aws-sdk-sns 1.0.0.rc1

data/lib/aws-sdk-sns/customizations.rb

@@ -0,0 +1,2 @@
+# utility classes
+require 'aws-sdk-sns/message_verifier'

data/lib/aws-sdk-sns/errors.rb

@@ -0,0 +1,23 @@
+# WARNING ABOUT GENERATED CODE
+#
+# This file is generated. See the contributing for info on making contributions:
+# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
+#
+# WARNING ABOUT GENERATED CODE
+
+module Aws
+  module SNS
+    module Errors
+
+      extend Aws::Errors::DynamicErrors
+
+      # Raised when calling #load or #data on a resource class that can not be
+      # loaded.  This can happen when:
+      #
+      # * A resource class has identifiers, but no data attributes.
+      # * Resource data is only available when making an API call that
+      # enumerates all resources of that type.
+      class ResourceNotLoadable < RuntimeError; end
+    end
+  end
+end

data/lib/aws-sdk-sns/message_verifier.rb

@@ -0,0 +1,157 @@
+require 'net/http'
+require 'openssl'
+require 'base64'
+
+module Aws
+  module SNS
+
+    # A utility class that can be used to verify the authenticity of messages
+    # sent by Amazon SNS.
+    #
+    #     verifier = Aws::SNS::MessageVerifier.new
+    #
+    #     # returns true/false
+    #     verifier.authentic?(message_body)
+    #
+    #     # raises a Aws::SNS::MessageVerifier::VerificationError on failure
+    #     verifier.authenticate!(message_body)
+    #
+    # You can re-use a single {MessageVerifier} instance to authenticate
+    # multiple SNS messages.
+    class MessageVerifier
+
+      class VerificationError < StandardError; end
+
+      # @api private
+      SIGNABLE_KEYS = [
+        'Message',
+        'MessageId',
+        'Subject',
+        'SubscribeURL',
+        'Timestamp',
+        'Token',
+        'TopicArn',
+        'Type',
+      ].freeze
+
+      # @api private
+      AWS_HOSTNAMES = [
+        /^sns\.[a-zA-Z0-9\-]{3,}\.amazonaws\.com(\.cn)?$/
+      ]
+
+      def initialize
+        @cached_pems = {}
+      end
+
+      # @param [String<JSON>] message_body
+      # @return [Boolean] Returns `true` if the given message has been
+      #   successfully verified. Returns `false` otherwise.
+      def authentic?(message_body)
+        authenticate!(message_body)
+      rescue VerificationError
+        false
+      end
+
+      # @param [String<JSON>] message_body
+      # @return [Boolean] Returns `true` when the given message has been
+      #   successfully verified.
+      # @raise [VerificationError] Raised when the given message has failed
+      #   verification.
+      def authenticate!(message_body)
+        msg = Json.load(message_body)
+        if public_key(msg).verify(sha1, signature(msg), canonical_string(msg))
+          true
+        else
+          msg = 'the authenticity of the message cannot be verified'
+          raise VerificationError, msg
+        end
+      end
+
+      private
+
+      def sha1
+        OpenSSL::Digest::SHA1.new
+      end
+
+      def signature(message)
+        Base64.decode64(message['Signature'])
+      end
+
+      def canonical_string(message)
+        parts = []
+        SIGNABLE_KEYS.each do |key|
+          value = message[key]
+          unless value.nil? or value.empty?
+            parts << "#{key}\n#{value}\n"
+          end
+        end
+        parts.join
+      end
+
+      def public_key(message)
+        x509_url = URI.parse(message['SigningCertURL'])
+        x509 = OpenSSL::X509::Certificate.new(pem(x509_url))
+        OpenSSL::PKey::RSA.new(x509.public_key)
+      end
+
+      def pem(uri)
+        if @cached_pems[uri.to_s]
+          @cached_pems[uri.to_s]
+        else
+          @cached_pems[uri.to_s] = download_pem(uri)
+        end
+      end
+
+      def download_pem(uri)
+        verify_uri!(uri)
+        https_get(uri)
+      end
+
+      def verify_uri!(uri)
+        verify_https!(uri)
+        verify_hosted_by_aws!(uri)
+        verify_pem!(uri)
+      end
+
+      def verify_https!(uri)
+        unless uri.scheme == 'https'
+          msg = "the SigningCertURL must be https, got: #{uri}"
+          raise VerificationError, msg
+        end
+      end
+
+      def verify_hosted_by_aws!(uri)
+        unless AWS_HOSTNAMES.any? { |pattern| pattern.match(uri.host) }
+          msg = "signing cert is not hosted by AWS: #{uri}"
+          raise VerificationError, msg
+        end
+      end
+
+      def verify_pem!(uri)
+        unless File.extname(uri.path) == '.pem'
+          msg = "the SigningCertURL must link to a .pem file"
+          raise VerificationError, msg
+        end
+      end
+
+      def https_get(uri, failed_attempts = 0)
+        http = Net::HTTP.new(uri.host, uri.port)
+        http.use_ssl = true
+        http.verify_mode = OpenSSL::SSL::VERIFY_PEER
+        http.start
+        resp = http.request(Net::HTTP::Get.new(uri.request_uri))
+        http.finish
+        if resp.code == '200'
+          resp.body
+        else
+          raise VerificationError, resp.body
+        end
+      rescue => error
+        failed_attempts += 1
+        retry if failed_attempts < 3
+        raise VerificationError, error.message
+      end
+
+    end
+  end
+end

data/lib/aws-sdk-sns/platform_application.rb

@@ -0,0 +1,235 @@
+# WARNING ABOUT GENERATED CODE
+#
+# This file is generated. See the contributing for info on making contributions:
+# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
+#
+# WARNING ABOUT GENERATED CODE
+
+module Aws
+  module SNS
+    class PlatformApplication
+
+      extend Aws::Deprecations
+
+      # @overload def initialize(arn, options = {})
+      #   @param [String] arn
+      #   @option options [Client] :client
+      # @overload def initialize(options = {})
+      #   @option options [required, String] :arn
+      #   @option options [Client] :client
+      def initialize(*args)
+        options = Hash === args.last ? args.pop.dup : {}
+        @arn = extract_arn(args, options)
+        @data = options.delete(:data)
+        @client = options.delete(:client) || Client.new(options)
+      end
+
+      # @!group Read-Only Attributes
+
+      # @return [String]
+      def arn
+        @arn
+      end
+
+      # Attributes include the following:
+      #
+      # * `EventEndpointCreated` -- Topic ARN to which EndpointCreated event
+      #   notifications should be sent.
+      #
+      # * `EventEndpointDeleted` -- Topic ARN to which EndpointDeleted event
+      #   notifications should be sent.
+      #
+      # * `EventEndpointUpdated` -- Topic ARN to which EndpointUpdate event
+      #   notifications should be sent.
+      #
+      # * `EventDeliveryFailure` -- Topic ARN to which DeliveryFailure event
+      #   notifications should be sent upon Direct Publish delivery failure
+      #   (permanent) to one of the application's endpoints.
+      # @return [Hash<String,String>]
+      def attributes
+        data.attributes
+      end
+
+      # @!endgroup
+
+      # @return [Client]
+      def client
+        @client
+      end
+
+      # Loads, or reloads {#data} for the current {PlatformApplication}.
+      # Returns `self` making it possible to chain methods.
+      #
+      #     platform_application.reload.data
+      #
+      # @return [self]
+      def load
+        resp = @client.get_platform_application_attributes(platform_application_arn: @arn)
+        @data = resp.data
+        self
+      end
+      alias :reload :load
+
+      # @return [Types::GetPlatformApplicationAttributesResponse]
+      #   Returns the data for this {PlatformApplication}. Calls
+      #   {Client#get_platform_application_attributes} if {#data_loaded?} is `false`.
+      def data
+        load unless @data
+        @data
+      end
+
+      # @return [Boolean]
+      #   Returns `true` if this resource is loaded.  Accessing attributes or
+      #   {#data} on an unloaded resource will trigger a call to {#load}.
+      def data_loaded?
+        !!@data
+      end
+
+      # @!group Actions
+
+      # @example Request syntax with placeholder values
+      #
+      #   platformendpoint = platform_application.create_platform_endpoint({
+      #     token: "String", # required
+      #     custom_user_data: "String",
+      #     attributes: {
+      #       "String" => "String",
+      #     },
+      #   })
+      # @param [Hash] options ({})
+      # @option options [required, String] :token
+      #   Unique identifier created by the notification service for an app on a
+      #   device. The specific name for Token will vary, depending on which
+      #   notification service is being used. For example, when using APNS as
+      #   the notification service, you need the device token. Alternatively,
+      #   when using GCM or ADM, the device token equivalent is called the
+      #   registration ID.
+      # @option options [String] :custom_user_data
+      #   Arbitrary user data to associate with the endpoint. Amazon SNS does
+      #   not use this data. The data must be in UTF-8 format and less than 2KB.
+      # @option options [Hash<String,String>] :attributes
+      #   For a list of attributes, see [SetEndpointAttributes][1].
+      #
+      #
+      #
+      #   [1]: http://docs.aws.amazon.com/sns/latest/api/API_SetEndpointAttributes.html
+      # @return [PlatformEndpoint]
+      def create_platform_endpoint(options = {})
+        options = options.merge(platform_application_arn: @arn)
+        resp = @client.create_platform_endpoint(options)
+        PlatformEndpoint.new(
+          arn: resp.data.endpoint_arn,
+          client: @client
+        )
+      end
+
+      # @example Request syntax with placeholder values
+      #
+      #   platform_application.delete()
+      # @param [Hash] options ({})
+      # @return [EmptyStructure]
+      def delete(options = {})
+        options = options.merge(platform_application_arn: @arn)
+        resp = @client.delete_platform_application(options)
+        resp.data
+      end
+
+      # @example Request syntax with placeholder values
+      #
+      #   platform_application.set_attributes({
+      #     attributes: { # required
+      #       "String" => "String",
+      #     },
+      #   })
+      # @param [Hash] options ({})
+      # @option options [required, Hash<String,String>] :attributes
+      #   A map of the platform application attributes. Attributes in this map
+      #   include the following:
+      #
+      #   * `PlatformCredential` -- The credential received from the
+      #     notification service. For APNS/APNS\_SANDBOX, PlatformCredential is
+      #     private key. For GCM, PlatformCredential is "API key". For ADM,
+      #     PlatformCredential is "client secret".
+      #
+      #   * `PlatformPrincipal` -- The principal received from the notification
+      #     service. For APNS/APNS\_SANDBOX, PlatformPrincipal is SSL
+      #     certificate. For GCM, PlatformPrincipal is not applicable. For ADM,
+      #     PlatformPrincipal is "client id".
+      #
+      #   * `EventEndpointCreated` -- Topic ARN to which EndpointCreated event
+      #     notifications should be sent.
+      #
+      #   * `EventEndpointDeleted` -- Topic ARN to which EndpointDeleted event
+      #     notifications should be sent.
+      #
+      #   * `EventEndpointUpdated` -- Topic ARN to which EndpointUpdate event
+      #     notifications should be sent.
+      #
+      #   * `EventDeliveryFailure` -- Topic ARN to which DeliveryFailure event
+      #     notifications should be sent upon Direct Publish delivery failure
+      #     (permanent) to one of the application's endpoints.
+      #
+      #   * `SuccessFeedbackRoleArn` -- IAM role ARN used to give Amazon SNS
+      #     write access to use CloudWatch Logs on your behalf.
+      #
+      #   * `FailureFeedbackRoleArn` -- IAM role ARN used to give Amazon SNS
+      #     write access to use CloudWatch Logs on your behalf.
+      #
+      #   * `SuccessFeedbackSampleRate` -- Sample rate percentage (0-100) of
+      #     successfully delivered messages.
+      # @return [EmptyStructure]
+      def set_attributes(options = {})
+        options = options.merge(platform_application_arn: @arn)
+        resp = @client.set_platform_application_attributes(options)
+        resp.data
+      end
+
+      # @!group Associations
+
+      # @example Request syntax with placeholder values
+      #
+      #   endpoints = platform_application.endpoints()
+      # @param [Hash] options ({})
+      # @return [PlatformEndpoint::Collection]
+      def endpoints(options = {})
+        batches = Enumerator.new do |y|
+          options = options.merge(platform_application_arn: @arn)
+          resp = @client.list_endpoints_by_platform_application(options)
+          resp.each_page do |page|
+            batch = []
+            page.data.endpoints.each do |e|
+              batch << PlatformEndpoint.new(
+                arn: e.endpoint_arn,
+                client: @client
+              )
+            end
+            y.yield(batch)
+          end
+        end
+        PlatformEndpoint::Collection.new(batches)
+      end
+
+      # @deprecated
+      # @api private
+      def identifiers
+        { arn: @arn }
+      end
+      deprecated(:identifiers)
+
+      private
+
+      def extract_arn(args, options)
+        value = args[0] || options.delete(:arn)
+        case value
+        when String then value
+        when nil then raise ArgumentError, "missing required option :arn"
+        else
+          msg = "expected :arn to be a String, got #{value.class}"
+          raise ArgumentError, msg
+        end
+      end
+
+      class Collection < Aws::Resources::Collection; end
+    end
+  end
+end

data/lib/aws-sdk-sns/platform_endpoint.rb

@@ -0,0 +1,266 @@
+# WARNING ABOUT GENERATED CODE
+#
+# This file is generated. See the contributing for info on making contributions:
+# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
+#
+# WARNING ABOUT GENERATED CODE
+
+module Aws
+  module SNS
+    class PlatformEndpoint
+
+      extend Aws::Deprecations
+
+      # @overload def initialize(arn, options = {})
+      #   @param [String] arn
+      #   @option options [Client] :client
+      # @overload def initialize(options = {})
+      #   @option options [required, String] :arn
+      #   @option options [Client] :client
+      def initialize(*args)
+        options = Hash === args.last ? args.pop.dup : {}
+        @arn = extract_arn(args, options)
+        @data = options.delete(:data)
+        @client = options.delete(:client) || Client.new(options)
+      end
+
+      # @!group Read-Only Attributes
+
+      # @return [String]
+      def arn
+        @arn
+      end
+
+      # Attributes include the following:
+      #
+      # * `CustomUserData` -- arbitrary user data to associate with the
+      #   endpoint. Amazon SNS does not use this data. The data must be in
+      #   UTF-8 format and less than 2KB.
+      #
+      # * `Enabled` -- flag that enables/disables delivery to the endpoint.
+      #   Amazon SNS will set this to false when a notification service
+      #   indicates to Amazon SNS that the endpoint is invalid. Users can set
+      #   it back to true, typically after updating Token.
+      #
+      # * `Token` -- device token, also referred to as a registration id, for
+      #   an app and mobile device. This is returned from the notification
+      #   service when an app and mobile device are registered with the
+      #   notification service.
+      # @return [Hash<String,String>]
+      def attributes
+        data.attributes
+      end
+
+      # @!endgroup
+
+      # @return [Client]
+      def client
+        @client
+      end
+
+      # Loads, or reloads {#data} for the current {PlatformEndpoint}.
+      # Returns `self` making it possible to chain methods.
+      #
+      #     platform_endpoint.reload.data
+      #
+      # @return [self]
+      def load
+        resp = @client.get_endpoint_attributes(endpoint_arn: @arn)
+        @data = resp.data
+        self
+      end
+      alias :reload :load
+
+      # @return [Types::GetEndpointAttributesResponse]
+      #   Returns the data for this {PlatformEndpoint}. Calls
+      #   {Client#get_endpoint_attributes} if {#data_loaded?} is `false`.
+      def data
+        load unless @data
+        @data
+      end
+
+      # @return [Boolean]
+      #   Returns `true` if this resource is loaded.  Accessing attributes or
+      #   {#data} on an unloaded resource will trigger a call to {#load}.
+      def data_loaded?
+        !!@data
+      end
+
+      # @!group Actions
+
+      # @example Request syntax with placeholder values
+      #
+      #   platform_endpoint.delete()
+      # @param [Hash] options ({})
+      # @return [EmptyStructure]
+      def delete(options = {})
+        options = options.merge(endpoint_arn: @arn)
+        resp = @client.delete_endpoint(options)
+        resp.data
+      end
+
+      # @example Request syntax with placeholder values
+      #
+      #   platform_endpoint.publish({
+      #     topic_arn: "topicARN",
+      #     phone_number: "String",
+      #     message: "message", # required
+      #     subject: "subject",
+      #     message_structure: "messageStructure",
+      #     message_attributes: {
+      #       "String" => {
+      #         data_type: "String", # required
+      #         string_value: "String",
+      #         binary_value: "data",
+      #       },
+      #     },
+      #   })
+      # @param [Hash] options ({})
+      # @option options [String] :topic_arn
+      #   The topic you want to publish to.
+      #
+      #   If you don't specify a value for the `TopicArn` parameter, you must
+      #   specify a value for the `PhoneNumber` or `TargetArn` parameters.
+      # @option options [String] :phone_number
+      #   The phone number to which you want to deliver an SMS message. Use
+      #   E.164 format.
+      #
+      #   If you don't specify a value for the `PhoneNumber` parameter, you
+      #   must specify a value for the `TargetArn` or `TopicArn` parameters.
+      # @option options [required, String] :message
+      #   The message you want to send to the topic.
+      #
+      #   If you want to send the same message to all transport protocols,
+      #   include the text of the message as a String value.
+      #
+      #   If you want to send different messages for each transport protocol,
+      #   set the value of the `MessageStructure` parameter to `json` and use a
+      #   JSON object for the `Message` parameter.
+      #
+      #   Constraints: Messages must be UTF-8 encoded strings at most 256 KB in
+      #   size (262144 bytes, not 262144 characters).
+      #
+      #   JSON-specific constraints:
+      #
+      #   * Keys in the JSON object that correspond to supported transport
+      #     protocols must have simple JSON string values.
+      #
+      #   * The values will be parsed (unescaped) before they are used in
+      #     outgoing messages.
+      #
+      #   * Outbound notifications are JSON encoded (meaning that the characters
+      #     will be reescaped for sending).
+      #
+      #   * Values have a minimum length of 0 (the empty string, "", is
+      #     allowed).
+      #
+      #   * Values have a maximum length bounded by the overall message size
+      #     (so, including multiple protocols may limit message sizes).
+      #
+      #   * Non-string values will cause the key to be ignored.
+      #
+      #   * Keys that do not correspond to supported transport protocols are
+      #     ignored.
+      #
+      #   * Duplicate keys are not allowed.
+      #
+      #   * Failure to parse or validate any key or value in the message will
+      #     cause the `Publish` call to return an error (no partial delivery).
+      # @option options [String] :subject
+      #   Optional parameter to be used as the "Subject" line when the message
+      #   is delivered to email endpoints. This field will also be included, if
+      #   present, in the standard JSON messages delivered to other endpoints.
+      #
+      #   Constraints: Subjects must be ASCII text that begins with a letter,
+      #   number, or punctuation mark; must not include line breaks or control
+      #   characters; and must be less than 100 characters long.
+      # @option options [String] :message_structure
+      #   Set `MessageStructure` to `json` if you want to send a different
+      #   message for each protocol. For example, using one publish action, you
+      #   can send a short message to your SMS subscribers and a longer message
+      #   to your email subscribers. If you set `MessageStructure` to `json`,
+      #   the value of the `Message` parameter must:
+      #
+      #   * be a syntactically valid JSON object; and
+      #
+      #   * contain at least a top-level JSON key of "default" with a value
+      #     that is a string.
+      #
+      #   You can define other top-level keys that define the message you want
+      #   to send to a specific transport protocol (e.g., "http").
+      #
+      #   For information about sending different messages for each protocol
+      #   using the AWS Management Console, go to [Create Different Messages for
+      #   Each Protocol][1] in the *Amazon Simple Notification Service Getting
+      #   Started Guide*.
+      #
+      #   Valid value: `json`
+      #
+      #
+      #
+      #   [1]: http://docs.aws.amazon.com/sns/latest/gsg/Publish.html#sns-message-formatting-by-protocol
+      # @option options [Hash<String,Types::MessageAttributeValue>] :message_attributes
+      #   Message attributes for Publish action.
+      # @return [Types::PublishResponse]
+      def publish(options = {})
+        options = options.merge(target_arn: @arn)
+        resp = @client.publish(options)
+        resp.data
+      end
+
+      # @example Request syntax with placeholder values
+      #
+      #   platform_endpoint.set_attributes({
+      #     attributes: { # required
+      #       "String" => "String",
+      #     },
+      #   })
+      # @param [Hash] options ({})
+      # @option options [required, Hash<String,String>] :attributes
+      #   A map of the endpoint attributes. Attributes in this map include the
+      #   following:
+      #
+      #   * `CustomUserData` -- arbitrary user data to associate with the
+      #     endpoint. Amazon SNS does not use this data. The data must be in
+      #     UTF-8 format and less than 2KB.
+      #
+      #   * `Enabled` -- flag that enables/disables delivery to the endpoint.
+      #     Amazon SNS will set this to false when a notification service
+      #     indicates to Amazon SNS that the endpoint is invalid. Users can set
+      #     it back to true, typically after updating Token.
+      #
+      #   * `Token` -- device token, also referred to as a registration id, for
+      #     an app and mobile device. This is returned from the notification
+      #     service when an app and mobile device are registered with the
+      #     notification service.
+      # @return [EmptyStructure]
+      def set_attributes(options = {})
+        options = options.merge(endpoint_arn: @arn)
+        resp = @client.set_endpoint_attributes(options)
+        resp.data
+      end
+
+      # @deprecated
+      # @api private
+      def identifiers
+        { arn: @arn }
+      end
+      deprecated(:identifiers)
+
+      private
+
+      def extract_arn(args, options)
+        value = args[0] || options.delete(:arn)
+        case value
+        when String then value
+        when nil then raise ArgumentError, "missing required option :arn"
+        else
+          msg = "expected :arn to be a String, got #{value.class}"
+          raise ArgumentError, msg
+        end
+      end
+
+      class Collection < Aws::Resources::Collection; end
+    end
+  end
+end