summaryrefslogtreecommitdiff
path: root/lib/rubygems/s3_uri_signer.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/rubygems/s3_uri_signer.rb')
-rw-r--r--lib/rubygems/s3_uri_signer.rb37
1 files changed, 19 insertions, 18 deletions
diff --git a/lib/rubygems/s3_uri_signer.rb b/lib/rubygems/s3_uri_signer.rb
index bba9afc9ff..7c95a9d4f5 100644
--- a/lib/rubygems/s3_uri_signer.rb
+++ b/lib/rubygems/s3_uri_signer.rb
@@ -1,5 +1,6 @@
-require 'digest'
-require 'rubygems/openssl'
+# frozen_string_literal: true
+
+require_relative "openssl"
##
# S3URISigner implements AWS SigV4 for S3 Source to avoid a dependency on the aws-sdk-* gems
@@ -11,7 +12,7 @@ class Gem::S3URISigner
end
def to_s # :nodoc:
- "#{super}"
+ super.to_s
end
end
@@ -21,7 +22,7 @@ class Gem::S3URISigner
end
def to_s # :nodoc:
- "#{super}"
+ super.to_s
end
end
@@ -33,7 +34,7 @@ class Gem::S3URISigner
##
# Signs S3 URI using query-params according to the reference: https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
- def sign(expiration = 86400)
+ def sign(expiration = 86_400)
s3_config = fetch_s3_config
current_time = Time.now.utc
@@ -48,7 +49,7 @@ class Gem::S3URISigner
string_to_sign = generate_string_to_sign(date_time, credential_info, canonical_request)
signature = generate_signature(s3_config, date, string_to_sign)
- URI.parse("https://#{canonical_host}#{uri.path}?#{query_params}&X-Amz-Signature=#{signature}")
+ Gem::URI.parse("https://#{canonical_host}#{uri.path}?#{query_params}&X-Amz-Signature=#{signature}")
end
private
@@ -87,7 +88,7 @@ class Gem::S3URISigner
"AWS4-HMAC-SHA256",
date_time,
credential_info,
- Digest::SHA256.hexdigest(canonical_request),
+ OpenSSL::Digest::SHA256.hexdigest(canonical_request),
].join("\n")
end
@@ -135,29 +136,29 @@ class Gem::S3URISigner
end
def base64_uri_escape(str)
- str.gsub(/[\+\/=\n]/, BASE64_URI_TRANSLATE)
+ str.gsub(%r{[\+/=\n]}, BASE64_URI_TRANSLATE)
end
def ec2_metadata_credentials_json
- require 'net/http'
- require 'rubygems/request'
- require 'rubygems/request/connection_pools'
- require 'json'
+ require_relative "vendored_net_http"
+ require_relative "request"
+ require_relative "request/connection_pools"
+ require "json"
iam_info = ec2_metadata_request(EC2_IAM_INFO)
# Expected format: arn:aws:iam::<id>:instance-profile/<role_name>
- role_name = iam_info['InstanceProfileArn'].split('/').last
+ role_name = iam_info["InstanceProfileArn"].split("/").last
ec2_metadata_request(EC2_IAM_SECURITY_CREDENTIALS + role_name)
end
def ec2_metadata_request(url)
- uri = URI(url)
+ uri = Gem::URI(url)
@request_pool ||= create_request_pool(uri)
- request = Gem::Request.new(uri, Net::HTTP::Get, nil, @request_pool)
+ request = Gem::Request.new(uri, Gem::Net::HTTP::Get, nil, @request_pool)
response = request.fetch
case response
- when Net::HTTPOK then
+ when Gem::Net::HTTPOK then
JSON.parse(response.body)
else
raise InstanceProfileError.new("Unable to fetch AWS metadata from #{uri}: #{response.message} #{response.code}")
@@ -171,6 +172,6 @@ class Gem::S3URISigner
end
BASE64_URI_TRANSLATE = { "+" => "%2B", "/" => "%2F", "=" => "%3D", "\n" => "" }.freeze
- EC2_IAM_INFO = "http://169.254.169.254/latest/meta-data/iam/info".freeze
- EC2_IAM_SECURITY_CREDENTIALS = "http://169.254.169.254/latest/meta-data/iam/security-credentials/".freeze
+ EC2_IAM_INFO = "http://169.254.169.254/latest/meta-data/iam/info"
+ EC2_IAM_SECURITY_CREDENTIALS = "http://169.254.169.254/latest/meta-data/iam/security-credentials/"
end