@aws-sdk/credential-provider-ini 3.185.0 → 3.186.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/CHANGELOG.md +8 -0
  2. package/dist-es/fromIni.js +14 -3
  3. package/dist-es/resolveAssumeRoleCredentials.js +60 -41
  4. package/dist-es/resolveCredentialSource.js +4 -4
  5. package/dist-es/resolveProfileData.js +25 -18
  6. package/dist-es/resolveSsoCredentials.js +2 -2
  7. package/dist-es/resolveStaticCredentials.js +14 -10
  8. package/dist-es/resolveWebIdentityCredentials.js +18 -11
  9. package/package.json +8 -8
package/CHANGELOG.md CHANGED
@@ -3,6 +3,14 @@
3
3
  All notable changes to this project will be documented in this file.
4
4
  See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
5
5
 
6
+ # [3.186.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.185.0...v3.186.0) (2022-10-06)
7
+
8
+ **Note:** Version bump only for package @aws-sdk/credential-provider-ini
9
+
10
+
11
+
12
+
13
+
6
14
  # [3.185.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.184.0...v3.185.0) (2022-10-05)
7
15
 
8
16
  **Note:** Version bump only for package @aws-sdk/credential-provider-ini
package/dist-es/fromIni.js CHANGED
@@ -1,6 +1,17 @@
1
+ import { __awaiter, __generator } from "tslib";
1
2
  import { getProfileName, parseKnownFiles } from "@aws-sdk/shared-ini-file-loader";
2
3
  import { resolveProfileData } from "./resolveProfileData";
3
- export const fromIni = (init = {}) => async () => {
4
- const profiles = await parseKnownFiles(init);
5
- return resolveProfileData(getProfileName(init), profiles, init);
4
+ export var fromIni = function (init) {
5
+ if (init === void 0) { init = {}; }
6
+ return function () { return __awaiter(void 0, void 0, void 0, function () {
7
+ var profiles;
8
+ return __generator(this, function (_a) {
9
+ switch (_a.label) {
10
+ case 0: return [4, parseKnownFiles(init)];
11
+ case 1:
12
+ profiles = _a.sent();
13
+ return [2, resolveProfileData(getProfileName(init), profiles, init)];
14
+ }
15
+ });
16
+ }); };
6
17
  };
package/dist-es/resolveAssumeRoleCredentials.js CHANGED
@@ -1,46 +1,65 @@
1
+ import { __assign, __awaiter, __generator } from "tslib";
1
2
  import { CredentialsProviderError } from "@aws-sdk/property-provider";
2
3
  import { getProfileName } from "@aws-sdk/shared-ini-file-loader";
3
4
  import { resolveCredentialSource } from "./resolveCredentialSource";
4
5
  import { resolveProfileData } from "./resolveProfileData";
5
- export const isAssumeRoleProfile = (arg) => Boolean(arg) &&
6
- typeof arg === "object" &&
7
- typeof arg.role_arn === "string" &&
8
- ["undefined", "string"].indexOf(typeof arg.role_session_name) > -1 &&
9
- ["undefined", "string"].indexOf(typeof arg.external_id) > -1 &&
10
- ["undefined", "string"].indexOf(typeof arg.mfa_serial) > -1 &&
11
- (isAssumeRoleWithSourceProfile(arg) || isAssumeRoleWithProviderProfile(arg));
12
- const isAssumeRoleWithSourceProfile = (arg) => typeof arg.source_profile === "string" && typeof arg.credential_source === "undefined";
13
- const isAssumeRoleWithProviderProfile = (arg) => typeof arg.credential_source === "string" && typeof arg.source_profile === "undefined";
14
- export const resolveAssumeRoleCredentials = async (profileName, profiles, options, visitedProfiles = {}) => {
15
- const data = profiles[profileName];
16
- if (!options.roleAssumer) {
17
- throw new CredentialsProviderError(`Profile ${profileName} requires a role to be assumed, but no role assumption callback was provided.`, false);
18
- }
19
- const { source_profile } = data;
20
- if (source_profile && source_profile in visitedProfiles) {
21
- throw new CredentialsProviderError(`Detected a cycle attempting to resolve credentials for profile` +
22
- ` ${getProfileName(options)}. Profiles visited: ` +
23
- Object.keys(visitedProfiles).join(", "), false);
24
- }
25
- const sourceCredsProvider = source_profile
26
- ? resolveProfileData(source_profile, profiles, options, {
27
- ...visitedProfiles,
28
- [source_profile]: true,
29
- })
30
- : resolveCredentialSource(data.credential_source, profileName)();
31
- const params = {
32
- RoleArn: data.role_arn,
33
- RoleSessionName: data.role_session_name || `aws-sdk-js-${Date.now()}`,
34
- ExternalId: data.external_id,
35
- };
36
- const { mfa_serial } = data;
37
- if (mfa_serial) {
38
- if (!options.mfaCodeProvider) {
39
- throw new CredentialsProviderError(`Profile ${profileName} requires multi-factor authentication, but no MFA code callback was provided.`, false);
40
- }
41
- params.SerialNumber = mfa_serial;
42
- params.TokenCode = await options.mfaCodeProvider(mfa_serial);
43
- }
44
- const sourceCreds = await sourceCredsProvider;
45
- return options.roleAssumer(sourceCreds, params);
6
+ export var isAssumeRoleProfile = function (arg) {
7
+ return Boolean(arg) &&
8
+ typeof arg === "object" &&
9
+ typeof arg.role_arn === "string" &&
10
+ ["undefined", "string"].indexOf(typeof arg.role_session_name) > -1 &&
11
+ ["undefined", "string"].indexOf(typeof arg.external_id) > -1 &&
12
+ ["undefined", "string"].indexOf(typeof arg.mfa_serial) > -1 &&
13
+ (isAssumeRoleWithSourceProfile(arg) || isAssumeRoleWithProviderProfile(arg));
14
+ };
15
+ var isAssumeRoleWithSourceProfile = function (arg) {
16
+ return typeof arg.source_profile === "string" && typeof arg.credential_source === "undefined";
17
+ };
18
+ var isAssumeRoleWithProviderProfile = function (arg) {
19
+ return typeof arg.credential_source === "string" && typeof arg.source_profile === "undefined";
20
+ };
21
+ export var resolveAssumeRoleCredentials = function (profileName, profiles, options, visitedProfiles) {
22
+ if (visitedProfiles === void 0) { visitedProfiles = {}; }
23
+ return __awaiter(void 0, void 0, void 0, function () {
24
+ var data, source_profile, sourceCredsProvider, params, mfa_serial, _a, sourceCreds;
25
+ var _b;
26
+ return __generator(this, function (_c) {
27
+ switch (_c.label) {
28
+ case 0:
29
+ data = profiles[profileName];
30
+ if (!options.roleAssumer) {
31
+ throw new CredentialsProviderError("Profile ".concat(profileName, " requires a role to be assumed, but no role assumption callback was provided."), false);
32
+ }
33
+ source_profile = data.source_profile;
34
+ if (source_profile && source_profile in visitedProfiles) {
35
+ throw new CredentialsProviderError("Detected a cycle attempting to resolve credentials for profile" +
36
+ " ".concat(getProfileName(options), ". Profiles visited: ") +
37
+ Object.keys(visitedProfiles).join(", "), false);
38
+ }
39
+ sourceCredsProvider = source_profile
40
+ ? resolveProfileData(source_profile, profiles, options, __assign(__assign({}, visitedProfiles), (_b = {}, _b[source_profile] = true, _b)))
41
+ : resolveCredentialSource(data.credential_source, profileName)();
42
+ params = {
43
+ RoleArn: data.role_arn,
44
+ RoleSessionName: data.role_session_name || "aws-sdk-js-".concat(Date.now()),
45
+ ExternalId: data.external_id,
46
+ };
47
+ mfa_serial = data.mfa_serial;
48
+ if (!mfa_serial) return [3, 2];
49
+ if (!options.mfaCodeProvider) {
50
+ throw new CredentialsProviderError("Profile ".concat(profileName, " requires multi-factor authentication, but no MFA code callback was provided."), false);
51
+ }
52
+ params.SerialNumber = mfa_serial;
53
+ _a = params;
54
+ return [4, options.mfaCodeProvider(mfa_serial)];
55
+ case 1:
56
+ _a.TokenCode = _c.sent();
57
+ _c.label = 2;
58
+ case 2: return [4, sourceCredsProvider];
59
+ case 3:
60
+ sourceCreds = _c.sent();
61
+ return [2, options.roleAssumer(sourceCreds, params)];
62
+ }
63
+ });
64
+ });
46
65
  };
package/dist-es/resolveCredentialSource.js CHANGED
@@ -1,8 +1,8 @@
1
1
  import { fromEnv } from "@aws-sdk/credential-provider-env";
2
2
  import { fromContainerMetadata, fromInstanceMetadata } from "@aws-sdk/credential-provider-imds";
3
3
  import { CredentialsProviderError } from "@aws-sdk/property-provider";
4
- export const resolveCredentialSource = (credentialSource, profileName) => {
5
- const sourceProvidersMap = {
4
+ export var resolveCredentialSource = function (credentialSource, profileName) {
5
+ var sourceProvidersMap = {
6
6
  EcsContainer: fromContainerMetadata,
7
7
  Ec2InstanceMetadata: fromInstanceMetadata,
8
8
  Environment: fromEnv,
@@ -11,7 +11,7 @@ export const resolveCredentialSource = (credentialSource, profileName) => {
11
11
  return sourceProvidersMap[credentialSource]();
12
12
  }
13
13
  else {
14
- throw new CredentialsProviderError(`Unsupported credential source in profile ${profileName}. Got ${credentialSource}, ` +
15
- `expected EcsContainer or Ec2InstanceMetadata or Environment.`);
14
+ throw new CredentialsProviderError("Unsupported credential source in profile ".concat(profileName, ". Got ").concat(credentialSource, ", ") +
15
+ "expected EcsContainer or Ec2InstanceMetadata or Environment.");
16
16
  }
17
17
  };
package/dist-es/resolveProfileData.js CHANGED
@@ -1,24 +1,31 @@
1
+ import { __awaiter, __generator } from "tslib";
1
2
  import { CredentialsProviderError } from "@aws-sdk/property-provider";
2
3
  import { isAssumeRoleProfile, resolveAssumeRoleCredentials } from "./resolveAssumeRoleCredentials";
3
4
  import { isSsoProfile, resolveSsoCredentials } from "./resolveSsoCredentials";
4
5
  import { isStaticCredsProfile, resolveStaticCredentials } from "./resolveStaticCredentials";
5
6
  import { isWebIdentityProfile, resolveWebIdentityCredentials } from "./resolveWebIdentityCredentials";
6
- export const resolveProfileData = async (profileName, profiles, options, visitedProfiles = {}) => {
7
- const data = profiles[profileName];
8
- if (Object.keys(visitedProfiles).length > 0 && isStaticCredsProfile(data)) {
9
- return resolveStaticCredentials(data);
10
- }
11
- if (isAssumeRoleProfile(data)) {
12
- return resolveAssumeRoleCredentials(profileName, profiles, options, visitedProfiles);
13
- }
14
- if (isStaticCredsProfile(data)) {
15
- return resolveStaticCredentials(data);
16
- }
17
- if (isWebIdentityProfile(data)) {
18
- return resolveWebIdentityCredentials(data, options);
19
- }
20
- if (isSsoProfile(data)) {
21
- return resolveSsoCredentials(data);
22
- }
23
- throw new CredentialsProviderError(`Profile ${profileName} could not be found or parsed in shared credentials file.`);
7
+ export var resolveProfileData = function (profileName, profiles, options, visitedProfiles) {
8
+ if (visitedProfiles === void 0) { visitedProfiles = {}; }
9
+ return __awaiter(void 0, void 0, void 0, function () {
10
+ var data;
11
+ return __generator(this, function (_a) {
12
+ data = profiles[profileName];
13
+ if (Object.keys(visitedProfiles).length > 0 && isStaticCredsProfile(data)) {
14
+ return [2, resolveStaticCredentials(data)];
15
+ }
16
+ if (isAssumeRoleProfile(data)) {
17
+ return [2, resolveAssumeRoleCredentials(profileName, profiles, options, visitedProfiles)];
18
+ }
19
+ if (isStaticCredsProfile(data)) {
20
+ return [2, resolveStaticCredentials(data)];
21
+ }
22
+ if (isWebIdentityProfile(data)) {
23
+ return [2, resolveWebIdentityCredentials(data, options)];
24
+ }
25
+ if (isSsoProfile(data)) {
26
+ return [2, resolveSsoCredentials(data)];
27
+ }
28
+ throw new CredentialsProviderError("Profile ".concat(profileName, " could not be found or parsed in shared credentials file."));
29
+ });
30
+ });
24
31
  };
package/dist-es/resolveSsoCredentials.js CHANGED
@@ -1,7 +1,7 @@
1
1
  import { fromSSO, validateSsoProfile } from "@aws-sdk/credential-provider-sso";
2
2
  export { isSsoProfile } from "@aws-sdk/credential-provider-sso";
3
- export const resolveSsoCredentials = (data) => {
4
- const { sso_start_url, sso_account_id, sso_region, sso_role_name } = validateSsoProfile(data);
3
+ export var resolveSsoCredentials = function (data) {
4
+ var _a = validateSsoProfile(data), sso_start_url = _a.sso_start_url, sso_account_id = _a.sso_account_id, sso_region = _a.sso_region, sso_role_name = _a.sso_role_name;
5
5
  return fromSSO({
6
6
  ssoStartUrl: sso_start_url,
7
7
  ssoAccountId: sso_account_id,
package/dist-es/resolveStaticCredentials.js CHANGED
@@ -1,10 +1,14 @@
1
- export const isStaticCredsProfile = (arg) => Boolean(arg) &&
2
- typeof arg === "object" &&
3
- typeof arg.aws_access_key_id === "string" &&
4
- typeof arg.aws_secret_access_key === "string" &&
5
- ["undefined", "string"].indexOf(typeof arg.aws_session_token) > -1;
6
- export const resolveStaticCredentials = (profile) => Promise.resolve({
7
- accessKeyId: profile.aws_access_key_id,
8
- secretAccessKey: profile.aws_secret_access_key,
9
- sessionToken: profile.aws_session_token,
10
- });
1
+ export var isStaticCredsProfile = function (arg) {
2
+ return Boolean(arg) &&
3
+ typeof arg === "object" &&
4
+ typeof arg.aws_access_key_id === "string" &&
5
+ typeof arg.aws_secret_access_key === "string" &&
6
+ ["undefined", "string"].indexOf(typeof arg.aws_session_token) > -1;
7
+ };
8
+ export var resolveStaticCredentials = function (profile) {
9
+ return Promise.resolve({
10
+ accessKeyId: profile.aws_access_key_id,
11
+ secretAccessKey: profile.aws_secret_access_key,
12
+ sessionToken: profile.aws_session_token,
13
+ });
14
+ };
package/dist-es/resolveWebIdentityCredentials.js CHANGED
@@ -1,12 +1,19 @@
1
+ import { __awaiter, __generator } from "tslib";
1
2
  import { fromTokenFile } from "@aws-sdk/credential-provider-web-identity";
2
- export const isWebIdentityProfile = (arg) => Boolean(arg) &&
3
- typeof arg === "object" &&
4
- typeof arg.web_identity_token_file === "string" &&
5
- typeof arg.role_arn === "string" &&
6
- ["undefined", "string"].indexOf(typeof arg.role_session_name) > -1;
7
- export const resolveWebIdentityCredentials = async (profile, options) => fromTokenFile({
8
- webIdentityTokenFile: profile.web_identity_token_file,
9
- roleArn: profile.role_arn,
10
- roleSessionName: profile.role_session_name,
11
- roleAssumerWithWebIdentity: options.roleAssumerWithWebIdentity,
12
- })();
3
+ export var isWebIdentityProfile = function (arg) {
4
+ return Boolean(arg) &&
5
+ typeof arg === "object" &&
6
+ typeof arg.web_identity_token_file === "string" &&
7
+ typeof arg.role_arn === "string" &&
8
+ ["undefined", "string"].indexOf(typeof arg.role_session_name) > -1;
9
+ };
10
+ export var resolveWebIdentityCredentials = function (profile, options) { return __awaiter(void 0, void 0, void 0, function () {
11
+ return __generator(this, function (_a) {
12
+ return [2, fromTokenFile({
13
+ webIdentityTokenFile: profile.web_identity_token_file,
14
+ roleArn: profile.role_arn,
15
+ roleSessionName: profile.role_session_name,
16
+ roleAssumerWithWebIdentity: options.roleAssumerWithWebIdentity,
17
+ })()];
18
+ });
19
+ }); };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@aws-sdk/credential-provider-ini",
3
- "version": "3.185.0",
3
+ "version": "3.186.0",
4
4
  "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config",
5
5
  "main": "./dist-cjs/index.js",
6
6
  "module": "./dist-es/index.js",
@@ -24,13 +24,13 @@
24
24
  },
25
25
  "license": "Apache-2.0",
26
26
  "dependencies": {
27
- "@aws-sdk/credential-provider-env": "3.183.0",
28
- "@aws-sdk/credential-provider-imds": "3.183.0",
29
- "@aws-sdk/credential-provider-sso": "3.185.0",
30
- "@aws-sdk/credential-provider-web-identity": "3.183.0",
31
- "@aws-sdk/property-provider": "3.183.0",
32
- "@aws-sdk/shared-ini-file-loader": "3.183.0",
33
- "@aws-sdk/types": "3.183.0",
27
+ "@aws-sdk/credential-provider-env": "3.186.0",
28
+ "@aws-sdk/credential-provider-imds": "3.186.0",
29
+ "@aws-sdk/credential-provider-sso": "3.186.0",
30
+ "@aws-sdk/credential-provider-web-identity": "3.186.0",
31
+ "@aws-sdk/property-provider": "3.186.0",
32
+ "@aws-sdk/shared-ini-file-loader": "3.186.0",
33
+ "@aws-sdk/types": "3.186.0",
34
34
  "tslib": "^2.3.1"
35
35
  },
36
36
  "devDependencies": {