@layerzerolabs/vm-tooling 0.0.30

package/dist/WAGFMHUT.js

@@ -0,0 +1,311 @@
+import { getProfileName, parseKnownFiles, loadSsoSessionData, getSSOTokenFromFile, getSSOTokenFilepath } from './EASTPCLB.js';
+import { setCredentialFeature } from './YVV5I7A5.js';
+import './6UWCX7SA.js';
+import { CredentialsProviderError, TokenProviderError } from './7EXYTS34.js';
+import { __name } from './VUOMXK5T.js';
+import { promises } from 'fs';
+
+// ../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/isSsoProfile.js
+var isSsoProfile = /* @__PURE__ */ __name((arg) => arg && (typeof arg.sso_start_url === "string" || typeof arg.sso_account_id === "string" || typeof arg.sso_session === "string" || typeof arg.sso_region === "string" || typeof arg.sso_role_name === "string"), "isSsoProfile");
+
+// ../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/constants.js
+var EXPIRE_WINDOW_MS = 5 * 60 * 1e3;
+var REFRESH_MESSAGE = `To refresh this SSO session run 'aws sso login' with the corresponding profile.`;
+
+// ../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/getSsoOidcClient.js
+var getSsoOidcClient = /* @__PURE__ */ __name(async (ssoRegion, init = {}) => {
+  const { SSOOIDCClient } = await import('./JBULQDMK.js');
+  const ssoOidcClient = new SSOOIDCClient(Object.assign({}, init.clientConfig ?? {}, {
+    region: ssoRegion ?? init.clientConfig?.region,
+    logger: init.clientConfig?.logger ?? init.parentClientConfig?.logger
+  }));
+  return ssoOidcClient;
+}, "getSsoOidcClient");
+
+// ../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/getNewSsoOidcToken.js
+var getNewSsoOidcToken = /* @__PURE__ */ __name(async (ssoToken, ssoRegion, init = {}) => {
+  const { CreateTokenCommand } = await import('./JBULQDMK.js');
+  const ssoOidcClient = await getSsoOidcClient(ssoRegion, init);
+  return ssoOidcClient.send(new CreateTokenCommand({
+    clientId: ssoToken.clientId,
+    clientSecret: ssoToken.clientSecret,
+    refreshToken: ssoToken.refreshToken,
+    grantType: "refresh_token"
+  }));
+}, "getNewSsoOidcToken");
+
+// ../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/validateTokenExpiry.js
+var validateTokenExpiry = /* @__PURE__ */ __name((token) => {
+  if (token.expiration && token.expiration.getTime() < Date.now()) {
+    throw new TokenProviderError(`Token is expired. ${REFRESH_MESSAGE}`, false);
+  }
+}, "validateTokenExpiry");
+
+// ../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/validateTokenKey.js
+var validateTokenKey = /* @__PURE__ */ __name((key, value, forRefresh = false) => {
+  if (typeof value === "undefined") {
+    throw new TokenProviderError(`Value not present for '${key}' in SSO Token${forRefresh ? ". Cannot refresh" : ""}. ${REFRESH_MESSAGE}`, false);
+  }
+}, "validateTokenKey");
+var { writeFile } = promises;
+var writeSSOTokenToFile = /* @__PURE__ */ __name((id, ssoToken) => {
+  const tokenFilepath = getSSOTokenFilepath(id);
+  const tokenString = JSON.stringify(ssoToken, null, 2);
+  return writeFile(tokenFilepath, tokenString);
+}, "writeSSOTokenToFile");
+
+// ../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/fromSso.js
+var lastRefreshAttemptTime = /* @__PURE__ */ new Date(0);
+var fromSso = /* @__PURE__ */ __name((_init = {}) => async ({ callerClientConfig } = {}) => {
+  const init = {
+    ..._init,
+    parentClientConfig: {
+      ...callerClientConfig,
+      ..._init.parentClientConfig
+    }
+  };
+  init.logger?.debug("@aws-sdk/token-providers - fromSso");
+  const profiles = await parseKnownFiles(init);
+  const profileName = getProfileName({
+    profile: init.profile ?? callerClientConfig?.profile
+  });
+  const profile = profiles[profileName];
+  if (!profile) {
+    throw new TokenProviderError(`Profile '${profileName}' could not be found in shared credentials file.`, false);
+  } else if (!profile["sso_session"]) {
+    throw new TokenProviderError(`Profile '${profileName}' is missing required property 'sso_session'.`);
+  }
+  const ssoSessionName = profile["sso_session"];
+  const ssoSessions = await loadSsoSessionData(init);
+  const ssoSession = ssoSessions[ssoSessionName];
+  if (!ssoSession) {
+    throw new TokenProviderError(`Sso session '${ssoSessionName}' could not be found in shared credentials file.`, false);
+  }
+  for (const ssoSessionRequiredKey of [
+    "sso_start_url",
+    "sso_region"
+  ]) {
+    if (!ssoSession[ssoSessionRequiredKey]) {
+      throw new TokenProviderError(`Sso session '${ssoSessionName}' is missing required property '${ssoSessionRequiredKey}'.`, false);
+    }
+  }
+  ssoSession["sso_start_url"];
+  const ssoRegion = ssoSession["sso_region"];
+  let ssoToken;
+  try {
+    ssoToken = await getSSOTokenFromFile(ssoSessionName);
+  } catch (e) {
+    throw new TokenProviderError(`The SSO session token associated with profile=${profileName} was not found or is invalid. ${REFRESH_MESSAGE}`, false);
+  }
+  validateTokenKey("accessToken", ssoToken.accessToken);
+  validateTokenKey("expiresAt", ssoToken.expiresAt);
+  const { accessToken, expiresAt } = ssoToken;
+  const existingToken = {
+    token: accessToken,
+    expiration: new Date(expiresAt)
+  };
+  if (existingToken.expiration.getTime() - Date.now() > EXPIRE_WINDOW_MS) {
+    return existingToken;
+  }
+  if (Date.now() - lastRefreshAttemptTime.getTime() < 30 * 1e3) {
+    validateTokenExpiry(existingToken);
+    return existingToken;
+  }
+  validateTokenKey("clientId", ssoToken.clientId, true);
+  validateTokenKey("clientSecret", ssoToken.clientSecret, true);
+  validateTokenKey("refreshToken", ssoToken.refreshToken, true);
+  try {
+    lastRefreshAttemptTime.setTime(Date.now());
+    const newSsoOidcToken = await getNewSsoOidcToken(ssoToken, ssoRegion, init);
+    validateTokenKey("accessToken", newSsoOidcToken.accessToken);
+    validateTokenKey("expiresIn", newSsoOidcToken.expiresIn);
+    const newTokenExpiration = new Date(Date.now() + newSsoOidcToken.expiresIn * 1e3);
+    try {
+      await writeSSOTokenToFile(ssoSessionName, {
+        ...ssoToken,
+        accessToken: newSsoOidcToken.accessToken,
+        expiresAt: newTokenExpiration.toISOString(),
+        refreshToken: newSsoOidcToken.refreshToken
+      });
+    } catch (error) {
+    }
+    return {
+      token: newSsoOidcToken.accessToken,
+      expiration: newTokenExpiration
+    };
+  } catch (error) {
+    validateTokenExpiry(existingToken);
+    return existingToken;
+  }
+}, "fromSso");
+
+// ../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/resolveSSOCredentials.js
+var SHOULD_FAIL_CREDENTIAL_CHAIN = false;
+var resolveSSOCredentials = /* @__PURE__ */ __name(async ({ ssoStartUrl, ssoSession, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, clientConfig, parentClientConfig, profile, logger }) => {
+  let token;
+  const refreshMessage = `To refresh this SSO session run aws sso login with the corresponding profile.`;
+  if (ssoSession) {
+    try {
+      const _token = await fromSso({
+        profile
+      })();
+      token = {
+        accessToken: _token.token,
+        expiresAt: new Date(_token.expiration).toISOString()
+      };
+    } catch (e) {
+      throw new CredentialsProviderError(e.message, {
+        tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
+        logger
+      });
+    }
+  } else {
+    try {
+      token = await getSSOTokenFromFile(ssoStartUrl);
+    } catch (e) {
+      throw new CredentialsProviderError(`The SSO session associated with this profile is invalid. ${refreshMessage}`, {
+        tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
+        logger
+      });
+    }
+  }
+  if (new Date(token.expiresAt).getTime() - Date.now() <= 0) {
+    throw new CredentialsProviderError(`The SSO session associated with this profile has expired. ${refreshMessage}`, {
+      tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
+      logger
+    });
+  }
+  const { accessToken } = token;
+  const { SSOClient, GetRoleCredentialsCommand } = await import('./4XKJ5GJB.js');
+  const sso = ssoClient || new SSOClient(Object.assign({}, clientConfig ?? {}, {
+    logger: clientConfig?.logger ?? parentClientConfig?.logger,
+    region: clientConfig?.region ?? ssoRegion
+  }));
+  let ssoResp;
+  try {
+    ssoResp = await sso.send(new GetRoleCredentialsCommand({
+      accountId: ssoAccountId,
+      roleName: ssoRoleName,
+      accessToken
+    }));
+  } catch (e) {
+    throw new CredentialsProviderError(e, {
+      tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
+      logger
+    });
+  }
+  const { roleCredentials: { accessKeyId, secretAccessKey, sessionToken, expiration, credentialScope, accountId } = {} } = ssoResp;
+  if (!accessKeyId || !secretAccessKey || !sessionToken || !expiration) {
+    throw new CredentialsProviderError("SSO returns an invalid temporary credential.", {
+      tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
+      logger
+    });
+  }
+  const credentials = {
+    accessKeyId,
+    secretAccessKey,
+    sessionToken,
+    expiration: new Date(expiration),
+    ...credentialScope && {
+      credentialScope
+    },
+    ...accountId && {
+      accountId
+    }
+  };
+  if (ssoSession) {
+    setCredentialFeature(credentials, "CREDENTIALS_SSO", "s");
+  } else {
+    setCredentialFeature(credentials, "CREDENTIALS_SSO_LEGACY", "u");
+  }
+  return credentials;
+}, "resolveSSOCredentials");
+
+// ../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/validateSsoProfile.js
+var validateSsoProfile = /* @__PURE__ */ __name((profile, logger) => {
+  const { sso_start_url, sso_account_id, sso_region, sso_role_name } = profile;
+  if (!sso_start_url || !sso_account_id || !sso_region || !sso_role_name) {
+    throw new CredentialsProviderError(`Profile is configured with invalid SSO credentials. Required parameters "sso_account_id", "sso_region", "sso_role_name", "sso_start_url". Got ${Object.keys(profile).join(", ")}
+Reference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html`, {
+      tryNextLink: false,
+      logger
+    });
+  }
+  return profile;
+}, "validateSsoProfile");
+
+// ../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/fromSSO.js
+var fromSSO = /* @__PURE__ */ __name((init = {}) => async ({ callerClientConfig } = {}) => {
+  init.logger?.debug("@aws-sdk/credential-provider-sso - fromSSO");
+  const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoSession } = init;
+  const { ssoClient } = init;
+  const profileName = getProfileName({
+    profile: init.profile ?? callerClientConfig?.profile
+  });
+  if (!ssoStartUrl && !ssoAccountId && !ssoRegion && !ssoRoleName && !ssoSession) {
+    const profiles = await parseKnownFiles(init);
+    const profile = profiles[profileName];
+    if (!profile) {
+      throw new CredentialsProviderError(`Profile ${profileName} was not found.`, {
+        logger: init.logger
+      });
+    }
+    if (!isSsoProfile(profile)) {
+      throw new CredentialsProviderError(`Profile ${profileName} is not configured with SSO credentials.`, {
+        logger: init.logger
+      });
+    }
+    if (profile?.sso_session) {
+      const ssoSessions = await loadSsoSessionData(init);
+      const session = ssoSessions[profile.sso_session];
+      const conflictMsg = ` configurations in profile ${profileName} and sso-session ${profile.sso_session}`;
+      if (ssoRegion && ssoRegion !== session.sso_region) {
+        throw new CredentialsProviderError(`Conflicting SSO region` + conflictMsg, {
+          tryNextLink: false,
+          logger: init.logger
+        });
+      }
+      if (ssoStartUrl && ssoStartUrl !== session.sso_start_url) {
+        throw new CredentialsProviderError(`Conflicting SSO start_url` + conflictMsg, {
+          tryNextLink: false,
+          logger: init.logger
+        });
+      }
+      profile.sso_region = session.sso_region;
+      profile.sso_start_url = session.sso_start_url;
+    }
+    const { sso_start_url, sso_account_id, sso_region, sso_role_name, sso_session } = validateSsoProfile(profile, init.logger);
+    return resolveSSOCredentials({
+      ssoStartUrl: sso_start_url,
+      ssoSession: sso_session,
+      ssoAccountId: sso_account_id,
+      ssoRegion: sso_region,
+      ssoRoleName: sso_role_name,
+      ssoClient,
+      clientConfig: init.clientConfig,
+      parentClientConfig: init.parentClientConfig,
+      profile: profileName
+    });
+  } else if (!ssoStartUrl || !ssoAccountId || !ssoRegion || !ssoRoleName) {
+    throw new CredentialsProviderError('Incomplete configuration. The fromSSO() argument hash must include "ssoStartUrl", "ssoAccountId", "ssoRegion", "ssoRoleName"', {
+      tryNextLink: false,
+      logger: init.logger
+    });
+  } else {
+    return resolveSSOCredentials({
+      ssoStartUrl,
+      ssoSession,
+      ssoAccountId,
+      ssoRegion,
+      ssoRoleName,
+      ssoClient,
+      clientConfig: init.clientConfig,
+      parentClientConfig: init.parentClientConfig,
+      profile: profileName
+    });
+  }
+}, "fromSSO");
+
+export { fromSSO, isSsoProfile, validateSsoProfile };
+//# sourceMappingURL=WAGFMHUT.js.map
+//# sourceMappingURL=WAGFMHUT.js.map

package/dist/WAGFMHUT.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/isSsoProfile.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/constants.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/getSsoOidcClient.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/getNewSsoOidcToken.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/validateTokenExpiry.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/validateTokenKey.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/writeSSOTokenToFile.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/fromSso.js","../../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/resolveSSOCredentials.js","../../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/validateSsoProfile.js","../../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/fromSSO.js"],"names":["isSsoProfile","arg","sso_start_url","sso_account_id","sso_session","sso_region","sso_role_name","EXPIRE_WINDOW_MS","REFRESH_MESSAGE","getSsoOidcClient","ssoRegion","init","SSOOIDCClient","ssoOidcClient","Object","assign","clientConfig","region","logger","parentClientConfig","getNewSsoOidcToken","ssoToken","CreateTokenCommand","send","clientId","clientSecret","refreshToken","grantType","validateTokenExpiry","token","expiration","getTime","Date","now","TokenProviderError","validateTokenKey","key","value","forRefresh","writeFile","fsPromises","writeSSOTokenToFile","id","tokenFilepath","getSSOTokenFilepath","tokenString","JSON","stringify","lastRefreshAttemptTime","fromSso","_init","callerClientConfig","debug","profiles","parseKnownFiles","profileName","getProfileName","profile","ssoSessionName","ssoSessions","loadSsoSessionData","ssoSession","ssoSessionRequiredKey","getSSOTokenFromFile","e","accessToken","expiresAt","existingToken","setTime","newSsoOidcToken","expiresIn","newTokenExpiration","toISOString","error","SHOULD_FAIL_CREDENTIAL_CHAIN","resolveSSOCredentials","ssoStartUrl","ssoAccountId","ssoRoleName","ssoClient","refreshMessage","_token","getSsoTokenProvider","CredentialsProviderError","message","tryNextLink","SSOClient","GetRoleCredentialsCommand","sso","ssoResp","accountId","roleName","roleCredentials","accessKeyId","secretAccessKey","sessionToken","credentialScope","credentials","setCredentialFeature","validateSsoProfile","keys","join","fromSSO","session","conflictMsg"],"mappings":";;;;;;;;AAAO,IAAMA,YAAAA,2BAAgBC,GAAAA,KAAQA,GAAAA,KAChC,OAAOA,GAAAA,CAAIC,aAAAA,KAAkB,QAAA,IAC1B,OAAOD,GAAAA,CAAIE,cAAAA,KAAmB,YAC9B,OAAOF,GAAAA,CAAIG,WAAAA,KAAgB,QAAA,IAC3B,OAAOH,GAAAA,CAAII,eAAe,QAAA,IAC1B,OAAOJ,GAAAA,CAAIK,aAAAA,KAAkB,QAAA,CAAA,EALT,cAAA;;;ACArB,IAAMC,gBAAAA,GAAmB,IAAI,EAAA,GAAK,GAAA;AAClC,IAAMC,eAAAA,GAAkB,CAAA,+EAAA,CAAA;;;ACDxB,IAAMC,gBAAAA,mBAAmB,MAAA,CAAA,OAAOC,SAAAA,EAAWC,IAAAA,GAAO,EAAC,KAAC;AACvD,EAAA,MAAM,EAAEC,aAAAA,EAAa,GAAK,MAAM,OAAO,eAAA,CAAA;AACvC,EAAA,MAAMC,aAAAA,GAAgB,IAAID,aAAAA,CAAcE,MAAAA,CAAOC,MAAAA,CAAO,EAAC,EAAGJ,IAAAA,CAAKK,YAAAA,IAAgB,EAAC,EAAG;IAC/EC,MAAAA,EAAQP,SAAAA,IAAaC,KAAKK,YAAAA,EAAcC,MAAAA;AACxCC,IAAAA,MAAAA,EAAQP,IAAAA,CAAKK,YAAAA,EAAcE,MAAAA,IAAUP,IAAAA,CAAKQ,kBAAAA,EAAoBD;AAClE,GAAA,CAAA,CAAA;AACA,EAAA,OAAOL,aAAAA;AACX,CAAA,EAPgC,kBAAA,CAAA;;;ACCzB,IAAMO,qCAAqB,MAAA,CAAA,OAAOC,QAAAA,EAAUX,SAAAA,EAAWC,IAAAA,GAAO,EAAC,KAAC;AACnE,EAAA,MAAM,EAAEW,kBAAAA,EAAkB,GAAK,MAAM,OAAO,eAAA,CAAA;AAC5C,EAAA,MAAMT,aAAAA,GAAgB,MAAMJ,gBAAAA,CAAiBC,SAAAA,EAAWC,IAAAA,CAAAA;AACxD,EAAA,OAAOE,aAAAA,CAAcU,IAAAA,CAAK,IAAID,kBAAAA,CAAmB;AAC7CE,IAAAA,QAAAA,EAAUH,QAAAA,CAASG,QAAAA;AACnBC,IAAAA,YAAAA,EAAcJ,QAAAA,CAASI,YAAAA;AACvBC,IAAAA,YAAAA,EAAcL,QAAAA,CAASK,YAAAA;IACvBC,SAAAA,EAAW;AACf,GAAA,CAAA,CAAA;AACJ,CAAA,EATkC,oBAAA,CAAA;;;ACC3B,IAAMC,mBAAAA,2BAAuBC,KAAAA,KAAAA;AAChC,EAAA,IAAIA,KAAAA,CAAMC,cAAcD,KAAAA,CAAMC,UAAAA,CAAWC,SAAO,GAAKC,IAAAA,CAAKC,KAAG,EAAI;AAC7D,IAAA,MAAM,IAAIC,kBAAAA,CAAmB,CAAA,kBAAA,EAAqB1B,eAAAA,IAAmB,KAAA,CAAA;AACzE,EAAA;AACJ,CAAA,EAJmC,qBAAA,CAAA;;;ACA5B,IAAM2B,gBAAAA,mBAAmB,MAAA,CAAA,CAACC,GAAAA,EAAKC,KAAAA,EAAOC,aAAa,KAAA,KAAK;AAC3D,EAAA,IAAI,OAAOD,UAAU,WAAA,EAAa;AAC9B,IAAA,MAAM,IAAIH,kBAAAA,CAAmB,CAAA,uBAAA,EAA0BE,GAAAA,CAAAA,cAAAA,EAAoBE,UAAAA,GAAa,kBAAA,GAAqB,EAAA,CAAA,EAAA,EAAO9B,eAAAA,CAAAA,CAAAA,EAAmB,KAAA,CAAA;AAC3I,EAAA;AACJ,CAAA,EAJgC,kBAAA,CAAA;ACAhC,IAAM,EAAE+B,WAAS,GAAKC,QAAAA;AACf,IAAMC,mBAAAA,mBAAsB,MAAA,CAAA,CAACC,EAAAA,EAAIrB,QAAAA,KAAAA;AACpC,EAAA,MAAMsB,aAAAA,GAAgBC,oBAAoBF,EAAAA,CAAAA;AAC1C,EAAA,MAAMG,WAAAA,GAAcC,IAAAA,CAAKC,SAAAA,CAAU1B,QAAAA,EAAU,MAAM,CAAA,CAAA;AACnD,EAAA,OAAOkB,SAAAA,CAAUI,eAAeE,WAAAA,CAAAA;AACpC,CAAA,EAJmC,qBAAA,CAAA;;;ACInC,IAAMG,sBAAAA,mBAAyB,IAAIhB,IAAAA,CAAK,CAAA,CAAA;AACjC,IAAMiB,OAAAA,mBAAU,MAAA,CAAA,CAACC,KAAAA,GAAQ,EAAC,KAAM,OAAO,EAAEC,kBAAAA,EAAkB,GAAK,EAAC,KAAC;AACrE,EAAA,MAAMxC,IAAAA,GAAO;IACT,GAAGuC,KAAAA;IACH/B,kBAAAA,EAAoB;MAChB,GAAGgC,kBAAAA;AACH,MAAA,GAAGD,KAAAA,CAAM/B;AACb;AACJ,GAAA;AACAR,EAAAA,IAAAA,CAAKO,MAAAA,EAAQkC,MAAM,oCAAA,CAAA;AACnB,EAAA,MAAMC,QAAAA,GAAW,MAAMC,eAAAA,CAAgB3C,IAAAA,CAAAA;AACvC,EAAA,MAAM4C,cAAcC,cAAAA,CAAe;IAC/BC,OAAAA,EAAS9C,IAAAA,CAAK8C,WAAWN,kBAAAA,EAAoBM;GACjD,CAAA;AACA,EAAA,MAAMA,OAAAA,GAAUJ,SAASE,WAAAA,CAAAA;AACzB,EAAA,IAAI,CAACE,OAAAA,EAAS;AACV,IAAA,MAAM,IAAIvB,kBAAAA,CAAmB,CAAA,SAAA,EAAYqB,WAAAA,oDAA+D,KAAA,CAAA;EAC5G,CAAA,MAAA,IACS,CAACE,OAAAA,CAAQ,aAAA,CAAA,EAAgB;AAC9B,IAAA,MAAM,IAAIvB,kBAAAA,CAAmB,CAAA,SAAA,EAAYqB,WAAAA,CAAAA,6CAAAA,CAA0D,CAAA;AACvG,EAAA;AACA,EAAA,MAAMG,cAAAA,GAAiBD,QAAQ,aAAA,CAAA;AAC/B,EAAA,MAAME,WAAAA,GAAc,MAAMC,kBAAAA,CAAmBjD,IAAAA,CAAAA;AAC7C,EAAA,MAAMkD,UAAAA,GAAaF,YAAYD,cAAAA,CAAAA;AAC/B,EAAA,IAAI,CAACG,UAAAA,EAAY;AACb,IAAA,MAAM,IAAI3B,kBAAAA,CAAmB,CAAA,aAAA,EAAgBwB,cAAAA,oDAAkE,KAAA,CAAA;AACnH,EAAA;AACA,EAAA,KAAA,MAAWI,qBAAAA,IAAyB;AAAC,IAAA,eAAA;AAAiB,IAAA;AAAe,GAAA,EAAA;AACjE,IAAA,IAAI,CAACD,UAAAA,CAAWC,qBAAAA,CAAAA,EAAwB;AACpC,MAAA,MAAM,IAAI5B,kBAAAA,CAAmB,CAAA,aAAA,EAAgBwB,cAAAA,CAAAA,gCAAAA,EAAiDI,qBAAAA,MAA2B,KAAA,CAAA;AAC7H,IAAA;AACJ,EAAA;AACA,EAAoBD,WAAW,eAAA;AAC/B,EAAA,MAAMnD,SAAAA,GAAYmD,WAAW,YAAA,CAAA;AAC7B,EAAA,IAAIxC,QAAAA;AACJ,EAAA,IAAI;AACAA,IAAAA,QAAAA,GAAW,MAAM0C,oBAAoBL,cAAAA,CAAAA;AACzC,EAAA,CAAA,CAAA,OACOM,CAAAA,EAAG;AACN,IAAA,MAAM,IAAI9B,kBAAAA,CAAmB,CAAA,8CAAA,EAAiDqB,WAAAA,CAAAA,8BAAAA,EAA4C/C,eAAAA,IAAmB,KAAA,CAAA;AACjJ,EAAA;AACA2B,EAAAA,gBAAAA,CAAiB,aAAA,EAAed,SAAS4C,WAAW,CAAA;AACpD9B,EAAAA,gBAAAA,CAAiB,WAAA,EAAad,SAAS6C,SAAS,CAAA;AAChD,EAAA,MAAM,EAAED,WAAAA,EAAaC,SAAAA,EAAS,GAAK7C,QAAAA;AACnC,EAAA,MAAM8C,aAAAA,GAAgB;IAAEtC,KAAAA,EAAOoC,WAAAA;IAAanC,UAAAA,EAAY,IAAIE,KAAKkC,SAAAA;AAAW,GAAA;AAC5E,EAAA,IAAIC,cAAcrC,UAAAA,CAAWC,OAAAA,KAAYC,IAAAA,CAAKC,GAAAA,KAAQ1B,gBAAAA,EAAkB;AACpE,IAAA,OAAO4D,aAAAA;AACX,EAAA;AACA,EAAA,IAAInC,KAAKC,GAAAA,EAAG,GAAKe,uBAAuBjB,OAAAA,EAAO,GAAK,KAAK,GAAA,EAAM;AAC3DH,IAAAA,mBAAAA,CAAoBuC,aAAAA,CAAAA;AACpB,IAAA,OAAOA,aAAAA;AACX,EAAA;AACAhC,EAAAA,gBAAAA,CAAiB,UAAA,EAAYd,QAAAA,CAASG,QAAAA,EAAU,IAAA,CAAA;AAChDW,EAAAA,gBAAAA,CAAiB,cAAA,EAAgBd,QAAAA,CAASI,YAAAA,EAAc,IAAA,CAAA;AACxDU,EAAAA,gBAAAA,CAAiB,cAAA,EAAgBd,QAAAA,CAASK,YAAAA,EAAc,IAAA,CAAA;AACxD,EAAA,IAAI;AACAsB,IAAAA,sBAAAA,CAAuBoB,OAAAA,CAAQpC,IAAAA,CAAKC,GAAAA,EAAG,CAAA;AACvC,IAAA,MAAMoC,eAAAA,GAAkB,MAAMjD,kBAAAA,CAAmBC,QAAAA,EAAUX,WAAWC,IAAAA,CAAAA;AACtEwB,IAAAA,gBAAAA,CAAiB,aAAA,EAAekC,gBAAgBJ,WAAW,CAAA;AAC3D9B,IAAAA,gBAAAA,CAAiB,WAAA,EAAakC,gBAAgBC,SAAS,CAAA;AACvD,IAAA,MAAMC,kBAAAA,GAAqB,IAAIvC,IAAAA,CAAKA,IAAAA,CAAKC,KAAG,GAAKoC,eAAAA,CAAgBC,YAAY,GAAA,CAAA;AAC7E,IAAA,IAAI;AACA,MAAA,MAAM7B,oBAAoBiB,cAAAA,EAAgB;QACtC,GAAGrC,QAAAA;AACH4C,QAAAA,WAAAA,EAAaI,eAAAA,CAAgBJ,WAAAA;AAC7BC,QAAAA,SAAAA,EAAWK,mBAAmBC,WAAAA,EAAW;AACzC9C,QAAAA,YAAAA,EAAc2C,eAAAA,CAAgB3C;OAClC,CAAA;AACJ,IAAA,CAAA,CAAA,OACO+C,KAAAA,EAAO;AACd,IAAA;AACA,IAAA,OAAO;AACH5C,MAAAA,KAAAA,EAAOwC,eAAAA,CAAgBJ,WAAAA;MACvBnC,UAAAA,EAAYyC;AAChB,KAAA;AACJ,EAAA,CAAA,CAAA,OACOE,KAAAA,EAAO;AACV7C,IAAAA,mBAAAA,CAAoBuC,aAAAA,CAAAA;AACpB,IAAA,OAAOA,aAAAA;AACX,EAAA;AACJ,CAAA,EA/EuB,SAAA,CAAA;;;ACJvB,IAAMO,4BAAAA,GAA+B,KAAA;AAC9B,IAAMC,qBAAAA,mBAAwB,MAAA,CAAA,OAAO,EAAEC,WAAAA,EAAaf,UAAAA,EAAYgB,YAAAA,EAAcnE,SAAAA,EAAWoE,WAAAA,EAAaC,SAAAA,EAAW/D,YAAAA,EAAcG,kBAAAA,EAAoBsC,OAAAA,EAASvC,QAAM,KAAG;AACxK,EAAA,IAAIW,KAAAA;AACJ,EAAA,MAAMmD,cAAAA,GAAiB,CAAA,6EAAA,CAAA;AACvB,EAAA,IAAInB,UAAAA,EAAY;AACZ,IAAA,IAAI;AACA,MAAA,MAAMoB,MAAAA,GAAS,MAAMC,OAAAA,CAAoB;AAAEzB,QAAAA;AAAQ,OAAA,CAAA,EAAA;AACnD5B,MAAAA,KAAAA,GAAQ;AACJoC,QAAAA,WAAAA,EAAagB,MAAAA,CAAOpD,KAAAA;AACpBqC,QAAAA,SAAAA,EAAW,IAAIlC,IAAAA,CAAKiD,MAAAA,CAAOnD,UAAU,EAAE0C,WAAAA;AAC3C,OAAA;AACJ,IAAA,CAAA,CAAA,OACOR,CAAAA,EAAG;AACN,MAAA,MAAM,IAAImB,wBAAAA,CAAyBnB,CAAAA,CAAEoB,OAAAA,EAAS;QAC1CC,WAAAA,EAAaX,4BAAAA;AACbxD,QAAAA;OACJ,CAAA;AACJ,IAAA;EACJ,CAAA,MACK;AACD,IAAA,IAAI;AACAW,MAAAA,KAAAA,GAAQ,MAAMkC,oBAAoBa,WAAAA,CAAAA;AACtC,IAAA,CAAA,CAAA,OACOZ,CAAAA,EAAG;AACN,MAAA,MAAM,IAAImB,wBAAAA,CAAyB,CAAA,yDAAA,EAA4DH,cAAAA,CAAAA,CAAAA,EAAkB;QAC7GK,WAAAA,EAAaX,4BAAAA;AACbxD,QAAAA;OACJ,CAAA;AACJ,IAAA;AACJ,EAAA;AACA,EAAA,IAAI,IAAIc,IAAAA,CAAKH,KAAAA,CAAMqC,SAAS,CAAA,CAAEnC,SAAO,GAAKC,IAAAA,CAAKC,GAAAA,EAAG,IAAM,CAAA,EAAG;AACvD,IAAA,MAAM,IAAIkD,wBAAAA,CAAyB,CAAA,0DAAA,EAA6DH,cAAAA,CAAAA,CAAAA,EAAkB;MAC9GK,WAAAA,EAAaX,4BAAAA;AACbxD,MAAAA;KACJ,CAAA;AACJ,EAAA;AACA,EAAA,MAAM,EAAE+C,aAAW,GAAKpC,KAAAA;AACxB,EAAA,MAAM,EAAEyD,SAAAA,EAAWC,yBAAAA,EAAyB,GAAK,MAAM,OAAO,eAAA,CAAA;AAC9D,EAAA,MAAMC,GAAAA,GAAMT,SAAAA,IACR,IAAIO,SAAAA,CAAUxE,MAAAA,CAAOC,OAAO,EAAC,EAAGC,YAAAA,IAAgB,EAAC,EAAG;IAChDE,MAAAA,EAAQF,YAAAA,EAAcE,UAAUC,kBAAAA,EAAoBD,MAAAA;AACpDD,IAAAA,MAAAA,EAAQD,cAAcC,MAAAA,IAAUP;AACpC,GAAA,CAAA,CAAA;AACJ,EAAA,IAAI+E,OAAAA;AACJ,EAAA,IAAI;AACAA,IAAAA,OAAAA,GAAU,MAAMD,GAAAA,CAAIjE,IAAAA,CAAK,IAAIgE,yBAAAA,CAA0B;MACnDG,SAAAA,EAAWb,YAAAA;MACXc,QAAAA,EAAUb,WAAAA;AACVb,MAAAA;AACJ,KAAA,CAAA,CAAA;AACJ,EAAA,CAAA,CAAA,OACOD,CAAAA,EAAG;AACN,IAAA,MAAM,IAAImB,yBAAyBnB,CAAAA,EAAG;MAClCqB,WAAAA,EAAaX,4BAAAA;AACbxD,MAAAA;KACJ,CAAA;AACJ,EAAA;AACA,EAAA,MAAM,EAAE0E,eAAAA,EAAiB,EAAEC,WAAAA,EAAaC,eAAAA,EAAiBC,YAAAA,EAAcjE,UAAAA,EAAYkE,eAAAA,EAAiBN,SAAAA,EAAS,GAAK,EAAC,EAAC,GAAMD,OAAAA;AAC1H,EAAA,IAAI,CAACI,WAAAA,IAAe,CAACC,mBAAmB,CAACC,YAAAA,IAAgB,CAACjE,UAAAA,EAAY;AAClE,IAAA,MAAM,IAAIqD,yBAAyB,8CAAA,EAAgD;MAC/EE,WAAAA,EAAaX,4BAAAA;AACbxD,MAAAA;KACJ,CAAA;AACJ,EAAA;AACA,EAAA,MAAM+E,WAAAA,GAAc;AAChBJ,IAAAA,WAAAA;AACAC,IAAAA,eAAAA;AACAC,IAAAA,YAAAA;IACAjE,UAAAA,EAAY,IAAIE,KAAKF,UAAAA,CAAAA;AACrB,IAAA,GAAIkE,eAAAA,IAAmB;AAAEA,MAAAA;AAAgB,KAAA;AACzC,IAAA,GAAIN,SAAAA,IAAa;AAAEA,MAAAA;AAAU;AACjC,GAAA;AACA,EAAA,IAAI7B,UAAAA,EAAY;AACZqC,IAAAA,oBAAAA,CAAqBD,WAAAA,EAAa,mBAAmB,GAAA,CAAA;EACzD,CAAA,MACK;AACDC,IAAAA,oBAAAA,CAAqBD,WAAAA,EAAa,0BAA0B,GAAA,CAAA;AAChE,EAAA;AACA,EAAA,OAAOA,WAAAA;AACX,CAAA,EA9EqC,uBAAA,CAAA;;;ACJ9B,IAAME,kBAAAA,mBAAqB,MAAA,CAAA,CAAC1C,OAAAA,EAASvC,MAAAA,KAAAA;AACxC,EAAA,MAAM,EAAEhB,aAAAA,EAAeC,cAAAA,EAAgBE,UAAAA,EAAYC,eAAa,GAAKmD,OAAAA;AACrE,EAAA,IAAI,CAACvD,aAAAA,IAAiB,CAACC,kBAAkB,CAACE,UAAAA,IAAc,CAACC,aAAAA,EAAe;AACpE,IAAA,MAAM,IAAI6E,yBAAyB,CAAA,8IAAA,EACwBrE,MAAAA,CAAOsF,KAAK3C,OAAAA,CAAAA,CAAS4C,IAAAA,CAAK,IAAA,CAAA;AAA6F,kFAAA,CAAA,EAAA;MAAEhB,WAAAA,EAAa,KAAA;AAAOnE,MAAAA;KAAO,CAAA;AACnN,EAAA;AACA,EAAA,OAAOuC,OAAAA;AACX,CAAA,EAPkC,oBAAA;;;ACI3B,IAAM6C,OAAAA,mBAAU,MAAA,CAAA,CAAC3F,IAAAA,GAAO,EAAC,KAAM,OAAO,EAAEwC,kBAAAA,EAAkB,GAAK,EAAC,KAAC;AACpExC,EAAAA,IAAAA,CAAKO,MAAAA,EAAQkC,MAAM,4CAAA,CAAA;AACnB,EAAA,MAAM,EAAEwB,WAAAA,EAAaC,YAAAA,EAAcnE,SAAAA,EAAWoE,WAAAA,EAAajB,YAAU,GAAKlD,IAAAA;AAC1E,EAAA,MAAM,EAAEoE,WAAS,GAAKpE,IAAAA;AACtB,EAAA,MAAM4C,cAAcC,cAAAA,CAAe;IAC/BC,OAAAA,EAAS9C,IAAAA,CAAK8C,WAAWN,kBAAAA,EAAoBM;GACjD,CAAA;AACA,EAAA,IAAI,CAACmB,eAAe,CAACC,YAAAA,IAAgB,CAACnE,SAAAA,IAAa,CAACoE,WAAAA,IAAe,CAACjB,UAAAA,EAAY;AAC5E,IAAA,MAAMR,QAAAA,GAAW,MAAMC,eAAAA,CAAgB3C,IAAAA,CAAAA;AACvC,IAAA,MAAM8C,OAAAA,GAAUJ,SAASE,WAAAA,CAAAA;AACzB,IAAA,IAAI,CAACE,OAAAA,EAAS;AACV,MAAA,MAAM,IAAI0B,wBAAAA,CAAyB,CAAA,QAAA,EAAW5B,WAAAA,CAAAA,eAAAA,CAAAA,EAA8B;AAAErC,QAAAA,MAAAA,EAAQP,IAAAA,CAAKO;OAAO,CAAA;AACtG,IAAA;AACA,IAAA,IAAI,CAAClB,YAAAA,CAAayD,OAAAA,CAAAA,EAAU;AACxB,MAAA,MAAM,IAAI0B,wBAAAA,CAAyB,CAAA,QAAA,EAAW5B,WAAAA,CAAAA,wCAAAA,CAAAA,EAAuD;AACjGrC,QAAAA,MAAAA,EAAQP,IAAAA,CAAKO;OACjB,CAAA;AACJ,IAAA;AACA,IAAA,IAAIuC,SAASrD,WAAAA,EAAa;AACtB,MAAA,MAAMuD,WAAAA,GAAc,MAAMC,kBAAAA,CAAmBjD,IAAAA,CAAAA;AAC7C,MAAA,MAAM4F,OAAAA,GAAU5C,WAAAA,CAAYF,OAAAA,CAAQrD,WAAW,CAAA;AAC/C,MAAA,MAAMoG,WAAAA,GAAc,CAAA,2BAAA,EAA8BjD,WAAAA,CAAAA,iBAAAA,EAA+BE,QAAQrD,WAAW,CAAA,CAAA;AACpG,MAAA,IAAIM,SAAAA,IAAaA,SAAAA,KAAc6F,OAAAA,CAAQlG,UAAAA,EAAY;AAC/C,QAAA,MAAM,IAAI8E,wBAAAA,CAAyB,CAAA,sBAAA,CAAA,GAA2BqB,WAAAA,EAAa;UACvEnB,WAAAA,EAAa,KAAA;AACbnE,UAAAA,MAAAA,EAAQP,IAAAA,CAAKO;SACjB,CAAA;AACJ,MAAA;AACA,MAAA,IAAI0D,WAAAA,IAAeA,WAAAA,KAAgB2B,OAAAA,CAAQrG,aAAAA,EAAe;AACtD,QAAA,MAAM,IAAIiF,wBAAAA,CAAyB,CAAA,yBAAA,CAAA,GAA8BqB,WAAAA,EAAa;UAC1EnB,WAAAA,EAAa,KAAA;AACbnE,UAAAA,MAAAA,EAAQP,IAAAA,CAAKO;SACjB,CAAA;AACJ,MAAA;AACAuC,MAAAA,OAAAA,CAAQpD,aAAakG,OAAAA,CAAQlG,UAAAA;AAC7BoD,MAAAA,OAAAA,CAAQvD,gBAAgBqG,OAAAA,CAAQrG,aAAAA;AACpC,IAAA;AACA,IAAA,MAAM,EAAEA,aAAAA,EAAeC,cAAAA,EAAgBE,UAAAA,EAAYC,aAAAA,EAAeF,aAAW,GAAK+F,kBAAAA,CAAmB1C,OAAAA,EAAS9C,IAAAA,CAAKO,MAAM,CAAA;AACzH,IAAA,OAAOyD,qBAAAA,CAAsB;MACzBC,WAAAA,EAAa1E,aAAAA;MACb2D,UAAAA,EAAYzD,WAAAA;MACZyE,YAAAA,EAAc1E,cAAAA;MACdO,SAAAA,EAAWL,UAAAA;MACXyE,WAAAA,EAAaxE,aAAAA;AACbyE,MAAAA,SAAAA;AACA/D,MAAAA,YAAAA,EAAcL,IAAAA,CAAKK,YAAAA;AACnBG,MAAAA,kBAAAA,EAAoBR,IAAAA,CAAKQ,kBAAAA;MACzBsC,OAAAA,EAASF;KACb,CAAA;AACJ,EAAA,CAAA,MAAA,IACS,CAACqB,WAAAA,IAAe,CAACC,gBAAgB,CAACnE,SAAAA,IAAa,CAACoE,WAAAA,EAAa;AAClE,IAAA,MAAM,IAAIK,yBAAyB,8HAAA,EAC8B;MAAEE,WAAAA,EAAa,KAAA;AAAOnE,MAAAA,MAAAA,EAAQP,IAAAA,CAAKO;KAAO,CAAA;EAC/G,CAAA,MACK;AACD,IAAA,OAAOyD,qBAAAA,CAAsB;AACzBC,MAAAA,WAAAA;AACAf,MAAAA,UAAAA;AACAgB,MAAAA,YAAAA;AACAnE,MAAAA,SAAAA;AACAoE,MAAAA,WAAAA;AACAC,MAAAA,SAAAA;AACA/D,MAAAA,YAAAA,EAAcL,IAAAA,CAAKK,YAAAA;AACnBG,MAAAA,kBAAAA,EAAoBR,IAAAA,CAAKQ,kBAAAA;MACzBsC,OAAAA,EAASF;KACb,CAAA;AACJ,EAAA;AACJ,CAAA,EAnEuB,SAAA","file":"WAGFMHUT.js","sourcesContent":["export const isSsoProfile = (arg) => arg &&\n    (typeof arg.sso_start_url === \"string\" ||\n        typeof arg.sso_account_id === \"string\" ||\n        typeof arg.sso_session === \"string\" ||\n        typeof arg.sso_region === \"string\" ||\n        typeof arg.sso_role_name === \"string\");\n","export const EXPIRE_WINDOW_MS = 5 * 60 * 1000;\nexport const REFRESH_MESSAGE = `To refresh this SSO session run 'aws sso login' with the corresponding profile.`;\n","export const getSsoOidcClient = async (ssoRegion, init = {}) => {\n    const { SSOOIDCClient } = await import(\"@aws-sdk/nested-clients/sso-oidc\");\n    const ssoOidcClient = new SSOOIDCClient(Object.assign({}, init.clientConfig ?? {}, {\n        region: ssoRegion ?? init.clientConfig?.region,\n        logger: init.clientConfig?.logger ?? init.parentClientConfig?.logger,\n    }));\n    return ssoOidcClient;\n};\n","import { getSsoOidcClient } from \"./getSsoOidcClient\";\nexport const getNewSsoOidcToken = async (ssoToken, ssoRegion, init = {}) => {\n    const { CreateTokenCommand } = await import(\"@aws-sdk/nested-clients/sso-oidc\");\n    const ssoOidcClient = await getSsoOidcClient(ssoRegion, init);\n    return ssoOidcClient.send(new CreateTokenCommand({\n        clientId: ssoToken.clientId,\n        clientSecret: ssoToken.clientSecret,\n        refreshToken: ssoToken.refreshToken,\n        grantType: \"refresh_token\",\n    }));\n};\n","import { TokenProviderError } from \"@smithy/property-provider\";\nimport { REFRESH_MESSAGE } from \"./constants\";\nexport const validateTokenExpiry = (token) => {\n    if (token.expiration && token.expiration.getTime() < Date.now()) {\n        throw new TokenProviderError(`Token is expired. ${REFRESH_MESSAGE}`, false);\n    }\n};\n","import { TokenProviderError } from \"@smithy/property-provider\";\nimport { REFRESH_MESSAGE } from \"./constants\";\nexport const validateTokenKey = (key, value, forRefresh = false) => {\n    if (typeof value === \"undefined\") {\n        throw new TokenProviderError(`Value not present for '${key}' in SSO Token${forRefresh ? \". Cannot refresh\" : \"\"}. ${REFRESH_MESSAGE}`, false);\n    }\n};\n","import { getSSOTokenFilepath } from \"@smithy/shared-ini-file-loader\";\nimport { promises as fsPromises } from \"fs\";\nconst { writeFile } = fsPromises;\nexport const writeSSOTokenToFile = (id, ssoToken) => {\n    const tokenFilepath = getSSOTokenFilepath(id);\n    const tokenString = JSON.stringify(ssoToken, null, 2);\n    return writeFile(tokenFilepath, tokenString);\n};\n","import { TokenProviderError } from \"@smithy/property-provider\";\nimport { getProfileName, getSSOTokenFromFile, loadSsoSessionData, parseKnownFiles, } from \"@smithy/shared-ini-file-loader\";\nimport { EXPIRE_WINDOW_MS, REFRESH_MESSAGE } from \"./constants\";\nimport { getNewSsoOidcToken } from \"./getNewSsoOidcToken\";\nimport { validateTokenExpiry } from \"./validateTokenExpiry\";\nimport { validateTokenKey } from \"./validateTokenKey\";\nimport { writeSSOTokenToFile } from \"./writeSSOTokenToFile\";\nconst lastRefreshAttemptTime = new Date(0);\nexport const fromSso = (_init = {}) => async ({ callerClientConfig } = {}) => {\n    const init = {\n        ..._init,\n        parentClientConfig: {\n            ...callerClientConfig,\n            ..._init.parentClientConfig,\n        },\n    };\n    init.logger?.debug(\"@aws-sdk/token-providers - fromSso\");\n    const profiles = await parseKnownFiles(init);\n    const profileName = getProfileName({\n        profile: init.profile ?? callerClientConfig?.profile,\n    });\n    const profile = profiles[profileName];\n    if (!profile) {\n        throw new TokenProviderError(`Profile '${profileName}' could not be found in shared credentials file.`, false);\n    }\n    else if (!profile[\"sso_session\"]) {\n        throw new TokenProviderError(`Profile '${profileName}' is missing required property 'sso_session'.`);\n    }\n    const ssoSessionName = profile[\"sso_session\"];\n    const ssoSessions = await loadSsoSessionData(init);\n    const ssoSession = ssoSessions[ssoSessionName];\n    if (!ssoSession) {\n        throw new TokenProviderError(`Sso session '${ssoSessionName}' could not be found in shared credentials file.`, false);\n    }\n    for (const ssoSessionRequiredKey of [\"sso_start_url\", \"sso_region\"]) {\n        if (!ssoSession[ssoSessionRequiredKey]) {\n            throw new TokenProviderError(`Sso session '${ssoSessionName}' is missing required property '${ssoSessionRequiredKey}'.`, false);\n        }\n    }\n    const ssoStartUrl = ssoSession[\"sso_start_url\"];\n    const ssoRegion = ssoSession[\"sso_region\"];\n    let ssoToken;\n    try {\n        ssoToken = await getSSOTokenFromFile(ssoSessionName);\n    }\n    catch (e) {\n        throw new TokenProviderError(`The SSO session token associated with profile=${profileName} was not found or is invalid. ${REFRESH_MESSAGE}`, false);\n    }\n    validateTokenKey(\"accessToken\", ssoToken.accessToken);\n    validateTokenKey(\"expiresAt\", ssoToken.expiresAt);\n    const { accessToken, expiresAt } = ssoToken;\n    const existingToken = { token: accessToken, expiration: new Date(expiresAt) };\n    if (existingToken.expiration.getTime() - Date.now() > EXPIRE_WINDOW_MS) {\n        return existingToken;\n    }\n    if (Date.now() - lastRefreshAttemptTime.getTime() < 30 * 1000) {\n        validateTokenExpiry(existingToken);\n        return existingToken;\n    }\n    validateTokenKey(\"clientId\", ssoToken.clientId, true);\n    validateTokenKey(\"clientSecret\", ssoToken.clientSecret, true);\n    validateTokenKey(\"refreshToken\", ssoToken.refreshToken, true);\n    try {\n        lastRefreshAttemptTime.setTime(Date.now());\n        const newSsoOidcToken = await getNewSsoOidcToken(ssoToken, ssoRegion, init);\n        validateTokenKey(\"accessToken\", newSsoOidcToken.accessToken);\n        validateTokenKey(\"expiresIn\", newSsoOidcToken.expiresIn);\n        const newTokenExpiration = new Date(Date.now() + newSsoOidcToken.expiresIn * 1000);\n        try {\n            await writeSSOTokenToFile(ssoSessionName, {\n                ...ssoToken,\n                accessToken: newSsoOidcToken.accessToken,\n                expiresAt: newTokenExpiration.toISOString(),\n                refreshToken: newSsoOidcToken.refreshToken,\n            });\n        }\n        catch (error) {\n        }\n        return {\n            token: newSsoOidcToken.accessToken,\n            expiration: newTokenExpiration,\n        };\n    }\n    catch (error) {\n        validateTokenExpiry(existingToken);\n        return existingToken;\n    }\n};\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nimport { fromSso as getSsoTokenProvider } from \"@aws-sdk/token-providers\";\nimport { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { getSSOTokenFromFile } from \"@smithy/shared-ini-file-loader\";\nconst SHOULD_FAIL_CREDENTIAL_CHAIN = false;\nexport const resolveSSOCredentials = async ({ ssoStartUrl, ssoSession, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, clientConfig, parentClientConfig, profile, logger, }) => {\n    let token;\n    const refreshMessage = `To refresh this SSO session run aws sso login with the corresponding profile.`;\n    if (ssoSession) {\n        try {\n            const _token = await getSsoTokenProvider({ profile })();\n            token = {\n                accessToken: _token.token,\n                expiresAt: new Date(_token.expiration).toISOString(),\n            };\n        }\n        catch (e) {\n            throw new CredentialsProviderError(e.message, {\n                tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n                logger,\n            });\n        }\n    }\n    else {\n        try {\n            token = await getSSOTokenFromFile(ssoStartUrl);\n        }\n        catch (e) {\n            throw new CredentialsProviderError(`The SSO session associated with this profile is invalid. ${refreshMessage}`, {\n                tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n                logger,\n            });\n        }\n    }\n    if (new Date(token.expiresAt).getTime() - Date.now() <= 0) {\n        throw new CredentialsProviderError(`The SSO session associated with this profile has expired. ${refreshMessage}`, {\n            tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n            logger,\n        });\n    }\n    const { accessToken } = token;\n    const { SSOClient, GetRoleCredentialsCommand } = await import(\"./loadSso\");\n    const sso = ssoClient ||\n        new SSOClient(Object.assign({}, clientConfig ?? {}, {\n            logger: clientConfig?.logger ?? parentClientConfig?.logger,\n            region: clientConfig?.region ?? ssoRegion,\n        }));\n    let ssoResp;\n    try {\n        ssoResp = await sso.send(new GetRoleCredentialsCommand({\n            accountId: ssoAccountId,\n            roleName: ssoRoleName,\n            accessToken,\n        }));\n    }\n    catch (e) {\n        throw new CredentialsProviderError(e, {\n            tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n            logger,\n        });\n    }\n    const { roleCredentials: { accessKeyId, secretAccessKey, sessionToken, expiration, credentialScope, accountId } = {}, } = ssoResp;\n    if (!accessKeyId || !secretAccessKey || !sessionToken || !expiration) {\n        throw new CredentialsProviderError(\"SSO returns an invalid temporary credential.\", {\n            tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n            logger,\n        });\n    }\n    const credentials = {\n        accessKeyId,\n        secretAccessKey,\n        sessionToken,\n        expiration: new Date(expiration),\n        ...(credentialScope && { credentialScope }),\n        ...(accountId && { accountId }),\n    };\n    if (ssoSession) {\n        setCredentialFeature(credentials, \"CREDENTIALS_SSO\", \"s\");\n    }\n    else {\n        setCredentialFeature(credentials, \"CREDENTIALS_SSO_LEGACY\", \"u\");\n    }\n    return credentials;\n};\n","import { CredentialsProviderError } from \"@smithy/property-provider\";\nexport const validateSsoProfile = (profile, logger) => {\n    const { sso_start_url, sso_account_id, sso_region, sso_role_name } = profile;\n    if (!sso_start_url || !sso_account_id || !sso_region || !sso_role_name) {\n        throw new CredentialsProviderError(`Profile is configured with invalid SSO credentials. Required parameters \"sso_account_id\", ` +\n            `\"sso_region\", \"sso_role_name\", \"sso_start_url\". Got ${Object.keys(profile).join(\", \")}\\nReference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html`, { tryNextLink: false, logger });\n    }\n    return profile;\n};\n","import { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { getProfileName, loadSsoSessionData, parseKnownFiles } from \"@smithy/shared-ini-file-loader\";\nimport { isSsoProfile } from \"./isSsoProfile\";\nimport { resolveSSOCredentials } from \"./resolveSSOCredentials\";\nimport { validateSsoProfile } from \"./validateSsoProfile\";\nexport const fromSSO = (init = {}) => async ({ callerClientConfig } = {}) => {\n    init.logger?.debug(\"@aws-sdk/credential-provider-sso - fromSSO\");\n    const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoSession } = init;\n    const { ssoClient } = init;\n    const profileName = getProfileName({\n        profile: init.profile ?? callerClientConfig?.profile,\n    });\n    if (!ssoStartUrl && !ssoAccountId && !ssoRegion && !ssoRoleName && !ssoSession) {\n        const profiles = await parseKnownFiles(init);\n        const profile = profiles[profileName];\n        if (!profile) {\n            throw new CredentialsProviderError(`Profile ${profileName} was not found.`, { logger: init.logger });\n        }\n        if (!isSsoProfile(profile)) {\n            throw new CredentialsProviderError(`Profile ${profileName} is not configured with SSO credentials.`, {\n                logger: init.logger,\n            });\n        }\n        if (profile?.sso_session) {\n            const ssoSessions = await loadSsoSessionData(init);\n            const session = ssoSessions[profile.sso_session];\n            const conflictMsg = ` configurations in profile ${profileName} and sso-session ${profile.sso_session}`;\n            if (ssoRegion && ssoRegion !== session.sso_region) {\n                throw new CredentialsProviderError(`Conflicting SSO region` + conflictMsg, {\n                    tryNextLink: false,\n                    logger: init.logger,\n                });\n            }\n            if (ssoStartUrl && ssoStartUrl !== session.sso_start_url) {\n                throw new CredentialsProviderError(`Conflicting SSO start_url` + conflictMsg, {\n                    tryNextLink: false,\n                    logger: init.logger,\n                });\n            }\n            profile.sso_region = session.sso_region;\n            profile.sso_start_url = session.sso_start_url;\n        }\n        const { sso_start_url, sso_account_id, sso_region, sso_role_name, sso_session } = validateSsoProfile(profile, init.logger);\n        return resolveSSOCredentials({\n            ssoStartUrl: sso_start_url,\n            ssoSession: sso_session,\n            ssoAccountId: sso_account_id,\n            ssoRegion: sso_region,\n            ssoRoleName: sso_role_name,\n            ssoClient: ssoClient,\n            clientConfig: init.clientConfig,\n            parentClientConfig: init.parentClientConfig,\n            profile: profileName,\n        });\n    }\n    else if (!ssoStartUrl || !ssoAccountId || !ssoRegion || !ssoRoleName) {\n        throw new CredentialsProviderError(\"Incomplete configuration. The fromSSO() argument hash must include \" +\n            '\"ssoStartUrl\", \"ssoAccountId\", \"ssoRegion\", \"ssoRoleName\"', { tryNextLink: false, logger: init.logger });\n    }\n    else {\n        return resolveSSOCredentials({\n            ssoStartUrl,\n            ssoSession,\n            ssoAccountId,\n            ssoRegion,\n            ssoRoleName,\n            ssoClient,\n            clientConfig: init.clientConfig,\n            parentClientConfig: init.parentClientConfig,\n            profile: profileName,\n        });\n    }\n};\n"]}

package/dist/WBKUP4MX.js

@@ -0,0 +1,168 @@
+import { HttpRequest, sdkStreamMixin, parseRfc3339DateTime, NodeHttpHandler } from './F5UPK5ZZ.js';
+import './33GUXAT7.js';
+import { setCredentialFeature } from './YVV5I7A5.js';
+import './6UWCX7SA.js';
+import { CredentialsProviderError } from './7EXYTS34.js';
+import { __name } from './VUOMXK5T.js';
+import fs from 'fs/promises';
+
+// ../../node_modules/.pnpm/@aws-sdk+credential-provider-http@3.879.0/node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/checkUrl.js
+var ECS_CONTAINER_HOST = "169.254.170.2";
+var EKS_CONTAINER_HOST_IPv4 = "169.254.170.23";
+var EKS_CONTAINER_HOST_IPv6 = "[fd00:ec2::23]";
+var checkUrl = /* @__PURE__ */ __name((url, logger) => {
+  if (url.protocol === "https:") {
+    return;
+  }
+  if (url.hostname === ECS_CONTAINER_HOST || url.hostname === EKS_CONTAINER_HOST_IPv4 || url.hostname === EKS_CONTAINER_HOST_IPv6) {
+    return;
+  }
+  if (url.hostname.includes("[")) {
+    if (url.hostname === "[::1]" || url.hostname === "[0000:0000:0000:0000:0000:0000:0000:0001]") {
+      return;
+    }
+  } else {
+    if (url.hostname === "localhost") {
+      return;
+    }
+    const ipComponents = url.hostname.split(".");
+    const inRange = /* @__PURE__ */ __name((component) => {
+      const num = parseInt(component, 10);
+      return 0 <= num && num <= 255;
+    }, "inRange");
+    if (ipComponents[0] === "127" && inRange(ipComponents[1]) && inRange(ipComponents[2]) && inRange(ipComponents[3]) && ipComponents.length === 4) {
+      return;
+    }
+  }
+  throw new CredentialsProviderError(`URL not accepted. It must either be HTTPS or match one of the following:
+  - loopback CIDR 127.0.0.0/8 or [::1/128]
+  - ECS container host 169.254.170.2
+  - EKS container host 169.254.170.23 or [fd00:ec2::23]`, {
+    logger
+  });
+}, "checkUrl");
+
+// ../../node_modules/.pnpm/@aws-sdk+credential-provider-http@3.879.0/node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/requestHelpers.js
+function createGetRequest(url) {
+  return new HttpRequest({
+    protocol: url.protocol,
+    hostname: url.hostname,
+    port: Number(url.port),
+    path: url.pathname,
+    query: Array.from(url.searchParams.entries()).reduce((acc, [k, v]) => {
+      acc[k] = v;
+      return acc;
+    }, {}),
+    fragment: url.hash
+  });
+}
+__name(createGetRequest, "createGetRequest");
+async function getCredentials(response, logger) {
+  const stream = sdkStreamMixin(response.body);
+  const str = await stream.transformToString();
+  if (response.statusCode === 200) {
+    const parsed = JSON.parse(str);
+    if (typeof parsed.AccessKeyId !== "string" || typeof parsed.SecretAccessKey !== "string" || typeof parsed.Token !== "string" || typeof parsed.Expiration !== "string") {
+      throw new CredentialsProviderError("HTTP credential provider response not of the required format, an object matching: { AccessKeyId: string, SecretAccessKey: string, Token: string, Expiration: string(rfc3339) }", {
+        logger
+      });
+    }
+    return {
+      accessKeyId: parsed.AccessKeyId,
+      secretAccessKey: parsed.SecretAccessKey,
+      sessionToken: parsed.Token,
+      expiration: parseRfc3339DateTime(parsed.Expiration)
+    };
+  }
+  if (response.statusCode >= 400 && response.statusCode < 500) {
+    let parsedBody = {};
+    try {
+      parsedBody = JSON.parse(str);
+    } catch (e) {
+    }
+    throw Object.assign(new CredentialsProviderError(`Server responded with status: ${response.statusCode}`, {
+      logger
+    }), {
+      Code: parsedBody.Code,
+      Message: parsedBody.Message
+    });
+  }
+  throw new CredentialsProviderError(`Server responded with status: ${response.statusCode}`, {
+    logger
+  });
+}
+__name(getCredentials, "getCredentials");
+
+// ../../node_modules/.pnpm/@aws-sdk+credential-provider-http@3.879.0/node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/retry-wrapper.js
+var retryWrapper = /* @__PURE__ */ __name((toRetry, maxRetries, delayMs) => {
+  return async () => {
+    for (let i = 0; i < maxRetries; ++i) {
+      try {
+        return await toRetry();
+      } catch (e) {
+        await new Promise((resolve) => setTimeout(resolve, delayMs));
+      }
+    }
+    return await toRetry();
+  };
+}, "retryWrapper");
+
+// ../../node_modules/.pnpm/@aws-sdk+credential-provider-http@3.879.0/node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/fromHttp.js
+var AWS_CONTAINER_CREDENTIALS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI";
+var DEFAULT_LINK_LOCAL_HOST = "http://169.254.170.2";
+var AWS_CONTAINER_CREDENTIALS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI";
+var AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE";
+var AWS_CONTAINER_AUTHORIZATION_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN";
+var fromHttp = /* @__PURE__ */ __name((options = {}) => {
+  options.logger?.debug("@aws-sdk/credential-provider-http - fromHttp");
+  let host;
+  const relative = options.awsContainerCredentialsRelativeUri ?? process.env[AWS_CONTAINER_CREDENTIALS_RELATIVE_URI];
+  const full = options.awsContainerCredentialsFullUri ?? process.env[AWS_CONTAINER_CREDENTIALS_FULL_URI];
+  const token = options.awsContainerAuthorizationToken ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN];
+  const tokenFile = options.awsContainerAuthorizationTokenFile ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE];
+  const warn = options.logger?.constructor?.name === "NoOpLogger" || !options.logger ? console.warn : options.logger.warn;
+  if (relative && full) {
+    warn("@aws-sdk/credential-provider-http: you have set both awsContainerCredentialsRelativeUri and awsContainerCredentialsFullUri.");
+    warn("awsContainerCredentialsFullUri will take precedence.");
+  }
+  if (token && tokenFile) {
+    warn("@aws-sdk/credential-provider-http: you have set both awsContainerAuthorizationToken and awsContainerAuthorizationTokenFile.");
+    warn("awsContainerAuthorizationToken will take precedence.");
+  }
+  if (full) {
+    host = full;
+  } else if (relative) {
+    host = `${DEFAULT_LINK_LOCAL_HOST}${relative}`;
+  } else {
+    throw new CredentialsProviderError(`No HTTP credential provider host provided.
+Set AWS_CONTAINER_CREDENTIALS_FULL_URI or AWS_CONTAINER_CREDENTIALS_RELATIVE_URI.`, {
+      logger: options.logger
+    });
+  }
+  const url = new URL(host);
+  checkUrl(url, options.logger);
+  const requestHandler = new NodeHttpHandler({
+    requestTimeout: options.timeout ?? 1e3,
+    connectionTimeout: options.timeout ?? 1e3
+  });
+  return retryWrapper(async () => {
+    const request = createGetRequest(url);
+    if (token) {
+      request.headers.Authorization = token;
+    } else if (tokenFile) {
+      request.headers.Authorization = (await fs.readFile(tokenFile)).toString();
+    }
+    try {
+      const result = await requestHandler.handle(request);
+      return getCredentials(result.response).then((creds) => setCredentialFeature(creds, "CREDENTIALS_HTTP", "z"));
+    } catch (e) {
+      throw new CredentialsProviderError(String(e), {
+        logger: options.logger
+      });
+    }
+  }, options.maxRetries ?? 3, options.timeout ?? 1e3);
+}, "fromHttp");
+
+export { fromHttp };
+//# sourceMappingURL=WBKUP4MX.js.map
+//# sourceMappingURL=WBKUP4MX.js.map

package/dist/WBKUP4MX.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../node_modules/.pnpm/@aws-sdk+credential-provider-http@3.879.0/node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/checkUrl.js","../../../node_modules/.pnpm/@aws-sdk+credential-provider-http@3.879.0/node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/requestHelpers.js","../../../node_modules/.pnpm/@aws-sdk+credential-provider-http@3.879.0/node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/retry-wrapper.js","../../../node_modules/.pnpm/@aws-sdk+credential-provider-http@3.879.0/node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/fromHttp.js"],"names":["ECS_CONTAINER_HOST","EKS_CONTAINER_HOST_IPv4","EKS_CONTAINER_HOST_IPv6","checkUrl","url","logger","protocol","hostname","includes","ipComponents","split","inRange","component","num","parseInt","length","CredentialsProviderError","createGetRequest","HttpRequest","port","Number","path","pathname","query","Array","from","searchParams","entries","reduce","acc","k","v","fragment","hash","getCredentials","response","stream","sdkStreamMixin","body","str","transformToString","statusCode","parsed","JSON","parse","AccessKeyId","SecretAccessKey","Token","Expiration","accessKeyId","secretAccessKey","sessionToken","expiration","parseRfc3339DateTime","parsedBody","e","Object","assign","Code","Message","retryWrapper","toRetry","maxRetries","delayMs","i","Promise","resolve","setTimeout","AWS_CONTAINER_CREDENTIALS_RELATIVE_URI","DEFAULT_LINK_LOCAL_HOST","AWS_CONTAINER_CREDENTIALS_FULL_URI","AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE","AWS_CONTAINER_AUTHORIZATION_TOKEN","fromHttp","options","debug","host","relative","awsContainerCredentialsRelativeUri","process","env","full","awsContainerCredentialsFullUri","token","awsContainerAuthorizationToken","tokenFile","awsContainerAuthorizationTokenFile","warn","name","console","URL","requestHandler","NodeHttpHandler","requestTimeout","timeout","connectionTimeout","request","headers","Authorization","fs","readFile","toString","result","handle","then","creds","setCredentialFeature","String"],"mappings":";;;;;;;;;AAGA,IAAMA,kBAAAA,GAAqB,eAAA;AAC3B,IAAMC,uBAAAA,GAA0B,gBAAA;AAChC,IAAMC,uBAAAA,GAA0B,gBAAA;AACzB,IAAMC,QAAAA,mBAAW,MAAA,CAAA,CAACC,GAAAA,EAAKC,MAAAA,KAAAA;AAC1B,EAAA,IAAID,GAAAA,CAAIE,aAAa,QAAA,EAAU;AAC3B,IAAA;AACJ,EAAA;AACA,EAAA,IAAIF,GAAAA,CAAIG,aAAaP,kBAAAA,IACjBI,GAAAA,CAAIG,aAAaN,uBAAAA,IACjBG,GAAAA,CAAIG,aAAaL,uBAAAA,EAAyB;AAC1C,IAAA;AACJ,EAAA;AACA,EAAA,IAAIE,GAAAA,CAAIG,QAAAA,CAASC,QAAAA,CAAS,GAAA,CAAA,EAAM;AAC5B,IAAA,IAAIJ,GAAAA,CAAIG,QAAAA,KAAa,OAAA,IAAWH,GAAAA,CAAIG,aAAa,2CAAA,EAA6C;AAC1F,MAAA;AACJ,IAAA;EACJ,CAAA,MACK;AACD,IAAA,IAAIH,GAAAA,CAAIG,aAAa,WAAA,EAAa;AAC9B,MAAA;AACJ,IAAA;AACA,IAAA,MAAME,YAAAA,GAAeL,GAAAA,CAAIG,QAAAA,CAASG,KAAAA,CAAM,GAAA,CAAA;AACxC,IAAA,MAAMC,OAAAA,2BAAWC,SAAAA,KAAAA;AACb,MAAA,MAAMC,GAAAA,GAAMC,QAAAA,CAASF,SAAAA,EAAW,EAAA,CAAA;AAChC,MAAA,OAAO,CAAA,IAAKC,OAAOA,GAAAA,IAAO,GAAA;IAC9B,CAAA,EAHgB,SAAA,CAAA;AAIhB,IAAA,IAAIJ,YAAAA,CAAa,CAAA,CAAA,KAAO,KAAA,IACpBE,QAAQF,YAAAA,CAAa,CAAA,CAAE,CAAA,IACvBE,OAAAA,CAAQF,aAAa,CAAA,CAAE,KACvBE,OAAAA,CAAQF,YAAAA,CAAa,CAAA,CAAE,CAAA,IACvBA,YAAAA,CAAaM,MAAAA,KAAW,CAAA,EAAG;AAC3B,MAAA;AACJ,IAAA;AACJ,EAAA;AACA,EAAA,MAAM,IAAIC,wBAAAA,CAAyB,CAAA;;;AAGmB,uDAAA,CAAA,EAAA;AAAEX,IAAAA;GAAO,CAAA;AACnE,CAAA,EAnCwB,UAAA,CAAA;;;ACFjB,SAASY,iBAAiBb,GAAAA,EAAG;AAChC,EAAA,OAAO,IAAIc,WAAAA,CAAY;AACnBZ,IAAAA,QAAAA,EAAUF,GAAAA,CAAIE,QAAAA;AACdC,IAAAA,QAAAA,EAAUH,GAAAA,CAAIG,QAAAA;IACdY,IAAAA,EAAMC,MAAAA,CAAOhB,IAAIe,IAAI,CAAA;AACrBE,IAAAA,IAAAA,EAAMjB,GAAAA,CAAIkB,QAAAA;AACVC,IAAAA,KAAAA,EAAOC,KAAAA,CAAMC,IAAAA,CAAKrB,GAAAA,CAAIsB,YAAAA,CAAaC,OAAAA,EAAO,CAAA,CAAIC,MAAAA,CAAO,CAACC,GAAAA,EAAK,CAACC,CAAAA,EAAGC,CAAAA,CAAAA,KAAE;AAC7DF,MAAAA,GAAAA,CAAIC,CAAAA,CAAAA,GAAKC,CAAAA;AACT,MAAA,OAAOF,GAAAA;AACX,IAAA,CAAA,EAAG,EAAC,CAAA;AACJG,IAAAA,QAAAA,EAAU5B,GAAAA,CAAI6B;GAClB,CAAA;AACJ;AAZgBhB,MAAAA,CAAAA,gBAAAA,EAAAA,kBAAAA,CAAAA;AAahB,eAAsBiB,cAAAA,CAAeC,UAAU9B,MAAAA,EAAM;AACjD,EAAA,MAAM+B,MAAAA,GAASC,cAAAA,CAAeF,QAAAA,CAASG,IAAI,CAAA;AAC3C,EAAA,MAAMC,GAAAA,GAAM,MAAMH,MAAAA,CAAOI,iBAAAA,EAAiB;AAC1C,EAAA,IAAIL,QAAAA,CAASM,eAAe,GAAA,EAAK;AAC7B,IAAA,MAAMC,MAAAA,GAASC,IAAAA,CAAKC,KAAAA,CAAML,GAAAA,CAAAA;AAC1B,IAAA,IAAI,OAAOG,MAAAA,CAAOG,WAAAA,KAAgB,QAAA,IAC9B,OAAOH,MAAAA,CAAOI,eAAAA,KAAoB,QAAA,IAClC,OAAOJ,OAAOK,KAAAA,KAAU,QAAA,IACxB,OAAOL,MAAAA,CAAOM,eAAe,QAAA,EAAU;AACvC,MAAA,MAAM,IAAIhC,yBAAyB,gLAAA,EACiE;AAAEX,QAAAA;OAAO,CAAA;AACjH,IAAA;AACA,IAAA,OAAO;AACH4C,MAAAA,WAAAA,EAAaP,MAAAA,CAAOG,WAAAA;AACpBK,MAAAA,eAAAA,EAAiBR,MAAAA,CAAOI,eAAAA;AACxBK,MAAAA,YAAAA,EAAcT,MAAAA,CAAOK,KAAAA;MACrBK,UAAAA,EAAYC,oBAAAA,CAAqBX,OAAOM,UAAU;AACtD,KAAA;AACJ,EAAA;AACA,EAAA,IAAIb,QAAAA,CAASM,UAAAA,IAAc,GAAA,IAAON,QAAAA,CAASM,aAAa,GAAA,EAAK;AACzD,IAAA,IAAIa,aAAa,EAAC;AAClB,IAAA,IAAI;AACAA,MAAAA,UAAAA,GAAaX,IAAAA,CAAKC,MAAML,GAAAA,CAAAA;AAC5B,IAAA,CAAA,CAAA,OACOgB,CAAAA,EAAG;AAAE,IAAA;AACZ,IAAA,MAAMC,OAAOC,MAAAA,CAAO,IAAIzC,yBAAyB,CAAA,8BAAA,EAAiCmB,QAAAA,CAASM,UAAU,CAAA,CAAA,EAAI;AAAEpC,MAAAA;AAAO,KAAA,CAAA,EAAI;AAClHqD,MAAAA,IAAAA,EAAMJ,UAAAA,CAAWI,IAAAA;AACjBC,MAAAA,OAAAA,EAASL,UAAAA,CAAWK;KACxB,CAAA;AACJ,EAAA;AACA,EAAA,MAAM,IAAI3C,wBAAAA,CAAyB,CAAA,8BAAA,EAAiCmB,QAAAA,CAASM,UAAU,CAAA,CAAA,EAAI;AAAEpC,IAAAA;GAAO,CAAA;AACxG;AA/BsB6B,MAAAA,CAAAA,cAAAA,EAAAA,gBAAAA,CAAAA;;;ACjBf,IAAM0B,YAAAA,mBAAe,MAAA,CAAA,CAACC,OAAAA,EAASC,UAAAA,EAAYC,OAAAA,KAAAA;AAC9C,EAAA,OAAO,YAAA;AACH,IAAA,KAAA,IAASC,CAAAA,GAAI,CAAA,EAAGA,CAAAA,GAAIF,UAAAA,EAAY,EAAEE,CAAAA,EAAG;AACjC,MAAA,IAAI;AACA,QAAA,OAAO,MAAMH,OAAAA,EAAAA;AACjB,MAAA,CAAA,CAAA,OACON,CAAAA,EAAG;AACN,QAAA,MAAM,IAAIU,OAAAA,CAAQ,CAACC,YAAYC,UAAAA,CAAWD,OAAAA,EAASH,OAAAA,CAAAA,CAAAA;AACvD,MAAA;AACJ,IAAA;AACA,IAAA,OAAO,MAAMF,OAAAA,EAAAA;AACjB,EAAA,CAAA;AACJ,CAAA,EAZ4B,cAAA,CAAA;;;ACO5B,IAAMO,sCAAAA,GAAyC,wCAAA;AAC/C,IAAMC,uBAAAA,GAA0B,sBAAA;AAChC,IAAMC,kCAAAA,GAAqC,oCAAA;AAC3C,IAAMC,sCAAAA,GAAyC,wCAAA;AAC/C,IAAMC,iCAAAA,GAAoC,mCAAA;AACnC,IAAMC,QAAAA,mBAAW,MAAA,CAAA,CAACC,OAAAA,GAAU,EAAC,KAAC;AACjCA,EAAAA,OAAAA,CAAQrE,MAAAA,EAAQsE,MAAM,8CAAA,CAAA;AACtB,EAAA,IAAIC,IAAAA;AACJ,EAAA,MAAMC,QAAAA,GAAWH,OAAAA,CAAQI,kCAAAA,IAAsCC,OAAAA,CAAQC,IAAIZ,sCAAAA,CAAAA;AAC3E,EAAA,MAAMa,IAAAA,GAAOP,OAAAA,CAAQQ,8BAAAA,IAAkCH,OAAAA,CAAQC,IAAIV,kCAAAA,CAAAA;AACnE,EAAA,MAAMa,KAAAA,GAAQT,OAAAA,CAAQU,8BAAAA,IAAkCL,OAAAA,CAAQC,IAAIR,iCAAAA,CAAAA;AACpE,EAAA,MAAMa,SAAAA,GAAYX,OAAAA,CAAQY,kCAAAA,IAAsCP,OAAAA,CAAQC,IAAIT,sCAAAA,CAAAA;AAC5E,EAAA,MAAMgB,IAAAA,GAAOb,OAAAA,CAAQrE,MAAAA,EAAQ,WAAA,EAAamF,IAAAA,KAAS,YAAA,IAAgB,CAACd,OAAAA,CAAQrE,MAAAA,GAASoF,OAAAA,CAAQF,IAAAA,GAAOb,OAAAA,CAAQrE,MAAAA,CAAOkF,IAAAA;AACnH,EAAA,IAAIV,YAAYI,IAAAA,EAAM;AAClBM,IAAAA,IAAAA,CAAK,6HACD,CAAA;AACJA,IAAAA,IAAAA,CAAK,sDAAA,CAAA;AACT,EAAA;AACA,EAAA,IAAIJ,SAASE,SAAAA,EAAW;AACpBE,IAAAA,IAAAA,CAAK,6HACD,CAAA;AACJA,IAAAA,IAAAA,CAAK,sDAAA,CAAA;AACT,EAAA;AACA,EAAA,IAAIN,IAAAA,EAAM;AACNL,IAAAA,IAAAA,GAAOK,IAAAA;AACX,EAAA,CAAA,MAAA,IACSJ,QAAAA,EAAU;AACfD,IAAAA,IAAAA,GAAO,CAAA,EAAGP,uBAAAA,CAAAA,EAA0BQ,QAAAA,CAAAA,CAAAA;EACxC,CAAA,MACK;AACD,IAAA,MAAM,IAAI7D,wBAAAA,CAAyB,CAAA;AACyC,iFAAA,CAAA,EAAA;AAAEX,MAAAA,MAAAA,EAAQqE,OAAAA,CAAQrE;KAAO,CAAA;AACzG,EAAA;AACA,EAAA,MAAMD,GAAAA,GAAM,IAAIsF,GAAAA,CAAId,IAAAA,CAAAA;AACpBzE,EAAAA,QAAAA,CAASC,GAAAA,EAAKsE,QAAQrE,MAAM,CAAA;AAC5B,EAAA,MAAMsF,cAAAA,GAAiB,IAAIC,eAAAA,CAAgB;AACvCC,IAAAA,cAAAA,EAAgBnB,QAAQoB,OAAAA,IAAW,GAAA;AACnCC,IAAAA,iBAAAA,EAAmBrB,QAAQoB,OAAAA,IAAW;GAC1C,CAAA;AACA,EAAA,OAAOlC,aAAa,YAAA;AAChB,IAAA,MAAMoC,OAAAA,GAAU/E,iBAAiBb,GAAAA,CAAAA;AACjC,IAAA,IAAI+E,KAAAA,EAAO;AACPa,MAAAA,OAAAA,CAAQC,QAAQC,aAAAA,GAAgBf,KAAAA;AACpC,IAAA,CAAA,MAAA,IACSE,SAAAA,EAAW;AAChBW,MAAAA,OAAAA,CAAQC,QAAQC,aAAAA,GAAAA,CAAiB,MAAMC,GAAGC,QAAAA,CAASf,SAAAA,GAAYgB,QAAAA,EAAQ;AAC3E,IAAA;AACA,IAAA,IAAI;AACA,MAAA,MAAMC,MAAAA,GAAS,MAAMX,cAAAA,CAAeY,MAAAA,CAAOP,OAAAA,CAAAA;AAC3C,MAAA,OAAO9D,cAAAA,CAAeoE,MAAAA,CAAOnE,QAAQ,CAAA,CAAEqE,IAAAA,CAAK,CAACC,KAAAA,KAAUC,oBAAAA,CAAqBD,KAAAA,EAAO,kBAAA,EAAoB,GAAA,CAAA,CAAA;AAC3G,IAAA,CAAA,CAAA,OACOlD,CAAAA,EAAG;AACN,MAAA,MAAM,IAAIvC,wBAAAA,CAAyB2F,MAAAA,CAAOpD,CAAAA,CAAAA,EAAI;AAAElD,QAAAA,MAAAA,EAAQqE,OAAAA,CAAQrE;OAAO,CAAA;AAC3E,IAAA;AACJ,EAAA,CAAA,EAAGqE,OAAAA,CAAQZ,UAAAA,IAAc,CAAA,EAAGY,OAAAA,CAAQoB,WAAW,GAAA,CAAA;AACnD,CAAA,EAlDwB,UAAA","file":"WBKUP4MX.js","sourcesContent":["import { CredentialsProviderError } from \"@smithy/property-provider\";\nconst LOOPBACK_CIDR_IPv4 = \"127.0.0.0/8\";\nconst LOOPBACK_CIDR_IPv6 = \"::1/128\";\nconst ECS_CONTAINER_HOST = \"169.254.170.2\";\nconst EKS_CONTAINER_HOST_IPv4 = \"169.254.170.23\";\nconst EKS_CONTAINER_HOST_IPv6 = \"[fd00:ec2::23]\";\nexport const checkUrl = (url, logger) => {\n    if (url.protocol === \"https:\") {\n        return;\n    }\n    if (url.hostname === ECS_CONTAINER_HOST ||\n        url.hostname === EKS_CONTAINER_HOST_IPv4 ||\n        url.hostname === EKS_CONTAINER_HOST_IPv6) {\n        return;\n    }\n    if (url.hostname.includes(\"[\")) {\n        if (url.hostname === \"[::1]\" || url.hostname === \"[0000:0000:0000:0000:0000:0000:0000:0001]\") {\n            return;\n        }\n    }\n    else {\n        if (url.hostname === \"localhost\") {\n            return;\n        }\n        const ipComponents = url.hostname.split(\".\");\n        const inRange = (component) => {\n            const num = parseInt(component, 10);\n            return 0 <= num && num <= 255;\n        };\n        if (ipComponents[0] === \"127\" &&\n            inRange(ipComponents[1]) &&\n            inRange(ipComponents[2]) &&\n            inRange(ipComponents[3]) &&\n            ipComponents.length === 4) {\n            return;\n        }\n    }\n    throw new CredentialsProviderError(`URL not accepted. It must either be HTTPS or match one of the following:\n  - loopback CIDR 127.0.0.0/8 or [::1/128]\n  - ECS container host 169.254.170.2\n  - EKS container host 169.254.170.23 or [fd00:ec2::23]`, { logger });\n};\n","import { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { HttpRequest } from \"@smithy/protocol-http\";\nimport { parseRfc3339DateTime } from \"@smithy/smithy-client\";\nimport { sdkStreamMixin } from \"@smithy/util-stream\";\nexport function createGetRequest(url) {\n    return new HttpRequest({\n        protocol: url.protocol,\n        hostname: url.hostname,\n        port: Number(url.port),\n        path: url.pathname,\n        query: Array.from(url.searchParams.entries()).reduce((acc, [k, v]) => {\n            acc[k] = v;\n            return acc;\n        }, {}),\n        fragment: url.hash,\n    });\n}\nexport async function getCredentials(response, logger) {\n    const stream = sdkStreamMixin(response.body);\n    const str = await stream.transformToString();\n    if (response.statusCode === 200) {\n        const parsed = JSON.parse(str);\n        if (typeof parsed.AccessKeyId !== \"string\" ||\n            typeof parsed.SecretAccessKey !== \"string\" ||\n            typeof parsed.Token !== \"string\" ||\n            typeof parsed.Expiration !== \"string\") {\n            throw new CredentialsProviderError(\"HTTP credential provider response not of the required format, an object matching: \" +\n                \"{ AccessKeyId: string, SecretAccessKey: string, Token: string, Expiration: string(rfc3339) }\", { logger });\n        }\n        return {\n            accessKeyId: parsed.AccessKeyId,\n            secretAccessKey: parsed.SecretAccessKey,\n            sessionToken: parsed.Token,\n            expiration: parseRfc3339DateTime(parsed.Expiration),\n        };\n    }\n    if (response.statusCode >= 400 && response.statusCode < 500) {\n        let parsedBody = {};\n        try {\n            parsedBody = JSON.parse(str);\n        }\n        catch (e) { }\n        throw Object.assign(new CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger }), {\n            Code: parsedBody.Code,\n            Message: parsedBody.Message,\n        });\n    }\n    throw new CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger });\n}\n","export const retryWrapper = (toRetry, maxRetries, delayMs) => {\n    return async () => {\n        for (let i = 0; i < maxRetries; ++i) {\n            try {\n                return await toRetry();\n            }\n            catch (e) {\n                await new Promise((resolve) => setTimeout(resolve, delayMs));\n            }\n        }\n        return await toRetry();\n    };\n};\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nimport { NodeHttpHandler } from \"@smithy/node-http-handler\";\nimport { CredentialsProviderError } from \"@smithy/property-provider\";\nimport fs from \"fs/promises\";\nimport { checkUrl } from \"./checkUrl\";\nimport { createGetRequest, getCredentials } from \"./requestHelpers\";\nimport { retryWrapper } from \"./retry-wrapper\";\nconst AWS_CONTAINER_CREDENTIALS_RELATIVE_URI = \"AWS_CONTAINER_CREDENTIALS_RELATIVE_URI\";\nconst DEFAULT_LINK_LOCAL_HOST = \"http://169.254.170.2\";\nconst AWS_CONTAINER_CREDENTIALS_FULL_URI = \"AWS_CONTAINER_CREDENTIALS_FULL_URI\";\nconst AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE = \"AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE\";\nconst AWS_CONTAINER_AUTHORIZATION_TOKEN = \"AWS_CONTAINER_AUTHORIZATION_TOKEN\";\nexport const fromHttp = (options = {}) => {\n    options.logger?.debug(\"@aws-sdk/credential-provider-http - fromHttp\");\n    let host;\n    const relative = options.awsContainerCredentialsRelativeUri ?? process.env[AWS_CONTAINER_CREDENTIALS_RELATIVE_URI];\n    const full = options.awsContainerCredentialsFullUri ?? process.env[AWS_CONTAINER_CREDENTIALS_FULL_URI];\n    const token = options.awsContainerAuthorizationToken ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN];\n    const tokenFile = options.awsContainerAuthorizationTokenFile ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE];\n    const warn = options.logger?.constructor?.name === \"NoOpLogger\" || !options.logger ? console.warn : options.logger.warn;\n    if (relative && full) {\n        warn(\"@aws-sdk/credential-provider-http: \" +\n            \"you have set both awsContainerCredentialsRelativeUri and awsContainerCredentialsFullUri.\");\n        warn(\"awsContainerCredentialsFullUri will take precedence.\");\n    }\n    if (token && tokenFile) {\n        warn(\"@aws-sdk/credential-provider-http: \" +\n            \"you have set both awsContainerAuthorizationToken and awsContainerAuthorizationTokenFile.\");\n        warn(\"awsContainerAuthorizationToken will take precedence.\");\n    }\n    if (full) {\n        host = full;\n    }\n    else if (relative) {\n        host = `${DEFAULT_LINK_LOCAL_HOST}${relative}`;\n    }\n    else {\n        throw new CredentialsProviderError(`No HTTP credential provider host provided.\nSet AWS_CONTAINER_CREDENTIALS_FULL_URI or AWS_CONTAINER_CREDENTIALS_RELATIVE_URI.`, { logger: options.logger });\n    }\n    const url = new URL(host);\n    checkUrl(url, options.logger);\n    const requestHandler = new NodeHttpHandler({\n        requestTimeout: options.timeout ?? 1000,\n        connectionTimeout: options.timeout ?? 1000,\n    });\n    return retryWrapper(async () => {\n        const request = createGetRequest(url);\n        if (token) {\n            request.headers.Authorization = token;\n        }\n        else if (tokenFile) {\n            request.headers.Authorization = (await fs.readFile(tokenFile)).toString();\n        }\n        try {\n            const result = await requestHandler.handle(request);\n            return getCredentials(result.response).then((creds) => setCredentialFeature(creds, \"CREDENTIALS_HTTP\", \"z\"));\n        }\n        catch (e) {\n            throw new CredentialsProviderError(String(e), { logger: options.logger });\n        }\n    }, options.maxRetries ?? 3, options.timeout ?? 1000);\n};\n"]}

package/dist/XH4FQTBY.cjs

@@ -0,0 +1,62 @@
+'use strict';
+
+// ../../node_modules/.pnpm/@smithy+types@4.3.2/node_modules/@smithy/types/dist-es/middleware.js
+var SMITHY_CONTEXT_KEY = "__smithy_context";
+
+// ../../node_modules/.pnpm/@smithy+types@4.3.2/node_modules/@smithy/types/dist-es/auth/auth.js
+var HttpAuthLocation;
+(function(HttpAuthLocation2) {
+  HttpAuthLocation2["HEADER"] = "header";
+  HttpAuthLocation2["QUERY"] = "query";
+})(HttpAuthLocation || (HttpAuthLocation = {}));
+
+// ../../node_modules/.pnpm/@smithy+types@4.3.2/node_modules/@smithy/types/dist-es/auth/HttpApiKeyAuth.js
+var HttpApiKeyAuthLocation;
+(function(HttpApiKeyAuthLocation2) {
+  HttpApiKeyAuthLocation2["HEADER"] = "header";
+  HttpApiKeyAuthLocation2["QUERY"] = "query";
+})(HttpApiKeyAuthLocation || (HttpApiKeyAuthLocation = {}));
+
+// ../../node_modules/.pnpm/@smithy+types@4.3.2/node_modules/@smithy/types/dist-es/endpoint.js
+exports.EndpointURLScheme = void 0;
+(function(EndpointURLScheme2) {
+  EndpointURLScheme2["HTTP"] = "http";
+  EndpointURLScheme2["HTTPS"] = "https";
+})(exports.EndpointURLScheme || (exports.EndpointURLScheme = {}));
+
+// ../../node_modules/.pnpm/@smithy+types@4.3.2/node_modules/@smithy/types/dist-es/extensions/checksum.js
+exports.AlgorithmId = void 0;
+(function(AlgorithmId2) {
+  AlgorithmId2["MD5"] = "md5";
+  AlgorithmId2["CRC32"] = "crc32";
+  AlgorithmId2["CRC32C"] = "crc32c";
+  AlgorithmId2["SHA1"] = "sha1";
+  AlgorithmId2["SHA256"] = "sha256";
+})(exports.AlgorithmId || (exports.AlgorithmId = {}));
+
+// ../../node_modules/.pnpm/@smithy+types@4.3.2/node_modules/@smithy/types/dist-es/http.js
+var FieldPosition;
+(function(FieldPosition2) {
+  FieldPosition2[FieldPosition2["HEADER"] = 0] = "HEADER";
+  FieldPosition2[FieldPosition2["TRAILER"] = 1] = "TRAILER";
+})(FieldPosition || (FieldPosition = {}));
+
+// ../../node_modules/.pnpm/@smithy+types@4.3.2/node_modules/@smithy/types/dist-es/profile.js
+exports.IniSectionType = void 0;
+(function(IniSectionType2) {
+  IniSectionType2["PROFILE"] = "profile";
+  IniSectionType2["SSO_SESSION"] = "sso-session";
+  IniSectionType2["SERVICES"] = "services";
+})(exports.IniSectionType || (exports.IniSectionType = {}));
+
+// ../../node_modules/.pnpm/@smithy+types@4.3.2/node_modules/@smithy/types/dist-es/transfer.js
+var RequestHandlerProtocol;
+(function(RequestHandlerProtocol2) {
+  RequestHandlerProtocol2["HTTP_0_9"] = "http/0.9";
+  RequestHandlerProtocol2["HTTP_1_0"] = "http/1.0";
+  RequestHandlerProtocol2["TDS_8_0"] = "tds/8.0";
+})(RequestHandlerProtocol || (RequestHandlerProtocol = {}));
+
+exports.SMITHY_CONTEXT_KEY = SMITHY_CONTEXT_KEY;
+//# sourceMappingURL=XH4FQTBY.cjs.map
+//# sourceMappingURL=XH4FQTBY.cjs.map