aws-sdk-core 3.201.2 → 3.226.2

data/lib/aws-sdk-core/client_stubs.rb

@@ -15,27 +15,11 @@ module Aws
 
     # @api private
     def setup_stubbing
-      @stubs = {}
-      @stub_mutex = Mutex.new
       if Hash === @config.stub_responses
         @config.stub_responses.each do |operation_name, stubs|
           apply_stubs(operation_name, Array === stubs ? stubs : [stubs])
         end
       end
-
-      # When a client is stubbed allow the user to access the requests made
-      requests = @api_requests = []
-      requests_mutex = @requests_mutex = Mutex.new
-      self.handle do |context|
-        requests_mutex.synchronize do
-          requests << {
-            operation_name: context.operation_name,
-            params: context.params,
-            context: context
-          }
-        end
-        @handler.call(context)
-      end
     end
 
     # Configures what data / errors should be returned from the named operation
@@ -175,7 +159,7 @@ module Aws
     #   on a client that has not enabled response stubbing via
     #   `:stub_responses => true`.
     def stub_responses(operation_name, *stubs)
-      if config.stub_responses
+      if @config.stub_responses
         apply_stubs(operation_name, stubs.flatten)
       else
         msg = 'stubbing is not enabled; enable stubbing in the constructor '\
@@ -194,12 +178,12 @@ module Aws
     # @raise [NotImplementedError] Raises `NotImplementedError` when the client
     #   is not stubbed.
     def api_requests(options = {})
-      if config.stub_responses
-        @requests_mutex.synchronize do
+      if @config.stub_responses
+        @config.api_requests_mutex.synchronize do
           if options[:exclude_presign]
-            @api_requests.reject {|req| req[:context][:presigned_url] }
+            @config.api_requests.reject {|req| req[:context][:presigned_url] }
           else
-            @api_requests
+            @config.api_requests
           end
         end
       else
@@ -228,54 +212,44 @@ module Aws
     # @return [Structure] Returns a stubbed response data structure. The
     #   actual class returned will depend on the given `operation_name`.
     def stub_data(operation_name, data = {})
-      Stubbing::StubData.new(config.api.operation(operation_name)).stub(data)
+      Stubbing::StubData.new(@config.api.operation(operation_name)).stub(data)
     end
 
     # @api private
     def next_stub(context)
       operation_name = context.operation_name.to_sym
-      stub = @stub_mutex.synchronize do
-        stubs = @stubs[operation_name] || []
+      stub = @config.stubs_mutex.synchronize do
+        stubs = @config.stubs[operation_name] || []
         case stubs.length
-        when 0 then default_stub(operation_name)
+        when 0 then stub_data(operation_name)
         when 1 then stubs.first
         else stubs.shift
         end
       end
-      Proc === stub ? convert_stub(operation_name, stub.call(context)) : stub
+      stub = convert_stub(operation_name, stub, context)
+      stub[:mutex] = Mutex.new
+      stub
     end
 
     private
 
-    def default_stub(operation_name)
-      stub = stub_data(operation_name)
-      http_response_stub(operation_name, stub)
+    def apply_stubs(operation_name, stubs)
+      @config.stubs_mutex.synchronize do
+        @config.stubs[operation_name.to_sym] = stubs
+      end
     end
 
     # This method converts the given stub data and converts it to a
     # HTTP response (when possible). This enables the response stubbing
     # plugin to provide a HTTP response that triggers all normal events
     # during response handling.
-    def apply_stubs(operation_name, stubs)
-      @stub_mutex.synchronize do
-        @stubs[operation_name.to_sym] = stubs.map do |stub|
-          convert_stub(operation_name, stub)
-        end
-      end
-    end
-
-    def convert_stub(operation_name, stub)
-      stub = case stub
-      when Proc then stub
+    def convert_stub(operation_name, stub, context)
+      case stub
+      when Proc then convert_stub(operation_name, stub.call(context), context)
       when Exception, Class then { error: stub }
       when String then service_error_stub(stub)
-      when Hash then http_response_stub(operation_name, stub)
-      else { data: stub }
-      end
-      if Hash === stub
-        stub[:mutex] = Mutex.new
+      else http_response_stub(operation_name, stub)
       end
-      stub
     end
 
     def service_error_stub(error_code)
@@ -299,22 +273,22 @@ module Aws
     end
 
     def data_to_http_resp(operation_name, data)
-      api = config.api
+      api = @config.api
       operation = api.operation(operation_name)
       ParamValidator.new(operation.output, input: false).validate!(data)
       protocol_helper.stub_data(api, operation, data)
     end
 
     def protocol_helper
-      case config.api.metadata['protocol']
-      when 'json'        then Stubbing::Protocols::Json
-      when 'rest-json'   then Stubbing::Protocols::RestJson
-      when 'rest-xml'    then Stubbing::Protocols::RestXml
-      when 'query'       then Stubbing::Protocols::Query
-      when 'ec2'         then Stubbing::Protocols::EC2
+      case @config.api.metadata['protocol']
+      when 'json'               then Stubbing::Protocols::Json
+      when 'rest-json'          then Stubbing::Protocols::RestJson
+      when 'rest-xml'           then Stubbing::Protocols::RestXml
+      when 'query'              then Stubbing::Protocols::Query
+      when 'ec2'                then Stubbing::Protocols::EC2
       when 'smithy-rpc-v2-cbor' then Stubbing::Protocols::RpcV2
-      when 'api-gateway' then Stubbing::Protocols::ApiGateway
-      else raise "unsupported protocol"
+      when 'api-gateway'        then Stubbing::Protocols::ApiGateway
+      else raise 'unsupported protocol'
       end.new
     end
   end

data/lib/aws-sdk-core/credential_provider.rb

@@ -9,6 +9,10 @@ module Aws
     # @return [Time]
     attr_reader :expiration
 
+    # @api private
+    # Returns UserAgent metrics for credentials.
+    attr_accessor :metrics
+
     # @return [Boolean]
     def set?
       !!@credentials && @credentials.set?

data/lib/aws-sdk-core/credential_provider_chain.rb

@@ -42,11 +42,14 @@ module Aws
 
     def static_credentials(options)
       if options[:config]
-        Credentials.new(
+        creds = Credentials.new(
           options[:config].access_key_id,
           options[:config].secret_access_key,
-          options[:config].session_token
+          options[:config].session_token,
+          account_id: options[:config].account_id
         )
+        creds.metrics = ['CREDENTIALS_PROFILE']
+        creds
       end
     end
 
@@ -75,7 +78,9 @@ module Aws
 
     def static_profile_credentials(options)
       if options[:config] && options[:config].profile
-        SharedCredentials.new(profile_name: options[:config].profile)
+        creds = SharedCredentials.new(profile_name: options[:config].profile)
+        creds.metrics = ['CREDENTIALS_PROFILE']
+        creds
       end
     rescue Errors::NoSuchProfileError
       nil
@@ -84,7 +89,11 @@ module Aws
     def static_profile_process_credentials(options)
       if Aws.shared_config.config_enabled? && options[:config] && options[:config].profile
         process_provider = Aws.shared_config.credential_process(profile: options[:config].profile)
-        ProcessCredentials.new([process_provider]) if process_provider
+        if process_provider
+          creds = ProcessCredentials.new([process_provider])
+          creds.metrics << 'CREDENTIALS_PROFILE_PROCESS'
+          creds
+        end
       end
     rescue Errors::NoSuchProfileError
       nil
@@ -94,7 +103,15 @@ module Aws
       key =    %w[AWS_ACCESS_KEY_ID AMAZON_ACCESS_KEY_ID AWS_ACCESS_KEY]
       secret = %w[AWS_SECRET_ACCESS_KEY AMAZON_SECRET_ACCESS_KEY AWS_SECRET_KEY]
       token =  %w[AWS_SESSION_TOKEN AMAZON_SESSION_TOKEN]
-      Credentials.new(envar(key), envar(secret), envar(token))
+      account_id = %w[AWS_ACCOUNT_ID]
+      creds = Credentials.new(
+        envar(key),
+        envar(secret),
+        envar(token),
+        account_id: envar(account_id)
+      )
+      creds.metrics = ['CREDENTIALS_ENV_VARS']
+      creds
     end
 
     def envar(keys)
@@ -110,7 +127,9 @@ module Aws
 
     def shared_credentials(options)
       profile_name = determine_profile_name(options)
-      SharedCredentials.new(profile_name: profile_name)
+      creds = SharedCredentials.new(profile_name: profile_name)
+      creds.metrics = ['CREDENTIALS_PROFILE']
+      creds
     rescue Errors::NoSuchProfileError
       nil
     end
@@ -119,7 +138,11 @@ module Aws
       profile_name = determine_profile_name(options)
       if Aws.shared_config.config_enabled?
         process_provider = Aws.shared_config.credential_process(profile: profile_name)
-        ProcessCredentials.new([process_provider]) if process_provider
+        if process_provider
+          creds = ProcessCredentials.new([process_provider])
+          creds.metrics << 'CREDENTIALS_PROFILE_PROCESS'
+          creds
+        end
       end
     rescue Errors::NoSuchProfileError
       nil
@@ -149,7 +172,11 @@ module Aws
           role_session_name: ENV['AWS_ROLE_SESSION_NAME']
         }
         cfg[:region] = region if region
-        AssumeRoleWebIdentityCredentials.new(cfg)
+        Aws::Plugins::UserAgent.metric('CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN') do
+          creds = AssumeRoleWebIdentityCredentials.new(cfg)
+          creds.metrics << 'CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN'
+          creds
+        end
       elsif Aws.shared_config.config_enabled?
         profile = options[:config].profile if options[:config]
         Aws.shared_config.assume_role_web_identity_credentials_from_config(

data/lib/aws-sdk-core/credentials.rb

@@ -6,21 +6,34 @@ module Aws
     # @param [String] access_key_id
     # @param [String] secret_access_key
     # @param [String] session_token (nil)
-    def initialize(access_key_id, secret_access_key, session_token = nil)
+    # @param [Hash] kwargs
+    # @option kwargs [String] :credential_scope (nil)
+    def initialize(access_key_id, secret_access_key, session_token = nil,
+                   **kwargs)
       @access_key_id = access_key_id
       @secret_access_key = secret_access_key
       @session_token = session_token
+      @account_id = kwargs[:account_id]
+      @metrics = ['CREDENTIALS_CODE']
     end
 
-    # @return [String, nil]
+    # @return [String]
     attr_reader :access_key_id
 
-    # @return [String, nil]
+    # @return [String]
     attr_reader :secret_access_key
 
     # @return [String, nil]
     attr_reader :session_token
 
+    # @return [String, nil]
+    attr_reader :account_id
+
+    # @api private
+    # Returns the credentials source. Used for tracking credentials
+    # related UserAgent metrics.
+    attr_accessor :metrics
+
     # @return [Credentials]
     def credentials
       self
@@ -30,9 +43,9 @@ module Aws
     #   access key are both set.
     def set?
       !access_key_id.nil? &&
-      !access_key_id.empty? &&
-      !secret_access_key.nil? &&
-      !secret_access_key.empty?
+        !access_key_id.empty? &&
+        !secret_access_key.nil? &&
+        !secret_access_key.empty?
     end
 
     # Removing the secret access key from the default inspect string.

data/lib/aws-sdk-core/ecs_credentials.rb

@@ -77,6 +77,7 @@ module Aws
       @http_debug_output = options[:http_debug_output]
       @backoff = backoff(options[:backoff])
       @async_refresh = false
+      @metrics = ['CREDENTIALS_HTTP']
       super
     end
 

data/lib/aws-sdk-core/endpoints/endpoint.rb

@@ -3,15 +3,17 @@
 module Aws
   module Endpoints
     class Endpoint
-      def initialize(url:, properties: {}, headers: {})
+      def initialize(url:, properties: {}, headers: {}, metadata: {})
         @url = url
         @properties = properties
         @headers = headers
+        @metadata = metadata
       end
 
       attr_reader :url
       attr_reader :properties
       attr_reader :headers
+      attr_reader :metadata
     end
   end
 end

data/lib/aws-sdk-core/endpoints/matchers.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
-require 'cgi'
+require "cgi/escape"
+require "cgi/util" if RUBY_VERSION < "3.5"
 
 module Aws
   module Endpoints
@@ -94,14 +95,7 @@ module Aws
 
       # aws.partition(value: string) Option<Partition>
       def self.aws_partition(value)
-        partition =
-          Aws::Partitions.find { |p| p.region?(value) } ||
-          Aws::Partitions.find { |p| value.match(p.region_regex) } ||
-          Aws::Partitions.find { |p| p.name == 'aws' }
-
-        return nil unless partition
-
-        partition.metadata
+        Aws::Partitions::Metadata.partition(value)
       end
 
       # aws.parseArn(value: string) Option<ARN>

data/lib/aws-sdk-core/endpoints.rb

@@ -19,9 +19,12 @@ require 'aws-sigv4'
 module Aws
   # @api private
   module Endpoints
-    supported_auth_traits = %w[aws.auth#sigv4 smithy.api#httpBearerAuth smithy.api#noAuth]
-    supported_auth_traits += ['aws.auth#sigv4a'] if Aws::Sigv4::Signer.use_crt?
-    SUPPORTED_AUTH_TRAITS = supported_auth_traits.freeze
+    SUPPORTED_AUTH_TRAITS = %w[
+      aws.auth#sigv4
+      aws.auth#sigv4a
+      smithy.api#httpBearerAuth
+      smithy.api#noAuth
+    ].freeze
 
     class << self
       def resolve_auth_scheme(context, endpoint)
@@ -42,6 +45,13 @@ module Aws
       def merge_signing_defaults(auth_scheme, config)
         if %w[sigv4 sigv4a sigv4-s3express].include?(auth_scheme['name'])
           auth_scheme['signingName'] ||= sigv4_name(config)
+
+          # back fill disableNormalizePath for S3 until it gets correctly set in the rules
+          if auth_scheme['signingName'] == 's3' &&
+            !auth_scheme.include?('disableNormalizePath') &&
+            auth_scheme.include?('disableDoubleEncoding')
+            auth_scheme['disableNormalizePath'] = auth_scheme['disableDoubleEncoding']
+          end
           if auth_scheme['name'] == 'sigv4a'
             # config option supersedes endpoint properties
             auth_scheme['signingRegionSet'] =

data/lib/aws-sdk-core/error_handler.rb

@@ -1,12 +1,17 @@
 # frozen_string_literal: true
 
 module Aws
+  # @api private
   class ErrorHandler < Seahorse::Client::Handler
 
     private
 
     def error(context)
       body = context.http_response.body_contents
+      # This is not correct per protocol tests. Some headers will determine the error code.
+      # If the body is empty, there is still potentially an error code from the header, but
+      # we are making a generic http status error instead. In a new major version, we should
+      # always try to extract header, and during extraction, check headers and body.
       if body.empty?
         code, message, data = http_status_error(context)
       else

data/lib/aws-sdk-core/errors.rb

@@ -68,7 +68,7 @@ module Aws
       end
     end
 
-    # Rasied when endpoint discovery failed for operations
+    # Raised when endpoint discovery failed for operations
     # that requires endpoints from endpoint discovery
     class EndpointDiscoveryError < RuntimeError
       def initialize(*args)
@@ -78,7 +78,7 @@ module Aws
       end
     end
 
-    # raised when hostLabel member is not provided
+    # Raised when hostLabel member is not provided
     # at operation input when endpoint trait is available
     # with 'hostPrefix' requirement
     class MissingEndpointHostLabelValue < RuntimeError

data/lib/aws-sdk-core/event_emitter.rb

@@ -31,7 +31,7 @@ module Aws
     def emit(type, params)
       unless @stream
         raise Aws::Errors::SignalEventError.new(
-          "Singaling events before making async request"\
+          "Signaling events before making async request"\
           " is not allowed."
         )
       end

data/lib/aws-sdk-core/instance_profile_credentials.rb

@@ -90,6 +90,7 @@ module Aws
       @token = nil
       @no_refresh_until = nil
       @async_refresh = false
+      @metrics = ['CREDENTIALS_IMDS']
       super
     end
 

data/lib/aws-sdk-core/json/error_handler.rb

@@ -2,6 +2,7 @@
 
 module Aws
   module Json
+    # @api private
     class ErrorHandler < Aws::ErrorHandler
 
       def call(context)
@@ -24,17 +25,21 @@ module Aws
       end
 
       def error_code(json, context)
+        # This is not correct per protocol tests. awsQueryError is intended to populate the
+        # error code of the error class. The error class should come from __type. Query and
+        # query compatible services currently have dynamic errors raised from error codes instead
+        # of the modeled error class. However, changing this in this major version would break
+        # existing usage.
         code =
           if aws_query_error?(context)
-            error = context.http_response.headers['x-amzn-query-error'].split(';')[0]
-            remove_prefix(error, context)
+            aws_query_error_code(context)
           else
             json['__type']
           end
         code ||= json['code']
         code ||= context.http_response.headers['x-amzn-errortype']
         if code
-          code.split('#').last
+          code.split('#').last.split(':').first
         else
           http_status_error_code(context)
         end
@@ -45,6 +50,12 @@ module Aws
           context.http_response.headers['x-amzn-query-error']
       end
 
+      def aws_query_error_code(context)
+        query_header = context.http_response.headers['x-amzn-query-error']
+        error, _type = query_header.split(';') # type not supported
+        remove_prefix(error, context)
+      end
+
       def remove_prefix(error_code, context)
         if (prefix = context.config.api.metadata['errorPrefix'])
           error_code.sub(/^#{prefix}/, '')

data/lib/aws-sdk-core/json/handler.rb

@@ -21,6 +21,7 @@ module Aws
         context.http_request.http_method = 'POST'
         context.http_request.headers['Content-Type'] = content_type(context)
         context.http_request.headers['X-Amz-Target'] = target(context)
+        context.http_request.headers['X-Amzn-Query-Mode'] = 'true' if query_compatible?(context)
         context.http_request.body = build_body(context)
       end
 

data/lib/aws-sdk-core/log/param_formatter.rb

@@ -51,13 +51,17 @@ module Aws
         when String   then summarize_string(value)
         when Hash     then '{' + summarize_hash(value) + '}'
         when Array    then summarize_array(value)
-        when File     then summarize_file(value.path)
-        when Pathname then summarize_file(value)
+        when File     then summarize_file(value)
+        when Pathname then summarize_filepath(value)
         else value.inspect
         end
       end
 
-      def summarize_file(path)
+      def summarize_file(file)
+        "#<File:#{file.path} (#{file.size} bytes)>"
+      end
+
+      def summarize_filepath(path)
         "#<File:#{path} (#{File.size(path)} bytes)>"
       end
 

data/lib/aws-sdk-core/log.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+module Aws
+  # setup autoloading for Log module
+  module Log
+    autoload :Formatter, 'aws-sdk-core/log/formatter'
+    autoload :ParamFilter, 'aws-sdk-core/log/param_filter'
+    autoload :ParamFormatter, 'aws-sdk-core/log/param_formatter'
+  end
+end