@digipair/skill-s3 0.136.3 → 0.136.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (34) hide show
  1. package/dist/AwsRestJsonProtocol.esm.js +208 -123
  2. package/dist/externalDataInterceptor.esm.js +1 -1
  3. package/dist/getSSOTokenFromFile.esm.js +4 -4
  4. package/dist/index.esm.js +10 -8
  5. package/dist/index.esm10.js +81 -89
  6. package/dist/index.esm11.js +659 -420
  7. package/dist/index.esm12.js +231 -1138
  8. package/dist/index.esm13.js +896 -1600
  9. package/dist/index.esm14.js +210 -0
  10. package/dist/index.esm15.js +4780 -0
  11. package/dist/index.esm16.js +2057 -0
  12. package/dist/index.esm17.js +434 -0
  13. package/dist/index.esm18.js +1265 -0
  14. package/dist/index.esm19.js +456 -0
  15. package/dist/index.esm2.js +58503 -11
  16. package/dist/index.esm20.js +4885 -0
  17. package/dist/index.esm3.js +787 -51789
  18. package/dist/index.esm4.js +1154 -88
  19. package/dist/index.esm5.js +268 -4827
  20. package/dist/index.esm6.js +954 -951
  21. package/dist/index.esm7.js +2425 -119
  22. package/dist/index.esm8.js +124 -426
  23. package/dist/index.esm9.js +123 -2399
  24. package/dist/loadSso.esm.js +4966 -187
  25. package/dist/loadSso.esm2.js +6584 -0
  26. package/dist/{package.esm.js → loadSsoSessionData.esm.js} +155 -122
  27. package/dist/noAuth.esm.js +165 -0
  28. package/dist/parseKnownFiles.esm.js +1 -1
  29. package/dist/src/index.d.ts +2 -0
  30. package/dist/src/index.d.ts.map +1 -0
  31. package/dist/src/lib/skill-s3.d.ts +6 -0
  32. package/dist/src/lib/skill-s3.d.ts.map +1 -0
  33. package/package.json +1 -1
  34. package/dist/create-aggregated-client.esm.js +0 -366
package/dist/index.esm4.js CHANGED
@@ -1,18 +1,603 @@
1
- import { s as setCredentialFeature, C as CredentialsProviderError } from './index.esm3.js';
2
- import { readFileSync } from 'node:fs';
3
- import { e as externalDataInterceptor } from './externalDataInterceptor.esm.js';
4
- import 'node:crypto';
5
- import 'node:path';
6
- import 'node:os';
1
+ import { parse } from 'url';
2
+ import { Buffer } from 'buffer';
3
+ import { request } from 'http';
4
+ import { P as ProviderError, C as CredentialsProviderError, p as parseUrl, l as loadConfig } from './index.esm2.js';
5
+ import 'path';
6
+ import 'os';
7
7
  import 'node:fs/promises';
8
+ import 'stream';
9
+ import 'crypto';
8
10
  import 'node:stream';
9
- import 'node:process';
10
- import 'buffer';
11
- import 'node:https';
12
- import 'node:zlib';
13
- import './getSSOTokenFromFile.esm.js';
11
+ import 'https';
12
+ import 'process';
13
+ import 'node:fs';
14
+ import 'zlib';
14
15
 
15
- function asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, key, arg) {
16
+ function _define_property$5(obj, key, value) {
17
+ if (key in obj) {
18
+ Object.defineProperty(obj, key, {
19
+ value: value,
20
+ enumerable: true,
21
+ configurable: true,
22
+ writable: true
23
+ });
24
+ } else {
25
+ obj[key] = value;
26
+ }
27
+ return obj;
28
+ }
29
+ function _object_spread$4(target) {
30
+ for(var i = 1; i < arguments.length; i++){
31
+ var source = arguments[i] != null ? arguments[i] : {};
32
+ var ownKeys = Object.keys(source);
33
+ if (typeof Object.getOwnPropertySymbols === "function") {
34
+ ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
35
+ return Object.getOwnPropertyDescriptor(source, sym).enumerable;
36
+ }));
37
+ }
38
+ ownKeys.forEach(function(key) {
39
+ _define_property$5(target, key, source[key]);
40
+ });
41
+ }
42
+ return target;
43
+ }
44
+ function ownKeys$3(object, enumerableOnly) {
45
+ var keys = Object.keys(object);
46
+ if (Object.getOwnPropertySymbols) {
47
+ var symbols = Object.getOwnPropertySymbols(object);
48
+ keys.push.apply(keys, symbols);
49
+ }
50
+ return keys;
51
+ }
52
+ function _object_spread_props$3(target, source) {
53
+ source = source != null ? source : {};
54
+ if (Object.getOwnPropertyDescriptors) {
55
+ Object.defineProperties(target, Object.getOwnPropertyDescriptors(source));
56
+ } else {
57
+ ownKeys$3(Object(source)).forEach(function(key) {
58
+ Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key));
59
+ });
60
+ }
61
+ return target;
62
+ }
63
+ function httpRequest(options) {
64
+ return new Promise(function(resolve, reject) {
65
+ var _options_hostname;
66
+ var req = request(_object_spread_props$3(_object_spread$4({
67
+ method: "GET"
68
+ }, options), {
69
+ hostname: (_options_hostname = options.hostname) === null || _options_hostname === void 0 ? void 0 : _options_hostname.replace(/^\[(.+)\]$/, "$1")
70
+ }));
71
+ req.on("error", function(err) {
72
+ reject(Object.assign(new ProviderError("Unable to connect to instance metadata service"), err));
73
+ req.destroy();
74
+ });
75
+ req.on("timeout", function() {
76
+ reject(new ProviderError("TimeoutError from instance metadata service"));
77
+ req.destroy();
78
+ });
79
+ req.on("response", function(res) {
80
+ var _res_statusCode = res.statusCode, statusCode = _res_statusCode === void 0 ? 400 : _res_statusCode;
81
+ if (statusCode < 200 || 300 <= statusCode) {
82
+ reject(Object.assign(new ProviderError("Error response received from instance metadata service"), {
83
+ statusCode: statusCode
84
+ }));
85
+ req.destroy();
86
+ }
87
+ var chunks = [];
88
+ res.on("data", function(chunk) {
89
+ chunks.push(chunk);
90
+ });
91
+ res.on("end", function() {
92
+ resolve(Buffer.concat(chunks));
93
+ req.destroy();
94
+ });
95
+ });
96
+ req.end();
97
+ });
98
+ }
99
+
100
+ function _define_property$4(obj, key, value) {
101
+ if (key in obj) {
102
+ Object.defineProperty(obj, key, {
103
+ value: value,
104
+ enumerable: true,
105
+ configurable: true,
106
+ writable: true
107
+ });
108
+ } else {
109
+ obj[key] = value;
110
+ }
111
+ return obj;
112
+ }
113
+ function _object_spread$3(target) {
114
+ for(var i = 1; i < arguments.length; i++){
115
+ var source = arguments[i] != null ? arguments[i] : {};
116
+ var ownKeys = Object.keys(source);
117
+ if (typeof Object.getOwnPropertySymbols === "function") {
118
+ ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
119
+ return Object.getOwnPropertyDescriptor(source, sym).enumerable;
120
+ }));
121
+ }
122
+ ownKeys.forEach(function(key) {
123
+ _define_property$4(target, key, source[key]);
124
+ });
125
+ }
126
+ return target;
127
+ }
128
+ function _type_of$1(obj) {
129
+ "@swc/helpers - typeof";
130
+ return obj && typeof Symbol !== "undefined" && obj.constructor === Symbol ? "symbol" : typeof obj;
131
+ }
132
+ var isImdsCredentials = function(arg) {
133
+ return Boolean(arg) && (typeof arg === "undefined" ? "undefined" : _type_of$1(arg)) === "object" && typeof arg.AccessKeyId === "string" && typeof arg.SecretAccessKey === "string" && typeof arg.Token === "string" && typeof arg.Expiration === "string";
134
+ };
135
+ var fromImdsCredentials = function(creds) {
136
+ return _object_spread$3({
137
+ accessKeyId: creds.AccessKeyId,
138
+ secretAccessKey: creds.SecretAccessKey,
139
+ sessionToken: creds.Token,
140
+ expiration: new Date(creds.Expiration)
141
+ }, creds.AccountId && {
142
+ accountId: creds.AccountId
143
+ });
144
+ };
145
+
146
+ var DEFAULT_TIMEOUT = 1000;
147
+ var DEFAULT_MAX_RETRIES = 0;
148
+ var providerConfigFromInit = function(param) {
149
+ var _param_maxRetries = param.maxRetries, maxRetries = _param_maxRetries === void 0 ? DEFAULT_MAX_RETRIES : _param_maxRetries, _param_timeout = param.timeout, timeout = _param_timeout === void 0 ? DEFAULT_TIMEOUT : _param_timeout;
150
+ return {
151
+ maxRetries: maxRetries,
152
+ timeout: timeout
153
+ };
154
+ };
155
+
156
+ var retry = function(toRetry, maxRetries) {
157
+ var promise = toRetry();
158
+ for(var i = 0; i < maxRetries; i++){
159
+ promise = promise.catch(toRetry);
160
+ }
161
+ return promise;
162
+ };
163
+
164
+ function asyncGeneratorStep$3(gen, resolve, reject, _next, _throw, key, arg) {
165
+ try {
166
+ var info = gen[key](arg);
167
+ var value = info.value;
168
+ } catch (error) {
169
+ reject(error);
170
+ return;
171
+ }
172
+ if (info.done) {
173
+ resolve(value);
174
+ } else {
175
+ Promise.resolve(value).then(_next, _throw);
176
+ }
177
+ }
178
+ function _async_to_generator$3(fn) {
179
+ return function() {
180
+ var self = this, args = arguments;
181
+ return new Promise(function(resolve, reject) {
182
+ var gen = fn.apply(self, args);
183
+ function _next(value) {
184
+ asyncGeneratorStep$3(gen, resolve, reject, _next, _throw, "next", value);
185
+ }
186
+ function _throw(err) {
187
+ asyncGeneratorStep$3(gen, resolve, reject, _next, _throw, "throw", err);
188
+ }
189
+ _next(undefined);
190
+ });
191
+ };
192
+ }
193
+ function _define_property$3(obj, key, value) {
194
+ if (key in obj) {
195
+ Object.defineProperty(obj, key, {
196
+ value: value,
197
+ enumerable: true,
198
+ configurable: true,
199
+ writable: true
200
+ });
201
+ } else {
202
+ obj[key] = value;
203
+ }
204
+ return obj;
205
+ }
206
+ function _object_spread$2(target) {
207
+ for(var i = 1; i < arguments.length; i++){
208
+ var source = arguments[i] != null ? arguments[i] : {};
209
+ var ownKeys = Object.keys(source);
210
+ if (typeof Object.getOwnPropertySymbols === "function") {
211
+ ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
212
+ return Object.getOwnPropertyDescriptor(source, sym).enumerable;
213
+ }));
214
+ }
215
+ ownKeys.forEach(function(key) {
216
+ _define_property$3(target, key, source[key]);
217
+ });
218
+ }
219
+ return target;
220
+ }
221
+ function ownKeys$2(object, enumerableOnly) {
222
+ var keys = Object.keys(object);
223
+ if (Object.getOwnPropertySymbols) {
224
+ var symbols = Object.getOwnPropertySymbols(object);
225
+ keys.push.apply(keys, symbols);
226
+ }
227
+ return keys;
228
+ }
229
+ function _object_spread_props$2(target, source) {
230
+ source = source != null ? source : {};
231
+ if (Object.getOwnPropertyDescriptors) {
232
+ Object.defineProperties(target, Object.getOwnPropertyDescriptors(source));
233
+ } else {
234
+ ownKeys$2(Object(source)).forEach(function(key) {
235
+ Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key));
236
+ });
237
+ }
238
+ return target;
239
+ }
240
+ function _ts_generator$3(thisArg, body) {
241
+ var f, y, t, g, _ = {
242
+ label: 0,
243
+ sent: function() {
244
+ if (t[0] & 1) throw t[1];
245
+ return t[1];
246
+ },
247
+ trys: [],
248
+ ops: []
249
+ };
250
+ return g = {
251
+ next: verb(0),
252
+ "throw": verb(1),
253
+ "return": verb(2)
254
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
255
+ return this;
256
+ }), g;
257
+ function verb(n) {
258
+ return function(v) {
259
+ return step([
260
+ n,
261
+ v
262
+ ]);
263
+ };
264
+ }
265
+ function step(op) {
266
+ if (f) throw new TypeError("Generator is already executing.");
267
+ while(_)try {
268
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
269
+ if (y = 0, t) op = [
270
+ op[0] & 2,
271
+ t.value
272
+ ];
273
+ switch(op[0]){
274
+ case 0:
275
+ case 1:
276
+ t = op;
277
+ break;
278
+ case 4:
279
+ _.label++;
280
+ return {
281
+ value: op[1],
282
+ done: false
283
+ };
284
+ case 5:
285
+ _.label++;
286
+ y = op[1];
287
+ op = [
288
+ 0
289
+ ];
290
+ continue;
291
+ case 7:
292
+ op = _.ops.pop();
293
+ _.trys.pop();
294
+ continue;
295
+ default:
296
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
297
+ _ = 0;
298
+ continue;
299
+ }
300
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
301
+ _.label = op[1];
302
+ break;
303
+ }
304
+ if (op[0] === 6 && _.label < t[1]) {
305
+ _.label = t[1];
306
+ t = op;
307
+ break;
308
+ }
309
+ if (t && _.label < t[2]) {
310
+ _.label = t[2];
311
+ _.ops.push(op);
312
+ break;
313
+ }
314
+ if (t[2]) _.ops.pop();
315
+ _.trys.pop();
316
+ continue;
317
+ }
318
+ op = body.call(thisArg, _);
319
+ } catch (e) {
320
+ op = [
321
+ 6,
322
+ e
323
+ ];
324
+ y = 0;
325
+ } finally{
326
+ f = t = 0;
327
+ }
328
+ if (op[0] & 5) throw op[1];
329
+ return {
330
+ value: op[0] ? op[1] : void 0,
331
+ done: true
332
+ };
333
+ }
334
+ }
335
+ var ENV_CMDS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI";
336
+ var ENV_CMDS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI";
337
+ var ENV_CMDS_AUTH_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN";
338
+ var fromContainerMetadata = function() {
339
+ var init = arguments.length > 0 && arguments[0] !== void 0 ? arguments[0] : {};
340
+ var _providerConfigFromInit = providerConfigFromInit(init), timeout = _providerConfigFromInit.timeout, maxRetries = _providerConfigFromInit.maxRetries;
341
+ return function() {
342
+ return retry(/*#__PURE__*/ _async_to_generator$3(function() {
343
+ var requestOptions, credsResponse, _;
344
+ return _ts_generator$3(this, function(_state) {
345
+ switch(_state.label){
346
+ case 0:
347
+ return [
348
+ 4,
349
+ getCmdsUri({
350
+ logger: init.logger
351
+ })
352
+ ];
353
+ case 1:
354
+ requestOptions = _state.sent();
355
+ _ = JSON.parse;
356
+ return [
357
+ 4,
358
+ requestFromEcsImds(timeout, requestOptions)
359
+ ];
360
+ case 2:
361
+ credsResponse = _.apply(JSON, [
362
+ _state.sent()
363
+ ]);
364
+ if (!isImdsCredentials(credsResponse)) {
365
+ throw new CredentialsProviderError("Invalid response received from instance metadata service.", {
366
+ logger: init.logger
367
+ });
368
+ }
369
+ return [
370
+ 2,
371
+ fromImdsCredentials(credsResponse)
372
+ ];
373
+ }
374
+ });
375
+ }), maxRetries);
376
+ };
377
+ };
378
+ var requestFromEcsImds = function() {
379
+ var _ref = _async_to_generator$3(function(timeout, options) {
380
+ var buffer;
381
+ return _ts_generator$3(this, function(_state) {
382
+ switch(_state.label){
383
+ case 0:
384
+ if (process.env[ENV_CMDS_AUTH_TOKEN]) {
385
+ options.headers = _object_spread_props$2(_object_spread$2({}, options.headers), {
386
+ Authorization: process.env[ENV_CMDS_AUTH_TOKEN]
387
+ });
388
+ }
389
+ return [
390
+ 4,
391
+ httpRequest(_object_spread_props$2(_object_spread$2({}, options), {
392
+ timeout: timeout
393
+ }))
394
+ ];
395
+ case 1:
396
+ buffer = _state.sent();
397
+ return [
398
+ 2,
399
+ buffer.toString()
400
+ ];
401
+ }
402
+ });
403
+ });
404
+ return function requestFromEcsImds(timeout, options) {
405
+ return _ref.apply(this, arguments);
406
+ };
407
+ }();
408
+ var CMDS_IP = "169.254.170.2";
409
+ var GREENGRASS_HOSTS = {
410
+ localhost: true,
411
+ "127.0.0.1": true
412
+ };
413
+ var GREENGRASS_PROTOCOLS = {
414
+ "http:": true,
415
+ "https:": true
416
+ };
417
+ var getCmdsUri = function() {
418
+ var _ref = _async_to_generator$3(function(param) {
419
+ var logger, parsed;
420
+ return _ts_generator$3(this, function(_state) {
421
+ logger = param.logger;
422
+ if (process.env[ENV_CMDS_RELATIVE_URI]) {
423
+ return [
424
+ 2,
425
+ {
426
+ hostname: CMDS_IP,
427
+ path: process.env[ENV_CMDS_RELATIVE_URI]
428
+ }
429
+ ];
430
+ }
431
+ if (process.env[ENV_CMDS_FULL_URI]) {
432
+ parsed = parse(process.env[ENV_CMDS_FULL_URI]);
433
+ if (!parsed.hostname || !(parsed.hostname in GREENGRASS_HOSTS)) {
434
+ throw new CredentialsProviderError("".concat(parsed.hostname, " is not a valid container metadata service hostname"), {
435
+ tryNextLink: false,
436
+ logger: logger
437
+ });
438
+ }
439
+ if (!parsed.protocol || !(parsed.protocol in GREENGRASS_PROTOCOLS)) {
440
+ throw new CredentialsProviderError("".concat(parsed.protocol, " is not a valid container metadata service protocol"), {
441
+ tryNextLink: false,
442
+ logger: logger
443
+ });
444
+ }
445
+ return [
446
+ 2,
447
+ _object_spread_props$2(_object_spread$2({}, parsed), {
448
+ port: parsed.port ? parseInt(parsed.port, 10) : undefined
449
+ })
450
+ ];
451
+ }
452
+ throw new CredentialsProviderError("The container metadata credential provider cannot be used unless" + " the ".concat(ENV_CMDS_RELATIVE_URI, " or ").concat(ENV_CMDS_FULL_URI, " environment") + " variable is set", {
453
+ tryNextLink: false,
454
+ logger: logger
455
+ });
456
+ });
457
+ });
458
+ return function getCmdsUri(_) {
459
+ return _ref.apply(this, arguments);
460
+ };
461
+ }();
462
+
463
+ function _assert_this_initialized(self) {
464
+ if (self === void 0) {
465
+ throw new ReferenceError("this hasn't been initialised - super() hasn't been called");
466
+ }
467
+ return self;
468
+ }
469
+ function _class_call_check(instance, Constructor) {
470
+ if (!(instance instanceof Constructor)) {
471
+ throw new TypeError("Cannot call a class as a function");
472
+ }
473
+ }
474
+ function _define_property$2(obj, key, value) {
475
+ if (key in obj) {
476
+ Object.defineProperty(obj, key, {
477
+ value: value,
478
+ enumerable: true,
479
+ configurable: true,
480
+ writable: true
481
+ });
482
+ } else {
483
+ obj[key] = value;
484
+ }
485
+ return obj;
486
+ }
487
+ function _get_prototype_of(o) {
488
+ _get_prototype_of = Object.setPrototypeOf ? Object.getPrototypeOf : function getPrototypeOf(o) {
489
+ return o.__proto__ || Object.getPrototypeOf(o);
490
+ };
491
+ return _get_prototype_of(o);
492
+ }
493
+ function _inherits(subClass, superClass) {
494
+ if (typeof superClass !== "function" && superClass !== null) {
495
+ throw new TypeError("Super expression must either be null or a function");
496
+ }
497
+ subClass.prototype = Object.create(superClass && superClass.prototype, {
498
+ constructor: {
499
+ value: subClass,
500
+ writable: true,
501
+ configurable: true
502
+ }
503
+ });
504
+ if (superClass) _set_prototype_of(subClass, superClass);
505
+ }
506
+ function _possible_constructor_return(self, call) {
507
+ if (call && (_type_of(call) === "object" || typeof call === "function")) {
508
+ return call;
509
+ }
510
+ return _assert_this_initialized(self);
511
+ }
512
+ function _set_prototype_of(o, p) {
513
+ _set_prototype_of = Object.setPrototypeOf || function setPrototypeOf(o, p) {
514
+ o.__proto__ = p;
515
+ return o;
516
+ };
517
+ return _set_prototype_of(o, p);
518
+ }
519
+ function _type_of(obj) {
520
+ "@swc/helpers - typeof";
521
+ return obj && typeof Symbol !== "undefined" && obj.constructor === Symbol ? "symbol" : typeof obj;
522
+ }
523
+ function _is_native_reflect_construct() {
524
+ if (typeof Reflect === "undefined" || !Reflect.construct) return false;
525
+ if (Reflect.construct.sham) return false;
526
+ if (typeof Proxy === "function") return true;
527
+ try {
528
+ Boolean.prototype.valueOf.call(Reflect.construct(Boolean, [], function() {}));
529
+ return true;
530
+ } catch (e) {
531
+ return false;
532
+ }
533
+ }
534
+ function _create_super(Derived) {
535
+ var hasNativeReflectConstruct = _is_native_reflect_construct();
536
+ return function _createSuperInternal() {
537
+ var Super = _get_prototype_of(Derived), result;
538
+ if (hasNativeReflectConstruct) {
539
+ var NewTarget = _get_prototype_of(this).constructor;
540
+ result = Reflect.construct(Super, arguments, NewTarget);
541
+ } else {
542
+ result = Super.apply(this, arguments);
543
+ }
544
+ return _possible_constructor_return(this, result);
545
+ };
546
+ }
547
+ var InstanceMetadataV1FallbackError = /*#__PURE__*/ function(CredentialsProviderError) {
548
+ _inherits(InstanceMetadataV1FallbackError, CredentialsProviderError);
549
+ var _super = _create_super(InstanceMetadataV1FallbackError);
550
+ function InstanceMetadataV1FallbackError(message) {
551
+ var tryNextLink = arguments.length > 1 && arguments[1] !== void 0 ? arguments[1] : true;
552
+ _class_call_check(this, InstanceMetadataV1FallbackError);
553
+ var _this;
554
+ _this = _super.call(this, message, tryNextLink);
555
+ _define_property$2(_assert_this_initialized(_this), "tryNextLink", void 0);
556
+ _define_property$2(_assert_this_initialized(_this), "name", "InstanceMetadataV1FallbackError");
557
+ _this.tryNextLink = tryNextLink;
558
+ Object.setPrototypeOf(_assert_this_initialized(_this), InstanceMetadataV1FallbackError.prototype);
559
+ return _this;
560
+ }
561
+ return InstanceMetadataV1FallbackError;
562
+ }(CredentialsProviderError);
563
+
564
+ var Endpoint;
565
+ (function(Endpoint) {
566
+ Endpoint["IPv4"] = "http://169.254.169.254";
567
+ Endpoint["IPv6"] = "http://[fd00:ec2::254]";
568
+ })(Endpoint || (Endpoint = {}));
569
+
570
+ var ENV_ENDPOINT_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT";
571
+ var CONFIG_ENDPOINT_NAME = "ec2_metadata_service_endpoint";
572
+ var ENDPOINT_CONFIG_OPTIONS = {
573
+ environmentVariableSelector: function(env) {
574
+ return env[ENV_ENDPOINT_NAME];
575
+ },
576
+ configFileSelector: function(profile) {
577
+ return profile[CONFIG_ENDPOINT_NAME];
578
+ },
579
+ default: undefined
580
+ };
581
+
582
+ var EndpointMode;
583
+ (function(EndpointMode) {
584
+ EndpointMode["IPv4"] = "IPv4";
585
+ EndpointMode["IPv6"] = "IPv6";
586
+ })(EndpointMode || (EndpointMode = {}));
587
+
588
+ var ENV_ENDPOINT_MODE_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE";
589
+ var CONFIG_ENDPOINT_MODE_NAME = "ec2_metadata_service_endpoint_mode";
590
+ var ENDPOINT_MODE_CONFIG_OPTIONS = {
591
+ environmentVariableSelector: function(env) {
592
+ return env[ENV_ENDPOINT_MODE_NAME];
593
+ },
594
+ configFileSelector: function(profile) {
595
+ return profile[CONFIG_ENDPOINT_MODE_NAME];
596
+ },
597
+ default: EndpointMode.IPv4
598
+ };
599
+
600
+ function asyncGeneratorStep$2(gen, resolve, reject, _next, _throw, key, arg) {
16
601
  try {
17
602
  var info = gen[key](arg);
18
603
  var value = info.value;
@@ -26,21 +611,200 @@ function asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, key, arg) {
26
611
  Promise.resolve(value).then(_next, _throw);
27
612
  }
28
613
  }
29
- function _async_to_generator$1(fn) {
614
+ function _async_to_generator$2(fn) {
30
615
  return function() {
31
616
  var self = this, args = arguments;
32
617
  return new Promise(function(resolve, reject) {
33
618
  var gen = fn.apply(self, args);
34
619
  function _next(value) {
35
- asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, "next", value);
620
+ asyncGeneratorStep$2(gen, resolve, reject, _next, _throw, "next", value);
36
621
  }
37
622
  function _throw(err) {
38
- asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, "throw", err);
623
+ asyncGeneratorStep$2(gen, resolve, reject, _next, _throw, "throw", err);
39
624
  }
40
625
  _next(undefined);
41
626
  });
42
627
  };
43
628
  }
629
+ function _ts_generator$2(thisArg, body) {
630
+ var f, y, t, g, _ = {
631
+ label: 0,
632
+ sent: function() {
633
+ if (t[0] & 1) throw t[1];
634
+ return t[1];
635
+ },
636
+ trys: [],
637
+ ops: []
638
+ };
639
+ return g = {
640
+ next: verb(0),
641
+ "throw": verb(1),
642
+ "return": verb(2)
643
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
644
+ return this;
645
+ }), g;
646
+ function verb(n) {
647
+ return function(v) {
648
+ return step([
649
+ n,
650
+ v
651
+ ]);
652
+ };
653
+ }
654
+ function step(op) {
655
+ if (f) throw new TypeError("Generator is already executing.");
656
+ while(_)try {
657
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
658
+ if (y = 0, t) op = [
659
+ op[0] & 2,
660
+ t.value
661
+ ];
662
+ switch(op[0]){
663
+ case 0:
664
+ case 1:
665
+ t = op;
666
+ break;
667
+ case 4:
668
+ _.label++;
669
+ return {
670
+ value: op[1],
671
+ done: false
672
+ };
673
+ case 5:
674
+ _.label++;
675
+ y = op[1];
676
+ op = [
677
+ 0
678
+ ];
679
+ continue;
680
+ case 7:
681
+ op = _.ops.pop();
682
+ _.trys.pop();
683
+ continue;
684
+ default:
685
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
686
+ _ = 0;
687
+ continue;
688
+ }
689
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
690
+ _.label = op[1];
691
+ break;
692
+ }
693
+ if (op[0] === 6 && _.label < t[1]) {
694
+ _.label = t[1];
695
+ t = op;
696
+ break;
697
+ }
698
+ if (t && _.label < t[2]) {
699
+ _.label = t[2];
700
+ _.ops.push(op);
701
+ break;
702
+ }
703
+ if (t[2]) _.ops.pop();
704
+ _.trys.pop();
705
+ continue;
706
+ }
707
+ op = body.call(thisArg, _);
708
+ } catch (e) {
709
+ op = [
710
+ 6,
711
+ e
712
+ ];
713
+ y = 0;
714
+ } finally{
715
+ f = t = 0;
716
+ }
717
+ if (op[0] & 5) throw op[1];
718
+ return {
719
+ value: op[0] ? op[1] : void 0,
720
+ done: true
721
+ };
722
+ }
723
+ }
724
+ var getInstanceMetadataEndpoint = function() {
725
+ var _ref = _async_to_generator$2(function() {
726
+ var _tmp;
727
+ return _ts_generator$2(this, function(_state) {
728
+ switch(_state.label){
729
+ case 0:
730
+ return [
731
+ 4,
732
+ getFromEndpointConfig()
733
+ ];
734
+ case 1:
735
+ _tmp = _state.sent();
736
+ if (_tmp) return [
737
+ 3,
738
+ 3
739
+ ];
740
+ return [
741
+ 4,
742
+ getFromEndpointModeConfig()
743
+ ];
744
+ case 2:
745
+ _tmp = _state.sent();
746
+ _state.label = 3;
747
+ case 3:
748
+ return [
749
+ 2,
750
+ parseUrl.apply(void 0, [
751
+ _tmp
752
+ ])
753
+ ];
754
+ }
755
+ });
756
+ });
757
+ return function getInstanceMetadataEndpoint() {
758
+ return _ref.apply(this, arguments);
759
+ };
760
+ }();
761
+ var getFromEndpointConfig = function() {
762
+ var _ref = _async_to_generator$2(function() {
763
+ return _ts_generator$2(this, function(_state) {
764
+ return [
765
+ 2,
766
+ loadConfig(ENDPOINT_CONFIG_OPTIONS)()
767
+ ];
768
+ });
769
+ });
770
+ return function getFromEndpointConfig() {
771
+ return _ref.apply(this, arguments);
772
+ };
773
+ }();
774
+ var getFromEndpointModeConfig = function() {
775
+ var _ref = _async_to_generator$2(function() {
776
+ var endpointMode;
777
+ return _ts_generator$2(this, function(_state) {
778
+ switch(_state.label){
779
+ case 0:
780
+ return [
781
+ 4,
782
+ loadConfig(ENDPOINT_MODE_CONFIG_OPTIONS)()
783
+ ];
784
+ case 1:
785
+ endpointMode = _state.sent();
786
+ switch(endpointMode){
787
+ case EndpointMode.IPv4:
788
+ return [
789
+ 2,
790
+ Endpoint.IPv4
791
+ ];
792
+ case EndpointMode.IPv6:
793
+ return [
794
+ 2,
795
+ Endpoint.IPv6
796
+ ];
797
+ default:
798
+ throw new Error("Unsupported endpoint mode: ".concat(endpointMode, ".") + " Select from ".concat(Object.values(EndpointMode)));
799
+ }
800
+ }
801
+ });
802
+ });
803
+ return function getFromEndpointModeConfig() {
804
+ return _ref.apply(this, arguments);
805
+ };
806
+ }();
807
+
44
808
  function _define_property$1(obj, key, value) {
45
809
  if (key in obj) {
46
810
  Object.defineProperty(obj, key, {
@@ -88,6 +852,51 @@ function _object_spread_props$1(target, source) {
88
852
  }
89
853
  return target;
90
854
  }
855
+ var STATIC_STABILITY_REFRESH_INTERVAL_SECONDS = 5 * 60;
856
+ var STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS = 5 * 60;
857
+ var STATIC_STABILITY_DOC_URL = "https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html";
858
+ var getExtendedInstanceMetadataCredentials = function(credentials, logger) {
859
+ var refreshInterval = STATIC_STABILITY_REFRESH_INTERVAL_SECONDS + Math.floor(Math.random() * STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS);
860
+ var newExpiration = new Date(Date.now() + refreshInterval * 1000);
861
+ logger.warn("Attempting credential expiration extension due to a credential service availability issue. A refresh of these " + "credentials will be attempted after ".concat(new Date(newExpiration), ".\nFor more information, please visit: ") + STATIC_STABILITY_DOC_URL);
862
+ var _credentials_originalExpiration;
863
+ var originalExpiration = (_credentials_originalExpiration = credentials.originalExpiration) !== null && _credentials_originalExpiration !== void 0 ? _credentials_originalExpiration : credentials.expiration;
864
+ return _object_spread_props$1(_object_spread$1({}, credentials, originalExpiration ? {
865
+ originalExpiration: originalExpiration
866
+ } : {}), {
867
+ expiration: newExpiration
868
+ });
869
+ };
870
+
871
+ function asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, key, arg) {
872
+ try {
873
+ var info = gen[key](arg);
874
+ var value = info.value;
875
+ } catch (error) {
876
+ reject(error);
877
+ return;
878
+ }
879
+ if (info.done) {
880
+ resolve(value);
881
+ } else {
882
+ Promise.resolve(value).then(_next, _throw);
883
+ }
884
+ }
885
+ function _async_to_generator$1(fn) {
886
+ return function() {
887
+ var self = this, args = arguments;
888
+ return new Promise(function(resolve, reject) {
889
+ var gen = fn.apply(self, args);
890
+ function _next(value) {
891
+ asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, "next", value);
892
+ }
893
+ function _throw(err) {
894
+ asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, "throw", err);
895
+ }
896
+ _next(undefined);
897
+ });
898
+ };
899
+ }
91
900
  function _ts_generator$1(thisArg, body) {
92
901
  var f, y, t, g, _ = {
93
902
  label: 0,
@@ -183,51 +992,55 @@ function _ts_generator$1(thisArg, body) {
183
992
  };
184
993
  }
185
994
  }
186
- var fromWebToken = function(init) {
187
- return function() {
188
- var _ref = _async_to_generator$1(function(awsIdentityProperties) {
189
- var _init_logger, roleArn, roleSessionName, webIdentityToken, providerId, policyArns, policy, durationSeconds, roleAssumerWithWebIdentity, getDefaultRoleAssumerWithWebIdentity;
190
- return _ts_generator$1(this, function(_state) {
191
- switch(_state.label){
192
- case 0:
193
- (_init_logger = init.logger) === null || _init_logger === void 0 ? void 0 : _init_logger.debug("@aws-sdk/credential-provider-web-identity - fromWebToken");
194
- roleArn = init.roleArn, roleSessionName = init.roleSessionName, webIdentityToken = init.webIdentityToken, providerId = init.providerId, policyArns = init.policyArns, policy = init.policy, durationSeconds = init.durationSeconds;
195
- roleAssumerWithWebIdentity = init.roleAssumerWithWebIdentity;
196
- if (!!roleAssumerWithWebIdentity) return [
197
- 3,
198
- 2
199
- ];
200
- return [
201
- 4,
202
- import('./index.esm5.js')
203
- ];
204
- case 1:
205
- getDefaultRoleAssumerWithWebIdentity = _state.sent().getDefaultRoleAssumerWithWebIdentity;
206
- roleAssumerWithWebIdentity = getDefaultRoleAssumerWithWebIdentity(_object_spread_props$1(_object_spread$1({}, init.clientConfig), {
207
- credentialProviderLogger: init.logger,
208
- parentClientConfig: _object_spread$1({}, awsIdentityProperties === null || awsIdentityProperties === void 0 ? void 0 : awsIdentityProperties.callerClientConfig, init.parentClientConfig)
209
- }), init.clientPlugins);
210
- _state.label = 2;
211
- case 2:
212
- return [
213
- 2,
214
- roleAssumerWithWebIdentity({
215
- RoleArn: roleArn,
216
- RoleSessionName: roleSessionName !== null && roleSessionName !== void 0 ? roleSessionName : "aws-sdk-js-session-".concat(Date.now()),
217
- WebIdentityToken: webIdentityToken,
218
- ProviderId: providerId,
219
- PolicyArns: policyArns,
220
- Policy: policy,
221
- DurationSeconds: durationSeconds
222
- })
223
- ];
224
- }
225
- });
995
+ var staticStabilityProvider = function(provider) {
996
+ var options = arguments.length > 1 && arguments[1] !== void 0 ? arguments[1] : {};
997
+ var logger = (options === null || options === void 0 ? void 0 : options.logger) || console;
998
+ var pastCredentials;
999
+ return /*#__PURE__*/ _async_to_generator$1(function() {
1000
+ var credentials, e;
1001
+ return _ts_generator$1(this, function(_state) {
1002
+ switch(_state.label){
1003
+ case 0:
1004
+ _state.trys.push([
1005
+ 0,
1006
+ 2,
1007
+ ,
1008
+ 3
1009
+ ]);
1010
+ return [
1011
+ 4,
1012
+ provider()
1013
+ ];
1014
+ case 1:
1015
+ credentials = _state.sent();
1016
+ if (credentials.expiration && credentials.expiration.getTime() < Date.now()) {
1017
+ credentials = getExtendedInstanceMetadataCredentials(credentials, logger);
1018
+ }
1019
+ return [
1020
+ 3,
1021
+ 3
1022
+ ];
1023
+ case 2:
1024
+ e = _state.sent();
1025
+ if (pastCredentials) {
1026
+ logger.warn("Credential renew failed: ", e);
1027
+ credentials = getExtendedInstanceMetadataCredentials(pastCredentials, logger);
1028
+ } else {
1029
+ throw e;
1030
+ }
1031
+ return [
1032
+ 3,
1033
+ 3
1034
+ ];
1035
+ case 3:
1036
+ pastCredentials = credentials;
1037
+ return [
1038
+ 2,
1039
+ credentials
1040
+ ];
1041
+ }
226
1042
  });
227
- return function(awsIdentityProperties) {
228
- return _ref.apply(this, arguments);
229
- };
230
- }();
1043
+ });
231
1044
  };
232
1045
 
233
1046
  function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) {
@@ -401,52 +1214,305 @@ function _ts_generator(thisArg, body) {
401
1214
  };
402
1215
  }
403
1216
  }
404
- var ENV_TOKEN_FILE = "AWS_WEB_IDENTITY_TOKEN_FILE";
405
- var ENV_ROLE_ARN = "AWS_ROLE_ARN";
406
- var ENV_ROLE_SESSION_NAME = "AWS_ROLE_SESSION_NAME";
407
- var fromTokenFile = function() {
1217
+ var IMDS_PATH = "/latest/meta-data/iam/security-credentials/";
1218
+ var IMDS_TOKEN_PATH = "/latest/api/token";
1219
+ var AWS_EC2_METADATA_V1_DISABLED = "AWS_EC2_METADATA_V1_DISABLED";
1220
+ var PROFILE_AWS_EC2_METADATA_V1_DISABLED = "ec2_metadata_v1_disabled";
1221
+ var X_AWS_EC2_METADATA_TOKEN = "x-aws-ec2-metadata-token";
1222
+ var fromInstanceMetadata = function() {
408
1223
  var init = arguments.length > 0 && arguments[0] !== void 0 ? arguments[0] : {};
409
- return function() {
410
- var _ref = _async_to_generator(function(awsIdentityProperties) {
411
- var _init_logger, _externalDataInterceptor_getTokenRecord, _init_webIdentityTokenFile, webIdentityTokenFile, _init_roleArn, roleArn, _init_roleSessionName, roleSessionName, _externalDataInterceptor_getTokenRecord_webIdentityTokenFile, credentials;
1224
+ return staticStabilityProvider(getInstanceMetadataProvider(init), {
1225
+ logger: init.logger
1226
+ });
1227
+ };
1228
+ var getInstanceMetadataProvider = function() {
1229
+ var init = arguments.length > 0 && arguments[0] !== void 0 ? arguments[0] : {};
1230
+ var disableFetchToken = false;
1231
+ var logger = init.logger, profile = init.profile;
1232
+ var _providerConfigFromInit = providerConfigFromInit(init), timeout = _providerConfigFromInit.timeout, maxRetries = _providerConfigFromInit.maxRetries;
1233
+ var getCredentials = function() {
1234
+ var _ref = _async_to_generator(function(maxRetries, options) {
1235
+ var _options_headers, isImdsV1Fallback, fallbackBlockedFromProfile, fallbackBlockedFromProcessEnv, configValue, causes, imdsProfile;
412
1236
  return _ts_generator(this, function(_state) {
413
1237
  switch(_state.label){
414
1238
  case 0:
415
- (_init_logger = init.logger) === null || _init_logger === void 0 ? void 0 : _init_logger.debug("@aws-sdk/credential-provider-web-identity - fromTokenFile");
416
- webIdentityTokenFile = (_init_webIdentityTokenFile = init === null || init === void 0 ? void 0 : init.webIdentityTokenFile) !== null && _init_webIdentityTokenFile !== void 0 ? _init_webIdentityTokenFile : process.env[ENV_TOKEN_FILE];
417
- roleArn = (_init_roleArn = init === null || init === void 0 ? void 0 : init.roleArn) !== null && _init_roleArn !== void 0 ? _init_roleArn : process.env[ENV_ROLE_ARN];
418
- roleSessionName = (_init_roleSessionName = init === null || init === void 0 ? void 0 : init.roleSessionName) !== null && _init_roleSessionName !== void 0 ? _init_roleSessionName : process.env[ENV_ROLE_SESSION_NAME];
419
- if (!webIdentityTokenFile || !roleArn) {
420
- throw new CredentialsProviderError("Web identity configuration not specified", {
421
- logger: init.logger
422
- });
423
- }
1239
+ isImdsV1Fallback = disableFetchToken || ((_options_headers = options.headers) === null || _options_headers === void 0 ? void 0 : _options_headers[X_AWS_EC2_METADATA_TOKEN]) == null;
1240
+ if (!isImdsV1Fallback) return [
1241
+ 3,
1242
+ 2
1243
+ ];
1244
+ fallbackBlockedFromProfile = false;
1245
+ fallbackBlockedFromProcessEnv = false;
424
1246
  return [
425
1247
  4,
426
- fromWebToken(_object_spread_props(_object_spread({}, init), {
427
- webIdentityToken: (_externalDataInterceptor_getTokenRecord_webIdentityTokenFile = externalDataInterceptor === null || externalDataInterceptor === void 0 ? void 0 : (_externalDataInterceptor_getTokenRecord = externalDataInterceptor.getTokenRecord) === null || _externalDataInterceptor_getTokenRecord === void 0 ? void 0 : _externalDataInterceptor_getTokenRecord.call(externalDataInterceptor)[webIdentityTokenFile]) !== null && _externalDataInterceptor_getTokenRecord_webIdentityTokenFile !== void 0 ? _externalDataInterceptor_getTokenRecord_webIdentityTokenFile : readFileSync(webIdentityTokenFile, {
428
- encoding: "ascii"
429
- }),
430
- roleArn: roleArn,
431
- roleSessionName: roleSessionName
432
- }))(awsIdentityProperties)
1248
+ loadConfig({
1249
+ environmentVariableSelector: function(env) {
1250
+ var envValue = env[AWS_EC2_METADATA_V1_DISABLED];
1251
+ fallbackBlockedFromProcessEnv = !!envValue && envValue !== "false";
1252
+ if (envValue === undefined) {
1253
+ throw new CredentialsProviderError("".concat(AWS_EC2_METADATA_V1_DISABLED, " not set in env, checking config file next."), {
1254
+ logger: init.logger
1255
+ });
1256
+ }
1257
+ return fallbackBlockedFromProcessEnv;
1258
+ },
1259
+ configFileSelector: function(profile) {
1260
+ var profileValue = profile[PROFILE_AWS_EC2_METADATA_V1_DISABLED];
1261
+ fallbackBlockedFromProfile = !!profileValue && profileValue !== "false";
1262
+ return fallbackBlockedFromProfile;
1263
+ },
1264
+ default: false
1265
+ }, {
1266
+ profile: profile
1267
+ })()
433
1268
  ];
434
1269
  case 1:
435
- credentials = _state.sent();
436
- if (webIdentityTokenFile === process.env[ENV_TOKEN_FILE]) {
437
- setCredentialFeature(credentials, "CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN", "h");
1270
+ configValue = _state.sent();
1271
+ if (init.ec2MetadataV1Disabled || configValue) {
1272
+ causes = [];
1273
+ if (init.ec2MetadataV1Disabled) causes.push("credential provider initialization (runtime option ec2MetadataV1Disabled)");
1274
+ if (fallbackBlockedFromProfile) causes.push("config file profile (".concat(PROFILE_AWS_EC2_METADATA_V1_DISABLED, ")"));
1275
+ if (fallbackBlockedFromProcessEnv) causes.push("process environment variable (".concat(AWS_EC2_METADATA_V1_DISABLED, ")"));
1276
+ throw new InstanceMetadataV1FallbackError("AWS EC2 Metadata v1 fallback has been blocked by AWS SDK configuration in the following: [".concat(causes.join(", "), "]."));
438
1277
  }
1278
+ _state.label = 2;
1279
+ case 2:
1280
+ return [
1281
+ 4,
1282
+ retry(/*#__PURE__*/ _async_to_generator(function() {
1283
+ var profile, err;
1284
+ return _ts_generator(this, function(_state) {
1285
+ switch(_state.label){
1286
+ case 0:
1287
+ _state.trys.push([
1288
+ 0,
1289
+ 2,
1290
+ ,
1291
+ 3
1292
+ ]);
1293
+ return [
1294
+ 4,
1295
+ getProfile(options)
1296
+ ];
1297
+ case 1:
1298
+ profile = _state.sent();
1299
+ return [
1300
+ 3,
1301
+ 3
1302
+ ];
1303
+ case 2:
1304
+ err = _state.sent();
1305
+ if (err.statusCode === 401) {
1306
+ disableFetchToken = false;
1307
+ }
1308
+ throw err;
1309
+ case 3:
1310
+ return [
1311
+ 2,
1312
+ profile
1313
+ ];
1314
+ }
1315
+ });
1316
+ }), maxRetries)
1317
+ ];
1318
+ case 3:
1319
+ imdsProfile = _state.sent().trim();
439
1320
  return [
440
1321
  2,
441
- credentials
1322
+ retry(/*#__PURE__*/ _async_to_generator(function() {
1323
+ var creds, err;
1324
+ return _ts_generator(this, function(_state) {
1325
+ switch(_state.label){
1326
+ case 0:
1327
+ _state.trys.push([
1328
+ 0,
1329
+ 2,
1330
+ ,
1331
+ 3
1332
+ ]);
1333
+ return [
1334
+ 4,
1335
+ getCredentialsFromProfile(imdsProfile, options, init)
1336
+ ];
1337
+ case 1:
1338
+ creds = _state.sent();
1339
+ return [
1340
+ 3,
1341
+ 3
1342
+ ];
1343
+ case 2:
1344
+ err = _state.sent();
1345
+ if (err.statusCode === 401) {
1346
+ disableFetchToken = false;
1347
+ }
1348
+ throw err;
1349
+ case 3:
1350
+ return [
1351
+ 2,
1352
+ creds
1353
+ ];
1354
+ }
1355
+ });
1356
+ }), maxRetries)
442
1357
  ];
443
1358
  }
444
1359
  });
445
1360
  });
446
- return function(awsIdentityProperties) {
1361
+ return function getCredentials(maxRetries, options) {
447
1362
  return _ref.apply(this, arguments);
448
1363
  };
449
1364
  }();
1365
+ return /*#__PURE__*/ _async_to_generator(function() {
1366
+ var endpoint, token, error;
1367
+ return _ts_generator(this, function(_state) {
1368
+ switch(_state.label){
1369
+ case 0:
1370
+ return [
1371
+ 4,
1372
+ getInstanceMetadataEndpoint()
1373
+ ];
1374
+ case 1:
1375
+ endpoint = _state.sent();
1376
+ if (!disableFetchToken) return [
1377
+ 3,
1378
+ 2
1379
+ ];
1380
+ logger === null || logger === void 0 ? void 0 : logger.debug("AWS SDK Instance Metadata", "using v1 fallback (no token fetch)");
1381
+ return [
1382
+ 2,
1383
+ getCredentials(maxRetries, _object_spread_props(_object_spread({}, endpoint), {
1384
+ timeout: timeout
1385
+ }))
1386
+ ];
1387
+ case 2:
1388
+ _state.trys.push([
1389
+ 2,
1390
+ 4,
1391
+ ,
1392
+ 5
1393
+ ]);
1394
+ return [
1395
+ 4,
1396
+ getMetadataToken(_object_spread_props(_object_spread({}, endpoint), {
1397
+ timeout: timeout
1398
+ }))
1399
+ ];
1400
+ case 3:
1401
+ token = _state.sent().toString();
1402
+ return [
1403
+ 3,
1404
+ 5
1405
+ ];
1406
+ case 4:
1407
+ error = _state.sent();
1408
+ if ((error === null || error === void 0 ? void 0 : error.statusCode) === 400) {
1409
+ throw Object.assign(error, {
1410
+ message: "EC2 Metadata token request returned error"
1411
+ });
1412
+ } else if (error.message === "TimeoutError" || [
1413
+ 403,
1414
+ 404,
1415
+ 405
1416
+ ].includes(error.statusCode)) {
1417
+ disableFetchToken = true;
1418
+ }
1419
+ logger === null || logger === void 0 ? void 0 : logger.debug("AWS SDK Instance Metadata", "using v1 fallback (initial)");
1420
+ return [
1421
+ 2,
1422
+ getCredentials(maxRetries, _object_spread_props(_object_spread({}, endpoint), {
1423
+ timeout: timeout
1424
+ }))
1425
+ ];
1426
+ case 5:
1427
+ return [
1428
+ 2,
1429
+ getCredentials(maxRetries, _object_spread_props(_object_spread({}, endpoint), {
1430
+ headers: _define_property({}, X_AWS_EC2_METADATA_TOKEN, token),
1431
+ timeout: timeout
1432
+ }))
1433
+ ];
1434
+ case 6:
1435
+ return [
1436
+ 2
1437
+ ];
1438
+ }
1439
+ });
1440
+ });
450
1441
  };
1442
+ var getMetadataToken = function() {
1443
+ var _ref = _async_to_generator(function(options) {
1444
+ return _ts_generator(this, function(_state) {
1445
+ return [
1446
+ 2,
1447
+ httpRequest(_object_spread_props(_object_spread({}, options), {
1448
+ path: IMDS_TOKEN_PATH,
1449
+ method: "PUT",
1450
+ headers: {
1451
+ "x-aws-ec2-metadata-token-ttl-seconds": "21600"
1452
+ }
1453
+ }))
1454
+ ];
1455
+ });
1456
+ });
1457
+ return function getMetadataToken(options) {
1458
+ return _ref.apply(this, arguments);
1459
+ };
1460
+ }();
1461
+ var getProfile = function() {
1462
+ var _ref = _async_to_generator(function(options) {
1463
+ return _ts_generator(this, function(_state) {
1464
+ switch(_state.label){
1465
+ case 0:
1466
+ return [
1467
+ 4,
1468
+ httpRequest(_object_spread_props(_object_spread({}, options), {
1469
+ path: IMDS_PATH
1470
+ }))
1471
+ ];
1472
+ case 1:
1473
+ return [
1474
+ 2,
1475
+ _state.sent().toString()
1476
+ ];
1477
+ }
1478
+ });
1479
+ });
1480
+ return function getProfile(options) {
1481
+ return _ref.apply(this, arguments);
1482
+ };
1483
+ }();
1484
+ var getCredentialsFromProfile = function() {
1485
+ var _ref = _async_to_generator(function(profile, options, init) {
1486
+ var credentialsResponse, _;
1487
+ return _ts_generator(this, function(_state) {
1488
+ switch(_state.label){
1489
+ case 0:
1490
+ _ = JSON.parse;
1491
+ return [
1492
+ 4,
1493
+ httpRequest(_object_spread_props(_object_spread({}, options), {
1494
+ path: IMDS_PATH + profile
1495
+ }))
1496
+ ];
1497
+ case 1:
1498
+ credentialsResponse = _.apply(JSON, [
1499
+ _state.sent().toString()
1500
+ ]);
1501
+ if (!isImdsCredentials(credentialsResponse)) {
1502
+ throw new CredentialsProviderError("Invalid response received from instance metadata service.", {
1503
+ logger: init.logger
1504
+ });
1505
+ }
1506
+ return [
1507
+ 2,
1508
+ fromImdsCredentials(credentialsResponse)
1509
+ ];
1510
+ }
1511
+ });
1512
+ });
1513
+ return function getCredentialsFromProfile(profile, options, init) {
1514
+ return _ref.apply(this, arguments);
1515
+ };
1516
+ }();
451
1517
 
452
- export { fromTokenFile, fromWebToken };
1518
+ export { DEFAULT_MAX_RETRIES, DEFAULT_TIMEOUT, ENV_CMDS_AUTH_TOKEN, ENV_CMDS_FULL_URI, ENV_CMDS_RELATIVE_URI, Endpoint, fromContainerMetadata, fromInstanceMetadata, getInstanceMetadataEndpoint, httpRequest, providerConfigFromInit };