gemi 0.4.79 → 0.4.80

package/dist/{chunk-f7784dffc6c59a9e.js → chunk-9475c6ed18013dc8.js}

@@ -1,2 +1,2 @@
 import{AsyncLocalStorage as e} from"async_hooks";var t=new e;class o{static getStore=()=>t.getStore()}
-export{t as y,o as z};
+export{t as z,o as A};

package/dist/chunk-a7246b5b3e2f2366.js

@@ -0,0 +1,2 @@
+// @bun
+import"./chunk-357d6f34be7eafaa.js";import{B as $} from"./chunk-24a86f8f5ddc0cbd.js";import"./chunk-ff8cd8fd047cfee5.js";import{$ as Pe,O as nr,P as or,Q as dr,R as yr,V as H,W as ee,X as re,Y as tr,Z as Ie,_ as Re,aa as ar,ba as Ae,ca as Ke,da as Me,ea as Be,fa as mr,ga as wr,ia as E,ja as S,ka as kr,la as Le,ma as Qe,na as vr,oa as Xe,pa as Er,qa as q,ra as Ye,sa as Ze,ta as He,ua as Ne,va as ir,wa as lr} from"./chunk-02ba977a552fd2da.js";import{$a as F,Ba as be,Ca as cr,Ga as je,Ha as Fe,Ja as De,Ka as qe,Na as Je,Oa as Ve,Ua as v,Va as t,Wa as Vr,Ya as _,Za as b,_a as j,ab as h,hb as Sr,ib as a,jb as jr,kb as We,lb as fe,mb as rr,nb as sr,pb as d,qb as o,sb as I,xa as ue,ya as er} from"./chunk-1e6b656dc70ab1fd.js";import"./chunk-6a97611e6bd65152.js";import{ub as R,vb as Ue} from"./chunk-c22e0fc22de0403a.js";import"./chunk-5ddf530ee3afe1d4.js";import{xb as Ce} from"./chunk-55c7fe17750b0378.js";import"./chunk-813a4c185ab4c0c0.js";var P=$(H(),1);var se=$(q(),1);var Mr=function(e){return{schemeId:"aws.auth#sigv4",signingProperties:{name:"sso-oauth",region:e.region},propertiesExtractor:(s,r)=>({signingProperties:{config:s,context:r}})}},Z=function(e){return{schemeId:"smithy.api#noAuth"}},ie=async(e,s,r)=>{return{operation:ee(s).operation,region:await re(e.region)()||(()=>{throw new Error("expected `region` to be configured for `aws.auth#sigv4`")})()}},le=(e)=>{const s=[];switch(e.operation){case"CreateToken":{s.push(Z(e));break}case"RegisterClient":{s.push(Z(e));break}case"StartDeviceAuthorization":{s.push(Z(e));break}default:s.push(Mr(e))}return s},he=(e)=>{return{...se.resolveAwsSdkSigV4Config(e)}};var ne=(e)=>{return{...e,useDualstackEndpoint:e.useDualstackEndpoint??!1,useFipsEndpoint:e.useFipsEndpoint??!1,defaultSigningName:"sso-oauth"}},k={UseFIPS:{type:"builtInParams",name:"useFipsEndpoint"},Endpoint:{type:"builtInParams",name:"endpoint"},Region:{type:"builtInParams",name:"region"},UseDualStack:{type:"builtInParams",name:"useDualstackEndpoint"}};var oe={name:"@aws-sdk/client-sso-oidc",description:"AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native",version:"3.629.0",scripts:{build:"concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'","build:cjs":"node ../../scripts/compilation/inline client-sso-oidc","build:es":"tsc -p tsconfig.es.json","build:include:deps":"lerna run --scope $npm_package_name --include-dependencies build","build:types":"tsc -p tsconfig.types.json","build:types:downlevel":"downlevel-dts dist-types dist-types/ts3.4",clean:"rimraf ./dist-* && rimraf *.tsbuildinfo","extract:docs":"api-extractor run --local","generate:client":"node ../../scripts/generate-clients/single-service --solo sso-oidc"},main:"./dist-cjs/index.js",types:"./dist-types/index.d.ts",module:"./dist-es/index.js",sideEffects:!1,dependencies:{"@aws-crypto/sha256-browser":"5.2.0","@aws-crypto/sha256-js":"5.2.0","@aws-sdk/core":"3.629.0","@aws-sdk/credential-provider-node":"3.629.0","@aws-sdk/middleware-host-header":"3.620.0","@aws-sdk/middleware-logger":"3.609.0","@aws-sdk/middleware-recursion-detection":"3.620.0","@aws-sdk/middleware-user-agent":"3.620.0","@aws-sdk/region-config-resolver":"3.614.0","@aws-sdk/types":"3.609.0","@aws-sdk/util-endpoints":"3.614.0","@aws-sdk/util-user-agent-browser":"3.609.0","@aws-sdk/util-user-agent-node":"3.614.0","@smithy/config-resolver":"^3.0.5","@smithy/core":"^2.3.2","@smithy/fetch-http-handler":"^3.2.4","@smithy/hash-node":"^3.0.3","@smithy/invalid-dependency":"^3.0.3","@smithy/middleware-content-length":"^3.0.5","@smithy/middleware-endpoint":"^3.1.0","@smithy/middleware-retry":"^3.0.14","@smithy/middleware-serde":"^3.0.3","@smithy/middleware-stack":"^3.0.3","@smithy/node-config-provider":"^3.1.4","@smithy/node-http-handler":"^3.1.4","@smithy/protocol-http":"^4.1.0","@smithy/smithy-client":"^3.1.12","@smithy/types":"^3.3.0","@smithy/url-parser":"^3.0.3","@smithy/util-base64":"^3.0.0","@smithy/util-body-length-browser":"^3.0.0","@smithy/util-body-length-node":"^3.0.0","@smithy/util-defaults-mode-browser":"^3.0.14","@smithy/util-defaults-mode-node":"^3.0.14","@smithy/util-endpoints":"^2.0.5","@smithy/util-middleware":"^3.0.3","@smithy/util-retry":"^3.0.3","@smithy/util-utf8":"^3.0.0",tslib:"^2.6.2"},devDependencies:{"@tsconfig/node16":"16.1.3","@types/node":"^16.18.96",concurrently:"7.0.0","downlevel-dts":"0.10.1",rimraf:"3.0.2",typescript:"~4.9.5"},engines:{node:">=16.0.0"},typesVersions:{"<4.0":{"dist-types/*":["dist-types/ts3.4/*"]}},files:["dist-*/**"],author:{name:"AWS SDK for JavaScript Team",url:"https://aws.amazon.com/javascript/"},license:"Apache-2.0",peerDependencies:{"@aws-sdk/client-sts":"^3.629.0"},browser:{"./dist-es/runtimeConfig":"./dist-es/runtimeConfig.browser"},"react-native":{"./dist-es/runtimeConfig":"./dist-es/runtimeConfig.native"},homepage:"https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc",repository:{type:"git",url:"https://github.com/aws/aws-sdk-js-v3.git",directory:"clients/client-sso-oidc"}};var _e=$(q(),1);var xe=$(q(),1),ze=$(H(),1);var de={["required"]:!1,type:"String"},ye={["required"]:!0,default:!1,type:"Boolean"},ce={["ref"]:"Endpoint"},ve={["fn"]:"booleanEquals",["argv"]:[{["ref"]:"UseFIPS"},!0]},Ee={["fn"]:"booleanEquals",["argv"]:[{["ref"]:"UseDualStack"},!0]},m={},te={["fn"]:"getAttr",["argv"]:[{["ref"]:"PartitionResult"},"supportsFIPS"]},Se={["ref"]:"PartitionResult"},ae={["fn"]:"booleanEquals",["argv"]:[!0,{["fn"]:"getAttr",["argv"]:[Se,"supportsDualStack"]}]},me=[ve],we=[Ee],ke=[{["ref"]:"Region"}],Lr={version:"1.0",parameters:{Region:de,UseDualStack:ye,UseFIPS:ye,Endpoint:de},rules:[{conditions:[{["fn"]:"isSet",["argv"]:[ce]}],rules:[{conditions:me,error:"Invalid Configuration: FIPS and custom endpoint are not supported",type:"error"},{conditions:we,error:"Invalid Configuration: Dualstack and custom endpoint are not supported",type:"error"},{endpoint:{url:ce,properties:m,headers:m},type:"endpoint"}],type:"tree"},{conditions:[{["fn"]:"isSet",["argv"]:ke}],rules:[{conditions:[{["fn"]:"aws.partition",["argv"]:ke,assign:"PartitionResult"}],rules:[{conditions:[ve,Ee],rules:[{conditions:[{["fn"]:"booleanEquals",["argv"]:[!0,te]},ae],rules:[{endpoint:{url:"https://oidc-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:m,headers:m},type:"endpoint"}],type:"tree"},{error:"FIPS and DualStack are enabled, but this partition does not support one or both",type:"error"}],type:"tree"},{conditions:me,rules:[{conditions:[{["fn"]:"booleanEquals",["argv"]:[te,!0]}],rules:[{conditions:[{["fn"]:"stringEquals",["argv"]:[{["fn"]:"getAttr",["argv"]:[Se,"name"]},"aws-us-gov"]}],endpoint:{url:"https://oidc.{Region}.amazonaws.com",properties:m,headers:m},type:"endpoint"},{endpoint:{url:"https://oidc-fips.{Region}.{PartitionResult#dnsSuffix}",properties:m,headers:m},type:"endpoint"}],type:"tree"},{error:"FIPS is enabled but this partition does not support FIPS",type:"error"}],type:"tree"},{conditions:we,rules:[{conditions:[ae],rules:[{endpoint:{url:"https://oidc.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:m,headers:m},type:"endpoint"}],type:"tree"},{error:"DualStack is enabled but this partition does not support DualStack",type:"error"}],type:"tree"},{endpoint:{url:"https://oidc.{Region}.{PartitionResult#dnsSuffix}",properties:m,headers:m},type:"endpoint"}],type:"tree"}],type:"tree"},{error:"Invalid Configuration: Missing Region",type:"error"}]},$e=Lr;var Te=(e,s={})=>{return Re($e,{endpointParams:e,logger:s.logger})};Ie.aws=Pe;var Ge=(e)=>{return{apiVersion:"2019-06-10",base64Decoder:e?.base64Decoder??je,base64Encoder:e?.base64Encoder??qe,disableHostPrefix:e?.disableHostPrefix??!1,endpointProvider:e?.endpointProvider??Te,extensions:e?.extensions??[],httpAuthSchemeProvider:e?.httpAuthSchemeProvider??le,httpAuthSchemes:e?.httpAuthSchemes??[{schemeId:"aws.auth#sigv4",identityProvider:(s)=>s.getIdentityProvider("aws.auth#sigv4"),signer:new xe.AwsSdkSigV4Signer},{schemeId:"smithy.api#noAuth",identityProvider:(s)=>s.getIdentityProvider("smithy.api#noAuth")||(async()=>({})),signer:new ze.NoAuthSigner}],logger:e?.logger??new be,serviceId:e?.serviceId??"SSO OIDC",urlParser:e?.urlParser??Ue,utf8Decoder:e?.utf8Decoder??Fe,utf8Encoder:e?.utf8Encoder??De}};var pe=(e)=>{fe(process.version);const s=Ne(e),r=()=>s().then(We),i=Ge(e);return _e.emitWarningIfUnsupportedVersion(process.version),{...i,...e,runtime:"node",defaultsMode:s,bodyLengthChecker:e?.bodyLengthChecker??He,credentialDefaultProvider:e?.credentialDefaultProvider??Ce,defaultUserAgentProvider:e?.defaultUserAgentProvider??Ye({serviceId:i.serviceId,clientVersion:oe.version}),maxAttempts:e?.maxAttempts??R(Qe),region:e?.region??R(Me,Be),requestHandler:Je.create(e?.requestHandler??r),retryMode:e?.retryMode??R({...Xe,default:async()=>(await r()).retryMode||Le}),sha256:e?.sha256??Ze.bind(null,"sha256"),streamCollector:e?.streamCollector??Ve,useDualstackEndpoint:e?.useDualstackEndpoint??R(Ae),useFipsEndpoint:e?.useFipsEndpoint??R(Ke)}};var ge=(e)=>{const s=e.httpAuthSchemes;let{httpAuthSchemeProvider:r,credentials:i}=e;return{setHttpAuthScheme(l){const n=s.findIndex((T)=>T.schemeId===l.schemeId);if(n===-1)s.push(l);else s.splice(n,1,l)},httpAuthSchemes(){return s},setHttpAuthSchemeProvider(l){r=l},httpAuthSchemeProvider(){return r},setCredentials(l){i=l},credentials(){return i}}},Oe=(e)=>{return{httpAuthSchemes:e.httpAuthSchemes(),httpAuthSchemeProvider:e.httpAuthSchemeProvider(),credentials:e.credentials()}};var U=(e)=>e,hr=(e,s)=>{const r={...U(ir(e)),...U(rr(e)),...U(ue(e)),...U(ge(e))};return s.forEach((i)=>i.configure(r)),{...e,...lr(r),...sr(r),...er(r),...Oe(r)}};class N extends cr{constructor(...[e]){const s=pe(e||{}),r=ne(s),i=tr(r),l=vr(i),n=mr(l),T=nr(n),fr=kr(T),Ar=he(fr),u=hr(Ar,e?.extensions||[]);super(u);this.config=u,this.middlewareStack.use(ar(this.config)),this.middlewareStack.use(Er(this.config)),this.middlewareStack.use(wr(this.config)),this.middlewareStack.use(or(this.config)),this.middlewareStack.use(dr(this.config)),this.middlewareStack.use(yr(this.config)),this.middlewareStack.use(P.getHttpAuthSchemeEndpointRuleSetPlugin(this.config,{httpAuthSchemeParametersProvider:ie,identityProviderConfigProvider:async(Kr)=>new P.DefaultIdentityProviderConfig({"aws.auth#sigv4":Kr.credentials})})),this.middlewareStack.use(P.getHttpSigningPlugin(this.config))}destroy(){super.destroy()}}class y extends Sr{constructor(e){super(e);Object.setPrototypeOf(this,y.prototype)}}class x extends y{constructor(e){super({name:"AccessDeniedException",$fault:"client",...e});this.name="AccessDeniedException",this.$fault="client",Object.setPrototypeOf(this,x.prototype),this.error=e.error,this.error_description=e.error_description}}class z extends y{constructor(e){super({name:"AuthorizationPendingException",$fault:"client",...e});this.name="AuthorizationPendingException",this.$fault="client",Object.setPrototypeOf(this,z.prototype),this.error=e.error,this.error_description=e.error_description}}class G extends y{constructor(e){super({name:"ExpiredTokenException",$fault:"client",...e});this.name="ExpiredTokenException",this.$fault="client",Object.setPrototypeOf(this,G.prototype),this.error=e.error,this.error_description=e.error_description}}class J extends y{constructor(e){super({name:"InternalServerException",$fault:"server",...e});this.name="InternalServerException",this.$fault="server",Object.setPrototypeOf(this,J.prototype),this.error=e.error,this.error_description=e.error_description}}class V extends y{constructor(e){super({name:"InvalidClientException",$fault:"client",...e});this.name="InvalidClientException",this.$fault="client",Object.setPrototypeOf(this,V.prototype),this.error=e.error,this.error_description=e.error_description}}class W extends y{constructor(e){super({name:"InvalidGrantException",$fault:"client",...e});this.name="InvalidGrantException",this.$fault="client",Object.setPrototypeOf(this,W.prototype),this.error=e.error,this.error_description=e.error_description}}class f extends y{constructor(e){super({name:"InvalidRequestException",$fault:"client",...e});this.name="InvalidRequestException",this.$fault="client",Object.setPrototypeOf(this,f.prototype),this.error=e.error,this.error_description=e.error_description}}class A extends y{constructor(e){super({name:"InvalidScopeException",$fault:"client",...e});this.name="InvalidScopeException",this.$fault="client",Object.setPrototypeOf(this,A.prototype),this.error=e.error,this.error_description=e.error_description}}class K extends y{constructor(e){super({name:"SlowDownException",$fault:"client",...e});this.name="SlowDownException",this.$fault="client",Object.setPrototypeOf(this,K.prototype),this.error=e.error,this.error_description=e.error_description}}class M extends y{constructor(e){super({name:"UnauthorizedClientException",$fault:"client",...e});this.name="UnauthorizedClientException",this.$fault="client",Object.setPrototypeOf(this,M.prototype),this.error=e.error,this.error_description=e.error_description}}class B extends y{constructor(e){super({name:"UnsupportedGrantTypeException",$fault:"client",...e});this.name="UnsupportedGrantTypeException",this.$fault="client",Object.setPrototypeOf(this,B.prototype),this.error=e.error,this.error_description=e.error_description}}class L extends y{constructor(e){super({name:"InvalidRequestRegionException",$fault:"client",...e});this.name="InvalidRequestRegionException",this.$fault="client",Object.setPrototypeOf(this,L.prototype),this.error=e.error,this.error_description=e.error_description,this.endpoint=e.endpoint,this.region=e.region}}class Q extends y{constructor(e){super({name:"InvalidClientMetadataException",$fault:"client",...e});this.name="InvalidClientMetadataException",this.$fault="client",Object.setPrototypeOf(this,Q.prototype),this.error=e.error,this.error_description=e.error_description}}class X extends y{constructor(e){super({name:"InvalidRedirectUriException",$fault:"client",...e});this.name="InvalidRedirectUriException",this.$fault="client",Object.setPrototypeOf(this,X.prototype),this.error=e.error,this.error_description=e.error_description}}var $r=(e)=>({...e,...e.clientSecret&&{clientSecret:t},...e.refreshToken&&{refreshToken:t},...e.codeVerifier&&{codeVerifier:t}}),Ir=(e)=>({...e,...e.accessToken&&{accessToken:t},...e.refreshToken&&{refreshToken:t},...e.idToken&&{idToken:t}}),Rr=(e)=>({...e,...e.refreshToken&&{refreshToken:t},...e.assertion&&{assertion:t},...e.subjectToken&&{subjectToken:t},...e.codeVerifier&&{codeVerifier:t}}),Pr=(e)=>({...e,...e.accessToken&&{accessToken:t},...e.refreshToken&&{refreshToken:t},...e.idToken&&{idToken:t}}),Tr=(e)=>({...e,...e.clientSecret&&{clientSecret:t}}),br=(e)=>({...e,...e.clientSecret&&{clientSecret:t}});var w=$(q(),1),D=$(H(),1);var Fr=async(e,s)=>{const r=D.requestBuilder(e,s),i={"content-type":"application/json"};r.bp("/token");let l;return l=JSON.stringify(o(e,{clientId:[],clientSecret:[],code:[],codeVerifier:[],deviceCode:[],grantType:[],redirectUri:[],refreshToken:[],scope:(n)=>I(n)})),r.m("POST").h(i).b(l),r.build()},Dr=async(e,s)=>{const r=D.requestBuilder(e,s),i={"content-type":"application/json"};r.bp("/token");const l=d({[is]:[,"t"]});let n;return n=JSON.stringify(o(e,{assertion:[],clientId:[],code:[],codeVerifier:[],grantType:[],redirectUri:[],refreshToken:[],requestedTokenType:[],scope:(T)=>I(T),subjectToken:[],subjectTokenType:[]})),r.m("POST").h(i).q(l).b(n),r.build()},qr=async(e,s)=>{const r=D.requestBuilder(e,s),i={"content-type":"application/json"};r.bp("/client/register");let l;return l=JSON.stringify(o(e,{clientName:[],clientType:[],entitledApplicationArn:[],grantTypes:(n)=>I(n),issuerUrl:[],redirectUris:(n)=>I(n),scopes:(n)=>I(n)})),r.m("POST").h(i).b(l),r.build()},Ur=async(e,s)=>{const r=D.requestBuilder(e,s),i={"content-type":"application/json"};r.bp("/device_authorization");let l;return l=JSON.stringify(o(e,{clientId:[],clientSecret:[],startUrl:[]})),r.m("POST").h(i).b(l),r.build()},xr=async(e,s)=>{if(e.statusCode!==200&&e.statusCode>=300)return Y(e,s);const r=d({$metadata:c(e)}),i=j(F(await w.parseJsonBody(e.body,s)),"body"),l=o(i,{accessToken:h,expiresIn:b,idToken:h,refreshToken:h,tokenType:h});return Object.assign(r,l),r},zr=async(e,s)=>{if(e.statusCode!==200&&e.statusCode>=300)return Y(e,s);const r=d({$metadata:c(e)}),i=j(F(await w.parseJsonBody(e.body,s)),"body"),l=o(i,{accessToken:h,expiresIn:b,idToken:h,issuedTokenType:h,refreshToken:h,scope:I,tokenType:h});return Object.assign(r,l),r},Gr=async(e,s)=>{if(e.statusCode!==200&&e.statusCode>=300)return Y(e,s);const r=d({$metadata:c(e)}),i=j(F(await w.parseJsonBody(e.body,s)),"body"),l=o(i,{authorizationEndpoint:h,clientId:h,clientIdIssuedAt:_,clientSecret:h,clientSecretExpiresAt:_,tokenEndpoint:h});return Object.assign(r,l),r},Jr=async(e,s)=>{if(e.statusCode!==200&&e.statusCode>=300)return Y(e,s);const r=d({$metadata:c(e)}),i=j(F(await w.parseJsonBody(e.body,s)),"body"),l=o(i,{deviceCode:h,expiresIn:b,interval:b,userCode:h,verificationUri:h,verificationUriComplete:h});return Object.assign(r,l),r},Y=async(e,s)=>{const r={...e,body:await w.parseJsonErrorBody(e.body,s)},i=w.loadRestJsonErrorCode(e,r.body);switch(i){case"AccessDeniedException":case"com.amazonaws.ssooidc#AccessDeniedException":throw await Xr(r,s);case"AuthorizationPendingException":case"com.amazonaws.ssooidc#AuthorizationPendingException":throw await Yr(r,s);case"ExpiredTokenException":case"com.amazonaws.ssooidc#ExpiredTokenException":throw await Zr(r,s);case"InternalServerException":case"com.amazonaws.ssooidc#InternalServerException":throw await Hr(r,s);case"InvalidClientException":case"com.amazonaws.ssooidc#InvalidClientException":throw await Nr(r,s);case"InvalidGrantException":case"com.amazonaws.ssooidc#InvalidGrantException":throw await pr(r,s);case"InvalidRequestException":case"com.amazonaws.ssooidc#InvalidRequestException":throw await gr(r,s);case"InvalidScopeException":case"com.amazonaws.ssooidc#InvalidScopeException":throw await ur(r,s);case"SlowDownException":case"com.amazonaws.ssooidc#SlowDownException":throw await es(r,s);case"UnauthorizedClientException":case"com.amazonaws.ssooidc#UnauthorizedClientException":throw await rs(r,s);case"UnsupportedGrantTypeException":case"com.amazonaws.ssooidc#UnsupportedGrantTypeException":throw await ss(r,s);case"InvalidRequestRegionException":case"com.amazonaws.ssooidc#InvalidRequestRegionException":throw await Or(r,s);case"InvalidClientMetadataException":case"com.amazonaws.ssooidc#InvalidClientMetadataException":throw await _r(r,s);case"InvalidRedirectUriException":case"com.amazonaws.ssooidc#InvalidRedirectUriException":throw await Cr(r,s);default:const l=r.body;return Qr({output:e,parsedBody:l,errorCode:i})}},Qr=jr(y),Xr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new x({$metadata:c(e),...r});return a(n,e.body)},Yr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new z({$metadata:c(e),...r});return a(n,e.body)},Zr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new G({$metadata:c(e),...r});return a(n,e.body)},Hr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new J({$metadata:c(e),...r});return a(n,e.body)},Nr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new V({$metadata:c(e),...r});return a(n,e.body)},_r=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new Q({$metadata:c(e),...r});return a(n,e.body)},pr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new W({$metadata:c(e),...r});return a(n,e.body)},Cr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new X({$metadata:c(e),...r});return a(n,e.body)},gr=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new f({$metadata:c(e),...r});return a(n,e.body)},Or=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{endpoint:h,error:h,error_description:h,region:h});Object.assign(r,l);const n=new L({$metadata:c(e),...r});return a(n,e.body)},ur=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new A({$metadata:c(e),...r});return a(n,e.body)},es=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new K({$metadata:c(e),...r});return a(n,e.body)},rs=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new M({$metadata:c(e),...r});return a(n,e.body)},ss=async(e,s)=>{const r=d({}),i=e.body,l=o(i,{error:h,error_description:h});Object.assign(r,l);const n=new B({$metadata:c(e),...r});return a(n,e.body)},c=(e)=>({httpStatusCode:e.statusCode,requestId:e.headers["x-amzn-requestid"]??e.headers["x-amzn-request-id"]??e.headers["x-amz-request-id"],extendedRequestId:e.headers["x-amz-id-2"],cfId:e.headers["x-amz-cf-id"]});var is="aws_iam";class p extends v.classBuilder().ep({...k}).m(function(e,s,r,i){return[E(r,this.serialize,this.deserialize),S(r,e.getEndpointParameterInstructions())]}).s("AWSSSOOIDCService","CreateToken",{}).n("SSOOIDCClient","CreateTokenCommand").f($r,Ir).ser(Fr).de(xr).build(){}class C extends v.classBuilder().ep({...k}).m(function(e,s,r,i){return[E(r,this.serialize,this.deserialize),S(r,e.getEndpointParameterInstructions())]}).s("AWSSSOOIDCService","CreateTokenWithIAM",{}).n("SSOOIDCClient","CreateTokenWithIAMCommand").f(Rr,Pr).ser(Dr).de(zr).build(){}class g extends v.classBuilder().ep({...k}).m(function(e,s,r,i){return[E(r,this.serialize,this.deserialize),S(r,e.getEndpointParameterInstructions())]}).s("AWSSSOOIDCService","RegisterClient",{}).n("SSOOIDCClient","RegisterClientCommand").f(void 0,Tr).ser(qr).de(Gr).build(){}class O extends v.classBuilder().ep({...k}).m(function(e,s,r,i){return[E(r,this.serialize,this.deserialize),S(r,e.getEndpointParameterInstructions())]}).s("AWSSSOOIDCService","StartDeviceAuthorization",{}).n("SSOOIDCClient","StartDeviceAuthorizationCommand").f(br,void 0).ser(Ur).de(Jr).build(){}var ls={CreateTokenCommand:p,CreateTokenWithIAMCommand:C,RegisterClientCommand:g,StartDeviceAuthorizationCommand:O};class Wr extends N{}Vr(ls,Wr);export{cr as __Client,B as UnsupportedGrantTypeException,M as UnauthorizedClientException,br as StartDeviceAuthorizationRequestFilterSensitiveLog,O as StartDeviceAuthorizationCommand,K as SlowDownException,y as SSOOIDCServiceException,N as SSOOIDCClient,Wr as SSOOIDC,Tr as RegisterClientResponseFilterSensitiveLog,g as RegisterClientCommand,A as InvalidScopeException,L as InvalidRequestRegionException,f as InvalidRequestException,X as InvalidRedirectUriException,W as InvalidGrantException,Q as InvalidClientMetadataException,V as InvalidClientException,J as InternalServerException,G as ExpiredTokenException,Pr as CreateTokenWithIAMResponseFilterSensitiveLog,Rr as CreateTokenWithIAMRequestFilterSensitiveLog,C as CreateTokenWithIAMCommand,Ir as CreateTokenResponseFilterSensitiveLog,$r as CreateTokenRequestFilterSensitiveLog,p as CreateTokenCommand,z as AuthorizationPendingException,x as AccessDeniedException,v as $Command};

package/dist/{chunk-e20c0e69128c42f5.js → chunk-aebf7df48200842b.js}

@@ -1,2 +1,2 @@
 // @bun
-import{A as K} from"./chunk-e3d242546d1a2927.js";import"./chunk-ed4022c20775d58f.js";import{sb as v,tb as P} from"./chunk-1488c30be491de9b.js";import{ub as _} from"./chunk-9ca526226958d45c.js";import"./chunk-827fe74e5b55863c.js";var m=K(_(),1);import{parse as o} from"url";var z=K(_(),1);import{Buffer as a} from"buffer";import{request as n} from"http";function f(c){return new Promise((I,x)=>{const T=n({method:"GET",...c,hostname:c.hostname?.replace(/^\[(.+)\]$/,"$1")});T.on("error",(N)=>{x(Object.assign(new z.ProviderError("Unable to connect to instance metadata service"),N)),T.destroy()}),T.on("timeout",()=>{x(new z.ProviderError("TimeoutError from instance metadata service")),T.destroy()}),T.on("response",(N)=>{const{statusCode:O=400}=N;if(O<200||300<=O)x(Object.assign(new z.ProviderError("Error response received from instance metadata service"),{statusCode:O})),T.destroy();const u=[];N.on("data",(y)=>{u.push(y)}),N.on("end",()=>{I(a.concat(u)),T.destroy()})}),T.end()})}var D=(c)=>Boolean(c)&&typeof c==="object"&&typeof c.AccessKeyId==="string"&&typeof c.SecretAccessKey==="string"&&typeof c.Token==="string"&&typeof c.Expiration==="string",G=(c)=>({accessKeyId:c.AccessKeyId,secretAccessKey:c.SecretAccessKey,sessionToken:c.Token,expiration:new Date(c.Expiration),...c.AccountId&&{accountId:c.AccountId}});var fc=1000,uc=0,Q=({maxRetries:c=0,timeout:I=1000})=>({maxRetries:c,timeout:I});var J=(c,I)=>{let x=c();for(let T=0;T<I;T++)x=x.catch(c);return x};var Z="AWS_CONTAINER_CREDENTIALS_FULL_URI",L="AWS_CONTAINER_CREDENTIALS_RELATIVE_URI",B="AWS_CONTAINER_AUTHORIZATION_TOKEN",zc=(c={})=>{const{timeout:I,maxRetries:x}=Q(c);return()=>J(async()=>{const T=await d({logger:c.logger}),N=JSON.parse(await s(I,T));if(!D(N))throw new m.CredentialsProviderError("Invalid response received from instance metadata service.",{logger:c.logger});return G(N)},x)},s=async(c,I)=>{if(process.env[B])I.headers={...I.headers,Authorization:process.env[B]};return(await f({...I,timeout:c})).toString()},g="169.254.170.2",l={localhost:!0,"127.0.0.1":!0},r={"http:":!0,"https:":!0},d=async({logger:c})=>{if(process.env[L])return{hostname:g,path:process.env[L]};if(process.env[Z]){const I=o(process.env[Z]);if(!I.hostname||!(I.hostname in l))throw new m.CredentialsProviderError(`${I.hostname} is not a valid container metadata service hostname`,{tryNextLink:!1,logger:c});if(!I.protocol||!(I.protocol in r))throw new m.CredentialsProviderError(`${I.protocol} is not a valid container metadata service protocol`,{tryNextLink:!1,logger:c});return{...I,port:I.port?parseInt(I.port,10):void 0}}throw new m.CredentialsProviderError("The container metadata credential provider cannot be used unless"+` the ${L} or ${Z} environment`+" variable is set",{tryNextLink:!1,logger:c})};var q=K(_(),1);var U=K(_(),1);class X extends U.CredentialsProviderError{constructor(c,I=!0){super(c,I);this.tryNextLink=I,this.name="InstanceMetadataV1FallbackError",Object.setPrototypeOf(this,X.prototype)}}var j;(function(c){c.IPv4="http://169.254.169.254",c.IPv6="http://[fd00:ec2::254]"})(j||(j={}));var t={environmentVariableSelector:(c)=>c["AWS_EC2_METADATA_SERVICE_ENDPOINT"],configFileSelector:(c)=>c["ec2_metadata_service_endpoint"],default:void 0};var S;(function(c){c.IPv4="IPv4",c.IPv6="IPv6"})(S||(S={}));var e="AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE",i="ec2_metadata_service_endpoint_mode",F={environmentVariableSelector:(c)=>c[e],configFileSelector:(c)=>c[i],default:S.IPv4};var W=async()=>P(await cc()||await Ic()),cc=async()=>v(t)(),Ic=async()=>{const c=await v(F)();switch(c){case S.IPv4:return j.IPv4;case S.IPv6:return j.IPv6;default:throw new Error(`Unsupported endpoint mode: ${c}.`+` Select from ${Object.values(S)}`)}};var b=(c,I)=>{const x=300+Math.floor(Math.random()*300),T=new Date(Date.now()+x*1000);I.warn("Attempting credential expiration extension due to a credential service availability issue. A refresh of these "+`credentials will be attempted after ${new Date(T)}.\nFor more information, please visit: `+"https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html");const N=c.originalExpiration??c.expiration;return{...c,...N?{originalExpiration:N}:{},expiration:T}};var V=(c,I={})=>{const x=I?.logger||console;let T;return async()=>{let N;try{if(N=await c(),N.expiration&&N.expiration.getTime()<Date.now())N=b(N,x)}catch(O){if(T)x.warn("Credential renew failed: ",O),N=b(T,x);else throw O}return T=N,N}};var k="/latest/meta-data/iam/security-credentials/",Tc="/latest/api/token",H="AWS_EC2_METADATA_V1_DISABLED",R="ec2_metadata_v1_disabled",M="x-aws-ec2-metadata-token",oc=(c={})=>V(Nc(c),{logger:c.logger}),Nc=(c={})=>{let I=!1;const{logger:x,profile:T}=c,{timeout:N,maxRetries:O}=Q(c),u=async(y,E)=>{if(I||E.headers?.[M]==null){let w=!1,h=!1;const C=await v({environmentVariableSelector:(Y)=>{const $=Y[H];if(h=!!$&&$!=="false",$===void 0)throw new q.CredentialsProviderError(`${H} not set in env, checking config file next.`,{logger:c.logger});return h},configFileSelector:(Y)=>{const $=Y[R];return w=!!$&&$!=="false",w},default:!1},{profile:T})();if(c.ec2MetadataV1Disabled||C){const Y=[];if(c.ec2MetadataV1Disabled)Y.push("credential provider initialization (runtime option ec2MetadataV1Disabled)");if(w)Y.push(`config file profile (${R})`);if(h)Y.push(`process environment variable (${H})`);throw new X(`AWS EC2 Metadata v1 fallback has been blocked by AWS SDK configuration in the following: [${Y.join(", ")}].`)}}const p=(await J(async()=>{let w;try{w=await Oc(E)}catch(h){if(h.statusCode===401)I=!1;throw h}return w},y)).trim();return J(async()=>{let w;try{w=await yc(p,E,c)}catch(h){if(h.statusCode===401)I=!1;throw h}return w},y)};return async()=>{const y=await W();if(I)return x?.debug("AWS SDK Instance Metadata","using v1 fallback (no token fetch)"),u(O,{...y,timeout:N});else{let E;try{E=(await xc({...y,timeout:N})).toString()}catch(A){if(A?.statusCode===400)throw Object.assign(A,{message:"EC2 Metadata token request returned error"});else if(A.message==="TimeoutError"||[403,404,405].includes(A.statusCode))I=!0;return x?.debug("AWS SDK Instance Metadata","using v1 fallback (initial)"),u(O,{...y,timeout:N})}return u(O,{...y,headers:{[M]:E},timeout:N})}}},xc=async(c)=>f({...c,path:Tc,method:"PUT",headers:{"x-aws-ec2-metadata-token-ttl-seconds":"21600"}}),Oc=async(c)=>(await f({...c,path:k})).toString(),yc=async(c,I,x)=>{const T=JSON.parse((await f({...I,path:k+c})).toString());if(!D(T))throw new q.CredentialsProviderError("Invalid response received from instance metadata service.",{logger:x.logger});return G(T)};export{Q as providerConfigFromInit,f as httpRequest,W as getInstanceMetadataEndpoint,oc as fromInstanceMetadata,zc as fromContainerMetadata,j as Endpoint,L as ENV_CMDS_RELATIVE_URI,Z as ENV_CMDS_FULL_URI,B as ENV_CMDS_AUTH_TOKEN,fc as DEFAULT_TIMEOUT,uc as DEFAULT_MAX_RETRIES};
+import{B as K} from"./chunk-24a86f8f5ddc0cbd.js";import"./chunk-6a97611e6bd65152.js";import{ub as v,vb as P} from"./chunk-c22e0fc22de0403a.js";import{wb as _} from"./chunk-5ddf530ee3afe1d4.js";import"./chunk-813a4c185ab4c0c0.js";var m=K(_(),1);import{parse as o} from"url";var z=K(_(),1);import{Buffer as a} from"buffer";import{request as n} from"http";function f(c){return new Promise((I,x)=>{const T=n({method:"GET",...c,hostname:c.hostname?.replace(/^\[(.+)\]$/,"$1")});T.on("error",(N)=>{x(Object.assign(new z.ProviderError("Unable to connect to instance metadata service"),N)),T.destroy()}),T.on("timeout",()=>{x(new z.ProviderError("TimeoutError from instance metadata service")),T.destroy()}),T.on("response",(N)=>{const{statusCode:O=400}=N;if(O<200||300<=O)x(Object.assign(new z.ProviderError("Error response received from instance metadata service"),{statusCode:O})),T.destroy();const u=[];N.on("data",(y)=>{u.push(y)}),N.on("end",()=>{I(a.concat(u)),T.destroy()})}),T.end()})}var D=(c)=>Boolean(c)&&typeof c==="object"&&typeof c.AccessKeyId==="string"&&typeof c.SecretAccessKey==="string"&&typeof c.Token==="string"&&typeof c.Expiration==="string",G=(c)=>({accessKeyId:c.AccessKeyId,secretAccessKey:c.SecretAccessKey,sessionToken:c.Token,expiration:new Date(c.Expiration),...c.AccountId&&{accountId:c.AccountId}});var fc=1000,uc=0,Q=({maxRetries:c=0,timeout:I=1000})=>({maxRetries:c,timeout:I});var J=(c,I)=>{let x=c();for(let T=0;T<I;T++)x=x.catch(c);return x};var Z="AWS_CONTAINER_CREDENTIALS_FULL_URI",L="AWS_CONTAINER_CREDENTIALS_RELATIVE_URI",B="AWS_CONTAINER_AUTHORIZATION_TOKEN",zc=(c={})=>{const{timeout:I,maxRetries:x}=Q(c);return()=>J(async()=>{const T=await d({logger:c.logger}),N=JSON.parse(await s(I,T));if(!D(N))throw new m.CredentialsProviderError("Invalid response received from instance metadata service.",{logger:c.logger});return G(N)},x)},s=async(c,I)=>{if(process.env[B])I.headers={...I.headers,Authorization:process.env[B]};return(await f({...I,timeout:c})).toString()},g="169.254.170.2",l={localhost:!0,"127.0.0.1":!0},r={"http:":!0,"https:":!0},d=async({logger:c})=>{if(process.env[L])return{hostname:g,path:process.env[L]};if(process.env[Z]){const I=o(process.env[Z]);if(!I.hostname||!(I.hostname in l))throw new m.CredentialsProviderError(`${I.hostname} is not a valid container metadata service hostname`,{tryNextLink:!1,logger:c});if(!I.protocol||!(I.protocol in r))throw new m.CredentialsProviderError(`${I.protocol} is not a valid container metadata service protocol`,{tryNextLink:!1,logger:c});return{...I,port:I.port?parseInt(I.port,10):void 0}}throw new m.CredentialsProviderError("The container metadata credential provider cannot be used unless"+` the ${L} or ${Z} environment`+" variable is set",{tryNextLink:!1,logger:c})};var q=K(_(),1);var U=K(_(),1);class X extends U.CredentialsProviderError{constructor(c,I=!0){super(c,I);this.tryNextLink=I,this.name="InstanceMetadataV1FallbackError",Object.setPrototypeOf(this,X.prototype)}}var j;(function(c){c.IPv4="http://169.254.169.254",c.IPv6="http://[fd00:ec2::254]"})(j||(j={}));var t={environmentVariableSelector:(c)=>c["AWS_EC2_METADATA_SERVICE_ENDPOINT"],configFileSelector:(c)=>c["ec2_metadata_service_endpoint"],default:void 0};var S;(function(c){c.IPv4="IPv4",c.IPv6="IPv6"})(S||(S={}));var e="AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE",i="ec2_metadata_service_endpoint_mode",F={environmentVariableSelector:(c)=>c[e],configFileSelector:(c)=>c[i],default:S.IPv4};var W=async()=>P(await cc()||await Ic()),cc=async()=>v(t)(),Ic=async()=>{const c=await v(F)();switch(c){case S.IPv4:return j.IPv4;case S.IPv6:return j.IPv6;default:throw new Error(`Unsupported endpoint mode: ${c}.`+` Select from ${Object.values(S)}`)}};var b=(c,I)=>{const x=300+Math.floor(Math.random()*300),T=new Date(Date.now()+x*1000);I.warn("Attempting credential expiration extension due to a credential service availability issue. A refresh of these "+`credentials will be attempted after ${new Date(T)}.\nFor more information, please visit: `+"https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html");const N=c.originalExpiration??c.expiration;return{...c,...N?{originalExpiration:N}:{},expiration:T}};var V=(c,I={})=>{const x=I?.logger||console;let T;return async()=>{let N;try{if(N=await c(),N.expiration&&N.expiration.getTime()<Date.now())N=b(N,x)}catch(O){if(T)x.warn("Credential renew failed: ",O),N=b(T,x);else throw O}return T=N,N}};var k="/latest/meta-data/iam/security-credentials/",Tc="/latest/api/token",H="AWS_EC2_METADATA_V1_DISABLED",R="ec2_metadata_v1_disabled",M="x-aws-ec2-metadata-token",oc=(c={})=>V(Nc(c),{logger:c.logger}),Nc=(c={})=>{let I=!1;const{logger:x,profile:T}=c,{timeout:N,maxRetries:O}=Q(c),u=async(y,E)=>{if(I||E.headers?.[M]==null){let w=!1,h=!1;const C=await v({environmentVariableSelector:(Y)=>{const $=Y[H];if(h=!!$&&$!=="false",$===void 0)throw new q.CredentialsProviderError(`${H} not set in env, checking config file next.`,{logger:c.logger});return h},configFileSelector:(Y)=>{const $=Y[R];return w=!!$&&$!=="false",w},default:!1},{profile:T})();if(c.ec2MetadataV1Disabled||C){const Y=[];if(c.ec2MetadataV1Disabled)Y.push("credential provider initialization (runtime option ec2MetadataV1Disabled)");if(w)Y.push(`config file profile (${R})`);if(h)Y.push(`process environment variable (${H})`);throw new X(`AWS EC2 Metadata v1 fallback has been blocked by AWS SDK configuration in the following: [${Y.join(", ")}].`)}}const p=(await J(async()=>{let w;try{w=await Oc(E)}catch(h){if(h.statusCode===401)I=!1;throw h}return w},y)).trim();return J(async()=>{let w;try{w=await yc(p,E,c)}catch(h){if(h.statusCode===401)I=!1;throw h}return w},y)};return async()=>{const y=await W();if(I)return x?.debug("AWS SDK Instance Metadata","using v1 fallback (no token fetch)"),u(O,{...y,timeout:N});else{let E;try{E=(await xc({...y,timeout:N})).toString()}catch(A){if(A?.statusCode===400)throw Object.assign(A,{message:"EC2 Metadata token request returned error"});else if(A.message==="TimeoutError"||[403,404,405].includes(A.statusCode))I=!0;return x?.debug("AWS SDK Instance Metadata","using v1 fallback (initial)"),u(O,{...y,timeout:N})}return u(O,{...y,headers:{[M]:E},timeout:N})}}},xc=async(c)=>f({...c,path:Tc,method:"PUT",headers:{"x-aws-ec2-metadata-token-ttl-seconds":"21600"}}),Oc=async(c)=>(await f({...c,path:k})).toString(),yc=async(c,I,x)=>{const T=JSON.parse((await f({...I,path:k+c})).toString());if(!D(T))throw new q.CredentialsProviderError("Invalid response received from instance metadata service.",{logger:x.logger});return G(T)};export{Q as providerConfigFromInit,f as httpRequest,W as getInstanceMetadataEndpoint,oc as fromInstanceMetadata,zc as fromContainerMetadata,j as Endpoint,L as ENV_CMDS_RELATIVE_URI,Z as ENV_CMDS_FULL_URI,B as ENV_CMDS_AUTH_TOKEN,fc as DEFAULT_TIMEOUT,uc as DEFAULT_MAX_RETRIES};

package/dist/{chunk-788611478527c8c3.js → chunk-b3b228374e54f4ff.js}

@@ -1,5 +1,5 @@
 // @bun
-import{A as h} from"./chunk-e3d242546d1a2927.js";import{La as P,Oa as w,cb as I,xa as g} from"./chunk-611480789c8b04f4.js";import"./chunk-ed4022c20775d58f.js";import{ub as d} from"./chunk-9ca526226958d45c.js";var i=h(d(),1);import A from"fs/promises";var C=h(d(),1);var E="169.254.170.2",R="169.254.170.23",p="[fd00:ec2::23]",S=(e,c)=>{if(e.protocol==="https:")return;if(e.hostname===E||e.hostname===R||e.hostname===p)return;if(e.hostname.includes("[")){if(e.hostname==="[::1]"||e.hostname==="[0000:0000:0000:0000:0000:0000:0000:0001]")return}else{if(e.hostname==="localhost")return;const a=e.hostname.split("."),r=(t)=>{const s=parseInt(t,10);return 0<=s&&s<=255};if(a[0]==="127"&&r(a[1])&&r(a[2])&&r(a[3])&&a.length===4)return}throw new C.CredentialsProviderError(`URL not accepted. It must either be HTTPS or match one of the following:
+import{B as h} from"./chunk-24a86f8f5ddc0cbd.js";import{Na as P,Qa as w,eb as I,za as g} from"./chunk-1e6b656dc70ab1fd.js";import"./chunk-6a97611e6bd65152.js";import{wb as d} from"./chunk-5ddf530ee3afe1d4.js";var i=h(d(),1);import A from"fs/promises";var C=h(d(),1);var E="169.254.170.2",R="169.254.170.23",p="[fd00:ec2::23]",S=(e,c)=>{if(e.protocol==="https:")return;if(e.hostname===E||e.hostname===R||e.hostname===p)return;if(e.hostname.includes("[")){if(e.hostname==="[::1]"||e.hostname==="[0000:0000:0000:0000:0000:0000:0000:0001]")return}else{if(e.hostname==="localhost")return;const a=e.hostname.split("."),r=(t)=>{const s=parseInt(t,10);return 0<=s&&s<=255};if(a[0]==="127"&&r(a[1])&&r(a[2])&&r(a[3])&&a.length===4)return}throw new C.CredentialsProviderError(`URL not accepted. It must either be HTTPS or match one of the following:
   - loopback CIDR 127.0.0.0/8 or [::1/128]
   - ECS container host 169.254.170.2
   - EKS container host 169.254.170.23 or [fd00:ec2::23]`,{logger:c})};var m=h(d(),1);function K(e){return new g({protocol:e.protocol,hostname:e.hostname,port:Number(e.port),path:e.pathname,query:Array.from(e.searchParams.entries()).reduce((c,[a,r])=>{return c[a]=r,c},{}),fragment:e.hash})}async function T(e,c){const r=await w(e.body).transformToString();if(e.statusCode===200){const t=JSON.parse(r);if(typeof t.AccessKeyId!=="string"||typeof t.SecretAccessKey!=="string"||typeof t.Token!=="string"||typeof t.Expiration!=="string")throw new m.CredentialsProviderError("HTTP credential provider response not of the required format, an object matching: { AccessKeyId: string, SecretAccessKey: string, Token: string, Expiration: string(rfc3339) }",{logger:c});return{accessKeyId:t.AccessKeyId,secretAccessKey:t.SecretAccessKey,sessionToken:t.Token,expiration:I(t.Expiration)}}if(e.statusCode>=400&&e.statusCode<500){let t={};try{t=JSON.parse(r)}catch(s){}throw Object.assign(new m.CredentialsProviderError(`Server responded with status: ${e.statusCode}`,{logger:c}),{Code:t.Code,Message:t.Message})}throw new m.CredentialsProviderError(`Server responded with status: ${e.statusCode}`,{logger:c})}var x=(e,c,a)=>{return async()=>{for(let r=0;r<c;++r)try{return await e()}catch(t){await new Promise((s)=>setTimeout(s,a))}return await e()}};var O="AWS_CONTAINER_CREDENTIALS_RELATIVE_URI",b="http://169.254.170.2",_="AWS_CONTAINER_CREDENTIALS_FULL_URI",v="AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE",B="AWS_CONTAINER_AUTHORIZATION_TOKEN",D=(e={})=>{e.logger?.debug("@aws-sdk/credential-provider-http - fromHttp");let c;const a=e.awsContainerCredentialsRelativeUri??process.env[O],r=e.awsContainerCredentialsFullUri??process.env[_],t=e.awsContainerAuthorizationToken??process.env[B],s=e.awsContainerAuthorizationTokenFile??process.env[v],n=e.logger?.constructor?.name==="NoOpLogger"||!e.logger?console.warn:e.logger.warn;if(a&&r)n("@aws-sdk/credential-provider-http: you have set both awsContainerCredentialsRelativeUri and awsContainerCredentialsFullUri."),n("awsContainerCredentialsFullUri will take precedence.");if(t&&s)n("@aws-sdk/credential-provider-http: you have set both awsContainerAuthorizationToken and awsContainerAuthorizationTokenFile."),n("awsContainerAuthorizationToken will take precedence.");if(r)c=r;else if(a)c=`${b}${a}`;else throw new i.CredentialsProviderError(`No HTTP credential provider host provided.

package/dist/{chunk-1488c30be491de9b.js → chunk-c22e0fc22de0403a.js}

@@ -1,2 +1,2 @@
-import{A as s} from"./chunk-e3d242546d1a2927.js";import{ub as m} from"./chunk-9ca526226958d45c.js";import{Bb as w,xb as u} from"./chunk-827fe74e5b55863c.js";var a=s(m(),1);var g=s(m(),1);function c(o){try{const r=new Set(Array.from(o.match(/([A-Z_]){3,}/g)??[]));return r.delete("CONFIG"),r.delete("CONFIG_PREFIX_SEPARATOR"),r.delete("ENV"),[...r].join(", ")}catch(r){return o}}var h=(o,r)=>async()=>{try{const t=o(process.env);if(t===void 0)throw new Error;return t}catch(t){throw new g.CredentialsProviderError(t.message||`Not found in ENV: ${c(o.toString())}`,{logger:r})}};var y=s(m(),1);var C=(o,{preferredFile:r="config",...t}={})=>async()=>{const e=u(t),{configFile:n,credentialsFile:i}=await w(t),f=i[e]||{},p=n[e]||{},N=r==="config"?{...f,...p}:{...p,...f};try{const d=o(N,r==="config"?n:i);if(d===void 0)throw new Error;return d}catch(l){throw new y.CredentialsProviderError(l.message||`Not found in config files w/ profile [${e}]: ${c(o.toString())}`,{logger:t.logger})}};var F=s(m(),1),x=(o)=>typeof o==="function",S=(o)=>x(o)?async()=>await o():F.fromStatic(o);var T=({environmentVariableSelector:o,configFileSelector:r,default:t},e={})=>a.memoize(a.chain(h(o),C(r,e),S(t)));function E(o){const r={};if(o=o.replace(/^\?/,""),o)for(let t of o.split("&")){let[e,n=null]=t.split("=");if(e=decodeURIComponent(e),n)n=decodeURIComponent(n);if(!(e in r))r[e]=n;else if(Array.isArray(r[e]))r[e].push(n);else r[e]=[r[e],n]}return r}var v=(o)=>{if(typeof o==="string")return v(new URL(o));const{hostname:r,pathname:t,port:e,protocol:n,search:i}=o;let f;if(i)f=E(i);return{hostname:r,port:e?parseInt(e):void 0,protocol:n,path:t,query:f}};
-export{T as sb,v as tb};
+import{B as s} from"./chunk-24a86f8f5ddc0cbd.js";import{wb as m} from"./chunk-5ddf530ee3afe1d4.js";import{Db as w,zb as u} from"./chunk-813a4c185ab4c0c0.js";var a=s(m(),1);var g=s(m(),1);function c(o){try{const r=new Set(Array.from(o.match(/([A-Z_]){3,}/g)??[]));return r.delete("CONFIG"),r.delete("CONFIG_PREFIX_SEPARATOR"),r.delete("ENV"),[...r].join(", ")}catch(r){return o}}var h=(o,r)=>async()=>{try{const t=o(process.env);if(t===void 0)throw new Error;return t}catch(t){throw new g.CredentialsProviderError(t.message||`Not found in ENV: ${c(o.toString())}`,{logger:r})}};var y=s(m(),1);var C=(o,{preferredFile:r="config",...t}={})=>async()=>{const e=u(t),{configFile:n,credentialsFile:i}=await w(t),f=i[e]||{},p=n[e]||{},N=r==="config"?{...f,...p}:{...p,...f};try{const d=o(N,r==="config"?n:i);if(d===void 0)throw new Error;return d}catch(l){throw new y.CredentialsProviderError(l.message||`Not found in config files w/ profile [${e}]: ${c(o.toString())}`,{logger:t.logger})}};var F=s(m(),1),x=(o)=>typeof o==="function",S=(o)=>x(o)?async()=>await o():F.fromStatic(o);var T=({environmentVariableSelector:o,configFileSelector:r,default:t},e={})=>a.memoize(a.chain(h(o),C(r,e),S(t)));function E(o){const r={};if(o=o.replace(/^\?/,""),o)for(let t of o.split("&")){let[e,n=null]=t.split("=");if(e=decodeURIComponent(e),n)n=decodeURIComponent(n);if(!(e in r))r[e]=n;else if(Array.isArray(r[e]))r[e].push(n);else r[e]=[r[e],n]}return r}var v=(o)=>{if(typeof o==="string")return v(new URL(o));const{hostname:r,pathname:t,port:e,protocol:n,search:i}=o;let f;if(i)f=E(i);return{hostname:r,port:e?parseInt(e):void 0,protocol:n,path:t,query:f}};
+export{T as ub,v as vb};

package/dist/{chunk-ae46c8b6092236d2.js → chunk-e1a9177afdc46b3b.js}

@@ -1,2 +1,2 @@
 // @bun
-import{A as _} from"./chunk-e3d242546d1a2927.js";import"./chunk-ed4022c20775d58f.js";import{ub as y} from"./chunk-9ca526226958d45c.js";import{Db as S,xb as K} from"./chunk-827fe74e5b55863c.js";var o=_(y(),1);import{exec as A} from"child_process";import{promisify as T} from"util";var i=(c,n,s)=>{if(n.Version!==1)throw Error(`Profile ${c} credential_process did not return Version 1.`);if(n.AccessKeyId===void 0||n.SecretAccessKey===void 0)throw Error(`Profile ${c} credential_process returned invalid credentials.`);if(n.Expiration){const t=new Date;if(new Date(n.Expiration)<t)throw Error(`Profile ${c} credential_process returned expired credentials.`)}let e=n.AccountId;if(!e&&s?.[c]?.aws_account_id)e=s[c].aws_account_id;return{accessKeyId:n.AccessKeyId,secretAccessKey:n.SecretAccessKey,...n.SessionToken&&{sessionToken:n.SessionToken},...n.Expiration&&{expiration:new Date(n.Expiration)},...n.CredentialScope&&{credentialScope:n.CredentialScope},...e&&{accountId:e}}};var x=async(c,n,s)=>{const e=n[c];if(n[c]){const t=e.credential_process;if(t!==void 0){const u=T(A);try{const{stdout:r}=await u(t);let w;try{w=JSON.parse(r.trim())}catch{throw Error(`Profile ${c} credential_process returned invalid JSON.`)}return i(c,w,n)}catch(r){throw new o.CredentialsProviderError(r.message,{logger:s})}}else throw new o.CredentialsProviderError(`Profile ${c} did not contain credential_process.`,{logger:s})}else throw new o.CredentialsProviderError(`Profile ${c} could not be found in shared credentials file.`,{logger:s})};var b=(c={})=>async()=>{c.logger?.debug("@aws-sdk/credential-provider-process - fromProcess");const n=await S(c);return x(K(c),n,c.logger)};export{b as fromProcess};
+import{B as _} from"./chunk-24a86f8f5ddc0cbd.js";import"./chunk-6a97611e6bd65152.js";import{wb as y} from"./chunk-5ddf530ee3afe1d4.js";import{Fb as S,zb as K} from"./chunk-813a4c185ab4c0c0.js";var o=_(y(),1);import{exec as A} from"child_process";import{promisify as T} from"util";var i=(c,n,s)=>{if(n.Version!==1)throw Error(`Profile ${c} credential_process did not return Version 1.`);if(n.AccessKeyId===void 0||n.SecretAccessKey===void 0)throw Error(`Profile ${c} credential_process returned invalid credentials.`);if(n.Expiration){const t=new Date;if(new Date(n.Expiration)<t)throw Error(`Profile ${c} credential_process returned expired credentials.`)}let e=n.AccountId;if(!e&&s?.[c]?.aws_account_id)e=s[c].aws_account_id;return{accessKeyId:n.AccessKeyId,secretAccessKey:n.SecretAccessKey,...n.SessionToken&&{sessionToken:n.SessionToken},...n.Expiration&&{expiration:new Date(n.Expiration)},...n.CredentialScope&&{credentialScope:n.CredentialScope},...e&&{accountId:e}}};var x=async(c,n,s)=>{const e=n[c];if(n[c]){const t=e.credential_process;if(t!==void 0){const u=T(A);try{const{stdout:r}=await u(t);let w;try{w=JSON.parse(r.trim())}catch{throw Error(`Profile ${c} credential_process returned invalid JSON.`)}return i(c,w,n)}catch(r){throw new o.CredentialsProviderError(r.message,{logger:s})}}else throw new o.CredentialsProviderError(`Profile ${c} did not contain credential_process.`,{logger:s})}else throw new o.CredentialsProviderError(`Profile ${c} could not be found in shared credentials file.`,{logger:s})};var b=(c={})=>async()=>{c.logger?.debug("@aws-sdk/credential-provider-process - fromProcess");const n=await S(c);return x(K(c),n,c.logger)};export{b as fromProcess};

package/dist/{chunk-4573fe60e6dbd787.js → chunk-e834f558250dac89.js}

@@ -1,2 +1,2 @@
 // @bun
-import{A as h} from"./chunk-e3d242546d1a2927.js";import"./chunk-ed4022c20775d58f.js";import{ub as _} from"./chunk-9ca526226958d45c.js";import{Cb as v,Db as P,xb as N,yb as W,zb as I} from"./chunk-827fe74e5b55863c.js";var T=h(_(),1);var H=(e)=>e&&(typeof e.sso_start_url==="string"||typeof e.sso_account_id==="string"||typeof e.sso_session==="string"||typeof e.sso_region==="string"||typeof e.sso_role_name==="string");var u=h(_(),1);var K=300000,g="To refresh this SSO session run 'aws sso login' with the corresponding profile.";var R={},b=async(e)=>{const{SSOOIDCClient:r}=await import("./chunk-7ab2e8abae3c8902.js");if(R[e])return R[e];const s=new r({region:e});return R[e]=s,s};var G=async(e,r)=>{const{CreateTokenCommand:s}=await import("./chunk-7ab2e8abae3c8902.js");return(await b(r)).send(new s({clientId:e.clientId,clientSecret:e.clientSecret,refreshToken:e.refreshToken,grantType:"refresh_token"}))};var U=h(_(),1);var D=(e)=>{if(e.expiration&&e.expiration.getTime()<Date.now())throw new U.TokenProviderError(`Token is expired. ${g}`,!1)};var q=h(_(),1);var p=(e,r,s=!1)=>{if(typeof r==="undefined")throw new q.TokenProviderError(`Value not present for '${e}' in SSO Token${s?". Cannot refresh":""}. ${g}`,!1)};import{promises as B} from"fs";var{writeFile:Q}=B,j=(e,r)=>{const s=W(e),t=JSON.stringify(r,null,2);return Q(s,t)};var X=new Date(0),z=(e={})=>async()=>{e.logger?.debug("@aws-sdk/token-providers - fromSso");const r=await P(e),s=N(e),t=r[s];if(!t)throw new u.TokenProviderError(`Profile '${s}' could not be found in shared credentials file.`,!1);else if(!t.sso_session)throw new u.TokenProviderError(`Profile '${s}' is missing required property 'sso_session'.`);const i=t.sso_session,a=(await v(e))[i];if(!a)throw new u.TokenProviderError(`Sso session '${i}' could not be found in shared credentials file.`,!1);for(let n of["sso_start_url","sso_region"])if(!a[n])throw new u.TokenProviderError(`Sso session '${i}' is missing required property '${n}'.`,!1);const{sso_start_url:l,sso_region:f}=a;let o;try{o=await I(i)}catch(n){throw new u.TokenProviderError(`The SSO session token associated with profile=${s} was not found or is invalid. ${g}`,!1)}p("accessToken",o.accessToken),p("expiresAt",o.expiresAt);const{accessToken:E,expiresAt:x}=o,c={token:E,expiration:new Date(x)};if(c.expiration.getTime()-Date.now()>K)return c;if(Date.now()-X.getTime()<30000)return D(c),c;p("clientId",o.clientId,!0),p("clientSecret",o.clientSecret,!0),p("refreshToken",o.refreshToken,!0);try{X.setTime(Date.now());const n=await G(o,f);p("accessToken",n.accessToken),p("expiresIn",n.expiresIn);const w=new Date(Date.now()+n.expiresIn*1000);try{await j(i,{...o,accessToken:n.accessToken,expiresAt:w.toISOString(),refreshToken:n.refreshToken})}catch(C){}return{token:n.accessToken,expiration:w}}catch(n){return D(c),c}};var k=h(_(),1);var y=!1,A=async({ssoStartUrl:e,ssoSession:r,ssoAccountId:s,ssoRegion:t,ssoRoleName:i,ssoClient:S,clientConfig:a,profile:l,logger:f})=>{let o;const E="To refresh this SSO session run aws sso login with the corresponding profile.";if(r)try{const d=await z({profile:l})();o={accessToken:d.token,expiresAt:new Date(d.expiration).toISOString()}}catch(d){throw new k.CredentialsProviderError(d.message,{tryNextLink:y,logger:f})}else try{o=await I(e)}catch(d){throw new k.CredentialsProviderError("The SSO session associated with this profile is invalid. To refresh this SSO session run aws sso login with the corresponding profile.",{tryNextLink:y,logger:f})}if(new Date(o.expiresAt).getTime()-Date.now()<=0)throw new k.CredentialsProviderError("The SSO session associated with this profile has expired. To refresh this SSO session run aws sso login with the corresponding profile.",{tryNextLink:y,logger:f});const{accessToken:x}=o,{SSOClient:c,GetRoleCredentialsCommand:n}=await import("./chunk-3ccfbc315f74b335.js"),w=S||new c(Object.assign({},a??{},{region:a?.region??t}));let C;try{C=await w.send(new n({accountId:s,roleName:i,accessToken:x}))}catch(d){throw new k.CredentialsProviderError(d,{tryNextLink:y,logger:f})}const{roleCredentials:{accessKeyId:m,secretAccessKey:O,sessionToken:$,expiration:F,credentialScope:L,accountId:M}={}}=C;if(!m||!O||!$||!F)throw new k.CredentialsProviderError("SSO returns an invalid temporary credential.",{tryNextLink:y,logger:f});return{accessKeyId:m,secretAccessKey:O,sessionToken:$,expiration:new Date(F),...L&&{credentialScope:L},...M&&{accountId:M}}};var J=h(_(),1),V=(e,r)=>{const{sso_start_url:s,sso_account_id:t,sso_region:i,sso_role_name:S}=e;if(!s||!t||!i||!S)throw new J.CredentialsProviderError('Profile is configured with invalid SSO credentials. Required parameters "sso_account_id", '+`"sso_region", "sso_role_name", "sso_start_url". Got ${Object.keys(e).join(", ")}\nReference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html`,{tryNextLink:!1,logger:r});return e};var Ee=(e={})=>async()=>{e.logger?.debug("@aws-sdk/credential-provider-sso - fromSSO");const{ssoStartUrl:r,ssoAccountId:s,ssoRegion:t,ssoRoleName:i,ssoSession:S}=e,{ssoClient:a}=e,l=N(e);if(!r&&!s&&!t&&!i&&!S){const o=(await P(e))[l];if(!o)throw new T.CredentialsProviderError(`Profile ${l} was not found.`,{logger:e.logger});if(!H(o))throw new T.CredentialsProviderError(`Profile ${l} is not configured with SSO credentials.`,{logger:e.logger});if(o?.sso_session){const m=(await v(e))[o.sso_session],O=` configurations in profile ${l} and sso-session ${o.sso_session}`;if(t&&t!==m.sso_region)throw new T.CredentialsProviderError("Conflicting SSO region"+O,{tryNextLink:!1,logger:e.logger});if(r&&r!==m.sso_start_url)throw new T.CredentialsProviderError("Conflicting SSO start_url"+O,{tryNextLink:!1,logger:e.logger});o.sso_region=m.sso_region,o.sso_start_url=m.sso_start_url}const{sso_start_url:E,sso_account_id:x,sso_region:c,sso_role_name:n,sso_session:w}=V(o,e.logger);return A({ssoStartUrl:E,ssoSession:w,ssoAccountId:x,ssoRegion:c,ssoRoleName:n,ssoClient:a,clientConfig:e.clientConfig,profile:l})}else if(!r||!s||!t||!i)throw new T.CredentialsProviderError('Incomplete configuration. The fromSSO() argument hash must include "ssoStartUrl", "ssoAccountId", "ssoRegion", "ssoRoleName"',{tryNextLink:!1,logger:e.logger});else return A({ssoStartUrl:r,ssoSession:S,ssoAccountId:s,ssoRegion:t,ssoRoleName:i,ssoClient:a,clientConfig:e.clientConfig,profile:l})};export{V as validateSsoProfile,H as isSsoProfile,Ee as fromSSO};
+import{B as h} from"./chunk-24a86f8f5ddc0cbd.js";import"./chunk-6a97611e6bd65152.js";import{wb as _} from"./chunk-5ddf530ee3afe1d4.js";import{Ab as W,Bb as I,Eb as v,Fb as P,zb as N} from"./chunk-813a4c185ab4c0c0.js";var T=h(_(),1);var H=(e)=>e&&(typeof e.sso_start_url==="string"||typeof e.sso_account_id==="string"||typeof e.sso_session==="string"||typeof e.sso_region==="string"||typeof e.sso_role_name==="string");var u=h(_(),1);var K=300000,g="To refresh this SSO session run 'aws sso login' with the corresponding profile.";var R={},b=async(e)=>{const{SSOOIDCClient:r}=await import("./chunk-a7246b5b3e2f2366.js");if(R[e])return R[e];const s=new r({region:e});return R[e]=s,s};var G=async(e,r)=>{const{CreateTokenCommand:s}=await import("./chunk-a7246b5b3e2f2366.js");return(await b(r)).send(new s({clientId:e.clientId,clientSecret:e.clientSecret,refreshToken:e.refreshToken,grantType:"refresh_token"}))};var U=h(_(),1);var D=(e)=>{if(e.expiration&&e.expiration.getTime()<Date.now())throw new U.TokenProviderError(`Token is expired. ${g}`,!1)};var q=h(_(),1);var p=(e,r,s=!1)=>{if(typeof r==="undefined")throw new q.TokenProviderError(`Value not present for '${e}' in SSO Token${s?". Cannot refresh":""}. ${g}`,!1)};import{promises as B} from"fs";var{writeFile:Q}=B,j=(e,r)=>{const s=W(e),t=JSON.stringify(r,null,2);return Q(s,t)};var X=new Date(0),z=(e={})=>async()=>{e.logger?.debug("@aws-sdk/token-providers - fromSso");const r=await P(e),s=N(e),t=r[s];if(!t)throw new u.TokenProviderError(`Profile '${s}' could not be found in shared credentials file.`,!1);else if(!t.sso_session)throw new u.TokenProviderError(`Profile '${s}' is missing required property 'sso_session'.`);const i=t.sso_session,a=(await v(e))[i];if(!a)throw new u.TokenProviderError(`Sso session '${i}' could not be found in shared credentials file.`,!1);for(let n of["sso_start_url","sso_region"])if(!a[n])throw new u.TokenProviderError(`Sso session '${i}' is missing required property '${n}'.`,!1);const{sso_start_url:l,sso_region:f}=a;let o;try{o=await I(i)}catch(n){throw new u.TokenProviderError(`The SSO session token associated with profile=${s} was not found or is invalid. ${g}`,!1)}p("accessToken",o.accessToken),p("expiresAt",o.expiresAt);const{accessToken:E,expiresAt:x}=o,c={token:E,expiration:new Date(x)};if(c.expiration.getTime()-Date.now()>K)return c;if(Date.now()-X.getTime()<30000)return D(c),c;p("clientId",o.clientId,!0),p("clientSecret",o.clientSecret,!0),p("refreshToken",o.refreshToken,!0);try{X.setTime(Date.now());const n=await G(o,f);p("accessToken",n.accessToken),p("expiresIn",n.expiresIn);const w=new Date(Date.now()+n.expiresIn*1000);try{await j(i,{...o,accessToken:n.accessToken,expiresAt:w.toISOString(),refreshToken:n.refreshToken})}catch(C){}return{token:n.accessToken,expiration:w}}catch(n){return D(c),c}};var k=h(_(),1);var y=!1,A=async({ssoStartUrl:e,ssoSession:r,ssoAccountId:s,ssoRegion:t,ssoRoleName:i,ssoClient:S,clientConfig:a,profile:l,logger:f})=>{let o;const E="To refresh this SSO session run aws sso login with the corresponding profile.";if(r)try{const d=await z({profile:l})();o={accessToken:d.token,expiresAt:new Date(d.expiration).toISOString()}}catch(d){throw new k.CredentialsProviderError(d.message,{tryNextLink:y,logger:f})}else try{o=await I(e)}catch(d){throw new k.CredentialsProviderError("The SSO session associated with this profile is invalid. To refresh this SSO session run aws sso login with the corresponding profile.",{tryNextLink:y,logger:f})}if(new Date(o.expiresAt).getTime()-Date.now()<=0)throw new k.CredentialsProviderError("The SSO session associated with this profile has expired. To refresh this SSO session run aws sso login with the corresponding profile.",{tryNextLink:y,logger:f});const{accessToken:x}=o,{SSOClient:c,GetRoleCredentialsCommand:n}=await import("./chunk-5075c75a0b45f02c.js"),w=S||new c(Object.assign({},a??{},{region:a?.region??t}));let C;try{C=await w.send(new n({accountId:s,roleName:i,accessToken:x}))}catch(d){throw new k.CredentialsProviderError(d,{tryNextLink:y,logger:f})}const{roleCredentials:{accessKeyId:m,secretAccessKey:O,sessionToken:$,expiration:F,credentialScope:L,accountId:M}={}}=C;if(!m||!O||!$||!F)throw new k.CredentialsProviderError("SSO returns an invalid temporary credential.",{tryNextLink:y,logger:f});return{accessKeyId:m,secretAccessKey:O,sessionToken:$,expiration:new Date(F),...L&&{credentialScope:L},...M&&{accountId:M}}};var J=h(_(),1),V=(e,r)=>{const{sso_start_url:s,sso_account_id:t,sso_region:i,sso_role_name:S}=e;if(!s||!t||!i||!S)throw new J.CredentialsProviderError('Profile is configured with invalid SSO credentials. Required parameters "sso_account_id", '+`"sso_region", "sso_role_name", "sso_start_url". Got ${Object.keys(e).join(", ")}\nReference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html`,{tryNextLink:!1,logger:r});return e};var Ee=(e={})=>async()=>{e.logger?.debug("@aws-sdk/credential-provider-sso - fromSSO");const{ssoStartUrl:r,ssoAccountId:s,ssoRegion:t,ssoRoleName:i,ssoSession:S}=e,{ssoClient:a}=e,l=N(e);if(!r&&!s&&!t&&!i&&!S){const o=(await P(e))[l];if(!o)throw new T.CredentialsProviderError(`Profile ${l} was not found.`,{logger:e.logger});if(!H(o))throw new T.CredentialsProviderError(`Profile ${l} is not configured with SSO credentials.`,{logger:e.logger});if(o?.sso_session){const m=(await v(e))[o.sso_session],O=` configurations in profile ${l} and sso-session ${o.sso_session}`;if(t&&t!==m.sso_region)throw new T.CredentialsProviderError("Conflicting SSO region"+O,{tryNextLink:!1,logger:e.logger});if(r&&r!==m.sso_start_url)throw new T.CredentialsProviderError("Conflicting SSO start_url"+O,{tryNextLink:!1,logger:e.logger});o.sso_region=m.sso_region,o.sso_start_url=m.sso_start_url}const{sso_start_url:E,sso_account_id:x,sso_region:c,sso_role_name:n,sso_session:w}=V(o,e.logger);return A({ssoStartUrl:E,ssoSession:w,ssoAccountId:x,ssoRegion:c,ssoRoleName:n,ssoClient:a,clientConfig:e.clientConfig,profile:l})}else if(!r||!s||!t||!i)throw new T.CredentialsProviderError('Incomplete configuration. The fromSSO() argument hash must include "ssoStartUrl", "ssoAccountId", "ssoRegion", "ssoRoleName"',{tryNextLink:!1,logger:e.logger});else return A({ssoStartUrl:r,ssoSession:S,ssoAccountId:s,ssoRegion:t,ssoRoleName:i,ssoClient:a,clientConfig:e.clientConfig,profile:l})};export{V as validateSsoProfile,H as isSsoProfile,Ee as fromSSO};

package/dist/{chunk-8b1dc3428a74b1f4.js → chunk-e910e2a8677bca82.js}

@@ -1,2 +1,2 @@
 // @bun
-import{A as _} from"./chunk-e3d242546d1a2927.js";import"./chunk-ed4022c20775d58f.js";import{ub as a} from"./chunk-9ca526226958d45c.js";import{Db as h,xb as l} from"./chunk-827fe74e5b55863c.js";var R=_(a(),1);var m=_(a(),1);var c=_(a(),1),C=(e,s,r)=>{const i={EcsContainer:async(t)=>{const{fromHttp:n}=await import("./chunk-788611478527c8c3.js"),{fromContainerMetadata:d}=await import("./chunk-e20c0e69128c42f5.js");return r?.debug("@aws-sdk/credential-provider-ini - credential_source is EcsContainer"),c.chain(n(t??{}),d(t))},Ec2InstanceMetadata:async(t)=>{r?.debug("@aws-sdk/credential-provider-ini - credential_source is Ec2InstanceMetadata");const{fromInstanceMetadata:n}=await import("./chunk-e20c0e69128c42f5.js");return n(t)},Environment:async(t)=>{r?.debug("@aws-sdk/credential-provider-ini - credential_source is Environment");const{fromEnv:n}=await import("./chunk-bfc01c0e40e4551c.js");return n(t)}};if(e in i)return i[e];else throw new c.CredentialsProviderError(`Unsupported credential source in profile ${s}. Got ${e}, `+"expected EcsContainer or Ec2InstanceMetadata or Environment.",{logger:r})};var P=(e,{profile:s="default",logger:r}={})=>{return Boolean(e)&&typeof e==="object"&&typeof e.role_arn==="string"&&["undefined","string"].indexOf(typeof e.role_session_name)>-1&&["undefined","string"].indexOf(typeof e.external_id)>-1&&["undefined","string"].indexOf(typeof e.mfa_serial)>-1&&(j(e,{profile:s,logger:r})||O(e,{profile:s,logger:r}))},j=(e,{profile:s,logger:r})=>{const i=typeof e.source_profile==="string"&&typeof e.credential_source==="undefined";if(i)r?.debug?.(`    ${s} isAssumeRoleWithSourceProfile source_profile=${e.source_profile}`);return i},O=(e,{profile:s,logger:r})=>{const i=typeof e.credential_source==="string"&&typeof e.source_profile==="undefined";if(i)r?.debug?.(`    ${s} isCredentialSourceProfile credential_source=${e.credential_source}`);return i},v=async(e,s,r,i={})=>{r.logger?.debug("@aws-sdk/credential-provider-ini - resolveAssumeRoleCredentials (STS)");const t=s[e];if(!r.roleAssumer){const{getDefaultRoleAssumer:I}=await import("./chunk-1e96eb132f10e361.js");r.roleAssumer=I({...r.clientConfig,credentialProviderLogger:r.logger,parentClientConfig:r?.parentClientConfig},r.clientPlugins)}const{source_profile:n}=t;if(n&&n in i)throw new m.CredentialsProviderError("Detected a cycle attempting to resolve credentials for profile"+` ${l(r)}. Profiles visited: `+Object.keys(i).join(", "),{logger:r.logger});r.logger?.debug(`@aws-sdk/credential-provider-ini - finding credential resolver using ${n?`source_profile=[${n}]`:`profile=[${e}]`}`);const d=n?o(n,{...s,[n]:{...s[n],role_arn:t.role_arn??s[n].role_arn}},r,{...i,[n]:!0}):(await C(t.credential_source,e,r.logger)(r))(),u={RoleArn:t.role_arn,RoleSessionName:t.role_session_name||`aws-sdk-js-${Date.now()}`,ExternalId:t.external_id,DurationSeconds:parseInt(t.duration_seconds||"3600",10)},{mfa_serial:f}=t;if(f){if(!r.mfaCodeProvider)throw new m.CredentialsProviderError(`Profile ${e} requires multi-factor authentication, but no MFA code callback was provided.`,{logger:r.logger,tryNextLink:!1});u.SerialNumber=f,u.TokenCode=await r.mfaCodeProvider(f)}const D=await d;return r.roleAssumer(D,u)};var x=(e)=>Boolean(e)&&typeof e==="object"&&typeof e.credential_process==="string",b=async(e,s)=>import("./chunk-ae46c8b6092236d2.js").then(({fromProcess:r})=>r({...e,profile:s})());var A=async(e,s={})=>{const{fromSSO:r}=await import("./chunk-4573fe60e6dbd787.js");return r({profile:e,logger:s.logger})()},k=(e)=>e&&(typeof e.sso_start_url==="string"||typeof e.sso_account_id==="string"||typeof e.sso_session==="string"||typeof e.sso_region==="string"||typeof e.sso_role_name==="string");var w=(e)=>Boolean(e)&&typeof e==="object"&&typeof e.aws_access_key_id==="string"&&typeof e.aws_secret_access_key==="string"&&["undefined","string"].indexOf(typeof e.aws_session_token)>-1&&["undefined","string"].indexOf(typeof e.aws_account_id)>-1,y=(e,s)=>{return s?.logger?.debug("@aws-sdk/credential-provider-ini - resolveStaticCredentials"),Promise.resolve({accessKeyId:e.aws_access_key_id,secretAccessKey:e.aws_secret_access_key,sessionToken:e.aws_session_token,...e.aws_credential_scope&&{credentialScope:e.aws_credential_scope},...e.aws_account_id&&{accountId:e.aws_account_id}})};var S=(e)=>Boolean(e)&&typeof e==="object"&&typeof e.web_identity_token_file==="string"&&typeof e.role_arn==="string"&&["undefined","string"].indexOf(typeof e.role_session_name)>-1,$=async(e,s)=>import("./chunk-b092d6945f70ff1c.js").then(({fromTokenFile:r})=>r({webIdentityTokenFile:e.web_identity_token_file,roleArn:e.role_arn,roleSessionName:e.role_session_name,roleAssumerWithWebIdentity:s.roleAssumerWithWebIdentity,logger:s.logger,parentClientConfig:s.parentClientConfig})());var o=async(e,s,r,i={})=>{const t=s[e];if(Object.keys(i).length>0&&w(t))return y(t,r);if(P(t,{profile:e,logger:r.logger}))return v(e,s,r,i);if(w(t))return y(t,r);if(S(t))return $(t,r);if(x(t))return b(r,e);if(k(t))return await A(e,r);throw new R.CredentialsProviderError(`Could not resolve credentials using profile: [${e}] in configuration/credentials file(s).`,{logger:r.logger})};var H=(e={})=>async()=>{e.logger?.debug("@aws-sdk/credential-provider-ini - fromIni");const s=await h(e);return o(l(e),s,e)};export{H as fromIni};
+import{B as _} from"./chunk-24a86f8f5ddc0cbd.js";import"./chunk-6a97611e6bd65152.js";import{wb as a} from"./chunk-5ddf530ee3afe1d4.js";import{Fb as h,zb as l} from"./chunk-813a4c185ab4c0c0.js";var R=_(a(),1);var m=_(a(),1);var c=_(a(),1),C=(e,s,r)=>{const i={EcsContainer:async(t)=>{const{fromHttp:n}=await import("./chunk-b3b228374e54f4ff.js"),{fromContainerMetadata:d}=await import("./chunk-aebf7df48200842b.js");return r?.debug("@aws-sdk/credential-provider-ini - credential_source is EcsContainer"),c.chain(n(t??{}),d(t))},Ec2InstanceMetadata:async(t)=>{r?.debug("@aws-sdk/credential-provider-ini - credential_source is Ec2InstanceMetadata");const{fromInstanceMetadata:n}=await import("./chunk-aebf7df48200842b.js");return n(t)},Environment:async(t)=>{r?.debug("@aws-sdk/credential-provider-ini - credential_source is Environment");const{fromEnv:n}=await import("./chunk-357d6f34be7eafaa.js");return n(t)}};if(e in i)return i[e];else throw new c.CredentialsProviderError(`Unsupported credential source in profile ${s}. Got ${e}, `+"expected EcsContainer or Ec2InstanceMetadata or Environment.",{logger:r})};var P=(e,{profile:s="default",logger:r}={})=>{return Boolean(e)&&typeof e==="object"&&typeof e.role_arn==="string"&&["undefined","string"].indexOf(typeof e.role_session_name)>-1&&["undefined","string"].indexOf(typeof e.external_id)>-1&&["undefined","string"].indexOf(typeof e.mfa_serial)>-1&&(j(e,{profile:s,logger:r})||O(e,{profile:s,logger:r}))},j=(e,{profile:s,logger:r})=>{const i=typeof e.source_profile==="string"&&typeof e.credential_source==="undefined";if(i)r?.debug?.(`    ${s} isAssumeRoleWithSourceProfile source_profile=${e.source_profile}`);return i},O=(e,{profile:s,logger:r})=>{const i=typeof e.credential_source==="string"&&typeof e.source_profile==="undefined";if(i)r?.debug?.(`    ${s} isCredentialSourceProfile credential_source=${e.credential_source}`);return i},v=async(e,s,r,i={})=>{r.logger?.debug("@aws-sdk/credential-provider-ini - resolveAssumeRoleCredentials (STS)");const t=s[e];if(!r.roleAssumer){const{getDefaultRoleAssumer:I}=await import("./chunk-f47acd04bf65c5c9.js");r.roleAssumer=I({...r.clientConfig,credentialProviderLogger:r.logger,parentClientConfig:r?.parentClientConfig},r.clientPlugins)}const{source_profile:n}=t;if(n&&n in i)throw new m.CredentialsProviderError("Detected a cycle attempting to resolve credentials for profile"+` ${l(r)}. Profiles visited: `+Object.keys(i).join(", "),{logger:r.logger});r.logger?.debug(`@aws-sdk/credential-provider-ini - finding credential resolver using ${n?`source_profile=[${n}]`:`profile=[${e}]`}`);const d=n?o(n,{...s,[n]:{...s[n],role_arn:t.role_arn??s[n].role_arn}},r,{...i,[n]:!0}):(await C(t.credential_source,e,r.logger)(r))(),u={RoleArn:t.role_arn,RoleSessionName:t.role_session_name||`aws-sdk-js-${Date.now()}`,ExternalId:t.external_id,DurationSeconds:parseInt(t.duration_seconds||"3600",10)},{mfa_serial:f}=t;if(f){if(!r.mfaCodeProvider)throw new m.CredentialsProviderError(`Profile ${e} requires multi-factor authentication, but no MFA code callback was provided.`,{logger:r.logger,tryNextLink:!1});u.SerialNumber=f,u.TokenCode=await r.mfaCodeProvider(f)}const D=await d;return r.roleAssumer(D,u)};var x=(e)=>Boolean(e)&&typeof e==="object"&&typeof e.credential_process==="string",b=async(e,s)=>import("./chunk-e1a9177afdc46b3b.js").then(({fromProcess:r})=>r({...e,profile:s})());var A=async(e,s={})=>{const{fromSSO:r}=await import("./chunk-e834f558250dac89.js");return r({profile:e,logger:s.logger})()},k=(e)=>e&&(typeof e.sso_start_url==="string"||typeof e.sso_account_id==="string"||typeof e.sso_session==="string"||typeof e.sso_region==="string"||typeof e.sso_role_name==="string");var w=(e)=>Boolean(e)&&typeof e==="object"&&typeof e.aws_access_key_id==="string"&&typeof e.aws_secret_access_key==="string"&&["undefined","string"].indexOf(typeof e.aws_session_token)>-1&&["undefined","string"].indexOf(typeof e.aws_account_id)>-1,y=(e,s)=>{return s?.logger?.debug("@aws-sdk/credential-provider-ini - resolveStaticCredentials"),Promise.resolve({accessKeyId:e.aws_access_key_id,secretAccessKey:e.aws_secret_access_key,sessionToken:e.aws_session_token,...e.aws_credential_scope&&{credentialScope:e.aws_credential_scope},...e.aws_account_id&&{accountId:e.aws_account_id}})};var S=(e)=>Boolean(e)&&typeof e==="object"&&typeof e.web_identity_token_file==="string"&&typeof e.role_arn==="string"&&["undefined","string"].indexOf(typeof e.role_session_name)>-1,$=async(e,s)=>import("./chunk-81fb135d80e84b06.js").then(({fromTokenFile:r})=>r({webIdentityTokenFile:e.web_identity_token_file,roleArn:e.role_arn,roleSessionName:e.role_session_name,roleAssumerWithWebIdentity:s.roleAssumerWithWebIdentity,logger:s.logger,parentClientConfig:s.parentClientConfig})());var o=async(e,s,r,i={})=>{const t=s[e];if(Object.keys(i).length>0&&w(t))return y(t,r);if(P(t,{profile:e,logger:r.logger}))return v(e,s,r,i);if(w(t))return y(t,r);if(S(t))return $(t,r);if(x(t))return b(r,e);if(k(t))return await A(e,r);throw new R.CredentialsProviderError(`Could not resolve credentials using profile: [${e}] in configuration/credentials file(s).`,{logger:r.logger})};var H=(e={})=>async()=>{e.logger?.debug("@aws-sdk/credential-provider-ini - fromIni");const s=await h(e);return o(l(e),s,e)};export{H as fromIni};

package/dist/chunk-f47acd04bf65c5c9.js

@@ -0,0 +1,2 @@
+// @bun
+import"./chunk-357d6f34be7eafaa.js";import{B as b} from"./chunk-24a86f8f5ddc0cbd.js";import"./chunk-ff8cd8fd047cfee5.js";import{$ as zl,O as E0,P as k0,Q as K0,R as F0,V as yh,W as dl,X as wl,Y as q0,Z as vl,_ as Ml,aa as y0,ba as Ol,ca as gl,da as xl,ea as il,fa as Q0,ga as X0,ia as F,ja as B,ka as Y0,la as cl,ma as el,na as Z0,oa as pl,pa as $0,qa as dh,ra as nl,sa as ol,ta as ul,ua as tl,va as m0,wa as J0} from"./chunk-02ba977a552fd2da.js";import{Ba as Wl,Ca as B0,Ga as Tl,Ha as Al,Ja as Rl,Ka as Ll,Na as _l,Oa as bl,Ua as K,Va as Ih,Wa as u0,_a as A0,ab as S,cb as u,fb as R0,hb as U0,ib as T,jb as L0,kb as fl,lb as Cl,mb as H0,nb as S0,ob as ch,xa as G0,ya as I0,za as T0} from"./chunk-1e6b656dc70ab1fd.js";import"./chunk-6a97611e6bd65152.js";import{ub as f,vb as jl} from"./chunk-c22e0fc22de0403a.js";import"./chunk-5ddf530ee3afe1d4.js";import{xb as Qh} from"./chunk-55c7fe17750b0378.js";import"./chunk-813a4c185ab4c0c0.js";var C=b(yh(),1);var Gl=b(dh(),1);var md=function(h){return{schemeId:"aws.auth#sigv4",signingProperties:{name:"sts",region:h.region},propertiesExtractor:(d,l)=>({signingProperties:{config:d,context:l}})}},ll=function(h){return{schemeId:"smithy.api#noAuth"}},Il=async(h,d,l)=>{return{operation:dl(d).operation,region:await wl(h.region)()||(()=>{throw new Error("expected `region` to be configured for `aws.auth#sigv4`")})()}},Hl=(h)=>{const d=[];switch(h.operation){case"AssumeRoleWithSAML":{d.push(ll(h));break}case"AssumeRoleWithWebIdentity":{d.push(ll(h));break}default:d.push(md(h))}return d},Jd=(h)=>({...h,stsClientCtor:A}),Sl=(h)=>{const d=Jd(h);return{...Gl.resolveAwsSdkSigV4Config(d)}};var ml=(h)=>{return{...h,useDualstackEndpoint:h.useDualstackEndpoint??!1,useFipsEndpoint:h.useFipsEndpoint??!1,useGlobalEndpoint:h.useGlobalEndpoint??!1,defaultSigningName:"sts"}},D={UseGlobalEndpoint:{type:"builtInParams",name:"useGlobalEndpoint"},UseFIPS:{type:"builtInParams",name:"useFipsEndpoint"},Endpoint:{type:"builtInParams",name:"endpoint"},Region:{type:"builtInParams",name:"region"},UseDualStack:{type:"builtInParams",name:"useDualstackEndpoint"}};var Jl={name:"@aws-sdk/client-sts",description:"AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native",version:"3.629.0",scripts:{build:"concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'","build:cjs":"node ../../scripts/compilation/inline client-sts","build:es":"tsc -p tsconfig.es.json","build:include:deps":"lerna run --scope $npm_package_name --include-dependencies build","build:types":"rimraf ./dist-types tsconfig.types.tsbuildinfo && tsc -p tsconfig.types.json","build:types:downlevel":"downlevel-dts dist-types dist-types/ts3.4",clean:"rimraf ./dist-* && rimraf *.tsbuildinfo","extract:docs":"api-extractor run --local","generate:client":"node ../../scripts/generate-clients/single-service --solo sts",test:"yarn test:unit","test:unit":"jest"},main:"./dist-cjs/index.js",types:"./dist-types/index.d.ts",module:"./dist-es/index.js",sideEffects:!1,dependencies:{"@aws-crypto/sha256-browser":"5.2.0","@aws-crypto/sha256-js":"5.2.0","@aws-sdk/client-sso-oidc":"3.629.0","@aws-sdk/core":"3.629.0","@aws-sdk/credential-provider-node":"3.629.0","@aws-sdk/middleware-host-header":"3.620.0","@aws-sdk/middleware-logger":"3.609.0","@aws-sdk/middleware-recursion-detection":"3.620.0","@aws-sdk/middleware-user-agent":"3.620.0","@aws-sdk/region-config-resolver":"3.614.0","@aws-sdk/types":"3.609.0","@aws-sdk/util-endpoints":"3.614.0","@aws-sdk/util-user-agent-browser":"3.609.0","@aws-sdk/util-user-agent-node":"3.614.0","@smithy/config-resolver":"^3.0.5","@smithy/core":"^2.3.2","@smithy/fetch-http-handler":"^3.2.4","@smithy/hash-node":"^3.0.3","@smithy/invalid-dependency":"^3.0.3","@smithy/middleware-content-length":"^3.0.5","@smithy/middleware-endpoint":"^3.1.0","@smithy/middleware-retry":"^3.0.14","@smithy/middleware-serde":"^3.0.3","@smithy/middleware-stack":"^3.0.3","@smithy/node-config-provider":"^3.1.4","@smithy/node-http-handler":"^3.1.4","@smithy/protocol-http":"^4.1.0","@smithy/smithy-client":"^3.1.12","@smithy/types":"^3.3.0","@smithy/url-parser":"^3.0.3","@smithy/util-base64":"^3.0.0","@smithy/util-body-length-browser":"^3.0.0","@smithy/util-body-length-node":"^3.0.0","@smithy/util-defaults-mode-browser":"^3.0.14","@smithy/util-defaults-mode-node":"^3.0.14","@smithy/util-endpoints":"^2.0.5","@smithy/util-middleware":"^3.0.3","@smithy/util-retry":"^3.0.3","@smithy/util-utf8":"^3.0.0",tslib:"^2.6.2"},devDependencies:{"@tsconfig/node16":"16.1.3","@types/node":"^16.18.96",concurrently:"7.0.0","downlevel-dts":"0.10.1",rimraf:"3.0.2",typescript:"~4.9.5"},engines:{node:">=16.0.0"},typesVersions:{"<4.0":{"dist-types/*":["dist-types/ts3.4/*"]}},files:["dist-*/**"],author:{name:"AWS SDK for JavaScript Team",url:"https://aws.amazon.com/javascript/"},license:"Apache-2.0",browser:{"./dist-es/runtimeConfig":"./dist-es/runtimeConfig.browser"},"react-native":{"./dist-es/runtimeConfig":"./dist-es/runtimeConfig.native"},homepage:"https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts",repository:{type:"git",url:"https://github.com/aws/aws-sdk-js-v3.git",directory:"clients/client-sts"}};var wh=b(dh(),1);var h0=b(yh(),1);var al=b(dh(),1),rl=b(yh(),1);var Dl={["required"]:!1,["type"]:"String"},qh={["required"]:!0,default:!1,["type"]:"Boolean"},Xl={["ref"]:"Endpoint"},El={["fn"]:"isSet",["argv"]:[{["ref"]:"Region"}]},J={["ref"]:"Region"},kl={["fn"]:"aws.partition",["argv"]:[J],assign:"PartitionResult"},Yl={["ref"]:"UseFIPS"},Zl={["ref"]:"UseDualStack"},E={url:"https://sts.amazonaws.com",properties:{authSchemes:[{name:"sigv4",signingName:"sts",signingRegion:"us-east-1"}]},headers:{}},X={},Kl={conditions:[{["fn"]:"stringEquals",["argv"]:[J,"aws-global"]}],["endpoint"]:E,["type"]:"endpoint"},$l={["fn"]:"booleanEquals",["argv"]:[Yl,!0]},Ul={["fn"]:"booleanEquals",["argv"]:[Zl,!0]},Fl={["fn"]:"getAttr",["argv"]:[{["ref"]:"PartitionResult"},"supportsFIPS"]},Vl={["ref"]:"PartitionResult"},Bl={["fn"]:"booleanEquals",["argv"]:[!0,{["fn"]:"getAttr",["argv"]:[Vl,"supportsDualStack"]}]},ql=[{["fn"]:"isSet",["argv"]:[Xl]}],yl=[$l],Ql=[Ul],Ed={version:"1.0",parameters:{Region:Dl,UseDualStack:qh,UseFIPS:qh,Endpoint:Dl,UseGlobalEndpoint:qh},rules:[{conditions:[{["fn"]:"booleanEquals",["argv"]:[{["ref"]:"UseGlobalEndpoint"},!0]},{["fn"]:"not",["argv"]:ql},El,kl,{["fn"]:"booleanEquals",["argv"]:[Yl,!1]},{["fn"]:"booleanEquals",["argv"]:[Zl,!1]}],rules:[{conditions:[{["fn"]:"stringEquals",["argv"]:[J,"ap-northeast-1"]}],endpoint:E,["type"]:"endpoint"},{conditions:[{["fn"]:"stringEquals",["argv"]:[J,"ap-south-1"]}],endpoint:E,["type"]:"endpoint"},{conditions:[{["fn"]:"stringEquals",["argv"]:[J,"ap-southeast-1"]}],endpoint:E,["type"]:"endpoint"},{conditions:[{["fn"]:"stringEquals",["argv"]:[J,"ap-southeast-2"]}],endpoint:E,["type"]:"endpoint"},Kl,{conditions:[{["fn"]:"stringEquals",["argv"]:[J,"ca-central-1"]}],endpoint:E,["type"]:"endpoint"},{conditions:[{["fn"]:"stringEquals",["argv"]:[J,"eu-central-1"]}],endpoint:E,["type"]:"endpoint"},{conditions:[{["fn"]:"stringEquals",["argv"]:[J,"eu-north-1"]}],endpoint:E,["type"]:"endpoint"},{conditions:[{["fn"]:"stringEquals",["argv"]:[J,"eu-west-1"]}],endpoint:E,["type"]:"endpoint"},{conditions:[{["fn"]:"stringEquals",["argv"]:[J,"eu-west-2"]}],endpoint:E,["type"]:"endpoint"},{conditions:[{["fn"]:"stringEquals",["argv"]:[J,"eu-west-3"]}],endpoint:E,["type"]:"endpoint"},{conditions:[{["fn"]:"stringEquals",["argv"]:[J,"sa-east-1"]}],endpoint:E,["type"]:"endpoint"},{conditions:[{["fn"]:"stringEquals",["argv"]:[J,"us-east-1"]}],endpoint:E,["type"]:"endpoint"},{conditions:[{["fn"]:"stringEquals",["argv"]:[J,"us-east-2"]}],endpoint:E,["type"]:"endpoint"},{conditions:[{["fn"]:"stringEquals",["argv"]:[J,"us-west-1"]}],endpoint:E,["type"]:"endpoint"},{conditions:[{["fn"]:"stringEquals",["argv"]:[J,"us-west-2"]}],endpoint:E,["type"]:"endpoint"},{endpoint:{url:"https://sts.{Region}.{PartitionResult#dnsSuffix}",properties:{authSchemes:[{name:"sigv4",signingName:"sts",signingRegion:"{Region}"}]},headers:X},["type"]:"endpoint"}],["type"]:"tree"},{conditions:ql,rules:[{conditions:yl,error:"Invalid Configuration: FIPS and custom endpoint are not supported",["type"]:"error"},{conditions:Ql,error:"Invalid Configuration: Dualstack and custom endpoint are not supported",["type"]:"error"},{endpoint:{url:Xl,properties:X,headers:X},["type"]:"endpoint"}],["type"]:"tree"},{conditions:[El],rules:[{conditions:[kl],rules:[{conditions:[$l,Ul],rules:[{conditions:[{["fn"]:"booleanEquals",["argv"]:[!0,Fl]},Bl],rules:[{endpoint:{url:"https://sts-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:X,headers:X},["type"]:"endpoint"}],["type"]:"tree"},{error:"FIPS and DualStack are enabled, but this partition does not support one or both",["type"]:"error"}],["type"]:"tree"},{conditions:yl,rules:[{conditions:[{["fn"]:"booleanEquals",["argv"]:[Fl,!0]}],rules:[{conditions:[{["fn"]:"stringEquals",["argv"]:[{["fn"]:"getAttr",["argv"]:[Vl,"name"]},"aws-us-gov"]}],endpoint:{url:"https://sts.{Region}.amazonaws.com",properties:X,headers:X},["type"]:"endpoint"},{endpoint:{url:"https://sts-fips.{Region}.{PartitionResult#dnsSuffix}",properties:X,headers:X},["type"]:"endpoint"}],["type"]:"tree"},{error:"FIPS is enabled but this partition does not support FIPS",["type"]:"error"}],["type"]:"tree"},{conditions:Ql,rules:[{conditions:[Bl],rules:[{endpoint:{url:"https://sts.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:X,headers:X},["type"]:"endpoint"}],["type"]:"tree"},{error:"DualStack is enabled but this partition does not support DualStack",["type"]:"error"}],["type"]:"tree"},Kl,{endpoint:{url:"https://sts.{Region}.{PartitionResult#dnsSuffix}",properties:X,headers:X},["type"]:"endpoint"}],["type"]:"tree"}],["type"]:"tree"},{error:"Invalid Configuration: Missing Region",["type"]:"error"}]},Pl=Ed;var Nl=(h,d={})=>{return Ml(Pl,{endpointParams:h,logger:d.logger})};vl.aws=zl;var sl=(h)=>{return{apiVersion:"2011-06-15",base64Decoder:h?.base64Decoder??Tl,base64Encoder:h?.base64Encoder??Ll,disableHostPrefix:h?.disableHostPrefix??!1,endpointProvider:h?.endpointProvider??Nl,extensions:h?.extensions??[],httpAuthSchemeProvider:h?.httpAuthSchemeProvider??Hl,httpAuthSchemes:h?.httpAuthSchemes??[{schemeId:"aws.auth#sigv4",identityProvider:(d)=>d.getIdentityProvider("aws.auth#sigv4"),signer:new al.AwsSdkSigV4Signer},{schemeId:"smithy.api#noAuth",identityProvider:(d)=>d.getIdentityProvider("smithy.api#noAuth")||(async()=>({})),signer:new rl.NoAuthSigner}],logger:h?.logger??new Wl,serviceId:h?.serviceId??"STS",urlParser:h?.urlParser??jl,utf8Decoder:h?.utf8Decoder??Al,utf8Encoder:h?.utf8Encoder??Rl}};var l0=(h)=>{Cl(process.version);const d=tl(h),l=()=>d().then(fl),w=sl(h);return wh.emitWarningIfUnsupportedVersion(process.version),{...w,...h,runtime:"node",defaultsMode:d,bodyLengthChecker:h?.bodyLengthChecker??ul,credentialDefaultProvider:h?.credentialDefaultProvider??Qh,defaultUserAgentProvider:h?.defaultUserAgentProvider??nl({serviceId:w.serviceId,clientVersion:Jl.version}),httpAuthSchemes:h?.httpAuthSchemes??[{schemeId:"aws.auth#sigv4",identityProvider:(G)=>G.getIdentityProvider("aws.auth#sigv4")||(async(H)=>await Qh(H?.__config||{})()),signer:new wh.AwsSdkSigV4Signer},{schemeId:"smithy.api#noAuth",identityProvider:(G)=>G.getIdentityProvider("smithy.api#noAuth")||(async()=>({})),signer:new h0.NoAuthSigner}],maxAttempts:h?.maxAttempts??f(el),region:h?.region??f(xl,il),requestHandler:_l.create(h?.requestHandler??l),retryMode:h?.retryMode??f({...pl,default:async()=>(await l()).retryMode||cl}),sha256:h?.sha256??ol.bind(null,"sha256"),streamCollector:h?.streamCollector??bl,useDualstackEndpoint:h?.useDualstackEndpoint??f(Ol),useFipsEndpoint:h?.useFipsEndpoint??f(gl)}};var d0=(h)=>{const d=h.httpAuthSchemes;let{httpAuthSchemeProvider:l,credentials:w}=h;return{setHttpAuthScheme(G){const H=d.findIndex((I)=>I.schemeId===G.schemeId);if(H===-1)d.push(G);else d.splice(H,1,G)},httpAuthSchemes(){return d},setHttpAuthSchemeProvider(G){l=G},httpAuthSchemeProvider(){return l},setCredentials(G){w=G},credentials(){return w}}},w0=(h)=>{return{httpAuthSchemes:h.httpAuthSchemes(),httpAuthSchemeProvider:h.httpAuthSchemeProvider(),credentials:h.credentials()}};var Gh=(h)=>h,D0=(h,d)=>{const l={...Gh(m0(h)),...Gh(H0(h)),...Gh(G0(h)),...Gh(d0(h))};return d.forEach((w)=>w.configure(l)),{...h,...J0(l),...S0(l),...I0(l),...w0(l)}};class A extends B0{constructor(...[h]){const d=l0(h||{}),l=ml(d),w=q0(l),G=Z0(w),H=Q0(G),I=E0(H),Q=Y0(I),v=Sl(Q),M=D0(v,h?.extensions||[]);super(M);this.config=M,this.middlewareStack.use(y0(this.config)),this.middlewareStack.use($0(this.config)),this.middlewareStack.use(X0(this.config)),this.middlewareStack.use(k0(this.config)),this.middlewareStack.use(K0(this.config)),this.middlewareStack.use(F0(this.config)),this.middlewareStack.use(C.getHttpAuthSchemeEndpointRuleSetPlugin(this.config,{httpAuthSchemeParametersProvider:Il,identityProviderConfigProvider:async(n)=>new C.DefaultIdentityProviderConfig({"aws.auth#sigv4":n.credentials})})),this.middlewareStack.use(C.getHttpSigningPlugin(this.config))}destroy(){super.destroy()}}class Y extends U0{constructor(h){super(h);Object.setPrototypeOf(this,Y.prototype)}}class Hh extends Y{constructor(h){super({name:"ExpiredTokenException",$fault:"client",...h});this.name="ExpiredTokenException",this.$fault="client",Object.setPrototypeOf(this,Hh.prototype)}}class Sh extends Y{constructor(h){super({name:"MalformedPolicyDocumentException",$fault:"client",...h});this.name="MalformedPolicyDocumentException",this.$fault="client",Object.setPrototypeOf(this,Sh.prototype)}}class mh extends Y{constructor(h){super({name:"PackedPolicyTooLargeException",$fault:"client",...h});this.name="PackedPolicyTooLargeException",this.$fault="client",Object.setPrototypeOf(this,mh.prototype)}}class Jh extends Y{constructor(h){super({name:"RegionDisabledException",$fault:"client",...h});this.name="RegionDisabledException",this.$fault="client",Object.setPrototypeOf(this,Jh.prototype)}}class Dh extends Y{constructor(h){super({name:"IDPRejectedClaimException",$fault:"client",...h});this.name="IDPRejectedClaimException",this.$fault="client",Object.setPrototypeOf(this,Dh.prototype)}}class Eh extends Y{constructor(h){super({name:"InvalidIdentityTokenException",$fault:"client",...h});this.name="InvalidIdentityTokenException",this.$fault="client",Object.setPrototypeOf(this,Eh.prototype)}}class kh extends Y{constructor(h){super({name:"IDPCommunicationErrorException",$fault:"client",...h});this.name="IDPCommunicationErrorException",this.$fault="client",Object.setPrototypeOf(this,kh.prototype)}}class Kh extends Y{constructor(h){super({name:"InvalidAuthorizationMessageException",$fault:"client",...h});this.name="InvalidAuthorizationMessageException",this.$fault="client",Object.setPrototypeOf(this,Kh.prototype)}}var o=(h)=>({...h,...h.SecretAccessKey&&{SecretAccessKey:Ih}}),V0=(h)=>({...h,...h.Credentials&&{Credentials:o(h.Credentials)}}),P0=(h)=>({...h,...h.SAMLAssertion&&{SAMLAssertion:Ih}}),v0=(h)=>({...h,...h.Credentials&&{Credentials:o(h.Credentials)}}),M0=(h)=>({...h,...h.WebIdentityToken&&{WebIdentityToken:Ih}}),z0=(h)=>({...h,...h.Credentials&&{Credentials:o(h.Credentials)}}),N0=(h)=>({...h,...h.Credentials&&{Credentials:o(h.Credentials)}}),W0=(h)=>({...h,...h.Credentials&&{Credentials:o(h.Credentials)}});var P=b(dh(),1);var j0=async(h,d)=>{const l=j;let w;return w=_({...Yd(h,d),[r]:od,[s]:a}),L(d,l,"/",void 0,w)},a0=async(h,d)=>{const l=j;let w;return w=_({...Zd(h,d),[r]:ud,[s]:a}),L(d,l,"/",void 0,w)},r0=async(h,d)=>{const l=j;let w;return w=_({...$d(h,d),[r]:td,[s]:a}),L(d,l,"/",void 0,w)},s0=async(h,d)=>{const l=j;let w;return w=_({...Ud(h,d),[r]:hw,[s]:a}),L(d,l,"/",void 0,w)},_0=async(h,d)=>{const l=j;let w;return w=_({...Vd(h,d),[r]:lw,[s]:a}),L(d,l,"/",void 0,w)},b0=async(h,d)=>{const l=j;let w;return w=_({...Pd(h,d),[r]:dw,[s]:a}),L(d,l,"/",void 0,w)},f0=async(h,d)=>{const l=j;let w;return w=_({...vd(h,d),[r]:ww,[s]:a}),L(d,l,"/",void 0,w)},C0=async(h,d)=>{const l=j;let w;return w=_({...Md(h,d),[r]:Gw,[s]:a}),L(d,l,"/",void 0,w)},O0=async(h,d)=>{if(h.statusCode>=300)return R(h,d);const l=await P.parseXmlBody(h.body,d);let w={};return w=Rd(l.AssumeRoleResult,d),{$metadata:k(h),...w}},g0=async(h,d)=>{if(h.statusCode>=300)return R(h,d);const l=await P.parseXmlBody(h.body,d);let w={};return w=Ld(l.AssumeRoleWithSAMLResult,d),{$metadata:k(h),...w}},x0=async(h,d)=>{if(h.statusCode>=300)return R(h,d);const l=await P.parseXmlBody(h.body,d);let w={};return w=jd(l.AssumeRoleWithWebIdentityResult,d),{$metadata:k(h),...w}},i0=async(h,d)=>{if(h.statusCode>=300)return R(h,d);const l=await P.parseXmlBody(h.body,d);let w={};return w=ad(l.DecodeAuthorizationMessageResult,d),{$metadata:k(h),...w}},c0=async(h,d)=>{if(h.statusCode>=300)return R(h,d);const l=await P.parseXmlBody(h.body,d);let w={};return w=_d(l.GetAccessKeyInfoResult,d),{$metadata:k(h),...w}},e0=async(h,d)=>{if(h.statusCode>=300)return R(h,d);const l=await P.parseXmlBody(h.body,d);let w={};return w=bd(l.GetCallerIdentityResult,d),{$metadata:k(h),...w}},p0=async(h,d)=>{if(h.statusCode>=300)return R(h,d);const l=await P.parseXmlBody(h.body,d);let w={};return w=fd(l.GetFederationTokenResult,d),{$metadata:k(h),...w}},n0=async(h,d)=>{if(h.statusCode>=300)return R(h,d);const l=await P.parseXmlBody(h.body,d);let w={};return w=Cd(l.GetSessionTokenResult,d),{$metadata:k(h),...w}},R=async(h,d)=>{const l={...h,body:await P.parseXmlErrorBody(h.body,d)},w=Iw(h,l.body);switch(w){case"ExpiredTokenException":case"com.amazonaws.sts#ExpiredTokenException":throw await kd(l,d);case"MalformedPolicyDocument":case"com.amazonaws.sts#MalformedPolicyDocumentException":throw await yd(l,d);case"PackedPolicyTooLarge":case"com.amazonaws.sts#PackedPolicyTooLargeException":throw await Qd(l,d);case"RegionDisabledException":case"com.amazonaws.sts#RegionDisabledException":throw await Xd(l,d);case"IDPRejectedClaim":case"com.amazonaws.sts#IDPRejectedClaimException":throw await Fd(l,d);case"InvalidIdentityToken":case"com.amazonaws.sts#InvalidIdentityTokenException":throw await qd(l,d);case"IDPCommunicationError":case"com.amazonaws.sts#IDPCommunicationErrorException":throw await Kd(l,d);case"InvalidAuthorizationMessageException":case"com.amazonaws.sts#InvalidAuthorizationMessageException":throw await Bd(l,d);default:const G=l.body;return nd({output:h,parsedBody:G.Error,errorCode:w})}},kd=async(h,d)=>{const l=h.body,w=rd(l.Error,d),G=new Hh({$metadata:k(h),...w});return T(G,l)},Kd=async(h,d)=>{const l=h.body,w=Od(l.Error,d),G=new kh({$metadata:k(h),...w});return T(G,l)},Fd=async(h,d)=>{const l=h.body,w=gd(l.Error,d),G=new Dh({$metadata:k(h),...w});return T(G,l)},Bd=async(h,d)=>{const l=h.body,w=xd(l.Error,d),G=new Kh({$metadata:k(h),...w});return T(G,l)},qd=async(h,d)=>{const l=h.body,w=id(l.Error,d),G=new Eh({$metadata:k(h),...w});return T(G,l)},yd=async(h,d)=>{const l=h.body,w=cd(l.Error,d),G=new Sh({$metadata:k(h),...w});return T(G,l)},Qd=async(h,d)=>{const l=h.body,w=ed(l.Error,d),G=new mh({$metadata:k(h),...w});return T(G,l)},Xd=async(h,d)=>{const l=h.body,w=pd(l.Error,d),G=new Jh({$metadata:k(h),...w});return T(G,l)},Yd=(h,d)=>{const l={};if(h[W]!=null)l[W]=h[W];if(h[i]!=null)l[i]=h[i];if(h[$]!=null){const w=Fh(h[$],d);if(h[$]?.length===0)l.PolicyArns=[];Object.entries(w).forEach(([G,H])=>{const I=`PolicyArns.${G}`;l[I]=H})}if(h[Z]!=null)l[Z]=h[Z];if(h[y]!=null)l[y]=h[y];if(h[e]!=null){const w=o0(h[e],d);if(h[e]?.length===0)l.Tags=[];Object.entries(w).forEach(([G,H])=>{const I=`Tags.${G}`;l[I]=H})}if(h[Ch]!=null){const w=Ad(h[Ch],d);if(h[Ch]?.length===0)l.TransitiveTagKeys=[];Object.entries(w).forEach(([G,H])=>{const I=`TransitiveTagKeys.${G}`;l[I]=H})}if(h[Uh]!=null)l[Uh]=h[Uh];if(h[c]!=null)l[c]=h[c];if(h[p]!=null)l[p]=h[p];if(h[V]!=null)l[V]=h[V];if(h[Rh]!=null){const w=Wd(h[Rh],d);if(h[Rh]?.length===0)l.ProvidedContexts=[];Object.entries(w).forEach(([G,H])=>{const I=`ProvidedContexts.${G}`;l[I]=H})}return l},Zd=(h,d)=>{const l={};if(h[W]!=null)l[W]=h[W];if(h[Th]!=null)l[Th]=h[Th];if(h[sh]!=null)l[sh]=h[sh];if(h[$]!=null){const w=Fh(h[$],d);if(h[$]?.length===0)l.PolicyArns=[];Object.entries(w).forEach(([G,H])=>{const I=`PolicyArns.${G}`;l[I]=H})}if(h[Z]!=null)l[Z]=h[Z];if(h[y]!=null)l[y]=h[y];return l},$d=(h,d)=>{const l={};if(h[W]!=null)l[W]=h[W];if(h[i]!=null)l[i]=h[i];if(h[xh]!=null)l[xh]=h[xh];if(h[Lh]!=null)l[Lh]=h[Lh];if(h[$]!=null){const w=Fh(h[$],d);if(h[$]?.length===0)l.PolicyArns=[];Object.entries(w).forEach(([G,H])=>{const I=`PolicyArns.${G}`;l[I]=H})}if(h[Z]!=null)l[Z]=h[Z];if(h[y]!=null)l[y]=h[y];return l},Ud=(h,d)=>{const l={};if(h[Vh]!=null)l[Vh]=h[Vh];return l},Vd=(h,d)=>{const l={};if(h[O]!=null)l[O]=h[O];return l},Pd=(h,d)=>{return{}},vd=(h,d)=>{const l={};if(h[Nh]!=null)l[Nh]=h[Nh];if(h[Z]!=null)l[Z]=h[Z];if(h[$]!=null){const w=Fh(h[$],d);if(h[$]?.length===0)l.PolicyArns=[];Object.entries(w).forEach(([G,H])=>{const I=`PolicyArns.${G}`;l[I]=H})}if(h[y]!=null)l[y]=h[y];if(h[e]!=null){const w=o0(h[e],d);if(h[e]?.length===0)l.Tags=[];Object.entries(w).forEach(([G,H])=>{const I=`Tags.${G}`;l[I]=H})}return l},Md=(h,d)=>{const l={};if(h[y]!=null)l[y]=h[y];if(h[c]!=null)l[c]=h[c];if(h[p]!=null)l[p]=h[p];return l},Fh=(h,d)=>{const l={};let w=1;for(let G of h){if(G===null)continue;const H=zd(G,d);Object.entries(H).forEach(([I,Q])=>{l[`member.${w}.${I}`]=Q}),w++}return l},zd=(h,d)=>{const l={};if(h[ih]!=null)l[ih]=h[ih];return l},Nd=(h,d)=>{const l={};if(h[Ah]!=null)l[Ah]=h[Ah];if(h[Yh]!=null)l[Yh]=h[Yh];return l},Wd=(h,d)=>{const l={};let w=1;for(let G of h){if(G===null)continue;const H=Nd(G,d);Object.entries(H).forEach(([I,Q])=>{l[`member.${w}.${I}`]=Q}),w++}return l},Td=(h,d)=>{const l={};if(h[zh]!=null)l[zh]=h[zh];if(h[gh]!=null)l[gh]=h[gh];return l},Ad=(h,d)=>{const l={};let w=1;for(let G of h){if(G===null)continue;l[`member.${w}`]=G,w++}return l},o0=(h,d)=>{const l={};let w=1;for(let G of h){if(G===null)continue;const H=Td(G,d);Object.entries(H).forEach(([I,Q])=>{l[`member.${w}.${I}`]=Q}),w++}return l},eh=(h,d)=>{const l={};if(h[Xh]!=null)l[Xh]=S(h[Xh]);if(h[N]!=null)l[N]=S(h[N]);return l},Rd=(h,d)=>{const l={};if(h[q]!=null)l[q]=t(h[q],d);if(h[z]!=null)l[z]=eh(h[z],d);if(h[U]!=null)l[U]=u(h[U]);if(h[V]!=null)l[V]=S(h[V]);return l},Ld=(h,d)=>{const l={};if(h[q]!=null)l[q]=t(h[q],d);if(h[z]!=null)l[z]=eh(h[z],d);if(h[U]!=null)l[U]=u(h[U]);if(h[ah]!=null)l[ah]=S(h[ah]);if(h[bh]!=null)l[bh]=S(h[bh]);if(h[Mh]!=null)l[Mh]=S(h[Mh]);if(h[x]!=null)l[x]=S(h[x]);if(h[Wh]!=null)l[Wh]=S(h[Wh]);if(h[V]!=null)l[V]=S(h[V]);return l},jd=(h,d)=>{const l={};if(h[q]!=null)l[q]=t(h[q],d);if(h[_h]!=null)l[_h]=S(h[_h]);if(h[z]!=null)l[z]=eh(h[z],d);if(h[U]!=null)l[U]=u(h[U]);if(h[jh]!=null)l[jh]=S(h[jh]);if(h[x]!=null)l[x]=S(h[x]);if(h[V]!=null)l[V]=S(h[V]);return l},t=(h,d)=>{const l={};if(h[O]!=null)l[O]=S(h[O]);if(h[rh]!=null)l[rh]=S(h[rh]);if(h[fh]!=null)l[fh]=S(h[fh]);if(h[$h]!=null)l[$h]=A0(R0(h[$h]));return l},ad=(h,d)=>{const l={};if(h[Zh]!=null)l[Zh]=S(h[Zh]);return l},rd=(h,d)=>{const l={};if(h[m]!=null)l[m]=S(h[m]);return l},sd=(h,d)=>{const l={};if(h[vh]!=null)l[vh]=S(h[vh]);if(h[N]!=null)l[N]=S(h[N]);return l},_d=(h,d)=>{const l={};if(h[g]!=null)l[g]=S(h[g]);return l},bd=(h,d)=>{const l={};if(h[Oh]!=null)l[Oh]=S(h[Oh]);if(h[g]!=null)l[g]=S(h[g]);if(h[N]!=null)l[N]=S(h[N]);return l},fd=(h,d)=>{const l={};if(h[q]!=null)l[q]=t(h[q],d);if(h[Ph]!=null)l[Ph]=sd(h[Ph],d);if(h[U]!=null)l[U]=u(h[U]);return l},Cd=(h,d)=>{const l={};if(h[q]!=null)l[q]=t(h[q],d);return l},Od=(h,d)=>{const l={};if(h[m]!=null)l[m]=S(h[m]);return l},gd=(h,d)=>{const l={};if(h[m]!=null)l[m]=S(h[m]);return l},xd=(h,d)=>{const l={};if(h[m]!=null)l[m]=S(h[m]);return l},id=(h,d)=>{const l={};if(h[m]!=null)l[m]=S(h[m]);return l},cd=(h,d)=>{const l={};if(h[m]!=null)l[m]=S(h[m]);return l},ed=(h,d)=>{const l={};if(h[m]!=null)l[m]=S(h[m]);return l},pd=(h,d)=>{const l={};if(h[m]!=null)l[m]=S(h[m]);return l},k=(h)=>({httpStatusCode:h.statusCode,requestId:h.headers["x-amzn-requestid"]??h.headers["x-amzn-request-id"]??h.headers["x-amz-request-id"],extendedRequestId:h.headers["x-amz-id-2"],cfId:h.headers["x-amz-cf-id"]});var nd=L0(Y),L=async(h,d,l,w,G)=>{const{hostname:H,protocol:I="https",port:Q,path:v}=await h.endpoint(),M={protocol:I,hostname:H,port:Q,method:"POST",path:v.endsWith("/")?v.slice(0,-1)+l:v+l,headers:d};if(w!==void 0)M.hostname=w;if(G!==void 0)M.body=G;return new T0(M)},j={"content-type":"application/x-www-form-urlencoded"},a="2011-06-15",r="Action",O="AccessKeyId",od="AssumeRole",Xh="AssumedRoleId",z="AssumedRoleUser",ud="AssumeRoleWithSAML",td="AssumeRoleWithWebIdentity",g="Account",N="Arn",x="Audience",q="Credentials",Yh="ContextAssertion",hw="DecodeAuthorizationMessage",Zh="DecodedMessage",y="DurationSeconds",$h="Expiration",Uh="ExternalId",Vh="EncodedMessage",Ph="FederatedUser",vh="FederatedUserId",lw="GetAccessKeyInfo",dw="GetCallerIdentity",ww="GetFederationToken",Gw="GetSessionToken",Mh="Issuer",zh="Key",Nh="Name",Wh="NameQualifier",Z="Policy",$="PolicyArns",Th="PrincipalArn",Ah="ProviderArn",Rh="ProvidedContexts",Lh="ProviderId",U="PackedPolicySize",jh="Provider",W="RoleArn",i="RoleSessionName",ah="Subject",rh="SecretAccessKey",sh="SAMLAssertion",_h="SubjectFromWebIdentityToken",V="SourceIdentity",c="SerialNumber",bh="SubjectType",fh="SessionToken",e="Tags",p="TokenCode",Ch="TransitiveTagKeys",Oh="UserId",s="Version",gh="Value",xh="WebIdentityToken",ih="arn",m="message",_=(h)=>Object.entries(h).map(([d,l])=>ch(d)+"="+ch(l)).join("&"),Iw=(h,d)=>{if(d.Error?.Code!==void 0)return d.Error.Code;if(h.statusCode==404)return"NotFound"};class hh extends K.classBuilder().ep({...D}).m(function(h,d,l,w){return[F(l,this.serialize,this.deserialize),B(l,h.getEndpointParameterInstructions())]}).s("AWSSecurityTokenServiceV20110615","AssumeRole",{}).n("STSClient","AssumeRoleCommand").f(void 0,V0).ser(j0).de(O0).build(){}class ph extends K.classBuilder().ep({...D}).m(function(h,d,l,w){return[F(l,this.serialize,this.deserialize),B(l,h.getEndpointParameterInstructions())]}).s("AWSSecurityTokenServiceV20110615","AssumeRoleWithSAML",{}).n("STSClient","AssumeRoleWithSAMLCommand").f(P0,v0).ser(a0).de(g0).build(){}class lh extends K.classBuilder().ep({...D}).m(function(h,d,l,w){return[F(l,this.serialize,this.deserialize),B(l,h.getEndpointParameterInstructions())]}).s("AWSSecurityTokenServiceV20110615","AssumeRoleWithWebIdentity",{}).n("STSClient","AssumeRoleWithWebIdentityCommand").f(M0,z0).ser(r0).de(x0).build(){}class nh extends K.classBuilder().ep({...D}).m(function(h,d,l,w){return[F(l,this.serialize,this.deserialize),B(l,h.getEndpointParameterInstructions())]}).s("AWSSecurityTokenServiceV20110615","DecodeAuthorizationMessage",{}).n("STSClient","DecodeAuthorizationMessageCommand").f(void 0,void 0).ser(s0).de(i0).build(){}class oh extends K.classBuilder().ep({...D}).m(function(h,d,l,w){return[F(l,this.serialize,this.deserialize),B(l,h.getEndpointParameterInstructions())]}).s("AWSSecurityTokenServiceV20110615","GetAccessKeyInfo",{}).n("STSClient","GetAccessKeyInfoCommand").f(void 0,void 0).ser(_0).de(c0).build(){}class uh extends K.classBuilder().ep({...D}).m(function(h,d,l,w){return[F(l,this.serialize,this.deserialize),B(l,h.getEndpointParameterInstructions())]}).s("AWSSecurityTokenServiceV20110615","GetCallerIdentity",{}).n("STSClient","GetCallerIdentityCommand").f(void 0,void 0).ser(b0).de(e0).build(){}class th extends K.classBuilder().ep({...D}).m(function(h,d,l,w){return[F(l,this.serialize,this.deserialize),B(l,h.getEndpointParameterInstructions())]}).s("AWSSecurityTokenServiceV20110615","GetFederationToken",{}).n("STSClient","GetFederationTokenCommand").f(void 0,N0).ser(f0).de(p0).build(){}class hl extends K.classBuilder().ep({...D}).m(function(h,d,l,w){return[F(l,this.serialize,this.deserialize),B(l,h.getEndpointParameterInstructions())]}).s("AWSSecurityTokenServiceV20110615","GetSessionToken",{}).n("STSClient","GetSessionTokenCommand").f(void 0,W0).ser(C0).de(n0).build(){}var Hw={AssumeRoleCommand:hh,AssumeRoleWithSAMLCommand:ph,AssumeRoleWithWebIdentityCommand:lh,DecodeAuthorizationMessageCommand:nh,GetAccessKeyInfoCommand:oh,GetCallerIdentityCommand:uh,GetFederationTokenCommand:th,GetSessionTokenCommand:hl};class t0 extends A{}u0(Hw,t0);var hd="us-east-1",ld=(h)=>{if(typeof h?.Arn==="string"){const d=h.Arn.split(":");if(d.length>4&&d[4]!=="")return d[4]}return},dd=async(h,d,l)=>{const w=typeof h==="function"?await h():h,G=typeof d==="function"?await d():d;return l?.debug?.("@aws-sdk/client-sts::resolveRegion","accepting first of:",`${w} (provider)`,`${G} (parent client)`,`${hd} (STS default)`),w??G??hd},wd=(h,d)=>{let l,w;return async(G,H)=>{if(w=G,!l){const{logger:M=h?.parentClientConfig?.logger,region:n,requestHandler:Bh=h?.parentClientConfig?.requestHandler,credentialProviderLogger:Hd}=h,Sd=await dd(n,h?.parentClientConfig?.region,Hd);l=new d({credentialDefaultProvider:()=>async()=>w,region:Sd,requestHandler:Bh,logger:M})}const{Credentials:I,AssumedRoleUser:Q}=await l.send(new hh(H));if(!I||!I.AccessKeyId||!I.SecretAccessKey)throw new Error(`Invalid response from STS.assumeRole call with role ${H.RoleArn}`);const v=ld(Q);return{accessKeyId:I.AccessKeyId,secretAccessKey:I.SecretAccessKey,sessionToken:I.SessionToken,expiration:I.Expiration,...I.CredentialScope&&{credentialScope:I.CredentialScope},...v&&{accountId:v}}}},Gd=(h,d)=>{let l;return async(w)=>{if(!l){const{logger:Q=h?.parentClientConfig?.logger,region:v,requestHandler:M=h?.parentClientConfig?.requestHandler,credentialProviderLogger:n}=h,Bh=await dd(v,h?.parentClientConfig?.region,n);l=new d({region:Bh,requestHandler:M,logger:Q})}const{Credentials:G,AssumedRoleUser:H}=await l.send(new lh(w));if(!G||!G.AccessKeyId||!G.SecretAccessKey)throw new Error(`Invalid response from STS.assumeRoleWithWebIdentity call with role ${w.RoleArn}`);const I=ld(H);return{accessKeyId:G.AccessKeyId,secretAccessKey:G.SecretAccessKey,sessionToken:G.SessionToken,expiration:G.Expiration,...G.CredentialScope&&{credentialScope:G.CredentialScope},...I&&{accountId:I}}}};var Id=(h,d)=>{if(!d)return h;else return class l extends h{constructor(w){super(w);for(let G of d)this.middlewareStack.use(G)}}},Sw=(h={},d)=>wd(h,Id(A,d)),mw=(h={},d)=>Gd(h,Id(A,d)),RG=(h)=>(d)=>h({roleAssumer:Sw(d),roleAssumerWithWebIdentity:mw(d),...d});export{mw as getDefaultRoleAssumerWithWebIdentity,Sw as getDefaultRoleAssumer,RG as decorateDefaultCredentialProvider,B0 as __Client,Y as STSServiceException,A as STSClient,t0 as STS,Jh as RegionDisabledException,mh as PackedPolicyTooLargeException,Sh as MalformedPolicyDocumentException,Eh as InvalidIdentityTokenException,Kh as InvalidAuthorizationMessageException,Dh as IDPRejectedClaimException,kh as IDPCommunicationErrorException,W0 as GetSessionTokenResponseFilterSensitiveLog,hl as GetSessionTokenCommand,N0 as GetFederationTokenResponseFilterSensitiveLog,th as GetFederationTokenCommand,uh as GetCallerIdentityCommand,oh as GetAccessKeyInfoCommand,Hh as ExpiredTokenException,nh as DecodeAuthorizationMessageCommand,o as CredentialsFilterSensitiveLog,z0 as AssumeRoleWithWebIdentityResponseFilterSensitiveLog,M0 as AssumeRoleWithWebIdentityRequestFilterSensitiveLog,lh as AssumeRoleWithWebIdentityCommand,v0 as AssumeRoleWithSAMLResponseFilterSensitiveLog,P0 as AssumeRoleWithSAMLRequestFilterSensitiveLog,ph as AssumeRoleWithSAMLCommand,V0 as AssumeRoleResponseFilterSensitiveLog,hh as AssumeRoleCommand,K as $Command};