fog 1.12.1 → 1.13.0

data/lib/fog/aws/requests/ses/send_raw_email.rb

@@ -30,7 +30,7 @@ module Fog
 
           request({
             'Action'          => 'SendRawEmail',
-            'RawMessage.Data' => Base64.encode64(raw_message).chomp!,
+            'RawMessage.Data' => Base64.encode64(raw_message.to_s).chomp!,
             :parser           => Fog::Parsers::AWS::SES::SendRawEmail.new
           }.merge(params))
         end

data/lib/fog/aws/requests/ses/verify_domain_identity.rb

@@ -0,0 +1,30 @@
+module Fog
+  module AWS
+    class SES
+      class Real
+
+        require 'fog/aws/parsers/ses/verify_domain_identity'
+
+        # Verifies a domain. This action returns a verification authorization
+        # token which must be added as a DNS TXT record to the domain.
+        #
+        # ==== Parameters
+        # * domain<~String> - The domain to be verified
+        # ==== Returns
+        # * response<~Excon::Response>:
+        #   * body<~Hash>:
+        #     * 'ResponseMetadata'<~Hash>:
+        #       * 'VerificationToken'<~String> - Verification token
+        #       * 'RequestId'<~String> - Id of request
+        def verify_domain(domain)
+          request({
+            'Action'           => 'VerifyDomainIdentity',
+            'Domain'           => domain,
+            :parser            => Fog::Parsers::AWS::SES::VerifyDomainIdentity.new
+          })
+        end
+
+      end
+    end
+  end
+end

data/lib/fog/aws/requests/storage/complete_multipart_upload.rb

@@ -13,12 +13,16 @@ module Fog
         # @param [Array<String>] parts Array of etags as Strings for parts
         #
         # @return [Excon::Response]
-        #   * headers [Hash]:
+        #   * body [Hash]: (success)
         #     * Bucket [String] - bucket of new object
-        #     * ETag [String] - etag of new object (will be needed to complete upload)
+        #     * ETag [String] - etag of new object
         #     * Key [String] - key of new object
         #     * Location [String] - location of new object
+        #   * body [Hash]: (failure)
+        #     * Code [String] - Error status code
+        #     * Message [String] - Error description
         #
+        # @note This request could fail and still return +200 OK+, so it's important that you check the response.
         # @see http://docs.amazonwebservices.com/AmazonS3/latest/API/mpUploadComplete.html
         #
         def complete_multipart_upload(bucket_name, object_name, upload_id, parts)

data/lib/fog/aws/requests/storage/get_object.rb

@@ -87,7 +87,7 @@ module Fog
             if (object && !object[:delete_marker])
               if options['If-Match'] && options['If-Match'] != object['ETag']
                 response.status = 412
-              elsif options['If-Modified-Since'] && options['If-Modified-Since'] > Time.parse(object['Last-Modified'])
+              elsif options['If-Modified-Since'] && options['If-Modified-Since'] >= Time.parse(object['Last-Modified'])
                 response.status = 304
               elsif options['If-None-Match'] && options['If-None-Match'] == object['ETag']
                 response.status = 304

data/lib/fog/aws/requests/sts/assume_role.rb

@@ -0,0 +1,46 @@
+module Fog
+  module AWS
+    class STS
+      class Real
+
+        require 'fog/aws/parsers/sts/assume_role'
+        
+        # Assume Role
+        #
+        # ==== Parameters
+        # * role_session_name<~String> - An identifier for the assumed role.
+        # * role_arn<~String> - The ARN of the role the caller is assuming.
+        # * external_id<~String> - An optional unique identifier required by the assuming role's trust identity.
+        # * policy<~String> - An optional JSON policy document
+        # * duration<~Integer> - Duration (of seconds) for the assumed role credentials to be valid (default 3600)
+        #
+        # ==== Returns
+        # * response<~Excon::Response>:
+        #   * body<~Hash>:
+        #     * 'Arn'<~String>: The ARN of the assumed role/user
+        #     * 'AccessKeyId'<~String>: The AWS access key of the temporary credentials for the assumed role
+        #     * 'SecretAccessKey'<~String>: The AWS secret key of the temporary credentials for the assumed role
+        #     * 'SessionToken'<~String>: The AWS session token of the temporary credentials for the assumed role
+        #     * 'Expiration'<~Time>: The expiration time of the temporary credentials for the assumed role
+        #
+        # ==== See Also
+        # http://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html
+        #
+
+        def assume_role(role_session_name, role_arn, external_id=nil, policy=nil, duration=3600)
+          request({
+            'Action'          => 'AssumeRole',
+            'RoleSessionName' => role_session_name,
+            'RoleArn'         => role_arn,
+            'Policy'          => policy && Fog::JSON.encode(policy),
+            'DurationSeconds' => duration,
+            'ExternalId'      => external_id,
+            :idempotent       => true,
+            :parser           => Fog::Parsers::AWS::STS::AssumeRole.new
+          })
+        end
+        
+      end
+    end
+  end
+end

data/lib/fog/aws/ses.rb

@@ -5,12 +5,16 @@ module Fog
     class SES < Fog::Service
       extend Fog::AWS::CredentialFetcher::ServiceMethods
 
+      class InvalidParameterError < Fog::Errors::Error; end
+      class MessageRejected < Fog::Errors::Error; end
+
       requires :aws_access_key_id, :aws_secret_access_key
       recognizes :region, :host, :path, :port, :scheme, :persistent, :use_iam_profile, :aws_session_token, :aws_credentials_expire_at
 
       request_path 'fog/aws/requests/ses'
       request :delete_verified_email_address
       request :verify_email_address
+      request :verify_domain_identity
       request :get_send_quota
       request :get_send_statistics
       request :list_verified_email_addresses
@@ -102,15 +106,28 @@ module Fog
           end
           body.chop! # remove trailing '&'
 
-          response = @connection.request({
-            :body       => body,
-            :expects    => 200,
-            :headers    => headers,
-            :idempotent => idempotent,
-            :host       => @host,
-            :method     => 'POST',
-            :parser     => parser
-          })
+          begin
+            response = @connection.request({
+              :body       => body,
+              :expects    => 200,
+              :headers    => headers,
+              :idempotent => idempotent,
+              :host       => @host,
+              :method     => 'POST',
+              :parser     => parser
+            })
+          rescue Excon::Errors::HTTPStatusError => error
+            match = Fog::AWS::Errors.match_error(error)
+            raise if match.empty?
+            raise case match[:code]
+                  when 'MessageRejected'
+                    Fog::AWS::SES::MessageRejected.slurp(error, match[:message])
+                  when 'InvalidParameterValue'
+                    Fog::AWS::SES::InvalidParameterError.slurp(error, match[:message])
+                  else
+                    Fog::AWS::SES::Error.slurp(error, "#{match[:code]} => #{match[:message]}")
+                  end
+          end
 
           response
         end

data/lib/fog/aws/storage.rb

@@ -491,13 +491,14 @@ DATA
           refresh_credentials_if_expired
 
           expires = Fog::Time.now.to_date_header
+
+          params[:headers]['x-amz-security-token'] = @aws_session_token if @aws_session_token
           signature = signature(params, expires)
 
           params = request_params(params)
           params.delete(:port) unless params[:port]
 
           params[:headers]['Date'] = expires
-          params[:headers]['x-amz-security-token'] = @aws_session_token if @aws_session_token
           params[:headers]['Authorization'] = "AWS #{@aws_access_key_id}:#{signature}"
           # FIXME: ToHashParser should make this not needed
           original_params = params.dup

data/lib/fog/aws/sts.rb

@@ -3,16 +3,18 @@ require 'fog/aws'
 module Fog
   module AWS
     class STS < Fog::Service
+      extend Fog::AWS::CredentialFetcher::ServiceMethods
 
       class EntityAlreadyExists < Fog::AWS::STS::Error; end
       class ValidationError < Fog::AWS::STS::Error; end
 
       requires :aws_access_key_id, :aws_secret_access_key
-      recognizes :host, :path, :port, :scheme, :persistent
+      recognizes :host, :path, :port, :scheme, :persistent, :aws_session_token, :use_iam_profile, :aws_credentials_expire_at
 
       request_path 'fog/aws/requests/sts'
       request :get_federation_token
       request :get_session_token
+      request :assume_role
 
       class Mock
         def self.data
@@ -33,7 +35,8 @@ module Fog
         end
 
         def initialize(options={})
-          @aws_access_key_id = options[:aws_access_key_id]
+          @use_iam_profile = options[:use_iam_profile]
+          setup_credentials(options)
         end
 
         def data
@@ -43,10 +46,14 @@ module Fog
         def reset_data
           self.class.data.delete(@aws_access_key_id)
         end
+
+        def setup_credentials(options)
+          @aws_access_key_id = options[:aws_access_key_id]
+        end
       end
 
       class Real
-
+        include Fog::AWS::CredentialFetcher::ConnectionMethods
         # Initialize connection to STS
         #
         # ==== Notes
@@ -67,10 +74,10 @@ module Fog
         def initialize(options={})
           require 'fog/core/parser'
 
-          @aws_access_key_id      = options[:aws_access_key_id]
-          @aws_secret_access_key  = options[:aws_secret_access_key]
+          @use_iam_profile = options[:use_iam_profile]
+          setup_credentials(options)
           @connection_options     = options[:connection_options] || {}
-          @hmac       = Fog::HMAC.new('sha256', @aws_secret_access_key)
+
           @host       = options[:host]        || 'sts.amazonaws.com'
           @path       = options[:path]        || '/'
           @persistent = options[:persistent]  || false
@@ -85,6 +92,14 @@ module Fog
 
         private
 
+        def setup_credentials(options)
+          @aws_access_key_id      = options[:aws_access_key_id]
+          @aws_secret_access_key  = options[:aws_secret_access_key]
+          @aws_session_token      = options[:aws_session_token]
+          @aws_credentials_expire_at = options[:aws_credentials_expire_at]
+          @hmac = Fog::HMAC.new('sha256', @aws_secret_access_key)
+        end
+
         def request(params)
           idempotent  = params.delete(:idempotent)
           parser      = params.delete(:parser)
@@ -93,6 +108,7 @@ module Fog
             params,
             {
               :aws_access_key_id  => @aws_access_key_id,
+              :aws_session_token  => @aws_session_token,
               :hmac               => @hmac,
               :host               => @host,
               :path               => @path,
@@ -102,7 +118,7 @@ module Fog
           )
 
           begin
-            response = @connection.request({
+            @connection.request({
               :body       => body,
               :expects    => 200,
               :idempotent => idempotent,
@@ -111,23 +127,17 @@ module Fog
               :method     => 'POST',
               :parser     => parser
             })
-
-            response
           rescue Excon::Errors::HTTPStatusError => error
-            if match = error.message.match(/(?:.*<Code>(.*)<\/Code>)(?:.*<Message>(.*)<\/Message>)/m)
-              case match[1]
-              when 'EntityAlreadyExists', 'KeyPairMismatch', 'LimitExceeded', 'MalformedCertificate', 'ValidationError'
-                raise Fog::AWS::STS.const_get(match[1]).slurp(error, match[2])
-              else
-                raise Fog::AWS::STS::Error.slurp(error, "#{match[1]} => #{match[2]}") if match[1]
-                raise
-              end
-            else
-              raise
-            end
+            match = Fog::AWS::Errors.match_error(error)
+            raise if match.empty?
+            raise case match[:code]
+                  when 'EntityAlreadyExists', 'KeyPairMismatch', 'LimitExceeded', 'MalformedCertificate', 'ValidationError'
+                    Fog::AWS::STS.const_get(match[:code]).slurp(error, match[:message])
+                  else
+                    Fog::AWS::STS::Error.slurp(error, "#{match[:code]} => #{match[:message]}")
+                  end
           end
 
-
         end
 
       end

data/lib/fog/bin.rb

@@ -4,7 +4,6 @@ module Fog
   class << self
 
     def available_providers
-	  Kernel.const_get('Ninefold')
       @available_providers ||= Fog.providers.values.select {|provider| Kernel.const_get(provider).available?}.sort
     end
 

data/lib/fog/bin/openstack.rb

@@ -15,6 +15,8 @@ class OpenStack < Fog::Bin
         Fog::Storage::OpenStack
       when :volume
         Fog::Volume::OpenStack
+      when :metering
+        Fog::Metering::OpenStack
       else
         raise ArgumentError, "Unrecognized service: #{key}"
       end
@@ -41,6 +43,9 @@ class OpenStack < Fog::Bin
         when :volume
           Fog::Logger.warning("OpenStack[:volume] is not recommended, use Volume[:openstack] for portability")
           Fog::Volume.new(:provider => 'OpenStack')
+        when :metering
+          Fog::Logger.warning("OpenStack[:metering] is not recommended, use Metering[:openstack] for portability")
+          Fog::Metering.new(:provider => 'OpenStack')
         else
           raise ArgumentError, "Unrecognized service: #{key.inspect}"
         end

data/lib/fog/brightbox/compute.rb

@@ -1,14 +1,12 @@
 require 'fog/brightbox'
 require 'fog/compute'
-require 'fog/brightbox/oauth2'
+require 'fog/brightbox/compute/shared'
 require 'fog/brightbox/compute/image_selector'
 
 module Fog
   module Compute
     class Brightbox < Fog::Service
 
-      API_URL = "https://api.gb1.brightbox.com/"
-
       # Client credentials
       requires :brightbox_client_id, :brightbox_secret
 
@@ -34,6 +32,8 @@ module Fog
       model       :application
       collection  :api_clients
       model       :api_client
+      collection  :collaborations
+      model       :collaboration
       collection  :servers
       model       :server
       collection  :server_groups
@@ -54,17 +54,22 @@ module Fog
       model       :cloud_ip
       collection  :users
       model       :user
+      collection  :user_collaborations
+      model       :user_collaboration
 
       request_path 'fog/brightbox/requests/compute'
+      request :accept_user_collaboration
       request :activate_console_server
       request :add_listeners_load_balancer
       request :add_nodes_load_balancer
       request :add_servers_server_group
       request :apply_to_firewall_policy
+      request :accept_user_collaboration
       request :remove_firewall_policy
       request :create_api_client
       request :create_application
       request :create_cloud_ip
+      request :create_collaboration
       request :create_firewall_policy
       request :create_firewall_rule
       request :create_image
@@ -74,17 +79,20 @@ module Fog
       request :delete_api_client
       request :delete_application
       request :delete_cloud_ip
+      request :delete_collaboration
       request :delete_firewall_policy
       request :delete_firewall_rule
       request :delete_image
       request :delete_load_balancer
       request :delete_server
       request :delete_server_group
+      request :delete_user_collaboration
       request :get_account
       request :get_api_client
       request :get_application
       request :get_authenticated_user
       request :get_cloud_ip
+      request :get_collaboration
       request :get_firewall_policy
       request :get_firewall_rule
       request :get_image
@@ -95,11 +103,13 @@ module Fog
       request :get_server_group
       request :get_server_type
       request :get_user
+      request :get_user_collaboration
       request :get_zone
       request :list_accounts
       request :list_api_clients
       request :list_applications
       request :list_cloud_ips
+      request :list_collaborations
       request :list_firewall_policies
       request :list_images
       request :list_load_balancers
@@ -107,16 +117,21 @@ module Fog
       request :list_server_types
       request :list_servers
       request :list_users
+      request :list_user_collaborations
       request :list_zones
       request :map_cloud_ip
       request :move_servers_server_group
+      request :reject_user_collaboration
       request :remove_listeners_load_balancer
       request :remove_nodes_load_balancer
       request :remove_servers_server_group
+      request :resend_collaboration
       request :reset_ftp_password_account
       request :reset_ftp_password_scoped_account
       request :reset_secret_api_client
       request :reset_secret_application
+      request :resend_collaboration
+      request :reject_user_collaboration
       request :shutdown_server
       request :snapshot_server
       request :start_server
@@ -135,220 +150,13 @@ module Fog
       request :update_server_group
       request :update_user
 
-      module Shared
-        include Fog::Brightbox::OAuth2
-
-        # Creates a new instance of the Brightbox Compute service
-        #
-        # @note If you create service using just a refresh token when it
-        #   expires the service will no longer be able to authenticate.
-        #
-        # @param [Hash] options
-        # @option options [String] :brightbox_api_url   Override the default (or configured) API endpoint
-        # @option options [String] :brightbox_auth_url  Override the default (or configured) API authentication endpoint
-        # @option options [String] :brightbox_client_id Client identifier to authenticate with (overrides configured)
-        # @option options [String] :brightbox_secret    Client secret to authenticate with (overrides configured)
-        # @option options [String] :brightbox_username  Email or user identifier for user based authentication
-        # @option options [String] :brightbox_password  Password for user based authentication
-        # @option options [String] :brightbox_account   Account identifier to scope this connection to
-        # @option options [String] :connection_options  Settings to pass to underlying {Fog::Connection}
-        # @option options [Boolean] :persistent         Sets a persistent HTTP {Fog::Connection}
-        # @option options [String] :brightbox_access_token  Sets the OAuth access token to use rather than requesting a new token
-        # @option options [String] :brightbox_refresh_token Sets the refresh token to use when requesting a newer access token
-        # @option options [String] :brightbox_token_management Overide the existing behaviour to request access tokens if expired (default is `true`)
-        #
-        def initialize(options)
-          # Currently authentication and api endpoints are the same but may change
-          @auth_url            = options[:brightbox_auth_url]  || Fog.credentials[:brightbox_auth_url] || API_URL
-          @auth_connection     = Fog::Connection.new(@auth_url)
-
-          @api_url             = options[:brightbox_api_url]   || Fog.credentials[:brightbox_api_url]  || API_URL
-          @connection_options  = options[:connection_options]  || {}
-          @persistent          = options[:persistent]          || false
-          @connection          = Fog::Connection.new(@api_url, @persistent, @connection_options)
-
-          # Authentication options
-          client_id            = options[:brightbox_client_id] || Fog.credentials[:brightbox_client_id]
-          client_secret        = options[:brightbox_secret]    || Fog.credentials[:brightbox_secret]
-
-          username             = options[:brightbox_username]  || Fog.credentials[:brightbox_username]
-          password             = options[:brightbox_password]  || Fog.credentials[:brightbox_password]
-          @configured_account  = options[:brightbox_account]   || Fog.credentials[:brightbox_account]
-          # Request account can be changed at anytime and changes behaviour of future requests
-          @scoped_account      = @configured_account
-
-          credential_options   = {:username => username, :password => password}
-          @credentials         = CredentialSet.new(client_id, client_secret, credential_options)
-
-          # If existing tokens have been cached, allow continued use of them in the service
-          @credentials.update_tokens(options[:brightbox_access_token], options[:brightbox_refresh_token])
-
-          @token_management    = options.fetch(:brightbox_token_management, true)
-        end
-
-        # Sets the scoped account for future requests
-        # @param [String] scoped_account Identifier of the account to scope request to
-        def scoped_account=(scoped_account)
-          @scoped_account = scoped_account
-        end
-
-        # This returns the account identifier that the request should be scoped by
-        # based on the options passed to the request and current configuration
-        #
-        # @param [String] options_account Any identifier passed into the request
-        #
-        # @return [String, nil] The account identifier to scope the request to or nil
-        def scoped_account(options_account = nil)
-          [options_account, @scoped_account].compact.first
-        end
-
-        # Resets the scoped account back to intially configured one
-        def scoped_account_reset
-          @scoped_account = @configured_account
-        end
-
-        # Returns the scoped account being used for requests
-        #
-        # * For API clients this is the owning account
-        # * For User applications this is the account specified by either +account_id+
-        #   option on the service or the +brightbox_account+ setting in your configuration
-        #
-        # @return [Fog::Compute::Brightbox::Account]
-        #
-        def account
-          account_data = get_scoped_account.merge(:service => self)
-          Fog::Compute::Brightbox::Account.new(account_data)
-        end
-
-        # Returns true if authentication is being performed as a user
-        # @return [Boolean]
-        def authenticating_as_user?
-          @credentials.user_details?
-        end
-
-        # Returns true if an access token is set
-        # @return [Boolean]
-        def access_token_available?
-          !! @credentials.access_token
-        end
-
-        # Returns the current access token or nil
-        # @return [String,nil]
-        def access_token
-          @credentials.access_token
-        end
-
-        # Returns the current refresh token or nil
-        # @return [String,nil]
-        def refresh_token
-          @credentials.refresh_token
-        end
-
-        # Returns the current token expiry time in seconds or nil
-        # @return [Number,nil]
-        def expires_in
-          @credentials.expires_in
-        end
-
-        # Requests a new access token
-        #
-        # @return [String] New access token
-        def get_access_token
-          begin
-            get_access_token!
-          rescue Excon::Errors::Unauthorized, Excon::Errors::BadRequest
-            @credentials.update_tokens(nil, nil)
-          end
-          @credentials.access_token
-        end
-
-        # Requests a new access token and raises if there is a problem
-        #
-        # @return [String] New access token
-        # @raise [Excon::Errors::BadRequest] The credentials are expired or incorrect
-        #
-        def get_access_token!
-          response = request_access_token(@auth_connection, @credentials)
-          update_credentials_from_response(@credentials, response)
-          @credentials.access_token
-        end
-
-        # Returns an identifier for the default image for use
-        #
-        # Currently tries to find the latest version of Ubuntu (i686) from
-        # Brightbox.
-        #
-        # Highly recommended that you actually select the image you want to run
-        # on your servers yourself!
-        #
-        # @return [String] if image is found, returns the identifier
-        # @return [NilClass] if no image is found or an error occurs
-        #
-        def default_image
-          return @default_image_id unless @default_image_id.nil?
-          @default_image_id = Fog.credentials[:brightbox_default_image] || select_default_image
-        end
-
-      private
-
-        # This makes a request of the API based on the configured setting for
-        # token management.
-        #
-        # @param [Hash] options Excon compatible options
-        # @see https://github.com/geemus/excon/blob/master/lib/excon/connection.rb
-        #
-        # @return [Hash] Data of response body
-        #
-        def make_request(options)
-          if @token_management
-            managed_token_request(options)
-          else
-            authenticated_request(options)
-          end
-        end
-
-        # This request checks for access tokens and will ask for a new one if
-        # it receives Unauthorized from the API before repeating the request
-        #
-        # @param [Hash] options Excon compatible options
-        #
-        # @return [Excon::Response]
-        def managed_token_request(options)
-          begin
-            get_access_token unless access_token_available?
-            response = authenticated_request(options)
-          rescue Excon::Errors::Unauthorized
-            get_access_token
-            response = authenticated_request(options)
-          end
-        end
-
-        # This request makes an authenticated request of the API using currently
-        # setup credentials.
-        #
-        # @param [Hash] options Excon compatible options
-        #
-        # @see https://github.com/geemus/excon/blob/master/lib/excon/connection.rb
-        #
-        # @return [Excon::Response]
-        def authenticated_request(options)
-          headers = options[:headers] || {}
-          headers.merge!("Authorization" => "OAuth #{@credentials.access_token}", "Content-Type" => "application/json")
-          options[:headers] = headers
-          # TODO This is just a wrapper around a call to Excon::Connection#request
-          #   so can be extracted from Compute by passing in the connection,
-          #   credentials and options
-          @connection.request(options)
-        end
-      end
-
       # The Mock Service allows you to run a fake instance of the Service
       # which makes no real connections.
       #
       # @todo Implement
       #
       class Mock
-        include Shared
+        include Fog::Brightbox::Compute::Shared
 
         def request(method, path, expected_responses, parameters = {})
           _request
@@ -373,7 +181,7 @@ module Fog
       # service.
       #
       class Real
-        include Shared
+        include Fog::Brightbox::Compute::Shared
 
         # Makes an API request to the given path using passed options or those
         # set with the service setup