aws-sdk-core 3.191.1 → 3.229.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +539 -1
- data/VERSION +1 -1
- data/lib/aws-defaults/default_configuration.rb +1 -2
- data/lib/aws-defaults.rb +4 -1
- data/lib/aws-sdk-core/arn.rb +1 -3
- data/lib/aws-sdk-core/assume_role_credentials.rb +13 -5
- data/lib/aws-sdk-core/assume_role_web_identity_credentials.rb +14 -7
- data/lib/aws-sdk-core/binary/decode_handler.rb +3 -9
- data/lib/aws-sdk-core/binary/encode_handler.rb +1 -1
- data/lib/aws-sdk-core/binary/event_builder.rb +34 -37
- data/lib/aws-sdk-core/binary/event_stream_decoder.rb +1 -0
- data/lib/aws-sdk-core/binary/event_stream_encoder.rb +4 -3
- data/lib/aws-sdk-core/cbor/decoder.rb +308 -0
- data/lib/aws-sdk-core/cbor/encoder.rb +243 -0
- data/lib/aws-sdk-core/cbor.rb +53 -0
- data/lib/aws-sdk-core/client_side_monitoring.rb +9 -0
- data/lib/aws-sdk-core/client_stubs.rb +30 -55
- data/lib/aws-sdk-core/credential_provider.rb +4 -0
- data/lib/aws-sdk-core/credential_provider_chain.rb +38 -11
- data/lib/aws-sdk-core/credentials.rb +19 -6
- data/lib/aws-sdk-core/ec2_metadata.rb +1 -1
- data/lib/aws-sdk-core/ecs_credentials.rb +1 -0
- data/lib/aws-sdk-core/endpoints/endpoint.rb +3 -1
- data/lib/aws-sdk-core/endpoints/matchers.rb +8 -10
- data/lib/aws-sdk-core/endpoints.rb +101 -21
- data/lib/aws-sdk-core/error_handler.rb +46 -0
- data/lib/aws-sdk-core/errors.rb +11 -2
- data/lib/aws-sdk-core/event_emitter.rb +1 -17
- data/lib/aws-sdk-core/instance_profile_credentials.rb +148 -158
- data/lib/aws-sdk-core/json/builder.rb +8 -1
- data/lib/aws-sdk-core/json/error_handler.rb +29 -13
- data/lib/aws-sdk-core/json/handler.rb +6 -6
- data/lib/aws-sdk-core/json/json_engine.rb +3 -1
- data/lib/aws-sdk-core/json/oj_engine.rb +7 -1
- data/lib/aws-sdk-core/json/parser.rb +6 -1
- data/lib/aws-sdk-core/json.rb +43 -14
- data/lib/aws-sdk-core/log/param_filter.rb +2 -2
- data/lib/aws-sdk-core/log/param_formatter.rb +7 -3
- data/lib/aws-sdk-core/log.rb +10 -0
- data/lib/aws-sdk-core/lru_cache.rb +75 -0
- data/lib/aws-sdk-core/pageable_response.rb +1 -1
- data/lib/aws-sdk-core/param_validator.rb +7 -2
- data/lib/aws-sdk-core/plugins/bearer_authorization.rb +2 -0
- data/lib/aws-sdk-core/plugins/checksum_algorithm.rb +332 -169
- data/lib/aws-sdk-core/plugins/client_metrics_plugin.rb +0 -1
- data/lib/aws-sdk-core/plugins/client_metrics_send_plugin.rb +14 -2
- data/lib/aws-sdk-core/plugins/credentials_configuration.rb +77 -57
- data/lib/aws-sdk-core/plugins/endpoint_pattern.rb +40 -32
- data/lib/aws-sdk-core/plugins/global_configuration.rb +8 -9
- data/lib/aws-sdk-core/plugins/http_checksum.rb +2 -8
- data/lib/aws-sdk-core/plugins/invocation_id.rb +1 -11
- data/lib/aws-sdk-core/plugins/protocols/api_gateway.rb +3 -1
- data/lib/aws-sdk-core/plugins/protocols/ec2.rb +2 -24
- data/lib/aws-sdk-core/plugins/protocols/json_rpc.rb +6 -8
- data/lib/aws-sdk-core/plugins/protocols/query.rb +4 -2
- data/lib/aws-sdk-core/plugins/protocols/rest_json.rb +3 -15
- data/lib/aws-sdk-core/plugins/protocols/rest_xml.rb +3 -0
- data/lib/aws-sdk-core/plugins/protocols/rpc_v2.rb +17 -0
- data/lib/aws-sdk-core/plugins/regional_endpoint.rb +74 -25
- data/lib/aws-sdk-core/plugins/request_compression.rb +11 -2
- data/lib/aws-sdk-core/plugins/retry_errors.rb +10 -3
- data/lib/aws-sdk-core/plugins/sign.rb +42 -26
- data/lib/aws-sdk-core/plugins/signature_v2.rb +2 -1
- data/lib/aws-sdk-core/plugins/signature_v4.rb +2 -1
- data/lib/aws-sdk-core/plugins/stub_responses.rb +58 -9
- data/lib/aws-sdk-core/plugins/telemetry.rb +75 -0
- data/lib/aws-sdk-core/plugins/transfer_encoding.rb +16 -9
- data/lib/aws-sdk-core/plugins/user_agent.rb +101 -26
- data/lib/aws-sdk-core/plugins.rb +39 -0
- data/lib/aws-sdk-core/process_credentials.rb +48 -29
- data/lib/aws-sdk-core/query/ec2_handler.rb +27 -0
- data/lib/aws-sdk-core/query/ec2_param_builder.rb +5 -7
- data/lib/aws-sdk-core/query/handler.rb +4 -4
- data/lib/aws-sdk-core/query/param_builder.rb +2 -2
- data/lib/aws-sdk-core/query.rb +2 -1
- data/lib/aws-sdk-core/resources.rb +8 -0
- data/lib/aws-sdk-core/rest/content_type_handler.rb +60 -0
- data/lib/aws-sdk-core/rest/handler.rb +3 -4
- data/lib/aws-sdk-core/rest/request/body.rb +32 -5
- data/lib/aws-sdk-core/rest/request/endpoint.rb +24 -4
- data/lib/aws-sdk-core/rest/request/headers.rb +15 -7
- data/lib/aws-sdk-core/rest/request/querystring_builder.rb +23 -11
- data/lib/aws-sdk-core/rest/response/body.rb +15 -1
- data/lib/aws-sdk-core/rest/response/header_list_parser.rb +79 -0
- data/lib/aws-sdk-core/rest/response/headers.rb +8 -3
- data/lib/aws-sdk-core/rest.rb +1 -0
- data/lib/aws-sdk-core/rpc_v2/builder.rb +62 -0
- data/lib/aws-sdk-core/rpc_v2/cbor_engine.rb +18 -0
- data/lib/aws-sdk-core/rpc_v2/content_type_handler.rb +47 -0
- data/lib/aws-sdk-core/rpc_v2/error_handler.rb +95 -0
- data/lib/aws-sdk-core/rpc_v2/handler.rb +79 -0
- data/lib/aws-sdk-core/rpc_v2/parser.rb +98 -0
- data/lib/aws-sdk-core/rpc_v2.rb +69 -0
- data/lib/aws-sdk-core/shared_config.rb +79 -22
- data/lib/aws-sdk-core/shared_credentials.rb +1 -7
- data/lib/aws-sdk-core/sso_credentials.rb +4 -1
- data/lib/aws-sdk-core/static_token_provider.rb +1 -2
- data/lib/aws-sdk-core/stubbing/protocols/ec2.rb +12 -11
- data/lib/aws-sdk-core/stubbing/protocols/json.rb +11 -10
- data/lib/aws-sdk-core/stubbing/protocols/query.rb +7 -6
- data/lib/aws-sdk-core/stubbing/protocols/rest.rb +2 -1
- data/lib/aws-sdk-core/stubbing/protocols/rest_json.rb +9 -8
- data/lib/aws-sdk-core/stubbing/protocols/rest_xml.rb +6 -5
- data/lib/aws-sdk-core/stubbing/protocols/rpc_v2.rb +39 -0
- data/lib/aws-sdk-core/stubbing.rb +22 -0
- data/lib/aws-sdk-core/telemetry/base.rb +177 -0
- data/lib/aws-sdk-core/telemetry/no_op.rb +70 -0
- data/lib/aws-sdk-core/telemetry/otel.rb +235 -0
- data/lib/aws-sdk-core/telemetry/span_kind.rb +22 -0
- data/lib/aws-sdk-core/telemetry/span_status.rb +59 -0
- data/lib/aws-sdk-core/telemetry.rb +78 -0
- data/lib/aws-sdk-core/token.rb +3 -3
- data/lib/aws-sdk-core/token_provider.rb +4 -0
- data/lib/aws-sdk-core/token_provider_chain.rb +2 -6
- data/lib/aws-sdk-core/util.rb +41 -1
- data/lib/aws-sdk-core/waiters/poller.rb +10 -5
- data/lib/aws-sdk-core/xml/builder.rb +17 -9
- data/lib/aws-sdk-core/xml/error_handler.rb +35 -43
- data/lib/aws-sdk-core/xml/parser/frame.rb +4 -20
- data/lib/aws-sdk-core/xml/parser/stack.rb +2 -0
- data/lib/aws-sdk-core/xml/parser.rb +2 -6
- data/lib/aws-sdk-core.rb +82 -107
- data/lib/aws-sdk-sso/client.rb +189 -96
- data/lib/aws-sdk-sso/client_api.rb +7 -0
- data/lib/aws-sdk-sso/endpoint_parameters.rb +9 -6
- data/lib/aws-sdk-sso/endpoint_provider.rb +14 -18
- data/lib/aws-sdk-sso/endpoints.rb +2 -54
- data/lib/aws-sdk-sso/plugins/endpoints.rb +19 -20
- data/lib/aws-sdk-sso/types.rb +1 -0
- data/lib/aws-sdk-sso.rb +15 -11
- data/lib/aws-sdk-ssooidc/client.rb +274 -116
- data/lib/aws-sdk-ssooidc/client_api.rb +33 -0
- data/lib/aws-sdk-ssooidc/endpoint_parameters.rb +9 -6
- data/lib/aws-sdk-ssooidc/endpoint_provider.rb +14 -18
- data/lib/aws-sdk-ssooidc/endpoints.rb +2 -54
- data/lib/aws-sdk-ssooidc/errors.rb +21 -0
- data/lib/aws-sdk-ssooidc/plugins/endpoints.rb +19 -20
- data/lib/aws-sdk-ssooidc/types.rb +125 -24
- data/lib/aws-sdk-ssooidc.rb +15 -11
- data/lib/aws-sdk-sts/client.rb +397 -148
- data/lib/aws-sdk-sts/client_api.rb +36 -8
- data/lib/aws-sdk-sts/customizations.rb +5 -1
- data/lib/aws-sdk-sts/endpoint_parameters.rb +10 -9
- data/lib/aws-sdk-sts/endpoint_provider.rb +50 -55
- data/lib/aws-sdk-sts/endpoints.rb +2 -118
- data/lib/aws-sdk-sts/errors.rb +15 -0
- data/lib/aws-sdk-sts/plugins/endpoints.rb +19 -28
- data/lib/aws-sdk-sts/presigner.rb +2 -6
- data/lib/aws-sdk-sts/types.rb +171 -28
- data/lib/aws-sdk-sts.rb +15 -11
- data/lib/seahorse/client/async_base.rb +4 -5
- data/lib/seahorse/client/async_response.rb +19 -0
- data/lib/seahorse/client/base.rb +18 -21
- data/lib/seahorse/client/h2/connection.rb +18 -28
- data/lib/seahorse/client/h2/handler.rb +14 -3
- data/lib/seahorse/client/handler.rb +1 -1
- data/lib/seahorse/client/http/response.rb +1 -1
- data/lib/seahorse/client/net_http/connection_pool.rb +15 -12
- data/lib/seahorse/client/net_http/handler.rb +21 -9
- data/lib/seahorse/client/networking_error.rb +1 -1
- data/lib/seahorse/client/plugin.rb +8 -0
- data/lib/seahorse/client/plugins/endpoint.rb +0 -1
- data/lib/seahorse/client/plugins/h2.rb +4 -4
- data/lib/seahorse/client/plugins/net_http.rb +57 -16
- data/lib/seahorse/client/request_context.rb +9 -2
- data/lib/seahorse/client/response.rb +2 -0
- data/lib/seahorse/model/shapes.rb +2 -2
- data/lib/seahorse/util.rb +2 -1
- data/sig/aws-sdk-core/async_client_stubs.rbs +21 -0
- data/sig/aws-sdk-core/telemetry/base.rbs +46 -0
- data/sig/aws-sdk-core/telemetry/otel.rbs +22 -0
- data/sig/aws-sdk-core/telemetry/span_kind.rbs +15 -0
- data/sig/aws-sdk-core/telemetry/span_status.rbs +24 -0
- data/sig/seahorse/client/async_base.rbs +18 -0
- metadata +96 -23
- /data/lib/aws-sdk-core/xml/parser/{engines/libxml.rb → libxml_engine.rb} +0 -0
- /data/lib/aws-sdk-core/xml/parser/{engines/nokogiri.rb → nokogiri_engine.rb} +0 -0
- /data/lib/aws-sdk-core/xml/parser/{engines/oga.rb → oga_engine.rb} +0 -0
- /data/lib/aws-sdk-core/xml/parser/{engines/ox.rb → ox_engine.rb} +0 -0
- /data/lib/aws-sdk-core/xml/parser/{engines/rexml.rb → rexml_engine.rb} +0 -0
|
@@ -20,16 +20,31 @@ a default `:region` is searched for in the following locations:
|
|
|
20
20
|
* `ENV['AWS_DEFAULT_REGION']`
|
|
21
21
|
* `~/.aws/credentials`
|
|
22
22
|
* `~/.aws/config`
|
|
23
|
-
|
|
23
|
+
DOCS
|
|
24
24
|
resolve_region(cfg)
|
|
25
25
|
end
|
|
26
26
|
|
|
27
|
+
option(:sigv4a_signing_region_set,
|
|
28
|
+
doc_type: Array,
|
|
29
|
+
rbs_type: 'Array[String]',
|
|
30
|
+
docstring: <<-DOCS) do |cfg|
|
|
31
|
+
A list of regions that should be signed with SigV4a signing. When
|
|
32
|
+
not passed, a default `:sigv4a_signing_region_set` is searched for
|
|
33
|
+
in the following locations:
|
|
34
|
+
|
|
35
|
+
* `Aws.config[:sigv4a_signing_region_set]`
|
|
36
|
+
* `ENV['AWS_SIGV4A_SIGNING_REGION_SET']`
|
|
37
|
+
* `~/.aws/config`
|
|
38
|
+
DOCS
|
|
39
|
+
resolve_sigv4a_signing_region_set(cfg)
|
|
40
|
+
end
|
|
41
|
+
|
|
27
42
|
option(:use_dualstack_endpoint,
|
|
28
43
|
doc_type: 'Boolean',
|
|
29
44
|
docstring: <<-DOCS) do |cfg|
|
|
30
45
|
When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
|
|
31
46
|
will be used if available.
|
|
32
|
-
|
|
47
|
+
DOCS
|
|
33
48
|
resolve_use_dualstack_endpoint(cfg)
|
|
34
49
|
end
|
|
35
50
|
|
|
@@ -39,7 +54,7 @@ will be used if available.
|
|
|
39
54
|
When set to `true`, fips compatible endpoints will be used if available.
|
|
40
55
|
When a `fips` region is used, the region is normalized and this config
|
|
41
56
|
is set to `true`.
|
|
42
|
-
|
|
57
|
+
DOCS
|
|
43
58
|
resolve_use_fips_endpoint(cfg)
|
|
44
59
|
end
|
|
45
60
|
|
|
@@ -52,7 +67,7 @@ is set to `true`.
|
|
|
52
67
|
docstring: <<-DOCS) do |cfg|
|
|
53
68
|
Setting to true disables use of endpoint URLs provided via environment
|
|
54
69
|
variables and the shared configuration file.
|
|
55
|
-
|
|
70
|
+
DOCS
|
|
56
71
|
resolve_ignore_configured_endpoint_urls(cfg)
|
|
57
72
|
end
|
|
58
73
|
|
|
@@ -60,14 +75,58 @@ variables and the shared configuration file.
|
|
|
60
75
|
The client endpoint is normally constructed from the `:region`
|
|
61
76
|
option. You should only configure an `:endpoint` when connecting
|
|
62
77
|
to test or custom endpoints. This should be a valid HTTP(S) URI.
|
|
63
|
-
|
|
78
|
+
DOCS
|
|
64
79
|
resolve_endpoint(cfg)
|
|
65
80
|
end
|
|
66
81
|
|
|
67
82
|
def after_initialize(client)
|
|
68
|
-
|
|
69
|
-
|
|
83
|
+
region = client.config.region
|
|
84
|
+
raise Errors::MissingRegionError if region.nil? || region == ''
|
|
85
|
+
|
|
86
|
+
# resolve a default endpoint to preserve legacy behavior
|
|
87
|
+
initialize_default_endpoint(client) if client.config.endpoint.nil?
|
|
88
|
+
|
|
89
|
+
region_set = client.config.sigv4a_signing_region_set
|
|
90
|
+
return if region_set.nil?
|
|
91
|
+
raise Errors::InvalidRegionSetError unless region_set.is_a?(Array)
|
|
92
|
+
|
|
93
|
+
region_set = region_set.compact.reject(&:empty?)
|
|
94
|
+
raise Errors::InvalidRegionSetError if region_set.empty?
|
|
95
|
+
|
|
96
|
+
client.config.sigv4a_signing_region_set = region_set
|
|
97
|
+
end
|
|
98
|
+
|
|
99
|
+
private
|
|
100
|
+
|
|
101
|
+
def initialize_default_endpoint(client)
|
|
102
|
+
client_module = Object.const_get(client.class.name.rpartition('::').first)
|
|
103
|
+
param_class = client_module.const_get(:EndpointParameters)
|
|
104
|
+
endpoint_provider = client.config.endpoint_provider
|
|
105
|
+
params = param_class.create(client.config)
|
|
106
|
+
endpoint = endpoint_provider.resolve_endpoint(params)
|
|
107
|
+
client.config.endpoint = endpoint.url
|
|
108
|
+
rescue ArgumentError, NameError
|
|
109
|
+
# fallback to legacy
|
|
110
|
+
client.config.endpoint = resolve_legacy_endpoint(client.config)
|
|
111
|
+
end
|
|
112
|
+
|
|
113
|
+
# set a default endpoint in config using legacy (endpoints.json) resolver
|
|
114
|
+
def resolve_legacy_endpoint(cfg)
|
|
115
|
+
endpoint_prefix = cfg.api.metadata['endpointPrefix']
|
|
116
|
+
if cfg.respond_to?(:sts_regional_endpoints)
|
|
117
|
+
sts_regional = cfg.sts_regional_endpoints
|
|
70
118
|
end
|
|
119
|
+
|
|
120
|
+
endpoint = Aws::Partitions::EndpointProvider.resolve(
|
|
121
|
+
cfg.region,
|
|
122
|
+
endpoint_prefix,
|
|
123
|
+
sts_regional,
|
|
124
|
+
{
|
|
125
|
+
dualstack: cfg.use_dualstack_endpoint,
|
|
126
|
+
fips: cfg.use_fips_endpoint
|
|
127
|
+
}
|
|
128
|
+
)
|
|
129
|
+
URI(endpoint)
|
|
71
130
|
end
|
|
72
131
|
|
|
73
132
|
class << self
|
|
@@ -81,6 +140,12 @@ to test or custom endpoints. This should be a valid HTTP(S) URI.
|
|
|
81
140
|
env_region || cfg_region
|
|
82
141
|
end
|
|
83
142
|
|
|
143
|
+
def resolve_sigv4a_signing_region_set(cfg)
|
|
144
|
+
value = ENV['AWS_SIGV4A_SIGNING_REGION_SET']
|
|
145
|
+
value ||= Aws.shared_config.sigv4a_signing_region_set(profile: cfg.profile)
|
|
146
|
+
value.split(',') if value
|
|
147
|
+
end
|
|
148
|
+
|
|
84
149
|
def resolve_use_dualstack_endpoint(cfg)
|
|
85
150
|
value = ENV['AWS_USE_DUALSTACK_ENDPOINT']
|
|
86
151
|
value ||= Aws.shared_config.use_dualstack_endpoint(
|
|
@@ -121,7 +186,8 @@ to test or custom endpoints. This should be a valid HTTP(S) URI.
|
|
|
121
186
|
# that a custom endpoint has NOT been configured by the user
|
|
122
187
|
cfg.override_config(:regional_endpoint, true)
|
|
123
188
|
|
|
124
|
-
|
|
189
|
+
# a default endpoint is resolved in after_initialize
|
|
190
|
+
nil
|
|
125
191
|
end
|
|
126
192
|
|
|
127
193
|
# get a custom configured endpoint from ENV or configuration
|
|
@@ -176,23 +242,6 @@ to test or custom endpoints. This should be a valid HTTP(S) URI.
|
|
|
176
242
|
cfg.override_config(:region, new_region)
|
|
177
243
|
end
|
|
178
244
|
end
|
|
179
|
-
# set a default endpoint in config using legacy (endpoints.json) resolver
|
|
180
|
-
def resolve_legacy_endpoint(cfg)
|
|
181
|
-
endpoint_prefix = cfg.api.metadata['endpointPrefix']
|
|
182
|
-
if cfg.respond_to?(:sts_regional_endpoints)
|
|
183
|
-
sts_regional = cfg.sts_regional_endpoints
|
|
184
|
-
end
|
|
185
|
-
|
|
186
|
-
Aws::Partitions::EndpointProvider.resolve(
|
|
187
|
-
cfg.region,
|
|
188
|
-
endpoint_prefix,
|
|
189
|
-
sts_regional,
|
|
190
|
-
{
|
|
191
|
-
dualstack: cfg.use_dualstack_endpoint,
|
|
192
|
-
fips: cfg.use_fips_endpoint
|
|
193
|
-
}
|
|
194
|
-
)
|
|
195
|
-
end
|
|
196
245
|
end
|
|
197
246
|
end
|
|
198
247
|
end
|
|
@@ -91,11 +91,20 @@ and 10485780 bytes inclusive.
|
|
|
91
91
|
end
|
|
92
92
|
end
|
|
93
93
|
end
|
|
94
|
-
@handler.call(context)
|
|
94
|
+
with_metric(selected_encoding) { @handler.call(context) }
|
|
95
95
|
end
|
|
96
96
|
|
|
97
97
|
private
|
|
98
98
|
|
|
99
|
+
def with_metric(encoding, &block)
|
|
100
|
+
case encoding
|
|
101
|
+
when 'gzip'
|
|
102
|
+
Aws::Plugins::UserAgent.metric('GZIP_REQUEST_COMPRESSION', &block)
|
|
103
|
+
else
|
|
104
|
+
block.call
|
|
105
|
+
end
|
|
106
|
+
end
|
|
107
|
+
|
|
99
108
|
def request_encoding_selection(context)
|
|
100
109
|
encoding_list = context.operation.request_compression['encodings']
|
|
101
110
|
encoding_list.find { |encoding| RequestCompression::SUPPORTED_ENCODINGS.include?(encoding) }
|
|
@@ -104,7 +113,7 @@ and 10485780 bytes inclusive.
|
|
|
104
113
|
def update_content_encoding(encoding, context)
|
|
105
114
|
headers = context.http_request.headers
|
|
106
115
|
if headers['Content-Encoding']
|
|
107
|
-
headers['Content-Encoding'] +=
|
|
116
|
+
headers['Content-Encoding'] += ", #{encoding}"
|
|
108
117
|
else
|
|
109
118
|
headers['Content-Encoding'] = encoding
|
|
110
119
|
end
|
|
@@ -113,7 +113,6 @@ Specifies which retry algorithm to use. Values are:
|
|
|
113
113
|
functionality of `standard` mode along with automatic client side
|
|
114
114
|
throttling. This is a provisional mode that may change behavior
|
|
115
115
|
in the future.
|
|
116
|
-
|
|
117
116
|
DOCS
|
|
118
117
|
resolve_retry_mode(cfg)
|
|
119
118
|
end
|
|
@@ -235,7 +234,7 @@ a clock skew correction and retry requests with skewed client clocks.
|
|
|
235
234
|
|
|
236
235
|
get_send_token(config)
|
|
237
236
|
add_retry_headers(context)
|
|
238
|
-
response = @handler.call(context)
|
|
237
|
+
response = with_metric(config.retry_mode) { @handler.call(context) }
|
|
239
238
|
error_inspector = Retries::ErrorInspector.new(
|
|
240
239
|
response.error, response.context.http_response.status_code
|
|
241
240
|
)
|
|
@@ -272,6 +271,10 @@ a clock skew correction and retry requests with skewed client clocks.
|
|
|
272
271
|
|
|
273
272
|
private
|
|
274
273
|
|
|
274
|
+
def with_metric(retry_mode, &block)
|
|
275
|
+
Aws::Plugins::UserAgent.metric("RETRY_MODE_#{retry_mode.upcase}", &block)
|
|
276
|
+
end
|
|
277
|
+
|
|
275
278
|
def get_send_token(config)
|
|
276
279
|
# either fail fast or block until a token becomes available
|
|
277
280
|
# must be configurable
|
|
@@ -359,7 +362,7 @@ a clock skew correction and retry requests with skewed client clocks.
|
|
|
359
362
|
class LegacyHandler < Seahorse::Client::Handler
|
|
360
363
|
|
|
361
364
|
def call(context)
|
|
362
|
-
response = @handler.call(context)
|
|
365
|
+
response = with_metric { @handler.call(context) }
|
|
363
366
|
if response.error
|
|
364
367
|
error_inspector = Retries::ErrorInspector.new(
|
|
365
368
|
response.error, response.context.http_response.status_code
|
|
@@ -378,6 +381,10 @@ a clock skew correction and retry requests with skewed client clocks.
|
|
|
378
381
|
|
|
379
382
|
private
|
|
380
383
|
|
|
384
|
+
def with_metric(&block)
|
|
385
|
+
Aws::Plugins::UserAgent.metric('RETRY_MODE_LEGACY', &block)
|
|
386
|
+
end
|
|
387
|
+
|
|
381
388
|
def retry_if_possible(response, error_inspector)
|
|
382
389
|
context = response.context
|
|
383
390
|
if should_retry?(context, error_inspector)
|
|
@@ -13,10 +13,6 @@ module Aws
|
|
|
13
13
|
option(:sigv4_region)
|
|
14
14
|
option(:unsigned_operations, default: [])
|
|
15
15
|
|
|
16
|
-
supported_auth_types = %w[sigv4 bearer sigv4-s3express none]
|
|
17
|
-
supported_auth_types += ['sigv4a'] if Aws::Sigv4::Signer.use_crt?
|
|
18
|
-
SUPPORTED_AUTH_TYPES = supported_auth_types.freeze
|
|
19
|
-
|
|
20
16
|
def add_handlers(handlers, cfg)
|
|
21
17
|
operations = cfg.api.operation_names - cfg.unsigned_operations
|
|
22
18
|
handlers.add(Handler, step: :sign, operations: operations)
|
|
@@ -33,7 +29,7 @@ module Aws
|
|
|
33
29
|
}
|
|
34
30
|
SignatureV4.new(auth_scheme, config, sigv4_overrides)
|
|
35
31
|
when 'bearer'
|
|
36
|
-
Bearer.new
|
|
32
|
+
Bearer.new(config)
|
|
37
33
|
else
|
|
38
34
|
NullSigner.new
|
|
39
35
|
end
|
|
@@ -51,11 +47,22 @@ module Aws
|
|
|
51
47
|
)
|
|
52
48
|
signer.sign(context)
|
|
53
49
|
end
|
|
54
|
-
@handler.call(context)
|
|
50
|
+
with_metrics(signer) { @handler.call(context) }
|
|
55
51
|
end
|
|
56
52
|
|
|
57
53
|
private
|
|
58
54
|
|
|
55
|
+
def with_metrics(signer, &block)
|
|
56
|
+
case signer
|
|
57
|
+
when SignatureV4
|
|
58
|
+
Aws::Plugins::UserAgent.metric(*signer.credentials.metrics, &block)
|
|
59
|
+
when Bearer
|
|
60
|
+
Aws::Plugins::UserAgent.metric(*signer.token_provider.metrics, &block)
|
|
61
|
+
else
|
|
62
|
+
block.call
|
|
63
|
+
end
|
|
64
|
+
end
|
|
65
|
+
|
|
59
66
|
def v2_signing?(config)
|
|
60
67
|
# 's3' is legacy signing, 'v4' is default
|
|
61
68
|
config.respond_to?(:signature_version) &&
|
|
@@ -65,21 +72,19 @@ module Aws
|
|
|
65
72
|
|
|
66
73
|
# @api private
|
|
67
74
|
class Bearer
|
|
68
|
-
def initialize
|
|
75
|
+
def initialize(config)
|
|
76
|
+
@token_provider = config.token_provider
|
|
69
77
|
end
|
|
70
78
|
|
|
79
|
+
attr_reader :token_provider
|
|
80
|
+
|
|
71
81
|
def sign(context)
|
|
72
82
|
if context.http_request.endpoint.scheme != 'https'
|
|
73
|
-
raise ArgumentError,
|
|
74
|
-
'Unable to use bearer authorization on non https endpoint.'
|
|
83
|
+
raise ArgumentError, 'Unable to use bearer authorization on non https endpoint.'
|
|
75
84
|
end
|
|
85
|
+
raise Errors::MissingBearerTokenError unless @token_provider && @token_provider.set?
|
|
76
86
|
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
raise Errors::MissingBearerTokenError unless token_provider&.set?
|
|
80
|
-
|
|
81
|
-
context.http_request.headers['Authorization'] =
|
|
82
|
-
"Bearer #{token_provider.token.token}"
|
|
87
|
+
context.http_request.headers['Authorization'] = "Bearer #{@token_provider.token.token}"
|
|
83
88
|
end
|
|
84
89
|
|
|
85
90
|
def presign_url(*args)
|
|
@@ -95,32 +100,31 @@ module Aws
|
|
|
95
100
|
class SignatureV4
|
|
96
101
|
def initialize(auth_scheme, config, sigv4_overrides = {})
|
|
97
102
|
scheme_name = auth_scheme['name']
|
|
98
|
-
|
|
99
103
|
unless %w[sigv4 sigv4a sigv4-s3express].include?(scheme_name)
|
|
100
|
-
raise ArgumentError,
|
|
101
|
-
"Expected sigv4, sigv4a, or sigv4-s3express auth scheme, got #{scheme_name}"
|
|
104
|
+
raise ArgumentError, "Expected sigv4, sigv4a, or sigv4-s3express auth scheme, got #{scheme_name}"
|
|
102
105
|
end
|
|
103
|
-
|
|
104
106
|
region = if scheme_name == 'sigv4a'
|
|
105
|
-
auth_scheme['signingRegionSet'].
|
|
107
|
+
auth_scheme['signingRegionSet'].join(',')
|
|
106
108
|
else
|
|
107
109
|
auth_scheme['signingRegion']
|
|
108
110
|
end
|
|
109
111
|
begin
|
|
110
|
-
@signer = Aws::Sigv4::Signer.new(
|
|
112
|
+
@signer = config.sigv4_signer || Aws::Sigv4::Signer.new(
|
|
111
113
|
service: config.sigv4_name || auth_scheme['signingName'],
|
|
112
114
|
region: sigv4_overrides[:region] || config.sigv4_region || region,
|
|
113
115
|
credentials_provider: sigv4_overrides[:credentials] || config.credentials,
|
|
114
116
|
signing_algorithm: scheme_name.to_sym,
|
|
115
|
-
uri_escape_path:
|
|
116
|
-
normalize_path:
|
|
117
|
-
unsigned_headers: %w[content-length user-agent x-amzn-trace-id]
|
|
117
|
+
uri_escape_path: !auth_scheme['disableDoubleEncoding'],
|
|
118
|
+
normalize_path: !auth_scheme['disableNormalizePath'],
|
|
119
|
+
unsigned_headers: %w[content-length user-agent x-amzn-trace-id expect transfer-encoding connection]
|
|
118
120
|
)
|
|
119
121
|
rescue Aws::Sigv4::Errors::MissingCredentialsError
|
|
120
122
|
raise Aws::Errors::MissingCredentialsError
|
|
121
123
|
end
|
|
122
124
|
end
|
|
123
125
|
|
|
126
|
+
attr_reader :signer
|
|
127
|
+
|
|
124
128
|
def sign(context)
|
|
125
129
|
req = context.http_request
|
|
126
130
|
|
|
@@ -156,15 +160,27 @@ module Aws
|
|
|
156
160
|
@signer.sign_event(*args)
|
|
157
161
|
end
|
|
158
162
|
|
|
163
|
+
def credentials
|
|
164
|
+
@signer.credentials_provider
|
|
165
|
+
end
|
|
166
|
+
|
|
159
167
|
private
|
|
160
168
|
|
|
161
169
|
def apply_authtype(context, req)
|
|
162
|
-
|
|
163
|
-
|
|
170
|
+
# only used for event streaming at input
|
|
171
|
+
if context[:input_event_emitter]
|
|
172
|
+
req.headers['X-Amz-Content-Sha256'] = 'STREAMING-AWS4-HMAC-SHA256-EVENTS'
|
|
173
|
+
elsif unsigned_payload?(context, req)
|
|
164
174
|
req.headers['X-Amz-Content-Sha256'] ||= 'UNSIGNED-PAYLOAD'
|
|
165
175
|
end
|
|
166
176
|
end
|
|
167
177
|
|
|
178
|
+
def unsigned_payload?(context, req)
|
|
179
|
+
(context.operation['unsignedPayload'] ||
|
|
180
|
+
context.operation['authtype'] == 'v4-unsigned-body') &&
|
|
181
|
+
req.endpoint.scheme == 'https'
|
|
182
|
+
end
|
|
183
|
+
|
|
168
184
|
def reset_signature(req)
|
|
169
185
|
# in case this request is being re-signed
|
|
170
186
|
req.headers.delete('Authorization')
|
|
@@ -3,7 +3,8 @@
|
|
|
3
3
|
module Aws
|
|
4
4
|
module Plugins
|
|
5
5
|
# @api private
|
|
6
|
-
#
|
|
6
|
+
# Deprecated - does not look at new traits like `auth` and `unsignedPayload`
|
|
7
|
+
# Necessary to exist after endpoints 2.0 for old service clients + new core
|
|
7
8
|
class SignatureV2 < Seahorse::Client::Plugin
|
|
8
9
|
|
|
9
10
|
option(:v2_signer) do |cfg|
|
|
@@ -5,7 +5,8 @@ require 'aws-sigv4'
|
|
|
5
5
|
module Aws
|
|
6
6
|
module Plugins
|
|
7
7
|
# @api private
|
|
8
|
-
#
|
|
8
|
+
# Deprecated - does not look at new traits like `auth` and `unsignedPayload`
|
|
9
|
+
# Necessary to exist after endpoints 2.0 for old service clients + new core
|
|
9
10
|
class SignatureV4 < Seahorse::Client::Plugin
|
|
10
11
|
|
|
11
12
|
V4_AUTH = %w[v4 v4-unsigned-payload v4-unsigned-body]
|
|
@@ -29,8 +29,22 @@ requests are made, and retries are disabled.
|
|
|
29
29
|
end
|
|
30
30
|
end
|
|
31
31
|
|
|
32
|
+
option(:token_provider) do |config|
|
|
33
|
+
if config.stub_responses
|
|
34
|
+
StaticTokenProvider.new('stubbed-token')
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
option(:stubs) { {} }
|
|
39
|
+
option(:stubs_mutex) { Mutex.new }
|
|
40
|
+
option(:api_requests) { [] }
|
|
41
|
+
option(:api_requests_mutex) { Mutex.new }
|
|
42
|
+
|
|
32
43
|
def add_handlers(handlers, config)
|
|
33
|
-
|
|
44
|
+
return unless config.stub_responses
|
|
45
|
+
|
|
46
|
+
handlers.add(ApiRequestsHandler)
|
|
47
|
+
handlers.add(StubbingHandler, step: :send)
|
|
34
48
|
end
|
|
35
49
|
|
|
36
50
|
def after_initialize(client)
|
|
@@ -46,20 +60,43 @@ requests are made, and retries are disabled.
|
|
|
46
60
|
end
|
|
47
61
|
end
|
|
48
62
|
|
|
49
|
-
class
|
|
63
|
+
class ApiRequestsHandler < Seahorse::Client::Handler
|
|
64
|
+
def call(context)
|
|
65
|
+
context.config.api_requests_mutex.synchronize do
|
|
66
|
+
context.config.api_requests << {
|
|
67
|
+
operation_name: context.operation_name,
|
|
68
|
+
params: context.params,
|
|
69
|
+
context: context
|
|
70
|
+
}
|
|
71
|
+
end
|
|
72
|
+
@handler.call(context)
|
|
73
|
+
end
|
|
74
|
+
end
|
|
50
75
|
|
|
76
|
+
class StubbingHandler < Seahorse::Client::Handler
|
|
51
77
|
def call(context)
|
|
52
|
-
|
|
78
|
+
span_wrapper(context) do
|
|
79
|
+
stub_responses(context)
|
|
80
|
+
end
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
private
|
|
84
|
+
|
|
85
|
+
def stub_responses(context)
|
|
53
86
|
resp = Seahorse::Client::Response.new(context: context)
|
|
54
87
|
async_mode = context.client.is_a? Seahorse::Client::AsyncBase
|
|
55
|
-
|
|
56
|
-
|
|
88
|
+
stub = context.client.next_stub(context)
|
|
89
|
+
stub[:mutex].synchronize { apply_stub(stub, resp, async_mode) }
|
|
90
|
+
|
|
91
|
+
if async_mode
|
|
92
|
+
Seahorse::Client::AsyncResponse.new(
|
|
93
|
+
context: context,
|
|
94
|
+
stream: context[:input_event_stream_handler].event_emitter.stream,
|
|
95
|
+
sync_queue: Queue.new
|
|
96
|
+
)
|
|
57
97
|
else
|
|
58
|
-
|
|
98
|
+
resp
|
|
59
99
|
end
|
|
60
|
-
|
|
61
|
-
async_mode ? Seahorse::Client::AsyncResponse.new(
|
|
62
|
-
context: context, stream: context[:input_event_stream_handler].event_emitter.stream, sync_queue: Queue.new) : resp
|
|
63
100
|
end
|
|
64
101
|
|
|
65
102
|
def apply_stub(stub, response, async_mode = false)
|
|
@@ -99,6 +136,18 @@ requests are made, and retries are disabled.
|
|
|
99
136
|
http_resp.signal_done
|
|
100
137
|
end
|
|
101
138
|
|
|
139
|
+
def span_wrapper(context, &block)
|
|
140
|
+
context.tracer.in_span(
|
|
141
|
+
'Handler.StubResponses',
|
|
142
|
+
attributes: Aws::Telemetry.http_request_attrs(context)
|
|
143
|
+
) do |span|
|
|
144
|
+
block.call.tap do
|
|
145
|
+
span.add_attributes(
|
|
146
|
+
Aws::Telemetry.http_response_attrs(context)
|
|
147
|
+
)
|
|
148
|
+
end
|
|
149
|
+
end
|
|
150
|
+
end
|
|
102
151
|
end
|
|
103
152
|
end
|
|
104
153
|
end
|
|
@@ -0,0 +1,75 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Aws
|
|
4
|
+
module Plugins
|
|
5
|
+
# @api private
|
|
6
|
+
class Telemetry < Seahorse::Client::Plugin
|
|
7
|
+
option(
|
|
8
|
+
:telemetry_provider,
|
|
9
|
+
default: Aws::Telemetry::NoOpTelemetryProvider,
|
|
10
|
+
doc_type: Aws::Telemetry::TelemetryProviderBase,
|
|
11
|
+
rbs_type: Aws::Telemetry::TelemetryProviderBase,
|
|
12
|
+
docstring: <<-DOCS) do |_cfg|
|
|
13
|
+
Allows you to provide a telemetry provider, which is used to
|
|
14
|
+
emit telemetry data. By default, uses `NoOpTelemetryProvider` which
|
|
15
|
+
will not record or emit any telemetry data. The SDK supports the
|
|
16
|
+
following telemetry providers:
|
|
17
|
+
|
|
18
|
+
* OpenTelemetry (OTel) - To use the OTel provider, install and require the
|
|
19
|
+
`opentelemetry-sdk` gem and then, pass in an instance of a
|
|
20
|
+
`Aws::Telemetry::OTelProvider` for telemetry provider.
|
|
21
|
+
DOCS
|
|
22
|
+
Aws::Telemetry::NoOpTelemetryProvider.new
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
def after_initialize(client)
|
|
26
|
+
validate_telemetry_provider(client.config)
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
def validate_telemetry_provider(config)
|
|
30
|
+
unless config.telemetry_provider.is_a?(Aws::Telemetry::TelemetryProviderBase)
|
|
31
|
+
raise ArgumentError,
|
|
32
|
+
'Must provide a telemetry provider for the '\
|
|
33
|
+
'`telemetry_provider` configuration option.'
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
class Handler < Seahorse::Client::Handler
|
|
38
|
+
def call(context)
|
|
39
|
+
span_wrapper(context) { @handler.call(context) }
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
private
|
|
43
|
+
|
|
44
|
+
def span_wrapper(context, &block)
|
|
45
|
+
service_id = service_id(context)
|
|
46
|
+
attributes = {
|
|
47
|
+
'rpc.system' => 'aws-api',
|
|
48
|
+
'rpc.service' => service_id,
|
|
49
|
+
'rpc.method' => context.operation.name,
|
|
50
|
+
'code.function' => context.operation_name.to_s,
|
|
51
|
+
'code.namespace' => 'Aws::Plugins::Telemetry'
|
|
52
|
+
}
|
|
53
|
+
context.tracer.in_span(
|
|
54
|
+
parent_span_name(context, service_id),
|
|
55
|
+
attributes: attributes,
|
|
56
|
+
kind: Aws::Telemetry::SpanKind::CLIENT,
|
|
57
|
+
&block
|
|
58
|
+
)
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
def service_id(context)
|
|
62
|
+
context.config.api.metadata['serviceId'] ||
|
|
63
|
+
context.config.api.metadata['serviceAbbreviation'] ||
|
|
64
|
+
context.config.api.metadata['serviceFullName']
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
def parent_span_name(context, service_id)
|
|
68
|
+
"#{service_id}.#{context.operation.name}".delete(' ')
|
|
69
|
+
end
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
handler(Handler, step: :initialize, priority: 99)
|
|
73
|
+
end
|
|
74
|
+
end
|
|
75
|
+
end
|
|
@@ -5,7 +5,8 @@ module Aws
|
|
|
5
5
|
|
|
6
6
|
# For Streaming Input Operations, when `requiresLength` is enabled
|
|
7
7
|
# checking whether `Content-Length` header can be set,
|
|
8
|
-
# for `v4-unsigned-body` operations,
|
|
8
|
+
# for `unsignedPayload` and `v4-unsigned-body` operations,
|
|
9
|
+
# set `Transfer-Encoding` header.
|
|
9
10
|
class TransferEncoding < Seahorse::Client::Plugin
|
|
10
11
|
|
|
11
12
|
# @api private
|
|
@@ -16,8 +17,8 @@ module Aws
|
|
|
16
17
|
unless context.http_request.body.respond_to?(:size)
|
|
17
18
|
if requires_length?(context.operation.input)
|
|
18
19
|
# if size of the IO is not available but required
|
|
19
|
-
raise Aws::Errors::MissingContentLength
|
|
20
|
-
elsif context.operation
|
|
20
|
+
raise Aws::Errors::MissingContentLength
|
|
21
|
+
elsif unsigned_payload?(context.operation)
|
|
21
22
|
context.http_request.headers['Transfer-Encoding'] = 'chunked'
|
|
22
23
|
end
|
|
23
24
|
end
|
|
@@ -29,18 +30,24 @@ module Aws
|
|
|
29
30
|
private
|
|
30
31
|
|
|
31
32
|
def streaming?(ref)
|
|
32
|
-
if payload = ref[:payload_member]
|
|
33
|
-
payload[
|
|
34
|
-
payload.shape["streaming"]
|
|
33
|
+
if (payload = ref[:payload_member])
|
|
34
|
+
payload['streaming'] || payload.shape['streaming']
|
|
35
35
|
else
|
|
36
36
|
false
|
|
37
37
|
end
|
|
38
38
|
end
|
|
39
39
|
|
|
40
|
+
def unsigned_payload?(operation)
|
|
41
|
+
operation['unsignedPayload'] ||
|
|
42
|
+
operation['authtype'] == 'v4-unsigned-body'
|
|
43
|
+
end
|
|
44
|
+
|
|
40
45
|
def requires_length?(ref)
|
|
41
|
-
payload = ref[:payload_member]
|
|
42
|
-
|
|
43
|
-
|
|
46
|
+
if (payload = ref[:payload_member])
|
|
47
|
+
payload['requiresLength'] || payload.shape['requiresLength']
|
|
48
|
+
else
|
|
49
|
+
false
|
|
50
|
+
end
|
|
44
51
|
end
|
|
45
52
|
|
|
46
53
|
end
|