aws-sdk-core 3.128.1 → 3.129.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-core/instance_profile_credentials.rb +52 -6
- data/lib/aws-sdk-sso/client.rb +1 -1
- data/lib/aws-sdk-sso.rb +1 -1
- data/lib/aws-sdk-sts/client.rb +1 -1
- data/lib/aws-sdk-sts.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ed3d2d582fb74767dc5f0d2211e65c95f0c6513ea3b251ac91fe9e4911ca10cb
|
4
|
+
data.tar.gz: c8b4261e45c2ec02e5c38ccc3f37cf7cce3de1ad47f5fe6a31b8e6cfe773d5f4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: da350fda9592e059be2b4fd2d355e580f8e2cfa7c638bdf2524564073441b96543d0e00444a69209e6950a902ba98828aceee1740ccbb7a58d755638883fdc27
|
7
|
+
data.tar.gz: 4ec8d06a538e401bd9864564daa04cbad71c546872fe98b4b43c5796f69f00fa492f5be203f456e5db13231b7dfe3a2df26661cafc0a0d787c545cfcfccc7792
|
data/CHANGELOG.md
CHANGED
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
3.
|
1
|
+
3.129.0
|
@@ -78,6 +78,7 @@ module Aws
|
|
78
78
|
@backoff = backoff(options[:backoff])
|
79
79
|
@token_ttl = options[:token_ttl] || 21_600
|
80
80
|
@token = nil
|
81
|
+
@no_refresh_until = nil
|
81
82
|
super
|
82
83
|
end
|
83
84
|
|
@@ -125,18 +126,48 @@ module Aws
|
|
125
126
|
end
|
126
127
|
|
127
128
|
def refresh
|
129
|
+
if @no_refresh_until && @no_refresh_until > Time.now
|
130
|
+
warn_expired_credentials
|
131
|
+
return
|
132
|
+
end
|
133
|
+
|
128
134
|
# Retry loading credentials up to 3 times is the instance metadata
|
129
135
|
# service is responding but is returning invalid JSON documents
|
130
136
|
# in response to the GET profile credentials call.
|
131
137
|
begin
|
132
138
|
retry_errors([Aws::Json::ParseError, StandardError], max_retries: 3) do
|
133
139
|
c = Aws::Json.load(get_credentials.to_s)
|
134
|
-
@credentials
|
135
|
-
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
+
if empty_credentials?(@credentials)
|
141
|
+
@credentials = Credentials.new(
|
142
|
+
c['AccessKeyId'],
|
143
|
+
c['SecretAccessKey'],
|
144
|
+
c['Token']
|
145
|
+
)
|
146
|
+
@expiration = c['Expiration'] ? Time.iso8601(c['Expiration']) : nil
|
147
|
+
if @expiration && @expiration < Time.now
|
148
|
+
@no_refresh_until = Time.now + refresh_offset
|
149
|
+
warn_expired_credentials
|
150
|
+
end
|
151
|
+
else
|
152
|
+
# credentials are already set, update them only if the new ones are not empty
|
153
|
+
if !c['AccessKeyId'] || c['AccessKeyId'].empty?
|
154
|
+
# error getting new credentials
|
155
|
+
@no_refresh_until = Time.now + refresh_offset
|
156
|
+
warn_expired_credentials
|
157
|
+
else
|
158
|
+
@credentials = Credentials.new(
|
159
|
+
c['AccessKeyId'],
|
160
|
+
c['SecretAccessKey'],
|
161
|
+
c['Token']
|
162
|
+
)
|
163
|
+
@expiration = c['Expiration'] ? Time.iso8601(c['Expiration']) : nil
|
164
|
+
if @expiration && @expiration < Time.now
|
165
|
+
@no_refresh_until = Time.now + refresh_offset
|
166
|
+
warn_expired_credentials
|
167
|
+
end
|
168
|
+
end
|
169
|
+
end
|
170
|
+
|
140
171
|
end
|
141
172
|
rescue Aws::Json::ParseError
|
142
173
|
raise Aws::Errors::MetadataParserError
|
@@ -260,6 +291,21 @@ module Aws
|
|
260
291
|
end
|
261
292
|
end
|
262
293
|
|
294
|
+
def warn_expired_credentials
|
295
|
+
warn("Attempting credential expiration extension due to a credential "\
|
296
|
+
"service availability issue. A refresh of these credentials "\
|
297
|
+
"will be attempted again in 5 minutes.")
|
298
|
+
end
|
299
|
+
|
300
|
+
def empty_credentials?(creds)
|
301
|
+
!creds || !creds.access_key_id || creds.access_key_id.empty?
|
302
|
+
end
|
303
|
+
|
304
|
+
# Compute an offset for refresh with jitter
|
305
|
+
def refresh_offset
|
306
|
+
300 + rand(0..60)
|
307
|
+
end
|
308
|
+
|
263
309
|
# @api private
|
264
310
|
# Token used to fetch IMDS profile and credentials
|
265
311
|
class Token
|
data/lib/aws-sdk-sso/client.rb
CHANGED
data/lib/aws-sdk-sso.rb
CHANGED
data/lib/aws-sdk-sts/client.rb
CHANGED
@@ -2290,7 +2290,7 @@ module Aws::STS
|
|
2290
2290
|
params: params,
|
2291
2291
|
config: config)
|
2292
2292
|
context[:gem_name] = 'aws-sdk-core'
|
2293
|
-
context[:gem_version] = '3.
|
2293
|
+
context[:gem_version] = '3.129.0'
|
2294
2294
|
Seahorse::Client::Request.new(handlers, context)
|
2295
2295
|
end
|
2296
2296
|
|
data/lib/aws-sdk-sts.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-core
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.129.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-03-
|
11
|
+
date: 2022-03-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: jmespath
|