@aws-sdk/client-iot 3.509.0 → 3.513.0

package/dist-cjs/auth/httpAuthExtensionConfiguration.js

@@ -0,0 +1 @@
+module.exports = require("../index.js");

package/dist-cjs/auth/httpAuthSchemeProvider.js

@@ -0,0 +1,47 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.resolveHttpAuthSchemeConfig = exports.defaultIoTHttpAuthSchemeProvider = exports.defaultIoTHttpAuthSchemeParametersProvider = void 0;
+const core_1 = require("@aws-sdk/core");
+const util_middleware_1 = require("@smithy/util-middleware");
+const defaultIoTHttpAuthSchemeParametersProvider = async (config, context, input) => {
+    return {
+        operation: (0, util_middleware_1.getSmithyContext)(context).operation,
+        region: (await (0, util_middleware_1.normalizeProvider)(config.region)()) ||
+            (() => {
+                throw new Error("expected `region` to be configured for `aws.auth#sigv4`");
+            })(),
+    };
+};
+exports.defaultIoTHttpAuthSchemeParametersProvider = defaultIoTHttpAuthSchemeParametersProvider;
+function createAwsAuthSigv4HttpAuthOption(authParameters) {
+    return {
+        schemeId: "aws.auth#sigv4",
+        signingProperties: {
+            name: "iot",
+            region: authParameters.region,
+        },
+        propertiesExtractor: (config, context) => ({
+            signingProperties: {
+                config,
+                context,
+            },
+        }),
+    };
+}
+const defaultIoTHttpAuthSchemeProvider = (authParameters) => {
+    const options = [];
+    switch (authParameters.operation) {
+        default: {
+            options.push(createAwsAuthSigv4HttpAuthOption(authParameters));
+        }
+    }
+    return options;
+};
+exports.defaultIoTHttpAuthSchemeProvider = defaultIoTHttpAuthSchemeProvider;
+const resolveHttpAuthSchemeConfig = (config) => {
+    const config_0 = (0, core_1.resolveAwsSdkSigV4Config)(config);
+    return {
+        ...config_0,
+    };
+};
+exports.resolveHttpAuthSchemeConfig = resolveHttpAuthSchemeConfig;

package/dist-cjs/index.js

@@ -463,13 +463,14 @@ module.exports = __toCommonJS(src_exports);
 var import_middleware_host_header = require("@aws-sdk/middleware-host-header");
 var import_middleware_logger = require("@aws-sdk/middleware-logger");
 var import_middleware_recursion_detection = require("@aws-sdk/middleware-recursion-detection");
-var import_middleware_signing = require("@aws-sdk/middleware-signing");
 var import_middleware_user_agent = require("@aws-sdk/middleware-user-agent");
 var import_config_resolver = require("@smithy/config-resolver");
+var import_core = require("@smithy/core");
 var import_middleware_content_length = require("@smithy/middleware-content-length");
 var import_middleware_endpoint = require("@smithy/middleware-endpoint");
 var import_middleware_retry = require("@smithy/middleware-retry");
 
+var import_httpAuthSchemeProvider = require("./auth/httpAuthSchemeProvider");
 
 // src/endpoint/EndpointParameters.ts
 var resolveClientEndpointParameters = /* @__PURE__ */ __name((options) => {
@@ -494,19 +495,62 @@ var import_runtimeConfig = require("././runtimeConfig");
 var import_region_config_resolver = require("@aws-sdk/region-config-resolver");
 var import_protocol_http = require("@smithy/protocol-http");
 var import_smithy_client = require("@smithy/smithy-client");
+
+// src/auth/httpAuthExtensionConfiguration.ts
+var getHttpAuthExtensionConfiguration = /* @__PURE__ */ __name((runtimeConfig) => {
+  const _httpAuthSchemes = runtimeConfig.httpAuthSchemes;
+  let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider;
+  let _credentials = runtimeConfig.credentials;
+  return {
+    setHttpAuthScheme(httpAuthScheme) {
+      const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId);
+      if (index === -1) {
+        _httpAuthSchemes.push(httpAuthScheme);
+      } else {
+        _httpAuthSchemes.splice(index, 1, httpAuthScheme);
+      }
+    },
+    httpAuthSchemes() {
+      return _httpAuthSchemes;
+    },
+    setHttpAuthSchemeProvider(httpAuthSchemeProvider) {
+      _httpAuthSchemeProvider = httpAuthSchemeProvider;
+    },
+    httpAuthSchemeProvider() {
+      return _httpAuthSchemeProvider;
+    },
+    setCredentials(credentials) {
+      _credentials = credentials;
+    },
+    credentials() {
+      return _credentials;
+    }
+  };
+}, "getHttpAuthExtensionConfiguration");
+var resolveHttpAuthRuntimeConfig = /* @__PURE__ */ __name((config) => {
+  return {
+    httpAuthSchemes: config.httpAuthSchemes(),
+    httpAuthSchemeProvider: config.httpAuthSchemeProvider(),
+    credentials: config.credentials()
+  };
+}, "resolveHttpAuthRuntimeConfig");
+
+// src/runtimeExtensions.ts
 var asPartial = /* @__PURE__ */ __name((t) => t, "asPartial");
 var resolveRuntimeExtensions = /* @__PURE__ */ __name((runtimeConfig, extensions) => {
   const extensionConfiguration = {
     ...asPartial((0, import_region_config_resolver.getAwsRegionExtensionConfiguration)(runtimeConfig)),
     ...asPartial((0, import_smithy_client.getDefaultExtensionConfiguration)(runtimeConfig)),
-    ...asPartial((0, import_protocol_http.getHttpHandlerExtensionConfiguration)(runtimeConfig))
+    ...asPartial((0, import_protocol_http.getHttpHandlerExtensionConfiguration)(runtimeConfig)),
+    ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig))
   };
   extensions.forEach((extension) => extension.configure(extensionConfiguration));
   return {
     ...runtimeConfig,
     ...(0, import_region_config_resolver.resolveAwsRegionExtensionConfiguration)(extensionConfiguration),
     ...(0, import_smithy_client.resolveDefaultRuntimeConfig)(extensionConfiguration),
-    ...(0, import_protocol_http.resolveHttpHandlerRuntimeConfig)(extensionConfiguration)
+    ...(0, import_protocol_http.resolveHttpHandlerRuntimeConfig)(extensionConfiguration),
+    ...resolveHttpAuthRuntimeConfig(extensionConfiguration)
   };
 }, "resolveRuntimeExtensions");
 
@@ -519,8 +563,8 @@ var _IoTClient = class _IoTClient extends import_smithy_client.Client {
     const _config_3 = (0, import_middleware_endpoint.resolveEndpointConfig)(_config_2);
     const _config_4 = (0, import_middleware_retry.resolveRetryConfig)(_config_3);
     const _config_5 = (0, import_middleware_host_header.resolveHostHeaderConfig)(_config_4);
-    const _config_6 = (0, import_middleware_signing.resolveAwsAuthConfig)(_config_5);
-    const _config_7 = (0, import_middleware_user_agent.resolveUserAgentConfig)(_config_6);
+    const _config_6 = (0, import_middleware_user_agent.resolveUserAgentConfig)(_config_5);
+    const _config_7 = (0, import_httpAuthSchemeProvider.resolveHttpAuthSchemeConfig)(_config_6);
     const _config_8 = resolveRuntimeExtensions(_config_7, (configuration == null ? void 0 : configuration.extensions) || []);
     super(_config_8);
     this.config = _config_8;
@@ -529,9 +573,15 @@ var _IoTClient = class _IoTClient extends import_smithy_client.Client {
     this.middlewareStack.use((0, import_middleware_host_header.getHostHeaderPlugin)(this.config));
     this.middlewareStack.use((0, import_middleware_logger.getLoggerPlugin)(this.config));
     this.middlewareStack.use((0, import_middleware_recursion_detection.getRecursionDetectionPlugin)(this.config));
-    this.middlewareStack.use((0, import_middleware_signing.getAwsAuthPlugin)(this.config));
     this.middlewareStack.use((0, import_middleware_user_agent.getUserAgentPlugin)(this.config));
     this.middlewareStack.use((0, import_middleware_retry.getOmitRetryHeadersPlugin)(this.config));
+    this.middlewareStack.use(
+      (0, import_core.getHttpAuthSchemeEndpointRuleSetPlugin)(this.config, {
+        httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(),
+        identityProviderConfigProvider: this.getIdentityProviderConfigProvider()
+      })
+    );
+    this.middlewareStack.use((0, import_core.getHttpSigningPlugin)(this.config));
   }
   /**
    * Destroy underlying resources, like sockets. It's usually not necessary to do this.
@@ -541,6 +591,14 @@ var _IoTClient = class _IoTClient extends import_smithy_client.Client {
   destroy() {
     super.destroy();
   }
+  getDefaultHttpAuthSchemeParametersProvider() {
+    return import_httpAuthSchemeProvider.defaultIoTHttpAuthSchemeParametersProvider;
+  }
+  getIdentityProviderConfigProvider() {
+    return async (config) => new import_core.DefaultIdentityProviderConfig({
+      "aws.auth#sigv4": config.credentials
+    });
+  }
 };
 __name(_IoTClient, "IoTClient");
 var IoTClient = _IoTClient;
@@ -555,7 +613,7 @@ var import_middleware_serde = require("@smithy/middleware-serde");
 var import_types = require("@smithy/types");
 
 // src/protocols/Aws_restJson1.ts
-var import_core = require("@smithy/core");
+
 
 var import_uuid = require("uuid");
 
@@ -1989,6 +2047,7 @@ var se_CreateDomainConfigurationCommand = /* @__PURE__ */ __name(async (input, c
       authorizerConfig: (_) => (0, import_smithy_client._json)(_),
       domainName: [],
       serverCertificateArns: (_) => (0, import_smithy_client._json)(_),
+      serverCertificateConfig: (_) => (0, import_smithy_client._json)(_),
       serviceType: [],
       tags: (_) => (0, import_smithy_client._json)(_),
       tlsConfig: (_) => (0, import_smithy_client._json)(_),
@@ -4927,6 +4986,7 @@ var se_UpdateDomainConfigurationCommand = /* @__PURE__ */ __name(async (input, c
       authorizerConfig: (_) => (0, import_smithy_client._json)(_),
       domainConfigurationStatus: [],
       removeAuthorizerConfig: [],
+      serverCertificateConfig: (_) => (0, import_smithy_client._json)(_),
       tlsConfig: (_) => (0, import_smithy_client._json)(_)
     })
   );
@@ -6555,6 +6615,7 @@ var de_DescribeDomainConfigurationCommand = /* @__PURE__ */ __name(async (output
     domainName: import_smithy_client.expectString,
     domainType: import_smithy_client.expectString,
     lastStatusChangeDate: (_) => (0, import_smithy_client.expectNonNull)((0, import_smithy_client.parseEpochTimestamp)((0, import_smithy_client.expectNumber)(_))),
+    serverCertificateConfig: import_smithy_client._json,
     serverCertificates: import_smithy_client._json,
     serviceType: import_smithy_client.expectString,
     tlsConfig: import_smithy_client._json

package/dist-cjs/runtimeConfig.shared.js

@@ -1,10 +1,12 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getRuntimeConfig = void 0;
+const core_1 = require("@aws-sdk/core");
 const smithy_client_1 = require("@smithy/smithy-client");
 const url_parser_1 = require("@smithy/url-parser");
 const util_base64_1 = require("@smithy/util-base64");
 const util_utf8_1 = require("@smithy/util-utf8");
+const httpAuthSchemeProvider_1 = require("./auth/httpAuthSchemeProvider");
 const endpointResolver_1 = require("./endpoint/endpointResolver");
 const getRuntimeConfig = (config) => {
     return {
@@ -14,6 +16,14 @@ const getRuntimeConfig = (config) => {
         disableHostPrefix: config?.disableHostPrefix ?? false,
         endpointProvider: config?.endpointProvider ?? endpointResolver_1.defaultEndpointResolver,
         extensions: config?.extensions ?? [],
+        httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? httpAuthSchemeProvider_1.defaultIoTHttpAuthSchemeProvider,
+        httpAuthSchemes: config?.httpAuthSchemes ?? [
+            {
+                schemeId: "aws.auth#sigv4",
+                identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"),
+                signer: new core_1.AwsSdkSigV4Signer(),
+            },
+        ],
         logger: config?.logger ?? new smithy_client_1.NoOpLogger(),
         serviceId: config?.serviceId ?? "IoT",
         urlParser: config?.urlParser ?? url_parser_1.parseUrl,

package/dist-es/IoTClient.js

@@ -1,13 +1,14 @@
 import { getHostHeaderPlugin, resolveHostHeaderConfig, } from "@aws-sdk/middleware-host-header";
 import { getLoggerPlugin } from "@aws-sdk/middleware-logger";
 import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection";
-import { getAwsAuthPlugin, resolveAwsAuthConfig, } from "@aws-sdk/middleware-signing";
 import { getUserAgentPlugin, resolveUserAgentConfig, } from "@aws-sdk/middleware-user-agent";
 import { resolveRegionConfig } from "@smithy/config-resolver";
+import { DefaultIdentityProviderConfig, getHttpAuthSchemeEndpointRuleSetPlugin, getHttpSigningPlugin, } from "@smithy/core";
 import { getContentLengthPlugin } from "@smithy/middleware-content-length";
 import { resolveEndpointConfig } from "@smithy/middleware-endpoint";
 import { getOmitRetryHeadersPlugin, getRetryPlugin, resolveRetryConfig, } from "@smithy/middleware-retry";
 import { Client as __Client, } from "@smithy/smithy-client";
+import { defaultIoTHttpAuthSchemeParametersProvider, resolveHttpAuthSchemeConfig, } from "./auth/httpAuthSchemeProvider";
 import { resolveClientEndpointParameters, } from "./endpoint/EndpointParameters";
 import { getRuntimeConfig as __getRuntimeConfig } from "./runtimeConfig";
 import { resolveRuntimeExtensions } from "./runtimeExtensions";
@@ -20,8 +21,8 @@ export class IoTClient extends __Client {
         const _config_3 = resolveEndpointConfig(_config_2);
         const _config_4 = resolveRetryConfig(_config_3);
         const _config_5 = resolveHostHeaderConfig(_config_4);
-        const _config_6 = resolveAwsAuthConfig(_config_5);
-        const _config_7 = resolveUserAgentConfig(_config_6);
+        const _config_6 = resolveUserAgentConfig(_config_5);
+        const _config_7 = resolveHttpAuthSchemeConfig(_config_6);
         const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []);
         super(_config_8);
         this.config = _config_8;
@@ -30,11 +31,23 @@ export class IoTClient extends __Client {
         this.middlewareStack.use(getHostHeaderPlugin(this.config));
         this.middlewareStack.use(getLoggerPlugin(this.config));
         this.middlewareStack.use(getRecursionDetectionPlugin(this.config));
-        this.middlewareStack.use(getAwsAuthPlugin(this.config));
         this.middlewareStack.use(getUserAgentPlugin(this.config));
         this.middlewareStack.use(getOmitRetryHeadersPlugin(this.config));
+        this.middlewareStack.use(getHttpAuthSchemeEndpointRuleSetPlugin(this.config, {
+            httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(),
+            identityProviderConfigProvider: this.getIdentityProviderConfigProvider(),
+        }));
+        this.middlewareStack.use(getHttpSigningPlugin(this.config));
     }
     destroy() {
         super.destroy();
     }
+    getDefaultHttpAuthSchemeParametersProvider() {
+        return defaultIoTHttpAuthSchemeParametersProvider;
+    }
+    getIdentityProviderConfigProvider() {
+        return async (config) => new DefaultIdentityProviderConfig({
+            "aws.auth#sigv4": config.credentials,
+        });
+    }
 }

package/dist-es/auth/httpAuthExtensionConfiguration.js

@@ -0,0 +1,38 @@
+export const getHttpAuthExtensionConfiguration = (runtimeConfig) => {
+    const _httpAuthSchemes = runtimeConfig.httpAuthSchemes;
+    let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider;
+    let _credentials = runtimeConfig.credentials;
+    return {
+        setHttpAuthScheme(httpAuthScheme) {
+            const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId);
+            if (index === -1) {
+                _httpAuthSchemes.push(httpAuthScheme);
+            }
+            else {
+                _httpAuthSchemes.splice(index, 1, httpAuthScheme);
+            }
+        },
+        httpAuthSchemes() {
+            return _httpAuthSchemes;
+        },
+        setHttpAuthSchemeProvider(httpAuthSchemeProvider) {
+            _httpAuthSchemeProvider = httpAuthSchemeProvider;
+        },
+        httpAuthSchemeProvider() {
+            return _httpAuthSchemeProvider;
+        },
+        setCredentials(credentials) {
+            _credentials = credentials;
+        },
+        credentials() {
+            return _credentials;
+        },
+    };
+};
+export const resolveHttpAuthRuntimeConfig = (config) => {
+    return {
+        httpAuthSchemes: config.httpAuthSchemes(),
+        httpAuthSchemeProvider: config.httpAuthSchemeProvider(),
+        credentials: config.credentials(),
+    };
+};

package/dist-es/auth/httpAuthSchemeProvider.js

@@ -0,0 +1,41 @@
+import { resolveAwsSdkSigV4Config, } from "@aws-sdk/core";
+import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware";
+export const defaultIoTHttpAuthSchemeParametersProvider = async (config, context, input) => {
+    return {
+        operation: getSmithyContext(context).operation,
+        region: (await normalizeProvider(config.region)()) ||
+            (() => {
+                throw new Error("expected `region` to be configured for `aws.auth#sigv4`");
+            })(),
+    };
+};
+function createAwsAuthSigv4HttpAuthOption(authParameters) {
+    return {
+        schemeId: "aws.auth#sigv4",
+        signingProperties: {
+            name: "iot",
+            region: authParameters.region,
+        },
+        propertiesExtractor: (config, context) => ({
+            signingProperties: {
+                config,
+                context,
+            },
+        }),
+    };
+}
+export const defaultIoTHttpAuthSchemeProvider = (authParameters) => {
+    const options = [];
+    switch (authParameters.operation) {
+        default: {
+            options.push(createAwsAuthSigv4HttpAuthOption(authParameters));
+        }
+    }
+    return options;
+};
+export const resolveHttpAuthSchemeConfig = (config) => {
+    const config_0 = resolveAwsSdkSigV4Config(config);
+    return {
+        ...config_0,
+    };
+};

package/dist-es/protocols/Aws_restJson1.js

@@ -341,6 +341,7 @@ export const se_CreateDomainConfigurationCommand = async (input, context) => {
         authorizerConfig: (_) => _json(_),
         domainName: [],
         serverCertificateArns: (_) => _json(_),
+        serverCertificateConfig: (_) => _json(_),
         serviceType: [],
         tags: (_) => _json(_),
         tlsConfig: (_) => _json(_),
@@ -3157,6 +3158,7 @@ export const se_UpdateDomainConfigurationCommand = async (input, context) => {
         authorizerConfig: (_) => _json(_),
         domainConfigurationStatus: [],
         removeAuthorizerConfig: [],
+        serverCertificateConfig: (_) => _json(_),
         tlsConfig: (_) => _json(_),
     }));
     b.m("PUT").h(headers).b(body);
@@ -4746,6 +4748,7 @@ export const de_DescribeDomainConfigurationCommand = async (output, context) =>
         domainName: __expectString,
         domainType: __expectString,
         lastStatusChangeDate: (_) => __expectNonNull(__parseEpochTimestamp(__expectNumber(_))),
+        serverCertificateConfig: _json,
         serverCertificates: _json,
         serviceType: __expectString,
         tlsConfig: _json,

package/dist-es/runtimeConfig.shared.js

@@ -1,7 +1,9 @@
+import { AwsSdkSigV4Signer } from "@aws-sdk/core";
 import { NoOpLogger } from "@smithy/smithy-client";
 import { parseUrl } from "@smithy/url-parser";
 import { fromBase64, toBase64 } from "@smithy/util-base64";
 import { fromUtf8, toUtf8 } from "@smithy/util-utf8";
+import { defaultIoTHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider";
 import { defaultEndpointResolver } from "./endpoint/endpointResolver";
 export const getRuntimeConfig = (config) => {
     return {
@@ -11,6 +13,14 @@ export const getRuntimeConfig = (config) => {
         disableHostPrefix: config?.disableHostPrefix ?? false,
         endpointProvider: config?.endpointProvider ?? defaultEndpointResolver,
         extensions: config?.extensions ?? [],
+        httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIoTHttpAuthSchemeProvider,
+        httpAuthSchemes: config?.httpAuthSchemes ?? [
+            {
+                schemeId: "aws.auth#sigv4",
+                identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"),
+                signer: new AwsSdkSigV4Signer(),
+            },
+        ],
         logger: config?.logger ?? new NoOpLogger(),
         serviceId: config?.serviceId ?? "IoT",
         urlParser: config?.urlParser ?? parseUrl,

package/dist-es/runtimeExtensions.js

@@ -1,12 +1,14 @@
 import { getAwsRegionExtensionConfiguration, resolveAwsRegionExtensionConfiguration, } from "@aws-sdk/region-config-resolver";
 import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http";
 import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client";
+import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration";
 const asPartial = (t) => t;
 export const resolveRuntimeExtensions = (runtimeConfig, extensions) => {
     const extensionConfiguration = {
         ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)),
         ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)),
         ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)),
+        ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)),
     };
     extensions.forEach((extension) => extension.configure(extensionConfiguration));
     return {
@@ -14,5 +16,6 @@ export const resolveRuntimeExtensions = (runtimeConfig, extensions) => {
         ...resolveAwsRegionExtensionConfiguration(extensionConfiguration),
         ...resolveDefaultRuntimeConfig(extensionConfiguration),
         ...resolveHttpHandlerRuntimeConfig(extensionConfiguration),
+        ...resolveHttpAuthRuntimeConfig(extensionConfiguration),
     };
 };

package/dist-types/IoTClient.d.ts

@@ -1,13 +1,12 @@
 import { HostHeaderInputConfig, HostHeaderResolvedConfig } from "@aws-sdk/middleware-host-header";
-import { AwsAuthInputConfig, AwsAuthResolvedConfig } from "@aws-sdk/middleware-signing";
 import { UserAgentInputConfig, UserAgentResolvedConfig } from "@aws-sdk/middleware-user-agent";
-import { Credentials as __Credentials } from "@aws-sdk/types";
 import { RegionInputConfig, RegionResolvedConfig } from "@smithy/config-resolver";
 import { EndpointInputConfig, EndpointResolvedConfig } from "@smithy/middleware-endpoint";
 import { RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry";
 import { HttpHandler as __HttpHandler } from "@smithy/protocol-http";
 import { Client as __Client, DefaultsMode as __DefaultsMode, SmithyConfiguration as __SmithyConfiguration, SmithyResolvedConfiguration as __SmithyResolvedConfiguration } from "@smithy/smithy-client";
-import { BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, Decoder as __Decoder, Encoder as __Encoder, HashConstructor as __HashConstructor, HttpHandlerOptions as __HttpHandlerOptions, Logger as __Logger, Provider as __Provider, Provider, StreamCollector as __StreamCollector, UrlParser as __UrlParser, UserAgent as __UserAgent } from "@smithy/types";
+import { AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, Decoder as __Decoder, Encoder as __Encoder, HashConstructor as __HashConstructor, HttpHandlerOptions as __HttpHandlerOptions, Logger as __Logger, Provider as __Provider, Provider, StreamCollector as __StreamCollector, UrlParser as __UrlParser, UserAgent as __UserAgent } from "@smithy/types";
+import { HttpAuthSchemeInputConfig, HttpAuthSchemeResolvedConfig } from "./auth/httpAuthSchemeProvider";
 import { AcceptCertificateTransferCommandInput, AcceptCertificateTransferCommandOutput } from "./commands/AcceptCertificateTransferCommand";
 import { AddThingToBillingGroupCommandInput, AddThingToBillingGroupCommandOutput } from "./commands/AddThingToBillingGroupCommand";
 import { AddThingToThingGroupCommandInput, AddThingToThingGroupCommandOutput } from "./commands/AddThingToThingGroupCommand";
@@ -346,20 +345,21 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__
      * Enables FIPS compatible endpoints.
      */
     useFipsEndpoint?: boolean | __Provider<boolean>;
+    /**
+     * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header
+     * @internal
+     */
+    defaultUserAgentProvider?: Provider<__UserAgent>;
     /**
      * The AWS region to which this client will send requests
      */
     region?: string | __Provider<string>;
     /**
      * Default credentials provider; Not available in browser runtime.
+     * @deprecated
      * @internal
      */
-    credentialDefaultProvider?: (input: any) => __Provider<__Credentials>;
-    /**
-     * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header
-     * @internal
-     */
-    defaultUserAgentProvider?: Provider<__UserAgent>;
+    credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider;
     /**
      * Value for how many times a request will be made at most in case of retry.
      */
@@ -386,7 +386,7 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__
 /**
  * @public
  */
-export type IoTClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOptions>> & ClientDefaults & RegionInputConfig & EndpointInputConfig<EndpointParameters> & RetryInputConfig & HostHeaderInputConfig & AwsAuthInputConfig & UserAgentInputConfig & ClientInputEndpointParameters;
+export type IoTClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOptions>> & ClientDefaults & RegionInputConfig & EndpointInputConfig<EndpointParameters> & RetryInputConfig & HostHeaderInputConfig & UserAgentInputConfig & HttpAuthSchemeInputConfig & ClientInputEndpointParameters;
 /**
  * @public
  *
@@ -397,7 +397,7 @@ export interface IoTClientConfig extends IoTClientConfigType {
 /**
  * @public
  */
-export type IoTClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHandlerOptions> & Required<ClientDefaults> & RuntimeExtensionsConfig & RegionResolvedConfig & EndpointResolvedConfig<EndpointParameters> & RetryResolvedConfig & HostHeaderResolvedConfig & AwsAuthResolvedConfig & UserAgentResolvedConfig & ClientResolvedEndpointParameters;
+export type IoTClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHandlerOptions> & Required<ClientDefaults> & RuntimeExtensionsConfig & RegionResolvedConfig & EndpointResolvedConfig<EndpointParameters> & RetryResolvedConfig & HostHeaderResolvedConfig & UserAgentResolvedConfig & HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters;
 /**
  * @public
  *
@@ -436,4 +436,6 @@ export declare class IoTClient extends __Client<__HttpHandlerOptions, ServiceInp
      * Otherwise, sockets might stay open for quite a long time before the server terminates them.
      */
     destroy(): void;
+    private getDefaultHttpAuthSchemeParametersProvider;
+    private getIdentityProviderConfigProvider;
 }

package/dist-types/auth/httpAuthExtensionConfiguration.d.ts

@@ -0,0 +1,29 @@
+import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types";
+import { IoTHttpAuthSchemeProvider } from "./httpAuthSchemeProvider";
+/**
+ * @internal
+ */
+export interface HttpAuthExtensionConfiguration {
+    setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void;
+    httpAuthSchemes(): HttpAuthScheme[];
+    setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTHttpAuthSchemeProvider): void;
+    httpAuthSchemeProvider(): IoTHttpAuthSchemeProvider;
+    setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void;
+    credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined;
+}
+/**
+ * @internal
+ */
+export type HttpAuthRuntimeConfig = Partial<{
+    httpAuthSchemes: HttpAuthScheme[];
+    httpAuthSchemeProvider: IoTHttpAuthSchemeProvider;
+    credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider;
+}>;
+/**
+ * @internal
+ */
+export declare const getHttpAuthExtensionConfiguration: (runtimeConfig: HttpAuthRuntimeConfig) => HttpAuthExtensionConfiguration;
+/**
+ * @internal
+ */
+export declare const resolveHttpAuthRuntimeConfig: (config: HttpAuthExtensionConfiguration) => HttpAuthRuntimeConfig;

package/dist-types/auth/httpAuthSchemeProvider.d.ts

@@ -0,0 +1,61 @@
+import { AwsSdkSigV4AuthInputConfig, AwsSdkSigV4AuthResolvedConfig, AwsSdkSigV4PreviouslyResolved } from "@aws-sdk/core";
+import { HandlerExecutionContext, HttpAuthScheme, HttpAuthSchemeParameters, HttpAuthSchemeParametersProvider, HttpAuthSchemeProvider } from "@smithy/types";
+import { IoTClientResolvedConfig } from "../IoTClient";
+/**
+ * @internal
+ */
+export interface IoTHttpAuthSchemeParameters extends HttpAuthSchemeParameters {
+    region?: string;
+}
+/**
+ * @internal
+ */
+export interface IoTHttpAuthSchemeParametersProvider extends HttpAuthSchemeParametersProvider<IoTClientResolvedConfig, HandlerExecutionContext, IoTHttpAuthSchemeParameters, object> {
+}
+/**
+ * @internal
+ */
+export declare const defaultIoTHttpAuthSchemeParametersProvider: (config: IoTClientResolvedConfig, context: HandlerExecutionContext, input: object) => Promise<IoTHttpAuthSchemeParameters>;
+/**
+ * @internal
+ */
+export interface IoTHttpAuthSchemeProvider extends HttpAuthSchemeProvider<IoTHttpAuthSchemeParameters> {
+}
+/**
+ * @internal
+ */
+export declare const defaultIoTHttpAuthSchemeProvider: IoTHttpAuthSchemeProvider;
+/**
+ * @internal
+ */
+export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig {
+    /**
+     * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme.
+     * @internal
+     */
+    httpAuthSchemes?: HttpAuthScheme[];
+    /**
+     * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use.
+     * @internal
+     */
+    httpAuthSchemeProvider?: IoTHttpAuthSchemeProvider;
+}
+/**
+ * @internal
+ */
+export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig {
+    /**
+     * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme.
+     * @internal
+     */
+    readonly httpAuthSchemes: HttpAuthScheme[];
+    /**
+     * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use.
+     * @internal
+     */
+    readonly httpAuthSchemeProvider: IoTHttpAuthSchemeProvider;
+}
+/**
+ * @internal
+ */
+export declare const resolveHttpAuthSchemeConfig: <T>(config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved) => T & HttpAuthSchemeResolvedConfig;

package/dist-types/commands/CreateDomainConfigurationCommand.d.ts

@@ -55,6 +55,9 @@ declare const CreateDomainConfigurationCommand_base: {
  *   tlsConfig: { // TlsConfig
  *     securityPolicy: "STRING_VALUE",
  *   },
+ *   serverCertificateConfig: { // ServerCertificateConfig
+ *     enableOCSPCheck: true || false,
+ *   },
  * };
  * const command = new CreateDomainConfigurationCommand(input);
  * const response = await client.send(command);

package/dist-types/commands/DeleteCustomMetricCommand.d.ts

@@ -1,8 +1,7 @@
 import { Command as $Command } from "@smithy/smithy-client";
 import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 import { IoTClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../IoTClient";
-import { DeleteCustomMetricRequest } from "../models/models_0";
-import { DeleteCustomMetricResponse } from "../models/models_1";
+import { DeleteCustomMetricRequest, DeleteCustomMetricResponse } from "../models/models_1";
 /**
  * @public
  */

package/dist-types/commands/DescribeDomainConfigurationCommand.d.ts

@@ -61,6 +61,9 @@ declare const DescribeDomainConfigurationCommand_base: {
  * //   tlsConfig: { // TlsConfig
  * //     securityPolicy: "STRING_VALUE",
  * //   },
+ * //   serverCertificateConfig: { // ServerCertificateConfig
+ * //     enableOCSPCheck: true || false,
+ * //   },
  * // };
  *
  * ```

package/dist-types/commands/DescribeEndpointCommand.d.ts

@@ -26,7 +26,11 @@ declare const DescribeEndpointCommand_base: {
 };
 /**
  * @public
- * <p>Returns a unique endpoint specific to the Amazon Web Services account making the call.</p>
+ * <p>Returns or creates a unique endpoint specific to the Amazon Web Services account making the
+ *          call.</p>
+ *          <note>
+ *             <p>The first time <code>DescribeEndpoint</code> is called, an endpoint is created. All subsequent calls to <code>DescribeEndpoint</code> return the same endpoint.</p>
+ *          </note>
  *          <p>Requires permission to access the <a href="https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions">DescribeEndpoint</a> action.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.