aws-sdk-s3 1.103.0 → 1.120.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +139 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-s3/bucket.rb +134 -34
- data/lib/aws-sdk-s3/bucket_acl.rb +18 -2
- data/lib/aws-sdk-s3/bucket_cors.rb +20 -4
- data/lib/aws-sdk-s3/bucket_lifecycle.rb +24 -6
- data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb +28 -6
- data/lib/aws-sdk-s3/bucket_logging.rb +18 -2
- data/lib/aws-sdk-s3/bucket_notification.rb +17 -5
- data/lib/aws-sdk-s3/bucket_policy.rb +20 -4
- data/lib/aws-sdk-s3/bucket_request_payment.rb +18 -2
- data/lib/aws-sdk-s3/bucket_tagging.rb +20 -4
- data/lib/aws-sdk-s3/bucket_versioning.rb +54 -6
- data/lib/aws-sdk-s3/bucket_website.rb +20 -4
- data/lib/aws-sdk-s3/client.rb +2574 -1199
- data/lib/aws-sdk-s3/client_api.rb +574 -208
- data/lib/aws-sdk-s3/customizations/bucket.rb +20 -46
- data/lib/aws-sdk-s3/customizations/errors.rb +27 -0
- data/lib/aws-sdk-s3/customizations/object.rb +80 -4
- data/lib/aws-sdk-s3/customizations/types/permanent_redirect.rb +26 -0
- data/lib/aws-sdk-s3/customizations.rb +2 -0
- data/lib/aws-sdk-s3/endpoint_parameters.rb +142 -0
- data/lib/aws-sdk-s3/endpoint_provider.rb +733 -0
- data/lib/aws-sdk-s3/endpoints.rb +2149 -0
- data/lib/aws-sdk-s3/file_downloader.rb +1 -1
- data/lib/aws-sdk-s3/file_uploader.rb +5 -0
- data/lib/aws-sdk-s3/multipart_file_uploader.rb +26 -7
- data/lib/aws-sdk-s3/multipart_stream_uploader.rb +36 -10
- data/lib/aws-sdk-s3/multipart_upload.rb +126 -12
- data/lib/aws-sdk-s3/multipart_upload_part.rb +133 -14
- data/lib/aws-sdk-s3/object.rb +289 -112
- data/lib/aws-sdk-s3/object_acl.rb +20 -4
- data/lib/aws-sdk-s3/object_multipart_copier.rb +11 -5
- data/lib/aws-sdk-s3/object_summary.rb +204 -74
- data/lib/aws-sdk-s3/object_version.rb +68 -40
- data/lib/aws-sdk-s3/plugins/accelerate.rb +3 -44
- data/lib/aws-sdk-s3/plugins/arn.rb +0 -197
- data/lib/aws-sdk-s3/plugins/bucket_dns.rb +3 -39
- data/lib/aws-sdk-s3/plugins/bucket_name_restrictions.rb +1 -6
- data/lib/aws-sdk-s3/plugins/dualstack.rb +1 -55
- data/lib/aws-sdk-s3/plugins/endpoints.rb +262 -0
- data/lib/aws-sdk-s3/plugins/expect_100_continue.rb +2 -1
- data/lib/aws-sdk-s3/plugins/iad_regional_endpoint.rb +6 -29
- data/lib/aws-sdk-s3/plugins/md5s.rb +5 -3
- data/lib/aws-sdk-s3/plugins/s3_signer.rb +33 -109
- data/lib/aws-sdk-s3/plugins/skip_whole_multipart_get_checksums.rb +31 -0
- data/lib/aws-sdk-s3/plugins/streaming_retry.rb +23 -2
- data/lib/aws-sdk-s3/presigned_post.rb +47 -35
- data/lib/aws-sdk-s3/presigner.rb +20 -33
- data/lib/aws-sdk-s3/resource.rb +19 -1
- data/lib/aws-sdk-s3/types.rb +2519 -4175
- data/lib/aws-sdk-s3.rb +5 -1
- metadata +11 -9
- data/lib/aws-sdk-s3/arn/access_point_arn.rb +0 -69
- data/lib/aws-sdk-s3/arn/multi_region_access_point_arn.rb +0 -69
- data/lib/aws-sdk-s3/arn/object_lambda_arn.rb +0 -69
- data/lib/aws-sdk-s3/arn/outpost_access_point_arn.rb +0 -73
- data/lib/aws-sdk-s3/plugins/object_lambda_endpoint.rb +0 -25
@@ -0,0 +1,262 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# WARNING ABOUT GENERATED CODE
|
4
|
+
#
|
5
|
+
# This file is generated. See the contributing guide for more information:
|
6
|
+
# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
|
7
|
+
#
|
8
|
+
# WARNING ABOUT GENERATED CODE
|
9
|
+
|
10
|
+
|
11
|
+
module Aws::S3
|
12
|
+
module Plugins
|
13
|
+
class Endpoints < Seahorse::Client::Plugin
|
14
|
+
option(
|
15
|
+
:endpoint_provider,
|
16
|
+
doc_type: 'Aws::S3::EndpointProvider',
|
17
|
+
docstring: 'The endpoint provider used to resolve endpoints. Any '\
|
18
|
+
'object that responds to `#resolve_endpoint(parameters)` '\
|
19
|
+
'where `parameters` is a Struct similar to '\
|
20
|
+
'`Aws::S3::EndpointParameters`'
|
21
|
+
) do |cfg|
|
22
|
+
Aws::S3::EndpointProvider.new
|
23
|
+
end
|
24
|
+
|
25
|
+
# @api private
|
26
|
+
class Handler < Seahorse::Client::Handler
|
27
|
+
def call(context)
|
28
|
+
# If endpoint was discovered, do not resolve or apply the endpoint.
|
29
|
+
unless context[:discovered_endpoint]
|
30
|
+
params = parameters_for_operation(context)
|
31
|
+
endpoint = context.config.endpoint_provider.resolve_endpoint(params)
|
32
|
+
|
33
|
+
context.http_request.endpoint = endpoint.url
|
34
|
+
apply_endpoint_headers(context, endpoint.headers)
|
35
|
+
end
|
36
|
+
|
37
|
+
context[:endpoint_params] = params
|
38
|
+
context[:auth_scheme] =
|
39
|
+
Aws::Endpoints.resolve_auth_scheme(context, endpoint)
|
40
|
+
|
41
|
+
@handler.call(context)
|
42
|
+
end
|
43
|
+
|
44
|
+
private
|
45
|
+
|
46
|
+
def apply_endpoint_headers(context, headers)
|
47
|
+
headers.each do |key, values|
|
48
|
+
value = values
|
49
|
+
.compact
|
50
|
+
.map { |s| Seahorse::Util.escape_header_list_string(s.to_s) }
|
51
|
+
.join(',')
|
52
|
+
|
53
|
+
context.http_request.headers[key] = value
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
def parameters_for_operation(context)
|
58
|
+
case context.operation_name
|
59
|
+
when :abort_multipart_upload
|
60
|
+
Aws::S3::Endpoints::AbortMultipartUpload.build(context)
|
61
|
+
when :complete_multipart_upload
|
62
|
+
Aws::S3::Endpoints::CompleteMultipartUpload.build(context)
|
63
|
+
when :copy_object
|
64
|
+
Aws::S3::Endpoints::CopyObject.build(context)
|
65
|
+
when :create_bucket
|
66
|
+
Aws::S3::Endpoints::CreateBucket.build(context)
|
67
|
+
when :create_multipart_upload
|
68
|
+
Aws::S3::Endpoints::CreateMultipartUpload.build(context)
|
69
|
+
when :delete_bucket
|
70
|
+
Aws::S3::Endpoints::DeleteBucket.build(context)
|
71
|
+
when :delete_bucket_analytics_configuration
|
72
|
+
Aws::S3::Endpoints::DeleteBucketAnalyticsConfiguration.build(context)
|
73
|
+
when :delete_bucket_cors
|
74
|
+
Aws::S3::Endpoints::DeleteBucketCors.build(context)
|
75
|
+
when :delete_bucket_encryption
|
76
|
+
Aws::S3::Endpoints::DeleteBucketEncryption.build(context)
|
77
|
+
when :delete_bucket_intelligent_tiering_configuration
|
78
|
+
Aws::S3::Endpoints::DeleteBucketIntelligentTieringConfiguration.build(context)
|
79
|
+
when :delete_bucket_inventory_configuration
|
80
|
+
Aws::S3::Endpoints::DeleteBucketInventoryConfiguration.build(context)
|
81
|
+
when :delete_bucket_lifecycle
|
82
|
+
Aws::S3::Endpoints::DeleteBucketLifecycle.build(context)
|
83
|
+
when :delete_bucket_metrics_configuration
|
84
|
+
Aws::S3::Endpoints::DeleteBucketMetricsConfiguration.build(context)
|
85
|
+
when :delete_bucket_ownership_controls
|
86
|
+
Aws::S3::Endpoints::DeleteBucketOwnershipControls.build(context)
|
87
|
+
when :delete_bucket_policy
|
88
|
+
Aws::S3::Endpoints::DeleteBucketPolicy.build(context)
|
89
|
+
when :delete_bucket_replication
|
90
|
+
Aws::S3::Endpoints::DeleteBucketReplication.build(context)
|
91
|
+
when :delete_bucket_tagging
|
92
|
+
Aws::S3::Endpoints::DeleteBucketTagging.build(context)
|
93
|
+
when :delete_bucket_website
|
94
|
+
Aws::S3::Endpoints::DeleteBucketWebsite.build(context)
|
95
|
+
when :delete_object
|
96
|
+
Aws::S3::Endpoints::DeleteObject.build(context)
|
97
|
+
when :delete_object_tagging
|
98
|
+
Aws::S3::Endpoints::DeleteObjectTagging.build(context)
|
99
|
+
when :delete_objects
|
100
|
+
Aws::S3::Endpoints::DeleteObjects.build(context)
|
101
|
+
when :delete_public_access_block
|
102
|
+
Aws::S3::Endpoints::DeletePublicAccessBlock.build(context)
|
103
|
+
when :get_bucket_accelerate_configuration
|
104
|
+
Aws::S3::Endpoints::GetBucketAccelerateConfiguration.build(context)
|
105
|
+
when :get_bucket_acl
|
106
|
+
Aws::S3::Endpoints::GetBucketAcl.build(context)
|
107
|
+
when :get_bucket_analytics_configuration
|
108
|
+
Aws::S3::Endpoints::GetBucketAnalyticsConfiguration.build(context)
|
109
|
+
when :get_bucket_cors
|
110
|
+
Aws::S3::Endpoints::GetBucketCors.build(context)
|
111
|
+
when :get_bucket_encryption
|
112
|
+
Aws::S3::Endpoints::GetBucketEncryption.build(context)
|
113
|
+
when :get_bucket_intelligent_tiering_configuration
|
114
|
+
Aws::S3::Endpoints::GetBucketIntelligentTieringConfiguration.build(context)
|
115
|
+
when :get_bucket_inventory_configuration
|
116
|
+
Aws::S3::Endpoints::GetBucketInventoryConfiguration.build(context)
|
117
|
+
when :get_bucket_lifecycle
|
118
|
+
Aws::S3::Endpoints::GetBucketLifecycle.build(context)
|
119
|
+
when :get_bucket_lifecycle_configuration
|
120
|
+
Aws::S3::Endpoints::GetBucketLifecycleConfiguration.build(context)
|
121
|
+
when :get_bucket_location
|
122
|
+
Aws::S3::Endpoints::GetBucketLocation.build(context)
|
123
|
+
when :get_bucket_logging
|
124
|
+
Aws::S3::Endpoints::GetBucketLogging.build(context)
|
125
|
+
when :get_bucket_metrics_configuration
|
126
|
+
Aws::S3::Endpoints::GetBucketMetricsConfiguration.build(context)
|
127
|
+
when :get_bucket_notification
|
128
|
+
Aws::S3::Endpoints::GetBucketNotification.build(context)
|
129
|
+
when :get_bucket_notification_configuration
|
130
|
+
Aws::S3::Endpoints::GetBucketNotificationConfiguration.build(context)
|
131
|
+
when :get_bucket_ownership_controls
|
132
|
+
Aws::S3::Endpoints::GetBucketOwnershipControls.build(context)
|
133
|
+
when :get_bucket_policy
|
134
|
+
Aws::S3::Endpoints::GetBucketPolicy.build(context)
|
135
|
+
when :get_bucket_policy_status
|
136
|
+
Aws::S3::Endpoints::GetBucketPolicyStatus.build(context)
|
137
|
+
when :get_bucket_replication
|
138
|
+
Aws::S3::Endpoints::GetBucketReplication.build(context)
|
139
|
+
when :get_bucket_request_payment
|
140
|
+
Aws::S3::Endpoints::GetBucketRequestPayment.build(context)
|
141
|
+
when :get_bucket_tagging
|
142
|
+
Aws::S3::Endpoints::GetBucketTagging.build(context)
|
143
|
+
when :get_bucket_versioning
|
144
|
+
Aws::S3::Endpoints::GetBucketVersioning.build(context)
|
145
|
+
when :get_bucket_website
|
146
|
+
Aws::S3::Endpoints::GetBucketWebsite.build(context)
|
147
|
+
when :get_object
|
148
|
+
Aws::S3::Endpoints::GetObject.build(context)
|
149
|
+
when :get_object_acl
|
150
|
+
Aws::S3::Endpoints::GetObjectAcl.build(context)
|
151
|
+
when :get_object_attributes
|
152
|
+
Aws::S3::Endpoints::GetObjectAttributes.build(context)
|
153
|
+
when :get_object_legal_hold
|
154
|
+
Aws::S3::Endpoints::GetObjectLegalHold.build(context)
|
155
|
+
when :get_object_lock_configuration
|
156
|
+
Aws::S3::Endpoints::GetObjectLockConfiguration.build(context)
|
157
|
+
when :get_object_retention
|
158
|
+
Aws::S3::Endpoints::GetObjectRetention.build(context)
|
159
|
+
when :get_object_tagging
|
160
|
+
Aws::S3::Endpoints::GetObjectTagging.build(context)
|
161
|
+
when :get_object_torrent
|
162
|
+
Aws::S3::Endpoints::GetObjectTorrent.build(context)
|
163
|
+
when :get_public_access_block
|
164
|
+
Aws::S3::Endpoints::GetPublicAccessBlock.build(context)
|
165
|
+
when :head_bucket
|
166
|
+
Aws::S3::Endpoints::HeadBucket.build(context)
|
167
|
+
when :head_object
|
168
|
+
Aws::S3::Endpoints::HeadObject.build(context)
|
169
|
+
when :list_bucket_analytics_configurations
|
170
|
+
Aws::S3::Endpoints::ListBucketAnalyticsConfigurations.build(context)
|
171
|
+
when :list_bucket_intelligent_tiering_configurations
|
172
|
+
Aws::S3::Endpoints::ListBucketIntelligentTieringConfigurations.build(context)
|
173
|
+
when :list_bucket_inventory_configurations
|
174
|
+
Aws::S3::Endpoints::ListBucketInventoryConfigurations.build(context)
|
175
|
+
when :list_bucket_metrics_configurations
|
176
|
+
Aws::S3::Endpoints::ListBucketMetricsConfigurations.build(context)
|
177
|
+
when :list_buckets
|
178
|
+
Aws::S3::Endpoints::ListBuckets.build(context)
|
179
|
+
when :list_multipart_uploads
|
180
|
+
Aws::S3::Endpoints::ListMultipartUploads.build(context)
|
181
|
+
when :list_object_versions
|
182
|
+
Aws::S3::Endpoints::ListObjectVersions.build(context)
|
183
|
+
when :list_objects
|
184
|
+
Aws::S3::Endpoints::ListObjects.build(context)
|
185
|
+
when :list_objects_v2
|
186
|
+
Aws::S3::Endpoints::ListObjectsV2.build(context)
|
187
|
+
when :list_parts
|
188
|
+
Aws::S3::Endpoints::ListParts.build(context)
|
189
|
+
when :put_bucket_accelerate_configuration
|
190
|
+
Aws::S3::Endpoints::PutBucketAccelerateConfiguration.build(context)
|
191
|
+
when :put_bucket_acl
|
192
|
+
Aws::S3::Endpoints::PutBucketAcl.build(context)
|
193
|
+
when :put_bucket_analytics_configuration
|
194
|
+
Aws::S3::Endpoints::PutBucketAnalyticsConfiguration.build(context)
|
195
|
+
when :put_bucket_cors
|
196
|
+
Aws::S3::Endpoints::PutBucketCors.build(context)
|
197
|
+
when :put_bucket_encryption
|
198
|
+
Aws::S3::Endpoints::PutBucketEncryption.build(context)
|
199
|
+
when :put_bucket_intelligent_tiering_configuration
|
200
|
+
Aws::S3::Endpoints::PutBucketIntelligentTieringConfiguration.build(context)
|
201
|
+
when :put_bucket_inventory_configuration
|
202
|
+
Aws::S3::Endpoints::PutBucketInventoryConfiguration.build(context)
|
203
|
+
when :put_bucket_lifecycle
|
204
|
+
Aws::S3::Endpoints::PutBucketLifecycle.build(context)
|
205
|
+
when :put_bucket_lifecycle_configuration
|
206
|
+
Aws::S3::Endpoints::PutBucketLifecycleConfiguration.build(context)
|
207
|
+
when :put_bucket_logging
|
208
|
+
Aws::S3::Endpoints::PutBucketLogging.build(context)
|
209
|
+
when :put_bucket_metrics_configuration
|
210
|
+
Aws::S3::Endpoints::PutBucketMetricsConfiguration.build(context)
|
211
|
+
when :put_bucket_notification
|
212
|
+
Aws::S3::Endpoints::PutBucketNotification.build(context)
|
213
|
+
when :put_bucket_notification_configuration
|
214
|
+
Aws::S3::Endpoints::PutBucketNotificationConfiguration.build(context)
|
215
|
+
when :put_bucket_ownership_controls
|
216
|
+
Aws::S3::Endpoints::PutBucketOwnershipControls.build(context)
|
217
|
+
when :put_bucket_policy
|
218
|
+
Aws::S3::Endpoints::PutBucketPolicy.build(context)
|
219
|
+
when :put_bucket_replication
|
220
|
+
Aws::S3::Endpoints::PutBucketReplication.build(context)
|
221
|
+
when :put_bucket_request_payment
|
222
|
+
Aws::S3::Endpoints::PutBucketRequestPayment.build(context)
|
223
|
+
when :put_bucket_tagging
|
224
|
+
Aws::S3::Endpoints::PutBucketTagging.build(context)
|
225
|
+
when :put_bucket_versioning
|
226
|
+
Aws::S3::Endpoints::PutBucketVersioning.build(context)
|
227
|
+
when :put_bucket_website
|
228
|
+
Aws::S3::Endpoints::PutBucketWebsite.build(context)
|
229
|
+
when :put_object
|
230
|
+
Aws::S3::Endpoints::PutObject.build(context)
|
231
|
+
when :put_object_acl
|
232
|
+
Aws::S3::Endpoints::PutObjectAcl.build(context)
|
233
|
+
when :put_object_legal_hold
|
234
|
+
Aws::S3::Endpoints::PutObjectLegalHold.build(context)
|
235
|
+
when :put_object_lock_configuration
|
236
|
+
Aws::S3::Endpoints::PutObjectLockConfiguration.build(context)
|
237
|
+
when :put_object_retention
|
238
|
+
Aws::S3::Endpoints::PutObjectRetention.build(context)
|
239
|
+
when :put_object_tagging
|
240
|
+
Aws::S3::Endpoints::PutObjectTagging.build(context)
|
241
|
+
when :put_public_access_block
|
242
|
+
Aws::S3::Endpoints::PutPublicAccessBlock.build(context)
|
243
|
+
when :restore_object
|
244
|
+
Aws::S3::Endpoints::RestoreObject.build(context)
|
245
|
+
when :select_object_content
|
246
|
+
Aws::S3::Endpoints::SelectObjectContent.build(context)
|
247
|
+
when :upload_part
|
248
|
+
Aws::S3::Endpoints::UploadPart.build(context)
|
249
|
+
when :upload_part_copy
|
250
|
+
Aws::S3::Endpoints::UploadPartCopy.build(context)
|
251
|
+
when :write_get_object_response
|
252
|
+
Aws::S3::Endpoints::WriteGetObjectResponse.build(context)
|
253
|
+
end
|
254
|
+
end
|
255
|
+
end
|
256
|
+
|
257
|
+
def add_handlers(handlers, _config)
|
258
|
+
handlers.add(Handler, step: :build, priority: 75)
|
259
|
+
end
|
260
|
+
end
|
261
|
+
end
|
262
|
+
end
|
@@ -16,7 +16,8 @@ module Aws
|
|
16
16
|
|
17
17
|
def call(context)
|
18
18
|
body = context.http_request.body
|
19
|
-
if body.respond_to?(:size) && body.size > 0
|
19
|
+
if body.respond_to?(:size) && body.size > 0 &&
|
20
|
+
!context[:use_accelerate_endpoint]
|
20
21
|
context.http_request.headers['expect'] = '100-continue'
|
21
22
|
end
|
22
23
|
@handler.call(context)
|
@@ -16,40 +16,17 @@ Defaults to `legacy` mode which uses the global endpoint.
|
|
16
16
|
resolve_iad_regional_endpoint(cfg)
|
17
17
|
end
|
18
18
|
|
19
|
-
def add_handlers(handlers, config)
|
20
|
-
# only modify non-custom endpoints
|
21
|
-
if config.regional_endpoint && config.region == 'us-east-1'
|
22
|
-
handlers.add(Handler)
|
23
|
-
end
|
24
|
-
end
|
25
|
-
|
26
|
-
# @api private
|
27
|
-
class Handler < Seahorse::Client::Handler
|
28
|
-
|
29
|
-
def call(context)
|
30
|
-
# WriteGetObjectResponse does not have a global endpoint
|
31
|
-
# ARNs are regionalized, so don't touch those either.
|
32
|
-
if context.operation.name != 'WriteGetObjectResponse' &&
|
33
|
-
context.config.s3_us_east_1_regional_endpoint == 'legacy' &&
|
34
|
-
!context.metadata[:s3_arn]
|
35
|
-
host = context.http_request.endpoint.host
|
36
|
-
legacy_host = IADRegionalEndpoint.legacy_host(host)
|
37
|
-
context.http_request.endpoint.host = legacy_host
|
38
|
-
end
|
39
|
-
@handler.call(context)
|
40
|
-
end
|
41
|
-
|
42
|
-
end
|
43
|
-
|
44
|
-
def self.legacy_host(host)
|
45
|
-
host.sub(".us-east-1", '')
|
46
|
-
end
|
47
|
-
|
48
19
|
private
|
49
20
|
|
50
21
|
def self.resolve_iad_regional_endpoint(cfg)
|
22
|
+
default_mode_value =
|
23
|
+
if cfg.respond_to?(:defaults_mode_config_resolver)
|
24
|
+
cfg.defaults_mode_config_resolver.resolve(:s3_us_east_1_regional_endpoint)
|
25
|
+
end
|
26
|
+
|
51
27
|
mode = ENV['AWS_S3_US_EAST_1_REGIONAL_ENDPOINT'] ||
|
52
28
|
Aws.shared_config.s3_us_east_1_regional_endpoint(profile: cfg.profile) ||
|
29
|
+
default_mode_value ||
|
53
30
|
'legacy'
|
54
31
|
mode = mode.downcase
|
55
32
|
unless %w(legacy regional).include?(mode)
|
@@ -22,9 +22,11 @@ module Aws
|
|
22
22
|
CHUNK_SIZE = 1 * 1024 * 1024 # one MB
|
23
23
|
|
24
24
|
def call(context)
|
25
|
-
|
26
|
-
|
27
|
-
|
25
|
+
if !context[:checksum_algorithms] # skip in favor of flexible checksum
|
26
|
+
body = context.http_request.body
|
27
|
+
if body.respond_to?(:size) && body.size > 0
|
28
|
+
context.http_request.headers['Content-Md5'] ||= md5(body)
|
29
|
+
end
|
28
30
|
end
|
29
31
|
@handler.call(context)
|
30
32
|
end
|
@@ -5,26 +5,13 @@ require 'aws-sigv4'
|
|
5
5
|
module Aws
|
6
6
|
module S3
|
7
7
|
module Plugins
|
8
|
-
# This plugin
|
8
|
+
# This plugin used to have a V4 signer but it was removed in favor of
|
9
|
+
# generic Sign plugin that uses endpoint auth scheme.
|
10
|
+
#
|
9
11
|
# @api private
|
10
12
|
class S3Signer < Seahorse::Client::Plugin
|
11
13
|
option(:signature_version, 'v4')
|
12
14
|
|
13
|
-
option(:sigv4_signer) do |cfg|
|
14
|
-
S3Signer.build_v4_signer(
|
15
|
-
service: 's3',
|
16
|
-
region: cfg.sigv4_region,
|
17
|
-
credentials: cfg.credentials
|
18
|
-
)
|
19
|
-
end
|
20
|
-
|
21
|
-
option(:sigv4_region) do |cfg|
|
22
|
-
# S3 removes core's signature_v4 plugin that checks for this
|
23
|
-
raise Aws::Errors::MissingRegionError if cfg.region.nil?
|
24
|
-
|
25
|
-
Aws::Partitions::EndpointProvider.signing_region(cfg.region, 's3')
|
26
|
-
end
|
27
|
-
|
28
15
|
def add_handlers(handlers, cfg)
|
29
16
|
case cfg.signature_version
|
30
17
|
when 'v4' then add_v4_handlers(handlers)
|
@@ -37,11 +24,11 @@ module Aws
|
|
37
24
|
|
38
25
|
def add_v4_handlers(handlers)
|
39
26
|
handlers.add(CachedBucketRegionHandler, step: :sign, priority: 60)
|
40
|
-
handlers.add(V4Handler, step: :sign)
|
41
27
|
handlers.add(BucketRegionErrorHandler, step: :sign, priority: 40)
|
42
28
|
end
|
43
29
|
|
44
30
|
def add_legacy_handler(handlers)
|
31
|
+
# generic Sign plugin will be skipped if it sees sigv2
|
45
32
|
handlers.add(LegacyHandler, step: :sign)
|
46
33
|
end
|
47
34
|
|
@@ -52,53 +39,6 @@ module Aws
|
|
52
39
|
end
|
53
40
|
end
|
54
41
|
|
55
|
-
class V4Handler < Seahorse::Client::Handler
|
56
|
-
def call(context)
|
57
|
-
Aws::Plugins::SignatureV4.apply_signature(
|
58
|
-
context: context,
|
59
|
-
signer: sigv4_signer(context)
|
60
|
-
)
|
61
|
-
@handler.call(context)
|
62
|
-
end
|
63
|
-
|
64
|
-
private
|
65
|
-
|
66
|
-
def sigv4_signer(context)
|
67
|
-
# If the client was configured with the wrong region,
|
68
|
-
# we have to build a new signer.
|
69
|
-
if context[:cached_sigv4_region] &&
|
70
|
-
context[:cached_sigv4_region] != context.config.sigv4_signer.region
|
71
|
-
S3Signer.build_v4_signer(
|
72
|
-
service: 's3',
|
73
|
-
region: context[:cached_sigv4_region],
|
74
|
-
credentials: context.config.credentials
|
75
|
-
)
|
76
|
-
elsif (arn = context.metadata[:s3_arn])
|
77
|
-
if arn[:arn].is_a?(MultiRegionAccessPointARN)
|
78
|
-
signing_region = '*'
|
79
|
-
signing_algorithm = :sigv4a
|
80
|
-
else
|
81
|
-
signing_region = arn[:resolved_region]
|
82
|
-
signing_algorithm = :sigv4
|
83
|
-
end
|
84
|
-
S3Signer.build_v4_signer(
|
85
|
-
service: arn[:arn].service,
|
86
|
-
signing_algorithm: signing_algorithm,
|
87
|
-
region: signing_region,
|
88
|
-
credentials: context.config.credentials
|
89
|
-
)
|
90
|
-
elsif context.operation.name == 'WriteGetObjectResponse'
|
91
|
-
S3Signer.build_v4_signer(
|
92
|
-
service: 's3-object-lambda',
|
93
|
-
region: context.config.sigv4_region,
|
94
|
-
credentials: context.config.credentials
|
95
|
-
)
|
96
|
-
else
|
97
|
-
context.config.sigv4_signer
|
98
|
-
end
|
99
|
-
end
|
100
|
-
end
|
101
|
-
|
102
42
|
# This handler will update the http endpoint when the bucket region
|
103
43
|
# is known/cached.
|
104
44
|
class CachedBucketRegionHandler < Seahorse::Client::Handler
|
@@ -116,7 +56,7 @@ module Aws
|
|
116
56
|
context.http_request.endpoint.host = S3Signer.new_hostname(
|
117
57
|
context, cached_region
|
118
58
|
)
|
119
|
-
context[:
|
59
|
+
context[:sigv4_region] = cached_region # Sign plugin will use this
|
120
60
|
end
|
121
61
|
end
|
122
62
|
end
|
@@ -124,7 +64,8 @@ module Aws
|
|
124
64
|
# This handler detects when a request fails because of a mismatched bucket
|
125
65
|
# region. It follows up by making a request to determine the correct
|
126
66
|
# region, then finally a version 4 signed request against the correct
|
127
|
-
# regional endpoint.
|
67
|
+
# regional endpoint. This is intended for s3's global endpoint which
|
68
|
+
# will return 400 if the bucket is not in region.
|
128
69
|
class BucketRegionErrorHandler < Seahorse::Client::Handler
|
129
70
|
def call(context)
|
130
71
|
response = @handler.call(context)
|
@@ -136,7 +77,8 @@ module Aws
|
|
136
77
|
def handle_region_errors(response)
|
137
78
|
if wrong_sigv4_region?(response) &&
|
138
79
|
!fips_region?(response) &&
|
139
|
-
!custom_endpoint?(response)
|
80
|
+
!custom_endpoint?(response) &&
|
81
|
+
!expired_credentials?(response)
|
140
82
|
get_region_and_retry(response.context)
|
141
83
|
else
|
142
84
|
response
|
@@ -157,14 +99,20 @@ module Aws
|
|
157
99
|
end
|
158
100
|
|
159
101
|
def fips_region?(resp)
|
160
|
-
resp.context.http_request.endpoint.host.include?('fips')
|
102
|
+
resp.context.http_request.endpoint.host.include?('s3-fips.')
|
103
|
+
end
|
104
|
+
|
105
|
+
def expired_credentials?(resp)
|
106
|
+
resp.context.http_response.body_contents.match(/<Code>ExpiredToken<\/Code>/)
|
161
107
|
end
|
162
108
|
|
163
109
|
def custom_endpoint?(resp)
|
164
|
-
|
165
|
-
|
166
|
-
|
167
|
-
|
110
|
+
region = resp.context.config.region
|
111
|
+
partition = Aws::Endpoints::Matchers.aws_partition(region)
|
112
|
+
endpoint = resp.context.http_request.endpoint
|
113
|
+
|
114
|
+
!endpoint.hostname.include?(partition['dnsSuffix']) &&
|
115
|
+
!endpoint.hostname.include?(partition['dualStackDnsSuffix'])
|
168
116
|
end
|
169
117
|
|
170
118
|
def wrong_sigv4_region?(resp)
|
@@ -179,18 +127,14 @@ module Aws
|
|
179
127
|
context, actual_region
|
180
128
|
)
|
181
129
|
context.metadata[:redirect_region] = actual_region
|
182
|
-
|
183
|
-
|
184
|
-
|
185
|
-
|
186
|
-
|
187
|
-
context: context,
|
188
|
-
signer: S3Signer.build_v4_signer(
|
189
|
-
service: service || 's3',
|
190
|
-
region: actual_region,
|
191
|
-
credentials: context.config.credentials
|
192
|
-
)
|
130
|
+
|
131
|
+
signer = Aws::Plugins::Sign.signer_for(
|
132
|
+
context[:auth_scheme],
|
133
|
+
context.config,
|
134
|
+
actual_region
|
193
135
|
)
|
136
|
+
|
137
|
+
signer.sign(context)
|
194
138
|
end
|
195
139
|
|
196
140
|
def region_from_body(body)
|
@@ -216,33 +160,13 @@ module Aws
|
|
216
160
|
end
|
217
161
|
|
218
162
|
class << self
|
219
|
-
# @option options [required, String] :region
|
220
|
-
# @option options [required, #credentials] :credentials
|
221
|
-
# @api private
|
222
|
-
def build_v4_signer(options = {})
|
223
|
-
Aws::Sigv4::Signer.new(
|
224
|
-
service: options[:service],
|
225
|
-
region: options[:region],
|
226
|
-
credentials_provider: options[:credentials],
|
227
|
-
signing_algorithm: options.fetch(:signing_algorithm, :sigv4),
|
228
|
-
uri_escape_path: false,
|
229
|
-
unsigned_headers: ['content-length', 'x-amzn-trace-id']
|
230
|
-
)
|
231
|
-
end
|
232
|
-
|
233
|
-
# Check to see if the bucket is actually an ARN
|
234
|
-
# Otherwise it will retry with the ARN as the bucket name.
|
235
163
|
def new_hostname(context, region)
|
236
|
-
|
237
|
-
|
238
|
-
|
239
|
-
|
240
|
-
|
241
|
-
|
242
|
-
ARN.resolve_url!(uri, arn[:arn], region).host
|
243
|
-
else
|
244
|
-
"#{context.params[:bucket]}.#{uri.host}"
|
245
|
-
end
|
164
|
+
endpoint_params = context[:endpoint_params].dup
|
165
|
+
endpoint_params.region = region
|
166
|
+
endpoint_params.endpoint = nil
|
167
|
+
endpoint =
|
168
|
+
context.config.endpoint_provider.resolve_endpoint(endpoint_params)
|
169
|
+
URI(endpoint.url).host
|
246
170
|
end
|
247
171
|
end
|
248
172
|
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Aws
|
4
|
+
module S3
|
5
|
+
module Plugins
|
6
|
+
|
7
|
+
# S3 GetObject results for whole Multipart Objects contain a checksum
|
8
|
+
# that cannot be validated. These should be skipped by the
|
9
|
+
# ChecksumAlgorithm plugin.
|
10
|
+
class SkipWholeMultipartGetChecksums < Seahorse::Client::Plugin
|
11
|
+
|
12
|
+
class Handler < Seahorse::Client::Handler
|
13
|
+
|
14
|
+
def call(context)
|
15
|
+
context[:http_checksum] ||= {}
|
16
|
+
context[:http_checksum][:skip_on_suffix] = true
|
17
|
+
|
18
|
+
@handler.call(context)
|
19
|
+
end
|
20
|
+
|
21
|
+
end
|
22
|
+
|
23
|
+
handler(
|
24
|
+
Handler,
|
25
|
+
step: :initialize,
|
26
|
+
operations: [:get_object]
|
27
|
+
)
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
@@ -36,6 +36,17 @@ module Aws
|
|
36
36
|
def rewind; end
|
37
37
|
end
|
38
38
|
|
39
|
+
class NonRetryableStreamingError < StandardError
|
40
|
+
|
41
|
+
def initialize(error)
|
42
|
+
super('Unable to retry request - retry could result in processing duplicated chunks.')
|
43
|
+
set_backtrace(error.backtrace)
|
44
|
+
@original_error = error
|
45
|
+
end
|
46
|
+
|
47
|
+
attr_reader :original_error
|
48
|
+
end
|
49
|
+
|
39
50
|
# This handler works with the ResponseTarget plugin to provide smart
|
40
51
|
# retries of S3 streaming operations that support the range parameter
|
41
52
|
# (currently only: get_object). When a 200 OK with a TruncatedBodyError
|
@@ -84,8 +95,18 @@ module Aws
|
|
84
95
|
end
|
85
96
|
|
86
97
|
context.http_response.on_error do |error|
|
87
|
-
if retryable_body?(context)
|
88
|
-
|
98
|
+
if retryable_body?(context)
|
99
|
+
if truncated_body?(error)
|
100
|
+
context.http_request.headers[:range] = "bytes=#{context.http_response.body.size}-"
|
101
|
+
else
|
102
|
+
case context.http_response.body
|
103
|
+
when RetryableManagedFile
|
104
|
+
# call rewind on the underlying file
|
105
|
+
context.http_response.body.instance_variable_get(:@file).rewind
|
106
|
+
else
|
107
|
+
raise NonRetryableStreamingError, error
|
108
|
+
end
|
109
|
+
end
|
89
110
|
end
|
90
111
|
end
|
91
112
|
end
|