@aws-sdk/client-sso-oidc 3.774.0 → 3.777.0

package/dist-cjs/auth/httpAuthSchemeProvider.js

@@ -57,8 +57,6 @@ const defaultSSOOIDCHttpAuthSchemeProvider = (authParameters) => {
 exports.defaultSSOOIDCHttpAuthSchemeProvider = defaultSSOOIDCHttpAuthSchemeProvider;
 const resolveHttpAuthSchemeConfig = (config) => {
     const config_0 = (0, core_1.resolveAwsSdkSigV4Config)(config);
-    return {
-        ...config_0,
-    };
+    return Object.assign(config_0, {});
 };
 exports.resolveHttpAuthSchemeConfig = resolveHttpAuthSchemeConfig;

package/dist-cjs/index.js

@@ -67,12 +67,11 @@ var import_httpAuthSchemeProvider = require("./auth/httpAuthSchemeProvider");
 
 // src/endpoint/EndpointParameters.ts
 var resolveClientEndpointParameters = /* @__PURE__ */ __name((options) => {
-  return {
-    ...options,
+  return Object.assign(options, {
     useDualstackEndpoint: options.useDualstackEndpoint ?? false,
     useFipsEndpoint: options.useFipsEndpoint ?? false,
     defaultSigningName: "sso-oauth"
-  };
+  });
 }, "resolveClientEndpointParameters");
 var commonParams = {
   UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" },
@@ -129,22 +128,21 @@ var resolveHttpAuthRuntimeConfig = /* @__PURE__ */ __name((config) => {
 }, "resolveHttpAuthRuntimeConfig");
 
 // src/runtimeExtensions.ts
-var asPartial = /* @__PURE__ */ __name((t) => t, "asPartial");
 var resolveRuntimeExtensions = /* @__PURE__ */ __name((runtimeConfig, extensions) => {
-  const extensionConfiguration = {
-    ...asPartial((0, import_region_config_resolver.getAwsRegionExtensionConfiguration)(runtimeConfig)),
-    ...asPartial((0, import_smithy_client.getDefaultExtensionConfiguration)(runtimeConfig)),
-    ...asPartial((0, import_protocol_http.getHttpHandlerExtensionConfiguration)(runtimeConfig)),
-    ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig))
-  };
+  const extensionConfiguration = Object.assign(
+    (0, import_region_config_resolver.getAwsRegionExtensionConfiguration)(runtimeConfig),
+    (0, import_smithy_client.getDefaultExtensionConfiguration)(runtimeConfig),
+    (0, import_protocol_http.getHttpHandlerExtensionConfiguration)(runtimeConfig),
+    getHttpAuthExtensionConfiguration(runtimeConfig)
+  );
   extensions.forEach((extension) => extension.configure(extensionConfiguration));
-  return {
-    ...runtimeConfig,
-    ...(0, import_region_config_resolver.resolveAwsRegionExtensionConfiguration)(extensionConfiguration),
-    ...(0, import_smithy_client.resolveDefaultRuntimeConfig)(extensionConfiguration),
-    ...(0, import_protocol_http.resolveHttpHandlerRuntimeConfig)(extensionConfiguration),
-    ...resolveHttpAuthRuntimeConfig(extensionConfiguration)
-  };
+  return Object.assign(
+    runtimeConfig,
+    (0, import_region_config_resolver.resolveAwsRegionExtensionConfiguration)(extensionConfiguration),
+    (0, import_smithy_client.resolveDefaultRuntimeConfig)(extensionConfiguration),
+    (0, import_protocol_http.resolveHttpHandlerRuntimeConfig)(extensionConfiguration),
+    resolveHttpAuthRuntimeConfig(extensionConfiguration)
+  );
 }, "resolveRuntimeExtensions");
 
 // src/SSOOIDCClient.ts
@@ -158,6 +156,8 @@ var SSOOIDCClient = class extends import_smithy_client.Client {
   config;
   constructor(...[configuration]) {
     const _config_0 = (0, import_runtimeConfig.getRuntimeConfig)(configuration || {});
+    super(_config_0);
+    this.initConfig = _config_0;
     const _config_1 = resolveClientEndpointParameters(_config_0);
     const _config_2 = (0, import_middleware_user_agent.resolveUserAgentConfig)(_config_1);
     const _config_3 = (0, import_middleware_retry.resolveRetryConfig)(_config_2);
@@ -166,7 +166,6 @@ var SSOOIDCClient = class extends import_smithy_client.Client {
     const _config_6 = (0, import_middleware_endpoint.resolveEndpointConfig)(_config_5);
     const _config_7 = (0, import_httpAuthSchemeProvider.resolveHttpAuthSchemeConfig)(_config_6);
     const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []);
-    super(_config_8);
     this.config = _config_8;
     this.middlewareStack.use((0, import_middleware_user_agent.getUserAgentPlugin)(this.config));
     this.middlewareStack.use((0, import_middleware_retry.getRetryPlugin)(this.config));
@@ -830,6 +829,7 @@ var de_CreateTokenWithIAMCommand = /* @__PURE__ */ __name(async (output, context
   const data = (0, import_smithy_client.expectNonNull)((0, import_smithy_client.expectObject)(await (0, import_core2.parseJsonBody)(output.body, context)), "body");
   const doc = (0, import_smithy_client.take)(data, {
     accessToken: import_smithy_client.expectString,
+    awsAdditionalDetails: import_smithy_client._json,
     expiresIn: import_smithy_client.expectInt32,
     idToken: import_smithy_client.expectString,
     issuedTokenType: import_smithy_client.expectString,

package/dist-es/SSOOIDCClient.js

@@ -17,6 +17,8 @@ export class SSOOIDCClient extends __Client {
     config;
     constructor(...[configuration]) {
         const _config_0 = __getRuntimeConfig(configuration || {});
+        super(_config_0);
+        this.initConfig = _config_0;
         const _config_1 = resolveClientEndpointParameters(_config_0);
         const _config_2 = resolveUserAgentConfig(_config_1);
         const _config_3 = resolveRetryConfig(_config_2);
@@ -25,7 +27,6 @@ export class SSOOIDCClient extends __Client {
         const _config_6 = resolveEndpointConfig(_config_5);
         const _config_7 = resolveHttpAuthSchemeConfig(_config_6);
         const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []);
-        super(_config_8);
         this.config = _config_8;
         this.middlewareStack.use(getUserAgentPlugin(this.config));
         this.middlewareStack.use(getRetryPlugin(this.config));

package/dist-es/auth/httpAuthSchemeProvider.js

@@ -52,7 +52,5 @@ export const defaultSSOOIDCHttpAuthSchemeProvider = (authParameters) => {
 };
 export const resolveHttpAuthSchemeConfig = (config) => {
     const config_0 = resolveAwsSdkSigV4Config(config);
-    return {
-        ...config_0,
-    };
+    return Object.assign(config_0, {});
 };

package/dist-es/endpoint/EndpointParameters.js

@@ -1,10 +1,9 @@
 export const resolveClientEndpointParameters = (options) => {
-    return {
-        ...options,
+    return Object.assign(options, {
         useDualstackEndpoint: options.useDualstackEndpoint ?? false,
         useFipsEndpoint: options.useFipsEndpoint ?? false,
         defaultSigningName: "sso-oauth",
-    };
+    });
 };
 export const commonParams = {
     UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" },

package/dist-es/protocols/Aws_restJson1.js

@@ -112,6 +112,7 @@ export const de_CreateTokenWithIAMCommand = async (output, context) => {
     const data = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body");
     const doc = take(data, {
         accessToken: __expectString,
+        awsAdditionalDetails: _json,
         expiresIn: __expectInt32,
         idToken: __expectString,
         issuedTokenType: __expectString,

package/dist-es/runtimeExtensions.js

@@ -2,20 +2,8 @@ import { getAwsRegionExtensionConfiguration, resolveAwsRegionExtensionConfigurat
 import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http";
 import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client";
 import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration";
-const asPartial = (t) => t;
 export const resolveRuntimeExtensions = (runtimeConfig, extensions) => {
-    const extensionConfiguration = {
-        ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)),
-        ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)),
-        ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)),
-        ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)),
-    };
+    const extensionConfiguration = Object.assign(getAwsRegionExtensionConfiguration(runtimeConfig), getDefaultExtensionConfiguration(runtimeConfig), getHttpHandlerExtensionConfiguration(runtimeConfig), getHttpAuthExtensionConfiguration(runtimeConfig));
     extensions.forEach((extension) => extension.configure(extensionConfiguration));
-    return {
-        ...runtimeConfig,
-        ...resolveAwsRegionExtensionConfiguration(extensionConfiguration),
-        ...resolveDefaultRuntimeConfig(extensionConfiguration),
-        ...resolveHttpHandlerRuntimeConfig(extensionConfiguration),
-        ...resolveHttpAuthRuntimeConfig(extensionConfiguration),
-    };
+    return Object.assign(runtimeConfig, resolveAwsRegionExtensionConfiguration(extensionConfiguration), resolveDefaultRuntimeConfig(extensionConfiguration), resolveHttpHandlerRuntimeConfig(extensionConfiguration), resolveHttpAuthRuntimeConfig(extensionConfiguration));
 };

package/dist-types/commands/CreateTokenCommand.d.ts

@@ -111,54 +111,53 @@ declare const CreateTokenCommand_base: {
  * @throws {@link SSOOIDCServiceException}
  * <p>Base exception class for all service exceptions from SSOOIDC service.</p>
  *
- * @public
+ *
  * @example Call OAuth/OIDC /token endpoint for Device Code grant with Secret authentication
  * ```javascript
  * //
  * const input = {
- *   "clientId": "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
- *   "clientSecret": "VERYLONGSECRETeyJraWQiOiJrZXktMTU2NDAyODA5OSIsImFsZyI6IkhTMzg0In0",
- *   "deviceCode": "yJraWQiOiJrZXktMTU2Njk2ODA4OCIsImFsZyI6IkhTMzIn0EXAMPLEDEVICECODE",
- *   "grantType": "urn:ietf:params:oauth:grant-type:device-code"
+ *   clientId: "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
+ *   clientSecret: "VERYLONGSECRETeyJraWQiOiJrZXktMTU2NDAyODA5OSIsImFsZyI6IkhTMzg0In0",
+ *   deviceCode: "yJraWQiOiJrZXktMTU2Njk2ODA4OCIsImFsZyI6IkhTMzIn0EXAMPLEDEVICECODE",
+ *   grantType: "urn:ietf:params:oauth:grant-type:device-code"
  * };
  * const command = new CreateTokenCommand(input);
  * const response = await client.send(command);
- * /* response ==
+ * /* response is
  * {
- *   "accessToken": "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
- *   "expiresIn": 1579729529,
- *   "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
- *   "tokenType": "Bearer"
+ *   accessToken: "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
+ *   expiresIn: 1579729529,
+ *   refreshToken: "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
+ *   tokenType: "Bearer"
  * }
  * *\/
- * // example id: create-token-for-device-code
  * ```
  *
  * @example Call OAuth/OIDC /token endpoint for Refresh Token grant with Secret authentication
  * ```javascript
  * //
  * const input = {
- *   "clientId": "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
- *   "clientSecret": "VERYLONGSECRETeyJraWQiOiJrZXktMTU2NDAyODA5OSIsImFsZyI6IkhTMzg0In0",
- *   "grantType": "refresh_token",
- *   "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
- *   "scope": [
+ *   clientId: "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
+ *   clientSecret: "VERYLONGSECRETeyJraWQiOiJrZXktMTU2NDAyODA5OSIsImFsZyI6IkhTMzg0In0",
+ *   grantType: "refresh_token",
+ *   refreshToken: "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
+ *   scope: [
  *     "codewhisperer:completions"
  *   ]
  * };
  * const command = new CreateTokenCommand(input);
  * const response = await client.send(command);
- * /* response ==
+ * /* response is
  * {
- *   "accessToken": "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
- *   "expiresIn": 1579729529,
- *   "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
- *   "tokenType": "Bearer"
+ *   accessToken: "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
+ *   expiresIn: 1579729529,
+ *   refreshToken: "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
+ *   tokenType: "Bearer"
  * }
  * *\/
- * // example id: create-token-for-refresh-token
  * ```
  *
+ * @public
  */
 export declare class CreateTokenCommand extends CreateTokenCommand_base {
     /** @internal type navigation helper, not in runtime. */

package/dist-types/commands/CreateTokenWithIAMCommand.d.ts

@@ -64,6 +64,9 @@ declare const CreateTokenWithIAMCommand_base: {
  * //   scope: [ // Scopes
  * //     "STRING_VALUE",
  * //   ],
+ * //   awsAdditionalDetails: { // AwsAdditionalDetails
+ * //     identityContext: "STRING_VALUE",
+ * //   },
  * // };
  *
  * ```
@@ -122,16 +125,16 @@ declare const CreateTokenWithIAMCommand_base: {
  * @throws {@link SSOOIDCServiceException}
  * <p>Base exception class for all service exceptions from SSOOIDC service.</p>
  *
- * @public
+ *
  * @example Call OAuth/OIDC /token endpoint for Authorization Code grant with IAM authentication
  * ```javascript
  * //
  * const input = {
- *   "clientId": "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222",
- *   "code": "yJraWQiOiJrZXktMTU2Njk2ODA4OCIsImFsZyI6IkhTMzg0In0EXAMPLEAUTHCODE",
- *   "grantType": "authorization_code",
- *   "redirectUri": "https://mywebapp.example/redirect",
- *   "scope": [
+ *   clientId: "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222",
+ *   code: "yJraWQiOiJrZXktMTU2Njk2ODA4OCIsImFsZyI6IkhTMzg0In0EXAMPLEAUTHCODE",
+ *   grantType: "authorization_code",
+ *   redirectUri: "https://mywebapp.example/redirect",
+ *   scope: [
  *     "openid",
  *     "aws",
  *     "sts:identity_context"
@@ -139,108 +142,114 @@ declare const CreateTokenWithIAMCommand_base: {
  * };
  * const command = new CreateTokenWithIAMCommand(input);
  * const response = await client.send(command);
- * /* response ==
+ * /* response is
  * {
- *   "accessToken": "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
- *   "expiresIn": 1579729529,
- *   "idToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsInN0czphdWRpdF9jb250ZXh0IjoiRVhBTVBMRUFVRElUQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.Xyah6qbk78qThzJ41iFU2yfGuRqqtKXHrJYwQ8L9Ip0",
- *   "issuedTokenType": "urn:ietf:params:oauth:token-type:refresh_token",
- *   "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
- *   "scope": [
+ *   accessToken: "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
+ *   awsAdditionalDetails: {
+ *     identityContext: "EXAMPLEIDENTITYCONTEXT"
+ *   },
+ *   expiresIn: 1579729529,
+ *   idToken: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsInN0czphdWRpdF9jb250ZXh0IjoiRVhBTVBMRUFVRElUQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.Xyah6qbk78qThzJ41iFU2yfGuRqqtKXHrJYwQ8L9Ip0",
+ *   issuedTokenType: "urn:ietf:params:oauth:token-type:refresh_token",
+ *   refreshToken: "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
+ *   scope: [
  *     "openid",
  *     "aws",
  *     "sts:identity_context"
  *   ],
- *   "tokenType": "Bearer"
+ *   tokenType: "Bearer"
  * }
  * *\/
- * // example id: create-token-with-iam-for-auth-code
  * ```
  *
- * @example Call OAuth/OIDC /token endpoint for Refresh Token grant with IAM authentication
+ * @example Call OAuth/OIDC /token endpoint for JWT Bearer grant with IAM authentication
  * ```javascript
  * //
  * const input = {
- *   "clientId": "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222",
- *   "grantType": "refresh_token",
- *   "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN"
+ *   assertion: "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjFMVE16YWtpaGlSbGFfOHoyQkVKVlhlV01xbyJ9.eyJ2ZXIiOiIyLjAiLCJpc3MiOiJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vOTEyMjA0MGQtNmM2Ny00YzViLWIxMTItMzZhMzA0YjY2ZGFkL3YyLjAiLCJzdWIiOiJBQUFBQUFBQUFBQUFBQUFBQUFBQUFJa3pxRlZyU2FTYUZIeTc4MmJidGFRIiwiYXVkIjoiNmNiMDQwMTgtYTNmNS00NmE3LWI5OTUtOTQwYzc4ZjVhZWYzIiwiZXhwIjoxNTM2MzYxNDExLCJpYXQiOjE1MzYyNzQ3MTEsIm5iZiI6MTUzNjI3NDcxMSwibmFtZSI6IkFiZSBMaW5jb2xuIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiQWJlTGlAbWljcm9zb2Z0LmNvbSIsIm9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC02NmYzLTMzMzJlY2E3ZWE4MSIsInRpZCI6IjkxMjIwNDBkLTZjNjctNGM1Yi1iMTEyLTM2YTMwNGI2NmRhZCIsIm5vbmNlIjoiMTIzNTIzIiwiYWlvIjoiRGYyVVZYTDFpeCFsTUNXTVNPSkJjRmF0emNHZnZGR2hqS3Y4cTVnMHg3MzJkUjVNQjVCaXN2R1FPN1lXQnlqZDhpUURMcSFlR2JJRGFreXA1bW5PcmNkcUhlWVNubHRlcFFtUnA2QUlaOGpZIn0.1AFWW-Ck5nROwSlltm7GzZvDwUkqvhSQpm55TQsmVo9Y59cLhRXpvB8n-55HCr9Z6G_31_UbeUkoz612I2j_Sm9FFShSDDjoaLQr54CreGIJvjtmS3EkK9a7SJBbcpL1MpUtlfygow39tFjY7EVNW9plWUvRrTgVk7lYLprvfzw-CIqw3gHC-T7IK_m_xkr08INERBtaecwhTeN4chPC4W3jdmw_lIxzC48YoQ0dB1L9-ImX98Egypfrlbm0IBL5spFzL6JDZIRRJOu8vecJvj1mq-IUhGt0MacxX8jdxYLP-KUu2d9MbNKpCKJuZ7p8gwTL5B7NlUdh_dmSviPWrw",
+ *   clientId: "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222",
+ *   grantType: "urn:ietf:params:oauth:grant-type:jwt-bearer"
  * };
  * const command = new CreateTokenWithIAMCommand(input);
  * const response = await client.send(command);
- * /* response ==
+ * /* response is
  * {
- *   "accessToken": "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
- *   "expiresIn": 1579729529,
- *   "issuedTokenType": "urn:ietf:params:oauth:token-type:refresh_token",
- *   "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
- *   "scope": [
+ *   accessToken: "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
+ *   awsAdditionalDetails: {
+ *     identityContext: "EXAMPLEIDENTITYCONTEXT"
+ *   },
+ *   expiresIn: 1579729529,
+ *   idToken: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsInN0czphdWRpdF9jb250ZXh0IjoiRVhBTVBMRUFVRElUQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.Xyah6qbk78qThzJ41iFU2yfGuRqqtKXHrJYwQ8L9Ip0",
+ *   issuedTokenType: "urn:ietf:params:oauth:token-type:refresh_token",
+ *   refreshToken: "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
+ *   scope: [
  *     "openid",
  *     "aws",
  *     "sts:identity_context"
  *   ],
- *   "tokenType": "Bearer"
+ *   tokenType: "Bearer"
  * }
  * *\/
- * // example id: create-token-with-iam-for-refresh-token
  * ```
  *
- * @example Call OAuth/OIDC /token endpoint for JWT Bearer grant with IAM authentication
+ * @example Call OAuth/OIDC /token endpoint for Refresh Token grant with IAM authentication
  * ```javascript
  * //
  * const input = {
- *   "assertion": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjFMVE16YWtpaGlSbGFfOHoyQkVKVlhlV01xbyJ9.eyJ2ZXIiOiIyLjAiLCJpc3MiOiJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vOTEyMjA0MGQtNmM2Ny00YzViLWIxMTItMzZhMzA0YjY2ZGFkL3YyLjAiLCJzdWIiOiJBQUFBQUFBQUFBQUFBQUFBQUFBQUFJa3pxRlZyU2FTYUZIeTc4MmJidGFRIiwiYXVkIjoiNmNiMDQwMTgtYTNmNS00NmE3LWI5OTUtOTQwYzc4ZjVhZWYzIiwiZXhwIjoxNTM2MzYxNDExLCJpYXQiOjE1MzYyNzQ3MTEsIm5iZiI6MTUzNjI3NDcxMSwibmFtZSI6IkFiZSBMaW5jb2xuIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiQWJlTGlAbWljcm9zb2Z0LmNvbSIsIm9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC02NmYzLTMzMzJlY2E3ZWE4MSIsInRpZCI6IjkxMjIwNDBkLTZjNjctNGM1Yi1iMTEyLTM2YTMwNGI2NmRhZCIsIm5vbmNlIjoiMTIzNTIzIiwiYWlvIjoiRGYyVVZYTDFpeCFsTUNXTVNPSkJjRmF0emNHZnZGR2hqS3Y4cTVnMHg3MzJkUjVNQjVCaXN2R1FPN1lXQnlqZDhpUURMcSFlR2JJRGFreXA1bW5PcmNkcUhlWVNubHRlcFFtUnA2QUlaOGpZIn0.1AFWW-Ck5nROwSlltm7GzZvDwUkqvhSQpm55TQsmVo9Y59cLhRXpvB8n-55HCr9Z6G_31_UbeUkoz612I2j_Sm9FFShSDDjoaLQr54CreGIJvjtmS3EkK9a7SJBbcpL1MpUtlfygow39tFjY7EVNW9plWUvRrTgVk7lYLprvfzw-CIqw3gHC-T7IK_m_xkr08INERBtaecwhTeN4chPC4W3jdmw_lIxzC48YoQ0dB1L9-ImX98Egypfrlbm0IBL5spFzL6JDZIRRJOu8vecJvj1mq-IUhGt0MacxX8jdxYLP-KUu2d9MbNKpCKJuZ7p8gwTL5B7NlUdh_dmSviPWrw",
- *   "clientId": "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222",
- *   "grantType": "urn:ietf:params:oauth:grant-type:jwt-bearer"
+ *   clientId: "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222",
+ *   grantType: "refresh_token",
+ *   refreshToken: "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN"
  * };
  * const command = new CreateTokenWithIAMCommand(input);
  * const response = await client.send(command);
- * /* response ==
+ * /* response is
  * {
- *   "accessToken": "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
- *   "expiresIn": 1579729529,
- *   "idToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsInN0czphdWRpdF9jb250ZXh0IjoiRVhBTVBMRUFVRElUQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.Xyah6qbk78qThzJ41iFU2yfGuRqqtKXHrJYwQ8L9Ip0",
- *   "issuedTokenType": "urn:ietf:params:oauth:token-type:refresh_token",
- *   "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
- *   "scope": [
+ *   accessToken: "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
+ *   expiresIn: 1579729529,
+ *   issuedTokenType: "urn:ietf:params:oauth:token-type:refresh_token",
+ *   refreshToken: "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
+ *   scope: [
  *     "openid",
  *     "aws",
  *     "sts:identity_context"
  *   ],
- *   "tokenType": "Bearer"
+ *   tokenType: "Bearer"
  * }
  * *\/
- * // example id: create-token-with-iam-for-jwt-bearer
  * ```
  *
  * @example Call OAuth/OIDC /token endpoint for Token Exchange grant with IAM authentication
  * ```javascript
  * //
  * const input = {
- *   "clientId": "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222",
- *   "grantType": "urn:ietf:params:oauth:grant-type:token-exchange",
- *   "requestedTokenType": "urn:ietf:params:oauth:token-type:access_token",
- *   "subjectToken": "aoak-Hig8TUDPNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZDIFFERENTACCESSTOKEN",
- *   "subjectTokenType": "urn:ietf:params:oauth:token-type:access_token"
+ *   clientId: "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222",
+ *   grantType: "urn:ietf:params:oauth:grant-type:token-exchange",
+ *   requestedTokenType: "urn:ietf:params:oauth:token-type:access_token",
+ *   subjectToken: "aoak-Hig8TUDPNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZDIFFERENTACCESSTOKEN",
+ *   subjectTokenType: "urn:ietf:params:oauth:token-type:access_token"
  * };
  * const command = new CreateTokenWithIAMCommand(input);
  * const response = await client.send(command);
- * /* response ==
+ * /* response is
  * {
- *   "accessToken": "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
- *   "expiresIn": 1579729529,
- *   "idToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.5SYiW1kMsuUr7nna-l5tlakM0GNbMHvIM2_n0QD23jM",
- *   "issuedTokenType": "urn:ietf:params:oauth:token-type:access_token",
- *   "scope": [
+ *   accessToken: "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
+ *   awsAdditionalDetails: {
+ *     identityContext: "EXAMPLEIDENTITYCONTEXT"
+ *   },
+ *   expiresIn: 1579729529,
+ *   idToken: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.5SYiW1kMsuUr7nna-l5tlakM0GNbMHvIM2_n0QD23jM",
+ *   issuedTokenType: "urn:ietf:params:oauth:token-type:access_token",
+ *   scope: [
  *     "openid",
  *     "aws",
  *     "sts:identity_context"
  *   ],
- *   "tokenType": "Bearer"
+ *   tokenType: "Bearer"
  * }
  * *\/
- * // example id: create-token-with-iam-for-token-exchange
  * ```
  *
+ * @public
  */
 export declare class CreateTokenWithIAMCommand extends CreateTokenWithIAMCommand_base {
     /** @internal type navigation helper, not in runtime. */

package/dist-types/commands/RegisterClientCommand.d.ts

@@ -95,40 +95,40 @@ declare const RegisterClientCommand_base: {
  * @throws {@link SSOOIDCServiceException}
  * <p>Base exception class for all service exceptions from SSOOIDC service.</p>
  *
- * @public
+ *
  * @example Call OAuth/OIDC /register-client endpoint
  * ```javascript
  * //
  * const input = {
- *   "clientName": "My IDE Plugin",
- *   "clientType": "public",
- *   "entitledApplicationArn": "arn:aws:sso::ACCOUNTID:application/ssoins-1111111111111111/apl-1111111111111111",
- *   "grantTypes": [
+ *   clientName: "My IDE Plugin",
+ *   clientType: "public",
+ *   entitledApplicationArn: "arn:aws:sso::ACCOUNTID:application/ssoins-1111111111111111/apl-1111111111111111",
+ *   grantTypes: [
  *     "authorization_code",
  *     "refresh_token"
  *   ],
- *   "issuerUrl": "https://identitycenter.amazonaws.com/ssoins-1111111111111111",
- *   "redirectUris": [
+ *   issuerUrl: "https://identitycenter.amazonaws.com/ssoins-1111111111111111",
+ *   redirectUris: [
  *     "127.0.0.1:PORT/oauth/callback"
  *   ],
- *   "scopes": [
+ *   scopes: [
  *     "sso:account:access",
  *     "codewhisperer:completions"
  *   ]
  * };
  * const command = new RegisterClientCommand(input);
  * const response = await client.send(command);
- * /* response ==
+ * /* response is
  * {
- *   "clientId": "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
- *   "clientIdIssuedAt": 1579725929,
- *   "clientSecret": "VERYLONGSECRETeyJraWQiOiJrZXktMTU2NDAyODA5OSIsImFsZyI6IkhTMzg0In0",
- *   "clientSecretExpiresAt": 1587584729
+ *   clientId: "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
+ *   clientIdIssuedAt: 1579725929,
+ *   clientSecret: "VERYLONGSECRETeyJraWQiOiJrZXktMTU2NDAyODA5OSIsImFsZyI6IkhTMzg0In0",
+ *   clientSecretExpiresAt: 1587584729
  * }
  * *\/
- * // example id: register-client
  * ```
  *
+ * @public
  */
 export declare class RegisterClientCommand extends RegisterClientCommand_base {
     /** @internal type navigation helper, not in runtime. */

package/dist-types/commands/StartDeviceAuthorizationCommand.d.ts

@@ -83,30 +83,30 @@ declare const StartDeviceAuthorizationCommand_base: {
  * @throws {@link SSOOIDCServiceException}
  * <p>Base exception class for all service exceptions from SSOOIDC service.</p>
  *
- * @public
+ *
  * @example Call OAuth/OIDC /start-device-authorization endpoint
  * ```javascript
  * //
  * const input = {
- *   "clientId": "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
- *   "clientSecret": "VERYLONGSECRETeyJraWQiOiJrZXktMTU2NDAyODA5OSIsImFsZyI6IkhTMzg0In0",
- *   "startUrl": "https://identitycenter.amazonaws.com/ssoins-111111111111"
+ *   clientId: "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
+ *   clientSecret: "VERYLONGSECRETeyJraWQiOiJrZXktMTU2NDAyODA5OSIsImFsZyI6IkhTMzg0In0",
+ *   startUrl: "https://identitycenter.amazonaws.com/ssoins-111111111111"
  * };
  * const command = new StartDeviceAuthorizationCommand(input);
  * const response = await client.send(command);
- * /* response ==
+ * /* response is
  * {
- *   "deviceCode": "yJraWQiOiJrZXktMTU2Njk2ODA4OCIsImFsZyI6IkhTMzIn0EXAMPLEDEVICECODE",
- *   "expiresIn": 1579729529,
- *   "interval": 1,
- *   "userCode": "makdfsk83yJraWQiOiJrZXktMTU2Njk2sImFsZyI6IkhTMzIn0EXAMPLEUSERCODE",
- *   "verificationUri": "https://device.sso.us-west-2.amazonaws.com",
- *   "verificationUriComplete": "https://device.sso.us-west-2.amazonaws.com?user_code=makdfsk83yJraWQiOiJrZXktMTU2Njk2sImFsZyI6IkhTMzIn0EXAMPLEUSERCODE"
+ *   deviceCode: "yJraWQiOiJrZXktMTU2Njk2ODA4OCIsImFsZyI6IkhTMzIn0EXAMPLEDEVICECODE",
+ *   expiresIn: 1579729529,
+ *   interval: 1,
+ *   userCode: "makdfsk83yJraWQiOiJrZXktMTU2Njk2sImFsZyI6IkhTMzIn0EXAMPLEUSERCODE",
+ *   verificationUri: "https://directory-alias-example.awsapps.com/start/#/device",
+ *   verificationUriComplete: "https://directory-alias-example.awsapps.com/start/#/device?user_code=makdfsk83yJraWQiOiJrZXktMTU2Njk2sImFsZyI6IkhTMzIn0EXAMPLEUSERCODE"
  * }
  * *\/
- * // example id: start-device-authorization
  * ```
  *
+ * @public
  */
 export declare class StartDeviceAuthorizationCommand extends StartDeviceAuthorizationCommand_base {
     /** @internal type navigation helper, not in runtime. */

package/dist-types/models/models_0.d.ts

@@ -48,6 +48,20 @@ export declare class AuthorizationPendingException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<AuthorizationPendingException, __BaseException>);
 }
+/**
+ * <p>This structure contains Amazon Web Services-specific parameter extensions for the token endpoint
+ *       responses and includes the identity context.</p>
+ * @public
+ */
+export interface AwsAdditionalDetails {
+    /**
+     * <p>STS context assertion that carries a user identifier to the Amazon Web Services service that it calls
+     *       and can be used to obtain an identity-enhanced IAM role session. This value corresponds to
+     *       the <code>sts:identity_context</code> claim in the ID token.</p>
+     * @public
+     */
+    identityContext?: string | undefined;
+}
 /**
  * @public
  */
@@ -526,6 +540,14 @@ export interface CreateTokenWithIAMResponse {
      * @public
      */
     scope?: string[] | undefined;
+    /**
+     * <p>A structure containing information from the <code>idToken</code>. Only the
+     *         <code>identityContext</code> is in it, which is a value extracted from the
+     *         <code>idToken</code>. This provides direct access to identity information without requiring
+     *       JWT parsing.</p>
+     * @public
+     */
+    awsAdditionalDetails?: AwsAdditionalDetails | undefined;
 }
 /**
  * <p>Indicates that a token provided as input to the request was issued by and is only usable

package/dist-types/ts3.4/models/models_0.d.ts

@@ -18,6 +18,9 @@ export declare class AuthorizationPendingException extends __BaseException {
     opts: __ExceptionOptionType<AuthorizationPendingException, __BaseException>
   );
 }
+export interface AwsAdditionalDetails {
+  identityContext?: string | undefined;
+}
 export interface CreateTokenRequest {
   clientId: string | undefined;
   clientSecret: string | undefined;
@@ -136,6 +139,7 @@ export interface CreateTokenWithIAMResponse {
   idToken?: string | undefined;
   issuedTokenType?: string | undefined;
   scope?: string[] | undefined;
+  awsAdditionalDetails?: AwsAdditionalDetails | undefined;
 }
 export declare class InvalidRequestRegionException extends __BaseException {
   readonly name: "InvalidRequestRegionException";

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-sso-oidc",
   "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native",
-  "version": "3.774.0",
+  "version": "3.777.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "node ../../scripts/compilation/inline client-sso-oidc",
@@ -20,41 +20,41 @@
   "dependencies": {
     "@aws-crypto/sha256-browser": "5.2.0",
     "@aws-crypto/sha256-js": "5.2.0",
-    "@aws-sdk/core": "3.774.0",
-    "@aws-sdk/credential-provider-node": "3.774.0",
-    "@aws-sdk/middleware-host-header": "3.774.0",
-    "@aws-sdk/middleware-logger": "3.734.0",
-    "@aws-sdk/middleware-recursion-detection": "3.772.0",
-    "@aws-sdk/middleware-user-agent": "3.774.0",
-    "@aws-sdk/region-config-resolver": "3.734.0",
-    "@aws-sdk/types": "3.734.0",
-    "@aws-sdk/util-endpoints": "3.743.0",
-    "@aws-sdk/util-user-agent-browser": "3.734.0",
-    "@aws-sdk/util-user-agent-node": "3.774.0",
-    "@smithy/config-resolver": "^4.0.1",
-    "@smithy/core": "^3.1.5",
-    "@smithy/fetch-http-handler": "^5.0.1",
-    "@smithy/hash-node": "^4.0.1",
-    "@smithy/invalid-dependency": "^4.0.1",
-    "@smithy/middleware-content-length": "^4.0.1",
-    "@smithy/middleware-endpoint": "^4.0.6",
-    "@smithy/middleware-retry": "^4.0.7",
-    "@smithy/middleware-serde": "^4.0.2",
-    "@smithy/middleware-stack": "^4.0.1",
-    "@smithy/node-config-provider": "^4.0.1",
-    "@smithy/node-http-handler": "^4.0.3",
-    "@smithy/protocol-http": "^5.0.1",
-    "@smithy/smithy-client": "^4.1.6",
-    "@smithy/types": "^4.1.0",
-    "@smithy/url-parser": "^4.0.1",
+    "@aws-sdk/core": "3.775.0",
+    "@aws-sdk/credential-provider-node": "3.777.0",
+    "@aws-sdk/middleware-host-header": "3.775.0",
+    "@aws-sdk/middleware-logger": "3.775.0",
+    "@aws-sdk/middleware-recursion-detection": "3.775.0",
+    "@aws-sdk/middleware-user-agent": "3.775.0",
+    "@aws-sdk/region-config-resolver": "3.775.0",
+    "@aws-sdk/types": "3.775.0",
+    "@aws-sdk/util-endpoints": "3.775.0",
+    "@aws-sdk/util-user-agent-browser": "3.775.0",
+    "@aws-sdk/util-user-agent-node": "3.775.0",
+    "@smithy/config-resolver": "^4.1.0",
+    "@smithy/core": "^3.2.0",
+    "@smithy/fetch-http-handler": "^5.0.2",
+    "@smithy/hash-node": "^4.0.2",
+    "@smithy/invalid-dependency": "^4.0.2",
+    "@smithy/middleware-content-length": "^4.0.2",
+    "@smithy/middleware-endpoint": "^4.1.0",
+    "@smithy/middleware-retry": "^4.1.0",
+    "@smithy/middleware-serde": "^4.0.3",
+    "@smithy/middleware-stack": "^4.0.2",
+    "@smithy/node-config-provider": "^4.0.2",
+    "@smithy/node-http-handler": "^4.0.4",
+    "@smithy/protocol-http": "^5.1.0",
+    "@smithy/smithy-client": "^4.2.0",
+    "@smithy/types": "^4.2.0",
+    "@smithy/url-parser": "^4.0.2",
     "@smithy/util-base64": "^4.0.0",
     "@smithy/util-body-length-browser": "^4.0.0",
     "@smithy/util-body-length-node": "^4.0.0",
-    "@smithy/util-defaults-mode-browser": "^4.0.7",
-    "@smithy/util-defaults-mode-node": "^4.0.7",
-    "@smithy/util-endpoints": "^3.0.1",
-    "@smithy/util-middleware": "^4.0.1",
-    "@smithy/util-retry": "^4.0.1",
+    "@smithy/util-defaults-mode-browser": "^4.0.8",
+    "@smithy/util-defaults-mode-node": "^4.0.8",
+    "@smithy/util-endpoints": "^3.0.2",
+    "@smithy/util-middleware": "^4.0.2",
+    "@smithy/util-retry": "^4.0.2",
     "@smithy/util-utf8": "^4.0.0",
     "tslib": "^2.6.2"
   },