@aws-sdk/credential-provider-ini 3.501.0 → 3.503.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist-cjs/index.js +69 -43
- package/dist-cjs/loadSts.js +1 -0
- package/dist-es/fromIni.js +1 -0
- package/dist-es/loadSts.js +2 -0
- package/dist-es/resolveAssumeRoleCredentials.js +4 -2
- package/dist-es/resolveCredentialSource.js +4 -6
- package/dist-es/resolveProcessCredentials.js +2 -3
- package/dist-es/resolveProfileData.js +3 -3
- package/dist-es/resolveSsoCredentials.js +9 -9
- package/dist-es/resolveStaticCredentials.js +9 -6
- package/dist-es/resolveWebIdentityCredentials.js +2 -3
- package/dist-types/fromIni.d.ts +8 -4
- package/dist-types/loadSts.d.ts +3 -0
- package/dist-types/resolveAssumeRoleCredentials.d.ts +2 -2
- package/dist-types/resolveCredentialSource.d.ts +2 -1
- package/dist-types/resolveProcessCredentials.d.ts +1 -2
- package/dist-types/resolveProfileData.d.ts +1 -1
- package/dist-types/resolveSsoCredentials.d.ts +5 -3
- package/dist-types/resolveStaticCredentials.d.ts +2 -1
- package/dist-types/ts3.4/fromIni.d.ts +8 -1
- package/dist-types/ts3.4/loadSts.d.ts +3 -0
- package/dist-types/ts3.4/resolveAssumeRoleCredentials.d.ts +2 -2
- package/dist-types/ts3.4/resolveCredentialSource.d.ts +4 -1
- package/dist-types/ts3.4/resolveProcessCredentials.d.ts +1 -2
- package/dist-types/ts3.4/resolveSsoCredentials.d.ts +3 -2
- package/dist-types/ts3.4/resolveStaticCredentials.d.ts +3 -1
- package/package.json +7 -6
package/dist-cjs/index.js
CHANGED
|
@@ -1,8 +1,13 @@
|
|
|
1
|
+
var __create = Object.create;
|
|
1
2
|
var __defProp = Object.defineProperty;
|
|
2
3
|
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
|
|
3
4
|
var __getOwnPropNames = Object.getOwnPropertyNames;
|
|
5
|
+
var __getProtoOf = Object.getPrototypeOf;
|
|
4
6
|
var __hasOwnProp = Object.prototype.hasOwnProperty;
|
|
5
7
|
var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
|
|
8
|
+
var __esm = (fn, res) => function __init() {
|
|
9
|
+
return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
|
|
10
|
+
};
|
|
6
11
|
var __export = (target, all) => {
|
|
7
12
|
for (var name in all)
|
|
8
13
|
__defProp(target, name, { get: all[name], enumerable: true });
|
|
@@ -15,8 +20,28 @@ var __copyProps = (to, from, except, desc) => {
|
|
|
15
20
|
}
|
|
16
21
|
return to;
|
|
17
22
|
};
|
|
23
|
+
var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
|
|
24
|
+
// If the importer is in node compatibility mode or this is not an ESM
|
|
25
|
+
// file that has been converted to a CommonJS file using a Babel-
|
|
26
|
+
// compatible transform (i.e. "__esModule" has not been set), then set
|
|
27
|
+
// "default" to the CommonJS "module.exports" for node compatibility.
|
|
28
|
+
isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
|
|
29
|
+
mod
|
|
30
|
+
));
|
|
18
31
|
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
19
32
|
|
|
33
|
+
// src/loadSts.ts
|
|
34
|
+
var loadSts_exports = {};
|
|
35
|
+
__export(loadSts_exports, {
|
|
36
|
+
getDefaultRoleAssumer: () => import_client_sts.getDefaultRoleAssumer
|
|
37
|
+
});
|
|
38
|
+
var import_client_sts;
|
|
39
|
+
var init_loadSts = __esm({
|
|
40
|
+
"src/loadSts.ts"() {
|
|
41
|
+
import_client_sts = require("@aws-sdk/client-sts");
|
|
42
|
+
}
|
|
43
|
+
});
|
|
44
|
+
|
|
20
45
|
// src/index.ts
|
|
21
46
|
var src_exports = {};
|
|
22
47
|
__export(src_exports, {
|
|
@@ -35,17 +60,15 @@ module.exports = __toCommonJS(src_exports);
|
|
|
35
60
|
var import_shared_ini_file_loader = require("@smithy/shared-ini-file-loader");
|
|
36
61
|
|
|
37
62
|
// src/resolveCredentialSource.ts
|
|
38
|
-
var import_credential_provider_env = require("@aws-sdk/credential-provider-env");
|
|
39
|
-
var import_credential_provider_imds = require("@smithy/credential-provider-imds");
|
|
40
63
|
var import_property_provider = require("@smithy/property-provider");
|
|
41
64
|
var resolveCredentialSource = /* @__PURE__ */ __name((credentialSource, profileName) => {
|
|
42
65
|
const sourceProvidersMap = {
|
|
43
|
-
EcsContainer:
|
|
44
|
-
Ec2InstanceMetadata:
|
|
45
|
-
Environment:
|
|
66
|
+
EcsContainer: (options) => Promise.resolve().then(() => __toESM(require("@smithy/credential-provider-imds"))).then(({ fromContainerMetadata }) => fromContainerMetadata(options)),
|
|
67
|
+
Ec2InstanceMetadata: (options) => Promise.resolve().then(() => __toESM(require("@smithy/credential-provider-imds"))).then(({ fromInstanceMetadata }) => fromInstanceMetadata(options)),
|
|
68
|
+
Environment: (options) => Promise.resolve().then(() => __toESM(require("@aws-sdk/credential-provider-env"))).then(({ fromEnv }) => fromEnv(options))
|
|
46
69
|
};
|
|
47
70
|
if (credentialSource in sourceProvidersMap) {
|
|
48
|
-
return sourceProvidersMap[credentialSource]
|
|
71
|
+
return sourceProvidersMap[credentialSource];
|
|
49
72
|
} else {
|
|
50
73
|
throw new import_property_provider.CredentialsProviderError(
|
|
51
74
|
`Unsupported credential source in profile ${profileName}. Got ${credentialSource}, expected EcsContainer or Ec2InstanceMetadata or Environment.`
|
|
@@ -58,12 +81,12 @@ var isAssumeRoleProfile = /* @__PURE__ */ __name((arg) => Boolean(arg) && typeof
|
|
|
58
81
|
var isAssumeRoleWithSourceProfile = /* @__PURE__ */ __name((arg) => typeof arg.source_profile === "string" && typeof arg.credential_source === "undefined", "isAssumeRoleWithSourceProfile");
|
|
59
82
|
var isAssumeRoleWithProviderProfile = /* @__PURE__ */ __name((arg) => typeof arg.credential_source === "string" && typeof arg.source_profile === "undefined", "isAssumeRoleWithProviderProfile");
|
|
60
83
|
var resolveAssumeRoleCredentials = /* @__PURE__ */ __name(async (profileName, profiles, options, visitedProfiles = {}) => {
|
|
84
|
+
var _a;
|
|
85
|
+
(_a = options.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-ini", "resolveAssumeRoleCredentials (STS)");
|
|
61
86
|
const data = profiles[profileName];
|
|
62
87
|
if (!options.roleAssumer) {
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
false
|
|
66
|
-
);
|
|
88
|
+
const { getDefaultRoleAssumer: getDefaultRoleAssumer2 } = await Promise.resolve().then(() => (init_loadSts(), loadSts_exports));
|
|
89
|
+
options.roleAssumer = getDefaultRoleAssumer2(options.clientConfig, options.clientPlugins);
|
|
67
90
|
}
|
|
68
91
|
const { source_profile } = data;
|
|
69
92
|
if (source_profile && source_profile in visitedProfiles) {
|
|
@@ -75,7 +98,7 @@ var resolveAssumeRoleCredentials = /* @__PURE__ */ __name(async (profileName, pr
|
|
|
75
98
|
const sourceCredsProvider = source_profile ? resolveProfileData(source_profile, profiles, options, {
|
|
76
99
|
...visitedProfiles,
|
|
77
100
|
[source_profile]: true
|
|
78
|
-
}) : resolveCredentialSource(data.credential_source, profileName)();
|
|
101
|
+
}) : (await resolveCredentialSource(data.credential_source, profileName)(options))();
|
|
79
102
|
const params = {
|
|
80
103
|
RoleArn: data.role_arn,
|
|
81
104
|
RoleSessionName: data.role_session_name || `aws-sdk-js-${Date.now()}`,
|
|
@@ -98,57 +121,58 @@ var resolveAssumeRoleCredentials = /* @__PURE__ */ __name(async (profileName, pr
|
|
|
98
121
|
}, "resolveAssumeRoleCredentials");
|
|
99
122
|
|
|
100
123
|
// src/resolveProcessCredentials.ts
|
|
101
|
-
var import_credential_provider_process = require("@aws-sdk/credential-provider-process");
|
|
102
124
|
var isProcessProfile = /* @__PURE__ */ __name((arg) => Boolean(arg) && typeof arg === "object" && typeof arg.credential_process === "string", "isProcessProfile");
|
|
103
|
-
var resolveProcessCredentials = /* @__PURE__ */ __name(async (options, profile) => (
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
125
|
+
var resolveProcessCredentials = /* @__PURE__ */ __name(async (options, profile) => Promise.resolve().then(() => __toESM(require("@aws-sdk/credential-provider-process"))).then(
|
|
126
|
+
({ fromProcess }) => fromProcess({
|
|
127
|
+
...options,
|
|
128
|
+
profile
|
|
129
|
+
})()
|
|
130
|
+
), "resolveProcessCredentials");
|
|
107
131
|
|
|
108
132
|
// src/resolveSsoCredentials.ts
|
|
109
|
-
var
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
return (0, import_credential_provider_sso.fromSSO)({
|
|
114
|
-
ssoStartUrl: sso_start_url,
|
|
115
|
-
ssoAccountId: sso_account_id,
|
|
116
|
-
ssoSession: sso_session,
|
|
117
|
-
ssoRegion: sso_region,
|
|
118
|
-
ssoRoleName: sso_role_name
|
|
133
|
+
var resolveSsoCredentials = /* @__PURE__ */ __name(async (profile) => {
|
|
134
|
+
const { fromSSO } = await Promise.resolve().then(() => __toESM(require("@aws-sdk/credential-provider-sso")));
|
|
135
|
+
return fromSSO({
|
|
136
|
+
profile
|
|
119
137
|
})();
|
|
120
138
|
}, "resolveSsoCredentials");
|
|
139
|
+
var isSsoProfile = /* @__PURE__ */ __name((arg) => arg && (typeof arg.sso_start_url === "string" || typeof arg.sso_account_id === "string" || typeof arg.sso_session === "string" || typeof arg.sso_region === "string" || typeof arg.sso_role_name === "string"), "isSsoProfile");
|
|
121
140
|
|
|
122
141
|
// src/resolveStaticCredentials.ts
|
|
123
142
|
var isStaticCredsProfile = /* @__PURE__ */ __name((arg) => Boolean(arg) && typeof arg === "object" && typeof arg.aws_access_key_id === "string" && typeof arg.aws_secret_access_key === "string" && ["undefined", "string"].indexOf(typeof arg.aws_session_token) > -1, "isStaticCredsProfile");
|
|
124
|
-
var resolveStaticCredentials = /* @__PURE__ */ __name((profile) =>
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
143
|
+
var resolveStaticCredentials = /* @__PURE__ */ __name((profile, options) => {
|
|
144
|
+
var _a;
|
|
145
|
+
(_a = options == null ? void 0 : options.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-ini", "resolveStaticCredentials");
|
|
146
|
+
return Promise.resolve({
|
|
147
|
+
accessKeyId: profile.aws_access_key_id,
|
|
148
|
+
secretAccessKey: profile.aws_secret_access_key,
|
|
149
|
+
sessionToken: profile.aws_session_token,
|
|
150
|
+
credentialScope: profile.aws_credential_scope
|
|
151
|
+
});
|
|
152
|
+
}, "resolveStaticCredentials");
|
|
130
153
|
|
|
131
154
|
// src/resolveWebIdentityCredentials.ts
|
|
132
|
-
var import_credential_provider_web_identity = require("@aws-sdk/credential-provider-web-identity");
|
|
133
155
|
var isWebIdentityProfile = /* @__PURE__ */ __name((arg) => Boolean(arg) && typeof arg === "object" && typeof arg.web_identity_token_file === "string" && typeof arg.role_arn === "string" && ["undefined", "string"].indexOf(typeof arg.role_session_name) > -1, "isWebIdentityProfile");
|
|
134
|
-
var resolveWebIdentityCredentials = /* @__PURE__ */ __name(async (profile, options) => (
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
156
|
+
var resolveWebIdentityCredentials = /* @__PURE__ */ __name(async (profile, options) => Promise.resolve().then(() => __toESM(require("@aws-sdk/credential-provider-web-identity"))).then(
|
|
157
|
+
({ fromTokenFile }) => fromTokenFile({
|
|
158
|
+
webIdentityTokenFile: profile.web_identity_token_file,
|
|
159
|
+
roleArn: profile.role_arn,
|
|
160
|
+
roleSessionName: profile.role_session_name,
|
|
161
|
+
roleAssumerWithWebIdentity: options.roleAssumerWithWebIdentity
|
|
162
|
+
})()
|
|
163
|
+
), "resolveWebIdentityCredentials");
|
|
140
164
|
|
|
141
165
|
// src/resolveProfileData.ts
|
|
142
166
|
var resolveProfileData = /* @__PURE__ */ __name(async (profileName, profiles, options, visitedProfiles = {}) => {
|
|
143
167
|
const data = profiles[profileName];
|
|
144
168
|
if (Object.keys(visitedProfiles).length > 0 && isStaticCredsProfile(data)) {
|
|
145
|
-
return resolveStaticCredentials(data);
|
|
169
|
+
return resolveStaticCredentials(data, options);
|
|
146
170
|
}
|
|
147
171
|
if (isAssumeRoleProfile(data)) {
|
|
148
172
|
return resolveAssumeRoleCredentials(profileName, profiles, options, visitedProfiles);
|
|
149
173
|
}
|
|
150
174
|
if (isStaticCredsProfile(data)) {
|
|
151
|
-
return resolveStaticCredentials(data);
|
|
175
|
+
return resolveStaticCredentials(data, options);
|
|
152
176
|
}
|
|
153
177
|
if (isWebIdentityProfile(data)) {
|
|
154
178
|
return resolveWebIdentityCredentials(data, options);
|
|
@@ -156,14 +180,16 @@ var resolveProfileData = /* @__PURE__ */ __name(async (profileName, profiles, op
|
|
|
156
180
|
if (isProcessProfile(data)) {
|
|
157
181
|
return resolveProcessCredentials(options, profileName);
|
|
158
182
|
}
|
|
159
|
-
if (
|
|
160
|
-
return resolveSsoCredentials(
|
|
183
|
+
if (isSsoProfile(data)) {
|
|
184
|
+
return await resolveSsoCredentials(profileName);
|
|
161
185
|
}
|
|
162
186
|
throw new import_property_provider.CredentialsProviderError(`Profile ${profileName} could not be found or parsed in shared credentials file.`);
|
|
163
187
|
}, "resolveProfileData");
|
|
164
188
|
|
|
165
189
|
// src/fromIni.ts
|
|
166
190
|
var fromIni = /* @__PURE__ */ __name((init = {}) => async () => {
|
|
191
|
+
var _a;
|
|
192
|
+
(_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-ini", "fromIni");
|
|
167
193
|
const profiles = await (0, import_shared_ini_file_loader.parseKnownFiles)(init);
|
|
168
194
|
return resolveProfileData((0, import_shared_ini_file_loader.getProfileName)(init), profiles, init);
|
|
169
195
|
}, "fromIni");
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
module.exports = require("./index.js");
|
package/dist-es/fromIni.js
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { getProfileName, parseKnownFiles } from "@smithy/shared-ini-file-loader";
|
|
2
2
|
import { resolveProfileData } from "./resolveProfileData";
|
|
3
3
|
export const fromIni = (init = {}) => async () => {
|
|
4
|
+
init.logger?.debug("@aws-sdk/credential-provider-ini", "fromIni");
|
|
4
5
|
const profiles = await parseKnownFiles(init);
|
|
5
6
|
return resolveProfileData(getProfileName(init), profiles, init);
|
|
6
7
|
};
|
|
@@ -12,9 +12,11 @@ export const isAssumeRoleProfile = (arg) => Boolean(arg) &&
|
|
|
12
12
|
const isAssumeRoleWithSourceProfile = (arg) => typeof arg.source_profile === "string" && typeof arg.credential_source === "undefined";
|
|
13
13
|
const isAssumeRoleWithProviderProfile = (arg) => typeof arg.credential_source === "string" && typeof arg.source_profile === "undefined";
|
|
14
14
|
export const resolveAssumeRoleCredentials = async (profileName, profiles, options, visitedProfiles = {}) => {
|
|
15
|
+
options.logger?.debug("@aws-sdk/credential-provider-ini", "resolveAssumeRoleCredentials (STS)");
|
|
15
16
|
const data = profiles[profileName];
|
|
16
17
|
if (!options.roleAssumer) {
|
|
17
|
-
|
|
18
|
+
const { getDefaultRoleAssumer } = await import("./loadSts");
|
|
19
|
+
options.roleAssumer = getDefaultRoleAssumer(options.clientConfig, options.clientPlugins);
|
|
18
20
|
}
|
|
19
21
|
const { source_profile } = data;
|
|
20
22
|
if (source_profile && source_profile in visitedProfiles) {
|
|
@@ -27,7 +29,7 @@ export const resolveAssumeRoleCredentials = async (profileName, profiles, option
|
|
|
27
29
|
...visitedProfiles,
|
|
28
30
|
[source_profile]: true,
|
|
29
31
|
})
|
|
30
|
-
: resolveCredentialSource(data.credential_source, profileName)();
|
|
32
|
+
: (await resolveCredentialSource(data.credential_source, profileName)(options))();
|
|
31
33
|
const params = {
|
|
32
34
|
RoleArn: data.role_arn,
|
|
33
35
|
RoleSessionName: data.role_session_name || `aws-sdk-js-${Date.now()}`,
|
|
@@ -1,14 +1,12 @@
|
|
|
1
|
-
import { fromEnv } from "@aws-sdk/credential-provider-env";
|
|
2
|
-
import { fromContainerMetadata, fromInstanceMetadata } from "@smithy/credential-provider-imds";
|
|
3
1
|
import { CredentialsProviderError } from "@smithy/property-provider";
|
|
4
2
|
export const resolveCredentialSource = (credentialSource, profileName) => {
|
|
5
3
|
const sourceProvidersMap = {
|
|
6
|
-
EcsContainer: fromContainerMetadata,
|
|
7
|
-
Ec2InstanceMetadata: fromInstanceMetadata,
|
|
8
|
-
Environment: fromEnv,
|
|
4
|
+
EcsContainer: (options) => import("@smithy/credential-provider-imds").then(({ fromContainerMetadata }) => fromContainerMetadata(options)),
|
|
5
|
+
Ec2InstanceMetadata: (options) => import("@smithy/credential-provider-imds").then(({ fromInstanceMetadata }) => fromInstanceMetadata(options)),
|
|
6
|
+
Environment: (options) => import("@aws-sdk/credential-provider-env").then(({ fromEnv }) => fromEnv(options)),
|
|
9
7
|
};
|
|
10
8
|
if (credentialSource in sourceProvidersMap) {
|
|
11
|
-
return sourceProvidersMap[credentialSource]
|
|
9
|
+
return sourceProvidersMap[credentialSource];
|
|
12
10
|
}
|
|
13
11
|
else {
|
|
14
12
|
throw new CredentialsProviderError(`Unsupported credential source in profile ${profileName}. Got ${credentialSource}, ` +
|
|
@@ -1,6 +1,5 @@
|
|
|
1
|
-
import { fromProcess } from "@aws-sdk/credential-provider-process";
|
|
2
1
|
export const isProcessProfile = (arg) => Boolean(arg) && typeof arg === "object" && typeof arg.credential_process === "string";
|
|
3
|
-
export const resolveProcessCredentials = async (options, profile) => fromProcess({
|
|
2
|
+
export const resolveProcessCredentials = async (options, profile) => import("@aws-sdk/credential-provider-process").then(({ fromProcess }) => fromProcess({
|
|
4
3
|
...options,
|
|
5
4
|
profile,
|
|
6
|
-
})();
|
|
5
|
+
})());
|
|
@@ -7,13 +7,13 @@ import { isWebIdentityProfile, resolveWebIdentityCredentials } from "./resolveWe
|
|
|
7
7
|
export const resolveProfileData = async (profileName, profiles, options, visitedProfiles = {}) => {
|
|
8
8
|
const data = profiles[profileName];
|
|
9
9
|
if (Object.keys(visitedProfiles).length > 0 && isStaticCredsProfile(data)) {
|
|
10
|
-
return resolveStaticCredentials(data);
|
|
10
|
+
return resolveStaticCredentials(data, options);
|
|
11
11
|
}
|
|
12
12
|
if (isAssumeRoleProfile(data)) {
|
|
13
13
|
return resolveAssumeRoleCredentials(profileName, profiles, options, visitedProfiles);
|
|
14
14
|
}
|
|
15
15
|
if (isStaticCredsProfile(data)) {
|
|
16
|
-
return resolveStaticCredentials(data);
|
|
16
|
+
return resolveStaticCredentials(data, options);
|
|
17
17
|
}
|
|
18
18
|
if (isWebIdentityProfile(data)) {
|
|
19
19
|
return resolveWebIdentityCredentials(data, options);
|
|
@@ -22,7 +22,7 @@ export const resolveProfileData = async (profileName, profiles, options, visited
|
|
|
22
22
|
return resolveProcessCredentials(options, profileName);
|
|
23
23
|
}
|
|
24
24
|
if (isSsoProfile(data)) {
|
|
25
|
-
return resolveSsoCredentials(
|
|
25
|
+
return await resolveSsoCredentials(profileName);
|
|
26
26
|
}
|
|
27
27
|
throw new CredentialsProviderError(`Profile ${profileName} could not be found or parsed in shared credentials file.`);
|
|
28
28
|
};
|
|
@@ -1,12 +1,12 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
export const resolveSsoCredentials = (data) => {
|
|
4
|
-
const { sso_start_url, sso_account_id, sso_session, sso_region, sso_role_name } = validateSsoProfile(data);
|
|
1
|
+
export const resolveSsoCredentials = async (profile) => {
|
|
2
|
+
const { fromSSO } = await import("@aws-sdk/credential-provider-sso");
|
|
5
3
|
return fromSSO({
|
|
6
|
-
|
|
7
|
-
ssoAccountId: sso_account_id,
|
|
8
|
-
ssoSession: sso_session,
|
|
9
|
-
ssoRegion: sso_region,
|
|
10
|
-
ssoRoleName: sso_role_name,
|
|
4
|
+
profile,
|
|
11
5
|
})();
|
|
12
6
|
};
|
|
7
|
+
export const isSsoProfile = (arg) => arg &&
|
|
8
|
+
(typeof arg.sso_start_url === "string" ||
|
|
9
|
+
typeof arg.sso_account_id === "string" ||
|
|
10
|
+
typeof arg.sso_session === "string" ||
|
|
11
|
+
typeof arg.sso_region === "string" ||
|
|
12
|
+
typeof arg.sso_role_name === "string");
|
|
@@ -3,9 +3,12 @@ export const isStaticCredsProfile = (arg) => Boolean(arg) &&
|
|
|
3
3
|
typeof arg.aws_access_key_id === "string" &&
|
|
4
4
|
typeof arg.aws_secret_access_key === "string" &&
|
|
5
5
|
["undefined", "string"].indexOf(typeof arg.aws_session_token) > -1;
|
|
6
|
-
export const resolveStaticCredentials = (profile) =>
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
6
|
+
export const resolveStaticCredentials = (profile, options) => {
|
|
7
|
+
options?.logger?.debug("@aws-sdk/credential-provider-ini", "resolveStaticCredentials");
|
|
8
|
+
return Promise.resolve({
|
|
9
|
+
accessKeyId: profile.aws_access_key_id,
|
|
10
|
+
secretAccessKey: profile.aws_secret_access_key,
|
|
11
|
+
sessionToken: profile.aws_session_token,
|
|
12
|
+
credentialScope: profile.aws_credential_scope,
|
|
13
|
+
});
|
|
14
|
+
};
|
|
@@ -1,12 +1,11 @@
|
|
|
1
|
-
import { fromTokenFile } from "@aws-sdk/credential-provider-web-identity";
|
|
2
1
|
export const isWebIdentityProfile = (arg) => Boolean(arg) &&
|
|
3
2
|
typeof arg === "object" &&
|
|
4
3
|
typeof arg.web_identity_token_file === "string" &&
|
|
5
4
|
typeof arg.role_arn === "string" &&
|
|
6
5
|
["undefined", "string"].indexOf(typeof arg.role_session_name) > -1;
|
|
7
|
-
export const resolveWebIdentityCredentials = async (profile, options) => fromTokenFile({
|
|
6
|
+
export const resolveWebIdentityCredentials = async (profile, options) => import("@aws-sdk/credential-provider-web-identity").then(({ fromTokenFile }) => fromTokenFile({
|
|
8
7
|
webIdentityTokenFile: profile.web_identity_token_file,
|
|
9
8
|
roleArn: profile.role_arn,
|
|
10
9
|
roleSessionName: profile.role_session_name,
|
|
11
10
|
roleAssumerWithWebIdentity: options.roleAssumerWithWebIdentity,
|
|
12
|
-
})();
|
|
11
|
+
})());
|
package/dist-types/fromIni.d.ts
CHANGED
|
@@ -1,11 +1,13 @@
|
|
|
1
|
-
import { AssumeRoleWithWebIdentityParams } from "@aws-sdk/credential-provider-web-identity";
|
|
1
|
+
import type { AssumeRoleWithWebIdentityParams } from "@aws-sdk/credential-provider-web-identity";
|
|
2
|
+
import type { CredentialProviderOptions } from "@aws-sdk/types";
|
|
2
3
|
import { SourceProfileInit } from "@smithy/shared-ini-file-loader";
|
|
3
|
-
import { AwsCredentialIdentity, AwsCredentialIdentityProvider } from "@smithy/types";
|
|
4
|
+
import type { AwsCredentialIdentity, AwsCredentialIdentityProvider, Pluggable } from "@smithy/types";
|
|
5
|
+
import type { STSClientConfig } from "./loadSts";
|
|
4
6
|
import { AssumeRoleParams } from "./resolveAssumeRoleCredentials";
|
|
5
7
|
/**
|
|
6
|
-
* @
|
|
8
|
+
* @public
|
|
7
9
|
*/
|
|
8
|
-
export interface FromIniInit extends SourceProfileInit {
|
|
10
|
+
export interface FromIniInit extends SourceProfileInit, CredentialProviderOptions {
|
|
9
11
|
/**
|
|
10
12
|
* A function that returns a promise fulfilled with an MFA token code for
|
|
11
13
|
* the provided MFA Serial code. If a profile requires an MFA code and
|
|
@@ -31,6 +33,8 @@ export interface FromIniInit extends SourceProfileInit {
|
|
|
31
33
|
* @param params
|
|
32
34
|
*/
|
|
33
35
|
roleAssumerWithWebIdentity?: (params: AssumeRoleWithWebIdentityParams) => Promise<AwsCredentialIdentity>;
|
|
36
|
+
clientConfig?: STSClientConfig;
|
|
37
|
+
clientPlugins?: Pluggable<any, any>[];
|
|
34
38
|
}
|
|
35
39
|
/**
|
|
36
40
|
* @internal
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { ParsedIniData } from "@smithy/types";
|
|
1
|
+
import { AwsCredentialIdentity, ParsedIniData } from "@smithy/types";
|
|
2
2
|
import { FromIniInit } from "./fromIni";
|
|
3
3
|
/**
|
|
4
4
|
* @internal
|
|
@@ -41,4 +41,4 @@ export declare const isAssumeRoleProfile: (arg: any) => boolean;
|
|
|
41
41
|
/**
|
|
42
42
|
* @internal
|
|
43
43
|
*/
|
|
44
|
-
export declare const resolveAssumeRoleCredentials: (profileName: string, profiles: ParsedIniData, options: FromIniInit, visitedProfiles?: Record<string, true>) => Promise<
|
|
44
|
+
export declare const resolveAssumeRoleCredentials: (profileName: string, profiles: ParsedIniData, options: FromIniInit, visitedProfiles?: Record<string, true>) => Promise<AwsCredentialIdentity>;
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import type { CredentialProviderOptions } from "@aws-sdk/types";
|
|
1
2
|
import { AwsCredentialIdentityProvider } from "@smithy/types";
|
|
2
3
|
/**
|
|
3
4
|
* @internal
|
|
@@ -8,4 +9,4 @@ import { AwsCredentialIdentityProvider } from "@smithy/types";
|
|
|
8
9
|
* fromIni() provider. The source credential needs to be refreshed every time
|
|
9
10
|
* fromIni() is called.
|
|
10
11
|
*/
|
|
11
|
-
export declare const resolveCredentialSource: (credentialSource: string, profileName: string) => AwsCredentialIdentityProvider
|
|
12
|
+
export declare const resolveCredentialSource: (credentialSource: string, profileName: string) => (options?: CredentialProviderOptions) => Promise<AwsCredentialIdentityProvider>;
|
|
@@ -1,9 +1,11 @@
|
|
|
1
|
-
import { SsoProfile } from "@aws-sdk/credential-provider-sso";
|
|
1
|
+
import type { SsoProfile } from "@aws-sdk/credential-provider-sso";
|
|
2
|
+
import type { Profile } from "@smithy/types";
|
|
2
3
|
/**
|
|
3
4
|
* @internal
|
|
4
5
|
*/
|
|
5
|
-
export
|
|
6
|
+
export declare const resolveSsoCredentials: (profile: string) => Promise<import("@smithy/types").AwsCredentialIdentity>;
|
|
6
7
|
/**
|
|
7
8
|
* @internal
|
|
9
|
+
* duplicated from \@aws-sdk/credential-provider-sso to defer import.
|
|
8
10
|
*/
|
|
9
|
-
export declare const
|
|
11
|
+
export declare const isSsoProfile: (arg: Profile) => arg is Partial<SsoProfile>;
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { AwsCredentialIdentity, Profile } from "@smithy/types";
|
|
2
|
+
import { FromIniInit } from "./fromIni";
|
|
2
3
|
/**
|
|
3
4
|
* @internal
|
|
4
5
|
*/
|
|
@@ -15,4 +16,4 @@ export declare const isStaticCredsProfile: (arg: any) => arg is StaticCredsProfi
|
|
|
15
16
|
/**
|
|
16
17
|
* @internal
|
|
17
18
|
*/
|
|
18
|
-
export declare const resolveStaticCredentials: (profile: StaticCredsProfile) => Promise<AwsCredentialIdentity>;
|
|
19
|
+
export declare const resolveStaticCredentials: (profile: StaticCredsProfile, options?: FromIniInit) => Promise<AwsCredentialIdentity>;
|
|
@@ -1,11 +1,16 @@
|
|
|
1
1
|
import { AssumeRoleWithWebIdentityParams } from "@aws-sdk/credential-provider-web-identity";
|
|
2
|
+
import { CredentialProviderOptions } from "@aws-sdk/types";
|
|
2
3
|
import { SourceProfileInit } from "@smithy/shared-ini-file-loader";
|
|
3
4
|
import {
|
|
4
5
|
AwsCredentialIdentity,
|
|
5
6
|
AwsCredentialIdentityProvider,
|
|
7
|
+
Pluggable,
|
|
6
8
|
} from "@smithy/types";
|
|
9
|
+
import { STSClientConfig } from "./loadSts";
|
|
7
10
|
import { AssumeRoleParams } from "./resolveAssumeRoleCredentials";
|
|
8
|
-
export interface FromIniInit
|
|
11
|
+
export interface FromIniInit
|
|
12
|
+
extends SourceProfileInit,
|
|
13
|
+
CredentialProviderOptions {
|
|
9
14
|
mfaCodeProvider?: (mfaSerial: string) => Promise<string>;
|
|
10
15
|
roleAssumer?: (
|
|
11
16
|
sourceCreds: AwsCredentialIdentity,
|
|
@@ -14,6 +19,8 @@ export interface FromIniInit extends SourceProfileInit {
|
|
|
14
19
|
roleAssumerWithWebIdentity?: (
|
|
15
20
|
params: AssumeRoleWithWebIdentityParams
|
|
16
21
|
) => Promise<AwsCredentialIdentity>;
|
|
22
|
+
clientConfig?: STSClientConfig;
|
|
23
|
+
clientPlugins?: Pluggable<any, any>[];
|
|
17
24
|
}
|
|
18
25
|
export declare const fromIni: (
|
|
19
26
|
init?: FromIniInit
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { ParsedIniData } from "@smithy/types";
|
|
1
|
+
import { AwsCredentialIdentity, ParsedIniData } from "@smithy/types";
|
|
2
2
|
import { FromIniInit } from "./fromIni";
|
|
3
3
|
export interface AssumeRoleParams {
|
|
4
4
|
RoleArn: string;
|
|
@@ -14,4 +14,4 @@ export declare const resolveAssumeRoleCredentials: (
|
|
|
14
14
|
profiles: ParsedIniData,
|
|
15
15
|
options: FromIniInit,
|
|
16
16
|
visitedProfiles?: Record<string, true>
|
|
17
|
-
) => Promise<
|
|
17
|
+
) => Promise<AwsCredentialIdentity>;
|
|
@@ -1,5 +1,8 @@
|
|
|
1
|
+
import { CredentialProviderOptions } from "@aws-sdk/types";
|
|
1
2
|
import { AwsCredentialIdentityProvider } from "@smithy/types";
|
|
2
3
|
export declare const resolveCredentialSource: (
|
|
3
4
|
credentialSource: string,
|
|
4
5
|
profileName: string
|
|
5
|
-
) =>
|
|
6
|
+
) => (
|
|
7
|
+
options?: CredentialProviderOptions
|
|
8
|
+
) => Promise<AwsCredentialIdentityProvider>;
|
|
@@ -1,5 +1,4 @@
|
|
|
1
|
-
import { Credentials } from "@aws-sdk/types";
|
|
2
|
-
import { Profile } from "@smithy/types";
|
|
1
|
+
import { Credentials, Profile } from "@aws-sdk/types";
|
|
3
2
|
import { FromIniInit } from "./fromIni";
|
|
4
3
|
export interface ProcessProfile extends Profile {
|
|
5
4
|
credential_process: string;
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { SsoProfile } from "@aws-sdk/credential-provider-sso";
|
|
2
|
-
|
|
2
|
+
import { Profile } from "@smithy/types";
|
|
3
3
|
export declare const resolveSsoCredentials: (
|
|
4
|
-
|
|
4
|
+
profile: string
|
|
5
5
|
) => Promise<import("@smithy/types").AwsCredentialIdentity>;
|
|
6
|
+
export declare const isSsoProfile: (arg: Profile) => arg is Partial<SsoProfile>;
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { AwsCredentialIdentity, Profile } from "@smithy/types";
|
|
2
|
+
import { FromIniInit } from "./fromIni";
|
|
2
3
|
export interface StaticCredsProfile extends Profile {
|
|
3
4
|
aws_access_key_id: string;
|
|
4
5
|
aws_secret_access_key: string;
|
|
@@ -9,5 +10,6 @@ export declare const isStaticCredsProfile: (
|
|
|
9
10
|
arg: any
|
|
10
11
|
) => arg is StaticCredsProfile;
|
|
11
12
|
export declare const resolveStaticCredentials: (
|
|
12
|
-
profile: StaticCredsProfile
|
|
13
|
+
profile: StaticCredsProfile,
|
|
14
|
+
options?: FromIniInit
|
|
13
15
|
) => Promise<AwsCredentialIdentity>;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@aws-sdk/credential-provider-ini",
|
|
3
|
-
"version": "3.
|
|
3
|
+
"version": "3.503.0",
|
|
4
4
|
"description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config",
|
|
5
5
|
"main": "./dist-cjs/index.js",
|
|
6
6
|
"module": "./dist-es/index.js",
|
|
@@ -24,11 +24,12 @@
|
|
|
24
24
|
},
|
|
25
25
|
"license": "Apache-2.0",
|
|
26
26
|
"dependencies": {
|
|
27
|
-
"@aws-sdk/
|
|
28
|
-
"@aws-sdk/credential-provider-
|
|
29
|
-
"@aws-sdk/credential-provider-
|
|
30
|
-
"@aws-sdk/credential-provider-
|
|
31
|
-
"@aws-sdk/
|
|
27
|
+
"@aws-sdk/client-sts": "3.502.0",
|
|
28
|
+
"@aws-sdk/credential-provider-env": "3.502.0",
|
|
29
|
+
"@aws-sdk/credential-provider-process": "3.502.0",
|
|
30
|
+
"@aws-sdk/credential-provider-sso": "3.502.0",
|
|
31
|
+
"@aws-sdk/credential-provider-web-identity": "3.502.0",
|
|
32
|
+
"@aws-sdk/types": "3.502.0",
|
|
32
33
|
"@smithy/credential-provider-imds": "^2.2.1",
|
|
33
34
|
"@smithy/property-provider": "^2.1.1",
|
|
34
35
|
"@smithy/shared-ini-file-loader": "^2.3.1",
|