@aws-sdk/client-sts 3.473.0 → 3.476.0

package/dist-cjs/STSClient.js

@@ -4,18 +4,27 @@ exports.STSClient = exports.__Client = void 0;
 const middleware_host_header_1 = require("@aws-sdk/middleware-host-header");
 const middleware_logger_1 = require("@aws-sdk/middleware-logger");
 const middleware_recursion_detection_1 = require("@aws-sdk/middleware-recursion-detection");
-const middleware_sdk_sts_1 = require("@aws-sdk/middleware-sdk-sts");
 const middleware_user_agent_1 = require("@aws-sdk/middleware-user-agent");
 const config_resolver_1 = require("@smithy/config-resolver");
+const core_1 = require("@smithy/core");
 const middleware_content_length_1 = require("@smithy/middleware-content-length");
 const middleware_endpoint_1 = require("@smithy/middleware-endpoint");
 const middleware_retry_1 = require("@smithy/middleware-retry");
 const smithy_client_1 = require("@smithy/smithy-client");
 Object.defineProperty(exports, "__Client", { enumerable: true, get: function () { return smithy_client_1.Client; } });
+const httpAuthSchemeProvider_1 = require("./auth/httpAuthSchemeProvider");
 const EndpointParameters_1 = require("./endpoint/EndpointParameters");
 const runtimeConfig_1 = require("./runtimeConfig");
 const runtimeExtensions_1 = require("./runtimeExtensions");
 class STSClient extends smithy_client_1.Client {
+    getDefaultHttpAuthSchemeParametersProvider() {
+        return httpAuthSchemeProvider_1.defaultSTSHttpAuthSchemeParametersProvider;
+    }
+    getIdentityProviderConfigProvider() {
+        return async (config) => new core_1.DefaultIdentityProviderConfig({
+            "aws.auth#sigv4": config.credentials,
+        });
+    }
     constructor(...[configuration]) {
         const _config_0 = (0, runtimeConfig_1.getRuntimeConfig)(configuration || {});
         const _config_1 = (0, EndpointParameters_1.resolveClientEndpointParameters)(_config_0);
@@ -23,8 +32,8 @@ class STSClient extends smithy_client_1.Client {
         const _config_3 = (0, middleware_endpoint_1.resolveEndpointConfig)(_config_2);
         const _config_4 = (0, middleware_retry_1.resolveRetryConfig)(_config_3);
         const _config_5 = (0, middleware_host_header_1.resolveHostHeaderConfig)(_config_4);
-        const _config_6 = (0, middleware_sdk_sts_1.resolveStsAuthConfig)(_config_5, { stsClientCtor: STSClient });
-        const _config_7 = (0, middleware_user_agent_1.resolveUserAgentConfig)(_config_6);
+        const _config_6 = (0, middleware_user_agent_1.resolveUserAgentConfig)(_config_5);
+        const _config_7 = (0, httpAuthSchemeProvider_1.resolveHttpAuthSchemeConfig)(_config_6);
         const _config_8 = (0, runtimeExtensions_1.resolveRuntimeExtensions)(_config_7, configuration?.extensions || []);
         super(_config_8);
         this.config = _config_8;
@@ -34,6 +43,11 @@ class STSClient extends smithy_client_1.Client {
         this.middlewareStack.use((0, middleware_logger_1.getLoggerPlugin)(this.config));
         this.middlewareStack.use((0, middleware_recursion_detection_1.getRecursionDetectionPlugin)(this.config));
         this.middlewareStack.use((0, middleware_user_agent_1.getUserAgentPlugin)(this.config));
+        this.middlewareStack.use((0, core_1.getHttpAuthSchemeEndpointRuleSetPlugin)(this.config, {
+            httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(),
+            identityProviderConfigProvider: this.getIdentityProviderConfigProvider(),
+        }));
+        this.middlewareStack.use((0, core_1.getHttpSigningPlugin)(this.config));
     }
     destroy() {
         super.destroy();

package/dist-cjs/auth/httpAuthExtensionConfiguration.js

@@ -0,0 +1,43 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.resolveHttpAuthRuntimeConfig = exports.getHttpAuthExtensionConfiguration = void 0;
+const getHttpAuthExtensionConfiguration = (runtimeConfig) => {
+    const _httpAuthSchemes = runtimeConfig.httpAuthSchemes;
+    let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider;
+    let _credentials = runtimeConfig.credentials;
+    return {
+        setHttpAuthScheme(httpAuthScheme) {
+            const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId);
+            if (index === -1) {
+                _httpAuthSchemes.push(httpAuthScheme);
+            }
+            else {
+                _httpAuthSchemes.splice(index, 1, httpAuthScheme);
+            }
+        },
+        httpAuthSchemes() {
+            return _httpAuthSchemes;
+        },
+        setHttpAuthSchemeProvider(httpAuthSchemeProvider) {
+            _httpAuthSchemeProvider = httpAuthSchemeProvider;
+        },
+        httpAuthSchemeProvider() {
+            return _httpAuthSchemeProvider;
+        },
+        setCredentials(credentials) {
+            _credentials = credentials;
+        },
+        credentials() {
+            return _credentials;
+        },
+    };
+};
+exports.getHttpAuthExtensionConfiguration = getHttpAuthExtensionConfiguration;
+const resolveHttpAuthRuntimeConfig = (config) => {
+    return {
+        httpAuthSchemes: config.httpAuthSchemes(),
+        httpAuthSchemeProvider: config.httpAuthSchemeProvider(),
+        credentials: config.credentials(),
+    };
+};
+exports.resolveHttpAuthRuntimeConfig = resolveHttpAuthRuntimeConfig;

package/dist-cjs/auth/httpAuthSchemeProvider.js

@@ -0,0 +1,67 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.resolveHttpAuthSchemeConfig = exports.resolveStsAuthConfig = exports.defaultSTSHttpAuthSchemeProvider = exports.defaultSTSHttpAuthSchemeParametersProvider = void 0;
+const core_1 = require("@aws-sdk/core");
+const util_middleware_1 = require("@smithy/util-middleware");
+const STSClient_1 = require("../STSClient");
+const defaultSTSHttpAuthSchemeParametersProvider = async (config, context, input) => {
+    return {
+        operation: (0, util_middleware_1.getSmithyContext)(context).operation,
+        region: (await (0, util_middleware_1.normalizeProvider)(config.region)()) ||
+            (() => {
+                throw new Error("expected `region` to be configured for `aws.auth#sigv4`");
+            })(),
+    };
+};
+exports.defaultSTSHttpAuthSchemeParametersProvider = defaultSTSHttpAuthSchemeParametersProvider;
+function createAwsAuthSigv4HttpAuthOption(authParameters) {
+    return {
+        schemeId: "aws.auth#sigv4",
+        signingProperties: {
+            name: "sts",
+            region: authParameters.region,
+        },
+        propertiesExtractor: (config, context) => ({
+            signingProperties: {
+                config,
+                context,
+            },
+        }),
+    };
+}
+function createSmithyApiNoAuthHttpAuthOption(authParameters) {
+    return {
+        schemeId: "smithy.api#noAuth",
+    };
+}
+const defaultSTSHttpAuthSchemeProvider = (authParameters) => {
+    const options = [];
+    switch (authParameters.operation) {
+        case "AssumeRoleWithSAML": {
+            options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
+            break;
+        }
+        case "AssumeRoleWithWebIdentity": {
+            options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
+            break;
+        }
+        default: {
+            options.push(createAwsAuthSigv4HttpAuthOption(authParameters));
+        }
+    }
+    return options;
+};
+exports.defaultSTSHttpAuthSchemeProvider = defaultSTSHttpAuthSchemeProvider;
+const resolveStsAuthConfig = (input) => ({
+    ...input,
+    stsClientCtor: STSClient_1.STSClient,
+});
+exports.resolveStsAuthConfig = resolveStsAuthConfig;
+const resolveHttpAuthSchemeConfig = (config) => {
+    const config_0 = (0, exports.resolveStsAuthConfig)(config);
+    const config_1 = (0, core_1.resolveAWSSDKSigV4Config)(config_0);
+    return {
+        ...config_1,
+    };
+};
+exports.resolveHttpAuthSchemeConfig = resolveHttpAuthSchemeConfig;

package/dist-cjs/commands/AssumeRoleCommand.js

@@ -1,7 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.AssumeRoleCommand = exports.$Command = void 0;
-const middleware_signing_1 = require("@aws-sdk/middleware-signing");
 const middleware_endpoint_1 = require("@smithy/middleware-endpoint");
 const middleware_serde_1 = require("@smithy/middleware-serde");
 const smithy_client_1 = require("@smithy/smithy-client");
@@ -26,7 +25,6 @@ class AssumeRoleCommand extends smithy_client_1.Command {
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use((0, middleware_serde_1.getSerdePlugin)(configuration, this.serialize, this.deserialize));
         this.middlewareStack.use((0, middleware_endpoint_1.getEndpointPlugin)(configuration, AssumeRoleCommand.getEndpointParameterInstructions()));
-        this.middlewareStack.use((0, middleware_signing_1.getAwsAuthPlugin)(configuration));
         const stack = clientStack.concat(this.middlewareStack);
         const { logger } = configuration;
         const clientName = "STSClient";

package/dist-cjs/commands/DecodeAuthorizationMessageCommand.js

@@ -1,7 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.DecodeAuthorizationMessageCommand = exports.$Command = void 0;
-const middleware_signing_1 = require("@aws-sdk/middleware-signing");
 const middleware_endpoint_1 = require("@smithy/middleware-endpoint");
 const middleware_serde_1 = require("@smithy/middleware-serde");
 const smithy_client_1 = require("@smithy/smithy-client");
@@ -25,7 +24,6 @@ class DecodeAuthorizationMessageCommand extends smithy_client_1.Command {
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use((0, middleware_serde_1.getSerdePlugin)(configuration, this.serialize, this.deserialize));
         this.middlewareStack.use((0, middleware_endpoint_1.getEndpointPlugin)(configuration, DecodeAuthorizationMessageCommand.getEndpointParameterInstructions()));
-        this.middlewareStack.use((0, middleware_signing_1.getAwsAuthPlugin)(configuration));
         const stack = clientStack.concat(this.middlewareStack);
         const { logger } = configuration;
         const clientName = "STSClient";

package/dist-cjs/commands/GetAccessKeyInfoCommand.js

@@ -1,7 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.GetAccessKeyInfoCommand = exports.$Command = void 0;
-const middleware_signing_1 = require("@aws-sdk/middleware-signing");
 const middleware_endpoint_1 = require("@smithy/middleware-endpoint");
 const middleware_serde_1 = require("@smithy/middleware-serde");
 const smithy_client_1 = require("@smithy/smithy-client");
@@ -25,7 +24,6 @@ class GetAccessKeyInfoCommand extends smithy_client_1.Command {
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use((0, middleware_serde_1.getSerdePlugin)(configuration, this.serialize, this.deserialize));
         this.middlewareStack.use((0, middleware_endpoint_1.getEndpointPlugin)(configuration, GetAccessKeyInfoCommand.getEndpointParameterInstructions()));
-        this.middlewareStack.use((0, middleware_signing_1.getAwsAuthPlugin)(configuration));
         const stack = clientStack.concat(this.middlewareStack);
         const { logger } = configuration;
         const clientName = "STSClient";

package/dist-cjs/commands/GetCallerIdentityCommand.js

@@ -1,7 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.GetCallerIdentityCommand = exports.$Command = void 0;
-const middleware_signing_1 = require("@aws-sdk/middleware-signing");
 const middleware_endpoint_1 = require("@smithy/middleware-endpoint");
 const middleware_serde_1 = require("@smithy/middleware-serde");
 const smithy_client_1 = require("@smithy/smithy-client");
@@ -25,7 +24,6 @@ class GetCallerIdentityCommand extends smithy_client_1.Command {
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use((0, middleware_serde_1.getSerdePlugin)(configuration, this.serialize, this.deserialize));
         this.middlewareStack.use((0, middleware_endpoint_1.getEndpointPlugin)(configuration, GetCallerIdentityCommand.getEndpointParameterInstructions()));
-        this.middlewareStack.use((0, middleware_signing_1.getAwsAuthPlugin)(configuration));
         const stack = clientStack.concat(this.middlewareStack);
         const { logger } = configuration;
         const clientName = "STSClient";

package/dist-cjs/commands/GetFederationTokenCommand.js

@@ -1,7 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.GetFederationTokenCommand = exports.$Command = void 0;
-const middleware_signing_1 = require("@aws-sdk/middleware-signing");
 const middleware_endpoint_1 = require("@smithy/middleware-endpoint");
 const middleware_serde_1 = require("@smithy/middleware-serde");
 const smithy_client_1 = require("@smithy/smithy-client");
@@ -26,7 +25,6 @@ class GetFederationTokenCommand extends smithy_client_1.Command {
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use((0, middleware_serde_1.getSerdePlugin)(configuration, this.serialize, this.deserialize));
         this.middlewareStack.use((0, middleware_endpoint_1.getEndpointPlugin)(configuration, GetFederationTokenCommand.getEndpointParameterInstructions()));
-        this.middlewareStack.use((0, middleware_signing_1.getAwsAuthPlugin)(configuration));
         const stack = clientStack.concat(this.middlewareStack);
         const { logger } = configuration;
         const clientName = "STSClient";

package/dist-cjs/commands/GetSessionTokenCommand.js

@@ -1,7 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.GetSessionTokenCommand = exports.$Command = void 0;
-const middleware_signing_1 = require("@aws-sdk/middleware-signing");
 const middleware_endpoint_1 = require("@smithy/middleware-endpoint");
 const middleware_serde_1 = require("@smithy/middleware-serde");
 const smithy_client_1 = require("@smithy/smithy-client");
@@ -26,7 +25,6 @@ class GetSessionTokenCommand extends smithy_client_1.Command {
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use((0, middleware_serde_1.getSerdePlugin)(configuration, this.serialize, this.deserialize));
         this.middlewareStack.use((0, middleware_endpoint_1.getEndpointPlugin)(configuration, GetSessionTokenCommand.getEndpointParameterInstructions()));
-        this.middlewareStack.use((0, middleware_signing_1.getAwsAuthPlugin)(configuration));
         const stack = clientStack.concat(this.middlewareStack);
         const { logger } = configuration;
         const clientName = "STSClient";

package/dist-cjs/index.js

@@ -6,7 +6,7 @@ tslib_1.__exportStar(require("./STSClient"), exports);
 tslib_1.__exportStar(require("./STS"), exports);
 tslib_1.__exportStar(require("./commands"), exports);
 tslib_1.__exportStar(require("./models"), exports);
-tslib_1.__exportStar(require("./defaultRoleAssumers"), exports);
 require("@aws-sdk/util-endpoints");
+tslib_1.__exportStar(require("./defaultRoleAssumers"), exports);
 var STSServiceException_1 = require("./models/STSServiceException");
 Object.defineProperty(exports, "STSServiceException", { enumerable: true, get: function () { return STSServiceException_1.STSServiceException; } });

package/dist-cjs/runtimeConfig.js

@@ -8,6 +8,7 @@ const core_1 = require("@aws-sdk/core");
 const credential_provider_node_1 = require("@aws-sdk/credential-provider-node");
 const util_user_agent_node_1 = require("@aws-sdk/util-user-agent-node");
 const config_resolver_1 = require("@smithy/config-resolver");
+const core_2 = require("@smithy/core");
 const hash_node_1 = require("@smithy/hash-node");
 const middleware_retry_1 = require("@smithy/middleware-retry");
 const node_config_provider_1 = require("@smithy/node-config-provider");
@@ -33,6 +34,19 @@ const getRuntimeConfig = (config) => {
         credentialDefaultProvider: config?.credentialDefaultProvider ?? (0, defaultStsRoleAssumers_1.decorateDefaultCredentialProvider)(credential_provider_node_1.defaultProvider),
         defaultUserAgentProvider: config?.defaultUserAgentProvider ??
             (0, util_user_agent_node_1.defaultUserAgent)({ serviceId: clientSharedValues.serviceId, clientVersion: package_json_1.default.version }),
+        httpAuthSchemes: config?.httpAuthSchemes ?? [
+            {
+                schemeId: "aws.auth#sigv4",
+                identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4") ||
+                    (async (idProps) => await (0, defaultStsRoleAssumers_1.decorateDefaultCredentialProvider)(credential_provider_node_1.defaultProvider)(idProps?.__config || {})()),
+                signer: new core_1.AWSSDKSigV4Signer(),
+            },
+            {
+                schemeId: "smithy.api#noAuth",
+                identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
+                signer: new core_2.NoAuthSigner(),
+            },
+        ],
         maxAttempts: config?.maxAttempts ?? (0, node_config_provider_1.loadConfig)(middleware_retry_1.NODE_MAX_ATTEMPT_CONFIG_OPTIONS),
         region: config?.region ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_REGION_CONFIG_OPTIONS, config_resolver_1.NODE_REGION_CONFIG_FILE_OPTIONS),
         requestHandler: config?.requestHandler ?? new node_http_handler_1.NodeHttpHandler(defaultConfigProvider),

package/dist-cjs/runtimeConfig.shared.js

@@ -1,10 +1,13 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getRuntimeConfig = void 0;
+const core_1 = require("@aws-sdk/core");
+const core_2 = require("@smithy/core");
 const smithy_client_1 = require("@smithy/smithy-client");
 const url_parser_1 = require("@smithy/url-parser");
 const util_base64_1 = require("@smithy/util-base64");
 const util_utf8_1 = require("@smithy/util-utf8");
+const httpAuthSchemeProvider_1 = require("./auth/httpAuthSchemeProvider");
 const endpointResolver_1 = require("./endpoint/endpointResolver");
 const getRuntimeConfig = (config) => {
     return {
@@ -14,6 +17,19 @@ const getRuntimeConfig = (config) => {
         disableHostPrefix: config?.disableHostPrefix ?? false,
         endpointProvider: config?.endpointProvider ?? endpointResolver_1.defaultEndpointResolver,
         extensions: config?.extensions ?? [],
+        httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? httpAuthSchemeProvider_1.defaultSTSHttpAuthSchemeProvider,
+        httpAuthSchemes: config?.httpAuthSchemes ?? [
+            {
+                schemeId: "aws.auth#sigv4",
+                identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"),
+                signer: new core_1.AWSSDKSigV4Signer(),
+            },
+            {
+                schemeId: "smithy.api#noAuth",
+                identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
+                signer: new core_2.NoAuthSigner(),
+            },
+        ],
         logger: config?.logger ?? new smithy_client_1.NoOpLogger(),
         serviceId: config?.serviceId ?? "STS",
         urlParser: config?.urlParser ?? url_parser_1.parseUrl,

package/dist-cjs/runtimeExtensions.js

@@ -4,12 +4,14 @@ exports.resolveRuntimeExtensions = void 0;
 const region_config_resolver_1 = require("@aws-sdk/region-config-resolver");
 const protocol_http_1 = require("@smithy/protocol-http");
 const smithy_client_1 = require("@smithy/smithy-client");
+const httpAuthExtensionConfiguration_1 = require("./auth/httpAuthExtensionConfiguration");
 const asPartial = (t) => t;
 const resolveRuntimeExtensions = (runtimeConfig, extensions) => {
     const extensionConfiguration = {
         ...asPartial((0, region_config_resolver_1.getAwsRegionExtensionConfiguration)(runtimeConfig)),
         ...asPartial((0, smithy_client_1.getDefaultExtensionConfiguration)(runtimeConfig)),
         ...asPartial((0, protocol_http_1.getHttpHandlerExtensionConfiguration)(runtimeConfig)),
+        ...asPartial((0, httpAuthExtensionConfiguration_1.getHttpAuthExtensionConfiguration)(runtimeConfig)),
     };
     extensions.forEach((extension) => extension.configure(extensionConfiguration));
     return {
@@ -17,6 +19,7 @@ const resolveRuntimeExtensions = (runtimeConfig, extensions) => {
         ...(0, region_config_resolver_1.resolveAwsRegionExtensionConfiguration)(extensionConfiguration),
         ...(0, smithy_client_1.resolveDefaultRuntimeConfig)(extensionConfiguration),
         ...(0, protocol_http_1.resolveHttpHandlerRuntimeConfig)(extensionConfiguration),
+        ...(0, httpAuthExtensionConfiguration_1.resolveHttpAuthRuntimeConfig)(extensionConfiguration),
     };
 };
 exports.resolveRuntimeExtensions = resolveRuntimeExtensions;

package/dist-es/STSClient.js

@@ -1,18 +1,27 @@
 import { getHostHeaderPlugin, resolveHostHeaderConfig, } from "@aws-sdk/middleware-host-header";
 import { getLoggerPlugin } from "@aws-sdk/middleware-logger";
 import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection";
-import { resolveStsAuthConfig } from "@aws-sdk/middleware-sdk-sts";
 import { getUserAgentPlugin, resolveUserAgentConfig, } from "@aws-sdk/middleware-user-agent";
 import { resolveRegionConfig } from "@smithy/config-resolver";
+import { DefaultIdentityProviderConfig, getHttpAuthSchemeEndpointRuleSetPlugin, getHttpSigningPlugin, } from "@smithy/core";
 import { getContentLengthPlugin } from "@smithy/middleware-content-length";
 import { resolveEndpointConfig } from "@smithy/middleware-endpoint";
 import { getRetryPlugin, resolveRetryConfig } from "@smithy/middleware-retry";
 import { Client as __Client, } from "@smithy/smithy-client";
+import { defaultSTSHttpAuthSchemeParametersProvider, resolveHttpAuthSchemeConfig, } from "./auth/httpAuthSchemeProvider";
 import { resolveClientEndpointParameters, } from "./endpoint/EndpointParameters";
 import { getRuntimeConfig as __getRuntimeConfig } from "./runtimeConfig";
 import { resolveRuntimeExtensions } from "./runtimeExtensions";
 export { __Client };
 export class STSClient extends __Client {
+    getDefaultHttpAuthSchemeParametersProvider() {
+        return defaultSTSHttpAuthSchemeParametersProvider;
+    }
+    getIdentityProviderConfigProvider() {
+        return async (config) => new DefaultIdentityProviderConfig({
+            "aws.auth#sigv4": config.credentials,
+        });
+    }
     constructor(...[configuration]) {
         const _config_0 = __getRuntimeConfig(configuration || {});
         const _config_1 = resolveClientEndpointParameters(_config_0);
@@ -20,8 +29,8 @@ export class STSClient extends __Client {
         const _config_3 = resolveEndpointConfig(_config_2);
         const _config_4 = resolveRetryConfig(_config_3);
         const _config_5 = resolveHostHeaderConfig(_config_4);
-        const _config_6 = resolveStsAuthConfig(_config_5, { stsClientCtor: STSClient });
-        const _config_7 = resolveUserAgentConfig(_config_6);
+        const _config_6 = resolveUserAgentConfig(_config_5);
+        const _config_7 = resolveHttpAuthSchemeConfig(_config_6);
         const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []);
         super(_config_8);
         this.config = _config_8;
@@ -31,6 +40,11 @@ export class STSClient extends __Client {
         this.middlewareStack.use(getLoggerPlugin(this.config));
         this.middlewareStack.use(getRecursionDetectionPlugin(this.config));
         this.middlewareStack.use(getUserAgentPlugin(this.config));
+        this.middlewareStack.use(getHttpAuthSchemeEndpointRuleSetPlugin(this.config, {
+            httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(),
+            identityProviderConfigProvider: this.getIdentityProviderConfigProvider(),
+        }));
+        this.middlewareStack.use(getHttpSigningPlugin(this.config));
     }
     destroy() {
         super.destroy();

package/dist-es/auth/httpAuthExtensionConfiguration.js

@@ -0,0 +1,38 @@
+export const getHttpAuthExtensionConfiguration = (runtimeConfig) => {
+    const _httpAuthSchemes = runtimeConfig.httpAuthSchemes;
+    let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider;
+    let _credentials = runtimeConfig.credentials;
+    return {
+        setHttpAuthScheme(httpAuthScheme) {
+            const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId);
+            if (index === -1) {
+                _httpAuthSchemes.push(httpAuthScheme);
+            }
+            else {
+                _httpAuthSchemes.splice(index, 1, httpAuthScheme);
+            }
+        },
+        httpAuthSchemes() {
+            return _httpAuthSchemes;
+        },
+        setHttpAuthSchemeProvider(httpAuthSchemeProvider) {
+            _httpAuthSchemeProvider = httpAuthSchemeProvider;
+        },
+        httpAuthSchemeProvider() {
+            return _httpAuthSchemeProvider;
+        },
+        setCredentials(credentials) {
+            _credentials = credentials;
+        },
+        credentials() {
+            return _credentials;
+        },
+    };
+};
+export const resolveHttpAuthRuntimeConfig = (config) => {
+    return {
+        httpAuthSchemes: config.httpAuthSchemes(),
+        httpAuthSchemeProvider: config.httpAuthSchemeProvider(),
+        credentials: config.credentials(),
+    };
+};

package/dist-es/auth/httpAuthSchemeProvider.js

@@ -0,0 +1,60 @@
+import { resolveAWSSDKSigV4Config, } from "@aws-sdk/core";
+import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware";
+import { STSClient } from "../STSClient";
+export const defaultSTSHttpAuthSchemeParametersProvider = async (config, context, input) => {
+    return {
+        operation: getSmithyContext(context).operation,
+        region: (await normalizeProvider(config.region)()) ||
+            (() => {
+                throw new Error("expected `region` to be configured for `aws.auth#sigv4`");
+            })(),
+    };
+};
+function createAwsAuthSigv4HttpAuthOption(authParameters) {
+    return {
+        schemeId: "aws.auth#sigv4",
+        signingProperties: {
+            name: "sts",
+            region: authParameters.region,
+        },
+        propertiesExtractor: (config, context) => ({
+            signingProperties: {
+                config,
+                context,
+            },
+        }),
+    };
+}
+function createSmithyApiNoAuthHttpAuthOption(authParameters) {
+    return {
+        schemeId: "smithy.api#noAuth",
+    };
+}
+export const defaultSTSHttpAuthSchemeProvider = (authParameters) => {
+    const options = [];
+    switch (authParameters.operation) {
+        case "AssumeRoleWithSAML": {
+            options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
+            break;
+        }
+        case "AssumeRoleWithWebIdentity": {
+            options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
+            break;
+        }
+        default: {
+            options.push(createAwsAuthSigv4HttpAuthOption(authParameters));
+        }
+    }
+    return options;
+};
+export const resolveStsAuthConfig = (input) => ({
+    ...input,
+    stsClientCtor: STSClient,
+});
+export const resolveHttpAuthSchemeConfig = (config) => {
+    const config_0 = resolveStsAuthConfig(config);
+    const config_1 = resolveAWSSDKSigV4Config(config_0);
+    return {
+        ...config_1,
+    };
+};

package/dist-es/commands/AssumeRoleCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -23,7 +22,6 @@ export class AssumeRoleCommand extends $Command {
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize));
         this.middlewareStack.use(getEndpointPlugin(configuration, AssumeRoleCommand.getEndpointParameterInstructions()));
-        this.middlewareStack.use(getAwsAuthPlugin(configuration));
         const stack = clientStack.concat(this.middlewareStack);
         const { logger } = configuration;
         const clientName = "STSClient";

package/dist-es/commands/DecodeAuthorizationMessageCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -22,7 +21,6 @@ export class DecodeAuthorizationMessageCommand extends $Command {
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize));
         this.middlewareStack.use(getEndpointPlugin(configuration, DecodeAuthorizationMessageCommand.getEndpointParameterInstructions()));
-        this.middlewareStack.use(getAwsAuthPlugin(configuration));
         const stack = clientStack.concat(this.middlewareStack);
         const { logger } = configuration;
         const clientName = "STSClient";

package/dist-es/commands/GetAccessKeyInfoCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -22,7 +21,6 @@ export class GetAccessKeyInfoCommand extends $Command {
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize));
         this.middlewareStack.use(getEndpointPlugin(configuration, GetAccessKeyInfoCommand.getEndpointParameterInstructions()));
-        this.middlewareStack.use(getAwsAuthPlugin(configuration));
         const stack = clientStack.concat(this.middlewareStack);
         const { logger } = configuration;
         const clientName = "STSClient";

package/dist-es/commands/GetCallerIdentityCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -22,7 +21,6 @@ export class GetCallerIdentityCommand extends $Command {
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize));
         this.middlewareStack.use(getEndpointPlugin(configuration, GetCallerIdentityCommand.getEndpointParameterInstructions()));
-        this.middlewareStack.use(getAwsAuthPlugin(configuration));
         const stack = clientStack.concat(this.middlewareStack);
         const { logger } = configuration;
         const clientName = "STSClient";

package/dist-es/commands/GetFederationTokenCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -23,7 +22,6 @@ export class GetFederationTokenCommand extends $Command {
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize));
         this.middlewareStack.use(getEndpointPlugin(configuration, GetFederationTokenCommand.getEndpointParameterInstructions()));
-        this.middlewareStack.use(getAwsAuthPlugin(configuration));
         const stack = clientStack.concat(this.middlewareStack);
         const { logger } = configuration;
         const clientName = "STSClient";

package/dist-es/commands/GetSessionTokenCommand.js

@@ -1,4 +1,3 @@
-import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing";
 import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
@@ -23,7 +22,6 @@ export class GetSessionTokenCommand extends $Command {
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize));
         this.middlewareStack.use(getEndpointPlugin(configuration, GetSessionTokenCommand.getEndpointParameterInstructions()));
-        this.middlewareStack.use(getAwsAuthPlugin(configuration));
         const stack = clientStack.concat(this.middlewareStack);
         const { logger } = configuration;
         const clientName = "STSClient";

package/dist-es/index.js

@@ -2,6 +2,6 @@ export * from "./STSClient";
 export * from "./STS";
 export * from "./commands";
 export * from "./models";
-export * from "./defaultRoleAssumers";
 import "@aws-sdk/util-endpoints";
+export * from "./defaultRoleAssumers";
 export { STSServiceException } from "./models/STSServiceException";

package/dist-es/runtimeConfig.js

@@ -1,9 +1,10 @@
 import packageInfo from "../package.json";
 import { decorateDefaultCredentialProvider } from "./defaultStsRoleAssumers";
-import { emitWarningIfUnsupportedVersion as awsCheckVersion } from "@aws-sdk/core";
+import { AWSSDKSigV4Signer, emitWarningIfUnsupportedVersion as awsCheckVersion } from "@aws-sdk/core";
 import { defaultProvider as credentialDefaultProvider } from "@aws-sdk/credential-provider-node";
 import { defaultUserAgent } from "@aws-sdk/util-user-agent-node";
 import { NODE_REGION_CONFIG_FILE_OPTIONS, NODE_REGION_CONFIG_OPTIONS, NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS, NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS, } from "@smithy/config-resolver";
+import { NoAuthSigner } from "@smithy/core";
 import { Hash } from "@smithy/hash-node";
 import { NODE_MAX_ATTEMPT_CONFIG_OPTIONS, NODE_RETRY_MODE_CONFIG_OPTIONS } from "@smithy/middleware-retry";
 import { loadConfig as loadNodeConfig } from "@smithy/node-config-provider";
@@ -29,6 +30,19 @@ export const getRuntimeConfig = (config) => {
         credentialDefaultProvider: config?.credentialDefaultProvider ?? decorateDefaultCredentialProvider(credentialDefaultProvider),
         defaultUserAgentProvider: config?.defaultUserAgentProvider ??
             defaultUserAgent({ serviceId: clientSharedValues.serviceId, clientVersion: packageInfo.version }),
+        httpAuthSchemes: config?.httpAuthSchemes ?? [
+            {
+                schemeId: "aws.auth#sigv4",
+                identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4") ||
+                    (async (idProps) => await decorateDefaultCredentialProvider(credentialDefaultProvider)(idProps?.__config || {})()),
+                signer: new AWSSDKSigV4Signer(),
+            },
+            {
+                schemeId: "smithy.api#noAuth",
+                identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
+                signer: new NoAuthSigner(),
+            },
+        ],
         maxAttempts: config?.maxAttempts ?? loadNodeConfig(NODE_MAX_ATTEMPT_CONFIG_OPTIONS),
         region: config?.region ?? loadNodeConfig(NODE_REGION_CONFIG_OPTIONS, NODE_REGION_CONFIG_FILE_OPTIONS),
         requestHandler: config?.requestHandler ?? new RequestHandler(defaultConfigProvider),