aws-sdk-core 3.237.0 → 3.238.0

data/lib/aws-sdk-signin/client_api.rb

@@ -0,0 +1,119 @@
+# frozen_string_literal: true
+
+# WARNING ABOUT GENERATED CODE
+#
+# This file is generated. See the contributing guide for more information:
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
+#
+# WARNING ABOUT GENERATED CODE
+
+
+module Aws::Signin
+  # @api private
+  module ClientApi
+
+    include Seahorse::Model
+
+    AccessDeniedException = Shapes::StructureShape.new(name: 'AccessDeniedException')
+    AccessToken = Shapes::StructureShape.new(name: 'AccessToken')
+    AuthorizationCode = Shapes::StringShape.new(name: 'AuthorizationCode')
+    ClientId = Shapes::StringShape.new(name: 'ClientId')
+    CodeVerifier = Shapes::StringShape.new(name: 'CodeVerifier')
+    CreateOAuth2TokenRequest = Shapes::StructureShape.new(name: 'CreateOAuth2TokenRequest')
+    CreateOAuth2TokenRequestBody = Shapes::StructureShape.new(name: 'CreateOAuth2TokenRequestBody')
+    CreateOAuth2TokenResponse = Shapes::StructureShape.new(name: 'CreateOAuth2TokenResponse')
+    CreateOAuth2TokenResponseBody = Shapes::StructureShape.new(name: 'CreateOAuth2TokenResponseBody')
+    ExpiresIn = Shapes::IntegerShape.new(name: 'ExpiresIn')
+    GrantType = Shapes::StringShape.new(name: 'GrantType')
+    IdToken = Shapes::StringShape.new(name: 'IdToken')
+    InternalServerException = Shapes::StructureShape.new(name: 'InternalServerException')
+    OAuth2ErrorCode = Shapes::StringShape.new(name: 'OAuth2ErrorCode')
+    RedirectUri = Shapes::StringShape.new(name: 'RedirectUri')
+    RefreshToken = Shapes::StringShape.new(name: 'RefreshToken')
+    String = Shapes::StringShape.new(name: 'String')
+    TokenType = Shapes::StringShape.new(name: 'TokenType')
+    TooManyRequestsError = Shapes::StructureShape.new(name: 'TooManyRequestsError')
+    ValidationException = Shapes::StructureShape.new(name: 'ValidationException')
+
+    AccessDeniedException.add_member(:error, Shapes::ShapeRef.new(shape: OAuth2ErrorCode, required: true, location_name: "error"))
+    AccessDeniedException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
+    AccessDeniedException.struct_class = Types::AccessDeniedException
+
+    AccessToken.add_member(:access_key_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "accessKeyId"))
+    AccessToken.add_member(:secret_access_key, Shapes::ShapeRef.new(shape: String, required: true, location_name: "secretAccessKey"))
+    AccessToken.add_member(:session_token, Shapes::ShapeRef.new(shape: String, required: true, location_name: "sessionToken"))
+    AccessToken.struct_class = Types::AccessToken
+
+    CreateOAuth2TokenRequest.add_member(:token_input, Shapes::ShapeRef.new(shape: CreateOAuth2TokenRequestBody, required: true, location_name: "tokenInput"))
+    CreateOAuth2TokenRequest.struct_class = Types::CreateOAuth2TokenRequest
+    CreateOAuth2TokenRequest[:payload] = :token_input
+    CreateOAuth2TokenRequest[:payload_member] = CreateOAuth2TokenRequest.member(:token_input)
+
+    CreateOAuth2TokenRequestBody.add_member(:client_id, Shapes::ShapeRef.new(shape: ClientId, required: true, location_name: "clientId"))
+    CreateOAuth2TokenRequestBody.add_member(:grant_type, Shapes::ShapeRef.new(shape: GrantType, required: true, location_name: "grantType"))
+    CreateOAuth2TokenRequestBody.add_member(:code, Shapes::ShapeRef.new(shape: AuthorizationCode, location_name: "code"))
+    CreateOAuth2TokenRequestBody.add_member(:redirect_uri, Shapes::ShapeRef.new(shape: RedirectUri, location_name: "redirectUri"))
+    CreateOAuth2TokenRequestBody.add_member(:code_verifier, Shapes::ShapeRef.new(shape: CodeVerifier, location_name: "codeVerifier"))
+    CreateOAuth2TokenRequestBody.add_member(:refresh_token, Shapes::ShapeRef.new(shape: RefreshToken, location_name: "refreshToken"))
+    CreateOAuth2TokenRequestBody.struct_class = Types::CreateOAuth2TokenRequestBody
+
+    CreateOAuth2TokenResponse.add_member(:token_output, Shapes::ShapeRef.new(shape: CreateOAuth2TokenResponseBody, required: true, location_name: "tokenOutput"))
+    CreateOAuth2TokenResponse.struct_class = Types::CreateOAuth2TokenResponse
+    CreateOAuth2TokenResponse[:payload] = :token_output
+    CreateOAuth2TokenResponse[:payload_member] = CreateOAuth2TokenResponse.member(:token_output)
+
+    CreateOAuth2TokenResponseBody.add_member(:access_token, Shapes::ShapeRef.new(shape: AccessToken, required: true, location_name: "accessToken"))
+    CreateOAuth2TokenResponseBody.add_member(:token_type, Shapes::ShapeRef.new(shape: TokenType, required: true, location_name: "tokenType"))
+    CreateOAuth2TokenResponseBody.add_member(:expires_in, Shapes::ShapeRef.new(shape: ExpiresIn, required: true, location_name: "expiresIn"))
+    CreateOAuth2TokenResponseBody.add_member(:refresh_token, Shapes::ShapeRef.new(shape: RefreshToken, required: true, location_name: "refreshToken"))
+    CreateOAuth2TokenResponseBody.add_member(:id_token, Shapes::ShapeRef.new(shape: IdToken, location_name: "idToken"))
+    CreateOAuth2TokenResponseBody.struct_class = Types::CreateOAuth2TokenResponseBody
+
+    InternalServerException.add_member(:error, Shapes::ShapeRef.new(shape: OAuth2ErrorCode, required: true, location_name: "error"))
+    InternalServerException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
+    InternalServerException.struct_class = Types::InternalServerException
+
+    TooManyRequestsError.add_member(:error, Shapes::ShapeRef.new(shape: OAuth2ErrorCode, required: true, location_name: "error"))
+    TooManyRequestsError.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
+    TooManyRequestsError.struct_class = Types::TooManyRequestsError
+
+    ValidationException.add_member(:error, Shapes::ShapeRef.new(shape: OAuth2ErrorCode, required: true, location_name: "error"))
+    ValidationException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
+    ValidationException.struct_class = Types::ValidationException
+
+
+    # @api private
+    API = Seahorse::Model::Api.new.tap do |api|
+
+      api.version = "2023-01-01"
+
+      api.metadata = {
+        "apiVersion" => "2023-01-01",
+        "auth" => ["aws.auth#sigv4"],
+        "endpointPrefix" => "signin",
+        "protocol" => "rest-json",
+        "protocols" => ["rest-json"],
+        "serviceFullName" => "AWS Sign-In Service",
+        "serviceId" => "Signin",
+        "signatureVersion" => "v4",
+        "signingName" => "signin",
+        "uid" => "signin-2023-01-01",
+      }
+
+      api.add_operation(:create_o_auth_2_token, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "CreateOAuth2Token"
+        o.http_method = "POST"
+        o.http_request_uri = "/v1/token"
+        o['authtype'] = "none"
+        o['auth'] = ["smithy.api#noAuth"]
+        o.input = Shapes::ShapeRef.new(shape: CreateOAuth2TokenRequest)
+        o.output = Shapes::ShapeRef.new(shape: CreateOAuth2TokenResponse)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsError)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+      end)
+    end
+
+  end
+end

data/lib/aws-sdk-signin/customizations.rb

@@ -0,0 +1 @@
+# frozen_string_literal: true

data/lib/aws-sdk-signin/endpoint_parameters.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+# WARNING ABOUT GENERATED CODE
+#
+# This file is generated. See the contributing guide for more information:
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
+#
+# WARNING ABOUT GENERATED CODE
+
+module Aws::Signin
+  # Endpoint parameters used to influence endpoints per request.
+  #
+  # @!attribute use_dual_stack
+  #   When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.
+  #
+  #   @return [boolean]
+  #
+  # @!attribute use_fips
+  #   When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.
+  #
+  #   @return [boolean]
+  #
+  # @!attribute endpoint
+  #   Override the endpoint used to send this request
+  #
+  #   @return [string]
+  #
+  # @!attribute region
+  #   The AWS region used to dispatch the request.
+  #
+  #   @return [string]
+  #
+  EndpointParameters = Struct.new(
+    :use_dual_stack,
+    :use_fips,
+    :endpoint,
+    :region,
+  ) do
+    include Aws::Structure
+
+    # @api private
+    class << self
+      PARAM_MAP = {
+        'UseDualStack' => :use_dual_stack,
+        'UseFIPS' => :use_fips,
+        'Endpoint' => :endpoint,
+        'Region' => :region,
+      }.freeze
+    end
+
+    def initialize(options = {})
+      self[:use_dual_stack] = options[:use_dual_stack]
+      self[:use_dual_stack] = false if self[:use_dual_stack].nil?
+      self[:use_fips] = options[:use_fips]
+      self[:use_fips] = false if self[:use_fips].nil?
+      self[:endpoint] = options[:endpoint]
+      self[:region] = options[:region]
+    end
+
+    def self.create(config, options={})
+      new({
+        use_dual_stack: config.use_dualstack_endpoint,
+        use_fips: config.use_fips_endpoint,
+        endpoint: (config.endpoint.to_s unless config.regional_endpoint),
+        region: config.region,
+      }.merge(options))
+    end
+  end
+end

data/lib/aws-sdk-signin/endpoint_provider.rb

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+
+# WARNING ABOUT GENERATED CODE
+#
+# This file is generated. See the contributing guide for more information:
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
+#
+# WARNING ABOUT GENERATED CODE
+
+module Aws::Signin
+  class EndpointProvider
+    def resolve_endpoint(parameters)
+      if Aws::Endpoints::Matchers.set?(parameters.endpoint)
+        if Aws::Endpoints::Matchers.boolean_equals?(parameters.use_fips, true)
+          raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
+        end
+        if Aws::Endpoints::Matchers.boolean_equals?(parameters.use_dual_stack, true)
+          raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
+        end
+        return Aws::Endpoints::Endpoint.new(url: parameters.endpoint, headers: {}, properties: {})
+      end
+      if Aws::Endpoints::Matchers.set?(parameters.region)
+        if (partition_result = Aws::Endpoints::Matchers.aws_partition(parameters.region))
+          if Aws::Endpoints::Matchers.string_equals?(Aws::Endpoints::Matchers.attr(partition_result, "name"), "aws") && Aws::Endpoints::Matchers.boolean_equals?(parameters.use_fips, false) && Aws::Endpoints::Matchers.boolean_equals?(parameters.use_dual_stack, false)
+            return Aws::Endpoints::Endpoint.new(url: "https://#{parameters.region}.signin.aws.amazon.com", headers: {}, properties: {})
+          end
+          if Aws::Endpoints::Matchers.string_equals?(Aws::Endpoints::Matchers.attr(partition_result, "name"), "aws-cn") && Aws::Endpoints::Matchers.boolean_equals?(parameters.use_fips, false) && Aws::Endpoints::Matchers.boolean_equals?(parameters.use_dual_stack, false)
+            return Aws::Endpoints::Endpoint.new(url: "https://#{parameters.region}.signin.amazonaws.cn", headers: {}, properties: {})
+          end
+          if Aws::Endpoints::Matchers.string_equals?(Aws::Endpoints::Matchers.attr(partition_result, "name"), "aws-us-gov") && Aws::Endpoints::Matchers.boolean_equals?(parameters.use_fips, false) && Aws::Endpoints::Matchers.boolean_equals?(parameters.use_dual_stack, false)
+            return Aws::Endpoints::Endpoint.new(url: "https://#{parameters.region}.signin.amazonaws-us-gov.com", headers: {}, properties: {})
+          end
+          if Aws::Endpoints::Matchers.boolean_equals?(parameters.use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(parameters.use_dual_stack, true)
+            if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
+              return Aws::Endpoints::Endpoint.new(url: "https://signin-fips.#{parameters.region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
+            end
+            raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
+          end
+          if Aws::Endpoints::Matchers.boolean_equals?(parameters.use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(parameters.use_dual_stack, false)
+            if Aws::Endpoints::Matchers.boolean_equals?(Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"), true)
+              return Aws::Endpoints::Endpoint.new(url: "https://signin-fips.#{parameters.region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
+            end
+            raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
+          end
+          if Aws::Endpoints::Matchers.boolean_equals?(parameters.use_fips, false) && Aws::Endpoints::Matchers.boolean_equals?(parameters.use_dual_stack, true)
+            if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
+              return Aws::Endpoints::Endpoint.new(url: "https://signin.#{parameters.region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
+            end
+            raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
+          end
+          return Aws::Endpoints::Endpoint.new(url: "https://signin.#{parameters.region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
+        end
+      end
+      raise ArgumentError, "Invalid Configuration: Missing Region"
+      raise ArgumentError, 'No endpoint could be resolved'
+
+    end
+  end
+end

data/lib/aws-sdk-signin/endpoints.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+# WARNING ABOUT GENERATED CODE
+#
+# This file is generated. See the contributing guide for more information:
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
+#
+# WARNING ABOUT GENERATED CODE
+
+
+module Aws::Signin
+  # @api private
+  module Endpoints
+
+
+    def self.parameters_for_operation(context)
+      Aws::Signin::EndpointParameters.create(context.config)
+    end
+  end
+end

data/lib/aws-sdk-signin/errors.rb

@@ -0,0 +1,122 @@
+# frozen_string_literal: true
+
+# WARNING ABOUT GENERATED CODE
+#
+# This file is generated. See the contributing guide for more information:
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
+#
+# WARNING ABOUT GENERATED CODE
+
+module Aws::Signin
+
+  # When Signin returns an error response, the Ruby SDK constructs and raises an error.
+  # These errors all extend Aws::Signin::Errors::ServiceError < {Aws::Errors::ServiceError}
+  #
+  # You can rescue all Signin errors using ServiceError:
+  #
+  #     begin
+  #       # do stuff
+  #     rescue Aws::Signin::Errors::ServiceError
+  #       # rescues all Signin API errors
+  #     end
+  #
+  #
+  # ## Request Context
+  # ServiceError objects have a {Aws::Errors::ServiceError#context #context} method that returns
+  # information about the request that generated the error.
+  # See {Seahorse::Client::RequestContext} for more information.
+  #
+  # ## Error Classes
+  # * {AccessDeniedException}
+  # * {InternalServerException}
+  # * {TooManyRequestsError}
+  # * {ValidationException}
+  #
+  # Additionally, error classes are dynamically generated for service errors based on the error code
+  # if they are not defined above.
+  module Errors
+
+    extend Aws::Errors::DynamicErrors
+
+    class AccessDeniedException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::Signin::Types::AccessDeniedException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def error
+        @data[:error]
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+
+    class InternalServerException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::Signin::Types::InternalServerException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def error
+        @data[:error]
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+
+    class TooManyRequestsError < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::Signin::Types::TooManyRequestsError] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def error
+        @data[:error]
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+
+    class ValidationException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::Signin::Types::ValidationException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def error
+        @data[:error]
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+
+  end
+end

data/lib/aws-sdk-signin/plugins/endpoints.rb

@@ -0,0 +1,77 @@
+# frozen_string_literal: true
+
+# WARNING ABOUT GENERATED CODE
+#
+# This file is generated. See the contributing guide for more information:
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
+#
+# WARNING ABOUT GENERATED CODE
+
+
+module Aws::Signin
+  module Plugins
+    class Endpoints < Seahorse::Client::Plugin
+      option(
+        :endpoint_provider,
+        doc_type: 'Aws::Signin::EndpointProvider',
+        rbs_type: 'untyped',
+        docstring: <<~DOCS) do |_cfg|
+The endpoint provider used to resolve endpoints. Any object that responds to
+`#resolve_endpoint(parameters)` where `parameters` is a Struct similar to
+`Aws::Signin::EndpointParameters`.
+        DOCS
+        Aws::Signin::EndpointProvider.new
+      end
+
+      # @api private
+      class Handler < Seahorse::Client::Handler
+        def call(context)
+          unless context[:discovered_endpoint]
+            params = Aws::Signin::Endpoints.parameters_for_operation(context)
+            endpoint = context.config.endpoint_provider.resolve_endpoint(params)
+
+            context.http_request.endpoint = endpoint.url
+            apply_endpoint_headers(context, endpoint.headers)
+
+            context[:endpoint_params] = params
+            context[:endpoint_properties] = endpoint.properties
+          end
+
+          context[:auth_scheme] =
+            Aws::Endpoints.resolve_auth_scheme(context, endpoint)
+
+          with_metrics(context) { @handler.call(context) }
+        end
+
+        private
+
+        def with_metrics(context, &block)
+          metrics = []
+          metrics << 'ENDPOINT_OVERRIDE' unless context.config.regional_endpoint
+          if context[:auth_scheme] && context[:auth_scheme]['name'] == 'sigv4a'
+            metrics << 'SIGV4A_SIGNING'
+          end
+          if context.config.credentials&.credentials&.account_id
+            metrics << 'RESOLVED_ACCOUNT_ID'
+          end
+          Aws::Plugins::UserAgent.metric(*metrics, &block)
+        end
+
+        def apply_endpoint_headers(context, headers)
+          headers.each do |key, values|
+            value = values
+              .compact
+              .map { |s| Seahorse::Util.escape_header_list_string(s.to_s) }
+              .join(',')
+
+            context.http_request.headers[key] = value
+          end
+        end
+      end
+
+      def add_handlers(handlers, _config)
+        handlers.add(Handler, step: :build, priority: 75)
+      end
+    end
+  end
+end

data/lib/aws-sdk-signin/resource.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+# WARNING ABOUT GENERATED CODE
+#
+# This file is generated. See the contributing guide for more information:
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
+#
+# WARNING ABOUT GENERATED CODE
+
+module Aws::Signin
+
+  class Resource
+
+    # @param options ({})
+    # @option options [Client] :client
+    def initialize(options = {})
+      @client = options[:client] || Client.new(options)
+    end
+
+    # @return [Client]
+    def client
+      @client
+    end
+
+  end
+end