@digipair/skill-s3 0.136.3 → 0.136.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (34) hide show
  1. package/dist/AwsRestJsonProtocol.esm.js +208 -123
  2. package/dist/externalDataInterceptor.esm.js +1 -1
  3. package/dist/getSSOTokenFromFile.esm.js +4 -4
  4. package/dist/index.esm.js +10 -8
  5. package/dist/index.esm10.js +81 -89
  6. package/dist/index.esm11.js +659 -420
  7. package/dist/index.esm12.js +231 -1138
  8. package/dist/index.esm13.js +896 -1600
  9. package/dist/index.esm14.js +210 -0
  10. package/dist/index.esm15.js +4780 -0
  11. package/dist/index.esm16.js +2057 -0
  12. package/dist/index.esm17.js +434 -0
  13. package/dist/index.esm18.js +1265 -0
  14. package/dist/index.esm19.js +456 -0
  15. package/dist/index.esm2.js +58503 -11
  16. package/dist/index.esm20.js +4885 -0
  17. package/dist/index.esm3.js +787 -51789
  18. package/dist/index.esm4.js +1154 -88
  19. package/dist/index.esm5.js +268 -4827
  20. package/dist/index.esm6.js +954 -951
  21. package/dist/index.esm7.js +2425 -119
  22. package/dist/index.esm8.js +124 -426
  23. package/dist/index.esm9.js +123 -2399
  24. package/dist/loadSso.esm.js +4966 -187
  25. package/dist/loadSso.esm2.js +6584 -0
  26. package/dist/{package.esm.js → loadSsoSessionData.esm.js} +155 -122
  27. package/dist/noAuth.esm.js +165 -0
  28. package/dist/parseKnownFiles.esm.js +1 -1
  29. package/dist/src/index.d.ts +2 -0
  30. package/dist/src/index.d.ts.map +1 -0
  31. package/dist/src/lib/skill-s3.d.ts +6 -0
  32. package/dist/src/lib/skill-s3.d.ts.map +1 -0
  33. package/package.json +1 -1
  34. package/dist/create-aggregated-client.esm.js +0 -366
package/dist/index.esm7.js CHANGED
@@ -1,84 +1,260 @@
1
- import { exec } from 'node:child_process';
2
- import { promisify } from 'node:util';
3
- import { s as setCredentialFeature, C as CredentialsProviderError, x as getProfileName } from './index.esm3.js';
4
- import { e as externalDataInterceptor } from './externalDataInterceptor.esm.js';
1
+ import { C as CredentialsProviderError, c as chain, s as setCredentialFeature, g as getProfileName, r as readFile, H as HttpRequest } from './index.esm2.js';
2
+ import { createHash, createPrivateKey, createPublicKey, sign } from 'node:crypto';
3
+ import { promises } from 'node:fs';
4
+ import { homedir } from 'node:os';
5
+ import { join, dirname } from 'node:path';
5
6
  import { p as parseKnownFiles } from './parseKnownFiles.esm.js';
6
- import 'node:crypto';
7
- import 'node:path';
8
- import 'node:os';
7
+ import 'buffer';
8
+ import 'path';
9
+ import 'os';
9
10
  import 'node:fs/promises';
11
+ import 'stream';
12
+ import 'crypto';
10
13
  import 'node:stream';
11
- import 'node:process';
12
- import 'buffer';
13
- import 'node:fs';
14
- import 'node:https';
15
- import 'node:zlib';
16
- import './getSSOTokenFromFile.esm.js';
14
+ import 'http';
15
+ import 'https';
16
+ import 'process';
17
+ import 'zlib';
17
18
 
18
- function _define_property(obj, key, value) {
19
- if (key in obj) {
20
- Object.defineProperty(obj, key, {
21
- value: value,
22
- enumerable: true,
23
- configurable: true,
24
- writable: true
25
- });
19
+ function asyncGeneratorStep$a(gen, resolve, reject, _next, _throw, key, arg) {
20
+ try {
21
+ var info = gen[key](arg);
22
+ var value = info.value;
23
+ } catch (error) {
24
+ reject(error);
25
+ return;
26
+ }
27
+ if (info.done) {
28
+ resolve(value);
26
29
  } else {
27
- obj[key] = value;
30
+ Promise.resolve(value).then(_next, _throw);
28
31
  }
29
- return obj;
30
32
  }
31
- function _object_spread(target) {
32
- for(var i = 1; i < arguments.length; i++){
33
- var source = arguments[i] != null ? arguments[i] : {};
34
- var ownKeys = Object.keys(source);
35
- if (typeof Object.getOwnPropertySymbols === "function") {
36
- ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
37
- return Object.getOwnPropertyDescriptor(source, sym).enumerable;
38
- }));
39
- }
40
- ownKeys.forEach(function(key) {
41
- _define_property(target, key, source[key]);
33
+ function _async_to_generator$a(fn) {
34
+ return function() {
35
+ var self = this, args = arguments;
36
+ return new Promise(function(resolve, reject) {
37
+ var gen = fn.apply(self, args);
38
+ function _next(value) {
39
+ asyncGeneratorStep$a(gen, resolve, reject, _next, _throw, "next", value);
40
+ }
41
+ function _throw(err) {
42
+ asyncGeneratorStep$a(gen, resolve, reject, _next, _throw, "throw", err);
43
+ }
44
+ _next(undefined);
42
45
  });
43
- }
44
- return target;
46
+ };
45
47
  }
46
- var getValidatedProcessCredentials = function(profileName, data, profiles) {
47
- var _profiles_profileName;
48
- if (data.Version !== 1) {
49
- throw Error("Profile ".concat(profileName, " credential_process did not return Version 1."));
50
- }
51
- if (data.AccessKeyId === undefined || data.SecretAccessKey === undefined) {
52
- throw Error("Profile ".concat(profileName, " credential_process returned invalid credentials."));
48
+ function _ts_generator$a(thisArg, body) {
49
+ var f, y, t, g, _ = {
50
+ label: 0,
51
+ sent: function() {
52
+ if (t[0] & 1) throw t[1];
53
+ return t[1];
54
+ },
55
+ trys: [],
56
+ ops: []
57
+ };
58
+ return g = {
59
+ next: verb(0),
60
+ "throw": verb(1),
61
+ "return": verb(2)
62
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
63
+ return this;
64
+ }), g;
65
+ function verb(n) {
66
+ return function(v) {
67
+ return step([
68
+ n,
69
+ v
70
+ ]);
71
+ };
53
72
  }
54
- if (data.Expiration) {
55
- var currentTime = new Date();
56
- var expireTime = new Date(data.Expiration);
57
- if (expireTime < currentTime) {
58
- throw Error("Profile ".concat(profileName, " credential_process returned expired credentials."));
73
+ function step(op) {
74
+ if (f) throw new TypeError("Generator is already executing.");
75
+ while(_)try {
76
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
77
+ if (y = 0, t) op = [
78
+ op[0] & 2,
79
+ t.value
80
+ ];
81
+ switch(op[0]){
82
+ case 0:
83
+ case 1:
84
+ t = op;
85
+ break;
86
+ case 4:
87
+ _.label++;
88
+ return {
89
+ value: op[1],
90
+ done: false
91
+ };
92
+ case 5:
93
+ _.label++;
94
+ y = op[1];
95
+ op = [
96
+ 0
97
+ ];
98
+ continue;
99
+ case 7:
100
+ op = _.ops.pop();
101
+ _.trys.pop();
102
+ continue;
103
+ default:
104
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
105
+ _ = 0;
106
+ continue;
107
+ }
108
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
109
+ _.label = op[1];
110
+ break;
111
+ }
112
+ if (op[0] === 6 && _.label < t[1]) {
113
+ _.label = t[1];
114
+ t = op;
115
+ break;
116
+ }
117
+ if (t && _.label < t[2]) {
118
+ _.label = t[2];
119
+ _.ops.push(op);
120
+ break;
121
+ }
122
+ if (t[2]) _.ops.pop();
123
+ _.trys.pop();
124
+ continue;
125
+ }
126
+ op = body.call(thisArg, _);
127
+ } catch (e) {
128
+ op = [
129
+ 6,
130
+ e
131
+ ];
132
+ y = 0;
133
+ } finally{
134
+ f = t = 0;
59
135
  }
136
+ if (op[0] & 5) throw op[1];
137
+ return {
138
+ value: op[0] ? op[1] : void 0,
139
+ done: true
140
+ };
60
141
  }
61
- var accountId = data.AccountId;
62
- if (!accountId && (profiles === null || profiles === void 0 ? void 0 : (_profiles_profileName = profiles[profileName]) === null || _profiles_profileName === void 0 ? void 0 : _profiles_profileName.aws_account_id)) {
63
- accountId = profiles[profileName].aws_account_id;
64
- }
65
- var credentials = _object_spread({
66
- accessKeyId: data.AccessKeyId,
67
- secretAccessKey: data.SecretAccessKey
68
- }, data.SessionToken && {
69
- sessionToken: data.SessionToken
70
- }, data.Expiration && {
71
- expiration: new Date(data.Expiration)
72
- }, data.CredentialScope && {
73
- credentialScope: data.CredentialScope
74
- }, accountId && {
75
- accountId: accountId
76
- });
77
- setCredentialFeature(credentials, "CREDENTIALS_PROCESS", "w");
78
- return credentials;
142
+ }
143
+ var resolveCredentialSource = function(credentialSource, profileName, logger) {
144
+ var sourceProvidersMap = {
145
+ EcsContainer: function() {
146
+ var _ref = _async_to_generator$a(function(options) {
147
+ var fromHttp, fromContainerMetadata;
148
+ return _ts_generator$a(this, function(_state) {
149
+ switch(_state.label){
150
+ case 0:
151
+ return [
152
+ 4,
153
+ import('./index.esm12.js')
154
+ ];
155
+ case 1:
156
+ fromHttp = _state.sent().fromHttp;
157
+ return [
158
+ 4,
159
+ import('./index.esm13.js')
160
+ ];
161
+ case 2:
162
+ fromContainerMetadata = _state.sent().fromContainerMetadata;
163
+ logger === null || logger === void 0 ? void 0 : logger.debug("@aws-sdk/credential-provider-ini - credential_source is EcsContainer");
164
+ return [
165
+ 2,
166
+ /*#__PURE__*/ _async_to_generator$a(function() {
167
+ return _ts_generator$a(this, function(_state) {
168
+ return [
169
+ 2,
170
+ chain(fromHttp(options !== null && options !== void 0 ? options : {}), fromContainerMetadata(options))().then(setNamedProvider)
171
+ ];
172
+ });
173
+ })
174
+ ];
175
+ }
176
+ });
177
+ });
178
+ return function(options) {
179
+ return _ref.apply(this, arguments);
180
+ };
181
+ }(),
182
+ Ec2InstanceMetadata: function() {
183
+ var _ref = _async_to_generator$a(function(options) {
184
+ var fromInstanceMetadata;
185
+ return _ts_generator$a(this, function(_state) {
186
+ switch(_state.label){
187
+ case 0:
188
+ logger === null || logger === void 0 ? void 0 : logger.debug("@aws-sdk/credential-provider-ini - credential_source is Ec2InstanceMetadata");
189
+ return [
190
+ 4,
191
+ import('./index.esm13.js')
192
+ ];
193
+ case 1:
194
+ fromInstanceMetadata = _state.sent().fromInstanceMetadata;
195
+ return [
196
+ 2,
197
+ /*#__PURE__*/ _async_to_generator$a(function() {
198
+ return _ts_generator$a(this, function(_state) {
199
+ return [
200
+ 2,
201
+ fromInstanceMetadata(options)().then(setNamedProvider)
202
+ ];
203
+ });
204
+ })
205
+ ];
206
+ }
207
+ });
208
+ });
209
+ return function(options) {
210
+ return _ref.apply(this, arguments);
211
+ };
212
+ }(),
213
+ Environment: function() {
214
+ var _ref = _async_to_generator$a(function(options) {
215
+ var fromEnv;
216
+ return _ts_generator$a(this, function(_state) {
217
+ switch(_state.label){
218
+ case 0:
219
+ logger === null || logger === void 0 ? void 0 : logger.debug("@aws-sdk/credential-provider-ini - credential_source is Environment");
220
+ return [
221
+ 4,
222
+ import('./index.esm14.js')
223
+ ];
224
+ case 1:
225
+ fromEnv = _state.sent().fromEnv;
226
+ return [
227
+ 2,
228
+ /*#__PURE__*/ _async_to_generator$a(function() {
229
+ return _ts_generator$a(this, function(_state) {
230
+ return [
231
+ 2,
232
+ fromEnv(options)().then(setNamedProvider)
233
+ ];
234
+ });
235
+ })
236
+ ];
237
+ }
238
+ });
239
+ });
240
+ return function(options) {
241
+ return _ref.apply(this, arguments);
242
+ };
243
+ }()
244
+ };
245
+ if (credentialSource in sourceProvidersMap) {
246
+ return sourceProvidersMap[credentialSource];
247
+ } else {
248
+ throw new CredentialsProviderError("Unsupported credential source in profile ".concat(profileName, ". Got ").concat(credentialSource, ", ") + "expected EcsContainer or Ec2InstanceMetadata or Environment.", {
249
+ logger: logger
250
+ });
251
+ }
252
+ };
253
+ var setNamedProvider = function(creds) {
254
+ return setCredentialFeature(creds, "CREDENTIALS_PROFILE_NAMED_PROVIDER", "p");
79
255
  };
80
256
 
81
- function asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, key, arg) {
257
+ function asyncGeneratorStep$9(gen, resolve, reject, _next, _throw, key, arg) {
82
258
  try {
83
259
  var info = gen[key](arg);
84
260
  var value = info.value;
@@ -92,22 +268,73 @@ function asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, key, arg) {
92
268
  Promise.resolve(value).then(_next, _throw);
93
269
  }
94
270
  }
95
- function _async_to_generator$1(fn) {
271
+ function _async_to_generator$9(fn) {
96
272
  return function() {
97
273
  var self = this, args = arguments;
98
274
  return new Promise(function(resolve, reject) {
99
275
  var gen = fn.apply(self, args);
100
276
  function _next(value) {
101
- asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, "next", value);
277
+ asyncGeneratorStep$9(gen, resolve, reject, _next, _throw, "next", value);
102
278
  }
103
279
  function _throw(err) {
104
- asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, "throw", err);
280
+ asyncGeneratorStep$9(gen, resolve, reject, _next, _throw, "throw", err);
105
281
  }
106
282
  _next(undefined);
107
283
  });
108
284
  };
109
285
  }
110
- function _ts_generator$1(thisArg, body) {
286
+ function _define_property$4(obj, key, value) {
287
+ if (key in obj) {
288
+ Object.defineProperty(obj, key, {
289
+ value: value,
290
+ enumerable: true,
291
+ configurable: true,
292
+ writable: true
293
+ });
294
+ } else {
295
+ obj[key] = value;
296
+ }
297
+ return obj;
298
+ }
299
+ function _object_spread$4(target) {
300
+ for(var i = 1; i < arguments.length; i++){
301
+ var source = arguments[i] != null ? arguments[i] : {};
302
+ var ownKeys = Object.keys(source);
303
+ if (typeof Object.getOwnPropertySymbols === "function") {
304
+ ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
305
+ return Object.getOwnPropertyDescriptor(source, sym).enumerable;
306
+ }));
307
+ }
308
+ ownKeys.forEach(function(key) {
309
+ _define_property$4(target, key, source[key]);
310
+ });
311
+ }
312
+ return target;
313
+ }
314
+ function ownKeys$3(object, enumerableOnly) {
315
+ var keys = Object.keys(object);
316
+ if (Object.getOwnPropertySymbols) {
317
+ var symbols = Object.getOwnPropertySymbols(object);
318
+ keys.push.apply(keys, symbols);
319
+ }
320
+ return keys;
321
+ }
322
+ function _object_spread_props$3(target, source) {
323
+ source = source != null ? source : {};
324
+ if (Object.getOwnPropertyDescriptors) {
325
+ Object.defineProperties(target, Object.getOwnPropertyDescriptors(source));
326
+ } else {
327
+ ownKeys$3(Object(source)).forEach(function(key) {
328
+ Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key));
329
+ });
330
+ }
331
+ return target;
332
+ }
333
+ function _type_of$3(obj) {
334
+ "@swc/helpers - typeof";
335
+ return obj && typeof Symbol !== "undefined" && obj.constructor === Symbol ? "symbol" : typeof obj;
336
+ }
337
+ function _ts_generator$9(thisArg, body) {
111
338
  var f, y, t, g, _ = {
112
339
  label: 0,
113
340
  sent: function() {
@@ -202,77 +429,2156 @@ function _ts_generator$1(thisArg, body) {
202
429
  };
203
430
  }
204
431
  }
205
- var resolveProcessCredentials = function() {
206
- var _ref = _async_to_generator$1(function(profileName, profiles, logger) {
207
- var profile, credentialProcess, _externalDataInterceptor_getTokenRecord, _externalDataInterceptor_getTokenRecord_exec, execPromise, stdout, data, error;
208
- return _ts_generator$1(this, function(_state) {
432
+ var isAssumeRoleProfile = function(arg) {
433
+ var _ref = arguments.length > 1 && arguments[1] !== void 0 ? arguments[1] : {}, _ref_profile = _ref.profile, profile = _ref_profile === void 0 ? "default" : _ref_profile, logger = _ref.logger;
434
+ return Boolean(arg) && (typeof arg === "undefined" ? "undefined" : _type_of$3(arg)) === "object" && typeof arg.role_arn === "string" && [
435
+ "undefined",
436
+ "string"
437
+ ].indexOf(_type_of$3(arg.role_session_name)) > -1 && [
438
+ "undefined",
439
+ "string"
440
+ ].indexOf(_type_of$3(arg.external_id)) > -1 && [
441
+ "undefined",
442
+ "string"
443
+ ].indexOf(_type_of$3(arg.mfa_serial)) > -1 && (isAssumeRoleWithSourceProfile(arg, {
444
+ profile: profile,
445
+ logger: logger
446
+ }) || isCredentialSourceProfile(arg, {
447
+ profile: profile,
448
+ logger: logger
449
+ }));
450
+ };
451
+ var isAssumeRoleWithSourceProfile = function(arg, param) {
452
+ var profile = param.profile, logger = param.logger;
453
+ var withSourceProfile = typeof arg.source_profile === "string" && typeof arg.credential_source === "undefined";
454
+ if (withSourceProfile) {
455
+ var _logger_debug;
456
+ logger === null || logger === void 0 ? void 0 : (_logger_debug = logger.debug) === null || _logger_debug === void 0 ? void 0 : _logger_debug.call(logger, " ".concat(profile, " isAssumeRoleWithSourceProfile source_profile=").concat(arg.source_profile));
457
+ }
458
+ return withSourceProfile;
459
+ };
460
+ var isCredentialSourceProfile = function(arg, param) {
461
+ var profile = param.profile, logger = param.logger;
462
+ var withProviderProfile = typeof arg.credential_source === "string" && typeof arg.source_profile === "undefined";
463
+ if (withProviderProfile) {
464
+ var _logger_debug;
465
+ logger === null || logger === void 0 ? void 0 : (_logger_debug = logger.debug) === null || _logger_debug === void 0 ? void 0 : _logger_debug.call(logger, " ".concat(profile, " isCredentialSourceProfile credential_source=").concat(arg.credential_source));
466
+ }
467
+ return withProviderProfile;
468
+ };
469
+ var resolveAssumeRoleCredentials = function() {
470
+ var _ref = _async_to_generator$9(function(profileName, profiles, options, callerClientConfig) {
471
+ var visitedProfiles, resolveProfileData, _options_logger, _options_logger1, profileData, source_profile, region, _options_parentClientConfig, getDefaultRoleAssumer, _ref, _profiles_source_profile, sourceCredsProvider, _tmp, params, mfa_serial, sourceCreds;
472
+ var _arguments = arguments;
473
+ return _ts_generator$9(this, function(_state) {
209
474
  switch(_state.label){
210
475
  case 0:
211
- profile = profiles[profileName];
212
- if (!profiles[profileName]) return [
213
- 3,
214
- 7
215
- ];
216
- credentialProcess = profile["credential_process"];
217
- if (!(credentialProcess !== undefined)) return [
476
+ visitedProfiles = _arguments.length > 4 && _arguments[4] !== void 0 ? _arguments[4] : {}, resolveProfileData = _arguments.length > 5 ? _arguments[5] : void 0;
477
+ (_options_logger = options.logger) === null || _options_logger === void 0 ? void 0 : _options_logger.debug("@aws-sdk/credential-provider-ini - resolveAssumeRoleCredentials (STS)");
478
+ profileData = profiles[profileName];
479
+ source_profile = profileData.source_profile, region = profileData.region;
480
+ if (!!options.roleAssumer) return [
218
481
  3,
219
- 5
482
+ 2
220
483
  ];
221
- execPromise = promisify((_externalDataInterceptor_getTokenRecord_exec = externalDataInterceptor === null || externalDataInterceptor === void 0 ? void 0 : (_externalDataInterceptor_getTokenRecord = externalDataInterceptor.getTokenRecord) === null || _externalDataInterceptor_getTokenRecord === void 0 ? void 0 : _externalDataInterceptor_getTokenRecord.call(externalDataInterceptor).exec) !== null && _externalDataInterceptor_getTokenRecord_exec !== void 0 ? _externalDataInterceptor_getTokenRecord_exec : exec);
222
- _state.label = 1;
223
- case 1:
224
- _state.trys.push([
225
- 1,
226
- 3,
227
- ,
228
- 4
229
- ]);
230
484
  return [
231
485
  4,
232
- execPromise(credentialProcess)
486
+ import('./index.esm15.js')
233
487
  ];
488
+ case 1:
489
+ getDefaultRoleAssumer = _state.sent().getDefaultRoleAssumer;
490
+ options.roleAssumer = getDefaultRoleAssumer(_object_spread_props$3(_object_spread$4({}, options.clientConfig), {
491
+ credentialProviderLogger: options.logger,
492
+ parentClientConfig: _object_spread_props$3(_object_spread$4({}, callerClientConfig, options === null || options === void 0 ? void 0 : options.parentClientConfig), {
493
+ region: (_ref = region !== null && region !== void 0 ? region : options === null || options === void 0 ? void 0 : (_options_parentClientConfig = options.parentClientConfig) === null || _options_parentClientConfig === void 0 ? void 0 : _options_parentClientConfig.region) !== null && _ref !== void 0 ? _ref : callerClientConfig === null || callerClientConfig === void 0 ? void 0 : callerClientConfig.region
494
+ })
495
+ }), options.clientPlugins);
496
+ _state.label = 2;
234
497
  case 2:
235
- stdout = _state.sent().stdout;
236
- try {
237
- data = JSON.parse(stdout.trim());
238
- } catch (e) {
239
- throw Error("Profile ".concat(profileName, " credential_process returned invalid JSON."));
498
+ if (source_profile && source_profile in visitedProfiles) {
499
+ throw new CredentialsProviderError("Detected a cycle attempting to resolve credentials for profile" + " ".concat(getProfileName(options), ". Profiles visited: ") + Object.keys(visitedProfiles).join(", "), {
500
+ logger: options.logger
501
+ });
240
502
  }
503
+ (_options_logger1 = options.logger) === null || _options_logger1 === void 0 ? void 0 : _options_logger1.debug("@aws-sdk/credential-provider-ini - finding credential resolver using ".concat(source_profile ? "source_profile=[".concat(source_profile, "]") : "profile=[".concat(profileName, "]")));
504
+ if (!source_profile) return [
505
+ 3,
506
+ 3
507
+ ];
508
+ _tmp = resolveProfileData(source_profile, profiles, options, callerClientConfig, _object_spread_props$3(_object_spread$4({}, visitedProfiles), _define_property$4({}, source_profile, true)), isCredentialSourceWithoutRoleArn((_profiles_source_profile = profiles[source_profile]) !== null && _profiles_source_profile !== void 0 ? _profiles_source_profile : {}));
241
509
  return [
242
- 2,
243
- getValidatedProcessCredentials(profileName, data, profiles)
510
+ 3,
511
+ 5
244
512
  ];
245
513
  case 3:
246
- error = _state.sent();
247
- throw new CredentialsProviderError(error.message, {
248
- logger: logger
249
- });
250
- case 4:
251
514
  return [
515
+ 4,
516
+ resolveCredentialSource(profileData.credential_source, profileName, options.logger)(options)
517
+ ];
518
+ case 4:
519
+ _tmp = _state.sent()();
520
+ _state.label = 5;
521
+ case 5:
522
+ sourceCredsProvider = _tmp;
523
+ if (!isCredentialSourceWithoutRoleArn(profileData)) return [
252
524
  3,
253
525
  6
254
526
  ];
255
- case 5:
256
- throw new CredentialsProviderError("Profile ".concat(profileName, " did not contain credential_process."), {
257
- logger: logger
258
- });
259
- case 6:
260
527
  return [
528
+ 2,
529
+ sourceCredsProvider.then(function(creds) {
530
+ return setCredentialFeature(creds, "CREDENTIALS_PROFILE_SOURCE_PROFILE", "o");
531
+ })
532
+ ];
533
+ case 6:
534
+ params = {
535
+ RoleArn: profileData.role_arn,
536
+ RoleSessionName: profileData.role_session_name || "aws-sdk-js-".concat(Date.now()),
537
+ ExternalId: profileData.external_id,
538
+ DurationSeconds: parseInt(profileData.duration_seconds || "3600", 10)
539
+ };
540
+ mfa_serial = profileData.mfa_serial;
541
+ if (!mfa_serial) return [
261
542
  3,
262
543
  8
263
544
  ];
545
+ if (!options.mfaCodeProvider) {
546
+ throw new CredentialsProviderError("Profile ".concat(profileName, " requires multi-factor authentication, but no MFA code callback was provided."), {
547
+ logger: options.logger,
548
+ tryNextLink: false
549
+ });
550
+ }
551
+ params.SerialNumber = mfa_serial;
552
+ return [
553
+ 4,
554
+ options.mfaCodeProvider(mfa_serial)
555
+ ];
264
556
  case 7:
265
- throw new CredentialsProviderError("Profile ".concat(profileName, " could not be found in shared credentials file."), {
266
- logger: logger
267
- });
557
+ params.TokenCode = _state.sent();
558
+ _state.label = 8;
268
559
  case 8:
560
+ return [
561
+ 4,
562
+ sourceCredsProvider
563
+ ];
564
+ case 9:
565
+ sourceCreds = _state.sent();
566
+ return [
567
+ 2,
568
+ options.roleAssumer(sourceCreds, params).then(function(creds) {
569
+ return setCredentialFeature(creds, "CREDENTIALS_PROFILE_SOURCE_PROFILE", "o");
570
+ })
571
+ ];
572
+ case 10:
269
573
  return [
270
574
  2
271
575
  ];
272
576
  }
273
577
  });
274
578
  });
275
- return function resolveProcessCredentials(profileName, profiles, logger) {
579
+ return function resolveAssumeRoleCredentials(profileName, profiles, options, callerClientConfig) {
580
+ return _ref.apply(this, arguments);
581
+ };
582
+ }();
583
+ var isCredentialSourceWithoutRoleArn = function(section) {
584
+ return !section.role_arn && !!section.credential_source;
585
+ };
586
+
587
+ function asyncGeneratorStep$8(gen, resolve, reject, _next, _throw, key, arg) {
588
+ try {
589
+ var info = gen[key](arg);
590
+ var value = info.value;
591
+ } catch (error) {
592
+ reject(error);
593
+ return;
594
+ }
595
+ if (info.done) {
596
+ resolve(value);
597
+ } else {
598
+ Promise.resolve(value).then(_next, _throw);
599
+ }
600
+ }
601
+ function _async_to_generator$8(fn) {
602
+ return function() {
603
+ var self = this, args = arguments;
604
+ return new Promise(function(resolve, reject) {
605
+ var gen = fn.apply(self, args);
606
+ function _next(value) {
607
+ asyncGeneratorStep$8(gen, resolve, reject, _next, _throw, "next", value);
608
+ }
609
+ function _throw(err) {
610
+ asyncGeneratorStep$8(gen, resolve, reject, _next, _throw, "throw", err);
611
+ }
612
+ _next(undefined);
613
+ });
614
+ };
615
+ }
616
+ function _class_call_check(instance, Constructor) {
617
+ if (!(instance instanceof Constructor)) {
618
+ throw new TypeError("Cannot call a class as a function");
619
+ }
620
+ }
621
+ function _defineProperties(target, props) {
622
+ for(var i = 0; i < props.length; i++){
623
+ var descriptor = props[i];
624
+ descriptor.enumerable = descriptor.enumerable || false;
625
+ descriptor.configurable = true;
626
+ if ("value" in descriptor) descriptor.writable = true;
627
+ Object.defineProperty(target, descriptor.key, descriptor);
628
+ }
629
+ }
630
+ function _create_class(Constructor, protoProps, staticProps) {
631
+ if (protoProps) _defineProperties(Constructor.prototype, protoProps);
632
+ return Constructor;
633
+ }
634
+ function _define_property$3(obj, key, value) {
635
+ if (key in obj) {
636
+ Object.defineProperty(obj, key, {
637
+ value: value,
638
+ enumerable: true,
639
+ configurable: true,
640
+ writable: true
641
+ });
642
+ } else {
643
+ obj[key] = value;
644
+ }
645
+ return obj;
646
+ }
647
+ function _instanceof(left, right) {
648
+ if (right != null && typeof Symbol !== "undefined" && right[Symbol.hasInstance]) {
649
+ return !!right[Symbol.hasInstance](left);
650
+ } else {
651
+ return left instanceof right;
652
+ }
653
+ }
654
+ function _object_spread$3(target) {
655
+ for(var i = 1; i < arguments.length; i++){
656
+ var source = arguments[i] != null ? arguments[i] : {};
657
+ var ownKeys = Object.keys(source);
658
+ if (typeof Object.getOwnPropertySymbols === "function") {
659
+ ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
660
+ return Object.getOwnPropertyDescriptor(source, sym).enumerable;
661
+ }));
662
+ }
663
+ ownKeys.forEach(function(key) {
664
+ _define_property$3(target, key, source[key]);
665
+ });
666
+ }
667
+ return target;
668
+ }
669
+ function ownKeys$2(object, enumerableOnly) {
670
+ var keys = Object.keys(object);
671
+ if (Object.getOwnPropertySymbols) {
672
+ var symbols = Object.getOwnPropertySymbols(object);
673
+ keys.push.apply(keys, symbols);
674
+ }
675
+ return keys;
676
+ }
677
+ function _object_spread_props$2(target, source) {
678
+ source = source != null ? source : {};
679
+ if (Object.getOwnPropertyDescriptors) {
680
+ Object.defineProperties(target, Object.getOwnPropertyDescriptors(source));
681
+ } else {
682
+ ownKeys$2(Object(source)).forEach(function(key) {
683
+ Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key));
684
+ });
685
+ }
686
+ return target;
687
+ }
688
+ function _ts_generator$8(thisArg, body) {
689
+ var f, y, t, g, _ = {
690
+ label: 0,
691
+ sent: function() {
692
+ if (t[0] & 1) throw t[1];
693
+ return t[1];
694
+ },
695
+ trys: [],
696
+ ops: []
697
+ };
698
+ return g = {
699
+ next: verb(0),
700
+ "throw": verb(1),
701
+ "return": verb(2)
702
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
703
+ return this;
704
+ }), g;
705
+ function verb(n) {
706
+ return function(v) {
707
+ return step([
708
+ n,
709
+ v
710
+ ]);
711
+ };
712
+ }
713
+ function step(op) {
714
+ if (f) throw new TypeError("Generator is already executing.");
715
+ while(_)try {
716
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
717
+ if (y = 0, t) op = [
718
+ op[0] & 2,
719
+ t.value
720
+ ];
721
+ switch(op[0]){
722
+ case 0:
723
+ case 1:
724
+ t = op;
725
+ break;
726
+ case 4:
727
+ _.label++;
728
+ return {
729
+ value: op[1],
730
+ done: false
731
+ };
732
+ case 5:
733
+ _.label++;
734
+ y = op[1];
735
+ op = [
736
+ 0
737
+ ];
738
+ continue;
739
+ case 7:
740
+ op = _.ops.pop();
741
+ _.trys.pop();
742
+ continue;
743
+ default:
744
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
745
+ _ = 0;
746
+ continue;
747
+ }
748
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
749
+ _.label = op[1];
750
+ break;
751
+ }
752
+ if (op[0] === 6 && _.label < t[1]) {
753
+ _.label = t[1];
754
+ t = op;
755
+ break;
756
+ }
757
+ if (t && _.label < t[2]) {
758
+ _.label = t[2];
759
+ _.ops.push(op);
760
+ break;
761
+ }
762
+ if (t[2]) _.ops.pop();
763
+ _.trys.pop();
764
+ continue;
765
+ }
766
+ op = body.call(thisArg, _);
767
+ } catch (e) {
768
+ op = [
769
+ 6,
770
+ e
771
+ ];
772
+ y = 0;
773
+ } finally{
774
+ f = t = 0;
775
+ }
776
+ if (op[0] & 5) throw op[1];
777
+ return {
778
+ value: op[0] ? op[1] : void 0,
779
+ done: true
780
+ };
781
+ }
782
+ }
783
+ var LoginCredentialsFetcher = /*#__PURE__*/ function() {
784
+ function LoginCredentialsFetcher(profileData, init, callerClientConfig) {
785
+ _class_call_check(this, LoginCredentialsFetcher);
786
+ _define_property$3(this, "profileData", void 0);
787
+ _define_property$3(this, "init", void 0);
788
+ _define_property$3(this, "callerClientConfig", void 0);
789
+ this.profileData = profileData;
790
+ this.init = init;
791
+ this.callerClientConfig = callerClientConfig;
792
+ }
793
+ _create_class(LoginCredentialsFetcher, [
794
+ {
795
+ key: "loadCredentials",
796
+ value: function loadCredentials() {
797
+ var _this = this;
798
+ return _async_to_generator$8(function() {
799
+ var token, accessToken, now, expiryTime, timeUntilExpiry;
800
+ return _ts_generator$8(this, function(_state) {
801
+ switch(_state.label){
802
+ case 0:
803
+ return [
804
+ 4,
805
+ _this.loadToken()
806
+ ];
807
+ case 1:
808
+ token = _state.sent();
809
+ if (!token) {
810
+ throw new CredentialsProviderError("Failed to load a token for session ".concat(_this.loginSession, ", please re-authenticate using aws login"), {
811
+ tryNextLink: false,
812
+ logger: _this.logger
813
+ });
814
+ }
815
+ accessToken = token.accessToken;
816
+ now = Date.now();
817
+ expiryTime = new Date(accessToken.expiresAt).getTime();
818
+ timeUntilExpiry = expiryTime - now;
819
+ if (timeUntilExpiry <= LoginCredentialsFetcher.REFRESH_THRESHOLD) {
820
+ return [
821
+ 2,
822
+ _this.refresh(token)
823
+ ];
824
+ }
825
+ return [
826
+ 2,
827
+ {
828
+ accessKeyId: accessToken.accessKeyId,
829
+ secretAccessKey: accessToken.secretAccessKey,
830
+ sessionToken: accessToken.sessionToken,
831
+ accountId: accessToken.accountId,
832
+ expiration: new Date(accessToken.expiresAt)
833
+ }
834
+ ];
835
+ }
836
+ });
837
+ })();
838
+ }
839
+ },
840
+ {
841
+ key: "logger",
842
+ get: function get() {
843
+ var _this_init;
844
+ return (_this_init = this.init) === null || _this_init === void 0 ? void 0 : _this_init.logger;
845
+ }
846
+ },
847
+ {
848
+ key: "loginSession",
849
+ get: function get() {
850
+ return this.profileData.login_session;
851
+ }
852
+ },
853
+ {
854
+ key: "refresh",
855
+ value: function refresh(token) {
856
+ var _this = this;
857
+ return _async_to_generator$8(function() {
858
+ var _this_callerClientConfig, _this_callerClientConfig1, _this_callerClientConfig_region, _this_callerClientConfig2, _this_init, _ref, SigninClient, CreateOAuth2TokenCommand, _this_callerClientConfig3, _ref1, logger, userAgentAppId, isH2, requestHandler, _this_profileData_region, _ref2, region, _tmp, client, commandInput, _response_tokenOutput, response, _response_tokenOutput_accessToken, _ref3, accessKeyId, secretAccessKey, sessionToken, _response_tokenOutput1, _ref4, refreshToken, expiresIn, expiresInMs, expiration, updatedToken, newAccessToken, error, errorType, message;
859
+ return _ts_generator$8(this, function(_state) {
860
+ switch(_state.label){
861
+ case 0:
862
+ return [
863
+ 4,
864
+ import('./index.esm16.js')
865
+ ];
866
+ case 1:
867
+ _ref = _state.sent(), SigninClient = _ref.SigninClient, CreateOAuth2TokenCommand = _ref.CreateOAuth2TokenCommand;
868
+ _ref1 = (_this_callerClientConfig3 = _this.callerClientConfig) !== null && _this_callerClientConfig3 !== void 0 ? _this_callerClientConfig3 : {}, logger = _ref1.logger, userAgentAppId = _ref1.userAgentAppId;
869
+ isH2 = function(requestHandler) {
870
+ var _requestHandler_metadata;
871
+ return (requestHandler === null || requestHandler === void 0 ? void 0 : (_requestHandler_metadata = requestHandler.metadata) === null || _requestHandler_metadata === void 0 ? void 0 : _requestHandler_metadata.handlerProtocol) === "h2";
872
+ };
873
+ requestHandler = isH2((_this_callerClientConfig = _this.callerClientConfig) === null || _this_callerClientConfig === void 0 ? void 0 : _this_callerClientConfig.requestHandler) ? undefined : (_this_callerClientConfig1 = _this.callerClientConfig) === null || _this_callerClientConfig1 === void 0 ? void 0 : _this_callerClientConfig1.requestHandler;
874
+ if (!((_this_profileData_region = _this.profileData.region) !== null && _this_profileData_region !== void 0)) return [
875
+ 3,
876
+ 2
877
+ ];
878
+ _tmp = _this_profileData_region;
879
+ return [
880
+ 3,
881
+ 4
882
+ ];
883
+ case 2:
884
+ return [
885
+ 4,
886
+ (_this_callerClientConfig2 = _this.callerClientConfig) === null || _this_callerClientConfig2 === void 0 ? void 0 : (_this_callerClientConfig_region = _this_callerClientConfig2.region) === null || _this_callerClientConfig_region === void 0 ? void 0 : _this_callerClientConfig_region.call(_this_callerClientConfig2)
887
+ ];
888
+ case 3:
889
+ _tmp = _state.sent();
890
+ _state.label = 4;
891
+ case 4:
892
+ region = (_ref2 = _tmp) !== null && _ref2 !== void 0 ? _ref2 : process.env.AWS_REGION;
893
+ client = new SigninClient(_object_spread$3({
894
+ credentials: {
895
+ accessKeyId: "",
896
+ secretAccessKey: ""
897
+ },
898
+ region: region,
899
+ requestHandler: requestHandler,
900
+ logger: logger,
901
+ userAgentAppId: userAgentAppId
902
+ }, (_this_init = _this.init) === null || _this_init === void 0 ? void 0 : _this_init.clientConfig));
903
+ _this.createDPoPInterceptor(client.middlewareStack);
904
+ commandInput = {
905
+ tokenInput: {
906
+ clientId: token.clientId,
907
+ refreshToken: token.refreshToken,
908
+ grantType: "refresh_token"
909
+ }
910
+ };
911
+ _state.label = 5;
912
+ case 5:
913
+ _state.trys.push([
914
+ 5,
915
+ 8,
916
+ ,
917
+ 9
918
+ ]);
919
+ return [
920
+ 4,
921
+ client.send(new CreateOAuth2TokenCommand(commandInput))
922
+ ];
923
+ case 6:
924
+ response = _state.sent();
925
+ _ref3 = (_response_tokenOutput_accessToken = (_response_tokenOutput = response.tokenOutput) === null || _response_tokenOutput === void 0 ? void 0 : _response_tokenOutput.accessToken) !== null && _response_tokenOutput_accessToken !== void 0 ? _response_tokenOutput_accessToken : {}, accessKeyId = _ref3.accessKeyId, secretAccessKey = _ref3.secretAccessKey, sessionToken = _ref3.sessionToken;
926
+ _ref4 = (_response_tokenOutput1 = response.tokenOutput) !== null && _response_tokenOutput1 !== void 0 ? _response_tokenOutput1 : {}, refreshToken = _ref4.refreshToken, expiresIn = _ref4.expiresIn;
927
+ if (!accessKeyId || !secretAccessKey || !sessionToken || !refreshToken) {
928
+ throw new CredentialsProviderError("Token refresh response missing required fields", {
929
+ logger: _this.logger,
930
+ tryNextLink: false
931
+ });
932
+ }
933
+ expiresInMs = (expiresIn !== null && expiresIn !== void 0 ? expiresIn : 900) * 1000;
934
+ expiration = new Date(Date.now() + expiresInMs);
935
+ updatedToken = _object_spread_props$2(_object_spread$3({}, token), {
936
+ accessToken: _object_spread_props$2(_object_spread$3({}, token.accessToken), {
937
+ accessKeyId: accessKeyId,
938
+ secretAccessKey: secretAccessKey,
939
+ sessionToken: sessionToken,
940
+ expiresAt: expiration.toISOString()
941
+ }),
942
+ refreshToken: refreshToken
943
+ });
944
+ return [
945
+ 4,
946
+ _this.saveToken(updatedToken)
947
+ ];
948
+ case 7:
949
+ _state.sent();
950
+ newAccessToken = updatedToken.accessToken;
951
+ return [
952
+ 2,
953
+ {
954
+ accessKeyId: newAccessToken.accessKeyId,
955
+ secretAccessKey: newAccessToken.secretAccessKey,
956
+ sessionToken: newAccessToken.sessionToken,
957
+ accountId: newAccessToken.accountId,
958
+ expiration: expiration
959
+ }
960
+ ];
961
+ case 8:
962
+ error = _state.sent();
963
+ if (error.name === "AccessDeniedException") {
964
+ errorType = error.error;
965
+ switch(errorType){
966
+ case "TOKEN_EXPIRED":
967
+ message = "Your session has expired. Please reauthenticate.";
968
+ break;
969
+ case "USER_CREDENTIALS_CHANGED":
970
+ message = "Unable to refresh credentials because of a change in your password. Please reauthenticate with your new password.";
971
+ break;
972
+ case "INSUFFICIENT_PERMISSIONS":
973
+ message = "Unable to refresh credentials due to insufficient permissions. You may be missing permission for the 'CreateOAuth2Token' action.";
974
+ break;
975
+ default:
976
+ message = "Failed to refresh token: ".concat(String(error), ". Please re-authenticate using `aws login`");
977
+ }
978
+ throw new CredentialsProviderError(message, {
979
+ logger: _this.logger,
980
+ tryNextLink: false
981
+ });
982
+ }
983
+ throw new CredentialsProviderError("Failed to refresh token: ".concat(String(error), ". Please re-authenticate using aws login"), {
984
+ logger: _this.logger
985
+ });
986
+ case 9:
987
+ return [
988
+ 2
989
+ ];
990
+ }
991
+ });
992
+ })();
993
+ }
994
+ },
995
+ {
996
+ key: "loadToken",
997
+ value: function loadToken() {
998
+ var _this = this;
999
+ return _async_to_generator$8(function() {
1000
+ var tokenFilePath, _token_accessToken, tokenData, _this_init, token, missingFields, error;
1001
+ return _ts_generator$8(this, function(_state) {
1002
+ switch(_state.label){
1003
+ case 0:
1004
+ tokenFilePath = _this.getTokenFilePath();
1005
+ _state.label = 1;
1006
+ case 1:
1007
+ _state.trys.push([
1008
+ 1,
1009
+ 7,
1010
+ ,
1011
+ 8
1012
+ ]);
1013
+ _state.label = 2;
1014
+ case 2:
1015
+ _state.trys.push([
1016
+ 2,
1017
+ 4,
1018
+ ,
1019
+ 6
1020
+ ]);
1021
+ return [
1022
+ 4,
1023
+ readFile(tokenFilePath, {
1024
+ ignoreCache: (_this_init = _this.init) === null || _this_init === void 0 ? void 0 : _this_init.ignoreCache
1025
+ })
1026
+ ];
1027
+ case 3:
1028
+ tokenData = _state.sent();
1029
+ return [
1030
+ 3,
1031
+ 6
1032
+ ];
1033
+ case 4:
1034
+ _state.sent();
1035
+ return [
1036
+ 4,
1037
+ promises.readFile(tokenFilePath, "utf8")
1038
+ ];
1039
+ case 5:
1040
+ tokenData = _state.sent();
1041
+ return [
1042
+ 3,
1043
+ 6
1044
+ ];
1045
+ case 6:
1046
+ token = JSON.parse(tokenData);
1047
+ missingFields = [
1048
+ "accessToken",
1049
+ "clientId",
1050
+ "refreshToken",
1051
+ "dpopKey"
1052
+ ].filter(function(k) {
1053
+ return !token[k];
1054
+ });
1055
+ if (!((_token_accessToken = token.accessToken) === null || _token_accessToken === void 0 ? void 0 : _token_accessToken.accountId)) {
1056
+ missingFields.push("accountId");
1057
+ }
1058
+ if (missingFields.length > 0) {
1059
+ throw new CredentialsProviderError("Token validation failed, missing fields: ".concat(missingFields.join(", ")), {
1060
+ logger: _this.logger,
1061
+ tryNextLink: false
1062
+ });
1063
+ }
1064
+ return [
1065
+ 2,
1066
+ token
1067
+ ];
1068
+ case 7:
1069
+ error = _state.sent();
1070
+ throw new CredentialsProviderError("Failed to load token from ".concat(tokenFilePath, ": ").concat(String(error)), {
1071
+ logger: _this.logger,
1072
+ tryNextLink: false
1073
+ });
1074
+ case 8:
1075
+ return [
1076
+ 2
1077
+ ];
1078
+ }
1079
+ });
1080
+ })();
1081
+ }
1082
+ },
1083
+ {
1084
+ key: "saveToken",
1085
+ value: function saveToken(token) {
1086
+ var _this = this;
1087
+ return _async_to_generator$8(function() {
1088
+ var tokenFilePath, directory;
1089
+ return _ts_generator$8(this, function(_state) {
1090
+ switch(_state.label){
1091
+ case 0:
1092
+ tokenFilePath = _this.getTokenFilePath();
1093
+ directory = dirname(tokenFilePath);
1094
+ _state.label = 1;
1095
+ case 1:
1096
+ _state.trys.push([
1097
+ 1,
1098
+ 3,
1099
+ ,
1100
+ 4
1101
+ ]);
1102
+ return [
1103
+ 4,
1104
+ promises.mkdir(directory, {
1105
+ recursive: true
1106
+ })
1107
+ ];
1108
+ case 2:
1109
+ _state.sent();
1110
+ return [
1111
+ 3,
1112
+ 4
1113
+ ];
1114
+ case 3:
1115
+ _state.sent();
1116
+ return [
1117
+ 3,
1118
+ 4
1119
+ ];
1120
+ case 4:
1121
+ return [
1122
+ 4,
1123
+ promises.writeFile(tokenFilePath, JSON.stringify(token, null, 2), "utf8")
1124
+ ];
1125
+ case 5:
1126
+ _state.sent();
1127
+ return [
1128
+ 2
1129
+ ];
1130
+ }
1131
+ });
1132
+ })();
1133
+ }
1134
+ },
1135
+ {
1136
+ key: "getTokenFilePath",
1137
+ value: function getTokenFilePath() {
1138
+ var _process_env_AWS_LOGIN_CACHE_DIRECTORY;
1139
+ var directory = (_process_env_AWS_LOGIN_CACHE_DIRECTORY = process.env.AWS_LOGIN_CACHE_DIRECTORY) !== null && _process_env_AWS_LOGIN_CACHE_DIRECTORY !== void 0 ? _process_env_AWS_LOGIN_CACHE_DIRECTORY : join(homedir(), ".aws", "login", "cache");
1140
+ var loginSessionBytes = Buffer.from(this.loginSession, "utf8");
1141
+ var loginSessionSha256 = createHash("sha256").update(loginSessionBytes).digest("hex");
1142
+ return join(directory, "".concat(loginSessionSha256, ".json"));
1143
+ }
1144
+ },
1145
+ {
1146
+ key: "derToRawSignature",
1147
+ value: function derToRawSignature(derSignature) {
1148
+ var offset = 2;
1149
+ if (derSignature[offset] !== 0x02) {
1150
+ throw new Error("Invalid DER signature");
1151
+ }
1152
+ offset++;
1153
+ var rLength = derSignature[offset++];
1154
+ var r = derSignature.subarray(offset, offset + rLength);
1155
+ offset += rLength;
1156
+ if (derSignature[offset] !== 0x02) {
1157
+ throw new Error("Invalid DER signature");
1158
+ }
1159
+ offset++;
1160
+ var sLength = derSignature[offset++];
1161
+ var s = derSignature.subarray(offset, offset + sLength);
1162
+ r = r[0] === 0x00 ? r.subarray(1) : r;
1163
+ s = s[0] === 0x00 ? s.subarray(1) : s;
1164
+ var rPadded = Buffer.concat([
1165
+ Buffer.alloc(32 - r.length),
1166
+ r
1167
+ ]);
1168
+ var sPadded = Buffer.concat([
1169
+ Buffer.alloc(32 - s.length),
1170
+ s
1171
+ ]);
1172
+ return Buffer.concat([
1173
+ rPadded,
1174
+ sPadded
1175
+ ]);
1176
+ }
1177
+ },
1178
+ {
1179
+ key: "createDPoPInterceptor",
1180
+ value: function createDPoPInterceptor(middlewareStack) {
1181
+ var _this = this;
1182
+ middlewareStack.add(function(next) {
1183
+ return function() {
1184
+ var _ref = _async_to_generator$8(function(args) {
1185
+ var request, actualEndpoint, dpop;
1186
+ return _ts_generator$8(this, function(_state) {
1187
+ switch(_state.label){
1188
+ case 0:
1189
+ if (!HttpRequest.isInstance(args.request)) return [
1190
+ 3,
1191
+ 2
1192
+ ];
1193
+ request = args.request;
1194
+ actualEndpoint = "".concat(request.protocol, "//").concat(request.hostname).concat(request.port ? ":".concat(request.port) : "").concat(request.path);
1195
+ return [
1196
+ 4,
1197
+ _this.generateDpop(request.method, actualEndpoint)
1198
+ ];
1199
+ case 1:
1200
+ dpop = _state.sent();
1201
+ request.headers = _object_spread_props$2(_object_spread$3({}, request.headers), {
1202
+ DPoP: dpop
1203
+ });
1204
+ _state.label = 2;
1205
+ case 2:
1206
+ return [
1207
+ 2,
1208
+ next(args)
1209
+ ];
1210
+ }
1211
+ });
1212
+ });
1213
+ return function(args) {
1214
+ return _ref.apply(this, arguments);
1215
+ };
1216
+ }();
1217
+ }, {
1218
+ step: "finalizeRequest",
1219
+ name: "dpopInterceptor",
1220
+ override: true
1221
+ });
1222
+ }
1223
+ },
1224
+ {
1225
+ key: "generateDpop",
1226
+ value: function generateDpop() {
1227
+ var method = arguments.length > 0 && arguments[0] !== void 0 ? arguments[0] : "POST", endpoint = arguments.length > 1 ? arguments[1] : void 0;
1228
+ var _this = this;
1229
+ return _async_to_generator$8(function() {
1230
+ var token, privateKey, publicKey, publicDer, pointStart, i, x, y, header, payload, headerB64, payloadB64, message, asn1Signature, rawSignature, signatureB64;
1231
+ return _ts_generator$8(this, function(_state) {
1232
+ switch(_state.label){
1233
+ case 0:
1234
+ return [
1235
+ 4,
1236
+ _this.loadToken()
1237
+ ];
1238
+ case 1:
1239
+ token = _state.sent();
1240
+ try {
1241
+ privateKey = createPrivateKey({
1242
+ key: token.dpopKey,
1243
+ format: "pem",
1244
+ type: "sec1"
1245
+ });
1246
+ publicKey = createPublicKey(privateKey);
1247
+ publicDer = publicKey.export({
1248
+ format: "der",
1249
+ type: "spki"
1250
+ });
1251
+ pointStart = -1;
1252
+ for(i = 0; i < publicDer.length; i++){
1253
+ if (publicDer[i] === 0x04) {
1254
+ pointStart = i;
1255
+ break;
1256
+ }
1257
+ }
1258
+ x = publicDer.slice(pointStart + 1, pointStart + 33);
1259
+ y = publicDer.slice(pointStart + 33, pointStart + 65);
1260
+ header = {
1261
+ alg: "ES256",
1262
+ typ: "dpop+jwt",
1263
+ jwk: {
1264
+ kty: "EC",
1265
+ crv: "P-256",
1266
+ x: x.toString("base64url"),
1267
+ y: y.toString("base64url")
1268
+ }
1269
+ };
1270
+ payload = {
1271
+ jti: crypto.randomUUID(),
1272
+ htm: method,
1273
+ htu: endpoint,
1274
+ iat: Math.floor(Date.now() / 1000)
1275
+ };
1276
+ headerB64 = Buffer.from(JSON.stringify(header)).toString("base64url");
1277
+ payloadB64 = Buffer.from(JSON.stringify(payload)).toString("base64url");
1278
+ message = "".concat(headerB64, ".").concat(payloadB64);
1279
+ asn1Signature = sign("sha256", Buffer.from(message), privateKey);
1280
+ rawSignature = _this.derToRawSignature(asn1Signature);
1281
+ signatureB64 = rawSignature.toString("base64url");
1282
+ return [
1283
+ 2,
1284
+ "".concat(message, ".").concat(signatureB64)
1285
+ ];
1286
+ } catch (error) {
1287
+ throw new CredentialsProviderError("Failed to generate Dpop proof: ".concat(_instanceof(error, Error) ? error.message : String(error)), {
1288
+ logger: _this.logger,
1289
+ tryNextLink: false
1290
+ });
1291
+ }
1292
+ return [
1293
+ 2
1294
+ ];
1295
+ }
1296
+ });
1297
+ })();
1298
+ }
1299
+ }
1300
+ ]);
1301
+ return LoginCredentialsFetcher;
1302
+ }();
1303
+ _define_property$3(LoginCredentialsFetcher, "REFRESH_THRESHOLD", 5 * 60 * 1000);
1304
+
1305
+ function asyncGeneratorStep$7(gen, resolve, reject, _next, _throw, key, arg) {
1306
+ try {
1307
+ var info = gen[key](arg);
1308
+ var value = info.value;
1309
+ } catch (error) {
1310
+ reject(error);
1311
+ return;
1312
+ }
1313
+ if (info.done) {
1314
+ resolve(value);
1315
+ } else {
1316
+ Promise.resolve(value).then(_next, _throw);
1317
+ }
1318
+ }
1319
+ function _async_to_generator$7(fn) {
1320
+ return function() {
1321
+ var self = this, args = arguments;
1322
+ return new Promise(function(resolve, reject) {
1323
+ var gen = fn.apply(self, args);
1324
+ function _next(value) {
1325
+ asyncGeneratorStep$7(gen, resolve, reject, _next, _throw, "next", value);
1326
+ }
1327
+ function _throw(err) {
1328
+ asyncGeneratorStep$7(gen, resolve, reject, _next, _throw, "throw", err);
1329
+ }
1330
+ _next(undefined);
1331
+ });
1332
+ };
1333
+ }
1334
+ function _ts_generator$7(thisArg, body) {
1335
+ var f, y, t, g, _ = {
1336
+ label: 0,
1337
+ sent: function() {
1338
+ if (t[0] & 1) throw t[1];
1339
+ return t[1];
1340
+ },
1341
+ trys: [],
1342
+ ops: []
1343
+ };
1344
+ return g = {
1345
+ next: verb(0),
1346
+ "throw": verb(1),
1347
+ "return": verb(2)
1348
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
1349
+ return this;
1350
+ }), g;
1351
+ function verb(n) {
1352
+ return function(v) {
1353
+ return step([
1354
+ n,
1355
+ v
1356
+ ]);
1357
+ };
1358
+ }
1359
+ function step(op) {
1360
+ if (f) throw new TypeError("Generator is already executing.");
1361
+ while(_)try {
1362
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
1363
+ if (y = 0, t) op = [
1364
+ op[0] & 2,
1365
+ t.value
1366
+ ];
1367
+ switch(op[0]){
1368
+ case 0:
1369
+ case 1:
1370
+ t = op;
1371
+ break;
1372
+ case 4:
1373
+ _.label++;
1374
+ return {
1375
+ value: op[1],
1376
+ done: false
1377
+ };
1378
+ case 5:
1379
+ _.label++;
1380
+ y = op[1];
1381
+ op = [
1382
+ 0
1383
+ ];
1384
+ continue;
1385
+ case 7:
1386
+ op = _.ops.pop();
1387
+ _.trys.pop();
1388
+ continue;
1389
+ default:
1390
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
1391
+ _ = 0;
1392
+ continue;
1393
+ }
1394
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
1395
+ _.label = op[1];
1396
+ break;
1397
+ }
1398
+ if (op[0] === 6 && _.label < t[1]) {
1399
+ _.label = t[1];
1400
+ t = op;
1401
+ break;
1402
+ }
1403
+ if (t && _.label < t[2]) {
1404
+ _.label = t[2];
1405
+ _.ops.push(op);
1406
+ break;
1407
+ }
1408
+ if (t[2]) _.ops.pop();
1409
+ _.trys.pop();
1410
+ continue;
1411
+ }
1412
+ op = body.call(thisArg, _);
1413
+ } catch (e) {
1414
+ op = [
1415
+ 6,
1416
+ e
1417
+ ];
1418
+ y = 0;
1419
+ } finally{
1420
+ f = t = 0;
1421
+ }
1422
+ if (op[0] & 5) throw op[1];
1423
+ return {
1424
+ value: op[0] ? op[1] : void 0,
1425
+ done: true
1426
+ };
1427
+ }
1428
+ }
1429
+ var fromLoginCredentials = function(init) {
1430
+ return /*#__PURE__*/ _async_to_generator$7(function() {
1431
+ var callerClientConfig, _init_logger_debug, _init_logger, profiles, _init_profile, profileName, profile, fetcher, credentials;
1432
+ var _arguments = arguments;
1433
+ return _ts_generator$7(this, function(_state) {
1434
+ switch(_state.label){
1435
+ case 0:
1436
+ callerClientConfig = (_arguments.length > 0 && _arguments[0] !== void 0 ? _arguments[0] : {}).callerClientConfig;
1437
+ init === null || init === void 0 ? void 0 : (_init_logger = init.logger) === null || _init_logger === void 0 ? void 0 : (_init_logger_debug = _init_logger.debug) === null || _init_logger_debug === void 0 ? void 0 : _init_logger_debug.call(_init_logger, "@aws-sdk/credential-providers - fromLoginCredentials");
1438
+ return [
1439
+ 4,
1440
+ parseKnownFiles(init || {})
1441
+ ];
1442
+ case 1:
1443
+ profiles = _state.sent();
1444
+ profileName = getProfileName({
1445
+ profile: (_init_profile = init === null || init === void 0 ? void 0 : init.profile) !== null && _init_profile !== void 0 ? _init_profile : callerClientConfig === null || callerClientConfig === void 0 ? void 0 : callerClientConfig.profile
1446
+ });
1447
+ profile = profiles[profileName];
1448
+ if (!(profile === null || profile === void 0 ? void 0 : profile.login_session)) {
1449
+ throw new CredentialsProviderError("Profile ".concat(profileName, " does not contain login_session."), {
1450
+ tryNextLink: true,
1451
+ logger: init === null || init === void 0 ? void 0 : init.logger
1452
+ });
1453
+ }
1454
+ fetcher = new LoginCredentialsFetcher(profile, init, callerClientConfig);
1455
+ return [
1456
+ 4,
1457
+ fetcher.loadCredentials()
1458
+ ];
1459
+ case 2:
1460
+ credentials = _state.sent();
1461
+ return [
1462
+ 2,
1463
+ setCredentialFeature(credentials, "CREDENTIALS_LOGIN", "AD")
1464
+ ];
1465
+ }
1466
+ });
1467
+ });
1468
+ };
1469
+
1470
+ function asyncGeneratorStep$6(gen, resolve, reject, _next, _throw, key, arg) {
1471
+ try {
1472
+ var info = gen[key](arg);
1473
+ var value = info.value;
1474
+ } catch (error) {
1475
+ reject(error);
1476
+ return;
1477
+ }
1478
+ if (info.done) {
1479
+ resolve(value);
1480
+ } else {
1481
+ Promise.resolve(value).then(_next, _throw);
1482
+ }
1483
+ }
1484
+ function _async_to_generator$6(fn) {
1485
+ return function() {
1486
+ var self = this, args = arguments;
1487
+ return new Promise(function(resolve, reject) {
1488
+ var gen = fn.apply(self, args);
1489
+ function _next(value) {
1490
+ asyncGeneratorStep$6(gen, resolve, reject, _next, _throw, "next", value);
1491
+ }
1492
+ function _throw(err) {
1493
+ asyncGeneratorStep$6(gen, resolve, reject, _next, _throw, "throw", err);
1494
+ }
1495
+ _next(undefined);
1496
+ });
1497
+ };
1498
+ }
1499
+ function _define_property$2(obj, key, value) {
1500
+ if (key in obj) {
1501
+ Object.defineProperty(obj, key, {
1502
+ value: value,
1503
+ enumerable: true,
1504
+ configurable: true,
1505
+ writable: true
1506
+ });
1507
+ } else {
1508
+ obj[key] = value;
1509
+ }
1510
+ return obj;
1511
+ }
1512
+ function _object_spread$2(target) {
1513
+ for(var i = 1; i < arguments.length; i++){
1514
+ var source = arguments[i] != null ? arguments[i] : {};
1515
+ var ownKeys = Object.keys(source);
1516
+ if (typeof Object.getOwnPropertySymbols === "function") {
1517
+ ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
1518
+ return Object.getOwnPropertyDescriptor(source, sym).enumerable;
1519
+ }));
1520
+ }
1521
+ ownKeys.forEach(function(key) {
1522
+ _define_property$2(target, key, source[key]);
1523
+ });
1524
+ }
1525
+ return target;
1526
+ }
1527
+ function ownKeys$1(object, enumerableOnly) {
1528
+ var keys = Object.keys(object);
1529
+ if (Object.getOwnPropertySymbols) {
1530
+ var symbols = Object.getOwnPropertySymbols(object);
1531
+ keys.push.apply(keys, symbols);
1532
+ }
1533
+ return keys;
1534
+ }
1535
+ function _object_spread_props$1(target, source) {
1536
+ source = source != null ? source : {};
1537
+ if (Object.getOwnPropertyDescriptors) {
1538
+ Object.defineProperties(target, Object.getOwnPropertyDescriptors(source));
1539
+ } else {
1540
+ ownKeys$1(Object(source)).forEach(function(key) {
1541
+ Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key));
1542
+ });
1543
+ }
1544
+ return target;
1545
+ }
1546
+ function _ts_generator$6(thisArg, body) {
1547
+ var f, y, t, g, _ = {
1548
+ label: 0,
1549
+ sent: function() {
1550
+ if (t[0] & 1) throw t[1];
1551
+ return t[1];
1552
+ },
1553
+ trys: [],
1554
+ ops: []
1555
+ };
1556
+ return g = {
1557
+ next: verb(0),
1558
+ "throw": verb(1),
1559
+ "return": verb(2)
1560
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
1561
+ return this;
1562
+ }), g;
1563
+ function verb(n) {
1564
+ return function(v) {
1565
+ return step([
1566
+ n,
1567
+ v
1568
+ ]);
1569
+ };
1570
+ }
1571
+ function step(op) {
1572
+ if (f) throw new TypeError("Generator is already executing.");
1573
+ while(_)try {
1574
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
1575
+ if (y = 0, t) op = [
1576
+ op[0] & 2,
1577
+ t.value
1578
+ ];
1579
+ switch(op[0]){
1580
+ case 0:
1581
+ case 1:
1582
+ t = op;
1583
+ break;
1584
+ case 4:
1585
+ _.label++;
1586
+ return {
1587
+ value: op[1],
1588
+ done: false
1589
+ };
1590
+ case 5:
1591
+ _.label++;
1592
+ y = op[1];
1593
+ op = [
1594
+ 0
1595
+ ];
1596
+ continue;
1597
+ case 7:
1598
+ op = _.ops.pop();
1599
+ _.trys.pop();
1600
+ continue;
1601
+ default:
1602
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
1603
+ _ = 0;
1604
+ continue;
1605
+ }
1606
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
1607
+ _.label = op[1];
1608
+ break;
1609
+ }
1610
+ if (op[0] === 6 && _.label < t[1]) {
1611
+ _.label = t[1];
1612
+ t = op;
1613
+ break;
1614
+ }
1615
+ if (t && _.label < t[2]) {
1616
+ _.label = t[2];
1617
+ _.ops.push(op);
1618
+ break;
1619
+ }
1620
+ if (t[2]) _.ops.pop();
1621
+ _.trys.pop();
1622
+ continue;
1623
+ }
1624
+ op = body.call(thisArg, _);
1625
+ } catch (e) {
1626
+ op = [
1627
+ 6,
1628
+ e
1629
+ ];
1630
+ y = 0;
1631
+ } finally{
1632
+ f = t = 0;
1633
+ }
1634
+ if (op[0] & 5) throw op[1];
1635
+ return {
1636
+ value: op[0] ? op[1] : void 0,
1637
+ done: true
1638
+ };
1639
+ }
1640
+ }
1641
+ var isLoginProfile = function(data) {
1642
+ return Boolean(data && data.login_session);
1643
+ };
1644
+ var resolveLoginCredentials = function() {
1645
+ var _ref = _async_to_generator$6(function(profileName, options, callerClientConfig) {
1646
+ var credentials;
1647
+ return _ts_generator$6(this, function(_state) {
1648
+ switch(_state.label){
1649
+ case 0:
1650
+ return [
1651
+ 4,
1652
+ fromLoginCredentials(_object_spread_props$1(_object_spread$2({}, options), {
1653
+ profile: profileName
1654
+ }))({
1655
+ callerClientConfig: callerClientConfig
1656
+ })
1657
+ ];
1658
+ case 1:
1659
+ credentials = _state.sent();
1660
+ return [
1661
+ 2,
1662
+ setCredentialFeature(credentials, "CREDENTIALS_PROFILE_LOGIN", "AC")
1663
+ ];
1664
+ }
1665
+ });
1666
+ });
1667
+ return function resolveLoginCredentials(profileName, options, callerClientConfig) {
1668
+ return _ref.apply(this, arguments);
1669
+ };
1670
+ }();
1671
+
1672
+ function asyncGeneratorStep$5(gen, resolve, reject, _next, _throw, key, arg) {
1673
+ try {
1674
+ var info = gen[key](arg);
1675
+ var value = info.value;
1676
+ } catch (error) {
1677
+ reject(error);
1678
+ return;
1679
+ }
1680
+ if (info.done) {
1681
+ resolve(value);
1682
+ } else {
1683
+ Promise.resolve(value).then(_next, _throw);
1684
+ }
1685
+ }
1686
+ function _async_to_generator$5(fn) {
1687
+ return function() {
1688
+ var self = this, args = arguments;
1689
+ return new Promise(function(resolve, reject) {
1690
+ var gen = fn.apply(self, args);
1691
+ function _next(value) {
1692
+ asyncGeneratorStep$5(gen, resolve, reject, _next, _throw, "next", value);
1693
+ }
1694
+ function _throw(err) {
1695
+ asyncGeneratorStep$5(gen, resolve, reject, _next, _throw, "throw", err);
1696
+ }
1697
+ _next(undefined);
1698
+ });
1699
+ };
1700
+ }
1701
+ function _define_property$1(obj, key, value) {
1702
+ if (key in obj) {
1703
+ Object.defineProperty(obj, key, {
1704
+ value: value,
1705
+ enumerable: true,
1706
+ configurable: true,
1707
+ writable: true
1708
+ });
1709
+ } else {
1710
+ obj[key] = value;
1711
+ }
1712
+ return obj;
1713
+ }
1714
+ function _object_spread$1(target) {
1715
+ for(var i = 1; i < arguments.length; i++){
1716
+ var source = arguments[i] != null ? arguments[i] : {};
1717
+ var ownKeys = Object.keys(source);
1718
+ if (typeof Object.getOwnPropertySymbols === "function") {
1719
+ ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
1720
+ return Object.getOwnPropertyDescriptor(source, sym).enumerable;
1721
+ }));
1722
+ }
1723
+ ownKeys.forEach(function(key) {
1724
+ _define_property$1(target, key, source[key]);
1725
+ });
1726
+ }
1727
+ return target;
1728
+ }
1729
+ function ownKeys(object, enumerableOnly) {
1730
+ var keys = Object.keys(object);
1731
+ if (Object.getOwnPropertySymbols) {
1732
+ var symbols = Object.getOwnPropertySymbols(object);
1733
+ keys.push.apply(keys, symbols);
1734
+ }
1735
+ return keys;
1736
+ }
1737
+ function _object_spread_props(target, source) {
1738
+ source = source != null ? source : {};
1739
+ if (Object.getOwnPropertyDescriptors) {
1740
+ Object.defineProperties(target, Object.getOwnPropertyDescriptors(source));
1741
+ } else {
1742
+ ownKeys(Object(source)).forEach(function(key) {
1743
+ Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key));
1744
+ });
1745
+ }
1746
+ return target;
1747
+ }
1748
+ function _type_of$2(obj) {
1749
+ "@swc/helpers - typeof";
1750
+ return obj && typeof Symbol !== "undefined" && obj.constructor === Symbol ? "symbol" : typeof obj;
1751
+ }
1752
+ function _ts_generator$5(thisArg, body) {
1753
+ var f, y, t, g, _ = {
1754
+ label: 0,
1755
+ sent: function() {
1756
+ if (t[0] & 1) throw t[1];
1757
+ return t[1];
1758
+ },
1759
+ trys: [],
1760
+ ops: []
1761
+ };
1762
+ return g = {
1763
+ next: verb(0),
1764
+ "throw": verb(1),
1765
+ "return": verb(2)
1766
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
1767
+ return this;
1768
+ }), g;
1769
+ function verb(n) {
1770
+ return function(v) {
1771
+ return step([
1772
+ n,
1773
+ v
1774
+ ]);
1775
+ };
1776
+ }
1777
+ function step(op) {
1778
+ if (f) throw new TypeError("Generator is already executing.");
1779
+ while(_)try {
1780
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
1781
+ if (y = 0, t) op = [
1782
+ op[0] & 2,
1783
+ t.value
1784
+ ];
1785
+ switch(op[0]){
1786
+ case 0:
1787
+ case 1:
1788
+ t = op;
1789
+ break;
1790
+ case 4:
1791
+ _.label++;
1792
+ return {
1793
+ value: op[1],
1794
+ done: false
1795
+ };
1796
+ case 5:
1797
+ _.label++;
1798
+ y = op[1];
1799
+ op = [
1800
+ 0
1801
+ ];
1802
+ continue;
1803
+ case 7:
1804
+ op = _.ops.pop();
1805
+ _.trys.pop();
1806
+ continue;
1807
+ default:
1808
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
1809
+ _ = 0;
1810
+ continue;
1811
+ }
1812
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
1813
+ _.label = op[1];
1814
+ break;
1815
+ }
1816
+ if (op[0] === 6 && _.label < t[1]) {
1817
+ _.label = t[1];
1818
+ t = op;
1819
+ break;
1820
+ }
1821
+ if (t && _.label < t[2]) {
1822
+ _.label = t[2];
1823
+ _.ops.push(op);
1824
+ break;
1825
+ }
1826
+ if (t[2]) _.ops.pop();
1827
+ _.trys.pop();
1828
+ continue;
1829
+ }
1830
+ op = body.call(thisArg, _);
1831
+ } catch (e) {
1832
+ op = [
1833
+ 6,
1834
+ e
1835
+ ];
1836
+ y = 0;
1837
+ } finally{
1838
+ f = t = 0;
1839
+ }
1840
+ if (op[0] & 5) throw op[1];
1841
+ return {
1842
+ value: op[0] ? op[1] : void 0,
1843
+ done: true
1844
+ };
1845
+ }
1846
+ }
1847
+ var isProcessProfile = function(arg) {
1848
+ return Boolean(arg) && (typeof arg === "undefined" ? "undefined" : _type_of$2(arg)) === "object" && typeof arg.credential_process === "string";
1849
+ };
1850
+ var resolveProcessCredentials = function() {
1851
+ var _ref = _async_to_generator$5(function(options, profile) {
1852
+ return _ts_generator$5(this, function(_state) {
1853
+ return [
1854
+ 2,
1855
+ import('./index.esm17.js').then(function(param) {
1856
+ var fromProcess = param.fromProcess;
1857
+ return fromProcess(_object_spread_props(_object_spread$1({}, options), {
1858
+ profile: profile
1859
+ }))().then(function(creds) {
1860
+ return setCredentialFeature(creds, "CREDENTIALS_PROFILE_PROCESS", "v");
1861
+ });
1862
+ })
1863
+ ];
1864
+ });
1865
+ });
1866
+ return function resolveProcessCredentials(options, profile) {
1867
+ return _ref.apply(this, arguments);
1868
+ };
1869
+ }();
1870
+
1871
+ function asyncGeneratorStep$4(gen, resolve, reject, _next, _throw, key, arg) {
1872
+ try {
1873
+ var info = gen[key](arg);
1874
+ var value = info.value;
1875
+ } catch (error) {
1876
+ reject(error);
1877
+ return;
1878
+ }
1879
+ if (info.done) {
1880
+ resolve(value);
1881
+ } else {
1882
+ Promise.resolve(value).then(_next, _throw);
1883
+ }
1884
+ }
1885
+ function _async_to_generator$4(fn) {
1886
+ return function() {
1887
+ var self = this, args = arguments;
1888
+ return new Promise(function(resolve, reject) {
1889
+ var gen = fn.apply(self, args);
1890
+ function _next(value) {
1891
+ asyncGeneratorStep$4(gen, resolve, reject, _next, _throw, "next", value);
1892
+ }
1893
+ function _throw(err) {
1894
+ asyncGeneratorStep$4(gen, resolve, reject, _next, _throw, "throw", err);
1895
+ }
1896
+ _next(undefined);
1897
+ });
1898
+ };
1899
+ }
1900
+ function _ts_generator$4(thisArg, body) {
1901
+ var f, y, t, g, _ = {
1902
+ label: 0,
1903
+ sent: function() {
1904
+ if (t[0] & 1) throw t[1];
1905
+ return t[1];
1906
+ },
1907
+ trys: [],
1908
+ ops: []
1909
+ };
1910
+ return g = {
1911
+ next: verb(0),
1912
+ "throw": verb(1),
1913
+ "return": verb(2)
1914
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
1915
+ return this;
1916
+ }), g;
1917
+ function verb(n) {
1918
+ return function(v) {
1919
+ return step([
1920
+ n,
1921
+ v
1922
+ ]);
1923
+ };
1924
+ }
1925
+ function step(op) {
1926
+ if (f) throw new TypeError("Generator is already executing.");
1927
+ while(_)try {
1928
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
1929
+ if (y = 0, t) op = [
1930
+ op[0] & 2,
1931
+ t.value
1932
+ ];
1933
+ switch(op[0]){
1934
+ case 0:
1935
+ case 1:
1936
+ t = op;
1937
+ break;
1938
+ case 4:
1939
+ _.label++;
1940
+ return {
1941
+ value: op[1],
1942
+ done: false
1943
+ };
1944
+ case 5:
1945
+ _.label++;
1946
+ y = op[1];
1947
+ op = [
1948
+ 0
1949
+ ];
1950
+ continue;
1951
+ case 7:
1952
+ op = _.ops.pop();
1953
+ _.trys.pop();
1954
+ continue;
1955
+ default:
1956
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
1957
+ _ = 0;
1958
+ continue;
1959
+ }
1960
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
1961
+ _.label = op[1];
1962
+ break;
1963
+ }
1964
+ if (op[0] === 6 && _.label < t[1]) {
1965
+ _.label = t[1];
1966
+ t = op;
1967
+ break;
1968
+ }
1969
+ if (t && _.label < t[2]) {
1970
+ _.label = t[2];
1971
+ _.ops.push(op);
1972
+ break;
1973
+ }
1974
+ if (t[2]) _.ops.pop();
1975
+ _.trys.pop();
1976
+ continue;
1977
+ }
1978
+ op = body.call(thisArg, _);
1979
+ } catch (e) {
1980
+ op = [
1981
+ 6,
1982
+ e
1983
+ ];
1984
+ y = 0;
1985
+ } finally{
1986
+ f = t = 0;
1987
+ }
1988
+ if (op[0] & 5) throw op[1];
1989
+ return {
1990
+ value: op[0] ? op[1] : void 0,
1991
+ done: true
1992
+ };
1993
+ }
1994
+ }
1995
+ var resolveSsoCredentials = function() {
1996
+ var _ref = _async_to_generator$4(function(profile, profileData) {
1997
+ var options, callerClientConfig, fromSSO;
1998
+ var _arguments = arguments;
1999
+ return _ts_generator$4(this, function(_state) {
2000
+ switch(_state.label){
2001
+ case 0:
2002
+ options = _arguments.length > 2 && _arguments[2] !== void 0 ? _arguments[2] : {}, callerClientConfig = _arguments.length > 3 ? _arguments[3] : void 0;
2003
+ return [
2004
+ 4,
2005
+ import('./index.esm18.js')
2006
+ ];
2007
+ case 1:
2008
+ fromSSO = _state.sent().fromSSO;
2009
+ return [
2010
+ 2,
2011
+ fromSSO({
2012
+ profile: profile,
2013
+ logger: options.logger,
2014
+ parentClientConfig: options.parentClientConfig,
2015
+ clientConfig: options.clientConfig
2016
+ })({
2017
+ callerClientConfig: callerClientConfig
2018
+ }).then(function(creds) {
2019
+ if (profileData.sso_session) {
2020
+ return setCredentialFeature(creds, "CREDENTIALS_PROFILE_SSO", "r");
2021
+ } else {
2022
+ return setCredentialFeature(creds, "CREDENTIALS_PROFILE_SSO_LEGACY", "t");
2023
+ }
2024
+ })
2025
+ ];
2026
+ }
2027
+ });
2028
+ });
2029
+ return function resolveSsoCredentials(profile, profileData) {
2030
+ return _ref.apply(this, arguments);
2031
+ };
2032
+ }();
2033
+ var isSsoProfile = function(arg) {
2034
+ return arg && (typeof arg.sso_start_url === "string" || typeof arg.sso_account_id === "string" || typeof arg.sso_session === "string" || typeof arg.sso_region === "string" || typeof arg.sso_role_name === "string");
2035
+ };
2036
+
2037
+ function asyncGeneratorStep$3(gen, resolve, reject, _next, _throw, key, arg) {
2038
+ try {
2039
+ var info = gen[key](arg);
2040
+ var value = info.value;
2041
+ } catch (error) {
2042
+ reject(error);
2043
+ return;
2044
+ }
2045
+ if (info.done) {
2046
+ resolve(value);
2047
+ } else {
2048
+ Promise.resolve(value).then(_next, _throw);
2049
+ }
2050
+ }
2051
+ function _async_to_generator$3(fn) {
2052
+ return function() {
2053
+ var self = this, args = arguments;
2054
+ return new Promise(function(resolve, reject) {
2055
+ var gen = fn.apply(self, args);
2056
+ function _next(value) {
2057
+ asyncGeneratorStep$3(gen, resolve, reject, _next, _throw, "next", value);
2058
+ }
2059
+ function _throw(err) {
2060
+ asyncGeneratorStep$3(gen, resolve, reject, _next, _throw, "throw", err);
2061
+ }
2062
+ _next(undefined);
2063
+ });
2064
+ };
2065
+ }
2066
+ function _define_property(obj, key, value) {
2067
+ if (key in obj) {
2068
+ Object.defineProperty(obj, key, {
2069
+ value: value,
2070
+ enumerable: true,
2071
+ configurable: true,
2072
+ writable: true
2073
+ });
2074
+ } else {
2075
+ obj[key] = value;
2076
+ }
2077
+ return obj;
2078
+ }
2079
+ function _object_spread(target) {
2080
+ for(var i = 1; i < arguments.length; i++){
2081
+ var source = arguments[i] != null ? arguments[i] : {};
2082
+ var ownKeys = Object.keys(source);
2083
+ if (typeof Object.getOwnPropertySymbols === "function") {
2084
+ ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
2085
+ return Object.getOwnPropertyDescriptor(source, sym).enumerable;
2086
+ }));
2087
+ }
2088
+ ownKeys.forEach(function(key) {
2089
+ _define_property(target, key, source[key]);
2090
+ });
2091
+ }
2092
+ return target;
2093
+ }
2094
+ function _type_of$1(obj) {
2095
+ "@swc/helpers - typeof";
2096
+ return obj && typeof Symbol !== "undefined" && obj.constructor === Symbol ? "symbol" : typeof obj;
2097
+ }
2098
+ function _ts_generator$3(thisArg, body) {
2099
+ var f, y, t, g, _ = {
2100
+ label: 0,
2101
+ sent: function() {
2102
+ if (t[0] & 1) throw t[1];
2103
+ return t[1];
2104
+ },
2105
+ trys: [],
2106
+ ops: []
2107
+ };
2108
+ return g = {
2109
+ next: verb(0),
2110
+ "throw": verb(1),
2111
+ "return": verb(2)
2112
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
2113
+ return this;
2114
+ }), g;
2115
+ function verb(n) {
2116
+ return function(v) {
2117
+ return step([
2118
+ n,
2119
+ v
2120
+ ]);
2121
+ };
2122
+ }
2123
+ function step(op) {
2124
+ if (f) throw new TypeError("Generator is already executing.");
2125
+ while(_)try {
2126
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
2127
+ if (y = 0, t) op = [
2128
+ op[0] & 2,
2129
+ t.value
2130
+ ];
2131
+ switch(op[0]){
2132
+ case 0:
2133
+ case 1:
2134
+ t = op;
2135
+ break;
2136
+ case 4:
2137
+ _.label++;
2138
+ return {
2139
+ value: op[1],
2140
+ done: false
2141
+ };
2142
+ case 5:
2143
+ _.label++;
2144
+ y = op[1];
2145
+ op = [
2146
+ 0
2147
+ ];
2148
+ continue;
2149
+ case 7:
2150
+ op = _.ops.pop();
2151
+ _.trys.pop();
2152
+ continue;
2153
+ default:
2154
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
2155
+ _ = 0;
2156
+ continue;
2157
+ }
2158
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
2159
+ _.label = op[1];
2160
+ break;
2161
+ }
2162
+ if (op[0] === 6 && _.label < t[1]) {
2163
+ _.label = t[1];
2164
+ t = op;
2165
+ break;
2166
+ }
2167
+ if (t && _.label < t[2]) {
2168
+ _.label = t[2];
2169
+ _.ops.push(op);
2170
+ break;
2171
+ }
2172
+ if (t[2]) _.ops.pop();
2173
+ _.trys.pop();
2174
+ continue;
2175
+ }
2176
+ op = body.call(thisArg, _);
2177
+ } catch (e) {
2178
+ op = [
2179
+ 6,
2180
+ e
2181
+ ];
2182
+ y = 0;
2183
+ } finally{
2184
+ f = t = 0;
2185
+ }
2186
+ if (op[0] & 5) throw op[1];
2187
+ return {
2188
+ value: op[0] ? op[1] : void 0,
2189
+ done: true
2190
+ };
2191
+ }
2192
+ }
2193
+ var isStaticCredsProfile = function(arg) {
2194
+ return Boolean(arg) && (typeof arg === "undefined" ? "undefined" : _type_of$1(arg)) === "object" && typeof arg.aws_access_key_id === "string" && typeof arg.aws_secret_access_key === "string" && [
2195
+ "undefined",
2196
+ "string"
2197
+ ].indexOf(_type_of$1(arg.aws_session_token)) > -1 && [
2198
+ "undefined",
2199
+ "string"
2200
+ ].indexOf(_type_of$1(arg.aws_account_id)) > -1;
2201
+ };
2202
+ var resolveStaticCredentials = function() {
2203
+ var _ref = _async_to_generator$3(function(profile, options) {
2204
+ var _options_logger, credentials;
2205
+ return _ts_generator$3(this, function(_state) {
2206
+ options === null || options === void 0 ? void 0 : (_options_logger = options.logger) === null || _options_logger === void 0 ? void 0 : _options_logger.debug("@aws-sdk/credential-provider-ini - resolveStaticCredentials");
2207
+ credentials = _object_spread({
2208
+ accessKeyId: profile.aws_access_key_id,
2209
+ secretAccessKey: profile.aws_secret_access_key,
2210
+ sessionToken: profile.aws_session_token
2211
+ }, profile.aws_credential_scope && {
2212
+ credentialScope: profile.aws_credential_scope
2213
+ }, profile.aws_account_id && {
2214
+ accountId: profile.aws_account_id
2215
+ });
2216
+ return [
2217
+ 2,
2218
+ setCredentialFeature(credentials, "CREDENTIALS_PROFILE", "n")
2219
+ ];
2220
+ });
2221
+ });
2222
+ return function resolveStaticCredentials(profile, options) {
2223
+ return _ref.apply(this, arguments);
2224
+ };
2225
+ }();
2226
+
2227
+ function asyncGeneratorStep$2(gen, resolve, reject, _next, _throw, key, arg) {
2228
+ try {
2229
+ var info = gen[key](arg);
2230
+ var value = info.value;
2231
+ } catch (error) {
2232
+ reject(error);
2233
+ return;
2234
+ }
2235
+ if (info.done) {
2236
+ resolve(value);
2237
+ } else {
2238
+ Promise.resolve(value).then(_next, _throw);
2239
+ }
2240
+ }
2241
+ function _async_to_generator$2(fn) {
2242
+ return function() {
2243
+ var self = this, args = arguments;
2244
+ return new Promise(function(resolve, reject) {
2245
+ var gen = fn.apply(self, args);
2246
+ function _next(value) {
2247
+ asyncGeneratorStep$2(gen, resolve, reject, _next, _throw, "next", value);
2248
+ }
2249
+ function _throw(err) {
2250
+ asyncGeneratorStep$2(gen, resolve, reject, _next, _throw, "throw", err);
2251
+ }
2252
+ _next(undefined);
2253
+ });
2254
+ };
2255
+ }
2256
+ function _type_of(obj) {
2257
+ "@swc/helpers - typeof";
2258
+ return obj && typeof Symbol !== "undefined" && obj.constructor === Symbol ? "symbol" : typeof obj;
2259
+ }
2260
+ function _ts_generator$2(thisArg, body) {
2261
+ var f, y, t, g, _ = {
2262
+ label: 0,
2263
+ sent: function() {
2264
+ if (t[0] & 1) throw t[1];
2265
+ return t[1];
2266
+ },
2267
+ trys: [],
2268
+ ops: []
2269
+ };
2270
+ return g = {
2271
+ next: verb(0),
2272
+ "throw": verb(1),
2273
+ "return": verb(2)
2274
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
2275
+ return this;
2276
+ }), g;
2277
+ function verb(n) {
2278
+ return function(v) {
2279
+ return step([
2280
+ n,
2281
+ v
2282
+ ]);
2283
+ };
2284
+ }
2285
+ function step(op) {
2286
+ if (f) throw new TypeError("Generator is already executing.");
2287
+ while(_)try {
2288
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
2289
+ if (y = 0, t) op = [
2290
+ op[0] & 2,
2291
+ t.value
2292
+ ];
2293
+ switch(op[0]){
2294
+ case 0:
2295
+ case 1:
2296
+ t = op;
2297
+ break;
2298
+ case 4:
2299
+ _.label++;
2300
+ return {
2301
+ value: op[1],
2302
+ done: false
2303
+ };
2304
+ case 5:
2305
+ _.label++;
2306
+ y = op[1];
2307
+ op = [
2308
+ 0
2309
+ ];
2310
+ continue;
2311
+ case 7:
2312
+ op = _.ops.pop();
2313
+ _.trys.pop();
2314
+ continue;
2315
+ default:
2316
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
2317
+ _ = 0;
2318
+ continue;
2319
+ }
2320
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
2321
+ _.label = op[1];
2322
+ break;
2323
+ }
2324
+ if (op[0] === 6 && _.label < t[1]) {
2325
+ _.label = t[1];
2326
+ t = op;
2327
+ break;
2328
+ }
2329
+ if (t && _.label < t[2]) {
2330
+ _.label = t[2];
2331
+ _.ops.push(op);
2332
+ break;
2333
+ }
2334
+ if (t[2]) _.ops.pop();
2335
+ _.trys.pop();
2336
+ continue;
2337
+ }
2338
+ op = body.call(thisArg, _);
2339
+ } catch (e) {
2340
+ op = [
2341
+ 6,
2342
+ e
2343
+ ];
2344
+ y = 0;
2345
+ } finally{
2346
+ f = t = 0;
2347
+ }
2348
+ if (op[0] & 5) throw op[1];
2349
+ return {
2350
+ value: op[0] ? op[1] : void 0,
2351
+ done: true
2352
+ };
2353
+ }
2354
+ }
2355
+ var isWebIdentityProfile = function(arg) {
2356
+ return Boolean(arg) && (typeof arg === "undefined" ? "undefined" : _type_of(arg)) === "object" && typeof arg.web_identity_token_file === "string" && typeof arg.role_arn === "string" && [
2357
+ "undefined",
2358
+ "string"
2359
+ ].indexOf(_type_of(arg.role_session_name)) > -1;
2360
+ };
2361
+ var resolveWebIdentityCredentials = function() {
2362
+ var _ref = _async_to_generator$2(function(profile, options, callerClientConfig) {
2363
+ return _ts_generator$2(this, function(_state) {
2364
+ return [
2365
+ 2,
2366
+ import('./index.esm19.js').then(function(param) {
2367
+ var fromTokenFile = param.fromTokenFile;
2368
+ return fromTokenFile({
2369
+ webIdentityTokenFile: profile.web_identity_token_file,
2370
+ roleArn: profile.role_arn,
2371
+ roleSessionName: profile.role_session_name,
2372
+ roleAssumerWithWebIdentity: options.roleAssumerWithWebIdentity,
2373
+ logger: options.logger,
2374
+ parentClientConfig: options.parentClientConfig
2375
+ })({
2376
+ callerClientConfig: callerClientConfig
2377
+ }).then(function(creds) {
2378
+ return setCredentialFeature(creds, "CREDENTIALS_PROFILE_STS_WEB_ID_TOKEN", "q");
2379
+ });
2380
+ })
2381
+ ];
2382
+ });
2383
+ });
2384
+ return function resolveWebIdentityCredentials(profile, options, callerClientConfig) {
2385
+ return _ref.apply(this, arguments);
2386
+ };
2387
+ }();
2388
+
2389
+ function asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, key, arg) {
2390
+ try {
2391
+ var info = gen[key](arg);
2392
+ var value = info.value;
2393
+ } catch (error) {
2394
+ reject(error);
2395
+ return;
2396
+ }
2397
+ if (info.done) {
2398
+ resolve(value);
2399
+ } else {
2400
+ Promise.resolve(value).then(_next, _throw);
2401
+ }
2402
+ }
2403
+ function _async_to_generator$1(fn) {
2404
+ return function() {
2405
+ var self = this, args = arguments;
2406
+ return new Promise(function(resolve, reject) {
2407
+ var gen = fn.apply(self, args);
2408
+ function _next(value) {
2409
+ asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, "next", value);
2410
+ }
2411
+ function _throw(err) {
2412
+ asyncGeneratorStep$1(gen, resolve, reject, _next, _throw, "throw", err);
2413
+ }
2414
+ _next(undefined);
2415
+ });
2416
+ };
2417
+ }
2418
+ function _ts_generator$1(thisArg, body) {
2419
+ var f, y, t, g, _ = {
2420
+ label: 0,
2421
+ sent: function() {
2422
+ if (t[0] & 1) throw t[1];
2423
+ return t[1];
2424
+ },
2425
+ trys: [],
2426
+ ops: []
2427
+ };
2428
+ return g = {
2429
+ next: verb(0),
2430
+ "throw": verb(1),
2431
+ "return": verb(2)
2432
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
2433
+ return this;
2434
+ }), g;
2435
+ function verb(n) {
2436
+ return function(v) {
2437
+ return step([
2438
+ n,
2439
+ v
2440
+ ]);
2441
+ };
2442
+ }
2443
+ function step(op) {
2444
+ if (f) throw new TypeError("Generator is already executing.");
2445
+ while(_)try {
2446
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
2447
+ if (y = 0, t) op = [
2448
+ op[0] & 2,
2449
+ t.value
2450
+ ];
2451
+ switch(op[0]){
2452
+ case 0:
2453
+ case 1:
2454
+ t = op;
2455
+ break;
2456
+ case 4:
2457
+ _.label++;
2458
+ return {
2459
+ value: op[1],
2460
+ done: false
2461
+ };
2462
+ case 5:
2463
+ _.label++;
2464
+ y = op[1];
2465
+ op = [
2466
+ 0
2467
+ ];
2468
+ continue;
2469
+ case 7:
2470
+ op = _.ops.pop();
2471
+ _.trys.pop();
2472
+ continue;
2473
+ default:
2474
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
2475
+ _ = 0;
2476
+ continue;
2477
+ }
2478
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
2479
+ _.label = op[1];
2480
+ break;
2481
+ }
2482
+ if (op[0] === 6 && _.label < t[1]) {
2483
+ _.label = t[1];
2484
+ t = op;
2485
+ break;
2486
+ }
2487
+ if (t && _.label < t[2]) {
2488
+ _.label = t[2];
2489
+ _.ops.push(op);
2490
+ break;
2491
+ }
2492
+ if (t[2]) _.ops.pop();
2493
+ _.trys.pop();
2494
+ continue;
2495
+ }
2496
+ op = body.call(thisArg, _);
2497
+ } catch (e) {
2498
+ op = [
2499
+ 6,
2500
+ e
2501
+ ];
2502
+ y = 0;
2503
+ } finally{
2504
+ f = t = 0;
2505
+ }
2506
+ if (op[0] & 5) throw op[1];
2507
+ return {
2508
+ value: op[0] ? op[1] : void 0,
2509
+ done: true
2510
+ };
2511
+ }
2512
+ }
2513
+ var resolveProfileData = function() {
2514
+ var _ref = _async_to_generator$1(function(profileName, profiles, options, callerClientConfig) {
2515
+ var visitedProfiles, isAssumeRoleRecursiveCall, data;
2516
+ var _arguments = arguments;
2517
+ return _ts_generator$1(this, function(_state) {
2518
+ switch(_state.label){
2519
+ case 0:
2520
+ visitedProfiles = _arguments.length > 4 && _arguments[4] !== void 0 ? _arguments[4] : {}, isAssumeRoleRecursiveCall = _arguments.length > 5 && _arguments[5] !== void 0 ? _arguments[5] : false;
2521
+ data = profiles[profileName];
2522
+ if (Object.keys(visitedProfiles).length > 0 && isStaticCredsProfile(data)) {
2523
+ return [
2524
+ 2,
2525
+ resolveStaticCredentials(data, options)
2526
+ ];
2527
+ }
2528
+ if (isAssumeRoleRecursiveCall || isAssumeRoleProfile(data, {
2529
+ profile: profileName,
2530
+ logger: options.logger
2531
+ })) {
2532
+ return [
2533
+ 2,
2534
+ resolveAssumeRoleCredentials(profileName, profiles, options, callerClientConfig, visitedProfiles, resolveProfileData)
2535
+ ];
2536
+ }
2537
+ if (isStaticCredsProfile(data)) {
2538
+ return [
2539
+ 2,
2540
+ resolveStaticCredentials(data, options)
2541
+ ];
2542
+ }
2543
+ if (isWebIdentityProfile(data)) {
2544
+ return [
2545
+ 2,
2546
+ resolveWebIdentityCredentials(data, options, callerClientConfig)
2547
+ ];
2548
+ }
2549
+ if (isProcessProfile(data)) {
2550
+ return [
2551
+ 2,
2552
+ resolveProcessCredentials(options, profileName)
2553
+ ];
2554
+ }
2555
+ if (!isSsoProfile(data)) return [
2556
+ 3,
2557
+ 2
2558
+ ];
2559
+ return [
2560
+ 4,
2561
+ resolveSsoCredentials(profileName, data, options, callerClientConfig)
2562
+ ];
2563
+ case 1:
2564
+ return [
2565
+ 2,
2566
+ _state.sent()
2567
+ ];
2568
+ case 2:
2569
+ if (isLoginProfile(data)) {
2570
+ return [
2571
+ 2,
2572
+ resolveLoginCredentials(profileName, options, callerClientConfig)
2573
+ ];
2574
+ }
2575
+ throw new CredentialsProviderError("Could not resolve credentials using profile: [".concat(profileName, "] in configuration/credentials file(s)."), {
2576
+ logger: options.logger
2577
+ });
2578
+ }
2579
+ });
2580
+ });
2581
+ return function resolveProfileData(profileName, profiles, options, callerClientConfig) {
276
2582
  return _ref.apply(this, arguments);
277
2583
  };
278
2584
  }();
@@ -401,7 +2707,7 @@ function _ts_generator(thisArg, body) {
401
2707
  };
402
2708
  }
403
2709
  }
404
- var fromProcess = function() {
2710
+ var fromIni = function() {
405
2711
  var init = arguments.length > 0 && arguments[0] !== void 0 ? arguments[0] : {};
406
2712
  return /*#__PURE__*/ _async_to_generator(function() {
407
2713
  var callerClientConfig, _init_logger, profiles, _init_profile;
@@ -410,7 +2716,7 @@ var fromProcess = function() {
410
2716
  switch(_state.label){
411
2717
  case 0:
412
2718
  callerClientConfig = (_arguments.length > 0 && _arguments[0] !== void 0 ? _arguments[0] : {}).callerClientConfig;
413
- (_init_logger = init.logger) === null || _init_logger === void 0 ? void 0 : _init_logger.debug("@aws-sdk/credential-provider-process - fromProcess");
2719
+ (_init_logger = init.logger) === null || _init_logger === void 0 ? void 0 : _init_logger.debug("@aws-sdk/credential-provider-ini - fromIni");
414
2720
  return [
415
2721
  4,
416
2722
  parseKnownFiles(init)
@@ -419,13 +2725,13 @@ var fromProcess = function() {
419
2725
  profiles = _state.sent();
420
2726
  return [
421
2727
  2,
422
- resolveProcessCredentials(getProfileName({
2728
+ resolveProfileData(getProfileName({
423
2729
  profile: (_init_profile = init.profile) !== null && _init_profile !== void 0 ? _init_profile : callerClientConfig === null || callerClientConfig === void 0 ? void 0 : callerClientConfig.profile
424
- }), profiles, init.logger)
2730
+ }), profiles, init, callerClientConfig)
425
2731
  ];
426
2732
  }
427
2733
  });
428
2734
  });
429
2735
  };
430
2736
 
431
- export { fromProcess };
2737
+ export { fromIni };