@semiont/graph 0.5.5 → 0.5.6

package/dist/dist-es-LM7J2FUI.js

@@ -0,0 +1,87 @@
+import {
+  setCredentialFeature
+} from "./chunk-7UD62TQI.js";
+import {
+  CredentialsProviderError,
+  externalDataInterceptor,
+  getProfileName,
+  parseKnownFiles
+} from "./chunk-4UP2SG3N.js";
+import "./chunk-DCLCNCC5.js";
+
+// ../../node_modules/@aws-sdk/credential-provider-process/dist-es/resolveProcessCredentials.js
+import { exec } from "child_process";
+import { promisify } from "util";
+
+// ../../node_modules/@aws-sdk/credential-provider-process/dist-es/getValidatedProcessCredentials.js
+var getValidatedProcessCredentials = (profileName, data, profiles) => {
+  if (data.Version !== 1) {
+    throw Error(`Profile ${profileName} credential_process did not return Version 1.`);
+  }
+  if (data.AccessKeyId === void 0 || data.SecretAccessKey === void 0) {
+    throw Error(`Profile ${profileName} credential_process returned invalid credentials.`);
+  }
+  if (data.Expiration) {
+    const currentTime = /* @__PURE__ */ new Date();
+    const expireTime = new Date(data.Expiration);
+    if (expireTime < currentTime) {
+      throw Error(`Profile ${profileName} credential_process returned expired credentials.`);
+    }
+  }
+  let accountId = data.AccountId;
+  if (!accountId && profiles?.[profileName]?.aws_account_id) {
+    accountId = profiles[profileName].aws_account_id;
+  }
+  const credentials = {
+    accessKeyId: data.AccessKeyId,
+    secretAccessKey: data.SecretAccessKey,
+    ...data.SessionToken && { sessionToken: data.SessionToken },
+    ...data.Expiration && { expiration: new Date(data.Expiration) },
+    ...data.CredentialScope && { credentialScope: data.CredentialScope },
+    ...accountId && { accountId }
+  };
+  setCredentialFeature(credentials, "CREDENTIALS_PROCESS", "w");
+  return credentials;
+};
+
+// ../../node_modules/@aws-sdk/credential-provider-process/dist-es/resolveProcessCredentials.js
+var resolveProcessCredentials = async (profileName, profiles, logger) => {
+  const profile = profiles[profileName];
+  if (profiles[profileName]) {
+    const credentialProcess = profile["credential_process"];
+    if (credentialProcess !== void 0) {
+      const execPromise = promisify(externalDataInterceptor?.getTokenRecord?.().exec ?? exec);
+      try {
+        const { stdout } = await execPromise(credentialProcess);
+        let data;
+        try {
+          data = JSON.parse(stdout.trim());
+        } catch {
+          throw Error(`Profile ${profileName} credential_process returned invalid JSON.`);
+        }
+        return getValidatedProcessCredentials(profileName, data, profiles);
+      } catch (error) {
+        throw new CredentialsProviderError(error.message, { logger });
+      }
+    } else {
+      throw new CredentialsProviderError(`Profile ${profileName} did not contain credential_process.`, { logger });
+    }
+  } else {
+    throw new CredentialsProviderError(`Profile ${profileName} could not be found in shared credentials file.`, {
+      logger
+    });
+  }
+};
+
+// ../../node_modules/@aws-sdk/credential-provider-process/dist-es/fromProcess.js
+var fromProcess = (init = {}) => async ({ callerClientConfig } = {}) => {
+  init.logger?.debug("@aws-sdk/credential-provider-process - fromProcess");
+  const profiles = await parseKnownFiles(init);
+  return resolveProcessCredentials(getProfileName({
+    profile: init.profile ?? callerClientConfig?.profile
+  }), profiles, init.logger);
+};
+export {
+  fromProcess
+};
+//# sourceMappingURL=dist-es-LM7J2FUI.js.map

package/dist/dist-es-LM7J2FUI.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../node_modules/@aws-sdk/credential-provider-process/dist-es/resolveProcessCredentials.js","../../../node_modules/@aws-sdk/credential-provider-process/dist-es/getValidatedProcessCredentials.js","../../../node_modules/@aws-sdk/credential-provider-process/dist-es/fromProcess.js"],"sourcesContent":["import { CredentialsProviderError, externalDataInterceptor } from \"@smithy/core/config\";\nimport { exec } from \"node:child_process\";\nimport { promisify } from \"node:util\";\nimport { getValidatedProcessCredentials } from \"./getValidatedProcessCredentials\";\nexport const resolveProcessCredentials = async (profileName, profiles, logger) => {\n    const profile = profiles[profileName];\n    if (profiles[profileName]) {\n        const credentialProcess = profile[\"credential_process\"];\n        if (credentialProcess !== undefined) {\n            const execPromise = promisify(externalDataInterceptor?.getTokenRecord?.().exec ?? exec);\n            try {\n                const { stdout } = await execPromise(credentialProcess);\n                let data;\n                try {\n                    data = JSON.parse(stdout.trim());\n                }\n                catch {\n                    throw Error(`Profile ${profileName} credential_process returned invalid JSON.`);\n                }\n                return getValidatedProcessCredentials(profileName, data, profiles);\n            }\n            catch (error) {\n                throw new CredentialsProviderError(error.message, { logger });\n            }\n        }\n        else {\n            throw new CredentialsProviderError(`Profile ${profileName} did not contain credential_process.`, { logger });\n        }\n    }\n    else {\n        throw new CredentialsProviderError(`Profile ${profileName} could not be found in shared credentials file.`, {\n            logger,\n        });\n    }\n};\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nexport const getValidatedProcessCredentials = (profileName, data, profiles) => {\n    if (data.Version !== 1) {\n        throw Error(`Profile ${profileName} credential_process did not return Version 1.`);\n    }\n    if (data.AccessKeyId === undefined || data.SecretAccessKey === undefined) {\n        throw Error(`Profile ${profileName} credential_process returned invalid credentials.`);\n    }\n    if (data.Expiration) {\n        const currentTime = new Date();\n        const expireTime = new Date(data.Expiration);\n        if (expireTime < currentTime) {\n            throw Error(`Profile ${profileName} credential_process returned expired credentials.`);\n        }\n    }\n    let accountId = data.AccountId;\n    if (!accountId && profiles?.[profileName]?.aws_account_id) {\n        accountId = profiles[profileName].aws_account_id;\n    }\n    const credentials = {\n        accessKeyId: data.AccessKeyId,\n        secretAccessKey: data.SecretAccessKey,\n        ...(data.SessionToken && { sessionToken: data.SessionToken }),\n        ...(data.Expiration && { expiration: new Date(data.Expiration) }),\n        ...(data.CredentialScope && { credentialScope: data.CredentialScope }),\n        ...(accountId && { accountId }),\n    };\n    setCredentialFeature(credentials, \"CREDENTIALS_PROCESS\", \"w\");\n    return credentials;\n};\n","import { getProfileName, parseKnownFiles } from \"@smithy/core/config\";\nimport { resolveProcessCredentials } from \"./resolveProcessCredentials\";\nexport const fromProcess = (init = {}) => async ({ callerClientConfig } = {}) => {\n    init.logger?.debug(\"@aws-sdk/credential-provider-process - fromProcess\");\n    const profiles = await parseKnownFiles(init);\n    return resolveProcessCredentials(getProfileName({\n        profile: init.profile ?? callerClientConfig?.profile,\n    }), profiles, init.logger);\n};\n"],"mappings":";;;;;;;;;;;;AACA,SAAS,YAAY;AACrB,SAAS,iBAAiB;;;ACDnB,IAAM,iCAAiC,CAAC,aAAa,MAAM,aAAa;AAC3E,MAAI,KAAK,YAAY,GAAG;AACpB,UAAM,MAAM,WAAW,WAAW,+CAA+C;AAAA,EACrF;AACA,MAAI,KAAK,gBAAgB,UAAa,KAAK,oBAAoB,QAAW;AACtE,UAAM,MAAM,WAAW,WAAW,mDAAmD;AAAA,EACzF;AACA,MAAI,KAAK,YAAY;AACjB,UAAM,cAAc,oBAAI,KAAK;AAC7B,UAAM,aAAa,IAAI,KAAK,KAAK,UAAU;AAC3C,QAAI,aAAa,aAAa;AAC1B,YAAM,MAAM,WAAW,WAAW,mDAAmD;AAAA,IACzF;AAAA,EACJ;AACA,MAAI,YAAY,KAAK;AACrB,MAAI,CAAC,aAAa,WAAW,WAAW,GAAG,gBAAgB;AACvD,gBAAY,SAAS,WAAW,EAAE;AAAA,EACtC;AACA,QAAM,cAAc;AAAA,IAChB,aAAa,KAAK;AAAA,IAClB,iBAAiB,KAAK;AAAA,IACtB,GAAI,KAAK,gBAAgB,EAAE,cAAc,KAAK,aAAa;AAAA,IAC3D,GAAI,KAAK,cAAc,EAAE,YAAY,IAAI,KAAK,KAAK,UAAU,EAAE;AAAA,IAC/D,GAAI,KAAK,mBAAmB,EAAE,iBAAiB,KAAK,gBAAgB;AAAA,IACpE,GAAI,aAAa,EAAE,UAAU;AAAA,EACjC;AACA,uBAAqB,aAAa,uBAAuB,GAAG;AAC5D,SAAO;AACX;;;ADzBO,IAAM,4BAA4B,OAAO,aAAa,UAAU,WAAW;AAC9E,QAAM,UAAU,SAAS,WAAW;AACpC,MAAI,SAAS,WAAW,GAAG;AACvB,UAAM,oBAAoB,QAAQ,oBAAoB;AACtD,QAAI,sBAAsB,QAAW;AACjC,YAAM,cAAc,UAAU,yBAAyB,iBAAiB,EAAE,QAAQ,IAAI;AACtF,UAAI;AACA,cAAM,EAAE,OAAO,IAAI,MAAM,YAAY,iBAAiB;AACtD,YAAI;AACJ,YAAI;AACA,iBAAO,KAAK,MAAM,OAAO,KAAK,CAAC;AAAA,QACnC,QACM;AACF,gBAAM,MAAM,WAAW,WAAW,4CAA4C;AAAA,QAClF;AACA,eAAO,+BAA+B,aAAa,MAAM,QAAQ;AAAA,MACrE,SACO,OAAO;AACV,cAAM,IAAI,yBAAyB,MAAM,SAAS,EAAE,OAAO,CAAC;AAAA,MAChE;AAAA,IACJ,OACK;AACD,YAAM,IAAI,yBAAyB,WAAW,WAAW,wCAAwC,EAAE,OAAO,CAAC;AAAA,IAC/G;AAAA,EACJ,OACK;AACD,UAAM,IAAI,yBAAyB,WAAW,WAAW,mDAAmD;AAAA,MACxG;AAAA,IACJ,CAAC;AAAA,EACL;AACJ;;;AEhCO,IAAM,cAAc,CAAC,OAAO,CAAC,MAAM,OAAO,EAAE,mBAAmB,IAAI,CAAC,MAAM;AAC7E,OAAK,QAAQ,MAAM,oDAAoD;AACvE,QAAM,WAAW,MAAM,gBAAgB,IAAI;AAC3C,SAAO,0BAA0B,eAAe;AAAA,IAC5C,SAAS,KAAK,WAAW,oBAAoB;AAAA,EACjD,CAAC,GAAG,UAAU,KAAK,MAAM;AAC7B;","names":[]}

package/dist/dist-es-QTXLRLLM.js

@@ -0,0 +1,169 @@
+import {
+  NodeHttpHandler
+} from "./chunk-V4VXQDJC.js";
+import {
+  setCredentialFeature
+} from "./chunk-7UD62TQI.js";
+import {
+  CredentialsProviderError,
+  HttpRequest
+} from "./chunk-4UP2SG3N.js";
+import {
+  parseRfc3339DateTime,
+  sdkStreamMixin
+} from "./chunk-DCLCNCC5.js";
+
+// ../../node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/fromHttp.js
+import fs from "fs/promises";
+
+// ../../node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/checkUrl.js
+var ECS_CONTAINER_HOST = "169.254.170.2";
+var EKS_CONTAINER_HOST_IPv4 = "169.254.170.23";
+var EKS_CONTAINER_HOST_IPv6 = "[fd00:ec2::23]";
+var checkUrl = (url, logger) => {
+  if (url.protocol === "https:") {
+    return;
+  }
+  if (url.hostname === ECS_CONTAINER_HOST || url.hostname === EKS_CONTAINER_HOST_IPv4 || url.hostname === EKS_CONTAINER_HOST_IPv6) {
+    return;
+  }
+  if (url.hostname.includes("[")) {
+    if (url.hostname === "[::1]" || url.hostname === "[0000:0000:0000:0000:0000:0000:0000:0001]") {
+      return;
+    }
+  } else {
+    if (url.hostname === "localhost") {
+      return;
+    }
+    const ipComponents = url.hostname.split(".");
+    const inRange = (component) => {
+      const num = parseInt(component, 10);
+      return 0 <= num && num <= 255;
+    };
+    if (ipComponents[0] === "127" && inRange(ipComponents[1]) && inRange(ipComponents[2]) && inRange(ipComponents[3]) && ipComponents.length === 4) {
+      return;
+    }
+  }
+  throw new CredentialsProviderError(`URL not accepted. It must either be HTTPS or match one of the following:
+  - loopback CIDR 127.0.0.0/8 or [::1/128]
+  - ECS container host 169.254.170.2
+  - EKS container host 169.254.170.23 or [fd00:ec2::23]`, { logger });
+};
+
+// ../../node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/requestHelpers.js
+function createGetRequest(url) {
+  return new HttpRequest({
+    protocol: url.protocol,
+    hostname: url.hostname,
+    port: Number(url.port),
+    path: url.pathname,
+    query: Array.from(url.searchParams.entries()).reduce((acc, [k, v]) => {
+      acc[k] = v;
+      return acc;
+    }, {}),
+    fragment: url.hash
+  });
+}
+async function getCredentials(response, logger) {
+  const stream = sdkStreamMixin(response.body);
+  const str = await stream.transformToString();
+  if (response.statusCode === 200) {
+    const parsed = JSON.parse(str);
+    if (typeof parsed.AccessKeyId !== "string" || typeof parsed.SecretAccessKey !== "string" || typeof parsed.Token !== "string" || typeof parsed.Expiration !== "string") {
+      throw new CredentialsProviderError("HTTP credential provider response not of the required format, an object matching: { AccessKeyId: string, SecretAccessKey: string, Token: string, Expiration: string(rfc3339) }", { logger });
+    }
+    return {
+      accessKeyId: parsed.AccessKeyId,
+      secretAccessKey: parsed.SecretAccessKey,
+      sessionToken: parsed.Token,
+      expiration: parseRfc3339DateTime(parsed.Expiration)
+    };
+  }
+  if (response.statusCode >= 400 && response.statusCode < 500) {
+    let parsedBody = {};
+    try {
+      parsedBody = JSON.parse(str);
+    } catch (e) {
+    }
+    throw Object.assign(new CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger }), {
+      Code: parsedBody.Code,
+      Message: parsedBody.Message
+    });
+  }
+  throw new CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger });
+}
+
+// ../../node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/retry-wrapper.js
+var retryWrapper = (toRetry, maxRetries, delayMs) => {
+  return async () => {
+    for (let i = 0; i < maxRetries; ++i) {
+      try {
+        return await toRetry();
+      } catch (e) {
+        await new Promise((resolve) => setTimeout(resolve, delayMs));
+      }
+    }
+    return await toRetry();
+  };
+};
+
+// ../../node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/fromHttp.js
+var AWS_CONTAINER_CREDENTIALS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI";
+var DEFAULT_LINK_LOCAL_HOST = "http://169.254.170.2";
+var AWS_CONTAINER_CREDENTIALS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI";
+var AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE";
+var AWS_CONTAINER_AUTHORIZATION_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN";
+var fromHttp = (options = {}) => {
+  options.logger?.debug("@aws-sdk/credential-provider-http - fromHttp");
+  let host;
+  const relative = options.awsContainerCredentialsRelativeUri ?? process.env[AWS_CONTAINER_CREDENTIALS_RELATIVE_URI];
+  const full = options.awsContainerCredentialsFullUri ?? process.env[AWS_CONTAINER_CREDENTIALS_FULL_URI];
+  const token = options.awsContainerAuthorizationToken ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN];
+  const tokenFile = options.awsContainerAuthorizationTokenFile ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE];
+  const warn = options.logger?.constructor?.name === "NoOpLogger" || !options.logger?.warn ? console.warn : options.logger.warn.bind(options.logger);
+  if (relative && full) {
+    warn("@aws-sdk/credential-provider-http: you have set both awsContainerCredentialsRelativeUri and awsContainerCredentialsFullUri.");
+    warn("awsContainerCredentialsFullUri will take precedence.");
+  }
+  if (token && tokenFile) {
+    warn("@aws-sdk/credential-provider-http: you have set both awsContainerAuthorizationToken and awsContainerAuthorizationTokenFile.");
+    warn("awsContainerAuthorizationToken will take precedence.");
+  }
+  if (full) {
+    host = full;
+  } else if (relative) {
+    host = `${DEFAULT_LINK_LOCAL_HOST}${relative}`;
+  } else {
+    throw new CredentialsProviderError(`No HTTP credential provider host provided.
+Set AWS_CONTAINER_CREDENTIALS_FULL_URI or AWS_CONTAINER_CREDENTIALS_RELATIVE_URI.`, { logger: options.logger });
+  }
+  const url = new URL(host);
+  checkUrl(url, options.logger);
+  const requestHandler = NodeHttpHandler.create({ connectionTimeout: options.timeout ?? 1e3 });
+  const requestTimeout = options.timeout ?? 1e3;
+  const provider = retryWrapper(async () => {
+    const request = createGetRequest(url);
+    if (token) {
+      request.headers.Authorization = token;
+    } else if (tokenFile) {
+      request.headers.Authorization = (await fs.readFile(tokenFile)).toString();
+    }
+    try {
+      const result = await requestHandler.handle(request, { requestTimeout });
+      return getCredentials(result.response).then((creds) => setCredentialFeature(creds, "CREDENTIALS_HTTP", "z"));
+    } catch (e) {
+      throw new CredentialsProviderError(String(e), { logger: options.logger });
+    }
+  }, options.maxRetries ?? 3, options.timeout ?? 1e3);
+  return async () => {
+    try {
+      return await provider();
+    } finally {
+      requestHandler.destroy?.();
+    }
+  };
+};
+export {
+  fromHttp
+};
+//# sourceMappingURL=dist-es-QTXLRLLM.js.map

package/dist/dist-es-QTXLRLLM.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/fromHttp.js","../../../node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/checkUrl.js","../../../node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/requestHelpers.js","../../../node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/retry-wrapper.js"],"sourcesContent":["import { setCredentialFeature } from \"@aws-sdk/core/client\";\nimport { CredentialsProviderError } from \"@smithy/core/config\";\nimport { NodeHttpHandler } from \"@smithy/node-http-handler\";\nimport fs from \"node:fs/promises\";\nimport { checkUrl } from \"./checkUrl\";\nimport { createGetRequest, getCredentials } from \"./requestHelpers\";\nimport { retryWrapper } from \"./retry-wrapper\";\nconst AWS_CONTAINER_CREDENTIALS_RELATIVE_URI = \"AWS_CONTAINER_CREDENTIALS_RELATIVE_URI\";\nconst DEFAULT_LINK_LOCAL_HOST = \"http://169.254.170.2\";\nconst AWS_CONTAINER_CREDENTIALS_FULL_URI = \"AWS_CONTAINER_CREDENTIALS_FULL_URI\";\nconst AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE = \"AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE\";\nconst AWS_CONTAINER_AUTHORIZATION_TOKEN = \"AWS_CONTAINER_AUTHORIZATION_TOKEN\";\nexport const fromHttp = (options = {}) => {\n    options.logger?.debug(\"@aws-sdk/credential-provider-http - fromHttp\");\n    let host;\n    const relative = options.awsContainerCredentialsRelativeUri ?? process.env[AWS_CONTAINER_CREDENTIALS_RELATIVE_URI];\n    const full = options.awsContainerCredentialsFullUri ?? process.env[AWS_CONTAINER_CREDENTIALS_FULL_URI];\n    const token = options.awsContainerAuthorizationToken ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN];\n    const tokenFile = options.awsContainerAuthorizationTokenFile ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE];\n    const warn = options.logger?.constructor?.name === \"NoOpLogger\" || !options.logger?.warn\n        ? console.warn\n        : options.logger.warn.bind(options.logger);\n    if (relative && full) {\n        warn(\"@aws-sdk/credential-provider-http: \" +\n            \"you have set both awsContainerCredentialsRelativeUri and awsContainerCredentialsFullUri.\");\n        warn(\"awsContainerCredentialsFullUri will take precedence.\");\n    }\n    if (token && tokenFile) {\n        warn(\"@aws-sdk/credential-provider-http: \" +\n            \"you have set both awsContainerAuthorizationToken and awsContainerAuthorizationTokenFile.\");\n        warn(\"awsContainerAuthorizationToken will take precedence.\");\n    }\n    if (full) {\n        host = full;\n    }\n    else if (relative) {\n        host = `${DEFAULT_LINK_LOCAL_HOST}${relative}`;\n    }\n    else {\n        throw new CredentialsProviderError(`No HTTP credential provider host provided.\nSet AWS_CONTAINER_CREDENTIALS_FULL_URI or AWS_CONTAINER_CREDENTIALS_RELATIVE_URI.`, { logger: options.logger });\n    }\n    const url = new URL(host);\n    checkUrl(url, options.logger);\n    const requestHandler = NodeHttpHandler.create({ connectionTimeout: options.timeout ?? 1000 });\n    const requestTimeout = options.timeout ?? 1000;\n    const provider = retryWrapper(async () => {\n        const request = createGetRequest(url);\n        if (token) {\n            request.headers.Authorization = token;\n        }\n        else if (tokenFile) {\n            request.headers.Authorization = (await fs.readFile(tokenFile)).toString();\n        }\n        try {\n            const result = await requestHandler.handle(request, { requestTimeout });\n            return getCredentials(result.response).then((creds) => setCredentialFeature(creds, \"CREDENTIALS_HTTP\", \"z\"));\n        }\n        catch (e) {\n            throw new CredentialsProviderError(String(e), { logger: options.logger });\n        }\n    }, options.maxRetries ?? 3, options.timeout ?? 1000);\n    return async () => {\n        try {\n            return await provider();\n        }\n        finally {\n            requestHandler.destroy?.();\n        }\n    };\n};\n","import { CredentialsProviderError } from \"@smithy/core/config\";\nconst LOOPBACK_CIDR_IPv4 = \"127.0.0.0/8\";\nconst LOOPBACK_CIDR_IPv6 = \"::1/128\";\nconst ECS_CONTAINER_HOST = \"169.254.170.2\";\nconst EKS_CONTAINER_HOST_IPv4 = \"169.254.170.23\";\nconst EKS_CONTAINER_HOST_IPv6 = \"[fd00:ec2::23]\";\nexport const checkUrl = (url, logger) => {\n    if (url.protocol === \"https:\") {\n        return;\n    }\n    if (url.hostname === ECS_CONTAINER_HOST ||\n        url.hostname === EKS_CONTAINER_HOST_IPv4 ||\n        url.hostname === EKS_CONTAINER_HOST_IPv6) {\n        return;\n    }\n    if (url.hostname.includes(\"[\")) {\n        if (url.hostname === \"[::1]\" || url.hostname === \"[0000:0000:0000:0000:0000:0000:0000:0001]\") {\n            return;\n        }\n    }\n    else {\n        if (url.hostname === \"localhost\") {\n            return;\n        }\n        const ipComponents = url.hostname.split(\".\");\n        const inRange = (component) => {\n            const num = parseInt(component, 10);\n            return 0 <= num && num <= 255;\n        };\n        if (ipComponents[0] === \"127\" &&\n            inRange(ipComponents[1]) &&\n            inRange(ipComponents[2]) &&\n            inRange(ipComponents[3]) &&\n            ipComponents.length === 4) {\n            return;\n        }\n    }\n    throw new CredentialsProviderError(`URL not accepted. It must either be HTTPS or match one of the following:\n  - loopback CIDR 127.0.0.0/8 or [::1/128]\n  - ECS container host 169.254.170.2\n  - EKS container host 169.254.170.23 or [fd00:ec2::23]`, { logger });\n};\n","import { CredentialsProviderError } from \"@smithy/core/config\";\nimport { HttpRequest } from \"@smithy/core/protocols\";\nimport { parseRfc3339DateTime } from \"@smithy/core/serde\";\nimport { sdkStreamMixin } from \"@smithy/core/serde\";\nexport function createGetRequest(url) {\n    return new HttpRequest({\n        protocol: url.protocol,\n        hostname: url.hostname,\n        port: Number(url.port),\n        path: url.pathname,\n        query: Array.from(url.searchParams.entries()).reduce((acc, [k, v]) => {\n            acc[k] = v;\n            return acc;\n        }, {}),\n        fragment: url.hash,\n    });\n}\nexport async function getCredentials(response, logger) {\n    const stream = sdkStreamMixin(response.body);\n    const str = await stream.transformToString();\n    if (response.statusCode === 200) {\n        const parsed = JSON.parse(str);\n        if (typeof parsed.AccessKeyId !== \"string\" ||\n            typeof parsed.SecretAccessKey !== \"string\" ||\n            typeof parsed.Token !== \"string\" ||\n            typeof parsed.Expiration !== \"string\") {\n            throw new CredentialsProviderError(\"HTTP credential provider response not of the required format, an object matching: \" +\n                \"{ AccessKeyId: string, SecretAccessKey: string, Token: string, Expiration: string(rfc3339) }\", { logger });\n        }\n        return {\n            accessKeyId: parsed.AccessKeyId,\n            secretAccessKey: parsed.SecretAccessKey,\n            sessionToken: parsed.Token,\n            expiration: parseRfc3339DateTime(parsed.Expiration),\n        };\n    }\n    if (response.statusCode >= 400 && response.statusCode < 500) {\n        let parsedBody = {};\n        try {\n            parsedBody = JSON.parse(str);\n        }\n        catch (e) { }\n        throw Object.assign(new CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger }), {\n            Code: parsedBody.Code,\n            Message: parsedBody.Message,\n        });\n    }\n    throw new CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger });\n}\n","export const retryWrapper = (toRetry, maxRetries, delayMs) => {\n    return async () => {\n        for (let i = 0; i < maxRetries; ++i) {\n            try {\n                return await toRetry();\n            }\n            catch (e) {\n                await new Promise((resolve) => setTimeout(resolve, delayMs));\n            }\n        }\n        return await toRetry();\n    };\n};\n"],"mappings":";;;;;;;;;;;;;;;;AAGA,OAAO,QAAQ;;;ACAf,IAAM,qBAAqB;AAC3B,IAAM,0BAA0B;AAChC,IAAM,0BAA0B;AACzB,IAAM,WAAW,CAAC,KAAK,WAAW;AACrC,MAAI,IAAI,aAAa,UAAU;AAC3B;AAAA,EACJ;AACA,MAAI,IAAI,aAAa,sBACjB,IAAI,aAAa,2BACjB,IAAI,aAAa,yBAAyB;AAC1C;AAAA,EACJ;AACA,MAAI,IAAI,SAAS,SAAS,GAAG,GAAG;AAC5B,QAAI,IAAI,aAAa,WAAW,IAAI,aAAa,6CAA6C;AAC1F;AAAA,IACJ;AAAA,EACJ,OACK;AACD,QAAI,IAAI,aAAa,aAAa;AAC9B;AAAA,IACJ;AACA,UAAM,eAAe,IAAI,SAAS,MAAM,GAAG;AAC3C,UAAM,UAAU,CAAC,cAAc;AAC3B,YAAM,MAAM,SAAS,WAAW,EAAE;AAClC,aAAO,KAAK,OAAO,OAAO;AAAA,IAC9B;AACA,QAAI,aAAa,CAAC,MAAM,SACpB,QAAQ,aAAa,CAAC,CAAC,KACvB,QAAQ,aAAa,CAAC,CAAC,KACvB,QAAQ,aAAa,CAAC,CAAC,KACvB,aAAa,WAAW,GAAG;AAC3B;AAAA,IACJ;AAAA,EACJ;AACA,QAAM,IAAI,yBAAyB;AAAA;AAAA;AAAA,0DAGmB,EAAE,OAAO,CAAC;AACpE;;;ACrCO,SAAS,iBAAiB,KAAK;AAClC,SAAO,IAAI,YAAY;AAAA,IACnB,UAAU,IAAI;AAAA,IACd,UAAU,IAAI;AAAA,IACd,MAAM,OAAO,IAAI,IAAI;AAAA,IACrB,MAAM,IAAI;AAAA,IACV,OAAO,MAAM,KAAK,IAAI,aAAa,QAAQ,CAAC,EAAE,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM;AAClE,UAAI,CAAC,IAAI;AACT,aAAO;AAAA,IACX,GAAG,CAAC,CAAC;AAAA,IACL,UAAU,IAAI;AAAA,EAClB,CAAC;AACL;AACA,eAAsB,eAAe,UAAU,QAAQ;AACnD,QAAM,SAAS,eAAe,SAAS,IAAI;AAC3C,QAAM,MAAM,MAAM,OAAO,kBAAkB;AAC3C,MAAI,SAAS,eAAe,KAAK;AAC7B,UAAM,SAAS,KAAK,MAAM,GAAG;AAC7B,QAAI,OAAO,OAAO,gBAAgB,YAC9B,OAAO,OAAO,oBAAoB,YAClC,OAAO,OAAO,UAAU,YACxB,OAAO,OAAO,eAAe,UAAU;AACvC,YAAM,IAAI,yBAAyB,kLACiE,EAAE,OAAO,CAAC;AAAA,IAClH;AACA,WAAO;AAAA,MACH,aAAa,OAAO;AAAA,MACpB,iBAAiB,OAAO;AAAA,MACxB,cAAc,OAAO;AAAA,MACrB,YAAY,qBAAqB,OAAO,UAAU;AAAA,IACtD;AAAA,EACJ;AACA,MAAI,SAAS,cAAc,OAAO,SAAS,aAAa,KAAK;AACzD,QAAI,aAAa,CAAC;AAClB,QAAI;AACA,mBAAa,KAAK,MAAM,GAAG;AAAA,IAC/B,SACO,GAAG;AAAA,IAAE;AACZ,UAAM,OAAO,OAAO,IAAI,yBAAyB,iCAAiC,SAAS,UAAU,IAAI,EAAE,OAAO,CAAC,GAAG;AAAA,MAClH,MAAM,WAAW;AAAA,MACjB,SAAS,WAAW;AAAA,IACxB,CAAC;AAAA,EACL;AACA,QAAM,IAAI,yBAAyB,iCAAiC,SAAS,UAAU,IAAI,EAAE,OAAO,CAAC;AACzG;;;AChDO,IAAM,eAAe,CAAC,SAAS,YAAY,YAAY;AAC1D,SAAO,YAAY;AACf,aAAS,IAAI,GAAG,IAAI,YAAY,EAAE,GAAG;AACjC,UAAI;AACA,eAAO,MAAM,QAAQ;AAAA,MACzB,SACO,GAAG;AACN,cAAM,IAAI,QAAQ,CAAC,YAAY,WAAW,SAAS,OAAO,CAAC;AAAA,MAC/D;AAAA,IACJ;AACA,WAAO,MAAM,QAAQ;AAAA,EACzB;AACJ;;;AHLA,IAAM,yCAAyC;AAC/C,IAAM,0BAA0B;AAChC,IAAM,qCAAqC;AAC3C,IAAM,yCAAyC;AAC/C,IAAM,oCAAoC;AACnC,IAAM,WAAW,CAAC,UAAU,CAAC,MAAM;AACtC,UAAQ,QAAQ,MAAM,8CAA8C;AACpE,MAAI;AACJ,QAAM,WAAW,QAAQ,sCAAsC,QAAQ,IAAI,sCAAsC;AACjH,QAAM,OAAO,QAAQ,kCAAkC,QAAQ,IAAI,kCAAkC;AACrG,QAAM,QAAQ,QAAQ,kCAAkC,QAAQ,IAAI,iCAAiC;AACrG,QAAM,YAAY,QAAQ,sCAAsC,QAAQ,IAAI,sCAAsC;AAClH,QAAM,OAAO,QAAQ,QAAQ,aAAa,SAAS,gBAAgB,CAAC,QAAQ,QAAQ,OAC9E,QAAQ,OACR,QAAQ,OAAO,KAAK,KAAK,QAAQ,MAAM;AAC7C,MAAI,YAAY,MAAM;AAClB,SAAK,6HACyF;AAC9F,SAAK,sDAAsD;AAAA,EAC/D;AACA,MAAI,SAAS,WAAW;AACpB,SAAK,6HACyF;AAC9F,SAAK,sDAAsD;AAAA,EAC/D;AACA,MAAI,MAAM;AACN,WAAO;AAAA,EACX,WACS,UAAU;AACf,WAAO,GAAG,uBAAuB,GAAG,QAAQ;AAAA,EAChD,OACK;AACD,UAAM,IAAI,yBAAyB;AAAA,oFACyC,EAAE,QAAQ,QAAQ,OAAO,CAAC;AAAA,EAC1G;AACA,QAAM,MAAM,IAAI,IAAI,IAAI;AACxB,WAAS,KAAK,QAAQ,MAAM;AAC5B,QAAM,iBAAiB,gBAAgB,OAAO,EAAE,mBAAmB,QAAQ,WAAW,IAAK,CAAC;AAC5F,QAAM,iBAAiB,QAAQ,WAAW;AAC1C,QAAM,WAAW,aAAa,YAAY;AACtC,UAAM,UAAU,iBAAiB,GAAG;AACpC,QAAI,OAAO;AACP,cAAQ,QAAQ,gBAAgB;AAAA,IACpC,WACS,WAAW;AAChB,cAAQ,QAAQ,iBAAiB,MAAM,GAAG,SAAS,SAAS,GAAG,SAAS;AAAA,IAC5E;AACA,QAAI;AACA,YAAM,SAAS,MAAM,eAAe,OAAO,SAAS,EAAE,eAAe,CAAC;AACtE,aAAO,eAAe,OAAO,QAAQ,EAAE,KAAK,CAAC,UAAU,qBAAqB,OAAO,oBAAoB,GAAG,CAAC;AAAA,IAC/G,SACO,GAAG;AACN,YAAM,IAAI,yBAAyB,OAAO,CAAC,GAAG,EAAE,QAAQ,QAAQ,OAAO,CAAC;AAAA,IAC5E;AAAA,EACJ,GAAG,QAAQ,cAAc,GAAG,QAAQ,WAAW,GAAI;AACnD,SAAO,YAAY;AACf,QAAI;AACA,aAAO,MAAM,SAAS;AAAA,IAC1B,UACA;AACI,qBAAe,UAAU;AAAA,IAC7B;AAAA,EACJ;AACJ;","names":[]}