RubyGems - aws-sigv4 - Versions diffs - 1.1.0 → 1.2.0 - Mend

aws-sigv4 1.1.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +5 -5
data/lib/aws-sigv4/credentials.rb +10 -3
data/lib/aws-sigv4/signer.rb +23 -16
metadata +7 -7

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: cb4db422d46522a4ad3274b0dc5b28689ed5def4
-  data.tar.gz: 061ca3ebfd24ffea8a1717ac9e12f9fc0650d4f8
+SHA256:
+  metadata.gz: bb5dcbbff098d3a214203f2ae9e9232a45a21b172975e54d53760458a3bae292
+  data.tar.gz: '021178fadb12d304636d9f62f437c1d4771ec73dbd331e035f0d44150cc09bf1'
 SHA512:
-  metadata.gz: fef836871abeaf35b99b00a28deab1506f45d6792a6c732d74db4a37250d77e62ee64da491ad91a21a0f8098ba91dae19953d27c48aec0a36d7e2ad403f4edf6
-  data.tar.gz: 6bee73d7bbcd3f7fe8cb92275eabb13d5981869dc566bfc818960449143fdc28f91270465efd9d38adbfb4f91d12c23a2c70e7cfebf4c45d8954df3c0a082b36
+  metadata.gz: db494770a0cf87af1eabd7ff006b6f0ffa7fda832c9fb584fe5937fda36c7764ad78bd07e3837b5e2b7e32dcb7733278189b0ceb4112d4081f7f9c3df510485f
+  data.tar.gz: 7e8bccac2be5edba105722f8d2e2fa61c4d8167289e768b28162cb7b66dc5a9a22e3e850fdf5b65af69dc20604bc2a2433732bb4429ffffa2fb0df7271ec3e73

data/lib/aws-sigv4/credentials.rb CHANGED

@@ -28,11 +28,14 @@ module Aws
       # @return [String, nil]
       attr_reader :session_token
-      # @return [Boolean]
+      # @return [Boolean] Returns `true` if the access key id and secret
+      #   access key are both set.
       def set?
-        !!(access_key_id && secret_access_key)
+        !access_key_id.nil? &&
+          !access_key_id.empty? &&
+          !secret_access_key.nil? &&
+          !secret_access_key.empty?
       end
     end
     # Users that wish to configure static credentials can use the
@@ -53,6 +56,10 @@ module Aws
       # @return [Credentials]
       attr_reader :credentials
+      # @return [Boolean]
+      def set?
+        !!credentials && credentials.set?
+      end
     end
   end

data/lib/aws-sigv4/signer.rb CHANGED

@@ -123,6 +123,7 @@ module Aws
         @unsigned_headers = Set.new((options.fetch(:unsigned_headers, [])).map(&:downcase))
         @unsigned_headers << 'authorization'
         @unsigned_headers << 'x-amzn-trace-id'
+        @unsigned_headers << 'expect'
         [:uri_escape_path, :apply_checksum_header].each do |opt|
           instance_variable_set("@#{opt}", options.key?(opt) ? !!options[:opt] : true)
         end
@@ -202,7 +203,7 @@ module Aws
       #
       def sign_request(request)
-        creds = get_credentials
+        creds = fetch_credentials
         http_method = extract_http_method(request)
         url = extract_url(request)
@@ -280,13 +281,13 @@ module Aws
       #   signature value (a binary string) used at ':chunk-signature' needs to converted to
       #   hex-encoded string using #unpack
       def sign_event(prior_signature, payload, encoder)
-        creds = get_credentials
+        creds = fetch_credentials
         time = Time.now
         headers = {}
         datetime = time.utc.strftime("%Y%m%dT%H%M%SZ")
         date = datetime[0,8]
-        headers[':date'] = Aws::EventStream::HeaderValue.new(value: time.to_i*1000, type: 'timestamp')
+        headers[':date'] = Aws::EventStream::HeaderValue.new(value: time.to_i * 1000, type: 'timestamp')
         sts = event_string_to_sign(datetime, headers, payload, prior_signature, encoder)
         sig = event_signature(creds.secret_access_key, date, sts)
@@ -367,7 +368,7 @@ module Aws
       #
       def presign_url(options)
-        creds = get_credentials
+        creds = fetch_credentials
         http_method = extract_http_method(options)
         url = extract_url(options)
@@ -441,7 +442,7 @@ module Aws
       def event_string_to_sign(datetime, headers, payload, prior_signature, encoder)
         encoded_headers = encoder.encode_headers(
           Aws::EventStream::Message.new(headers: headers, payload: payload)
-        ).read
+        )
         [
           "AWS4-HMAC-SHA256-PAYLOAD",
           datetime,
@@ -549,18 +550,14 @@ module Aws
       end
       def host(uri)
-        if standard_port?(uri)
+        # Handles known and unknown URI schemes; default_port nil when unknown.
+        if uri.default_port == uri.port
           uri.host
         else
           "#{uri.host}:#{uri.port}"
         end
       end
-      def standard_port?(uri)
-        (uri.scheme == 'http' && uri.port == 80) ||
-        (uri.scheme == 'https' && uri.port == 443)
-      end
       # @param [File, Tempfile, IO#read, String] value
       # @return [String<SHA256 Hexdigest>]
       def sha256_hexdigest(value)
@@ -568,7 +565,9 @@ module Aws
           OpenSSL::Digest::SHA256.file(value).hexdigest
         elsif value.respond_to?(:read)
           sha256 = OpenSSL::Digest::SHA256.new
-          while chunk = value.read(1024 * 1024, buffer ||= "") # 1MB
+          loop do
+            chunk = value.read(1024 * 1024) # 1MB
+            break unless chunk
             sha256.update(chunk)
           end
           value.rewind
@@ -656,18 +655,26 @@ module Aws
         self.class.uri_escape_path(string)
       end
-      def get_credentials
+      def fetch_credentials
         credentials = @credentials_provider.credentials
         if credentials_set?(credentials)
           credentials
         else
-          msg = 'unable to sign request without credentials set'
-          raise Errors::MissingCredentialsError.new(msg)
+          raise Errors::MissingCredentialsError,
+          'unable to sign request without credentials set'
         end
       end
+      # Returns true if credentials are set (not nil or empty)
+      # Credentials may not implement the Credentials interface
+      # and may just be credential like Client response objects
+      # (eg those returned by sts#assume_role)
       def credentials_set?(credentials)
-        credentials.access_key_id && credentials.secret_access_key
+        !credentials.access_key_id.nil? &&
+          !credentials.access_key_id.empty? &&
+          !credentials.secret_access_key.nil? &&
+          !credentials.secret_access_key.empty?
       end
       class << self

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sigv4
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.2.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-03-13 00:00:00.000000000 Z
+date: 2020-06-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-eventstream
@@ -16,7 +16,7 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1'
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.0.2
@@ -26,11 +26,11 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1'
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.0.2
-description: Amazon Web Services Signature Version 4 signing ligrary. Generates sigv4
+description: Amazon Web Services Signature Version 4 signing library. Generates sigv4
   signature for HTTP requests.
 email:
 executables: []
@@ -43,7 +43,7 @@ files:
 - lib/aws-sigv4/request.rb
 - lib/aws-sigv4/signature.rb
 - lib/aws-sigv4/signer.rb
-homepage: http://github.com/aws/aws-sdk-ruby
+homepage: https://github.com/aws/aws-sdk-ruby
 licenses:
 - Apache-2.0
 metadata:
@@ -65,7 +65,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.5.2.3
+rubygems_version: 2.7.6.2
 signing_key:
 specification_version: 4
 summary: AWS Signature Version 4 library.