aws-sdk-s3 1.114.0 → 1.136.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (61) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +163 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-s3/bucket.rb +123 -61
  5. data/lib/aws-sdk-s3/bucket_acl.rb +9 -3
  6. data/lib/aws-sdk-s3/bucket_cors.rb +12 -4
  7. data/lib/aws-sdk-s3/bucket_lifecycle.rb +12 -4
  8. data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb +12 -4
  9. data/lib/aws-sdk-s3/bucket_logging.rb +9 -3
  10. data/lib/aws-sdk-s3/bucket_notification.rb +9 -3
  11. data/lib/aws-sdk-s3/bucket_policy.rb +12 -4
  12. data/lib/aws-sdk-s3/bucket_request_payment.rb +9 -3
  13. data/lib/aws-sdk-s3/bucket_tagging.rb +12 -4
  14. data/lib/aws-sdk-s3/bucket_versioning.rb +15 -5
  15. data/lib/aws-sdk-s3/bucket_website.rb +12 -4
  16. data/lib/aws-sdk-s3/client.rb +2084 -1724
  17. data/lib/aws-sdk-s3/client_api.rb +213 -189
  18. data/lib/aws-sdk-s3/customizations/bucket.rb +23 -47
  19. data/lib/aws-sdk-s3/customizations/errors.rb +27 -0
  20. data/lib/aws-sdk-s3/customizations/object.rb +95 -19
  21. data/lib/aws-sdk-s3/customizations/types/permanent_redirect.rb +26 -0
  22. data/lib/aws-sdk-s3/customizations.rb +2 -0
  23. data/lib/aws-sdk-s3/encryption/client.rb +6 -2
  24. data/lib/aws-sdk-s3/encryption/kms_cipher_provider.rb +13 -9
  25. data/lib/aws-sdk-s3/encryptionV2/client.rb +6 -2
  26. data/lib/aws-sdk-s3/encryptionV2/decrypt_handler.rb +1 -0
  27. data/lib/aws-sdk-s3/encryptionV2/kms_cipher_provider.rb +10 -6
  28. data/lib/aws-sdk-s3/endpoint_parameters.rb +146 -0
  29. data/lib/aws-sdk-s3/endpoint_provider.rb +509 -0
  30. data/lib/aws-sdk-s3/endpoints.rb +2150 -0
  31. data/lib/aws-sdk-s3/file_downloader.rb +170 -44
  32. data/lib/aws-sdk-s3/file_uploader.rb +8 -6
  33. data/lib/aws-sdk-s3/multipart_stream_uploader.rb +41 -13
  34. data/lib/aws-sdk-s3/multipart_upload.rb +27 -13
  35. data/lib/aws-sdk-s3/multipart_upload_part.rb +20 -10
  36. data/lib/aws-sdk-s3/object.rb +156 -110
  37. data/lib/aws-sdk-s3/object_acl.rb +14 -6
  38. data/lib/aws-sdk-s3/object_copier.rb +7 -5
  39. data/lib/aws-sdk-s3/object_multipart_copier.rb +41 -19
  40. data/lib/aws-sdk-s3/object_summary.rb +149 -94
  41. data/lib/aws-sdk-s3/object_version.rb +55 -21
  42. data/lib/aws-sdk-s3/plugins/accelerate.rb +3 -50
  43. data/lib/aws-sdk-s3/plugins/arn.rb +0 -184
  44. data/lib/aws-sdk-s3/plugins/bucket_dns.rb +3 -39
  45. data/lib/aws-sdk-s3/plugins/bucket_name_restrictions.rb +1 -6
  46. data/lib/aws-sdk-s3/plugins/dualstack.rb +1 -49
  47. data/lib/aws-sdk-s3/plugins/endpoints.rb +262 -0
  48. data/lib/aws-sdk-s3/plugins/expect_100_continue.rb +2 -1
  49. data/lib/aws-sdk-s3/plugins/iad_regional_endpoint.rb +0 -29
  50. data/lib/aws-sdk-s3/plugins/s3_signer.rb +32 -126
  51. data/lib/aws-sdk-s3/presigned_post.rb +61 -59
  52. data/lib/aws-sdk-s3/presigner.rb +24 -35
  53. data/lib/aws-sdk-s3/resource.rb +7 -3
  54. data/lib/aws-sdk-s3/types.rb +858 -4125
  55. data/lib/aws-sdk-s3.rb +5 -1
  56. metadata +12 -11
  57. data/lib/aws-sdk-s3/arn/access_point_arn.rb +0 -69
  58. data/lib/aws-sdk-s3/arn/multi_region_access_point_arn.rb +0 -68
  59. data/lib/aws-sdk-s3/arn/object_lambda_arn.rb +0 -69
  60. data/lib/aws-sdk-s3/arn/outpost_access_point_arn.rb +0 -74
  61. data/lib/aws-sdk-s3/plugins/object_lambda_endpoint.rb +0 -25
@@ -0,0 +1,262 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+
11
+ module Aws::S3
12
+ module Plugins
13
+ class Endpoints < Seahorse::Client::Plugin
14
+ option(
15
+ :endpoint_provider,
16
+ doc_type: 'Aws::S3::EndpointProvider',
17
+ docstring: 'The endpoint provider used to resolve endpoints. Any '\
18
+ 'object that responds to `#resolve_endpoint(parameters)` '\
19
+ 'where `parameters` is a Struct similar to '\
20
+ '`Aws::S3::EndpointParameters`'
21
+ ) do |cfg|
22
+ Aws::S3::EndpointProvider.new
23
+ end
24
+
25
+ # @api private
26
+ class Handler < Seahorse::Client::Handler
27
+ def call(context)
28
+ # If endpoint was discovered, do not resolve or apply the endpoint.
29
+ unless context[:discovered_endpoint]
30
+ params = parameters_for_operation(context)
31
+ endpoint = context.config.endpoint_provider.resolve_endpoint(params)
32
+
33
+ context.http_request.endpoint = endpoint.url
34
+ apply_endpoint_headers(context, endpoint.headers)
35
+ end
36
+
37
+ context[:endpoint_params] = params
38
+ context[:auth_scheme] =
39
+ Aws::Endpoints.resolve_auth_scheme(context, endpoint)
40
+
41
+ @handler.call(context)
42
+ end
43
+
44
+ private
45
+
46
+ def apply_endpoint_headers(context, headers)
47
+ headers.each do |key, values|
48
+ value = values
49
+ .compact
50
+ .map { |s| Seahorse::Util.escape_header_list_string(s.to_s) }
51
+ .join(',')
52
+
53
+ context.http_request.headers[key] = value
54
+ end
55
+ end
56
+
57
+ def parameters_for_operation(context)
58
+ case context.operation_name
59
+ when :abort_multipart_upload
60
+ Aws::S3::Endpoints::AbortMultipartUpload.build(context)
61
+ when :complete_multipart_upload
62
+ Aws::S3::Endpoints::CompleteMultipartUpload.build(context)
63
+ when :copy_object
64
+ Aws::S3::Endpoints::CopyObject.build(context)
65
+ when :create_bucket
66
+ Aws::S3::Endpoints::CreateBucket.build(context)
67
+ when :create_multipart_upload
68
+ Aws::S3::Endpoints::CreateMultipartUpload.build(context)
69
+ when :delete_bucket
70
+ Aws::S3::Endpoints::DeleteBucket.build(context)
71
+ when :delete_bucket_analytics_configuration
72
+ Aws::S3::Endpoints::DeleteBucketAnalyticsConfiguration.build(context)
73
+ when :delete_bucket_cors
74
+ Aws::S3::Endpoints::DeleteBucketCors.build(context)
75
+ when :delete_bucket_encryption
76
+ Aws::S3::Endpoints::DeleteBucketEncryption.build(context)
77
+ when :delete_bucket_intelligent_tiering_configuration
78
+ Aws::S3::Endpoints::DeleteBucketIntelligentTieringConfiguration.build(context)
79
+ when :delete_bucket_inventory_configuration
80
+ Aws::S3::Endpoints::DeleteBucketInventoryConfiguration.build(context)
81
+ when :delete_bucket_lifecycle
82
+ Aws::S3::Endpoints::DeleteBucketLifecycle.build(context)
83
+ when :delete_bucket_metrics_configuration
84
+ Aws::S3::Endpoints::DeleteBucketMetricsConfiguration.build(context)
85
+ when :delete_bucket_ownership_controls
86
+ Aws::S3::Endpoints::DeleteBucketOwnershipControls.build(context)
87
+ when :delete_bucket_policy
88
+ Aws::S3::Endpoints::DeleteBucketPolicy.build(context)
89
+ when :delete_bucket_replication
90
+ Aws::S3::Endpoints::DeleteBucketReplication.build(context)
91
+ when :delete_bucket_tagging
92
+ Aws::S3::Endpoints::DeleteBucketTagging.build(context)
93
+ when :delete_bucket_website
94
+ Aws::S3::Endpoints::DeleteBucketWebsite.build(context)
95
+ when :delete_object
96
+ Aws::S3::Endpoints::DeleteObject.build(context)
97
+ when :delete_object_tagging
98
+ Aws::S3::Endpoints::DeleteObjectTagging.build(context)
99
+ when :delete_objects
100
+ Aws::S3::Endpoints::DeleteObjects.build(context)
101
+ when :delete_public_access_block
102
+ Aws::S3::Endpoints::DeletePublicAccessBlock.build(context)
103
+ when :get_bucket_accelerate_configuration
104
+ Aws::S3::Endpoints::GetBucketAccelerateConfiguration.build(context)
105
+ when :get_bucket_acl
106
+ Aws::S3::Endpoints::GetBucketAcl.build(context)
107
+ when :get_bucket_analytics_configuration
108
+ Aws::S3::Endpoints::GetBucketAnalyticsConfiguration.build(context)
109
+ when :get_bucket_cors
110
+ Aws::S3::Endpoints::GetBucketCors.build(context)
111
+ when :get_bucket_encryption
112
+ Aws::S3::Endpoints::GetBucketEncryption.build(context)
113
+ when :get_bucket_intelligent_tiering_configuration
114
+ Aws::S3::Endpoints::GetBucketIntelligentTieringConfiguration.build(context)
115
+ when :get_bucket_inventory_configuration
116
+ Aws::S3::Endpoints::GetBucketInventoryConfiguration.build(context)
117
+ when :get_bucket_lifecycle
118
+ Aws::S3::Endpoints::GetBucketLifecycle.build(context)
119
+ when :get_bucket_lifecycle_configuration
120
+ Aws::S3::Endpoints::GetBucketLifecycleConfiguration.build(context)
121
+ when :get_bucket_location
122
+ Aws::S3::Endpoints::GetBucketLocation.build(context)
123
+ when :get_bucket_logging
124
+ Aws::S3::Endpoints::GetBucketLogging.build(context)
125
+ when :get_bucket_metrics_configuration
126
+ Aws::S3::Endpoints::GetBucketMetricsConfiguration.build(context)
127
+ when :get_bucket_notification
128
+ Aws::S3::Endpoints::GetBucketNotification.build(context)
129
+ when :get_bucket_notification_configuration
130
+ Aws::S3::Endpoints::GetBucketNotificationConfiguration.build(context)
131
+ when :get_bucket_ownership_controls
132
+ Aws::S3::Endpoints::GetBucketOwnershipControls.build(context)
133
+ when :get_bucket_policy
134
+ Aws::S3::Endpoints::GetBucketPolicy.build(context)
135
+ when :get_bucket_policy_status
136
+ Aws::S3::Endpoints::GetBucketPolicyStatus.build(context)
137
+ when :get_bucket_replication
138
+ Aws::S3::Endpoints::GetBucketReplication.build(context)
139
+ when :get_bucket_request_payment
140
+ Aws::S3::Endpoints::GetBucketRequestPayment.build(context)
141
+ when :get_bucket_tagging
142
+ Aws::S3::Endpoints::GetBucketTagging.build(context)
143
+ when :get_bucket_versioning
144
+ Aws::S3::Endpoints::GetBucketVersioning.build(context)
145
+ when :get_bucket_website
146
+ Aws::S3::Endpoints::GetBucketWebsite.build(context)
147
+ when :get_object
148
+ Aws::S3::Endpoints::GetObject.build(context)
149
+ when :get_object_acl
150
+ Aws::S3::Endpoints::GetObjectAcl.build(context)
151
+ when :get_object_attributes
152
+ Aws::S3::Endpoints::GetObjectAttributes.build(context)
153
+ when :get_object_legal_hold
154
+ Aws::S3::Endpoints::GetObjectLegalHold.build(context)
155
+ when :get_object_lock_configuration
156
+ Aws::S3::Endpoints::GetObjectLockConfiguration.build(context)
157
+ when :get_object_retention
158
+ Aws::S3::Endpoints::GetObjectRetention.build(context)
159
+ when :get_object_tagging
160
+ Aws::S3::Endpoints::GetObjectTagging.build(context)
161
+ when :get_object_torrent
162
+ Aws::S3::Endpoints::GetObjectTorrent.build(context)
163
+ when :get_public_access_block
164
+ Aws::S3::Endpoints::GetPublicAccessBlock.build(context)
165
+ when :head_bucket
166
+ Aws::S3::Endpoints::HeadBucket.build(context)
167
+ when :head_object
168
+ Aws::S3::Endpoints::HeadObject.build(context)
169
+ when :list_bucket_analytics_configurations
170
+ Aws::S3::Endpoints::ListBucketAnalyticsConfigurations.build(context)
171
+ when :list_bucket_intelligent_tiering_configurations
172
+ Aws::S3::Endpoints::ListBucketIntelligentTieringConfigurations.build(context)
173
+ when :list_bucket_inventory_configurations
174
+ Aws::S3::Endpoints::ListBucketInventoryConfigurations.build(context)
175
+ when :list_bucket_metrics_configurations
176
+ Aws::S3::Endpoints::ListBucketMetricsConfigurations.build(context)
177
+ when :list_buckets
178
+ Aws::S3::Endpoints::ListBuckets.build(context)
179
+ when :list_multipart_uploads
180
+ Aws::S3::Endpoints::ListMultipartUploads.build(context)
181
+ when :list_object_versions
182
+ Aws::S3::Endpoints::ListObjectVersions.build(context)
183
+ when :list_objects
184
+ Aws::S3::Endpoints::ListObjects.build(context)
185
+ when :list_objects_v2
186
+ Aws::S3::Endpoints::ListObjectsV2.build(context)
187
+ when :list_parts
188
+ Aws::S3::Endpoints::ListParts.build(context)
189
+ when :put_bucket_accelerate_configuration
190
+ Aws::S3::Endpoints::PutBucketAccelerateConfiguration.build(context)
191
+ when :put_bucket_acl
192
+ Aws::S3::Endpoints::PutBucketAcl.build(context)
193
+ when :put_bucket_analytics_configuration
194
+ Aws::S3::Endpoints::PutBucketAnalyticsConfiguration.build(context)
195
+ when :put_bucket_cors
196
+ Aws::S3::Endpoints::PutBucketCors.build(context)
197
+ when :put_bucket_encryption
198
+ Aws::S3::Endpoints::PutBucketEncryption.build(context)
199
+ when :put_bucket_intelligent_tiering_configuration
200
+ Aws::S3::Endpoints::PutBucketIntelligentTieringConfiguration.build(context)
201
+ when :put_bucket_inventory_configuration
202
+ Aws::S3::Endpoints::PutBucketInventoryConfiguration.build(context)
203
+ when :put_bucket_lifecycle
204
+ Aws::S3::Endpoints::PutBucketLifecycle.build(context)
205
+ when :put_bucket_lifecycle_configuration
206
+ Aws::S3::Endpoints::PutBucketLifecycleConfiguration.build(context)
207
+ when :put_bucket_logging
208
+ Aws::S3::Endpoints::PutBucketLogging.build(context)
209
+ when :put_bucket_metrics_configuration
210
+ Aws::S3::Endpoints::PutBucketMetricsConfiguration.build(context)
211
+ when :put_bucket_notification
212
+ Aws::S3::Endpoints::PutBucketNotification.build(context)
213
+ when :put_bucket_notification_configuration
214
+ Aws::S3::Endpoints::PutBucketNotificationConfiguration.build(context)
215
+ when :put_bucket_ownership_controls
216
+ Aws::S3::Endpoints::PutBucketOwnershipControls.build(context)
217
+ when :put_bucket_policy
218
+ Aws::S3::Endpoints::PutBucketPolicy.build(context)
219
+ when :put_bucket_replication
220
+ Aws::S3::Endpoints::PutBucketReplication.build(context)
221
+ when :put_bucket_request_payment
222
+ Aws::S3::Endpoints::PutBucketRequestPayment.build(context)
223
+ when :put_bucket_tagging
224
+ Aws::S3::Endpoints::PutBucketTagging.build(context)
225
+ when :put_bucket_versioning
226
+ Aws::S3::Endpoints::PutBucketVersioning.build(context)
227
+ when :put_bucket_website
228
+ Aws::S3::Endpoints::PutBucketWebsite.build(context)
229
+ when :put_object
230
+ Aws::S3::Endpoints::PutObject.build(context)
231
+ when :put_object_acl
232
+ Aws::S3::Endpoints::PutObjectAcl.build(context)
233
+ when :put_object_legal_hold
234
+ Aws::S3::Endpoints::PutObjectLegalHold.build(context)
235
+ when :put_object_lock_configuration
236
+ Aws::S3::Endpoints::PutObjectLockConfiguration.build(context)
237
+ when :put_object_retention
238
+ Aws::S3::Endpoints::PutObjectRetention.build(context)
239
+ when :put_object_tagging
240
+ Aws::S3::Endpoints::PutObjectTagging.build(context)
241
+ when :put_public_access_block
242
+ Aws::S3::Endpoints::PutPublicAccessBlock.build(context)
243
+ when :restore_object
244
+ Aws::S3::Endpoints::RestoreObject.build(context)
245
+ when :select_object_content
246
+ Aws::S3::Endpoints::SelectObjectContent.build(context)
247
+ when :upload_part
248
+ Aws::S3::Endpoints::UploadPart.build(context)
249
+ when :upload_part_copy
250
+ Aws::S3::Endpoints::UploadPartCopy.build(context)
251
+ when :write_get_object_response
252
+ Aws::S3::Endpoints::WriteGetObjectResponse.build(context)
253
+ end
254
+ end
255
+ end
256
+
257
+ def add_handlers(handlers, _config)
258
+ handlers.add(Handler, step: :build, priority: 75)
259
+ end
260
+ end
261
+ end
262
+ end
@@ -16,7 +16,8 @@ module Aws
16
16
 
17
17
  def call(context)
18
18
  body = context.http_request.body
19
- if body.respond_to?(:size) && body.size > 0
19
+ if body.respond_to?(:size) && body.size > 0 &&
20
+ !context[:use_accelerate_endpoint]
20
21
  context.http_request.headers['expect'] = '100-continue'
21
22
  end
22
23
  @handler.call(context)
@@ -16,35 +16,6 @@ Defaults to `legacy` mode which uses the global endpoint.
16
16
  resolve_iad_regional_endpoint(cfg)
17
17
  end
18
18
 
19
- def add_handlers(handlers, config)
20
- # only modify non-custom endpoints
21
- if config.regional_endpoint && config.region == 'us-east-1'
22
- handlers.add(Handler)
23
- end
24
- end
25
-
26
- # @api private
27
- class Handler < Seahorse::Client::Handler
28
-
29
- def call(context)
30
- # WriteGetObjectResponse does not have a global endpoint
31
- # ARNs are regionalized, so don't touch those either.
32
- if context.operation.name != 'WriteGetObjectResponse' &&
33
- context.config.s3_us_east_1_regional_endpoint == 'legacy' &&
34
- !context.metadata[:s3_arn]
35
- host = context.http_request.endpoint.host
36
- legacy_host = IADRegionalEndpoint.legacy_host(host)
37
- context.http_request.endpoint.host = legacy_host
38
- end
39
- @handler.call(context)
40
- end
41
-
42
- end
43
-
44
- def self.legacy_host(host)
45
- host.sub(".us-east-1", '')
46
- end
47
-
48
19
  private
49
20
 
50
21
  def self.resolve_iad_regional_endpoint(cfg)
@@ -5,28 +5,13 @@ require 'aws-sigv4'
5
5
  module Aws
6
6
  module S3
7
7
  module Plugins
8
- # This plugin is an implementation detail and may be modified.
8
+ # This plugin used to have a V4 signer but it was removed in favor of
9
+ # generic Sign plugin that uses endpoint auth scheme.
10
+ #
9
11
  # @api private
10
12
  class S3Signer < Seahorse::Client::Plugin
11
13
  option(:signature_version, 'v4')
12
14
 
13
- option(:sigv4_signer) do |cfg|
14
- S3Signer.build_v4_signer(
15
- service: 's3',
16
- region: cfg.sigv4_region,
17
- credentials: cfg.credentials
18
- )
19
- end
20
-
21
- option(:sigv4_region) do |cfg|
22
- # S3 removes core's signature_v4 plugin that checks for this
23
- raise Aws::Errors::MissingRegionError if cfg.region.nil?
24
-
25
- Aws::Partitions::EndpointProvider.signing_region(
26
- cfg.region, 's3'
27
- )
28
- end
29
-
30
15
  def add_handlers(handlers, cfg)
31
16
  case cfg.signature_version
32
17
  when 'v4' then add_v4_handlers(handlers)
@@ -39,11 +24,11 @@ module Aws
39
24
 
40
25
  def add_v4_handlers(handlers)
41
26
  handlers.add(CachedBucketRegionHandler, step: :sign, priority: 60)
42
- handlers.add(V4Handler, step: :sign)
43
27
  handlers.add(BucketRegionErrorHandler, step: :sign, priority: 40)
44
28
  end
45
29
 
46
30
  def add_legacy_handler(handlers)
31
+ # generic Sign plugin will be skipped if it sees sigv2
47
32
  handlers.add(LegacyHandler, step: :sign)
48
33
  end
49
34
 
@@ -54,53 +39,6 @@ module Aws
54
39
  end
55
40
  end
56
41
 
57
- class V4Handler < Seahorse::Client::Handler
58
- def call(context)
59
- Aws::Plugins::SignatureV4.apply_signature(
60
- context: context,
61
- signer: sigv4_signer(context)
62
- )
63
- @handler.call(context)
64
- end
65
-
66
- private
67
-
68
- def sigv4_signer(context)
69
- # If the client was configured with the wrong region,
70
- # we have to build a new signer.
71
- if context[:cached_sigv4_region] &&
72
- context[:cached_sigv4_region] != context.config.sigv4_signer.region
73
- S3Signer.build_v4_signer(
74
- service: 's3',
75
- region: context[:cached_sigv4_region],
76
- credentials: context.config.credentials
77
- )
78
- elsif (arn = context.metadata[:s3_arn])
79
- if arn[:arn].is_a?(MultiRegionAccessPointARN)
80
- signing_region = '*'
81
- signing_algorithm = :sigv4a
82
- else
83
- signing_region = arn[:resolved_region]
84
- signing_algorithm = :sigv4
85
- end
86
- S3Signer.build_v4_signer(
87
- service: arn[:arn].service,
88
- signing_algorithm: signing_algorithm,
89
- region: signing_region,
90
- credentials: context.config.credentials
91
- )
92
- elsif context.operation.name == 'WriteGetObjectResponse'
93
- S3Signer.build_v4_signer(
94
- service: 's3-object-lambda',
95
- region: context.config.sigv4_region,
96
- credentials: context.config.credentials
97
- )
98
- else
99
- context.config.sigv4_signer
100
- end
101
- end
102
- end
103
-
104
42
  # This handler will update the http endpoint when the bucket region
105
43
  # is known/cached.
106
44
  class CachedBucketRegionHandler < Seahorse::Client::Handler
@@ -114,11 +52,13 @@ module Aws
114
52
 
115
53
  def check_for_cached_region(context, bucket)
116
54
  cached_region = S3::BUCKET_REGIONS[bucket]
117
- if cached_region && cached_region != context.config.region
55
+ if cached_region &&
56
+ cached_region != context.config.region &&
57
+ !S3Signer.custom_endpoint?(context)
118
58
  context.http_request.endpoint.host = S3Signer.new_hostname(
119
59
  context, cached_region
120
60
  )
121
- context[:cached_sigv4_region] = cached_region
61
+ context[:sigv4_region] = cached_region # Sign plugin will use this
122
62
  end
123
63
  end
124
64
  end
@@ -126,7 +66,8 @@ module Aws
126
66
  # This handler detects when a request fails because of a mismatched bucket
127
67
  # region. It follows up by making a request to determine the correct
128
68
  # region, then finally a version 4 signed request against the correct
129
- # regional endpoint.
69
+ # regional endpoint. This is intended for s3's global endpoint which
70
+ # will return 400 if the bucket is not in region.
130
71
  class BucketRegionErrorHandler < Seahorse::Client::Handler
131
72
  def call(context)
132
73
  response = @handler.call(context)
@@ -138,7 +79,7 @@ module Aws
138
79
  def handle_region_errors(response)
139
80
  if wrong_sigv4_region?(response) &&
140
81
  !fips_region?(response) &&
141
- !custom_endpoint?(response) &&
82
+ !S3Signer.custom_endpoint?(response.context) &&
142
83
  !expired_credentials?(response)
143
84
  get_region_and_retry(response.context)
144
85
  else
@@ -160,25 +101,13 @@ module Aws
160
101
  end
161
102
 
162
103
  def fips_region?(resp)
163
- resp.context.http_request.endpoint.host.include?('fips')
104
+ resp.context.http_request.endpoint.host.include?('s3-fips.')
164
105
  end
165
106
 
166
107
  def expired_credentials?(resp)
167
108
  resp.context.http_response.body_contents.match(/<Code>ExpiredToken<\/Code>/)
168
109
  end
169
110
 
170
- def custom_endpoint?(resp)
171
- resolved_suffix = Aws::Partitions::EndpointProvider.dns_suffix_for(
172
- resp.context.config.region,
173
- 's3',
174
- {
175
- dualstack: resp.context[:use_dualstack_endpoint],
176
- fips: resp.context.config.use_fips_endpoint
177
- }
178
- )
179
- !resp.context.http_request.endpoint.hostname.include?(resolved_suffix)
180
- end
181
-
182
111
  def wrong_sigv4_region?(resp)
183
112
  resp.context.http_response.status_code == 400 &&
184
113
  (resp.context.http_response.headers['x-amz-bucket-region'] ||
@@ -191,18 +120,14 @@ module Aws
191
120
  context, actual_region
192
121
  )
193
122
  context.metadata[:redirect_region] = actual_region
194
- # if it's an ARN, use the service in the ARN
195
- if (arn = context.metadata[:s3_arn])
196
- service = arn[:arn].service
197
- end
198
- Aws::Plugins::SignatureV4.apply_signature(
199
- context: context,
200
- signer: S3Signer.build_v4_signer(
201
- service: service || 's3',
202
- region: actual_region,
203
- credentials: context.config.credentials
204
- )
123
+
124
+ signer = Aws::Plugins::Sign.signer_for(
125
+ context[:auth_scheme],
126
+ context.config,
127
+ actual_region
205
128
  )
129
+
130
+ signer.sign(context)
206
131
  end
207
132
 
208
133
  def region_from_body(body)
@@ -228,41 +153,22 @@ module Aws
228
153
  end
229
154
 
230
155
  class << self
231
- # @option options [required, String] :region
232
- # @option options [required, #credentials] :credentials
233
- # @api private
234
- def build_v4_signer(options = {})
235
- Aws::Sigv4::Signer.new(
236
- service: options[:service],
237
- region: options[:region],
238
- credentials_provider: options[:credentials],
239
- signing_algorithm: options.fetch(:signing_algorithm, :sigv4),
240
- uri_escape_path: false,
241
- unsigned_headers: ['content-length', 'x-amzn-trace-id']
242
- )
156
+ def new_hostname(context, region)
157
+ endpoint_params = context[:endpoint_params].dup
158
+ endpoint_params.region = region
159
+ endpoint_params.endpoint = nil
160
+ endpoint =
161
+ context.config.endpoint_provider.resolve_endpoint(endpoint_params)
162
+ URI(endpoint.url).host
243
163
  end
244
164
 
245
- # Check to see if the bucket is actually an ARN
246
- # Otherwise it will retry with the ARN as the bucket name.
247
- def new_hostname(context, region)
248
- uri = URI.parse(
249
- Aws::Partitions::EndpointProvider.resolve(
250
- region, 's3', 'regional',
251
- {
252
- dualstack: context[:use_dualstack_endpoint],
253
- fips: context.config.use_fips_endpoint
254
- }
255
- )
256
- )
165
+ def custom_endpoint?(context)
166
+ region = context.config.region
167
+ partition = Aws::Endpoints::Matchers.aws_partition(region)
168
+ endpoint = context.http_request.endpoint
257
169
 
258
- if (arn = context.metadata[:s3_arn])
259
- # Retry with the response region and not the ARN resolved one
260
- ARN.resolve_url!(
261
- uri, arn[:arn], region, arn[:fips], arn[:dualstack]
262
- ).host
263
- else
264
- "#{context.params[:bucket]}.#{uri.host}"
265
- end
170
+ !endpoint.hostname.include?(partition['dnsSuffix']) &&
171
+ !endpoint.hostname.include?(partition['dualStackDnsSuffix'])
266
172
  end
267
173
  end
268
174
  end