aws-sdk-core 3.185.1 → 3.240.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +705 -0
- data/VERSION +1 -1
- data/lib/aws-defaults.rb +4 -1
- data/lib/aws-sdk-core/arn.rb +1 -3
- data/lib/aws-sdk-core/assume_role_credentials.rb +21 -13
- data/lib/aws-sdk-core/assume_role_web_identity_credentials.rb +16 -9
- data/lib/aws-sdk-core/binary/decode_handler.rb +3 -9
- data/lib/aws-sdk-core/binary/encode_handler.rb +1 -1
- data/lib/aws-sdk-core/binary/event_builder.rb +34 -37
- data/lib/aws-sdk-core/binary/event_stream_decoder.rb +1 -0
- data/lib/aws-sdk-core/binary/event_stream_encoder.rb +4 -3
- data/lib/aws-sdk-core/cbor/decoder.rb +308 -0
- data/lib/aws-sdk-core/cbor/encoder.rb +243 -0
- data/lib/aws-sdk-core/cbor.rb +53 -0
- data/lib/aws-sdk-core/client_side_monitoring.rb +9 -0
- data/lib/aws-sdk-core/client_stubs.rb +39 -55
- data/lib/aws-sdk-core/credential_provider.rb +5 -1
- data/lib/aws-sdk-core/credential_provider_chain.rb +101 -25
- data/lib/aws-sdk-core/credentials.rb +19 -6
- data/lib/aws-sdk-core/ec2_metadata.rb +1 -1
- data/lib/aws-sdk-core/ecs_credentials.rb +92 -24
- data/lib/aws-sdk-core/endpoints/endpoint.rb +3 -1
- data/lib/aws-sdk-core/endpoints/matchers.rb +8 -10
- data/lib/aws-sdk-core/endpoints.rb +101 -21
- data/lib/aws-sdk-core/error_handler.rb +46 -0
- data/lib/aws-sdk-core/errors.rb +16 -4
- data/lib/aws-sdk-core/event_emitter.rb +1 -17
- data/lib/aws-sdk-core/instance_profile_credentials.rb +168 -155
- data/lib/aws-sdk-core/json/builder.rb +8 -1
- data/lib/aws-sdk-core/json/error_handler.rb +29 -13
- data/lib/aws-sdk-core/json/handler.rb +13 -6
- data/lib/aws-sdk-core/json/json_engine.rb +3 -1
- data/lib/aws-sdk-core/json/oj_engine.rb +7 -1
- data/lib/aws-sdk-core/json/parser.rb +32 -2
- data/lib/aws-sdk-core/json.rb +43 -14
- data/lib/aws-sdk-core/log/param_filter.rb +2 -2
- data/lib/aws-sdk-core/log/param_formatter.rb +7 -3
- data/lib/aws-sdk-core/log.rb +10 -0
- data/lib/aws-sdk-core/login_credentials.rb +229 -0
- data/lib/aws-sdk-core/lru_cache.rb +75 -0
- data/lib/aws-sdk-core/pageable_response.rb +1 -1
- data/lib/aws-sdk-core/param_validator.rb +7 -2
- data/lib/aws-sdk-core/plugins/bearer_authorization.rb +2 -0
- data/lib/aws-sdk-core/plugins/checksum_algorithm.rb +347 -168
- data/lib/aws-sdk-core/plugins/client_metrics_plugin.rb +1 -1
- data/lib/aws-sdk-core/plugins/client_metrics_send_plugin.rb +14 -2
- data/lib/aws-sdk-core/plugins/credentials_configuration.rb +78 -56
- data/lib/aws-sdk-core/plugins/endpoint_pattern.rb +40 -32
- data/lib/aws-sdk-core/plugins/global_configuration.rb +8 -9
- data/lib/aws-sdk-core/plugins/http_checksum.rb +3 -8
- data/lib/aws-sdk-core/plugins/invocation_id.rb +1 -11
- data/lib/aws-sdk-core/plugins/logging.rb +2 -0
- data/lib/aws-sdk-core/plugins/protocols/api_gateway.rb +3 -1
- data/lib/aws-sdk-core/plugins/protocols/ec2.rb +2 -24
- data/lib/aws-sdk-core/plugins/protocols/json_rpc.rb +6 -8
- data/lib/aws-sdk-core/plugins/protocols/query.rb +4 -2
- data/lib/aws-sdk-core/plugins/protocols/rest_json.rb +3 -15
- data/lib/aws-sdk-core/plugins/protocols/rest_xml.rb +3 -0
- data/lib/aws-sdk-core/plugins/protocols/rpc_v2.rb +17 -0
- data/lib/aws-sdk-core/plugins/regional_endpoint.rb +74 -25
- data/lib/aws-sdk-core/plugins/request_compression.rb +11 -2
- data/lib/aws-sdk-core/plugins/retry_errors.rb +12 -3
- data/lib/aws-sdk-core/plugins/sign.rb +55 -34
- data/lib/aws-sdk-core/plugins/signature_v2.rb +2 -1
- data/lib/aws-sdk-core/plugins/signature_v4.rb +2 -1
- data/lib/aws-sdk-core/plugins/stub_responses.rb +59 -9
- data/lib/aws-sdk-core/plugins/telemetry.rb +75 -0
- data/lib/aws-sdk-core/plugins/transfer_encoding.rb +16 -9
- data/lib/aws-sdk-core/plugins/user_agent.rb +103 -26
- data/lib/aws-sdk-core/plugins.rb +39 -0
- data/lib/aws-sdk-core/process_credentials.rb +48 -29
- data/lib/aws-sdk-core/query/ec2_handler.rb +27 -0
- data/lib/aws-sdk-core/query/ec2_param_builder.rb +5 -7
- data/lib/aws-sdk-core/query/handler.rb +4 -4
- data/lib/aws-sdk-core/query/param_builder.rb +2 -2
- data/lib/aws-sdk-core/query.rb +2 -1
- data/lib/aws-sdk-core/refreshing_credentials.rb +20 -17
- data/lib/aws-sdk-core/resources.rb +8 -0
- data/lib/aws-sdk-core/rest/content_type_handler.rb +60 -0
- data/lib/aws-sdk-core/rest/handler.rb +3 -4
- data/lib/aws-sdk-core/rest/request/body.rb +32 -5
- data/lib/aws-sdk-core/rest/request/endpoint.rb +24 -4
- data/lib/aws-sdk-core/rest/request/headers.rb +15 -7
- data/lib/aws-sdk-core/rest/request/querystring_builder.rb +62 -36
- data/lib/aws-sdk-core/rest/response/body.rb +15 -1
- data/lib/aws-sdk-core/rest/response/header_list_parser.rb +79 -0
- data/lib/aws-sdk-core/rest/response/headers.rb +8 -3
- data/lib/aws-sdk-core/rest.rb +1 -0
- data/lib/aws-sdk-core/rpc_v2/builder.rb +62 -0
- data/lib/aws-sdk-core/rpc_v2/cbor_engine.rb +18 -0
- data/lib/aws-sdk-core/rpc_v2/content_type_handler.rb +47 -0
- data/lib/aws-sdk-core/rpc_v2/error_handler.rb +95 -0
- data/lib/aws-sdk-core/rpc_v2/handler.rb +79 -0
- data/lib/aws-sdk-core/rpc_v2/parser.rb +98 -0
- data/lib/aws-sdk-core/rpc_v2.rb +69 -0
- data/lib/aws-sdk-core/shared_config.rb +110 -22
- data/lib/aws-sdk-core/shared_credentials.rb +1 -7
- data/lib/aws-sdk-core/sso_credentials.rb +5 -2
- data/lib/aws-sdk-core/static_token_provider.rb +1 -2
- data/lib/aws-sdk-core/stubbing/protocols/ec2.rb +12 -11
- data/lib/aws-sdk-core/stubbing/protocols/json.rb +11 -10
- data/lib/aws-sdk-core/stubbing/protocols/query.rb +7 -6
- data/lib/aws-sdk-core/stubbing/protocols/rest.rb +2 -1
- data/lib/aws-sdk-core/stubbing/protocols/rest_json.rb +9 -8
- data/lib/aws-sdk-core/stubbing/protocols/rest_xml.rb +6 -5
- data/lib/aws-sdk-core/stubbing/protocols/rpc_v2.rb +39 -0
- data/lib/aws-sdk-core/stubbing.rb +22 -0
- data/lib/aws-sdk-core/telemetry/base.rb +177 -0
- data/lib/aws-sdk-core/telemetry/no_op.rb +70 -0
- data/lib/aws-sdk-core/telemetry/otel.rb +235 -0
- data/lib/aws-sdk-core/telemetry/span_kind.rb +22 -0
- data/lib/aws-sdk-core/telemetry/span_status.rb +59 -0
- data/lib/aws-sdk-core/telemetry.rb +78 -0
- data/lib/aws-sdk-core/token.rb +3 -3
- data/lib/aws-sdk-core/token_provider.rb +4 -0
- data/lib/aws-sdk-core/token_provider_chain.rb +2 -6
- data/lib/aws-sdk-core/util.rb +41 -1
- data/lib/aws-sdk-core/waiters/poller.rb +10 -5
- data/lib/aws-sdk-core/xml/builder.rb +17 -9
- data/lib/aws-sdk-core/xml/error_handler.rb +35 -43
- data/lib/aws-sdk-core/xml/parser/frame.rb +4 -20
- data/lib/aws-sdk-core/xml/parser/stack.rb +2 -0
- data/lib/aws-sdk-core/xml/parser.rb +2 -6
- data/lib/aws-sdk-core.rb +86 -107
- data/lib/aws-sdk-signin/client.rb +604 -0
- data/lib/aws-sdk-signin/client_api.rb +119 -0
- data/lib/aws-sdk-signin/customizations.rb +1 -0
- data/lib/aws-sdk-signin/endpoint_parameters.rb +69 -0
- data/lib/aws-sdk-signin/endpoint_provider.rb +59 -0
- data/lib/aws-sdk-signin/endpoints.rb +20 -0
- data/lib/aws-sdk-signin/errors.rb +122 -0
- data/lib/aws-sdk-signin/plugins/endpoints.rb +77 -0
- data/lib/aws-sdk-signin/resource.rb +26 -0
- data/lib/aws-sdk-signin/types.rb +299 -0
- data/lib/aws-sdk-signin.rb +63 -0
- data/lib/aws-sdk-sso/client.rb +189 -96
- data/lib/aws-sdk-sso/client_api.rb +7 -0
- data/lib/aws-sdk-sso/endpoint_parameters.rb +13 -10
- data/lib/aws-sdk-sso/endpoint_provider.rb +16 -20
- data/lib/aws-sdk-sso/endpoints.rb +2 -54
- data/lib/aws-sdk-sso/plugins/endpoints.rb +23 -22
- data/lib/aws-sdk-sso/types.rb +1 -0
- data/lib/aws-sdk-sso.rb +15 -11
- data/lib/aws-sdk-ssooidc/client.rb +609 -129
- data/lib/aws-sdk-ssooidc/client_api.rb +94 -1
- data/lib/aws-sdk-ssooidc/endpoint_parameters.rb +13 -10
- data/lib/aws-sdk-ssooidc/endpoint_provider.rb +16 -20
- data/lib/aws-sdk-ssooidc/endpoints.rb +2 -40
- data/lib/aws-sdk-ssooidc/errors.rb +62 -0
- data/lib/aws-sdk-ssooidc/plugins/endpoints.rb +23 -20
- data/lib/aws-sdk-ssooidc/types.rb +419 -53
- data/lib/aws-sdk-ssooidc.rb +15 -11
- data/lib/aws-sdk-sts/client.rb +537 -156
- data/lib/aws-sdk-sts/client_api.rb +108 -8
- data/lib/aws-sdk-sts/customizations.rb +5 -2
- data/lib/aws-sdk-sts/endpoint_parameters.rb +15 -14
- data/lib/aws-sdk-sts/endpoint_provider.rb +52 -57
- data/lib/aws-sdk-sts/endpoints.rb +2 -118
- data/lib/aws-sdk-sts/errors.rb +79 -0
- data/lib/aws-sdk-sts/plugins/endpoints.rb +23 -30
- data/lib/aws-sdk-sts/presigner.rb +3 -7
- data/lib/aws-sdk-sts/types.rb +361 -35
- data/lib/aws-sdk-sts.rb +15 -11
- data/lib/seahorse/client/async_base.rb +4 -5
- data/lib/seahorse/client/async_response.rb +19 -0
- data/lib/seahorse/client/base.rb +18 -21
- data/lib/seahorse/client/h2/connection.rb +18 -28
- data/lib/seahorse/client/h2/handler.rb +19 -3
- data/lib/seahorse/client/handler.rb +1 -1
- data/lib/seahorse/client/http/response.rb +1 -1
- data/lib/seahorse/client/net_http/connection_pool.rb +15 -12
- data/lib/seahorse/client/net_http/handler.rb +21 -9
- data/lib/seahorse/client/net_http/patches.rb +1 -4
- data/lib/seahorse/client/networking_error.rb +1 -1
- data/lib/seahorse/client/plugin.rb +9 -0
- data/lib/seahorse/client/plugins/endpoint.rb +0 -1
- data/lib/seahorse/client/plugins/h2.rb +4 -4
- data/lib/seahorse/client/plugins/net_http.rb +57 -16
- data/lib/seahorse/client/request_context.rb +9 -2
- data/lib/seahorse/client/response.rb +2 -0
- data/lib/seahorse/model/shapes.rb +2 -2
- data/lib/seahorse/util.rb +2 -1
- data/sig/aws-sdk-core/async_client_stubs.rbs +21 -0
- data/sig/aws-sdk-core/client_stubs.rbs +10 -0
- data/sig/aws-sdk-core/errors.rbs +22 -0
- data/sig/aws-sdk-core/resources/collection.rbs +21 -0
- data/sig/aws-sdk-core/structure.rbs +4 -0
- data/sig/aws-sdk-core/telemetry/base.rbs +46 -0
- data/sig/aws-sdk-core/telemetry/otel.rbs +22 -0
- data/sig/aws-sdk-core/telemetry/span_kind.rbs +15 -0
- data/sig/aws-sdk-core/telemetry/span_status.rbs +24 -0
- data/sig/aws-sdk-core/waiters/errors.rbs +20 -0
- data/sig/aws-sdk-core.rbs +7 -0
- data/sig/seahorse/client/async_base.rbs +18 -0
- data/sig/seahorse/client/base.rbs +25 -0
- data/sig/seahorse/client/handler_builder.rbs +16 -0
- data/sig/seahorse/client/response.rbs +61 -0
- metadata +117 -23
- /data/lib/aws-sdk-core/xml/parser/{engines/libxml.rb → libxml_engine.rb} +0 -0
- /data/lib/aws-sdk-core/xml/parser/{engines/nokogiri.rb → nokogiri_engine.rb} +0 -0
- /data/lib/aws-sdk-core/xml/parser/{engines/oga.rb → oga_engine.rb} +0 -0
- /data/lib/aws-sdk-core/xml/parser/{engines/ox.rb → ox_engine.rb} +0 -0
- /data/lib/aws-sdk-core/xml/parser/{engines/rexml.rb → rexml_engine.rb} +0 -0
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Aws
|
|
4
|
+
module RpcV2
|
|
5
|
+
class Handler < Seahorse::Client::Handler
|
|
6
|
+
# @param [Seahorse::Client::RequestContext] context
|
|
7
|
+
# @return [Seahorse::Client::Response]
|
|
8
|
+
def call(context)
|
|
9
|
+
build_request(context)
|
|
10
|
+
response = with_metric { @handler.call(context) }
|
|
11
|
+
response.on(200..299) { |resp| resp.data = parse_body(context) }
|
|
12
|
+
response.on(200..599) { |_resp| apply_request_id(context) }
|
|
13
|
+
response
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
private
|
|
17
|
+
|
|
18
|
+
def with_metric(&block)
|
|
19
|
+
Aws::Plugins::UserAgent.metric('PROTOCOL_RPC_V2_CBOR', &block)
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
def build_request(context)
|
|
23
|
+
context.http_request.headers['Smithy-Protocol'] = 'rpc-v2-cbor'
|
|
24
|
+
context.http_request.headers['X-Amzn-Query-Mode'] = 'true' if query_compatible?(context)
|
|
25
|
+
context.http_request.http_method = 'POST'
|
|
26
|
+
context.http_request.body = build_body(context)
|
|
27
|
+
build_url(context)
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
def build_url(context)
|
|
31
|
+
base = context.http_request.endpoint
|
|
32
|
+
service_name = context.config.api.metadata['targetPrefix']
|
|
33
|
+
base.path += "/service/#{service_name}/operation/#{context.operation.name}"
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
def build_body(context)
|
|
37
|
+
Builder.new(context.operation.input).serialize(context.params)
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
def parse_body(context)
|
|
41
|
+
cbor = context.http_response.body_contents
|
|
42
|
+
if (rules = context.operation.output)
|
|
43
|
+
if cbor.is_a?(Array)
|
|
44
|
+
# an array of emitted events
|
|
45
|
+
if cbor[0].respond_to?(:response)
|
|
46
|
+
# initial response exists
|
|
47
|
+
# it must be the first event arrived
|
|
48
|
+
resp_struct = cbor.shift.response
|
|
49
|
+
else
|
|
50
|
+
resp_struct = context.operation.output.shape.struct_class.new
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
rules.shape.members.each do |name, ref|
|
|
54
|
+
if ref.eventstream
|
|
55
|
+
resp_struct.send("#{name}=", cbor.to_enum)
|
|
56
|
+
end
|
|
57
|
+
end
|
|
58
|
+
resp_struct
|
|
59
|
+
else
|
|
60
|
+
Parser.new(
|
|
61
|
+
rules,
|
|
62
|
+
query_compatible: query_compatible?(context)
|
|
63
|
+
).parse(cbor)
|
|
64
|
+
end
|
|
65
|
+
else
|
|
66
|
+
EmptyStructure.new
|
|
67
|
+
end
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
def apply_request_id(context)
|
|
71
|
+
context[:request_id] = context.http_response.headers['x-amzn-requestid']
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
def query_compatible?(context)
|
|
75
|
+
context.config.api.metadata.key?('awsQueryCompatible')
|
|
76
|
+
end
|
|
77
|
+
end
|
|
78
|
+
end
|
|
79
|
+
end
|
|
@@ -0,0 +1,98 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'time'
|
|
4
|
+
|
|
5
|
+
module Aws
|
|
6
|
+
module RpcV2
|
|
7
|
+
class Parser
|
|
8
|
+
include Seahorse::Model::Shapes
|
|
9
|
+
|
|
10
|
+
# @param [Seahorse::Model::ShapeRef] rules
|
|
11
|
+
def initialize(rules, query_compatible: false)
|
|
12
|
+
@rules = rules
|
|
13
|
+
@query_compatible = query_compatible
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def parse(cbor, target = nil)
|
|
17
|
+
return {} if cbor.empty?
|
|
18
|
+
|
|
19
|
+
parse_ref(@rules, RpcV2.decode(cbor), target)
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
private
|
|
23
|
+
|
|
24
|
+
def structure(ref, values, target = nil)
|
|
25
|
+
shape = ref.shape
|
|
26
|
+
target = ref.shape.struct_class.new if target.nil?
|
|
27
|
+
values.each do |key, value|
|
|
28
|
+
member_name, member_ref = shape.member_by_location_name(key)
|
|
29
|
+
if member_ref
|
|
30
|
+
target[member_name] = parse_ref(member_ref, value)
|
|
31
|
+
elsif shape.union && key != '__type'
|
|
32
|
+
target[:unknown] = { 'name' => key, 'value' => value }
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
# In services that were previously Query/XML, members that were
|
|
36
|
+
# "flattened" defaulted to empty lists. In JSON, these values are nil,
|
|
37
|
+
# which is backwards incompatible. To preserve backwards compatibility,
|
|
38
|
+
# we set a default value of [] for these members.
|
|
39
|
+
if @query_compatible
|
|
40
|
+
ref.shape.members.each do |member_name, member_target|
|
|
41
|
+
next unless target[member_name].nil?
|
|
42
|
+
|
|
43
|
+
if flattened_list?(member_target.shape)
|
|
44
|
+
target[member_name] = []
|
|
45
|
+
elsif flattened_map?(member_target.shape)
|
|
46
|
+
target[member_name] = {}
|
|
47
|
+
end
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
if shape.union
|
|
52
|
+
# convert to subclass
|
|
53
|
+
member_subclass = shape.member_subclass(target.member).new
|
|
54
|
+
member_subclass[target.member] = target.value
|
|
55
|
+
target = member_subclass
|
|
56
|
+
end
|
|
57
|
+
target
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def list(ref, values, target = nil)
|
|
61
|
+
target = [] if target.nil?
|
|
62
|
+
values.each do |value|
|
|
63
|
+
target << parse_ref(ref.shape.member, value)
|
|
64
|
+
end
|
|
65
|
+
target
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
def map(ref, values, target = nil)
|
|
69
|
+
target = {} if target.nil?
|
|
70
|
+
values.each do |key, value|
|
|
71
|
+
target[key] = parse_ref(ref.shape.value, value) unless value.nil?
|
|
72
|
+
end
|
|
73
|
+
target
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
def parse_ref(ref, value, target = nil)
|
|
77
|
+
if value.nil?
|
|
78
|
+
nil
|
|
79
|
+
else
|
|
80
|
+
case ref.shape
|
|
81
|
+
when StructureShape then structure(ref, value, target)
|
|
82
|
+
when ListShape then list(ref, value, target)
|
|
83
|
+
when MapShape then map(ref, value, target)
|
|
84
|
+
else value
|
|
85
|
+
end
|
|
86
|
+
end
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
def flattened_list?(shape)
|
|
90
|
+
shape.is_a?(ListShape) && shape.flattened
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
def flattened_map?(shape)
|
|
94
|
+
shape.is_a?(MapShape) && shape.flattened
|
|
95
|
+
end
|
|
96
|
+
end
|
|
97
|
+
end
|
|
98
|
+
end
|
|
@@ -0,0 +1,69 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require_relative 'cbor'
|
|
4
|
+
require_relative 'rpc_v2/builder'
|
|
5
|
+
require_relative 'rpc_v2/content_type_handler'
|
|
6
|
+
require_relative 'rpc_v2/error_handler'
|
|
7
|
+
require_relative 'rpc_v2/handler'
|
|
8
|
+
require_relative 'rpc_v2/parser'
|
|
9
|
+
|
|
10
|
+
module Aws
|
|
11
|
+
# @api private
|
|
12
|
+
module RpcV2
|
|
13
|
+
class << self
|
|
14
|
+
# @param [Symbol,Class] engine
|
|
15
|
+
# Must be one of the following values:
|
|
16
|
+
#
|
|
17
|
+
# * :cbor
|
|
18
|
+
#
|
|
19
|
+
def engine=(engine)
|
|
20
|
+
@engine = Class === engine ? engine : load_engine(engine)
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
# @return [Class] Returns the default engine.
|
|
24
|
+
# One of:
|
|
25
|
+
#
|
|
26
|
+
# * {CborEngine}
|
|
27
|
+
#
|
|
28
|
+
def engine
|
|
29
|
+
set_default_engine unless @engine
|
|
30
|
+
@engine
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def encode(data)
|
|
34
|
+
@engine.encode(data)
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
def decode(bytes)
|
|
38
|
+
bytes.force_encoding(Encoding::BINARY)
|
|
39
|
+
@engine.decode(bytes)
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def set_default_engine
|
|
43
|
+
[:cbor].each do |name|
|
|
44
|
+
@engine ||= try_load_engine(name)
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
unless @engine
|
|
48
|
+
raise 'Unable to find a compatible cbor library.'
|
|
49
|
+
end
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
private
|
|
53
|
+
|
|
54
|
+
def load_engine(name)
|
|
55
|
+
require "aws-sdk-core/rpc_v2/#{name}_engine"
|
|
56
|
+
const_name = name[0].upcase + name[1..-1] + 'Engine'
|
|
57
|
+
const_get(const_name)
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def try_load_engine(name)
|
|
61
|
+
load_engine(name)
|
|
62
|
+
rescue LoadError
|
|
63
|
+
false
|
|
64
|
+
end
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
set_default_engine
|
|
68
|
+
end
|
|
69
|
+
end
|
|
@@ -138,7 +138,11 @@ module Aws
|
|
|
138
138
|
role_session_name: entry['role_session_name']
|
|
139
139
|
}
|
|
140
140
|
cfg[:region] = opts[:region] if opts[:region]
|
|
141
|
-
|
|
141
|
+
with_metrics('CREDENTIALS_PROFILE_STS_WEB_ID_TOKEN') do
|
|
142
|
+
creds = AssumeRoleWebIdentityCredentials.new(cfg)
|
|
143
|
+
creds.metrics << 'CREDENTIALS_PROFILE_STS_WEB_ID_TOKEN'
|
|
144
|
+
creds
|
|
145
|
+
end
|
|
142
146
|
end
|
|
143
147
|
end
|
|
144
148
|
end
|
|
@@ -167,6 +171,16 @@ module Aws
|
|
|
167
171
|
token
|
|
168
172
|
end
|
|
169
173
|
|
|
174
|
+
# Attempts to load from shared config or shared credentials file.
|
|
175
|
+
# Will always attempt first to load from the shared credentials
|
|
176
|
+
# file, if present.
|
|
177
|
+
def login_credentials_from_config(opts = {})
|
|
178
|
+
p = opts[:profile] || @profile_name
|
|
179
|
+
credentials = login_credentials_from_profile(@parsed_credentials, p, opts[:region])
|
|
180
|
+
credentials ||= login_credentials_from_profile(@parsed_config, p, opts[:region]) if @parsed_config
|
|
181
|
+
credentials
|
|
182
|
+
end
|
|
183
|
+
|
|
170
184
|
# Source a custom configured endpoint from the shared configuration file
|
|
171
185
|
#
|
|
172
186
|
# @param [Hash] opts
|
|
@@ -198,6 +212,9 @@ module Aws
|
|
|
198
212
|
|
|
199
213
|
config_reader(
|
|
200
214
|
:region,
|
|
215
|
+
:account_id_endpoint_mode,
|
|
216
|
+
:auth_scheme_preference,
|
|
217
|
+
:sigv4a_signing_region_set,
|
|
201
218
|
:ca_bundle,
|
|
202
219
|
:credential_process,
|
|
203
220
|
:endpoint_discovery_enabled,
|
|
@@ -205,10 +222,14 @@ module Aws
|
|
|
205
222
|
:use_fips_endpoint,
|
|
206
223
|
:ec2_metadata_service_endpoint,
|
|
207
224
|
:ec2_metadata_service_endpoint_mode,
|
|
225
|
+
:ec2_metadata_v1_disabled,
|
|
226
|
+
:disable_host_prefix_injection,
|
|
208
227
|
:max_attempts,
|
|
209
228
|
:retry_mode,
|
|
210
229
|
:adaptive_retry_wait_to_fill,
|
|
211
230
|
:correct_clock_skew,
|
|
231
|
+
:request_checksum_calculation,
|
|
232
|
+
:response_checksum_validation,
|
|
212
233
|
:csm_client_id,
|
|
213
234
|
:csm_enabled,
|
|
214
235
|
:csm_host,
|
|
@@ -217,6 +238,7 @@ module Aws
|
|
|
217
238
|
:s3_use_arn_region,
|
|
218
239
|
:s3_us_east_1_regional_endpoint,
|
|
219
240
|
:s3_disable_multiregion_access_points,
|
|
241
|
+
:s3_disable_express_session_auth,
|
|
220
242
|
:defaults_mode,
|
|
221
243
|
:sdk_ua_app_id,
|
|
222
244
|
:disable_request_compression,
|
|
@@ -249,8 +271,8 @@ module Aws
|
|
|
249
271
|
'provide only source_profile or credential_source, not both.'
|
|
250
272
|
elsif opts[:source_profile]
|
|
251
273
|
opts[:visited_profiles] ||= Set.new
|
|
252
|
-
|
|
253
|
-
if opts[:credentials]
|
|
274
|
+
provider = resolve_source_profile(opts[:source_profile], opts)
|
|
275
|
+
if provider && (opts[:credentials] = provider.credentials)
|
|
254
276
|
opts[:role_session_name] ||= prof_cfg['role_session_name']
|
|
255
277
|
opts[:role_session_name] ||= 'default_session'
|
|
256
278
|
opts[:role_arn] ||= prof_cfg['role_arn']
|
|
@@ -259,17 +281,28 @@ module Aws
|
|
|
259
281
|
opts[:serial_number] ||= prof_cfg['mfa_serial']
|
|
260
282
|
opts[:profile] = opts.delete(:source_profile)
|
|
261
283
|
opts.delete(:visited_profiles)
|
|
262
|
-
|
|
284
|
+
|
|
285
|
+
metrics = provider.metrics
|
|
286
|
+
if provider.is_a?(AssumeRoleCredentials)
|
|
287
|
+
opts[:credentials] = provider
|
|
288
|
+
metrics.delete('CREDENTIALS_STS_ASSUME_ROLE')
|
|
289
|
+
else
|
|
290
|
+
metrics << 'CREDENTIALS_PROFILE_SOURCE_PROFILE'
|
|
291
|
+
end
|
|
292
|
+
# Set the original credentials metrics to [] to prevent duplicate metrics during sign plugin
|
|
293
|
+
opts[:credentials].metrics = []
|
|
294
|
+
with_metrics(metrics) do
|
|
295
|
+
creds = AssumeRoleCredentials.new(opts)
|
|
296
|
+
creds.metrics.push(*metrics)
|
|
297
|
+
creds
|
|
298
|
+
end
|
|
263
299
|
else
|
|
264
300
|
raise Errors::NoSourceProfileError,
|
|
265
301
|
"Profile #{profile} has a role_arn, and source_profile, but the"\
|
|
266
302
|
' source_profile does not have credentials.'
|
|
267
303
|
end
|
|
268
304
|
elsif credential_source
|
|
269
|
-
opts[:credentials] = credentials_from_source(
|
|
270
|
-
credential_source,
|
|
271
|
-
chain_config
|
|
272
|
-
)
|
|
305
|
+
opts[:credentials] = credentials_from_source(credential_source, chain_config)
|
|
273
306
|
if opts[:credentials]
|
|
274
307
|
opts[:role_session_name] ||= prof_cfg['role_session_name']
|
|
275
308
|
opts[:role_session_name] ||= 'default_session'
|
|
@@ -278,7 +311,16 @@ module Aws
|
|
|
278
311
|
opts[:external_id] ||= prof_cfg['external_id']
|
|
279
312
|
opts[:serial_number] ||= prof_cfg['mfa_serial']
|
|
280
313
|
opts.delete(:source_profile) # Cleanup
|
|
281
|
-
|
|
314
|
+
|
|
315
|
+
metrics = opts[:credentials].metrics
|
|
316
|
+
metrics << 'CREDENTIALS_PROFILE_NAMED_PROVIDER'
|
|
317
|
+
# Set the original credentials metrics to [] to prevent duplicate metrics during sign plugin
|
|
318
|
+
opts[:credentials].metrics = []
|
|
319
|
+
with_metrics(metrics) do
|
|
320
|
+
creds = AssumeRoleCredentials.new(opts)
|
|
321
|
+
creds.metrics.push(*metrics)
|
|
322
|
+
creds
|
|
323
|
+
end
|
|
282
324
|
else
|
|
283
325
|
raise Errors::NoSourceCredentials,
|
|
284
326
|
"Profile #{profile} could not get source credentials from"\
|
|
@@ -306,12 +348,24 @@ module Aws
|
|
|
306
348
|
elsif profile_config && profile_config['source_profile']
|
|
307
349
|
opts.delete(:source_profile)
|
|
308
350
|
assume_role_credentials_from_config(opts.merge(profile: profile))
|
|
309
|
-
elsif (provider =
|
|
310
|
-
provider
|
|
351
|
+
elsif (provider = assume_role_web_identity_credentials_from_config_with_metrics(opts.merge(profile: profile)))
|
|
352
|
+
provider if provider.credentials.set?
|
|
311
353
|
elsif (provider = assume_role_process_credentials_from_config(profile))
|
|
312
|
-
provider
|
|
313
|
-
elsif (provider =
|
|
314
|
-
provider
|
|
354
|
+
provider if provider.credentials.set?
|
|
355
|
+
elsif (provider = sso_credentials_from_config_with_metrics(profile))
|
|
356
|
+
provider if provider.credentials.set?
|
|
357
|
+
end
|
|
358
|
+
end
|
|
359
|
+
|
|
360
|
+
def assume_role_web_identity_credentials_from_config_with_metrics(opts)
|
|
361
|
+
with_metrics('CREDENTIALS_PROFILE_SOURCE_PROFILE') do
|
|
362
|
+
assume_role_web_identity_credentials_from_config(opts)
|
|
363
|
+
end
|
|
364
|
+
end
|
|
365
|
+
|
|
366
|
+
def sso_credentials_from_config_with_metrics(profile)
|
|
367
|
+
with_metrics('CREDENTIALS_PROFILE_SOURCE_PROFILE') do
|
|
368
|
+
sso_credentials_from_config(profile: profile)
|
|
315
369
|
end
|
|
316
370
|
end
|
|
317
371
|
|
|
@@ -325,6 +379,15 @@ module Aws
|
|
|
325
379
|
)
|
|
326
380
|
when 'EcsContainer'
|
|
327
381
|
ECSCredentials.new
|
|
382
|
+
when 'Environment'
|
|
383
|
+
creds = Credentials.new(
|
|
384
|
+
ENV['AWS_ACCESS_KEY_ID'],
|
|
385
|
+
ENV['AWS_SECRET_ACCESS_KEY'],
|
|
386
|
+
ENV['AWS_SESSION_TOKEN'],
|
|
387
|
+
account_id: ENV['AWS_ACCOUNT_ID']
|
|
388
|
+
)
|
|
389
|
+
creds.metrics = ['CREDENTIALS_ENV_VARS']
|
|
390
|
+
creds
|
|
328
391
|
else
|
|
329
392
|
raise Errors::InvalidCredentialSourceError, "Unsupported credential_source: #{credential_source}"
|
|
330
393
|
end
|
|
@@ -336,7 +399,11 @@ module Aws
|
|
|
336
399
|
if @parsed_config
|
|
337
400
|
credential_process ||= @parsed_config.fetch(profile, {})['credential_process']
|
|
338
401
|
end
|
|
339
|
-
|
|
402
|
+
if credential_process
|
|
403
|
+
creds = ProcessCredentials.new([credential_process])
|
|
404
|
+
creds.metrics << 'CREDENTIALS_PROFILE_PROCESS'
|
|
405
|
+
creds
|
|
406
|
+
end
|
|
340
407
|
end
|
|
341
408
|
|
|
342
409
|
def credentials_from_shared(profile, _opts)
|
|
@@ -380,13 +447,18 @@ module Aws
|
|
|
380
447
|
sso_start_url = prof_config['sso_start_url']
|
|
381
448
|
end
|
|
382
449
|
|
|
383
|
-
|
|
384
|
-
|
|
385
|
-
|
|
386
|
-
|
|
387
|
-
|
|
388
|
-
|
|
450
|
+
metric = prof_config['sso_session'] ? 'CREDENTIALS_PROFILE_SSO' : 'CREDENTIALS_PROFILE_SSO_LEGACY'
|
|
451
|
+
with_metrics(metric) do
|
|
452
|
+
creds = SSOCredentials.new(
|
|
453
|
+
sso_account_id: prof_config['sso_account_id'],
|
|
454
|
+
sso_role_name: prof_config['sso_role_name'],
|
|
455
|
+
sso_session: prof_config['sso_session'],
|
|
456
|
+
sso_region: sso_region,
|
|
457
|
+
sso_start_url: sso_start_url
|
|
389
458
|
)
|
|
459
|
+
creds.metrics << metric
|
|
460
|
+
creds
|
|
461
|
+
end
|
|
390
462
|
end
|
|
391
463
|
end
|
|
392
464
|
|
|
@@ -407,12 +479,24 @@ module Aws
|
|
|
407
479
|
end
|
|
408
480
|
end
|
|
409
481
|
|
|
482
|
+
def login_credentials_from_profile(cfg, profile, region)
|
|
483
|
+
return unless @parsed_config && (prof_config = cfg[profile]) && prof_config['login_session']
|
|
484
|
+
|
|
485
|
+
cfg = { login_session: prof_config['login_session'] }
|
|
486
|
+
cfg[:region] = region if region
|
|
487
|
+
creds = LoginCredentials.new(cfg)
|
|
488
|
+
creds.metrics << 'CREDENTIALS_PROFILE_LOGIN'
|
|
489
|
+
creds
|
|
490
|
+
end
|
|
491
|
+
|
|
410
492
|
def credentials_from_profile(prof_config)
|
|
411
493
|
creds = Credentials.new(
|
|
412
494
|
prof_config['aws_access_key_id'],
|
|
413
495
|
prof_config['aws_secret_access_key'],
|
|
414
|
-
prof_config['aws_session_token']
|
|
496
|
+
prof_config['aws_session_token'],
|
|
497
|
+
account_id: prof_config['aws_account_id']
|
|
415
498
|
)
|
|
499
|
+
creds.metrics = ['CREDENTIALS_PROFILE']
|
|
416
500
|
creds if creds.set?
|
|
417
501
|
end
|
|
418
502
|
|
|
@@ -473,5 +557,9 @@ module Aws
|
|
|
473
557
|
|
|
474
558
|
sso_session
|
|
475
559
|
end
|
|
560
|
+
|
|
561
|
+
def with_metrics(metrics, &block)
|
|
562
|
+
Aws::Plugins::UserAgent.metric(*metrics, &block)
|
|
563
|
+
end
|
|
476
564
|
end
|
|
477
565
|
end
|
|
@@ -7,13 +7,6 @@ module Aws
|
|
|
7
7
|
|
|
8
8
|
include CredentialProvider
|
|
9
9
|
|
|
10
|
-
# @api private
|
|
11
|
-
KEY_MAP = {
|
|
12
|
-
'aws_access_key_id' => 'access_key_id',
|
|
13
|
-
'aws_secret_access_key' => 'secret_access_key',
|
|
14
|
-
'aws_session_token' => 'session_token',
|
|
15
|
-
}
|
|
16
|
-
|
|
17
10
|
# Constructs a new SharedCredentials object. This will load static
|
|
18
11
|
# (access_key_id, secret_access_key and session_token) AWS access
|
|
19
12
|
# credentials from an ini file, which supports profiles. The default
|
|
@@ -47,6 +40,7 @@ module Aws
|
|
|
47
40
|
)
|
|
48
41
|
@credentials = config.credentials(profile: @profile_name)
|
|
49
42
|
end
|
|
43
|
+
@metrics = ['CREDENTIALS_CODE']
|
|
50
44
|
end
|
|
51
45
|
|
|
52
46
|
# @return [String]
|
|
@@ -7,7 +7,7 @@ module Aws
|
|
|
7
7
|
# {Aws::SSOTokenProvider} will be used to refresh the token if possible.
|
|
8
8
|
# This class does NOT implement the SSO login token flow - tokens
|
|
9
9
|
# must generated separately by running `aws login` from the
|
|
10
|
-
# AWS CLI with the correct profile. The
|
|
10
|
+
# AWS CLI with the correct profile. The {SSOCredentials} will
|
|
11
11
|
# auto-refresh the AWS credentials from SSO.
|
|
12
12
|
#
|
|
13
13
|
# # You must first run aws sso login --profile your-sso-profile
|
|
@@ -91,6 +91,7 @@ module Aws
|
|
|
91
91
|
client_opts[:credentials] = nil
|
|
92
92
|
@client = Aws::SSO::Client.new(client_opts)
|
|
93
93
|
end
|
|
94
|
+
@metrics = ['CREDENTIALS_SSO']
|
|
94
95
|
else # legacy behavior
|
|
95
96
|
missing_keys = LEGACY_REQUIRED_OPTS.select { |k| options[k].nil? }
|
|
96
97
|
unless missing_keys.empty?
|
|
@@ -111,6 +112,7 @@ module Aws
|
|
|
111
112
|
client_opts[:credentials] = nil
|
|
112
113
|
|
|
113
114
|
@client = options[:client] || Aws::SSO::Client.new(client_opts)
|
|
115
|
+
@metrics = ['CREDENTIALS_SSO_LEGACY']
|
|
114
116
|
end
|
|
115
117
|
|
|
116
118
|
@async_refresh = true
|
|
@@ -156,7 +158,8 @@ module Aws
|
|
|
156
158
|
@credentials = Credentials.new(
|
|
157
159
|
c.access_key_id,
|
|
158
160
|
c.secret_access_key,
|
|
159
|
-
c.session_token
|
|
161
|
+
c.session_token,
|
|
162
|
+
account_id: @sso_account_id
|
|
160
163
|
)
|
|
161
164
|
@expiration = Time.at(c.expiration / 1000.0)
|
|
162
165
|
end
|
|
@@ -2,12 +2,11 @@
|
|
|
2
2
|
|
|
3
3
|
module Aws
|
|
4
4
|
class StaticTokenProvider
|
|
5
|
-
|
|
6
5
|
include TokenProvider
|
|
7
6
|
|
|
8
7
|
# @param [String] token
|
|
9
8
|
# @param [Time] expiration
|
|
10
|
-
def initialize(token, expiration=nil)
|
|
9
|
+
def initialize(token, expiration = nil)
|
|
11
10
|
@token = Token.new(token, expiration)
|
|
12
11
|
end
|
|
13
12
|
end
|
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
module Aws
|
|
4
4
|
module Stubbing
|
|
5
5
|
module Protocols
|
|
6
|
+
# @api private
|
|
6
7
|
class EC2
|
|
7
8
|
|
|
8
9
|
def stub_data(api, operation, data)
|
|
@@ -16,17 +17,17 @@ module Aws
|
|
|
16
17
|
end
|
|
17
18
|
|
|
18
19
|
def stub_error(error_code)
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
<ErrorResponse>
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
</ErrorResponse>
|
|
20
|
+
resp = Seahorse::Client::Http::Response.new
|
|
21
|
+
resp.status_code = 400
|
|
22
|
+
resp.body = <<~XML.strip
|
|
23
|
+
<ErrorResponse>
|
|
24
|
+
<Error>
|
|
25
|
+
<Code>#{error_code}</Code>
|
|
26
|
+
<Message>stubbed-response-error-message</Message>
|
|
27
|
+
</Error>
|
|
28
|
+
</ErrorResponse>
|
|
28
29
|
XML
|
|
29
|
-
|
|
30
|
+
resp
|
|
30
31
|
end
|
|
31
32
|
|
|
32
33
|
private
|
|
@@ -37,7 +38,7 @@ module Aws
|
|
|
37
38
|
xml.shift
|
|
38
39
|
xml.pop
|
|
39
40
|
xmlns = "http://ec2.amazonaws.com/doc/#{api.version}/".inspect
|
|
40
|
-
xml.unshift(
|
|
41
|
+
xml.unshift(' <requestId>stubbed-request-id</requestId>')
|
|
41
42
|
xml.unshift("<#{operation.name}Response xmlns=#{xmlns}>\n")
|
|
42
43
|
xml.push("</#{operation.name}Response>\n")
|
|
43
44
|
xml.join
|
|
@@ -3,27 +3,28 @@
|
|
|
3
3
|
module Aws
|
|
4
4
|
module Stubbing
|
|
5
5
|
module Protocols
|
|
6
|
+
# @api private
|
|
6
7
|
class Json
|
|
7
8
|
|
|
8
9
|
def stub_data(api, operation, data)
|
|
9
10
|
resp = Seahorse::Client::Http::Response.new
|
|
10
11
|
resp.status_code = 200
|
|
11
|
-
resp.headers[
|
|
12
|
-
resp.headers[
|
|
12
|
+
resp.headers['Content-Type'] = content_type(api)
|
|
13
|
+
resp.headers['x-amzn-RequestId'] = 'stubbed-request-id'
|
|
13
14
|
resp.body = build_body(operation, data)
|
|
14
15
|
resp
|
|
15
16
|
end
|
|
16
17
|
|
|
17
18
|
def stub_error(error_code)
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
{
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
}
|
|
19
|
+
resp = Seahorse::Client::Http::Response.new
|
|
20
|
+
resp.status_code = 400
|
|
21
|
+
resp.body = <<~JSON.strip
|
|
22
|
+
{
|
|
23
|
+
"code": #{error_code.inspect},
|
|
24
|
+
"message": "stubbed-response-error-message"
|
|
25
|
+
}
|
|
25
26
|
JSON
|
|
26
|
-
|
|
27
|
+
resp
|
|
27
28
|
end
|
|
28
29
|
|
|
29
30
|
private
|
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
module Aws
|
|
4
4
|
module Stubbing
|
|
5
5
|
module Protocols
|
|
6
|
+
# @api private
|
|
6
7
|
class Query
|
|
7
8
|
|
|
8
9
|
def stub_data(api, operation, data)
|
|
@@ -13,10 +14,10 @@ module Aws
|
|
|
13
14
|
end
|
|
14
15
|
|
|
15
16
|
def stub_error(error_code)
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
17
|
+
resp = Seahorse::Client::Http::Response.new
|
|
18
|
+
resp.status_code = 400
|
|
19
|
+
resp.body = XmlError.new(error_code).to_xml
|
|
20
|
+
resp
|
|
20
21
|
end
|
|
21
22
|
|
|
22
23
|
private
|
|
@@ -24,9 +25,9 @@ module Aws
|
|
|
24
25
|
def build_body(api, operation, data)
|
|
25
26
|
xml = []
|
|
26
27
|
builder = Aws::Xml::DocBuilder.new(target: xml, indent: ' ')
|
|
27
|
-
builder.node(operation.name
|
|
28
|
+
builder.node("#{operation.name}Response", xmlns: xmlns(api)) do
|
|
28
29
|
if (rules = operation.output)
|
|
29
|
-
rules.location_name = operation.name
|
|
30
|
+
rules.location_name = "#{operation.name}Result"
|
|
30
31
|
Xml::Builder.new(rules, target: xml, pad:' ').to_xml(data)
|
|
31
32
|
end
|
|
32
33
|
builder.node('ResponseMetadata') do
|