replicas-cli 0.2.236 → 0.2.239
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bowser-LNTEZM7F.mjs +2822 -0
- package/dist/chunk-GFYYBNVD.mjs +1058 -0
- package/dist/chunk-JD4YWBM3.mjs +581 -0
- package/dist/chunk-MNYGWPEL.mjs +2883 -0
- package/dist/chunk-NSGUCXRX.mjs +2101 -0
- package/dist/chunk-Q4H42355.mjs +439 -0
- package/dist/chunk-YXYUVLIU.mjs +1498 -0
- package/dist/{dist-es-FTV27CJE.mjs → dist-es-5WXCQCPW.mjs} +4 -3
- package/dist/{dist-es-76ZS5ZGX.mjs → dist-es-JEMIHEYU.mjs} +47 -51
- package/dist/{dist-es-MVWFIO2N.mjs → dist-es-KEPB4XGD.mjs} +9 -10
- package/dist/{dist-es-DRC4RUDF.mjs → dist-es-Q57UUSDX.mjs} +22 -34
- package/dist/{dist-es-TKQAVPOM.mjs → dist-es-RN7CGM2B.mjs} +25 -23
- package/dist/{dist-es-PGBT2GSM.mjs → dist-es-SCGGKOX2.mjs} +27 -32
- package/dist/{dist-es-X7XEFTLU.mjs → dist-es-ZDCSDOKR.mjs} +10 -11
- package/dist/event-streams-UPDOZQOC.mjs +1274 -0
- package/dist/index.mjs +190 -171
- package/dist/{loadSso-PADWQIUG.mjs → loadSso-ABHII4GO.mjs} +84 -61
- package/dist/{signin-4DZRTUJH.mjs → signin-PHZQKMQ4.mjs} +94 -82
- package/dist/{sso-oidc-VICR4TNH.mjs → sso-oidc-YWYT5VLS.mjs} +102 -63
- package/dist/{sts-WJPOT3CH.mjs → sts-LQIL7WOF.mjs} +4964 -5055
- package/package.json +1 -1
- package/dist/chunk-4KZFIKR3.mjs +0 -5730
- package/dist/chunk-6E4PAXC5.mjs +0 -65
- package/dist/chunk-75QHZ6FC.mjs +0 -52
- package/dist/chunk-AEKGTTWT.mjs +0 -42
- package/dist/chunk-CEE3Y7RM.mjs +0 -14
- package/dist/chunk-H57WOA7R.mjs +0 -883
- package/dist/chunk-HMKFI7SL.mjs +0 -242
- package/dist/chunk-K7B6G3FP.mjs +0 -175
- package/dist/chunk-KHHYAMUK.mjs +0 -164
- package/dist/chunk-S6VA5TIO.mjs +0 -44
- package/dist/chunk-W27BU2E4.mjs +0 -1038
- package/dist/chunk-YZ62XZX5.mjs +0 -29
- package/dist/event-streams-S7HDVT33.mjs +0 -255
|
@@ -1,13 +1,14 @@
|
|
|
1
1
|
#!/usr/bin/env bun
|
|
2
2
|
import {
|
|
3
3
|
setCredentialFeature
|
|
4
|
-
} from "./chunk-
|
|
4
|
+
} from "./chunk-MNYGWPEL.mjs";
|
|
5
5
|
import {
|
|
6
6
|
CredentialsProviderError
|
|
7
|
-
} from "./chunk-
|
|
7
|
+
} from "./chunk-NSGUCXRX.mjs";
|
|
8
|
+
import "./chunk-GFYYBNVD.mjs";
|
|
8
9
|
import "./chunk-FFDYI4OH.mjs";
|
|
9
10
|
|
|
10
|
-
// ../node_modules/.bun/@aws-sdk+credential-provider-env@3.972.
|
|
11
|
+
// ../node_modules/.bun/@aws-sdk+credential-provider-env@3.972.44/node_modules/@aws-sdk/credential-provider-env/dist-es/fromEnv.js
|
|
11
12
|
var ENV_KEY = "AWS_ACCESS_KEY_ID";
|
|
12
13
|
var ENV_SECRET = "AWS_SECRET_ACCESS_KEY";
|
|
13
14
|
var ENV_SESSION = "AWS_SESSION_TOKEN";
|
|
@@ -1,27 +1,37 @@
|
|
|
1
1
|
#!/usr/bin/env bun
|
|
2
2
|
import {
|
|
3
|
+
CredentialsProviderError,
|
|
4
|
+
ProviderError,
|
|
3
5
|
loadConfig,
|
|
4
6
|
parseUrl
|
|
5
|
-
} from "./chunk-
|
|
6
|
-
import "./chunk-
|
|
7
|
-
import "./chunk-HMKFI7SL.mjs";
|
|
8
|
-
import {
|
|
9
|
-
CredentialsProviderError,
|
|
10
|
-
ProviderError
|
|
11
|
-
} from "./chunk-AEKGTTWT.mjs";
|
|
7
|
+
} from "./chunk-NSGUCXRX.mjs";
|
|
8
|
+
import "./chunk-GFYYBNVD.mjs";
|
|
12
9
|
import {
|
|
13
10
|
__publicField
|
|
14
11
|
} from "./chunk-FFDYI4OH.mjs";
|
|
15
12
|
|
|
16
|
-
// ../node_modules/.bun/@smithy+credential-provider-imds@4.
|
|
17
|
-
|
|
13
|
+
// ../node_modules/.bun/@smithy+credential-provider-imds@4.3.8/node_modules/@smithy/credential-provider-imds/dist-es/remoteProvider/ImdsCredentials.js
|
|
14
|
+
var isImdsCredentials = (arg) => Boolean(arg) && typeof arg === "object" && typeof arg.AccessKeyId === "string" && typeof arg.SecretAccessKey === "string" && typeof arg.Token === "string" && typeof arg.Expiration === "string";
|
|
15
|
+
var fromImdsCredentials = (creds) => ({
|
|
16
|
+
accessKeyId: creds.AccessKeyId,
|
|
17
|
+
secretAccessKey: creds.SecretAccessKey,
|
|
18
|
+
sessionToken: creds.Token,
|
|
19
|
+
expiration: new Date(creds.Expiration),
|
|
20
|
+
...creds.AccountId && { accountId: creds.AccountId }
|
|
21
|
+
});
|
|
22
|
+
|
|
23
|
+
// ../node_modules/.bun/@smithy+credential-provider-imds@4.3.8/node_modules/@smithy/credential-provider-imds/dist-es/remoteProvider/RemoteProviderInit.js
|
|
24
|
+
var DEFAULT_TIMEOUT = 1e3;
|
|
25
|
+
var DEFAULT_MAX_RETRIES = 0;
|
|
26
|
+
var providerConfigFromInit = ({ maxRetries = DEFAULT_MAX_RETRIES, timeout = DEFAULT_TIMEOUT }) => ({ maxRetries, timeout });
|
|
18
27
|
|
|
19
|
-
// ../node_modules/.bun/@smithy+credential-provider-imds@4.
|
|
20
|
-
import
|
|
21
|
-
|
|
28
|
+
// ../node_modules/.bun/@smithy+credential-provider-imds@4.3.8/node_modules/@smithy/credential-provider-imds/dist-es/remoteProvider/node-http.js
|
|
29
|
+
import node_http from "http";
|
|
30
|
+
|
|
31
|
+
// ../node_modules/.bun/@smithy+credential-provider-imds@4.3.8/node_modules/@smithy/credential-provider-imds/dist-es/remoteProvider/httpRequest.js
|
|
22
32
|
function httpRequest(options) {
|
|
23
33
|
return new Promise((resolve, reject) => {
|
|
24
|
-
const req = request({
|
|
34
|
+
const req = node_http.request({
|
|
25
35
|
method: "GET",
|
|
26
36
|
...options,
|
|
27
37
|
hostname: options.hostname?.replace(/^\[(.+)\]$/, "$1")
|
|
@@ -53,22 +63,7 @@ function httpRequest(options) {
|
|
|
53
63
|
});
|
|
54
64
|
}
|
|
55
65
|
|
|
56
|
-
// ../node_modules/.bun/@smithy+credential-provider-imds@4.
|
|
57
|
-
var isImdsCredentials = (arg) => Boolean(arg) && typeof arg === "object" && typeof arg.AccessKeyId === "string" && typeof arg.SecretAccessKey === "string" && typeof arg.Token === "string" && typeof arg.Expiration === "string";
|
|
58
|
-
var fromImdsCredentials = (creds) => ({
|
|
59
|
-
accessKeyId: creds.AccessKeyId,
|
|
60
|
-
secretAccessKey: creds.SecretAccessKey,
|
|
61
|
-
sessionToken: creds.Token,
|
|
62
|
-
expiration: new Date(creds.Expiration),
|
|
63
|
-
...creds.AccountId && { accountId: creds.AccountId }
|
|
64
|
-
});
|
|
65
|
-
|
|
66
|
-
// ../node_modules/.bun/@smithy+credential-provider-imds@4.2.14/node_modules/@smithy/credential-provider-imds/dist-es/remoteProvider/RemoteProviderInit.js
|
|
67
|
-
var DEFAULT_TIMEOUT = 1e3;
|
|
68
|
-
var DEFAULT_MAX_RETRIES = 0;
|
|
69
|
-
var providerConfigFromInit = ({ maxRetries = DEFAULT_MAX_RETRIES, timeout = DEFAULT_TIMEOUT }) => ({ maxRetries, timeout });
|
|
70
|
-
|
|
71
|
-
// ../node_modules/.bun/@smithy+credential-provider-imds@4.2.14/node_modules/@smithy/credential-provider-imds/dist-es/remoteProvider/retry.js
|
|
66
|
+
// ../node_modules/.bun/@smithy+credential-provider-imds@4.3.8/node_modules/@smithy/credential-provider-imds/dist-es/remoteProvider/retry.js
|
|
72
67
|
var retry = (toRetry, maxRetries) => {
|
|
73
68
|
let promise = toRetry();
|
|
74
69
|
for (let i = 0; i < maxRetries; i++) {
|
|
@@ -77,7 +72,7 @@ var retry = (toRetry, maxRetries) => {
|
|
|
77
72
|
return promise;
|
|
78
73
|
};
|
|
79
74
|
|
|
80
|
-
// ../node_modules/.bun/@smithy+credential-provider-imds@4.
|
|
75
|
+
// ../node_modules/.bun/@smithy+credential-provider-imds@4.3.8/node_modules/@smithy/credential-provider-imds/dist-es/fromContainerMetadata.js
|
|
81
76
|
var ENV_CMDS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI";
|
|
82
77
|
var ENV_CMDS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI";
|
|
83
78
|
var ENV_CMDS_AUTH_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN";
|
|
@@ -108,14 +103,8 @@ var requestFromEcsImds = async (timeout, options) => {
|
|
|
108
103
|
return buffer.toString();
|
|
109
104
|
};
|
|
110
105
|
var CMDS_IP = "169.254.170.2";
|
|
111
|
-
var GREENGRASS_HOSTS =
|
|
112
|
-
|
|
113
|
-
"127.0.0.1": true
|
|
114
|
-
};
|
|
115
|
-
var GREENGRASS_PROTOCOLS = {
|
|
116
|
-
"http:": true,
|
|
117
|
-
"https:": true
|
|
118
|
-
};
|
|
106
|
+
var GREENGRASS_HOSTS = /* @__PURE__ */ new Set(["localhost", "127.0.0.1"]);
|
|
107
|
+
var GREENGRASS_PROTOCOLS = /* @__PURE__ */ new Set(["http:", "https:"]);
|
|
119
108
|
var getCmdsUri = async ({ logger }) => {
|
|
120
109
|
if (process.env[ENV_CMDS_RELATIVE_URI]) {
|
|
121
110
|
return {
|
|
@@ -124,21 +113,28 @@ var getCmdsUri = async ({ logger }) => {
|
|
|
124
113
|
};
|
|
125
114
|
}
|
|
126
115
|
if (process.env[ENV_CMDS_FULL_URI]) {
|
|
127
|
-
|
|
128
|
-
|
|
116
|
+
let parsed;
|
|
117
|
+
try {
|
|
118
|
+
parsed = new URL(process.env[ENV_CMDS_FULL_URI]);
|
|
119
|
+
} catch {
|
|
120
|
+
throw new CredentialsProviderError(`${process.env[ENV_CMDS_FULL_URI]} is not a valid container metadata service URL`, { tryNextLink: false, logger });
|
|
121
|
+
}
|
|
122
|
+
if (!parsed.hostname || !GREENGRASS_HOSTS.has(parsed.hostname)) {
|
|
129
123
|
throw new CredentialsProviderError(`${parsed.hostname} is not a valid container metadata service hostname`, {
|
|
130
124
|
tryNextLink: false,
|
|
131
125
|
logger
|
|
132
126
|
});
|
|
133
127
|
}
|
|
134
|
-
if (!parsed.protocol || !(parsed.protocol
|
|
128
|
+
if (!parsed.protocol || !GREENGRASS_PROTOCOLS.has(parsed.protocol)) {
|
|
135
129
|
throw new CredentialsProviderError(`${parsed.protocol} is not a valid container metadata service protocol`, {
|
|
136
130
|
tryNextLink: false,
|
|
137
131
|
logger
|
|
138
132
|
});
|
|
139
133
|
}
|
|
140
134
|
return {
|
|
141
|
-
|
|
135
|
+
protocol: parsed.protocol,
|
|
136
|
+
hostname: parsed.hostname,
|
|
137
|
+
path: parsed.pathname + parsed.search,
|
|
142
138
|
port: parsed.port ? parseInt(parsed.port, 10) : void 0
|
|
143
139
|
};
|
|
144
140
|
}
|
|
@@ -148,7 +144,7 @@ var getCmdsUri = async ({ logger }) => {
|
|
|
148
144
|
});
|
|
149
145
|
};
|
|
150
146
|
|
|
151
|
-
// ../node_modules/.bun/@smithy+credential-provider-imds@4.
|
|
147
|
+
// ../node_modules/.bun/@smithy+credential-provider-imds@4.3.8/node_modules/@smithy/credential-provider-imds/dist-es/error/InstanceMetadataV1FallbackError.js
|
|
152
148
|
var InstanceMetadataV1FallbackError = class _InstanceMetadataV1FallbackError extends CredentialsProviderError {
|
|
153
149
|
constructor(message, tryNextLink = true) {
|
|
154
150
|
super(message, tryNextLink);
|
|
@@ -159,14 +155,14 @@ var InstanceMetadataV1FallbackError = class _InstanceMetadataV1FallbackError ext
|
|
|
159
155
|
}
|
|
160
156
|
};
|
|
161
157
|
|
|
162
|
-
// ../node_modules/.bun/@smithy+credential-provider-imds@4.
|
|
158
|
+
// ../node_modules/.bun/@smithy+credential-provider-imds@4.3.8/node_modules/@smithy/credential-provider-imds/dist-es/config/Endpoint.js
|
|
163
159
|
var Endpoint;
|
|
164
160
|
(function(Endpoint2) {
|
|
165
161
|
Endpoint2["IPv4"] = "http://169.254.169.254";
|
|
166
162
|
Endpoint2["IPv6"] = "http://[fd00:ec2::254]";
|
|
167
163
|
})(Endpoint || (Endpoint = {}));
|
|
168
164
|
|
|
169
|
-
// ../node_modules/.bun/@smithy+credential-provider-imds@4.
|
|
165
|
+
// ../node_modules/.bun/@smithy+credential-provider-imds@4.3.8/node_modules/@smithy/credential-provider-imds/dist-es/config/EndpointConfigOptions.js
|
|
170
166
|
var ENV_ENDPOINT_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT";
|
|
171
167
|
var CONFIG_ENDPOINT_NAME = "ec2_metadata_service_endpoint";
|
|
172
168
|
var ENDPOINT_CONFIG_OPTIONS = {
|
|
@@ -175,14 +171,14 @@ var ENDPOINT_CONFIG_OPTIONS = {
|
|
|
175
171
|
default: void 0
|
|
176
172
|
};
|
|
177
173
|
|
|
178
|
-
// ../node_modules/.bun/@smithy+credential-provider-imds@4.
|
|
174
|
+
// ../node_modules/.bun/@smithy+credential-provider-imds@4.3.8/node_modules/@smithy/credential-provider-imds/dist-es/config/EndpointMode.js
|
|
179
175
|
var EndpointMode;
|
|
180
176
|
(function(EndpointMode2) {
|
|
181
177
|
EndpointMode2["IPv4"] = "IPv4";
|
|
182
178
|
EndpointMode2["IPv6"] = "IPv6";
|
|
183
179
|
})(EndpointMode || (EndpointMode = {}));
|
|
184
180
|
|
|
185
|
-
// ../node_modules/.bun/@smithy+credential-provider-imds@4.
|
|
181
|
+
// ../node_modules/.bun/@smithy+credential-provider-imds@4.3.8/node_modules/@smithy/credential-provider-imds/dist-es/config/EndpointModeConfigOptions.js
|
|
186
182
|
var ENV_ENDPOINT_MODE_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE";
|
|
187
183
|
var CONFIG_ENDPOINT_MODE_NAME = "ec2_metadata_service_endpoint_mode";
|
|
188
184
|
var ENDPOINT_MODE_CONFIG_OPTIONS = {
|
|
@@ -191,7 +187,7 @@ var ENDPOINT_MODE_CONFIG_OPTIONS = {
|
|
|
191
187
|
default: EndpointMode.IPv4
|
|
192
188
|
};
|
|
193
189
|
|
|
194
|
-
// ../node_modules/.bun/@smithy+credential-provider-imds@4.
|
|
190
|
+
// ../node_modules/.bun/@smithy+credential-provider-imds@4.3.8/node_modules/@smithy/credential-provider-imds/dist-es/utils/getInstanceMetadataEndpoint.js
|
|
195
191
|
var getInstanceMetadataEndpoint = async () => parseUrl(await getFromEndpointConfig() || await getFromEndpointModeConfig());
|
|
196
192
|
var getFromEndpointConfig = async () => loadConfig(ENDPOINT_CONFIG_OPTIONS)();
|
|
197
193
|
var getFromEndpointModeConfig = async () => {
|
|
@@ -206,7 +202,7 @@ var getFromEndpointModeConfig = async () => {
|
|
|
206
202
|
}
|
|
207
203
|
};
|
|
208
204
|
|
|
209
|
-
// ../node_modules/.bun/@smithy+credential-provider-imds@4.
|
|
205
|
+
// ../node_modules/.bun/@smithy+credential-provider-imds@4.3.8/node_modules/@smithy/credential-provider-imds/dist-es/utils/getExtendedInstanceMetadataCredentials.js
|
|
210
206
|
var STATIC_STABILITY_REFRESH_INTERVAL_SECONDS = 5 * 60;
|
|
211
207
|
var STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS = 5 * 60;
|
|
212
208
|
var STATIC_STABILITY_DOC_URL = "https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html";
|
|
@@ -223,7 +219,7 @@ For more information, please visit: ` + STATIC_STABILITY_DOC_URL);
|
|
|
223
219
|
};
|
|
224
220
|
};
|
|
225
221
|
|
|
226
|
-
// ../node_modules/.bun/@smithy+credential-provider-imds@4.
|
|
222
|
+
// ../node_modules/.bun/@smithy+credential-provider-imds@4.3.8/node_modules/@smithy/credential-provider-imds/dist-es/utils/staticStabilityProvider.js
|
|
227
223
|
var staticStabilityProvider = (provider, options = {}) => {
|
|
228
224
|
const logger = options?.logger || console;
|
|
229
225
|
let pastCredentials;
|
|
@@ -247,7 +243,7 @@ var staticStabilityProvider = (provider, options = {}) => {
|
|
|
247
243
|
};
|
|
248
244
|
};
|
|
249
245
|
|
|
250
|
-
// ../node_modules/.bun/@smithy+credential-provider-imds@4.
|
|
246
|
+
// ../node_modules/.bun/@smithy+credential-provider-imds@4.3.8/node_modules/@smithy/credential-provider-imds/dist-es/fromInstanceMetadata.js
|
|
251
247
|
var IMDS_PATH = "/latest/meta-data/iam/security-credentials/";
|
|
252
248
|
var IMDS_TOKEN_PATH = "/latest/api/token";
|
|
253
249
|
var AWS_EC2_METADATA_V1_DISABLED = "AWS_EC2_METADATA_V1_DISABLED";
|
|
@@ -1,25 +1,24 @@
|
|
|
1
1
|
#!/usr/bin/env bun
|
|
2
|
-
import {
|
|
3
|
-
externalDataInterceptor
|
|
4
|
-
} from "./chunk-HMKFI7SL.mjs";
|
|
5
2
|
import {
|
|
6
3
|
setCredentialFeature
|
|
7
|
-
} from "./chunk-
|
|
4
|
+
} from "./chunk-MNYGWPEL.mjs";
|
|
8
5
|
import {
|
|
9
|
-
CredentialsProviderError
|
|
10
|
-
|
|
6
|
+
CredentialsProviderError,
|
|
7
|
+
externalDataInterceptor
|
|
8
|
+
} from "./chunk-NSGUCXRX.mjs";
|
|
9
|
+
import "./chunk-GFYYBNVD.mjs";
|
|
11
10
|
import "./chunk-FFDYI4OH.mjs";
|
|
12
11
|
|
|
13
|
-
// ../node_modules/.bun/@aws-sdk+credential-provider-web-identity@3.972.
|
|
12
|
+
// ../node_modules/.bun/@aws-sdk+credential-provider-web-identity@3.972.49/node_modules/@aws-sdk/credential-provider-web-identity/dist-es/fromTokenFile.js
|
|
14
13
|
import { readFileSync } from "fs";
|
|
15
14
|
|
|
16
|
-
// ../node_modules/.bun/@aws-sdk+credential-provider-web-identity@3.972.
|
|
15
|
+
// ../node_modules/.bun/@aws-sdk+credential-provider-web-identity@3.972.49/node_modules/@aws-sdk/credential-provider-web-identity/dist-es/fromWebToken.js
|
|
17
16
|
var fromWebToken = (init) => async (awsIdentityProperties) => {
|
|
18
17
|
init.logger?.debug("@aws-sdk/credential-provider-web-identity - fromWebToken");
|
|
19
18
|
const { roleArn, roleSessionName, webIdentityToken, providerId, policyArns, policy, durationSeconds } = init;
|
|
20
19
|
let { roleAssumerWithWebIdentity } = init;
|
|
21
20
|
if (!roleAssumerWithWebIdentity) {
|
|
22
|
-
const { getDefaultRoleAssumerWithWebIdentity } = await import("./sts-
|
|
21
|
+
const { getDefaultRoleAssumerWithWebIdentity } = await import("./sts-LQIL7WOF.mjs");
|
|
23
22
|
roleAssumerWithWebIdentity = getDefaultRoleAssumerWithWebIdentity({
|
|
24
23
|
...init.clientConfig,
|
|
25
24
|
credentialProviderLogger: init.logger,
|
|
@@ -40,7 +39,7 @@ var fromWebToken = (init) => async (awsIdentityProperties) => {
|
|
|
40
39
|
});
|
|
41
40
|
};
|
|
42
41
|
|
|
43
|
-
// ../node_modules/.bun/@aws-sdk+credential-provider-web-identity@3.972.
|
|
42
|
+
// ../node_modules/.bun/@aws-sdk+credential-provider-web-identity@3.972.49/node_modules/@aws-sdk/credential-provider-web-identity/dist-es/fromTokenFile.js
|
|
44
43
|
var ENV_TOKEN_FILE = "AWS_WEB_IDENTITY_TOKEN_FILE";
|
|
45
44
|
var ENV_ROLE_ARN = "AWS_ROLE_ARN";
|
|
46
45
|
var ENV_ROLE_SESSION_NAME = "AWS_ROLE_SESSION_NAME";
|
|
@@ -1,41 +1,29 @@
|
|
|
1
1
|
#!/usr/bin/env bun
|
|
2
2
|
import {
|
|
3
|
+
setCredentialFeature
|
|
4
|
+
} from "./chunk-MNYGWPEL.mjs";
|
|
5
|
+
import {
|
|
6
|
+
CredentialsProviderError,
|
|
7
|
+
TokenProviderError,
|
|
3
8
|
getProfileName,
|
|
4
9
|
getSSOTokenFilepath,
|
|
5
10
|
getSSOTokenFromFile,
|
|
6
11
|
loadSsoSessionData,
|
|
7
12
|
parseKnownFiles
|
|
8
|
-
} from "./chunk-
|
|
9
|
-
import
|
|
10
|
-
|
|
11
|
-
} from "./chunk-CEE3Y7RM.mjs";
|
|
12
|
-
import {
|
|
13
|
-
CredentialsProviderError,
|
|
14
|
-
ProviderError
|
|
15
|
-
} from "./chunk-AEKGTTWT.mjs";
|
|
16
|
-
import {
|
|
17
|
-
__publicField
|
|
18
|
-
} from "./chunk-FFDYI4OH.mjs";
|
|
19
|
-
|
|
20
|
-
// ../node_modules/.bun/@smithy+property-provider@4.2.14/node_modules/@smithy/property-provider/dist-es/TokenProviderError.js
|
|
21
|
-
var TokenProviderError = class _TokenProviderError extends ProviderError {
|
|
22
|
-
constructor(message, options = true) {
|
|
23
|
-
super(message, options);
|
|
24
|
-
__publicField(this, "name", "TokenProviderError");
|
|
25
|
-
Object.setPrototypeOf(this, _TokenProviderError.prototype);
|
|
26
|
-
}
|
|
27
|
-
};
|
|
13
|
+
} from "./chunk-NSGUCXRX.mjs";
|
|
14
|
+
import "./chunk-GFYYBNVD.mjs";
|
|
15
|
+
import "./chunk-FFDYI4OH.mjs";
|
|
28
16
|
|
|
29
|
-
// ../node_modules/.bun/@aws-sdk+credential-provider-sso@3.972.
|
|
17
|
+
// ../node_modules/.bun/@aws-sdk+credential-provider-sso@3.972.49/node_modules/@aws-sdk/credential-provider-sso/dist-es/isSsoProfile.js
|
|
30
18
|
var isSsoProfile = (arg) => arg && (typeof arg.sso_start_url === "string" || typeof arg.sso_account_id === "string" || typeof arg.sso_session === "string" || typeof arg.sso_region === "string" || typeof arg.sso_role_name === "string");
|
|
31
19
|
|
|
32
|
-
// ../node_modules/.bun/@aws-sdk+token-providers@3.
|
|
20
|
+
// ../node_modules/.bun/@aws-sdk+token-providers@3.1063.0/node_modules/@aws-sdk/token-providers/dist-es/constants.js
|
|
33
21
|
var EXPIRE_WINDOW_MS = 5 * 60 * 1e3;
|
|
34
22
|
var REFRESH_MESSAGE = `To refresh this SSO session run 'aws sso login' with the corresponding profile.`;
|
|
35
23
|
|
|
36
|
-
// ../node_modules/.bun/@aws-sdk+token-providers@3.
|
|
24
|
+
// ../node_modules/.bun/@aws-sdk+token-providers@3.1063.0/node_modules/@aws-sdk/token-providers/dist-es/getSsoOidcClient.js
|
|
37
25
|
var getSsoOidcClient = async (ssoRegion, init = {}, callerClientConfig) => {
|
|
38
|
-
const { SSOOIDCClient } = await import("./sso-oidc-
|
|
26
|
+
const { SSOOIDCClient } = await import("./sso-oidc-YWYT5VLS.mjs");
|
|
39
27
|
const coalesce = (prop) => init.clientConfig?.[prop] ?? init.parentClientConfig?.[prop] ?? callerClientConfig?.[prop];
|
|
40
28
|
const ssoOidcClient = new SSOOIDCClient(Object.assign({}, init.clientConfig ?? {}, {
|
|
41
29
|
region: ssoRegion ?? init.clientConfig?.region,
|
|
@@ -45,9 +33,9 @@ var getSsoOidcClient = async (ssoRegion, init = {}, callerClientConfig) => {
|
|
|
45
33
|
return ssoOidcClient;
|
|
46
34
|
};
|
|
47
35
|
|
|
48
|
-
// ../node_modules/.bun/@aws-sdk+token-providers@3.
|
|
36
|
+
// ../node_modules/.bun/@aws-sdk+token-providers@3.1063.0/node_modules/@aws-sdk/token-providers/dist-es/getNewSsoOidcToken.js
|
|
49
37
|
var getNewSsoOidcToken = async (ssoToken, ssoRegion, init = {}, callerClientConfig) => {
|
|
50
|
-
const { CreateTokenCommand } = await import("./sso-oidc-
|
|
38
|
+
const { CreateTokenCommand } = await import("./sso-oidc-YWYT5VLS.mjs");
|
|
51
39
|
const ssoOidcClient = await getSsoOidcClient(ssoRegion, init, callerClientConfig);
|
|
52
40
|
return ssoOidcClient.send(new CreateTokenCommand({
|
|
53
41
|
clientId: ssoToken.clientId,
|
|
@@ -57,21 +45,21 @@ var getNewSsoOidcToken = async (ssoToken, ssoRegion, init = {}, callerClientConf
|
|
|
57
45
|
}));
|
|
58
46
|
};
|
|
59
47
|
|
|
60
|
-
// ../node_modules/.bun/@aws-sdk+token-providers@3.
|
|
48
|
+
// ../node_modules/.bun/@aws-sdk+token-providers@3.1063.0/node_modules/@aws-sdk/token-providers/dist-es/validateTokenExpiry.js
|
|
61
49
|
var validateTokenExpiry = (token) => {
|
|
62
50
|
if (token.expiration && token.expiration.getTime() < Date.now()) {
|
|
63
51
|
throw new TokenProviderError(`Token is expired. ${REFRESH_MESSAGE}`, false);
|
|
64
52
|
}
|
|
65
53
|
};
|
|
66
54
|
|
|
67
|
-
// ../node_modules/.bun/@aws-sdk+token-providers@3.
|
|
55
|
+
// ../node_modules/.bun/@aws-sdk+token-providers@3.1063.0/node_modules/@aws-sdk/token-providers/dist-es/validateTokenKey.js
|
|
68
56
|
var validateTokenKey = (key, value, forRefresh = false) => {
|
|
69
57
|
if (typeof value === "undefined") {
|
|
70
58
|
throw new TokenProviderError(`Value not present for '${key}' in SSO Token${forRefresh ? ". Cannot refresh" : ""}. ${REFRESH_MESSAGE}`, false);
|
|
71
59
|
}
|
|
72
60
|
};
|
|
73
61
|
|
|
74
|
-
// ../node_modules/.bun/@aws-sdk+token-providers@3.
|
|
62
|
+
// ../node_modules/.bun/@aws-sdk+token-providers@3.1063.0/node_modules/@aws-sdk/token-providers/dist-es/writeSSOTokenToFile.js
|
|
75
63
|
import { promises as fsPromises } from "fs";
|
|
76
64
|
var { writeFile } = fsPromises;
|
|
77
65
|
var writeSSOTokenToFile = (id, ssoToken) => {
|
|
@@ -80,7 +68,7 @@ var writeSSOTokenToFile = (id, ssoToken) => {
|
|
|
80
68
|
return writeFile(tokenFilepath, tokenString);
|
|
81
69
|
};
|
|
82
70
|
|
|
83
|
-
// ../node_modules/.bun/@aws-sdk+token-providers@3.
|
|
71
|
+
// ../node_modules/.bun/@aws-sdk+token-providers@3.1063.0/node_modules/@aws-sdk/token-providers/dist-es/fromSso.js
|
|
84
72
|
var lastRefreshAttemptTime = /* @__PURE__ */ new Date(0);
|
|
85
73
|
var fromSso = (init = {}) => async ({ callerClientConfig } = {}) => {
|
|
86
74
|
init.logger?.debug("@aws-sdk/token-providers - fromSso");
|
|
@@ -152,7 +140,7 @@ var fromSso = (init = {}) => async ({ callerClientConfig } = {}) => {
|
|
|
152
140
|
}
|
|
153
141
|
};
|
|
154
142
|
|
|
155
|
-
// ../node_modules/.bun/@aws-sdk+credential-provider-sso@3.972.
|
|
143
|
+
// ../node_modules/.bun/@aws-sdk+credential-provider-sso@3.972.49/node_modules/@aws-sdk/credential-provider-sso/dist-es/resolveSSOCredentials.js
|
|
156
144
|
var SHOULD_FAIL_CREDENTIAL_CHAIN = false;
|
|
157
145
|
var resolveSSOCredentials = async ({ ssoStartUrl, ssoSession, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, clientConfig, parentClientConfig, callerClientConfig, profile, filepath, configFilepath, ignoreCache, logger }) => {
|
|
158
146
|
let token;
|
|
@@ -192,7 +180,7 @@ var resolveSSOCredentials = async ({ ssoStartUrl, ssoSession, ssoAccountId, ssoR
|
|
|
192
180
|
});
|
|
193
181
|
}
|
|
194
182
|
const { accessToken } = token;
|
|
195
|
-
const { SSOClient, GetRoleCredentialsCommand } = await import("./loadSso-
|
|
183
|
+
const { SSOClient, GetRoleCredentialsCommand } = await import("./loadSso-ABHII4GO.mjs");
|
|
196
184
|
const sso = ssoClient || new SSOClient(Object.assign({}, clientConfig ?? {}, {
|
|
197
185
|
logger: clientConfig?.logger ?? callerClientConfig?.logger ?? parentClientConfig?.logger,
|
|
198
186
|
region: clientConfig?.region ?? ssoRegion,
|
|
@@ -234,7 +222,7 @@ var resolveSSOCredentials = async ({ ssoStartUrl, ssoSession, ssoAccountId, ssoR
|
|
|
234
222
|
return credentials;
|
|
235
223
|
};
|
|
236
224
|
|
|
237
|
-
// ../node_modules/.bun/@aws-sdk+credential-provider-sso@3.972.
|
|
225
|
+
// ../node_modules/.bun/@aws-sdk+credential-provider-sso@3.972.49/node_modules/@aws-sdk/credential-provider-sso/dist-es/validateSsoProfile.js
|
|
238
226
|
var validateSsoProfile = (profile, logger) => {
|
|
239
227
|
const { sso_start_url, sso_account_id, sso_region, sso_role_name } = profile;
|
|
240
228
|
if (!sso_start_url || !sso_account_id || !sso_region || !sso_role_name) {
|
|
@@ -244,7 +232,7 @@ Reference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.ht
|
|
|
244
232
|
return profile;
|
|
245
233
|
};
|
|
246
234
|
|
|
247
|
-
// ../node_modules/.bun/@aws-sdk+credential-provider-sso@3.972.
|
|
235
|
+
// ../node_modules/.bun/@aws-sdk+credential-provider-sso@3.972.49/node_modules/@aws-sdk/credential-provider-sso/dist-es/fromSSO.js
|
|
248
236
|
var fromSSO = (init = {}) => async ({ callerClientConfig } = {}) => {
|
|
249
237
|
init.logger?.debug("@aws-sdk/credential-provider-sso - fromSSO");
|
|
250
238
|
const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoSession } = init;
|
|
@@ -1,27 +1,24 @@
|
|
|
1
1
|
#!/usr/bin/env bun
|
|
2
2
|
import {
|
|
3
|
-
|
|
4
|
-
} from "./chunk-
|
|
3
|
+
NodeHttpHandler
|
|
4
|
+
} from "./chunk-Q4H42355.mjs";
|
|
5
5
|
import {
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
} from "./chunk-H57WOA7R.mjs";
|
|
6
|
+
setCredentialFeature
|
|
7
|
+
} from "./chunk-MNYGWPEL.mjs";
|
|
9
8
|
import {
|
|
9
|
+
CredentialsProviderError,
|
|
10
10
|
HttpRequest
|
|
11
|
-
} from "./chunk-
|
|
12
|
-
import "./chunk-S6VA5TIO.mjs";
|
|
11
|
+
} from "./chunk-NSGUCXRX.mjs";
|
|
13
12
|
import {
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
CredentialsProviderError
|
|
18
|
-
} from "./chunk-AEKGTTWT.mjs";
|
|
13
|
+
parseRfc3339DateTime,
|
|
14
|
+
sdkStreamMixin
|
|
15
|
+
} from "./chunk-GFYYBNVD.mjs";
|
|
19
16
|
import "./chunk-FFDYI4OH.mjs";
|
|
20
17
|
|
|
21
|
-
// ../node_modules/.bun/@aws-sdk+credential-provider-http@3.972.
|
|
18
|
+
// ../node_modules/.bun/@aws-sdk+credential-provider-http@3.972.46/node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/fromHttp.js
|
|
22
19
|
import fs from "fs/promises";
|
|
23
20
|
|
|
24
|
-
// ../node_modules/.bun/@aws-sdk+credential-provider-http@3.972.
|
|
21
|
+
// ../node_modules/.bun/@aws-sdk+credential-provider-http@3.972.46/node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/checkUrl.js
|
|
25
22
|
var ECS_CONTAINER_HOST = "169.254.170.2";
|
|
26
23
|
var EKS_CONTAINER_HOST_IPv4 = "169.254.170.23";
|
|
27
24
|
var EKS_CONTAINER_HOST_IPv6 = "[fd00:ec2::23]";
|
|
@@ -55,7 +52,7 @@ var checkUrl = (url, logger) => {
|
|
|
55
52
|
- EKS container host 169.254.170.23 or [fd00:ec2::23]`, { logger });
|
|
56
53
|
};
|
|
57
54
|
|
|
58
|
-
// ../node_modules/.bun/@aws-sdk+credential-provider-http@3.972.
|
|
55
|
+
// ../node_modules/.bun/@aws-sdk+credential-provider-http@3.972.46/node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/requestHelpers.js
|
|
59
56
|
function createGetRequest(url) {
|
|
60
57
|
return new HttpRequest({
|
|
61
58
|
protocol: url.protocol,
|
|
@@ -98,7 +95,7 @@ async function getCredentials(response, logger) {
|
|
|
98
95
|
throw new CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger });
|
|
99
96
|
}
|
|
100
97
|
|
|
101
|
-
// ../node_modules/.bun/@aws-sdk+credential-provider-http@3.972.
|
|
98
|
+
// ../node_modules/.bun/@aws-sdk+credential-provider-http@3.972.46/node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/retry-wrapper.js
|
|
102
99
|
var retryWrapper = (toRetry, maxRetries, delayMs) => {
|
|
103
100
|
return async () => {
|
|
104
101
|
for (let i = 0; i < maxRetries; ++i) {
|
|
@@ -112,7 +109,7 @@ var retryWrapper = (toRetry, maxRetries, delayMs) => {
|
|
|
112
109
|
};
|
|
113
110
|
};
|
|
114
111
|
|
|
115
|
-
// ../node_modules/.bun/@aws-sdk+credential-provider-http@3.972.
|
|
112
|
+
// ../node_modules/.bun/@aws-sdk+credential-provider-http@3.972.46/node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/fromHttp.js
|
|
116
113
|
var AWS_CONTAINER_CREDENTIALS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI";
|
|
117
114
|
var DEFAULT_LINK_LOCAL_HOST = "http://169.254.170.2";
|
|
118
115
|
var AWS_CONTAINER_CREDENTIALS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI";
|
|
@@ -144,11 +141,9 @@ Set AWS_CONTAINER_CREDENTIALS_FULL_URI or AWS_CONTAINER_CREDENTIALS_RELATIVE_URI
|
|
|
144
141
|
}
|
|
145
142
|
const url = new URL(host);
|
|
146
143
|
checkUrl(url, options.logger);
|
|
147
|
-
const requestHandler = NodeHttpHandler.create({
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
});
|
|
151
|
-
return retryWrapper(async () => {
|
|
144
|
+
const requestHandler = NodeHttpHandler.create({ connectionTimeout: options.timeout ?? 1e3 });
|
|
145
|
+
const requestTimeout = options.timeout ?? 1e3;
|
|
146
|
+
const provider = retryWrapper(async () => {
|
|
152
147
|
const request = createGetRequest(url);
|
|
153
148
|
if (token) {
|
|
154
149
|
request.headers.Authorization = token;
|
|
@@ -156,12 +151,19 @@ Set AWS_CONTAINER_CREDENTIALS_FULL_URI or AWS_CONTAINER_CREDENTIALS_RELATIVE_URI
|
|
|
156
151
|
request.headers.Authorization = (await fs.readFile(tokenFile)).toString();
|
|
157
152
|
}
|
|
158
153
|
try {
|
|
159
|
-
const result = await requestHandler.handle(request);
|
|
154
|
+
const result = await requestHandler.handle(request, { requestTimeout });
|
|
160
155
|
return getCredentials(result.response).then((creds) => setCredentialFeature(creds, "CREDENTIALS_HTTP", "z"));
|
|
161
156
|
} catch (e) {
|
|
162
157
|
throw new CredentialsProviderError(String(e), { logger: options.logger });
|
|
163
158
|
}
|
|
164
159
|
}, options.maxRetries ?? 3, options.timeout ?? 1e3);
|
|
160
|
+
return async () => {
|
|
161
|
+
try {
|
|
162
|
+
return await provider();
|
|
163
|
+
} finally {
|
|
164
|
+
requestHandler.destroy?.();
|
|
165
|
+
}
|
|
166
|
+
};
|
|
165
167
|
};
|
|
166
168
|
export {
|
|
167
169
|
fromHttp
|