@aws-sdk/middleware-signing 3.523.0 → 3.534.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist-cjs/index.js +39 -6
- package/dist-es/awsAuthConfiguration.js +10 -2
- package/dist-es/awsAuthMiddleware.js +29 -3
- package/package.json +7 -7
package/dist-cjs/index.js
CHANGED
|
@@ -80,14 +80,21 @@ var resolveAwsAuthConfig = /* @__PURE__ */ __name((input) => {
|
|
|
80
80
|
},
|
|
81
81
|
authScheme
|
|
82
82
|
);
|
|
83
|
+
const isSigv4a = (authScheme == null ? void 0 : authScheme.name) === "sigv4a";
|
|
83
84
|
const signingRegion = authScheme.signingRegion;
|
|
84
85
|
const signingService = authScheme.signingName;
|
|
85
|
-
|
|
86
|
+
let regionForSigner;
|
|
87
|
+
if (isSigv4a) {
|
|
88
|
+
regionForSigner = input.signingRegion || signingRegion;
|
|
89
|
+
} else {
|
|
90
|
+
input.signingRegion = input.signingRegion || signingRegion;
|
|
91
|
+
regionForSigner = input.signingRegion;
|
|
92
|
+
}
|
|
86
93
|
input.signingName = input.signingName || signingService || input.serviceId;
|
|
87
94
|
const params = {
|
|
88
95
|
...input,
|
|
89
96
|
credentials: normalizedCreds,
|
|
90
|
-
region:
|
|
97
|
+
region: regionForSigner,
|
|
91
98
|
service: input.signingName,
|
|
92
99
|
sha256,
|
|
93
100
|
uriEscapePath: signingEscapePath
|
|
@@ -164,13 +171,39 @@ var getUpdatedSystemClockOffset = /* @__PURE__ */ __name((clockTime, currentSyst
|
|
|
164
171
|
|
|
165
172
|
// src/awsAuthMiddleware.ts
|
|
166
173
|
var awsAuthMiddleware = /* @__PURE__ */ __name((options) => (next, context) => async function(args) {
|
|
167
|
-
var _a, _b, _c, _d;
|
|
174
|
+
var _a, _b, _c, _d, _e, _f, _g;
|
|
168
175
|
if (!import_protocol_http.HttpRequest.isInstance(args.request))
|
|
169
176
|
return next(args);
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
const
|
|
177
|
+
let authScheme;
|
|
178
|
+
let signer;
|
|
179
|
+
const firstAuthScheme = (_c = (_b = (_a = context.endpointV2) == null ? void 0 : _a.properties) == null ? void 0 : _b.authSchemes) == null ? void 0 : _c[0];
|
|
180
|
+
const secondAuthScheme = (_f = (_e = (_d = context.endpointV2) == null ? void 0 : _d.properties) == null ? void 0 : _e.authSchemes) == null ? void 0 : _f[1];
|
|
181
|
+
const firstAuthSchemeIsSigv4a = (firstAuthScheme == null ? void 0 : firstAuthScheme.name) === "sigv4a";
|
|
182
|
+
if (firstAuthSchemeIsSigv4a && secondAuthScheme) {
|
|
183
|
+
signer = await options.signer(authScheme = firstAuthScheme);
|
|
184
|
+
const uncheckedSigner = signer;
|
|
185
|
+
const sigv4aAvailable = (() => {
|
|
186
|
+
var _a2;
|
|
187
|
+
if (typeof (uncheckedSigner == null ? void 0 : uncheckedSigner.getSigv4aSigner) === "function") {
|
|
188
|
+
if (((_a2 = uncheckedSigner == null ? void 0 : uncheckedSigner.signerOptions) == null ? void 0 : _a2.runtime) !== "node") {
|
|
189
|
+
return false;
|
|
190
|
+
}
|
|
191
|
+
try {
|
|
192
|
+
uncheckedSigner.getSigv4aSigner();
|
|
193
|
+
return true;
|
|
194
|
+
} catch (e) {
|
|
195
|
+
}
|
|
196
|
+
}
|
|
197
|
+
return false;
|
|
198
|
+
})();
|
|
199
|
+
if (!sigv4aAvailable) {
|
|
200
|
+
signer = await options.signer(authScheme = secondAuthScheme);
|
|
201
|
+
}
|
|
202
|
+
} else {
|
|
203
|
+
signer = await options.signer(authScheme = firstAuthScheme);
|
|
204
|
+
}
|
|
173
205
|
let signedRequest;
|
|
206
|
+
const multiRegionOverride = (authScheme == null ? void 0 : authScheme.name) === "sigv4a" ? (_g = authScheme == null ? void 0 : authScheme.signingRegionSet) == null ? void 0 : _g.join(",") : void 0;
|
|
174
207
|
const signingOptions = {
|
|
175
208
|
signingDate: getSkewCorrectedDate(options.systemClockOffset),
|
|
176
209
|
signingRegion: multiRegionOverride || context["signing_region"],
|
|
@@ -46,14 +46,22 @@ export const resolveAwsAuthConfig = (input) => {
|
|
|
46
46
|
signingRegion: await normalizeProvider(input.region)(),
|
|
47
47
|
properties: {},
|
|
48
48
|
}, authScheme);
|
|
49
|
+
const isSigv4a = authScheme?.name === "sigv4a";
|
|
49
50
|
const signingRegion = authScheme.signingRegion;
|
|
50
51
|
const signingService = authScheme.signingName;
|
|
51
|
-
|
|
52
|
+
let regionForSigner;
|
|
53
|
+
if (isSigv4a) {
|
|
54
|
+
regionForSigner = input.signingRegion || signingRegion;
|
|
55
|
+
}
|
|
56
|
+
else {
|
|
57
|
+
input.signingRegion = input.signingRegion || signingRegion;
|
|
58
|
+
regionForSigner = input.signingRegion;
|
|
59
|
+
}
|
|
52
60
|
input.signingName = input.signingName || signingService || input.serviceId;
|
|
53
61
|
const params = {
|
|
54
62
|
...input,
|
|
55
63
|
credentials: normalizedCreds,
|
|
56
|
-
region:
|
|
64
|
+
region: regionForSigner,
|
|
57
65
|
service: input.signingName,
|
|
58
66
|
sha256,
|
|
59
67
|
uriEscapePath: signingEscapePath,
|
|
@@ -4,10 +4,36 @@ import { getUpdatedSystemClockOffset } from "./utils/getUpdatedSystemClockOffset
|
|
|
4
4
|
export const awsAuthMiddleware = (options) => (next, context) => async function (args) {
|
|
5
5
|
if (!HttpRequest.isInstance(args.request))
|
|
6
6
|
return next(args);
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
const
|
|
7
|
+
let authScheme;
|
|
8
|
+
let signer;
|
|
9
|
+
const firstAuthScheme = context.endpointV2?.properties?.authSchemes?.[0];
|
|
10
|
+
const secondAuthScheme = context.endpointV2?.properties?.authSchemes?.[1];
|
|
11
|
+
const firstAuthSchemeIsSigv4a = firstAuthScheme?.name === "sigv4a";
|
|
12
|
+
if (firstAuthSchemeIsSigv4a && secondAuthScheme) {
|
|
13
|
+
signer = await options.signer((authScheme = firstAuthScheme));
|
|
14
|
+
const uncheckedSigner = signer;
|
|
15
|
+
const sigv4aAvailable = (() => {
|
|
16
|
+
if (typeof uncheckedSigner?.getSigv4aSigner === "function") {
|
|
17
|
+
if (uncheckedSigner?.signerOptions?.runtime !== "node") {
|
|
18
|
+
return false;
|
|
19
|
+
}
|
|
20
|
+
try {
|
|
21
|
+
uncheckedSigner.getSigv4aSigner();
|
|
22
|
+
return true;
|
|
23
|
+
}
|
|
24
|
+
catch (e) { }
|
|
25
|
+
}
|
|
26
|
+
return false;
|
|
27
|
+
})();
|
|
28
|
+
if (!sigv4aAvailable) {
|
|
29
|
+
signer = await options.signer((authScheme = secondAuthScheme));
|
|
30
|
+
}
|
|
31
|
+
}
|
|
32
|
+
else {
|
|
33
|
+
signer = await options.signer((authScheme = firstAuthScheme));
|
|
34
|
+
}
|
|
10
35
|
let signedRequest;
|
|
36
|
+
const multiRegionOverride = authScheme?.name === "sigv4a" ? authScheme?.signingRegionSet?.join(",") : undefined;
|
|
11
37
|
const signingOptions = {
|
|
12
38
|
signingDate: getSkewCorrectedDate(options.systemClockOffset),
|
|
13
39
|
signingRegion: multiRegionOverride || context["signing_region"],
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@aws-sdk/middleware-signing",
|
|
3
|
-
"version": "3.
|
|
3
|
+
"version": "3.534.0",
|
|
4
4
|
"scripts": {
|
|
5
5
|
"build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
|
|
6
6
|
"build:cjs": "node ../../scripts/compilation/inline middleware-signing",
|
|
@@ -22,12 +22,12 @@
|
|
|
22
22
|
},
|
|
23
23
|
"license": "Apache-2.0",
|
|
24
24
|
"dependencies": {
|
|
25
|
-
"@aws-sdk/types": "3.
|
|
26
|
-
"@smithy/property-provider": "^2.1.
|
|
27
|
-
"@smithy/protocol-http": "^3.2.
|
|
28
|
-
"@smithy/signature-v4": "^2.1.
|
|
29
|
-
"@smithy/types": "^2.
|
|
30
|
-
"@smithy/util-middleware": "^2.1.
|
|
25
|
+
"@aws-sdk/types": "3.533.0",
|
|
26
|
+
"@smithy/property-provider": "^2.1.4",
|
|
27
|
+
"@smithy/protocol-http": "^3.2.2",
|
|
28
|
+
"@smithy/signature-v4": "^2.1.4",
|
|
29
|
+
"@smithy/types": "^2.11.0",
|
|
30
|
+
"@smithy/util-middleware": "^2.1.4",
|
|
31
31
|
"tslib": "^2.5.0"
|
|
32
32
|
},
|
|
33
33
|
"engines": {
|