aws-sdk-core 3.128.1 → 3.129.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-core/instance_profile_credentials.rb +52 -6
- data/lib/aws-sdk-sso/client.rb +1 -1
- data/lib/aws-sdk-sso.rb +1 -1
- data/lib/aws-sdk-sts/client.rb +1 -1
- data/lib/aws-sdk-sts.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ed3d2d582fb74767dc5f0d2211e65c95f0c6513ea3b251ac91fe9e4911ca10cb
|
|
4
|
+
data.tar.gz: c8b4261e45c2ec02e5c38ccc3f37cf7cce3de1ad47f5fe6a31b8e6cfe773d5f4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: da350fda9592e059be2b4fd2d355e580f8e2cfa7c638bdf2524564073441b96543d0e00444a69209e6950a902ba98828aceee1740ccbb7a58d755638883fdc27
|
|
7
|
+
data.tar.gz: 4ec8d06a538e401bd9864564daa04cbad71c546872fe98b4b43c5796f69f00fa492f5be203f456e5db13231b7dfe3a2df26661cafc0a0d787c545cfcfccc7792
|
data/CHANGELOG.md
CHANGED
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
3.
|
|
1
|
+
3.129.0
|
|
@@ -78,6 +78,7 @@ module Aws
|
|
|
78
78
|
@backoff = backoff(options[:backoff])
|
|
79
79
|
@token_ttl = options[:token_ttl] || 21_600
|
|
80
80
|
@token = nil
|
|
81
|
+
@no_refresh_until = nil
|
|
81
82
|
super
|
|
82
83
|
end
|
|
83
84
|
|
|
@@ -125,18 +126,48 @@ module Aws
|
|
|
125
126
|
end
|
|
126
127
|
|
|
127
128
|
def refresh
|
|
129
|
+
if @no_refresh_until && @no_refresh_until > Time.now
|
|
130
|
+
warn_expired_credentials
|
|
131
|
+
return
|
|
132
|
+
end
|
|
133
|
+
|
|
128
134
|
# Retry loading credentials up to 3 times is the instance metadata
|
|
129
135
|
# service is responding but is returning invalid JSON documents
|
|
130
136
|
# in response to the GET profile credentials call.
|
|
131
137
|
begin
|
|
132
138
|
retry_errors([Aws::Json::ParseError, StandardError], max_retries: 3) do
|
|
133
139
|
c = Aws::Json.load(get_credentials.to_s)
|
|
134
|
-
@credentials
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
+
if empty_credentials?(@credentials)
|
|
141
|
+
@credentials = Credentials.new(
|
|
142
|
+
c['AccessKeyId'],
|
|
143
|
+
c['SecretAccessKey'],
|
|
144
|
+
c['Token']
|
|
145
|
+
)
|
|
146
|
+
@expiration = c['Expiration'] ? Time.iso8601(c['Expiration']) : nil
|
|
147
|
+
if @expiration && @expiration < Time.now
|
|
148
|
+
@no_refresh_until = Time.now + refresh_offset
|
|
149
|
+
warn_expired_credentials
|
|
150
|
+
end
|
|
151
|
+
else
|
|
152
|
+
# credentials are already set, update them only if the new ones are not empty
|
|
153
|
+
if !c['AccessKeyId'] || c['AccessKeyId'].empty?
|
|
154
|
+
# error getting new credentials
|
|
155
|
+
@no_refresh_until = Time.now + refresh_offset
|
|
156
|
+
warn_expired_credentials
|
|
157
|
+
else
|
|
158
|
+
@credentials = Credentials.new(
|
|
159
|
+
c['AccessKeyId'],
|
|
160
|
+
c['SecretAccessKey'],
|
|
161
|
+
c['Token']
|
|
162
|
+
)
|
|
163
|
+
@expiration = c['Expiration'] ? Time.iso8601(c['Expiration']) : nil
|
|
164
|
+
if @expiration && @expiration < Time.now
|
|
165
|
+
@no_refresh_until = Time.now + refresh_offset
|
|
166
|
+
warn_expired_credentials
|
|
167
|
+
end
|
|
168
|
+
end
|
|
169
|
+
end
|
|
170
|
+
|
|
140
171
|
end
|
|
141
172
|
rescue Aws::Json::ParseError
|
|
142
173
|
raise Aws::Errors::MetadataParserError
|
|
@@ -260,6 +291,21 @@ module Aws
|
|
|
260
291
|
end
|
|
261
292
|
end
|
|
262
293
|
|
|
294
|
+
def warn_expired_credentials
|
|
295
|
+
warn("Attempting credential expiration extension due to a credential "\
|
|
296
|
+
"service availability issue. A refresh of these credentials "\
|
|
297
|
+
"will be attempted again in 5 minutes.")
|
|
298
|
+
end
|
|
299
|
+
|
|
300
|
+
def empty_credentials?(creds)
|
|
301
|
+
!creds || !creds.access_key_id || creds.access_key_id.empty?
|
|
302
|
+
end
|
|
303
|
+
|
|
304
|
+
# Compute an offset for refresh with jitter
|
|
305
|
+
def refresh_offset
|
|
306
|
+
300 + rand(0..60)
|
|
307
|
+
end
|
|
308
|
+
|
|
263
309
|
# @api private
|
|
264
310
|
# Token used to fetch IMDS profile and credentials
|
|
265
311
|
class Token
|
data/lib/aws-sdk-sso/client.rb
CHANGED
data/lib/aws-sdk-sso.rb
CHANGED
data/lib/aws-sdk-sts/client.rb
CHANGED
|
@@ -2290,7 +2290,7 @@ module Aws::STS
|
|
|
2290
2290
|
params: params,
|
|
2291
2291
|
config: config)
|
|
2292
2292
|
context[:gem_name] = 'aws-sdk-core'
|
|
2293
|
-
context[:gem_version] = '3.
|
|
2293
|
+
context[:gem_version] = '3.129.0'
|
|
2294
2294
|
Seahorse::Client::Request.new(handlers, context)
|
|
2295
2295
|
end
|
|
2296
2296
|
|
data/lib/aws-sdk-sts.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-core
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.129.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-03-
|
|
11
|
+
date: 2022-03-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: jmespath
|