aws-sdk-core 3.46.0 → 3.94.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: '07981dd66469419b8a696976a3480b057bb549fc'
-  data.tar.gz: 5c47e2968db2b7f30fe2537f990b99df50545748
+SHA256:
+  metadata.gz: 013be14c50cd2f84bc8db92fbcc838368de7424782da617a63e5ded5ad9b132c
+  data.tar.gz: 6f64cca7a945df5caf0f074e93860de149ac1f4ecb4d3d5c4d37ab785828165f
 SHA512:
-  metadata.gz: a936a13aaa38a2a109cc12d1600b8959caf23ee99e0b8e462fd5f4d77fffb4d2653825f239abe7a592cc01e99806d949f8944d36c4f430c40cdef562853899f8
-  data.tar.gz: 93de2d3552449fee2c2ec52a247234489a849a3b9c2cfa23d7add8455ad8235af5acbabec1c5148ed78fb953c84cee3afa59a5150017da74781a472c99673da6
+  metadata.gz: f587d229ac78de946e51d724026979c92daf3252f1e6fe0931f9e52e469ee75618ba25d87186757358c0826df6c891974760ec6cab2a03df8a089955b7856a3f
+  data.tar.gz: 55ce6c601c093dccd8487b9e28834300c2851c8b31a0149385aa15052b6acdec0d79ed155f868cd1e13bfbaeaa5d4316a13c0fde928625fd089ee2d3ab493edf

data/VERSION

@@ -1 +1 @@
-3.46.0
+3.94.0

data/lib/aws-sdk-core.rb

@@ -9,6 +9,7 @@ require_relative 'aws-sdk-core/deprecations'
 require_relative 'aws-sdk-core/credential_provider'
 require_relative 'aws-sdk-core/refreshing_credentials'
 require_relative 'aws-sdk-core/assume_role_credentials'
+require_relative 'aws-sdk-core/assume_role_web_identity_credentials'
 require_relative 'aws-sdk-core/credentials'
 require_relative 'aws-sdk-core/credential_provider_chain'
 require_relative 'aws-sdk-core/ecs_credentials'
@@ -19,6 +20,7 @@ require_relative 'aws-sdk-core/process_credentials'
 # client modules
 
 require_relative 'aws-sdk-core/client_stubs'
+require_relative 'aws-sdk-core/async_client_stubs'
 require_relative 'aws-sdk-core/eager_loader'
 require_relative 'aws-sdk-core/errors'
 require_relative 'aws-sdk-core/pageable_response'
@@ -77,6 +79,11 @@ require_relative 'aws-sdk-core/endpoint_cache'
 require_relative 'aws-sdk-core/client_side_monitoring/request_metrics'
 require_relative 'aws-sdk-core/client_side_monitoring/publisher'
 
+# arn
+
+require_relative 'aws-sdk-core/arn'
+require_relative 'aws-sdk-core/arn_parser'
+
 # aws-sdk-sts is vendored to support Aws::AssumeRoleCredentials
 
 require 'aws-sdk-sts'

data/lib/aws-sdk-core/arn.rb

@@ -0,0 +1,77 @@
+module Aws
+  # Create and provide access to components of Amazon Resource Names (ARN).
+  #
+  # You can create an ARN and access it's components like the following:
+  #
+  #   arn = Aws::ARN.new(
+  #     partition: 'aws',
+  #     service: 's3',
+  #     region: 'us-west-2',
+  #     account_id: '12345678910',
+  #     resource: 'foo/bar'
+  #   )
+  #   # => #<Aws::ARN ...>
+  #
+  #   arn.to_s
+  #   # => "arn:aws:s3:us-west-2:12345678910:foo/bar"
+  #
+  #   arn.partition
+  #   # => 'aws'
+  #   arn.service
+  #   # => 's3'
+  #   arn.resource
+  #   # => foo/bar
+  #
+  #   # Note: parser available for parsing resource details
+  #   @see Aws::ARNParser#parse_resource
+  #
+  # @see https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-arns
+  class ARN
+
+    # @param [Hash] options
+    # @option options [String] :partition
+    # @option options [String] :service
+    # @option options [String] :region
+    # @option options [String] :account_id
+    # @option options [String] :resource
+    def initialize(options = {})
+      @partition = options[:partition]
+      @service = options[:service]
+      @region = options[:region]
+      @account_id = options[:account_id]
+      @resource = options[:resource]
+    end
+
+    # @return [String]
+    attr_reader :partition
+
+    # @return [String]
+    attr_reader :service
+
+    # @return [String]
+    attr_reader :region
+
+    # @return [String]
+    attr_reader :account_id
+
+    # @return [String]
+    attr_reader :resource
+
+    # Validates ARN contains non-empty required components.
+    # Region and account_id can be optional.
+    #
+    # @return [Boolean]
+    def valid?
+      !partition.nil? && !partition.empty? &&
+        !service.nil? && !service.empty? &&
+        !resource.nil? && !resource.empty?
+    end
+
+    # Return the ARN format in string
+    #
+    # @return [String]
+    def to_s
+      "arn:#{partition}:#{service}:#{region}:#{account_id}:#{resource}"
+    end
+  end
+end

data/lib/aws-sdk-core/arn_parser.rb

@@ -0,0 +1,38 @@
+module Aws
+  module ARNParser
+    # Parse a string with an ARN format into an {Aws::ARN} object.
+    # `InvalidARNError` would be raised when encountering a parsing error or the
+    # ARN object contains invalid components (nil/empty).
+    #
+    # @param [String] arn_str
+    #
+    # @return [Aws::ARN]
+    # @see https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-arns
+    def self.parse(arn_str)
+      parts = arn_str.nil? ? [] : arn_str.split(':', 6)
+      raise Aws::Errors::InvalidARNError if parts.size < 6
+
+      # part[0] is "arn"
+      arn = ARN.new(
+        partition: parts[1],
+        service: parts[2],
+        region: parts[3],
+        account_id: parts[4],
+        resource: parts[5]
+      )
+      raise Aws::Errors::InvalidARNError unless arn.valid?
+
+      arn
+    end
+
+    # Checks whether a String could be a ARN or not. An ARN starts with 'arn:'
+    # and has at least 6 segments separated by a colon (:).
+    #
+    # @param [String] str
+    #
+    # @return [Boolean]
+    def self.arn?(str)
+      !str.nil? && str.start_with?('arn:') && str.scan(/:/).length >= 5
+    end
+  end
+end

data/lib/aws-sdk-core/assume_role_web_identity_credentials.rb

@@ -0,0 +1,102 @@
+require 'set'
+require 'securerandom'
+require 'base64'
+
+module Aws
+
+  # An auto-refreshing credential provider that works by assuming
+  # a role via {Aws::STS::Client#assume_role_with_web_identity}.
+  #
+  #     role_credentials = Aws::AssumeRoleWebIdentityCredentials.new(
+  #       client: Aws::STS::Client.new(...),
+  #       role_arn: "linked::account::arn",
+  #       web_identity_token_file: "/path/to/token/file",
+  #       role_session_name: "session-name"
+  #       ...
+  #     )
+  #     For full list of parameters accepted
+  #     @see Aws::STS::Client#assume_role_with_web_identity 
+  #
+  #
+  # If you omit `:client` option, a new {STS::Client} object will be
+  # constructed.
+  class AssumeRoleWebIdentityCredentials
+
+    include CredentialProvider
+    include RefreshingCredentials
+
+    # @param [Hash] options
+    # @option options [required, String] :role_arn the IAM role
+    #   to be assumed
+    #
+    # @option options [required, String] :web_identity_token_file
+    #   absolute path to the file on disk containing OIDC token
+    #
+    # @option options [String] :role_session_name the IAM session
+    #   name used to distinguish session, when not provided, base64
+    #   encoded UUID is generated as the session name
+    #
+    # @option options [STS::Client] :client
+    def initialize(options = {})
+      client_opts = {}
+      @assume_role_web_identity_params = {}
+      @token_file = options.delete(:web_identity_token_file)
+      options.each_pair do |key, value|
+        if self.class.assume_role_web_identity_options.include?(key)
+          @assume_role_web_identity_params[key] = value
+        else
+          client_opts[key] = value
+        end
+      end
+
+      unless @assume_role_web_identity_params[:role_session_name]
+        # not provided, generate encoded UUID as session name
+        @assume_role_web_identity_params[:role_session_name] = _session_name
+      end
+      @client = client_opts[:client] || STS::Client.new(client_opts.merge(credentials: false))
+      super
+    end
+
+    # @return [STS::Client]
+    attr_reader :client
+
+    private
+
+    def refresh
+      # read from token file everytime it refreshes
+      @assume_role_web_identity_params[:web_identity_token] = _token_from_file(@token_file)
+
+      c = @client.assume_role_with_web_identity(
+        @assume_role_web_identity_params).credentials
+      @credentials = Credentials.new(
+        c.access_key_id,
+        c.secret_access_key,
+        c.session_token
+      )
+      @expiration = c.expiration
+    end
+
+    def _token_from_file(path)
+      unless path && File.exist?(path)
+        raise Aws::Errors::MissingWebIdentityTokenFile.new
+      end
+      File.read(path)
+    end
+
+    def _session_name
+      Base64.strict_encode64(SecureRandom.uuid)
+    end
+
+    class << self
+
+      # @api private
+      def assume_role_web_identity_options
+        @arwio ||= begin
+          input = STS::Client.api.operation(:assume_role_with_web_identity).input
+          Set.new(input.shape.member_names)
+        end
+      end
+
+    end
+  end
+end

data/lib/aws-sdk-core/async_client_stubs.rb

@@ -0,0 +1,80 @@
+module Aws
+  module AsyncClientStubs 
+
+    include Aws::ClientStubs
+
+    # @api private
+    def setup_stubbing
+      @stubs = {}
+      @stub_mutex = Mutex.new
+      if Hash === @config.stub_responses
+        @config.stub_responses.each do |operation_name, stubs|
+          apply_stubs(operation_name, Array === stubs ? stubs : [stubs])
+        end
+      end
+
+      # When a client is stubbed allow the user to access the requests made
+      @api_requests = []
+
+      # allow to access signaled events when client is stubbed
+      @send_events = []
+
+      requests = @api_requests
+      send_events = @send_events
+
+      self.handle do |context|
+        if input_stream = context[:input_event_stream_handler]
+          stub_stream = StubStream.new
+          stub_stream.send_events = send_events
+          input_stream.event_emitter.stream = stub_stream 
+          input_stream.event_emitter.validate_event = context.config.validate_params
+        end
+        requests << {
+          operation_name: context.operation_name,
+          params: context.params,
+          context: context
+        }
+        @handler.call(context)
+      end
+    end
+
+    def send_events
+      if config.stub_responses
+        @send_events
+      else
+        msg = 'This method is only implemented for stubbed clients, and is '
+        msg << 'available when you enable stubbing in the constructor with `stub_responses: true`'
+        raise NotImplementedError.new(msg)
+      end
+    end
+
+    class StubStream
+
+      def initialize
+        @state = :open
+      end
+
+      attr_accessor :send_events
+
+      attr_reader :state
+
+      def data(bytes, options = {})
+        if options[:end_stream]
+          @state = :closed
+        else
+          decoder = Aws::EventStream::Decoder.new
+          event = decoder.decode_chunk(bytes).first
+          @send_events << decoder.decode_chunk(event.payload.read).first
+        end
+      end
+
+      def closed?
+        @state == :closed
+      end
+
+      def close
+        @state = :closed
+      end
+    end
+  end
+end

data/lib/aws-sdk-core/binary.rb

@@ -1,3 +1,6 @@
 require_relative 'binary/decode_handler'
+require_relative 'binary/encode_handler'
 require_relative 'binary/event_stream_decoder'
+require_relative 'binary/event_stream_encoder'
+require_relative 'binary/event_builder'
 require_relative 'binary/event_parser'

data/lib/aws-sdk-core/binary/decode_handler.rb

@@ -23,11 +23,19 @@ module Aws
 
         context.http_response.on_headers(200) do
           protocol = context.config.api.metadata['protocol']
+          output_handler = context[:output_event_stream_handler] || context[:event_stream_handler]
           context.http_response.body = EventStreamDecoder.new(
             protocol,
             rules,
+            context.operation.output,
+            context.operation.errors,
             context.http_response.body,
-            context[:event_stream_handler])
+            output_handler)
+          if input_emitter = context[:input_event_emitter]
+            # #emit will be blocked until 200 success
+            # see Aws::EventEmitter#emit
+            input_emitter.signal_queue << "ready"
+          end
         end
 
         context.http_response.on_success(200) do

data/lib/aws-sdk-core/binary/encode_handler.rb

@@ -0,0 +1,32 @@
+module Aws
+  module Binary
+
+    # @api private
+    class EncodeHandler < Seahorse::Client::Handler
+
+      def call(context)
+        if eventstream_member = eventstream_input?(context)
+          input_es_handler = context[:input_event_stream_handler]
+          input_es_handler.event_emitter.encoder = EventStreamEncoder.new(
+            context.config.api.metadata['protocol'],
+            eventstream_member,
+            context.operation.input,
+            context.config.sigv4_signer
+          )
+          context[:input_event_emitter] = input_es_handler.event_emitter
+        end
+        @handler.call(context)
+      end
+
+      private
+
+      def eventstream_input?(ctx)
+        ctx.operation.input.shape.members.each do |_, ref|
+          return ref if ref.eventstream
+        end
+      end
+
+    end
+
+  end
+end

data/lib/aws-sdk-core/binary/event_builder.rb

@@ -0,0 +1,122 @@
+module Aws
+  module Binary
+    # @api private
+    class EventBuilder
+
+      include Seahorse::Model::Shapes
+
+      # @param [Class] serializer_class
+      # @param [Seahorse::Model::ShapeRef] rules (of eventstream member)
+      def initialize(serializer_class, rules)
+        @serializer_class = serializer_class
+        @rules = rules
+      end
+
+      def apply(event_type, params)
+        event_ref = @rules.shape.member(event_type)
+        _event_stream_message(event_ref, params)
+      end
+
+      private
+
+      def _event_stream_message(event_ref, params)
+        es_headers = {}
+        payload = ""
+
+        es_headers[":message-type"] = Aws::EventStream::HeaderValue.new(
+          type: "string", value: "event")
+        es_headers[":event-type"] = Aws::EventStream::HeaderValue.new(
+          type: "string", value: event_ref.location_name)
+
+        explicit_payload = false
+        implicit_payload_members = {}
+        event_ref.shape.members.each do |member_name, member_ref|
+          unless member_ref.eventheader
+            if member_ref.eventpayload
+              explicit_payload = true
+            else
+              implicit_payload_members[member_name] = member_ref
+            end
+          end
+        end
+
+        # implict payload
+        if !explicit_payload && !implicit_payload_members.empty?
+          if implicit_payload_members.size > 1
+            payload_shape = Shapes::StructureShape.new
+            implicit_payload_members.each do |m_name, m_ref|
+              payload_shape.add_member(m_name, m_ref)
+            end
+            payload_ref = Shapes::ShapeRef.new(shape: payload_shape)
+
+            payload = build_payload_members(payload_ref, params)
+          else
+            m_name, m_ref = implicit_payload_members.first
+            streaming, content_type = _content_type(m_ref.shape)
+
+            es_headers[":content-type"] = Aws::EventStream::HeaderValue.new(
+              type: "string", value: content_type)
+            payload = _build_payload(streaming, m_ref, params[m_name])
+          end
+        end
+
+
+        event_ref.shape.members.each do |member_name, member_ref|
+          if member_ref.eventheader && params[member_name]
+            header_value = params[member_name]
+            es_headers[member_ref.shape.name] = Aws::EventStream::HeaderValue.new(
+              type: _header_value_type(member_ref.shape, header_value),
+              value: header_value
+            )
+          elsif member_ref.eventpayload && params[member_name]
+            # explicit payload
+            streaming, content_type = _content_type(member_ref.shape)
+
+            es_headers[":content-type"] = Aws::EventStream::HeaderValue.new(
+              type: "string", value: content_type)
+            payload = _build_payload(streaming, member_ref, params[member_name])
+          end
+        end
+
+        Aws::EventStream::Message.new(
+          headers: es_headers,
+          payload: StringIO.new(payload)
+        )
+      end
+
+      def _content_type(shape)
+        case shape
+        when BlobShape then [true, "application/octet-stream"]
+        when StringShape then [true, "text/plain"]
+        when StructureShape then
+          if @serializer_class.name.include?('Xml')
+            [false, "text/xml"]
+          elsif @serializer_class.name.include?('Json')
+            [false, "application/json"]
+          end
+        else
+          raise Aws::Errors::EventStreamBuilderError.new(
+            "Unsupport eventpayload shape: #{shape.name}")
+        end
+      end
+
+      def _header_value_type(shape, value)
+        case shape
+        when StringShape then "string"
+        when IntegerShape then "integer"
+        when TimestampShape then "timestamp"
+        when BlobShape then "bytes"
+        when BooleanShape then !!value ? "bool_true" : "bool_false"
+        else
+          raise Aws::Errors::EventStreamBuilderError.new(
+            "Unsupported eventheader shape: #{shape.name}")
+        end
+      end
+
+      def _build_payload(streaming, ref, value)
+        streaming ? value : @serializer_class.new(ref).serialize(value)
+      end
+
+    end
+  end
+end