tencentcloud-sdk-common 3.0.995 → 3.0.996

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/VERSION +1 -1
  3. data/lib/tencentcloud-sdk-common/client.rb +9 -6
  4. data/lib/tencentcloud-sdk-common/credential.rb +4 -0
  5. data/lib/tencentcloud-sdk-common/oidc_credential.rb +72 -0
  6. data/lib/tencentcloud-sdk-common.rb +1 -0
  7. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 5c27634a70c2749967500eb213da4f38d74d797c
4
- data.tar.gz: d9e02b9662abfef7ba3ce48a1ef8d55f6068f519
3
+ metadata.gz: 6b8c1ce4efb874bd66b131389321bf139731e96d
4
+ data.tar.gz: 4d933f12882ede9156daf8b49c53c36c3be568bc
5
5
  SHA512:
6
- metadata.gz: e214674dc00679f68c8f1ca6534727af45a96fe492ba17eb398d0b114875244ed1beeb846bdda8c4e4e2293987928a64e1b37ddc34027994a90ccc25c7df86d0
7
- data.tar.gz: d6fbede1f923168aa0531ef978634814efbfa71dd3fa8b3af63fa501f48f8f9a2279adffe395b5e6bf0eb6a1ab7f76fb0704222720a4667f5092aa102bbe63a3
6
+ metadata.gz: 3102a81eb411bd413dcdacd9accfcdabb5bef46e5d0d4912f0ce049342c052222cf3cbf5652fe350247587e5a8d892a2e20c24b47f11ac08e19778b5010cdda1
7
+ data.tar.gz: 4231f024d96e524ccd32cbba4c1a29cc101f306419646f81ed0b6d80502465faecb5d084771fe840e432e5d408f314835513e29ad08e08379062c3af1f9fffcf
data/lib/VERSION CHANGED
@@ -1 +1 @@
1
- 3.0.995
1
+ 3.0.996
data/lib/tencentcloud-sdk-common/client.rb CHANGED
@@ -13,8 +13,6 @@ module TencentCloud
13
13
  include Log
14
14
 
15
15
  def initialize(credential, region, api_version, api_endpoint, sdk_version, profile = nil)
16
- raise TencentCloudSDKException.new('InvalidCredential', 'Credential is None or invalid') unless credential
17
-
18
16
  @credential = credential
19
17
  @region = region
20
18
  @api_version = api_version
@@ -85,7 +83,6 @@ module TencentCloud
85
83
  req.header['X-TC-Version'] = @api_version
86
84
  req.header['X-TC-Region'] = @region
87
85
  req.header['X-TC-Language'] = @profile.language
88
- req.header['X-TC-Token'] = @credential.token if @credential.token
89
86
  req.header['X-TC-Content-SHA256'] = 'UNSIGNED-PAYLOAD' if @profile.unsigned_payload
90
87
  req.header['X-TC-TraceId'] = SecureRandom.uuid
91
88
  if req.method == 'GET'
@@ -128,9 +125,15 @@ module TencentCloud
128
125
  payload = 'UNSIGNED-PAYLOAD' if @profile.unsigned_payload
129
126
  hashed_payload = Digest::SHA256.hexdigest(payload)
130
127
 
131
- authorization = Sign.sign_v3(content_type, endpoint, @profile.http_profile.req_method, req.uri,
132
- canonical_querystring, hashed_payload, req.header['X-TC-Timestamp'],
133
- @credential.secret_id, @credential.secret_key)
128
+ if @credential.nil?
129
+ authorization = "SKIP"
130
+ else
131
+ secret_id, secret_key, token = @credential.credential
132
+ authorization = Sign.sign_v3(content_type, endpoint, @profile.http_profile.req_method, req.uri,
133
+ canonical_querystring, hashed_payload, req.header['X-TC-Timestamp'],
134
+ secret_id, secret_key)
135
+ req.header['X-TC-Token'] = token if token
136
+ end
134
137
  req.header['Authorization'] = authorization
135
138
  end
136
139
  end
data/lib/tencentcloud-sdk-common/credential.rb CHANGED
@@ -24,6 +24,10 @@ module TencentCloud
24
24
  @secret_key = secret_key
25
25
  @token = token
26
26
  end
27
+
28
+ def credential
29
+ [@secret_id, @secret_key, @token]
30
+ end
27
31
  end
28
32
  end
29
33
  end
data/lib/tencentcloud-sdk-common/oidc_credential.rb ADDED
@@ -0,0 +1,72 @@
1
+ # frozen_string_literal: true
2
+ require 'time'
3
+
4
+ module TencentCloud
5
+ module Common
6
+ class OIDCCredential
7
+ SES_NAME = 'tencentcloud-ruby-sdk-'
8
+ SES_DUR = 7200
9
+ API_VERSION = '2018-08-13'
10
+ API_ENDPOINT = 'sts.tencentcloudapi.com'
11
+ API_ACTION = 'AssumeRoleWithWebIdentity'
12
+ SDK_VERSION = 'CLB_' + File.read(File.expand_path('../VERSION', __dir__)).strip
13
+
14
+ attr_accessor :secret_id, :secret_key, :token
15
+
16
+ def initialize
17
+ @expire_t = 0
18
+ initialize_args
19
+ end
20
+
21
+ def credential
22
+ refresh
23
+ [@secret_id, @secret_key, @token]
24
+ end
25
+
26
+ def initialize_args
27
+ @region = ENV['TKE_REGION']
28
+ @provider_id = ENV['TKE_PROVIDER_ID']
29
+ token_file = ENV['TKE_WEB_IDENTITY_TOKEN_FILE']
30
+ @role_arn = ENV['TKE_ROLE_ARN']
31
+ @ses_name = SES_NAME + (Time.now.to_r * 1_000).to_i.to_s
32
+ @ses_dur = SES_DUR
33
+
34
+ if @region.nil? || @provider_id.nil? || token_file.nil? || @role_arn.nil? || @ses_name.nil? || @ses_dur.nil?
35
+ raise TencentCloudSDKException.new('InvalidCredential', 'env TKE_REGION, TKE_PROVIDER_ID, TKE_WEB_IDENTITY_TOKEN_FILE, TKE_ROLE_ARN not exist')
36
+ end
37
+
38
+ @token = File.read(token_file).strip
39
+ end
40
+
41
+ def refresh
42
+ if @expire_t - Time.now.to_i > SES_DUR / 10
43
+ return
44
+ end
45
+
46
+ initialize_args
47
+
48
+ client = AbstractClient.new(nil, @region, API_VERSION, API_ENDPOINT, SDK_VERSION, nil)
49
+
50
+ req = {
51
+ 'ProviderId': @provider_id,
52
+ 'WebIdentityToken': @token,
53
+ 'RoleArn': @role_arn,
54
+ 'RoleSessionName': @ses_name,
55
+ 'DurationSeconds': @ses_dur,
56
+ }
57
+ response = JSON.parse(client.send_request(API_ACTION, req))
58
+ if response['Response'].key?('Error')
59
+ code = response['Response']['Error']['Code']
60
+ message = response['Response']['Error']['Message']
61
+ reqid = response['Response']['RequestId']
62
+ raise TencentCloud::Common::TencentCloudSDKException.new(code, message, reqid)
63
+ end
64
+
65
+ @secret_id = response['Response']['Credentials']['TmpSecretId']
66
+ @secret_key = response['Response']['Credentials']['TmpSecretKey']
67
+ @token = response['Response']['Credentials']['Token']
68
+ @expire_t = response['Response']['ExpiredTime']
69
+ end
70
+ end
71
+ end
72
+ end
data/lib/tencentcloud-sdk-common.rb CHANGED
@@ -9,6 +9,7 @@ require_relative 'tencentcloud-sdk-common/models'
9
9
  require_relative 'tencentcloud-sdk-common/sign'
10
10
  require_relative 'tencentcloud-sdk-common/http/request'
11
11
  require_relative 'tencentcloud-sdk-common/client'
12
+ require_relative 'tencentcloud-sdk-common/oidc_credential'
12
13
 
13
14
  module TencentCloud
14
15
  # sdk common module
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: tencentcloud-sdk-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.995
4
+ version: 3.0.996
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tencent Cloud
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2025-02-10 00:00:00.000000000 Z
11
+ date: 2025-02-11 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: Tencent Cloud Ruby SDK is the official software development kit, which
14
14
  allows Ruby developers to write software that makes use of Tencent Cloud service.
@@ -26,6 +26,7 @@ files:
26
26
  - lib/tencentcloud-sdk-common/log.rb
27
27
  - lib/tencentcloud-sdk-common/exception.rb
28
28
  - lib/tencentcloud-sdk-common/credential.rb
29
+ - lib/tencentcloud-sdk-common/oidc_credential.rb
29
30
  - lib/tencentcloud-sdk-common/models.rb
30
31
  - lib/tencentcloud-sdk-common/client.rb
31
32
  - lib/VERSION