actions/login-action
1
Fork 0
mirror of https://github.com/docker/login-action.git synced 2026-02-05 04:55:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
b3d920e366db7dc87cf7d3a95a4d4a40c8376858
login-action/dist/998.index.js

1378 lines
60 KiB
JavaScript
Raw Normal View History

chore: update generated content
2026-01-30 14:42:57 +00:00
"use strict";
exports.id = 998;
exports.ids = [998];
exports.modules = {
/***/ 62041:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.resolveHttpAuthSchemeConfig = exports.defaultSSOHttpAuthSchemeProvider = exports.defaultSSOHttpAuthSchemeParametersProvider = void 0;
const core_1 = __webpack_require__(8704);
const util_middleware_1 = __webpack_require__(76324);
const defaultSSOHttpAuthSchemeParametersProvider = async (config, context, input) => {
return {
operation: (0, util_middleware_1.getSmithyContext)(context).operation,
region: await (0, util_middleware_1.normalizeProvider)(config.region)() || (() => {
throw new Error("expected `region` to be configured for `aws.auth#sigv4`");
})(),
};
};
exports.defaultSSOHttpAuthSchemeParametersProvider = defaultSSOHttpAuthSchemeParametersProvider;
function createAwsAuthSigv4HttpAuthOption(authParameters) {
return {
schemeId: "aws.auth#sigv4",
signingProperties: {
name: "awsssoportal",
region: authParameters.region,
},
propertiesExtractor: (config, context) => ({
signingProperties: {
config,
context,
},
}),
};
}
function createSmithyApiNoAuthHttpAuthOption(authParameters) {
return {
schemeId: "smithy.api#noAuth",
};
}
const defaultSSOHttpAuthSchemeProvider = (authParameters) => {
const options = [];
switch (authParameters.operation) {
case "GetRoleCredentials":
{
options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
break;
}
;
case "ListAccountRoles":
{
options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
break;
}
;
case "ListAccounts":
{
options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
break;
}
;
case "Logout":
{
options.push(createSmithyApiNoAuthHttpAuthOption(authParameters));
break;
}
;
default: {
options.push(createAwsAuthSigv4HttpAuthOption(authParameters));
}
}
return options;
};
exports.defaultSSOHttpAuthSchemeProvider = defaultSSOHttpAuthSchemeProvider;
const resolveHttpAuthSchemeConfig = (config) => {
const config_0 = (0, core_1.resolveAwsSdkSigV4Config)(config);
return Object.assign(config_0, {
authSchemePreference: (0, util_middleware_1.normalizeProvider)(config.authSchemePreference ?? []),
});
};
exports.resolveHttpAuthSchemeConfig = resolveHttpAuthSchemeConfig;
/***/ }),
/***/ 13903:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.defaultEndpointResolver = void 0;
const util_endpoints_1 = __webpack_require__(83068);
const util_endpoints_2 = __webpack_require__(79674);
const ruleset_1 = __webpack_require__(41308);
const cache = new util_endpoints_2.EndpointCache({
size: 50,
params: ["Endpoint", "Region", "UseDualStack", "UseFIPS"],
});
const defaultEndpointResolver = (endpointParams, context = {}) => {
return cache.get(endpointParams, () => (0, util_endpoints_2.resolveEndpoint)(ruleset_1.ruleSet, {
endpointParams: endpointParams,
logger: context.logger,
}));
};
exports.defaultEndpointResolver = defaultEndpointResolver;
util_endpoints_2.customEndpointFunctions.aws = util_endpoints_1.awsEndpointFunctions;
/***/ }),
/***/ 41308:
/***/ ((__unused_webpack_module, exports) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.ruleSet = void 0;
const u = "required", v = "fn", w = "argv", x = "ref";
const a = true, b = "isSet", c = "booleanEquals", d = "error", e = "endpoint", f = "tree", g = "PartitionResult", h = "getAttr", i = { [u]: false, "type": "string" }, j = { [u]: true, "default": false, "type": "boolean" }, k = { [x]: "Endpoint" }, l = { [v]: c, [w]: [{ [x]: "UseFIPS" }, true] }, m = { [v]: c, [w]: [{ [x]: "UseDualStack" }, true] }, n = {}, o = { [v]: h, [w]: [{ [x]: g }, "supportsFIPS"] }, p = { [x]: g }, q = { [v]: c, [w]: [true, { [v]: h, [w]: [p, "supportsDualStack"] }] }, r = [l], s = [m], t = [{ [x]: "Region" }];
const _data = { version: "1.0", parameters: { Region: i, UseDualStack: j, UseFIPS: j, Endpoint: i }, rules: [{ conditions: [{ [v]: b, [w]: [k] }], rules: [{ conditions: r, error: "Invalid Configuration: FIPS and custom endpoint are not supported", type: d }, { conditions: s, error: "Invalid Configuration: Dualstack and custom endpoint are not supported", type: d }, { endpoint: { url: k, properties: n, headers: n }, type: e }], type: f }, { conditions: [{ [v]: b, [w]: t }], rules: [{ conditions: [{ [v]: "aws.partition", [w]: t, assign: g }], rules: [{ conditions: [l, m], rules: [{ conditions: [{ [v]: c, [w]: [a, o] }, q], rules: [{ endpoint: { url: "https://portal.sso-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "FIPS and DualStack are enabled, but this partition does not support one or both", type: d }], type: f }, { conditions: r, rules: [{ conditions: [{ [v]: c, [w]: [o, a] }], rules: [{ conditions: [{ [v]: "stringEquals", [w]: [{ [v]: h, [w]: [p, "name"] }, "aws-us-gov"] }], endpoint: { url: "https://portal.sso.{Region}.amazonaws.com", properties: n, headers: n }, type: e }, { endpoint: { url: "https://portal.sso-fips.{Region}.{PartitionResult#dnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "FIPS is enabled but this partition does not support FIPS", type: d }], type: f }, { conditions: s, rules: [{ conditions: [q], rules: [{ endpoint: { url: "https://portal.sso.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "DualStack is enabled but this partition does not support DualStack", type: d }], type: f }, { endpoint: { url: "https://portal.sso.{Region}.{PartitionResult#dnsSuffix}", properties: n, headers: n }, type: e }], type: f }], type: f }, { error: "Invalid Configuration: Missing Region", type: d }] };
exports.ruleSet = _data;
/***/ }),
/***/ 62054:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
var middlewareHostHeader = __webpack_require__(52590);
var middlewareLogger = __webpack_require__(85242);
var middlewareRecursionDetection = __webpack_require__(81568);
var middlewareUserAgent = __webpack_require__(32959);
var configResolver = __webpack_require__(39316);
var core = __webpack_require__(90402);
var schema = __webpack_require__(26890);
var middlewareContentLength = __webpack_require__(47212);
var middlewareEndpoint = __webpack_require__(40099);
var middlewareRetry = __webpack_require__(19618);
var smithyClient = __webpack_require__(61411);
var httpAuthSchemeProvider = __webpack_require__(62041);
var runtimeConfig = __webpack_require__(82696);
var regionConfigResolver = __webpack_require__(36463);
var protocolHttp = __webpack_require__(72356);
const resolveClientEndpointParameters = (options) => {
return Object.assign(options, {
useDualstackEndpoint: options.useDualstackEndpoint ?? false,
useFipsEndpoint: options.useFipsEndpoint ?? false,
defaultSigningName: "awsssoportal",
});
};
const commonParams = {
UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" },
Endpoint: { type: "builtInParams", name: "endpoint" },
Region: { type: "builtInParams", name: "region" },
UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" },
};
const getHttpAuthExtensionConfiguration = (runtimeConfig) => {
const _httpAuthSchemes = runtimeConfig.httpAuthSchemes;
let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider;
let _credentials = runtimeConfig.credentials;
return {
setHttpAuthScheme(httpAuthScheme) {
const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId);
if (index === -1) {
_httpAuthSchemes.push(httpAuthScheme);
}
else {
_httpAuthSchemes.splice(index, 1, httpAuthScheme);
}
},
httpAuthSchemes() {
return _httpAuthSchemes;
},
setHttpAuthSchemeProvider(httpAuthSchemeProvider) {
_httpAuthSchemeProvider = httpAuthSchemeProvider;
},
httpAuthSchemeProvider() {
return _httpAuthSchemeProvider;
},
setCredentials(credentials) {
_credentials = credentials;
},
credentials() {
return _credentials;
},
};
};
const resolveHttpAuthRuntimeConfig = (config) => {
return {
httpAuthSchemes: config.httpAuthSchemes(),
httpAuthSchemeProvider: config.httpAuthSchemeProvider(),
credentials: config.credentials(),
};
};
const resolveRuntimeExtensions = (runtimeConfig, extensions) => {
const extensionConfiguration = Object.assign(regionConfigResolver.getAwsRegionExtensionConfiguration(runtimeConfig), smithyClient.getDefaultExtensionConfiguration(runtimeConfig), protocolHttp.getHttpHandlerExtensionConfiguration(runtimeConfig), getHttpAuthExtensionConfiguration(runtimeConfig));
extensions.forEach((extension) => extension.configure(extensionConfiguration));
return Object.assign(runtimeConfig, regionConfigResolver.resolveAwsRegionExtensionConfiguration(extensionConfiguration), smithyClient.resolveDefaultRuntimeConfig(extensionConfiguration), protocolHttp.resolveHttpHandlerRuntimeConfig(extensionConfiguration), resolveHttpAuthRuntimeConfig(extensionConfiguration));
};
class SSOClient extends smithyClient.Client {
config;
constructor(...[configuration]) {
const _config_0 = runtimeConfig.getRuntimeConfig(configuration || {});
super(_config_0);
this.initConfig = _config_0;
const _config_1 = resolveClientEndpointParameters(_config_0);
const _config_2 = middlewareUserAgent.resolveUserAgentConfig(_config_1);
const _config_3 = middlewareRetry.resolveRetryConfig(_config_2);
const _config_4 = configResolver.resolveRegionConfig(_config_3);
const _config_5 = middlewareHostHeader.resolveHostHeaderConfig(_config_4);
const _config_6 = middlewareEndpoint.resolveEndpointConfig(_config_5);
const _config_7 = httpAuthSchemeProvider.resolveHttpAuthSchemeConfig(_config_6);
const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []);
this.config = _config_8;
this.middlewareStack.use(schema.getSchemaSerdePlugin(this.config));
this.middlewareStack.use(middlewareUserAgent.getUserAgentPlugin(this.config));
this.middlewareStack.use(middlewareRetry.getRetryPlugin(this.config));
this.middlewareStack.use(middlewareContentLength.getContentLengthPlugin(this.config));
this.middlewareStack.use(middlewareHostHeader.getHostHeaderPlugin(this.config));
this.middlewareStack.use(middlewareLogger.getLoggerPlugin(this.config));
this.middlewareStack.use(middlewareRecursionDetection.getRecursionDetectionPlugin(this.config));
this.middlewareStack.use(core.getHttpAuthSchemeEndpointRuleSetPlugin(this.config, {
httpAuthSchemeParametersProvider: httpAuthSchemeProvider.defaultSSOHttpAuthSchemeParametersProvider,
identityProviderConfigProvider: async (config) => new core.DefaultIdentityProviderConfig({
"aws.auth#sigv4": config.credentials,
}),
}));
this.middlewareStack.use(core.getHttpSigningPlugin(this.config));
}
destroy() {
super.destroy();
}
}
class SSOServiceException extends smithyClient.ServiceException {
constructor(options) {
super(options);
Object.setPrototypeOf(this, SSOServiceException.prototype);
}
}
class InvalidRequestException extends SSOServiceException {
name = "InvalidRequestException";
$fault = "client";
constructor(opts) {
super({
name: "InvalidRequestException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, InvalidRequestException.prototype);
}
}
class ResourceNotFoundException extends SSOServiceException {
name = "ResourceNotFoundException";
$fault = "client";
constructor(opts) {
super({
name: "ResourceNotFoundException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, ResourceNotFoundException.prototype);
}
}
class TooManyRequestsException extends SSOServiceException {
name = "TooManyRequestsException";
$fault = "client";
constructor(opts) {
super({
name: "TooManyRequestsException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, TooManyRequestsException.prototype);
}
}
class UnauthorizedException extends SSOServiceException {
name = "UnauthorizedException";
$fault = "client";
constructor(opts) {
super({
name: "UnauthorizedException",
$fault: "client",
...opts,
});
Object.setPrototypeOf(this, UnauthorizedException.prototype);
}
}
const _AI = "AccountInfo";
const _ALT = "AccountListType";
const _ATT = "AccessTokenType";
const _GRC = "GetRoleCredentials";
const _GRCR = "GetRoleCredentialsRequest";
const _GRCRe = "GetRoleCredentialsResponse";
const _IRE = "InvalidRequestException";
const _L = "Logout";
const _LA = "ListAccounts";
const _LAR = "ListAccountsRequest";
const _LARR = "ListAccountRolesRequest";
const _LARRi = "ListAccountRolesResponse";
const _LARi = "ListAccountsResponse";
const _LARis = "ListAccountRoles";
const _LR = "LogoutRequest";
const _RC = "RoleCredentials";
const _RI = "RoleInfo";
const _RLT = "RoleListType";
const _RNFE = "ResourceNotFoundException";
const _SAKT = "SecretAccessKeyType";
const _STT = "SessionTokenType";
const _TMRE = "TooManyRequestsException";
const _UE = "UnauthorizedException";
const _aI = "accountId";
const _aKI = "accessKeyId";
const _aL = "accountList";
const _aN = "accountName";
const _aT = "accessToken";
const _ai = "account_id";
const _c = "client";
const _e = "error";
const _eA = "emailAddress";
const _ex = "expiration";
const _h = "http";
const _hE = "httpError";
const _hH = "httpHeader";
const _hQ = "httpQuery";
const _m = "message";
const _mR = "maxResults";
const _mr = "max_result";
const _nT = "nextToken";
const _nt = "next_token";
const _rC = "roleCredentials";
const _rL = "roleList";
const _rN = "roleName";
const _rn = "role_name";
const _s = "smithy.ts.sdk.synthetic.com.amazonaws.sso";
const _sAK = "secretAccessKey";
const _sT = "sessionToken";
const _xasbt = "x-amz-sso_bearer_token";
const n0 = "com.amazonaws.sso";
var AccessTokenType = [0, n0, _ATT, 8, 0];
var SecretAccessKeyType = [0, n0, _SAKT, 8, 0];
var SessionTokenType = [0, n0, _STT, 8, 0];
var AccountInfo$ = [3, n0, _AI,
0,
[_aI, _aN, _eA],
[0, 0, 0]
];
var GetRoleCredentialsRequest$ = [3, n0, _GRCR,
0,
[_rN, _aI, _aT],
[[0, { [_hQ]: _rn }], [0, { [_hQ]: _ai }], [() => AccessTokenType, { [_hH]: _xasbt }]], 3
];
var GetRoleCredentialsResponse$ = [3, n0, _GRCRe,
0,
[_rC],
[[() => RoleCredentials$, 0]]
];
var InvalidRequestException$ = [-3, n0, _IRE,
{ [_e]: _c, [_hE]: 400 },
[_m],
[0]
];
schema.TypeRegistry.for(n0).registerError(InvalidRequestException$, InvalidRequestException);
var ListAccountRolesRequest$ = [3, n0, _LARR,
0,
[_aT, _aI, _nT, _mR],
[[() => AccessTokenType, { [_hH]: _xasbt }], [0, { [_hQ]: _ai }], [0, { [_hQ]: _nt }], [1, { [_hQ]: _mr }]], 2
];
var ListAccountRolesResponse$ = [3, n0, _LARRi,
0,
[_nT, _rL],
[0, () => RoleListType]
];
var ListAccountsRequest$ = [3, n0, _LAR,
0,
[_aT, _nT, _mR],
[[() => AccessTokenType, { [_hH]: _xasbt }], [0, { [_hQ]: _nt }], [1, { [_hQ]: _mr }]], 1
];
var ListAccountsResponse$ = [3, n0, _LARi,
0,
[_nT, _aL],
[0, () => AccountListType]
];
var LogoutRequest$ = [3, n0, _LR,
0,
[_aT],
[[() => AccessTokenType, { [_hH]: _xasbt }]], 1
];
var ResourceNotFoundException$ = [-3, n0, _RNFE,
{ [_e]: _c, [_hE]: 404 },
[_m],
[0]
];
schema.TypeRegistry.for(n0).registerError(ResourceNotFoundException$, ResourceNotFoundException);
var RoleCredentials$ = [3, n0, _RC,
0,
[_aKI, _sAK, _sT, _ex],
[0, [() => SecretAccessKeyType, 0], [() => SessionTokenType, 0], 1]
];
var RoleInfo$ = [3, n0, _RI,
0,
[_rN, _aI],
[0, 0]
];
var TooManyRequestsException$ = [-3, n0, _TMRE,
{ [_e]: _c, [_hE]: 429 },
[_m],
[0]
];
schema.TypeRegistry.for(n0).registerError(TooManyRequestsException$, TooManyRequestsException);
var UnauthorizedException$ = [-3, n0, _UE,
{ [_e]: _c, [_hE]: 401 },
[_m],
[0]
];
schema.TypeRegistry.for(n0).registerError(UnauthorizedException$, UnauthorizedException);
var __Unit = "unit";
var SSOServiceException$ = [-3, _s, "SSOServiceException", 0, [], []];
schema.TypeRegistry.for(_s).registerError(SSOServiceException$, SSOServiceException);
var AccountListType = [1, n0, _ALT,
0, () => AccountInfo$
];
var RoleListType = [1, n0, _RLT,
0, () => RoleInfo$
];
var GetRoleCredentials$ = [9, n0, _GRC,
{ [_h]: ["GET", "/federation/credentials", 200] }, () => GetRoleCredentialsRequest$, () => GetRoleCredentialsResponse$
];
var ListAccountRoles$ = [9, n0, _LARis,
{ [_h]: ["GET", "/assignment/roles", 200] }, () => ListAccountRolesRequest$, () => ListAccountRolesResponse$
];
var ListAccounts$ = [9, n0, _LA,
{ [_h]: ["GET", "/assignment/accounts", 200] }, () => ListAccountsRequest$, () => ListAccountsResponse$
];
var Logout$ = [9, n0, _L,
{ [_h]: ["POST", "/logout", 200] }, () => LogoutRequest$, () => __Unit
];
class GetRoleCredentialsCommand extends smithyClient.Command
.classBuilder()
.ep(commonParams)
.m(function (Command, cs, config, o) {
return [middlewareEndpoint.getEndpointPlugin(config, Command.getEndpointParameterInstructions())];
})
.s("SWBPortalService", "GetRoleCredentials", {})
.n("SSOClient", "GetRoleCredentialsCommand")
.sc(GetRoleCredentials$)
.build() {
}
class ListAccountRolesCommand extends smithyClient.Command
.classBuilder()
.ep(commonParams)
.m(function (Command, cs, config, o) {
return [middlewareEndpoint.getEndpointPlugin(config, Command.getEndpointParameterInstructions())];
})
.s("SWBPortalService", "ListAccountRoles", {})
.n("SSOClient", "ListAccountRolesCommand")
.sc(ListAccountRoles$)
.build() {
}
class ListAccountsCommand extends smithyClient.Command
.classBuilder()
.ep(commonParams)
.m(function (Command, cs, config, o) {
return [middlewareEndpoint.getEndpointPlugin(config, Command.getEndpointParameterInstructions())];
})
.s("SWBPortalService", "ListAccounts", {})
.n("SSOClient", "ListAccountsCommand")
.sc(ListAccounts$)
.build() {
}
class LogoutCommand extends smithyClient.Command
.classBuilder()
.ep(commonParams)
.m(function (Command, cs, config, o) {
return [middlewareEndpoint.getEndpointPlugin(config, Command.getEndpointParameterInstructions())];
})
.s("SWBPortalService", "Logout", {})
.n("SSOClient", "LogoutCommand")
.sc(Logout$)
.build() {
}
chore: update generated content
2026-02-03 07:43:34 +00:00
const paginateListAccountRoles = core.createPaginator(SSOClient, ListAccountRolesCommand, "nextToken", "nextToken", "maxResults");
const paginateListAccounts = core.createPaginator(SSOClient, ListAccountsCommand, "nextToken", "nextToken", "maxResults");
chore: update generated content
2026-01-30 14:42:57 +00:00
const commands = {
GetRoleCredentialsCommand,
ListAccountRolesCommand,
ListAccountsCommand,
LogoutCommand,
};
chore: update generated content
2026-02-03 07:43:34 +00:00
const paginators = {
paginateListAccountRoles,
paginateListAccounts,
};
chore: update generated content
2026-01-30 14:42:57 +00:00
class SSO extends SSOClient {
}
chore: update generated content
2026-02-03 07:43:34 +00:00
smithyClient.createAggregatedClient(commands, SSO, { paginators });
chore: update generated content
2026-01-30 14:42:57 +00:00
Object.defineProperty(exports, "$Command", ({
enumerable: true,
get: function () { return smithyClient.Command; }
}));
Object.defineProperty(exports, "__Client", ({
enumerable: true,
get: function () { return smithyClient.Client; }
}));
exports.AccountInfo$ = AccountInfo$;
exports.GetRoleCredentials$ = GetRoleCredentials$;
exports.GetRoleCredentialsCommand = GetRoleCredentialsCommand;
exports.GetRoleCredentialsRequest$ = GetRoleCredentialsRequest$;
exports.GetRoleCredentialsResponse$ = GetRoleCredentialsResponse$;
exports.InvalidRequestException = InvalidRequestException;
exports.InvalidRequestException$ = InvalidRequestException$;
exports.ListAccountRoles$ = ListAccountRoles$;
exports.ListAccountRolesCommand = ListAccountRolesCommand;
exports.ListAccountRolesRequest$ = ListAccountRolesRequest$;
exports.ListAccountRolesResponse$ = ListAccountRolesResponse$;
exports.ListAccounts$ = ListAccounts$;
exports.ListAccountsCommand = ListAccountsCommand;
exports.ListAccountsRequest$ = ListAccountsRequest$;
exports.ListAccountsResponse$ = ListAccountsResponse$;
exports.Logout$ = Logout$;
exports.LogoutCommand = LogoutCommand;
exports.LogoutRequest$ = LogoutRequest$;
exports.ResourceNotFoundException = ResourceNotFoundException;
exports.ResourceNotFoundException$ = ResourceNotFoundException$;
exports.RoleCredentials$ = RoleCredentials$;
exports.RoleInfo$ = RoleInfo$;
exports.SSO = SSO;
exports.SSOClient = SSOClient;
exports.SSOServiceException = SSOServiceException;
exports.SSOServiceException$ = SSOServiceException$;
exports.TooManyRequestsException = TooManyRequestsException;
exports.TooManyRequestsException$ = TooManyRequestsException$;
exports.UnauthorizedException = UnauthorizedException;
exports.UnauthorizedException$ = UnauthorizedException$;
exports.paginateListAccountRoles = paginateListAccountRoles;
exports.paginateListAccounts = paginateListAccounts;
/***/ }),
/***/ 82696:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.getRuntimeConfig = void 0;
const tslib_1 = __webpack_require__(61860);
const package_json_1 = tslib_1.__importDefault(__webpack_require__(45188));
const core_1 = __webpack_require__(8704);
const util_user_agent_node_1 = __webpack_require__(51656);
const config_resolver_1 = __webpack_require__(39316);
const hash_node_1 = __webpack_require__(5092);
const middleware_retry_1 = __webpack_require__(19618);
const node_config_provider_1 = __webpack_require__(55704);
const node_http_handler_1 = __webpack_require__(61279);
const smithy_client_1 = __webpack_require__(61411);
const util_body_length_node_1 = __webpack_require__(13638);
const util_defaults_mode_node_1 = __webpack_require__(15435);
const util_retry_1 = __webpack_require__(15518);
const runtimeConfig_shared_1 = __webpack_require__(8073);
const getRuntimeConfig = (config) => {
(0, smithy_client_1.emitWarningIfUnsupportedVersion)(process.version);
const defaultsMode = (0, util_defaults_mode_node_1.resolveDefaultsModeConfig)(config);
const defaultConfigProvider = () => defaultsMode().then(smithy_client_1.loadConfigsForDefaultMode);
const clientSharedValues = (0, runtimeConfig_shared_1.getRuntimeConfig)(config);
(0, core_1.emitWarningIfUnsupportedVersion)(process.version);
const loaderConfig = {
profile: config?.profile,
logger: clientSharedValues.logger,
};
return {
...clientSharedValues,
...config,
runtime: "node",
defaultsMode,
authSchemePreference: config?.authSchemePreference ?? (0, node_config_provider_1.loadConfig)(core_1.NODE_AUTH_SCHEME_PREFERENCE_OPTIONS, loaderConfig),
bodyLengthChecker: config?.bodyLengthChecker ?? util_body_length_node_1.calculateBodyLength,
defaultUserAgentProvider: config?.defaultUserAgentProvider ?? (0, util_user_agent_node_1.createDefaultUserAgentProvider)({ serviceId: clientSharedValues.serviceId, clientVersion: package_json_1.default.version }),
maxAttempts: config?.maxAttempts ?? (0, node_config_provider_1.loadConfig)(middleware_retry_1.NODE_MAX_ATTEMPT_CONFIG_OPTIONS, config),
region: config?.region ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_REGION_CONFIG_OPTIONS, { ...config_resolver_1.NODE_REGION_CONFIG_FILE_OPTIONS, ...loaderConfig }),
requestHandler: node_http_handler_1.NodeHttpHandler.create(config?.requestHandler ?? defaultConfigProvider),
retryMode: config?.retryMode ??
(0, node_config_provider_1.loadConfig)({
...middleware_retry_1.NODE_RETRY_MODE_CONFIG_OPTIONS,
default: async () => (await defaultConfigProvider()).retryMode || util_retry_1.DEFAULT_RETRY_MODE,
}, config),
sha256: config?.sha256 ?? hash_node_1.Hash.bind(null, "sha256"),
streamCollector: config?.streamCollector ?? node_http_handler_1.streamCollector,
useDualstackEndpoint: config?.useDualstackEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS, loaderConfig),
useFipsEndpoint: config?.useFipsEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS, loaderConfig),
userAgentAppId: config?.userAgentAppId ?? (0, node_config_provider_1.loadConfig)(util_user_agent_node_1.NODE_APP_ID_CONFIG_OPTIONS, loaderConfig),
};
};
exports.getRuntimeConfig = getRuntimeConfig;
/***/ }),
/***/ 8073:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.getRuntimeConfig = void 0;
const core_1 = __webpack_require__(8704);
const protocols_1 = __webpack_require__(37288);
const core_2 = __webpack_require__(90402);
const smithy_client_1 = __webpack_require__(61411);
const url_parser_1 = __webpack_require__(14494);
const util_base64_1 = __webpack_require__(68385);
const util_utf8_1 = __webpack_require__(71577);
const httpAuthSchemeProvider_1 = __webpack_require__(62041);
const endpointResolver_1 = __webpack_require__(13903);
const getRuntimeConfig = (config) => {
return {
apiVersion: "2019-06-10",
base64Decoder: config?.base64Decoder ?? util_base64_1.fromBase64,
base64Encoder: config?.base64Encoder ?? util_base64_1.toBase64,
disableHostPrefix: config?.disableHostPrefix ?? false,
endpointProvider: config?.endpointProvider ?? endpointResolver_1.defaultEndpointResolver,
extensions: config?.extensions ?? [],
httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? httpAuthSchemeProvider_1.defaultSSOHttpAuthSchemeProvider,
httpAuthSchemes: config?.httpAuthSchemes ?? [
{
schemeId: "aws.auth#sigv4",
identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"),
signer: new core_1.AwsSdkSigV4Signer(),
},
{
schemeId: "smithy.api#noAuth",
identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})),
signer: new core_2.NoAuthSigner(),
},
],
logger: config?.logger ?? new smithy_client_1.NoOpLogger(),
protocol: config?.protocol ?? protocols_1.AwsRestJsonProtocol,
protocolSettings: config?.protocolSettings ?? {
defaultNamespace: "com.amazonaws.sso",
version: "2019-06-10",
serviceTarget: "SWBPortalService",
},
serviceId: config?.serviceId ?? "SSO",
urlParser: config?.urlParser ?? url_parser_1.parseUrl,
utf8Decoder: config?.utf8Decoder ?? util_utf8_1.fromUtf8,
utf8Encoder: config?.utf8Encoder ?? util_utf8_1.toUtf8,
};
};
exports.getRuntimeConfig = getRuntimeConfig;
/***/ }),
/***/ 97523:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
var protocolHttp = __webpack_require__(72356);
var core = __webpack_require__(90402);
var propertyProvider = __webpack_require__(71238);
var client = __webpack_require__(5152);
var signatureV4 = __webpack_require__(75118);
const getDateHeader = (response) => protocolHttp.HttpResponse.isInstance(response) ? response.headers?.date ?? response.headers?.Date : undefined;
const getSkewCorrectedDate = (systemClockOffset) => new Date(Date.now() + systemClockOffset);
const isClockSkewed = (clockTime, systemClockOffset) => Math.abs(getSkewCorrectedDate(systemClockOffset).getTime() - clockTime) >= 300000;
const getUpdatedSystemClockOffset = (clockTime, currentSystemClockOffset) => {
const clockTimeInMs = Date.parse(clockTime);
if (isClockSkewed(clockTimeInMs, currentSystemClockOffset)) {
return clockTimeInMs - Date.now();
}
return currentSystemClockOffset;
};
const throwSigningPropertyError = (name, property) => {
if (!property) {
throw new Error(`Property \`${name}\` is not resolved for AWS SDK SigV4Auth`);
}
return property;
};
const validateSigningProperties = async (signingProperties) => {
const context = throwSigningPropertyError("context", signingProperties.context);
const config = throwSigningPropertyError("config", signingProperties.config);
const authScheme = context.endpointV2?.properties?.authSchemes?.[0];
const signerFunction = throwSigningPropertyError("signer", config.signer);
const signer = await signerFunction(authScheme);
const signingRegion = signingProperties?.signingRegion;
const signingRegionSet = signingProperties?.signingRegionSet;
const signingName = signingProperties?.signingName;
return {
config,
signer,
signingRegion,
signingRegionSet,
signingName,
};
};
class AwsSdkSigV4Signer {
async sign(httpRequest, identity, signingProperties) {
if (!protocolHttp.HttpRequest.isInstance(httpRequest)) {
throw new Error("The request is not an instance of `HttpRequest` and cannot be signed");
}
const validatedProps = await validateSigningProperties(signingProperties);
const { config, signer } = validatedProps;
let { signingRegion, signingName } = validatedProps;
const handlerExecutionContext = signingProperties.context;
if (handlerExecutionContext?.authSchemes?.length ?? 0 > 1) {
const [first, second] = handlerExecutionContext.authSchemes;
if (first?.name === "sigv4a" && second?.name === "sigv4") {
signingRegion = second?.signingRegion ?? signingRegion;
signingName = second?.signingName ?? signingName;
}
}
const signedRequest = await signer.sign(httpRequest, {
signingDate: getSkewCorrectedDate(config.systemClockOffset),
signingRegion: signingRegion,
signingService: signingName,
});
return signedRequest;
}
errorHandler(signingProperties) {
return (error) => {
const serverTime = error.ServerTime ?? getDateHeader(error.$response);
if (serverTime) {
const config = throwSigningPropertyError("config", signingProperties.config);
const initialSystemClockOffset = config.systemClockOffset;
config.systemClockOffset = getUpdatedSystemClockOffset(serverTime, config.systemClockOffset);
const clockSkewCorrected = config.systemClockOffset !== initialSystemClockOffset;
if (clockSkewCorrected && error.$metadata) {
error.$metadata.clockSkewCorrected = true;
}
}
throw error;
};
}
successHandler(httpResponse, signingProperties) {
const dateHeader = getDateHeader(httpResponse);
if (dateHeader) {
const config = throwSigningPropertyError("config", signingProperties.config);
config.systemClockOffset = getUpdatedSystemClockOffset(dateHeader, config.systemClockOffset);
}
}
}
const AWSSDKSigV4Signer = AwsSdkSigV4Signer;
class AwsSdkSigV4ASigner extends AwsSdkSigV4Signer {
async sign(httpRequest, identity, signingProperties) {
if (!protocolHttp.HttpRequest.isInstance(httpRequest)) {
throw new Error("The request is not an instance of `HttpRequest` and cannot be signed");
}
const { config, signer, signingRegion, signingRegionSet, signingName } = await validateSigningProperties(signingProperties);
const configResolvedSigningRegionSet = await config.sigv4aSigningRegionSet?.();
const multiRegionOverride = (configResolvedSigningRegionSet ??
signingRegionSet ?? [signingRegion]).join(",");
const signedRequest = await signer.sign(httpRequest, {
signingDate: getSkewCorrectedDate(config.systemClockOffset),
signingRegion: multiRegionOverride,
signingService: signingName,
});
return signedRequest;
}
}
const getArrayForCommaSeparatedString = (str) => typeof str === "string" && str.length > 0 ? str.split(",").map((item) => item.trim()) : [];
const getBearerTokenEnvKey = (signingName) => `AWS_BEARER_TOKEN_${signingName.replace(/[\s-]/g, "_").toUpperCase()}`;
const NODE_AUTH_SCHEME_PREFERENCE_ENV_KEY = "AWS_AUTH_SCHEME_PREFERENCE";
const NODE_AUTH_SCHEME_PREFERENCE_CONFIG_KEY = "auth_scheme_preference";
const NODE_AUTH_SCHEME_PREFERENCE_OPTIONS = {
environmentVariableSelector: (env, options) => {
if (options?.signingName) {
const bearerTokenKey = getBearerTokenEnvKey(options.signingName);
if (bearerTokenKey in env)
return ["httpBearerAuth"];
}
if (!(NODE_AUTH_SCHEME_PREFERENCE_ENV_KEY in env))
return undefined;
return getArrayForCommaSeparatedString(env[NODE_AUTH_SCHEME_PREFERENCE_ENV_KEY]);
},
configFileSelector: (profile) => {
if (!(NODE_AUTH_SCHEME_PREFERENCE_CONFIG_KEY in profile))
return undefined;
return getArrayForCommaSeparatedString(profile[NODE_AUTH_SCHEME_PREFERENCE_CONFIG_KEY]);
},
default: [],
};
const resolveAwsSdkSigV4AConfig = (config) => {
config.sigv4aSigningRegionSet = core.normalizeProvider(config.sigv4aSigningRegionSet);
return config;
};
const NODE_SIGV4A_CONFIG_OPTIONS = {
environmentVariableSelector(env) {
if (env.AWS_SIGV4A_SIGNING_REGION_SET) {
return env.AWS_SIGV4A_SIGNING_REGION_SET.split(",").map((_) => _.trim());
}
throw new propertyProvider.ProviderError("AWS_SIGV4A_SIGNING_REGION_SET not set in env.", {
tryNextLink: true,
});
},
configFileSelector(profile) {
if (profile.sigv4a_signing_region_set) {
return (profile.sigv4a_signing_region_set ?? "").split(",").map((_) => _.trim());
}
throw new propertyProvider.ProviderError("sigv4a_signing_region_set not set in profile.", {
tryNextLink: true,
});
},
default: undefined,
};
const resolveAwsSdkSigV4Config = (config) => {
let inputCredentials = config.credentials;
let isUserSupplied = !!config.credentials;
let resolvedCredentials = undefined;
Object.defineProperty(config, "credentials", {
set(credentials) {
if (credentials && credentials !== inputCredentials && credentials !== resolvedCredentials) {
isUserSupplied = true;
}
inputCredentials = credentials;
const memoizedProvider = normalizeCredentialProvider(config, {
credentials: inputCredentials,
credentialDefaultProvider: config.credentialDefaultProvider,
});
const boundProvider = bindCallerConfig(config, memoizedProvider);
if (isUserSupplied && !boundProvider.attributed) {
const isCredentialObject = typeof inputCredentials === "object" && inputCredentials !== null;
resolvedCredentials = async (options) => {
const creds = await boundProvider(options);
const attributedCreds = creds;
if (isCredentialObject && (!attributedCreds.$source || Object.keys(attributedCreds.$source).length === 0)) {
return client.setCredentialFeature(attributedCreds, "CREDENTIALS_CODE", "e");
}
return attributedCreds;
};
resolvedCredentials.memoized = boundProvider.memoized;
resolvedCredentials.configBound = boundProvider.configBound;
resolvedCredentials.attributed = true;
}
else {
resolvedCredentials = boundProvider;
}
},
get() {
return resolvedCredentials;
},
enumerable: true,
configurable: true,
});
config.credentials = inputCredentials;
const { signingEscapePath = true, systemClockOffset = config.systemClockOffset || 0, sha256, } = config;
let signer;
if (config.signer) {
signer = core.normalizeProvider(config.signer);
}
else if (config.regionInfoProvider) {
signer = () => core.normalizeProvider(config.region)()
.then(async (region) => [
(await config.regionInfoProvider(region, {
useFipsEndpoint: await config.useFipsEndpoint(),
useDualstackEndpoint: await config.useDualstackEndpoint(),
})) || {},
region,
])
.then(([regionInfo, region]) => {
const { signingRegion, signingService } = regionInfo;
config.signingRegion = config.signingRegion || signingRegion || region;
config.signingName = config.signingName || signingService || config.serviceId;
const params = {
...config,
credentials: config.credentials,
region: config.signingRegion,
service: config.signingName,
sha256,
uriEscapePath: signingEscapePath,
};
const SignerCtor = config.signerConstructor || signatureV4.SignatureV4;
return new SignerCtor(params);
});
}
else {
signer = async (authScheme) => {
authScheme = Object.assign({}, {
name: "sigv4",
signingName: config.signingName || config.defaultSigningName,
signingRegion: await core.normalizeProvider(config.region)(),
properties: {},
}, authScheme);
const signingRegion = authScheme.signingRegion;
const signingService = authScheme.signingName;
config.signingRegion = config.signingRegion || signingRegion;
config.signingName = config.signingName || signingService || config.serviceId;
const params = {
...config,
credentials: config.credentials,
region: config.signingRegion,
service: config.signingName,
sha256,
uriEscapePath: signingEscapePath,
};
const SignerCtor = config.signerConstructor || signatureV4.SignatureV4;
return new SignerCtor(params);
};
}
const resolvedConfig = Object.assign(config, {
systemClockOffset,
signingEscapePath,
signer,
});
return resolvedConfig;
};
const resolveAWSSDKSigV4Config = resolveAwsSdkSigV4Config;
function normalizeCredentialProvider(config, { credentials, credentialDefaultProvider, }) {
let credentialsProvider;
if (credentials) {
if (!credentials?.memoized) {
credentialsProvider = core.memoizeIdentityProvider(credentials, core.isIdentityExpired, core.doesIdentityRequireRefresh);
}
else {
credentialsProvider = credentials;
}
}
else {
if (credentialDefaultProvider) {
credentialsProvider = core.normalizeProvider(credentialDefaultProvider(Object.assign({}, config, {
parentClientConfig: config,
})));
}
else {
credentialsProvider = async () => {
throw new Error("@aws-sdk/core::resolveAwsSdkSigV4Config - `credentials` not provided and no credentialDefaultProvider was configured.");
};
}
}
credentialsProvider.memoized = true;
return credentialsProvider;
}
function bindCallerConfig(config, credentialsProvider) {
if (credentialsProvider.configBound) {
return credentialsProvider;
}
const fn = async (options) => credentialsProvider({ ...options, callerClientConfig: config });
fn.memoized = credentialsProvider.memoized;
fn.configBound = true;
return fn;
}
exports.AWSSDKSigV4Signer = AWSSDKSigV4Signer;
exports.AwsSdkSigV4ASigner = AwsSdkSigV4ASigner;
exports.AwsSdkSigV4Signer = AwsSdkSigV4Signer;
exports.NODE_AUTH_SCHEME_PREFERENCE_OPTIONS = NODE_AUTH_SCHEME_PREFERENCE_OPTIONS;
exports.NODE_SIGV4A_CONFIG_OPTIONS = NODE_SIGV4A_CONFIG_OPTIONS;
exports.getBearerTokenEnvKey = getBearerTokenEnvKey;
exports.resolveAWSSDKSigV4Config = resolveAWSSDKSigV4Config;
exports.resolveAwsSdkSigV4AConfig = resolveAwsSdkSigV4AConfig;
exports.resolveAwsSdkSigV4Config = resolveAwsSdkSigV4Config;
exports.validateSigningProperties = validateSigningProperties;
/***/ }),
/***/ 60998:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
var __webpack_unused_export__;
var propertyProvider = __webpack_require__(71238);
var sharedIniFileLoader = __webpack_require__(94964);
var client = __webpack_require__(5152);
var tokenProviders = __webpack_require__(75433);
const isSsoProfile = (arg) => arg &&
(typeof arg.sso_start_url === "string" ||
typeof arg.sso_account_id === "string" ||
typeof arg.sso_session === "string" ||
typeof arg.sso_region === "string" ||
typeof arg.sso_role_name === "string");
const SHOULD_FAIL_CREDENTIAL_CHAIN = false;
const resolveSSOCredentials = async ({ ssoStartUrl, ssoSession, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, clientConfig, parentClientConfig, callerClientConfig, profile, filepath, configFilepath, ignoreCache, logger, }) => {
let token;
const refreshMessage = `To refresh this SSO session run aws sso login with the corresponding profile.`;
if (ssoSession) {
try {
const _token = await tokenProviders.fromSso({
profile,
filepath,
configFilepath,
ignoreCache,
})();
token = {
accessToken: _token.token,
expiresAt: new Date(_token.expiration).toISOString(),
};
}
catch (e) {
throw new propertyProvider.CredentialsProviderError(e.message, {
tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
logger,
});
}
}
else {
try {
token = await sharedIniFileLoader.getSSOTokenFromFile(ssoStartUrl);
}
catch (e) {
throw new propertyProvider.CredentialsProviderError(`The SSO session associated with this profile is invalid. ${refreshMessage}`, {
tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
logger,
});
}
}
if (new Date(token.expiresAt).getTime() - Date.now() <= 0) {
throw new propertyProvider.CredentialsProviderError(`The SSO session associated with this profile has expired. ${refreshMessage}`, {
tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
logger,
});
}
const { accessToken } = token;
const { SSOClient, GetRoleCredentialsCommand } = await Promise.resolve().then(function () { return __webpack_require__(16553); });
const sso = ssoClient ||
new SSOClient(Object.assign({}, clientConfig ?? {}, {
logger: clientConfig?.logger ?? callerClientConfig?.logger ?? parentClientConfig?.logger,
region: clientConfig?.region ?? ssoRegion,
userAgentAppId: clientConfig?.userAgentAppId ?? callerClientConfig?.userAgentAppId ?? parentClientConfig?.userAgentAppId,
}));
let ssoResp;
try {
ssoResp = await sso.send(new GetRoleCredentialsCommand({
accountId: ssoAccountId,
roleName: ssoRoleName,
accessToken,
}));
}
catch (e) {
throw new propertyProvider.CredentialsProviderError(e, {
tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
logger,
});
}
const { roleCredentials: { accessKeyId, secretAccessKey, sessionToken, expiration, credentialScope, accountId } = {}, } = ssoResp;
if (!accessKeyId || !secretAccessKey || !sessionToken || !expiration) {
throw new propertyProvider.CredentialsProviderError("SSO returns an invalid temporary credential.", {
tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN,
logger,
});
}
const credentials = {
accessKeyId,
secretAccessKey,
sessionToken,
expiration: new Date(expiration),
...(credentialScope && { credentialScope }),
...(accountId && { accountId }),
};
if (ssoSession) {
client.setCredentialFeature(credentials, "CREDENTIALS_SSO", "s");
}
else {
client.setCredentialFeature(credentials, "CREDENTIALS_SSO_LEGACY", "u");
}
return credentials;
};
const validateSsoProfile = (profile, logger) => {
const { sso_start_url, sso_account_id, sso_region, sso_role_name } = profile;
if (!sso_start_url || !sso_account_id || !sso_region || !sso_role_name) {
throw new propertyProvider.CredentialsProviderError(`Profile is configured with invalid SSO credentials. Required parameters "sso_account_id", ` +
`"sso_region", "sso_role_name", "sso_start_url". Got ${Object.keys(profile).join(", ")}\nReference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html`, { tryNextLink: false, logger });
}
return profile;
};
const fromSSO = (init = {}) => async ({ callerClientConfig } = {}) => {
init.logger?.debug("@aws-sdk/credential-provider-sso - fromSSO");
const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoSession } = init;
const { ssoClient } = init;
const profileName = sharedIniFileLoader.getProfileName({
profile: init.profile ?? callerClientConfig?.profile,
});
if (!ssoStartUrl && !ssoAccountId && !ssoRegion && !ssoRoleName && !ssoSession) {
const profiles = await sharedIniFileLoader.parseKnownFiles(init);
const profile = profiles[profileName];
if (!profile) {
throw new propertyProvider.CredentialsProviderError(`Profile ${profileName} was not found.`, { logger: init.logger });
}
if (!isSsoProfile(profile)) {
throw new propertyProvider.CredentialsProviderError(`Profile ${profileName} is not configured with SSO credentials.`, {
logger: init.logger,
});
}
if (profile?.sso_session) {
const ssoSessions = await sharedIniFileLoader.loadSsoSessionData(init);
const session = ssoSessions[profile.sso_session];
const conflictMsg = ` configurations in profile ${profileName} and sso-session ${profile.sso_session}`;
if (ssoRegion && ssoRegion !== session.sso_region) {
throw new propertyProvider.CredentialsProviderError(`Conflicting SSO region` + conflictMsg, {
tryNextLink: false,
logger: init.logger,
});
}
if (ssoStartUrl && ssoStartUrl !== session.sso_start_url) {
throw new propertyProvider.CredentialsProviderError(`Conflicting SSO start_url` + conflictMsg, {
tryNextLink: false,
logger: init.logger,
});
}
profile.sso_region = session.sso_region;
profile.sso_start_url = session.sso_start_url;
}
const { sso_start_url, sso_account_id, sso_region, sso_role_name, sso_session } = validateSsoProfile(profile, init.logger);
return resolveSSOCredentials({
ssoStartUrl: sso_start_url,
ssoSession: sso_session,
ssoAccountId: sso_account_id,
ssoRegion: sso_region,
ssoRoleName: sso_role_name,
ssoClient: ssoClient,
clientConfig: init.clientConfig,
parentClientConfig: init.parentClientConfig,
callerClientConfig: init.callerClientConfig,
profile: profileName,
filepath: init.filepath,
configFilepath: init.configFilepath,
ignoreCache: init.ignoreCache,
logger: init.logger,
});
}
else if (!ssoStartUrl || !ssoAccountId || !ssoRegion || !ssoRoleName) {
throw new propertyProvider.CredentialsProviderError("Incomplete configuration. The fromSSO() argument hash must include " +
'"ssoStartUrl", "ssoAccountId", "ssoRegion", "ssoRoleName"', { tryNextLink: false, logger: init.logger });
}
else {
return resolveSSOCredentials({
ssoStartUrl,
ssoSession,
ssoAccountId,
ssoRegion,
ssoRoleName,
ssoClient,
clientConfig: init.clientConfig,
parentClientConfig: init.parentClientConfig,
callerClientConfig: init.callerClientConfig,
profile: profileName,
filepath: init.filepath,
configFilepath: init.configFilepath,
ignoreCache: init.ignoreCache,
logger: init.logger,
});
}
};
exports.fromSSO = fromSSO;
__webpack_unused_export__ = isSsoProfile;
__webpack_unused_export__ = validateSsoProfile;
/***/ }),
/***/ 16553:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
var clientSso = __webpack_require__(62054);
Object.defineProperty(exports, "GetRoleCredentialsCommand", ({
enumerable: true,
get: function () { return clientSso.GetRoleCredentialsCommand; }
}));
Object.defineProperty(exports, "SSOClient", ({
enumerable: true,
get: function () { return clientSso.SSOClient; }
}));
/***/ }),
/***/ 75433:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
var client = __webpack_require__(5152);
var httpAuthSchemes = __webpack_require__(97523);
var propertyProvider = __webpack_require__(71238);
var sharedIniFileLoader = __webpack_require__(94964);
var fs = __webpack_require__(79896);
const fromEnvSigningName = ({ logger, signingName } = {}) => async () => {
logger?.debug?.("@aws-sdk/token-providers - fromEnvSigningName");
if (!signingName) {
throw new propertyProvider.TokenProviderError("Please pass 'signingName' to compute environment variable key", { logger });
}
const bearerTokenKey = httpAuthSchemes.getBearerTokenEnvKey(signingName);
if (!(bearerTokenKey in process.env)) {
throw new propertyProvider.TokenProviderError(`Token not present in '${bearerTokenKey}' environment variable`, { logger });
}
const token = { token: process.env[bearerTokenKey] };
client.setTokenFeature(token, "BEARER_SERVICE_ENV_VARS", "3");
return token;
};
const EXPIRE_WINDOW_MS = 5 * 60 * 1000;
const REFRESH_MESSAGE = `To refresh this SSO session run 'aws sso login' with the corresponding profile.`;
const getSsoOidcClient = async (ssoRegion, init = {}, callerClientConfig) => {
const { SSOOIDCClient } = await __webpack_require__.e(/* import() */ 443).then(__webpack_require__.t.bind(__webpack_require__, 89443, 19));
const coalesce = (prop) => init.clientConfig?.[prop] ?? init.parentClientConfig?.[prop] ?? callerClientConfig?.[prop];
const ssoOidcClient = new SSOOIDCClient(Object.assign({}, init.clientConfig ?? {}, {
region: ssoRegion ?? init.clientConfig?.region,
logger: coalesce("logger"),
userAgentAppId: coalesce("userAgentAppId"),
}));
return ssoOidcClient;
};
const getNewSsoOidcToken = async (ssoToken, ssoRegion, init = {}, callerClientConfig) => {
const { CreateTokenCommand } = await __webpack_require__.e(/* import() */ 443).then(__webpack_require__.t.bind(__webpack_require__, 89443, 19));
const ssoOidcClient = await getSsoOidcClient(ssoRegion, init, callerClientConfig);
return ssoOidcClient.send(new CreateTokenCommand({
clientId: ssoToken.clientId,
clientSecret: ssoToken.clientSecret,
refreshToken: ssoToken.refreshToken,
grantType: "refresh_token",
}));
};
const validateTokenExpiry = (token) => {
if (token.expiration && token.expiration.getTime() < Date.now()) {
throw new propertyProvider.TokenProviderError(`Token is expired. ${REFRESH_MESSAGE}`, false);
}
};
const validateTokenKey = (key, value, forRefresh = false) => {
if (typeof value === "undefined") {
throw new propertyProvider.TokenProviderError(`Value not present for '${key}' in SSO Token${forRefresh ? ". Cannot refresh" : ""}. ${REFRESH_MESSAGE}`, false);
}
};
const { writeFile } = fs.promises;
const writeSSOTokenToFile = (id, ssoToken) => {
const tokenFilepath = sharedIniFileLoader.getSSOTokenFilepath(id);
const tokenString = JSON.stringify(ssoToken, null, 2);
return writeFile(tokenFilepath, tokenString);
};
const lastRefreshAttemptTime = new Date(0);
const fromSso = (init = {}) => async ({ callerClientConfig } = {}) => {
init.logger?.debug("@aws-sdk/token-providers - fromSso");
const profiles = await sharedIniFileLoader.parseKnownFiles(init);
const profileName = sharedIniFileLoader.getProfileName({
profile: init.profile ?? callerClientConfig?.profile,
});
const profile = profiles[profileName];
if (!profile) {
throw new propertyProvider.TokenProviderError(`Profile '${profileName}' could not be found in shared credentials file.`, false);
}
else if (!profile["sso_session"]) {
throw new propertyProvider.TokenProviderError(`Profile '${profileName}' is missing required property 'sso_session'.`);
}
const ssoSessionName = profile["sso_session"];
const ssoSessions = await sharedIniFileLoader.loadSsoSessionData(init);
const ssoSession = ssoSessions[ssoSessionName];
if (!ssoSession) {
throw new propertyProvider.TokenProviderError(`Sso session '${ssoSessionName}' could not be found in shared credentials file.`, false);
}
for (const ssoSessionRequiredKey of ["sso_start_url", "sso_region"]) {
if (!ssoSession[ssoSessionRequiredKey]) {
throw new propertyProvider.TokenProviderError(`Sso session '${ssoSessionName}' is missing required property '${ssoSessionRequiredKey}'.`, false);
}
}
ssoSession["sso_start_url"];
const ssoRegion = ssoSession["sso_region"];
let ssoToken;
try {
ssoToken = await sharedIniFileLoader.getSSOTokenFromFile(ssoSessionName);
}
catch (e) {
throw new propertyProvider.TokenProviderError(`The SSO session token associated with profile=${profileName} was not found or is invalid. ${REFRESH_MESSAGE}`, false);
}
validateTokenKey("accessToken", ssoToken.accessToken);
validateTokenKey("expiresAt", ssoToken.expiresAt);
const { accessToken, expiresAt } = ssoToken;
const existingToken = { token: accessToken, expiration: new Date(expiresAt) };
if (existingToken.expiration.getTime() - Date.now() > EXPIRE_WINDOW_MS) {
return existingToken;
}
if (Date.now() - lastRefreshAttemptTime.getTime() < 30 * 1000) {
validateTokenExpiry(existingToken);
return existingToken;
}
validateTokenKey("clientId", ssoToken.clientId, true);
validateTokenKey("clientSecret", ssoToken.clientSecret, true);
validateTokenKey("refreshToken", ssoToken.refreshToken, true);
try {
lastRefreshAttemptTime.setTime(Date.now());
const newSsoOidcToken = await getNewSsoOidcToken(ssoToken, ssoRegion, init, callerClientConfig);
validateTokenKey("accessToken", newSsoOidcToken.accessToken);
validateTokenKey("expiresIn", newSsoOidcToken.expiresIn);
const newTokenExpiration = new Date(Date.now() + newSsoOidcToken.expiresIn * 1000);
try {
await writeSSOTokenToFile(ssoSessionName, {
...ssoToken,
accessToken: newSsoOidcToken.accessToken,
expiresAt: newTokenExpiration.toISOString(),
refreshToken: newSsoOidcToken.refreshToken,
});
}
catch (error) {
}
return {
token: newSsoOidcToken.accessToken,
expiration: newTokenExpiration,
};
}
catch (error) {
validateTokenExpiry(existingToken);
return existingToken;
}
};
const fromStatic = ({ token, logger }) => async () => {
logger?.debug("@aws-sdk/token-providers - fromStatic");
if (!token || !token.token) {
throw new propertyProvider.TokenProviderError(`Please pass a valid token to fromStatic`, false);
}
return token;
};
const nodeProvider = (init = {}) => propertyProvider.memoize(propertyProvider.chain(fromSso(init), async () => {
throw new propertyProvider.TokenProviderError("Could not load token from any providers", false);
}), (token) => token.expiration !== undefined && token.expiration.getTime() - Date.now() < 300000, (token) => token.expiration !== undefined);
exports.fromEnvSigningName = fromEnvSigningName;
exports.fromSso = fromSso;
exports.fromStatic = fromStatic;
exports.nodeProvider = nodeProvider;
/***/ }),
/***/ 45188:
/***/ ((module) => {
chore: update generated content
2026-02-03 07:43:34 +00:00
module.exports = /*#__PURE__*/JSON.parse('{"name":"@aws-sdk/client-sso","description":"AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native","version":"3.980.0","scripts":{"build":"concurrently \'yarn:build:types\' \'yarn:build:es\' && yarn build:cjs","build:cjs":"node ../../scripts/compilation/inline client-sso","build:es":"tsc -p tsconfig.es.json","build:include:deps":"yarn g:turbo run build -F=\\"$npm_package_name\\"","build:types":"tsc -p tsconfig.types.json","build:types:downlevel":"downlevel-dts dist-types dist-types/ts3.4","clean":"premove dist-cjs dist-es dist-types tsconfig.cjs.tsbuildinfo tsconfig.es.tsbuildinfo tsconfig.types.tsbuildinfo","extract:docs":"api-extractor run --local","generate:client":"node ../../scripts/generate-clients/single-service --solo sso","test:index":"tsc --noEmit ./test/index-types.ts && node ./test/index-objects.spec.mjs"},"main":"./dist-cjs/index.js","types":"./dist-types/index.d.ts","module":"./dist-es/index.js","sideEffects":false,"dependencies":{"@aws-crypto/sha256-browser":"5.2.0","@aws-crypto/sha256-js":"5.2.0","@aws-sdk/core":"^3.973.5","@aws-sdk/middleware-host-header":"^3.972.3","@aws-sdk/middleware-logger":"^3.972.3","@aws-sdk/middleware-recursion-detection":"^3.972.3","@aws-sdk/middleware-user-agent":"^3.972.5","@aws-sdk/region-config-resolver":"^3.972.3","@aws-sdk/types":"^3.973.1","@aws-sdk/util-endpoints":"3.980.0","@aws-sdk/util-user-agent-browser":"^3.972.3","@aws-sdk/util-user-agent-node":"^3.972.3","@smithy/config-resolver":"^4.4.6","@smithy/core":"^3.22.0","@smithy/fetch-http-handler":"^5.3.9","@smithy/hash-node":"^4.2.8","@smithy/invalid-dependency":"^4.2.8","@smithy/middleware-content-length":"^4.2.8","@smithy/middleware-endpoint":"^4.4.12","@smithy/middleware-retry":"^4.4.29","@smithy/middleware-serde":"^4.2.9","@smithy/middleware-stack":"^4.2.8","@smithy/node-config-provider":"^4.3.8","@smithy/node-http-handler":"^4.4.8","@smithy/protocol-http":"^5.3.8","@smithy/smithy-client":"^4.11.1","@smithy/types":"^4.12.0","@smithy/url-parser":"^4.2.8","@smithy/util-base64":"^4.3.0","@smithy/util-body-length-browser":"^4.2.0","@smithy/util-body-length-node":"^4.2.1","@smithy/util-defaults-mode-browser":"^4.3.28","@smithy/util-defaults-mode-node":"^4.2.31","@smithy/util-endpoints":"^3.2.8","@smithy/util-middleware":"^4.2.8","@smithy/util-retry":"^4.2.8","@smithy/util-utf8":"^4.2.0","tslib":"^2.6.2"},"devDependencies":{"@tsconfig/node20":"20.1.8","@types/node":"^20.14.8","concurrently":"7.0.0","downlevel-dts":"0.10.1","premove":"4.0.0","typescript":"~5.8.3"},"engines":{"node":">=20.0.0"},"typesVersions":{"<4.0":{"dist-types/*":["dist-types/ts3.4/*"]}},"files":["dist-*/**"],"author":{"name":"AWS SDK for JavaScript Team","url":"https://aws.amazon.com/javascript/"},"license":"Apache-2.0","browser":{"./dist-es/runtimeConfig":"./dist-es/runtimeConfig.browser"},"react-native":{"./dist-es/runtimeConfig":"./dist-es/runtimeConfig.native"},"homepage":"https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso","repository":{"type":"git","url":"https://github.com/aws/aws-sdk-js-v3.git","directory":"clients/client-sso"}}');
chore: update generated content
2026-01-30 14:42:57 +00:00
/***/ })
};
;
//# sourceMappingURL=998.index.js.map
Reference in New Issue Copy Permalink