tencentcloud-sdk-common 3.0.995 → 3.0.996

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/VERSION +1 -1
  3. data/lib/tencentcloud-sdk-common/client.rb +9 -6
  4. data/lib/tencentcloud-sdk-common/credential.rb +4 -0
  5. data/lib/tencentcloud-sdk-common/oidc_credential.rb +72 -0
  6. data/lib/tencentcloud-sdk-common.rb +1 -0
  7. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 5c27634a70c2749967500eb213da4f38d74d797c
4
- data.tar.gz: d9e02b9662abfef7ba3ce48a1ef8d55f6068f519
3
+ metadata.gz: 6b8c1ce4efb874bd66b131389321bf139731e96d
4
+ data.tar.gz: 4d933f12882ede9156daf8b49c53c36c3be568bc
5
5
  SHA512:
6
- metadata.gz: e214674dc00679f68c8f1ca6534727af45a96fe492ba17eb398d0b114875244ed1beeb846bdda8c4e4e2293987928a64e1b37ddc34027994a90ccc25c7df86d0
7
- data.tar.gz: d6fbede1f923168aa0531ef978634814efbfa71dd3fa8b3af63fa501f48f8f9a2279adffe395b5e6bf0eb6a1ab7f76fb0704222720a4667f5092aa102bbe63a3
6
+ metadata.gz: 3102a81eb411bd413dcdacd9accfcdabb5bef46e5d0d4912f0ce049342c052222cf3cbf5652fe350247587e5a8d892a2e20c24b47f11ac08e19778b5010cdda1
7
+ data.tar.gz: 4231f024d96e524ccd32cbba4c1a29cc101f306419646f81ed0b6d80502465faecb5d084771fe840e432e5d408f314835513e29ad08e08379062c3af1f9fffcf
data/lib/VERSION CHANGED
@@ -1 +1 @@
1
- 3.0.995
1
+ 3.0.996
data/lib/tencentcloud-sdk-common/client.rb CHANGED
@@ -13,8 +13,6 @@ module TencentCloud
13
13
  include Log
14
14
 
15
15
  def initialize(credential, region, api_version, api_endpoint, sdk_version, profile = nil)
16
- raise TencentCloudSDKException.new('InvalidCredential', 'Credential is None or invalid') unless credential
17
-
18
16
  @credential = credential
19
17
  @region = region
20
18
  @api_version = api_version
@@ -85,7 +83,6 @@ module TencentCloud
85
83
  req.header['X-TC-Version'] = @api_version
86
84
  req.header['X-TC-Region'] = @region
87
85
  req.header['X-TC-Language'] = @profile.language
88
- req.header['X-TC-Token'] = @credential.token if @credential.token
89
86
  req.header['X-TC-Content-SHA256'] = 'UNSIGNED-PAYLOAD' if @profile.unsigned_payload
90
87
  req.header['X-TC-TraceId'] = SecureRandom.uuid
91
88
  if req.method == 'GET'
@@ -128,9 +125,15 @@ module TencentCloud
128
125
  payload = 'UNSIGNED-PAYLOAD' if @profile.unsigned_payload
129
126
  hashed_payload = Digest::SHA256.hexdigest(payload)
130
127
 
131
- authorization = Sign.sign_v3(content_type, endpoint, @profile.http_profile.req_method, req.uri,
132
- canonical_querystring, hashed_payload, req.header['X-TC-Timestamp'],
133
- @credential.secret_id, @credential.secret_key)
128
+ if @credential.nil?
129
+ authorization = "SKIP"
130
+ else
131
+ secret_id, secret_key, token = @credential.credential
132
+ authorization = Sign.sign_v3(content_type, endpoint, @profile.http_profile.req_method, req.uri,
133
+ canonical_querystring, hashed_payload, req.header['X-TC-Timestamp'],
134
+ secret_id, secret_key)
135
+ req.header['X-TC-Token'] = token if token
136
+ end
134
137
  req.header['Authorization'] = authorization
135
138
  end
136
139
  end
data/lib/tencentcloud-sdk-common/credential.rb CHANGED
@@ -24,6 +24,10 @@ module TencentCloud
24
24
  @secret_key = secret_key
25
25
  @token = token
26
26
  end
27
+
28
+ def credential
29
+ [@secret_id, @secret_key, @token]
30
+ end
27
31
  end
28
32
  end
29
33
  end
data/lib/tencentcloud-sdk-common/oidc_credential.rb ADDED
@@ -0,0 +1,72 @@
1
+ # frozen_string_literal: true
2
+ require 'time'
3
+
4
+ module TencentCloud
5
+ module Common
6
+ class OIDCCredential
7
+ SES_NAME = 'tencentcloud-ruby-sdk-'
8
+ SES_DUR = 7200
9
+ API_VERSION = '2018-08-13'
10
+ API_ENDPOINT = 'sts.tencentcloudapi.com'
11
+ API_ACTION = 'AssumeRoleWithWebIdentity'
12
+ SDK_VERSION = 'CLB_' + File.read(File.expand_path('../VERSION', __dir__)).strip
13
+
14
+ attr_accessor :secret_id, :secret_key, :token
15
+
16
+ def initialize
17
+ @expire_t = 0
18
+ initialize_args
19
+ end
20
+
21
+ def credential
22
+ refresh
23
+ [@secret_id, @secret_key, @token]
24
+ end
25
+
26
+ def initialize_args
27
+ @region = ENV['TKE_REGION']
28
+ @provider_id = ENV['TKE_PROVIDER_ID']
29
+ token_file = ENV['TKE_WEB_IDENTITY_TOKEN_FILE']
30
+ @role_arn = ENV['TKE_ROLE_ARN']
31
+ @ses_name = SES_NAME + (Time.now.to_r * 1_000).to_i.to_s
32
+ @ses_dur = SES_DUR
33
+
34
+ if @region.nil? || @provider_id.nil? || token_file.nil? || @role_arn.nil? || @ses_name.nil? || @ses_dur.nil?
35
+ raise TencentCloudSDKException.new('InvalidCredential', 'env TKE_REGION, TKE_PROVIDER_ID, TKE_WEB_IDENTITY_TOKEN_FILE, TKE_ROLE_ARN not exist')
36
+ end
37
+
38
+ @token = File.read(token_file).strip
39
+ end
40
+
41
+ def refresh
42
+ if @expire_t - Time.now.to_i > SES_DUR / 10
43
+ return
44
+ end
45
+
46
+ initialize_args
47
+
48
+ client = AbstractClient.new(nil, @region, API_VERSION, API_ENDPOINT, SDK_VERSION, nil)
49
+
50
+ req = {
51
+ 'ProviderId': @provider_id,
52
+ 'WebIdentityToken': @token,
53
+ 'RoleArn': @role_arn,
54
+ 'RoleSessionName': @ses_name,
55
+ 'DurationSeconds': @ses_dur,
56
+ }
57
+ response = JSON.parse(client.send_request(API_ACTION, req))
58
+ if response['Response'].key?('Error')
59
+ code = response['Response']['Error']['Code']
60
+ message = response['Response']['Error']['Message']
61
+ reqid = response['Response']['RequestId']
62
+ raise TencentCloud::Common::TencentCloudSDKException.new(code, message, reqid)
63
+ end
64
+
65
+ @secret_id = response['Response']['Credentials']['TmpSecretId']
66
+ @secret_key = response['Response']['Credentials']['TmpSecretKey']
67
+ @token = response['Response']['Credentials']['Token']
68
+ @expire_t = response['Response']['ExpiredTime']
69
+ end
70
+ end
71
+ end
72
+ end
data/lib/tencentcloud-sdk-common.rb CHANGED
@@ -9,6 +9,7 @@ require_relative 'tencentcloud-sdk-common/models'
9
9
  require_relative 'tencentcloud-sdk-common/sign'
10
10
  require_relative 'tencentcloud-sdk-common/http/request'
11
11
  require_relative 'tencentcloud-sdk-common/client'
12
+ require_relative 'tencentcloud-sdk-common/oidc_credential'
12
13
 
13
14
  module TencentCloud
14
15
  # sdk common module
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: tencentcloud-sdk-common
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.995
4
+ version: 3.0.996
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tencent Cloud
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2025-02-10 00:00:00.000000000 Z
11
+ date: 2025-02-11 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: Tencent Cloud Ruby SDK is the official software development kit, which
14
14
  allows Ruby developers to write software that makes use of Tencent Cloud service.
@@ -26,6 +26,7 @@ files:
26
26
  - lib/tencentcloud-sdk-common/log.rb
27
27
  - lib/tencentcloud-sdk-common/exception.rb
28
28
  - lib/tencentcloud-sdk-common/credential.rb
29
+ - lib/tencentcloud-sdk-common/oidc_credential.rb
29
30
  - lib/tencentcloud-sdk-common/models.rb
30
31
  - lib/tencentcloud-sdk-common/client.rb
31
32
  - lib/VERSION