@aws-sdk/client-sts 3.616.0 → 3.620.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist-cjs/index.js +17 -4
  2. package/dist-es/defaultStsRoleAssumers.js +17 -4
  3. package/package.json +17 -17
package/dist-cjs/index.js CHANGED
@@ -1294,6 +1294,15 @@ var import_EndpointParameters9 = require("./endpoint/EndpointParameters");
1294
1294
 
1295
1295
  // src/defaultStsRoleAssumers.ts
1296
1296
  var ASSUME_ROLE_DEFAULT_REGION = "us-east-1";
1297
+ var getAccountIdFromAssumedRoleUser = /* @__PURE__ */ __name((assumedRoleUser) => {
1298
+ if (typeof (assumedRoleUser == null ? void 0 : assumedRoleUser.Arn) === "string") {
1299
+ const arnComponents = assumedRoleUser.Arn.split(":");
1300
+ if (arnComponents.length > 4 && arnComponents[4] !== "") {
1301
+ return arnComponents[4];
1302
+ }
1303
+ }
1304
+ return void 0;
1305
+ }, "getAccountIdFromAssumedRoleUser");
1297
1306
  var resolveRegion = /* @__PURE__ */ __name(async (_region, _parentRegion, credentialProviderLogger) => {
1298
1307
  var _a2;
1299
1308
  const region = typeof _region === "function" ? await _region() : _region;
@@ -1334,17 +1343,19 @@ var getDefaultRoleAssumer = /* @__PURE__ */ __name((stsOptions, stsClientCtor) =
1334
1343
  logger
1335
1344
  });
1336
1345
  }
1337
- const { Credentials: Credentials2 } = await stsClient.send(new AssumeRoleCommand(params));
1346
+ const { Credentials: Credentials2, AssumedRoleUser: AssumedRoleUser2 } = await stsClient.send(new AssumeRoleCommand(params));
1338
1347
  if (!Credentials2 || !Credentials2.AccessKeyId || !Credentials2.SecretAccessKey) {
1339
1348
  throw new Error(`Invalid response from STS.assumeRole call with role ${params.RoleArn}`);
1340
1349
  }
1350
+ const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser2);
1341
1351
  return {
1342
1352
  accessKeyId: Credentials2.AccessKeyId,
1343
1353
  secretAccessKey: Credentials2.SecretAccessKey,
1344
1354
  sessionToken: Credentials2.SessionToken,
1345
1355
  expiration: Credentials2.Expiration,
1346
1356
  // TODO(credentialScope): access normally when shape is updated.
1347
- credentialScope: Credentials2.CredentialScope
1357
+ ...Credentials2.CredentialScope && { credentialScope: Credentials2.CredentialScope },
1358
+ ...accountId && { accountId }
1348
1359
  };
1349
1360
  };
1350
1361
  }, "getDefaultRoleAssumer");
@@ -1370,17 +1381,19 @@ var getDefaultRoleAssumerWithWebIdentity = /* @__PURE__ */ __name((stsOptions, s
1370
1381
  logger
1371
1382
  });
1372
1383
  }
1373
- const { Credentials: Credentials2 } = await stsClient.send(new AssumeRoleWithWebIdentityCommand(params));
1384
+ const { Credentials: Credentials2, AssumedRoleUser: AssumedRoleUser2 } = await stsClient.send(new AssumeRoleWithWebIdentityCommand(params));
1374
1385
  if (!Credentials2 || !Credentials2.AccessKeyId || !Credentials2.SecretAccessKey) {
1375
1386
  throw new Error(`Invalid response from STS.assumeRoleWithWebIdentity call with role ${params.RoleArn}`);
1376
1387
  }
1388
+ const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser2);
1377
1389
  return {
1378
1390
  accessKeyId: Credentials2.AccessKeyId,
1379
1391
  secretAccessKey: Credentials2.SecretAccessKey,
1380
1392
  sessionToken: Credentials2.SessionToken,
1381
1393
  expiration: Credentials2.Expiration,
1382
1394
  // TODO(credentialScope): access normally when shape is updated.
1383
- credentialScope: Credentials2.CredentialScope
1395
+ ...Credentials2.CredentialScope && { credentialScope: Credentials2.CredentialScope },
1396
+ ...accountId && { accountId }
1384
1397
  };
1385
1398
  };
1386
1399
  }, "getDefaultRoleAssumerWithWebIdentity");
package/dist-es/defaultStsRoleAssumers.js CHANGED
@@ -1,6 +1,15 @@
1
1
  import { AssumeRoleCommand } from "./commands/AssumeRoleCommand";
2
2
  import { AssumeRoleWithWebIdentityCommand, } from "./commands/AssumeRoleWithWebIdentityCommand";
3
3
  const ASSUME_ROLE_DEFAULT_REGION = "us-east-1";
4
+ const getAccountIdFromAssumedRoleUser = (assumedRoleUser) => {
5
+ if (typeof assumedRoleUser?.Arn === "string") {
6
+ const arnComponents = assumedRoleUser.Arn.split(":");
7
+ if (arnComponents.length > 4 && arnComponents[4] !== "") {
8
+ return arnComponents[4];
9
+ }
10
+ }
11
+ return undefined;
12
+ };
4
13
  const resolveRegion = async (_region, _parentRegion, credentialProviderLogger) => {
5
14
  const region = typeof _region === "function" ? await _region() : _region;
6
15
  const parentRegion = typeof _parentRegion === "function" ? await _parentRegion() : _parentRegion;
@@ -22,16 +31,18 @@ export const getDefaultRoleAssumer = (stsOptions, stsClientCtor) => {
22
31
  logger: logger,
23
32
  });
24
33
  }
25
- const { Credentials } = await stsClient.send(new AssumeRoleCommand(params));
34
+ const { Credentials, AssumedRoleUser } = await stsClient.send(new AssumeRoleCommand(params));
26
35
  if (!Credentials || !Credentials.AccessKeyId || !Credentials.SecretAccessKey) {
27
36
  throw new Error(`Invalid response from STS.assumeRole call with role ${params.RoleArn}`);
28
37
  }
38
+ const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser);
29
39
  return {
30
40
  accessKeyId: Credentials.AccessKeyId,
31
41
  secretAccessKey: Credentials.SecretAccessKey,
32
42
  sessionToken: Credentials.SessionToken,
33
43
  expiration: Credentials.Expiration,
34
- credentialScope: Credentials.CredentialScope,
44
+ ...(Credentials.CredentialScope && { credentialScope: Credentials.CredentialScope }),
45
+ ...(accountId && { accountId }),
35
46
  };
36
47
  };
37
48
  };
@@ -47,16 +58,18 @@ export const getDefaultRoleAssumerWithWebIdentity = (stsOptions, stsClientCtor)
47
58
  logger: logger,
48
59
  });
49
60
  }
50
- const { Credentials } = await stsClient.send(new AssumeRoleWithWebIdentityCommand(params));
61
+ const { Credentials, AssumedRoleUser } = await stsClient.send(new AssumeRoleWithWebIdentityCommand(params));
51
62
  if (!Credentials || !Credentials.AccessKeyId || !Credentials.SecretAccessKey) {
52
63
  throw new Error(`Invalid response from STS.assumeRoleWithWebIdentity call with role ${params.RoleArn}`);
53
64
  }
65
+ const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser);
54
66
  return {
55
67
  accessKeyId: Credentials.AccessKeyId,
56
68
  secretAccessKey: Credentials.SecretAccessKey,
57
69
  sessionToken: Credentials.SessionToken,
58
70
  expiration: Credentials.Expiration,
59
- credentialScope: Credentials.CredentialScope,
71
+ ...(Credentials.CredentialScope && { credentialScope: Credentials.CredentialScope }),
72
+ ...(accountId && { accountId }),
60
73
  };
61
74
  };
62
75
  };
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@aws-sdk/client-sts",
3
3
  "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native",
4
- "version": "3.616.0",
4
+ "version": "3.620.1",
5
5
  "scripts": {
6
6
  "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
7
7
  "build:cjs": "node ../../scripts/compilation/inline client-sts",
@@ -22,39 +22,39 @@
22
22
  "dependencies": {
23
23
  "@aws-crypto/sha256-browser": "5.2.0",
24
24
  "@aws-crypto/sha256-js": "5.2.0",
25
- "@aws-sdk/client-sso-oidc": "3.616.0",
26
- "@aws-sdk/core": "3.616.0",
27
- "@aws-sdk/credential-provider-node": "3.616.0",
28
- "@aws-sdk/middleware-host-header": "3.616.0",
25
+ "@aws-sdk/client-sso-oidc": "3.620.1",
26
+ "@aws-sdk/core": "3.620.1",
27
+ "@aws-sdk/credential-provider-node": "3.620.1",
28
+ "@aws-sdk/middleware-host-header": "3.620.0",
29
29
  "@aws-sdk/middleware-logger": "3.609.0",
30
- "@aws-sdk/middleware-recursion-detection": "3.616.0",
31
- "@aws-sdk/middleware-user-agent": "3.616.0",
30
+ "@aws-sdk/middleware-recursion-detection": "3.620.0",
31
+ "@aws-sdk/middleware-user-agent": "3.620.0",
32
32
  "@aws-sdk/region-config-resolver": "3.614.0",
33
33
  "@aws-sdk/types": "3.609.0",
34
34
  "@aws-sdk/util-endpoints": "3.614.0",
35
35
  "@aws-sdk/util-user-agent-browser": "3.609.0",
36
36
  "@aws-sdk/util-user-agent-node": "3.614.0",
37
37
  "@smithy/config-resolver": "^3.0.5",
38
- "@smithy/core": "^2.2.7",
39
- "@smithy/fetch-http-handler": "^3.2.2",
38
+ "@smithy/core": "^2.3.0",
39
+ "@smithy/fetch-http-handler": "^3.2.3",
40
40
  "@smithy/hash-node": "^3.0.3",
41
41
  "@smithy/invalid-dependency": "^3.0.3",
42
- "@smithy/middleware-content-length": "^3.0.4",
43
- "@smithy/middleware-endpoint": "^3.0.5",
44
- "@smithy/middleware-retry": "^3.0.10",
42
+ "@smithy/middleware-content-length": "^3.0.5",
43
+ "@smithy/middleware-endpoint": "^3.1.0",
44
+ "@smithy/middleware-retry": "^3.0.12",
45
45
  "@smithy/middleware-serde": "^3.0.3",
46
46
  "@smithy/middleware-stack": "^3.0.3",
47
47
  "@smithy/node-config-provider": "^3.1.4",
48
- "@smithy/node-http-handler": "^3.1.3",
49
- "@smithy/protocol-http": "^4.0.4",
50
- "@smithy/smithy-client": "^3.1.8",
48
+ "@smithy/node-http-handler": "^3.1.4",
49
+ "@smithy/protocol-http": "^4.1.0",
50
+ "@smithy/smithy-client": "^3.1.10",
51
51
  "@smithy/types": "^3.3.0",
52
52
  "@smithy/url-parser": "^3.0.3",
53
53
  "@smithy/util-base64": "^3.0.0",
54
54
  "@smithy/util-body-length-browser": "^3.0.0",
55
55
  "@smithy/util-body-length-node": "^3.0.0",
56
- "@smithy/util-defaults-mode-browser": "^3.0.10",
57
- "@smithy/util-defaults-mode-node": "^3.0.10",
56
+ "@smithy/util-defaults-mode-browser": "^3.0.12",
57
+ "@smithy/util-defaults-mode-node": "^3.0.12",
58
58
  "@smithy/util-endpoints": "^2.0.5",
59
59
  "@smithy/util-middleware": "^3.0.3",
60
60
  "@smithy/util-retry": "^3.0.3",