aws-sdk-core 3.46.0 → 3.94.0

data/lib/aws-sdk-core/binary/event_parser.rb

@@ -6,10 +6,14 @@ module Aws
       include Seahorse::Model::Shapes
 
       # @param [Class] parser_class
-      # @param [Seahorse::Model::ShapeRef] rules
-      def initialize(parser_class, rules)
+      # @param [Seahorse::Model::ShapeRef] rules (of eventstream member)
+      # @param [Array] error_refs array of errors ShapeRef
+      # @param [Seahorse::Model::ShapeRef] output_ref
+      def initialize(parser_class, rules, error_refs, output_ref)
         @parser_class = parser_class
         @rules = rules
+        @error_refs = error_refs
+        @output_ref = output_ref
       end
 
       # Parse raw event message into event struct
@@ -31,9 +35,7 @@ module Aws
           when 'event'
             parse_event(raw_event)
           when 'exception'
-            # Pending
-            raise Aws::Errors::EventStreamParserError.new(
-              ':exception event parsing is not supported')
+            parse_exception(raw_event)
           else
             raise Aws::Errors::EventStreamParserError.new(
               'Unrecognized :message-type value for the event')
@@ -44,6 +46,15 @@ module Aws
         end
       end
 
+      def parse_exception(raw_event)
+        exception_type = raw_event.headers.delete(":exception-type").value
+        name, ref = @rules.shape.member_by_location_name(exception_type)
+        # exception lives in payload implictly
+        exception = parse_payload(raw_event.payload.read, ref)
+        exception.event_type = name
+        exception
+      end
+
       def parse_error_event(raw_event)
         error_code = raw_event.headers.delete(":error-code")
         error_message = raw_event.headers.delete(":error-message")
@@ -58,35 +69,54 @@ module Aws
         event_type = raw_event.headers.delete(":event-type").value
         # content_type = raw_event.headers.delete(":content-type").value
 
-        # Pending
         if event_type == 'initial-response'
-          raise Aws::Errors::EventStreamParserError.new(
-            'non eventstream member at response is not supported yet'
-          )
+          event = Struct.new(:event_type, :response).new
+          event.event_type = :initial_response
+          event.response = parse_payload(raw_event.payload.read, @output_ref)
+          return event
         end
 
         # locate event from eventstream
         name, ref = @rules.shape.member_by_location_name(event_type)
-        raise "Non event member found at eventstream" unless ref.event
+        unless ref.event
+          raise Aws::Errors::EventStreamParserError.new(
+            "Failed to locate event shape for the event")
+        end
 
         event = ref.shape.struct_class.new
+
+        explicit_payload = false
+        implicit_payload_members = {}
+        ref.shape.members.each do |member_name, member_ref|
+          unless member_ref.eventheader
+            if member_ref.eventpayload
+              explicit_payload = true
+            else
+              implicit_payload_members[member_name] = member_ref
+            end
+          end
+        end
+
+        # implicit payload
+        if !explicit_payload && !implicit_payload_members.empty?
+          event = parse_payload(raw_event.payload.read, ref)
+        end
         event.event_type = name
+
         # locate payload and headers in the event
         ref.shape.members.each do |member_name, member_ref|
-          if member_ref.eventpayload
-            eventpayload_streaming?(member_ref) ?
-             event.send("#{member_name}=", raw_event.payload) :
-             event.send("#{member_name}=", parse_payload(raw_event.payload.read, member_ref))
-          elsif member_ref.eventheader
+          if member_ref.eventheader
             # allow incomplete event members in response
             if raw_event.headers.key?(member_ref.location_name)
               event.send("#{member_name}=", raw_event.headers[member_ref.location_name].value)
             end
-          else
-            raise "Non eventpayload or eventheader member found at event"
+          elsif member_ref.eventpayload
+            # explicit payload
+            eventpayload_streaming?(member_ref) ?
+             event.send("#{member_name}=", raw_event.payload) :
+             event.send("#{member_name}=", parse_payload(raw_event.payload.read, member_ref))
           end
         end
-
         event
       end
 

data/lib/aws-sdk-core/binary/event_stream_decoder.rb

@@ -7,11 +7,13 @@ module Aws
 
       # @param [String] protocol
       # @param [ShapeRef] rules ShapeRef of the eventstream member
+      # @param [ShapeRef] output_ref ShapeRef of output shape
+      # @param [Array] error_refs array of ShapeRefs for errors
       # @param [EventStream|nil] event_stream_handler A Service EventStream object
       # that registered with callbacks for processing events when they arrive
-      def initialize(protocol, rules, io, event_stream_handler = nil)
+      def initialize(protocol, rules, output_ref, error_refs, io, event_stream_handler = nil)
         @decoder = Aws::EventStream::Decoder.new
-        @event_parser = EventParser.new(parser_class(protocol), rules)
+        @event_parser = EventParser.new(parser_class(protocol), rules, error_refs, output_ref)
         @stream_class = extract_stream_class(rules.shape.struct_class)
         @emitter = event_stream_handler.event_emitter
         @events = []
@@ -42,6 +44,7 @@ module Aws
         case protocol
         when 'rest-xml' then Aws::Xml::Parser
         when 'rest-json' then Aws::Json::Parser
+        when 'json' then Aws::Json::Parser
         else raise "unsupported protocol #{protocol} for event stream"
         end
       end

data/lib/aws-sdk-core/binary/event_stream_encoder.rb

@@ -0,0 +1,53 @@
+require 'aws-eventstream'
+
+module Aws
+  module Binary
+    # @api private
+    class EventStreamEncoder
+
+      # @param [String] protocol
+      # @param [ShapeRef] rules ShapeRef of the eventstream member
+      # @param [ShapeRef] input_ref ShapeRef of the input shape
+      # @param [Aws::Sigv4::Signer] signer
+      def initialize(protocol, rules, input_ref, signer)
+        @encoder = Aws::EventStream::Encoder.new
+        @event_builder = EventBuilder.new(serializer_class(protocol), rules)
+        @input_ref = input_ref
+        @rules = rules
+        @signer = signer
+        @prior_signature = nil
+      end
+
+      attr_reader :rules
+
+      attr_accessor :prior_signature
+
+      def encode(event_type, params)
+        if event_type == :end_stream
+          payload = ''
+        else
+          payload = @encoder.encode(@event_builder.apply(event_type, params))
+        end
+        headers, signature = @signer.sign_event(@prior_signature, payload, @encoder)
+        @prior_signature = signature
+        message = Aws::EventStream::Message.new(
+          headers: headers,
+          payload: StringIO.new(payload)
+        )
+        @encoder.encode(message)
+      end
+
+      private
+
+      def serializer_class(protocol)
+        case protocol
+        when 'rest-xml' then Xml::Builder
+        when 'rest-json' then Json::Builder
+        when 'json' then Json::Builder
+        else raise "unsupported protocol #{protocol} for event stream"
+        end
+      end
+
+    end
+  end
+end

data/lib/aws-sdk-core/client_side_monitoring/publisher.rb

@@ -6,8 +6,10 @@ module Aws
     # @api private
     class Publisher
       attr_reader :agent_port
+      attr_reader :agent_host
 
       def initialize(opts = {})
+        @agent_host = opts[:agent_host] || "127.0.0.1"
         @agent_port = opts[:agent_port]
         @mutex = Mutex.new
       end
@@ -18,6 +20,12 @@ module Aws
         end
       end
 
+      def agent_host=(value)
+        @mutex.synchronize do
+          @agent_host = value
+        end
+      end
+
       def publish(request_metrics)
         send_datagram(request_metrics.api_call.to_json)
         request_metrics.api_call_attempts.each do |attempt|
@@ -29,7 +37,7 @@ module Aws
         if @agent_port
           socket = UDPSocket.new
           begin
-            socket.connect("127.0.0.1", @agent_port)
+            socket.connect(@agent_host, @agent_port)
             socket.send(msg, 0)
           rescue Errno::ECONNREFUSED
             # Drop on the floor

data/lib/aws-sdk-core/client_stubs.rb

@@ -171,7 +171,6 @@ module Aws
     # @raise [RuntimeError] Raises a runtime error when called
     #   on a client that has not enabled response stubbing via
     #   `:stub_responses => true`.
-    #
     def stub_responses(operation_name, *stubs)
       if config.stub_responses
         apply_stubs(operation_name, stubs.flatten)
@@ -182,13 +181,15 @@ module Aws
       end
     end
 
-    # Allows you to access all of the requests that the stubbed client has made
-    #
-    # @params [Boolean] exclude_presign Setting to true for filtering out not sent requests from
-    #                 generating presigned urls. Default to false.
-    # @return [Array] Returns an array of the api requests made, each request object contains the
-    #                 :operation_name, :params, and :context of the request. 
-    # @raise [NotImplementedError] Raises `NotImplementedError` when the client is not stubbed
+    # Allows you to access all of the requests that the stubbed client has made.
+    #
+    # @param [Hash] options The options for the api requests.
+    # @option options [Boolean] :exclude_presign (false) Set to true to filter
+    #   out unsent requests from generated presigned urls.
+    # @return [Array] Returns an array of the api requests made. Each request
+    #   object contains the :operation_name, :params, and :context.
+    # @raise [NotImplementedError] Raises `NotImplementedError` when the client
+    #   is not stubbed.
     def api_requests(options = {})
       if config.stub_responses
         if options[:exclude_presign]
@@ -291,7 +292,7 @@ module Aws
     def data_to_http_resp(operation_name, data)
       api = config.api
       operation = api.operation(operation_name)
-      ParamValidator.validate!(operation.output, data)
+      ParamValidator.new(operation.output, input: false).validate!(data)
       protocol_helper.stub_data(api, operation, data)
     end
 

data/lib/aws-sdk-core/credential_provider.rb

@@ -1,10 +1,6 @@
-require_relative 'deprecations'
-
 module Aws
   module CredentialProvider
 
-    extend Deprecations
-
     # @return [Credentials]
     attr_reader :credentials
 
@@ -13,32 +9,5 @@ module Aws
       !!credentials && credentials.set?
     end
 
-    # @deprecated Deprecated in 2.1.0. This method is subject to errors
-    #   from a race condition when called against refreshable credential
-    #   objects. Will be removed in 2.2.0.
-    # @see #credentials
-    def access_key_id
-      credentials ? credentials.access_key_id : nil
-    end
-    deprecated(:access_key_id, use: '#credentials')
-
-    # @deprecated Deprecated in 2.1.0. This method is subject to errors
-    #   from a race condition when called against refreshable credential
-    #   objects. Will be removed in 2.2.0.
-    # @see #credentials
-    def secret_access_key
-      credentials ? credentials.secret_access_key : nil
-    end
-    deprecated(:secret_access_key, use: '#credentials')
-
-    # @deprecated Deprecated in 2.1.0. This method is subject to errors
-    #   from a race condition when called against refreshable credential
-    #   objects. Will be removed in 2.2.0.
-    # @see #credentials
-    def session_token
-      credentials ? credentials.session_token : nil
-    end
-    deprecated(:session_token, use: '#credentials')
-
   end
 end

data/lib/aws-sdk-core/credential_provider_chain.rb

@@ -1,7 +1,6 @@
 module Aws
   # @api private
   class CredentialProviderChain
-
     def initialize(config = nil)
       @config = config
     end
@@ -20,15 +19,20 @@ module Aws
     def providers
       [
         [:static_credentials, {}],
+        [:static_profile_assume_role_web_identity_credentials, {}],
+        [:static_profile_assume_role_credentials, {}],
+        [:static_profile_credentials, {}],
+        [:static_profile_process_credentials, {}],
         [:env_credentials, {}],
+        [:assume_role_web_identity_credentials, {}],
         [:assume_role_credentials, {}],
         [:shared_credentials, {}],
         [:process_credentials, {}],
         [:instance_profile_credentials, {
           retries: @config ? @config.instance_profile_credentials_retries : 0,
           http_open_timeout: @config ? @config.instance_profile_credentials_timeout : 1,
-          http_read_timeout: @config ? @config.instance_profile_credentials_timeout : 1,
-        }],
+          http_read_timeout: @config ? @config.instance_profile_credentials_timeout : 1
+        }]
       ]
     end
 
@@ -37,48 +41,73 @@ module Aws
         Credentials.new(
           options[:config].access_key_id,
           options[:config].secret_access_key,
-          options[:config].session_token)
-      else
-        nil
+          options[:config].session_token
+        )
+      end
+    end
+
+    def static_profile_assume_role_web_identity_credentials(options)
+      if Aws.shared_config.config_enabled? && options[:config] && options[:config].profile
+        Aws.shared_config.assume_role_web_identity_credentials_from_config(
+          profile: options[:config].profile,
+          region: options[:config].region
+        )
+      end
+    end
+
+    def static_profile_assume_role_credentials(options)
+      if Aws.shared_config.config_enabled? && options[:config] && options[:config].profile
+        assume_role_with_profile(options, options[:config].profile)
       end
     end
 
-    def env_credentials(options)
-      key =    %w(AWS_ACCESS_KEY_ID     AMAZON_ACCESS_KEY_ID     AWS_ACCESS_KEY)
-      secret = %w(AWS_SECRET_ACCESS_KEY AMAZON_SECRET_ACCESS_KEY AWS_SECRET_KEY)
-      token =  %w(AWS_SESSION_TOKEN     AMAZON_SESSION_TOKEN)
+    def static_profile_credentials(options)
+      if options[:config] && options[:config].profile
+        SharedCredentials.new(profile_name: options[:config].profile)
+      end
+    rescue Errors::NoSuchProfileError
+      nil
+    end
+
+    def static_profile_process_credentials(options)
+      if Aws.shared_config.config_enabled? && options[:config] && options[:config].profile
+        process_provider = Aws.shared_config.credential_process(profile: options[:config].profile)
+        ProcessCredentials.new(process_provider) if process_provider
+      end
+    rescue Errors::NoSuchProfileError
+      nil
+    end
+
+    def env_credentials(_options)
+      key =    %w[AWS_ACCESS_KEY_ID AMAZON_ACCESS_KEY_ID AWS_ACCESS_KEY]
+      secret = %w[AWS_SECRET_ACCESS_KEY AMAZON_SECRET_ACCESS_KEY AWS_SECRET_KEY]
+      token =  %w[AWS_SESSION_TOKEN AMAZON_SESSION_TOKEN]
       Credentials.new(envar(key), envar(secret), envar(token))
     end
 
     def envar(keys)
       keys.each do |key|
-        if ENV.key?(key)
-          return ENV[key]
-        end
+        return ENV[key] if ENV.key?(key)
       end
       nil
     end
 
+    def determine_profile_name(options)
+      (options[:config] && options[:config].profile) || ENV['AWS_PROFILE'] || ENV['AWS_DEFAULT_PROFILE'] || 'default'
+    end
+
     def shared_credentials(options)
-      if options[:config]
-        SharedCredentials.new(profile_name: options[:config].profile)
-      else
-        SharedCredentials.new(
-          profile_name: ENV['AWS_PROFILE'].nil? ? 'default' : ENV['AWS_PROFILE'])
-      end
+      profile_name = determine_profile_name(options)
+      SharedCredentials.new(profile_name: profile_name)
     rescue Errors::NoSuchProfileError
       nil
     end
 
     def process_credentials(options)
-      profile_name = options[:config].profile if options[:config]
-      profile_name ||= ENV['AWS_PROFILE'].nil? ? 'default' : ENV['AWS_PROFILE']
-      
-      config = Aws.shared_config
-      if config.config_enabled? && process_provider = config.credentials_process(profile_name)
+      profile_name = determine_profile_name(options)
+      if Aws.shared_config.config_enabled? &&
+         (process_provider = Aws.shared_config.credential_process(profile: profile_name))
         ProcessCredentials.new(process_provider)
-      else
-        nil
       end
     rescue Errors::NoSuchProfileError
       nil
@@ -86,33 +115,44 @@ module Aws
 
     def assume_role_credentials(options)
       if Aws.shared_config.config_enabled?
-        profile, region = nil, nil
-        if options[:config]
-          profile = options[:config].profile
-          region = options[:config].region
-          assume_role_with_profile(options[:config].profile, options[:config].region)
-        end
-        assume_role_with_profile(profile, region)
-      else
-        nil
+        assume_role_with_profile(options, determine_profile_name(options))
+      end
+    end
+
+    def assume_role_web_identity_credentials(options)
+      region = options[:config].region if options[:config]
+      if (role_arn = ENV['AWS_ROLE_ARN']) && (token_file = ENV['AWS_WEB_IDENTITY_TOKEN_FILE'])
+        cfg = {
+          role_arn: role_arn,
+          web_identity_token_file: token_file,
+          role_session_name: ENV['AWS_ROLE_SESSION_NAME']
+        }
+        cfg[:region] = region if region
+        AssumeRoleWebIdentityCredentials.new(cfg)
+      elsif Aws.shared_config.config_enabled?
+        profile = options[:config].profile if options[:config]
+        Aws.shared_config.assume_role_web_identity_credentials_from_config(
+          profile: profile,
+          region: region
+        )
       end
     end
 
     def instance_profile_credentials(options)
-      if ENV["AWS_CONTAINER_CREDENTIALS_RELATIVE_URI"]
+      if ENV['AWS_CONTAINER_CREDENTIALS_RELATIVE_URI']
         ECSCredentials.new(options)
       else
         InstanceProfileCredentials.new(options)
       end
     end
 
-    def assume_role_with_profile(prof, region)
+    def assume_role_with_profile(options, profile_name)
+      region = (options[:config] && options[:config].region)
       Aws.shared_config.assume_role_credentials_from_config(
-        profile: prof,
+        profile: profile_name,
         region: region,
         chain_config: @config
       )
     end
-
   end
 end