Paws.common cran 0.5.2

Author: Larefly

paws.common/DESCRIPTION

@@ -1,7 +1,7 @@
 Package: paws.common
 Type: Package
 Title: Paws Low-Level Amazon Web Services API
-Version: 0.5.1.9000
+Version: 0.5.2
 Authors@R: c(
         person("David", "Kretch", email = "[email protected]", role = "aut"),
         person("Adam", "Banker", email = "[email protected]", role = "aut"),
@@ -54,8 +54,8 @@ Collate:
     'service.R'
     'custom_dynamodb.R'
     'custom_rds.R'
-    'xmlutil.R'
     'util.R'
+    'xmlutil.R'
     'stream.R'
     'custom_s3.R'
     'error.R'

paws.common/NEWS.md

@@ -1,10 +1,11 @@
-# paws.common 0.5.1.9000
+# paws.common 0.5.2
 
 * Fix Content-Md5 being modified by user
 * Add logging system to help with debugging paws issues
 * Automatically redirect S3 requests when they are initially made to the wrong region; previously these requests would fail
 * Add support for `AssumeRoleWithWebIdentity` (#477, thanks to @fh-mthomson for contribution)
 * Clarify that `AWS_CREDENTIAL_EXPIRATION` is optional when using `AWS_SESSION_TOKEN` (#549)
+* Add support to IMDSv2 instances (#441, thanks to @jornfranke for contribution)
 
 # paws.common 0.5.1
 

paws.common/R/config.R

@@ -173,16 +173,15 @@ get_instance_metadata <- function(query_path = "") {
   # Get token timeout for IMDSv2 tokens
   token <-  "" # Token to be used in case of more secure IMDSv2 authentication
   #try IMDSv2  (more information): https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html
-   metadata_token_url <-  file.path(
+  metadata_token_url <-  file.path(
     "http://169.254.169.254/latest/api/token"
   )
- metadata_token_request <-
-    new_http_request(
-        "PUT", 
-        metadata_token_url, 
-        timeout = 1, 
-        header=c("X-aws-ec2-metadata-token-ttl-seconds"= token_ttl)
-    )
+  metadata_token_request <- new_http_request(
+    "PUT",
+    metadata_token_url,
+    timeout = 1,
+    header=c("X-aws-ec2-metadata-token-ttl-seconds"= token_ttl)
+  )
 
   metadata_token_response <- tryCatch(
     {
@@ -192,26 +191,24 @@ get_instance_metadata <- function(query_path = "") {
       NULL
     }
   )
-  if (!(is.null(metadata_token_response)) && metadata_token_response$status_code == 200) {
-      if (length(metadata_token_response["body"])>0) {
-          token=rawToChar(metadata_token_response["body"])
-      } 
+  if (!is.null(metadata_token_response) && metadata_token_response$status_code == 200) {
+    if (length(metadata_token_response[["body"]])>0) {
+      token <- rawToChar(metadata_token_response[["body"]])
+    }
   }
   metadata_url <- file.path(
     "http://169.254.169.254/latest/meta-data",
     query_path
   )
   if (token!="") {
-  metadata_request <-
-    new_http_request(
-        "GET", 
-        metadata_url, 
-        timeout = 1, 
-        header=c("X-aws-ec2-metadata-token"= token)
+    metadata_request <- new_http_request(
+      "GET",
+      metadata_url,
+      timeout = 1,
+      header = c("X-aws-ec2-metadata-token"= token)
     )
   } else {
-  metadata_request <-
-    new_http_request("GET", metadata_url, timeout = 1)
+    metadata_request <- new_http_request("GET", metadata_url, timeout = 1)
   }
   metadata_response <- tryCatch(
     {

paws.common/R/credential_providers.R

@@ -344,13 +344,12 @@ get_container_credentials <- function() {
   credentials_response_body <-
     jsonlite::fromJSON(raw_to_utf8(metadata_response$body))
 
-  credentials_list <-
-    list(
-      access_key_id  = credentials_response_body$AccessKeyId,
-      secret_access_key = credentials_response_body$SecretAccessKey,
-      session_token = credentials_response_body$Token,
-      expiration = as_timestamp(credentials_response_body$Expiration, "iso8601"),
-    )
+  credentials_list <- list(
+    access_key_id  = credentials_response_body$AccessKeyId,
+    secret_access_key = credentials_response_body$SecretAccessKey,
+    session_token = credentials_response_body$Token,
+    expiration = as_timestamp(credentials_response_body$Expiration, "iso8601")
+  )
 
   return(credentials_list)
 }

paws.common/tests/testthat/test_config.R

@@ -90,8 +90,9 @@ test_that("get_web_identity_token_file", {
 })
 
 test_that("get_instance_metadata_imdsv1", {
-   # this function mocks the behaviour of the IMDSv1 metadata service in so far as it allows testing of get_instance_metadata in config.
-   valid_metadata_response="ami-id
+  # this function mocks the behaviour of the IMDSv1 metadata service in so far
+  # as it allows testing of get_instance_metadata in config.
+  valid_metadata_response <- "ami-id
 ami-launch-index
 ami-manifest-path
 block-device-mapping/
@@ -114,46 +115,73 @@ public-keys/
 reservation-id
 security-groups
 services/"
-   mock_imdsv1_behaviour <- function(http_request) {
-       # mock behaviour of the imdsv1 metadata service in case it gets an imdsv2 request
-      if (http_request$url$scheme=="http" && http_request$method=="PUT" && http_request$url$path=="/latest/api/token") {
-             # ignore this as this only available in IMDSv2.
-             mock_imdsv1_response_for_imdsv2_request=HttpResponse(
-                status_code = 404,
-                header = c("Server"="EC2ws","Connection"="Close", "Content-Type"="text/plain","Content-Length"="0"),
-                content_length = as.integer("0"),
-                body = charToRaw("")
-            )
-             return (mock_imdsv1_response_for_imdsv2_request)
-        }
-       # mock behaviour of the imdsv1 metadata service
-       if (http_request$url$scheme=="http" && http_request$method=="GET" && http_request$url$path=="/latest/meta-data/") {
-             # provide response according to IMDSv1
-             mock_imdsv1_metadata_response=HttpResponse(
-                status_code = 200,
-                header = c("Server"="EC2ws","Connection"="Close", "Content-Type"="text/plain","Content-Length"="297"),
-                content_length = as.integer("297"),
-                body = charToRaw(valid_metadata_response)
-            )
-             return (mock_imdsv1_metadata_response)
-        }
-       # if there is an invalid request in general return a HTTP error code
-         mock_imdsv1_response_invalid_request=HttpResponse(
-                status_code = 405,
-                header = c("Server"="EC2ws","Connection"="Close", "Content-Type"="text/plain","Content-Length"="0"),
-                content_length = as.integer("0"),
-                body = charToRaw("")
-         )
-         return (mock_imdsv1_response_invalid_request)
+  imdsv1_behaviour <- function(http_request) {
+    # mock behaviour of the imdsv1 metadata service in case it gets an
+    # imdsv2 request
+    if (http_request$url$scheme=="http"
+        && http_request$method=="PUT"
+        && http_request$url$path=="/latest/api/token") {
+        # ignore this as this only available in IMDSv2.
+      mock_imdsv1_response_for_imdsv2_request <- HttpResponse(
+        status_code = 404,
+        header = c(
+          "Server"="EC2ws",
+          "Connection"="Close",
+          "Content-Type"="text/plain",
+          "Content-Length"="0"
+        ),
+        content_length = 0L,
+        body = charToRaw("")
+      )
+      return (mock_imdsv1_response_for_imdsv2_request)
     }
-    mockery::stub(get_instance_metadata, 'issue', mock_imdsv1_behaviour)
-    expect_equal(charToRaw(valid_metadata_response),get_instance_metadata()$body)
- })
+    # mock behaviour of the imdsv1 metadata service
+    if (http_request$url$scheme=="http"
+      && http_request$method=="GET"
+      && grepl("meta-data", http_request$url$path)) {
+      # provide response according to IMDSv1
+      mock_imdsv1_metadata_response <- HttpResponse(
+        status_code = 200,
+        header = c(
+          "Server"="EC2ws",
+          "Connection"="Close",
+          "Content-Type"="text/plain",
+          "Content-Length"="297"
+        ),
+        content_length = 297L,
+        body = charToRaw(valid_metadata_response)
+      )
+      return (mock_imdsv1_metadata_response)
+    }
+    # if there is an invalid request in general return a HTTP error code
+    mock_imdsv1_response_invalid_request <- HttpResponse(
+      status_code = 405,
+      header = c(
+        "Server"="EC2ws",
+        "Connection"="Close",
+        "Content-Type"="text/plain",
+        "Content-Length"="0"
+      ),
+      content_length = 0L,
+      body = charToRaw("")
+    )
+    return (mock_imdsv1_response_invalid_request)
+  }
+  mock_imdsv1_behaviour <- mock2(side_effect = imdsv1_behaviour)
+  mockery::stub(get_instance_metadata, 'issue', mock_imdsv1_behaviour)
+  actual <- get_instance_metadata()
 
+  expect_equal(mock_call_no(mock_imdsv1_behaviour), 2)
+  expect_equal(
+    charToRaw(valid_metadata_response),
+    actual$body
+  )
+})
 
 test_that("get_instance_metadata_imdsv2", {
-   # this function mocks the behaviour of the IMDSv2 metadata service in so far as it allows testing of get_instance_metadata in config.
-   valid_metadata_response="ami-id
+  # this function mocks the behaviour of the IMDSv2 metadata service in so far
+  # as it allows testing of get_instance_metadata in config.
+  valid_metadata_response <- "ami-id
 ami-launch-index
 ami-manifest-path
 block-device-mapping/
@@ -176,45 +204,71 @@ public-keys/
 reservation-id
 security-groups
 services/"
-   test_aws_token="AWSTESTINGTokENZZ-XXXXxxxXXXx2XXx1X45XXxXXxX-XxXXxxxXx=="
-   mock_imdsv2_behaviour <- function(http_request) {
-       # mock behaviour of the imdsv2 metadata service
-      if (http_request$url$scheme=="http" && http_request$method=="PUT" && http_request$url$path=="/latest/api/token"
-          && !is.na(http_request$header["X-aws-ec2-metadata-token-ttl-seconds"])
-          && !is.na(as.numeric(http_request$header[["X-aws-ec2-metadata-token-ttl-seconds"]]))
-        ) {
-             # provide a valid IMDSv2 metadata service token
-             mock_imdsv2_token_response=HttpResponse(
-                status_code = 200,
-                header = c("Server"="EC2ws","Connection"="Close", "Content-Type"="text/plain","Content-Length"="56"),
-                content_length = as.integer("56"),
-                body = charToRaw(test_aws_token)
-            )
-             return (mock_imdsv2_token_response)
-        }
-       # mock behaviour of the imdsv2 metadata service
-       if (http_request$url$scheme=="http" && http_request$method=="GET" && http_request$url$path=="/latest/meta-data/"
-             && !is.na(http_request$header["X-aws-ec2-metadata-token"])
-             && http_request$header[["X-aws-ec2-metadata-token"]]==test_aws_token
-        ) {
-             # provide response according to IMDSv1
-             mock_imdsv2_metadata_response=HttpResponse(
-                status_code = 200,
-                header = c("Server"="EC2ws","Connection"="Close", "Content-Type"="text/plain","Content-Length"="297","X-Aws-Ec2-Metadata-Token-Ttl-Seconds"="21587"),
-                content_length = as.integer("297"),
-                body = charToRaw(valid_metadata_response)
-            )
-             return (mock_imdsv2_metadata_response)
-        }
-       # if there is an invalid request in general return a HTTP error code
-         mock_imdsv1_response_invalid_request=HttpResponse(
-                status_code = 405,
-                header = c("Server"="EC2ws","Connection"="Close", "Content-Type"="text/plain","Content-Length"="0"),
-                content_length = as.integer("0"),
-                body = charToRaw("")
-         )
-         return (mock_imdsv1_response_invalid_request)
+  test_aws_token <- "AWSTESTINGTokENZZ-XXXXxxxXXXx2XXx1X45XXxXXxX-XxXXxxxXx=="
+  imdsv2_behaviour <- function(http_request) {
+    # mock behaviour of the imdsv2 metadata service
+    if (http_request$url$scheme=="http"
+      && http_request$method=="PUT"
+      && http_request$url$path=="/latest/api/token"
+      && !is.na(http_request$header[["X-aws-ec2-metadata-token-ttl-seconds"]])
+      && !is.na(as.numeric(http_request$header[["X-aws-ec2-metadata-token-ttl-seconds"]]))
+      ) {
+      # provide a valid IMDSv2 metadata service token
+      mock_imdsv2_token_response <- HttpResponse(
+        status_code = 200,
+        header = c(
+        "Server"="EC2ws",
+        "Connection"="Close",
+        "Content-Type"="text/plain",
+        "Content-Length"="56"
+        ),
+        content_length = 56L,
+        body = charToRaw(test_aws_token)
+      )
+      return (mock_imdsv2_token_response)
+    }
+    # mock behaviour of the imdsv2 metadata service
+    if (http_request$url$scheme=="http"
+      && http_request$method=="GET"
+      && grepl("meta-data", http_request$url$path)
+      && !is.na(http_request$header[["X-aws-ec2-metadata-token"]])
+      && http_request$header[["X-aws-ec2-metadata-token"]]==test_aws_token
+      ) {
+      # provide response according to IMDSv1
+      mock_imdsv2_metadata_response <- HttpResponse(
+        status_code = 200,
+        header = c(
+          "Server"="EC2ws","Connection"="Close",
+          "Content-Type"="text/plain",
+          "Content-Length"="297",
+          "X-Aws-Ec2-Metadata-Token-Ttl-Seconds"="21587"
+        ),
+        content_length = 297L,
+        body = charToRaw(valid_metadata_response)
+      )
+      return (mock_imdsv2_metadata_response)
     }
-    mockery::stub(get_instance_metadata, 'issue', mock_imdsv2_behaviour)
-    expect_equal(charToRaw(valid_metadata_response),get_instance_metadata()$body)
- })
+    # if there is an invalid request in general return a HTTP error code
+    mock_imdsv1_response_invalid_request <- HttpResponse(
+      status_code = 405,
+      header = c(
+        "Server"="EC2ws",
+        "Connection"="Close",
+        "Content-Type"="text/plain",
+        "Content-Length"="0"
+      ),
+      content_length = 0L,
+      body = charToRaw("")
+    )
+    return (mock_imdsv1_response_invalid_request)
+  }
+  mock_imdsv2_behaviour <- mock2(side_effect = imdsv2_behaviour)
+  mockery::stub(get_instance_metadata, 'issue', mock_imdsv2_behaviour)
+  actual <- get_instance_metadata()
+
+  expect_equal(mock_call_no(mock_imdsv2_behaviour), 2)
+  expect_equal(
+    charToRaw(valid_metadata_response),
+    actual$body
+  )
+})