@aws-sdk/middleware-signing 3.170.0 → 3.178.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +19 -0
- package/dist-cjs/configurations.js +30 -15
- package/dist-cjs/middleware.js +3 -1
- package/dist-es/configurations.js +21 -10
- package/dist-es/middleware.js +13 -11
- package/dist-types/configurations.d.ts +5 -5
- package/dist-types/ts3.4/configurations.d.ts +9 -15
- package/package.json +6 -6
package/CHANGELOG.md
CHANGED
|
@@ -3,6 +3,25 @@
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
|
5
5
|
|
|
6
|
+
# [3.178.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.177.0...v3.178.0) (2022-09-23)
|
|
7
|
+
|
|
8
|
+
|
|
9
|
+
### Features
|
|
10
|
+
|
|
11
|
+
* **endpoint:** endpoints 2.0 existing package changes ([#3947](https://github.com/aws/aws-sdk-js-v3/issues/3947)) ([df99fc3](https://github.com/aws/aws-sdk-js-v3/commit/df99fc33a43982e1c59000721a535f6fe77a3c23))
|
|
12
|
+
|
|
13
|
+
|
|
14
|
+
|
|
15
|
+
|
|
16
|
+
|
|
17
|
+
# [3.171.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.170.0...v3.171.0) (2022-09-14)
|
|
18
|
+
|
|
19
|
+
**Note:** Version bump only for package @aws-sdk/middleware-signing
|
|
20
|
+
|
|
21
|
+
|
|
22
|
+
|
|
23
|
+
|
|
24
|
+
|
|
6
25
|
# [3.170.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.169.0...v3.170.0) (2022-09-13)
|
|
7
26
|
|
|
8
27
|
**Note:** Version bump only for package @aws-sdk/middleware-signing
|
|
@@ -3,6 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
exports.resolveSigV4AuthConfig = exports.resolveAwsAuthConfig = void 0;
|
|
4
4
|
const property_provider_1 = require("@aws-sdk/property-provider");
|
|
5
5
|
const signature_v4_1 = require("@aws-sdk/signature-v4");
|
|
6
|
+
const util_middleware_1 = require("@aws-sdk/util-middleware");
|
|
6
7
|
const CREDENTIAL_EXPIRE_WINDOW = 300000;
|
|
7
8
|
const resolveAwsAuthConfig = (input) => {
|
|
8
9
|
const normalizedCreds = input.credentials
|
|
@@ -11,10 +12,10 @@ const resolveAwsAuthConfig = (input) => {
|
|
|
11
12
|
const { signingEscapePath = true, systemClockOffset = input.systemClockOffset || 0, sha256 } = input;
|
|
12
13
|
let signer;
|
|
13
14
|
if (input.signer) {
|
|
14
|
-
signer = normalizeProvider(input.signer);
|
|
15
|
+
signer = (0, util_middleware_1.normalizeProvider)(input.signer);
|
|
15
16
|
}
|
|
16
|
-
else {
|
|
17
|
-
signer = () => normalizeProvider(input.region)()
|
|
17
|
+
else if (input.regionInfoProvider) {
|
|
18
|
+
signer = () => (0, util_middleware_1.normalizeProvider)(input.region)()
|
|
18
19
|
.then(async (region) => [
|
|
19
20
|
(await input.regionInfoProvider(region, {
|
|
20
21
|
useFipsEndpoint: await input.useFipsEndpoint(),
|
|
@@ -34,10 +35,31 @@ const resolveAwsAuthConfig = (input) => {
|
|
|
34
35
|
sha256,
|
|
35
36
|
uriEscapePath: signingEscapePath,
|
|
36
37
|
};
|
|
37
|
-
const
|
|
38
|
-
return new
|
|
38
|
+
const SignerCtor = input.signerConstructor || signature_v4_1.SignatureV4;
|
|
39
|
+
return new SignerCtor(params);
|
|
39
40
|
});
|
|
40
41
|
}
|
|
42
|
+
else {
|
|
43
|
+
signer = async (authScheme) => {
|
|
44
|
+
if (!authScheme) {
|
|
45
|
+
throw new Error("Unexpected empty auth scheme config");
|
|
46
|
+
}
|
|
47
|
+
const signingRegion = authScheme.signingScope;
|
|
48
|
+
const signingService = authScheme.signingName;
|
|
49
|
+
input.signingRegion = input.signingRegion || signingRegion;
|
|
50
|
+
input.signingName = input.signingName || signingService || input.serviceId;
|
|
51
|
+
const params = {
|
|
52
|
+
...input,
|
|
53
|
+
credentials: normalizedCreds,
|
|
54
|
+
region: input.signingRegion,
|
|
55
|
+
service: input.signingName,
|
|
56
|
+
sha256,
|
|
57
|
+
uriEscapePath: signingEscapePath,
|
|
58
|
+
};
|
|
59
|
+
const SignerCtor = input.signerConstructor || signature_v4_1.SignatureV4;
|
|
60
|
+
return new SignerCtor(params);
|
|
61
|
+
};
|
|
62
|
+
}
|
|
41
63
|
return {
|
|
42
64
|
...input,
|
|
43
65
|
systemClockOffset,
|
|
@@ -54,10 +76,10 @@ const resolveSigV4AuthConfig = (input) => {
|
|
|
54
76
|
const { signingEscapePath = true, systemClockOffset = input.systemClockOffset || 0, sha256 } = input;
|
|
55
77
|
let signer;
|
|
56
78
|
if (input.signer) {
|
|
57
|
-
signer = normalizeProvider(input.signer);
|
|
79
|
+
signer = (0, util_middleware_1.normalizeProvider)(input.signer);
|
|
58
80
|
}
|
|
59
81
|
else {
|
|
60
|
-
signer = normalizeProvider(new signature_v4_1.SignatureV4({
|
|
82
|
+
signer = (0, util_middleware_1.normalizeProvider)(new signature_v4_1.SignatureV4({
|
|
61
83
|
credentials: normalizedCreds,
|
|
62
84
|
region: input.region,
|
|
63
85
|
service: input.signingName,
|
|
@@ -74,17 +96,10 @@ const resolveSigV4AuthConfig = (input) => {
|
|
|
74
96
|
};
|
|
75
97
|
};
|
|
76
98
|
exports.resolveSigV4AuthConfig = resolveSigV4AuthConfig;
|
|
77
|
-
const normalizeProvider = (input) => {
|
|
78
|
-
if (typeof input === "object") {
|
|
79
|
-
const promisified = Promise.resolve(input);
|
|
80
|
-
return () => promisified;
|
|
81
|
-
}
|
|
82
|
-
return input;
|
|
83
|
-
};
|
|
84
99
|
const normalizeCredentialProvider = (credentials) => {
|
|
85
100
|
if (typeof credentials === "function") {
|
|
86
101
|
return (0, property_provider_1.memoize)(credentials, (credentials) => credentials.expiration !== undefined &&
|
|
87
102
|
credentials.expiration.getTime() - Date.now() < CREDENTIAL_EXPIRE_WINDOW, (credentials) => credentials.expiration !== undefined);
|
|
88
103
|
}
|
|
89
|
-
return normalizeProvider(credentials);
|
|
104
|
+
return (0, util_middleware_1.normalizeProvider)(credentials);
|
|
90
105
|
};
|
package/dist-cjs/middleware.js
CHANGED
|
@@ -5,9 +5,11 @@ const protocol_http_1 = require("@aws-sdk/protocol-http");
|
|
|
5
5
|
const getSkewCorrectedDate_1 = require("./utils/getSkewCorrectedDate");
|
|
6
6
|
const getUpdatedSystemClockOffset_1 = require("./utils/getUpdatedSystemClockOffset");
|
|
7
7
|
const awsAuthMiddleware = (options) => (next, context) => async function (args) {
|
|
8
|
+
var _a, _b, _c;
|
|
8
9
|
if (!protocol_http_1.HttpRequest.isInstance(args.request))
|
|
9
10
|
return next(args);
|
|
10
|
-
const
|
|
11
|
+
const authScheme = (_c = (_b = (_a = (context.endpointV2)) === null || _a === void 0 ? void 0 : _a.properties) === null || _b === void 0 ? void 0 : _b.authSchemes) === null || _c === void 0 ? void 0 : _c[0];
|
|
12
|
+
const signer = await options.signer(authScheme);
|
|
11
13
|
const output = await next({
|
|
12
14
|
...args,
|
|
13
15
|
request: await signer.sign(args.request, {
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { __assign, __awaiter, __generator, __read } from "tslib";
|
|
2
2
|
import { memoize } from "@aws-sdk/property-provider";
|
|
3
3
|
import { SignatureV4 } from "@aws-sdk/signature-v4";
|
|
4
|
+
import { normalizeProvider } from "@aws-sdk/util-middleware";
|
|
4
5
|
var CREDENTIAL_EXPIRE_WINDOW = 300000;
|
|
5
6
|
export var resolveAwsAuthConfig = function (input) {
|
|
6
7
|
var normalizedCreds = input.credentials
|
|
@@ -11,7 +12,7 @@ export var resolveAwsAuthConfig = function (input) {
|
|
|
11
12
|
if (input.signer) {
|
|
12
13
|
signer = normalizeProvider(input.signer);
|
|
13
14
|
}
|
|
14
|
-
else {
|
|
15
|
+
else if (input.regionInfoProvider) {
|
|
15
16
|
signer = function () {
|
|
16
17
|
return normalizeProvider(input.region)()
|
|
17
18
|
.then(function (region) { return __awaiter(void 0, void 0, void 0, function () {
|
|
@@ -42,11 +43,28 @@ export var resolveAwsAuthConfig = function (input) {
|
|
|
42
43
|
input.signingRegion = input.signingRegion || signingRegion || region;
|
|
43
44
|
input.signingName = input.signingName || signingService || input.serviceId;
|
|
44
45
|
var params = __assign(__assign({}, input), { credentials: normalizedCreds, region: input.signingRegion, service: input.signingName, sha256: sha256, uriEscapePath: signingEscapePath });
|
|
45
|
-
var
|
|
46
|
-
return new
|
|
46
|
+
var SignerCtor = input.signerConstructor || SignatureV4;
|
|
47
|
+
return new SignerCtor(params);
|
|
47
48
|
});
|
|
48
49
|
};
|
|
49
50
|
}
|
|
51
|
+
else {
|
|
52
|
+
signer = function (authScheme) { return __awaiter(void 0, void 0, void 0, function () {
|
|
53
|
+
var signingRegion, signingService, params, SignerCtor;
|
|
54
|
+
return __generator(this, function (_a) {
|
|
55
|
+
if (!authScheme) {
|
|
56
|
+
throw new Error("Unexpected empty auth scheme config");
|
|
57
|
+
}
|
|
58
|
+
signingRegion = authScheme.signingScope;
|
|
59
|
+
signingService = authScheme.signingName;
|
|
60
|
+
input.signingRegion = input.signingRegion || signingRegion;
|
|
61
|
+
input.signingName = input.signingName || signingService || input.serviceId;
|
|
62
|
+
params = __assign(__assign({}, input), { credentials: normalizedCreds, region: input.signingRegion, service: input.signingName, sha256: sha256, uriEscapePath: signingEscapePath });
|
|
63
|
+
SignerCtor = input.signerConstructor || SignatureV4;
|
|
64
|
+
return [2, new SignerCtor(params)];
|
|
65
|
+
});
|
|
66
|
+
}); };
|
|
67
|
+
}
|
|
50
68
|
return __assign(__assign({}, input), { systemClockOffset: systemClockOffset, signingEscapePath: signingEscapePath, credentials: normalizedCreds, signer: signer });
|
|
51
69
|
};
|
|
52
70
|
export var resolveSigV4AuthConfig = function (input) {
|
|
@@ -69,13 +87,6 @@ export var resolveSigV4AuthConfig = function (input) {
|
|
|
69
87
|
}
|
|
70
88
|
return __assign(__assign({}, input), { systemClockOffset: systemClockOffset, signingEscapePath: signingEscapePath, credentials: normalizedCreds, signer: signer });
|
|
71
89
|
};
|
|
72
|
-
var normalizeProvider = function (input) {
|
|
73
|
-
if (typeof input === "object") {
|
|
74
|
-
var promisified_1 = Promise.resolve(input);
|
|
75
|
-
return function () { return promisified_1; };
|
|
76
|
-
}
|
|
77
|
-
return input;
|
|
78
|
-
};
|
|
79
90
|
var normalizeCredentialProvider = function (credentials) {
|
|
80
91
|
if (typeof credentials === "function") {
|
|
81
92
|
return memoize(credentials, function (credentials) {
|
package/dist-es/middleware.js
CHANGED
|
@@ -5,26 +5,28 @@ import { getUpdatedSystemClockOffset } from "./utils/getUpdatedSystemClockOffset
|
|
|
5
5
|
export var awsAuthMiddleware = function (options) {
|
|
6
6
|
return function (next, context) {
|
|
7
7
|
return function (args) {
|
|
8
|
+
var _a, _b, _c;
|
|
8
9
|
return __awaiter(this, void 0, void 0, function () {
|
|
9
|
-
var signer, output,
|
|
10
|
-
var
|
|
11
|
-
return __generator(this, function (
|
|
12
|
-
switch (
|
|
10
|
+
var authScheme, signer, output, _d, _e, dateHeader;
|
|
11
|
+
var _f;
|
|
12
|
+
return __generator(this, function (_g) {
|
|
13
|
+
switch (_g.label) {
|
|
13
14
|
case 0:
|
|
14
15
|
if (!HttpRequest.isInstance(args.request))
|
|
15
16
|
return [2, next(args)];
|
|
16
|
-
|
|
17
|
+
authScheme = (_c = (_b = (_a = (context.endpointV2)) === null || _a === void 0 ? void 0 : _a.properties) === null || _b === void 0 ? void 0 : _b.authSchemes) === null || _c === void 0 ? void 0 : _c[0];
|
|
18
|
+
return [4, options.signer(authScheme)];
|
|
17
19
|
case 1:
|
|
18
|
-
signer =
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
20
|
+
signer = _g.sent();
|
|
21
|
+
_d = next;
|
|
22
|
+
_e = [__assign({}, args)];
|
|
23
|
+
_f = {};
|
|
22
24
|
return [4, signer.sign(args.request, {
|
|
23
25
|
signingDate: getSkewCorrectedDate(options.systemClockOffset),
|
|
24
26
|
signingRegion: context["signing_region"],
|
|
25
27
|
signingService: context["signing_service"],
|
|
26
28
|
})];
|
|
27
|
-
case 2: return [4,
|
|
29
|
+
case 2: return [4, _d.apply(void 0, [__assign.apply(void 0, _e.concat([(_f.request = _g.sent(), _f)]))]).catch(function (error) {
|
|
28
30
|
var _a;
|
|
29
31
|
var serverTime = (_a = error.ServerTime) !== null && _a !== void 0 ? _a : getDateHeader(error.$response);
|
|
30
32
|
if (serverTime) {
|
|
@@ -33,7 +35,7 @@ export var awsAuthMiddleware = function (options) {
|
|
|
33
35
|
throw error;
|
|
34
36
|
})];
|
|
35
37
|
case 3:
|
|
36
|
-
output =
|
|
38
|
+
output = _g.sent();
|
|
37
39
|
dateHeader = getDateHeader(output.response);
|
|
38
40
|
if (dateHeader) {
|
|
39
41
|
options.systemClockOffset = getUpdatedSystemClockOffset(dateHeader, options.systemClockOffset);
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { SignatureV4CryptoInit, SignatureV4Init } from "@aws-sdk/signature-v4";
|
|
2
|
-
import { Credentials, HashConstructor, Logger, MemoizedProvider, Provider, RegionInfoProvider, RequestSigner } from "@aws-sdk/types";
|
|
2
|
+
import { AuthScheme, Credentials, HashConstructor, Logger, MemoizedProvider, Provider, RegionInfoProvider, RequestSigner } from "@aws-sdk/types";
|
|
3
3
|
export interface AwsAuthInputConfig {
|
|
4
4
|
/**
|
|
5
5
|
* The credentials used to sign requests.
|
|
@@ -8,7 +8,7 @@ export interface AwsAuthInputConfig {
|
|
|
8
8
|
/**
|
|
9
9
|
* The signer to use when signing requests.
|
|
10
10
|
*/
|
|
11
|
-
signer?: RequestSigner |
|
|
11
|
+
signer?: RequestSigner | ((authScheme?: AuthScheme) => Promise<RequestSigner>);
|
|
12
12
|
/**
|
|
13
13
|
* Whether to escape request path when signing the request.
|
|
14
14
|
*/
|
|
@@ -37,7 +37,7 @@ export interface SigV4AuthInputConfig {
|
|
|
37
37
|
/**
|
|
38
38
|
* The signer to use when signing requests.
|
|
39
39
|
*/
|
|
40
|
-
signer?: RequestSigner |
|
|
40
|
+
signer?: RequestSigner | ((authScheme?: AuthScheme) => Promise<RequestSigner>);
|
|
41
41
|
/**
|
|
42
42
|
* Whether to escape request path when signing the request.
|
|
43
43
|
*/
|
|
@@ -50,7 +50,7 @@ export interface SigV4AuthInputConfig {
|
|
|
50
50
|
interface PreviouslyResolved {
|
|
51
51
|
credentialDefaultProvider: (input: any) => MemoizedProvider<Credentials>;
|
|
52
52
|
region: string | Provider<string>;
|
|
53
|
-
regionInfoProvider
|
|
53
|
+
regionInfoProvider?: RegionInfoProvider;
|
|
54
54
|
signingName?: string;
|
|
55
55
|
serviceId: string;
|
|
56
56
|
sha256: HashConstructor;
|
|
@@ -74,7 +74,7 @@ export interface AwsAuthResolvedConfig {
|
|
|
74
74
|
/**
|
|
75
75
|
* Resolved value for input config {@link AwsAuthInputConfig.signer}
|
|
76
76
|
*/
|
|
77
|
-
signer:
|
|
77
|
+
signer: (authScheme?: AuthScheme) => Promise<RequestSigner>;
|
|
78
78
|
/**
|
|
79
79
|
* Resolved value for input config {@link AwsAuthInputConfig.signingEscapePath}
|
|
80
80
|
*/
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { SignatureV4CryptoInit, SignatureV4Init } from "@aws-sdk/signature-v4";
|
|
2
2
|
import {
|
|
3
|
+
AuthScheme,
|
|
3
4
|
Credentials,
|
|
4
5
|
HashConstructor,
|
|
5
6
|
Logger,
|
|
@@ -10,32 +11,28 @@ import {
|
|
|
10
11
|
} from "@aws-sdk/types";
|
|
11
12
|
export interface AwsAuthInputConfig {
|
|
12
13
|
credentials?: Credentials | Provider<Credentials>;
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
14
|
+
signer?:
|
|
15
|
+
| RequestSigner
|
|
16
|
+
| ((authScheme?: AuthScheme) => Promise<RequestSigner>);
|
|
16
17
|
signingEscapePath?: boolean;
|
|
17
|
-
|
|
18
18
|
systemClockOffset?: number;
|
|
19
|
-
|
|
20
19
|
signingRegion?: string;
|
|
21
|
-
|
|
22
20
|
signerConstructor?: new (
|
|
23
21
|
options: SignatureV4Init & SignatureV4CryptoInit
|
|
24
22
|
) => RequestSigner;
|
|
25
23
|
}
|
|
26
24
|
export interface SigV4AuthInputConfig {
|
|
27
25
|
credentials?: Credentials | Provider<Credentials>;
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
26
|
+
signer?:
|
|
27
|
+
| RequestSigner
|
|
28
|
+
| ((authScheme?: AuthScheme) => Promise<RequestSigner>);
|
|
31
29
|
signingEscapePath?: boolean;
|
|
32
|
-
|
|
33
30
|
systemClockOffset?: number;
|
|
34
31
|
}
|
|
35
32
|
interface PreviouslyResolved {
|
|
36
33
|
credentialDefaultProvider: (input: any) => MemoizedProvider<Credentials>;
|
|
37
34
|
region: string | Provider<string>;
|
|
38
|
-
regionInfoProvider
|
|
35
|
+
regionInfoProvider?: RegionInfoProvider;
|
|
39
36
|
signingName?: string;
|
|
40
37
|
serviceId: string;
|
|
41
38
|
sha256: HashConstructor;
|
|
@@ -51,11 +48,8 @@ interface SigV4PreviouslyResolved {
|
|
|
51
48
|
}
|
|
52
49
|
export interface AwsAuthResolvedConfig {
|
|
53
50
|
credentials: MemoizedProvider<Credentials>;
|
|
54
|
-
|
|
55
|
-
signer: Provider<RequestSigner>;
|
|
56
|
-
|
|
51
|
+
signer: (authScheme?: AuthScheme) => Promise<RequestSigner>;
|
|
57
52
|
signingEscapePath: boolean;
|
|
58
|
-
|
|
59
53
|
systemClockOffset: number;
|
|
60
54
|
}
|
|
61
55
|
export interface SigV4AuthResolvedConfig extends AwsAuthResolvedConfig {}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@aws-sdk/middleware-signing",
|
|
3
|
-
"version": "3.
|
|
3
|
+
"version": "3.178.0",
|
|
4
4
|
"scripts": {
|
|
5
5
|
"build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
|
|
6
6
|
"build:cjs": "tsc -p tsconfig.cjs.json",
|
|
@@ -9,7 +9,7 @@
|
|
|
9
9
|
"build:types": "tsc -p tsconfig.types.json",
|
|
10
10
|
"build:types:downlevel": "downlevel-dts dist-types dist-types/ts3.4",
|
|
11
11
|
"clean": "rimraf ./dist-* && rimraf *.tsbuildinfo",
|
|
12
|
-
"test": "jest"
|
|
12
|
+
"test": "jest --passWithNoTests"
|
|
13
13
|
},
|
|
14
14
|
"main": "./dist-cjs/index.js",
|
|
15
15
|
"module": "./dist-es/index.js",
|
|
@@ -20,10 +20,10 @@
|
|
|
20
20
|
},
|
|
21
21
|
"license": "Apache-2.0",
|
|
22
22
|
"dependencies": {
|
|
23
|
-
"@aws-sdk/property-provider": "3.
|
|
24
|
-
"@aws-sdk/protocol-http": "3.
|
|
25
|
-
"@aws-sdk/signature-v4": "3.
|
|
26
|
-
"@aws-sdk/types": "3.
|
|
23
|
+
"@aws-sdk/property-provider": "3.178.0",
|
|
24
|
+
"@aws-sdk/protocol-http": "3.178.0",
|
|
25
|
+
"@aws-sdk/signature-v4": "3.178.0",
|
|
26
|
+
"@aws-sdk/types": "3.178.0",
|
|
27
27
|
"tslib": "^2.3.1"
|
|
28
28
|
},
|
|
29
29
|
"engines": {
|