@etainabl/nodejs-sdk 1.3.165 → 1.3.166
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/esm/chunk-5UJEKK4C.js +22 -0
- package/dist/esm/chunk-5UJEKK4C.js.map +1 -0
- package/dist/esm/chunk-72KZNKH6.js +180 -0
- package/dist/esm/chunk-72KZNKH6.js.map +1 -0
- package/dist/esm/{chunk-V42NON4H.js → chunk-7QBJXGSP.js} +23 -1
- package/dist/esm/chunk-7QBJXGSP.js.map +1 -0
- package/dist/esm/{chunk-GEJJRBZZ.js → chunk-AQUTK7AW.js} +15 -5
- package/dist/esm/chunk-AQUTK7AW.js.map +1 -0
- package/dist/esm/{chunk-JFJBZL6W.js → chunk-EVJULQPT.js} +1458 -230
- package/dist/esm/chunk-EVJULQPT.js.map +1 -0
- package/dist/esm/chunk-GA2PLVMV.js +29 -0
- package/dist/esm/chunk-GA2PLVMV.js.map +1 -0
- package/dist/esm/{chunk-ITNQSW66.js → chunk-IMDTX6W5.js} +57 -7
- package/dist/esm/chunk-IMDTX6W5.js.map +1 -0
- package/dist/esm/chunk-JI6PVVK3.js +739 -0
- package/dist/esm/chunk-JI6PVVK3.js.map +1 -0
- package/dist/esm/chunk-KH6HADHN.js +31 -0
- package/dist/esm/chunk-KH6HADHN.js.map +1 -0
- package/dist/esm/{chunk-64PZMULY.js → chunk-LARQKHST.js} +2 -2
- package/dist/esm/chunk-PZ5AY32C.js +10 -0
- package/dist/esm/chunk-R2ZTENKB.js +37 -0
- package/dist/esm/chunk-R2ZTENKB.js.map +1 -0
- package/dist/esm/chunk-RREOR7G6.js +9 -0
- package/dist/esm/chunk-RREOR7G6.js.map +1 -0
- package/dist/esm/chunk-STDLTQUB.js +180 -0
- package/dist/esm/chunk-STDLTQUB.js.map +1 -0
- package/dist/esm/chunk-STQV3LF2.js +29 -0
- package/dist/esm/chunk-STQV3LF2.js.map +1 -0
- package/dist/esm/chunk-WRTOEGQL.js +255 -0
- package/dist/esm/chunk-WRTOEGQL.js.map +1 -0
- package/dist/esm/{chunk-HAEAETXR.js → chunk-ZW5YT27C.js} +55 -96
- package/dist/esm/chunk-ZW5YT27C.js.map +1 -0
- package/dist/esm/{dist-es-W6M73SKO.js → dist-es-32LEW3C7.js} +6 -5
- package/dist/esm/{dist-es-W6M73SKO.js.map → dist-es-32LEW3C7.js.map} +1 -1
- package/dist/esm/{dist-es-SHHKSG6R.js → dist-es-GCETMDH7.js} +4 -3
- package/dist/esm/dist-es-GCETMDH7.js.map +1 -0
- package/dist/esm/{dist-es-UQHTRG6U.js → dist-es-MHO4ZWXK.js} +7 -5
- package/dist/esm/{dist-es-UQHTRG6U.js.map → dist-es-MHO4ZWXK.js.map} +1 -1
- package/dist/esm/{dist-es-IIKV4LDE.js → dist-es-MRJ45ZBG.js} +19 -15
- package/dist/esm/{dist-es-IIKV4LDE.js.map → dist-es-MRJ45ZBG.js.map} +1 -1
- package/dist/esm/{dist-es-CQVI4NNF.js → dist-es-NBFOPILZ.js} +53 -14
- package/dist/esm/dist-es-NBFOPILZ.js.map +1 -0
- package/dist/esm/{dist-es-AV5FKRC6.js → dist-es-YDCANF64.js} +12 -7
- package/dist/esm/{dist-es-AV5FKRC6.js.map → dist-es-YDCANF64.js.map} +1 -1
- package/dist/esm/{dist-es-HQRLUYWI.js → dist-es-YPLWYQ2P.js} +4 -3
- package/dist/esm/{dist-es-HQRLUYWI.js.map → dist-es-YPLWYQ2P.js.map} +1 -1
- package/dist/esm/event-streams-C2D437DF.js +198 -0
- package/dist/esm/event-streams-C2D437DF.js.map +1 -0
- package/dist/esm/index.js +8421 -7505
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/{loadSso-2Q7LGXOS.js → loadSso-QXCYUPG5.js} +54 -48
- package/dist/esm/loadSso-QXCYUPG5.js.map +1 -0
- package/dist/esm/{sso-oidc-7RZV73L6.js → sso-oidc-EU7F5QE4.js} +38 -34
- package/dist/esm/{sso-oidc-7RZV73L6.js.map → sso-oidc-EU7F5QE4.js.map} +1 -1
- package/dist/esm/{sts-IERANB7E.js → sts-7N2XX5PT.js} +34 -28
- package/dist/esm/{sts-IERANB7E.js.map → sts-7N2XX5PT.js.map} +1 -1
- package/dist/index.d.cts +410 -11
- package/dist/index.d.ts +410 -11
- package/dist/index.js +20412 -19412
- package/dist/index.js.map +1 -1
- package/package.json +7 -2
- package/dist/esm/chunk-3YGWW265.js +0 -64
- package/dist/esm/chunk-3YGWW265.js.map +0 -1
- package/dist/esm/chunk-5VQORBLK.js +0 -136
- package/dist/esm/chunk-5VQORBLK.js.map +0 -1
- package/dist/esm/chunk-6ZE6VFBF.js +0 -2420
- package/dist/esm/chunk-6ZE6VFBF.js.map +0 -1
- package/dist/esm/chunk-GEJJRBZZ.js.map +0 -1
- package/dist/esm/chunk-HAEAETXR.js.map +0 -1
- package/dist/esm/chunk-ITNQSW66.js.map +0 -1
- package/dist/esm/chunk-JFJBZL6W.js.map +0 -1
- package/dist/esm/chunk-JVMEEBKP.js +0 -127
- package/dist/esm/chunk-JVMEEBKP.js.map +0 -1
- package/dist/esm/chunk-V42NON4H.js.map +0 -1
- package/dist/esm/dist-es-CQVI4NNF.js.map +0 -1
- package/dist/esm/loadSso-2Q7LGXOS.js.map +0 -1
- /package/dist/esm/{chunk-64PZMULY.js.map → chunk-LARQKHST.js.map} +0 -0
- /package/dist/esm/{dist-es-SHHKSG6R.js.map → chunk-PZ5AY32C.js.map} +0 -0
|
@@ -6,9 +6,10 @@ import {
|
|
|
6
6
|
ENV_SECRET,
|
|
7
7
|
ENV_SESSION,
|
|
8
8
|
fromEnv
|
|
9
|
-
} from "./chunk-
|
|
9
|
+
} from "./chunk-LARQKHST.js";
|
|
10
10
|
import "./chunk-UZGMBQZB.js";
|
|
11
|
-
import "./chunk-
|
|
11
|
+
import "./chunk-R2ZTENKB.js";
|
|
12
|
+
import "./chunk-PZ5AY32C.js";
|
|
12
13
|
export {
|
|
13
14
|
ENV_ACCOUNT_ID,
|
|
14
15
|
ENV_CREDENTIAL_SCOPE,
|
|
@@ -18,4 +19,4 @@ export {
|
|
|
18
19
|
ENV_SESSION,
|
|
19
20
|
fromEnv
|
|
20
21
|
};
|
|
21
|
-
//# sourceMappingURL=dist-es-
|
|
22
|
+
//# sourceMappingURL=dist-es-GCETMDH7.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}
|
|
@@ -1,14 +1,16 @@
|
|
|
1
1
|
import {
|
|
2
|
-
getProfileName,
|
|
3
2
|
parseKnownFiles
|
|
4
|
-
} from "./chunk-
|
|
3
|
+
} from "./chunk-GA2PLVMV.js";
|
|
4
|
+
import {
|
|
5
|
+
getProfileName
|
|
6
|
+
} from "./chunk-ZW5YT27C.js";
|
|
5
7
|
import {
|
|
6
8
|
setCredentialFeature
|
|
7
9
|
} from "./chunk-UZGMBQZB.js";
|
|
8
|
-
import "./chunk-3YGWW265.js";
|
|
9
10
|
import {
|
|
10
11
|
CredentialsProviderError
|
|
11
|
-
} from "./chunk-
|
|
12
|
+
} from "./chunk-R2ZTENKB.js";
|
|
13
|
+
import "./chunk-PZ5AY32C.js";
|
|
12
14
|
|
|
13
15
|
// node_modules/@aws-sdk/credential-provider-process/dist-es/resolveProcessCredentials.js
|
|
14
16
|
import { exec } from "child_process";
|
|
@@ -85,4 +87,4 @@ var fromProcess = (init = {}) => async ({ callerClientConfig } = {}) => {
|
|
|
85
87
|
export {
|
|
86
88
|
fromProcess
|
|
87
89
|
};
|
|
88
|
-
//# sourceMappingURL=dist-es-
|
|
90
|
+
//# sourceMappingURL=dist-es-MHO4ZWXK.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../node_modules/@aws-sdk/credential-provider-process/dist-es/resolveProcessCredentials.js","../../node_modules/@aws-sdk/credential-provider-process/dist-es/getValidatedProcessCredentials.js","../../node_modules/@aws-sdk/credential-provider-process/dist-es/fromProcess.js"],"sourcesContent":["import { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { exec } from \"child_process\";\nimport { promisify } from \"util\";\nimport { getValidatedProcessCredentials } from \"./getValidatedProcessCredentials\";\nexport const resolveProcessCredentials = async (profileName, profiles, logger) => {\n const profile = profiles[profileName];\n if (profiles[profileName]) {\n const credentialProcess = profile[\"credential_process\"];\n if (credentialProcess !== undefined) {\n const execPromise = promisify(exec);\n try {\n const { stdout } = await execPromise(credentialProcess);\n let data;\n try {\n data = JSON.parse(stdout.trim());\n }\n catch {\n throw Error(`Profile ${profileName} credential_process returned invalid JSON.`);\n }\n return getValidatedProcessCredentials(profileName, data, profiles);\n }\n catch (error) {\n throw new CredentialsProviderError(error.message, { logger });\n }\n }\n else {\n throw new CredentialsProviderError(`Profile ${profileName} did not contain credential_process.`, { logger });\n }\n }\n else {\n throw new CredentialsProviderError(`Profile ${profileName} could not be found in shared credentials file.`, {\n logger,\n });\n }\n};\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nexport const getValidatedProcessCredentials = (profileName, data, profiles) => {\n if (data.Version !== 1) {\n throw Error(`Profile ${profileName} credential_process did not return Version 1.`);\n }\n if (data.AccessKeyId === undefined || data.SecretAccessKey === undefined) {\n throw Error(`Profile ${profileName} credential_process returned invalid credentials.`);\n }\n if (data.Expiration) {\n const currentTime = new Date();\n const expireTime = new Date(data.Expiration);\n if (expireTime < currentTime) {\n throw Error(`Profile ${profileName} credential_process returned expired credentials.`);\n }\n }\n let accountId = data.AccountId;\n if (!accountId && profiles?.[profileName]?.aws_account_id) {\n accountId = profiles[profileName].aws_account_id;\n }\n const credentials = {\n accessKeyId: data.AccessKeyId,\n secretAccessKey: data.SecretAccessKey,\n ...(data.SessionToken && { sessionToken: data.SessionToken }),\n ...(data.Expiration && { expiration: new Date(data.Expiration) }),\n ...(data.CredentialScope && { credentialScope: data.CredentialScope }),\n ...(accountId && { accountId }),\n };\n setCredentialFeature(credentials, \"CREDENTIALS_PROCESS\", \"w\");\n return credentials;\n};\n","import { getProfileName, parseKnownFiles } from \"@smithy/shared-ini-file-loader\";\nimport { resolveProcessCredentials } from \"./resolveProcessCredentials\";\nexport const fromProcess = (init = {}) => async ({ callerClientConfig } = {}) => {\n init.logger?.debug(\"@aws-sdk/credential-provider-process - fromProcess\");\n const profiles = await parseKnownFiles(init);\n return resolveProcessCredentials(getProfileName({\n profile: init.profile ?? callerClientConfig?.profile,\n }), profiles, init.logger);\n};\n"],"mappings":"
|
|
1
|
+
{"version":3,"sources":["../../node_modules/@aws-sdk/credential-provider-process/dist-es/resolveProcessCredentials.js","../../node_modules/@aws-sdk/credential-provider-process/dist-es/getValidatedProcessCredentials.js","../../node_modules/@aws-sdk/credential-provider-process/dist-es/fromProcess.js"],"sourcesContent":["import { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { exec } from \"child_process\";\nimport { promisify } from \"util\";\nimport { getValidatedProcessCredentials } from \"./getValidatedProcessCredentials\";\nexport const resolveProcessCredentials = async (profileName, profiles, logger) => {\n const profile = profiles[profileName];\n if (profiles[profileName]) {\n const credentialProcess = profile[\"credential_process\"];\n if (credentialProcess !== undefined) {\n const execPromise = promisify(exec);\n try {\n const { stdout } = await execPromise(credentialProcess);\n let data;\n try {\n data = JSON.parse(stdout.trim());\n }\n catch {\n throw Error(`Profile ${profileName} credential_process returned invalid JSON.`);\n }\n return getValidatedProcessCredentials(profileName, data, profiles);\n }\n catch (error) {\n throw new CredentialsProviderError(error.message, { logger });\n }\n }\n else {\n throw new CredentialsProviderError(`Profile ${profileName} did not contain credential_process.`, { logger });\n }\n }\n else {\n throw new CredentialsProviderError(`Profile ${profileName} could not be found in shared credentials file.`, {\n logger,\n });\n }\n};\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nexport const getValidatedProcessCredentials = (profileName, data, profiles) => {\n if (data.Version !== 1) {\n throw Error(`Profile ${profileName} credential_process did not return Version 1.`);\n }\n if (data.AccessKeyId === undefined || data.SecretAccessKey === undefined) {\n throw Error(`Profile ${profileName} credential_process returned invalid credentials.`);\n }\n if (data.Expiration) {\n const currentTime = new Date();\n const expireTime = new Date(data.Expiration);\n if (expireTime < currentTime) {\n throw Error(`Profile ${profileName} credential_process returned expired credentials.`);\n }\n }\n let accountId = data.AccountId;\n if (!accountId && profiles?.[profileName]?.aws_account_id) {\n accountId = profiles[profileName].aws_account_id;\n }\n const credentials = {\n accessKeyId: data.AccessKeyId,\n secretAccessKey: data.SecretAccessKey,\n ...(data.SessionToken && { sessionToken: data.SessionToken }),\n ...(data.Expiration && { expiration: new Date(data.Expiration) }),\n ...(data.CredentialScope && { credentialScope: data.CredentialScope }),\n ...(accountId && { accountId }),\n };\n setCredentialFeature(credentials, \"CREDENTIALS_PROCESS\", \"w\");\n return credentials;\n};\n","import { getProfileName, parseKnownFiles } from \"@smithy/shared-ini-file-loader\";\nimport { resolveProcessCredentials } from \"./resolveProcessCredentials\";\nexport const fromProcess = (init = {}) => async ({ callerClientConfig } = {}) => {\n init.logger?.debug(\"@aws-sdk/credential-provider-process - fromProcess\");\n const profiles = await parseKnownFiles(init);\n return resolveProcessCredentials(getProfileName({\n profile: init.profile ?? callerClientConfig?.profile,\n }), profiles, init.logger);\n};\n"],"mappings":";;;;;;;;;;;;;;;AACA,SAAS,YAAY;AACrB,SAAS,iBAAiB;;;ACDnB,IAAM,iCAAiC,CAAC,aAAa,MAAM,aAAa;AAC3E,MAAI,KAAK,YAAY,GAAG;AACpB,UAAM,MAAM,WAAW,WAAW,+CAA+C;AAAA,EACrF;AACA,MAAI,KAAK,gBAAgB,UAAa,KAAK,oBAAoB,QAAW;AACtE,UAAM,MAAM,WAAW,WAAW,mDAAmD;AAAA,EACzF;AACA,MAAI,KAAK,YAAY;AACjB,UAAM,cAAc,oBAAI,KAAK;AAC7B,UAAM,aAAa,IAAI,KAAK,KAAK,UAAU;AAC3C,QAAI,aAAa,aAAa;AAC1B,YAAM,MAAM,WAAW,WAAW,mDAAmD;AAAA,IACzF;AAAA,EACJ;AACA,MAAI,YAAY,KAAK;AACrB,MAAI,CAAC,aAAa,WAAW,WAAW,GAAG,gBAAgB;AACvD,gBAAY,SAAS,WAAW,EAAE;AAAA,EACtC;AACA,QAAM,cAAc;AAAA,IAChB,aAAa,KAAK;AAAA,IAClB,iBAAiB,KAAK;AAAA,IACtB,GAAI,KAAK,gBAAgB,EAAE,cAAc,KAAK,aAAa;AAAA,IAC3D,GAAI,KAAK,cAAc,EAAE,YAAY,IAAI,KAAK,KAAK,UAAU,EAAE;AAAA,IAC/D,GAAI,KAAK,mBAAmB,EAAE,iBAAiB,KAAK,gBAAgB;AAAA,IACpE,GAAI,aAAa,EAAE,UAAU;AAAA,EACjC;AACA,uBAAqB,aAAa,uBAAuB,GAAG;AAC5D,SAAO;AACX;;;ADzBO,IAAM,4BAA4B,OAAO,aAAa,UAAU,WAAW;AAC9E,QAAM,UAAU,SAAS,WAAW;AACpC,MAAI,SAAS,WAAW,GAAG;AACvB,UAAM,oBAAoB,QAAQ,oBAAoB;AACtD,QAAI,sBAAsB,QAAW;AACjC,YAAM,cAAc,UAAU,IAAI;AAClC,UAAI;AACA,cAAM,EAAE,OAAO,IAAI,MAAM,YAAY,iBAAiB;AACtD,YAAI;AACJ,YAAI;AACA,iBAAO,KAAK,MAAM,OAAO,KAAK,CAAC;AAAA,QACnC,QACM;AACF,gBAAM,MAAM,WAAW,WAAW,4CAA4C;AAAA,QAClF;AACA,eAAO,+BAA+B,aAAa,MAAM,QAAQ;AAAA,MACrE,SACO,OAAO;AACV,cAAM,IAAI,yBAAyB,MAAM,SAAS,EAAE,OAAO,CAAC;AAAA,MAChE;AAAA,IACJ,OACK;AACD,YAAM,IAAI,yBAAyB,WAAW,WAAW,wCAAwC,EAAE,OAAO,CAAC;AAAA,IAC/G;AAAA,EACJ,OACK;AACD,UAAM,IAAI,yBAAyB,WAAW,WAAW,mDAAmD;AAAA,MACxG;AAAA,IACJ,CAAC;AAAA,EACL;AACJ;;;AEhCO,IAAM,cAAc,CAAC,OAAO,CAAC,MAAM,OAAO,EAAE,mBAAmB,IAAI,CAAC,MAAM;AAC7E,OAAK,QAAQ,MAAM,oDAAoD;AACvE,QAAM,WAAW,MAAM,gBAAgB,IAAI;AAC3C,SAAO,0BAA0B,eAAe;AAAA,IAC5C,SAAS,KAAK,WAAW,oBAAoB;AAAA,EACjD,CAAC,GAAG,UAAU,KAAK,MAAM;AAC7B;","names":[]}
|
|
@@ -1,33 +1,37 @@
|
|
|
1
1
|
import {
|
|
2
|
-
|
|
2
|
+
chain
|
|
3
|
+
} from "./chunk-STQV3LF2.js";
|
|
4
|
+
import {
|
|
3
5
|
parseKnownFiles
|
|
4
|
-
} from "./chunk-
|
|
6
|
+
} from "./chunk-GA2PLVMV.js";
|
|
7
|
+
import {
|
|
8
|
+
getProfileName
|
|
9
|
+
} from "./chunk-ZW5YT27C.js";
|
|
5
10
|
import {
|
|
6
11
|
setCredentialFeature
|
|
7
12
|
} from "./chunk-UZGMBQZB.js";
|
|
8
|
-
import "./chunk-3YGWW265.js";
|
|
9
13
|
import {
|
|
10
|
-
CredentialsProviderError
|
|
11
|
-
|
|
12
|
-
|
|
14
|
+
CredentialsProviderError
|
|
15
|
+
} from "./chunk-R2ZTENKB.js";
|
|
16
|
+
import "./chunk-PZ5AY32C.js";
|
|
13
17
|
|
|
14
18
|
// node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveCredentialSource.js
|
|
15
19
|
var resolveCredentialSource = (credentialSource, profileName, logger) => {
|
|
16
20
|
const sourceProvidersMap = {
|
|
17
21
|
EcsContainer: async (options) => {
|
|
18
|
-
const { fromHttp } = await import("./dist-es-
|
|
19
|
-
const { fromContainerMetadata } = await import("./dist-es-
|
|
22
|
+
const { fromHttp } = await import("./dist-es-YDCANF64.js");
|
|
23
|
+
const { fromContainerMetadata } = await import("./dist-es-32LEW3C7.js");
|
|
20
24
|
logger?.debug("@aws-sdk/credential-provider-ini - credential_source is EcsContainer");
|
|
21
25
|
return async () => chain(fromHttp(options ?? {}), fromContainerMetadata(options))().then(setNamedProvider);
|
|
22
26
|
},
|
|
23
27
|
Ec2InstanceMetadata: async (options) => {
|
|
24
28
|
logger?.debug("@aws-sdk/credential-provider-ini - credential_source is Ec2InstanceMetadata");
|
|
25
|
-
const { fromInstanceMetadata } = await import("./dist-es-
|
|
29
|
+
const { fromInstanceMetadata } = await import("./dist-es-32LEW3C7.js");
|
|
26
30
|
return async () => fromInstanceMetadata(options)().then(setNamedProvider);
|
|
27
31
|
},
|
|
28
32
|
Environment: async (options) => {
|
|
29
33
|
logger?.debug("@aws-sdk/credential-provider-ini - credential_source is Environment");
|
|
30
|
-
const { fromEnv } = await import("./dist-es-
|
|
34
|
+
const { fromEnv } = await import("./dist-es-GCETMDH7.js");
|
|
31
35
|
return async () => fromEnv(options)().then(setNamedProvider);
|
|
32
36
|
}
|
|
33
37
|
};
|
|
@@ -62,7 +66,7 @@ var resolveAssumeRoleCredentials = async (profileName, profiles, options, visite
|
|
|
62
66
|
const profileData = profiles[profileName];
|
|
63
67
|
const { source_profile, region } = profileData;
|
|
64
68
|
if (!options.roleAssumer) {
|
|
65
|
-
const { getDefaultRoleAssumer } = await import("./sts-
|
|
69
|
+
const { getDefaultRoleAssumer } = await import("./sts-7N2XX5PT.js");
|
|
66
70
|
options.roleAssumer = getDefaultRoleAssumer({
|
|
67
71
|
...options.clientConfig,
|
|
68
72
|
credentialProviderLogger: options.logger,
|
|
@@ -107,14 +111,14 @@ var isCredentialSourceWithoutRoleArn = (section) => {
|
|
|
107
111
|
|
|
108
112
|
// node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveProcessCredentials.js
|
|
109
113
|
var isProcessProfile = (arg) => Boolean(arg) && typeof arg === "object" && typeof arg.credential_process === "string";
|
|
110
|
-
var resolveProcessCredentials = async (options, profile) => import("./dist-es-
|
|
114
|
+
var resolveProcessCredentials = async (options, profile) => import("./dist-es-MHO4ZWXK.js").then(({ fromProcess }) => fromProcess({
|
|
111
115
|
...options,
|
|
112
116
|
profile
|
|
113
117
|
})().then((creds) => setCredentialFeature(creds, "CREDENTIALS_PROFILE_PROCESS", "v")));
|
|
114
118
|
|
|
115
119
|
// node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveSsoCredentials.js
|
|
116
120
|
var resolveSsoCredentials = async (profile, profileData, options = {}) => {
|
|
117
|
-
const { fromSSO } = await import("./dist-es-
|
|
121
|
+
const { fromSSO } = await import("./dist-es-NBFOPILZ.js");
|
|
118
122
|
return fromSSO({
|
|
119
123
|
profile,
|
|
120
124
|
logger: options.logger,
|
|
@@ -146,7 +150,7 @@ var resolveStaticCredentials = async (profile, options) => {
|
|
|
146
150
|
|
|
147
151
|
// node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveWebIdentityCredentials.js
|
|
148
152
|
var isWebIdentityProfile = (arg) => Boolean(arg) && typeof arg === "object" && typeof arg.web_identity_token_file === "string" && typeof arg.role_arn === "string" && ["undefined", "string"].indexOf(typeof arg.role_session_name) > -1;
|
|
149
|
-
var resolveWebIdentityCredentials = async (profile, options) => import("./dist-es-
|
|
153
|
+
var resolveWebIdentityCredentials = async (profile, options) => import("./dist-es-YPLWYQ2P.js").then(({ fromTokenFile }) => fromTokenFile({
|
|
150
154
|
webIdentityTokenFile: profile.web_identity_token_file,
|
|
151
155
|
roleArn: profile.role_arn,
|
|
152
156
|
roleSessionName: profile.role_session_name,
|
|
@@ -197,4 +201,4 @@ var fromIni = (_init = {}) => async ({ callerClientConfig } = {}) => {
|
|
|
197
201
|
export {
|
|
198
202
|
fromIni
|
|
199
203
|
};
|
|
200
|
-
//# sourceMappingURL=dist-es-
|
|
204
|
+
//# sourceMappingURL=dist-es-MRJ45ZBG.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveCredentialSource.js","../../node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveAssumeRoleCredentials.js","../../node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveProcessCredentials.js","../../node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveSsoCredentials.js","../../node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveStaticCredentials.js","../../node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveWebIdentityCredentials.js","../../node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveProfileData.js","../../node_modules/@aws-sdk/credential-provider-ini/dist-es/fromIni.js"],"sourcesContent":["import { setCredentialFeature } from \"@aws-sdk/core/client\";\nimport { chain, CredentialsProviderError } from \"@smithy/property-provider\";\nexport const resolveCredentialSource = (credentialSource, profileName, logger) => {\n const sourceProvidersMap = {\n EcsContainer: async (options) => {\n const { fromHttp } = await import(\"@aws-sdk/credential-provider-http\");\n const { fromContainerMetadata } = await import(\"@smithy/credential-provider-imds\");\n logger?.debug(\"@aws-sdk/credential-provider-ini - credential_source is EcsContainer\");\n return async () => chain(fromHttp(options ?? {}), fromContainerMetadata(options))().then(setNamedProvider);\n },\n Ec2InstanceMetadata: async (options) => {\n logger?.debug(\"@aws-sdk/credential-provider-ini - credential_source is Ec2InstanceMetadata\");\n const { fromInstanceMetadata } = await import(\"@smithy/credential-provider-imds\");\n return async () => fromInstanceMetadata(options)().then(setNamedProvider);\n },\n Environment: async (options) => {\n logger?.debug(\"@aws-sdk/credential-provider-ini - credential_source is Environment\");\n const { fromEnv } = await import(\"@aws-sdk/credential-provider-env\");\n return async () => fromEnv(options)().then(setNamedProvider);\n },\n };\n if (credentialSource in sourceProvidersMap) {\n return sourceProvidersMap[credentialSource];\n }\n else {\n throw new CredentialsProviderError(`Unsupported credential source in profile ${profileName}. Got ${credentialSource}, ` +\n `expected EcsContainer or Ec2InstanceMetadata or Environment.`, { logger });\n }\n};\nconst setNamedProvider = (creds) => setCredentialFeature(creds, \"CREDENTIALS_PROFILE_NAMED_PROVIDER\", \"p\");\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nimport { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { getProfileName } from \"@smithy/shared-ini-file-loader\";\nimport { resolveCredentialSource } from \"./resolveCredentialSource\";\nimport { resolveProfileData } from \"./resolveProfileData\";\nexport const isAssumeRoleProfile = (arg, { profile = \"default\", logger } = {}) => {\n return (Boolean(arg) &&\n typeof arg === \"object\" &&\n typeof arg.role_arn === \"string\" &&\n [\"undefined\", \"string\"].indexOf(typeof arg.role_session_name) > -1 &&\n [\"undefined\", \"string\"].indexOf(typeof arg.external_id) > -1 &&\n [\"undefined\", \"string\"].indexOf(typeof arg.mfa_serial) > -1 &&\n (isAssumeRoleWithSourceProfile(arg, { profile, logger }) || isCredentialSourceProfile(arg, { profile, logger })));\n};\nconst isAssumeRoleWithSourceProfile = (arg, { profile, logger }) => {\n const withSourceProfile = typeof arg.source_profile === \"string\" && typeof arg.credential_source === \"undefined\";\n if (withSourceProfile) {\n logger?.debug?.(` ${profile} isAssumeRoleWithSourceProfile source_profile=${arg.source_profile}`);\n }\n return withSourceProfile;\n};\nconst isCredentialSourceProfile = (arg, { profile, logger }) => {\n const withProviderProfile = typeof arg.credential_source === \"string\" && typeof arg.source_profile === \"undefined\";\n if (withProviderProfile) {\n logger?.debug?.(` ${profile} isCredentialSourceProfile credential_source=${arg.credential_source}`);\n }\n return withProviderProfile;\n};\nexport const resolveAssumeRoleCredentials = async (profileName, profiles, options, visitedProfiles = {}) => {\n options.logger?.debug(\"@aws-sdk/credential-provider-ini - resolveAssumeRoleCredentials (STS)\");\n const profileData = profiles[profileName];\n const { source_profile, region } = profileData;\n if (!options.roleAssumer) {\n const { getDefaultRoleAssumer } = await import(\"@aws-sdk/nested-clients/sts\");\n options.roleAssumer = getDefaultRoleAssumer({\n ...options.clientConfig,\n credentialProviderLogger: options.logger,\n parentClientConfig: {\n ...options?.parentClientConfig,\n region: region ?? options?.parentClientConfig?.region,\n },\n }, options.clientPlugins);\n }\n if (source_profile && source_profile in visitedProfiles) {\n throw new CredentialsProviderError(`Detected a cycle attempting to resolve credentials for profile` +\n ` ${getProfileName(options)}. Profiles visited: ` +\n Object.keys(visitedProfiles).join(\", \"), { logger: options.logger });\n }\n options.logger?.debug(`@aws-sdk/credential-provider-ini - finding credential resolver using ${source_profile ? `source_profile=[${source_profile}]` : `profile=[${profileName}]`}`);\n const sourceCredsProvider = source_profile\n ? resolveProfileData(source_profile, profiles, options, {\n ...visitedProfiles,\n [source_profile]: true,\n }, isCredentialSourceWithoutRoleArn(profiles[source_profile] ?? {}))\n : (await resolveCredentialSource(profileData.credential_source, profileName, options.logger)(options))();\n if (isCredentialSourceWithoutRoleArn(profileData)) {\n return sourceCredsProvider.then((creds) => setCredentialFeature(creds, \"CREDENTIALS_PROFILE_SOURCE_PROFILE\", \"o\"));\n }\n else {\n const params = {\n RoleArn: profileData.role_arn,\n RoleSessionName: profileData.role_session_name || `aws-sdk-js-${Date.now()}`,\n ExternalId: profileData.external_id,\n DurationSeconds: parseInt(profileData.duration_seconds || \"3600\", 10),\n };\n const { mfa_serial } = profileData;\n if (mfa_serial) {\n if (!options.mfaCodeProvider) {\n throw new CredentialsProviderError(`Profile ${profileName} requires multi-factor authentication, but no MFA code callback was provided.`, { logger: options.logger, tryNextLink: false });\n }\n params.SerialNumber = mfa_serial;\n params.TokenCode = await options.mfaCodeProvider(mfa_serial);\n }\n const sourceCreds = await sourceCredsProvider;\n return options.roleAssumer(sourceCreds, params).then((creds) => setCredentialFeature(creds, \"CREDENTIALS_PROFILE_SOURCE_PROFILE\", \"o\"));\n }\n};\nconst isCredentialSourceWithoutRoleArn = (section) => {\n return !section.role_arn && !!section.credential_source;\n};\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nexport const isProcessProfile = (arg) => Boolean(arg) && typeof arg === \"object\" && typeof arg.credential_process === \"string\";\nexport const resolveProcessCredentials = async (options, profile) => import(\"@aws-sdk/credential-provider-process\").then(({ fromProcess }) => fromProcess({\n ...options,\n profile,\n})().then((creds) => setCredentialFeature(creds, \"CREDENTIALS_PROFILE_PROCESS\", \"v\")));\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nexport const resolveSsoCredentials = async (profile, profileData, options = {}) => {\n const { fromSSO } = await import(\"@aws-sdk/credential-provider-sso\");\n return fromSSO({\n profile,\n logger: options.logger,\n parentClientConfig: options.parentClientConfig,\n clientConfig: options.clientConfig,\n })().then((creds) => {\n if (profileData.sso_session) {\n return setCredentialFeature(creds, \"CREDENTIALS_PROFILE_SSO\", \"r\");\n }\n else {\n return setCredentialFeature(creds, \"CREDENTIALS_PROFILE_SSO_LEGACY\", \"t\");\n }\n });\n};\nexport const isSsoProfile = (arg) => arg &&\n (typeof arg.sso_start_url === \"string\" ||\n typeof arg.sso_account_id === \"string\" ||\n typeof arg.sso_session === \"string\" ||\n typeof arg.sso_region === \"string\" ||\n typeof arg.sso_role_name === \"string\");\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nexport const isStaticCredsProfile = (arg) => Boolean(arg) &&\n typeof arg === \"object\" &&\n typeof arg.aws_access_key_id === \"string\" &&\n typeof arg.aws_secret_access_key === \"string\" &&\n [\"undefined\", \"string\"].indexOf(typeof arg.aws_session_token) > -1 &&\n [\"undefined\", \"string\"].indexOf(typeof arg.aws_account_id) > -1;\nexport const resolveStaticCredentials = async (profile, options) => {\n options?.logger?.debug(\"@aws-sdk/credential-provider-ini - resolveStaticCredentials\");\n const credentials = {\n accessKeyId: profile.aws_access_key_id,\n secretAccessKey: profile.aws_secret_access_key,\n sessionToken: profile.aws_session_token,\n ...(profile.aws_credential_scope && { credentialScope: profile.aws_credential_scope }),\n ...(profile.aws_account_id && { accountId: profile.aws_account_id }),\n };\n return setCredentialFeature(credentials, \"CREDENTIALS_PROFILE\", \"n\");\n};\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nexport const isWebIdentityProfile = (arg) => Boolean(arg) &&\n typeof arg === \"object\" &&\n typeof arg.web_identity_token_file === \"string\" &&\n typeof arg.role_arn === \"string\" &&\n [\"undefined\", \"string\"].indexOf(typeof arg.role_session_name) > -1;\nexport const resolveWebIdentityCredentials = async (profile, options) => import(\"@aws-sdk/credential-provider-web-identity\").then(({ fromTokenFile }) => fromTokenFile({\n webIdentityTokenFile: profile.web_identity_token_file,\n roleArn: profile.role_arn,\n roleSessionName: profile.role_session_name,\n roleAssumerWithWebIdentity: options.roleAssumerWithWebIdentity,\n logger: options.logger,\n parentClientConfig: options.parentClientConfig,\n})().then((creds) => setCredentialFeature(creds, \"CREDENTIALS_PROFILE_STS_WEB_ID_TOKEN\", \"q\")));\n","import { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { isAssumeRoleProfile, resolveAssumeRoleCredentials } from \"./resolveAssumeRoleCredentials\";\nimport { isProcessProfile, resolveProcessCredentials } from \"./resolveProcessCredentials\";\nimport { isSsoProfile, resolveSsoCredentials } from \"./resolveSsoCredentials\";\nimport { isStaticCredsProfile, resolveStaticCredentials } from \"./resolveStaticCredentials\";\nimport { isWebIdentityProfile, resolveWebIdentityCredentials } from \"./resolveWebIdentityCredentials\";\nexport const resolveProfileData = async (profileName, profiles, options, visitedProfiles = {}, isAssumeRoleRecursiveCall = false) => {\n const data = profiles[profileName];\n if (Object.keys(visitedProfiles).length > 0 && isStaticCredsProfile(data)) {\n return resolveStaticCredentials(data, options);\n }\n if (isAssumeRoleRecursiveCall || isAssumeRoleProfile(data, { profile: profileName, logger: options.logger })) {\n return resolveAssumeRoleCredentials(profileName, profiles, options, visitedProfiles);\n }\n if (isStaticCredsProfile(data)) {\n return resolveStaticCredentials(data, options);\n }\n if (isWebIdentityProfile(data)) {\n return resolveWebIdentityCredentials(data, options);\n }\n if (isProcessProfile(data)) {\n return resolveProcessCredentials(options, profileName);\n }\n if (isSsoProfile(data)) {\n return await resolveSsoCredentials(profileName, data, options);\n }\n throw new CredentialsProviderError(`Could not resolve credentials using profile: [${profileName}] in configuration/credentials file(s).`, { logger: options.logger });\n};\n","import { getProfileName, parseKnownFiles } from \"@smithy/shared-ini-file-loader\";\nimport { resolveProfileData } from \"./resolveProfileData\";\nexport const fromIni = (_init = {}) => async ({ callerClientConfig } = {}) => {\n const init = {\n ..._init,\n parentClientConfig: {\n ...callerClientConfig,\n ..._init.parentClientConfig,\n },\n };\n init.logger?.debug(\"@aws-sdk/credential-provider-ini - fromIni\");\n const profiles = await parseKnownFiles(init);\n return resolveProfileData(getProfileName({\n profile: _init.profile ?? callerClientConfig?.profile,\n }), profiles, init);\n};\n"],"mappings":";;;;;;;;;;;;;;AAEO,IAAM,0BAA0B,CAAC,kBAAkB,aAAa,WAAW;AAC9E,QAAM,qBAAqB;AAAA,IACvB,cAAc,OAAO,YAAY;AAC7B,YAAM,EAAE,SAAS,IAAI,MAAM,OAAO,uBAAmC;AACrE,YAAM,EAAE,sBAAsB,IAAI,MAAM,OAAO,uBAAkC;AACjF,cAAQ,MAAM,sEAAsE;AACpF,aAAO,YAAY,MAAM,SAAS,WAAW,CAAC,CAAC,GAAG,sBAAsB,OAAO,CAAC,EAAE,EAAE,KAAK,gBAAgB;AAAA,IAC7G;AAAA,IACA,qBAAqB,OAAO,YAAY;AACpC,cAAQ,MAAM,6EAA6E;AAC3F,YAAM,EAAE,qBAAqB,IAAI,MAAM,OAAO,uBAAkC;AAChF,aAAO,YAAY,qBAAqB,OAAO,EAAE,EAAE,KAAK,gBAAgB;AAAA,IAC5E;AAAA,IACA,aAAa,OAAO,YAAY;AAC5B,cAAQ,MAAM,qEAAqE;AACnF,YAAM,EAAE,QAAQ,IAAI,MAAM,OAAO,uBAAkC;AACnE,aAAO,YAAY,QAAQ,OAAO,EAAE,EAAE,KAAK,gBAAgB;AAAA,IAC/D;AAAA,EACJ;AACA,MAAI,oBAAoB,oBAAoB;AACxC,WAAO,mBAAmB,gBAAgB;AAAA,EAC9C,OACK;AACD,UAAM,IAAI,yBAAyB,4CAA4C,WAAW,SAAS,gBAAgB,kEAC/C,EAAE,OAAO,CAAC;AAAA,EAClF;AACJ;AACA,IAAM,mBAAmB,CAAC,UAAU,qBAAqB,OAAO,sCAAsC,GAAG;;;ACxBlG,IAAM,sBAAsB,CAAC,KAAK,EAAE,UAAU,WAAW,OAAO,IAAI,CAAC,MAAM;AAC9E,SAAQ,QAAQ,GAAG,KACf,OAAO,QAAQ,YACf,OAAO,IAAI,aAAa,YACxB,CAAC,aAAa,QAAQ,EAAE,QAAQ,OAAO,IAAI,iBAAiB,IAAI,MAChE,CAAC,aAAa,QAAQ,EAAE,QAAQ,OAAO,IAAI,WAAW,IAAI,MAC1D,CAAC,aAAa,QAAQ,EAAE,QAAQ,OAAO,IAAI,UAAU,IAAI,OACxD,8BAA8B,KAAK,EAAE,SAAS,OAAO,CAAC,KAAK,0BAA0B,KAAK,EAAE,SAAS,OAAO,CAAC;AACtH;AACA,IAAM,gCAAgC,CAAC,KAAK,EAAE,SAAS,OAAO,MAAM;AAChE,QAAM,oBAAoB,OAAO,IAAI,mBAAmB,YAAY,OAAO,IAAI,sBAAsB;AACrG,MAAI,mBAAmB;AACnB,YAAQ,QAAQ,OAAO,OAAO,iDAAiD,IAAI,cAAc,EAAE;AAAA,EACvG;AACA,SAAO;AACX;AACA,IAAM,4BAA4B,CAAC,KAAK,EAAE,SAAS,OAAO,MAAM;AAC5D,QAAM,sBAAsB,OAAO,IAAI,sBAAsB,YAAY,OAAO,IAAI,mBAAmB;AACvG,MAAI,qBAAqB;AACrB,YAAQ,QAAQ,OAAO,OAAO,gDAAgD,IAAI,iBAAiB,EAAE;AAAA,EACzG;AACA,SAAO;AACX;AACO,IAAM,+BAA+B,OAAO,aAAa,UAAU,SAAS,kBAAkB,CAAC,MAAM;AACxG,UAAQ,QAAQ,MAAM,uEAAuE;AAC7F,QAAM,cAAc,SAAS,WAAW;AACxC,QAAM,EAAE,gBAAgB,OAAO,IAAI;AACnC,MAAI,CAAC,QAAQ,aAAa;AACtB,UAAM,EAAE,sBAAsB,IAAI,MAAM,OAAO,mBAA6B;AAC5E,YAAQ,cAAc,sBAAsB;AAAA,MACxC,GAAG,QAAQ;AAAA,MACX,0BAA0B,QAAQ;AAAA,MAClC,oBAAoB;AAAA,QAChB,GAAG,SAAS;AAAA,QACZ,QAAQ,UAAU,SAAS,oBAAoB;AAAA,MACnD;AAAA,IACJ,GAAG,QAAQ,aAAa;AAAA,EAC5B;AACA,MAAI,kBAAkB,kBAAkB,iBAAiB;AACrD,UAAM,IAAI,yBAAyB,kEAC3B,eAAe,OAAO,CAAC,yBAC3B,OAAO,KAAK,eAAe,EAAE,KAAK,IAAI,GAAG,EAAE,QAAQ,QAAQ,OAAO,CAAC;AAAA,EAC3E;AACA,UAAQ,QAAQ,MAAM,wEAAwE,iBAAiB,mBAAmB,cAAc,MAAM,YAAY,WAAW,GAAG,EAAE;AAClL,QAAM,sBAAsB,iBACtB,mBAAmB,gBAAgB,UAAU,SAAS;AAAA,IACpD,GAAG;AAAA,IACH,CAAC,cAAc,GAAG;AAAA,EACtB,GAAG,iCAAiC,SAAS,cAAc,KAAK,CAAC,CAAC,CAAC,KAChE,MAAM,wBAAwB,YAAY,mBAAmB,aAAa,QAAQ,MAAM,EAAE,OAAO,GAAG;AAC3G,MAAI,iCAAiC,WAAW,GAAG;AAC/C,WAAO,oBAAoB,KAAK,CAAC,UAAU,qBAAqB,OAAO,sCAAsC,GAAG,CAAC;AAAA,EACrH,OACK;AACD,UAAM,SAAS;AAAA,MACX,SAAS,YAAY;AAAA,MACrB,iBAAiB,YAAY,qBAAqB,cAAc,KAAK,IAAI,CAAC;AAAA,MAC1E,YAAY,YAAY;AAAA,MACxB,iBAAiB,SAAS,YAAY,oBAAoB,QAAQ,EAAE;AAAA,IACxE;AACA,UAAM,EAAE,WAAW,IAAI;AACvB,QAAI,YAAY;AACZ,UAAI,CAAC,QAAQ,iBAAiB;AAC1B,cAAM,IAAI,yBAAyB,WAAW,WAAW,iFAAiF,EAAE,QAAQ,QAAQ,QAAQ,aAAa,MAAM,CAAC;AAAA,MAC5L;AACA,aAAO,eAAe;AACtB,aAAO,YAAY,MAAM,QAAQ,gBAAgB,UAAU;AAAA,IAC/D;AACA,UAAM,cAAc,MAAM;AAC1B,WAAO,QAAQ,YAAY,aAAa,MAAM,EAAE,KAAK,CAAC,UAAU,qBAAqB,OAAO,sCAAsC,GAAG,CAAC;AAAA,EAC1I;AACJ;AACA,IAAM,mCAAmC,CAAC,YAAY;AAClD,SAAO,CAAC,QAAQ,YAAY,CAAC,CAAC,QAAQ;AAC1C;;;AC9EO,IAAM,mBAAmB,CAAC,QAAQ,QAAQ,GAAG,KAAK,OAAO,QAAQ,YAAY,OAAO,IAAI,uBAAuB;AAC/G,IAAM,4BAA4B,OAAO,SAAS,YAAY,OAAO,uBAAsC,EAAE,KAAK,CAAC,EAAE,YAAY,MAAM,YAAY;AAAA,EACtJ,GAAG;AAAA,EACH;AACJ,CAAC,EAAE,EAAE,KAAK,CAAC,UAAU,qBAAqB,OAAO,+BAA+B,GAAG,CAAC,CAAC;;;ACJ9E,IAAM,wBAAwB,OAAO,SAAS,aAAa,UAAU,CAAC,MAAM;AAC/E,QAAM,EAAE,QAAQ,IAAI,MAAM,OAAO,uBAAkC;AACnE,SAAO,QAAQ;AAAA,IACX;AAAA,IACA,QAAQ,QAAQ;AAAA,IAChB,oBAAoB,QAAQ;AAAA,IAC5B,cAAc,QAAQ;AAAA,EAC1B,CAAC,EAAE,EAAE,KAAK,CAAC,UAAU;AACjB,QAAI,YAAY,aAAa;AACzB,aAAO,qBAAqB,OAAO,2BAA2B,GAAG;AAAA,IACrE,OACK;AACD,aAAO,qBAAqB,OAAO,kCAAkC,GAAG;AAAA,IAC5E;AAAA,EACJ,CAAC;AACL;AACO,IAAM,eAAe,CAAC,QAAQ,QAChC,OAAO,IAAI,kBAAkB,YAC1B,OAAO,IAAI,mBAAmB,YAC9B,OAAO,IAAI,gBAAgB,YAC3B,OAAO,IAAI,eAAe,YAC1B,OAAO,IAAI,kBAAkB;;;ACrB9B,IAAM,uBAAuB,CAAC,QAAQ,QAAQ,GAAG,KACpD,OAAO,QAAQ,YACf,OAAO,IAAI,sBAAsB,YACjC,OAAO,IAAI,0BAA0B,YACrC,CAAC,aAAa,QAAQ,EAAE,QAAQ,OAAO,IAAI,iBAAiB,IAAI,MAChE,CAAC,aAAa,QAAQ,EAAE,QAAQ,OAAO,IAAI,cAAc,IAAI;AAC1D,IAAM,2BAA2B,OAAO,SAAS,YAAY;AAChE,WAAS,QAAQ,MAAM,6DAA6D;AACpF,QAAM,cAAc;AAAA,IAChB,aAAa,QAAQ;AAAA,IACrB,iBAAiB,QAAQ;AAAA,IACzB,cAAc,QAAQ;AAAA,IACtB,GAAI,QAAQ,wBAAwB,EAAE,iBAAiB,QAAQ,qBAAqB;AAAA,IACpF,GAAI,QAAQ,kBAAkB,EAAE,WAAW,QAAQ,eAAe;AAAA,EACtE;AACA,SAAO,qBAAqB,aAAa,uBAAuB,GAAG;AACvE;;;AChBO,IAAM,uBAAuB,CAAC,QAAQ,QAAQ,GAAG,KACpD,OAAO,QAAQ,YACf,OAAO,IAAI,4BAA4B,YACvC,OAAO,IAAI,aAAa,YACxB,CAAC,aAAa,QAAQ,EAAE,QAAQ,OAAO,IAAI,iBAAiB,IAAI;AAC7D,IAAM,gCAAgC,OAAO,SAAS,YAAY,OAAO,uBAA2C,EAAE,KAAK,CAAC,EAAE,cAAc,MAAM,cAAc;AAAA,EACnK,sBAAsB,QAAQ;AAAA,EAC9B,SAAS,QAAQ;AAAA,EACjB,iBAAiB,QAAQ;AAAA,EACzB,4BAA4B,QAAQ;AAAA,EACpC,QAAQ,QAAQ;AAAA,EAChB,oBAAoB,QAAQ;AAChC,CAAC,EAAE,EAAE,KAAK,CAAC,UAAU,qBAAqB,OAAO,wCAAwC,GAAG,CAAC,CAAC;;;ACPvF,IAAM,qBAAqB,OAAO,aAAa,UAAU,SAAS,kBAAkB,CAAC,GAAG,4BAA4B,UAAU;AACjI,QAAM,OAAO,SAAS,WAAW;AACjC,MAAI,OAAO,KAAK,eAAe,EAAE,SAAS,KAAK,qBAAqB,IAAI,GAAG;AACvE,WAAO,yBAAyB,MAAM,OAAO;AAAA,EACjD;AACA,MAAI,6BAA6B,oBAAoB,MAAM,EAAE,SAAS,aAAa,QAAQ,QAAQ,OAAO,CAAC,GAAG;AAC1G,WAAO,6BAA6B,aAAa,UAAU,SAAS,eAAe;AAAA,EACvF;AACA,MAAI,qBAAqB,IAAI,GAAG;AAC5B,WAAO,yBAAyB,MAAM,OAAO;AAAA,EACjD;AACA,MAAI,qBAAqB,IAAI,GAAG;AAC5B,WAAO,8BAA8B,MAAM,OAAO;AAAA,EACtD;AACA,MAAI,iBAAiB,IAAI,GAAG;AACxB,WAAO,0BAA0B,SAAS,WAAW;AAAA,EACzD;AACA,MAAI,aAAa,IAAI,GAAG;AACpB,WAAO,MAAM,sBAAsB,aAAa,MAAM,OAAO;AAAA,EACjE;AACA,QAAM,IAAI,yBAAyB,iDAAiD,WAAW,2CAA2C,EAAE,QAAQ,QAAQ,OAAO,CAAC;AACxK;;;ACzBO,IAAM,UAAU,CAAC,QAAQ,CAAC,MAAM,OAAO,EAAE,mBAAmB,IAAI,CAAC,MAAM;AAC1E,QAAM,OAAO;AAAA,IACT,GAAG;AAAA,IACH,oBAAoB;AAAA,MAChB,GAAG;AAAA,MACH,GAAG,MAAM;AAAA,IACb;AAAA,EACJ;AACA,OAAK,QAAQ,MAAM,4CAA4C;AAC/D,QAAM,WAAW,MAAM,gBAAgB,IAAI;AAC3C,SAAO,mBAAmB,eAAe;AAAA,IACrC,SAAS,MAAM,WAAW,oBAAoB;AAAA,EAClD,CAAC,GAAG,UAAU,IAAI;AACtB;","names":[]}
|
|
1
|
+
{"version":3,"sources":["../../node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveCredentialSource.js","../../node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveAssumeRoleCredentials.js","../../node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveProcessCredentials.js","../../node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveSsoCredentials.js","../../node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveStaticCredentials.js","../../node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveWebIdentityCredentials.js","../../node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveProfileData.js","../../node_modules/@aws-sdk/credential-provider-ini/dist-es/fromIni.js"],"sourcesContent":["import { setCredentialFeature } from \"@aws-sdk/core/client\";\nimport { chain, CredentialsProviderError } from \"@smithy/property-provider\";\nexport const resolveCredentialSource = (credentialSource, profileName, logger) => {\n const sourceProvidersMap = {\n EcsContainer: async (options) => {\n const { fromHttp } = await import(\"@aws-sdk/credential-provider-http\");\n const { fromContainerMetadata } = await import(\"@smithy/credential-provider-imds\");\n logger?.debug(\"@aws-sdk/credential-provider-ini - credential_source is EcsContainer\");\n return async () => chain(fromHttp(options ?? {}), fromContainerMetadata(options))().then(setNamedProvider);\n },\n Ec2InstanceMetadata: async (options) => {\n logger?.debug(\"@aws-sdk/credential-provider-ini - credential_source is Ec2InstanceMetadata\");\n const { fromInstanceMetadata } = await import(\"@smithy/credential-provider-imds\");\n return async () => fromInstanceMetadata(options)().then(setNamedProvider);\n },\n Environment: async (options) => {\n logger?.debug(\"@aws-sdk/credential-provider-ini - credential_source is Environment\");\n const { fromEnv } = await import(\"@aws-sdk/credential-provider-env\");\n return async () => fromEnv(options)().then(setNamedProvider);\n },\n };\n if (credentialSource in sourceProvidersMap) {\n return sourceProvidersMap[credentialSource];\n }\n else {\n throw new CredentialsProviderError(`Unsupported credential source in profile ${profileName}. Got ${credentialSource}, ` +\n `expected EcsContainer or Ec2InstanceMetadata or Environment.`, { logger });\n }\n};\nconst setNamedProvider = (creds) => setCredentialFeature(creds, \"CREDENTIALS_PROFILE_NAMED_PROVIDER\", \"p\");\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nimport { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { getProfileName } from \"@smithy/shared-ini-file-loader\";\nimport { resolveCredentialSource } from \"./resolveCredentialSource\";\nimport { resolveProfileData } from \"./resolveProfileData\";\nexport const isAssumeRoleProfile = (arg, { profile = \"default\", logger } = {}) => {\n return (Boolean(arg) &&\n typeof arg === \"object\" &&\n typeof arg.role_arn === \"string\" &&\n [\"undefined\", \"string\"].indexOf(typeof arg.role_session_name) > -1 &&\n [\"undefined\", \"string\"].indexOf(typeof arg.external_id) > -1 &&\n [\"undefined\", \"string\"].indexOf(typeof arg.mfa_serial) > -1 &&\n (isAssumeRoleWithSourceProfile(arg, { profile, logger }) || isCredentialSourceProfile(arg, { profile, logger })));\n};\nconst isAssumeRoleWithSourceProfile = (arg, { profile, logger }) => {\n const withSourceProfile = typeof arg.source_profile === \"string\" && typeof arg.credential_source === \"undefined\";\n if (withSourceProfile) {\n logger?.debug?.(` ${profile} isAssumeRoleWithSourceProfile source_profile=${arg.source_profile}`);\n }\n return withSourceProfile;\n};\nconst isCredentialSourceProfile = (arg, { profile, logger }) => {\n const withProviderProfile = typeof arg.credential_source === \"string\" && typeof arg.source_profile === \"undefined\";\n if (withProviderProfile) {\n logger?.debug?.(` ${profile} isCredentialSourceProfile credential_source=${arg.credential_source}`);\n }\n return withProviderProfile;\n};\nexport const resolveAssumeRoleCredentials = async (profileName, profiles, options, visitedProfiles = {}) => {\n options.logger?.debug(\"@aws-sdk/credential-provider-ini - resolveAssumeRoleCredentials (STS)\");\n const profileData = profiles[profileName];\n const { source_profile, region } = profileData;\n if (!options.roleAssumer) {\n const { getDefaultRoleAssumer } = await import(\"@aws-sdk/nested-clients/sts\");\n options.roleAssumer = getDefaultRoleAssumer({\n ...options.clientConfig,\n credentialProviderLogger: options.logger,\n parentClientConfig: {\n ...options?.parentClientConfig,\n region: region ?? options?.parentClientConfig?.region,\n },\n }, options.clientPlugins);\n }\n if (source_profile && source_profile in visitedProfiles) {\n throw new CredentialsProviderError(`Detected a cycle attempting to resolve credentials for profile` +\n ` ${getProfileName(options)}. Profiles visited: ` +\n Object.keys(visitedProfiles).join(\", \"), { logger: options.logger });\n }\n options.logger?.debug(`@aws-sdk/credential-provider-ini - finding credential resolver using ${source_profile ? `source_profile=[${source_profile}]` : `profile=[${profileName}]`}`);\n const sourceCredsProvider = source_profile\n ? resolveProfileData(source_profile, profiles, options, {\n ...visitedProfiles,\n [source_profile]: true,\n }, isCredentialSourceWithoutRoleArn(profiles[source_profile] ?? {}))\n : (await resolveCredentialSource(profileData.credential_source, profileName, options.logger)(options))();\n if (isCredentialSourceWithoutRoleArn(profileData)) {\n return sourceCredsProvider.then((creds) => setCredentialFeature(creds, \"CREDENTIALS_PROFILE_SOURCE_PROFILE\", \"o\"));\n }\n else {\n const params = {\n RoleArn: profileData.role_arn,\n RoleSessionName: profileData.role_session_name || `aws-sdk-js-${Date.now()}`,\n ExternalId: profileData.external_id,\n DurationSeconds: parseInt(profileData.duration_seconds || \"3600\", 10),\n };\n const { mfa_serial } = profileData;\n if (mfa_serial) {\n if (!options.mfaCodeProvider) {\n throw new CredentialsProviderError(`Profile ${profileName} requires multi-factor authentication, but no MFA code callback was provided.`, { logger: options.logger, tryNextLink: false });\n }\n params.SerialNumber = mfa_serial;\n params.TokenCode = await options.mfaCodeProvider(mfa_serial);\n }\n const sourceCreds = await sourceCredsProvider;\n return options.roleAssumer(sourceCreds, params).then((creds) => setCredentialFeature(creds, \"CREDENTIALS_PROFILE_SOURCE_PROFILE\", \"o\"));\n }\n};\nconst isCredentialSourceWithoutRoleArn = (section) => {\n return !section.role_arn && !!section.credential_source;\n};\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nexport const isProcessProfile = (arg) => Boolean(arg) && typeof arg === \"object\" && typeof arg.credential_process === \"string\";\nexport const resolveProcessCredentials = async (options, profile) => import(\"@aws-sdk/credential-provider-process\").then(({ fromProcess }) => fromProcess({\n ...options,\n profile,\n})().then((creds) => setCredentialFeature(creds, \"CREDENTIALS_PROFILE_PROCESS\", \"v\")));\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nexport const resolveSsoCredentials = async (profile, profileData, options = {}) => {\n const { fromSSO } = await import(\"@aws-sdk/credential-provider-sso\");\n return fromSSO({\n profile,\n logger: options.logger,\n parentClientConfig: options.parentClientConfig,\n clientConfig: options.clientConfig,\n })().then((creds) => {\n if (profileData.sso_session) {\n return setCredentialFeature(creds, \"CREDENTIALS_PROFILE_SSO\", \"r\");\n }\n else {\n return setCredentialFeature(creds, \"CREDENTIALS_PROFILE_SSO_LEGACY\", \"t\");\n }\n });\n};\nexport const isSsoProfile = (arg) => arg &&\n (typeof arg.sso_start_url === \"string\" ||\n typeof arg.sso_account_id === \"string\" ||\n typeof arg.sso_session === \"string\" ||\n typeof arg.sso_region === \"string\" ||\n typeof arg.sso_role_name === \"string\");\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nexport const isStaticCredsProfile = (arg) => Boolean(arg) &&\n typeof arg === \"object\" &&\n typeof arg.aws_access_key_id === \"string\" &&\n typeof arg.aws_secret_access_key === \"string\" &&\n [\"undefined\", \"string\"].indexOf(typeof arg.aws_session_token) > -1 &&\n [\"undefined\", \"string\"].indexOf(typeof arg.aws_account_id) > -1;\nexport const resolveStaticCredentials = async (profile, options) => {\n options?.logger?.debug(\"@aws-sdk/credential-provider-ini - resolveStaticCredentials\");\n const credentials = {\n accessKeyId: profile.aws_access_key_id,\n secretAccessKey: profile.aws_secret_access_key,\n sessionToken: profile.aws_session_token,\n ...(profile.aws_credential_scope && { credentialScope: profile.aws_credential_scope }),\n ...(profile.aws_account_id && { accountId: profile.aws_account_id }),\n };\n return setCredentialFeature(credentials, \"CREDENTIALS_PROFILE\", \"n\");\n};\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nexport const isWebIdentityProfile = (arg) => Boolean(arg) &&\n typeof arg === \"object\" &&\n typeof arg.web_identity_token_file === \"string\" &&\n typeof arg.role_arn === \"string\" &&\n [\"undefined\", \"string\"].indexOf(typeof arg.role_session_name) > -1;\nexport const resolveWebIdentityCredentials = async (profile, options) => import(\"@aws-sdk/credential-provider-web-identity\").then(({ fromTokenFile }) => fromTokenFile({\n webIdentityTokenFile: profile.web_identity_token_file,\n roleArn: profile.role_arn,\n roleSessionName: profile.role_session_name,\n roleAssumerWithWebIdentity: options.roleAssumerWithWebIdentity,\n logger: options.logger,\n parentClientConfig: options.parentClientConfig,\n})().then((creds) => setCredentialFeature(creds, \"CREDENTIALS_PROFILE_STS_WEB_ID_TOKEN\", \"q\")));\n","import { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { isAssumeRoleProfile, resolveAssumeRoleCredentials } from \"./resolveAssumeRoleCredentials\";\nimport { isProcessProfile, resolveProcessCredentials } from \"./resolveProcessCredentials\";\nimport { isSsoProfile, resolveSsoCredentials } from \"./resolveSsoCredentials\";\nimport { isStaticCredsProfile, resolveStaticCredentials } from \"./resolveStaticCredentials\";\nimport { isWebIdentityProfile, resolveWebIdentityCredentials } from \"./resolveWebIdentityCredentials\";\nexport const resolveProfileData = async (profileName, profiles, options, visitedProfiles = {}, isAssumeRoleRecursiveCall = false) => {\n const data = profiles[profileName];\n if (Object.keys(visitedProfiles).length > 0 && isStaticCredsProfile(data)) {\n return resolveStaticCredentials(data, options);\n }\n if (isAssumeRoleRecursiveCall || isAssumeRoleProfile(data, { profile: profileName, logger: options.logger })) {\n return resolveAssumeRoleCredentials(profileName, profiles, options, visitedProfiles);\n }\n if (isStaticCredsProfile(data)) {\n return resolveStaticCredentials(data, options);\n }\n if (isWebIdentityProfile(data)) {\n return resolveWebIdentityCredentials(data, options);\n }\n if (isProcessProfile(data)) {\n return resolveProcessCredentials(options, profileName);\n }\n if (isSsoProfile(data)) {\n return await resolveSsoCredentials(profileName, data, options);\n }\n throw new CredentialsProviderError(`Could not resolve credentials using profile: [${profileName}] in configuration/credentials file(s).`, { logger: options.logger });\n};\n","import { getProfileName, parseKnownFiles } from \"@smithy/shared-ini-file-loader\";\nimport { resolveProfileData } from \"./resolveProfileData\";\nexport const fromIni = (_init = {}) => async ({ callerClientConfig } = {}) => {\n const init = {\n ..._init,\n parentClientConfig: {\n ...callerClientConfig,\n ..._init.parentClientConfig,\n },\n };\n init.logger?.debug(\"@aws-sdk/credential-provider-ini - fromIni\");\n const profiles = await parseKnownFiles(init);\n return resolveProfileData(getProfileName({\n profile: _init.profile ?? callerClientConfig?.profile,\n }), profiles, init);\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;AAEO,IAAM,0BAA0B,CAAC,kBAAkB,aAAa,WAAW;AAC9E,QAAM,qBAAqB;AAAA,IACvB,cAAc,OAAO,YAAY;AAC7B,YAAM,EAAE,SAAS,IAAI,MAAM,OAAO,uBAAmC;AACrE,YAAM,EAAE,sBAAsB,IAAI,MAAM,OAAO,uBAAkC;AACjF,cAAQ,MAAM,sEAAsE;AACpF,aAAO,YAAY,MAAM,SAAS,WAAW,CAAC,CAAC,GAAG,sBAAsB,OAAO,CAAC,EAAE,EAAE,KAAK,gBAAgB;AAAA,IAC7G;AAAA,IACA,qBAAqB,OAAO,YAAY;AACpC,cAAQ,MAAM,6EAA6E;AAC3F,YAAM,EAAE,qBAAqB,IAAI,MAAM,OAAO,uBAAkC;AAChF,aAAO,YAAY,qBAAqB,OAAO,EAAE,EAAE,KAAK,gBAAgB;AAAA,IAC5E;AAAA,IACA,aAAa,OAAO,YAAY;AAC5B,cAAQ,MAAM,qEAAqE;AACnF,YAAM,EAAE,QAAQ,IAAI,MAAM,OAAO,uBAAkC;AACnE,aAAO,YAAY,QAAQ,OAAO,EAAE,EAAE,KAAK,gBAAgB;AAAA,IAC/D;AAAA,EACJ;AACA,MAAI,oBAAoB,oBAAoB;AACxC,WAAO,mBAAmB,gBAAgB;AAAA,EAC9C,OACK;AACD,UAAM,IAAI,yBAAyB,4CAA4C,WAAW,SAAS,gBAAgB,kEAC/C,EAAE,OAAO,CAAC;AAAA,EAClF;AACJ;AACA,IAAM,mBAAmB,CAAC,UAAU,qBAAqB,OAAO,sCAAsC,GAAG;;;ACxBlG,IAAM,sBAAsB,CAAC,KAAK,EAAE,UAAU,WAAW,OAAO,IAAI,CAAC,MAAM;AAC9E,SAAQ,QAAQ,GAAG,KACf,OAAO,QAAQ,YACf,OAAO,IAAI,aAAa,YACxB,CAAC,aAAa,QAAQ,EAAE,QAAQ,OAAO,IAAI,iBAAiB,IAAI,MAChE,CAAC,aAAa,QAAQ,EAAE,QAAQ,OAAO,IAAI,WAAW,IAAI,MAC1D,CAAC,aAAa,QAAQ,EAAE,QAAQ,OAAO,IAAI,UAAU,IAAI,OACxD,8BAA8B,KAAK,EAAE,SAAS,OAAO,CAAC,KAAK,0BAA0B,KAAK,EAAE,SAAS,OAAO,CAAC;AACtH;AACA,IAAM,gCAAgC,CAAC,KAAK,EAAE,SAAS,OAAO,MAAM;AAChE,QAAM,oBAAoB,OAAO,IAAI,mBAAmB,YAAY,OAAO,IAAI,sBAAsB;AACrG,MAAI,mBAAmB;AACnB,YAAQ,QAAQ,OAAO,OAAO,iDAAiD,IAAI,cAAc,EAAE;AAAA,EACvG;AACA,SAAO;AACX;AACA,IAAM,4BAA4B,CAAC,KAAK,EAAE,SAAS,OAAO,MAAM;AAC5D,QAAM,sBAAsB,OAAO,IAAI,sBAAsB,YAAY,OAAO,IAAI,mBAAmB;AACvG,MAAI,qBAAqB;AACrB,YAAQ,QAAQ,OAAO,OAAO,gDAAgD,IAAI,iBAAiB,EAAE;AAAA,EACzG;AACA,SAAO;AACX;AACO,IAAM,+BAA+B,OAAO,aAAa,UAAU,SAAS,kBAAkB,CAAC,MAAM;AACxG,UAAQ,QAAQ,MAAM,uEAAuE;AAC7F,QAAM,cAAc,SAAS,WAAW;AACxC,QAAM,EAAE,gBAAgB,OAAO,IAAI;AACnC,MAAI,CAAC,QAAQ,aAAa;AACtB,UAAM,EAAE,sBAAsB,IAAI,MAAM,OAAO,mBAA6B;AAC5E,YAAQ,cAAc,sBAAsB;AAAA,MACxC,GAAG,QAAQ;AAAA,MACX,0BAA0B,QAAQ;AAAA,MAClC,oBAAoB;AAAA,QAChB,GAAG,SAAS;AAAA,QACZ,QAAQ,UAAU,SAAS,oBAAoB;AAAA,MACnD;AAAA,IACJ,GAAG,QAAQ,aAAa;AAAA,EAC5B;AACA,MAAI,kBAAkB,kBAAkB,iBAAiB;AACrD,UAAM,IAAI,yBAAyB,kEAC3B,eAAe,OAAO,CAAC,yBAC3B,OAAO,KAAK,eAAe,EAAE,KAAK,IAAI,GAAG,EAAE,QAAQ,QAAQ,OAAO,CAAC;AAAA,EAC3E;AACA,UAAQ,QAAQ,MAAM,wEAAwE,iBAAiB,mBAAmB,cAAc,MAAM,YAAY,WAAW,GAAG,EAAE;AAClL,QAAM,sBAAsB,iBACtB,mBAAmB,gBAAgB,UAAU,SAAS;AAAA,IACpD,GAAG;AAAA,IACH,CAAC,cAAc,GAAG;AAAA,EACtB,GAAG,iCAAiC,SAAS,cAAc,KAAK,CAAC,CAAC,CAAC,KAChE,MAAM,wBAAwB,YAAY,mBAAmB,aAAa,QAAQ,MAAM,EAAE,OAAO,GAAG;AAC3G,MAAI,iCAAiC,WAAW,GAAG;AAC/C,WAAO,oBAAoB,KAAK,CAAC,UAAU,qBAAqB,OAAO,sCAAsC,GAAG,CAAC;AAAA,EACrH,OACK;AACD,UAAM,SAAS;AAAA,MACX,SAAS,YAAY;AAAA,MACrB,iBAAiB,YAAY,qBAAqB,cAAc,KAAK,IAAI,CAAC;AAAA,MAC1E,YAAY,YAAY;AAAA,MACxB,iBAAiB,SAAS,YAAY,oBAAoB,QAAQ,EAAE;AAAA,IACxE;AACA,UAAM,EAAE,WAAW,IAAI;AACvB,QAAI,YAAY;AACZ,UAAI,CAAC,QAAQ,iBAAiB;AAC1B,cAAM,IAAI,yBAAyB,WAAW,WAAW,iFAAiF,EAAE,QAAQ,QAAQ,QAAQ,aAAa,MAAM,CAAC;AAAA,MAC5L;AACA,aAAO,eAAe;AACtB,aAAO,YAAY,MAAM,QAAQ,gBAAgB,UAAU;AAAA,IAC/D;AACA,UAAM,cAAc,MAAM;AAC1B,WAAO,QAAQ,YAAY,aAAa,MAAM,EAAE,KAAK,CAAC,UAAU,qBAAqB,OAAO,sCAAsC,GAAG,CAAC;AAAA,EAC1I;AACJ;AACA,IAAM,mCAAmC,CAAC,YAAY;AAClD,SAAO,CAAC,QAAQ,YAAY,CAAC,CAAC,QAAQ;AAC1C;;;AC9EO,IAAM,mBAAmB,CAAC,QAAQ,QAAQ,GAAG,KAAK,OAAO,QAAQ,YAAY,OAAO,IAAI,uBAAuB;AAC/G,IAAM,4BAA4B,OAAO,SAAS,YAAY,OAAO,uBAAsC,EAAE,KAAK,CAAC,EAAE,YAAY,MAAM,YAAY;AAAA,EACtJ,GAAG;AAAA,EACH;AACJ,CAAC,EAAE,EAAE,KAAK,CAAC,UAAU,qBAAqB,OAAO,+BAA+B,GAAG,CAAC,CAAC;;;ACJ9E,IAAM,wBAAwB,OAAO,SAAS,aAAa,UAAU,CAAC,MAAM;AAC/E,QAAM,EAAE,QAAQ,IAAI,MAAM,OAAO,uBAAkC;AACnE,SAAO,QAAQ;AAAA,IACX;AAAA,IACA,QAAQ,QAAQ;AAAA,IAChB,oBAAoB,QAAQ;AAAA,IAC5B,cAAc,QAAQ;AAAA,EAC1B,CAAC,EAAE,EAAE,KAAK,CAAC,UAAU;AACjB,QAAI,YAAY,aAAa;AACzB,aAAO,qBAAqB,OAAO,2BAA2B,GAAG;AAAA,IACrE,OACK;AACD,aAAO,qBAAqB,OAAO,kCAAkC,GAAG;AAAA,IAC5E;AAAA,EACJ,CAAC;AACL;AACO,IAAM,eAAe,CAAC,QAAQ,QAChC,OAAO,IAAI,kBAAkB,YAC1B,OAAO,IAAI,mBAAmB,YAC9B,OAAO,IAAI,gBAAgB,YAC3B,OAAO,IAAI,eAAe,YAC1B,OAAO,IAAI,kBAAkB;;;ACrB9B,IAAM,uBAAuB,CAAC,QAAQ,QAAQ,GAAG,KACpD,OAAO,QAAQ,YACf,OAAO,IAAI,sBAAsB,YACjC,OAAO,IAAI,0BAA0B,YACrC,CAAC,aAAa,QAAQ,EAAE,QAAQ,OAAO,IAAI,iBAAiB,IAAI,MAChE,CAAC,aAAa,QAAQ,EAAE,QAAQ,OAAO,IAAI,cAAc,IAAI;AAC1D,IAAM,2BAA2B,OAAO,SAAS,YAAY;AAChE,WAAS,QAAQ,MAAM,6DAA6D;AACpF,QAAM,cAAc;AAAA,IAChB,aAAa,QAAQ;AAAA,IACrB,iBAAiB,QAAQ;AAAA,IACzB,cAAc,QAAQ;AAAA,IACtB,GAAI,QAAQ,wBAAwB,EAAE,iBAAiB,QAAQ,qBAAqB;AAAA,IACpF,GAAI,QAAQ,kBAAkB,EAAE,WAAW,QAAQ,eAAe;AAAA,EACtE;AACA,SAAO,qBAAqB,aAAa,uBAAuB,GAAG;AACvE;;;AChBO,IAAM,uBAAuB,CAAC,QAAQ,QAAQ,GAAG,KACpD,OAAO,QAAQ,YACf,OAAO,IAAI,4BAA4B,YACvC,OAAO,IAAI,aAAa,YACxB,CAAC,aAAa,QAAQ,EAAE,QAAQ,OAAO,IAAI,iBAAiB,IAAI;AAC7D,IAAM,gCAAgC,OAAO,SAAS,YAAY,OAAO,uBAA2C,EAAE,KAAK,CAAC,EAAE,cAAc,MAAM,cAAc;AAAA,EACnK,sBAAsB,QAAQ;AAAA,EAC9B,SAAS,QAAQ;AAAA,EACjB,iBAAiB,QAAQ;AAAA,EACzB,4BAA4B,QAAQ;AAAA,EACpC,QAAQ,QAAQ;AAAA,EAChB,oBAAoB,QAAQ;AAChC,CAAC,EAAE,EAAE,KAAK,CAAC,UAAU,qBAAqB,OAAO,wCAAwC,GAAG,CAAC,CAAC;;;ACPvF,IAAM,qBAAqB,OAAO,aAAa,UAAU,SAAS,kBAAkB,CAAC,GAAG,4BAA4B,UAAU;AACjI,QAAM,OAAO,SAAS,WAAW;AACjC,MAAI,OAAO,KAAK,eAAe,EAAE,SAAS,KAAK,qBAAqB,IAAI,GAAG;AACvE,WAAO,yBAAyB,MAAM,OAAO;AAAA,EACjD;AACA,MAAI,6BAA6B,oBAAoB,MAAM,EAAE,SAAS,aAAa,QAAQ,QAAQ,OAAO,CAAC,GAAG;AAC1G,WAAO,6BAA6B,aAAa,UAAU,SAAS,eAAe;AAAA,EACvF;AACA,MAAI,qBAAqB,IAAI,GAAG;AAC5B,WAAO,yBAAyB,MAAM,OAAO;AAAA,EACjD;AACA,MAAI,qBAAqB,IAAI,GAAG;AAC5B,WAAO,8BAA8B,MAAM,OAAO;AAAA,EACtD;AACA,MAAI,iBAAiB,IAAI,GAAG;AACxB,WAAO,0BAA0B,SAAS,WAAW;AAAA,EACzD;AACA,MAAI,aAAa,IAAI,GAAG;AACpB,WAAO,MAAM,sBAAsB,aAAa,MAAM,OAAO;AAAA,EACjE;AACA,QAAM,IAAI,yBAAyB,iDAAiD,WAAW,2CAA2C,EAAE,QAAQ,QAAQ,OAAO,CAAC;AACxK;;;ACzBO,IAAM,UAAU,CAAC,QAAQ,CAAC,MAAM,OAAO,EAAE,mBAAmB,IAAI,CAAC,MAAM;AAC1E,QAAM,OAAO;AAAA,IACT,GAAG;AAAA,IACH,oBAAoB;AAAA,MAChB,GAAG;AAAA,MACH,GAAG,MAAM;AAAA,IACb;AAAA,EACJ;AACA,OAAK,QAAQ,MAAM,4CAA4C;AAC/D,QAAM,WAAW,MAAM,gBAAgB,IAAI;AAC3C,SAAO,mBAAmB,eAAe;AAAA,IACrC,SAAS,MAAM,WAAW,oBAAoB;AAAA,EAClD,CAAC,GAAG,UAAU,IAAI;AACtB;","names":[]}
|
|
@@ -1,18 +1,57 @@
|
|
|
1
1
|
import {
|
|
2
|
-
getProfileName,
|
|
3
|
-
getSSOTokenFilepath,
|
|
4
|
-
getSSOTokenFromFile,
|
|
5
|
-
loadSsoSessionData,
|
|
6
2
|
parseKnownFiles
|
|
7
|
-
} from "./chunk-
|
|
3
|
+
} from "./chunk-GA2PLVMV.js";
|
|
4
|
+
import {
|
|
5
|
+
CONFIG_PREFIX_SEPARATOR,
|
|
6
|
+
IniSectionType,
|
|
7
|
+
getConfigFilepath,
|
|
8
|
+
getHomeDir,
|
|
9
|
+
getProfileName,
|
|
10
|
+
parseIni,
|
|
11
|
+
slurpFile
|
|
12
|
+
} from "./chunk-ZW5YT27C.js";
|
|
8
13
|
import {
|
|
9
14
|
setCredentialFeature
|
|
10
15
|
} from "./chunk-UZGMBQZB.js";
|
|
11
|
-
import "./chunk-3YGWW265.js";
|
|
12
16
|
import {
|
|
13
17
|
CredentialsProviderError,
|
|
14
|
-
|
|
15
|
-
} from "./chunk-
|
|
18
|
+
ProviderError
|
|
19
|
+
} from "./chunk-R2ZTENKB.js";
|
|
20
|
+
import "./chunk-PZ5AY32C.js";
|
|
21
|
+
|
|
22
|
+
// node_modules/@smithy/property-provider/dist-es/TokenProviderError.js
|
|
23
|
+
var TokenProviderError = class _TokenProviderError extends ProviderError {
|
|
24
|
+
constructor(message, options = true) {
|
|
25
|
+
super(message, options);
|
|
26
|
+
this.name = "TokenProviderError";
|
|
27
|
+
Object.setPrototypeOf(this, _TokenProviderError.prototype);
|
|
28
|
+
}
|
|
29
|
+
};
|
|
30
|
+
|
|
31
|
+
// node_modules/@smithy/shared-ini-file-loader/dist-es/getSSOTokenFilepath.js
|
|
32
|
+
import { createHash } from "crypto";
|
|
33
|
+
import { join } from "path";
|
|
34
|
+
var getSSOTokenFilepath = (id) => {
|
|
35
|
+
const hasher = createHash("sha1");
|
|
36
|
+
const cacheName = hasher.update(id).digest("hex");
|
|
37
|
+
return join(getHomeDir(), ".aws", "sso", "cache", `${cacheName}.json`);
|
|
38
|
+
};
|
|
39
|
+
|
|
40
|
+
// node_modules/@smithy/shared-ini-file-loader/dist-es/getSSOTokenFromFile.js
|
|
41
|
+
import { promises as fsPromises } from "fs";
|
|
42
|
+
var { readFile } = fsPromises;
|
|
43
|
+
var getSSOTokenFromFile = async (id) => {
|
|
44
|
+
const ssoTokenFilepath = getSSOTokenFilepath(id);
|
|
45
|
+
const ssoTokenText = await readFile(ssoTokenFilepath, "utf8");
|
|
46
|
+
return JSON.parse(ssoTokenText);
|
|
47
|
+
};
|
|
48
|
+
|
|
49
|
+
// node_modules/@smithy/shared-ini-file-loader/dist-es/getSsoSessionData.js
|
|
50
|
+
var getSsoSessionData = (data) => Object.entries(data).filter(([key]) => key.startsWith(IniSectionType.SSO_SESSION + CONFIG_PREFIX_SEPARATOR)).reduce((acc, [key, value]) => ({ ...acc, [key.substring(key.indexOf(CONFIG_PREFIX_SEPARATOR) + 1)]: value }), {});
|
|
51
|
+
|
|
52
|
+
// node_modules/@smithy/shared-ini-file-loader/dist-es/loadSsoSessionData.js
|
|
53
|
+
var swallowError = () => ({});
|
|
54
|
+
var loadSsoSessionData = async (init = {}) => slurpFile(init.configFilepath ?? getConfigFilepath()).then(parseIni).then(getSsoSessionData).catch(swallowError);
|
|
16
55
|
|
|
17
56
|
// node_modules/@aws-sdk/credential-provider-sso/dist-es/isSsoProfile.js
|
|
18
57
|
var isSsoProfile = (arg) => arg && (typeof arg.sso_start_url === "string" || typeof arg.sso_account_id === "string" || typeof arg.sso_session === "string" || typeof arg.sso_region === "string" || typeof arg.sso_role_name === "string");
|
|
@@ -23,7 +62,7 @@ var REFRESH_MESSAGE = `To refresh this SSO session run 'aws sso login' with the
|
|
|
23
62
|
|
|
24
63
|
// node_modules/@aws-sdk/token-providers/dist-es/getSsoOidcClient.js
|
|
25
64
|
var getSsoOidcClient = async (ssoRegion, init = {}) => {
|
|
26
|
-
const { SSOOIDCClient } = await import("./sso-oidc-
|
|
65
|
+
const { SSOOIDCClient } = await import("./sso-oidc-EU7F5QE4.js");
|
|
27
66
|
const ssoOidcClient = new SSOOIDCClient(Object.assign({}, init.clientConfig ?? {}, {
|
|
28
67
|
region: ssoRegion ?? init.clientConfig?.region,
|
|
29
68
|
logger: init.clientConfig?.logger ?? init.parentClientConfig?.logger
|
|
@@ -33,7 +72,7 @@ var getSsoOidcClient = async (ssoRegion, init = {}) => {
|
|
|
33
72
|
|
|
34
73
|
// node_modules/@aws-sdk/token-providers/dist-es/getNewSsoOidcToken.js
|
|
35
74
|
var getNewSsoOidcToken = async (ssoToken, ssoRegion, init = {}) => {
|
|
36
|
-
const { CreateTokenCommand } = await import("./sso-oidc-
|
|
75
|
+
const { CreateTokenCommand } = await import("./sso-oidc-EU7F5QE4.js");
|
|
37
76
|
const ssoOidcClient = await getSsoOidcClient(ssoRegion, init);
|
|
38
77
|
return ssoOidcClient.send(new CreateTokenCommand({
|
|
39
78
|
clientId: ssoToken.clientId,
|
|
@@ -58,8 +97,8 @@ var validateTokenKey = (key, value, forRefresh = false) => {
|
|
|
58
97
|
};
|
|
59
98
|
|
|
60
99
|
// node_modules/@aws-sdk/token-providers/dist-es/writeSSOTokenToFile.js
|
|
61
|
-
import { promises as
|
|
62
|
-
var { writeFile } =
|
|
100
|
+
import { promises as fsPromises2 } from "fs";
|
|
101
|
+
var { writeFile } = fsPromises2;
|
|
63
102
|
var writeSSOTokenToFile = (id, ssoToken) => {
|
|
64
103
|
const tokenFilepath = getSSOTokenFilepath(id);
|
|
65
104
|
const tokenString = JSON.stringify(ssoToken, null, 2);
|
|
@@ -180,7 +219,7 @@ var resolveSSOCredentials = async ({ ssoStartUrl, ssoSession, ssoAccountId, ssoR
|
|
|
180
219
|
});
|
|
181
220
|
}
|
|
182
221
|
const { accessToken } = token;
|
|
183
|
-
const { SSOClient, GetRoleCredentialsCommand } = await import("./loadSso-
|
|
222
|
+
const { SSOClient, GetRoleCredentialsCommand } = await import("./loadSso-QXCYUPG5.js");
|
|
184
223
|
const sso = ssoClient || new SSOClient(Object.assign({}, clientConfig ?? {}, {
|
|
185
224
|
logger: clientConfig?.logger ?? parentClientConfig?.logger,
|
|
186
225
|
region: clientConfig?.region ?? ssoRegion
|
|
@@ -302,4 +341,4 @@ export {
|
|
|
302
341
|
isSsoProfile,
|
|
303
342
|
validateSsoProfile
|
|
304
343
|
};
|
|
305
|
-
//# sourceMappingURL=dist-es-
|
|
344
|
+
//# sourceMappingURL=dist-es-NBFOPILZ.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../node_modules/@smithy/property-provider/dist-es/TokenProviderError.js","../../node_modules/@smithy/shared-ini-file-loader/dist-es/getSSOTokenFilepath.js","../../node_modules/@smithy/shared-ini-file-loader/dist-es/getSSOTokenFromFile.js","../../node_modules/@smithy/shared-ini-file-loader/dist-es/getSsoSessionData.js","../../node_modules/@smithy/shared-ini-file-loader/dist-es/loadSsoSessionData.js","../../node_modules/@aws-sdk/credential-provider-sso/dist-es/isSsoProfile.js","../../node_modules/@aws-sdk/token-providers/dist-es/constants.js","../../node_modules/@aws-sdk/token-providers/dist-es/getSsoOidcClient.js","../../node_modules/@aws-sdk/token-providers/dist-es/getNewSsoOidcToken.js","../../node_modules/@aws-sdk/token-providers/dist-es/validateTokenExpiry.js","../../node_modules/@aws-sdk/token-providers/dist-es/validateTokenKey.js","../../node_modules/@aws-sdk/token-providers/dist-es/writeSSOTokenToFile.js","../../node_modules/@aws-sdk/token-providers/dist-es/fromSso.js","../../node_modules/@aws-sdk/credential-provider-sso/dist-es/resolveSSOCredentials.js","../../node_modules/@aws-sdk/credential-provider-sso/dist-es/validateSsoProfile.js","../../node_modules/@aws-sdk/credential-provider-sso/dist-es/fromSSO.js"],"sourcesContent":["import { ProviderError } from \"./ProviderError\";\nexport class TokenProviderError extends ProviderError {\n constructor(message, options = true) {\n super(message, options);\n this.name = \"TokenProviderError\";\n Object.setPrototypeOf(this, TokenProviderError.prototype);\n }\n}\n","import { createHash } from \"crypto\";\nimport { join } from \"path\";\nimport { getHomeDir } from \"./getHomeDir\";\nexport const getSSOTokenFilepath = (id) => {\n const hasher = createHash(\"sha1\");\n const cacheName = hasher.update(id).digest(\"hex\");\n return join(getHomeDir(), \".aws\", \"sso\", \"cache\", `${cacheName}.json`);\n};\n","import { promises as fsPromises } from \"fs\";\nimport { getSSOTokenFilepath } from \"./getSSOTokenFilepath\";\nconst { readFile } = fsPromises;\nexport const getSSOTokenFromFile = async (id) => {\n const ssoTokenFilepath = getSSOTokenFilepath(id);\n const ssoTokenText = await readFile(ssoTokenFilepath, \"utf8\");\n return JSON.parse(ssoTokenText);\n};\n","import { IniSectionType } from \"@smithy/types\";\nimport { CONFIG_PREFIX_SEPARATOR } from \"./loadSharedConfigFiles\";\nexport const getSsoSessionData = (data) => Object.entries(data)\n .filter(([key]) => key.startsWith(IniSectionType.SSO_SESSION + CONFIG_PREFIX_SEPARATOR))\n .reduce((acc, [key, value]) => ({ ...acc, [key.substring(key.indexOf(CONFIG_PREFIX_SEPARATOR) + 1)]: value }), {});\n","import { getConfigFilepath } from \"./getConfigFilepath\";\nimport { getSsoSessionData } from \"./getSsoSessionData\";\nimport { parseIni } from \"./parseIni\";\nimport { slurpFile } from \"./slurpFile\";\nconst swallowError = () => ({});\nexport const loadSsoSessionData = async (init = {}) => slurpFile(init.configFilepath ?? getConfigFilepath())\n .then(parseIni)\n .then(getSsoSessionData)\n .catch(swallowError);\n","export const isSsoProfile = (arg) => arg &&\n (typeof arg.sso_start_url === \"string\" ||\n typeof arg.sso_account_id === \"string\" ||\n typeof arg.sso_session === \"string\" ||\n typeof arg.sso_region === \"string\" ||\n typeof arg.sso_role_name === \"string\");\n","export const EXPIRE_WINDOW_MS = 5 * 60 * 1000;\nexport const REFRESH_MESSAGE = `To refresh this SSO session run 'aws sso login' with the corresponding profile.`;\n","export const getSsoOidcClient = async (ssoRegion, init = {}) => {\n const { SSOOIDCClient } = await import(\"@aws-sdk/nested-clients/sso-oidc\");\n const ssoOidcClient = new SSOOIDCClient(Object.assign({}, init.clientConfig ?? {}, {\n region: ssoRegion ?? init.clientConfig?.region,\n logger: init.clientConfig?.logger ?? init.parentClientConfig?.logger,\n }));\n return ssoOidcClient;\n};\n","import { getSsoOidcClient } from \"./getSsoOidcClient\";\nexport const getNewSsoOidcToken = async (ssoToken, ssoRegion, init = {}) => {\n const { CreateTokenCommand } = await import(\"@aws-sdk/nested-clients/sso-oidc\");\n const ssoOidcClient = await getSsoOidcClient(ssoRegion, init);\n return ssoOidcClient.send(new CreateTokenCommand({\n clientId: ssoToken.clientId,\n clientSecret: ssoToken.clientSecret,\n refreshToken: ssoToken.refreshToken,\n grantType: \"refresh_token\",\n }));\n};\n","import { TokenProviderError } from \"@smithy/property-provider\";\nimport { REFRESH_MESSAGE } from \"./constants\";\nexport const validateTokenExpiry = (token) => {\n if (token.expiration && token.expiration.getTime() < Date.now()) {\n throw new TokenProviderError(`Token is expired. ${REFRESH_MESSAGE}`, false);\n }\n};\n","import { TokenProviderError } from \"@smithy/property-provider\";\nimport { REFRESH_MESSAGE } from \"./constants\";\nexport const validateTokenKey = (key, value, forRefresh = false) => {\n if (typeof value === \"undefined\") {\n throw new TokenProviderError(`Value not present for '${key}' in SSO Token${forRefresh ? \". Cannot refresh\" : \"\"}. ${REFRESH_MESSAGE}`, false);\n }\n};\n","import { getSSOTokenFilepath } from \"@smithy/shared-ini-file-loader\";\nimport { promises as fsPromises } from \"fs\";\nconst { writeFile } = fsPromises;\nexport const writeSSOTokenToFile = (id, ssoToken) => {\n const tokenFilepath = getSSOTokenFilepath(id);\n const tokenString = JSON.stringify(ssoToken, null, 2);\n return writeFile(tokenFilepath, tokenString);\n};\n","import { TokenProviderError } from \"@smithy/property-provider\";\nimport { getProfileName, getSSOTokenFromFile, loadSsoSessionData, parseKnownFiles, } from \"@smithy/shared-ini-file-loader\";\nimport { EXPIRE_WINDOW_MS, REFRESH_MESSAGE } from \"./constants\";\nimport { getNewSsoOidcToken } from \"./getNewSsoOidcToken\";\nimport { validateTokenExpiry } from \"./validateTokenExpiry\";\nimport { validateTokenKey } from \"./validateTokenKey\";\nimport { writeSSOTokenToFile } from \"./writeSSOTokenToFile\";\nconst lastRefreshAttemptTime = new Date(0);\nexport const fromSso = (_init = {}) => async ({ callerClientConfig } = {}) => {\n const init = {\n ..._init,\n parentClientConfig: {\n ...callerClientConfig,\n ..._init.parentClientConfig,\n },\n };\n init.logger?.debug(\"@aws-sdk/token-providers - fromSso\");\n const profiles = await parseKnownFiles(init);\n const profileName = getProfileName({\n profile: init.profile ?? callerClientConfig?.profile,\n });\n const profile = profiles[profileName];\n if (!profile) {\n throw new TokenProviderError(`Profile '${profileName}' could not be found in shared credentials file.`, false);\n }\n else if (!profile[\"sso_session\"]) {\n throw new TokenProviderError(`Profile '${profileName}' is missing required property 'sso_session'.`);\n }\n const ssoSessionName = profile[\"sso_session\"];\n const ssoSessions = await loadSsoSessionData(init);\n const ssoSession = ssoSessions[ssoSessionName];\n if (!ssoSession) {\n throw new TokenProviderError(`Sso session '${ssoSessionName}' could not be found in shared credentials file.`, false);\n }\n for (const ssoSessionRequiredKey of [\"sso_start_url\", \"sso_region\"]) {\n if (!ssoSession[ssoSessionRequiredKey]) {\n throw new TokenProviderError(`Sso session '${ssoSessionName}' is missing required property '${ssoSessionRequiredKey}'.`, false);\n }\n }\n const ssoStartUrl = ssoSession[\"sso_start_url\"];\n const ssoRegion = ssoSession[\"sso_region\"];\n let ssoToken;\n try {\n ssoToken = await getSSOTokenFromFile(ssoSessionName);\n }\n catch (e) {\n throw new TokenProviderError(`The SSO session token associated with profile=${profileName} was not found or is invalid. ${REFRESH_MESSAGE}`, false);\n }\n validateTokenKey(\"accessToken\", ssoToken.accessToken);\n validateTokenKey(\"expiresAt\", ssoToken.expiresAt);\n const { accessToken, expiresAt } = ssoToken;\n const existingToken = { token: accessToken, expiration: new Date(expiresAt) };\n if (existingToken.expiration.getTime() - Date.now() > EXPIRE_WINDOW_MS) {\n return existingToken;\n }\n if (Date.now() - lastRefreshAttemptTime.getTime() < 30 * 1000) {\n validateTokenExpiry(existingToken);\n return existingToken;\n }\n validateTokenKey(\"clientId\", ssoToken.clientId, true);\n validateTokenKey(\"clientSecret\", ssoToken.clientSecret, true);\n validateTokenKey(\"refreshToken\", ssoToken.refreshToken, true);\n try {\n lastRefreshAttemptTime.setTime(Date.now());\n const newSsoOidcToken = await getNewSsoOidcToken(ssoToken, ssoRegion, init);\n validateTokenKey(\"accessToken\", newSsoOidcToken.accessToken);\n validateTokenKey(\"expiresIn\", newSsoOidcToken.expiresIn);\n const newTokenExpiration = new Date(Date.now() + newSsoOidcToken.expiresIn * 1000);\n try {\n await writeSSOTokenToFile(ssoSessionName, {\n ...ssoToken,\n accessToken: newSsoOidcToken.accessToken,\n expiresAt: newTokenExpiration.toISOString(),\n refreshToken: newSsoOidcToken.refreshToken,\n });\n }\n catch (error) {\n }\n return {\n token: newSsoOidcToken.accessToken,\n expiration: newTokenExpiration,\n };\n }\n catch (error) {\n validateTokenExpiry(existingToken);\n return existingToken;\n }\n};\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nimport { fromSso as getSsoTokenProvider } from \"@aws-sdk/token-providers\";\nimport { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { getSSOTokenFromFile } from \"@smithy/shared-ini-file-loader\";\nconst SHOULD_FAIL_CREDENTIAL_CHAIN = false;\nexport const resolveSSOCredentials = async ({ ssoStartUrl, ssoSession, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, clientConfig, parentClientConfig, profile, logger, }) => {\n let token;\n const refreshMessage = `To refresh this SSO session run aws sso login with the corresponding profile.`;\n if (ssoSession) {\n try {\n const _token = await getSsoTokenProvider({ profile })();\n token = {\n accessToken: _token.token,\n expiresAt: new Date(_token.expiration).toISOString(),\n };\n }\n catch (e) {\n throw new CredentialsProviderError(e.message, {\n tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n logger,\n });\n }\n }\n else {\n try {\n token = await getSSOTokenFromFile(ssoStartUrl);\n }\n catch (e) {\n throw new CredentialsProviderError(`The SSO session associated with this profile is invalid. ${refreshMessage}`, {\n tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n logger,\n });\n }\n }\n if (new Date(token.expiresAt).getTime() - Date.now() <= 0) {\n throw new CredentialsProviderError(`The SSO session associated with this profile has expired. ${refreshMessage}`, {\n tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n logger,\n });\n }\n const { accessToken } = token;\n const { SSOClient, GetRoleCredentialsCommand } = await import(\"./loadSso\");\n const sso = ssoClient ||\n new SSOClient(Object.assign({}, clientConfig ?? {}, {\n logger: clientConfig?.logger ?? parentClientConfig?.logger,\n region: clientConfig?.region ?? ssoRegion,\n }));\n let ssoResp;\n try {\n ssoResp = await sso.send(new GetRoleCredentialsCommand({\n accountId: ssoAccountId,\n roleName: ssoRoleName,\n accessToken,\n }));\n }\n catch (e) {\n throw new CredentialsProviderError(e, {\n tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n logger,\n });\n }\n const { roleCredentials: { accessKeyId, secretAccessKey, sessionToken, expiration, credentialScope, accountId } = {}, } = ssoResp;\n if (!accessKeyId || !secretAccessKey || !sessionToken || !expiration) {\n throw new CredentialsProviderError(\"SSO returns an invalid temporary credential.\", {\n tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n logger,\n });\n }\n const credentials = {\n accessKeyId,\n secretAccessKey,\n sessionToken,\n expiration: new Date(expiration),\n ...(credentialScope && { credentialScope }),\n ...(accountId && { accountId }),\n };\n if (ssoSession) {\n setCredentialFeature(credentials, \"CREDENTIALS_SSO\", \"s\");\n }\n else {\n setCredentialFeature(credentials, \"CREDENTIALS_SSO_LEGACY\", \"u\");\n }\n return credentials;\n};\n","import { CredentialsProviderError } from \"@smithy/property-provider\";\nexport const validateSsoProfile = (profile, logger) => {\n const { sso_start_url, sso_account_id, sso_region, sso_role_name } = profile;\n if (!sso_start_url || !sso_account_id || !sso_region || !sso_role_name) {\n throw new CredentialsProviderError(`Profile is configured with invalid SSO credentials. Required parameters \"sso_account_id\", ` +\n `\"sso_region\", \"sso_role_name\", \"sso_start_url\". Got ${Object.keys(profile).join(\", \")}\\nReference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html`, { tryNextLink: false, logger });\n }\n return profile;\n};\n","import { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { getProfileName, loadSsoSessionData, parseKnownFiles } from \"@smithy/shared-ini-file-loader\";\nimport { isSsoProfile } from \"./isSsoProfile\";\nimport { resolveSSOCredentials } from \"./resolveSSOCredentials\";\nimport { validateSsoProfile } from \"./validateSsoProfile\";\nexport const fromSSO = (init = {}) => async ({ callerClientConfig } = {}) => {\n init.logger?.debug(\"@aws-sdk/credential-provider-sso - fromSSO\");\n const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoSession } = init;\n const { ssoClient } = init;\n const profileName = getProfileName({\n profile: init.profile ?? callerClientConfig?.profile,\n });\n if (!ssoStartUrl && !ssoAccountId && !ssoRegion && !ssoRoleName && !ssoSession) {\n const profiles = await parseKnownFiles(init);\n const profile = profiles[profileName];\n if (!profile) {\n throw new CredentialsProviderError(`Profile ${profileName} was not found.`, { logger: init.logger });\n }\n if (!isSsoProfile(profile)) {\n throw new CredentialsProviderError(`Profile ${profileName} is not configured with SSO credentials.`, {\n logger: init.logger,\n });\n }\n if (profile?.sso_session) {\n const ssoSessions = await loadSsoSessionData(init);\n const session = ssoSessions[profile.sso_session];\n const conflictMsg = ` configurations in profile ${profileName} and sso-session ${profile.sso_session}`;\n if (ssoRegion && ssoRegion !== session.sso_region) {\n throw new CredentialsProviderError(`Conflicting SSO region` + conflictMsg, {\n tryNextLink: false,\n logger: init.logger,\n });\n }\n if (ssoStartUrl && ssoStartUrl !== session.sso_start_url) {\n throw new CredentialsProviderError(`Conflicting SSO start_url` + conflictMsg, {\n tryNextLink: false,\n logger: init.logger,\n });\n }\n profile.sso_region = session.sso_region;\n profile.sso_start_url = session.sso_start_url;\n }\n const { sso_start_url, sso_account_id, sso_region, sso_role_name, sso_session } = validateSsoProfile(profile, init.logger);\n return resolveSSOCredentials({\n ssoStartUrl: sso_start_url,\n ssoSession: sso_session,\n ssoAccountId: sso_account_id,\n ssoRegion: sso_region,\n ssoRoleName: sso_role_name,\n ssoClient: ssoClient,\n clientConfig: init.clientConfig,\n parentClientConfig: init.parentClientConfig,\n profile: profileName,\n });\n }\n else if (!ssoStartUrl || !ssoAccountId || !ssoRegion || !ssoRoleName) {\n throw new CredentialsProviderError(\"Incomplete configuration. The fromSSO() argument hash must include \" +\n '\"ssoStartUrl\", \"ssoAccountId\", \"ssoRegion\", \"ssoRoleName\"', { tryNextLink: false, logger: init.logger });\n }\n else {\n return resolveSSOCredentials({\n ssoStartUrl,\n ssoSession,\n ssoAccountId,\n ssoRegion,\n ssoRoleName,\n ssoClient,\n clientConfig: init.clientConfig,\n parentClientConfig: init.parentClientConfig,\n profile: profileName,\n });\n }\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AACO,IAAM,qBAAN,MAAM,4BAA2B,cAAc;AAAA,EAClD,YAAY,SAAS,UAAU,MAAM;AACjC,UAAM,SAAS,OAAO;AACtB,SAAK,OAAO;AACZ,WAAO,eAAe,MAAM,oBAAmB,SAAS;AAAA,EAC5D;AACJ;;;ACPA,SAAS,kBAAkB;AAC3B,SAAS,YAAY;AAEd,IAAM,sBAAsB,CAAC,OAAO;AACvC,QAAM,SAAS,WAAW,MAAM;AAChC,QAAM,YAAY,OAAO,OAAO,EAAE,EAAE,OAAO,KAAK;AAChD,SAAO,KAAK,WAAW,GAAG,QAAQ,OAAO,SAAS,GAAG,SAAS,OAAO;AACzE;;;ACPA,SAAS,YAAY,kBAAkB;AAEvC,IAAM,EAAE,SAAS,IAAI;AACd,IAAM,sBAAsB,OAAO,OAAO;AAC7C,QAAM,mBAAmB,oBAAoB,EAAE;AAC/C,QAAM,eAAe,MAAM,SAAS,kBAAkB,MAAM;AAC5D,SAAO,KAAK,MAAM,YAAY;AAClC;;;ACLO,IAAM,oBAAoB,CAAC,SAAS,OAAO,QAAQ,IAAI,EACzD,OAAO,CAAC,CAAC,GAAG,MAAM,IAAI,WAAW,eAAe,cAAc,uBAAuB,CAAC,EACtF,OAAO,CAAC,KAAK,CAAC,KAAK,KAAK,OAAO,EAAE,GAAG,KAAK,CAAC,IAAI,UAAU,IAAI,QAAQ,uBAAuB,IAAI,CAAC,CAAC,GAAG,MAAM,IAAI,CAAC,CAAC;;;ACArH,IAAM,eAAe,OAAO,CAAC;AACtB,IAAM,qBAAqB,OAAO,OAAO,CAAC,MAAM,UAAU,KAAK,kBAAkB,kBAAkB,CAAC,EACtG,KAAK,QAAQ,EACb,KAAK,iBAAiB,EACtB,MAAM,YAAY;;;ACRhB,IAAM,eAAe,CAAC,QAAQ,QAChC,OAAO,IAAI,kBAAkB,YAC1B,OAAO,IAAI,mBAAmB,YAC9B,OAAO,IAAI,gBAAgB,YAC3B,OAAO,IAAI,eAAe,YAC1B,OAAO,IAAI,kBAAkB;;;ACL9B,IAAM,mBAAmB,IAAI,KAAK;AAClC,IAAM,kBAAkB;;;ACDxB,IAAM,mBAAmB,OAAO,WAAW,OAAO,CAAC,MAAM;AAC5D,QAAM,EAAE,cAAc,IAAI,MAAM,OAAO,wBAAkC;AACzE,QAAM,gBAAgB,IAAI,cAAc,OAAO,OAAO,CAAC,GAAG,KAAK,gBAAgB,CAAC,GAAG;AAAA,IAC/E,QAAQ,aAAa,KAAK,cAAc;AAAA,IACxC,QAAQ,KAAK,cAAc,UAAU,KAAK,oBAAoB;AAAA,EAClE,CAAC,CAAC;AACF,SAAO;AACX;;;ACNO,IAAM,qBAAqB,OAAO,UAAU,WAAW,OAAO,CAAC,MAAM;AACxE,QAAM,EAAE,mBAAmB,IAAI,MAAM,OAAO,wBAAkC;AAC9E,QAAM,gBAAgB,MAAM,iBAAiB,WAAW,IAAI;AAC5D,SAAO,cAAc,KAAK,IAAI,mBAAmB;AAAA,IAC7C,UAAU,SAAS;AAAA,IACnB,cAAc,SAAS;AAAA,IACvB,cAAc,SAAS;AAAA,IACvB,WAAW;AAAA,EACf,CAAC,CAAC;AACN;;;ACRO,IAAM,sBAAsB,CAAC,UAAU;AAC1C,MAAI,MAAM,cAAc,MAAM,WAAW,QAAQ,IAAI,KAAK,IAAI,GAAG;AAC7D,UAAM,IAAI,mBAAmB,qBAAqB,eAAe,IAAI,KAAK;AAAA,EAC9E;AACJ;;;ACJO,IAAM,mBAAmB,CAAC,KAAK,OAAO,aAAa,UAAU;AAChE,MAAI,OAAO,UAAU,aAAa;AAC9B,UAAM,IAAI,mBAAmB,0BAA0B,GAAG,iBAAiB,aAAa,qBAAqB,EAAE,KAAK,eAAe,IAAI,KAAK;AAAA,EAChJ;AACJ;;;ACLA,SAAS,YAAYA,mBAAkB;AACvC,IAAM,EAAE,UAAU,IAAIA;AACf,IAAM,sBAAsB,CAAC,IAAI,aAAa;AACjD,QAAM,gBAAgB,oBAAoB,EAAE;AAC5C,QAAM,cAAc,KAAK,UAAU,UAAU,MAAM,CAAC;AACpD,SAAO,UAAU,eAAe,WAAW;AAC/C;;;ACAA,IAAM,yBAAyB,oBAAI,KAAK,CAAC;AAClC,IAAM,UAAU,CAAC,QAAQ,CAAC,MAAM,OAAO,EAAE,mBAAmB,IAAI,CAAC,MAAM;AAC1E,QAAM,OAAO;AAAA,IACT,GAAG;AAAA,IACH,oBAAoB;AAAA,MAChB,GAAG;AAAA,MACH,GAAG,MAAM;AAAA,IACb;AAAA,EACJ;AACA,OAAK,QAAQ,MAAM,oCAAoC;AACvD,QAAM,WAAW,MAAM,gBAAgB,IAAI;AAC3C,QAAM,cAAc,eAAe;AAAA,IAC/B,SAAS,KAAK,WAAW,oBAAoB;AAAA,EACjD,CAAC;AACD,QAAM,UAAU,SAAS,WAAW;AACpC,MAAI,CAAC,SAAS;AACV,UAAM,IAAI,mBAAmB,YAAY,WAAW,oDAAoD,KAAK;AAAA,EACjH,WACS,CAAC,QAAQ,aAAa,GAAG;AAC9B,UAAM,IAAI,mBAAmB,YAAY,WAAW,+CAA+C;AAAA,EACvG;AACA,QAAM,iBAAiB,QAAQ,aAAa;AAC5C,QAAM,cAAc,MAAM,mBAAmB,IAAI;AACjD,QAAM,aAAa,YAAY,cAAc;AAC7C,MAAI,CAAC,YAAY;AACb,UAAM,IAAI,mBAAmB,gBAAgB,cAAc,oDAAoD,KAAK;AAAA,EACxH;AACA,aAAW,yBAAyB,CAAC,iBAAiB,YAAY,GAAG;AACjE,QAAI,CAAC,WAAW,qBAAqB,GAAG;AACpC,YAAM,IAAI,mBAAmB,gBAAgB,cAAc,mCAAmC,qBAAqB,MAAM,KAAK;AAAA,IAClI;AAAA,EACJ;AACA,QAAM,cAAc,WAAW,eAAe;AAC9C,QAAM,YAAY,WAAW,YAAY;AACzC,MAAI;AACJ,MAAI;AACA,eAAW,MAAM,oBAAoB,cAAc;AAAA,EACvD,SACO,GAAG;AACN,UAAM,IAAI,mBAAmB,iDAAiD,WAAW,iCAAiC,eAAe,IAAI,KAAK;AAAA,EACtJ;AACA,mBAAiB,eAAe,SAAS,WAAW;AACpD,mBAAiB,aAAa,SAAS,SAAS;AAChD,QAAM,EAAE,aAAa,UAAU,IAAI;AACnC,QAAM,gBAAgB,EAAE,OAAO,aAAa,YAAY,IAAI,KAAK,SAAS,EAAE;AAC5E,MAAI,cAAc,WAAW,QAAQ,IAAI,KAAK,IAAI,IAAI,kBAAkB;AACpE,WAAO;AAAA,EACX;AACA,MAAI,KAAK,IAAI,IAAI,uBAAuB,QAAQ,IAAI,KAAK,KAAM;AAC3D,wBAAoB,aAAa;AACjC,WAAO;AAAA,EACX;AACA,mBAAiB,YAAY,SAAS,UAAU,IAAI;AACpD,mBAAiB,gBAAgB,SAAS,cAAc,IAAI;AAC5D,mBAAiB,gBAAgB,SAAS,cAAc,IAAI;AAC5D,MAAI;AACA,2BAAuB,QAAQ,KAAK,IAAI,CAAC;AACzC,UAAM,kBAAkB,MAAM,mBAAmB,UAAU,WAAW,IAAI;AAC1E,qBAAiB,eAAe,gBAAgB,WAAW;AAC3D,qBAAiB,aAAa,gBAAgB,SAAS;AACvD,UAAM,qBAAqB,IAAI,KAAK,KAAK,IAAI,IAAI,gBAAgB,YAAY,GAAI;AACjF,QAAI;AACA,YAAM,oBAAoB,gBAAgB;AAAA,QACtC,GAAG;AAAA,QACH,aAAa,gBAAgB;AAAA,QAC7B,WAAW,mBAAmB,YAAY;AAAA,QAC1C,cAAc,gBAAgB;AAAA,MAClC,CAAC;AAAA,IACL,SACO,OAAO;AAAA,IACd;AACA,WAAO;AAAA,MACH,OAAO,gBAAgB;AAAA,MACvB,YAAY;AAAA,IAChB;AAAA,EACJ,SACO,OAAO;AACV,wBAAoB,aAAa;AACjC,WAAO;AAAA,EACX;AACJ;;;ACnFA,IAAM,+BAA+B;AAC9B,IAAM,wBAAwB,OAAO,EAAE,aAAa,YAAY,cAAc,WAAW,aAAa,WAAW,cAAc,oBAAoB,SAAS,OAAQ,MAAM;AAC7K,MAAI;AACJ,QAAM,iBAAiB;AACvB,MAAI,YAAY;AACZ,QAAI;AACA,YAAM,SAAS,MAAM,QAAoB,EAAE,QAAQ,CAAC,EAAE;AACtD,cAAQ;AAAA,QACJ,aAAa,OAAO;AAAA,QACpB,WAAW,IAAI,KAAK,OAAO,UAAU,EAAE,YAAY;AAAA,MACvD;AAAA,IACJ,SACO,GAAG;AACN,YAAM,IAAI,yBAAyB,EAAE,SAAS;AAAA,QAC1C,aAAa;AAAA,QACb;AAAA,MACJ,CAAC;AAAA,IACL;AAAA,EACJ,OACK;AACD,QAAI;AACA,cAAQ,MAAM,oBAAoB,WAAW;AAAA,IACjD,SACO,GAAG;AACN,YAAM,IAAI,yBAAyB,4DAA4D,cAAc,IAAI;AAAA,QAC7G,aAAa;AAAA,QACb;AAAA,MACJ,CAAC;AAAA,IACL;AAAA,EACJ;AACA,MAAI,IAAI,KAAK,MAAM,SAAS,EAAE,QAAQ,IAAI,KAAK,IAAI,KAAK,GAAG;AACvD,UAAM,IAAI,yBAAyB,6DAA6D,cAAc,IAAI;AAAA,MAC9G,aAAa;AAAA,MACb;AAAA,IACJ,CAAC;AAAA,EACL;AACA,QAAM,EAAE,YAAY,IAAI;AACxB,QAAM,EAAE,WAAW,0BAA0B,IAAI,MAAM,OAAO,uBAAW;AACzE,QAAM,MAAM,aACR,IAAI,UAAU,OAAO,OAAO,CAAC,GAAG,gBAAgB,CAAC,GAAG;AAAA,IAChD,QAAQ,cAAc,UAAU,oBAAoB;AAAA,IACpD,QAAQ,cAAc,UAAU;AAAA,EACpC,CAAC,CAAC;AACN,MAAI;AACJ,MAAI;AACA,cAAU,MAAM,IAAI,KAAK,IAAI,0BAA0B;AAAA,MACnD,WAAW;AAAA,MACX,UAAU;AAAA,MACV;AAAA,IACJ,CAAC,CAAC;AAAA,EACN,SACO,GAAG;AACN,UAAM,IAAI,yBAAyB,GAAG;AAAA,MAClC,aAAa;AAAA,MACb;AAAA,IACJ,CAAC;AAAA,EACL;AACA,QAAM,EAAE,iBAAiB,EAAE,aAAa,iBAAiB,cAAc,YAAY,iBAAiB,UAAU,IAAI,CAAC,EAAG,IAAI;AAC1H,MAAI,CAAC,eAAe,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,YAAY;AAClE,UAAM,IAAI,yBAAyB,gDAAgD;AAAA,MAC/E,aAAa;AAAA,MACb;AAAA,IACJ,CAAC;AAAA,EACL;AACA,QAAM,cAAc;AAAA,IAChB;AAAA,IACA;AAAA,IACA;AAAA,IACA,YAAY,IAAI,KAAK,UAAU;AAAA,IAC/B,GAAI,mBAAmB,EAAE,gBAAgB;AAAA,IACzC,GAAI,aAAa,EAAE,UAAU;AAAA,EACjC;AACA,MAAI,YAAY;AACZ,yBAAqB,aAAa,mBAAmB,GAAG;AAAA,EAC5D,OACK;AACD,yBAAqB,aAAa,0BAA0B,GAAG;AAAA,EACnE;AACA,SAAO;AACX;;;AClFO,IAAM,qBAAqB,CAAC,SAAS,WAAW;AACnD,QAAM,EAAE,eAAe,gBAAgB,YAAY,cAAc,IAAI;AACrE,MAAI,CAAC,iBAAiB,CAAC,kBAAkB,CAAC,cAAc,CAAC,eAAe;AACpE,UAAM,IAAI,yBAAyB,iJACwB,OAAO,KAAK,OAAO,EAAE,KAAK,IAAI,CAAC;AAAA,qFAAwF,EAAE,aAAa,OAAO,OAAO,CAAC;AAAA,EACpN;AACA,SAAO;AACX;;;ACHO,IAAM,UAAU,CAAC,OAAO,CAAC,MAAM,OAAO,EAAE,mBAAmB,IAAI,CAAC,MAAM;AACzE,OAAK,QAAQ,MAAM,4CAA4C;AAC/D,QAAM,EAAE,aAAa,cAAc,WAAW,aAAa,WAAW,IAAI;AAC1E,QAAM,EAAE,UAAU,IAAI;AACtB,QAAM,cAAc,eAAe;AAAA,IAC/B,SAAS,KAAK,WAAW,oBAAoB;AAAA,EACjD,CAAC;AACD,MAAI,CAAC,eAAe,CAAC,gBAAgB,CAAC,aAAa,CAAC,eAAe,CAAC,YAAY;AAC5E,UAAM,WAAW,MAAM,gBAAgB,IAAI;AAC3C,UAAM,UAAU,SAAS,WAAW;AACpC,QAAI,CAAC,SAAS;AACV,YAAM,IAAI,yBAAyB,WAAW,WAAW,mBAAmB,EAAE,QAAQ,KAAK,OAAO,CAAC;AAAA,IACvG;AACA,QAAI,CAAC,aAAa,OAAO,GAAG;AACxB,YAAM,IAAI,yBAAyB,WAAW,WAAW,4CAA4C;AAAA,QACjG,QAAQ,KAAK;AAAA,MACjB,CAAC;AAAA,IACL;AACA,QAAI,SAAS,aAAa;AACtB,YAAM,cAAc,MAAM,mBAAmB,IAAI;AACjD,YAAM,UAAU,YAAY,QAAQ,WAAW;AAC/C,YAAM,cAAc,8BAA8B,WAAW,oBAAoB,QAAQ,WAAW;AACpG,UAAI,aAAa,cAAc,QAAQ,YAAY;AAC/C,cAAM,IAAI,yBAAyB,2BAA2B,aAAa;AAAA,UACvE,aAAa;AAAA,UACb,QAAQ,KAAK;AAAA,QACjB,CAAC;AAAA,MACL;AACA,UAAI,eAAe,gBAAgB,QAAQ,eAAe;AACtD,cAAM,IAAI,yBAAyB,8BAA8B,aAAa;AAAA,UAC1E,aAAa;AAAA,UACb,QAAQ,KAAK;AAAA,QACjB,CAAC;AAAA,MACL;AACA,cAAQ,aAAa,QAAQ;AAC7B,cAAQ,gBAAgB,QAAQ;AAAA,IACpC;AACA,UAAM,EAAE,eAAe,gBAAgB,YAAY,eAAe,YAAY,IAAI,mBAAmB,SAAS,KAAK,MAAM;AACzH,WAAO,sBAAsB;AAAA,MACzB,aAAa;AAAA,MACb,YAAY;AAAA,MACZ,cAAc;AAAA,MACd,WAAW;AAAA,MACX,aAAa;AAAA,MACb;AAAA,MACA,cAAc,KAAK;AAAA,MACnB,oBAAoB,KAAK;AAAA,MACzB,SAAS;AAAA,IACb,CAAC;AAAA,EACL,WACS,CAAC,eAAe,CAAC,gBAAgB,CAAC,aAAa,CAAC,aAAa;AAClE,UAAM,IAAI,yBAAyB,gIAC8B,EAAE,aAAa,OAAO,QAAQ,KAAK,OAAO,CAAC;AAAA,EAChH,OACK;AACD,WAAO,sBAAsB;AAAA,MACzB;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,cAAc,KAAK;AAAA,MACnB,oBAAoB,KAAK;AAAA,MACzB,SAAS;AAAA,IACb,CAAC;AAAA,EACL;AACJ;","names":["fsPromises"]}
|
|
@@ -1,16 +1,21 @@
|
|
|
1
1
|
import {
|
|
2
|
-
HttpRequest,
|
|
3
|
-
NodeHttpHandler,
|
|
4
|
-
parseRfc3339DateTime,
|
|
5
2
|
sdkStreamMixin
|
|
6
|
-
} from "./chunk-
|
|
3
|
+
} from "./chunk-72KZNKH6.js";
|
|
4
|
+
import {
|
|
5
|
+
parseRfc3339DateTime
|
|
6
|
+
} from "./chunk-STDLTQUB.js";
|
|
7
|
+
import {
|
|
8
|
+
HttpRequest,
|
|
9
|
+
NodeHttpHandler
|
|
10
|
+
} from "./chunk-JI6PVVK3.js";
|
|
11
|
+
import "./chunk-KH6HADHN.js";
|
|
7
12
|
import {
|
|
8
13
|
setCredentialFeature
|
|
9
14
|
} from "./chunk-UZGMBQZB.js";
|
|
10
|
-
import "./chunk-3YGWW265.js";
|
|
11
15
|
import {
|
|
12
16
|
CredentialsProviderError
|
|
13
|
-
} from "./chunk-
|
|
17
|
+
} from "./chunk-R2ZTENKB.js";
|
|
18
|
+
import "./chunk-PZ5AY32C.js";
|
|
14
19
|
|
|
15
20
|
// node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/fromHttp.js
|
|
16
21
|
import fs from "fs/promises";
|
|
@@ -160,4 +165,4 @@ Set AWS_CONTAINER_CREDENTIALS_FULL_URI or AWS_CONTAINER_CREDENTIALS_RELATIVE_URI
|
|
|
160
165
|
export {
|
|
161
166
|
fromHttp
|
|
162
167
|
};
|
|
163
|
-
//# sourceMappingURL=dist-es-
|
|
168
|
+
//# sourceMappingURL=dist-es-YDCANF64.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/fromHttp.js","../../node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/checkUrl.js","../../node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/requestHelpers.js","../../node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/retry-wrapper.js"],"sourcesContent":["import { setCredentialFeature } from \"@aws-sdk/core/client\";\nimport { NodeHttpHandler } from \"@smithy/node-http-handler\";\nimport { CredentialsProviderError } from \"@smithy/property-provider\";\nimport fs from \"fs/promises\";\nimport { checkUrl } from \"./checkUrl\";\nimport { createGetRequest, getCredentials } from \"./requestHelpers\";\nimport { retryWrapper } from \"./retry-wrapper\";\nconst AWS_CONTAINER_CREDENTIALS_RELATIVE_URI = \"AWS_CONTAINER_CREDENTIALS_RELATIVE_URI\";\nconst DEFAULT_LINK_LOCAL_HOST = \"http://169.254.170.2\";\nconst AWS_CONTAINER_CREDENTIALS_FULL_URI = \"AWS_CONTAINER_CREDENTIALS_FULL_URI\";\nconst AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE = \"AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE\";\nconst AWS_CONTAINER_AUTHORIZATION_TOKEN = \"AWS_CONTAINER_AUTHORIZATION_TOKEN\";\nexport const fromHttp = (options = {}) => {\n options.logger?.debug(\"@aws-sdk/credential-provider-http - fromHttp\");\n let host;\n const relative = options.awsContainerCredentialsRelativeUri ?? process.env[AWS_CONTAINER_CREDENTIALS_RELATIVE_URI];\n const full = options.awsContainerCredentialsFullUri ?? process.env[AWS_CONTAINER_CREDENTIALS_FULL_URI];\n const token = options.awsContainerAuthorizationToken ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN];\n const tokenFile = options.awsContainerAuthorizationTokenFile ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE];\n const warn = options.logger?.constructor?.name === \"NoOpLogger\" || !options.logger ? console.warn : options.logger.warn;\n if (relative && full) {\n warn(\"@aws-sdk/credential-provider-http: \" +\n \"you have set both awsContainerCredentialsRelativeUri and awsContainerCredentialsFullUri.\");\n warn(\"awsContainerCredentialsFullUri will take precedence.\");\n }\n if (token && tokenFile) {\n warn(\"@aws-sdk/credential-provider-http: \" +\n \"you have set both awsContainerAuthorizationToken and awsContainerAuthorizationTokenFile.\");\n warn(\"awsContainerAuthorizationToken will take precedence.\");\n }\n if (full) {\n host = full;\n }\n else if (relative) {\n host = `${DEFAULT_LINK_LOCAL_HOST}${relative}`;\n }\n else {\n throw new CredentialsProviderError(`No HTTP credential provider host provided.\nSet AWS_CONTAINER_CREDENTIALS_FULL_URI or AWS_CONTAINER_CREDENTIALS_RELATIVE_URI.`, { logger: options.logger });\n }\n const url = new URL(host);\n checkUrl(url, options.logger);\n const requestHandler = new NodeHttpHandler({\n requestTimeout: options.timeout ?? 1000,\n connectionTimeout: options.timeout ?? 1000,\n });\n return retryWrapper(async () => {\n const request = createGetRequest(url);\n if (token) {\n request.headers.Authorization = token;\n }\n else if (tokenFile) {\n request.headers.Authorization = (await fs.readFile(tokenFile)).toString();\n }\n try {\n const result = await requestHandler.handle(request);\n return getCredentials(result.response).then((creds) => setCredentialFeature(creds, \"CREDENTIALS_HTTP\", \"z\"));\n }\n catch (e) {\n throw new CredentialsProviderError(String(e), { logger: options.logger });\n }\n }, options.maxRetries ?? 3, options.timeout ?? 1000);\n};\n","import { CredentialsProviderError } from \"@smithy/property-provider\";\nconst LOOPBACK_CIDR_IPv4 = \"127.0.0.0/8\";\nconst LOOPBACK_CIDR_IPv6 = \"::1/128\";\nconst ECS_CONTAINER_HOST = \"169.254.170.2\";\nconst EKS_CONTAINER_HOST_IPv4 = \"169.254.170.23\";\nconst EKS_CONTAINER_HOST_IPv6 = \"[fd00:ec2::23]\";\nexport const checkUrl = (url, logger) => {\n if (url.protocol === \"https:\") {\n return;\n }\n if (url.hostname === ECS_CONTAINER_HOST ||\n url.hostname === EKS_CONTAINER_HOST_IPv4 ||\n url.hostname === EKS_CONTAINER_HOST_IPv6) {\n return;\n }\n if (url.hostname.includes(\"[\")) {\n if (url.hostname === \"[::1]\" || url.hostname === \"[0000:0000:0000:0000:0000:0000:0000:0001]\") {\n return;\n }\n }\n else {\n if (url.hostname === \"localhost\") {\n return;\n }\n const ipComponents = url.hostname.split(\".\");\n const inRange = (component) => {\n const num = parseInt(component, 10);\n return 0 <= num && num <= 255;\n };\n if (ipComponents[0] === \"127\" &&\n inRange(ipComponents[1]) &&\n inRange(ipComponents[2]) &&\n inRange(ipComponents[3]) &&\n ipComponents.length === 4) {\n return;\n }\n }\n throw new CredentialsProviderError(`URL not accepted. It must either be HTTPS or match one of the following:\n - loopback CIDR 127.0.0.0/8 or [::1/128]\n - ECS container host 169.254.170.2\n - EKS container host 169.254.170.23 or [fd00:ec2::23]`, { logger });\n};\n","import { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { HttpRequest } from \"@smithy/protocol-http\";\nimport { parseRfc3339DateTime } from \"@smithy/smithy-client\";\nimport { sdkStreamMixin } from \"@smithy/util-stream\";\nexport function createGetRequest(url) {\n return new HttpRequest({\n protocol: url.protocol,\n hostname: url.hostname,\n port: Number(url.port),\n path: url.pathname,\n query: Array.from(url.searchParams.entries()).reduce((acc, [k, v]) => {\n acc[k] = v;\n return acc;\n }, {}),\n fragment: url.hash,\n });\n}\nexport async function getCredentials(response, logger) {\n const stream = sdkStreamMixin(response.body);\n const str = await stream.transformToString();\n if (response.statusCode === 200) {\n const parsed = JSON.parse(str);\n if (typeof parsed.AccessKeyId !== \"string\" ||\n typeof parsed.SecretAccessKey !== \"string\" ||\n typeof parsed.Token !== \"string\" ||\n typeof parsed.Expiration !== \"string\") {\n throw new CredentialsProviderError(\"HTTP credential provider response not of the required format, an object matching: \" +\n \"{ AccessKeyId: string, SecretAccessKey: string, Token: string, Expiration: string(rfc3339) }\", { logger });\n }\n return {\n accessKeyId: parsed.AccessKeyId,\n secretAccessKey: parsed.SecretAccessKey,\n sessionToken: parsed.Token,\n expiration: parseRfc3339DateTime(parsed.Expiration),\n };\n }\n if (response.statusCode >= 400 && response.statusCode < 500) {\n let parsedBody = {};\n try {\n parsedBody = JSON.parse(str);\n }\n catch (e) { }\n throw Object.assign(new CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger }), {\n Code: parsedBody.Code,\n Message: parsedBody.Message,\n });\n }\n throw new CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger });\n}\n","export const retryWrapper = (toRetry, maxRetries, delayMs) => {\n return async () => {\n for (let i = 0; i < maxRetries; ++i) {\n try {\n return await toRetry();\n }\n catch (e) {\n await new Promise((resolve) => setTimeout(resolve, delayMs));\n }\n }\n return await toRetry();\n };\n};\n"],"mappings":";;;;;;;;;;;;;;;AAGA,OAAO,QAAQ;;;ACAf,IAAM,qBAAqB;AAC3B,IAAM,0BAA0B;AAChC,IAAM,0BAA0B;AACzB,IAAM,WAAW,CAAC,KAAK,WAAW;AACrC,MAAI,IAAI,aAAa,UAAU;AAC3B;AAAA,EACJ;AACA,MAAI,IAAI,aAAa,sBACjB,IAAI,aAAa,2BACjB,IAAI,aAAa,yBAAyB;AAC1C;AAAA,EACJ;AACA,MAAI,IAAI,SAAS,SAAS,GAAG,GAAG;AAC5B,QAAI,IAAI,aAAa,WAAW,IAAI,aAAa,6CAA6C;AAC1F;AAAA,IACJ;AAAA,EACJ,OACK;AACD,QAAI,IAAI,aAAa,aAAa;AAC9B;AAAA,IACJ;AACA,UAAM,eAAe,IAAI,SAAS,MAAM,GAAG;AAC3C,UAAM,UAAU,CAAC,cAAc;AAC3B,YAAM,MAAM,SAAS,WAAW,EAAE;AAClC,aAAO,KAAK,OAAO,OAAO;AAAA,IAC9B;AACA,QAAI,aAAa,CAAC,MAAM,SACpB,QAAQ,aAAa,CAAC,CAAC,KACvB,QAAQ,aAAa,CAAC,CAAC,KACvB,QAAQ,aAAa,CAAC,CAAC,KACvB,aAAa,WAAW,GAAG;AAC3B;AAAA,IACJ;AAAA,EACJ;AACA,QAAM,IAAI,yBAAyB;AAAA;AAAA;AAAA,0DAGmB,EAAE,OAAO,CAAC;AACpE;;;ACrCO,SAAS,iBAAiB,KAAK;AAClC,SAAO,IAAI,YAAY;AAAA,IACnB,UAAU,IAAI;AAAA,IACd,UAAU,IAAI;AAAA,IACd,MAAM,OAAO,IAAI,IAAI;AAAA,IACrB,MAAM,IAAI;AAAA,IACV,OAAO,MAAM,KAAK,IAAI,aAAa,QAAQ,CAAC,EAAE,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM;AAClE,UAAI,CAAC,IAAI;AACT,aAAO;AAAA,IACX,GAAG,CAAC,CAAC;AAAA,IACL,UAAU,IAAI;AAAA,EAClB,CAAC;AACL;AACA,eAAsB,eAAe,UAAU,QAAQ;AACnD,QAAM,SAAS,eAAe,SAAS,IAAI;AAC3C,QAAM,MAAM,MAAM,OAAO,kBAAkB;AAC3C,MAAI,SAAS,eAAe,KAAK;AAC7B,UAAM,SAAS,KAAK,MAAM,GAAG;AAC7B,QAAI,OAAO,OAAO,gBAAgB,YAC9B,OAAO,OAAO,oBAAoB,YAClC,OAAO,OAAO,UAAU,YACxB,OAAO,OAAO,eAAe,UAAU;AACvC,YAAM,IAAI,yBAAyB,kLACiE,EAAE,OAAO,CAAC;AAAA,IAClH;AACA,WAAO;AAAA,MACH,aAAa,OAAO;AAAA,MACpB,iBAAiB,OAAO;AAAA,MACxB,cAAc,OAAO;AAAA,MACrB,YAAY,qBAAqB,OAAO,UAAU;AAAA,IACtD;AAAA,EACJ;AACA,MAAI,SAAS,cAAc,OAAO,SAAS,aAAa,KAAK;AACzD,QAAI,aAAa,CAAC;AAClB,QAAI;AACA,mBAAa,KAAK,MAAM,GAAG;AAAA,IAC/B,SACO,GAAG;AAAA,IAAE;AACZ,UAAM,OAAO,OAAO,IAAI,yBAAyB,iCAAiC,SAAS,UAAU,IAAI,EAAE,OAAO,CAAC,GAAG;AAAA,MAClH,MAAM,WAAW;AAAA,MACjB,SAAS,WAAW;AAAA,IACxB,CAAC;AAAA,EACL;AACA,QAAM,IAAI,yBAAyB,iCAAiC,SAAS,UAAU,IAAI,EAAE,OAAO,CAAC;AACzG;;;AChDO,IAAM,eAAe,CAAC,SAAS,YAAY,YAAY;AAC1D,SAAO,YAAY;AACf,aAAS,IAAI,GAAG,IAAI,YAAY,EAAE,GAAG;AACjC,UAAI;AACA,eAAO,MAAM,QAAQ;AAAA,MACzB,SACO,GAAG;AACN,cAAM,IAAI,QAAQ,CAAC,YAAY,WAAW,SAAS,OAAO,CAAC;AAAA,MAC/D;AAAA,IACJ;AACA,WAAO,MAAM,QAAQ;AAAA,EACzB;AACJ;;;AHLA,IAAM,yCAAyC;AAC/C,IAAM,0BAA0B;AAChC,IAAM,qCAAqC;AAC3C,IAAM,yCAAyC;AAC/C,IAAM,oCAAoC;AACnC,IAAM,WAAW,CAAC,UAAU,CAAC,MAAM;AACtC,UAAQ,QAAQ,MAAM,8CAA8C;AACpE,MAAI;AACJ,QAAM,WAAW,QAAQ,sCAAsC,QAAQ,IAAI,sCAAsC;AACjH,QAAM,OAAO,QAAQ,kCAAkC,QAAQ,IAAI,kCAAkC;AACrG,QAAM,QAAQ,QAAQ,kCAAkC,QAAQ,IAAI,iCAAiC;AACrG,QAAM,YAAY,QAAQ,sCAAsC,QAAQ,IAAI,sCAAsC;AAClH,QAAM,OAAO,QAAQ,QAAQ,aAAa,SAAS,gBAAgB,CAAC,QAAQ,SAAS,QAAQ,OAAO,QAAQ,OAAO;AACnH,MAAI,YAAY,MAAM;AAClB,SAAK,6HACyF;AAC9F,SAAK,sDAAsD;AAAA,EAC/D;AACA,MAAI,SAAS,WAAW;AACpB,SAAK,6HACyF;AAC9F,SAAK,sDAAsD;AAAA,EAC/D;AACA,MAAI,MAAM;AACN,WAAO;AAAA,EACX,WACS,UAAU;AACf,WAAO,GAAG,uBAAuB,GAAG,QAAQ;AAAA,EAChD,OACK;AACD,UAAM,IAAI,yBAAyB;AAAA,oFACyC,EAAE,QAAQ,QAAQ,OAAO,CAAC;AAAA,EAC1G;AACA,QAAM,MAAM,IAAI,IAAI,IAAI;AACxB,WAAS,KAAK,QAAQ,MAAM;AAC5B,QAAM,iBAAiB,IAAI,gBAAgB;AAAA,IACvC,gBAAgB,QAAQ,WAAW;AAAA,IACnC,mBAAmB,QAAQ,WAAW;AAAA,EAC1C,CAAC;AACD,SAAO,aAAa,YAAY;AAC5B,UAAM,UAAU,iBAAiB,GAAG;AACpC,QAAI,OAAO;AACP,cAAQ,QAAQ,gBAAgB;AAAA,IACpC,WACS,WAAW;AAChB,cAAQ,QAAQ,iBAAiB,MAAM,GAAG,SAAS,SAAS,GAAG,SAAS;AAAA,IAC5E;AACA,QAAI;AACA,YAAM,SAAS,MAAM,eAAe,OAAO,OAAO;AAClD,aAAO,eAAe,OAAO,QAAQ,EAAE,KAAK,CAAC,UAAU,qBAAqB,OAAO,oBAAoB,GAAG,CAAC;AAAA,IAC/G,SACO,GAAG;AACN,YAAM,IAAI,yBAAyB,OAAO,CAAC,GAAG,EAAE,QAAQ,QAAQ,OAAO,CAAC;AAAA,IAC5E;AAAA,EACJ,GAAG,QAAQ,cAAc,GAAG,QAAQ,WAAW,GAAI;AACvD;","names":[]}
|
|
1
|
+
{"version":3,"sources":["../../node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/fromHttp.js","../../node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/checkUrl.js","../../node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/requestHelpers.js","../../node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/retry-wrapper.js"],"sourcesContent":["import { setCredentialFeature } from \"@aws-sdk/core/client\";\nimport { NodeHttpHandler } from \"@smithy/node-http-handler\";\nimport { CredentialsProviderError } from \"@smithy/property-provider\";\nimport fs from \"fs/promises\";\nimport { checkUrl } from \"./checkUrl\";\nimport { createGetRequest, getCredentials } from \"./requestHelpers\";\nimport { retryWrapper } from \"./retry-wrapper\";\nconst AWS_CONTAINER_CREDENTIALS_RELATIVE_URI = \"AWS_CONTAINER_CREDENTIALS_RELATIVE_URI\";\nconst DEFAULT_LINK_LOCAL_HOST = \"http://169.254.170.2\";\nconst AWS_CONTAINER_CREDENTIALS_FULL_URI = \"AWS_CONTAINER_CREDENTIALS_FULL_URI\";\nconst AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE = \"AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE\";\nconst AWS_CONTAINER_AUTHORIZATION_TOKEN = \"AWS_CONTAINER_AUTHORIZATION_TOKEN\";\nexport const fromHttp = (options = {}) => {\n options.logger?.debug(\"@aws-sdk/credential-provider-http - fromHttp\");\n let host;\n const relative = options.awsContainerCredentialsRelativeUri ?? process.env[AWS_CONTAINER_CREDENTIALS_RELATIVE_URI];\n const full = options.awsContainerCredentialsFullUri ?? process.env[AWS_CONTAINER_CREDENTIALS_FULL_URI];\n const token = options.awsContainerAuthorizationToken ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN];\n const tokenFile = options.awsContainerAuthorizationTokenFile ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE];\n const warn = options.logger?.constructor?.name === \"NoOpLogger\" || !options.logger ? console.warn : options.logger.warn;\n if (relative && full) {\n warn(\"@aws-sdk/credential-provider-http: \" +\n \"you have set both awsContainerCredentialsRelativeUri and awsContainerCredentialsFullUri.\");\n warn(\"awsContainerCredentialsFullUri will take precedence.\");\n }\n if (token && tokenFile) {\n warn(\"@aws-sdk/credential-provider-http: \" +\n \"you have set both awsContainerAuthorizationToken and awsContainerAuthorizationTokenFile.\");\n warn(\"awsContainerAuthorizationToken will take precedence.\");\n }\n if (full) {\n host = full;\n }\n else if (relative) {\n host = `${DEFAULT_LINK_LOCAL_HOST}${relative}`;\n }\n else {\n throw new CredentialsProviderError(`No HTTP credential provider host provided.\nSet AWS_CONTAINER_CREDENTIALS_FULL_URI or AWS_CONTAINER_CREDENTIALS_RELATIVE_URI.`, { logger: options.logger });\n }\n const url = new URL(host);\n checkUrl(url, options.logger);\n const requestHandler = new NodeHttpHandler({\n requestTimeout: options.timeout ?? 1000,\n connectionTimeout: options.timeout ?? 1000,\n });\n return retryWrapper(async () => {\n const request = createGetRequest(url);\n if (token) {\n request.headers.Authorization = token;\n }\n else if (tokenFile) {\n request.headers.Authorization = (await fs.readFile(tokenFile)).toString();\n }\n try {\n const result = await requestHandler.handle(request);\n return getCredentials(result.response).then((creds) => setCredentialFeature(creds, \"CREDENTIALS_HTTP\", \"z\"));\n }\n catch (e) {\n throw new CredentialsProviderError(String(e), { logger: options.logger });\n }\n }, options.maxRetries ?? 3, options.timeout ?? 1000);\n};\n","import { CredentialsProviderError } from \"@smithy/property-provider\";\nconst LOOPBACK_CIDR_IPv4 = \"127.0.0.0/8\";\nconst LOOPBACK_CIDR_IPv6 = \"::1/128\";\nconst ECS_CONTAINER_HOST = \"169.254.170.2\";\nconst EKS_CONTAINER_HOST_IPv4 = \"169.254.170.23\";\nconst EKS_CONTAINER_HOST_IPv6 = \"[fd00:ec2::23]\";\nexport const checkUrl = (url, logger) => {\n if (url.protocol === \"https:\") {\n return;\n }\n if (url.hostname === ECS_CONTAINER_HOST ||\n url.hostname === EKS_CONTAINER_HOST_IPv4 ||\n url.hostname === EKS_CONTAINER_HOST_IPv6) {\n return;\n }\n if (url.hostname.includes(\"[\")) {\n if (url.hostname === \"[::1]\" || url.hostname === \"[0000:0000:0000:0000:0000:0000:0000:0001]\") {\n return;\n }\n }\n else {\n if (url.hostname === \"localhost\") {\n return;\n }\n const ipComponents = url.hostname.split(\".\");\n const inRange = (component) => {\n const num = parseInt(component, 10);\n return 0 <= num && num <= 255;\n };\n if (ipComponents[0] === \"127\" &&\n inRange(ipComponents[1]) &&\n inRange(ipComponents[2]) &&\n inRange(ipComponents[3]) &&\n ipComponents.length === 4) {\n return;\n }\n }\n throw new CredentialsProviderError(`URL not accepted. It must either be HTTPS or match one of the following:\n - loopback CIDR 127.0.0.0/8 or [::1/128]\n - ECS container host 169.254.170.2\n - EKS container host 169.254.170.23 or [fd00:ec2::23]`, { logger });\n};\n","import { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { HttpRequest } from \"@smithy/protocol-http\";\nimport { parseRfc3339DateTime } from \"@smithy/smithy-client\";\nimport { sdkStreamMixin } from \"@smithy/util-stream\";\nexport function createGetRequest(url) {\n return new HttpRequest({\n protocol: url.protocol,\n hostname: url.hostname,\n port: Number(url.port),\n path: url.pathname,\n query: Array.from(url.searchParams.entries()).reduce((acc, [k, v]) => {\n acc[k] = v;\n return acc;\n }, {}),\n fragment: url.hash,\n });\n}\nexport async function getCredentials(response, logger) {\n const stream = sdkStreamMixin(response.body);\n const str = await stream.transformToString();\n if (response.statusCode === 200) {\n const parsed = JSON.parse(str);\n if (typeof parsed.AccessKeyId !== \"string\" ||\n typeof parsed.SecretAccessKey !== \"string\" ||\n typeof parsed.Token !== \"string\" ||\n typeof parsed.Expiration !== \"string\") {\n throw new CredentialsProviderError(\"HTTP credential provider response not of the required format, an object matching: \" +\n \"{ AccessKeyId: string, SecretAccessKey: string, Token: string, Expiration: string(rfc3339) }\", { logger });\n }\n return {\n accessKeyId: parsed.AccessKeyId,\n secretAccessKey: parsed.SecretAccessKey,\n sessionToken: parsed.Token,\n expiration: parseRfc3339DateTime(parsed.Expiration),\n };\n }\n if (response.statusCode >= 400 && response.statusCode < 500) {\n let parsedBody = {};\n try {\n parsedBody = JSON.parse(str);\n }\n catch (e) { }\n throw Object.assign(new CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger }), {\n Code: parsedBody.Code,\n Message: parsedBody.Message,\n });\n }\n throw new CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger });\n}\n","export const retryWrapper = (toRetry, maxRetries, delayMs) => {\n return async () => {\n for (let i = 0; i < maxRetries; ++i) {\n try {\n return await toRetry();\n }\n catch (e) {\n await new Promise((resolve) => setTimeout(resolve, delayMs));\n }\n }\n return await toRetry();\n };\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAGA,OAAO,QAAQ;;;ACAf,IAAM,qBAAqB;AAC3B,IAAM,0BAA0B;AAChC,IAAM,0BAA0B;AACzB,IAAM,WAAW,CAAC,KAAK,WAAW;AACrC,MAAI,IAAI,aAAa,UAAU;AAC3B;AAAA,EACJ;AACA,MAAI,IAAI,aAAa,sBACjB,IAAI,aAAa,2BACjB,IAAI,aAAa,yBAAyB;AAC1C;AAAA,EACJ;AACA,MAAI,IAAI,SAAS,SAAS,GAAG,GAAG;AAC5B,QAAI,IAAI,aAAa,WAAW,IAAI,aAAa,6CAA6C;AAC1F;AAAA,IACJ;AAAA,EACJ,OACK;AACD,QAAI,IAAI,aAAa,aAAa;AAC9B;AAAA,IACJ;AACA,UAAM,eAAe,IAAI,SAAS,MAAM,GAAG;AAC3C,UAAM,UAAU,CAAC,cAAc;AAC3B,YAAM,MAAM,SAAS,WAAW,EAAE;AAClC,aAAO,KAAK,OAAO,OAAO;AAAA,IAC9B;AACA,QAAI,aAAa,CAAC,MAAM,SACpB,QAAQ,aAAa,CAAC,CAAC,KACvB,QAAQ,aAAa,CAAC,CAAC,KACvB,QAAQ,aAAa,CAAC,CAAC,KACvB,aAAa,WAAW,GAAG;AAC3B;AAAA,IACJ;AAAA,EACJ;AACA,QAAM,IAAI,yBAAyB;AAAA;AAAA;AAAA,0DAGmB,EAAE,OAAO,CAAC;AACpE;;;ACrCO,SAAS,iBAAiB,KAAK;AAClC,SAAO,IAAI,YAAY;AAAA,IACnB,UAAU,IAAI;AAAA,IACd,UAAU,IAAI;AAAA,IACd,MAAM,OAAO,IAAI,IAAI;AAAA,IACrB,MAAM,IAAI;AAAA,IACV,OAAO,MAAM,KAAK,IAAI,aAAa,QAAQ,CAAC,EAAE,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM;AAClE,UAAI,CAAC,IAAI;AACT,aAAO;AAAA,IACX,GAAG,CAAC,CAAC;AAAA,IACL,UAAU,IAAI;AAAA,EAClB,CAAC;AACL;AACA,eAAsB,eAAe,UAAU,QAAQ;AACnD,QAAM,SAAS,eAAe,SAAS,IAAI;AAC3C,QAAM,MAAM,MAAM,OAAO,kBAAkB;AAC3C,MAAI,SAAS,eAAe,KAAK;AAC7B,UAAM,SAAS,KAAK,MAAM,GAAG;AAC7B,QAAI,OAAO,OAAO,gBAAgB,YAC9B,OAAO,OAAO,oBAAoB,YAClC,OAAO,OAAO,UAAU,YACxB,OAAO,OAAO,eAAe,UAAU;AACvC,YAAM,IAAI,yBAAyB,kLACiE,EAAE,OAAO,CAAC;AAAA,IAClH;AACA,WAAO;AAAA,MACH,aAAa,OAAO;AAAA,MACpB,iBAAiB,OAAO;AAAA,MACxB,cAAc,OAAO;AAAA,MACrB,YAAY,qBAAqB,OAAO,UAAU;AAAA,IACtD;AAAA,EACJ;AACA,MAAI,SAAS,cAAc,OAAO,SAAS,aAAa,KAAK;AACzD,QAAI,aAAa,CAAC;AAClB,QAAI;AACA,mBAAa,KAAK,MAAM,GAAG;AAAA,IAC/B,SACO,GAAG;AAAA,IAAE;AACZ,UAAM,OAAO,OAAO,IAAI,yBAAyB,iCAAiC,SAAS,UAAU,IAAI,EAAE,OAAO,CAAC,GAAG;AAAA,MAClH,MAAM,WAAW;AAAA,MACjB,SAAS,WAAW;AAAA,IACxB,CAAC;AAAA,EACL;AACA,QAAM,IAAI,yBAAyB,iCAAiC,SAAS,UAAU,IAAI,EAAE,OAAO,CAAC;AACzG;;;AChDO,IAAM,eAAe,CAAC,SAAS,YAAY,YAAY;AAC1D,SAAO,YAAY;AACf,aAAS,IAAI,GAAG,IAAI,YAAY,EAAE,GAAG;AACjC,UAAI;AACA,eAAO,MAAM,QAAQ;AAAA,MACzB,SACO,GAAG;AACN,cAAM,IAAI,QAAQ,CAAC,YAAY,WAAW,SAAS,OAAO,CAAC;AAAA,MAC/D;AAAA,IACJ;AACA,WAAO,MAAM,QAAQ;AAAA,EACzB;AACJ;;;AHLA,IAAM,yCAAyC;AAC/C,IAAM,0BAA0B;AAChC,IAAM,qCAAqC;AAC3C,IAAM,yCAAyC;AAC/C,IAAM,oCAAoC;AACnC,IAAM,WAAW,CAAC,UAAU,CAAC,MAAM;AACtC,UAAQ,QAAQ,MAAM,8CAA8C;AACpE,MAAI;AACJ,QAAM,WAAW,QAAQ,sCAAsC,QAAQ,IAAI,sCAAsC;AACjH,QAAM,OAAO,QAAQ,kCAAkC,QAAQ,IAAI,kCAAkC;AACrG,QAAM,QAAQ,QAAQ,kCAAkC,QAAQ,IAAI,iCAAiC;AACrG,QAAM,YAAY,QAAQ,sCAAsC,QAAQ,IAAI,sCAAsC;AAClH,QAAM,OAAO,QAAQ,QAAQ,aAAa,SAAS,gBAAgB,CAAC,QAAQ,SAAS,QAAQ,OAAO,QAAQ,OAAO;AACnH,MAAI,YAAY,MAAM;AAClB,SAAK,6HACyF;AAC9F,SAAK,sDAAsD;AAAA,EAC/D;AACA,MAAI,SAAS,WAAW;AACpB,SAAK,6HACyF;AAC9F,SAAK,sDAAsD;AAAA,EAC/D;AACA,MAAI,MAAM;AACN,WAAO;AAAA,EACX,WACS,UAAU;AACf,WAAO,GAAG,uBAAuB,GAAG,QAAQ;AAAA,EAChD,OACK;AACD,UAAM,IAAI,yBAAyB;AAAA,oFACyC,EAAE,QAAQ,QAAQ,OAAO,CAAC;AAAA,EAC1G;AACA,QAAM,MAAM,IAAI,IAAI,IAAI;AACxB,WAAS,KAAK,QAAQ,MAAM;AAC5B,QAAM,iBAAiB,IAAI,gBAAgB;AAAA,IACvC,gBAAgB,QAAQ,WAAW;AAAA,IACnC,mBAAmB,QAAQ,WAAW;AAAA,EAC1C,CAAC;AACD,SAAO,aAAa,YAAY;AAC5B,UAAM,UAAU,iBAAiB,GAAG;AACpC,QAAI,OAAO;AACP,cAAQ,QAAQ,gBAAgB;AAAA,IACpC,WACS,WAAW;AAChB,cAAQ,QAAQ,iBAAiB,MAAM,GAAG,SAAS,SAAS,GAAG,SAAS;AAAA,IAC5E;AACA,QAAI;AACA,YAAM,SAAS,MAAM,eAAe,OAAO,OAAO;AAClD,aAAO,eAAe,OAAO,QAAQ,EAAE,KAAK,CAAC,UAAU,qBAAqB,OAAO,oBAAoB,GAAG,CAAC;AAAA,IAC/G,SACO,GAAG;AACN,YAAM,IAAI,yBAAyB,OAAO,CAAC,GAAG,EAAE,QAAQ,QAAQ,OAAO,CAAC;AAAA,IAC5E;AAAA,EACJ,GAAG,QAAQ,cAAc,GAAG,QAAQ,WAAW,GAAI;AACvD;","names":[]}
|
|
@@ -3,7 +3,8 @@ import {
|
|
|
3
3
|
} from "./chunk-UZGMBQZB.js";
|
|
4
4
|
import {
|
|
5
5
|
CredentialsProviderError
|
|
6
|
-
} from "./chunk-
|
|
6
|
+
} from "./chunk-R2ZTENKB.js";
|
|
7
|
+
import "./chunk-PZ5AY32C.js";
|
|
7
8
|
|
|
8
9
|
// node_modules/@aws-sdk/credential-provider-web-identity/dist-es/fromTokenFile.js
|
|
9
10
|
import { readFileSync } from "fs";
|
|
@@ -14,7 +15,7 @@ var fromWebToken = (init) => async (awsIdentityProperties) => {
|
|
|
14
15
|
const { roleArn, roleSessionName, webIdentityToken, providerId, policyArns, policy, durationSeconds } = init;
|
|
15
16
|
let { roleAssumerWithWebIdentity } = init;
|
|
16
17
|
if (!roleAssumerWithWebIdentity) {
|
|
17
|
-
const { getDefaultRoleAssumerWithWebIdentity } = await import("./sts-
|
|
18
|
+
const { getDefaultRoleAssumerWithWebIdentity } = await import("./sts-7N2XX5PT.js");
|
|
18
19
|
roleAssumerWithWebIdentity = getDefaultRoleAssumerWithWebIdentity({
|
|
19
20
|
...init.clientConfig,
|
|
20
21
|
credentialProviderLogger: init.logger,
|
|
@@ -64,4 +65,4 @@ export {
|
|
|
64
65
|
fromTokenFile,
|
|
65
66
|
fromWebToken
|
|
66
67
|
};
|
|
67
|
-
//# sourceMappingURL=dist-es-
|
|
68
|
+
//# sourceMappingURL=dist-es-YPLWYQ2P.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../node_modules/@aws-sdk/credential-provider-web-identity/dist-es/fromTokenFile.js","../../node_modules/@aws-sdk/credential-provider-web-identity/dist-es/fromWebToken.js"],"sourcesContent":["import { setCredentialFeature } from \"@aws-sdk/core/client\";\nimport { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { readFileSync } from \"fs\";\nimport { fromWebToken } from \"./fromWebToken\";\nconst ENV_TOKEN_FILE = \"AWS_WEB_IDENTITY_TOKEN_FILE\";\nconst ENV_ROLE_ARN = \"AWS_ROLE_ARN\";\nconst ENV_ROLE_SESSION_NAME = \"AWS_ROLE_SESSION_NAME\";\nexport const fromTokenFile = (init = {}) => async () => {\n init.logger?.debug(\"@aws-sdk/credential-provider-web-identity - fromTokenFile\");\n const webIdentityTokenFile = init?.webIdentityTokenFile ?? process.env[ENV_TOKEN_FILE];\n const roleArn = init?.roleArn ?? process.env[ENV_ROLE_ARN];\n const roleSessionName = init?.roleSessionName ?? process.env[ENV_ROLE_SESSION_NAME];\n if (!webIdentityTokenFile || !roleArn) {\n throw new CredentialsProviderError(\"Web identity configuration not specified\", {\n logger: init.logger,\n });\n }\n const credentials = await fromWebToken({\n ...init,\n webIdentityToken: readFileSync(webIdentityTokenFile, { encoding: \"ascii\" }),\n roleArn,\n roleSessionName,\n })();\n if (webIdentityTokenFile === process.env[ENV_TOKEN_FILE]) {\n setCredentialFeature(credentials, \"CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN\", \"h\");\n }\n return credentials;\n};\n","export const fromWebToken = (init) => async (awsIdentityProperties) => {\n init.logger?.debug(\"@aws-sdk/credential-provider-web-identity - fromWebToken\");\n const { roleArn, roleSessionName, webIdentityToken, providerId, policyArns, policy, durationSeconds } = init;\n let { roleAssumerWithWebIdentity } = init;\n if (!roleAssumerWithWebIdentity) {\n const { getDefaultRoleAssumerWithWebIdentity } = await import(\"@aws-sdk/nested-clients/sts\");\n roleAssumerWithWebIdentity = getDefaultRoleAssumerWithWebIdentity({\n ...init.clientConfig,\n credentialProviderLogger: init.logger,\n parentClientConfig: {\n ...awsIdentityProperties?.callerClientConfig,\n ...init.parentClientConfig,\n },\n }, init.clientPlugins);\n }\n return roleAssumerWithWebIdentity({\n RoleArn: roleArn,\n RoleSessionName: roleSessionName ?? `aws-sdk-js-session-${Date.now()}`,\n WebIdentityToken: webIdentityToken,\n ProviderId: providerId,\n PolicyArns: policyArns,\n Policy: policy,\n DurationSeconds: durationSeconds,\n });\n};\n"],"mappings":"
|
|
1
|
+
{"version":3,"sources":["../../node_modules/@aws-sdk/credential-provider-web-identity/dist-es/fromTokenFile.js","../../node_modules/@aws-sdk/credential-provider-web-identity/dist-es/fromWebToken.js"],"sourcesContent":["import { setCredentialFeature } from \"@aws-sdk/core/client\";\nimport { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { readFileSync } from \"fs\";\nimport { fromWebToken } from \"./fromWebToken\";\nconst ENV_TOKEN_FILE = \"AWS_WEB_IDENTITY_TOKEN_FILE\";\nconst ENV_ROLE_ARN = \"AWS_ROLE_ARN\";\nconst ENV_ROLE_SESSION_NAME = \"AWS_ROLE_SESSION_NAME\";\nexport const fromTokenFile = (init = {}) => async () => {\n init.logger?.debug(\"@aws-sdk/credential-provider-web-identity - fromTokenFile\");\n const webIdentityTokenFile = init?.webIdentityTokenFile ?? process.env[ENV_TOKEN_FILE];\n const roleArn = init?.roleArn ?? process.env[ENV_ROLE_ARN];\n const roleSessionName = init?.roleSessionName ?? process.env[ENV_ROLE_SESSION_NAME];\n if (!webIdentityTokenFile || !roleArn) {\n throw new CredentialsProviderError(\"Web identity configuration not specified\", {\n logger: init.logger,\n });\n }\n const credentials = await fromWebToken({\n ...init,\n webIdentityToken: readFileSync(webIdentityTokenFile, { encoding: \"ascii\" }),\n roleArn,\n roleSessionName,\n })();\n if (webIdentityTokenFile === process.env[ENV_TOKEN_FILE]) {\n setCredentialFeature(credentials, \"CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN\", \"h\");\n }\n return credentials;\n};\n","export const fromWebToken = (init) => async (awsIdentityProperties) => {\n init.logger?.debug(\"@aws-sdk/credential-provider-web-identity - fromWebToken\");\n const { roleArn, roleSessionName, webIdentityToken, providerId, policyArns, policy, durationSeconds } = init;\n let { roleAssumerWithWebIdentity } = init;\n if (!roleAssumerWithWebIdentity) {\n const { getDefaultRoleAssumerWithWebIdentity } = await import(\"@aws-sdk/nested-clients/sts\");\n roleAssumerWithWebIdentity = getDefaultRoleAssumerWithWebIdentity({\n ...init.clientConfig,\n credentialProviderLogger: init.logger,\n parentClientConfig: {\n ...awsIdentityProperties?.callerClientConfig,\n ...init.parentClientConfig,\n },\n }, init.clientPlugins);\n }\n return roleAssumerWithWebIdentity({\n RoleArn: roleArn,\n RoleSessionName: roleSessionName ?? `aws-sdk-js-session-${Date.now()}`,\n WebIdentityToken: webIdentityToken,\n ProviderId: providerId,\n PolicyArns: policyArns,\n Policy: policy,\n DurationSeconds: durationSeconds,\n });\n};\n"],"mappings":";;;;;;;;;AAEA,SAAS,oBAAoB;;;ACFtB,IAAM,eAAe,CAAC,SAAS,OAAO,0BAA0B;AACnE,OAAK,QAAQ,MAAM,0DAA0D;AAC7E,QAAM,EAAE,SAAS,iBAAiB,kBAAkB,YAAY,YAAY,QAAQ,gBAAgB,IAAI;AACxG,MAAI,EAAE,2BAA2B,IAAI;AACrC,MAAI,CAAC,4BAA4B;AAC7B,UAAM,EAAE,qCAAqC,IAAI,MAAM,OAAO,mBAA6B;AAC3F,iCAA6B,qCAAqC;AAAA,MAC9D,GAAG,KAAK;AAAA,MACR,0BAA0B,KAAK;AAAA,MAC/B,oBAAoB;AAAA,QAChB,GAAG,uBAAuB;AAAA,QAC1B,GAAG,KAAK;AAAA,MACZ;AAAA,IACJ,GAAG,KAAK,aAAa;AAAA,EACzB;AACA,SAAO,2BAA2B;AAAA,IAC9B,SAAS;AAAA,IACT,iBAAiB,mBAAmB,sBAAsB,KAAK,IAAI,CAAC;AAAA,IACpE,kBAAkB;AAAA,IAClB,YAAY;AAAA,IACZ,YAAY;AAAA,IACZ,QAAQ;AAAA,IACR,iBAAiB;AAAA,EACrB,CAAC;AACL;;;ADpBA,IAAM,iBAAiB;AACvB,IAAM,eAAe;AACrB,IAAM,wBAAwB;AACvB,IAAM,gBAAgB,CAAC,OAAO,CAAC,MAAM,YAAY;AACpD,OAAK,QAAQ,MAAM,2DAA2D;AAC9E,QAAM,uBAAuB,MAAM,wBAAwB,QAAQ,IAAI,cAAc;AACrF,QAAM,UAAU,MAAM,WAAW,QAAQ,IAAI,YAAY;AACzD,QAAM,kBAAkB,MAAM,mBAAmB,QAAQ,IAAI,qBAAqB;AAClF,MAAI,CAAC,wBAAwB,CAAC,SAAS;AACnC,UAAM,IAAI,yBAAyB,4CAA4C;AAAA,MAC3E,QAAQ,KAAK;AAAA,IACjB,CAAC;AAAA,EACL;AACA,QAAM,cAAc,MAAM,aAAa;AAAA,IACnC,GAAG;AAAA,IACH,kBAAkB,aAAa,sBAAsB,EAAE,UAAU,QAAQ,CAAC;AAAA,IAC1E;AAAA,IACA;AAAA,EACJ,CAAC,EAAE;AACH,MAAI,yBAAyB,QAAQ,IAAI,cAAc,GAAG;AACtD,yBAAqB,aAAa,yCAAyC,GAAG;AAAA,EAClF;AACA,SAAO;AACX;","names":[]}
|