@digipair/skill-s3 0.113.1 → 0.114.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (31) hide show
  1. package/README.md +7 -0
  2. package/dist/externalDataInterceptor.esm.js +19 -0
  3. package/dist/getSSOTokenFromFile.esm.js +169 -0
  4. package/{index.cjs.js → dist/index.cjs.js} +0 -2
  5. package/dist/index.esm.js +14 -0
  6. package/dist/index.esm10.js +1603 -0
  7. package/dist/index.esm11.js +2635 -0
  8. package/dist/index.esm2.js +14 -0
  9. package/dist/index.esm3.js +40088 -0
  10. package/dist/index.esm4.js +450 -0
  11. package/dist/index.esm5.js +3677 -0
  12. package/dist/index.esm6.js +434 -0
  13. package/dist/index.esm7.js +705 -0
  14. package/dist/index.esm8.js +1690 -0
  15. package/dist/index.esm9.js +1519 -0
  16. package/dist/loadSso.esm.js +2090 -0
  17. package/dist/noAuth.esm.js +165 -0
  18. package/dist/package.esm.js +184 -0
  19. package/dist/parseJsonBody.esm.js +252 -0
  20. package/dist/parseKnownFiles.esm.js +248 -0
  21. package/dist/src/index.d.ts +2 -0
  22. package/dist/src/index.d.ts.map +1 -0
  23. package/{libs/skill-s3 → dist}/src/lib/skill-s3.d.ts +1 -0
  24. package/dist/src/lib/skill-s3.d.ts.map +1 -0
  25. package/package.json +27 -6
  26. package/index.d.ts +0 -1
  27. package/index.esm.js +0 -65
  28. package/libs/skill-s3/src/index.d.ts +0 -1
  29. /package/{index.cjs.d.ts → dist/index.d.ts} +0 -0
  30. /package/{schema.fr.json → dist/schema.fr.json} +0 -0
  31. /package/{schema.json → dist/schema.json} +0 -0
package/dist/index.esm10.js ADDED
@@ -0,0 +1,1603 @@
1
+ import { g as getSSOTokenFilepath, a as getSSOTokenFromFile } from './getSSOTokenFromFile.esm.js';
2
+ import { P as ProviderError, I as IniSectionType, q as CONFIG_PREFIX_SEPARATOR, r as slurpFile, t as getConfigFilepath, u as parseIni, j as getProfileName, C as CredentialsProviderError, s as setCredentialFeature } from './index.esm3.js';
3
+ import { promises } from 'fs';
4
+ import { p as parseKnownFiles } from './parseKnownFiles.esm.js';
5
+ import 'crypto';
6
+ import 'path';
7
+ import 'buffer';
8
+ import 'os';
9
+ import 'stream';
10
+ import 'http';
11
+ import 'https';
12
+ import 'process';
13
+ import 'node:fs';
14
+ import 'async_hooks';
15
+ import 'zlib';
16
+ import 'node:stream';
17
+
18
+ function _assert_this_initialized(self) {
19
+ if (self === void 0) {
20
+ throw new ReferenceError("this hasn't been initialised - super() hasn't been called");
21
+ }
22
+ return self;
23
+ }
24
+ function _class_call_check(instance, Constructor) {
25
+ if (!(instance instanceof Constructor)) {
26
+ throw new TypeError("Cannot call a class as a function");
27
+ }
28
+ }
29
+ function _define_property$3(obj, key, value) {
30
+ if (key in obj) {
31
+ Object.defineProperty(obj, key, {
32
+ value: value,
33
+ enumerable: true,
34
+ configurable: true,
35
+ writable: true
36
+ });
37
+ } else {
38
+ obj[key] = value;
39
+ }
40
+ return obj;
41
+ }
42
+ function _get_prototype_of(o) {
43
+ _get_prototype_of = Object.setPrototypeOf ? Object.getPrototypeOf : function getPrototypeOf(o) {
44
+ return o.__proto__ || Object.getPrototypeOf(o);
45
+ };
46
+ return _get_prototype_of(o);
47
+ }
48
+ function _inherits(subClass, superClass) {
49
+ if (typeof superClass !== "function" && superClass !== null) {
50
+ throw new TypeError("Super expression must either be null or a function");
51
+ }
52
+ subClass.prototype = Object.create(superClass && superClass.prototype, {
53
+ constructor: {
54
+ value: subClass,
55
+ writable: true,
56
+ configurable: true
57
+ }
58
+ });
59
+ if (superClass) _set_prototype_of(subClass, superClass);
60
+ }
61
+ function _possible_constructor_return(self, call) {
62
+ if (call && (_type_of(call) === "object" || typeof call === "function")) {
63
+ return call;
64
+ }
65
+ return _assert_this_initialized(self);
66
+ }
67
+ function _set_prototype_of(o, p) {
68
+ _set_prototype_of = Object.setPrototypeOf || function setPrototypeOf(o, p) {
69
+ o.__proto__ = p;
70
+ return o;
71
+ };
72
+ return _set_prototype_of(o, p);
73
+ }
74
+ function _type_of(obj) {
75
+ "@swc/helpers - typeof";
76
+ return obj && typeof Symbol !== "undefined" && obj.constructor === Symbol ? "symbol" : typeof obj;
77
+ }
78
+ function _is_native_reflect_construct() {
79
+ if (typeof Reflect === "undefined" || !Reflect.construct) return false;
80
+ if (Reflect.construct.sham) return false;
81
+ if (typeof Proxy === "function") return true;
82
+ try {
83
+ Boolean.prototype.valueOf.call(Reflect.construct(Boolean, [], function() {}));
84
+ return true;
85
+ } catch (e) {
86
+ return false;
87
+ }
88
+ }
89
+ function _create_super(Derived) {
90
+ var hasNativeReflectConstruct = _is_native_reflect_construct();
91
+ return function _createSuperInternal() {
92
+ var Super = _get_prototype_of(Derived), result;
93
+ if (hasNativeReflectConstruct) {
94
+ var NewTarget = _get_prototype_of(this).constructor;
95
+ result = Reflect.construct(Super, arguments, NewTarget);
96
+ } else {
97
+ result = Super.apply(this, arguments);
98
+ }
99
+ return _possible_constructor_return(this, result);
100
+ };
101
+ }
102
+ var TokenProviderError = /*#__PURE__*/ function(ProviderError) {
103
+ _inherits(TokenProviderError, ProviderError);
104
+ var _super = _create_super(TokenProviderError);
105
+ function TokenProviderError(message) {
106
+ var options = arguments.length > 1 && arguments[1] !== void 0 ? arguments[1] : true;
107
+ _class_call_check(this, TokenProviderError);
108
+ var _this;
109
+ _this = _super.call(this, message, options);
110
+ _define_property$3(_assert_this_initialized(_this), "name", "TokenProviderError");
111
+ Object.setPrototypeOf(_assert_this_initialized(_this), TokenProviderError.prototype);
112
+ return _this;
113
+ }
114
+ return TokenProviderError;
115
+ }(ProviderError);
116
+
117
+ function _array_like_to_array(arr, len) {
118
+ if (len == null || len > arr.length) len = arr.length;
119
+ for(var i = 0, arr2 = new Array(len); i < len; i++)arr2[i] = arr[i];
120
+ return arr2;
121
+ }
122
+ function _array_with_holes(arr) {
123
+ if (Array.isArray(arr)) return arr;
124
+ }
125
+ function _define_property$2(obj, key, value) {
126
+ if (key in obj) {
127
+ Object.defineProperty(obj, key, {
128
+ value: value,
129
+ enumerable: true,
130
+ configurable: true,
131
+ writable: true
132
+ });
133
+ } else {
134
+ obj[key] = value;
135
+ }
136
+ return obj;
137
+ }
138
+ function _iterable_to_array_limit(arr, i) {
139
+ var _i = arr == null ? null : typeof Symbol !== "undefined" && arr[Symbol.iterator] || arr["@@iterator"];
140
+ if (_i == null) return;
141
+ var _arr = [];
142
+ var _n = true;
143
+ var _d = false;
144
+ var _s, _e;
145
+ try {
146
+ for(_i = _i.call(arr); !(_n = (_s = _i.next()).done); _n = true){
147
+ _arr.push(_s.value);
148
+ if (i && _arr.length === i) break;
149
+ }
150
+ } catch (err) {
151
+ _d = true;
152
+ _e = err;
153
+ } finally{
154
+ try {
155
+ if (!_n && _i["return"] != null) _i["return"]();
156
+ } finally{
157
+ if (_d) throw _e;
158
+ }
159
+ }
160
+ return _arr;
161
+ }
162
+ function _non_iterable_rest() {
163
+ throw new TypeError("Invalid attempt to destructure non-iterable instance.\\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.");
164
+ }
165
+ function _object_spread$2(target) {
166
+ for(var i = 1; i < arguments.length; i++){
167
+ var source = arguments[i] != null ? arguments[i] : {};
168
+ var ownKeys = Object.keys(source);
169
+ if (typeof Object.getOwnPropertySymbols === "function") {
170
+ ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
171
+ return Object.getOwnPropertyDescriptor(source, sym).enumerable;
172
+ }));
173
+ }
174
+ ownKeys.forEach(function(key) {
175
+ _define_property$2(target, key, source[key]);
176
+ });
177
+ }
178
+ return target;
179
+ }
180
+ function ownKeys$1(object, enumerableOnly) {
181
+ var keys = Object.keys(object);
182
+ if (Object.getOwnPropertySymbols) {
183
+ var symbols = Object.getOwnPropertySymbols(object);
184
+ keys.push.apply(keys, symbols);
185
+ }
186
+ return keys;
187
+ }
188
+ function _object_spread_props$1(target, source) {
189
+ source = source != null ? source : {};
190
+ if (Object.getOwnPropertyDescriptors) {
191
+ Object.defineProperties(target, Object.getOwnPropertyDescriptors(source));
192
+ } else {
193
+ ownKeys$1(Object(source)).forEach(function(key) {
194
+ Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key));
195
+ });
196
+ }
197
+ return target;
198
+ }
199
+ function _sliced_to_array(arr, i) {
200
+ return _array_with_holes(arr) || _iterable_to_array_limit(arr, i) || _unsupported_iterable_to_array(arr, i) || _non_iterable_rest();
201
+ }
202
+ function _unsupported_iterable_to_array(o, minLen) {
203
+ if (!o) return;
204
+ if (typeof o === "string") return _array_like_to_array(o, minLen);
205
+ var n = Object.prototype.toString.call(o).slice(8, -1);
206
+ if (n === "Object" && o.constructor) n = o.constructor.name;
207
+ if (n === "Map" || n === "Set") return Array.from(n);
208
+ if (n === "Arguments" || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)) return _array_like_to_array(o, minLen);
209
+ }
210
+ var getSsoSessionData = function(data) {
211
+ return Object.entries(data).filter(function(param) {
212
+ var _param = _sliced_to_array(param, 1), key = _param[0];
213
+ return key.startsWith(IniSectionType.SSO_SESSION + CONFIG_PREFIX_SEPARATOR);
214
+ }).reduce(function(acc, param) {
215
+ var _param = _sliced_to_array(param, 2), key = _param[0], value = _param[1];
216
+ return _object_spread_props$1(_object_spread$2({}, acc), _define_property$2({}, key.substring(key.indexOf(CONFIG_PREFIX_SEPARATOR) + 1), value));
217
+ }, {});
218
+ };
219
+
220
+ function asyncGeneratorStep$5(gen, resolve, reject, _next, _throw, key, arg) {
221
+ try {
222
+ var info = gen[key](arg);
223
+ var value = info.value;
224
+ } catch (error) {
225
+ reject(error);
226
+ return;
227
+ }
228
+ if (info.done) {
229
+ resolve(value);
230
+ } else {
231
+ Promise.resolve(value).then(_next, _throw);
232
+ }
233
+ }
234
+ function _async_to_generator$5(fn) {
235
+ return function() {
236
+ var self = this, args = arguments;
237
+ return new Promise(function(resolve, reject) {
238
+ var gen = fn.apply(self, args);
239
+ function _next(value) {
240
+ asyncGeneratorStep$5(gen, resolve, reject, _next, _throw, "next", value);
241
+ }
242
+ function _throw(err) {
243
+ asyncGeneratorStep$5(gen, resolve, reject, _next, _throw, "throw", err);
244
+ }
245
+ _next(undefined);
246
+ });
247
+ };
248
+ }
249
+ function _ts_generator$5(thisArg, body) {
250
+ var f, y, t, g, _ = {
251
+ label: 0,
252
+ sent: function() {
253
+ if (t[0] & 1) throw t[1];
254
+ return t[1];
255
+ },
256
+ trys: [],
257
+ ops: []
258
+ };
259
+ return g = {
260
+ next: verb(0),
261
+ "throw": verb(1),
262
+ "return": verb(2)
263
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
264
+ return this;
265
+ }), g;
266
+ function verb(n) {
267
+ return function(v) {
268
+ return step([
269
+ n,
270
+ v
271
+ ]);
272
+ };
273
+ }
274
+ function step(op) {
275
+ if (f) throw new TypeError("Generator is already executing.");
276
+ while(_)try {
277
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
278
+ if (y = 0, t) op = [
279
+ op[0] & 2,
280
+ t.value
281
+ ];
282
+ switch(op[0]){
283
+ case 0:
284
+ case 1:
285
+ t = op;
286
+ break;
287
+ case 4:
288
+ _.label++;
289
+ return {
290
+ value: op[1],
291
+ done: false
292
+ };
293
+ case 5:
294
+ _.label++;
295
+ y = op[1];
296
+ op = [
297
+ 0
298
+ ];
299
+ continue;
300
+ case 7:
301
+ op = _.ops.pop();
302
+ _.trys.pop();
303
+ continue;
304
+ default:
305
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
306
+ _ = 0;
307
+ continue;
308
+ }
309
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
310
+ _.label = op[1];
311
+ break;
312
+ }
313
+ if (op[0] === 6 && _.label < t[1]) {
314
+ _.label = t[1];
315
+ t = op;
316
+ break;
317
+ }
318
+ if (t && _.label < t[2]) {
319
+ _.label = t[2];
320
+ _.ops.push(op);
321
+ break;
322
+ }
323
+ if (t[2]) _.ops.pop();
324
+ _.trys.pop();
325
+ continue;
326
+ }
327
+ op = body.call(thisArg, _);
328
+ } catch (e) {
329
+ op = [
330
+ 6,
331
+ e
332
+ ];
333
+ y = 0;
334
+ } finally{
335
+ f = t = 0;
336
+ }
337
+ if (op[0] & 5) throw op[1];
338
+ return {
339
+ value: op[0] ? op[1] : void 0,
340
+ done: true
341
+ };
342
+ }
343
+ }
344
+ var swallowError = function() {
345
+ return {};
346
+ };
347
+ var loadSsoSessionData = function() {
348
+ var _ref = _async_to_generator$5(function() {
349
+ var init, _init_configFilepath;
350
+ var _arguments = arguments;
351
+ return _ts_generator$5(this, function(_state) {
352
+ init = _arguments.length > 0 && _arguments[0] !== void 0 ? _arguments[0] : {};
353
+ return [
354
+ 2,
355
+ slurpFile((_init_configFilepath = init.configFilepath) !== null && _init_configFilepath !== void 0 ? _init_configFilepath : getConfigFilepath()).then(parseIni).then(getSsoSessionData).catch(swallowError)
356
+ ];
357
+ });
358
+ });
359
+ return function loadSsoSessionData() {
360
+ return _ref.apply(this, arguments);
361
+ };
362
+ }();
363
+
364
+ var isSsoProfile = function(arg) {
365
+ return arg && (typeof arg.sso_start_url === "string" || typeof arg.sso_account_id === "string" || typeof arg.sso_session === "string" || typeof arg.sso_region === "string" || typeof arg.sso_role_name === "string");
366
+ };
367
+
368
+ var EXPIRE_WINDOW_MS = 5 * 60 * 1000;
369
+ var REFRESH_MESSAGE = "To refresh this SSO session run 'aws sso login' with the corresponding profile.";
370
+
371
+ function asyncGeneratorStep$4(gen, resolve, reject, _next, _throw, key, arg) {
372
+ try {
373
+ var info = gen[key](arg);
374
+ var value = info.value;
375
+ } catch (error) {
376
+ reject(error);
377
+ return;
378
+ }
379
+ if (info.done) {
380
+ resolve(value);
381
+ } else {
382
+ Promise.resolve(value).then(_next, _throw);
383
+ }
384
+ }
385
+ function _async_to_generator$4(fn) {
386
+ return function() {
387
+ var self = this, args = arguments;
388
+ return new Promise(function(resolve, reject) {
389
+ var gen = fn.apply(self, args);
390
+ function _next(value) {
391
+ asyncGeneratorStep$4(gen, resolve, reject, _next, _throw, "next", value);
392
+ }
393
+ function _throw(err) {
394
+ asyncGeneratorStep$4(gen, resolve, reject, _next, _throw, "throw", err);
395
+ }
396
+ _next(undefined);
397
+ });
398
+ };
399
+ }
400
+ function _ts_generator$4(thisArg, body) {
401
+ var f, y, t, g, _ = {
402
+ label: 0,
403
+ sent: function() {
404
+ if (t[0] & 1) throw t[1];
405
+ return t[1];
406
+ },
407
+ trys: [],
408
+ ops: []
409
+ };
410
+ return g = {
411
+ next: verb(0),
412
+ "throw": verb(1),
413
+ "return": verb(2)
414
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
415
+ return this;
416
+ }), g;
417
+ function verb(n) {
418
+ return function(v) {
419
+ return step([
420
+ n,
421
+ v
422
+ ]);
423
+ };
424
+ }
425
+ function step(op) {
426
+ if (f) throw new TypeError("Generator is already executing.");
427
+ while(_)try {
428
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
429
+ if (y = 0, t) op = [
430
+ op[0] & 2,
431
+ t.value
432
+ ];
433
+ switch(op[0]){
434
+ case 0:
435
+ case 1:
436
+ t = op;
437
+ break;
438
+ case 4:
439
+ _.label++;
440
+ return {
441
+ value: op[1],
442
+ done: false
443
+ };
444
+ case 5:
445
+ _.label++;
446
+ y = op[1];
447
+ op = [
448
+ 0
449
+ ];
450
+ continue;
451
+ case 7:
452
+ op = _.ops.pop();
453
+ _.trys.pop();
454
+ continue;
455
+ default:
456
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
457
+ _ = 0;
458
+ continue;
459
+ }
460
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
461
+ _.label = op[1];
462
+ break;
463
+ }
464
+ if (op[0] === 6 && _.label < t[1]) {
465
+ _.label = t[1];
466
+ t = op;
467
+ break;
468
+ }
469
+ if (t && _.label < t[2]) {
470
+ _.label = t[2];
471
+ _.ops.push(op);
472
+ break;
473
+ }
474
+ if (t[2]) _.ops.pop();
475
+ _.trys.pop();
476
+ continue;
477
+ }
478
+ op = body.call(thisArg, _);
479
+ } catch (e) {
480
+ op = [
481
+ 6,
482
+ e
483
+ ];
484
+ y = 0;
485
+ } finally{
486
+ f = t = 0;
487
+ }
488
+ if (op[0] & 5) throw op[1];
489
+ return {
490
+ value: op[0] ? op[1] : void 0,
491
+ done: true
492
+ };
493
+ }
494
+ }
495
+ var getSsoOidcClient = function() {
496
+ var _ref = _async_to_generator$4(function(ssoRegion) {
497
+ var init, _init_clientConfig, _init_clientConfig1, _init_parentClientConfig, SSOOIDCClient, _init_clientConfig2, _init_clientConfig_logger, ssoOidcClient;
498
+ var _arguments = arguments;
499
+ return _ts_generator$4(this, function(_state) {
500
+ switch(_state.label){
501
+ case 0:
502
+ init = _arguments.length > 1 && _arguments[1] !== void 0 ? _arguments[1] : {};
503
+ return [
504
+ 4,
505
+ import('./index.esm11.js')
506
+ ];
507
+ case 1:
508
+ SSOOIDCClient = _state.sent().SSOOIDCClient;
509
+ ssoOidcClient = new SSOOIDCClient(Object.assign({}, (_init_clientConfig2 = init.clientConfig) !== null && _init_clientConfig2 !== void 0 ? _init_clientConfig2 : {}, {
510
+ region: ssoRegion !== null && ssoRegion !== void 0 ? ssoRegion : (_init_clientConfig = init.clientConfig) === null || _init_clientConfig === void 0 ? void 0 : _init_clientConfig.region,
511
+ logger: (_init_clientConfig_logger = (_init_clientConfig1 = init.clientConfig) === null || _init_clientConfig1 === void 0 ? void 0 : _init_clientConfig1.logger) !== null && _init_clientConfig_logger !== void 0 ? _init_clientConfig_logger : (_init_parentClientConfig = init.parentClientConfig) === null || _init_parentClientConfig === void 0 ? void 0 : _init_parentClientConfig.logger
512
+ }));
513
+ return [
514
+ 2,
515
+ ssoOidcClient
516
+ ];
517
+ }
518
+ });
519
+ });
520
+ return function getSsoOidcClient(ssoRegion) {
521
+ return _ref.apply(this, arguments);
522
+ };
523
+ }();
524
+
525
+ function asyncGeneratorStep$3(gen, resolve, reject, _next, _throw, key, arg) {
526
+ try {
527
+ var info = gen[key](arg);
528
+ var value = info.value;
529
+ } catch (error) {
530
+ reject(error);
531
+ return;
532
+ }
533
+ if (info.done) {
534
+ resolve(value);
535
+ } else {
536
+ Promise.resolve(value).then(_next, _throw);
537
+ }
538
+ }
539
+ function _async_to_generator$3(fn) {
540
+ return function() {
541
+ var self = this, args = arguments;
542
+ return new Promise(function(resolve, reject) {
543
+ var gen = fn.apply(self, args);
544
+ function _next(value) {
545
+ asyncGeneratorStep$3(gen, resolve, reject, _next, _throw, "next", value);
546
+ }
547
+ function _throw(err) {
548
+ asyncGeneratorStep$3(gen, resolve, reject, _next, _throw, "throw", err);
549
+ }
550
+ _next(undefined);
551
+ });
552
+ };
553
+ }
554
+ function _ts_generator$3(thisArg, body) {
555
+ var f, y, t, g, _ = {
556
+ label: 0,
557
+ sent: function() {
558
+ if (t[0] & 1) throw t[1];
559
+ return t[1];
560
+ },
561
+ trys: [],
562
+ ops: []
563
+ };
564
+ return g = {
565
+ next: verb(0),
566
+ "throw": verb(1),
567
+ "return": verb(2)
568
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
569
+ return this;
570
+ }), g;
571
+ function verb(n) {
572
+ return function(v) {
573
+ return step([
574
+ n,
575
+ v
576
+ ]);
577
+ };
578
+ }
579
+ function step(op) {
580
+ if (f) throw new TypeError("Generator is already executing.");
581
+ while(_)try {
582
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
583
+ if (y = 0, t) op = [
584
+ op[0] & 2,
585
+ t.value
586
+ ];
587
+ switch(op[0]){
588
+ case 0:
589
+ case 1:
590
+ t = op;
591
+ break;
592
+ case 4:
593
+ _.label++;
594
+ return {
595
+ value: op[1],
596
+ done: false
597
+ };
598
+ case 5:
599
+ _.label++;
600
+ y = op[1];
601
+ op = [
602
+ 0
603
+ ];
604
+ continue;
605
+ case 7:
606
+ op = _.ops.pop();
607
+ _.trys.pop();
608
+ continue;
609
+ default:
610
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
611
+ _ = 0;
612
+ continue;
613
+ }
614
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
615
+ _.label = op[1];
616
+ break;
617
+ }
618
+ if (op[0] === 6 && _.label < t[1]) {
619
+ _.label = t[1];
620
+ t = op;
621
+ break;
622
+ }
623
+ if (t && _.label < t[2]) {
624
+ _.label = t[2];
625
+ _.ops.push(op);
626
+ break;
627
+ }
628
+ if (t[2]) _.ops.pop();
629
+ _.trys.pop();
630
+ continue;
631
+ }
632
+ op = body.call(thisArg, _);
633
+ } catch (e) {
634
+ op = [
635
+ 6,
636
+ e
637
+ ];
638
+ y = 0;
639
+ } finally{
640
+ f = t = 0;
641
+ }
642
+ if (op[0] & 5) throw op[1];
643
+ return {
644
+ value: op[0] ? op[1] : void 0,
645
+ done: true
646
+ };
647
+ }
648
+ }
649
+ var getNewSsoOidcToken = function() {
650
+ var _ref = _async_to_generator$3(function(ssoToken, ssoRegion) {
651
+ var init, CreateTokenCommand, ssoOidcClient;
652
+ var _arguments = arguments;
653
+ return _ts_generator$3(this, function(_state) {
654
+ switch(_state.label){
655
+ case 0:
656
+ init = _arguments.length > 2 && _arguments[2] !== void 0 ? _arguments[2] : {};
657
+ return [
658
+ 4,
659
+ import('./index.esm11.js')
660
+ ];
661
+ case 1:
662
+ CreateTokenCommand = _state.sent().CreateTokenCommand;
663
+ return [
664
+ 4,
665
+ getSsoOidcClient(ssoRegion, init)
666
+ ];
667
+ case 2:
668
+ ssoOidcClient = _state.sent();
669
+ return [
670
+ 2,
671
+ ssoOidcClient.send(new CreateTokenCommand({
672
+ clientId: ssoToken.clientId,
673
+ clientSecret: ssoToken.clientSecret,
674
+ refreshToken: ssoToken.refreshToken,
675
+ grantType: "refresh_token"
676
+ }))
677
+ ];
678
+ }
679
+ });
680
+ });
681
+ return function getNewSsoOidcToken(ssoToken, ssoRegion) {
682
+ return _ref.apply(this, arguments);
683
+ };
684
+ }();
685
+
686
+ var validateTokenExpiry = function(token) {
687
+ if (token.expiration && token.expiration.getTime() < Date.now()) {
688
+ throw new TokenProviderError("Token is expired. ".concat(REFRESH_MESSAGE), false);
689
+ }
690
+ };
691
+
692
+ var validateTokenKey = function(key, value) {
693
+ var forRefresh = arguments.length > 2 && arguments[2] !== void 0 ? arguments[2] : false;
694
+ if (typeof value === "undefined") {
695
+ throw new TokenProviderError("Value not present for '".concat(key, "' in SSO Token").concat(forRefresh ? ". Cannot refresh" : "", ". ").concat(REFRESH_MESSAGE), false);
696
+ }
697
+ };
698
+
699
+ var writeFile = promises.writeFile;
700
+ var writeSSOTokenToFile = function(id, ssoToken) {
701
+ var tokenFilepath = getSSOTokenFilepath(id);
702
+ var tokenString = JSON.stringify(ssoToken, null, 2);
703
+ return writeFile(tokenFilepath, tokenString);
704
+ };
705
+
706
+ function asyncGeneratorStep$2(gen, resolve, reject, _next, _throw, key, arg) {
707
+ try {
708
+ var info = gen[key](arg);
709
+ var value = info.value;
710
+ } catch (error) {
711
+ reject(error);
712
+ return;
713
+ }
714
+ if (info.done) {
715
+ resolve(value);
716
+ } else {
717
+ Promise.resolve(value).then(_next, _throw);
718
+ }
719
+ }
720
+ function _async_to_generator$2(fn) {
721
+ return function() {
722
+ var self = this, args = arguments;
723
+ return new Promise(function(resolve, reject) {
724
+ var gen = fn.apply(self, args);
725
+ function _next(value) {
726
+ asyncGeneratorStep$2(gen, resolve, reject, _next, _throw, "next", value);
727
+ }
728
+ function _throw(err) {
729
+ asyncGeneratorStep$2(gen, resolve, reject, _next, _throw, "throw", err);
730
+ }
731
+ _next(undefined);
732
+ });
733
+ };
734
+ }
735
+ function _define_property$1(obj, key, value) {
736
+ if (key in obj) {
737
+ Object.defineProperty(obj, key, {
738
+ value: value,
739
+ enumerable: true,
740
+ configurable: true,
741
+ writable: true
742
+ });
743
+ } else {
744
+ obj[key] = value;
745
+ }
746
+ return obj;
747
+ }
748
+ function _object_spread$1(target) {
749
+ for(var i = 1; i < arguments.length; i++){
750
+ var source = arguments[i] != null ? arguments[i] : {};
751
+ var ownKeys = Object.keys(source);
752
+ if (typeof Object.getOwnPropertySymbols === "function") {
753
+ ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
754
+ return Object.getOwnPropertyDescriptor(source, sym).enumerable;
755
+ }));
756
+ }
757
+ ownKeys.forEach(function(key) {
758
+ _define_property$1(target, key, source[key]);
759
+ });
760
+ }
761
+ return target;
762
+ }
763
+ function ownKeys(object, enumerableOnly) {
764
+ var keys = Object.keys(object);
765
+ if (Object.getOwnPropertySymbols) {
766
+ var symbols = Object.getOwnPropertySymbols(object);
767
+ keys.push.apply(keys, symbols);
768
+ }
769
+ return keys;
770
+ }
771
+ function _object_spread_props(target, source) {
772
+ source = source != null ? source : {};
773
+ if (Object.getOwnPropertyDescriptors) {
774
+ Object.defineProperties(target, Object.getOwnPropertyDescriptors(source));
775
+ } else {
776
+ ownKeys(Object(source)).forEach(function(key) {
777
+ Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key));
778
+ });
779
+ }
780
+ return target;
781
+ }
782
+ function _ts_generator$2(thisArg, body) {
783
+ var f, y, t, g, _ = {
784
+ label: 0,
785
+ sent: function() {
786
+ if (t[0] & 1) throw t[1];
787
+ return t[1];
788
+ },
789
+ trys: [],
790
+ ops: []
791
+ };
792
+ return g = {
793
+ next: verb(0),
794
+ "throw": verb(1),
795
+ "return": verb(2)
796
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
797
+ return this;
798
+ }), g;
799
+ function verb(n) {
800
+ return function(v) {
801
+ return step([
802
+ n,
803
+ v
804
+ ]);
805
+ };
806
+ }
807
+ function step(op) {
808
+ if (f) throw new TypeError("Generator is already executing.");
809
+ while(_)try {
810
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
811
+ if (y = 0, t) op = [
812
+ op[0] & 2,
813
+ t.value
814
+ ];
815
+ switch(op[0]){
816
+ case 0:
817
+ case 1:
818
+ t = op;
819
+ break;
820
+ case 4:
821
+ _.label++;
822
+ return {
823
+ value: op[1],
824
+ done: false
825
+ };
826
+ case 5:
827
+ _.label++;
828
+ y = op[1];
829
+ op = [
830
+ 0
831
+ ];
832
+ continue;
833
+ case 7:
834
+ op = _.ops.pop();
835
+ _.trys.pop();
836
+ continue;
837
+ default:
838
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
839
+ _ = 0;
840
+ continue;
841
+ }
842
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
843
+ _.label = op[1];
844
+ break;
845
+ }
846
+ if (op[0] === 6 && _.label < t[1]) {
847
+ _.label = t[1];
848
+ t = op;
849
+ break;
850
+ }
851
+ if (t && _.label < t[2]) {
852
+ _.label = t[2];
853
+ _.ops.push(op);
854
+ break;
855
+ }
856
+ if (t[2]) _.ops.pop();
857
+ _.trys.pop();
858
+ continue;
859
+ }
860
+ op = body.call(thisArg, _);
861
+ } catch (e) {
862
+ op = [
863
+ 6,
864
+ e
865
+ ];
866
+ y = 0;
867
+ } finally{
868
+ f = t = 0;
869
+ }
870
+ if (op[0] & 5) throw op[1];
871
+ return {
872
+ value: op[0] ? op[1] : void 0,
873
+ done: true
874
+ };
875
+ }
876
+ }
877
+ var lastRefreshAttemptTime = new Date(0);
878
+ var fromSso = function() {
879
+ var _init = arguments.length > 0 && arguments[0] !== void 0 ? arguments[0] : {};
880
+ return /*#__PURE__*/ _async_to_generator$2(function() {
881
+ var callerClientConfig, _init_logger, init, profiles, _init_profile, profileName, profile, ssoSessionName, ssoSessions, ssoSession, _i, _iter, ssoSessionRequiredKey, ssoRegion, ssoToken, accessToken, expiresAt, existingToken, newSsoOidcToken, newTokenExpiration;
882
+ var _arguments = arguments;
883
+ return _ts_generator$2(this, function(_state) {
884
+ switch(_state.label){
885
+ case 0:
886
+ callerClientConfig = (_arguments.length > 0 && _arguments[0] !== void 0 ? _arguments[0] : {}).callerClientConfig;
887
+ init = _object_spread_props(_object_spread$1({}, _init), {
888
+ parentClientConfig: _object_spread$1({}, callerClientConfig, _init.parentClientConfig)
889
+ });
890
+ (_init_logger = init.logger) === null || _init_logger === void 0 ? void 0 : _init_logger.debug("@aws-sdk/token-providers - fromSso");
891
+ return [
892
+ 4,
893
+ parseKnownFiles(init)
894
+ ];
895
+ case 1:
896
+ profiles = _state.sent();
897
+ profileName = getProfileName({
898
+ profile: (_init_profile = init.profile) !== null && _init_profile !== void 0 ? _init_profile : callerClientConfig === null || callerClientConfig === void 0 ? void 0 : callerClientConfig.profile
899
+ });
900
+ profile = profiles[profileName];
901
+ if (!profile) {
902
+ throw new TokenProviderError("Profile '".concat(profileName, "' could not be found in shared credentials file."), false);
903
+ } else if (!profile["sso_session"]) {
904
+ throw new TokenProviderError("Profile '".concat(profileName, "' is missing required property 'sso_session'."));
905
+ }
906
+ ssoSessionName = profile["sso_session"];
907
+ return [
908
+ 4,
909
+ loadSsoSessionData(init)
910
+ ];
911
+ case 2:
912
+ ssoSessions = _state.sent();
913
+ ssoSession = ssoSessions[ssoSessionName];
914
+ if (!ssoSession) {
915
+ throw new TokenProviderError("Sso session '".concat(ssoSessionName, "' could not be found in shared credentials file."), false);
916
+ }
917
+ for(_i = 0, _iter = [
918
+ "sso_start_url",
919
+ "sso_region"
920
+ ]; _i < _iter.length; _i++){
921
+ ssoSessionRequiredKey = _iter[_i];
922
+ if (!ssoSession[ssoSessionRequiredKey]) {
923
+ throw new TokenProviderError("Sso session '".concat(ssoSessionName, "' is missing required property '").concat(ssoSessionRequiredKey, "'."), false);
924
+ }
925
+ }
926
+ ssoSession["sso_start_url"];
927
+ ssoRegion = ssoSession["sso_region"];
928
+ _state.label = 3;
929
+ case 3:
930
+ _state.trys.push([
931
+ 3,
932
+ 5,
933
+ ,
934
+ 6
935
+ ]);
936
+ return [
937
+ 4,
938
+ getSSOTokenFromFile(ssoSessionName)
939
+ ];
940
+ case 4:
941
+ ssoToken = _state.sent();
942
+ return [
943
+ 3,
944
+ 6
945
+ ];
946
+ case 5:
947
+ _state.sent();
948
+ throw new TokenProviderError("The SSO session token associated with profile=".concat(profileName, " was not found or is invalid. ").concat(REFRESH_MESSAGE), false);
949
+ case 6:
950
+ validateTokenKey("accessToken", ssoToken.accessToken);
951
+ validateTokenKey("expiresAt", ssoToken.expiresAt);
952
+ accessToken = ssoToken.accessToken, expiresAt = ssoToken.expiresAt;
953
+ existingToken = {
954
+ token: accessToken,
955
+ expiration: new Date(expiresAt)
956
+ };
957
+ if (existingToken.expiration.getTime() - Date.now() > EXPIRE_WINDOW_MS) {
958
+ return [
959
+ 2,
960
+ existingToken
961
+ ];
962
+ }
963
+ if (Date.now() - lastRefreshAttemptTime.getTime() < 30 * 1000) {
964
+ validateTokenExpiry(existingToken);
965
+ return [
966
+ 2,
967
+ existingToken
968
+ ];
969
+ }
970
+ validateTokenKey("clientId", ssoToken.clientId, true);
971
+ validateTokenKey("clientSecret", ssoToken.clientSecret, true);
972
+ validateTokenKey("refreshToken", ssoToken.refreshToken, true);
973
+ _state.label = 7;
974
+ case 7:
975
+ _state.trys.push([
976
+ 7,
977
+ 13,
978
+ ,
979
+ 14
980
+ ]);
981
+ lastRefreshAttemptTime.setTime(Date.now());
982
+ return [
983
+ 4,
984
+ getNewSsoOidcToken(ssoToken, ssoRegion, init)
985
+ ];
986
+ case 8:
987
+ newSsoOidcToken = _state.sent();
988
+ validateTokenKey("accessToken", newSsoOidcToken.accessToken);
989
+ validateTokenKey("expiresIn", newSsoOidcToken.expiresIn);
990
+ newTokenExpiration = new Date(Date.now() + newSsoOidcToken.expiresIn * 1000);
991
+ _state.label = 9;
992
+ case 9:
993
+ _state.trys.push([
994
+ 9,
995
+ 11,
996
+ ,
997
+ 12
998
+ ]);
999
+ return [
1000
+ 4,
1001
+ writeSSOTokenToFile(ssoSessionName, _object_spread_props(_object_spread$1({}, ssoToken), {
1002
+ accessToken: newSsoOidcToken.accessToken,
1003
+ expiresAt: newTokenExpiration.toISOString(),
1004
+ refreshToken: newSsoOidcToken.refreshToken
1005
+ }))
1006
+ ];
1007
+ case 10:
1008
+ _state.sent();
1009
+ return [
1010
+ 3,
1011
+ 12
1012
+ ];
1013
+ case 11:
1014
+ _state.sent();
1015
+ return [
1016
+ 3,
1017
+ 12
1018
+ ];
1019
+ case 12:
1020
+ return [
1021
+ 2,
1022
+ {
1023
+ token: newSsoOidcToken.accessToken,
1024
+ expiration: newTokenExpiration
1025
+ }
1026
+ ];
1027
+ case 13:
1028
+ _state.sent();
1029
+ validateTokenExpiry(existingToken);
1030
+ return [
1031
+ 2,
1032
+ existingToken
1033
+ ];
1034
+ case 14:
1035
+ return [
1036
+ 2
1037
+ ];
1038
+ }
1039
+ });
1040
+ });
1041
+ };
1042
+
1043
+ function asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, key, arg) {
1044
+ try {
1045
+ var info = gen[key](arg);
1046
+ var value = info.value;
1047
+ } catch (error) {
1048
+ reject(error);
1049
+ return;
1050
+ }
1051
+ if (info.done) {
1052
+ resolve(value);
1053
+ } else {
1054
+ Promise.resolve(value).then(_next, _throw);
1055
+ }
1056
+ }
1057
+ function _async_to_generator$1(fn) {
1058
+ return function() {
1059
+ var self = this, args = arguments;
1060
+ return new Promise(function(resolve, reject) {
1061
+ var gen = fn.apply(self, args);
1062
+ function _next(value) {
1063
+ asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, "next", value);
1064
+ }
1065
+ function _throw(err) {
1066
+ asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, "throw", err);
1067
+ }
1068
+ _next(undefined);
1069
+ });
1070
+ };
1071
+ }
1072
+ function _define_property(obj, key, value) {
1073
+ if (key in obj) {
1074
+ Object.defineProperty(obj, key, {
1075
+ value: value,
1076
+ enumerable: true,
1077
+ configurable: true,
1078
+ writable: true
1079
+ });
1080
+ } else {
1081
+ obj[key] = value;
1082
+ }
1083
+ return obj;
1084
+ }
1085
+ function _object_spread(target) {
1086
+ for(var i = 1; i < arguments.length; i++){
1087
+ var source = arguments[i] != null ? arguments[i] : {};
1088
+ var ownKeys = Object.keys(source);
1089
+ if (typeof Object.getOwnPropertySymbols === "function") {
1090
+ ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
1091
+ return Object.getOwnPropertyDescriptor(source, sym).enumerable;
1092
+ }));
1093
+ }
1094
+ ownKeys.forEach(function(key) {
1095
+ _define_property(target, key, source[key]);
1096
+ });
1097
+ }
1098
+ return target;
1099
+ }
1100
+ function _ts_generator$1(thisArg, body) {
1101
+ var f, y, t, g, _ = {
1102
+ label: 0,
1103
+ sent: function() {
1104
+ if (t[0] & 1) throw t[1];
1105
+ return t[1];
1106
+ },
1107
+ trys: [],
1108
+ ops: []
1109
+ };
1110
+ return g = {
1111
+ next: verb(0),
1112
+ "throw": verb(1),
1113
+ "return": verb(2)
1114
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
1115
+ return this;
1116
+ }), g;
1117
+ function verb(n) {
1118
+ return function(v) {
1119
+ return step([
1120
+ n,
1121
+ v
1122
+ ]);
1123
+ };
1124
+ }
1125
+ function step(op) {
1126
+ if (f) throw new TypeError("Generator is already executing.");
1127
+ while(_)try {
1128
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
1129
+ if (y = 0, t) op = [
1130
+ op[0] & 2,
1131
+ t.value
1132
+ ];
1133
+ switch(op[0]){
1134
+ case 0:
1135
+ case 1:
1136
+ t = op;
1137
+ break;
1138
+ case 4:
1139
+ _.label++;
1140
+ return {
1141
+ value: op[1],
1142
+ done: false
1143
+ };
1144
+ case 5:
1145
+ _.label++;
1146
+ y = op[1];
1147
+ op = [
1148
+ 0
1149
+ ];
1150
+ continue;
1151
+ case 7:
1152
+ op = _.ops.pop();
1153
+ _.trys.pop();
1154
+ continue;
1155
+ default:
1156
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
1157
+ _ = 0;
1158
+ continue;
1159
+ }
1160
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
1161
+ _.label = op[1];
1162
+ break;
1163
+ }
1164
+ if (op[0] === 6 && _.label < t[1]) {
1165
+ _.label = t[1];
1166
+ t = op;
1167
+ break;
1168
+ }
1169
+ if (t && _.label < t[2]) {
1170
+ _.label = t[2];
1171
+ _.ops.push(op);
1172
+ break;
1173
+ }
1174
+ if (t[2]) _.ops.pop();
1175
+ _.trys.pop();
1176
+ continue;
1177
+ }
1178
+ op = body.call(thisArg, _);
1179
+ } catch (e) {
1180
+ op = [
1181
+ 6,
1182
+ e
1183
+ ];
1184
+ y = 0;
1185
+ } finally{
1186
+ f = t = 0;
1187
+ }
1188
+ if (op[0] & 5) throw op[1];
1189
+ return {
1190
+ value: op[0] ? op[1] : void 0,
1191
+ done: true
1192
+ };
1193
+ }
1194
+ }
1195
+ var SHOULD_FAIL_CREDENTIAL_CHAIN = false;
1196
+ var resolveSSOCredentials = function() {
1197
+ var _ref = _async_to_generator$1(function(param) {
1198
+ var ssoStartUrl, ssoSession, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, clientConfig, parentClientConfig, profile, filepath, configFilepath, ignoreCache, logger, token, refreshMessage, _token, e, accessToken, _ref, SSOClient, GetRoleCredentialsCommand, _clientConfig_logger, _clientConfig_region, sso, ssoResp, e2, tmp, _ref1, accessKeyId, secretAccessKey, sessionToken, expiration, credentialScope, accountId, credentials;
1199
+ return _ts_generator$1(this, function(_state) {
1200
+ switch(_state.label){
1201
+ case 0:
1202
+ ssoStartUrl = param.ssoStartUrl, ssoSession = param.ssoSession, ssoAccountId = param.ssoAccountId, ssoRegion = param.ssoRegion, ssoRoleName = param.ssoRoleName, ssoClient = param.ssoClient, clientConfig = param.clientConfig, parentClientConfig = param.parentClientConfig, profile = param.profile, filepath = param.filepath, configFilepath = param.configFilepath, ignoreCache = param.ignoreCache, logger = param.logger;
1203
+ refreshMessage = "To refresh this SSO session run aws sso login with the corresponding profile.";
1204
+ if (!ssoSession) return [
1205
+ 3,
1206
+ 5
1207
+ ];
1208
+ _state.label = 1;
1209
+ case 1:
1210
+ _state.trys.push([
1211
+ 1,
1212
+ 3,
1213
+ ,
1214
+ 4
1215
+ ]);
1216
+ return [
1217
+ 4,
1218
+ fromSso({
1219
+ profile: profile,
1220
+ filepath: filepath,
1221
+ configFilepath: configFilepath,
1222
+ ignoreCache: ignoreCache
1223
+ })()
1224
+ ];
1225
+ case 2:
1226
+ _token = _state.sent();
1227
+ token = {
1228
+ accessToken: _token.token,
1229
+ expiresAt: new Date(_token.expiration).toISOString()
1230
+ };
1231
+ return [
1232
+ 3,
1233
+ 4
1234
+ ];
1235
+ case 3:
1236
+ e = _state.sent();
1237
+ throw new CredentialsProviderError(e.message, {
1238
+ tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
1239
+ logger: logger
1240
+ });
1241
+ case 4:
1242
+ return [
1243
+ 3,
1244
+ 8
1245
+ ];
1246
+ case 5:
1247
+ _state.trys.push([
1248
+ 5,
1249
+ 7,
1250
+ ,
1251
+ 8
1252
+ ]);
1253
+ return [
1254
+ 4,
1255
+ getSSOTokenFromFile(ssoStartUrl)
1256
+ ];
1257
+ case 6:
1258
+ token = _state.sent();
1259
+ return [
1260
+ 3,
1261
+ 8
1262
+ ];
1263
+ case 7:
1264
+ _state.sent();
1265
+ throw new CredentialsProviderError("The SSO session associated with this profile is invalid. ".concat(refreshMessage), {
1266
+ tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
1267
+ logger: logger
1268
+ });
1269
+ case 8:
1270
+ if (new Date(token.expiresAt).getTime() - Date.now() <= 0) {
1271
+ throw new CredentialsProviderError("The SSO session associated with this profile has expired. ".concat(refreshMessage), {
1272
+ tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
1273
+ logger: logger
1274
+ });
1275
+ }
1276
+ accessToken = token.accessToken;
1277
+ return [
1278
+ 4,
1279
+ import('./loadSso.esm.js')
1280
+ ];
1281
+ case 9:
1282
+ _ref = _state.sent(), SSOClient = _ref.SSOClient, GetRoleCredentialsCommand = _ref.GetRoleCredentialsCommand;
1283
+ sso = ssoClient || new SSOClient(Object.assign({}, clientConfig !== null && clientConfig !== void 0 ? clientConfig : {}, {
1284
+ logger: (_clientConfig_logger = clientConfig === null || clientConfig === void 0 ? void 0 : clientConfig.logger) !== null && _clientConfig_logger !== void 0 ? _clientConfig_logger : parentClientConfig === null || parentClientConfig === void 0 ? void 0 : parentClientConfig.logger,
1285
+ region: (_clientConfig_region = clientConfig === null || clientConfig === void 0 ? void 0 : clientConfig.region) !== null && _clientConfig_region !== void 0 ? _clientConfig_region : ssoRegion
1286
+ }));
1287
+ _state.label = 10;
1288
+ case 10:
1289
+ _state.trys.push([
1290
+ 10,
1291
+ 12,
1292
+ ,
1293
+ 13
1294
+ ]);
1295
+ return [
1296
+ 4,
1297
+ sso.send(new GetRoleCredentialsCommand({
1298
+ accountId: ssoAccountId,
1299
+ roleName: ssoRoleName,
1300
+ accessToken: accessToken
1301
+ }))
1302
+ ];
1303
+ case 11:
1304
+ ssoResp = _state.sent();
1305
+ return [
1306
+ 3,
1307
+ 13
1308
+ ];
1309
+ case 12:
1310
+ e2 = _state.sent();
1311
+ throw new CredentialsProviderError(e2, {
1312
+ tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
1313
+ logger: logger
1314
+ });
1315
+ case 13:
1316
+ tmp = ssoResp.roleCredentials, _ref1 = tmp === void 0 ? {} : tmp, accessKeyId = _ref1.accessKeyId, secretAccessKey = _ref1.secretAccessKey, sessionToken = _ref1.sessionToken, expiration = _ref1.expiration, credentialScope = _ref1.credentialScope, accountId = _ref1.accountId;
1317
+ if (!accessKeyId || !secretAccessKey || !sessionToken || !expiration) {
1318
+ throw new CredentialsProviderError("SSO returns an invalid temporary credential.", {
1319
+ tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
1320
+ logger: logger
1321
+ });
1322
+ }
1323
+ credentials = _object_spread({
1324
+ accessKeyId: accessKeyId,
1325
+ secretAccessKey: secretAccessKey,
1326
+ sessionToken: sessionToken,
1327
+ expiration: new Date(expiration)
1328
+ }, credentialScope && {
1329
+ credentialScope: credentialScope
1330
+ }, accountId && {
1331
+ accountId: accountId
1332
+ });
1333
+ if (ssoSession) {
1334
+ setCredentialFeature(credentials, "CREDENTIALS_SSO", "s");
1335
+ } else {
1336
+ setCredentialFeature(credentials, "CREDENTIALS_SSO_LEGACY", "u");
1337
+ }
1338
+ return [
1339
+ 2,
1340
+ credentials
1341
+ ];
1342
+ }
1343
+ });
1344
+ });
1345
+ return function resolveSSOCredentials(_) {
1346
+ return _ref.apply(this, arguments);
1347
+ };
1348
+ }();
1349
+
1350
+ var validateSsoProfile = function(profile, logger) {
1351
+ var sso_start_url = profile.sso_start_url, sso_account_id = profile.sso_account_id, sso_region = profile.sso_region, sso_role_name = profile.sso_role_name;
1352
+ if (!sso_start_url || !sso_account_id || !sso_region || !sso_role_name) {
1353
+ throw new CredentialsProviderError('Profile is configured with invalid SSO credentials. Required parameters "sso_account_id", ' + '"sso_region", "sso_role_name", "sso_start_url". Got '.concat(Object.keys(profile).join(", "), "\nReference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html"), {
1354
+ tryNextLink: false,
1355
+ logger: logger
1356
+ });
1357
+ }
1358
+ return profile;
1359
+ };
1360
+
1361
+ function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) {
1362
+ try {
1363
+ var info = gen[key](arg);
1364
+ var value = info.value;
1365
+ } catch (error) {
1366
+ reject(error);
1367
+ return;
1368
+ }
1369
+ if (info.done) {
1370
+ resolve(value);
1371
+ } else {
1372
+ Promise.resolve(value).then(_next, _throw);
1373
+ }
1374
+ }
1375
+ function _async_to_generator(fn) {
1376
+ return function() {
1377
+ var self = this, args = arguments;
1378
+ return new Promise(function(resolve, reject) {
1379
+ var gen = fn.apply(self, args);
1380
+ function _next(value) {
1381
+ asyncGeneratorStep(gen, resolve, reject, _next, _throw, "next", value);
1382
+ }
1383
+ function _throw(err) {
1384
+ asyncGeneratorStep(gen, resolve, reject, _next, _throw, "throw", err);
1385
+ }
1386
+ _next(undefined);
1387
+ });
1388
+ };
1389
+ }
1390
+ function _ts_generator(thisArg, body) {
1391
+ var f, y, t, g, _ = {
1392
+ label: 0,
1393
+ sent: function() {
1394
+ if (t[0] & 1) throw t[1];
1395
+ return t[1];
1396
+ },
1397
+ trys: [],
1398
+ ops: []
1399
+ };
1400
+ return g = {
1401
+ next: verb(0),
1402
+ "throw": verb(1),
1403
+ "return": verb(2)
1404
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
1405
+ return this;
1406
+ }), g;
1407
+ function verb(n) {
1408
+ return function(v) {
1409
+ return step([
1410
+ n,
1411
+ v
1412
+ ]);
1413
+ };
1414
+ }
1415
+ function step(op) {
1416
+ if (f) throw new TypeError("Generator is already executing.");
1417
+ while(_)try {
1418
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
1419
+ if (y = 0, t) op = [
1420
+ op[0] & 2,
1421
+ t.value
1422
+ ];
1423
+ switch(op[0]){
1424
+ case 0:
1425
+ case 1:
1426
+ t = op;
1427
+ break;
1428
+ case 4:
1429
+ _.label++;
1430
+ return {
1431
+ value: op[1],
1432
+ done: false
1433
+ };
1434
+ case 5:
1435
+ _.label++;
1436
+ y = op[1];
1437
+ op = [
1438
+ 0
1439
+ ];
1440
+ continue;
1441
+ case 7:
1442
+ op = _.ops.pop();
1443
+ _.trys.pop();
1444
+ continue;
1445
+ default:
1446
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
1447
+ _ = 0;
1448
+ continue;
1449
+ }
1450
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
1451
+ _.label = op[1];
1452
+ break;
1453
+ }
1454
+ if (op[0] === 6 && _.label < t[1]) {
1455
+ _.label = t[1];
1456
+ t = op;
1457
+ break;
1458
+ }
1459
+ if (t && _.label < t[2]) {
1460
+ _.label = t[2];
1461
+ _.ops.push(op);
1462
+ break;
1463
+ }
1464
+ if (t[2]) _.ops.pop();
1465
+ _.trys.pop();
1466
+ continue;
1467
+ }
1468
+ op = body.call(thisArg, _);
1469
+ } catch (e) {
1470
+ op = [
1471
+ 6,
1472
+ e
1473
+ ];
1474
+ y = 0;
1475
+ } finally{
1476
+ f = t = 0;
1477
+ }
1478
+ if (op[0] & 5) throw op[1];
1479
+ return {
1480
+ value: op[0] ? op[1] : void 0,
1481
+ done: true
1482
+ };
1483
+ }
1484
+ }
1485
+ var fromSSO = function() {
1486
+ var init = arguments.length > 0 && arguments[0] !== void 0 ? arguments[0] : {};
1487
+ return /*#__PURE__*/ _async_to_generator(function() {
1488
+ var callerClientConfig, _init_logger, ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoSession, ssoClient, _init_profile, profileName, profiles, profile, ssoSessions, session, conflictMsg, _validateSsoProfile, sso_start_url, sso_account_id, sso_region, sso_role_name, sso_session;
1489
+ var _arguments = arguments;
1490
+ return _ts_generator(this, function(_state) {
1491
+ switch(_state.label){
1492
+ case 0:
1493
+ callerClientConfig = (_arguments.length > 0 && _arguments[0] !== void 0 ? _arguments[0] : {}).callerClientConfig;
1494
+ (_init_logger = init.logger) === null || _init_logger === void 0 ? void 0 : _init_logger.debug("@aws-sdk/credential-provider-sso - fromSSO");
1495
+ ssoStartUrl = init.ssoStartUrl, ssoAccountId = init.ssoAccountId, ssoRegion = init.ssoRegion, ssoRoleName = init.ssoRoleName, ssoSession = init.ssoSession;
1496
+ ssoClient = init.ssoClient;
1497
+ profileName = getProfileName({
1498
+ profile: (_init_profile = init.profile) !== null && _init_profile !== void 0 ? _init_profile : callerClientConfig === null || callerClientConfig === void 0 ? void 0 : callerClientConfig.profile
1499
+ });
1500
+ if (!(!ssoStartUrl && !ssoAccountId && !ssoRegion && !ssoRoleName && !ssoSession)) return [
1501
+ 3,
1502
+ 4
1503
+ ];
1504
+ return [
1505
+ 4,
1506
+ parseKnownFiles(init)
1507
+ ];
1508
+ case 1:
1509
+ profiles = _state.sent();
1510
+ profile = profiles[profileName];
1511
+ if (!profile) {
1512
+ throw new CredentialsProviderError("Profile ".concat(profileName, " was not found."), {
1513
+ logger: init.logger
1514
+ });
1515
+ }
1516
+ if (!isSsoProfile(profile)) {
1517
+ throw new CredentialsProviderError("Profile ".concat(profileName, " is not configured with SSO credentials."), {
1518
+ logger: init.logger
1519
+ });
1520
+ }
1521
+ if (!(profile === null || profile === void 0 ? void 0 : profile.sso_session)) return [
1522
+ 3,
1523
+ 3
1524
+ ];
1525
+ return [
1526
+ 4,
1527
+ loadSsoSessionData(init)
1528
+ ];
1529
+ case 2:
1530
+ ssoSessions = _state.sent();
1531
+ session = ssoSessions[profile.sso_session];
1532
+ conflictMsg = " configurations in profile ".concat(profileName, " and sso-session ").concat(profile.sso_session);
1533
+ if (ssoRegion && ssoRegion !== session.sso_region) {
1534
+ throw new CredentialsProviderError("Conflicting SSO region" + conflictMsg, {
1535
+ tryNextLink: false,
1536
+ logger: init.logger
1537
+ });
1538
+ }
1539
+ if (ssoStartUrl && ssoStartUrl !== session.sso_start_url) {
1540
+ throw new CredentialsProviderError("Conflicting SSO start_url" + conflictMsg, {
1541
+ tryNextLink: false,
1542
+ logger: init.logger
1543
+ });
1544
+ }
1545
+ profile.sso_region = session.sso_region;
1546
+ profile.sso_start_url = session.sso_start_url;
1547
+ _state.label = 3;
1548
+ case 3:
1549
+ _validateSsoProfile = validateSsoProfile(profile, init.logger), sso_start_url = _validateSsoProfile.sso_start_url, sso_account_id = _validateSsoProfile.sso_account_id, sso_region = _validateSsoProfile.sso_region, sso_role_name = _validateSsoProfile.sso_role_name, sso_session = _validateSsoProfile.sso_session;
1550
+ return [
1551
+ 2,
1552
+ resolveSSOCredentials({
1553
+ ssoStartUrl: sso_start_url,
1554
+ ssoSession: sso_session,
1555
+ ssoAccountId: sso_account_id,
1556
+ ssoRegion: sso_region,
1557
+ ssoRoleName: sso_role_name,
1558
+ ssoClient: ssoClient,
1559
+ clientConfig: init.clientConfig,
1560
+ parentClientConfig: init.parentClientConfig,
1561
+ profile: profileName,
1562
+ filepath: init.filepath,
1563
+ configFilepath: init.configFilepath,
1564
+ ignoreCache: init.ignoreCache,
1565
+ logger: init.logger
1566
+ })
1567
+ ];
1568
+ case 4:
1569
+ if (!ssoStartUrl || !ssoAccountId || !ssoRegion || !ssoRoleName) {
1570
+ throw new CredentialsProviderError("Incomplete configuration. The fromSSO() argument hash must include " + '"ssoStartUrl", "ssoAccountId", "ssoRegion", "ssoRoleName"', {
1571
+ tryNextLink: false,
1572
+ logger: init.logger
1573
+ });
1574
+ } else {
1575
+ return [
1576
+ 2,
1577
+ resolveSSOCredentials({
1578
+ ssoStartUrl: ssoStartUrl,
1579
+ ssoSession: ssoSession,
1580
+ ssoAccountId: ssoAccountId,
1581
+ ssoRegion: ssoRegion,
1582
+ ssoRoleName: ssoRoleName,
1583
+ ssoClient: ssoClient,
1584
+ clientConfig: init.clientConfig,
1585
+ parentClientConfig: init.parentClientConfig,
1586
+ profile: profileName,
1587
+ filepath: init.filepath,
1588
+ configFilepath: init.configFilepath,
1589
+ ignoreCache: init.ignoreCache,
1590
+ logger: init.logger
1591
+ })
1592
+ ];
1593
+ }
1594
+ case 5:
1595
+ return [
1596
+ 2
1597
+ ];
1598
+ }
1599
+ });
1600
+ });
1601
+ };
1602
+
1603
+ export { fromSSO, isSsoProfile, validateSsoProfile };