aws-sdk-s3 1.115.0 → 1.117.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,262 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+
11
+ module Aws::S3
12
+ module Plugins
13
+ class Endpoints < Seahorse::Client::Plugin
14
+ option(
15
+ :endpoint_provider,
16
+ doc_type: 'Aws::S3::EndpointProvider',
17
+ docstring: 'The endpoint provider used to resolve endpoints. Any '\
18
+ 'object that responds to `#resolve_endpoint(parameters)` '\
19
+ 'where `parameters` is a Struct similar to '\
20
+ '`Aws::S3::EndpointParameters`'
21
+ ) do |cfg|
22
+ Aws::S3::EndpointProvider.new
23
+ end
24
+
25
+ # @api private
26
+ class Handler < Seahorse::Client::Handler
27
+ def call(context)
28
+ # If endpoint was discovered, do not resolve or apply the endpoint.
29
+ unless context[:discovered_endpoint]
30
+ params = parameters_for_operation(context)
31
+ endpoint = context.config.endpoint_provider.resolve_endpoint(params)
32
+
33
+ context.http_request.endpoint = endpoint.url
34
+ apply_endpoint_headers(context, endpoint.headers)
35
+ end
36
+
37
+ context[:endpoint_params] = params
38
+ context[:auth_scheme] =
39
+ Aws::Endpoints.resolve_auth_scheme(context, endpoint)
40
+
41
+ @handler.call(context)
42
+ end
43
+
44
+ private
45
+
46
+ def apply_endpoint_headers(context, headers)
47
+ headers.each do |key, values|
48
+ value = values
49
+ .compact
50
+ .map { |s| Seahorse::Util.escape_header_list_string(s.to_s) }
51
+ .join(',')
52
+
53
+ context.http_request.headers[key] = value
54
+ end
55
+ end
56
+
57
+ def parameters_for_operation(context)
58
+ case context.operation_name
59
+ when :abort_multipart_upload
60
+ Aws::S3::Endpoints::AbortMultipartUpload.build(context)
61
+ when :complete_multipart_upload
62
+ Aws::S3::Endpoints::CompleteMultipartUpload.build(context)
63
+ when :copy_object
64
+ Aws::S3::Endpoints::CopyObject.build(context)
65
+ when :create_bucket
66
+ Aws::S3::Endpoints::CreateBucket.build(context)
67
+ when :create_multipart_upload
68
+ Aws::S3::Endpoints::CreateMultipartUpload.build(context)
69
+ when :delete_bucket
70
+ Aws::S3::Endpoints::DeleteBucket.build(context)
71
+ when :delete_bucket_analytics_configuration
72
+ Aws::S3::Endpoints::DeleteBucketAnalyticsConfiguration.build(context)
73
+ when :delete_bucket_cors
74
+ Aws::S3::Endpoints::DeleteBucketCors.build(context)
75
+ when :delete_bucket_encryption
76
+ Aws::S3::Endpoints::DeleteBucketEncryption.build(context)
77
+ when :delete_bucket_intelligent_tiering_configuration
78
+ Aws::S3::Endpoints::DeleteBucketIntelligentTieringConfiguration.build(context)
79
+ when :delete_bucket_inventory_configuration
80
+ Aws::S3::Endpoints::DeleteBucketInventoryConfiguration.build(context)
81
+ when :delete_bucket_lifecycle
82
+ Aws::S3::Endpoints::DeleteBucketLifecycle.build(context)
83
+ when :delete_bucket_metrics_configuration
84
+ Aws::S3::Endpoints::DeleteBucketMetricsConfiguration.build(context)
85
+ when :delete_bucket_ownership_controls
86
+ Aws::S3::Endpoints::DeleteBucketOwnershipControls.build(context)
87
+ when :delete_bucket_policy
88
+ Aws::S3::Endpoints::DeleteBucketPolicy.build(context)
89
+ when :delete_bucket_replication
90
+ Aws::S3::Endpoints::DeleteBucketReplication.build(context)
91
+ when :delete_bucket_tagging
92
+ Aws::S3::Endpoints::DeleteBucketTagging.build(context)
93
+ when :delete_bucket_website
94
+ Aws::S3::Endpoints::DeleteBucketWebsite.build(context)
95
+ when :delete_object
96
+ Aws::S3::Endpoints::DeleteObject.build(context)
97
+ when :delete_object_tagging
98
+ Aws::S3::Endpoints::DeleteObjectTagging.build(context)
99
+ when :delete_objects
100
+ Aws::S3::Endpoints::DeleteObjects.build(context)
101
+ when :delete_public_access_block
102
+ Aws::S3::Endpoints::DeletePublicAccessBlock.build(context)
103
+ when :get_bucket_accelerate_configuration
104
+ Aws::S3::Endpoints::GetBucketAccelerateConfiguration.build(context)
105
+ when :get_bucket_acl
106
+ Aws::S3::Endpoints::GetBucketAcl.build(context)
107
+ when :get_bucket_analytics_configuration
108
+ Aws::S3::Endpoints::GetBucketAnalyticsConfiguration.build(context)
109
+ when :get_bucket_cors
110
+ Aws::S3::Endpoints::GetBucketCors.build(context)
111
+ when :get_bucket_encryption
112
+ Aws::S3::Endpoints::GetBucketEncryption.build(context)
113
+ when :get_bucket_intelligent_tiering_configuration
114
+ Aws::S3::Endpoints::GetBucketIntelligentTieringConfiguration.build(context)
115
+ when :get_bucket_inventory_configuration
116
+ Aws::S3::Endpoints::GetBucketInventoryConfiguration.build(context)
117
+ when :get_bucket_lifecycle
118
+ Aws::S3::Endpoints::GetBucketLifecycle.build(context)
119
+ when :get_bucket_lifecycle_configuration
120
+ Aws::S3::Endpoints::GetBucketLifecycleConfiguration.build(context)
121
+ when :get_bucket_location
122
+ Aws::S3::Endpoints::GetBucketLocation.build(context)
123
+ when :get_bucket_logging
124
+ Aws::S3::Endpoints::GetBucketLogging.build(context)
125
+ when :get_bucket_metrics_configuration
126
+ Aws::S3::Endpoints::GetBucketMetricsConfiguration.build(context)
127
+ when :get_bucket_notification
128
+ Aws::S3::Endpoints::GetBucketNotification.build(context)
129
+ when :get_bucket_notification_configuration
130
+ Aws::S3::Endpoints::GetBucketNotificationConfiguration.build(context)
131
+ when :get_bucket_ownership_controls
132
+ Aws::S3::Endpoints::GetBucketOwnershipControls.build(context)
133
+ when :get_bucket_policy
134
+ Aws::S3::Endpoints::GetBucketPolicy.build(context)
135
+ when :get_bucket_policy_status
136
+ Aws::S3::Endpoints::GetBucketPolicyStatus.build(context)
137
+ when :get_bucket_replication
138
+ Aws::S3::Endpoints::GetBucketReplication.build(context)
139
+ when :get_bucket_request_payment
140
+ Aws::S3::Endpoints::GetBucketRequestPayment.build(context)
141
+ when :get_bucket_tagging
142
+ Aws::S3::Endpoints::GetBucketTagging.build(context)
143
+ when :get_bucket_versioning
144
+ Aws::S3::Endpoints::GetBucketVersioning.build(context)
145
+ when :get_bucket_website
146
+ Aws::S3::Endpoints::GetBucketWebsite.build(context)
147
+ when :get_object
148
+ Aws::S3::Endpoints::GetObject.build(context)
149
+ when :get_object_acl
150
+ Aws::S3::Endpoints::GetObjectAcl.build(context)
151
+ when :get_object_attributes
152
+ Aws::S3::Endpoints::GetObjectAttributes.build(context)
153
+ when :get_object_legal_hold
154
+ Aws::S3::Endpoints::GetObjectLegalHold.build(context)
155
+ when :get_object_lock_configuration
156
+ Aws::S3::Endpoints::GetObjectLockConfiguration.build(context)
157
+ when :get_object_retention
158
+ Aws::S3::Endpoints::GetObjectRetention.build(context)
159
+ when :get_object_tagging
160
+ Aws::S3::Endpoints::GetObjectTagging.build(context)
161
+ when :get_object_torrent
162
+ Aws::S3::Endpoints::GetObjectTorrent.build(context)
163
+ when :get_public_access_block
164
+ Aws::S3::Endpoints::GetPublicAccessBlock.build(context)
165
+ when :head_bucket
166
+ Aws::S3::Endpoints::HeadBucket.build(context)
167
+ when :head_object
168
+ Aws::S3::Endpoints::HeadObject.build(context)
169
+ when :list_bucket_analytics_configurations
170
+ Aws::S3::Endpoints::ListBucketAnalyticsConfigurations.build(context)
171
+ when :list_bucket_intelligent_tiering_configurations
172
+ Aws::S3::Endpoints::ListBucketIntelligentTieringConfigurations.build(context)
173
+ when :list_bucket_inventory_configurations
174
+ Aws::S3::Endpoints::ListBucketInventoryConfigurations.build(context)
175
+ when :list_bucket_metrics_configurations
176
+ Aws::S3::Endpoints::ListBucketMetricsConfigurations.build(context)
177
+ when :list_buckets
178
+ Aws::S3::Endpoints::ListBuckets.build(context)
179
+ when :list_multipart_uploads
180
+ Aws::S3::Endpoints::ListMultipartUploads.build(context)
181
+ when :list_object_versions
182
+ Aws::S3::Endpoints::ListObjectVersions.build(context)
183
+ when :list_objects
184
+ Aws::S3::Endpoints::ListObjects.build(context)
185
+ when :list_objects_v2
186
+ Aws::S3::Endpoints::ListObjectsV2.build(context)
187
+ when :list_parts
188
+ Aws::S3::Endpoints::ListParts.build(context)
189
+ when :put_bucket_accelerate_configuration
190
+ Aws::S3::Endpoints::PutBucketAccelerateConfiguration.build(context)
191
+ when :put_bucket_acl
192
+ Aws::S3::Endpoints::PutBucketAcl.build(context)
193
+ when :put_bucket_analytics_configuration
194
+ Aws::S3::Endpoints::PutBucketAnalyticsConfiguration.build(context)
195
+ when :put_bucket_cors
196
+ Aws::S3::Endpoints::PutBucketCors.build(context)
197
+ when :put_bucket_encryption
198
+ Aws::S3::Endpoints::PutBucketEncryption.build(context)
199
+ when :put_bucket_intelligent_tiering_configuration
200
+ Aws::S3::Endpoints::PutBucketIntelligentTieringConfiguration.build(context)
201
+ when :put_bucket_inventory_configuration
202
+ Aws::S3::Endpoints::PutBucketInventoryConfiguration.build(context)
203
+ when :put_bucket_lifecycle
204
+ Aws::S3::Endpoints::PutBucketLifecycle.build(context)
205
+ when :put_bucket_lifecycle_configuration
206
+ Aws::S3::Endpoints::PutBucketLifecycleConfiguration.build(context)
207
+ when :put_bucket_logging
208
+ Aws::S3::Endpoints::PutBucketLogging.build(context)
209
+ when :put_bucket_metrics_configuration
210
+ Aws::S3::Endpoints::PutBucketMetricsConfiguration.build(context)
211
+ when :put_bucket_notification
212
+ Aws::S3::Endpoints::PutBucketNotification.build(context)
213
+ when :put_bucket_notification_configuration
214
+ Aws::S3::Endpoints::PutBucketNotificationConfiguration.build(context)
215
+ when :put_bucket_ownership_controls
216
+ Aws::S3::Endpoints::PutBucketOwnershipControls.build(context)
217
+ when :put_bucket_policy
218
+ Aws::S3::Endpoints::PutBucketPolicy.build(context)
219
+ when :put_bucket_replication
220
+ Aws::S3::Endpoints::PutBucketReplication.build(context)
221
+ when :put_bucket_request_payment
222
+ Aws::S3::Endpoints::PutBucketRequestPayment.build(context)
223
+ when :put_bucket_tagging
224
+ Aws::S3::Endpoints::PutBucketTagging.build(context)
225
+ when :put_bucket_versioning
226
+ Aws::S3::Endpoints::PutBucketVersioning.build(context)
227
+ when :put_bucket_website
228
+ Aws::S3::Endpoints::PutBucketWebsite.build(context)
229
+ when :put_object
230
+ Aws::S3::Endpoints::PutObject.build(context)
231
+ when :put_object_acl
232
+ Aws::S3::Endpoints::PutObjectAcl.build(context)
233
+ when :put_object_legal_hold
234
+ Aws::S3::Endpoints::PutObjectLegalHold.build(context)
235
+ when :put_object_lock_configuration
236
+ Aws::S3::Endpoints::PutObjectLockConfiguration.build(context)
237
+ when :put_object_retention
238
+ Aws::S3::Endpoints::PutObjectRetention.build(context)
239
+ when :put_object_tagging
240
+ Aws::S3::Endpoints::PutObjectTagging.build(context)
241
+ when :put_public_access_block
242
+ Aws::S3::Endpoints::PutPublicAccessBlock.build(context)
243
+ when :restore_object
244
+ Aws::S3::Endpoints::RestoreObject.build(context)
245
+ when :select_object_content
246
+ Aws::S3::Endpoints::SelectObjectContent.build(context)
247
+ when :upload_part
248
+ Aws::S3::Endpoints::UploadPart.build(context)
249
+ when :upload_part_copy
250
+ Aws::S3::Endpoints::UploadPartCopy.build(context)
251
+ when :write_get_object_response
252
+ Aws::S3::Endpoints::WriteGetObjectResponse.build(context)
253
+ end
254
+ end
255
+ end
256
+
257
+ def add_handlers(handlers, _config)
258
+ handlers.add(Handler, step: :build, priority: 75)
259
+ end
260
+ end
261
+ end
262
+ end
@@ -16,7 +16,8 @@ module Aws
16
16
 
17
17
  def call(context)
18
18
  body = context.http_request.body
19
- if body.respond_to?(:size) && body.size > 0
19
+ if body.respond_to?(:size) && body.size > 0 &&
20
+ !context[:use_accelerate_endpoint]
20
21
  context.http_request.headers['expect'] = '100-continue'
21
22
  end
22
23
  @handler.call(context)
@@ -16,35 +16,6 @@ Defaults to `legacy` mode which uses the global endpoint.
16
16
  resolve_iad_regional_endpoint(cfg)
17
17
  end
18
18
 
19
- def add_handlers(handlers, config)
20
- # only modify non-custom endpoints
21
- if config.regional_endpoint && config.region == 'us-east-1'
22
- handlers.add(Handler)
23
- end
24
- end
25
-
26
- # @api private
27
- class Handler < Seahorse::Client::Handler
28
-
29
- def call(context)
30
- # WriteGetObjectResponse does not have a global endpoint
31
- # ARNs are regionalized, so don't touch those either.
32
- if context.operation.name != 'WriteGetObjectResponse' &&
33
- context.config.s3_us_east_1_regional_endpoint == 'legacy' &&
34
- !context.metadata[:s3_arn]
35
- host = context.http_request.endpoint.host
36
- legacy_host = IADRegionalEndpoint.legacy_host(host)
37
- context.http_request.endpoint.host = legacy_host
38
- end
39
- @handler.call(context)
40
- end
41
-
42
- end
43
-
44
- def self.legacy_host(host)
45
- host.sub(".us-east-1", '')
46
- end
47
-
48
19
  private
49
20
 
50
21
  def self.resolve_iad_regional_endpoint(cfg)
@@ -5,28 +5,13 @@ require 'aws-sigv4'
5
5
  module Aws
6
6
  module S3
7
7
  module Plugins
8
- # This plugin is an implementation detail and may be modified.
8
+ # This plugin used to have a V4 signer but it was removed in favor of
9
+ # generic Sign plugin that uses endpoint auth scheme.
10
+ #
9
11
  # @api private
10
12
  class S3Signer < Seahorse::Client::Plugin
11
13
  option(:signature_version, 'v4')
12
14
 
13
- option(:sigv4_signer) do |cfg|
14
- S3Signer.build_v4_signer(
15
- service: 's3',
16
- region: cfg.sigv4_region,
17
- credentials: cfg.credentials
18
- )
19
- end
20
-
21
- option(:sigv4_region) do |cfg|
22
- # S3 removes core's signature_v4 plugin that checks for this
23
- raise Aws::Errors::MissingRegionError if cfg.region.nil?
24
-
25
- Aws::Partitions::EndpointProvider.signing_region(
26
- cfg.region, 's3'
27
- )
28
- end
29
-
30
15
  def add_handlers(handlers, cfg)
31
16
  case cfg.signature_version
32
17
  when 'v4' then add_v4_handlers(handlers)
@@ -39,11 +24,11 @@ module Aws
39
24
 
40
25
  def add_v4_handlers(handlers)
41
26
  handlers.add(CachedBucketRegionHandler, step: :sign, priority: 60)
42
- handlers.add(V4Handler, step: :sign)
43
27
  handlers.add(BucketRegionErrorHandler, step: :sign, priority: 40)
44
28
  end
45
29
 
46
30
  def add_legacy_handler(handlers)
31
+ # generic Sign plugin will be skipped if it sees sigv2
47
32
  handlers.add(LegacyHandler, step: :sign)
48
33
  end
49
34
 
@@ -54,53 +39,6 @@ module Aws
54
39
  end
55
40
  end
56
41
 
57
- class V4Handler < Seahorse::Client::Handler
58
- def call(context)
59
- Aws::Plugins::SignatureV4.apply_signature(
60
- context: context,
61
- signer: sigv4_signer(context)
62
- )
63
- @handler.call(context)
64
- end
65
-
66
- private
67
-
68
- def sigv4_signer(context)
69
- # If the client was configured with the wrong region,
70
- # we have to build a new signer.
71
- if context[:cached_sigv4_region] &&
72
- context[:cached_sigv4_region] != context.config.sigv4_signer.region
73
- S3Signer.build_v4_signer(
74
- service: 's3',
75
- region: context[:cached_sigv4_region],
76
- credentials: context.config.credentials
77
- )
78
- elsif (arn = context.metadata[:s3_arn])
79
- if arn[:arn].is_a?(MultiRegionAccessPointARN)
80
- signing_region = '*'
81
- signing_algorithm = :sigv4a
82
- else
83
- signing_region = arn[:resolved_region]
84
- signing_algorithm = :sigv4
85
- end
86
- S3Signer.build_v4_signer(
87
- service: arn[:arn].service,
88
- signing_algorithm: signing_algorithm,
89
- region: signing_region,
90
- credentials: context.config.credentials
91
- )
92
- elsif context.operation.name == 'WriteGetObjectResponse'
93
- S3Signer.build_v4_signer(
94
- service: 's3-object-lambda',
95
- region: context.config.sigv4_region,
96
- credentials: context.config.credentials
97
- )
98
- else
99
- context.config.sigv4_signer
100
- end
101
- end
102
- end
103
-
104
42
  # This handler will update the http endpoint when the bucket region
105
43
  # is known/cached.
106
44
  class CachedBucketRegionHandler < Seahorse::Client::Handler
@@ -118,7 +56,7 @@ module Aws
118
56
  context.http_request.endpoint.host = S3Signer.new_hostname(
119
57
  context, cached_region
120
58
  )
121
- context[:cached_sigv4_region] = cached_region
59
+ context[:sigv4_region] = cached_region # Sign plugin will use this
122
60
  end
123
61
  end
124
62
  end
@@ -126,7 +64,8 @@ module Aws
126
64
  # This handler detects when a request fails because of a mismatched bucket
127
65
  # region. It follows up by making a request to determine the correct
128
66
  # region, then finally a version 4 signed request against the correct
129
- # regional endpoint.
67
+ # regional endpoint. This is intended for s3's global endpoint which
68
+ # will return 400 if the bucket is not in region.
130
69
  class BucketRegionErrorHandler < Seahorse::Client::Handler
131
70
  def call(context)
132
71
  response = @handler.call(context)
@@ -160,7 +99,7 @@ module Aws
160
99
  end
161
100
 
162
101
  def fips_region?(resp)
163
- resp.context.http_request.endpoint.host.include?('fips')
102
+ resp.context.http_request.endpoint.host.include?('s3-fips.')
164
103
  end
165
104
 
166
105
  def expired_credentials?(resp)
@@ -168,15 +107,12 @@ module Aws
168
107
  end
169
108
 
170
109
  def custom_endpoint?(resp)
171
- resolved_suffix = Aws::Partitions::EndpointProvider.dns_suffix_for(
172
- resp.context.config.region,
173
- 's3',
174
- {
175
- dualstack: resp.context[:use_dualstack_endpoint],
176
- fips: resp.context.config.use_fips_endpoint
177
- }
178
- )
179
- !resp.context.http_request.endpoint.hostname.include?(resolved_suffix)
110
+ region = resp.context.config.region
111
+ partition = Aws::Endpoints::Matchers.aws_partition(region)
112
+ endpoint = resp.context.http_request.endpoint
113
+
114
+ !endpoint.hostname.include?(partition['dnsSuffix']) &&
115
+ !endpoint.hostname.include?(partition['dualStackDnsSuffix'])
180
116
  end
181
117
 
182
118
  def wrong_sigv4_region?(resp)
@@ -191,18 +127,14 @@ module Aws
191
127
  context, actual_region
192
128
  )
193
129
  context.metadata[:redirect_region] = actual_region
194
- # if it's an ARN, use the service in the ARN
195
- if (arn = context.metadata[:s3_arn])
196
- service = arn[:arn].service
197
- end
198
- Aws::Plugins::SignatureV4.apply_signature(
199
- context: context,
200
- signer: S3Signer.build_v4_signer(
201
- service: service || 's3',
202
- region: actual_region,
203
- credentials: context.config.credentials
204
- )
130
+
131
+ signer = Aws::Plugins::Sign.signer_for(
132
+ context[:auth_scheme],
133
+ context.config,
134
+ actual_region
205
135
  )
136
+
137
+ signer.sign(context)
206
138
  end
207
139
 
208
140
  def region_from_body(body)
@@ -228,41 +160,13 @@ module Aws
228
160
  end
229
161
 
230
162
  class << self
231
- # @option options [required, String] :region
232
- # @option options [required, #credentials] :credentials
233
- # @api private
234
- def build_v4_signer(options = {})
235
- Aws::Sigv4::Signer.new(
236
- service: options[:service],
237
- region: options[:region],
238
- credentials_provider: options[:credentials],
239
- signing_algorithm: options.fetch(:signing_algorithm, :sigv4),
240
- uri_escape_path: false,
241
- unsigned_headers: ['content-length', 'x-amzn-trace-id']
242
- )
243
- end
244
-
245
- # Check to see if the bucket is actually an ARN
246
- # Otherwise it will retry with the ARN as the bucket name.
247
163
  def new_hostname(context, region)
248
- uri = URI.parse(
249
- Aws::Partitions::EndpointProvider.resolve(
250
- region, 's3', 'regional',
251
- {
252
- dualstack: context[:use_dualstack_endpoint],
253
- fips: context.config.use_fips_endpoint
254
- }
255
- )
256
- )
257
-
258
- if (arn = context.metadata[:s3_arn])
259
- # Retry with the response region and not the ARN resolved one
260
- ARN.resolve_url!(
261
- uri, arn[:arn], region, arn[:fips], arn[:dualstack]
262
- ).host
263
- else
264
- "#{context.params[:bucket]}.#{uri.host}"
265
- end
164
+ endpoint_params = context[:endpoint_params].dup
165
+ endpoint_params.region = region
166
+ endpoint_params.endpoint = nil
167
+ endpoint =
168
+ context.config.endpoint_provider.resolve_endpoint(endpoint_params)
169
+ URI(endpoint.url).host
266
170
  end
267
171
  end
268
172
  end
@@ -629,22 +629,15 @@ module Aws
629
629
  end
630
630
 
631
631
  def bucket_url
632
- url = Aws::Partitions::EndpointProvider.resolve(@bucket_region, 's3')
633
- url = URI.parse(url)
634
- if Plugins::BucketDns.dns_compatible?(@bucket_name, _ssl = true)
635
- if @accelerate
636
- url.host = "#{@bucket_name}.s3-accelerate.amazonaws.com"
637
- else
638
- url.host = "#{@bucket_name}.#{url.host}"
639
- end
640
- else
641
- url.path = "/#{@bucket_name}"
642
- end
643
- if @bucket_region == 'us-east-1'
644
- # keep legacy behavior by default
645
- url.host = Plugins::IADRegionalEndpoint.legacy_host(url.host)
646
- end
647
- url.to_s
632
+ # Taken from Aws::S3::Endpoints module
633
+ params = Aws::S3::EndpointParameters.new(
634
+ bucket: @bucket_name,
635
+ region: @bucket_region,
636
+ accelerate: @accelerate,
637
+ use_global_endpoint: true
638
+ )
639
+ endpoint = Aws::S3::EndpointProvider.new.resolve_endpoint(params)
640
+ endpoint.url
648
641
  end
649
642
 
650
643
  # @return [Hash]
@@ -133,7 +133,7 @@ module Aws
133
133
  virtual_host = params.delete(:virtual_host)
134
134
  time = params.delete(:time)
135
135
  unsigned_headers = unsigned_headers(params)
136
- scheme = http_scheme(params)
136
+ secure = params.delete(:secure) != false
137
137
  expires_in = expires_in(params)
138
138
 
139
139
  req = @client.build_request(method, params)
@@ -141,7 +141,7 @@ module Aws
141
141
  handle_presigned_url_context(req)
142
142
 
143
143
  x_amz_headers = sign_but_dont_send(
144
- req, expires_in, scheme, time, unsigned_headers, hoist
144
+ req, expires_in, secure, time, unsigned_headers, hoist
145
145
  )
146
146
  [req.send_request.data, x_amz_headers]
147
147
  end
@@ -151,14 +151,6 @@ module Aws
151
151
  BLACKLISTED_HEADERS - whitelist_headers
152
152
  end
153
153
 
154
- def http_scheme(params)
155
- if params.delete(:secure) == false
156
- 'http'
157
- else
158
- @client.config.endpoint.scheme
159
- end
160
- end
161
-
162
154
  def expires_in(params)
163
155
  if (expires_in = params.delete(:expires_in))
164
156
  if expires_in > ONE_WEEK
@@ -175,8 +167,7 @@ module Aws
175
167
  end
176
168
 
177
169
  def use_bucket_as_hostname(req)
178
- req.handlers.remove(Plugins::BucketDns::Handler)
179
- req.handle do |context|
170
+ req.handle(priority: 35) do |context|
180
171
  uri = context.http_request.endpoint
181
172
  uri.host = context.params[:bucket]
182
173
  uri.path.sub!("/#{context.params[:bucket]}", '')
@@ -197,23 +188,20 @@ module Aws
197
188
 
198
189
  # @param [Seahorse::Client::Request] req
199
190
  def sign_but_dont_send(
200
- req, expires_in, scheme, time, unsigned_headers, hoist = true
191
+ req, expires_in, secure, time, unsigned_headers, hoist = true
201
192
  )
202
193
  x_amz_headers = {}
203
194
 
204
195
  http_req = req.context.http_request
205
196
 
206
197
  req.handlers.remove(Aws::S3::Plugins::S3Signer::LegacyHandler)
207
- req.handlers.remove(Aws::S3::Plugins::S3Signer::V4Handler)
198
+ req.handlers.remove(Aws::Plugins::Sign::Handler)
208
199
  req.handlers.remove(Seahorse::Client::Plugins::ContentLength::Handler)
209
200
 
210
201
  req.handle(step: :send) do |context|
211
- if scheme != http_req.endpoint.scheme
212
- endpoint = http_req.endpoint.dup
213
- endpoint.scheme = scheme
214
- endpoint.port = (scheme == 'http' ? 80 : 443)
215
- http_req.endpoint = URI.parse(endpoint.to_s)
216
- end
202
+ # preserve existing scheme if default
203
+ http_req.endpoint.scheme = secure ? context.config.endpoint.scheme : 'http'
204
+ http_req.endpoint.port = secure ? 443 : 80
217
205
 
218
206
  query = http_req.endpoint.query ? http_req.endpoint.query.split('&') : []
219
207
  http_req.headers.each do |key, value|
@@ -231,24 +219,21 @@ module Aws
231
219
  end
232
220
  http_req.endpoint.query = query.join('&') unless query.empty?
233
221
 
234
- signing_algorithm = :sigv4
235
-
236
- # If it's an ARN, get the resolved region and service
237
- if (arn = context.metadata[:s3_arn])
238
- region = arn[:resolved_region]
239
- service = arn[:arn].service
240
- region = arn[:arn].is_a?(MultiRegionAccessPointARN) ? '*': arn[:resolved_region]
241
- signing_algorithm = arn[:arn].is_a?(MultiRegionAccessPointARN) ? :sigv4a : :sigv4
242
- end
243
-
222
+ auth_scheme = context[:auth_scheme]
223
+ scheme_name = auth_scheme['name']
224
+ region = if scheme_name == 'sigv4a'
225
+ auth_scheme['signingRegionSet'].first
226
+ else
227
+ auth_scheme['signingRegion']
228
+ end
244
229
  signer = Aws::Sigv4::Signer.new(
245
- service: service || 's3',
230
+ service: auth_scheme['signingName'] || 's3',
246
231
  region: region || context.config.region,
247
- signing_algorithm: signing_algorithm,
248
232
  credentials_provider: context.config.credentials,
233
+ signing_algorithm: scheme_name.to_sym,
234
+ uri_escape_path: !!!auth_scheme['disableDoubleEncoding'],
249
235
  unsigned_headers: unsigned_headers,
250
- apply_checksum_header: false,
251
- uri_escape_path: false
236
+ apply_checksum_header: false
252
237
  )
253
238
 
254
239
  url = signer.presign_url(