ibm-cloud-sdk-core 5.4.22 → 5.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/auth/authenticators/vpc-instance-authenticator.d.ts +8 -0
  2. package/auth/authenticators/vpc-instance-authenticator.js +14 -0
  3. package/auth/token-managers/vpc-instance-token-manager.d.ts +10 -0
  4. package/auth/token-managers/vpc-instance-token-manager.js +49 -5
  5. package/docs/ibm-cloud-sdk-core.api.json +254 -0
  6. package/es/auth/authenticators/vpc-instance-authenticator.d.ts +8 -0
  7. package/es/auth/authenticators/vpc-instance-authenticator.js +14 -0
  8. package/es/auth/token-managers/vpc-instance-token-manager.d.ts +10 -0
  9. package/es/auth/token-managers/vpc-instance-token-manager.js +49 -5
  10. package/ibm-cloud-sdk-core.d.ts +18 -0
  11. package/package.json +1 -1
package/auth/authenticators/vpc-instance-authenticator.d.ts CHANGED
@@ -21,6 +21,10 @@ export interface Options extends BaseOptions {
21
21
  iamProfileCrn?: string;
22
22
  /** The ID of the linked trusted IAM profile to be used when obtaining the IAM access token */
23
23
  iamProfileId?: string;
24
+ /** The version of the Instance Metadata Service to be used obtaining tokens */
25
+ serviceVersion?: string;
26
+ /** The lifetime of the Instance Identity Token */
27
+ tokenLifetime?: number;
24
28
  }
25
29
  /**
26
30
  * The VpcInstanceAuthenticator implements an authentication scheme in which it retrieves an "instance identity token"
@@ -36,6 +40,8 @@ export declare class VpcInstanceAuthenticator extends TokenRequestBasedAuthentic
36
40
  protected tokenManager: VpcInstanceTokenManager;
37
41
  private iamProfileCrn;
38
42
  private iamProfileId;
43
+ private serviceVersion;
44
+ private tokenLifetime;
39
45
  /**
40
46
  * Create a new VpcInstanceAuthenticator instance.
41
47
  *
@@ -60,6 +66,8 @@ export declare class VpcInstanceAuthenticator extends TokenRequestBasedAuthentic
60
66
  * @param iamProfileId - the ID of the linked IAM trusted profile to use when obtaining an IAM access token
61
67
  */
62
68
  setIamProfileId(iamProfileId: string): void;
69
+ setServiceVersion(serviceVersion: string): void;
70
+ setTokenLifetime(tokenLifetime: number): void;
63
71
  /**
64
72
  * Returns the authenticator's type ('vpc').
65
73
  *
package/auth/authenticators/vpc-instance-authenticator.js CHANGED
@@ -70,6 +70,12 @@ var VpcInstanceAuthenticator = /** @class */ (function (_super) {
70
70
  if (options.iamProfileId) {
71
71
  _this.iamProfileId = options.iamProfileId;
72
72
  }
73
+ if (options.serviceVersion) {
74
+ _this.serviceVersion = options.serviceVersion;
75
+ }
76
+ if (options.tokenLifetime) {
77
+ _this.tokenLifetime = options.tokenLifetime;
78
+ }
73
79
  // the param names are shared between the authenticator and the token
74
80
  // manager so we can just pass along the options object.
75
81
  // also, the token manager will handle input validation
@@ -94,6 +100,14 @@ var VpcInstanceAuthenticator = /** @class */ (function (_super) {
94
100
  // update properties in token manager
95
101
  this.tokenManager.setIamProfileId(iamProfileId);
96
102
  };
103
+ VpcInstanceAuthenticator.prototype.setServiceVersion = function (serviceVersion) {
104
+ this.serviceVersion = serviceVersion;
105
+ this.tokenManager.setServiceVersion(serviceVersion);
106
+ };
107
+ VpcInstanceAuthenticator.prototype.setTokenLifetime = function (tokenLifetime) {
108
+ this.tokenLifetime = tokenLifetime;
109
+ this.tokenManager.setTokenLifetime(tokenLifetime);
110
+ };
97
111
  /**
98
112
  * Returns the authenticator's type ('vpc').
99
113
  *
package/auth/token-managers/vpc-instance-token-manager.d.ts CHANGED
@@ -20,6 +20,10 @@ interface Options extends JwtTokenManagerOptions {
20
20
  iamProfileCrn?: string;
21
21
  /** The ID of the linked trusted IAM profile to be used when obtaining the IAM access token */
22
22
  iamProfileId?: string;
23
+ /** The version of the Instance Metadata Service to be used obtaining tokens */
24
+ serviceVersion?: string;
25
+ /** The lifetime of the Instance Identity Token */
26
+ tokenLifetime?: number;
23
27
  }
24
28
  /**
25
29
  * Token Manager for VPC Instance Authentication.
@@ -27,6 +31,8 @@ interface Options extends JwtTokenManagerOptions {
27
31
  export declare class VpcInstanceTokenManager extends JwtTokenManager {
28
32
  private iamProfileCrn;
29
33
  private iamProfileId;
34
+ private serviceVersion;
35
+ private tokenLifetime;
30
36
  /**
31
37
  * Create a new VpcInstanceTokenManager instance.
32
38
  *
@@ -51,6 +57,10 @@ export declare class VpcInstanceTokenManager extends JwtTokenManager {
51
57
  * @param iamProfileId - the ID of the IAM trusted profile
52
58
  */
53
59
  setIamProfileId(iamProfileId: string): void;
60
+ setServiceVersion(serviceVersion: string): void;
61
+ setTokenLifetime(tokenLifetime: number): void;
62
+ protected getAccessTokenPath(): string;
63
+ protected getIamTokenPath(): string;
54
64
  protected requestToken(): Promise<any>;
55
65
  private getInstanceIdentityToken;
56
66
  /**
package/auth/token-managers/vpc-instance-token-manager.js CHANGED
@@ -76,7 +76,14 @@ var build_user_agent_1 = require("../../lib/build-user-agent");
76
76
  var jwt_token_manager_1 = require("./jwt-token-manager");
77
77
  var DEFAULT_IMS_ENDPOINT = 'http://169.254.169.254';
78
78
  var METADATA_SERVICE_VERSION = '2022-03-01';
79
+ var METADATA_SERVICE_VERSION2 = '2025-08-26';
79
80
  var IAM_EXPIRATION_WINDOW = 10;
81
+ var METADATA_TOKEN_LIFETIME = 300;
82
+ var DEFAULT_OPERATION_PATH_CREATE_ACCESS_TOKEN = '/instance_identity/v1/token';
83
+ var DEFAULT_OPERATION_PATH_CREATE_IAM_TOKEN = '/instance_identity/v1/iam_token';
84
+ var DEFAULT_OPERATION_PATH_CREATE_ACCESS_TOKEN2 = '/identity/v1/token';
85
+ var DEFAULT_OPERATION_PATH_CREATE_IAM_TOKEN2 = '/identity/v1/iam_tokens';
86
+ var metadataServiceSupportedVersions = [METADATA_SERVICE_VERSION, METADATA_SERVICE_VERSION2];
80
87
  /**
81
88
  * Token Manager for VPC Instance Authentication.
82
89
  */
@@ -104,6 +111,18 @@ var VpcInstanceTokenManager = /** @class */ (function (_super) {
104
111
  throw new Error('At most one of `iamProfileId` or `iamProfileCrn` may be specified.');
105
112
  }
106
113
  _this.url = options.url || DEFAULT_IMS_ENDPOINT;
114
+ // Validate and set serviceVersion
115
+ var serviceVersion = options.serviceVersion || METADATA_SERVICE_VERSION;
116
+ if (!metadataServiceSupportedVersions.includes(serviceVersion)) {
117
+ throw new Error("Invalid serviceVersion. Must be one of: ".concat(metadataServiceSupportedVersions.join(', ')));
118
+ }
119
+ _this.serviceVersion = serviceVersion;
120
+ // Validate and set tokenLifetime
121
+ var tokenLifetime = options.tokenLifetime || METADATA_TOKEN_LIFETIME;
122
+ if (typeof tokenLifetime !== 'number' || tokenLifetime < 0) {
123
+ throw new Error('tokenLifetime must be a non-negative number');
124
+ }
125
+ _this.tokenLifetime = tokenLifetime;
107
126
  if (options.iamProfileCrn) {
108
127
  _this.iamProfileCrn = options.iamProfileCrn;
109
128
  }
@@ -127,6 +146,30 @@ var VpcInstanceTokenManager = /** @class */ (function (_super) {
127
146
  VpcInstanceTokenManager.prototype.setIamProfileId = function (iamProfileId) {
128
147
  this.iamProfileId = iamProfileId;
129
148
  };
149
+ VpcInstanceTokenManager.prototype.setServiceVersion = function (serviceVersion) {
150
+ if (!metadataServiceSupportedVersions.includes(serviceVersion)) {
151
+ throw new Error("Invalid serviceVersion. Must be one of: ".concat(metadataServiceSupportedVersions.join(', ')));
152
+ }
153
+ this.serviceVersion = serviceVersion;
154
+ };
155
+ VpcInstanceTokenManager.prototype.setTokenLifetime = function (tokenLifetime) {
156
+ if (typeof tokenLifetime !== 'number' || tokenLifetime < 0) {
157
+ throw new Error('tokenLifetime must be a non-negative number');
158
+ }
159
+ this.tokenLifetime = tokenLifetime;
160
+ };
161
+ VpcInstanceTokenManager.prototype.getAccessTokenPath = function () {
162
+ if (this.serviceVersion === METADATA_SERVICE_VERSION2) {
163
+ return DEFAULT_OPERATION_PATH_CREATE_ACCESS_TOKEN2;
164
+ }
165
+ return DEFAULT_OPERATION_PATH_CREATE_ACCESS_TOKEN;
166
+ };
167
+ VpcInstanceTokenManager.prototype.getIamTokenPath = function () {
168
+ if (this.serviceVersion === METADATA_SERVICE_VERSION2) {
169
+ return DEFAULT_OPERATION_PATH_CREATE_IAM_TOKEN2;
170
+ }
171
+ return DEFAULT_OPERATION_PATH_CREATE_IAM_TOKEN;
172
+ };
130
173
  VpcInstanceTokenManager.prototype.requestToken = function () {
131
174
  return __awaiter(this, void 0, void 0, function () {
132
175
  var instanceIdentityToken, body, parameters;
@@ -147,9 +190,9 @@ var VpcInstanceTokenManager = /** @class */ (function (_super) {
147
190
  }
148
191
  parameters = {
149
192
  options: {
150
- url: "".concat(this.url, "/instance_identity/v1/iam_token"),
193
+ url: "".concat(this.url).concat(this.getIamTokenPath()),
151
194
  qs: {
152
- version: METADATA_SERVICE_VERSION,
195
+ version: this.serviceVersion,
153
196
  },
154
197
  body: body,
155
198
  method: 'POST',
@@ -158,6 +201,7 @@ var VpcInstanceTokenManager = /** @class */ (function (_super) {
158
201
  'User-Agent': this.userAgent,
159
202
  Accept: 'application/json',
160
203
  Authorization: "Bearer ".concat(instanceIdentityToken),
204
+ 'Metadata-Flavor': 'ibm',
161
205
  },
162
206
  },
163
207
  };
@@ -178,12 +222,12 @@ var VpcInstanceTokenManager = /** @class */ (function (_super) {
178
222
  case 0:
179
223
  parameters = {
180
224
  options: {
181
- url: "".concat(this.url, "/instance_identity/v1/token"),
225
+ url: "".concat(this.url).concat(this.getAccessTokenPath()),
182
226
  qs: {
183
- version: METADATA_SERVICE_VERSION,
227
+ version: this.serviceVersion,
184
228
  },
185
229
  body: {
186
- expires_in: 300,
230
+ expires_in: this.tokenLifetime,
187
231
  },
188
232
  method: 'PUT',
189
233
  headers: {
package/docs/ibm-cloud-sdk-core.api.json CHANGED
@@ -8678,6 +8678,102 @@
8678
8678
  "isAbstract": false,
8679
8679
  "name": "setIamProfileId"
8680
8680
  },
8681
+ {
8682
+ "kind": "Method",
8683
+ "canonicalReference": "ibm-cloud-sdk-core!VpcInstanceAuthenticator#setServiceVersion:member(1)",
8684
+ "docComment": "",
8685
+ "excerptTokens": [
8686
+ {
8687
+ "kind": "Content",
8688
+ "text": "setServiceVersion(serviceVersion: "
8689
+ },
8690
+ {
8691
+ "kind": "Content",
8692
+ "text": "string"
8693
+ },
8694
+ {
8695
+ "kind": "Content",
8696
+ "text": "): "
8697
+ },
8698
+ {
8699
+ "kind": "Content",
8700
+ "text": "void"
8701
+ },
8702
+ {
8703
+ "kind": "Content",
8704
+ "text": ";"
8705
+ }
8706
+ ],
8707
+ "isStatic": false,
8708
+ "returnTypeTokenRange": {
8709
+ "startIndex": 3,
8710
+ "endIndex": 4
8711
+ },
8712
+ "releaseTag": "Public",
8713
+ "isProtected": false,
8714
+ "overloadIndex": 1,
8715
+ "parameters": [
8716
+ {
8717
+ "parameterName": "serviceVersion",
8718
+ "parameterTypeTokenRange": {
8719
+ "startIndex": 1,
8720
+ "endIndex": 2
8721
+ },
8722
+ "isOptional": false
8723
+ }
8724
+ ],
8725
+ "isOptional": false,
8726
+ "isAbstract": false,
8727
+ "name": "setServiceVersion"
8728
+ },
8729
+ {
8730
+ "kind": "Method",
8731
+ "canonicalReference": "ibm-cloud-sdk-core!VpcInstanceAuthenticator#setTokenLifetime:member(1)",
8732
+ "docComment": "",
8733
+ "excerptTokens": [
8734
+ {
8735
+ "kind": "Content",
8736
+ "text": "setTokenLifetime(tokenLifetime: "
8737
+ },
8738
+ {
8739
+ "kind": "Content",
8740
+ "text": "number"
8741
+ },
8742
+ {
8743
+ "kind": "Content",
8744
+ "text": "): "
8745
+ },
8746
+ {
8747
+ "kind": "Content",
8748
+ "text": "void"
8749
+ },
8750
+ {
8751
+ "kind": "Content",
8752
+ "text": ";"
8753
+ }
8754
+ ],
8755
+ "isStatic": false,
8756
+ "returnTypeTokenRange": {
8757
+ "startIndex": 3,
8758
+ "endIndex": 4
8759
+ },
8760
+ "releaseTag": "Public",
8761
+ "isProtected": false,
8762
+ "overloadIndex": 1,
8763
+ "parameters": [
8764
+ {
8765
+ "parameterName": "tokenLifetime",
8766
+ "parameterTypeTokenRange": {
8767
+ "startIndex": 1,
8768
+ "endIndex": 2
8769
+ },
8770
+ "isOptional": false
8771
+ }
8772
+ ],
8773
+ "isOptional": false,
8774
+ "isAbstract": false,
8775
+ "name": "setTokenLifetime"
8776
+ },
8681
8777
  {
8682
8778
  "kind": "Property",
8683
8779
  "canonicalReference": "ibm-cloud-sdk-core!VpcInstanceAuthenticator#tokenManager:member",
@@ -8774,6 +8870,68 @@
8774
8870
  }
8775
8871
  ]
8776
8872
  },
8873
+ {
8874
+ "kind": "Method",
8875
+ "canonicalReference": "ibm-cloud-sdk-core!VpcInstanceTokenManager#getAccessTokenPath:member(1)",
8876
+ "docComment": "",
8877
+ "excerptTokens": [
8878
+ {
8879
+ "kind": "Content",
8880
+ "text": "protected getAccessTokenPath(): "
8881
+ },
8882
+ {
8883
+ "kind": "Content",
8884
+ "text": "string"
8885
+ },
8886
+ {
8887
+ "kind": "Content",
8888
+ "text": ";"
8889
+ }
8890
+ ],
8891
+ "isStatic": false,
8892
+ "returnTypeTokenRange": {
8893
+ "startIndex": 1,
8894
+ "endIndex": 2
8895
+ },
8896
+ "releaseTag": "Public",
8897
+ "isProtected": true,
8898
+ "overloadIndex": 1,
8899
+ "parameters": [],
8900
+ "isOptional": false,
8901
+ "isAbstract": false,
8902
+ "name": "getAccessTokenPath"
8903
+ },
8904
+ {
8905
+ "kind": "Method",
8906
+ "canonicalReference": "ibm-cloud-sdk-core!VpcInstanceTokenManager#getIamTokenPath:member(1)",
8907
+ "docComment": "",
8908
+ "excerptTokens": [
8909
+ {
8910
+ "kind": "Content",
8911
+ "text": "protected getIamTokenPath(): "
8912
+ },
8913
+ {
8914
+ "kind": "Content",
8915
+ "text": "string"
8916
+ },
8917
+ {
8918
+ "kind": "Content",
8919
+ "text": ";"
8920
+ }
8921
+ ],
8922
+ "isStatic": false,
8923
+ "returnTypeTokenRange": {
8924
+ "startIndex": 1,
8925
+ "endIndex": 2
8926
+ },
8927
+ "releaseTag": "Public",
8928
+ "isProtected": true,
8929
+ "overloadIndex": 1,
8930
+ "parameters": [],
8931
+ "isOptional": false,
8932
+ "isAbstract": false,
8933
+ "name": "getIamTokenPath"
8934
+ },
8777
8935
  {
8778
8936
  "kind": "Method",
8779
8937
  "canonicalReference": "ibm-cloud-sdk-core!VpcInstanceTokenManager#isTokenExpired:member(1)",
@@ -8936,6 +9094,102 @@
8936
9094
  "isOptional": false,
8937
9095
  "isAbstract": false,
8938
9096
  "name": "setIamProfileId"
9097
+ },
9098
+ {
9099
+ "kind": "Method",
9100
+ "canonicalReference": "ibm-cloud-sdk-core!VpcInstanceTokenManager#setServiceVersion:member(1)",
9101
+ "docComment": "",
9102
+ "excerptTokens": [
9103
+ {
9104
+ "kind": "Content",
9105
+ "text": "setServiceVersion(serviceVersion: "
9106
+ },
9107
+ {
9108
+ "kind": "Content",
9109
+ "text": "string"
9110
+ },
9111
+ {
9112
+ "kind": "Content",
9113
+ "text": "): "
9114
+ },
9115
+ {
9116
+ "kind": "Content",
9117
+ "text": "void"
9118
+ },
9119
+ {
9120
+ "kind": "Content",
9121
+ "text": ";"
9122
+ }
9123
+ ],
9124
+ "isStatic": false,
9125
+ "returnTypeTokenRange": {
9126
+ "startIndex": 3,
9127
+ "endIndex": 4
9128
+ },
9129
+ "releaseTag": "Public",
9130
+ "isProtected": false,
9131
+ "overloadIndex": 1,
9132
+ "parameters": [
9133
+ {
9134
+ "parameterName": "serviceVersion",
9135
+ "parameterTypeTokenRange": {
9136
+ "startIndex": 1,
9137
+ "endIndex": 2
9138
+ },
9139
+ "isOptional": false
9140
+ }
9141
+ ],
9142
+ "isOptional": false,
9143
+ "isAbstract": false,
9144
+ "name": "setServiceVersion"
9145
+ },
9146
+ {
9147
+ "kind": "Method",
9148
+ "canonicalReference": "ibm-cloud-sdk-core!VpcInstanceTokenManager#setTokenLifetime:member(1)",
9149
+ "docComment": "",
9150
+ "excerptTokens": [
9151
+ {
9152
+ "kind": "Content",
9153
+ "text": "setTokenLifetime(tokenLifetime: "
9154
+ },
9155
+ {
9156
+ "kind": "Content",
9157
+ "text": "number"
9158
+ },
9159
+ {
9160
+ "kind": "Content",
9161
+ "text": "): "
9162
+ },
9163
+ {
9164
+ "kind": "Content",
9165
+ "text": "void"
9166
+ },
9167
+ {
9168
+ "kind": "Content",
9169
+ "text": ";"
9170
+ }
9171
+ ],
9172
+ "isStatic": false,
9173
+ "returnTypeTokenRange": {
9174
+ "startIndex": 3,
9175
+ "endIndex": 4
9176
+ },
9177
+ "releaseTag": "Public",
9178
+ "isProtected": false,
9179
+ "overloadIndex": 1,
9180
+ "parameters": [
9181
+ {
9182
+ "parameterName": "tokenLifetime",
9183
+ "parameterTypeTokenRange": {
9184
+ "startIndex": 1,
9185
+ "endIndex": 2
9186
+ },
9187
+ "isOptional": false
9188
+ }
9189
+ ],
9190
+ "isOptional": false,
9191
+ "isAbstract": false,
9192
+ "name": "setTokenLifetime"
8939
9193
  }
8940
9194
  ],
8941
9195
  "extendsTokenRange": {
package/es/auth/authenticators/vpc-instance-authenticator.d.ts CHANGED
@@ -21,6 +21,10 @@ export interface Options extends BaseOptions {
21
21
  iamProfileCrn?: string;
22
22
  /** The ID of the linked trusted IAM profile to be used when obtaining the IAM access token */
23
23
  iamProfileId?: string;
24
+ /** The version of the Instance Metadata Service to be used obtaining tokens */
25
+ serviceVersion?: string;
26
+ /** The lifetime of the Instance Identity Token */
27
+ tokenLifetime?: number;
24
28
  }
25
29
  /**
26
30
  * The VpcInstanceAuthenticator implements an authentication scheme in which it retrieves an "instance identity token"
@@ -36,6 +40,8 @@ export declare class VpcInstanceAuthenticator extends TokenRequestBasedAuthentic
36
40
  protected tokenManager: VpcInstanceTokenManager;
37
41
  private iamProfileCrn;
38
42
  private iamProfileId;
43
+ private serviceVersion;
44
+ private tokenLifetime;
39
45
  /**
40
46
  * Create a new VpcInstanceAuthenticator instance.
41
47
  *
@@ -60,6 +66,8 @@ export declare class VpcInstanceAuthenticator extends TokenRequestBasedAuthentic
60
66
  * @param iamProfileId - the ID of the linked IAM trusted profile to use when obtaining an IAM access token
61
67
  */
62
68
  setIamProfileId(iamProfileId: string): void;
69
+ setServiceVersion(serviceVersion: string): void;
70
+ setTokenLifetime(tokenLifetime: number): void;
63
71
  /**
64
72
  * Returns the authenticator's type ('vpc').
65
73
  *
package/es/auth/authenticators/vpc-instance-authenticator.js CHANGED
@@ -50,6 +50,12 @@ export class VpcInstanceAuthenticator extends TokenRequestBasedAuthenticator {
50
50
  if (options.iamProfileId) {
51
51
  this.iamProfileId = options.iamProfileId;
52
52
  }
53
+ if (options.serviceVersion) {
54
+ this.serviceVersion = options.serviceVersion;
55
+ }
56
+ if (options.tokenLifetime) {
57
+ this.tokenLifetime = options.tokenLifetime;
58
+ }
53
59
  // the param names are shared between the authenticator and the token
54
60
  // manager so we can just pass along the options object.
55
61
  // also, the token manager will handle input validation
@@ -73,6 +79,14 @@ export class VpcInstanceAuthenticator extends TokenRequestBasedAuthenticator {
73
79
  // update properties in token manager
74
80
  this.tokenManager.setIamProfileId(iamProfileId);
75
81
  }
82
+ setServiceVersion(serviceVersion) {
83
+ this.serviceVersion = serviceVersion;
84
+ this.tokenManager.setServiceVersion(serviceVersion);
85
+ }
86
+ setTokenLifetime(tokenLifetime) {
87
+ this.tokenLifetime = tokenLifetime;
88
+ this.tokenManager.setTokenLifetime(tokenLifetime);
89
+ }
76
90
  /**
77
91
  * Returns the authenticator's type ('vpc').
78
92
  *
package/es/auth/token-managers/vpc-instance-token-manager.d.ts CHANGED
@@ -20,6 +20,10 @@ interface Options extends JwtTokenManagerOptions {
20
20
  iamProfileCrn?: string;
21
21
  /** The ID of the linked trusted IAM profile to be used when obtaining the IAM access token */
22
22
  iamProfileId?: string;
23
+ /** The version of the Instance Metadata Service to be used obtaining tokens */
24
+ serviceVersion?: string;
25
+ /** The lifetime of the Instance Identity Token */
26
+ tokenLifetime?: number;
23
27
  }
24
28
  /**
25
29
  * Token Manager for VPC Instance Authentication.
@@ -27,6 +31,8 @@ interface Options extends JwtTokenManagerOptions {
27
31
  export declare class VpcInstanceTokenManager extends JwtTokenManager {
28
32
  private iamProfileCrn;
29
33
  private iamProfileId;
34
+ private serviceVersion;
35
+ private tokenLifetime;
30
36
  /**
31
37
  * Create a new VpcInstanceTokenManager instance.
32
38
  *
@@ -51,6 +57,10 @@ export declare class VpcInstanceTokenManager extends JwtTokenManager {
51
57
  * @param iamProfileId - the ID of the IAM trusted profile
52
58
  */
53
59
  setIamProfileId(iamProfileId: string): void;
60
+ setServiceVersion(serviceVersion: string): void;
61
+ setTokenLifetime(tokenLifetime: number): void;
62
+ protected getAccessTokenPath(): string;
63
+ protected getIamTokenPath(): string;
54
64
  protected requestToken(): Promise<any>;
55
65
  private getInstanceIdentityToken;
56
66
  /**
package/es/auth/token-managers/vpc-instance-token-manager.js CHANGED
@@ -28,7 +28,14 @@ import { buildUserAgent } from '../../lib/build-user-agent';
28
28
  import { JwtTokenManager } from './jwt-token-manager';
29
29
  const DEFAULT_IMS_ENDPOINT = 'http://169.254.169.254';
30
30
  const METADATA_SERVICE_VERSION = '2022-03-01';
31
+ const METADATA_SERVICE_VERSION2 = '2025-08-26';
31
32
  const IAM_EXPIRATION_WINDOW = 10;
33
+ const METADATA_TOKEN_LIFETIME = 300;
34
+ const DEFAULT_OPERATION_PATH_CREATE_ACCESS_TOKEN = '/instance_identity/v1/token';
35
+ const DEFAULT_OPERATION_PATH_CREATE_IAM_TOKEN = '/instance_identity/v1/iam_token';
36
+ const DEFAULT_OPERATION_PATH_CREATE_ACCESS_TOKEN2 = '/identity/v1/token';
37
+ const DEFAULT_OPERATION_PATH_CREATE_IAM_TOKEN2 = '/identity/v1/iam_tokens';
38
+ const metadataServiceSupportedVersions = [METADATA_SERVICE_VERSION, METADATA_SERVICE_VERSION2];
32
39
  /**
33
40
  * Token Manager for VPC Instance Authentication.
34
41
  */
@@ -54,6 +61,18 @@ export class VpcInstanceTokenManager extends JwtTokenManager {
54
61
  throw new Error('At most one of `iamProfileId` or `iamProfileCrn` may be specified.');
55
62
  }
56
63
  this.url = options.url || DEFAULT_IMS_ENDPOINT;
64
+ // Validate and set serviceVersion
65
+ const serviceVersion = options.serviceVersion || METADATA_SERVICE_VERSION;
66
+ if (!metadataServiceSupportedVersions.includes(serviceVersion)) {
67
+ throw new Error(`Invalid serviceVersion. Must be one of: ${metadataServiceSupportedVersions.join(', ')}`);
68
+ }
69
+ this.serviceVersion = serviceVersion;
70
+ // Validate and set tokenLifetime
71
+ const tokenLifetime = options.tokenLifetime || METADATA_TOKEN_LIFETIME;
72
+ if (typeof tokenLifetime !== 'number' || tokenLifetime < 0) {
73
+ throw new Error('tokenLifetime must be a non-negative number');
74
+ }
75
+ this.tokenLifetime = tokenLifetime;
57
76
  if (options.iamProfileCrn) {
58
77
  this.iamProfileCrn = options.iamProfileCrn;
59
78
  }
@@ -76,6 +95,30 @@ export class VpcInstanceTokenManager extends JwtTokenManager {
76
95
  setIamProfileId(iamProfileId) {
77
96
  this.iamProfileId = iamProfileId;
78
97
  }
98
+ setServiceVersion(serviceVersion) {
99
+ if (!metadataServiceSupportedVersions.includes(serviceVersion)) {
100
+ throw new Error(`Invalid serviceVersion. Must be one of: ${metadataServiceSupportedVersions.join(', ')}`);
101
+ }
102
+ this.serviceVersion = serviceVersion;
103
+ }
104
+ setTokenLifetime(tokenLifetime) {
105
+ if (typeof tokenLifetime !== 'number' || tokenLifetime < 0) {
106
+ throw new Error('tokenLifetime must be a non-negative number');
107
+ }
108
+ this.tokenLifetime = tokenLifetime;
109
+ }
110
+ getAccessTokenPath() {
111
+ if (this.serviceVersion === METADATA_SERVICE_VERSION2) {
112
+ return DEFAULT_OPERATION_PATH_CREATE_ACCESS_TOKEN2;
113
+ }
114
+ return DEFAULT_OPERATION_PATH_CREATE_ACCESS_TOKEN;
115
+ }
116
+ getIamTokenPath() {
117
+ if (this.serviceVersion === METADATA_SERVICE_VERSION2) {
118
+ return DEFAULT_OPERATION_PATH_CREATE_IAM_TOKEN2;
119
+ }
120
+ return DEFAULT_OPERATION_PATH_CREATE_IAM_TOKEN;
121
+ }
79
122
  requestToken() {
80
123
  return __awaiter(this, void 0, void 0, function* () {
81
124
  const instanceIdentityToken = yield this.getInstanceIdentityToken();
@@ -93,9 +136,9 @@ export class VpcInstanceTokenManager extends JwtTokenManager {
93
136
  }
94
137
  const parameters = {
95
138
  options: {
96
- url: `${this.url}/instance_identity/v1/iam_token`,
139
+ url: `${this.url}${this.getIamTokenPath()}`,
97
140
  qs: {
98
- version: METADATA_SERVICE_VERSION,
141
+ version: this.serviceVersion,
99
142
  },
100
143
  body,
101
144
  method: 'POST',
@@ -104,6 +147,7 @@ export class VpcInstanceTokenManager extends JwtTokenManager {
104
147
  'User-Agent': this.userAgent,
105
148
  Accept: 'application/json',
106
149
  Authorization: `Bearer ${instanceIdentityToken}`,
150
+ 'Metadata-Flavor': 'ibm',
107
151
  },
108
152
  },
109
153
  };
@@ -118,12 +162,12 @@ export class VpcInstanceTokenManager extends JwtTokenManager {
118
162
  return __awaiter(this, void 0, void 0, function* () {
119
163
  const parameters = {
120
164
  options: {
121
- url: `${this.url}/instance_identity/v1/token`,
165
+ url: `${this.url}${this.getAccessTokenPath()}`,
122
166
  qs: {
123
- version: METADATA_SERVICE_VERSION,
167
+ version: this.serviceVersion,
124
168
  },
125
169
  body: {
126
- expires_in: 300,
170
+ expires_in: this.tokenLifetime,
127
171
  },
128
172
  method: 'PUT',
129
173
  headers: {
package/ibm-cloud-sdk-core.d.ts CHANGED
@@ -1319,6 +1319,10 @@ declare interface Options_10 extends BaseOptions {
1319
1319
  iamProfileCrn?: string;
1320
1320
  /** The ID of the linked trusted IAM profile to be used when obtaining the IAM access token */
1321
1321
  iamProfileId?: string;
1322
+ /** The version of the Instance Metadata Service to be used obtaining tokens */
1323
+ serviceVersion?: string;
1324
+ /** The lifetime of the Instance Identity Token */
1325
+ tokenLifetime?: number;
1322
1326
  }
1323
1327
 
1324
1328
  /**
@@ -1522,6 +1526,10 @@ declare interface Options_9 extends JwtTokenManagerOptions {
1522
1526
  iamProfileCrn?: string;
1523
1527
  /** The ID of the linked trusted IAM profile to be used when obtaining the IAM access token */
1524
1528
  iamProfileId?: string;
1529
+ /** The version of the Instance Metadata Service to be used obtaining tokens */
1530
+ serviceVersion?: string;
1531
+ /** The lifetime of the Instance Identity Token */
1532
+ tokenLifetime?: number;
1525
1533
  }
1526
1534
 
1527
1535
  /**
@@ -1936,6 +1944,8 @@ export declare class VpcInstanceAuthenticator extends TokenRequestBasedAuthentic
1936
1944
  protected tokenManager: VpcInstanceTokenManager;
1937
1945
  private iamProfileCrn;
1938
1946
  private iamProfileId;
1947
+ private serviceVersion;
1948
+ private tokenLifetime;
1939
1949
  /**
1940
1950
  * Create a new VpcInstanceAuthenticator instance.
1941
1951
  *
@@ -1960,6 +1970,8 @@ export declare class VpcInstanceAuthenticator extends TokenRequestBasedAuthentic
1960
1970
  * @param iamProfileId - the ID of the linked IAM trusted profile to use when obtaining an IAM access token
1961
1971
  */
1962
1972
  setIamProfileId(iamProfileId: string): void;
1973
+ setServiceVersion(serviceVersion: string): void;
1974
+ setTokenLifetime(tokenLifetime: number): void;
1963
1975
  /**
1964
1976
  * Returns the authenticator's type ('vpc').
1965
1977
  *
@@ -1974,6 +1986,8 @@ export declare class VpcInstanceAuthenticator extends TokenRequestBasedAuthentic
1974
1986
  export declare class VpcInstanceTokenManager extends JwtTokenManager {
1975
1987
  private iamProfileCrn;
1976
1988
  private iamProfileId;
1989
+ private serviceVersion;
1990
+ private tokenLifetime;
1977
1991
  /**
1978
1992
  * Create a new VpcInstanceTokenManager instance.
1979
1993
  *
@@ -1998,6 +2012,10 @@ export declare class VpcInstanceTokenManager extends JwtTokenManager {
1998
2012
  * @param iamProfileId - the ID of the IAM trusted profile
1999
2013
  */
2000
2014
  setIamProfileId(iamProfileId: string): void;
2015
+ setServiceVersion(serviceVersion: string): void;
2016
+ setTokenLifetime(tokenLifetime: number): void;
2017
+ protected getAccessTokenPath(): string;
2018
+ protected getIamTokenPath(): string;
2001
2019
  protected requestToken(): Promise<any>;
2002
2020
  private getInstanceIdentityToken;
2003
2021
  /**
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "ibm-cloud-sdk-core",
3
- "version": "5.4.22",
3
+ "version": "5.5.0",
4
4
  "description": "Core functionality to support SDKs generated with IBM's OpenAPI SDK Generator.",
5
5
  "main": "./index.js",
6
6
  "typings": "./es/index.d.ts",