npm - @aws-sdk/credential-provider-sso - Versions diffs - 3.501.0 → 3.503.1 - Mend

@aws-sdk/credential-provider-sso 3.501.0 → 3.503.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/dist-cjs/index.js +31 -7
package/dist-cjs/loadSso.js +1 -0
package/dist-es/fromSSO.js +5 -1
package/dist-es/loadSso.js +2 -0
package/dist-es/resolveSSOCredentials.js +7 -5
package/dist-types/fromSSO.d.ts +4 -2
package/dist-types/loadSso.d.ts +3 -0
package/dist-types/resolveSSOCredentials.d.ts +1 -1
package/dist-types/ts3.4/fromSSO.d.ts +6 -2
package/dist-types/ts3.4/loadSso.d.ts +6 -0
package/dist-types/ts3.4/resolveSSOCredentials.d.ts +1 -0
package/package.json +4 -4

package/dist-cjs/index.js CHANGED Viewed

@@ -3,6 +3,9 @@ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
 var __export = (target, all) => {
   for (var name in all)
     __defProp(target, name, { get: all[name], enumerable: true });
@@ -17,6 +20,19 @@ var __copyProps = (to, from, except, desc) => {
 };
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+// src/loadSso.ts
+var loadSso_exports = {};
+__export(loadSso_exports, {
+  GetRoleCredentialsCommand: () => import_client_sso.GetRoleCredentialsCommand,
+  SSOClient: () => import_client_sso.SSOClient
+});
+var import_client_sso;
+var init_loadSso = __esm({
+  "src/loadSso.ts"() {
+    import_client_sso = require("@aws-sdk/client-sso");
+  }
+});
 // src/index.ts
 var src_exports = {};
 __export(src_exports, {
@@ -34,7 +50,6 @@ module.exports = __toCommonJS(src_exports);
 var isSsoProfile = /* @__PURE__ */ __name((arg) => arg && (typeof arg.sso_start_url === "string" || typeof arg.sso_account_id === "string" || typeof arg.sso_session === "string" || typeof arg.sso_region === "string" || typeof arg.sso_role_name === "string"), "isSsoProfile");
 // src/resolveSSOCredentials.ts
-var import_client_sso = require("@aws-sdk/client-sso");
 var import_token_providers = require("@aws-sdk/token-providers");
 var import_property_provider = require("@smithy/property-provider");
 var import_shared_ini_file_loader = require("@smithy/shared-ini-file-loader");
@@ -46,9 +61,9 @@ var resolveSSOCredentials = /* @__PURE__ */ __name(async ({
   ssoRegion,
   ssoRoleName,
   ssoClient,
+  clientConfig,
   profile
 }) => {
-  var _a;
   let token;
   const refreshMessage = `To refresh this SSO session run aws sso login with the corresponding profile.`;
   if (ssoSession) {
@@ -78,11 +93,16 @@ var resolveSSOCredentials = /* @__PURE__ */ __name(async ({
     );
   }
   const { accessToken } = token;
-  const sso = ssoClient || new import_client_sso.SSOClient({ region: ssoRegion });
+  const { SSOClient: SSOClient2, GetRoleCredentialsCommand: GetRoleCredentialsCommand2 } = await Promise.resolve().then(() => (init_loadSso(), loadSso_exports));
+  const sso = ssoClient || new SSOClient2(
+    Object.assign({}, clientConfig ?? {}, {
+      region: (clientConfig == null ? void 0 : clientConfig.region) ?? ssoRegion
+    })
+  );
   let ssoResp;
   try {
     ssoResp = await sso.send(
-      new import_client_sso.GetRoleCredentialsCommand({
+      new GetRoleCredentialsCommand2({
         accountId: ssoAccountId,
         roleName: ssoRoleName,
         accessToken
@@ -91,8 +111,7 @@ var resolveSSOCredentials = /* @__PURE__ */ __name(async ({
   } catch (e) {
     throw import_property_provider.CredentialsProviderError.from(e, SHOULD_FAIL_CREDENTIAL_CHAIN);
   }
-  const { roleCredentials: { accessKeyId, secretAccessKey, sessionToken, expiration } = {} } = ssoResp;
-  const credentialScope = (_a = ssoResp == null ? void 0 : ssoResp.roleCredentials) == null ? void 0 : _a.credentialScope;
+  const { roleCredentials: { accessKeyId, secretAccessKey, sessionToken, expiration, credentialScope } = {} } = ssoResp;
   if (!accessKeyId || !secretAccessKey || !sessionToken || !expiration) {
     throw new import_property_provider.CredentialsProviderError("SSO returns an invalid temporary credential.", SHOULD_FAIL_CREDENTIAL_CHAIN);
   }
@@ -117,7 +136,10 @@ Reference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.ht
 // src/fromSSO.ts
 var fromSSO = /* @__PURE__ */ __name((init = {}) => async () => {
-  const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, ssoSession } = init;
+  var _a;
+  (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-sso", "fromSSO");
+  const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoSession } = init;
+  const { ssoClient } = init;
   const profileName = (0, import_shared_ini_file_loader.getProfileName)(init);
   if (!ssoStartUrl && !ssoAccountId && !ssoRegion && !ssoRoleName && !ssoSession) {
     const profiles = await (0, import_shared_ini_file_loader.parseKnownFiles)(init);
@@ -149,6 +171,7 @@ var fromSSO = /* @__PURE__ */ __name((init = {}) => async () => {
       ssoRegion: sso_region,
       ssoRoleName: sso_role_name,
       ssoClient,
+      clientConfig: init.clientConfig,
       profile: profileName
     });
   } else if (!ssoStartUrl || !ssoAccountId || !ssoRegion || !ssoRoleName) {
@@ -163,6 +186,7 @@ var fromSSO = /* @__PURE__ */ __name((init = {}) => async () => {
       ssoRegion,
       ssoRoleName,
       ssoClient,
+      clientConfig: init.clientConfig,
       profile: profileName
     });
   }

package/dist-cjs/loadSso.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ module.exports = require("./index.js");

package/dist-es/fromSSO.js CHANGED Viewed

@@ -4,7 +4,9 @@ import { isSsoProfile } from "./isSsoProfile";
 import { resolveSSOCredentials } from "./resolveSSOCredentials";
 import { validateSsoProfile } from "./validateSsoProfile";
 export const fromSSO = (init = {}) => async () => {
-    const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, ssoSession } = init;
+    init.logger?.debug("@aws-sdk/credential-provider-sso", "fromSSO");
+    const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoSession } = init;
+    const { ssoClient } = init;
     const profileName = getProfileName(init);
     if (!ssoStartUrl && !ssoAccountId && !ssoRegion && !ssoRoleName && !ssoSession) {
         const profiles = await parseKnownFiles(init);
@@ -36,6 +38,7 @@ export const fromSSO = (init = {}) => async () => {
             ssoRegion: sso_region,
             ssoRoleName: sso_role_name,
             ssoClient: ssoClient,
+            clientConfig: init.clientConfig,
             profile: profileName,
         });
     }
@@ -51,6 +54,7 @@ export const fromSSO = (init = {}) => async () => {
             ssoRegion,
             ssoRoleName,
             ssoClient,
+            clientConfig: init.clientConfig,
             profile: profileName,
         });
     }

package/dist-es/loadSso.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import { GetRoleCredentialsCommand, SSOClient } from "@aws-sdk/client-sso";
2	+ export { GetRoleCredentialsCommand, SSOClient };

package/dist-es/resolveSSOCredentials.js CHANGED Viewed

@@ -1,9 +1,8 @@
-import { GetRoleCredentialsCommand, SSOClient } from "@aws-sdk/client-sso";
 import { fromSso as getSsoTokenProvider } from "@aws-sdk/token-providers";
 import { CredentialsProviderError } from "@smithy/property-provider";
 import { getSSOTokenFromFile } from "@smithy/shared-ini-file-loader";
 const SHOULD_FAIL_CREDENTIAL_CHAIN = false;
-export const resolveSSOCredentials = async ({ ssoStartUrl, ssoSession, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, profile, }) => {
+export const resolveSSOCredentials = async ({ ssoStartUrl, ssoSession, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, clientConfig, profile, }) => {
     let token;
     const refreshMessage = `To refresh this SSO session run aws sso login with the corresponding profile.`;
     if (ssoSession) {
@@ -30,7 +29,11 @@ export const resolveSSOCredentials = async ({ ssoStartUrl, ssoSession, ssoAccoun
         throw new CredentialsProviderError(`The SSO session associated with this profile has expired. ${refreshMessage}`, SHOULD_FAIL_CREDENTIAL_CHAIN);
     }
     const { accessToken } = token;
-    const sso = ssoClient || new SSOClient({ region: ssoRegion });
+    const { SSOClient, GetRoleCredentialsCommand } = await import("./loadSso");
+    const sso = ssoClient ||
+        new SSOClient(Object.assign({}, clientConfig ?? {}, {
+            region: clientConfig?.region ?? ssoRegion,
+        }));
     let ssoResp;
     try {
         ssoResp = await sso.send(new GetRoleCredentialsCommand({
@@ -42,8 +45,7 @@ export const resolveSSOCredentials = async ({ ssoStartUrl, ssoSession, ssoAccoun
     catch (e) {
         throw CredentialsProviderError.from(e, SHOULD_FAIL_CREDENTIAL_CHAIN);
     }
-    const { roleCredentials: { accessKeyId, secretAccessKey, sessionToken, expiration } = {} } = ssoResp;
-    const credentialScope = ssoResp?.roleCredentials?.credentialScope;
+    const { roleCredentials: { accessKeyId, secretAccessKey, sessionToken, expiration, credentialScope } = {} } = ssoResp;
     if (!accessKeyId || !secretAccessKey || !sessionToken || !expiration) {
         throw new CredentialsProviderError("SSO returns an invalid temporary credential.", SHOULD_FAIL_CREDENTIAL_CHAIN);
     }

package/dist-types/fromSSO.d.ts CHANGED Viewed

@@ -1,6 +1,7 @@
-import { SSOClient } from "@aws-sdk/client-sso";
+import type { CredentialProviderOptions } from "@aws-sdk/types";
 import { SourceProfileInit } from "@smithy/shared-ini-file-loader";
 import { AwsCredentialIdentityProvider } from "@smithy/types";
+import type { SSOClient, SSOClientConfig } from "./loadSso";
 /**
  * @internal
  */
@@ -30,8 +31,9 @@ export interface SsoCredentialsParameters {
 /**
  * @internal
  */
-export interface FromSSOInit extends SourceProfileInit {
+export interface FromSSOInit extends SourceProfileInit, CredentialProviderOptions {
     ssoClient?: SSOClient;
+    clientConfig?: SSOClientConfig;
 }
 /**
  * @internal

package/dist-types/loadSso.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import { GetRoleCredentialsCommand, SSOClient } from "@aws-sdk/client-sso";
+export { GetRoleCredentialsCommand, SSOClient };
+export type { SSOClientConfig, GetRoleCredentialsCommandOutput } from "@aws-sdk/client-sso";

package/dist-types/resolveSSOCredentials.d.ts CHANGED Viewed

@@ -3,4 +3,4 @@ import { FromSSOInit, SsoCredentialsParameters } from "./fromSSO";
 /**
  * @internal
  */
-export declare const resolveSSOCredentials: ({ ssoStartUrl, ssoSession, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, profile, }: FromSSOInit & SsoCredentialsParameters) => Promise<AwsCredentialIdentity>;
+export declare const resolveSSOCredentials: ({ ssoStartUrl, ssoSession, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, clientConfig, profile, }: FromSSOInit & SsoCredentialsParameters) => Promise<AwsCredentialIdentity>;

package/dist-types/ts3.4/fromSSO.d.ts CHANGED Viewed

@@ -1,6 +1,7 @@
-import { SSOClient } from "@aws-sdk/client-sso";
+import { CredentialProviderOptions } from "@aws-sdk/types";
 import { SourceProfileInit } from "@smithy/shared-ini-file-loader";
 import { AwsCredentialIdentityProvider } from "@smithy/types";
+import { SSOClient, SSOClientConfig } from "./loadSso";
 export interface SsoCredentialsParameters {
   ssoStartUrl: string;
   ssoSession?: string;
@@ -8,8 +9,11 @@ export interface SsoCredentialsParameters {
   ssoRegion: string;
   ssoRoleName: string;
 }
-export interface FromSSOInit extends SourceProfileInit {
+export interface FromSSOInit
+  extends SourceProfileInit,
+    CredentialProviderOptions {
   ssoClient?: SSOClient;
+  clientConfig?: SSOClientConfig;
 }
 export declare const fromSSO: (
   init?: FromSSOInit & Partial<SsoCredentialsParameters>

package/dist-types/ts3.4/loadSso.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import { GetRoleCredentialsCommand, SSOClient } from "@aws-sdk/client-sso";
+export { GetRoleCredentialsCommand, SSOClient };
+export {
+  SSOClientConfig,
+  GetRoleCredentialsCommandOutput,
+} from "@aws-sdk/client-sso";

package/dist-types/ts3.4/resolveSSOCredentials.d.ts CHANGED Viewed

@@ -7,5 +7,6 @@ export declare const resolveSSOCredentials: ({
   ssoRegion,
   ssoRoleName,
   ssoClient,
+  clientConfig,
   profile,
 }: FromSSOInit & SsoCredentialsParameters) => Promise<AwsCredentialIdentity>;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@aws-sdk/credential-provider-sso",
-  "version": "3.501.0",
+  "version": "3.503.1",
   "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials",
   "main": "./dist-cjs/index.js",
   "module": "./dist-es/index.js",
@@ -24,9 +24,9 @@
   },
   "license": "Apache-2.0",
   "dependencies": {
-    "@aws-sdk/client-sso": "3.496.0",
-    "@aws-sdk/token-providers": "3.501.0",
-    "@aws-sdk/types": "3.496.0",
+    "@aws-sdk/client-sso": "3.502.0",
+    "@aws-sdk/token-providers": "3.502.0",
+    "@aws-sdk/types": "3.502.0",
     "@smithy/property-provider": "^2.1.1",
     "@smithy/shared-ini-file-loader": "^2.3.1",
     "@smithy/types": "^2.9.1",