From a715819976aae48384eb967c0912091ed8e3ff06 Mon Sep 17 00:00:00 2001
From: Frederick Cheung <frederick.cheung@gmail.com>
Date: Wed, 20 Jun 2012 23:16:34 +0100
Subject: [PATCH] [AWS] make beanstalk, cdn, cloudformation, cloudwatch,
 elasticache, elb, storage, rds, ses, sns, route53 temporary credential
 friendly

---
 lib/fog/aws/beanstalk.rb       | 1 +
 lib/fog/aws/cdn.rb             | 1 +
 lib/fog/aws/cloud_formation.rb | 1 +
 lib/fog/aws/cloud_watch.rb     | 1 +
 lib/fog/aws/dns.rb             | 1 +
 lib/fog/aws/elasticache.rb     | 1 +
 lib/fog/aws/elb.rb             | 1 +
 lib/fog/aws/emr.rb             | 1 +
 lib/fog/aws/rds.rb             | 1 +
 lib/fog/aws/ses.rb             | 5 +++--
 lib/fog/aws/sns.rb             | 1 +
 lib/fog/aws/storage.rb         | 4 +++-
 12 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/lib/fog/aws/beanstalk.rb b/lib/fog/aws/beanstalk.rb
index e7477f132..0112d8deb 100644
--- a/lib/fog/aws/beanstalk.rb
+++ b/lib/fog/aws/beanstalk.rb
@@ -111,6 +111,7 @@ module Fog
               params,
               {
                   :aws_access_key_id  => @aws_access_key_id,
+                  :aws_session_token  => @aws_session_token,
                   :hmac               => @hmac,
                   :host               => @host,
                   :path               => @path,
diff --git a/lib/fog/aws/cdn.rb b/lib/fog/aws/cdn.rb
index 64f595c7f..caf5c5011 100644
--- a/lib/fog/aws/cdn.rb
+++ b/lib/fog/aws/cdn.rb
@@ -119,6 +119,7 @@ module Fog
 
           params[:headers] ||= {}
           params[:headers]['Date'] = Fog::Time.now.to_date_header
+          params[:headers]['x-amz-security-token'] = @aws_session_token if @aws_session_token
           params[:headers]['Authorization'] = "AWS #{@aws_access_key_id}:#{signature(params)}"
           params[:path] = "/#{@version}/#{params[:path]}" 
           @connection.request(params, &block)
diff --git a/lib/fog/aws/cloud_formation.rb b/lib/fog/aws/cloud_formation.rb
index 71f73de42..a87acaa9d 100644
--- a/lib/fog/aws/cloud_formation.rb
+++ b/lib/fog/aws/cloud_formation.rb
@@ -86,6 +86,7 @@ module Fog
             params,
             {
               :aws_access_key_id  => @aws_access_key_id,
+              :aws_session_token  => @aws_session_token,
               :hmac               => @hmac,
               :host               => @host,
               :path               => @path,
diff --git a/lib/fog/aws/cloud_watch.rb b/lib/fog/aws/cloud_watch.rb
index 8f73b9c14..cef8c4556 100644
--- a/lib/fog/aws/cloud_watch.rb
+++ b/lib/fog/aws/cloud_watch.rb
@@ -99,6 +99,7 @@ module Fog
             params,
             {
               :aws_access_key_id  => @aws_access_key_id,
+              :aws_session_token  => @aws_session_token,
               :hmac               => @hmac,
               :host               => @host,
               :path               => @path,
diff --git a/lib/fog/aws/dns.rb b/lib/fog/aws/dns.rb
index a00de4448..615f93a55 100644
--- a/lib/fog/aws/dns.rb
+++ b/lib/fog/aws/dns.rb
@@ -122,6 +122,7 @@ module Fog
           refresh_credentials_if_expired
           params[:headers] ||= {}
           params[:headers]['Date'] = Fog::Time.now.to_date_header
+          params[:headers]['x-amz-security-token'] = @aws_session_token if @aws_session_token
           params[:headers]['X-Amzn-Authorization'] = "AWS3-HTTPS AWSAccessKeyId=#{@aws_access_key_id},Algorithm=HmacSHA1,Signature=#{signature(params)}"
           params[:path] = "/#{@version}/#{params[:path]}"
           @connection.request(params, &block)
diff --git a/lib/fog/aws/elasticache.rb b/lib/fog/aws/elasticache.rb
index 3ecc37daf..9a6c08ab4 100644
--- a/lib/fog/aws/elasticache.rb
+++ b/lib/fog/aws/elasticache.rb
@@ -88,6 +88,7 @@ module Fog
             params,
             {
             :aws_access_key_id  => @aws_access_key_id,
+            :aws_session_token  => @aws_session_token,
             :hmac               => @hmac,
             :host               => @host,
             :path               => @path,
diff --git a/lib/fog/aws/elb.rb b/lib/fog/aws/elb.rb
index 44a921bfc..494aaa896 100644
--- a/lib/fog/aws/elb.rb
+++ b/lib/fog/aws/elb.rb
@@ -160,6 +160,7 @@ module Fog
             params,
             {
               :aws_access_key_id  => @aws_access_key_id,
+              :aws_session_token  => @aws_session_token,
               :hmac               => @hmac,
               :host               => @host,
               :path               => @path,
diff --git a/lib/fog/aws/emr.rb b/lib/fog/aws/emr.rb
index 8ca4ccfb6..52e72b659 100644
--- a/lib/fog/aws/emr.rb
+++ b/lib/fog/aws/emr.rb
@@ -102,6 +102,7 @@ module Fog
             params,
             {
               :aws_access_key_id  => @aws_access_key_id,
+              :aws_session_token  => @aws_session_token,
               :hmac               => @hmac,
               :host               => @host,
               :path               => @path,
diff --git a/lib/fog/aws/rds.rb b/lib/fog/aws/rds.rb
index 14462b8be..26680fbda 100644
--- a/lib/fog/aws/rds.rb
+++ b/lib/fog/aws/rds.rb
@@ -169,6 +169,7 @@ module Fog
             params,
             {
               :aws_access_key_id  => @aws_access_key_id,
+              :aws_session_token  => @aws_session_token,
               :hmac               => @hmac,
               :host               => @host,
               :path               => @path,
diff --git a/lib/fog/aws/ses.rb b/lib/fog/aws/ses.rb
index db646fb6d..fbaa44382 100644
--- a/lib/fog/aws/ses.rb
+++ b/lib/fog/aws/ses.rb
@@ -82,11 +82,12 @@ module Fog
           idempotent  = params.delete(:idempotent)
           parser      = params.delete(:parser)
 
+
           headers = {
             'Content-Type'  => 'application/x-www-form-urlencoded',
-            'Date'          => Fog::Time.now.to_date_header
+            'Date'          => Fog::Time.now.to_date_header,
           }
-
+          headers['x-amz-security-token'] = @aws_session_token if @aws_session_token
           #AWS3-HTTPS AWSAccessKeyId=<Your AWS Access Key ID>, Algorithm=HmacSHA256, Signature=<Signature>
           headers['X-Amzn-Authorization'] = 'AWS3-HTTPS '
           headers['X-Amzn-Authorization'] << 'AWSAccessKeyId=' << @aws_access_key_id
diff --git a/lib/fog/aws/sns.rb b/lib/fog/aws/sns.rb
index dd28d1a42..5319c896a 100644
--- a/lib/fog/aws/sns.rb
+++ b/lib/fog/aws/sns.rb
@@ -90,6 +90,7 @@ module Fog
             params,
             {
               :aws_access_key_id  => @aws_access_key_id,
+              :aws_session_token  => @aws_session_token,
               :hmac               => @hmac,
               :host               => @host,
               :path               => @path,
diff --git a/lib/fog/aws/storage.rb b/lib/fog/aws/storage.rb
index 6df8f9978..257d9eeb4 100644
--- a/lib/fog/aws/storage.rb
+++ b/lib/fog/aws/storage.rb
@@ -99,6 +99,7 @@ module Fog
           params[:headers]['Date'] = expires.to_i
           params[:path] = Fog::AWS.escape(params[:path]).gsub('%2F', '/')
           query = []
+          params[:headers]['x-amz-security-token'] = @aws_session_token if @aws_session_token
           if params[:query]
             for key, value in params[:query]
               query << "#{key}=#{Fog::AWS.escape(value)}"
@@ -107,6 +108,7 @@ module Fog
           query << "AWSAccessKeyId=#{@aws_access_key_id}"
           query << "Signature=#{Fog::AWS.escape(signature(params))}"
           query << "Expires=#{params[:headers]['Date']}"
+          query << "x-amz-security-token=#{Fog::AWS.escape(@aws_session_token)}" if @aws_session_token
           port_part = params[:port] && ":#{params[:port]}"
           "#{params[:scheme]}://#{params[:host]}#{port_part}/#{params[:path]}?#{query.join('&')}"
         end
@@ -379,8 +381,8 @@ DATA
           refresh_credentials_if_expired
 
           params[:headers]['Date'] = Fog::Time.now.to_date_header
+          params[:headers]['x-amz-security-token'] = @aws_session_token if @aws_session_token
           params[:headers]['Authorization'] = "AWS #{@aws_access_key_id}:#{signature(params)}"
-
           # FIXME: ToHashParser should make this not needed
           original_params = params.dup