aws-sdk-core 3.85.1 → 3.89.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/lib/aws-sdk-core.rb +1 -0
- data/lib/aws-sdk-core/log/param_filter.rb +1 -1
- data/lib/aws-sdk-core/plugins/user_agent.rb +4 -8
- data/lib/aws-sdk-sts.rb +1 -1
- data/lib/aws-sdk-sts/client.rb +31 -1
- data/lib/seahorse/client/net_http/connection_pool.rb +19 -17
- data/lib/seahorse/client/net_http/handler.rb +7 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1276b6391ee9efb2f5431b60dc9dd4da4a81e339
|
4
|
+
data.tar.gz: be1514be183e08a3c01d7a8f4ef0d859981adcfc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 4f43b95c970d6956c688d815ae409a64123a0b332c70cd138733c3a0704c823e9fc9f846dd523e3e6a8ccbd7095ede57e537cbc99a8f9fdb56e089d099a848a2
|
7
|
+
data.tar.gz: 8edd46ef45895d8e898b58533629e092eac359f8180952f79a996b23238872cc3f8da702a1345a45d68e3b44129520857180b3f6cc9ec16696c0f2738ace7ac3
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
3.
|
1
|
+
3.89.1
|
data/lib/aws-sdk-core.rb
CHANGED
@@ -11,7 +11,7 @@ module Aws
|
|
11
11
|
#
|
12
12
|
# @api private
|
13
13
|
# begin
|
14
|
-
SENSITIVE = [:access_token, :account_name, :account_password, :address, :admin_contact, :admin_password, :artifact_credentials, :auth_code, :authentication_token, :authorization_result, :backup_plan_tags, :backup_vault_tags, :base_32_string_seed, :block, :block_address, :block_data, :blocks, :body, :bot_configuration, :bot_email, :calling_name, :cause, :client_id, :client_request_token, :client_secret, :comment, :configuration, :copy_source_sse_customer_key, :credentials, :current_password, :custom_attributes, :custom_private_key, :db_password, :default_phone_number, :definition, :description, :destination_access_token, :digest_tip_address, :display_name, :e164_phone_number, :email, :email_address, :email_message, :embed_url, :error, :external_model_endpoint_data_blobs, :external_user_id, :feedback_token, :file, :first_name, :full_name, :host_key, :id, :id_token, :input, :input_text, :ion_text, :join_token, :key_id, :key_material, :key_store_password, :kms_key_id, :kms_master_key_id, :lambda_function_arn, :last_name, :local_console_password, :master_account_email, :master_user_password, :meeting_host_id, :message, :name, :new_password, :next_password, :notes, :number, :old_password, :outbound_events_https_endpoint, :output, :owner_information, :parameters, :passphrase, :password, :payload, :phone_number, :plaintext, :previous_password, :primary_email, :primary_provisioned_number, :private_key, :private_key_plaintext, :proof, :proposed_password, :public_key, :qr_code_png, :query, :random_password, :recovery_point_tags, :refresh_token, :registrant_contact, :request_attributes, :revision, :search_query, :secret_access_key, :secret_binary, :secret_code, :secret_hash, :secret_string, :secret_to_authenticate_initiator, :secret_to_authenticate_target, :security_token, :service_password, :session_attributes, :session_token, :share_notes, :shared_secret, :slots, :sns_topic_arn, :source_access_token, :sqs_queue_arn, :sse_customer_key, :ssekms_encryption_context, :ssekms_key_id, :status_message, :tag_key_list, :tags, :target_address, :task_parameters, :tech_contact, :temporary_password, :text, :token, :trust_password, :type, :upload_credentials, :upload_url, :uri, :user_data, :user_email, :user_name, :user_password, :username, :value, :values, :variables, :vpn_psk, :zip_file]
|
14
|
+
SENSITIVE = [:access_token, :account_name, :account_password, :address, :admin_contact, :admin_password, :alexa_for_business_room_arn, :artifact_credentials, :auth_code, :authentication_token, :authorization_result, :backup_plan_tags, :backup_vault_tags, :base_32_string_seed, :block, :block_address, :block_data, :blocks, :body, :bot_configuration, :bot_email, :calling_name, :cause, :client_id, :client_request_token, :client_secret, :comment, :configuration, :copy_source_sse_customer_key, :credentials, :current_password, :custom_attributes, :custom_private_key, :db_password, :default_phone_number, :definition, :description, :destination_access_token, :digest_tip_address, :display_name, :domain_signing_private_key, :e164_phone_number, :email, :email_address, :email_message, :embed_url, :error, :external_model_endpoint_data_blobs, :external_user_id, :feedback_token, :file, :first_name, :full_name, :host_key, :id, :id_token, :input, :input_text, :ion_text, :join_token, :key_id, :key_material, :key_store_password, :kms_key_id, :kms_master_key_id, :lambda_function_arn, :last_name, :local_console_password, :master_account_email, :master_user_password, :meeting_host_id, :message, :metadata, :name, :new_password, :next_password, :notes, :number, :old_password, :outbound_events_https_endpoint, :output, :owner_information, :parameters, :passphrase, :password, :payload, :phone_number, :plaintext, :previous_password, :primary_email, :primary_provisioned_number, :private_key, :private_key_plaintext, :proof, :proposed_password, :public_key, :qr_code_png, :query, :random_password, :recovery_point_tags, :refresh_token, :registrant_contact, :request_attributes, :restore_metadata, :revision, :search_query, :secret_access_key, :secret_binary, :secret_code, :secret_hash, :secret_string, :secret_to_authenticate_initiator, :secret_to_authenticate_target, :security_token, :service_password, :session_attributes, :session_token, :share_notes, :shared_secret, :slots, :sns_topic_arn, :source_access_token, :sqs_queue_arn, :sse_customer_key, :ssekms_encryption_context, :ssekms_key_id, :status_message, :tag_key_list, :tags, :target_address, :task_parameters, :tech_contact, :temporary_password, :text, :token, :trust_password, :type, :upload_credentials, :upload_url, :uri, :user_data, :user_email, :user_name, :user_password, :username, :value, :values, :variables, :vpn_psk, :zip_file]
|
15
15
|
# end
|
16
16
|
|
17
17
|
def initialize(options = {})
|
@@ -2,20 +2,16 @@ module Aws
|
|
2
2
|
module Plugins
|
3
3
|
# @api private
|
4
4
|
class UserAgent < Seahorse::Client::Plugin
|
5
|
-
|
6
5
|
option(:user_agent_suffix)
|
7
6
|
|
8
7
|
# @api private
|
9
8
|
class Handler < Seahorse::Client::Handler
|
10
|
-
|
11
9
|
def call(context)
|
12
10
|
set_user_agent(context)
|
13
11
|
@handler.call(context)
|
14
12
|
end
|
15
13
|
|
16
14
|
def set_user_agent(context)
|
17
|
-
execution_env = ENV["AWS_EXECUTION_ENV"]
|
18
|
-
|
19
15
|
ua = "aws-sdk-ruby3/#{CORE_GEM_VERSION}"
|
20
16
|
|
21
17
|
begin
|
@@ -30,19 +26,19 @@ module Aws
|
|
30
26
|
ua += " #{context[:gem_name]}/#{context[:gem_version]}"
|
31
27
|
end
|
32
28
|
|
33
|
-
if execution_env
|
29
|
+
if (execution_env = ENV['AWS_EXECUTION_ENV'])
|
34
30
|
ua += " exec-env/#{execution_env}"
|
35
31
|
end
|
36
32
|
|
37
|
-
|
33
|
+
if context.config.user_agent_suffix
|
34
|
+
ua += " #{context.config.user_agent_suffix}"
|
35
|
+
end
|
38
36
|
|
39
37
|
context.http_request.headers['User-Agent'] = ua.strip
|
40
38
|
end
|
41
|
-
|
42
39
|
end
|
43
40
|
|
44
41
|
handler(Handler)
|
45
|
-
|
46
42
|
end
|
47
43
|
end
|
48
44
|
end
|
data/lib/aws-sdk-sts.rb
CHANGED
data/lib/aws-sdk-sts/client.rb
CHANGED
@@ -975,6 +975,36 @@ module Aws::STS
|
|
975
975
|
# * {Types::AssumeRoleWithSAMLResponse#audience #audience} => String
|
976
976
|
# * {Types::AssumeRoleWithSAMLResponse#name_qualifier #name_qualifier} => String
|
977
977
|
#
|
978
|
+
#
|
979
|
+
# @example Example: To assume a role using a SAML assertion
|
980
|
+
#
|
981
|
+
# resp = client.assume_role_with_saml({
|
982
|
+
# duration_seconds: 3600,
|
983
|
+
# principal_arn: "arn:aws:iam::123456789012:saml-provider/SAML-test",
|
984
|
+
# role_arn: "arn:aws:iam::123456789012:role/TestSaml",
|
985
|
+
# saml_assertion: "VERYLONGENCODEDASSERTIONEXAMPLExzYW1sOkF1ZGllbmNlPmJsYW5rPC9zYW1sOkF1ZGllbmNlPjwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjwvc2FtbDpDb25kaXRpb25zPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6dHJhbnNpZW50Ij5TYW1sRXhhbXBsZTwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAxOS0xMS0wMVQyMDoyNTowNS4xNDVaIiBSZWNpcGllbnQ9Imh0dHBzOi8vc2lnbmluLmF3cy5hbWF6b24uY29tL3NhbWwiLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWw6U3ViamVjdD48c2FtbDpBdXRoblN0YXRlbWVudCBBdXRoPD94bWwgdmpSZXNwb25zZT4=",
|
986
|
+
# })
|
987
|
+
#
|
988
|
+
# resp.to_h outputs the following:
|
989
|
+
# {
|
990
|
+
# assumed_role_user: {
|
991
|
+
# arn: "arn:aws:sts::123456789012:assumed-role/TestSaml",
|
992
|
+
# assumed_role_id: "ARO456EXAMPLE789:TestSaml",
|
993
|
+
# },
|
994
|
+
# audience: "https://signin.aws.amazon.com/saml",
|
995
|
+
# credentials: {
|
996
|
+
# access_key_id: "ASIAV3ZUEFP6EXAMPLE",
|
997
|
+
# expiration: Time.parse("2019-11-01T20:26:47Z"),
|
998
|
+
# secret_access_key: "8P+SQvWIuLnKhh8d++jpw0nNmQRBZvNEXAMPLEKEY",
|
999
|
+
# session_token: "IQoJb3JpZ2luX2VjEOz////////////////////wEXAMPLEtMSJHMEUCIDoKK3JH9uGQE1z0sINr5M4jk+Na8KHDcCYRVjJCZEvOAiEA3OvJGtw1EcViOleS2vhs8VdCKFJQWPQrmGdeehM4IC1NtBmUpp2wUE8phUZampKsburEDy0KPkyQDYwT7WZ0wq5VSXDvp75YU9HFvlRd8Tx6q6fE8YQcHNVXAkiY9q6d+xo0rKwT38xVqr7ZD0u0iPPkUL64lIZbqBAz+scqKmlzm8FDrypNC9Yjc8fPOLn9FX9KSYvKTr4rvx3iSIlTJabIQwj2ICCR/oLxBA==",
|
1000
|
+
# },
|
1001
|
+
# issuer: "https://integ.example.com/idp/shibboleth",
|
1002
|
+
# name_qualifier: "SbdGOnUkh1i4+EXAMPLExL/jEvs=",
|
1003
|
+
# packed_policy_size: 6,
|
1004
|
+
# subject: "SamlExample",
|
1005
|
+
# subject_type: "transient",
|
1006
|
+
# }
|
1007
|
+
#
|
978
1008
|
# @example Request syntax with placeholder values
|
979
1009
|
#
|
980
1010
|
# resp = client.assume_role_with_saml({
|
@@ -2101,7 +2131,7 @@ module Aws::STS
|
|
2101
2131
|
params: params,
|
2102
2132
|
config: config)
|
2103
2133
|
context[:gem_name] = 'aws-sdk-core'
|
2104
|
-
context[:gem_version] = '3.
|
2134
|
+
context[:gem_version] = '3.89.1'
|
2105
2135
|
Seahorse::Client::Request.new(handlers, context)
|
2106
2136
|
end
|
2107
2137
|
|
@@ -18,6 +18,7 @@ module Seahorse
|
|
18
18
|
|
19
19
|
@pools_mutex = Mutex.new
|
20
20
|
@pools = {}
|
21
|
+
@default_logger = Logger.new($stdout)
|
21
22
|
|
22
23
|
OPTIONS = {
|
23
24
|
http_proxy: nil,
|
@@ -52,14 +53,14 @@ module Seahorse
|
|
52
53
|
|
53
54
|
# Makes an HTTP request, yielding a Net::HTTPResponse object.
|
54
55
|
#
|
55
|
-
# pool.request('http://domain', Net::HTTP::Get.new('/')) do |resp|
|
56
|
+
# pool.request(URI.parse('http://domain'), Net::HTTP::Get.new('/')) do |resp|
|
56
57
|
# puts resp.code # status code
|
57
58
|
# puts resp.to_h.inspect # dump the headers
|
58
59
|
# puts resp.body
|
59
60
|
# end
|
60
61
|
#
|
61
|
-
# @param [
|
62
|
-
# connect to (e.g. 'https://domain.com').
|
62
|
+
# @param [URI::HTTP, URI::HTTPS] endpoint The HTTP(S) endpoint
|
63
|
+
# to connect to (e.g. 'https://domain.com').
|
63
64
|
#
|
64
65
|
# @param [Net::HTTPRequest] request The request to make. This can be
|
65
66
|
# any request object from Net::HTTP (e.g. Net::HTTP::Get,
|
@@ -131,7 +132,7 @@ module Seahorse
|
|
131
132
|
nil
|
132
133
|
end
|
133
134
|
|
134
|
-
# Closes and removes
|
135
|
+
# Closes and removes all sessions from the pool.
|
135
136
|
# If empty! is called while there are outstanding requests they may
|
136
137
|
# get checked back into the pool, leaving the pool in a non-empty
|
137
138
|
# state.
|
@@ -165,16 +166,16 @@ module Seahorse
|
|
165
166
|
# requests through. Formatted like 'http://proxy.com:123'.
|
166
167
|
#
|
167
168
|
# @option options [Float] :http_open_timeout (15) The number of
|
168
|
-
# seconds to wait when opening
|
169
|
+
# seconds to wait when opening an HTTP session before raising a
|
169
170
|
# `Timeout::Error`.
|
170
171
|
#
|
171
172
|
# @option options [Integer] :http_read_timeout (60) The default
|
172
173
|
# number of seconds to wait for response data. This value can
|
173
174
|
# safely be set
|
174
|
-
# per-request on the session
|
175
|
+
# per-request on the session yielded by {#session_for}.
|
175
176
|
#
|
176
177
|
# @option options [Float] :http_idle_timeout (5) The number of
|
177
|
-
# seconds a connection is allowed to sit
|
178
|
+
# seconds a connection is allowed to sit idle before it is
|
178
179
|
# considered stale. Stale connections are closed and removed
|
179
180
|
# from the pool before making a request.
|
180
181
|
#
|
@@ -183,7 +184,7 @@ module Seahorse
|
|
183
184
|
# request body. This option has no effect unless the request has
|
184
185
|
# "Expect" header set to "100-continue". Defaults to `nil` which
|
185
186
|
# disables this behaviour. This value can safely be set per
|
186
|
-
# request on the session
|
187
|
+
# request on the session yielded by {#session_for}.
|
187
188
|
#
|
188
189
|
# @option options [Boolean] :http_wire_trace (false) When `true`,
|
189
190
|
# HTTP debug output will be sent to the `:logger`.
|
@@ -200,13 +201,13 @@ module Seahorse
|
|
200
201
|
# @option options [String] :ssl_ca_bundle Full path to the SSL
|
201
202
|
# certificate authority bundle file that should be used when
|
202
203
|
# verifying peer certificates. If you do not pass
|
203
|
-
# `:ssl_ca_bundle` or `:ssl_ca_directory` the
|
204
|
+
# `:ssl_ca_bundle` or `:ssl_ca_directory` the system default
|
204
205
|
# will be used if available.
|
205
206
|
#
|
206
207
|
# @option options [String] :ssl_ca_directory Full path of the
|
207
208
|
# directory that contains the unbundled SSL certificate
|
208
209
|
# authority files for verifying peer certificates. If you do
|
209
|
-
# not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the
|
210
|
+
# not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the
|
210
211
|
# system default will be used if available.
|
211
212
|
#
|
212
213
|
# @return [ConnectionPool]
|
@@ -217,7 +218,7 @@ module Seahorse
|
|
217
218
|
end
|
218
219
|
end
|
219
220
|
|
220
|
-
# @return [Array<ConnectionPool>] Returns a list of
|
221
|
+
# @return [Array<ConnectionPool>] Returns a list of the
|
221
222
|
# constructed connection pools.
|
222
223
|
def pools
|
223
224
|
@pools_mutex.synchronize do
|
@@ -231,7 +232,7 @@ module Seahorse
|
|
231
232
|
# @return [Hash]
|
232
233
|
def pool_options options
|
233
234
|
wire_trace = !!options[:http_wire_trace]
|
234
|
-
logger = options[:logger] ||
|
235
|
+
logger = options[:logger] || @default_logger if wire_trace
|
235
236
|
verify_peer = options.key?(:ssl_verify_peer) ?
|
236
237
|
!!options[:ssl_verify_peer] : true
|
237
238
|
{
|
@@ -279,6 +280,7 @@ module Seahorse
|
|
279
280
|
http = ExtendedSession.new(Net::HTTP.new(*args.compact))
|
280
281
|
http.set_debug_output(logger) if http_wire_trace?
|
281
282
|
http.open_timeout = http_open_timeout
|
283
|
+
http.keep_alive_timeout = http_idle_timeout if http.respond_to?(:keep_alive_timeout=)
|
282
284
|
|
283
285
|
if endpoint.scheme == 'https'
|
284
286
|
http.use_ssl = true
|
@@ -301,12 +303,12 @@ module Seahorse
|
|
301
303
|
# Removes stale sessions from the pool. This method *must* be called
|
302
304
|
# @note **Must** be called behind a `@pool_mutex` synchronize block.
|
303
305
|
def _clean
|
304
|
-
now =
|
306
|
+
now = Aws::Util.monotonic_milliseconds
|
305
307
|
@pool.each_pair do |endpoint,sessions|
|
306
308
|
sessions.delete_if do |session|
|
307
309
|
if
|
308
310
|
session.last_used.nil? or
|
309
|
-
now - session.last_used > http_idle_timeout
|
311
|
+
now - session.last_used > http_idle_timeout * 1000
|
310
312
|
then
|
311
313
|
session.finish
|
312
314
|
true
|
@@ -315,7 +317,7 @@ module Seahorse
|
|
315
317
|
end
|
316
318
|
end
|
317
319
|
|
318
|
-
# Helper methods extended onto Net::HTTPSession objects
|
320
|
+
# Helper methods extended onto Net::HTTPSession objects opened by the
|
319
321
|
# connection pool.
|
320
322
|
# @api private
|
321
323
|
class ExtendedSession < Delegator
|
@@ -325,7 +327,7 @@ module Seahorse
|
|
325
327
|
@http = http
|
326
328
|
end
|
327
329
|
|
328
|
-
# @return [
|
330
|
+
# @return [Integer,nil]
|
329
331
|
attr_reader :last_used
|
330
332
|
|
331
333
|
def __getobj__
|
@@ -338,8 +340,8 @@ module Seahorse
|
|
338
340
|
|
339
341
|
# Sends the request and tracks that this session has been used.
|
340
342
|
def request(*args, &block)
|
341
|
-
@last_used = Time.now
|
342
343
|
@http.request(*args, &block)
|
344
|
+
@last_used = Aws::Util.monotonic_milliseconds
|
343
345
|
end
|
344
346
|
|
345
347
|
# Attempts to close/finish the session without raising an error.
|
@@ -163,7 +163,13 @@ module Seahorse
|
|
163
163
|
# @return [Hash] Returns a vanilla hash of headers to send with the
|
164
164
|
# HTTP request.
|
165
165
|
def headers(request)
|
166
|
-
#
|
166
|
+
# Net::HTTP adds default headers for content-type to POSTs (1.8.7+)
|
167
|
+
# and accept-encoding (2.0.0+). Setting a default empty value defeats
|
168
|
+
# this.
|
169
|
+
#
|
170
|
+
# Removing these are necessary for most services to not break request
|
171
|
+
# signatures as well as dynamodb crc32 checks (these fail if the
|
172
|
+
# response is gzipped).
|
167
173
|
headers = { 'content-type' => '', 'accept-encoding' => '' }
|
168
174
|
request.headers.each_pair do |key, value|
|
169
175
|
headers[key] = value
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-core
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.89.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-01-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: jmespath
|