aws-sessionstore-dynamodb 3.0.0 → 3.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 36b57007b9df541572bec17e8f0a2c5d262dec1e3d3de5e48b30fbe16ac096a4
-  data.tar.gz: 007b5941ae32f468df86712404ac6ba0a8f833096154f1365a98cc2cd800c56b
+  metadata.gz: 35f83cb5e399ca623bfbd56cfccc2e3682da31acce2008bb7e93f5e5a5db7afa
+  data.tar.gz: 409c03019e94db3d83c7db166b26645bb07ab1a4ff24fcb2a328e4f8987df0a9
 SHA512:
-  metadata.gz: ab11030761f3ee4fcfe4531c6739d38c829d46404f0b9d7e9586681c13f7489acbbaa53700a198b6729b60d87a4f70ab9e87e686a17481b689fedd7bcac35e01
-  data.tar.gz: e9040852ec704e117244b747914065a9b5bf07cdad378f40a0011e1dde42c447e296183b10eb2b5f2821291d8c78b3bba6f9fb95dd4330fbfa370e9aaead4c10
+  metadata.gz: ca6653d948cf8e8c8858ac200d92edc01d8b9036512bc7df51523d4ecc12d48527958b117993cdc284fe6235c71bd2aab5cfcf83594c66393f75a7046c3ab47d
+  data.tar.gz: 6e7f1d6aeb2878e46d567a5962c1011933845b9cdb11af9585e8a5d70dda2f564134c8b1670876a4363b60668882fa60dffbbd98c10c6f8370277b54a293d3f2

data/CHANGELOG.md

@@ -1,3 +1,15 @@
+3.1.0 (2026-06-29)
+------------------
+
+* Feature - Add `:serializer` configuration option (`:marshal`, `:json`, `:json_allow_marshal`). Default remains `:marshal` for backwards compatibility. Set to `:json` or `:json_allow_marshal` to use JSON serialization for session data.
+
+3.0.1 (2024-11-16)
+------------------
+
+* Issue - `Configuration` now takes environment variables with precedence over YAML configuration.
+
+* Issue - Use ENV variables that are prefixed by `AWS_`.
+
 3.0.0 (2024-10-29)
 ------------------
 

data/{LICENSE.txt → LICENSE}

@@ -173,30 +173,3 @@
       defend, and hold each Contributor harmless for any liability
       incurred by, or claims asserted against, such Contributor by reason
       of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright [yyyy] [name of copyright owner]
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.

data/VERSION

@@ -1 +1 @@
-3.0.0
+3.1.0

data/lib/aws/session_store/dynamo_db/configuration.rb

@@ -4,25 +4,25 @@ require 'aws-sdk-dynamodb'
 
 module Aws::SessionStore::DynamoDB
   # This class provides a Configuration object for all DynamoDB session store operations
-  # by pulling configuration options from Runtime, a YAML file, the ENV, and default
+  # by pulling configuration options from Runtime, the ENV, a YAML file, and default
   # settings, in that order.
   #
-  # == Environment Variables
+  # # Environment Variables
   # The Configuration object can load default values from your environment. All configuration
   # keys are supported except for `:dynamo_db_client` and `:error_handler`. The keys take the form
-  # of DYNAMO_DB_SESSION_<KEY_NAME>. Example:
+  # of AWS_DYNAMO_DB_SESSION_<KEY_NAME>. Example:
   #
-  #   export DYNAMO_DB_SESSION_TABLE_NAME='Sessions'
-  #   export DYNAMO_DB_SESSION_TABLE_KEY='id'
+  #     export AWS_DYNAMO_DB_SESSION_TABLE_NAME='Sessions'
+  #     export AWS_DYNAMO_DB_SESSION_TABLE_KEY='id'
   #
-  # == Locking Strategy
+  # # Locking Strategy
   # By default, locking is disabled for session store access. To enable locking, set the
   # `:enable_locking` option to true. The locking strategy is pessimistic, meaning that only one
   # read can be made on a session at once. While the session is being read by the process with the
   # lock, other processes may try to obtain a lock on the same session but will be blocked.
   # See the initializer for how to configure the pessimistic locking strategy to your needs.
   #
-  # == Handling Errors
+  # # Handling Errors
   # There are two configurable options for error handling: `:raise_errors` and `:error_handler`.
   #
   # If you would like to use the Default Error Handler, you can decide to set `:raise_errors`
@@ -33,12 +33,12 @@ module Aws::SessionStore::DynamoDB
   # class and pass it into the `:error_handler` option.
   # @see BaseHandler Interface for Error Handling for DynamoDB Session Store.
   #
-  # == DynamoDB Specific Options
+  # # DynamoDB Specific Options
   # You may configure the table name and table hash key value of your session table with
   # the `:table_name` and `:table_key` options. You may also configure performance options for
   # your table with the `:consistent_read`, `:read_capacity`, `:write_capacity`. For more information
   # about these configurations see
-  # {https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/DynamoDB/Client.html#create_table-instance_method CreateTable }
+  # {https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/DynamoDB/Client.html#create_table-instance_method CreateTable}
   # method for Amazon DynamoDB.
   #
   class Configuration
@@ -58,12 +58,13 @@ module Aws::SessionStore::DynamoDB
       lock_expiry_time: 500,
       lock_retry_delay: 500,
       lock_max_wait_time: 1,
+      serializer: :marshal,
       config_file: nil,
       dynamo_db_client: nil
     }.freeze
 
     # Provides configuration object that allows access to options defined
-    # during Runtime, in a YAML file, in the ENV, and by default.
+    # during Runtime, in the ENV, in a YAML file, and by default.
     #
     # @option options [String] :table_name ("sessions") Name of the session table.
     # @option options [String] :table_key ("session_id") The hash key of the session table.
@@ -94,13 +95,26 @@ module Aws::SessionStore::DynamoDB
     #   to obtain lock once an attempt to obtain the lock has been made and has failed.
     # @option options [Integer] :lock_max_wait_time (500) Maximum time in seconds to wait to acquire the
     #   lock before giving up.
+    # @option options [Symbol] :serializer (:marshal) The serializer for session data.
+    #   - `:json` - Serialize and deserialize with JSON only. Raises an error if legacy
+    #     Marshal-encoded data is encountered.
+    #   - `:json_allow_marshal` - Serialize with JSON, but fall back to deserializing with
+    #     Marshal if JSON parsing fails. Use this during migration from Marshal to JSON.
+    #   - `:marshal` - Serialize and deserialize with Marshal only (legacy behavior, not
+    #     recommended).
+    #
+    #   Note: When using `:json` or `:json_allow_marshal`, session data must consist of
+    #   JSON-compatible types only (strings, numbers, booleans, arrays, hashes with string
+    #   keys). Symbol keys are converted to strings, and complex objects (e.g., Time, custom
+    #   classes) are not preserved across serialization.
     # @option options [String, Pathname] :config_file
     #   Path to a YAML file that contains configuration options.
     # @option options [Aws::DynamoDB::Client] :dynamo_db_client (Aws::DynamoDB::Client.new)
     #   DynamoDB client used to perform database operations inside of the rack application.
     def initialize(options = {})
-      opts = file_options(options).merge(options)
+      opts = options
       opts = env_options.merge(opts)
+      opts = file_options(opts).merge(opts)
       MEMBERS.each_pair do |opt_name, default_value|
         opts[opt_name] = default_value unless opts.key?(opt_name)
       end
@@ -137,21 +151,30 @@ module Aws::SessionStore::DynamoDB
     def env_options
       unsupported_keys = %i[dynamo_db_client error_handler]
       (MEMBERS.keys - unsupported_keys).each_with_object({}) do |opt_name, opts|
-        key = "DYNAMO_DB_SESSION_#{opt_name.to_s.upcase}"
+        key = env_key(opt_name)
         next unless ENV.key?(key)
 
         opts[opt_name] = parse_env_value(key)
       end
     end
 
-    def parse_env_value(key)
-      Integer(ENV.fetch(key, nil))
-    rescue ArgumentError
-      if ENV[key] == 'true' || ENV[key] == 'false'
-        ENV[key] == 'true'
+    def env_key(opt_name)
+      # legacy - remove this in aws-sessionstore-dynamodb ~> 4
+      key = "DYNAMO_DB_SESSION_#{opt_name.to_s.upcase}"
+      if ENV.key?(key)
+        Kernel.warn("The environment variable `#{key}` is deprecated.
+                     Please use `AWS_DYNAMO_DB_SESSION_#{opt_name.to_s.upcase}` instead.")
       else
-        ENV.fetch(key, nil)
+        key = "AWS_DYNAMO_DB_SESSION_#{opt_name.to_s.upcase}"
       end
+      key
+    end
+
+    def parse_env_value(key)
+      val = ENV.fetch(key, nil)
+      Integer(val)
+    rescue ArgumentError
+      %w[true false].include?(val) ? val == 'true' : val
     end
 
     # @return [Hash] File options.
@@ -168,7 +191,8 @@ module Aws::SessionStore::DynamoDB
       require 'erb'
       require 'yaml'
       opts = YAML.safe_load(ERB.new(File.read(file_path)).result) || {}
-      opts.transform_keys(&:to_sym)
+      unsupported_keys = %i[dynamo_db_client error_handler config_file]
+      opts.transform_keys(&:to_sym).reject { |k, _| unsupported_keys.include?(k) }
     end
 
     def set_attributes(options)

data/lib/aws/session_store/dynamo_db/errors/base_handler.rb

@@ -6,7 +6,7 @@ module Aws::SessionStore::DynamoDB::Errors
   # Each error handler must implement a handle_error method.
   #
   # @example Sample ErrorHandler class
-  #   class MyErrorHandler < BaseErrorHandler
+  #   class MyErrorHandler < BaseHandler
   #    # Handles error passed in
   #    def handle_error(e, env = {})
   #      File.open(path_to_file, 'w') {|f| f.write(e.message) }
@@ -17,7 +17,7 @@ module Aws::SessionStore::DynamoDB::Errors
     # An error and an environment (optionally) will be passed in to
     # this method and it will determine how to deal
     # with the error.
-    # Must return false if you have handled the error but are not reraising the
+    # Must return false if you have handled the error but are not re-raising the
     # error up the stack.
     # You may reraise the error passed.
     #
@@ -25,7 +25,7 @@ module Aws::SessionStore::DynamoDB::Errors
     #  Aws::SessionStore::DynamoDB::RackMiddleware.
     # @param [Rack::Request::Environment,nil] env Rack environment
     # @return [false] If exception was handled and will not reraise exception.
-    # @raise [Aws::DynamoDB::Errors] If error has be reraised.
+    # @raise [Aws::DynamoDB::Errors] If error has be re-raised.
     def handle_error(error, env = {})
       raise NotImplementedError
     end

data/lib/aws/session_store/dynamo_db/errors/default_handler.rb

@@ -20,12 +20,14 @@ module Aws::SessionStore::DynamoDB::Errors
 
     # Raises {HARD_ERRORS} up the Rack stack.
     # Places all other errors in Racks error stream.
+    # rubocop:disable Naming/PredicateMethod
     def handle_error(error, env = {})
       raise error if HARD_ERRORS.include?(error.class) || @raise_errors
 
       store_error(error, env)
       false
     end
+    # rubocop:enable Naming/PredicateMethod
 
     # Sends error to error stream
     def store_error(error, env = {})

data/lib/aws/session_store/dynamo_db/garbage_collection.rb

@@ -9,6 +9,7 @@ module Aws::SessionStore::DynamoDB
     class << self
       # Scans DynamoDB session table to find sessions that match the max age and
       # max stale period requirements. it then deletes all of the found sessions.
+      # @option (see Configuration#initialize)
       def collect_garbage(options = {})
         config = load_config(options)
         last_key = eliminate_unwanted_sessions(config)
@@ -92,7 +93,7 @@ module Aws::SessionStore::DynamoDB
       # Provides specified date attributes.
       def oldest_date(sec)
         {
-          attribute_value_list: [n: (Time.now - sec).to_f.to_s],
+          attribute_value_list: [{ n: (Time.now - sec).to_f.to_s }],
           comparison_operator: 'LT'
         }
       end

data/lib/aws/session_store/dynamo_db/locking/base.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'json'
+
 module Aws::SessionStore::DynamoDB::Locking
   # Handles session management.
   class Base
@@ -71,13 +73,29 @@ module Aws::SessionStore::DynamoDB::Locking
       merge_all(table_opts(sid), attribute_opts)
     end
 
-    # Marshal the data.
     def pack_data(data)
-      [Marshal.dump(data)].pack('m*')
+      case @config.serializer
+      when :marshal
+        [Marshal.dump(data)].pack('m*')
+      else
+        JSON.dump(data)
+      end
     end
 
-    # Unmarshal the data.
     def unpack_data(packed_data)
+      case @config.serializer
+      when :marshal
+        Marshal.load(packed_data.unpack1('m*'))
+      when :json
+        JSON.parse(packed_data)
+      when :json_allow_marshal
+        handle_unpack_data_fallback(packed_data)
+      end
+    end
+
+    def handle_unpack_data_fallback(packed_data)
+      JSON.parse(packed_data)
+    rescue JSON::ParserError
       Marshal.load(packed_data.unpack1('m*'))
     end
 

data/lib/aws/session_store/dynamo_db/locking/pessimistic.rb

@@ -59,7 +59,7 @@ module Aws::SessionStore::DynamoDB::Locking
     # @return [Time] Time stamp for which the session was locked.
     def lock_time(sid)
       result = @config.dynamo_db_client.get_item(get_lock_time_opts(sid))
-      (result[:item]['locked_at']).to_f if result[:item]['locked_at']
+      result[:item]['locked_at']&.to_f
     end
 
     # @return [String] Session data.
@@ -138,7 +138,7 @@ module Aws::SessionStore::DynamoDB::Locking
       {
         expected: {
           'locked_at' => {
-            value: (env['locked_at']).to_s,
+            value: env['locked_at'].to_s,
             exists: true
           }
         }

data/lib/aws/session_store/dynamo_db/locking.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+module Aws::SessionStore::DynamoDB
+  # @api private
+  module Locking; end
+end
+
+require_relative 'locking/base'
+require_relative 'locking/null'
+require_relative 'locking/pessimistic'

data/lib/aws-sessionstore-dynamodb.rb

@@ -12,8 +12,6 @@ end
 require_relative 'aws/session_store/dynamo_db/configuration'
 require_relative 'aws/session_store/dynamo_db/errors'
 require_relative 'aws/session_store/dynamo_db/garbage_collection'
-require_relative 'aws/session_store/dynamo_db/locking/base'
-require_relative 'aws/session_store/dynamo_db/locking/null'
-require_relative 'aws/session_store/dynamo_db/locking/pessimistic'
+require_relative 'aws/session_store/dynamo_db/locking'
 require_relative 'aws/session_store/dynamo_db/rack_middleware'
 require_relative 'aws/session_store/dynamo_db/table'

metadata

@@ -1,64 +1,64 @@
 --- !ruby/object:Gem::Specification
 name: aws-sessionstore-dynamodb
 version: !ruby/object:Gem::Version
-  version: 3.0.0
+  version: 3.1.0
 platform: ruby
 authors:
 - Amazon Web Services
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-10-29 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: aws-sdk-dynamodb
+  name: rack
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.85.0
+        version: '3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.85.0
+        version: '3'
 - !ruby/object:Gem::Dependency
-  name: rack
+  name: rack-session
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3'
+        version: '2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3'
+        version: '2'
 - !ruby/object:Gem::Dependency
-  name: rack-session
+  name: aws-sdk-dynamodb
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2'
+        version: '1'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.85.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2'
-description:
+        version: '1'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.85.0
+description: The Amazon DynamoDB Session Store handles sessions for Rack web applications
+  using a DynamoDB backend.
 email:
 - aws-dr-rubygems@amazon.com
 executables: []
@@ -66,7 +66,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - CHANGELOG.md
-- LICENSE.txt
+- LICENSE
 - VERSION
 - lib/aws-sessionstore-dynamodb.rb
 - lib/aws/session_store/dynamo_db/configuration.rb
@@ -74,6 +74,7 @@ files:
 - lib/aws/session_store/dynamo_db/errors/base_handler.rb
 - lib/aws/session_store/dynamo_db/errors/default_handler.rb
 - lib/aws/session_store/dynamo_db/garbage_collection.rb
+- lib/aws/session_store/dynamo_db/locking.rb
 - lib/aws/session_store/dynamo_db/locking/base.rb
 - lib/aws/session_store/dynamo_db/locking/null.rb
 - lib/aws/session_store/dynamo_db/locking/pessimistic.rb
@@ -83,7 +84,6 @@ homepage: https://github.com/aws/aws-sessionstore-dynamodb-ruby
 licenses:
 - Apache-2.0
 metadata: {}
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -98,9 +98,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.11
-signing_key:
+rubygems_version: 4.0.3
 specification_version: 4
-summary: The Amazon DynamoDB Session Store handles sessions for Rack web applications
-  using a DynamoDB backend.
+summary: Amazon DynamoDB Session Store for Rack web applications.
 test_files: []