gemi 0.4.62 → 0.4.64

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (30) hide show
  1. package/dist/chunk-0306d8fccec5104e.js +1 -1
  2. package/dist/chunk-04aa62521338e3ab.js +18 -0
  3. package/dist/chunk-095848ccb81718bf.js +2 -0
  4. package/dist/chunk-1084614a350762fb.js +2 -0
  5. package/dist/chunk-11323d7a5d9219ce.js +1 -1
  6. package/dist/chunk-132c71db605759c9.js +1 -1
  7. package/dist/chunk-322e991c2b56a79d.js +2 -0
  8. package/dist/chunk-38fc9d258dbe62fd.js +18 -0
  9. package/dist/chunk-408fb31b8b0f97ee.js +2 -0
  10. package/dist/chunk-5e13846c554dc272.js +1 -1
  11. package/dist/chunk-897773d66a89947a.js +2 -0
  12. package/dist/chunk-8caa0abe673f5d41.js +2 -0
  13. package/dist/chunk-9b5649697d59dfb4.js +2 -0
  14. package/dist/chunk-a13ab30c392c3563.js +1 -1
  15. package/dist/chunk-b009482e01114059.js +3 -0
  16. package/dist/chunk-c4f342e09d9b2f23.js +1 -1
  17. package/dist/chunk-d22136d39cf8465f.js +1 -1
  18. package/dist/chunk-def30dbcb4c6aceb.js +2 -0
  19. package/dist/chunk-edba144b170cd87e.js +6 -0
  20. package/dist/chunk-f900b5868b14827e.js +1 -1
  21. package/dist/client/Mutation.d.ts +6 -6
  22. package/dist/client/Mutation.d.ts.map +1 -1
  23. package/dist/client/auth/useUser.d.ts +9 -1
  24. package/dist/client/auth/useUser.d.ts.map +1 -1
  25. package/dist/client/index.js +1 -1
  26. package/dist/client/useQuery.d.ts +15 -9
  27. package/dist/client/useQuery.d.ts.map +1 -1
  28. package/dist/server/index.js +1 -1
  29. package/dist/storage/index.js +10 -1
  30. package/package.json +1 -1
package/dist/chunk-095848ccb81718bf.js ADDED
@@ -0,0 +1,2 @@
1
+ // @bun
2
+ import"./chunk-b0f453845cad4e6e.js";import{y as k} from"./chunk-7ce930fe69575c87.js";import{A as Oe,B as ue,E as Te,G as yr,K as be,L as je,N as Fe,O as De,R as Ge,S as Je,Y as E,Z as t,_ as Jr,aa as p,ba as b,ca as j,da as F,ea as h,la as Er,ma as a,na as br,oa as Ve,pa as We,qa as er,ra as rr,ta as d,ua as o,wa as I} from"./chunk-b009482e01114059.js";import{Aa as or,Ba as dr,Ca as Kr,Fa as N,Ga as cr,Ha as $e,Ia as Ie,Ja as Re,Ka as tr,La as fe,Ma as Ae,Na as Ke,Oa as Me,Pa as ar,Qa as mr,Sa as S,Ta as $,Ua as wr,Va as Be,Xa as Le,Ya as kr,Za as Qe,_a as vr,ab as q,bb as Xe,cb as Ye,db as Ze,eb as He,fb as sr,gb as ir,ya as hr,za as nr} from"./chunk-04aa62521338e3ab.js";import"./chunk-a0003b7feea6fae6.js";import{jb as R,kb as qe} from"./chunk-9b5649697d59dfb4.js";import{lb as pe} from"./chunk-a13ab30c392c3563.js";import"./chunk-934ebff128f86ef1.js";import"./chunk-73eed146ee78f681.js";var P=k(N(),1);var re=k(q(),1),U=k(Kr(),1),Mr=function(e){return{schemeId:"aws.auth#sigv4",signingProperties:{name:"sso-oauth",region:e.region},propertiesExtractor:(s,r)=>({signingProperties:{config:s,context:r}})}},H=function(e){return{schemeId:"smithy.api#noAuth"}},se=async(e,s,r)=>{return{operation:U.getSmithyContext(s).operation,region:await U.normalizeProvider(e.region)()||(()=>{throw new Error("expected `region` to be configured for `aws.auth#sigv4`")})()}},ie=(e)=>{const s=[];switch(e.operation){case"CreateToken":{s.push(H(e));break}case"RegisterClient":{s.push(H(e));break}case"StartDeviceAuthorization":{s.push(H(e));break}default:s.push(Mr(e))}return s},le=(e)=>{return{...re.resolveAwsSdkSigV4Config(e)}};var he=(e)=>{return{...e,useDualstackEndpoint:e.useDualstackEndpoint??!1,useFipsEndpoint:e.useFipsEndpoint??!1,defaultSigningName:"sso-oauth"}},v={UseFIPS:{type:"builtInParams",name:"useFipsEndpoint"},Endpoint:{type:"builtInParams",name:"endpoint"},Region:{type:"builtInParams",name:"region"},UseDualStack:{type:"builtInParams",name:"useDualstackEndpoint"}};var ne={name:"@aws-sdk/client-sso-oidc",description:"AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native",version:"3.629.0",scripts:{build:"concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'","build:cjs":"node ../../scripts/compilation/inline client-sso-oidc","build:es":"tsc -p tsconfig.es.json","build:include:deps":"lerna run --scope $npm_package_name --include-dependencies build","build:types":"tsc -p tsconfig.types.json","build:types:downlevel":"downlevel-dts dist-types dist-types/ts3.4",clean:"rimraf ./dist-* && rimraf *.tsbuildinfo","extract:docs":"api-extractor run --local","generate:client":"node ../../scripts/generate-clients/single-service --solo sso-oidc"},main:"./dist-cjs/index.js",types:"./dist-types/index.d.ts",module:"./dist-es/index.js",sideEffects:!1,dependencies:{"@aws-crypto/sha256-browser":"5.2.0","@aws-crypto/sha256-js":"5.2.0","@aws-sdk/core":"3.629.0","@aws-sdk/credential-provider-node":"3.629.0","@aws-sdk/middleware-host-header":"3.620.0","@aws-sdk/middleware-logger":"3.609.0","@aws-sdk/middleware-recursion-detection":"3.620.0","@aws-sdk/middleware-user-agent":"3.620.0","@aws-sdk/region-config-resolver":"3.614.0","@aws-sdk/types":"3.609.0","@aws-sdk/util-endpoints":"3.614.0","@aws-sdk/util-user-agent-browser":"3.609.0","@aws-sdk/util-user-agent-node":"3.614.0","@smithy/config-resolver":"^3.0.5","@smithy/core":"^2.3.2","@smithy/fetch-http-handler":"^3.2.4","@smithy/hash-node":"^3.0.3","@smithy/invalid-dependency":"^3.0.3","@smithy/middleware-content-length":"^3.0.5","@smithy/middleware-endpoint":"^3.1.0","@smithy/middleware-retry":"^3.0.14","@smithy/middleware-serde":"^3.0.3","@smithy/middleware-stack":"^3.0.3","@smithy/node-config-provider":"^3.1.4","@smithy/node-http-handler":"^3.1.4","@smithy/protocol-http":"^4.1.0","@smithy/smithy-client":"^3.1.12","@smithy/types":"^3.3.0","@smithy/url-parser":"^3.0.3","@smithy/util-base64":"^3.0.0","@smithy/util-body-length-browser":"^3.0.0","@smithy/util-body-length-node":"^3.0.0","@smithy/util-defaults-mode-browser":"^3.0.14","@smithy/util-defaults-mode-node":"^3.0.14","@smithy/util-endpoints":"^2.0.5","@smithy/util-middleware":"^3.0.3","@smithy/util-retry":"^3.0.3","@smithy/util-utf8":"^3.0.0",tslib:"^2.6.2"},devDependencies:{"@tsconfig/node16":"16.1.3","@types/node":"^16.18.96",concurrently:"7.0.0","downlevel-dts":"0.10.1",rimraf:"3.0.2",typescript:"~4.9.5"},engines:{node:">=16.0.0"},typesVersions:{"<4.0":{"dist-types/*":["dist-types/ts3.4/*"]}},files:["dist-*/**"],author:{name:"AWS SDK for JavaScript Team",url:"https://aws.amazon.com/javascript/"},license:"Apache-2.0",peerDependencies:{"@aws-sdk/client-sts":"^3.629.0"},browser:{"./dist-es/runtimeConfig":"./dist-es/runtimeConfig.browser"},"react-native":{"./dist-es/runtimeConfig":"./dist-es/runtimeConfig.native"},homepage:"https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc",repository:{type:"git",url:"https://github.com/aws/aws-sdk-js-v3.git",directory:"clients/client-sso-oidc"}};var Ne=k(q(),1);var Ue=k(q(),1),xe=k(N(),1);var oe={["required"]:!1,type:"String"},de={["required"]:!0,default:!1,type:"Boolean"},ye={["ref"]:"Endpoint"},ke={["fn"]:"booleanEquals",["argv"]:[{["ref"]:"UseFIPS"},!0]},ve={["fn"]:"booleanEquals",["argv"]:[{["ref"]:"UseDualStack"},!0]},m={},ce={["fn"]:"getAttr",["argv"]:[{["ref"]:"PartitionResult"},"supportsFIPS"]},Ee={["ref"]:"PartitionResult"},te={["fn"]:"booleanEquals",["argv"]:[!0,{["fn"]:"getAttr",["argv"]:[Ee,"supportsDualStack"]}]},ae=[ke],me=[ve],we=[{["ref"]:"Region"}],Lr={version:"1.0",parameters:{Region:oe,UseDualStack:de,UseFIPS:de,Endpoint:oe},rules:[{conditions:[{["fn"]:"isSet",["argv"]:[ye]}],rules:[{conditions:ae,error:"Invalid Configuration: FIPS and custom endpoint are not supported",type:"error"},{conditions:me,error:"Invalid Configuration: Dualstack and custom endpoint are not supported",type:"error"},{endpoint:{url:ye,properties:m,headers:m},type:"endpoint"}],type:"tree"},{conditions:[{["fn"]:"isSet",["argv"]:we}],rules:[{conditions:[{["fn"]:"aws.partition",["argv"]:we,assign:"PartitionResult"}],rules:[{conditions:[ke,ve],rules:[{conditions:[{["fn"]:"booleanEquals",["argv"]:[!0,ce]},te],rules:[{endpoint:{url:"https://oidc-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:m,headers:m},type:"endpoint"}],type:"tree"},{error:"FIPS and DualStack are enabled, but this partition does not support one or both",type:"error"}],type:"tree"},{conditions:ae,rules:[{conditions:[{["fn"]:"booleanEquals",["argv"]:[ce,!0]}],rules:[{conditions:[{["fn"]:"stringEquals",["argv"]:[{["fn"]:"getAttr",["argv"]:[Ee,"name"]},"aws-us-gov"]}],endpoint:{url:"https://oidc.{Region}.amazonaws.com",properties:m,headers:m},type:"endpoint"},{endpoint:{url:"https://oidc-fips.{Region}.{PartitionResult#dnsSuffix}",properties:m,headers:m},type:"endpoint"}],type:"tree"},{error:"FIPS is enabled but this partition does not support FIPS",type:"error"}],type:"tree"},{conditions:me,rules:[{conditions:[te],rules:[{endpoint:{url:"https://oidc.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:m,headers:m},type:"endpoint"}],type:"tree"},{error:"DualStack is enabled but this partition does not support DualStack",type:"error"}],type:"tree"},{endpoint:{url:"https://oidc.{Region}.{PartitionResult#dnsSuffix}",properties:m,headers:m},type:"endpoint"}],type:"tree"}],type:"tree"},{error:"Invalid Configuration: Missing Region",type:"error"}]},Se=Lr;var Pe=(e,s={})=>{return Ie(Se,{endpointParams:e,logger:s.logger})};$e.aws=Re;var ze=(e)=>{return{apiVersion:"2019-06-10",base64Decoder:e?.base64Decoder??be,base64Encoder:e?.base64Encoder??De,disableHostPrefix:e?.disableHostPrefix??!1,endpointProvider:e?.endpointProvider??Pe,extensions:e?.extensions??[],httpAuthSchemeProvider:e?.httpAuthSchemeProvider??ie,httpAuthSchemes:e?.httpAuthSchemes??[{schemeId:"aws.auth#sigv4",identityProvider:(s)=>s.getIdentityProvider("aws.auth#sigv4"),signer:new Ue.AwsSdkSigV4Signer},{schemeId:"smithy.api#noAuth",identityProvider:(s)=>s.getIdentityProvider("smithy.api#noAuth")||(async()=>({})),signer:new xe.NoAuthSigner}],logger:e?.logger??new Te,serviceId:e?.serviceId??"SSO OIDC",urlParser:e?.urlParser??qe,utf8Decoder:e?.utf8Decoder??je,utf8Encoder:e?.utf8Encoder??Fe}};var _e=(e)=>{We(process.version);const s=He(e),r=()=>s().then(Ve),i=ze(e);return Ne.emitWarningIfUnsupportedVersion(process.version),{...i,...e,runtime:"node",defaultsMode:s,bodyLengthChecker:e?.bodyLengthChecker??Ze,credentialDefaultProvider:e?.credentialDefaultProvider??pe,defaultUserAgentProvider:e?.defaultUserAgentProvider??Xe({serviceId:i.serviceId,clientVersion:ne.version}),maxAttempts:e?.maxAttempts??R(Le),region:e?.region??R(Ke,Me),requestHandler:Ge.create(e?.requestHandler??r),retryMode:e?.retryMode??R({...Qe,default:async()=>(await r()).retryMode||Be}),sha256:e?.sha256??Ye.bind(null,"sha256"),streamCollector:e?.streamCollector??Je,useDualstackEndpoint:e?.useDualstackEndpoint??R(fe),useFipsEndpoint:e?.useFipsEndpoint??R(Ae)}};var Ce=(e)=>{const s=e.httpAuthSchemes;let{httpAuthSchemeProvider:r,credentials:i}=e;return{setHttpAuthScheme(l){const n=s.findIndex((T)=>T.schemeId===l.schemeId);if(n===-1)s.push(l);else s.splice(n,1,l)},httpAuthSchemes(){return s},setHttpAuthSchemeProvider(l){r=l},httpAuthSchemeProvider(){return r},setCredentials(l){i=l},credentials(){return i}}},ge=(e)=>{return{httpAuthSchemes:e.httpAuthSchemes(),httpAuthSchemeProvider:e.httpAuthSchemeProvider(),credentials:e.credentials()}};var x=(e)=>e,lr=(e,s)=>{const r={...x(sr(e)),...x(er(e)),...x(Oe(e)),...x(Ce(e))};return s.forEach((i)=>i.configure(r)),{...e,...ir(r),...rr(r),...ue(r),...ge(r)}};class _ extends yr{constructor(...[e]){const s=_e(e||{}),r=he(s),i=cr(r),l=kr(i),n=ar(l),T=hr(n),Wr=wr(T),fr=le(Wr),ee=lr(fr,e?.extensions||[]);super(ee);this.config=ee,this.middlewareStack.use(tr(this.config)),this.middlewareStack.use(vr(this.config)),this.middlewareStack.use(mr(this.config)),this.middlewareStack.use(nr(this.config)),this.middlewareStack.use(or(this.config)),this.middlewareStack.use(dr(this.config)),this.middlewareStack.use(P.getHttpAuthSchemeEndpointRuleSetPlugin(this.config,{httpAuthSchemeParametersProvider:se,identityProviderConfigProvider:async(Ar)=>new P.DefaultIdentityProviderConfig({"aws.auth#sigv4":Ar.credentials})})),this.middlewareStack.use(P.getHttpSigningPlugin(this.config))}destroy(){super.destroy()}}class y extends Er{constructor(e){super(e);Object.setPrototypeOf(this,y.prototype)}}class z extends y{constructor(e){super({name:"AccessDeniedException",$fault:"client",...e});this.name="AccessDeniedException",this.$fault="client",Object.setPrototypeOf(this,z.prototype),this.error=e.error,this.error_description=e.error_description}}class G extends y{constructor(e){super({name:"AuthorizationPendingException",$fault:"client",...e});this.name="AuthorizationPendingException",this.$fault="client",Object.setPrototypeOf(this,G.prototype),this.error=e.error,this.error_description=e.error_description}}class J extends y{constructor(e){super({name:"ExpiredTokenException",$fault:"client",...e});this.name="ExpiredTokenException",this.$fault="client",Object.setPrototypeOf(this,J.prototype),this.error=e.error,this.error_description=e.error_description}}class V extends y{constructor(e){super({name:"InternalServerException",$fault:"server",...e});this.name="InternalServerException",this.$fault="server",Object.setPrototypeOf(this,V.prototype),this.error=e.error,this.error_description=e.error_description}}class W extends y{constructor(e){super({name:"InvalidClientException",$fault:"client",...e});this.name="InvalidClientException",this.$fault="client",Object.setPrototypeOf(this,W.prototype),this.error=e.error,this.error_description=e.error_description}}class f extends y{constructor(e){super({name:"InvalidGrantException",$fault:"client",...e});this.name="InvalidGrantException",this.$fault="client",Object.setPrototypeOf(this,f.prototype),this.error=e.error,this.error_description=e.error_description}}class A extends y{constructor(e){super({name:"InvalidRequestException",$fault:"client",...e});this.name="InvalidRequestException",this.$fault="client",Object.setPrototypeOf(this,A.prototype),this.error=e.error,this.error_description=e.error_description}}class K extends y{constructor(e){super({name:"InvalidScopeException",$fault:"client",...e});this.name="InvalidScopeException",this.$fault="client",Object.setPrototypeOf(this,K.prototype),this.error=e.error,this.error_description=e.error_description}}class M extends y{constructor(e){super({name:"SlowDownException",$fault:"client",...e});this.name="SlowDownException",this.$fault="client",Object.setPrototypeOf(this,M.prototype),this.error=e.error,this.error_description=e.error_description}}class B extends y{constructor(e){super({name:"UnauthorizedClientException",$fault:"client",...e});this.name="UnauthorizedClientException",this.$fault="client",Object.setPrototypeOf(this,B.prototype),this.error=e.error,this.error_description=e.error_description}}class L extends y{constructor(e){super({name:"UnsupportedGrantTypeException",$fault:"client",...e});this.name="UnsupportedGrantTypeException",this.$fault="client",Object.setPrototypeOf(this,L.prototype),this.error=e.error,this.error_description=e.error_description}}class Q extends y{constructor(e){super({name:"InvalidRequestRegionException",$fault:"client",...e});this.name="InvalidRequestRegionException",this.$fault="client",Object.setPrototypeOf(this,Q.prototype),this.error=e.error,this.error_description=e.error_description,this.endpoint=e.endpoint,this.region=e.region}}class X extends y{constructor(e){super({name:"InvalidClientMetadataException",$fault:"client",...e});this.name="InvalidClientMetadataException",this.$fault="client",Object.setPrototypeOf(this,X.prototype),this.error=e.error,this.error_description=e.error_description}}class Y extends y{constructor(e){super({name:"InvalidRedirectUriException",$fault:"client",...e});this.name="InvalidRedirectUriException",this.$fault="client",Object.setPrototypeOf(this,Y.prototype),this.error=e.error,this.error_description=e.error_description}}var Sr=(e)=>({...e,...e.clientSecret&&{clientSecret:t},...e.refreshToken&&{refreshToken:t},...e.codeVerifier&&{codeVerifier:t}}),$r=(e)=>({...e,...e.accessToken&&{accessToken:t},...e.refreshToken&&{refreshToken:t},...e.idToken&&{idToken:t}}),Ir=(e)=>({...e,...e.refreshToken&&{refreshToken:t},...e.assertion&&{assertion:t},...e.subjectToken&&{subjectToken:t},...e.codeVerifier&&{codeVerifier:t}}),Rr=(e)=>({...e,...e.accessToken&&{accessToken:t},...e.refreshToken&&{refreshToken:t},...e.idToken&&{idToken:t}}),Pr=(e)=>({...e,...e.clientSecret&&{clientSecret:t}}),Tr=(e)=>({...e,...e.clientSecret&&{clientSecret:t}});var w=k(q(),1),D=k(N(),1);var jr=async(e,s)=>{const r=D.requestBuilder(e,s),i={"content-type":"application/json"};r.bp("/token");let l;return l=JSON.stringify(o(e,{clientId:[],clientSecret:[],code:[],codeVerifier:[],deviceCode:[],grantType:[],redirectUri:[],refreshToken:[],scope:(n)=>I(n)})),r.m("POST").h(i).b(l),r.build()},Fr=async(e,s)=>{const r=D.requestBuilder(e,s),i={"content-type":"application/json"};r.bp("/token");const l=d({[is]:[,"t"]});let n;return n=JSON.stringify(o(e,{assertion:[],clientId:[],code:[],codeVerifier:[],grantType:[],redirectUri:[],refreshToken:[],requestedTokenType:[],scope:(T)=>I(T),subjectToken:[],subjectTokenType:[]})),r.m("POST").h(i).q(l).b(n),r.build()},Dr=async(e,s)=>{const r=D.requestBuilder(e,s),i={"content-type":"application/json"};r.bp("/client/register");let l;return l=JSON.stringify(o(e,{clientName:[],clientType:[],entitledApplicationArn:[],grantTypes:(n)=>I(n),issuerUrl:[],redirectUris:(n)=>I(n),scopes:(n)=>I(n)})),r.m("POST").h(i).b(l),r.build()},qr=async(e,s)=>{const r=D.requestBuilder(e,s),i={"content-type":"application/json"};r.bp("/device_authorization");let l;return l=JSON.stringify(o(e,{clientId:[],clientSecret:[],startUrl:[]})),r.m("POST").h(i).b(l),r.build()},Ur=async(e,s)=>{if(e.statusCode!==200&&e.statusCode>=300)return Z(e,s);const r=d({$metadata:c(e)}),i=j(F(await w.parseJsonBody(e.body,s)),"body"),l=o(i,{accessToken:h,expiresIn:b,idToken:h,refreshToken:h,tokenType:h});return Object.assign(r,l),r},xr=async(e,s)=>{if(e.statusCode!==200&&e.statusCode>=300)return Z(e,s);const r=d({$metadata:c(e)}),i=j(F(await w.parseJsonBody(e.body,s)),"body"),l=o(i,{accessToken:h,expiresIn:b,idToken:h,issuedTokenType:h,refreshToken:h,scope:I,tokenType:h});return Object.assign(r,l),r},zr=async(e,s)=>{if(e.statusCode!==200&&e.statusCode>=300)return Z(e,s);const r=d({$metadata:c(e)}),i=j(F(await w.parseJsonBody(e.body,s)),"body"),l=o(i,{authorizationEndpoint:h,clientId:h,clientIdIssuedAt:p,clientSecret:h,clientSecretExpiresAt:p,tokenEndpoint:h});return Object.assign(r,l),r},Gr=async(e,s)=>{if(e.statusCode!==200&&e.statusCode>=300)return Z(e,s);const r=d({$metadata:c(e)}),i=j(F(await w.parseJsonBody(e.body,s)),"body"),l=o(i,{deviceCode:h,expiresIn:b,interval:b,userCode:h,verificationUri:h,verificationUriComplete:h});return Object.assign(r,l),r},Z=async(e,s)=>{const r={...e,body:await w.parseJsonErrorBody(e.body,s)},i=w.loadRestJsonErrorCode(e,r.body);switch(i){case"AccessDeniedException":case"com.amazonaws.ssooidc#AccessDeniedException":throw await Xr(r,s);case"AuthorizationPendingException":case"com.amazonaws.ssooidc#AuthorizationPendingException":throw await Yr(r,s);case"ExpiredTokenException":case"com.amazonaws.ssooidc#ExpiredTokenException":throw await Zr(r,s);case"InternalServerException":case"com.amazonaws.ssooidc#InternalServerException":throw await Hr(r,s);case"InvalidClientException":case"com.amazonaws.ssooidc#InvalidClientException":throw await Nr(r,s);case"InvalidGrantException":case"com.amazonaws.ssooidc#InvalidGrantException":throw await pr(r,s);case"InvalidRequestException":case"com.amazonaws.ssooidc#InvalidRequestException":throw await gr(r,s);case"InvalidScopeException":case"com.amazonaws.ssooidc#InvalidScopeException":throw await ur(r,s);case"SlowDownException":case"com.amazonaws.ssooidc#SlowDownException":throw await es(r,s);case"UnauthorizedClientException":case"com.amazonaws.ssooidc#UnauthorizedClientException":throw await rs(r,s);case"UnsupportedGrantTypeException":case"com.amazonaws.ssooidc#UnsupportedGrantTypeException":throw await ss(r,s);case"InvalidRequestRegionException":case"com.amazonaws.ssooidc#InvalidRequestRegionException":throw await Or(r,s);case"InvalidClientMetadataException":case"com.amazonaws.ssooidc#InvalidClientMetadataException":throw await _r(r,s);case"InvalidRedirectUriException":case"com.amazonaws.ssooidc#InvalidRedirectUriException":throw await Cr(r,s);default:const l=r.body;return Qr({output:e,parsedBody:l,errorCode:i})}},Qr=br(y),Xr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new z({$metadata:c(e),...r});return a(n,e.body)},Yr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new G({$metadata:c(e),...r});return a(n,e.body)},Zr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new J({$metadata:c(e),...r});return a(n,e.body)},Hr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new V({$metadata:c(e),...r});return a(n,e.body)},Nr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new W({$metadata:c(e),...r});return a(n,e.body)},_r=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new X({$metadata:c(e),...r});return a(n,e.body)},pr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new f({$metadata:c(e),...r});return a(n,e.body)},Cr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new Y({$metadata:c(e),...r});return a(n,e.body)},gr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new A({$metadata:c(e),...r});return a(n,e.body)},Or=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{endpoint:h,error:h,error_description:h,region:h});Object.assign(r,l);const n=new Q({$metadata:c(e),...r});return a(n,e.body)},ur=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new K({$metadata:c(e),...r});return a(n,e.body)},es=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new M({$metadata:c(e),...r});return a(n,e.body)},rs=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new B({$metadata:c(e),...r});return a(n,e.body)},ss=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new L({$metadata:c(e),...r});return a(n,e.body)},c=(e)=>({httpStatusCode:e.statusCode,requestId:e.headers["x-amzn-requestid"]??e.headers["x-amzn-request-id"]??e.headers["x-amz-request-id"],extendedRequestId:e.headers["x-amz-id-2"],cfId:e.headers["x-amz-cf-id"]});var is="aws_iam";class C extends E.classBuilder().ep({...v}).m(function(e,s,r,i){return[S(r,this.serialize,this.deserialize),$(r,e.getEndpointParameterInstructions())]}).s("AWSSSOOIDCService","CreateToken",{}).n("SSOOIDCClient","CreateTokenCommand").f(Sr,$r).ser(jr).de(Ur).build(){}class g extends E.classBuilder().ep({...v}).m(function(e,s,r,i){return[S(r,this.serialize,this.deserialize),$(r,e.getEndpointParameterInstructions())]}).s("AWSSSOOIDCService","CreateTokenWithIAM",{}).n("SSOOIDCClient","CreateTokenWithIAMCommand").f(Ir,Rr).ser(Fr).de(xr).build(){}class O extends E.classBuilder().ep({...v}).m(function(e,s,r,i){return[S(r,this.serialize,this.deserialize),$(r,e.getEndpointParameterInstructions())]}).s("AWSSSOOIDCService","RegisterClient",{}).n("SSOOIDCClient","RegisterClientCommand").f(void 0,Pr).ser(Dr).de(zr).build(){}class u extends E.classBuilder().ep({...v}).m(function(e,s,r,i){return[S(r,this.serialize,this.deserialize),$(r,e.getEndpointParameterInstructions())]}).s("AWSSSOOIDCService","StartDeviceAuthorization",{}).n("SSOOIDCClient","StartDeviceAuthorizationCommand").f(Tr,void 0).ser(qr).de(Gr).build(){}var ls={CreateTokenCommand:C,CreateTokenWithIAMCommand:g,RegisterClientCommand:O,StartDeviceAuthorizationCommand:u};class Vr extends _{}Jr(ls,Vr);export{yr as __Client,L as UnsupportedGrantTypeException,B as UnauthorizedClientException,Tr as StartDeviceAuthorizationRequestFilterSensitiveLog,u as StartDeviceAuthorizationCommand,M as SlowDownException,y as SSOOIDCServiceException,_ as SSOOIDCClient,Vr as SSOOIDC,Pr as RegisterClientResponseFilterSensitiveLog,O as RegisterClientCommand,K as InvalidScopeException,Q as InvalidRequestRegionException,A as InvalidRequestException,Y as InvalidRedirectUriException,f as InvalidGrantException,X as InvalidClientMetadataException,W as InvalidClientException,V as InternalServerException,J as ExpiredTokenException,Rr as CreateTokenWithIAMResponseFilterSensitiveLog,Ir as CreateTokenWithIAMRequestFilterSensitiveLog,g as CreateTokenWithIAMCommand,$r as CreateTokenResponseFilterSensitiveLog,Sr as CreateTokenRequestFilterSensitiveLog,C as CreateTokenCommand,G as AuthorizationPendingException,z as AccessDeniedException,E as $Command};
package/dist/chunk-1084614a350762fb.js ADDED
@@ -0,0 +1,2 @@
1
+ // @bun
2
+ import"./chunk-81f5123a24c19089.js";import{y as w} from"./chunk-7ce930fe69575c87.js";import{$ as _,A as ue,B as er,E as be,F as cr,J as je,K as Fe,M as De,N as qe,Q as Je,R as Ve,X as E,Y as t,Z as Kr,aa as T,ba as b,ca as j,da as h,ka as Sr,la as a,ma as jr,na as We,oa as fe,pa as rr,qa as sr,sa as d,ta as o,va as $} from"./chunk-f5200f44395bf49d.js";import{Aa as yr,Ba as ee,Ca as re,Fa as Y,Ga as H,Ha as tr,Ia as Ie,Ja as Re,Ka as Pe,La as ar,Ma as Ae,Na as Ke,Oa as Me,Pa as Be,Qa as mr,Ra as wr,Ta as S,Ua as kr,Va as Le,Xa as Qe,Ya as vr,Za as Xe,_a as Er,ab as D,bb as Ye,cb as Ze,db as He,eb as Ne,fb as ir,gb as lr,xa as nr,ya as or,za as dr} from"./chunk-38fc9d258dbe62fd.js";import"./chunk-a0003b7feea6fae6.js";import{ib as I,jb as Ue} from"./chunk-a7a144f5e4772c35.js";import"./chunk-3cbc1c9cdc091b43.js";import{lb as Ce} from"./chunk-b9f4c1fce7152fc8.js";import"./chunk-934ebff128f86ef1.js";var R=w(H(),1);var se=w(D(),1);var Xr=function(e){return{schemeId:"aws.auth#sigv4",signingProperties:{name:"sso-oauth",region:e.region},propertiesExtractor:(s,r)=>({signingProperties:{config:s,context:r}})}},Z=function(e){return{schemeId:"smithy.api#noAuth"}},ie=async(e,s,r)=>{return{operation:ee(s).operation,region:await re(e.region)()||(()=>{throw new Error("expected `region` to be configured for `aws.auth#sigv4`")})()}},le=(e)=>{const s=[];switch(e.operation){case"CreateToken":{s.push(Z(e));break}case"RegisterClient":{s.push(Z(e));break}case"StartDeviceAuthorization":{s.push(Z(e));break}default:s.push(Xr(e))}return s},he=(e)=>{return{...se.resolveAwsSdkSigV4Config(e)}};var ne=(e)=>{return{...e,useDualstackEndpoint:e.useDualstackEndpoint??!1,useFipsEndpoint:e.useFipsEndpoint??!1,defaultSigningName:"sso-oauth"}},v={UseFIPS:{type:"builtInParams",name:"useFipsEndpoint"},Endpoint:{type:"builtInParams",name:"endpoint"},Region:{type:"builtInParams",name:"region"},UseDualStack:{type:"builtInParams",name:"useDualstackEndpoint"}};var oe={name:"@aws-sdk/client-sso-oidc",description:"AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native",version:"3.629.0",scripts:{build:"concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'","build:cjs":"node ../../scripts/compilation/inline client-sso-oidc","build:es":"tsc -p tsconfig.es.json","build:include:deps":"lerna run --scope $npm_package_name --include-dependencies build","build:types":"tsc -p tsconfig.types.json","build:types:downlevel":"downlevel-dts dist-types dist-types/ts3.4",clean:"rimraf ./dist-* && rimraf *.tsbuildinfo","extract:docs":"api-extractor run --local","generate:client":"node ../../scripts/generate-clients/single-service --solo sso-oidc"},main:"./dist-cjs/index.js",types:"./dist-types/index.d.ts",module:"./dist-es/index.js",sideEffects:!1,dependencies:{"@aws-crypto/sha256-browser":"5.2.0","@aws-crypto/sha256-js":"5.2.0","@aws-sdk/core":"3.629.0","@aws-sdk/credential-provider-node":"3.629.0","@aws-sdk/middleware-host-header":"3.620.0","@aws-sdk/middleware-logger":"3.609.0","@aws-sdk/middleware-recursion-detection":"3.620.0","@aws-sdk/middleware-user-agent":"3.620.0","@aws-sdk/region-config-resolver":"3.614.0","@aws-sdk/types":"3.609.0","@aws-sdk/util-endpoints":"3.614.0","@aws-sdk/util-user-agent-browser":"3.609.0","@aws-sdk/util-user-agent-node":"3.614.0","@smithy/config-resolver":"^3.0.5","@smithy/core":"^2.3.2","@smithy/fetch-http-handler":"^3.2.4","@smithy/hash-node":"^3.0.3","@smithy/invalid-dependency":"^3.0.3","@smithy/middleware-content-length":"^3.0.5","@smithy/middleware-endpoint":"^3.1.0","@smithy/middleware-retry":"^3.0.14","@smithy/middleware-serde":"^3.0.3","@smithy/middleware-stack":"^3.0.3","@smithy/node-config-provider":"^3.1.4","@smithy/node-http-handler":"^3.1.4","@smithy/protocol-http":"^4.1.0","@smithy/smithy-client":"^3.1.12","@smithy/types":"^3.3.0","@smithy/url-parser":"^3.0.3","@smithy/util-base64":"^3.0.0","@smithy/util-body-length-browser":"^3.0.0","@smithy/util-body-length-node":"^3.0.0","@smithy/util-defaults-mode-browser":"^3.0.14","@smithy/util-defaults-mode-node":"^3.0.14","@smithy/util-endpoints":"^2.0.5","@smithy/util-middleware":"^3.0.3","@smithy/util-retry":"^3.0.3","@smithy/util-utf8":"^3.0.0",tslib:"^2.6.2"},devDependencies:{"@tsconfig/node16":"16.1.3","@types/node":"^16.18.96",concurrently:"7.0.0","downlevel-dts":"0.10.1",rimraf:"3.0.2",typescript:"~4.9.5"},engines:{node:">=16.0.0"},typesVersions:{"<4.0":{"dist-types/*":["dist-types/ts3.4/*"]}},files:["dist-*/**"],author:{name:"AWS SDK for JavaScript Team",url:"https://aws.amazon.com/javascript/"},license:"Apache-2.0",peerDependencies:{"@aws-sdk/client-sts":"^3.629.0"},browser:{"./dist-es/runtimeConfig":"./dist-es/runtimeConfig.browser"},"react-native":{"./dist-es/runtimeConfig":"./dist-es/runtimeConfig.native"},homepage:"https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc",repository:{type:"git",url:"https://github.com/aws/aws-sdk-js-v3.git",directory:"clients/client-sso-oidc"}};var _e=w(D(),1);var xe=w(D(),1),ze=w(H(),1);var de={["required"]:!1,type:"String"},ye={["required"]:!0,default:!1,type:"Boolean"},ce={["ref"]:"Endpoint"},ve={["fn"]:"booleanEquals",["argv"]:[{["ref"]:"UseFIPS"},!0]},Ee={["fn"]:"booleanEquals",["argv"]:[{["ref"]:"UseDualStack"},!0]},m={},te={["fn"]:"getAttr",["argv"]:[{["ref"]:"PartitionResult"},"supportsFIPS"]},Se={["ref"]:"PartitionResult"},ae={["fn"]:"booleanEquals",["argv"]:[!0,{["fn"]:"getAttr",["argv"]:[Se,"supportsDualStack"]}]},me=[ve],we=[Ee],ke=[{["ref"]:"Region"}],Zr={version:"1.0",parameters:{Region:de,UseDualStack:ye,UseFIPS:ye,Endpoint:de},rules:[{conditions:[{["fn"]:"isSet",["argv"]:[ce]}],rules:[{conditions:me,error:"Invalid Configuration: FIPS and custom endpoint are not supported",type:"error"},{conditions:we,error:"Invalid Configuration: Dualstack and custom endpoint are not supported",type:"error"},{endpoint:{url:ce,properties:m,headers:m},type:"endpoint"}],type:"tree"},{conditions:[{["fn"]:"isSet",["argv"]:ke}],rules:[{conditions:[{["fn"]:"aws.partition",["argv"]:ke,assign:"PartitionResult"}],rules:[{conditions:[ve,Ee],rules:[{conditions:[{["fn"]:"booleanEquals",["argv"]:[!0,te]},ae],rules:[{endpoint:{url:"https://oidc-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:m,headers:m},type:"endpoint"}],type:"tree"},{error:"FIPS and DualStack are enabled, but this partition does not support one or both",type:"error"}],type:"tree"},{conditions:me,rules:[{conditions:[{["fn"]:"booleanEquals",["argv"]:[te,!0]}],rules:[{conditions:[{["fn"]:"stringEquals",["argv"]:[{["fn"]:"getAttr",["argv"]:[Se,"name"]},"aws-us-gov"]}],endpoint:{url:"https://oidc.{Region}.amazonaws.com",properties:m,headers:m},type:"endpoint"},{endpoint:{url:"https://oidc-fips.{Region}.{PartitionResult#dnsSuffix}",properties:m,headers:m},type:"endpoint"}],type:"tree"},{error:"FIPS is enabled but this partition does not support FIPS",type:"error"}],type:"tree"},{conditions:we,rules:[{conditions:[ae],rules:[{endpoint:{url:"https://oidc.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:m,headers:m},type:"endpoint"}],type:"tree"},{error:"DualStack is enabled but this partition does not support DualStack",type:"error"}],type:"tree"},{endpoint:{url:"https://oidc.{Region}.{PartitionResult#dnsSuffix}",properties:m,headers:m},type:"endpoint"}],type:"tree"}],type:"tree"},{error:"Invalid Configuration: Missing Region",type:"error"}]},$e=Zr;var Te=(e,s={})=>{return Re($e,{endpointParams:e,logger:s.logger})};Ie.aws=Pe;var Ge=(e)=>{return{apiVersion:"2019-06-10",base64Decoder:e?.base64Decoder??je,base64Encoder:e?.base64Encoder??qe,disableHostPrefix:e?.disableHostPrefix??!1,endpointProvider:e?.endpointProvider??Te,extensions:e?.extensions??[],httpAuthSchemeProvider:e?.httpAuthSchemeProvider??le,httpAuthSchemes:e?.httpAuthSchemes??[{schemeId:"aws.auth#sigv4",identityProvider:(s)=>s.getIdentityProvider("aws.auth#sigv4"),signer:new xe.AwsSdkSigV4Signer},{schemeId:"smithy.api#noAuth",identityProvider:(s)=>s.getIdentityProvider("smithy.api#noAuth")||(async()=>({})),signer:new ze.NoAuthSigner}],logger:e?.logger??new be,serviceId:e?.serviceId??"SSO OIDC",urlParser:e?.urlParser??Ue,utf8Decoder:e?.utf8Decoder??Fe,utf8Encoder:e?.utf8Encoder??De}};var pe=(e)=>{fe(process.version);const s=Ne(e),r=()=>s().then(We),i=Ge(e);return _e.emitWarningIfUnsupportedVersion(process.version),{...i,...e,runtime:"node",defaultsMode:s,bodyLengthChecker:e?.bodyLengthChecker??He,credentialDefaultProvider:e?.credentialDefaultProvider??Ce,defaultUserAgentProvider:e?.defaultUserAgentProvider??Ye({serviceId:i.serviceId,clientVersion:oe.version}),maxAttempts:e?.maxAttempts??I(Qe),region:e?.region??I(Me,Be),requestHandler:Je.create(e?.requestHandler??r),retryMode:e?.retryMode??I({...Xe,default:async()=>(await r()).retryMode||Le}),sha256:e?.sha256??Ze.bind(null,"sha256"),streamCollector:e?.streamCollector??Ve,useDualstackEndpoint:e?.useDualstackEndpoint??I(Ae),useFipsEndpoint:e?.useFipsEndpoint??I(Ke)}};var ge=(e)=>{const s=e.httpAuthSchemes;let{httpAuthSchemeProvider:r,credentials:i}=e;return{setHttpAuthScheme(l){const n=s.findIndex((P)=>P.schemeId===l.schemeId);if(n===-1)s.push(l);else s.splice(n,1,l)},httpAuthSchemes(){return s},setHttpAuthSchemeProvider(l){r=l},httpAuthSchemeProvider(){return r},setCredentials(l){i=l},credentials(){return i}}},Oe=(e)=>{return{httpAuthSchemes:e.httpAuthSchemes(),httpAuthSchemeProvider:e.httpAuthSchemeProvider(),credentials:e.credentials()}};var q=(e)=>e,hr=(e,s)=>{const r={...q(ir(e)),...q(rr(e)),...q(ue(e)),...q(ge(e))};return s.forEach((i)=>i.configure(r)),{...e,...lr(r),...sr(r),...er(r),...Oe(r)}};class N extends cr{constructor(...[e]){const s=pe(e||{}),r=ne(s),i=tr(r),l=vr(i),n=mr(l),P=nr(n),Br=kr(P),Lr=he(Br),u=hr(Lr,e?.extensions||[]);super(u);this.config=u,this.middlewareStack.use(ar(this.config)),this.middlewareStack.use(Er(this.config)),this.middlewareStack.use(wr(this.config)),this.middlewareStack.use(or(this.config)),this.middlewareStack.use(dr(this.config)),this.middlewareStack.use(yr(this.config)),this.middlewareStack.use(R.getHttpAuthSchemeEndpointRuleSetPlugin(this.config,{httpAuthSchemeParametersProvider:ie,identityProviderConfigProvider:async(Qr)=>new R.DefaultIdentityProviderConfig({"aws.auth#sigv4":Qr.credentials})})),this.middlewareStack.use(R.getHttpSigningPlugin(this.config))}destroy(){super.destroy()}}var Vr=w(Y(),1);class y extends Sr{constructor(e){super(e);Object.setPrototypeOf(this,y.prototype)}}class U extends y{constructor(e){super({name:"AccessDeniedException",$fault:"client",...e});this.name="AccessDeniedException",this.$fault="client",Object.setPrototypeOf(this,U.prototype),this.error=e.error,this.error_description=e.error_description}}class x extends y{constructor(e){super({name:"AuthorizationPendingException",$fault:"client",...e});this.name="AuthorizationPendingException",this.$fault="client",Object.setPrototypeOf(this,x.prototype),this.error=e.error,this.error_description=e.error_description}}class z extends y{constructor(e){super({name:"ExpiredTokenException",$fault:"client",...e});this.name="ExpiredTokenException",this.$fault="client",Object.setPrototypeOf(this,z.prototype),this.error=e.error,this.error_description=e.error_description}}class G extends y{constructor(e){super({name:"InternalServerException",$fault:"server",...e});this.name="InternalServerException",this.$fault="server",Object.setPrototypeOf(this,G.prototype),this.error=e.error,this.error_description=e.error_description}}class J extends y{constructor(e){super({name:"InvalidClientException",$fault:"client",...e});this.name="InvalidClientException",this.$fault="client",Object.setPrototypeOf(this,J.prototype),this.error=e.error,this.error_description=e.error_description}}class V extends y{constructor(e){super({name:"InvalidGrantException",$fault:"client",...e});this.name="InvalidGrantException",this.$fault="client",Object.setPrototypeOf(this,V.prototype),this.error=e.error,this.error_description=e.error_description}}class W extends y{constructor(e){super({name:"InvalidRequestException",$fault:"client",...e});this.name="InvalidRequestException",this.$fault="client",Object.setPrototypeOf(this,W.prototype),this.error=e.error,this.error_description=e.error_description}}class f extends y{constructor(e){super({name:"InvalidScopeException",$fault:"client",...e});this.name="InvalidScopeException",this.$fault="client",Object.setPrototypeOf(this,f.prototype),this.error=e.error,this.error_description=e.error_description}}class A extends y{constructor(e){super({name:"SlowDownException",$fault:"client",...e});this.name="SlowDownException",this.$fault="client",Object.setPrototypeOf(this,A.prototype),this.error=e.error,this.error_description=e.error_description}}class K extends y{constructor(e){super({name:"UnauthorizedClientException",$fault:"client",...e});this.name="UnauthorizedClientException",this.$fault="client",Object.setPrototypeOf(this,K.prototype),this.error=e.error,this.error_description=e.error_description}}class M extends y{constructor(e){super({name:"UnsupportedGrantTypeException",$fault:"client",...e});this.name="UnsupportedGrantTypeException",this.$fault="client",Object.setPrototypeOf(this,M.prototype),this.error=e.error,this.error_description=e.error_description}}class B extends y{constructor(e){super({name:"InvalidRequestRegionException",$fault:"client",...e});this.name="InvalidRequestRegionException",this.$fault="client",Object.setPrototypeOf(this,B.prototype),this.error=e.error,this.error_description=e.error_description,this.endpoint=e.endpoint,this.region=e.region}}class L extends y{constructor(e){super({name:"InvalidClientMetadataException",$fault:"client",...e});this.name="InvalidClientMetadataException",this.$fault="client",Object.setPrototypeOf(this,L.prototype),this.error=e.error,this.error_description=e.error_description}}class Q extends y{constructor(e){super({name:"InvalidRedirectUriException",$fault:"client",...e});this.name="InvalidRedirectUriException",this.$fault="client",Object.setPrototypeOf(this,Q.prototype),this.error=e.error,this.error_description=e.error_description}}var $r=(e)=>({...e,...e.clientSecret&&{clientSecret:t},...e.refreshToken&&{refreshToken:t},...e.codeVerifier&&{codeVerifier:t}}),Ir=(e)=>({...e,...e.accessToken&&{accessToken:t},...e.refreshToken&&{refreshToken:t},...e.idToken&&{idToken:t}}),Rr=(e)=>({...e,...e.refreshToken&&{refreshToken:t},...e.assertion&&{assertion:t},...e.subjectToken&&{subjectToken:t},...e.codeVerifier&&{codeVerifier:t}}),Pr=(e)=>({...e,...e.accessToken&&{accessToken:t},...e.refreshToken&&{refreshToken:t},...e.idToken&&{idToken:t}}),Tr=(e)=>({...e,...e.clientSecret&&{clientSecret:t}}),br=(e)=>({...e,...e.clientSecret&&{clientSecret:t}});var k=w(D(),1),F=w(H(),1);var Fr=async(e,s)=>{const r=F.requestBuilder(e,s),i={"content-type":"application/json"};r.bp("/token");let l;return l=JSON.stringify(o(e,{clientId:[],clientSecret:[],code:[],codeVerifier:[],deviceCode:[],grantType:[],redirectUri:[],refreshToken:[],scope:(n)=>$(n)})),r.m("POST").h(i).b(l),r.build()},Dr=async(e,s)=>{const r=F.requestBuilder(e,s),i={"content-type":"application/json"};r.bp("/token");const l=d({[os]:[,"t"]});let n;return n=JSON.stringify(o(e,{assertion:[],clientId:[],code:[],codeVerifier:[],grantType:[],redirectUri:[],refreshToken:[],requestedTokenType:[],scope:(P)=>$(P),subjectToken:[],subjectTokenType:[]})),r.m("POST").h(i).q(l).b(n),r.build()},qr=async(e,s)=>{const r=F.requestBuilder(e,s),i={"content-type":"application/json"};r.bp("/client/register");let l;return l=JSON.stringify(o(e,{clientName:[],clientType:[],entitledApplicationArn:[],grantTypes:(n)=>$(n),issuerUrl:[],redirectUris:(n)=>$(n),scopes:(n)=>$(n)})),r.m("POST").h(i).b(l),r.build()},Ur=async(e,s)=>{const r=F.requestBuilder(e,s),i={"content-type":"application/json"};r.bp("/device_authorization");let l;return l=JSON.stringify(o(e,{clientId:[],clientSecret:[],startUrl:[]})),r.m("POST").h(i).b(l),r.build()},xr=async(e,s)=>{if(e.statusCode!==200&&e.statusCode>=300)return X(e,s);const r=d({$metadata:c(e)}),i=b(j(await k.parseJsonBody(e.body,s)),"body"),l=o(i,{accessToken:h,expiresIn:T,idToken:h,refreshToken:h,tokenType:h});return Object.assign(r,l),r},zr=async(e,s)=>{if(e.statusCode!==200&&e.statusCode>=300)return X(e,s);const r=d({$metadata:c(e)}),i=b(j(await k.parseJsonBody(e.body,s)),"body"),l=o(i,{accessToken:h,expiresIn:T,idToken:h,issuedTokenType:h,refreshToken:h,scope:$,tokenType:h});return Object.assign(r,l),r},Gr=async(e,s)=>{if(e.statusCode!==200&&e.statusCode>=300)return X(e,s);const r=d({$metadata:c(e)}),i=b(j(await k.parseJsonBody(e.body,s)),"body"),l=o(i,{authorizationEndpoint:h,clientId:h,clientIdIssuedAt:_,clientSecret:h,clientSecretExpiresAt:_,tokenEndpoint:h});return Object.assign(r,l),r},Jr=async(e,s)=>{if(e.statusCode!==200&&e.statusCode>=300)return X(e,s);const r=d({$metadata:c(e)}),i=b(j(await k.parseJsonBody(e.body,s)),"body"),l=o(i,{deviceCode:h,expiresIn:T,interval:T,userCode:h,verificationUri:h,verificationUriComplete:h});return Object.assign(r,l),r},X=async(e,s)=>{const r={...e,body:await k.parseJsonErrorBody(e.body,s)},i=k.loadRestJsonErrorCode(e,r.body);switch(i){case"AccessDeniedException":case"com.amazonaws.ssooidc#AccessDeniedException":throw await Nr(r,s);case"AuthorizationPendingException":case"com.amazonaws.ssooidc#AuthorizationPendingException":throw await _r(r,s);case"ExpiredTokenException":case"com.amazonaws.ssooidc#ExpiredTokenException":throw await pr(r,s);case"InternalServerException":case"com.amazonaws.ssooidc#InternalServerException":throw await Cr(r,s);case"InvalidClientException":case"com.amazonaws.ssooidc#InvalidClientException":throw await gr(r,s);case"InvalidGrantException":case"com.amazonaws.ssooidc#InvalidGrantException":throw await ur(r,s);case"InvalidRequestException":case"com.amazonaws.ssooidc#InvalidRequestException":throw await rs(r,s);case"InvalidScopeException":case"com.amazonaws.ssooidc#InvalidScopeException":throw await is(r,s);case"SlowDownException":case"com.amazonaws.ssooidc#SlowDownException":throw await ls(r,s);case"UnauthorizedClientException":case"com.amazonaws.ssooidc#UnauthorizedClientException":throw await hs(r,s);case"UnsupportedGrantTypeException":case"com.amazonaws.ssooidc#UnsupportedGrantTypeException":throw await ns(r,s);case"InvalidRequestRegionException":case"com.amazonaws.ssooidc#InvalidRequestRegionException":throw await ss(r,s);case"InvalidClientMetadataException":case"com.amazonaws.ssooidc#InvalidClientMetadataException":throw await Or(r,s);case"InvalidRedirectUriException":case"com.amazonaws.ssooidc#InvalidRedirectUriException":throw await es(r,s);default:const l=r.body;return Hr({output:e,parsedBody:l,errorCode:i})}},Hr=jr(y),Nr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new U({$metadata:c(e),...r});return a(n,e.body)},_r=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new x({$metadata:c(e),...r});return a(n,e.body)},pr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new z({$metadata:c(e),...r});return a(n,e.body)},Cr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new G({$metadata:c(e),...r});return a(n,e.body)},gr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new J({$metadata:c(e),...r});return a(n,e.body)},Or=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new L({$metadata:c(e),...r});return a(n,e.body)},ur=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new V({$metadata:c(e),...r});return a(n,e.body)},es=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new Q({$metadata:c(e),...r});return a(n,e.body)},rs=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new W({$metadata:c(e),...r});return a(n,e.body)},ss=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{endpoint:h,error:h,error_description:h,region:h});Object.assign(r,l);const n=new B({$metadata:c(e),...r});return a(n,e.body)},is=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new f({$metadata:c(e),...r});return a(n,e.body)},ls=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new A({$metadata:c(e),...r});return a(n,e.body)},hs=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new K({$metadata:c(e),...r});return a(n,e.body)},ns=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new M({$metadata:c(e),...r});return a(n,e.body)},c=(e)=>({httpStatusCode:e.statusCode,requestId:e.headers["x-amzn-requestid"]??e.headers["x-amzn-request-id"]??e.headers["x-amz-request-id"],extendedRequestId:e.headers["x-amz-id-2"],cfId:e.headers["x-amz-cf-id"]});var os="aws_iam";class p extends E.classBuilder().ep({...v}).m(function(e,s,r,i){return[Vr.getSerdePlugin(r,this.serialize,this.deserialize),S(r,e.getEndpointParameterInstructions())]}).s("AWSSSOOIDCService","CreateToken",{}).n("SSOOIDCClient","CreateTokenCommand").f($r,Ir).ser(Fr).de(xr).build(){}var Wr=w(Y(),1);class C extends E.classBuilder().ep({...v}).m(function(e,s,r,i){return[Wr.getSerdePlugin(r,this.serialize,this.deserialize),S(r,e.getEndpointParameterInstructions())]}).s("AWSSSOOIDCService","CreateTokenWithIAM",{}).n("SSOOIDCClient","CreateTokenWithIAMCommand").f(Rr,Pr).ser(Dr).de(zr).build(){}var fr=w(Y(),1);class g extends E.classBuilder().ep({...v}).m(function(e,s,r,i){return[fr.getSerdePlugin(r,this.serialize,this.deserialize),S(r,e.getEndpointParameterInstructions())]}).s("AWSSSOOIDCService","RegisterClient",{}).n("SSOOIDCClient","RegisterClientCommand").f(void 0,Tr).ser(qr).de(Gr).build(){}var Ar=w(Y(),1);class O extends E.classBuilder().ep({...v}).m(function(e,s,r,i){return[Ar.getSerdePlugin(r,this.serialize,this.deserialize),S(r,e.getEndpointParameterInstructions())]}).s("AWSSSOOIDCService","StartDeviceAuthorization",{}).n("SSOOIDCClient","StartDeviceAuthorizationCommand").f(br,void 0).ser(Ur).de(Jr).build(){}var ds={CreateTokenCommand:p,CreateTokenWithIAMCommand:C,RegisterClientCommand:g,StartDeviceAuthorizationCommand:O};class Mr extends N{}Kr(ds,Mr);export{cr as __Client,M as UnsupportedGrantTypeException,K as UnauthorizedClientException,br as StartDeviceAuthorizationRequestFilterSensitiveLog,O as StartDeviceAuthorizationCommand,A as SlowDownException,y as SSOOIDCServiceException,N as SSOOIDCClient,Mr as SSOOIDC,Tr as RegisterClientResponseFilterSensitiveLog,g as RegisterClientCommand,f as InvalidScopeException,B as InvalidRequestRegionException,W as InvalidRequestException,Q as InvalidRedirectUriException,V as InvalidGrantException,L as InvalidClientMetadataException,J as InvalidClientException,G as InternalServerException,z as ExpiredTokenException,Pr as CreateTokenWithIAMResponseFilterSensitiveLog,Rr as CreateTokenWithIAMRequestFilterSensitiveLog,C as CreateTokenWithIAMCommand,Ir as CreateTokenResponseFilterSensitiveLog,$r as CreateTokenRequestFilterSensitiveLog,p as CreateTokenCommand,x as AuthorizationPendingException,U as AccessDeniedException,E as $Command};
package/dist/chunk-11323d7a5d9219ce.js CHANGED
@@ -1,2 +1,2 @@
1
1
  // @bun
2
- import"./chunk-7ce930fe69575c87.js";import"./chunk-09dd89e1046786a5.js";import{nb as K,tb as S} from"./chunk-92f6095a3be7f459.js";import{vb as o} from"./chunk-73eed146ee78f681.js";import{exec as _} from"child_process";import{promisify as y} from"util";var i=(c,n,s)=>{if(n.Version!==1)throw Error(`Profile ${c} credential_process did not return Version 1.`);if(n.AccessKeyId===void 0||n.SecretAccessKey===void 0)throw Error(`Profile ${c} credential_process returned invalid credentials.`);if(n.Expiration){const t=new Date;if(new Date(n.Expiration)<t)throw Error(`Profile ${c} credential_process returned expired credentials.`)}let e=n.AccountId;if(!e&&s?.[c]?.aws_account_id)e=s[c].aws_account_id;return{accessKeyId:n.AccessKeyId,secretAccessKey:n.SecretAccessKey,...n.SessionToken&&{sessionToken:n.SessionToken},...n.Expiration&&{expiration:new Date(n.Expiration)},...n.CredentialScope&&{credentialScope:n.CredentialScope},...e&&{accountId:e}}};var x=async(c,n,s)=>{const e=n[c];if(n[c]){const t=e.credential_process;if(t!==void 0){const u=y(_);try{const{stdout:r}=await u(t);let w;try{w=JSON.parse(r.trim())}catch{throw Error(`Profile ${c} credential_process returned invalid JSON.`)}return i(c,w,n)}catch(r){throw new o(r.message,{logger:s})}}else throw new o(`Profile ${c} did not contain credential_process.`,{logger:s})}else throw new o(`Profile ${c} could not be found in shared credentials file.`,{logger:s})};var $=(c={})=>async()=>{c.logger?.debug("@aws-sdk/credential-provider-process - fromProcess");const n=await S(c);return x(K(c),n,c.logger)};export{$ as fromProcess};
2
+ import"./chunk-7ce930fe69575c87.js";import"./chunk-a0003b7feea6fae6.js";import{nb as K,tb as S} from"./chunk-934ebff128f86ef1.js";import{vb as o} from"./chunk-73eed146ee78f681.js";import{exec as _} from"child_process";import{promisify as y} from"util";var i=(c,n,s)=>{if(n.Version!==1)throw Error(`Profile ${c} credential_process did not return Version 1.`);if(n.AccessKeyId===void 0||n.SecretAccessKey===void 0)throw Error(`Profile ${c} credential_process returned invalid credentials.`);if(n.Expiration){const t=new Date;if(new Date(n.Expiration)<t)throw Error(`Profile ${c} credential_process returned expired credentials.`)}let e=n.AccountId;if(!e&&s?.[c]?.aws_account_id)e=s[c].aws_account_id;return{accessKeyId:n.AccessKeyId,secretAccessKey:n.SecretAccessKey,...n.SessionToken&&{sessionToken:n.SessionToken},...n.Expiration&&{expiration:new Date(n.Expiration)},...n.CredentialScope&&{credentialScope:n.CredentialScope},...e&&{accountId:e}}};var x=async(c,n,s)=>{const e=n[c];if(n[c]){const t=e.credential_process;if(t!==void 0){const u=y(_);try{const{stdout:r}=await u(t);let w;try{w=JSON.parse(r.trim())}catch{throw Error(`Profile ${c} credential_process returned invalid JSON.`)}return i(c,w,n)}catch(r){throw new o(r.message,{logger:s})}}else throw new o(`Profile ${c} did not contain credential_process.`,{logger:s})}else throw new o(`Profile ${c} could not be found in shared credentials file.`,{logger:s})};var $=(c={})=>async()=>{c.logger?.debug("@aws-sdk/credential-provider-process - fromProcess");const n=await S(c);return x(K(c),n,c.logger)};export{$ as fromProcess};
package/dist/chunk-132c71db605759c9.js CHANGED
@@ -1,2 +1,2 @@
1
1
  // @bun
2
- import{y as h} from"./chunk-7ce930fe69575c87.js";import"./chunk-a0003b7feea6fae6.js";import{kb as _} from"./chunk-3cbc1c9cdc091b43.js";import{nb as N,ob as W,pb as I,sb as v,tb as P} from"./chunk-934ebff128f86ef1.js";var T=h(_(),1);var H=(e)=>e&&(typeof e.sso_start_url==="string"||typeof e.sso_account_id==="string"||typeof e.sso_session==="string"||typeof e.sso_region==="string"||typeof e.sso_role_name==="string");var u=h(_(),1);var K=300000,g="To refresh this SSO session run 'aws sso login' with the corresponding profile.";var R={},b=async(e)=>{const{SSOOIDCClient:r}=await import("./chunk-e9c96f9b825f8de7.js");if(R[e])return R[e];const s=new r({region:e});return R[e]=s,s};var G=async(e,r)=>{const{CreateTokenCommand:s}=await import("./chunk-e9c96f9b825f8de7.js");return(await b(r)).send(new s({clientId:e.clientId,clientSecret:e.clientSecret,refreshToken:e.refreshToken,grantType:"refresh_token"}))};var U=h(_(),1);var D=(e)=>{if(e.expiration&&e.expiration.getTime()<Date.now())throw new U.TokenProviderError(`Token is expired. ${g}`,!1)};var q=h(_(),1);var p=(e,r,s=!1)=>{if(typeof r==="undefined")throw new q.TokenProviderError(`Value not present for '${e}' in SSO Token${s?". Cannot refresh":""}. ${g}`,!1)};import{promises as B} from"fs";var{writeFile:Q}=B,j=(e,r)=>{const s=W(e),t=JSON.stringify(r,null,2);return Q(s,t)};var X=new Date(0),z=(e={})=>async()=>{e.logger?.debug("@aws-sdk/token-providers - fromSso");const r=await P(e),s=N(e),t=r[s];if(!t)throw new u.TokenProviderError(`Profile '${s}' could not be found in shared credentials file.`,!1);else if(!t.sso_session)throw new u.TokenProviderError(`Profile '${s}' is missing required property 'sso_session'.`);const i=t.sso_session,a=(await v(e))[i];if(!a)throw new u.TokenProviderError(`Sso session '${i}' could not be found in shared credentials file.`,!1);for(let n of["sso_start_url","sso_region"])if(!a[n])throw new u.TokenProviderError(`Sso session '${i}' is missing required property '${n}'.`,!1);const{sso_start_url:l,sso_region:f}=a;let o;try{o=await I(i)}catch(n){throw new u.TokenProviderError(`The SSO session token associated with profile=${s} was not found or is invalid. ${g}`,!1)}p("accessToken",o.accessToken),p("expiresAt",o.expiresAt);const{accessToken:E,expiresAt:x}=o,c={token:E,expiration:new Date(x)};if(c.expiration.getTime()-Date.now()>K)return c;if(Date.now()-X.getTime()<30000)return D(c),c;p("clientId",o.clientId,!0),p("clientSecret",o.clientSecret,!0),p("refreshToken",o.refreshToken,!0);try{X.setTime(Date.now());const n=await G(o,f);p("accessToken",n.accessToken),p("expiresIn",n.expiresIn);const w=new Date(Date.now()+n.expiresIn*1000);try{await j(i,{...o,accessToken:n.accessToken,expiresAt:w.toISOString(),refreshToken:n.refreshToken})}catch(C){}return{token:n.accessToken,expiration:w}}catch(n){return D(c),c}};var k=h(_(),1);var y=!1,A=async({ssoStartUrl:e,ssoSession:r,ssoAccountId:s,ssoRegion:t,ssoRoleName:i,ssoClient:S,clientConfig:a,profile:l,logger:f})=>{let o;const E="To refresh this SSO session run aws sso login with the corresponding profile.";if(r)try{const d=await z({profile:l})();o={accessToken:d.token,expiresAt:new Date(d.expiration).toISOString()}}catch(d){throw new k.CredentialsProviderError(d.message,{tryNextLink:y,logger:f})}else try{o=await I(e)}catch(d){throw new k.CredentialsProviderError("The SSO session associated with this profile is invalid. To refresh this SSO session run aws sso login with the corresponding profile.",{tryNextLink:y,logger:f})}if(new Date(o.expiresAt).getTime()-Date.now()<=0)throw new k.CredentialsProviderError("The SSO session associated with this profile has expired. To refresh this SSO session run aws sso login with the corresponding profile.",{tryNextLink:y,logger:f});const{accessToken:x}=o,{SSOClient:c,GetRoleCredentialsCommand:n}=await import("./chunk-2ecc077efab285b4.js"),w=S||new c(Object.assign({},a??{},{region:a?.region??t}));let C;try{C=await w.send(new n({accountId:s,roleName:i,accessToken:x}))}catch(d){throw new k.CredentialsProviderError(d,{tryNextLink:y,logger:f})}const{roleCredentials:{accessKeyId:m,secretAccessKey:O,sessionToken:$,expiration:F,credentialScope:L,accountId:M}={}}=C;if(!m||!O||!$||!F)throw new k.CredentialsProviderError("SSO returns an invalid temporary credential.",{tryNextLink:y,logger:f});return{accessKeyId:m,secretAccessKey:O,sessionToken:$,expiration:new Date(F),...L&&{credentialScope:L},...M&&{accountId:M}}};var J=h(_(),1),V=(e,r)=>{const{sso_start_url:s,sso_account_id:t,sso_region:i,sso_role_name:S}=e;if(!s||!t||!i||!S)throw new J.CredentialsProviderError('Profile is configured with invalid SSO credentials. Required parameters "sso_account_id", '+`"sso_region", "sso_role_name", "sso_start_url". Got ${Object.keys(e).join(", ")}\nReference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html`,{tryNextLink:!1,logger:r});return e};var Ee=(e={})=>async()=>{e.logger?.debug("@aws-sdk/credential-provider-sso - fromSSO");const{ssoStartUrl:r,ssoAccountId:s,ssoRegion:t,ssoRoleName:i,ssoSession:S}=e,{ssoClient:a}=e,l=N(e);if(!r&&!s&&!t&&!i&&!S){const o=(await P(e))[l];if(!o)throw new T.CredentialsProviderError(`Profile ${l} was not found.`,{logger:e.logger});if(!H(o))throw new T.CredentialsProviderError(`Profile ${l} is not configured with SSO credentials.`,{logger:e.logger});if(o?.sso_session){const m=(await v(e))[o.sso_session],O=` configurations in profile ${l} and sso-session ${o.sso_session}`;if(t&&t!==m.sso_region)throw new T.CredentialsProviderError("Conflicting SSO region"+O,{tryNextLink:!1,logger:e.logger});if(r&&r!==m.sso_start_url)throw new T.CredentialsProviderError("Conflicting SSO start_url"+O,{tryNextLink:!1,logger:e.logger});o.sso_region=m.sso_region,o.sso_start_url=m.sso_start_url}const{sso_start_url:E,sso_account_id:x,sso_region:c,sso_role_name:n,sso_session:w}=V(o,e.logger);return A({ssoStartUrl:E,ssoSession:w,ssoAccountId:x,ssoRegion:c,ssoRoleName:n,ssoClient:a,clientConfig:e.clientConfig,profile:l})}else if(!r||!s||!t||!i)throw new T.CredentialsProviderError('Incomplete configuration. The fromSSO() argument hash must include "ssoStartUrl", "ssoAccountId", "ssoRegion", "ssoRoleName"',{tryNextLink:!1,logger:e.logger});else return A({ssoStartUrl:r,ssoSession:S,ssoAccountId:s,ssoRegion:t,ssoRoleName:i,ssoClient:a,clientConfig:e.clientConfig,profile:l})};export{V as validateSsoProfile,H as isSsoProfile,Ee as fromSSO};
2
+ import{y as h} from"./chunk-7ce930fe69575c87.js";import"./chunk-a0003b7feea6fae6.js";import{kb as _} from"./chunk-3cbc1c9cdc091b43.js";import{nb as N,ob as W,pb as I,sb as v,tb as P} from"./chunk-934ebff128f86ef1.js";var T=h(_(),1);var H=(e)=>e&&(typeof e.sso_start_url==="string"||typeof e.sso_account_id==="string"||typeof e.sso_session==="string"||typeof e.sso_region==="string"||typeof e.sso_role_name==="string");var u=h(_(),1);var K=300000,g="To refresh this SSO session run 'aws sso login' with the corresponding profile.";var R={},b=async(e)=>{const{SSOOIDCClient:r}=await import("./chunk-1084614a350762fb.js");if(R[e])return R[e];const s=new r({region:e});return R[e]=s,s};var G=async(e,r)=>{const{CreateTokenCommand:s}=await import("./chunk-1084614a350762fb.js");return(await b(r)).send(new s({clientId:e.clientId,clientSecret:e.clientSecret,refreshToken:e.refreshToken,grantType:"refresh_token"}))};var U=h(_(),1);var D=(e)=>{if(e.expiration&&e.expiration.getTime()<Date.now())throw new U.TokenProviderError(`Token is expired. ${g}`,!1)};var q=h(_(),1);var p=(e,r,s=!1)=>{if(typeof r==="undefined")throw new q.TokenProviderError(`Value not present for '${e}' in SSO Token${s?". Cannot refresh":""}. ${g}`,!1)};import{promises as B} from"fs";var{writeFile:Q}=B,j=(e,r)=>{const s=W(e),t=JSON.stringify(r,null,2);return Q(s,t)};var X=new Date(0),z=(e={})=>async()=>{e.logger?.debug("@aws-sdk/token-providers - fromSso");const r=await P(e),s=N(e),t=r[s];if(!t)throw new u.TokenProviderError(`Profile '${s}' could not be found in shared credentials file.`,!1);else if(!t.sso_session)throw new u.TokenProviderError(`Profile '${s}' is missing required property 'sso_session'.`);const i=t.sso_session,a=(await v(e))[i];if(!a)throw new u.TokenProviderError(`Sso session '${i}' could not be found in shared credentials file.`,!1);for(let n of["sso_start_url","sso_region"])if(!a[n])throw new u.TokenProviderError(`Sso session '${i}' is missing required property '${n}'.`,!1);const{sso_start_url:l,sso_region:f}=a;let o;try{o=await I(i)}catch(n){throw new u.TokenProviderError(`The SSO session token associated with profile=${s} was not found or is invalid. ${g}`,!1)}p("accessToken",o.accessToken),p("expiresAt",o.expiresAt);const{accessToken:E,expiresAt:x}=o,c={token:E,expiration:new Date(x)};if(c.expiration.getTime()-Date.now()>K)return c;if(Date.now()-X.getTime()<30000)return D(c),c;p("clientId",o.clientId,!0),p("clientSecret",o.clientSecret,!0),p("refreshToken",o.refreshToken,!0);try{X.setTime(Date.now());const n=await G(o,f);p("accessToken",n.accessToken),p("expiresIn",n.expiresIn);const w=new Date(Date.now()+n.expiresIn*1000);try{await j(i,{...o,accessToken:n.accessToken,expiresAt:w.toISOString(),refreshToken:n.refreshToken})}catch(C){}return{token:n.accessToken,expiration:w}}catch(n){return D(c),c}};var k=h(_(),1);var y=!1,A=async({ssoStartUrl:e,ssoSession:r,ssoAccountId:s,ssoRegion:t,ssoRoleName:i,ssoClient:S,clientConfig:a,profile:l,logger:f})=>{let o;const E="To refresh this SSO session run aws sso login with the corresponding profile.";if(r)try{const d=await z({profile:l})();o={accessToken:d.token,expiresAt:new Date(d.expiration).toISOString()}}catch(d){throw new k.CredentialsProviderError(d.message,{tryNextLink:y,logger:f})}else try{o=await I(e)}catch(d){throw new k.CredentialsProviderError("The SSO session associated with this profile is invalid. To refresh this SSO session run aws sso login with the corresponding profile.",{tryNextLink:y,logger:f})}if(new Date(o.expiresAt).getTime()-Date.now()<=0)throw new k.CredentialsProviderError("The SSO session associated with this profile has expired. To refresh this SSO session run aws sso login with the corresponding profile.",{tryNextLink:y,logger:f});const{accessToken:x}=o,{SSOClient:c,GetRoleCredentialsCommand:n}=await import("./chunk-897773d66a89947a.js"),w=S||new c(Object.assign({},a??{},{region:a?.region??t}));let C;try{C=await w.send(new n({accountId:s,roleName:i,accessToken:x}))}catch(d){throw new k.CredentialsProviderError(d,{tryNextLink:y,logger:f})}const{roleCredentials:{accessKeyId:m,secretAccessKey:O,sessionToken:$,expiration:F,credentialScope:L,accountId:M}={}}=C;if(!m||!O||!$||!F)throw new k.CredentialsProviderError("SSO returns an invalid temporary credential.",{tryNextLink:y,logger:f});return{accessKeyId:m,secretAccessKey:O,sessionToken:$,expiration:new Date(F),...L&&{credentialScope:L},...M&&{accountId:M}}};var J=h(_(),1),V=(e,r)=>{const{sso_start_url:s,sso_account_id:t,sso_region:i,sso_role_name:S}=e;if(!s||!t||!i||!S)throw new J.CredentialsProviderError('Profile is configured with invalid SSO credentials. Required parameters "sso_account_id", '+`"sso_region", "sso_role_name", "sso_start_url". Got ${Object.keys(e).join(", ")}\nReference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html`,{tryNextLink:!1,logger:r});return e};var Ee=(e={})=>async()=>{e.logger?.debug("@aws-sdk/credential-provider-sso - fromSSO");const{ssoStartUrl:r,ssoAccountId:s,ssoRegion:t,ssoRoleName:i,ssoSession:S}=e,{ssoClient:a}=e,l=N(e);if(!r&&!s&&!t&&!i&&!S){const o=(await P(e))[l];if(!o)throw new T.CredentialsProviderError(`Profile ${l} was not found.`,{logger:e.logger});if(!H(o))throw new T.CredentialsProviderError(`Profile ${l} is not configured with SSO credentials.`,{logger:e.logger});if(o?.sso_session){const m=(await v(e))[o.sso_session],O=` configurations in profile ${l} and sso-session ${o.sso_session}`;if(t&&t!==m.sso_region)throw new T.CredentialsProviderError("Conflicting SSO region"+O,{tryNextLink:!1,logger:e.logger});if(r&&r!==m.sso_start_url)throw new T.CredentialsProviderError("Conflicting SSO start_url"+O,{tryNextLink:!1,logger:e.logger});o.sso_region=m.sso_region,o.sso_start_url=m.sso_start_url}const{sso_start_url:E,sso_account_id:x,sso_region:c,sso_role_name:n,sso_session:w}=V(o,e.logger);return A({ssoStartUrl:E,ssoSession:w,ssoAccountId:x,ssoRegion:c,ssoRoleName:n,ssoClient:a,clientConfig:e.clientConfig,profile:l})}else if(!r||!s||!t||!i)throw new T.CredentialsProviderError('Incomplete configuration. The fromSSO() argument hash must include "ssoStartUrl", "ssoAccountId", "ssoRegion", "ssoRoleName"',{tryNextLink:!1,logger:e.logger});else return A({ssoStartUrl:r,ssoSession:S,ssoAccountId:s,ssoRegion:t,ssoRoleName:i,ssoClient:a,clientConfig:e.clientConfig,profile:l})};export{V as validateSsoProfile,H as isSsoProfile,Ee as fromSSO};
package/dist/chunk-322e991c2b56a79d.js ADDED
@@ -0,0 +1,2 @@
1
+ // @bun
2
+ import"./chunk-7ce930fe69575c87.js";import"./chunk-a0003b7feea6fae6.js";import{jb as v,kb as B} from"./chunk-9b5649697d59dfb4.js";import"./chunk-934ebff128f86ef1.js";import{ub as z,vb as y} from"./chunk-73eed146ee78f681.js";import{parse as p} from"url";import{Buffer as M} from"buffer";import{request as k} from"http";function u(c){return new Promise((I,x)=>{const T=k({method:"GET",...c,hostname:c.hostname?.replace(/^\[(.+)\]$/,"$1")});T.on("error",(N)=>{x(Object.assign(new z("Unable to connect to instance metadata service"),N)),T.destroy()}),T.on("timeout",()=>{x(new z("TimeoutError from instance metadata service")),T.destroy()}),T.on("response",(N)=>{const{statusCode:O=400}=N;if(O<200||300<=O)x(Object.assign(new z("Error response received from instance metadata service"),{statusCode:O})),T.destroy();const E=[];N.on("data",(w)=>{E.push(w)}),N.on("end",()=>{I(M.concat(E)),T.destroy()})}),T.end()})}var K=(c)=>Boolean(c)&&typeof c==="object"&&typeof c.AccessKeyId==="string"&&typeof c.SecretAccessKey==="string"&&typeof c.Token==="string"&&typeof c.Expiration==="string",_=(c)=>({accessKeyId:c.AccessKeyId,secretAccessKey:c.SecretAccessKey,sessionToken:c.Token,expiration:new Date(c.Expiration),...c.AccountId&&{accountId:c.AccountId}});var hc=1000,Yc=0,D=({maxRetries:c=0,timeout:I=1000})=>({maxRetries:c,timeout:I});var m=(c,I)=>{let x=c();for(let T=0;T<I;T++)x=x.catch(c);return x};var Q="AWS_CONTAINER_CREDENTIALS_FULL_URI",X="AWS_CONTAINER_CREDENTIALS_RELATIVE_URI",b="AWS_CONTAINER_AUTHORIZATION_TOKEN",mc=(c={})=>{const{timeout:I,maxRetries:x}=D(c);return()=>m(async()=>{const T=await s({logger:c.logger}),N=JSON.parse(await C(I,T));if(!K(N))throw new y("Invalid response received from instance metadata service.",{logger:c.logger});return _(N)},x)},C=async(c,I)=>{if(process.env[b])I.headers={...I.headers,Authorization:process.env[b]};return(await u({...I,timeout:c})).toString()},a="169.254.170.2",n={localhost:!0,"127.0.0.1":!0},o={"http:":!0,"https:":!0},s=async({logger:c})=>{if(process.env[X])return{hostname:a,path:process.env[X]};if(process.env[Q]){const I=p(process.env[Q]);if(!I.hostname||!(I.hostname in n))throw new y(`${I.hostname} is not a valid container metadata service hostname`,{tryNextLink:!1,logger:c});if(!I.protocol||!(I.protocol in o))throw new y(`${I.protocol} is not a valid container metadata service protocol`,{tryNextLink:!1,logger:c});return{...I,port:I.port?parseInt(I.port,10):void 0}}throw new y("The container metadata credential provider cannot be used unless"+` the ${X} or ${Q} environment`+" variable is set",{tryNextLink:!1,logger:c})};class G extends y{constructor(c,I=!0){super(c,I);this.tryNextLink=I,this.name="InstanceMetadataV1FallbackError",Object.setPrototypeOf(this,G.prototype)}}var A;(function(c){c.IPv4="http://169.254.169.254",c.IPv6="http://[fd00:ec2::254]"})(A||(A={}));var H={environmentVariableSelector:(c)=>c["AWS_EC2_METADATA_SERVICE_ENDPOINT"],configFileSelector:(c)=>c["ec2_metadata_service_endpoint"],default:void 0};var f;(function(c){c.IPv4="IPv4",c.IPv6="IPv6"})(f||(f={}));var g="AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE",l="ec2_metadata_service_endpoint_mode",q={environmentVariableSelector:(c)=>c[g],configFileSelector:(c)=>c[l],default:f.IPv4};var Z=async()=>B(await r()||await d()),r=async()=>v(H)(),d=async()=>{const c=await v(q)();switch(c){case f.IPv4:return A.IPv4;case f.IPv6:return A.IPv6;default:throw new Error(`Unsupported endpoint mode: ${c}.`+` Select from ${Object.values(f)}`)}};var L=(c,I)=>{const x=300+Math.floor(Math.random()*300),T=new Date(Date.now()+x*1000);I.warn("Attempting credential expiration extension due to a credential service availability issue. A refresh of these "+`credentials will be attempted after ${new Date(T)}.\nFor more information, please visit: `+"https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html");const N=c.originalExpiration??c.expiration;return{...c,...N?{originalExpiration:N}:{},expiration:T}};var U=(c,I={})=>{const x=I?.logger||console;let T;return async()=>{let N;try{if(N=await c(),N.expiration&&N.expiration.getTime()<Date.now())N=L(N,x)}catch(O){if(T)x.warn("Credential renew failed: ",O),N=L(T,x);else throw O}return T=N,N}};var P="/latest/meta-data/iam/security-credentials/",e="/latest/api/token",W="AWS_EC2_METADATA_V1_DISABLED",t="ec2_metadata_v1_disabled",F="x-aws-ec2-metadata-token",oc=(c={})=>U(i(c),{logger:c.logger}),i=(c={})=>{let I=!1;const{logger:x,profile:T}=c,{timeout:N,maxRetries:O}=D(c),E=async(w,$)=>{if(I||$.headers?.[F]==null){let h=!1,Y=!1;const R=await v({environmentVariableSelector:(S)=>{const j=S[W];if(Y=!!j&&j!=="false",j===void 0)throw new y(`${W} not set in env, checking config file next.`,{logger:c.logger});return Y},configFileSelector:(S)=>{const j=S[t];return h=!!j&&j!=="false",h},default:!1},{profile:T})();if(c.ec2MetadataV1Disabled||R){const S=[];if(c.ec2MetadataV1Disabled)S.push("credential provider initialization (runtime option ec2MetadataV1Disabled)");if(h)S.push(`config file profile (${t})`);if(Y)S.push(`process environment variable (${W})`);throw new G(`AWS EC2 Metadata v1 fallback has been blocked by AWS SDK configuration in the following: [${S.join(", ")}].`)}}const V=(await m(async()=>{let h;try{h=await Ic($)}catch(Y){if(Y.statusCode===401)I=!1;throw Y}return h},w)).trim();return m(async()=>{let h;try{h=await Tc(V,$,c)}catch(Y){if(Y.statusCode===401)I=!1;throw Y}return h},w)};return async()=>{const w=await Z();if(I)return x?.debug("AWS SDK Instance Metadata","using v1 fallback (no token fetch)"),E(O,{...w,timeout:N});else{let $;try{$=(await cc({...w,timeout:N})).toString()}catch(J){if(J?.statusCode===400)throw Object.assign(J,{message:"EC2 Metadata token request returned error"});else if(J.message==="TimeoutError"||[403,404,405].includes(J.statusCode))I=!0;return x?.debug("AWS SDK Instance Metadata","using v1 fallback (initial)"),E(O,{...w,timeout:N})}return E(O,{...w,headers:{[F]:$},timeout:N})}}},cc=async(c)=>u({...c,path:e,method:"PUT",headers:{"x-aws-ec2-metadata-token-ttl-seconds":"21600"}}),Ic=async(c)=>(await u({...c,path:P})).toString(),Tc=async(c,I,x)=>{const T=JSON.parse((await u({...I,path:P+c})).toString());if(!K(T))throw new y("Invalid response received from instance metadata service.",{logger:x.logger});return _(T)};export{D as providerConfigFromInit,u as httpRequest,Z as getInstanceMetadataEndpoint,oc as fromInstanceMetadata,mc as fromContainerMetadata,A as Endpoint,X as ENV_CMDS_RELATIVE_URI,Q as ENV_CMDS_FULL_URI,b as ENV_CMDS_AUTH_TOKEN,hc as DEFAULT_TIMEOUT,Yc as DEFAULT_MAX_RETRIES};