aws-sdk-s3 1.96.2 → 1.132.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +256 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-s3/bucket.rb +226 -76
- data/lib/aws-sdk-s3/bucket_acl.rb +30 -7
- data/lib/aws-sdk-s3/bucket_cors.rb +35 -10
- data/lib/aws-sdk-s3/bucket_lifecycle.rb +39 -12
- data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb +40 -10
- data/lib/aws-sdk-s3/bucket_logging.rb +30 -7
- data/lib/aws-sdk-s3/bucket_notification.rb +28 -10
- data/lib/aws-sdk-s3/bucket_policy.rb +35 -10
- data/lib/aws-sdk-s3/bucket_request_payment.rb +30 -7
- data/lib/aws-sdk-s3/bucket_tagging.rb +35 -10
- data/lib/aws-sdk-s3/bucket_versioning.rb +78 -17
- data/lib/aws-sdk-s3/bucket_website.rb +35 -10
- data/lib/aws-sdk-s3/client.rb +3854 -2120
- data/lib/aws-sdk-s3/client_api.rb +601 -208
- data/lib/aws-sdk-s3/customizations/bucket.rb +23 -47
- data/lib/aws-sdk-s3/customizations/errors.rb +27 -0
- data/lib/aws-sdk-s3/customizations/object.rb +130 -24
- data/lib/aws-sdk-s3/customizations/types/permanent_redirect.rb +26 -0
- data/lib/aws-sdk-s3/customizations.rb +2 -0
- data/lib/aws-sdk-s3/encryption/client.rb +7 -3
- data/lib/aws-sdk-s3/encryption/decrypt_handler.rb +0 -4
- data/lib/aws-sdk-s3/encryption/kms_cipher_provider.rb +13 -9
- data/lib/aws-sdk-s3/encryptionV2/client.rb +7 -3
- data/lib/aws-sdk-s3/encryptionV2/decrypt_handler.rb +1 -4
- data/lib/aws-sdk-s3/encryptionV2/encrypt_handler.rb +0 -4
- data/lib/aws-sdk-s3/encryptionV2/kms_cipher_provider.rb +10 -6
- data/lib/aws-sdk-s3/endpoint_parameters.rb +146 -0
- data/lib/aws-sdk-s3/endpoint_provider.rb +509 -0
- data/lib/aws-sdk-s3/endpoints.rb +2150 -0
- data/lib/aws-sdk-s3/file_downloader.rb +57 -27
- data/lib/aws-sdk-s3/file_uploader.rb +12 -5
- data/lib/aws-sdk-s3/multipart_file_uploader.rb +26 -7
- data/lib/aws-sdk-s3/multipart_stream_uploader.rb +41 -13
- data/lib/aws-sdk-s3/multipart_upload.rb +138 -16
- data/lib/aws-sdk-s3/multipart_upload_part.rb +144 -18
- data/lib/aws-sdk-s3/object.rb +364 -160
- data/lib/aws-sdk-s3/object_acl.rb +32 -9
- data/lib/aws-sdk-s3/object_copier.rb +7 -5
- data/lib/aws-sdk-s3/object_multipart_copier.rb +41 -19
- data/lib/aws-sdk-s3/object_summary.rb +291 -123
- data/lib/aws-sdk-s3/object_version.rb +99 -46
- data/lib/aws-sdk-s3/plugins/accelerate.rb +3 -44
- data/lib/aws-sdk-s3/plugins/arn.rb +22 -180
- data/lib/aws-sdk-s3/plugins/bucket_dns.rb +3 -39
- data/lib/aws-sdk-s3/plugins/bucket_name_restrictions.rb +1 -6
- data/lib/aws-sdk-s3/plugins/dualstack.rb +1 -55
- data/lib/aws-sdk-s3/plugins/endpoints.rb +262 -0
- data/lib/aws-sdk-s3/plugins/expect_100_continue.rb +2 -1
- data/lib/aws-sdk-s3/plugins/iad_regional_endpoint.rb +6 -29
- data/lib/aws-sdk-s3/plugins/md5s.rb +5 -3
- data/lib/aws-sdk-s3/plugins/s3_signer.rb +35 -100
- data/lib/aws-sdk-s3/plugins/skip_whole_multipart_get_checksums.rb +31 -0
- data/lib/aws-sdk-s3/plugins/streaming_retry.rb +23 -2
- data/lib/aws-sdk-s3/presigned_post.rb +99 -78
- data/lib/aws-sdk-s3/presigner.rb +24 -29
- data/lib/aws-sdk-s3/resource.rb +25 -3
- data/lib/aws-sdk-s3/types.rb +3307 -4625
- data/lib/aws-sdk-s3.rb +5 -1
- metadata +14 -11
- data/lib/aws-sdk-s3/arn/access_point_arn.rb +0 -69
- data/lib/aws-sdk-s3/arn/object_lambda_arn.rb +0 -69
- data/lib/aws-sdk-s3/arn/outpost_access_point_arn.rb +0 -73
- data/lib/aws-sdk-s3/plugins/object_lambda_endpoint.rb +0 -25
@@ -5,18 +5,8 @@ module Aws
|
|
5
5
|
module Plugins
|
6
6
|
# @api private
|
7
7
|
class Dualstack < Seahorse::Client::Plugin
|
8
|
-
|
9
|
-
option(:use_dualstack_endpoint,
|
10
|
-
default: false,
|
11
|
-
doc_type: 'Boolean',
|
12
|
-
docstring: <<-DOCS)
|
13
|
-
When set to `true`, IPv6-compatible bucket endpoints will be used
|
14
|
-
for all operations.
|
15
|
-
DOCS
|
16
|
-
|
17
|
-
def add_handlers(handlers, config)
|
8
|
+
def add_handlers(handlers, _config)
|
18
9
|
handlers.add(OptionHandler, step: :initialize)
|
19
|
-
handlers.add(DualstackHandler, step: :build, priority: 11)
|
20
10
|
end
|
21
11
|
|
22
12
|
# @api private
|
@@ -27,54 +17,10 @@ for all operations.
|
|
27
17
|
dualstack = context.params.delete(:use_dualstack_endpoint)
|
28
18
|
end
|
29
19
|
dualstack = context.config.use_dualstack_endpoint if dualstack.nil?
|
30
|
-
# Raise if :endpoint and dualstack are both provided
|
31
|
-
if dualstack && !context.config.regional_endpoint
|
32
|
-
raise ArgumentError,
|
33
|
-
'Cannot use both :use_dualstack_endpoint and :endpoint'
|
34
|
-
end
|
35
20
|
context[:use_dualstack_endpoint] = dualstack
|
36
21
|
@handler.call(context)
|
37
22
|
end
|
38
23
|
end
|
39
|
-
|
40
|
-
# @api private
|
41
|
-
class DualstackHandler < Seahorse::Client::Handler
|
42
|
-
def call(context)
|
43
|
-
if context.config.regional_endpoint && use_dualstack_endpoint?(context)
|
44
|
-
apply_dualstack_endpoint(context)
|
45
|
-
end
|
46
|
-
@handler.call(context)
|
47
|
-
end
|
48
|
-
|
49
|
-
private
|
50
|
-
def apply_dualstack_endpoint(context)
|
51
|
-
bucket_name = context.params[:bucket]
|
52
|
-
region = context.config.region
|
53
|
-
dns_suffix = Aws::Partitions::EndpointProvider.dns_suffix_for(region)
|
54
|
-
|
55
|
-
if use_bucket_dns?(bucket_name, context)
|
56
|
-
host = "#{bucket_name}.s3.dualstack.#{region}.#{dns_suffix}"
|
57
|
-
else
|
58
|
-
host = "s3.dualstack.#{region}.#{dns_suffix}"
|
59
|
-
end
|
60
|
-
endpoint = URI.parse(context.http_request.endpoint.to_s)
|
61
|
-
endpoint.scheme = context.http_request.endpoint.scheme
|
62
|
-
endpoint.port = context.http_request.endpoint.port
|
63
|
-
endpoint.host = host
|
64
|
-
context.http_request.endpoint = endpoint.to_s
|
65
|
-
end
|
66
|
-
|
67
|
-
def use_bucket_dns?(bucket_name, context)
|
68
|
-
ssl = context.http_request.endpoint.scheme == "https"
|
69
|
-
bucket_name && BucketDns.dns_compatible?(bucket_name, ssl) &&
|
70
|
-
!context.config.force_path_style
|
71
|
-
end
|
72
|
-
|
73
|
-
def use_dualstack_endpoint?(context)
|
74
|
-
context[:use_dualstack_endpoint] && !context[:use_accelerate_endpoint]
|
75
|
-
end
|
76
|
-
end
|
77
|
-
|
78
24
|
end
|
79
25
|
end
|
80
26
|
end
|
@@ -0,0 +1,262 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# WARNING ABOUT GENERATED CODE
|
4
|
+
#
|
5
|
+
# This file is generated. See the contributing guide for more information:
|
6
|
+
# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
|
7
|
+
#
|
8
|
+
# WARNING ABOUT GENERATED CODE
|
9
|
+
|
10
|
+
|
11
|
+
module Aws::S3
|
12
|
+
module Plugins
|
13
|
+
class Endpoints < Seahorse::Client::Plugin
|
14
|
+
option(
|
15
|
+
:endpoint_provider,
|
16
|
+
doc_type: 'Aws::S3::EndpointProvider',
|
17
|
+
docstring: 'The endpoint provider used to resolve endpoints. Any '\
|
18
|
+
'object that responds to `#resolve_endpoint(parameters)` '\
|
19
|
+
'where `parameters` is a Struct similar to '\
|
20
|
+
'`Aws::S3::EndpointParameters`'
|
21
|
+
) do |cfg|
|
22
|
+
Aws::S3::EndpointProvider.new
|
23
|
+
end
|
24
|
+
|
25
|
+
# @api private
|
26
|
+
class Handler < Seahorse::Client::Handler
|
27
|
+
def call(context)
|
28
|
+
# If endpoint was discovered, do not resolve or apply the endpoint.
|
29
|
+
unless context[:discovered_endpoint]
|
30
|
+
params = parameters_for_operation(context)
|
31
|
+
endpoint = context.config.endpoint_provider.resolve_endpoint(params)
|
32
|
+
|
33
|
+
context.http_request.endpoint = endpoint.url
|
34
|
+
apply_endpoint_headers(context, endpoint.headers)
|
35
|
+
end
|
36
|
+
|
37
|
+
context[:endpoint_params] = params
|
38
|
+
context[:auth_scheme] =
|
39
|
+
Aws::Endpoints.resolve_auth_scheme(context, endpoint)
|
40
|
+
|
41
|
+
@handler.call(context)
|
42
|
+
end
|
43
|
+
|
44
|
+
private
|
45
|
+
|
46
|
+
def apply_endpoint_headers(context, headers)
|
47
|
+
headers.each do |key, values|
|
48
|
+
value = values
|
49
|
+
.compact
|
50
|
+
.map { |s| Seahorse::Util.escape_header_list_string(s.to_s) }
|
51
|
+
.join(',')
|
52
|
+
|
53
|
+
context.http_request.headers[key] = value
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
def parameters_for_operation(context)
|
58
|
+
case context.operation_name
|
59
|
+
when :abort_multipart_upload
|
60
|
+
Aws::S3::Endpoints::AbortMultipartUpload.build(context)
|
61
|
+
when :complete_multipart_upload
|
62
|
+
Aws::S3::Endpoints::CompleteMultipartUpload.build(context)
|
63
|
+
when :copy_object
|
64
|
+
Aws::S3::Endpoints::CopyObject.build(context)
|
65
|
+
when :create_bucket
|
66
|
+
Aws::S3::Endpoints::CreateBucket.build(context)
|
67
|
+
when :create_multipart_upload
|
68
|
+
Aws::S3::Endpoints::CreateMultipartUpload.build(context)
|
69
|
+
when :delete_bucket
|
70
|
+
Aws::S3::Endpoints::DeleteBucket.build(context)
|
71
|
+
when :delete_bucket_analytics_configuration
|
72
|
+
Aws::S3::Endpoints::DeleteBucketAnalyticsConfiguration.build(context)
|
73
|
+
when :delete_bucket_cors
|
74
|
+
Aws::S3::Endpoints::DeleteBucketCors.build(context)
|
75
|
+
when :delete_bucket_encryption
|
76
|
+
Aws::S3::Endpoints::DeleteBucketEncryption.build(context)
|
77
|
+
when :delete_bucket_intelligent_tiering_configuration
|
78
|
+
Aws::S3::Endpoints::DeleteBucketIntelligentTieringConfiguration.build(context)
|
79
|
+
when :delete_bucket_inventory_configuration
|
80
|
+
Aws::S3::Endpoints::DeleteBucketInventoryConfiguration.build(context)
|
81
|
+
when :delete_bucket_lifecycle
|
82
|
+
Aws::S3::Endpoints::DeleteBucketLifecycle.build(context)
|
83
|
+
when :delete_bucket_metrics_configuration
|
84
|
+
Aws::S3::Endpoints::DeleteBucketMetricsConfiguration.build(context)
|
85
|
+
when :delete_bucket_ownership_controls
|
86
|
+
Aws::S3::Endpoints::DeleteBucketOwnershipControls.build(context)
|
87
|
+
when :delete_bucket_policy
|
88
|
+
Aws::S3::Endpoints::DeleteBucketPolicy.build(context)
|
89
|
+
when :delete_bucket_replication
|
90
|
+
Aws::S3::Endpoints::DeleteBucketReplication.build(context)
|
91
|
+
when :delete_bucket_tagging
|
92
|
+
Aws::S3::Endpoints::DeleteBucketTagging.build(context)
|
93
|
+
when :delete_bucket_website
|
94
|
+
Aws::S3::Endpoints::DeleteBucketWebsite.build(context)
|
95
|
+
when :delete_object
|
96
|
+
Aws::S3::Endpoints::DeleteObject.build(context)
|
97
|
+
when :delete_object_tagging
|
98
|
+
Aws::S3::Endpoints::DeleteObjectTagging.build(context)
|
99
|
+
when :delete_objects
|
100
|
+
Aws::S3::Endpoints::DeleteObjects.build(context)
|
101
|
+
when :delete_public_access_block
|
102
|
+
Aws::S3::Endpoints::DeletePublicAccessBlock.build(context)
|
103
|
+
when :get_bucket_accelerate_configuration
|
104
|
+
Aws::S3::Endpoints::GetBucketAccelerateConfiguration.build(context)
|
105
|
+
when :get_bucket_acl
|
106
|
+
Aws::S3::Endpoints::GetBucketAcl.build(context)
|
107
|
+
when :get_bucket_analytics_configuration
|
108
|
+
Aws::S3::Endpoints::GetBucketAnalyticsConfiguration.build(context)
|
109
|
+
when :get_bucket_cors
|
110
|
+
Aws::S3::Endpoints::GetBucketCors.build(context)
|
111
|
+
when :get_bucket_encryption
|
112
|
+
Aws::S3::Endpoints::GetBucketEncryption.build(context)
|
113
|
+
when :get_bucket_intelligent_tiering_configuration
|
114
|
+
Aws::S3::Endpoints::GetBucketIntelligentTieringConfiguration.build(context)
|
115
|
+
when :get_bucket_inventory_configuration
|
116
|
+
Aws::S3::Endpoints::GetBucketInventoryConfiguration.build(context)
|
117
|
+
when :get_bucket_lifecycle
|
118
|
+
Aws::S3::Endpoints::GetBucketLifecycle.build(context)
|
119
|
+
when :get_bucket_lifecycle_configuration
|
120
|
+
Aws::S3::Endpoints::GetBucketLifecycleConfiguration.build(context)
|
121
|
+
when :get_bucket_location
|
122
|
+
Aws::S3::Endpoints::GetBucketLocation.build(context)
|
123
|
+
when :get_bucket_logging
|
124
|
+
Aws::S3::Endpoints::GetBucketLogging.build(context)
|
125
|
+
when :get_bucket_metrics_configuration
|
126
|
+
Aws::S3::Endpoints::GetBucketMetricsConfiguration.build(context)
|
127
|
+
when :get_bucket_notification
|
128
|
+
Aws::S3::Endpoints::GetBucketNotification.build(context)
|
129
|
+
when :get_bucket_notification_configuration
|
130
|
+
Aws::S3::Endpoints::GetBucketNotificationConfiguration.build(context)
|
131
|
+
when :get_bucket_ownership_controls
|
132
|
+
Aws::S3::Endpoints::GetBucketOwnershipControls.build(context)
|
133
|
+
when :get_bucket_policy
|
134
|
+
Aws::S3::Endpoints::GetBucketPolicy.build(context)
|
135
|
+
when :get_bucket_policy_status
|
136
|
+
Aws::S3::Endpoints::GetBucketPolicyStatus.build(context)
|
137
|
+
when :get_bucket_replication
|
138
|
+
Aws::S3::Endpoints::GetBucketReplication.build(context)
|
139
|
+
when :get_bucket_request_payment
|
140
|
+
Aws::S3::Endpoints::GetBucketRequestPayment.build(context)
|
141
|
+
when :get_bucket_tagging
|
142
|
+
Aws::S3::Endpoints::GetBucketTagging.build(context)
|
143
|
+
when :get_bucket_versioning
|
144
|
+
Aws::S3::Endpoints::GetBucketVersioning.build(context)
|
145
|
+
when :get_bucket_website
|
146
|
+
Aws::S3::Endpoints::GetBucketWebsite.build(context)
|
147
|
+
when :get_object
|
148
|
+
Aws::S3::Endpoints::GetObject.build(context)
|
149
|
+
when :get_object_acl
|
150
|
+
Aws::S3::Endpoints::GetObjectAcl.build(context)
|
151
|
+
when :get_object_attributes
|
152
|
+
Aws::S3::Endpoints::GetObjectAttributes.build(context)
|
153
|
+
when :get_object_legal_hold
|
154
|
+
Aws::S3::Endpoints::GetObjectLegalHold.build(context)
|
155
|
+
when :get_object_lock_configuration
|
156
|
+
Aws::S3::Endpoints::GetObjectLockConfiguration.build(context)
|
157
|
+
when :get_object_retention
|
158
|
+
Aws::S3::Endpoints::GetObjectRetention.build(context)
|
159
|
+
when :get_object_tagging
|
160
|
+
Aws::S3::Endpoints::GetObjectTagging.build(context)
|
161
|
+
when :get_object_torrent
|
162
|
+
Aws::S3::Endpoints::GetObjectTorrent.build(context)
|
163
|
+
when :get_public_access_block
|
164
|
+
Aws::S3::Endpoints::GetPublicAccessBlock.build(context)
|
165
|
+
when :head_bucket
|
166
|
+
Aws::S3::Endpoints::HeadBucket.build(context)
|
167
|
+
when :head_object
|
168
|
+
Aws::S3::Endpoints::HeadObject.build(context)
|
169
|
+
when :list_bucket_analytics_configurations
|
170
|
+
Aws::S3::Endpoints::ListBucketAnalyticsConfigurations.build(context)
|
171
|
+
when :list_bucket_intelligent_tiering_configurations
|
172
|
+
Aws::S3::Endpoints::ListBucketIntelligentTieringConfigurations.build(context)
|
173
|
+
when :list_bucket_inventory_configurations
|
174
|
+
Aws::S3::Endpoints::ListBucketInventoryConfigurations.build(context)
|
175
|
+
when :list_bucket_metrics_configurations
|
176
|
+
Aws::S3::Endpoints::ListBucketMetricsConfigurations.build(context)
|
177
|
+
when :list_buckets
|
178
|
+
Aws::S3::Endpoints::ListBuckets.build(context)
|
179
|
+
when :list_multipart_uploads
|
180
|
+
Aws::S3::Endpoints::ListMultipartUploads.build(context)
|
181
|
+
when :list_object_versions
|
182
|
+
Aws::S3::Endpoints::ListObjectVersions.build(context)
|
183
|
+
when :list_objects
|
184
|
+
Aws::S3::Endpoints::ListObjects.build(context)
|
185
|
+
when :list_objects_v2
|
186
|
+
Aws::S3::Endpoints::ListObjectsV2.build(context)
|
187
|
+
when :list_parts
|
188
|
+
Aws::S3::Endpoints::ListParts.build(context)
|
189
|
+
when :put_bucket_accelerate_configuration
|
190
|
+
Aws::S3::Endpoints::PutBucketAccelerateConfiguration.build(context)
|
191
|
+
when :put_bucket_acl
|
192
|
+
Aws::S3::Endpoints::PutBucketAcl.build(context)
|
193
|
+
when :put_bucket_analytics_configuration
|
194
|
+
Aws::S3::Endpoints::PutBucketAnalyticsConfiguration.build(context)
|
195
|
+
when :put_bucket_cors
|
196
|
+
Aws::S3::Endpoints::PutBucketCors.build(context)
|
197
|
+
when :put_bucket_encryption
|
198
|
+
Aws::S3::Endpoints::PutBucketEncryption.build(context)
|
199
|
+
when :put_bucket_intelligent_tiering_configuration
|
200
|
+
Aws::S3::Endpoints::PutBucketIntelligentTieringConfiguration.build(context)
|
201
|
+
when :put_bucket_inventory_configuration
|
202
|
+
Aws::S3::Endpoints::PutBucketInventoryConfiguration.build(context)
|
203
|
+
when :put_bucket_lifecycle
|
204
|
+
Aws::S3::Endpoints::PutBucketLifecycle.build(context)
|
205
|
+
when :put_bucket_lifecycle_configuration
|
206
|
+
Aws::S3::Endpoints::PutBucketLifecycleConfiguration.build(context)
|
207
|
+
when :put_bucket_logging
|
208
|
+
Aws::S3::Endpoints::PutBucketLogging.build(context)
|
209
|
+
when :put_bucket_metrics_configuration
|
210
|
+
Aws::S3::Endpoints::PutBucketMetricsConfiguration.build(context)
|
211
|
+
when :put_bucket_notification
|
212
|
+
Aws::S3::Endpoints::PutBucketNotification.build(context)
|
213
|
+
when :put_bucket_notification_configuration
|
214
|
+
Aws::S3::Endpoints::PutBucketNotificationConfiguration.build(context)
|
215
|
+
when :put_bucket_ownership_controls
|
216
|
+
Aws::S3::Endpoints::PutBucketOwnershipControls.build(context)
|
217
|
+
when :put_bucket_policy
|
218
|
+
Aws::S3::Endpoints::PutBucketPolicy.build(context)
|
219
|
+
when :put_bucket_replication
|
220
|
+
Aws::S3::Endpoints::PutBucketReplication.build(context)
|
221
|
+
when :put_bucket_request_payment
|
222
|
+
Aws::S3::Endpoints::PutBucketRequestPayment.build(context)
|
223
|
+
when :put_bucket_tagging
|
224
|
+
Aws::S3::Endpoints::PutBucketTagging.build(context)
|
225
|
+
when :put_bucket_versioning
|
226
|
+
Aws::S3::Endpoints::PutBucketVersioning.build(context)
|
227
|
+
when :put_bucket_website
|
228
|
+
Aws::S3::Endpoints::PutBucketWebsite.build(context)
|
229
|
+
when :put_object
|
230
|
+
Aws::S3::Endpoints::PutObject.build(context)
|
231
|
+
when :put_object_acl
|
232
|
+
Aws::S3::Endpoints::PutObjectAcl.build(context)
|
233
|
+
when :put_object_legal_hold
|
234
|
+
Aws::S3::Endpoints::PutObjectLegalHold.build(context)
|
235
|
+
when :put_object_lock_configuration
|
236
|
+
Aws::S3::Endpoints::PutObjectLockConfiguration.build(context)
|
237
|
+
when :put_object_retention
|
238
|
+
Aws::S3::Endpoints::PutObjectRetention.build(context)
|
239
|
+
when :put_object_tagging
|
240
|
+
Aws::S3::Endpoints::PutObjectTagging.build(context)
|
241
|
+
when :put_public_access_block
|
242
|
+
Aws::S3::Endpoints::PutPublicAccessBlock.build(context)
|
243
|
+
when :restore_object
|
244
|
+
Aws::S3::Endpoints::RestoreObject.build(context)
|
245
|
+
when :select_object_content
|
246
|
+
Aws::S3::Endpoints::SelectObjectContent.build(context)
|
247
|
+
when :upload_part
|
248
|
+
Aws::S3::Endpoints::UploadPart.build(context)
|
249
|
+
when :upload_part_copy
|
250
|
+
Aws::S3::Endpoints::UploadPartCopy.build(context)
|
251
|
+
when :write_get_object_response
|
252
|
+
Aws::S3::Endpoints::WriteGetObjectResponse.build(context)
|
253
|
+
end
|
254
|
+
end
|
255
|
+
end
|
256
|
+
|
257
|
+
def add_handlers(handlers, _config)
|
258
|
+
handlers.add(Handler, step: :build, priority: 75)
|
259
|
+
end
|
260
|
+
end
|
261
|
+
end
|
262
|
+
end
|
@@ -16,7 +16,8 @@ module Aws
|
|
16
16
|
|
17
17
|
def call(context)
|
18
18
|
body = context.http_request.body
|
19
|
-
if body.respond_to?(:size) && body.size > 0
|
19
|
+
if body.respond_to?(:size) && body.size > 0 &&
|
20
|
+
!context[:use_accelerate_endpoint]
|
20
21
|
context.http_request.headers['expect'] = '100-continue'
|
21
22
|
end
|
22
23
|
@handler.call(context)
|
@@ -16,40 +16,17 @@ Defaults to `legacy` mode which uses the global endpoint.
|
|
16
16
|
resolve_iad_regional_endpoint(cfg)
|
17
17
|
end
|
18
18
|
|
19
|
-
def add_handlers(handlers, config)
|
20
|
-
# only modify non-custom endpoints
|
21
|
-
if config.regional_endpoint && config.region == 'us-east-1'
|
22
|
-
handlers.add(Handler)
|
23
|
-
end
|
24
|
-
end
|
25
|
-
|
26
|
-
# @api private
|
27
|
-
class Handler < Seahorse::Client::Handler
|
28
|
-
|
29
|
-
def call(context)
|
30
|
-
# WriteGetObjectResponse does not have a global endpoint
|
31
|
-
# ARNs are regionalized, so don't touch those either.
|
32
|
-
if context.operation.name != 'WriteGetObjectResponse' &&
|
33
|
-
context.config.s3_us_east_1_regional_endpoint == 'legacy' &&
|
34
|
-
!context.metadata[:s3_arn]
|
35
|
-
host = context.http_request.endpoint.host
|
36
|
-
legacy_host = IADRegionalEndpoint.legacy_host(host)
|
37
|
-
context.http_request.endpoint.host = legacy_host
|
38
|
-
end
|
39
|
-
@handler.call(context)
|
40
|
-
end
|
41
|
-
|
42
|
-
end
|
43
|
-
|
44
|
-
def self.legacy_host(host)
|
45
|
-
host.sub(".us-east-1", '')
|
46
|
-
end
|
47
|
-
|
48
19
|
private
|
49
20
|
|
50
21
|
def self.resolve_iad_regional_endpoint(cfg)
|
22
|
+
default_mode_value =
|
23
|
+
if cfg.respond_to?(:defaults_mode_config_resolver)
|
24
|
+
cfg.defaults_mode_config_resolver.resolve(:s3_us_east_1_regional_endpoint)
|
25
|
+
end
|
26
|
+
|
51
27
|
mode = ENV['AWS_S3_US_EAST_1_REGIONAL_ENDPOINT'] ||
|
52
28
|
Aws.shared_config.s3_us_east_1_regional_endpoint(profile: cfg.profile) ||
|
29
|
+
default_mode_value ||
|
53
30
|
'legacy'
|
54
31
|
mode = mode.downcase
|
55
32
|
unless %w(legacy regional).include?(mode)
|
@@ -22,9 +22,11 @@ module Aws
|
|
22
22
|
CHUNK_SIZE = 1 * 1024 * 1024 # one MB
|
23
23
|
|
24
24
|
def call(context)
|
25
|
-
|
26
|
-
|
27
|
-
|
25
|
+
if !context[:checksum_algorithms] # skip in favor of flexible checksum
|
26
|
+
body = context.http_request.body
|
27
|
+
if body.respond_to?(:size) && body.size > 0
|
28
|
+
context.http_request.headers['Content-Md5'] ||= md5(body)
|
29
|
+
end
|
28
30
|
end
|
29
31
|
@handler.call(context)
|
30
32
|
end
|
@@ -5,26 +5,13 @@ require 'aws-sigv4'
|
|
5
5
|
module Aws
|
6
6
|
module S3
|
7
7
|
module Plugins
|
8
|
-
# This plugin
|
8
|
+
# This plugin used to have a V4 signer but it was removed in favor of
|
9
|
+
# generic Sign plugin that uses endpoint auth scheme.
|
10
|
+
#
|
9
11
|
# @api private
|
10
12
|
class S3Signer < Seahorse::Client::Plugin
|
11
13
|
option(:signature_version, 'v4')
|
12
14
|
|
13
|
-
option(:sigv4_signer) do |cfg|
|
14
|
-
S3Signer.build_v4_signer(
|
15
|
-
service: 's3',
|
16
|
-
region: cfg.sigv4_region,
|
17
|
-
credentials: cfg.credentials
|
18
|
-
)
|
19
|
-
end
|
20
|
-
|
21
|
-
option(:sigv4_region) do |cfg|
|
22
|
-
# S3 removes core's signature_v4 plugin that checks for this
|
23
|
-
raise Aws::Errors::MissingRegionError if cfg.region.nil?
|
24
|
-
|
25
|
-
Aws::Partitions::EndpointProvider.signing_region(cfg.region, 's3')
|
26
|
-
end
|
27
|
-
|
28
15
|
def add_handlers(handlers, cfg)
|
29
16
|
case cfg.signature_version
|
30
17
|
when 'v4' then add_v4_handlers(handlers)
|
@@ -37,11 +24,11 @@ module Aws
|
|
37
24
|
|
38
25
|
def add_v4_handlers(handlers)
|
39
26
|
handlers.add(CachedBucketRegionHandler, step: :sign, priority: 60)
|
40
|
-
handlers.add(V4Handler, step: :sign)
|
41
27
|
handlers.add(BucketRegionErrorHandler, step: :sign, priority: 40)
|
42
28
|
end
|
43
29
|
|
44
30
|
def add_legacy_handler(handlers)
|
31
|
+
# generic Sign plugin will be skipped if it sees sigv2
|
45
32
|
handlers.add(LegacyHandler, step: :sign)
|
46
33
|
end
|
47
34
|
|
@@ -52,45 +39,6 @@ module Aws
|
|
52
39
|
end
|
53
40
|
end
|
54
41
|
|
55
|
-
class V4Handler < Seahorse::Client::Handler
|
56
|
-
def call(context)
|
57
|
-
Aws::Plugins::SignatureV4.apply_signature(
|
58
|
-
context: context,
|
59
|
-
signer: sigv4_signer(context)
|
60
|
-
)
|
61
|
-
@handler.call(context)
|
62
|
-
end
|
63
|
-
|
64
|
-
private
|
65
|
-
|
66
|
-
def sigv4_signer(context)
|
67
|
-
# If the client was configured with the wrong region,
|
68
|
-
# we have to build a new signer.
|
69
|
-
if context[:cached_sigv4_region] &&
|
70
|
-
context[:cached_sigv4_region] != context.config.sigv4_signer.region
|
71
|
-
S3Signer.build_v4_signer(
|
72
|
-
service: 's3',
|
73
|
-
region: context[:cached_sigv4_region],
|
74
|
-
credentials: context.config.credentials
|
75
|
-
)
|
76
|
-
elsif (arn = context.metadata[:s3_arn])
|
77
|
-
S3Signer.build_v4_signer(
|
78
|
-
service: arn[:arn].service,
|
79
|
-
region: arn[:resolved_region],
|
80
|
-
credentials: context.config.credentials
|
81
|
-
)
|
82
|
-
elsif context.operation.name == 'WriteGetObjectResponse'
|
83
|
-
S3Signer.build_v4_signer(
|
84
|
-
service: 's3-object-lambda',
|
85
|
-
region: context.config.sigv4_region,
|
86
|
-
credentials: context.config.credentials
|
87
|
-
)
|
88
|
-
else
|
89
|
-
context.config.sigv4_signer
|
90
|
-
end
|
91
|
-
end
|
92
|
-
end
|
93
|
-
|
94
42
|
# This handler will update the http endpoint when the bucket region
|
95
43
|
# is known/cached.
|
96
44
|
class CachedBucketRegionHandler < Seahorse::Client::Handler
|
@@ -104,11 +52,13 @@ module Aws
|
|
104
52
|
|
105
53
|
def check_for_cached_region(context, bucket)
|
106
54
|
cached_region = S3::BUCKET_REGIONS[bucket]
|
107
|
-
if cached_region &&
|
55
|
+
if cached_region &&
|
56
|
+
cached_region != context.config.region &&
|
57
|
+
!S3Signer.custom_endpoint?(context)
|
108
58
|
context.http_request.endpoint.host = S3Signer.new_hostname(
|
109
59
|
context, cached_region
|
110
60
|
)
|
111
|
-
context[:
|
61
|
+
context[:sigv4_region] = cached_region # Sign plugin will use this
|
112
62
|
end
|
113
63
|
end
|
114
64
|
end
|
@@ -116,7 +66,8 @@ module Aws
|
|
116
66
|
# This handler detects when a request fails because of a mismatched bucket
|
117
67
|
# region. It follows up by making a request to determine the correct
|
118
68
|
# region, then finally a version 4 signed request against the correct
|
119
|
-
# regional endpoint.
|
69
|
+
# regional endpoint. This is intended for s3's global endpoint which
|
70
|
+
# will return 400 if the bucket is not in region.
|
120
71
|
class BucketRegionErrorHandler < Seahorse::Client::Handler
|
121
72
|
def call(context)
|
122
73
|
response = @handler.call(context)
|
@@ -128,7 +79,8 @@ module Aws
|
|
128
79
|
def handle_region_errors(response)
|
129
80
|
if wrong_sigv4_region?(response) &&
|
130
81
|
!fips_region?(response) &&
|
131
|
-
!custom_endpoint?(response)
|
82
|
+
!S3Signer.custom_endpoint?(response.context) &&
|
83
|
+
!expired_credentials?(response)
|
132
84
|
get_region_and_retry(response.context)
|
133
85
|
else
|
134
86
|
response
|
@@ -149,14 +101,11 @@ module Aws
|
|
149
101
|
end
|
150
102
|
|
151
103
|
def fips_region?(resp)
|
152
|
-
resp.context.http_request.endpoint.host.include?('fips')
|
104
|
+
resp.context.http_request.endpoint.host.include?('s3-fips.')
|
153
105
|
end
|
154
106
|
|
155
|
-
def
|
156
|
-
|
157
|
-
resp.context.config.region
|
158
|
-
)
|
159
|
-
!resp.context.http_request.endpoint.hostname.include?(resolved_suffix)
|
107
|
+
def expired_credentials?(resp)
|
108
|
+
resp.context.http_response.body_contents.match(/<Code>ExpiredToken<\/Code>/)
|
160
109
|
end
|
161
110
|
|
162
111
|
def wrong_sigv4_region?(resp)
|
@@ -171,18 +120,14 @@ module Aws
|
|
171
120
|
context, actual_region
|
172
121
|
)
|
173
122
|
context.metadata[:redirect_region] = actual_region
|
174
|
-
|
175
|
-
|
176
|
-
|
177
|
-
|
178
|
-
|
179
|
-
context: context,
|
180
|
-
signer: S3Signer.build_v4_signer(
|
181
|
-
service: service || 's3',
|
182
|
-
region: actual_region,
|
183
|
-
credentials: context.config.credentials
|
184
|
-
)
|
123
|
+
|
124
|
+
signer = Aws::Plugins::Sign.signer_for(
|
125
|
+
context[:auth_scheme],
|
126
|
+
context.config,
|
127
|
+
actual_region
|
185
128
|
)
|
129
|
+
|
130
|
+
signer.sign(context)
|
186
131
|
end
|
187
132
|
|
188
133
|
def region_from_body(body)
|
@@ -208,32 +153,22 @@ module Aws
|
|
208
153
|
end
|
209
154
|
|
210
155
|
class << self
|
211
|
-
|
212
|
-
|
213
|
-
|
214
|
-
|
215
|
-
|
216
|
-
|
217
|
-
|
218
|
-
credentials_provider: options[:credentials],
|
219
|
-
uri_escape_path: false,
|
220
|
-
unsigned_headers: ['content-length', 'x-amzn-trace-id']
|
221
|
-
)
|
156
|
+
def new_hostname(context, region)
|
157
|
+
endpoint_params = context[:endpoint_params].dup
|
158
|
+
endpoint_params.region = region
|
159
|
+
endpoint_params.endpoint = nil
|
160
|
+
endpoint =
|
161
|
+
context.config.endpoint_provider.resolve_endpoint(endpoint_params)
|
162
|
+
URI(endpoint.url).host
|
222
163
|
end
|
223
164
|
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
Aws::Partitions::EndpointProvider.resolve(region, 's3')
|
229
|
-
)
|
165
|
+
def custom_endpoint?(context)
|
166
|
+
region = context.config.region
|
167
|
+
partition = Aws::Endpoints::Matchers.aws_partition(region)
|
168
|
+
endpoint = context.http_request.endpoint
|
230
169
|
|
231
|
-
|
232
|
-
|
233
|
-
ARN.resolve_url!(uri, arn[:arn], region).host
|
234
|
-
else
|
235
|
-
"#{context.params[:bucket]}.#{uri.host}"
|
236
|
-
end
|
170
|
+
!endpoint.hostname.include?(partition['dnsSuffix']) &&
|
171
|
+
!endpoint.hostname.include?(partition['dualStackDnsSuffix'])
|
237
172
|
end
|
238
173
|
end
|
239
174
|
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Aws
|
4
|
+
module S3
|
5
|
+
module Plugins
|
6
|
+
|
7
|
+
# S3 GetObject results for whole Multipart Objects contain a checksum
|
8
|
+
# that cannot be validated. These should be skipped by the
|
9
|
+
# ChecksumAlgorithm plugin.
|
10
|
+
class SkipWholeMultipartGetChecksums < Seahorse::Client::Plugin
|
11
|
+
|
12
|
+
class Handler < Seahorse::Client::Handler
|
13
|
+
|
14
|
+
def call(context)
|
15
|
+
context[:http_checksum] ||= {}
|
16
|
+
context[:http_checksum][:skip_on_suffix] = true
|
17
|
+
|
18
|
+
@handler.call(context)
|
19
|
+
end
|
20
|
+
|
21
|
+
end
|
22
|
+
|
23
|
+
handler(
|
24
|
+
Handler,
|
25
|
+
step: :initialize,
|
26
|
+
operations: [:get_object]
|
27
|
+
)
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|