@karmaniverous/get-dotenv 7.0.6 → 7.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/chunks/{createCli-BkHLeYXL.mjs → createCli-CUPiFVdZ.mjs} +27 -10
- package/dist/chunks/index-CNXekCQC.mjs +96 -0
- package/dist/chunks/{index-Dd6S1nZ-.mjs → index-DnG3N6yj.mjs} +6 -6
- package/dist/chunks/{loader-V1vbmtyw.mjs → loader-C3DtD6HB.mjs} +4 -2
- package/dist/chunks/{readDotenvCascade-Dgx4SC1p.mjs → readDotenvCascade-CfFPgLCp.mjs} +52 -21
- package/dist/chunks/{readMergedOptions-CraAnYdB.mjs → readMergedOptions-BT1C87_u.mjs} +53 -13
- package/dist/chunks/{resolveCliOptions-BMBkWDYJ.mjs → resolveCliOptions-BbfouWSK.mjs} +1 -1
- package/dist/chunks/{spawnEnv-CKgnHGpr.mjs → spawnEnv-DvisqPiU.mjs} +28 -3
- package/dist/chunks/{types-BthqmnDr.mjs → types-BkQxnyZK.mjs} +1 -1
- package/dist/cli.d.ts +29 -8
- package/dist/cli.mjs +11 -15
- package/dist/cliHost.d.ts +29 -8
- package/dist/cliHost.mjs +6 -6
- package/dist/config.d.ts +1 -1
- package/dist/config.mjs +1 -1
- package/dist/env-overlay.d.ts +13 -9
- package/dist/env-overlay.mjs +2 -2
- package/dist/getdotenv.cli.mjs +11 -15
- package/dist/index.d.ts +30 -9
- package/dist/index.mjs +31 -23
- package/dist/plugins-aws.d.ts +12 -1
- package/dist/plugins-aws.mjs +8 -7
- package/dist/plugins-batch.d.ts +28 -1
- package/dist/plugins-batch.mjs +202 -68
- package/dist/plugins-cmd.d.ts +12 -1
- package/dist/plugins-cmd.mjs +6 -6
- package/dist/plugins-init.d.ts +12 -1
- package/dist/plugins-init.mjs +3 -3
- package/dist/plugins.d.ts +14 -1
- package/dist/plugins.mjs +10 -14
- package/package.json +40 -40
- package/schema/getdotenv.config.schema.json +207 -0
- package/dist/chunks/AwsRestJsonProtocol-4m7HHwvS.mjs +0 -1026
- package/dist/chunks/externalDataInterceptor-DyDNbv-D.mjs +0 -19
- package/dist/chunks/getSSOTokenFromFile-CkYcEieD.mjs +0 -22
- package/dist/chunks/index-B35hOhgq.mjs +0 -669
- package/dist/chunks/index-B3fM_U6F.mjs +0 -349
- package/dist/chunks/index-B_yJRqty.mjs +0 -541
- package/dist/chunks/index-BuxEK_Z4.mjs +0 -12529
- package/dist/chunks/index-C58EanKv.mjs +0 -383
- package/dist/chunks/index-CjWZ4uNg.mjs +0 -103
- package/dist/chunks/index-CsI5JuIM.mjs +0 -188
- package/dist/chunks/index-D-a5vkZL.mjs +0 -82
- package/dist/chunks/index-D6iVe1wh.mjs +0 -946
- package/dist/chunks/index-Dl8qC51H.mjs +0 -290
- package/dist/chunks/index-FT37CtcF.mjs +0 -31
- package/dist/chunks/index-QkVZTs6l.mjs +0 -519
- package/dist/chunks/loadSso-DF7GLUZf.mjs +0 -488
- package/dist/chunks/package-DbbYaehr.mjs +0 -5
- package/dist/chunks/parseKnownFiles-BZNrX_JE.mjs +0 -23
- package/dist/chunks/sdk-stream-mixin-BL49AxZx.mjs +0 -307
|
@@ -1,946 +0,0 @@
|
|
|
1
|
-
import { ar as loadConfig, q as NODE_REGION_CONFIG_FILE_OPTIONS, r as NODE_REGION_CONFIG_OPTIONS, B as BinaryDecisionDiagram, l as EndpointCache, $ as decideEndpoint, Q as awsEndpointFunctions, Z as customEndpointFunctions, aE as resolveAwsSdkSigV4Config, aD as resolveAwsSdkSigV4AConfig, au as normalizeProvider, ap as getSmithyContext, aK as resolveParams, O as SignatureV4MultiRegion, M as ServiceException, T as TypeRegistry, aT as toUtf8, a8 as fromUtf8, aA as parseUrl, A as AwsQueryProtocol, x as NoOpLogger, b as AwsSdkSigV4Signer, a as AwsSdkSigV4ASigner, w as NoAuthSigner, aR as toBase64, a6 as fromBase64, a1 as emitWarningIfUnsupportedVersion, aG as resolveDefaultsModeConfig, a2 as emitWarningIfUnsupportedVersion$1, aQ as streamCollector, V as calculateBodyLength, N as NODE_APP_ID_CONFIG_OPTIONS, v as NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS, u as NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS, t as NODE_SIGV4A_CONFIG_OPTIONS, H as Hash, s as NODE_RETRY_MODE_CONFIG_OPTIONS, D as DEFAULT_RETRY_MODE, y as NodeHttpHandler, p as NODE_MAX_ATTEMPT_CONFIG_OPTIONS, Y as createDefaultUserAgentProvider, o as NODE_AUTH_SCHEME_PREFERENCE_OPTIONS, as as loadConfigsForDefaultMode, aa as getAwsRegionExtensionConfiguration, ad as getDefaultExtensionConfiguration, ai as getHttpHandlerExtensionConfiguration, aC as resolveAwsRegionExtensionConfiguration, aF as resolveDefaultRuntimeConfig, aJ as resolveHttpHandlerRuntimeConfig, c as Client, aN as resolveUserAgentConfig, aM as resolveRetryConfig, aL as resolveRegionConfig, aH as resolveEndpointConfig, ao as getSchemaSerdePlugin, aq as getUserAgentPlugin, an as getRetryPlugin, ac as getContentLengthPlugin, ag as getHostHeaderPlugin, ak as getLoggerPlugin, am as getRecursionDetectionPlugin, ah as getHttpAuthSchemeEndpointRuleSetPlugin, f as DefaultIdentityProviderConfig, aj as getHttpSigningPlugin, aI as resolveHostHeaderConfig, d as Command, ae as getEndpointPlugin, aO as setCredentialFeature } from './index-BuxEK_Z4.mjs';
|
|
2
|
-
import { p as packageInfo } from './package-DbbYaehr.mjs';
|
|
3
|
-
import 'node:crypto';
|
|
4
|
-
import './readMergedOptions-CraAnYdB.mjs';
|
|
5
|
-
import 'zod';
|
|
6
|
-
import '@commander-js/extra-typings';
|
|
7
|
-
import './readDotenvCascade-Dgx4SC1p.mjs';
|
|
8
|
-
import 'fs-extra';
|
|
9
|
-
import 'radash';
|
|
10
|
-
import 'node:buffer';
|
|
11
|
-
import 'node:path';
|
|
12
|
-
import './loadModuleDefault-Dj8B3Stt.mjs';
|
|
13
|
-
import 'crypto';
|
|
14
|
-
import 'path';
|
|
15
|
-
import 'url';
|
|
16
|
-
import 'dotenv';
|
|
17
|
-
import 'nanoid';
|
|
18
|
-
import './loader-V1vbmtyw.mjs';
|
|
19
|
-
import 'package-directory';
|
|
20
|
-
import 'yaml';
|
|
21
|
-
import 'execa';
|
|
22
|
-
import 'node:os';
|
|
23
|
-
import 'node:fs/promises';
|
|
24
|
-
import 'node:stream';
|
|
25
|
-
import 'node:fs';
|
|
26
|
-
import 'node:https';
|
|
27
|
-
import 'node:process';
|
|
28
|
-
|
|
29
|
-
function stsRegionDefaultResolver(loaderConfig = {}) {
|
|
30
|
-
return loadConfig({
|
|
31
|
-
...NODE_REGION_CONFIG_OPTIONS,
|
|
32
|
-
async default() {
|
|
33
|
-
{
|
|
34
|
-
console.warn("@aws-sdk - WARN - default STS region of us-east-1 used. See @aws-sdk/credential-providers README and set a region explicitly.");
|
|
35
|
-
}
|
|
36
|
-
return "us-east-1";
|
|
37
|
-
},
|
|
38
|
-
}, { ...NODE_REGION_CONFIG_FILE_OPTIONS, ...loaderConfig });
|
|
39
|
-
}
|
|
40
|
-
|
|
41
|
-
const q = "ref";
|
|
42
|
-
const a = -1, b = true, c = "isSet", d = "PartitionResult", e = "booleanEquals", f = "stringEquals", g = "getAttr", h = "us-east-1", i = "sigv4", j = "sts", k = "https://sts.{Region}.{PartitionResult#dnsSuffix}", l = { [q]: "Endpoint" }, m = { [q]: "Region" }, n = { [q]: d }, o = {}, p = [m];
|
|
43
|
-
const _data = {
|
|
44
|
-
conditions: [
|
|
45
|
-
[c, [l]],
|
|
46
|
-
[c, p],
|
|
47
|
-
["aws.partition", p, d],
|
|
48
|
-
[e, [{ [q]: "UseFIPS" }, b]],
|
|
49
|
-
[e, [{ [q]: "UseDualStack" }, b]],
|
|
50
|
-
[f, [m, "aws-global"]],
|
|
51
|
-
[e, [{ [q]: "UseGlobalEndpoint" }, b]],
|
|
52
|
-
[f, [m, "eu-central-1"]],
|
|
53
|
-
[e, [{ fn: g, argv: [n, "supportsDualStack"] }, b]],
|
|
54
|
-
[e, [{ fn: g, argv: [n, "supportsFIPS"] }, b]],
|
|
55
|
-
[f, [m, "ap-south-1"]],
|
|
56
|
-
[f, [m, "eu-north-1"]],
|
|
57
|
-
[f, [m, "eu-west-1"]],
|
|
58
|
-
[f, [m, "eu-west-2"]],
|
|
59
|
-
[f, [m, "eu-west-3"]],
|
|
60
|
-
[f, [m, "sa-east-1"]],
|
|
61
|
-
[f, [m, h]],
|
|
62
|
-
[f, [m, "us-east-2"]],
|
|
63
|
-
[f, [m, "us-west-2"]],
|
|
64
|
-
[f, [m, "us-west-1"]],
|
|
65
|
-
[f, [m, "ca-central-1"]],
|
|
66
|
-
[f, [m, "ap-southeast-1"]],
|
|
67
|
-
[f, [m, "ap-northeast-1"]],
|
|
68
|
-
[f, [m, "ap-southeast-2"]],
|
|
69
|
-
[f, [{ fn: g, argv: [n, "name"] }, "aws-us-gov"]],
|
|
70
|
-
],
|
|
71
|
-
results: [
|
|
72
|
-
[a],
|
|
73
|
-
["https://sts.amazonaws.com", { authSchemes: [{ name: i, signingName: j, signingRegion: h }] }],
|
|
74
|
-
[k, { authSchemes: [{ name: i, signingName: j, signingRegion: "{Region}" }] }],
|
|
75
|
-
[a, "Invalid Configuration: FIPS and custom endpoint are not supported"],
|
|
76
|
-
[a, "Invalid Configuration: Dualstack and custom endpoint are not supported"],
|
|
77
|
-
[l, o],
|
|
78
|
-
["https://sts-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", o],
|
|
79
|
-
[a, "FIPS and DualStack are enabled, but this partition does not support one or both"],
|
|
80
|
-
["https://sts.{Region}.amazonaws.com", o],
|
|
81
|
-
["https://sts-fips.{Region}.{PartitionResult#dnsSuffix}", o],
|
|
82
|
-
[a, "FIPS is enabled but this partition does not support FIPS"],
|
|
83
|
-
["https://sts.{Region}.{PartitionResult#dualStackDnsSuffix}", o],
|
|
84
|
-
[a, "DualStack is enabled but this partition does not support DualStack"],
|
|
85
|
-
[k, o],
|
|
86
|
-
[a, "Invalid Configuration: Missing Region"],
|
|
87
|
-
],
|
|
88
|
-
};
|
|
89
|
-
const root = 2;
|
|
90
|
-
const r = 100_000_000;
|
|
91
|
-
const nodes = new Int32Array([
|
|
92
|
-
-1,
|
|
93
|
-
1,
|
|
94
|
-
-1,
|
|
95
|
-
0,
|
|
96
|
-
30,
|
|
97
|
-
3,
|
|
98
|
-
1,
|
|
99
|
-
4,
|
|
100
|
-
r + 14,
|
|
101
|
-
2,
|
|
102
|
-
5,
|
|
103
|
-
r + 14,
|
|
104
|
-
3,
|
|
105
|
-
25,
|
|
106
|
-
6,
|
|
107
|
-
4,
|
|
108
|
-
24,
|
|
109
|
-
7,
|
|
110
|
-
5,
|
|
111
|
-
r + 1,
|
|
112
|
-
8,
|
|
113
|
-
6,
|
|
114
|
-
9,
|
|
115
|
-
r + 13,
|
|
116
|
-
7,
|
|
117
|
-
r + 1,
|
|
118
|
-
10,
|
|
119
|
-
10,
|
|
120
|
-
r + 1,
|
|
121
|
-
11,
|
|
122
|
-
11,
|
|
123
|
-
r + 1,
|
|
124
|
-
12,
|
|
125
|
-
12,
|
|
126
|
-
r + 1,
|
|
127
|
-
13,
|
|
128
|
-
13,
|
|
129
|
-
r + 1,
|
|
130
|
-
14,
|
|
131
|
-
14,
|
|
132
|
-
r + 1,
|
|
133
|
-
15,
|
|
134
|
-
15,
|
|
135
|
-
r + 1,
|
|
136
|
-
16,
|
|
137
|
-
16,
|
|
138
|
-
r + 1,
|
|
139
|
-
17,
|
|
140
|
-
17,
|
|
141
|
-
r + 1,
|
|
142
|
-
18,
|
|
143
|
-
18,
|
|
144
|
-
r + 1,
|
|
145
|
-
19,
|
|
146
|
-
19,
|
|
147
|
-
r + 1,
|
|
148
|
-
20,
|
|
149
|
-
20,
|
|
150
|
-
r + 1,
|
|
151
|
-
21,
|
|
152
|
-
21,
|
|
153
|
-
r + 1,
|
|
154
|
-
22,
|
|
155
|
-
22,
|
|
156
|
-
r + 1,
|
|
157
|
-
23,
|
|
158
|
-
23,
|
|
159
|
-
r + 1,
|
|
160
|
-
r + 2,
|
|
161
|
-
8,
|
|
162
|
-
r + 11,
|
|
163
|
-
r + 12,
|
|
164
|
-
4,
|
|
165
|
-
28,
|
|
166
|
-
26,
|
|
167
|
-
9,
|
|
168
|
-
27,
|
|
169
|
-
r + 10,
|
|
170
|
-
24,
|
|
171
|
-
r + 8,
|
|
172
|
-
r + 9,
|
|
173
|
-
8,
|
|
174
|
-
29,
|
|
175
|
-
r + 7,
|
|
176
|
-
9,
|
|
177
|
-
r + 6,
|
|
178
|
-
r + 7,
|
|
179
|
-
3,
|
|
180
|
-
r + 3,
|
|
181
|
-
31,
|
|
182
|
-
4,
|
|
183
|
-
r + 4,
|
|
184
|
-
r + 5,
|
|
185
|
-
]);
|
|
186
|
-
const bdd = BinaryDecisionDiagram.from(nodes, root, _data.conditions, _data.results);
|
|
187
|
-
|
|
188
|
-
const cache = new EndpointCache({
|
|
189
|
-
size: 50,
|
|
190
|
-
params: ["Endpoint", "Region", "UseDualStack", "UseFIPS", "UseGlobalEndpoint"],
|
|
191
|
-
});
|
|
192
|
-
const defaultEndpointResolver = (endpointParams, context = {}) => {
|
|
193
|
-
return cache.get(endpointParams, () => decideEndpoint(bdd, {
|
|
194
|
-
endpointParams: endpointParams,
|
|
195
|
-
logger: context.logger,
|
|
196
|
-
}));
|
|
197
|
-
};
|
|
198
|
-
customEndpointFunctions.aws = awsEndpointFunctions;
|
|
199
|
-
|
|
200
|
-
const createEndpointRuleSetHttpAuthSchemeParametersProvider = (defaultHttpAuthSchemeParametersProvider) => async (config, context, input) => {
|
|
201
|
-
if (!input) {
|
|
202
|
-
throw new Error("Could not find `input` for `defaultEndpointRuleSetHttpAuthSchemeParametersProvider`");
|
|
203
|
-
}
|
|
204
|
-
const defaultParameters = await defaultHttpAuthSchemeParametersProvider(config, context, input);
|
|
205
|
-
const instructionsFn = getSmithyContext(context)?.commandInstance?.constructor
|
|
206
|
-
?.getEndpointParameterInstructions;
|
|
207
|
-
if (!instructionsFn) {
|
|
208
|
-
throw new Error(`getEndpointParameterInstructions() is not defined on '${context.commandName}'`);
|
|
209
|
-
}
|
|
210
|
-
const endpointParameters = await resolveParams(input, { getEndpointParameterInstructions: instructionsFn }, config);
|
|
211
|
-
return Object.assign(defaultParameters, endpointParameters);
|
|
212
|
-
};
|
|
213
|
-
const _defaultSTSHttpAuthSchemeParametersProvider = async (config, context, input) => {
|
|
214
|
-
return {
|
|
215
|
-
operation: getSmithyContext(context).operation,
|
|
216
|
-
region: (await normalizeProvider(config.region)()) ||
|
|
217
|
-
(() => {
|
|
218
|
-
throw new Error("expected `region` to be configured for `aws.auth#sigv4`");
|
|
219
|
-
})(),
|
|
220
|
-
};
|
|
221
|
-
};
|
|
222
|
-
const defaultSTSHttpAuthSchemeParametersProvider = createEndpointRuleSetHttpAuthSchemeParametersProvider(_defaultSTSHttpAuthSchemeParametersProvider);
|
|
223
|
-
function createAwsAuthSigv4HttpAuthOption(authParameters) {
|
|
224
|
-
return {
|
|
225
|
-
schemeId: "aws.auth#sigv4",
|
|
226
|
-
signingProperties: {
|
|
227
|
-
name: "sts",
|
|
228
|
-
region: authParameters.region,
|
|
229
|
-
},
|
|
230
|
-
propertiesExtractor: (config, context) => ({
|
|
231
|
-
signingProperties: {
|
|
232
|
-
config,
|
|
233
|
-
context,
|
|
234
|
-
},
|
|
235
|
-
}),
|
|
236
|
-
};
|
|
237
|
-
}
|
|
238
|
-
function createAwsAuthSigv4aHttpAuthOption(authParameters) {
|
|
239
|
-
return {
|
|
240
|
-
schemeId: "aws.auth#sigv4a",
|
|
241
|
-
signingProperties: {
|
|
242
|
-
name: "sts",
|
|
243
|
-
region: authParameters.region,
|
|
244
|
-
},
|
|
245
|
-
propertiesExtractor: (config, context) => ({
|
|
246
|
-
signingProperties: {
|
|
247
|
-
config,
|
|
248
|
-
context,
|
|
249
|
-
},
|
|
250
|
-
}),
|
|
251
|
-
};
|
|
252
|
-
}
|
|
253
|
-
function createSmithyApiNoAuthHttpAuthOption(authParameters) {
|
|
254
|
-
return {
|
|
255
|
-
schemeId: "smithy.api#noAuth",
|
|
256
|
-
};
|
|
257
|
-
}
|
|
258
|
-
const createEndpointRuleSetHttpAuthSchemeProvider = (defaultEndpointResolver, defaultHttpAuthSchemeResolver, createHttpAuthOptionFunctions) => {
|
|
259
|
-
const endpointRuleSetHttpAuthSchemeProvider = (authParameters) => {
|
|
260
|
-
const endpoint = defaultEndpointResolver(authParameters);
|
|
261
|
-
const authSchemes = endpoint.properties?.authSchemes;
|
|
262
|
-
if (!authSchemes) {
|
|
263
|
-
return defaultHttpAuthSchemeResolver(authParameters);
|
|
264
|
-
}
|
|
265
|
-
const options = [];
|
|
266
|
-
for (const scheme of authSchemes) {
|
|
267
|
-
const { name: resolvedName, properties = {}, ...rest } = scheme;
|
|
268
|
-
const name = resolvedName.toLowerCase();
|
|
269
|
-
if (resolvedName !== name) {
|
|
270
|
-
console.warn(`HttpAuthScheme has been normalized with lowercasing: '${resolvedName}' to '${name}'`);
|
|
271
|
-
}
|
|
272
|
-
let schemeId;
|
|
273
|
-
if (name === "sigv4a") {
|
|
274
|
-
schemeId = "aws.auth#sigv4a";
|
|
275
|
-
const sigv4Present = authSchemes.find((s) => {
|
|
276
|
-
const name = s.name.toLowerCase();
|
|
277
|
-
return name !== "sigv4a" && name.startsWith("sigv4");
|
|
278
|
-
});
|
|
279
|
-
if (SignatureV4MultiRegion.sigv4aDependency() === "none" && sigv4Present) {
|
|
280
|
-
continue;
|
|
281
|
-
}
|
|
282
|
-
}
|
|
283
|
-
else if (name.startsWith("sigv4")) {
|
|
284
|
-
schemeId = "aws.auth#sigv4";
|
|
285
|
-
}
|
|
286
|
-
else {
|
|
287
|
-
throw new Error(`Unknown HttpAuthScheme found in '@smithy.rules#endpointRuleSet': '${name}'`);
|
|
288
|
-
}
|
|
289
|
-
const createOption = createHttpAuthOptionFunctions[schemeId];
|
|
290
|
-
if (!createOption) {
|
|
291
|
-
throw new Error(`Could not find HttpAuthOption create function for '${schemeId}'`);
|
|
292
|
-
}
|
|
293
|
-
const option = createOption(authParameters);
|
|
294
|
-
option.schemeId = schemeId;
|
|
295
|
-
option.signingProperties = { ...(option.signingProperties || {}), ...rest, ...properties };
|
|
296
|
-
options.push(option);
|
|
297
|
-
}
|
|
298
|
-
return options;
|
|
299
|
-
};
|
|
300
|
-
return endpointRuleSetHttpAuthSchemeProvider;
|
|
301
|
-
};
|
|
302
|
-
const _defaultSTSHttpAuthSchemeProvider = (authParameters) => {
|
|
303
|
-
const options = [];
|
|
304
|
-
switch (authParameters.operation) {
|
|
305
|
-
case "AssumeRoleWithWebIdentity": {
|
|
306
|
-
options.push(createSmithyApiNoAuthHttpAuthOption());
|
|
307
|
-
options.push(createAwsAuthSigv4aHttpAuthOption(authParameters));
|
|
308
|
-
break;
|
|
309
|
-
}
|
|
310
|
-
default: {
|
|
311
|
-
options.push(createAwsAuthSigv4HttpAuthOption(authParameters));
|
|
312
|
-
options.push(createAwsAuthSigv4aHttpAuthOption(authParameters));
|
|
313
|
-
}
|
|
314
|
-
}
|
|
315
|
-
return options;
|
|
316
|
-
};
|
|
317
|
-
const defaultSTSHttpAuthSchemeProvider = createEndpointRuleSetHttpAuthSchemeProvider(defaultEndpointResolver, _defaultSTSHttpAuthSchemeProvider, {
|
|
318
|
-
"aws.auth#sigv4": createAwsAuthSigv4HttpAuthOption,
|
|
319
|
-
"aws.auth#sigv4a": createAwsAuthSigv4aHttpAuthOption,
|
|
320
|
-
"smithy.api#noAuth": createSmithyApiNoAuthHttpAuthOption,
|
|
321
|
-
});
|
|
322
|
-
const resolveHttpAuthSchemeConfig = (config) => {
|
|
323
|
-
const config_0 = resolveAwsSdkSigV4Config(config);
|
|
324
|
-
const config_1 = resolveAwsSdkSigV4AConfig(config_0);
|
|
325
|
-
return Object.assign(config_1, {
|
|
326
|
-
authSchemePreference: normalizeProvider(config.authSchemePreference ?? []),
|
|
327
|
-
});
|
|
328
|
-
};
|
|
329
|
-
|
|
330
|
-
const resolveClientEndpointParameters = (options) => {
|
|
331
|
-
return Object.assign(options, {
|
|
332
|
-
useDualstackEndpoint: options.useDualstackEndpoint ?? false,
|
|
333
|
-
useFipsEndpoint: options.useFipsEndpoint ?? false,
|
|
334
|
-
useGlobalEndpoint: options.useGlobalEndpoint ?? false,
|
|
335
|
-
defaultSigningName: "sts",
|
|
336
|
-
});
|
|
337
|
-
};
|
|
338
|
-
const commonParams = {
|
|
339
|
-
UseGlobalEndpoint: { type: "builtInParams", name: "useGlobalEndpoint" },
|
|
340
|
-
UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" },
|
|
341
|
-
Endpoint: { type: "builtInParams", name: "endpoint" },
|
|
342
|
-
Region: { type: "builtInParams", name: "region" },
|
|
343
|
-
UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" },
|
|
344
|
-
};
|
|
345
|
-
|
|
346
|
-
class STSServiceException extends ServiceException {
|
|
347
|
-
constructor(options) {
|
|
348
|
-
super(options);
|
|
349
|
-
Object.setPrototypeOf(this, STSServiceException.prototype);
|
|
350
|
-
}
|
|
351
|
-
}
|
|
352
|
-
|
|
353
|
-
class ExpiredTokenException extends STSServiceException {
|
|
354
|
-
name = "ExpiredTokenException";
|
|
355
|
-
$fault = "client";
|
|
356
|
-
constructor(opts) {
|
|
357
|
-
super({
|
|
358
|
-
name: "ExpiredTokenException",
|
|
359
|
-
$fault: "client",
|
|
360
|
-
...opts,
|
|
361
|
-
});
|
|
362
|
-
Object.setPrototypeOf(this, ExpiredTokenException.prototype);
|
|
363
|
-
}
|
|
364
|
-
}
|
|
365
|
-
class MalformedPolicyDocumentException extends STSServiceException {
|
|
366
|
-
name = "MalformedPolicyDocumentException";
|
|
367
|
-
$fault = "client";
|
|
368
|
-
constructor(opts) {
|
|
369
|
-
super({
|
|
370
|
-
name: "MalformedPolicyDocumentException",
|
|
371
|
-
$fault: "client",
|
|
372
|
-
...opts,
|
|
373
|
-
});
|
|
374
|
-
Object.setPrototypeOf(this, MalformedPolicyDocumentException.prototype);
|
|
375
|
-
}
|
|
376
|
-
}
|
|
377
|
-
class PackedPolicyTooLargeException extends STSServiceException {
|
|
378
|
-
name = "PackedPolicyTooLargeException";
|
|
379
|
-
$fault = "client";
|
|
380
|
-
constructor(opts) {
|
|
381
|
-
super({
|
|
382
|
-
name: "PackedPolicyTooLargeException",
|
|
383
|
-
$fault: "client",
|
|
384
|
-
...opts,
|
|
385
|
-
});
|
|
386
|
-
Object.setPrototypeOf(this, PackedPolicyTooLargeException.prototype);
|
|
387
|
-
}
|
|
388
|
-
}
|
|
389
|
-
class RegionDisabledException extends STSServiceException {
|
|
390
|
-
name = "RegionDisabledException";
|
|
391
|
-
$fault = "client";
|
|
392
|
-
constructor(opts) {
|
|
393
|
-
super({
|
|
394
|
-
name: "RegionDisabledException",
|
|
395
|
-
$fault: "client",
|
|
396
|
-
...opts,
|
|
397
|
-
});
|
|
398
|
-
Object.setPrototypeOf(this, RegionDisabledException.prototype);
|
|
399
|
-
}
|
|
400
|
-
}
|
|
401
|
-
class IDPRejectedClaimException extends STSServiceException {
|
|
402
|
-
name = "IDPRejectedClaimException";
|
|
403
|
-
$fault = "client";
|
|
404
|
-
constructor(opts) {
|
|
405
|
-
super({
|
|
406
|
-
name: "IDPRejectedClaimException",
|
|
407
|
-
$fault: "client",
|
|
408
|
-
...opts,
|
|
409
|
-
});
|
|
410
|
-
Object.setPrototypeOf(this, IDPRejectedClaimException.prototype);
|
|
411
|
-
}
|
|
412
|
-
}
|
|
413
|
-
class InvalidIdentityTokenException extends STSServiceException {
|
|
414
|
-
name = "InvalidIdentityTokenException";
|
|
415
|
-
$fault = "client";
|
|
416
|
-
constructor(opts) {
|
|
417
|
-
super({
|
|
418
|
-
name: "InvalidIdentityTokenException",
|
|
419
|
-
$fault: "client",
|
|
420
|
-
...opts,
|
|
421
|
-
});
|
|
422
|
-
Object.setPrototypeOf(this, InvalidIdentityTokenException.prototype);
|
|
423
|
-
}
|
|
424
|
-
}
|
|
425
|
-
class IDPCommunicationErrorException extends STSServiceException {
|
|
426
|
-
name = "IDPCommunicationErrorException";
|
|
427
|
-
$fault = "client";
|
|
428
|
-
$retryable = {};
|
|
429
|
-
constructor(opts) {
|
|
430
|
-
super({
|
|
431
|
-
name: "IDPCommunicationErrorException",
|
|
432
|
-
$fault: "client",
|
|
433
|
-
...opts,
|
|
434
|
-
});
|
|
435
|
-
Object.setPrototypeOf(this, IDPCommunicationErrorException.prototype);
|
|
436
|
-
}
|
|
437
|
-
}
|
|
438
|
-
|
|
439
|
-
const _A = "Arn";
|
|
440
|
-
const _AKI = "AccessKeyId";
|
|
441
|
-
const _AR = "AssumeRole";
|
|
442
|
-
const _ARI = "AssumedRoleId";
|
|
443
|
-
const _ARR = "AssumeRoleRequest";
|
|
444
|
-
const _ARRs = "AssumeRoleResponse";
|
|
445
|
-
const _ARU = "AssumedRoleUser";
|
|
446
|
-
const _ARWWI = "AssumeRoleWithWebIdentity";
|
|
447
|
-
const _ARWWIR = "AssumeRoleWithWebIdentityRequest";
|
|
448
|
-
const _ARWWIRs = "AssumeRoleWithWebIdentityResponse";
|
|
449
|
-
const _Au = "Audience";
|
|
450
|
-
const _C = "Credentials";
|
|
451
|
-
const _CA = "ContextAssertion";
|
|
452
|
-
const _DS = "DurationSeconds";
|
|
453
|
-
const _E = "Expiration";
|
|
454
|
-
const _EI = "ExternalId";
|
|
455
|
-
const _ETE = "ExpiredTokenException";
|
|
456
|
-
const _IDPCEE = "IDPCommunicationErrorException";
|
|
457
|
-
const _IDPRCE = "IDPRejectedClaimException";
|
|
458
|
-
const _IITE = "InvalidIdentityTokenException";
|
|
459
|
-
const _K = "Key";
|
|
460
|
-
const _MPDE = "MalformedPolicyDocumentException";
|
|
461
|
-
const _P = "Policy";
|
|
462
|
-
const _PA = "PolicyArns";
|
|
463
|
-
const _PAr = "ProviderArn";
|
|
464
|
-
const _PC = "ProvidedContexts";
|
|
465
|
-
const _PCLT = "ProvidedContextsListType";
|
|
466
|
-
const _PCr = "ProvidedContext";
|
|
467
|
-
const _PDT = "PolicyDescriptorType";
|
|
468
|
-
const _PI = "ProviderId";
|
|
469
|
-
const _PPS = "PackedPolicySize";
|
|
470
|
-
const _PPTLE = "PackedPolicyTooLargeException";
|
|
471
|
-
const _Pr = "Provider";
|
|
472
|
-
const _RA = "RoleArn";
|
|
473
|
-
const _RDE = "RegionDisabledException";
|
|
474
|
-
const _RSN = "RoleSessionName";
|
|
475
|
-
const _SAK = "SecretAccessKey";
|
|
476
|
-
const _SFWIT = "SubjectFromWebIdentityToken";
|
|
477
|
-
const _SI = "SourceIdentity";
|
|
478
|
-
const _SN = "SerialNumber";
|
|
479
|
-
const _ST = "SessionToken";
|
|
480
|
-
const _T = "Tags";
|
|
481
|
-
const _TC = "TokenCode";
|
|
482
|
-
const _TTK = "TransitiveTagKeys";
|
|
483
|
-
const _Ta = "Tag";
|
|
484
|
-
const _V = "Value";
|
|
485
|
-
const _WIT = "WebIdentityToken";
|
|
486
|
-
const _a = "arn";
|
|
487
|
-
const _aKST = "accessKeySecretType";
|
|
488
|
-
const _aQE = "awsQueryError";
|
|
489
|
-
const _c = "client";
|
|
490
|
-
const _cTT = "clientTokenType";
|
|
491
|
-
const _e = "error";
|
|
492
|
-
const _hE = "httpError";
|
|
493
|
-
const _m = "message";
|
|
494
|
-
const _pDLT = "policyDescriptorListType";
|
|
495
|
-
const _s = "smithy.ts.sdk.synthetic.com.amazonaws.sts";
|
|
496
|
-
const _tLT = "tagListType";
|
|
497
|
-
const n0 = "com.amazonaws.sts";
|
|
498
|
-
const _s_registry = TypeRegistry.for(_s);
|
|
499
|
-
var STSServiceException$ = [-3, _s, "STSServiceException", 0, [], []];
|
|
500
|
-
_s_registry.registerError(STSServiceException$, STSServiceException);
|
|
501
|
-
const n0_registry = TypeRegistry.for(n0);
|
|
502
|
-
var ExpiredTokenException$ = [
|
|
503
|
-
-3,
|
|
504
|
-
n0,
|
|
505
|
-
_ETE,
|
|
506
|
-
{ [_aQE]: [`ExpiredTokenException`, 400], [_e]: _c, [_hE]: 400 },
|
|
507
|
-
[_m],
|
|
508
|
-
[0],
|
|
509
|
-
];
|
|
510
|
-
n0_registry.registerError(ExpiredTokenException$, ExpiredTokenException);
|
|
511
|
-
var IDPCommunicationErrorException$ = [
|
|
512
|
-
-3,
|
|
513
|
-
n0,
|
|
514
|
-
_IDPCEE,
|
|
515
|
-
{ [_aQE]: [`IDPCommunicationError`, 400], [_e]: _c, [_hE]: 400 },
|
|
516
|
-
[_m],
|
|
517
|
-
[0],
|
|
518
|
-
];
|
|
519
|
-
n0_registry.registerError(IDPCommunicationErrorException$, IDPCommunicationErrorException);
|
|
520
|
-
var IDPRejectedClaimException$ = [
|
|
521
|
-
-3,
|
|
522
|
-
n0,
|
|
523
|
-
_IDPRCE,
|
|
524
|
-
{ [_aQE]: [`IDPRejectedClaim`, 403], [_e]: _c, [_hE]: 403 },
|
|
525
|
-
[_m],
|
|
526
|
-
[0],
|
|
527
|
-
];
|
|
528
|
-
n0_registry.registerError(IDPRejectedClaimException$, IDPRejectedClaimException);
|
|
529
|
-
var InvalidIdentityTokenException$ = [
|
|
530
|
-
-3,
|
|
531
|
-
n0,
|
|
532
|
-
_IITE,
|
|
533
|
-
{ [_aQE]: [`InvalidIdentityToken`, 400], [_e]: _c, [_hE]: 400 },
|
|
534
|
-
[_m],
|
|
535
|
-
[0],
|
|
536
|
-
];
|
|
537
|
-
n0_registry.registerError(InvalidIdentityTokenException$, InvalidIdentityTokenException);
|
|
538
|
-
var MalformedPolicyDocumentException$ = [
|
|
539
|
-
-3,
|
|
540
|
-
n0,
|
|
541
|
-
_MPDE,
|
|
542
|
-
{ [_aQE]: [`MalformedPolicyDocument`, 400], [_e]: _c, [_hE]: 400 },
|
|
543
|
-
[_m],
|
|
544
|
-
[0],
|
|
545
|
-
];
|
|
546
|
-
n0_registry.registerError(MalformedPolicyDocumentException$, MalformedPolicyDocumentException);
|
|
547
|
-
var PackedPolicyTooLargeException$ = [
|
|
548
|
-
-3,
|
|
549
|
-
n0,
|
|
550
|
-
_PPTLE,
|
|
551
|
-
{ [_aQE]: [`PackedPolicyTooLarge`, 400], [_e]: _c, [_hE]: 400 },
|
|
552
|
-
[_m],
|
|
553
|
-
[0],
|
|
554
|
-
];
|
|
555
|
-
n0_registry.registerError(PackedPolicyTooLargeException$, PackedPolicyTooLargeException);
|
|
556
|
-
var RegionDisabledException$ = [
|
|
557
|
-
-3,
|
|
558
|
-
n0,
|
|
559
|
-
_RDE,
|
|
560
|
-
{ [_aQE]: [`RegionDisabledException`, 403], [_e]: _c, [_hE]: 403 },
|
|
561
|
-
[_m],
|
|
562
|
-
[0],
|
|
563
|
-
];
|
|
564
|
-
n0_registry.registerError(RegionDisabledException$, RegionDisabledException);
|
|
565
|
-
const errorTypeRegistries = [_s_registry, n0_registry];
|
|
566
|
-
var accessKeySecretType = [0, n0, _aKST, 8, 0];
|
|
567
|
-
var clientTokenType = [0, n0, _cTT, 8, 0];
|
|
568
|
-
var AssumedRoleUser$ = [3, n0, _ARU, 0, [_ARI, _A], [0, 0], 2];
|
|
569
|
-
var AssumeRoleRequest$ = [
|
|
570
|
-
3,
|
|
571
|
-
n0,
|
|
572
|
-
_ARR,
|
|
573
|
-
0,
|
|
574
|
-
[_RA, _RSN, _PA, _P, _DS, _T, _TTK, _EI, _SN, _TC, _SI, _PC],
|
|
575
|
-
[0, 0, () => policyDescriptorListType, 0, 1, () => tagListType, 64 | 0, 0, 0, 0, 0, () => ProvidedContextsListType],
|
|
576
|
-
2,
|
|
577
|
-
];
|
|
578
|
-
var AssumeRoleResponse$ = [
|
|
579
|
-
3,
|
|
580
|
-
n0,
|
|
581
|
-
_ARRs,
|
|
582
|
-
0,
|
|
583
|
-
[_C, _ARU, _PPS, _SI],
|
|
584
|
-
[[() => Credentials$, 0], () => AssumedRoleUser$, 1, 0],
|
|
585
|
-
];
|
|
586
|
-
var AssumeRoleWithWebIdentityRequest$ = [
|
|
587
|
-
3,
|
|
588
|
-
n0,
|
|
589
|
-
_ARWWIR,
|
|
590
|
-
0,
|
|
591
|
-
[_RA, _RSN, _WIT, _PI, _PA, _P, _DS],
|
|
592
|
-
[0, 0, [() => clientTokenType, 0], 0, () => policyDescriptorListType, 0, 1],
|
|
593
|
-
3,
|
|
594
|
-
];
|
|
595
|
-
var AssumeRoleWithWebIdentityResponse$ = [
|
|
596
|
-
3,
|
|
597
|
-
n0,
|
|
598
|
-
_ARWWIRs,
|
|
599
|
-
0,
|
|
600
|
-
[_C, _SFWIT, _ARU, _PPS, _Pr, _Au, _SI],
|
|
601
|
-
[[() => Credentials$, 0], 0, () => AssumedRoleUser$, 1, 0, 0, 0],
|
|
602
|
-
];
|
|
603
|
-
var Credentials$ = [
|
|
604
|
-
3,
|
|
605
|
-
n0,
|
|
606
|
-
_C,
|
|
607
|
-
0,
|
|
608
|
-
[_AKI, _SAK, _ST, _E],
|
|
609
|
-
[0, [() => accessKeySecretType, 0], 0, 4],
|
|
610
|
-
4,
|
|
611
|
-
];
|
|
612
|
-
var PolicyDescriptorType$ = [3, n0, _PDT, 0, [_a], [0]];
|
|
613
|
-
var ProvidedContext$ = [3, n0, _PCr, 0, [_PAr, _CA], [0, 0]];
|
|
614
|
-
var Tag$ = [3, n0, _Ta, 0, [_K, _V], [0, 0], 2];
|
|
615
|
-
var policyDescriptorListType = [1, n0, _pDLT, 0, () => PolicyDescriptorType$];
|
|
616
|
-
var ProvidedContextsListType = [1, n0, _PCLT, 0, () => ProvidedContext$];
|
|
617
|
-
var tagListType = [1, n0, _tLT, 0, () => Tag$];
|
|
618
|
-
var AssumeRole$ = [9, n0, _AR, 0, () => AssumeRoleRequest$, () => AssumeRoleResponse$];
|
|
619
|
-
var AssumeRoleWithWebIdentity$ = [
|
|
620
|
-
9,
|
|
621
|
-
n0,
|
|
622
|
-
_ARWWI,
|
|
623
|
-
0,
|
|
624
|
-
() => AssumeRoleWithWebIdentityRequest$,
|
|
625
|
-
() => AssumeRoleWithWebIdentityResponse$,
|
|
626
|
-
];
|
|
627
|
-
|
|
628
|
-
const getRuntimeConfig$1 = (config) => {
|
|
629
|
-
return {
|
|
630
|
-
apiVersion: "2011-06-15",
|
|
631
|
-
base64Decoder: config?.base64Decoder ?? fromBase64,
|
|
632
|
-
base64Encoder: config?.base64Encoder ?? toBase64,
|
|
633
|
-
disableHostPrefix: config?.disableHostPrefix ?? false,
|
|
634
|
-
endpointProvider: config?.endpointProvider ?? defaultEndpointResolver,
|
|
635
|
-
extensions: config?.extensions ?? [],
|
|
636
|
-
httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSTSHttpAuthSchemeProvider,
|
|
637
|
-
httpAuthSchemes: config?.httpAuthSchemes ?? [
|
|
638
|
-
{
|
|
639
|
-
schemeId: "aws.auth#sigv4",
|
|
640
|
-
identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"),
|
|
641
|
-
signer: new AwsSdkSigV4Signer(),
|
|
642
|
-
},
|
|
643
|
-
{
|
|
644
|
-
schemeId: "aws.auth#sigv4a",
|
|
645
|
-
identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4a"),
|
|
646
|
-
signer: new AwsSdkSigV4ASigner(),
|
|
647
|
-
},
|
|
648
|
-
{
|
|
649
|
-
schemeId: "smithy.api#noAuth",
|
|
650
|
-
identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
|
|
651
|
-
signer: new NoAuthSigner(),
|
|
652
|
-
},
|
|
653
|
-
],
|
|
654
|
-
logger: config?.logger ?? new NoOpLogger(),
|
|
655
|
-
protocol: config?.protocol ?? AwsQueryProtocol,
|
|
656
|
-
protocolSettings: config?.protocolSettings ?? {
|
|
657
|
-
defaultNamespace: "com.amazonaws.sts",
|
|
658
|
-
errorTypeRegistries,
|
|
659
|
-
xmlNamespace: "https://sts.amazonaws.com/doc/2011-06-15/",
|
|
660
|
-
version: "2011-06-15",
|
|
661
|
-
serviceTarget: "AWSSecurityTokenServiceV20110615",
|
|
662
|
-
},
|
|
663
|
-
serviceId: config?.serviceId ?? "STS",
|
|
664
|
-
signerConstructor: config?.signerConstructor ?? SignatureV4MultiRegion,
|
|
665
|
-
urlParser: config?.urlParser ?? parseUrl,
|
|
666
|
-
utf8Decoder: config?.utf8Decoder ?? fromUtf8,
|
|
667
|
-
utf8Encoder: config?.utf8Encoder ?? toUtf8,
|
|
668
|
-
};
|
|
669
|
-
};
|
|
670
|
-
|
|
671
|
-
const getRuntimeConfig = (config) => {
|
|
672
|
-
emitWarningIfUnsupportedVersion(process.version);
|
|
673
|
-
const defaultsMode = resolveDefaultsModeConfig(config);
|
|
674
|
-
const defaultConfigProvider = () => defaultsMode().then(loadConfigsForDefaultMode);
|
|
675
|
-
const clientSharedValues = getRuntimeConfig$1(config);
|
|
676
|
-
emitWarningIfUnsupportedVersion$1(process.version);
|
|
677
|
-
const loaderConfig = {
|
|
678
|
-
profile: config?.profile,
|
|
679
|
-
logger: clientSharedValues.logger,
|
|
680
|
-
};
|
|
681
|
-
return {
|
|
682
|
-
...clientSharedValues,
|
|
683
|
-
...config,
|
|
684
|
-
runtime: "node",
|
|
685
|
-
defaultsMode,
|
|
686
|
-
authSchemePreference: config?.authSchemePreference ?? loadConfig(NODE_AUTH_SCHEME_PREFERENCE_OPTIONS, loaderConfig),
|
|
687
|
-
bodyLengthChecker: config?.bodyLengthChecker ?? calculateBodyLength,
|
|
688
|
-
defaultUserAgentProvider: config?.defaultUserAgentProvider ??
|
|
689
|
-
createDefaultUserAgentProvider({ serviceId: clientSharedValues.serviceId, clientVersion: packageInfo.version }),
|
|
690
|
-
httpAuthSchemes: config?.httpAuthSchemes ?? [
|
|
691
|
-
{
|
|
692
|
-
schemeId: "aws.auth#sigv4",
|
|
693
|
-
identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4") ||
|
|
694
|
-
(async (idProps) => await config.credentialDefaultProvider(idProps?.__config || {})()),
|
|
695
|
-
signer: new AwsSdkSigV4Signer(),
|
|
696
|
-
},
|
|
697
|
-
{
|
|
698
|
-
schemeId: "aws.auth#sigv4a",
|
|
699
|
-
identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4a"),
|
|
700
|
-
signer: new AwsSdkSigV4ASigner(),
|
|
701
|
-
},
|
|
702
|
-
{
|
|
703
|
-
schemeId: "smithy.api#noAuth",
|
|
704
|
-
identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
|
|
705
|
-
signer: new NoAuthSigner(),
|
|
706
|
-
},
|
|
707
|
-
],
|
|
708
|
-
maxAttempts: config?.maxAttempts ?? loadConfig(NODE_MAX_ATTEMPT_CONFIG_OPTIONS, config),
|
|
709
|
-
region: config?.region ??
|
|
710
|
-
loadConfig(NODE_REGION_CONFIG_OPTIONS, { ...NODE_REGION_CONFIG_FILE_OPTIONS, ...loaderConfig }),
|
|
711
|
-
requestHandler: NodeHttpHandler.create(config?.requestHandler ?? defaultConfigProvider),
|
|
712
|
-
retryMode: config?.retryMode ??
|
|
713
|
-
loadConfig({
|
|
714
|
-
...NODE_RETRY_MODE_CONFIG_OPTIONS,
|
|
715
|
-
default: async () => (await defaultConfigProvider()).retryMode || DEFAULT_RETRY_MODE,
|
|
716
|
-
}, config),
|
|
717
|
-
sha256: config?.sha256 ?? Hash.bind(null, "sha256"),
|
|
718
|
-
sigv4aSigningRegionSet: config?.sigv4aSigningRegionSet ?? loadConfig(NODE_SIGV4A_CONFIG_OPTIONS, loaderConfig),
|
|
719
|
-
streamCollector: config?.streamCollector ?? streamCollector,
|
|
720
|
-
useDualstackEndpoint: config?.useDualstackEndpoint ?? loadConfig(NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS, loaderConfig),
|
|
721
|
-
useFipsEndpoint: config?.useFipsEndpoint ?? loadConfig(NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS, loaderConfig),
|
|
722
|
-
userAgentAppId: config?.userAgentAppId ?? loadConfig(NODE_APP_ID_CONFIG_OPTIONS, loaderConfig),
|
|
723
|
-
};
|
|
724
|
-
};
|
|
725
|
-
|
|
726
|
-
const getHttpAuthExtensionConfiguration = (runtimeConfig) => {
|
|
727
|
-
const _httpAuthSchemes = runtimeConfig.httpAuthSchemes;
|
|
728
|
-
let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider;
|
|
729
|
-
let _credentials = runtimeConfig.credentials;
|
|
730
|
-
return {
|
|
731
|
-
setHttpAuthScheme(httpAuthScheme) {
|
|
732
|
-
const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId);
|
|
733
|
-
if (index === -1) {
|
|
734
|
-
_httpAuthSchemes.push(httpAuthScheme);
|
|
735
|
-
}
|
|
736
|
-
else {
|
|
737
|
-
_httpAuthSchemes.splice(index, 1, httpAuthScheme);
|
|
738
|
-
}
|
|
739
|
-
},
|
|
740
|
-
httpAuthSchemes() {
|
|
741
|
-
return _httpAuthSchemes;
|
|
742
|
-
},
|
|
743
|
-
setHttpAuthSchemeProvider(httpAuthSchemeProvider) {
|
|
744
|
-
_httpAuthSchemeProvider = httpAuthSchemeProvider;
|
|
745
|
-
},
|
|
746
|
-
httpAuthSchemeProvider() {
|
|
747
|
-
return _httpAuthSchemeProvider;
|
|
748
|
-
},
|
|
749
|
-
setCredentials(credentials) {
|
|
750
|
-
_credentials = credentials;
|
|
751
|
-
},
|
|
752
|
-
credentials() {
|
|
753
|
-
return _credentials;
|
|
754
|
-
},
|
|
755
|
-
};
|
|
756
|
-
};
|
|
757
|
-
const resolveHttpAuthRuntimeConfig = (config) => {
|
|
758
|
-
return {
|
|
759
|
-
httpAuthSchemes: config.httpAuthSchemes(),
|
|
760
|
-
httpAuthSchemeProvider: config.httpAuthSchemeProvider(),
|
|
761
|
-
credentials: config.credentials(),
|
|
762
|
-
};
|
|
763
|
-
};
|
|
764
|
-
|
|
765
|
-
const resolveRuntimeExtensions = (runtimeConfig, extensions) => {
|
|
766
|
-
const extensionConfiguration = Object.assign(getAwsRegionExtensionConfiguration(runtimeConfig), getDefaultExtensionConfiguration(runtimeConfig), getHttpHandlerExtensionConfiguration(runtimeConfig), getHttpAuthExtensionConfiguration(runtimeConfig));
|
|
767
|
-
extensions.forEach((extension) => extension.configure(extensionConfiguration));
|
|
768
|
-
return Object.assign(runtimeConfig, resolveAwsRegionExtensionConfiguration(extensionConfiguration), resolveDefaultRuntimeConfig(extensionConfiguration), resolveHttpHandlerRuntimeConfig(extensionConfiguration), resolveHttpAuthRuntimeConfig(extensionConfiguration));
|
|
769
|
-
};
|
|
770
|
-
|
|
771
|
-
class STSClient extends Client {
|
|
772
|
-
config;
|
|
773
|
-
constructor(...[configuration]) {
|
|
774
|
-
const _config_0 = getRuntimeConfig(configuration || {});
|
|
775
|
-
super(_config_0);
|
|
776
|
-
this.initConfig = _config_0;
|
|
777
|
-
const _config_1 = resolveClientEndpointParameters(_config_0);
|
|
778
|
-
const _config_2 = resolveUserAgentConfig(_config_1);
|
|
779
|
-
const _config_3 = resolveRetryConfig(_config_2);
|
|
780
|
-
const _config_4 = resolveRegionConfig(_config_3);
|
|
781
|
-
const _config_5 = resolveHostHeaderConfig(_config_4);
|
|
782
|
-
const _config_6 = resolveEndpointConfig(_config_5);
|
|
783
|
-
const _config_7 = resolveHttpAuthSchemeConfig(_config_6);
|
|
784
|
-
const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []);
|
|
785
|
-
this.config = _config_8;
|
|
786
|
-
this.middlewareStack.use(getSchemaSerdePlugin(this.config));
|
|
787
|
-
this.middlewareStack.use(getUserAgentPlugin(this.config));
|
|
788
|
-
this.middlewareStack.use(getRetryPlugin(this.config));
|
|
789
|
-
this.middlewareStack.use(getContentLengthPlugin(this.config));
|
|
790
|
-
this.middlewareStack.use(getHostHeaderPlugin(this.config));
|
|
791
|
-
this.middlewareStack.use(getLoggerPlugin(this.config));
|
|
792
|
-
this.middlewareStack.use(getRecursionDetectionPlugin(this.config));
|
|
793
|
-
this.middlewareStack.use(getHttpAuthSchemeEndpointRuleSetPlugin(this.config, {
|
|
794
|
-
httpAuthSchemeParametersProvider: defaultSTSHttpAuthSchemeParametersProvider,
|
|
795
|
-
identityProviderConfigProvider: async (config) => new DefaultIdentityProviderConfig({
|
|
796
|
-
"aws.auth#sigv4": config.credentials,
|
|
797
|
-
"aws.auth#sigv4a": config.credentials,
|
|
798
|
-
}),
|
|
799
|
-
}));
|
|
800
|
-
this.middlewareStack.use(getHttpSigningPlugin(this.config));
|
|
801
|
-
}
|
|
802
|
-
destroy() {
|
|
803
|
-
super.destroy();
|
|
804
|
-
}
|
|
805
|
-
}
|
|
806
|
-
|
|
807
|
-
class AssumeRoleCommand extends Command
|
|
808
|
-
.classBuilder()
|
|
809
|
-
.ep(commonParams)
|
|
810
|
-
.m(function (Command, cs, config, o) {
|
|
811
|
-
return [getEndpointPlugin(config, Command.getEndpointParameterInstructions())];
|
|
812
|
-
})
|
|
813
|
-
.s("AWSSecurityTokenServiceV20110615", "AssumeRole", {})
|
|
814
|
-
.n("STSClient", "AssumeRoleCommand")
|
|
815
|
-
.sc(AssumeRole$)
|
|
816
|
-
.build() {
|
|
817
|
-
}
|
|
818
|
-
|
|
819
|
-
class AssumeRoleWithWebIdentityCommand extends Command
|
|
820
|
-
.classBuilder()
|
|
821
|
-
.ep(commonParams)
|
|
822
|
-
.m(function (Command, cs, config, o) {
|
|
823
|
-
return [getEndpointPlugin(config, Command.getEndpointParameterInstructions())];
|
|
824
|
-
})
|
|
825
|
-
.s("AWSSecurityTokenServiceV20110615", "AssumeRoleWithWebIdentity", {})
|
|
826
|
-
.n("STSClient", "AssumeRoleWithWebIdentityCommand")
|
|
827
|
-
.sc(AssumeRoleWithWebIdentity$)
|
|
828
|
-
.build() {
|
|
829
|
-
}
|
|
830
|
-
|
|
831
|
-
const getAccountIdFromAssumedRoleUser = (assumedRoleUser) => {
|
|
832
|
-
if (typeof assumedRoleUser?.Arn === "string") {
|
|
833
|
-
const arnComponents = assumedRoleUser.Arn.split(":");
|
|
834
|
-
if (arnComponents.length > 4 && arnComponents[4] !== "") {
|
|
835
|
-
return arnComponents[4];
|
|
836
|
-
}
|
|
837
|
-
}
|
|
838
|
-
return undefined;
|
|
839
|
-
};
|
|
840
|
-
const resolveRegion = async (_region, _parentRegion, credentialProviderLogger, loaderConfig = {}) => {
|
|
841
|
-
const region = typeof _region === "function" ? await _region() : _region;
|
|
842
|
-
const parentRegion = typeof _parentRegion === "function" ? await _parentRegion() : _parentRegion;
|
|
843
|
-
let stsDefaultRegion = "";
|
|
844
|
-
const resolvedRegion = region ?? parentRegion ?? (stsDefaultRegion = await stsRegionDefaultResolver(loaderConfig)());
|
|
845
|
-
credentialProviderLogger?.debug?.("@aws-sdk/client-sts::resolveRegion", "accepting first of:", `${region} (credential provider clientConfig)`, `${parentRegion} (contextual client)`, `${stsDefaultRegion} (STS default: AWS_REGION, profile region, or us-east-1)`);
|
|
846
|
-
return resolvedRegion;
|
|
847
|
-
};
|
|
848
|
-
const getDefaultRoleAssumer$1 = (stsOptions, STSClient) => {
|
|
849
|
-
let stsClient;
|
|
850
|
-
let closureSourceCreds;
|
|
851
|
-
return async (sourceCreds, params) => {
|
|
852
|
-
closureSourceCreds = sourceCreds;
|
|
853
|
-
if (!stsClient) {
|
|
854
|
-
const { logger = stsOptions?.parentClientConfig?.logger, profile = stsOptions?.parentClientConfig?.profile, region, requestHandler = stsOptions?.parentClientConfig?.requestHandler, credentialProviderLogger, userAgentAppId = stsOptions?.parentClientConfig?.userAgentAppId, } = stsOptions;
|
|
855
|
-
const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger, {
|
|
856
|
-
logger,
|
|
857
|
-
profile,
|
|
858
|
-
});
|
|
859
|
-
const isCompatibleRequestHandler = !isH2(requestHandler);
|
|
860
|
-
stsClient = new STSClient({
|
|
861
|
-
...stsOptions,
|
|
862
|
-
userAgentAppId,
|
|
863
|
-
profile,
|
|
864
|
-
credentialDefaultProvider: () => async () => closureSourceCreds,
|
|
865
|
-
region: resolvedRegion,
|
|
866
|
-
requestHandler: isCompatibleRequestHandler ? requestHandler : undefined,
|
|
867
|
-
logger: logger,
|
|
868
|
-
});
|
|
869
|
-
}
|
|
870
|
-
const { Credentials, AssumedRoleUser } = await stsClient.send(new AssumeRoleCommand(params));
|
|
871
|
-
if (!Credentials || !Credentials.AccessKeyId || !Credentials.SecretAccessKey) {
|
|
872
|
-
throw new Error(`Invalid response from STS.assumeRole call with role ${params.RoleArn}`);
|
|
873
|
-
}
|
|
874
|
-
const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser);
|
|
875
|
-
const credentials = {
|
|
876
|
-
accessKeyId: Credentials.AccessKeyId,
|
|
877
|
-
secretAccessKey: Credentials.SecretAccessKey,
|
|
878
|
-
sessionToken: Credentials.SessionToken,
|
|
879
|
-
expiration: Credentials.Expiration,
|
|
880
|
-
...(Credentials.CredentialScope && { credentialScope: Credentials.CredentialScope }),
|
|
881
|
-
...(accountId && { accountId }),
|
|
882
|
-
};
|
|
883
|
-
setCredentialFeature(credentials, "CREDENTIALS_STS_ASSUME_ROLE", "i");
|
|
884
|
-
return credentials;
|
|
885
|
-
};
|
|
886
|
-
};
|
|
887
|
-
const getDefaultRoleAssumerWithWebIdentity$1 = (stsOptions, STSClient) => {
|
|
888
|
-
let stsClient;
|
|
889
|
-
return async (params) => {
|
|
890
|
-
if (!stsClient) {
|
|
891
|
-
const { logger = stsOptions?.parentClientConfig?.logger, profile = stsOptions?.parentClientConfig?.profile, region, requestHandler = stsOptions?.parentClientConfig?.requestHandler, credentialProviderLogger, userAgentAppId = stsOptions?.parentClientConfig?.userAgentAppId, } = stsOptions;
|
|
892
|
-
const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger, {
|
|
893
|
-
logger,
|
|
894
|
-
profile,
|
|
895
|
-
});
|
|
896
|
-
const isCompatibleRequestHandler = !isH2(requestHandler);
|
|
897
|
-
stsClient = new STSClient({
|
|
898
|
-
...stsOptions,
|
|
899
|
-
userAgentAppId,
|
|
900
|
-
profile,
|
|
901
|
-
region: resolvedRegion,
|
|
902
|
-
requestHandler: isCompatibleRequestHandler ? requestHandler : undefined,
|
|
903
|
-
logger: logger,
|
|
904
|
-
});
|
|
905
|
-
}
|
|
906
|
-
const { Credentials, AssumedRoleUser } = await stsClient.send(new AssumeRoleWithWebIdentityCommand(params));
|
|
907
|
-
if (!Credentials || !Credentials.AccessKeyId || !Credentials.SecretAccessKey) {
|
|
908
|
-
throw new Error(`Invalid response from STS.assumeRoleWithWebIdentity call with role ${params.RoleArn}`);
|
|
909
|
-
}
|
|
910
|
-
const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser);
|
|
911
|
-
const credentials = {
|
|
912
|
-
accessKeyId: Credentials.AccessKeyId,
|
|
913
|
-
secretAccessKey: Credentials.SecretAccessKey,
|
|
914
|
-
sessionToken: Credentials.SessionToken,
|
|
915
|
-
expiration: Credentials.Expiration,
|
|
916
|
-
...(Credentials.CredentialScope && { credentialScope: Credentials.CredentialScope }),
|
|
917
|
-
...(accountId && { accountId }),
|
|
918
|
-
};
|
|
919
|
-
if (accountId) {
|
|
920
|
-
setCredentialFeature(credentials, "RESOLVED_ACCOUNT_ID", "T");
|
|
921
|
-
}
|
|
922
|
-
setCredentialFeature(credentials, "CREDENTIALS_STS_ASSUME_ROLE_WEB_ID", "k");
|
|
923
|
-
return credentials;
|
|
924
|
-
};
|
|
925
|
-
};
|
|
926
|
-
const isH2 = (requestHandler) => {
|
|
927
|
-
return requestHandler?.metadata?.handlerProtocol === "h2";
|
|
928
|
-
};
|
|
929
|
-
|
|
930
|
-
const getCustomizableStsClientCtor = (baseCtor, customizations) => {
|
|
931
|
-
if (!customizations)
|
|
932
|
-
return baseCtor;
|
|
933
|
-
else
|
|
934
|
-
return class CustomizableSTSClient extends baseCtor {
|
|
935
|
-
constructor(config) {
|
|
936
|
-
super(config);
|
|
937
|
-
for (const customization of customizations) {
|
|
938
|
-
this.middlewareStack.use(customization);
|
|
939
|
-
}
|
|
940
|
-
}
|
|
941
|
-
};
|
|
942
|
-
};
|
|
943
|
-
const getDefaultRoleAssumer = (stsOptions = {}, stsPlugins) => getDefaultRoleAssumer$1(stsOptions, getCustomizableStsClientCtor(STSClient, stsPlugins));
|
|
944
|
-
const getDefaultRoleAssumerWithWebIdentity = (stsOptions = {}, stsPlugins) => getDefaultRoleAssumerWithWebIdentity$1(stsOptions, getCustomizableStsClientCtor(STSClient, stsPlugins));
|
|
945
|
-
|
|
946
|
-
export { Command as $Command, AssumeRole$, AssumeRoleCommand, AssumeRoleRequest$, AssumeRoleResponse$, AssumeRoleWithWebIdentity$, AssumeRoleWithWebIdentityCommand, AssumeRoleWithWebIdentityRequest$, AssumeRoleWithWebIdentityResponse$, AssumedRoleUser$, Credentials$, ExpiredTokenException, ExpiredTokenException$, IDPCommunicationErrorException, IDPCommunicationErrorException$, IDPRejectedClaimException, IDPRejectedClaimException$, InvalidIdentityTokenException, InvalidIdentityTokenException$, MalformedPolicyDocumentException, MalformedPolicyDocumentException$, PackedPolicyTooLargeException, PackedPolicyTooLargeException$, PolicyDescriptorType$, ProvidedContext$, RegionDisabledException, RegionDisabledException$, STSClient, STSServiceException, STSServiceException$, Tag$, Client as __Client, errorTypeRegistries, getDefaultRoleAssumer, getDefaultRoleAssumerWithWebIdentity };
|