aws-sdk-core 3.190.2 → 3.240.0

data/lib/aws-sdk-sts/endpoints.rb

@@ -12,125 +12,9 @@ module Aws::STS
   # @api private
   module Endpoints
 
-    class AssumeRole
-      def self.build(context)
-        unless context.config.regional_endpoint
-          endpoint = context.config.endpoint.to_s
-        end
-        Aws::STS::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: endpoint,
-          use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
-        )
-      end
-    end
-
-    class AssumeRoleWithSAML
-      def self.build(context)
-        unless context.config.regional_endpoint
-          endpoint = context.config.endpoint.to_s
-        end
-        Aws::STS::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: endpoint,
-          use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
-        )
-      end
-    end
-
-    class AssumeRoleWithWebIdentity
-      def self.build(context)
-        unless context.config.regional_endpoint
-          endpoint = context.config.endpoint.to_s
-        end
-        Aws::STS::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: endpoint,
-          use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
-        )
-      end
-    end
-
-    class DecodeAuthorizationMessage
-      def self.build(context)
-        unless context.config.regional_endpoint
-          endpoint = context.config.endpoint.to_s
-        end
-        Aws::STS::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: endpoint,
-          use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
-        )
-      end
-    end
 
-    class GetAccessKeyInfo
-      def self.build(context)
-        unless context.config.regional_endpoint
-          endpoint = context.config.endpoint.to_s
-        end
-        Aws::STS::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: endpoint,
-          use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
-        )
-      end
+    def self.parameters_for_operation(context)
+      Aws::STS::EndpointParameters.create(context.config)
     end
-
-    class GetCallerIdentity
-      def self.build(context)
-        unless context.config.regional_endpoint
-          endpoint = context.config.endpoint.to_s
-        end
-        Aws::STS::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: endpoint,
-          use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
-        )
-      end
-    end
-
-    class GetFederationToken
-      def self.build(context)
-        unless context.config.regional_endpoint
-          endpoint = context.config.endpoint.to_s
-        end
-        Aws::STS::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: endpoint,
-          use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
-        )
-      end
-    end
-
-    class GetSessionToken
-      def self.build(context)
-        unless context.config.regional_endpoint
-          endpoint = context.config.endpoint.to_s
-        end
-        Aws::STS::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: endpoint,
-          use_global_endpoint: context.config.sts_regional_endpoints == 'legacy',
-        )
-      end
-    end
-
   end
 end

data/lib/aws-sdk-sts/errors.rb

@@ -28,13 +28,22 @@ module Aws::STS
   #
   # ## Error Classes
   # * {ExpiredTokenException}
+  # * {ExpiredTradeInTokenException}
   # * {IDPCommunicationErrorException}
+  #    * This error class is not used. `IDPCommunicationError` is used during parsing instead.
   # * {IDPRejectedClaimException}
+  #    * This error class is not used. `IDPRejectedClaim` is used during parsing instead.
   # * {InvalidAuthorizationMessageException}
   # * {InvalidIdentityTokenException}
+  #    * This error class is not used. `InvalidIdentityToken` is used during parsing instead.
+  # * {JWTPayloadSizeExceededException}
   # * {MalformedPolicyDocumentException}
+  #    * This error class is not used. `MalformedPolicyDocument` is used during parsing instead.
+  # * {OutboundWebIdentityFederationDisabledException}
   # * {PackedPolicyTooLargeException}
+  #    * This error class is not used. `PackedPolicyTooLarge` is used during parsing instead.
   # * {RegionDisabledException}
+  # * {SessionDurationEscalationException}
   #
   # Additionally, error classes are dynamically generated for service errors based on the error code
   # if they are not defined above.
@@ -57,6 +66,23 @@ module Aws::STS
       end
     end
 
+    class ExpiredTradeInTokenException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::STS::Types::ExpiredTradeInTokenException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+
+    # @deprecated This error class is not used during parsing.
+    #   Please use `IDPCommunicationError` instead.
     class IDPCommunicationErrorException < ServiceError
 
       # @param [Seahorse::Client::RequestContext] context
@@ -72,6 +98,8 @@ module Aws::STS
       end
     end
 
+    # @deprecated This error class is not used during parsing.
+    #   Please use `IDPRejectedClaim` instead.
     class IDPRejectedClaimException < ServiceError
 
       # @param [Seahorse::Client::RequestContext] context
@@ -102,6 +130,8 @@ module Aws::STS
       end
     end
 
+    # @deprecated This error class is not used during parsing.
+    #   Please use `InvalidIdentityToken` instead.
     class InvalidIdentityTokenException < ServiceError
 
       # @param [Seahorse::Client::RequestContext] context
@@ -117,6 +147,23 @@ module Aws::STS
       end
     end
 
+    class JWTPayloadSizeExceededException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::STS::Types::JWTPayloadSizeExceededException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+
+    # @deprecated This error class is not used during parsing.
+    #   Please use `MalformedPolicyDocument` instead.
     class MalformedPolicyDocumentException < ServiceError
 
       # @param [Seahorse::Client::RequestContext] context
@@ -132,6 +179,23 @@ module Aws::STS
       end
     end
 
+    class OutboundWebIdentityFederationDisabledException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::STS::Types::OutboundWebIdentityFederationDisabledException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+
+    # @deprecated This error class is not used during parsing.
+    #   Please use `PackedPolicyTooLarge` instead.
     class PackedPolicyTooLargeException < ServiceError
 
       # @param [Seahorse::Client::RequestContext] context
@@ -162,5 +226,20 @@ module Aws::STS
       end
     end
 
+    class SessionDurationEscalationException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::STS::Types::SessionDurationEscalationException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+
   end
 end

data/lib/aws-sdk-sts/plugins/endpoints.rb

@@ -14,11 +14,12 @@ module Aws::STS
       option(
         :endpoint_provider,
         doc_type: 'Aws::STS::EndpointProvider',
-        docstring: 'The endpoint provider used to resolve endpoints. Any '\
-                   'object that responds to `#resolve_endpoint(parameters)` '\
-                   'where `parameters` is a Struct similar to '\
-                   '`Aws::STS::EndpointParameters`'
-      ) do |cfg|
+        rbs_type: 'untyped',
+        docstring: <<~DOCS) do |_cfg|
+The endpoint provider used to resolve endpoints. Any object that responds to
+`#resolve_endpoint(parameters)` where `parameters` is a Struct similar to
+`Aws::STS::EndpointParameters`.
+        DOCS
         Aws::STS::EndpointProvider.new
       end
 
@@ -26,7 +27,7 @@ module Aws::STS
       class Handler < Seahorse::Client::Handler
         def call(context)
           unless context[:discovered_endpoint]
-            params = parameters_for_operation(context)
+            params = Aws::STS::Endpoints.parameters_for_operation(context)
             endpoint = context.config.endpoint_provider.resolve_endpoint(params)
 
             context.http_request.endpoint = endpoint.url
@@ -39,11 +40,23 @@ module Aws::STS
           context[:auth_scheme] =
             Aws::Endpoints.resolve_auth_scheme(context, endpoint)
 
-          @handler.call(context)
+          with_metrics(context) { @handler.call(context) }
         end
 
         private
 
+        def with_metrics(context, &block)
+          metrics = []
+          metrics << 'ENDPOINT_OVERRIDE' unless context.config.regional_endpoint
+          if context[:auth_scheme] && context[:auth_scheme]['name'] == 'sigv4a'
+            metrics << 'SIGV4A_SIGNING'
+          end
+          if context.config.credentials&.credentials&.account_id
+            metrics << 'RESOLVED_ACCOUNT_ID'
+          end
+          Aws::Plugins::UserAgent.metric(*metrics, &block)
+        end
+
         def apply_endpoint_headers(context, headers)
           headers.each do |key, values|
             value = values
@@ -54,27 +67,6 @@ module Aws::STS
             context.http_request.headers[key] = value
           end
         end
-
-        def parameters_for_operation(context)
-          case context.operation_name
-          when :assume_role
-            Aws::STS::Endpoints::AssumeRole.build(context)
-          when :assume_role_with_saml
-            Aws::STS::Endpoints::AssumeRoleWithSAML.build(context)
-          when :assume_role_with_web_identity
-            Aws::STS::Endpoints::AssumeRoleWithWebIdentity.build(context)
-          when :decode_authorization_message
-            Aws::STS::Endpoints::DecodeAuthorizationMessage.build(context)
-          when :get_access_key_info
-            Aws::STS::Endpoints::GetAccessKeyInfo.build(context)
-          when :get_caller_identity
-            Aws::STS::Endpoints::GetCallerIdentity.build(context)
-          when :get_federation_token
-            Aws::STS::Endpoints::GetFederationToken.build(context)
-          when :get_session_token
-            Aws::STS::Endpoints::GetSessionToken.build(context)
-          end
-        end
       end
 
       def add_handlers(handlers, _config)

data/lib/aws-sdk-sts/presigner.rb

@@ -53,13 +53,9 @@ module Aws
           use_fips: context.config.use_fips_endpoint,
           use_global_endpoint: context.config.sts_regional_endpoints == 'legacy'
         )
-        endpoint = context.config.endpoint_provider
-                          .resolve_endpoint(endpoint_params)
+        endpoint = context.config.endpoint_provider.resolve_endpoint(endpoint_params)
         auth_scheme = Aws::Endpoints.resolve_auth_scheme(context, endpoint)
-
-        signer = Aws::Plugins::Sign.signer_for(
-          auth_scheme, context.config
-        )
+        signer = Aws::Plugins::Sign.signer_for(auth_scheme, context.config)
 
         signer.presign_url(
           http_method: 'GET',