@digipair/skill-s3 0.136.3 → 0.136.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (34) hide show
  1. package/dist/AwsRestJsonProtocol.esm.js +208 -123
  2. package/dist/externalDataInterceptor.esm.js +1 -1
  3. package/dist/getSSOTokenFromFile.esm.js +4 -4
  4. package/dist/index.esm.js +10 -8
  5. package/dist/index.esm10.js +81 -89
  6. package/dist/index.esm11.js +659 -420
  7. package/dist/index.esm12.js +231 -1138
  8. package/dist/index.esm13.js +896 -1600
  9. package/dist/index.esm14.js +210 -0
  10. package/dist/index.esm15.js +4780 -0
  11. package/dist/index.esm16.js +2057 -0
  12. package/dist/index.esm17.js +434 -0
  13. package/dist/index.esm18.js +1265 -0
  14. package/dist/index.esm19.js +456 -0
  15. package/dist/index.esm2.js +58503 -11
  16. package/dist/index.esm20.js +4885 -0
  17. package/dist/index.esm3.js +787 -51789
  18. package/dist/index.esm4.js +1154 -88
  19. package/dist/index.esm5.js +268 -4827
  20. package/dist/index.esm6.js +954 -951
  21. package/dist/index.esm7.js +2425 -119
  22. package/dist/index.esm8.js +124 -426
  23. package/dist/index.esm9.js +123 -2399
  24. package/dist/loadSso.esm.js +4966 -187
  25. package/dist/loadSso.esm2.js +6584 -0
  26. package/dist/{package.esm.js → loadSsoSessionData.esm.js} +155 -122
  27. package/dist/noAuth.esm.js +165 -0
  28. package/dist/parseKnownFiles.esm.js +1 -1
  29. package/dist/src/index.d.ts +2 -0
  30. package/dist/src/index.d.ts.map +1 -0
  31. package/dist/src/lib/skill-s3.d.ts +6 -0
  32. package/dist/src/lib/skill-s3.d.ts.map +1 -0
  33. package/package.json +1 -1
  34. package/dist/create-aggregated-client.esm.js +0 -366
package/dist/index.esm18.js ADDED
@@ -0,0 +1,1265 @@
1
+ import { g as getSSOTokenFilepath, a as getSSOTokenFromFile } from './getSSOTokenFromFile.esm.js';
2
+ import { T as TokenProviderError, l as loadSsoSessionData } from './loadSsoSessionData.esm.js';
3
+ import { promises } from 'fs';
4
+ import { g as getProfileName, C as CredentialsProviderError, s as setCredentialFeature } from './index.esm2.js';
5
+ import { p as parseKnownFiles } from './parseKnownFiles.esm.js';
6
+ import 'fs/promises';
7
+ import 'crypto';
8
+ import 'path';
9
+ import 'buffer';
10
+ import 'os';
11
+ import 'node:fs/promises';
12
+ import 'stream';
13
+ import 'node:stream';
14
+ import 'http';
15
+ import 'https';
16
+ import 'process';
17
+ import 'node:fs';
18
+ import 'zlib';
19
+
20
+ var isSsoProfile = function(arg) {
21
+ return arg && (typeof arg.sso_start_url === "string" || typeof arg.sso_account_id === "string" || typeof arg.sso_session === "string" || typeof arg.sso_region === "string" || typeof arg.sso_role_name === "string");
22
+ };
23
+
24
+ var EXPIRE_WINDOW_MS = 5 * 60 * 1000;
25
+ var REFRESH_MESSAGE = "To refresh this SSO session run 'aws sso login' with the corresponding profile.";
26
+
27
+ function asyncGeneratorStep$4(gen, resolve, reject, _next, _throw, key, arg) {
28
+ try {
29
+ var info = gen[key](arg);
30
+ var value = info.value;
31
+ } catch (error) {
32
+ reject(error);
33
+ return;
34
+ }
35
+ if (info.done) {
36
+ resolve(value);
37
+ } else {
38
+ Promise.resolve(value).then(_next, _throw);
39
+ }
40
+ }
41
+ function _async_to_generator$4(fn) {
42
+ return function() {
43
+ var self = this, args = arguments;
44
+ return new Promise(function(resolve, reject) {
45
+ var gen = fn.apply(self, args);
46
+ function _next(value) {
47
+ asyncGeneratorStep$4(gen, resolve, reject, _next, _throw, "next", value);
48
+ }
49
+ function _throw(err) {
50
+ asyncGeneratorStep$4(gen, resolve, reject, _next, _throw, "throw", err);
51
+ }
52
+ _next(undefined);
53
+ });
54
+ };
55
+ }
56
+ function _ts_generator$4(thisArg, body) {
57
+ var f, y, t, g, _ = {
58
+ label: 0,
59
+ sent: function() {
60
+ if (t[0] & 1) throw t[1];
61
+ return t[1];
62
+ },
63
+ trys: [],
64
+ ops: []
65
+ };
66
+ return g = {
67
+ next: verb(0),
68
+ "throw": verb(1),
69
+ "return": verb(2)
70
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
71
+ return this;
72
+ }), g;
73
+ function verb(n) {
74
+ return function(v) {
75
+ return step([
76
+ n,
77
+ v
78
+ ]);
79
+ };
80
+ }
81
+ function step(op) {
82
+ if (f) throw new TypeError("Generator is already executing.");
83
+ while(_)try {
84
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
85
+ if (y = 0, t) op = [
86
+ op[0] & 2,
87
+ t.value
88
+ ];
89
+ switch(op[0]){
90
+ case 0:
91
+ case 1:
92
+ t = op;
93
+ break;
94
+ case 4:
95
+ _.label++;
96
+ return {
97
+ value: op[1],
98
+ done: false
99
+ };
100
+ case 5:
101
+ _.label++;
102
+ y = op[1];
103
+ op = [
104
+ 0
105
+ ];
106
+ continue;
107
+ case 7:
108
+ op = _.ops.pop();
109
+ _.trys.pop();
110
+ continue;
111
+ default:
112
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
113
+ _ = 0;
114
+ continue;
115
+ }
116
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
117
+ _.label = op[1];
118
+ break;
119
+ }
120
+ if (op[0] === 6 && _.label < t[1]) {
121
+ _.label = t[1];
122
+ t = op;
123
+ break;
124
+ }
125
+ if (t && _.label < t[2]) {
126
+ _.label = t[2];
127
+ _.ops.push(op);
128
+ break;
129
+ }
130
+ if (t[2]) _.ops.pop();
131
+ _.trys.pop();
132
+ continue;
133
+ }
134
+ op = body.call(thisArg, _);
135
+ } catch (e) {
136
+ op = [
137
+ 6,
138
+ e
139
+ ];
140
+ y = 0;
141
+ } finally{
142
+ f = t = 0;
143
+ }
144
+ if (op[0] & 5) throw op[1];
145
+ return {
146
+ value: op[0] ? op[1] : void 0,
147
+ done: true
148
+ };
149
+ }
150
+ }
151
+ var getSsoOidcClient = function() {
152
+ var _ref = _async_to_generator$4(function(ssoRegion) {
153
+ var init, callerClientConfig, _init_clientConfig, SSOOIDCClient, coalesce, _init_clientConfig1, ssoOidcClient;
154
+ var _arguments = arguments;
155
+ return _ts_generator$4(this, function(_state) {
156
+ switch(_state.label){
157
+ case 0:
158
+ init = _arguments.length > 1 && _arguments[1] !== void 0 ? _arguments[1] : {}, callerClientConfig = _arguments.length > 2 ? _arguments[2] : void 0;
159
+ return [
160
+ 4,
161
+ import('./index.esm11.js')
162
+ ];
163
+ case 1:
164
+ SSOOIDCClient = _state.sent().SSOOIDCClient;
165
+ coalesce = function(prop) {
166
+ var _init_clientConfig, _init_parentClientConfig;
167
+ var _init_clientConfig_prop, _ref;
168
+ return (_ref = (_init_clientConfig_prop = (_init_clientConfig = init.clientConfig) === null || _init_clientConfig === void 0 ? void 0 : _init_clientConfig[prop]) !== null && _init_clientConfig_prop !== void 0 ? _init_clientConfig_prop : (_init_parentClientConfig = init.parentClientConfig) === null || _init_parentClientConfig === void 0 ? void 0 : _init_parentClientConfig[prop]) !== null && _ref !== void 0 ? _ref : callerClientConfig === null || callerClientConfig === void 0 ? void 0 : callerClientConfig[prop];
169
+ };
170
+ ssoOidcClient = new SSOOIDCClient(Object.assign({}, (_init_clientConfig1 = init.clientConfig) !== null && _init_clientConfig1 !== void 0 ? _init_clientConfig1 : {}, {
171
+ region: ssoRegion !== null && ssoRegion !== void 0 ? ssoRegion : (_init_clientConfig = init.clientConfig) === null || _init_clientConfig === void 0 ? void 0 : _init_clientConfig.region,
172
+ logger: coalesce("logger"),
173
+ userAgentAppId: coalesce("userAgentAppId")
174
+ }));
175
+ return [
176
+ 2,
177
+ ssoOidcClient
178
+ ];
179
+ }
180
+ });
181
+ });
182
+ return function getSsoOidcClient(ssoRegion) {
183
+ return _ref.apply(this, arguments);
184
+ };
185
+ }();
186
+
187
+ function asyncGeneratorStep$3(gen, resolve, reject, _next, _throw, key, arg) {
188
+ try {
189
+ var info = gen[key](arg);
190
+ var value = info.value;
191
+ } catch (error) {
192
+ reject(error);
193
+ return;
194
+ }
195
+ if (info.done) {
196
+ resolve(value);
197
+ } else {
198
+ Promise.resolve(value).then(_next, _throw);
199
+ }
200
+ }
201
+ function _async_to_generator$3(fn) {
202
+ return function() {
203
+ var self = this, args = arguments;
204
+ return new Promise(function(resolve, reject) {
205
+ var gen = fn.apply(self, args);
206
+ function _next(value) {
207
+ asyncGeneratorStep$3(gen, resolve, reject, _next, _throw, "next", value);
208
+ }
209
+ function _throw(err) {
210
+ asyncGeneratorStep$3(gen, resolve, reject, _next, _throw, "throw", err);
211
+ }
212
+ _next(undefined);
213
+ });
214
+ };
215
+ }
216
+ function _ts_generator$3(thisArg, body) {
217
+ var f, y, t, g, _ = {
218
+ label: 0,
219
+ sent: function() {
220
+ if (t[0] & 1) throw t[1];
221
+ return t[1];
222
+ },
223
+ trys: [],
224
+ ops: []
225
+ };
226
+ return g = {
227
+ next: verb(0),
228
+ "throw": verb(1),
229
+ "return": verb(2)
230
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
231
+ return this;
232
+ }), g;
233
+ function verb(n) {
234
+ return function(v) {
235
+ return step([
236
+ n,
237
+ v
238
+ ]);
239
+ };
240
+ }
241
+ function step(op) {
242
+ if (f) throw new TypeError("Generator is already executing.");
243
+ while(_)try {
244
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
245
+ if (y = 0, t) op = [
246
+ op[0] & 2,
247
+ t.value
248
+ ];
249
+ switch(op[0]){
250
+ case 0:
251
+ case 1:
252
+ t = op;
253
+ break;
254
+ case 4:
255
+ _.label++;
256
+ return {
257
+ value: op[1],
258
+ done: false
259
+ };
260
+ case 5:
261
+ _.label++;
262
+ y = op[1];
263
+ op = [
264
+ 0
265
+ ];
266
+ continue;
267
+ case 7:
268
+ op = _.ops.pop();
269
+ _.trys.pop();
270
+ continue;
271
+ default:
272
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
273
+ _ = 0;
274
+ continue;
275
+ }
276
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
277
+ _.label = op[1];
278
+ break;
279
+ }
280
+ if (op[0] === 6 && _.label < t[1]) {
281
+ _.label = t[1];
282
+ t = op;
283
+ break;
284
+ }
285
+ if (t && _.label < t[2]) {
286
+ _.label = t[2];
287
+ _.ops.push(op);
288
+ break;
289
+ }
290
+ if (t[2]) _.ops.pop();
291
+ _.trys.pop();
292
+ continue;
293
+ }
294
+ op = body.call(thisArg, _);
295
+ } catch (e) {
296
+ op = [
297
+ 6,
298
+ e
299
+ ];
300
+ y = 0;
301
+ } finally{
302
+ f = t = 0;
303
+ }
304
+ if (op[0] & 5) throw op[1];
305
+ return {
306
+ value: op[0] ? op[1] : void 0,
307
+ done: true
308
+ };
309
+ }
310
+ }
311
+ var getNewSsoOidcToken = function() {
312
+ var _ref = _async_to_generator$3(function(ssoToken, ssoRegion) {
313
+ var init, callerClientConfig, CreateTokenCommand, ssoOidcClient;
314
+ var _arguments = arguments;
315
+ return _ts_generator$3(this, function(_state) {
316
+ switch(_state.label){
317
+ case 0:
318
+ init = _arguments.length > 2 && _arguments[2] !== void 0 ? _arguments[2] : {}, callerClientConfig = _arguments.length > 3 ? _arguments[3] : void 0;
319
+ return [
320
+ 4,
321
+ import('./index.esm11.js')
322
+ ];
323
+ case 1:
324
+ CreateTokenCommand = _state.sent().CreateTokenCommand;
325
+ return [
326
+ 4,
327
+ getSsoOidcClient(ssoRegion, init, callerClientConfig)
328
+ ];
329
+ case 2:
330
+ ssoOidcClient = _state.sent();
331
+ return [
332
+ 2,
333
+ ssoOidcClient.send(new CreateTokenCommand({
334
+ clientId: ssoToken.clientId,
335
+ clientSecret: ssoToken.clientSecret,
336
+ refreshToken: ssoToken.refreshToken,
337
+ grantType: "refresh_token"
338
+ }))
339
+ ];
340
+ }
341
+ });
342
+ });
343
+ return function getNewSsoOidcToken(ssoToken, ssoRegion) {
344
+ return _ref.apply(this, arguments);
345
+ };
346
+ }();
347
+
348
+ var validateTokenExpiry = function(token) {
349
+ if (token.expiration && token.expiration.getTime() < Date.now()) {
350
+ throw new TokenProviderError("Token is expired. ".concat(REFRESH_MESSAGE), false);
351
+ }
352
+ };
353
+
354
+ var validateTokenKey = function(key, value) {
355
+ var forRefresh = arguments.length > 2 && arguments[2] !== void 0 ? arguments[2] : false;
356
+ if (typeof value === "undefined") {
357
+ throw new TokenProviderError("Value not present for '".concat(key, "' in SSO Token").concat(forRefresh ? ". Cannot refresh" : "", ". ").concat(REFRESH_MESSAGE), false);
358
+ }
359
+ };
360
+
361
+ var writeFile = promises.writeFile;
362
+ var writeSSOTokenToFile = function(id, ssoToken) {
363
+ var tokenFilepath = getSSOTokenFilepath(id);
364
+ var tokenString = JSON.stringify(ssoToken, null, 2);
365
+ return writeFile(tokenFilepath, tokenString);
366
+ };
367
+
368
+ function asyncGeneratorStep$2(gen, resolve, reject, _next, _throw, key, arg) {
369
+ try {
370
+ var info = gen[key](arg);
371
+ var value = info.value;
372
+ } catch (error) {
373
+ reject(error);
374
+ return;
375
+ }
376
+ if (info.done) {
377
+ resolve(value);
378
+ } else {
379
+ Promise.resolve(value).then(_next, _throw);
380
+ }
381
+ }
382
+ function _async_to_generator$2(fn) {
383
+ return function() {
384
+ var self = this, args = arguments;
385
+ return new Promise(function(resolve, reject) {
386
+ var gen = fn.apply(self, args);
387
+ function _next(value) {
388
+ asyncGeneratorStep$2(gen, resolve, reject, _next, _throw, "next", value);
389
+ }
390
+ function _throw(err) {
391
+ asyncGeneratorStep$2(gen, resolve, reject, _next, _throw, "throw", err);
392
+ }
393
+ _next(undefined);
394
+ });
395
+ };
396
+ }
397
+ function _define_property$1(obj, key, value) {
398
+ if (key in obj) {
399
+ Object.defineProperty(obj, key, {
400
+ value: value,
401
+ enumerable: true,
402
+ configurable: true,
403
+ writable: true
404
+ });
405
+ } else {
406
+ obj[key] = value;
407
+ }
408
+ return obj;
409
+ }
410
+ function _object_spread$1(target) {
411
+ for(var i = 1; i < arguments.length; i++){
412
+ var source = arguments[i] != null ? arguments[i] : {};
413
+ var ownKeys = Object.keys(source);
414
+ if (typeof Object.getOwnPropertySymbols === "function") {
415
+ ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
416
+ return Object.getOwnPropertyDescriptor(source, sym).enumerable;
417
+ }));
418
+ }
419
+ ownKeys.forEach(function(key) {
420
+ _define_property$1(target, key, source[key]);
421
+ });
422
+ }
423
+ return target;
424
+ }
425
+ function ownKeys(object, enumerableOnly) {
426
+ var keys = Object.keys(object);
427
+ if (Object.getOwnPropertySymbols) {
428
+ var symbols = Object.getOwnPropertySymbols(object);
429
+ keys.push.apply(keys, symbols);
430
+ }
431
+ return keys;
432
+ }
433
+ function _object_spread_props(target, source) {
434
+ source = source != null ? source : {};
435
+ if (Object.getOwnPropertyDescriptors) {
436
+ Object.defineProperties(target, Object.getOwnPropertyDescriptors(source));
437
+ } else {
438
+ ownKeys(Object(source)).forEach(function(key) {
439
+ Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key));
440
+ });
441
+ }
442
+ return target;
443
+ }
444
+ function _ts_generator$2(thisArg, body) {
445
+ var f, y, t, g, _ = {
446
+ label: 0,
447
+ sent: function() {
448
+ if (t[0] & 1) throw t[1];
449
+ return t[1];
450
+ },
451
+ trys: [],
452
+ ops: []
453
+ };
454
+ return g = {
455
+ next: verb(0),
456
+ "throw": verb(1),
457
+ "return": verb(2)
458
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
459
+ return this;
460
+ }), g;
461
+ function verb(n) {
462
+ return function(v) {
463
+ return step([
464
+ n,
465
+ v
466
+ ]);
467
+ };
468
+ }
469
+ function step(op) {
470
+ if (f) throw new TypeError("Generator is already executing.");
471
+ while(_)try {
472
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
473
+ if (y = 0, t) op = [
474
+ op[0] & 2,
475
+ t.value
476
+ ];
477
+ switch(op[0]){
478
+ case 0:
479
+ case 1:
480
+ t = op;
481
+ break;
482
+ case 4:
483
+ _.label++;
484
+ return {
485
+ value: op[1],
486
+ done: false
487
+ };
488
+ case 5:
489
+ _.label++;
490
+ y = op[1];
491
+ op = [
492
+ 0
493
+ ];
494
+ continue;
495
+ case 7:
496
+ op = _.ops.pop();
497
+ _.trys.pop();
498
+ continue;
499
+ default:
500
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
501
+ _ = 0;
502
+ continue;
503
+ }
504
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
505
+ _.label = op[1];
506
+ break;
507
+ }
508
+ if (op[0] === 6 && _.label < t[1]) {
509
+ _.label = t[1];
510
+ t = op;
511
+ break;
512
+ }
513
+ if (t && _.label < t[2]) {
514
+ _.label = t[2];
515
+ _.ops.push(op);
516
+ break;
517
+ }
518
+ if (t[2]) _.ops.pop();
519
+ _.trys.pop();
520
+ continue;
521
+ }
522
+ op = body.call(thisArg, _);
523
+ } catch (e) {
524
+ op = [
525
+ 6,
526
+ e
527
+ ];
528
+ y = 0;
529
+ } finally{
530
+ f = t = 0;
531
+ }
532
+ if (op[0] & 5) throw op[1];
533
+ return {
534
+ value: op[0] ? op[1] : void 0,
535
+ done: true
536
+ };
537
+ }
538
+ }
539
+ var lastRefreshAttemptTime = new Date(0);
540
+ var fromSso = function() {
541
+ var init = arguments.length > 0 && arguments[0] !== void 0 ? arguments[0] : {};
542
+ return /*#__PURE__*/ _async_to_generator$2(function() {
543
+ var callerClientConfig, _init_logger, profiles, _init_profile, profileName, profile, ssoSessionName, ssoSessions, ssoSession, _i, _iter, ssoSessionRequiredKey, ssoRegion, ssoToken, accessToken, expiresAt, existingToken, newSsoOidcToken, newTokenExpiration;
544
+ var _arguments = arguments;
545
+ return _ts_generator$2(this, function(_state) {
546
+ switch(_state.label){
547
+ case 0:
548
+ callerClientConfig = (_arguments.length > 0 && _arguments[0] !== void 0 ? _arguments[0] : {}).callerClientConfig;
549
+ (_init_logger = init.logger) === null || _init_logger === void 0 ? void 0 : _init_logger.debug("@aws-sdk/token-providers - fromSso");
550
+ return [
551
+ 4,
552
+ parseKnownFiles(init)
553
+ ];
554
+ case 1:
555
+ profiles = _state.sent();
556
+ profileName = getProfileName({
557
+ profile: (_init_profile = init.profile) !== null && _init_profile !== void 0 ? _init_profile : callerClientConfig === null || callerClientConfig === void 0 ? void 0 : callerClientConfig.profile
558
+ });
559
+ profile = profiles[profileName];
560
+ if (!profile) {
561
+ throw new TokenProviderError("Profile '".concat(profileName, "' could not be found in shared credentials file."), false);
562
+ } else if (!profile["sso_session"]) {
563
+ throw new TokenProviderError("Profile '".concat(profileName, "' is missing required property 'sso_session'."));
564
+ }
565
+ ssoSessionName = profile["sso_session"];
566
+ return [
567
+ 4,
568
+ loadSsoSessionData(init)
569
+ ];
570
+ case 2:
571
+ ssoSessions = _state.sent();
572
+ ssoSession = ssoSessions[ssoSessionName];
573
+ if (!ssoSession) {
574
+ throw new TokenProviderError("Sso session '".concat(ssoSessionName, "' could not be found in shared credentials file."), false);
575
+ }
576
+ for(_i = 0, _iter = [
577
+ "sso_start_url",
578
+ "sso_region"
579
+ ]; _i < _iter.length; _i++){
580
+ ssoSessionRequiredKey = _iter[_i];
581
+ if (!ssoSession[ssoSessionRequiredKey]) {
582
+ throw new TokenProviderError("Sso session '".concat(ssoSessionName, "' is missing required property '").concat(ssoSessionRequiredKey, "'."), false);
583
+ }
584
+ }
585
+ ssoSession["sso_start_url"];
586
+ ssoRegion = ssoSession["sso_region"];
587
+ _state.label = 3;
588
+ case 3:
589
+ _state.trys.push([
590
+ 3,
591
+ 5,
592
+ ,
593
+ 6
594
+ ]);
595
+ return [
596
+ 4,
597
+ getSSOTokenFromFile(ssoSessionName)
598
+ ];
599
+ case 4:
600
+ ssoToken = _state.sent();
601
+ return [
602
+ 3,
603
+ 6
604
+ ];
605
+ case 5:
606
+ _state.sent();
607
+ throw new TokenProviderError("The SSO session token associated with profile=".concat(profileName, " was not found or is invalid. ").concat(REFRESH_MESSAGE), false);
608
+ case 6:
609
+ validateTokenKey("accessToken", ssoToken.accessToken);
610
+ validateTokenKey("expiresAt", ssoToken.expiresAt);
611
+ accessToken = ssoToken.accessToken, expiresAt = ssoToken.expiresAt;
612
+ existingToken = {
613
+ token: accessToken,
614
+ expiration: new Date(expiresAt)
615
+ };
616
+ if (existingToken.expiration.getTime() - Date.now() > EXPIRE_WINDOW_MS) {
617
+ return [
618
+ 2,
619
+ existingToken
620
+ ];
621
+ }
622
+ if (Date.now() - lastRefreshAttemptTime.getTime() < 30 * 1000) {
623
+ validateTokenExpiry(existingToken);
624
+ return [
625
+ 2,
626
+ existingToken
627
+ ];
628
+ }
629
+ validateTokenKey("clientId", ssoToken.clientId, true);
630
+ validateTokenKey("clientSecret", ssoToken.clientSecret, true);
631
+ validateTokenKey("refreshToken", ssoToken.refreshToken, true);
632
+ _state.label = 7;
633
+ case 7:
634
+ _state.trys.push([
635
+ 7,
636
+ 13,
637
+ ,
638
+ 14
639
+ ]);
640
+ lastRefreshAttemptTime.setTime(Date.now());
641
+ return [
642
+ 4,
643
+ getNewSsoOidcToken(ssoToken, ssoRegion, init, callerClientConfig)
644
+ ];
645
+ case 8:
646
+ newSsoOidcToken = _state.sent();
647
+ validateTokenKey("accessToken", newSsoOidcToken.accessToken);
648
+ validateTokenKey("expiresIn", newSsoOidcToken.expiresIn);
649
+ newTokenExpiration = new Date(Date.now() + newSsoOidcToken.expiresIn * 1000);
650
+ _state.label = 9;
651
+ case 9:
652
+ _state.trys.push([
653
+ 9,
654
+ 11,
655
+ ,
656
+ 12
657
+ ]);
658
+ return [
659
+ 4,
660
+ writeSSOTokenToFile(ssoSessionName, _object_spread_props(_object_spread$1({}, ssoToken), {
661
+ accessToken: newSsoOidcToken.accessToken,
662
+ expiresAt: newTokenExpiration.toISOString(),
663
+ refreshToken: newSsoOidcToken.refreshToken
664
+ }))
665
+ ];
666
+ case 10:
667
+ _state.sent();
668
+ return [
669
+ 3,
670
+ 12
671
+ ];
672
+ case 11:
673
+ _state.sent();
674
+ return [
675
+ 3,
676
+ 12
677
+ ];
678
+ case 12:
679
+ return [
680
+ 2,
681
+ {
682
+ token: newSsoOidcToken.accessToken,
683
+ expiration: newTokenExpiration
684
+ }
685
+ ];
686
+ case 13:
687
+ _state.sent();
688
+ validateTokenExpiry(existingToken);
689
+ return [
690
+ 2,
691
+ existingToken
692
+ ];
693
+ case 14:
694
+ return [
695
+ 2
696
+ ];
697
+ }
698
+ });
699
+ });
700
+ };
701
+
702
+ function asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, key, arg) {
703
+ try {
704
+ var info = gen[key](arg);
705
+ var value = info.value;
706
+ } catch (error) {
707
+ reject(error);
708
+ return;
709
+ }
710
+ if (info.done) {
711
+ resolve(value);
712
+ } else {
713
+ Promise.resolve(value).then(_next, _throw);
714
+ }
715
+ }
716
+ function _async_to_generator$1(fn) {
717
+ return function() {
718
+ var self = this, args = arguments;
719
+ return new Promise(function(resolve, reject) {
720
+ var gen = fn.apply(self, args);
721
+ function _next(value) {
722
+ asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, "next", value);
723
+ }
724
+ function _throw(err) {
725
+ asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, "throw", err);
726
+ }
727
+ _next(undefined);
728
+ });
729
+ };
730
+ }
731
+ function _define_property(obj, key, value) {
732
+ if (key in obj) {
733
+ Object.defineProperty(obj, key, {
734
+ value: value,
735
+ enumerable: true,
736
+ configurable: true,
737
+ writable: true
738
+ });
739
+ } else {
740
+ obj[key] = value;
741
+ }
742
+ return obj;
743
+ }
744
+ function _object_spread(target) {
745
+ for(var i = 1; i < arguments.length; i++){
746
+ var source = arguments[i] != null ? arguments[i] : {};
747
+ var ownKeys = Object.keys(source);
748
+ if (typeof Object.getOwnPropertySymbols === "function") {
749
+ ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
750
+ return Object.getOwnPropertyDescriptor(source, sym).enumerable;
751
+ }));
752
+ }
753
+ ownKeys.forEach(function(key) {
754
+ _define_property(target, key, source[key]);
755
+ });
756
+ }
757
+ return target;
758
+ }
759
+ function _ts_generator$1(thisArg, body) {
760
+ var f, y, t, g, _ = {
761
+ label: 0,
762
+ sent: function() {
763
+ if (t[0] & 1) throw t[1];
764
+ return t[1];
765
+ },
766
+ trys: [],
767
+ ops: []
768
+ };
769
+ return g = {
770
+ next: verb(0),
771
+ "throw": verb(1),
772
+ "return": verb(2)
773
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
774
+ return this;
775
+ }), g;
776
+ function verb(n) {
777
+ return function(v) {
778
+ return step([
779
+ n,
780
+ v
781
+ ]);
782
+ };
783
+ }
784
+ function step(op) {
785
+ if (f) throw new TypeError("Generator is already executing.");
786
+ while(_)try {
787
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
788
+ if (y = 0, t) op = [
789
+ op[0] & 2,
790
+ t.value
791
+ ];
792
+ switch(op[0]){
793
+ case 0:
794
+ case 1:
795
+ t = op;
796
+ break;
797
+ case 4:
798
+ _.label++;
799
+ return {
800
+ value: op[1],
801
+ done: false
802
+ };
803
+ case 5:
804
+ _.label++;
805
+ y = op[1];
806
+ op = [
807
+ 0
808
+ ];
809
+ continue;
810
+ case 7:
811
+ op = _.ops.pop();
812
+ _.trys.pop();
813
+ continue;
814
+ default:
815
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
816
+ _ = 0;
817
+ continue;
818
+ }
819
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
820
+ _.label = op[1];
821
+ break;
822
+ }
823
+ if (op[0] === 6 && _.label < t[1]) {
824
+ _.label = t[1];
825
+ t = op;
826
+ break;
827
+ }
828
+ if (t && _.label < t[2]) {
829
+ _.label = t[2];
830
+ _.ops.push(op);
831
+ break;
832
+ }
833
+ if (t[2]) _.ops.pop();
834
+ _.trys.pop();
835
+ continue;
836
+ }
837
+ op = body.call(thisArg, _);
838
+ } catch (e) {
839
+ op = [
840
+ 6,
841
+ e
842
+ ];
843
+ y = 0;
844
+ } finally{
845
+ f = t = 0;
846
+ }
847
+ if (op[0] & 5) throw op[1];
848
+ return {
849
+ value: op[0] ? op[1] : void 0,
850
+ done: true
851
+ };
852
+ }
853
+ }
854
+ var SHOULD_FAIL_CREDENTIAL_CHAIN = false;
855
+ var resolveSSOCredentials = function() {
856
+ var _ref = _async_to_generator$1(function(param) {
857
+ var ssoStartUrl, ssoSession, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, clientConfig, parentClientConfig, callerClientConfig, profile, filepath, configFilepath, ignoreCache, logger, token, refreshMessage, _token, e, accessToken, _ref, SSOClient, GetRoleCredentialsCommand, _clientConfig_logger, _ref1, _clientConfig_region, _clientConfig_userAgentAppId, _ref2, sso, ssoResp, e2, tmp, _ref3, accessKeyId, secretAccessKey, sessionToken, expiration, credentialScope, accountId, credentials;
858
+ return _ts_generator$1(this, function(_state) {
859
+ switch(_state.label){
860
+ case 0:
861
+ ssoStartUrl = param.ssoStartUrl, ssoSession = param.ssoSession, ssoAccountId = param.ssoAccountId, ssoRegion = param.ssoRegion, ssoRoleName = param.ssoRoleName, ssoClient = param.ssoClient, clientConfig = param.clientConfig, parentClientConfig = param.parentClientConfig, callerClientConfig = param.callerClientConfig, profile = param.profile, filepath = param.filepath, configFilepath = param.configFilepath, ignoreCache = param.ignoreCache, logger = param.logger;
862
+ refreshMessage = "To refresh this SSO session run aws sso login with the corresponding profile.";
863
+ if (!ssoSession) return [
864
+ 3,
865
+ 5
866
+ ];
867
+ _state.label = 1;
868
+ case 1:
869
+ _state.trys.push([
870
+ 1,
871
+ 3,
872
+ ,
873
+ 4
874
+ ]);
875
+ return [
876
+ 4,
877
+ fromSso({
878
+ profile: profile,
879
+ filepath: filepath,
880
+ configFilepath: configFilepath,
881
+ ignoreCache: ignoreCache
882
+ })()
883
+ ];
884
+ case 2:
885
+ _token = _state.sent();
886
+ token = {
887
+ accessToken: _token.token,
888
+ expiresAt: new Date(_token.expiration).toISOString()
889
+ };
890
+ return [
891
+ 3,
892
+ 4
893
+ ];
894
+ case 3:
895
+ e = _state.sent();
896
+ throw new CredentialsProviderError(e.message, {
897
+ tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
898
+ logger: logger
899
+ });
900
+ case 4:
901
+ return [
902
+ 3,
903
+ 8
904
+ ];
905
+ case 5:
906
+ _state.trys.push([
907
+ 5,
908
+ 7,
909
+ ,
910
+ 8
911
+ ]);
912
+ return [
913
+ 4,
914
+ getSSOTokenFromFile(ssoStartUrl)
915
+ ];
916
+ case 6:
917
+ token = _state.sent();
918
+ return [
919
+ 3,
920
+ 8
921
+ ];
922
+ case 7:
923
+ _state.sent();
924
+ throw new CredentialsProviderError("The SSO session associated with this profile is invalid. ".concat(refreshMessage), {
925
+ tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
926
+ logger: logger
927
+ });
928
+ case 8:
929
+ if (new Date(token.expiresAt).getTime() - Date.now() <= 0) {
930
+ throw new CredentialsProviderError("The SSO session associated with this profile has expired. ".concat(refreshMessage), {
931
+ tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
932
+ logger: logger
933
+ });
934
+ }
935
+ accessToken = token.accessToken;
936
+ return [
937
+ 4,
938
+ import('./loadSso.esm2.js')
939
+ ];
940
+ case 9:
941
+ _ref = _state.sent(), SSOClient = _ref.SSOClient, GetRoleCredentialsCommand = _ref.GetRoleCredentialsCommand;
942
+ sso = ssoClient || new SSOClient(Object.assign({}, clientConfig !== null && clientConfig !== void 0 ? clientConfig : {}, {
943
+ logger: (_ref1 = (_clientConfig_logger = clientConfig === null || clientConfig === void 0 ? void 0 : clientConfig.logger) !== null && _clientConfig_logger !== void 0 ? _clientConfig_logger : callerClientConfig === null || callerClientConfig === void 0 ? void 0 : callerClientConfig.logger) !== null && _ref1 !== void 0 ? _ref1 : parentClientConfig === null || parentClientConfig === void 0 ? void 0 : parentClientConfig.logger,
944
+ region: (_clientConfig_region = clientConfig === null || clientConfig === void 0 ? void 0 : clientConfig.region) !== null && _clientConfig_region !== void 0 ? _clientConfig_region : ssoRegion,
945
+ userAgentAppId: (_ref2 = (_clientConfig_userAgentAppId = clientConfig === null || clientConfig === void 0 ? void 0 : clientConfig.userAgentAppId) !== null && _clientConfig_userAgentAppId !== void 0 ? _clientConfig_userAgentAppId : callerClientConfig === null || callerClientConfig === void 0 ? void 0 : callerClientConfig.userAgentAppId) !== null && _ref2 !== void 0 ? _ref2 : parentClientConfig === null || parentClientConfig === void 0 ? void 0 : parentClientConfig.userAgentAppId
946
+ }));
947
+ _state.label = 10;
948
+ case 10:
949
+ _state.trys.push([
950
+ 10,
951
+ 12,
952
+ ,
953
+ 13
954
+ ]);
955
+ return [
956
+ 4,
957
+ sso.send(new GetRoleCredentialsCommand({
958
+ accountId: ssoAccountId,
959
+ roleName: ssoRoleName,
960
+ accessToken: accessToken
961
+ }))
962
+ ];
963
+ case 11:
964
+ ssoResp = _state.sent();
965
+ return [
966
+ 3,
967
+ 13
968
+ ];
969
+ case 12:
970
+ e2 = _state.sent();
971
+ throw new CredentialsProviderError(e2, {
972
+ tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
973
+ logger: logger
974
+ });
975
+ case 13:
976
+ tmp = ssoResp.roleCredentials, _ref3 = tmp === void 0 ? {} : tmp, accessKeyId = _ref3.accessKeyId, secretAccessKey = _ref3.secretAccessKey, sessionToken = _ref3.sessionToken, expiration = _ref3.expiration, credentialScope = _ref3.credentialScope, accountId = _ref3.accountId;
977
+ if (!accessKeyId || !secretAccessKey || !sessionToken || !expiration) {
978
+ throw new CredentialsProviderError("SSO returns an invalid temporary credential.", {
979
+ tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
980
+ logger: logger
981
+ });
982
+ }
983
+ credentials = _object_spread({
984
+ accessKeyId: accessKeyId,
985
+ secretAccessKey: secretAccessKey,
986
+ sessionToken: sessionToken,
987
+ expiration: new Date(expiration)
988
+ }, credentialScope && {
989
+ credentialScope: credentialScope
990
+ }, accountId && {
991
+ accountId: accountId
992
+ });
993
+ if (ssoSession) {
994
+ setCredentialFeature(credentials, "CREDENTIALS_SSO", "s");
995
+ } else {
996
+ setCredentialFeature(credentials, "CREDENTIALS_SSO_LEGACY", "u");
997
+ }
998
+ return [
999
+ 2,
1000
+ credentials
1001
+ ];
1002
+ }
1003
+ });
1004
+ });
1005
+ return function resolveSSOCredentials(_) {
1006
+ return _ref.apply(this, arguments);
1007
+ };
1008
+ }();
1009
+
1010
+ var validateSsoProfile = function(profile, logger) {
1011
+ var sso_start_url = profile.sso_start_url, sso_account_id = profile.sso_account_id, sso_region = profile.sso_region, sso_role_name = profile.sso_role_name;
1012
+ if (!sso_start_url || !sso_account_id || !sso_region || !sso_role_name) {
1013
+ throw new CredentialsProviderError('Profile is configured with invalid SSO credentials. Required parameters "sso_account_id", ' + '"sso_region", "sso_role_name", "sso_start_url". Got '.concat(Object.keys(profile).join(", "), "\nReference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html"), {
1014
+ tryNextLink: false,
1015
+ logger: logger
1016
+ });
1017
+ }
1018
+ return profile;
1019
+ };
1020
+
1021
+ function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) {
1022
+ try {
1023
+ var info = gen[key](arg);
1024
+ var value = info.value;
1025
+ } catch (error) {
1026
+ reject(error);
1027
+ return;
1028
+ }
1029
+ if (info.done) {
1030
+ resolve(value);
1031
+ } else {
1032
+ Promise.resolve(value).then(_next, _throw);
1033
+ }
1034
+ }
1035
+ function _async_to_generator(fn) {
1036
+ return function() {
1037
+ var self = this, args = arguments;
1038
+ return new Promise(function(resolve, reject) {
1039
+ var gen = fn.apply(self, args);
1040
+ function _next(value) {
1041
+ asyncGeneratorStep(gen, resolve, reject, _next, _throw, "next", value);
1042
+ }
1043
+ function _throw(err) {
1044
+ asyncGeneratorStep(gen, resolve, reject, _next, _throw, "throw", err);
1045
+ }
1046
+ _next(undefined);
1047
+ });
1048
+ };
1049
+ }
1050
+ function _ts_generator(thisArg, body) {
1051
+ var f, y, t, g, _ = {
1052
+ label: 0,
1053
+ sent: function() {
1054
+ if (t[0] & 1) throw t[1];
1055
+ return t[1];
1056
+ },
1057
+ trys: [],
1058
+ ops: []
1059
+ };
1060
+ return g = {
1061
+ next: verb(0),
1062
+ "throw": verb(1),
1063
+ "return": verb(2)
1064
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
1065
+ return this;
1066
+ }), g;
1067
+ function verb(n) {
1068
+ return function(v) {
1069
+ return step([
1070
+ n,
1071
+ v
1072
+ ]);
1073
+ };
1074
+ }
1075
+ function step(op) {
1076
+ if (f) throw new TypeError("Generator is already executing.");
1077
+ while(_)try {
1078
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
1079
+ if (y = 0, t) op = [
1080
+ op[0] & 2,
1081
+ t.value
1082
+ ];
1083
+ switch(op[0]){
1084
+ case 0:
1085
+ case 1:
1086
+ t = op;
1087
+ break;
1088
+ case 4:
1089
+ _.label++;
1090
+ return {
1091
+ value: op[1],
1092
+ done: false
1093
+ };
1094
+ case 5:
1095
+ _.label++;
1096
+ y = op[1];
1097
+ op = [
1098
+ 0
1099
+ ];
1100
+ continue;
1101
+ case 7:
1102
+ op = _.ops.pop();
1103
+ _.trys.pop();
1104
+ continue;
1105
+ default:
1106
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
1107
+ _ = 0;
1108
+ continue;
1109
+ }
1110
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
1111
+ _.label = op[1];
1112
+ break;
1113
+ }
1114
+ if (op[0] === 6 && _.label < t[1]) {
1115
+ _.label = t[1];
1116
+ t = op;
1117
+ break;
1118
+ }
1119
+ if (t && _.label < t[2]) {
1120
+ _.label = t[2];
1121
+ _.ops.push(op);
1122
+ break;
1123
+ }
1124
+ if (t[2]) _.ops.pop();
1125
+ _.trys.pop();
1126
+ continue;
1127
+ }
1128
+ op = body.call(thisArg, _);
1129
+ } catch (e) {
1130
+ op = [
1131
+ 6,
1132
+ e
1133
+ ];
1134
+ y = 0;
1135
+ } finally{
1136
+ f = t = 0;
1137
+ }
1138
+ if (op[0] & 5) throw op[1];
1139
+ return {
1140
+ value: op[0] ? op[1] : void 0,
1141
+ done: true
1142
+ };
1143
+ }
1144
+ }
1145
+ var fromSSO = function() {
1146
+ var init = arguments.length > 0 && arguments[0] !== void 0 ? arguments[0] : {};
1147
+ return /*#__PURE__*/ _async_to_generator(function() {
1148
+ var callerClientConfig, _init_logger, ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoSession, ssoClient, _init_profile, profileName, profiles, profile, ssoSessions, session, conflictMsg, _validateSsoProfile, sso_start_url, sso_account_id, sso_region, sso_role_name, sso_session;
1149
+ var _arguments = arguments;
1150
+ return _ts_generator(this, function(_state) {
1151
+ switch(_state.label){
1152
+ case 0:
1153
+ callerClientConfig = (_arguments.length > 0 && _arguments[0] !== void 0 ? _arguments[0] : {}).callerClientConfig;
1154
+ (_init_logger = init.logger) === null || _init_logger === void 0 ? void 0 : _init_logger.debug("@aws-sdk/credential-provider-sso - fromSSO");
1155
+ ssoStartUrl = init.ssoStartUrl, ssoAccountId = init.ssoAccountId, ssoRegion = init.ssoRegion, ssoRoleName = init.ssoRoleName, ssoSession = init.ssoSession;
1156
+ ssoClient = init.ssoClient;
1157
+ profileName = getProfileName({
1158
+ profile: (_init_profile = init.profile) !== null && _init_profile !== void 0 ? _init_profile : callerClientConfig === null || callerClientConfig === void 0 ? void 0 : callerClientConfig.profile
1159
+ });
1160
+ if (!(!ssoStartUrl && !ssoAccountId && !ssoRegion && !ssoRoleName && !ssoSession)) return [
1161
+ 3,
1162
+ 4
1163
+ ];
1164
+ return [
1165
+ 4,
1166
+ parseKnownFiles(init)
1167
+ ];
1168
+ case 1:
1169
+ profiles = _state.sent();
1170
+ profile = profiles[profileName];
1171
+ if (!profile) {
1172
+ throw new CredentialsProviderError("Profile ".concat(profileName, " was not found."), {
1173
+ logger: init.logger
1174
+ });
1175
+ }
1176
+ if (!isSsoProfile(profile)) {
1177
+ throw new CredentialsProviderError("Profile ".concat(profileName, " is not configured with SSO credentials."), {
1178
+ logger: init.logger
1179
+ });
1180
+ }
1181
+ if (!(profile === null || profile === void 0 ? void 0 : profile.sso_session)) return [
1182
+ 3,
1183
+ 3
1184
+ ];
1185
+ return [
1186
+ 4,
1187
+ loadSsoSessionData(init)
1188
+ ];
1189
+ case 2:
1190
+ ssoSessions = _state.sent();
1191
+ session = ssoSessions[profile.sso_session];
1192
+ conflictMsg = " configurations in profile ".concat(profileName, " and sso-session ").concat(profile.sso_session);
1193
+ if (ssoRegion && ssoRegion !== session.sso_region) {
1194
+ throw new CredentialsProviderError("Conflicting SSO region" + conflictMsg, {
1195
+ tryNextLink: false,
1196
+ logger: init.logger
1197
+ });
1198
+ }
1199
+ if (ssoStartUrl && ssoStartUrl !== session.sso_start_url) {
1200
+ throw new CredentialsProviderError("Conflicting SSO start_url" + conflictMsg, {
1201
+ tryNextLink: false,
1202
+ logger: init.logger
1203
+ });
1204
+ }
1205
+ profile.sso_region = session.sso_region;
1206
+ profile.sso_start_url = session.sso_start_url;
1207
+ _state.label = 3;
1208
+ case 3:
1209
+ _validateSsoProfile = validateSsoProfile(profile, init.logger), sso_start_url = _validateSsoProfile.sso_start_url, sso_account_id = _validateSsoProfile.sso_account_id, sso_region = _validateSsoProfile.sso_region, sso_role_name = _validateSsoProfile.sso_role_name, sso_session = _validateSsoProfile.sso_session;
1210
+ return [
1211
+ 2,
1212
+ resolveSSOCredentials({
1213
+ ssoStartUrl: sso_start_url,
1214
+ ssoSession: sso_session,
1215
+ ssoAccountId: sso_account_id,
1216
+ ssoRegion: sso_region,
1217
+ ssoRoleName: sso_role_name,
1218
+ ssoClient: ssoClient,
1219
+ clientConfig: init.clientConfig,
1220
+ parentClientConfig: init.parentClientConfig,
1221
+ callerClientConfig: init.callerClientConfig,
1222
+ profile: profileName,
1223
+ filepath: init.filepath,
1224
+ configFilepath: init.configFilepath,
1225
+ ignoreCache: init.ignoreCache,
1226
+ logger: init.logger
1227
+ })
1228
+ ];
1229
+ case 4:
1230
+ if (!ssoStartUrl || !ssoAccountId || !ssoRegion || !ssoRoleName) {
1231
+ throw new CredentialsProviderError("Incomplete configuration. The fromSSO() argument hash must include " + '"ssoStartUrl", "ssoAccountId", "ssoRegion", "ssoRoleName"', {
1232
+ tryNextLink: false,
1233
+ logger: init.logger
1234
+ });
1235
+ } else {
1236
+ return [
1237
+ 2,
1238
+ resolveSSOCredentials({
1239
+ ssoStartUrl: ssoStartUrl,
1240
+ ssoSession: ssoSession,
1241
+ ssoAccountId: ssoAccountId,
1242
+ ssoRegion: ssoRegion,
1243
+ ssoRoleName: ssoRoleName,
1244
+ ssoClient: ssoClient,
1245
+ clientConfig: init.clientConfig,
1246
+ parentClientConfig: init.parentClientConfig,
1247
+ callerClientConfig: init.callerClientConfig,
1248
+ profile: profileName,
1249
+ filepath: init.filepath,
1250
+ configFilepath: init.configFilepath,
1251
+ ignoreCache: init.ignoreCache,
1252
+ logger: init.logger
1253
+ })
1254
+ ];
1255
+ }
1256
+ case 5:
1257
+ return [
1258
+ 2
1259
+ ];
1260
+ }
1261
+ });
1262
+ });
1263
+ };
1264
+
1265
+ export { fromSSO, isSsoProfile, validateSsoProfile };