@layerzerolabs/vm-tooling 0.2.8 → 0.2.10

package/dist/{QTKMYYBJ.js → 77VFG7S6.js}

@@ -1,5 +1,5 @@
-import { getCombinationId } from './RT6XP6RO.js';
-import { findToolVersionsForCombination } from './7GBZAO4Q.js';
+import { getCombinationId } from './WSGRZJVU.js';
+import { findToolVersionsForCombination } from './KWRJPB5T.js';
 import { init_esm_shims, __name } from './6AHA7PAZ.js';
 
 // src/display/formatters.ts
@@ -16,5 +16,5 @@ function formatVersionCombination(context, combination, isDefault) {
 __name(formatVersionCombination, "formatVersionCombination");
 
 export { formatVersionCombination };
-//# sourceMappingURL=QTKMYYBJ.js.map
-//# sourceMappingURL=QTKMYYBJ.js.map
+//# sourceMappingURL=77VFG7S6.js.map
+//# sourceMappingURL=77VFG7S6.js.map

package/dist/{QTKMYYBJ.js.map → 77VFG7S6.js.map}

@@ -1 +1 @@
-{"version":3,"sources":["../src/display/formatters.ts"],"names":["formatVersionCombination","context","combination","isDefault","tools","Object","entries","findToolVersionsForCombination","filter","_","version","undefined","map","tool","join","badges","stable","description","Boolean","getCombinationId"],"mappings":";;;;;AAEA,cAAA,EAAA;AAMO,SAASA,wBAAAA,CACZC,OAAAA,EACAC,WAAAA,EACAC,SAAAA,EAAmB;AAEnB,EAAA,MAAMC,KAAAA,GAAQC,MAAAA,CAAOC,OAAAA,CAAQC,8BAAAA,CAA+BN,OAAAA,EAASC,WAAAA,CAAAA,CAAAA,CAChEM,MAAAA,CAAO,CAAC,CAACC,CAAAA,EAAGC,OAAAA,CAAAA,KAAaA,OAAAA,KAAYC,MAAAA,CAAAA,CACrCC,GAAAA,CAAI,CAAC,CAACC,IAAAA,EAAMH,OAAAA,CAAAA,KAAa,CAAA,EAAGG,IAAAA,CAAAA,CAAAA,EAAQH,OAAAA,CAAAA,CAAS,CAAA,CAC7CI,KAAK,IAAA,CAAA;AAEV,EAAA,MAAMC,MAAAA,GAAS;AACXZ,IAAAA,SAAAA,GAAY,mBAAA,GAAe,IAAA;AAC3BD,IAAAA,WAAAA,CAAYc,SAAS,eAAA,GAAa,IAAA;IAClCd,WAAAA,CAAYe;IAEXT,MAAAA,CAAOU,OAAAA,CAAAA,CACPJ,IAAAA,CAAK,GAAA,CAAA;AAEV,EAAA,OAAO,CAAA,EAAA,EAAKK,iBAAiBlB,OAAAA,EAASC,WAAAA,CAAAA,CAAAA,EAAAA,EAAiBE,KAAAA,IAASW,MAAAA,CAAAA,CAAAA;AACpE;AAnBgBf,MAAAA,CAAAA,wBAAAA,EAAAA,0BAAAA,CAAAA","file":"QTKMYYBJ.js","sourcesContent":["import type { VersionCombination } from '../config';\nimport type { ChainContext } from '../context';\nimport { getCombinationId } from '../utils';\nimport { findToolVersionsForCombination } from '../utils/finder';\n\n/**\n * Format version combinations for display\n */\nexport function formatVersionCombination<TImageId extends string>(\n    context: ChainContext<TImageId>,\n    combination: VersionCombination<TImageId>,\n    isDefault?: boolean,\n): string {\n    const tools = Object.entries(findToolVersionsForCombination(context, combination))\n        .filter(([_, version]) => version !== undefined)\n        .map(([tool, version]) => `${tool}:${version}`)\n        .join(', ');\n\n    const badges = [\n        isDefault ? '🎯 Default' : null,\n        combination.stable ? '✅ Stable' : null,\n        combination.description,\n    ]\n        .filter(Boolean)\n        .join(' ');\n\n    return `  ${getCombinationId(context, combination)}: ${tools} ${badges}`;\n}\n"]}
+{"version":3,"sources":["../src/display/formatters.ts"],"names":["formatVersionCombination","context","combination","isDefault","tools","Object","entries","findToolVersionsForCombination","filter","_","version","undefined","map","tool","join","badges","stable","description","Boolean","getCombinationId"],"mappings":";;;;;AAEA,cAAA,EAAA;AAMO,SAASA,wBAAAA,CACZC,OAAAA,EACAC,WAAAA,EACAC,SAAAA,EAAmB;AAEnB,EAAA,MAAMC,KAAAA,GAAQC,MAAAA,CAAOC,OAAAA,CAAQC,8BAAAA,CAA+BN,OAAAA,EAASC,WAAAA,CAAAA,CAAAA,CAChEM,MAAAA,CAAO,CAAC,CAACC,CAAAA,EAAGC,OAAAA,CAAAA,KAAaA,OAAAA,KAAYC,MAAAA,CAAAA,CACrCC,GAAAA,CAAI,CAAC,CAACC,IAAAA,EAAMH,OAAAA,CAAAA,KAAa,CAAA,EAAGG,IAAAA,CAAAA,CAAAA,EAAQH,OAAAA,CAAAA,CAAS,CAAA,CAC7CI,KAAK,IAAA,CAAA;AAEV,EAAA,MAAMC,MAAAA,GAAS;AACXZ,IAAAA,SAAAA,GAAY,mBAAA,GAAe,IAAA;AAC3BD,IAAAA,WAAAA,CAAYc,SAAS,eAAA,GAAa,IAAA;IAClCd,WAAAA,CAAYe;IAEXT,MAAAA,CAAOU,OAAAA,CAAAA,CACPJ,IAAAA,CAAK,GAAA,CAAA;AAEV,EAAA,OAAO,CAAA,EAAA,EAAKK,iBAAiBlB,OAAAA,EAASC,WAAAA,CAAAA,CAAAA,EAAAA,EAAiBE,KAAAA,IAASW,MAAAA,CAAAA,CAAAA;AACpE;AAnBgBf,MAAAA,CAAAA,wBAAAA,EAAAA,0BAAAA,CAAAA","file":"77VFG7S6.js","sourcesContent":["import type { VersionCombination } from '../config';\nimport type { ChainContext } from '../context';\nimport { getCombinationId } from '../utils';\nimport { findToolVersionsForCombination } from '../utils/finder';\n\n/**\n * Format version combinations for display\n */\nexport function formatVersionCombination<TImageId extends string>(\n    context: ChainContext<TImageId>,\n    combination: VersionCombination<TImageId>,\n    isDefault?: boolean,\n): string {\n    const tools = Object.entries(findToolVersionsForCombination(context, combination))\n        .filter(([_, version]) => version !== undefined)\n        .map(([tool, version]) => `${tool}:${version}`)\n        .join(', ');\n\n    const badges = [\n        isDefault ? '🎯 Default' : null,\n        combination.stable ? '✅ Stable' : null,\n        combination.description,\n    ]\n        .filter(Boolean)\n        .join(' ');\n\n    return `  ${getCombinationId(context, combination)}: ${tools} ${badges}`;\n}\n"]}

package/dist/{45KBPE2A.cjs → 7O5SJUXT.cjs}

@@ -46,7 +46,7 @@ _24WEKBY3_cjs.init_cjs_shims();
 // ../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/getSsoOidcClient.js
 _24WEKBY3_cjs.init_cjs_shims();
 var getSsoOidcClient = /* @__PURE__ */ _24WEKBY3_cjs.__name(async (ssoRegion, init = {}) => {
-  const { SSOOIDCClient } = await import('./P2D6TBR2.cjs');
+  const { SSOOIDCClient } = await import('./634Q3MUX.cjs');
   const ssoOidcClient = new SSOOIDCClient(Object.assign({}, init.clientConfig ?? {}, {
     region: ssoRegion ?? init.clientConfig?.region,
     logger: init.clientConfig?.logger ?? init.parentClientConfig?.logger
@@ -56,7 +56,7 @@ var getSsoOidcClient = /* @__PURE__ */ _24WEKBY3_cjs.__name(async (ssoRegion, in
 
 // ../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/getNewSsoOidcToken.js
 var getNewSsoOidcToken = /* @__PURE__ */ _24WEKBY3_cjs.__name(async (ssoToken, ssoRegion, init = {}) => {
-  const { CreateTokenCommand } = await import('./P2D6TBR2.cjs');
+  const { CreateTokenCommand } = await import('./634Q3MUX.cjs');
   const ssoOidcClient = await getSsoOidcClient(ssoRegion, init);
   return ssoOidcClient.send(new CreateTokenCommand({
     clientId: ssoToken.clientId,
@@ -213,7 +213,7 @@ var resolveSSOCredentials = /* @__PURE__ */ _24WEKBY3_cjs.__name(async ({ ssoSta
     });
   }
   const { accessToken } = token;
-  const { SSOClient, GetRoleCredentialsCommand } = await import('./PAU3G3SR.cjs');
+  const { SSOClient, GetRoleCredentialsCommand } = await import('./5IOOBAVX.cjs');
   const sso = ssoClient || new SSOClient(Object.assign({}, clientConfig ?? {}, {
     logger: clientConfig?.logger ?? parentClientConfig?.logger,
     region: clientConfig?.region ?? ssoRegion
@@ -350,5 +350,5 @@ _24WEKBY3_cjs.init_cjs_shims();
 exports.fromSSO = fromSSO;
 exports.isSsoProfile = isSsoProfile;
 exports.validateSsoProfile = validateSsoProfile;
-//# sourceMappingURL=45KBPE2A.cjs.map
-//# sourceMappingURL=45KBPE2A.cjs.map
+//# sourceMappingURL=7O5SJUXT.cjs.map
+//# sourceMappingURL=7O5SJUXT.cjs.map

package/dist/{45KBPE2A.cjs.map → 7O5SJUXT.cjs.map}

@@ -1 +1 @@
-{"version":3,"sources":["../../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/index.js","../../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/fromSSO.js","../../../node_modules/.pnpm/@smithy+property-provider@4.2.5/node_modules/@smithy/property-provider/dist-es/TokenProviderError.js","../../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/isSsoProfile.js","../../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/resolveSSOCredentials.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/fromSso.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/constants.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/getNewSsoOidcToken.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/getSsoOidcClient.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/validateTokenExpiry.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/validateTokenKey.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/writeSSOTokenToFile.js","../../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/validateSsoProfile.js","../../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/types.js"],"names":["init_cjs_shims","TokenProviderError","ProviderError","name","message","options","Object","setPrototypeOf","prototype","isSsoProfile","arg","sso_start_url","sso_account_id","sso_session","sso_region","sso_role_name","EXPIRE_WINDOW_MS","REFRESH_MESSAGE","getSsoOidcClient","__name","ssoRegion","init","SSOOIDCClient","ssoOidcClient","assign","clientConfig","region","logger","parentClientConfig","getNewSsoOidcToken","ssoToken","CreateTokenCommand","send","clientId","clientSecret","refreshToken","grantType","validateTokenExpiry","token","expiration","getTime","Date","now","validateTokenKey","key","value","forRefresh","writeFile","fsPromises","writeSSOTokenToFile","id","tokenFilepath","getSSOTokenFilepath","tokenString","JSON","stringify","lastRefreshAttemptTime","fromSso","_init","callerClientConfig","debug","profiles","parseKnownFiles","profileName","getProfileName","profile","ssoSessionName","ssoSessions","loadSsoSessionData","ssoSession","ssoSessionRequiredKey","getSSOTokenFromFile","e","accessToken","expiresAt","existingToken","setTime","newSsoOidcToken","expiresIn","newTokenExpiration","toISOString","error","SHOULD_FAIL_CREDENTIAL_CHAIN","resolveSSOCredentials","ssoStartUrl","ssoAccountId","ssoRoleName","ssoClient","refreshMessage","_token","getSsoTokenProvider","CredentialsProviderError","tryNextLink","SSOClient","GetRoleCredentialsCommand","sso","ssoResp","accountId","roleName","roleCredentials","accessKeyId","secretAccessKey","sessionToken","credentialScope","credentials","setCredentialFeature","validateSsoProfile","keys","join","fromSSO","session","conflictMsg"],"mappings":";;;;;;;;;AAAAA,4BAAA,EAAA;;;ACAAA,4BAAA,EAAA;;;ACAAA,4BAAA,EAAA;AACO,IAAMC,kBAAAA,GAAN,MAAMA,mBAAAA,SAA2BC,0BAAAA,CAAAA;EADxC;;;EAEIC,IAAAA,GAAO,oBAAA;EACP,WAAA,CAAYC,OAAAA,EAASC,UAAU,IAAA,EAAM;AACjC,IAAA,KAAA,CAAMD,SAASC,OAAAA,CAAAA;AACfC,IAAAA,MAAAA,CAAOC,cAAAA,CAAe,IAAA,EAAMN,mBAAAA,CAAmBO,SAAS,CAAA;AAC5D,EAAA;AACJ,CAAA;;;ACPAR,4BAAA,EAAA;AAAO,IAAMS,YAAAA,yCAAgBC,GAAAA,KAAQA,GAAAA,KAChC,OAAOA,GAAAA,CAAIC,aAAAA,KAAkB,QAAA,IAC1B,OAAOD,GAAAA,CAAIE,cAAAA,KAAmB,YAC9B,OAAOF,GAAAA,CAAIG,WAAAA,KAAgB,QAAA,IAC3B,OAAOH,GAAAA,CAAII,eAAe,QAAA,IAC1B,OAAOJ,GAAAA,CAAIK,aAAAA,KAAkB,QAAA,CAAA,EALT,cAAA;;;ACA5Bf,4BAAA,EAAA;;;ACAAA,4BAAA,EAAA;;;ACAAA,4BAAA,EAAA;AAAO,IAAMgB,gBAAAA,GAAmB,IAAI,EAAA,GAAK,GAAA;AAClC,IAAMC,eAAAA,GAAkB,CAAA,+EAAA,CAAA;;;ACD/BjB,4BAAA,EAAA;;;ACAAA,4BAAA,EAAA;AAAO,IAAMkB,gBAAAA,mBAAmBC,oBAAA,CAAA,OAAOC,SAAAA,EAAWC,IAAAA,GAAO,EAAC,KAAC;AACvD,EAAA,MAAM,EAAEC,aAAAA,EAAa,GAAK,MAAM,OAAO,gBAAA,CAAA;AACvC,EAAA,MAAMC,aAAAA,GAAgB,IAAID,aAAAA,CAAchB,MAAAA,CAAOkB,MAAAA,CAAO,EAAC,EAAGH,IAAAA,CAAKI,YAAAA,IAAgB,EAAC,EAAG;IAC/EC,MAAAA,EAAQN,SAAAA,IAAaC,KAAKI,YAAAA,EAAcC,MAAAA;AACxCC,IAAAA,MAAAA,EAAQN,IAAAA,CAAKI,YAAAA,EAAcE,MAAAA,IAAUN,IAAAA,CAAKO,kBAAAA,EAAoBD;AAClE,GAAA,CAAA,CAAA;AACA,EAAA,OAAOJ,aAAAA;AACX,CAAA,EAPgC,kBAAA,CAAA;;;ADCzB,IAAMM,qCAAqBV,oBAAA,CAAA,OAAOW,QAAAA,EAAUV,SAAAA,EAAWC,IAAAA,GAAO,EAAC,KAAC;AACnE,EAAA,MAAM,EAAEU,kBAAAA,EAAkB,GAAK,MAAM,OAAO,gBAAA,CAAA;AAC5C,EAAA,MAAMR,aAAAA,GAAgB,MAAML,gBAAAA,CAAiBE,SAAAA,EAAWC,IAAAA,CAAAA;AACxD,EAAA,OAAOE,aAAAA,CAAcS,IAAAA,CAAK,IAAID,kBAAAA,CAAmB;AAC7CE,IAAAA,QAAAA,EAAUH,QAAAA,CAASG,QAAAA;AACnBC,IAAAA,YAAAA,EAAcJ,QAAAA,CAASI,YAAAA;AACvBC,IAAAA,YAAAA,EAAcL,QAAAA,CAASK,YAAAA;IACvBC,SAAAA,EAAW;AACf,GAAA,CAAA,CAAA;AACJ,CAAA,EATkC,oBAAA,CAAA;;;AEDlCpC,4BAAA,EAAA;AAEO,IAAMqC,mBAAAA,yCAAuBC,KAAAA,KAAAA;AAChC,EAAA,IAAIA,KAAAA,CAAMC,cAAcD,KAAAA,CAAMC,UAAAA,CAAWC,SAAO,GAAKC,IAAAA,CAAKC,KAAG,EAAI;AAC7D,IAAA,MAAM,IAAIzC,kBAAAA,CAAmB,CAAA,kBAAA,EAAqBgB,eAAAA,IAAmB,KAAA,CAAA;AACzE,EAAA;AACJ,CAAA,EAJmC,qBAAA,CAAA;;;ACFnCjB,4BAAA,EAAA;AAEO,IAAM2C,gBAAAA,mBAAmBxB,oBAAA,CAAA,CAACyB,GAAAA,EAAKC,KAAAA,EAAOC,aAAa,KAAA,KAAK;AAC3D,EAAA,IAAI,OAAOD,UAAU,WAAA,EAAa;AAC9B,IAAA,MAAM,IAAI5C,kBAAAA,CAAmB,CAAA,uBAAA,EAA0B2C,GAAAA,CAAAA,cAAAA,EAAoBE,UAAAA,GAAa,kBAAA,GAAqB,EAAA,CAAA,EAAA,EAAO7B,eAAAA,CAAAA,CAAAA,EAAmB,KAAA,CAAA;AAC3I,EAAA;AACJ,CAAA,EAJgC,kBAAA,CAAA;;;ACFhCjB,4BAAA,EAAA;AAEA,IAAM,EAAE+C,WAAS,GAAKC,WAAAA;AACf,IAAMC,mBAAAA,mBAAsB9B,oBAAA,CAAA,CAAC+B,EAAAA,EAAIpB,QAAAA,KAAAA;AACpC,EAAA,MAAMqB,aAAAA,GAAgBC,iCAAoBF,EAAAA,CAAAA;AAC1C,EAAA,MAAMG,WAAAA,GAAcC,IAAAA,CAAKC,SAAAA,CAAUzB,QAAAA,EAAU,MAAM,CAAA,CAAA;AACnD,EAAA,OAAOiB,SAAAA,CAAUI,eAAeE,WAAAA,CAAAA;AACpC,CAAA,EAJmC,qBAAA,CAAA;;;ANInC,IAAMG,sBAAAA,mBAAyB,IAAIf,IAAAA,CAAK,CAAA,CAAA;AACjC,IAAMgB,OAAAA,mBAAUtC,oBAAA,CAAA,CAACuC,KAAAA,GAAQ,EAAC,KAAM,OAAO,EAAEC,kBAAAA,EAAkB,GAAK,EAAC,KAAC;AACrE,EAAA,MAAMtC,IAAAA,GAAO;IACT,GAAGqC,KAAAA;IACH9B,kBAAAA,EAAoB;MAChB,GAAG+B,kBAAAA;AACH,MAAA,GAAGD,KAAAA,CAAM9B;AACb;AACJ,GAAA;AACAP,EAAAA,IAAAA,CAAKM,MAAAA,EAAQiC,MAAM,oCAAA,CAAA;AACnB,EAAA,MAAMC,QAAAA,GAAW,MAAMC,4BAAAA,CAAgBzC,IAAAA,CAAAA;AACvC,EAAA,MAAM0C,cAAcC,2BAAAA,CAAe;IAC/BC,OAAAA,EAAS5C,IAAAA,CAAK4C,WAAWN,kBAAAA,EAAoBM;GACjD,CAAA;AACA,EAAA,MAAMA,OAAAA,GAAUJ,SAASE,WAAAA,CAAAA;AACzB,EAAA,IAAI,CAACE,OAAAA,EAAS;AACV,IAAA,MAAM,IAAIhE,kBAAAA,CAAmB,CAAA,SAAA,EAAY8D,WAAAA,oDAA+D,KAAA,CAAA;EAC5G,CAAA,MAAA,IACS,CAACE,OAAAA,CAAQ,aAAA,CAAA,EAAgB;AAC9B,IAAA,MAAM,IAAIhE,kBAAAA,CAAmB,CAAA,SAAA,EAAY8D,WAAAA,CAAAA,6CAAAA,CAA0D,CAAA;AACvG,EAAA;AACA,EAAA,MAAMG,cAAAA,GAAiBD,QAAQ,aAAA,CAAA;AAC/B,EAAA,MAAME,WAAAA,GAAc,MAAMC,+BAAAA,CAAmB/C,IAAAA,CAAAA;AAC7C,EAAA,MAAMgD,UAAAA,GAAaF,YAAYD,cAAAA,CAAAA;AAC/B,EAAA,IAAI,CAACG,UAAAA,EAAY;AACb,IAAA,MAAM,IAAIpE,kBAAAA,CAAmB,CAAA,aAAA,EAAgBiE,cAAAA,oDAAkE,KAAA,CAAA;AACnH,EAAA;AACA,EAAA,KAAA,MAAWI,qBAAAA,IAAyB;AAAC,IAAA,eAAA;AAAiB,IAAA;AAAe,GAAA,EAAA;AACjE,IAAA,IAAI,CAACD,UAAAA,CAAWC,qBAAAA,CAAAA,EAAwB;AACpC,MAAA,MAAM,IAAIrE,kBAAAA,CAAmB,CAAA,aAAA,EAAgBiE,cAAAA,CAAAA,gCAAAA,EAAiDI,qBAAAA,MAA2B,KAAA,CAAA;AAC7H,IAAA;AACJ,EAAA;AACA,EAAoBD,WAAW,eAAA;AAC/B,EAAA,MAAMjD,SAAAA,GAAYiD,WAAW,YAAA,CAAA;AAC7B,EAAA,IAAIvC,QAAAA;AACJ,EAAA,IAAI;AACAA,IAAAA,QAAAA,GAAW,MAAMyC,iCAAoBL,cAAAA,CAAAA;AACzC,EAAA,CAAA,CAAA,OACOM,CAAAA,EAAG;AACN,IAAA,MAAM,IAAIvE,kBAAAA,CAAmB,CAAA,8CAAA,EAAiD8D,WAAAA,CAAAA,8BAAAA,EAA4C9C,eAAAA,IAAmB,KAAA,CAAA;AACjJ,EAAA;AACA0B,EAAAA,gBAAAA,CAAiB,aAAA,EAAeb,SAAS2C,WAAW,CAAA;AACpD9B,EAAAA,gBAAAA,CAAiB,WAAA,EAAab,SAAS4C,SAAS,CAAA;AAChD,EAAA,MAAM,EAAED,WAAAA,EAAaC,SAAAA,EAAS,GAAK5C,QAAAA;AACnC,EAAA,MAAM6C,aAAAA,GAAgB;IAAErC,KAAAA,EAAOmC,WAAAA;IAAalC,UAAAA,EAAY,IAAIE,KAAKiC,SAAAA;AAAW,GAAA;AAC5E,EAAA,IAAIC,cAAcpC,UAAAA,CAAWC,OAAAA,KAAYC,IAAAA,CAAKC,GAAAA,KAAQ1B,gBAAAA,EAAkB;AACpE,IAAA,OAAO2D,aAAAA;AACX,EAAA;AACA,EAAA,IAAIlC,KAAKC,GAAAA,EAAG,GAAKc,uBAAuBhB,OAAAA,EAAO,GAAK,KAAK,GAAA,EAAM;AAC3DH,IAAAA,mBAAAA,CAAoBsC,aAAAA,CAAAA;AACpB,IAAA,OAAOA,aAAAA;AACX,EAAA;AACAhC,EAAAA,gBAAAA,CAAiB,UAAA,EAAYb,QAAAA,CAASG,QAAAA,EAAU,IAAA,CAAA;AAChDU,EAAAA,gBAAAA,CAAiB,cAAA,EAAgBb,QAAAA,CAASI,YAAAA,EAAc,IAAA,CAAA;AACxDS,EAAAA,gBAAAA,CAAiB,cAAA,EAAgBb,QAAAA,CAASK,YAAAA,EAAc,IAAA,CAAA;AACxD,EAAA,IAAI;AACAqB,IAAAA,sBAAAA,CAAuBoB,OAAAA,CAAQnC,IAAAA,CAAKC,GAAAA,EAAG,CAAA;AACvC,IAAA,MAAMmC,eAAAA,GAAkB,MAAMhD,kBAAAA,CAAmBC,QAAAA,EAAUV,WAAWC,IAAAA,CAAAA;AACtEsB,IAAAA,gBAAAA,CAAiB,aAAA,EAAekC,gBAAgBJ,WAAW,CAAA;AAC3D9B,IAAAA,gBAAAA,CAAiB,WAAA,EAAakC,gBAAgBC,SAAS,CAAA;AACvD,IAAA,MAAMC,kBAAAA,GAAqB,IAAItC,IAAAA,CAAKA,IAAAA,CAAKC,KAAG,GAAKmC,eAAAA,CAAgBC,YAAY,GAAA,CAAA;AAC7E,IAAA,IAAI;AACA,MAAA,MAAM7B,oBAAoBiB,cAAAA,EAAgB;QACtC,GAAGpC,QAAAA;AACH2C,QAAAA,WAAAA,EAAaI,eAAAA,CAAgBJ,WAAAA;AAC7BC,QAAAA,SAAAA,EAAWK,mBAAmBC,WAAAA,EAAW;AACzC7C,QAAAA,YAAAA,EAAc0C,eAAAA,CAAgB1C;OAClC,CAAA;AACJ,IAAA,CAAA,CAAA,OACO8C,KAAAA,EAAO;AACd,IAAA;AACA,IAAA,OAAO;AACH3C,MAAAA,KAAAA,EAAOuC,eAAAA,CAAgBJ,WAAAA;MACvBlC,UAAAA,EAAYwC;AAChB,KAAA;AACJ,EAAA,CAAA,CAAA,OACOE,KAAAA,EAAO;AACV5C,IAAAA,mBAAAA,CAAoBsC,aAAAA,CAAAA;AACpB,IAAA,OAAOA,aAAAA;AACX,EAAA;AACJ,CAAA,EA/EuB,SAAA,CAAA;;;ADJvB,IAAMO,4BAAAA,GAA+B,KAAA;AAC9B,IAAMC,qBAAAA,mBAAwBhE,oBAAA,CAAA,OAAO,EAAEiE,WAAAA,EAAaf,UAAAA,EAAYgB,YAAAA,EAAcjE,SAAAA,EAAWkE,WAAAA,EAAaC,SAAAA,EAAW9D,YAAAA,EAAcG,kBAAAA,EAAoBqC,OAAAA,EAAStC,QAAM,KAAG;AACxK,EAAA,IAAIW,KAAAA;AACJ,EAAA,MAAMkD,cAAAA,GAAiB,CAAA,6EAAA,CAAA;AACvB,EAAA,IAAInB,UAAAA,EAAY;AACZ,IAAA,IAAI;AACA,MAAA,MAAMoB,MAAAA,GAAS,MAAMC,OAAAA,CAAoB;AAAEzB,QAAAA;AAAQ,OAAA,CAAA,EAAA;AACnD3B,MAAAA,KAAAA,GAAQ;AACJmC,QAAAA,WAAAA,EAAagB,MAAAA,CAAOnD,KAAAA;AACpBoC,QAAAA,SAAAA,EAAW,IAAIjC,IAAAA,CAAKgD,MAAAA,CAAOlD,UAAU,EAAEyC,WAAAA;AAC3C,OAAA;AACJ,IAAA,CAAA,CAAA,OACOR,CAAAA,EAAG;AACN,MAAA,MAAM,IAAImB,qCAAAA,CAAyBnB,CAAAA,CAAEpE,OAAAA,EAAS;QAC1CwF,WAAAA,EAAaV,4BAAAA;AACbvD,QAAAA;OACJ,CAAA;AACJ,IAAA;EACJ,CAAA,MACK;AACD,IAAA,IAAI;AACAW,MAAAA,KAAAA,GAAQ,MAAMiC,iCAAoBa,WAAAA,CAAAA;AACtC,IAAA,CAAA,CAAA,OACOZ,CAAAA,EAAG;AACN,MAAA,MAAM,IAAImB,qCAAAA,CAAyB,CAAA,yDAAA,EAA4DH,cAAAA,CAAAA,CAAAA,EAAkB;QAC7GI,WAAAA,EAAaV,4BAAAA;AACbvD,QAAAA;OACJ,CAAA;AACJ,IAAA;AACJ,EAAA;AACA,EAAA,IAAI,IAAIc,IAAAA,CAAKH,KAAAA,CAAMoC,SAAS,CAAA,CAAElC,SAAO,GAAKC,IAAAA,CAAKC,GAAAA,EAAG,IAAM,CAAA,EAAG;AACvD,IAAA,MAAM,IAAIiD,qCAAAA,CAAyB,CAAA,0DAAA,EAA6DH,cAAAA,CAAAA,CAAAA,EAAkB;MAC9GI,WAAAA,EAAaV,4BAAAA;AACbvD,MAAAA;KACJ,CAAA;AACJ,EAAA;AACA,EAAA,MAAM,EAAE8C,aAAW,GAAKnC,KAAAA;AACxB,EAAA,MAAM,EAAEuD,SAAAA,EAAWC,yBAAAA,EAAyB,GAAK,MAAM,OAAO,gBAAA,CAAA;AAC9D,EAAA,MAAMC,GAAAA,GAAMR,SAAAA,IACR,IAAIM,SAAAA,CAAUvF,MAAAA,CAAOkB,OAAO,EAAC,EAAGC,YAAAA,IAAgB,EAAC,EAAG;IAChDE,MAAAA,EAAQF,YAAAA,EAAcE,UAAUC,kBAAAA,EAAoBD,MAAAA;AACpDD,IAAAA,MAAAA,EAAQD,cAAcC,MAAAA,IAAUN;AACpC,GAAA,CAAA,CAAA;AACJ,EAAA,IAAI4E,OAAAA;AACJ,EAAA,IAAI;AACAA,IAAAA,OAAAA,GAAU,MAAMD,GAAAA,CAAI/D,IAAAA,CAAK,IAAI8D,yBAAAA,CAA0B;MACnDG,SAAAA,EAAWZ,YAAAA;MACXa,QAAAA,EAAUZ,WAAAA;AACVb,MAAAA;AACJ,KAAA,CAAA,CAAA;AACJ,EAAA,CAAA,CAAA,OACOD,CAAAA,EAAG;AACN,IAAA,MAAM,IAAImB,sCAAyBnB,CAAAA,EAAG;MAClCoB,WAAAA,EAAaV,4BAAAA;AACbvD,MAAAA;KACJ,CAAA;AACJ,EAAA;AACA,EAAA,MAAM,EAAEwE,eAAAA,EAAiB,EAAEC,WAAAA,EAAaC,eAAAA,EAAiBC,YAAAA,EAAc/D,UAAAA,EAAYgE,eAAAA,EAAiBN,SAAAA,EAAS,GAAK,EAAC,EAAC,GAAMD,OAAAA;AAC1H,EAAA,IAAI,CAACI,WAAAA,IAAe,CAACC,mBAAmB,CAACC,YAAAA,IAAgB,CAAC/D,UAAAA,EAAY;AAClE,IAAA,MAAM,IAAIoD,sCAAyB,8CAAA,EAAgD;MAC/EC,WAAAA,EAAaV,4BAAAA;AACbvD,MAAAA;KACJ,CAAA;AACJ,EAAA;AACA,EAAA,MAAM6E,WAAAA,GAAc;AAChBJ,IAAAA,WAAAA;AACAC,IAAAA,eAAAA;AACAC,IAAAA,YAAAA;IACA/D,UAAAA,EAAY,IAAIE,KAAKF,UAAAA,CAAAA;AACrB,IAAA,GAAIgE,eAAAA,IAAmB;AAAEA,MAAAA;AAAgB,KAAA;AACzC,IAAA,GAAIN,SAAAA,IAAa;AAAEA,MAAAA;AAAU;AACjC,GAAA;AACA,EAAA,IAAI5B,UAAAA,EAAY;AACZoC,IAAAA,kCAAAA,CAAqBD,WAAAA,EAAa,mBAAmB,GAAA,CAAA;EACzD,CAAA,MACK;AACDC,IAAAA,kCAAAA,CAAqBD,WAAAA,EAAa,0BAA0B,GAAA,CAAA;AAChE,EAAA;AACA,EAAA,OAAOA,WAAAA;AACX,CAAA,EA9EqC,uBAAA,CAAA;;;AQLrCxG,4BAAA,EAAA;AACO,IAAM0G,kBAAAA,mBAAqBvF,oBAAA,CAAA,CAAC8C,OAAAA,EAAStC,MAAAA,KAAAA;AACxC,EAAA,MAAM,EAAEhB,aAAAA,EAAeC,cAAAA,EAAgBE,UAAAA,EAAYC,eAAa,GAAKkD,OAAAA;AACrE,EAAA,IAAI,CAACtD,aAAAA,IAAiB,CAACC,kBAAkB,CAACE,UAAAA,IAAc,CAACC,aAAAA,EAAe;AACpE,IAAA,MAAM,IAAI4E,sCAAyB,CAAA,8IAAA,EACwBrF,MAAAA,CAAOqG,KAAK1C,OAAAA,CAAAA,CAAS2C,IAAAA,CAAK,IAAA,CAAA;AAA6F,kFAAA,CAAA,EAAA;MAAEhB,WAAAA,EAAa,KAAA;AAAOjE,MAAAA;KAAO,CAAA;AACnN,EAAA;AACA,EAAA,OAAOsC,OAAAA;AACX,CAAA,EAPkC,oBAAA;;;AXI3B,IAAM4C,OAAAA,mBAAU1F,oBAAA,CAAA,CAACE,IAAAA,GAAO,EAAC,KAAM,OAAO,EAAEsC,kBAAAA,EAAkB,GAAK,EAAC,KAAC;AACpEtC,EAAAA,IAAAA,CAAKM,MAAAA,EAAQiC,MAAM,4CAAA,CAAA;AACnB,EAAA,MAAM,EAAEwB,WAAAA,EAAaC,YAAAA,EAAcjE,SAAAA,EAAWkE,WAAAA,EAAajB,YAAU,GAAKhD,IAAAA;AAC1E,EAAA,MAAM,EAAEkE,WAAS,GAAKlE,IAAAA;AACtB,EAAA,MAAM0C,cAAcC,2BAAAA,CAAe;IAC/BC,OAAAA,EAAS5C,IAAAA,CAAK4C,WAAWN,kBAAAA,EAAoBM;GACjD,CAAA;AACA,EAAA,IAAI,CAACmB,eAAe,CAACC,YAAAA,IAAgB,CAACjE,SAAAA,IAAa,CAACkE,WAAAA,IAAe,CAACjB,UAAAA,EAAY;AAC5E,IAAA,MAAMR,QAAAA,GAAW,MAAMC,4BAAAA,CAAgBzC,IAAAA,CAAAA;AACvC,IAAA,MAAM4C,OAAAA,GAAUJ,SAASE,WAAAA,CAAAA;AACzB,IAAA,IAAI,CAACE,OAAAA,EAAS;AACV,MAAA,MAAM,IAAI0B,qCAAAA,CAAyB,CAAA,QAAA,EAAW5B,WAAAA,CAAAA,eAAAA,CAAAA,EAA8B;AAAEpC,QAAAA,MAAAA,EAAQN,IAAAA,CAAKM;OAAO,CAAA;AACtG,IAAA;AACA,IAAA,IAAI,CAAClB,YAAAA,CAAawD,OAAAA,CAAAA,EAAU;AACxB,MAAA,MAAM,IAAI0B,qCAAAA,CAAyB,CAAA,QAAA,EAAW5B,WAAAA,CAAAA,wCAAAA,CAAAA,EAAuD;AACjGpC,QAAAA,MAAAA,EAAQN,IAAAA,CAAKM;OACjB,CAAA;AACJ,IAAA;AACA,IAAA,IAAIsC,SAASpD,WAAAA,EAAa;AACtB,MAAA,MAAMsD,WAAAA,GAAc,MAAMC,+BAAAA,CAAmB/C,IAAAA,CAAAA;AAC7C,MAAA,MAAMyF,OAAAA,GAAU3C,WAAAA,CAAYF,OAAAA,CAAQpD,WAAW,CAAA;AAC/C,MAAA,MAAMkG,WAAAA,GAAc,CAAA,2BAAA,EAA8BhD,WAAAA,CAAAA,iBAAAA,EAA+BE,QAAQpD,WAAW,CAAA,CAAA;AACpG,MAAA,IAAIO,SAAAA,IAAaA,SAAAA,KAAc0F,OAAAA,CAAQhG,UAAAA,EAAY;AAC/C,QAAA,MAAM,IAAI6E,qCAAAA,CAAyB,CAAA,sBAAA,CAAA,GAA2BoB,WAAAA,EAAa;UACvEnB,WAAAA,EAAa,KAAA;AACbjE,UAAAA,MAAAA,EAAQN,IAAAA,CAAKM;SACjB,CAAA;AACJ,MAAA;AACA,MAAA,IAAIyD,WAAAA,IAAeA,WAAAA,KAAgB0B,OAAAA,CAAQnG,aAAAA,EAAe;AACtD,QAAA,MAAM,IAAIgF,qCAAAA,CAAyB,CAAA,yBAAA,CAAA,GAA8BoB,WAAAA,EAAa;UAC1EnB,WAAAA,EAAa,KAAA;AACbjE,UAAAA,MAAAA,EAAQN,IAAAA,CAAKM;SACjB,CAAA;AACJ,MAAA;AACAsC,MAAAA,OAAAA,CAAQnD,aAAagG,OAAAA,CAAQhG,UAAAA;AAC7BmD,MAAAA,OAAAA,CAAQtD,gBAAgBmG,OAAAA,CAAQnG,aAAAA;AACpC,IAAA;AACA,IAAA,MAAM,EAAEA,aAAAA,EAAeC,cAAAA,EAAgBE,UAAAA,EAAYC,aAAAA,EAAeF,aAAW,GAAK6F,kBAAAA,CAAmBzC,OAAAA,EAAS5C,IAAAA,CAAKM,MAAM,CAAA;AACzH,IAAA,OAAOwD,qBAAAA,CAAsB;MACzBC,WAAAA,EAAazE,aAAAA;MACb0D,UAAAA,EAAYxD,WAAAA;MACZwE,YAAAA,EAAczE,cAAAA;MACdQ,SAAAA,EAAWN,UAAAA;MACXwE,WAAAA,EAAavE,aAAAA;AACbwE,MAAAA,SAAAA;AACA9D,MAAAA,YAAAA,EAAcJ,IAAAA,CAAKI,YAAAA;AACnBG,MAAAA,kBAAAA,EAAoBP,IAAAA,CAAKO,kBAAAA;MACzBqC,OAAAA,EAASF;KACb,CAAA;AACJ,EAAA,CAAA,MAAA,IACS,CAACqB,WAAAA,IAAe,CAACC,gBAAgB,CAACjE,SAAAA,IAAa,CAACkE,WAAAA,EAAa;AAClE,IAAA,MAAM,IAAIK,sCAAyB,8HAAA,EAC8B;MAAEC,WAAAA,EAAa,KAAA;AAAOjE,MAAAA,MAAAA,EAAQN,IAAAA,CAAKM;KAAO,CAAA;EAC/G,CAAA,MACK;AACD,IAAA,OAAOwD,qBAAAA,CAAsB;AACzBC,MAAAA,WAAAA;AACAf,MAAAA,UAAAA;AACAgB,MAAAA,YAAAA;AACAjE,MAAAA,SAAAA;AACAkE,MAAAA,WAAAA;AACAC,MAAAA,SAAAA;AACA9D,MAAAA,YAAAA,EAAcJ,IAAAA,CAAKI,YAAAA;AACnBG,MAAAA,kBAAAA,EAAoBP,IAAAA,CAAKO,kBAAAA;MACzBqC,OAAAA,EAASF;KACb,CAAA;AACJ,EAAA;AACJ,CAAA,EAnEuB,SAAA;;;AYLvB/D,4BAAA,EAAA","file":"45KBPE2A.cjs","sourcesContent":["export * from \"./fromSSO\";\nexport * from \"./isSsoProfile\";\nexport * from \"./types\";\nexport * from \"./validateSsoProfile\";\n","import { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { getProfileName, loadSsoSessionData, parseKnownFiles } from \"@smithy/shared-ini-file-loader\";\nimport { isSsoProfile } from \"./isSsoProfile\";\nimport { resolveSSOCredentials } from \"./resolveSSOCredentials\";\nimport { validateSsoProfile } from \"./validateSsoProfile\";\nexport const fromSSO = (init = {}) => async ({ callerClientConfig } = {}) => {\n    init.logger?.debug(\"@aws-sdk/credential-provider-sso - fromSSO\");\n    const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoSession } = init;\n    const { ssoClient } = init;\n    const profileName = getProfileName({\n        profile: init.profile ?? callerClientConfig?.profile,\n    });\n    if (!ssoStartUrl && !ssoAccountId && !ssoRegion && !ssoRoleName && !ssoSession) {\n        const profiles = await parseKnownFiles(init);\n        const profile = profiles[profileName];\n        if (!profile) {\n            throw new CredentialsProviderError(`Profile ${profileName} was not found.`, { logger: init.logger });\n        }\n        if (!isSsoProfile(profile)) {\n            throw new CredentialsProviderError(`Profile ${profileName} is not configured with SSO credentials.`, {\n                logger: init.logger,\n            });\n        }\n        if (profile?.sso_session) {\n            const ssoSessions = await loadSsoSessionData(init);\n            const session = ssoSessions[profile.sso_session];\n            const conflictMsg = ` configurations in profile ${profileName} and sso-session ${profile.sso_session}`;\n            if (ssoRegion && ssoRegion !== session.sso_region) {\n                throw new CredentialsProviderError(`Conflicting SSO region` + conflictMsg, {\n                    tryNextLink: false,\n                    logger: init.logger,\n                });\n            }\n            if (ssoStartUrl && ssoStartUrl !== session.sso_start_url) {\n                throw new CredentialsProviderError(`Conflicting SSO start_url` + conflictMsg, {\n                    tryNextLink: false,\n                    logger: init.logger,\n                });\n            }\n            profile.sso_region = session.sso_region;\n            profile.sso_start_url = session.sso_start_url;\n        }\n        const { sso_start_url, sso_account_id, sso_region, sso_role_name, sso_session } = validateSsoProfile(profile, init.logger);\n        return resolveSSOCredentials({\n            ssoStartUrl: sso_start_url,\n            ssoSession: sso_session,\n            ssoAccountId: sso_account_id,\n            ssoRegion: sso_region,\n            ssoRoleName: sso_role_name,\n            ssoClient: ssoClient,\n            clientConfig: init.clientConfig,\n            parentClientConfig: init.parentClientConfig,\n            profile: profileName,\n        });\n    }\n    else if (!ssoStartUrl || !ssoAccountId || !ssoRegion || !ssoRoleName) {\n        throw new CredentialsProviderError(\"Incomplete configuration. The fromSSO() argument hash must include \" +\n            '\"ssoStartUrl\", \"ssoAccountId\", \"ssoRegion\", \"ssoRoleName\"', { tryNextLink: false, logger: init.logger });\n    }\n    else {\n        return resolveSSOCredentials({\n            ssoStartUrl,\n            ssoSession,\n            ssoAccountId,\n            ssoRegion,\n            ssoRoleName,\n            ssoClient,\n            clientConfig: init.clientConfig,\n            parentClientConfig: init.parentClientConfig,\n            profile: profileName,\n        });\n    }\n};\n","import { ProviderError } from \"./ProviderError\";\nexport class TokenProviderError extends ProviderError {\n    name = \"TokenProviderError\";\n    constructor(message, options = true) {\n        super(message, options);\n        Object.setPrototypeOf(this, TokenProviderError.prototype);\n    }\n}\n","export const isSsoProfile = (arg) => arg &&\n    (typeof arg.sso_start_url === \"string\" ||\n        typeof arg.sso_account_id === \"string\" ||\n        typeof arg.sso_session === \"string\" ||\n        typeof arg.sso_region === \"string\" ||\n        typeof arg.sso_role_name === \"string\");\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nimport { fromSso as getSsoTokenProvider } from \"@aws-sdk/token-providers\";\nimport { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { getSSOTokenFromFile } from \"@smithy/shared-ini-file-loader\";\nconst SHOULD_FAIL_CREDENTIAL_CHAIN = false;\nexport const resolveSSOCredentials = async ({ ssoStartUrl, ssoSession, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, clientConfig, parentClientConfig, profile, logger, }) => {\n    let token;\n    const refreshMessage = `To refresh this SSO session run aws sso login with the corresponding profile.`;\n    if (ssoSession) {\n        try {\n            const _token = await getSsoTokenProvider({ profile })();\n            token = {\n                accessToken: _token.token,\n                expiresAt: new Date(_token.expiration).toISOString(),\n            };\n        }\n        catch (e) {\n            throw new CredentialsProviderError(e.message, {\n                tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n                logger,\n            });\n        }\n    }\n    else {\n        try {\n            token = await getSSOTokenFromFile(ssoStartUrl);\n        }\n        catch (e) {\n            throw new CredentialsProviderError(`The SSO session associated with this profile is invalid. ${refreshMessage}`, {\n                tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n                logger,\n            });\n        }\n    }\n    if (new Date(token.expiresAt).getTime() - Date.now() <= 0) {\n        throw new CredentialsProviderError(`The SSO session associated with this profile has expired. ${refreshMessage}`, {\n            tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n            logger,\n        });\n    }\n    const { accessToken } = token;\n    const { SSOClient, GetRoleCredentialsCommand } = await import(\"./loadSso\");\n    const sso = ssoClient ||\n        new SSOClient(Object.assign({}, clientConfig ?? {}, {\n            logger: clientConfig?.logger ?? parentClientConfig?.logger,\n            region: clientConfig?.region ?? ssoRegion,\n        }));\n    let ssoResp;\n    try {\n        ssoResp = await sso.send(new GetRoleCredentialsCommand({\n            accountId: ssoAccountId,\n            roleName: ssoRoleName,\n            accessToken,\n        }));\n    }\n    catch (e) {\n        throw new CredentialsProviderError(e, {\n            tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n            logger,\n        });\n    }\n    const { roleCredentials: { accessKeyId, secretAccessKey, sessionToken, expiration, credentialScope, accountId } = {}, } = ssoResp;\n    if (!accessKeyId || !secretAccessKey || !sessionToken || !expiration) {\n        throw new CredentialsProviderError(\"SSO returns an invalid temporary credential.\", {\n            tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n            logger,\n        });\n    }\n    const credentials = {\n        accessKeyId,\n        secretAccessKey,\n        sessionToken,\n        expiration: new Date(expiration),\n        ...(credentialScope && { credentialScope }),\n        ...(accountId && { accountId }),\n    };\n    if (ssoSession) {\n        setCredentialFeature(credentials, \"CREDENTIALS_SSO\", \"s\");\n    }\n    else {\n        setCredentialFeature(credentials, \"CREDENTIALS_SSO_LEGACY\", \"u\");\n    }\n    return credentials;\n};\n","import { TokenProviderError } from \"@smithy/property-provider\";\nimport { getProfileName, getSSOTokenFromFile, loadSsoSessionData, parseKnownFiles, } from \"@smithy/shared-ini-file-loader\";\nimport { EXPIRE_WINDOW_MS, REFRESH_MESSAGE } from \"./constants\";\nimport { getNewSsoOidcToken } from \"./getNewSsoOidcToken\";\nimport { validateTokenExpiry } from \"./validateTokenExpiry\";\nimport { validateTokenKey } from \"./validateTokenKey\";\nimport { writeSSOTokenToFile } from \"./writeSSOTokenToFile\";\nconst lastRefreshAttemptTime = new Date(0);\nexport const fromSso = (_init = {}) => async ({ callerClientConfig } = {}) => {\n    const init = {\n        ..._init,\n        parentClientConfig: {\n            ...callerClientConfig,\n            ..._init.parentClientConfig,\n        },\n    };\n    init.logger?.debug(\"@aws-sdk/token-providers - fromSso\");\n    const profiles = await parseKnownFiles(init);\n    const profileName = getProfileName({\n        profile: init.profile ?? callerClientConfig?.profile,\n    });\n    const profile = profiles[profileName];\n    if (!profile) {\n        throw new TokenProviderError(`Profile '${profileName}' could not be found in shared credentials file.`, false);\n    }\n    else if (!profile[\"sso_session\"]) {\n        throw new TokenProviderError(`Profile '${profileName}' is missing required property 'sso_session'.`);\n    }\n    const ssoSessionName = profile[\"sso_session\"];\n    const ssoSessions = await loadSsoSessionData(init);\n    const ssoSession = ssoSessions[ssoSessionName];\n    if (!ssoSession) {\n        throw new TokenProviderError(`Sso session '${ssoSessionName}' could not be found in shared credentials file.`, false);\n    }\n    for (const ssoSessionRequiredKey of [\"sso_start_url\", \"sso_region\"]) {\n        if (!ssoSession[ssoSessionRequiredKey]) {\n            throw new TokenProviderError(`Sso session '${ssoSessionName}' is missing required property '${ssoSessionRequiredKey}'.`, false);\n        }\n    }\n    const ssoStartUrl = ssoSession[\"sso_start_url\"];\n    const ssoRegion = ssoSession[\"sso_region\"];\n    let ssoToken;\n    try {\n        ssoToken = await getSSOTokenFromFile(ssoSessionName);\n    }\n    catch (e) {\n        throw new TokenProviderError(`The SSO session token associated with profile=${profileName} was not found or is invalid. ${REFRESH_MESSAGE}`, false);\n    }\n    validateTokenKey(\"accessToken\", ssoToken.accessToken);\n    validateTokenKey(\"expiresAt\", ssoToken.expiresAt);\n    const { accessToken, expiresAt } = ssoToken;\n    const existingToken = { token: accessToken, expiration: new Date(expiresAt) };\n    if (existingToken.expiration.getTime() - Date.now() > EXPIRE_WINDOW_MS) {\n        return existingToken;\n    }\n    if (Date.now() - lastRefreshAttemptTime.getTime() < 30 * 1000) {\n        validateTokenExpiry(existingToken);\n        return existingToken;\n    }\n    validateTokenKey(\"clientId\", ssoToken.clientId, true);\n    validateTokenKey(\"clientSecret\", ssoToken.clientSecret, true);\n    validateTokenKey(\"refreshToken\", ssoToken.refreshToken, true);\n    try {\n        lastRefreshAttemptTime.setTime(Date.now());\n        const newSsoOidcToken = await getNewSsoOidcToken(ssoToken, ssoRegion, init);\n        validateTokenKey(\"accessToken\", newSsoOidcToken.accessToken);\n        validateTokenKey(\"expiresIn\", newSsoOidcToken.expiresIn);\n        const newTokenExpiration = new Date(Date.now() + newSsoOidcToken.expiresIn * 1000);\n        try {\n            await writeSSOTokenToFile(ssoSessionName, {\n                ...ssoToken,\n                accessToken: newSsoOidcToken.accessToken,\n                expiresAt: newTokenExpiration.toISOString(),\n                refreshToken: newSsoOidcToken.refreshToken,\n            });\n        }\n        catch (error) {\n        }\n        return {\n            token: newSsoOidcToken.accessToken,\n            expiration: newTokenExpiration,\n        };\n    }\n    catch (error) {\n        validateTokenExpiry(existingToken);\n        return existingToken;\n    }\n};\n","export const EXPIRE_WINDOW_MS = 5 * 60 * 1000;\nexport const REFRESH_MESSAGE = `To refresh this SSO session run 'aws sso login' with the corresponding profile.`;\n","import { getSsoOidcClient } from \"./getSsoOidcClient\";\nexport const getNewSsoOidcToken = async (ssoToken, ssoRegion, init = {}) => {\n    const { CreateTokenCommand } = await import(\"@aws-sdk/nested-clients/sso-oidc\");\n    const ssoOidcClient = await getSsoOidcClient(ssoRegion, init);\n    return ssoOidcClient.send(new CreateTokenCommand({\n        clientId: ssoToken.clientId,\n        clientSecret: ssoToken.clientSecret,\n        refreshToken: ssoToken.refreshToken,\n        grantType: \"refresh_token\",\n    }));\n};\n","export const getSsoOidcClient = async (ssoRegion, init = {}) => {\n    const { SSOOIDCClient } = await import(\"@aws-sdk/nested-clients/sso-oidc\");\n    const ssoOidcClient = new SSOOIDCClient(Object.assign({}, init.clientConfig ?? {}, {\n        region: ssoRegion ?? init.clientConfig?.region,\n        logger: init.clientConfig?.logger ?? init.parentClientConfig?.logger,\n    }));\n    return ssoOidcClient;\n};\n","import { TokenProviderError } from \"@smithy/property-provider\";\nimport { REFRESH_MESSAGE } from \"./constants\";\nexport const validateTokenExpiry = (token) => {\n    if (token.expiration && token.expiration.getTime() < Date.now()) {\n        throw new TokenProviderError(`Token is expired. ${REFRESH_MESSAGE}`, false);\n    }\n};\n","import { TokenProviderError } from \"@smithy/property-provider\";\nimport { REFRESH_MESSAGE } from \"./constants\";\nexport const validateTokenKey = (key, value, forRefresh = false) => {\n    if (typeof value === \"undefined\") {\n        throw new TokenProviderError(`Value not present for '${key}' in SSO Token${forRefresh ? \". Cannot refresh\" : \"\"}. ${REFRESH_MESSAGE}`, false);\n    }\n};\n","import { getSSOTokenFilepath } from \"@smithy/shared-ini-file-loader\";\nimport { promises as fsPromises } from \"fs\";\nconst { writeFile } = fsPromises;\nexport const writeSSOTokenToFile = (id, ssoToken) => {\n    const tokenFilepath = getSSOTokenFilepath(id);\n    const tokenString = JSON.stringify(ssoToken, null, 2);\n    return writeFile(tokenFilepath, tokenString);\n};\n","import { CredentialsProviderError } from \"@smithy/property-provider\";\nexport const validateSsoProfile = (profile, logger) => {\n    const { sso_start_url, sso_account_id, sso_region, sso_role_name } = profile;\n    if (!sso_start_url || !sso_account_id || !sso_region || !sso_role_name) {\n        throw new CredentialsProviderError(`Profile is configured with invalid SSO credentials. Required parameters \"sso_account_id\", ` +\n            `\"sso_region\", \"sso_role_name\", \"sso_start_url\". Got ${Object.keys(profile).join(\", \")}\\nReference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html`, { tryNextLink: false, logger });\n    }\n    return profile;\n};\n","export {};\n"]}
+{"version":3,"sources":["../../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/index.js","../../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/fromSSO.js","../../../node_modules/.pnpm/@smithy+property-provider@4.2.5/node_modules/@smithy/property-provider/dist-es/TokenProviderError.js","../../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/isSsoProfile.js","../../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/resolveSSOCredentials.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/fromSso.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/constants.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/getNewSsoOidcToken.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/getSsoOidcClient.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/validateTokenExpiry.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/validateTokenKey.js","../../../node_modules/.pnpm/@aws-sdk+token-providers@3.879.0/node_modules/@aws-sdk/token-providers/dist-es/writeSSOTokenToFile.js","../../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/validateSsoProfile.js","../../../node_modules/.pnpm/@aws-sdk+credential-provider-sso@3.879.0/node_modules/@aws-sdk/credential-provider-sso/dist-es/types.js"],"names":["init_cjs_shims","TokenProviderError","ProviderError","name","message","options","Object","setPrototypeOf","prototype","isSsoProfile","arg","sso_start_url","sso_account_id","sso_session","sso_region","sso_role_name","EXPIRE_WINDOW_MS","REFRESH_MESSAGE","getSsoOidcClient","__name","ssoRegion","init","SSOOIDCClient","ssoOidcClient","assign","clientConfig","region","logger","parentClientConfig","getNewSsoOidcToken","ssoToken","CreateTokenCommand","send","clientId","clientSecret","refreshToken","grantType","validateTokenExpiry","token","expiration","getTime","Date","now","validateTokenKey","key","value","forRefresh","writeFile","fsPromises","writeSSOTokenToFile","id","tokenFilepath","getSSOTokenFilepath","tokenString","JSON","stringify","lastRefreshAttemptTime","fromSso","_init","callerClientConfig","debug","profiles","parseKnownFiles","profileName","getProfileName","profile","ssoSessionName","ssoSessions","loadSsoSessionData","ssoSession","ssoSessionRequiredKey","getSSOTokenFromFile","e","accessToken","expiresAt","existingToken","setTime","newSsoOidcToken","expiresIn","newTokenExpiration","toISOString","error","SHOULD_FAIL_CREDENTIAL_CHAIN","resolveSSOCredentials","ssoStartUrl","ssoAccountId","ssoRoleName","ssoClient","refreshMessage","_token","getSsoTokenProvider","CredentialsProviderError","tryNextLink","SSOClient","GetRoleCredentialsCommand","sso","ssoResp","accountId","roleName","roleCredentials","accessKeyId","secretAccessKey","sessionToken","credentialScope","credentials","setCredentialFeature","validateSsoProfile","keys","join","fromSSO","session","conflictMsg"],"mappings":";;;;;;;;;AAAAA,4BAAA,EAAA;;;ACAAA,4BAAA,EAAA;;;ACAAA,4BAAA,EAAA;AACO,IAAMC,kBAAAA,GAAN,MAAMA,mBAAAA,SAA2BC,0BAAAA,CAAAA;EADxC;;;EAEIC,IAAAA,GAAO,oBAAA;EACP,WAAA,CAAYC,OAAAA,EAASC,UAAU,IAAA,EAAM;AACjC,IAAA,KAAA,CAAMD,SAASC,OAAAA,CAAAA;AACfC,IAAAA,MAAAA,CAAOC,cAAAA,CAAe,IAAA,EAAMN,mBAAAA,CAAmBO,SAAS,CAAA;AAC5D,EAAA;AACJ,CAAA;;;ACPAR,4BAAA,EAAA;AAAO,IAAMS,YAAAA,yCAAgBC,GAAAA,KAAQA,GAAAA,KAChC,OAAOA,GAAAA,CAAIC,aAAAA,KAAkB,QAAA,IAC1B,OAAOD,GAAAA,CAAIE,cAAAA,KAAmB,YAC9B,OAAOF,GAAAA,CAAIG,WAAAA,KAAgB,QAAA,IAC3B,OAAOH,GAAAA,CAAII,eAAe,QAAA,IAC1B,OAAOJ,GAAAA,CAAIK,aAAAA,KAAkB,QAAA,CAAA,EALT,cAAA;;;ACA5Bf,4BAAA,EAAA;;;ACAAA,4BAAA,EAAA;;;ACAAA,4BAAA,EAAA;AAAO,IAAMgB,gBAAAA,GAAmB,IAAI,EAAA,GAAK,GAAA;AAClC,IAAMC,eAAAA,GAAkB,CAAA,+EAAA,CAAA;;;ACD/BjB,4BAAA,EAAA;;;ACAAA,4BAAA,EAAA;AAAO,IAAMkB,gBAAAA,mBAAmBC,oBAAA,CAAA,OAAOC,SAAAA,EAAWC,IAAAA,GAAO,EAAC,KAAC;AACvD,EAAA,MAAM,EAAEC,aAAAA,EAAa,GAAK,MAAM,OAAO,gBAAA,CAAA;AACvC,EAAA,MAAMC,aAAAA,GAAgB,IAAID,aAAAA,CAAchB,MAAAA,CAAOkB,MAAAA,CAAO,EAAC,EAAGH,IAAAA,CAAKI,YAAAA,IAAgB,EAAC,EAAG;IAC/EC,MAAAA,EAAQN,SAAAA,IAAaC,KAAKI,YAAAA,EAAcC,MAAAA;AACxCC,IAAAA,MAAAA,EAAQN,IAAAA,CAAKI,YAAAA,EAAcE,MAAAA,IAAUN,IAAAA,CAAKO,kBAAAA,EAAoBD;AAClE,GAAA,CAAA,CAAA;AACA,EAAA,OAAOJ,aAAAA;AACX,CAAA,EAPgC,kBAAA,CAAA;;;ADCzB,IAAMM,qCAAqBV,oBAAA,CAAA,OAAOW,QAAAA,EAAUV,SAAAA,EAAWC,IAAAA,GAAO,EAAC,KAAC;AACnE,EAAA,MAAM,EAAEU,kBAAAA,EAAkB,GAAK,MAAM,OAAO,gBAAA,CAAA;AAC5C,EAAA,MAAMR,aAAAA,GAAgB,MAAML,gBAAAA,CAAiBE,SAAAA,EAAWC,IAAAA,CAAAA;AACxD,EAAA,OAAOE,aAAAA,CAAcS,IAAAA,CAAK,IAAID,kBAAAA,CAAmB;AAC7CE,IAAAA,QAAAA,EAAUH,QAAAA,CAASG,QAAAA;AACnBC,IAAAA,YAAAA,EAAcJ,QAAAA,CAASI,YAAAA;AACvBC,IAAAA,YAAAA,EAAcL,QAAAA,CAASK,YAAAA;IACvBC,SAAAA,EAAW;AACf,GAAA,CAAA,CAAA;AACJ,CAAA,EATkC,oBAAA,CAAA;;;AEDlCpC,4BAAA,EAAA;AAEO,IAAMqC,mBAAAA,yCAAuBC,KAAAA,KAAAA;AAChC,EAAA,IAAIA,KAAAA,CAAMC,cAAcD,KAAAA,CAAMC,UAAAA,CAAWC,SAAO,GAAKC,IAAAA,CAAKC,KAAG,EAAI;AAC7D,IAAA,MAAM,IAAIzC,kBAAAA,CAAmB,CAAA,kBAAA,EAAqBgB,eAAAA,IAAmB,KAAA,CAAA;AACzE,EAAA;AACJ,CAAA,EAJmC,qBAAA,CAAA;;;ACFnCjB,4BAAA,EAAA;AAEO,IAAM2C,gBAAAA,mBAAmBxB,oBAAA,CAAA,CAACyB,GAAAA,EAAKC,KAAAA,EAAOC,aAAa,KAAA,KAAK;AAC3D,EAAA,IAAI,OAAOD,UAAU,WAAA,EAAa;AAC9B,IAAA,MAAM,IAAI5C,kBAAAA,CAAmB,CAAA,uBAAA,EAA0B2C,GAAAA,CAAAA,cAAAA,EAAoBE,UAAAA,GAAa,kBAAA,GAAqB,EAAA,CAAA,EAAA,EAAO7B,eAAAA,CAAAA,CAAAA,EAAmB,KAAA,CAAA;AAC3I,EAAA;AACJ,CAAA,EAJgC,kBAAA,CAAA;;;ACFhCjB,4BAAA,EAAA;AAEA,IAAM,EAAE+C,WAAS,GAAKC,WAAAA;AACf,IAAMC,mBAAAA,mBAAsB9B,oBAAA,CAAA,CAAC+B,EAAAA,EAAIpB,QAAAA,KAAAA;AACpC,EAAA,MAAMqB,aAAAA,GAAgBC,iCAAoBF,EAAAA,CAAAA;AAC1C,EAAA,MAAMG,WAAAA,GAAcC,IAAAA,CAAKC,SAAAA,CAAUzB,QAAAA,EAAU,MAAM,CAAA,CAAA;AACnD,EAAA,OAAOiB,SAAAA,CAAUI,eAAeE,WAAAA,CAAAA;AACpC,CAAA,EAJmC,qBAAA,CAAA;;;ANInC,IAAMG,sBAAAA,mBAAyB,IAAIf,IAAAA,CAAK,CAAA,CAAA;AACjC,IAAMgB,OAAAA,mBAAUtC,oBAAA,CAAA,CAACuC,KAAAA,GAAQ,EAAC,KAAM,OAAO,EAAEC,kBAAAA,EAAkB,GAAK,EAAC,KAAC;AACrE,EAAA,MAAMtC,IAAAA,GAAO;IACT,GAAGqC,KAAAA;IACH9B,kBAAAA,EAAoB;MAChB,GAAG+B,kBAAAA;AACH,MAAA,GAAGD,KAAAA,CAAM9B;AACb;AACJ,GAAA;AACAP,EAAAA,IAAAA,CAAKM,MAAAA,EAAQiC,MAAM,oCAAA,CAAA;AACnB,EAAA,MAAMC,QAAAA,GAAW,MAAMC,4BAAAA,CAAgBzC,IAAAA,CAAAA;AACvC,EAAA,MAAM0C,cAAcC,2BAAAA,CAAe;IAC/BC,OAAAA,EAAS5C,IAAAA,CAAK4C,WAAWN,kBAAAA,EAAoBM;GACjD,CAAA;AACA,EAAA,MAAMA,OAAAA,GAAUJ,SAASE,WAAAA,CAAAA;AACzB,EAAA,IAAI,CAACE,OAAAA,EAAS;AACV,IAAA,MAAM,IAAIhE,kBAAAA,CAAmB,CAAA,SAAA,EAAY8D,WAAAA,oDAA+D,KAAA,CAAA;EAC5G,CAAA,MAAA,IACS,CAACE,OAAAA,CAAQ,aAAA,CAAA,EAAgB;AAC9B,IAAA,MAAM,IAAIhE,kBAAAA,CAAmB,CAAA,SAAA,EAAY8D,WAAAA,CAAAA,6CAAAA,CAA0D,CAAA;AACvG,EAAA;AACA,EAAA,MAAMG,cAAAA,GAAiBD,QAAQ,aAAA,CAAA;AAC/B,EAAA,MAAME,WAAAA,GAAc,MAAMC,+BAAAA,CAAmB/C,IAAAA,CAAAA;AAC7C,EAAA,MAAMgD,UAAAA,GAAaF,YAAYD,cAAAA,CAAAA;AAC/B,EAAA,IAAI,CAACG,UAAAA,EAAY;AACb,IAAA,MAAM,IAAIpE,kBAAAA,CAAmB,CAAA,aAAA,EAAgBiE,cAAAA,oDAAkE,KAAA,CAAA;AACnH,EAAA;AACA,EAAA,KAAA,MAAWI,qBAAAA,IAAyB;AAAC,IAAA,eAAA;AAAiB,IAAA;AAAe,GAAA,EAAA;AACjE,IAAA,IAAI,CAACD,UAAAA,CAAWC,qBAAAA,CAAAA,EAAwB;AACpC,MAAA,MAAM,IAAIrE,kBAAAA,CAAmB,CAAA,aAAA,EAAgBiE,cAAAA,CAAAA,gCAAAA,EAAiDI,qBAAAA,MAA2B,KAAA,CAAA;AAC7H,IAAA;AACJ,EAAA;AACA,EAAoBD,WAAW,eAAA;AAC/B,EAAA,MAAMjD,SAAAA,GAAYiD,WAAW,YAAA,CAAA;AAC7B,EAAA,IAAIvC,QAAAA;AACJ,EAAA,IAAI;AACAA,IAAAA,QAAAA,GAAW,MAAMyC,iCAAoBL,cAAAA,CAAAA;AACzC,EAAA,CAAA,CAAA,OACOM,CAAAA,EAAG;AACN,IAAA,MAAM,IAAIvE,kBAAAA,CAAmB,CAAA,8CAAA,EAAiD8D,WAAAA,CAAAA,8BAAAA,EAA4C9C,eAAAA,IAAmB,KAAA,CAAA;AACjJ,EAAA;AACA0B,EAAAA,gBAAAA,CAAiB,aAAA,EAAeb,SAAS2C,WAAW,CAAA;AACpD9B,EAAAA,gBAAAA,CAAiB,WAAA,EAAab,SAAS4C,SAAS,CAAA;AAChD,EAAA,MAAM,EAAED,WAAAA,EAAaC,SAAAA,EAAS,GAAK5C,QAAAA;AACnC,EAAA,MAAM6C,aAAAA,GAAgB;IAAErC,KAAAA,EAAOmC,WAAAA;IAAalC,UAAAA,EAAY,IAAIE,KAAKiC,SAAAA;AAAW,GAAA;AAC5E,EAAA,IAAIC,cAAcpC,UAAAA,CAAWC,OAAAA,KAAYC,IAAAA,CAAKC,GAAAA,KAAQ1B,gBAAAA,EAAkB;AACpE,IAAA,OAAO2D,aAAAA;AACX,EAAA;AACA,EAAA,IAAIlC,KAAKC,GAAAA,EAAG,GAAKc,uBAAuBhB,OAAAA,EAAO,GAAK,KAAK,GAAA,EAAM;AAC3DH,IAAAA,mBAAAA,CAAoBsC,aAAAA,CAAAA;AACpB,IAAA,OAAOA,aAAAA;AACX,EAAA;AACAhC,EAAAA,gBAAAA,CAAiB,UAAA,EAAYb,QAAAA,CAASG,QAAAA,EAAU,IAAA,CAAA;AAChDU,EAAAA,gBAAAA,CAAiB,cAAA,EAAgBb,QAAAA,CAASI,YAAAA,EAAc,IAAA,CAAA;AACxDS,EAAAA,gBAAAA,CAAiB,cAAA,EAAgBb,QAAAA,CAASK,YAAAA,EAAc,IAAA,CAAA;AACxD,EAAA,IAAI;AACAqB,IAAAA,sBAAAA,CAAuBoB,OAAAA,CAAQnC,IAAAA,CAAKC,GAAAA,EAAG,CAAA;AACvC,IAAA,MAAMmC,eAAAA,GAAkB,MAAMhD,kBAAAA,CAAmBC,QAAAA,EAAUV,WAAWC,IAAAA,CAAAA;AACtEsB,IAAAA,gBAAAA,CAAiB,aAAA,EAAekC,gBAAgBJ,WAAW,CAAA;AAC3D9B,IAAAA,gBAAAA,CAAiB,WAAA,EAAakC,gBAAgBC,SAAS,CAAA;AACvD,IAAA,MAAMC,kBAAAA,GAAqB,IAAItC,IAAAA,CAAKA,IAAAA,CAAKC,KAAG,GAAKmC,eAAAA,CAAgBC,YAAY,GAAA,CAAA;AAC7E,IAAA,IAAI;AACA,MAAA,MAAM7B,oBAAoBiB,cAAAA,EAAgB;QACtC,GAAGpC,QAAAA;AACH2C,QAAAA,WAAAA,EAAaI,eAAAA,CAAgBJ,WAAAA;AAC7BC,QAAAA,SAAAA,EAAWK,mBAAmBC,WAAAA,EAAW;AACzC7C,QAAAA,YAAAA,EAAc0C,eAAAA,CAAgB1C;OAClC,CAAA;AACJ,IAAA,CAAA,CAAA,OACO8C,KAAAA,EAAO;AACd,IAAA;AACA,IAAA,OAAO;AACH3C,MAAAA,KAAAA,EAAOuC,eAAAA,CAAgBJ,WAAAA;MACvBlC,UAAAA,EAAYwC;AAChB,KAAA;AACJ,EAAA,CAAA,CAAA,OACOE,KAAAA,EAAO;AACV5C,IAAAA,mBAAAA,CAAoBsC,aAAAA,CAAAA;AACpB,IAAA,OAAOA,aAAAA;AACX,EAAA;AACJ,CAAA,EA/EuB,SAAA,CAAA;;;ADJvB,IAAMO,4BAAAA,GAA+B,KAAA;AAC9B,IAAMC,qBAAAA,mBAAwBhE,oBAAA,CAAA,OAAO,EAAEiE,WAAAA,EAAaf,UAAAA,EAAYgB,YAAAA,EAAcjE,SAAAA,EAAWkE,WAAAA,EAAaC,SAAAA,EAAW9D,YAAAA,EAAcG,kBAAAA,EAAoBqC,OAAAA,EAAStC,QAAM,KAAG;AACxK,EAAA,IAAIW,KAAAA;AACJ,EAAA,MAAMkD,cAAAA,GAAiB,CAAA,6EAAA,CAAA;AACvB,EAAA,IAAInB,UAAAA,EAAY;AACZ,IAAA,IAAI;AACA,MAAA,MAAMoB,MAAAA,GAAS,MAAMC,OAAAA,CAAoB;AAAEzB,QAAAA;AAAQ,OAAA,CAAA,EAAA;AACnD3B,MAAAA,KAAAA,GAAQ;AACJmC,QAAAA,WAAAA,EAAagB,MAAAA,CAAOnD,KAAAA;AACpBoC,QAAAA,SAAAA,EAAW,IAAIjC,IAAAA,CAAKgD,MAAAA,CAAOlD,UAAU,EAAEyC,WAAAA;AAC3C,OAAA;AACJ,IAAA,CAAA,CAAA,OACOR,CAAAA,EAAG;AACN,MAAA,MAAM,IAAImB,qCAAAA,CAAyBnB,CAAAA,CAAEpE,OAAAA,EAAS;QAC1CwF,WAAAA,EAAaV,4BAAAA;AACbvD,QAAAA;OACJ,CAAA;AACJ,IAAA;EACJ,CAAA,MACK;AACD,IAAA,IAAI;AACAW,MAAAA,KAAAA,GAAQ,MAAMiC,iCAAoBa,WAAAA,CAAAA;AACtC,IAAA,CAAA,CAAA,OACOZ,CAAAA,EAAG;AACN,MAAA,MAAM,IAAImB,qCAAAA,CAAyB,CAAA,yDAAA,EAA4DH,cAAAA,CAAAA,CAAAA,EAAkB;QAC7GI,WAAAA,EAAaV,4BAAAA;AACbvD,QAAAA;OACJ,CAAA;AACJ,IAAA;AACJ,EAAA;AACA,EAAA,IAAI,IAAIc,IAAAA,CAAKH,KAAAA,CAAMoC,SAAS,CAAA,CAAElC,SAAO,GAAKC,IAAAA,CAAKC,GAAAA,EAAG,IAAM,CAAA,EAAG;AACvD,IAAA,MAAM,IAAIiD,qCAAAA,CAAyB,CAAA,0DAAA,EAA6DH,cAAAA,CAAAA,CAAAA,EAAkB;MAC9GI,WAAAA,EAAaV,4BAAAA;AACbvD,MAAAA;KACJ,CAAA;AACJ,EAAA;AACA,EAAA,MAAM,EAAE8C,aAAW,GAAKnC,KAAAA;AACxB,EAAA,MAAM,EAAEuD,SAAAA,EAAWC,yBAAAA,EAAyB,GAAK,MAAM,OAAO,gBAAA,CAAA;AAC9D,EAAA,MAAMC,GAAAA,GAAMR,SAAAA,IACR,IAAIM,SAAAA,CAAUvF,MAAAA,CAAOkB,OAAO,EAAC,EAAGC,YAAAA,IAAgB,EAAC,EAAG;IAChDE,MAAAA,EAAQF,YAAAA,EAAcE,UAAUC,kBAAAA,EAAoBD,MAAAA;AACpDD,IAAAA,MAAAA,EAAQD,cAAcC,MAAAA,IAAUN;AACpC,GAAA,CAAA,CAAA;AACJ,EAAA,IAAI4E,OAAAA;AACJ,EAAA,IAAI;AACAA,IAAAA,OAAAA,GAAU,MAAMD,GAAAA,CAAI/D,IAAAA,CAAK,IAAI8D,yBAAAA,CAA0B;MACnDG,SAAAA,EAAWZ,YAAAA;MACXa,QAAAA,EAAUZ,WAAAA;AACVb,MAAAA;AACJ,KAAA,CAAA,CAAA;AACJ,EAAA,CAAA,CAAA,OACOD,CAAAA,EAAG;AACN,IAAA,MAAM,IAAImB,sCAAyBnB,CAAAA,EAAG;MAClCoB,WAAAA,EAAaV,4BAAAA;AACbvD,MAAAA;KACJ,CAAA;AACJ,EAAA;AACA,EAAA,MAAM,EAAEwE,eAAAA,EAAiB,EAAEC,WAAAA,EAAaC,eAAAA,EAAiBC,YAAAA,EAAc/D,UAAAA,EAAYgE,eAAAA,EAAiBN,SAAAA,EAAS,GAAK,EAAC,EAAC,GAAMD,OAAAA;AAC1H,EAAA,IAAI,CAACI,WAAAA,IAAe,CAACC,mBAAmB,CAACC,YAAAA,IAAgB,CAAC/D,UAAAA,EAAY;AAClE,IAAA,MAAM,IAAIoD,sCAAyB,8CAAA,EAAgD;MAC/EC,WAAAA,EAAaV,4BAAAA;AACbvD,MAAAA;KACJ,CAAA;AACJ,EAAA;AACA,EAAA,MAAM6E,WAAAA,GAAc;AAChBJ,IAAAA,WAAAA;AACAC,IAAAA,eAAAA;AACAC,IAAAA,YAAAA;IACA/D,UAAAA,EAAY,IAAIE,KAAKF,UAAAA,CAAAA;AACrB,IAAA,GAAIgE,eAAAA,IAAmB;AAAEA,MAAAA;AAAgB,KAAA;AACzC,IAAA,GAAIN,SAAAA,IAAa;AAAEA,MAAAA;AAAU;AACjC,GAAA;AACA,EAAA,IAAI5B,UAAAA,EAAY;AACZoC,IAAAA,kCAAAA,CAAqBD,WAAAA,EAAa,mBAAmB,GAAA,CAAA;EACzD,CAAA,MACK;AACDC,IAAAA,kCAAAA,CAAqBD,WAAAA,EAAa,0BAA0B,GAAA,CAAA;AAChE,EAAA;AACA,EAAA,OAAOA,WAAAA;AACX,CAAA,EA9EqC,uBAAA,CAAA;;;AQLrCxG,4BAAA,EAAA;AACO,IAAM0G,kBAAAA,mBAAqBvF,oBAAA,CAAA,CAAC8C,OAAAA,EAAStC,MAAAA,KAAAA;AACxC,EAAA,MAAM,EAAEhB,aAAAA,EAAeC,cAAAA,EAAgBE,UAAAA,EAAYC,eAAa,GAAKkD,OAAAA;AACrE,EAAA,IAAI,CAACtD,aAAAA,IAAiB,CAACC,kBAAkB,CAACE,UAAAA,IAAc,CAACC,aAAAA,EAAe;AACpE,IAAA,MAAM,IAAI4E,sCAAyB,CAAA,8IAAA,EACwBrF,MAAAA,CAAOqG,KAAK1C,OAAAA,CAAAA,CAAS2C,IAAAA,CAAK,IAAA,CAAA;AAA6F,kFAAA,CAAA,EAAA;MAAEhB,WAAAA,EAAa,KAAA;AAAOjE,MAAAA;KAAO,CAAA;AACnN,EAAA;AACA,EAAA,OAAOsC,OAAAA;AACX,CAAA,EAPkC,oBAAA;;;AXI3B,IAAM4C,OAAAA,mBAAU1F,oBAAA,CAAA,CAACE,IAAAA,GAAO,EAAC,KAAM,OAAO,EAAEsC,kBAAAA,EAAkB,GAAK,EAAC,KAAC;AACpEtC,EAAAA,IAAAA,CAAKM,MAAAA,EAAQiC,MAAM,4CAAA,CAAA;AACnB,EAAA,MAAM,EAAEwB,WAAAA,EAAaC,YAAAA,EAAcjE,SAAAA,EAAWkE,WAAAA,EAAajB,YAAU,GAAKhD,IAAAA;AAC1E,EAAA,MAAM,EAAEkE,WAAS,GAAKlE,IAAAA;AACtB,EAAA,MAAM0C,cAAcC,2BAAAA,CAAe;IAC/BC,OAAAA,EAAS5C,IAAAA,CAAK4C,WAAWN,kBAAAA,EAAoBM;GACjD,CAAA;AACA,EAAA,IAAI,CAACmB,eAAe,CAACC,YAAAA,IAAgB,CAACjE,SAAAA,IAAa,CAACkE,WAAAA,IAAe,CAACjB,UAAAA,EAAY;AAC5E,IAAA,MAAMR,QAAAA,GAAW,MAAMC,4BAAAA,CAAgBzC,IAAAA,CAAAA;AACvC,IAAA,MAAM4C,OAAAA,GAAUJ,SAASE,WAAAA,CAAAA;AACzB,IAAA,IAAI,CAACE,OAAAA,EAAS;AACV,MAAA,MAAM,IAAI0B,qCAAAA,CAAyB,CAAA,QAAA,EAAW5B,WAAAA,CAAAA,eAAAA,CAAAA,EAA8B;AAAEpC,QAAAA,MAAAA,EAAQN,IAAAA,CAAKM;OAAO,CAAA;AACtG,IAAA;AACA,IAAA,IAAI,CAAClB,YAAAA,CAAawD,OAAAA,CAAAA,EAAU;AACxB,MAAA,MAAM,IAAI0B,qCAAAA,CAAyB,CAAA,QAAA,EAAW5B,WAAAA,CAAAA,wCAAAA,CAAAA,EAAuD;AACjGpC,QAAAA,MAAAA,EAAQN,IAAAA,CAAKM;OACjB,CAAA;AACJ,IAAA;AACA,IAAA,IAAIsC,SAASpD,WAAAA,EAAa;AACtB,MAAA,MAAMsD,WAAAA,GAAc,MAAMC,+BAAAA,CAAmB/C,IAAAA,CAAAA;AAC7C,MAAA,MAAMyF,OAAAA,GAAU3C,WAAAA,CAAYF,OAAAA,CAAQpD,WAAW,CAAA;AAC/C,MAAA,MAAMkG,WAAAA,GAAc,CAAA,2BAAA,EAA8BhD,WAAAA,CAAAA,iBAAAA,EAA+BE,QAAQpD,WAAW,CAAA,CAAA;AACpG,MAAA,IAAIO,SAAAA,IAAaA,SAAAA,KAAc0F,OAAAA,CAAQhG,UAAAA,EAAY;AAC/C,QAAA,MAAM,IAAI6E,qCAAAA,CAAyB,CAAA,sBAAA,CAAA,GAA2BoB,WAAAA,EAAa;UACvEnB,WAAAA,EAAa,KAAA;AACbjE,UAAAA,MAAAA,EAAQN,IAAAA,CAAKM;SACjB,CAAA;AACJ,MAAA;AACA,MAAA,IAAIyD,WAAAA,IAAeA,WAAAA,KAAgB0B,OAAAA,CAAQnG,aAAAA,EAAe;AACtD,QAAA,MAAM,IAAIgF,qCAAAA,CAAyB,CAAA,yBAAA,CAAA,GAA8BoB,WAAAA,EAAa;UAC1EnB,WAAAA,EAAa,KAAA;AACbjE,UAAAA,MAAAA,EAAQN,IAAAA,CAAKM;SACjB,CAAA;AACJ,MAAA;AACAsC,MAAAA,OAAAA,CAAQnD,aAAagG,OAAAA,CAAQhG,UAAAA;AAC7BmD,MAAAA,OAAAA,CAAQtD,gBAAgBmG,OAAAA,CAAQnG,aAAAA;AACpC,IAAA;AACA,IAAA,MAAM,EAAEA,aAAAA,EAAeC,cAAAA,EAAgBE,UAAAA,EAAYC,aAAAA,EAAeF,aAAW,GAAK6F,kBAAAA,CAAmBzC,OAAAA,EAAS5C,IAAAA,CAAKM,MAAM,CAAA;AACzH,IAAA,OAAOwD,qBAAAA,CAAsB;MACzBC,WAAAA,EAAazE,aAAAA;MACb0D,UAAAA,EAAYxD,WAAAA;MACZwE,YAAAA,EAAczE,cAAAA;MACdQ,SAAAA,EAAWN,UAAAA;MACXwE,WAAAA,EAAavE,aAAAA;AACbwE,MAAAA,SAAAA;AACA9D,MAAAA,YAAAA,EAAcJ,IAAAA,CAAKI,YAAAA;AACnBG,MAAAA,kBAAAA,EAAoBP,IAAAA,CAAKO,kBAAAA;MACzBqC,OAAAA,EAASF;KACb,CAAA;AACJ,EAAA,CAAA,MAAA,IACS,CAACqB,WAAAA,IAAe,CAACC,gBAAgB,CAACjE,SAAAA,IAAa,CAACkE,WAAAA,EAAa;AAClE,IAAA,MAAM,IAAIK,sCAAyB,8HAAA,EAC8B;MAAEC,WAAAA,EAAa,KAAA;AAAOjE,MAAAA,MAAAA,EAAQN,IAAAA,CAAKM;KAAO,CAAA;EAC/G,CAAA,MACK;AACD,IAAA,OAAOwD,qBAAAA,CAAsB;AACzBC,MAAAA,WAAAA;AACAf,MAAAA,UAAAA;AACAgB,MAAAA,YAAAA;AACAjE,MAAAA,SAAAA;AACAkE,MAAAA,WAAAA;AACAC,MAAAA,SAAAA;AACA9D,MAAAA,YAAAA,EAAcJ,IAAAA,CAAKI,YAAAA;AACnBG,MAAAA,kBAAAA,EAAoBP,IAAAA,CAAKO,kBAAAA;MACzBqC,OAAAA,EAASF;KACb,CAAA;AACJ,EAAA;AACJ,CAAA,EAnEuB,SAAA;;;AYLvB/D,4BAAA,EAAA","file":"7O5SJUXT.cjs","sourcesContent":["export * from \"./fromSSO\";\nexport * from \"./isSsoProfile\";\nexport * from \"./types\";\nexport * from \"./validateSsoProfile\";\n","import { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { getProfileName, loadSsoSessionData, parseKnownFiles } from \"@smithy/shared-ini-file-loader\";\nimport { isSsoProfile } from \"./isSsoProfile\";\nimport { resolveSSOCredentials } from \"./resolveSSOCredentials\";\nimport { validateSsoProfile } from \"./validateSsoProfile\";\nexport const fromSSO = (init = {}) => async ({ callerClientConfig } = {}) => {\n    init.logger?.debug(\"@aws-sdk/credential-provider-sso - fromSSO\");\n    const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoSession } = init;\n    const { ssoClient } = init;\n    const profileName = getProfileName({\n        profile: init.profile ?? callerClientConfig?.profile,\n    });\n    if (!ssoStartUrl && !ssoAccountId && !ssoRegion && !ssoRoleName && !ssoSession) {\n        const profiles = await parseKnownFiles(init);\n        const profile = profiles[profileName];\n        if (!profile) {\n            throw new CredentialsProviderError(`Profile ${profileName} was not found.`, { logger: init.logger });\n        }\n        if (!isSsoProfile(profile)) {\n            throw new CredentialsProviderError(`Profile ${profileName} is not configured with SSO credentials.`, {\n                logger: init.logger,\n            });\n        }\n        if (profile?.sso_session) {\n            const ssoSessions = await loadSsoSessionData(init);\n            const session = ssoSessions[profile.sso_session];\n            const conflictMsg = ` configurations in profile ${profileName} and sso-session ${profile.sso_session}`;\n            if (ssoRegion && ssoRegion !== session.sso_region) {\n                throw new CredentialsProviderError(`Conflicting SSO region` + conflictMsg, {\n                    tryNextLink: false,\n                    logger: init.logger,\n                });\n            }\n            if (ssoStartUrl && ssoStartUrl !== session.sso_start_url) {\n                throw new CredentialsProviderError(`Conflicting SSO start_url` + conflictMsg, {\n                    tryNextLink: false,\n                    logger: init.logger,\n                });\n            }\n            profile.sso_region = session.sso_region;\n            profile.sso_start_url = session.sso_start_url;\n        }\n        const { sso_start_url, sso_account_id, sso_region, sso_role_name, sso_session } = validateSsoProfile(profile, init.logger);\n        return resolveSSOCredentials({\n            ssoStartUrl: sso_start_url,\n            ssoSession: sso_session,\n            ssoAccountId: sso_account_id,\n            ssoRegion: sso_region,\n            ssoRoleName: sso_role_name,\n            ssoClient: ssoClient,\n            clientConfig: init.clientConfig,\n            parentClientConfig: init.parentClientConfig,\n            profile: profileName,\n        });\n    }\n    else if (!ssoStartUrl || !ssoAccountId || !ssoRegion || !ssoRoleName) {\n        throw new CredentialsProviderError(\"Incomplete configuration. The fromSSO() argument hash must include \" +\n            '\"ssoStartUrl\", \"ssoAccountId\", \"ssoRegion\", \"ssoRoleName\"', { tryNextLink: false, logger: init.logger });\n    }\n    else {\n        return resolveSSOCredentials({\n            ssoStartUrl,\n            ssoSession,\n            ssoAccountId,\n            ssoRegion,\n            ssoRoleName,\n            ssoClient,\n            clientConfig: init.clientConfig,\n            parentClientConfig: init.parentClientConfig,\n            profile: profileName,\n        });\n    }\n};\n","import { ProviderError } from \"./ProviderError\";\nexport class TokenProviderError extends ProviderError {\n    name = \"TokenProviderError\";\n    constructor(message, options = true) {\n        super(message, options);\n        Object.setPrototypeOf(this, TokenProviderError.prototype);\n    }\n}\n","export const isSsoProfile = (arg) => arg &&\n    (typeof arg.sso_start_url === \"string\" ||\n        typeof arg.sso_account_id === \"string\" ||\n        typeof arg.sso_session === \"string\" ||\n        typeof arg.sso_region === \"string\" ||\n        typeof arg.sso_role_name === \"string\");\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nimport { fromSso as getSsoTokenProvider } from \"@aws-sdk/token-providers\";\nimport { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { getSSOTokenFromFile } from \"@smithy/shared-ini-file-loader\";\nconst SHOULD_FAIL_CREDENTIAL_CHAIN = false;\nexport const resolveSSOCredentials = async ({ ssoStartUrl, ssoSession, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, clientConfig, parentClientConfig, profile, logger, }) => {\n    let token;\n    const refreshMessage = `To refresh this SSO session run aws sso login with the corresponding profile.`;\n    if (ssoSession) {\n        try {\n            const _token = await getSsoTokenProvider({ profile })();\n            token = {\n                accessToken: _token.token,\n                expiresAt: new Date(_token.expiration).toISOString(),\n            };\n        }\n        catch (e) {\n            throw new CredentialsProviderError(e.message, {\n                tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n                logger,\n            });\n        }\n    }\n    else {\n        try {\n            token = await getSSOTokenFromFile(ssoStartUrl);\n        }\n        catch (e) {\n            throw new CredentialsProviderError(`The SSO session associated with this profile is invalid. ${refreshMessage}`, {\n                tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n                logger,\n            });\n        }\n    }\n    if (new Date(token.expiresAt).getTime() - Date.now() <= 0) {\n        throw new CredentialsProviderError(`The SSO session associated with this profile has expired. ${refreshMessage}`, {\n            tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n            logger,\n        });\n    }\n    const { accessToken } = token;\n    const { SSOClient, GetRoleCredentialsCommand } = await import(\"./loadSso\");\n    const sso = ssoClient ||\n        new SSOClient(Object.assign({}, clientConfig ?? {}, {\n            logger: clientConfig?.logger ?? parentClientConfig?.logger,\n            region: clientConfig?.region ?? ssoRegion,\n        }));\n    let ssoResp;\n    try {\n        ssoResp = await sso.send(new GetRoleCredentialsCommand({\n            accountId: ssoAccountId,\n            roleName: ssoRoleName,\n            accessToken,\n        }));\n    }\n    catch (e) {\n        throw new CredentialsProviderError(e, {\n            tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n            logger,\n        });\n    }\n    const { roleCredentials: { accessKeyId, secretAccessKey, sessionToken, expiration, credentialScope, accountId } = {}, } = ssoResp;\n    if (!accessKeyId || !secretAccessKey || !sessionToken || !expiration) {\n        throw new CredentialsProviderError(\"SSO returns an invalid temporary credential.\", {\n            tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,\n            logger,\n        });\n    }\n    const credentials = {\n        accessKeyId,\n        secretAccessKey,\n        sessionToken,\n        expiration: new Date(expiration),\n        ...(credentialScope && { credentialScope }),\n        ...(accountId && { accountId }),\n    };\n    if (ssoSession) {\n        setCredentialFeature(credentials, \"CREDENTIALS_SSO\", \"s\");\n    }\n    else {\n        setCredentialFeature(credentials, \"CREDENTIALS_SSO_LEGACY\", \"u\");\n    }\n    return credentials;\n};\n","import { TokenProviderError } from \"@smithy/property-provider\";\nimport { getProfileName, getSSOTokenFromFile, loadSsoSessionData, parseKnownFiles, } from \"@smithy/shared-ini-file-loader\";\nimport { EXPIRE_WINDOW_MS, REFRESH_MESSAGE } from \"./constants\";\nimport { getNewSsoOidcToken } from \"./getNewSsoOidcToken\";\nimport { validateTokenExpiry } from \"./validateTokenExpiry\";\nimport { validateTokenKey } from \"./validateTokenKey\";\nimport { writeSSOTokenToFile } from \"./writeSSOTokenToFile\";\nconst lastRefreshAttemptTime = new Date(0);\nexport const fromSso = (_init = {}) => async ({ callerClientConfig } = {}) => {\n    const init = {\n        ..._init,\n        parentClientConfig: {\n            ...callerClientConfig,\n            ..._init.parentClientConfig,\n        },\n    };\n    init.logger?.debug(\"@aws-sdk/token-providers - fromSso\");\n    const profiles = await parseKnownFiles(init);\n    const profileName = getProfileName({\n        profile: init.profile ?? callerClientConfig?.profile,\n    });\n    const profile = profiles[profileName];\n    if (!profile) {\n        throw new TokenProviderError(`Profile '${profileName}' could not be found in shared credentials file.`, false);\n    }\n    else if (!profile[\"sso_session\"]) {\n        throw new TokenProviderError(`Profile '${profileName}' is missing required property 'sso_session'.`);\n    }\n    const ssoSessionName = profile[\"sso_session\"];\n    const ssoSessions = await loadSsoSessionData(init);\n    const ssoSession = ssoSessions[ssoSessionName];\n    if (!ssoSession) {\n        throw new TokenProviderError(`Sso session '${ssoSessionName}' could not be found in shared credentials file.`, false);\n    }\n    for (const ssoSessionRequiredKey of [\"sso_start_url\", \"sso_region\"]) {\n        if (!ssoSession[ssoSessionRequiredKey]) {\n            throw new TokenProviderError(`Sso session '${ssoSessionName}' is missing required property '${ssoSessionRequiredKey}'.`, false);\n        }\n    }\n    const ssoStartUrl = ssoSession[\"sso_start_url\"];\n    const ssoRegion = ssoSession[\"sso_region\"];\n    let ssoToken;\n    try {\n        ssoToken = await getSSOTokenFromFile(ssoSessionName);\n    }\n    catch (e) {\n        throw new TokenProviderError(`The SSO session token associated with profile=${profileName} was not found or is invalid. ${REFRESH_MESSAGE}`, false);\n    }\n    validateTokenKey(\"accessToken\", ssoToken.accessToken);\n    validateTokenKey(\"expiresAt\", ssoToken.expiresAt);\n    const { accessToken, expiresAt } = ssoToken;\n    const existingToken = { token: accessToken, expiration: new Date(expiresAt) };\n    if (existingToken.expiration.getTime() - Date.now() > EXPIRE_WINDOW_MS) {\n        return existingToken;\n    }\n    if (Date.now() - lastRefreshAttemptTime.getTime() < 30 * 1000) {\n        validateTokenExpiry(existingToken);\n        return existingToken;\n    }\n    validateTokenKey(\"clientId\", ssoToken.clientId, true);\n    validateTokenKey(\"clientSecret\", ssoToken.clientSecret, true);\n    validateTokenKey(\"refreshToken\", ssoToken.refreshToken, true);\n    try {\n        lastRefreshAttemptTime.setTime(Date.now());\n        const newSsoOidcToken = await getNewSsoOidcToken(ssoToken, ssoRegion, init);\n        validateTokenKey(\"accessToken\", newSsoOidcToken.accessToken);\n        validateTokenKey(\"expiresIn\", newSsoOidcToken.expiresIn);\n        const newTokenExpiration = new Date(Date.now() + newSsoOidcToken.expiresIn * 1000);\n        try {\n            await writeSSOTokenToFile(ssoSessionName, {\n                ...ssoToken,\n                accessToken: newSsoOidcToken.accessToken,\n                expiresAt: newTokenExpiration.toISOString(),\n                refreshToken: newSsoOidcToken.refreshToken,\n            });\n        }\n        catch (error) {\n        }\n        return {\n            token: newSsoOidcToken.accessToken,\n            expiration: newTokenExpiration,\n        };\n    }\n    catch (error) {\n        validateTokenExpiry(existingToken);\n        return existingToken;\n    }\n};\n","export const EXPIRE_WINDOW_MS = 5 * 60 * 1000;\nexport const REFRESH_MESSAGE = `To refresh this SSO session run 'aws sso login' with the corresponding profile.`;\n","import { getSsoOidcClient } from \"./getSsoOidcClient\";\nexport const getNewSsoOidcToken = async (ssoToken, ssoRegion, init = {}) => {\n    const { CreateTokenCommand } = await import(\"@aws-sdk/nested-clients/sso-oidc\");\n    const ssoOidcClient = await getSsoOidcClient(ssoRegion, init);\n    return ssoOidcClient.send(new CreateTokenCommand({\n        clientId: ssoToken.clientId,\n        clientSecret: ssoToken.clientSecret,\n        refreshToken: ssoToken.refreshToken,\n        grantType: \"refresh_token\",\n    }));\n};\n","export const getSsoOidcClient = async (ssoRegion, init = {}) => {\n    const { SSOOIDCClient } = await import(\"@aws-sdk/nested-clients/sso-oidc\");\n    const ssoOidcClient = new SSOOIDCClient(Object.assign({}, init.clientConfig ?? {}, {\n        region: ssoRegion ?? init.clientConfig?.region,\n        logger: init.clientConfig?.logger ?? init.parentClientConfig?.logger,\n    }));\n    return ssoOidcClient;\n};\n","import { TokenProviderError } from \"@smithy/property-provider\";\nimport { REFRESH_MESSAGE } from \"./constants\";\nexport const validateTokenExpiry = (token) => {\n    if (token.expiration && token.expiration.getTime() < Date.now()) {\n        throw new TokenProviderError(`Token is expired. ${REFRESH_MESSAGE}`, false);\n    }\n};\n","import { TokenProviderError } from \"@smithy/property-provider\";\nimport { REFRESH_MESSAGE } from \"./constants\";\nexport const validateTokenKey = (key, value, forRefresh = false) => {\n    if (typeof value === \"undefined\") {\n        throw new TokenProviderError(`Value not present for '${key}' in SSO Token${forRefresh ? \". Cannot refresh\" : \"\"}. ${REFRESH_MESSAGE}`, false);\n    }\n};\n","import { getSSOTokenFilepath } from \"@smithy/shared-ini-file-loader\";\nimport { promises as fsPromises } from \"fs\";\nconst { writeFile } = fsPromises;\nexport const writeSSOTokenToFile = (id, ssoToken) => {\n    const tokenFilepath = getSSOTokenFilepath(id);\n    const tokenString = JSON.stringify(ssoToken, null, 2);\n    return writeFile(tokenFilepath, tokenString);\n};\n","import { CredentialsProviderError } from \"@smithy/property-provider\";\nexport const validateSsoProfile = (profile, logger) => {\n    const { sso_start_url, sso_account_id, sso_region, sso_role_name } = profile;\n    if (!sso_start_url || !sso_account_id || !sso_region || !sso_role_name) {\n        throw new CredentialsProviderError(`Profile is configured with invalid SSO credentials. Required parameters \"sso_account_id\", ` +\n            `\"sso_region\", \"sso_role_name\", \"sso_start_url\". Got ${Object.keys(profile).join(\", \")}\\nReference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html`, { tryNextLink: false, logger });\n    }\n    return profile;\n};\n","export {};\n"]}

package/dist/{2DA6OMT5.js → 7R4LC2OX.js}

@@ -1,15 +1,15 @@
 import { createAggregatedClient, package_default } from './J2A64VZU.js';
 import { NoAuthSigner, SENSITIVE_STRING, extendedEncodeURIComponent } from './IYIFH7LC.js';
 import { parseRfc3339DateTimeWithOffset } from './7JWBGU62.js';
-import { EndpointCache, awsEndpointFunctions, customEndpointFunctions, Client, resolveUserAgentConfig, resolveRetryConfig, resolveRegionConfig, resolveHostHeaderConfig, resolveEndpointConfig, getUserAgentPlugin, getRetryPlugin, getContentLengthPlugin, getHostHeaderPlugin, getLoggerPlugin, getRecursionDetectionPlugin, getHttpAuthSchemeEndpointRuleSetPlugin, DefaultIdentityProviderConfig, getHttpSigningPlugin, ServiceException, withBaseException, Command, getSerdePlugin, getEndpointPlugin, emitWarningIfUnsupportedVersion2, resolveDefaultsModeConfig, emitWarningIfUnsupportedVersion, Hash, AwsSdkSigV4Signer, createDefaultUserAgentProvider, calculateBodyLength, NODE_APP_ID_CONFIG_OPTIONS, NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS, NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS, NODE_RETRY_MODE_CONFIG_OPTIONS, DEFAULT_RETRY_MODE, NODE_REGION_CONFIG_OPTIONS, NODE_REGION_CONFIG_FILE_OPTIONS, NODE_MAX_ATTEMPT_CONFIG_OPTIONS, NODE_AUTH_SCHEME_PREFERENCE_OPTIONS, resolveAwsSdkSigV4Config, normalizeProvider, getAwsRegionExtensionConfiguration, getDefaultExtensionConfiguration, getHttpHandlerExtensionConfiguration, resolveAwsRegionExtensionConfiguration, resolveDefaultRuntimeConfig, resolveHttpHandlerRuntimeConfig, getSmithyContext, NoOpLogger, loadConfigsForDefaultMode, collectBodyString, resolveEndpoint, decorateServiceException } from './QSGRIGIB.js';
-export { Command as $Command, Client as __Client } from './QSGRIGIB.js';
+import { EndpointCache, awsEndpointFunctions, customEndpointFunctions, Client, resolveUserAgentConfig, resolveRetryConfig, resolveRegionConfig, resolveHostHeaderConfig, resolveEndpointConfig, getUserAgentPlugin, getRetryPlugin, getContentLengthPlugin, getHostHeaderPlugin, getLoggerPlugin, getRecursionDetectionPlugin, getHttpAuthSchemeEndpointRuleSetPlugin, DefaultIdentityProviderConfig, getHttpSigningPlugin, ServiceException, withBaseException, Command, getSerdePlugin, getEndpointPlugin, emitWarningIfUnsupportedVersion2, resolveDefaultsModeConfig, emitWarningIfUnsupportedVersion, Hash, AwsSdkSigV4Signer, createDefaultUserAgentProvider, calculateBodyLength, NODE_APP_ID_CONFIG_OPTIONS, NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS, NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS, NODE_RETRY_MODE_CONFIG_OPTIONS, DEFAULT_RETRY_MODE, NODE_REGION_CONFIG_OPTIONS, NODE_REGION_CONFIG_FILE_OPTIONS, NODE_MAX_ATTEMPT_CONFIG_OPTIONS, NODE_AUTH_SCHEME_PREFERENCE_OPTIONS, resolveAwsSdkSigV4Config, normalizeProvider, getAwsRegionExtensionConfiguration, getDefaultExtensionConfiguration, getHttpHandlerExtensionConfiguration, resolveAwsRegionExtensionConfiguration, resolveDefaultRuntimeConfig, resolveHttpHandlerRuntimeConfig, getSmithyContext, NoOpLogger, loadConfigsForDefaultMode, collectBodyString, resolveEndpoint, decorateServiceException } from './EXBTG2GQ.js';
+export { Command as $Command, Client as __Client } from './EXBTG2GQ.js';
 import { loadConfig, parseUrl } from './3V7HWCTZ.js';
 import './QHFDWPE3.js';
-import { streamCollector, NodeHttpHandler, toBase64, fromBase64, HttpRequest, strictParseInt32, expectString, expectNonNull } from './XVWZAEKK.js';
 import './GHQS37WK.js';
+import { streamCollector, NodeHttpHandler, toBase64, fromBase64, HttpRequest, strictParseInt32, expectString, expectNonNull } from './XVWZAEKK.js';
+import { toUtf8, fromUtf8 } from './TQHAG73D.js';
 import { setCredentialFeature } from './ERGNNQ6N.js';
 import './UFZOOGMQ.js';
-import { toUtf8, fromUtf8 } from './TQHAG73D.js';
 import { init_esm_shims, __name } from './6AHA7PAZ.js';
 
 // ../../node_modules/.pnpm/@aws-sdk+nested-clients@3.879.0/node_modules/@aws-sdk/nested-clients/dist-es/submodules/sts/index.js
@@ -3242,5 +3242,5 @@ var decorateDefaultCredentialProvider = /* @__PURE__ */ __name((provider) => (in
 }), "decorateDefaultCredentialProvider");
 
 export { AssumeRoleCommand, AssumeRoleResponseFilterSensitiveLog, AssumeRoleWithWebIdentityCommand, AssumeRoleWithWebIdentityRequestFilterSensitiveLog, AssumeRoleWithWebIdentityResponseFilterSensitiveLog, CredentialsFilterSensitiveLog, ExpiredTokenException, IDPCommunicationErrorException, IDPRejectedClaimException, InvalidIdentityTokenException, MalformedPolicyDocumentException, PackedPolicyTooLargeException, RegionDisabledException, STS, STSClient, STSServiceException, decorateDefaultCredentialProvider, getDefaultRoleAssumer2 as getDefaultRoleAssumer, getDefaultRoleAssumerWithWebIdentity2 as getDefaultRoleAssumerWithWebIdentity };
-//# sourceMappingURL=2DA6OMT5.js.map
-//# sourceMappingURL=2DA6OMT5.js.map
+//# sourceMappingURL=7R4LC2OX.js.map
+//# sourceMappingURL=7R4LC2OX.js.map