@smithy/experimental-identity-and-auth 0.4.6 → 0.5.0

package/dist-cjs/index.js

@@ -1,429 +1,329 @@
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+'use strict';
 
-// src/index.ts
-var index_exports = {};
-__export(index_exports, {
-  DefaultIdentityProviderConfig: () => DefaultIdentityProviderConfig,
-  EXPIRATION_MS: () => EXPIRATION_MS,
-  HttpApiKeyAuthLocation: () => HttpApiKeyAuthLocation,
-  HttpApiKeyAuthSigner: () => HttpApiKeyAuthSigner,
-  HttpBearerAuthSigner: () => HttpBearerAuthSigner,
-  NoAuthSigner: () => NoAuthSigner,
-  SigV4Signer: () => SigV4Signer,
-  createEndpointRuleSetHttpAuthSchemeParametersProvider: () => createEndpointRuleSetHttpAuthSchemeParametersProvider,
-  createEndpointRuleSetHttpAuthSchemeProvider: () => createEndpointRuleSetHttpAuthSchemeProvider,
-  createIsIdentityExpiredFunction: () => createIsIdentityExpiredFunction,
-  doesIdentityRequireRefresh: () => doesIdentityRequireRefresh,
-  getHttpAuthSchemeEndpointRuleSetPlugin: () => getHttpAuthSchemeEndpointRuleSetPlugin,
-  getHttpAuthSchemePlugin: () => getHttpAuthSchemePlugin,
-  getHttpSigningPlugin: () => getHttpSigningPlugin,
-  httpAuthSchemeEndpointRuleSetMiddlewareOptions: () => httpAuthSchemeEndpointRuleSetMiddlewareOptions,
-  httpAuthSchemeMiddleware: () => httpAuthSchemeMiddleware,
-  httpAuthSchemeMiddlewareOptions: () => httpAuthSchemeMiddlewareOptions,
-  httpSigningMiddleware: () => httpSigningMiddleware,
-  httpSigningMiddlewareOptions: () => httpSigningMiddlewareOptions,
-  isIdentityExpired: () => isIdentityExpired,
-  memoizeIdentityProvider: () => memoizeIdentityProvider
-});
-module.exports = __toCommonJS(index_exports);
-
-// src/IdentityProviderConfig.ts
-var DefaultIdentityProviderConfig = class {
-  /**
-   * Creates an IdentityProviderConfig with a record of scheme IDs to identity providers.
-   *
-   * @param config scheme IDs and identity providers to configure
-   */
-  constructor(config) {
-    this.authSchemes = /* @__PURE__ */ new Map();
-    for (const [key, value] of Object.entries(config)) {
-      if (value !== void 0) {
-        this.authSchemes.set(key, value);
-      }
-    }
-  }
-  static {
-    __name(this, "DefaultIdentityProviderConfig");
-  }
-  getIdentityProvider(schemeId) {
-    return this.authSchemes.get(schemeId);
-  }
-};
-
-// src/SigV4Signer.ts
-var import_protocol_http = require("@smithy/protocol-http");
-var import_signature_v4 = require("@smithy/signature-v4");
-var SigV4Signer = class {
-  static {
-    __name(this, "SigV4Signer");
-  }
-  async sign(httpRequest, identity, signingProperties) {
-    const clonedRequest = import_protocol_http.HttpRequest.clone(httpRequest);
-    const signer = new import_signature_v4.SignatureV4({
-      applyChecksum: signingProperties.applyChecksum !== void 0 ? signingProperties.applyChecksum : true,
-      credentials: identity,
-      region: signingProperties.region,
-      service: signingProperties.name,
-      sha256: signingProperties.sha256,
-      uriEscapePath: signingProperties.uriEscapePath !== void 0 ? signingProperties.uriEscapePath : true
-    });
-    return signer.sign(clonedRequest, {
-      signingDate: /* @__PURE__ */ new Date(),
-      signableHeaders: signingProperties.signableHeaders,
-      unsignableHeaders: signingProperties.unsignableHeaders,
-      signingRegion: signingProperties.signingRegion,
-      signingService: signingProperties.signingService
-    });
-  }
-};
+var protocolHttp = require('@smithy/protocol-http');
+var signatureV4 = require('@smithy/signature-v4');
+var middlewareEndpoint = require('@smithy/middleware-endpoint');
+var utilMiddleware = require('@smithy/util-middleware');
+var middlewareSerde = require('@smithy/middleware-serde');
+var middlewareRetry = require('@smithy/middleware-retry');
 
-// src/endpointRuleSet.ts
-var import_middleware_endpoint = require("@smithy/middleware-endpoint");
-var import_util_middleware = require("@smithy/util-middleware");
-var createEndpointRuleSetHttpAuthSchemeProvider = /* @__PURE__ */ __name((defaultEndpointResolver, defaultHttpAuthSchemeResolver) => {
-  const endpointRuleSetHttpAuthSchemeProvider = /* @__PURE__ */ __name((authParameters) => {
-    const endpoint = defaultEndpointResolver(authParameters);
-    const authSchemes = endpoint.properties?.authSchemes;
-    if (!authSchemes) {
-      return defaultHttpAuthSchemeResolver(authParameters);
-    }
-    const options = [];
-    for (const scheme of authSchemes) {
-      const { name: resolvedName, properties = {}, ...rest } = scheme;
-      const name = resolvedName.toLowerCase();
-      if (resolvedName !== name) {
-        console.warn(`HttpAuthScheme has been normalized with lowercasing: \`${resolvedName}\` to \`${name}\``);
-      }
-      let schemeId;
-      if (name === "sigv4") {
-        schemeId = "aws.auth#sigv4";
-      } else if (name === "sigv4a") {
-        schemeId = "aws.auth#sigv4a";
-      } else {
-        throw new Error(`Unknown HttpAuthScheme found in \`@smithy.rules#endpointRuleSet\`: \`${name}\``);
-      }
-      options.push({
-        schemeId,
-        signingProperties: {
-          ...rest,
-          ...properties
+class DefaultIdentityProviderConfig {
+    authSchemes = new Map();
+    constructor(config) {
+        for (const [key, value] of Object.entries(config)) {
+            if (value !== undefined) {
+                this.authSchemes.set(key, value);
+            }
         }
-      });
-    }
-    return options;
-  }, "endpointRuleSetHttpAuthSchemeProvider");
-  return endpointRuleSetHttpAuthSchemeProvider;
-}, "createEndpointRuleSetHttpAuthSchemeProvider");
-var createEndpointRuleSetHttpAuthSchemeParametersProvider = /* @__PURE__ */ __name((defaultHttpAuthSchemeParametersProvider) => async (config, context, input) => {
-  if (!input) {
-    throw new Error(`Could not find \`input\` for \`defaultEndpointRuleSetHttpAuthSchemeParametersProvider\``);
-  }
-  const defaultParameters = await defaultHttpAuthSchemeParametersProvider(config, context, input);
-  const instructionsFn = (0, import_util_middleware.getSmithyContext)(context)?.endpointRuleSet?.getEndpointParameterInstructions;
-  if (!instructionsFn) {
-    throw new Error(`getEndpointParameterInstructions() is not defined on \`${context.commandName}\``);
-  }
-  const endpointParameters = await (0, import_middleware_endpoint.resolveParams)(
-    input,
-    { getEndpointParameterInstructions: instructionsFn },
-    config
-  );
-  return Object.assign(defaultParameters, endpointParameters);
-}, "createEndpointRuleSetHttpAuthSchemeParametersProvider");
-
-// src/httpApiKeyAuth.ts
-
-var HttpApiKeyAuthLocation = /* @__PURE__ */ ((HttpApiKeyAuthLocation2) => {
-  HttpApiKeyAuthLocation2["HEADER"] = "header";
-  HttpApiKeyAuthLocation2["QUERY"] = "query";
-  return HttpApiKeyAuthLocation2;
-})(HttpApiKeyAuthLocation || {});
-var HttpApiKeyAuthSigner = class {
-  static {
-    __name(this, "HttpApiKeyAuthSigner");
-  }
-  async sign(httpRequest, identity, signingProperties) {
-    if (!signingProperties) {
-      throw new Error(
-        "request could not be signed with `apiKey` since the `name` and `in` signer properties are missing"
-      );
     }
-    if (!signingProperties.name) {
-      throw new Error("request could not be signed with `apiKey` since the `name` signer property is missing");
+    getIdentityProvider(schemeId) {
+        return this.authSchemes.get(schemeId);
     }
-    if (!signingProperties.in) {
-      throw new Error("request could not be signed with `apiKey` since the `in` signer property is missing");
+}
+
+class SigV4Signer {
+    async sign(httpRequest, identity, signingProperties) {
+        const clonedRequest = protocolHttp.HttpRequest.clone(httpRequest);
+        const signer = new signatureV4.SignatureV4({
+            applyChecksum: signingProperties.applyChecksum !== undefined ? signingProperties.applyChecksum : true,
+            credentials: identity,
+            region: signingProperties.region,
+            service: signingProperties.name,
+            sha256: signingProperties.sha256,
+            uriEscapePath: signingProperties.uriEscapePath !== undefined ? signingProperties.uriEscapePath : true,
+        });
+        return signer.sign(clonedRequest, {
+            signingDate: new Date(),
+            signableHeaders: signingProperties.signableHeaders,
+            unsignableHeaders: signingProperties.unsignableHeaders,
+            signingRegion: signingProperties.signingRegion,
+            signingService: signingProperties.signingService,
+        });
     }
-    if (!identity.apiKey) {
-      throw new Error("request could not be signed with `apiKey` since the `apiKey` is not defined");
+}
+
+const createEndpointRuleSetHttpAuthSchemeProvider = (defaultEndpointResolver, defaultHttpAuthSchemeResolver) => {
+    const endpointRuleSetHttpAuthSchemeProvider = (authParameters) => {
+        const endpoint = defaultEndpointResolver(authParameters);
+        const authSchemes = endpoint.properties?.authSchemes;
+        if (!authSchemes) {
+            return defaultHttpAuthSchemeResolver(authParameters);
+        }
+        const options = [];
+        for (const scheme of authSchemes) {
+            const { name: resolvedName, properties = {}, ...rest } = scheme;
+            const name = resolvedName.toLowerCase();
+            if (resolvedName !== name) {
+                console.warn(`HttpAuthScheme has been normalized with lowercasing: \`${resolvedName}\` to \`${name}\``);
+            }
+            let schemeId;
+            if (name === "sigv4") {
+                schemeId = "aws.auth#sigv4";
+            }
+            else if (name === "sigv4a") {
+                schemeId = "aws.auth#sigv4a";
+            }
+            else {
+                throw new Error(`Unknown HttpAuthScheme found in \`@smithy.rules#endpointRuleSet\`: \`${name}\``);
+            }
+            options.push({
+                schemeId,
+                signingProperties: {
+                    ...rest,
+                    ...properties,
+                },
+            });
+        }
+        return options;
+    };
+    return endpointRuleSetHttpAuthSchemeProvider;
+};
+const createEndpointRuleSetHttpAuthSchemeParametersProvider = (defaultHttpAuthSchemeParametersProvider) => async (config, context, input) => {
+    if (!input) {
+        throw new Error(`Could not find \`input\` for \`defaultEndpointRuleSetHttpAuthSchemeParametersProvider\``);
     }
-    const clonedRequest = import_protocol_http.HttpRequest.clone(httpRequest);
-    if (signingProperties.in === "query" /* QUERY */) {
-      clonedRequest.query[signingProperties.name] = identity.apiKey;
-    } else if (signingProperties.in === "header" /* HEADER */) {
-      clonedRequest.headers[signingProperties.name] = signingProperties.scheme ? `${signingProperties.scheme} ${identity.apiKey}` : identity.apiKey;
-    } else {
-      throw new Error(
-        "request can only be signed with `apiKey` locations `query` or `header`, but found: `" + signingProperties.in + "`"
-      );
+    const defaultParameters = await defaultHttpAuthSchemeParametersProvider(config, context, input);
+    const instructionsFn = utilMiddleware.getSmithyContext(context)?.endpointRuleSet
+        ?.getEndpointParameterInstructions;
+    if (!instructionsFn) {
+        throw new Error(`getEndpointParameterInstructions() is not defined on \`${context.commandName}\``);
     }
-    return clonedRequest;
-  }
+    const endpointParameters = await middlewareEndpoint.resolveParams(input, { getEndpointParameterInstructions: instructionsFn }, config);
+    return Object.assign(defaultParameters, endpointParameters);
 };
 
-// src/httpBearerAuth.ts
+exports.HttpApiKeyAuthLocation = void 0;
+(function (HttpApiKeyAuthLocation) {
+    HttpApiKeyAuthLocation["HEADER"] = "header";
+    HttpApiKeyAuthLocation["QUERY"] = "query";
+})(exports.HttpApiKeyAuthLocation || (exports.HttpApiKeyAuthLocation = {}));
+class HttpApiKeyAuthSigner {
+    async sign(httpRequest, identity, signingProperties) {
+        if (!signingProperties) {
+            throw new Error("request could not be signed with `apiKey` since the `name` and `in` signer properties are missing");
+        }
+        if (!signingProperties.name) {
+            throw new Error("request could not be signed with `apiKey` since the `name` signer property is missing");
+        }
+        if (!signingProperties.in) {
+            throw new Error("request could not be signed with `apiKey` since the `in` signer property is missing");
+        }
+        if (!identity.apiKey) {
+            throw new Error("request could not be signed with `apiKey` since the `apiKey` is not defined");
+        }
+        const clonedRequest = protocolHttp.HttpRequest.clone(httpRequest);
+        if (signingProperties.in === exports.HttpApiKeyAuthLocation.QUERY) {
+            clonedRequest.query[signingProperties.name] = identity.apiKey;
+        }
+        else if (signingProperties.in === exports.HttpApiKeyAuthLocation.HEADER) {
+            clonedRequest.headers[signingProperties.name] = signingProperties.scheme
+                ? `${signingProperties.scheme} ${identity.apiKey}`
+                : identity.apiKey;
+        }
+        else {
+            throw new Error("request can only be signed with `apiKey` locations `query` or `header`, " +
+                "but found: `" +
+                signingProperties.in +
+                "`");
+        }
+        return clonedRequest;
+    }
+}
 
-var HttpBearerAuthSigner = class {
-  static {
-    __name(this, "HttpBearerAuthSigner");
-  }
-  async sign(httpRequest, identity, signingProperties) {
-    const clonedRequest = import_protocol_http.HttpRequest.clone(httpRequest);
-    if (!identity.token) {
-      throw new Error("request could not be signed with `token` since the `token` is not defined");
+class HttpBearerAuthSigner {
+    async sign(httpRequest, identity, signingProperties) {
+        const clonedRequest = protocolHttp.HttpRequest.clone(httpRequest);
+        if (!identity.token) {
+            throw new Error("request could not be signed with `token` since the `token` is not defined");
+        }
+        clonedRequest.headers["Authorization"] = `Bearer ${identity.token}`;
+        return clonedRequest;
     }
-    clonedRequest.headers["Authorization"] = `Bearer ${identity.token}`;
-    return clonedRequest;
-  }
-};
+}
 
-// src/memoizeIdentityProvider.ts
-var createIsIdentityExpiredFunction = /* @__PURE__ */ __name((expirationMs) => (identity) => doesIdentityRequireRefresh(identity) && identity.expiration.getTime() - Date.now() < expirationMs, "createIsIdentityExpiredFunction");
-var EXPIRATION_MS = 3e5;
-var isIdentityExpired = createIsIdentityExpiredFunction(EXPIRATION_MS);
-var doesIdentityRequireRefresh = /* @__PURE__ */ __name((identity) => identity.expiration !== void 0, "doesIdentityRequireRefresh");
-var memoizeIdentityProvider = /* @__PURE__ */ __name((provider, isExpired, requiresRefresh) => {
-  if (provider === void 0) {
-    return void 0;
-  }
-  const normalizedProvider = typeof provider !== "function" ? async () => Promise.resolve(provider) : provider;
-  let resolved;
-  let pending;
-  let hasResult;
-  let isConstant = false;
-  const coalesceProvider = /* @__PURE__ */ __name(async (options) => {
-    if (!pending) {
-      pending = normalizedProvider(options);
+const createIsIdentityExpiredFunction = (expirationMs) => function isIdentityExpired(identity) {
+    return doesIdentityRequireRefresh(identity) && identity.expiration.getTime() - Date.now() < expirationMs;
+};
+const EXPIRATION_MS = 300_000;
+const isIdentityExpired = createIsIdentityExpiredFunction(EXPIRATION_MS);
+const doesIdentityRequireRefresh = (identity) => identity.expiration !== undefined;
+const memoizeIdentityProvider = (provider, isExpired, requiresRefresh) => {
+    if (provider === undefined) {
+        return undefined;
     }
-    try {
-      resolved = await pending;
-      hasResult = true;
-      isConstant = false;
-    } finally {
-      pending = void 0;
+    const normalizedProvider = typeof provider !== "function" ? async () => Promise.resolve(provider) : provider;
+    let resolved;
+    let pending;
+    let hasResult;
+    let isConstant = false;
+    const coalesceProvider = async (options) => {
+        if (!pending) {
+            pending = normalizedProvider(options);
+        }
+        try {
+            resolved = await pending;
+            hasResult = true;
+            isConstant = false;
+        }
+        finally {
+            pending = undefined;
+        }
+        return resolved;
+    };
+    if (isExpired === undefined) {
+        return async (options) => {
+            if (!hasResult || options?.forceRefresh) {
+                resolved = await coalesceProvider(options);
+            }
+            return resolved;
+        };
     }
-    return resolved;
-  }, "coalesceProvider");
-  if (isExpired === void 0) {
     return async (options) => {
-      if (!hasResult || options?.forceRefresh) {
-        resolved = await coalesceProvider(options);
-      }
-      return resolved;
+        if (!hasResult || options?.forceRefresh) {
+            resolved = await coalesceProvider(options);
+        }
+        if (isConstant) {
+            return resolved;
+        }
+        if (!requiresRefresh(resolved)) {
+            isConstant = true;
+            return resolved;
+        }
+        if (isExpired(resolved)) {
+            await coalesceProvider(options);
+            return resolved;
+        }
+        return resolved;
     };
-  }
-  return async (options) => {
-    if (!hasResult || options?.forceRefresh) {
-      resolved = await coalesceProvider(options);
-    }
-    if (isConstant) {
-      return resolved;
-    }
-    if (!requiresRefresh(resolved)) {
-      isConstant = true;
-      return resolved;
-    }
-    if (isExpired(resolved)) {
-      await coalesceProvider(options);
-      return resolved;
-    }
-    return resolved;
-  };
-}, "memoizeIdentityProvider");
-
-// src/middleware-http-auth-scheme/httpAuthSchemeMiddleware.ts
+};
 
 function convertHttpAuthSchemesToMap(httpAuthSchemes) {
-  const map = /* @__PURE__ */ new Map();
-  for (const scheme of httpAuthSchemes) {
-    map.set(scheme.schemeId, scheme);
-  }
-  return map;
+    const map = new Map();
+    for (const scheme of httpAuthSchemes) {
+        map.set(scheme.schemeId, scheme);
+    }
+    return map;
 }
-__name(convertHttpAuthSchemesToMap, "convertHttpAuthSchemesToMap");
-var httpAuthSchemeMiddleware = /* @__PURE__ */ __name((config, mwOptions) => (next, context) => async (args) => {
-  const options = config.httpAuthSchemeProvider(
-    await mwOptions.httpAuthSchemeParametersProvider(config, context, args.input)
-  );
-  const authSchemes = convertHttpAuthSchemesToMap(config.httpAuthSchemes);
-  const smithyContext = (0, import_util_middleware.getSmithyContext)(context);
-  const failureReasons = [];
-  for (const option of options) {
-    const scheme = authSchemes.get(option.schemeId);
-    if (!scheme) {
-      failureReasons.push(`HttpAuthScheme \`${option.schemeId}\` was not enabled for this service.`);
-      continue;
+const httpAuthSchemeMiddleware = (config, mwOptions) => (next, context) => async (args) => {
+    const options = config.httpAuthSchemeProvider(await mwOptions.httpAuthSchemeParametersProvider(config, context, args.input));
+    const authSchemes = convertHttpAuthSchemesToMap(config.httpAuthSchemes);
+    const smithyContext = utilMiddleware.getSmithyContext(context);
+    const failureReasons = [];
+    for (const option of options) {
+        const scheme = authSchemes.get(option.schemeId);
+        if (!scheme) {
+            failureReasons.push(`HttpAuthScheme \`${option.schemeId}\` was not enabled for this service.`);
+            continue;
+        }
+        const identityProvider = scheme.identityProvider(await mwOptions.identityProviderConfigProvider(config));
+        if (!identityProvider) {
+            failureReasons.push(`HttpAuthScheme \`${option.schemeId}\` did not have an IdentityProvider configured.`);
+            continue;
+        }
+        const { identityProperties = {}, signingProperties = {} } = option.propertiesExtractor?.(config, context) || {};
+        option.identityProperties = Object.assign(option.identityProperties || {}, identityProperties);
+        option.signingProperties = Object.assign(option.signingProperties || {}, signingProperties);
+        smithyContext.selectedHttpAuthScheme = {
+            httpAuthOption: option,
+            identity: await identityProvider(option.identityProperties),
+            signer: scheme.signer,
+        };
+        break;
     }
-    const identityProvider = scheme.identityProvider(await mwOptions.identityProviderConfigProvider(config));
-    if (!identityProvider) {
-      failureReasons.push(`HttpAuthScheme \`${option.schemeId}\` did not have an IdentityProvider configured.`);
-      continue;
+    if (!smithyContext.selectedHttpAuthScheme) {
+        throw new Error(failureReasons.join("\n"));
     }
-    const { identityProperties = {}, signingProperties = {} } = option.propertiesExtractor?.(config, context) || {};
-    option.identityProperties = Object.assign(option.identityProperties || {}, identityProperties);
-    option.signingProperties = Object.assign(option.signingProperties || {}, signingProperties);
-    smithyContext.selectedHttpAuthScheme = {
-      httpAuthOption: option,
-      identity: await identityProvider(option.identityProperties),
-      signer: scheme.signer
-    };
-    break;
-  }
-  if (!smithyContext.selectedHttpAuthScheme) {
-    throw new Error(failureReasons.join("\n"));
-  }
-  return next(args);
-}, "httpAuthSchemeMiddleware");
-
-// src/middleware-http-auth-scheme/getHttpAuthSchemeEndpointRuleSetPlugin.ts
-
-var httpAuthSchemeEndpointRuleSetMiddlewareOptions = {
-  step: "serialize",
-  tags: ["HTTP_AUTH_SCHEME"],
-  name: "httpAuthSchemeMiddleware",
-  override: true,
-  relation: "before",
-  toMiddleware: import_middleware_endpoint.endpointMiddlewareOptions.name
+    return next(args);
 };
-var getHttpAuthSchemeEndpointRuleSetPlugin = /* @__PURE__ */ __name((config, {
-  httpAuthSchemeParametersProvider,
-  identityProviderConfigProvider
-}) => ({
-  applyToStack: /* @__PURE__ */ __name((clientStack) => {
-    clientStack.addRelativeTo(
-      httpAuthSchemeMiddleware(config, {
-        httpAuthSchemeParametersProvider,
-        identityProviderConfigProvider
-      }),
-      httpAuthSchemeEndpointRuleSetMiddlewareOptions
-    );
-  }, "applyToStack")
-}), "getHttpAuthSchemeEndpointRuleSetPlugin");
 
-// src/middleware-http-auth-scheme/getHttpAuthSchemePlugin.ts
-var import_middleware_serde = require("@smithy/middleware-serde");
-var httpAuthSchemeMiddlewareOptions = {
-  step: "serialize",
-  tags: ["HTTP_AUTH_SCHEME"],
-  name: "httpAuthSchemeMiddleware",
-  override: true,
-  relation: "before",
-  toMiddleware: import_middleware_serde.serializerMiddlewareOption.name
+const httpAuthSchemeEndpointRuleSetMiddlewareOptions = {
+    step: "serialize",
+    tags: ["HTTP_AUTH_SCHEME"],
+    name: "httpAuthSchemeMiddleware",
+    override: true,
+    relation: "before",
+    toMiddleware: middlewareEndpoint.endpointMiddlewareOptions.name,
 };
-var getHttpAuthSchemePlugin = /* @__PURE__ */ __name((config, {
-  httpAuthSchemeParametersProvider,
-  identityProviderConfigProvider
-}) => ({
-  applyToStack: /* @__PURE__ */ __name((clientStack) => {
-    clientStack.addRelativeTo(
-      httpAuthSchemeMiddleware(config, {
-        httpAuthSchemeParametersProvider,
-        identityProviderConfigProvider
-      }),
-      httpAuthSchemeMiddlewareOptions
-    );
-  }, "applyToStack")
-}), "getHttpAuthSchemePlugin");
-
-// src/middleware-http-signing/httpSigningMiddleware.ts
-
-
-var httpSigningMiddleware = /* @__PURE__ */ __name((config) => (next, context) => async (args) => {
-  if (!import_protocol_http.HttpRequest.isInstance(args.request)) {
-    return next(args);
-  }
-  const smithyContext = (0, import_util_middleware.getSmithyContext)(context);
-  const scheme = smithyContext.selectedHttpAuthScheme;
-  if (!scheme) {
-    throw new Error(`No HttpAuthScheme was selected: unable to sign request`);
-  }
-  const {
-    httpAuthOption: { signingProperties },
-    identity,
-    signer
-  } = scheme;
-  return next({
-    ...args,
-    request: await signer.sign(args.request, identity, signingProperties || {})
-  });
-}, "httpSigningMiddleware");
+const getHttpAuthSchemeEndpointRuleSetPlugin = (config, { httpAuthSchemeParametersProvider, identityProviderConfigProvider, }) => ({
+    applyToStack: (clientStack) => {
+        clientStack.addRelativeTo(httpAuthSchemeMiddleware(config, {
+            httpAuthSchemeParametersProvider,
+            identityProviderConfigProvider,
+        }), httpAuthSchemeEndpointRuleSetMiddlewareOptions);
+    },
+});
 
-// src/middleware-http-signing/getHttpSigningMiddleware.ts
-var import_middleware_retry = require("@smithy/middleware-retry");
-var httpSigningMiddlewareOptions = {
-  step: "finalizeRequest",
-  tags: ["HTTP_SIGNING"],
-  name: "httpSigningMiddleware",
-  aliases: ["apiKeyMiddleware", "tokenMiddleware", "awsAuthMiddleware"],
-  override: true,
-  relation: "after",
-  toMiddleware: import_middleware_retry.retryMiddlewareOptions.name
+const httpAuthSchemeMiddlewareOptions = {
+    step: "serialize",
+    tags: ["HTTP_AUTH_SCHEME"],
+    name: "httpAuthSchemeMiddleware",
+    override: true,
+    relation: "before",
+    toMiddleware: middlewareSerde.serializerMiddlewareOption.name,
 };
-var getHttpSigningPlugin = /* @__PURE__ */ __name((config) => ({
-  applyToStack: /* @__PURE__ */ __name((clientStack) => {
-    clientStack.addRelativeTo(httpSigningMiddleware(config), httpSigningMiddlewareOptions);
-  }, "applyToStack")
-}), "getHttpSigningPlugin");
+const getHttpAuthSchemePlugin = (config, { httpAuthSchemeParametersProvider, identityProviderConfigProvider, }) => ({
+    applyToStack: (clientStack) => {
+        clientStack.addRelativeTo(httpAuthSchemeMiddleware(config, {
+            httpAuthSchemeParametersProvider,
+            identityProviderConfigProvider,
+        }), httpAuthSchemeMiddlewareOptions);
+    },
+});
 
-// src/noAuth.ts
-var NoAuthSigner = class {
-  static {
-    __name(this, "NoAuthSigner");
-  }
-  async sign(httpRequest, identity, signingProperties) {
-    return httpRequest;
-  }
+const httpSigningMiddleware = (config) => (next, context) => async (args) => {
+    if (!protocolHttp.HttpRequest.isInstance(args.request)) {
+        return next(args);
+    }
+    const smithyContext = utilMiddleware.getSmithyContext(context);
+    const scheme = smithyContext.selectedHttpAuthScheme;
+    if (!scheme) {
+        throw new Error(`No HttpAuthScheme was selected: unable to sign request`);
+    }
+    const { httpAuthOption: { signingProperties }, identity, signer, } = scheme;
+    return next({
+        ...args,
+        request: await signer.sign(args.request, identity, signingProperties || {}),
+    });
 };
-// Annotate the CommonJS export names for ESM import in node:
 
-0 && (module.exports = {
-  DefaultIdentityProviderConfig,
-  SigV4Signer,
-  createEndpointRuleSetHttpAuthSchemeProvider,
-  createEndpointRuleSetHttpAuthSchemeParametersProvider,
-  HttpApiKeyAuthLocation,
-  HttpApiKeyAuthSigner,
-  HttpBearerAuthSigner,
-  createIsIdentityExpiredFunction,
-  EXPIRATION_MS,
-  isIdentityExpired,
-  doesIdentityRequireRefresh,
-  memoizeIdentityProvider,
-  httpAuthSchemeMiddleware,
-  httpAuthSchemeEndpointRuleSetMiddlewareOptions,
-  getHttpAuthSchemeEndpointRuleSetPlugin,
-  httpAuthSchemeMiddlewareOptions,
-  getHttpAuthSchemePlugin,
-  httpSigningMiddleware,
-  httpSigningMiddlewareOptions,
-  getHttpSigningPlugin,
-  NoAuthSigner
+const httpSigningMiddlewareOptions = {
+    step: "finalizeRequest",
+    tags: ["HTTP_SIGNING"],
+    name: "httpSigningMiddleware",
+    aliases: ["apiKeyMiddleware", "tokenMiddleware", "awsAuthMiddleware"],
+    override: true,
+    relation: "after",
+    toMiddleware: middlewareRetry.retryMiddlewareOptions.name,
+};
+const getHttpSigningPlugin = (config) => ({
+    applyToStack: (clientStack) => {
+        clientStack.addRelativeTo(httpSigningMiddleware(), httpSigningMiddlewareOptions);
+    },
 });
 
+class NoAuthSigner {
+    async sign(httpRequest, identity, signingProperties) {
+        return httpRequest;
+    }
+}
+
+exports.DefaultIdentityProviderConfig = DefaultIdentityProviderConfig;
+exports.EXPIRATION_MS = EXPIRATION_MS;
+exports.HttpApiKeyAuthSigner = HttpApiKeyAuthSigner;
+exports.HttpBearerAuthSigner = HttpBearerAuthSigner;
+exports.NoAuthSigner = NoAuthSigner;
+exports.SigV4Signer = SigV4Signer;
+exports.createEndpointRuleSetHttpAuthSchemeParametersProvider = createEndpointRuleSetHttpAuthSchemeParametersProvider;
+exports.createEndpointRuleSetHttpAuthSchemeProvider = createEndpointRuleSetHttpAuthSchemeProvider;
+exports.createIsIdentityExpiredFunction = createIsIdentityExpiredFunction;
+exports.doesIdentityRequireRefresh = doesIdentityRequireRefresh;
+exports.getHttpAuthSchemeEndpointRuleSetPlugin = getHttpAuthSchemeEndpointRuleSetPlugin;
+exports.getHttpAuthSchemePlugin = getHttpAuthSchemePlugin;
+exports.getHttpSigningPlugin = getHttpSigningPlugin;
+exports.httpAuthSchemeEndpointRuleSetMiddlewareOptions = httpAuthSchemeEndpointRuleSetMiddlewareOptions;
+exports.httpAuthSchemeMiddleware = httpAuthSchemeMiddleware;
+exports.httpAuthSchemeMiddlewareOptions = httpAuthSchemeMiddlewareOptions;
+exports.httpSigningMiddleware = httpSigningMiddleware;
+exports.httpSigningMiddlewareOptions = httpSigningMiddlewareOptions;
+exports.isIdentityExpired = isIdentityExpired;
+exports.memoizeIdentityProvider = memoizeIdentityProvider;

package/dist-es/IdentityProviderConfig.js

@@ -1,6 +1,6 @@
 export class DefaultIdentityProviderConfig {
+    authSchemes = new Map();
     constructor(config) {
-        this.authSchemes = new Map();
         for (const [key, value] of Object.entries(config)) {
             if (value !== undefined) {
                 this.authSchemes.set(key, value);

package/dist-es/memoizeIdentityProvider.js

@@ -1,5 +1,7 @@
-export const createIsIdentityExpiredFunction = (expirationMs) => (identity) => doesIdentityRequireRefresh(identity) && identity.expiration.getTime() - Date.now() < expirationMs;
-export const EXPIRATION_MS = 300000;
+export const createIsIdentityExpiredFunction = (expirationMs) => function isIdentityExpired(identity) {
+    return doesIdentityRequireRefresh(identity) && identity.expiration.getTime() - Date.now() < expirationMs;
+};
+export const EXPIRATION_MS = 300_000;
 export const isIdentityExpired = createIsIdentityExpiredFunction(EXPIRATION_MS);
 export const doesIdentityRequireRefresh = (identity) => identity.expiration !== undefined;
 export const memoizeIdentityProvider = (provider, isExpired, requiresRefresh) => {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@smithy/experimental-identity-and-auth",
-  "version": "0.4.6",
+  "version": "0.5.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types && yarn build:types:downlevel'",
     "build:cjs": "node ../../scripts/inline experimental-identity-and-auth",
@@ -27,13 +27,13 @@
   "license": "Apache-2.0",
   "sideEffects": false,
   "dependencies": {
-    "@smithy/middleware-endpoint": "^4.2.5",
-    "@smithy/middleware-retry": "^4.3.1",
-    "@smithy/middleware-serde": "^4.1.1",
-    "@smithy/protocol-http": "^5.2.1",
-    "@smithy/signature-v4": "^5.2.1",
-    "@smithy/types": "^4.5.0",
-    "@smithy/util-middleware": "^4.1.1",
+    "@smithy/middleware-endpoint": "^4.3.0",
+    "@smithy/middleware-retry": "^4.4.0",
+    "@smithy/middleware-serde": "^4.2.0",
+    "@smithy/protocol-http": "^5.3.0",
+    "@smithy/signature-v4": "^5.3.0",
+    "@smithy/types": "^4.6.0",
+    "@smithy/util-middleware": "^4.2.0",
     "tslib": "^2.6.2"
   },
   "engines": {