muffin_man 2.4.11 → 2.4.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +11 -0
- data/README.md +1 -7
- data/lib/muffin_man/application_management/v20231130.rb +7 -2
- data/lib/muffin_man/sp_api_client.rb +2 -32
- data/lib/muffin_man/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3ce653dae1f306ad75e6faaf2fc8cc6757eb86e9fc7b1c679883d501a611cb52
|
|
4
|
+
data.tar.gz: b557ef7d1ce5a636eea20c3f4ef8d7d3db8865148d90189515530d7623633481
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fc46a5838cafcd55a676d767f50a6dc82e710b5ba7710f3b93bc7a1959a557e546a2bcb82234aa6b0a891d25934bab94cf063ee720ba0aebaebf48d681e11793
|
|
7
|
+
data.tar.gz: 1805031ebbacabced9e6074871ed558f5f6cf6f49c5db6d0125d9fc1284ef5dd27467cd520343f574ebaf4b05ba62e105649a7b0fe6774b3a124caff64a16d71
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,14 @@
|
|
|
1
|
+
# 2.4.13
|
|
2
|
+
|
|
3
|
+
- Remove AWS STS Signature in requests [#97](https://github.com/patterninc/muffin_man/pull/97)
|
|
4
|
+
|
|
5
|
+
# 2.4.12
|
|
6
|
+
|
|
7
|
+
- [#95](https://github.com/patterninc/muffin_man/pull/95)
|
|
8
|
+
- [#94](https://github.com/patterninc/muffin_man/pull/94)
|
|
9
|
+
- [#93](https://github.com/patterninc/muffin_man/pull/93)
|
|
10
|
+
- [#92](https://github.com/patterninc/muffin_man/pull/92)
|
|
11
|
+
|
|
1
12
|
# 2.4.11
|
|
2
13
|
|
|
3
14
|
- Application Management API v2023-11-30 [#88](https://github.com/patterninc/muffin_man/pull/88)
|
data/README.md
CHANGED
|
@@ -66,10 +66,7 @@ credentials = {
|
|
|
66
66
|
refresh_token: LWA_REFRESH_TOKEN,
|
|
67
67
|
client_id: CLIENT_ID,
|
|
68
68
|
client_secret: CLIENT_SECRET,
|
|
69
|
-
aws_access_key_id: AWS_ACCESS_KEY_ID,
|
|
70
|
-
aws_secret_access_key: AWS_SECRET_ACCESS_KEY,
|
|
71
69
|
region: REGION, # This can be one of ['na', 'eu', 'fe'] and defaults to 'na'
|
|
72
|
-
sts_iam_role_arn: STS_IAM_ROLE_ARN, # Optional
|
|
73
70
|
access_token_cache_key: SELLING_PARTNER_ID, # Optional if you want access token caching
|
|
74
71
|
}
|
|
75
72
|
client = MuffinMan::Solicitations::V1.new(credentials)
|
|
@@ -115,9 +112,6 @@ To retrieve the refresh token from an LWA Website authorization workflow, you ca
|
|
|
115
112
|
credentials = {
|
|
116
113
|
client_id: CLIENT_ID,
|
|
117
114
|
client_secret: CLIENT_SECRET,
|
|
118
|
-
aws_access_key_id: AWS_ACCESS_KEY_ID,
|
|
119
|
-
aws_secret_access_key: AWS_SECRET_ACCESS_KEY,
|
|
120
|
-
sts_iam_role_arn: STS_IAM_ROLE_ARN, # Optional
|
|
121
115
|
scope: 'sellingpartnerapi::migration' # Grantless scope for MWS migration
|
|
122
116
|
}
|
|
123
117
|
client = MuffinMan::Authorization::V1.new(credentials)
|
|
@@ -136,7 +130,7 @@ access_token = MuffinMan::Lwa::AuthHelper.get_access_token(scope, client_id, cli
|
|
|
136
130
|
### Rotating application client secret
|
|
137
131
|
To rotate client secret for application
|
|
138
132
|
```ruby
|
|
139
|
-
MuffinMan::ApplicationManagement::V20231130.rotate_application_client_secret(
|
|
133
|
+
MuffinMan::ApplicationManagement::V20231130.rotate_application_client_secret(client_id,client_secret)
|
|
140
134
|
```
|
|
141
135
|
|
|
142
136
|
### Debugging
|
|
@@ -3,10 +3,15 @@
|
|
|
3
3
|
module MuffinMan
|
|
4
4
|
module ApplicationManagement
|
|
5
5
|
class V20231130
|
|
6
|
-
def self.rotate_application_client_secret(
|
|
6
|
+
def self.rotate_application_client_secret(client_id, client_secret)
|
|
7
|
+
access_token = MuffinMan::Lwa::AuthHelper.get_access_token("sellingpartnerapi::client_credential:rotation",
|
|
8
|
+
client_id, client_secret)
|
|
7
9
|
Typhoeus.post(
|
|
8
10
|
"https://sellingpartnerapi-na.amazon.com/applications/2023-11-30/clientSecret",
|
|
9
|
-
headers: {
|
|
11
|
+
headers: {
|
|
12
|
+
"x-amz-access-token" => access_token,
|
|
13
|
+
"Content-Type" => "application/json;charset=UTF-8"
|
|
14
|
+
}
|
|
10
15
|
)
|
|
11
16
|
end
|
|
12
17
|
end
|
|
@@ -6,8 +6,7 @@ require "securerandom"
|
|
|
6
6
|
|
|
7
7
|
module MuffinMan
|
|
8
8
|
class SpApiClient
|
|
9
|
-
attr_reader :refresh_token, :client_id, :client_secret, :
|
|
10
|
-
:aws_secret_access_key, :sts_iam_role_arn, :sandbox, :config,
|
|
9
|
+
attr_reader :refresh_token, :client_id, :client_secret, :sandbox, :config,
|
|
11
10
|
:region, :request_type, :local_var_path, :query_params,
|
|
12
11
|
:request_body, :scope, :access_token_cache_key, :credentials,
|
|
13
12
|
:pii_data_elements
|
|
@@ -26,9 +25,6 @@ module MuffinMan
|
|
|
26
25
|
@refresh_token = credentials[:refresh_token]
|
|
27
26
|
@client_id = credentials[:client_id]
|
|
28
27
|
@client_secret = credentials[:client_secret]
|
|
29
|
-
@aws_access_key_id = credentials[:aws_access_key_id]
|
|
30
|
-
@aws_secret_access_key = credentials[:aws_secret_access_key]
|
|
31
|
-
@sts_iam_role_arn = credentials[:sts_iam_role_arn]
|
|
32
28
|
@region = credentials[:region] || "na"
|
|
33
29
|
@scope = credentials[:scope]
|
|
34
30
|
@access_token_cache_key = credentials[:access_token_cache_key]
|
|
@@ -135,43 +131,17 @@ module MuffinMan
|
|
|
135
131
|
JSON.parse(response.body)
|
|
136
132
|
end
|
|
137
133
|
|
|
138
|
-
def request_sts_token
|
|
139
|
-
client = Aws::STS::Client.new(
|
|
140
|
-
region: derive_aws_region,
|
|
141
|
-
credentials: Aws::Credentials.new(aws_access_key_id, aws_secret_access_key),
|
|
142
|
-
http_wire_trace: ENV.fetch("AWS_DEBUG", nil) == "true" || false
|
|
143
|
-
)
|
|
144
|
-
client.assume_role(role_arn: sts_iam_role_arn, role_session_name: SecureRandom.uuid)
|
|
145
|
-
end
|
|
146
|
-
|
|
147
|
-
def signed_request
|
|
148
|
-
request_config = {
|
|
149
|
-
service: SERVICE_NAME,
|
|
150
|
-
region: derive_aws_region,
|
|
151
|
-
endpoint: sp_api_host
|
|
152
|
-
}
|
|
153
|
-
if sts_iam_role_arn.nil?
|
|
154
|
-
request_config[:access_key_id] = aws_access_key_id
|
|
155
|
-
request_config[:secret_access_key] = aws_secret_access_key
|
|
156
|
-
else
|
|
157
|
-
request_config[:credentials_provider] = request_sts_token
|
|
158
|
-
end
|
|
159
|
-
signer = Aws::Sigv4::Signer.new(request_config)
|
|
160
|
-
signer.sign_request(http_method: request_type, url: request.url, body: request_body&.to_json)
|
|
161
|
-
end
|
|
162
|
-
|
|
163
134
|
def headers
|
|
164
135
|
if requires_rdt_token_for_pii?
|
|
165
136
|
access_token = retrieve_rdt_access_token || retrieve_lwa_access_token
|
|
166
137
|
else
|
|
167
138
|
access_token = scope ? retrieve_grantless_access_token : retrieve_lwa_access_token
|
|
168
139
|
end
|
|
169
|
-
|
|
140
|
+
{
|
|
170
141
|
"x-amz-access-token" => access_token,
|
|
171
142
|
"user-agent" => "MuffinMan/#{VERSION} (Language=Ruby)",
|
|
172
143
|
"content-type" => "application/json"
|
|
173
144
|
}
|
|
174
|
-
signed_request.headers.merge(headers)
|
|
175
145
|
end
|
|
176
146
|
|
|
177
147
|
def requires_rdt_token_for_pii?
|
data/lib/muffin_man/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: muffin_man
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.4.
|
|
4
|
+
version: 2.4.13
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Gavin
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: exe
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2025-
|
|
13
|
+
date: 2025-03-11 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: rspec
|
|
@@ -226,7 +226,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
226
226
|
- !ruby/object:Gem::Version
|
|
227
227
|
version: '0'
|
|
228
228
|
requirements: []
|
|
229
|
-
rubygems_version: 3.
|
|
229
|
+
rubygems_version: 3.4.19
|
|
230
230
|
signing_key:
|
|
231
231
|
specification_version: 4
|
|
232
232
|
summary: Amazon Selling Partner API client
|