aws-sdk-core 3.224.1 → 3.240.0

data/lib/aws-sdk-core/rpc_v2/error_handler.rb

@@ -2,6 +2,7 @@
 
 module Aws
   module RpcV2
+    # @api private
     class ErrorHandler < Aws::ErrorHandler
 
       def call(context)
@@ -37,11 +38,14 @@ module Aws
       end
 
       def error_code(data, context)
+        # This is not correct per protocol tests. awsQueryError is intended to populate the
+        # error code of the error class. The error class should come from __type. Query and
+        # query compatible services currently have dynamic errors raised from error codes instead
+        # of the modeled error class. However, changing this in this major version would break
+        # existing usage.
         code =
           if aws_query_error?(context)
-            query_header = context.http_response.headers['x-amzn-query-error']
-            error, _type = query_header.split(';') # type not supported
-            remove_prefix(error, context)
+            aws_query_error_code(context)
           else
             data['__type']
           end
@@ -52,6 +56,25 @@ module Aws
         end
       end
 
+      def aws_query_error?(context)
+        context.config.api.metadata['awsQueryCompatible'] &&
+          context.http_response.headers['x-amzn-query-error']
+      end
+
+      def aws_query_error_code(context)
+        query_header = context.http_response.headers['x-amzn-query-error']
+        error, _type = query_header.split(';') # type not supported
+        remove_prefix(error, context)
+      end
+
+      def remove_prefix(error_code, context)
+        if (prefix = context.config.api.metadata['errorPrefix'])
+          error_code.sub(/^#{prefix}/, '')
+        else
+          error_code
+        end
+      end
+
       def parse_error_data(context, body, code)
         data = EmptyStructure.new
         if (error_rules = context.operation.errors)
@@ -67,19 +90,6 @@ module Aws
         end
         data
       end
-
-      def aws_query_error?(context)
-        context.config.api.metadata['awsQueryCompatible'] &&
-          context.http_response.headers['x-amzn-query-error']
-      end
-
-      def remove_prefix(error_code, context)
-        if (prefix = context.config.api.metadata['errorPrefix'])
-          error_code.sub(/^#{prefix}/, '')
-        else
-          error_code
-        end
-      end
     end
   end
 end

data/lib/aws-sdk-core/rpc_v2/parser.rb

@@ -85,6 +85,14 @@ module Aws
           end
         end
       end
+
+      def flattened_list?(shape)
+        shape.is_a?(ListShape) && shape.flattened
+      end
+
+      def flattened_map?(shape)
+        shape.is_a?(MapShape) && shape.flattened
+      end
     end
   end
 end

data/lib/aws-sdk-core/shared_config.rb

@@ -171,6 +171,16 @@ module Aws
       token
     end
 
+    # Attempts to load from shared config or shared credentials file.
+    # Will always attempt first to load from the shared credentials
+    # file, if present.
+    def login_credentials_from_config(opts = {})
+      p = opts[:profile] || @profile_name
+      credentials = login_credentials_from_profile(@parsed_credentials, p, opts[:region])
+      credentials ||= login_credentials_from_profile(@parsed_config, p, opts[:region]) if @parsed_config
+      credentials
+    end
+
     # Source a custom configured endpoint from the shared configuration file
     #
     # @param [Hash] opts
@@ -203,6 +213,7 @@ module Aws
     config_reader(
       :region,
       :account_id_endpoint_mode,
+      :auth_scheme_preference,
       :sigv4a_signing_region_set,
       :ca_bundle,
       :credential_process,
@@ -368,6 +379,15 @@ module Aws
         )
       when 'EcsContainer'
         ECSCredentials.new
+      when 'Environment'
+        creds = Credentials.new(
+          ENV['AWS_ACCESS_KEY_ID'],
+          ENV['AWS_SECRET_ACCESS_KEY'],
+          ENV['AWS_SESSION_TOKEN'],
+          account_id: ENV['AWS_ACCOUNT_ID']
+        )
+        creds.metrics = ['CREDENTIALS_ENV_VARS']
+        creds
       else
         raise Errors::InvalidCredentialSourceError, "Unsupported credential_source: #{credential_source}"
       end
@@ -459,6 +479,16 @@ module Aws
       end
     end
 
+    def login_credentials_from_profile(cfg, profile, region)
+      return unless @parsed_config && (prof_config = cfg[profile]) && prof_config['login_session']
+
+      cfg = { login_session: prof_config['login_session'] }
+      cfg[:region] = region if region
+      creds = LoginCredentials.new(cfg)
+      creds.metrics << 'CREDENTIALS_PROFILE_LOGIN'
+      creds
+    end
+
     def credentials_from_profile(prof_config)
       creds = Credentials.new(
         prof_config['aws_access_key_id'],

data/lib/aws-sdk-core/sso_credentials.rb

@@ -7,7 +7,7 @@ module Aws
   # {Aws::SSOTokenProvider} will be used to refresh the token if possible.
   # This class does NOT implement the SSO login token flow - tokens
   # must generated separately by running `aws login` from the
-  # AWS CLI with the correct profile. The `SSOCredentials` will
+  # AWS CLI with the correct profile. The {SSOCredentials} will
   # auto-refresh the AWS credentials from SSO.
   #
   #     # You must first run aws sso login --profile your-sso-profile

data/lib/aws-sdk-core/static_token_provider.rb

@@ -2,12 +2,11 @@
 
 module Aws
   class StaticTokenProvider
-
     include TokenProvider
 
     # @param [String] token
     # @param [Time] expiration
-    def initialize(token, expiration=nil)
+    def initialize(token, expiration = nil)
       @token = Token.new(token, expiration)
     end
   end

data/lib/aws-sdk-core/token.rb

@@ -3,9 +3,9 @@
 module Aws
   class Token
 
-    # @param [String] token
-    # @param [Time] expiration
-    def initialize(token, expiration=nil)
+    # @param [String, nil] token
+    # @param [Time, nil] expiration
+    def initialize(token, expiration = nil)
       @token = token
       @expiration = expiration
     end

data/lib/aws-sdk-core/token_provider.rb

@@ -6,6 +6,10 @@ module Aws
     # @return [Token]
     attr_reader :token
 
+    # @api private
+    # Returns UserAgent metrics for tokens.
+    attr_accessor :metrics
+
     # @return [Boolean]
     def set?
       !!token && token.set?

data/lib/aws-sdk-core/token_provider_chain.rb

@@ -27,17 +27,13 @@ module Aws
 
     def static_profile_sso_token(options)
       if Aws.shared_config.config_enabled? && options[:config] && options[:config].profile
-        Aws.shared_config.sso_token_from_config(
-          profile: options[:config].profile
-        )
+        Aws.shared_config.sso_token_from_config(profile: options[:config].profile)
       end
     end
 
-
     def sso_token(options)
-      profile_name = determine_profile_name(options)
       if Aws.shared_config.config_enabled?
-        Aws.shared_config.sso_token_from_config(profile: profile_name)
+        Aws.shared_config.sso_token_from_config(profile: determine_profile_name(options))
       end
     rescue Errors::NoSuchProfileError
       nil

data/lib/aws-sdk-core/util.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
-require 'cgi'
+require "cgi/escape"
+require "cgi/util" if RUBY_VERSION < "3.5"
 
 module Aws
   # @api private

data/lib/aws-sdk-core/xml/error_handler.rb

@@ -1,9 +1,11 @@
 # frozen_string_literal: true
 
-require 'cgi'
+require "cgi/escape"
+require "cgi/util" if RUBY_VERSION < "3.5"
 
 module Aws
   module Xml
+    # @api private
     class ErrorHandler < Aws::ErrorHandler
 
       def call(context)

data/lib/aws-sdk-core.rb

@@ -25,6 +25,7 @@ module Aws
   autoload :SharedCredentials, 'aws-sdk-core/shared_credentials'
   autoload :ProcessCredentials, 'aws-sdk-core/process_credentials'
   autoload :SSOCredentials, 'aws-sdk-core/sso_credentials'
+  autoload :LoginCredentials, 'aws-sdk-core/login_credentials'
 
 
   # tokens and token providers
@@ -175,3 +176,6 @@ require_relative 'aws-sdk-sts'
 # aws-sdk-sso is included to support Aws::SSOCredentials
 require_relative 'aws-sdk-sso'
 require_relative 'aws-sdk-ssooidc'
+
+# aws-sdk-signin is included to support Aws::SignInCredentials
+require_relative 'aws-sdk-signin'