@aws-sdk/credential-provider-sso 3.181.0 → 3.183.0

package/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [3.183.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.182.0...v3.183.0) (2022-10-03)
+
+**Note:** Version bump only for package @aws-sdk/credential-provider-sso
+
+
+
+
+
 # [3.181.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.180.0...v3.181.0) (2022-09-29)
 
 **Note:** Version bump only for package @aws-sdk/credential-provider-sso

package/dist-es/fromSSO.js

@@ -1,45 +1,31 @@
-import { __awaiter, __generator } from "tslib";
 import { CredentialsProviderError } from "@aws-sdk/property-provider";
 import { getProfileName, parseKnownFiles } from "@aws-sdk/shared-ini-file-loader";
 import { isSsoProfile } from "./isSsoProfile";
 import { resolveSSOCredentials } from "./resolveSSOCredentials";
 import { validateSsoProfile } from "./validateSsoProfile";
-export var fromSSO = function (init) {
-    if (init === void 0) { init = {}; }
-    return function () { return __awaiter(void 0, void 0, void 0, function () {
-        var ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, profiles, profileName, profile, _a, sso_start_url, sso_account_id, sso_region, sso_role_name;
-        return __generator(this, function (_b) {
-            switch (_b.label) {
-                case 0:
-                    ssoStartUrl = init.ssoStartUrl, ssoAccountId = init.ssoAccountId, ssoRegion = init.ssoRegion, ssoRoleName = init.ssoRoleName, ssoClient = init.ssoClient;
-                    if (!(!ssoStartUrl && !ssoAccountId && !ssoRegion && !ssoRoleName)) return [3, 2];
-                    return [4, parseKnownFiles(init)];
-                case 1:
-                    profiles = _b.sent();
-                    profileName = getProfileName(init);
-                    profile = profiles[profileName];
-                    if (!isSsoProfile(profile)) {
-                        throw new CredentialsProviderError("Profile ".concat(profileName, " is not configured with SSO credentials."));
-                    }
-                    _a = validateSsoProfile(profile), sso_start_url = _a.sso_start_url, sso_account_id = _a.sso_account_id, sso_region = _a.sso_region, sso_role_name = _a.sso_role_name;
-                    return [2, resolveSSOCredentials({
-                            ssoStartUrl: sso_start_url,
-                            ssoAccountId: sso_account_id,
-                            ssoRegion: sso_region,
-                            ssoRoleName: sso_role_name,
-                            ssoClient: ssoClient,
-                        })];
-                case 2:
-                    if (!ssoStartUrl || !ssoAccountId || !ssoRegion || !ssoRoleName) {
-                        throw new CredentialsProviderError('Incomplete configuration. The fromSSO() argument hash must include "ssoStartUrl",' +
-                            ' "ssoAccountId", "ssoRegion", "ssoRoleName"');
-                    }
-                    else {
-                        return [2, resolveSSOCredentials({ ssoStartUrl: ssoStartUrl, ssoAccountId: ssoAccountId, ssoRegion: ssoRegion, ssoRoleName: ssoRoleName, ssoClient: ssoClient })];
-                    }
-                    _b.label = 3;
-                case 3: return [2];
-            }
+export const fromSSO = (init = {}) => async () => {
+    const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoClient } = init;
+    if (!ssoStartUrl && !ssoAccountId && !ssoRegion && !ssoRoleName) {
+        const profiles = await parseKnownFiles(init);
+        const profileName = getProfileName(init);
+        const profile = profiles[profileName];
+        if (!isSsoProfile(profile)) {
+            throw new CredentialsProviderError(`Profile ${profileName} is not configured with SSO credentials.`);
+        }
+        const { sso_start_url, sso_account_id, sso_region, sso_role_name } = validateSsoProfile(profile);
+        return resolveSSOCredentials({
+            ssoStartUrl: sso_start_url,
+            ssoAccountId: sso_account_id,
+            ssoRegion: sso_region,
+            ssoRoleName: sso_role_name,
+            ssoClient: ssoClient,
         });
-    }); };
+    }
+    else if (!ssoStartUrl || !ssoAccountId || !ssoRegion || !ssoRoleName) {
+        throw new CredentialsProviderError('Incomplete configuration. The fromSSO() argument hash must include "ssoStartUrl",' +
+            ' "ssoAccountId", "ssoRegion", "ssoRoleName"');
+    }
+    else {
+        return resolveSSOCredentials({ ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoClient });
+    }
 };

package/dist-es/isSsoProfile.js

@@ -1,7 +1,5 @@
-export var isSsoProfile = function (arg) {
-    return arg &&
-        (typeof arg.sso_start_url === "string" ||
-            typeof arg.sso_account_id === "string" ||
-            typeof arg.sso_region === "string" ||
-            typeof arg.sso_role_name === "string");
-};
+export const isSsoProfile = (arg) => arg &&
+    (typeof arg.sso_start_url === "string" ||
+        typeof arg.sso_account_id === "string" ||
+        typeof arg.sso_region === "string" ||
+        typeof arg.sso_role_name === "string");

package/dist-es/resolveSSOCredentials.js

@@ -1,54 +1,36 @@
-import { __awaiter, __generator } from "tslib";
 import { GetRoleCredentialsCommand, SSOClient } from "@aws-sdk/client-sso";
 import { CredentialsProviderError } from "@aws-sdk/property-provider";
 import { getSSOTokenFromFile } from "@aws-sdk/shared-ini-file-loader";
-var EXPIRE_WINDOW_MS = 15 * 60 * 1000;
-var SHOULD_FAIL_CREDENTIAL_CHAIN = false;
-export var resolveSSOCredentials = function (_a) {
-    var ssoStartUrl = _a.ssoStartUrl, ssoAccountId = _a.ssoAccountId, ssoRegion = _a.ssoRegion, ssoRoleName = _a.ssoRoleName, ssoClient = _a.ssoClient;
-    return __awaiter(void 0, void 0, void 0, function () {
-        var token, refreshMessage, e_1, accessToken, sso, ssoResp, e_2, _b, _c, accessKeyId, secretAccessKey, sessionToken, expiration;
-        return __generator(this, function (_d) {
-            switch (_d.label) {
-                case 0:
-                    refreshMessage = "To refresh this SSO session run aws sso login with the corresponding profile.";
-                    _d.label = 1;
-                case 1:
-                    _d.trys.push([1, 3, , 4]);
-                    return [4, getSSOTokenFromFile(ssoStartUrl)];
-                case 2:
-                    token = _d.sent();
-                    return [3, 4];
-                case 3:
-                    e_1 = _d.sent();
-                    throw new CredentialsProviderError("The SSO session associated with this profile is invalid. ".concat(refreshMessage), SHOULD_FAIL_CREDENTIAL_CHAIN);
-                case 4:
-                    if (new Date(token.expiresAt).getTime() - Date.now() <= EXPIRE_WINDOW_MS) {
-                        throw new CredentialsProviderError("The SSO session associated with this profile has expired. ".concat(refreshMessage), SHOULD_FAIL_CREDENTIAL_CHAIN);
-                    }
-                    accessToken = token.accessToken;
-                    sso = ssoClient || new SSOClient({ region: ssoRegion });
-                    _d.label = 5;
-                case 5:
-                    _d.trys.push([5, 7, , 8]);
-                    return [4, sso.send(new GetRoleCredentialsCommand({
-                            accountId: ssoAccountId,
-                            roleName: ssoRoleName,
-                            accessToken: accessToken,
-                        }))];
-                case 6:
-                    ssoResp = _d.sent();
-                    return [3, 8];
-                case 7:
-                    e_2 = _d.sent();
-                    throw CredentialsProviderError.from(e_2, SHOULD_FAIL_CREDENTIAL_CHAIN);
-                case 8:
-                    _b = ssoResp.roleCredentials, _c = _b === void 0 ? {} : _b, accessKeyId = _c.accessKeyId, secretAccessKey = _c.secretAccessKey, sessionToken = _c.sessionToken, expiration = _c.expiration;
-                    if (!accessKeyId || !secretAccessKey || !sessionToken || !expiration) {
-                        throw new CredentialsProviderError("SSO returns an invalid temporary credential.", SHOULD_FAIL_CREDENTIAL_CHAIN);
-                    }
-                    return [2, { accessKeyId: accessKeyId, secretAccessKey: secretAccessKey, sessionToken: sessionToken, expiration: new Date(expiration) }];
-            }
-        });
-    });
+const EXPIRE_WINDOW_MS = 15 * 60 * 1000;
+const SHOULD_FAIL_CREDENTIAL_CHAIN = false;
+export const resolveSSOCredentials = async ({ ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, }) => {
+    let token;
+    const refreshMessage = `To refresh this SSO session run aws sso login with the corresponding profile.`;
+    try {
+        token = await getSSOTokenFromFile(ssoStartUrl);
+    }
+    catch (e) {
+        throw new CredentialsProviderError(`The SSO session associated with this profile is invalid. ${refreshMessage}`, SHOULD_FAIL_CREDENTIAL_CHAIN);
+    }
+    if (new Date(token.expiresAt).getTime() - Date.now() <= EXPIRE_WINDOW_MS) {
+        throw new CredentialsProviderError(`The SSO session associated with this profile has expired. ${refreshMessage}`, SHOULD_FAIL_CREDENTIAL_CHAIN);
+    }
+    const { accessToken } = token;
+    const sso = ssoClient || new SSOClient({ region: ssoRegion });
+    let ssoResp;
+    try {
+        ssoResp = await sso.send(new GetRoleCredentialsCommand({
+            accountId: ssoAccountId,
+            roleName: ssoRoleName,
+            accessToken,
+        }));
+    }
+    catch (e) {
+        throw CredentialsProviderError.from(e, SHOULD_FAIL_CREDENTIAL_CHAIN);
+    }
+    const { roleCredentials: { accessKeyId, secretAccessKey, sessionToken, expiration } = {} } = ssoResp;
+    if (!accessKeyId || !secretAccessKey || !sessionToken || !expiration) {
+        throw new CredentialsProviderError("SSO returns an invalid temporary credential.", SHOULD_FAIL_CREDENTIAL_CHAIN);
+    }
+    return { accessKeyId, secretAccessKey, sessionToken, expiration: new Date(expiration) };
 };

package/dist-es/validateSsoProfile.js

@@ -1,9 +1,9 @@
 import { CredentialsProviderError } from "@aws-sdk/property-provider";
-export var validateSsoProfile = function (profile) {
-    var sso_start_url = profile.sso_start_url, sso_account_id = profile.sso_account_id, sso_region = profile.sso_region, sso_role_name = profile.sso_role_name;
+export const validateSsoProfile = (profile) => {
+    const { sso_start_url, sso_account_id, sso_region, sso_role_name } = profile;
     if (!sso_start_url || !sso_account_id || !sso_region || !sso_role_name) {
-        throw new CredentialsProviderError("Profile is configured with invalid SSO credentials. Required parameters \"sso_account_id\", \"sso_region\", " +
-            "\"sso_role_name\", \"sso_start_url\". Got ".concat(Object.keys(profile).join(", "), "\nReference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html"), false);
+        throw new CredentialsProviderError(`Profile is configured with invalid SSO credentials. Required parameters "sso_account_id", "sso_region", ` +
+            `"sso_role_name", "sso_start_url". Got ${Object.keys(profile).join(", ")}\nReference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html`, false);
     }
     return profile;
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aws-sdk/credential-provider-sso",
-  "version": "3.181.0",
+  "version": "3.183.0",
   "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials",
   "main": "./dist-cjs/index.js",
   "module": "./dist-es/index.js",
@@ -24,10 +24,10 @@
   },
   "license": "Apache-2.0",
   "dependencies": {
-    "@aws-sdk/client-sso": "3.181.0",
-    "@aws-sdk/property-provider": "3.178.0",
-    "@aws-sdk/shared-ini-file-loader": "3.178.0",
-    "@aws-sdk/types": "3.178.0",
+    "@aws-sdk/client-sso": "3.183.0",
+    "@aws-sdk/property-provider": "3.183.0",
+    "@aws-sdk/shared-ini-file-loader": "3.183.0",
+    "@aws-sdk/types": "3.183.0",
     "tslib": "^2.3.1"
   },
   "devDependencies": {