@smithy/experimental-identity-and-auth 0.0.8 → 0.0.9

package/dist-cjs/IdentityProviderConfig.js

@@ -5,7 +5,9 @@ class DefaultIdentityProviderConfig {
     constructor(config) {
         this.authSchemes = new Map();
         for (const [key, value] of Object.entries(config)) {
-            this.authSchemes.set(key, value);
+            if (value !== undefined) {
+                this.authSchemes.set(key, value);
+            }
         }
     }
     getIdentityProvider(schemeId) {

package/dist-cjs/createEndpointRuleSetHttpAuthSchemeProvider.js

@@ -0,0 +1,41 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createEndpointRuleSetHttpAuthSchemeProvider = void 0;
+const createEndpointRuleSetHttpAuthSchemeProvider = (defaultEndpointResolver, defaultHttpAuthSchemeResolver) => {
+    const endpointRuleSetHttpAuthSchemeProvider = (authParameters) => {
+        var _a;
+        const endpoint = defaultEndpointResolver(authParameters);
+        const authSchemes = (_a = endpoint.properties) === null || _a === void 0 ? void 0 : _a.authSchemes;
+        if (!authSchemes) {
+            return defaultHttpAuthSchemeResolver(authParameters);
+        }
+        const options = [];
+        for (const scheme of authSchemes) {
+            const { name: resolvedName, properties = {}, ...rest } = scheme;
+            const name = resolvedName.toLowerCase();
+            if (resolvedName !== name) {
+                console.warn(`HttpAuthScheme has been normalized with lowercasing: \`${resolvedName}\` to \`${name}\``);
+            }
+            let schemeId;
+            if (name === "sigv4") {
+                schemeId = "aws.auth#sigv4";
+            }
+            else if (name === "sigv4a") {
+                schemeId = "aws.auth#sigv4a";
+            }
+            else {
+                throw new Error(`Unknown HttpAuthScheme found in \`@smithy.rules#endpointRuleSet\`: \`${name}\``);
+            }
+            options.push({
+                schemeId,
+                signingProperties: {
+                    ...rest,
+                    ...properties,
+                },
+            });
+        }
+        return options;
+    };
+    return endpointRuleSetHttpAuthSchemeProvider;
+};
+exports.createEndpointRuleSetHttpAuthSchemeProvider = createEndpointRuleSetHttpAuthSchemeProvider;

package/dist-cjs/index.js

@@ -7,8 +7,11 @@ tslib_1.__exportStar(require("./HttpSigner"), exports);
 tslib_1.__exportStar(require("./IdentityProviderConfig"), exports);
 tslib_1.__exportStar(require("./SigV4Signer"), exports);
 tslib_1.__exportStar(require("./apiKeyIdentity"), exports);
+tslib_1.__exportStar(require("./createEndpointRuleSetHttpAuthSchemeProvider"), exports);
 tslib_1.__exportStar(require("./httpApiKeyAuth"), exports);
 tslib_1.__exportStar(require("./httpBearerAuth"), exports);
+tslib_1.__exportStar(require("./memoizeIdentityProvider"), exports);
+tslib_1.__exportStar(require("./middleware-http-auth-scheme"), exports);
 tslib_1.__exportStar(require("./middleware-http-signing"), exports);
 tslib_1.__exportStar(require("./noAuth"), exports);
 tslib_1.__exportStar(require("./tokenIdentity"), exports);

package/dist-cjs/memoizeIdentityProvider.js

@@ -0,0 +1,58 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.memoizeIdentityProvider = exports.doesIdentityRequireRefresh = exports.isIdentityExpired = exports.EXPIRATION_MS = void 0;
+exports.EXPIRATION_MS = 300000;
+const isIdentityExpired = (identity) => (0, exports.doesIdentityRequireRefresh)(identity) && identity.expiration.getTime() - Date.now() < exports.EXPIRATION_MS;
+exports.isIdentityExpired = isIdentityExpired;
+const doesIdentityRequireRefresh = (identity) => identity.expiration !== undefined;
+exports.doesIdentityRequireRefresh = doesIdentityRequireRefresh;
+const memoizeIdentityProvider = (provider, isExpired, requiresRefresh) => {
+    if (provider === undefined) {
+        return undefined;
+    }
+    const normalizedProvider = typeof provider !== "function" ? async () => Promise.resolve(provider) : provider;
+    let resolved;
+    let pending;
+    let hasResult;
+    let isConstant = false;
+    const coalesceProvider = async (options) => {
+        if (!pending) {
+            pending = normalizedProvider(options);
+        }
+        try {
+            resolved = await pending;
+            hasResult = true;
+            isConstant = false;
+        }
+        finally {
+            pending = undefined;
+        }
+        return resolved;
+    };
+    if (isExpired === undefined) {
+        return async (options) => {
+            if (!hasResult || (options === null || options === void 0 ? void 0 : options.forceRefresh)) {
+                resolved = await coalesceProvider(options);
+            }
+            return resolved;
+        };
+    }
+    return async (options) => {
+        if (!hasResult || (options === null || options === void 0 ? void 0 : options.forceRefresh)) {
+            resolved = await coalesceProvider(options);
+        }
+        if (isConstant) {
+            return resolved;
+        }
+        if (!requiresRefresh(resolved)) {
+            isConstant = true;
+            return resolved;
+        }
+        if (isExpired(resolved)) {
+            await coalesceProvider(options);
+            return resolved;
+        }
+        return resolved;
+    };
+};
+exports.memoizeIdentityProvider = memoizeIdentityProvider;

package/dist-cjs/middleware-http-auth-scheme/getHttpAuthSchemePlugin.js

@@ -0,0 +1,19 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getHttpAuthSchemePlugin = exports.httpAuthSchemeMiddlewareOptions = void 0;
+const middleware_endpoint_1 = require("@smithy/middleware-endpoint");
+const httpAuthSchemeMiddleware_1 = require("./httpAuthSchemeMiddleware");
+exports.httpAuthSchemeMiddlewareOptions = {
+    step: "serialize",
+    tags: ["HTTP_AUTH_SCHEME"],
+    name: "httpAuthSchemeMiddleware",
+    override: true,
+    relation: "before",
+    toMiddleware: middleware_endpoint_1.endpointMiddlewareOptions.name,
+};
+const getHttpAuthSchemePlugin = (config) => ({
+    applyToStack: (clientStack) => {
+        clientStack.addRelativeTo((0, httpAuthSchemeMiddleware_1.httpAuthSchemeMiddleware)(config), exports.httpAuthSchemeMiddlewareOptions);
+    },
+});
+exports.getHttpAuthSchemePlugin = getHttpAuthSchemePlugin;

package/dist-cjs/middleware-http-auth-scheme/httpAuthSchemeMiddleware.js

@@ -0,0 +1,42 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.httpAuthSchemeMiddleware = void 0;
+const types_1 = require("@smithy/types");
+const util_middleware_1 = require("@smithy/util-middleware");
+function convertHttpAuthSchemesToMap(httpAuthSchemes) {
+    const map = new Map();
+    for (const scheme of httpAuthSchemes) {
+        map.set(scheme.schemeId, scheme);
+    }
+    return map;
+}
+const httpAuthSchemeMiddleware = (config) => (next, context) => async (args) => {
+    const options = config.httpAuthSchemeProvider(await config.httpAuthSchemeParametersProvider(config, context, args.input));
+    const authSchemes = convertHttpAuthSchemesToMap(config.httpAuthSchemes);
+    const smithyContext = (0, util_middleware_1.getSmithyContext)(context);
+    const failureReasons = [];
+    for (const option of options) {
+        const scheme = authSchemes.get(option.schemeId);
+        if (!scheme) {
+            failureReasons.push(`HttpAuthScheme \`${option.schemeId}\` was not enable for this service.`);
+            continue;
+        }
+        const identityProvider = scheme.identityProvider(config.identityProviderConfig);
+        if (!identityProvider) {
+            failureReasons.push(`HttpAuthScheme \`${option.schemeId}\` did not have an IdentityProvider configured.`);
+            continue;
+        }
+        const identity = await identityProvider(option.identityProperties || {});
+        smithyContext.selectedHttpAuthScheme = {
+            httpAuthOption: option,
+            identity,
+            signer: scheme.signer,
+        };
+        break;
+    }
+    if (!smithyContext.selectedHttpAuthScheme) {
+        throw new Error(failureReasons.join("\n"));
+    }
+    return next(args);
+};
+exports.httpAuthSchemeMiddleware = httpAuthSchemeMiddleware;

package/dist-cjs/middleware-http-auth-scheme/index.js

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const tslib_1 = require("tslib");
+tslib_1.__exportStar(require("./httpAuthSchemeMiddleware"), exports);
+tslib_1.__exportStar(require("./getHttpAuthSchemePlugin"), exports);

package/dist-es/IdentityProviderConfig.js

@@ -2,7 +2,9 @@ export class DefaultIdentityProviderConfig {
     constructor(config) {
         this.authSchemes = new Map();
         for (const [key, value] of Object.entries(config)) {
-            this.authSchemes.set(key, value);
+            if (value !== undefined) {
+                this.authSchemes.set(key, value);
+            }
         }
     }
     getIdentityProvider(schemeId) {

package/dist-es/createEndpointRuleSetHttpAuthSchemeProvider.js

@@ -0,0 +1,36 @@
+export const createEndpointRuleSetHttpAuthSchemeProvider = (defaultEndpointResolver, defaultHttpAuthSchemeResolver) => {
+    const endpointRuleSetHttpAuthSchemeProvider = (authParameters) => {
+        const endpoint = defaultEndpointResolver(authParameters);
+        const authSchemes = endpoint.properties?.authSchemes;
+        if (!authSchemes) {
+            return defaultHttpAuthSchemeResolver(authParameters);
+        }
+        const options = [];
+        for (const scheme of authSchemes) {
+            const { name: resolvedName, properties = {}, ...rest } = scheme;
+            const name = resolvedName.toLowerCase();
+            if (resolvedName !== name) {
+                console.warn(`HttpAuthScheme has been normalized with lowercasing: \`${resolvedName}\` to \`${name}\``);
+            }
+            let schemeId;
+            if (name === "sigv4") {
+                schemeId = "aws.auth#sigv4";
+            }
+            else if (name === "sigv4a") {
+                schemeId = "aws.auth#sigv4a";
+            }
+            else {
+                throw new Error(`Unknown HttpAuthScheme found in \`@smithy.rules#endpointRuleSet\`: \`${name}\``);
+            }
+            options.push({
+                schemeId,
+                signingProperties: {
+                    ...rest,
+                    ...properties,
+                },
+            });
+        }
+        return options;
+    };
+    return endpointRuleSetHttpAuthSchemeProvider;
+};

package/dist-es/index.js

@@ -4,8 +4,11 @@ export * from "./HttpSigner";
 export * from "./IdentityProviderConfig";
 export * from "./SigV4Signer";
 export * from "./apiKeyIdentity";
+export * from "./createEndpointRuleSetHttpAuthSchemeProvider";
 export * from "./httpApiKeyAuth";
 export * from "./httpBearerAuth";
+export * from "./memoizeIdentityProvider";
+export * from "./middleware-http-auth-scheme";
 export * from "./middleware-http-signing";
 export * from "./noAuth";
 export * from "./tokenIdentity";

package/dist-es/memoizeIdentityProvider.js

@@ -0,0 +1,52 @@
+export const EXPIRATION_MS = 300000;
+export const isIdentityExpired = (identity) => doesIdentityRequireRefresh(identity) && identity.expiration.getTime() - Date.now() < EXPIRATION_MS;
+export const doesIdentityRequireRefresh = (identity) => identity.expiration !== undefined;
+export const memoizeIdentityProvider = (provider, isExpired, requiresRefresh) => {
+    if (provider === undefined) {
+        return undefined;
+    }
+    const normalizedProvider = typeof provider !== "function" ? async () => Promise.resolve(provider) : provider;
+    let resolved;
+    let pending;
+    let hasResult;
+    let isConstant = false;
+    const coalesceProvider = async (options) => {
+        if (!pending) {
+            pending = normalizedProvider(options);
+        }
+        try {
+            resolved = await pending;
+            hasResult = true;
+            isConstant = false;
+        }
+        finally {
+            pending = undefined;
+        }
+        return resolved;
+    };
+    if (isExpired === undefined) {
+        return async (options) => {
+            if (!hasResult || options?.forceRefresh) {
+                resolved = await coalesceProvider(options);
+            }
+            return resolved;
+        };
+    }
+    return async (options) => {
+        if (!hasResult || options?.forceRefresh) {
+            resolved = await coalesceProvider(options);
+        }
+        if (isConstant) {
+            return resolved;
+        }
+        if (!requiresRefresh(resolved)) {
+            isConstant = true;
+            return resolved;
+        }
+        if (isExpired(resolved)) {
+            await coalesceProvider(options);
+            return resolved;
+        }
+        return resolved;
+    };
+};

package/dist-es/middleware-http-auth-scheme/getHttpAuthSchemePlugin.js

@@ -0,0 +1,15 @@
+import { endpointMiddlewareOptions } from "@smithy/middleware-endpoint";
+import { httpAuthSchemeMiddleware } from "./httpAuthSchemeMiddleware";
+export const httpAuthSchemeMiddlewareOptions = {
+    step: "serialize",
+    tags: ["HTTP_AUTH_SCHEME"],
+    name: "httpAuthSchemeMiddleware",
+    override: true,
+    relation: "before",
+    toMiddleware: endpointMiddlewareOptions.name,
+};
+export const getHttpAuthSchemePlugin = (config) => ({
+    applyToStack: (clientStack) => {
+        clientStack.addRelativeTo(httpAuthSchemeMiddleware(config), httpAuthSchemeMiddlewareOptions);
+    },
+});

package/dist-es/middleware-http-auth-scheme/httpAuthSchemeMiddleware.js

@@ -0,0 +1,38 @@
+import { SMITHY_CONTEXT_KEY, } from "@smithy/types";
+import { getSmithyContext } from "@smithy/util-middleware";
+function convertHttpAuthSchemesToMap(httpAuthSchemes) {
+    const map = new Map();
+    for (const scheme of httpAuthSchemes) {
+        map.set(scheme.schemeId, scheme);
+    }
+    return map;
+}
+export const httpAuthSchemeMiddleware = (config) => (next, context) => async (args) => {
+    const options = config.httpAuthSchemeProvider(await config.httpAuthSchemeParametersProvider(config, context, args.input));
+    const authSchemes = convertHttpAuthSchemesToMap(config.httpAuthSchemes);
+    const smithyContext = getSmithyContext(context);
+    const failureReasons = [];
+    for (const option of options) {
+        const scheme = authSchemes.get(option.schemeId);
+        if (!scheme) {
+            failureReasons.push(`HttpAuthScheme \`${option.schemeId}\` was not enable for this service.`);
+            continue;
+        }
+        const identityProvider = scheme.identityProvider(config.identityProviderConfig);
+        if (!identityProvider) {
+            failureReasons.push(`HttpAuthScheme \`${option.schemeId}\` did not have an IdentityProvider configured.`);
+            continue;
+        }
+        const identity = await identityProvider(option.identityProperties || {});
+        smithyContext.selectedHttpAuthScheme = {
+            httpAuthOption: option,
+            identity,
+            signer: scheme.signer,
+        };
+        break;
+    }
+    if (!smithyContext.selectedHttpAuthScheme) {
+        throw new Error(failureReasons.join("\n"));
+    }
+    return next(args);
+};

package/dist-es/middleware-http-auth-scheme/index.js

@@ -0,0 +1,2 @@
+export * from "./httpAuthSchemeMiddleware";
+export * from "./getHttpAuthSchemePlugin";

package/dist-types/IdentityProviderConfig.d.ts

@@ -13,7 +13,7 @@ export interface IdentityProviderConfig {
     getIdentityProvider(schemeId: HttpAuthSchemeId): IdentityProvider<Identity> | undefined;
 }
 /**
- * Default implementation of IddentityProviderConfig
+ * Default implementation of IdentityProviderConfig
  * @internal
  */
 export declare class DefaultIdentityProviderConfig implements IdentityProviderConfig {
@@ -23,6 +23,6 @@ export declare class DefaultIdentityProviderConfig implements IdentityProviderCo
      *
      * @param config scheme IDs and identity providers to configure
      */
-    constructor(config: Record<HttpAuthSchemeId, IdentityProvider<Identity>>);
+    constructor(config: Record<HttpAuthSchemeId, IdentityProvider<Identity> | undefined>);
     getIdentityProvider(schemeId: HttpAuthSchemeId): IdentityProvider<Identity> | undefined;
 }

package/dist-types/createEndpointRuleSetHttpAuthSchemeProvider.d.ts

@@ -0,0 +1,25 @@
+import { EndpointParameters, EndpointV2, Logger } from "@smithy/types";
+import { HttpAuthSchemeParameters, HttpAuthSchemeProvider } from "./HttpAuthSchemeProvider";
+/**
+ * @internal
+ */
+export interface EndpointRuleSetHttpAuthSchemeProvider<EndpointParametersT extends EndpointParameters = EndpointParameters, HttpAuthSchemeParametersT extends HttpAuthSchemeParameters = HttpAuthSchemeParameters> extends HttpAuthSchemeProvider<EndpointParametersT & HttpAuthSchemeParametersT> {
+}
+/**
+ * @internal
+ */
+export interface DefaultEndpointResolver<EndpointParametersT extends EndpointParameters = EndpointParameters> {
+    (params: EndpointParametersT, context?: {
+        logger?: Logger;
+    }): EndpointV2;
+}
+/**
+ * @internal
+ */
+export interface CreateEndpointRuleSetHttpAuthSchemeProvider<EndpointParametersT extends EndpointParameters = EndpointParameters, HttpAuthSchemeParametersT extends HttpAuthSchemeParameters = HttpAuthSchemeParameters> {
+    (defaultEndpointResolver: DefaultEndpointResolver<EndpointParametersT>, defaultHttpAuthSchemeResolver: HttpAuthSchemeProvider<HttpAuthSchemeParametersT>): EndpointRuleSetHttpAuthSchemeProvider;
+}
+/**
+ * @internal
+ */
+export declare const createEndpointRuleSetHttpAuthSchemeProvider: CreateEndpointRuleSetHttpAuthSchemeProvider;

package/dist-types/index.d.ts

@@ -4,8 +4,11 @@ export * from "./HttpSigner";
 export * from "./IdentityProviderConfig";
 export * from "./SigV4Signer";
 export * from "./apiKeyIdentity";
+export * from "./createEndpointRuleSetHttpAuthSchemeProvider";
 export * from "./httpApiKeyAuth";
 export * from "./httpBearerAuth";
+export * from "./memoizeIdentityProvider";
+export * from "./middleware-http-auth-scheme";
 export * from "./middleware-http-signing";
 export * from "./noAuth";
 export * from "./tokenIdentity";

package/dist-types/memoizeIdentityProvider.d.ts

@@ -0,0 +1,26 @@
+import { Identity, IdentityProvider } from "@smithy/types";
+/**
+ * @internal
+ * This may need to be configurable in the future, but for now it is defaulted to 5min.
+ */
+export declare const EXPIRATION_MS = 300000;
+/**
+ * @internal
+ */
+export declare const isIdentityExpired: (identity: Identity) => boolean;
+/**
+ * @internal
+ */
+export declare const doesIdentityRequireRefresh: (identity: Identity) => boolean;
+/**
+ * @internal
+ */
+export interface MemoizedIdentityProvider<IdentityT extends Identity> {
+    (options?: Record<string, any> & {
+        forceRefresh?: boolean;
+    }): Promise<IdentityT>;
+}
+/**
+ * @internal
+ */
+export declare const memoizeIdentityProvider: <IdentityT extends Identity>(provider: IdentityT | IdentityProvider<IdentityT> | undefined, isExpired: (resolved: Identity) => boolean, requiresRefresh: (resolved: Identity) => boolean) => MemoizedIdentityProvider<IdentityT> | undefined;

package/dist-types/middleware-http-auth-scheme/getHttpAuthSchemePlugin.d.ts

@@ -0,0 +1,10 @@
+import { MetadataBearer, Pluggable, RelativeMiddlewareOptions, SerializeHandlerOptions } from "@smithy/types";
+import { PreviouslyResolved } from "./httpAuthSchemeMiddleware";
+/**
+ * @internal
+ */
+export declare const httpAuthSchemeMiddlewareOptions: SerializeHandlerOptions & RelativeMiddlewareOptions;
+/**
+ * @internal
+ */
+export declare const getHttpAuthSchemePlugin: <Input extends Record<string, unknown> = Record<string, unknown>, Output extends MetadataBearer = MetadataBearer>(config: PreviouslyResolved) => Pluggable<Input, Output>;

package/dist-types/middleware-http-auth-scheme/httpAuthSchemeMiddleware.d.ts

@@ -0,0 +1,17 @@
+import { MetadataBearer, SerializeMiddleware } from "@smithy/types";
+import { HttpAuthScheme } from "../HttpAuthScheme";
+import { HttpAuthSchemeParametersProvider, HttpAuthSchemeProvider } from "../HttpAuthSchemeProvider";
+import { IdentityProviderConfig } from "../IdentityProviderConfig";
+/**
+ * @internal
+ */
+export interface PreviouslyResolved {
+    httpAuthSchemes: HttpAuthScheme[];
+    httpAuthSchemeProvider: HttpAuthSchemeProvider;
+    httpAuthSchemeParametersProvider: HttpAuthSchemeParametersProvider;
+    identityProviderConfig: IdentityProviderConfig;
+}
+/**
+ * @internal
+ */
+export declare const httpAuthSchemeMiddleware: <Input extends Record<string, unknown> = Record<string, unknown>, Output extends MetadataBearer = MetadataBearer>(config: PreviouslyResolved) => SerializeMiddleware<Input, Output>;

package/dist-types/middleware-http-auth-scheme/index.d.ts

@@ -0,0 +1,2 @@
+export * from "./httpAuthSchemeMiddleware";
+export * from "./getHttpAuthSchemePlugin";

package/dist-types/ts3.4/IdentityProviderConfig.d.ts

@@ -13,7 +13,7 @@ export interface IdentityProviderConfig {
     getIdentityProvider(schemeId: HttpAuthSchemeId): IdentityProvider<Identity> | undefined;
 }
 /**
- * Default implementation of IddentityProviderConfig
+ * Default implementation of IdentityProviderConfig
  * @internal
  */
 export declare class DefaultIdentityProviderConfig implements IdentityProviderConfig {
@@ -23,6 +23,6 @@ export declare class DefaultIdentityProviderConfig implements IdentityProviderCo
      *
      * @param config scheme IDs and identity providers to configure
      */
-    constructor(config: Record<HttpAuthSchemeId, IdentityProvider<Identity>>);
+    constructor(config: Record<HttpAuthSchemeId, IdentityProvider<Identity> | undefined>);
     getIdentityProvider(schemeId: HttpAuthSchemeId): IdentityProvider<Identity> | undefined;
 }

package/dist-types/ts3.4/createEndpointRuleSetHttpAuthSchemeProvider.d.ts

@@ -0,0 +1,25 @@
+import { EndpointParameters, EndpointV2, Logger } from "@smithy/types";
+import { HttpAuthSchemeParameters, HttpAuthSchemeProvider } from "./HttpAuthSchemeProvider";
+/**
+ * @internal
+ */
+export interface EndpointRuleSetHttpAuthSchemeProvider<EndpointParametersT extends EndpointParameters = EndpointParameters, HttpAuthSchemeParametersT extends HttpAuthSchemeParameters = HttpAuthSchemeParameters> extends HttpAuthSchemeProvider<EndpointParametersT & HttpAuthSchemeParametersT> {
+}
+/**
+ * @internal
+ */
+export interface DefaultEndpointResolver<EndpointParametersT extends EndpointParameters = EndpointParameters> {
+    (params: EndpointParametersT, context?: {
+        logger?: Logger;
+    }): EndpointV2;
+}
+/**
+ * @internal
+ */
+export interface CreateEndpointRuleSetHttpAuthSchemeProvider<EndpointParametersT extends EndpointParameters = EndpointParameters, HttpAuthSchemeParametersT extends HttpAuthSchemeParameters = HttpAuthSchemeParameters> {
+    (defaultEndpointResolver: DefaultEndpointResolver<EndpointParametersT>, defaultHttpAuthSchemeResolver: HttpAuthSchemeProvider<HttpAuthSchemeParametersT>): EndpointRuleSetHttpAuthSchemeProvider;
+}
+/**
+ * @internal
+ */
+export declare const createEndpointRuleSetHttpAuthSchemeProvider: CreateEndpointRuleSetHttpAuthSchemeProvider;

package/dist-types/ts3.4/index.d.ts

@@ -4,8 +4,11 @@ export * from "./HttpSigner";
 export * from "./IdentityProviderConfig";
 export * from "./SigV4Signer";
 export * from "./apiKeyIdentity";
+export * from "./createEndpointRuleSetHttpAuthSchemeProvider";
 export * from "./httpApiKeyAuth";
 export * from "./httpBearerAuth";
+export * from "./memoizeIdentityProvider";
+export * from "./middleware-http-auth-scheme";
 export * from "./middleware-http-signing";
 export * from "./noAuth";
 export * from "./tokenIdentity";

package/dist-types/ts3.4/memoizeIdentityProvider.d.ts

@@ -0,0 +1,26 @@
+import { Identity, IdentityProvider } from "@smithy/types";
+/**
+ * @internal
+ * This may need to be configurable in the future, but for now it is defaulted to 5min.
+ */
+export declare const EXPIRATION_MS = 300000;
+/**
+ * @internal
+ */
+export declare const isIdentityExpired: (identity: Identity) => boolean;
+/**
+ * @internal
+ */
+export declare const doesIdentityRequireRefresh: (identity: Identity) => boolean;
+/**
+ * @internal
+ */
+export interface MemoizedIdentityProvider<IdentityT extends Identity> {
+    (options?: Record<string, any> & {
+        forceRefresh?: boolean;
+    }): Promise<IdentityT>;
+}
+/**
+ * @internal
+ */
+export declare const memoizeIdentityProvider: <IdentityT extends Identity>(provider: IdentityT | IdentityProvider<IdentityT> | undefined, isExpired: (resolved: Identity) => boolean, requiresRefresh: (resolved: Identity) => boolean) => MemoizedIdentityProvider<IdentityT> | undefined;

package/dist-types/ts3.4/middleware-http-auth-scheme/getHttpAuthSchemePlugin.d.ts

@@ -0,0 +1,10 @@
+import { MetadataBearer, Pluggable, RelativeMiddlewareOptions, SerializeHandlerOptions } from "@smithy/types";
+import { PreviouslyResolved } from "./httpAuthSchemeMiddleware";
+/**
+ * @internal
+ */
+export declare const httpAuthSchemeMiddlewareOptions: SerializeHandlerOptions & RelativeMiddlewareOptions;
+/**
+ * @internal
+ */
+export declare const getHttpAuthSchemePlugin: <Input extends Record<string, unknown> = Record<string, unknown>, Output extends MetadataBearer = MetadataBearer>(config: PreviouslyResolved) => Pluggable<Input, Output>;

package/dist-types/ts3.4/middleware-http-auth-scheme/httpAuthSchemeMiddleware.d.ts

@@ -0,0 +1,17 @@
+import { MetadataBearer, SerializeMiddleware } from "@smithy/types";
+import { HttpAuthScheme } from "../HttpAuthScheme";
+import { HttpAuthSchemeParametersProvider, HttpAuthSchemeProvider } from "../HttpAuthSchemeProvider";
+import { IdentityProviderConfig } from "../IdentityProviderConfig";
+/**
+ * @internal
+ */
+export interface PreviouslyResolved {
+    httpAuthSchemes: HttpAuthScheme[];
+    httpAuthSchemeProvider: HttpAuthSchemeProvider;
+    httpAuthSchemeParametersProvider: HttpAuthSchemeParametersProvider;
+    identityProviderConfig: IdentityProviderConfig;
+}
+/**
+ * @internal
+ */
+export declare const httpAuthSchemeMiddleware: <Input extends Record<string, unknown> = Record<string, unknown>, Output extends MetadataBearer = MetadataBearer>(config: PreviouslyResolved) => SerializeMiddleware<Input, Output>;

package/dist-types/ts3.4/middleware-http-auth-scheme/index.d.ts

@@ -0,0 +1,2 @@
+export * from "./httpAuthSchemeMiddleware";
+export * from "./getHttpAuthSchemePlugin";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@smithy/experimental-identity-and-auth",
-  "version": "0.0.8",
+  "version": "0.0.9",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types && yarn build:types:downlevel'",
     "build:cjs": "tsc -p tsconfig.cjs.json",
@@ -23,6 +23,7 @@
   },
   "license": "Apache-2.0",
   "dependencies": {
+    "@smithy/middleware-endpoint": "^2.0.9",
     "@smithy/middleware-retry": "^2.0.12",
     "@smithy/protocol-http": "^3.0.5",
     "@smithy/signature-v4": "^2.0.9",