0YWNrIGFy
80
+ ZSBlbmFibGVkLCBidXQgdGhpcyBwYXJ0aXRpb24gZG9lcyBub3Qgc3VwcG9y
81
+ dCBvbmUgb3IgYm90aCIsInR5cGUiOiJlcnJvciJ9XX0seyJjb25kaXRpb25z
82
+ IjpbeyJmbiI6ImJvb2xlYW5FcXVhbHMiLCJhcmd2IjpbeyJyZWYiOiJVc2VG
83
+ SVBTIn0sdHJ1ZV19XSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0
84
+ aW9ucyI6W3siZm4iOiJib29sZWFuRXF1YWxzIiwiYXJndiI6W3RydWUseyJm
85
+ biI6ImdldEF0dHIiLCJhcmd2IjpbeyJyZWYiOiJQYXJ0aXRpb25SZXN1bHQi
86
+ fSwic3VwcG9ydHNGSVBTIl19XX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpb
87
+ eyJjb25kaXRpb25zIjpbXSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29u
88
+ ZGl0aW9ucyI6W10sImVuZHBvaW50Ijp7InVybCI6Imh0dHBzOi8vcG9ydGFs
89
+ LnNzby1maXBzLntSZWdpb259LntQYXJ0aXRpb25SZXN1bHQjZG5zU3VmZml4
90
+ fSIsInByb3BlcnRpZXMiOnt9LCJoZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRw
91
+ b2ludCJ9XX1dfSx7ImNvbmRpdGlvbnMiOltdLCJlcnJvciI6IkZJUFMgaXMg
92
+ ZW5hYmxlZCBidXQgdGhpcyBwYXJ0aXRpb24gZG9lcyBub3Qgc3VwcG9ydCBG
93
+ SVBTIiwidHlwZSI6ImVycm9yIn1dfSx7ImNvbmRpdGlvbnMiOlt7ImZuIjoi
94
+ Ym9vbGVhbkVxdWFscyIsImFyZ3YiOlt7InJlZiI6IlVzZUR1YWxTdGFjayJ9
95
+ LHRydWVdfV0sInR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMi
96
+ Olt7ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt0cnVlLHsiZm4iOiJn
97
+ ZXRBdHRyIiwiYXJndiI6W3sicmVmIjoiUGFydGl0aW9uUmVzdWx0In0sInN1
98
+ cHBvcnRzRHVhbFN0YWNrIl19XX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpb
99
+ eyJjb25kaXRpb25zIjpbXSwiZW5kcG9pbnQiOnsidXJsIjoiaHR0cHM6Ly9w
100
+ b3J0YWwuc3NvLntSZWdpb259LntQYXJ0aXRpb25SZXN1bHQjZHVhbFN0YWNr
101
+ RG5zU3VmZml4fSIsInByb3BlcnRpZXMiOnt9LCJoZWFkZXJzIjp7fX0sInR5
102
+ cGUiOiJlbmRwb2ludCJ9XX0seyJjb25kaXRpb25zIjpbXSwiZXJyb3IiOiJE
103
+ dWFsU3RhY2sgaXMgZW5hYmxlZCBidXQgdGhpcyBwYXJ0aXRpb24gZG9lcyBu
104
+ b3Qgc3VwcG9ydCBEdWFsU3RhY2siLCJ0eXBlIjoiZXJyb3IifV19LHsiY29u
105
+ ZGl0aW9ucyI6W10sImVuZHBvaW50Ijp7InVybCI6Imh0dHBzOi8vcG9ydGFs
106
+ LnNzby57UmVnaW9ufS57UGFydGl0aW9uUmVzdWx0I2Ruc1N1ZmZpeH0iLCJw
107
+ cm9wZXJ0aWVzIjp7fSwiaGVhZGVycyI6e319LCJ0eXBlIjoiZW5kcG9pbnQi
108
+ fV19XX0=
109
+
110
+ JSON
111
+ end
112
+ end