gemi 0.4.37 → 0.4.40

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. package/dist/chunk-00f16704831dd8b0.js +2 -0
  2. package/dist/chunk-11a75566ff74db17.js +6 -0
  3. package/dist/chunk-2672477bf396bad8.js +2 -0
  4. package/dist/chunk-28bb1e70f39736ee.js +2 -0
  5. package/dist/chunk-2a101fb25d52469b.js +2 -0
  6. package/dist/chunk-2a48e0098ccd4249.js +1 -1
  7. package/dist/chunk-38237d1b01b0db25.js +3 -0
  8. package/dist/chunk-3a9fcddbd219223b.js +3 -0
  9. package/dist/chunk-3c83d6762f7e56b3.js +2 -0
  10. package/dist/chunk-442a5b1ec74c72f8.js +2 -0
  11. package/dist/chunk-5128de1a65ba6ce1.js +2 -0
  12. package/dist/chunk-5190b38f06507ee1.js +18 -0
  13. package/dist/chunk-552bdaee8c03e091.js +1 -1
  14. package/dist/chunk-59e951812cb019e6.js +2 -0
  15. package/dist/chunk-5b54843712abde58.js +2 -0
  16. package/dist/chunk-5c2a5156f6bef0f5.js +2 -0
  17. package/dist/chunk-5defd55c3c97bdb2.js +2 -0
  18. package/dist/chunk-648dff766091372e.js +2 -0
  19. package/dist/chunk-682b01231754a121.js +1 -1
  20. package/dist/chunk-6afe097e13ebdf55.js +1 -1
  21. package/dist/chunk-733513f9c9e8b50f.js +2 -0
  22. package/dist/chunk-73c97da8ac4f1d30.js +1 -0
  23. package/dist/chunk-73c9d39f58a30fe2.js +6 -0
  24. package/dist/chunk-8b944ecefa1b832c.js +18 -0
  25. package/dist/chunk-8f547b919361fdf4.js +2 -0
  26. package/dist/chunk-9238196d4889d660.js +1 -0
  27. package/dist/chunk-92a55add20b5d7ac.js +9 -0
  28. package/dist/chunk-9f6199bc705fc395.js +18 -0
  29. package/dist/chunk-a02b2d564bdb603d.js +6 -0
  30. package/dist/chunk-a8310ad9bad32329.js +1 -1
  31. package/dist/chunk-aafdd9bfb5bde8bf.js +2 -0
  32. package/dist/chunk-ab79a2f0d89fbeae.js +1 -0
  33. package/dist/chunk-abd0b68c299eebfc.js +1 -1
  34. package/dist/chunk-b66a9e50afbac035.js +9 -0
  35. package/dist/chunk-bee6075c5738d87a.js +1 -1
  36. package/dist/chunk-bf4fa1d9864332a8.js +2 -0
  37. package/dist/chunk-c8b00b645df96ed5.js +1 -1
  38. package/dist/chunk-cb65fe402653c65e.js +1 -1
  39. package/dist/chunk-cce7de7e81895807.js +2 -0
  40. package/dist/chunk-d7457cb6aae3b29b.js +2 -0
  41. package/dist/chunk-dad55fcc32d05b69.js +2 -0
  42. package/dist/chunk-dd21f367f8029793.js +2 -0
  43. package/dist/chunk-ee4ff285d7f4ccdf.js +1 -1
  44. package/dist/client/index.d.ts +1 -1
  45. package/dist/client/index.d.ts.map +1 -1
  46. package/dist/client/types.d.ts +5 -2
  47. package/dist/client/types.d.ts.map +1 -1
  48. package/dist/http/ViewRouter.d.ts +1 -1
  49. package/dist/http/ViewRouter.d.ts.map +1 -1
  50. package/dist/http/index.js +1 -1
  51. package/dist/server/index.js +1 -1
  52. package/dist/storage/index.js +3 -3
  53. package/package.json +2 -2
package/dist/chunk-682b01231754a121.js CHANGED
@@ -1,2 +1,2 @@
1
1
  // @bun
2
- import"./chunk-a5c18c07abe8fd9c.js";import"./chunk-bbd36ce62b950ee5.js";import{kb as y,lb as K,mb as E,pb as C,qb as N} from"./chunk-6943b50bd0a3ac84.js";import{sb as i,tb as f} from"./chunk-100b76ab0ca3e14d.js";var F=(e)=>e&&(typeof e.sso_start_url==="string"||typeof e.sso_account_id==="string"||typeof e.sso_session==="string"||typeof e.sso_region==="string"||typeof e.sso_role_name==="string");var L=300000,_="To refresh this SSO session run 'aws sso login' with the corresponding profile.";var I={},M=async(e)=>{const{SSOOIDCClient:r}=await import("./chunk-2b2764983015552e.js");if(I[e])return I[e];const s=new r({region:e});return I[e]=s,s};var H=async(e,r)=>{const{CreateTokenCommand:s}=await import("./chunk-2b2764983015552e.js");return(await M(r)).send(new s({clientId:e.clientId,clientSecret:e.clientSecret,refreshToken:e.refreshToken,grantType:"refresh_token"}))};var v=(e)=>{if(e.expiration&&e.expiration.getTime()<Date.now())throw new f(`Token is expired. ${_}`,!1)};var m=(e,r,s=!1)=>{if(typeof r==="undefined")throw new f(`Value not present for '${e}' in SSO Token${s?". Cannot refresh":""}. ${_}`,!1)};import{promises as W} from"fs";var{writeFile:j}=W,b=(e,r)=>{const s=K(e),t=JSON.stringify(r,null,2);return j(s,t)};var G=new Date(0),U=(e={})=>async()=>{e.logger?.debug("@aws-sdk/token-providers - fromSso");const r=await N(e),s=y(e),t=r[s];if(!t)throw new f(`Profile '${s}' could not be found in shared credentials file.`,!1);else if(!t.sso_session)throw new f(`Profile '${s}' is missing required property 'sso_session'.`);const a=t.sso_session,c=(await C(e))[a];if(!c)throw new f(`Sso session '${a}' could not be found in shared credentials file.`,!1);for(let n of["sso_start_url","sso_region"])if(!c[n])throw new f(`Sso session '${a}' is missing required property '${n}'.`,!1);const{sso_start_url:p,sso_region:S}=c;let o;try{o=await E(a)}catch(n){throw new f(`The SSO session token associated with profile=${s} was not found or is invalid. ${_}`,!1)}m("accessToken",o.accessToken),m("expiresAt",o.expiresAt);const{accessToken:x,expiresAt:u}=o,l={token:x,expiration:new Date(u)};if(l.expiration.getTime()-Date.now()>L)return l;if(Date.now()-G.getTime()<30000)return v(l),l;m("clientId",o.clientId,!0),m("clientSecret",o.clientSecret,!0),m("refreshToken",o.refreshToken,!0);try{G.setTime(Date.now());const n=await H(o,S);m("accessToken",n.accessToken),m("expiresIn",n.expiresIn);const h=new Date(Date.now()+n.expiresIn*1000);try{await b(a,{...o,accessToken:n.accessToken,expiresAt:h.toISOString(),refreshToken:n.refreshToken})}catch(O){}return{token:n.accessToken,expiration:h}}catch(n){return v(l),l}};var T=!1,P=async({ssoStartUrl:e,ssoSession:r,ssoAccountId:s,ssoRegion:t,ssoRoleName:a,ssoClient:d,clientConfig:c,profile:p,logger:S})=>{let o;const x="To refresh this SSO session run aws sso login with the corresponding profile.";if(r)try{const g=await U({profile:p})();o={accessToken:g.token,expiresAt:new Date(g.expiration).toISOString()}}catch(g){throw new i(g.message,{tryNextLink:T,logger:S})}else try{o=await E(e)}catch(g){throw new i("The SSO session associated with this profile is invalid. To refresh this SSO session run aws sso login with the corresponding profile.",{tryNextLink:T,logger:S})}if(new Date(o.expiresAt).getTime()-Date.now()<=0)throw new i("The SSO session associated with this profile has expired. To refresh this SSO session run aws sso login with the corresponding profile.",{tryNextLink:T,logger:S});const{accessToken:u}=o,{SSOClient:l,GetRoleCredentialsCommand:n}=await import("./chunk-1334ee957ff9058c.js"),h=d||new l(Object.assign({},c??{},{region:c?.region??t}));let O;try{O=await h.send(new n({accountId:s,roleName:a,accessToken:u}))}catch(g){throw new i(g,{tryNextLink:T,logger:S})}const{roleCredentials:{accessKeyId:w,secretAccessKey:k,sessionToken:R,expiration:D,credentialScope:A,accountId:$}={}}=O;if(!w||!k||!R||!D)throw new i("SSO returns an invalid temporary credential.",{tryNextLink:T,logger:S});return{accessKeyId:w,secretAccessKey:k,sessionToken:R,expiration:new Date(D),...A&&{credentialScope:A},...$&&{accountId:$}}};var q=(e,r)=>{const{sso_start_url:s,sso_account_id:t,sso_region:a,sso_role_name:d}=e;if(!s||!t||!a||!d)throw new i('Profile is configured with invalid SSO credentials. Required parameters "sso_account_id", '+`"sso_region", "sso_role_name", "sso_start_url". Got ${Object.keys(e).join(", ")}\nReference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html`,{tryNextLink:!1,logger:r});return e};var Ee=(e={})=>async()=>{e.logger?.debug("@aws-sdk/credential-provider-sso - fromSSO");const{ssoStartUrl:r,ssoAccountId:s,ssoRegion:t,ssoRoleName:a,ssoSession:d}=e,{ssoClient:c}=e,p=y(e);if(!r&&!s&&!t&&!a&&!d){const o=(await N(e))[p];if(!o)throw new i(`Profile ${p} was not found.`,{logger:e.logger});if(!F(o))throw new i(`Profile ${p} is not configured with SSO credentials.`,{logger:e.logger});if(o?.sso_session){const w=(await C(e))[o.sso_session],k=` configurations in profile ${p} and sso-session ${o.sso_session}`;if(t&&t!==w.sso_region)throw new i("Conflicting SSO region"+k,{tryNextLink:!1,logger:e.logger});if(r&&r!==w.sso_start_url)throw new i("Conflicting SSO start_url"+k,{tryNextLink:!1,logger:e.logger});o.sso_region=w.sso_region,o.sso_start_url=w.sso_start_url}const{sso_start_url:x,sso_account_id:u,sso_region:l,sso_role_name:n,sso_session:h}=q(o,e.logger);return P({ssoStartUrl:x,ssoSession:h,ssoAccountId:u,ssoRegion:l,ssoRoleName:n,ssoClient:c,clientConfig:e.clientConfig,profile:p})}else if(!r||!s||!t||!a)throw new i('Incomplete configuration. The fromSSO() argument hash must include "ssoStartUrl", "ssoAccountId", "ssoRegion", "ssoRoleName"',{tryNextLink:!1,logger:e.logger});else return P({ssoStartUrl:r,ssoSession:d,ssoAccountId:s,ssoRegion:t,ssoRoleName:a,ssoClient:c,clientConfig:e.clientConfig,profile:p})};export{q as validateSsoProfile,F as isSsoProfile,Ee as fromSSO};
2
+ import"./chunk-a5c18c07abe8fd9c.js";import"./chunk-bbd36ce62b950ee5.js";import{kb as y,lb as K,mb as E,pb as C,qb as N} from"./chunk-6943b50bd0a3ac84.js";import{sb as i,tb as f} from"./chunk-100b76ab0ca3e14d.js";var F=(e)=>e&&(typeof e.sso_start_url==="string"||typeof e.sso_account_id==="string"||typeof e.sso_session==="string"||typeof e.sso_region==="string"||typeof e.sso_role_name==="string");var L=300000,_="To refresh this SSO session run 'aws sso login' with the corresponding profile.";var I={},M=async(e)=>{const{SSOOIDCClient:r}=await import("./chunk-5128de1a65ba6ce1.js");if(I[e])return I[e];const s=new r({region:e});return I[e]=s,s};var H=async(e,r)=>{const{CreateTokenCommand:s}=await import("./chunk-5128de1a65ba6ce1.js");return(await M(r)).send(new s({clientId:e.clientId,clientSecret:e.clientSecret,refreshToken:e.refreshToken,grantType:"refresh_token"}))};var v=(e)=>{if(e.expiration&&e.expiration.getTime()<Date.now())throw new f(`Token is expired. ${_}`,!1)};var m=(e,r,s=!1)=>{if(typeof r==="undefined")throw new f(`Value not present for '${e}' in SSO Token${s?". Cannot refresh":""}. ${_}`,!1)};import{promises as W} from"fs";var{writeFile:j}=W,b=(e,r)=>{const s=K(e),t=JSON.stringify(r,null,2);return j(s,t)};var G=new Date(0),U=(e={})=>async()=>{e.logger?.debug("@aws-sdk/token-providers - fromSso");const r=await N(e),s=y(e),t=r[s];if(!t)throw new f(`Profile '${s}' could not be found in shared credentials file.`,!1);else if(!t.sso_session)throw new f(`Profile '${s}' is missing required property 'sso_session'.`);const a=t.sso_session,c=(await C(e))[a];if(!c)throw new f(`Sso session '${a}' could not be found in shared credentials file.`,!1);for(let n of["sso_start_url","sso_region"])if(!c[n])throw new f(`Sso session '${a}' is missing required property '${n}'.`,!1);const{sso_start_url:p,sso_region:S}=c;let o;try{o=await E(a)}catch(n){throw new f(`The SSO session token associated with profile=${s} was not found or is invalid. ${_}`,!1)}m("accessToken",o.accessToken),m("expiresAt",o.expiresAt);const{accessToken:x,expiresAt:u}=o,l={token:x,expiration:new Date(u)};if(l.expiration.getTime()-Date.now()>L)return l;if(Date.now()-G.getTime()<30000)return v(l),l;m("clientId",o.clientId,!0),m("clientSecret",o.clientSecret,!0),m("refreshToken",o.refreshToken,!0);try{G.setTime(Date.now());const n=await H(o,S);m("accessToken",n.accessToken),m("expiresIn",n.expiresIn);const h=new Date(Date.now()+n.expiresIn*1000);try{await b(a,{...o,accessToken:n.accessToken,expiresAt:h.toISOString(),refreshToken:n.refreshToken})}catch(O){}return{token:n.accessToken,expiration:h}}catch(n){return v(l),l}};var T=!1,P=async({ssoStartUrl:e,ssoSession:r,ssoAccountId:s,ssoRegion:t,ssoRoleName:a,ssoClient:d,clientConfig:c,profile:p,logger:S})=>{let o;const x="To refresh this SSO session run aws sso login with the corresponding profile.";if(r)try{const g=await U({profile:p})();o={accessToken:g.token,expiresAt:new Date(g.expiration).toISOString()}}catch(g){throw new i(g.message,{tryNextLink:T,logger:S})}else try{o=await E(e)}catch(g){throw new i("The SSO session associated with this profile is invalid. To refresh this SSO session run aws sso login with the corresponding profile.",{tryNextLink:T,logger:S})}if(new Date(o.expiresAt).getTime()-Date.now()<=0)throw new i("The SSO session associated with this profile has expired. To refresh this SSO session run aws sso login with the corresponding profile.",{tryNextLink:T,logger:S});const{accessToken:u}=o,{SSOClient:l,GetRoleCredentialsCommand:n}=await import("./chunk-5defd55c3c97bdb2.js"),h=d||new l(Object.assign({},c??{},{region:c?.region??t}));let O;try{O=await h.send(new n({accountId:s,roleName:a,accessToken:u}))}catch(g){throw new i(g,{tryNextLink:T,logger:S})}const{roleCredentials:{accessKeyId:w,secretAccessKey:k,sessionToken:R,expiration:D,credentialScope:A,accountId:$}={}}=O;if(!w||!k||!R||!D)throw new i("SSO returns an invalid temporary credential.",{tryNextLink:T,logger:S});return{accessKeyId:w,secretAccessKey:k,sessionToken:R,expiration:new Date(D),...A&&{credentialScope:A},...$&&{accountId:$}}};var q=(e,r)=>{const{sso_start_url:s,sso_account_id:t,sso_region:a,sso_role_name:d}=e;if(!s||!t||!a||!d)throw new i('Profile is configured with invalid SSO credentials. Required parameters "sso_account_id", '+`"sso_region", "sso_role_name", "sso_start_url". Got ${Object.keys(e).join(", ")}\nReference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html`,{tryNextLink:!1,logger:r});return e};var Ee=(e={})=>async()=>{e.logger?.debug("@aws-sdk/credential-provider-sso - fromSSO");const{ssoStartUrl:r,ssoAccountId:s,ssoRegion:t,ssoRoleName:a,ssoSession:d}=e,{ssoClient:c}=e,p=y(e);if(!r&&!s&&!t&&!a&&!d){const o=(await N(e))[p];if(!o)throw new i(`Profile ${p} was not found.`,{logger:e.logger});if(!F(o))throw new i(`Profile ${p} is not configured with SSO credentials.`,{logger:e.logger});if(o?.sso_session){const w=(await C(e))[o.sso_session],k=` configurations in profile ${p} and sso-session ${o.sso_session}`;if(t&&t!==w.sso_region)throw new i("Conflicting SSO region"+k,{tryNextLink:!1,logger:e.logger});if(r&&r!==w.sso_start_url)throw new i("Conflicting SSO start_url"+k,{tryNextLink:!1,logger:e.logger});o.sso_region=w.sso_region,o.sso_start_url=w.sso_start_url}const{sso_start_url:x,sso_account_id:u,sso_region:l,sso_role_name:n,sso_session:h}=q(o,e.logger);return P({ssoStartUrl:x,ssoSession:h,ssoAccountId:u,ssoRegion:l,ssoRoleName:n,ssoClient:c,clientConfig:e.clientConfig,profile:p})}else if(!r||!s||!t||!a)throw new i('Incomplete configuration. The fromSSO() argument hash must include "ssoStartUrl", "ssoAccountId", "ssoRegion", "ssoRoleName"',{tryNextLink:!1,logger:e.logger});else return P({ssoStartUrl:r,ssoSession:d,ssoAccountId:s,ssoRegion:t,ssoRoleName:a,ssoClient:c,clientConfig:e.clientConfig,profile:p})};export{q as validateSsoProfile,F as isSsoProfile,Ee as fromSSO};
package/dist/chunk-6afe097e13ebdf55.js CHANGED
@@ -1,2 +1,2 @@
1
1
  // @bun
2
- import"./chunk-c675f193d459818e.js";import"./chunk-72821f055108528e.js";import{hb as v,ib as B} from"./chunk-a8310ad9bad32329.js";import{jb as z,kb as y} from"./chunk-2f7aac67f16768a5.js";import"./chunk-cb69e9621a60d310.js";import{parse as p} from"url";import{Buffer as M} from"buffer";import{request as k} from"http";function u(c){return new Promise((I,x)=>{const T=k({method:"GET",...c,hostname:c.hostname?.replace(/^\[(.+)\]$/,"$1")});T.on("error",(N)=>{x(Object.assign(new z("Unable to connect to instance metadata service"),N)),T.destroy()}),T.on("timeout",()=>{x(new z("TimeoutError from instance metadata service")),T.destroy()}),T.on("response",(N)=>{const{statusCode:O=400}=N;if(O<200||300<=O)x(Object.assign(new z("Error response received from instance metadata service"),{statusCode:O})),T.destroy();const E=[];N.on("data",(w)=>{E.push(w)}),N.on("end",()=>{I(M.concat(E)),T.destroy()})}),T.end()})}var K=(c)=>Boolean(c)&&typeof c==="object"&&typeof c.AccessKeyId==="string"&&typeof c.SecretAccessKey==="string"&&typeof c.Token==="string"&&typeof c.Expiration==="string",_=(c)=>({accessKeyId:c.AccessKeyId,secretAccessKey:c.SecretAccessKey,sessionToken:c.Token,expiration:new Date(c.Expiration),...c.AccountId&&{accountId:c.AccountId}});var hc=1000,Yc=0,D=({maxRetries:c=0,timeout:I=1000})=>({maxRetries:c,timeout:I});var m=(c,I)=>{let x=c();for(let T=0;T<I;T++)x=x.catch(c);return x};var Q="AWS_CONTAINER_CREDENTIALS_FULL_URI",X="AWS_CONTAINER_CREDENTIALS_RELATIVE_URI",b="AWS_CONTAINER_AUTHORIZATION_TOKEN",mc=(c={})=>{const{timeout:I,maxRetries:x}=D(c);return()=>m(async()=>{const T=await s({logger:c.logger}),N=JSON.parse(await C(I,T));if(!K(N))throw new y("Invalid response received from instance metadata service.",{logger:c.logger});return _(N)},x)},C=async(c,I)=>{if(process.env[b])I.headers={...I.headers,Authorization:process.env[b]};return(await u({...I,timeout:c})).toString()},a="169.254.170.2",n={localhost:!0,"127.0.0.1":!0},o={"http:":!0,"https:":!0},s=async({logger:c})=>{if(process.env[X])return{hostname:a,path:process.env[X]};if(process.env[Q]){const I=p(process.env[Q]);if(!I.hostname||!(I.hostname in n))throw new y(`${I.hostname} is not a valid container metadata service hostname`,{tryNextLink:!1,logger:c});if(!I.protocol||!(I.protocol in o))throw new y(`${I.protocol} is not a valid container metadata service protocol`,{tryNextLink:!1,logger:c});return{...I,port:I.port?parseInt(I.port,10):void 0}}throw new y("The container metadata credential provider cannot be used unless"+` the ${X} or ${Q} environment`+" variable is set",{tryNextLink:!1,logger:c})};class G extends y{constructor(c,I=!0){super(c,I);this.tryNextLink=I,this.name="InstanceMetadataV1FallbackError",Object.setPrototypeOf(this,G.prototype)}}var A;(function(c){c.IPv4="http://169.254.169.254",c.IPv6="http://[fd00:ec2::254]"})(A||(A={}));var H={environmentVariableSelector:(c)=>c["AWS_EC2_METADATA_SERVICE_ENDPOINT"],configFileSelector:(c)=>c["ec2_metadata_service_endpoint"],default:void 0};var f;(function(c){c.IPv4="IPv4",c.IPv6="IPv6"})(f||(f={}));var g="AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE",l="ec2_metadata_service_endpoint_mode",q={environmentVariableSelector:(c)=>c[g],configFileSelector:(c)=>c[l],default:f.IPv4};var Z=async()=>B(await r()||await d()),r=async()=>v(H)(),d=async()=>{const c=await v(q)();switch(c){case f.IPv4:return A.IPv4;case f.IPv6:return A.IPv6;default:throw new Error(`Unsupported endpoint mode: ${c}.`+` Select from ${Object.values(f)}`)}};var L=(c,I)=>{const x=300+Math.floor(Math.random()*300),T=new Date(Date.now()+x*1000);I.warn("Attempting credential expiration extension due to a credential service availability issue. A refresh of these "+`credentials will be attempted after ${new Date(T)}.\nFor more information, please visit: `+"https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html");const N=c.originalExpiration??c.expiration;return{...c,...N?{originalExpiration:N}:{},expiration:T}};var U=(c,I={})=>{const x=I?.logger||console;let T;return async()=>{let N;try{if(N=await c(),N.expiration&&N.expiration.getTime()<Date.now())N=L(N,x)}catch(O){if(T)x.warn("Credential renew failed: ",O),N=L(T,x);else throw O}return T=N,N}};var P="/latest/meta-data/iam/security-credentials/",e="/latest/api/token",W="AWS_EC2_METADATA_V1_DISABLED",t="ec2_metadata_v1_disabled",F="x-aws-ec2-metadata-token",oc=(c={})=>U(i(c),{logger:c.logger}),i=(c={})=>{let I=!1;const{logger:x,profile:T}=c,{timeout:N,maxRetries:O}=D(c),E=async(w,$)=>{if(I||$.headers?.[F]==null){let h=!1,Y=!1;const R=await v({environmentVariableSelector:(S)=>{const j=S[W];if(Y=!!j&&j!=="false",j===void 0)throw new y(`${W} not set in env, checking config file next.`,{logger:c.logger});return Y},configFileSelector:(S)=>{const j=S[t];return h=!!j&&j!=="false",h},default:!1},{profile:T})();if(c.ec2MetadataV1Disabled||R){const S=[];if(c.ec2MetadataV1Disabled)S.push("credential provider initialization (runtime option ec2MetadataV1Disabled)");if(h)S.push(`config file profile (${t})`);if(Y)S.push(`process environment variable (${W})`);throw new G(`AWS EC2 Metadata v1 fallback has been blocked by AWS SDK configuration in the following: [${S.join(", ")}].`)}}const V=(await m(async()=>{let h;try{h=await Ic($)}catch(Y){if(Y.statusCode===401)I=!1;throw Y}return h},w)).trim();return m(async()=>{let h;try{h=await Tc(V,$,c)}catch(Y){if(Y.statusCode===401)I=!1;throw Y}return h},w)};return async()=>{const w=await Z();if(I)return x?.debug("AWS SDK Instance Metadata","using v1 fallback (no token fetch)"),E(O,{...w,timeout:N});else{let $;try{$=(await cc({...w,timeout:N})).toString()}catch(J){if(J?.statusCode===400)throw Object.assign(J,{message:"EC2 Metadata token request returned error"});else if(J.message==="TimeoutError"||[403,404,405].includes(J.statusCode))I=!0;return x?.debug("AWS SDK Instance Metadata","using v1 fallback (initial)"),E(O,{...w,timeout:N})}return E(O,{...w,headers:{[F]:$},timeout:N})}}},cc=async(c)=>u({...c,path:e,method:"PUT",headers:{"x-aws-ec2-metadata-token-ttl-seconds":"21600"}}),Ic=async(c)=>(await u({...c,path:P})).toString(),Tc=async(c,I,x)=>{const T=JSON.parse((await u({...I,path:P+c})).toString());if(!K(T))throw new y("Invalid response received from instance metadata service.",{logger:x.logger});return _(T)};export{D as providerConfigFromInit,u as httpRequest,Z as getInstanceMetadataEndpoint,oc as fromInstanceMetadata,mc as fromContainerMetadata,A as Endpoint,X as ENV_CMDS_RELATIVE_URI,Q as ENV_CMDS_FULL_URI,b as ENV_CMDS_AUTH_TOKEN,hc as DEFAULT_TIMEOUT,Yc as DEFAULT_MAX_RETRIES};
2
+ import"./chunk-a5c18c07abe8fd9c.js";import"./chunk-3bf6f8c8e8589e3d.js";import{hb as v,ib as B} from"./chunk-a8310ad9bad32329.js";import{jb as z,kb as y} from"./chunk-2f7aac67f16768a5.js";import"./chunk-9238196d4889d660.js";import{parse as p} from"url";import{Buffer as M} from"buffer";import{request as k} from"http";function u(c){return new Promise((I,x)=>{const T=k({method:"GET",...c,hostname:c.hostname?.replace(/^\[(.+)\]$/,"$1")});T.on("error",(N)=>{x(Object.assign(new z("Unable to connect to instance metadata service"),N)),T.destroy()}),T.on("timeout",()=>{x(new z("TimeoutError from instance metadata service")),T.destroy()}),T.on("response",(N)=>{const{statusCode:O=400}=N;if(O<200||300<=O)x(Object.assign(new z("Error response received from instance metadata service"),{statusCode:O})),T.destroy();const E=[];N.on("data",(w)=>{E.push(w)}),N.on("end",()=>{I(M.concat(E)),T.destroy()})}),T.end()})}var K=(c)=>Boolean(c)&&typeof c==="object"&&typeof c.AccessKeyId==="string"&&typeof c.SecretAccessKey==="string"&&typeof c.Token==="string"&&typeof c.Expiration==="string",_=(c)=>({accessKeyId:c.AccessKeyId,secretAccessKey:c.SecretAccessKey,sessionToken:c.Token,expiration:new Date(c.Expiration),...c.AccountId&&{accountId:c.AccountId}});var hc=1000,Yc=0,D=({maxRetries:c=0,timeout:I=1000})=>({maxRetries:c,timeout:I});var m=(c,I)=>{let x=c();for(let T=0;T<I;T++)x=x.catch(c);return x};var Q="AWS_CONTAINER_CREDENTIALS_FULL_URI",X="AWS_CONTAINER_CREDENTIALS_RELATIVE_URI",b="AWS_CONTAINER_AUTHORIZATION_TOKEN",mc=(c={})=>{const{timeout:I,maxRetries:x}=D(c);return()=>m(async()=>{const T=await s({logger:c.logger}),N=JSON.parse(await C(I,T));if(!K(N))throw new y("Invalid response received from instance metadata service.",{logger:c.logger});return _(N)},x)},C=async(c,I)=>{if(process.env[b])I.headers={...I.headers,Authorization:process.env[b]};return(await u({...I,timeout:c})).toString()},a="169.254.170.2",n={localhost:!0,"127.0.0.1":!0},o={"http:":!0,"https:":!0},s=async({logger:c})=>{if(process.env[X])return{hostname:a,path:process.env[X]};if(process.env[Q]){const I=p(process.env[Q]);if(!I.hostname||!(I.hostname in n))throw new y(`${I.hostname} is not a valid container metadata service hostname`,{tryNextLink:!1,logger:c});if(!I.protocol||!(I.protocol in o))throw new y(`${I.protocol} is not a valid container metadata service protocol`,{tryNextLink:!1,logger:c});return{...I,port:I.port?parseInt(I.port,10):void 0}}throw new y("The container metadata credential provider cannot be used unless"+` the ${X} or ${Q} environment`+" variable is set",{tryNextLink:!1,logger:c})};class G extends y{constructor(c,I=!0){super(c,I);this.tryNextLink=I,this.name="InstanceMetadataV1FallbackError",Object.setPrototypeOf(this,G.prototype)}}var A;(function(c){c.IPv4="http://169.254.169.254",c.IPv6="http://[fd00:ec2::254]"})(A||(A={}));var H={environmentVariableSelector:(c)=>c["AWS_EC2_METADATA_SERVICE_ENDPOINT"],configFileSelector:(c)=>c["ec2_metadata_service_endpoint"],default:void 0};var f;(function(c){c.IPv4="IPv4",c.IPv6="IPv6"})(f||(f={}));var g="AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE",l="ec2_metadata_service_endpoint_mode",q={environmentVariableSelector:(c)=>c[g],configFileSelector:(c)=>c[l],default:f.IPv4};var Z=async()=>B(await r()||await d()),r=async()=>v(H)(),d=async()=>{const c=await v(q)();switch(c){case f.IPv4:return A.IPv4;case f.IPv6:return A.IPv6;default:throw new Error(`Unsupported endpoint mode: ${c}.`+` Select from ${Object.values(f)}`)}};var L=(c,I)=>{const x=300+Math.floor(Math.random()*300),T=new Date(Date.now()+x*1000);I.warn("Attempting credential expiration extension due to a credential service availability issue. A refresh of these "+`credentials will be attempted after ${new Date(T)}.\nFor more information, please visit: `+"https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html");const N=c.originalExpiration??c.expiration;return{...c,...N?{originalExpiration:N}:{},expiration:T}};var U=(c,I={})=>{const x=I?.logger||console;let T;return async()=>{let N;try{if(N=await c(),N.expiration&&N.expiration.getTime()<Date.now())N=L(N,x)}catch(O){if(T)x.warn("Credential renew failed: ",O),N=L(T,x);else throw O}return T=N,N}};var P="/latest/meta-data/iam/security-credentials/",e="/latest/api/token",W="AWS_EC2_METADATA_V1_DISABLED",t="ec2_metadata_v1_disabled",F="x-aws-ec2-metadata-token",oc=(c={})=>U(i(c),{logger:c.logger}),i=(c={})=>{let I=!1;const{logger:x,profile:T}=c,{timeout:N,maxRetries:O}=D(c),E=async(w,$)=>{if(I||$.headers?.[F]==null){let h=!1,Y=!1;const R=await v({environmentVariableSelector:(S)=>{const j=S[W];if(Y=!!j&&j!=="false",j===void 0)throw new y(`${W} not set in env, checking config file next.`,{logger:c.logger});return Y},configFileSelector:(S)=>{const j=S[t];return h=!!j&&j!=="false",h},default:!1},{profile:T})();if(c.ec2MetadataV1Disabled||R){const S=[];if(c.ec2MetadataV1Disabled)S.push("credential provider initialization (runtime option ec2MetadataV1Disabled)");if(h)S.push(`config file profile (${t})`);if(Y)S.push(`process environment variable (${W})`);throw new G(`AWS EC2 Metadata v1 fallback has been blocked by AWS SDK configuration in the following: [${S.join(", ")}].`)}}const V=(await m(async()=>{let h;try{h=await Ic($)}catch(Y){if(Y.statusCode===401)I=!1;throw Y}return h},w)).trim();return m(async()=>{let h;try{h=await Tc(V,$,c)}catch(Y){if(Y.statusCode===401)I=!1;throw Y}return h},w)};return async()=>{const w=await Z();if(I)return x?.debug("AWS SDK Instance Metadata","using v1 fallback (no token fetch)"),E(O,{...w,timeout:N});else{let $;try{$=(await cc({...w,timeout:N})).toString()}catch(J){if(J?.statusCode===400)throw Object.assign(J,{message:"EC2 Metadata token request returned error"});else if(J.message==="TimeoutError"||[403,404,405].includes(J.statusCode))I=!0;return x?.debug("AWS SDK Instance Metadata","using v1 fallback (initial)"),E(O,{...w,timeout:N})}return E(O,{...w,headers:{[F]:$},timeout:N})}}},cc=async(c)=>u({...c,path:e,method:"PUT",headers:{"x-aws-ec2-metadata-token-ttl-seconds":"21600"}}),Ic=async(c)=>(await u({...c,path:P})).toString(),Tc=async(c,I,x)=>{const T=JSON.parse((await u({...I,path:P+c})).toString());if(!K(T))throw new y("Invalid response received from instance metadata service.",{logger:x.logger});return _(T)};export{D as providerConfigFromInit,u as httpRequest,Z as getInstanceMetadataEndpoint,oc as fromInstanceMetadata,mc as fromContainerMetadata,A as Endpoint,X as ENV_CMDS_RELATIVE_URI,Q as ENV_CMDS_FULL_URI,b as ENV_CMDS_AUTH_TOKEN,hc as DEFAULT_TIMEOUT,Yc as DEFAULT_MAX_RETRIES};
package/dist/chunk-733513f9c9e8b50f.js ADDED
@@ -0,0 +1,2 @@
1
+ // @bun
2
+ import"./chunk-aafdd9bfb5bde8bf.js";import{x as $} from"./chunk-a5c18c07abe8fd9c.js";import{$ as j,A as er,D as be,E as cr,I as je,J as Fe,L as De,M as qe,O as Je,P as Ve,V as v,W as t,X as Vr,Z as _,_ as b,aa as F,ba as h,ia as Sr,ja as a,ka as jr,la as We,ma as fe,na as rr,oa as sr,qa as d,ra as o,ta as I,z as ue} from"./chunk-38237d1b01b0db25.js";import{$a as q,Ca as H,Da as ee,Ea as re,Fa as tr,Ga as Ie,Ha as Re,Ia as Pe,Ja as ar,Ka as Ae,La as Ke,Ma as Me,Na as Be,Oa as mr,Pa as wr,Ra as E,Sa as S,Ta as kr,Ua as Le,Wa as Qe,Xa as vr,Ya as Xe,Za as Er,ab as Ye,bb as Ze,cb as He,db as Ne,eb as ir,fb as lr,va as nr,wa as or,xa as dr,ya as yr} from"./chunk-8b944ecefa1b832c.js";import"./chunk-3bf6f8c8e8589e3d.js";import{hb as R,ib as Ue} from"./chunk-a8310ad9bad32329.js";import"./chunk-2f7aac67f16768a5.js";import{pb as Ce} from"./chunk-b66a9e50afbac035.js";import"./chunk-9238196d4889d660.js";var P=$(H(),1);var se=$(q(),1);var Mr=function(e){return{schemeId:"aws.auth#sigv4",signingProperties:{name:"sso-oauth",region:e.region},propertiesExtractor:(s,r)=>({signingProperties:{config:s,context:r}})}},Z=function(e){return{schemeId:"smithy.api#noAuth"}},ie=async(e,s,r)=>{return{operation:ee(s).operation,region:await re(e.region)()||(()=>{throw new Error("expected `region` to be configured for `aws.auth#sigv4`")})()}},le=(e)=>{const s=[];switch(e.operation){case"CreateToken":{s.push(Z(e));break}case"RegisterClient":{s.push(Z(e));break}case"StartDeviceAuthorization":{s.push(Z(e));break}default:s.push(Mr(e))}return s},he=(e)=>{return{...se.resolveAwsSdkSigV4Config(e)}};var ne=(e)=>{return{...e,useDualstackEndpoint:e.useDualstackEndpoint??!1,useFipsEndpoint:e.useFipsEndpoint??!1,defaultSigningName:"sso-oauth"}},k={UseFIPS:{type:"builtInParams",name:"useFipsEndpoint"},Endpoint:{type:"builtInParams",name:"endpoint"},Region:{type:"builtInParams",name:"region"},UseDualStack:{type:"builtInParams",name:"useDualstackEndpoint"}};var oe={name:"@aws-sdk/client-sso-oidc",description:"AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native",version:"3.629.0",scripts:{build:"concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'","build:cjs":"node ../../scripts/compilation/inline client-sso-oidc","build:es":"tsc -p tsconfig.es.json","build:include:deps":"lerna run --scope $npm_package_name --include-dependencies build","build:types":"tsc -p tsconfig.types.json","build:types:downlevel":"downlevel-dts dist-types dist-types/ts3.4",clean:"rimraf ./dist-* && rimraf *.tsbuildinfo","extract:docs":"api-extractor run --local","generate:client":"node ../../scripts/generate-clients/single-service --solo sso-oidc"},main:"./dist-cjs/index.js",types:"./dist-types/index.d.ts",module:"./dist-es/index.js",sideEffects:!1,dependencies:{"@aws-crypto/sha256-browser":"5.2.0","@aws-crypto/sha256-js":"5.2.0","@aws-sdk/core":"3.629.0","@aws-sdk/credential-provider-node":"3.629.0","@aws-sdk/middleware-host-header":"3.620.0","@aws-sdk/middleware-logger":"3.609.0","@aws-sdk/middleware-recursion-detection":"3.620.0","@aws-sdk/middleware-user-agent":"3.620.0","@aws-sdk/region-config-resolver":"3.614.0","@aws-sdk/types":"3.609.0","@aws-sdk/util-endpoints":"3.614.0","@aws-sdk/util-user-agent-browser":"3.609.0","@aws-sdk/util-user-agent-node":"3.614.0","@smithy/config-resolver":"^3.0.5","@smithy/core":"^2.3.2","@smithy/fetch-http-handler":"^3.2.4","@smithy/hash-node":"^3.0.3","@smithy/invalid-dependency":"^3.0.3","@smithy/middleware-content-length":"^3.0.5","@smithy/middleware-endpoint":"^3.1.0","@smithy/middleware-retry":"^3.0.14","@smithy/middleware-serde":"^3.0.3","@smithy/middleware-stack":"^3.0.3","@smithy/node-config-provider":"^3.1.4","@smithy/node-http-handler":"^3.1.4","@smithy/protocol-http":"^4.1.0","@smithy/smithy-client":"^3.1.12","@smithy/types":"^3.3.0","@smithy/url-parser":"^3.0.3","@smithy/util-base64":"^3.0.0","@smithy/util-body-length-browser":"^3.0.0","@smithy/util-body-length-node":"^3.0.0","@smithy/util-defaults-mode-browser":"^3.0.14","@smithy/util-defaults-mode-node":"^3.0.14","@smithy/util-endpoints":"^2.0.5","@smithy/util-middleware":"^3.0.3","@smithy/util-retry":"^3.0.3","@smithy/util-utf8":"^3.0.0",tslib:"^2.6.2"},devDependencies:{"@tsconfig/node16":"16.1.3","@types/node":"^16.18.96",concurrently:"7.0.0","downlevel-dts":"0.10.1",rimraf:"3.0.2",typescript:"~4.9.5"},engines:{node:">=16.0.0"},typesVersions:{"<4.0":{"dist-types/*":["dist-types/ts3.4/*"]}},files:["dist-*/**"],author:{name:"AWS SDK for JavaScript Team",url:"https://aws.amazon.com/javascript/"},license:"Apache-2.0",peerDependencies:{"@aws-sdk/client-sts":"^3.629.0"},browser:{"./dist-es/runtimeConfig":"./dist-es/runtimeConfig.browser"},"react-native":{"./dist-es/runtimeConfig":"./dist-es/runtimeConfig.native"},homepage:"https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc",repository:{type:"git",url:"https://github.com/aws/aws-sdk-js-v3.git",directory:"clients/client-sso-oidc"}};var _e=$(q(),1);var xe=$(q(),1),ze=$(H(),1);var de={["required"]:!1,type:"String"},ye={["required"]:!0,default:!1,type:"Boolean"},ce={["ref"]:"Endpoint"},ve={["fn"]:"booleanEquals",["argv"]:[{["ref"]:"UseFIPS"},!0]},Ee={["fn"]:"booleanEquals",["argv"]:[{["ref"]:"UseDualStack"},!0]},m={},te={["fn"]:"getAttr",["argv"]:[{["ref"]:"PartitionResult"},"supportsFIPS"]},Se={["ref"]:"PartitionResult"},ae={["fn"]:"booleanEquals",["argv"]:[!0,{["fn"]:"getAttr",["argv"]:[Se,"supportsDualStack"]}]},me=[ve],we=[Ee],ke=[{["ref"]:"Region"}],Lr={version:"1.0",parameters:{Region:de,UseDualStack:ye,UseFIPS:ye,Endpoint:de},rules:[{conditions:[{["fn"]:"isSet",["argv"]:[ce]}],rules:[{conditions:me,error:"Invalid Configuration: FIPS and custom endpoint are not supported",type:"error"},{conditions:we,error:"Invalid Configuration: Dualstack and custom endpoint are not supported",type:"error"},{endpoint:{url:ce,properties:m,headers:m},type:"endpoint"}],type:"tree"},{conditions:[{["fn"]:"isSet",["argv"]:ke}],rules:[{conditions:[{["fn"]:"aws.partition",["argv"]:ke,assign:"PartitionResult"}],rules:[{conditions:[ve,Ee],rules:[{conditions:[{["fn"]:"booleanEquals",["argv"]:[!0,te]},ae],rules:[{endpoint:{url:"https://oidc-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:m,headers:m},type:"endpoint"}],type:"tree"},{error:"FIPS and DualStack are enabled, but this partition does not support one or both",type:"error"}],type:"tree"},{conditions:me,rules:[{conditions:[{["fn"]:"booleanEquals",["argv"]:[te,!0]}],rules:[{conditions:[{["fn"]:"stringEquals",["argv"]:[{["fn"]:"getAttr",["argv"]:[Se,"name"]},"aws-us-gov"]}],endpoint:{url:"https://oidc.{Region}.amazonaws.com",properties:m,headers:m},type:"endpoint"},{endpoint:{url:"https://oidc-fips.{Region}.{PartitionResult#dnsSuffix}",properties:m,headers:m},type:"endpoint"}],type:"tree"},{error:"FIPS is enabled but this partition does not support FIPS",type:"error"}],type:"tree"},{conditions:we,rules:[{conditions:[ae],rules:[{endpoint:{url:"https://oidc.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:m,headers:m},type:"endpoint"}],type:"tree"},{error:"DualStack is enabled but this partition does not support DualStack",type:"error"}],type:"tree"},{endpoint:{url:"https://oidc.{Region}.{PartitionResult#dnsSuffix}",properties:m,headers:m},type:"endpoint"}],type:"tree"}],type:"tree"},{error:"Invalid Configuration: Missing Region",type:"error"}]},$e=Lr;var Te=(e,s={})=>{return Re($e,{endpointParams:e,logger:s.logger})};Ie.aws=Pe;var Ge=(e)=>{return{apiVersion:"2019-06-10",base64Decoder:e?.base64Decoder??je,base64Encoder:e?.base64Encoder??qe,disableHostPrefix:e?.disableHostPrefix??!1,endpointProvider:e?.endpointProvider??Te,extensions:e?.extensions??[],httpAuthSchemeProvider:e?.httpAuthSchemeProvider??le,httpAuthSchemes:e?.httpAuthSchemes??[{schemeId:"aws.auth#sigv4",identityProvider:(s)=>s.getIdentityProvider("aws.auth#sigv4"),signer:new xe.AwsSdkSigV4Signer},{schemeId:"smithy.api#noAuth",identityProvider:(s)=>s.getIdentityProvider("smithy.api#noAuth")||(async()=>({})),signer:new ze.NoAuthSigner}],logger:e?.logger??new be,serviceId:e?.serviceId??"SSO OIDC",urlParser:e?.urlParser??Ue,utf8Decoder:e?.utf8Decoder??Fe,utf8Encoder:e?.utf8Encoder??De}};var pe=(e)=>{fe(process.version);const s=Ne(e),r=()=>s().then(We),i=Ge(e);return _e.emitWarningIfUnsupportedVersion(process.version),{...i,...e,runtime:"node",defaultsMode:s,bodyLengthChecker:e?.bodyLengthChecker??He,credentialDefaultProvider:e?.credentialDefaultProvider??Ce,defaultUserAgentProvider:e?.defaultUserAgentProvider??Ye({serviceId:i.serviceId,clientVersion:oe.version}),maxAttempts:e?.maxAttempts??R(Qe),region:e?.region??R(Me,Be),requestHandler:Je.create(e?.requestHandler??r),retryMode:e?.retryMode??R({...Xe,default:async()=>(await r()).retryMode||Le}),sha256:e?.sha256??Ze.bind(null,"sha256"),streamCollector:e?.streamCollector??Ve,useDualstackEndpoint:e?.useDualstackEndpoint??R(Ae),useFipsEndpoint:e?.useFipsEndpoint??R(Ke)}};var ge=(e)=>{const s=e.httpAuthSchemes;let{httpAuthSchemeProvider:r,credentials:i}=e;return{setHttpAuthScheme(l){const n=s.findIndex((T)=>T.schemeId===l.schemeId);if(n===-1)s.push(l);else s.splice(n,1,l)},httpAuthSchemes(){return s},setHttpAuthSchemeProvider(l){r=l},httpAuthSchemeProvider(){return r},setCredentials(l){i=l},credentials(){return i}}},Oe=(e)=>{return{httpAuthSchemes:e.httpAuthSchemes(),httpAuthSchemeProvider:e.httpAuthSchemeProvider(),credentials:e.credentials()}};var U=(e)=>e,hr=(e,s)=>{const r={...U(ir(e)),...U(rr(e)),...U(ue(e)),...U(ge(e))};return s.forEach((i)=>i.configure(r)),{...e,...lr(r),...sr(r),...er(r),...Oe(r)}};class N extends cr{constructor(...[e]){const s=pe(e||{}),r=ne(s),i=tr(r),l=vr(i),n=mr(l),T=nr(n),fr=kr(T),Ar=he(fr),u=hr(Ar,e?.extensions||[]);super(u);this.config=u,this.middlewareStack.use(ar(this.config)),this.middlewareStack.use(Er(this.config)),this.middlewareStack.use(wr(this.config)),this.middlewareStack.use(or(this.config)),this.middlewareStack.use(dr(this.config)),this.middlewareStack.use(yr(this.config)),this.middlewareStack.use(P.getHttpAuthSchemeEndpointRuleSetPlugin(this.config,{httpAuthSchemeParametersProvider:ie,identityProviderConfigProvider:async(Kr)=>new P.DefaultIdentityProviderConfig({"aws.auth#sigv4":Kr.credentials})})),this.middlewareStack.use(P.getHttpSigningPlugin(this.config))}destroy(){super.destroy()}}class y extends Sr{constructor(e){super(e);Object.setPrototypeOf(this,y.prototype)}}class x extends y{constructor(e){super({name:"AccessDeniedException",$fault:"client",...e});this.name="AccessDeniedException",this.$fault="client",Object.setPrototypeOf(this,x.prototype),this.error=e.error,this.error_description=e.error_description}}class z extends y{constructor(e){super({name:"AuthorizationPendingException",$fault:"client",...e});this.name="AuthorizationPendingException",this.$fault="client",Object.setPrototypeOf(this,z.prototype),this.error=e.error,this.error_description=e.error_description}}class G extends y{constructor(e){super({name:"ExpiredTokenException",$fault:"client",...e});this.name="ExpiredTokenException",this.$fault="client",Object.setPrototypeOf(this,G.prototype),this.error=e.error,this.error_description=e.error_description}}class J extends y{constructor(e){super({name:"InternalServerException",$fault:"server",...e});this.name="InternalServerException",this.$fault="server",Object.setPrototypeOf(this,J.prototype),this.error=e.error,this.error_description=e.error_description}}class V extends y{constructor(e){super({name:"InvalidClientException",$fault:"client",...e});this.name="InvalidClientException",this.$fault="client",Object.setPrototypeOf(this,V.prototype),this.error=e.error,this.error_description=e.error_description}}class W extends y{constructor(e){super({name:"InvalidGrantException",$fault:"client",...e});this.name="InvalidGrantException",this.$fault="client",Object.setPrototypeOf(this,W.prototype),this.error=e.error,this.error_description=e.error_description}}class f extends y{constructor(e){super({name:"InvalidRequestException",$fault:"client",...e});this.name="InvalidRequestException",this.$fault="client",Object.setPrototypeOf(this,f.prototype),this.error=e.error,this.error_description=e.error_description}}class A extends y{constructor(e){super({name:"InvalidScopeException",$fault:"client",...e});this.name="InvalidScopeException",this.$fault="client",Object.setPrototypeOf(this,A.prototype),this.error=e.error,this.error_description=e.error_description}}class K extends y{constructor(e){super({name:"SlowDownException",$fault:"client",...e});this.name="SlowDownException",this.$fault="client",Object.setPrototypeOf(this,K.prototype),this.error=e.error,this.error_description=e.error_description}}class M extends y{constructor(e){super({name:"UnauthorizedClientException",$fault:"client",...e});this.name="UnauthorizedClientException",this.$fault="client",Object.setPrototypeOf(this,M.prototype),this.error=e.error,this.error_description=e.error_description}}class B extends y{constructor(e){super({name:"UnsupportedGrantTypeException",$fault:"client",...e});this.name="UnsupportedGrantTypeException",this.$fault="client",Object.setPrototypeOf(this,B.prototype),this.error=e.error,this.error_description=e.error_description}}class L extends y{constructor(e){super({name:"InvalidRequestRegionException",$fault:"client",...e});this.name="InvalidRequestRegionException",this.$fault="client",Object.setPrototypeOf(this,L.prototype),this.error=e.error,this.error_description=e.error_description,this.endpoint=e.endpoint,this.region=e.region}}class Q extends y{constructor(e){super({name:"InvalidClientMetadataException",$fault:"client",...e});this.name="InvalidClientMetadataException",this.$fault="client",Object.setPrototypeOf(this,Q.prototype),this.error=e.error,this.error_description=e.error_description}}class X extends y{constructor(e){super({name:"InvalidRedirectUriException",$fault:"client",...e});this.name="InvalidRedirectUriException",this.$fault="client",Object.setPrototypeOf(this,X.prototype),this.error=e.error,this.error_description=e.error_description}}var $r=(e)=>({...e,...e.clientSecret&&{clientSecret:t},...e.refreshToken&&{refreshToken:t},...e.codeVerifier&&{codeVerifier:t}}),Ir=(e)=>({...e,...e.accessToken&&{accessToken:t},...e.refreshToken&&{refreshToken:t},...e.idToken&&{idToken:t}}),Rr=(e)=>({...e,...e.refreshToken&&{refreshToken:t},...e.assertion&&{assertion:t},...e.subjectToken&&{subjectToken:t},...e.codeVerifier&&{codeVerifier:t}}),Pr=(e)=>({...e,...e.accessToken&&{accessToken:t},...e.refreshToken&&{refreshToken:t},...e.idToken&&{idToken:t}}),Tr=(e)=>({...e,...e.clientSecret&&{clientSecret:t}}),br=(e)=>({...e,...e.clientSecret&&{clientSecret:t}});var w=$(q(),1),D=$(H(),1);var Fr=async(e,s)=>{const r=D.requestBuilder(e,s),i={"content-type":"application/json"};r.bp("/token");let l;return l=JSON.stringify(o(e,{clientId:[],clientSecret:[],code:[],codeVerifier:[],deviceCode:[],grantType:[],redirectUri:[],refreshToken:[],scope:(n)=>I(n)})),r.m("POST").h(i).b(l),r.build()},Dr=async(e,s)=>{const r=D.requestBuilder(e,s),i={"content-type":"application/json"};r.bp("/token");const l=d({[is]:[,"t"]});let n;return n=JSON.stringify(o(e,{assertion:[],clientId:[],code:[],codeVerifier:[],grantType:[],redirectUri:[],refreshToken:[],requestedTokenType:[],scope:(T)=>I(T),subjectToken:[],subjectTokenType:[]})),r.m("POST").h(i).q(l).b(n),r.build()},qr=async(e,s)=>{const r=D.requestBuilder(e,s),i={"content-type":"application/json"};r.bp("/client/register");let l;return l=JSON.stringify(o(e,{clientName:[],clientType:[],entitledApplicationArn:[],grantTypes:(n)=>I(n),issuerUrl:[],redirectUris:(n)=>I(n),scopes:(n)=>I(n)})),r.m("POST").h(i).b(l),r.build()},Ur=async(e,s)=>{const r=D.requestBuilder(e,s),i={"content-type":"application/json"};r.bp("/device_authorization");let l;return l=JSON.stringify(o(e,{clientId:[],clientSecret:[],startUrl:[]})),r.m("POST").h(i).b(l),r.build()},xr=async(e,s)=>{if(e.statusCode!==200&&e.statusCode>=300)return Y(e,s);const r=d({$metadata:c(e)}),i=j(F(await w.parseJsonBody(e.body,s)),"body"),l=o(i,{accessToken:h,expiresIn:b,idToken:h,refreshToken:h,tokenType:h});return Object.assign(r,l),r},zr=async(e,s)=>{if(e.statusCode!==200&&e.statusCode>=300)return Y(e,s);const r=d({$metadata:c(e)}),i=j(F(await w.parseJsonBody(e.body,s)),"body"),l=o(i,{accessToken:h,expiresIn:b,idToken:h,issuedTokenType:h,refreshToken:h,scope:I,tokenType:h});return Object.assign(r,l),r},Gr=async(e,s)=>{if(e.statusCode!==200&&e.statusCode>=300)return Y(e,s);const r=d({$metadata:c(e)}),i=j(F(await w.parseJsonBody(e.body,s)),"body"),l=o(i,{authorizationEndpoint:h,clientId:h,clientIdIssuedAt:_,clientSecret:h,clientSecretExpiresAt:_,tokenEndpoint:h});return Object.assign(r,l),r},Jr=async(e,s)=>{if(e.statusCode!==200&&e.statusCode>=300)return Y(e,s);const r=d({$metadata:c(e)}),i=j(F(await w.parseJsonBody(e.body,s)),"body"),l=o(i,{deviceCode:h,expiresIn:b,interval:b,userCode:h,verificationUri:h,verificationUriComplete:h});return Object.assign(r,l),r},Y=async(e,s)=>{const r={...e,body:await w.parseJsonErrorBody(e.body,s)},i=w.loadRestJsonErrorCode(e,r.body);switch(i){case"AccessDeniedException":case"com.amazonaws.ssooidc#AccessDeniedException":throw await Xr(r,s);case"AuthorizationPendingException":case"com.amazonaws.ssooidc#AuthorizationPendingException":throw await Yr(r,s);case"ExpiredTokenException":case"com.amazonaws.ssooidc#ExpiredTokenException":throw await Zr(r,s);case"InternalServerException":case"com.amazonaws.ssooidc#InternalServerException":throw await Hr(r,s);case"InvalidClientException":case"com.amazonaws.ssooidc#InvalidClientException":throw await Nr(r,s);case"InvalidGrantException":case"com.amazonaws.ssooidc#InvalidGrantException":throw await pr(r,s);case"InvalidRequestException":case"com.amazonaws.ssooidc#InvalidRequestException":throw await gr(r,s);case"InvalidScopeException":case"com.amazonaws.ssooidc#InvalidScopeException":throw await ur(r,s);case"SlowDownException":case"com.amazonaws.ssooidc#SlowDownException":throw await es(r,s);case"UnauthorizedClientException":case"com.amazonaws.ssooidc#UnauthorizedClientException":throw await rs(r,s);case"UnsupportedGrantTypeException":case"com.amazonaws.ssooidc#UnsupportedGrantTypeException":throw await ss(r,s);case"InvalidRequestRegionException":case"com.amazonaws.ssooidc#InvalidRequestRegionException":throw await Or(r,s);case"InvalidClientMetadataException":case"com.amazonaws.ssooidc#InvalidClientMetadataException":throw await _r(r,s);case"InvalidRedirectUriException":case"com.amazonaws.ssooidc#InvalidRedirectUriException":throw await Cr(r,s);default:const l=r.body;return Qr({output:e,parsedBody:l,errorCode:i})}},Qr=jr(y),Xr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new x({$metadata:c(e),...r});return a(n,e.body)},Yr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new z({$metadata:c(e),...r});return a(n,e.body)},Zr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new G({$metadata:c(e),...r});return a(n,e.body)},Hr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new J({$metadata:c(e),...r});return a(n,e.body)},Nr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new V({$metadata:c(e),...r});return a(n,e.body)},_r=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new Q({$metadata:c(e),...r});return a(n,e.body)},pr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new W({$metadata:c(e),...r});return a(n,e.body)},Cr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new X({$metadata:c(e),...r});return a(n,e.body)},gr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new f({$metadata:c(e),...r});return a(n,e.body)},Or=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{endpoint:h,error:h,error_description:h,region:h});Object.assign(r,l);const n=new L({$metadata:c(e),...r});return a(n,e.body)},ur=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new A({$metadata:c(e),...r});return a(n,e.body)},es=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new K({$metadata:c(e),...r});return a(n,e.body)},rs=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new M({$metadata:c(e),...r});return a(n,e.body)},ss=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new B({$metadata:c(e),...r});return a(n,e.body)},c=(e)=>({httpStatusCode:e.statusCode,requestId:e.headers["x-amzn-requestid"]??e.headers["x-amzn-request-id"]??e.headers["x-amz-request-id"],extendedRequestId:e.headers["x-amz-id-2"],cfId:e.headers["x-amz-cf-id"]});var is="aws_iam";class p extends v.classBuilder().ep({...k}).m(function(e,s,r,i){return[E(r,this.serialize,this.deserialize),S(r,e.getEndpointParameterInstructions())]}).s("AWSSSOOIDCService","CreateToken",{}).n("SSOOIDCClient","CreateTokenCommand").f($r,Ir).ser(Fr).de(xr).build(){}class C extends v.classBuilder().ep({...k}).m(function(e,s,r,i){return[E(r,this.serialize,this.deserialize),S(r,e.getEndpointParameterInstructions())]}).s("AWSSSOOIDCService","CreateTokenWithIAM",{}).n("SSOOIDCClient","CreateTokenWithIAMCommand").f(Rr,Pr).ser(Dr).de(zr).build(){}class g extends v.classBuilder().ep({...k}).m(function(e,s,r,i){return[E(r,this.serialize,this.deserialize),S(r,e.getEndpointParameterInstructions())]}).s("AWSSSOOIDCService","RegisterClient",{}).n("SSOOIDCClient","RegisterClientCommand").f(void 0,Tr).ser(qr).de(Gr).build(){}class O extends v.classBuilder().ep({...k}).m(function(e,s,r,i){return[E(r,this.serialize,this.deserialize),S(r,e.getEndpointParameterInstructions())]}).s("AWSSSOOIDCService","StartDeviceAuthorization",{}).n("SSOOIDCClient","StartDeviceAuthorizationCommand").f(br,void 0).ser(Ur).de(Jr).build(){}var ls={CreateTokenCommand:p,CreateTokenWithIAMCommand:C,RegisterClientCommand:g,StartDeviceAuthorizationCommand:O};class Wr extends N{}Vr(ls,Wr);export{cr as __Client,B as UnsupportedGrantTypeException,M as UnauthorizedClientException,br as StartDeviceAuthorizationRequestFilterSensitiveLog,O as StartDeviceAuthorizationCommand,K as SlowDownException,y as SSOOIDCServiceException,N as SSOOIDCClient,Wr as SSOOIDC,Tr as RegisterClientResponseFilterSensitiveLog,g as RegisterClientCommand,A as InvalidScopeException,L as InvalidRequestRegionException,f as InvalidRequestException,X as InvalidRedirectUriException,W as InvalidGrantException,Q as InvalidClientMetadataException,V as InvalidClientException,J as InternalServerException,G as ExpiredTokenException,Pr as CreateTokenWithIAMResponseFilterSensitiveLog,Rr as CreateTokenWithIAMRequestFilterSensitiveLog,C as CreateTokenWithIAMCommand,Ir as CreateTokenResponseFilterSensitiveLog,$r as CreateTokenRequestFilterSensitiveLog,p as CreateTokenCommand,z as AuthorizationPendingException,x as AccessDeniedException,v as $Command};
package/dist/chunk-73c97da8ac4f1d30.js ADDED
@@ -0,0 +1 @@
1
+ import{x} from"./chunk-a5c18c07abe8fd9c.js";import{ib as S} from"./chunk-442a5b1ec74c72f8.js";var q="AWS_PROFILE";var B=(o)=>o.profile||process.env["AWS_PROFILE"]||"default";import{join as b} from"path";import{homedir as N} from"os";import{sep as L} from"path";var d={},w=()=>{if(process&&process.geteuid)return`${process.geteuid()}`;return"DEFAULT"},f=()=>{const{HOME:o,USERPROFILE:e,HOMEPATH:t,HOMEDRIVE:r=`C:${L}`}=process.env;if(o)return o;if(e)return e;if(t)return`${r}${t}`;const i=w();if(!d[i])d[i]=N();return d[i]};var v="AWS_CONFIG_FILE",g=()=>process.env[v]||b(f(),".aws","config");var D=x(S(),1);import{join as I} from"path";var h=x(S(),1);var O=(o)=>Object.entries(o).filter(([e])=>{const t=e.indexOf(c);if(t===-1)return!1;return Object.values(h.IniSectionType).includes(e.substring(0,t))}).reduce((e,[t,r])=>{const i=t.indexOf(c),s=t.substring(0,i)===h.IniSectionType.PROFILE?t.substring(i+1):t;return e[s]=r,e},{...o.default&&{default:o.default}});import{join as j} from"path";var y="AWS_SHARED_CREDENTIALS_FILE",_=()=>process.env[y]||j(f(),".aws","credentials");var C=x(S(),1);var $=/^([\w-]+)\s(["'])?([\w-@\+\.%:/]+)\2$/,G=["__proto__","profile __proto__"],a=(o)=>{const e={};let t,r;for(let i of o.split(/\r?\n/)){const s=i.split(/(^|\s)[;#]/)[0].trim();if(s[0]==="["&&s[s.length-1]==="]"){t=void 0,r=void 0;const n=s.substring(1,s.length-1),m=$.exec(n);if(m){const[,p,,F]=m;if(Object.values(C.IniSectionType).includes(p))t=[p,F].join(c)}else t=n;if(G.includes(n))throw new Error(`Found invalid profile name "${n}"`)}else if(t){const n=s.indexOf("=");if(![0,-1].includes(n)){const[m,p]=[s.substring(0,n).trim(),s.substring(n+1).trim()];if(p==="")r=m;else{if(r&&i.trimStart()===i)r=void 0;e[t]=e[t]||{};const F=r?[r,m].join(c):m;e[t][F]=p}}}}return e};import{promises as W} from"fs";var{readFile:K}=W,E={},l=(o,e)=>{if(!E[o]||e?.ignoreCache)E[o]=K(o,"utf8");return E[o]};var P=()=>({}),c=".",R=async(o={})=>{const{filepath:e=_(),configFilepath:t=g()}=o,r=f();let s=e;if(e.startsWith("~/"))s=I(r,e.slice(2));let u=t;if(t.startsWith("~/"))u=I(r,t.slice(2));const n=await Promise.all([l(u,{ignoreCache:o.ignoreCache}).then(a).then(O).catch(P),l(s,{ignoreCache:o.ignoreCache}).then(a).catch(P)]);return{configFile:n[0],credentialsFile:n[1]}};var T=(o)=>Object.entries(o).filter(([e])=>e.startsWith(D.IniSectionType.SSO_SESSION+c)).reduce((e,[t,r])=>({...e,[t.substring(t.indexOf(c)+1)]:r}),{});var V=()=>({}),Pe=async(o={})=>l(o.configFilepath??g()).then(a).then(T).catch(V);var A=(...o)=>{const e={};for(let t of o)for(let[r,i]of Object.entries(t))if(e[r]!==void 0)Object.assign(e[r],i);else e[r]=i;return e};var He=async(o)=>{const e=await R(o);return A(e.configFile,e.credentialsFile)};import{createHash as U} from"crypto";import{join as X} from"path";var H=(o)=>{const t=U("sha1").update(o).digest("hex");return X(f(),".aws","sso","cache",`${t}.json`)};import{promises as k} from"fs";var{readFile:M}=k,$e=async(o)=>{const e=H(o),t=await M(e,"utf8");return JSON.parse(t)};export{q as nb,B as ob,H as pb,$e as qb,c as rb,R as sb,Pe as tb,He as ub};
package/dist/chunk-73c9d39f58a30fe2.js ADDED
@@ -0,0 +1,6 @@
1
+ // @bun
2
+ import{x as h} from"./chunk-a5c18c07abe8fd9c.js";import{B as g,Q as P,T as w,ha as I} from"./chunk-3a9fcddbd219223b.js";import"./chunk-442a5b1ec74c72f8.js";import{lb as d} from"./chunk-2672477bf396bad8.js";var i=h(d(),1);import A from"fs/promises";var C=h(d(),1);var E="169.254.170.2",R="169.254.170.23",p="[fd00:ec2::23]",S=(e,c)=>{if(e.protocol==="https:")return;if(e.hostname===E||e.hostname===R||e.hostname===p)return;if(e.hostname.includes("[")){if(e.hostname==="[::1]"||e.hostname==="[0000:0000:0000:0000:0000:0000:0000:0001]")return}else{if(e.hostname==="localhost")return;const a=e.hostname.split("."),r=(t)=>{const s=parseInt(t,10);return 0<=s&&s<=255};if(a[0]==="127"&&r(a[1])&&r(a[2])&&r(a[3])&&a.length===4)return}throw new C.CredentialsProviderError(`URL not accepted. It must either be HTTPS or match one of the following:
3
+ - loopback CIDR 127.0.0.0/8 or [::1/128]
4
+ - ECS container host 169.254.170.2
5
+ - EKS container host 169.254.170.23 or [fd00:ec2::23]`,{logger:c})};var m=h(d(),1);function K(e){return new g({protocol:e.protocol,hostname:e.hostname,port:Number(e.port),path:e.pathname,query:Array.from(e.searchParams.entries()).reduce((c,[a,r])=>{return c[a]=r,c},{}),fragment:e.hash})}async function T(e,c){const r=await w(e.body).transformToString();if(e.statusCode===200){const t=JSON.parse(r);if(typeof t.AccessKeyId!=="string"||typeof t.SecretAccessKey!=="string"||typeof t.Token!=="string"||typeof t.Expiration!=="string")throw new m.CredentialsProviderError("HTTP credential provider response not of the required format, an object matching: { AccessKeyId: string, SecretAccessKey: string, Token: string, Expiration: string(rfc3339) }",{logger:c});return{accessKeyId:t.AccessKeyId,secretAccessKey:t.SecretAccessKey,sessionToken:t.Token,expiration:I(t.Expiration)}}if(e.statusCode>=400&&e.statusCode<500){let t={};try{t=JSON.parse(r)}catch(s){}throw Object.assign(new m.CredentialsProviderError(`Server responded with status: ${e.statusCode}`,{logger:c}),{Code:t.Code,Message:t.Message})}throw new m.CredentialsProviderError(`Server responded with status: ${e.statusCode}`,{logger:c})}var x=(e,c,a)=>{return async()=>{for(let r=0;r<c;++r)try{return await e()}catch(t){await new Promise((s)=>setTimeout(s,a))}return await e()}};var O="AWS_CONTAINER_CREDENTIALS_RELATIVE_URI",b="http://169.254.170.2",_="AWS_CONTAINER_CREDENTIALS_FULL_URI",v="AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE",B="AWS_CONTAINER_AUTHORIZATION_TOKEN",D=(e={})=>{e.logger?.debug("@aws-sdk/credential-provider-http - fromHttp");let c;const a=e.awsContainerCredentialsRelativeUri??process.env[O],r=e.awsContainerCredentialsFullUri??process.env[_],t=e.awsContainerAuthorizationToken??process.env[B],s=e.awsContainerAuthorizationTokenFile??process.env[v],n=e.logger?.constructor?.name==="NoOpLogger"||!e.logger?console.warn:e.logger.warn;if(a&&r)n("@aws-sdk/credential-provider-http: you have set both awsContainerCredentialsRelativeUri and awsContainerCredentialsFullUri."),n("awsContainerCredentialsFullUri will take precedence.");if(t&&s)n("@aws-sdk/credential-provider-http: you have set both awsContainerAuthorizationToken and awsContainerAuthorizationTokenFile."),n("awsContainerAuthorizationToken will take precedence.");if(r)c=r;else if(a)c=`${b}${a}`;else throw new i.CredentialsProviderError(`No HTTP credential provider host provided.
6
+ Set AWS_CONTAINER_CREDENTIALS_FULL_URI or AWS_CONTAINER_CREDENTIALS_RELATIVE_URI.`,{logger:e.logger});const y=new URL(c);S(y,e.logger);const u=new P({requestTimeout:e.timeout??1000,connectionTimeout:e.timeout??1000});return x(async()=>{const o=K(y);if(t)o.headers.Authorization=t;else if(s)o.headers.Authorization=(await A.readFile(s)).toString();try{const f=await u.handle(o);return T(f.response)}catch(f){throw new i.CredentialsProviderError(String(f),{logger:e.logger})}},e.maxRetries??3,e.timeout??1000)};export{D as fromHttp};