aws-sdk-s3 1.114.0 → 1.117.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,262 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+
11
+ module Aws::S3
12
+ module Plugins
13
+ class Endpoints < Seahorse::Client::Plugin
14
+ option(
15
+ :endpoint_provider,
16
+ doc_type: 'Aws::S3::EndpointProvider',
17
+ docstring: 'The endpoint provider used to resolve endpoints. Any '\
18
+ 'object that responds to `#resolve_endpoint(parameters)` '\
19
+ 'where `parameters` is a Struct similar to '\
20
+ '`Aws::S3::EndpointParameters`'
21
+ ) do |cfg|
22
+ Aws::S3::EndpointProvider.new
23
+ end
24
+
25
+ # @api private
26
+ class Handler < Seahorse::Client::Handler
27
+ def call(context)
28
+ # If endpoint was discovered, do not resolve or apply the endpoint.
29
+ unless context[:discovered_endpoint]
30
+ params = parameters_for_operation(context)
31
+ endpoint = context.config.endpoint_provider.resolve_endpoint(params)
32
+
33
+ context.http_request.endpoint = endpoint.url
34
+ apply_endpoint_headers(context, endpoint.headers)
35
+ end
36
+
37
+ context[:endpoint_params] = params
38
+ context[:auth_scheme] =
39
+ Aws::Endpoints.resolve_auth_scheme(context, endpoint)
40
+
41
+ @handler.call(context)
42
+ end
43
+
44
+ private
45
+
46
+ def apply_endpoint_headers(context, headers)
47
+ headers.each do |key, values|
48
+ value = values
49
+ .compact
50
+ .map { |s| Seahorse::Util.escape_header_list_string(s.to_s) }
51
+ .join(',')
52
+
53
+ context.http_request.headers[key] = value
54
+ end
55
+ end
56
+
57
+ def parameters_for_operation(context)
58
+ case context.operation_name
59
+ when :abort_multipart_upload
60
+ Aws::S3::Endpoints::AbortMultipartUpload.build(context)
61
+ when :complete_multipart_upload
62
+ Aws::S3::Endpoints::CompleteMultipartUpload.build(context)
63
+ when :copy_object
64
+ Aws::S3::Endpoints::CopyObject.build(context)
65
+ when :create_bucket
66
+ Aws::S3::Endpoints::CreateBucket.build(context)
67
+ when :create_multipart_upload
68
+ Aws::S3::Endpoints::CreateMultipartUpload.build(context)
69
+ when :delete_bucket
70
+ Aws::S3::Endpoints::DeleteBucket.build(context)
71
+ when :delete_bucket_analytics_configuration
72
+ Aws::S3::Endpoints::DeleteBucketAnalyticsConfiguration.build(context)
73
+ when :delete_bucket_cors
74
+ Aws::S3::Endpoints::DeleteBucketCors.build(context)
75
+ when :delete_bucket_encryption
76
+ Aws::S3::Endpoints::DeleteBucketEncryption.build(context)
77
+ when :delete_bucket_intelligent_tiering_configuration
78
+ Aws::S3::Endpoints::DeleteBucketIntelligentTieringConfiguration.build(context)
79
+ when :delete_bucket_inventory_configuration
80
+ Aws::S3::Endpoints::DeleteBucketInventoryConfiguration.build(context)
81
+ when :delete_bucket_lifecycle
82
+ Aws::S3::Endpoints::DeleteBucketLifecycle.build(context)
83
+ when :delete_bucket_metrics_configuration
84
+ Aws::S3::Endpoints::DeleteBucketMetricsConfiguration.build(context)
85
+ when :delete_bucket_ownership_controls
86
+ Aws::S3::Endpoints::DeleteBucketOwnershipControls.build(context)
87
+ when :delete_bucket_policy
88
+ Aws::S3::Endpoints::DeleteBucketPolicy.build(context)
89
+ when :delete_bucket_replication
90
+ Aws::S3::Endpoints::DeleteBucketReplication.build(context)
91
+ when :delete_bucket_tagging
92
+ Aws::S3::Endpoints::DeleteBucketTagging.build(context)
93
+ when :delete_bucket_website
94
+ Aws::S3::Endpoints::DeleteBucketWebsite.build(context)
95
+ when :delete_object
96
+ Aws::S3::Endpoints::DeleteObject.build(context)
97
+ when :delete_object_tagging
98
+ Aws::S3::Endpoints::DeleteObjectTagging.build(context)
99
+ when :delete_objects
100
+ Aws::S3::Endpoints::DeleteObjects.build(context)
101
+ when :delete_public_access_block
102
+ Aws::S3::Endpoints::DeletePublicAccessBlock.build(context)
103
+ when :get_bucket_accelerate_configuration
104
+ Aws::S3::Endpoints::GetBucketAccelerateConfiguration.build(context)
105
+ when :get_bucket_acl
106
+ Aws::S3::Endpoints::GetBucketAcl.build(context)
107
+ when :get_bucket_analytics_configuration
108
+ Aws::S3::Endpoints::GetBucketAnalyticsConfiguration.build(context)
109
+ when :get_bucket_cors
110
+ Aws::S3::Endpoints::GetBucketCors.build(context)
111
+ when :get_bucket_encryption
112
+ Aws::S3::Endpoints::GetBucketEncryption.build(context)
113
+ when :get_bucket_intelligent_tiering_configuration
114
+ Aws::S3::Endpoints::GetBucketIntelligentTieringConfiguration.build(context)
115
+ when :get_bucket_inventory_configuration
116
+ Aws::S3::Endpoints::GetBucketInventoryConfiguration.build(context)
117
+ when :get_bucket_lifecycle
118
+ Aws::S3::Endpoints::GetBucketLifecycle.build(context)
119
+ when :get_bucket_lifecycle_configuration
120
+ Aws::S3::Endpoints::GetBucketLifecycleConfiguration.build(context)
121
+ when :get_bucket_location
122
+ Aws::S3::Endpoints::GetBucketLocation.build(context)
123
+ when :get_bucket_logging
124
+ Aws::S3::Endpoints::GetBucketLogging.build(context)
125
+ when :get_bucket_metrics_configuration
126
+ Aws::S3::Endpoints::GetBucketMetricsConfiguration.build(context)
127
+ when :get_bucket_notification
128
+ Aws::S3::Endpoints::GetBucketNotification.build(context)
129
+ when :get_bucket_notification_configuration
130
+ Aws::S3::Endpoints::GetBucketNotificationConfiguration.build(context)
131
+ when :get_bucket_ownership_controls
132
+ Aws::S3::Endpoints::GetBucketOwnershipControls.build(context)
133
+ when :get_bucket_policy
134
+ Aws::S3::Endpoints::GetBucketPolicy.build(context)
135
+ when :get_bucket_policy_status
136
+ Aws::S3::Endpoints::GetBucketPolicyStatus.build(context)
137
+ when :get_bucket_replication
138
+ Aws::S3::Endpoints::GetBucketReplication.build(context)
139
+ when :get_bucket_request_payment
140
+ Aws::S3::Endpoints::GetBucketRequestPayment.build(context)
141
+ when :get_bucket_tagging
142
+ Aws::S3::Endpoints::GetBucketTagging.build(context)
143
+ when :get_bucket_versioning
144
+ Aws::S3::Endpoints::GetBucketVersioning.build(context)
145
+ when :get_bucket_website
146
+ Aws::S3::Endpoints::GetBucketWebsite.build(context)
147
+ when :get_object
148
+ Aws::S3::Endpoints::GetObject.build(context)
149
+ when :get_object_acl
150
+ Aws::S3::Endpoints::GetObjectAcl.build(context)
151
+ when :get_object_attributes
152
+ Aws::S3::Endpoints::GetObjectAttributes.build(context)
153
+ when :get_object_legal_hold
154
+ Aws::S3::Endpoints::GetObjectLegalHold.build(context)
155
+ when :get_object_lock_configuration
156
+ Aws::S3::Endpoints::GetObjectLockConfiguration.build(context)
157
+ when :get_object_retention
158
+ Aws::S3::Endpoints::GetObjectRetention.build(context)
159
+ when :get_object_tagging
160
+ Aws::S3::Endpoints::GetObjectTagging.build(context)
161
+ when :get_object_torrent
162
+ Aws::S3::Endpoints::GetObjectTorrent.build(context)
163
+ when :get_public_access_block
164
+ Aws::S3::Endpoints::GetPublicAccessBlock.build(context)
165
+ when :head_bucket
166
+ Aws::S3::Endpoints::HeadBucket.build(context)
167
+ when :head_object
168
+ Aws::S3::Endpoints::HeadObject.build(context)
169
+ when :list_bucket_analytics_configurations
170
+ Aws::S3::Endpoints::ListBucketAnalyticsConfigurations.build(context)
171
+ when :list_bucket_intelligent_tiering_configurations
172
+ Aws::S3::Endpoints::ListBucketIntelligentTieringConfigurations.build(context)
173
+ when :list_bucket_inventory_configurations
174
+ Aws::S3::Endpoints::ListBucketInventoryConfigurations.build(context)
175
+ when :list_bucket_metrics_configurations
176
+ Aws::S3::Endpoints::ListBucketMetricsConfigurations.build(context)
177
+ when :list_buckets
178
+ Aws::S3::Endpoints::ListBuckets.build(context)
179
+ when :list_multipart_uploads
180
+ Aws::S3::Endpoints::ListMultipartUploads.build(context)
181
+ when :list_object_versions
182
+ Aws::S3::Endpoints::ListObjectVersions.build(context)
183
+ when :list_objects
184
+ Aws::S3::Endpoints::ListObjects.build(context)
185
+ when :list_objects_v2
186
+ Aws::S3::Endpoints::ListObjectsV2.build(context)
187
+ when :list_parts
188
+ Aws::S3::Endpoints::ListParts.build(context)
189
+ when :put_bucket_accelerate_configuration
190
+ Aws::S3::Endpoints::PutBucketAccelerateConfiguration.build(context)
191
+ when :put_bucket_acl
192
+ Aws::S3::Endpoints::PutBucketAcl.build(context)
193
+ when :put_bucket_analytics_configuration
194
+ Aws::S3::Endpoints::PutBucketAnalyticsConfiguration.build(context)
195
+ when :put_bucket_cors
196
+ Aws::S3::Endpoints::PutBucketCors.build(context)
197
+ when :put_bucket_encryption
198
+ Aws::S3::Endpoints::PutBucketEncryption.build(context)
199
+ when :put_bucket_intelligent_tiering_configuration
200
+ Aws::S3::Endpoints::PutBucketIntelligentTieringConfiguration.build(context)
201
+ when :put_bucket_inventory_configuration
202
+ Aws::S3::Endpoints::PutBucketInventoryConfiguration.build(context)
203
+ when :put_bucket_lifecycle
204
+ Aws::S3::Endpoints::PutBucketLifecycle.build(context)
205
+ when :put_bucket_lifecycle_configuration
206
+ Aws::S3::Endpoints::PutBucketLifecycleConfiguration.build(context)
207
+ when :put_bucket_logging
208
+ Aws::S3::Endpoints::PutBucketLogging.build(context)
209
+ when :put_bucket_metrics_configuration
210
+ Aws::S3::Endpoints::PutBucketMetricsConfiguration.build(context)
211
+ when :put_bucket_notification
212
+ Aws::S3::Endpoints::PutBucketNotification.build(context)
213
+ when :put_bucket_notification_configuration
214
+ Aws::S3::Endpoints::PutBucketNotificationConfiguration.build(context)
215
+ when :put_bucket_ownership_controls
216
+ Aws::S3::Endpoints::PutBucketOwnershipControls.build(context)
217
+ when :put_bucket_policy
218
+ Aws::S3::Endpoints::PutBucketPolicy.build(context)
219
+ when :put_bucket_replication
220
+ Aws::S3::Endpoints::PutBucketReplication.build(context)
221
+ when :put_bucket_request_payment
222
+ Aws::S3::Endpoints::PutBucketRequestPayment.build(context)
223
+ when :put_bucket_tagging
224
+ Aws::S3::Endpoints::PutBucketTagging.build(context)
225
+ when :put_bucket_versioning
226
+ Aws::S3::Endpoints::PutBucketVersioning.build(context)
227
+ when :put_bucket_website
228
+ Aws::S3::Endpoints::PutBucketWebsite.build(context)
229
+ when :put_object
230
+ Aws::S3::Endpoints::PutObject.build(context)
231
+ when :put_object_acl
232
+ Aws::S3::Endpoints::PutObjectAcl.build(context)
233
+ when :put_object_legal_hold
234
+ Aws::S3::Endpoints::PutObjectLegalHold.build(context)
235
+ when :put_object_lock_configuration
236
+ Aws::S3::Endpoints::PutObjectLockConfiguration.build(context)
237
+ when :put_object_retention
238
+ Aws::S3::Endpoints::PutObjectRetention.build(context)
239
+ when :put_object_tagging
240
+ Aws::S3::Endpoints::PutObjectTagging.build(context)
241
+ when :put_public_access_block
242
+ Aws::S3::Endpoints::PutPublicAccessBlock.build(context)
243
+ when :restore_object
244
+ Aws::S3::Endpoints::RestoreObject.build(context)
245
+ when :select_object_content
246
+ Aws::S3::Endpoints::SelectObjectContent.build(context)
247
+ when :upload_part
248
+ Aws::S3::Endpoints::UploadPart.build(context)
249
+ when :upload_part_copy
250
+ Aws::S3::Endpoints::UploadPartCopy.build(context)
251
+ when :write_get_object_response
252
+ Aws::S3::Endpoints::WriteGetObjectResponse.build(context)
253
+ end
254
+ end
255
+ end
256
+
257
+ def add_handlers(handlers, _config)
258
+ handlers.add(Handler, step: :build, priority: 75)
259
+ end
260
+ end
261
+ end
262
+ end
@@ -16,7 +16,8 @@ module Aws
16
16
 
17
17
  def call(context)
18
18
  body = context.http_request.body
19
- if body.respond_to?(:size) && body.size > 0
19
+ if body.respond_to?(:size) && body.size > 0 &&
20
+ !context[:use_accelerate_endpoint]
20
21
  context.http_request.headers['expect'] = '100-continue'
21
22
  end
22
23
  @handler.call(context)
@@ -16,35 +16,6 @@ Defaults to `legacy` mode which uses the global endpoint.
16
16
  resolve_iad_regional_endpoint(cfg)
17
17
  end
18
18
 
19
- def add_handlers(handlers, config)
20
- # only modify non-custom endpoints
21
- if config.regional_endpoint && config.region == 'us-east-1'
22
- handlers.add(Handler)
23
- end
24
- end
25
-
26
- # @api private
27
- class Handler < Seahorse::Client::Handler
28
-
29
- def call(context)
30
- # WriteGetObjectResponse does not have a global endpoint
31
- # ARNs are regionalized, so don't touch those either.
32
- if context.operation.name != 'WriteGetObjectResponse' &&
33
- context.config.s3_us_east_1_regional_endpoint == 'legacy' &&
34
- !context.metadata[:s3_arn]
35
- host = context.http_request.endpoint.host
36
- legacy_host = IADRegionalEndpoint.legacy_host(host)
37
- context.http_request.endpoint.host = legacy_host
38
- end
39
- @handler.call(context)
40
- end
41
-
42
- end
43
-
44
- def self.legacy_host(host)
45
- host.sub(".us-east-1", '')
46
- end
47
-
48
19
  private
49
20
 
50
21
  def self.resolve_iad_regional_endpoint(cfg)
@@ -5,28 +5,13 @@ require 'aws-sigv4'
5
5
  module Aws
6
6
  module S3
7
7
  module Plugins
8
- # This plugin is an implementation detail and may be modified.
8
+ # This plugin used to have a V4 signer but it was removed in favor of
9
+ # generic Sign plugin that uses endpoint auth scheme.
10
+ #
9
11
  # @api private
10
12
  class S3Signer < Seahorse::Client::Plugin
11
13
  option(:signature_version, 'v4')
12
14
 
13
- option(:sigv4_signer) do |cfg|
14
- S3Signer.build_v4_signer(
15
- service: 's3',
16
- region: cfg.sigv4_region,
17
- credentials: cfg.credentials
18
- )
19
- end
20
-
21
- option(:sigv4_region) do |cfg|
22
- # S3 removes core's signature_v4 plugin that checks for this
23
- raise Aws::Errors::MissingRegionError if cfg.region.nil?
24
-
25
- Aws::Partitions::EndpointProvider.signing_region(
26
- cfg.region, 's3'
27
- )
28
- end
29
-
30
15
  def add_handlers(handlers, cfg)
31
16
  case cfg.signature_version
32
17
  when 'v4' then add_v4_handlers(handlers)
@@ -39,11 +24,11 @@ module Aws
39
24
 
40
25
  def add_v4_handlers(handlers)
41
26
  handlers.add(CachedBucketRegionHandler, step: :sign, priority: 60)
42
- handlers.add(V4Handler, step: :sign)
43
27
  handlers.add(BucketRegionErrorHandler, step: :sign, priority: 40)
44
28
  end
45
29
 
46
30
  def add_legacy_handler(handlers)
31
+ # generic Sign plugin will be skipped if it sees sigv2
47
32
  handlers.add(LegacyHandler, step: :sign)
48
33
  end
49
34
 
@@ -54,53 +39,6 @@ module Aws
54
39
  end
55
40
  end
56
41
 
57
- class V4Handler < Seahorse::Client::Handler
58
- def call(context)
59
- Aws::Plugins::SignatureV4.apply_signature(
60
- context: context,
61
- signer: sigv4_signer(context)
62
- )
63
- @handler.call(context)
64
- end
65
-
66
- private
67
-
68
- def sigv4_signer(context)
69
- # If the client was configured with the wrong region,
70
- # we have to build a new signer.
71
- if context[:cached_sigv4_region] &&
72
- context[:cached_sigv4_region] != context.config.sigv4_signer.region
73
- S3Signer.build_v4_signer(
74
- service: 's3',
75
- region: context[:cached_sigv4_region],
76
- credentials: context.config.credentials
77
- )
78
- elsif (arn = context.metadata[:s3_arn])
79
- if arn[:arn].is_a?(MultiRegionAccessPointARN)
80
- signing_region = '*'
81
- signing_algorithm = :sigv4a
82
- else
83
- signing_region = arn[:resolved_region]
84
- signing_algorithm = :sigv4
85
- end
86
- S3Signer.build_v4_signer(
87
- service: arn[:arn].service,
88
- signing_algorithm: signing_algorithm,
89
- region: signing_region,
90
- credentials: context.config.credentials
91
- )
92
- elsif context.operation.name == 'WriteGetObjectResponse'
93
- S3Signer.build_v4_signer(
94
- service: 's3-object-lambda',
95
- region: context.config.sigv4_region,
96
- credentials: context.config.credentials
97
- )
98
- else
99
- context.config.sigv4_signer
100
- end
101
- end
102
- end
103
-
104
42
  # This handler will update the http endpoint when the bucket region
105
43
  # is known/cached.
106
44
  class CachedBucketRegionHandler < Seahorse::Client::Handler
@@ -118,7 +56,7 @@ module Aws
118
56
  context.http_request.endpoint.host = S3Signer.new_hostname(
119
57
  context, cached_region
120
58
  )
121
- context[:cached_sigv4_region] = cached_region
59
+ context[:sigv4_region] = cached_region # Sign plugin will use this
122
60
  end
123
61
  end
124
62
  end
@@ -126,7 +64,8 @@ module Aws
126
64
  # This handler detects when a request fails because of a mismatched bucket
127
65
  # region. It follows up by making a request to determine the correct
128
66
  # region, then finally a version 4 signed request against the correct
129
- # regional endpoint.
67
+ # regional endpoint. This is intended for s3's global endpoint which
68
+ # will return 400 if the bucket is not in region.
130
69
  class BucketRegionErrorHandler < Seahorse::Client::Handler
131
70
  def call(context)
132
71
  response = @handler.call(context)
@@ -160,7 +99,7 @@ module Aws
160
99
  end
161
100
 
162
101
  def fips_region?(resp)
163
- resp.context.http_request.endpoint.host.include?('fips')
102
+ resp.context.http_request.endpoint.host.include?('s3-fips.')
164
103
  end
165
104
 
166
105
  def expired_credentials?(resp)
@@ -168,15 +107,12 @@ module Aws
168
107
  end
169
108
 
170
109
  def custom_endpoint?(resp)
171
- resolved_suffix = Aws::Partitions::EndpointProvider.dns_suffix_for(
172
- resp.context.config.region,
173
- 's3',
174
- {
175
- dualstack: resp.context[:use_dualstack_endpoint],
176
- fips: resp.context.config.use_fips_endpoint
177
- }
178
- )
179
- !resp.context.http_request.endpoint.hostname.include?(resolved_suffix)
110
+ region = resp.context.config.region
111
+ partition = Aws::Endpoints::Matchers.aws_partition(region)
112
+ endpoint = resp.context.http_request.endpoint
113
+
114
+ !endpoint.hostname.include?(partition['dnsSuffix']) &&
115
+ !endpoint.hostname.include?(partition['dualStackDnsSuffix'])
180
116
  end
181
117
 
182
118
  def wrong_sigv4_region?(resp)
@@ -191,18 +127,14 @@ module Aws
191
127
  context, actual_region
192
128
  )
193
129
  context.metadata[:redirect_region] = actual_region
194
- # if it's an ARN, use the service in the ARN
195
- if (arn = context.metadata[:s3_arn])
196
- service = arn[:arn].service
197
- end
198
- Aws::Plugins::SignatureV4.apply_signature(
199
- context: context,
200
- signer: S3Signer.build_v4_signer(
201
- service: service || 's3',
202
- region: actual_region,
203
- credentials: context.config.credentials
204
- )
130
+
131
+ signer = Aws::Plugins::Sign.signer_for(
132
+ context[:auth_scheme],
133
+ context.config,
134
+ actual_region
205
135
  )
136
+
137
+ signer.sign(context)
206
138
  end
207
139
 
208
140
  def region_from_body(body)
@@ -228,41 +160,13 @@ module Aws
228
160
  end
229
161
 
230
162
  class << self
231
- # @option options [required, String] :region
232
- # @option options [required, #credentials] :credentials
233
- # @api private
234
- def build_v4_signer(options = {})
235
- Aws::Sigv4::Signer.new(
236
- service: options[:service],
237
- region: options[:region],
238
- credentials_provider: options[:credentials],
239
- signing_algorithm: options.fetch(:signing_algorithm, :sigv4),
240
- uri_escape_path: false,
241
- unsigned_headers: ['content-length', 'x-amzn-trace-id']
242
- )
243
- end
244
-
245
- # Check to see if the bucket is actually an ARN
246
- # Otherwise it will retry with the ARN as the bucket name.
247
163
  def new_hostname(context, region)
248
- uri = URI.parse(
249
- Aws::Partitions::EndpointProvider.resolve(
250
- region, 's3', 'regional',
251
- {
252
- dualstack: context[:use_dualstack_endpoint],
253
- fips: context.config.use_fips_endpoint
254
- }
255
- )
256
- )
257
-
258
- if (arn = context.metadata[:s3_arn])
259
- # Retry with the response region and not the ARN resolved one
260
- ARN.resolve_url!(
261
- uri, arn[:arn], region, arn[:fips], arn[:dualstack]
262
- ).host
263
- else
264
- "#{context.params[:bucket]}.#{uri.host}"
265
- end
164
+ endpoint_params = context[:endpoint_params].dup
165
+ endpoint_params.region = region
166
+ endpoint_params.endpoint = nil
167
+ endpoint =
168
+ context.config.endpoint_provider.resolve_endpoint(endpoint_params)
169
+ URI(endpoint.url).host
266
170
  end
267
171
  end
268
172
  end
@@ -629,22 +629,15 @@ module Aws
629
629
  end
630
630
 
631
631
  def bucket_url
632
- url = Aws::Partitions::EndpointProvider.resolve(@bucket_region, 's3')
633
- url = URI.parse(url)
634
- if Plugins::BucketDns.dns_compatible?(@bucket_name, _ssl = true)
635
- if @accelerate
636
- url.host = "#{@bucket_name}.s3-accelerate.amazonaws.com"
637
- else
638
- url.host = "#{@bucket_name}.#{url.host}"
639
- end
640
- else
641
- url.path = "/#{@bucket_name}"
642
- end
643
- if @bucket_region == 'us-east-1'
644
- # keep legacy behavior by default
645
- url.host = Plugins::IADRegionalEndpoint.legacy_host(url.host)
646
- end
647
- url.to_s
632
+ # Taken from Aws::S3::Endpoints module
633
+ params = Aws::S3::EndpointParameters.new(
634
+ bucket: @bucket_name,
635
+ region: @bucket_region,
636
+ accelerate: @accelerate,
637
+ use_global_endpoint: true
638
+ )
639
+ endpoint = Aws::S3::EndpointProvider.new.resolve_endpoint(params)
640
+ endpoint.url
648
641
  end
649
642
 
650
643
  # @return [Hash]
@@ -133,7 +133,7 @@ module Aws
133
133
  virtual_host = params.delete(:virtual_host)
134
134
  time = params.delete(:time)
135
135
  unsigned_headers = unsigned_headers(params)
136
- scheme = http_scheme(params)
136
+ secure = params.delete(:secure) != false
137
137
  expires_in = expires_in(params)
138
138
 
139
139
  req = @client.build_request(method, params)
@@ -141,7 +141,7 @@ module Aws
141
141
  handle_presigned_url_context(req)
142
142
 
143
143
  x_amz_headers = sign_but_dont_send(
144
- req, expires_in, scheme, time, unsigned_headers, hoist
144
+ req, expires_in, secure, time, unsigned_headers, hoist
145
145
  )
146
146
  [req.send_request.data, x_amz_headers]
147
147
  end
@@ -151,14 +151,6 @@ module Aws
151
151
  BLACKLISTED_HEADERS - whitelist_headers
152
152
  end
153
153
 
154
- def http_scheme(params)
155
- if params.delete(:secure) == false
156
- 'http'
157
- else
158
- @client.config.endpoint.scheme
159
- end
160
- end
161
-
162
154
  def expires_in(params)
163
155
  if (expires_in = params.delete(:expires_in))
164
156
  if expires_in > ONE_WEEK
@@ -175,8 +167,7 @@ module Aws
175
167
  end
176
168
 
177
169
  def use_bucket_as_hostname(req)
178
- req.handlers.remove(Plugins::BucketDns::Handler)
179
- req.handle do |context|
170
+ req.handle(priority: 35) do |context|
180
171
  uri = context.http_request.endpoint
181
172
  uri.host = context.params[:bucket]
182
173
  uri.path.sub!("/#{context.params[:bucket]}", '')
@@ -197,23 +188,20 @@ module Aws
197
188
 
198
189
  # @param [Seahorse::Client::Request] req
199
190
  def sign_but_dont_send(
200
- req, expires_in, scheme, time, unsigned_headers, hoist = true
191
+ req, expires_in, secure, time, unsigned_headers, hoist = true
201
192
  )
202
193
  x_amz_headers = {}
203
194
 
204
195
  http_req = req.context.http_request
205
196
 
206
197
  req.handlers.remove(Aws::S3::Plugins::S3Signer::LegacyHandler)
207
- req.handlers.remove(Aws::S3::Plugins::S3Signer::V4Handler)
198
+ req.handlers.remove(Aws::Plugins::Sign::Handler)
208
199
  req.handlers.remove(Seahorse::Client::Plugins::ContentLength::Handler)
209
200
 
210
201
  req.handle(step: :send) do |context|
211
- if scheme != http_req.endpoint.scheme
212
- endpoint = http_req.endpoint.dup
213
- endpoint.scheme = scheme
214
- endpoint.port = (scheme == 'http' ? 80 : 443)
215
- http_req.endpoint = URI.parse(endpoint.to_s)
216
- end
202
+ # preserve existing scheme if default
203
+ http_req.endpoint.scheme = secure ? context.config.endpoint.scheme : 'http'
204
+ http_req.endpoint.port = secure ? 443 : 80
217
205
 
218
206
  query = http_req.endpoint.query ? http_req.endpoint.query.split('&') : []
219
207
  http_req.headers.each do |key, value|
@@ -231,24 +219,21 @@ module Aws
231
219
  end
232
220
  http_req.endpoint.query = query.join('&') unless query.empty?
233
221
 
234
- signing_algorithm = :sigv4
235
-
236
- # If it's an ARN, get the resolved region and service
237
- if (arn = context.metadata[:s3_arn])
238
- region = arn[:resolved_region]
239
- service = arn[:arn].service
240
- region = arn[:arn].is_a?(MultiRegionAccessPointARN) ? '*': arn[:resolved_region]
241
- signing_algorithm = arn[:arn].is_a?(MultiRegionAccessPointARN) ? :sigv4a : :sigv4
242
- end
243
-
222
+ auth_scheme = context[:auth_scheme]
223
+ scheme_name = auth_scheme['name']
224
+ region = if scheme_name == 'sigv4a'
225
+ auth_scheme['signingRegionSet'].first
226
+ else
227
+ auth_scheme['signingRegion']
228
+ end
244
229
  signer = Aws::Sigv4::Signer.new(
245
- service: service || 's3',
230
+ service: auth_scheme['signingName'] || 's3',
246
231
  region: region || context.config.region,
247
- signing_algorithm: signing_algorithm,
248
232
  credentials_provider: context.config.credentials,
233
+ signing_algorithm: scheme_name.to_sym,
234
+ uri_escape_path: !!!auth_scheme['disableDoubleEncoding'],
249
235
  unsigned_headers: unsigned_headers,
250
- apply_checksum_header: false,
251
- uri_escape_path: false
236
+ apply_checksum_header: false
252
237
  )
253
238
 
254
239
  url = signer.presign_url(
@@ -41,7 +41,7 @@ module Aws::S3
41
41
  # acl: "private", # accepts private, public-read, public-read-write, authenticated-read
42
42
  # bucket: "BucketName", # required
43
43
  # create_bucket_configuration: {
44
- # location_constraint: "af-south-1", # accepts af-south-1, ap-east-1, ap-northeast-1, ap-northeast-2, ap-northeast-3, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, cn-north-1, cn-northwest-1, EU, eu-central-1, eu-north-1, eu-south-1, eu-west-1, eu-west-2, eu-west-3, me-south-1, sa-east-1, us-east-2, us-gov-east-1, us-gov-west-1, us-west-1, us-west-2
44
+ # location_constraint: "af-south-1", # accepts af-south-1, ap-east-1, ap-northeast-1, ap-northeast-2, ap-northeast-3, ap-south-1, ap-southeast-1, ap-southeast-2, ap-southeast-3, ca-central-1, cn-north-1, cn-northwest-1, EU, eu-central-1, eu-north-1, eu-south-1, eu-west-1, eu-west-2, eu-west-3, me-south-1, sa-east-1, us-east-2, us-gov-east-1, us-gov-west-1, us-west-1, us-west-2
45
45
  # },
46
46
  # grant_full_control: "GrantFullControl",
47
47
  # grant_read: "GrantRead",