aws-sdk-core 3.196.1 → 3.199.0

data/lib/aws-sdk-core/plugins/retry_errors.rb

@@ -113,7 +113,6 @@ Specifies which retry algorithm to use. Values are:
   functionality of `standard` mode along with automatic client side
   throttling.  This is a provisional mode that may change behavior
   in the future.
-
         DOCS
         resolve_retry_mode(cfg)
       end
@@ -235,7 +234,7 @@ a clock skew correction and retry requests with skewed client clocks.
 
           get_send_token(config)
           add_retry_headers(context)
-          response = @handler.call(context)
+          response = with_metric(config.retry_mode) { @handler.call(context) }
           error_inspector = Retries::ErrorInspector.new(
             response.error, response.context.http_response.status_code
           )
@@ -272,6 +271,10 @@ a clock skew correction and retry requests with skewed client clocks.
 
         private
 
+        def with_metric(retry_mode, &block)
+          Aws::Plugins::UserAgent.metric("RETRY_MODE_#{retry_mode.upcase}", &block)
+        end
+
         def get_send_token(config)
           # either fail fast or block until a token becomes available
           # must be configurable
@@ -359,7 +362,7 @@ a clock skew correction and retry requests with skewed client clocks.
       class LegacyHandler < Seahorse::Client::Handler
 
         def call(context)
-          response = @handler.call(context)
+          response = with_metric { @handler.call(context) }
           if response.error
             error_inspector = Retries::ErrorInspector.new(
               response.error, response.context.http_response.status_code
@@ -378,6 +381,10 @@ a clock skew correction and retry requests with skewed client clocks.
 
         private
 
+        def with_metric(&block)
+          Aws::Plugins::UserAgent.metric('RETRY_MODE_LEGACY', &block)
+        end
+
         def retry_if_possible(response, error_inspector)
           context = response.context
           if should_retry?(context, error_inspector)

data/lib/aws-sdk-core/plugins/user_agent.rb

@@ -4,6 +4,23 @@ module Aws
   module Plugins
     # @api private
     class UserAgent < Seahorse::Client::Plugin
+      METRICS = Aws::Json.load(<<-METRICS)
+        {
+          "RESOURCE_MODEL": "A",
+          "WAITER": "B",
+          "PAGINATOR": "C",
+          "RETRY_MODE_LEGACY": "D",
+          "RETRY_MODE_STANDARD": "E",
+          "RETRY_MODE_ADAPTIVE": "F",
+          "S3_TRANSFER": "G",
+          "S3_CRYPTO_V1N": "H",
+          "S3_CRYPTO_V2": "I",
+          "S3_EXPRESS_BUCKET": "J",
+          "S3_ACCESS_GRANTS": "K",
+          "GZIP_REQUEST_COMPRESSION": "L"
+        }
+      METRICS
+
       # @api private
       option(:user_agent_suffix)
       # @api private
@@ -23,12 +40,20 @@ variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.
         app_id
       end
 
-      def self.feature(feature, &block)
-        Thread.current[:aws_sdk_core_user_agent_feature] ||= []
-        Thread.current[:aws_sdk_core_user_agent_feature] << "ft/#{feature}"
+      # Deprecated - must exist for old service gems
+      def self.feature(_feature, &block)
+        block.call
+      end
+
+      def self.metric(metric, &block)
+        Thread.current[:aws_sdk_core_user_agent_metric] ||= []
+        Thread.current[:aws_sdk_core_user_agent_metric] << METRICS[metric]
         block.call
       ensure
-        Thread.current[:aws_sdk_core_user_agent_feature].pop
+        Thread.current[:aws_sdk_core_user_agent_metric].pop
+        if Thread.current[:aws_sdk_core_user_agent_metric].empty?
+          Thread.current[:aws_sdk_core_user_agent_metric] = nil
+        end
       end
 
       # @api private
@@ -49,15 +74,24 @@ variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.
 
           def to_s
             ua = "aws-sdk-ruby3/#{CORE_GEM_VERSION}"
-            ua += ' ua/2.0'
-            ua += " #{api_metadata}" if api_metadata
+            ua += ' ua/2.1'
+            if (api_m = api_metadata)
+              ua += " #{api_m}"
+            end
             ua += " #{os_metadata}"
             ua += " #{language_metadata}"
-            ua += " #{env_metadata}" if env_metadata
-            ua += " #{config_metadata}" if config_metadata
-            ua += " #{app_id}" if app_id
-            ua += " #{feature_metadata}" if feature_metadata
-            ua += " #{framework_metadata}" if framework_metadata
+            if (env_m = env_metadata)
+              ua += " #{env_m}"
+            end
+            if (app_id_m = app_id_metadata)
+              ua += " #{app_id_m}"
+            end
+            if (framework_m = framework_metadata)
+              ua += " #{framework_m}"
+            end
+            if (metric_m = metric_metadata)
+              ua += " #{metric_m}"
+            end
             if @context.config.user_agent_suffix
               ua += " #{@context.config.user_agent_suffix}"
             end
@@ -93,7 +127,6 @@ variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.
             local_version = Gem::Platform.local.version
             metadata += "##{local_version}" if local_version
             metadata += " md/#{RbConfig::CONFIG['host_cpu']}"
-            metadata
           end
 
           # Used to be RUBY_ENGINE/RUBY_VERSION
@@ -107,11 +140,7 @@ variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.
             "exec-env/#{execution_env}"
           end
 
-          def config_metadata
-            "cfg/retry-mode##{@context.config.retry_mode}"
-          end
-
-          def app_id
+          def app_id_metadata
             return unless (app_id = @context.config.sdk_ua_app_id)
 
             # Sanitize and only allow these characters
@@ -119,12 +148,6 @@ variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.
             "app/#{app_id}"
           end
 
-          def feature_metadata
-            return unless Thread.current[:aws_sdk_core_user_agent_feature]
-
-            Thread.current[:aws_sdk_core_user_agent_feature].join(' ')
-          end
-
           def framework_metadata
             if (frameworks_cfg = @context.config.user_agent_frameworks).empty?
               return
@@ -141,10 +164,21 @@ variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.
             end
             frameworks.map { |n, v| "lib/#{n}##{v}" }.join(' ')
           end
+
+          def metric_metadata
+            return unless Thread.current[:aws_sdk_core_user_agent_metric]
+
+            metrics = Thread.current[:aws_sdk_core_user_agent_metric].join(',')
+            # Metric metadata is limited to 1024 bytes
+            return "m/#{metrics}" if metrics.bytesize <= 1024
+
+            # Removes the last unfinished metric
+            "m/#{metrics[0...metrics[0..1024].rindex(',')]}"
+          end
         end
       end
 
-      handler(Handler, priority: 1)
+      handler(Handler, step: :sign, priority: 97)
     end
   end
 end

data/lib/aws-sdk-core/process_credentials.rb

@@ -2,9 +2,15 @@
 
 module Aws
   # A credential provider that executes a given process and attempts
-  # to read its stdout to recieve a JSON payload containing the credentials.
+  # to read its stdout to receive a JSON payload containing the credentials.
   #
-  #     credentials = Aws::ProcessCredentials.new('/usr/bin/credential_proc')
+  #     credentials = Aws::ProcessCredentials.new(['/usr/bin/credential_proc'])
+  #     ec2 = Aws::EC2::Client.new(credentials: credentials)
+  #
+  # Arguments should be provided as strings in the array, for example:
+  #
+  #     process = ['/usr/bin/credential_proc', 'arg1', 'arg2']
+  #     credentials = Aws::ProcessCredentials.new(process)
   #     ec2 = Aws::EC2::Client.new(credentials: credentials)
   #
   # Automatically handles refreshing credentials if an Expiration time is
@@ -19,40 +25,49 @@ module Aws
     # Creates a new ProcessCredentials object, which allows an
     # external process to be used as a credential provider.
     #
-    # @param [String] process Invocation string for process
-    # credentials provider.
+    # @param [Array<String>, String] process An array of strings including
+    #  the process name and its arguments to execute, or a single string to be
+    #  executed by the shell (deprecated and insecure).
     def initialize(process)
+      if process.is_a?(String)
+        warn('Passing a single string to Aws::ProcessCredentials.new '\
+             'is insecure, please use use an array of system arguments instead')
+      end
       @process = process
-      @credentials = credentials_from_process(@process)
+      @credentials = credentials_from_process
       @async_refresh = false
 
       super
     end
 
     private
-    def credentials_from_process(proc_invocation)
-      begin
-        raw_out = `#{proc_invocation}`
-        process_status = $?
-      rescue Errno::ENOENT
-        raise Errors::InvalidProcessCredentialsPayload.new("Could not find process #{proc_invocation}")
+
+    def credentials_from_process
+      r, w = IO.pipe
+      success = system(*@process, out: w)
+      w.close
+      raw_out = r.read
+      r.close
+
+      unless success
+        raise Errors::InvalidProcessCredentialsPayload.new(
+          'credential_process provider failure, the credential process had '\
+          'non zero exit status and failed to provide credentials'
+        )
       end
 
-      if process_status.success?
-        begin
-          creds_json = Aws::Json.load(raw_out)
-        rescue Aws::Json::ParseError
-          raise Errors::InvalidProcessCredentialsPayload.new("Invalid JSON response")
-        end
-        payload_version = creds_json['Version']
-        if payload_version == 1
-          _parse_payload_format_v1(creds_json)
-        else
-          raise Errors::InvalidProcessCredentialsPayload.new("Invalid version #{payload_version} for credentials payload")
-        end
-      else
-        raise Errors::InvalidProcessCredentialsPayload.new('credential_process provider failure, the credential process had non zero exit status and failed to provide credentials')
+      begin
+        creds_json = Aws::Json.load(raw_out)
+      rescue Aws::Json::ParseError
+        raise Errors::InvalidProcessCredentialsPayload.new('Invalid JSON response')
       end
+
+      payload_version = creds_json['Version']
+      return _parse_payload_format_v1(creds_json) if payload_version == 1
+
+      raise Errors::InvalidProcessCredentialsPayload.new(
+        "Invalid version #{payload_version} for credentials payload"
+      )
     end
 
     def _parse_payload_format_v1(creds_json)
@@ -64,11 +79,14 @@ module Aws
 
       @expiration = creds_json['Expiration'] ? Time.iso8601(creds_json['Expiration']) : nil
       return creds if creds.set?
-      raise Errors::InvalidProcessCredentialsPayload.new("Invalid payload for JSON credentials version 1")
+
+      raise Errors::InvalidProcessCredentialsPayload.new(
+        'Invalid payload for JSON credentials version 1'
+      )
     end
 
     def refresh
-      @credentials = credentials_from_process(@process)
+      @credentials = credentials_from_process
     end
 
     def near_expiration?(expiration_length)

data/lib/aws-sdk-core/query/ec2_handler.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Aws
+  # @api private
+  module Query
+    class EC2Handler < Aws::Query::Handler
+
+      def apply_params(param_list, params, rules)
+        Aws::Query::EC2ParamBuilder.new(param_list).apply(rules, params)
+      end
+
+      def parse_xml(context)
+        if (rules = context.operation.output)
+          parser = Xml::Parser.new(rules)
+          parser.parse(xml(context)) do |path, value|
+            if path.size == 2 && path.last == 'requestId'
+              context.metadata[:request_id] = value
+            end
+          end
+        else
+          EmptyStructure.new
+        end
+      end
+
+    end
+  end
+end

data/lib/aws-sdk-core/query/handler.rb

@@ -27,13 +27,13 @@ module Aws
       # @return [Seahorse::Client::Response]
       def call(context)
         build_request(context)
-        @handler.call(context).on_success do |response|
-          response.error = nil
+        @handler.call(context).on_success do |resp|
+          resp.error = nil
           parsed = parse_xml(context)
           if parsed.nil? || parsed == EmptyStructure
-            response.data = EmptyStructure.new
+            resp.data = EmptyStructure.new
           else
-            response.data = parsed
+            resp.data = parsed
           end
         end
       end

data/lib/aws-sdk-core/query.rb

@@ -1,7 +1,8 @@
 # frozen_string_literal: true
 
-require_relative 'query/ec2_param_builder'
 require_relative 'query/handler'
+require_relative 'query/ec2_handler'
 require_relative 'query/param'
 require_relative 'query/param_builder'
+require_relative 'query/ec2_param_builder'
 require_relative 'query/param_list'

data/lib/aws-sdk-core/rest/{request/content_type.rb → content_type_handler.rb}

@@ -35,7 +35,7 @@ module Aws
 
       def eventstream?(context)
         context.operation.input.shape.members.each do |_, ref|
-          return ref if ref.eventstream
+          return true if ref.eventstream
         end
         false
       end

data/lib/aws-sdk-core/rest/handler.rb

@@ -7,10 +7,9 @@ module Aws
 
       def call(context)
         Rest::Request::Builder.new.apply(context)
-        resp = @handler.call(context)
-        resp.on(200..299) { |response| Response::Parser.new.apply(response) }
-        resp.on(200..599) { |response| apply_request_id(context) }
-        resp
+        response = @handler.call(context)
+        response.on(200..299) { |resp| Response::Parser.new.apply(resp) }
+        response.on(200..599) { |_resp| apply_request_id(context) }
       end
 
       private

data/lib/aws-sdk-core/rest/request/endpoint.rb

@@ -30,7 +30,9 @@ module Aws
         private
 
         def apply_path_params(uri, params)
-          path = uri.path.sub(%r{/$}, '') + @path_pattern.split('?')[0]
+          path = uri.path.sub(%r{/$}, '')
+          # handle trailing slash
+          path += @path_pattern.split('?')[0] if path.empty? || @path_pattern != '/'
           uri.path = path.gsub(/{.+?}/) do |placeholder|
             param_value_for_placeholder(placeholder, params)
           end

data/lib/aws-sdk-core/rest.rb

@@ -1,12 +1,12 @@
 # frozen_string_literal: true
 
 require_relative 'rest/handler'
+require_relative 'rest/content_type_handler'
 require_relative 'rest/request/body'
 require_relative 'rest/request/builder'
 require_relative 'rest/request/endpoint'
 require_relative 'rest/request/headers'
 require_relative 'rest/request/querystring_builder'
-require_relative 'rest/request/content_type'
 require_relative 'rest/response/body'
 require_relative 'rest/response/headers'
 require_relative 'rest/response/parser'

data/lib/aws-sdk-core/rpc_v2/builder.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+require 'base64'
+
+module Aws
+  module RpcV2
+    class Builder
+      include Seahorse::Model::Shapes
+
+      def initialize(rules, _options = {})
+        @rules = rules
+      end
+
+      def serialize(params)
+        # If the input shape is empty, do not set a body. This is
+        # different than if the input shape is a structure with no members.
+        return nil if @rules.shape.struct_class == EmptyStructure
+
+        Cbor.encode(format(@rules, params))
+      end
+
+      private
+
+      def structure(ref, values)
+        shape = ref.shape
+        values.each_pair.with_object({}) do |(key, value), data|
+          if shape.member?(key) && !value.nil?
+            member_ref = shape.member(key)
+            member_name = member_ref.location_name || key
+            data[member_name] = format(member_ref, value)
+          end
+        end
+      end
+
+      def list(ref, values)
+        member_ref = ref.shape.member
+        values.collect { |value| format(member_ref, value) }
+      end
+
+      def map(ref, values)
+        value_ref = ref.shape.value
+        values.each.with_object({}) do |(key, value), data|
+          data[key] = format(value_ref, value)
+        end
+      end
+
+      def blob(value)
+        (String === value ? value : value.read).force_encoding(Encoding::BINARY)
+      end
+
+      def format(ref, value)
+        case ref.shape
+        when StructureShape then structure(ref, value)
+        when ListShape      then list(ref, value)
+        when MapShape       then map(ref, value)
+        when BlobShape      then blob(value)
+        else value
+        end
+      end
+    end
+  end
+end

data/lib/aws-sdk-core/rpc_v2/content_type_handler.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+module Aws
+  module RpcV2
+    class ContentTypeHandler < Seahorse::Client::Handler
+      def call(context)
+        content_type =
+          if eventstream_input?(context)
+            'application/vnd.amazon.eventstream'
+          elsif !empty_input_structure?(context)
+            'application/cbor'
+          end
+        accept =
+          if eventstream_output?(context)
+            'application/vnd.amazon.eventstream'
+          end
+
+        headers = context.http_request.headers
+        headers['Content-Type'] ||= content_type if content_type
+        headers['Accept'] ||= accept if accept
+        @handler.call(context)
+      end
+
+      private
+
+      def eventstream_input?(context)
+        context.operation.input.shape.members.each do |_, ref|
+          return true if ref.eventstream
+        end
+        false
+      end
+
+      def eventstream_output?(context)
+        context.operation.output.shape.members.each do |_, ref|
+          return true if ref.eventstream
+        end
+        false
+      end
+
+      def empty_input_structure?(context)
+        context.operation.input.shape.struct_class == EmptyStructure
+      end
+    end
+  end
+end

data/lib/aws-sdk-core/rpc_v2/error_handler.rb

@@ -0,0 +1,84 @@
+# frozen_string_literal: true
+
+module Aws
+  module RpcV2
+    class ErrorHandler < Aws::ErrorHandler
+
+      def call(context)
+        # Malformed responses should throw an http based error, so we check
+        # 200 range for error handling only for this case.
+        @handler.call(context).on(200..599) do |response|
+          if !valid_response?(context)
+            code, message, data = http_status_error(context)
+            response.error = build_error(context, code, message, data)
+          elsif (300..599).cover?(context.http_response.status_code)
+            response.error = error(context)
+          end
+          response.data = nil
+        end
+      end
+
+      private
+
+      def valid_response?(context)
+        req_header = context.http_request.headers['smithy-protocol']
+        resp_header = context.http_response.headers['smithy-protocol']
+        req_header == resp_header
+      end
+
+      def extract_error(body, context)
+        data = Cbor.decode(body)
+        code = error_code(data, context)
+        message = data['message']
+        data = parse_error_data(context, body, code)
+        [code, message, data]
+      rescue Cbor::Error
+        [http_status_error_code(context), '', EmptyStructure.new]
+      end
+
+      def error_code(data, context)
+        code =
+          if aws_query_error?(context)
+            error = context.http_response.headers['x-amzn-query-error'].split(';')[0]
+            remove_prefix(error, context)
+          else
+            data['__type']
+          end
+        if code
+          code.split('#').last
+        else
+          http_status_error_code(context)
+        end
+      end
+
+      def parse_error_data(context, body, code)
+        data = EmptyStructure.new
+        if (error_rules = context.operation.errors)
+          error_rules.each do |rule|
+            # match modeled shape name with the type(code) only
+            # some type(code) might contains invalid characters
+            # such as ':' (efs) etc
+            match = rule.shape.name == code.gsub(/[^^a-zA-Z0-9]/, '')
+            next unless match && rule.shape.members.any?
+
+            data = Parser.new(rule).parse(body)
+          end
+        end
+        data
+      end
+
+      def aws_query_error?(context)
+        context.config.api.metadata['awsQueryCompatible'] &&
+          context.http_response.headers['x-amzn-query-error']
+      end
+
+      def remove_prefix(error_code, context)
+        if (prefix = context.config.api.metadata['errorPrefix'])
+          error_code.sub(/^#{prefix}/, '')
+        else
+          error_code
+        end
+      end
+    end
+  end
+end

data/lib/aws-sdk-core/rpc_v2/handler.rb

@@ -0,0 +1,74 @@
+# frozen_string_literal: true
+
+module Aws
+  module RpcV2
+    class Handler < Seahorse::Client::Handler
+      # @param [Seahorse::Client::RequestContext] context
+      # @return [Seahorse::Client::Response]
+      def call(context)
+        build_request(context)
+        response = @handler.call(context)
+        response.on(200..299) { |resp| resp.data = parse_body(context) }
+        response.on(200..599) { |_resp| apply_request_id(context) }
+        response
+      end
+
+      private
+
+      def build_request(context)
+        context.http_request.headers['smithy-protocol'] = 'rpc-v2-cbor'
+        context.http_request.http_method = 'POST'
+        context.http_request.body = build_body(context)
+        build_url(context)
+      end
+
+      def build_url(context)
+        base = context.http_request.endpoint
+        service_name = context.config.api.metadata['targetPrefix']
+        base.path += "/service/#{service_name}/operation/#{context.operation.name}"
+      end
+
+      def build_body(context)
+        Builder.new(context.operation.input).serialize(context.params)
+      end
+
+      def parse_body(context)
+        cbor = context.http_response.body_contents
+        if (rules = context.operation.output)
+          if cbor.is_a?(Array)
+            # an array of emitted events
+            if cbor[0].respond_to?(:response)
+              # initial response exists
+              # it must be the first event arrived
+              resp_struct = cbor.shift.response
+            else
+              resp_struct = context.operation.output.shape.struct_class.new
+            end
+
+            rules.shape.members.each do |name, ref|
+              if ref.eventstream
+                resp_struct.send("#{name}=", cbor.to_enum)
+              end
+            end
+            resp_struct
+          else
+            Parser.new(
+              rules,
+              query_compatible: query_compatible?(context)
+            ).parse(cbor)
+          end
+        else
+          EmptyStructure.new
+        end
+      end
+
+      def apply_request_id(context)
+        context[:request_id] = context.http_response.headers['x-amzn-requestid']
+      end
+
+      def query_compatible?(context)
+        context.config.api.metadata.key?('awsQueryCompatible')
+      end
+    end
+  end
+end