aws-sdk-s3 1.103.0 → 1.120.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (59) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +139 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-s3/bucket.rb +134 -34
  5. data/lib/aws-sdk-s3/bucket_acl.rb +18 -2
  6. data/lib/aws-sdk-s3/bucket_cors.rb +20 -4
  7. data/lib/aws-sdk-s3/bucket_lifecycle.rb +24 -6
  8. data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb +28 -6
  9. data/lib/aws-sdk-s3/bucket_logging.rb +18 -2
  10. data/lib/aws-sdk-s3/bucket_notification.rb +17 -5
  11. data/lib/aws-sdk-s3/bucket_policy.rb +20 -4
  12. data/lib/aws-sdk-s3/bucket_request_payment.rb +18 -2
  13. data/lib/aws-sdk-s3/bucket_tagging.rb +20 -4
  14. data/lib/aws-sdk-s3/bucket_versioning.rb +54 -6
  15. data/lib/aws-sdk-s3/bucket_website.rb +20 -4
  16. data/lib/aws-sdk-s3/client.rb +2574 -1199
  17. data/lib/aws-sdk-s3/client_api.rb +574 -208
  18. data/lib/aws-sdk-s3/customizations/bucket.rb +20 -46
  19. data/lib/aws-sdk-s3/customizations/errors.rb +27 -0
  20. data/lib/aws-sdk-s3/customizations/object.rb +80 -4
  21. data/lib/aws-sdk-s3/customizations/types/permanent_redirect.rb +26 -0
  22. data/lib/aws-sdk-s3/customizations.rb +2 -0
  23. data/lib/aws-sdk-s3/endpoint_parameters.rb +142 -0
  24. data/lib/aws-sdk-s3/endpoint_provider.rb +733 -0
  25. data/lib/aws-sdk-s3/endpoints.rb +2149 -0
  26. data/lib/aws-sdk-s3/file_downloader.rb +1 -1
  27. data/lib/aws-sdk-s3/file_uploader.rb +5 -0
  28. data/lib/aws-sdk-s3/multipart_file_uploader.rb +26 -7
  29. data/lib/aws-sdk-s3/multipart_stream_uploader.rb +36 -10
  30. data/lib/aws-sdk-s3/multipart_upload.rb +126 -12
  31. data/lib/aws-sdk-s3/multipart_upload_part.rb +133 -14
  32. data/lib/aws-sdk-s3/object.rb +289 -112
  33. data/lib/aws-sdk-s3/object_acl.rb +20 -4
  34. data/lib/aws-sdk-s3/object_multipart_copier.rb +11 -5
  35. data/lib/aws-sdk-s3/object_summary.rb +204 -74
  36. data/lib/aws-sdk-s3/object_version.rb +68 -40
  37. data/lib/aws-sdk-s3/plugins/accelerate.rb +3 -44
  38. data/lib/aws-sdk-s3/plugins/arn.rb +0 -197
  39. data/lib/aws-sdk-s3/plugins/bucket_dns.rb +3 -39
  40. data/lib/aws-sdk-s3/plugins/bucket_name_restrictions.rb +1 -6
  41. data/lib/aws-sdk-s3/plugins/dualstack.rb +1 -55
  42. data/lib/aws-sdk-s3/plugins/endpoints.rb +262 -0
  43. data/lib/aws-sdk-s3/plugins/expect_100_continue.rb +2 -1
  44. data/lib/aws-sdk-s3/plugins/iad_regional_endpoint.rb +6 -29
  45. data/lib/aws-sdk-s3/plugins/md5s.rb +5 -3
  46. data/lib/aws-sdk-s3/plugins/s3_signer.rb +33 -109
  47. data/lib/aws-sdk-s3/plugins/skip_whole_multipart_get_checksums.rb +31 -0
  48. data/lib/aws-sdk-s3/plugins/streaming_retry.rb +23 -2
  49. data/lib/aws-sdk-s3/presigned_post.rb +47 -35
  50. data/lib/aws-sdk-s3/presigner.rb +20 -33
  51. data/lib/aws-sdk-s3/resource.rb +19 -1
  52. data/lib/aws-sdk-s3/types.rb +2519 -4175
  53. data/lib/aws-sdk-s3.rb +5 -1
  54. metadata +11 -9
  55. data/lib/aws-sdk-s3/arn/access_point_arn.rb +0 -69
  56. data/lib/aws-sdk-s3/arn/multi_region_access_point_arn.rb +0 -69
  57. data/lib/aws-sdk-s3/arn/object_lambda_arn.rb +0 -69
  58. data/lib/aws-sdk-s3/arn/outpost_access_point_arn.rb +0 -73
  59. data/lib/aws-sdk-s3/plugins/object_lambda_endpoint.rb +0 -25
@@ -0,0 +1,262 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+
11
+ module Aws::S3
12
+ module Plugins
13
+ class Endpoints < Seahorse::Client::Plugin
14
+ option(
15
+ :endpoint_provider,
16
+ doc_type: 'Aws::S3::EndpointProvider',
17
+ docstring: 'The endpoint provider used to resolve endpoints. Any '\
18
+ 'object that responds to `#resolve_endpoint(parameters)` '\
19
+ 'where `parameters` is a Struct similar to '\
20
+ '`Aws::S3::EndpointParameters`'
21
+ ) do |cfg|
22
+ Aws::S3::EndpointProvider.new
23
+ end
24
+
25
+ # @api private
26
+ class Handler < Seahorse::Client::Handler
27
+ def call(context)
28
+ # If endpoint was discovered, do not resolve or apply the endpoint.
29
+ unless context[:discovered_endpoint]
30
+ params = parameters_for_operation(context)
31
+ endpoint = context.config.endpoint_provider.resolve_endpoint(params)
32
+
33
+ context.http_request.endpoint = endpoint.url
34
+ apply_endpoint_headers(context, endpoint.headers)
35
+ end
36
+
37
+ context[:endpoint_params] = params
38
+ context[:auth_scheme] =
39
+ Aws::Endpoints.resolve_auth_scheme(context, endpoint)
40
+
41
+ @handler.call(context)
42
+ end
43
+
44
+ private
45
+
46
+ def apply_endpoint_headers(context, headers)
47
+ headers.each do |key, values|
48
+ value = values
49
+ .compact
50
+ .map { |s| Seahorse::Util.escape_header_list_string(s.to_s) }
51
+ .join(',')
52
+
53
+ context.http_request.headers[key] = value
54
+ end
55
+ end
56
+
57
+ def parameters_for_operation(context)
58
+ case context.operation_name
59
+ when :abort_multipart_upload
60
+ Aws::S3::Endpoints::AbortMultipartUpload.build(context)
61
+ when :complete_multipart_upload
62
+ Aws::S3::Endpoints::CompleteMultipartUpload.build(context)
63
+ when :copy_object
64
+ Aws::S3::Endpoints::CopyObject.build(context)
65
+ when :create_bucket
66
+ Aws::S3::Endpoints::CreateBucket.build(context)
67
+ when :create_multipart_upload
68
+ Aws::S3::Endpoints::CreateMultipartUpload.build(context)
69
+ when :delete_bucket
70
+ Aws::S3::Endpoints::DeleteBucket.build(context)
71
+ when :delete_bucket_analytics_configuration
72
+ Aws::S3::Endpoints::DeleteBucketAnalyticsConfiguration.build(context)
73
+ when :delete_bucket_cors
74
+ Aws::S3::Endpoints::DeleteBucketCors.build(context)
75
+ when :delete_bucket_encryption
76
+ Aws::S3::Endpoints::DeleteBucketEncryption.build(context)
77
+ when :delete_bucket_intelligent_tiering_configuration
78
+ Aws::S3::Endpoints::DeleteBucketIntelligentTieringConfiguration.build(context)
79
+ when :delete_bucket_inventory_configuration
80
+ Aws::S3::Endpoints::DeleteBucketInventoryConfiguration.build(context)
81
+ when :delete_bucket_lifecycle
82
+ Aws::S3::Endpoints::DeleteBucketLifecycle.build(context)
83
+ when :delete_bucket_metrics_configuration
84
+ Aws::S3::Endpoints::DeleteBucketMetricsConfiguration.build(context)
85
+ when :delete_bucket_ownership_controls
86
+ Aws::S3::Endpoints::DeleteBucketOwnershipControls.build(context)
87
+ when :delete_bucket_policy
88
+ Aws::S3::Endpoints::DeleteBucketPolicy.build(context)
89
+ when :delete_bucket_replication
90
+ Aws::S3::Endpoints::DeleteBucketReplication.build(context)
91
+ when :delete_bucket_tagging
92
+ Aws::S3::Endpoints::DeleteBucketTagging.build(context)
93
+ when :delete_bucket_website
94
+ Aws::S3::Endpoints::DeleteBucketWebsite.build(context)
95
+ when :delete_object
96
+ Aws::S3::Endpoints::DeleteObject.build(context)
97
+ when :delete_object_tagging
98
+ Aws::S3::Endpoints::DeleteObjectTagging.build(context)
99
+ when :delete_objects
100
+ Aws::S3::Endpoints::DeleteObjects.build(context)
101
+ when :delete_public_access_block
102
+ Aws::S3::Endpoints::DeletePublicAccessBlock.build(context)
103
+ when :get_bucket_accelerate_configuration
104
+ Aws::S3::Endpoints::GetBucketAccelerateConfiguration.build(context)
105
+ when :get_bucket_acl
106
+ Aws::S3::Endpoints::GetBucketAcl.build(context)
107
+ when :get_bucket_analytics_configuration
108
+ Aws::S3::Endpoints::GetBucketAnalyticsConfiguration.build(context)
109
+ when :get_bucket_cors
110
+ Aws::S3::Endpoints::GetBucketCors.build(context)
111
+ when :get_bucket_encryption
112
+ Aws::S3::Endpoints::GetBucketEncryption.build(context)
113
+ when :get_bucket_intelligent_tiering_configuration
114
+ Aws::S3::Endpoints::GetBucketIntelligentTieringConfiguration.build(context)
115
+ when :get_bucket_inventory_configuration
116
+ Aws::S3::Endpoints::GetBucketInventoryConfiguration.build(context)
117
+ when :get_bucket_lifecycle
118
+ Aws::S3::Endpoints::GetBucketLifecycle.build(context)
119
+ when :get_bucket_lifecycle_configuration
120
+ Aws::S3::Endpoints::GetBucketLifecycleConfiguration.build(context)
121
+ when :get_bucket_location
122
+ Aws::S3::Endpoints::GetBucketLocation.build(context)
123
+ when :get_bucket_logging
124
+ Aws::S3::Endpoints::GetBucketLogging.build(context)
125
+ when :get_bucket_metrics_configuration
126
+ Aws::S3::Endpoints::GetBucketMetricsConfiguration.build(context)
127
+ when :get_bucket_notification
128
+ Aws::S3::Endpoints::GetBucketNotification.build(context)
129
+ when :get_bucket_notification_configuration
130
+ Aws::S3::Endpoints::GetBucketNotificationConfiguration.build(context)
131
+ when :get_bucket_ownership_controls
132
+ Aws::S3::Endpoints::GetBucketOwnershipControls.build(context)
133
+ when :get_bucket_policy
134
+ Aws::S3::Endpoints::GetBucketPolicy.build(context)
135
+ when :get_bucket_policy_status
136
+ Aws::S3::Endpoints::GetBucketPolicyStatus.build(context)
137
+ when :get_bucket_replication
138
+ Aws::S3::Endpoints::GetBucketReplication.build(context)
139
+ when :get_bucket_request_payment
140
+ Aws::S3::Endpoints::GetBucketRequestPayment.build(context)
141
+ when :get_bucket_tagging
142
+ Aws::S3::Endpoints::GetBucketTagging.build(context)
143
+ when :get_bucket_versioning
144
+ Aws::S3::Endpoints::GetBucketVersioning.build(context)
145
+ when :get_bucket_website
146
+ Aws::S3::Endpoints::GetBucketWebsite.build(context)
147
+ when :get_object
148
+ Aws::S3::Endpoints::GetObject.build(context)
149
+ when :get_object_acl
150
+ Aws::S3::Endpoints::GetObjectAcl.build(context)
151
+ when :get_object_attributes
152
+ Aws::S3::Endpoints::GetObjectAttributes.build(context)
153
+ when :get_object_legal_hold
154
+ Aws::S3::Endpoints::GetObjectLegalHold.build(context)
155
+ when :get_object_lock_configuration
156
+ Aws::S3::Endpoints::GetObjectLockConfiguration.build(context)
157
+ when :get_object_retention
158
+ Aws::S3::Endpoints::GetObjectRetention.build(context)
159
+ when :get_object_tagging
160
+ Aws::S3::Endpoints::GetObjectTagging.build(context)
161
+ when :get_object_torrent
162
+ Aws::S3::Endpoints::GetObjectTorrent.build(context)
163
+ when :get_public_access_block
164
+ Aws::S3::Endpoints::GetPublicAccessBlock.build(context)
165
+ when :head_bucket
166
+ Aws::S3::Endpoints::HeadBucket.build(context)
167
+ when :head_object
168
+ Aws::S3::Endpoints::HeadObject.build(context)
169
+ when :list_bucket_analytics_configurations
170
+ Aws::S3::Endpoints::ListBucketAnalyticsConfigurations.build(context)
171
+ when :list_bucket_intelligent_tiering_configurations
172
+ Aws::S3::Endpoints::ListBucketIntelligentTieringConfigurations.build(context)
173
+ when :list_bucket_inventory_configurations
174
+ Aws::S3::Endpoints::ListBucketInventoryConfigurations.build(context)
175
+ when :list_bucket_metrics_configurations
176
+ Aws::S3::Endpoints::ListBucketMetricsConfigurations.build(context)
177
+ when :list_buckets
178
+ Aws::S3::Endpoints::ListBuckets.build(context)
179
+ when :list_multipart_uploads
180
+ Aws::S3::Endpoints::ListMultipartUploads.build(context)
181
+ when :list_object_versions
182
+ Aws::S3::Endpoints::ListObjectVersions.build(context)
183
+ when :list_objects
184
+ Aws::S3::Endpoints::ListObjects.build(context)
185
+ when :list_objects_v2
186
+ Aws::S3::Endpoints::ListObjectsV2.build(context)
187
+ when :list_parts
188
+ Aws::S3::Endpoints::ListParts.build(context)
189
+ when :put_bucket_accelerate_configuration
190
+ Aws::S3::Endpoints::PutBucketAccelerateConfiguration.build(context)
191
+ when :put_bucket_acl
192
+ Aws::S3::Endpoints::PutBucketAcl.build(context)
193
+ when :put_bucket_analytics_configuration
194
+ Aws::S3::Endpoints::PutBucketAnalyticsConfiguration.build(context)
195
+ when :put_bucket_cors
196
+ Aws::S3::Endpoints::PutBucketCors.build(context)
197
+ when :put_bucket_encryption
198
+ Aws::S3::Endpoints::PutBucketEncryption.build(context)
199
+ when :put_bucket_intelligent_tiering_configuration
200
+ Aws::S3::Endpoints::PutBucketIntelligentTieringConfiguration.build(context)
201
+ when :put_bucket_inventory_configuration
202
+ Aws::S3::Endpoints::PutBucketInventoryConfiguration.build(context)
203
+ when :put_bucket_lifecycle
204
+ Aws::S3::Endpoints::PutBucketLifecycle.build(context)
205
+ when :put_bucket_lifecycle_configuration
206
+ Aws::S3::Endpoints::PutBucketLifecycleConfiguration.build(context)
207
+ when :put_bucket_logging
208
+ Aws::S3::Endpoints::PutBucketLogging.build(context)
209
+ when :put_bucket_metrics_configuration
210
+ Aws::S3::Endpoints::PutBucketMetricsConfiguration.build(context)
211
+ when :put_bucket_notification
212
+ Aws::S3::Endpoints::PutBucketNotification.build(context)
213
+ when :put_bucket_notification_configuration
214
+ Aws::S3::Endpoints::PutBucketNotificationConfiguration.build(context)
215
+ when :put_bucket_ownership_controls
216
+ Aws::S3::Endpoints::PutBucketOwnershipControls.build(context)
217
+ when :put_bucket_policy
218
+ Aws::S3::Endpoints::PutBucketPolicy.build(context)
219
+ when :put_bucket_replication
220
+ Aws::S3::Endpoints::PutBucketReplication.build(context)
221
+ when :put_bucket_request_payment
222
+ Aws::S3::Endpoints::PutBucketRequestPayment.build(context)
223
+ when :put_bucket_tagging
224
+ Aws::S3::Endpoints::PutBucketTagging.build(context)
225
+ when :put_bucket_versioning
226
+ Aws::S3::Endpoints::PutBucketVersioning.build(context)
227
+ when :put_bucket_website
228
+ Aws::S3::Endpoints::PutBucketWebsite.build(context)
229
+ when :put_object
230
+ Aws::S3::Endpoints::PutObject.build(context)
231
+ when :put_object_acl
232
+ Aws::S3::Endpoints::PutObjectAcl.build(context)
233
+ when :put_object_legal_hold
234
+ Aws::S3::Endpoints::PutObjectLegalHold.build(context)
235
+ when :put_object_lock_configuration
236
+ Aws::S3::Endpoints::PutObjectLockConfiguration.build(context)
237
+ when :put_object_retention
238
+ Aws::S3::Endpoints::PutObjectRetention.build(context)
239
+ when :put_object_tagging
240
+ Aws::S3::Endpoints::PutObjectTagging.build(context)
241
+ when :put_public_access_block
242
+ Aws::S3::Endpoints::PutPublicAccessBlock.build(context)
243
+ when :restore_object
244
+ Aws::S3::Endpoints::RestoreObject.build(context)
245
+ when :select_object_content
246
+ Aws::S3::Endpoints::SelectObjectContent.build(context)
247
+ when :upload_part
248
+ Aws::S3::Endpoints::UploadPart.build(context)
249
+ when :upload_part_copy
250
+ Aws::S3::Endpoints::UploadPartCopy.build(context)
251
+ when :write_get_object_response
252
+ Aws::S3::Endpoints::WriteGetObjectResponse.build(context)
253
+ end
254
+ end
255
+ end
256
+
257
+ def add_handlers(handlers, _config)
258
+ handlers.add(Handler, step: :build, priority: 75)
259
+ end
260
+ end
261
+ end
262
+ end
@@ -16,7 +16,8 @@ module Aws
16
16
 
17
17
  def call(context)
18
18
  body = context.http_request.body
19
- if body.respond_to?(:size) && body.size > 0
19
+ if body.respond_to?(:size) && body.size > 0 &&
20
+ !context[:use_accelerate_endpoint]
20
21
  context.http_request.headers['expect'] = '100-continue'
21
22
  end
22
23
  @handler.call(context)
@@ -16,40 +16,17 @@ Defaults to `legacy` mode which uses the global endpoint.
16
16
  resolve_iad_regional_endpoint(cfg)
17
17
  end
18
18
 
19
- def add_handlers(handlers, config)
20
- # only modify non-custom endpoints
21
- if config.regional_endpoint && config.region == 'us-east-1'
22
- handlers.add(Handler)
23
- end
24
- end
25
-
26
- # @api private
27
- class Handler < Seahorse::Client::Handler
28
-
29
- def call(context)
30
- # WriteGetObjectResponse does not have a global endpoint
31
- # ARNs are regionalized, so don't touch those either.
32
- if context.operation.name != 'WriteGetObjectResponse' &&
33
- context.config.s3_us_east_1_regional_endpoint == 'legacy' &&
34
- !context.metadata[:s3_arn]
35
- host = context.http_request.endpoint.host
36
- legacy_host = IADRegionalEndpoint.legacy_host(host)
37
- context.http_request.endpoint.host = legacy_host
38
- end
39
- @handler.call(context)
40
- end
41
-
42
- end
43
-
44
- def self.legacy_host(host)
45
- host.sub(".us-east-1", '')
46
- end
47
-
48
19
  private
49
20
 
50
21
  def self.resolve_iad_regional_endpoint(cfg)
22
+ default_mode_value =
23
+ if cfg.respond_to?(:defaults_mode_config_resolver)
24
+ cfg.defaults_mode_config_resolver.resolve(:s3_us_east_1_regional_endpoint)
25
+ end
26
+
51
27
  mode = ENV['AWS_S3_US_EAST_1_REGIONAL_ENDPOINT'] ||
52
28
  Aws.shared_config.s3_us_east_1_regional_endpoint(profile: cfg.profile) ||
29
+ default_mode_value ||
53
30
  'legacy'
54
31
  mode = mode.downcase
55
32
  unless %w(legacy regional).include?(mode)
@@ -22,9 +22,11 @@ module Aws
22
22
  CHUNK_SIZE = 1 * 1024 * 1024 # one MB
23
23
 
24
24
  def call(context)
25
- body = context.http_request.body
26
- if body.respond_to?(:size) && body.size > 0
27
- context.http_request.headers['Content-Md5'] ||= md5(body)
25
+ if !context[:checksum_algorithms] # skip in favor of flexible checksum
26
+ body = context.http_request.body
27
+ if body.respond_to?(:size) && body.size > 0
28
+ context.http_request.headers['Content-Md5'] ||= md5(body)
29
+ end
28
30
  end
29
31
  @handler.call(context)
30
32
  end
@@ -5,26 +5,13 @@ require 'aws-sigv4'
5
5
  module Aws
6
6
  module S3
7
7
  module Plugins
8
- # This plugin is an implementation detail and may be modified.
8
+ # This plugin used to have a V4 signer but it was removed in favor of
9
+ # generic Sign plugin that uses endpoint auth scheme.
10
+ #
9
11
  # @api private
10
12
  class S3Signer < Seahorse::Client::Plugin
11
13
  option(:signature_version, 'v4')
12
14
 
13
- option(:sigv4_signer) do |cfg|
14
- S3Signer.build_v4_signer(
15
- service: 's3',
16
- region: cfg.sigv4_region,
17
- credentials: cfg.credentials
18
- )
19
- end
20
-
21
- option(:sigv4_region) do |cfg|
22
- # S3 removes core's signature_v4 plugin that checks for this
23
- raise Aws::Errors::MissingRegionError if cfg.region.nil?
24
-
25
- Aws::Partitions::EndpointProvider.signing_region(cfg.region, 's3')
26
- end
27
-
28
15
  def add_handlers(handlers, cfg)
29
16
  case cfg.signature_version
30
17
  when 'v4' then add_v4_handlers(handlers)
@@ -37,11 +24,11 @@ module Aws
37
24
 
38
25
  def add_v4_handlers(handlers)
39
26
  handlers.add(CachedBucketRegionHandler, step: :sign, priority: 60)
40
- handlers.add(V4Handler, step: :sign)
41
27
  handlers.add(BucketRegionErrorHandler, step: :sign, priority: 40)
42
28
  end
43
29
 
44
30
  def add_legacy_handler(handlers)
31
+ # generic Sign plugin will be skipped if it sees sigv2
45
32
  handlers.add(LegacyHandler, step: :sign)
46
33
  end
47
34
 
@@ -52,53 +39,6 @@ module Aws
52
39
  end
53
40
  end
54
41
 
55
- class V4Handler < Seahorse::Client::Handler
56
- def call(context)
57
- Aws::Plugins::SignatureV4.apply_signature(
58
- context: context,
59
- signer: sigv4_signer(context)
60
- )
61
- @handler.call(context)
62
- end
63
-
64
- private
65
-
66
- def sigv4_signer(context)
67
- # If the client was configured with the wrong region,
68
- # we have to build a new signer.
69
- if context[:cached_sigv4_region] &&
70
- context[:cached_sigv4_region] != context.config.sigv4_signer.region
71
- S3Signer.build_v4_signer(
72
- service: 's3',
73
- region: context[:cached_sigv4_region],
74
- credentials: context.config.credentials
75
- )
76
- elsif (arn = context.metadata[:s3_arn])
77
- if arn[:arn].is_a?(MultiRegionAccessPointARN)
78
- signing_region = '*'
79
- signing_algorithm = :sigv4a
80
- else
81
- signing_region = arn[:resolved_region]
82
- signing_algorithm = :sigv4
83
- end
84
- S3Signer.build_v4_signer(
85
- service: arn[:arn].service,
86
- signing_algorithm: signing_algorithm,
87
- region: signing_region,
88
- credentials: context.config.credentials
89
- )
90
- elsif context.operation.name == 'WriteGetObjectResponse'
91
- S3Signer.build_v4_signer(
92
- service: 's3-object-lambda',
93
- region: context.config.sigv4_region,
94
- credentials: context.config.credentials
95
- )
96
- else
97
- context.config.sigv4_signer
98
- end
99
- end
100
- end
101
-
102
42
  # This handler will update the http endpoint when the bucket region
103
43
  # is known/cached.
104
44
  class CachedBucketRegionHandler < Seahorse::Client::Handler
@@ -116,7 +56,7 @@ module Aws
116
56
  context.http_request.endpoint.host = S3Signer.new_hostname(
117
57
  context, cached_region
118
58
  )
119
- context[:cached_sigv4_region] = cached_region
59
+ context[:sigv4_region] = cached_region # Sign plugin will use this
120
60
  end
121
61
  end
122
62
  end
@@ -124,7 +64,8 @@ module Aws
124
64
  # This handler detects when a request fails because of a mismatched bucket
125
65
  # region. It follows up by making a request to determine the correct
126
66
  # region, then finally a version 4 signed request against the correct
127
- # regional endpoint.
67
+ # regional endpoint. This is intended for s3's global endpoint which
68
+ # will return 400 if the bucket is not in region.
128
69
  class BucketRegionErrorHandler < Seahorse::Client::Handler
129
70
  def call(context)
130
71
  response = @handler.call(context)
@@ -136,7 +77,8 @@ module Aws
136
77
  def handle_region_errors(response)
137
78
  if wrong_sigv4_region?(response) &&
138
79
  !fips_region?(response) &&
139
- !custom_endpoint?(response)
80
+ !custom_endpoint?(response) &&
81
+ !expired_credentials?(response)
140
82
  get_region_and_retry(response.context)
141
83
  else
142
84
  response
@@ -157,14 +99,20 @@ module Aws
157
99
  end
158
100
 
159
101
  def fips_region?(resp)
160
- resp.context.http_request.endpoint.host.include?('fips')
102
+ resp.context.http_request.endpoint.host.include?('s3-fips.')
103
+ end
104
+
105
+ def expired_credentials?(resp)
106
+ resp.context.http_response.body_contents.match(/<Code>ExpiredToken<\/Code>/)
161
107
  end
162
108
 
163
109
  def custom_endpoint?(resp)
164
- resolved_suffix = Aws::Partitions::EndpointProvider.dns_suffix_for(
165
- resp.context.config.region
166
- )
167
- !resp.context.http_request.endpoint.hostname.include?(resolved_suffix)
110
+ region = resp.context.config.region
111
+ partition = Aws::Endpoints::Matchers.aws_partition(region)
112
+ endpoint = resp.context.http_request.endpoint
113
+
114
+ !endpoint.hostname.include?(partition['dnsSuffix']) &&
115
+ !endpoint.hostname.include?(partition['dualStackDnsSuffix'])
168
116
  end
169
117
 
170
118
  def wrong_sigv4_region?(resp)
@@ -179,18 +127,14 @@ module Aws
179
127
  context, actual_region
180
128
  )
181
129
  context.metadata[:redirect_region] = actual_region
182
- # if it's an ARN, use the service in the ARN
183
- if (arn = context.metadata[:s3_arn])
184
- service = arn[:arn].service
185
- end
186
- Aws::Plugins::SignatureV4.apply_signature(
187
- context: context,
188
- signer: S3Signer.build_v4_signer(
189
- service: service || 's3',
190
- region: actual_region,
191
- credentials: context.config.credentials
192
- )
130
+
131
+ signer = Aws::Plugins::Sign.signer_for(
132
+ context[:auth_scheme],
133
+ context.config,
134
+ actual_region
193
135
  )
136
+
137
+ signer.sign(context)
194
138
  end
195
139
 
196
140
  def region_from_body(body)
@@ -216,33 +160,13 @@ module Aws
216
160
  end
217
161
 
218
162
  class << self
219
- # @option options [required, String] :region
220
- # @option options [required, #credentials] :credentials
221
- # @api private
222
- def build_v4_signer(options = {})
223
- Aws::Sigv4::Signer.new(
224
- service: options[:service],
225
- region: options[:region],
226
- credentials_provider: options[:credentials],
227
- signing_algorithm: options.fetch(:signing_algorithm, :sigv4),
228
- uri_escape_path: false,
229
- unsigned_headers: ['content-length', 'x-amzn-trace-id']
230
- )
231
- end
232
-
233
- # Check to see if the bucket is actually an ARN
234
- # Otherwise it will retry with the ARN as the bucket name.
235
163
  def new_hostname(context, region)
236
- uri = URI.parse(
237
- Aws::Partitions::EndpointProvider.resolve(region, 's3')
238
- )
239
-
240
- if (arn = context.metadata[:s3_arn])
241
- # Retry with the response region and not the ARN resolved one
242
- ARN.resolve_url!(uri, arn[:arn], region).host
243
- else
244
- "#{context.params[:bucket]}.#{uri.host}"
245
- end
164
+ endpoint_params = context[:endpoint_params].dup
165
+ endpoint_params.region = region
166
+ endpoint_params.endpoint = nil
167
+ endpoint =
168
+ context.config.endpoint_provider.resolve_endpoint(endpoint_params)
169
+ URI(endpoint.url).host
246
170
  end
247
171
  end
248
172
  end
@@ -0,0 +1,31 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aws
4
+ module S3
5
+ module Plugins
6
+
7
+ # S3 GetObject results for whole Multipart Objects contain a checksum
8
+ # that cannot be validated. These should be skipped by the
9
+ # ChecksumAlgorithm plugin.
10
+ class SkipWholeMultipartGetChecksums < Seahorse::Client::Plugin
11
+
12
+ class Handler < Seahorse::Client::Handler
13
+
14
+ def call(context)
15
+ context[:http_checksum] ||= {}
16
+ context[:http_checksum][:skip_on_suffix] = true
17
+
18
+ @handler.call(context)
19
+ end
20
+
21
+ end
22
+
23
+ handler(
24
+ Handler,
25
+ step: :initialize,
26
+ operations: [:get_object]
27
+ )
28
+ end
29
+ end
30
+ end
31
+ end
@@ -36,6 +36,17 @@ module Aws
36
36
  def rewind; end
37
37
  end
38
38
 
39
+ class NonRetryableStreamingError < StandardError
40
+
41
+ def initialize(error)
42
+ super('Unable to retry request - retry could result in processing duplicated chunks.')
43
+ set_backtrace(error.backtrace)
44
+ @original_error = error
45
+ end
46
+
47
+ attr_reader :original_error
48
+ end
49
+
39
50
  # This handler works with the ResponseTarget plugin to provide smart
40
51
  # retries of S3 streaming operations that support the range parameter
41
52
  # (currently only: get_object). When a 200 OK with a TruncatedBodyError
@@ -84,8 +95,18 @@ module Aws
84
95
  end
85
96
 
86
97
  context.http_response.on_error do |error|
87
- if retryable_body?(context) && truncated_body?(error)
88
- context.http_request.headers[:range] = "bytes=#{context.http_response.body.size}-"
98
+ if retryable_body?(context)
99
+ if truncated_body?(error)
100
+ context.http_request.headers[:range] = "bytes=#{context.http_response.body.size}-"
101
+ else
102
+ case context.http_response.body
103
+ when RetryableManagedFile
104
+ # call rewind on the underlying file
105
+ context.http_response.body.instance_variable_get(:@file).rewind
106
+ else
107
+ raise NonRetryableStreamingError, error
108
+ end
109
+ end
89
110
  end
90
111
  end
91
112
  end