aws-sdk-core 3.46.2 → 3.126.2

data/lib/aws-sdk-sts.rb

@@ -1,11 +1,18 @@
+# frozen_string_literal: true
+
 # WARNING ABOUT GENERATED CODE
 #
 # This file is generated. See the contributing guide for more information:
-# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
 #
 # WARNING ABOUT GENERATED CODE
 
 
+unless Module.const_defined?(:Aws)
+  require 'aws-sdk-core'
+  require 'aws-sigv4'
+end
+
 require_relative 'aws-sdk-sts/types'
 require_relative 'aws-sdk-sts/client_api'
 require_relative 'aws-sdk-sts/client'
@@ -22,24 +29,27 @@ require_relative 'aws-sdk-sts/customizations'
 # methods each accept a hash of request parameters and return a response
 # structure.
 #
+#     sts = Aws::STS::Client.new
+#     resp = sts.assume_role(params)
+#
 # See {Client} for more information.
 #
 # # Errors
 #
-# Errors returned from AWS Security Token Service all
-# extend {Errors::ServiceError}.
+# Errors returned from AWS Security Token Service are defined in the
+# {Errors} module and all extend {Errors::ServiceError}.
 #
 #     begin
 #       # do stuff
 #     rescue Aws::STS::Errors::ServiceError
-#       # rescues all service API errors
+#       # rescues all AWS Security Token Service API errors
 #     end
 #
 # See {Errors} for more information.
 #
-# @service
+# @!group service
 module Aws::STS
 
-  GEM_VERSION = '3.46.2'
+  GEM_VERSION = '3.126.2'
 
 end

data/lib/seahorse/client/async_base.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+module Seahorse
+  module Client
+    class AsyncBase < Seahorse::Client::Base
+
+      # default H2 plugins
+      @plugins = PluginList.new([
+        Plugins::Endpoint,
+        Plugins::H2,
+        Plugins::ResponseTarget
+      ])
+
+      def initialize(plugins, options)
+        super
+        @connection = H2::Connection.new(options)
+        @options = options
+      end
+
+      # @return [H2::Connection]
+      attr_reader :connection
+
+      # @return [Array<Symbol>] Returns a list of valid async request
+      #   operation names.
+      def operation_names
+        self.class.api.async_operation_names
+      end
+
+      # Closes the underlying HTTP2 Connection for the client
+      # @return [Symbol] Returns the status of the connection (:closed)
+      def close_connection
+        @connection.close!
+      end
+
+      # Creates a new HTTP2 Connection for the client
+      # @return [Seahorse::Client::H2::Connection]
+      def new_connection
+        if @connection.closed?
+          @connection = H2::Connection.new(@options)
+        else
+          @connection
+        end
+      end
+
+      def connection_errors
+        @connection.errors
+      end
+
+    end
+  end
+end
+

data/lib/seahorse/client/async_response.rb

@@ -0,0 +1,64 @@
+# frozen_string_literal: true
+
+module Seahorse
+  module Client
+    class AsyncResponse
+
+      def initialize(options = {})
+        @response = Response.new(context: options[:context])
+        @stream = options[:stream]
+        @stream_mutex = options[:stream_mutex]
+        @close_condition = options[:close_condition]
+        @sync_queue = options[:sync_queue]
+      end
+
+      def context
+        @response.context
+      end
+
+      def error
+        @response.error
+      end
+
+      def on(range, &block)
+        @response.on(range, &block)
+        self
+      end
+
+      def on_complete(&block)
+        @response.on_complete(&block)
+        self
+      end
+
+      def wait
+        if error && context.config.raise_response_errors
+          raise error
+        elsif @stream
+          # have a sync signal that #signal can be blocked on
+          # else, if #signal is called before #wait
+          # will be waiting for a signal never arrives
+          @sync_queue << "sync_signal"
+          # now #signal is unlocked for
+          # signaling close condition when ready
+          @stream_mutex.synchronize {
+            @close_condition.wait(@stream_mutex)
+          }
+          @response
+        end
+      end
+
+      def join!
+        if error && context.config.raise_response_errors
+          raise error
+        elsif @stream
+          # close callback is waiting
+          # for the "sync_signal"
+          @sync_queue << "sync_signal"
+          @stream.close
+          @response
+        end
+      end
+
+    end
+  end
+end

data/lib/seahorse/client/base.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'thread'
 
 module Seahorse
@@ -12,6 +14,7 @@ module Seahorse
         Plugins::NetHttp,
         Plugins::RaiseResponseErrors,
         Plugins::ResponseTarget,
+        Plugins::RequestCallback
       ])
 
       # @api private
@@ -46,7 +49,7 @@ module Seahorse
       #   names. These are valid arguments to {#build_request} and are also
       #   valid methods.
       def operation_names
-        self.class.api.operation_names
+        self.class.api.operation_names - self.class.api.async_operation_names
       end
 
       private
@@ -194,13 +197,15 @@ module Seahorse
         private
 
         def define_operation_methods
+          operations_module = Module.new
           @api.operation_names.each do |method_name|
-            define_method(method_name) do |*args, &block|
+            operations_module.send(:define_method, method_name) do |*args, &block|
               params = args[0] || {}
               options = args[1] || {}
               build_request(method_name, params).send_request(options, &block)
             end
           end
+          include(operations_module)
         end
 
         def build_plugins

data/lib/seahorse/client/block_io.rb

@@ -1,8 +1,11 @@
+# frozen_string_literal: true
+
 module Seahorse
   module Client
     class BlockIO
 
-      def initialize(&block)
+      def initialize(headers = nil, &block)
+        @headers = headers
         @block = block
         @size = 0
       end
@@ -10,7 +13,8 @@ module Seahorse
       # @param [String] chunk
       # @return [Integer]
       def write(chunk)
-        @block.call(chunk)
+        @block.call(chunk, @headers)
+      ensure
         chunk.bytesize.tap { |chunk_size| @size += chunk_size }
       end
 

data/lib/seahorse/client/configuration.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'set'
 
 module Seahorse
@@ -104,7 +106,7 @@ module Seahorse
       #
       # @return [self]
       def add_option(name, default = nil, &block)
-        default = DynamicDefault.new(Proc.new) if block_given?
+        default = DynamicDefault.new(block) if block_given?
         @defaults[name.to_sym] << default
         self
       end
@@ -193,6 +195,10 @@ module Seahorse
           @members.include?(method_name) or super
         end
 
+        def override_config(k, v)
+          @struct[k] = v
+        end
+
         private
 
         def value_at(opt_name)

data/lib/seahorse/client/events.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Seahorse
   module Client
     module EventEmitter
@@ -9,7 +11,7 @@ module Seahorse
 
       def emit(event_name, *args, &block)
         @listeners[event_name] ||= []
-        @listeners[event_name] << Proc.new
+        @listeners[event_name] << block if block_given?
       end
 
       def signal(event, *args)

data/lib/seahorse/client/h2/connection.rb

@@ -0,0 +1,250 @@
+# frozen_string_literal: true
+
+begin
+  require 'http/2'
+rescue LoadError; end
+require 'openssl'
+require 'socket'
+
+module Seahorse
+  module Client
+    # @api private
+    module H2
+
+      # H2 Connection build on top of `http/2` gem
+      # (requires Ruby >= 2.1)
+      # with TLS layer plus ALPN, requires:
+      # Ruby >= 2.3 and OpenSSL >= 1.0.2
+      class Connection
+
+        OPTIONS = {
+          max_concurrent_streams: 100,
+          connection_timeout: 60,
+          connection_read_timeout: 60,
+          http_wire_trace: false,
+          logger: nil,
+          ssl_verify_peer: true,
+          ssl_ca_bundle: nil,
+          ssl_ca_directory: nil,
+          ssl_ca_store: nil,
+          enable_alpn: false
+        }
+
+        # chunk read size at socket
+        CHUNKSIZE = 1024
+
+        SOCKET_FAMILY = ::Socket::AF_INET
+
+        def initialize(options = {})
+          OPTIONS.each_pair do |opt_name, default_value|
+            value = options[opt_name].nil? ? default_value : options[opt_name]
+            instance_variable_set("@#{opt_name}", value)
+          end
+          @h2_client = HTTP2::Client.new(
+            settings_max_concurrent_streams: max_concurrent_streams
+          )
+          @logger = options[:logger] || Logger.new($stdout) if @http_wire_trace
+          @chunk_size = options[:read_chunk_size] || CHUNKSIZE
+          @errors = []
+          @status = :ready
+          @mutex = Mutex.new # connection can be shared across requests
+          @socket = nil
+          @socket_thread = nil
+        end
+
+        OPTIONS.keys.each do |attr_name|
+          attr_reader(attr_name)
+        end
+
+        alias ssl_verify_peer? ssl_verify_peer
+
+        attr_reader :errors
+
+        attr_accessor :input_signal_thread
+
+        def new_stream
+          begin
+            @h2_client.new_stream
+          rescue => error
+            raise Http2StreamInitializeError.new(error)
+          end
+        end
+
+        def connect(endpoint)
+          @mutex.synchronize {
+            if @status == :ready
+              tcp, addr = _tcp_socket(endpoint)
+              debug_output("opening connection to #{endpoint.host}:#{endpoint.port} ...")
+              _nonblocking_connect(tcp, addr)
+              debug_output('opened')
+
+              if endpoint.scheme == 'https'
+                @socket = OpenSSL::SSL::SSLSocket.new(tcp, _tls_context)
+                @socket.sync_close = true
+                @socket.hostname = endpoint.host
+
+                debug_output("starting TLS for #{endpoint.host}:#{endpoint.port} ...")
+                @socket.connect
+                debug_output('TLS established')
+              else
+                @socket = tcp
+              end
+
+              _register_h2_callbacks
+              @status = :active
+            elsif @status == :closed
+              msg = 'Async Client HTTP2 Connection is closed, you may'\
+                    ' use #new_connection to create a new HTTP2 Connection for this client'
+              raise Http2ConnectionClosedError.new(msg)
+            end
+          }
+        end
+
+        def start(stream)
+          @mutex.synchronize {
+            return if @socket_thread
+            @socket_thread = Thread.new do
+              while !@socket.closed?
+                begin
+                  data = @socket.read_nonblock(@chunk_size)
+                  @h2_client << data
+                rescue IO::WaitReadable
+                  begin
+                    unless IO.select([@socket], nil, nil, connection_read_timeout)
+                      self.debug_output('socket connection read time out')
+                      self.close!
+                    else
+                      # available, retry to start reading
+                      retry
+                    end
+                  rescue
+                    # error can happen when closing the socket
+                    # while it's waiting for read
+                    self.close!
+                  end
+                rescue EOFError
+                  self.close!
+                rescue => error
+                  self.debug_output(error.inspect)
+                  @errors << error
+                  self.close!
+                end
+              end
+            end
+            @socket_thread.abort_on_exception = true
+          }
+        end
+
+        def close!
+          @mutex.synchronize {
+            self.debug_output('closing connection ...')
+            if @socket
+              @socket.close
+              @socket = nil
+            end
+            if @socket_thread
+              Thread.kill(@socket_thread)
+              @socket_thread = nil
+            end
+            @status = :closed
+          }
+        end
+
+        def closed?
+          @status == :closed
+        end
+
+        def debug_output(msg, type = nil)
+          prefix = case type
+            when :send then '-> '
+            when :receive then '<- '
+            else
+              ''
+            end
+          return unless @logger
+          _debug_entry(prefix + msg)
+        end
+
+        private
+
+        def _debug_entry(str)
+          @logger << str
+          @logger << "\n"
+        end
+
+        def _register_h2_callbacks
+          @h2_client.on(:frame) do |bytes|
+            if @socket.nil?
+              msg = 'Connection is closed due to errors, '\
+                    'you can find errors at async_client.connection.errors'
+              raise Http2ConnectionClosedError.new(msg)
+            else
+              @socket.print(bytes)
+              @socket.flush
+            end
+          end
+          @h2_client.on(:frame_sent) do |frame|
+            debug_output("frame: #{frame.inspect}", :send)
+          end
+          @h2_client.on(:frame_received) do |frame|
+            debug_output("frame: #{frame.inspect}", :receive)
+          end
+        end
+
+        def _tcp_socket(endpoint)
+          tcp = ::Socket.new(SOCKET_FAMILY, ::Socket::SOCK_STREAM, 0)
+          tcp.setsockopt(::Socket::IPPROTO_TCP, ::Socket::TCP_NODELAY, 1)
+
+          address = ::Socket.getaddrinfo(endpoint.host, nil, SOCKET_FAMILY).first[3]
+          sockaddr = ::Socket.sockaddr_in(endpoint.port, address)
+
+          [tcp, sockaddr]
+        end
+
+        def _nonblocking_connect(tcp, addr)
+          begin
+            tcp.connect_nonblock(addr)
+          rescue IO::WaitWritable
+            unless IO.select(nil, [tcp], nil, connection_timeout)
+              tcp.close
+              raise
+            end
+            begin
+              tcp.connect_nonblock(addr)
+            rescue Errno::EISCONN
+              # tcp socket connected, continue
+            end
+          end
+        end
+
+        def _tls_context
+          ssl_ctx = OpenSSL::SSL::SSLContext.new(:TLSv1_2)
+          if ssl_verify_peer?
+            ssl_ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER
+            ssl_ctx.ca_file = ssl_ca_bundle ? ssl_ca_bundle : _default_ca_bundle
+            ssl_ctx.ca_path = ssl_ca_directory ? ssl_ca_directory : _default_ca_directory
+            ssl_ctx.cert_store = ssl_ca_store if ssl_ca_store
+          else
+            ssl_ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE
+          end
+          if enable_alpn
+            debug_output('enabling ALPN for TLS ...')
+            ssl_ctx.alpn_protocols = ['h2']
+          end
+          ssl_ctx
+        end
+
+        def _default_ca_bundle
+          File.exist?(OpenSSL::X509::DEFAULT_CERT_FILE) ?
+            OpenSSL::X509::DEFAULT_CERT_FILE : nil
+        end
+
+        def _default_ca_directory
+          Dir.exist?(OpenSSL::X509::DEFAULT_CERT_DIR) ?
+            OpenSSL::X509::DEFAULT_CERT_DIR : nil
+        end
+
+      end
+    end
+  end
+end

data/lib/seahorse/client/h2/handler.rb

@@ -0,0 +1,152 @@
+# frozen_string_literal: true
+
+begin
+  require 'http/2'
+rescue LoadError; end
+
+require 'securerandom'
+
+module Seahorse
+  module Client
+    # @api private
+    module H2
+
+      NETWORK_ERRORS = [
+        SocketError, EOFError, IOError, Timeout::Error,
+        Errno::ECONNABORTED, Errno::ECONNRESET, Errno::EPIPE,
+        Errno::EINVAL, Errno::ETIMEDOUT, OpenSSL::SSL::SSLError,
+        Errno::EHOSTUNREACH, Errno::ECONNREFUSED,# OpenSSL::SSL::SSLErrorWaitReadable
+      ]
+
+      # @api private
+      DNS_ERROR_MESSAGES = [
+        'getaddrinfo: nodename nor servname provided, or not known', # MacOS
+        'getaddrinfo: Name or service not known' # GNU
+      ]
+
+      class Handler < Client::Handler
+
+        def call(context)
+          stream = nil
+          begin
+            conn = context.client.connection
+            stream = conn.new_stream
+
+            stream_mutex = Mutex.new
+            close_condition = ConditionVariable.new
+            sync_queue = Queue.new
+
+            conn.connect(context.http_request.endpoint)
+            _register_callbacks(
+              context.http_response,
+              stream,
+              stream_mutex,
+              close_condition,
+              sync_queue
+            )
+
+            conn.debug_output("sending initial request ...")
+            if input_emitter = context[:input_event_emitter]
+              _send_initial_headers(context.http_request, stream)
+
+              # prepare for sending events later
+              input_emitter.stream = stream
+              # request sigv4 serves as the initial #prior_signature
+              input_emitter.encoder.prior_signature =
+                context.http_request.headers['authorization'].split('Signature=').last
+              input_emitter.validate_event = context.config.validate_params
+            else
+              _send_initial_headers(context.http_request, stream)
+              _send_initial_data(context.http_request, stream)
+            end
+
+            conn.start(stream)
+          rescue *NETWORK_ERRORS => error
+            error = NetworkingError.new(
+              error, error_message(context.http_request, error))
+            context.http_response.signal_error(error)
+          rescue => error
+            conn.debug_output(error.inspect)
+            # not retryable
+            context.http_response.signal_error(error)
+          end
+
+          AsyncResponse.new(
+            context: context,
+            stream: stream,
+            stream_mutex: stream_mutex,
+            close_condition: close_condition,
+            sync_queue: sync_queue
+          )
+        end
+
+        private
+
+        def _register_callbacks(resp, stream, stream_mutex, close_condition, sync_queue)
+          stream.on(:headers) do |headers|
+            resp.signal_headers(headers)
+          end
+
+          stream.on(:data) do |data|
+            resp.signal_data(data)
+          end
+
+          stream.on(:close) do
+            resp.signal_done
+            # block until #wait is ready for signal
+            # else deadlock may happen because #signal happened
+            # eariler than #wait (see AsyncResponse#wait)
+            sync_queue.pop
+            stream_mutex.synchronize {
+              close_condition.signal
+            }
+          end
+        end
+
+        def _send_initial_headers(req, stream)
+          begin
+            headers = _h2_headers(req)
+            stream.headers(headers, end_stream: false)
+          rescue => e
+            raise Http2InitialRequestError.new(e)
+          end
+        end
+
+        def _send_initial_data(req, stream)
+          begin
+            data = req.body.read
+            stream.data(data, end_stream: true)
+          rescue => e
+            raise Http2InitialRequestError.new(e)
+          end
+          data
+        end
+
+        # H2 pseudo headers
+        # https://http2.github.io/http2-spec/#rfc.section.8.1.2.3
+        def _h2_headers(req)
+          headers = {}
+          headers[':method'] = req.http_method.upcase
+          headers[':scheme'] = req.endpoint.scheme
+          headers[':path'] = req.endpoint.path.empty? ? '/' : req.endpoint.path
+          if req.endpoint.query && !req.endpoint.query.empty?
+            headers[':path'] += "?#{req.endpoint.query}"
+          end
+          req.headers.each {|k, v| headers[k.downcase] = v }
+          headers
+        end
+
+        def error_message(req, error)
+          if error.is_a?(SocketError) && DNS_ERROR_MESSAGES.include?(error.message)
+            host = req.endpoint.host
+            "unable to connect to `#{host}`; SocketError: #{error.message}"
+          else
+            error.message
+          end
+        end
+
+      end
+
+    end
+  end
+end

data/lib/seahorse/client/handler.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Seahorse
   module Client
     class Handler

data/lib/seahorse/client/handler_builder.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Seahorse
   module Client
 

data/lib/seahorse/client/handler_list.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'thread'
 require 'set'