aws-actions/configure-aws-credentials
1
0
Fork 0
mirror of synced 2026-06-05 14:35:14 +00:00
Code Issues Projects Releases Packages Wiki Activity

chore: Update dist

Browse source
This commit is contained in:
GitHub Actions 2025-10-14 03:05:29 +00:00
commit d17e5e49d8
20 changed files with 17745 additions and 19561 deletions
Download patch file Download diff file Expand all files Collapse all files

1224
dist/136.index.js generated vendored Normal file
View file

File diff suppressed because it is too large Load diff

93
dist/360.index.js generated vendored Normal file
View file

@ -0,0 +1,93 @@
"use strict";
exports.id = 360;
exports.ids = [360];
exports.modules = {
/***/ 5360:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
var sharedIniFileLoader = __webpack_require__(4964);
var propertyProvider = __webpack_require__(1238);
var child_process = __webpack_require__(5317);
var util = __webpack_require__(9023);
var client = __webpack_require__(5152);
const getValidatedProcessCredentials = (profileName, data, profiles) => {
if (data.Version !== 1) {
throw Error(`Profile ${profileName} credential_process did not return Version 1.`);
}
if (data.AccessKeyId === undefined || data.SecretAccessKey === undefined) {
throw Error(`Profile ${profileName} credential_process returned invalid credentials.`);
}
if (data.Expiration) {
const currentTime = new Date();
const expireTime = new Date(data.Expiration);
if (expireTime < currentTime) {
throw Error(`Profile ${profileName} credential_process returned expired credentials.`);
}
}
let accountId = data.AccountId;
if (!accountId && profiles?.[profileName]?.aws_account_id) {
accountId = profiles[profileName].aws_account_id;
}
const credentials = {
accessKeyId: data.AccessKeyId,
secretAccessKey: data.SecretAccessKey,
...(data.SessionToken && { sessionToken: data.SessionToken }),
...(data.Expiration && { expiration: new Date(data.Expiration) }),
...(data.CredentialScope && { credentialScope: data.CredentialScope }),
...(accountId && { accountId }),
};
client.setCredentialFeature(credentials, "CREDENTIALS_PROCESS", "w");
return credentials;
};
const resolveProcessCredentials = async (profileName, profiles, logger) => {
const profile = profiles[profileName];
if (profiles[profileName]) {
const credentialProcess = profile["credential_process"];
if (credentialProcess !== undefined) {
const execPromise = util.promisify(sharedIniFileLoader.externalDataInterceptor?.getTokenRecord?.().exec ?? child_process.exec);
try {
const { stdout } = await execPromise(credentialProcess);
let data;
try {
data = JSON.parse(stdout.trim());
}
catch {
throw Error(`Profile ${profileName} credential_process returned invalid JSON.`);
}
return getValidatedProcessCredentials(profileName, data, profiles);
}
catch (error) {
throw new propertyProvider.CredentialsProviderError(error.message, { logger });
}
}
else {
throw new propertyProvider.CredentialsProviderError(`Profile ${profileName} did not contain credential_process.`, { logger });
}
}
else {
throw new propertyProvider.CredentialsProviderError(`Profile ${profileName} could not be found in shared credentials file.`, {
logger,
});
}
};
const fromProcess = (init = {}) => async ({ callerClientConfig } = {}) => {
init.logger?.debug("@aws-sdk/credential-provider-process - fromProcess");
const profiles = await sharedIniFileLoader.parseKnownFiles(init);
return resolveProcessCredentials(sharedIniFileLoader.getProfileName({
profile: init.profile ?? callerClientConfig?.profile,
}), profiles, init.logger);
};
exports.fromProcess = fromProcess;
/***/ })
};
;

856
dist/443.index.js generated vendored Normal file
View file

@ -0,0 +1,856 @@
"use strict";
exports.id = 443;
exports.ids = [443];
exports.modules = {
/***/ 8396:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.resolveHttpAuthSchemeConfig = exports.defaultSSOOIDCHttpAuthSchemeProvider = exports.defaultSSOOIDCHttpAuthSchemeParametersProvider = void 0;
const core_1 = __webpack_require__(8704);
const util_middleware_1 = __webpack_require__(6324);
const defaultSSOOIDCHttpAuthSchemeParametersProvider = async (config, context, input) => {
return {
operation: (0, util_middleware_1.getSmithyContext)(context).operation,
region: (await (0, util_middleware_1.normalizeProvider)(config.region)()) ||
(() => {
throw new Error("expected `region` to be configured for `aws.auth#sigv4`");
})(),
};
};
exports.defaultSSOOIDCHttpAuthSchemeParametersProvider = defaultSSOOIDCHttpAuthSchemeParametersProvider;
function createAwsAuthSigv4HttpAuthOption(authParameters) {
return {
schemeId: "aws.auth#sigv4",
signingProperties: {
name: "sso-oauth",
region: authParameters.region,
},
propertiesExtractor: (config, context) => ({
signingProperties: {
config,
context,
},
}),
};
}
function createSmithyApiNoAuthHttpAuthOption(authParameters) {
return {
schemeId: "smithy.api#noAuth",
};
}
const defaultSSOOIDCHttpAuthSchemeProvider = (authParameters) => {
const options = [];
switch (authParameters.operation) {
case "CreateToken": {
options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
break;
}
default: {
options.push(createAwsAuthSigv4HttpAuthOption(authParameters));
}
}
return options;
};
exports.defaultSSOOIDCHttpAuthSchemeProvider = defaultSSOOIDCHttpAuthSchemeProvider;
const resolveHttpAuthSchemeConfig = (config) => {
const config_0 = (0, core_1.resolveAwsSdkSigV4Config)(config);
return Object.assign(config_0, {
authSchemePreference: (0, util_middleware_1.normalizeProvider)(config.authSchemePreference ?? []),
});
};
exports.resolveHttpAuthSchemeConfig = resolveHttpAuthSchemeConfig;
/***/ }),
/***/ 546:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.defaultEndpointResolver = void 0;
const util_endpoints_1 = __webpack_require__(3068);
const util_endpoints_2 = __webpack_require__(9674);
const ruleset_1 = __webpack_require__(9947);
const cache = new util_endpoints_2.EndpointCache({
size: 50,
params: ["Endpoint", "Region", "UseDualStack", "UseFIPS"],
});
const defaultEndpointResolver = (endpointParams, context = {}) => {
return cache.get(endpointParams, () => (0, util_endpoints_2.resolveEndpoint)(ruleset_1.ruleSet, {
endpointParams: endpointParams,
logger: context.logger,
}));
};
exports.defaultEndpointResolver = defaultEndpointResolver;
util_endpoints_2.customEndpointFunctions.aws = util_endpoints_1.awsEndpointFunctions;
/***/ }),
/***/ 9947:
/***/ ((__unused_webpack_module, exports) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.ruleSet = void 0;
const u = "required", v = "fn", w = "argv", x = "ref";
const a = true, b = "isSet", c = "booleanEquals", d = "error", e = "endpoint", f = "tree", g = "PartitionResult", h = "getAttr", i = { [u]: false, "type": "String" }, j = { [u]: true, "default": false, "type": "Boolean" }, k = { [x]: "Endpoint" }, l = { [v]: c, [w]: [{ [x]: "UseFIPS" }, true] }, m = { [v]: c, [w]: [{ [x]: "UseDualStack" }, true] }, n = {}, o = { [v]: h, [w]: [{ [x]: g }, "supportsFIPS"] }, p = { [x]: g }, q = { [v]: c, [w]: [true, { [v]: h, [w]: [p, "supportsDualStack"] }] }, r = [l], s = [m], t = [{ [x]: "Region" }];
const _data = { version: "1.0", parameters: { Region: i, UseDualStack: j, UseFIPS: j, Endpoint: i }, rules: [{ conditions: [{ [v]: b, [w]: [k] }], rules: [{ conditions: r, error: "Invalid Configuration: FIPS and custom endpoint are not supported", type: d }, { conditions: s, error: "Invalid Configuration: Dualstack and custom endpoint are not supported", type: d }, { endpoint: { url: k, properties: n, headers: n }, type: e }], type: f }, { conditions: [{ [v]: b, [w]: t }], rules: [{ conditions: [{ [v]: "aws.partition", [w]: t, assign: g }], rules: [{ conditions: [l, m], rules: [{ conditions: [{ [v]: c, [w]: [a, o] }, q], rules: [{ endpoint: { url: "https://oidc-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "FIPS and DualStack are enabled, but this partition does not support one or both", type: d }], type: f }, { conditions: r, rules: [{ conditions: [{ [v]: c, [w]: [o, a] }], rules: [{ conditions: [{ [v]: "stringEquals", [w]: [{ [v]: h, [w]: [p, "name"] }, "aws-us-gov"] }], endpoint: { url: "https://oidc.{Region}.amazonaws.com", properties: n, headers: n }, type: e }, { endpoint: { url: "https://oidc-fips.{Region}.{PartitionResult#dnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "FIPS is enabled but this partition does not support FIPS", type: d }], type: f }, { conditions: s, rules: [{ conditions: [q], rules: [{ endpoint: { url: "https://oidc.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "DualStack is enabled but this partition does not support DualStack", type: d }], type: f }, { endpoint: { url: "https://oidc.{Region}.{PartitionResult#dnsSuffix}", properties: n, headers: n }, type: e }], type: f }], type: f }, { error: "Invalid Configuration: Missing Region", type: d }] };
exports.ruleSet = _data;
/***/ }),
/***/ 9443:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
var __webpack_unused_export__;
var middlewareHostHeader = __webpack_require__(2590);
var middlewareLogger = __webpack_require__(5242);
var middlewareRecursionDetection = __webpack_require__(1568);
var middlewareUserAgent = __webpack_require__(2959);
var configResolver = __webpack_require__(9316);
var core = __webpack_require__(402);
var middlewareContentLength = __webpack_require__(7212);
var middlewareEndpoint = __webpack_require__(99);
var middlewareRetry = __webpack_require__(9618);
var smithyClient = __webpack_require__(1411);
var httpAuthSchemeProvider = __webpack_require__(8396);
var runtimeConfig = __webpack_require__(6901);
var regionConfigResolver = __webpack_require__(6463);
var protocolHttp = __webpack_require__(2356);
var middlewareSerde = __webpack_require__(3255);
var core$1 = __webpack_require__(8704);
const resolveClientEndpointParameters = (options) => {
return Object.assign(options, {
useDualstackEndpoint: options.useDualstackEndpoint ?? false,
useFipsEndpoint: options.useFipsEndpoint ?? false,
defaultSigningName: "sso-oauth",
});
};
const commonParams = {
UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" },
Endpoint: { type: "builtInParams", name: "endpoint" },
Region: { type: "builtInParams", name: "region" },
UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" },
};
const getHttpAuthExtensionConfiguration = (runtimeConfig) => {
const _httpAuthSchemes = runtimeConfig.httpAuthSchemes;
let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider;
let _credentials = runtimeConfig.credentials;
return {
setHttpAuthScheme(httpAuthScheme) {
const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId);
if (index === -1) {
_httpAuthSchemes.push(httpAuthScheme);
}
else {
_httpAuthSchemes.splice(index, 1, httpAuthScheme);
}
},
httpAuthSchemes() {
return _httpAuthSchemes;
},
setHttpAuthSchemeProvider(httpAuthSchemeProvider) {
_httpAuthSchemeProvider = httpAuthSchemeProvider;
},
httpAuthSchemeProvider() {
return _httpAuthSchemeProvider;
},
setCredentials(credentials) {
_credentials = credentials;
},
credentials() {
return _credentials;
},
};
};
const resolveHttpAuthRuntimeConfig = (config) => {
return {
httpAuthSchemes: config.httpAuthSchemes(),
httpAuthSchemeProvider: config.httpAuthSchemeProvider(),
credentials: config.credentials(),
};
};
const resolveRuntimeExtensions = (runtimeConfig, extensions) => {
const extensionConfiguration = Object.assign(regionConfigResolver.getAwsRegionExtensionConfiguration(runtimeConfig), smithyClient.getDefaultExtensionConfiguration(runtimeConfig), protocolHttp.getHttpHandlerExtensionConfiguration(runtimeConfig), getHttpAuthExtensionConfiguration(runtimeConfig));
extensions.forEach((extension) => extension.configure(extensionConfiguration));
return Object.assign(runtimeConfig, regionConfigResolver.resolveAwsRegionExtensionConfiguration(extensionConfiguration), smithyClient.resolveDefaultRuntimeConfig(extensionConfiguration), protocolHttp.resolveHttpHandlerRuntimeConfig(extensionConfiguration), resolveHttpAuthRuntimeConfig(extensionConfiguration));
};
class SSOOIDCClient extends smithyClient.Client {
config;
constructor(...[configuration]) {
const _config_0 = runtimeConfig.getRuntimeConfig(configuration || {});
super(_config_0);
this.initConfig = _config_0;
const _config_1 = resolveClientEndpointParameters(_config_0);
const _config_2 = middlewareUserAgent.resolveUserAgentConfig(_config_1);
const _config_3 = middlewareRetry.resolveRetryConfig(_config_2);
const _config_4 = configResolver.resolveRegionConfig(_config_3);
const _config_5 = middlewareHostHeader.resolveHostHeaderConfig(_config_4);
const _config_6 = middlewareEndpoint.resolveEndpointConfig(_config_5);
const _config_7 = httpAuthSchemeProvider.resolveHttpAuthSchemeConfig(_config_6);
const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []);
this.config = _config_8;
this.middlewareStack.use(middlewareUserAgent.getUserAgentPlugin(this.config));
this.middlewareStack.use(middlewareRetry.getRetryPlugin(this.config));
this.middlewareStack.use(middlewareContentLength.getContentLengthPlugin(this.config));
this.middlewareStack.use(middlewareHostHeader.getHostHeaderPlugin(this.config));
this.middlewareStack.use(middlewareLogger.getLoggerPlugin(this.config));
this.middlewareStack.use(middlewareRecursionDetection.getRecursionDetectionPlugin(this.config));
this.middlewareStack.use(core.getHttpAuthSchemeEndpointRuleSetPlugin(this.config, {
httpAuthSchemeParametersProvider: httpAuthSchemeProvider.defaultSSOOIDCHttpAuthSchemeParametersProvider,
identityProviderConfigProvider: async (config) => new core.DefaultIdentityProviderConfig({
"aws.auth#sigv4": config.credentials,
}),
}));
this.middlewareStack.use(core.getHttpSigningPlugin(this.config));
}
destroy() {
super.destroy();
}
}
class SSOOIDCServiceException extends smithyClient.ServiceException {
constructor(options) {
super(options);
Object.setPrototypeOf(this, SSOOIDCServiceException.prototype);
}
}
const AccessDeniedExceptionReason = {
KMS_ACCESS_DENIED: "KMS_AccessDeniedException",
};
class AccessDeniedException extends SSOOIDCServiceException {
name = "AccessDeniedException";
$fault = "client";
error;
reason;
error_description;
constructor(opts) {
super({
name: "AccessDeniedException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, AccessDeniedException.prototype);
this.error = opts.error;
this.reason = opts.reason;
this.error_description = opts.error_description;
}
}
class AuthorizationPendingException extends SSOOIDCServiceException {
name = "AuthorizationPendingException";
$fault = "client";
error;
error_description;
constructor(opts) {
super({
name: "AuthorizationPendingException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, AuthorizationPendingException.prototype);
this.error = opts.error;
this.error_description = opts.error_description;
}
}
const CreateTokenRequestFilterSensitiveLog = (obj) => ({
...obj,
...(obj.clientSecret && { clientSecret: smithyClient.SENSITIVE_STRING }),
...(obj.refreshToken && { refreshToken: smithyClient.SENSITIVE_STRING }),
...(obj.codeVerifier && { codeVerifier: smithyClient.SENSITIVE_STRING }),
});
const CreateTokenResponseFilterSensitiveLog = (obj) => ({
...obj,
...(obj.accessToken && { accessToken: smithyClient.SENSITIVE_STRING }),
...(obj.refreshToken && { refreshToken: smithyClient.SENSITIVE_STRING }),
...(obj.idToken && { idToken: smithyClient.SENSITIVE_STRING }),
});
class ExpiredTokenException extends SSOOIDCServiceException {
name = "ExpiredTokenException";
$fault = "client";
error;
error_description;
constructor(opts) {
super({
name: "ExpiredTokenException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, ExpiredTokenException.prototype);
this.error = opts.error;
this.error_description = opts.error_description;
}
}
class InternalServerException extends SSOOIDCServiceException {
name = "InternalServerException";
$fault = "server";
error;
error_description;
constructor(opts) {
super({
name: "InternalServerException",
$fault: "server",
...opts,
});
Object.setPrototypeOf(this, InternalServerException.prototype);
this.error = opts.error;
this.error_description = opts.error_description;
}
}
class InvalidClientException extends SSOOIDCServiceException {
name = "InvalidClientException";
$fault = "client";
error;
error_description;
constructor(opts) {
super({
name: "InvalidClientException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, InvalidClientException.prototype);
this.error = opts.error;
this.error_description = opts.error_description;
}
}
class InvalidGrantException extends SSOOIDCServiceException {
name = "InvalidGrantException";
$fault = "client";
error;
error_description;
constructor(opts) {
super({
name: "InvalidGrantException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, InvalidGrantException.prototype);
this.error = opts.error;
this.error_description = opts.error_description;
}
}
const InvalidRequestExceptionReason = {
KMS_DISABLED_KEY: "KMS_DisabledException",
KMS_INVALID_KEY_USAGE: "KMS_InvalidKeyUsageException",
KMS_INVALID_STATE: "KMS_InvalidStateException",
KMS_KEY_NOT_FOUND: "KMS_NotFoundException",
};
class InvalidRequestException extends SSOOIDCServiceException {
name = "InvalidRequestException";
$fault = "client";
error;
reason;
error_description;
constructor(opts) {
super({
name: "InvalidRequestException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, InvalidRequestException.prototype);
this.error = opts.error;
this.reason = opts.reason;
this.error_description = opts.error_description;
}
}
class InvalidScopeException extends SSOOIDCServiceException {
name = "InvalidScopeException";
$fault = "client";
error;
error_description;
constructor(opts) {
super({
name: "InvalidScopeException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, InvalidScopeException.prototype);
this.error = opts.error;
this.error_description = opts.error_description;
}
}
class SlowDownException extends SSOOIDCServiceException {
name = "SlowDownException";
$fault = "client";
error;
error_description;
constructor(opts) {
super({
name: "SlowDownException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, SlowDownException.prototype);
this.error = opts.error;
this.error_description = opts.error_description;
}
}
class UnauthorizedClientException extends SSOOIDCServiceException {
name = "UnauthorizedClientException";
$fault = "client";
error;
error_description;
constructor(opts) {
super({
name: "UnauthorizedClientException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, UnauthorizedClientException.prototype);
this.error = opts.error;
this.error_description = opts.error_description;
}
}
class UnsupportedGrantTypeException extends SSOOIDCServiceException {
name = "UnsupportedGrantTypeException";
$fault = "client";
error;
error_description;
constructor(opts) {
super({
name: "UnsupportedGrantTypeException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, UnsupportedGrantTypeException.prototype);
this.error = opts.error;
this.error_description = opts.error_description;
}
}
const se_CreateTokenCommand = async (input, context) => {
const b = core.requestBuilder(input, context);
const headers = {
"content-type": "application/json",
};
b.bp("/token");
let body;
body = JSON.stringify(smithyClient.take(input, {
clientId: [],
clientSecret: [],
code: [],
codeVerifier: [],
deviceCode: [],
grantType: [],
redirectUri: [],
refreshToken: [],
scope: (_) => smithyClient._json(_),
}));
b.m("POST").h(headers).b(body);
return b.build();
};
const de_CreateTokenCommand = async (output, context) => {
if (output.statusCode !== 200 && output.statusCode >= 300) {
return de_CommandError(output, context);
}
const contents = smithyClient.map({
$metadata: deserializeMetadata(output),
});
const data = smithyClient.expectNonNull(smithyClient.expectObject(await core$1.parseJsonBody(output.body, context)), "body");
const doc = smithyClient.take(data, {
accessToken: smithyClient.expectString,
expiresIn: smithyClient.expectInt32,
idToken: smithyClient.expectString,
refreshToken: smithyClient.expectString,
tokenType: smithyClient.expectString,
});
Object.assign(contents, doc);
return contents;
};
const de_CommandError = async (output, context) => {
const parsedOutput = {
...output,
body: await core$1.parseJsonErrorBody(output.body, context),
};
const errorCode = core$1.loadRestJsonErrorCode(output, parsedOutput.body);
switch (errorCode) {
case "AccessDeniedException":
case "com.amazonaws.ssooidc#AccessDeniedException":
throw await de_AccessDeniedExceptionRes(parsedOutput);
case "AuthorizationPendingException":
case "com.amazonaws.ssooidc#AuthorizationPendingException":
throw await de_AuthorizationPendingExceptionRes(parsedOutput);
case "ExpiredTokenException":
case "com.amazonaws.ssooidc#ExpiredTokenException":
throw await de_ExpiredTokenExceptionRes(parsedOutput);
case "InternalServerException":
case "com.amazonaws.ssooidc#InternalServerException":
throw await de_InternalServerExceptionRes(parsedOutput);
case "InvalidClientException":
case "com.amazonaws.ssooidc#InvalidClientException":
throw await de_InvalidClientExceptionRes(parsedOutput);
case "InvalidGrantException":
case "com.amazonaws.ssooidc#InvalidGrantException":
throw await de_InvalidGrantExceptionRes(parsedOutput);
case "InvalidRequestException":
case "com.amazonaws.ssooidc#InvalidRequestException":
throw await de_InvalidRequestExceptionRes(parsedOutput);
case "InvalidScopeException":
case "com.amazonaws.ssooidc#InvalidScopeException":
throw await de_InvalidScopeExceptionRes(parsedOutput);
case "SlowDownException":
case "com.amazonaws.ssooidc#SlowDownException":
throw await de_SlowDownExceptionRes(parsedOutput);
case "UnauthorizedClientException":
case "com.amazonaws.ssooidc#UnauthorizedClientException":
throw await de_UnauthorizedClientExceptionRes(parsedOutput);
case "UnsupportedGrantTypeException":
case "com.amazonaws.ssooidc#UnsupportedGrantTypeException":
throw await de_UnsupportedGrantTypeExceptionRes(parsedOutput);
default:
const parsedBody = parsedOutput.body;
return throwDefaultError({
output,
parsedBody,
errorCode,
});
}
};
const throwDefaultError = smithyClient.withBaseException(SSOOIDCServiceException);
const de_AccessDeniedExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
reason: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new AccessDeniedException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_AuthorizationPendingExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new AuthorizationPendingException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_ExpiredTokenExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new ExpiredTokenException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_InternalServerExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new InternalServerException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_InvalidClientExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new InvalidClientException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_InvalidGrantExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new InvalidGrantException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_InvalidRequestExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
reason: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new InvalidRequestException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_InvalidScopeExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new InvalidScopeException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_SlowDownExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new SlowDownException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_UnauthorizedClientExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new UnauthorizedClientException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_UnsupportedGrantTypeExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new UnsupportedGrantTypeException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const deserializeMetadata = (output) => ({
httpStatusCode: output.statusCode,
requestId: output.headers["x-amzn-requestid"] ?? output.headers["x-amzn-request-id"] ?? output.headers["x-amz-request-id"],
extendedRequestId: output.headers["x-amz-id-2"],
cfId: output.headers["x-amz-cf-id"],
});
class CreateTokenCommand extends smithyClient.Command
.classBuilder()
.ep(commonParams)
.m(function (Command, cs, config, o) {
return [
middlewareSerde.getSerdePlugin(config, this.serialize, this.deserialize),
middlewareEndpoint.getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
];
})
.s("AWSSSOOIDCService", "CreateToken", {})
.n("SSOOIDCClient", "CreateTokenCommand")
.f(CreateTokenRequestFilterSensitiveLog, CreateTokenResponseFilterSensitiveLog)
.ser(se_CreateTokenCommand)
.de(de_CreateTokenCommand)
.build() {
}
const commands = {
CreateTokenCommand,
};
class SSOOIDC extends SSOOIDCClient {
}
smithyClient.createAggregatedClient(commands, SSOOIDC);
__webpack_unused_export__ = ({
enumerable: true,
get: function () { return smithyClient.Command; }
});
__webpack_unused_export__ = ({
enumerable: true,
get: function () { return smithyClient.Client; }
});
__webpack_unused_export__ = AccessDeniedException;
__webpack_unused_export__ = AccessDeniedExceptionReason;
__webpack_unused_export__ = AuthorizationPendingException;
exports.CreateTokenCommand = CreateTokenCommand;
__webpack_unused_export__ = CreateTokenRequestFilterSensitiveLog;
__webpack_unused_export__ = CreateTokenResponseFilterSensitiveLog;
__webpack_unused_export__ = ExpiredTokenException;
__webpack_unused_export__ = InternalServerException;
__webpack_unused_export__ = InvalidClientException;
__webpack_unused_export__ = InvalidGrantException;
__webpack_unused_export__ = InvalidRequestException;
__webpack_unused_export__ = InvalidRequestExceptionReason;
__webpack_unused_export__ = InvalidScopeException;
__webpack_unused_export__ = SSOOIDC;
exports.SSOOIDCClient = SSOOIDCClient;
__webpack_unused_export__ = SSOOIDCServiceException;
__webpack_unused_export__ = SlowDownException;
__webpack_unused_export__ = UnauthorizedClientException;
__webpack_unused_export__ = UnsupportedGrantTypeException;
/***/ }),
/***/ 6901:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.getRuntimeConfig = void 0;
const tslib_1 = __webpack_require__(1860);
const package_json_1 = tslib_1.__importDefault(__webpack_require__(9955));
const core_1 = __webpack_require__(8704);
const util_user_agent_node_1 = __webpack_require__(1656);
const config_resolver_1 = __webpack_require__(9316);
const hash_node_1 = __webpack_require__(5092);
const middleware_retry_1 = __webpack_require__(9618);
const node_config_provider_1 = __webpack_require__(5704);
const node_http_handler_1 = __webpack_require__(1279);
const util_body_length_node_1 = __webpack_require__(3638);
const util_retry_1 = __webpack_require__(5518);
const runtimeConfig_shared_1 = __webpack_require__(1546);
const smithy_client_1 = __webpack_require__(1411);
const util_defaults_mode_node_1 = __webpack_require__(5435);
const smithy_client_2 = __webpack_require__(1411);
const getRuntimeConfig = (config) => {
(0, smithy_client_2.emitWarningIfUnsupportedVersion)(process.version);
const defaultsMode = (0, util_defaults_mode_node_1.resolveDefaultsModeConfig)(config);
const defaultConfigProvider = () => defaultsMode().then(smithy_client_1.loadConfigsForDefaultMode);
const clientSharedValues = (0, runtimeConfig_shared_1.getRuntimeConfig)(config);
(0, core_1.emitWarningIfUnsupportedVersion)(process.version);
const loaderConfig = {
profile: config?.profile,
logger: clientSharedValues.logger,
};
return {
...clientSharedValues,
...config,
runtime: "node",
defaultsMode,
authSchemePreference: config?.authSchemePreference ?? (0, node_config_provider_1.loadConfig)(core_1.NODE_AUTH_SCHEME_PREFERENCE_OPTIONS, loaderConfig),
bodyLengthChecker: config?.bodyLengthChecker ?? util_body_length_node_1.calculateBodyLength,
defaultUserAgentProvider: config?.defaultUserAgentProvider ??
(0, util_user_agent_node_1.createDefaultUserAgentProvider)({ serviceId: clientSharedValues.serviceId, clientVersion: package_json_1.default.version }),
maxAttempts: config?.maxAttempts ?? (0, node_config_provider_1.loadConfig)(middleware_retry_1.NODE_MAX_ATTEMPT_CONFIG_OPTIONS, config),
region: config?.region ??
(0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_REGION_CONFIG_OPTIONS, { ...config_resolver_1.NODE_REGION_CONFIG_FILE_OPTIONS, ...loaderConfig }),
requestHandler: node_http_handler_1.NodeHttpHandler.create(config?.requestHandler ?? defaultConfigProvider),
retryMode: config?.retryMode ??
(0, node_config_provider_1.loadConfig)({
...middleware_retry_1.NODE_RETRY_MODE_CONFIG_OPTIONS,
default: async () => (await defaultConfigProvider()).retryMode || util_retry_1.DEFAULT_RETRY_MODE,
}, config),
sha256: config?.sha256 ?? hash_node_1.Hash.bind(null, "sha256"),
streamCollector: config?.streamCollector ?? node_http_handler_1.streamCollector,
useDualstackEndpoint: config?.useDualstackEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS, loaderConfig),
useFipsEndpoint: config?.useFipsEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS, loaderConfig),
userAgentAppId: config?.userAgentAppId ?? (0, node_config_provider_1.loadConfig)(util_user_agent_node_1.NODE_APP_ID_CONFIG_OPTIONS, loaderConfig),
};
};
exports.getRuntimeConfig = getRuntimeConfig;
/***/ }),
/***/ 1546:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.getRuntimeConfig = void 0;
const core_1 = __webpack_require__(8704);
const core_2 = __webpack_require__(402);
const smithy_client_1 = __webpack_require__(1411);
const url_parser_1 = __webpack_require__(4494);
const util_base64_1 = __webpack_require__(8385);
const util_utf8_1 = __webpack_require__(1577);
const httpAuthSchemeProvider_1 = __webpack_require__(8396);
const endpointResolver_1 = __webpack_require__(546);
const getRuntimeConfig = (config) => {
return {
apiVersion: "2019-06-10",
base64Decoder: config?.base64Decoder ?? util_base64_1.fromBase64,
base64Encoder: config?.base64Encoder ?? util_base64_1.toBase64,
disableHostPrefix: config?.disableHostPrefix ?? false,
endpointProvider: config?.endpointProvider ?? endpointResolver_1.defaultEndpointResolver,
extensions: config?.extensions ?? [],
httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? httpAuthSchemeProvider_1.defaultSSOOIDCHttpAuthSchemeProvider,
httpAuthSchemes: config?.httpAuthSchemes ?? [
{
schemeId: "aws.auth#sigv4",
identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"),
signer: new core_1.AwsSdkSigV4Signer(),
},
{
schemeId: "smithy.api#noAuth",
identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
signer: new core_2.NoAuthSigner(),
},
],
logger: config?.logger ?? new smithy_client_1.NoOpLogger(),
serviceId: config?.serviceId ?? "SSO OIDC",
urlParser: config?.urlParser ?? url_parser_1.parseUrl,
utf8Decoder: config?.utf8Decoder ?? util_utf8_1.fromUtf8,
utf8Encoder: config?.utf8Encoder ?? util_utf8_1.toUtf8,
};
};
exports.getRuntimeConfig = getRuntimeConfig;
/***/ }),
/***/ 9955:
/***/ ((module) => {
module.exports = /*#__PURE__*/JSON.parse('{"name":"@aws-sdk/nested-clients","version":"3.908.0","description":"Nested clients for AWS SDK packages.","main":"./dist-cjs/index.js","module":"./dist-es/index.js","types":"./dist-types/index.d.ts","scripts":{"build":"yarn lint && concurrently \'yarn:build:cjs\' \'yarn:build:es\' \'yarn:build:types\'","build:cjs":"node ../../scripts/compilation/inline nested-clients","build:es":"tsc -p tsconfig.es.json","build:include:deps":"lerna run --scope $npm_package_name --include-dependencies build","build:types":"tsc -p tsconfig.types.json","build:types:downlevel":"downlevel-dts dist-types dist-types/ts3.4","clean":"rimraf ./dist-* && rimraf *.tsbuildinfo","lint":"node ../../scripts/validation/submodules-linter.js --pkg nested-clients","test":"yarn g:vitest run","test:watch":"yarn g:vitest watch"},"engines":{"node":">=18.0.0"},"sideEffects":false,"author":{"name":"AWS SDK for JavaScript Team","url":"https://aws.amazon.com/javascript/"},"license":"Apache-2.0","dependencies":{"@aws-crypto/sha256-browser":"5.2.0","@aws-crypto/sha256-js":"5.2.0","@aws-sdk/core":"3.908.0","@aws-sdk/middleware-host-header":"3.901.0","@aws-sdk/middleware-logger":"3.901.0","@aws-sdk/middleware-recursion-detection":"3.901.0","@aws-sdk/middleware-user-agent":"3.908.0","@aws-sdk/region-config-resolver":"3.901.0","@aws-sdk/types":"3.901.0","@aws-sdk/util-endpoints":"3.901.0","@aws-sdk/util-user-agent-browser":"3.907.0","@aws-sdk/util-user-agent-node":"3.908.0","@smithy/config-resolver":"^4.3.0","@smithy/core":"^3.15.0","@smithy/fetch-http-handler":"^5.3.1","@smithy/hash-node":"^4.2.0","@smithy/invalid-dependency":"^4.2.0","@smithy/middleware-content-length":"^4.2.0","@smithy/middleware-endpoint":"^4.3.1","@smithy/middleware-retry":"^4.4.1","@smithy/middleware-serde":"^4.2.0","@smithy/middleware-stack":"^4.2.0","@smithy/node-config-provider":"^4.3.0","@smithy/node-http-handler":"^4.3.0","@smithy/protocol-http":"^5.3.0","@smithy/smithy-client":"^4.7.1","@smithy/types":"^4.6.0","@smithy/url-parser":"^4.2.0","@smithy/util-base64":"^4.3.0","@smithy/util-body-length-browser":"^4.2.0","@smithy/util-body-length-node":"^4.2.1","@smithy/util-defaults-mode-browser":"^4.3.0","@smithy/util-defaults-mode-node":"^4.2.1","@smithy/util-endpoints":"^3.2.0","@smithy/util-middleware":"^4.2.0","@smithy/util-retry":"^4.2.0","@smithy/util-utf8":"^4.2.0","tslib":"^2.6.2"},"devDependencies":{"concurrently":"7.0.0","downlevel-dts":"0.10.1","rimraf":"3.0.2","typescript":"~5.8.3"},"typesVersions":{"<4.0":{"dist-types/*":["dist-types/ts3.4/*"]}},"files":["./sso-oidc.d.ts","./sso-oidc.js","./sts.d.ts","./sts.js","dist-*/**"],"browser":{"./dist-es/submodules/sso-oidc/runtimeConfig":"./dist-es/submodules/sso-oidc/runtimeConfig.browser","./dist-es/submodules/sts/runtimeConfig":"./dist-es/submodules/sts/runtimeConfig.browser"},"react-native":{},"homepage":"https://github.com/aws/aws-sdk-js-v3/tree/main/packages/nested-clients","repository":{"type":"git","url":"https://github.com/aws/aws-sdk-js-v3.git","directory":"packages/nested-clients"},"exports":{"./sso-oidc":{"types":"./dist-types/submodules/sso-oidc/index.d.ts","module":"./dist-es/submodules/sso-oidc/index.js","node":"./dist-cjs/submodules/sso-oidc/index.js","import":"./dist-es/submodules/sso-oidc/index.js","require":"./dist-cjs/submodules/sso-oidc/index.js"},"./sts":{"types":"./dist-types/submodules/sts/index.d.ts","module":"./dist-es/submodules/sts/index.js","node":"./dist-cjs/submodules/sts/index.js","import":"./dist-es/submodules/sts/index.js","require":"./dist-cjs/submodules/sts/index.js"}}}');
/***/ })
};
;

387
dist/566.index.js generated vendored Normal file
View file

@ -0,0 +1,387 @@
"use strict";
exports.id = 566;
exports.ids = [566];
exports.modules = {
/***/ 566:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
var __webpack_unused_export__;
var propertyProvider = __webpack_require__(1238);
var url = __webpack_require__(7016);
var buffer = __webpack_require__(181);
var http = __webpack_require__(8611);
var nodeConfigProvider = __webpack_require__(5704);
var urlParser = __webpack_require__(4494);
function httpRequest(options) {
return new Promise((resolve, reject) => {
const req = http.request({
method: "GET",
...options,
hostname: options.hostname?.replace(/^\[(.+)\]$/, "$1"),
});
req.on("error", (err) => {
reject(Object.assign(new propertyProvider.ProviderError("Unable to connect to instance metadata service"), err));
req.destroy();
});
req.on("timeout", () => {
reject(new propertyProvider.ProviderError("TimeoutError from instance metadata service"));
req.destroy();
});
req.on("response", (res) => {
const { statusCode = 400 } = res;
if (statusCode < 200 || 300 <= statusCode) {
reject(Object.assign(new propertyProvider.ProviderError("Error response received from instance metadata service"), { statusCode }));
req.destroy();
}
const chunks = [];
res.on("data", (chunk) => {
chunks.push(chunk);
});
res.on("end", () => {
resolve(buffer.Buffer.concat(chunks));
req.destroy();
});
});
req.end();
});
}
const isImdsCredentials = (arg) => Boolean(arg) &&
typeof arg === "object" &&
typeof arg.AccessKeyId === "string" &&
typeof arg.SecretAccessKey === "string" &&
typeof arg.Token === "string" &&
typeof arg.Expiration === "string";
const fromImdsCredentials = (creds) => ({
accessKeyId: creds.AccessKeyId,
secretAccessKey: creds.SecretAccessKey,
sessionToken: creds.Token,
expiration: new Date(creds.Expiration),
...(creds.AccountId && { accountId: creds.AccountId }),
});
const DEFAULT_TIMEOUT = 1000;
const DEFAULT_MAX_RETRIES = 0;
const providerConfigFromInit = ({ maxRetries = DEFAULT_MAX_RETRIES, timeout = DEFAULT_TIMEOUT, }) => ({ maxRetries, timeout });
const retry = (toRetry, maxRetries) => {
let promise = toRetry();
for (let i = 0; i < maxRetries; i++) {
promise = promise.catch(toRetry);
}
return promise;
};
const ENV_CMDS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI";
const ENV_CMDS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI";
const ENV_CMDS_AUTH_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN";
const fromContainerMetadata = (init = {}) => {
const { timeout, maxRetries } = providerConfigFromInit(init);
return () => retry(async () => {
const requestOptions = await getCmdsUri({ logger: init.logger });
const credsResponse = JSON.parse(await requestFromEcsImds(timeout, requestOptions));
if (!isImdsCredentials(credsResponse)) {
throw new propertyProvider.CredentialsProviderError("Invalid response received from instance metadata service.", {
logger: init.logger,
});
}
return fromImdsCredentials(credsResponse);
}, maxRetries);
};
const requestFromEcsImds = async (timeout, options) => {
if (process.env[ENV_CMDS_AUTH_TOKEN]) {
options.headers = {
...options.headers,
Authorization: process.env[ENV_CMDS_AUTH_TOKEN],
};
}
const buffer = await httpRequest({
...options,
timeout,
});
return buffer.toString();
};
const CMDS_IP = "169.254.170.2";
const GREENGRASS_HOSTS = {
localhost: true,
"127.0.0.1": true,
};
const GREENGRASS_PROTOCOLS = {
"http:": true,
"https:": true,
};
const getCmdsUri = async ({ logger }) => {
if (process.env[ENV_CMDS_RELATIVE_URI]) {
return {
hostname: CMDS_IP,
path: process.env[ENV_CMDS_RELATIVE_URI],
};
}
if (process.env[ENV_CMDS_FULL_URI]) {
const parsed = url.parse(process.env[ENV_CMDS_FULL_URI]);
if (!parsed.hostname || !(parsed.hostname in GREENGRASS_HOSTS)) {
throw new propertyProvider.CredentialsProviderError(`${parsed.hostname} is not a valid container metadata service hostname`, {
tryNextLink: false,
logger,
});
}
if (!parsed.protocol || !(parsed.protocol in GREENGRASS_PROTOCOLS)) {
throw new propertyProvider.CredentialsProviderError(`${parsed.protocol} is not a valid container metadata service protocol`, {
tryNextLink: false,
logger,
});
}
return {
...parsed,
port: parsed.port ? parseInt(parsed.port, 10) : undefined,
};
}
throw new propertyProvider.CredentialsProviderError("The container metadata credential provider cannot be used unless" +
` the ${ENV_CMDS_RELATIVE_URI} or ${ENV_CMDS_FULL_URI} environment` +
" variable is set", {
tryNextLink: false,
logger,
});
};
class InstanceMetadataV1FallbackError extends propertyProvider.CredentialsProviderError {
tryNextLink;
name = "InstanceMetadataV1FallbackError";
constructor(message, tryNextLink = true) {
super(message, tryNextLink);
this.tryNextLink = tryNextLink;
Object.setPrototypeOf(this, InstanceMetadataV1FallbackError.prototype);
}
}
exports.yI = void 0;
(function (Endpoint) {
Endpoint["IPv4"] = "http://169.254.169.254";
Endpoint["IPv6"] = "http://[fd00:ec2::254]";
})(exports.yI || (exports.yI = {}));
const ENV_ENDPOINT_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT";
const CONFIG_ENDPOINT_NAME = "ec2_metadata_service_endpoint";
const ENDPOINT_CONFIG_OPTIONS = {
environmentVariableSelector: (env) => env[ENV_ENDPOINT_NAME],
configFileSelector: (profile) => profile[CONFIG_ENDPOINT_NAME],
default: undefined,
};
var EndpointMode;
(function (EndpointMode) {
EndpointMode["IPv4"] = "IPv4";
EndpointMode["IPv6"] = "IPv6";
})(EndpointMode || (EndpointMode = {}));
const ENV_ENDPOINT_MODE_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE";
const CONFIG_ENDPOINT_MODE_NAME = "ec2_metadata_service_endpoint_mode";
const ENDPOINT_MODE_CONFIG_OPTIONS = {
environmentVariableSelector: (env) => env[ENV_ENDPOINT_MODE_NAME],
configFileSelector: (profile) => profile[CONFIG_ENDPOINT_MODE_NAME],
default: EndpointMode.IPv4,
};
const getInstanceMetadataEndpoint = async () => urlParser.parseUrl((await getFromEndpointConfig()) || (await getFromEndpointModeConfig()));
const getFromEndpointConfig = async () => nodeConfigProvider.loadConfig(ENDPOINT_CONFIG_OPTIONS)();
const getFromEndpointModeConfig = async () => {
const endpointMode = await nodeConfigProvider.loadConfig(ENDPOINT_MODE_CONFIG_OPTIONS)();
switch (endpointMode) {
case EndpointMode.IPv4:
return exports.yI.IPv4;
case EndpointMode.IPv6:
return exports.yI.IPv6;
default:
throw new Error(`Unsupported endpoint mode: ${endpointMode}.` + ` Select from ${Object.values(EndpointMode)}`);
}
};
const STATIC_STABILITY_REFRESH_INTERVAL_SECONDS = 5 * 60;
const STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS = 5 * 60;
const STATIC_STABILITY_DOC_URL = "https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html";
const getExtendedInstanceMetadataCredentials = (credentials, logger) => {
const refreshInterval = STATIC_STABILITY_REFRESH_INTERVAL_SECONDS +
Math.floor(Math.random() * STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS);
const newExpiration = new Date(Date.now() + refreshInterval * 1000);
logger.warn("Attempting credential expiration extension due to a credential service availability issue. A refresh of these " +
`credentials will be attempted after ${new Date(newExpiration)}.\nFor more information, please visit: ` +
STATIC_STABILITY_DOC_URL);
const originalExpiration = credentials.originalExpiration ?? credentials.expiration;
return {
...credentials,
...(originalExpiration ? { originalExpiration } : {}),
expiration: newExpiration,
};
};
const staticStabilityProvider = (provider, options = {}) => {
const logger = options?.logger || console;
let pastCredentials;
return async () => {
let credentials;
try {
credentials = await provider();
if (credentials.expiration && credentials.expiration.getTime() < Date.now()) {
credentials = getExtendedInstanceMetadataCredentials(credentials, logger);
}
}
catch (e) {
if (pastCredentials) {
logger.warn("Credential renew failed: ", e);
credentials = getExtendedInstanceMetadataCredentials(pastCredentials, logger);
}
else {
throw e;
}
}
pastCredentials = credentials;
return credentials;
};
};
const IMDS_PATH = "/latest/meta-data/iam/security-credentials/";
const IMDS_TOKEN_PATH = "/latest/api/token";
const AWS_EC2_METADATA_V1_DISABLED = "AWS_EC2_METADATA_V1_DISABLED";
const PROFILE_AWS_EC2_METADATA_V1_DISABLED = "ec2_metadata_v1_disabled";
const X_AWS_EC2_METADATA_TOKEN = "x-aws-ec2-metadata-token";
const fromInstanceMetadata = (init = {}) => staticStabilityProvider(getInstanceMetadataProvider(init), { logger: init.logger });
const getInstanceMetadataProvider = (init = {}) => {
let disableFetchToken = false;
const { logger, profile } = init;
const { timeout, maxRetries } = providerConfigFromInit(init);
const getCredentials = async (maxRetries, options) => {
const isImdsV1Fallback = disableFetchToken || options.headers?.[X_AWS_EC2_METADATA_TOKEN] == null;
if (isImdsV1Fallback) {
let fallbackBlockedFromProfile = false;
let fallbackBlockedFromProcessEnv = false;
const configValue = await nodeConfigProvider.loadConfig({
environmentVariableSelector: (env) => {
const envValue = env[AWS_EC2_METADATA_V1_DISABLED];
fallbackBlockedFromProcessEnv = !!envValue && envValue !== "false";
if (envValue === undefined) {
throw new propertyProvider.CredentialsProviderError(`${AWS_EC2_METADATA_V1_DISABLED} not set in env, checking config file next.`, { logger: init.logger });
}
return fallbackBlockedFromProcessEnv;
},
configFileSelector: (profile) => {
const profileValue = profile[PROFILE_AWS_EC2_METADATA_V1_DISABLED];
fallbackBlockedFromProfile = !!profileValue && profileValue !== "false";
return fallbackBlockedFromProfile;
},
default: false,
}, {
profile,
})();
if (init.ec2MetadataV1Disabled || configValue) {
const causes = [];
if (init.ec2MetadataV1Disabled)
causes.push("credential provider initialization (runtime option ec2MetadataV1Disabled)");
if (fallbackBlockedFromProfile)
causes.push(`config file profile (${PROFILE_AWS_EC2_METADATA_V1_DISABLED})`);
if (fallbackBlockedFromProcessEnv)
causes.push(`process environment variable (${AWS_EC2_METADATA_V1_DISABLED})`);
throw new InstanceMetadataV1FallbackError(`AWS EC2 Metadata v1 fallback has been blocked by AWS SDK configuration in the following: [${causes.join(", ")}].`);
}
}
const imdsProfile = (await retry(async () => {
let profile;
try {
profile = await getProfile(options);
}
catch (err) {
if (err.statusCode === 401) {
disableFetchToken = false;
}
throw err;
}
return profile;
}, maxRetries)).trim();
return retry(async () => {
let creds;
try {
creds = await getCredentialsFromProfile(imdsProfile, options, init);
}
catch (err) {
if (err.statusCode === 401) {
disableFetchToken = false;
}
throw err;
}
return creds;
}, maxRetries);
};
return async () => {
const endpoint = await getInstanceMetadataEndpoint();
if (disableFetchToken) {
logger?.debug("AWS SDK Instance Metadata", "using v1 fallback (no token fetch)");
return getCredentials(maxRetries, { ...endpoint, timeout });
}
else {
let token;
try {
token = (await getMetadataToken({ ...endpoint, timeout })).toString();
}
catch (error) {
if (error?.statusCode === 400) {
throw Object.assign(error, {
message: "EC2 Metadata token request returned error",
});
}
else if (error.message === "TimeoutError" || [403, 404, 405].includes(error.statusCode)) {
disableFetchToken = true;
}
logger?.debug("AWS SDK Instance Metadata", "using v1 fallback (initial)");
return getCredentials(maxRetries, { ...endpoint, timeout });
}
return getCredentials(maxRetries, {
...endpoint,
headers: {
[X_AWS_EC2_METADATA_TOKEN]: token,
},
timeout,
});
}
};
};
const getMetadataToken = async (options) => httpRequest({
...options,
path: IMDS_TOKEN_PATH,
method: "PUT",
headers: {
"x-aws-ec2-metadata-token-ttl-seconds": "21600",
},
});
const getProfile = async (options) => (await httpRequest({ ...options, path: IMDS_PATH })).toString();
const getCredentialsFromProfile = async (profile, options, init) => {
const credentialsResponse = JSON.parse((await httpRequest({
...options,
path: IMDS_PATH + profile,
})).toString());
if (!isImdsCredentials(credentialsResponse)) {
throw new propertyProvider.CredentialsProviderError("Invalid response received from instance metadata service.", {
logger: init.logger,
});
}
return fromImdsCredentials(credentialsResponse);
};
__webpack_unused_export__ = DEFAULT_MAX_RETRIES;
__webpack_unused_export__ = DEFAULT_TIMEOUT;
__webpack_unused_export__ = ENV_CMDS_AUTH_TOKEN;
exports.ENV_CMDS_FULL_URI = ENV_CMDS_FULL_URI;
exports.ENV_CMDS_RELATIVE_URI = ENV_CMDS_RELATIVE_URI;
exports.fromContainerMetadata = fromContainerMetadata;
exports.fromInstanceMetadata = fromInstanceMetadata;
exports.getInstanceMetadataEndpoint = getInstanceMetadataEndpoint;
exports.httpRequest = httpRequest;
__webpack_unused_export__ = providerConfigFromInit;
/***/ })
};
;

8
dist/579.index.js generated vendored
View file

@ -8,7 +8,6 @@ exports.modules = {
var schema = __webpack_require__(6890);
var utilUtf8 = __webpack_require__(1577);
class EventStreamSerde {
@ -139,12 +138,15 @@ class EventStreamSerde {
let eventType = unionMember;
let explicitPayloadMember = null;
let explicitPayloadContentType;
const isKnownSchema = unionSchema.hasMemberSchema(unionMember);
const isKnownSchema = (() => {
const struct = unionSchema.getSchema();
return struct.memberNames.includes(unionMember);
})();
const additionalHeaders = {};
if (!isKnownSchema) {
const [type, value] = event[unionMember];
eventType = type;
serializer.write(schema.SCHEMA.DOCUMENT, value);
serializer.write(15, value);
}
else {
const eventSchema = unionSchema.getMemberSchema(unionMember);

234
dist/605.index.js generated vendored Normal file
View file

@ -0,0 +1,234 @@
"use strict";
exports.id = 605;
exports.ids = [605];
exports.modules = {
/***/ 1509:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.checkUrl = void 0;
const property_provider_1 = __webpack_require__(1238);
const LOOPBACK_CIDR_IPv4 = "127.0.0.0/8";
const LOOPBACK_CIDR_IPv6 = "::1/128";
const ECS_CONTAINER_HOST = "169.254.170.2";
const EKS_CONTAINER_HOST_IPv4 = "169.254.170.23";
const EKS_CONTAINER_HOST_IPv6 = "[fd00:ec2::23]";
const checkUrl = (url, logger) => {
if (url.protocol === "https:") {
return;
}
if (url.hostname === ECS_CONTAINER_HOST ||
url.hostname === EKS_CONTAINER_HOST_IPv4 ||
url.hostname === EKS_CONTAINER_HOST_IPv6) {
return;
}
if (url.hostname.includes("[")) {
if (url.hostname === "[::1]" || url.hostname === "[0000:0000:0000:0000:0000:0000:0000:0001]") {
return;
}
}
else {
if (url.hostname === "localhost") {
return;
}
const ipComponents = url.hostname.split(".");
const inRange = (component) => {
const num = parseInt(component, 10);
return 0 <= num && num <= 255;
};
if (ipComponents[0] === "127" &&
inRange(ipComponents[1]) &&
inRange(ipComponents[2]) &&
inRange(ipComponents[3]) &&
ipComponents.length === 4) {
return;
}
}
throw new property_provider_1.CredentialsProviderError(`URL not accepted. It must either be HTTPS or match one of the following:
- loopback CIDR 127.0.0.0/8 or [::1/128]
- ECS container host 169.254.170.2
- EKS container host 169.254.170.23 or [fd00:ec2::23]`, { logger });
};
exports.checkUrl = checkUrl;
/***/ }),
/***/ 6331:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.fromHttp = void 0;
const tslib_1 = __webpack_require__(1860);
const client_1 = __webpack_require__(5152);
const node_http_handler_1 = __webpack_require__(1279);
const property_provider_1 = __webpack_require__(1238);
const promises_1 = tslib_1.__importDefault(__webpack_require__(1943));
const checkUrl_1 = __webpack_require__(1509);
const requestHelpers_1 = __webpack_require__(8914);
const retry_wrapper_1 = __webpack_require__(1122);
const AWS_CONTAINER_CREDENTIALS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI";
const DEFAULT_LINK_LOCAL_HOST = "http://169.254.170.2";
const AWS_CONTAINER_CREDENTIALS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI";
const AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE";
const AWS_CONTAINER_AUTHORIZATION_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN";
const fromHttp = (options = {}) => {
options.logger?.debug("@aws-sdk/credential-provider-http - fromHttp");
let host;
const relative = options.awsContainerCredentialsRelativeUri ?? process.env[AWS_CONTAINER_CREDENTIALS_RELATIVE_URI];
const full = options.awsContainerCredentialsFullUri ?? process.env[AWS_CONTAINER_CREDENTIALS_FULL_URI];
const token = options.awsContainerAuthorizationToken ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN];
const tokenFile = options.awsContainerAuthorizationTokenFile ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE];
const warn = options.logger?.constructor?.name === "NoOpLogger" || !options.logger?.warn
? console.warn
: options.logger.warn.bind(options.logger);
if (relative && full) {
warn("@aws-sdk/credential-provider-http: " +
"you have set both awsContainerCredentialsRelativeUri and awsContainerCredentialsFullUri.");
warn("awsContainerCredentialsFullUri will take precedence.");
}
if (token && tokenFile) {
warn("@aws-sdk/credential-provider-http: " +
"you have set both awsContainerAuthorizationToken and awsContainerAuthorizationTokenFile.");
warn("awsContainerAuthorizationToken will take precedence.");
}
if (full) {
host = full;
}
else if (relative) {
host = `${DEFAULT_LINK_LOCAL_HOST}${relative}`;
}
else {
throw new property_provider_1.CredentialsProviderError(`No HTTP credential provider host provided.
Set AWS_CONTAINER_CREDENTIALS_FULL_URI or AWS_CONTAINER_CREDENTIALS_RELATIVE_URI.`, { logger: options.logger });
}
const url = new URL(host);
(0, checkUrl_1.checkUrl)(url, options.logger);
const requestHandler = node_http_handler_1.NodeHttpHandler.create({
requestTimeout: options.timeout ?? 1000,
connectionTimeout: options.timeout ?? 1000,
});
return (0, retry_wrapper_1.retryWrapper)(async () => {
const request = (0, requestHelpers_1.createGetRequest)(url);
if (token) {
request.headers.Authorization = token;
}
else if (tokenFile) {
request.headers.Authorization = (await promises_1.default.readFile(tokenFile)).toString();
}
try {
const result = await requestHandler.handle(request);
return (0, requestHelpers_1.getCredentials)(result.response).then((creds) => (0, client_1.setCredentialFeature)(creds, "CREDENTIALS_HTTP", "z"));
}
catch (e) {
throw new property_provider_1.CredentialsProviderError(String(e), { logger: options.logger });
}
}, options.maxRetries ?? 3, options.timeout ?? 1000);
};
exports.fromHttp = fromHttp;
/***/ }),
/***/ 8914:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.createGetRequest = createGetRequest;
exports.getCredentials = getCredentials;
const property_provider_1 = __webpack_require__(1238);
const protocol_http_1 = __webpack_require__(2356);
const smithy_client_1 = __webpack_require__(1411);
const util_stream_1 = __webpack_require__(4252);
function createGetRequest(url) {
return new protocol_http_1.HttpRequest({
protocol: url.protocol,
hostname: url.hostname,
port: Number(url.port),
path: url.pathname,
query: Array.from(url.searchParams.entries()).reduce((acc, [k, v]) => {
acc[k] = v;
return acc;
}, {}),
fragment: url.hash,
});
}
async function getCredentials(response, logger) {
const stream = (0, util_stream_1.sdkStreamMixin)(response.body);
const str = await stream.transformToString();
if (response.statusCode === 200) {
const parsed = JSON.parse(str);
if (typeof parsed.AccessKeyId !== "string" ||
typeof parsed.SecretAccessKey !== "string" ||
typeof parsed.Token !== "string" ||
typeof parsed.Expiration !== "string") {
throw new property_provider_1.CredentialsProviderError("HTTP credential provider response not of the required format, an object matching: " +
"{ AccessKeyId: string, SecretAccessKey: string, Token: string, Expiration: string(rfc3339) }", { logger });
}
return {
accessKeyId: parsed.AccessKeyId,
secretAccessKey: parsed.SecretAccessKey,
sessionToken: parsed.Token,
expiration: (0, smithy_client_1.parseRfc3339DateTime)(parsed.Expiration),
};
}
if (response.statusCode >= 400 && response.statusCode < 500) {
let parsedBody = {};
try {
parsedBody = JSON.parse(str);
}
catch (e) { }
throw Object.assign(new property_provider_1.CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger }), {
Code: parsedBody.Code,
Message: parsedBody.Message,
});
}
throw new property_provider_1.CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger });
}
/***/ }),
/***/ 1122:
/***/ ((__unused_webpack_module, exports) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.retryWrapper = void 0;
const retryWrapper = (toRetry, maxRetries, delayMs) => {
return async () => {
for (let i = 0; i < maxRetries; ++i) {
try {
return await toRetry();
}
catch (e) {
await new Promise((resolve) => setTimeout(resolve, delayMs));
}
}
return await toRetry();
};
};
exports.retryWrapper = retryWrapper;
/***/ }),
/***/ 8605:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
var __webpack_unused_export__;
__webpack_unused_export__ = ({ value: true });
exports.fromHttp = void 0;
var fromHttp_1 = __webpack_require__(6331);
Object.defineProperty(exports, "fromHttp", ({ enumerable: true, get: function () { return fromHttp_1.fromHttp; } }));
/***/ })
};
;

225
dist/869.index.js generated vendored Normal file
View file

@ -0,0 +1,225 @@
"use strict";
exports.id = 869;
exports.ids = [869];
exports.modules = {
/***/ 5869:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
var sharedIniFileLoader = __webpack_require__(4964);
var propertyProvider = __webpack_require__(1238);
var client = __webpack_require__(5152);
const resolveCredentialSource = (credentialSource, profileName, logger) => {
const sourceProvidersMap = {
EcsContainer: async (options) => {
const { fromHttp } = await __webpack_require__.e(/* import() */ 605).then(__webpack_require__.bind(__webpack_require__, 8605));
const { fromContainerMetadata } = await __webpack_require__.e(/* import() */ 566).then(__webpack_require__.t.bind(__webpack_require__, 566, 19));
logger?.debug("@aws-sdk/credential-provider-ini - credential_source is EcsContainer");
return async () => propertyProvider.chain(fromHttp(options ?? {}), fromContainerMetadata(options))().then(setNamedProvider);
},
Ec2InstanceMetadata: async (options) => {
logger?.debug("@aws-sdk/credential-provider-ini - credential_source is Ec2InstanceMetadata");
const { fromInstanceMetadata } = await __webpack_require__.e(/* import() */ 566).then(__webpack_require__.t.bind(__webpack_require__, 566, 19));
return async () => fromInstanceMetadata(options)().then(setNamedProvider);
},
Environment: async (options) => {
logger?.debug("@aws-sdk/credential-provider-ini - credential_source is Environment");
const { fromEnv } = await Promise.resolve(/* import() */).then(__webpack_require__.t.bind(__webpack_require__, 5606, 19));
return async () => fromEnv(options)().then(setNamedProvider);
},
};
if (credentialSource in sourceProvidersMap) {
return sourceProvidersMap[credentialSource];
}
else {
throw new propertyProvider.CredentialsProviderError(`Unsupported credential source in profile ${profileName}. Got ${credentialSource}, ` +
`expected EcsContainer or Ec2InstanceMetadata or Environment.`, { logger });
}
};
const setNamedProvider = (creds) => client.setCredentialFeature(creds, "CREDENTIALS_PROFILE_NAMED_PROVIDER", "p");
const isAssumeRoleProfile = (arg, { profile = "default", logger } = {}) => {
return (Boolean(arg) &&
typeof arg === "object" &&
typeof arg.role_arn === "string" &&
["undefined", "string"].indexOf(typeof arg.role_session_name) > -1 &&
["undefined", "string"].indexOf(typeof arg.external_id) > -1 &&
["undefined", "string"].indexOf(typeof arg.mfa_serial) > -1 &&
(isAssumeRoleWithSourceProfile(arg, { profile, logger }) || isCredentialSourceProfile(arg, { profile, logger })));
};
const isAssumeRoleWithSourceProfile = (arg, { profile, logger }) => {
const withSourceProfile = typeof arg.source_profile === "string" && typeof arg.credential_source === "undefined";
if (withSourceProfile) {
logger?.debug?.(` ${profile} isAssumeRoleWithSourceProfile source_profile=${arg.source_profile}`);
}
return withSourceProfile;
};
const isCredentialSourceProfile = (arg, { profile, logger }) => {
const withProviderProfile = typeof arg.credential_source === "string" && typeof arg.source_profile === "undefined";
if (withProviderProfile) {
logger?.debug?.(` ${profile} isCredentialSourceProfile credential_source=${arg.credential_source}`);
}
return withProviderProfile;
};
const resolveAssumeRoleCredentials = async (profileName, profiles, options, visitedProfiles = {}) => {
options.logger?.debug("@aws-sdk/credential-provider-ini - resolveAssumeRoleCredentials (STS)");
const profileData = profiles[profileName];
const { source_profile, region } = profileData;
if (!options.roleAssumer) {
const { getDefaultRoleAssumer } = await __webpack_require__.e(/* import() */ 136).then(__webpack_require__.t.bind(__webpack_require__, 1136, 23));
options.roleAssumer = getDefaultRoleAssumer({
...options.clientConfig,
credentialProviderLogger: options.logger,
parentClientConfig: {
...options?.parentClientConfig,
region: region ?? options?.parentClientConfig?.region,
},
}, options.clientPlugins);
}
if (source_profile && source_profile in visitedProfiles) {
throw new propertyProvider.CredentialsProviderError(`Detected a cycle attempting to resolve credentials for profile` +
` ${sharedIniFileLoader.getProfileName(options)}. Profiles visited: ` +
Object.keys(visitedProfiles).join(", "), { logger: options.logger });
}
options.logger?.debug(`@aws-sdk/credential-provider-ini - finding credential resolver using ${source_profile ? `source_profile=[${source_profile}]` : `profile=[${profileName}]`}`);
const sourceCredsProvider = source_profile
? resolveProfileData(source_profile, profiles, options, {
...visitedProfiles,
[source_profile]: true,
}, isCredentialSourceWithoutRoleArn(profiles[source_profile] ?? {}))
: (await resolveCredentialSource(profileData.credential_source, profileName, options.logger)(options))();
if (isCredentialSourceWithoutRoleArn(profileData)) {
return sourceCredsProvider.then((creds) => client.setCredentialFeature(creds, "CREDENTIALS_PROFILE_SOURCE_PROFILE", "o"));
}
else {
const params = {
RoleArn: profileData.role_arn,
RoleSessionName: profileData.role_session_name || `aws-sdk-js-${Date.now()}`,
ExternalId: profileData.external_id,
DurationSeconds: parseInt(profileData.duration_seconds || "3600", 10),
};
const { mfa_serial } = profileData;
if (mfa_serial) {
if (!options.mfaCodeProvider) {
throw new propertyProvider.CredentialsProviderError(`Profile ${profileName} requires multi-factor authentication, but no MFA code callback was provided.`, { logger: options.logger, tryNextLink: false });
}
params.SerialNumber = mfa_serial;
params.TokenCode = await options.mfaCodeProvider(mfa_serial);
}
const sourceCreds = await sourceCredsProvider;
return options.roleAssumer(sourceCreds, params).then((creds) => client.setCredentialFeature(creds, "CREDENTIALS_PROFILE_SOURCE_PROFILE", "o"));
}
};
const isCredentialSourceWithoutRoleArn = (section) => {
return !section.role_arn && !!section.credential_source;
};
const isProcessProfile = (arg) => Boolean(arg) && typeof arg === "object" && typeof arg.credential_process === "string";
const resolveProcessCredentials = async (options, profile) => __webpack_require__.e(/* import() */ 360).then(__webpack_require__.t.bind(__webpack_require__, 5360, 19)).then(({ fromProcess }) => fromProcess({
...options,
profile,
})().then((creds) => client.setCredentialFeature(creds, "CREDENTIALS_PROFILE_PROCESS", "v")));
const resolveSsoCredentials = async (profile, profileData, options = {}) => {
const { fromSSO } = await __webpack_require__.e(/* import() */ 998).then(__webpack_require__.t.bind(__webpack_require__, 998, 19));
return fromSSO({
profile,
logger: options.logger,
parentClientConfig: options.parentClientConfig,
clientConfig: options.clientConfig,
})().then((creds) => {
if (profileData.sso_session) {
return client.setCredentialFeature(creds, "CREDENTIALS_PROFILE_SSO", "r");
}
else {
return client.setCredentialFeature(creds, "CREDENTIALS_PROFILE_SSO_LEGACY", "t");
}
});
};
const isSsoProfile = (arg) => arg &&
(typeof arg.sso_start_url === "string" ||
typeof arg.sso_account_id === "string" ||
typeof arg.sso_session === "string" ||
typeof arg.sso_region === "string" ||
typeof arg.sso_role_name === "string");
const isStaticCredsProfile = (arg) => Boolean(arg) &&
typeof arg === "object" &&
typeof arg.aws_access_key_id === "string" &&
typeof arg.aws_secret_access_key === "string" &&
["undefined", "string"].indexOf(typeof arg.aws_session_token) > -1 &&
["undefined", "string"].indexOf(typeof arg.aws_account_id) > -1;
const resolveStaticCredentials = async (profile, options) => {
options?.logger?.debug("@aws-sdk/credential-provider-ini - resolveStaticCredentials");
const credentials = {
accessKeyId: profile.aws_access_key_id,
secretAccessKey: profile.aws_secret_access_key,
sessionToken: profile.aws_session_token,
...(profile.aws_credential_scope && { credentialScope: profile.aws_credential_scope }),
...(profile.aws_account_id && { accountId: profile.aws_account_id }),
};
return client.setCredentialFeature(credentials, "CREDENTIALS_PROFILE", "n");
};
const isWebIdentityProfile = (arg) => Boolean(arg) &&
typeof arg === "object" &&
typeof arg.web_identity_token_file === "string" &&
typeof arg.role_arn === "string" &&
["undefined", "string"].indexOf(typeof arg.role_session_name) > -1;
const resolveWebIdentityCredentials = async (profile, options) => Promise.all(/* import() */[__webpack_require__.e(136), __webpack_require__.e(956)]).then(__webpack_require__.t.bind(__webpack_require__, 9956, 23)).then(({ fromTokenFile }) => fromTokenFile({
webIdentityTokenFile: profile.web_identity_token_file,
roleArn: profile.role_arn,
roleSessionName: profile.role_session_name,
roleAssumerWithWebIdentity: options.roleAssumerWithWebIdentity,
logger: options.logger,
parentClientConfig: options.parentClientConfig,
})().then((creds) => client.setCredentialFeature(creds, "CREDENTIALS_PROFILE_STS_WEB_ID_TOKEN", "q")));
const resolveProfileData = async (profileName, profiles, options, visitedProfiles = {}, isAssumeRoleRecursiveCall = false) => {
const data = profiles[profileName];
if (Object.keys(visitedProfiles).length > 0 && isStaticCredsProfile(data)) {
return resolveStaticCredentials(data, options);
}
if (isAssumeRoleRecursiveCall || isAssumeRoleProfile(data, { profile: profileName, logger: options.logger })) {
return resolveAssumeRoleCredentials(profileName, profiles, options, visitedProfiles);
}
if (isStaticCredsProfile(data)) {
return resolveStaticCredentials(data, options);
}
if (isWebIdentityProfile(data)) {
return resolveWebIdentityCredentials(data, options);
}
if (isProcessProfile(data)) {
return resolveProcessCredentials(options, profileName);
}
if (isSsoProfile(data)) {
return await resolveSsoCredentials(profileName, data, options);
}
throw new propertyProvider.CredentialsProviderError(`Could not resolve credentials using profile: [${profileName}] in configuration/credentials file(s).`, { logger: options.logger });
};
const fromIni = (_init = {}) => async ({ callerClientConfig } = {}) => {
const init = {
..._init,
parentClientConfig: {
...callerClientConfig,
..._init.parentClientConfig,
},
};
init.logger?.debug("@aws-sdk/credential-provider-ini - fromIni");
const profiles = await sharedIniFileLoader.parseKnownFiles(init);
return resolveProfileData(sharedIniFileLoader.getProfileName({
profile: _init.profile ?? callerClientConfig?.profile,
}), profiles, init);
};
exports.fromIni = fromIni;
/***/ })
};
;

143
dist/956.index.js generated vendored Normal file
View file

@ -0,0 +1,143 @@
"use strict";
exports.id = 956;
exports.ids = [956];
exports.modules = {
/***/ 8079:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.fromTokenFile = void 0;
const client_1 = __webpack_require__(5152);
const property_provider_1 = __webpack_require__(1238);
const shared_ini_file_loader_1 = __webpack_require__(4964);
const fs_1 = __webpack_require__(9896);
const fromWebToken_1 = __webpack_require__(4453);
const ENV_TOKEN_FILE = "AWS_WEB_IDENTITY_TOKEN_FILE";
const ENV_ROLE_ARN = "AWS_ROLE_ARN";
const ENV_ROLE_SESSION_NAME = "AWS_ROLE_SESSION_NAME";
const fromTokenFile = (init = {}) => async () => {
init.logger?.debug("@aws-sdk/credential-provider-web-identity - fromTokenFile");
const webIdentityTokenFile = init?.webIdentityTokenFile ?? process.env[ENV_TOKEN_FILE];
const roleArn = init?.roleArn ?? process.env[ENV_ROLE_ARN];
const roleSessionName = init?.roleSessionName ?? process.env[ENV_ROLE_SESSION_NAME];
if (!webIdentityTokenFile || !roleArn) {
throw new property_provider_1.CredentialsProviderError("Web identity configuration not specified", {
logger: init.logger,
});
}
const credentials = await (0, fromWebToken_1.fromWebToken)({
...init,
webIdentityToken: shared_ini_file_loader_1.externalDataInterceptor?.getTokenRecord?.()[webIdentityTokenFile] ??
(0, fs_1.readFileSync)(webIdentityTokenFile, { encoding: "ascii" }),
roleArn,
roleSessionName,
})();
if (webIdentityTokenFile === process.env[ENV_TOKEN_FILE]) {
(0, client_1.setCredentialFeature)(credentials, "CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN", "h");
}
return credentials;
};
exports.fromTokenFile = fromTokenFile;
/***/ }),
/***/ 4453:
/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || (function () {
var ownKeys = function(o) {
ownKeys = Object.getOwnPropertyNames || function (o) {
var ar = [];
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
return ar;
};
return ownKeys(o);
};
return function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
__setModuleDefault(result, mod);
return result;
};
})();
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.fromWebToken = void 0;
const fromWebToken = (init) => async (awsIdentityProperties) => {
init.logger?.debug("@aws-sdk/credential-provider-web-identity - fromWebToken");
const { roleArn, roleSessionName, webIdentityToken, providerId, policyArns, policy, durationSeconds } = init;
let { roleAssumerWithWebIdentity } = init;
if (!roleAssumerWithWebIdentity) {
const { getDefaultRoleAssumerWithWebIdentity } = await Promise.resolve().then(() => __importStar(__webpack_require__(1136)));
roleAssumerWithWebIdentity = getDefaultRoleAssumerWithWebIdentity({
...init.clientConfig,
credentialProviderLogger: init.logger,
parentClientConfig: {
...awsIdentityProperties?.callerClientConfig,
...init.parentClientConfig,
},
}, init.clientPlugins);
}
return roleAssumerWithWebIdentity({
RoleArn: roleArn,
RoleSessionName: roleSessionName ?? `aws-sdk-js-session-${Date.now()}`,
WebIdentityToken: webIdentityToken,
ProviderId: providerId,
PolicyArns: policyArns,
Policy: policy,
DurationSeconds: durationSeconds,
});
};
exports.fromWebToken = fromWebToken;
/***/ }),
/***/ 9956:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
var fromTokenFile = __webpack_require__(8079);
var fromWebToken = __webpack_require__(4453);
Object.keys(fromTokenFile).forEach(function (k) {
if (k !== 'default' && !Object.prototype.hasOwnProperty.call(exports, k)) Object.defineProperty(exports, k, {
enumerable: true,
get: function () { return fromTokenFile[k]; }
});
});
Object.keys(fromWebToken).forEach(function (k) {
if (k !== 'default' && !Object.prototype.hasOwnProperty.call(exports, k)) Object.defineProperty(exports, k, {
enumerable: true,
get: function () { return fromWebToken[k]; }
});
});
/***/ })
};
;

1443
dist/998.index.js generated vendored Normal file
View file

File diff suppressed because it is too large Load diff

1224
dist/cleanup/136.index.js generated vendored Normal file
View file

File diff suppressed because it is too large Load diff

93
dist/cleanup/360.index.js generated vendored Normal file
View file

@ -0,0 +1,93 @@
"use strict";
exports.id = 360;
exports.ids = [360];
exports.modules = {
/***/ 5360:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
var sharedIniFileLoader = __webpack_require__(4964);
var propertyProvider = __webpack_require__(1238);
var child_process = __webpack_require__(5317);
var util = __webpack_require__(9023);
var client = __webpack_require__(5152);
const getValidatedProcessCredentials = (profileName, data, profiles) => {
if (data.Version !== 1) {
throw Error(`Profile ${profileName} credential_process did not return Version 1.`);
}
if (data.AccessKeyId === undefined || data.SecretAccessKey === undefined) {
throw Error(`Profile ${profileName} credential_process returned invalid credentials.`);
}
if (data.Expiration) {
const currentTime = new Date();
const expireTime = new Date(data.Expiration);
if (expireTime < currentTime) {
throw Error(`Profile ${profileName} credential_process returned expired credentials.`);
}
}
let accountId = data.AccountId;
if (!accountId && profiles?.[profileName]?.aws_account_id) {
accountId = profiles[profileName].aws_account_id;
}
const credentials = {
accessKeyId: data.AccessKeyId,
secretAccessKey: data.SecretAccessKey,
...(data.SessionToken && { sessionToken: data.SessionToken }),
...(data.Expiration && { expiration: new Date(data.Expiration) }),
...(data.CredentialScope && { credentialScope: data.CredentialScope }),
...(accountId && { accountId }),
};
client.setCredentialFeature(credentials, "CREDENTIALS_PROCESS", "w");
return credentials;
};
const resolveProcessCredentials = async (profileName, profiles, logger) => {
const profile = profiles[profileName];
if (profiles[profileName]) {
const credentialProcess = profile["credential_process"];
if (credentialProcess !== undefined) {
const execPromise = util.promisify(sharedIniFileLoader.externalDataInterceptor?.getTokenRecord?.().exec ?? child_process.exec);
try {
const { stdout } = await execPromise(credentialProcess);
let data;
try {
data = JSON.parse(stdout.trim());
}
catch {
throw Error(`Profile ${profileName} credential_process returned invalid JSON.`);
}
return getValidatedProcessCredentials(profileName, data, profiles);
}
catch (error) {
throw new propertyProvider.CredentialsProviderError(error.message, { logger });
}
}
else {
throw new propertyProvider.CredentialsProviderError(`Profile ${profileName} did not contain credential_process.`, { logger });
}
}
else {
throw new propertyProvider.CredentialsProviderError(`Profile ${profileName} could not be found in shared credentials file.`, {
logger,
});
}
};
const fromProcess = (init = {}) => async ({ callerClientConfig } = {}) => {
init.logger?.debug("@aws-sdk/credential-provider-process - fromProcess");
const profiles = await sharedIniFileLoader.parseKnownFiles(init);
return resolveProcessCredentials(sharedIniFileLoader.getProfileName({
profile: init.profile ?? callerClientConfig?.profile,
}), profiles, init.logger);
};
exports.fromProcess = fromProcess;
/***/ })
};
;

856
dist/cleanup/443.index.js generated vendored Normal file
View file

@ -0,0 +1,856 @@
"use strict";
exports.id = 443;
exports.ids = [443];
exports.modules = {
/***/ 8396:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.resolveHttpAuthSchemeConfig = exports.defaultSSOOIDCHttpAuthSchemeProvider = exports.defaultSSOOIDCHttpAuthSchemeParametersProvider = void 0;
const core_1 = __webpack_require__(8704);
const util_middleware_1 = __webpack_require__(6324);
const defaultSSOOIDCHttpAuthSchemeParametersProvider = async (config, context, input) => {
return {
operation: (0, util_middleware_1.getSmithyContext)(context).operation,
region: (await (0, util_middleware_1.normalizeProvider)(config.region)()) ||
(() => {
throw new Error("expected `region` to be configured for `aws.auth#sigv4`");
})(),
};
};
exports.defaultSSOOIDCHttpAuthSchemeParametersProvider = defaultSSOOIDCHttpAuthSchemeParametersProvider;
function createAwsAuthSigv4HttpAuthOption(authParameters) {
return {
schemeId: "aws.auth#sigv4",
signingProperties: {
name: "sso-oauth",
region: authParameters.region,
},
propertiesExtractor: (config, context) => ({
signingProperties: {
config,
context,
},
}),
};
}
function createSmithyApiNoAuthHttpAuthOption(authParameters) {
return {
schemeId: "smithy.api#noAuth",
};
}
const defaultSSOOIDCHttpAuthSchemeProvider = (authParameters) => {
const options = [];
switch (authParameters.operation) {
case "CreateToken": {
options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
break;
}
default: {
options.push(createAwsAuthSigv4HttpAuthOption(authParameters));
}
}
return options;
};
exports.defaultSSOOIDCHttpAuthSchemeProvider = defaultSSOOIDCHttpAuthSchemeProvider;
const resolveHttpAuthSchemeConfig = (config) => {
const config_0 = (0, core_1.resolveAwsSdkSigV4Config)(config);
return Object.assign(config_0, {
authSchemePreference: (0, util_middleware_1.normalizeProvider)(config.authSchemePreference ?? []),
});
};
exports.resolveHttpAuthSchemeConfig = resolveHttpAuthSchemeConfig;
/***/ }),
/***/ 546:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.defaultEndpointResolver = void 0;
const util_endpoints_1 = __webpack_require__(3068);
const util_endpoints_2 = __webpack_require__(9674);
const ruleset_1 = __webpack_require__(9947);
const cache = new util_endpoints_2.EndpointCache({
size: 50,
params: ["Endpoint", "Region", "UseDualStack", "UseFIPS"],
});
const defaultEndpointResolver = (endpointParams, context = {}) => {
return cache.get(endpointParams, () => (0, util_endpoints_2.resolveEndpoint)(ruleset_1.ruleSet, {
endpointParams: endpointParams,
logger: context.logger,
}));
};
exports.defaultEndpointResolver = defaultEndpointResolver;
util_endpoints_2.customEndpointFunctions.aws = util_endpoints_1.awsEndpointFunctions;
/***/ }),
/***/ 9947:
/***/ ((__unused_webpack_module, exports) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.ruleSet = void 0;
const u = "required", v = "fn", w = "argv", x = "ref";
const a = true, b = "isSet", c = "booleanEquals", d = "error", e = "endpoint", f = "tree", g = "PartitionResult", h = "getAttr", i = { [u]: false, "type": "String" }, j = { [u]: true, "default": false, "type": "Boolean" }, k = { [x]: "Endpoint" }, l = { [v]: c, [w]: [{ [x]: "UseFIPS" }, true] }, m = { [v]: c, [w]: [{ [x]: "UseDualStack" }, true] }, n = {}, o = { [v]: h, [w]: [{ [x]: g }, "supportsFIPS"] }, p = { [x]: g }, q = { [v]: c, [w]: [true, { [v]: h, [w]: [p, "supportsDualStack"] }] }, r = [l], s = [m], t = [{ [x]: "Region" }];
const _data = { version: "1.0", parameters: { Region: i, UseDualStack: j, UseFIPS: j, Endpoint: i }, rules: [{ conditions: [{ [v]: b, [w]: [k] }], rules: [{ conditions: r, error: "Invalid Configuration: FIPS and custom endpoint are not supported", type: d }, { conditions: s, error: "Invalid Configuration: Dualstack and custom endpoint are not supported", type: d }, { endpoint: { url: k, properties: n, headers: n }, type: e }], type: f }, { conditions: [{ [v]: b, [w]: t }], rules: [{ conditions: [{ [v]: "aws.partition", [w]: t, assign: g }], rules: [{ conditions: [l, m], rules: [{ conditions: [{ [v]: c, [w]: [a, o] }, q], rules: [{ endpoint: { url: "https://oidc-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "FIPS and DualStack are enabled, but this partition does not support one or both", type: d }], type: f }, { conditions: r, rules: [{ conditions: [{ [v]: c, [w]: [o, a] }], rules: [{ conditions: [{ [v]: "stringEquals", [w]: [{ [v]: h, [w]: [p, "name"] }, "aws-us-gov"] }], endpoint: { url: "https://oidc.{Region}.amazonaws.com", properties: n, headers: n }, type: e }, { endpoint: { url: "https://oidc-fips.{Region}.{PartitionResult#dnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "FIPS is enabled but this partition does not support FIPS", type: d }], type: f }, { conditions: s, rules: [{ conditions: [q], rules: [{ endpoint: { url: "https://oidc.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "DualStack is enabled but this partition does not support DualStack", type: d }], type: f }, { endpoint: { url: "https://oidc.{Region}.{PartitionResult#dnsSuffix}", properties: n, headers: n }, type: e }], type: f }], type: f }, { error: "Invalid Configuration: Missing Region", type: d }] };
exports.ruleSet = _data;
/***/ }),
/***/ 9443:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
var __webpack_unused_export__;
var middlewareHostHeader = __webpack_require__(2590);
var middlewareLogger = __webpack_require__(5242);
var middlewareRecursionDetection = __webpack_require__(1568);
var middlewareUserAgent = __webpack_require__(2959);
var configResolver = __webpack_require__(9316);
var core = __webpack_require__(402);
var middlewareContentLength = __webpack_require__(7212);
var middlewareEndpoint = __webpack_require__(99);
var middlewareRetry = __webpack_require__(9618);
var smithyClient = __webpack_require__(1411);
var httpAuthSchemeProvider = __webpack_require__(8396);
var runtimeConfig = __webpack_require__(6901);
var regionConfigResolver = __webpack_require__(6463);
var protocolHttp = __webpack_require__(2356);
var middlewareSerde = __webpack_require__(3255);
var core$1 = __webpack_require__(8704);
const resolveClientEndpointParameters = (options) => {
return Object.assign(options, {
useDualstackEndpoint: options.useDualstackEndpoint ?? false,
useFipsEndpoint: options.useFipsEndpoint ?? false,
defaultSigningName: "sso-oauth",
});
};
const commonParams = {
UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" },
Endpoint: { type: "builtInParams", name: "endpoint" },
Region: { type: "builtInParams", name: "region" },
UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" },
};
const getHttpAuthExtensionConfiguration = (runtimeConfig) => {
const _httpAuthSchemes = runtimeConfig.httpAuthSchemes;
let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider;
let _credentials = runtimeConfig.credentials;
return {
setHttpAuthScheme(httpAuthScheme) {
const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId);
if (index === -1) {
_httpAuthSchemes.push(httpAuthScheme);
}
else {
_httpAuthSchemes.splice(index, 1, httpAuthScheme);
}
},
httpAuthSchemes() {
return _httpAuthSchemes;
},
setHttpAuthSchemeProvider(httpAuthSchemeProvider) {
_httpAuthSchemeProvider = httpAuthSchemeProvider;
},
httpAuthSchemeProvider() {
return _httpAuthSchemeProvider;
},
setCredentials(credentials) {
_credentials = credentials;
},
credentials() {
return _credentials;
},
};
};
const resolveHttpAuthRuntimeConfig = (config) => {
return {
httpAuthSchemes: config.httpAuthSchemes(),
httpAuthSchemeProvider: config.httpAuthSchemeProvider(),
credentials: config.credentials(),
};
};
const resolveRuntimeExtensions = (runtimeConfig, extensions) => {
const extensionConfiguration = Object.assign(regionConfigResolver.getAwsRegionExtensionConfiguration(runtimeConfig), smithyClient.getDefaultExtensionConfiguration(runtimeConfig), protocolHttp.getHttpHandlerExtensionConfiguration(runtimeConfig), getHttpAuthExtensionConfiguration(runtimeConfig));
extensions.forEach((extension) => extension.configure(extensionConfiguration));
return Object.assign(runtimeConfig, regionConfigResolver.resolveAwsRegionExtensionConfiguration(extensionConfiguration), smithyClient.resolveDefaultRuntimeConfig(extensionConfiguration), protocolHttp.resolveHttpHandlerRuntimeConfig(extensionConfiguration), resolveHttpAuthRuntimeConfig(extensionConfiguration));
};
class SSOOIDCClient extends smithyClient.Client {
config;
constructor(...[configuration]) {
const _config_0 = runtimeConfig.getRuntimeConfig(configuration || {});
super(_config_0);
this.initConfig = _config_0;
const _config_1 = resolveClientEndpointParameters(_config_0);
const _config_2 = middlewareUserAgent.resolveUserAgentConfig(_config_1);
const _config_3 = middlewareRetry.resolveRetryConfig(_config_2);
const _config_4 = configResolver.resolveRegionConfig(_config_3);
const _config_5 = middlewareHostHeader.resolveHostHeaderConfig(_config_4);
const _config_6 = middlewareEndpoint.resolveEndpointConfig(_config_5);
const _config_7 = httpAuthSchemeProvider.resolveHttpAuthSchemeConfig(_config_6);
const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []);
this.config = _config_8;
this.middlewareStack.use(middlewareUserAgent.getUserAgentPlugin(this.config));
this.middlewareStack.use(middlewareRetry.getRetryPlugin(this.config));
this.middlewareStack.use(middlewareContentLength.getContentLengthPlugin(this.config));
this.middlewareStack.use(middlewareHostHeader.getHostHeaderPlugin(this.config));
this.middlewareStack.use(middlewareLogger.getLoggerPlugin(this.config));
this.middlewareStack.use(middlewareRecursionDetection.getRecursionDetectionPlugin(this.config));
this.middlewareStack.use(core.getHttpAuthSchemeEndpointRuleSetPlugin(this.config, {
httpAuthSchemeParametersProvider: httpAuthSchemeProvider.defaultSSOOIDCHttpAuthSchemeParametersProvider,
identityProviderConfigProvider: async (config) => new core.DefaultIdentityProviderConfig({
"aws.auth#sigv4": config.credentials,
}),
}));
this.middlewareStack.use(core.getHttpSigningPlugin(this.config));
}
destroy() {
super.destroy();
}
}
class SSOOIDCServiceException extends smithyClient.ServiceException {
constructor(options) {
super(options);
Object.setPrototypeOf(this, SSOOIDCServiceException.prototype);
}
}
const AccessDeniedExceptionReason = {
KMS_ACCESS_DENIED: "KMS_AccessDeniedException",
};
class AccessDeniedException extends SSOOIDCServiceException {
name = "AccessDeniedException";
$fault = "client";
error;
reason;
error_description;
constructor(opts) {
super({
name: "AccessDeniedException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, AccessDeniedException.prototype);
this.error = opts.error;
this.reason = opts.reason;
this.error_description = opts.error_description;
}
}
class AuthorizationPendingException extends SSOOIDCServiceException {
name = "AuthorizationPendingException";
$fault = "client";
error;
error_description;
constructor(opts) {
super({
name: "AuthorizationPendingException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, AuthorizationPendingException.prototype);
this.error = opts.error;
this.error_description = opts.error_description;
}
}
const CreateTokenRequestFilterSensitiveLog = (obj) => ({
...obj,
...(obj.clientSecret && { clientSecret: smithyClient.SENSITIVE_STRING }),
...(obj.refreshToken && { refreshToken: smithyClient.SENSITIVE_STRING }),
...(obj.codeVerifier && { codeVerifier: smithyClient.SENSITIVE_STRING }),
});
const CreateTokenResponseFilterSensitiveLog = (obj) => ({
...obj,
...(obj.accessToken && { accessToken: smithyClient.SENSITIVE_STRING }),
...(obj.refreshToken && { refreshToken: smithyClient.SENSITIVE_STRING }),
...(obj.idToken && { idToken: smithyClient.SENSITIVE_STRING }),
});
class ExpiredTokenException extends SSOOIDCServiceException {
name = "ExpiredTokenException";
$fault = "client";
error;
error_description;
constructor(opts) {
super({
name: "ExpiredTokenException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, ExpiredTokenException.prototype);
this.error = opts.error;
this.error_description = opts.error_description;
}
}
class InternalServerException extends SSOOIDCServiceException {
name = "InternalServerException";
$fault = "server";
error;
error_description;
constructor(opts) {
super({
name: "InternalServerException",
$fault: "server",
...opts,
});
Object.setPrototypeOf(this, InternalServerException.prototype);
this.error = opts.error;
this.error_description = opts.error_description;
}
}
class InvalidClientException extends SSOOIDCServiceException {
name = "InvalidClientException";
$fault = "client";
error;
error_description;
constructor(opts) {
super({
name: "InvalidClientException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, InvalidClientException.prototype);
this.error = opts.error;
this.error_description = opts.error_description;
}
}
class InvalidGrantException extends SSOOIDCServiceException {
name = "InvalidGrantException";
$fault = "client";
error;
error_description;
constructor(opts) {
super({
name: "InvalidGrantException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, InvalidGrantException.prototype);
this.error = opts.error;
this.error_description = opts.error_description;
}
}
const InvalidRequestExceptionReason = {
KMS_DISABLED_KEY: "KMS_DisabledException",
KMS_INVALID_KEY_USAGE: "KMS_InvalidKeyUsageException",
KMS_INVALID_STATE: "KMS_InvalidStateException",
KMS_KEY_NOT_FOUND: "KMS_NotFoundException",
};
class InvalidRequestException extends SSOOIDCServiceException {
name = "InvalidRequestException";
$fault = "client";
error;
reason;
error_description;
constructor(opts) {
super({
name: "InvalidRequestException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, InvalidRequestException.prototype);
this.error = opts.error;
this.reason = opts.reason;
this.error_description = opts.error_description;
}
}
class InvalidScopeException extends SSOOIDCServiceException {
name = "InvalidScopeException";
$fault = "client";
error;
error_description;
constructor(opts) {
super({
name: "InvalidScopeException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, InvalidScopeException.prototype);
this.error = opts.error;
this.error_description = opts.error_description;
}
}
class SlowDownException extends SSOOIDCServiceException {
name = "SlowDownException";
$fault = "client";
error;
error_description;
constructor(opts) {
super({
name: "SlowDownException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, SlowDownException.prototype);
this.error = opts.error;
this.error_description = opts.error_description;
}
}
class UnauthorizedClientException extends SSOOIDCServiceException {
name = "UnauthorizedClientException";
$fault = "client";
error;
error_description;
constructor(opts) {
super({
name: "UnauthorizedClientException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, UnauthorizedClientException.prototype);
this.error = opts.error;
this.error_description = opts.error_description;
}
}
class UnsupportedGrantTypeException extends SSOOIDCServiceException {
name = "UnsupportedGrantTypeException";
$fault = "client";
error;
error_description;
constructor(opts) {
super({
name: "UnsupportedGrantTypeException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, UnsupportedGrantTypeException.prototype);
this.error = opts.error;
this.error_description = opts.error_description;
}
}
const se_CreateTokenCommand = async (input, context) => {
const b = core.requestBuilder(input, context);
const headers = {
"content-type": "application/json",
};
b.bp("/token");
let body;
body = JSON.stringify(smithyClient.take(input, {
clientId: [],
clientSecret: [],
code: [],
codeVerifier: [],
deviceCode: [],
grantType: [],
redirectUri: [],
refreshToken: [],
scope: (_) => smithyClient._json(_),
}));
b.m("POST").h(headers).b(body);
return b.build();
};
const de_CreateTokenCommand = async (output, context) => {
if (output.statusCode !== 200 && output.statusCode >= 300) {
return de_CommandError(output, context);
}
const contents = smithyClient.map({
$metadata: deserializeMetadata(output),
});
const data = smithyClient.expectNonNull(smithyClient.expectObject(await core$1.parseJsonBody(output.body, context)), "body");
const doc = smithyClient.take(data, {
accessToken: smithyClient.expectString,
expiresIn: smithyClient.expectInt32,
idToken: smithyClient.expectString,
refreshToken: smithyClient.expectString,
tokenType: smithyClient.expectString,
});
Object.assign(contents, doc);
return contents;
};
const de_CommandError = async (output, context) => {
const parsedOutput = {
...output,
body: await core$1.parseJsonErrorBody(output.body, context),
};
const errorCode = core$1.loadRestJsonErrorCode(output, parsedOutput.body);
switch (errorCode) {
case "AccessDeniedException":
case "com.amazonaws.ssooidc#AccessDeniedException":
throw await de_AccessDeniedExceptionRes(parsedOutput);
case "AuthorizationPendingException":
case "com.amazonaws.ssooidc#AuthorizationPendingException":
throw await de_AuthorizationPendingExceptionRes(parsedOutput);
case "ExpiredTokenException":
case "com.amazonaws.ssooidc#ExpiredTokenException":
throw await de_ExpiredTokenExceptionRes(parsedOutput);
case "InternalServerException":
case "com.amazonaws.ssooidc#InternalServerException":
throw await de_InternalServerExceptionRes(parsedOutput);
case "InvalidClientException":
case "com.amazonaws.ssooidc#InvalidClientException":
throw await de_InvalidClientExceptionRes(parsedOutput);
case "InvalidGrantException":
case "com.amazonaws.ssooidc#InvalidGrantException":
throw await de_InvalidGrantExceptionRes(parsedOutput);
case "InvalidRequestException":
case "com.amazonaws.ssooidc#InvalidRequestException":
throw await de_InvalidRequestExceptionRes(parsedOutput);
case "InvalidScopeException":
case "com.amazonaws.ssooidc#InvalidScopeException":
throw await de_InvalidScopeExceptionRes(parsedOutput);
case "SlowDownException":
case "com.amazonaws.ssooidc#SlowDownException":
throw await de_SlowDownExceptionRes(parsedOutput);
case "UnauthorizedClientException":
case "com.amazonaws.ssooidc#UnauthorizedClientException":
throw await de_UnauthorizedClientExceptionRes(parsedOutput);
case "UnsupportedGrantTypeException":
case "com.amazonaws.ssooidc#UnsupportedGrantTypeException":
throw await de_UnsupportedGrantTypeExceptionRes(parsedOutput);
default:
const parsedBody = parsedOutput.body;
return throwDefaultError({
output,
parsedBody,
errorCode,
});
}
};
const throwDefaultError = smithyClient.withBaseException(SSOOIDCServiceException);
const de_AccessDeniedExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
reason: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new AccessDeniedException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_AuthorizationPendingExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new AuthorizationPendingException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_ExpiredTokenExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new ExpiredTokenException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_InternalServerExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new InternalServerException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_InvalidClientExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new InvalidClientException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_InvalidGrantExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new InvalidGrantException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_InvalidRequestExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
reason: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new InvalidRequestException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_InvalidScopeExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new InvalidScopeException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_SlowDownExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new SlowDownException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_UnauthorizedClientExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new UnauthorizedClientException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const de_UnsupportedGrantTypeExceptionRes = async (parsedOutput, context) => {
const contents = smithyClient.map({});
const data = parsedOutput.body;
const doc = smithyClient.take(data, {
error: smithyClient.expectString,
error_description: smithyClient.expectString,
});
Object.assign(contents, doc);
const exception = new UnsupportedGrantTypeException({
$metadata: deserializeMetadata(parsedOutput),
...contents,
});
return smithyClient.decorateServiceException(exception, parsedOutput.body);
};
const deserializeMetadata = (output) => ({
httpStatusCode: output.statusCode,
requestId: output.headers["x-amzn-requestid"] ?? output.headers["x-amzn-request-id"] ?? output.headers["x-amz-request-id"],
extendedRequestId: output.headers["x-amz-id-2"],
cfId: output.headers["x-amz-cf-id"],
});
class CreateTokenCommand extends smithyClient.Command
.classBuilder()
.ep(commonParams)
.m(function (Command, cs, config, o) {
return [
middlewareSerde.getSerdePlugin(config, this.serialize, this.deserialize),
middlewareEndpoint.getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
];
})
.s("AWSSSOOIDCService", "CreateToken", {})
.n("SSOOIDCClient", "CreateTokenCommand")
.f(CreateTokenRequestFilterSensitiveLog, CreateTokenResponseFilterSensitiveLog)
.ser(se_CreateTokenCommand)
.de(de_CreateTokenCommand)
.build() {
}
const commands = {
CreateTokenCommand,
};
class SSOOIDC extends SSOOIDCClient {
}
smithyClient.createAggregatedClient(commands, SSOOIDC);
__webpack_unused_export__ = ({
enumerable: true,
get: function () { return smithyClient.Command; }
});
__webpack_unused_export__ = ({
enumerable: true,
get: function () { return smithyClient.Client; }
});
__webpack_unused_export__ = AccessDeniedException;
__webpack_unused_export__ = AccessDeniedExceptionReason;
__webpack_unused_export__ = AuthorizationPendingException;
exports.CreateTokenCommand = CreateTokenCommand;
__webpack_unused_export__ = CreateTokenRequestFilterSensitiveLog;
__webpack_unused_export__ = CreateTokenResponseFilterSensitiveLog;
__webpack_unused_export__ = ExpiredTokenException;
__webpack_unused_export__ = InternalServerException;
__webpack_unused_export__ = InvalidClientException;
__webpack_unused_export__ = InvalidGrantException;
__webpack_unused_export__ = InvalidRequestException;
__webpack_unused_export__ = InvalidRequestExceptionReason;
__webpack_unused_export__ = InvalidScopeException;
__webpack_unused_export__ = SSOOIDC;
exports.SSOOIDCClient = SSOOIDCClient;
__webpack_unused_export__ = SSOOIDCServiceException;
__webpack_unused_export__ = SlowDownException;
__webpack_unused_export__ = UnauthorizedClientException;
__webpack_unused_export__ = UnsupportedGrantTypeException;
/***/ }),
/***/ 6901:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.getRuntimeConfig = void 0;
const tslib_1 = __webpack_require__(1860);
const package_json_1 = tslib_1.__importDefault(__webpack_require__(9955));
const core_1 = __webpack_require__(8704);
const util_user_agent_node_1 = __webpack_require__(1656);
const config_resolver_1 = __webpack_require__(9316);
const hash_node_1 = __webpack_require__(5092);
const middleware_retry_1 = __webpack_require__(9618);
const node_config_provider_1 = __webpack_require__(5704);
const node_http_handler_1 = __webpack_require__(1279);
const util_body_length_node_1 = __webpack_require__(3638);
const util_retry_1 = __webpack_require__(5518);
const runtimeConfig_shared_1 = __webpack_require__(1546);
const smithy_client_1 = __webpack_require__(1411);
const util_defaults_mode_node_1 = __webpack_require__(5435);
const smithy_client_2 = __webpack_require__(1411);
const getRuntimeConfig = (config) => {
(0, smithy_client_2.emitWarningIfUnsupportedVersion)(process.version);
const defaultsMode = (0, util_defaults_mode_node_1.resolveDefaultsModeConfig)(config);
const defaultConfigProvider = () => defaultsMode().then(smithy_client_1.loadConfigsForDefaultMode);
const clientSharedValues = (0, runtimeConfig_shared_1.getRuntimeConfig)(config);
(0, core_1.emitWarningIfUnsupportedVersion)(process.version);
const loaderConfig = {
profile: config?.profile,
logger: clientSharedValues.logger,
};
return {
...clientSharedValues,
...config,
runtime: "node",
defaultsMode,
authSchemePreference: config?.authSchemePreference ?? (0, node_config_provider_1.loadConfig)(core_1.NODE_AUTH_SCHEME_PREFERENCE_OPTIONS, loaderConfig),
bodyLengthChecker: config?.bodyLengthChecker ?? util_body_length_node_1.calculateBodyLength,
defaultUserAgentProvider: config?.defaultUserAgentProvider ??
(0, util_user_agent_node_1.createDefaultUserAgentProvider)({ serviceId: clientSharedValues.serviceId, clientVersion: package_json_1.default.version }),
maxAttempts: config?.maxAttempts ?? (0, node_config_provider_1.loadConfig)(middleware_retry_1.NODE_MAX_ATTEMPT_CONFIG_OPTIONS, config),
region: config?.region ??
(0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_REGION_CONFIG_OPTIONS, { ...config_resolver_1.NODE_REGION_CONFIG_FILE_OPTIONS, ...loaderConfig }),
requestHandler: node_http_handler_1.NodeHttpHandler.create(config?.requestHandler ?? defaultConfigProvider),
retryMode: config?.retryMode ??
(0, node_config_provider_1.loadConfig)({
...middleware_retry_1.NODE_RETRY_MODE_CONFIG_OPTIONS,
default: async () => (await defaultConfigProvider()).retryMode || util_retry_1.DEFAULT_RETRY_MODE,
}, config),
sha256: config?.sha256 ?? hash_node_1.Hash.bind(null, "sha256"),
streamCollector: config?.streamCollector ?? node_http_handler_1.streamCollector,
useDualstackEndpoint: config?.useDualstackEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS, loaderConfig),
useFipsEndpoint: config?.useFipsEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS, loaderConfig),
userAgentAppId: config?.userAgentAppId ?? (0, node_config_provider_1.loadConfig)(util_user_agent_node_1.NODE_APP_ID_CONFIG_OPTIONS, loaderConfig),
};
};
exports.getRuntimeConfig = getRuntimeConfig;
/***/ }),
/***/ 1546:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.getRuntimeConfig = void 0;
const core_1 = __webpack_require__(8704);
const core_2 = __webpack_require__(402);
const smithy_client_1 = __webpack_require__(1411);
const url_parser_1 = __webpack_require__(4494);
const util_base64_1 = __webpack_require__(8385);
const util_utf8_1 = __webpack_require__(1577);
const httpAuthSchemeProvider_1 = __webpack_require__(8396);
const endpointResolver_1 = __webpack_require__(546);
const getRuntimeConfig = (config) => {
return {
apiVersion: "2019-06-10",
base64Decoder: config?.base64Decoder ?? util_base64_1.fromBase64,
base64Encoder: config?.base64Encoder ?? util_base64_1.toBase64,
disableHostPrefix: config?.disableHostPrefix ?? false,
endpointProvider: config?.endpointProvider ?? endpointResolver_1.defaultEndpointResolver,
extensions: config?.extensions ?? [],
httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? httpAuthSchemeProvider_1.defaultSSOOIDCHttpAuthSchemeProvider,
httpAuthSchemes: config?.httpAuthSchemes ?? [
{
schemeId: "aws.auth#sigv4",
identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"),
signer: new core_1.AwsSdkSigV4Signer(),
},
{
schemeId: "smithy.api#noAuth",
identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
signer: new core_2.NoAuthSigner(),
},
],
logger: config?.logger ?? new smithy_client_1.NoOpLogger(),
serviceId: config?.serviceId ?? "SSO OIDC",
urlParser: config?.urlParser ?? url_parser_1.parseUrl,
utf8Decoder: config?.utf8Decoder ?? util_utf8_1.fromUtf8,
utf8Encoder: config?.utf8Encoder ?? util_utf8_1.toUtf8,
};
};
exports.getRuntimeConfig = getRuntimeConfig;
/***/ }),
/***/ 9955:
/***/ ((module) => {
module.exports = /*#__PURE__*/JSON.parse('{"name":"@aws-sdk/nested-clients","version":"3.908.0","description":"Nested clients for AWS SDK packages.","main":"./dist-cjs/index.js","module":"./dist-es/index.js","types":"./dist-types/index.d.ts","scripts":{"build":"yarn lint && concurrently \'yarn:build:cjs\' \'yarn:build:es\' \'yarn:build:types\'","build:cjs":"node ../../scripts/compilation/inline nested-clients","build:es":"tsc -p tsconfig.es.json","build:include:deps":"lerna run --scope $npm_package_name --include-dependencies build","build:types":"tsc -p tsconfig.types.json","build:types:downlevel":"downlevel-dts dist-types dist-types/ts3.4","clean":"rimraf ./dist-* && rimraf *.tsbuildinfo","lint":"node ../../scripts/validation/submodules-linter.js --pkg nested-clients","test":"yarn g:vitest run","test:watch":"yarn g:vitest watch"},"engines":{"node":">=18.0.0"},"sideEffects":false,"author":{"name":"AWS SDK for JavaScript Team","url":"https://aws.amazon.com/javascript/"},"license":"Apache-2.0","dependencies":{"@aws-crypto/sha256-browser":"5.2.0","@aws-crypto/sha256-js":"5.2.0","@aws-sdk/core":"3.908.0","@aws-sdk/middleware-host-header":"3.901.0","@aws-sdk/middleware-logger":"3.901.0","@aws-sdk/middleware-recursion-detection":"3.901.0","@aws-sdk/middleware-user-agent":"3.908.0","@aws-sdk/region-config-resolver":"3.901.0","@aws-sdk/types":"3.901.0","@aws-sdk/util-endpoints":"3.901.0","@aws-sdk/util-user-agent-browser":"3.907.0","@aws-sdk/util-user-agent-node":"3.908.0","@smithy/config-resolver":"^4.3.0","@smithy/core":"^3.15.0","@smithy/fetch-http-handler":"^5.3.1","@smithy/hash-node":"^4.2.0","@smithy/invalid-dependency":"^4.2.0","@smithy/middleware-content-length":"^4.2.0","@smithy/middleware-endpoint":"^4.3.1","@smithy/middleware-retry":"^4.4.1","@smithy/middleware-serde":"^4.2.0","@smithy/middleware-stack":"^4.2.0","@smithy/node-config-provider":"^4.3.0","@smithy/node-http-handler":"^4.3.0","@smithy/protocol-http":"^5.3.0","@smithy/smithy-client":"^4.7.1","@smithy/types":"^4.6.0","@smithy/url-parser":"^4.2.0","@smithy/util-base64":"^4.3.0","@smithy/util-body-length-browser":"^4.2.0","@smithy/util-body-length-node":"^4.2.1","@smithy/util-defaults-mode-browser":"^4.3.0","@smithy/util-defaults-mode-node":"^4.2.1","@smithy/util-endpoints":"^3.2.0","@smithy/util-middleware":"^4.2.0","@smithy/util-retry":"^4.2.0","@smithy/util-utf8":"^4.2.0","tslib":"^2.6.2"},"devDependencies":{"concurrently":"7.0.0","downlevel-dts":"0.10.1","rimraf":"3.0.2","typescript":"~5.8.3"},"typesVersions":{"<4.0":{"dist-types/*":["dist-types/ts3.4/*"]}},"files":["./sso-oidc.d.ts","./sso-oidc.js","./sts.d.ts","./sts.js","dist-*/**"],"browser":{"./dist-es/submodules/sso-oidc/runtimeConfig":"./dist-es/submodules/sso-oidc/runtimeConfig.browser","./dist-es/submodules/sts/runtimeConfig":"./dist-es/submodules/sts/runtimeConfig.browser"},"react-native":{},"homepage":"https://github.com/aws/aws-sdk-js-v3/tree/main/packages/nested-clients","repository":{"type":"git","url":"https://github.com/aws/aws-sdk-js-v3.git","directory":"packages/nested-clients"},"exports":{"./sso-oidc":{"types":"./dist-types/submodules/sso-oidc/index.d.ts","module":"./dist-es/submodules/sso-oidc/index.js","node":"./dist-cjs/submodules/sso-oidc/index.js","import":"./dist-es/submodules/sso-oidc/index.js","require":"./dist-cjs/submodules/sso-oidc/index.js"},"./sts":{"types":"./dist-types/submodules/sts/index.d.ts","module":"./dist-es/submodules/sts/index.js","node":"./dist-cjs/submodules/sts/index.js","import":"./dist-es/submodules/sts/index.js","require":"./dist-cjs/submodules/sts/index.js"}}}');
/***/ })
};
;

387
dist/cleanup/566.index.js generated vendored Normal file
View file

@ -0,0 +1,387 @@
"use strict";
exports.id = 566;
exports.ids = [566];
exports.modules = {
/***/ 566:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
var __webpack_unused_export__;
var propertyProvider = __webpack_require__(1238);
var url = __webpack_require__(7016);
var buffer = __webpack_require__(181);
var http = __webpack_require__(8611);
var nodeConfigProvider = __webpack_require__(5704);
var urlParser = __webpack_require__(4494);
function httpRequest(options) {
return new Promise((resolve, reject) => {
const req = http.request({
method: "GET",
...options,
hostname: options.hostname?.replace(/^\[(.+)\]$/, "$1"),
});
req.on("error", (err) => {
reject(Object.assign(new propertyProvider.ProviderError("Unable to connect to instance metadata service"), err));
req.destroy();
});
req.on("timeout", () => {
reject(new propertyProvider.ProviderError("TimeoutError from instance metadata service"));
req.destroy();
});
req.on("response", (res) => {
const { statusCode = 400 } = res;
if (statusCode < 200 || 300 <= statusCode) {
reject(Object.assign(new propertyProvider.ProviderError("Error response received from instance metadata service"), { statusCode }));
req.destroy();
}
const chunks = [];
res.on("data", (chunk) => {
chunks.push(chunk);
});
res.on("end", () => {
resolve(buffer.Buffer.concat(chunks));
req.destroy();
});
});
req.end();
});
}
const isImdsCredentials = (arg) => Boolean(arg) &&
typeof arg === "object" &&
typeof arg.AccessKeyId === "string" &&
typeof arg.SecretAccessKey === "string" &&
typeof arg.Token === "string" &&
typeof arg.Expiration === "string";
const fromImdsCredentials = (creds) => ({
accessKeyId: creds.AccessKeyId,
secretAccessKey: creds.SecretAccessKey,
sessionToken: creds.Token,
expiration: new Date(creds.Expiration),
...(creds.AccountId && { accountId: creds.AccountId }),
});
const DEFAULT_TIMEOUT = 1000;
const DEFAULT_MAX_RETRIES = 0;
const providerConfigFromInit = ({ maxRetries = DEFAULT_MAX_RETRIES, timeout = DEFAULT_TIMEOUT, }) => ({ maxRetries, timeout });
const retry = (toRetry, maxRetries) => {
let promise = toRetry();
for (let i = 0; i < maxRetries; i++) {
promise = promise.catch(toRetry);
}
return promise;
};
const ENV_CMDS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI";
const ENV_CMDS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI";
const ENV_CMDS_AUTH_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN";
const fromContainerMetadata = (init = {}) => {
const { timeout, maxRetries } = providerConfigFromInit(init);
return () => retry(async () => {
const requestOptions = await getCmdsUri({ logger: init.logger });
const credsResponse = JSON.parse(await requestFromEcsImds(timeout, requestOptions));
if (!isImdsCredentials(credsResponse)) {
throw new propertyProvider.CredentialsProviderError("Invalid response received from instance metadata service.", {
logger: init.logger,
});
}
return fromImdsCredentials(credsResponse);
}, maxRetries);
};
const requestFromEcsImds = async (timeout, options) => {
if (process.env[ENV_CMDS_AUTH_TOKEN]) {
options.headers = {
...options.headers,
Authorization: process.env[ENV_CMDS_AUTH_TOKEN],
};
}
const buffer = await httpRequest({
...options,
timeout,
});
return buffer.toString();
};
const CMDS_IP = "169.254.170.2";
const GREENGRASS_HOSTS = {
localhost: true,
"127.0.0.1": true,
};
const GREENGRASS_PROTOCOLS = {
"http:": true,
"https:": true,
};
const getCmdsUri = async ({ logger }) => {
if (process.env[ENV_CMDS_RELATIVE_URI]) {
return {
hostname: CMDS_IP,
path: process.env[ENV_CMDS_RELATIVE_URI],
};
}
if (process.env[ENV_CMDS_FULL_URI]) {
const parsed = url.parse(process.env[ENV_CMDS_FULL_URI]);
if (!parsed.hostname || !(parsed.hostname in GREENGRASS_HOSTS)) {
throw new propertyProvider.CredentialsProviderError(`${parsed.hostname} is not a valid container metadata service hostname`, {
tryNextLink: false,
logger,
});
}
if (!parsed.protocol || !(parsed.protocol in GREENGRASS_PROTOCOLS)) {
throw new propertyProvider.CredentialsProviderError(`${parsed.protocol} is not a valid container metadata service protocol`, {
tryNextLink: false,
logger,
});
}
return {
...parsed,
port: parsed.port ? parseInt(parsed.port, 10) : undefined,
};
}
throw new propertyProvider.CredentialsProviderError("The container metadata credential provider cannot be used unless" +
` the ${ENV_CMDS_RELATIVE_URI} or ${ENV_CMDS_FULL_URI} environment` +
" variable is set", {
tryNextLink: false,
logger,
});
};
class InstanceMetadataV1FallbackError extends propertyProvider.CredentialsProviderError {
tryNextLink;
name = "InstanceMetadataV1FallbackError";
constructor(message, tryNextLink = true) {
super(message, tryNextLink);
this.tryNextLink = tryNextLink;
Object.setPrototypeOf(this, InstanceMetadataV1FallbackError.prototype);
}
}
exports.yI = void 0;
(function (Endpoint) {
Endpoint["IPv4"] = "http://169.254.169.254";
Endpoint["IPv6"] = "http://[fd00:ec2::254]";
})(exports.yI || (exports.yI = {}));
const ENV_ENDPOINT_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT";
const CONFIG_ENDPOINT_NAME = "ec2_metadata_service_endpoint";
const ENDPOINT_CONFIG_OPTIONS = {
environmentVariableSelector: (env) => env[ENV_ENDPOINT_NAME],
configFileSelector: (profile) => profile[CONFIG_ENDPOINT_NAME],
default: undefined,
};
var EndpointMode;
(function (EndpointMode) {
EndpointMode["IPv4"] = "IPv4";
EndpointMode["IPv6"] = "IPv6";
})(EndpointMode || (EndpointMode = {}));
const ENV_ENDPOINT_MODE_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE";
const CONFIG_ENDPOINT_MODE_NAME = "ec2_metadata_service_endpoint_mode";
const ENDPOINT_MODE_CONFIG_OPTIONS = {
environmentVariableSelector: (env) => env[ENV_ENDPOINT_MODE_NAME],
configFileSelector: (profile) => profile[CONFIG_ENDPOINT_MODE_NAME],
default: EndpointMode.IPv4,
};
const getInstanceMetadataEndpoint = async () => urlParser.parseUrl((await getFromEndpointConfig()) || (await getFromEndpointModeConfig()));
const getFromEndpointConfig = async () => nodeConfigProvider.loadConfig(ENDPOINT_CONFIG_OPTIONS)();
const getFromEndpointModeConfig = async () => {
const endpointMode = await nodeConfigProvider.loadConfig(ENDPOINT_MODE_CONFIG_OPTIONS)();
switch (endpointMode) {
case EndpointMode.IPv4:
return exports.yI.IPv4;
case EndpointMode.IPv6:
return exports.yI.IPv6;
default:
throw new Error(`Unsupported endpoint mode: ${endpointMode}.` + ` Select from ${Object.values(EndpointMode)}`);
}
};
const STATIC_STABILITY_REFRESH_INTERVAL_SECONDS = 5 * 60;
const STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS = 5 * 60;
const STATIC_STABILITY_DOC_URL = "https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html";
const getExtendedInstanceMetadataCredentials = (credentials, logger) => {
const refreshInterval = STATIC_STABILITY_REFRESH_INTERVAL_SECONDS +
Math.floor(Math.random() * STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS);
const newExpiration = new Date(Date.now() + refreshInterval * 1000);
logger.warn("Attempting credential expiration extension due to a credential service availability issue. A refresh of these " +
`credentials will be attempted after ${new Date(newExpiration)}.\nFor more information, please visit: ` +
STATIC_STABILITY_DOC_URL);
const originalExpiration = credentials.originalExpiration ?? credentials.expiration;
return {
...credentials,
...(originalExpiration ? { originalExpiration } : {}),
expiration: newExpiration,
};
};
const staticStabilityProvider = (provider, options = {}) => {
const logger = options?.logger || console;
let pastCredentials;
return async () => {
let credentials;
try {
credentials = await provider();
if (credentials.expiration && credentials.expiration.getTime() < Date.now()) {
credentials = getExtendedInstanceMetadataCredentials(credentials, logger);
}
}
catch (e) {
if (pastCredentials) {
logger.warn("Credential renew failed: ", e);
credentials = getExtendedInstanceMetadataCredentials(pastCredentials, logger);
}
else {
throw e;
}
}
pastCredentials = credentials;
return credentials;
};
};
const IMDS_PATH = "/latest/meta-data/iam/security-credentials/";
const IMDS_TOKEN_PATH = "/latest/api/token";
const AWS_EC2_METADATA_V1_DISABLED = "AWS_EC2_METADATA_V1_DISABLED";
const PROFILE_AWS_EC2_METADATA_V1_DISABLED = "ec2_metadata_v1_disabled";
const X_AWS_EC2_METADATA_TOKEN = "x-aws-ec2-metadata-token";
const fromInstanceMetadata = (init = {}) => staticStabilityProvider(getInstanceMetadataProvider(init), { logger: init.logger });
const getInstanceMetadataProvider = (init = {}) => {
let disableFetchToken = false;
const { logger, profile } = init;
const { timeout, maxRetries } = providerConfigFromInit(init);
const getCredentials = async (maxRetries, options) => {
const isImdsV1Fallback = disableFetchToken || options.headers?.[X_AWS_EC2_METADATA_TOKEN] == null;
if (isImdsV1Fallback) {
let fallbackBlockedFromProfile = false;
let fallbackBlockedFromProcessEnv = false;
const configValue = await nodeConfigProvider.loadConfig({
environmentVariableSelector: (env) => {
const envValue = env[AWS_EC2_METADATA_V1_DISABLED];
fallbackBlockedFromProcessEnv = !!envValue && envValue !== "false";
if (envValue === undefined) {
throw new propertyProvider.CredentialsProviderError(`${AWS_EC2_METADATA_V1_DISABLED} not set in env, checking config file next.`, { logger: init.logger });
}
return fallbackBlockedFromProcessEnv;
},
configFileSelector: (profile) => {
const profileValue = profile[PROFILE_AWS_EC2_METADATA_V1_DISABLED];
fallbackBlockedFromProfile = !!profileValue && profileValue !== "false";
return fallbackBlockedFromProfile;
},
default: false,
}, {
profile,
})();
if (init.ec2MetadataV1Disabled || configValue) {
const causes = [];
if (init.ec2MetadataV1Disabled)
causes.push("credential provider initialization (runtime option ec2MetadataV1Disabled)");
if (fallbackBlockedFromProfile)
causes.push(`config file profile (${PROFILE_AWS_EC2_METADATA_V1_DISABLED})`);
if (fallbackBlockedFromProcessEnv)
causes.push(`process environment variable (${AWS_EC2_METADATA_V1_DISABLED})`);
throw new InstanceMetadataV1FallbackError(`AWS EC2 Metadata v1 fallback has been blocked by AWS SDK configuration in the following: [${causes.join(", ")}].`);
}
}
const imdsProfile = (await retry(async () => {
let profile;
try {
profile = await getProfile(options);
}
catch (err) {
if (err.statusCode === 401) {
disableFetchToken = false;
}
throw err;
}
return profile;
}, maxRetries)).trim();
return retry(async () => {
let creds;
try {
creds = await getCredentialsFromProfile(imdsProfile, options, init);
}
catch (err) {
if (err.statusCode === 401) {
disableFetchToken = false;
}
throw err;
}
return creds;
}, maxRetries);
};
return async () => {
const endpoint = await getInstanceMetadataEndpoint();
if (disableFetchToken) {
logger?.debug("AWS SDK Instance Metadata", "using v1 fallback (no token fetch)");
return getCredentials(maxRetries, { ...endpoint, timeout });
}
else {
let token;
try {
token = (await getMetadataToken({ ...endpoint, timeout })).toString();
}
catch (error) {
if (error?.statusCode === 400) {
throw Object.assign(error, {
message: "EC2 Metadata token request returned error",
});
}
else if (error.message === "TimeoutError" || [403, 404, 405].includes(error.statusCode)) {
disableFetchToken = true;
}
logger?.debug("AWS SDK Instance Metadata", "using v1 fallback (initial)");
return getCredentials(maxRetries, { ...endpoint, timeout });
}
return getCredentials(maxRetries, {
...endpoint,
headers: {
[X_AWS_EC2_METADATA_TOKEN]: token,
},
timeout,
});
}
};
};
const getMetadataToken = async (options) => httpRequest({
...options,
path: IMDS_TOKEN_PATH,
method: "PUT",
headers: {
"x-aws-ec2-metadata-token-ttl-seconds": "21600",
},
});
const getProfile = async (options) => (await httpRequest({ ...options, path: IMDS_PATH })).toString();
const getCredentialsFromProfile = async (profile, options, init) => {
const credentialsResponse = JSON.parse((await httpRequest({
...options,
path: IMDS_PATH + profile,
})).toString());
if (!isImdsCredentials(credentialsResponse)) {
throw new propertyProvider.CredentialsProviderError("Invalid response received from instance metadata service.", {
logger: init.logger,
});
}
return fromImdsCredentials(credentialsResponse);
};
__webpack_unused_export__ = DEFAULT_MAX_RETRIES;
__webpack_unused_export__ = DEFAULT_TIMEOUT;
__webpack_unused_export__ = ENV_CMDS_AUTH_TOKEN;
exports.ENV_CMDS_FULL_URI = ENV_CMDS_FULL_URI;
exports.ENV_CMDS_RELATIVE_URI = ENV_CMDS_RELATIVE_URI;
exports.fromContainerMetadata = fromContainerMetadata;
exports.fromInstanceMetadata = fromInstanceMetadata;
exports.getInstanceMetadataEndpoint = getInstanceMetadataEndpoint;
exports.httpRequest = httpRequest;
__webpack_unused_export__ = providerConfigFromInit;
/***/ })
};
;

8
dist/cleanup/579.index.js generated vendored
View file

@ -8,7 +8,6 @@ exports.modules = {
var schema = __webpack_require__(6890);
var utilUtf8 = __webpack_require__(1577);
class EventStreamSerde {
@ -139,12 +138,15 @@ class EventStreamSerde {
let eventType = unionMember;
let explicitPayloadMember = null;
let explicitPayloadContentType;
const isKnownSchema = unionSchema.hasMemberSchema(unionMember);
const isKnownSchema = (() => {
const struct = unionSchema.getSchema();
return struct.memberNames.includes(unionMember);
})();
const additionalHeaders = {};
if (!isKnownSchema) {
const [type, value] = event[unionMember];
eventType = type;
serializer.write(schema.SCHEMA.DOCUMENT, value);
serializer.write(15, value);
}
else {
const eventSchema = unionSchema.getMemberSchema(unionMember);

234
dist/cleanup/605.index.js generated vendored Normal file
View file

@ -0,0 +1,234 @@
"use strict";
exports.id = 605;
exports.ids = [605];
exports.modules = {
/***/ 1509:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.checkUrl = void 0;
const property_provider_1 = __webpack_require__(1238);
const LOOPBACK_CIDR_IPv4 = "127.0.0.0/8";
const LOOPBACK_CIDR_IPv6 = "::1/128";
const ECS_CONTAINER_HOST = "169.254.170.2";
const EKS_CONTAINER_HOST_IPv4 = "169.254.170.23";
const EKS_CONTAINER_HOST_IPv6 = "[fd00:ec2::23]";
const checkUrl = (url, logger) => {
if (url.protocol === "https:") {
return;
}
if (url.hostname === ECS_CONTAINER_HOST ||
url.hostname === EKS_CONTAINER_HOST_IPv4 ||
url.hostname === EKS_CONTAINER_HOST_IPv6) {
return;
}
if (url.hostname.includes("[")) {
if (url.hostname === "[::1]" || url.hostname === "[0000:0000:0000:0000:0000:0000:0000:0001]") {
return;
}
}
else {
if (url.hostname === "localhost") {
return;
}
const ipComponents = url.hostname.split(".");
const inRange = (component) => {
const num = parseInt(component, 10);
return 0 <= num && num <= 255;
};
if (ipComponents[0] === "127" &&
inRange(ipComponents[1]) &&
inRange(ipComponents[2]) &&
inRange(ipComponents[3]) &&
ipComponents.length === 4) {
return;
}
}
throw new property_provider_1.CredentialsProviderError(`URL not accepted. It must either be HTTPS or match one of the following:
- loopback CIDR 127.0.0.0/8 or [::1/128]
- ECS container host 169.254.170.2
- EKS container host 169.254.170.23 or [fd00:ec2::23]`, { logger });
};
exports.checkUrl = checkUrl;
/***/ }),
/***/ 8712:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.fromHttp = void 0;
const tslib_1 = __webpack_require__(1860);
const client_1 = __webpack_require__(5152);
const node_http_handler_1 = __webpack_require__(1279);
const property_provider_1 = __webpack_require__(1238);
const promises_1 = tslib_1.__importDefault(__webpack_require__(1943));
const checkUrl_1 = __webpack_require__(1509);
const requestHelpers_1 = __webpack_require__(8914);
const retry_wrapper_1 = __webpack_require__(1122);
const AWS_CONTAINER_CREDENTIALS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI";
const DEFAULT_LINK_LOCAL_HOST = "http://169.254.170.2";
const AWS_CONTAINER_CREDENTIALS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI";
const AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE";
const AWS_CONTAINER_AUTHORIZATION_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN";
const fromHttp = (options = {}) => {
options.logger?.debug("@aws-sdk/credential-provider-http - fromHttp");
let host;
const relative = options.awsContainerCredentialsRelativeUri ?? process.env[AWS_CONTAINER_CREDENTIALS_RELATIVE_URI];
const full = options.awsContainerCredentialsFullUri ?? process.env[AWS_CONTAINER_CREDENTIALS_FULL_URI];
const token = options.awsContainerAuthorizationToken ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN];
const tokenFile = options.awsContainerAuthorizationTokenFile ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE];
const warn = options.logger?.constructor?.name === "NoOpLogger" || !options.logger?.warn
? console.warn
: options.logger.warn.bind(options.logger);
if (relative && full) {
warn("@aws-sdk/credential-provider-http: " +
"you have set both awsContainerCredentialsRelativeUri and awsContainerCredentialsFullUri.");
warn("awsContainerCredentialsFullUri will take precedence.");
}
if (token && tokenFile) {
warn("@aws-sdk/credential-provider-http: " +
"you have set both awsContainerAuthorizationToken and awsContainerAuthorizationTokenFile.");
warn("awsContainerAuthorizationToken will take precedence.");
}
if (full) {
host = full;
}
else if (relative) {
host = `${DEFAULT_LINK_LOCAL_HOST}${relative}`;
}
else {
throw new property_provider_1.CredentialsProviderError(`No HTTP credential provider host provided.
Set AWS_CONTAINER_CREDENTIALS_FULL_URI or AWS_CONTAINER_CREDENTIALS_RELATIVE_URI.`, { logger: options.logger });
}
const url = new URL(host);
(0, checkUrl_1.checkUrl)(url, options.logger);
const requestHandler = node_http_handler_1.NodeHttpHandler.create({
requestTimeout: options.timeout ?? 1000,
connectionTimeout: options.timeout ?? 1000,
});
return (0, retry_wrapper_1.retryWrapper)(async () => {
const request = (0, requestHelpers_1.createGetRequest)(url);
if (token) {
request.headers.Authorization = token;
}
else if (tokenFile) {
request.headers.Authorization = (await promises_1.default.readFile(tokenFile)).toString();
}
try {
const result = await requestHandler.handle(request);
return (0, requestHelpers_1.getCredentials)(result.response).then((creds) => (0, client_1.setCredentialFeature)(creds, "CREDENTIALS_HTTP", "z"));
}
catch (e) {
throw new property_provider_1.CredentialsProviderError(String(e), { logger: options.logger });
}
}, options.maxRetries ?? 3, options.timeout ?? 1000);
};
exports.fromHttp = fromHttp;
/***/ }),
/***/ 8914:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.createGetRequest = createGetRequest;
exports.getCredentials = getCredentials;
const property_provider_1 = __webpack_require__(1238);
const protocol_http_1 = __webpack_require__(2356);
const smithy_client_1 = __webpack_require__(1411);
const util_stream_1 = __webpack_require__(4252);
function createGetRequest(url) {
return new protocol_http_1.HttpRequest({
protocol: url.protocol,
hostname: url.hostname,
port: Number(url.port),
path: url.pathname,
query: Array.from(url.searchParams.entries()).reduce((acc, [k, v]) => {
acc[k] = v;
return acc;
}, {}),
fragment: url.hash,
});
}
async function getCredentials(response, logger) {
const stream = (0, util_stream_1.sdkStreamMixin)(response.body);
const str = await stream.transformToString();
if (response.statusCode === 200) {
const parsed = JSON.parse(str);
if (typeof parsed.AccessKeyId !== "string" ||
typeof parsed.SecretAccessKey !== "string" ||
typeof parsed.Token !== "string" ||
typeof parsed.Expiration !== "string") {
throw new property_provider_1.CredentialsProviderError("HTTP credential provider response not of the required format, an object matching: " +
"{ AccessKeyId: string, SecretAccessKey: string, Token: string, Expiration: string(rfc3339) }", { logger });
}
return {
accessKeyId: parsed.AccessKeyId,
secretAccessKey: parsed.SecretAccessKey,
sessionToken: parsed.Token,
expiration: (0, smithy_client_1.parseRfc3339DateTime)(parsed.Expiration),
};
}
if (response.statusCode >= 400 && response.statusCode < 500) {
let parsedBody = {};
try {
parsedBody = JSON.parse(str);
}
catch (e) { }
throw Object.assign(new property_provider_1.CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger }), {
Code: parsedBody.Code,
Message: parsedBody.Message,
});
}
throw new property_provider_1.CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger });
}
/***/ }),
/***/ 1122:
/***/ ((__unused_webpack_module, exports) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.retryWrapper = void 0;
const retryWrapper = (toRetry, maxRetries, delayMs) => {
return async () => {
for (let i = 0; i < maxRetries; ++i) {
try {
return await toRetry();
}
catch (e) {
await new Promise((resolve) => setTimeout(resolve, delayMs));
}
}
return await toRetry();
};
};
exports.retryWrapper = retryWrapper;
/***/ }),
/***/ 8605:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
var __webpack_unused_export__;
__webpack_unused_export__ = ({ value: true });
exports.fromHttp = void 0;
var fromHttp_1 = __webpack_require__(8712);
Object.defineProperty(exports, "fromHttp", ({ enumerable: true, get: function () { return fromHttp_1.fromHttp; } }));
/***/ })
};
;

225
dist/cleanup/869.index.js generated vendored Normal file
View file

@ -0,0 +1,225 @@
"use strict";
exports.id = 869;
exports.ids = [869];
exports.modules = {
/***/ 5869:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
var sharedIniFileLoader = __webpack_require__(4964);
var propertyProvider = __webpack_require__(1238);
var client = __webpack_require__(5152);
const resolveCredentialSource = (credentialSource, profileName, logger) => {
const sourceProvidersMap = {
EcsContainer: async (options) => {
const { fromHttp } = await __webpack_require__.e(/* import() */ 605).then(__webpack_require__.bind(__webpack_require__, 8605));
const { fromContainerMetadata } = await __webpack_require__.e(/* import() */ 566).then(__webpack_require__.t.bind(__webpack_require__, 566, 19));
logger?.debug("@aws-sdk/credential-provider-ini - credential_source is EcsContainer");
return async () => propertyProvider.chain(fromHttp(options ?? {}), fromContainerMetadata(options))().then(setNamedProvider);
},
Ec2InstanceMetadata: async (options) => {
logger?.debug("@aws-sdk/credential-provider-ini - credential_source is Ec2InstanceMetadata");
const { fromInstanceMetadata } = await __webpack_require__.e(/* import() */ 566).then(__webpack_require__.t.bind(__webpack_require__, 566, 19));
return async () => fromInstanceMetadata(options)().then(setNamedProvider);
},
Environment: async (options) => {
logger?.debug("@aws-sdk/credential-provider-ini - credential_source is Environment");
const { fromEnv } = await Promise.resolve(/* import() */).then(__webpack_require__.t.bind(__webpack_require__, 5606, 19));
return async () => fromEnv(options)().then(setNamedProvider);
},
};
if (credentialSource in sourceProvidersMap) {
return sourceProvidersMap[credentialSource];
}
else {
throw new propertyProvider.CredentialsProviderError(`Unsupported credential source in profile ${profileName}. Got ${credentialSource}, ` +
`expected EcsContainer or Ec2InstanceMetadata or Environment.`, { logger });
}
};
const setNamedProvider = (creds) => client.setCredentialFeature(creds, "CREDENTIALS_PROFILE_NAMED_PROVIDER", "p");
const isAssumeRoleProfile = (arg, { profile = "default", logger } = {}) => {
return (Boolean(arg) &&
typeof arg === "object" &&
typeof arg.role_arn === "string" &&
["undefined", "string"].indexOf(typeof arg.role_session_name) > -1 &&
["undefined", "string"].indexOf(typeof arg.external_id) > -1 &&
["undefined", "string"].indexOf(typeof arg.mfa_serial) > -1 &&
(isAssumeRoleWithSourceProfile(arg, { profile, logger }) || isCredentialSourceProfile(arg, { profile, logger })));
};
const isAssumeRoleWithSourceProfile = (arg, { profile, logger }) => {
const withSourceProfile = typeof arg.source_profile === "string" && typeof arg.credential_source === "undefined";
if (withSourceProfile) {
logger?.debug?.(` ${profile} isAssumeRoleWithSourceProfile source_profile=${arg.source_profile}`);
}
return withSourceProfile;
};
const isCredentialSourceProfile = (arg, { profile, logger }) => {
const withProviderProfile = typeof arg.credential_source === "string" && typeof arg.source_profile === "undefined";
if (withProviderProfile) {
logger?.debug?.(` ${profile} isCredentialSourceProfile credential_source=${arg.credential_source}`);
}
return withProviderProfile;
};
const resolveAssumeRoleCredentials = async (profileName, profiles, options, visitedProfiles = {}) => {
options.logger?.debug("@aws-sdk/credential-provider-ini - resolveAssumeRoleCredentials (STS)");
const profileData = profiles[profileName];
const { source_profile, region } = profileData;
if (!options.roleAssumer) {
const { getDefaultRoleAssumer } = await __webpack_require__.e(/* import() */ 136).then(__webpack_require__.t.bind(__webpack_require__, 1136, 23));
options.roleAssumer = getDefaultRoleAssumer({
...options.clientConfig,
credentialProviderLogger: options.logger,
parentClientConfig: {
...options?.parentClientConfig,
region: region ?? options?.parentClientConfig?.region,
},
}, options.clientPlugins);
}
if (source_profile && source_profile in visitedProfiles) {
throw new propertyProvider.CredentialsProviderError(`Detected a cycle attempting to resolve credentials for profile` +
` ${sharedIniFileLoader.getProfileName(options)}. Profiles visited: ` +
Object.keys(visitedProfiles).join(", "), { logger: options.logger });
}
options.logger?.debug(`@aws-sdk/credential-provider-ini - finding credential resolver using ${source_profile ? `source_profile=[${source_profile}]` : `profile=[${profileName}]`}`);
const sourceCredsProvider = source_profile
? resolveProfileData(source_profile, profiles, options, {
...visitedProfiles,
[source_profile]: true,
}, isCredentialSourceWithoutRoleArn(profiles[source_profile] ?? {}))
: (await resolveCredentialSource(profileData.credential_source, profileName, options.logger)(options))();
if (isCredentialSourceWithoutRoleArn(profileData)) {
return sourceCredsProvider.then((creds) => client.setCredentialFeature(creds, "CREDENTIALS_PROFILE_SOURCE_PROFILE", "o"));
}
else {
const params = {
RoleArn: profileData.role_arn,
RoleSessionName: profileData.role_session_name || `aws-sdk-js-${Date.now()}`,
ExternalId: profileData.external_id,
DurationSeconds: parseInt(profileData.duration_seconds || "3600", 10),
};
const { mfa_serial } = profileData;
if (mfa_serial) {
if (!options.mfaCodeProvider) {
throw new propertyProvider.CredentialsProviderError(`Profile ${profileName} requires multi-factor authentication, but no MFA code callback was provided.`, { logger: options.logger, tryNextLink: false });
}
params.SerialNumber = mfa_serial;
params.TokenCode = await options.mfaCodeProvider(mfa_serial);
}
const sourceCreds = await sourceCredsProvider;
return options.roleAssumer(sourceCreds, params).then((creds) => client.setCredentialFeature(creds, "CREDENTIALS_PROFILE_SOURCE_PROFILE", "o"));
}
};
const isCredentialSourceWithoutRoleArn = (section) => {
return !section.role_arn && !!section.credential_source;
};
const isProcessProfile = (arg) => Boolean(arg) && typeof arg === "object" && typeof arg.credential_process === "string";
const resolveProcessCredentials = async (options, profile) => __webpack_require__.e(/* import() */ 360).then(__webpack_require__.t.bind(__webpack_require__, 5360, 19)).then(({ fromProcess }) => fromProcess({
...options,
profile,
})().then((creds) => client.setCredentialFeature(creds, "CREDENTIALS_PROFILE_PROCESS", "v")));
const resolveSsoCredentials = async (profile, profileData, options = {}) => {
const { fromSSO } = await __webpack_require__.e(/* import() */ 998).then(__webpack_require__.t.bind(__webpack_require__, 998, 19));
return fromSSO({
profile,
logger: options.logger,
parentClientConfig: options.parentClientConfig,
clientConfig: options.clientConfig,
})().then((creds) => {
if (profileData.sso_session) {
return client.setCredentialFeature(creds, "CREDENTIALS_PROFILE_SSO", "r");
}
else {
return client.setCredentialFeature(creds, "CREDENTIALS_PROFILE_SSO_LEGACY", "t");
}
});
};
const isSsoProfile = (arg) => arg &&
(typeof arg.sso_start_url === "string" ||
typeof arg.sso_account_id === "string" ||
typeof arg.sso_session === "string" ||
typeof arg.sso_region === "string" ||
typeof arg.sso_role_name === "string");
const isStaticCredsProfile = (arg) => Boolean(arg) &&
typeof arg === "object" &&
typeof arg.aws_access_key_id === "string" &&
typeof arg.aws_secret_access_key === "string" &&
["undefined", "string"].indexOf(typeof arg.aws_session_token) > -1 &&
["undefined", "string"].indexOf(typeof arg.aws_account_id) > -1;
const resolveStaticCredentials = async (profile, options) => {
options?.logger?.debug("@aws-sdk/credential-provider-ini - resolveStaticCredentials");
const credentials = {
accessKeyId: profile.aws_access_key_id,
secretAccessKey: profile.aws_secret_access_key,
sessionToken: profile.aws_session_token,
...(profile.aws_credential_scope && { credentialScope: profile.aws_credential_scope }),
...(profile.aws_account_id && { accountId: profile.aws_account_id }),
};
return client.setCredentialFeature(credentials, "CREDENTIALS_PROFILE", "n");
};
const isWebIdentityProfile = (arg) => Boolean(arg) &&
typeof arg === "object" &&
typeof arg.web_identity_token_file === "string" &&
typeof arg.role_arn === "string" &&
["undefined", "string"].indexOf(typeof arg.role_session_name) > -1;
const resolveWebIdentityCredentials = async (profile, options) => Promise.all(/* import() */[__webpack_require__.e(136), __webpack_require__.e(956)]).then(__webpack_require__.t.bind(__webpack_require__, 9956, 23)).then(({ fromTokenFile }) => fromTokenFile({
webIdentityTokenFile: profile.web_identity_token_file,
roleArn: profile.role_arn,
roleSessionName: profile.role_session_name,
roleAssumerWithWebIdentity: options.roleAssumerWithWebIdentity,
logger: options.logger,
parentClientConfig: options.parentClientConfig,
})().then((creds) => client.setCredentialFeature(creds, "CREDENTIALS_PROFILE_STS_WEB_ID_TOKEN", "q")));
const resolveProfileData = async (profileName, profiles, options, visitedProfiles = {}, isAssumeRoleRecursiveCall = false) => {
const data = profiles[profileName];
if (Object.keys(visitedProfiles).length > 0 && isStaticCredsProfile(data)) {
return resolveStaticCredentials(data, options);
}
if (isAssumeRoleRecursiveCall || isAssumeRoleProfile(data, { profile: profileName, logger: options.logger })) {
return resolveAssumeRoleCredentials(profileName, profiles, options, visitedProfiles);
}
if (isStaticCredsProfile(data)) {
return resolveStaticCredentials(data, options);
}
if (isWebIdentityProfile(data)) {
return resolveWebIdentityCredentials(data, options);
}
if (isProcessProfile(data)) {
return resolveProcessCredentials(options, profileName);
}
if (isSsoProfile(data)) {
return await resolveSsoCredentials(profileName, data, options);
}
throw new propertyProvider.CredentialsProviderError(`Could not resolve credentials using profile: [${profileName}] in configuration/credentials file(s).`, { logger: options.logger });
};
const fromIni = (_init = {}) => async ({ callerClientConfig } = {}) => {
const init = {
..._init,
parentClientConfig: {
...callerClientConfig,
..._init.parentClientConfig,
},
};
init.logger?.debug("@aws-sdk/credential-provider-ini - fromIni");
const profiles = await sharedIniFileLoader.parseKnownFiles(init);
return resolveProfileData(sharedIniFileLoader.getProfileName({
profile: _init.profile ?? callerClientConfig?.profile,
}), profiles, init);
};
exports.fromIni = fromIni;
/***/ })
};
;

143
dist/cleanup/956.index.js generated vendored Normal file
View file

@ -0,0 +1,143 @@
"use strict";
exports.id = 956;
exports.ids = [956];
exports.modules = {
/***/ 8079:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.fromTokenFile = void 0;
const client_1 = __webpack_require__(5152);
const property_provider_1 = __webpack_require__(1238);
const shared_ini_file_loader_1 = __webpack_require__(4964);
const fs_1 = __webpack_require__(9896);
const fromWebToken_1 = __webpack_require__(4453);
const ENV_TOKEN_FILE = "AWS_WEB_IDENTITY_TOKEN_FILE";
const ENV_ROLE_ARN = "AWS_ROLE_ARN";
const ENV_ROLE_SESSION_NAME = "AWS_ROLE_SESSION_NAME";
const fromTokenFile = (init = {}) => async () => {
init.logger?.debug("@aws-sdk/credential-provider-web-identity - fromTokenFile");
const webIdentityTokenFile = init?.webIdentityTokenFile ?? process.env[ENV_TOKEN_FILE];
const roleArn = init?.roleArn ?? process.env[ENV_ROLE_ARN];
const roleSessionName = init?.roleSessionName ?? process.env[ENV_ROLE_SESSION_NAME];
if (!webIdentityTokenFile || !roleArn) {
throw new property_provider_1.CredentialsProviderError("Web identity configuration not specified", {
logger: init.logger,
});
}
const credentials = await (0, fromWebToken_1.fromWebToken)({
...init,
webIdentityToken: shared_ini_file_loader_1.externalDataInterceptor?.getTokenRecord?.()[webIdentityTokenFile] ??
(0, fs_1.readFileSync)(webIdentityTokenFile, { encoding: "ascii" }),
roleArn,
roleSessionName,
})();
if (webIdentityTokenFile === process.env[ENV_TOKEN_FILE]) {
(0, client_1.setCredentialFeature)(credentials, "CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN", "h");
}
return credentials;
};
exports.fromTokenFile = fromTokenFile;
/***/ }),
/***/ 4453:
/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || (function () {
var ownKeys = function(o) {
ownKeys = Object.getOwnPropertyNames || function (o) {
var ar = [];
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
return ar;
};
return ownKeys(o);
};
return function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
__setModuleDefault(result, mod);
return result;
};
})();
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.fromWebToken = void 0;
const fromWebToken = (init) => async (awsIdentityProperties) => {
init.logger?.debug("@aws-sdk/credential-provider-web-identity - fromWebToken");
const { roleArn, roleSessionName, webIdentityToken, providerId, policyArns, policy, durationSeconds } = init;
let { roleAssumerWithWebIdentity } = init;
if (!roleAssumerWithWebIdentity) {
const { getDefaultRoleAssumerWithWebIdentity } = await Promise.resolve().then(() => __importStar(__webpack_require__(1136)));
roleAssumerWithWebIdentity = getDefaultRoleAssumerWithWebIdentity({
...init.clientConfig,
credentialProviderLogger: init.logger,
parentClientConfig: {
...awsIdentityProperties?.callerClientConfig,
...init.parentClientConfig,
},
}, init.clientPlugins);
}
return roleAssumerWithWebIdentity({
RoleArn: roleArn,
RoleSessionName: roleSessionName ?? `aws-sdk-js-session-${Date.now()}`,
WebIdentityToken: webIdentityToken,
ProviderId: providerId,
PolicyArns: policyArns,
Policy: policy,
DurationSeconds: durationSeconds,
});
};
exports.fromWebToken = fromWebToken;
/***/ }),
/***/ 9956:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
var fromTokenFile = __webpack_require__(8079);
var fromWebToken = __webpack_require__(4453);
Object.keys(fromTokenFile).forEach(function (k) {
if (k !== 'default' && !Object.prototype.hasOwnProperty.call(exports, k)) Object.defineProperty(exports, k, {
enumerable: true,
get: function () { return fromTokenFile[k]; }
});
});
Object.keys(fromWebToken).forEach(function (k) {
if (k !== 'default' && !Object.prototype.hasOwnProperty.call(exports, k)) Object.defineProperty(exports, k, {
enumerable: true,
get: function () { return fromWebToken[k]; }
});
});
/***/ })
};
;

1443
dist/cleanup/998.index.js generated vendored Normal file
View file

File diff suppressed because it is too large Load diff

14111
dist/cleanup/index.js generated vendored
View file

File diff suppressed because it is too large Load diff

14107
dist/index.js generated vendored
View file

File diff suppressed because it is too large Load diff