@aws-sdk/client-cognito-identity-provider 3.511.0 → 3.513.0

package/dist-es/commands/UpdateResourceServerCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class UpdateResourceServerCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityProviderService", "UpdateResourceServer", {})

package/dist-es/commands/UpdateUserPoolClientCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -15,7 +14,6 @@ export class UpdateUserPoolClientCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityProviderService", "UpdateUserPoolClient", {})

package/dist-es/commands/UpdateUserPoolCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class UpdateUserPoolCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityProviderService", "UpdateUserPool", {})

package/dist-es/commands/UpdateUserPoolDomainCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class UpdateUserPoolDomainCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityProviderService", "UpdateUserPoolDomain", {})

package/dist-es/runtimeConfig.shared.js

@@ -1,7 +1,10 @@
+import { AwsSdkSigV4Signer } from "@aws-sdk/core";
+import { NoAuthSigner } from "@smithy/core";
 import { NoOpLogger } from "@smithy/smithy-client";
 import { parseUrl } from "@smithy/url-parser";
 import { fromBase64, toBase64 } from "@smithy/util-base64";
 import { fromUtf8, toUtf8 } from "@smithy/util-utf8";
+import { defaultCognitoIdentityProviderHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider";
 import { defaultEndpointResolver } from "./endpoint/endpointResolver";
 export const getRuntimeConfig = (config) => {
     return {
@@ -11,6 +14,19 @@ export const getRuntimeConfig = (config) => {
         disableHostPrefix: config?.disableHostPrefix ?? false,
         endpointProvider: config?.endpointProvider ?? defaultEndpointResolver,
         extensions: config?.extensions ?? [],
+        httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCognitoIdentityProviderHttpAuthSchemeProvider,
+        httpAuthSchemes: config?.httpAuthSchemes ?? [
+            {
+                schemeId: "aws.auth#sigv4",
+                identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"),
+                signer: new AwsSdkSigV4Signer(),
+            },
+            {
+                schemeId: "smithy.api#noAuth",
+                identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
+                signer: new NoAuthSigner(),
+            },
+        ],
         logger: config?.logger ?? new NoOpLogger(),
         serviceId: config?.serviceId ?? "Cognito Identity Provider",
         urlParser: config?.urlParser ?? parseUrl,

package/dist-es/runtimeExtensions.js

@@ -1,12 +1,14 @@
 import { getAwsRegionExtensionConfiguration, resolveAwsRegionExtensionConfiguration, } from "@aws-sdk/region-config-resolver";
 import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http";
 import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client";
+import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration";
 const asPartial = (t) => t;
 export const resolveRuntimeExtensions = (runtimeConfig, extensions) => {
     const extensionConfiguration = {
         ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)),
         ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)),
         ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)),
+        ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)),
     };
     extensions.forEach((extension) => extension.configure(extensionConfiguration));
     return {
@@ -14,5 +16,6 @@ export const resolveRuntimeExtensions = (runtimeConfig, extensions) => {
         ...resolveAwsRegionExtensionConfiguration(extensionConfiguration),
         ...resolveDefaultRuntimeConfig(extensionConfiguration),
         ...resolveHttpHandlerRuntimeConfig(extensionConfiguration),
+        ...resolveHttpAuthRuntimeConfig(extensionConfiguration),
     };
 };

package/dist-types/CognitoIdentityProviderClient.d.ts

@@ -1,13 +1,12 @@
 import { HostHeaderInputConfig, HostHeaderResolvedConfig } from "@aws-sdk/middleware-host-header";
-import { AwsAuthInputConfig, AwsAuthResolvedConfig } from "@aws-sdk/middleware-signing";
 import { UserAgentInputConfig, UserAgentResolvedConfig } from "@aws-sdk/middleware-user-agent";
-import { Credentials as __Credentials } from "@aws-sdk/types";
 import { RegionInputConfig, RegionResolvedConfig } from "@smithy/config-resolver";
 import { EndpointInputConfig, EndpointResolvedConfig } from "@smithy/middleware-endpoint";
 import { RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry";
 import { HttpHandler as __HttpHandler } from "@smithy/protocol-http";
 import { Client as __Client, DefaultsMode as __DefaultsMode, SmithyConfiguration as __SmithyConfiguration, SmithyResolvedConfiguration as __SmithyResolvedConfiguration } from "@smithy/smithy-client";
-import { BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, Decoder as __Decoder, Encoder as __Encoder, HashConstructor as __HashConstructor, HttpHandlerOptions as __HttpHandlerOptions, Logger as __Logger, Provider as __Provider, Provider, StreamCollector as __StreamCollector, UrlParser as __UrlParser, UserAgent as __UserAgent } from "@smithy/types";
+import { AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, Decoder as __Decoder, Encoder as __Encoder, HashConstructor as __HashConstructor, HttpHandlerOptions as __HttpHandlerOptions, Logger as __Logger, Provider as __Provider, Provider, StreamCollector as __StreamCollector, UrlParser as __UrlParser, UserAgent as __UserAgent } from "@smithy/types";
+import { HttpAuthSchemeInputConfig, HttpAuthSchemeResolvedConfig } from "./auth/httpAuthSchemeProvider";
 import { AddCustomAttributesCommandInput, AddCustomAttributesCommandOutput } from "./commands/AddCustomAttributesCommand";
 import { AdminAddUserToGroupCommandInput, AdminAddUserToGroupCommandOutput } from "./commands/AdminAddUserToGroupCommand";
 import { AdminConfirmSignUpCommandInput, AdminConfirmSignUpCommandOutput } from "./commands/AdminConfirmSignUpCommand";
@@ -194,20 +193,21 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__
      * Enables FIPS compatible endpoints.
      */
     useFipsEndpoint?: boolean | __Provider<boolean>;
+    /**
+     * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header
+     * @internal
+     */
+    defaultUserAgentProvider?: Provider<__UserAgent>;
     /**
      * The AWS region to which this client will send requests
      */
     region?: string | __Provider<string>;
     /**
      * Default credentials provider; Not available in browser runtime.
+     * @deprecated
      * @internal
      */
-    credentialDefaultProvider?: (input: any) => __Provider<__Credentials>;
-    /**
-     * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header
-     * @internal
-     */
-    defaultUserAgentProvider?: Provider<__UserAgent>;
+    credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider;
     /**
      * Value for how many times a request will be made at most in case of retry.
      */
@@ -234,7 +234,7 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__
 /**
  * @public
  */
-export type CognitoIdentityProviderClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOptions>> & ClientDefaults & RegionInputConfig & EndpointInputConfig<EndpointParameters> & RetryInputConfig & HostHeaderInputConfig & AwsAuthInputConfig & UserAgentInputConfig & ClientInputEndpointParameters;
+export type CognitoIdentityProviderClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOptions>> & ClientDefaults & RegionInputConfig & EndpointInputConfig<EndpointParameters> & RetryInputConfig & HostHeaderInputConfig & UserAgentInputConfig & HttpAuthSchemeInputConfig & ClientInputEndpointParameters;
 /**
  * @public
  *
@@ -245,7 +245,7 @@ export interface CognitoIdentityProviderClientConfig extends CognitoIdentityProv
 /**
  * @public
  */
-export type CognitoIdentityProviderClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHandlerOptions> & Required<ClientDefaults> & RuntimeExtensionsConfig & RegionResolvedConfig & EndpointResolvedConfig<EndpointParameters> & RetryResolvedConfig & HostHeaderResolvedConfig & AwsAuthResolvedConfig & UserAgentResolvedConfig & ClientResolvedEndpointParameters;
+export type CognitoIdentityProviderClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHandlerOptions> & Required<ClientDefaults> & RuntimeExtensionsConfig & RegionResolvedConfig & EndpointResolvedConfig<EndpointParameters> & RetryResolvedConfig & HostHeaderResolvedConfig & UserAgentResolvedConfig & HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters;
 /**
  * @public
  *
@@ -351,4 +351,6 @@ export declare class CognitoIdentityProviderClient extends __Client<__HttpHandle
      * Otherwise, sockets might stay open for quite a long time before the server terminates them.
      */
     destroy(): void;
+    private getDefaultHttpAuthSchemeParametersProvider;
+    private getIdentityProviderConfigProvider;
 }

package/dist-types/auth/httpAuthExtensionConfiguration.d.ts

@@ -0,0 +1,29 @@
+import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types";
+import { CognitoIdentityProviderHttpAuthSchemeProvider } from "./httpAuthSchemeProvider";
+/**
+ * @internal
+ */
+export interface HttpAuthExtensionConfiguration {
+    setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void;
+    httpAuthSchemes(): HttpAuthScheme[];
+    setHttpAuthSchemeProvider(httpAuthSchemeProvider: CognitoIdentityProviderHttpAuthSchemeProvider): void;
+    httpAuthSchemeProvider(): CognitoIdentityProviderHttpAuthSchemeProvider;
+    setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void;
+    credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined;
+}
+/**
+ * @internal
+ */
+export type HttpAuthRuntimeConfig = Partial<{
+    httpAuthSchemes: HttpAuthScheme[];
+    httpAuthSchemeProvider: CognitoIdentityProviderHttpAuthSchemeProvider;
+    credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider;
+}>;
+/**
+ * @internal
+ */
+export declare const getHttpAuthExtensionConfiguration: (runtimeConfig: HttpAuthRuntimeConfig) => HttpAuthExtensionConfiguration;
+/**
+ * @internal
+ */
+export declare const resolveHttpAuthRuntimeConfig: (config: HttpAuthExtensionConfiguration) => HttpAuthRuntimeConfig;

package/dist-types/auth/httpAuthSchemeProvider.d.ts

@@ -0,0 +1,61 @@
+import { AwsSdkSigV4AuthInputConfig, AwsSdkSigV4AuthResolvedConfig, AwsSdkSigV4PreviouslyResolved } from "@aws-sdk/core";
+import { HandlerExecutionContext, HttpAuthScheme, HttpAuthSchemeParameters, HttpAuthSchemeParametersProvider, HttpAuthSchemeProvider } from "@smithy/types";
+import { CognitoIdentityProviderClientResolvedConfig } from "../CognitoIdentityProviderClient";
+/**
+ * @internal
+ */
+export interface CognitoIdentityProviderHttpAuthSchemeParameters extends HttpAuthSchemeParameters {
+    region?: string;
+}
+/**
+ * @internal
+ */
+export interface CognitoIdentityProviderHttpAuthSchemeParametersProvider extends HttpAuthSchemeParametersProvider<CognitoIdentityProviderClientResolvedConfig, HandlerExecutionContext, CognitoIdentityProviderHttpAuthSchemeParameters, object> {
+}
+/**
+ * @internal
+ */
+export declare const defaultCognitoIdentityProviderHttpAuthSchemeParametersProvider: (config: CognitoIdentityProviderClientResolvedConfig, context: HandlerExecutionContext, input: object) => Promise<CognitoIdentityProviderHttpAuthSchemeParameters>;
+/**
+ * @internal
+ */
+export interface CognitoIdentityProviderHttpAuthSchemeProvider extends HttpAuthSchemeProvider<CognitoIdentityProviderHttpAuthSchemeParameters> {
+}
+/**
+ * @internal
+ */
+export declare const defaultCognitoIdentityProviderHttpAuthSchemeProvider: CognitoIdentityProviderHttpAuthSchemeProvider;
+/**
+ * @internal
+ */
+export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig {
+    /**
+     * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme.
+     * @internal
+     */
+    httpAuthSchemes?: HttpAuthScheme[];
+    /**
+     * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use.
+     * @internal
+     */
+    httpAuthSchemeProvider?: CognitoIdentityProviderHttpAuthSchemeProvider;
+}
+/**
+ * @internal
+ */
+export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig {
+    /**
+     * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme.
+     * @internal
+     */
+    readonly httpAuthSchemes: HttpAuthScheme[];
+    /**
+     * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use.
+     * @internal
+     */
+    readonly httpAuthSchemeProvider: CognitoIdentityProviderHttpAuthSchemeProvider;
+}
+/**
+ * @internal
+ */
+export declare const resolveHttpAuthSchemeConfig: <T>(config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved) => T & HttpAuthSchemeResolvedConfig;

package/dist-types/extensionConfiguration.d.ts

@@ -1,8 +1,9 @@
 import { AwsRegionExtensionConfiguration } from "@aws-sdk/types";
 import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http";
 import { DefaultExtensionConfiguration } from "@smithy/types";
+import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration";
 /**
  * @internal
  */
-export interface CognitoIdentityProviderExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, AwsRegionExtensionConfiguration {
+export interface CognitoIdentityProviderExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, AwsRegionExtensionConfiguration, HttpAuthExtensionConfiguration {
 }

package/dist-types/runtimeConfig.browser.d.ts

@@ -7,7 +7,7 @@ export declare const getRuntimeConfig: (config: CognitoIdentityProviderClientCon
     runtime: string;
     defaultsMode: import("@smithy/types").Provider<import("@smithy/smithy-client").ResolvedDefaultsMode>;
     bodyLengthChecker: import("@smithy/types").BodyLengthCalculator;
-    credentialDefaultProvider: (input: any) => import("@smithy/types").Provider<import("@aws-sdk/types").Credentials>;
+    credentialDefaultProvider: (input: any) => import("@smithy/types").AwsCredentialIdentityProvider;
     defaultUserAgentProvider: import("@smithy/types").Provider<import("@smithy/types").UserAgent>;
     maxAttempts: number | import("@smithy/types").Provider<number>;
     region: string | import("@smithy/types").Provider<any>;
@@ -36,11 +36,21 @@ export declare const getRuntimeConfig: (config: CognitoIdentityProviderClientCon
     }) => import("@smithy/types").EndpointV2;
     tls?: boolean | undefined;
     retryStrategy?: import("@smithy/types").RetryStrategy | import("@smithy/types").RetryStrategyV2 | undefined;
-    credentials?: import("@smithy/types").AwsCredentialIdentity | import("@smithy/types").Provider<import("@smithy/types").AwsCredentialIdentity> | undefined;
+    customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
+    httpAuthSchemes: import("@smithy/types").HttpAuthScheme[] | ({
+        schemeId: string;
+        identityProvider: (ipc: import("@smithy/types").IdentityProviderConfig) => import("@smithy/types").IdentityProvider<import("@smithy/types").Identity> | undefined;
+        signer: import("@aws-sdk/core").AwsSdkSigV4Signer;
+    } | {
+        schemeId: string;
+        identityProvider: (ipc: import("@smithy/types").IdentityProviderConfig) => import("@smithy/types").IdentityProvider<import("@smithy/types").Identity> | (() => Promise<{}>);
+        signer: import("@smithy/core").NoAuthSigner;
+    })[];
+    httpAuthSchemeProvider: import("./auth/httpAuthSchemeProvider").CognitoIdentityProviderHttpAuthSchemeProvider;
+    credentials?: import("@smithy/types").AwsCredentialIdentity | import("@smithy/types").AwsCredentialIdentityProvider | undefined;
     signer?: import("@smithy/types").RequestSigner | ((authScheme?: import("@smithy/types").AuthScheme | undefined) => Promise<import("@smithy/types").RequestSigner>) | undefined;
     signingEscapePath?: boolean | undefined;
     systemClockOffset?: number | undefined;
     signingRegion?: string | undefined;
     signerConstructor?: (new (options: import("@smithy/signature-v4").SignatureV4Init & import("@smithy/signature-v4").SignatureV4CryptoInit) => import("@smithy/types").RequestSigner) | undefined;
-    customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
 };

package/dist-types/runtimeConfig.d.ts

@@ -36,11 +36,21 @@ export declare const getRuntimeConfig: (config: CognitoIdentityProviderClientCon
     }) => import("@smithy/types").EndpointV2;
     tls?: boolean | undefined;
     retryStrategy?: import("@smithy/types").RetryStrategy | import("@smithy/types").RetryStrategyV2 | undefined;
-    credentials?: import("@smithy/types").AwsCredentialIdentity | import("@smithy/types").Provider<import("@smithy/types").AwsCredentialIdentity> | undefined;
+    customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
+    httpAuthSchemes: import("@smithy/types").HttpAuthScheme[] | ({
+        schemeId: string;
+        identityProvider: (ipc: import("@smithy/types").IdentityProviderConfig) => import("@smithy/types").IdentityProvider<import("@smithy/types").Identity> | undefined;
+        signer: import("@aws-sdk/core").AwsSdkSigV4Signer;
+    } | {
+        schemeId: string;
+        identityProvider: (ipc: import("@smithy/types").IdentityProviderConfig) => import("@smithy/types").IdentityProvider<import("@smithy/types").Identity> | (() => Promise<{}>);
+        signer: import("@smithy/core").NoAuthSigner;
+    })[];
+    httpAuthSchemeProvider: import("./auth/httpAuthSchemeProvider").CognitoIdentityProviderHttpAuthSchemeProvider;
+    credentials?: import("@smithy/types").AwsCredentialIdentity | import("@smithy/types").AwsCredentialIdentityProvider | undefined;
     signer?: import("@smithy/types").RequestSigner | ((authScheme?: import("@smithy/types").AuthScheme | undefined) => Promise<import("@smithy/types").RequestSigner>) | undefined;
     signingEscapePath?: boolean | undefined;
     systemClockOffset?: number | undefined;
     signingRegion?: string | undefined;
     signerConstructor?: (new (options: import("@smithy/signature-v4").SignatureV4Init & import("@smithy/signature-v4").SignatureV4CryptoInit) => import("@smithy/types").RequestSigner) | undefined;
-    customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
 };

package/dist-types/runtimeConfig.native.d.ts

@@ -21,9 +21,9 @@ export declare const getRuntimeConfig: (config: CognitoIdentityProviderClientCon
     serviceId: string;
     useDualstackEndpoint: boolean | import("@smithy/types").Provider<boolean>;
     useFipsEndpoint: boolean | import("@smithy/types").Provider<boolean>;
-    region: string | import("@smithy/types").Provider<any>;
-    credentialDefaultProvider: (input: any) => import("@smithy/types").Provider<import("@aws-sdk/types").Credentials>;
     defaultUserAgentProvider: import("@smithy/types").Provider<import("@smithy/types").UserAgent>;
+    region: string | import("@smithy/types").Provider<any>;
+    credentialDefaultProvider: (input: any) => import("@smithy/types").AwsCredentialIdentityProvider;
     maxAttempts: number | import("@smithy/types").Provider<number>;
     retryMode: string | import("@smithy/types").Provider<string>;
     logger: import("@smithy/types").Logger;
@@ -35,11 +35,21 @@ export declare const getRuntimeConfig: (config: CognitoIdentityProviderClientCon
     }) => import("@smithy/types").EndpointV2;
     tls?: boolean | undefined;
     retryStrategy?: import("@smithy/types").RetryStrategy | import("@smithy/types").RetryStrategyV2 | undefined;
-    credentials?: import("@smithy/types").AwsCredentialIdentity | import("@smithy/types").Provider<import("@smithy/types").AwsCredentialIdentity> | undefined;
+    customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
+    httpAuthSchemes: import("@smithy/types").HttpAuthScheme[] | ({
+        schemeId: string;
+        identityProvider: (ipc: import("@smithy/types").IdentityProviderConfig) => import("@smithy/types").IdentityProvider<import("@smithy/types").Identity> | undefined;
+        signer: import("@aws-sdk/core").AwsSdkSigV4Signer;
+    } | {
+        schemeId: string;
+        identityProvider: (ipc: import("@smithy/types").IdentityProviderConfig) => import("@smithy/types").IdentityProvider<import("@smithy/types").Identity> | (() => Promise<{}>);
+        signer: import("@smithy/core").NoAuthSigner;
+    })[];
+    httpAuthSchemeProvider: import("./auth/httpAuthSchemeProvider").CognitoIdentityProviderHttpAuthSchemeProvider;
+    credentials?: import("@smithy/types").AwsCredentialIdentity | import("@smithy/types").AwsCredentialIdentityProvider | undefined;
     signer?: import("@smithy/types").RequestSigner | ((authScheme?: import("@smithy/types").AuthScheme | undefined) => Promise<import("@smithy/types").RequestSigner>) | undefined;
     signingEscapePath?: boolean | undefined;
     systemClockOffset?: number | undefined;
     signingRegion?: string | undefined;
     signerConstructor?: (new (options: import("@smithy/signature-v4").SignatureV4Init & import("@smithy/signature-v4").SignatureV4CryptoInit) => import("@smithy/types").RequestSigner) | undefined;
-    customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
 };

package/dist-types/runtimeConfig.shared.d.ts

@@ -1,3 +1,6 @@
+import { AwsSdkSigV4Signer } from "@aws-sdk/core";
+import { NoAuthSigner } from "@smithy/core";
+import { IdentityProviderConfig } from "@smithy/types";
 import { CognitoIdentityProviderClientConfig } from "./CognitoIdentityProviderClient";
 /**
  * @internal
@@ -11,6 +14,16 @@ export declare const getRuntimeConfig: (config: CognitoIdentityProviderClientCon
         logger?: import("@smithy/types").Logger | undefined;
     }) => import("@smithy/types").EndpointV2;
     extensions: import("./runtimeExtensions").RuntimeExtension[];
+    httpAuthSchemeProvider: import("./auth/httpAuthSchemeProvider").CognitoIdentityProviderHttpAuthSchemeProvider;
+    httpAuthSchemes: import("@smithy/types").HttpAuthScheme[] | ({
+        schemeId: string;
+        identityProvider: (ipc: IdentityProviderConfig) => import("@smithy/types").IdentityProvider<import("@smithy/types").Identity> | undefined;
+        signer: AwsSdkSigV4Signer;
+    } | {
+        schemeId: string;
+        identityProvider: (ipc: IdentityProviderConfig) => import("@smithy/types").IdentityProvider<import("@smithy/types").Identity> | (() => Promise<{}>);
+        signer: NoAuthSigner;
+    })[];
     logger: import("@smithy/types").Logger;
     serviceId: string;
     urlParser: import("@smithy/types").UrlParser;

package/dist-types/ts3.4/CognitoIdentityProviderClient.d.ts

@@ -2,15 +2,10 @@ import {
   HostHeaderInputConfig,
   HostHeaderResolvedConfig,
 } from "@aws-sdk/middleware-host-header";
-import {
-  AwsAuthInputConfig,
-  AwsAuthResolvedConfig,
-} from "@aws-sdk/middleware-signing";
 import {
   UserAgentInputConfig,
   UserAgentResolvedConfig,
 } from "@aws-sdk/middleware-user-agent";
-import { Credentials as __Credentials } from "@aws-sdk/types";
 import {
   RegionInputConfig,
   RegionResolvedConfig,
@@ -31,6 +26,7 @@ import {
   SmithyResolvedConfiguration as __SmithyResolvedConfiguration,
 } from "@smithy/smithy-client";
 import {
+  AwsCredentialIdentityProvider,
   BodyLengthCalculator as __BodyLengthCalculator,
   CheckOptionalClientConfig as __CheckOptionalClientConfig,
   ChecksumConstructor as __ChecksumConstructor,
@@ -45,6 +41,10 @@ import {
   UrlParser as __UrlParser,
   UserAgent as __UserAgent,
 } from "@smithy/types";
+import {
+  HttpAuthSchemeInputConfig,
+  HttpAuthSchemeResolvedConfig,
+} from "./auth/httpAuthSchemeProvider";
 import {
   AddCustomAttributesCommandInput,
   AddCustomAttributesCommandOutput,
@@ -688,9 +688,9 @@ export interface ClientDefaults
   serviceId?: string;
   useDualstackEndpoint?: boolean | __Provider<boolean>;
   useFipsEndpoint?: boolean | __Provider<boolean>;
-  region?: string | __Provider<string>;
-  credentialDefaultProvider?: (input: any) => __Provider<__Credentials>;
   defaultUserAgentProvider?: Provider<__UserAgent>;
+  region?: string | __Provider<string>;
+  credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider;
   maxAttempts?: number | __Provider<number>;
   retryMode?: string | __Provider<string>;
   logger?: __Logger;
@@ -705,8 +705,8 @@ export type CognitoIdentityProviderClientConfigType = Partial<
   EndpointInputConfig<EndpointParameters> &
   RetryInputConfig &
   HostHeaderInputConfig &
-  AwsAuthInputConfig &
   UserAgentInputConfig &
+  HttpAuthSchemeInputConfig &
   ClientInputEndpointParameters;
 export interface CognitoIdentityProviderClientConfig
   extends CognitoIdentityProviderClientConfigType {}
@@ -718,8 +718,8 @@ export type CognitoIdentityProviderClientResolvedConfigType =
     EndpointResolvedConfig<EndpointParameters> &
     RetryResolvedConfig &
     HostHeaderResolvedConfig &
-    AwsAuthResolvedConfig &
     UserAgentResolvedConfig &
+    HttpAuthSchemeResolvedConfig &
     ClientResolvedEndpointParameters;
 export interface CognitoIdentityProviderClientResolvedConfig
   extends CognitoIdentityProviderClientResolvedConfigType {}
@@ -736,4 +736,6 @@ export declare class CognitoIdentityProviderClient extends __Client<
     ]: __CheckOptionalClientConfig<CognitoIdentityProviderClientConfig>
   );
   destroy(): void;
+  private getDefaultHttpAuthSchemeParametersProvider;
+  private getIdentityProviderConfigProvider;
 }

package/dist-types/ts3.4/auth/httpAuthExtensionConfiguration.d.ts

@@ -0,0 +1,32 @@
+import {
+  AwsCredentialIdentity,
+  AwsCredentialIdentityProvider,
+  HttpAuthScheme,
+} from "@smithy/types";
+import { CognitoIdentityProviderHttpAuthSchemeProvider } from "./httpAuthSchemeProvider";
+export interface HttpAuthExtensionConfiguration {
+  setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void;
+  httpAuthSchemes(): HttpAuthScheme[];
+  setHttpAuthSchemeProvider(
+    httpAuthSchemeProvider: CognitoIdentityProviderHttpAuthSchemeProvider
+  ): void;
+  httpAuthSchemeProvider(): CognitoIdentityProviderHttpAuthSchemeProvider;
+  setCredentials(
+    credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider
+  ): void;
+  credentials():
+    | AwsCredentialIdentity
+    | AwsCredentialIdentityProvider
+    | undefined;
+}
+export type HttpAuthRuntimeConfig = Partial<{
+  httpAuthSchemes: HttpAuthScheme[];
+  httpAuthSchemeProvider: CognitoIdentityProviderHttpAuthSchemeProvider;
+  credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider;
+}>;
+export declare const getHttpAuthExtensionConfiguration: (
+  runtimeConfig: HttpAuthRuntimeConfig
+) => HttpAuthExtensionConfiguration;
+export declare const resolveHttpAuthRuntimeConfig: (
+  config: HttpAuthExtensionConfiguration
+) => HttpAuthRuntimeConfig;

package/dist-types/ts3.4/auth/httpAuthSchemeProvider.d.ts

@@ -0,0 +1,44 @@
+import {
+  AwsSdkSigV4AuthInputConfig,
+  AwsSdkSigV4AuthResolvedConfig,
+  AwsSdkSigV4PreviouslyResolved,
+} from "@aws-sdk/core";
+import {
+  HandlerExecutionContext,
+  HttpAuthScheme,
+  HttpAuthSchemeParameters,
+  HttpAuthSchemeParametersProvider,
+  HttpAuthSchemeProvider,
+} from "@smithy/types";
+import { CognitoIdentityProviderClientResolvedConfig } from "../CognitoIdentityProviderClient";
+export interface CognitoIdentityProviderHttpAuthSchemeParameters
+  extends HttpAuthSchemeParameters {
+  region?: string;
+}
+export interface CognitoIdentityProviderHttpAuthSchemeParametersProvider
+  extends HttpAuthSchemeParametersProvider<
+    CognitoIdentityProviderClientResolvedConfig,
+    HandlerExecutionContext,
+    CognitoIdentityProviderHttpAuthSchemeParameters,
+    object
+  > {}
+export declare const defaultCognitoIdentityProviderHttpAuthSchemeParametersProvider: (
+  config: CognitoIdentityProviderClientResolvedConfig,
+  context: HandlerExecutionContext,
+  input: object
+) => Promise<CognitoIdentityProviderHttpAuthSchemeParameters>;
+export interface CognitoIdentityProviderHttpAuthSchemeProvider
+  extends HttpAuthSchemeProvider<CognitoIdentityProviderHttpAuthSchemeParameters> {}
+export declare const defaultCognitoIdentityProviderHttpAuthSchemeProvider: CognitoIdentityProviderHttpAuthSchemeProvider;
+export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig {
+  httpAuthSchemes?: HttpAuthScheme[];
+  httpAuthSchemeProvider?: CognitoIdentityProviderHttpAuthSchemeProvider;
+}
+export interface HttpAuthSchemeResolvedConfig
+  extends AwsSdkSigV4AuthResolvedConfig {
+  readonly httpAuthSchemes: HttpAuthScheme[];
+  readonly httpAuthSchemeProvider: CognitoIdentityProviderHttpAuthSchemeProvider;
+}
+export declare const resolveHttpAuthSchemeConfig: <T>(
+  config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved
+) => T & HttpAuthSchemeResolvedConfig;

package/dist-types/ts3.4/extensionConfiguration.d.ts

@@ -1,7 +1,9 @@
 import { AwsRegionExtensionConfiguration } from "@aws-sdk/types";
 import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http";
 import { DefaultExtensionConfiguration } from "@smithy/types";
+import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration";
 export interface CognitoIdentityProviderExtensionConfiguration
   extends HttpHandlerExtensionConfiguration,
     DefaultExtensionConfiguration,
-    AwsRegionExtensionConfiguration {}
+    AwsRegionExtensionConfiguration,
+    HttpAuthExtensionConfiguration {}

package/dist-types/ts3.4/runtimeConfig.browser.d.ts

@@ -10,7 +10,7 @@ export declare const getRuntimeConfig: (
   bodyLengthChecker: import("@smithy/types").BodyLengthCalculator;
   credentialDefaultProvider: (
     input: any
-  ) => import("@smithy/types").Provider<import("@aws-sdk/types").Credentials>;
+  ) => import("@smithy/types").AwsCredentialIdentityProvider;
   defaultUserAgentProvider: import("@smithy/types").Provider<
     import("@smithy/types").UserAgent
   >;
@@ -74,11 +74,37 @@ export declare const getRuntimeConfig: (
     | import("@smithy/types").RetryStrategy
     | import("@smithy/types").RetryStrategyV2
     | undefined;
+  customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
+  httpAuthSchemes:
+    | import("@smithy/types").HttpAuthScheme[]
+    | (
+        | {
+            schemeId: string;
+            identityProvider: (
+              ipc: import("@smithy/types").IdentityProviderConfig
+            ) =>
+              | import("@smithy/types").IdentityProvider<
+                  import("@smithy/types").Identity
+                >
+              | undefined;
+            signer: import("@aws-sdk/core").AwsSdkSigV4Signer;
+          }
+        | {
+            schemeId: string;
+            identityProvider: (
+              ipc: import("@smithy/types").IdentityProviderConfig
+            ) =>
+              | import("@smithy/types").IdentityProvider<
+                  import("@smithy/types").Identity
+                >
+              | (() => Promise<{}>);
+            signer: import("@smithy/core").NoAuthSigner;
+          }
+      )[];
+  httpAuthSchemeProvider: import("./auth/httpAuthSchemeProvider").CognitoIdentityProviderHttpAuthSchemeProvider;
   credentials?:
     | import("@smithy/types").AwsCredentialIdentity
-    | import("@smithy/types").Provider<
-        import("@smithy/types").AwsCredentialIdentity
-      >
+    | import("@smithy/types").AwsCredentialIdentityProvider
     | undefined;
   signer?:
     | import("@smithy/types").RequestSigner
@@ -95,5 +121,4 @@ export declare const getRuntimeConfig: (
           import("@smithy/signature-v4").SignatureV4CryptoInit
       ) => import("@smithy/types").RequestSigner)
     | undefined;
-  customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
 };