RubyGems - aws-sdk-core - Versions diffs - 3.186.0 → 3.241.3 - Mend

aws-sdk-core 3.186.0 → 3.241.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (205) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +715 -0
data/VERSION +1 -1
data/lib/aws-defaults.rb +4 -1
data/lib/aws-sdk-core/arn.rb +1 -3
data/lib/aws-sdk-core/assume_role_credentials.rb +21 -13
data/lib/aws-sdk-core/assume_role_web_identity_credentials.rb +16 -9
data/lib/aws-sdk-core/binary/decode_handler.rb +3 -9
data/lib/aws-sdk-core/binary/encode_handler.rb +1 -1
data/lib/aws-sdk-core/binary/event_builder.rb +34 -37
data/lib/aws-sdk-core/binary/event_stream_decoder.rb +1 -0
data/lib/aws-sdk-core/binary/event_stream_encoder.rb +4 -3
data/lib/aws-sdk-core/cbor/decoder.rb +308 -0
data/lib/aws-sdk-core/cbor/encoder.rb +243 -0
data/lib/aws-sdk-core/cbor.rb +53 -0
data/lib/aws-sdk-core/client_side_monitoring.rb +9 -0
data/lib/aws-sdk-core/client_stubs.rb +39 -55
data/lib/aws-sdk-core/credential_provider.rb +5 -1
data/lib/aws-sdk-core/credential_provider_chain.rb +101 -25
data/lib/aws-sdk-core/credentials.rb +19 -6
data/lib/aws-sdk-core/ec2_metadata.rb +1 -1
data/lib/aws-sdk-core/ecs_credentials.rb +92 -24
data/lib/aws-sdk-core/endpoints/endpoint.rb +3 -1
data/lib/aws-sdk-core/endpoints/matchers.rb +8 -10
data/lib/aws-sdk-core/endpoints.rb +101 -21
data/lib/aws-sdk-core/error_handler.rb +46 -0
data/lib/aws-sdk-core/errors.rb +16 -4
data/lib/aws-sdk-core/event_emitter.rb +1 -17
data/lib/aws-sdk-core/instance_profile_credentials.rb +148 -157
data/lib/aws-sdk-core/json/builder.rb +8 -1
data/lib/aws-sdk-core/json/error_handler.rb +29 -13
data/lib/aws-sdk-core/json/handler.rb +13 -6
data/lib/aws-sdk-core/json/json_engine.rb +3 -1
data/lib/aws-sdk-core/json/oj_engine.rb +7 -1
data/lib/aws-sdk-core/json/parser.rb +32 -2
data/lib/aws-sdk-core/json.rb +43 -14
data/lib/aws-sdk-core/log/param_filter.rb +2 -2
data/lib/aws-sdk-core/log/param_formatter.rb +7 -3
data/lib/aws-sdk-core/log.rb +10 -0
data/lib/aws-sdk-core/login_credentials.rb +229 -0
data/lib/aws-sdk-core/lru_cache.rb +75 -0
data/lib/aws-sdk-core/pageable_response.rb +1 -1
data/lib/aws-sdk-core/param_validator.rb +7 -2
data/lib/aws-sdk-core/plugins/bearer_authorization.rb +2 -0
data/lib/aws-sdk-core/plugins/checksum_algorithm.rb +436 -201
data/lib/aws-sdk-core/plugins/client_metrics_plugin.rb +1 -1
data/lib/aws-sdk-core/plugins/client_metrics_send_plugin.rb +14 -2
data/lib/aws-sdk-core/plugins/credentials_configuration.rb +78 -56
data/lib/aws-sdk-core/plugins/endpoint_pattern.rb +40 -32
data/lib/aws-sdk-core/plugins/global_configuration.rb +8 -9
data/lib/aws-sdk-core/plugins/http_checksum.rb +3 -8
data/lib/aws-sdk-core/plugins/invocation_id.rb +1 -11
data/lib/aws-sdk-core/plugins/logging.rb +2 -0
data/lib/aws-sdk-core/plugins/protocols/api_gateway.rb +3 -1
data/lib/aws-sdk-core/plugins/protocols/ec2.rb +2 -24
data/lib/aws-sdk-core/plugins/protocols/json_rpc.rb +6 -8
data/lib/aws-sdk-core/plugins/protocols/query.rb +4 -2
data/lib/aws-sdk-core/plugins/protocols/rest_json.rb +3 -15
data/lib/aws-sdk-core/plugins/protocols/rest_xml.rb +3 -0
data/lib/aws-sdk-core/plugins/protocols/rpc_v2.rb +17 -0
data/lib/aws-sdk-core/plugins/regional_endpoint.rb +74 -25
data/lib/aws-sdk-core/plugins/request_compression.rb +11 -2
data/lib/aws-sdk-core/plugins/retries/clock_skew.rb +28 -16
data/lib/aws-sdk-core/plugins/retry_errors.rb +12 -3
data/lib/aws-sdk-core/plugins/sign.rb +55 -34
data/lib/aws-sdk-core/plugins/signature_v2.rb +2 -1
data/lib/aws-sdk-core/plugins/signature_v4.rb +2 -1
data/lib/aws-sdk-core/plugins/stub_responses.rb +59 -9
data/lib/aws-sdk-core/plugins/telemetry.rb +75 -0
data/lib/aws-sdk-core/plugins/transfer_encoding.rb +16 -9
data/lib/aws-sdk-core/plugins/user_agent.rb +103 -26
data/lib/aws-sdk-core/plugins.rb +39 -0
data/lib/aws-sdk-core/process_credentials.rb +48 -29
data/lib/aws-sdk-core/query/ec2_handler.rb +27 -0
data/lib/aws-sdk-core/query/ec2_param_builder.rb +5 -7
data/lib/aws-sdk-core/query/handler.rb +4 -4
data/lib/aws-sdk-core/query/param_builder.rb +2 -2
data/lib/aws-sdk-core/query.rb +2 -1
data/lib/aws-sdk-core/refreshing_credentials.rb +20 -17
data/lib/aws-sdk-core/resources.rb +8 -0
data/lib/aws-sdk-core/rest/content_type_handler.rb +60 -0
data/lib/aws-sdk-core/rest/handler.rb +3 -4
data/lib/aws-sdk-core/rest/request/body.rb +32 -5
data/lib/aws-sdk-core/rest/request/endpoint.rb +24 -4
data/lib/aws-sdk-core/rest/request/headers.rb +15 -7
data/lib/aws-sdk-core/rest/request/querystring_builder.rb +23 -11
data/lib/aws-sdk-core/rest/response/body.rb +15 -1
data/lib/aws-sdk-core/rest/response/header_list_parser.rb +79 -0
data/lib/aws-sdk-core/rest/response/headers.rb +8 -3
data/lib/aws-sdk-core/rest.rb +1 -0
data/lib/aws-sdk-core/rpc_v2/builder.rb +62 -0
data/lib/aws-sdk-core/rpc_v2/cbor_engine.rb +18 -0
data/lib/aws-sdk-core/rpc_v2/content_type_handler.rb +47 -0
data/lib/aws-sdk-core/rpc_v2/error_handler.rb +95 -0
data/lib/aws-sdk-core/rpc_v2/handler.rb +79 -0
data/lib/aws-sdk-core/rpc_v2/parser.rb +98 -0
data/lib/aws-sdk-core/rpc_v2.rb +69 -0
data/lib/aws-sdk-core/shared_config.rb +109 -22
data/lib/aws-sdk-core/shared_credentials.rb +1 -7
data/lib/aws-sdk-core/sso_credentials.rb +5 -2
data/lib/aws-sdk-core/static_token_provider.rb +1 -2
data/lib/aws-sdk-core/stubbing/protocols/ec2.rb +12 -11
data/lib/aws-sdk-core/stubbing/protocols/json.rb +11 -10
data/lib/aws-sdk-core/stubbing/protocols/query.rb +7 -6
data/lib/aws-sdk-core/stubbing/protocols/rest.rb +2 -1
data/lib/aws-sdk-core/stubbing/protocols/rest_json.rb +9 -8
data/lib/aws-sdk-core/stubbing/protocols/rest_xml.rb +6 -5
data/lib/aws-sdk-core/stubbing/protocols/rpc_v2.rb +39 -0
data/lib/aws-sdk-core/stubbing.rb +22 -0
data/lib/aws-sdk-core/telemetry/base.rb +177 -0
data/lib/aws-sdk-core/telemetry/no_op.rb +70 -0
data/lib/aws-sdk-core/telemetry/otel.rb +235 -0
data/lib/aws-sdk-core/telemetry/span_kind.rb +22 -0
data/lib/aws-sdk-core/telemetry/span_status.rb +59 -0
data/lib/aws-sdk-core/telemetry.rb +78 -0
data/lib/aws-sdk-core/token.rb +3 -3
data/lib/aws-sdk-core/token_provider.rb +4 -0
data/lib/aws-sdk-core/token_provider_chain.rb +2 -6
data/lib/aws-sdk-core/util.rb +41 -1
data/lib/aws-sdk-core/waiters/poller.rb +10 -5
data/lib/aws-sdk-core/xml/builder.rb +17 -9
data/lib/aws-sdk-core/xml/error_handler.rb +35 -43
data/lib/aws-sdk-core/xml/parser/frame.rb +4 -20
data/lib/aws-sdk-core/xml/parser/stack.rb +2 -0
data/lib/aws-sdk-core/xml/parser.rb +2 -6
data/lib/aws-sdk-core.rb +86 -107
data/lib/aws-sdk-signin/client.rb +604 -0
data/lib/aws-sdk-signin/client_api.rb +119 -0
data/lib/aws-sdk-signin/customizations.rb +1 -0
data/lib/aws-sdk-signin/endpoint_parameters.rb +69 -0
data/lib/aws-sdk-signin/endpoint_provider.rb +59 -0
data/lib/aws-sdk-signin/endpoints.rb +20 -0
data/lib/aws-sdk-signin/errors.rb +122 -0
data/lib/aws-sdk-signin/plugins/endpoints.rb +77 -0
data/lib/aws-sdk-signin/resource.rb +26 -0
data/lib/aws-sdk-signin/types.rb +299 -0
data/lib/aws-sdk-signin.rb +63 -0
data/lib/aws-sdk-sso/client.rb +189 -96
data/lib/aws-sdk-sso/client_api.rb +7 -0
data/lib/aws-sdk-sso/endpoint_parameters.rb +13 -10
data/lib/aws-sdk-sso/endpoint_provider.rb +16 -20
data/lib/aws-sdk-sso/endpoints.rb +2 -54
data/lib/aws-sdk-sso/plugins/endpoints.rb +23 -22
data/lib/aws-sdk-sso/types.rb +1 -0
data/lib/aws-sdk-sso.rb +15 -11
data/lib/aws-sdk-ssooidc/client.rb +609 -129
data/lib/aws-sdk-ssooidc/client_api.rb +94 -1
data/lib/aws-sdk-ssooidc/endpoint_parameters.rb +13 -10
data/lib/aws-sdk-ssooidc/endpoint_provider.rb +16 -20
data/lib/aws-sdk-ssooidc/endpoints.rb +2 -40
data/lib/aws-sdk-ssooidc/errors.rb +62 -0
data/lib/aws-sdk-ssooidc/plugins/endpoints.rb +23 -20
data/lib/aws-sdk-ssooidc/types.rb +419 -53
data/lib/aws-sdk-ssooidc.rb +15 -11
data/lib/aws-sdk-sts/client.rb +537 -156
data/lib/aws-sdk-sts/client_api.rb +108 -8
data/lib/aws-sdk-sts/customizations.rb +5 -2
data/lib/aws-sdk-sts/endpoint_parameters.rb +15 -14
data/lib/aws-sdk-sts/endpoint_provider.rb +52 -57
data/lib/aws-sdk-sts/endpoints.rb +2 -118
data/lib/aws-sdk-sts/errors.rb +79 -0
data/lib/aws-sdk-sts/plugins/endpoints.rb +23 -30
data/lib/aws-sdk-sts/presigner.rb +3 -7
data/lib/aws-sdk-sts/types.rb +361 -35
data/lib/aws-sdk-sts.rb +15 -11
data/lib/seahorse/client/async_base.rb +4 -5
data/lib/seahorse/client/async_response.rb +19 -0
data/lib/seahorse/client/base.rb +18 -21
data/lib/seahorse/client/h2/connection.rb +18 -28
data/lib/seahorse/client/h2/handler.rb +19 -3
data/lib/seahorse/client/handler.rb +1 -1
data/lib/seahorse/client/http/response.rb +1 -1
data/lib/seahorse/client/net_http/connection_pool.rb +15 -12
data/lib/seahorse/client/net_http/handler.rb +21 -9
data/lib/seahorse/client/net_http/patches.rb +44 -14
data/lib/seahorse/client/networking_error.rb +1 -1
data/lib/seahorse/client/plugin.rb +9 -0
data/lib/seahorse/client/plugins/endpoint.rb +0 -1
data/lib/seahorse/client/plugins/h2.rb +4 -4
data/lib/seahorse/client/plugins/net_http.rb +57 -16
data/lib/seahorse/client/request_context.rb +9 -2
data/lib/seahorse/client/response.rb +2 -0
data/lib/seahorse/model/shapes.rb +2 -2
data/lib/seahorse/util.rb +2 -1
data/sig/aws-sdk-core/async_client_stubs.rbs +21 -0
data/sig/aws-sdk-core/client_stubs.rbs +10 -0
data/sig/aws-sdk-core/errors.rbs +22 -0
data/sig/aws-sdk-core/resources/collection.rbs +21 -0
data/sig/aws-sdk-core/structure.rbs +4 -0
data/sig/aws-sdk-core/telemetry/base.rbs +46 -0
data/sig/aws-sdk-core/telemetry/otel.rbs +22 -0
data/sig/aws-sdk-core/telemetry/span_kind.rbs +15 -0
data/sig/aws-sdk-core/telemetry/span_status.rbs +24 -0
data/sig/aws-sdk-core/waiters/errors.rbs +20 -0
data/sig/aws-sdk-core.rbs +7 -0
data/sig/seahorse/client/async_base.rbs +18 -0
data/sig/seahorse/client/base.rbs +25 -0
data/sig/seahorse/client/handler_builder.rbs +16 -0
data/sig/seahorse/client/response.rbs +61 -0
metadata +117 -23
/data/lib/aws-sdk-core/xml/parser/{engines/libxml.rb → libxml_engine.rb} +0 -0
/data/lib/aws-sdk-core/xml/parser/{engines/nokogiri.rb → nokogiri_engine.rb} +0 -0
/data/lib/aws-sdk-core/xml/parser/{engines/oga.rb → oga_engine.rb} +0 -0
/data/lib/aws-sdk-core/xml/parser/{engines/ox.rb → ox_engine.rb} +0 -0
/data/lib/aws-sdk-core/xml/parser/{engines/rexml.rb → rexml_engine.rb} +0 -0

data/lib/aws-sdk-core/plugins/regional_endpoint.rb CHANGED Viewed

@@ -20,16 +20,31 @@ a default `:region` is searched for in the following locations:
 * `ENV['AWS_DEFAULT_REGION']`
 * `~/.aws/credentials`
 * `~/.aws/config`
-        DOCS
+             DOCS
         resolve_region(cfg)
       end
+      option(:sigv4a_signing_region_set,
+             doc_type: Array,
+             rbs_type: 'Array[String]',
+             docstring: <<-DOCS) do |cfg|
+A list of regions that should be signed with SigV4a signing. When
+not passed, a default `:sigv4a_signing_region_set` is searched for
+in the following locations:
+* `Aws.config[:sigv4a_signing_region_set]`
+* `ENV['AWS_SIGV4A_SIGNING_REGION_SET']`
+* `~/.aws/config`
+             DOCS
+        resolve_sigv4a_signing_region_set(cfg)
+      end
       option(:use_dualstack_endpoint,
         doc_type: 'Boolean',
         docstring: <<-DOCS) do |cfg|
 When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
 will be used if available.
-        DOCS
+             DOCS
         resolve_use_dualstack_endpoint(cfg)
       end
@@ -39,7 +54,7 @@ will be used if available.
 When set to `true`, fips compatible endpoints will be used if available.
 When a `fips` region is used, the region is normalized and this config
 is set to `true`.
-        DOCS
+             DOCS
         resolve_use_fips_endpoint(cfg)
       end
@@ -52,7 +67,7 @@ is set to `true`.
         docstring: <<-DOCS) do |cfg|
 Setting to true disables use of endpoint URLs provided via environment
 variables and the shared configuration file.
-        DOCS
+             DOCS
         resolve_ignore_configured_endpoint_urls(cfg)
       end
@@ -60,14 +75,58 @@ variables and the shared configuration file.
 The client endpoint is normally constructed from the `:region`
 option. You should only configure an `:endpoint` when connecting
 to test or custom endpoints. This should be a valid HTTP(S) URI.
-        DOCS
+      DOCS
         resolve_endpoint(cfg)
       end
       def after_initialize(client)
-        if client.config.region.nil? || client.config.region == ''
-          raise Errors::MissingRegionError
+        region = client.config.region
+        raise Errors::MissingRegionError if region.nil? || region == ''
+        # resolve a default endpoint to preserve legacy behavior
+        initialize_default_endpoint(client) if client.config.endpoint.nil?
+        region_set = client.config.sigv4a_signing_region_set
+        return if region_set.nil?
+        raise Errors::InvalidRegionSetError unless region_set.is_a?(Array)
+        region_set = region_set.compact.reject(&:empty?)
+        raise Errors::InvalidRegionSetError if region_set.empty?
+        client.config.sigv4a_signing_region_set = region_set
+      end
+      private
+      def initialize_default_endpoint(client)
+        client_module = Object.const_get(client.class.name.rpartition('::').first)
+        param_class = client_module.const_get(:EndpointParameters)
+        endpoint_provider = client.config.endpoint_provider
+        params = param_class.create(client.config)
+        endpoint = endpoint_provider.resolve_endpoint(params)
+        client.config.endpoint = endpoint.url
+      rescue ArgumentError, NameError
+        # fallback to legacy
+        client.config.endpoint = resolve_legacy_endpoint(client.config)
+      end
+      # set a default endpoint in config using legacy (endpoints.json) resolver
+      def resolve_legacy_endpoint(cfg)
+        endpoint_prefix = cfg.api.metadata['endpointPrefix']
+        if cfg.respond_to?(:sts_regional_endpoints)
+          sts_regional = cfg.sts_regional_endpoints
         end
+        endpoint = Aws::Partitions::EndpointProvider.resolve(
+          cfg.region,
+          endpoint_prefix,
+          sts_regional,
+          {
+            dualstack: cfg.use_dualstack_endpoint,
+            fips: cfg.use_fips_endpoint
+          }
+        )
+        URI(endpoint)
       end
       class << self
@@ -81,6 +140,12 @@ to test or custom endpoints. This should be a valid HTTP(S) URI.
           env_region || cfg_region
         end
+        def resolve_sigv4a_signing_region_set(cfg)
+          value = ENV['AWS_SIGV4A_SIGNING_REGION_SET']
+          value ||= Aws.shared_config.sigv4a_signing_region_set(profile: cfg.profile)
+          value.split(',') if value
+        end
         def resolve_use_dualstack_endpoint(cfg)
           value = ENV['AWS_USE_DUALSTACK_ENDPOINT']
           value ||= Aws.shared_config.use_dualstack_endpoint(
@@ -121,7 +186,8 @@ to test or custom endpoints. This should be a valid HTTP(S) URI.
           # that a custom endpoint has NOT been configured by the user
           cfg.override_config(:regional_endpoint, true)
-          resolve_legacy_endpoint(cfg)
+          # a default endpoint is resolved in after_initialize
+          nil
         end
         # get a custom configured endpoint from ENV or configuration
@@ -176,23 +242,6 @@ to test or custom endpoints. This should be a valid HTTP(S) URI.
             cfg.override_config(:region, new_region)
           end
         end
-        # set a default endpoint in config using legacy (endpoints.json) resolver
-        def resolve_legacy_endpoint(cfg)
-          endpoint_prefix = cfg.api.metadata['endpointPrefix']
-          if cfg.respond_to?(:sts_regional_endpoints)
-            sts_regional = cfg.sts_regional_endpoints
-          end
-          Aws::Partitions::EndpointProvider.resolve(
-            cfg.region,
-            endpoint_prefix,
-            sts_regional,
-            {
-              dualstack: cfg.use_dualstack_endpoint,
-              fips: cfg.use_fips_endpoint
-            }
-          )
-        end
       end
     end
   end

data/lib/aws-sdk-core/plugins/request_compression.rb CHANGED Viewed

@@ -91,11 +91,20 @@ and 10485780 bytes inclusive.
               end
             end
           end
-          @handler.call(context)
+          with_metric(selected_encoding) { @handler.call(context) }
         end
         private
+        def with_metric(encoding, &block)
+          case encoding
+          when 'gzip'
+            Aws::Plugins::UserAgent.metric('GZIP_REQUEST_COMPRESSION', &block)
+          else
+            block.call
+          end
+        end
         def request_encoding_selection(context)
           encoding_list = context.operation.request_compression['encodings']
           encoding_list.find { |encoding| RequestCompression::SUPPORTED_ENCODINGS.include?(encoding) }
@@ -104,7 +113,7 @@ and 10485780 bytes inclusive.
         def update_content_encoding(encoding, context)
           headers = context.http_request.headers
           if headers['Content-Encoding']
-            headers['Content-Encoding'] += ',' + encoding
+            headers['Content-Encoding'] += ", #{encoding}"
           else
             headers['Content-Encoding'] = encoding
           end

data/lib/aws-sdk-core/plugins/retries/clock_skew.rb CHANGED Viewed

@@ -3,10 +3,8 @@
 module Aws
   module Plugins
     module Retries
       # @api private
       class ClockSkew
         CLOCK_SKEW_THRESHOLD = 5 * 60 # five minutes
         def initialize
@@ -22,9 +20,9 @@ module Aws
         end
         # Gets the clock_correction in seconds to apply to a given endpoint
-        # @param endpoint [URI / String]
+        # @param endpoint [URI, String]
         def clock_correction(endpoint)
-          @mutex.synchronize { @endpoint_clock_corrections[endpoint.to_s] }
+          @mutex.synchronize { @endpoint_clock_corrections[normalized_endpoint(endpoint)] }
         end
         # The estimated skew factors in any clock skew from
@@ -35,7 +33,7 @@ module Aws
         # Estimated Skew should not be used to correct clock skew errors
         # it should only be used to estimate TTL for a request
         def estimated_skew(endpoint)
-          @mutex.synchronize { @endpoint_estimated_skews[endpoint.to_s] }
+          @mutex.synchronize { @endpoint_estimated_skews[normalized_endpoint(endpoint)] }
         end
         # Determines whether a request has clock skew by comparing
@@ -55,9 +53,9 @@ module Aws
           endpoint = context.http_request.endpoint
           now_utc = Time.now.utc
           server_time = server_time(context.http_response)
-          if server_time && (now_utc - server_time).abs > CLOCK_SKEW_THRESHOLD
-            set_clock_correction(endpoint, server_time - now_utc)
-          end
+          return unless server_time && (now_utc - server_time).abs > CLOCK_SKEW_THRESHOLD
+          set_clock_correction(normalized_endpoint(endpoint), server_time - now_utc)
         end
         # Called for every request
@@ -69,20 +67,35 @@ module Aws
           now_utc = Time.now.utc
           server_time = server_time(context.http_response)
           return unless server_time
           @mutex.synchronize do
-            @endpoint_estimated_skews[endpoint.to_s] = server_time - now_utc
+            @endpoint_estimated_skews[normalized_endpoint(endpoint)] = server_time - now_utc
           end
         end
         private
+        ##
+        # @param endpoint [URI, String]
+        #     the endpoint to normalize
+        #
+        # @return [String]
+        #     the endpoint's schema, host, and port - without any path or query arguments
+        def normalized_endpoint(endpoint)
+          uri = endpoint.is_a?(URI::Generic) ? endpoint : URI(endpoint.to_s)
+          return endpoint.to_s unless uri.scheme && uri.host
+          "#{uri.scheme}://#{uri.host}:#{uri.port}"
+        rescue URI::InvalidURIError
+          endpoint.to_s
+        end
         # @param response [Seahorse::Client::Http::Response:]
         def server_time(response)
-          begin
-            Time.parse(response.headers['date']).utc
-          rescue
-            nil
-          end
+          Time.parse(response.headers['date']).utc
+        rescue StandardError
+          nil
         end
         # Sets the clock correction for an endpoint
@@ -90,11 +103,10 @@ module Aws
         # @param correction [Number]
         def set_clock_correction(endpoint, correction)
           @mutex.synchronize do
-            @endpoint_clock_corrections[endpoint.to_s] = correction
+            @endpoint_clock_corrections[normalized_endpoint(endpoint)] = correction
           end
         end
       end
     end
   end
 end

data/lib/aws-sdk-core/plugins/retry_errors.rb CHANGED Viewed

@@ -73,6 +73,7 @@ is only used in the `legacy` retry mode.
         :retry_jitter,
         default: :none,
         doc_type: Symbol,
+        rbs_type: '(:none | :equal | :full | ^(Integer) -> Integer)',
         docstring: <<-DOCS)
 A delay randomiser function used by the default backoff function.
 Some predefined functions can be referenced by name - :none, :equal, :full,
@@ -97,6 +98,7 @@ This option is only used in the `legacy` retry mode.
         :retry_mode,
         default: 'legacy',
         doc_type: String,
+        rbs_type: '("legacy" | "standard" | "adaptive")',
         docstring: <<-DOCS) do |cfg|
 Specifies which retry algorithm to use. Values are:
@@ -111,7 +113,6 @@ Specifies which retry algorithm to use. Values are:
   functionality of `standard` mode along with automatic client side
   throttling.  This is a provisional mode that may change behavior
   in the future.
         DOCS
         resolve_retry_mode(cfg)
       end
@@ -233,7 +234,7 @@ a clock skew correction and retry requests with skewed client clocks.
           get_send_token(config)
           add_retry_headers(context)
-          response = @handler.call(context)
+          response = with_metric(config.retry_mode) { @handler.call(context) }
           error_inspector = Retries::ErrorInspector.new(
             response.error, response.context.http_response.status_code
           )
@@ -270,6 +271,10 @@ a clock skew correction and retry requests with skewed client clocks.
         private
+        def with_metric(retry_mode, &block)
+          Aws::Plugins::UserAgent.metric("RETRY_MODE_#{retry_mode.upcase}", &block)
+        end
         def get_send_token(config)
           # either fail fast or block until a token becomes available
           # must be configurable
@@ -357,7 +362,7 @@ a clock skew correction and retry requests with skewed client clocks.
       class LegacyHandler < Seahorse::Client::Handler
         def call(context)
-          response = @handler.call(context)
+          response = with_metric { @handler.call(context) }
           if response.error
             error_inspector = Retries::ErrorInspector.new(
               response.error, response.context.http_response.status_code
@@ -376,6 +381,10 @@ a clock skew correction and retry requests with skewed client clocks.
         private
+        def with_metric(&block)
+          Aws::Plugins::UserAgent.metric('RETRY_MODE_LEGACY', &block)
+        end
         def retry_if_possible(response, error_inspector)
           context = response.context
           if should_retry?(context, error_inspector)

data/lib/aws-sdk-core/plugins/sign.rb CHANGED Viewed

@@ -13,10 +13,6 @@ module Aws
       option(:sigv4_region)
       option(:unsigned_operations, default: [])
-      supported_auth_types = %w[sigv4 bearer none]
-      supported_auth_types += ['sigv4a'] if Aws::Sigv4::Signer.use_crt?
-      SUPPORTED_AUTH_TYPES = supported_auth_types.freeze
       def add_handlers(handlers, cfg)
         operations = cfg.api.operation_names - cfg.unsigned_operations
         handlers.add(Handler, step: :sign, operations: operations)
@@ -24,12 +20,16 @@ module Aws
       # @api private
       # Return a signer with the `sign(context)` method
-      def self.signer_for(auth_scheme, config, region_override = nil)
+      def self.signer_for(auth_scheme, config, sigv4_region_override = nil, sigv4_credentials_override = nil)
         case auth_scheme['name']
-        when 'sigv4', 'sigv4a'
-          SignatureV4.new(auth_scheme, config, region_override)
+        when 'sigv4', 'sigv4a', 'sigv4-s3express'
+          sigv4_overrides = {
+            region: sigv4_region_override,
+            credentials: sigv4_credentials_override
+          }
+          SignatureV4.new(auth_scheme, config, sigv4_overrides)
         when 'bearer'
-          Bearer.new
+          Bearer.new(config)
         else
           NullSigner.new
         end
@@ -42,15 +42,27 @@ module Aws
             signer = Sign.signer_for(
               context[:auth_scheme],
               context.config,
-              context[:sigv4_region]
+              context[:sigv4_region],
+              context[:sigv4_credentials]
             )
             signer.sign(context)
           end
-          @handler.call(context)
+          with_metrics(signer) { @handler.call(context) }
         end
         private
+        def with_metrics(signer, &block)
+          case signer
+          when SignatureV4
+            Aws::Plugins::UserAgent.metric(*signer.credentials.metrics, &block)
+          when Bearer
+            Aws::Plugins::UserAgent.metric(*signer.token_provider.metrics, &block)
+          else
+            block.call
+          end
+        end
         def v2_signing?(config)
           # 's3' is legacy signing, 'v4' is default
           config.respond_to?(:signature_version) &&
@@ -60,21 +72,19 @@ module Aws
       # @api private
       class Bearer
-        def initialize
+        def initialize(config)
+          @token_provider = config.token_provider
         end
+        attr_reader :token_provider
         def sign(context)
           if context.http_request.endpoint.scheme != 'https'
-            raise ArgumentError,
-                  'Unable to use bearer authorization on non https endpoint.'
+            raise ArgumentError, 'Unable to use bearer authorization on non https endpoint.'
           end
+          raise Errors::MissingBearerTokenError unless @token_provider && @token_provider.set?
-          token_provider = context.config.token_provider
-          raise Errors::MissingBearerTokenError unless token_provider&.set?
-          context.http_request.headers['Authorization'] =
-            "Bearer #{token_provider.token.token}"
+          context.http_request.headers['Authorization'] = "Bearer #{@token_provider.token.token}"
         end
         def presign_url(*args)
@@ -88,34 +98,33 @@ module Aws
       # @api private
       class SignatureV4
-        def initialize(auth_scheme, config, region_override = nil)
+        def initialize(auth_scheme, config, sigv4_overrides = {})
           scheme_name = auth_scheme['name']
-          unless %w[sigv4 sigv4a].include?(scheme_name)
-            raise ArgumentError,
-                  "Expected sigv4 or sigv4a auth scheme, got #{scheme_name}"
+          unless %w[sigv4 sigv4a sigv4-s3express].include?(scheme_name)
+            raise ArgumentError, "Expected sigv4, sigv4a, or sigv4-s3express auth scheme, got #{scheme_name}"
           end
           region = if scheme_name == 'sigv4a'
-                     auth_scheme['signingRegionSet'].first
+                     auth_scheme['signingRegionSet'].join(',')
                    else
                      auth_scheme['signingRegion']
                    end
           begin
-            @signer = Aws::Sigv4::Signer.new(
+            @signer = config.sigv4_signer || Aws::Sigv4::Signer.new(
               service: config.sigv4_name || auth_scheme['signingName'],
-              region: region_override || config.sigv4_region || region,
-              credentials_provider: config.credentials,
+              region: sigv4_overrides[:region] || config.sigv4_region || region,
+              credentials_provider: sigv4_overrides[:credentials] || config.credentials,
               signing_algorithm: scheme_name.to_sym,
-              uri_escape_path: !!!auth_scheme['disableDoubleEncoding'],
-              normalize_path: !!!auth_scheme['disableNormalizePath'],
-              unsigned_headers: %w[content-length user-agent x-amzn-trace-id]
+              uri_escape_path: !auth_scheme['disableDoubleEncoding'],
+              normalize_path: !auth_scheme['disableNormalizePath'],
+              unsigned_headers: %w[content-length user-agent x-amzn-trace-id expect transfer-encoding connection]
             )
           rescue Aws::Sigv4::Errors::MissingCredentialsError
             raise Aws::Errors::MissingCredentialsError
           end
         end
+        attr_reader :signer
         def sign(context)
           req = context.http_request
@@ -151,15 +160,27 @@ module Aws
           @signer.sign_event(*args)
         end
+        def credentials
+          @signer.credentials_provider
+        end
         private
         def apply_authtype(context, req)
-          if context.operation['authtype'].eql?('v4-unsigned-body') &&
-             req.endpoint.scheme.eql?('https')
+          # only used for event streaming at input
+          if context[:input_event_emitter]
+            req.headers['X-Amz-Content-Sha256'] = 'STREAMING-AWS4-HMAC-SHA256-EVENTS'
+          elsif unsigned_payload?(context, req)
             req.headers['X-Amz-Content-Sha256'] ||= 'UNSIGNED-PAYLOAD'
           end
         end
+        def unsigned_payload?(context, req)
+          (context.operation['unsignedPayload'] ||
+            context.operation['authtype'] == 'v4-unsigned-body') &&
+            req.endpoint.scheme == 'https'
+        end
         def reset_signature(req)
           # in case this request is being re-signed
           req.headers.delete('Authorization')

data/lib/aws-sdk-core/plugins/signature_v2.rb CHANGED Viewed

@@ -3,7 +3,8 @@
 module Aws
   module Plugins
     # @api private
-    # Necessary to keep after Endpoints 2.0
+    # Deprecated - does not look at new traits like `auth` and `unsignedPayload`
+    # Necessary to exist after endpoints 2.0 for old service clients + new core
     class SignatureV2 < Seahorse::Client::Plugin
       option(:v2_signer) do |cfg|

data/lib/aws-sdk-core/plugins/signature_v4.rb CHANGED Viewed

@@ -5,7 +5,8 @@ require 'aws-sigv4'
 module Aws
   module Plugins
     # @api private
-    # Necessary to exist after endpoints 2.0
+    # Deprecated - does not look at new traits like `auth` and `unsignedPayload`
+    # Necessary to exist after endpoints 2.0 for old service clients + new core
     class SignatureV4 < Seahorse::Client::Plugin
       V4_AUTH = %w[v4 v4-unsigned-payload v4-unsigned-body]

data/lib/aws-sdk-core/plugins/stub_responses.rb CHANGED Viewed

@@ -8,6 +8,7 @@ module Aws
       option(:stub_responses,
         default: false,
         doc_type: 'Boolean',
+        rbs_type: 'untyped',
         docstring: <<-DOCS)
 Causes the client to return stubbed responses. By default
 fake responses are generated and returned. You can specify
@@ -28,8 +29,22 @@ requests are made, and retries are disabled.
         end
       end
+      option(:token_provider) do |config|
+        if config.stub_responses
+          StaticTokenProvider.new('stubbed-token')
+        end
+      end
+      option(:stubs) { {} }
+      option(:stubs_mutex) { Mutex.new }
+      option(:api_requests) { [] }
+      option(:api_requests_mutex) { Mutex.new }
       def add_handlers(handlers, config)
-        handlers.add(Handler, step: :send) if config.stub_responses
+        return unless config.stub_responses
+        handlers.add(ApiRequestsHandler)
+        handlers.add(StubbingHandler, step: :send)
       end
       def after_initialize(client)
@@ -45,20 +60,43 @@ requests are made, and retries are disabled.
         end
       end
-      class Handler < Seahorse::Client::Handler
+      class ApiRequestsHandler < Seahorse::Client::Handler
+        def call(context)
+          context.config.api_requests_mutex.synchronize do
+            context.config.api_requests << {
+              operation_name: context.operation_name,
+              params: context.params,
+              context: context
+            }
+          end
+          @handler.call(context)
+        end
+      end
+      class StubbingHandler < Seahorse::Client::Handler
         def call(context)
-          stub = context.client.next_stub(context)
+          span_wrapper(context) do
+            stub_responses(context)
+          end
+        end
+        private
+        def stub_responses(context)
           resp = Seahorse::Client::Response.new(context: context)
           async_mode = context.client.is_a? Seahorse::Client::AsyncBase
-          if Hash === stub && stub[:mutex]
-            stub[:mutex].synchronize { apply_stub(stub, resp, async_mode) }
+          stub = context.client.next_stub(context)
+          stub[:mutex].synchronize { apply_stub(stub, resp, async_mode) }
+          if async_mode
+            Seahorse::Client::AsyncResponse.new(
+              context: context,
+              stream: context[:input_event_stream_handler].event_emitter.stream,
+              sync_queue: Queue.new
+            )
           else
-            apply_stub(stub, resp, async_mode)
+            resp
           end
-          async_mode ? Seahorse::Client::AsyncResponse.new(
-            context: context, stream: context[:input_event_stream_handler].event_emitter.stream, sync_queue: Queue.new) : resp
         end
         def apply_stub(stub, response, async_mode = false)
@@ -98,6 +136,18 @@ requests are made, and retries are disabled.
           http_resp.signal_done
         end
+        def span_wrapper(context, &block)
+          context.tracer.in_span(
+            'Handler.StubResponses',
+            attributes: Aws::Telemetry.http_request_attrs(context)
+          ) do |span|
+            block.call.tap do
+              span.add_attributes(
+                Aws::Telemetry.http_response_attrs(context)
+              )
+            end
+          end
+        end
       end
     end
   end