aws-sdk-core 3.185.1 → 3.214.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (177) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +409 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-defaults/default_configuration.rb +1 -2
  5. data/lib/aws-defaults.rb +4 -1
  6. data/lib/aws-sdk-core/assume_role_credentials.rb +12 -5
  7. data/lib/aws-sdk-core/assume_role_web_identity_credentials.rb +13 -7
  8. data/lib/aws-sdk-core/binary/decode_handler.rb +3 -9
  9. data/lib/aws-sdk-core/binary/encode_handler.rb +1 -1
  10. data/lib/aws-sdk-core/binary/event_builder.rb +34 -37
  11. data/lib/aws-sdk-core/binary/event_stream_decoder.rb +1 -0
  12. data/lib/aws-sdk-core/binary/event_stream_encoder.rb +4 -3
  13. data/lib/aws-sdk-core/cbor/decoder.rb +310 -0
  14. data/lib/aws-sdk-core/cbor/encoder.rb +243 -0
  15. data/lib/aws-sdk-core/cbor.rb +53 -0
  16. data/lib/aws-sdk-core/client_side_monitoring.rb +9 -0
  17. data/lib/aws-sdk-core/client_stubs.rb +23 -19
  18. data/lib/aws-sdk-core/credential_provider.rb +1 -1
  19. data/lib/aws-sdk-core/credential_provider_chain.rb +13 -6
  20. data/lib/aws-sdk-core/credentials.rb +13 -6
  21. data/lib/aws-sdk-core/ec2_metadata.rb +1 -1
  22. data/lib/aws-sdk-core/ecs_credentials.rb +78 -11
  23. data/lib/aws-sdk-core/endpoints/endpoint.rb +3 -1
  24. data/lib/aws-sdk-core/endpoints/matchers.rb +6 -9
  25. data/lib/aws-sdk-core/endpoints.rb +74 -18
  26. data/lib/aws-sdk-core/error_handler.rb +41 -0
  27. data/lib/aws-sdk-core/errors.rb +11 -2
  28. data/lib/aws-sdk-core/event_emitter.rb +0 -16
  29. data/lib/aws-sdk-core/instance_profile_credentials.rb +55 -32
  30. data/lib/aws-sdk-core/json/builder.rb +8 -1
  31. data/lib/aws-sdk-core/json/error_handler.rb +17 -11
  32. data/lib/aws-sdk-core/json/handler.rb +13 -6
  33. data/lib/aws-sdk-core/json/json_engine.rb +3 -1
  34. data/lib/aws-sdk-core/json/oj_engine.rb +7 -1
  35. data/lib/aws-sdk-core/json/parser.rb +32 -2
  36. data/lib/aws-sdk-core/json.rb +43 -14
  37. data/lib/aws-sdk-core/log/param_filter.rb +2 -2
  38. data/lib/aws-sdk-core/log.rb +10 -0
  39. data/lib/aws-sdk-core/lru_cache.rb +75 -0
  40. data/lib/aws-sdk-core/pageable_response.rb +1 -1
  41. data/lib/aws-sdk-core/param_validator.rb +7 -2
  42. data/lib/aws-sdk-core/plugins/bearer_authorization.rb +2 -0
  43. data/lib/aws-sdk-core/plugins/checksum_algorithm.rb +6 -3
  44. data/lib/aws-sdk-core/plugins/client_metrics_plugin.rb +1 -0
  45. data/lib/aws-sdk-core/plugins/client_metrics_send_plugin.rb +14 -2
  46. data/lib/aws-sdk-core/plugins/credentials_configuration.rb +9 -3
  47. data/lib/aws-sdk-core/plugins/global_configuration.rb +8 -9
  48. data/lib/aws-sdk-core/plugins/http_checksum.rb +2 -1
  49. data/lib/aws-sdk-core/plugins/invocation_id.rb +1 -11
  50. data/lib/aws-sdk-core/plugins/logging.rb +2 -0
  51. data/lib/aws-sdk-core/plugins/protocols/api_gateway.rb +3 -1
  52. data/lib/aws-sdk-core/plugins/protocols/ec2.rb +2 -24
  53. data/lib/aws-sdk-core/plugins/protocols/json_rpc.rb +6 -8
  54. data/lib/aws-sdk-core/plugins/protocols/query.rb +4 -2
  55. data/lib/aws-sdk-core/plugins/protocols/rest_json.rb +3 -15
  56. data/lib/aws-sdk-core/plugins/protocols/rest_xml.rb +3 -0
  57. data/lib/aws-sdk-core/plugins/protocols/rpc_v2.rb +17 -0
  58. data/lib/aws-sdk-core/plugins/regional_endpoint.rb +74 -25
  59. data/lib/aws-sdk-core/plugins/request_compression.rb +11 -2
  60. data/lib/aws-sdk-core/plugins/retry_errors.rb +12 -3
  61. data/lib/aws-sdk-core/plugins/sign.rb +27 -15
  62. data/lib/aws-sdk-core/plugins/signature_v2.rb +2 -1
  63. data/lib/aws-sdk-core/plugins/signature_v4.rb +2 -1
  64. data/lib/aws-sdk-core/plugins/stub_responses.rb +30 -2
  65. data/lib/aws-sdk-core/plugins/telemetry.rb +75 -0
  66. data/lib/aws-sdk-core/plugins/transfer_encoding.rb +16 -9
  67. data/lib/aws-sdk-core/plugins/user_agent.rb +70 -26
  68. data/lib/aws-sdk-core/plugins.rb +39 -0
  69. data/lib/aws-sdk-core/process_credentials.rb +47 -28
  70. data/lib/aws-sdk-core/query/ec2_handler.rb +27 -0
  71. data/lib/aws-sdk-core/query/ec2_param_builder.rb +5 -7
  72. data/lib/aws-sdk-core/query/handler.rb +4 -4
  73. data/lib/aws-sdk-core/query/param_builder.rb +2 -2
  74. data/lib/aws-sdk-core/query.rb +2 -1
  75. data/lib/aws-sdk-core/refreshing_credentials.rb +12 -6
  76. data/lib/aws-sdk-core/resources.rb +8 -0
  77. data/lib/aws-sdk-core/rest/content_type_handler.rb +60 -0
  78. data/lib/aws-sdk-core/rest/handler.rb +3 -4
  79. data/lib/aws-sdk-core/rest/request/body.rb +32 -5
  80. data/lib/aws-sdk-core/rest/request/endpoint.rb +24 -4
  81. data/lib/aws-sdk-core/rest/request/headers.rb +14 -6
  82. data/lib/aws-sdk-core/rest/request/querystring_builder.rb +62 -36
  83. data/lib/aws-sdk-core/rest/response/body.rb +15 -1
  84. data/lib/aws-sdk-core/rest/response/header_list_parser.rb +79 -0
  85. data/lib/aws-sdk-core/rest/response/headers.rb +8 -3
  86. data/lib/aws-sdk-core/rest.rb +1 -0
  87. data/lib/aws-sdk-core/rpc_v2/builder.rb +62 -0
  88. data/lib/aws-sdk-core/rpc_v2/cbor_engine.rb +18 -0
  89. data/lib/aws-sdk-core/rpc_v2/content_type_handler.rb +47 -0
  90. data/lib/aws-sdk-core/rpc_v2/error_handler.rb +85 -0
  91. data/lib/aws-sdk-core/rpc_v2/handler.rb +79 -0
  92. data/lib/aws-sdk-core/rpc_v2/parser.rb +90 -0
  93. data/lib/aws-sdk-core/rpc_v2.rb +69 -0
  94. data/lib/aws-sdk-core/shared_config.rb +7 -2
  95. data/lib/aws-sdk-core/shared_credentials.rb +0 -7
  96. data/lib/aws-sdk-core/sso_credentials.rb +2 -1
  97. data/lib/aws-sdk-core/stubbing/protocols/ec2.rb +12 -11
  98. data/lib/aws-sdk-core/stubbing/protocols/json.rb +11 -10
  99. data/lib/aws-sdk-core/stubbing/protocols/query.rb +7 -6
  100. data/lib/aws-sdk-core/stubbing/protocols/rest.rb +2 -1
  101. data/lib/aws-sdk-core/stubbing/protocols/rest_json.rb +9 -8
  102. data/lib/aws-sdk-core/stubbing/protocols/rest_xml.rb +6 -5
  103. data/lib/aws-sdk-core/stubbing/protocols/rpc_v2.rb +39 -0
  104. data/lib/aws-sdk-core/stubbing.rb +22 -0
  105. data/lib/aws-sdk-core/telemetry/base.rb +177 -0
  106. data/lib/aws-sdk-core/telemetry/no_op.rb +70 -0
  107. data/lib/aws-sdk-core/telemetry/otel.rb +235 -0
  108. data/lib/aws-sdk-core/telemetry/span_kind.rb +22 -0
  109. data/lib/aws-sdk-core/telemetry/span_status.rb +59 -0
  110. data/lib/aws-sdk-core/telemetry.rb +78 -0
  111. data/lib/aws-sdk-core/util.rb +39 -0
  112. data/lib/aws-sdk-core/waiters/poller.rb +10 -5
  113. data/lib/aws-sdk-core/xml/builder.rb +17 -9
  114. data/lib/aws-sdk-core/xml/error_handler.rb +32 -42
  115. data/lib/aws-sdk-core/xml/parser/frame.rb +4 -20
  116. data/lib/aws-sdk-core/xml/parser/stack.rb +2 -0
  117. data/lib/aws-sdk-core/xml/parser.rb +2 -6
  118. data/lib/aws-sdk-core.rb +82 -107
  119. data/lib/aws-sdk-sso/client.rb +119 -55
  120. data/lib/aws-sdk-sso/client_api.rb +7 -0
  121. data/lib/aws-sdk-sso/endpoint_parameters.rb +9 -6
  122. data/lib/aws-sdk-sso/endpoints.rb +2 -54
  123. data/lib/aws-sdk-sso/plugins/endpoints.rb +23 -22
  124. data/lib/aws-sdk-sso/types.rb +1 -0
  125. data/lib/aws-sdk-sso.rb +15 -11
  126. data/lib/aws-sdk-ssooidc/client.rb +504 -83
  127. data/lib/aws-sdk-ssooidc/client_api.rb +83 -1
  128. data/lib/aws-sdk-ssooidc/endpoint_parameters.rb +9 -6
  129. data/lib/aws-sdk-ssooidc/endpoint_provider.rb +2 -2
  130. data/lib/aws-sdk-ssooidc/endpoints.rb +2 -40
  131. data/lib/aws-sdk-ssooidc/errors.rb +52 -0
  132. data/lib/aws-sdk-ssooidc/plugins/endpoints.rb +23 -20
  133. data/lib/aws-sdk-ssooidc/types.rb +373 -51
  134. data/lib/aws-sdk-ssooidc.rb +15 -11
  135. data/lib/aws-sdk-sts/client.rb +334 -105
  136. data/lib/aws-sdk-sts/client_api.rb +36 -10
  137. data/lib/aws-sdk-sts/customizations.rb +5 -1
  138. data/lib/aws-sdk-sts/endpoint_parameters.rb +10 -9
  139. data/lib/aws-sdk-sts/endpoint_provider.rb +2 -2
  140. data/lib/aws-sdk-sts/endpoints.rb +2 -118
  141. data/lib/aws-sdk-sts/plugins/endpoints.rb +23 -30
  142. data/lib/aws-sdk-sts/presigner.rb +1 -1
  143. data/lib/aws-sdk-sts/types.rb +188 -30
  144. data/lib/aws-sdk-sts.rb +15 -11
  145. data/lib/seahorse/client/async_base.rb +1 -1
  146. data/lib/seahorse/client/async_response.rb +19 -0
  147. data/lib/seahorse/client/base.rb +18 -7
  148. data/lib/seahorse/client/h2/handler.rb +14 -3
  149. data/lib/seahorse/client/handler.rb +1 -1
  150. data/lib/seahorse/client/net_http/connection_pool.rb +11 -11
  151. data/lib/seahorse/client/net_http/handler.rb +21 -9
  152. data/lib/seahorse/client/net_http/patches.rb +1 -4
  153. data/lib/seahorse/client/plugin.rb +9 -0
  154. data/lib/seahorse/client/plugins/endpoint.rb +0 -1
  155. data/lib/seahorse/client/plugins/h2.rb +3 -3
  156. data/lib/seahorse/client/plugins/net_http.rb +57 -16
  157. data/lib/seahorse/client/request_context.rb +8 -1
  158. data/lib/seahorse/model/shapes.rb +2 -2
  159. data/sig/aws-sdk-core/client_stubs.rbs +10 -0
  160. data/sig/aws-sdk-core/errors.rbs +22 -0
  161. data/sig/aws-sdk-core/resources/collection.rbs +21 -0
  162. data/sig/aws-sdk-core/structure.rbs +4 -0
  163. data/sig/aws-sdk-core/telemetry/base.rbs +46 -0
  164. data/sig/aws-sdk-core/telemetry/otel.rbs +22 -0
  165. data/sig/aws-sdk-core/telemetry/span_kind.rbs +15 -0
  166. data/sig/aws-sdk-core/telemetry/span_status.rbs +24 -0
  167. data/sig/aws-sdk-core/waiters/errors.rbs +20 -0
  168. data/sig/aws-sdk-core.rbs +7 -0
  169. data/sig/seahorse/client/base.rbs +25 -0
  170. data/sig/seahorse/client/handler_builder.rbs +16 -0
  171. data/sig/seahorse/client/response.rbs +61 -0
  172. metadata +61 -19
  173. /data/lib/aws-sdk-core/xml/parser/{engines/libxml.rb → libxml_engine.rb} +0 -0
  174. /data/lib/aws-sdk-core/xml/parser/{engines/nokogiri.rb → nokogiri_engine.rb} +0 -0
  175. /data/lib/aws-sdk-core/xml/parser/{engines/oga.rb → oga_engine.rb} +0 -0
  176. /data/lib/aws-sdk-core/xml/parser/{engines/ox.rb → ox_engine.rb} +0 -0
  177. /data/lib/aws-sdk-core/xml/parser/{engines/rexml.rb → rexml_engine.rb} +0 -0
@@ -13,8 +13,7 @@ module Aws
13
13
  option(:sigv4_region)
14
14
  option(:unsigned_operations, default: [])
15
15
 
16
- supported_auth_types = %w[sigv4 bearer none]
17
- supported_auth_types += ['sigv4a'] if Aws::Sigv4::Signer.use_crt?
16
+ supported_auth_types = %w[sigv4 bearer sigv4-s3express sigv4a none]
18
17
  SUPPORTED_AUTH_TYPES = supported_auth_types.freeze
19
18
 
20
19
  def add_handlers(handlers, cfg)
@@ -24,10 +23,14 @@ module Aws
24
23
 
25
24
  # @api private
26
25
  # Return a signer with the `sign(context)` method
27
- def self.signer_for(auth_scheme, config, region_override = nil)
26
+ def self.signer_for(auth_scheme, config, sigv4_region_override = nil, sigv4_credentials_override = nil)
28
27
  case auth_scheme['name']
29
- when 'sigv4', 'sigv4a'
30
- SignatureV4.new(auth_scheme, config, region_override)
28
+ when 'sigv4', 'sigv4a', 'sigv4-s3express'
29
+ sigv4_overrides = {
30
+ region: sigv4_region_override,
31
+ credentials: sigv4_credentials_override
32
+ }
33
+ SignatureV4.new(auth_scheme, config, sigv4_overrides)
31
34
  when 'bearer'
32
35
  Bearer.new
33
36
  else
@@ -42,7 +45,8 @@ module Aws
42
45
  signer = Sign.signer_for(
43
46
  context[:auth_scheme],
44
47
  context.config,
45
- context[:sigv4_region]
48
+ context[:sigv4_region],
49
+ context[:sigv4_credentials]
46
50
  )
47
51
  signer.sign(context)
48
52
  end
@@ -88,24 +92,24 @@ module Aws
88
92
 
89
93
  # @api private
90
94
  class SignatureV4
91
- def initialize(auth_scheme, config, region_override = nil)
95
+ def initialize(auth_scheme, config, sigv4_overrides = {})
92
96
  scheme_name = auth_scheme['name']
93
97
 
94
- unless %w[sigv4 sigv4a].include?(scheme_name)
98
+ unless %w[sigv4 sigv4a sigv4-s3express].include?(scheme_name)
95
99
  raise ArgumentError,
96
- "Expected sigv4 or sigv4a auth scheme, got #{scheme_name}"
100
+ "Expected sigv4, sigv4a, or sigv4-s3express auth scheme, got #{scheme_name}"
97
101
  end
98
102
 
99
103
  region = if scheme_name == 'sigv4a'
100
- auth_scheme['signingRegionSet'].first
104
+ auth_scheme['signingRegionSet'].join(',')
101
105
  else
102
106
  auth_scheme['signingRegion']
103
107
  end
104
108
  begin
105
- @signer = Aws::Sigv4::Signer.new(
109
+ @signer = config.sigv4_signer || Aws::Sigv4::Signer.new(
106
110
  service: config.sigv4_name || auth_scheme['signingName'],
107
- region: region_override || config.sigv4_region || region,
108
- credentials_provider: config.credentials,
111
+ region: sigv4_overrides[:region] || config.sigv4_region || region,
112
+ credentials_provider: sigv4_overrides[:credentials] || config.credentials,
109
113
  signing_algorithm: scheme_name.to_sym,
110
114
  uri_escape_path: !!!auth_scheme['disableDoubleEncoding'],
111
115
  normalize_path: !!!auth_scheme['disableNormalizePath'],
@@ -154,12 +158,20 @@ module Aws
154
158
  private
155
159
 
156
160
  def apply_authtype(context, req)
157
- if context.operation['authtype'].eql?('v4-unsigned-body') &&
158
- req.endpoint.scheme.eql?('https')
161
+ # only used for event streaming at input
162
+ if context[:input_event_emitter]
163
+ req.headers['X-Amz-Content-Sha256'] = 'STREAMING-AWS4-HMAC-SHA256-EVENTS'
164
+ elsif unsigned_payload?(context, req)
159
165
  req.headers['X-Amz-Content-Sha256'] ||= 'UNSIGNED-PAYLOAD'
160
166
  end
161
167
  end
162
168
 
169
+ def unsigned_payload?(context, req)
170
+ (context.operation['unsignedPayload'] ||
171
+ context.operation['authtype'] == 'v4-unsigned-body') &&
172
+ req.endpoint.scheme == 'https'
173
+ end
174
+
163
175
  def reset_signature(req)
164
176
  # in case this request is being re-signed
165
177
  req.headers.delete('Authorization')
@@ -3,7 +3,8 @@
3
3
  module Aws
4
4
  module Plugins
5
5
  # @api private
6
- # Necessary to keep after Endpoints 2.0
6
+ # Deprecated - does not look at new traits like `auth` and `unsignedPayload`
7
+ # Necessary to exist after endpoints 2.0 for old service clients + new core
7
8
  class SignatureV2 < Seahorse::Client::Plugin
8
9
 
9
10
  option(:v2_signer) do |cfg|
@@ -5,7 +5,8 @@ require 'aws-sigv4'
5
5
  module Aws
6
6
  module Plugins
7
7
  # @api private
8
- # Necessary to exist after endpoints 2.0
8
+ # Deprecated - does not look at new traits like `auth` and `unsignedPayload`
9
+ # Necessary to exist after endpoints 2.0 for old service clients + new core
9
10
  class SignatureV4 < Seahorse::Client::Plugin
10
11
 
11
12
  V4_AUTH = %w[v4 v4-unsigned-payload v4-unsigned-body]
@@ -8,6 +8,7 @@ module Aws
8
8
  option(:stub_responses,
9
9
  default: false,
10
10
  doc_type: 'Boolean',
11
+ rbs_type: 'untyped',
11
12
  docstring: <<-DOCS)
12
13
  Causes the client to return stubbed responses. By default
13
14
  fake responses are generated and returned. You can specify
@@ -48,6 +49,14 @@ requests are made, and retries are disabled.
48
49
  class Handler < Seahorse::Client::Handler
49
50
 
50
51
  def call(context)
52
+ span_wrapper(context) do
53
+ stub_responses(context)
54
+ end
55
+ end
56
+
57
+ private
58
+
59
+ def stub_responses(context)
51
60
  stub = context.client.next_stub(context)
52
61
  resp = Seahorse::Client::Response.new(context: context)
53
62
  async_mode = context.client.is_a? Seahorse::Client::AsyncBase
@@ -57,8 +66,15 @@ requests are made, and retries are disabled.
57
66
  apply_stub(stub, resp, async_mode)
58
67
  end
59
68
 
60
- async_mode ? Seahorse::Client::AsyncResponse.new(
61
- context: context, stream: context[:input_event_stream_handler].event_emitter.stream, sync_queue: Queue.new) : resp
69
+ if async_mode
70
+ Seahorse::Client::AsyncResponse.new(
71
+ context: context,
72
+ stream: context[:input_event_stream_handler].event_emitter.stream,
73
+ sync_queue: Queue.new
74
+ )
75
+ else
76
+ resp
77
+ end
62
78
  end
63
79
 
64
80
  def apply_stub(stub, response, async_mode = false)
@@ -98,6 +114,18 @@ requests are made, and retries are disabled.
98
114
  http_resp.signal_done
99
115
  end
100
116
 
117
+ def span_wrapper(context, &block)
118
+ context.tracer.in_span(
119
+ 'Handler.StubResponses',
120
+ attributes: Aws::Telemetry.http_request_attrs(context)
121
+ ) do |span|
122
+ block.call.tap do
123
+ span.add_attributes(
124
+ Aws::Telemetry.http_response_attrs(context)
125
+ )
126
+ end
127
+ end
128
+ end
101
129
  end
102
130
  end
103
131
  end
@@ -0,0 +1,75 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ module Plugins
5
+ # @api private
6
+ class Telemetry < Seahorse::Client::Plugin
7
+ option(
8
+ :telemetry_provider,
9
+ default: Aws::Telemetry::NoOpTelemetryProvider,
10
+ doc_type: Aws::Telemetry::TelemetryProviderBase,
11
+ rbs_type: Aws::Telemetry::TelemetryProviderBase,
12
+ docstring: <<-DOCS) do |_cfg|
13
+ Allows you to provide a telemetry provider, which is used to
14
+ emit telemetry data. By default, uses `NoOpTelemetryProvider` which
15
+ will not record or emit any telemetry data. The SDK supports the
16
+ following telemetry providers:
17
+
18
+ * OpenTelemetry (OTel) - To use the OTel provider, install and require the
19
+ `opentelemetry-sdk` gem and then, pass in an instance of a
20
+ `Aws::Telemetry::OTelProvider` for telemetry provider.
21
+ DOCS
22
+ Aws::Telemetry::NoOpTelemetryProvider.new
23
+ end
24
+
25
+ def after_initialize(client)
26
+ validate_telemetry_provider(client.config)
27
+ end
28
+
29
+ def validate_telemetry_provider(config)
30
+ unless config.telemetry_provider.is_a?(Aws::Telemetry::TelemetryProviderBase)
31
+ raise ArgumentError,
32
+ 'Must provide a telemetry provider for the '\
33
+ '`telemetry_provider` configuration option.'
34
+ end
35
+ end
36
+
37
+ class Handler < Seahorse::Client::Handler
38
+ def call(context)
39
+ span_wrapper(context) { @handler.call(context) }
40
+ end
41
+
42
+ private
43
+
44
+ def span_wrapper(context, &block)
45
+ service_id = service_id(context)
46
+ attributes = {
47
+ 'rpc.system' => 'aws-api',
48
+ 'rpc.service' => service_id,
49
+ 'rpc.method' => context.operation.name,
50
+ 'code.function' => context.operation_name.to_s,
51
+ 'code.namespace' => 'Aws::Plugins::Telemetry'
52
+ }
53
+ context.tracer.in_span(
54
+ parent_span_name(context, service_id),
55
+ attributes: attributes,
56
+ kind: Aws::Telemetry::SpanKind::CLIENT,
57
+ &block
58
+ )
59
+ end
60
+
61
+ def service_id(context)
62
+ context.config.api.metadata['serviceId'] ||
63
+ context.config.api.metadata['serviceAbbreviation'] ||
64
+ context.config.api.metadata['serviceFullName']
65
+ end
66
+
67
+ def parent_span_name(context, service_id)
68
+ "#{service_id}.#{context.operation.name}".delete(' ')
69
+ end
70
+ end
71
+
72
+ handler(Handler, step: :initialize, priority: 99)
73
+ end
74
+ end
75
+ end
@@ -5,7 +5,8 @@ module Aws
5
5
 
6
6
  # For Streaming Input Operations, when `requiresLength` is enabled
7
7
  # checking whether `Content-Length` header can be set,
8
- # for `v4-unsigned-body` operations, set `Transfer-Encoding` header
8
+ # for `unsignedPayload` and `v4-unsigned-body` operations,
9
+ # set `Transfer-Encoding` header.
9
10
  class TransferEncoding < Seahorse::Client::Plugin
10
11
 
11
12
  # @api private
@@ -16,8 +17,8 @@ module Aws
16
17
  unless context.http_request.body.respond_to?(:size)
17
18
  if requires_length?(context.operation.input)
18
19
  # if size of the IO is not available but required
19
- raise Aws::Errors::MissingContentLength.new
20
- elsif context.operation['authtype'] == "v4-unsigned-body"
20
+ raise Aws::Errors::MissingContentLength
21
+ elsif unsigned_payload?(context.operation)
21
22
  context.http_request.headers['Transfer-Encoding'] = 'chunked'
22
23
  end
23
24
  end
@@ -29,18 +30,24 @@ module Aws
29
30
  private
30
31
 
31
32
  def streaming?(ref)
32
- if payload = ref[:payload_member]
33
- payload["streaming"] || # checking ref and shape
34
- payload.shape["streaming"]
33
+ if (payload = ref[:payload_member])
34
+ payload['streaming'] || payload.shape['streaming']
35
35
  else
36
36
  false
37
37
  end
38
38
  end
39
39
 
40
+ def unsigned_payload?(operation)
41
+ operation['unsignedPayload'] ||
42
+ operation['authtype'] == 'v4-unsigned-body'
43
+ end
44
+
40
45
  def requires_length?(ref)
41
- payload = ref[:payload_member]
42
- payload["requiresLength"] || # checking ref and shape
43
- payload.shape["requiresLength"]
46
+ if (payload = ref[:payload_member])
47
+ payload['requiresLength'] || payload.shape['requiresLength']
48
+ else
49
+ false
50
+ end
44
51
  end
45
52
 
46
53
  end
@@ -4,6 +4,31 @@ module Aws
4
4
  module Plugins
5
5
  # @api private
6
6
  class UserAgent < Seahorse::Client::Plugin
7
+ METRICS = Aws::Json.load(<<-METRICS)
8
+ {
9
+ "RESOURCE_MODEL": "A",
10
+ "WAITER": "B",
11
+ "PAGINATOR": "C",
12
+ "RETRY_MODE_LEGACY": "D",
13
+ "RETRY_MODE_STANDARD": "E",
14
+ "RETRY_MODE_ADAPTIVE": "F",
15
+ "S3_TRANSFER": "G",
16
+ "S3_CRYPTO_V1N": "H",
17
+ "S3_CRYPTO_V2": "I",
18
+ "S3_EXPRESS_BUCKET": "J",
19
+ "S3_ACCESS_GRANTS": "K",
20
+ "GZIP_REQUEST_COMPRESSION": "L",
21
+ "PROTOCOL_RPC_V2_CBOR": "M",
22
+ "ENDPOINT_OVERRIDE": "N",
23
+ "ACCOUNT_ID_ENDPOINT": "O",
24
+ "ACCOUNT_ID_MODE_PREFERRED": "P",
25
+ "ACCOUNT_ID_MODE_DISABLED": "Q",
26
+ "ACCOUNT_ID_MODE_REQUIRED": "R",
27
+ "SIGV4A_SIGNING": "S",
28
+ "RESOLVED_ACCOUNT_ID": "T"
29
+ }
30
+ METRICS
31
+
7
32
  # @api private
8
33
  option(:user_agent_suffix)
9
34
  # @api private
@@ -14,20 +39,27 @@ module Aws
14
39
  doc_type: 'String',
15
40
  docstring: <<-DOCS) do |cfg|
16
41
  A unique and opaque application ID that is appended to the
17
- User-Agent header as app/<sdk_ua_app_id>. It should have a
18
- maximum length of 50.
42
+ User-Agent header as app/sdk_ua_app_id. It should have a
43
+ maximum length of 50. This variable is sourced from environment
44
+ variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.
19
45
  DOCS
20
46
  app_id = ENV['AWS_SDK_UA_APP_ID']
21
47
  app_id ||= Aws.shared_config.sdk_ua_app_id(profile: cfg.profile)
22
48
  app_id
23
49
  end
24
50
 
25
- def self.feature(feature, &block)
26
- Thread.current[:aws_sdk_core_user_agent_feature] ||= []
27
- Thread.current[:aws_sdk_core_user_agent_feature] << "ft/#{feature}"
51
+ # Deprecated - must exist for old service gems
52
+ def self.feature(_feature, &block)
53
+ block.call
54
+ end
55
+
56
+ def self.metric(*metrics, &block)
57
+ Thread.current[:aws_sdk_core_user_agent_metric] ||= []
58
+ metrics = metrics.map { |metric| METRICS[metric] }.compact
59
+ Thread.current[:aws_sdk_core_user_agent_metric].concat(metrics)
28
60
  block.call
29
61
  ensure
30
- Thread.current[:aws_sdk_core_user_agent_feature].pop
62
+ Thread.current[:aws_sdk_core_user_agent_metric].pop(metrics.size)
31
63
  end
32
64
 
33
65
  # @api private
@@ -48,15 +80,24 @@ maximum length of 50.
48
80
 
49
81
  def to_s
50
82
  ua = "aws-sdk-ruby3/#{CORE_GEM_VERSION}"
51
- ua += ' ua/2.0'
52
- ua += " #{api_metadata}" if api_metadata
83
+ ua += ' ua/2.1'
84
+ if (api_m = api_metadata)
85
+ ua += " #{api_m}"
86
+ end
53
87
  ua += " #{os_metadata}"
54
88
  ua += " #{language_metadata}"
55
- ua += " #{env_metadata}" if env_metadata
56
- ua += " #{config_metadata}" if config_metadata
57
- ua += " #{app_id}" if app_id
58
- ua += " #{feature_metadata}" if feature_metadata
59
- ua += " #{framework_metadata}" if framework_metadata
89
+ if (env_m = env_metadata)
90
+ ua += " #{env_m}"
91
+ end
92
+ if (app_id_m = app_id_metadata)
93
+ ua += " #{app_id_m}"
94
+ end
95
+ if (framework_m = framework_metadata)
96
+ ua += " #{framework_m}"
97
+ end
98
+ if (metric_m = metric_metadata)
99
+ ua += " #{metric_m}"
100
+ end
60
101
  if @context.config.user_agent_suffix
61
102
  ua += " #{@context.config.user_agent_suffix}"
62
103
  end
@@ -92,7 +133,6 @@ maximum length of 50.
92
133
  local_version = Gem::Platform.local.version
93
134
  metadata += "##{local_version}" if local_version
94
135
  metadata += " md/#{RbConfig::CONFIG['host_cpu']}"
95
- metadata
96
136
  end
97
137
 
98
138
  # Used to be RUBY_ENGINE/RUBY_VERSION
@@ -106,11 +146,7 @@ maximum length of 50.
106
146
  "exec-env/#{execution_env}"
107
147
  end
108
148
 
109
- def config_metadata
110
- "cfg/retry-mode##{@context.config.retry_mode}"
111
- end
112
-
113
- def app_id
149
+ def app_id_metadata
114
150
  return unless (app_id = @context.config.sdk_ua_app_id)
115
151
 
116
152
  # Sanitize and only allow these characters
@@ -118,12 +154,6 @@ maximum length of 50.
118
154
  "app/#{app_id}"
119
155
  end
120
156
 
121
- def feature_metadata
122
- return unless Thread.current[:aws_sdk_core_user_agent_feature]
123
-
124
- Thread.current[:aws_sdk_core_user_agent_feature].join(' ')
125
- end
126
-
127
157
  def framework_metadata
128
158
  if (frameworks_cfg = @context.config.user_agent_frameworks).empty?
129
159
  return
@@ -140,10 +170,24 @@ maximum length of 50.
140
170
  end
141
171
  frameworks.map { |n, v| "lib/#{n}##{v}" }.join(' ')
142
172
  end
173
+
174
+ def metric_metadata
175
+ if Thread.current[:aws_sdk_core_user_agent_metric].nil? ||
176
+ Thread.current[:aws_sdk_core_user_agent_metric].empty?
177
+ return
178
+ end
179
+
180
+ metrics = Thread.current[:aws_sdk_core_user_agent_metric].join(',')
181
+ # Metric metadata is limited to 1024 bytes
182
+ return "m/#{metrics}" if metrics.bytesize <= 1024
183
+
184
+ # Removes the last unfinished metric
185
+ "m/#{metrics[0...metrics[0..1024].rindex(',')]}"
186
+ end
143
187
  end
144
188
  end
145
189
 
146
- handler(Handler, priority: 1)
190
+ handler(Handler, step: :sign, priority: 97)
147
191
  end
148
192
  end
149
193
  end
@@ -0,0 +1,39 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ # setup autoloading for Plugins
5
+ # Most plugins are required explicitly from service clients
6
+ # but users may reference them outside of client usage.
7
+ module Plugins
8
+ autoload :ApiKey, 'aws-sdk-core/plugins/api_key'
9
+ autoload :BearerAuthorization, 'aws-sdk-core/plugins/bearer_authorization'
10
+ autoload :ChecksumAlgorithm, 'aws-sdk-core/plugins/checksum_algorithm'
11
+ autoload :ClientMetricsPlugin, 'aws-sdk-core/plugins/client_metrics_plugin'
12
+ autoload :ClientMetricsSendPlugin, 'aws-sdk-core/plugins/client_metrics_send_plugin'
13
+ autoload :CredentialsConfiguration, 'aws-sdk-core/plugins/credentials_configuration'
14
+ autoload :DefaultsMode, 'aws-sdk-core/plugins/defaults_mode'
15
+ autoload :EndpointDiscovery, 'aws-sdk-core/plugins/endpoint_discovery'
16
+ autoload :EndpointPattern, 'aws-sdk-core/plugins/endpoint_pattern'
17
+ autoload :EventStreamConfiguration, 'aws-sdk-core/plugins/event_stream_configuration'
18
+ autoload :GlobalConfiguration, 'aws-sdk-core/plugins/global_configuration'
19
+ autoload :HelpfulSocketErrors, 'aws-sdk-core/plugins/helpful_socket_errors'
20
+ autoload :HttpChecksum, 'aws-sdk-core/plugins/http_checksum'
21
+ autoload :IdempotencyToken, 'aws-sdk-core/plugins/idempotency_token'
22
+ autoload :InvocationId, 'aws-sdk-core/plugins/invocation_id'
23
+ autoload :JsonvalueConverter, 'aws-sdk-core/plugins/jsonvalue_converter'
24
+ autoload :Logging, 'aws-sdk-core/plugins/logging'
25
+ autoload :ParamConverter, 'aws-sdk-core/plugins/param_converter'
26
+ autoload :ParamValidator, 'aws-sdk-core/plugins/param_validator'
27
+ autoload :RecursionDetection, 'aws-sdk-core/plugins/recursion_detection'
28
+ autoload :RegionalEndpoint, 'aws-sdk-core/plugins/regional_endpoint'
29
+ autoload :RequestCompression, 'aws-sdk-core/plugins/request_compression'
30
+ autoload :ResponsePaging, 'aws-sdk-core/plugins/response_paging'
31
+ autoload :RetryErrors, 'aws-sdk-core/plugins/retry_errors'
32
+ autoload :Sign, 'aws-sdk-core/plugins/sign'
33
+ autoload :SignatureV4, 'aws-sdk-core/plugins/signature_v4'
34
+ autoload :StubResponses, 'aws-sdk-core/plugins/stub_responses'
35
+ autoload :Telemetry, 'aws-sdk-core/plugins/telemetry'
36
+ autoload :TransferEncoding, 'aws-sdk-core/plugins/transfer_encoding'
37
+ autoload :UserAgent, 'aws-sdk-core/plugins/user_agent'
38
+ end
39
+ end
@@ -2,9 +2,15 @@
2
2
 
3
3
  module Aws
4
4
  # A credential provider that executes a given process and attempts
5
- # to read its stdout to recieve a JSON payload containing the credentials.
5
+ # to read its stdout to receive a JSON payload containing the credentials.
6
6
  #
7
- # credentials = Aws::ProcessCredentials.new('/usr/bin/credential_proc')
7
+ # credentials = Aws::ProcessCredentials.new(['/usr/bin/credential_proc'])
8
+ # ec2 = Aws::EC2::Client.new(credentials: credentials)
9
+ #
10
+ # Arguments should be provided as strings in the array, for example:
11
+ #
12
+ # process = ['/usr/bin/credential_proc', 'arg1', 'arg2']
13
+ # credentials = Aws::ProcessCredentials.new(process)
8
14
  # ec2 = Aws::EC2::Client.new(credentials: credentials)
9
15
  #
10
16
  # Automatically handles refreshing credentials if an Expiration time is
@@ -19,56 +25,69 @@ module Aws
19
25
  # Creates a new ProcessCredentials object, which allows an
20
26
  # external process to be used as a credential provider.
21
27
  #
22
- # @param [String] process Invocation string for process
23
- # credentials provider.
28
+ # @param [Array<String>, String] process An array of strings including
29
+ # the process name and its arguments to execute, or a single string to be
30
+ # executed by the shell (deprecated and insecure).
24
31
  def initialize(process)
32
+ if process.is_a?(String)
33
+ warn('Passing a single string to Aws::ProcessCredentials.new '\
34
+ 'is insecure, please use use an array of system arguments instead')
35
+ end
25
36
  @process = process
26
- @credentials = credentials_from_process(@process)
37
+ @credentials = credentials_from_process
27
38
  @async_refresh = false
28
39
 
29
40
  super
30
41
  end
31
42
 
32
43
  private
33
- def credentials_from_process(proc_invocation)
34
- begin
35
- raw_out = `#{proc_invocation}`
36
- process_status = $?
37
- rescue Errno::ENOENT
38
- raise Errors::InvalidProcessCredentialsPayload.new("Could not find process #{proc_invocation}")
44
+
45
+ def credentials_from_process
46
+ r, w = IO.pipe
47
+ success = system(*@process, out: w)
48
+ w.close
49
+ raw_out = r.read
50
+ r.close
51
+
52
+ unless success
53
+ raise Errors::InvalidProcessCredentialsPayload.new(
54
+ 'credential_process provider failure, the credential process had '\
55
+ 'non zero exit status and failed to provide credentials'
56
+ )
39
57
  end
40
58
 
41
- if process_status.success?
42
- begin
43
- creds_json = Aws::Json.load(raw_out)
44
- rescue Aws::Json::ParseError
45
- raise Errors::InvalidProcessCredentialsPayload.new("Invalid JSON response")
46
- end
47
- payload_version = creds_json['Version']
48
- if payload_version == 1
49
- _parse_payload_format_v1(creds_json)
50
- else
51
- raise Errors::InvalidProcessCredentialsPayload.new("Invalid version #{payload_version} for credentials payload")
52
- end
53
- else
54
- raise Errors::InvalidProcessCredentialsPayload.new('credential_process provider failure, the credential process had non zero exit status and failed to provide credentials')
59
+ begin
60
+ creds_json = Aws::Json.load(raw_out)
61
+ rescue Aws::Json::ParseError
62
+ raise Errors::InvalidProcessCredentialsPayload.new('Invalid JSON response')
55
63
  end
64
+
65
+ payload_version = creds_json['Version']
66
+ return _parse_payload_format_v1(creds_json) if payload_version == 1
67
+
68
+ raise Errors::InvalidProcessCredentialsPayload.new(
69
+ "Invalid version #{payload_version} for credentials payload"
70
+ )
56
71
  end
57
72
 
58
73
  def _parse_payload_format_v1(creds_json)
59
74
  creds = Credentials.new(
60
75
  creds_json['AccessKeyId'],
61
76
  creds_json['SecretAccessKey'],
62
- creds_json['SessionToken']
77
+ creds_json['SessionToken'],
78
+ account_id: creds_json['AccountId']
63
79
  )
64
80
 
65
81
  @expiration = creds_json['Expiration'] ? Time.iso8601(creds_json['Expiration']) : nil
66
82
  return creds if creds.set?
67
- raise Errors::InvalidProcessCredentialsPayload.new("Invalid payload for JSON credentials version 1")
83
+
84
+ raise Errors::InvalidProcessCredentialsPayload.new(
85
+ 'Invalid payload for JSON credentials version 1'
86
+ )
68
87
  end
69
88
 
70
89
  def refresh
71
- @credentials = credentials_from_process(@process)
90
+ @credentials = credentials_from_process
72
91
  end
73
92
 
74
93
  def near_expiration?(expiration_length)
@@ -0,0 +1,27 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ # @api private
5
+ module Query
6
+ class EC2Handler < Aws::Query::Handler
7
+
8
+ def apply_params(param_list, params, rules)
9
+ Aws::Query::EC2ParamBuilder.new(param_list).apply(rules, params)
10
+ end
11
+
12
+ def parse_xml(context)
13
+ if (rules = context.operation.output)
14
+ parser = Xml::Parser.new(rules)
15
+ parser.parse(xml(context)) do |path, value|
16
+ if path.size == 2 && path.last == 'requestId'
17
+ context.metadata[:request_id] = value
18
+ end
19
+ end
20
+ else
21
+ EmptyStructure.new
22
+ end
23
+ end
24
+
25
+ end
26
+ end
27
+ end
@@ -31,13 +31,11 @@ module Aws
31
31
  end
32
32
 
33
33
  def list(ref, values, prefix)
34
- if values.empty?
35
- set(prefix, '')
36
- else
37
- member_ref = ref.shape.member
38
- values.each.with_index do |value, n|
39
- format(member_ref, value, "#{prefix}.#{n+1}")
40
- end
34
+ return if values.empty?
35
+
36
+ member_ref = ref.shape.member
37
+ values.each.with_index do |value, n|
38
+ format(member_ref, value, "#{prefix}.#{n + 1}")
41
39
  end
42
40
  end
43
41