@aws-sdk/client-cognito-identity 3.511.0 → 3.514.0

package/dist-es/auth/httpAuthSchemeProvider.js

@@ -0,0 +1,62 @@
+import { resolveAwsSdkSigV4Config, } from "@aws-sdk/core";
+import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware";
+export const defaultCognitoIdentityHttpAuthSchemeParametersProvider = async (config, context, input) => {
+    return {
+        operation: getSmithyContext(context).operation,
+        region: (await normalizeProvider(config.region)()) ||
+            (() => {
+                throw new Error("expected `region` to be configured for `aws.auth#sigv4`");
+            })(),
+    };
+};
+function createAwsAuthSigv4HttpAuthOption(authParameters) {
+    return {
+        schemeId: "aws.auth#sigv4",
+        signingProperties: {
+            name: "cognito-identity",
+            region: authParameters.region,
+        },
+        propertiesExtractor: (config, context) => ({
+            signingProperties: {
+                config,
+                context,
+            },
+        }),
+    };
+}
+function createSmithyApiNoAuthHttpAuthOption(authParameters) {
+    return {
+        schemeId: "smithy.api#noAuth",
+    };
+}
+export const defaultCognitoIdentityHttpAuthSchemeProvider = (authParameters) => {
+    const options = [];
+    switch (authParameters.operation) {
+        case "GetCredentialsForIdentity": {
+            options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
+            break;
+        }
+        case "GetId": {
+            options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
+            break;
+        }
+        case "GetOpenIdToken": {
+            options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
+            break;
+        }
+        case "UnlinkIdentity": {
+            options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
+            break;
+        }
+        default: {
+            options.push(createAwsAuthSigv4HttpAuthOption(authParameters));
+        }
+    }
+    return options;
+};
+export const resolveHttpAuthSchemeConfig = (config) => {
+    const config_0 = resolveAwsSdkSigV4Config(config);
+    return {
+        ...config_0,
+    };
+};

package/dist-es/commands/CreateIdentityPoolCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class CreateIdentityPoolCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityService", "CreateIdentityPool", {})

package/dist-es/commands/DeleteIdentitiesCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class DeleteIdentitiesCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityService", "DeleteIdentities", {})

package/dist-es/commands/DeleteIdentityPoolCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class DeleteIdentityPoolCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityService", "DeleteIdentityPool", {})

package/dist-es/commands/DescribeIdentityCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class DescribeIdentityCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityService", "DescribeIdentity", {})

package/dist-es/commands/DescribeIdentityPoolCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class DescribeIdentityPoolCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityService", "DescribeIdentityPool", {})

package/dist-es/commands/GetIdentityPoolRolesCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class GetIdentityPoolRolesCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityService", "GetIdentityPoolRoles", {})

package/dist-es/commands/GetOpenIdTokenForDeveloperIdentityCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class GetOpenIdTokenForDeveloperIdentityCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityService", "GetOpenIdTokenForDeveloperIdentity", {})

package/dist-es/commands/GetPrincipalTagAttributeMapCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class GetPrincipalTagAttributeMapCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityService", "GetPrincipalTagAttributeMap", {})

package/dist-es/commands/ListIdentitiesCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class ListIdentitiesCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityService", "ListIdentities", {})

package/dist-es/commands/ListIdentityPoolsCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class ListIdentityPoolsCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityService", "ListIdentityPools", {})

package/dist-es/commands/ListTagsForResourceCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class ListTagsForResourceCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityService", "ListTagsForResource", {})

package/dist-es/commands/LookupDeveloperIdentityCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class LookupDeveloperIdentityCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityService", "LookupDeveloperIdentity", {})

package/dist-es/commands/MergeDeveloperIdentitiesCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class MergeDeveloperIdentitiesCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityService", "MergeDeveloperIdentities", {})

package/dist-es/commands/SetIdentityPoolRolesCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class SetIdentityPoolRolesCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityService", "SetIdentityPoolRoles", {})

package/dist-es/commands/SetPrincipalTagAttributeMapCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class SetPrincipalTagAttributeMapCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityService", "SetPrincipalTagAttributeMap", {})

package/dist-es/commands/TagResourceCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class TagResourceCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityService", "TagResource", {})

package/dist-es/commands/UnlinkDeveloperIdentityCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class UnlinkDeveloperIdentityCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityService", "UnlinkDeveloperIdentity", {})

package/dist-es/commands/UntagResourceCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class UntagResourceCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityService", "UntagResource", {})

package/dist-es/commands/UpdateIdentityPoolCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -14,7 +13,6 @@ export class UpdateIdentityPoolCommand extends $Command
     return [
         getSerdePlugin(config, this.serialize, this.deserialize),
         getEndpointPlugin(config, Command.getEndpointParameterInstructions()),
-        getAwsAuthPlugin(config),
     ];
 })
     .s("AWSCognitoIdentityService", "UpdateIdentityPool", {})

package/dist-es/runtimeConfig.shared.js

@@ -1,7 +1,10 @@
+import { AwsSdkSigV4Signer } from "@aws-sdk/core";
+import { NoAuthSigner } from "@smithy/core";
 import { NoOpLogger } from "@smithy/smithy-client";
 import { parseUrl } from "@smithy/url-parser";
 import { fromBase64, toBase64 } from "@smithy/util-base64";
 import { fromUtf8, toUtf8 } from "@smithy/util-utf8";
+import { defaultCognitoIdentityHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider";
 import { defaultEndpointResolver } from "./endpoint/endpointResolver";
 export const getRuntimeConfig = (config) => {
     return {
@@ -11,6 +14,19 @@ export const getRuntimeConfig = (config) => {
         disableHostPrefix: config?.disableHostPrefix ?? false,
         endpointProvider: config?.endpointProvider ?? defaultEndpointResolver,
         extensions: config?.extensions ?? [],
+        httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCognitoIdentityHttpAuthSchemeProvider,
+        httpAuthSchemes: config?.httpAuthSchemes ?? [
+            {
+                schemeId: "aws.auth#sigv4",
+                identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"),
+                signer: new AwsSdkSigV4Signer(),
+            },
+            {
+                schemeId: "smithy.api#noAuth",
+                identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
+                signer: new NoAuthSigner(),
+            },
+        ],
         logger: config?.logger ?? new NoOpLogger(),
         serviceId: config?.serviceId ?? "Cognito Identity",
         urlParser: config?.urlParser ?? parseUrl,

package/dist-es/runtimeExtensions.js

@@ -1,12 +1,14 @@
 import { getAwsRegionExtensionConfiguration, resolveAwsRegionExtensionConfiguration, } from "@aws-sdk/region-config-resolver";
 import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http";
 import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client";
+import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration";
 const asPartial = (t) => t;
 export const resolveRuntimeExtensions = (runtimeConfig, extensions) => {
     const extensionConfiguration = {
         ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)),
         ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)),
         ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)),
+        ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)),
     };
     extensions.forEach((extension) => extension.configure(extensionConfiguration));
     return {
@@ -14,5 +16,6 @@ export const resolveRuntimeExtensions = (runtimeConfig, extensions) => {
         ...resolveAwsRegionExtensionConfiguration(extensionConfiguration),
         ...resolveDefaultRuntimeConfig(extensionConfiguration),
         ...resolveHttpHandlerRuntimeConfig(extensionConfiguration),
+        ...resolveHttpAuthRuntimeConfig(extensionConfiguration),
     };
 };

package/dist-types/CognitoIdentityClient.d.ts

@@ -1,13 +1,12 @@
 import { HostHeaderInputConfig, HostHeaderResolvedConfig } from "@aws-sdk/middleware-host-header";
-import { AwsAuthInputConfig, AwsAuthResolvedConfig } from "@aws-sdk/middleware-signing";
 import { UserAgentInputConfig, UserAgentResolvedConfig } from "@aws-sdk/middleware-user-agent";
-import { Credentials as __Credentials } from "@aws-sdk/types";
 import { RegionInputConfig, RegionResolvedConfig } from "@smithy/config-resolver";
 import { EndpointInputConfig, EndpointResolvedConfig } from "@smithy/middleware-endpoint";
 import { RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry";
 import { HttpHandler as __HttpHandler } from "@smithy/protocol-http";
 import { Client as __Client, DefaultsMode as __DefaultsMode, SmithyConfiguration as __SmithyConfiguration, SmithyResolvedConfiguration as __SmithyResolvedConfiguration } from "@smithy/smithy-client";
-import { BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, Decoder as __Decoder, Encoder as __Encoder, HashConstructor as __HashConstructor, HttpHandlerOptions as __HttpHandlerOptions, Logger as __Logger, Provider as __Provider, Provider, StreamCollector as __StreamCollector, UrlParser as __UrlParser, UserAgent as __UserAgent } from "@smithy/types";
+import { AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, Decoder as __Decoder, Encoder as __Encoder, HashConstructor as __HashConstructor, HttpHandlerOptions as __HttpHandlerOptions, Logger as __Logger, Provider as __Provider, Provider, StreamCollector as __StreamCollector, UrlParser as __UrlParser, UserAgent as __UserAgent } from "@smithy/types";
+import { HttpAuthSchemeInputConfig, HttpAuthSchemeResolvedConfig } from "./auth/httpAuthSchemeProvider";
 import { CreateIdentityPoolCommandInput, CreateIdentityPoolCommandOutput } from "./commands/CreateIdentityPoolCommand";
 import { DeleteIdentitiesCommandInput, DeleteIdentitiesCommandOutput } from "./commands/DeleteIdentitiesCommand";
 import { DeleteIdentityPoolCommandInput, DeleteIdentityPoolCommandOutput } from "./commands/DeleteIdentityPoolCommand";
@@ -114,20 +113,21 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__
      * Enables FIPS compatible endpoints.
      */
     useFipsEndpoint?: boolean | __Provider<boolean>;
+    /**
+     * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header
+     * @internal
+     */
+    defaultUserAgentProvider?: Provider<__UserAgent>;
     /**
      * The AWS region to which this client will send requests
      */
     region?: string | __Provider<string>;
     /**
      * Default credentials provider; Not available in browser runtime.
+     * @deprecated
      * @internal
      */
-    credentialDefaultProvider?: (input: any) => __Provider<__Credentials>;
-    /**
-     * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header
-     * @internal
-     */
-    defaultUserAgentProvider?: Provider<__UserAgent>;
+    credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider;
     /**
      * Value for how many times a request will be made at most in case of retry.
      */
@@ -154,7 +154,7 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__
 /**
  * @public
  */
-export type CognitoIdentityClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOptions>> & ClientDefaults & RegionInputConfig & EndpointInputConfig<EndpointParameters> & RetryInputConfig & HostHeaderInputConfig & AwsAuthInputConfig & UserAgentInputConfig & ClientInputEndpointParameters;
+export type CognitoIdentityClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOptions>> & ClientDefaults & RegionInputConfig & EndpointInputConfig<EndpointParameters> & RetryInputConfig & HostHeaderInputConfig & UserAgentInputConfig & HttpAuthSchemeInputConfig & ClientInputEndpointParameters;
 /**
  * @public
  *
@@ -165,7 +165,7 @@ export interface CognitoIdentityClientConfig extends CognitoIdentityClientConfig
 /**
  * @public
  */
-export type CognitoIdentityClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHandlerOptions> & Required<ClientDefaults> & RuntimeExtensionsConfig & RegionResolvedConfig & EndpointResolvedConfig<EndpointParameters> & RetryResolvedConfig & HostHeaderResolvedConfig & AwsAuthResolvedConfig & UserAgentResolvedConfig & ClientResolvedEndpointParameters;
+export type CognitoIdentityClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHandlerOptions> & Required<ClientDefaults> & RuntimeExtensionsConfig & RegionResolvedConfig & EndpointResolvedConfig<EndpointParameters> & RetryResolvedConfig & HostHeaderResolvedConfig & UserAgentResolvedConfig & HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters;
 /**
  * @public
  *
@@ -202,4 +202,6 @@ export declare class CognitoIdentityClient extends __Client<__HttpHandlerOptions
      * Otherwise, sockets might stay open for quite a long time before the server terminates them.
      */
     destroy(): void;
+    private getDefaultHttpAuthSchemeParametersProvider;
+    private getIdentityProviderConfigProvider;
 }

package/dist-types/auth/httpAuthExtensionConfiguration.d.ts

@@ -0,0 +1,29 @@
+import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types";
+import { CognitoIdentityHttpAuthSchemeProvider } from "./httpAuthSchemeProvider";
+/**
+ * @internal
+ */
+export interface HttpAuthExtensionConfiguration {
+    setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void;
+    httpAuthSchemes(): HttpAuthScheme[];
+    setHttpAuthSchemeProvider(httpAuthSchemeProvider: CognitoIdentityHttpAuthSchemeProvider): void;
+    httpAuthSchemeProvider(): CognitoIdentityHttpAuthSchemeProvider;
+    setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void;
+    credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined;
+}
+/**
+ * @internal
+ */
+export type HttpAuthRuntimeConfig = Partial<{
+    httpAuthSchemes: HttpAuthScheme[];
+    httpAuthSchemeProvider: CognitoIdentityHttpAuthSchemeProvider;
+    credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider;
+}>;
+/**
+ * @internal
+ */
+export declare const getHttpAuthExtensionConfiguration: (runtimeConfig: HttpAuthRuntimeConfig) => HttpAuthExtensionConfiguration;
+/**
+ * @internal
+ */
+export declare const resolveHttpAuthRuntimeConfig: (config: HttpAuthExtensionConfiguration) => HttpAuthRuntimeConfig;

package/dist-types/auth/httpAuthSchemeProvider.d.ts

@@ -0,0 +1,61 @@
+import { AwsSdkSigV4AuthInputConfig, AwsSdkSigV4AuthResolvedConfig, AwsSdkSigV4PreviouslyResolved } from "@aws-sdk/core";
+import { HandlerExecutionContext, HttpAuthScheme, HttpAuthSchemeParameters, HttpAuthSchemeParametersProvider, HttpAuthSchemeProvider } from "@smithy/types";
+import { CognitoIdentityClientResolvedConfig } from "../CognitoIdentityClient";
+/**
+ * @internal
+ */
+export interface CognitoIdentityHttpAuthSchemeParameters extends HttpAuthSchemeParameters {
+    region?: string;
+}
+/**
+ * @internal
+ */
+export interface CognitoIdentityHttpAuthSchemeParametersProvider extends HttpAuthSchemeParametersProvider<CognitoIdentityClientResolvedConfig, HandlerExecutionContext, CognitoIdentityHttpAuthSchemeParameters, object> {
+}
+/**
+ * @internal
+ */
+export declare const defaultCognitoIdentityHttpAuthSchemeParametersProvider: (config: CognitoIdentityClientResolvedConfig, context: HandlerExecutionContext, input: object) => Promise<CognitoIdentityHttpAuthSchemeParameters>;
+/**
+ * @internal
+ */
+export interface CognitoIdentityHttpAuthSchemeProvider extends HttpAuthSchemeProvider<CognitoIdentityHttpAuthSchemeParameters> {
+}
+/**
+ * @internal
+ */
+export declare const defaultCognitoIdentityHttpAuthSchemeProvider: CognitoIdentityHttpAuthSchemeProvider;
+/**
+ * @internal
+ */
+export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig {
+    /**
+     * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme.
+     * @internal
+     */
+    httpAuthSchemes?: HttpAuthScheme[];
+    /**
+     * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use.
+     * @internal
+     */
+    httpAuthSchemeProvider?: CognitoIdentityHttpAuthSchemeProvider;
+}
+/**
+ * @internal
+ */
+export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig {
+    /**
+     * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme.
+     * @internal
+     */
+    readonly httpAuthSchemes: HttpAuthScheme[];
+    /**
+     * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use.
+     * @internal
+     */
+    readonly httpAuthSchemeProvider: CognitoIdentityHttpAuthSchemeProvider;
+}
+/**
+ * @internal
+ */
+export declare const resolveHttpAuthSchemeConfig: <T>(config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved) => T & HttpAuthSchemeResolvedConfig;

package/dist-types/extensionConfiguration.d.ts

@@ -1,8 +1,9 @@
 import { AwsRegionExtensionConfiguration } from "@aws-sdk/types";
 import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http";
 import { DefaultExtensionConfiguration } from "@smithy/types";
+import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration";
 /**
  * @internal
  */
-export interface CognitoIdentityExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, AwsRegionExtensionConfiguration {
+export interface CognitoIdentityExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, AwsRegionExtensionConfiguration, HttpAuthExtensionConfiguration {
 }

package/dist-types/runtimeConfig.browser.d.ts

@@ -7,7 +7,7 @@ export declare const getRuntimeConfig: (config: CognitoIdentityClientConfig) =>
     runtime: string;
     defaultsMode: import("@smithy/types").Provider<import("@smithy/smithy-client").ResolvedDefaultsMode>;
     bodyLengthChecker: import("@smithy/types").BodyLengthCalculator;
-    credentialDefaultProvider: (input: any) => import("@smithy/types").Provider<import("@aws-sdk/types").Credentials>;
+    credentialDefaultProvider: (input: any) => import("@smithy/types").AwsCredentialIdentityProvider;
     defaultUserAgentProvider: import("@smithy/types").Provider<import("@smithy/types").UserAgent>;
     maxAttempts: number | import("@smithy/types").Provider<number>;
     region: string | import("@smithy/types").Provider<any>;
@@ -36,11 +36,21 @@ export declare const getRuntimeConfig: (config: CognitoIdentityClientConfig) =>
     }) => import("@smithy/types").EndpointV2;
     tls?: boolean | undefined;
     retryStrategy?: import("@smithy/types").RetryStrategy | import("@smithy/types").RetryStrategyV2 | undefined;
-    credentials?: import("@smithy/types").AwsCredentialIdentity | import("@smithy/types").Provider<import("@smithy/types").AwsCredentialIdentity> | undefined;
+    customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
+    httpAuthSchemes: import("@smithy/types").HttpAuthScheme[] | ({
+        schemeId: string;
+        identityProvider: (ipc: import("@smithy/types").IdentityProviderConfig) => import("@smithy/types").IdentityProvider<import("@smithy/types").Identity> | undefined;
+        signer: import("@aws-sdk/core").AwsSdkSigV4Signer;
+    } | {
+        schemeId: string;
+        identityProvider: (ipc: import("@smithy/types").IdentityProviderConfig) => import("@smithy/types").IdentityProvider<import("@smithy/types").Identity> | (() => Promise<{}>);
+        signer: import("@smithy/core").NoAuthSigner;
+    })[];
+    httpAuthSchemeProvider: import("./auth/httpAuthSchemeProvider").CognitoIdentityHttpAuthSchemeProvider;
+    credentials?: import("@smithy/types").AwsCredentialIdentity | import("@smithy/types").AwsCredentialIdentityProvider | undefined;
     signer?: import("@smithy/types").RequestSigner | ((authScheme?: import("@smithy/types").AuthScheme | undefined) => Promise<import("@smithy/types").RequestSigner>) | undefined;
     signingEscapePath?: boolean | undefined;
     systemClockOffset?: number | undefined;
     signingRegion?: string | undefined;
     signerConstructor?: (new (options: import("@smithy/signature-v4").SignatureV4Init & import("@smithy/signature-v4").SignatureV4CryptoInit) => import("@smithy/types").RequestSigner) | undefined;
-    customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
 };

package/dist-types/runtimeConfig.d.ts

@@ -36,11 +36,21 @@ export declare const getRuntimeConfig: (config: CognitoIdentityClientConfig) =>
     }) => import("@smithy/types").EndpointV2;
     tls?: boolean | undefined;
     retryStrategy?: import("@smithy/types").RetryStrategy | import("@smithy/types").RetryStrategyV2 | undefined;
-    credentials?: import("@smithy/types").AwsCredentialIdentity | import("@smithy/types").Provider<import("@smithy/types").AwsCredentialIdentity> | undefined;
+    customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
+    httpAuthSchemes: import("@smithy/types").HttpAuthScheme[] | ({
+        schemeId: string;
+        identityProvider: (ipc: import("@smithy/types").IdentityProviderConfig) => import("@smithy/types").IdentityProvider<import("@smithy/types").Identity> | undefined;
+        signer: import("@aws-sdk/core").AwsSdkSigV4Signer;
+    } | {
+        schemeId: string;
+        identityProvider: (ipc: import("@smithy/types").IdentityProviderConfig) => import("@smithy/types").IdentityProvider<import("@smithy/types").Identity> | (() => Promise<{}>);
+        signer: import("@smithy/core").NoAuthSigner;
+    })[];
+    httpAuthSchemeProvider: import("./auth/httpAuthSchemeProvider").CognitoIdentityHttpAuthSchemeProvider;
+    credentials?: import("@smithy/types").AwsCredentialIdentity | import("@smithy/types").AwsCredentialIdentityProvider | undefined;
     signer?: import("@smithy/types").RequestSigner | ((authScheme?: import("@smithy/types").AuthScheme | undefined) => Promise<import("@smithy/types").RequestSigner>) | undefined;
     signingEscapePath?: boolean | undefined;
     systemClockOffset?: number | undefined;
     signingRegion?: string | undefined;
     signerConstructor?: (new (options: import("@smithy/signature-v4").SignatureV4Init & import("@smithy/signature-v4").SignatureV4CryptoInit) => import("@smithy/types").RequestSigner) | undefined;
-    customUserAgent?: string | import("@smithy/types").UserAgent | undefined;
 };