@digipair/skill-s3 0.136.1 → 0.136.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (29) hide show
  1. package/dist/AwsRestJsonProtocol.esm.js +1858 -0
  2. package/dist/externalDataInterceptor.esm.js +1 -1
  3. package/dist/getSSOTokenFromFile.esm.js +1 -1
  4. package/dist/index.esm.js +1 -1
  5. package/dist/index.esm10.js +1 -1
  6. package/dist/index.esm11.js +1719 -1078
  7. package/dist/index.esm12.js +283 -3614
  8. package/dist/index.esm13.js +1 -1
  9. package/dist/index.esm14.js +51 -7022
  10. package/dist/index.esm15.js +4780 -0
  11. package/dist/index.esm16.js +2057 -0
  12. package/dist/index.esm17.js +434 -0
  13. package/dist/index.esm18.js +1265 -0
  14. package/dist/index.esm19.js +456 -0
  15. package/dist/index.esm2.js +58503 -13
  16. package/dist/index.esm20.js +4885 -0
  17. package/dist/index.esm3.js +797 -58638
  18. package/dist/index.esm4.js +1297 -736
  19. package/dist/index.esm5.js +423 -170
  20. package/dist/index.esm6.js +575 -4090
  21. package/dist/index.esm7.js +2416 -113
  22. package/dist/index.esm8.js +122 -1377
  23. package/dist/index.esm9.js +131 -3121
  24. package/dist/loadSso.esm.js +5727 -1772
  25. package/dist/loadSso.esm2.js +6584 -0
  26. package/dist/loadSsoSessionData.esm.js +349 -0
  27. package/dist/parseKnownFiles.esm.js +1 -1
  28. package/package.json +1 -1
  29. package/dist/parseJsonBody.esm.js +0 -216
package/dist/index.esm7.js CHANGED
@@ -1,7 +1,8 @@
1
- import { exec } from 'child_process';
2
- import { promisify } from 'util';
3
- import { s as setCredentialFeature, C as CredentialsProviderError, k as getProfileName } from './index.esm3.js';
4
- import { e as externalDataInterceptor } from './externalDataInterceptor.esm.js';
1
+ import { C as CredentialsProviderError, c as chain, s as setCredentialFeature, g as getProfileName, r as readFile, H as HttpRequest } from './index.esm2.js';
2
+ import { createHash, createPrivateKey, createPublicKey, sign } from 'node:crypto';
3
+ import { promises } from 'node:fs';
4
+ import { homedir } from 'node:os';
5
+ import { join, dirname } from 'node:path';
5
6
  import { p as parseKnownFiles } from './parseKnownFiles.esm.js';
6
7
  import 'buffer';
7
8
  import 'path';
@@ -13,75 +14,247 @@ import 'node:stream';
13
14
  import 'http';
14
15
  import 'https';
15
16
  import 'process';
16
- import 'node:fs';
17
17
  import 'zlib';
18
- import './getSSOTokenFromFile.esm.js';
19
- import 'fs/promises';
20
18
 
21
- function _define_property(obj, key, value) {
22
- if (key in obj) {
23
- Object.defineProperty(obj, key, {
24
- value: value,
25
- enumerable: true,
26
- configurable: true,
27
- writable: true
28
- });
19
+ function asyncGeneratorStep$a(gen, resolve, reject, _next, _throw, key, arg) {
20
+ try {
21
+ var info = gen[key](arg);
22
+ var value = info.value;
23
+ } catch (error) {
24
+ reject(error);
25
+ return;
26
+ }
27
+ if (info.done) {
28
+ resolve(value);
29
29
  } else {
30
- obj[key] = value;
30
+ Promise.resolve(value).then(_next, _throw);
31
31
  }
32
- return obj;
33
32
  }
34
- function _object_spread(target) {
35
- for(var i = 1; i < arguments.length; i++){
36
- var source = arguments[i] != null ? arguments[i] : {};
37
- var ownKeys = Object.keys(source);
38
- if (typeof Object.getOwnPropertySymbols === "function") {
39
- ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
40
- return Object.getOwnPropertyDescriptor(source, sym).enumerable;
41
- }));
42
- }
43
- ownKeys.forEach(function(key) {
44
- _define_property(target, key, source[key]);
33
+ function _async_to_generator$a(fn) {
34
+ return function() {
35
+ var self = this, args = arguments;
36
+ return new Promise(function(resolve, reject) {
37
+ var gen = fn.apply(self, args);
38
+ function _next(value) {
39
+ asyncGeneratorStep$a(gen, resolve, reject, _next, _throw, "next", value);
40
+ }
41
+ function _throw(err) {
42
+ asyncGeneratorStep$a(gen, resolve, reject, _next, _throw, "throw", err);
43
+ }
44
+ _next(undefined);
45
45
  });
46
- }
47
- return target;
46
+ };
48
47
  }
49
- var getValidatedProcessCredentials = function(profileName, data, profiles) {
50
- var _profiles_profileName;
51
- if (data.Version !== 1) {
52
- throw Error("Profile ".concat(profileName, " credential_process did not return Version 1."));
53
- }
54
- if (data.AccessKeyId === undefined || data.SecretAccessKey === undefined) {
55
- throw Error("Profile ".concat(profileName, " credential_process returned invalid credentials."));
48
+ function _ts_generator$a(thisArg, body) {
49
+ var f, y, t, g, _ = {
50
+ label: 0,
51
+ sent: function() {
52
+ if (t[0] & 1) throw t[1];
53
+ return t[1];
54
+ },
55
+ trys: [],
56
+ ops: []
57
+ };
58
+ return g = {
59
+ next: verb(0),
60
+ "throw": verb(1),
61
+ "return": verb(2)
62
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
63
+ return this;
64
+ }), g;
65
+ function verb(n) {
66
+ return function(v) {
67
+ return step([
68
+ n,
69
+ v
70
+ ]);
71
+ };
56
72
  }
57
- if (data.Expiration) {
58
- var currentTime = new Date();
59
- var expireTime = new Date(data.Expiration);
60
- if (expireTime < currentTime) {
61
- throw Error("Profile ".concat(profileName, " credential_process returned expired credentials."));
73
+ function step(op) {
74
+ if (f) throw new TypeError("Generator is already executing.");
75
+ while(_)try {
76
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
77
+ if (y = 0, t) op = [
78
+ op[0] & 2,
79
+ t.value
80
+ ];
81
+ switch(op[0]){
82
+ case 0:
83
+ case 1:
84
+ t = op;
85
+ break;
86
+ case 4:
87
+ _.label++;
88
+ return {
89
+ value: op[1],
90
+ done: false
91
+ };
92
+ case 5:
93
+ _.label++;
94
+ y = op[1];
95
+ op = [
96
+ 0
97
+ ];
98
+ continue;
99
+ case 7:
100
+ op = _.ops.pop();
101
+ _.trys.pop();
102
+ continue;
103
+ default:
104
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
105
+ _ = 0;
106
+ continue;
107
+ }
108
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
109
+ _.label = op[1];
110
+ break;
111
+ }
112
+ if (op[0] === 6 && _.label < t[1]) {
113
+ _.label = t[1];
114
+ t = op;
115
+ break;
116
+ }
117
+ if (t && _.label < t[2]) {
118
+ _.label = t[2];
119
+ _.ops.push(op);
120
+ break;
121
+ }
122
+ if (t[2]) _.ops.pop();
123
+ _.trys.pop();
124
+ continue;
125
+ }
126
+ op = body.call(thisArg, _);
127
+ } catch (e) {
128
+ op = [
129
+ 6,
130
+ e
131
+ ];
132
+ y = 0;
133
+ } finally{
134
+ f = t = 0;
62
135
  }
136
+ if (op[0] & 5) throw op[1];
137
+ return {
138
+ value: op[0] ? op[1] : void 0,
139
+ done: true
140
+ };
63
141
  }
64
- var accountId = data.AccountId;
65
- if (!accountId && (profiles === null || profiles === void 0 ? void 0 : (_profiles_profileName = profiles[profileName]) === null || _profiles_profileName === void 0 ? void 0 : _profiles_profileName.aws_account_id)) {
66
- accountId = profiles[profileName].aws_account_id;
67
- }
68
- var credentials = _object_spread({
69
- accessKeyId: data.AccessKeyId,
70
- secretAccessKey: data.SecretAccessKey
71
- }, data.SessionToken && {
72
- sessionToken: data.SessionToken
73
- }, data.Expiration && {
74
- expiration: new Date(data.Expiration)
75
- }, data.CredentialScope && {
76
- credentialScope: data.CredentialScope
77
- }, accountId && {
78
- accountId: accountId
79
- });
80
- setCredentialFeature(credentials, "CREDENTIALS_PROCESS", "w");
81
- return credentials;
142
+ }
143
+ var resolveCredentialSource = function(credentialSource, profileName, logger) {
144
+ var sourceProvidersMap = {
145
+ EcsContainer: function() {
146
+ var _ref = _async_to_generator$a(function(options) {
147
+ var fromHttp, fromContainerMetadata;
148
+ return _ts_generator$a(this, function(_state) {
149
+ switch(_state.label){
150
+ case 0:
151
+ return [
152
+ 4,
153
+ import('./index.esm12.js')
154
+ ];
155
+ case 1:
156
+ fromHttp = _state.sent().fromHttp;
157
+ return [
158
+ 4,
159
+ import('./index.esm13.js')
160
+ ];
161
+ case 2:
162
+ fromContainerMetadata = _state.sent().fromContainerMetadata;
163
+ logger === null || logger === void 0 ? void 0 : logger.debug("@aws-sdk/credential-provider-ini - credential_source is EcsContainer");
164
+ return [
165
+ 2,
166
+ /*#__PURE__*/ _async_to_generator$a(function() {
167
+ return _ts_generator$a(this, function(_state) {
168
+ return [
169
+ 2,
170
+ chain(fromHttp(options !== null && options !== void 0 ? options : {}), fromContainerMetadata(options))().then(setNamedProvider)
171
+ ];
172
+ });
173
+ })
174
+ ];
175
+ }
176
+ });
177
+ });
178
+ return function(options) {
179
+ return _ref.apply(this, arguments);
180
+ };
181
+ }(),
182
+ Ec2InstanceMetadata: function() {
183
+ var _ref = _async_to_generator$a(function(options) {
184
+ var fromInstanceMetadata;
185
+ return _ts_generator$a(this, function(_state) {
186
+ switch(_state.label){
187
+ case 0:
188
+ logger === null || logger === void 0 ? void 0 : logger.debug("@aws-sdk/credential-provider-ini - credential_source is Ec2InstanceMetadata");
189
+ return [
190
+ 4,
191
+ import('./index.esm13.js')
192
+ ];
193
+ case 1:
194
+ fromInstanceMetadata = _state.sent().fromInstanceMetadata;
195
+ return [
196
+ 2,
197
+ /*#__PURE__*/ _async_to_generator$a(function() {
198
+ return _ts_generator$a(this, function(_state) {
199
+ return [
200
+ 2,
201
+ fromInstanceMetadata(options)().then(setNamedProvider)
202
+ ];
203
+ });
204
+ })
205
+ ];
206
+ }
207
+ });
208
+ });
209
+ return function(options) {
210
+ return _ref.apply(this, arguments);
211
+ };
212
+ }(),
213
+ Environment: function() {
214
+ var _ref = _async_to_generator$a(function(options) {
215
+ var fromEnv;
216
+ return _ts_generator$a(this, function(_state) {
217
+ switch(_state.label){
218
+ case 0:
219
+ logger === null || logger === void 0 ? void 0 : logger.debug("@aws-sdk/credential-provider-ini - credential_source is Environment");
220
+ return [
221
+ 4,
222
+ import('./index.esm14.js')
223
+ ];
224
+ case 1:
225
+ fromEnv = _state.sent().fromEnv;
226
+ return [
227
+ 2,
228
+ /*#__PURE__*/ _async_to_generator$a(function() {
229
+ return _ts_generator$a(this, function(_state) {
230
+ return [
231
+ 2,
232
+ fromEnv(options)().then(setNamedProvider)
233
+ ];
234
+ });
235
+ })
236
+ ];
237
+ }
238
+ });
239
+ });
240
+ return function(options) {
241
+ return _ref.apply(this, arguments);
242
+ };
243
+ }()
244
+ };
245
+ if (credentialSource in sourceProvidersMap) {
246
+ return sourceProvidersMap[credentialSource];
247
+ } else {
248
+ throw new CredentialsProviderError("Unsupported credential source in profile ".concat(profileName, ". Got ").concat(credentialSource, ", ") + "expected EcsContainer or Ec2InstanceMetadata or Environment.", {
249
+ logger: logger
250
+ });
251
+ }
252
+ };
253
+ var setNamedProvider = function(creds) {
254
+ return setCredentialFeature(creds, "CREDENTIALS_PROFILE_NAMED_PROVIDER", "p");
82
255
  };
83
256
 
84
- function asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, key, arg) {
257
+ function asyncGeneratorStep$9(gen, resolve, reject, _next, _throw, key, arg) {
85
258
  try {
86
259
  var info = gen[key](arg);
87
260
  var value = info.value;
@@ -95,22 +268,73 @@ function asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, key, arg) {
95
268
  Promise.resolve(value).then(_next, _throw);
96
269
  }
97
270
  }
98
- function _async_to_generator$1(fn) {
271
+ function _async_to_generator$9(fn) {
99
272
  return function() {
100
273
  var self = this, args = arguments;
101
274
  return new Promise(function(resolve, reject) {
102
275
  var gen = fn.apply(self, args);
103
276
  function _next(value) {
104
- asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, "next", value);
277
+ asyncGeneratorStep$9(gen, resolve, reject, _next, _throw, "next", value);
105
278
  }
106
279
  function _throw(err) {
107
- asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, "throw", err);
280
+ asyncGeneratorStep$9(gen, resolve, reject, _next, _throw, "throw", err);
108
281
  }
109
282
  _next(undefined);
110
283
  });
111
284
  };
112
285
  }
113
- function _ts_generator$1(thisArg, body) {
286
+ function _define_property$4(obj, key, value) {
287
+ if (key in obj) {
288
+ Object.defineProperty(obj, key, {
289
+ value: value,
290
+ enumerable: true,
291
+ configurable: true,
292
+ writable: true
293
+ });
294
+ } else {
295
+ obj[key] = value;
296
+ }
297
+ return obj;
298
+ }
299
+ function _object_spread$4(target) {
300
+ for(var i = 1; i < arguments.length; i++){
301
+ var source = arguments[i] != null ? arguments[i] : {};
302
+ var ownKeys = Object.keys(source);
303
+ if (typeof Object.getOwnPropertySymbols === "function") {
304
+ ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
305
+ return Object.getOwnPropertyDescriptor(source, sym).enumerable;
306
+ }));
307
+ }
308
+ ownKeys.forEach(function(key) {
309
+ _define_property$4(target, key, source[key]);
310
+ });
311
+ }
312
+ return target;
313
+ }
314
+ function ownKeys$3(object, enumerableOnly) {
315
+ var keys = Object.keys(object);
316
+ if (Object.getOwnPropertySymbols) {
317
+ var symbols = Object.getOwnPropertySymbols(object);
318
+ keys.push.apply(keys, symbols);
319
+ }
320
+ return keys;
321
+ }
322
+ function _object_spread_props$3(target, source) {
323
+ source = source != null ? source : {};
324
+ if (Object.getOwnPropertyDescriptors) {
325
+ Object.defineProperties(target, Object.getOwnPropertyDescriptors(source));
326
+ } else {
327
+ ownKeys$3(Object(source)).forEach(function(key) {
328
+ Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key));
329
+ });
330
+ }
331
+ return target;
332
+ }
333
+ function _type_of$3(obj) {
334
+ "@swc/helpers - typeof";
335
+ return obj && typeof Symbol !== "undefined" && obj.constructor === Symbol ? "symbol" : typeof obj;
336
+ }
337
+ function _ts_generator$9(thisArg, body) {
114
338
  var f, y, t, g, _ = {
115
339
  label: 0,
116
340
  sent: function() {
@@ -205,77 +429,2156 @@ function _ts_generator$1(thisArg, body) {
205
429
  };
206
430
  }
207
431
  }
208
- var resolveProcessCredentials = function() {
209
- var _ref = _async_to_generator$1(function(profileName, profiles, logger) {
210
- var profile, credentialProcess, _externalDataInterceptor_getTokenRecord, _externalDataInterceptor_getTokenRecord_exec, execPromise, stdout, data, error;
211
- return _ts_generator$1(this, function(_state) {
432
+ var isAssumeRoleProfile = function(arg) {
433
+ var _ref = arguments.length > 1 && arguments[1] !== void 0 ? arguments[1] : {}, _ref_profile = _ref.profile, profile = _ref_profile === void 0 ? "default" : _ref_profile, logger = _ref.logger;
434
+ return Boolean(arg) && (typeof arg === "undefined" ? "undefined" : _type_of$3(arg)) === "object" && typeof arg.role_arn === "string" && [
435
+ "undefined",
436
+ "string"
437
+ ].indexOf(_type_of$3(arg.role_session_name)) > -1 && [
438
+ "undefined",
439
+ "string"
440
+ ].indexOf(_type_of$3(arg.external_id)) > -1 && [
441
+ "undefined",
442
+ "string"
443
+ ].indexOf(_type_of$3(arg.mfa_serial)) > -1 && (isAssumeRoleWithSourceProfile(arg, {
444
+ profile: profile,
445
+ logger: logger
446
+ }) || isCredentialSourceProfile(arg, {
447
+ profile: profile,
448
+ logger: logger
449
+ }));
450
+ };
451
+ var isAssumeRoleWithSourceProfile = function(arg, param) {
452
+ var profile = param.profile, logger = param.logger;
453
+ var withSourceProfile = typeof arg.source_profile === "string" && typeof arg.credential_source === "undefined";
454
+ if (withSourceProfile) {
455
+ var _logger_debug;
456
+ logger === null || logger === void 0 ? void 0 : (_logger_debug = logger.debug) === null || _logger_debug === void 0 ? void 0 : _logger_debug.call(logger, " ".concat(profile, " isAssumeRoleWithSourceProfile source_profile=").concat(arg.source_profile));
457
+ }
458
+ return withSourceProfile;
459
+ };
460
+ var isCredentialSourceProfile = function(arg, param) {
461
+ var profile = param.profile, logger = param.logger;
462
+ var withProviderProfile = typeof arg.credential_source === "string" && typeof arg.source_profile === "undefined";
463
+ if (withProviderProfile) {
464
+ var _logger_debug;
465
+ logger === null || logger === void 0 ? void 0 : (_logger_debug = logger.debug) === null || _logger_debug === void 0 ? void 0 : _logger_debug.call(logger, " ".concat(profile, " isCredentialSourceProfile credential_source=").concat(arg.credential_source));
466
+ }
467
+ return withProviderProfile;
468
+ };
469
+ var resolveAssumeRoleCredentials = function() {
470
+ var _ref = _async_to_generator$9(function(profileName, profiles, options, callerClientConfig) {
471
+ var visitedProfiles, resolveProfileData, _options_logger, _options_logger1, profileData, source_profile, region, _options_parentClientConfig, getDefaultRoleAssumer, _ref, _profiles_source_profile, sourceCredsProvider, _tmp, params, mfa_serial, sourceCreds;
472
+ var _arguments = arguments;
473
+ return _ts_generator$9(this, function(_state) {
212
474
  switch(_state.label){
213
475
  case 0:
214
- profile = profiles[profileName];
215
- if (!profiles[profileName]) return [
216
- 3,
217
- 7
218
- ];
219
- credentialProcess = profile["credential_process"];
220
- if (!(credentialProcess !== undefined)) return [
476
+ visitedProfiles = _arguments.length > 4 && _arguments[4] !== void 0 ? _arguments[4] : {}, resolveProfileData = _arguments.length > 5 ? _arguments[5] : void 0;
477
+ (_options_logger = options.logger) === null || _options_logger === void 0 ? void 0 : _options_logger.debug("@aws-sdk/credential-provider-ini - resolveAssumeRoleCredentials (STS)");
478
+ profileData = profiles[profileName];
479
+ source_profile = profileData.source_profile, region = profileData.region;
480
+ if (!!options.roleAssumer) return [
221
481
  3,
222
- 5
482
+ 2
223
483
  ];
224
- execPromise = promisify((_externalDataInterceptor_getTokenRecord_exec = externalDataInterceptor === null || externalDataInterceptor === void 0 ? void 0 : (_externalDataInterceptor_getTokenRecord = externalDataInterceptor.getTokenRecord) === null || _externalDataInterceptor_getTokenRecord === void 0 ? void 0 : _externalDataInterceptor_getTokenRecord.call(externalDataInterceptor).exec) !== null && _externalDataInterceptor_getTokenRecord_exec !== void 0 ? _externalDataInterceptor_getTokenRecord_exec : exec);
225
- _state.label = 1;
226
- case 1:
227
- _state.trys.push([
228
- 1,
229
- 3,
230
- ,
231
- 4
232
- ]);
233
484
  return [
234
485
  4,
235
- execPromise(credentialProcess)
486
+ import('./index.esm15.js')
236
487
  ];
488
+ case 1:
489
+ getDefaultRoleAssumer = _state.sent().getDefaultRoleAssumer;
490
+ options.roleAssumer = getDefaultRoleAssumer(_object_spread_props$3(_object_spread$4({}, options.clientConfig), {
491
+ credentialProviderLogger: options.logger,
492
+ parentClientConfig: _object_spread_props$3(_object_spread$4({}, callerClientConfig, options === null || options === void 0 ? void 0 : options.parentClientConfig), {
493
+ region: (_ref = region !== null && region !== void 0 ? region : options === null || options === void 0 ? void 0 : (_options_parentClientConfig = options.parentClientConfig) === null || _options_parentClientConfig === void 0 ? void 0 : _options_parentClientConfig.region) !== null && _ref !== void 0 ? _ref : callerClientConfig === null || callerClientConfig === void 0 ? void 0 : callerClientConfig.region
494
+ })
495
+ }), options.clientPlugins);
496
+ _state.label = 2;
237
497
  case 2:
238
- stdout = _state.sent().stdout;
239
- try {
240
- data = JSON.parse(stdout.trim());
241
- } catch (e) {
242
- throw Error("Profile ".concat(profileName, " credential_process returned invalid JSON."));
498
+ if (source_profile && source_profile in visitedProfiles) {
499
+ throw new CredentialsProviderError("Detected a cycle attempting to resolve credentials for profile" + " ".concat(getProfileName(options), ". Profiles visited: ") + Object.keys(visitedProfiles).join(", "), {
500
+ logger: options.logger
501
+ });
243
502
  }
503
+ (_options_logger1 = options.logger) === null || _options_logger1 === void 0 ? void 0 : _options_logger1.debug("@aws-sdk/credential-provider-ini - finding credential resolver using ".concat(source_profile ? "source_profile=[".concat(source_profile, "]") : "profile=[".concat(profileName, "]")));
504
+ if (!source_profile) return [
505
+ 3,
506
+ 3
507
+ ];
508
+ _tmp = resolveProfileData(source_profile, profiles, options, callerClientConfig, _object_spread_props$3(_object_spread$4({}, visitedProfiles), _define_property$4({}, source_profile, true)), isCredentialSourceWithoutRoleArn((_profiles_source_profile = profiles[source_profile]) !== null && _profiles_source_profile !== void 0 ? _profiles_source_profile : {}));
244
509
  return [
245
- 2,
246
- getValidatedProcessCredentials(profileName, data, profiles)
510
+ 3,
511
+ 5
247
512
  ];
248
513
  case 3:
249
- error = _state.sent();
250
- throw new CredentialsProviderError(error.message, {
251
- logger: logger
252
- });
253
- case 4:
254
514
  return [
515
+ 4,
516
+ resolveCredentialSource(profileData.credential_source, profileName, options.logger)(options)
517
+ ];
518
+ case 4:
519
+ _tmp = _state.sent()();
520
+ _state.label = 5;
521
+ case 5:
522
+ sourceCredsProvider = _tmp;
523
+ if (!isCredentialSourceWithoutRoleArn(profileData)) return [
255
524
  3,
256
525
  6
257
526
  ];
258
- case 5:
259
- throw new CredentialsProviderError("Profile ".concat(profileName, " did not contain credential_process."), {
260
- logger: logger
261
- });
262
- case 6:
263
527
  return [
528
+ 2,
529
+ sourceCredsProvider.then(function(creds) {
530
+ return setCredentialFeature(creds, "CREDENTIALS_PROFILE_SOURCE_PROFILE", "o");
531
+ })
532
+ ];
533
+ case 6:
534
+ params = {
535
+ RoleArn: profileData.role_arn,
536
+ RoleSessionName: profileData.role_session_name || "aws-sdk-js-".concat(Date.now()),
537
+ ExternalId: profileData.external_id,
538
+ DurationSeconds: parseInt(profileData.duration_seconds || "3600", 10)
539
+ };
540
+ mfa_serial = profileData.mfa_serial;
541
+ if (!mfa_serial) return [
264
542
  3,
265
543
  8
266
544
  ];
545
+ if (!options.mfaCodeProvider) {
546
+ throw new CredentialsProviderError("Profile ".concat(profileName, " requires multi-factor authentication, but no MFA code callback was provided."), {
547
+ logger: options.logger,
548
+ tryNextLink: false
549
+ });
550
+ }
551
+ params.SerialNumber = mfa_serial;
552
+ return [
553
+ 4,
554
+ options.mfaCodeProvider(mfa_serial)
555
+ ];
267
556
  case 7:
268
- throw new CredentialsProviderError("Profile ".concat(profileName, " could not be found in shared credentials file."), {
269
- logger: logger
270
- });
557
+ params.TokenCode = _state.sent();
558
+ _state.label = 8;
271
559
  case 8:
560
+ return [
561
+ 4,
562
+ sourceCredsProvider
563
+ ];
564
+ case 9:
565
+ sourceCreds = _state.sent();
566
+ return [
567
+ 2,
568
+ options.roleAssumer(sourceCreds, params).then(function(creds) {
569
+ return setCredentialFeature(creds, "CREDENTIALS_PROFILE_SOURCE_PROFILE", "o");
570
+ })
571
+ ];
572
+ case 10:
272
573
  return [
273
574
  2
274
575
  ];
275
576
  }
276
577
  });
277
578
  });
278
- return function resolveProcessCredentials(profileName, profiles, logger) {
579
+ return function resolveAssumeRoleCredentials(profileName, profiles, options, callerClientConfig) {
580
+ return _ref.apply(this, arguments);
581
+ };
582
+ }();
583
+ var isCredentialSourceWithoutRoleArn = function(section) {
584
+ return !section.role_arn && !!section.credential_source;
585
+ };
586
+
587
+ function asyncGeneratorStep$8(gen, resolve, reject, _next, _throw, key, arg) {
588
+ try {
589
+ var info = gen[key](arg);
590
+ var value = info.value;
591
+ } catch (error) {
592
+ reject(error);
593
+ return;
594
+ }
595
+ if (info.done) {
596
+ resolve(value);
597
+ } else {
598
+ Promise.resolve(value).then(_next, _throw);
599
+ }
600
+ }
601
+ function _async_to_generator$8(fn) {
602
+ return function() {
603
+ var self = this, args = arguments;
604
+ return new Promise(function(resolve, reject) {
605
+ var gen = fn.apply(self, args);
606
+ function _next(value) {
607
+ asyncGeneratorStep$8(gen, resolve, reject, _next, _throw, "next", value);
608
+ }
609
+ function _throw(err) {
610
+ asyncGeneratorStep$8(gen, resolve, reject, _next, _throw, "throw", err);
611
+ }
612
+ _next(undefined);
613
+ });
614
+ };
615
+ }
616
+ function _class_call_check(instance, Constructor) {
617
+ if (!(instance instanceof Constructor)) {
618
+ throw new TypeError("Cannot call a class as a function");
619
+ }
620
+ }
621
+ function _defineProperties(target, props) {
622
+ for(var i = 0; i < props.length; i++){
623
+ var descriptor = props[i];
624
+ descriptor.enumerable = descriptor.enumerable || false;
625
+ descriptor.configurable = true;
626
+ if ("value" in descriptor) descriptor.writable = true;
627
+ Object.defineProperty(target, descriptor.key, descriptor);
628
+ }
629
+ }
630
+ function _create_class(Constructor, protoProps, staticProps) {
631
+ if (protoProps) _defineProperties(Constructor.prototype, protoProps);
632
+ return Constructor;
633
+ }
634
+ function _define_property$3(obj, key, value) {
635
+ if (key in obj) {
636
+ Object.defineProperty(obj, key, {
637
+ value: value,
638
+ enumerable: true,
639
+ configurable: true,
640
+ writable: true
641
+ });
642
+ } else {
643
+ obj[key] = value;
644
+ }
645
+ return obj;
646
+ }
647
+ function _instanceof(left, right) {
648
+ if (right != null && typeof Symbol !== "undefined" && right[Symbol.hasInstance]) {
649
+ return !!right[Symbol.hasInstance](left);
650
+ } else {
651
+ return left instanceof right;
652
+ }
653
+ }
654
+ function _object_spread$3(target) {
655
+ for(var i = 1; i < arguments.length; i++){
656
+ var source = arguments[i] != null ? arguments[i] : {};
657
+ var ownKeys = Object.keys(source);
658
+ if (typeof Object.getOwnPropertySymbols === "function") {
659
+ ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
660
+ return Object.getOwnPropertyDescriptor(source, sym).enumerable;
661
+ }));
662
+ }
663
+ ownKeys.forEach(function(key) {
664
+ _define_property$3(target, key, source[key]);
665
+ });
666
+ }
667
+ return target;
668
+ }
669
+ function ownKeys$2(object, enumerableOnly) {
670
+ var keys = Object.keys(object);
671
+ if (Object.getOwnPropertySymbols) {
672
+ var symbols = Object.getOwnPropertySymbols(object);
673
+ keys.push.apply(keys, symbols);
674
+ }
675
+ return keys;
676
+ }
677
+ function _object_spread_props$2(target, source) {
678
+ source = source != null ? source : {};
679
+ if (Object.getOwnPropertyDescriptors) {
680
+ Object.defineProperties(target, Object.getOwnPropertyDescriptors(source));
681
+ } else {
682
+ ownKeys$2(Object(source)).forEach(function(key) {
683
+ Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key));
684
+ });
685
+ }
686
+ return target;
687
+ }
688
+ function _ts_generator$8(thisArg, body) {
689
+ var f, y, t, g, _ = {
690
+ label: 0,
691
+ sent: function() {
692
+ if (t[0] & 1) throw t[1];
693
+ return t[1];
694
+ },
695
+ trys: [],
696
+ ops: []
697
+ };
698
+ return g = {
699
+ next: verb(0),
700
+ "throw": verb(1),
701
+ "return": verb(2)
702
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
703
+ return this;
704
+ }), g;
705
+ function verb(n) {
706
+ return function(v) {
707
+ return step([
708
+ n,
709
+ v
710
+ ]);
711
+ };
712
+ }
713
+ function step(op) {
714
+ if (f) throw new TypeError("Generator is already executing.");
715
+ while(_)try {
716
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
717
+ if (y = 0, t) op = [
718
+ op[0] & 2,
719
+ t.value
720
+ ];
721
+ switch(op[0]){
722
+ case 0:
723
+ case 1:
724
+ t = op;
725
+ break;
726
+ case 4:
727
+ _.label++;
728
+ return {
729
+ value: op[1],
730
+ done: false
731
+ };
732
+ case 5:
733
+ _.label++;
734
+ y = op[1];
735
+ op = [
736
+ 0
737
+ ];
738
+ continue;
739
+ case 7:
740
+ op = _.ops.pop();
741
+ _.trys.pop();
742
+ continue;
743
+ default:
744
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
745
+ _ = 0;
746
+ continue;
747
+ }
748
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
749
+ _.label = op[1];
750
+ break;
751
+ }
752
+ if (op[0] === 6 && _.label < t[1]) {
753
+ _.label = t[1];
754
+ t = op;
755
+ break;
756
+ }
757
+ if (t && _.label < t[2]) {
758
+ _.label = t[2];
759
+ _.ops.push(op);
760
+ break;
761
+ }
762
+ if (t[2]) _.ops.pop();
763
+ _.trys.pop();
764
+ continue;
765
+ }
766
+ op = body.call(thisArg, _);
767
+ } catch (e) {
768
+ op = [
769
+ 6,
770
+ e
771
+ ];
772
+ y = 0;
773
+ } finally{
774
+ f = t = 0;
775
+ }
776
+ if (op[0] & 5) throw op[1];
777
+ return {
778
+ value: op[0] ? op[1] : void 0,
779
+ done: true
780
+ };
781
+ }
782
+ }
783
+ var LoginCredentialsFetcher = /*#__PURE__*/ function() {
784
+ function LoginCredentialsFetcher(profileData, init, callerClientConfig) {
785
+ _class_call_check(this, LoginCredentialsFetcher);
786
+ _define_property$3(this, "profileData", void 0);
787
+ _define_property$3(this, "init", void 0);
788
+ _define_property$3(this, "callerClientConfig", void 0);
789
+ this.profileData = profileData;
790
+ this.init = init;
791
+ this.callerClientConfig = callerClientConfig;
792
+ }
793
+ _create_class(LoginCredentialsFetcher, [
794
+ {
795
+ key: "loadCredentials",
796
+ value: function loadCredentials() {
797
+ var _this = this;
798
+ return _async_to_generator$8(function() {
799
+ var token, accessToken, now, expiryTime, timeUntilExpiry;
800
+ return _ts_generator$8(this, function(_state) {
801
+ switch(_state.label){
802
+ case 0:
803
+ return [
804
+ 4,
805
+ _this.loadToken()
806
+ ];
807
+ case 1:
808
+ token = _state.sent();
809
+ if (!token) {
810
+ throw new CredentialsProviderError("Failed to load a token for session ".concat(_this.loginSession, ", please re-authenticate using aws login"), {
811
+ tryNextLink: false,
812
+ logger: _this.logger
813
+ });
814
+ }
815
+ accessToken = token.accessToken;
816
+ now = Date.now();
817
+ expiryTime = new Date(accessToken.expiresAt).getTime();
818
+ timeUntilExpiry = expiryTime - now;
819
+ if (timeUntilExpiry <= LoginCredentialsFetcher.REFRESH_THRESHOLD) {
820
+ return [
821
+ 2,
822
+ _this.refresh(token)
823
+ ];
824
+ }
825
+ return [
826
+ 2,
827
+ {
828
+ accessKeyId: accessToken.accessKeyId,
829
+ secretAccessKey: accessToken.secretAccessKey,
830
+ sessionToken: accessToken.sessionToken,
831
+ accountId: accessToken.accountId,
832
+ expiration: new Date(accessToken.expiresAt)
833
+ }
834
+ ];
835
+ }
836
+ });
837
+ })();
838
+ }
839
+ },
840
+ {
841
+ key: "logger",
842
+ get: function get() {
843
+ var _this_init;
844
+ return (_this_init = this.init) === null || _this_init === void 0 ? void 0 : _this_init.logger;
845
+ }
846
+ },
847
+ {
848
+ key: "loginSession",
849
+ get: function get() {
850
+ return this.profileData.login_session;
851
+ }
852
+ },
853
+ {
854
+ key: "refresh",
855
+ value: function refresh(token) {
856
+ var _this = this;
857
+ return _async_to_generator$8(function() {
858
+ var _this_callerClientConfig, _this_callerClientConfig1, _this_callerClientConfig_region, _this_callerClientConfig2, _this_init, _ref, SigninClient, CreateOAuth2TokenCommand, _this_callerClientConfig3, _ref1, logger, userAgentAppId, isH2, requestHandler, _this_profileData_region, _ref2, region, _tmp, client, commandInput, _response_tokenOutput, response, _response_tokenOutput_accessToken, _ref3, accessKeyId, secretAccessKey, sessionToken, _response_tokenOutput1, _ref4, refreshToken, expiresIn, expiresInMs, expiration, updatedToken, newAccessToken, error, errorType, message;
859
+ return _ts_generator$8(this, function(_state) {
860
+ switch(_state.label){
861
+ case 0:
862
+ return [
863
+ 4,
864
+ import('./index.esm16.js')
865
+ ];
866
+ case 1:
867
+ _ref = _state.sent(), SigninClient = _ref.SigninClient, CreateOAuth2TokenCommand = _ref.CreateOAuth2TokenCommand;
868
+ _ref1 = (_this_callerClientConfig3 = _this.callerClientConfig) !== null && _this_callerClientConfig3 !== void 0 ? _this_callerClientConfig3 : {}, logger = _ref1.logger, userAgentAppId = _ref1.userAgentAppId;
869
+ isH2 = function(requestHandler) {
870
+ var _requestHandler_metadata;
871
+ return (requestHandler === null || requestHandler === void 0 ? void 0 : (_requestHandler_metadata = requestHandler.metadata) === null || _requestHandler_metadata === void 0 ? void 0 : _requestHandler_metadata.handlerProtocol) === "h2";
872
+ };
873
+ requestHandler = isH2((_this_callerClientConfig = _this.callerClientConfig) === null || _this_callerClientConfig === void 0 ? void 0 : _this_callerClientConfig.requestHandler) ? undefined : (_this_callerClientConfig1 = _this.callerClientConfig) === null || _this_callerClientConfig1 === void 0 ? void 0 : _this_callerClientConfig1.requestHandler;
874
+ if (!((_this_profileData_region = _this.profileData.region) !== null && _this_profileData_region !== void 0)) return [
875
+ 3,
876
+ 2
877
+ ];
878
+ _tmp = _this_profileData_region;
879
+ return [
880
+ 3,
881
+ 4
882
+ ];
883
+ case 2:
884
+ return [
885
+ 4,
886
+ (_this_callerClientConfig2 = _this.callerClientConfig) === null || _this_callerClientConfig2 === void 0 ? void 0 : (_this_callerClientConfig_region = _this_callerClientConfig2.region) === null || _this_callerClientConfig_region === void 0 ? void 0 : _this_callerClientConfig_region.call(_this_callerClientConfig2)
887
+ ];
888
+ case 3:
889
+ _tmp = _state.sent();
890
+ _state.label = 4;
891
+ case 4:
892
+ region = (_ref2 = _tmp) !== null && _ref2 !== void 0 ? _ref2 : process.env.AWS_REGION;
893
+ client = new SigninClient(_object_spread$3({
894
+ credentials: {
895
+ accessKeyId: "",
896
+ secretAccessKey: ""
897
+ },
898
+ region: region,
899
+ requestHandler: requestHandler,
900
+ logger: logger,
901
+ userAgentAppId: userAgentAppId
902
+ }, (_this_init = _this.init) === null || _this_init === void 0 ? void 0 : _this_init.clientConfig));
903
+ _this.createDPoPInterceptor(client.middlewareStack);
904
+ commandInput = {
905
+ tokenInput: {
906
+ clientId: token.clientId,
907
+ refreshToken: token.refreshToken,
908
+ grantType: "refresh_token"
909
+ }
910
+ };
911
+ _state.label = 5;
912
+ case 5:
913
+ _state.trys.push([
914
+ 5,
915
+ 8,
916
+ ,
917
+ 9
918
+ ]);
919
+ return [
920
+ 4,
921
+ client.send(new CreateOAuth2TokenCommand(commandInput))
922
+ ];
923
+ case 6:
924
+ response = _state.sent();
925
+ _ref3 = (_response_tokenOutput_accessToken = (_response_tokenOutput = response.tokenOutput) === null || _response_tokenOutput === void 0 ? void 0 : _response_tokenOutput.accessToken) !== null && _response_tokenOutput_accessToken !== void 0 ? _response_tokenOutput_accessToken : {}, accessKeyId = _ref3.accessKeyId, secretAccessKey = _ref3.secretAccessKey, sessionToken = _ref3.sessionToken;
926
+ _ref4 = (_response_tokenOutput1 = response.tokenOutput) !== null && _response_tokenOutput1 !== void 0 ? _response_tokenOutput1 : {}, refreshToken = _ref4.refreshToken, expiresIn = _ref4.expiresIn;
927
+ if (!accessKeyId || !secretAccessKey || !sessionToken || !refreshToken) {
928
+ throw new CredentialsProviderError("Token refresh response missing required fields", {
929
+ logger: _this.logger,
930
+ tryNextLink: false
931
+ });
932
+ }
933
+ expiresInMs = (expiresIn !== null && expiresIn !== void 0 ? expiresIn : 900) * 1000;
934
+ expiration = new Date(Date.now() + expiresInMs);
935
+ updatedToken = _object_spread_props$2(_object_spread$3({}, token), {
936
+ accessToken: _object_spread_props$2(_object_spread$3({}, token.accessToken), {
937
+ accessKeyId: accessKeyId,
938
+ secretAccessKey: secretAccessKey,
939
+ sessionToken: sessionToken,
940
+ expiresAt: expiration.toISOString()
941
+ }),
942
+ refreshToken: refreshToken
943
+ });
944
+ return [
945
+ 4,
946
+ _this.saveToken(updatedToken)
947
+ ];
948
+ case 7:
949
+ _state.sent();
950
+ newAccessToken = updatedToken.accessToken;
951
+ return [
952
+ 2,
953
+ {
954
+ accessKeyId: newAccessToken.accessKeyId,
955
+ secretAccessKey: newAccessToken.secretAccessKey,
956
+ sessionToken: newAccessToken.sessionToken,
957
+ accountId: newAccessToken.accountId,
958
+ expiration: expiration
959
+ }
960
+ ];
961
+ case 8:
962
+ error = _state.sent();
963
+ if (error.name === "AccessDeniedException") {
964
+ errorType = error.error;
965
+ switch(errorType){
966
+ case "TOKEN_EXPIRED":
967
+ message = "Your session has expired. Please reauthenticate.";
968
+ break;
969
+ case "USER_CREDENTIALS_CHANGED":
970
+ message = "Unable to refresh credentials because of a change in your password. Please reauthenticate with your new password.";
971
+ break;
972
+ case "INSUFFICIENT_PERMISSIONS":
973
+ message = "Unable to refresh credentials due to insufficient permissions. You may be missing permission for the 'CreateOAuth2Token' action.";
974
+ break;
975
+ default:
976
+ message = "Failed to refresh token: ".concat(String(error), ". Please re-authenticate using `aws login`");
977
+ }
978
+ throw new CredentialsProviderError(message, {
979
+ logger: _this.logger,
980
+ tryNextLink: false
981
+ });
982
+ }
983
+ throw new CredentialsProviderError("Failed to refresh token: ".concat(String(error), ". Please re-authenticate using aws login"), {
984
+ logger: _this.logger
985
+ });
986
+ case 9:
987
+ return [
988
+ 2
989
+ ];
990
+ }
991
+ });
992
+ })();
993
+ }
994
+ },
995
+ {
996
+ key: "loadToken",
997
+ value: function loadToken() {
998
+ var _this = this;
999
+ return _async_to_generator$8(function() {
1000
+ var tokenFilePath, _token_accessToken, tokenData, _this_init, token, missingFields, error;
1001
+ return _ts_generator$8(this, function(_state) {
1002
+ switch(_state.label){
1003
+ case 0:
1004
+ tokenFilePath = _this.getTokenFilePath();
1005
+ _state.label = 1;
1006
+ case 1:
1007
+ _state.trys.push([
1008
+ 1,
1009
+ 7,
1010
+ ,
1011
+ 8
1012
+ ]);
1013
+ _state.label = 2;
1014
+ case 2:
1015
+ _state.trys.push([
1016
+ 2,
1017
+ 4,
1018
+ ,
1019
+ 6
1020
+ ]);
1021
+ return [
1022
+ 4,
1023
+ readFile(tokenFilePath, {
1024
+ ignoreCache: (_this_init = _this.init) === null || _this_init === void 0 ? void 0 : _this_init.ignoreCache
1025
+ })
1026
+ ];
1027
+ case 3:
1028
+ tokenData = _state.sent();
1029
+ return [
1030
+ 3,
1031
+ 6
1032
+ ];
1033
+ case 4:
1034
+ _state.sent();
1035
+ return [
1036
+ 4,
1037
+ promises.readFile(tokenFilePath, "utf8")
1038
+ ];
1039
+ case 5:
1040
+ tokenData = _state.sent();
1041
+ return [
1042
+ 3,
1043
+ 6
1044
+ ];
1045
+ case 6:
1046
+ token = JSON.parse(tokenData);
1047
+ missingFields = [
1048
+ "accessToken",
1049
+ "clientId",
1050
+ "refreshToken",
1051
+ "dpopKey"
1052
+ ].filter(function(k) {
1053
+ return !token[k];
1054
+ });
1055
+ if (!((_token_accessToken = token.accessToken) === null || _token_accessToken === void 0 ? void 0 : _token_accessToken.accountId)) {
1056
+ missingFields.push("accountId");
1057
+ }
1058
+ if (missingFields.length > 0) {
1059
+ throw new CredentialsProviderError("Token validation failed, missing fields: ".concat(missingFields.join(", ")), {
1060
+ logger: _this.logger,
1061
+ tryNextLink: false
1062
+ });
1063
+ }
1064
+ return [
1065
+ 2,
1066
+ token
1067
+ ];
1068
+ case 7:
1069
+ error = _state.sent();
1070
+ throw new CredentialsProviderError("Failed to load token from ".concat(tokenFilePath, ": ").concat(String(error)), {
1071
+ logger: _this.logger,
1072
+ tryNextLink: false
1073
+ });
1074
+ case 8:
1075
+ return [
1076
+ 2
1077
+ ];
1078
+ }
1079
+ });
1080
+ })();
1081
+ }
1082
+ },
1083
+ {
1084
+ key: "saveToken",
1085
+ value: function saveToken(token) {
1086
+ var _this = this;
1087
+ return _async_to_generator$8(function() {
1088
+ var tokenFilePath, directory;
1089
+ return _ts_generator$8(this, function(_state) {
1090
+ switch(_state.label){
1091
+ case 0:
1092
+ tokenFilePath = _this.getTokenFilePath();
1093
+ directory = dirname(tokenFilePath);
1094
+ _state.label = 1;
1095
+ case 1:
1096
+ _state.trys.push([
1097
+ 1,
1098
+ 3,
1099
+ ,
1100
+ 4
1101
+ ]);
1102
+ return [
1103
+ 4,
1104
+ promises.mkdir(directory, {
1105
+ recursive: true
1106
+ })
1107
+ ];
1108
+ case 2:
1109
+ _state.sent();
1110
+ return [
1111
+ 3,
1112
+ 4
1113
+ ];
1114
+ case 3:
1115
+ _state.sent();
1116
+ return [
1117
+ 3,
1118
+ 4
1119
+ ];
1120
+ case 4:
1121
+ return [
1122
+ 4,
1123
+ promises.writeFile(tokenFilePath, JSON.stringify(token, null, 2), "utf8")
1124
+ ];
1125
+ case 5:
1126
+ _state.sent();
1127
+ return [
1128
+ 2
1129
+ ];
1130
+ }
1131
+ });
1132
+ })();
1133
+ }
1134
+ },
1135
+ {
1136
+ key: "getTokenFilePath",
1137
+ value: function getTokenFilePath() {
1138
+ var _process_env_AWS_LOGIN_CACHE_DIRECTORY;
1139
+ var directory = (_process_env_AWS_LOGIN_CACHE_DIRECTORY = process.env.AWS_LOGIN_CACHE_DIRECTORY) !== null && _process_env_AWS_LOGIN_CACHE_DIRECTORY !== void 0 ? _process_env_AWS_LOGIN_CACHE_DIRECTORY : join(homedir(), ".aws", "login", "cache");
1140
+ var loginSessionBytes = Buffer.from(this.loginSession, "utf8");
1141
+ var loginSessionSha256 = createHash("sha256").update(loginSessionBytes).digest("hex");
1142
+ return join(directory, "".concat(loginSessionSha256, ".json"));
1143
+ }
1144
+ },
1145
+ {
1146
+ key: "derToRawSignature",
1147
+ value: function derToRawSignature(derSignature) {
1148
+ var offset = 2;
1149
+ if (derSignature[offset] !== 0x02) {
1150
+ throw new Error("Invalid DER signature");
1151
+ }
1152
+ offset++;
1153
+ var rLength = derSignature[offset++];
1154
+ var r = derSignature.subarray(offset, offset + rLength);
1155
+ offset += rLength;
1156
+ if (derSignature[offset] !== 0x02) {
1157
+ throw new Error("Invalid DER signature");
1158
+ }
1159
+ offset++;
1160
+ var sLength = derSignature[offset++];
1161
+ var s = derSignature.subarray(offset, offset + sLength);
1162
+ r = r[0] === 0x00 ? r.subarray(1) : r;
1163
+ s = s[0] === 0x00 ? s.subarray(1) : s;
1164
+ var rPadded = Buffer.concat([
1165
+ Buffer.alloc(32 - r.length),
1166
+ r
1167
+ ]);
1168
+ var sPadded = Buffer.concat([
1169
+ Buffer.alloc(32 - s.length),
1170
+ s
1171
+ ]);
1172
+ return Buffer.concat([
1173
+ rPadded,
1174
+ sPadded
1175
+ ]);
1176
+ }
1177
+ },
1178
+ {
1179
+ key: "createDPoPInterceptor",
1180
+ value: function createDPoPInterceptor(middlewareStack) {
1181
+ var _this = this;
1182
+ middlewareStack.add(function(next) {
1183
+ return function() {
1184
+ var _ref = _async_to_generator$8(function(args) {
1185
+ var request, actualEndpoint, dpop;
1186
+ return _ts_generator$8(this, function(_state) {
1187
+ switch(_state.label){
1188
+ case 0:
1189
+ if (!HttpRequest.isInstance(args.request)) return [
1190
+ 3,
1191
+ 2
1192
+ ];
1193
+ request = args.request;
1194
+ actualEndpoint = "".concat(request.protocol, "//").concat(request.hostname).concat(request.port ? ":".concat(request.port) : "").concat(request.path);
1195
+ return [
1196
+ 4,
1197
+ _this.generateDpop(request.method, actualEndpoint)
1198
+ ];
1199
+ case 1:
1200
+ dpop = _state.sent();
1201
+ request.headers = _object_spread_props$2(_object_spread$3({}, request.headers), {
1202
+ DPoP: dpop
1203
+ });
1204
+ _state.label = 2;
1205
+ case 2:
1206
+ return [
1207
+ 2,
1208
+ next(args)
1209
+ ];
1210
+ }
1211
+ });
1212
+ });
1213
+ return function(args) {
1214
+ return _ref.apply(this, arguments);
1215
+ };
1216
+ }();
1217
+ }, {
1218
+ step: "finalizeRequest",
1219
+ name: "dpopInterceptor",
1220
+ override: true
1221
+ });
1222
+ }
1223
+ },
1224
+ {
1225
+ key: "generateDpop",
1226
+ value: function generateDpop() {
1227
+ var method = arguments.length > 0 && arguments[0] !== void 0 ? arguments[0] : "POST", endpoint = arguments.length > 1 ? arguments[1] : void 0;
1228
+ var _this = this;
1229
+ return _async_to_generator$8(function() {
1230
+ var token, privateKey, publicKey, publicDer, pointStart, i, x, y, header, payload, headerB64, payloadB64, message, asn1Signature, rawSignature, signatureB64;
1231
+ return _ts_generator$8(this, function(_state) {
1232
+ switch(_state.label){
1233
+ case 0:
1234
+ return [
1235
+ 4,
1236
+ _this.loadToken()
1237
+ ];
1238
+ case 1:
1239
+ token = _state.sent();
1240
+ try {
1241
+ privateKey = createPrivateKey({
1242
+ key: token.dpopKey,
1243
+ format: "pem",
1244
+ type: "sec1"
1245
+ });
1246
+ publicKey = createPublicKey(privateKey);
1247
+ publicDer = publicKey.export({
1248
+ format: "der",
1249
+ type: "spki"
1250
+ });
1251
+ pointStart = -1;
1252
+ for(i = 0; i < publicDer.length; i++){
1253
+ if (publicDer[i] === 0x04) {
1254
+ pointStart = i;
1255
+ break;
1256
+ }
1257
+ }
1258
+ x = publicDer.slice(pointStart + 1, pointStart + 33);
1259
+ y = publicDer.slice(pointStart + 33, pointStart + 65);
1260
+ header = {
1261
+ alg: "ES256",
1262
+ typ: "dpop+jwt",
1263
+ jwk: {
1264
+ kty: "EC",
1265
+ crv: "P-256",
1266
+ x: x.toString("base64url"),
1267
+ y: y.toString("base64url")
1268
+ }
1269
+ };
1270
+ payload = {
1271
+ jti: crypto.randomUUID(),
1272
+ htm: method,
1273
+ htu: endpoint,
1274
+ iat: Math.floor(Date.now() / 1000)
1275
+ };
1276
+ headerB64 = Buffer.from(JSON.stringify(header)).toString("base64url");
1277
+ payloadB64 = Buffer.from(JSON.stringify(payload)).toString("base64url");
1278
+ message = "".concat(headerB64, ".").concat(payloadB64);
1279
+ asn1Signature = sign("sha256", Buffer.from(message), privateKey);
1280
+ rawSignature = _this.derToRawSignature(asn1Signature);
1281
+ signatureB64 = rawSignature.toString("base64url");
1282
+ return [
1283
+ 2,
1284
+ "".concat(message, ".").concat(signatureB64)
1285
+ ];
1286
+ } catch (error) {
1287
+ throw new CredentialsProviderError("Failed to generate Dpop proof: ".concat(_instanceof(error, Error) ? error.message : String(error)), {
1288
+ logger: _this.logger,
1289
+ tryNextLink: false
1290
+ });
1291
+ }
1292
+ return [
1293
+ 2
1294
+ ];
1295
+ }
1296
+ });
1297
+ })();
1298
+ }
1299
+ }
1300
+ ]);
1301
+ return LoginCredentialsFetcher;
1302
+ }();
1303
+ _define_property$3(LoginCredentialsFetcher, "REFRESH_THRESHOLD", 5 * 60 * 1000);
1304
+
1305
+ function asyncGeneratorStep$7(gen, resolve, reject, _next, _throw, key, arg) {
1306
+ try {
1307
+ var info = gen[key](arg);
1308
+ var value = info.value;
1309
+ } catch (error) {
1310
+ reject(error);
1311
+ return;
1312
+ }
1313
+ if (info.done) {
1314
+ resolve(value);
1315
+ } else {
1316
+ Promise.resolve(value).then(_next, _throw);
1317
+ }
1318
+ }
1319
+ function _async_to_generator$7(fn) {
1320
+ return function() {
1321
+ var self = this, args = arguments;
1322
+ return new Promise(function(resolve, reject) {
1323
+ var gen = fn.apply(self, args);
1324
+ function _next(value) {
1325
+ asyncGeneratorStep$7(gen, resolve, reject, _next, _throw, "next", value);
1326
+ }
1327
+ function _throw(err) {
1328
+ asyncGeneratorStep$7(gen, resolve, reject, _next, _throw, "throw", err);
1329
+ }
1330
+ _next(undefined);
1331
+ });
1332
+ };
1333
+ }
1334
+ function _ts_generator$7(thisArg, body) {
1335
+ var f, y, t, g, _ = {
1336
+ label: 0,
1337
+ sent: function() {
1338
+ if (t[0] & 1) throw t[1];
1339
+ return t[1];
1340
+ },
1341
+ trys: [],
1342
+ ops: []
1343
+ };
1344
+ return g = {
1345
+ next: verb(0),
1346
+ "throw": verb(1),
1347
+ "return": verb(2)
1348
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
1349
+ return this;
1350
+ }), g;
1351
+ function verb(n) {
1352
+ return function(v) {
1353
+ return step([
1354
+ n,
1355
+ v
1356
+ ]);
1357
+ };
1358
+ }
1359
+ function step(op) {
1360
+ if (f) throw new TypeError("Generator is already executing.");
1361
+ while(_)try {
1362
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
1363
+ if (y = 0, t) op = [
1364
+ op[0] & 2,
1365
+ t.value
1366
+ ];
1367
+ switch(op[0]){
1368
+ case 0:
1369
+ case 1:
1370
+ t = op;
1371
+ break;
1372
+ case 4:
1373
+ _.label++;
1374
+ return {
1375
+ value: op[1],
1376
+ done: false
1377
+ };
1378
+ case 5:
1379
+ _.label++;
1380
+ y = op[1];
1381
+ op = [
1382
+ 0
1383
+ ];
1384
+ continue;
1385
+ case 7:
1386
+ op = _.ops.pop();
1387
+ _.trys.pop();
1388
+ continue;
1389
+ default:
1390
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
1391
+ _ = 0;
1392
+ continue;
1393
+ }
1394
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
1395
+ _.label = op[1];
1396
+ break;
1397
+ }
1398
+ if (op[0] === 6 && _.label < t[1]) {
1399
+ _.label = t[1];
1400
+ t = op;
1401
+ break;
1402
+ }
1403
+ if (t && _.label < t[2]) {
1404
+ _.label = t[2];
1405
+ _.ops.push(op);
1406
+ break;
1407
+ }
1408
+ if (t[2]) _.ops.pop();
1409
+ _.trys.pop();
1410
+ continue;
1411
+ }
1412
+ op = body.call(thisArg, _);
1413
+ } catch (e) {
1414
+ op = [
1415
+ 6,
1416
+ e
1417
+ ];
1418
+ y = 0;
1419
+ } finally{
1420
+ f = t = 0;
1421
+ }
1422
+ if (op[0] & 5) throw op[1];
1423
+ return {
1424
+ value: op[0] ? op[1] : void 0,
1425
+ done: true
1426
+ };
1427
+ }
1428
+ }
1429
+ var fromLoginCredentials = function(init) {
1430
+ return /*#__PURE__*/ _async_to_generator$7(function() {
1431
+ var callerClientConfig, _init_logger_debug, _init_logger, profiles, _init_profile, profileName, profile, fetcher, credentials;
1432
+ var _arguments = arguments;
1433
+ return _ts_generator$7(this, function(_state) {
1434
+ switch(_state.label){
1435
+ case 0:
1436
+ callerClientConfig = (_arguments.length > 0 && _arguments[0] !== void 0 ? _arguments[0] : {}).callerClientConfig;
1437
+ init === null || init === void 0 ? void 0 : (_init_logger = init.logger) === null || _init_logger === void 0 ? void 0 : (_init_logger_debug = _init_logger.debug) === null || _init_logger_debug === void 0 ? void 0 : _init_logger_debug.call(_init_logger, "@aws-sdk/credential-providers - fromLoginCredentials");
1438
+ return [
1439
+ 4,
1440
+ parseKnownFiles(init || {})
1441
+ ];
1442
+ case 1:
1443
+ profiles = _state.sent();
1444
+ profileName = getProfileName({
1445
+ profile: (_init_profile = init === null || init === void 0 ? void 0 : init.profile) !== null && _init_profile !== void 0 ? _init_profile : callerClientConfig === null || callerClientConfig === void 0 ? void 0 : callerClientConfig.profile
1446
+ });
1447
+ profile = profiles[profileName];
1448
+ if (!(profile === null || profile === void 0 ? void 0 : profile.login_session)) {
1449
+ throw new CredentialsProviderError("Profile ".concat(profileName, " does not contain login_session."), {
1450
+ tryNextLink: true,
1451
+ logger: init === null || init === void 0 ? void 0 : init.logger
1452
+ });
1453
+ }
1454
+ fetcher = new LoginCredentialsFetcher(profile, init, callerClientConfig);
1455
+ return [
1456
+ 4,
1457
+ fetcher.loadCredentials()
1458
+ ];
1459
+ case 2:
1460
+ credentials = _state.sent();
1461
+ return [
1462
+ 2,
1463
+ setCredentialFeature(credentials, "CREDENTIALS_LOGIN", "AD")
1464
+ ];
1465
+ }
1466
+ });
1467
+ });
1468
+ };
1469
+
1470
+ function asyncGeneratorStep$6(gen, resolve, reject, _next, _throw, key, arg) {
1471
+ try {
1472
+ var info = gen[key](arg);
1473
+ var value = info.value;
1474
+ } catch (error) {
1475
+ reject(error);
1476
+ return;
1477
+ }
1478
+ if (info.done) {
1479
+ resolve(value);
1480
+ } else {
1481
+ Promise.resolve(value).then(_next, _throw);
1482
+ }
1483
+ }
1484
+ function _async_to_generator$6(fn) {
1485
+ return function() {
1486
+ var self = this, args = arguments;
1487
+ return new Promise(function(resolve, reject) {
1488
+ var gen = fn.apply(self, args);
1489
+ function _next(value) {
1490
+ asyncGeneratorStep$6(gen, resolve, reject, _next, _throw, "next", value);
1491
+ }
1492
+ function _throw(err) {
1493
+ asyncGeneratorStep$6(gen, resolve, reject, _next, _throw, "throw", err);
1494
+ }
1495
+ _next(undefined);
1496
+ });
1497
+ };
1498
+ }
1499
+ function _define_property$2(obj, key, value) {
1500
+ if (key in obj) {
1501
+ Object.defineProperty(obj, key, {
1502
+ value: value,
1503
+ enumerable: true,
1504
+ configurable: true,
1505
+ writable: true
1506
+ });
1507
+ } else {
1508
+ obj[key] = value;
1509
+ }
1510
+ return obj;
1511
+ }
1512
+ function _object_spread$2(target) {
1513
+ for(var i = 1; i < arguments.length; i++){
1514
+ var source = arguments[i] != null ? arguments[i] : {};
1515
+ var ownKeys = Object.keys(source);
1516
+ if (typeof Object.getOwnPropertySymbols === "function") {
1517
+ ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
1518
+ return Object.getOwnPropertyDescriptor(source, sym).enumerable;
1519
+ }));
1520
+ }
1521
+ ownKeys.forEach(function(key) {
1522
+ _define_property$2(target, key, source[key]);
1523
+ });
1524
+ }
1525
+ return target;
1526
+ }
1527
+ function ownKeys$1(object, enumerableOnly) {
1528
+ var keys = Object.keys(object);
1529
+ if (Object.getOwnPropertySymbols) {
1530
+ var symbols = Object.getOwnPropertySymbols(object);
1531
+ keys.push.apply(keys, symbols);
1532
+ }
1533
+ return keys;
1534
+ }
1535
+ function _object_spread_props$1(target, source) {
1536
+ source = source != null ? source : {};
1537
+ if (Object.getOwnPropertyDescriptors) {
1538
+ Object.defineProperties(target, Object.getOwnPropertyDescriptors(source));
1539
+ } else {
1540
+ ownKeys$1(Object(source)).forEach(function(key) {
1541
+ Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key));
1542
+ });
1543
+ }
1544
+ return target;
1545
+ }
1546
+ function _ts_generator$6(thisArg, body) {
1547
+ var f, y, t, g, _ = {
1548
+ label: 0,
1549
+ sent: function() {
1550
+ if (t[0] & 1) throw t[1];
1551
+ return t[1];
1552
+ },
1553
+ trys: [],
1554
+ ops: []
1555
+ };
1556
+ return g = {
1557
+ next: verb(0),
1558
+ "throw": verb(1),
1559
+ "return": verb(2)
1560
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
1561
+ return this;
1562
+ }), g;
1563
+ function verb(n) {
1564
+ return function(v) {
1565
+ return step([
1566
+ n,
1567
+ v
1568
+ ]);
1569
+ };
1570
+ }
1571
+ function step(op) {
1572
+ if (f) throw new TypeError("Generator is already executing.");
1573
+ while(_)try {
1574
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
1575
+ if (y = 0, t) op = [
1576
+ op[0] & 2,
1577
+ t.value
1578
+ ];
1579
+ switch(op[0]){
1580
+ case 0:
1581
+ case 1:
1582
+ t = op;
1583
+ break;
1584
+ case 4:
1585
+ _.label++;
1586
+ return {
1587
+ value: op[1],
1588
+ done: false
1589
+ };
1590
+ case 5:
1591
+ _.label++;
1592
+ y = op[1];
1593
+ op = [
1594
+ 0
1595
+ ];
1596
+ continue;
1597
+ case 7:
1598
+ op = _.ops.pop();
1599
+ _.trys.pop();
1600
+ continue;
1601
+ default:
1602
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
1603
+ _ = 0;
1604
+ continue;
1605
+ }
1606
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
1607
+ _.label = op[1];
1608
+ break;
1609
+ }
1610
+ if (op[0] === 6 && _.label < t[1]) {
1611
+ _.label = t[1];
1612
+ t = op;
1613
+ break;
1614
+ }
1615
+ if (t && _.label < t[2]) {
1616
+ _.label = t[2];
1617
+ _.ops.push(op);
1618
+ break;
1619
+ }
1620
+ if (t[2]) _.ops.pop();
1621
+ _.trys.pop();
1622
+ continue;
1623
+ }
1624
+ op = body.call(thisArg, _);
1625
+ } catch (e) {
1626
+ op = [
1627
+ 6,
1628
+ e
1629
+ ];
1630
+ y = 0;
1631
+ } finally{
1632
+ f = t = 0;
1633
+ }
1634
+ if (op[0] & 5) throw op[1];
1635
+ return {
1636
+ value: op[0] ? op[1] : void 0,
1637
+ done: true
1638
+ };
1639
+ }
1640
+ }
1641
+ var isLoginProfile = function(data) {
1642
+ return Boolean(data && data.login_session);
1643
+ };
1644
+ var resolveLoginCredentials = function() {
1645
+ var _ref = _async_to_generator$6(function(profileName, options, callerClientConfig) {
1646
+ var credentials;
1647
+ return _ts_generator$6(this, function(_state) {
1648
+ switch(_state.label){
1649
+ case 0:
1650
+ return [
1651
+ 4,
1652
+ fromLoginCredentials(_object_spread_props$1(_object_spread$2({}, options), {
1653
+ profile: profileName
1654
+ }))({
1655
+ callerClientConfig: callerClientConfig
1656
+ })
1657
+ ];
1658
+ case 1:
1659
+ credentials = _state.sent();
1660
+ return [
1661
+ 2,
1662
+ setCredentialFeature(credentials, "CREDENTIALS_PROFILE_LOGIN", "AC")
1663
+ ];
1664
+ }
1665
+ });
1666
+ });
1667
+ return function resolveLoginCredentials(profileName, options, callerClientConfig) {
1668
+ return _ref.apply(this, arguments);
1669
+ };
1670
+ }();
1671
+
1672
+ function asyncGeneratorStep$5(gen, resolve, reject, _next, _throw, key, arg) {
1673
+ try {
1674
+ var info = gen[key](arg);
1675
+ var value = info.value;
1676
+ } catch (error) {
1677
+ reject(error);
1678
+ return;
1679
+ }
1680
+ if (info.done) {
1681
+ resolve(value);
1682
+ } else {
1683
+ Promise.resolve(value).then(_next, _throw);
1684
+ }
1685
+ }
1686
+ function _async_to_generator$5(fn) {
1687
+ return function() {
1688
+ var self = this, args = arguments;
1689
+ return new Promise(function(resolve, reject) {
1690
+ var gen = fn.apply(self, args);
1691
+ function _next(value) {
1692
+ asyncGeneratorStep$5(gen, resolve, reject, _next, _throw, "next", value);
1693
+ }
1694
+ function _throw(err) {
1695
+ asyncGeneratorStep$5(gen, resolve, reject, _next, _throw, "throw", err);
1696
+ }
1697
+ _next(undefined);
1698
+ });
1699
+ };
1700
+ }
1701
+ function _define_property$1(obj, key, value) {
1702
+ if (key in obj) {
1703
+ Object.defineProperty(obj, key, {
1704
+ value: value,
1705
+ enumerable: true,
1706
+ configurable: true,
1707
+ writable: true
1708
+ });
1709
+ } else {
1710
+ obj[key] = value;
1711
+ }
1712
+ return obj;
1713
+ }
1714
+ function _object_spread$1(target) {
1715
+ for(var i = 1; i < arguments.length; i++){
1716
+ var source = arguments[i] != null ? arguments[i] : {};
1717
+ var ownKeys = Object.keys(source);
1718
+ if (typeof Object.getOwnPropertySymbols === "function") {
1719
+ ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
1720
+ return Object.getOwnPropertyDescriptor(source, sym).enumerable;
1721
+ }));
1722
+ }
1723
+ ownKeys.forEach(function(key) {
1724
+ _define_property$1(target, key, source[key]);
1725
+ });
1726
+ }
1727
+ return target;
1728
+ }
1729
+ function ownKeys(object, enumerableOnly) {
1730
+ var keys = Object.keys(object);
1731
+ if (Object.getOwnPropertySymbols) {
1732
+ var symbols = Object.getOwnPropertySymbols(object);
1733
+ keys.push.apply(keys, symbols);
1734
+ }
1735
+ return keys;
1736
+ }
1737
+ function _object_spread_props(target, source) {
1738
+ source = source != null ? source : {};
1739
+ if (Object.getOwnPropertyDescriptors) {
1740
+ Object.defineProperties(target, Object.getOwnPropertyDescriptors(source));
1741
+ } else {
1742
+ ownKeys(Object(source)).forEach(function(key) {
1743
+ Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key));
1744
+ });
1745
+ }
1746
+ return target;
1747
+ }
1748
+ function _type_of$2(obj) {
1749
+ "@swc/helpers - typeof";
1750
+ return obj && typeof Symbol !== "undefined" && obj.constructor === Symbol ? "symbol" : typeof obj;
1751
+ }
1752
+ function _ts_generator$5(thisArg, body) {
1753
+ var f, y, t, g, _ = {
1754
+ label: 0,
1755
+ sent: function() {
1756
+ if (t[0] & 1) throw t[1];
1757
+ return t[1];
1758
+ },
1759
+ trys: [],
1760
+ ops: []
1761
+ };
1762
+ return g = {
1763
+ next: verb(0),
1764
+ "throw": verb(1),
1765
+ "return": verb(2)
1766
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
1767
+ return this;
1768
+ }), g;
1769
+ function verb(n) {
1770
+ return function(v) {
1771
+ return step([
1772
+ n,
1773
+ v
1774
+ ]);
1775
+ };
1776
+ }
1777
+ function step(op) {
1778
+ if (f) throw new TypeError("Generator is already executing.");
1779
+ while(_)try {
1780
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
1781
+ if (y = 0, t) op = [
1782
+ op[0] & 2,
1783
+ t.value
1784
+ ];
1785
+ switch(op[0]){
1786
+ case 0:
1787
+ case 1:
1788
+ t = op;
1789
+ break;
1790
+ case 4:
1791
+ _.label++;
1792
+ return {
1793
+ value: op[1],
1794
+ done: false
1795
+ };
1796
+ case 5:
1797
+ _.label++;
1798
+ y = op[1];
1799
+ op = [
1800
+ 0
1801
+ ];
1802
+ continue;
1803
+ case 7:
1804
+ op = _.ops.pop();
1805
+ _.trys.pop();
1806
+ continue;
1807
+ default:
1808
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
1809
+ _ = 0;
1810
+ continue;
1811
+ }
1812
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
1813
+ _.label = op[1];
1814
+ break;
1815
+ }
1816
+ if (op[0] === 6 && _.label < t[1]) {
1817
+ _.label = t[1];
1818
+ t = op;
1819
+ break;
1820
+ }
1821
+ if (t && _.label < t[2]) {
1822
+ _.label = t[2];
1823
+ _.ops.push(op);
1824
+ break;
1825
+ }
1826
+ if (t[2]) _.ops.pop();
1827
+ _.trys.pop();
1828
+ continue;
1829
+ }
1830
+ op = body.call(thisArg, _);
1831
+ } catch (e) {
1832
+ op = [
1833
+ 6,
1834
+ e
1835
+ ];
1836
+ y = 0;
1837
+ } finally{
1838
+ f = t = 0;
1839
+ }
1840
+ if (op[0] & 5) throw op[1];
1841
+ return {
1842
+ value: op[0] ? op[1] : void 0,
1843
+ done: true
1844
+ };
1845
+ }
1846
+ }
1847
+ var isProcessProfile = function(arg) {
1848
+ return Boolean(arg) && (typeof arg === "undefined" ? "undefined" : _type_of$2(arg)) === "object" && typeof arg.credential_process === "string";
1849
+ };
1850
+ var resolveProcessCredentials = function() {
1851
+ var _ref = _async_to_generator$5(function(options, profile) {
1852
+ return _ts_generator$5(this, function(_state) {
1853
+ return [
1854
+ 2,
1855
+ import('./index.esm17.js').then(function(param) {
1856
+ var fromProcess = param.fromProcess;
1857
+ return fromProcess(_object_spread_props(_object_spread$1({}, options), {
1858
+ profile: profile
1859
+ }))().then(function(creds) {
1860
+ return setCredentialFeature(creds, "CREDENTIALS_PROFILE_PROCESS", "v");
1861
+ });
1862
+ })
1863
+ ];
1864
+ });
1865
+ });
1866
+ return function resolveProcessCredentials(options, profile) {
1867
+ return _ref.apply(this, arguments);
1868
+ };
1869
+ }();
1870
+
1871
+ function asyncGeneratorStep$4(gen, resolve, reject, _next, _throw, key, arg) {
1872
+ try {
1873
+ var info = gen[key](arg);
1874
+ var value = info.value;
1875
+ } catch (error) {
1876
+ reject(error);
1877
+ return;
1878
+ }
1879
+ if (info.done) {
1880
+ resolve(value);
1881
+ } else {
1882
+ Promise.resolve(value).then(_next, _throw);
1883
+ }
1884
+ }
1885
+ function _async_to_generator$4(fn) {
1886
+ return function() {
1887
+ var self = this, args = arguments;
1888
+ return new Promise(function(resolve, reject) {
1889
+ var gen = fn.apply(self, args);
1890
+ function _next(value) {
1891
+ asyncGeneratorStep$4(gen, resolve, reject, _next, _throw, "next", value);
1892
+ }
1893
+ function _throw(err) {
1894
+ asyncGeneratorStep$4(gen, resolve, reject, _next, _throw, "throw", err);
1895
+ }
1896
+ _next(undefined);
1897
+ });
1898
+ };
1899
+ }
1900
+ function _ts_generator$4(thisArg, body) {
1901
+ var f, y, t, g, _ = {
1902
+ label: 0,
1903
+ sent: function() {
1904
+ if (t[0] & 1) throw t[1];
1905
+ return t[1];
1906
+ },
1907
+ trys: [],
1908
+ ops: []
1909
+ };
1910
+ return g = {
1911
+ next: verb(0),
1912
+ "throw": verb(1),
1913
+ "return": verb(2)
1914
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
1915
+ return this;
1916
+ }), g;
1917
+ function verb(n) {
1918
+ return function(v) {
1919
+ return step([
1920
+ n,
1921
+ v
1922
+ ]);
1923
+ };
1924
+ }
1925
+ function step(op) {
1926
+ if (f) throw new TypeError("Generator is already executing.");
1927
+ while(_)try {
1928
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
1929
+ if (y = 0, t) op = [
1930
+ op[0] & 2,
1931
+ t.value
1932
+ ];
1933
+ switch(op[0]){
1934
+ case 0:
1935
+ case 1:
1936
+ t = op;
1937
+ break;
1938
+ case 4:
1939
+ _.label++;
1940
+ return {
1941
+ value: op[1],
1942
+ done: false
1943
+ };
1944
+ case 5:
1945
+ _.label++;
1946
+ y = op[1];
1947
+ op = [
1948
+ 0
1949
+ ];
1950
+ continue;
1951
+ case 7:
1952
+ op = _.ops.pop();
1953
+ _.trys.pop();
1954
+ continue;
1955
+ default:
1956
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
1957
+ _ = 0;
1958
+ continue;
1959
+ }
1960
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
1961
+ _.label = op[1];
1962
+ break;
1963
+ }
1964
+ if (op[0] === 6 && _.label < t[1]) {
1965
+ _.label = t[1];
1966
+ t = op;
1967
+ break;
1968
+ }
1969
+ if (t && _.label < t[2]) {
1970
+ _.label = t[2];
1971
+ _.ops.push(op);
1972
+ break;
1973
+ }
1974
+ if (t[2]) _.ops.pop();
1975
+ _.trys.pop();
1976
+ continue;
1977
+ }
1978
+ op = body.call(thisArg, _);
1979
+ } catch (e) {
1980
+ op = [
1981
+ 6,
1982
+ e
1983
+ ];
1984
+ y = 0;
1985
+ } finally{
1986
+ f = t = 0;
1987
+ }
1988
+ if (op[0] & 5) throw op[1];
1989
+ return {
1990
+ value: op[0] ? op[1] : void 0,
1991
+ done: true
1992
+ };
1993
+ }
1994
+ }
1995
+ var resolveSsoCredentials = function() {
1996
+ var _ref = _async_to_generator$4(function(profile, profileData) {
1997
+ var options, callerClientConfig, fromSSO;
1998
+ var _arguments = arguments;
1999
+ return _ts_generator$4(this, function(_state) {
2000
+ switch(_state.label){
2001
+ case 0:
2002
+ options = _arguments.length > 2 && _arguments[2] !== void 0 ? _arguments[2] : {}, callerClientConfig = _arguments.length > 3 ? _arguments[3] : void 0;
2003
+ return [
2004
+ 4,
2005
+ import('./index.esm18.js')
2006
+ ];
2007
+ case 1:
2008
+ fromSSO = _state.sent().fromSSO;
2009
+ return [
2010
+ 2,
2011
+ fromSSO({
2012
+ profile: profile,
2013
+ logger: options.logger,
2014
+ parentClientConfig: options.parentClientConfig,
2015
+ clientConfig: options.clientConfig
2016
+ })({
2017
+ callerClientConfig: callerClientConfig
2018
+ }).then(function(creds) {
2019
+ if (profileData.sso_session) {
2020
+ return setCredentialFeature(creds, "CREDENTIALS_PROFILE_SSO", "r");
2021
+ } else {
2022
+ return setCredentialFeature(creds, "CREDENTIALS_PROFILE_SSO_LEGACY", "t");
2023
+ }
2024
+ })
2025
+ ];
2026
+ }
2027
+ });
2028
+ });
2029
+ return function resolveSsoCredentials(profile, profileData) {
2030
+ return _ref.apply(this, arguments);
2031
+ };
2032
+ }();
2033
+ var isSsoProfile = function(arg) {
2034
+ return arg && (typeof arg.sso_start_url === "string" || typeof arg.sso_account_id === "string" || typeof arg.sso_session === "string" || typeof arg.sso_region === "string" || typeof arg.sso_role_name === "string");
2035
+ };
2036
+
2037
+ function asyncGeneratorStep$3(gen, resolve, reject, _next, _throw, key, arg) {
2038
+ try {
2039
+ var info = gen[key](arg);
2040
+ var value = info.value;
2041
+ } catch (error) {
2042
+ reject(error);
2043
+ return;
2044
+ }
2045
+ if (info.done) {
2046
+ resolve(value);
2047
+ } else {
2048
+ Promise.resolve(value).then(_next, _throw);
2049
+ }
2050
+ }
2051
+ function _async_to_generator$3(fn) {
2052
+ return function() {
2053
+ var self = this, args = arguments;
2054
+ return new Promise(function(resolve, reject) {
2055
+ var gen = fn.apply(self, args);
2056
+ function _next(value) {
2057
+ asyncGeneratorStep$3(gen, resolve, reject, _next, _throw, "next", value);
2058
+ }
2059
+ function _throw(err) {
2060
+ asyncGeneratorStep$3(gen, resolve, reject, _next, _throw, "throw", err);
2061
+ }
2062
+ _next(undefined);
2063
+ });
2064
+ };
2065
+ }
2066
+ function _define_property(obj, key, value) {
2067
+ if (key in obj) {
2068
+ Object.defineProperty(obj, key, {
2069
+ value: value,
2070
+ enumerable: true,
2071
+ configurable: true,
2072
+ writable: true
2073
+ });
2074
+ } else {
2075
+ obj[key] = value;
2076
+ }
2077
+ return obj;
2078
+ }
2079
+ function _object_spread(target) {
2080
+ for(var i = 1; i < arguments.length; i++){
2081
+ var source = arguments[i] != null ? arguments[i] : {};
2082
+ var ownKeys = Object.keys(source);
2083
+ if (typeof Object.getOwnPropertySymbols === "function") {
2084
+ ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
2085
+ return Object.getOwnPropertyDescriptor(source, sym).enumerable;
2086
+ }));
2087
+ }
2088
+ ownKeys.forEach(function(key) {
2089
+ _define_property(target, key, source[key]);
2090
+ });
2091
+ }
2092
+ return target;
2093
+ }
2094
+ function _type_of$1(obj) {
2095
+ "@swc/helpers - typeof";
2096
+ return obj && typeof Symbol !== "undefined" && obj.constructor === Symbol ? "symbol" : typeof obj;
2097
+ }
2098
+ function _ts_generator$3(thisArg, body) {
2099
+ var f, y, t, g, _ = {
2100
+ label: 0,
2101
+ sent: function() {
2102
+ if (t[0] & 1) throw t[1];
2103
+ return t[1];
2104
+ },
2105
+ trys: [],
2106
+ ops: []
2107
+ };
2108
+ return g = {
2109
+ next: verb(0),
2110
+ "throw": verb(1),
2111
+ "return": verb(2)
2112
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
2113
+ return this;
2114
+ }), g;
2115
+ function verb(n) {
2116
+ return function(v) {
2117
+ return step([
2118
+ n,
2119
+ v
2120
+ ]);
2121
+ };
2122
+ }
2123
+ function step(op) {
2124
+ if (f) throw new TypeError("Generator is already executing.");
2125
+ while(_)try {
2126
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
2127
+ if (y = 0, t) op = [
2128
+ op[0] & 2,
2129
+ t.value
2130
+ ];
2131
+ switch(op[0]){
2132
+ case 0:
2133
+ case 1:
2134
+ t = op;
2135
+ break;
2136
+ case 4:
2137
+ _.label++;
2138
+ return {
2139
+ value: op[1],
2140
+ done: false
2141
+ };
2142
+ case 5:
2143
+ _.label++;
2144
+ y = op[1];
2145
+ op = [
2146
+ 0
2147
+ ];
2148
+ continue;
2149
+ case 7:
2150
+ op = _.ops.pop();
2151
+ _.trys.pop();
2152
+ continue;
2153
+ default:
2154
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
2155
+ _ = 0;
2156
+ continue;
2157
+ }
2158
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
2159
+ _.label = op[1];
2160
+ break;
2161
+ }
2162
+ if (op[0] === 6 && _.label < t[1]) {
2163
+ _.label = t[1];
2164
+ t = op;
2165
+ break;
2166
+ }
2167
+ if (t && _.label < t[2]) {
2168
+ _.label = t[2];
2169
+ _.ops.push(op);
2170
+ break;
2171
+ }
2172
+ if (t[2]) _.ops.pop();
2173
+ _.trys.pop();
2174
+ continue;
2175
+ }
2176
+ op = body.call(thisArg, _);
2177
+ } catch (e) {
2178
+ op = [
2179
+ 6,
2180
+ e
2181
+ ];
2182
+ y = 0;
2183
+ } finally{
2184
+ f = t = 0;
2185
+ }
2186
+ if (op[0] & 5) throw op[1];
2187
+ return {
2188
+ value: op[0] ? op[1] : void 0,
2189
+ done: true
2190
+ };
2191
+ }
2192
+ }
2193
+ var isStaticCredsProfile = function(arg) {
2194
+ return Boolean(arg) && (typeof arg === "undefined" ? "undefined" : _type_of$1(arg)) === "object" && typeof arg.aws_access_key_id === "string" && typeof arg.aws_secret_access_key === "string" && [
2195
+ "undefined",
2196
+ "string"
2197
+ ].indexOf(_type_of$1(arg.aws_session_token)) > -1 && [
2198
+ "undefined",
2199
+ "string"
2200
+ ].indexOf(_type_of$1(arg.aws_account_id)) > -1;
2201
+ };
2202
+ var resolveStaticCredentials = function() {
2203
+ var _ref = _async_to_generator$3(function(profile, options) {
2204
+ var _options_logger, credentials;
2205
+ return _ts_generator$3(this, function(_state) {
2206
+ options === null || options === void 0 ? void 0 : (_options_logger = options.logger) === null || _options_logger === void 0 ? void 0 : _options_logger.debug("@aws-sdk/credential-provider-ini - resolveStaticCredentials");
2207
+ credentials = _object_spread({
2208
+ accessKeyId: profile.aws_access_key_id,
2209
+ secretAccessKey: profile.aws_secret_access_key,
2210
+ sessionToken: profile.aws_session_token
2211
+ }, profile.aws_credential_scope && {
2212
+ credentialScope: profile.aws_credential_scope
2213
+ }, profile.aws_account_id && {
2214
+ accountId: profile.aws_account_id
2215
+ });
2216
+ return [
2217
+ 2,
2218
+ setCredentialFeature(credentials, "CREDENTIALS_PROFILE", "n")
2219
+ ];
2220
+ });
2221
+ });
2222
+ return function resolveStaticCredentials(profile, options) {
2223
+ return _ref.apply(this, arguments);
2224
+ };
2225
+ }();
2226
+
2227
+ function asyncGeneratorStep$2(gen, resolve, reject, _next, _throw, key, arg) {
2228
+ try {
2229
+ var info = gen[key](arg);
2230
+ var value = info.value;
2231
+ } catch (error) {
2232
+ reject(error);
2233
+ return;
2234
+ }
2235
+ if (info.done) {
2236
+ resolve(value);
2237
+ } else {
2238
+ Promise.resolve(value).then(_next, _throw);
2239
+ }
2240
+ }
2241
+ function _async_to_generator$2(fn) {
2242
+ return function() {
2243
+ var self = this, args = arguments;
2244
+ return new Promise(function(resolve, reject) {
2245
+ var gen = fn.apply(self, args);
2246
+ function _next(value) {
2247
+ asyncGeneratorStep$2(gen, resolve, reject, _next, _throw, "next", value);
2248
+ }
2249
+ function _throw(err) {
2250
+ asyncGeneratorStep$2(gen, resolve, reject, _next, _throw, "throw", err);
2251
+ }
2252
+ _next(undefined);
2253
+ });
2254
+ };
2255
+ }
2256
+ function _type_of(obj) {
2257
+ "@swc/helpers - typeof";
2258
+ return obj && typeof Symbol !== "undefined" && obj.constructor === Symbol ? "symbol" : typeof obj;
2259
+ }
2260
+ function _ts_generator$2(thisArg, body) {
2261
+ var f, y, t, g, _ = {
2262
+ label: 0,
2263
+ sent: function() {
2264
+ if (t[0] & 1) throw t[1];
2265
+ return t[1];
2266
+ },
2267
+ trys: [],
2268
+ ops: []
2269
+ };
2270
+ return g = {
2271
+ next: verb(0),
2272
+ "throw": verb(1),
2273
+ "return": verb(2)
2274
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
2275
+ return this;
2276
+ }), g;
2277
+ function verb(n) {
2278
+ return function(v) {
2279
+ return step([
2280
+ n,
2281
+ v
2282
+ ]);
2283
+ };
2284
+ }
2285
+ function step(op) {
2286
+ if (f) throw new TypeError("Generator is already executing.");
2287
+ while(_)try {
2288
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
2289
+ if (y = 0, t) op = [
2290
+ op[0] & 2,
2291
+ t.value
2292
+ ];
2293
+ switch(op[0]){
2294
+ case 0:
2295
+ case 1:
2296
+ t = op;
2297
+ break;
2298
+ case 4:
2299
+ _.label++;
2300
+ return {
2301
+ value: op[1],
2302
+ done: false
2303
+ };
2304
+ case 5:
2305
+ _.label++;
2306
+ y = op[1];
2307
+ op = [
2308
+ 0
2309
+ ];
2310
+ continue;
2311
+ case 7:
2312
+ op = _.ops.pop();
2313
+ _.trys.pop();
2314
+ continue;
2315
+ default:
2316
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
2317
+ _ = 0;
2318
+ continue;
2319
+ }
2320
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
2321
+ _.label = op[1];
2322
+ break;
2323
+ }
2324
+ if (op[0] === 6 && _.label < t[1]) {
2325
+ _.label = t[1];
2326
+ t = op;
2327
+ break;
2328
+ }
2329
+ if (t && _.label < t[2]) {
2330
+ _.label = t[2];
2331
+ _.ops.push(op);
2332
+ break;
2333
+ }
2334
+ if (t[2]) _.ops.pop();
2335
+ _.trys.pop();
2336
+ continue;
2337
+ }
2338
+ op = body.call(thisArg, _);
2339
+ } catch (e) {
2340
+ op = [
2341
+ 6,
2342
+ e
2343
+ ];
2344
+ y = 0;
2345
+ } finally{
2346
+ f = t = 0;
2347
+ }
2348
+ if (op[0] & 5) throw op[1];
2349
+ return {
2350
+ value: op[0] ? op[1] : void 0,
2351
+ done: true
2352
+ };
2353
+ }
2354
+ }
2355
+ var isWebIdentityProfile = function(arg) {
2356
+ return Boolean(arg) && (typeof arg === "undefined" ? "undefined" : _type_of(arg)) === "object" && typeof arg.web_identity_token_file === "string" && typeof arg.role_arn === "string" && [
2357
+ "undefined",
2358
+ "string"
2359
+ ].indexOf(_type_of(arg.role_session_name)) > -1;
2360
+ };
2361
+ var resolveWebIdentityCredentials = function() {
2362
+ var _ref = _async_to_generator$2(function(profile, options, callerClientConfig) {
2363
+ return _ts_generator$2(this, function(_state) {
2364
+ return [
2365
+ 2,
2366
+ import('./index.esm19.js').then(function(param) {
2367
+ var fromTokenFile = param.fromTokenFile;
2368
+ return fromTokenFile({
2369
+ webIdentityTokenFile: profile.web_identity_token_file,
2370
+ roleArn: profile.role_arn,
2371
+ roleSessionName: profile.role_session_name,
2372
+ roleAssumerWithWebIdentity: options.roleAssumerWithWebIdentity,
2373
+ logger: options.logger,
2374
+ parentClientConfig: options.parentClientConfig
2375
+ })({
2376
+ callerClientConfig: callerClientConfig
2377
+ }).then(function(creds) {
2378
+ return setCredentialFeature(creds, "CREDENTIALS_PROFILE_STS_WEB_ID_TOKEN", "q");
2379
+ });
2380
+ })
2381
+ ];
2382
+ });
2383
+ });
2384
+ return function resolveWebIdentityCredentials(profile, options, callerClientConfig) {
2385
+ return _ref.apply(this, arguments);
2386
+ };
2387
+ }();
2388
+
2389
+ function asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, key, arg) {
2390
+ try {
2391
+ var info = gen[key](arg);
2392
+ var value = info.value;
2393
+ } catch (error) {
2394
+ reject(error);
2395
+ return;
2396
+ }
2397
+ if (info.done) {
2398
+ resolve(value);
2399
+ } else {
2400
+ Promise.resolve(value).then(_next, _throw);
2401
+ }
2402
+ }
2403
+ function _async_to_generator$1(fn) {
2404
+ return function() {
2405
+ var self = this, args = arguments;
2406
+ return new Promise(function(resolve, reject) {
2407
+ var gen = fn.apply(self, args);
2408
+ function _next(value) {
2409
+ asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, "next", value);
2410
+ }
2411
+ function _throw(err) {
2412
+ asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, "throw", err);
2413
+ }
2414
+ _next(undefined);
2415
+ });
2416
+ };
2417
+ }
2418
+ function _ts_generator$1(thisArg, body) {
2419
+ var f, y, t, g, _ = {
2420
+ label: 0,
2421
+ sent: function() {
2422
+ if (t[0] & 1) throw t[1];
2423
+ return t[1];
2424
+ },
2425
+ trys: [],
2426
+ ops: []
2427
+ };
2428
+ return g = {
2429
+ next: verb(0),
2430
+ "throw": verb(1),
2431
+ "return": verb(2)
2432
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
2433
+ return this;
2434
+ }), g;
2435
+ function verb(n) {
2436
+ return function(v) {
2437
+ return step([
2438
+ n,
2439
+ v
2440
+ ]);
2441
+ };
2442
+ }
2443
+ function step(op) {
2444
+ if (f) throw new TypeError("Generator is already executing.");
2445
+ while(_)try {
2446
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
2447
+ if (y = 0, t) op = [
2448
+ op[0] & 2,
2449
+ t.value
2450
+ ];
2451
+ switch(op[0]){
2452
+ case 0:
2453
+ case 1:
2454
+ t = op;
2455
+ break;
2456
+ case 4:
2457
+ _.label++;
2458
+ return {
2459
+ value: op[1],
2460
+ done: false
2461
+ };
2462
+ case 5:
2463
+ _.label++;
2464
+ y = op[1];
2465
+ op = [
2466
+ 0
2467
+ ];
2468
+ continue;
2469
+ case 7:
2470
+ op = _.ops.pop();
2471
+ _.trys.pop();
2472
+ continue;
2473
+ default:
2474
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
2475
+ _ = 0;
2476
+ continue;
2477
+ }
2478
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
2479
+ _.label = op[1];
2480
+ break;
2481
+ }
2482
+ if (op[0] === 6 && _.label < t[1]) {
2483
+ _.label = t[1];
2484
+ t = op;
2485
+ break;
2486
+ }
2487
+ if (t && _.label < t[2]) {
2488
+ _.label = t[2];
2489
+ _.ops.push(op);
2490
+ break;
2491
+ }
2492
+ if (t[2]) _.ops.pop();
2493
+ _.trys.pop();
2494
+ continue;
2495
+ }
2496
+ op = body.call(thisArg, _);
2497
+ } catch (e) {
2498
+ op = [
2499
+ 6,
2500
+ e
2501
+ ];
2502
+ y = 0;
2503
+ } finally{
2504
+ f = t = 0;
2505
+ }
2506
+ if (op[0] & 5) throw op[1];
2507
+ return {
2508
+ value: op[0] ? op[1] : void 0,
2509
+ done: true
2510
+ };
2511
+ }
2512
+ }
2513
+ var resolveProfileData = function() {
2514
+ var _ref = _async_to_generator$1(function(profileName, profiles, options, callerClientConfig) {
2515
+ var visitedProfiles, isAssumeRoleRecursiveCall, data;
2516
+ var _arguments = arguments;
2517
+ return _ts_generator$1(this, function(_state) {
2518
+ switch(_state.label){
2519
+ case 0:
2520
+ visitedProfiles = _arguments.length > 4 && _arguments[4] !== void 0 ? _arguments[4] : {}, isAssumeRoleRecursiveCall = _arguments.length > 5 && _arguments[5] !== void 0 ? _arguments[5] : false;
2521
+ data = profiles[profileName];
2522
+ if (Object.keys(visitedProfiles).length > 0 && isStaticCredsProfile(data)) {
2523
+ return [
2524
+ 2,
2525
+ resolveStaticCredentials(data, options)
2526
+ ];
2527
+ }
2528
+ if (isAssumeRoleRecursiveCall || isAssumeRoleProfile(data, {
2529
+ profile: profileName,
2530
+ logger: options.logger
2531
+ })) {
2532
+ return [
2533
+ 2,
2534
+ resolveAssumeRoleCredentials(profileName, profiles, options, callerClientConfig, visitedProfiles, resolveProfileData)
2535
+ ];
2536
+ }
2537
+ if (isStaticCredsProfile(data)) {
2538
+ return [
2539
+ 2,
2540
+ resolveStaticCredentials(data, options)
2541
+ ];
2542
+ }
2543
+ if (isWebIdentityProfile(data)) {
2544
+ return [
2545
+ 2,
2546
+ resolveWebIdentityCredentials(data, options, callerClientConfig)
2547
+ ];
2548
+ }
2549
+ if (isProcessProfile(data)) {
2550
+ return [
2551
+ 2,
2552
+ resolveProcessCredentials(options, profileName)
2553
+ ];
2554
+ }
2555
+ if (!isSsoProfile(data)) return [
2556
+ 3,
2557
+ 2
2558
+ ];
2559
+ return [
2560
+ 4,
2561
+ resolveSsoCredentials(profileName, data, options, callerClientConfig)
2562
+ ];
2563
+ case 1:
2564
+ return [
2565
+ 2,
2566
+ _state.sent()
2567
+ ];
2568
+ case 2:
2569
+ if (isLoginProfile(data)) {
2570
+ return [
2571
+ 2,
2572
+ resolveLoginCredentials(profileName, options, callerClientConfig)
2573
+ ];
2574
+ }
2575
+ throw new CredentialsProviderError("Could not resolve credentials using profile: [".concat(profileName, "] in configuration/credentials file(s)."), {
2576
+ logger: options.logger
2577
+ });
2578
+ }
2579
+ });
2580
+ });
2581
+ return function resolveProfileData(profileName, profiles, options, callerClientConfig) {
279
2582
  return _ref.apply(this, arguments);
280
2583
  };
281
2584
  }();
@@ -404,7 +2707,7 @@ function _ts_generator(thisArg, body) {
404
2707
  };
405
2708
  }
406
2709
  }
407
- var fromProcess = function() {
2710
+ var fromIni = function() {
408
2711
  var init = arguments.length > 0 && arguments[0] !== void 0 ? arguments[0] : {};
409
2712
  return /*#__PURE__*/ _async_to_generator(function() {
410
2713
  var callerClientConfig, _init_logger, profiles, _init_profile;
@@ -413,7 +2716,7 @@ var fromProcess = function() {
413
2716
  switch(_state.label){
414
2717
  case 0:
415
2718
  callerClientConfig = (_arguments.length > 0 && _arguments[0] !== void 0 ? _arguments[0] : {}).callerClientConfig;
416
- (_init_logger = init.logger) === null || _init_logger === void 0 ? void 0 : _init_logger.debug("@aws-sdk/credential-provider-process - fromProcess");
2719
+ (_init_logger = init.logger) === null || _init_logger === void 0 ? void 0 : _init_logger.debug("@aws-sdk/credential-provider-ini - fromIni");
417
2720
  return [
418
2721
  4,
419
2722
  parseKnownFiles(init)
@@ -422,13 +2725,13 @@ var fromProcess = function() {
422
2725
  profiles = _state.sent();
423
2726
  return [
424
2727
  2,
425
- resolveProcessCredentials(getProfileName({
2728
+ resolveProfileData(getProfileName({
426
2729
  profile: (_init_profile = init.profile) !== null && _init_profile !== void 0 ? _init_profile : callerClientConfig === null || callerClientConfig === void 0 ? void 0 : callerClientConfig.profile
427
- }), profiles, init.logger)
2730
+ }), profiles, init, callerClientConfig)
428
2731
  ];
429
2732
  }
430
2733
  });
431
2734
  });
432
2735
  };
433
2736
 
434
- export { fromProcess };
2737
+ export { fromIni };