@aws-sdk/credential-provider-sso 3.54.0 → 3.54.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/CHANGELOG.md +8 -0
  2. package/dist-cjs/fromSSO.js +3 -3
  3. package/dist-cjs/resolveSSOCredentials.js +1 -8
  4. package/dist-es/fromSSO.js +2 -2
  5. package/dist-es/resolveSSOCredentials.js +14 -22
  6. package/dist-types/fromSSO.d.ts +1 -1
  7. package/dist-types/isSsoProfile.d.ts +1 -1
  8. package/dist-types/ts3.4/fromSSO.d.ts +1 -1
  9. package/dist-types/ts3.4/isSsoProfile.d.ts +1 -1
  10. package/dist-types/ts3.4/types.d.ts +1 -1
  11. package/dist-types/types.d.ts +1 -1
  12. package/package.json +5 -6
package/CHANGELOG.md CHANGED
@@ -3,6 +3,14 @@
3
3
  All notable changes to this project will be documented in this file.
4
4
  See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
5
5
 
6
+ ## [3.54.1](https://github.com/aws/aws-sdk-js-v3/compare/v3.54.0...v3.54.1) (2022-03-15)
7
+
8
+ **Note:** Version bump only for package @aws-sdk/credential-provider-sso
9
+
10
+
11
+
12
+
13
+
6
14
  # [3.54.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.53.1...v3.54.0) (2022-03-11)
7
15
 
8
16
  **Note:** Version bump only for package @aws-sdk/credential-provider-sso
package/dist-cjs/fromSSO.js CHANGED
@@ -2,15 +2,15 @@
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.fromSSO = void 0;
4
4
  const property_provider_1 = require("@aws-sdk/property-provider");
5
- const util_credentials_1 = require("@aws-sdk/util-credentials");
5
+ const shared_ini_file_loader_1 = require("@aws-sdk/shared-ini-file-loader");
6
6
  const isSsoProfile_1 = require("./isSsoProfile");
7
7
  const resolveSSOCredentials_1 = require("./resolveSSOCredentials");
8
8
  const validateSsoProfile_1 = require("./validateSsoProfile");
9
9
  const fromSSO = (init = {}) => async () => {
10
10
  const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoClient } = init;
11
11
  if (!ssoStartUrl && !ssoAccountId && !ssoRegion && !ssoRoleName) {
12
- const profiles = await util_credentials_1.parseKnownFiles(init);
13
- const profileName = util_credentials_1.getMasterProfileName(init);
12
+ const profiles = await shared_ini_file_loader_1.parseKnownFiles(init);
13
+ const profileName = shared_ini_file_loader_1.getProfileName(init);
14
14
  const profile = profiles[profileName];
15
15
  if (!isSsoProfile_1.isSsoProfile(profile)) {
16
16
  throw new property_provider_1.CredentialsProviderError(`Profile ${profileName} is not configured with SSO credentials.`);
package/dist-cjs/resolveSSOCredentials.js CHANGED
@@ -4,20 +4,13 @@ exports.resolveSSOCredentials = void 0;
4
4
  const client_sso_1 = require("@aws-sdk/client-sso");
5
5
  const property_provider_1 = require("@aws-sdk/property-provider");
6
6
  const shared_ini_file_loader_1 = require("@aws-sdk/shared-ini-file-loader");
7
- const crypto_1 = require("crypto");
8
- const fs_1 = require("fs");
9
- const path_1 = require("path");
10
7
  const EXPIRE_WINDOW_MS = 15 * 60 * 1000;
11
8
  const SHOULD_FAIL_CREDENTIAL_CHAIN = false;
12
- const { readFile } = fs_1.promises;
13
9
  const resolveSSOCredentials = async ({ ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, }) => {
14
- const hasher = crypto_1.createHash("sha1");
15
- const cacheName = hasher.update(ssoStartUrl).digest("hex");
16
- const tokenFile = path_1.join(shared_ini_file_loader_1.getHomeDir(), ".aws", "sso", "cache", `${cacheName}.json`);
17
10
  let token;
18
11
  const refreshMessage = `To refresh this SSO session run aws sso login with the corresponding profile.`;
19
12
  try {
20
- token = JSON.parse(await readFile(tokenFile, "utf8"));
13
+ token = await shared_ini_file_loader_1.getSSOTokenFromFile(ssoStartUrl);
21
14
  }
22
15
  catch (e) {
23
16
  throw new property_provider_1.CredentialsProviderError(`The SSO session associated with this profile is invalid. ${refreshMessage}`, SHOULD_FAIL_CREDENTIAL_CHAIN);
package/dist-es/fromSSO.js CHANGED
@@ -1,6 +1,6 @@
1
1
  import { __awaiter, __generator } from "tslib";
2
2
  import { CredentialsProviderError } from "@aws-sdk/property-provider";
3
- import { getMasterProfileName, parseKnownFiles } from "@aws-sdk/util-credentials";
3
+ import { getProfileName, parseKnownFiles } from "@aws-sdk/shared-ini-file-loader";
4
4
  import { isSsoProfile } from "./isSsoProfile";
5
5
  import { resolveSSOCredentials } from "./resolveSSOCredentials";
6
6
  import { validateSsoProfile } from "./validateSsoProfile";
@@ -16,7 +16,7 @@ export var fromSSO = function (init) {
16
16
  return [4, parseKnownFiles(init)];
17
17
  case 1:
18
18
  profiles = _b.sent();
19
- profileName = getMasterProfileName(init);
19
+ profileName = getProfileName(init);
20
20
  profile = profiles[profileName];
21
21
  if (!isSsoProfile(profile)) {
22
22
  throw new CredentialsProviderError("Profile " + profileName + " is not configured with SSO credentials.");
package/dist-es/resolveSSOCredentials.js CHANGED
@@ -1,34 +1,26 @@
1
1
  import { __awaiter, __generator } from "tslib";
2
2
  import { GetRoleCredentialsCommand, SSOClient } from "@aws-sdk/client-sso";
3
3
  import { CredentialsProviderError } from "@aws-sdk/property-provider";
4
- import { getHomeDir } from "@aws-sdk/shared-ini-file-loader";
5
- import { createHash } from "crypto";
6
- import { promises as fsPromises } from "fs";
7
- import { join } from "path";
4
+ import { getSSOTokenFromFile } from "@aws-sdk/shared-ini-file-loader";
8
5
  var EXPIRE_WINDOW_MS = 15 * 60 * 1000;
9
6
  var SHOULD_FAIL_CREDENTIAL_CHAIN = false;
10
- var readFile = fsPromises.readFile;
11
7
  export var resolveSSOCredentials = function (_a) {
12
8
  var ssoStartUrl = _a.ssoStartUrl, ssoAccountId = _a.ssoAccountId, ssoRegion = _a.ssoRegion, ssoRoleName = _a.ssoRoleName, ssoClient = _a.ssoClient;
13
9
  return __awaiter(void 0, void 0, void 0, function () {
14
- var hasher, cacheName, tokenFile, token, refreshMessage, _b, _c, e_1, accessToken, sso, ssoResp, e_2, _d, _e, accessKeyId, secretAccessKey, sessionToken, expiration;
15
- return __generator(this, function (_f) {
16
- switch (_f.label) {
10
+ var token, refreshMessage, e_1, accessToken, sso, ssoResp, e_2, _b, _c, accessKeyId, secretAccessKey, sessionToken, expiration;
11
+ return __generator(this, function (_d) {
12
+ switch (_d.label) {
17
13
  case 0:
18
- hasher = createHash("sha1");
19
- cacheName = hasher.update(ssoStartUrl).digest("hex");
20
- tokenFile = join(getHomeDir(), ".aws", "sso", "cache", cacheName + ".json");
21
14
  refreshMessage = "To refresh this SSO session run aws sso login with the corresponding profile.";
22
- _f.label = 1;
15
+ _d.label = 1;
23
16
  case 1:
24
- _f.trys.push([1, 3, , 4]);
25
- _c = (_b = JSON).parse;
26
- return [4, readFile(tokenFile, "utf8")];
17
+ _d.trys.push([1, 3, , 4]);
18
+ return [4, getSSOTokenFromFile(ssoStartUrl)];
27
19
  case 2:
28
- token = _c.apply(_b, [_f.sent()]);
20
+ token = _d.sent();
29
21
  return [3, 4];
30
22
  case 3:
31
- e_1 = _f.sent();
23
+ e_1 = _d.sent();
32
24
  throw new CredentialsProviderError("The SSO session associated with this profile is invalid. " + refreshMessage, SHOULD_FAIL_CREDENTIAL_CHAIN);
33
25
  case 4:
34
26
  if (new Date(token.expiresAt).getTime() - Date.now() <= EXPIRE_WINDOW_MS) {
@@ -36,22 +28,22 @@ export var resolveSSOCredentials = function (_a) {
36
28
  }
37
29
  accessToken = token.accessToken;
38
30
  sso = ssoClient || new SSOClient({ region: ssoRegion });
39
- _f.label = 5;
31
+ _d.label = 5;
40
32
  case 5:
41
- _f.trys.push([5, 7, , 8]);
33
+ _d.trys.push([5, 7, , 8]);
42
34
  return [4, sso.send(new GetRoleCredentialsCommand({
43
35
  accountId: ssoAccountId,
44
36
  roleName: ssoRoleName,
45
37
  accessToken: accessToken,
46
38
  }))];
47
39
  case 6:
48
- ssoResp = _f.sent();
40
+ ssoResp = _d.sent();
49
41
  return [3, 8];
50
42
  case 7:
51
- e_2 = _f.sent();
43
+ e_2 = _d.sent();
52
44
  throw CredentialsProviderError.from(e_2, SHOULD_FAIL_CREDENTIAL_CHAIN);
53
45
  case 8:
54
- _d = ssoResp.roleCredentials, _e = _d === void 0 ? {} : _d, accessKeyId = _e.accessKeyId, secretAccessKey = _e.secretAccessKey, sessionToken = _e.sessionToken, expiration = _e.expiration;
46
+ _b = ssoResp.roleCredentials, _c = _b === void 0 ? {} : _b, accessKeyId = _c.accessKeyId, secretAccessKey = _c.secretAccessKey, sessionToken = _c.sessionToken, expiration = _c.expiration;
55
47
  if (!accessKeyId || !secretAccessKey || !sessionToken || !expiration) {
56
48
  throw new CredentialsProviderError("SSO returns an invalid temporary credential.", SHOULD_FAIL_CREDENTIAL_CHAIN);
57
49
  }
package/dist-types/fromSSO.d.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  import { SSOClient } from "@aws-sdk/client-sso";
2
+ import { SourceProfileInit } from "@aws-sdk/shared-ini-file-loader";
2
3
  import { CredentialProvider } from "@aws-sdk/types";
3
- import { SourceProfileInit } from "@aws-sdk/util-credentials";
4
4
  export interface SsoCredentialsParameters {
5
5
  /**
6
6
  * The URL to the AWS SSO service.
package/dist-types/isSsoProfile.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { Profile } from "@aws-sdk/shared-ini-file-loader";
1
+ import { Profile } from "@aws-sdk/types";
2
2
  import { SsoProfile } from "./types";
3
3
  /**
4
4
  * @internal
package/dist-types/ts3.4/fromSSO.d.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  import { SSOClient } from "@aws-sdk/client-sso";
2
+ import { SourceProfileInit } from "@aws-sdk/shared-ini-file-loader";
2
3
  import { CredentialProvider } from "@aws-sdk/types";
3
- import { SourceProfileInit } from "@aws-sdk/util-credentials";
4
4
  export interface SsoCredentialsParameters {
5
5
 
6
6
  ssoStartUrl: string;
package/dist-types/ts3.4/isSsoProfile.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { Profile } from "@aws-sdk/shared-ini-file-loader";
1
+ import { Profile } from "@aws-sdk/types";
2
2
  import { SsoProfile } from "./types";
3
3
 
4
4
  export declare const isSsoProfile: (arg: Profile) => arg is Partial<SsoProfile>;
package/dist-types/ts3.4/types.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { Profile } from "@aws-sdk/shared-ini-file-loader";
1
+ import { Profile } from "@aws-sdk/types";
2
2
 
3
3
  export interface SSOToken {
4
4
  accessToken: string;
package/dist-types/types.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { Profile } from "@aws-sdk/shared-ini-file-loader";
1
+ import { Profile } from "@aws-sdk/types";
2
2
  /**
3
3
  * Cached SSO token retrieved from SSO login flow.
4
4
  */
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@aws-sdk/credential-provider-sso",
3
- "version": "3.54.0",
3
+ "version": "3.54.1",
4
4
  "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials",
5
5
  "main": "./dist-cjs/index.js",
6
6
  "module": "./dist-es/index.js",
@@ -23,11 +23,10 @@
23
23
  },
24
24
  "license": "Apache-2.0",
25
25
  "dependencies": {
26
- "@aws-sdk/client-sso": "3.54.0",
27
- "@aws-sdk/property-provider": "3.54.0",
28
- "@aws-sdk/shared-ini-file-loader": "3.52.0",
29
- "@aws-sdk/types": "3.54.0",
30
- "@aws-sdk/util-credentials": "3.53.0",
26
+ "@aws-sdk/client-sso": "3.54.1",
27
+ "@aws-sdk/property-provider": "3.54.1",
28
+ "@aws-sdk/shared-ini-file-loader": "3.54.1",
29
+ "@aws-sdk/types": "3.54.1",
31
30
  "tslib": "^2.3.0"
32
31
  },
33
32
  "devDependencies": {