npm - @cdk8s/awscdk-resolver - Versions diffs - 0.0.100 → 0.0.102 - Mend

@cdk8s/awscdk-resolver 0.0.100 → 0.0.102

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (226) hide show

package/node_modules/@aws-sdk/core/src/httpAuthSchemes/aws_sdk/AwsSdkSigV4Signer.spec.ts DELETED Viewed

@@ -1,30 +0,0 @@
-import { AwsSdkSigV4Signer } from "./AwsSdkSigV4Signer";
-describe(AwsSdkSigV4Signer.name, () => {
-  it("sets clockSkewCorrected metadata in error handler if systemClockOffset was updated", async () => {
-    const signer = new AwsSdkSigV4Signer();
-    let error: Error | any;
-    try {
-      signer.errorHandler({
-        config: {
-          systemClockOffset: 30 * 60 * 1000,
-        },
-      })(
-        Object.assign(new Error("uh oh"), {
-          $metadata: {},
-          $response: {
-            headers: {
-              date: new Date().toISOString(),
-            },
-            statusCode: 500,
-          },
-        })
-      );
-    } catch (e) {
-      error = e as Error;
-    }
-    expect((error as any).$metadata.clockSkewCorrected).toBe(true);
-  });
-});

package/node_modules/@aws-sdk/core/src/httpAuthSchemes/aws_sdk/AwsSdkSigV4Signer.ts DELETED Viewed

@@ -1,134 +0,0 @@
-import { HttpRequest } from "@smithy/protocol-http";
-import { ServiceException } from "@smithy/smithy-client";
-import {
-  AuthScheme,
-  AwsCredentialIdentity,
-  HandlerExecutionContext,
-  HttpRequest as IHttpRequest,
-  HttpResponse,
-  HttpSigner,
-  RequestSigner,
-} from "@smithy/types";
-import { getDateHeader, getSkewCorrectedDate, getUpdatedSystemClockOffset } from "../utils";
-/**
- * @internal
- */
-const throwSigningPropertyError = <T>(name: string, property: T | undefined): T | never => {
-  if (!property) {
-    throw new Error(`Property \`${name}\` is not resolved for AWS SDK SigV4Auth`);
-  }
-  return property;
-};
-/**
- * @internal
- */
-interface AwsSdkSigV4Config {
-  systemClockOffset: number;
-  signer: (authScheme?: AuthScheme) => Promise<RequestSigner>;
-}
-/**
- * @internal
- */
-interface AwsSdkSigV4AuthSigningProperties {
-  config: AwsSdkSigV4Config;
-  signer: RequestSigner;
-  signingRegion?: string;
-  signingName?: string;
-}
-/**
- * @internal
- */
-interface AwsSdkSigV4Exception extends ServiceException {
-  ServerTime?: string;
-  $metadata: ServiceException["$metadata"] & {
-    clockSkewCorrected?: boolean;
-  };
-}
-/**
- * @internal
- */
-const validateSigningProperties = async (
-  signingProperties: Record<string, unknown>
-): Promise<AwsSdkSigV4AuthSigningProperties> => {
-  const context = throwSigningPropertyError(
-    "context",
-    signingProperties.context as HandlerExecutionContext | undefined
-  );
-  const config = throwSigningPropertyError("config", signingProperties.config as AwsSdkSigV4Config | undefined);
-  const authScheme = context.endpointV2?.properties?.authSchemes?.[0];
-  const signerFunction = throwSigningPropertyError(
-    "signer",
-    config.signer as ((authScheme?: AuthScheme) => Promise<RequestSigner>) | undefined
-  );
-  const signer = await signerFunction(authScheme);
-  const signingRegion: string | undefined = signingProperties?.signingRegion as string | undefined;
-  const signingName = signingProperties?.signingName as string | undefined;
-  return {
-    config,
-    signer,
-    signingRegion,
-    signingName,
-  };
-};
-/**
- * @internal
- */
-export class AwsSdkSigV4Signer implements HttpSigner {
-  async sign(
-    httpRequest: IHttpRequest,
-    /**
-     * `identity` is bound in {@link resolveAWSSDKSigV4Config}
-     */
-    identity: AwsCredentialIdentity,
-    signingProperties: Record<string, unknown>
-  ): Promise<IHttpRequest> {
-    if (!HttpRequest.isInstance(httpRequest)) {
-      throw new Error("The request is not an instance of `HttpRequest` and cannot be signed");
-    }
-    const { config, signer, signingRegion, signingName } = await validateSigningProperties(signingProperties);
-    const signedRequest = await signer.sign(httpRequest, {
-      signingDate: getSkewCorrectedDate(config.systemClockOffset),
-      signingRegion: signingRegion,
-      signingService: signingName,
-    });
-    return signedRequest;
-  }
-  errorHandler(signingProperties: Record<string, unknown>): (error: Error) => never {
-    return (error: Error) => {
-      const serverTime: string | undefined =
-        (error as AwsSdkSigV4Exception).ServerTime ?? getDateHeader((error as AwsSdkSigV4Exception).$response);
-      if (serverTime) {
-        const config = throwSigningPropertyError("config", signingProperties.config as AwsSdkSigV4Config | undefined);
-        const initialSystemClockOffset = config.systemClockOffset;
-        config.systemClockOffset = getUpdatedSystemClockOffset(serverTime, config.systemClockOffset);
-        const clockSkewCorrected = config.systemClockOffset !== initialSystemClockOffset;
-        if (clockSkewCorrected && (error as AwsSdkSigV4Exception).$metadata) {
-          (error as AwsSdkSigV4Exception).$metadata.clockSkewCorrected = true;
-        }
-      }
-      throw error;
-    };
-  }
-  successHandler(httpResponse: HttpResponse | unknown, signingProperties: Record<string, unknown>): void {
-    const dateHeader = getDateHeader(httpResponse);
-    if (dateHeader) {
-      const config = throwSigningPropertyError("config", signingProperties.config as AwsSdkSigV4Config | undefined);
-      config.systemClockOffset = getUpdatedSystemClockOffset(dateHeader, config.systemClockOffset);
-    }
-  }
-}
-/**
- * @deprecated renamed to {@link AwsSdkSigV4Signer}
- */
-export const AWSSDKSigV4Signer = AwsSdkSigV4Signer;

package/node_modules/@aws-sdk/core/src/httpAuthSchemes/aws_sdk/index.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- export * from "./AwsSdkSigV4Signer";
2	- export * from "./resolveAwsSdkSigV4Config";

package/node_modules/@aws-sdk/core/src/httpAuthSchemes/aws_sdk/resolveAwsSdkSigV4Config.ts DELETED Viewed

@@ -1,244 +0,0 @@
-import {
-  doesIdentityRequireRefresh,
-  isIdentityExpired,
-  memoizeIdentityProvider,
-  normalizeProvider,
-} from "@smithy/core";
-import { SignatureV4, SignatureV4CryptoInit, SignatureV4Init } from "@smithy/signature-v4";
-import {
-  AuthScheme,
-  AwsCredentialIdentity,
-  AwsCredentialIdentityProvider,
-  ChecksumConstructor,
-  HashConstructor,
-  MemoizedProvider,
-  Provider,
-  RegionInfo,
-  RegionInfoProvider,
-  RequestSigner,
-} from "@smithy/types";
-/**
- * @internal
- */
-export interface AwsSdkSigV4AuthInputConfig {
-  /**
-   * The credentials used to sign requests.
-   */
-  credentials?: AwsCredentialIdentity | AwsCredentialIdentityProvider;
-  /**
-   * The signer to use when signing requests.
-   */
-  signer?: RequestSigner | ((authScheme?: AuthScheme) => Promise<RequestSigner>);
-  /**
-   * Whether to escape request path when signing the request.
-   */
-  signingEscapePath?: boolean;
-  /**
-   * An offset value in milliseconds to apply to all signing times.
-   */
-  systemClockOffset?: number;
-  /**
-   * The region where you want to sign your request against. This
-   * can be different to the region in the endpoint.
-   */
-  signingRegion?: string;
-  /**
-   * The injectable SigV4-compatible signer class constructor. If not supplied,
-   * regular SignatureV4 constructor will be used.
-   *
-   * @internal
-   */
-  signerConstructor?: new (options: SignatureV4Init & SignatureV4CryptoInit) => RequestSigner;
-}
-/**
- * @internal
- */
-export interface AwsSdkSigV4PreviouslyResolved {
-  credentialDefaultProvider?: (input: any) => MemoizedProvider<AwsCredentialIdentity>;
-  region: string | Provider<string>;
-  sha256: ChecksumConstructor | HashConstructor;
-  signingName?: string;
-  regionInfoProvider?: RegionInfoProvider;
-  defaultSigningName?: string;
-  serviceId: string;
-  useFipsEndpoint: Provider<boolean>;
-  useDualstackEndpoint: Provider<boolean>;
-}
-/**
- * @internal
- */
-export interface AwsSdkSigV4AuthResolvedConfig {
-  /**
-   * Resolved value for input config {@link AwsSdkSigV4AuthInputConfig.credentials}
-   * This provider MAY memoize the loaded credentials for certain period.
-   * See {@link MemoizedProvider} for more information.
-   */
-  credentials: AwsCredentialIdentityProvider;
-  /**
-   * Resolved value for input config {@link AwsSdkSigV4AuthInputConfig.signer}
-   */
-  signer: (authScheme?: AuthScheme) => Promise<RequestSigner>;
-  /**
-   * Resolved value for input config {@link AwsSdkSigV4AuthInputConfig.signingEscapePath}
-   */
-  signingEscapePath: boolean;
-  /**
-   * Resolved value for input config {@link AwsSdkSigV4AuthInputConfig.systemClockOffset}
-   */
-  systemClockOffset: number;
-}
-/**
- * @internal
- */
-export const resolveAwsSdkSigV4Config = <T>(
-  config: T & AwsSdkSigV4AuthInputConfig & AwsSdkSigV4PreviouslyResolved
-): T & AwsSdkSigV4AuthResolvedConfig => {
-  // Normalize credentials
-  let normalizedCreds: AwsCredentialIdentityProvider | undefined;
-  if (config.credentials) {
-    normalizedCreds = memoizeIdentityProvider(config.credentials, isIdentityExpired, doesIdentityRequireRefresh);
-  }
-  if (!normalizedCreds) {
-    // credentialDefaultProvider should always be populated, but in case
-    // it isn't, set a default identity provider that throws an error
-    if (config.credentialDefaultProvider) {
-      normalizedCreds = normalizeProvider(
-        config.credentialDefaultProvider(
-          Object.assign({}, config as any, {
-            parentClientConfig: config,
-          })
-        )
-      );
-    } else {
-      normalizedCreds = async () => {
-        throw new Error("`credentials` is missing");
-      };
-    }
-  }
-  // Populate sigv4 arguments
-  const {
-    // Default for signingEscapePath
-    signingEscapePath = true,
-    // Default for systemClockOffset
-    systemClockOffset = config.systemClockOffset || 0,
-    // No default for sha256 since it is platform dependent
-    sha256,
-  } = config;
-  // Resolve signer
-  let signer: (authScheme?: AuthScheme) => Promise<RequestSigner>;
-  if (config.signer) {
-    // if signer is supplied by user, normalize it to a function returning a promise for signer.
-    signer = normalizeProvider(config.signer);
-  } else if (config.regionInfoProvider) {
-    // This branch is for endpoints V1.
-    // construct a provider inferring signing from region.
-    signer = () =>
-      normalizeProvider(config.region)()
-        .then(
-          async (region) =>
-            [
-              (await config.regionInfoProvider!(region, {
-                useFipsEndpoint: await config.useFipsEndpoint(),
-                useDualstackEndpoint: await config.useDualstackEndpoint(),
-              })) || {},
-              region,
-            ] as [RegionInfo, string]
-        )
-        .then(([regionInfo, region]) => {
-          const { signingRegion, signingService } = regionInfo;
-          // update client's singing region and signing service config if they are resolved.
-          // signing region resolving order: user supplied signingRegion -> endpoints.json inferred region -> client region
-          config.signingRegion = config.signingRegion || signingRegion || region;
-          // signing name resolving order:
-          // user supplied signingName -> endpoints.json inferred (credential scope -> model arnNamespace) -> model service id
-          config.signingName = config.signingName || signingService || config.serviceId;
-          const params: SignatureV4Init & SignatureV4CryptoInit = {
-            ...config,
-            credentials: normalizedCreds!,
-            region: config.signingRegion,
-            service: config.signingName,
-            sha256,
-            uriEscapePath: signingEscapePath,
-          };
-          const SignerCtor = config.signerConstructor || SignatureV4;
-          return new SignerCtor(params);
-        });
-  } else {
-    // This branch is for endpoints V2.
-    // Handle endpoints v2 that resolved per-command
-    // TODO: need total refactor for reference auth architecture.
-    signer = async (authScheme?: AuthScheme) => {
-      authScheme = Object.assign(
-        {},
-        {
-          name: "sigv4",
-          signingName: config.signingName || config.defaultSigningName!,
-          signingRegion: await normalizeProvider(config.region)(),
-          properties: {},
-        },
-        authScheme
-      );
-      const signingRegion = authScheme.signingRegion;
-      const signingService = authScheme.signingName;
-      // update client's singing region and signing service config if they are resolved.
-      // signing region resolving order: user supplied signingRegion -> endpoints.json inferred region -> client region
-      config.signingRegion = config.signingRegion || signingRegion;
-      // signing name resolving order:
-      // user supplied signingName -> endpoints.json inferred (credential scope -> model arnNamespace) -> model service id
-      config.signingName = config.signingName || signingService || config.serviceId;
-      const params: SignatureV4Init & SignatureV4CryptoInit = {
-        ...config,
-        credentials: normalizedCreds!,
-        region: config.signingRegion,
-        service: config.signingName,
-        sha256,
-        uriEscapePath: signingEscapePath,
-      };
-      const SignerCtor = config.signerConstructor || SignatureV4;
-      return new SignerCtor(params);
-    };
-  }
-  return {
-    ...config,
-    systemClockOffset,
-    signingEscapePath,
-    credentials: normalizedCreds!,
-    signer,
-  };
-};
-/**
- * @deprecated renamed to {@link AwsSdkSigV4AuthInputConfig}
- */
-export interface AWSSDKSigV4AuthInputConfig extends AwsSdkSigV4AuthInputConfig {}
-/**
- * @deprecated renamed to {@link AwsSdkSigV4PreviouslyResolved}
- */
-export interface AWSSDKSigV4PreviouslyResolved extends AwsSdkSigV4PreviouslyResolved {}
-/**
- * @deprecated renamed to {@link AwsSdkSigV4AuthResolvedConfig}
- */
-export interface AWSSDKSigV4AuthResolvedConfig extends AwsSdkSigV4AuthResolvedConfig {}
-/**
- * @deprecated renamed to {@link resolveAwsSdkSigV4Config}
- */
-export const resolveAWSSDKSigV4Config = resolveAwsSdkSigV4Config;

package/node_modules/@aws-sdk/core/src/httpAuthSchemes/index.ts DELETED Viewed

	@@ -1 +0,0 @@
1	- export * from "./aws_sdk";

package/node_modules/@aws-sdk/core/src/httpAuthSchemes/utils/getDateHeader.ts DELETED Viewed

@@ -1,7 +0,0 @@
-import { HttpResponse } from "@smithy/protocol-http";
-/**
- * @internal
- */
-export const getDateHeader = (response: unknown): string | undefined =>
-  HttpResponse.isInstance(response) ? response.headers?.date ?? response.headers?.Date : undefined;

package/node_modules/@aws-sdk/core/src/httpAuthSchemes/utils/getSkewCorrectedDate.spec.ts DELETED Viewed

@@ -1,17 +0,0 @@
-import { getSkewCorrectedDate } from "./getSkewCorrectedDate";
-describe(getSkewCorrectedDate.name, () => {
-  const mockDateNow = Date.now();
-  beforeEach(() => {
-    jest.spyOn(Date, "now").mockReturnValue(mockDateNow);
-  });
-  afterEach(() => {
-    jest.clearAllMocks();
-  });
-  it.each([-100000, -100, 0, 100, 100000])("systemClockOffset: %d", (systemClockOffset) => {
-    expect(getSkewCorrectedDate(systemClockOffset)).toStrictEqual(new Date(mockDateNow + systemClockOffset));
-  });
-});

package/node_modules/@aws-sdk/core/src/httpAuthSchemes/utils/getSkewCorrectedDate.ts DELETED Viewed

@@ -1,8 +0,0 @@
-/**
- * @internal
- *
- * Returns a date that is corrected for clock skew.
- *
- * @param systemClockOffset The offset of the system clock in milliseconds.
- */
-export const getSkewCorrectedDate = (systemClockOffset: number) => new Date(Date.now() + systemClockOffset);

package/node_modules/@aws-sdk/core/src/httpAuthSchemes/utils/getUpdatedSystemClockOffset.spec.ts DELETED Viewed

@@ -1,37 +0,0 @@
-import { getUpdatedSystemClockOffset } from "./getUpdatedSystemClockOffset";
-import { isClockSkewed } from "./isClockSkewed";
-jest.mock("./isClockSkewed");
-describe(getUpdatedSystemClockOffset.name, () => {
-  // Mock ServerTime is accurate to last second, to remove milliseconds information.
-  const mockClockTime = new Date(Math.floor(Date.now() / 1000) * 1000);
-  const mockSystemClockOffset = 100;
-  afterEach(() => {
-    jest.clearAllMocks();
-  });
-  it("returns passed systemClockOffset when clock is not skewed", () => {
-    (isClockSkewed as jest.Mock).mockReturnValue(false);
-    expect(getUpdatedSystemClockOffset(mockClockTime.toString(), mockSystemClockOffset)).toEqual(mockSystemClockOffset);
-  });
-  describe("returns difference between serverTime and current time when clock is skewed", () => {
-    const dateDotNowFn = Date.now;
-    beforeEach(() => {
-      (isClockSkewed as jest.Mock).mockReturnValue(true);
-      jest.spyOn(Date, "now").mockReturnValueOnce(mockClockTime.getTime());
-    });
-    afterEach(() => {
-      Date.now = dateDotNowFn;
-    });
-    it.each([1000, 100000])("difference: %d", (difference) => {
-      const updatedClockTime = new Date(mockClockTime.getTime() + difference);
-      expect(getUpdatedSystemClockOffset(updatedClockTime.toString(), mockSystemClockOffset)).toEqual(difference);
-    });
-  });
-});

package/node_modules/@aws-sdk/core/src/httpAuthSchemes/utils/getUpdatedSystemClockOffset.ts DELETED Viewed

@@ -1,18 +0,0 @@
-import { isClockSkewed } from "./isClockSkewed";
-/**
- * @internal
- *
- * If clock is skewed, it returns the difference between serverTime and current time.
- * If clock is not skewed, it returns currentSystemClockOffset.
- *
- * @param clockTime The string value of the server time.
- * @param currentSystemClockOffset The current system clock offset.
- */
-export const getUpdatedSystemClockOffset = (clockTime: string, currentSystemClockOffset: number): number => {
-  const clockTimeInMs = Date.parse(clockTime);
-  if (isClockSkewed(clockTimeInMs, currentSystemClockOffset)) {
-    return clockTimeInMs - Date.now();
-  }
-  return currentSystemClockOffset;
-};

package/node_modules/@aws-sdk/core/src/httpAuthSchemes/utils/index.ts DELETED Viewed

@@ -1,3 +0,0 @@
-export * from "./getDateHeader";
-export * from "./getSkewCorrectedDate";
-export * from "./getUpdatedSystemClockOffset";

package/node_modules/@aws-sdk/core/src/httpAuthSchemes/utils/isClockSkewed.spec.ts DELETED Viewed

@@ -1,32 +0,0 @@
-import { getSkewCorrectedDate } from "./getSkewCorrectedDate";
-import { isClockSkewed } from "./isClockSkewed";
-jest.mock("./getSkewCorrectedDate");
-describe(isClockSkewed.name, () => {
-  const mockSystemClockOffset = 100;
-  const mockSkewCorrectedDate = new Date();
-  beforeEach(() => {
-    (getSkewCorrectedDate as jest.Mock).mockReturnValue(mockSkewCorrectedDate);
-  });
-  afterEach(() => {
-    expect(getSkewCorrectedDate).toHaveBeenCalledWith(mockSystemClockOffset);
-    jest.clearAllMocks();
-  });
-  describe("returns true for time difference >=300000", () => {
-    it.each([300000, 500000])("difference: %d", (difference) => {
-      expect(isClockSkewed(mockSkewCorrectedDate.getTime() + difference, mockSystemClockOffset)).toBe(true);
-      expect(isClockSkewed(mockSkewCorrectedDate.getTime() - difference, mockSystemClockOffset)).toBe(true);
-    });
-  });
-  describe("returns false for time difference <300000", () => {
-    it.each([299999, 100000, 0])("difference: %d", (difference) => {
-      expect(isClockSkewed(mockSkewCorrectedDate.getTime() + difference, mockSystemClockOffset)).toBe(false);
-      expect(isClockSkewed(mockSkewCorrectedDate.getTime() - difference, mockSystemClockOffset)).toBe(false);
-    });
-  });
-});

package/node_modules/@aws-sdk/core/src/httpAuthSchemes/utils/isClockSkewed.ts DELETED Viewed

@@ -1,12 +0,0 @@
-import { getSkewCorrectedDate } from "./getSkewCorrectedDate";
-/**
- * @internal
- *
- * Checks if the provided date is within the skew window of 300000ms.
- *
- * @param clockTime - The time to check for skew in milliseconds.
- * @param systemClockOffset - The offset of the system clock in milliseconds.
- */
-export const isClockSkewed = (clockTime: number, systemClockOffset: number) =>
-  Math.abs(getSkewCorrectedDate(systemClockOffset).getTime() - clockTime) >= 300000;

package/node_modules/@aws-sdk/core/src/index.ts DELETED Viewed

@@ -1,3 +0,0 @@
-export * from "./client/index";
-export * from "./httpAuthSchemes/index";
-export * from "./protocols/index";

package/node_modules/@aws-sdk/core/src/protocols/coercing-serializers.spec.ts DELETED Viewed

@@ -1,76 +0,0 @@
-import { _toBool, _toNum, _toStr } from "./coercing-serializers";
-const consoleWarn = console.warn;
-beforeAll(() => {
-  console.warn = () => {};
-});
-afterAll(() => {
-  console.warn = consoleWarn;
-});
-describe(_toBool.name, () => {
-  it("ignores nullish", () => {
-    expect(_toBool(null)).toBe(null);
-    expect(_toBool(undefined)).toBe(undefined);
-  });
-  it("converts strings", () => {
-    expect(_toBool("false")).toEqual(false);
-    expect(_toBool("true")).toEqual(true);
-    expect(_toBool("False")).toEqual(false);
-    expect(_toBool("True")).toEqual(true);
-    expect(_toBool("")).toEqual(false);
-    expect(_toBool("a")).toEqual(true); // warns
-  });
-  it("does not convert numbers", () => {
-    expect(_toBool(0)).toEqual(0);
-    expect(_toBool(1)).toEqual(1);
-  });
-});
-describe(_toStr.name, () => {
-  it("ignores nullish", () => {
-    expect(_toStr(null)).toBe(null);
-    expect(_toStr(undefined)).toBe(undefined);
-  });
-  it("converts numbers", () => {
-    expect(_toStr(0)).toEqual("0");
-    expect(_toStr(1)).toEqual("1");
-  });
-  it("converts booleans", () => {
-    expect(_toStr(false)).toEqual("false");
-    expect(_toStr(true)).toEqual("true");
-  });
-});
-describe(_toNum.name, () => {
-  it("ignores nullish", () => {
-    expect(_toNum(null)).toBe(null);
-    expect(_toNum(undefined)).toBe(undefined);
-  });
-  it("converts numeric strings", () => {
-    expect(_toNum("1234")).toEqual(1234);
-    expect(_toNum("1234.56")).toEqual(1234.56);
-  });
-  it("does not convert prefix-numeric strings", () => {
-    expect(_toNum("1234abc")).toEqual("1234abc");
-    expect(_toNum("1234.56abc")).toEqual("1234.56abc");
-  });
-  it("does not convert non-numeric strings", () => {
-    expect(_toNum("abcdef")).toEqual("abcdef");
-  });
-  it("does not convert bools", () => {
-    expect(_toNum(false)).toEqual(false);
-    expect(_toNum(true)).toEqual(true);
-  });
-});