agentv 3.10.3 → 3.11.1

package/dist/dist-es-L6R4FPI5-IKIRYN45.js

@@ -0,0 +1,472 @@
+import { createRequire } from 'node:module'; const require = createRequire(import.meta.url);
+import {
+  HttpRequest
+} from "./chunk-U6VEM66A.js";
+import {
+  setCredentialFeature
+} from "./chunk-ONETZL6N.js";
+import {
+  chain
+} from "./chunk-XSUMCWKO.js";
+import {
+  getProfileName,
+  parseKnownFiles,
+  readFile
+} from "./chunk-WVSXFZWP.js";
+import {
+  CredentialsProviderError
+} from "./chunk-UHP5KEDL.js";
+import "./chunk-UGXG73VF.js";
+import "./chunk-5H446C7X.js";
+
+// ../../packages/core/dist/dist-es-L6R4FPI5.js
+import { createHash, createPrivateKey, createPublicKey, sign } from "node:crypto";
+import { promises as fs } from "node:fs";
+import { homedir } from "node:os";
+import { dirname, join } from "node:path";
+var resolveCredentialSource = (credentialSource, profileName, logger) => {
+  const sourceProvidersMap = {
+    EcsContainer: async (options) => {
+      const { fromHttp } = await import("./dist-es-HHZ4FAXA-CRERHWKB.js");
+      const { fromContainerMetadata } = await import("./dist-es-7K7MKRME-CCMAZOQC.js");
+      logger?.debug("@aws-sdk/credential-provider-ini - credential_source is EcsContainer");
+      return async () => chain(fromHttp(options ?? {}), fromContainerMetadata(options))().then(setNamedProvider);
+    },
+    Ec2InstanceMetadata: async (options) => {
+      logger?.debug("@aws-sdk/credential-provider-ini - credential_source is Ec2InstanceMetadata");
+      const { fromInstanceMetadata } = await import("./dist-es-7K7MKRME-CCMAZOQC.js");
+      return async () => fromInstanceMetadata(options)().then(setNamedProvider);
+    },
+    Environment: async (options) => {
+      logger?.debug("@aws-sdk/credential-provider-ini - credential_source is Environment");
+      const { fromEnv } = await import("./dist-es-SRVEB5QV-Q4CTC2HX.js");
+      return async () => fromEnv(options)().then(setNamedProvider);
+    }
+  };
+  if (credentialSource in sourceProvidersMap) {
+    return sourceProvidersMap[credentialSource];
+  } else {
+    throw new CredentialsProviderError(`Unsupported credential source in profile ${profileName}. Got ${credentialSource}, expected EcsContainer or Ec2InstanceMetadata or Environment.`, { logger });
+  }
+};
+var setNamedProvider = (creds) => setCredentialFeature(creds, "CREDENTIALS_PROFILE_NAMED_PROVIDER", "p");
+var isAssumeRoleProfile = (arg, { profile = "default", logger } = {}) => {
+  return Boolean(arg) && typeof arg === "object" && typeof arg.role_arn === "string" && ["undefined", "string"].indexOf(typeof arg.role_session_name) > -1 && ["undefined", "string"].indexOf(typeof arg.external_id) > -1 && ["undefined", "string"].indexOf(typeof arg.mfa_serial) > -1 && (isAssumeRoleWithSourceProfile(arg, { profile, logger }) || isCredentialSourceProfile(arg, { profile, logger }));
+};
+var isAssumeRoleWithSourceProfile = (arg, { profile, logger }) => {
+  const withSourceProfile = typeof arg.source_profile === "string" && typeof arg.credential_source === "undefined";
+  if (withSourceProfile) {
+    logger?.debug?.(`    ${profile} isAssumeRoleWithSourceProfile source_profile=${arg.source_profile}`);
+  }
+  return withSourceProfile;
+};
+var isCredentialSourceProfile = (arg, { profile, logger }) => {
+  const withProviderProfile = typeof arg.credential_source === "string" && typeof arg.source_profile === "undefined";
+  if (withProviderProfile) {
+    logger?.debug?.(`    ${profile} isCredentialSourceProfile credential_source=${arg.credential_source}`);
+  }
+  return withProviderProfile;
+};
+var resolveAssumeRoleCredentials = async (profileName, profiles, options, callerClientConfig, visitedProfiles = {}, resolveProfileData2) => {
+  options.logger?.debug("@aws-sdk/credential-provider-ini - resolveAssumeRoleCredentials (STS)");
+  const profileData = profiles[profileName];
+  const { source_profile, region } = profileData;
+  if (!options.roleAssumer) {
+    const { getDefaultRoleAssumer } = await import("./sts-X7JGSP4H-PDAAYDDH.js");
+    options.roleAssumer = getDefaultRoleAssumer({
+      ...options.clientConfig,
+      credentialProviderLogger: options.logger,
+      parentClientConfig: {
+        ...callerClientConfig,
+        ...options?.parentClientConfig,
+        region: region ?? options?.parentClientConfig?.region ?? callerClientConfig?.region
+      }
+    }, options.clientPlugins);
+  }
+  if (source_profile && source_profile in visitedProfiles) {
+    throw new CredentialsProviderError(`Detected a cycle attempting to resolve credentials for profile ${getProfileName(options)}. Profiles visited: ` + Object.keys(visitedProfiles).join(", "), { logger: options.logger });
+  }
+  options.logger?.debug(`@aws-sdk/credential-provider-ini - finding credential resolver using ${source_profile ? `source_profile=[${source_profile}]` : `profile=[${profileName}]`}`);
+  const sourceCredsProvider = source_profile ? resolveProfileData2(source_profile, profiles, options, callerClientConfig, {
+    ...visitedProfiles,
+    [source_profile]: true
+  }, isCredentialSourceWithoutRoleArn(profiles[source_profile] ?? {})) : (await resolveCredentialSource(profileData.credential_source, profileName, options.logger)(options))();
+  if (isCredentialSourceWithoutRoleArn(profileData)) {
+    return sourceCredsProvider.then((creds) => setCredentialFeature(creds, "CREDENTIALS_PROFILE_SOURCE_PROFILE", "o"));
+  } else {
+    const params = {
+      RoleArn: profileData.role_arn,
+      RoleSessionName: profileData.role_session_name || `aws-sdk-js-${Date.now()}`,
+      ExternalId: profileData.external_id,
+      DurationSeconds: parseInt(profileData.duration_seconds || "3600", 10)
+    };
+    const { mfa_serial } = profileData;
+    if (mfa_serial) {
+      if (!options.mfaCodeProvider) {
+        throw new CredentialsProviderError(`Profile ${profileName} requires multi-factor authentication, but no MFA code callback was provided.`, { logger: options.logger, tryNextLink: false });
+      }
+      params.SerialNumber = mfa_serial;
+      params.TokenCode = await options.mfaCodeProvider(mfa_serial);
+    }
+    const sourceCreds = await sourceCredsProvider;
+    return options.roleAssumer(sourceCreds, params).then((creds) => setCredentialFeature(creds, "CREDENTIALS_PROFILE_SOURCE_PROFILE", "o"));
+  }
+};
+var isCredentialSourceWithoutRoleArn = (section) => {
+  return !section.role_arn && !!section.credential_source;
+};
+var LoginCredentialsFetcher = class _LoginCredentialsFetcher {
+  profileData;
+  init;
+  callerClientConfig;
+  static REFRESH_THRESHOLD = 5 * 60 * 1e3;
+  constructor(profileData, init, callerClientConfig) {
+    this.profileData = profileData;
+    this.init = init;
+    this.callerClientConfig = callerClientConfig;
+  }
+  async loadCredentials() {
+    const token = await this.loadToken();
+    if (!token) {
+      throw new CredentialsProviderError(`Failed to load a token for session ${this.loginSession}, please re-authenticate using aws login`, { tryNextLink: false, logger: this.logger });
+    }
+    const accessToken = token.accessToken;
+    const now = Date.now();
+    const expiryTime = new Date(accessToken.expiresAt).getTime();
+    const timeUntilExpiry = expiryTime - now;
+    if (timeUntilExpiry <= _LoginCredentialsFetcher.REFRESH_THRESHOLD) {
+      return this.refresh(token);
+    }
+    return {
+      accessKeyId: accessToken.accessKeyId,
+      secretAccessKey: accessToken.secretAccessKey,
+      sessionToken: accessToken.sessionToken,
+      accountId: accessToken.accountId,
+      expiration: new Date(accessToken.expiresAt)
+    };
+  }
+  get logger() {
+    return this.init?.logger;
+  }
+  get loginSession() {
+    return this.profileData.login_session;
+  }
+  async refresh(token) {
+    const { SigninClient, CreateOAuth2TokenCommand } = await import("./signin-2ANR4DVS-K5VGBEJF.js");
+    const { logger, userAgentAppId } = this.callerClientConfig ?? {};
+    const isH2 = (requestHandler2) => {
+      return requestHandler2?.metadata?.handlerProtocol === "h2";
+    };
+    const requestHandler = isH2(this.callerClientConfig?.requestHandler) ? void 0 : this.callerClientConfig?.requestHandler;
+    const region = this.profileData.region ?? await this.callerClientConfig?.region?.() ?? process.env.AWS_REGION;
+    const client = new SigninClient({
+      credentials: {
+        accessKeyId: "",
+        secretAccessKey: ""
+      },
+      region,
+      requestHandler,
+      logger,
+      userAgentAppId,
+      ...this.init?.clientConfig
+    });
+    this.createDPoPInterceptor(client.middlewareStack);
+    const commandInput = {
+      tokenInput: {
+        clientId: token.clientId,
+        refreshToken: token.refreshToken,
+        grantType: "refresh_token"
+      }
+    };
+    try {
+      const response = await client.send(new CreateOAuth2TokenCommand(commandInput));
+      const { accessKeyId, secretAccessKey, sessionToken } = response.tokenOutput?.accessToken ?? {};
+      const { refreshToken, expiresIn } = response.tokenOutput ?? {};
+      if (!accessKeyId || !secretAccessKey || !sessionToken || !refreshToken) {
+        throw new CredentialsProviderError("Token refresh response missing required fields", {
+          logger: this.logger,
+          tryNextLink: false
+        });
+      }
+      const expiresInMs = (expiresIn ?? 900) * 1e3;
+      const expiration = new Date(Date.now() + expiresInMs);
+      const updatedToken = {
+        ...token,
+        accessToken: {
+          ...token.accessToken,
+          accessKeyId,
+          secretAccessKey,
+          sessionToken,
+          expiresAt: expiration.toISOString()
+        },
+        refreshToken
+      };
+      await this.saveToken(updatedToken);
+      const newAccessToken = updatedToken.accessToken;
+      return {
+        accessKeyId: newAccessToken.accessKeyId,
+        secretAccessKey: newAccessToken.secretAccessKey,
+        sessionToken: newAccessToken.sessionToken,
+        accountId: newAccessToken.accountId,
+        expiration
+      };
+    } catch (error) {
+      if (error.name === "AccessDeniedException") {
+        const errorType = error.error;
+        let message;
+        switch (errorType) {
+          case "TOKEN_EXPIRED":
+            message = "Your session has expired. Please reauthenticate.";
+            break;
+          case "USER_CREDENTIALS_CHANGED":
+            message = "Unable to refresh credentials because of a change in your password. Please reauthenticate with your new password.";
+            break;
+          case "INSUFFICIENT_PERMISSIONS":
+            message = "Unable to refresh credentials due to insufficient permissions. You may be missing permission for the 'CreateOAuth2Token' action.";
+            break;
+          default:
+            message = `Failed to refresh token: ${String(error)}. Please re-authenticate using \`aws login\``;
+        }
+        throw new CredentialsProviderError(message, { logger: this.logger, tryNextLink: false });
+      }
+      throw new CredentialsProviderError(`Failed to refresh token: ${String(error)}. Please re-authenticate using aws login`, { logger: this.logger });
+    }
+  }
+  async loadToken() {
+    const tokenFilePath = this.getTokenFilePath();
+    try {
+      let tokenData;
+      try {
+        tokenData = await readFile(tokenFilePath, { ignoreCache: this.init?.ignoreCache });
+      } catch {
+        tokenData = await fs.readFile(tokenFilePath, "utf8");
+      }
+      const token = JSON.parse(tokenData);
+      const missingFields = ["accessToken", "clientId", "refreshToken", "dpopKey"].filter((k) => !token[k]);
+      if (!token.accessToken?.accountId) {
+        missingFields.push("accountId");
+      }
+      if (missingFields.length > 0) {
+        throw new CredentialsProviderError(`Token validation failed, missing fields: ${missingFields.join(", ")}`, {
+          logger: this.logger,
+          tryNextLink: false
+        });
+      }
+      return token;
+    } catch (error) {
+      throw new CredentialsProviderError(`Failed to load token from ${tokenFilePath}: ${String(error)}`, {
+        logger: this.logger,
+        tryNextLink: false
+      });
+    }
+  }
+  async saveToken(token) {
+    const tokenFilePath = this.getTokenFilePath();
+    const directory = dirname(tokenFilePath);
+    try {
+      await fs.mkdir(directory, { recursive: true });
+    } catch (error) {
+    }
+    await fs.writeFile(tokenFilePath, JSON.stringify(token, null, 2), "utf8");
+  }
+  getTokenFilePath() {
+    const directory = process.env.AWS_LOGIN_CACHE_DIRECTORY ?? join(homedir(), ".aws", "login", "cache");
+    const loginSessionBytes = Buffer.from(this.loginSession, "utf8");
+    const loginSessionSha256 = createHash("sha256").update(loginSessionBytes).digest("hex");
+    return join(directory, `${loginSessionSha256}.json`);
+  }
+  derToRawSignature(derSignature) {
+    let offset = 2;
+    if (derSignature[offset] !== 2) {
+      throw new Error("Invalid DER signature");
+    }
+    offset++;
+    const rLength = derSignature[offset++];
+    let r = derSignature.subarray(offset, offset + rLength);
+    offset += rLength;
+    if (derSignature[offset] !== 2) {
+      throw new Error("Invalid DER signature");
+    }
+    offset++;
+    const sLength = derSignature[offset++];
+    let s = derSignature.subarray(offset, offset + sLength);
+    r = r[0] === 0 ? r.subarray(1) : r;
+    s = s[0] === 0 ? s.subarray(1) : s;
+    const rPadded = Buffer.concat([Buffer.alloc(32 - r.length), r]);
+    const sPadded = Buffer.concat([Buffer.alloc(32 - s.length), s]);
+    return Buffer.concat([rPadded, sPadded]);
+  }
+  createDPoPInterceptor(middlewareStack) {
+    middlewareStack.add((next) => async (args) => {
+      if (HttpRequest.isInstance(args.request)) {
+        const request = args.request;
+        const actualEndpoint = `${request.protocol}//${request.hostname}${request.port ? `:${request.port}` : ""}${request.path}`;
+        const dpop = await this.generateDpop(request.method, actualEndpoint);
+        request.headers = {
+          ...request.headers,
+          DPoP: dpop
+        };
+      }
+      return next(args);
+    }, {
+      step: "finalizeRequest",
+      name: "dpopInterceptor",
+      override: true
+    });
+  }
+  async generateDpop(method = "POST", endpoint) {
+    const token = await this.loadToken();
+    try {
+      const privateKey = createPrivateKey({
+        key: token.dpopKey,
+        format: "pem",
+        type: "sec1"
+      });
+      const publicKey = createPublicKey(privateKey);
+      const publicDer = publicKey.export({ format: "der", type: "spki" });
+      let pointStart = -1;
+      for (let i = 0; i < publicDer.length; i++) {
+        if (publicDer[i] === 4) {
+          pointStart = i;
+          break;
+        }
+      }
+      const x = publicDer.slice(pointStart + 1, pointStart + 33);
+      const y = publicDer.slice(pointStart + 33, pointStart + 65);
+      const header = {
+        alg: "ES256",
+        typ: "dpop+jwt",
+        jwk: {
+          kty: "EC",
+          crv: "P-256",
+          x: x.toString("base64url"),
+          y: y.toString("base64url")
+        }
+      };
+      const payload = {
+        jti: crypto.randomUUID(),
+        htm: method,
+        htu: endpoint,
+        iat: Math.floor(Date.now() / 1e3)
+      };
+      const headerB64 = Buffer.from(JSON.stringify(header)).toString("base64url");
+      const payloadB64 = Buffer.from(JSON.stringify(payload)).toString("base64url");
+      const message = `${headerB64}.${payloadB64}`;
+      const asn1Signature = sign("sha256", Buffer.from(message), privateKey);
+      const rawSignature = this.derToRawSignature(asn1Signature);
+      const signatureB64 = rawSignature.toString("base64url");
+      return `${message}.${signatureB64}`;
+    } catch (error) {
+      throw new CredentialsProviderError(`Failed to generate Dpop proof: ${error instanceof Error ? error.message : String(error)}`, { logger: this.logger, tryNextLink: false });
+    }
+  }
+};
+var fromLoginCredentials = (init) => async ({ callerClientConfig } = {}) => {
+  init?.logger?.debug?.("@aws-sdk/credential-providers - fromLoginCredentials");
+  const profiles = await parseKnownFiles(init || {});
+  const profileName = getProfileName({
+    profile: init?.profile ?? callerClientConfig?.profile
+  });
+  const profile = profiles[profileName];
+  if (!profile?.login_session) {
+    throw new CredentialsProviderError(`Profile ${profileName} does not contain login_session.`, {
+      tryNextLink: true,
+      logger: init?.logger
+    });
+  }
+  const fetcher = new LoginCredentialsFetcher(profile, init, callerClientConfig);
+  const credentials = await fetcher.loadCredentials();
+  return setCredentialFeature(credentials, "CREDENTIALS_LOGIN", "AD");
+};
+var isLoginProfile = (data) => {
+  return Boolean(data && data.login_session);
+};
+var resolveLoginCredentials = async (profileName, options, callerClientConfig) => {
+  const credentials = await fromLoginCredentials({
+    ...options,
+    profile: profileName
+  })({ callerClientConfig });
+  return setCredentialFeature(credentials, "CREDENTIALS_PROFILE_LOGIN", "AC");
+};
+var isProcessProfile = (arg) => Boolean(arg) && typeof arg === "object" && typeof arg.credential_process === "string";
+var resolveProcessCredentials = async (options, profile) => import("./dist-es-TRIVUKV4-2J47CDXR.js").then(({ fromProcess }) => fromProcess({
+  ...options,
+  profile
+})().then((creds) => setCredentialFeature(creds, "CREDENTIALS_PROFILE_PROCESS", "v")));
+var resolveSsoCredentials = async (profile, profileData, options = {}, callerClientConfig) => {
+  const { fromSSO } = await import("./dist-es-B2RTOKRI-VWZHK5RE.js");
+  return fromSSO({
+    profile,
+    logger: options.logger,
+    parentClientConfig: options.parentClientConfig,
+    clientConfig: options.clientConfig
+  })({
+    callerClientConfig
+  }).then((creds) => {
+    if (profileData.sso_session) {
+      return setCredentialFeature(creds, "CREDENTIALS_PROFILE_SSO", "r");
+    } else {
+      return setCredentialFeature(creds, "CREDENTIALS_PROFILE_SSO_LEGACY", "t");
+    }
+  });
+};
+var isSsoProfile = (arg) => arg && (typeof arg.sso_start_url === "string" || typeof arg.sso_account_id === "string" || typeof arg.sso_session === "string" || typeof arg.sso_region === "string" || typeof arg.sso_role_name === "string");
+var isStaticCredsProfile = (arg) => Boolean(arg) && typeof arg === "object" && typeof arg.aws_access_key_id === "string" && typeof arg.aws_secret_access_key === "string" && ["undefined", "string"].indexOf(typeof arg.aws_session_token) > -1 && ["undefined", "string"].indexOf(typeof arg.aws_account_id) > -1;
+var resolveStaticCredentials = async (profile, options) => {
+  options?.logger?.debug("@aws-sdk/credential-provider-ini - resolveStaticCredentials");
+  const credentials = {
+    accessKeyId: profile.aws_access_key_id,
+    secretAccessKey: profile.aws_secret_access_key,
+    sessionToken: profile.aws_session_token,
+    ...profile.aws_credential_scope && { credentialScope: profile.aws_credential_scope },
+    ...profile.aws_account_id && { accountId: profile.aws_account_id }
+  };
+  return setCredentialFeature(credentials, "CREDENTIALS_PROFILE", "n");
+};
+var isWebIdentityProfile = (arg) => Boolean(arg) && typeof arg === "object" && typeof arg.web_identity_token_file === "string" && typeof arg.role_arn === "string" && ["undefined", "string"].indexOf(typeof arg.role_session_name) > -1;
+var resolveWebIdentityCredentials = async (profile, options, callerClientConfig) => import("./dist-es-4WSJUIYR-XKIX65IH.js").then(({ fromTokenFile }) => fromTokenFile({
+  webIdentityTokenFile: profile.web_identity_token_file,
+  roleArn: profile.role_arn,
+  roleSessionName: profile.role_session_name,
+  roleAssumerWithWebIdentity: options.roleAssumerWithWebIdentity,
+  logger: options.logger,
+  parentClientConfig: options.parentClientConfig
+})({
+  callerClientConfig
+}).then((creds) => setCredentialFeature(creds, "CREDENTIALS_PROFILE_STS_WEB_ID_TOKEN", "q")));
+var resolveProfileData = async (profileName, profiles, options, callerClientConfig, visitedProfiles = {}, isAssumeRoleRecursiveCall = false) => {
+  const data = profiles[profileName];
+  if (Object.keys(visitedProfiles).length > 0 && isStaticCredsProfile(data)) {
+    return resolveStaticCredentials(data, options);
+  }
+  if (isAssumeRoleRecursiveCall || isAssumeRoleProfile(data, { profile: profileName, logger: options.logger })) {
+    return resolveAssumeRoleCredentials(profileName, profiles, options, callerClientConfig, visitedProfiles, resolveProfileData);
+  }
+  if (isStaticCredsProfile(data)) {
+    return resolveStaticCredentials(data, options);
+  }
+  if (isWebIdentityProfile(data)) {
+    return resolveWebIdentityCredentials(data, options, callerClientConfig);
+  }
+  if (isProcessProfile(data)) {
+    return resolveProcessCredentials(options, profileName);
+  }
+  if (isSsoProfile(data)) {
+    return await resolveSsoCredentials(profileName, data, options, callerClientConfig);
+  }
+  if (isLoginProfile(data)) {
+    return resolveLoginCredentials(profileName, options, callerClientConfig);
+  }
+  throw new CredentialsProviderError(`Could not resolve credentials using profile: [${profileName}] in configuration/credentials file(s).`, { logger: options.logger });
+};
+var fromIni = (init = {}) => async ({ callerClientConfig } = {}) => {
+  init.logger?.debug("@aws-sdk/credential-provider-ini - fromIni");
+  const profiles = await parseKnownFiles(init);
+  return resolveProfileData(getProfileName({
+    profile: init.profile ?? callerClientConfig?.profile
+  }), profiles, init, callerClientConfig);
+};
+export {
+  fromIni
+};
+//# sourceMappingURL=dist-es-L6R4FPI5-IKIRYN45.js.map

package/dist/dist-es-L6R4FPI5-IKIRYN45.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../node_modules/.bun/@aws-sdk+credential-provider-ini@3.972.10/node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveCredentialSource.js","../../../node_modules/.bun/@aws-sdk+credential-provider-ini@3.972.10/node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveAssumeRoleCredentials.js","../../../node_modules/.bun/@aws-sdk+credential-provider-login@3.972.10/node_modules/@aws-sdk/credential-provider-login/dist-es/LoginCredentialsFetcher.js","../../../node_modules/.bun/@aws-sdk+credential-provider-login@3.972.10/node_modules/@aws-sdk/credential-provider-login/dist-es/fromLoginCredentials.js","../../../node_modules/.bun/@aws-sdk+credential-provider-ini@3.972.10/node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveLoginCredentials.js","../../../node_modules/.bun/@aws-sdk+credential-provider-ini@3.972.10/node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveProcessCredentials.js","../../../node_modules/.bun/@aws-sdk+credential-provider-ini@3.972.10/node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveSsoCredentials.js","../../../node_modules/.bun/@aws-sdk+credential-provider-ini@3.972.10/node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveStaticCredentials.js","../../../node_modules/.bun/@aws-sdk+credential-provider-ini@3.972.10/node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveWebIdentityCredentials.js","../../../node_modules/.bun/@aws-sdk+credential-provider-ini@3.972.10/node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveProfileData.js","../../../node_modules/.bun/@aws-sdk+credential-provider-ini@3.972.10/node_modules/@aws-sdk/credential-provider-ini/dist-es/fromIni.js"],"sourcesContent":["import { setCredentialFeature } from \"@aws-sdk/core/client\";\nimport { chain, CredentialsProviderError } from \"@smithy/property-provider\";\nexport const resolveCredentialSource = (credentialSource, profileName, logger) => {\n    const sourceProvidersMap = {\n        EcsContainer: async (options) => {\n            const { fromHttp } = await import(\"@aws-sdk/credential-provider-http\");\n            const { fromContainerMetadata } = await import(\"@smithy/credential-provider-imds\");\n            logger?.debug(\"@aws-sdk/credential-provider-ini - credential_source is EcsContainer\");\n            return async () => chain(fromHttp(options ?? {}), fromContainerMetadata(options))().then(setNamedProvider);\n        },\n        Ec2InstanceMetadata: async (options) => {\n            logger?.debug(\"@aws-sdk/credential-provider-ini - credential_source is Ec2InstanceMetadata\");\n            const { fromInstanceMetadata } = await import(\"@smithy/credential-provider-imds\");\n            return async () => fromInstanceMetadata(options)().then(setNamedProvider);\n        },\n        Environment: async (options) => {\n            logger?.debug(\"@aws-sdk/credential-provider-ini - credential_source is Environment\");\n            const { fromEnv } = await import(\"@aws-sdk/credential-provider-env\");\n            return async () => fromEnv(options)().then(setNamedProvider);\n        },\n    };\n    if (credentialSource in sourceProvidersMap) {\n        return sourceProvidersMap[credentialSource];\n    }\n    else {\n        throw new CredentialsProviderError(`Unsupported credential source in profile ${profileName}. Got ${credentialSource}, ` +\n            `expected EcsContainer or Ec2InstanceMetadata or Environment.`, { logger });\n    }\n};\nconst setNamedProvider = (creds) => setCredentialFeature(creds, \"CREDENTIALS_PROFILE_NAMED_PROVIDER\", \"p\");\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nimport { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { getProfileName } from \"@smithy/shared-ini-file-loader\";\nimport { resolveCredentialSource } from \"./resolveCredentialSource\";\nexport const isAssumeRoleProfile = (arg, { profile = \"default\", logger } = {}) => {\n    return (Boolean(arg) &&\n        typeof arg === \"object\" &&\n        typeof arg.role_arn === \"string\" &&\n        [\"undefined\", \"string\"].indexOf(typeof arg.role_session_name) > -1 &&\n        [\"undefined\", \"string\"].indexOf(typeof arg.external_id) > -1 &&\n        [\"undefined\", \"string\"].indexOf(typeof arg.mfa_serial) > -1 &&\n        (isAssumeRoleWithSourceProfile(arg, { profile, logger }) || isCredentialSourceProfile(arg, { profile, logger })));\n};\nconst isAssumeRoleWithSourceProfile = (arg, { profile, logger }) => {\n    const withSourceProfile = typeof arg.source_profile === \"string\" && typeof arg.credential_source === \"undefined\";\n    if (withSourceProfile) {\n        logger?.debug?.(`    ${profile} isAssumeRoleWithSourceProfile source_profile=${arg.source_profile}`);\n    }\n    return withSourceProfile;\n};\nconst isCredentialSourceProfile = (arg, { profile, logger }) => {\n    const withProviderProfile = typeof arg.credential_source === \"string\" && typeof arg.source_profile === \"undefined\";\n    if (withProviderProfile) {\n        logger?.debug?.(`    ${profile} isCredentialSourceProfile credential_source=${arg.credential_source}`);\n    }\n    return withProviderProfile;\n};\nexport const resolveAssumeRoleCredentials = async (profileName, profiles, options, callerClientConfig, visitedProfiles = {}, resolveProfileData) => {\n    options.logger?.debug(\"@aws-sdk/credential-provider-ini - resolveAssumeRoleCredentials (STS)\");\n    const profileData = profiles[profileName];\n    const { source_profile, region } = profileData;\n    if (!options.roleAssumer) {\n        const { getDefaultRoleAssumer } = await import(\"@aws-sdk/nested-clients/sts\");\n        options.roleAssumer = getDefaultRoleAssumer({\n            ...options.clientConfig,\n            credentialProviderLogger: options.logger,\n            parentClientConfig: {\n                ...callerClientConfig,\n                ...options?.parentClientConfig,\n                region: region ?? options?.parentClientConfig?.region ?? callerClientConfig?.region,\n            },\n        }, options.clientPlugins);\n    }\n    if (source_profile && source_profile in visitedProfiles) {\n        throw new CredentialsProviderError(`Detected a cycle attempting to resolve credentials for profile` +\n            ` ${getProfileName(options)}. Profiles visited: ` +\n            Object.keys(visitedProfiles).join(\", \"), { logger: options.logger });\n    }\n    options.logger?.debug(`@aws-sdk/credential-provider-ini - finding credential resolver using ${source_profile ? `source_profile=[${source_profile}]` : `profile=[${profileName}]`}`);\n    const sourceCredsProvider = source_profile\n        ? resolveProfileData(source_profile, profiles, options, callerClientConfig, {\n            ...visitedProfiles,\n            [source_profile]: true,\n        }, isCredentialSourceWithoutRoleArn(profiles[source_profile] ?? {}))\n        : (await resolveCredentialSource(profileData.credential_source, profileName, options.logger)(options))();\n    if (isCredentialSourceWithoutRoleArn(profileData)) {\n        return sourceCredsProvider.then((creds) => setCredentialFeature(creds, \"CREDENTIALS_PROFILE_SOURCE_PROFILE\", \"o\"));\n    }\n    else {\n        const params = {\n            RoleArn: profileData.role_arn,\n            RoleSessionName: profileData.role_session_name || `aws-sdk-js-${Date.now()}`,\n            ExternalId: profileData.external_id,\n            DurationSeconds: parseInt(profileData.duration_seconds || \"3600\", 10),\n        };\n        const { mfa_serial } = profileData;\n        if (mfa_serial) {\n            if (!options.mfaCodeProvider) {\n                throw new CredentialsProviderError(`Profile ${profileName} requires multi-factor authentication, but no MFA code callback was provided.`, { logger: options.logger, tryNextLink: false });\n            }\n            params.SerialNumber = mfa_serial;\n            params.TokenCode = await options.mfaCodeProvider(mfa_serial);\n        }\n        const sourceCreds = await sourceCredsProvider;\n        return options.roleAssumer(sourceCreds, params).then((creds) => setCredentialFeature(creds, \"CREDENTIALS_PROFILE_SOURCE_PROFILE\", \"o\"));\n    }\n};\nconst isCredentialSourceWithoutRoleArn = (section) => {\n    return !section.role_arn && !!section.credential_source;\n};\n","import { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { HttpRequest } from \"@smithy/protocol-http\";\nimport { readFile } from \"@smithy/shared-ini-file-loader\";\nimport { createHash, createPrivateKey, createPublicKey, sign } from \"node:crypto\";\nimport { promises as fs } from \"node:fs\";\nimport { homedir } from \"node:os\";\nimport { dirname, join } from \"node:path\";\nexport class LoginCredentialsFetcher {\n    profileData;\n    init;\n    callerClientConfig;\n    static REFRESH_THRESHOLD = 5 * 60 * 1000;\n    constructor(profileData, init, callerClientConfig) {\n        this.profileData = profileData;\n        this.init = init;\n        this.callerClientConfig = callerClientConfig;\n    }\n    async loadCredentials() {\n        const token = await this.loadToken();\n        if (!token) {\n            throw new CredentialsProviderError(`Failed to load a token for session ${this.loginSession}, please re-authenticate using aws login`, { tryNextLink: false, logger: this.logger });\n        }\n        const accessToken = token.accessToken;\n        const now = Date.now();\n        const expiryTime = new Date(accessToken.expiresAt).getTime();\n        const timeUntilExpiry = expiryTime - now;\n        if (timeUntilExpiry <= LoginCredentialsFetcher.REFRESH_THRESHOLD) {\n            return this.refresh(token);\n        }\n        return {\n            accessKeyId: accessToken.accessKeyId,\n            secretAccessKey: accessToken.secretAccessKey,\n            sessionToken: accessToken.sessionToken,\n            accountId: accessToken.accountId,\n            expiration: new Date(accessToken.expiresAt),\n        };\n    }\n    get logger() {\n        return this.init?.logger;\n    }\n    get loginSession() {\n        return this.profileData.login_session;\n    }\n    async refresh(token) {\n        const { SigninClient, CreateOAuth2TokenCommand } = await import(\"@aws-sdk/nested-clients/signin\");\n        const { logger, userAgentAppId } = this.callerClientConfig ?? {};\n        const isH2 = (requestHandler) => {\n            return requestHandler?.metadata?.handlerProtocol === \"h2\";\n        };\n        const requestHandler = isH2(this.callerClientConfig?.requestHandler)\n            ? undefined\n            : this.callerClientConfig?.requestHandler;\n        const region = this.profileData.region ?? (await this.callerClientConfig?.region?.()) ?? process.env.AWS_REGION;\n        const client = new SigninClient({\n            credentials: {\n                accessKeyId: \"\",\n                secretAccessKey: \"\",\n            },\n            region,\n            requestHandler,\n            logger,\n            userAgentAppId,\n            ...this.init?.clientConfig,\n        });\n        this.createDPoPInterceptor(client.middlewareStack);\n        const commandInput = {\n            tokenInput: {\n                clientId: token.clientId,\n                refreshToken: token.refreshToken,\n                grantType: \"refresh_token\",\n            },\n        };\n        try {\n            const response = await client.send(new CreateOAuth2TokenCommand(commandInput));\n            const { accessKeyId, secretAccessKey, sessionToken } = response.tokenOutput?.accessToken ?? {};\n            const { refreshToken, expiresIn } = response.tokenOutput ?? {};\n            if (!accessKeyId || !secretAccessKey || !sessionToken || !refreshToken) {\n                throw new CredentialsProviderError(\"Token refresh response missing required fields\", {\n                    logger: this.logger,\n                    tryNextLink: false,\n                });\n            }\n            const expiresInMs = (expiresIn ?? 900) * 1000;\n            const expiration = new Date(Date.now() + expiresInMs);\n            const updatedToken = {\n                ...token,\n                accessToken: {\n                    ...token.accessToken,\n                    accessKeyId: accessKeyId,\n                    secretAccessKey: secretAccessKey,\n                    sessionToken: sessionToken,\n                    expiresAt: expiration.toISOString(),\n                },\n                refreshToken: refreshToken,\n            };\n            await this.saveToken(updatedToken);\n            const newAccessToken = updatedToken.accessToken;\n            return {\n                accessKeyId: newAccessToken.accessKeyId,\n                secretAccessKey: newAccessToken.secretAccessKey,\n                sessionToken: newAccessToken.sessionToken,\n                accountId: newAccessToken.accountId,\n                expiration,\n            };\n        }\n        catch (error) {\n            if (error.name === \"AccessDeniedException\") {\n                const errorType = error.error;\n                let message;\n                switch (errorType) {\n                    case \"TOKEN_EXPIRED\":\n                        message = \"Your session has expired. Please reauthenticate.\";\n                        break;\n                    case \"USER_CREDENTIALS_CHANGED\":\n                        message =\n                            \"Unable to refresh credentials because of a change in your password. Please reauthenticate with your new password.\";\n                        break;\n                    case \"INSUFFICIENT_PERMISSIONS\":\n                        message =\n                            \"Unable to refresh credentials due to insufficient permissions. You may be missing permission for the 'CreateOAuth2Token' action.\";\n                        break;\n                    default:\n                        message = `Failed to refresh token: ${String(error)}. Please re-authenticate using \\`aws login\\``;\n                }\n                throw new CredentialsProviderError(message, { logger: this.logger, tryNextLink: false });\n            }\n            throw new CredentialsProviderError(`Failed to refresh token: ${String(error)}. Please re-authenticate using aws login`, { logger: this.logger });\n        }\n    }\n    async loadToken() {\n        const tokenFilePath = this.getTokenFilePath();\n        try {\n            let tokenData;\n            try {\n                tokenData = await readFile(tokenFilePath, { ignoreCache: this.init?.ignoreCache });\n            }\n            catch {\n                tokenData = await fs.readFile(tokenFilePath, \"utf8\");\n            }\n            const token = JSON.parse(tokenData);\n            const missingFields = [\"accessToken\", \"clientId\", \"refreshToken\", \"dpopKey\"].filter((k) => !token[k]);\n            if (!token.accessToken?.accountId) {\n                missingFields.push(\"accountId\");\n            }\n            if (missingFields.length > 0) {\n                throw new CredentialsProviderError(`Token validation failed, missing fields: ${missingFields.join(\", \")}`, {\n                    logger: this.logger,\n                    tryNextLink: false,\n                });\n            }\n            return token;\n        }\n        catch (error) {\n            throw new CredentialsProviderError(`Failed to load token from ${tokenFilePath}: ${String(error)}`, {\n                logger: this.logger,\n                tryNextLink: false,\n            });\n        }\n    }\n    async saveToken(token) {\n        const tokenFilePath = this.getTokenFilePath();\n        const directory = dirname(tokenFilePath);\n        try {\n            await fs.mkdir(directory, { recursive: true });\n        }\n        catch (error) {\n        }\n        await fs.writeFile(tokenFilePath, JSON.stringify(token, null, 2), \"utf8\");\n    }\n    getTokenFilePath() {\n        const directory = process.env.AWS_LOGIN_CACHE_DIRECTORY ?? join(homedir(), \".aws\", \"login\", \"cache\");\n        const loginSessionBytes = Buffer.from(this.loginSession, \"utf8\");\n        const loginSessionSha256 = createHash(\"sha256\").update(loginSessionBytes).digest(\"hex\");\n        return join(directory, `${loginSessionSha256}.json`);\n    }\n    derToRawSignature(derSignature) {\n        let offset = 2;\n        if (derSignature[offset] !== 0x02) {\n            throw new Error(\"Invalid DER signature\");\n        }\n        offset++;\n        const rLength = derSignature[offset++];\n        let r = derSignature.subarray(offset, offset + rLength);\n        offset += rLength;\n        if (derSignature[offset] !== 0x02) {\n            throw new Error(\"Invalid DER signature\");\n        }\n        offset++;\n        const sLength = derSignature[offset++];\n        let s = derSignature.subarray(offset, offset + sLength);\n        r = r[0] === 0x00 ? r.subarray(1) : r;\n        s = s[0] === 0x00 ? s.subarray(1) : s;\n        const rPadded = Buffer.concat([Buffer.alloc(32 - r.length), r]);\n        const sPadded = Buffer.concat([Buffer.alloc(32 - s.length), s]);\n        return Buffer.concat([rPadded, sPadded]);\n    }\n    createDPoPInterceptor(middlewareStack) {\n        middlewareStack.add((next) => async (args) => {\n            if (HttpRequest.isInstance(args.request)) {\n                const request = args.request;\n                const actualEndpoint = `${request.protocol}//${request.hostname}${request.port ? `:${request.port}` : \"\"}${request.path}`;\n                const dpop = await this.generateDpop(request.method, actualEndpoint);\n                request.headers = {\n                    ...request.headers,\n                    DPoP: dpop,\n                };\n            }\n            return next(args);\n        }, {\n            step: \"finalizeRequest\",\n            name: \"dpopInterceptor\",\n            override: true,\n        });\n    }\n    async generateDpop(method = \"POST\", endpoint) {\n        const token = await this.loadToken();\n        try {\n            const privateKey = createPrivateKey({\n                key: token.dpopKey,\n                format: \"pem\",\n                type: \"sec1\",\n            });\n            const publicKey = createPublicKey(privateKey);\n            const publicDer = publicKey.export({ format: \"der\", type: \"spki\" });\n            let pointStart = -1;\n            for (let i = 0; i < publicDer.length; i++) {\n                if (publicDer[i] === 0x04) {\n                    pointStart = i;\n                    break;\n                }\n            }\n            const x = publicDer.slice(pointStart + 1, pointStart + 33);\n            const y = publicDer.slice(pointStart + 33, pointStart + 65);\n            const header = {\n                alg: \"ES256\",\n                typ: \"dpop+jwt\",\n                jwk: {\n                    kty: \"EC\",\n                    crv: \"P-256\",\n                    x: x.toString(\"base64url\"),\n                    y: y.toString(\"base64url\"),\n                },\n            };\n            const payload = {\n                jti: crypto.randomUUID(),\n                htm: method,\n                htu: endpoint,\n                iat: Math.floor(Date.now() / 1000),\n            };\n            const headerB64 = Buffer.from(JSON.stringify(header)).toString(\"base64url\");\n            const payloadB64 = Buffer.from(JSON.stringify(payload)).toString(\"base64url\");\n            const message = `${headerB64}.${payloadB64}`;\n            const asn1Signature = sign(\"sha256\", Buffer.from(message), privateKey);\n            const rawSignature = this.derToRawSignature(asn1Signature);\n            const signatureB64 = rawSignature.toString(\"base64url\");\n            return `${message}.${signatureB64}`;\n        }\n        catch (error) {\n            throw new CredentialsProviderError(`Failed to generate Dpop proof: ${error instanceof Error ? error.message : String(error)}`, { logger: this.logger, tryNextLink: false });\n        }\n    }\n}\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nimport { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { getProfileName, parseKnownFiles } from \"@smithy/shared-ini-file-loader\";\nimport { LoginCredentialsFetcher } from \"./LoginCredentialsFetcher\";\nexport const fromLoginCredentials = (init) => async ({ callerClientConfig } = {}) => {\n    init?.logger?.debug?.(\"@aws-sdk/credential-providers - fromLoginCredentials\");\n    const profiles = await parseKnownFiles(init || {});\n    const profileName = getProfileName({\n        profile: init?.profile ?? callerClientConfig?.profile,\n    });\n    const profile = profiles[profileName];\n    if (!profile?.login_session) {\n        throw new CredentialsProviderError(`Profile ${profileName} does not contain login_session.`, {\n            tryNextLink: true,\n            logger: init?.logger,\n        });\n    }\n    const fetcher = new LoginCredentialsFetcher(profile, init, callerClientConfig);\n    const credentials = await fetcher.loadCredentials();\n    return setCredentialFeature(credentials, \"CREDENTIALS_LOGIN\", \"AD\");\n};\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nimport { fromLoginCredentials } from \"@aws-sdk/credential-provider-login\";\nexport const isLoginProfile = (data) => {\n    return Boolean(data && data.login_session);\n};\nexport const resolveLoginCredentials = async (profileName, options, callerClientConfig) => {\n    const credentials = await fromLoginCredentials({\n        ...options,\n        profile: profileName,\n    })({ callerClientConfig });\n    return setCredentialFeature(credentials, \"CREDENTIALS_PROFILE_LOGIN\", \"AC\");\n};\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nexport const isProcessProfile = (arg) => Boolean(arg) && typeof arg === \"object\" && typeof arg.credential_process === \"string\";\nexport const resolveProcessCredentials = async (options, profile) => import(\"@aws-sdk/credential-provider-process\").then(({ fromProcess }) => fromProcess({\n    ...options,\n    profile,\n})().then((creds) => setCredentialFeature(creds, \"CREDENTIALS_PROFILE_PROCESS\", \"v\")));\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nexport const resolveSsoCredentials = async (profile, profileData, options = {}, callerClientConfig) => {\n    const { fromSSO } = await import(\"@aws-sdk/credential-provider-sso\");\n    return fromSSO({\n        profile,\n        logger: options.logger,\n        parentClientConfig: options.parentClientConfig,\n        clientConfig: options.clientConfig,\n    })({\n        callerClientConfig,\n    }).then((creds) => {\n        if (profileData.sso_session) {\n            return setCredentialFeature(creds, \"CREDENTIALS_PROFILE_SSO\", \"r\");\n        }\n        else {\n            return setCredentialFeature(creds, \"CREDENTIALS_PROFILE_SSO_LEGACY\", \"t\");\n        }\n    });\n};\nexport const isSsoProfile = (arg) => arg &&\n    (typeof arg.sso_start_url === \"string\" ||\n        typeof arg.sso_account_id === \"string\" ||\n        typeof arg.sso_session === \"string\" ||\n        typeof arg.sso_region === \"string\" ||\n        typeof arg.sso_role_name === \"string\");\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nexport const isStaticCredsProfile = (arg) => Boolean(arg) &&\n    typeof arg === \"object\" &&\n    typeof arg.aws_access_key_id === \"string\" &&\n    typeof arg.aws_secret_access_key === \"string\" &&\n    [\"undefined\", \"string\"].indexOf(typeof arg.aws_session_token) > -1 &&\n    [\"undefined\", \"string\"].indexOf(typeof arg.aws_account_id) > -1;\nexport const resolveStaticCredentials = async (profile, options) => {\n    options?.logger?.debug(\"@aws-sdk/credential-provider-ini - resolveStaticCredentials\");\n    const credentials = {\n        accessKeyId: profile.aws_access_key_id,\n        secretAccessKey: profile.aws_secret_access_key,\n        sessionToken: profile.aws_session_token,\n        ...(profile.aws_credential_scope && { credentialScope: profile.aws_credential_scope }),\n        ...(profile.aws_account_id && { accountId: profile.aws_account_id }),\n    };\n    return setCredentialFeature(credentials, \"CREDENTIALS_PROFILE\", \"n\");\n};\n","import { setCredentialFeature } from \"@aws-sdk/core/client\";\nexport const isWebIdentityProfile = (arg) => Boolean(arg) &&\n    typeof arg === \"object\" &&\n    typeof arg.web_identity_token_file === \"string\" &&\n    typeof arg.role_arn === \"string\" &&\n    [\"undefined\", \"string\"].indexOf(typeof arg.role_session_name) > -1;\nexport const resolveWebIdentityCredentials = async (profile, options, callerClientConfig) => import(\"@aws-sdk/credential-provider-web-identity\").then(({ fromTokenFile }) => fromTokenFile({\n    webIdentityTokenFile: profile.web_identity_token_file,\n    roleArn: profile.role_arn,\n    roleSessionName: profile.role_session_name,\n    roleAssumerWithWebIdentity: options.roleAssumerWithWebIdentity,\n    logger: options.logger,\n    parentClientConfig: options.parentClientConfig,\n})({\n    callerClientConfig,\n}).then((creds) => setCredentialFeature(creds, \"CREDENTIALS_PROFILE_STS_WEB_ID_TOKEN\", \"q\")));\n","import { CredentialsProviderError } from \"@smithy/property-provider\";\nimport { isAssumeRoleProfile, resolveAssumeRoleCredentials } from \"./resolveAssumeRoleCredentials\";\nimport { isLoginProfile, resolveLoginCredentials } from \"./resolveLoginCredentials\";\nimport { isProcessProfile, resolveProcessCredentials } from \"./resolveProcessCredentials\";\nimport { isSsoProfile, resolveSsoCredentials } from \"./resolveSsoCredentials\";\nimport { isStaticCredsProfile, resolveStaticCredentials } from \"./resolveStaticCredentials\";\nimport { isWebIdentityProfile, resolveWebIdentityCredentials } from \"./resolveWebIdentityCredentials\";\nexport const resolveProfileData = async (profileName, profiles, options, callerClientConfig, visitedProfiles = {}, isAssumeRoleRecursiveCall = false) => {\n    const data = profiles[profileName];\n    if (Object.keys(visitedProfiles).length > 0 && isStaticCredsProfile(data)) {\n        return resolveStaticCredentials(data, options);\n    }\n    if (isAssumeRoleRecursiveCall || isAssumeRoleProfile(data, { profile: profileName, logger: options.logger })) {\n        return resolveAssumeRoleCredentials(profileName, profiles, options, callerClientConfig, visitedProfiles, resolveProfileData);\n    }\n    if (isStaticCredsProfile(data)) {\n        return resolveStaticCredentials(data, options);\n    }\n    if (isWebIdentityProfile(data)) {\n        return resolveWebIdentityCredentials(data, options, callerClientConfig);\n    }\n    if (isProcessProfile(data)) {\n        return resolveProcessCredentials(options, profileName);\n    }\n    if (isSsoProfile(data)) {\n        return await resolveSsoCredentials(profileName, data, options, callerClientConfig);\n    }\n    if (isLoginProfile(data)) {\n        return resolveLoginCredentials(profileName, options, callerClientConfig);\n    }\n    throw new CredentialsProviderError(`Could not resolve credentials using profile: [${profileName}] in configuration/credentials file(s).`, { logger: options.logger });\n};\n","import { getProfileName, parseKnownFiles } from \"@smithy/shared-ini-file-loader\";\nimport { resolveProfileData } from \"./resolveProfileData\";\nexport const fromIni = (init = {}) => async ({ callerClientConfig } = {}) => {\n    init.logger?.debug(\"@aws-sdk/credential-provider-ini - fromIni\");\n    const profiles = await parseKnownFiles(init);\n    return resolveProfileData(getProfileName({\n        profile: init.profile ?? callerClientConfig?.profile,\n    }), profiles, init, callerClientConfig);\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AEGA,SAAS,YAAY,kBAAkB,iBAAiB,YAAY;AACpE,SAAS,YAAY,UAAU;AAC/B,SAAS,eAAe;AACxB,SAAS,SAAS,YAAY;AFJvB,IAAM,0BAA0B,CAAC,kBAAkB,aAAa,WAAW;AAC9E,QAAM,qBAAqB;IACvB,cAAc,OAAO,YAAY;AAC7B,YAAM,EAAE,SAAS,IAAI,MAAM,OAAO,gCAAmC;AACrE,YAAM,EAAE,sBAAsB,IAAI,MAAM,OAAO,gCAAkC;AACjF,cAAQ,MAAM,sEAAsE;AACpF,aAAO,YAAY,MAAM,SAAS,WAAW,CAAC,CAAC,GAAG,sBAAsB,OAAO,CAAC,EAAE,EAAE,KAAK,gBAAgB;IAC7G;IACA,qBAAqB,OAAO,YAAY;AACpC,cAAQ,MAAM,6EAA6E;AAC3F,YAAM,EAAE,qBAAqB,IAAI,MAAM,OAAO,gCAAkC;AAChF,aAAO,YAAY,qBAAqB,OAAO,EAAE,EAAE,KAAK,gBAAgB;IAC5E;IACA,aAAa,OAAO,YAAY;AAC5B,cAAQ,MAAM,qEAAqE;AACnF,YAAM,EAAE,QAAQ,IAAI,MAAM,OAAO,gCAAkC;AACnE,aAAO,YAAY,QAAQ,OAAO,EAAE,EAAE,KAAK,gBAAgB;IAC/D;EACJ;AACA,MAAI,oBAAoB,oBAAoB;AACxC,WAAO,mBAAmB,gBAAgB;EAC9C,OACK;AACD,UAAM,IAAI,yBAAyB,4CAA4C,WAAW,SAAS,gBAAgB,kEAC/C,EAAE,OAAO,CAAC;EAClF;AACJ;AACA,IAAM,mBAAmB,CAAC,UAAU,qBAAqB,OAAO,sCAAsC,GAAG;ACzBlG,IAAM,sBAAsB,CAAC,KAAK,EAAE,UAAU,WAAW,OAAO,IAAI,CAAC,MAAM;AAC9E,SAAQ,QAAQ,GAAG,KACf,OAAO,QAAQ,YACf,OAAO,IAAI,aAAa,YACxB,CAAC,aAAa,QAAQ,EAAE,QAAQ,OAAO,IAAI,iBAAiB,IAAI,MAChE,CAAC,aAAa,QAAQ,EAAE,QAAQ,OAAO,IAAI,WAAW,IAAI,MAC1D,CAAC,aAAa,QAAQ,EAAE,QAAQ,OAAO,IAAI,UAAU,IAAI,OACxD,8BAA8B,KAAK,EAAE,SAAS,OAAO,CAAC,KAAK,0BAA0B,KAAK,EAAE,SAAS,OAAO,CAAC;AACtH;AACA,IAAM,gCAAgC,CAAC,KAAK,EAAE,SAAS,OAAO,MAAM;AAChE,QAAM,oBAAoB,OAAO,IAAI,mBAAmB,YAAY,OAAO,IAAI,sBAAsB;AACrG,MAAI,mBAAmB;AACnB,YAAQ,QAAQ,OAAO,OAAO,iDAAiD,IAAI,cAAc,EAAE;EACvG;AACA,SAAO;AACX;AACA,IAAM,4BAA4B,CAAC,KAAK,EAAE,SAAS,OAAO,MAAM;AAC5D,QAAM,sBAAsB,OAAO,IAAI,sBAAsB,YAAY,OAAO,IAAI,mBAAmB;AACvG,MAAI,qBAAqB;AACrB,YAAQ,QAAQ,OAAO,OAAO,gDAAgD,IAAI,iBAAiB,EAAE;EACzG;AACA,SAAO;AACX;AACO,IAAM,+BAA+B,OAAO,aAAa,UAAU,SAAS,oBAAoB,kBAAkB,CAAC,GAAGA,wBAAuB;AAChJ,UAAQ,QAAQ,MAAM,uEAAuE;AAC7F,QAAM,cAAc,SAAS,WAAW;AACxC,QAAM,EAAE,gBAAgB,OAAO,IAAI;AACnC,MAAI,CAAC,QAAQ,aAAa;AACtB,UAAM,EAAE,sBAAsB,IAAI,MAAM,OAAO,4BAA6B;AAC5E,YAAQ,cAAc,sBAAsB;MACxC,GAAG,QAAQ;MACX,0BAA0B,QAAQ;MAClC,oBAAoB;QAChB,GAAG;QACH,GAAG,SAAS;QACZ,QAAQ,UAAU,SAAS,oBAAoB,UAAU,oBAAoB;MACjF;IACJ,GAAG,QAAQ,aAAa;EAC5B;AACA,MAAI,kBAAkB,kBAAkB,iBAAiB;AACrD,UAAM,IAAI,yBAAyB,kEAC3B,eAAe,OAAO,CAAC,yBAC3B,OAAO,KAAK,eAAe,EAAE,KAAK,IAAI,GAAG,EAAE,QAAQ,QAAQ,OAAO,CAAC;EAC3E;AACA,UAAQ,QAAQ,MAAM,wEAAwE,iBAAiB,mBAAmB,cAAc,MAAM,YAAY,WAAW,GAAG,EAAE;AAClL,QAAM,sBAAsB,iBACtBA,oBAAmB,gBAAgB,UAAU,SAAS,oBAAoB;IACxE,GAAG;IACH,CAAC,cAAc,GAAG;EACtB,GAAG,iCAAiC,SAAS,cAAc,KAAK,CAAC,CAAC,CAAC,KAChE,MAAM,wBAAwB,YAAY,mBAAmB,aAAa,QAAQ,MAAM,EAAE,OAAO,GAAG;AAC3G,MAAI,iCAAiC,WAAW,GAAG;AAC/C,WAAO,oBAAoB,KAAK,CAAC,UAAU,qBAAqB,OAAO,sCAAsC,GAAG,CAAC;EACrH,OACK;AACD,UAAM,SAAS;MACX,SAAS,YAAY;MACrB,iBAAiB,YAAY,qBAAqB,cAAc,KAAK,IAAI,CAAC;MAC1E,YAAY,YAAY;MACxB,iBAAiB,SAAS,YAAY,oBAAoB,QAAQ,EAAE;IACxE;AACA,UAAM,EAAE,WAAW,IAAI;AACvB,QAAI,YAAY;AACZ,UAAI,CAAC,QAAQ,iBAAiB;AAC1B,cAAM,IAAI,yBAAyB,WAAW,WAAW,iFAAiF,EAAE,QAAQ,QAAQ,QAAQ,aAAa,MAAM,CAAC;MAC5L;AACA,aAAO,eAAe;AACtB,aAAO,YAAY,MAAM,QAAQ,gBAAgB,UAAU;IAC/D;AACA,UAAM,cAAc,MAAM;AAC1B,WAAO,QAAQ,YAAY,aAAa,MAAM,EAAE,KAAK,CAAC,UAAU,qBAAqB,OAAO,sCAAsC,GAAG,CAAC;EAC1I;AACJ;AACA,IAAM,mCAAmC,CAAC,YAAY;AAClD,SAAO,CAAC,QAAQ,YAAY,CAAC,CAAC,QAAQ;AAC1C;ACxEO,IAAM,0BAAN,MAAM,yBAAwB;EACjC;EACA;EACA;EACA,OAAO,oBAAoB,IAAI,KAAK;EACpC,YAAY,aAAa,MAAM,oBAAoB;AAC/C,SAAK,cAAc;AACnB,SAAK,OAAO;AACZ,SAAK,qBAAqB;EAC9B;EACA,MAAM,kBAAkB;AACpB,UAAM,QAAQ,MAAM,KAAK,UAAU;AACnC,QAAI,CAAC,OAAO;AACR,YAAM,IAAI,yBAAyB,sCAAsC,KAAK,YAAY,4CAA4C,EAAE,aAAa,OAAO,QAAQ,KAAK,OAAO,CAAC;IACrL;AACA,UAAM,cAAc,MAAM;AAC1B,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,aAAa,IAAI,KAAK,YAAY,SAAS,EAAE,QAAQ;AAC3D,UAAM,kBAAkB,aAAa;AACrC,QAAI,mBAAmB,yBAAwB,mBAAmB;AAC9D,aAAO,KAAK,QAAQ,KAAK;IAC7B;AACA,WAAO;MACH,aAAa,YAAY;MACzB,iBAAiB,YAAY;MAC7B,cAAc,YAAY;MAC1B,WAAW,YAAY;MACvB,YAAY,IAAI,KAAK,YAAY,SAAS;IAC9C;EACJ;EACA,IAAI,SAAS;AACT,WAAO,KAAK,MAAM;EACtB;EACA,IAAI,eAAe;AACf,WAAO,KAAK,YAAY;EAC5B;EACA,MAAM,QAAQ,OAAO;AACjB,UAAM,EAAE,cAAc,yBAAyB,IAAI,MAAM,OAAO,+BAAgC;AAChG,UAAM,EAAE,QAAQ,eAAe,IAAI,KAAK,sBAAsB,CAAC;AAC/D,UAAM,OAAO,CAACC,oBAAmB;AAC7B,aAAOA,iBAAgB,UAAU,oBAAoB;IACzD;AACA,UAAM,iBAAiB,KAAK,KAAK,oBAAoB,cAAc,IAC7D,SACA,KAAK,oBAAoB;AAC/B,UAAM,SAAS,KAAK,YAAY,UAAW,MAAM,KAAK,oBAAoB,SAAS,KAAM,QAAQ,IAAI;AACrG,UAAM,SAAS,IAAI,aAAa;MAC5B,aAAa;QACT,aAAa;QACb,iBAAiB;MACrB;MACA;MACA;MACA;MACA;MACA,GAAG,KAAK,MAAM;IAClB,CAAC;AACD,SAAK,sBAAsB,OAAO,eAAe;AACjD,UAAM,eAAe;MACjB,YAAY;QACR,UAAU,MAAM;QAChB,cAAc,MAAM;QACpB,WAAW;MACf;IACJ;AACA,QAAI;AACA,YAAM,WAAW,MAAM,OAAO,KAAK,IAAI,yBAAyB,YAAY,CAAC;AAC7E,YAAM,EAAE,aAAa,iBAAiB,aAAa,IAAI,SAAS,aAAa,eAAe,CAAC;AAC7F,YAAM,EAAE,cAAc,UAAU,IAAI,SAAS,eAAe,CAAC;AAC7D,UAAI,CAAC,eAAe,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,cAAc;AACpE,cAAM,IAAI,yBAAyB,kDAAkD;UACjF,QAAQ,KAAK;UACb,aAAa;QACjB,CAAC;MACL;AACA,YAAM,eAAe,aAAa,OAAO;AACzC,YAAM,aAAa,IAAI,KAAK,KAAK,IAAI,IAAI,WAAW;AACpD,YAAM,eAAe;QACjB,GAAG;QACH,aAAa;UACT,GAAG,MAAM;UACT;UACA;UACA;UACA,WAAW,WAAW,YAAY;QACtC;QACA;MACJ;AACA,YAAM,KAAK,UAAU,YAAY;AACjC,YAAM,iBAAiB,aAAa;AACpC,aAAO;QACH,aAAa,eAAe;QAC5B,iBAAiB,eAAe;QAChC,cAAc,eAAe;QAC7B,WAAW,eAAe;QAC1B;MACJ;IACJ,SACO,OAAO;AACV,UAAI,MAAM,SAAS,yBAAyB;AACxC,cAAM,YAAY,MAAM;AACxB,YAAI;AACJ,gBAAQ,WAAW;UACf,KAAK;AACD,sBAAU;AACV;UACJ,KAAK;AACD,sBACI;AACJ;UACJ,KAAK;AACD,sBACI;AACJ;UACJ;AACI,sBAAU,4BAA4B,OAAO,KAAK,CAAC;QAC3D;AACA,cAAM,IAAI,yBAAyB,SAAS,EAAE,QAAQ,KAAK,QAAQ,aAAa,MAAM,CAAC;MAC3F;AACA,YAAM,IAAI,yBAAyB,4BAA4B,OAAO,KAAK,CAAC,4CAA4C,EAAE,QAAQ,KAAK,OAAO,CAAC;IACnJ;EACJ;EACA,MAAM,YAAY;AACd,UAAM,gBAAgB,KAAK,iBAAiB;AAC5C,QAAI;AACA,UAAI;AACJ,UAAI;AACA,oBAAY,MAAM,SAAS,eAAe,EAAE,aAAa,KAAK,MAAM,YAAY,CAAC;MACrF,QACM;AACF,oBAAY,MAAM,GAAG,SAAS,eAAe,MAAM;MACvD;AACA,YAAM,QAAQ,KAAK,MAAM,SAAS;AAClC,YAAM,gBAAgB,CAAC,eAAe,YAAY,gBAAgB,SAAS,EAAE,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;AACpG,UAAI,CAAC,MAAM,aAAa,WAAW;AAC/B,sBAAc,KAAK,WAAW;MAClC;AACA,UAAI,cAAc,SAAS,GAAG;AAC1B,cAAM,IAAI,yBAAyB,4CAA4C,cAAc,KAAK,IAAI,CAAC,IAAI;UACvG,QAAQ,KAAK;UACb,aAAa;QACjB,CAAC;MACL;AACA,aAAO;IACX,SACO,OAAO;AACV,YAAM,IAAI,yBAAyB,6BAA6B,aAAa,KAAK,OAAO,KAAK,CAAC,IAAI;QAC/F,QAAQ,KAAK;QACb,aAAa;MACjB,CAAC;IACL;EACJ;EACA,MAAM,UAAU,OAAO;AACnB,UAAM,gBAAgB,KAAK,iBAAiB;AAC5C,UAAM,YAAY,QAAQ,aAAa;AACvC,QAAI;AACA,YAAM,GAAG,MAAM,WAAW,EAAE,WAAW,KAAK,CAAC;IACjD,SACO,OAAO;IACd;AACA,UAAM,GAAG,UAAU,eAAe,KAAK,UAAU,OAAO,MAAM,CAAC,GAAG,MAAM;EAC5E;EACA,mBAAmB;AACf,UAAM,YAAY,QAAQ,IAAI,6BAA6B,KAAK,QAAQ,GAAG,QAAQ,SAAS,OAAO;AACnG,UAAM,oBAAoB,OAAO,KAAK,KAAK,cAAc,MAAM;AAC/D,UAAM,qBAAqB,WAAW,QAAQ,EAAE,OAAO,iBAAiB,EAAE,OAAO,KAAK;AACtF,WAAO,KAAK,WAAW,GAAG,kBAAkB,OAAO;EACvD;EACA,kBAAkB,cAAc;AAC5B,QAAI,SAAS;AACb,QAAI,aAAa,MAAM,MAAM,GAAM;AAC/B,YAAM,IAAI,MAAM,uBAAuB;IAC3C;AACA;AACA,UAAM,UAAU,aAAa,QAAQ;AACrC,QAAI,IAAI,aAAa,SAAS,QAAQ,SAAS,OAAO;AACtD,cAAU;AACV,QAAI,aAAa,MAAM,MAAM,GAAM;AAC/B,YAAM,IAAI,MAAM,uBAAuB;IAC3C;AACA;AACA,UAAM,UAAU,aAAa,QAAQ;AACrC,QAAI,IAAI,aAAa,SAAS,QAAQ,SAAS,OAAO;AACtD,QAAI,EAAE,CAAC,MAAM,IAAO,EAAE,SAAS,CAAC,IAAI;AACpC,QAAI,EAAE,CAAC,MAAM,IAAO,EAAE,SAAS,CAAC,IAAI;AACpC,UAAM,UAAU,OAAO,OAAO,CAAC,OAAO,MAAM,KAAK,EAAE,MAAM,GAAG,CAAC,CAAC;AAC9D,UAAM,UAAU,OAAO,OAAO,CAAC,OAAO,MAAM,KAAK,EAAE,MAAM,GAAG,CAAC,CAAC;AAC9D,WAAO,OAAO,OAAO,CAAC,SAAS,OAAO,CAAC;EAC3C;EACA,sBAAsB,iBAAiB;AACnC,oBAAgB,IAAI,CAAC,SAAS,OAAO,SAAS;AAC1C,UAAI,YAAY,WAAW,KAAK,OAAO,GAAG;AACtC,cAAM,UAAU,KAAK;AACrB,cAAM,iBAAiB,GAAG,QAAQ,QAAQ,KAAK,QAAQ,QAAQ,GAAG,QAAQ,OAAO,IAAI,QAAQ,IAAI,KAAK,EAAE,GAAG,QAAQ,IAAI;AACvH,cAAM,OAAO,MAAM,KAAK,aAAa,QAAQ,QAAQ,cAAc;AACnE,gBAAQ,UAAU;UACd,GAAG,QAAQ;UACX,MAAM;QACV;MACJ;AACA,aAAO,KAAK,IAAI;IACpB,GAAG;MACC,MAAM;MACN,MAAM;MACN,UAAU;IACd,CAAC;EACL;EACA,MAAM,aAAa,SAAS,QAAQ,UAAU;AAC1C,UAAM,QAAQ,MAAM,KAAK,UAAU;AACnC,QAAI;AACA,YAAM,aAAa,iBAAiB;QAChC,KAAK,MAAM;QACX,QAAQ;QACR,MAAM;MACV,CAAC;AACD,YAAM,YAAY,gBAAgB,UAAU;AAC5C,YAAM,YAAY,UAAU,OAAO,EAAE,QAAQ,OAAO,MAAM,OAAO,CAAC;AAClE,UAAI,aAAa;AACjB,eAAS,IAAI,GAAG,IAAI,UAAU,QAAQ,KAAK;AACvC,YAAI,UAAU,CAAC,MAAM,GAAM;AACvB,uBAAa;AACb;QACJ;MACJ;AACA,YAAM,IAAI,UAAU,MAAM,aAAa,GAAG,aAAa,EAAE;AACzD,YAAM,IAAI,UAAU,MAAM,aAAa,IAAI,aAAa,EAAE;AAC1D,YAAM,SAAS;QACX,KAAK;QACL,KAAK;QACL,KAAK;UACD,KAAK;UACL,KAAK;UACL,GAAG,EAAE,SAAS,WAAW;UACzB,GAAG,EAAE,SAAS,WAAW;QAC7B;MACJ;AACA,YAAM,UAAU;QACZ,KAAK,OAAO,WAAW;QACvB,KAAK;QACL,KAAK;QACL,KAAK,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;MACrC;AACA,YAAM,YAAY,OAAO,KAAK,KAAK,UAAU,MAAM,CAAC,EAAE,SAAS,WAAW;AAC1E,YAAM,aAAa,OAAO,KAAK,KAAK,UAAU,OAAO,CAAC,EAAE,SAAS,WAAW;AAC5E,YAAM,UAAU,GAAG,SAAS,IAAI,UAAU;AAC1C,YAAM,gBAAgB,KAAK,UAAU,OAAO,KAAK,OAAO,GAAG,UAAU;AACrE,YAAM,eAAe,KAAK,kBAAkB,aAAa;AACzD,YAAM,eAAe,aAAa,SAAS,WAAW;AACtD,aAAO,GAAG,OAAO,IAAI,YAAY;IACrC,SACO,OAAO;AACV,YAAM,IAAI,yBAAyB,kCAAkC,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC,IAAI,EAAE,QAAQ,KAAK,QAAQ,aAAa,MAAM,CAAC;IAC9K;EACJ;AACJ;ACjQO,IAAM,uBAAuB,CAAC,SAAS,OAAO,EAAE,mBAAmB,IAAI,CAAC,MAAM;AACjF,QAAM,QAAQ,QAAQ,sDAAsD;AAC5E,QAAM,WAAW,MAAM,gBAAgB,QAAQ,CAAC,CAAC;AACjD,QAAM,cAAc,eAAe;IAC/B,SAAS,MAAM,WAAW,oBAAoB;EAClD,CAAC;AACD,QAAM,UAAU,SAAS,WAAW;AACpC,MAAI,CAAC,SAAS,eAAe;AACzB,UAAM,IAAI,yBAAyB,WAAW,WAAW,oCAAoC;MACzF,aAAa;MACb,QAAQ,MAAM;IAClB,CAAC;EACL;AACA,QAAM,UAAU,IAAI,wBAAwB,SAAS,MAAM,kBAAkB;AAC7E,QAAM,cAAc,MAAM,QAAQ,gBAAgB;AAClD,SAAO,qBAAqB,aAAa,qBAAqB,IAAI;AACtE;AClBO,IAAM,iBAAiB,CAAC,SAAS;AACpC,SAAO,QAAQ,QAAQ,KAAK,aAAa;AAC7C;AACO,IAAM,0BAA0B,OAAO,aAAa,SAAS,uBAAuB;AACvF,QAAM,cAAc,MAAM,qBAAqB;IAC3C,GAAG;IACH,SAAS;EACb,CAAC,EAAE,EAAE,mBAAmB,CAAC;AACzB,SAAO,qBAAqB,aAAa,6BAA6B,IAAI;AAC9E;ACVO,IAAM,mBAAmB,CAAC,QAAQ,QAAQ,GAAG,KAAK,OAAO,QAAQ,YAAY,OAAO,IAAI,uBAAuB;AAC/G,IAAM,4BAA4B,OAAO,SAAS,YAAY,OAAO,gCAAsC,EAAE,KAAK,CAAC,EAAE,YAAY,MAAM,YAAY;EACtJ,GAAG;EACH;AACJ,CAAC,EAAE,EAAE,KAAK,CAAC,UAAU,qBAAqB,OAAO,+BAA+B,GAAG,CAAC,CAAC;ACJ9E,IAAM,wBAAwB,OAAO,SAAS,aAAa,UAAU,CAAC,GAAG,uBAAuB;AACnG,QAAM,EAAE,QAAQ,IAAI,MAAM,OAAO,gCAAkC;AACnE,SAAO,QAAQ;IACX;IACA,QAAQ,QAAQ;IAChB,oBAAoB,QAAQ;IAC5B,cAAc,QAAQ;EAC1B,CAAC,EAAE;IACC;EACJ,CAAC,EAAE,KAAK,CAAC,UAAU;AACf,QAAI,YAAY,aAAa;AACzB,aAAO,qBAAqB,OAAO,2BAA2B,GAAG;IACrE,OACK;AACD,aAAO,qBAAqB,OAAO,kCAAkC,GAAG;IAC5E;EACJ,CAAC;AACL;AACO,IAAM,eAAe,CAAC,QAAQ,QAChC,OAAO,IAAI,kBAAkB,YAC1B,OAAO,IAAI,mBAAmB,YAC9B,OAAO,IAAI,gBAAgB,YAC3B,OAAO,IAAI,eAAe,YAC1B,OAAO,IAAI,kBAAkB;ACvB9B,IAAM,uBAAuB,CAAC,QAAQ,QAAQ,GAAG,KACpD,OAAO,QAAQ,YACf,OAAO,IAAI,sBAAsB,YACjC,OAAO,IAAI,0BAA0B,YACrC,CAAC,aAAa,QAAQ,EAAE,QAAQ,OAAO,IAAI,iBAAiB,IAAI,MAChE,CAAC,aAAa,QAAQ,EAAE,QAAQ,OAAO,IAAI,cAAc,IAAI;AAC1D,IAAM,2BAA2B,OAAO,SAAS,YAAY;AAChE,WAAS,QAAQ,MAAM,6DAA6D;AACpF,QAAM,cAAc;IAChB,aAAa,QAAQ;IACrB,iBAAiB,QAAQ;IACzB,cAAc,QAAQ;IACtB,GAAI,QAAQ,wBAAwB,EAAE,iBAAiB,QAAQ,qBAAqB;IACpF,GAAI,QAAQ,kBAAkB,EAAE,WAAW,QAAQ,eAAe;EACtE;AACA,SAAO,qBAAqB,aAAa,uBAAuB,GAAG;AACvE;AChBO,IAAM,uBAAuB,CAAC,QAAQ,QAAQ,GAAG,KACpD,OAAO,QAAQ,YACf,OAAO,IAAI,4BAA4B,YACvC,OAAO,IAAI,aAAa,YACxB,CAAC,aAAa,QAAQ,EAAE,QAAQ,OAAO,IAAI,iBAAiB,IAAI;AAC7D,IAAM,gCAAgC,OAAO,SAAS,SAAS,uBAAuB,OAAO,gCAA2C,EAAE,KAAK,CAAC,EAAE,cAAc,MAAM,cAAc;EACvL,sBAAsB,QAAQ;EAC9B,SAAS,QAAQ;EACjB,iBAAiB,QAAQ;EACzB,4BAA4B,QAAQ;EACpC,QAAQ,QAAQ;EAChB,oBAAoB,QAAQ;AAChC,CAAC,EAAE;EACC;AACJ,CAAC,EAAE,KAAK,CAAC,UAAU,qBAAqB,OAAO,wCAAwC,GAAG,CAAC,CAAC;ACRrF,IAAM,qBAAqB,OAAO,aAAa,UAAU,SAAS,oBAAoB,kBAAkB,CAAC,GAAG,4BAA4B,UAAU;AACrJ,QAAM,OAAO,SAAS,WAAW;AACjC,MAAI,OAAO,KAAK,eAAe,EAAE,SAAS,KAAK,qBAAqB,IAAI,GAAG;AACvE,WAAO,yBAAyB,MAAM,OAAO;EACjD;AACA,MAAI,6BAA6B,oBAAoB,MAAM,EAAE,SAAS,aAAa,QAAQ,QAAQ,OAAO,CAAC,GAAG;AAC1G,WAAO,6BAA6B,aAAa,UAAU,SAAS,oBAAoB,iBAAiB,kBAAkB;EAC/H;AACA,MAAI,qBAAqB,IAAI,GAAG;AAC5B,WAAO,yBAAyB,MAAM,OAAO;EACjD;AACA,MAAI,qBAAqB,IAAI,GAAG;AAC5B,WAAO,8BAA8B,MAAM,SAAS,kBAAkB;EAC1E;AACA,MAAI,iBAAiB,IAAI,GAAG;AACxB,WAAO,0BAA0B,SAAS,WAAW;EACzD;AACA,MAAI,aAAa,IAAI,GAAG;AACpB,WAAO,MAAM,sBAAsB,aAAa,MAAM,SAAS,kBAAkB;EACrF;AACA,MAAI,eAAe,IAAI,GAAG;AACtB,WAAO,wBAAwB,aAAa,SAAS,kBAAkB;EAC3E;AACA,QAAM,IAAI,yBAAyB,iDAAiD,WAAW,2CAA2C,EAAE,QAAQ,QAAQ,OAAO,CAAC;AACxK;AC7BO,IAAM,UAAU,CAAC,OAAO,CAAC,MAAM,OAAO,EAAE,mBAAmB,IAAI,CAAC,MAAM;AACzE,OAAK,QAAQ,MAAM,4CAA4C;AAC/D,QAAM,WAAW,MAAM,gBAAgB,IAAI;AAC3C,SAAO,mBAAmB,eAAe;IACrC,SAAS,KAAK,WAAW,oBAAoB;EACjD,CAAC,GAAG,UAAU,MAAM,kBAAkB;AAC1C;","names":["resolveProfileData","requestHandler"]}

package/dist/dist-es-SRVEB5QV-Q4CTC2HX.js

@@ -0,0 +1,24 @@
+import { createRequire } from 'node:module'; const require = createRequire(import.meta.url);
+import {
+  ENV_ACCOUNT_ID,
+  ENV_CREDENTIAL_SCOPE,
+  ENV_EXPIRATION,
+  ENV_KEY,
+  ENV_SECRET,
+  ENV_SESSION,
+  fromEnv
+} from "./chunk-UALXHIMX.js";
+import "./chunk-ONETZL6N.js";
+import "./chunk-UHP5KEDL.js";
+import "./chunk-UGXG73VF.js";
+import "./chunk-5H446C7X.js";
+export {
+  ENV_ACCOUNT_ID,
+  ENV_CREDENTIAL_SCOPE,
+  ENV_EXPIRATION,
+  ENV_KEY,
+  ENV_SECRET,
+  ENV_SESSION,
+  fromEnv
+};
+//# sourceMappingURL=dist-es-SRVEB5QV-Q4CTC2HX.js.map