diff --git a/packages/@aws-cdk/aws-scheduler-targets-alpha/lib/kinesis-data-firehose-put-record.ts b/packages/@aws-cdk/aws-scheduler-targets-alpha/lib/kinesis-data-firehose-put-record.ts index a29cc83a21336..ca3e43dba6007 100644 --- a/packages/@aws-cdk/aws-scheduler-targets-alpha/lib/kinesis-data-firehose-put-record.ts +++ b/packages/@aws-cdk/aws-scheduler-targets-alpha/lib/kinesis-data-firehose-put-record.ts @@ -1,6 +1,6 @@ -import { IDeliveryStream } from '@aws-cdk/aws-kinesisfirehose-alpha'; import { IScheduleTarget } from '@aws-cdk/aws-scheduler-alpha'; import { IRole, PolicyStatement } from 'aws-cdk-lib/aws-iam'; +import { IDeliveryStream } from 'aws-cdk-lib/aws-kinesisfirehose'; import { ScheduleTargetBase, ScheduleTargetBaseProps } from './target'; /** diff --git a/packages/@aws-cdk/aws-scheduler-targets-alpha/package.json b/packages/@aws-cdk/aws-scheduler-targets-alpha/package.json index 197c1560a7d78..f66888eb740be 100644 --- a/packages/@aws-cdk/aws-scheduler-targets-alpha/package.json +++ b/packages/@aws-cdk/aws-scheduler-targets-alpha/package.json @@ -82,8 +82,6 @@ }, "license": "Apache-2.0", "devDependencies": { - "@aws-cdk/aws-kinesisfirehose-destinations-alpha": "0.0.0", - "@aws-cdk/aws-kinesisfirehose-alpha": "0.0.0", "@aws-cdk/aws-scheduler-alpha": "0.0.0", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/integ-runner": "0.0.0", @@ -93,10 +91,7 @@ "aws-cdk-lib": "0.0.0", "constructs": "^10.0.0" }, - "dependencies": {}, "peerDependencies": { - "@aws-cdk/aws-kinesisfirehose-destinations-alpha": "0.0.0", - "@aws-cdk/aws-kinesisfirehose-alpha": "0.0.0", "@aws-cdk/aws-scheduler-alpha": "0.0.0", "aws-cdk-lib": "^0.0.0", "constructs": "^10.0.0" diff --git a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/asset.bfcf4228d6660f50e81f19efdb64c6388dda6796296eb239decdff1dbc2f4981.bundle/index.js b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/asset.6eae57da2b343229b97cfa6b9fd2a70b0a928ebe32bb59e744e59440381146af.bundle/index.js similarity index 91% rename from packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/asset.bfcf4228d6660f50e81f19efdb64c6388dda6796296eb239decdff1dbc2f4981.bundle/index.js rename to packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/asset.6eae57da2b343229b97cfa6b9fd2a70b0a928ebe32bb59e744e59440381146af.bundle/index.js index 60e59701bc0e1..f2a0164a39bb7 100644 --- a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/asset.bfcf4228d6660f50e81f19efdb64c6388dda6796296eb239decdff1dbc2f4981.bundle/index.js +++ b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/asset.6eae57da2b343229b97cfa6b9fd2a70b0a928ebe32bb59e744e59440381146af.bundle/index.js @@ -1,4 +1,3 @@ -"use strict"; var __create = Object.create; var __defProp = Object.defineProperty; var __getOwnPropDesc = Object.getOwnPropertyDescriptor; @@ -317,6 +316,34 @@ ${indents.join("")}`)); } }); +// ../../aws-cdk-lib/assertions/lib/private/error.ts +var ASSERTION_ERROR_SYMBOL, AssertionError; +var init_error = __esm({ + "../../aws-cdk-lib/assertions/lib/private/error.ts"() { + "use strict"; + ASSERTION_ERROR_SYMBOL = Symbol.for("@aws-cdk/assertions.AssertionError"); + AssertionError = class _AssertionError extends Error { + #time; + /** + * The time the error was thrown. + */ + get time() { + return this.#time; + } + get type() { + return "assertion"; + } + constructor(msg) { + super(msg); + Object.setPrototypeOf(this, _AssertionError.prototype); + Object.defineProperty(this, ASSERTION_ERROR_SYMBOL, { value: true }); + this.name = new.target.name; + this.#time = (/* @__PURE__ */ new Date()).toISOString(); + } + }; + } +}); + // ../../aws-cdk-lib/assertions/lib/private/matchers/absent.ts var AbsentMatch; var init_absent = __esm({ @@ -417,6 +444,7 @@ var init_match = __esm({ "../../aws-cdk-lib/assertions/lib/match.ts"() { "use strict"; init_matcher(); + init_error(); init_absent(); init_sorting(); init_sparse_matrix(); @@ -501,7 +529,7 @@ var init_match = __esm({ this.pattern = pattern; this.partialObjects = options.partialObjects ?? false; if (Matcher.isMatcher(this.pattern)) { - throw new Error("LiteralMatch cannot directly contain another matcher. Remove the top-level matcher or nest it more deeply."); + throw new AssertionError("LiteralMatch cannot directly contain another matcher. Remove the top-level matcher or nest it more deeply."); } } test(actual) { @@ -583,7 +611,7 @@ var init_match = __esm({ const matcher = Matcher.isMatcher(patternElement) ? patternElement : new LiteralMatch(this.name, patternElement, { partialObjects: this.partialObjects }); const matcherName = matcher.name; if (matcherName == "absent" || matcherName == "anyValue") { - throw new Error(`The Matcher ${matcherName}() cannot be nested within arrayWith()`); + throw new AssertionError(`The Matcher ${matcherName}() cannot be nested within arrayWith()`); } const innerResult = matcher.test(actual[actualIdx]); matches.set(patternIdx, actualIdx, innerResult); @@ -2959,9 +2987,9 @@ var require_dist_cjs13 = __commonJS({ } }); -// ../../../node_modules/@smithy/util-buffer-from/dist-cjs/index.js +// ../../../node_modules/@smithy/util-base64/node_modules/@smithy/util-buffer-from/dist-cjs/index.js var require_dist_cjs14 = __commonJS({ - "../../../node_modules/@smithy/util-buffer-from/dist-cjs/index.js"(exports2, module2) { + "../../../node_modules/@smithy/util-base64/node_modules/@smithy/util-buffer-from/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; var __getOwnPropNames2 = Object.getOwnPropertyNames; @@ -3025,8 +3053,52 @@ var require_fromBase64 = __commonJS({ } }); -// ../../../node_modules/@smithy/util-utf8/dist-cjs/index.js +// ../../../node_modules/@smithy/util-utf8/node_modules/@smithy/util-buffer-from/dist-cjs/index.js var require_dist_cjs15 = __commonJS({ + "../../../node_modules/@smithy/util-utf8/node_modules/@smithy/util-buffer-from/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); + }; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; + }; + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + fromArrayBuffer: () => fromArrayBuffer, + fromString: () => fromString + }); + module2.exports = __toCommonJS2(src_exports); + var import_is_array_buffer = require_dist_cjs13(); + var import_buffer = require("buffer"); + var fromArrayBuffer = /* @__PURE__ */ __name((input, offset = 0, length = input.byteLength - offset) => { + if (!(0, import_is_array_buffer.isArrayBuffer)(input)) { + throw new TypeError(`The "input" argument must be ArrayBuffer. Received type ${typeof input} (${input})`); + } + return import_buffer.Buffer.from(input, offset, length); + }, "fromArrayBuffer"); + var fromString = /* @__PURE__ */ __name((input, encoding) => { + if (typeof input !== "string") { + throw new TypeError(`The "input" argument must be of type string. Received type ${typeof input} (${input})`); + } + return encoding ? import_buffer.Buffer.from(input, encoding) : import_buffer.Buffer.from(input); + }, "fromString"); + } +}); + +// ../../../node_modules/@smithy/util-utf8/dist-cjs/index.js +var require_dist_cjs16 = __commonJS({ "../../../node_modules/@smithy/util-utf8/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; @@ -3053,7 +3125,7 @@ var require_dist_cjs15 = __commonJS({ toUtf8: () => toUtf8 }); module2.exports = __toCommonJS2(src_exports); - var import_util_buffer_from = require_dist_cjs14(); + var import_util_buffer_from = require_dist_cjs15(); var fromUtf8 = /* @__PURE__ */ __name((input) => { const buf = (0, import_util_buffer_from.fromString)(input, "utf8"); return new Uint8Array(buf.buffer, buf.byteOffset, buf.byteLength / Uint8Array.BYTES_PER_ELEMENT); @@ -3086,7 +3158,7 @@ var require_toBase64 = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.toBase64 = void 0; var util_buffer_from_1 = require_dist_cjs14(); - var util_utf8_1 = require_dist_cjs15(); + var util_utf8_1 = require_dist_cjs16(); var toBase642 = (_input) => { let input; if (typeof _input === "string") { @@ -3104,7 +3176,7 @@ var require_toBase64 = __commonJS({ }); // ../../../node_modules/@smithy/util-base64/dist-cjs/index.js -var require_dist_cjs16 = __commonJS({ +var require_dist_cjs17 = __commonJS({ "../../../node_modules/@smithy/util-base64/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; @@ -3166,7 +3238,7 @@ var require_getAwsChunkedEncodingStream = __commonJS({ }); // ../../../node_modules/@smithy/util-uri-escape/dist-cjs/index.js -var require_dist_cjs17 = __commonJS({ +var require_dist_cjs18 = __commonJS({ "../../../node_modules/@smithy/util-uri-escape/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; @@ -3202,7 +3274,7 @@ var require_dist_cjs17 = __commonJS({ }); // ../../../node_modules/@smithy/querystring-builder/dist-cjs/index.js -var require_dist_cjs18 = __commonJS({ +var require_dist_cjs19 = __commonJS({ "../../../node_modules/@smithy/querystring-builder/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; @@ -3227,7 +3299,7 @@ var require_dist_cjs18 = __commonJS({ buildQueryString: () => buildQueryString }); module2.exports = __toCommonJS2(src_exports); - var import_util_uri_escape = require_dist_cjs17(); + var import_util_uri_escape = require_dist_cjs18(); function buildQueryString(query) { const parts = []; for (let key of Object.keys(query).sort()) { @@ -3252,7 +3324,7 @@ var require_dist_cjs18 = __commonJS({ }); // ../../../node_modules/@smithy/node-http-handler/dist-cjs/index.js -var require_dist_cjs19 = __commonJS({ +var require_dist_cjs20 = __commonJS({ "../../../node_modules/@smithy/node-http-handler/dist-cjs/index.js"(exports2, module2) { var __create2 = Object.create; var __defProp2 = Object.defineProperty; @@ -3291,7 +3363,7 @@ var require_dist_cjs19 = __commonJS({ }); module2.exports = __toCommonJS2(src_exports); var import_protocol_http8 = require_dist_cjs2(); - var import_querystring_builder = require_dist_cjs18(); + var import_querystring_builder = require_dist_cjs19(); var import_http2 = require("http"); var import_https = require("https"); var NODEJS_TIMEOUT_ERROR_CODES = ["ECONNRESET", "EPIPE", "ETIMEDOUT"]; @@ -3303,13 +3375,17 @@ var require_dist_cjs19 = __commonJS({ } return transformedHeaders; }, "getTransformedHeaders"); + var timing = { + setTimeout: (cb, ms) => setTimeout(cb, ms), + clearTimeout: (timeoutId) => clearTimeout(timeoutId) + }; var DEFER_EVENT_LISTENER_TIME = 1e3; var setConnectionTimeout = /* @__PURE__ */ __name((request2, reject, timeoutInMs = 0) => { if (!timeoutInMs) { return -1; } const registerTimeout = /* @__PURE__ */ __name((offset) => { - const timeoutId = setTimeout(() => { + const timeoutId = timing.setTimeout(() => { request2.destroy(); reject( Object.assign(new Error(`Socket timed out without establishing a connection within ${timeoutInMs} ms`), { @@ -3320,10 +3396,10 @@ var require_dist_cjs19 = __commonJS({ const doWithSocket = /* @__PURE__ */ __name((socket) => { if (socket == null ? void 0 : socket.connecting) { socket.on("connect", () => { - clearTimeout(timeoutId); + timing.clearTimeout(timeoutId); }); } else { - clearTimeout(timeoutId); + timing.clearTimeout(timeoutId); } }, "doWithSocket"); if (request2.socket) { @@ -3336,7 +3412,7 @@ var require_dist_cjs19 = __commonJS({ registerTimeout(0); return 0; } - return setTimeout(registerTimeout.bind(null, DEFER_EVENT_LISTENER_TIME), DEFER_EVENT_LISTENER_TIME); + return timing.setTimeout(registerTimeout.bind(null, DEFER_EVENT_LISTENER_TIME), DEFER_EVENT_LISTENER_TIME); }, "setConnectionTimeout"); var DEFER_EVENT_LISTENER_TIME2 = 3e3; var setSocketKeepAlive = /* @__PURE__ */ __name((request2, { keepAlive, keepAliveMsecs }, deferTimeMs = DEFER_EVENT_LISTENER_TIME2) => { @@ -3356,21 +3432,27 @@ var require_dist_cjs19 = __commonJS({ registerListener(); return 0; } - return setTimeout(registerListener, deferTimeMs); + return timing.setTimeout(registerListener, deferTimeMs); }, "setSocketKeepAlive"); var DEFER_EVENT_LISTENER_TIME3 = 3e3; var setSocketTimeout = /* @__PURE__ */ __name((request2, reject, timeoutInMs = 0) => { const registerTimeout = /* @__PURE__ */ __name((offset) => { - request2.setTimeout(timeoutInMs - offset, () => { + const timeout = timeoutInMs - offset; + const onTimeout2 = /* @__PURE__ */ __name(() => { request2.destroy(); reject(Object.assign(new Error(`Connection timed out after ${timeoutInMs} ms`), { name: "TimeoutError" })); - }); + }, "onTimeout"); + if (request2.socket) { + request2.socket.setTimeout(timeout, onTimeout2); + } else { + request2.setTimeout(timeout, onTimeout2); + } }, "registerTimeout"); if (0 < timeoutInMs && timeoutInMs < 6e3) { registerTimeout(0); return 0; } - return setTimeout( + return timing.setTimeout( registerTimeout.bind(null, timeoutInMs === 0 ? 0 : DEFER_EVENT_LISTENER_TIME3), DEFER_EVENT_LISTENER_TIME3 ); @@ -3381,26 +3463,29 @@ var require_dist_cjs19 = __commonJS({ const headers = request2.headers ?? {}; const expect = headers["Expect"] || headers["expect"]; let timeoutId = -1; - let hasError = false; + let sendBody = true; if (expect === "100-continue") { - await Promise.race([ + sendBody = await Promise.race([ new Promise((resolve) => { - timeoutId = Number(setTimeout(resolve, Math.max(MIN_WAIT_TIME, maxContinueTimeoutMs))); + timeoutId = Number(timing.setTimeout(resolve, Math.max(MIN_WAIT_TIME, maxContinueTimeoutMs))); }), new Promise((resolve) => { httpRequest.on("continue", () => { - clearTimeout(timeoutId); - resolve(); + timing.clearTimeout(timeoutId); + resolve(true); + }); + httpRequest.on("response", () => { + timing.clearTimeout(timeoutId); + resolve(false); }); httpRequest.on("error", () => { - hasError = true; - clearTimeout(timeoutId); - resolve(); + timing.clearTimeout(timeoutId); + resolve(false); }); }) ]); } - if (!hasError) { + if (sendBody) { writeBody(httpRequest, request2.body); } } @@ -3522,12 +3607,12 @@ or increase socketAcquisitionWarningTimeout=(millis) in the NodeHttpHandler conf const timeouts = []; const resolve = /* @__PURE__ */ __name(async (arg) => { await writeRequestBodyPromise; - timeouts.forEach(clearTimeout); + timeouts.forEach(timing.clearTimeout); _resolve(arg); }, "resolve"); const reject = /* @__PURE__ */ __name(async (arg) => { await writeRequestBodyPromise; - timeouts.forEach(clearTimeout); + timeouts.forEach(timing.clearTimeout); _reject(arg); }, "reject"); if (!this.config) { @@ -3542,7 +3627,7 @@ or increase socketAcquisitionWarningTimeout=(millis) in the NodeHttpHandler conf const isSSL = request2.protocol === "https:"; const agent = isSSL ? this.config.httpsAgent : this.config.httpAgent; timeouts.push( - setTimeout( + timing.setTimeout( () => { this.socketWarningTimestamp = _NodeHttpHandler2.checkSocketUsage( agent, @@ -3628,7 +3713,7 @@ or increase socketAcquisitionWarningTimeout=(millis) in the NodeHttpHandler conf ); } writeRequestBodyPromise = writeRequestBody(req, request2, this.config.requestTimeout).catch((e) => { - timeouts.forEach(clearTimeout); + timeouts.forEach(timing.clearTimeout); return _reject(e); }); }); @@ -3761,7 +3846,7 @@ or increase socketAcquisitionWarningTimeout=(millis) in the NodeHttpHandler conf } } setMaxConcurrentStreams(maxConcurrentStreams) { - if (this.config.maxConcurrency && this.config.maxConcurrency <= 0) { + if (maxConcurrentStreams && maxConcurrentStreams <= 0) { throw new RangeError("maxConcurrentStreams must be greater than zero."); } this.config.maxConcurrency = maxConcurrentStreams; @@ -4001,8 +4086,52 @@ or increase socketAcquisitionWarningTimeout=(millis) in the NodeHttpHandler conf } }); +// ../../../node_modules/@smithy/util-stream/node_modules/@smithy/util-buffer-from/dist-cjs/index.js +var require_dist_cjs21 = __commonJS({ + "../../../node_modules/@smithy/util-stream/node_modules/@smithy/util-buffer-from/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); + }; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; + }; + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + fromArrayBuffer: () => fromArrayBuffer, + fromString: () => fromString + }); + module2.exports = __toCommonJS2(src_exports); + var import_is_array_buffer = require_dist_cjs13(); + var import_buffer = require("buffer"); + var fromArrayBuffer = /* @__PURE__ */ __name((input, offset = 0, length = input.byteLength - offset) => { + if (!(0, import_is_array_buffer.isArrayBuffer)(input)) { + throw new TypeError(`The "input" argument must be ArrayBuffer. Received type ${typeof input} (${input})`); + } + return import_buffer.Buffer.from(input, offset, length); + }, "fromArrayBuffer"); + var fromString = /* @__PURE__ */ __name((input, encoding) => { + if (typeof input !== "string") { + throw new TypeError(`The "input" argument must be of type string. Received type ${typeof input} (${input})`); + } + return encoding ? import_buffer.Buffer.from(input, encoding) : import_buffer.Buffer.from(input); + }, "fromString"); + } +}); + // ../../../node_modules/@smithy/util-stream/node_modules/@smithy/fetch-http-handler/dist-cjs/index.js -var require_dist_cjs20 = __commonJS({ +var require_dist_cjs22 = __commonJS({ "../../../node_modules/@smithy/util-stream/node_modules/@smithy/fetch-http-handler/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; @@ -4030,7 +4159,11 @@ var require_dist_cjs20 = __commonJS({ }); module2.exports = __toCommonJS2(src_exports); var import_protocol_http8 = require_dist_cjs2(); - var import_querystring_builder = require_dist_cjs18(); + var import_querystring_builder = require_dist_cjs19(); + function createRequest(url2, requestOptions) { + return new Request(url2, requestOptions); + } + __name(createRequest, "createRequest"); function requestTimeout(timeoutInMs = 0) { return new Promise((resolve, reject) => { if (timeoutInMs) { @@ -4066,7 +4199,7 @@ var require_dist_cjs20 = __commonJS({ } if (keepAliveSupport.supported === void 0) { keepAliveSupport.supported = Boolean( - typeof Request !== "undefined" && "keepalive" in new Request("https://[::1]") + typeof Request !== "undefined" && "keepalive" in createRequest("https://[::1]") ); } } @@ -4125,7 +4258,7 @@ var require_dist_cjs20 = __commonJS({ } let removeSignalEventListener = /* @__PURE__ */ __name(() => { }, "removeSignalEventListener"); - const fetchRequest = new Request(url2, requestOptions); + const fetchRequest = createRequest(url2, requestOptions); const raceOfPromises = [ fetch(fetchRequest).then((response) => { const fetchHeaders = response.headers; @@ -4188,12 +4321,23 @@ var require_dist_cjs20 = __commonJS({ }; __name(_FetchHttpHandler, "FetchHttpHandler"); var FetchHttpHandler = _FetchHttpHandler; + var import_util_base64 = require_dist_cjs17(); var streamCollector = /* @__PURE__ */ __name(async (stream) => { - if (typeof Blob === "function" && stream instanceof Blob) { - return new Uint8Array(await stream.arrayBuffer()); + var _a; + if (typeof Blob === "function" && stream instanceof Blob || ((_a = stream.constructor) == null ? void 0 : _a.name) === "Blob") { + if (Blob.prototype.arrayBuffer !== void 0) { + return new Uint8Array(await stream.arrayBuffer()); + } + return collectBlob(stream); } return collectStream(stream); }, "streamCollector"); + async function collectBlob(blob) { + const base64 = await readToBase64(blob); + const arrayBuffer = (0, import_util_base64.fromBase64)(base64); + return new Uint8Array(arrayBuffer); + } + __name(collectBlob, "collectBlob"); async function collectStream(stream) { const chunks = []; const reader = stream.getReader(); @@ -4216,12 +4360,30 @@ var require_dist_cjs20 = __commonJS({ return collected; } __name(collectStream, "collectStream"); + function readToBase64(blob) { + return new Promise((resolve, reject) => { + const reader = new FileReader(); + reader.onloadend = () => { + if (reader.readyState !== 2) { + return reject(new Error("Reader aborted too early")); + } + const result = reader.result ?? ""; + const commaIndex = result.indexOf(","); + const dataOffset = commaIndex > -1 ? commaIndex + 1 : result.length; + resolve(result.substring(dataOffset)); + }; + reader.onabort = () => reject(new Error("Read aborted")); + reader.onerror = () => reject(reader.error); + reader.readAsDataURL(blob); + }); + } + __name(readToBase64, "readToBase64"); } }); -// ../../../node_modules/@smithy/util-hex-encoding/dist-cjs/index.js -var require_dist_cjs21 = __commonJS({ - "../../../node_modules/@smithy/util-hex-encoding/dist-cjs/index.js"(exports2, module2) { +// ../../../node_modules/@smithy/util-stream/node_modules/@smithy/util-hex-encoding/dist-cjs/index.js +var require_dist_cjs23 = __commonJS({ + "../../../node_modules/@smithy/util-stream/node_modules/@smithy/util-hex-encoding/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; var __getOwnPropNames2 = Object.getOwnPropertyNames; @@ -4288,12 +4450,17 @@ var require_stream_type_check = __commonJS({ "../../../node_modules/@smithy/util-stream/dist-cjs/stream-type-check.js"(exports2) { "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); - exports2.isReadableStream = void 0; + exports2.isBlob = exports2.isReadableStream = void 0; var isReadableStream2 = (stream) => { var _a; return typeof ReadableStream === "function" && (((_a = stream === null || stream === void 0 ? void 0 : stream.constructor) === null || _a === void 0 ? void 0 : _a.name) === ReadableStream.name || stream instanceof ReadableStream); }; exports2.isReadableStream = isReadableStream2; + var isBlob2 = (blob) => { + var _a; + return typeof Blob === "function" && (((_a = blob === null || blob === void 0 ? void 0 : blob.constructor) === null || _a === void 0 ? void 0 : _a.name) === Blob.name || blob instanceof Blob); + }; + exports2.isBlob = isBlob2; } }); @@ -4303,10 +4470,10 @@ var require_sdk_stream_mixin_browser = __commonJS({ "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); exports2.sdkStreamMixin = void 0; - var fetch_http_handler_1 = require_dist_cjs20(); - var util_base64_1 = require_dist_cjs16(); - var util_hex_encoding_1 = require_dist_cjs21(); - var util_utf8_1 = require_dist_cjs15(); + var fetch_http_handler_1 = require_dist_cjs22(); + var util_base64_1 = require_dist_cjs17(); + var util_hex_encoding_1 = require_dist_cjs23(); + var util_utf8_1 = require_dist_cjs16(); var stream_type_check_1 = require_stream_type_check(); var ERR_MSG_STREAM_HAS_BEEN_TRANSFORMED = "The stream has already been transformed."; var sdkStreamMixin2 = (stream) => { @@ -4371,10 +4538,9 @@ var require_sdk_stream_mixin = __commonJS({ "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); exports2.sdkStreamMixin = void 0; - var node_http_handler_1 = require_dist_cjs19(); - var util_buffer_from_1 = require_dist_cjs14(); + var node_http_handler_1 = require_dist_cjs20(); + var util_buffer_from_1 = require_dist_cjs21(); var stream_1 = require("stream"); - var util_1 = require("util"); var sdk_stream_mixin_browser_1 = require_sdk_stream_mixin_browser(); var ERR_MSG_STREAM_HAS_BEEN_TRANSFORMED = "The stream has already been transformed."; var sdkStreamMixin2 = (stream) => { @@ -4402,7 +4568,7 @@ var require_sdk_stream_mixin = __commonJS({ if (encoding === void 0 || Buffer.isEncoding(encoding)) { return (0, util_buffer_from_1.fromArrayBuffer)(buf.buffer, buf.byteOffset, buf.byteLength).toString(encoding); } else { - const decoder2 = new util_1.TextDecoder(encoding); + const decoder2 = new TextDecoder(encoding); return decoder2.decode(buf); } }, @@ -4452,7 +4618,7 @@ var require_splitStream = __commonJS({ var splitStream_browser_1 = require_splitStream_browser(); var stream_type_check_1 = require_stream_type_check(); async function splitStream2(stream) { - if ((0, stream_type_check_1.isReadableStream)(stream)) { + if ((0, stream_type_check_1.isReadableStream)(stream) || (0, stream_type_check_1.isBlob)(stream)) { return (0, splitStream_browser_1.splitStream)(stream); } const stream1 = new stream_1.PassThrough(); @@ -4564,7 +4730,7 @@ var require_ChecksumStream = __commonJS({ "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); exports2.ChecksumStream = void 0; - var util_base64_1 = require_dist_cjs16(); + var util_base64_1 = require_dist_cjs17(); var stream_1 = require("stream"); var ChecksumStream2 = class extends stream_1.Duplex { constructor({ expectedChecksum, checksum, source, checksumSourceLocation, base64Encoder }) { @@ -4630,7 +4796,7 @@ var require_createChecksumStream_browser = __commonJS({ "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); exports2.createChecksumStream = void 0; - var util_base64_1 = require_dist_cjs16(); + var util_base64_1 = require_dist_cjs17(); var stream_type_check_1 = require_stream_type_check(); var ChecksumStream_browser_1 = require_ChecksumStream_browser(); var createChecksumStream2 = ({ expectedChecksum, checksum, source, checksumSourceLocation, base64Encoder }) => { @@ -4689,7 +4855,7 @@ var require_createChecksumStream = __commonJS({ }); // ../../../node_modules/@smithy/util-stream/dist-cjs/index.js -var require_dist_cjs22 = __commonJS({ +var require_dist_cjs24 = __commonJS({ "../../../node_modules/@smithy/util-stream/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; @@ -4715,8 +4881,8 @@ var require_dist_cjs22 = __commonJS({ Uint8ArrayBlobAdapter: () => Uint8ArrayBlobAdapter2 }); module2.exports = __toCommonJS2(src_exports); - var import_util_base64 = require_dist_cjs16(); - var import_util_utf8 = require_dist_cjs15(); + var import_util_base64 = require_dist_cjs17(); + var import_util_utf8 = require_dist_cjs16(); function transformToString(payload, encoding = "utf-8") { if (encoding === "base64") { return (0, import_util_base64.toBase64)(payload); @@ -4776,7 +4942,7 @@ var require_dist_cjs22 = __commonJS({ var import_util_stream, collectBody2; var init_collect_stream_body = __esm({ "../../../node_modules/@smithy/core/dist-es/submodules/protocols/collect-stream-body.js"() { - import_util_stream = __toESM(require_dist_cjs22()); + import_util_stream = __toESM(require_dist_cjs24()); collectBody2 = async (streamBody = new Uint8Array(), context) => { if (streamBody instanceof Uint8Array) { return import_util_stream.Uint8ArrayBlobAdapter.mutate(streamBody); @@ -4801,6 +4967,26 @@ var init_extended_encode_uri_component = __esm({ } }); +// ../../../node_modules/@smithy/core/dist-es/submodules/protocols/resolve-path.js +var resolvedPath2; +var init_resolve_path = __esm({ + "../../../node_modules/@smithy/core/dist-es/submodules/protocols/resolve-path.js"() { + init_extended_encode_uri_component(); + resolvedPath2 = (resolvedPath3, input, memberName, labelValueProvider, uriLabel, isGreedyLabel) => { + if (input != null && input[memberName] !== void 0) { + const labelValue = labelValueProvider(); + if (labelValue.length <= 0) { + throw new Error("Empty value provided for input HTTP label: " + memberName + "."); + } + resolvedPath3 = resolvedPath3.replace(uriLabel, isGreedyLabel ? labelValue.split("/").map((segment) => extendedEncodeURIComponent2(segment)).join("/") : extendedEncodeURIComponent2(labelValue)); + } else { + throw new Error("No value provided for input HTTP label: " + memberName + "."); + } + return resolvedPath3; + }; + } +}); + // ../../../node_modules/@smithy/core/dist-es/submodules/protocols/requestBuilder.js function requestBuilder(input, context) { return new RequestBuilder(input, context); @@ -4808,8 +4994,8 @@ function requestBuilder(input, context) { var import_protocol_http2, RequestBuilder; var init_requestBuilder = __esm({ "../../../node_modules/@smithy/core/dist-es/submodules/protocols/requestBuilder.js"() { - init_protocols(); import_protocol_http2 = __toESM(require_dist_cjs2()); + init_resolve_path(); RequestBuilder = class { constructor(input, context) { this.input = input; @@ -4875,26 +5061,6 @@ var init_requestBuilder = __esm({ } }); -// ../../../node_modules/@smithy/core/dist-es/submodules/protocols/resolve-path.js -var resolvedPath2; -var init_resolve_path = __esm({ - "../../../node_modules/@smithy/core/dist-es/submodules/protocols/resolve-path.js"() { - init_extended_encode_uri_component(); - resolvedPath2 = (resolvedPath3, input, memberName, labelValueProvider, uriLabel, isGreedyLabel) => { - if (input != null && input[memberName] !== void 0) { - const labelValue = labelValueProvider(); - if (labelValue.length <= 0) { - throw new Error("Empty value provided for input HTTP label: " + memberName + "."); - } - resolvedPath3 = resolvedPath3.replace(uriLabel, isGreedyLabel ? labelValue.split("/").map((segment) => extendedEncodeURIComponent2(segment)).join("/") : extendedEncodeURIComponent2(labelValue)); - } else { - throw new Error("No value provided for input HTTP label: " + memberName + "."); - } - return resolvedPath3; - }; - } -}); - // ../../../node_modules/@smithy/core/dist-es/submodules/protocols/index.js var protocols_exports = {}; __export(protocols_exports, { @@ -5137,7 +5303,7 @@ var init_dist_es = __esm({ }); // ../../../node_modules/@smithy/middleware-content-length/dist-cjs/index.js -var require_dist_cjs23 = __commonJS({ +var require_dist_cjs25 = __commonJS({ "../../../node_modules/@smithy/middleware-content-length/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; @@ -5203,9 +5369,9 @@ var require_dist_cjs23 = __commonJS({ } }); -// ../../../node_modules/@smithy/property-provider/dist-cjs/index.js -var require_dist_cjs24 = __commonJS({ - "../../../node_modules/@smithy/property-provider/dist-cjs/index.js"(exports2, module2) { +// ../../../node_modules/@smithy/node-config-provider/node_modules/@smithy/property-provider/dist-cjs/index.js +var require_dist_cjs26 = __commonJS({ + "../../../node_modules/@smithy/node-config-provider/node_modules/@smithy/property-provider/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; var __getOwnPropNames2 = Object.getOwnPropertyNames; @@ -5352,9 +5518,9 @@ var require_dist_cjs24 = __commonJS({ } }); -// ../../../node_modules/@smithy/shared-ini-file-loader/dist-cjs/getHomeDir.js +// ../../../node_modules/@smithy/node-config-provider/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getHomeDir.js var require_getHomeDir = __commonJS({ - "../../../node_modules/@smithy/shared-ini-file-loader/dist-cjs/getHomeDir.js"(exports2) { + "../../../node_modules/@smithy/node-config-provider/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getHomeDir.js"(exports2) { "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getHomeDir = void 0; @@ -5384,9 +5550,9 @@ var require_getHomeDir = __commonJS({ } }); -// ../../../node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFilepath.js +// ../../../node_modules/@smithy/node-config-provider/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFilepath.js var require_getSSOTokenFilepath = __commonJS({ - "../../../node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFilepath.js"(exports2) { + "../../../node_modules/@smithy/node-config-provider/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFilepath.js"(exports2) { "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getSSOTokenFilepath = void 0; @@ -5402,9 +5568,9 @@ var require_getSSOTokenFilepath = __commonJS({ } }); -// ../../../node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFromFile.js +// ../../../node_modules/@smithy/node-config-provider/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFromFile.js var require_getSSOTokenFromFile = __commonJS({ - "../../../node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFromFile.js"(exports2) { + "../../../node_modules/@smithy/node-config-provider/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFromFile.js"(exports2) { "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getSSOTokenFromFile = void 0; @@ -5420,9 +5586,9 @@ var require_getSSOTokenFromFile = __commonJS({ } }); -// ../../../node_modules/@smithy/shared-ini-file-loader/dist-cjs/slurpFile.js +// ../../../node_modules/@smithy/node-config-provider/node_modules/@smithy/shared-ini-file-loader/dist-cjs/slurpFile.js var require_slurpFile = __commonJS({ - "../../../node_modules/@smithy/shared-ini-file-loader/dist-cjs/slurpFile.js"(exports2) { + "../../../node_modules/@smithy/node-config-provider/node_modules/@smithy/shared-ini-file-loader/dist-cjs/slurpFile.js"(exports2) { "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); exports2.slurpFile = void 0; @@ -5439,9 +5605,9 @@ var require_slurpFile = __commonJS({ } }); -// ../../../node_modules/@smithy/shared-ini-file-loader/dist-cjs/index.js -var require_dist_cjs25 = __commonJS({ - "../../../node_modules/@smithy/shared-ini-file-loader/dist-cjs/index.js"(exports2, module2) { +// ../../../node_modules/@smithy/node-config-provider/node_modules/@smithy/shared-ini-file-loader/dist-cjs/index.js +var require_dist_cjs27 = __commonJS({ + "../../../node_modules/@smithy/node-config-provider/node_modules/@smithy/shared-ini-file-loader/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; var __getOwnPropNames2 = Object.getOwnPropertyNames; @@ -5605,7 +5771,7 @@ var require_dist_cjs25 = __commonJS({ }); // ../../../node_modules/@smithy/node-config-provider/dist-cjs/index.js -var require_dist_cjs26 = __commonJS({ +var require_dist_cjs28 = __commonJS({ "../../../node_modules/@smithy/node-config-provider/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; @@ -5630,7 +5796,7 @@ var require_dist_cjs26 = __commonJS({ loadConfig: () => loadConfig }); module2.exports = __toCommonJS2(src_exports); - var import_property_provider2 = require_dist_cjs24(); + var import_property_provider2 = require_dist_cjs26(); function getSelectorName(functionString) { try { const constants = new Set(Array.from(functionString.match(/([A-Z_]){3,}/g) ?? [])); @@ -5657,7 +5823,7 @@ var require_dist_cjs26 = __commonJS({ ); } }, "fromEnv"); - var import_shared_ini_file_loader = require_dist_cjs25(); + var import_shared_ini_file_loader = require_dist_cjs27(); var fromSharedConfigFiles = /* @__PURE__ */ __name((configSelector, { preferredFile = "config", ...init } = {}) => async () => { const profile = (0, import_shared_ini_file_loader.getProfileName)(init); const { configFile, credentialsFile } = await (0, import_shared_ini_file_loader.loadSharedConfigFiles)(init); @@ -5690,62 +5856,314 @@ var require_dist_cjs26 = __commonJS({ } }); -// ../../../node_modules/@smithy/middleware-endpoint/dist-cjs/adaptors/getEndpointUrlConfig.js -var require_getEndpointUrlConfig = __commonJS({ - "../../../node_modules/@smithy/middleware-endpoint/dist-cjs/adaptors/getEndpointUrlConfig.js"(exports2) { +// ../../../node_modules/@smithy/middleware-endpoint/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getHomeDir.js +var require_getHomeDir2 = __commonJS({ + "../../../node_modules/@smithy/middleware-endpoint/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getHomeDir.js"(exports2) { "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); - exports2.getEndpointUrlConfig = void 0; - var shared_ini_file_loader_1 = require_dist_cjs25(); - var ENV_ENDPOINT_URL = "AWS_ENDPOINT_URL"; - var CONFIG_ENDPOINT_URL = "endpoint_url"; - var getEndpointUrlConfig = (serviceId) => ({ - environmentVariableSelector: (env) => { - const serviceSuffixParts = serviceId.split(" ").map((w) => w.toUpperCase()); - const serviceEndpointUrl = env[[ENV_ENDPOINT_URL, ...serviceSuffixParts].join("_")]; - if (serviceEndpointUrl) - return serviceEndpointUrl; - const endpointUrl = env[ENV_ENDPOINT_URL]; - if (endpointUrl) - return endpointUrl; - return void 0; - }, - configFileSelector: (profile, config) => { - if (config && profile.services) { - const servicesSection = config[["services", profile.services].join(shared_ini_file_loader_1.CONFIG_PREFIX_SEPARATOR)]; - if (servicesSection) { - const servicePrefixParts = serviceId.split(" ").map((w) => w.toLowerCase()); - const endpointUrl2 = servicesSection[[servicePrefixParts.join("_"), CONFIG_ENDPOINT_URL].join(shared_ini_file_loader_1.CONFIG_PREFIX_SEPARATOR)]; - if (endpointUrl2) - return endpointUrl2; - } - } - const endpointUrl = profile[CONFIG_ENDPOINT_URL]; - if (endpointUrl) - return endpointUrl; - return void 0; - }, - default: void 0 - }); - exports2.getEndpointUrlConfig = getEndpointUrlConfig; + exports2.getHomeDir = void 0; + var os_1 = require("os"); + var path_1 = require("path"); + var homeDirCache = {}; + var getHomeDirCacheKey = () => { + if (process && process.geteuid) { + return `${process.geteuid()}`; + } + return "DEFAULT"; + }; + var getHomeDir2 = () => { + const { HOME, USERPROFILE, HOMEPATH, HOMEDRIVE = `C:${path_1.sep}` } = process.env; + if (HOME) + return HOME; + if (USERPROFILE) + return USERPROFILE; + if (HOMEPATH) + return `${HOMEDRIVE}${HOMEPATH}`; + const homeDirCacheKey = getHomeDirCacheKey(); + if (!homeDirCache[homeDirCacheKey]) + homeDirCache[homeDirCacheKey] = (0, os_1.homedir)(); + return homeDirCache[homeDirCacheKey]; + }; + exports2.getHomeDir = getHomeDir2; } }); -// ../../../node_modules/@smithy/middleware-endpoint/dist-cjs/adaptors/getEndpointFromConfig.js -var require_getEndpointFromConfig = __commonJS({ - "../../../node_modules/@smithy/middleware-endpoint/dist-cjs/adaptors/getEndpointFromConfig.js"(exports2) { +// ../../../node_modules/@smithy/middleware-endpoint/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFilepath.js +var require_getSSOTokenFilepath2 = __commonJS({ + "../../../node_modules/@smithy/middleware-endpoint/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFilepath.js"(exports2) { "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); - exports2.getEndpointFromConfig = void 0; - var node_config_provider_1 = require_dist_cjs26(); - var getEndpointUrlConfig_1 = require_getEndpointUrlConfig(); - var getEndpointFromConfig = async (serviceId) => (0, node_config_provider_1.loadConfig)((0, getEndpointUrlConfig_1.getEndpointUrlConfig)(serviceId !== null && serviceId !== void 0 ? serviceId : ""))(); - exports2.getEndpointFromConfig = getEndpointFromConfig; + exports2.getSSOTokenFilepath = void 0; + var crypto_1 = require("crypto"); + var path_1 = require("path"); + var getHomeDir_1 = require_getHomeDir2(); + var getSSOTokenFilepath2 = (id) => { + const hasher = (0, crypto_1.createHash)("sha1"); + const cacheName = hasher.update(id).digest("hex"); + return (0, path_1.join)((0, getHomeDir_1.getHomeDir)(), ".aws", "sso", "cache", `${cacheName}.json`); + }; + exports2.getSSOTokenFilepath = getSSOTokenFilepath2; + } +}); + +// ../../../node_modules/@smithy/middleware-endpoint/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFromFile.js +var require_getSSOTokenFromFile2 = __commonJS({ + "../../../node_modules/@smithy/middleware-endpoint/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFromFile.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getSSOTokenFromFile = void 0; + var fs_1 = require("fs"); + var getSSOTokenFilepath_1 = require_getSSOTokenFilepath2(); + var { readFile } = fs_1.promises; + var getSSOTokenFromFile2 = async (id) => { + const ssoTokenFilepath = (0, getSSOTokenFilepath_1.getSSOTokenFilepath)(id); + const ssoTokenText = await readFile(ssoTokenFilepath, "utf8"); + return JSON.parse(ssoTokenText); + }; + exports2.getSSOTokenFromFile = getSSOTokenFromFile2; + } +}); + +// ../../../node_modules/@smithy/middleware-endpoint/node_modules/@smithy/shared-ini-file-loader/dist-cjs/slurpFile.js +var require_slurpFile2 = __commonJS({ + "../../../node_modules/@smithy/middleware-endpoint/node_modules/@smithy/shared-ini-file-loader/dist-cjs/slurpFile.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.slurpFile = void 0; + var fs_1 = require("fs"); + var { readFile } = fs_1.promises; + var filePromisesHash = {}; + var slurpFile = (path, options) => { + if (!filePromisesHash[path] || (options === null || options === void 0 ? void 0 : options.ignoreCache)) { + filePromisesHash[path] = readFile(path, "utf8"); + } + return filePromisesHash[path]; + }; + exports2.slurpFile = slurpFile; + } +}); + +// ../../../node_modules/@smithy/middleware-endpoint/node_modules/@smithy/shared-ini-file-loader/dist-cjs/index.js +var require_dist_cjs29 = __commonJS({ + "../../../node_modules/@smithy/middleware-endpoint/node_modules/@smithy/shared-ini-file-loader/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); + }; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; + }; + var __reExport = (target, mod, secondTarget) => (__copyProps2(target, mod, "default"), secondTarget && __copyProps2(secondTarget, mod, "default")); + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + CONFIG_PREFIX_SEPARATOR: () => CONFIG_PREFIX_SEPARATOR, + DEFAULT_PROFILE: () => DEFAULT_PROFILE, + ENV_PROFILE: () => ENV_PROFILE, + getProfileName: () => getProfileName, + loadSharedConfigFiles: () => loadSharedConfigFiles, + loadSsoSessionData: () => loadSsoSessionData, + parseKnownFiles: () => parseKnownFiles + }); + module2.exports = __toCommonJS2(src_exports); + __reExport(src_exports, require_getHomeDir2(), module2.exports); + var ENV_PROFILE = "AWS_PROFILE"; + var DEFAULT_PROFILE = "default"; + var getProfileName = /* @__PURE__ */ __name((init) => init.profile || process.env[ENV_PROFILE] || DEFAULT_PROFILE, "getProfileName"); + __reExport(src_exports, require_getSSOTokenFilepath2(), module2.exports); + __reExport(src_exports, require_getSSOTokenFromFile2(), module2.exports); + var import_types5 = require_dist_cjs(); + var getConfigData = /* @__PURE__ */ __name((data) => Object.entries(data).filter(([key]) => { + const indexOfSeparator = key.indexOf(CONFIG_PREFIX_SEPARATOR); + if (indexOfSeparator === -1) { + return false; + } + return Object.values(import_types5.IniSectionType).includes(key.substring(0, indexOfSeparator)); + }).reduce( + (acc, [key, value]) => { + const indexOfSeparator = key.indexOf(CONFIG_PREFIX_SEPARATOR); + const updatedKey = key.substring(0, indexOfSeparator) === import_types5.IniSectionType.PROFILE ? key.substring(indexOfSeparator + 1) : key; + acc[updatedKey] = value; + return acc; + }, + { + // Populate default profile, if present. + ...data.default && { default: data.default } + } + ), "getConfigData"); + var import_path = require("path"); + var import_getHomeDir = require_getHomeDir2(); + var ENV_CONFIG_PATH = "AWS_CONFIG_FILE"; + var getConfigFilepath = /* @__PURE__ */ __name(() => process.env[ENV_CONFIG_PATH] || (0, import_path.join)((0, import_getHomeDir.getHomeDir)(), ".aws", "config"), "getConfigFilepath"); + var import_getHomeDir2 = require_getHomeDir2(); + var ENV_CREDENTIALS_PATH = "AWS_SHARED_CREDENTIALS_FILE"; + var getCredentialsFilepath = /* @__PURE__ */ __name(() => process.env[ENV_CREDENTIALS_PATH] || (0, import_path.join)((0, import_getHomeDir2.getHomeDir)(), ".aws", "credentials"), "getCredentialsFilepath"); + var import_getHomeDir3 = require_getHomeDir2(); + var prefixKeyRegex = /^([\w-]+)\s(["'])?([\w-@\+\.%:/]+)\2$/; + var profileNameBlockList = ["__proto__", "profile __proto__"]; + var parseIni = /* @__PURE__ */ __name((iniData) => { + const map = {}; + let currentSection; + let currentSubSection; + for (const iniLine of iniData.split(/\r?\n/)) { + const trimmedLine = iniLine.split(/(^|\s)[;#]/)[0].trim(); + const isSection = trimmedLine[0] === "[" && trimmedLine[trimmedLine.length - 1] === "]"; + if (isSection) { + currentSection = void 0; + currentSubSection = void 0; + const sectionName = trimmedLine.substring(1, trimmedLine.length - 1); + const matches = prefixKeyRegex.exec(sectionName); + if (matches) { + const [, prefix, , name] = matches; + if (Object.values(import_types5.IniSectionType).includes(prefix)) { + currentSection = [prefix, name].join(CONFIG_PREFIX_SEPARATOR); + } + } else { + currentSection = sectionName; + } + if (profileNameBlockList.includes(sectionName)) { + throw new Error(`Found invalid profile name "${sectionName}"`); + } + } else if (currentSection) { + const indexOfEqualsSign = trimmedLine.indexOf("="); + if (![0, -1].includes(indexOfEqualsSign)) { + const [name, value] = [ + trimmedLine.substring(0, indexOfEqualsSign).trim(), + trimmedLine.substring(indexOfEqualsSign + 1).trim() + ]; + if (value === "") { + currentSubSection = name; + } else { + if (currentSubSection && iniLine.trimStart() === iniLine) { + currentSubSection = void 0; + } + map[currentSection] = map[currentSection] || {}; + const key = currentSubSection ? [currentSubSection, name].join(CONFIG_PREFIX_SEPARATOR) : name; + map[currentSection][key] = value; + } + } + } + } + return map; + }, "parseIni"); + var import_slurpFile = require_slurpFile2(); + var swallowError = /* @__PURE__ */ __name(() => ({}), "swallowError"); + var CONFIG_PREFIX_SEPARATOR = "."; + var loadSharedConfigFiles = /* @__PURE__ */ __name(async (init = {}) => { + const { filepath = getCredentialsFilepath(), configFilepath = getConfigFilepath() } = init; + const homeDir = (0, import_getHomeDir3.getHomeDir)(); + const relativeHomeDirPrefix = "~/"; + let resolvedFilepath = filepath; + if (filepath.startsWith(relativeHomeDirPrefix)) { + resolvedFilepath = (0, import_path.join)(homeDir, filepath.slice(2)); + } + let resolvedConfigFilepath = configFilepath; + if (configFilepath.startsWith(relativeHomeDirPrefix)) { + resolvedConfigFilepath = (0, import_path.join)(homeDir, configFilepath.slice(2)); + } + const parsedFiles = await Promise.all([ + (0, import_slurpFile.slurpFile)(resolvedConfigFilepath, { + ignoreCache: init.ignoreCache + }).then(parseIni).then(getConfigData).catch(swallowError), + (0, import_slurpFile.slurpFile)(resolvedFilepath, { + ignoreCache: init.ignoreCache + }).then(parseIni).catch(swallowError) + ]); + return { + configFile: parsedFiles[0], + credentialsFile: parsedFiles[1] + }; + }, "loadSharedConfigFiles"); + var getSsoSessionData = /* @__PURE__ */ __name((data) => Object.entries(data).filter(([key]) => key.startsWith(import_types5.IniSectionType.SSO_SESSION + CONFIG_PREFIX_SEPARATOR)).reduce((acc, [key, value]) => ({ ...acc, [key.substring(key.indexOf(CONFIG_PREFIX_SEPARATOR) + 1)]: value }), {}), "getSsoSessionData"); + var import_slurpFile2 = require_slurpFile2(); + var swallowError2 = /* @__PURE__ */ __name(() => ({}), "swallowError"); + var loadSsoSessionData = /* @__PURE__ */ __name(async (init = {}) => (0, import_slurpFile2.slurpFile)(init.configFilepath ?? getConfigFilepath()).then(parseIni).then(getSsoSessionData).catch(swallowError2), "loadSsoSessionData"); + var mergeConfigFiles = /* @__PURE__ */ __name((...files) => { + const merged = {}; + for (const file of files) { + for (const [key, values] of Object.entries(file)) { + if (merged[key] !== void 0) { + Object.assign(merged[key], values); + } else { + merged[key] = values; + } + } + } + return merged; + }, "mergeConfigFiles"); + var parseKnownFiles = /* @__PURE__ */ __name(async (init) => { + const parsedFiles = await loadSharedConfigFiles(init); + return mergeConfigFiles(parsedFiles.configFile, parsedFiles.credentialsFile); + }, "parseKnownFiles"); + } +}); + +// ../../../node_modules/@smithy/middleware-endpoint/dist-cjs/adaptors/getEndpointUrlConfig.js +var require_getEndpointUrlConfig = __commonJS({ + "../../../node_modules/@smithy/middleware-endpoint/dist-cjs/adaptors/getEndpointUrlConfig.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getEndpointUrlConfig = void 0; + var shared_ini_file_loader_1 = require_dist_cjs29(); + var ENV_ENDPOINT_URL = "AWS_ENDPOINT_URL"; + var CONFIG_ENDPOINT_URL = "endpoint_url"; + var getEndpointUrlConfig = (serviceId) => ({ + environmentVariableSelector: (env) => { + const serviceSuffixParts = serviceId.split(" ").map((w) => w.toUpperCase()); + const serviceEndpointUrl = env[[ENV_ENDPOINT_URL, ...serviceSuffixParts].join("_")]; + if (serviceEndpointUrl) + return serviceEndpointUrl; + const endpointUrl = env[ENV_ENDPOINT_URL]; + if (endpointUrl) + return endpointUrl; + return void 0; + }, + configFileSelector: (profile, config) => { + if (config && profile.services) { + const servicesSection = config[["services", profile.services].join(shared_ini_file_loader_1.CONFIG_PREFIX_SEPARATOR)]; + if (servicesSection) { + const servicePrefixParts = serviceId.split(" ").map((w) => w.toLowerCase()); + const endpointUrl2 = servicesSection[[servicePrefixParts.join("_"), CONFIG_ENDPOINT_URL].join(shared_ini_file_loader_1.CONFIG_PREFIX_SEPARATOR)]; + if (endpointUrl2) + return endpointUrl2; + } + } + const endpointUrl = profile[CONFIG_ENDPOINT_URL]; + if (endpointUrl) + return endpointUrl; + return void 0; + }, + default: void 0 + }); + exports2.getEndpointUrlConfig = getEndpointUrlConfig; + } +}); + +// ../../../node_modules/@smithy/middleware-endpoint/dist-cjs/adaptors/getEndpointFromConfig.js +var require_getEndpointFromConfig = __commonJS({ + "../../../node_modules/@smithy/middleware-endpoint/dist-cjs/adaptors/getEndpointFromConfig.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getEndpointFromConfig = void 0; + var node_config_provider_1 = require_dist_cjs28(); + var getEndpointUrlConfig_1 = require_getEndpointUrlConfig(); + var getEndpointFromConfig = async (serviceId) => (0, node_config_provider_1.loadConfig)((0, getEndpointUrlConfig_1.getEndpointUrlConfig)(serviceId !== null && serviceId !== void 0 ? serviceId : ""))(); + exports2.getEndpointFromConfig = getEndpointFromConfig; } }); // ../../../node_modules/@smithy/querystring-parser/dist-cjs/index.js -var require_dist_cjs27 = __commonJS({ +var require_dist_cjs30 = __commonJS({ "../../../node_modules/@smithy/querystring-parser/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; @@ -5796,7 +6214,7 @@ var require_dist_cjs27 = __commonJS({ }); // ../../../node_modules/@smithy/url-parser/dist-cjs/index.js -var require_dist_cjs28 = __commonJS({ +var require_dist_cjs31 = __commonJS({ "../../../node_modules/@smithy/url-parser/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; @@ -5821,7 +6239,7 @@ var require_dist_cjs28 = __commonJS({ parseUrl: () => parseUrl }); module2.exports = __toCommonJS2(src_exports); - var import_querystring_parser = require_dist_cjs27(); + var import_querystring_parser = require_dist_cjs30(); var parseUrl = /* @__PURE__ */ __name((url2) => { if (typeof url2 === "string") { return parseUrl(new URL(url2)); @@ -5843,7 +6261,7 @@ var require_dist_cjs28 = __commonJS({ }); // ../../../node_modules/@smithy/middleware-endpoint/dist-cjs/index.js -var require_dist_cjs29 = __commonJS({ +var require_dist_cjs32 = __commonJS({ "../../../node_modules/@smithy/middleware-endpoint/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; @@ -5945,7 +6363,7 @@ var require_dist_cjs29 = __commonJS({ return configProvider; }, "createConfigValueProvider"); var import_getEndpointFromConfig = require_getEndpointFromConfig(); - var import_url_parser = require_dist_cjs28(); + var import_url_parser = require_dist_cjs31(); var toEndpointV1 = /* @__PURE__ */ __name((endpoint) => { if (typeof endpoint === "object") { if ("url" in endpoint) { @@ -5990,6 +6408,9 @@ var require_dist_cjs29 = __commonJS({ case "builtInParams": endpointParams[name] = await createConfigValueProvider(instruction.name, name, clientConfig)(); break; + case "operationContextParams": + endpointParams[name] = instruction.get(commandInput); + break; default: throw new Error("Unrecognized endpoint parameter instruction: " + JSON.stringify(instruction)); } @@ -6448,9 +6869,9 @@ var init_esm_node = __esm({ } }); -// ../../../node_modules/@smithy/service-error-classification/dist-cjs/index.js -var require_dist_cjs30 = __commonJS({ - "../../../node_modules/@smithy/service-error-classification/dist-cjs/index.js"(exports2, module2) { +// ../../../node_modules/@smithy/util-retry/node_modules/@smithy/service-error-classification/dist-cjs/index.js +var require_dist_cjs33 = __commonJS({ + "../../../node_modules/@smithy/util-retry/node_modules/@smithy/service-error-classification/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; var __getOwnPropNames2 = Object.getOwnPropertyNames; @@ -6517,9 +6938,9 @@ var require_dist_cjs30 = __commonJS({ var _a, _b; return ((_a = error.$metadata) == null ? void 0 : _a.httpStatusCode) === 429 || THROTTLING_ERROR_CODES.includes(error.name) || ((_b = error.$retryable) == null ? void 0 : _b.throttling) == true; }, "isThrottlingError"); - var isTransientError = /* @__PURE__ */ __name((error) => { + var isTransientError = /* @__PURE__ */ __name((error, depth = 0) => { var _a; - return isClockSkewCorrectedError(error) || TRANSIENT_ERROR_CODES.includes(error.name) || NODEJS_TIMEOUT_ERROR_CODES.includes((error == null ? void 0 : error.code) || "") || TRANSIENT_ERROR_STATUS_CODES.includes(((_a = error.$metadata) == null ? void 0 : _a.httpStatusCode) || 0); + return isClockSkewCorrectedError(error) || TRANSIENT_ERROR_CODES.includes(error.name) || NODEJS_TIMEOUT_ERROR_CODES.includes((error == null ? void 0 : error.code) || "") || TRANSIENT_ERROR_STATUS_CODES.includes(((_a = error.$metadata) == null ? void 0 : _a.httpStatusCode) || 0) || error.cause !== void 0 && depth <= 10 && isTransientError(error.cause, depth + 1); }, "isTransientError"); var isServerError = /* @__PURE__ */ __name((error) => { var _a; @@ -6536,7 +6957,7 @@ var require_dist_cjs30 = __commonJS({ }); // ../../../node_modules/@smithy/util-retry/dist-cjs/index.js -var require_dist_cjs31 = __commonJS({ +var require_dist_cjs34 = __commonJS({ "../../../node_modules/@smithy/util-retry/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; @@ -6583,8 +7004,8 @@ var require_dist_cjs31 = __commonJS({ })(RETRY_MODES || {}); var DEFAULT_MAX_ATTEMPTS = 3; var DEFAULT_RETRY_MODE = "standard"; - var import_service_error_classification = require_dist_cjs30(); - var _DefaultRateLimiter = class _DefaultRateLimiter { + var import_service_error_classification = require_dist_cjs33(); + var _DefaultRateLimiter = class _DefaultRateLimiter2 { constructor(options) { this.currentCapacity = 0; this.enabled = false; @@ -6617,7 +7038,7 @@ var require_dist_cjs31 = __commonJS({ this.refillTokenBucket(); if (amount > this.currentCapacity) { const delay = (amount - this.currentCapacity) / this.fillRate * 1e3; - await new Promise((resolve) => setTimeout(resolve, delay)); + await new Promise((resolve) => _DefaultRateLimiter2.setTimeoutFn(resolve, delay)); } this.currentCapacity = this.currentCapacity - amount; } @@ -6684,6 +7105,7 @@ var require_dist_cjs31 = __commonJS({ } }; __name(_DefaultRateLimiter, "DefaultRateLimiter"); + _DefaultRateLimiter.setTimeoutFn = setTimeout; var DefaultRateLimiter = _DefaultRateLimiter; var DEFAULT_RETRY_DELAY_BASE = 100; var MAXIMUM_RETRY_DELAY = 20 * 1e3; @@ -6849,9 +7271,9 @@ var require_dist_cjs31 = __commonJS({ } }); -// ../../../node_modules/@smithy/middleware-stack/dist-cjs/index.js -var require_dist_cjs32 = __commonJS({ - "../../../node_modules/@smithy/middleware-stack/dist-cjs/index.js"(exports2, module2) { +// ../../../node_modules/@smithy/middleware-retry/node_modules/@smithy/service-error-classification/dist-cjs/index.js +var require_dist_cjs35 = __commonJS({ + "../../../node_modules/@smithy/middleware-retry/node_modules/@smithy/service-error-classification/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; var __getOwnPropNames2 = Object.getOwnPropertyNames; @@ -6872,10 +7294,97 @@ var require_dist_cjs32 = __commonJS({ var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var src_exports = {}; __export2(src_exports, { - constructStack: () => constructStack - }); - module2.exports = __toCommonJS2(src_exports); - var getAllAliases = /* @__PURE__ */ __name((name, aliases) => { + isClockSkewCorrectedError: () => isClockSkewCorrectedError, + isClockSkewError: () => isClockSkewError, + isRetryableByTrait: () => isRetryableByTrait, + isServerError: () => isServerError, + isThrottlingError: () => isThrottlingError, + isTransientError: () => isTransientError + }); + module2.exports = __toCommonJS2(src_exports); + var CLOCK_SKEW_ERROR_CODES = [ + "AuthFailure", + "InvalidSignatureException", + "RequestExpired", + "RequestInTheFuture", + "RequestTimeTooSkewed", + "SignatureDoesNotMatch" + ]; + var THROTTLING_ERROR_CODES = [ + "BandwidthLimitExceeded", + "EC2ThrottledException", + "LimitExceededException", + "PriorRequestNotComplete", + "ProvisionedThroughputExceededException", + "RequestLimitExceeded", + "RequestThrottled", + "RequestThrottledException", + "SlowDown", + "ThrottledException", + "Throttling", + "ThrottlingException", + "TooManyRequestsException", + "TransactionInProgressException" + // DynamoDB + ]; + var TRANSIENT_ERROR_CODES = ["TimeoutError", "RequestTimeout", "RequestTimeoutException"]; + var TRANSIENT_ERROR_STATUS_CODES = [500, 502, 503, 504]; + var NODEJS_TIMEOUT_ERROR_CODES = ["ECONNRESET", "ECONNREFUSED", "EPIPE", "ETIMEDOUT"]; + var isRetryableByTrait = /* @__PURE__ */ __name((error) => error.$retryable !== void 0, "isRetryableByTrait"); + var isClockSkewError = /* @__PURE__ */ __name((error) => CLOCK_SKEW_ERROR_CODES.includes(error.name), "isClockSkewError"); + var isClockSkewCorrectedError = /* @__PURE__ */ __name((error) => { + var _a; + return (_a = error.$metadata) == null ? void 0 : _a.clockSkewCorrected; + }, "isClockSkewCorrectedError"); + var isThrottlingError = /* @__PURE__ */ __name((error) => { + var _a, _b; + return ((_a = error.$metadata) == null ? void 0 : _a.httpStatusCode) === 429 || THROTTLING_ERROR_CODES.includes(error.name) || ((_b = error.$retryable) == null ? void 0 : _b.throttling) == true; + }, "isThrottlingError"); + var isTransientError = /* @__PURE__ */ __name((error, depth = 0) => { + var _a; + return isClockSkewCorrectedError(error) || TRANSIENT_ERROR_CODES.includes(error.name) || NODEJS_TIMEOUT_ERROR_CODES.includes((error == null ? void 0 : error.code) || "") || TRANSIENT_ERROR_STATUS_CODES.includes(((_a = error.$metadata) == null ? void 0 : _a.httpStatusCode) || 0) || error.cause !== void 0 && depth <= 10 && isTransientError(error.cause, depth + 1); + }, "isTransientError"); + var isServerError = /* @__PURE__ */ __name((error) => { + var _a; + if (((_a = error.$metadata) == null ? void 0 : _a.httpStatusCode) !== void 0) { + const statusCode = error.$metadata.httpStatusCode; + if (500 <= statusCode && statusCode <= 599 && !isTransientError(error)) { + return true; + } + return false; + } + return false; + }, "isServerError"); + } +}); + +// ../../../node_modules/@smithy/middleware-stack/dist-cjs/index.js +var require_dist_cjs36 = __commonJS({ + "../../../node_modules/@smithy/middleware-stack/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); + }; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; + }; + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + constructStack: () => constructStack + }); + module2.exports = __toCommonJS2(src_exports); + var getAllAliases = /* @__PURE__ */ __name((name, aliases) => { const _aliases = []; if (name) { _aliases.push(name); @@ -7167,7 +7676,7 @@ var require_dist_cjs32 = __commonJS({ }); // ../../../node_modules/@smithy/smithy-client/dist-cjs/index.js -var require_dist_cjs33 = __commonJS({ +var require_dist_cjs37 = __commonJS({ "../../../node_modules/@smithy/smithy-client/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; @@ -7195,9 +7704,8 @@ var require_dist_cjs33 = __commonJS({ NoOpLogger: () => NoOpLogger, SENSITIVE_STRING: () => SENSITIVE_STRING, ServiceException: () => ServiceException, - StringWrapper: () => StringWrapper, _json: () => _json, - collectBody: () => import_protocols3.collectBody, + collectBody: () => import_protocols2.collectBody, convertMap: () => convertMap, createAggregatedClient: () => createAggregatedClient, dateToUtcString: () => dateToUtcString, @@ -7215,7 +7723,7 @@ var require_dist_cjs33 = __commonJS({ expectShort: () => expectShort, expectString: () => expectString, expectUnion: () => expectUnion2, - extendedEncodeURIComponent: () => import_protocols3.extendedEncodeURIComponent, + extendedEncodeURIComponent: () => import_protocols2.extendedEncodeURIComponent, getArrayIfSingleItem: () => getArrayIfSingleItem, getDefaultClientConfiguration: () => getDefaultClientConfiguration, getDefaultExtensionConfiguration: () => getDefaultExtensionConfiguration, @@ -7235,7 +7743,7 @@ var require_dist_cjs33 = __commonJS({ parseRfc7231DateTime: () => parseRfc7231DateTime, quoteHeader: () => quoteHeader, resolveDefaultRuntimeConfig: () => resolveDefaultRuntimeConfig, - resolvedPath: () => import_protocols3.resolvedPath, + resolvedPath: () => import_protocols2.resolvedPath, serializeDateTime: () => serializeDateTime, serializeFloat: () => serializeFloat, splitEvery: () => splitEvery, @@ -7253,7 +7761,7 @@ var require_dist_cjs33 = __commonJS({ withBaseException: () => withBaseException }); module2.exports = __toCommonJS2(src_exports); - var import_middleware_stack = require_dist_cjs32(); + var import_middleware_stack = require_dist_cjs36(); var _Client = class _Client { constructor(config) { this.config = config; @@ -7301,7 +7809,7 @@ var require_dist_cjs33 = __commonJS({ }; __name(_Client, "Client"); var Client = _Client; - var import_protocols3 = (init_protocols(), __toCommonJS(protocols_exports)); + var import_protocols2 = (init_protocols(), __toCommonJS(protocols_exports)); var import_types5 = require_dist_cjs(); var _Command = class _Command { constructor() { @@ -7958,6 +8466,15 @@ var require_dist_cjs33 = __commonJS({ this.$fault = options.$fault; this.$metadata = options.$metadata; } + /** + * Checks if a value is an instance of ServiceException (duck typed) + */ + static isInstance(value) { + if (!value) + return false; + const candidate = value; + return Boolean(candidate.$fault) && Boolean(candidate.$metadata) && (candidate.$fault === "client" || candidate.$fault === "server"); + } }; __name(_ServiceException, "ServiceException"); var ServiceException = _ServiceException; @@ -8098,40 +8615,29 @@ var require_dist_cjs33 = __commonJS({ var isSerializableHeaderValue = /* @__PURE__ */ __name((value) => { return value != null; }, "isSerializableHeaderValue"); - var StringWrapper = /* @__PURE__ */ __name(function() { - const Class = Object.getPrototypeOf(this).constructor; - const Constructor = Function.bind.apply(String, [null, ...arguments]); - const instance = new Constructor(); - Object.setPrototypeOf(instance, Class.prototype); - return instance; - }, "StringWrapper"); - StringWrapper.prototype = Object.create(String.prototype, { - constructor: { - value: StringWrapper, - enumerable: false, - writable: true, - configurable: true - } - }); - Object.setPrototypeOf(StringWrapper, String); - var _LazyJsonString = class _LazyJsonString2 extends StringWrapper { - deserializeJSON() { - return JSON.parse(super.toString()); - } - toJSON() { - return super.toString(); - } - static fromObject(object) { - if (object instanceof _LazyJsonString2) { - return object; - } else if (object instanceof String || typeof object === "string") { - return new _LazyJsonString2(object); + var LazyJsonString = /* @__PURE__ */ __name(function LazyJsonString2(val2) { + const str = Object.assign(new String(val2), { + deserializeJSON() { + return JSON.parse(String(val2)); + }, + toString() { + return String(val2); + }, + toJSON() { + return String(val2); } - return new _LazyJsonString2(JSON.stringify(object)); + }); + return str; + }, "LazyJsonString"); + LazyJsonString.from = (object) => { + if (object && typeof object === "object" && (object instanceof LazyJsonString || "deserializeJSON" in object)) { + return object; + } else if (typeof object === "string" || Object.getPrototypeOf(object) === String.prototype) { + return LazyJsonString(String(object)); } + return LazyJsonString(JSON.stringify(object)); }; - __name(_LazyJsonString, "LazyJsonString"); - var LazyJsonString = _LazyJsonString; + LazyJsonString.fromObject = LazyJsonString.from; var _NoOpLogger = class _NoOpLogger { trace() { } @@ -8359,7 +8865,7 @@ var require_isStreamingPayload = __commonJS({ }); // ../../../node_modules/@smithy/middleware-retry/dist-cjs/index.js -var require_dist_cjs34 = __commonJS({ +var require_dist_cjs38 = __commonJS({ "../../../node_modules/@smithy/middleware-retry/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; @@ -8403,7 +8909,7 @@ var require_dist_cjs34 = __commonJS({ module2.exports = __toCommonJS2(src_exports); var import_protocol_http8 = require_dist_cjs2(); var import_uuid = (init_esm_node(), __toCommonJS(esm_node_exports)); - var import_util_retry = require_dist_cjs31(); + var import_util_retry = require_dist_cjs34(); var getDefaultRetryQuota = /* @__PURE__ */ __name((initialRetryTokens, options) => { const MAX_CAPACITY = initialRetryTokens; const noRetryIncrement = (options == null ? void 0 : options.noRetryIncrement) ?? import_util_retry.NO_RETRY_INCREMENT; @@ -8431,7 +8937,7 @@ var require_dist_cjs34 = __commonJS({ }); }, "getDefaultRetryQuota"); var defaultDelayDecider = /* @__PURE__ */ __name((delayBase, attempts) => Math.floor(Math.min(import_util_retry.MAXIMUM_RETRY_DELAY, Math.random() * 2 ** attempts * delayBase)), "defaultDelayDecider"); - var import_service_error_classification = require_dist_cjs30(); + var import_service_error_classification = require_dist_cjs35(); var defaultRetryDecider = /* @__PURE__ */ __name((error) => { if (!error) { return false; @@ -8623,7 +9129,7 @@ var require_dist_cjs34 = __commonJS({ clientStack.addRelativeTo(omitRetryHeadersMiddleware(), omitRetryHeadersMiddlewareOptions); } }), "getOmitRetryHeadersPlugin"); - var import_smithy_client4 = require_dist_cjs33(); + var import_smithy_client4 = require_dist_cjs37(); var import_isStreamingPayload = require_isStreamingPayload(); var retryMiddleware = /* @__PURE__ */ __name((options) => (next, context) => async (args) => { var _a; @@ -8913,12 +9419,161 @@ var init_AwsSdkSigV4ASigner = __esm({ } }); +// ../../../node_modules/@aws-sdk/core/node_modules/@smithy/property-provider/dist-cjs/index.js +var require_dist_cjs39 = __commonJS({ + "../../../node_modules/@aws-sdk/core/node_modules/@smithy/property-provider/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); + }; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; + }; + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + CredentialsProviderError: () => CredentialsProviderError, + ProviderError: () => ProviderError2, + TokenProviderError: () => TokenProviderError, + chain: () => chain, + fromStatic: () => fromStatic, + memoize: () => memoize + }); + module2.exports = __toCommonJS2(src_exports); + var _ProviderError = class _ProviderError2 extends Error { + constructor(message, options = true) { + var _a; + let logger; + let tryNextLink = true; + if (typeof options === "boolean") { + logger = void 0; + tryNextLink = options; + } else if (options != null && typeof options === "object") { + logger = options.logger; + tryNextLink = options.tryNextLink ?? true; + } + super(message); + this.name = "ProviderError"; + this.tryNextLink = tryNextLink; + Object.setPrototypeOf(this, _ProviderError2.prototype); + (_a = logger == null ? void 0 : logger.debug) == null ? void 0 : _a.call(logger, `@smithy/property-provider ${tryNextLink ? "->" : "(!)"} ${message}`); + } + /** + * @deprecated use new operator. + */ + static from(error, options = true) { + return Object.assign(new this(error.message, options), error); + } + }; + __name(_ProviderError, "ProviderError"); + var ProviderError2 = _ProviderError; + var _CredentialsProviderError = class _CredentialsProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "CredentialsProviderError"; + Object.setPrototypeOf(this, _CredentialsProviderError2.prototype); + } + }; + __name(_CredentialsProviderError, "CredentialsProviderError"); + var CredentialsProviderError = _CredentialsProviderError; + var _TokenProviderError = class _TokenProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "TokenProviderError"; + Object.setPrototypeOf(this, _TokenProviderError2.prototype); + } + }; + __name(_TokenProviderError, "TokenProviderError"); + var TokenProviderError = _TokenProviderError; + var chain = /* @__PURE__ */ __name((...providers) => async () => { + if (providers.length === 0) { + throw new ProviderError2("No providers in chain"); + } + let lastProviderError; + for (const provider of providers) { + try { + const credentials = await provider(); + return credentials; + } catch (err) { + lastProviderError = err; + if (err == null ? void 0 : err.tryNextLink) { + continue; + } + throw err; + } + } + throw lastProviderError; + }, "chain"); + var fromStatic = /* @__PURE__ */ __name((staticValue) => () => Promise.resolve(staticValue), "fromStatic"); + var memoize = /* @__PURE__ */ __name((provider, isExpired, requiresRefresh) => { + let resolved; + let pending; + let hasResult; + let isConstant = false; + const coalesceProvider = /* @__PURE__ */ __name(async () => { + if (!pending) { + pending = provider(); + } + try { + resolved = await pending; + hasResult = true; + isConstant = false; + } finally { + pending = void 0; + } + return resolved; + }, "coalesceProvider"); + if (isExpired === void 0) { + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); + } + return resolved; + }; + } + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); + } + if (isConstant) { + return resolved; + } + if (requiresRefresh && !requiresRefresh(resolved)) { + isConstant = true; + return resolved; + } + if (isExpired(resolved)) { + await coalesceProvider(); + return resolved; + } + return resolved; + }; + }, "memoize"); + } +}); + // ../../../node_modules/@aws-sdk/core/dist-es/submodules/httpAuthSchemes/aws_sdk/resolveAwsSdkSigV4AConfig.js var import_property_provider, resolveAwsSdkSigV4AConfig, NODE_SIGV4A_CONFIG_OPTIONS; var init_resolveAwsSdkSigV4AConfig = __esm({ "../../../node_modules/@aws-sdk/core/dist-es/submodules/httpAuthSchemes/aws_sdk/resolveAwsSdkSigV4AConfig.js"() { init_dist_es(); - import_property_provider = __toESM(require_dist_cjs24()); + import_property_provider = __toESM(require_dist_cjs39()); resolveAwsSdkSigV4AConfig = (config) => { config.sigv4aSigningRegionSet = normalizeProvider(config.sigv4aSigningRegionSet); return config; @@ -8945,8 +9600,72 @@ var init_resolveAwsSdkSigV4AConfig = __esm({ } }); -// ../../../node_modules/@smithy/signature-v4/dist-cjs/index.js -var require_dist_cjs35 = __commonJS({ +// ../../../node_modules/@smithy/signature-v4/node_modules/@smithy/util-hex-encoding/dist-cjs/index.js +var require_dist_cjs40 = __commonJS({ + "../../../node_modules/@smithy/signature-v4/node_modules/@smithy/util-hex-encoding/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); + }; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; + }; + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + fromHex: () => fromHex, + toHex: () => toHex + }); + module2.exports = __toCommonJS2(src_exports); + var SHORT_TO_HEX = {}; + var HEX_TO_SHORT = {}; + for (let i = 0; i < 256; i++) { + let encodedByte = i.toString(16).toLowerCase(); + if (encodedByte.length === 1) { + encodedByte = `0${encodedByte}`; + } + SHORT_TO_HEX[i] = encodedByte; + HEX_TO_SHORT[encodedByte] = i; + } + function fromHex(encoded) { + if (encoded.length % 2 !== 0) { + throw new Error("Hex encoded strings must have an even number length"); + } + const out = new Uint8Array(encoded.length / 2); + for (let i = 0; i < encoded.length; i += 2) { + const encodedByte = encoded.slice(i, i + 2).toLowerCase(); + if (encodedByte in HEX_TO_SHORT) { + out[i / 2] = HEX_TO_SHORT[encodedByte]; + } else { + throw new Error(`Cannot decode unrecognized sequence ${encodedByte} as hexadecimal`); + } + } + return out; + } + __name(fromHex, "fromHex"); + function toHex(bytes) { + let out = ""; + for (let i = 0; i < bytes.byteLength; i++) { + out += SHORT_TO_HEX[bytes[i]]; + } + return out; + } + __name(toHex, "toHex"); + } +}); + +// ../../../node_modules/@smithy/signature-v4/dist-cjs/index.js +var require_dist_cjs41 = __commonJS({ "../../../node_modules/@smithy/signature-v4/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; @@ -8980,7 +9699,7 @@ var require_dist_cjs35 = __commonJS({ }); module2.exports = __toCommonJS2(src_exports); var import_util_middleware3 = require_dist_cjs10(); - var import_util_utf84 = require_dist_cjs15(); + var import_util_utf84 = require_dist_cjs16(); var ALGORITHM_QUERY_PARAM = "X-Amz-Algorithm"; var CREDENTIAL_QUERY_PARAM = "X-Amz-Credential"; var AMZ_DATE_QUERY_PARAM = "X-Amz-Date"; @@ -9020,8 +9739,8 @@ var require_dist_cjs35 = __commonJS({ var MAX_CACHE_SIZE = 50; var KEY_TYPE_IDENTIFIER = "aws4_request"; var MAX_PRESIGNED_TTL = 60 * 60 * 24 * 7; - var import_util_hex_encoding = require_dist_cjs21(); - var import_util_utf8 = require_dist_cjs15(); + var import_util_hex_encoding = require_dist_cjs40(); + var import_util_utf8 = require_dist_cjs16(); var signingKeyCache = {}; var cacheQueue = []; var createScope = /* @__PURE__ */ __name((shortDate, region, service) => `${shortDate}/${region}/${service}/${KEY_TYPE_IDENTIFIER}`, "createScope"); @@ -9068,7 +9787,7 @@ var require_dist_cjs35 = __commonJS({ } return canonical; }, "getCanonicalHeaders"); - var import_util_uri_escape = require_dist_cjs17(); + var import_util_uri_escape = require_dist_cjs18(); var getCanonicalQuery = /* @__PURE__ */ __name(({ query = {} }) => { const keys = []; const serialized = {}; @@ -9088,7 +9807,7 @@ var require_dist_cjs35 = __commonJS({ return keys.sort().map((key) => serialized[key]).filter((serialized2) => serialized2).join("&"); }, "getCanonicalQuery"); var import_is_array_buffer = require_dist_cjs13(); - var import_util_utf82 = require_dist_cjs15(); + var import_util_utf82 = require_dist_cjs16(); var getPayloadHash = /* @__PURE__ */ __name(async ({ headers, body }, hashConstructor) => { for (const headerName of Object.keys(headers)) { if (headerName.toLowerCase() === SHA256_HEADER) { @@ -9104,7 +9823,7 @@ var require_dist_cjs35 = __commonJS({ } return UNSIGNED_PAYLOAD; }, "getPayloadHash"); - var import_util_utf83 = require_dist_cjs15(); + var import_util_utf83 = require_dist_cjs16(); var _HeaderFormatter = class _HeaderFormatter { format(headers) { const chunks = []; @@ -9506,7 +10225,7 @@ var import_signature_v4, resolveAwsSdkSigV4Config, resolveAWSSDKSigV4Config; var init_resolveAwsSdkSigV4Config = __esm({ "../../../node_modules/@aws-sdk/core/dist-es/submodules/httpAuthSchemes/aws_sdk/resolveAwsSdkSigV4Config.js"() { init_dist_es(); - import_signature_v4 = __toESM(require_dist_cjs35()); + import_signature_v4 = __toESM(require_dist_cjs41()); resolveAwsSdkSigV4Config = (config) => { let normalizedCreds; if (config.credentials) { @@ -9666,7 +10385,7 @@ var init_coercing_serializers = __esm({ var import_smithy_client, awsExpectUnion; var init_awsExpectUnion = __esm({ "../../../node_modules/@aws-sdk/core/dist-es/submodules/protocols/json/awsExpectUnion.js"() { - import_smithy_client = __toESM(require_dist_cjs33()); + import_smithy_client = __toESM(require_dist_cjs37()); awsExpectUnion = (value) => { if (value == null) { return void 0; @@ -9683,7 +10402,7 @@ var init_awsExpectUnion = __esm({ var import_smithy_client2, collectBodyString; var init_common = __esm({ "../../../node_modules/@aws-sdk/core/dist-es/submodules/protocols/common.js"() { - import_smithy_client2 = __toESM(require_dist_cjs33()); + import_smithy_client2 = __toESM(require_dist_cjs37()); collectBodyString = (streamBody, context) => (0, import_smithy_client2.collectBody)(streamBody, context).then((body) => context.utf8Encoder(body)); } }); @@ -11393,7 +12112,7 @@ var require_fxp = __commonJS({ var import_smithy_client3, import_fast_xml_parser, parseXmlBody, parseXmlErrorBody, loadRestXmlErrorCode; var init_parseXmlBody = __esm({ "../../../node_modules/@aws-sdk/core/dist-es/submodules/protocols/xml/parseXmlBody.js"() { - import_smithy_client3 = __toESM(require_dist_cjs33()); + import_smithy_client3 = __toESM(require_dist_cjs37()); import_fast_xml_parser = __toESM(require_fxp()); init_common(); parseXmlBody = (streamBody, context) => collectBodyString(streamBody, context).then((encoded) => { @@ -11898,7 +12617,7 @@ function __importStar(mod) { if (mod && mod.__esModule) return mod; var result = {}; if (mod != null) { - for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]); } __setModuleDefault(result, mod); return result; @@ -11982,7 +12701,7 @@ function __rewriteRelativeImportExtension(path, preserveJsx) { } return path; } -var extendStatics, __assign, __createBinding, __setModuleDefault, _SuppressedError, tslib_es6_default; +var extendStatics, __assign, __createBinding, __setModuleDefault, ownKeys, _SuppressedError, tslib_es6_default; var init_tslib_es6 = __esm({ "../../../node_modules/tslib/tslib.es6.mjs"() { extendStatics = function(d, b) { @@ -12021,6 +12740,14 @@ var init_tslib_es6 = __esm({ } : function(o, v) { o["default"] = v; }; + ownKeys = function(o) { + ownKeys = Object.getOwnPropertyNames || function(o2) { + var ar = []; + for (var k in o2) if (Object.prototype.hasOwnProperty.call(o2, k)) ar[ar.length] = k; + return ar; + }; + return ownKeys(o); + }; _SuppressedError = typeof SuppressedError === "function" ? SuppressedError : function(error, suppressed, message) { var e = new Error(message); return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e; @@ -12171,8 +12898,157 @@ var require_package = __commonJS({ } }); +// ../../../node_modules/@aws-sdk/credential-provider-env/node_modules/@smithy/property-provider/dist-cjs/index.js +var require_dist_cjs42 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-env/node_modules/@smithy/property-provider/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); + }; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; + }; + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + CredentialsProviderError: () => CredentialsProviderError, + ProviderError: () => ProviderError2, + TokenProviderError: () => TokenProviderError, + chain: () => chain, + fromStatic: () => fromStatic, + memoize: () => memoize + }); + module2.exports = __toCommonJS2(src_exports); + var _ProviderError = class _ProviderError2 extends Error { + constructor(message, options = true) { + var _a; + let logger; + let tryNextLink = true; + if (typeof options === "boolean") { + logger = void 0; + tryNextLink = options; + } else if (options != null && typeof options === "object") { + logger = options.logger; + tryNextLink = options.tryNextLink ?? true; + } + super(message); + this.name = "ProviderError"; + this.tryNextLink = tryNextLink; + Object.setPrototypeOf(this, _ProviderError2.prototype); + (_a = logger == null ? void 0 : logger.debug) == null ? void 0 : _a.call(logger, `@smithy/property-provider ${tryNextLink ? "->" : "(!)"} ${message}`); + } + /** + * @deprecated use new operator. + */ + static from(error, options = true) { + return Object.assign(new this(error.message, options), error); + } + }; + __name(_ProviderError, "ProviderError"); + var ProviderError2 = _ProviderError; + var _CredentialsProviderError = class _CredentialsProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "CredentialsProviderError"; + Object.setPrototypeOf(this, _CredentialsProviderError2.prototype); + } + }; + __name(_CredentialsProviderError, "CredentialsProviderError"); + var CredentialsProviderError = _CredentialsProviderError; + var _TokenProviderError = class _TokenProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "TokenProviderError"; + Object.setPrototypeOf(this, _TokenProviderError2.prototype); + } + }; + __name(_TokenProviderError, "TokenProviderError"); + var TokenProviderError = _TokenProviderError; + var chain = /* @__PURE__ */ __name((...providers) => async () => { + if (providers.length === 0) { + throw new ProviderError2("No providers in chain"); + } + let lastProviderError; + for (const provider of providers) { + try { + const credentials = await provider(); + return credentials; + } catch (err) { + lastProviderError = err; + if (err == null ? void 0 : err.tryNextLink) { + continue; + } + throw err; + } + } + throw lastProviderError; + }, "chain"); + var fromStatic = /* @__PURE__ */ __name((staticValue) => () => Promise.resolve(staticValue), "fromStatic"); + var memoize = /* @__PURE__ */ __name((provider, isExpired, requiresRefresh) => { + let resolved; + let pending; + let hasResult; + let isConstant = false; + const coalesceProvider = /* @__PURE__ */ __name(async () => { + if (!pending) { + pending = provider(); + } + try { + resolved = await pending; + hasResult = true; + isConstant = false; + } finally { + pending = void 0; + } + return resolved; + }, "coalesceProvider"); + if (isExpired === void 0) { + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); + } + return resolved; + }; + } + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); + } + if (isConstant) { + return resolved; + } + if (requiresRefresh && !requiresRefresh(resolved)) { + isConstant = true; + return resolved; + } + if (isExpired(resolved)) { + await coalesceProvider(); + return resolved; + } + return resolved; + }; + }, "memoize"); + } +}); + // ../../../node_modules/@aws-sdk/credential-provider-env/dist-cjs/index.js -var require_dist_cjs36 = __commonJS({ +var require_dist_cjs43 = __commonJS({ "../../../node_modules/@aws-sdk/credential-provider-env/dist-cjs/index.js"(exports2, module2) { "use strict"; var __defProp2 = Object.defineProperty; @@ -12204,7 +13080,7 @@ var require_dist_cjs36 = __commonJS({ fromEnv: () => fromEnv }); module2.exports = __toCommonJS2(src_exports); - var import_property_provider2 = require_dist_cjs24(); + var import_property_provider2 = require_dist_cjs42(); var ENV_KEY = "AWS_ACCESS_KEY_ID"; var ENV_SECRET = "AWS_SECRET_ACCESS_KEY"; var ENV_SESSION = "AWS_SESSION_TOKEN"; @@ -12235,785 +13111,807 @@ var require_dist_cjs36 = __commonJS({ } }); -// ../../../node_modules/@smithy/credential-provider-imds/dist-cjs/index.js -var require_dist_cjs37 = __commonJS({ - "../../../node_modules/@smithy/credential-provider-imds/dist-cjs/index.js"(exports2, module2) { - var __defProp2 = Object.defineProperty; - var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; - var __getOwnPropNames2 = Object.getOwnPropertyNames; - var __hasOwnProp2 = Object.prototype.hasOwnProperty; - var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); - var __export2 = (target, all) => { - for (var name in all) - __defProp2(target, name, { get: all[name], enumerable: true }); - }; - var __copyProps2 = (to, from, except, desc) => { - if (from && typeof from === "object" || typeof from === "function") { - for (let key of __getOwnPropNames2(from)) - if (!__hasOwnProp2.call(to, key) && key !== except) - __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); +// ../../../node_modules/@aws-sdk/credential-provider-node/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getHomeDir.js +var require_getHomeDir3 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-node/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getHomeDir.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getHomeDir = void 0; + var os_1 = require("os"); + var path_1 = require("path"); + var homeDirCache = {}; + var getHomeDirCacheKey = () => { + if (process && process.geteuid) { + return `${process.geteuid()}`; } - return to; + return "DEFAULT"; }; - var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); - var src_exports = {}; - __export2(src_exports, { - DEFAULT_MAX_RETRIES: () => DEFAULT_MAX_RETRIES, - DEFAULT_TIMEOUT: () => DEFAULT_TIMEOUT, - ENV_CMDS_AUTH_TOKEN: () => ENV_CMDS_AUTH_TOKEN, - ENV_CMDS_FULL_URI: () => ENV_CMDS_FULL_URI, - ENV_CMDS_RELATIVE_URI: () => ENV_CMDS_RELATIVE_URI, - Endpoint: () => Endpoint, - fromContainerMetadata: () => fromContainerMetadata, - fromInstanceMetadata: () => fromInstanceMetadata, - getInstanceMetadataEndpoint: () => getInstanceMetadataEndpoint, - httpRequest: () => httpRequest, - providerConfigFromInit: () => providerConfigFromInit - }); - module2.exports = __toCommonJS2(src_exports); - var import_url = require("url"); - var import_property_provider2 = require_dist_cjs24(); - var import_buffer = require("buffer"); - var import_http2 = require("http"); - function httpRequest(options) { - return new Promise((resolve, reject) => { - var _a; - const req = (0, import_http2.request)({ - method: "GET", - ...options, - // Node.js http module doesn't accept hostname with square brackets - // Refs: https://github.com/nodejs/node/issues/39738 - hostname: (_a = options.hostname) == null ? void 0 : _a.replace(/^\[(.+)\]$/, "$1") - }); - req.on("error", (err) => { - reject(Object.assign(new import_property_provider2.ProviderError("Unable to connect to instance metadata service"), err)); - req.destroy(); - }); - req.on("timeout", () => { - reject(new import_property_provider2.ProviderError("TimeoutError from instance metadata service")); - req.destroy(); - }); - req.on("response", (res) => { - const { statusCode = 400 } = res; - if (statusCode < 200 || 300 <= statusCode) { - reject( - Object.assign(new import_property_provider2.ProviderError("Error response received from instance metadata service"), { statusCode }) - ); - req.destroy(); - } - const chunks = []; - res.on("data", (chunk) => { - chunks.push(chunk); - }); - res.on("end", () => { - resolve(import_buffer.Buffer.concat(chunks)); - req.destroy(); - }); - }); - req.end(); - }); - } - __name(httpRequest, "httpRequest"); - var isImdsCredentials = /* @__PURE__ */ __name((arg) => Boolean(arg) && typeof arg === "object" && typeof arg.AccessKeyId === "string" && typeof arg.SecretAccessKey === "string" && typeof arg.Token === "string" && typeof arg.Expiration === "string", "isImdsCredentials"); - var fromImdsCredentials = /* @__PURE__ */ __name((creds) => ({ - accessKeyId: creds.AccessKeyId, - secretAccessKey: creds.SecretAccessKey, - sessionToken: creds.Token, - expiration: new Date(creds.Expiration), - ...creds.AccountId && { accountId: creds.AccountId } - }), "fromImdsCredentials"); - var DEFAULT_TIMEOUT = 1e3; - var DEFAULT_MAX_RETRIES = 0; - var providerConfigFromInit = /* @__PURE__ */ __name(({ - maxRetries = DEFAULT_MAX_RETRIES, - timeout = DEFAULT_TIMEOUT - }) => ({ maxRetries, timeout }), "providerConfigFromInit"); - var retry = /* @__PURE__ */ __name((toRetry, maxRetries) => { - let promise = toRetry(); - for (let i = 0; i < maxRetries; i++) { - promise = promise.catch(toRetry); - } - return promise; - }, "retry"); - var ENV_CMDS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI"; - var ENV_CMDS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI"; - var ENV_CMDS_AUTH_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN"; - var fromContainerMetadata = /* @__PURE__ */ __name((init = {}) => { - const { timeout, maxRetries } = providerConfigFromInit(init); - return () => retry(async () => { - const requestOptions = await getCmdsUri({ logger: init.logger }); - const credsResponse = JSON.parse(await requestFromEcsImds(timeout, requestOptions)); - if (!isImdsCredentials(credsResponse)) { - throw new import_property_provider2.CredentialsProviderError("Invalid response received from instance metadata service.", { - logger: init.logger - }); - } - return fromImdsCredentials(credsResponse); - }, maxRetries); - }, "fromContainerMetadata"); - var requestFromEcsImds = /* @__PURE__ */ __name(async (timeout, options) => { - if (process.env[ENV_CMDS_AUTH_TOKEN]) { - options.headers = { - ...options.headers, - Authorization: process.env[ENV_CMDS_AUTH_TOKEN] - }; - } - const buffer = await httpRequest({ - ...options, - timeout - }); - return buffer.toString(); - }, "requestFromEcsImds"); - var CMDS_IP = "169.254.170.2"; - var GREENGRASS_HOSTS = { - localhost: true, - "127.0.0.1": true + var getHomeDir2 = () => { + const { HOME, USERPROFILE, HOMEPATH, HOMEDRIVE = `C:${path_1.sep}` } = process.env; + if (HOME) + return HOME; + if (USERPROFILE) + return USERPROFILE; + if (HOMEPATH) + return `${HOMEDRIVE}${HOMEPATH}`; + const homeDirCacheKey = getHomeDirCacheKey(); + if (!homeDirCache[homeDirCacheKey]) + homeDirCache[homeDirCacheKey] = (0, os_1.homedir)(); + return homeDirCache[homeDirCacheKey]; }; - var GREENGRASS_PROTOCOLS = { - "http:": true, - "https:": true + exports2.getHomeDir = getHomeDir2; + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-node/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFilepath.js +var require_getSSOTokenFilepath3 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-node/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFilepath.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getSSOTokenFilepath = void 0; + var crypto_1 = require("crypto"); + var path_1 = require("path"); + var getHomeDir_1 = require_getHomeDir3(); + var getSSOTokenFilepath2 = (id) => { + const hasher = (0, crypto_1.createHash)("sha1"); + const cacheName = hasher.update(id).digest("hex"); + return (0, path_1.join)((0, getHomeDir_1.getHomeDir)(), ".aws", "sso", "cache", `${cacheName}.json`); }; - var getCmdsUri = /* @__PURE__ */ __name(async ({ logger }) => { - if (process.env[ENV_CMDS_RELATIVE_URI]) { - return { - hostname: CMDS_IP, - path: process.env[ENV_CMDS_RELATIVE_URI] - }; - } - if (process.env[ENV_CMDS_FULL_URI]) { - const parsed = (0, import_url.parse)(process.env[ENV_CMDS_FULL_URI]); - if (!parsed.hostname || !(parsed.hostname in GREENGRASS_HOSTS)) { - throw new import_property_provider2.CredentialsProviderError(`${parsed.hostname} is not a valid container metadata service hostname`, { - tryNextLink: false, - logger - }); - } - if (!parsed.protocol || !(parsed.protocol in GREENGRASS_PROTOCOLS)) { - throw new import_property_provider2.CredentialsProviderError(`${parsed.protocol} is not a valid container metadata service protocol`, { - tryNextLink: false, - logger - }); - } - return { - ...parsed, - port: parsed.port ? parseInt(parsed.port, 10) : void 0 - }; - } - throw new import_property_provider2.CredentialsProviderError( - `The container metadata credential provider cannot be used unless the ${ENV_CMDS_RELATIVE_URI} or ${ENV_CMDS_FULL_URI} environment variable is set`, - { - tryNextLink: false, - logger - } - ); - }, "getCmdsUri"); - var _InstanceMetadataV1FallbackError = class _InstanceMetadataV1FallbackError2 extends import_property_provider2.CredentialsProviderError { - constructor(message, tryNextLink = true) { - super(message, tryNextLink); - this.tryNextLink = tryNextLink; - this.name = "InstanceMetadataV1FallbackError"; - Object.setPrototypeOf(this, _InstanceMetadataV1FallbackError2.prototype); - } + exports2.getSSOTokenFilepath = getSSOTokenFilepath2; + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-node/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFromFile.js +var require_getSSOTokenFromFile3 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-node/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFromFile.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getSSOTokenFromFile = void 0; + var fs_1 = require("fs"); + var getSSOTokenFilepath_1 = require_getSSOTokenFilepath3(); + var { readFile } = fs_1.promises; + var getSSOTokenFromFile2 = async (id) => { + const ssoTokenFilepath = (0, getSSOTokenFilepath_1.getSSOTokenFilepath)(id); + const ssoTokenText = await readFile(ssoTokenFilepath, "utf8"); + return JSON.parse(ssoTokenText); }; - __name(_InstanceMetadataV1FallbackError, "InstanceMetadataV1FallbackError"); - var InstanceMetadataV1FallbackError = _InstanceMetadataV1FallbackError; - var import_node_config_provider = require_dist_cjs26(); - var import_url_parser = require_dist_cjs28(); - var Endpoint = /* @__PURE__ */ ((Endpoint2) => { - Endpoint2["IPv4"] = "http://169.254.169.254"; - Endpoint2["IPv6"] = "http://[fd00:ec2::254]"; - return Endpoint2; - })(Endpoint || {}); - var ENV_ENDPOINT_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT"; - var CONFIG_ENDPOINT_NAME = "ec2_metadata_service_endpoint"; - var ENDPOINT_CONFIG_OPTIONS = { - environmentVariableSelector: (env) => env[ENV_ENDPOINT_NAME], - configFileSelector: (profile) => profile[CONFIG_ENDPOINT_NAME], - default: void 0 + exports2.getSSOTokenFromFile = getSSOTokenFromFile2; + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-node/node_modules/@smithy/shared-ini-file-loader/dist-cjs/slurpFile.js +var require_slurpFile3 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-node/node_modules/@smithy/shared-ini-file-loader/dist-cjs/slurpFile.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.slurpFile = void 0; + var fs_1 = require("fs"); + var { readFile } = fs_1.promises; + var filePromisesHash = {}; + var slurpFile = (path, options) => { + if (!filePromisesHash[path] || (options === null || options === void 0 ? void 0 : options.ignoreCache)) { + filePromisesHash[path] = readFile(path, "utf8"); + } + return filePromisesHash[path]; }; - var EndpointMode = /* @__PURE__ */ ((EndpointMode2) => { - EndpointMode2["IPv4"] = "IPv4"; - EndpointMode2["IPv6"] = "IPv6"; - return EndpointMode2; - })(EndpointMode || {}); - var ENV_ENDPOINT_MODE_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE"; - var CONFIG_ENDPOINT_MODE_NAME = "ec2_metadata_service_endpoint_mode"; - var ENDPOINT_MODE_CONFIG_OPTIONS = { - environmentVariableSelector: (env) => env[ENV_ENDPOINT_MODE_NAME], - configFileSelector: (profile) => profile[CONFIG_ENDPOINT_MODE_NAME], - default: "IPv4" - /* IPv4 */ + exports2.slurpFile = slurpFile; + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-node/node_modules/@smithy/shared-ini-file-loader/dist-cjs/index.js +var require_dist_cjs44 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-node/node_modules/@smithy/shared-ini-file-loader/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); }; - var getInstanceMetadataEndpoint = /* @__PURE__ */ __name(async () => (0, import_url_parser.parseUrl)(await getFromEndpointConfig() || await getFromEndpointModeConfig()), "getInstanceMetadataEndpoint"); - var getFromEndpointConfig = /* @__PURE__ */ __name(async () => (0, import_node_config_provider.loadConfig)(ENDPOINT_CONFIG_OPTIONS)(), "getFromEndpointConfig"); - var getFromEndpointModeConfig = /* @__PURE__ */ __name(async () => { - const endpointMode = await (0, import_node_config_provider.loadConfig)(ENDPOINT_MODE_CONFIG_OPTIONS)(); - switch (endpointMode) { - case "IPv4": - return "http://169.254.169.254"; - case "IPv6": - return "http://[fd00:ec2::254]"; - default: - throw new Error(`Unsupported endpoint mode: ${endpointMode}. Select from ${Object.values(EndpointMode)}`); + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); } - }, "getFromEndpointModeConfig"); - var STATIC_STABILITY_REFRESH_INTERVAL_SECONDS = 5 * 60; - var STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS = 5 * 60; - var STATIC_STABILITY_DOC_URL = "https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html"; - var getExtendedInstanceMetadataCredentials = /* @__PURE__ */ __name((credentials, logger) => { - const refreshInterval = STATIC_STABILITY_REFRESH_INTERVAL_SECONDS + Math.floor(Math.random() * STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS); - const newExpiration = new Date(Date.now() + refreshInterval * 1e3); - logger.warn( - `Attempting credential expiration extension due to a credential service availability issue. A refresh of these credentials will be attempted after ${new Date(newExpiration)}. -For more information, please visit: ` + STATIC_STABILITY_DOC_URL - ); - const originalExpiration = credentials.originalExpiration ?? credentials.expiration; - return { - ...credentials, - ...originalExpiration ? { originalExpiration } : {}, - expiration: newExpiration - }; - }, "getExtendedInstanceMetadataCredentials"); - var staticStabilityProvider = /* @__PURE__ */ __name((provider, options = {}) => { - const logger = (options == null ? void 0 : options.logger) || console; - let pastCredentials; - return async () => { - let credentials; - try { - credentials = await provider(); - if (credentials.expiration && credentials.expiration.getTime() < Date.now()) { - credentials = getExtendedInstanceMetadataCredentials(credentials, logger); - } - } catch (e) { - if (pastCredentials) { - logger.warn("Credential renew failed: ", e); - credentials = getExtendedInstanceMetadataCredentials(pastCredentials, logger); - } else { - throw e; - } - } - pastCredentials = credentials; - return credentials; - }; - }, "staticStabilityProvider"); - var IMDS_PATH = "/latest/meta-data/iam/security-credentials/"; - var IMDS_TOKEN_PATH = "/latest/api/token"; - var AWS_EC2_METADATA_V1_DISABLED = "AWS_EC2_METADATA_V1_DISABLED"; - var PROFILE_AWS_EC2_METADATA_V1_DISABLED = "ec2_metadata_v1_disabled"; - var X_AWS_EC2_METADATA_TOKEN = "x-aws-ec2-metadata-token"; - var fromInstanceMetadata = /* @__PURE__ */ __name((init = {}) => staticStabilityProvider(getInstanceMetadataProvider(init), { logger: init.logger }), "fromInstanceMetadata"); - var getInstanceMetadataProvider = /* @__PURE__ */ __name((init = {}) => { - let disableFetchToken = false; - const { logger, profile } = init; - const { timeout, maxRetries } = providerConfigFromInit(init); - const getCredentials = /* @__PURE__ */ __name(async (maxRetries2, options) => { - var _a; - const isImdsV1Fallback = disableFetchToken || ((_a = options.headers) == null ? void 0 : _a[X_AWS_EC2_METADATA_TOKEN]) == null; - if (isImdsV1Fallback) { - let fallbackBlockedFromProfile = false; - let fallbackBlockedFromProcessEnv = false; - const configValue = await (0, import_node_config_provider.loadConfig)( - { - environmentVariableSelector: (env) => { - const envValue = env[AWS_EC2_METADATA_V1_DISABLED]; - fallbackBlockedFromProcessEnv = !!envValue && envValue !== "false"; - if (envValue === void 0) { - throw new import_property_provider2.CredentialsProviderError( - `${AWS_EC2_METADATA_V1_DISABLED} not set in env, checking config file next.`, - { logger: init.logger } - ); - } - return fallbackBlockedFromProcessEnv; - }, - configFileSelector: (profile2) => { - const profileValue = profile2[PROFILE_AWS_EC2_METADATA_V1_DISABLED]; - fallbackBlockedFromProfile = !!profileValue && profileValue !== "false"; - return fallbackBlockedFromProfile; - }, - default: false - }, - { - profile - } - )(); - if (init.ec2MetadataV1Disabled || configValue) { - const causes = []; - if (init.ec2MetadataV1Disabled) - causes.push("credential provider initialization (runtime option ec2MetadataV1Disabled)"); - if (fallbackBlockedFromProfile) - causes.push(`config file profile (${PROFILE_AWS_EC2_METADATA_V1_DISABLED})`); - if (fallbackBlockedFromProcessEnv) - causes.push(`process environment variable (${AWS_EC2_METADATA_V1_DISABLED})`); - throw new InstanceMetadataV1FallbackError( - `AWS EC2 Metadata v1 fallback has been blocked by AWS SDK configuration in the following: [${causes.join( - ", " - )}].` - ); - } - } - const imdsProfile = (await retry(async () => { - let profile2; - try { - profile2 = await getProfile(options); - } catch (err) { - if (err.statusCode === 401) { - disableFetchToken = false; + return to; + }; + var __reExport = (target, mod, secondTarget) => (__copyProps2(target, mod, "default"), secondTarget && __copyProps2(secondTarget, mod, "default")); + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + CONFIG_PREFIX_SEPARATOR: () => CONFIG_PREFIX_SEPARATOR, + DEFAULT_PROFILE: () => DEFAULT_PROFILE, + ENV_PROFILE: () => ENV_PROFILE, + getProfileName: () => getProfileName, + loadSharedConfigFiles: () => loadSharedConfigFiles, + loadSsoSessionData: () => loadSsoSessionData, + parseKnownFiles: () => parseKnownFiles + }); + module2.exports = __toCommonJS2(src_exports); + __reExport(src_exports, require_getHomeDir3(), module2.exports); + var ENV_PROFILE = "AWS_PROFILE"; + var DEFAULT_PROFILE = "default"; + var getProfileName = /* @__PURE__ */ __name((init) => init.profile || process.env[ENV_PROFILE] || DEFAULT_PROFILE, "getProfileName"); + __reExport(src_exports, require_getSSOTokenFilepath3(), module2.exports); + __reExport(src_exports, require_getSSOTokenFromFile3(), module2.exports); + var import_types5 = require_dist_cjs(); + var getConfigData = /* @__PURE__ */ __name((data) => Object.entries(data).filter(([key]) => { + const indexOfSeparator = key.indexOf(CONFIG_PREFIX_SEPARATOR); + if (indexOfSeparator === -1) { + return false; + } + return Object.values(import_types5.IniSectionType).includes(key.substring(0, indexOfSeparator)); + }).reduce( + (acc, [key, value]) => { + const indexOfSeparator = key.indexOf(CONFIG_PREFIX_SEPARATOR); + const updatedKey = key.substring(0, indexOfSeparator) === import_types5.IniSectionType.PROFILE ? key.substring(indexOfSeparator + 1) : key; + acc[updatedKey] = value; + return acc; + }, + { + // Populate default profile, if present. + ...data.default && { default: data.default } + } + ), "getConfigData"); + var import_path = require("path"); + var import_getHomeDir = require_getHomeDir3(); + var ENV_CONFIG_PATH = "AWS_CONFIG_FILE"; + var getConfigFilepath = /* @__PURE__ */ __name(() => process.env[ENV_CONFIG_PATH] || (0, import_path.join)((0, import_getHomeDir.getHomeDir)(), ".aws", "config"), "getConfigFilepath"); + var import_getHomeDir2 = require_getHomeDir3(); + var ENV_CREDENTIALS_PATH = "AWS_SHARED_CREDENTIALS_FILE"; + var getCredentialsFilepath = /* @__PURE__ */ __name(() => process.env[ENV_CREDENTIALS_PATH] || (0, import_path.join)((0, import_getHomeDir2.getHomeDir)(), ".aws", "credentials"), "getCredentialsFilepath"); + var import_getHomeDir3 = require_getHomeDir3(); + var prefixKeyRegex = /^([\w-]+)\s(["'])?([\w-@\+\.%:/]+)\2$/; + var profileNameBlockList = ["__proto__", "profile __proto__"]; + var parseIni = /* @__PURE__ */ __name((iniData) => { + const map = {}; + let currentSection; + let currentSubSection; + for (const iniLine of iniData.split(/\r?\n/)) { + const trimmedLine = iniLine.split(/(^|\s)[;#]/)[0].trim(); + const isSection = trimmedLine[0] === "[" && trimmedLine[trimmedLine.length - 1] === "]"; + if (isSection) { + currentSection = void 0; + currentSubSection = void 0; + const sectionName = trimmedLine.substring(1, trimmedLine.length - 1); + const matches = prefixKeyRegex.exec(sectionName); + if (matches) { + const [, prefix, , name] = matches; + if (Object.values(import_types5.IniSectionType).includes(prefix)) { + currentSection = [prefix, name].join(CONFIG_PREFIX_SEPARATOR); } - throw err; + } else { + currentSection = sectionName; } - return profile2; - }, maxRetries2)).trim(); - return retry(async () => { - let creds; - try { - creds = await getCredentialsFromProfile(imdsProfile, options, init); - } catch (err) { - if (err.statusCode === 401) { - disableFetchToken = false; - } - throw err; + if (profileNameBlockList.includes(sectionName)) { + throw new Error(`Found invalid profile name "${sectionName}"`); } - return creds; - }, maxRetries2); - }, "getCredentials"); - return async () => { - const endpoint = await getInstanceMetadataEndpoint(); - if (disableFetchToken) { - logger == null ? void 0 : logger.debug("AWS SDK Instance Metadata", "using v1 fallback (no token fetch)"); - return getCredentials(maxRetries, { ...endpoint, timeout }); - } else { - let token; - try { - token = (await getMetadataToken({ ...endpoint, timeout })).toString(); - } catch (error) { - if ((error == null ? void 0 : error.statusCode) === 400) { - throw Object.assign(error, { - message: "EC2 Metadata token request returned error" - }); - } else if (error.message === "TimeoutError" || [403, 404, 405].includes(error.statusCode)) { - disableFetchToken = true; + } else if (currentSection) { + const indexOfEqualsSign = trimmedLine.indexOf("="); + if (![0, -1].includes(indexOfEqualsSign)) { + const [name, value] = [ + trimmedLine.substring(0, indexOfEqualsSign).trim(), + trimmedLine.substring(indexOfEqualsSign + 1).trim() + ]; + if (value === "") { + currentSubSection = name; + } else { + if (currentSubSection && iniLine.trimStart() === iniLine) { + currentSubSection = void 0; + } + map[currentSection] = map[currentSection] || {}; + const key = currentSubSection ? [currentSubSection, name].join(CONFIG_PREFIX_SEPARATOR) : name; + map[currentSection][key] = value; } - logger == null ? void 0 : logger.debug("AWS SDK Instance Metadata", "using v1 fallback (initial)"); - return getCredentials(maxRetries, { ...endpoint, timeout }); } - return getCredentials(maxRetries, { - ...endpoint, - headers: { - [X_AWS_EC2_METADATA_TOKEN]: token - }, - timeout - }); } - }; - }, "getInstanceMetadataProvider"); - var getMetadataToken = /* @__PURE__ */ __name(async (options) => httpRequest({ - ...options, - path: IMDS_TOKEN_PATH, - method: "PUT", - headers: { - "x-aws-ec2-metadata-token-ttl-seconds": "21600" } - }), "getMetadataToken"); - var getProfile = /* @__PURE__ */ __name(async (options) => (await httpRequest({ ...options, path: IMDS_PATH })).toString(), "getProfile"); - var getCredentialsFromProfile = /* @__PURE__ */ __name(async (profile, options, init) => { - const credentialsResponse = JSON.parse( - (await httpRequest({ - ...options, - path: IMDS_PATH + profile - })).toString() - ); - if (!isImdsCredentials(credentialsResponse)) { - throw new import_property_provider2.CredentialsProviderError("Invalid response received from instance metadata service.", { - logger: init.logger - }); + return map; + }, "parseIni"); + var import_slurpFile = require_slurpFile3(); + var swallowError = /* @__PURE__ */ __name(() => ({}), "swallowError"); + var CONFIG_PREFIX_SEPARATOR = "."; + var loadSharedConfigFiles = /* @__PURE__ */ __name(async (init = {}) => { + const { filepath = getCredentialsFilepath(), configFilepath = getConfigFilepath() } = init; + const homeDir = (0, import_getHomeDir3.getHomeDir)(); + const relativeHomeDirPrefix = "~/"; + let resolvedFilepath = filepath; + if (filepath.startsWith(relativeHomeDirPrefix)) { + resolvedFilepath = (0, import_path.join)(homeDir, filepath.slice(2)); } - return fromImdsCredentials(credentialsResponse); - }, "getCredentialsFromProfile"); - } -}); - -// ../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/fromHttp/checkUrl.js -var require_checkUrl = __commonJS({ - "../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/fromHttp/checkUrl.js"(exports2) { - "use strict"; - Object.defineProperty(exports2, "__esModule", { value: true }); - exports2.checkUrl = void 0; - var property_provider_1 = require_dist_cjs24(); - var ECS_CONTAINER_HOST = "169.254.170.2"; - var EKS_CONTAINER_HOST_IPv4 = "169.254.170.23"; - var EKS_CONTAINER_HOST_IPv6 = "[fd00:ec2::23]"; - var checkUrl = (url2, logger) => { - if (url2.protocol === "https:") { - return; - } - if (url2.hostname === ECS_CONTAINER_HOST || url2.hostname === EKS_CONTAINER_HOST_IPv4 || url2.hostname === EKS_CONTAINER_HOST_IPv6) { - return; + let resolvedConfigFilepath = configFilepath; + if (configFilepath.startsWith(relativeHomeDirPrefix)) { + resolvedConfigFilepath = (0, import_path.join)(homeDir, configFilepath.slice(2)); } - if (url2.hostname.includes("[")) { - if (url2.hostname === "[::1]" || url2.hostname === "[0000:0000:0000:0000:0000:0000:0000:0001]") { - return; - } - } else { - if (url2.hostname === "localhost") { - return; - } - const ipComponents = url2.hostname.split("."); - const inRange = (component) => { - const num = parseInt(component, 10); - return 0 <= num && num <= 255; - }; - if (ipComponents[0] === "127" && inRange(ipComponents[1]) && inRange(ipComponents[2]) && inRange(ipComponents[3]) && ipComponents.length === 4) { - return; + const parsedFiles = await Promise.all([ + (0, import_slurpFile.slurpFile)(resolvedConfigFilepath, { + ignoreCache: init.ignoreCache + }).then(parseIni).then(getConfigData).catch(swallowError), + (0, import_slurpFile.slurpFile)(resolvedFilepath, { + ignoreCache: init.ignoreCache + }).then(parseIni).catch(swallowError) + ]); + return { + configFile: parsedFiles[0], + credentialsFile: parsedFiles[1] + }; + }, "loadSharedConfigFiles"); + var getSsoSessionData = /* @__PURE__ */ __name((data) => Object.entries(data).filter(([key]) => key.startsWith(import_types5.IniSectionType.SSO_SESSION + CONFIG_PREFIX_SEPARATOR)).reduce((acc, [key, value]) => ({ ...acc, [key.substring(key.indexOf(CONFIG_PREFIX_SEPARATOR) + 1)]: value }), {}), "getSsoSessionData"); + var import_slurpFile2 = require_slurpFile3(); + var swallowError2 = /* @__PURE__ */ __name(() => ({}), "swallowError"); + var loadSsoSessionData = /* @__PURE__ */ __name(async (init = {}) => (0, import_slurpFile2.slurpFile)(init.configFilepath ?? getConfigFilepath()).then(parseIni).then(getSsoSessionData).catch(swallowError2), "loadSsoSessionData"); + var mergeConfigFiles = /* @__PURE__ */ __name((...files) => { + const merged = {}; + for (const file of files) { + for (const [key, values] of Object.entries(file)) { + if (merged[key] !== void 0) { + Object.assign(merged[key], values); + } else { + merged[key] = values; + } } } - throw new property_provider_1.CredentialsProviderError(`URL not accepted. It must either be HTTPS or match one of the following: - - loopback CIDR 127.0.0.0/8 or [::1/128] - - ECS container host 169.254.170.2 - - EKS container host 169.254.170.23 or [fd00:ec2::23]`, { logger }); - }; - exports2.checkUrl = checkUrl; + return merged; + }, "mergeConfigFiles"); + var parseKnownFiles = /* @__PURE__ */ __name(async (init) => { + const parsedFiles = await loadSharedConfigFiles(init); + return mergeConfigFiles(parsedFiles.configFile, parsedFiles.credentialsFile); + }, "parseKnownFiles"); } }); -// ../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/fromHttp/requestHelpers.js -var require_requestHelpers = __commonJS({ - "../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/fromHttp/requestHelpers.js"(exports2) { - "use strict"; - Object.defineProperty(exports2, "__esModule", { value: true }); - exports2.getCredentials = exports2.createGetRequest = void 0; - var property_provider_1 = require_dist_cjs24(); - var protocol_http_1 = require_dist_cjs2(); - var smithy_client_1 = require_dist_cjs33(); - var util_stream_1 = require_dist_cjs22(); - function createGetRequest(url2) { - return new protocol_http_1.HttpRequest({ - protocol: url2.protocol, - hostname: url2.hostname, - port: Number(url2.port), - path: url2.pathname, - query: Array.from(url2.searchParams.entries()).reduce((acc, [k, v]) => { - acc[k] = v; - return acc; - }, {}), - fragment: url2.hash - }); - } - exports2.createGetRequest = createGetRequest; - async function getCredentials(response, logger) { - const stream = (0, util_stream_1.sdkStreamMixin)(response.body); - const str = await stream.transformToString(); - if (response.statusCode === 200) { - const parsed = JSON.parse(str); - if (typeof parsed.AccessKeyId !== "string" || typeof parsed.SecretAccessKey !== "string" || typeof parsed.Token !== "string" || typeof parsed.Expiration !== "string") { - throw new property_provider_1.CredentialsProviderError("HTTP credential provider response not of the required format, an object matching: { AccessKeyId: string, SecretAccessKey: string, Token: string, Expiration: string(rfc3339) }", { logger }); +// ../../../node_modules/@aws-sdk/credential-provider-node/node_modules/@smithy/property-provider/dist-cjs/index.js +var require_dist_cjs45 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-node/node_modules/@smithy/property-provider/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); + }; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; + }; + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + CredentialsProviderError: () => CredentialsProviderError, + ProviderError: () => ProviderError2, + TokenProviderError: () => TokenProviderError, + chain: () => chain, + fromStatic: () => fromStatic, + memoize: () => memoize + }); + module2.exports = __toCommonJS2(src_exports); + var _ProviderError = class _ProviderError2 extends Error { + constructor(message, options = true) { + var _a; + let logger; + let tryNextLink = true; + if (typeof options === "boolean") { + logger = void 0; + tryNextLink = options; + } else if (options != null && typeof options === "object") { + logger = options.logger; + tryNextLink = options.tryNextLink ?? true; } - return { - accessKeyId: parsed.AccessKeyId, - secretAccessKey: parsed.SecretAccessKey, - sessionToken: parsed.Token, - expiration: (0, smithy_client_1.parseRfc3339DateTime)(parsed.Expiration) - }; + super(message); + this.name = "ProviderError"; + this.tryNextLink = tryNextLink; + Object.setPrototypeOf(this, _ProviderError2.prototype); + (_a = logger == null ? void 0 : logger.debug) == null ? void 0 : _a.call(logger, `@smithy/property-provider ${tryNextLink ? "->" : "(!)"} ${message}`); } - if (response.statusCode >= 400 && response.statusCode < 500) { - let parsedBody = {}; + /** + * @deprecated use new operator. + */ + static from(error, options = true) { + return Object.assign(new this(error.message, options), error); + } + }; + __name(_ProviderError, "ProviderError"); + var ProviderError2 = _ProviderError; + var _CredentialsProviderError = class _CredentialsProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "CredentialsProviderError"; + Object.setPrototypeOf(this, _CredentialsProviderError2.prototype); + } + }; + __name(_CredentialsProviderError, "CredentialsProviderError"); + var CredentialsProviderError = _CredentialsProviderError; + var _TokenProviderError = class _TokenProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "TokenProviderError"; + Object.setPrototypeOf(this, _TokenProviderError2.prototype); + } + }; + __name(_TokenProviderError, "TokenProviderError"); + var TokenProviderError = _TokenProviderError; + var chain = /* @__PURE__ */ __name((...providers) => async () => { + if (providers.length === 0) { + throw new ProviderError2("No providers in chain"); + } + let lastProviderError; + for (const provider of providers) { try { - parsedBody = JSON.parse(str); - } catch (e) { + const credentials = await provider(); + return credentials; + } catch (err) { + lastProviderError = err; + if (err == null ? void 0 : err.tryNextLink) { + continue; + } + throw err; } - throw Object.assign(new property_provider_1.CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger }), { - Code: parsedBody.Code, - Message: parsedBody.Message - }); } - throw new property_provider_1.CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger }); - } - exports2.getCredentials = getCredentials; + throw lastProviderError; + }, "chain"); + var fromStatic = /* @__PURE__ */ __name((staticValue) => () => Promise.resolve(staticValue), "fromStatic"); + var memoize = /* @__PURE__ */ __name((provider, isExpired, requiresRefresh) => { + let resolved; + let pending; + let hasResult; + let isConstant = false; + const coalesceProvider = /* @__PURE__ */ __name(async () => { + if (!pending) { + pending = provider(); + } + try { + resolved = await pending; + hasResult = true; + isConstant = false; + } finally { + pending = void 0; + } + return resolved; + }, "coalesceProvider"); + if (isExpired === void 0) { + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); + } + return resolved; + }; + } + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); + } + if (isConstant) { + return resolved; + } + if (requiresRefresh && !requiresRefresh(resolved)) { + isConstant = true; + return resolved; + } + if (isExpired(resolved)) { + await coalesceProvider(); + return resolved; + } + return resolved; + }; + }, "memoize"); } }); -// ../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/fromHttp/retry-wrapper.js -var require_retry_wrapper = __commonJS({ - "../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/fromHttp/retry-wrapper.js"(exports2) { - "use strict"; - Object.defineProperty(exports2, "__esModule", { value: true }); - exports2.retryWrapper = void 0; - var retryWrapper = (toRetry, maxRetries, delayMs) => { - return async () => { - for (let i = 0; i < maxRetries; ++i) { - try { - return await toRetry(); - } catch (e) { - await new Promise((resolve) => setTimeout(resolve, delayMs)); - } - } - return await toRetry(); - }; +// ../../../node_modules/@aws-sdk/credential-provider-node/node_modules/@smithy/credential-provider-imds/dist-cjs/index.js +var require_dist_cjs46 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-node/node_modules/@smithy/credential-provider-imds/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); }; - exports2.retryWrapper = retryWrapper; - } -}); - -// ../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/fromHttp/fromHttp.js -var require_fromHttp = __commonJS({ - "../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/fromHttp/fromHttp.js"(exports2) { - "use strict"; - Object.defineProperty(exports2, "__esModule", { value: true }); - exports2.fromHttp = void 0; - var tslib_1 = (init_tslib_es6(), __toCommonJS(tslib_es6_exports)); - var node_http_handler_1 = require_dist_cjs19(); - var property_provider_1 = require_dist_cjs24(); - var promises_1 = tslib_1.__importDefault(require("fs/promises")); - var checkUrl_1 = require_checkUrl(); - var requestHelpers_1 = require_requestHelpers(); - var retry_wrapper_1 = require_retry_wrapper(); - var AWS_CONTAINER_CREDENTIALS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI"; - var DEFAULT_LINK_LOCAL_HOST = "http://169.254.170.2"; - var AWS_CONTAINER_CREDENTIALS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI"; - var AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE"; - var AWS_CONTAINER_AUTHORIZATION_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN"; - var fromHttp = (options = {}) => { - options.logger?.debug("@aws-sdk/credential-provider-http - fromHttp"); - let host; - const relative = options.awsContainerCredentialsRelativeUri ?? process.env[AWS_CONTAINER_CREDENTIALS_RELATIVE_URI]; - const full = options.awsContainerCredentialsFullUri ?? process.env[AWS_CONTAINER_CREDENTIALS_FULL_URI]; - const token = options.awsContainerAuthorizationToken ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN]; - const tokenFile = options.awsContainerAuthorizationTokenFile ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE]; - const warn = options.logger?.constructor?.name === "NoOpLogger" || !options.logger ? console.warn : options.logger.warn; - if (relative && full) { - warn("@aws-sdk/credential-provider-http: you have set both awsContainerCredentialsRelativeUri and awsContainerCredentialsFullUri."); - warn("awsContainerCredentialsFullUri will take precedence."); + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); } - if (token && tokenFile) { - warn("@aws-sdk/credential-provider-http: you have set both awsContainerAuthorizationToken and awsContainerAuthorizationTokenFile."); - warn("awsContainerAuthorizationToken will take precedence."); + return to; + }; + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + DEFAULT_MAX_RETRIES: () => DEFAULT_MAX_RETRIES, + DEFAULT_TIMEOUT: () => DEFAULT_TIMEOUT, + ENV_CMDS_AUTH_TOKEN: () => ENV_CMDS_AUTH_TOKEN, + ENV_CMDS_FULL_URI: () => ENV_CMDS_FULL_URI, + ENV_CMDS_RELATIVE_URI: () => ENV_CMDS_RELATIVE_URI, + Endpoint: () => Endpoint, + fromContainerMetadata: () => fromContainerMetadata, + fromInstanceMetadata: () => fromInstanceMetadata, + getInstanceMetadataEndpoint: () => getInstanceMetadataEndpoint, + httpRequest: () => httpRequest, + providerConfigFromInit: () => providerConfigFromInit + }); + module2.exports = __toCommonJS2(src_exports); + var import_url = require("url"); + var import_property_provider2 = require_dist_cjs45(); + var import_buffer = require("buffer"); + var import_http2 = require("http"); + function httpRequest(options) { + return new Promise((resolve, reject) => { + var _a; + const req = (0, import_http2.request)({ + method: "GET", + ...options, + // Node.js http module doesn't accept hostname with square brackets + // Refs: https://github.com/nodejs/node/issues/39738 + hostname: (_a = options.hostname) == null ? void 0 : _a.replace(/^\[(.+)\]$/, "$1") + }); + req.on("error", (err) => { + reject(Object.assign(new import_property_provider2.ProviderError("Unable to connect to instance metadata service"), err)); + req.destroy(); + }); + req.on("timeout", () => { + reject(new import_property_provider2.ProviderError("TimeoutError from instance metadata service")); + req.destroy(); + }); + req.on("response", (res) => { + const { statusCode = 400 } = res; + if (statusCode < 200 || 300 <= statusCode) { + reject( + Object.assign(new import_property_provider2.ProviderError("Error response received from instance metadata service"), { statusCode }) + ); + req.destroy(); + } + const chunks = []; + res.on("data", (chunk) => { + chunks.push(chunk); + }); + res.on("end", () => { + resolve(import_buffer.Buffer.concat(chunks)); + req.destroy(); + }); + }); + req.end(); + }); + } + __name(httpRequest, "httpRequest"); + var isImdsCredentials = /* @__PURE__ */ __name((arg) => Boolean(arg) && typeof arg === "object" && typeof arg.AccessKeyId === "string" && typeof arg.SecretAccessKey === "string" && typeof arg.Token === "string" && typeof arg.Expiration === "string", "isImdsCredentials"); + var fromImdsCredentials = /* @__PURE__ */ __name((creds) => ({ + accessKeyId: creds.AccessKeyId, + secretAccessKey: creds.SecretAccessKey, + sessionToken: creds.Token, + expiration: new Date(creds.Expiration), + ...creds.AccountId && { accountId: creds.AccountId } + }), "fromImdsCredentials"); + var DEFAULT_TIMEOUT = 1e3; + var DEFAULT_MAX_RETRIES = 0; + var providerConfigFromInit = /* @__PURE__ */ __name(({ + maxRetries = DEFAULT_MAX_RETRIES, + timeout = DEFAULT_TIMEOUT + }) => ({ maxRetries, timeout }), "providerConfigFromInit"); + var retry = /* @__PURE__ */ __name((toRetry, maxRetries) => { + let promise = toRetry(); + for (let i = 0; i < maxRetries; i++) { + promise = promise.catch(toRetry); } - if (full) { - host = full; - } else if (relative) { - host = `${DEFAULT_LINK_LOCAL_HOST}${relative}`; - } else { - throw new property_provider_1.CredentialsProviderError(`No HTTP credential provider host provided. -Set AWS_CONTAINER_CREDENTIALS_FULL_URI or AWS_CONTAINER_CREDENTIALS_RELATIVE_URI.`, { logger: options.logger }); + return promise; + }, "retry"); + var ENV_CMDS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI"; + var ENV_CMDS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI"; + var ENV_CMDS_AUTH_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN"; + var fromContainerMetadata = /* @__PURE__ */ __name((init = {}) => { + const { timeout, maxRetries } = providerConfigFromInit(init); + return () => retry(async () => { + const requestOptions = await getCmdsUri({ logger: init.logger }); + const credsResponse = JSON.parse(await requestFromEcsImds(timeout, requestOptions)); + if (!isImdsCredentials(credsResponse)) { + throw new import_property_provider2.CredentialsProviderError("Invalid response received from instance metadata service.", { + logger: init.logger + }); + } + return fromImdsCredentials(credsResponse); + }, maxRetries); + }, "fromContainerMetadata"); + var requestFromEcsImds = /* @__PURE__ */ __name(async (timeout, options) => { + if (process.env[ENV_CMDS_AUTH_TOKEN]) { + options.headers = { + ...options.headers, + Authorization: process.env[ENV_CMDS_AUTH_TOKEN] + }; } - const url2 = new URL(host); - (0, checkUrl_1.checkUrl)(url2, options.logger); - const requestHandler = new node_http_handler_1.NodeHttpHandler({ - requestTimeout: options.timeout ?? 1e3, - connectionTimeout: options.timeout ?? 1e3 + const buffer = await httpRequest({ + ...options, + timeout }); - return (0, retry_wrapper_1.retryWrapper)(async () => { - const request2 = (0, requestHelpers_1.createGetRequest)(url2); - if (token) { - request2.headers.Authorization = token; - } else if (tokenFile) { - request2.headers.Authorization = (await promises_1.default.readFile(tokenFile)).toString(); + return buffer.toString(); + }, "requestFromEcsImds"); + var CMDS_IP = "169.254.170.2"; + var GREENGRASS_HOSTS = { + localhost: true, + "127.0.0.1": true + }; + var GREENGRASS_PROTOCOLS = { + "http:": true, + "https:": true + }; + var getCmdsUri = /* @__PURE__ */ __name(async ({ logger }) => { + if (process.env[ENV_CMDS_RELATIVE_URI]) { + return { + hostname: CMDS_IP, + path: process.env[ENV_CMDS_RELATIVE_URI] + }; + } + if (process.env[ENV_CMDS_FULL_URI]) { + const parsed = (0, import_url.parse)(process.env[ENV_CMDS_FULL_URI]); + if (!parsed.hostname || !(parsed.hostname in GREENGRASS_HOSTS)) { + throw new import_property_provider2.CredentialsProviderError(`${parsed.hostname} is not a valid container metadata service hostname`, { + tryNextLink: false, + logger + }); } - try { - const result = await requestHandler.handle(request2); - return (0, requestHelpers_1.getCredentials)(result.response); - } catch (e) { - throw new property_provider_1.CredentialsProviderError(String(e), { logger: options.logger }); + if (!parsed.protocol || !(parsed.protocol in GREENGRASS_PROTOCOLS)) { + throw new import_property_provider2.CredentialsProviderError(`${parsed.protocol} is not a valid container metadata service protocol`, { + tryNextLink: false, + logger + }); } - }, options.maxRetries ?? 3, options.timeout ?? 1e3); + return { + ...parsed, + port: parsed.port ? parseInt(parsed.port, 10) : void 0 + }; + } + throw new import_property_provider2.CredentialsProviderError( + `The container metadata credential provider cannot be used unless the ${ENV_CMDS_RELATIVE_URI} or ${ENV_CMDS_FULL_URI} environment variable is set`, + { + tryNextLink: false, + logger + } + ); + }, "getCmdsUri"); + var _InstanceMetadataV1FallbackError = class _InstanceMetadataV1FallbackError2 extends import_property_provider2.CredentialsProviderError { + constructor(message, tryNextLink = true) { + super(message, tryNextLink); + this.tryNextLink = tryNextLink; + this.name = "InstanceMetadataV1FallbackError"; + Object.setPrototypeOf(this, _InstanceMetadataV1FallbackError2.prototype); + } }; - exports2.fromHttp = fromHttp; - } -}); - -// ../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/index.js -var require_dist_cjs38 = __commonJS({ - "../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/index.js"(exports2) { - "use strict"; - Object.defineProperty(exports2, "__esModule", { value: true }); - exports2.fromHttp = void 0; - var fromHttp_1 = require_fromHttp(); - Object.defineProperty(exports2, "fromHttp", { enumerable: true, get: function() { - return fromHttp_1.fromHttp; - } }); - } -}); - -// ../../../node_modules/@aws-sdk/client-sso/dist-cjs/auth/httpAuthSchemeProvider.js -var require_httpAuthSchemeProvider2 = __commonJS({ - "../../../node_modules/@aws-sdk/client-sso/dist-cjs/auth/httpAuthSchemeProvider.js"(exports2) { - "use strict"; - Object.defineProperty(exports2, "__esModule", { value: true }); - exports2.resolveHttpAuthSchemeConfig = exports2.defaultSSOHttpAuthSchemeProvider = exports2.defaultSSOHttpAuthSchemeParametersProvider = void 0; - var core_1 = (init_dist_es2(), __toCommonJS(dist_es_exports2)); - var util_middleware_1 = require_dist_cjs10(); - var defaultSSOHttpAuthSchemeParametersProvider = async (config, context, input) => { - return { - operation: (0, util_middleware_1.getSmithyContext)(context).operation, - region: await (0, util_middleware_1.normalizeProvider)(config.region)() || (() => { - throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); - })() - }; + __name(_InstanceMetadataV1FallbackError, "InstanceMetadataV1FallbackError"); + var InstanceMetadataV1FallbackError = _InstanceMetadataV1FallbackError; + var import_node_config_provider = require_dist_cjs28(); + var import_url_parser = require_dist_cjs31(); + var Endpoint = /* @__PURE__ */ ((Endpoint2) => { + Endpoint2["IPv4"] = "http://169.254.169.254"; + Endpoint2["IPv6"] = "http://[fd00:ec2::254]"; + return Endpoint2; + })(Endpoint || {}); + var ENV_ENDPOINT_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT"; + var CONFIG_ENDPOINT_NAME = "ec2_metadata_service_endpoint"; + var ENDPOINT_CONFIG_OPTIONS = { + environmentVariableSelector: (env) => env[ENV_ENDPOINT_NAME], + configFileSelector: (profile) => profile[CONFIG_ENDPOINT_NAME], + default: void 0 }; - exports2.defaultSSOHttpAuthSchemeParametersProvider = defaultSSOHttpAuthSchemeParametersProvider; - function createAwsAuthSigv4HttpAuthOption(authParameters) { - return { - schemeId: "aws.auth#sigv4", - signingProperties: { - name: "awsssoportal", - region: authParameters.region - }, - propertiesExtractor: (config, context) => ({ - signingProperties: { - config, - context - } - }) - }; - } - function createSmithyApiNoAuthHttpAuthOption(authParameters) { + var EndpointMode = /* @__PURE__ */ ((EndpointMode2) => { + EndpointMode2["IPv4"] = "IPv4"; + EndpointMode2["IPv6"] = "IPv6"; + return EndpointMode2; + })(EndpointMode || {}); + var ENV_ENDPOINT_MODE_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE"; + var CONFIG_ENDPOINT_MODE_NAME = "ec2_metadata_service_endpoint_mode"; + var ENDPOINT_MODE_CONFIG_OPTIONS = { + environmentVariableSelector: (env) => env[ENV_ENDPOINT_MODE_NAME], + configFileSelector: (profile) => profile[CONFIG_ENDPOINT_MODE_NAME], + default: "IPv4" + /* IPv4 */ + }; + var getInstanceMetadataEndpoint = /* @__PURE__ */ __name(async () => (0, import_url_parser.parseUrl)(await getFromEndpointConfig() || await getFromEndpointModeConfig()), "getInstanceMetadataEndpoint"); + var getFromEndpointConfig = /* @__PURE__ */ __name(async () => (0, import_node_config_provider.loadConfig)(ENDPOINT_CONFIG_OPTIONS)(), "getFromEndpointConfig"); + var getFromEndpointModeConfig = /* @__PURE__ */ __name(async () => { + const endpointMode = await (0, import_node_config_provider.loadConfig)(ENDPOINT_MODE_CONFIG_OPTIONS)(); + switch (endpointMode) { + case "IPv4": + return "http://169.254.169.254"; + case "IPv6": + return "http://[fd00:ec2::254]"; + default: + throw new Error(`Unsupported endpoint mode: ${endpointMode}. Select from ${Object.values(EndpointMode)}`); + } + }, "getFromEndpointModeConfig"); + var STATIC_STABILITY_REFRESH_INTERVAL_SECONDS = 5 * 60; + var STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS = 5 * 60; + var STATIC_STABILITY_DOC_URL = "https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html"; + var getExtendedInstanceMetadataCredentials = /* @__PURE__ */ __name((credentials, logger) => { + const refreshInterval = STATIC_STABILITY_REFRESH_INTERVAL_SECONDS + Math.floor(Math.random() * STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS); + const newExpiration = new Date(Date.now() + refreshInterval * 1e3); + logger.warn( + `Attempting credential expiration extension due to a credential service availability issue. A refresh of these credentials will be attempted after ${new Date(newExpiration)}. +For more information, please visit: ` + STATIC_STABILITY_DOC_URL + ); + const originalExpiration = credentials.originalExpiration ?? credentials.expiration; return { - schemeId: "smithy.api#noAuth" + ...credentials, + ...originalExpiration ? { originalExpiration } : {}, + expiration: newExpiration }; - } - var defaultSSOHttpAuthSchemeProvider = (authParameters) => { - const options = []; - switch (authParameters.operation) { - case "GetRoleCredentials": { - options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); - break; - } - case "ListAccountRoles": { - options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); - break; - } - case "ListAccounts": { - options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); - break; + }, "getExtendedInstanceMetadataCredentials"); + var staticStabilityProvider = /* @__PURE__ */ __name((provider, options = {}) => { + const logger = (options == null ? void 0 : options.logger) || console; + let pastCredentials; + return async () => { + let credentials; + try { + credentials = await provider(); + if (credentials.expiration && credentials.expiration.getTime() < Date.now()) { + credentials = getExtendedInstanceMetadataCredentials(credentials, logger); + } + } catch (e) { + if (pastCredentials) { + logger.warn("Credential renew failed: ", e); + credentials = getExtendedInstanceMetadataCredentials(pastCredentials, logger); + } else { + throw e; + } } - case "Logout": { - options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); - break; + pastCredentials = credentials; + return credentials; + }; + }, "staticStabilityProvider"); + var IMDS_PATH = "/latest/meta-data/iam/security-credentials/"; + var IMDS_TOKEN_PATH = "/latest/api/token"; + var AWS_EC2_METADATA_V1_DISABLED = "AWS_EC2_METADATA_V1_DISABLED"; + var PROFILE_AWS_EC2_METADATA_V1_DISABLED = "ec2_metadata_v1_disabled"; + var X_AWS_EC2_METADATA_TOKEN = "x-aws-ec2-metadata-token"; + var fromInstanceMetadata = /* @__PURE__ */ __name((init = {}) => staticStabilityProvider(getInstanceMetadataProvider(init), { logger: init.logger }), "fromInstanceMetadata"); + var getInstanceMetadataProvider = /* @__PURE__ */ __name((init = {}) => { + let disableFetchToken = false; + const { logger, profile } = init; + const { timeout, maxRetries } = providerConfigFromInit(init); + const getCredentials = /* @__PURE__ */ __name(async (maxRetries2, options) => { + var _a; + const isImdsV1Fallback = disableFetchToken || ((_a = options.headers) == null ? void 0 : _a[X_AWS_EC2_METADATA_TOKEN]) == null; + if (isImdsV1Fallback) { + let fallbackBlockedFromProfile = false; + let fallbackBlockedFromProcessEnv = false; + const configValue = await (0, import_node_config_provider.loadConfig)( + { + environmentVariableSelector: (env) => { + const envValue = env[AWS_EC2_METADATA_V1_DISABLED]; + fallbackBlockedFromProcessEnv = !!envValue && envValue !== "false"; + if (envValue === void 0) { + throw new import_property_provider2.CredentialsProviderError( + `${AWS_EC2_METADATA_V1_DISABLED} not set in env, checking config file next.`, + { logger: init.logger } + ); + } + return fallbackBlockedFromProcessEnv; + }, + configFileSelector: (profile2) => { + const profileValue = profile2[PROFILE_AWS_EC2_METADATA_V1_DISABLED]; + fallbackBlockedFromProfile = !!profileValue && profileValue !== "false"; + return fallbackBlockedFromProfile; + }, + default: false + }, + { + profile + } + )(); + if (init.ec2MetadataV1Disabled || configValue) { + const causes = []; + if (init.ec2MetadataV1Disabled) + causes.push("credential provider initialization (runtime option ec2MetadataV1Disabled)"); + if (fallbackBlockedFromProfile) + causes.push(`config file profile (${PROFILE_AWS_EC2_METADATA_V1_DISABLED})`); + if (fallbackBlockedFromProcessEnv) + causes.push(`process environment variable (${AWS_EC2_METADATA_V1_DISABLED})`); + throw new InstanceMetadataV1FallbackError( + `AWS EC2 Metadata v1 fallback has been blocked by AWS SDK configuration in the following: [${causes.join( + ", " + )}].` + ); + } } - default: { - options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + const imdsProfile = (await retry(async () => { + let profile2; + try { + profile2 = await getProfile(options); + } catch (err) { + if (err.statusCode === 401) { + disableFetchToken = false; + } + throw err; + } + return profile2; + }, maxRetries2)).trim(); + return retry(async () => { + let creds; + try { + creds = await getCredentialsFromProfile(imdsProfile, options, init); + } catch (err) { + if (err.statusCode === 401) { + disableFetchToken = false; + } + throw err; + } + return creds; + }, maxRetries2); + }, "getCredentials"); + return async () => { + const endpoint = await getInstanceMetadataEndpoint(); + if (disableFetchToken) { + logger == null ? void 0 : logger.debug("AWS SDK Instance Metadata", "using v1 fallback (no token fetch)"); + return getCredentials(maxRetries, { ...endpoint, timeout }); + } else { + let token; + try { + token = (await getMetadataToken({ ...endpoint, timeout })).toString(); + } catch (error) { + if ((error == null ? void 0 : error.statusCode) === 400) { + throw Object.assign(error, { + message: "EC2 Metadata token request returned error" + }); + } else if (error.message === "TimeoutError" || [403, 404, 405].includes(error.statusCode)) { + disableFetchToken = true; + } + logger == null ? void 0 : logger.debug("AWS SDK Instance Metadata", "using v1 fallback (initial)"); + return getCredentials(maxRetries, { ...endpoint, timeout }); + } + return getCredentials(maxRetries, { + ...endpoint, + headers: { + [X_AWS_EC2_METADATA_TOKEN]: token + }, + timeout + }); } - } - return options; - }; - exports2.defaultSSOHttpAuthSchemeProvider = defaultSSOHttpAuthSchemeProvider; - var resolveHttpAuthSchemeConfig = (config) => { - const config_0 = (0, core_1.resolveAwsSdkSigV4Config)(config); - return { - ...config_0 }; - }; - exports2.resolveHttpAuthSchemeConfig = resolveHttpAuthSchemeConfig; - } -}); - -// ../../../node_modules/@aws-sdk/client-sso/package.json -var require_package2 = __commonJS({ - "../../../node_modules/@aws-sdk/client-sso/package.json"(exports2, module2) { - module2.exports = { - name: "@aws-sdk/client-sso", - description: "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", - version: "3.632.0", - scripts: { - build: "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'", - "build:cjs": "node ../../scripts/compilation/inline client-sso", - "build:es": "tsc -p tsconfig.es.json", - "build:include:deps": "lerna run --scope $npm_package_name --include-dependencies build", - "build:types": "tsc -p tsconfig.types.json", - "build:types:downlevel": "downlevel-dts dist-types dist-types/ts3.4", - clean: "rimraf ./dist-* && rimraf *.tsbuildinfo", - "extract:docs": "api-extractor run --local", - "generate:client": "node ../../scripts/generate-clients/single-service --solo sso" - }, - main: "./dist-cjs/index.js", - types: "./dist-types/index.d.ts", - module: "./dist-es/index.js", - sideEffects: false, - dependencies: { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "3.629.0", - "@aws-sdk/middleware-host-header": "3.620.0", - "@aws-sdk/middleware-logger": "3.609.0", - "@aws-sdk/middleware-recursion-detection": "3.620.0", - "@aws-sdk/middleware-user-agent": "3.632.0", - "@aws-sdk/region-config-resolver": "3.614.0", - "@aws-sdk/types": "3.609.0", - "@aws-sdk/util-endpoints": "3.632.0", - "@aws-sdk/util-user-agent-browser": "3.609.0", - "@aws-sdk/util-user-agent-node": "3.614.0", - "@smithy/config-resolver": "^3.0.5", - "@smithy/core": "^2.3.2", - "@smithy/fetch-http-handler": "^3.2.4", - "@smithy/hash-node": "^3.0.3", - "@smithy/invalid-dependency": "^3.0.3", - "@smithy/middleware-content-length": "^3.0.5", - "@smithy/middleware-endpoint": "^3.1.0", - "@smithy/middleware-retry": "^3.0.14", - "@smithy/middleware-serde": "^3.0.3", - "@smithy/middleware-stack": "^3.0.3", - "@smithy/node-config-provider": "^3.1.4", - "@smithy/node-http-handler": "^3.1.4", - "@smithy/protocol-http": "^4.1.0", - "@smithy/smithy-client": "^3.1.12", - "@smithy/types": "^3.3.0", - "@smithy/url-parser": "^3.0.3", - "@smithy/util-base64": "^3.0.0", - "@smithy/util-body-length-browser": "^3.0.0", - "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.14", - "@smithy/util-defaults-mode-node": "^3.0.14", - "@smithy/util-endpoints": "^2.0.5", - "@smithy/util-middleware": "^3.0.3", - "@smithy/util-retry": "^3.0.3", - "@smithy/util-utf8": "^3.0.0", - tslib: "^2.6.2" - }, - devDependencies: { - "@tsconfig/node16": "16.1.3", - "@types/node": "^16.18.96", - concurrently: "7.0.0", - "downlevel-dts": "0.10.1", - rimraf: "3.0.2", - typescript: "~4.9.5" - }, - engines: { - node: ">=16.0.0" - }, - typesVersions: { - "<4.0": { - "dist-types/*": [ - "dist-types/ts3.4/*" - ] - } - }, - files: [ - "dist-*/**" - ], - author: { - name: "AWS SDK for JavaScript Team", - url: "https://aws.amazon.com/javascript/" - }, - license: "Apache-2.0", - browser: { - "./dist-es/runtimeConfig": "./dist-es/runtimeConfig.browser" - }, - "react-native": { - "./dist-es/runtimeConfig": "./dist-es/runtimeConfig.native" - }, - homepage: "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", - repository: { - type: "git", - url: "https://github.com/aws/aws-sdk-js-v3.git", - directory: "clients/client-sso" + }, "getInstanceMetadataProvider"); + var getMetadataToken = /* @__PURE__ */ __name(async (options) => httpRequest({ + ...options, + path: IMDS_TOKEN_PATH, + method: "PUT", + headers: { + "x-aws-ec2-metadata-token-ttl-seconds": "21600" } - }; + }), "getMetadataToken"); + var getProfile = /* @__PURE__ */ __name(async (options) => (await httpRequest({ ...options, path: IMDS_PATH })).toString(), "getProfile"); + var getCredentialsFromProfile = /* @__PURE__ */ __name(async (profile, options, init) => { + const credentialsResponse = JSON.parse( + (await httpRequest({ + ...options, + path: IMDS_PATH + profile + })).toString() + ); + if (!isImdsCredentials(credentialsResponse)) { + throw new import_property_provider2.CredentialsProviderError("Invalid response received from instance metadata service.", { + logger: init.logger + }); + } + return fromImdsCredentials(credentialsResponse); + }, "getCredentialsFromProfile"); } }); -// ../../../node_modules/@aws-sdk/util-user-agent-node/dist-cjs/index.js -var require_dist_cjs39 = __commonJS({ - "../../../node_modules/@aws-sdk/util-user-agent-node/dist-cjs/index.js"(exports2, module2) { - "use strict"; +// ../../../node_modules/@aws-sdk/credential-provider-http/node_modules/@smithy/property-provider/dist-cjs/index.js +var require_dist_cjs47 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-http/node_modules/@smithy/property-provider/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; var __getOwnPropNames2 = Object.getOwnPropertyNames; @@ -13034,541 +13932,513 @@ var require_dist_cjs39 = __commonJS({ var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var src_exports = {}; __export2(src_exports, { - UA_APP_ID_ENV_NAME: () => UA_APP_ID_ENV_NAME, - UA_APP_ID_INI_NAME: () => UA_APP_ID_INI_NAME, - crtAvailability: () => crtAvailability, - defaultUserAgent: () => defaultUserAgent + CredentialsProviderError: () => CredentialsProviderError, + ProviderError: () => ProviderError2, + TokenProviderError: () => TokenProviderError, + chain: () => chain, + fromStatic: () => fromStatic, + memoize: () => memoize }); module2.exports = __toCommonJS2(src_exports); - var import_node_config_provider = require_dist_cjs26(); - var import_os = require("os"); - var import_process = require("process"); - var crtAvailability = { - isCrtAvailable: false - }; - var isCrtAvailable = /* @__PURE__ */ __name(() => { - if (crtAvailability.isCrtAvailable) { - return ["md/crt-avail"]; - } - return null; - }, "isCrtAvailable"); - var UA_APP_ID_ENV_NAME = "AWS_SDK_UA_APP_ID"; - var UA_APP_ID_INI_NAME = "sdk-ua-app-id"; - var defaultUserAgent = /* @__PURE__ */ __name(({ serviceId, clientVersion }) => { - const sections = [ - // sdk-metadata - ["aws-sdk-js", clientVersion], - // ua-metadata - ["ua", "2.0"], - // os-metadata - [`os/${(0, import_os.platform)()}`, (0, import_os.release)()], - // language-metadata - // ECMAScript edition doesn't matter in JS, so no version needed. - ["lang/js"], - ["md/nodejs", `${import_process.versions.node}`] - ]; - const crtAvailable = isCrtAvailable(); - if (crtAvailable) { - sections.push(crtAvailable); + var _ProviderError = class _ProviderError2 extends Error { + constructor(message, options = true) { + var _a; + let logger; + let tryNextLink = true; + if (typeof options === "boolean") { + logger = void 0; + tryNextLink = options; + } else if (options != null && typeof options === "object") { + logger = options.logger; + tryNextLink = options.tryNextLink ?? true; + } + super(message); + this.name = "ProviderError"; + this.tryNextLink = tryNextLink; + Object.setPrototypeOf(this, _ProviderError2.prototype); + (_a = logger == null ? void 0 : logger.debug) == null ? void 0 : _a.call(logger, `@smithy/property-provider ${tryNextLink ? "->" : "(!)"} ${message}`); } - if (serviceId) { - sections.push([`api/${serviceId}`, clientVersion]); + /** + * @deprecated use new operator. + */ + static from(error, options = true) { + return Object.assign(new this(error.message, options), error); } - if (import_process.env.AWS_EXECUTION_ENV) { - sections.push([`exec-env/${import_process.env.AWS_EXECUTION_ENV}`]); + }; + __name(_ProviderError, "ProviderError"); + var ProviderError2 = _ProviderError; + var _CredentialsProviderError = class _CredentialsProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "CredentialsProviderError"; + Object.setPrototypeOf(this, _CredentialsProviderError2.prototype); } - const appIdPromise = (0, import_node_config_provider.loadConfig)({ - environmentVariableSelector: (env2) => env2[UA_APP_ID_ENV_NAME], - configFileSelector: (profile) => profile[UA_APP_ID_INI_NAME], - default: void 0 - })(); - let resolvedUserAgent = void 0; - return async () => { - if (!resolvedUserAgent) { - const appId = await appIdPromise; - resolvedUserAgent = appId ? [...sections, [`app/${appId}`]] : [...sections]; - } - return resolvedUserAgent; - }; - }, "defaultUserAgent"); - } -}); - -// ../../../node_modules/@smithy/hash-node/dist-cjs/index.js -var require_dist_cjs40 = __commonJS({ - "../../../node_modules/@smithy/hash-node/dist-cjs/index.js"(exports2, module2) { - var __defProp2 = Object.defineProperty; - var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; - var __getOwnPropNames2 = Object.getOwnPropertyNames; - var __hasOwnProp2 = Object.prototype.hasOwnProperty; - var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); - var __export2 = (target, all) => { - for (var name in all) - __defProp2(target, name, { get: all[name], enumerable: true }); }; - var __copyProps2 = (to, from, except, desc) => { - if (from && typeof from === "object" || typeof from === "function") { - for (let key of __getOwnPropNames2(from)) - if (!__hasOwnProp2.call(to, key) && key !== except) - __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + __name(_CredentialsProviderError, "CredentialsProviderError"); + var CredentialsProviderError = _CredentialsProviderError; + var _TokenProviderError = class _TokenProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "TokenProviderError"; + Object.setPrototypeOf(this, _TokenProviderError2.prototype); } - return to; }; - var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); - var src_exports = {}; - __export2(src_exports, { - Hash: () => Hash - }); - module2.exports = __toCommonJS2(src_exports); - var import_util_buffer_from = require_dist_cjs14(); - var import_util_utf8 = require_dist_cjs15(); - var import_buffer = require("buffer"); - var import_crypto5 = require("crypto"); - var _Hash = class _Hash { - constructor(algorithmIdentifier, secret) { - this.algorithmIdentifier = algorithmIdentifier; - this.secret = secret; - this.reset(); + __name(_TokenProviderError, "TokenProviderError"); + var TokenProviderError = _TokenProviderError; + var chain = /* @__PURE__ */ __name((...providers) => async () => { + if (providers.length === 0) { + throw new ProviderError2("No providers in chain"); } - update(toHash, encoding) { - this.hash.update((0, import_util_utf8.toUint8Array)(castSourceData(toHash, encoding))); - } - digest() { - return Promise.resolve(this.hash.digest()); - } - reset() { - this.hash = this.secret ? (0, import_crypto5.createHmac)(this.algorithmIdentifier, castSourceData(this.secret)) : (0, import_crypto5.createHash)(this.algorithmIdentifier); - } - }; - __name(_Hash, "Hash"); - var Hash = _Hash; - function castSourceData(toCast, encoding) { - if (import_buffer.Buffer.isBuffer(toCast)) { - return toCast; - } - if (typeof toCast === "string") { - return (0, import_util_buffer_from.fromString)(toCast, encoding); + let lastProviderError; + for (const provider of providers) { + try { + const credentials = await provider(); + return credentials; + } catch (err) { + lastProviderError = err; + if (err == null ? void 0 : err.tryNextLink) { + continue; + } + throw err; + } } - if (ArrayBuffer.isView(toCast)) { - return (0, import_util_buffer_from.fromArrayBuffer)(toCast.buffer, toCast.byteOffset, toCast.byteLength); + throw lastProviderError; + }, "chain"); + var fromStatic = /* @__PURE__ */ __name((staticValue) => () => Promise.resolve(staticValue), "fromStatic"); + var memoize = /* @__PURE__ */ __name((provider, isExpired, requiresRefresh) => { + let resolved; + let pending; + let hasResult; + let isConstant = false; + const coalesceProvider = /* @__PURE__ */ __name(async () => { + if (!pending) { + pending = provider(); + } + try { + resolved = await pending; + hasResult = true; + isConstant = false; + } finally { + pending = void 0; + } + return resolved; + }, "coalesceProvider"); + if (isExpired === void 0) { + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); + } + return resolved; + }; } - return (0, import_util_buffer_from.fromArrayBuffer)(toCast); - } - __name(castSourceData, "castSourceData"); + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); + } + if (isConstant) { + return resolved; + } + if (requiresRefresh && !requiresRefresh(resolved)) { + isConstant = true; + return resolved; + } + if (isExpired(resolved)) { + await coalesceProvider(); + return resolved; + } + return resolved; + }; + }, "memoize"); } }); -// ../../../node_modules/@smithy/util-body-length-node/dist-cjs/index.js -var require_dist_cjs41 = __commonJS({ - "../../../node_modules/@smithy/util-body-length-node/dist-cjs/index.js"(exports2, module2) { - var __defProp2 = Object.defineProperty; - var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; - var __getOwnPropNames2 = Object.getOwnPropertyNames; - var __hasOwnProp2 = Object.prototype.hasOwnProperty; - var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); - var __export2 = (target, all) => { - for (var name in all) - __defProp2(target, name, { get: all[name], enumerable: true }); - }; - var __copyProps2 = (to, from, except, desc) => { - if (from && typeof from === "object" || typeof from === "function") { - for (let key of __getOwnPropNames2(from)) - if (!__hasOwnProp2.call(to, key) && key !== except) - __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); +// ../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/fromHttp/checkUrl.js +var require_checkUrl = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/fromHttp/checkUrl.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.checkUrl = void 0; + var property_provider_1 = require_dist_cjs47(); + var ECS_CONTAINER_HOST = "169.254.170.2"; + var EKS_CONTAINER_HOST_IPv4 = "169.254.170.23"; + var EKS_CONTAINER_HOST_IPv6 = "[fd00:ec2::23]"; + var checkUrl = (url2, logger) => { + if (url2.protocol === "https:") { + return; } - return to; - }; - var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); - var src_exports = {}; - __export2(src_exports, { - calculateBodyLength: () => calculateBodyLength - }); - module2.exports = __toCommonJS2(src_exports); - var import_fs = require("fs"); - var calculateBodyLength = /* @__PURE__ */ __name((body) => { - if (!body) { - return 0; + if (url2.hostname === ECS_CONTAINER_HOST || url2.hostname === EKS_CONTAINER_HOST_IPv4 || url2.hostname === EKS_CONTAINER_HOST_IPv6) { + return; } - if (typeof body === "string") { - return Buffer.byteLength(body); - } else if (typeof body.byteLength === "number") { - return body.byteLength; - } else if (typeof body.size === "number") { - return body.size; - } else if (typeof body.start === "number" && typeof body.end === "number") { - return body.end + 1 - body.start; - } else if (typeof body.path === "string" || Buffer.isBuffer(body.path)) { - return (0, import_fs.lstatSync)(body.path).size; - } else if (typeof body.fd === "number") { - return (0, import_fs.fstatSync)(body.fd).size; + if (url2.hostname.includes("[")) { + if (url2.hostname === "[::1]" || url2.hostname === "[0000:0000:0000:0000:0000:0000:0000:0001]") { + return; + } + } else { + if (url2.hostname === "localhost") { + return; + } + const ipComponents = url2.hostname.split("."); + const inRange = (component) => { + const num = parseInt(component, 10); + return 0 <= num && num <= 255; + }; + if (ipComponents[0] === "127" && inRange(ipComponents[1]) && inRange(ipComponents[2]) && inRange(ipComponents[3]) && ipComponents.length === 4) { + return; + } } - throw new Error(`Body Length computation failed for ${body}`); - }, "calculateBodyLength"); + throw new property_provider_1.CredentialsProviderError(`URL not accepted. It must either be HTTPS or match one of the following: + - loopback CIDR 127.0.0.0/8 or [::1/128] + - ECS container host 169.254.170.2 + - EKS container host 169.254.170.23 or [fd00:ec2::23]`, { logger }); + }; + exports2.checkUrl = checkUrl; } }); -// ../../../node_modules/@aws-sdk/client-sso/dist-cjs/endpoint/ruleset.js -var require_ruleset = __commonJS({ - "../../../node_modules/@aws-sdk/client-sso/dist-cjs/endpoint/ruleset.js"(exports2) { +// ../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/fromHttp/requestHelpers.js +var require_requestHelpers = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/fromHttp/requestHelpers.js"(exports2) { "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); - exports2.ruleSet = void 0; - var u = "required"; - var v = "fn"; - var w = "argv"; - var x = "ref"; - var a = true; - var b = "isSet"; - var c = "booleanEquals"; - var d = "error"; - var e = "endpoint"; - var f = "tree"; - var g = "PartitionResult"; - var h = "getAttr"; - var i = { [u]: false, "type": "String" }; - var j = { [u]: true, "default": false, "type": "Boolean" }; - var k = { [x]: "Endpoint" }; - var l = { [v]: c, [w]: [{ [x]: "UseFIPS" }, true] }; - var m = { [v]: c, [w]: [{ [x]: "UseDualStack" }, true] }; - var n = {}; - var o = { [v]: h, [w]: [{ [x]: g }, "supportsFIPS"] }; - var p = { [x]: g }; - var q = { [v]: c, [w]: [true, { [v]: h, [w]: [p, "supportsDualStack"] }] }; - var r = [l]; - var s = [m]; - var t = [{ [x]: "Region" }]; - var _data = { version: "1.0", parameters: { Region: i, UseDualStack: j, UseFIPS: j, Endpoint: i }, rules: [{ conditions: [{ [v]: b, [w]: [k] }], rules: [{ conditions: r, error: "Invalid Configuration: FIPS and custom endpoint are not supported", type: d }, { conditions: s, error: "Invalid Configuration: Dualstack and custom endpoint are not supported", type: d }, { endpoint: { url: k, properties: n, headers: n }, type: e }], type: f }, { conditions: [{ [v]: b, [w]: t }], rules: [{ conditions: [{ [v]: "aws.partition", [w]: t, assign: g }], rules: [{ conditions: [l, m], rules: [{ conditions: [{ [v]: c, [w]: [a, o] }, q], rules: [{ endpoint: { url: "https://portal.sso-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "FIPS and DualStack are enabled, but this partition does not support one or both", type: d }], type: f }, { conditions: r, rules: [{ conditions: [{ [v]: c, [w]: [o, a] }], rules: [{ conditions: [{ [v]: "stringEquals", [w]: [{ [v]: h, [w]: [p, "name"] }, "aws-us-gov"] }], endpoint: { url: "https://portal.sso.{Region}.amazonaws.com", properties: n, headers: n }, type: e }, { endpoint: { url: "https://portal.sso-fips.{Region}.{PartitionResult#dnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "FIPS is enabled but this partition does not support FIPS", type: d }], type: f }, { conditions: s, rules: [{ conditions: [q], rules: [{ endpoint: { url: "https://portal.sso.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "DualStack is enabled but this partition does not support DualStack", type: d }], type: f }, { endpoint: { url: "https://portal.sso.{Region}.{PartitionResult#dnsSuffix}", properties: n, headers: n }, type: e }], type: f }], type: f }, { error: "Invalid Configuration: Missing Region", type: d }] }; - exports2.ruleSet = _data; + exports2.getCredentials = exports2.createGetRequest = void 0; + var property_provider_1 = require_dist_cjs47(); + var protocol_http_1 = require_dist_cjs2(); + var smithy_client_1 = require_dist_cjs37(); + var util_stream_1 = require_dist_cjs24(); + function createGetRequest(url2) { + return new protocol_http_1.HttpRequest({ + protocol: url2.protocol, + hostname: url2.hostname, + port: Number(url2.port), + path: url2.pathname, + query: Array.from(url2.searchParams.entries()).reduce((acc, [k, v]) => { + acc[k] = v; + return acc; + }, {}), + fragment: url2.hash + }); + } + exports2.createGetRequest = createGetRequest; + async function getCredentials(response, logger) { + const stream = (0, util_stream_1.sdkStreamMixin)(response.body); + const str = await stream.transformToString(); + if (response.statusCode === 200) { + const parsed = JSON.parse(str); + if (typeof parsed.AccessKeyId !== "string" || typeof parsed.SecretAccessKey !== "string" || typeof parsed.Token !== "string" || typeof parsed.Expiration !== "string") { + throw new property_provider_1.CredentialsProviderError("HTTP credential provider response not of the required format, an object matching: { AccessKeyId: string, SecretAccessKey: string, Token: string, Expiration: string(rfc3339) }", { logger }); + } + return { + accessKeyId: parsed.AccessKeyId, + secretAccessKey: parsed.SecretAccessKey, + sessionToken: parsed.Token, + expiration: (0, smithy_client_1.parseRfc3339DateTime)(parsed.Expiration) + }; + } + if (response.statusCode >= 400 && response.statusCode < 500) { + let parsedBody = {}; + try { + parsedBody = JSON.parse(str); + } catch (e) { + } + throw Object.assign(new property_provider_1.CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger }), { + Code: parsedBody.Code, + Message: parsedBody.Message + }); + } + throw new property_provider_1.CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger }); + } + exports2.getCredentials = getCredentials; } }); -// ../../../node_modules/@aws-sdk/client-sso/dist-cjs/endpoint/endpointResolver.js -var require_endpointResolver = __commonJS({ - "../../../node_modules/@aws-sdk/client-sso/dist-cjs/endpoint/endpointResolver.js"(exports2) { +// ../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/fromHttp/retry-wrapper.js +var require_retry_wrapper = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/fromHttp/retry-wrapper.js"(exports2) { "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); - exports2.defaultEndpointResolver = void 0; - var util_endpoints_1 = require_dist_cjs7(); - var util_endpoints_2 = require_dist_cjs6(); - var ruleset_1 = require_ruleset(); - var defaultEndpointResolver = (endpointParams, context = {}) => { - return (0, util_endpoints_2.resolveEndpoint)(ruleset_1.ruleSet, { - endpointParams, - logger: context.logger - }); - }; - exports2.defaultEndpointResolver = defaultEndpointResolver; - util_endpoints_2.customEndpointFunctions.aws = util_endpoints_1.awsEndpointFunctions; - } -}); - -// ../../../node_modules/@aws-sdk/client-sso/dist-cjs/runtimeConfig.shared.js -var require_runtimeConfig_shared = __commonJS({ - "../../../node_modules/@aws-sdk/client-sso/dist-cjs/runtimeConfig.shared.js"(exports2) { - "use strict"; - Object.defineProperty(exports2, "__esModule", { value: true }); - exports2.getRuntimeConfig = void 0; - var core_1 = (init_dist_es2(), __toCommonJS(dist_es_exports2)); - var core_2 = (init_dist_es(), __toCommonJS(dist_es_exports)); - var smithy_client_1 = require_dist_cjs33(); - var url_parser_1 = require_dist_cjs28(); - var util_base64_1 = require_dist_cjs16(); - var util_utf8_1 = require_dist_cjs15(); - var httpAuthSchemeProvider_1 = require_httpAuthSchemeProvider2(); - var endpointResolver_1 = require_endpointResolver(); - var getRuntimeConfig = (config) => { - return { - apiVersion: "2019-06-10", - base64Decoder: config?.base64Decoder ?? util_base64_1.fromBase64, - base64Encoder: config?.base64Encoder ?? util_base64_1.toBase64, - disableHostPrefix: config?.disableHostPrefix ?? false, - endpointProvider: config?.endpointProvider ?? endpointResolver_1.defaultEndpointResolver, - extensions: config?.extensions ?? [], - httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? httpAuthSchemeProvider_1.defaultSSOHttpAuthSchemeProvider, - httpAuthSchemes: config?.httpAuthSchemes ?? [ - { - schemeId: "aws.auth#sigv4", - identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"), - signer: new core_1.AwsSdkSigV4Signer() - }, - { - schemeId: "smithy.api#noAuth", - identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})), - signer: new core_2.NoAuthSigner() + exports2.retryWrapper = void 0; + var retryWrapper = (toRetry, maxRetries, delayMs) => { + return async () => { + for (let i = 0; i < maxRetries; ++i) { + try { + return await toRetry(); + } catch (e) { + await new Promise((resolve) => setTimeout(resolve, delayMs)); } - ], - logger: config?.logger ?? new smithy_client_1.NoOpLogger(), - serviceId: config?.serviceId ?? "SSO", - urlParser: config?.urlParser ?? url_parser_1.parseUrl, - utf8Decoder: config?.utf8Decoder ?? util_utf8_1.fromUtf8, - utf8Encoder: config?.utf8Encoder ?? util_utf8_1.toUtf8 + } + return await toRetry(); }; }; - exports2.getRuntimeConfig = getRuntimeConfig; + exports2.retryWrapper = retryWrapper; } }); -// ../../../node_modules/@smithy/util-defaults-mode-node/dist-cjs/index.js -var require_dist_cjs42 = __commonJS({ - "../../../node_modules/@smithy/util-defaults-mode-node/dist-cjs/index.js"(exports2, module2) { - var __create2 = Object.create; - var __defProp2 = Object.defineProperty; - var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; - var __getOwnPropNames2 = Object.getOwnPropertyNames; - var __getProtoOf2 = Object.getPrototypeOf; - var __hasOwnProp2 = Object.prototype.hasOwnProperty; - var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); - var __export2 = (target, all) => { - for (var name in all) - __defProp2(target, name, { get: all[name], enumerable: true }); - }; - var __copyProps2 = (to, from, except, desc) => { - if (from && typeof from === "object" || typeof from === "function") { - for (let key of __getOwnPropNames2(from)) - if (!__hasOwnProp2.call(to, key) && key !== except) - __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); - } - return to; - }; - var __toESM2 = (mod, isNodeMode, target) => (target = mod != null ? __create2(__getProtoOf2(mod)) : {}, __copyProps2( - // If the importer is in node compatibility mode or this is not an ESM - // file that has been converted to a CommonJS file using a Babel- - // compatible transform (i.e. "__esModule" has not been set), then set - // "default" to the CommonJS "module.exports" for node compatibility. - isNodeMode || !mod || !mod.__esModule ? __defProp2(target, "default", { value: mod, enumerable: true }) : target, - mod - )); - var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); - var src_exports = {}; - __export2(src_exports, { - resolveDefaultsModeConfig: () => resolveDefaultsModeConfig - }); - module2.exports = __toCommonJS2(src_exports); - var import_config_resolver = require_dist_cjs11(); - var import_node_config_provider = require_dist_cjs26(); - var import_property_provider2 = require_dist_cjs24(); - var AWS_EXECUTION_ENV = "AWS_EXECUTION_ENV"; - var AWS_REGION_ENV = "AWS_REGION"; - var AWS_DEFAULT_REGION_ENV = "AWS_DEFAULT_REGION"; - var ENV_IMDS_DISABLED = "AWS_EC2_METADATA_DISABLED"; - var DEFAULTS_MODE_OPTIONS = ["in-region", "cross-region", "mobile", "standard", "legacy"]; - var IMDS_REGION_PATH = "/latest/meta-data/placement/region"; - var AWS_DEFAULTS_MODE_ENV = "AWS_DEFAULTS_MODE"; - var AWS_DEFAULTS_MODE_CONFIG = "defaults_mode"; - var NODE_DEFAULTS_MODE_CONFIG_OPTIONS = { - environmentVariableSelector: (env) => { - return env[AWS_DEFAULTS_MODE_ENV]; - }, - configFileSelector: (profile) => { - return profile[AWS_DEFAULTS_MODE_CONFIG]; - }, - default: "legacy" - }; - var resolveDefaultsModeConfig = /* @__PURE__ */ __name(({ - region = (0, import_node_config_provider.loadConfig)(import_config_resolver.NODE_REGION_CONFIG_OPTIONS), - defaultsMode = (0, import_node_config_provider.loadConfig)(NODE_DEFAULTS_MODE_CONFIG_OPTIONS) - } = {}) => (0, import_property_provider2.memoize)(async () => { - const mode = typeof defaultsMode === "function" ? await defaultsMode() : defaultsMode; - switch (mode == null ? void 0 : mode.toLowerCase()) { - case "auto": - return resolveNodeDefaultsModeAuto(region); - case "in-region": - case "cross-region": - case "mobile": - case "standard": - case "legacy": - return Promise.resolve(mode == null ? void 0 : mode.toLocaleLowerCase()); - case void 0: - return Promise.resolve("legacy"); - default: - throw new Error( - `Invalid parameter for "defaultsMode", expect ${DEFAULTS_MODE_OPTIONS.join(", ")}, got ${mode}` - ); +// ../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/fromHttp/fromHttp.js +var require_fromHttp = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/fromHttp/fromHttp.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.fromHttp = void 0; + var tslib_1 = (init_tslib_es6(), __toCommonJS(tslib_es6_exports)); + var node_http_handler_1 = require_dist_cjs20(); + var property_provider_1 = require_dist_cjs47(); + var promises_1 = tslib_1.__importDefault(require("fs/promises")); + var checkUrl_1 = require_checkUrl(); + var requestHelpers_1 = require_requestHelpers(); + var retry_wrapper_1 = require_retry_wrapper(); + var AWS_CONTAINER_CREDENTIALS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI"; + var DEFAULT_LINK_LOCAL_HOST = "http://169.254.170.2"; + var AWS_CONTAINER_CREDENTIALS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI"; + var AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE"; + var AWS_CONTAINER_AUTHORIZATION_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN"; + var fromHttp = (options = {}) => { + options.logger?.debug("@aws-sdk/credential-provider-http - fromHttp"); + let host; + const relative = options.awsContainerCredentialsRelativeUri ?? process.env[AWS_CONTAINER_CREDENTIALS_RELATIVE_URI]; + const full = options.awsContainerCredentialsFullUri ?? process.env[AWS_CONTAINER_CREDENTIALS_FULL_URI]; + const token = options.awsContainerAuthorizationToken ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN]; + const tokenFile = options.awsContainerAuthorizationTokenFile ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE]; + const warn = options.logger?.constructor?.name === "NoOpLogger" || !options.logger ? console.warn : options.logger.warn; + if (relative && full) { + warn("@aws-sdk/credential-provider-http: you have set both awsContainerCredentialsRelativeUri and awsContainerCredentialsFullUri."); + warn("awsContainerCredentialsFullUri will take precedence."); } - }), "resolveDefaultsModeConfig"); - var resolveNodeDefaultsModeAuto = /* @__PURE__ */ __name(async (clientRegion) => { - if (clientRegion) { - const resolvedRegion = typeof clientRegion === "function" ? await clientRegion() : clientRegion; - const inferredRegion = await inferPhysicalRegion(); - if (!inferredRegion) { - return "standard"; - } - if (resolvedRegion === inferredRegion) { - return "in-region"; - } else { - return "cross-region"; - } + if (token && tokenFile) { + warn("@aws-sdk/credential-provider-http: you have set both awsContainerAuthorizationToken and awsContainerAuthorizationTokenFile."); + warn("awsContainerAuthorizationToken will take precedence."); } - return "standard"; - }, "resolveNodeDefaultsModeAuto"); - var inferPhysicalRegion = /* @__PURE__ */ __name(async () => { - if (process.env[AWS_EXECUTION_ENV] && (process.env[AWS_REGION_ENV] || process.env[AWS_DEFAULT_REGION_ENV])) { - return process.env[AWS_REGION_ENV] ?? process.env[AWS_DEFAULT_REGION_ENV]; + if (full) { + host = full; + } else if (relative) { + host = `${DEFAULT_LINK_LOCAL_HOST}${relative}`; + } else { + throw new property_provider_1.CredentialsProviderError(`No HTTP credential provider host provided. +Set AWS_CONTAINER_CREDENTIALS_FULL_URI or AWS_CONTAINER_CREDENTIALS_RELATIVE_URI.`, { logger: options.logger }); } - if (!process.env[ENV_IMDS_DISABLED]) { + const url2 = new URL(host); + (0, checkUrl_1.checkUrl)(url2, options.logger); + const requestHandler = new node_http_handler_1.NodeHttpHandler({ + requestTimeout: options.timeout ?? 1e3, + connectionTimeout: options.timeout ?? 1e3 + }); + return (0, retry_wrapper_1.retryWrapper)(async () => { + const request2 = (0, requestHelpers_1.createGetRequest)(url2); + if (token) { + request2.headers.Authorization = token; + } else if (tokenFile) { + request2.headers.Authorization = (await promises_1.default.readFile(tokenFile)).toString(); + } try { - const { getInstanceMetadataEndpoint, httpRequest } = await Promise.resolve().then(() => __toESM2(require_dist_cjs37())); - const endpoint = await getInstanceMetadataEndpoint(); - return (await httpRequest({ ...endpoint, path: IMDS_REGION_PATH })).toString(); + const result = await requestHandler.handle(request2); + return (0, requestHelpers_1.getCredentials)(result.response); } catch (e) { + throw new property_provider_1.CredentialsProviderError(String(e), { logger: options.logger }); } - } - }, "inferPhysicalRegion"); + }, options.maxRetries ?? 3, options.timeout ?? 1e3); + }; + exports2.fromHttp = fromHttp; } }); -// ../../../node_modules/@aws-sdk/client-sso/dist-cjs/runtimeConfig.js -var require_runtimeConfig = __commonJS({ - "../../../node_modules/@aws-sdk/client-sso/dist-cjs/runtimeConfig.js"(exports2) { +// ../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/index.js +var require_dist_cjs48 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-http/dist-cjs/index.js"(exports2) { "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); - exports2.getRuntimeConfig = void 0; - var tslib_1 = (init_tslib_es6(), __toCommonJS(tslib_es6_exports)); - var package_json_1 = tslib_1.__importDefault(require_package2()); - var core_1 = (init_dist_es2(), __toCommonJS(dist_es_exports2)); - var util_user_agent_node_1 = require_dist_cjs39(); - var config_resolver_1 = require_dist_cjs11(); - var hash_node_1 = require_dist_cjs40(); - var middleware_retry_1 = require_dist_cjs34(); - var node_config_provider_1 = require_dist_cjs26(); - var node_http_handler_1 = require_dist_cjs19(); - var util_body_length_node_1 = require_dist_cjs41(); - var util_retry_1 = require_dist_cjs31(); - var runtimeConfig_shared_1 = require_runtimeConfig_shared(); - var smithy_client_1 = require_dist_cjs33(); - var util_defaults_mode_node_1 = require_dist_cjs42(); - var smithy_client_2 = require_dist_cjs33(); - var getRuntimeConfig = (config) => { - (0, smithy_client_2.emitWarningIfUnsupportedVersion)(process.version); - const defaultsMode = (0, util_defaults_mode_node_1.resolveDefaultsModeConfig)(config); - const defaultConfigProvider = () => defaultsMode().then(smithy_client_1.loadConfigsForDefaultMode); - const clientSharedValues = (0, runtimeConfig_shared_1.getRuntimeConfig)(config); - (0, core_1.emitWarningIfUnsupportedVersion)(process.version); - return { - ...clientSharedValues, - ...config, - runtime: "node", - defaultsMode, - bodyLengthChecker: config?.bodyLengthChecker ?? util_body_length_node_1.calculateBodyLength, - defaultUserAgentProvider: config?.defaultUserAgentProvider ?? (0, util_user_agent_node_1.defaultUserAgent)({ serviceId: clientSharedValues.serviceId, clientVersion: package_json_1.default.version }), - maxAttempts: config?.maxAttempts ?? (0, node_config_provider_1.loadConfig)(middleware_retry_1.NODE_MAX_ATTEMPT_CONFIG_OPTIONS), - region: config?.region ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_REGION_CONFIG_OPTIONS, config_resolver_1.NODE_REGION_CONFIG_FILE_OPTIONS), - requestHandler: node_http_handler_1.NodeHttpHandler.create(config?.requestHandler ?? defaultConfigProvider), - retryMode: config?.retryMode ?? (0, node_config_provider_1.loadConfig)({ - ...middleware_retry_1.NODE_RETRY_MODE_CONFIG_OPTIONS, - default: async () => (await defaultConfigProvider()).retryMode || util_retry_1.DEFAULT_RETRY_MODE - }), - sha256: config?.sha256 ?? hash_node_1.Hash.bind(null, "sha256"), - streamCollector: config?.streamCollector ?? node_http_handler_1.streamCollector, - useDualstackEndpoint: config?.useDualstackEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS), - useFipsEndpoint: config?.useFipsEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS) - }; - }; - exports2.getRuntimeConfig = getRuntimeConfig; + exports2.fromHttp = void 0; + var fromHttp_1 = require_fromHttp(); + Object.defineProperty(exports2, "fromHttp", { enumerable: true, get: function() { + return fromHttp_1.fromHttp; + } }); } }); -// ../../../node_modules/@aws-sdk/region-config-resolver/dist-cjs/index.js -var require_dist_cjs43 = __commonJS({ - "../../../node_modules/@aws-sdk/region-config-resolver/dist-cjs/index.js"(exports2, module2) { +// ../../../node_modules/@aws-sdk/client-sso/dist-cjs/auth/httpAuthSchemeProvider.js +var require_httpAuthSchemeProvider2 = __commonJS({ + "../../../node_modules/@aws-sdk/client-sso/dist-cjs/auth/httpAuthSchemeProvider.js"(exports2) { "use strict"; - var __defProp2 = Object.defineProperty; - var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; - var __getOwnPropNames2 = Object.getOwnPropertyNames; - var __hasOwnProp2 = Object.prototype.hasOwnProperty; - var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); - var __export2 = (target, all) => { - for (var name in all) - __defProp2(target, name, { get: all[name], enumerable: true }); - }; - var __copyProps2 = (to, from, except, desc) => { - if (from && typeof from === "object" || typeof from === "function") { - for (let key of __getOwnPropNames2(from)) - if (!__hasOwnProp2.call(to, key) && key !== except) - __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); - } - return to; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.resolveHttpAuthSchemeConfig = exports2.defaultSSOHttpAuthSchemeProvider = exports2.defaultSSOHttpAuthSchemeParametersProvider = void 0; + var core_1 = (init_dist_es2(), __toCommonJS(dist_es_exports2)); + var util_middleware_1 = require_dist_cjs10(); + var defaultSSOHttpAuthSchemeParametersProvider = async (config, context, input) => { + return { + operation: (0, util_middleware_1.getSmithyContext)(context).operation, + region: await (0, util_middleware_1.normalizeProvider)(config.region)() || (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })() + }; }; - var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); - var src_exports = {}; - __export2(src_exports, { - NODE_REGION_CONFIG_FILE_OPTIONS: () => NODE_REGION_CONFIG_FILE_OPTIONS, - NODE_REGION_CONFIG_OPTIONS: () => NODE_REGION_CONFIG_OPTIONS, - REGION_ENV_NAME: () => REGION_ENV_NAME, - REGION_INI_NAME: () => REGION_INI_NAME, - getAwsRegionExtensionConfiguration: () => getAwsRegionExtensionConfiguration, - resolveAwsRegionExtensionConfiguration: () => resolveAwsRegionExtensionConfiguration, - resolveRegionConfig: () => resolveRegionConfig - }); - module2.exports = __toCommonJS2(src_exports); - var getAwsRegionExtensionConfiguration = /* @__PURE__ */ __name((runtimeConfig) => { - let runtimeConfigRegion = /* @__PURE__ */ __name(async () => { - if (runtimeConfig.region === void 0) { - throw new Error("Region is missing from runtimeConfig"); - } - const region = runtimeConfig.region; - if (typeof region === "string") { - return region; - } - return region(); - }, "runtimeConfigRegion"); + exports2.defaultSSOHttpAuthSchemeParametersProvider = defaultSSOHttpAuthSchemeParametersProvider; + function createAwsAuthSigv4HttpAuthOption(authParameters) { return { - setRegion(region) { - runtimeConfigRegion = region; + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "awsssoportal", + region: authParameters.region }, - region() { - return runtimeConfigRegion; - } + propertiesExtractor: (config, context) => ({ + signingProperties: { + config, + context + } + }) }; - }, "getAwsRegionExtensionConfiguration"); - var resolveAwsRegionExtensionConfiguration = /* @__PURE__ */ __name((awsRegionExtensionConfiguration) => { + } + function createSmithyApiNoAuthHttpAuthOption(authParameters) { return { - region: awsRegionExtensionConfiguration.region() + schemeId: "smithy.api#noAuth" }; - }, "resolveAwsRegionExtensionConfiguration"); - var REGION_ENV_NAME = "AWS_REGION"; - var REGION_INI_NAME = "region"; - var NODE_REGION_CONFIG_OPTIONS = { - environmentVariableSelector: (env) => env[REGION_ENV_NAME], - configFileSelector: (profile) => profile[REGION_INI_NAME], - default: () => { - throw new Error("Region is missing"); + } + var defaultSSOHttpAuthSchemeProvider = (authParameters) => { + const options = []; + switch (authParameters.operation) { + case "GetRoleCredentials": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "ListAccountRoles": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "ListAccounts": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "Logout": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } } + return options; }; - var NODE_REGION_CONFIG_FILE_OPTIONS = { - preferredFile: "credentials" - }; - var isFipsRegion = /* @__PURE__ */ __name((region) => typeof region === "string" && (region.startsWith("fips-") || region.endsWith("-fips")), "isFipsRegion"); - var getRealRegion = /* @__PURE__ */ __name((region) => isFipsRegion(region) ? ["fips-aws-global", "aws-fips"].includes(region) ? "us-east-1" : region.replace(/fips-(dkr-|prod-)?|-fips/, "") : region, "getRealRegion"); - var resolveRegionConfig = /* @__PURE__ */ __name((input) => { - const { region, useFipsEndpoint } = input; - if (!region) { - throw new Error("Region is missing"); - } + exports2.defaultSSOHttpAuthSchemeProvider = defaultSSOHttpAuthSchemeProvider; + var resolveHttpAuthSchemeConfig = (config) => { + const config_0 = (0, core_1.resolveAwsSdkSigV4Config)(config); return { - ...input, - region: async () => { - if (typeof region === "string") { - return getRealRegion(region); - } - const providedRegion = await region(); - return getRealRegion(providedRegion); - }, - useFipsEndpoint: async () => { - const providedRegion = typeof region === "string" ? region : await region(); - if (isFipsRegion(providedRegion)) { - return true; - } - return typeof useFipsEndpoint !== "function" ? Promise.resolve(!!useFipsEndpoint) : useFipsEndpoint(); - } + ...config_0 }; - }, "resolveRegionConfig"); + }; + exports2.resolveHttpAuthSchemeConfig = resolveHttpAuthSchemeConfig; } }); -// ../../../node_modules/@aws-sdk/client-sso/dist-cjs/index.js -var require_dist_cjs44 = __commonJS({ - "../../../node_modules/@aws-sdk/client-sso/dist-cjs/index.js"(exports2, module2) { +// ../../../node_modules/@aws-sdk/client-sso/package.json +var require_package2 = __commonJS({ + "../../../node_modules/@aws-sdk/client-sso/package.json"(exports2, module2) { + module2.exports = { + name: "@aws-sdk/client-sso", + description: "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + version: "3.632.0", + scripts: { + build: "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'", + "build:cjs": "node ../../scripts/compilation/inline client-sso", + "build:es": "tsc -p tsconfig.es.json", + "build:include:deps": "lerna run --scope $npm_package_name --include-dependencies build", + "build:types": "tsc -p tsconfig.types.json", + "build:types:downlevel": "downlevel-dts dist-types dist-types/ts3.4", + clean: "rimraf ./dist-* && rimraf *.tsbuildinfo", + "extract:docs": "api-extractor run --local", + "generate:client": "node ../../scripts/generate-clients/single-service --solo sso" + }, + main: "./dist-cjs/index.js", + types: "./dist-types/index.d.ts", + module: "./dist-es/index.js", + sideEffects: false, + dependencies: { + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/core": "3.629.0", + "@aws-sdk/middleware-host-header": "3.620.0", + "@aws-sdk/middleware-logger": "3.609.0", + "@aws-sdk/middleware-recursion-detection": "3.620.0", + "@aws-sdk/middleware-user-agent": "3.632.0", + "@aws-sdk/region-config-resolver": "3.614.0", + "@aws-sdk/types": "3.609.0", + "@aws-sdk/util-endpoints": "3.632.0", + "@aws-sdk/util-user-agent-browser": "3.609.0", + "@aws-sdk/util-user-agent-node": "3.614.0", + "@smithy/config-resolver": "^3.0.5", + "@smithy/core": "^2.3.2", + "@smithy/fetch-http-handler": "^3.2.4", + "@smithy/hash-node": "^3.0.3", + "@smithy/invalid-dependency": "^3.0.3", + "@smithy/middleware-content-length": "^3.0.5", + "@smithy/middleware-endpoint": "^3.1.0", + "@smithy/middleware-retry": "^3.0.14", + "@smithy/middleware-serde": "^3.0.3", + "@smithy/middleware-stack": "^3.0.3", + "@smithy/node-config-provider": "^3.1.4", + "@smithy/node-http-handler": "^3.1.4", + "@smithy/protocol-http": "^4.1.0", + "@smithy/smithy-client": "^3.1.12", + "@smithy/types": "^3.3.0", + "@smithy/url-parser": "^3.0.3", + "@smithy/util-base64": "^3.0.0", + "@smithy/util-body-length-browser": "^3.0.0", + "@smithy/util-body-length-node": "^3.0.0", + "@smithy/util-defaults-mode-browser": "^3.0.14", + "@smithy/util-defaults-mode-node": "^3.0.14", + "@smithy/util-endpoints": "^2.0.5", + "@smithy/util-middleware": "^3.0.3", + "@smithy/util-retry": "^3.0.3", + "@smithy/util-utf8": "^3.0.0", + tslib: "^2.6.2" + }, + devDependencies: { + "@tsconfig/node16": "16.1.3", + "@types/node": "^16.18.96", + concurrently: "7.0.0", + "downlevel-dts": "0.10.1", + rimraf: "3.0.2", + typescript: "~4.9.5" + }, + engines: { + node: ">=16.0.0" + }, + typesVersions: { + "<4.0": { + "dist-types/*": [ + "dist-types/ts3.4/*" + ] + } + }, + files: [ + "dist-*/**" + ], + author: { + name: "AWS SDK for JavaScript Team", + url: "https://aws.amazon.com/javascript/" + }, + license: "Apache-2.0", + browser: { + "./dist-es/runtimeConfig": "./dist-es/runtimeConfig.browser" + }, + "react-native": { + "./dist-es/runtimeConfig": "./dist-es/runtimeConfig.native" + }, + homepage: "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + repository: { + type: "git", + url: "https://github.com/aws/aws-sdk-js-v3.git", + directory: "clients/client-sso" + } + }; + } +}); + +// ../../../node_modules/@aws-sdk/util-user-agent-node/dist-cjs/index.js +var require_dist_cjs49 = __commonJS({ + "../../../node_modules/@aws-sdk/util-user-agent-node/dist-cjs/index.js"(exports2, module2) { "use strict"; var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; @@ -13590,856 +14460,476 @@ var require_dist_cjs44 = __commonJS({ var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var src_exports = {}; __export2(src_exports, { - GetRoleCredentialsCommand: () => GetRoleCredentialsCommand, - GetRoleCredentialsRequestFilterSensitiveLog: () => GetRoleCredentialsRequestFilterSensitiveLog, - GetRoleCredentialsResponseFilterSensitiveLog: () => GetRoleCredentialsResponseFilterSensitiveLog, - InvalidRequestException: () => InvalidRequestException, - ListAccountRolesCommand: () => ListAccountRolesCommand, - ListAccountRolesRequestFilterSensitiveLog: () => ListAccountRolesRequestFilterSensitiveLog, - ListAccountsCommand: () => ListAccountsCommand, - ListAccountsRequestFilterSensitiveLog: () => ListAccountsRequestFilterSensitiveLog, - LogoutCommand: () => LogoutCommand, - LogoutRequestFilterSensitiveLog: () => LogoutRequestFilterSensitiveLog, - ResourceNotFoundException: () => ResourceNotFoundException, - RoleCredentialsFilterSensitiveLog: () => RoleCredentialsFilterSensitiveLog, - SSO: () => SSO, - SSOClient: () => SSOClient, - SSOServiceException: () => SSOServiceException, - TooManyRequestsException: () => TooManyRequestsException, - UnauthorizedException: () => UnauthorizedException, - __Client: () => import_smithy_client4.Client, - paginateListAccountRoles: () => paginateListAccountRoles, - paginateListAccounts: () => paginateListAccounts + UA_APP_ID_ENV_NAME: () => UA_APP_ID_ENV_NAME, + UA_APP_ID_INI_NAME: () => UA_APP_ID_INI_NAME, + crtAvailability: () => crtAvailability, + defaultUserAgent: () => defaultUserAgent }); module2.exports = __toCommonJS2(src_exports); - var import_middleware_host_header = require_dist_cjs3(); - var import_middleware_logger = require_dist_cjs4(); - var import_middleware_recursion_detection = require_dist_cjs5(); - var import_middleware_user_agent = require_dist_cjs8(); - var import_config_resolver = require_dist_cjs11(); - var import_core3 = (init_dist_es(), __toCommonJS(dist_es_exports)); - var import_middleware_content_length = require_dist_cjs23(); - var import_middleware_endpoint = require_dist_cjs29(); - var import_middleware_retry = require_dist_cjs34(); - var import_httpAuthSchemeProvider = require_httpAuthSchemeProvider2(); - var resolveClientEndpointParameters = /* @__PURE__ */ __name((options) => { - return { - ...options, - useDualstackEndpoint: options.useDualstackEndpoint ?? false, - useFipsEndpoint: options.useFipsEndpoint ?? false, - defaultSigningName: "awsssoportal" - }; - }, "resolveClientEndpointParameters"); - var commonParams = { - UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, - Endpoint: { type: "builtInParams", name: "endpoint" }, - Region: { type: "builtInParams", name: "region" }, - UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" } + var import_node_config_provider = require_dist_cjs28(); + var import_os = require("os"); + var import_process = require("process"); + var crtAvailability = { + isCrtAvailable: false }; - var import_runtimeConfig = require_runtimeConfig(); - var import_region_config_resolver = require_dist_cjs43(); - var import_protocol_http8 = require_dist_cjs2(); - var import_smithy_client4 = require_dist_cjs33(); - var getHttpAuthExtensionConfiguration = /* @__PURE__ */ __name((runtimeConfig) => { - const _httpAuthSchemes = runtimeConfig.httpAuthSchemes; - let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider; - let _credentials = runtimeConfig.credentials; - return { - setHttpAuthScheme(httpAuthScheme) { - const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); - if (index === -1) { - _httpAuthSchemes.push(httpAuthScheme); - } else { - _httpAuthSchemes.splice(index, 1, httpAuthScheme); - } - }, - httpAuthSchemes() { - return _httpAuthSchemes; - }, - setHttpAuthSchemeProvider(httpAuthSchemeProvider) { - _httpAuthSchemeProvider = httpAuthSchemeProvider; - }, - httpAuthSchemeProvider() { - return _httpAuthSchemeProvider; - }, - setCredentials(credentials) { - _credentials = credentials; - }, - credentials() { - return _credentials; - } - }; - }, "getHttpAuthExtensionConfiguration"); - var resolveHttpAuthRuntimeConfig = /* @__PURE__ */ __name((config) => { - return { - httpAuthSchemes: config.httpAuthSchemes(), - httpAuthSchemeProvider: config.httpAuthSchemeProvider(), - credentials: config.credentials() - }; - }, "resolveHttpAuthRuntimeConfig"); - var asPartial = /* @__PURE__ */ __name((t) => t, "asPartial"); - var resolveRuntimeExtensions = /* @__PURE__ */ __name((runtimeConfig, extensions) => { - const extensionConfiguration = { - ...asPartial((0, import_region_config_resolver.getAwsRegionExtensionConfiguration)(runtimeConfig)), - ...asPartial((0, import_smithy_client4.getDefaultExtensionConfiguration)(runtimeConfig)), - ...asPartial((0, import_protocol_http8.getHttpHandlerExtensionConfiguration)(runtimeConfig)), - ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)) - }; - extensions.forEach((extension) => extension.configure(extensionConfiguration)); - return { - ...runtimeConfig, - ...(0, import_region_config_resolver.resolveAwsRegionExtensionConfiguration)(extensionConfiguration), - ...(0, import_smithy_client4.resolveDefaultRuntimeConfig)(extensionConfiguration), - ...(0, import_protocol_http8.resolveHttpHandlerRuntimeConfig)(extensionConfiguration), - ...resolveHttpAuthRuntimeConfig(extensionConfiguration) - }; - }, "resolveRuntimeExtensions"); - var _SSOClient = class _SSOClient extends import_smithy_client4.Client { - constructor(...[configuration]) { - const _config_0 = (0, import_runtimeConfig.getRuntimeConfig)(configuration || {}); - const _config_1 = resolveClientEndpointParameters(_config_0); - const _config_2 = (0, import_middleware_user_agent.resolveUserAgentConfig)(_config_1); - const _config_3 = (0, import_middleware_retry.resolveRetryConfig)(_config_2); - const _config_4 = (0, import_config_resolver.resolveRegionConfig)(_config_3); - const _config_5 = (0, import_middleware_host_header.resolveHostHeaderConfig)(_config_4); - const _config_6 = (0, import_middleware_endpoint.resolveEndpointConfig)(_config_5); - const _config_7 = (0, import_httpAuthSchemeProvider.resolveHttpAuthSchemeConfig)(_config_6); - const _config_8 = resolveRuntimeExtensions(_config_7, (configuration == null ? void 0 : configuration.extensions) || []); - super(_config_8); - this.config = _config_8; - this.middlewareStack.use((0, import_middleware_user_agent.getUserAgentPlugin)(this.config)); - this.middlewareStack.use((0, import_middleware_retry.getRetryPlugin)(this.config)); - this.middlewareStack.use((0, import_middleware_content_length.getContentLengthPlugin)(this.config)); - this.middlewareStack.use((0, import_middleware_host_header.getHostHeaderPlugin)(this.config)); - this.middlewareStack.use((0, import_middleware_logger.getLoggerPlugin)(this.config)); - this.middlewareStack.use((0, import_middleware_recursion_detection.getRecursionDetectionPlugin)(this.config)); - this.middlewareStack.use( - (0, import_core3.getHttpAuthSchemeEndpointRuleSetPlugin)(this.config, { - httpAuthSchemeParametersProvider: import_httpAuthSchemeProvider.defaultSSOHttpAuthSchemeParametersProvider, - identityProviderConfigProvider: async (config) => new import_core3.DefaultIdentityProviderConfig({ - "aws.auth#sigv4": config.credentials - }) - }) - ); - this.middlewareStack.use((0, import_core3.getHttpSigningPlugin)(this.config)); + var isCrtAvailable = /* @__PURE__ */ __name(() => { + if (crtAvailability.isCrtAvailable) { + return ["md/crt-avail"]; } - /** - * Destroy underlying resources, like sockets. It's usually not necessary to do this. - * However in Node.js, it's best to explicitly shut down the client's agent when it is no longer needed. - * Otherwise, sockets might stay open for quite a long time before the server terminates them. - */ - destroy() { - super.destroy(); + return null; + }, "isCrtAvailable"); + var UA_APP_ID_ENV_NAME = "AWS_SDK_UA_APP_ID"; + var UA_APP_ID_INI_NAME = "sdk-ua-app-id"; + var defaultUserAgent = /* @__PURE__ */ __name(({ serviceId, clientVersion }) => { + const sections = [ + // sdk-metadata + ["aws-sdk-js", clientVersion], + // ua-metadata + ["ua", "2.0"], + // os-metadata + [`os/${(0, import_os.platform)()}`, (0, import_os.release)()], + // language-metadata + // ECMAScript edition doesn't matter in JS, so no version needed. + ["lang/js"], + ["md/nodejs", `${import_process.versions.node}`] + ]; + const crtAvailable = isCrtAvailable(); + if (crtAvailable) { + sections.push(crtAvailable); } - }; - __name(_SSOClient, "SSOClient"); - var SSOClient = _SSOClient; - var import_middleware_serde2 = require_dist_cjs12(); - var _SSOServiceException = class _SSOServiceException2 extends import_smithy_client4.ServiceException { - /** - * @internal - */ - constructor(options) { - super(options); - Object.setPrototypeOf(this, _SSOServiceException2.prototype); + if (serviceId) { + sections.push([`api/${serviceId}`, clientVersion]); } - }; - __name(_SSOServiceException, "SSOServiceException"); - var SSOServiceException = _SSOServiceException; - var _InvalidRequestException = class _InvalidRequestException2 extends SSOServiceException { - /** - * @internal - */ - constructor(opts) { - super({ - name: "InvalidRequestException", - $fault: "client", - ...opts - }); - this.name = "InvalidRequestException"; - this.$fault = "client"; - Object.setPrototypeOf(this, _InvalidRequestException2.prototype); + if (import_process.env.AWS_EXECUTION_ENV) { + sections.push([`exec-env/${import_process.env.AWS_EXECUTION_ENV}`]); } + const appIdPromise = (0, import_node_config_provider.loadConfig)({ + environmentVariableSelector: (env2) => env2[UA_APP_ID_ENV_NAME], + configFileSelector: (profile) => profile[UA_APP_ID_INI_NAME], + default: void 0 + })(); + let resolvedUserAgent = void 0; + return async () => { + if (!resolvedUserAgent) { + const appId = await appIdPromise; + resolvedUserAgent = appId ? [...sections, [`app/${appId}`]] : [...sections]; + } + return resolvedUserAgent; + }; + }, "defaultUserAgent"); + } +}); + +// ../../../node_modules/@smithy/hash-node/node_modules/@smithy/util-buffer-from/dist-cjs/index.js +var require_dist_cjs50 = __commonJS({ + "../../../node_modules/@smithy/hash-node/node_modules/@smithy/util-buffer-from/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); }; - __name(_InvalidRequestException, "InvalidRequestException"); - var InvalidRequestException = _InvalidRequestException; - var _ResourceNotFoundException = class _ResourceNotFoundException2 extends SSOServiceException { - /** - * @internal - */ - constructor(opts) { - super({ - name: "ResourceNotFoundException", - $fault: "client", - ...opts - }); - this.name = "ResourceNotFoundException"; - this.$fault = "client"; - Object.setPrototypeOf(this, _ResourceNotFoundException2.prototype); + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); } + return to; }; - __name(_ResourceNotFoundException, "ResourceNotFoundException"); - var ResourceNotFoundException = _ResourceNotFoundException; - var _TooManyRequestsException = class _TooManyRequestsException2 extends SSOServiceException { - /** - * @internal - */ - constructor(opts) { - super({ - name: "TooManyRequestsException", - $fault: "client", - ...opts - }); - this.name = "TooManyRequestsException"; - this.$fault = "client"; - Object.setPrototypeOf(this, _TooManyRequestsException2.prototype); + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + fromArrayBuffer: () => fromArrayBuffer, + fromString: () => fromString + }); + module2.exports = __toCommonJS2(src_exports); + var import_is_array_buffer = require_dist_cjs13(); + var import_buffer = require("buffer"); + var fromArrayBuffer = /* @__PURE__ */ __name((input, offset = 0, length = input.byteLength - offset) => { + if (!(0, import_is_array_buffer.isArrayBuffer)(input)) { + throw new TypeError(`The "input" argument must be ArrayBuffer. Received type ${typeof input} (${input})`); } - }; - __name(_TooManyRequestsException, "TooManyRequestsException"); - var TooManyRequestsException = _TooManyRequestsException; - var _UnauthorizedException = class _UnauthorizedException2 extends SSOServiceException { - /** - * @internal - */ - constructor(opts) { - super({ - name: "UnauthorizedException", - $fault: "client", - ...opts - }); - this.name = "UnauthorizedException"; - this.$fault = "client"; - Object.setPrototypeOf(this, _UnauthorizedException2.prototype); + return import_buffer.Buffer.from(input, offset, length); + }, "fromArrayBuffer"); + var fromString = /* @__PURE__ */ __name((input, encoding) => { + if (typeof input !== "string") { + throw new TypeError(`The "input" argument must be of type string. Received type ${typeof input} (${input})`); } + return encoding ? import_buffer.Buffer.from(input, encoding) : import_buffer.Buffer.from(input); + }, "fromString"); + } +}); + +// ../../../node_modules/@smithy/hash-node/dist-cjs/index.js +var require_dist_cjs51 = __commonJS({ + "../../../node_modules/@smithy/hash-node/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); }; - __name(_UnauthorizedException, "UnauthorizedException"); - var UnauthorizedException = _UnauthorizedException; - var GetRoleCredentialsRequestFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ - ...obj, - ...obj.accessToken && { accessToken: import_smithy_client4.SENSITIVE_STRING } - }), "GetRoleCredentialsRequestFilterSensitiveLog"); - var RoleCredentialsFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ - ...obj, - ...obj.secretAccessKey && { secretAccessKey: import_smithy_client4.SENSITIVE_STRING }, - ...obj.sessionToken && { sessionToken: import_smithy_client4.SENSITIVE_STRING } - }), "RoleCredentialsFilterSensitiveLog"); - var GetRoleCredentialsResponseFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ - ...obj, - ...obj.roleCredentials && { roleCredentials: RoleCredentialsFilterSensitiveLog(obj.roleCredentials) } - }), "GetRoleCredentialsResponseFilterSensitiveLog"); - var ListAccountRolesRequestFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ - ...obj, - ...obj.accessToken && { accessToken: import_smithy_client4.SENSITIVE_STRING } - }), "ListAccountRolesRequestFilterSensitiveLog"); - var ListAccountsRequestFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ - ...obj, - ...obj.accessToken && { accessToken: import_smithy_client4.SENSITIVE_STRING } - }), "ListAccountsRequestFilterSensitiveLog"); - var LogoutRequestFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ - ...obj, - ...obj.accessToken && { accessToken: import_smithy_client4.SENSITIVE_STRING } - }), "LogoutRequestFilterSensitiveLog"); - var import_core22 = (init_dist_es2(), __toCommonJS(dist_es_exports2)); - var se_GetRoleCredentialsCommand = /* @__PURE__ */ __name(async (input, context) => { - const b = (0, import_core3.requestBuilder)(input, context); - const headers = (0, import_smithy_client4.map)({}, isSerializableHeaderValue, { - [_xasbt]: input[_aT] - }); - b.bp("/federation/credentials"); - const query = (0, import_smithy_client4.map)({ - [_rn]: [, (0, import_smithy_client4.expectNonNull)(input[_rN], `roleName`)], - [_ai]: [, (0, import_smithy_client4.expectNonNull)(input[_aI], `accountId`)] - }); - let body; - b.m("GET").h(headers).q(query).b(body); - return b.build(); - }, "se_GetRoleCredentialsCommand"); - var se_ListAccountRolesCommand = /* @__PURE__ */ __name(async (input, context) => { - const b = (0, import_core3.requestBuilder)(input, context); - const headers = (0, import_smithy_client4.map)({}, isSerializableHeaderValue, { - [_xasbt]: input[_aT] - }); - b.bp("/assignment/roles"); - const query = (0, import_smithy_client4.map)({ - [_nt]: [, input[_nT]], - [_mr]: [() => input.maxResults !== void 0, () => input[_mR].toString()], - [_ai]: [, (0, import_smithy_client4.expectNonNull)(input[_aI], `accountId`)] - }); - let body; - b.m("GET").h(headers).q(query).b(body); - return b.build(); - }, "se_ListAccountRolesCommand"); - var se_ListAccountsCommand = /* @__PURE__ */ __name(async (input, context) => { - const b = (0, import_core3.requestBuilder)(input, context); - const headers = (0, import_smithy_client4.map)({}, isSerializableHeaderValue, { - [_xasbt]: input[_aT] - }); - b.bp("/assignment/accounts"); - const query = (0, import_smithy_client4.map)({ - [_nt]: [, input[_nT]], - [_mr]: [() => input.maxResults !== void 0, () => input[_mR].toString()] - }); - let body; - b.m("GET").h(headers).q(query).b(body); - return b.build(); - }, "se_ListAccountsCommand"); - var se_LogoutCommand = /* @__PURE__ */ __name(async (input, context) => { - const b = (0, import_core3.requestBuilder)(input, context); - const headers = (0, import_smithy_client4.map)({}, isSerializableHeaderValue, { - [_xasbt]: input[_aT] - }); - b.bp("/logout"); - let body; - b.m("POST").h(headers).b(body); - return b.build(); - }, "se_LogoutCommand"); - var de_GetRoleCredentialsCommand = /* @__PURE__ */ __name(async (output, context) => { - if (output.statusCode !== 200 && output.statusCode >= 300) { - return de_CommandError(output, context); + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); } - const contents = (0, import_smithy_client4.map)({ - $metadata: deserializeMetadata(output) - }); - const data = (0, import_smithy_client4.expectNonNull)((0, import_smithy_client4.expectObject)(await (0, import_core22.parseJsonBody)(output.body, context)), "body"); - const doc = (0, import_smithy_client4.take)(data, { - roleCredentials: import_smithy_client4._json - }); - Object.assign(contents, doc); - return contents; - }, "de_GetRoleCredentialsCommand"); - var de_ListAccountRolesCommand = /* @__PURE__ */ __name(async (output, context) => { - if (output.statusCode !== 200 && output.statusCode >= 300) { - return de_CommandError(output, context); + return to; + }; + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + Hash: () => Hash + }); + module2.exports = __toCommonJS2(src_exports); + var import_util_buffer_from = require_dist_cjs50(); + var import_util_utf8 = require_dist_cjs16(); + var import_buffer = require("buffer"); + var import_crypto5 = require("crypto"); + var _Hash = class _Hash { + constructor(algorithmIdentifier, secret) { + this.algorithmIdentifier = algorithmIdentifier; + this.secret = secret; + this.reset(); } - const contents = (0, import_smithy_client4.map)({ - $metadata: deserializeMetadata(output) - }); - const data = (0, import_smithy_client4.expectNonNull)((0, import_smithy_client4.expectObject)(await (0, import_core22.parseJsonBody)(output.body, context)), "body"); - const doc = (0, import_smithy_client4.take)(data, { - nextToken: import_smithy_client4.expectString, - roleList: import_smithy_client4._json - }); - Object.assign(contents, doc); - return contents; - }, "de_ListAccountRolesCommand"); - var de_ListAccountsCommand = /* @__PURE__ */ __name(async (output, context) => { - if (output.statusCode !== 200 && output.statusCode >= 300) { - return de_CommandError(output, context); + update(toHash, encoding) { + this.hash.update((0, import_util_utf8.toUint8Array)(castSourceData(toHash, encoding))); } - const contents = (0, import_smithy_client4.map)({ - $metadata: deserializeMetadata(output) - }); - const data = (0, import_smithy_client4.expectNonNull)((0, import_smithy_client4.expectObject)(await (0, import_core22.parseJsonBody)(output.body, context)), "body"); - const doc = (0, import_smithy_client4.take)(data, { - accountList: import_smithy_client4._json, - nextToken: import_smithy_client4.expectString - }); - Object.assign(contents, doc); - return contents; - }, "de_ListAccountsCommand"); - var de_LogoutCommand = /* @__PURE__ */ __name(async (output, context) => { - if (output.statusCode !== 200 && output.statusCode >= 300) { - return de_CommandError(output, context); + digest() { + return Promise.resolve(this.hash.digest()); } - const contents = (0, import_smithy_client4.map)({ - $metadata: deserializeMetadata(output) - }); - await (0, import_smithy_client4.collectBody)(output.body, context); - return contents; - }, "de_LogoutCommand"); - var de_CommandError = /* @__PURE__ */ __name(async (output, context) => { - const parsedOutput = { - ...output, - body: await (0, import_core22.parseJsonErrorBody)(output.body, context) - }; - const errorCode = (0, import_core22.loadRestJsonErrorCode)(output, parsedOutput.body); - switch (errorCode) { - case "InvalidRequestException": - case "com.amazonaws.sso#InvalidRequestException": - throw await de_InvalidRequestExceptionRes(parsedOutput, context); - case "ResourceNotFoundException": - case "com.amazonaws.sso#ResourceNotFoundException": - throw await de_ResourceNotFoundExceptionRes(parsedOutput, context); - case "TooManyRequestsException": - case "com.amazonaws.sso#TooManyRequestsException": - throw await de_TooManyRequestsExceptionRes(parsedOutput, context); - case "UnauthorizedException": - case "com.amazonaws.sso#UnauthorizedException": - throw await de_UnauthorizedExceptionRes(parsedOutput, context); - default: - const parsedBody = parsedOutput.body; - return throwDefaultError({ - output, - parsedBody, - errorCode - }); + reset() { + this.hash = this.secret ? (0, import_crypto5.createHmac)(this.algorithmIdentifier, castSourceData(this.secret)) : (0, import_crypto5.createHash)(this.algorithmIdentifier); } - }, "de_CommandError"); - var throwDefaultError = (0, import_smithy_client4.withBaseException)(SSOServiceException); - var de_InvalidRequestExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { - const contents = (0, import_smithy_client4.map)({}); - const data = parsedOutput.body; - const doc = (0, import_smithy_client4.take)(data, { - message: import_smithy_client4.expectString - }); - Object.assign(contents, doc); - const exception = new InvalidRequestException({ - $metadata: deserializeMetadata(parsedOutput), - ...contents - }); - return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); - }, "de_InvalidRequestExceptionRes"); - var de_ResourceNotFoundExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { - const contents = (0, import_smithy_client4.map)({}); - const data = parsedOutput.body; - const doc = (0, import_smithy_client4.take)(data, { - message: import_smithy_client4.expectString - }); - Object.assign(contents, doc); - const exception = new ResourceNotFoundException({ - $metadata: deserializeMetadata(parsedOutput), - ...contents - }); - return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); - }, "de_ResourceNotFoundExceptionRes"); - var de_TooManyRequestsExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { - const contents = (0, import_smithy_client4.map)({}); - const data = parsedOutput.body; - const doc = (0, import_smithy_client4.take)(data, { - message: import_smithy_client4.expectString - }); - Object.assign(contents, doc); - const exception = new TooManyRequestsException({ - $metadata: deserializeMetadata(parsedOutput), - ...contents - }); - return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); - }, "de_TooManyRequestsExceptionRes"); - var de_UnauthorizedExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { - const contents = (0, import_smithy_client4.map)({}); - const data = parsedOutput.body; - const doc = (0, import_smithy_client4.take)(data, { - message: import_smithy_client4.expectString - }); - Object.assign(contents, doc); - const exception = new UnauthorizedException({ - $metadata: deserializeMetadata(parsedOutput), - ...contents - }); - return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); - }, "de_UnauthorizedExceptionRes"); - var deserializeMetadata = /* @__PURE__ */ __name((output) => ({ - httpStatusCode: output.statusCode, - requestId: output.headers["x-amzn-requestid"] ?? output.headers["x-amzn-request-id"] ?? output.headers["x-amz-request-id"], - extendedRequestId: output.headers["x-amz-id-2"], - cfId: output.headers["x-amz-cf-id"] - }), "deserializeMetadata"); - var isSerializableHeaderValue = /* @__PURE__ */ __name((value) => value !== void 0 && value !== null && value !== "" && (!Object.getOwnPropertyNames(value).includes("length") || value.length != 0) && (!Object.getOwnPropertyNames(value).includes("size") || value.size != 0), "isSerializableHeaderValue"); - var _aI = "accountId"; - var _aT = "accessToken"; - var _ai = "account_id"; - var _mR = "maxResults"; - var _mr = "max_result"; - var _nT = "nextToken"; - var _nt = "next_token"; - var _rN = "roleName"; - var _rn = "role_name"; - var _xasbt = "x-amz-sso_bearer_token"; - var _GetRoleCredentialsCommand = class _GetRoleCredentialsCommand extends import_smithy_client4.Command.classBuilder().ep({ - ...commonParams - }).m(function(Command, cs, config, o) { - return [ - (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), - (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) - ]; - }).s("SWBPortalService", "GetRoleCredentials", {}).n("SSOClient", "GetRoleCredentialsCommand").f(GetRoleCredentialsRequestFilterSensitiveLog, GetRoleCredentialsResponseFilterSensitiveLog).ser(se_GetRoleCredentialsCommand).de(de_GetRoleCredentialsCommand).build() { - }; - __name(_GetRoleCredentialsCommand, "GetRoleCredentialsCommand"); - var GetRoleCredentialsCommand = _GetRoleCredentialsCommand; - var _ListAccountRolesCommand = class _ListAccountRolesCommand extends import_smithy_client4.Command.classBuilder().ep({ - ...commonParams - }).m(function(Command, cs, config, o) { - return [ - (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), - (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) - ]; - }).s("SWBPortalService", "ListAccountRoles", {}).n("SSOClient", "ListAccountRolesCommand").f(ListAccountRolesRequestFilterSensitiveLog, void 0).ser(se_ListAccountRolesCommand).de(de_ListAccountRolesCommand).build() { - }; - __name(_ListAccountRolesCommand, "ListAccountRolesCommand"); - var ListAccountRolesCommand = _ListAccountRolesCommand; - var _ListAccountsCommand = class _ListAccountsCommand extends import_smithy_client4.Command.classBuilder().ep({ - ...commonParams - }).m(function(Command, cs, config, o) { - return [ - (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), - (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) - ]; - }).s("SWBPortalService", "ListAccounts", {}).n("SSOClient", "ListAccountsCommand").f(ListAccountsRequestFilterSensitiveLog, void 0).ser(se_ListAccountsCommand).de(de_ListAccountsCommand).build() { }; - __name(_ListAccountsCommand, "ListAccountsCommand"); - var ListAccountsCommand = _ListAccountsCommand; - var _LogoutCommand = class _LogoutCommand extends import_smithy_client4.Command.classBuilder().ep({ - ...commonParams - }).m(function(Command, cs, config, o) { - return [ - (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), - (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) - ]; - }).s("SWBPortalService", "Logout", {}).n("SSOClient", "LogoutCommand").f(LogoutRequestFilterSensitiveLog, void 0).ser(se_LogoutCommand).de(de_LogoutCommand).build() { + __name(_Hash, "Hash"); + var Hash = _Hash; + function castSourceData(toCast, encoding) { + if (import_buffer.Buffer.isBuffer(toCast)) { + return toCast; + } + if (typeof toCast === "string") { + return (0, import_util_buffer_from.fromString)(toCast, encoding); + } + if (ArrayBuffer.isView(toCast)) { + return (0, import_util_buffer_from.fromArrayBuffer)(toCast.buffer, toCast.byteOffset, toCast.byteLength); + } + return (0, import_util_buffer_from.fromArrayBuffer)(toCast); + } + __name(castSourceData, "castSourceData"); + } +}); + +// ../../../node_modules/@smithy/util-body-length-node/dist-cjs/index.js +var require_dist_cjs52 = __commonJS({ + "../../../node_modules/@smithy/util-body-length-node/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); }; - __name(_LogoutCommand, "LogoutCommand"); - var LogoutCommand = _LogoutCommand; - var commands = { - GetRoleCredentialsCommand, - ListAccountRolesCommand, - ListAccountsCommand, - LogoutCommand + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; }; - var _SSO = class _SSO extends SSOClient { + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + calculateBodyLength: () => calculateBodyLength + }); + module2.exports = __toCommonJS2(src_exports); + var import_fs = require("fs"); + var calculateBodyLength = /* @__PURE__ */ __name((body) => { + if (!body) { + return 0; + } + if (typeof body === "string") { + return Buffer.byteLength(body); + } else if (typeof body.byteLength === "number") { + return body.byteLength; + } else if (typeof body.size === "number") { + return body.size; + } else if (typeof body.start === "number" && typeof body.end === "number") { + return body.end + 1 - body.start; + } else if (typeof body.path === "string" || Buffer.isBuffer(body.path)) { + return (0, import_fs.lstatSync)(body.path).size; + } else if (typeof body.fd === "number") { + return (0, import_fs.fstatSync)(body.fd).size; + } + throw new Error(`Body Length computation failed for ${body}`); + }, "calculateBodyLength"); + } +}); + +// ../../../node_modules/@aws-sdk/client-sso/dist-cjs/endpoint/ruleset.js +var require_ruleset = __commonJS({ + "../../../node_modules/@aws-sdk/client-sso/dist-cjs/endpoint/ruleset.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.ruleSet = void 0; + var u = "required"; + var v = "fn"; + var w = "argv"; + var x = "ref"; + var a = true; + var b = "isSet"; + var c = "booleanEquals"; + var d = "error"; + var e = "endpoint"; + var f = "tree"; + var g = "PartitionResult"; + var h = "getAttr"; + var i = { [u]: false, "type": "String" }; + var j = { [u]: true, "default": false, "type": "Boolean" }; + var k = { [x]: "Endpoint" }; + var l = { [v]: c, [w]: [{ [x]: "UseFIPS" }, true] }; + var m = { [v]: c, [w]: [{ [x]: "UseDualStack" }, true] }; + var n = {}; + var o = { [v]: h, [w]: [{ [x]: g }, "supportsFIPS"] }; + var p = { [x]: g }; + var q = { [v]: c, [w]: [true, { [v]: h, [w]: [p, "supportsDualStack"] }] }; + var r = [l]; + var s = [m]; + var t = [{ [x]: "Region" }]; + var _data = { version: "1.0", parameters: { Region: i, UseDualStack: j, UseFIPS: j, Endpoint: i }, rules: [{ conditions: [{ [v]: b, [w]: [k] }], rules: [{ conditions: r, error: "Invalid Configuration: FIPS and custom endpoint are not supported", type: d }, { conditions: s, error: "Invalid Configuration: Dualstack and custom endpoint are not supported", type: d }, { endpoint: { url: k, properties: n, headers: n }, type: e }], type: f }, { conditions: [{ [v]: b, [w]: t }], rules: [{ conditions: [{ [v]: "aws.partition", [w]: t, assign: g }], rules: [{ conditions: [l, m], rules: [{ conditions: [{ [v]: c, [w]: [a, o] }, q], rules: [{ endpoint: { url: "https://portal.sso-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "FIPS and DualStack are enabled, but this partition does not support one or both", type: d }], type: f }, { conditions: r, rules: [{ conditions: [{ [v]: c, [w]: [o, a] }], rules: [{ conditions: [{ [v]: "stringEquals", [w]: [{ [v]: h, [w]: [p, "name"] }, "aws-us-gov"] }], endpoint: { url: "https://portal.sso.{Region}.amazonaws.com", properties: n, headers: n }, type: e }, { endpoint: { url: "https://portal.sso-fips.{Region}.{PartitionResult#dnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "FIPS is enabled but this partition does not support FIPS", type: d }], type: f }, { conditions: s, rules: [{ conditions: [q], rules: [{ endpoint: { url: "https://portal.sso.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "DualStack is enabled but this partition does not support DualStack", type: d }], type: f }, { endpoint: { url: "https://portal.sso.{Region}.{PartitionResult#dnsSuffix}", properties: n, headers: n }, type: e }], type: f }], type: f }, { error: "Invalid Configuration: Missing Region", type: d }] }; + exports2.ruleSet = _data; + } +}); + +// ../../../node_modules/@aws-sdk/client-sso/dist-cjs/endpoint/endpointResolver.js +var require_endpointResolver = __commonJS({ + "../../../node_modules/@aws-sdk/client-sso/dist-cjs/endpoint/endpointResolver.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.defaultEndpointResolver = void 0; + var util_endpoints_1 = require_dist_cjs7(); + var util_endpoints_2 = require_dist_cjs6(); + var ruleset_1 = require_ruleset(); + var defaultEndpointResolver = (endpointParams, context = {}) => { + return (0, util_endpoints_2.resolveEndpoint)(ruleset_1.ruleSet, { + endpointParams, + logger: context.logger + }); }; - __name(_SSO, "SSO"); - var SSO = _SSO; - (0, import_smithy_client4.createAggregatedClient)(commands, SSO); - var paginateListAccountRoles = (0, import_core3.createPaginator)(SSOClient, ListAccountRolesCommand, "nextToken", "nextToken", "maxResults"); - var paginateListAccounts = (0, import_core3.createPaginator)(SSOClient, ListAccountsCommand, "nextToken", "nextToken", "maxResults"); + exports2.defaultEndpointResolver = defaultEndpointResolver; + util_endpoints_2.customEndpointFunctions.aws = util_endpoints_1.awsEndpointFunctions; } }); -// ../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/auth/httpAuthSchemeProvider.js -var require_httpAuthSchemeProvider3 = __commonJS({ - "../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/auth/httpAuthSchemeProvider.js"(exports2) { +// ../../../node_modules/@aws-sdk/client-sso/dist-cjs/runtimeConfig.shared.js +var require_runtimeConfig_shared = __commonJS({ + "../../../node_modules/@aws-sdk/client-sso/dist-cjs/runtimeConfig.shared.js"(exports2) { "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); - exports2.resolveHttpAuthSchemeConfig = exports2.defaultSSOOIDCHttpAuthSchemeProvider = exports2.defaultSSOOIDCHttpAuthSchemeParametersProvider = void 0; + exports2.getRuntimeConfig = void 0; var core_1 = (init_dist_es2(), __toCommonJS(dist_es_exports2)); - var util_middleware_1 = require_dist_cjs10(); - var defaultSSOOIDCHttpAuthSchemeParametersProvider = async (config, context, input) => { + var core_2 = (init_dist_es(), __toCommonJS(dist_es_exports)); + var smithy_client_1 = require_dist_cjs37(); + var url_parser_1 = require_dist_cjs31(); + var util_base64_1 = require_dist_cjs17(); + var util_utf8_1 = require_dist_cjs16(); + var httpAuthSchemeProvider_1 = require_httpAuthSchemeProvider2(); + var endpointResolver_1 = require_endpointResolver(); + var getRuntimeConfig = (config) => { return { - operation: (0, util_middleware_1.getSmithyContext)(context).operation, - region: await (0, util_middleware_1.normalizeProvider)(config.region)() || (() => { - throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); - })() + apiVersion: "2019-06-10", + base64Decoder: config?.base64Decoder ?? util_base64_1.fromBase64, + base64Encoder: config?.base64Encoder ?? util_base64_1.toBase64, + disableHostPrefix: config?.disableHostPrefix ?? false, + endpointProvider: config?.endpointProvider ?? endpointResolver_1.defaultEndpointResolver, + extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? httpAuthSchemeProvider_1.defaultSSOHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new core_1.AwsSdkSigV4Signer() + }, + { + schemeId: "smithy.api#noAuth", + identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})), + signer: new core_2.NoAuthSigner() + } + ], + logger: config?.logger ?? new smithy_client_1.NoOpLogger(), + serviceId: config?.serviceId ?? "SSO", + urlParser: config?.urlParser ?? url_parser_1.parseUrl, + utf8Decoder: config?.utf8Decoder ?? util_utf8_1.fromUtf8, + utf8Encoder: config?.utf8Encoder ?? util_utf8_1.toUtf8 }; }; - exports2.defaultSSOOIDCHttpAuthSchemeParametersProvider = defaultSSOOIDCHttpAuthSchemeParametersProvider; - function createAwsAuthSigv4HttpAuthOption(authParameters) { - return { - schemeId: "aws.auth#sigv4", - signingProperties: { - name: "sso-oauth", - region: authParameters.region - }, - propertiesExtractor: (config, context) => ({ - signingProperties: { - config, - context - } - }) - }; - } - function createSmithyApiNoAuthHttpAuthOption(authParameters) { - return { - schemeId: "smithy.api#noAuth" - }; - } - var defaultSSOOIDCHttpAuthSchemeProvider = (authParameters) => { - const options = []; - switch (authParameters.operation) { - case "CreateToken": { - options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); - break; + exports2.getRuntimeConfig = getRuntimeConfig; + } +}); + +// ../../../node_modules/@smithy/util-defaults-mode-node/node_modules/@smithy/property-provider/dist-cjs/index.js +var require_dist_cjs53 = __commonJS({ + "../../../node_modules/@smithy/util-defaults-mode-node/node_modules/@smithy/property-provider/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); + }; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; + }; + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + CredentialsProviderError: () => CredentialsProviderError, + ProviderError: () => ProviderError2, + TokenProviderError: () => TokenProviderError, + chain: () => chain, + fromStatic: () => fromStatic, + memoize: () => memoize + }); + module2.exports = __toCommonJS2(src_exports); + var _ProviderError = class _ProviderError2 extends Error { + constructor(message, options = true) { + var _a; + let logger; + let tryNextLink = true; + if (typeof options === "boolean") { + logger = void 0; + tryNextLink = options; + } else if (options != null && typeof options === "object") { + logger = options.logger; + tryNextLink = options.tryNextLink ?? true; } - case "RegisterClient": { - options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); - break; + super(message); + this.name = "ProviderError"; + this.tryNextLink = tryNextLink; + Object.setPrototypeOf(this, _ProviderError2.prototype); + (_a = logger == null ? void 0 : logger.debug) == null ? void 0 : _a.call(logger, `@smithy/property-provider ${tryNextLink ? "->" : "(!)"} ${message}`); + } + /** + * @deprecated use new operator. + */ + static from(error, options = true) { + return Object.assign(new this(error.message, options), error); + } + }; + __name(_ProviderError, "ProviderError"); + var ProviderError2 = _ProviderError; + var _CredentialsProviderError = class _CredentialsProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "CredentialsProviderError"; + Object.setPrototypeOf(this, _CredentialsProviderError2.prototype); + } + }; + __name(_CredentialsProviderError, "CredentialsProviderError"); + var CredentialsProviderError = _CredentialsProviderError; + var _TokenProviderError = class _TokenProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "TokenProviderError"; + Object.setPrototypeOf(this, _TokenProviderError2.prototype); + } + }; + __name(_TokenProviderError, "TokenProviderError"); + var TokenProviderError = _TokenProviderError; + var chain = /* @__PURE__ */ __name((...providers) => async () => { + if (providers.length === 0) { + throw new ProviderError2("No providers in chain"); + } + let lastProviderError; + for (const provider of providers) { + try { + const credentials = await provider(); + return credentials; + } catch (err) { + lastProviderError = err; + if (err == null ? void 0 : err.tryNextLink) { + continue; + } + throw err; } - case "StartDeviceAuthorization": { - options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); - break; + } + throw lastProviderError; + }, "chain"); + var fromStatic = /* @__PURE__ */ __name((staticValue) => () => Promise.resolve(staticValue), "fromStatic"); + var memoize = /* @__PURE__ */ __name((provider, isExpired, requiresRefresh) => { + let resolved; + let pending; + let hasResult; + let isConstant = false; + const coalesceProvider = /* @__PURE__ */ __name(async () => { + if (!pending) { + pending = provider(); } - default: { - options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + try { + resolved = await pending; + hasResult = true; + isConstant = false; + } finally { + pending = void 0; } + return resolved; + }, "coalesceProvider"); + if (isExpired === void 0) { + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); + } + return resolved; + }; } - return options; - }; - exports2.defaultSSOOIDCHttpAuthSchemeProvider = defaultSSOOIDCHttpAuthSchemeProvider; - var resolveHttpAuthSchemeConfig = (config) => { - const config_0 = (0, core_1.resolveAwsSdkSigV4Config)(config); - return { - ...config_0 + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); + } + if (isConstant) { + return resolved; + } + if (requiresRefresh && !requiresRefresh(resolved)) { + isConstant = true; + return resolved; + } + if (isExpired(resolved)) { + await coalesceProvider(); + return resolved; + } + return resolved; }; - }; - exports2.resolveHttpAuthSchemeConfig = resolveHttpAuthSchemeConfig; + }, "memoize"); } }); -// ../../../node_modules/@aws-sdk/client-sso-oidc/package.json -var require_package3 = __commonJS({ - "../../../node_modules/@aws-sdk/client-sso-oidc/package.json"(exports2, module2) { - module2.exports = { - name: "@aws-sdk/client-sso-oidc", - description: "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", - version: "3.632.0", - scripts: { - build: "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'", - "build:cjs": "node ../../scripts/compilation/inline client-sso-oidc", - "build:es": "tsc -p tsconfig.es.json", - "build:include:deps": "lerna run --scope $npm_package_name --include-dependencies build", - "build:types": "tsc -p tsconfig.types.json", - "build:types:downlevel": "downlevel-dts dist-types dist-types/ts3.4", - clean: "rimraf ./dist-* && rimraf *.tsbuildinfo", - "extract:docs": "api-extractor run --local", - "generate:client": "node ../../scripts/generate-clients/single-service --solo sso-oidc" - }, - main: "./dist-cjs/index.js", - types: "./dist-types/index.d.ts", - module: "./dist-es/index.js", - sideEffects: false, - dependencies: { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "3.629.0", - "@aws-sdk/credential-provider-node": "3.632.0", - "@aws-sdk/middleware-host-header": "3.620.0", - "@aws-sdk/middleware-logger": "3.609.0", - "@aws-sdk/middleware-recursion-detection": "3.620.0", - "@aws-sdk/middleware-user-agent": "3.632.0", - "@aws-sdk/region-config-resolver": "3.614.0", - "@aws-sdk/types": "3.609.0", - "@aws-sdk/util-endpoints": "3.632.0", - "@aws-sdk/util-user-agent-browser": "3.609.0", - "@aws-sdk/util-user-agent-node": "3.614.0", - "@smithy/config-resolver": "^3.0.5", - "@smithy/core": "^2.3.2", - "@smithy/fetch-http-handler": "^3.2.4", - "@smithy/hash-node": "^3.0.3", - "@smithy/invalid-dependency": "^3.0.3", - "@smithy/middleware-content-length": "^3.0.5", - "@smithy/middleware-endpoint": "^3.1.0", - "@smithy/middleware-retry": "^3.0.14", - "@smithy/middleware-serde": "^3.0.3", - "@smithy/middleware-stack": "^3.0.3", - "@smithy/node-config-provider": "^3.1.4", - "@smithy/node-http-handler": "^3.1.4", - "@smithy/protocol-http": "^4.1.0", - "@smithy/smithy-client": "^3.1.12", - "@smithy/types": "^3.3.0", - "@smithy/url-parser": "^3.0.3", - "@smithy/util-base64": "^3.0.0", - "@smithy/util-body-length-browser": "^3.0.0", - "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.14", - "@smithy/util-defaults-mode-node": "^3.0.14", - "@smithy/util-endpoints": "^2.0.5", - "@smithy/util-middleware": "^3.0.3", - "@smithy/util-retry": "^3.0.3", - "@smithy/util-utf8": "^3.0.0", - tslib: "^2.6.2" - }, - devDependencies: { - "@tsconfig/node16": "16.1.3", - "@types/node": "^16.18.96", - concurrently: "7.0.0", - "downlevel-dts": "0.10.1", - rimraf: "3.0.2", - typescript: "~4.9.5" - }, - engines: { - node: ">=16.0.0" - }, - typesVersions: { - "<4.0": { - "dist-types/*": [ - "dist-types/ts3.4/*" - ] - } - }, - files: [ - "dist-*/**" - ], - author: { - name: "AWS SDK for JavaScript Team", - url: "https://aws.amazon.com/javascript/" - }, - license: "Apache-2.0", - peerDependencies: { - "@aws-sdk/client-sts": "^3.632.0" - }, - browser: { - "./dist-es/runtimeConfig": "./dist-es/runtimeConfig.browser" - }, - "react-native": { - "./dist-es/runtimeConfig": "./dist-es/runtimeConfig.native" - }, - homepage: "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", - repository: { - type: "git", - url: "https://github.com/aws/aws-sdk-js-v3.git", - directory: "clients/client-sso-oidc" - } - }; - } -}); - -// ../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/endpoint/ruleset.js -var require_ruleset2 = __commonJS({ - "../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/endpoint/ruleset.js"(exports2) { - "use strict"; - Object.defineProperty(exports2, "__esModule", { value: true }); - exports2.ruleSet = void 0; - var u = "required"; - var v = "fn"; - var w = "argv"; - var x = "ref"; - var a = true; - var b = "isSet"; - var c = "booleanEquals"; - var d = "error"; - var e = "endpoint"; - var f = "tree"; - var g = "PartitionResult"; - var h = "getAttr"; - var i = { [u]: false, "type": "String" }; - var j = { [u]: true, "default": false, "type": "Boolean" }; - var k = { [x]: "Endpoint" }; - var l = { [v]: c, [w]: [{ [x]: "UseFIPS" }, true] }; - var m = { [v]: c, [w]: [{ [x]: "UseDualStack" }, true] }; - var n = {}; - var o = { [v]: h, [w]: [{ [x]: g }, "supportsFIPS"] }; - var p = { [x]: g }; - var q = { [v]: c, [w]: [true, { [v]: h, [w]: [p, "supportsDualStack"] }] }; - var r = [l]; - var s = [m]; - var t = [{ [x]: "Region" }]; - var _data = { version: "1.0", parameters: { Region: i, UseDualStack: j, UseFIPS: j, Endpoint: i }, rules: [{ conditions: [{ [v]: b, [w]: [k] }], rules: [{ conditions: r, error: "Invalid Configuration: FIPS and custom endpoint are not supported", type: d }, { conditions: s, error: "Invalid Configuration: Dualstack and custom endpoint are not supported", type: d }, { endpoint: { url: k, properties: n, headers: n }, type: e }], type: f }, { conditions: [{ [v]: b, [w]: t }], rules: [{ conditions: [{ [v]: "aws.partition", [w]: t, assign: g }], rules: [{ conditions: [l, m], rules: [{ conditions: [{ [v]: c, [w]: [a, o] }, q], rules: [{ endpoint: { url: "https://oidc-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "FIPS and DualStack are enabled, but this partition does not support one or both", type: d }], type: f }, { conditions: r, rules: [{ conditions: [{ [v]: c, [w]: [o, a] }], rules: [{ conditions: [{ [v]: "stringEquals", [w]: [{ [v]: h, [w]: [p, "name"] }, "aws-us-gov"] }], endpoint: { url: "https://oidc.{Region}.amazonaws.com", properties: n, headers: n }, type: e }, { endpoint: { url: "https://oidc-fips.{Region}.{PartitionResult#dnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "FIPS is enabled but this partition does not support FIPS", type: d }], type: f }, { conditions: s, rules: [{ conditions: [q], rules: [{ endpoint: { url: "https://oidc.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "DualStack is enabled but this partition does not support DualStack", type: d }], type: f }, { endpoint: { url: "https://oidc.{Region}.{PartitionResult#dnsSuffix}", properties: n, headers: n }, type: e }], type: f }], type: f }, { error: "Invalid Configuration: Missing Region", type: d }] }; - exports2.ruleSet = _data; - } -}); - -// ../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/endpoint/endpointResolver.js -var require_endpointResolver2 = __commonJS({ - "../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/endpoint/endpointResolver.js"(exports2) { - "use strict"; - Object.defineProperty(exports2, "__esModule", { value: true }); - exports2.defaultEndpointResolver = void 0; - var util_endpoints_1 = require_dist_cjs7(); - var util_endpoints_2 = require_dist_cjs6(); - var ruleset_1 = require_ruleset2(); - var defaultEndpointResolver = (endpointParams, context = {}) => { - return (0, util_endpoints_2.resolveEndpoint)(ruleset_1.ruleSet, { - endpointParams, - logger: context.logger - }); - }; - exports2.defaultEndpointResolver = defaultEndpointResolver; - util_endpoints_2.customEndpointFunctions.aws = util_endpoints_1.awsEndpointFunctions; - } -}); - -// ../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/runtimeConfig.shared.js -var require_runtimeConfig_shared2 = __commonJS({ - "../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/runtimeConfig.shared.js"(exports2) { - "use strict"; - Object.defineProperty(exports2, "__esModule", { value: true }); - exports2.getRuntimeConfig = void 0; - var core_1 = (init_dist_es2(), __toCommonJS(dist_es_exports2)); - var core_2 = (init_dist_es(), __toCommonJS(dist_es_exports)); - var smithy_client_1 = require_dist_cjs33(); - var url_parser_1 = require_dist_cjs28(); - var util_base64_1 = require_dist_cjs16(); - var util_utf8_1 = require_dist_cjs15(); - var httpAuthSchemeProvider_1 = require_httpAuthSchemeProvider3(); - var endpointResolver_1 = require_endpointResolver2(); - var getRuntimeConfig = (config) => { - return { - apiVersion: "2019-06-10", - base64Decoder: config?.base64Decoder ?? util_base64_1.fromBase64, - base64Encoder: config?.base64Encoder ?? util_base64_1.toBase64, - disableHostPrefix: config?.disableHostPrefix ?? false, - endpointProvider: config?.endpointProvider ?? endpointResolver_1.defaultEndpointResolver, - extensions: config?.extensions ?? [], - httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? httpAuthSchemeProvider_1.defaultSSOOIDCHttpAuthSchemeProvider, - httpAuthSchemes: config?.httpAuthSchemes ?? [ - { - schemeId: "aws.auth#sigv4", - identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"), - signer: new core_1.AwsSdkSigV4Signer() - }, - { - schemeId: "smithy.api#noAuth", - identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})), - signer: new core_2.NoAuthSigner() - } - ], - logger: config?.logger ?? new smithy_client_1.NoOpLogger(), - serviceId: config?.serviceId ?? "SSO OIDC", - urlParser: config?.urlParser ?? url_parser_1.parseUrl, - utf8Decoder: config?.utf8Decoder ?? util_utf8_1.fromUtf8, - utf8Encoder: config?.utf8Encoder ?? util_utf8_1.toUtf8 - }; - }; - exports2.getRuntimeConfig = getRuntimeConfig; - } -}); - -// ../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/runtimeConfig.js -var require_runtimeConfig2 = __commonJS({ - "../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/runtimeConfig.js"(exports2) { - "use strict"; - Object.defineProperty(exports2, "__esModule", { value: true }); - exports2.getRuntimeConfig = void 0; - var tslib_1 = (init_tslib_es6(), __toCommonJS(tslib_es6_exports)); - var package_json_1 = tslib_1.__importDefault(require_package3()); - var core_1 = (init_dist_es2(), __toCommonJS(dist_es_exports2)); - var credential_provider_node_1 = require_dist_cjs52(); - var util_user_agent_node_1 = require_dist_cjs39(); - var config_resolver_1 = require_dist_cjs11(); - var hash_node_1 = require_dist_cjs40(); - var middleware_retry_1 = require_dist_cjs34(); - var node_config_provider_1 = require_dist_cjs26(); - var node_http_handler_1 = require_dist_cjs19(); - var util_body_length_node_1 = require_dist_cjs41(); - var util_retry_1 = require_dist_cjs31(); - var runtimeConfig_shared_1 = require_runtimeConfig_shared2(); - var smithy_client_1 = require_dist_cjs33(); - var util_defaults_mode_node_1 = require_dist_cjs42(); - var smithy_client_2 = require_dist_cjs33(); - var getRuntimeConfig = (config) => { - (0, smithy_client_2.emitWarningIfUnsupportedVersion)(process.version); - const defaultsMode = (0, util_defaults_mode_node_1.resolveDefaultsModeConfig)(config); - const defaultConfigProvider = () => defaultsMode().then(smithy_client_1.loadConfigsForDefaultMode); - const clientSharedValues = (0, runtimeConfig_shared_1.getRuntimeConfig)(config); - (0, core_1.emitWarningIfUnsupportedVersion)(process.version); - return { - ...clientSharedValues, - ...config, - runtime: "node", - defaultsMode, - bodyLengthChecker: config?.bodyLengthChecker ?? util_body_length_node_1.calculateBodyLength, - credentialDefaultProvider: config?.credentialDefaultProvider ?? credential_provider_node_1.defaultProvider, - defaultUserAgentProvider: config?.defaultUserAgentProvider ?? (0, util_user_agent_node_1.defaultUserAgent)({ serviceId: clientSharedValues.serviceId, clientVersion: package_json_1.default.version }), - maxAttempts: config?.maxAttempts ?? (0, node_config_provider_1.loadConfig)(middleware_retry_1.NODE_MAX_ATTEMPT_CONFIG_OPTIONS), - region: config?.region ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_REGION_CONFIG_OPTIONS, config_resolver_1.NODE_REGION_CONFIG_FILE_OPTIONS), - requestHandler: node_http_handler_1.NodeHttpHandler.create(config?.requestHandler ?? defaultConfigProvider), - retryMode: config?.retryMode ?? (0, node_config_provider_1.loadConfig)({ - ...middleware_retry_1.NODE_RETRY_MODE_CONFIG_OPTIONS, - default: async () => (await defaultConfigProvider()).retryMode || util_retry_1.DEFAULT_RETRY_MODE - }), - sha256: config?.sha256 ?? hash_node_1.Hash.bind(null, "sha256"), - streamCollector: config?.streamCollector ?? node_http_handler_1.streamCollector, - useDualstackEndpoint: config?.useDualstackEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS), - useFipsEndpoint: config?.useFipsEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS) - }; - }; - exports2.getRuntimeConfig = getRuntimeConfig; - } -}); - -// ../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/index.js -var require_dist_cjs45 = __commonJS({ - "../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/index.js"(exports2, module2) { - "use strict"; +// ../../../node_modules/@smithy/util-defaults-mode-node/node_modules/@smithy/credential-provider-imds/dist-cjs/index.js +var require_dist_cjs54 = __commonJS({ + "../../../node_modules/@smithy/util-defaults-mode-node/node_modules/@smithy/credential-provider-imds/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; var __getOwnPropNames2 = Object.getOwnPropertyNames; @@ -14460,686 +14950,1038 @@ var require_dist_cjs45 = __commonJS({ var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var src_exports = {}; __export2(src_exports, { - AccessDeniedException: () => AccessDeniedException, - AuthorizationPendingException: () => AuthorizationPendingException, - CreateTokenCommand: () => CreateTokenCommand, - CreateTokenRequestFilterSensitiveLog: () => CreateTokenRequestFilterSensitiveLog, - CreateTokenResponseFilterSensitiveLog: () => CreateTokenResponseFilterSensitiveLog, - CreateTokenWithIAMCommand: () => CreateTokenWithIAMCommand, - CreateTokenWithIAMRequestFilterSensitiveLog: () => CreateTokenWithIAMRequestFilterSensitiveLog, - CreateTokenWithIAMResponseFilterSensitiveLog: () => CreateTokenWithIAMResponseFilterSensitiveLog, - ExpiredTokenException: () => ExpiredTokenException, - InternalServerException: () => InternalServerException, - InvalidClientException: () => InvalidClientException, - InvalidClientMetadataException: () => InvalidClientMetadataException, - InvalidGrantException: () => InvalidGrantException, - InvalidRedirectUriException: () => InvalidRedirectUriException, - InvalidRequestException: () => InvalidRequestException, - InvalidRequestRegionException: () => InvalidRequestRegionException, - InvalidScopeException: () => InvalidScopeException, - RegisterClientCommand: () => RegisterClientCommand, - RegisterClientResponseFilterSensitiveLog: () => RegisterClientResponseFilterSensitiveLog, - SSOOIDC: () => SSOOIDC, - SSOOIDCClient: () => SSOOIDCClient, - SSOOIDCServiceException: () => SSOOIDCServiceException, - SlowDownException: () => SlowDownException, - StartDeviceAuthorizationCommand: () => StartDeviceAuthorizationCommand, - StartDeviceAuthorizationRequestFilterSensitiveLog: () => StartDeviceAuthorizationRequestFilterSensitiveLog, - UnauthorizedClientException: () => UnauthorizedClientException, - UnsupportedGrantTypeException: () => UnsupportedGrantTypeException, - __Client: () => import_smithy_client4.Client + DEFAULT_MAX_RETRIES: () => DEFAULT_MAX_RETRIES, + DEFAULT_TIMEOUT: () => DEFAULT_TIMEOUT, + ENV_CMDS_AUTH_TOKEN: () => ENV_CMDS_AUTH_TOKEN, + ENV_CMDS_FULL_URI: () => ENV_CMDS_FULL_URI, + ENV_CMDS_RELATIVE_URI: () => ENV_CMDS_RELATIVE_URI, + Endpoint: () => Endpoint, + fromContainerMetadata: () => fromContainerMetadata, + fromInstanceMetadata: () => fromInstanceMetadata, + getInstanceMetadataEndpoint: () => getInstanceMetadataEndpoint, + httpRequest: () => httpRequest, + providerConfigFromInit: () => providerConfigFromInit }); module2.exports = __toCommonJS2(src_exports); - var import_middleware_host_header = require_dist_cjs3(); - var import_middleware_logger = require_dist_cjs4(); - var import_middleware_recursion_detection = require_dist_cjs5(); - var import_middleware_user_agent = require_dist_cjs8(); - var import_config_resolver = require_dist_cjs11(); - var import_core3 = (init_dist_es(), __toCommonJS(dist_es_exports)); - var import_middleware_content_length = require_dist_cjs23(); - var import_middleware_endpoint = require_dist_cjs29(); - var import_middleware_retry = require_dist_cjs34(); - var import_httpAuthSchemeProvider = require_httpAuthSchemeProvider3(); - var resolveClientEndpointParameters = /* @__PURE__ */ __name((options) => { - return { - ...options, - useDualstackEndpoint: options.useDualstackEndpoint ?? false, - useFipsEndpoint: options.useFipsEndpoint ?? false, - defaultSigningName: "sso-oauth" - }; - }, "resolveClientEndpointParameters"); - var commonParams = { - UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, - Endpoint: { type: "builtInParams", name: "endpoint" }, - Region: { type: "builtInParams", name: "region" }, - UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" } - }; - var import_runtimeConfig = require_runtimeConfig2(); - var import_region_config_resolver = require_dist_cjs43(); - var import_protocol_http8 = require_dist_cjs2(); - var import_smithy_client4 = require_dist_cjs33(); - var getHttpAuthExtensionConfiguration = /* @__PURE__ */ __name((runtimeConfig) => { - const _httpAuthSchemes = runtimeConfig.httpAuthSchemes; - let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider; - let _credentials = runtimeConfig.credentials; - return { - setHttpAuthScheme(httpAuthScheme) { - const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); - if (index === -1) { - _httpAuthSchemes.push(httpAuthScheme); - } else { - _httpAuthSchemes.splice(index, 1, httpAuthScheme); - } - }, - httpAuthSchemes() { - return _httpAuthSchemes; - }, - setHttpAuthSchemeProvider(httpAuthSchemeProvider) { - _httpAuthSchemeProvider = httpAuthSchemeProvider; - }, - httpAuthSchemeProvider() { - return _httpAuthSchemeProvider; - }, - setCredentials(credentials) { - _credentials = credentials; - }, - credentials() { - return _credentials; - } - }; - }, "getHttpAuthExtensionConfiguration"); - var resolveHttpAuthRuntimeConfig = /* @__PURE__ */ __name((config) => { - return { - httpAuthSchemes: config.httpAuthSchemes(), - httpAuthSchemeProvider: config.httpAuthSchemeProvider(), - credentials: config.credentials() - }; - }, "resolveHttpAuthRuntimeConfig"); - var asPartial = /* @__PURE__ */ __name((t) => t, "asPartial"); - var resolveRuntimeExtensions = /* @__PURE__ */ __name((runtimeConfig, extensions) => { - const extensionConfiguration = { - ...asPartial((0, import_region_config_resolver.getAwsRegionExtensionConfiguration)(runtimeConfig)), - ...asPartial((0, import_smithy_client4.getDefaultExtensionConfiguration)(runtimeConfig)), - ...asPartial((0, import_protocol_http8.getHttpHandlerExtensionConfiguration)(runtimeConfig)), - ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)) - }; - extensions.forEach((extension) => extension.configure(extensionConfiguration)); - return { - ...runtimeConfig, - ...(0, import_region_config_resolver.resolveAwsRegionExtensionConfiguration)(extensionConfiguration), - ...(0, import_smithy_client4.resolveDefaultRuntimeConfig)(extensionConfiguration), - ...(0, import_protocol_http8.resolveHttpHandlerRuntimeConfig)(extensionConfiguration), - ...resolveHttpAuthRuntimeConfig(extensionConfiguration) - }; - }, "resolveRuntimeExtensions"); - var _SSOOIDCClient = class _SSOOIDCClient extends import_smithy_client4.Client { - constructor(...[configuration]) { - const _config_0 = (0, import_runtimeConfig.getRuntimeConfig)(configuration || {}); - const _config_1 = resolveClientEndpointParameters(_config_0); - const _config_2 = (0, import_middleware_user_agent.resolveUserAgentConfig)(_config_1); - const _config_3 = (0, import_middleware_retry.resolveRetryConfig)(_config_2); - const _config_4 = (0, import_config_resolver.resolveRegionConfig)(_config_3); - const _config_5 = (0, import_middleware_host_header.resolveHostHeaderConfig)(_config_4); - const _config_6 = (0, import_middleware_endpoint.resolveEndpointConfig)(_config_5); - const _config_7 = (0, import_httpAuthSchemeProvider.resolveHttpAuthSchemeConfig)(_config_6); - const _config_8 = resolveRuntimeExtensions(_config_7, (configuration == null ? void 0 : configuration.extensions) || []); - super(_config_8); - this.config = _config_8; - this.middlewareStack.use((0, import_middleware_user_agent.getUserAgentPlugin)(this.config)); - this.middlewareStack.use((0, import_middleware_retry.getRetryPlugin)(this.config)); - this.middlewareStack.use((0, import_middleware_content_length.getContentLengthPlugin)(this.config)); - this.middlewareStack.use((0, import_middleware_host_header.getHostHeaderPlugin)(this.config)); - this.middlewareStack.use((0, import_middleware_logger.getLoggerPlugin)(this.config)); - this.middlewareStack.use((0, import_middleware_recursion_detection.getRecursionDetectionPlugin)(this.config)); - this.middlewareStack.use( - (0, import_core3.getHttpAuthSchemeEndpointRuleSetPlugin)(this.config, { - httpAuthSchemeParametersProvider: import_httpAuthSchemeProvider.defaultSSOOIDCHttpAuthSchemeParametersProvider, - identityProviderConfigProvider: async (config) => new import_core3.DefaultIdentityProviderConfig({ - "aws.auth#sigv4": config.credentials - }) - }) - ); - this.middlewareStack.use((0, import_core3.getHttpSigningPlugin)(this.config)); + var import_url = require("url"); + var import_property_provider2 = require_dist_cjs53(); + var import_buffer = require("buffer"); + var import_http2 = require("http"); + function httpRequest(options) { + return new Promise((resolve, reject) => { + var _a; + const req = (0, import_http2.request)({ + method: "GET", + ...options, + // Node.js http module doesn't accept hostname with square brackets + // Refs: https://github.com/nodejs/node/issues/39738 + hostname: (_a = options.hostname) == null ? void 0 : _a.replace(/^\[(.+)\]$/, "$1") + }); + req.on("error", (err) => { + reject(Object.assign(new import_property_provider2.ProviderError("Unable to connect to instance metadata service"), err)); + req.destroy(); + }); + req.on("timeout", () => { + reject(new import_property_provider2.ProviderError("TimeoutError from instance metadata service")); + req.destroy(); + }); + req.on("response", (res) => { + const { statusCode = 400 } = res; + if (statusCode < 200 || 300 <= statusCode) { + reject( + Object.assign(new import_property_provider2.ProviderError("Error response received from instance metadata service"), { statusCode }) + ); + req.destroy(); + } + const chunks = []; + res.on("data", (chunk) => { + chunks.push(chunk); + }); + res.on("end", () => { + resolve(import_buffer.Buffer.concat(chunks)); + req.destroy(); + }); + }); + req.end(); + }); + } + __name(httpRequest, "httpRequest"); + var isImdsCredentials = /* @__PURE__ */ __name((arg) => Boolean(arg) && typeof arg === "object" && typeof arg.AccessKeyId === "string" && typeof arg.SecretAccessKey === "string" && typeof arg.Token === "string" && typeof arg.Expiration === "string", "isImdsCredentials"); + var fromImdsCredentials = /* @__PURE__ */ __name((creds) => ({ + accessKeyId: creds.AccessKeyId, + secretAccessKey: creds.SecretAccessKey, + sessionToken: creds.Token, + expiration: new Date(creds.Expiration), + ...creds.AccountId && { accountId: creds.AccountId } + }), "fromImdsCredentials"); + var DEFAULT_TIMEOUT = 1e3; + var DEFAULT_MAX_RETRIES = 0; + var providerConfigFromInit = /* @__PURE__ */ __name(({ + maxRetries = DEFAULT_MAX_RETRIES, + timeout = DEFAULT_TIMEOUT + }) => ({ maxRetries, timeout }), "providerConfigFromInit"); + var retry = /* @__PURE__ */ __name((toRetry, maxRetries) => { + let promise = toRetry(); + for (let i = 0; i < maxRetries; i++) { + promise = promise.catch(toRetry); } - /** - * Destroy underlying resources, like sockets. It's usually not necessary to do this. - * However in Node.js, it's best to explicitly shut down the client's agent when it is no longer needed. - * Otherwise, sockets might stay open for quite a long time before the server terminates them. - */ - destroy() { - super.destroy(); + return promise; + }, "retry"); + var ENV_CMDS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI"; + var ENV_CMDS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI"; + var ENV_CMDS_AUTH_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN"; + var fromContainerMetadata = /* @__PURE__ */ __name((init = {}) => { + const { timeout, maxRetries } = providerConfigFromInit(init); + return () => retry(async () => { + const requestOptions = await getCmdsUri({ logger: init.logger }); + const credsResponse = JSON.parse(await requestFromEcsImds(timeout, requestOptions)); + if (!isImdsCredentials(credsResponse)) { + throw new import_property_provider2.CredentialsProviderError("Invalid response received from instance metadata service.", { + logger: init.logger + }); + } + return fromImdsCredentials(credsResponse); + }, maxRetries); + }, "fromContainerMetadata"); + var requestFromEcsImds = /* @__PURE__ */ __name(async (timeout, options) => { + if (process.env[ENV_CMDS_AUTH_TOKEN]) { + options.headers = { + ...options.headers, + Authorization: process.env[ENV_CMDS_AUTH_TOKEN] + }; } + const buffer = await httpRequest({ + ...options, + timeout + }); + return buffer.toString(); + }, "requestFromEcsImds"); + var CMDS_IP = "169.254.170.2"; + var GREENGRASS_HOSTS = { + localhost: true, + "127.0.0.1": true }; - __name(_SSOOIDCClient, "SSOOIDCClient"); - var SSOOIDCClient = _SSOOIDCClient; - var import_middleware_serde2 = require_dist_cjs12(); - var _SSOOIDCServiceException = class _SSOOIDCServiceException2 extends import_smithy_client4.ServiceException { - /** - * @internal - */ - constructor(options) { - super(options); - Object.setPrototypeOf(this, _SSOOIDCServiceException2.prototype); - } + var GREENGRASS_PROTOCOLS = { + "http:": true, + "https:": true }; - __name(_SSOOIDCServiceException, "SSOOIDCServiceException"); - var SSOOIDCServiceException = _SSOOIDCServiceException; - var _AccessDeniedException = class _AccessDeniedException2 extends SSOOIDCServiceException { - /** - * @internal - */ - constructor(opts) { - super({ - name: "AccessDeniedException", - $fault: "client", - ...opts - }); - this.name = "AccessDeniedException"; - this.$fault = "client"; - Object.setPrototypeOf(this, _AccessDeniedException2.prototype); - this.error = opts.error; - this.error_description = opts.error_description; + var getCmdsUri = /* @__PURE__ */ __name(async ({ logger }) => { + if (process.env[ENV_CMDS_RELATIVE_URI]) { + return { + hostname: CMDS_IP, + path: process.env[ENV_CMDS_RELATIVE_URI] + }; } - }; - __name(_AccessDeniedException, "AccessDeniedException"); - var AccessDeniedException = _AccessDeniedException; - var _AuthorizationPendingException = class _AuthorizationPendingException2 extends SSOOIDCServiceException { - /** - * @internal - */ - constructor(opts) { - super({ - name: "AuthorizationPendingException", - $fault: "client", - ...opts - }); - this.name = "AuthorizationPendingException"; - this.$fault = "client"; - Object.setPrototypeOf(this, _AuthorizationPendingException2.prototype); - this.error = opts.error; - this.error_description = opts.error_description; + if (process.env[ENV_CMDS_FULL_URI]) { + const parsed = (0, import_url.parse)(process.env[ENV_CMDS_FULL_URI]); + if (!parsed.hostname || !(parsed.hostname in GREENGRASS_HOSTS)) { + throw new import_property_provider2.CredentialsProviderError(`${parsed.hostname} is not a valid container metadata service hostname`, { + tryNextLink: false, + logger + }); + } + if (!parsed.protocol || !(parsed.protocol in GREENGRASS_PROTOCOLS)) { + throw new import_property_provider2.CredentialsProviderError(`${parsed.protocol} is not a valid container metadata service protocol`, { + tryNextLink: false, + logger + }); + } + return { + ...parsed, + port: parsed.port ? parseInt(parsed.port, 10) : void 0 + }; + } + throw new import_property_provider2.CredentialsProviderError( + `The container metadata credential provider cannot be used unless the ${ENV_CMDS_RELATIVE_URI} or ${ENV_CMDS_FULL_URI} environment variable is set`, + { + tryNextLink: false, + logger + } + ); + }, "getCmdsUri"); + var _InstanceMetadataV1FallbackError = class _InstanceMetadataV1FallbackError2 extends import_property_provider2.CredentialsProviderError { + constructor(message, tryNextLink = true) { + super(message, tryNextLink); + this.tryNextLink = tryNextLink; + this.name = "InstanceMetadataV1FallbackError"; + Object.setPrototypeOf(this, _InstanceMetadataV1FallbackError2.prototype); } }; - __name(_AuthorizationPendingException, "AuthorizationPendingException"); - var AuthorizationPendingException = _AuthorizationPendingException; - var _ExpiredTokenException = class _ExpiredTokenException2 extends SSOOIDCServiceException { - /** - * @internal - */ - constructor(opts) { - super({ - name: "ExpiredTokenException", - $fault: "client", - ...opts + __name(_InstanceMetadataV1FallbackError, "InstanceMetadataV1FallbackError"); + var InstanceMetadataV1FallbackError = _InstanceMetadataV1FallbackError; + var import_node_config_provider = require_dist_cjs28(); + var import_url_parser = require_dist_cjs31(); + var Endpoint = /* @__PURE__ */ ((Endpoint2) => { + Endpoint2["IPv4"] = "http://169.254.169.254"; + Endpoint2["IPv6"] = "http://[fd00:ec2::254]"; + return Endpoint2; + })(Endpoint || {}); + var ENV_ENDPOINT_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT"; + var CONFIG_ENDPOINT_NAME = "ec2_metadata_service_endpoint"; + var ENDPOINT_CONFIG_OPTIONS = { + environmentVariableSelector: (env) => env[ENV_ENDPOINT_NAME], + configFileSelector: (profile) => profile[CONFIG_ENDPOINT_NAME], + default: void 0 + }; + var EndpointMode = /* @__PURE__ */ ((EndpointMode2) => { + EndpointMode2["IPv4"] = "IPv4"; + EndpointMode2["IPv6"] = "IPv6"; + return EndpointMode2; + })(EndpointMode || {}); + var ENV_ENDPOINT_MODE_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE"; + var CONFIG_ENDPOINT_MODE_NAME = "ec2_metadata_service_endpoint_mode"; + var ENDPOINT_MODE_CONFIG_OPTIONS = { + environmentVariableSelector: (env) => env[ENV_ENDPOINT_MODE_NAME], + configFileSelector: (profile) => profile[CONFIG_ENDPOINT_MODE_NAME], + default: "IPv4" + /* IPv4 */ + }; + var getInstanceMetadataEndpoint = /* @__PURE__ */ __name(async () => (0, import_url_parser.parseUrl)(await getFromEndpointConfig() || await getFromEndpointModeConfig()), "getInstanceMetadataEndpoint"); + var getFromEndpointConfig = /* @__PURE__ */ __name(async () => (0, import_node_config_provider.loadConfig)(ENDPOINT_CONFIG_OPTIONS)(), "getFromEndpointConfig"); + var getFromEndpointModeConfig = /* @__PURE__ */ __name(async () => { + const endpointMode = await (0, import_node_config_provider.loadConfig)(ENDPOINT_MODE_CONFIG_OPTIONS)(); + switch (endpointMode) { + case "IPv4": + return "http://169.254.169.254"; + case "IPv6": + return "http://[fd00:ec2::254]"; + default: + throw new Error(`Unsupported endpoint mode: ${endpointMode}. Select from ${Object.values(EndpointMode)}`); + } + }, "getFromEndpointModeConfig"); + var STATIC_STABILITY_REFRESH_INTERVAL_SECONDS = 5 * 60; + var STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS = 5 * 60; + var STATIC_STABILITY_DOC_URL = "https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html"; + var getExtendedInstanceMetadataCredentials = /* @__PURE__ */ __name((credentials, logger) => { + const refreshInterval = STATIC_STABILITY_REFRESH_INTERVAL_SECONDS + Math.floor(Math.random() * STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS); + const newExpiration = new Date(Date.now() + refreshInterval * 1e3); + logger.warn( + `Attempting credential expiration extension due to a credential service availability issue. A refresh of these credentials will be attempted after ${new Date(newExpiration)}. +For more information, please visit: ` + STATIC_STABILITY_DOC_URL + ); + const originalExpiration = credentials.originalExpiration ?? credentials.expiration; + return { + ...credentials, + ...originalExpiration ? { originalExpiration } : {}, + expiration: newExpiration + }; + }, "getExtendedInstanceMetadataCredentials"); + var staticStabilityProvider = /* @__PURE__ */ __name((provider, options = {}) => { + const logger = (options == null ? void 0 : options.logger) || console; + let pastCredentials; + return async () => { + let credentials; + try { + credentials = await provider(); + if (credentials.expiration && credentials.expiration.getTime() < Date.now()) { + credentials = getExtendedInstanceMetadataCredentials(credentials, logger); + } + } catch (e) { + if (pastCredentials) { + logger.warn("Credential renew failed: ", e); + credentials = getExtendedInstanceMetadataCredentials(pastCredentials, logger); + } else { + throw e; + } + } + pastCredentials = credentials; + return credentials; + }; + }, "staticStabilityProvider"); + var IMDS_PATH = "/latest/meta-data/iam/security-credentials/"; + var IMDS_TOKEN_PATH = "/latest/api/token"; + var AWS_EC2_METADATA_V1_DISABLED = "AWS_EC2_METADATA_V1_DISABLED"; + var PROFILE_AWS_EC2_METADATA_V1_DISABLED = "ec2_metadata_v1_disabled"; + var X_AWS_EC2_METADATA_TOKEN = "x-aws-ec2-metadata-token"; + var fromInstanceMetadata = /* @__PURE__ */ __name((init = {}) => staticStabilityProvider(getInstanceMetadataProvider(init), { logger: init.logger }), "fromInstanceMetadata"); + var getInstanceMetadataProvider = /* @__PURE__ */ __name((init = {}) => { + let disableFetchToken = false; + const { logger, profile } = init; + const { timeout, maxRetries } = providerConfigFromInit(init); + const getCredentials = /* @__PURE__ */ __name(async (maxRetries2, options) => { + var _a; + const isImdsV1Fallback = disableFetchToken || ((_a = options.headers) == null ? void 0 : _a[X_AWS_EC2_METADATA_TOKEN]) == null; + if (isImdsV1Fallback) { + let fallbackBlockedFromProfile = false; + let fallbackBlockedFromProcessEnv = false; + const configValue = await (0, import_node_config_provider.loadConfig)( + { + environmentVariableSelector: (env) => { + const envValue = env[AWS_EC2_METADATA_V1_DISABLED]; + fallbackBlockedFromProcessEnv = !!envValue && envValue !== "false"; + if (envValue === void 0) { + throw new import_property_provider2.CredentialsProviderError( + `${AWS_EC2_METADATA_V1_DISABLED} not set in env, checking config file next.`, + { logger: init.logger } + ); + } + return fallbackBlockedFromProcessEnv; + }, + configFileSelector: (profile2) => { + const profileValue = profile2[PROFILE_AWS_EC2_METADATA_V1_DISABLED]; + fallbackBlockedFromProfile = !!profileValue && profileValue !== "false"; + return fallbackBlockedFromProfile; + }, + default: false + }, + { + profile + } + )(); + if (init.ec2MetadataV1Disabled || configValue) { + const causes = []; + if (init.ec2MetadataV1Disabled) + causes.push("credential provider initialization (runtime option ec2MetadataV1Disabled)"); + if (fallbackBlockedFromProfile) + causes.push(`config file profile (${PROFILE_AWS_EC2_METADATA_V1_DISABLED})`); + if (fallbackBlockedFromProcessEnv) + causes.push(`process environment variable (${AWS_EC2_METADATA_V1_DISABLED})`); + throw new InstanceMetadataV1FallbackError( + `AWS EC2 Metadata v1 fallback has been blocked by AWS SDK configuration in the following: [${causes.join( + ", " + )}].` + ); + } + } + const imdsProfile = (await retry(async () => { + let profile2; + try { + profile2 = await getProfile(options); + } catch (err) { + if (err.statusCode === 401) { + disableFetchToken = false; + } + throw err; + } + return profile2; + }, maxRetries2)).trim(); + return retry(async () => { + let creds; + try { + creds = await getCredentialsFromProfile(imdsProfile, options, init); + } catch (err) { + if (err.statusCode === 401) { + disableFetchToken = false; + } + throw err; + } + return creds; + }, maxRetries2); + }, "getCredentials"); + return async () => { + const endpoint = await getInstanceMetadataEndpoint(); + if (disableFetchToken) { + logger == null ? void 0 : logger.debug("AWS SDK Instance Metadata", "using v1 fallback (no token fetch)"); + return getCredentials(maxRetries, { ...endpoint, timeout }); + } else { + let token; + try { + token = (await getMetadataToken({ ...endpoint, timeout })).toString(); + } catch (error) { + if ((error == null ? void 0 : error.statusCode) === 400) { + throw Object.assign(error, { + message: "EC2 Metadata token request returned error" + }); + } else if (error.message === "TimeoutError" || [403, 404, 405].includes(error.statusCode)) { + disableFetchToken = true; + } + logger == null ? void 0 : logger.debug("AWS SDK Instance Metadata", "using v1 fallback (initial)"); + return getCredentials(maxRetries, { ...endpoint, timeout }); + } + return getCredentials(maxRetries, { + ...endpoint, + headers: { + [X_AWS_EC2_METADATA_TOKEN]: token + }, + timeout + }); + } + }; + }, "getInstanceMetadataProvider"); + var getMetadataToken = /* @__PURE__ */ __name(async (options) => httpRequest({ + ...options, + path: IMDS_TOKEN_PATH, + method: "PUT", + headers: { + "x-aws-ec2-metadata-token-ttl-seconds": "21600" + } + }), "getMetadataToken"); + var getProfile = /* @__PURE__ */ __name(async (options) => (await httpRequest({ ...options, path: IMDS_PATH })).toString(), "getProfile"); + var getCredentialsFromProfile = /* @__PURE__ */ __name(async (profile, options, init) => { + const credentialsResponse = JSON.parse( + (await httpRequest({ + ...options, + path: IMDS_PATH + profile + })).toString() + ); + if (!isImdsCredentials(credentialsResponse)) { + throw new import_property_provider2.CredentialsProviderError("Invalid response received from instance metadata service.", { + logger: init.logger }); - this.name = "ExpiredTokenException"; - this.$fault = "client"; - Object.setPrototypeOf(this, _ExpiredTokenException2.prototype); - this.error = opts.error; - this.error_description = opts.error_description; } + return fromImdsCredentials(credentialsResponse); + }, "getCredentialsFromProfile"); + } +}); + +// ../../../node_modules/@smithy/util-defaults-mode-node/dist-cjs/index.js +var require_dist_cjs55 = __commonJS({ + "../../../node_modules/@smithy/util-defaults-mode-node/dist-cjs/index.js"(exports2, module2) { + var __create2 = Object.create; + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __getProtoOf2 = Object.getPrototypeOf; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); }; - __name(_ExpiredTokenException, "ExpiredTokenException"); - var ExpiredTokenException = _ExpiredTokenException; - var _InternalServerException = class _InternalServerException2 extends SSOOIDCServiceException { - /** - * @internal - */ - constructor(opts) { - super({ - name: "InternalServerException", - $fault: "server", - ...opts - }); - this.name = "InternalServerException"; - this.$fault = "server"; - Object.setPrototypeOf(this, _InternalServerException2.prototype); - this.error = opts.error; - this.error_description = opts.error_description; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); } + return to; }; - __name(_InternalServerException, "InternalServerException"); - var InternalServerException = _InternalServerException; - var _InvalidClientException = class _InvalidClientException2 extends SSOOIDCServiceException { - /** - * @internal - */ - constructor(opts) { - super({ - name: "InvalidClientException", - $fault: "client", - ...opts - }); - this.name = "InvalidClientException"; - this.$fault = "client"; - Object.setPrototypeOf(this, _InvalidClientException2.prototype); - this.error = opts.error; - this.error_description = opts.error_description; - } + var __toESM2 = (mod, isNodeMode, target) => (target = mod != null ? __create2(__getProtoOf2(mod)) : {}, __copyProps2( + // If the importer is in node compatibility mode or this is not an ESM + // file that has been converted to a CommonJS file using a Babel- + // compatible transform (i.e. "__esModule" has not been set), then set + // "default" to the CommonJS "module.exports" for node compatibility. + isNodeMode || !mod || !mod.__esModule ? __defProp2(target, "default", { value: mod, enumerable: true }) : target, + mod + )); + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + resolveDefaultsModeConfig: () => resolveDefaultsModeConfig + }); + module2.exports = __toCommonJS2(src_exports); + var import_config_resolver = require_dist_cjs11(); + var import_node_config_provider = require_dist_cjs28(); + var import_property_provider2 = require_dist_cjs53(); + var AWS_EXECUTION_ENV = "AWS_EXECUTION_ENV"; + var AWS_REGION_ENV = "AWS_REGION"; + var AWS_DEFAULT_REGION_ENV = "AWS_DEFAULT_REGION"; + var ENV_IMDS_DISABLED = "AWS_EC2_METADATA_DISABLED"; + var DEFAULTS_MODE_OPTIONS = ["in-region", "cross-region", "mobile", "standard", "legacy"]; + var IMDS_REGION_PATH = "/latest/meta-data/placement/region"; + var AWS_DEFAULTS_MODE_ENV = "AWS_DEFAULTS_MODE"; + var AWS_DEFAULTS_MODE_CONFIG = "defaults_mode"; + var NODE_DEFAULTS_MODE_CONFIG_OPTIONS = { + environmentVariableSelector: (env) => { + return env[AWS_DEFAULTS_MODE_ENV]; + }, + configFileSelector: (profile) => { + return profile[AWS_DEFAULTS_MODE_CONFIG]; + }, + default: "legacy" }; - __name(_InvalidClientException, "InvalidClientException"); - var InvalidClientException = _InvalidClientException; - var _InvalidGrantException = class _InvalidGrantException2 extends SSOOIDCServiceException { - /** - * @internal - */ - constructor(opts) { - super({ - name: "InvalidGrantException", - $fault: "client", - ...opts - }); - this.name = "InvalidGrantException"; - this.$fault = "client"; - Object.setPrototypeOf(this, _InvalidGrantException2.prototype); - this.error = opts.error; - this.error_description = opts.error_description; + var resolveDefaultsModeConfig = /* @__PURE__ */ __name(({ + region = (0, import_node_config_provider.loadConfig)(import_config_resolver.NODE_REGION_CONFIG_OPTIONS), + defaultsMode = (0, import_node_config_provider.loadConfig)(NODE_DEFAULTS_MODE_CONFIG_OPTIONS) + } = {}) => (0, import_property_provider2.memoize)(async () => { + const mode = typeof defaultsMode === "function" ? await defaultsMode() : defaultsMode; + switch (mode == null ? void 0 : mode.toLowerCase()) { + case "auto": + return resolveNodeDefaultsModeAuto(region); + case "in-region": + case "cross-region": + case "mobile": + case "standard": + case "legacy": + return Promise.resolve(mode == null ? void 0 : mode.toLocaleLowerCase()); + case void 0: + return Promise.resolve("legacy"); + default: + throw new Error( + `Invalid parameter for "defaultsMode", expect ${DEFAULTS_MODE_OPTIONS.join(", ")}, got ${mode}` + ); } - }; - __name(_InvalidGrantException, "InvalidGrantException"); - var InvalidGrantException = _InvalidGrantException; - var _InvalidRequestException = class _InvalidRequestException2 extends SSOOIDCServiceException { - /** - * @internal - */ - constructor(opts) { - super({ - name: "InvalidRequestException", - $fault: "client", - ...opts - }); - this.name = "InvalidRequestException"; - this.$fault = "client"; - Object.setPrototypeOf(this, _InvalidRequestException2.prototype); - this.error = opts.error; - this.error_description = opts.error_description; + }), "resolveDefaultsModeConfig"); + var resolveNodeDefaultsModeAuto = /* @__PURE__ */ __name(async (clientRegion) => { + if (clientRegion) { + const resolvedRegion = typeof clientRegion === "function" ? await clientRegion() : clientRegion; + const inferredRegion = await inferPhysicalRegion(); + if (!inferredRegion) { + return "standard"; + } + if (resolvedRegion === inferredRegion) { + return "in-region"; + } else { + return "cross-region"; + } } - }; - __name(_InvalidRequestException, "InvalidRequestException"); - var InvalidRequestException = _InvalidRequestException; - var _InvalidScopeException = class _InvalidScopeException2 extends SSOOIDCServiceException { - /** - * @internal - */ - constructor(opts) { - super({ - name: "InvalidScopeException", - $fault: "client", - ...opts - }); - this.name = "InvalidScopeException"; - this.$fault = "client"; - Object.setPrototypeOf(this, _InvalidScopeException2.prototype); - this.error = opts.error; - this.error_description = opts.error_description; + return "standard"; + }, "resolveNodeDefaultsModeAuto"); + var inferPhysicalRegion = /* @__PURE__ */ __name(async () => { + if (process.env[AWS_EXECUTION_ENV] && (process.env[AWS_REGION_ENV] || process.env[AWS_DEFAULT_REGION_ENV])) { + return process.env[AWS_REGION_ENV] ?? process.env[AWS_DEFAULT_REGION_ENV]; } - }; - __name(_InvalidScopeException, "InvalidScopeException"); - var InvalidScopeException = _InvalidScopeException; - var _SlowDownException = class _SlowDownException2 extends SSOOIDCServiceException { - /** - * @internal - */ - constructor(opts) { - super({ - name: "SlowDownException", - $fault: "client", - ...opts - }); - this.name = "SlowDownException"; - this.$fault = "client"; - Object.setPrototypeOf(this, _SlowDownException2.prototype); - this.error = opts.error; - this.error_description = opts.error_description; + if (!process.env[ENV_IMDS_DISABLED]) { + try { + const { getInstanceMetadataEndpoint, httpRequest } = await Promise.resolve().then(() => __toESM2(require_dist_cjs54())); + const endpoint = await getInstanceMetadataEndpoint(); + return (await httpRequest({ ...endpoint, path: IMDS_REGION_PATH })).toString(); + } catch (e) { + } } + }, "inferPhysicalRegion"); + } +}); + +// ../../../node_modules/@aws-sdk/client-sso/dist-cjs/runtimeConfig.js +var require_runtimeConfig = __commonJS({ + "../../../node_modules/@aws-sdk/client-sso/dist-cjs/runtimeConfig.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getRuntimeConfig = void 0; + var tslib_1 = (init_tslib_es6(), __toCommonJS(tslib_es6_exports)); + var package_json_1 = tslib_1.__importDefault(require_package2()); + var core_1 = (init_dist_es2(), __toCommonJS(dist_es_exports2)); + var util_user_agent_node_1 = require_dist_cjs49(); + var config_resolver_1 = require_dist_cjs11(); + var hash_node_1 = require_dist_cjs51(); + var middleware_retry_1 = require_dist_cjs38(); + var node_config_provider_1 = require_dist_cjs28(); + var node_http_handler_1 = require_dist_cjs20(); + var util_body_length_node_1 = require_dist_cjs52(); + var util_retry_1 = require_dist_cjs34(); + var runtimeConfig_shared_1 = require_runtimeConfig_shared(); + var smithy_client_1 = require_dist_cjs37(); + var util_defaults_mode_node_1 = require_dist_cjs55(); + var smithy_client_2 = require_dist_cjs37(); + var getRuntimeConfig = (config) => { + (0, smithy_client_2.emitWarningIfUnsupportedVersion)(process.version); + const defaultsMode = (0, util_defaults_mode_node_1.resolveDefaultsModeConfig)(config); + const defaultConfigProvider = () => defaultsMode().then(smithy_client_1.loadConfigsForDefaultMode); + const clientSharedValues = (0, runtimeConfig_shared_1.getRuntimeConfig)(config); + (0, core_1.emitWarningIfUnsupportedVersion)(process.version); + return { + ...clientSharedValues, + ...config, + runtime: "node", + defaultsMode, + bodyLengthChecker: config?.bodyLengthChecker ?? util_body_length_node_1.calculateBodyLength, + defaultUserAgentProvider: config?.defaultUserAgentProvider ?? (0, util_user_agent_node_1.defaultUserAgent)({ serviceId: clientSharedValues.serviceId, clientVersion: package_json_1.default.version }), + maxAttempts: config?.maxAttempts ?? (0, node_config_provider_1.loadConfig)(middleware_retry_1.NODE_MAX_ATTEMPT_CONFIG_OPTIONS), + region: config?.region ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_REGION_CONFIG_OPTIONS, config_resolver_1.NODE_REGION_CONFIG_FILE_OPTIONS), + requestHandler: node_http_handler_1.NodeHttpHandler.create(config?.requestHandler ?? defaultConfigProvider), + retryMode: config?.retryMode ?? (0, node_config_provider_1.loadConfig)({ + ...middleware_retry_1.NODE_RETRY_MODE_CONFIG_OPTIONS, + default: async () => (await defaultConfigProvider()).retryMode || util_retry_1.DEFAULT_RETRY_MODE + }), + sha256: config?.sha256 ?? hash_node_1.Hash.bind(null, "sha256"), + streamCollector: config?.streamCollector ?? node_http_handler_1.streamCollector, + useDualstackEndpoint: config?.useDualstackEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS), + useFipsEndpoint: config?.useFipsEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS) + }; }; - __name(_SlowDownException, "SlowDownException"); - var SlowDownException = _SlowDownException; - var _UnauthorizedClientException = class _UnauthorizedClientException2 extends SSOOIDCServiceException { - /** - * @internal - */ - constructor(opts) { - super({ - name: "UnauthorizedClientException", - $fault: "client", - ...opts - }); - this.name = "UnauthorizedClientException"; - this.$fault = "client"; - Object.setPrototypeOf(this, _UnauthorizedClientException2.prototype); - this.error = opts.error; - this.error_description = opts.error_description; + exports2.getRuntimeConfig = getRuntimeConfig; + } +}); + +// ../../../node_modules/@aws-sdk/region-config-resolver/dist-cjs/index.js +var require_dist_cjs56 = __commonJS({ + "../../../node_modules/@aws-sdk/region-config-resolver/dist-cjs/index.js"(exports2, module2) { + "use strict"; + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); + }; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); } + return to; }; - __name(_UnauthorizedClientException, "UnauthorizedClientException"); - var UnauthorizedClientException = _UnauthorizedClientException; - var _UnsupportedGrantTypeException = class _UnsupportedGrantTypeException2 extends SSOOIDCServiceException { - /** - * @internal - */ - constructor(opts) { - super({ - name: "UnsupportedGrantTypeException", - $fault: "client", - ...opts - }); - this.name = "UnsupportedGrantTypeException"; - this.$fault = "client"; - Object.setPrototypeOf(this, _UnsupportedGrantTypeException2.prototype); - this.error = opts.error; - this.error_description = opts.error_description; + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + NODE_REGION_CONFIG_FILE_OPTIONS: () => NODE_REGION_CONFIG_FILE_OPTIONS, + NODE_REGION_CONFIG_OPTIONS: () => NODE_REGION_CONFIG_OPTIONS, + REGION_ENV_NAME: () => REGION_ENV_NAME, + REGION_INI_NAME: () => REGION_INI_NAME, + getAwsRegionExtensionConfiguration: () => getAwsRegionExtensionConfiguration, + resolveAwsRegionExtensionConfiguration: () => resolveAwsRegionExtensionConfiguration, + resolveRegionConfig: () => resolveRegionConfig + }); + module2.exports = __toCommonJS2(src_exports); + var getAwsRegionExtensionConfiguration = /* @__PURE__ */ __name((runtimeConfig) => { + let runtimeConfigRegion = /* @__PURE__ */ __name(async () => { + if (runtimeConfig.region === void 0) { + throw new Error("Region is missing from runtimeConfig"); + } + const region = runtimeConfig.region; + if (typeof region === "string") { + return region; + } + return region(); + }, "runtimeConfigRegion"); + return { + setRegion(region) { + runtimeConfigRegion = region; + }, + region() { + return runtimeConfigRegion; + } + }; + }, "getAwsRegionExtensionConfiguration"); + var resolveAwsRegionExtensionConfiguration = /* @__PURE__ */ __name((awsRegionExtensionConfiguration) => { + return { + region: awsRegionExtensionConfiguration.region() + }; + }, "resolveAwsRegionExtensionConfiguration"); + var REGION_ENV_NAME = "AWS_REGION"; + var REGION_INI_NAME = "region"; + var NODE_REGION_CONFIG_OPTIONS = { + environmentVariableSelector: (env) => env[REGION_ENV_NAME], + configFileSelector: (profile) => profile[REGION_INI_NAME], + default: () => { + throw new Error("Region is missing"); } }; - __name(_UnsupportedGrantTypeException, "UnsupportedGrantTypeException"); - var UnsupportedGrantTypeException = _UnsupportedGrantTypeException; - var _InvalidRequestRegionException = class _InvalidRequestRegionException2 extends SSOOIDCServiceException { - /** - * @internal - */ - constructor(opts) { - super({ - name: "InvalidRequestRegionException", - $fault: "client", - ...opts - }); - this.name = "InvalidRequestRegionException"; - this.$fault = "client"; - Object.setPrototypeOf(this, _InvalidRequestRegionException2.prototype); - this.error = opts.error; - this.error_description = opts.error_description; - this.endpoint = opts.endpoint; - this.region = opts.region; - } + var NODE_REGION_CONFIG_FILE_OPTIONS = { + preferredFile: "credentials" }; - __name(_InvalidRequestRegionException, "InvalidRequestRegionException"); - var InvalidRequestRegionException = _InvalidRequestRegionException; - var _InvalidClientMetadataException = class _InvalidClientMetadataException2 extends SSOOIDCServiceException { - /** - * @internal - */ - constructor(opts) { - super({ - name: "InvalidClientMetadataException", - $fault: "client", - ...opts - }); - this.name = "InvalidClientMetadataException"; - this.$fault = "client"; - Object.setPrototypeOf(this, _InvalidClientMetadataException2.prototype); - this.error = opts.error; - this.error_description = opts.error_description; + var isFipsRegion = /* @__PURE__ */ __name((region) => typeof region === "string" && (region.startsWith("fips-") || region.endsWith("-fips")), "isFipsRegion"); + var getRealRegion = /* @__PURE__ */ __name((region) => isFipsRegion(region) ? ["fips-aws-global", "aws-fips"].includes(region) ? "us-east-1" : region.replace(/fips-(dkr-|prod-)?|-fips/, "") : region, "getRealRegion"); + var resolveRegionConfig = /* @__PURE__ */ __name((input) => { + const { region, useFipsEndpoint } = input; + if (!region) { + throw new Error("Region is missing"); } + return { + ...input, + region: async () => { + if (typeof region === "string") { + return getRealRegion(region); + } + const providedRegion = await region(); + return getRealRegion(providedRegion); + }, + useFipsEndpoint: async () => { + const providedRegion = typeof region === "string" ? region : await region(); + if (isFipsRegion(providedRegion)) { + return true; + } + return typeof useFipsEndpoint !== "function" ? Promise.resolve(!!useFipsEndpoint) : useFipsEndpoint(); + } + }; + }, "resolveRegionConfig"); + } +}); + +// ../../../node_modules/@aws-sdk/client-sso/dist-cjs/index.js +var require_dist_cjs57 = __commonJS({ + "../../../node_modules/@aws-sdk/client-sso/dist-cjs/index.js"(exports2, module2) { + "use strict"; + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); }; - __name(_InvalidClientMetadataException, "InvalidClientMetadataException"); - var InvalidClientMetadataException = _InvalidClientMetadataException; - var _InvalidRedirectUriException = class _InvalidRedirectUriException2 extends SSOOIDCServiceException { - /** - * @internal - */ - constructor(opts) { - super({ - name: "InvalidRedirectUriException", - $fault: "client", - ...opts - }); - this.name = "InvalidRedirectUriException"; - this.$fault = "client"; - Object.setPrototypeOf(this, _InvalidRedirectUriException2.prototype); - this.error = opts.error; - this.error_description = opts.error_description; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); } + return to; }; - __name(_InvalidRedirectUriException, "InvalidRedirectUriException"); - var InvalidRedirectUriException = _InvalidRedirectUriException; - var CreateTokenRequestFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ - ...obj, - ...obj.clientSecret && { clientSecret: import_smithy_client4.SENSITIVE_STRING }, - ...obj.refreshToken && { refreshToken: import_smithy_client4.SENSITIVE_STRING }, - ...obj.codeVerifier && { codeVerifier: import_smithy_client4.SENSITIVE_STRING } - }), "CreateTokenRequestFilterSensitiveLog"); - var CreateTokenResponseFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ - ...obj, - ...obj.accessToken && { accessToken: import_smithy_client4.SENSITIVE_STRING }, - ...obj.refreshToken && { refreshToken: import_smithy_client4.SENSITIVE_STRING }, - ...obj.idToken && { idToken: import_smithy_client4.SENSITIVE_STRING } - }), "CreateTokenResponseFilterSensitiveLog"); - var CreateTokenWithIAMRequestFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ - ...obj, - ...obj.refreshToken && { refreshToken: import_smithy_client4.SENSITIVE_STRING }, - ...obj.assertion && { assertion: import_smithy_client4.SENSITIVE_STRING }, - ...obj.subjectToken && { subjectToken: import_smithy_client4.SENSITIVE_STRING }, - ...obj.codeVerifier && { codeVerifier: import_smithy_client4.SENSITIVE_STRING } - }), "CreateTokenWithIAMRequestFilterSensitiveLog"); - var CreateTokenWithIAMResponseFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ - ...obj, - ...obj.accessToken && { accessToken: import_smithy_client4.SENSITIVE_STRING }, - ...obj.refreshToken && { refreshToken: import_smithy_client4.SENSITIVE_STRING }, - ...obj.idToken && { idToken: import_smithy_client4.SENSITIVE_STRING } - }), "CreateTokenWithIAMResponseFilterSensitiveLog"); - var RegisterClientResponseFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ - ...obj, - ...obj.clientSecret && { clientSecret: import_smithy_client4.SENSITIVE_STRING } - }), "RegisterClientResponseFilterSensitiveLog"); - var StartDeviceAuthorizationRequestFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ - ...obj, - ...obj.clientSecret && { clientSecret: import_smithy_client4.SENSITIVE_STRING } - }), "StartDeviceAuthorizationRequestFilterSensitiveLog"); - var import_core22 = (init_dist_es2(), __toCommonJS(dist_es_exports2)); - var se_CreateTokenCommand = /* @__PURE__ */ __name(async (input, context) => { - const b = (0, import_core3.requestBuilder)(input, context); - const headers = { - "content-type": "application/json" - }; - b.bp("/token"); - let body; - body = JSON.stringify( - (0, import_smithy_client4.take)(input, { - clientId: [], - clientSecret: [], - code: [], - codeVerifier: [], - deviceCode: [], - grantType: [], - redirectUri: [], - refreshToken: [], - scope: (_) => (0, import_smithy_client4._json)(_) - }) - ); - b.m("POST").h(headers).b(body); - return b.build(); - }, "se_CreateTokenCommand"); - var se_CreateTokenWithIAMCommand = /* @__PURE__ */ __name(async (input, context) => { - const b = (0, import_core3.requestBuilder)(input, context); - const headers = { - "content-type": "application/json" + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + GetRoleCredentialsCommand: () => GetRoleCredentialsCommand, + GetRoleCredentialsRequestFilterSensitiveLog: () => GetRoleCredentialsRequestFilterSensitiveLog, + GetRoleCredentialsResponseFilterSensitiveLog: () => GetRoleCredentialsResponseFilterSensitiveLog, + InvalidRequestException: () => InvalidRequestException, + ListAccountRolesCommand: () => ListAccountRolesCommand, + ListAccountRolesRequestFilterSensitiveLog: () => ListAccountRolesRequestFilterSensitiveLog, + ListAccountsCommand: () => ListAccountsCommand, + ListAccountsRequestFilterSensitiveLog: () => ListAccountsRequestFilterSensitiveLog, + LogoutCommand: () => LogoutCommand, + LogoutRequestFilterSensitiveLog: () => LogoutRequestFilterSensitiveLog, + ResourceNotFoundException: () => ResourceNotFoundException, + RoleCredentialsFilterSensitiveLog: () => RoleCredentialsFilterSensitiveLog, + SSO: () => SSO, + SSOClient: () => SSOClient, + SSOServiceException: () => SSOServiceException, + TooManyRequestsException: () => TooManyRequestsException, + UnauthorizedException: () => UnauthorizedException, + __Client: () => import_smithy_client4.Client, + paginateListAccountRoles: () => paginateListAccountRoles, + paginateListAccounts: () => paginateListAccounts + }); + module2.exports = __toCommonJS2(src_exports); + var import_middleware_host_header = require_dist_cjs3(); + var import_middleware_logger = require_dist_cjs4(); + var import_middleware_recursion_detection = require_dist_cjs5(); + var import_middleware_user_agent = require_dist_cjs8(); + var import_config_resolver = require_dist_cjs11(); + var import_core3 = (init_dist_es(), __toCommonJS(dist_es_exports)); + var import_middleware_content_length = require_dist_cjs25(); + var import_middleware_endpoint = require_dist_cjs32(); + var import_middleware_retry = require_dist_cjs38(); + var import_httpAuthSchemeProvider = require_httpAuthSchemeProvider2(); + var resolveClientEndpointParameters = /* @__PURE__ */ __name((options) => { + return { + ...options, + useDualstackEndpoint: options.useDualstackEndpoint ?? false, + useFipsEndpoint: options.useFipsEndpoint ?? false, + defaultSigningName: "awsssoportal" }; - b.bp("/token"); - const query = (0, import_smithy_client4.map)({ - [_ai]: [, "t"] - }); - let body; - body = JSON.stringify( - (0, import_smithy_client4.take)(input, { - assertion: [], - clientId: [], - code: [], - codeVerifier: [], - grantType: [], - redirectUri: [], - refreshToken: [], - requestedTokenType: [], - scope: (_) => (0, import_smithy_client4._json)(_), - subjectToken: [], - subjectTokenType: [] - }) - ); - b.m("POST").h(headers).q(query).b(body); - return b.build(); - }, "se_CreateTokenWithIAMCommand"); - var se_RegisterClientCommand = /* @__PURE__ */ __name(async (input, context) => { - const b = (0, import_core3.requestBuilder)(input, context); - const headers = { - "content-type": "application/json" + }, "resolveClientEndpointParameters"); + var commonParams = { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" } + }; + var import_runtimeConfig = require_runtimeConfig(); + var import_region_config_resolver = require_dist_cjs56(); + var import_protocol_http8 = require_dist_cjs2(); + var import_smithy_client4 = require_dist_cjs37(); + var getHttpAuthExtensionConfiguration = /* @__PURE__ */ __name((runtimeConfig) => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme) { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes() { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider) { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider() { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials) { + _credentials = credentials; + }, + credentials() { + return _credentials; + } }; - b.bp("/client/register"); - let body; - body = JSON.stringify( - (0, import_smithy_client4.take)(input, { - clientName: [], - clientType: [], - entitledApplicationArn: [], - grantTypes: (_) => (0, import_smithy_client4._json)(_), - issuerUrl: [], - redirectUris: (_) => (0, import_smithy_client4._json)(_), - scopes: (_) => (0, import_smithy_client4._json)(_) - }) - ); - b.m("POST").h(headers).b(body); - return b.build(); - }, "se_RegisterClientCommand"); - var se_StartDeviceAuthorizationCommand = /* @__PURE__ */ __name(async (input, context) => { - const b = (0, import_core3.requestBuilder)(input, context); - const headers = { - "content-type": "application/json" + }, "getHttpAuthExtensionConfiguration"); + var resolveHttpAuthRuntimeConfig = /* @__PURE__ */ __name((config) => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials() }; - b.bp("/device_authorization"); - let body; - body = JSON.stringify( - (0, import_smithy_client4.take)(input, { - clientId: [], - clientSecret: [], - startUrl: [] - }) - ); - b.m("POST").h(headers).b(body); - return b.build(); - }, "se_StartDeviceAuthorizationCommand"); - var de_CreateTokenCommand = /* @__PURE__ */ __name(async (output, context) => { - if (output.statusCode !== 200 && output.statusCode >= 300) { - return de_CommandError(output, context); + }, "resolveHttpAuthRuntimeConfig"); + var asPartial = /* @__PURE__ */ __name((t) => t, "asPartial"); + var resolveRuntimeExtensions = /* @__PURE__ */ __name((runtimeConfig, extensions) => { + const extensionConfiguration = { + ...asPartial((0, import_region_config_resolver.getAwsRegionExtensionConfiguration)(runtimeConfig)), + ...asPartial((0, import_smithy_client4.getDefaultExtensionConfiguration)(runtimeConfig)), + ...asPartial((0, import_protocol_http8.getHttpHandlerExtensionConfiguration)(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)) + }; + extensions.forEach((extension) => extension.configure(extensionConfiguration)); + return { + ...runtimeConfig, + ...(0, import_region_config_resolver.resolveAwsRegionExtensionConfiguration)(extensionConfiguration), + ...(0, import_smithy_client4.resolveDefaultRuntimeConfig)(extensionConfiguration), + ...(0, import_protocol_http8.resolveHttpHandlerRuntimeConfig)(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration) + }; + }, "resolveRuntimeExtensions"); + var _SSOClient = class _SSOClient extends import_smithy_client4.Client { + constructor(...[configuration]) { + const _config_0 = (0, import_runtimeConfig.getRuntimeConfig)(configuration || {}); + const _config_1 = resolveClientEndpointParameters(_config_0); + const _config_2 = (0, import_middleware_user_agent.resolveUserAgentConfig)(_config_1); + const _config_3 = (0, import_middleware_retry.resolveRetryConfig)(_config_2); + const _config_4 = (0, import_config_resolver.resolveRegionConfig)(_config_3); + const _config_5 = (0, import_middleware_host_header.resolveHostHeaderConfig)(_config_4); + const _config_6 = (0, import_middleware_endpoint.resolveEndpointConfig)(_config_5); + const _config_7 = (0, import_httpAuthSchemeProvider.resolveHttpAuthSchemeConfig)(_config_6); + const _config_8 = resolveRuntimeExtensions(_config_7, (configuration == null ? void 0 : configuration.extensions) || []); + super(_config_8); + this.config = _config_8; + this.middlewareStack.use((0, import_middleware_user_agent.getUserAgentPlugin)(this.config)); + this.middlewareStack.use((0, import_middleware_retry.getRetryPlugin)(this.config)); + this.middlewareStack.use((0, import_middleware_content_length.getContentLengthPlugin)(this.config)); + this.middlewareStack.use((0, import_middleware_host_header.getHostHeaderPlugin)(this.config)); + this.middlewareStack.use((0, import_middleware_logger.getLoggerPlugin)(this.config)); + this.middlewareStack.use((0, import_middleware_recursion_detection.getRecursionDetectionPlugin)(this.config)); + this.middlewareStack.use( + (0, import_core3.getHttpAuthSchemeEndpointRuleSetPlugin)(this.config, { + httpAuthSchemeParametersProvider: import_httpAuthSchemeProvider.defaultSSOHttpAuthSchemeParametersProvider, + identityProviderConfigProvider: async (config) => new import_core3.DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials + }) + }) + ); + this.middlewareStack.use((0, import_core3.getHttpSigningPlugin)(this.config)); } - const contents = (0, import_smithy_client4.map)({ - $metadata: deserializeMetadata(output) - }); - const data = (0, import_smithy_client4.expectNonNull)((0, import_smithy_client4.expectObject)(await (0, import_core22.parseJsonBody)(output.body, context)), "body"); - const doc = (0, import_smithy_client4.take)(data, { - accessToken: import_smithy_client4.expectString, - expiresIn: import_smithy_client4.expectInt32, - idToken: import_smithy_client4.expectString, - refreshToken: import_smithy_client4.expectString, - tokenType: import_smithy_client4.expectString - }); - Object.assign(contents, doc); - return contents; - }, "de_CreateTokenCommand"); - var de_CreateTokenWithIAMCommand = /* @__PURE__ */ __name(async (output, context) => { - if (output.statusCode !== 200 && output.statusCode >= 300) { - return de_CommandError(output, context); + /** + * Destroy underlying resources, like sockets. It's usually not necessary to do this. + * However in Node.js, it's best to explicitly shut down the client's agent when it is no longer needed. + * Otherwise, sockets might stay open for quite a long time before the server terminates them. + */ + destroy() { + super.destroy(); } - const contents = (0, import_smithy_client4.map)({ - $metadata: deserializeMetadata(output) - }); - const data = (0, import_smithy_client4.expectNonNull)((0, import_smithy_client4.expectObject)(await (0, import_core22.parseJsonBody)(output.body, context)), "body"); - const doc = (0, import_smithy_client4.take)(data, { - accessToken: import_smithy_client4.expectString, - expiresIn: import_smithy_client4.expectInt32, - idToken: import_smithy_client4.expectString, - issuedTokenType: import_smithy_client4.expectString, - refreshToken: import_smithy_client4.expectString, - scope: import_smithy_client4._json, - tokenType: import_smithy_client4.expectString - }); - Object.assign(contents, doc); - return contents; - }, "de_CreateTokenWithIAMCommand"); - var de_RegisterClientCommand = /* @__PURE__ */ __name(async (output, context) => { - if (output.statusCode !== 200 && output.statusCode >= 300) { - return de_CommandError(output, context); + }; + __name(_SSOClient, "SSOClient"); + var SSOClient = _SSOClient; + var import_middleware_serde2 = require_dist_cjs12(); + var _SSOServiceException = class _SSOServiceException2 extends import_smithy_client4.ServiceException { + /** + * @internal + */ + constructor(options) { + super(options); + Object.setPrototypeOf(this, _SSOServiceException2.prototype); } - const contents = (0, import_smithy_client4.map)({ - $metadata: deserializeMetadata(output) - }); - const data = (0, import_smithy_client4.expectNonNull)((0, import_smithy_client4.expectObject)(await (0, import_core22.parseJsonBody)(output.body, context)), "body"); - const doc = (0, import_smithy_client4.take)(data, { - authorizationEndpoint: import_smithy_client4.expectString, - clientId: import_smithy_client4.expectString, - clientIdIssuedAt: import_smithy_client4.expectLong, - clientSecret: import_smithy_client4.expectString, - clientSecretExpiresAt: import_smithy_client4.expectLong, - tokenEndpoint: import_smithy_client4.expectString - }); - Object.assign(contents, doc); - return contents; - }, "de_RegisterClientCommand"); - var de_StartDeviceAuthorizationCommand = /* @__PURE__ */ __name(async (output, context) => { - if (output.statusCode !== 200 && output.statusCode >= 300) { - return de_CommandError(output, context); + }; + __name(_SSOServiceException, "SSOServiceException"); + var SSOServiceException = _SSOServiceException; + var _InvalidRequestException = class _InvalidRequestException2 extends SSOServiceException { + /** + * @internal + */ + constructor(opts) { + super({ + name: "InvalidRequestException", + $fault: "client", + ...opts + }); + this.name = "InvalidRequestException"; + this.$fault = "client"; + Object.setPrototypeOf(this, _InvalidRequestException2.prototype); } - const contents = (0, import_smithy_client4.map)({ - $metadata: deserializeMetadata(output) - }); - const data = (0, import_smithy_client4.expectNonNull)((0, import_smithy_client4.expectObject)(await (0, import_core22.parseJsonBody)(output.body, context)), "body"); - const doc = (0, import_smithy_client4.take)(data, { - deviceCode: import_smithy_client4.expectString, - expiresIn: import_smithy_client4.expectInt32, - interval: import_smithy_client4.expectInt32, - userCode: import_smithy_client4.expectString, - verificationUri: import_smithy_client4.expectString, - verificationUriComplete: import_smithy_client4.expectString - }); - Object.assign(contents, doc); - return contents; - }, "de_StartDeviceAuthorizationCommand"); - var de_CommandError = /* @__PURE__ */ __name(async (output, context) => { - const parsedOutput = { - ...output, - body: await (0, import_core22.parseJsonErrorBody)(output.body, context) - }; - const errorCode = (0, import_core22.loadRestJsonErrorCode)(output, parsedOutput.body); - switch (errorCode) { - case "AccessDeniedException": - case "com.amazonaws.ssooidc#AccessDeniedException": - throw await de_AccessDeniedExceptionRes(parsedOutput, context); - case "AuthorizationPendingException": - case "com.amazonaws.ssooidc#AuthorizationPendingException": - throw await de_AuthorizationPendingExceptionRes(parsedOutput, context); - case "ExpiredTokenException": - case "com.amazonaws.ssooidc#ExpiredTokenException": - throw await de_ExpiredTokenExceptionRes(parsedOutput, context); - case "InternalServerException": - case "com.amazonaws.ssooidc#InternalServerException": - throw await de_InternalServerExceptionRes(parsedOutput, context); - case "InvalidClientException": - case "com.amazonaws.ssooidc#InvalidClientException": - throw await de_InvalidClientExceptionRes(parsedOutput, context); - case "InvalidGrantException": - case "com.amazonaws.ssooidc#InvalidGrantException": - throw await de_InvalidGrantExceptionRes(parsedOutput, context); + }; + __name(_InvalidRequestException, "InvalidRequestException"); + var InvalidRequestException = _InvalidRequestException; + var _ResourceNotFoundException = class _ResourceNotFoundException2 extends SSOServiceException { + /** + * @internal + */ + constructor(opts) { + super({ + name: "ResourceNotFoundException", + $fault: "client", + ...opts + }); + this.name = "ResourceNotFoundException"; + this.$fault = "client"; + Object.setPrototypeOf(this, _ResourceNotFoundException2.prototype); + } + }; + __name(_ResourceNotFoundException, "ResourceNotFoundException"); + var ResourceNotFoundException = _ResourceNotFoundException; + var _TooManyRequestsException = class _TooManyRequestsException2 extends SSOServiceException { + /** + * @internal + */ + constructor(opts) { + super({ + name: "TooManyRequestsException", + $fault: "client", + ...opts + }); + this.name = "TooManyRequestsException"; + this.$fault = "client"; + Object.setPrototypeOf(this, _TooManyRequestsException2.prototype); + } + }; + __name(_TooManyRequestsException, "TooManyRequestsException"); + var TooManyRequestsException = _TooManyRequestsException; + var _UnauthorizedException = class _UnauthorizedException2 extends SSOServiceException { + /** + * @internal + */ + constructor(opts) { + super({ + name: "UnauthorizedException", + $fault: "client", + ...opts + }); + this.name = "UnauthorizedException"; + this.$fault = "client"; + Object.setPrototypeOf(this, _UnauthorizedException2.prototype); + } + }; + __name(_UnauthorizedException, "UnauthorizedException"); + var UnauthorizedException = _UnauthorizedException; + var GetRoleCredentialsRequestFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ + ...obj, + ...obj.accessToken && { accessToken: import_smithy_client4.SENSITIVE_STRING } + }), "GetRoleCredentialsRequestFilterSensitiveLog"); + var RoleCredentialsFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ + ...obj, + ...obj.secretAccessKey && { secretAccessKey: import_smithy_client4.SENSITIVE_STRING }, + ...obj.sessionToken && { sessionToken: import_smithy_client4.SENSITIVE_STRING } + }), "RoleCredentialsFilterSensitiveLog"); + var GetRoleCredentialsResponseFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ + ...obj, + ...obj.roleCredentials && { roleCredentials: RoleCredentialsFilterSensitiveLog(obj.roleCredentials) } + }), "GetRoleCredentialsResponseFilterSensitiveLog"); + var ListAccountRolesRequestFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ + ...obj, + ...obj.accessToken && { accessToken: import_smithy_client4.SENSITIVE_STRING } + }), "ListAccountRolesRequestFilterSensitiveLog"); + var ListAccountsRequestFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ + ...obj, + ...obj.accessToken && { accessToken: import_smithy_client4.SENSITIVE_STRING } + }), "ListAccountsRequestFilterSensitiveLog"); + var LogoutRequestFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ + ...obj, + ...obj.accessToken && { accessToken: import_smithy_client4.SENSITIVE_STRING } + }), "LogoutRequestFilterSensitiveLog"); + var import_core22 = (init_dist_es2(), __toCommonJS(dist_es_exports2)); + var se_GetRoleCredentialsCommand = /* @__PURE__ */ __name(async (input, context) => { + const b = (0, import_core3.requestBuilder)(input, context); + const headers = (0, import_smithy_client4.map)({}, isSerializableHeaderValue, { + [_xasbt]: input[_aT] + }); + b.bp("/federation/credentials"); + const query = (0, import_smithy_client4.map)({ + [_rn]: [, (0, import_smithy_client4.expectNonNull)(input[_rN], `roleName`)], + [_ai]: [, (0, import_smithy_client4.expectNonNull)(input[_aI], `accountId`)] + }); + let body; + b.m("GET").h(headers).q(query).b(body); + return b.build(); + }, "se_GetRoleCredentialsCommand"); + var se_ListAccountRolesCommand = /* @__PURE__ */ __name(async (input, context) => { + const b = (0, import_core3.requestBuilder)(input, context); + const headers = (0, import_smithy_client4.map)({}, isSerializableHeaderValue, { + [_xasbt]: input[_aT] + }); + b.bp("/assignment/roles"); + const query = (0, import_smithy_client4.map)({ + [_nt]: [, input[_nT]], + [_mr]: [() => input.maxResults !== void 0, () => input[_mR].toString()], + [_ai]: [, (0, import_smithy_client4.expectNonNull)(input[_aI], `accountId`)] + }); + let body; + b.m("GET").h(headers).q(query).b(body); + return b.build(); + }, "se_ListAccountRolesCommand"); + var se_ListAccountsCommand = /* @__PURE__ */ __name(async (input, context) => { + const b = (0, import_core3.requestBuilder)(input, context); + const headers = (0, import_smithy_client4.map)({}, isSerializableHeaderValue, { + [_xasbt]: input[_aT] + }); + b.bp("/assignment/accounts"); + const query = (0, import_smithy_client4.map)({ + [_nt]: [, input[_nT]], + [_mr]: [() => input.maxResults !== void 0, () => input[_mR].toString()] + }); + let body; + b.m("GET").h(headers).q(query).b(body); + return b.build(); + }, "se_ListAccountsCommand"); + var se_LogoutCommand = /* @__PURE__ */ __name(async (input, context) => { + const b = (0, import_core3.requestBuilder)(input, context); + const headers = (0, import_smithy_client4.map)({}, isSerializableHeaderValue, { + [_xasbt]: input[_aT] + }); + b.bp("/logout"); + let body; + b.m("POST").h(headers).b(body); + return b.build(); + }, "se_LogoutCommand"); + var de_GetRoleCredentialsCommand = /* @__PURE__ */ __name(async (output, context) => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents = (0, import_smithy_client4.map)({ + $metadata: deserializeMetadata(output) + }); + const data = (0, import_smithy_client4.expectNonNull)((0, import_smithy_client4.expectObject)(await (0, import_core22.parseJsonBody)(output.body, context)), "body"); + const doc = (0, import_smithy_client4.take)(data, { + roleCredentials: import_smithy_client4._json + }); + Object.assign(contents, doc); + return contents; + }, "de_GetRoleCredentialsCommand"); + var de_ListAccountRolesCommand = /* @__PURE__ */ __name(async (output, context) => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents = (0, import_smithy_client4.map)({ + $metadata: deserializeMetadata(output) + }); + const data = (0, import_smithy_client4.expectNonNull)((0, import_smithy_client4.expectObject)(await (0, import_core22.parseJsonBody)(output.body, context)), "body"); + const doc = (0, import_smithy_client4.take)(data, { + nextToken: import_smithy_client4.expectString, + roleList: import_smithy_client4._json + }); + Object.assign(contents, doc); + return contents; + }, "de_ListAccountRolesCommand"); + var de_ListAccountsCommand = /* @__PURE__ */ __name(async (output, context) => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents = (0, import_smithy_client4.map)({ + $metadata: deserializeMetadata(output) + }); + const data = (0, import_smithy_client4.expectNonNull)((0, import_smithy_client4.expectObject)(await (0, import_core22.parseJsonBody)(output.body, context)), "body"); + const doc = (0, import_smithy_client4.take)(data, { + accountList: import_smithy_client4._json, + nextToken: import_smithy_client4.expectString + }); + Object.assign(contents, doc); + return contents; + }, "de_ListAccountsCommand"); + var de_LogoutCommand = /* @__PURE__ */ __name(async (output, context) => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents = (0, import_smithy_client4.map)({ + $metadata: deserializeMetadata(output) + }); + await (0, import_smithy_client4.collectBody)(output.body, context); + return contents; + }, "de_LogoutCommand"); + var de_CommandError = /* @__PURE__ */ __name(async (output, context) => { + const parsedOutput = { + ...output, + body: await (0, import_core22.parseJsonErrorBody)(output.body, context) + }; + const errorCode = (0, import_core22.loadRestJsonErrorCode)(output, parsedOutput.body); + switch (errorCode) { case "InvalidRequestException": - case "com.amazonaws.ssooidc#InvalidRequestException": + case "com.amazonaws.sso#InvalidRequestException": throw await de_InvalidRequestExceptionRes(parsedOutput, context); - case "InvalidScopeException": - case "com.amazonaws.ssooidc#InvalidScopeException": - throw await de_InvalidScopeExceptionRes(parsedOutput, context); - case "SlowDownException": - case "com.amazonaws.ssooidc#SlowDownException": - throw await de_SlowDownExceptionRes(parsedOutput, context); - case "UnauthorizedClientException": - case "com.amazonaws.ssooidc#UnauthorizedClientException": - throw await de_UnauthorizedClientExceptionRes(parsedOutput, context); - case "UnsupportedGrantTypeException": - case "com.amazonaws.ssooidc#UnsupportedGrantTypeException": - throw await de_UnsupportedGrantTypeExceptionRes(parsedOutput, context); - case "InvalidRequestRegionException": - case "com.amazonaws.ssooidc#InvalidRequestRegionException": - throw await de_InvalidRequestRegionExceptionRes(parsedOutput, context); - case "InvalidClientMetadataException": - case "com.amazonaws.ssooidc#InvalidClientMetadataException": - throw await de_InvalidClientMetadataExceptionRes(parsedOutput, context); - case "InvalidRedirectUriException": - case "com.amazonaws.ssooidc#InvalidRedirectUriException": - throw await de_InvalidRedirectUriExceptionRes(parsedOutput, context); + case "ResourceNotFoundException": + case "com.amazonaws.sso#ResourceNotFoundException": + throw await de_ResourceNotFoundExceptionRes(parsedOutput, context); + case "TooManyRequestsException": + case "com.amazonaws.sso#TooManyRequestsException": + throw await de_TooManyRequestsExceptionRes(parsedOutput, context); + case "UnauthorizedException": + case "com.amazonaws.sso#UnauthorizedException": + throw await de_UnauthorizedExceptionRes(parsedOutput, context); default: const parsedBody = parsedOutput.body; return throwDefaultError({ @@ -15149,279 +15991,2899 @@ var require_dist_cjs45 = __commonJS({ }); } }, "de_CommandError"); - var throwDefaultError = (0, import_smithy_client4.withBaseException)(SSOOIDCServiceException); - var de_AccessDeniedExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { + var throwDefaultError = (0, import_smithy_client4.withBaseException)(SSOServiceException); + var de_InvalidRequestExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { const contents = (0, import_smithy_client4.map)({}); const data = parsedOutput.body; const doc = (0, import_smithy_client4.take)(data, { - error: import_smithy_client4.expectString, - error_description: import_smithy_client4.expectString + message: import_smithy_client4.expectString }); Object.assign(contents, doc); - const exception = new AccessDeniedException({ + const exception = new InvalidRequestException({ $metadata: deserializeMetadata(parsedOutput), ...contents }); return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); - }, "de_AccessDeniedExceptionRes"); - var de_AuthorizationPendingExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { + }, "de_InvalidRequestExceptionRes"); + var de_ResourceNotFoundExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { const contents = (0, import_smithy_client4.map)({}); const data = parsedOutput.body; const doc = (0, import_smithy_client4.take)(data, { - error: import_smithy_client4.expectString, - error_description: import_smithy_client4.expectString + message: import_smithy_client4.expectString }); Object.assign(contents, doc); - const exception = new AuthorizationPendingException({ - $metadata: deserializeMetadata(parsedOutput), - ...contents - }); - return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); - }, "de_AuthorizationPendingExceptionRes"); - var de_ExpiredTokenExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { - const contents = (0, import_smithy_client4.map)({}); - const data = parsedOutput.body; - const doc = (0, import_smithy_client4.take)(data, { - error: import_smithy_client4.expectString, - error_description: import_smithy_client4.expectString - }); - Object.assign(contents, doc); - const exception = new ExpiredTokenException({ - $metadata: deserializeMetadata(parsedOutput), - ...contents - }); - return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); - }, "de_ExpiredTokenExceptionRes"); - var de_InternalServerExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { - const contents = (0, import_smithy_client4.map)({}); - const data = parsedOutput.body; - const doc = (0, import_smithy_client4.take)(data, { - error: import_smithy_client4.expectString, - error_description: import_smithy_client4.expectString - }); - Object.assign(contents, doc); - const exception = new InternalServerException({ - $metadata: deserializeMetadata(parsedOutput), - ...contents - }); - return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); - }, "de_InternalServerExceptionRes"); - var de_InvalidClientExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { - const contents = (0, import_smithy_client4.map)({}); - const data = parsedOutput.body; - const doc = (0, import_smithy_client4.take)(data, { - error: import_smithy_client4.expectString, - error_description: import_smithy_client4.expectString - }); - Object.assign(contents, doc); - const exception = new InvalidClientException({ - $metadata: deserializeMetadata(parsedOutput), - ...contents - }); - return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); - }, "de_InvalidClientExceptionRes"); - var de_InvalidClientMetadataExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { - const contents = (0, import_smithy_client4.map)({}); - const data = parsedOutput.body; - const doc = (0, import_smithy_client4.take)(data, { - error: import_smithy_client4.expectString, - error_description: import_smithy_client4.expectString - }); - Object.assign(contents, doc); - const exception = new InvalidClientMetadataException({ - $metadata: deserializeMetadata(parsedOutput), - ...contents - }); - return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); - }, "de_InvalidClientMetadataExceptionRes"); - var de_InvalidGrantExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { - const contents = (0, import_smithy_client4.map)({}); - const data = parsedOutput.body; - const doc = (0, import_smithy_client4.take)(data, { - error: import_smithy_client4.expectString, - error_description: import_smithy_client4.expectString - }); - Object.assign(contents, doc); - const exception = new InvalidGrantException({ - $metadata: deserializeMetadata(parsedOutput), - ...contents - }); - return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); - }, "de_InvalidGrantExceptionRes"); - var de_InvalidRedirectUriExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { - const contents = (0, import_smithy_client4.map)({}); - const data = parsedOutput.body; - const doc = (0, import_smithy_client4.take)(data, { - error: import_smithy_client4.expectString, - error_description: import_smithy_client4.expectString - }); - Object.assign(contents, doc); - const exception = new InvalidRedirectUriException({ - $metadata: deserializeMetadata(parsedOutput), - ...contents - }); - return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); - }, "de_InvalidRedirectUriExceptionRes"); - var de_InvalidRequestExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { - const contents = (0, import_smithy_client4.map)({}); - const data = parsedOutput.body; - const doc = (0, import_smithy_client4.take)(data, { - error: import_smithy_client4.expectString, - error_description: import_smithy_client4.expectString - }); - Object.assign(contents, doc); - const exception = new InvalidRequestException({ - $metadata: deserializeMetadata(parsedOutput), - ...contents - }); - return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); - }, "de_InvalidRequestExceptionRes"); - var de_InvalidRequestRegionExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { - const contents = (0, import_smithy_client4.map)({}); - const data = parsedOutput.body; - const doc = (0, import_smithy_client4.take)(data, { - endpoint: import_smithy_client4.expectString, - error: import_smithy_client4.expectString, - error_description: import_smithy_client4.expectString, - region: import_smithy_client4.expectString - }); - Object.assign(contents, doc); - const exception = new InvalidRequestRegionException({ - $metadata: deserializeMetadata(parsedOutput), - ...contents - }); - return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); - }, "de_InvalidRequestRegionExceptionRes"); - var de_InvalidScopeExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { - const contents = (0, import_smithy_client4.map)({}); - const data = parsedOutput.body; - const doc = (0, import_smithy_client4.take)(data, { - error: import_smithy_client4.expectString, - error_description: import_smithy_client4.expectString - }); - Object.assign(contents, doc); - const exception = new InvalidScopeException({ - $metadata: deserializeMetadata(parsedOutput), - ...contents - }); - return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); - }, "de_InvalidScopeExceptionRes"); - var de_SlowDownExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { - const contents = (0, import_smithy_client4.map)({}); - const data = parsedOutput.body; - const doc = (0, import_smithy_client4.take)(data, { - error: import_smithy_client4.expectString, - error_description: import_smithy_client4.expectString - }); - Object.assign(contents, doc); - const exception = new SlowDownException({ + const exception = new ResourceNotFoundException({ $metadata: deserializeMetadata(parsedOutput), ...contents }); return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); - }, "de_SlowDownExceptionRes"); - var de_UnauthorizedClientExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { + }, "de_ResourceNotFoundExceptionRes"); + var de_TooManyRequestsExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { const contents = (0, import_smithy_client4.map)({}); const data = parsedOutput.body; const doc = (0, import_smithy_client4.take)(data, { - error: import_smithy_client4.expectString, - error_description: import_smithy_client4.expectString + message: import_smithy_client4.expectString }); Object.assign(contents, doc); - const exception = new UnauthorizedClientException({ + const exception = new TooManyRequestsException({ $metadata: deserializeMetadata(parsedOutput), ...contents }); return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); - }, "de_UnauthorizedClientExceptionRes"); - var de_UnsupportedGrantTypeExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { + }, "de_TooManyRequestsExceptionRes"); + var de_UnauthorizedExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { const contents = (0, import_smithy_client4.map)({}); const data = parsedOutput.body; const doc = (0, import_smithy_client4.take)(data, { - error: import_smithy_client4.expectString, - error_description: import_smithy_client4.expectString + message: import_smithy_client4.expectString }); Object.assign(contents, doc); - const exception = new UnsupportedGrantTypeException({ + const exception = new UnauthorizedException({ $metadata: deserializeMetadata(parsedOutput), ...contents }); return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); - }, "de_UnsupportedGrantTypeExceptionRes"); + }, "de_UnauthorizedExceptionRes"); var deserializeMetadata = /* @__PURE__ */ __name((output) => ({ httpStatusCode: output.statusCode, requestId: output.headers["x-amzn-requestid"] ?? output.headers["x-amzn-request-id"] ?? output.headers["x-amz-request-id"], extendedRequestId: output.headers["x-amz-id-2"], cfId: output.headers["x-amz-cf-id"] }), "deserializeMetadata"); - var _ai = "aws_iam"; - var _CreateTokenCommand = class _CreateTokenCommand extends import_smithy_client4.Command.classBuilder().ep({ + var isSerializableHeaderValue = /* @__PURE__ */ __name((value) => value !== void 0 && value !== null && value !== "" && (!Object.getOwnPropertyNames(value).includes("length") || value.length != 0) && (!Object.getOwnPropertyNames(value).includes("size") || value.size != 0), "isSerializableHeaderValue"); + var _aI = "accountId"; + var _aT = "accessToken"; + var _ai = "account_id"; + var _mR = "maxResults"; + var _mr = "max_result"; + var _nT = "nextToken"; + var _nt = "next_token"; + var _rN = "roleName"; + var _rn = "role_name"; + var _xasbt = "x-amz-sso_bearer_token"; + var _GetRoleCredentialsCommand = class _GetRoleCredentialsCommand extends import_smithy_client4.Command.classBuilder().ep({ ...commonParams }).m(function(Command, cs, config, o) { return [ (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) ]; - }).s("AWSSSOOIDCService", "CreateToken", {}).n("SSOOIDCClient", "CreateTokenCommand").f(CreateTokenRequestFilterSensitiveLog, CreateTokenResponseFilterSensitiveLog).ser(se_CreateTokenCommand).de(de_CreateTokenCommand).build() { + }).s("SWBPortalService", "GetRoleCredentials", {}).n("SSOClient", "GetRoleCredentialsCommand").f(GetRoleCredentialsRequestFilterSensitiveLog, GetRoleCredentialsResponseFilterSensitiveLog).ser(se_GetRoleCredentialsCommand).de(de_GetRoleCredentialsCommand).build() { + }; + __name(_GetRoleCredentialsCommand, "GetRoleCredentialsCommand"); + var GetRoleCredentialsCommand = _GetRoleCredentialsCommand; + var _ListAccountRolesCommand = class _ListAccountRolesCommand extends import_smithy_client4.Command.classBuilder().ep({ + ...commonParams + }).m(function(Command, cs, config, o) { + return [ + (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), + (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) + ]; + }).s("SWBPortalService", "ListAccountRoles", {}).n("SSOClient", "ListAccountRolesCommand").f(ListAccountRolesRequestFilterSensitiveLog, void 0).ser(se_ListAccountRolesCommand).de(de_ListAccountRolesCommand).build() { + }; + __name(_ListAccountRolesCommand, "ListAccountRolesCommand"); + var ListAccountRolesCommand = _ListAccountRolesCommand; + var _ListAccountsCommand = class _ListAccountsCommand extends import_smithy_client4.Command.classBuilder().ep({ + ...commonParams + }).m(function(Command, cs, config, o) { + return [ + (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), + (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) + ]; + }).s("SWBPortalService", "ListAccounts", {}).n("SSOClient", "ListAccountsCommand").f(ListAccountsRequestFilterSensitiveLog, void 0).ser(se_ListAccountsCommand).de(de_ListAccountsCommand).build() { + }; + __name(_ListAccountsCommand, "ListAccountsCommand"); + var ListAccountsCommand = _ListAccountsCommand; + var _LogoutCommand = class _LogoutCommand extends import_smithy_client4.Command.classBuilder().ep({ + ...commonParams + }).m(function(Command, cs, config, o) { + return [ + (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), + (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) + ]; + }).s("SWBPortalService", "Logout", {}).n("SSOClient", "LogoutCommand").f(LogoutRequestFilterSensitiveLog, void 0).ser(se_LogoutCommand).de(de_LogoutCommand).build() { + }; + __name(_LogoutCommand, "LogoutCommand"); + var LogoutCommand = _LogoutCommand; + var commands = { + GetRoleCredentialsCommand, + ListAccountRolesCommand, + ListAccountsCommand, + LogoutCommand + }; + var _SSO = class _SSO extends SSOClient { + }; + __name(_SSO, "SSO"); + var SSO = _SSO; + (0, import_smithy_client4.createAggregatedClient)(commands, SSO); + var paginateListAccountRoles = (0, import_core3.createPaginator)(SSOClient, ListAccountRolesCommand, "nextToken", "nextToken", "maxResults"); + var paginateListAccounts = (0, import_core3.createPaginator)(SSOClient, ListAccountsCommand, "nextToken", "nextToken", "maxResults"); + } +}); + +// ../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/auth/httpAuthSchemeProvider.js +var require_httpAuthSchemeProvider3 = __commonJS({ + "../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/auth/httpAuthSchemeProvider.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.resolveHttpAuthSchemeConfig = exports2.defaultSSOOIDCHttpAuthSchemeProvider = exports2.defaultSSOOIDCHttpAuthSchemeParametersProvider = void 0; + var core_1 = (init_dist_es2(), __toCommonJS(dist_es_exports2)); + var util_middleware_1 = require_dist_cjs10(); + var defaultSSOOIDCHttpAuthSchemeParametersProvider = async (config, context, input) => { + return { + operation: (0, util_middleware_1.getSmithyContext)(context).operation, + region: await (0, util_middleware_1.normalizeProvider)(config.region)() || (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })() + }; + }; + exports2.defaultSSOOIDCHttpAuthSchemeParametersProvider = defaultSSOOIDCHttpAuthSchemeParametersProvider; + function createAwsAuthSigv4HttpAuthOption(authParameters) { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "sso-oauth", + region: authParameters.region + }, + propertiesExtractor: (config, context) => ({ + signingProperties: { + config, + context + } + }) + }; + } + function createSmithyApiNoAuthHttpAuthOption(authParameters) { + return { + schemeId: "smithy.api#noAuth" + }; + } + var defaultSSOOIDCHttpAuthSchemeProvider = (authParameters) => { + const options = []; + switch (authParameters.operation) { + case "CreateToken": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "RegisterClient": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "StartDeviceAuthorization": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; + }; + exports2.defaultSSOOIDCHttpAuthSchemeProvider = defaultSSOOIDCHttpAuthSchemeProvider; + var resolveHttpAuthSchemeConfig = (config) => { + const config_0 = (0, core_1.resolveAwsSdkSigV4Config)(config); + return { + ...config_0 + }; + }; + exports2.resolveHttpAuthSchemeConfig = resolveHttpAuthSchemeConfig; + } +}); + +// ../../../node_modules/@aws-sdk/client-sso-oidc/package.json +var require_package3 = __commonJS({ + "../../../node_modules/@aws-sdk/client-sso-oidc/package.json"(exports2, module2) { + module2.exports = { + name: "@aws-sdk/client-sso-oidc", + description: "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + version: "3.632.0", + scripts: { + build: "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'", + "build:cjs": "node ../../scripts/compilation/inline client-sso-oidc", + "build:es": "tsc -p tsconfig.es.json", + "build:include:deps": "lerna run --scope $npm_package_name --include-dependencies build", + "build:types": "tsc -p tsconfig.types.json", + "build:types:downlevel": "downlevel-dts dist-types dist-types/ts3.4", + clean: "rimraf ./dist-* && rimraf *.tsbuildinfo", + "extract:docs": "api-extractor run --local", + "generate:client": "node ../../scripts/generate-clients/single-service --solo sso-oidc" + }, + main: "./dist-cjs/index.js", + types: "./dist-types/index.d.ts", + module: "./dist-es/index.js", + sideEffects: false, + dependencies: { + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/core": "3.629.0", + "@aws-sdk/credential-provider-node": "3.632.0", + "@aws-sdk/middleware-host-header": "3.620.0", + "@aws-sdk/middleware-logger": "3.609.0", + "@aws-sdk/middleware-recursion-detection": "3.620.0", + "@aws-sdk/middleware-user-agent": "3.632.0", + "@aws-sdk/region-config-resolver": "3.614.0", + "@aws-sdk/types": "3.609.0", + "@aws-sdk/util-endpoints": "3.632.0", + "@aws-sdk/util-user-agent-browser": "3.609.0", + "@aws-sdk/util-user-agent-node": "3.614.0", + "@smithy/config-resolver": "^3.0.5", + "@smithy/core": "^2.3.2", + "@smithy/fetch-http-handler": "^3.2.4", + "@smithy/hash-node": "^3.0.3", + "@smithy/invalid-dependency": "^3.0.3", + "@smithy/middleware-content-length": "^3.0.5", + "@smithy/middleware-endpoint": "^3.1.0", + "@smithy/middleware-retry": "^3.0.14", + "@smithy/middleware-serde": "^3.0.3", + "@smithy/middleware-stack": "^3.0.3", + "@smithy/node-config-provider": "^3.1.4", + "@smithy/node-http-handler": "^3.1.4", + "@smithy/protocol-http": "^4.1.0", + "@smithy/smithy-client": "^3.1.12", + "@smithy/types": "^3.3.0", + "@smithy/url-parser": "^3.0.3", + "@smithy/util-base64": "^3.0.0", + "@smithy/util-body-length-browser": "^3.0.0", + "@smithy/util-body-length-node": "^3.0.0", + "@smithy/util-defaults-mode-browser": "^3.0.14", + "@smithy/util-defaults-mode-node": "^3.0.14", + "@smithy/util-endpoints": "^2.0.5", + "@smithy/util-middleware": "^3.0.3", + "@smithy/util-retry": "^3.0.3", + "@smithy/util-utf8": "^3.0.0", + tslib: "^2.6.2" + }, + devDependencies: { + "@tsconfig/node16": "16.1.3", + "@types/node": "^16.18.96", + concurrently: "7.0.0", + "downlevel-dts": "0.10.1", + rimraf: "3.0.2", + typescript: "~4.9.5" + }, + engines: { + node: ">=16.0.0" + }, + typesVersions: { + "<4.0": { + "dist-types/*": [ + "dist-types/ts3.4/*" + ] + } + }, + files: [ + "dist-*/**" + ], + author: { + name: "AWS SDK for JavaScript Team", + url: "https://aws.amazon.com/javascript/" + }, + license: "Apache-2.0", + peerDependencies: { + "@aws-sdk/client-sts": "^3.632.0" + }, + browser: { + "./dist-es/runtimeConfig": "./dist-es/runtimeConfig.browser" + }, + "react-native": { + "./dist-es/runtimeConfig": "./dist-es/runtimeConfig.native" + }, + homepage: "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + repository: { + type: "git", + url: "https://github.com/aws/aws-sdk-js-v3.git", + directory: "clients/client-sso-oidc" + } + }; + } +}); + +// ../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/endpoint/ruleset.js +var require_ruleset2 = __commonJS({ + "../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/endpoint/ruleset.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.ruleSet = void 0; + var u = "required"; + var v = "fn"; + var w = "argv"; + var x = "ref"; + var a = true; + var b = "isSet"; + var c = "booleanEquals"; + var d = "error"; + var e = "endpoint"; + var f = "tree"; + var g = "PartitionResult"; + var h = "getAttr"; + var i = { [u]: false, "type": "String" }; + var j = { [u]: true, "default": false, "type": "Boolean" }; + var k = { [x]: "Endpoint" }; + var l = { [v]: c, [w]: [{ [x]: "UseFIPS" }, true] }; + var m = { [v]: c, [w]: [{ [x]: "UseDualStack" }, true] }; + var n = {}; + var o = { [v]: h, [w]: [{ [x]: g }, "supportsFIPS"] }; + var p = { [x]: g }; + var q = { [v]: c, [w]: [true, { [v]: h, [w]: [p, "supportsDualStack"] }] }; + var r = [l]; + var s = [m]; + var t = [{ [x]: "Region" }]; + var _data = { version: "1.0", parameters: { Region: i, UseDualStack: j, UseFIPS: j, Endpoint: i }, rules: [{ conditions: [{ [v]: b, [w]: [k] }], rules: [{ conditions: r, error: "Invalid Configuration: FIPS and custom endpoint are not supported", type: d }, { conditions: s, error: "Invalid Configuration: Dualstack and custom endpoint are not supported", type: d }, { endpoint: { url: k, properties: n, headers: n }, type: e }], type: f }, { conditions: [{ [v]: b, [w]: t }], rules: [{ conditions: [{ [v]: "aws.partition", [w]: t, assign: g }], rules: [{ conditions: [l, m], rules: [{ conditions: [{ [v]: c, [w]: [a, o] }, q], rules: [{ endpoint: { url: "https://oidc-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "FIPS and DualStack are enabled, but this partition does not support one or both", type: d }], type: f }, { conditions: r, rules: [{ conditions: [{ [v]: c, [w]: [o, a] }], rules: [{ conditions: [{ [v]: "stringEquals", [w]: [{ [v]: h, [w]: [p, "name"] }, "aws-us-gov"] }], endpoint: { url: "https://oidc.{Region}.amazonaws.com", properties: n, headers: n }, type: e }, { endpoint: { url: "https://oidc-fips.{Region}.{PartitionResult#dnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "FIPS is enabled but this partition does not support FIPS", type: d }], type: f }, { conditions: s, rules: [{ conditions: [q], rules: [{ endpoint: { url: "https://oidc.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "DualStack is enabled but this partition does not support DualStack", type: d }], type: f }, { endpoint: { url: "https://oidc.{Region}.{PartitionResult#dnsSuffix}", properties: n, headers: n }, type: e }], type: f }], type: f }, { error: "Invalid Configuration: Missing Region", type: d }] }; + exports2.ruleSet = _data; + } +}); + +// ../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/endpoint/endpointResolver.js +var require_endpointResolver2 = __commonJS({ + "../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/endpoint/endpointResolver.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.defaultEndpointResolver = void 0; + var util_endpoints_1 = require_dist_cjs7(); + var util_endpoints_2 = require_dist_cjs6(); + var ruleset_1 = require_ruleset2(); + var defaultEndpointResolver = (endpointParams, context = {}) => { + return (0, util_endpoints_2.resolveEndpoint)(ruleset_1.ruleSet, { + endpointParams, + logger: context.logger + }); + }; + exports2.defaultEndpointResolver = defaultEndpointResolver; + util_endpoints_2.customEndpointFunctions.aws = util_endpoints_1.awsEndpointFunctions; + } +}); + +// ../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/runtimeConfig.shared.js +var require_runtimeConfig_shared2 = __commonJS({ + "../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/runtimeConfig.shared.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getRuntimeConfig = void 0; + var core_1 = (init_dist_es2(), __toCommonJS(dist_es_exports2)); + var core_2 = (init_dist_es(), __toCommonJS(dist_es_exports)); + var smithy_client_1 = require_dist_cjs37(); + var url_parser_1 = require_dist_cjs31(); + var util_base64_1 = require_dist_cjs17(); + var util_utf8_1 = require_dist_cjs16(); + var httpAuthSchemeProvider_1 = require_httpAuthSchemeProvider3(); + var endpointResolver_1 = require_endpointResolver2(); + var getRuntimeConfig = (config) => { + return { + apiVersion: "2019-06-10", + base64Decoder: config?.base64Decoder ?? util_base64_1.fromBase64, + base64Encoder: config?.base64Encoder ?? util_base64_1.toBase64, + disableHostPrefix: config?.disableHostPrefix ?? false, + endpointProvider: config?.endpointProvider ?? endpointResolver_1.defaultEndpointResolver, + extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? httpAuthSchemeProvider_1.defaultSSOOIDCHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new core_1.AwsSdkSigV4Signer() + }, + { + schemeId: "smithy.api#noAuth", + identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})), + signer: new core_2.NoAuthSigner() + } + ], + logger: config?.logger ?? new smithy_client_1.NoOpLogger(), + serviceId: config?.serviceId ?? "SSO OIDC", + urlParser: config?.urlParser ?? url_parser_1.parseUrl, + utf8Decoder: config?.utf8Decoder ?? util_utf8_1.fromUtf8, + utf8Encoder: config?.utf8Encoder ?? util_utf8_1.toUtf8 + }; + }; + exports2.getRuntimeConfig = getRuntimeConfig; + } +}); + +// ../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/runtimeConfig.js +var require_runtimeConfig2 = __commonJS({ + "../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/runtimeConfig.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getRuntimeConfig = void 0; + var tslib_1 = (init_tslib_es6(), __toCommonJS(tslib_es6_exports)); + var package_json_1 = tslib_1.__importDefault(require_package3()); + var core_1 = (init_dist_es2(), __toCommonJS(dist_es_exports2)); + var credential_provider_node_1 = require_dist_cjs75(); + var util_user_agent_node_1 = require_dist_cjs49(); + var config_resolver_1 = require_dist_cjs11(); + var hash_node_1 = require_dist_cjs51(); + var middleware_retry_1 = require_dist_cjs38(); + var node_config_provider_1 = require_dist_cjs28(); + var node_http_handler_1 = require_dist_cjs20(); + var util_body_length_node_1 = require_dist_cjs52(); + var util_retry_1 = require_dist_cjs34(); + var runtimeConfig_shared_1 = require_runtimeConfig_shared2(); + var smithy_client_1 = require_dist_cjs37(); + var util_defaults_mode_node_1 = require_dist_cjs55(); + var smithy_client_2 = require_dist_cjs37(); + var getRuntimeConfig = (config) => { + (0, smithy_client_2.emitWarningIfUnsupportedVersion)(process.version); + const defaultsMode = (0, util_defaults_mode_node_1.resolveDefaultsModeConfig)(config); + const defaultConfigProvider = () => defaultsMode().then(smithy_client_1.loadConfigsForDefaultMode); + const clientSharedValues = (0, runtimeConfig_shared_1.getRuntimeConfig)(config); + (0, core_1.emitWarningIfUnsupportedVersion)(process.version); + return { + ...clientSharedValues, + ...config, + runtime: "node", + defaultsMode, + bodyLengthChecker: config?.bodyLengthChecker ?? util_body_length_node_1.calculateBodyLength, + credentialDefaultProvider: config?.credentialDefaultProvider ?? credential_provider_node_1.defaultProvider, + defaultUserAgentProvider: config?.defaultUserAgentProvider ?? (0, util_user_agent_node_1.defaultUserAgent)({ serviceId: clientSharedValues.serviceId, clientVersion: package_json_1.default.version }), + maxAttempts: config?.maxAttempts ?? (0, node_config_provider_1.loadConfig)(middleware_retry_1.NODE_MAX_ATTEMPT_CONFIG_OPTIONS), + region: config?.region ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_REGION_CONFIG_OPTIONS, config_resolver_1.NODE_REGION_CONFIG_FILE_OPTIONS), + requestHandler: node_http_handler_1.NodeHttpHandler.create(config?.requestHandler ?? defaultConfigProvider), + retryMode: config?.retryMode ?? (0, node_config_provider_1.loadConfig)({ + ...middleware_retry_1.NODE_RETRY_MODE_CONFIG_OPTIONS, + default: async () => (await defaultConfigProvider()).retryMode || util_retry_1.DEFAULT_RETRY_MODE + }), + sha256: config?.sha256 ?? hash_node_1.Hash.bind(null, "sha256"), + streamCollector: config?.streamCollector ?? node_http_handler_1.streamCollector, + useDualstackEndpoint: config?.useDualstackEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS), + useFipsEndpoint: config?.useFipsEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS) + }; + }; + exports2.getRuntimeConfig = getRuntimeConfig; + } +}); + +// ../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/index.js +var require_dist_cjs58 = __commonJS({ + "../../../node_modules/@aws-sdk/client-sso-oidc/dist-cjs/index.js"(exports2, module2) { + "use strict"; + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); + }; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; + }; + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + AccessDeniedException: () => AccessDeniedException, + AuthorizationPendingException: () => AuthorizationPendingException, + CreateTokenCommand: () => CreateTokenCommand, + CreateTokenRequestFilterSensitiveLog: () => CreateTokenRequestFilterSensitiveLog, + CreateTokenResponseFilterSensitiveLog: () => CreateTokenResponseFilterSensitiveLog, + CreateTokenWithIAMCommand: () => CreateTokenWithIAMCommand, + CreateTokenWithIAMRequestFilterSensitiveLog: () => CreateTokenWithIAMRequestFilterSensitiveLog, + CreateTokenWithIAMResponseFilterSensitiveLog: () => CreateTokenWithIAMResponseFilterSensitiveLog, + ExpiredTokenException: () => ExpiredTokenException, + InternalServerException: () => InternalServerException, + InvalidClientException: () => InvalidClientException, + InvalidClientMetadataException: () => InvalidClientMetadataException, + InvalidGrantException: () => InvalidGrantException, + InvalidRedirectUriException: () => InvalidRedirectUriException, + InvalidRequestException: () => InvalidRequestException, + InvalidRequestRegionException: () => InvalidRequestRegionException, + InvalidScopeException: () => InvalidScopeException, + RegisterClientCommand: () => RegisterClientCommand, + RegisterClientResponseFilterSensitiveLog: () => RegisterClientResponseFilterSensitiveLog, + SSOOIDC: () => SSOOIDC, + SSOOIDCClient: () => SSOOIDCClient, + SSOOIDCServiceException: () => SSOOIDCServiceException, + SlowDownException: () => SlowDownException, + StartDeviceAuthorizationCommand: () => StartDeviceAuthorizationCommand, + StartDeviceAuthorizationRequestFilterSensitiveLog: () => StartDeviceAuthorizationRequestFilterSensitiveLog, + UnauthorizedClientException: () => UnauthorizedClientException, + UnsupportedGrantTypeException: () => UnsupportedGrantTypeException, + __Client: () => import_smithy_client4.Client + }); + module2.exports = __toCommonJS2(src_exports); + var import_middleware_host_header = require_dist_cjs3(); + var import_middleware_logger = require_dist_cjs4(); + var import_middleware_recursion_detection = require_dist_cjs5(); + var import_middleware_user_agent = require_dist_cjs8(); + var import_config_resolver = require_dist_cjs11(); + var import_core3 = (init_dist_es(), __toCommonJS(dist_es_exports)); + var import_middleware_content_length = require_dist_cjs25(); + var import_middleware_endpoint = require_dist_cjs32(); + var import_middleware_retry = require_dist_cjs38(); + var import_httpAuthSchemeProvider = require_httpAuthSchemeProvider3(); + var resolveClientEndpointParameters = /* @__PURE__ */ __name((options) => { + return { + ...options, + useDualstackEndpoint: options.useDualstackEndpoint ?? false, + useFipsEndpoint: options.useFipsEndpoint ?? false, + defaultSigningName: "sso-oauth" + }; + }, "resolveClientEndpointParameters"); + var commonParams = { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" } + }; + var import_runtimeConfig = require_runtimeConfig2(); + var import_region_config_resolver = require_dist_cjs56(); + var import_protocol_http8 = require_dist_cjs2(); + var import_smithy_client4 = require_dist_cjs37(); + var getHttpAuthExtensionConfiguration = /* @__PURE__ */ __name((runtimeConfig) => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme) { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes() { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider) { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider() { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials) { + _credentials = credentials; + }, + credentials() { + return _credentials; + } + }; + }, "getHttpAuthExtensionConfiguration"); + var resolveHttpAuthRuntimeConfig = /* @__PURE__ */ __name((config) => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials() + }; + }, "resolveHttpAuthRuntimeConfig"); + var asPartial = /* @__PURE__ */ __name((t) => t, "asPartial"); + var resolveRuntimeExtensions = /* @__PURE__ */ __name((runtimeConfig, extensions) => { + const extensionConfiguration = { + ...asPartial((0, import_region_config_resolver.getAwsRegionExtensionConfiguration)(runtimeConfig)), + ...asPartial((0, import_smithy_client4.getDefaultExtensionConfiguration)(runtimeConfig)), + ...asPartial((0, import_protocol_http8.getHttpHandlerExtensionConfiguration)(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)) + }; + extensions.forEach((extension) => extension.configure(extensionConfiguration)); + return { + ...runtimeConfig, + ...(0, import_region_config_resolver.resolveAwsRegionExtensionConfiguration)(extensionConfiguration), + ...(0, import_smithy_client4.resolveDefaultRuntimeConfig)(extensionConfiguration), + ...(0, import_protocol_http8.resolveHttpHandlerRuntimeConfig)(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration) + }; + }, "resolveRuntimeExtensions"); + var _SSOOIDCClient = class _SSOOIDCClient extends import_smithy_client4.Client { + constructor(...[configuration]) { + const _config_0 = (0, import_runtimeConfig.getRuntimeConfig)(configuration || {}); + const _config_1 = resolveClientEndpointParameters(_config_0); + const _config_2 = (0, import_middleware_user_agent.resolveUserAgentConfig)(_config_1); + const _config_3 = (0, import_middleware_retry.resolveRetryConfig)(_config_2); + const _config_4 = (0, import_config_resolver.resolveRegionConfig)(_config_3); + const _config_5 = (0, import_middleware_host_header.resolveHostHeaderConfig)(_config_4); + const _config_6 = (0, import_middleware_endpoint.resolveEndpointConfig)(_config_5); + const _config_7 = (0, import_httpAuthSchemeProvider.resolveHttpAuthSchemeConfig)(_config_6); + const _config_8 = resolveRuntimeExtensions(_config_7, (configuration == null ? void 0 : configuration.extensions) || []); + super(_config_8); + this.config = _config_8; + this.middlewareStack.use((0, import_middleware_user_agent.getUserAgentPlugin)(this.config)); + this.middlewareStack.use((0, import_middleware_retry.getRetryPlugin)(this.config)); + this.middlewareStack.use((0, import_middleware_content_length.getContentLengthPlugin)(this.config)); + this.middlewareStack.use((0, import_middleware_host_header.getHostHeaderPlugin)(this.config)); + this.middlewareStack.use((0, import_middleware_logger.getLoggerPlugin)(this.config)); + this.middlewareStack.use((0, import_middleware_recursion_detection.getRecursionDetectionPlugin)(this.config)); + this.middlewareStack.use( + (0, import_core3.getHttpAuthSchemeEndpointRuleSetPlugin)(this.config, { + httpAuthSchemeParametersProvider: import_httpAuthSchemeProvider.defaultSSOOIDCHttpAuthSchemeParametersProvider, + identityProviderConfigProvider: async (config) => new import_core3.DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials + }) + }) + ); + this.middlewareStack.use((0, import_core3.getHttpSigningPlugin)(this.config)); + } + /** + * Destroy underlying resources, like sockets. It's usually not necessary to do this. + * However in Node.js, it's best to explicitly shut down the client's agent when it is no longer needed. + * Otherwise, sockets might stay open for quite a long time before the server terminates them. + */ + destroy() { + super.destroy(); + } + }; + __name(_SSOOIDCClient, "SSOOIDCClient"); + var SSOOIDCClient = _SSOOIDCClient; + var import_middleware_serde2 = require_dist_cjs12(); + var _SSOOIDCServiceException = class _SSOOIDCServiceException2 extends import_smithy_client4.ServiceException { + /** + * @internal + */ + constructor(options) { + super(options); + Object.setPrototypeOf(this, _SSOOIDCServiceException2.prototype); + } + }; + __name(_SSOOIDCServiceException, "SSOOIDCServiceException"); + var SSOOIDCServiceException = _SSOOIDCServiceException; + var _AccessDeniedException = class _AccessDeniedException2 extends SSOOIDCServiceException { + /** + * @internal + */ + constructor(opts) { + super({ + name: "AccessDeniedException", + $fault: "client", + ...opts + }); + this.name = "AccessDeniedException"; + this.$fault = "client"; + Object.setPrototypeOf(this, _AccessDeniedException2.prototype); + this.error = opts.error; + this.error_description = opts.error_description; + } + }; + __name(_AccessDeniedException, "AccessDeniedException"); + var AccessDeniedException = _AccessDeniedException; + var _AuthorizationPendingException = class _AuthorizationPendingException2 extends SSOOIDCServiceException { + /** + * @internal + */ + constructor(opts) { + super({ + name: "AuthorizationPendingException", + $fault: "client", + ...opts + }); + this.name = "AuthorizationPendingException"; + this.$fault = "client"; + Object.setPrototypeOf(this, _AuthorizationPendingException2.prototype); + this.error = opts.error; + this.error_description = opts.error_description; + } + }; + __name(_AuthorizationPendingException, "AuthorizationPendingException"); + var AuthorizationPendingException = _AuthorizationPendingException; + var _ExpiredTokenException = class _ExpiredTokenException2 extends SSOOIDCServiceException { + /** + * @internal + */ + constructor(opts) { + super({ + name: "ExpiredTokenException", + $fault: "client", + ...opts + }); + this.name = "ExpiredTokenException"; + this.$fault = "client"; + Object.setPrototypeOf(this, _ExpiredTokenException2.prototype); + this.error = opts.error; + this.error_description = opts.error_description; + } + }; + __name(_ExpiredTokenException, "ExpiredTokenException"); + var ExpiredTokenException = _ExpiredTokenException; + var _InternalServerException = class _InternalServerException2 extends SSOOIDCServiceException { + /** + * @internal + */ + constructor(opts) { + super({ + name: "InternalServerException", + $fault: "server", + ...opts + }); + this.name = "InternalServerException"; + this.$fault = "server"; + Object.setPrototypeOf(this, _InternalServerException2.prototype); + this.error = opts.error; + this.error_description = opts.error_description; + } + }; + __name(_InternalServerException, "InternalServerException"); + var InternalServerException = _InternalServerException; + var _InvalidClientException = class _InvalidClientException2 extends SSOOIDCServiceException { + /** + * @internal + */ + constructor(opts) { + super({ + name: "InvalidClientException", + $fault: "client", + ...opts + }); + this.name = "InvalidClientException"; + this.$fault = "client"; + Object.setPrototypeOf(this, _InvalidClientException2.prototype); + this.error = opts.error; + this.error_description = opts.error_description; + } + }; + __name(_InvalidClientException, "InvalidClientException"); + var InvalidClientException = _InvalidClientException; + var _InvalidGrantException = class _InvalidGrantException2 extends SSOOIDCServiceException { + /** + * @internal + */ + constructor(opts) { + super({ + name: "InvalidGrantException", + $fault: "client", + ...opts + }); + this.name = "InvalidGrantException"; + this.$fault = "client"; + Object.setPrototypeOf(this, _InvalidGrantException2.prototype); + this.error = opts.error; + this.error_description = opts.error_description; + } + }; + __name(_InvalidGrantException, "InvalidGrantException"); + var InvalidGrantException = _InvalidGrantException; + var _InvalidRequestException = class _InvalidRequestException2 extends SSOOIDCServiceException { + /** + * @internal + */ + constructor(opts) { + super({ + name: "InvalidRequestException", + $fault: "client", + ...opts + }); + this.name = "InvalidRequestException"; + this.$fault = "client"; + Object.setPrototypeOf(this, _InvalidRequestException2.prototype); + this.error = opts.error; + this.error_description = opts.error_description; + } + }; + __name(_InvalidRequestException, "InvalidRequestException"); + var InvalidRequestException = _InvalidRequestException; + var _InvalidScopeException = class _InvalidScopeException2 extends SSOOIDCServiceException { + /** + * @internal + */ + constructor(opts) { + super({ + name: "InvalidScopeException", + $fault: "client", + ...opts + }); + this.name = "InvalidScopeException"; + this.$fault = "client"; + Object.setPrototypeOf(this, _InvalidScopeException2.prototype); + this.error = opts.error; + this.error_description = opts.error_description; + } + }; + __name(_InvalidScopeException, "InvalidScopeException"); + var InvalidScopeException = _InvalidScopeException; + var _SlowDownException = class _SlowDownException2 extends SSOOIDCServiceException { + /** + * @internal + */ + constructor(opts) { + super({ + name: "SlowDownException", + $fault: "client", + ...opts + }); + this.name = "SlowDownException"; + this.$fault = "client"; + Object.setPrototypeOf(this, _SlowDownException2.prototype); + this.error = opts.error; + this.error_description = opts.error_description; + } + }; + __name(_SlowDownException, "SlowDownException"); + var SlowDownException = _SlowDownException; + var _UnauthorizedClientException = class _UnauthorizedClientException2 extends SSOOIDCServiceException { + /** + * @internal + */ + constructor(opts) { + super({ + name: "UnauthorizedClientException", + $fault: "client", + ...opts + }); + this.name = "UnauthorizedClientException"; + this.$fault = "client"; + Object.setPrototypeOf(this, _UnauthorizedClientException2.prototype); + this.error = opts.error; + this.error_description = opts.error_description; + } + }; + __name(_UnauthorizedClientException, "UnauthorizedClientException"); + var UnauthorizedClientException = _UnauthorizedClientException; + var _UnsupportedGrantTypeException = class _UnsupportedGrantTypeException2 extends SSOOIDCServiceException { + /** + * @internal + */ + constructor(opts) { + super({ + name: "UnsupportedGrantTypeException", + $fault: "client", + ...opts + }); + this.name = "UnsupportedGrantTypeException"; + this.$fault = "client"; + Object.setPrototypeOf(this, _UnsupportedGrantTypeException2.prototype); + this.error = opts.error; + this.error_description = opts.error_description; + } + }; + __name(_UnsupportedGrantTypeException, "UnsupportedGrantTypeException"); + var UnsupportedGrantTypeException = _UnsupportedGrantTypeException; + var _InvalidRequestRegionException = class _InvalidRequestRegionException2 extends SSOOIDCServiceException { + /** + * @internal + */ + constructor(opts) { + super({ + name: "InvalidRequestRegionException", + $fault: "client", + ...opts + }); + this.name = "InvalidRequestRegionException"; + this.$fault = "client"; + Object.setPrototypeOf(this, _InvalidRequestRegionException2.prototype); + this.error = opts.error; + this.error_description = opts.error_description; + this.endpoint = opts.endpoint; + this.region = opts.region; + } + }; + __name(_InvalidRequestRegionException, "InvalidRequestRegionException"); + var InvalidRequestRegionException = _InvalidRequestRegionException; + var _InvalidClientMetadataException = class _InvalidClientMetadataException2 extends SSOOIDCServiceException { + /** + * @internal + */ + constructor(opts) { + super({ + name: "InvalidClientMetadataException", + $fault: "client", + ...opts + }); + this.name = "InvalidClientMetadataException"; + this.$fault = "client"; + Object.setPrototypeOf(this, _InvalidClientMetadataException2.prototype); + this.error = opts.error; + this.error_description = opts.error_description; + } + }; + __name(_InvalidClientMetadataException, "InvalidClientMetadataException"); + var InvalidClientMetadataException = _InvalidClientMetadataException; + var _InvalidRedirectUriException = class _InvalidRedirectUriException2 extends SSOOIDCServiceException { + /** + * @internal + */ + constructor(opts) { + super({ + name: "InvalidRedirectUriException", + $fault: "client", + ...opts + }); + this.name = "InvalidRedirectUriException"; + this.$fault = "client"; + Object.setPrototypeOf(this, _InvalidRedirectUriException2.prototype); + this.error = opts.error; + this.error_description = opts.error_description; + } + }; + __name(_InvalidRedirectUriException, "InvalidRedirectUriException"); + var InvalidRedirectUriException = _InvalidRedirectUriException; + var CreateTokenRequestFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ + ...obj, + ...obj.clientSecret && { clientSecret: import_smithy_client4.SENSITIVE_STRING }, + ...obj.refreshToken && { refreshToken: import_smithy_client4.SENSITIVE_STRING }, + ...obj.codeVerifier && { codeVerifier: import_smithy_client4.SENSITIVE_STRING } + }), "CreateTokenRequestFilterSensitiveLog"); + var CreateTokenResponseFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ + ...obj, + ...obj.accessToken && { accessToken: import_smithy_client4.SENSITIVE_STRING }, + ...obj.refreshToken && { refreshToken: import_smithy_client4.SENSITIVE_STRING }, + ...obj.idToken && { idToken: import_smithy_client4.SENSITIVE_STRING } + }), "CreateTokenResponseFilterSensitiveLog"); + var CreateTokenWithIAMRequestFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ + ...obj, + ...obj.refreshToken && { refreshToken: import_smithy_client4.SENSITIVE_STRING }, + ...obj.assertion && { assertion: import_smithy_client4.SENSITIVE_STRING }, + ...obj.subjectToken && { subjectToken: import_smithy_client4.SENSITIVE_STRING }, + ...obj.codeVerifier && { codeVerifier: import_smithy_client4.SENSITIVE_STRING } + }), "CreateTokenWithIAMRequestFilterSensitiveLog"); + var CreateTokenWithIAMResponseFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ + ...obj, + ...obj.accessToken && { accessToken: import_smithy_client4.SENSITIVE_STRING }, + ...obj.refreshToken && { refreshToken: import_smithy_client4.SENSITIVE_STRING }, + ...obj.idToken && { idToken: import_smithy_client4.SENSITIVE_STRING } + }), "CreateTokenWithIAMResponseFilterSensitiveLog"); + var RegisterClientResponseFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ + ...obj, + ...obj.clientSecret && { clientSecret: import_smithy_client4.SENSITIVE_STRING } + }), "RegisterClientResponseFilterSensitiveLog"); + var StartDeviceAuthorizationRequestFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({ + ...obj, + ...obj.clientSecret && { clientSecret: import_smithy_client4.SENSITIVE_STRING } + }), "StartDeviceAuthorizationRequestFilterSensitiveLog"); + var import_core22 = (init_dist_es2(), __toCommonJS(dist_es_exports2)); + var se_CreateTokenCommand = /* @__PURE__ */ __name(async (input, context) => { + const b = (0, import_core3.requestBuilder)(input, context); + const headers = { + "content-type": "application/json" + }; + b.bp("/token"); + let body; + body = JSON.stringify( + (0, import_smithy_client4.take)(input, { + clientId: [], + clientSecret: [], + code: [], + codeVerifier: [], + deviceCode: [], + grantType: [], + redirectUri: [], + refreshToken: [], + scope: (_) => (0, import_smithy_client4._json)(_) + }) + ); + b.m("POST").h(headers).b(body); + return b.build(); + }, "se_CreateTokenCommand"); + var se_CreateTokenWithIAMCommand = /* @__PURE__ */ __name(async (input, context) => { + const b = (0, import_core3.requestBuilder)(input, context); + const headers = { + "content-type": "application/json" + }; + b.bp("/token"); + const query = (0, import_smithy_client4.map)({ + [_ai]: [, "t"] + }); + let body; + body = JSON.stringify( + (0, import_smithy_client4.take)(input, { + assertion: [], + clientId: [], + code: [], + codeVerifier: [], + grantType: [], + redirectUri: [], + refreshToken: [], + requestedTokenType: [], + scope: (_) => (0, import_smithy_client4._json)(_), + subjectToken: [], + subjectTokenType: [] + }) + ); + b.m("POST").h(headers).q(query).b(body); + return b.build(); + }, "se_CreateTokenWithIAMCommand"); + var se_RegisterClientCommand = /* @__PURE__ */ __name(async (input, context) => { + const b = (0, import_core3.requestBuilder)(input, context); + const headers = { + "content-type": "application/json" + }; + b.bp("/client/register"); + let body; + body = JSON.stringify( + (0, import_smithy_client4.take)(input, { + clientName: [], + clientType: [], + entitledApplicationArn: [], + grantTypes: (_) => (0, import_smithy_client4._json)(_), + issuerUrl: [], + redirectUris: (_) => (0, import_smithy_client4._json)(_), + scopes: (_) => (0, import_smithy_client4._json)(_) + }) + ); + b.m("POST").h(headers).b(body); + return b.build(); + }, "se_RegisterClientCommand"); + var se_StartDeviceAuthorizationCommand = /* @__PURE__ */ __name(async (input, context) => { + const b = (0, import_core3.requestBuilder)(input, context); + const headers = { + "content-type": "application/json" + }; + b.bp("/device_authorization"); + let body; + body = JSON.stringify( + (0, import_smithy_client4.take)(input, { + clientId: [], + clientSecret: [], + startUrl: [] + }) + ); + b.m("POST").h(headers).b(body); + return b.build(); + }, "se_StartDeviceAuthorizationCommand"); + var de_CreateTokenCommand = /* @__PURE__ */ __name(async (output, context) => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents = (0, import_smithy_client4.map)({ + $metadata: deserializeMetadata(output) + }); + const data = (0, import_smithy_client4.expectNonNull)((0, import_smithy_client4.expectObject)(await (0, import_core22.parseJsonBody)(output.body, context)), "body"); + const doc = (0, import_smithy_client4.take)(data, { + accessToken: import_smithy_client4.expectString, + expiresIn: import_smithy_client4.expectInt32, + idToken: import_smithy_client4.expectString, + refreshToken: import_smithy_client4.expectString, + tokenType: import_smithy_client4.expectString + }); + Object.assign(contents, doc); + return contents; + }, "de_CreateTokenCommand"); + var de_CreateTokenWithIAMCommand = /* @__PURE__ */ __name(async (output, context) => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents = (0, import_smithy_client4.map)({ + $metadata: deserializeMetadata(output) + }); + const data = (0, import_smithy_client4.expectNonNull)((0, import_smithy_client4.expectObject)(await (0, import_core22.parseJsonBody)(output.body, context)), "body"); + const doc = (0, import_smithy_client4.take)(data, { + accessToken: import_smithy_client4.expectString, + expiresIn: import_smithy_client4.expectInt32, + idToken: import_smithy_client4.expectString, + issuedTokenType: import_smithy_client4.expectString, + refreshToken: import_smithy_client4.expectString, + scope: import_smithy_client4._json, + tokenType: import_smithy_client4.expectString + }); + Object.assign(contents, doc); + return contents; + }, "de_CreateTokenWithIAMCommand"); + var de_RegisterClientCommand = /* @__PURE__ */ __name(async (output, context) => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents = (0, import_smithy_client4.map)({ + $metadata: deserializeMetadata(output) + }); + const data = (0, import_smithy_client4.expectNonNull)((0, import_smithy_client4.expectObject)(await (0, import_core22.parseJsonBody)(output.body, context)), "body"); + const doc = (0, import_smithy_client4.take)(data, { + authorizationEndpoint: import_smithy_client4.expectString, + clientId: import_smithy_client4.expectString, + clientIdIssuedAt: import_smithy_client4.expectLong, + clientSecret: import_smithy_client4.expectString, + clientSecretExpiresAt: import_smithy_client4.expectLong, + tokenEndpoint: import_smithy_client4.expectString + }); + Object.assign(contents, doc); + return contents; + }, "de_RegisterClientCommand"); + var de_StartDeviceAuthorizationCommand = /* @__PURE__ */ __name(async (output, context) => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return de_CommandError(output, context); + } + const contents = (0, import_smithy_client4.map)({ + $metadata: deserializeMetadata(output) + }); + const data = (0, import_smithy_client4.expectNonNull)((0, import_smithy_client4.expectObject)(await (0, import_core22.parseJsonBody)(output.body, context)), "body"); + const doc = (0, import_smithy_client4.take)(data, { + deviceCode: import_smithy_client4.expectString, + expiresIn: import_smithy_client4.expectInt32, + interval: import_smithy_client4.expectInt32, + userCode: import_smithy_client4.expectString, + verificationUri: import_smithy_client4.expectString, + verificationUriComplete: import_smithy_client4.expectString + }); + Object.assign(contents, doc); + return contents; + }, "de_StartDeviceAuthorizationCommand"); + var de_CommandError = /* @__PURE__ */ __name(async (output, context) => { + const parsedOutput = { + ...output, + body: await (0, import_core22.parseJsonErrorBody)(output.body, context) + }; + const errorCode = (0, import_core22.loadRestJsonErrorCode)(output, parsedOutput.body); + switch (errorCode) { + case "AccessDeniedException": + case "com.amazonaws.ssooidc#AccessDeniedException": + throw await de_AccessDeniedExceptionRes(parsedOutput, context); + case "AuthorizationPendingException": + case "com.amazonaws.ssooidc#AuthorizationPendingException": + throw await de_AuthorizationPendingExceptionRes(parsedOutput, context); + case "ExpiredTokenException": + case "com.amazonaws.ssooidc#ExpiredTokenException": + throw await de_ExpiredTokenExceptionRes(parsedOutput, context); + case "InternalServerException": + case "com.amazonaws.ssooidc#InternalServerException": + throw await de_InternalServerExceptionRes(parsedOutput, context); + case "InvalidClientException": + case "com.amazonaws.ssooidc#InvalidClientException": + throw await de_InvalidClientExceptionRes(parsedOutput, context); + case "InvalidGrantException": + case "com.amazonaws.ssooidc#InvalidGrantException": + throw await de_InvalidGrantExceptionRes(parsedOutput, context); + case "InvalidRequestException": + case "com.amazonaws.ssooidc#InvalidRequestException": + throw await de_InvalidRequestExceptionRes(parsedOutput, context); + case "InvalidScopeException": + case "com.amazonaws.ssooidc#InvalidScopeException": + throw await de_InvalidScopeExceptionRes(parsedOutput, context); + case "SlowDownException": + case "com.amazonaws.ssooidc#SlowDownException": + throw await de_SlowDownExceptionRes(parsedOutput, context); + case "UnauthorizedClientException": + case "com.amazonaws.ssooidc#UnauthorizedClientException": + throw await de_UnauthorizedClientExceptionRes(parsedOutput, context); + case "UnsupportedGrantTypeException": + case "com.amazonaws.ssooidc#UnsupportedGrantTypeException": + throw await de_UnsupportedGrantTypeExceptionRes(parsedOutput, context); + case "InvalidRequestRegionException": + case "com.amazonaws.ssooidc#InvalidRequestRegionException": + throw await de_InvalidRequestRegionExceptionRes(parsedOutput, context); + case "InvalidClientMetadataException": + case "com.amazonaws.ssooidc#InvalidClientMetadataException": + throw await de_InvalidClientMetadataExceptionRes(parsedOutput, context); + case "InvalidRedirectUriException": + case "com.amazonaws.ssooidc#InvalidRedirectUriException": + throw await de_InvalidRedirectUriExceptionRes(parsedOutput, context); + default: + const parsedBody = parsedOutput.body; + return throwDefaultError({ + output, + parsedBody, + errorCode + }); + } + }, "de_CommandError"); + var throwDefaultError = (0, import_smithy_client4.withBaseException)(SSOOIDCServiceException); + var de_AccessDeniedExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { + const contents = (0, import_smithy_client4.map)({}); + const data = parsedOutput.body; + const doc = (0, import_smithy_client4.take)(data, { + error: import_smithy_client4.expectString, + error_description: import_smithy_client4.expectString + }); + Object.assign(contents, doc); + const exception = new AccessDeniedException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents + }); + return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); + }, "de_AccessDeniedExceptionRes"); + var de_AuthorizationPendingExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { + const contents = (0, import_smithy_client4.map)({}); + const data = parsedOutput.body; + const doc = (0, import_smithy_client4.take)(data, { + error: import_smithy_client4.expectString, + error_description: import_smithy_client4.expectString + }); + Object.assign(contents, doc); + const exception = new AuthorizationPendingException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents + }); + return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); + }, "de_AuthorizationPendingExceptionRes"); + var de_ExpiredTokenExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { + const contents = (0, import_smithy_client4.map)({}); + const data = parsedOutput.body; + const doc = (0, import_smithy_client4.take)(data, { + error: import_smithy_client4.expectString, + error_description: import_smithy_client4.expectString + }); + Object.assign(contents, doc); + const exception = new ExpiredTokenException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents + }); + return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); + }, "de_ExpiredTokenExceptionRes"); + var de_InternalServerExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { + const contents = (0, import_smithy_client4.map)({}); + const data = parsedOutput.body; + const doc = (0, import_smithy_client4.take)(data, { + error: import_smithy_client4.expectString, + error_description: import_smithy_client4.expectString + }); + Object.assign(contents, doc); + const exception = new InternalServerException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents + }); + return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); + }, "de_InternalServerExceptionRes"); + var de_InvalidClientExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { + const contents = (0, import_smithy_client4.map)({}); + const data = parsedOutput.body; + const doc = (0, import_smithy_client4.take)(data, { + error: import_smithy_client4.expectString, + error_description: import_smithy_client4.expectString + }); + Object.assign(contents, doc); + const exception = new InvalidClientException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents + }); + return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); + }, "de_InvalidClientExceptionRes"); + var de_InvalidClientMetadataExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { + const contents = (0, import_smithy_client4.map)({}); + const data = parsedOutput.body; + const doc = (0, import_smithy_client4.take)(data, { + error: import_smithy_client4.expectString, + error_description: import_smithy_client4.expectString + }); + Object.assign(contents, doc); + const exception = new InvalidClientMetadataException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents + }); + return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); + }, "de_InvalidClientMetadataExceptionRes"); + var de_InvalidGrantExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { + const contents = (0, import_smithy_client4.map)({}); + const data = parsedOutput.body; + const doc = (0, import_smithy_client4.take)(data, { + error: import_smithy_client4.expectString, + error_description: import_smithy_client4.expectString + }); + Object.assign(contents, doc); + const exception = new InvalidGrantException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents + }); + return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); + }, "de_InvalidGrantExceptionRes"); + var de_InvalidRedirectUriExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { + const contents = (0, import_smithy_client4.map)({}); + const data = parsedOutput.body; + const doc = (0, import_smithy_client4.take)(data, { + error: import_smithy_client4.expectString, + error_description: import_smithy_client4.expectString + }); + Object.assign(contents, doc); + const exception = new InvalidRedirectUriException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents + }); + return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); + }, "de_InvalidRedirectUriExceptionRes"); + var de_InvalidRequestExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { + const contents = (0, import_smithy_client4.map)({}); + const data = parsedOutput.body; + const doc = (0, import_smithy_client4.take)(data, { + error: import_smithy_client4.expectString, + error_description: import_smithy_client4.expectString + }); + Object.assign(contents, doc); + const exception = new InvalidRequestException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents + }); + return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); + }, "de_InvalidRequestExceptionRes"); + var de_InvalidRequestRegionExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { + const contents = (0, import_smithy_client4.map)({}); + const data = parsedOutput.body; + const doc = (0, import_smithy_client4.take)(data, { + endpoint: import_smithy_client4.expectString, + error: import_smithy_client4.expectString, + error_description: import_smithy_client4.expectString, + region: import_smithy_client4.expectString + }); + Object.assign(contents, doc); + const exception = new InvalidRequestRegionException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents + }); + return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); + }, "de_InvalidRequestRegionExceptionRes"); + var de_InvalidScopeExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { + const contents = (0, import_smithy_client4.map)({}); + const data = parsedOutput.body; + const doc = (0, import_smithy_client4.take)(data, { + error: import_smithy_client4.expectString, + error_description: import_smithy_client4.expectString + }); + Object.assign(contents, doc); + const exception = new InvalidScopeException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents + }); + return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); + }, "de_InvalidScopeExceptionRes"); + var de_SlowDownExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { + const contents = (0, import_smithy_client4.map)({}); + const data = parsedOutput.body; + const doc = (0, import_smithy_client4.take)(data, { + error: import_smithy_client4.expectString, + error_description: import_smithy_client4.expectString + }); + Object.assign(contents, doc); + const exception = new SlowDownException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents + }); + return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); + }, "de_SlowDownExceptionRes"); + var de_UnauthorizedClientExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { + const contents = (0, import_smithy_client4.map)({}); + const data = parsedOutput.body; + const doc = (0, import_smithy_client4.take)(data, { + error: import_smithy_client4.expectString, + error_description: import_smithy_client4.expectString + }); + Object.assign(contents, doc); + const exception = new UnauthorizedClientException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents + }); + return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); + }, "de_UnauthorizedClientExceptionRes"); + var de_UnsupportedGrantTypeExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => { + const contents = (0, import_smithy_client4.map)({}); + const data = parsedOutput.body; + const doc = (0, import_smithy_client4.take)(data, { + error: import_smithy_client4.expectString, + error_description: import_smithy_client4.expectString + }); + Object.assign(contents, doc); + const exception = new UnsupportedGrantTypeException({ + $metadata: deserializeMetadata(parsedOutput), + ...contents + }); + return (0, import_smithy_client4.decorateServiceException)(exception, parsedOutput.body); + }, "de_UnsupportedGrantTypeExceptionRes"); + var deserializeMetadata = /* @__PURE__ */ __name((output) => ({ + httpStatusCode: output.statusCode, + requestId: output.headers["x-amzn-requestid"] ?? output.headers["x-amzn-request-id"] ?? output.headers["x-amz-request-id"], + extendedRequestId: output.headers["x-amz-id-2"], + cfId: output.headers["x-amz-cf-id"] + }), "deserializeMetadata"); + var _ai = "aws_iam"; + var _CreateTokenCommand = class _CreateTokenCommand extends import_smithy_client4.Command.classBuilder().ep({ + ...commonParams + }).m(function(Command, cs, config, o) { + return [ + (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), + (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) + ]; + }).s("AWSSSOOIDCService", "CreateToken", {}).n("SSOOIDCClient", "CreateTokenCommand").f(CreateTokenRequestFilterSensitiveLog, CreateTokenResponseFilterSensitiveLog).ser(se_CreateTokenCommand).de(de_CreateTokenCommand).build() { + }; + __name(_CreateTokenCommand, "CreateTokenCommand"); + var CreateTokenCommand = _CreateTokenCommand; + var _CreateTokenWithIAMCommand = class _CreateTokenWithIAMCommand extends import_smithy_client4.Command.classBuilder().ep({ + ...commonParams + }).m(function(Command, cs, config, o) { + return [ + (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), + (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) + ]; + }).s("AWSSSOOIDCService", "CreateTokenWithIAM", {}).n("SSOOIDCClient", "CreateTokenWithIAMCommand").f(CreateTokenWithIAMRequestFilterSensitiveLog, CreateTokenWithIAMResponseFilterSensitiveLog).ser(se_CreateTokenWithIAMCommand).de(de_CreateTokenWithIAMCommand).build() { + }; + __name(_CreateTokenWithIAMCommand, "CreateTokenWithIAMCommand"); + var CreateTokenWithIAMCommand = _CreateTokenWithIAMCommand; + var _RegisterClientCommand = class _RegisterClientCommand extends import_smithy_client4.Command.classBuilder().ep({ + ...commonParams + }).m(function(Command, cs, config, o) { + return [ + (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), + (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) + ]; + }).s("AWSSSOOIDCService", "RegisterClient", {}).n("SSOOIDCClient", "RegisterClientCommand").f(void 0, RegisterClientResponseFilterSensitiveLog).ser(se_RegisterClientCommand).de(de_RegisterClientCommand).build() { + }; + __name(_RegisterClientCommand, "RegisterClientCommand"); + var RegisterClientCommand = _RegisterClientCommand; + var _StartDeviceAuthorizationCommand = class _StartDeviceAuthorizationCommand extends import_smithy_client4.Command.classBuilder().ep({ + ...commonParams + }).m(function(Command, cs, config, o) { + return [ + (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), + (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) + ]; + }).s("AWSSSOOIDCService", "StartDeviceAuthorization", {}).n("SSOOIDCClient", "StartDeviceAuthorizationCommand").f(StartDeviceAuthorizationRequestFilterSensitiveLog, void 0).ser(se_StartDeviceAuthorizationCommand).de(de_StartDeviceAuthorizationCommand).build() { + }; + __name(_StartDeviceAuthorizationCommand, "StartDeviceAuthorizationCommand"); + var StartDeviceAuthorizationCommand = _StartDeviceAuthorizationCommand; + var commands = { + CreateTokenCommand, + CreateTokenWithIAMCommand, + RegisterClientCommand, + StartDeviceAuthorizationCommand + }; + var _SSOOIDC = class _SSOOIDC extends SSOOIDCClient { + }; + __name(_SSOOIDC, "SSOOIDC"); + var SSOOIDC = _SSOOIDC; + (0, import_smithy_client4.createAggregatedClient)(commands, SSOOIDC); + } +}); + +// ../../../node_modules/@aws-sdk/token-providers/node_modules/@smithy/property-provider/dist-cjs/index.js +var require_dist_cjs59 = __commonJS({ + "../../../node_modules/@aws-sdk/token-providers/node_modules/@smithy/property-provider/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); + }; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; + }; + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + CredentialsProviderError: () => CredentialsProviderError, + ProviderError: () => ProviderError2, + TokenProviderError: () => TokenProviderError, + chain: () => chain, + fromStatic: () => fromStatic, + memoize: () => memoize + }); + module2.exports = __toCommonJS2(src_exports); + var _ProviderError = class _ProviderError2 extends Error { + constructor(message, options = true) { + var _a; + let logger; + let tryNextLink = true; + if (typeof options === "boolean") { + logger = void 0; + tryNextLink = options; + } else if (options != null && typeof options === "object") { + logger = options.logger; + tryNextLink = options.tryNextLink ?? true; + } + super(message); + this.name = "ProviderError"; + this.tryNextLink = tryNextLink; + Object.setPrototypeOf(this, _ProviderError2.prototype); + (_a = logger == null ? void 0 : logger.debug) == null ? void 0 : _a.call(logger, `@smithy/property-provider ${tryNextLink ? "->" : "(!)"} ${message}`); + } + /** + * @deprecated use new operator. + */ + static from(error, options = true) { + return Object.assign(new this(error.message, options), error); + } + }; + __name(_ProviderError, "ProviderError"); + var ProviderError2 = _ProviderError; + var _CredentialsProviderError = class _CredentialsProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "CredentialsProviderError"; + Object.setPrototypeOf(this, _CredentialsProviderError2.prototype); + } + }; + __name(_CredentialsProviderError, "CredentialsProviderError"); + var CredentialsProviderError = _CredentialsProviderError; + var _TokenProviderError = class _TokenProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "TokenProviderError"; + Object.setPrototypeOf(this, _TokenProviderError2.prototype); + } + }; + __name(_TokenProviderError, "TokenProviderError"); + var TokenProviderError = _TokenProviderError; + var chain = /* @__PURE__ */ __name((...providers) => async () => { + if (providers.length === 0) { + throw new ProviderError2("No providers in chain"); + } + let lastProviderError; + for (const provider of providers) { + try { + const credentials = await provider(); + return credentials; + } catch (err) { + lastProviderError = err; + if (err == null ? void 0 : err.tryNextLink) { + continue; + } + throw err; + } + } + throw lastProviderError; + }, "chain"); + var fromStatic = /* @__PURE__ */ __name((staticValue) => () => Promise.resolve(staticValue), "fromStatic"); + var memoize = /* @__PURE__ */ __name((provider, isExpired, requiresRefresh) => { + let resolved; + let pending; + let hasResult; + let isConstant = false; + const coalesceProvider = /* @__PURE__ */ __name(async () => { + if (!pending) { + pending = provider(); + } + try { + resolved = await pending; + hasResult = true; + isConstant = false; + } finally { + pending = void 0; + } + return resolved; + }, "coalesceProvider"); + if (isExpired === void 0) { + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); + } + return resolved; + }; + } + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); + } + if (isConstant) { + return resolved; + } + if (requiresRefresh && !requiresRefresh(resolved)) { + isConstant = true; + return resolved; + } + if (isExpired(resolved)) { + await coalesceProvider(); + return resolved; + } + return resolved; + }; + }, "memoize"); + } +}); + +// ../../../node_modules/@aws-sdk/token-providers/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getHomeDir.js +var require_getHomeDir4 = __commonJS({ + "../../../node_modules/@aws-sdk/token-providers/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getHomeDir.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getHomeDir = void 0; + var os_1 = require("os"); + var path_1 = require("path"); + var homeDirCache = {}; + var getHomeDirCacheKey = () => { + if (process && process.geteuid) { + return `${process.geteuid()}`; + } + return "DEFAULT"; + }; + var getHomeDir2 = () => { + const { HOME, USERPROFILE, HOMEPATH, HOMEDRIVE = `C:${path_1.sep}` } = process.env; + if (HOME) + return HOME; + if (USERPROFILE) + return USERPROFILE; + if (HOMEPATH) + return `${HOMEDRIVE}${HOMEPATH}`; + const homeDirCacheKey = getHomeDirCacheKey(); + if (!homeDirCache[homeDirCacheKey]) + homeDirCache[homeDirCacheKey] = (0, os_1.homedir)(); + return homeDirCache[homeDirCacheKey]; + }; + exports2.getHomeDir = getHomeDir2; + } +}); + +// ../../../node_modules/@aws-sdk/token-providers/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFilepath.js +var require_getSSOTokenFilepath4 = __commonJS({ + "../../../node_modules/@aws-sdk/token-providers/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFilepath.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getSSOTokenFilepath = void 0; + var crypto_1 = require("crypto"); + var path_1 = require("path"); + var getHomeDir_1 = require_getHomeDir4(); + var getSSOTokenFilepath2 = (id) => { + const hasher = (0, crypto_1.createHash)("sha1"); + const cacheName = hasher.update(id).digest("hex"); + return (0, path_1.join)((0, getHomeDir_1.getHomeDir)(), ".aws", "sso", "cache", `${cacheName}.json`); + }; + exports2.getSSOTokenFilepath = getSSOTokenFilepath2; + } +}); + +// ../../../node_modules/@aws-sdk/token-providers/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFromFile.js +var require_getSSOTokenFromFile4 = __commonJS({ + "../../../node_modules/@aws-sdk/token-providers/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFromFile.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getSSOTokenFromFile = void 0; + var fs_1 = require("fs"); + var getSSOTokenFilepath_1 = require_getSSOTokenFilepath4(); + var { readFile } = fs_1.promises; + var getSSOTokenFromFile2 = async (id) => { + const ssoTokenFilepath = (0, getSSOTokenFilepath_1.getSSOTokenFilepath)(id); + const ssoTokenText = await readFile(ssoTokenFilepath, "utf8"); + return JSON.parse(ssoTokenText); + }; + exports2.getSSOTokenFromFile = getSSOTokenFromFile2; + } +}); + +// ../../../node_modules/@aws-sdk/token-providers/node_modules/@smithy/shared-ini-file-loader/dist-cjs/slurpFile.js +var require_slurpFile4 = __commonJS({ + "../../../node_modules/@aws-sdk/token-providers/node_modules/@smithy/shared-ini-file-loader/dist-cjs/slurpFile.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.slurpFile = void 0; + var fs_1 = require("fs"); + var { readFile } = fs_1.promises; + var filePromisesHash = {}; + var slurpFile = (path, options) => { + if (!filePromisesHash[path] || (options === null || options === void 0 ? void 0 : options.ignoreCache)) { + filePromisesHash[path] = readFile(path, "utf8"); + } + return filePromisesHash[path]; + }; + exports2.slurpFile = slurpFile; + } +}); + +// ../../../node_modules/@aws-sdk/token-providers/node_modules/@smithy/shared-ini-file-loader/dist-cjs/index.js +var require_dist_cjs60 = __commonJS({ + "../../../node_modules/@aws-sdk/token-providers/node_modules/@smithy/shared-ini-file-loader/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); + }; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; + }; + var __reExport = (target, mod, secondTarget) => (__copyProps2(target, mod, "default"), secondTarget && __copyProps2(secondTarget, mod, "default")); + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + CONFIG_PREFIX_SEPARATOR: () => CONFIG_PREFIX_SEPARATOR, + DEFAULT_PROFILE: () => DEFAULT_PROFILE, + ENV_PROFILE: () => ENV_PROFILE, + getProfileName: () => getProfileName, + loadSharedConfigFiles: () => loadSharedConfigFiles, + loadSsoSessionData: () => loadSsoSessionData, + parseKnownFiles: () => parseKnownFiles + }); + module2.exports = __toCommonJS2(src_exports); + __reExport(src_exports, require_getHomeDir4(), module2.exports); + var ENV_PROFILE = "AWS_PROFILE"; + var DEFAULT_PROFILE = "default"; + var getProfileName = /* @__PURE__ */ __name((init) => init.profile || process.env[ENV_PROFILE] || DEFAULT_PROFILE, "getProfileName"); + __reExport(src_exports, require_getSSOTokenFilepath4(), module2.exports); + __reExport(src_exports, require_getSSOTokenFromFile4(), module2.exports); + var import_types5 = require_dist_cjs(); + var getConfigData = /* @__PURE__ */ __name((data) => Object.entries(data).filter(([key]) => { + const indexOfSeparator = key.indexOf(CONFIG_PREFIX_SEPARATOR); + if (indexOfSeparator === -1) { + return false; + } + return Object.values(import_types5.IniSectionType).includes(key.substring(0, indexOfSeparator)); + }).reduce( + (acc, [key, value]) => { + const indexOfSeparator = key.indexOf(CONFIG_PREFIX_SEPARATOR); + const updatedKey = key.substring(0, indexOfSeparator) === import_types5.IniSectionType.PROFILE ? key.substring(indexOfSeparator + 1) : key; + acc[updatedKey] = value; + return acc; + }, + { + // Populate default profile, if present. + ...data.default && { default: data.default } + } + ), "getConfigData"); + var import_path = require("path"); + var import_getHomeDir = require_getHomeDir4(); + var ENV_CONFIG_PATH = "AWS_CONFIG_FILE"; + var getConfigFilepath = /* @__PURE__ */ __name(() => process.env[ENV_CONFIG_PATH] || (0, import_path.join)((0, import_getHomeDir.getHomeDir)(), ".aws", "config"), "getConfigFilepath"); + var import_getHomeDir2 = require_getHomeDir4(); + var ENV_CREDENTIALS_PATH = "AWS_SHARED_CREDENTIALS_FILE"; + var getCredentialsFilepath = /* @__PURE__ */ __name(() => process.env[ENV_CREDENTIALS_PATH] || (0, import_path.join)((0, import_getHomeDir2.getHomeDir)(), ".aws", "credentials"), "getCredentialsFilepath"); + var import_getHomeDir3 = require_getHomeDir4(); + var prefixKeyRegex = /^([\w-]+)\s(["'])?([\w-@\+\.%:/]+)\2$/; + var profileNameBlockList = ["__proto__", "profile __proto__"]; + var parseIni = /* @__PURE__ */ __name((iniData) => { + const map = {}; + let currentSection; + let currentSubSection; + for (const iniLine of iniData.split(/\r?\n/)) { + const trimmedLine = iniLine.split(/(^|\s)[;#]/)[0].trim(); + const isSection = trimmedLine[0] === "[" && trimmedLine[trimmedLine.length - 1] === "]"; + if (isSection) { + currentSection = void 0; + currentSubSection = void 0; + const sectionName = trimmedLine.substring(1, trimmedLine.length - 1); + const matches = prefixKeyRegex.exec(sectionName); + if (matches) { + const [, prefix, , name] = matches; + if (Object.values(import_types5.IniSectionType).includes(prefix)) { + currentSection = [prefix, name].join(CONFIG_PREFIX_SEPARATOR); + } + } else { + currentSection = sectionName; + } + if (profileNameBlockList.includes(sectionName)) { + throw new Error(`Found invalid profile name "${sectionName}"`); + } + } else if (currentSection) { + const indexOfEqualsSign = trimmedLine.indexOf("="); + if (![0, -1].includes(indexOfEqualsSign)) { + const [name, value] = [ + trimmedLine.substring(0, indexOfEqualsSign).trim(), + trimmedLine.substring(indexOfEqualsSign + 1).trim() + ]; + if (value === "") { + currentSubSection = name; + } else { + if (currentSubSection && iniLine.trimStart() === iniLine) { + currentSubSection = void 0; + } + map[currentSection] = map[currentSection] || {}; + const key = currentSubSection ? [currentSubSection, name].join(CONFIG_PREFIX_SEPARATOR) : name; + map[currentSection][key] = value; + } + } + } + } + return map; + }, "parseIni"); + var import_slurpFile = require_slurpFile4(); + var swallowError = /* @__PURE__ */ __name(() => ({}), "swallowError"); + var CONFIG_PREFIX_SEPARATOR = "."; + var loadSharedConfigFiles = /* @__PURE__ */ __name(async (init = {}) => { + const { filepath = getCredentialsFilepath(), configFilepath = getConfigFilepath() } = init; + const homeDir = (0, import_getHomeDir3.getHomeDir)(); + const relativeHomeDirPrefix = "~/"; + let resolvedFilepath = filepath; + if (filepath.startsWith(relativeHomeDirPrefix)) { + resolvedFilepath = (0, import_path.join)(homeDir, filepath.slice(2)); + } + let resolvedConfigFilepath = configFilepath; + if (configFilepath.startsWith(relativeHomeDirPrefix)) { + resolvedConfigFilepath = (0, import_path.join)(homeDir, configFilepath.slice(2)); + } + const parsedFiles = await Promise.all([ + (0, import_slurpFile.slurpFile)(resolvedConfigFilepath, { + ignoreCache: init.ignoreCache + }).then(parseIni).then(getConfigData).catch(swallowError), + (0, import_slurpFile.slurpFile)(resolvedFilepath, { + ignoreCache: init.ignoreCache + }).then(parseIni).catch(swallowError) + ]); + return { + configFile: parsedFiles[0], + credentialsFile: parsedFiles[1] + }; + }, "loadSharedConfigFiles"); + var getSsoSessionData = /* @__PURE__ */ __name((data) => Object.entries(data).filter(([key]) => key.startsWith(import_types5.IniSectionType.SSO_SESSION + CONFIG_PREFIX_SEPARATOR)).reduce((acc, [key, value]) => ({ ...acc, [key.substring(key.indexOf(CONFIG_PREFIX_SEPARATOR) + 1)]: value }), {}), "getSsoSessionData"); + var import_slurpFile2 = require_slurpFile4(); + var swallowError2 = /* @__PURE__ */ __name(() => ({}), "swallowError"); + var loadSsoSessionData = /* @__PURE__ */ __name(async (init = {}) => (0, import_slurpFile2.slurpFile)(init.configFilepath ?? getConfigFilepath()).then(parseIni).then(getSsoSessionData).catch(swallowError2), "loadSsoSessionData"); + var mergeConfigFiles = /* @__PURE__ */ __name((...files) => { + const merged = {}; + for (const file of files) { + for (const [key, values] of Object.entries(file)) { + if (merged[key] !== void 0) { + Object.assign(merged[key], values); + } else { + merged[key] = values; + } + } + } + return merged; + }, "mergeConfigFiles"); + var parseKnownFiles = /* @__PURE__ */ __name(async (init) => { + const parsedFiles = await loadSharedConfigFiles(init); + return mergeConfigFiles(parsedFiles.configFile, parsedFiles.credentialsFile); + }, "parseKnownFiles"); + } +}); + +// ../../../node_modules/@aws-sdk/token-providers/dist-cjs/index.js +var require_dist_cjs61 = __commonJS({ + "../../../node_modules/@aws-sdk/token-providers/dist-cjs/index.js"(exports2, module2) { + "use strict"; + var __create2 = Object.create; + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __getProtoOf2 = Object.getPrototypeOf; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); + }; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; + }; + var __toESM2 = (mod, isNodeMode, target) => (target = mod != null ? __create2(__getProtoOf2(mod)) : {}, __copyProps2( + // If the importer is in node compatibility mode or this is not an ESM + // file that has been converted to a CommonJS file using a Babel- + // compatible transform (i.e. "__esModule" has not been set), then set + // "default" to the CommonJS "module.exports" for node compatibility. + isNodeMode || !mod || !mod.__esModule ? __defProp2(target, "default", { value: mod, enumerable: true }) : target, + mod + )); + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + fromSso: () => fromSso, + fromStatic: () => fromStatic, + nodeProvider: () => nodeProvider + }); + module2.exports = __toCommonJS2(src_exports); + var EXPIRE_WINDOW_MS = 5 * 60 * 1e3; + var REFRESH_MESSAGE = `To refresh this SSO session run 'aws sso login' with the corresponding profile.`; + var ssoOidcClientsHash = {}; + var getSsoOidcClient = /* @__PURE__ */ __name(async (ssoRegion) => { + const { SSOOIDCClient } = await Promise.resolve().then(() => __toESM2(require_dist_cjs58())); + if (ssoOidcClientsHash[ssoRegion]) { + return ssoOidcClientsHash[ssoRegion]; + } + const ssoOidcClient = new SSOOIDCClient({ region: ssoRegion }); + ssoOidcClientsHash[ssoRegion] = ssoOidcClient; + return ssoOidcClient; + }, "getSsoOidcClient"); + var getNewSsoOidcToken = /* @__PURE__ */ __name(async (ssoToken, ssoRegion) => { + const { CreateTokenCommand } = await Promise.resolve().then(() => __toESM2(require_dist_cjs58())); + const ssoOidcClient = await getSsoOidcClient(ssoRegion); + return ssoOidcClient.send( + new CreateTokenCommand({ + clientId: ssoToken.clientId, + clientSecret: ssoToken.clientSecret, + refreshToken: ssoToken.refreshToken, + grantType: "refresh_token" + }) + ); + }, "getNewSsoOidcToken"); + var import_property_provider2 = require_dist_cjs59(); + var validateTokenExpiry = /* @__PURE__ */ __name((token) => { + if (token.expiration && token.expiration.getTime() < Date.now()) { + throw new import_property_provider2.TokenProviderError(`Token is expired. ${REFRESH_MESSAGE}`, false); + } + }, "validateTokenExpiry"); + var validateTokenKey = /* @__PURE__ */ __name((key, value, forRefresh = false) => { + if (typeof value === "undefined") { + throw new import_property_provider2.TokenProviderError( + `Value not present for '${key}' in SSO Token${forRefresh ? ". Cannot refresh" : ""}. ${REFRESH_MESSAGE}`, + false + ); + } + }, "validateTokenKey"); + var import_shared_ini_file_loader = require_dist_cjs60(); + var import_fs = require("fs"); + var { writeFile } = import_fs.promises; + var writeSSOTokenToFile = /* @__PURE__ */ __name((id, ssoToken) => { + const tokenFilepath = (0, import_shared_ini_file_loader.getSSOTokenFilepath)(id); + const tokenString = JSON.stringify(ssoToken, null, 2); + return writeFile(tokenFilepath, tokenString); + }, "writeSSOTokenToFile"); + var lastRefreshAttemptTime = /* @__PURE__ */ new Date(0); + var fromSso = /* @__PURE__ */ __name((init = {}) => async () => { + var _a; + (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/token-providers - fromSso"); + const profiles = await (0, import_shared_ini_file_loader.parseKnownFiles)(init); + const profileName = (0, import_shared_ini_file_loader.getProfileName)(init); + const profile = profiles[profileName]; + if (!profile) { + throw new import_property_provider2.TokenProviderError(`Profile '${profileName}' could not be found in shared credentials file.`, false); + } else if (!profile["sso_session"]) { + throw new import_property_provider2.TokenProviderError(`Profile '${profileName}' is missing required property 'sso_session'.`); + } + const ssoSessionName = profile["sso_session"]; + const ssoSessions = await (0, import_shared_ini_file_loader.loadSsoSessionData)(init); + const ssoSession = ssoSessions[ssoSessionName]; + if (!ssoSession) { + throw new import_property_provider2.TokenProviderError( + `Sso session '${ssoSessionName}' could not be found in shared credentials file.`, + false + ); + } + for (const ssoSessionRequiredKey of ["sso_start_url", "sso_region"]) { + if (!ssoSession[ssoSessionRequiredKey]) { + throw new import_property_provider2.TokenProviderError( + `Sso session '${ssoSessionName}' is missing required property '${ssoSessionRequiredKey}'.`, + false + ); + } + } + const ssoStartUrl = ssoSession["sso_start_url"]; + const ssoRegion = ssoSession["sso_region"]; + let ssoToken; + try { + ssoToken = await (0, import_shared_ini_file_loader.getSSOTokenFromFile)(ssoSessionName); + } catch (e) { + throw new import_property_provider2.TokenProviderError( + `The SSO session token associated with profile=${profileName} was not found or is invalid. ${REFRESH_MESSAGE}`, + false + ); + } + validateTokenKey("accessToken", ssoToken.accessToken); + validateTokenKey("expiresAt", ssoToken.expiresAt); + const { accessToken, expiresAt } = ssoToken; + const existingToken = { token: accessToken, expiration: new Date(expiresAt) }; + if (existingToken.expiration.getTime() - Date.now() > EXPIRE_WINDOW_MS) { + return existingToken; + } + if (Date.now() - lastRefreshAttemptTime.getTime() < 30 * 1e3) { + validateTokenExpiry(existingToken); + return existingToken; + } + validateTokenKey("clientId", ssoToken.clientId, true); + validateTokenKey("clientSecret", ssoToken.clientSecret, true); + validateTokenKey("refreshToken", ssoToken.refreshToken, true); + try { + lastRefreshAttemptTime.setTime(Date.now()); + const newSsoOidcToken = await getNewSsoOidcToken(ssoToken, ssoRegion); + validateTokenKey("accessToken", newSsoOidcToken.accessToken); + validateTokenKey("expiresIn", newSsoOidcToken.expiresIn); + const newTokenExpiration = new Date(Date.now() + newSsoOidcToken.expiresIn * 1e3); + try { + await writeSSOTokenToFile(ssoSessionName, { + ...ssoToken, + accessToken: newSsoOidcToken.accessToken, + expiresAt: newTokenExpiration.toISOString(), + refreshToken: newSsoOidcToken.refreshToken + }); + } catch (error) { + } + return { + token: newSsoOidcToken.accessToken, + expiration: newTokenExpiration + }; + } catch (error) { + validateTokenExpiry(existingToken); + return existingToken; + } + }, "fromSso"); + var fromStatic = /* @__PURE__ */ __name(({ token, logger }) => async () => { + logger == null ? void 0 : logger.debug("@aws-sdk/token-providers - fromStatic"); + if (!token || !token.token) { + throw new import_property_provider2.TokenProviderError(`Please pass a valid token to fromStatic`, false); + } + return token; + }, "fromStatic"); + var nodeProvider = /* @__PURE__ */ __name((init = {}) => (0, import_property_provider2.memoize)( + (0, import_property_provider2.chain)(fromSso(init), async () => { + throw new import_property_provider2.TokenProviderError("Could not load token from any providers", false); + }), + (token) => token.expiration !== void 0 && token.expiration.getTime() - Date.now() < 3e5, + (token) => token.expiration !== void 0 + ), "nodeProvider"); + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-sso/node_modules/@smithy/property-provider/dist-cjs/index.js +var require_dist_cjs62 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-sso/node_modules/@smithy/property-provider/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); + }; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; + }; + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + CredentialsProviderError: () => CredentialsProviderError, + ProviderError: () => ProviderError2, + TokenProviderError: () => TokenProviderError, + chain: () => chain, + fromStatic: () => fromStatic, + memoize: () => memoize + }); + module2.exports = __toCommonJS2(src_exports); + var _ProviderError = class _ProviderError2 extends Error { + constructor(message, options = true) { + var _a; + let logger; + let tryNextLink = true; + if (typeof options === "boolean") { + logger = void 0; + tryNextLink = options; + } else if (options != null && typeof options === "object") { + logger = options.logger; + tryNextLink = options.tryNextLink ?? true; + } + super(message); + this.name = "ProviderError"; + this.tryNextLink = tryNextLink; + Object.setPrototypeOf(this, _ProviderError2.prototype); + (_a = logger == null ? void 0 : logger.debug) == null ? void 0 : _a.call(logger, `@smithy/property-provider ${tryNextLink ? "->" : "(!)"} ${message}`); + } + /** + * @deprecated use new operator. + */ + static from(error, options = true) { + return Object.assign(new this(error.message, options), error); + } + }; + __name(_ProviderError, "ProviderError"); + var ProviderError2 = _ProviderError; + var _CredentialsProviderError = class _CredentialsProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "CredentialsProviderError"; + Object.setPrototypeOf(this, _CredentialsProviderError2.prototype); + } + }; + __name(_CredentialsProviderError, "CredentialsProviderError"); + var CredentialsProviderError = _CredentialsProviderError; + var _TokenProviderError = class _TokenProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "TokenProviderError"; + Object.setPrototypeOf(this, _TokenProviderError2.prototype); + } + }; + __name(_TokenProviderError, "TokenProviderError"); + var TokenProviderError = _TokenProviderError; + var chain = /* @__PURE__ */ __name((...providers) => async () => { + if (providers.length === 0) { + throw new ProviderError2("No providers in chain"); + } + let lastProviderError; + for (const provider of providers) { + try { + const credentials = await provider(); + return credentials; + } catch (err) { + lastProviderError = err; + if (err == null ? void 0 : err.tryNextLink) { + continue; + } + throw err; + } + } + throw lastProviderError; + }, "chain"); + var fromStatic = /* @__PURE__ */ __name((staticValue) => () => Promise.resolve(staticValue), "fromStatic"); + var memoize = /* @__PURE__ */ __name((provider, isExpired, requiresRefresh) => { + let resolved; + let pending; + let hasResult; + let isConstant = false; + const coalesceProvider = /* @__PURE__ */ __name(async () => { + if (!pending) { + pending = provider(); + } + try { + resolved = await pending; + hasResult = true; + isConstant = false; + } finally { + pending = void 0; + } + return resolved; + }, "coalesceProvider"); + if (isExpired === void 0) { + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); + } + return resolved; + }; + } + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); + } + if (isConstant) { + return resolved; + } + if (requiresRefresh && !requiresRefresh(resolved)) { + isConstant = true; + return resolved; + } + if (isExpired(resolved)) { + await coalesceProvider(); + return resolved; + } + return resolved; + }; + }, "memoize"); + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-sso/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getHomeDir.js +var require_getHomeDir5 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-sso/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getHomeDir.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getHomeDir = void 0; + var os_1 = require("os"); + var path_1 = require("path"); + var homeDirCache = {}; + var getHomeDirCacheKey = () => { + if (process && process.geteuid) { + return `${process.geteuid()}`; + } + return "DEFAULT"; + }; + var getHomeDir2 = () => { + const { HOME, USERPROFILE, HOMEPATH, HOMEDRIVE = `C:${path_1.sep}` } = process.env; + if (HOME) + return HOME; + if (USERPROFILE) + return USERPROFILE; + if (HOMEPATH) + return `${HOMEDRIVE}${HOMEPATH}`; + const homeDirCacheKey = getHomeDirCacheKey(); + if (!homeDirCache[homeDirCacheKey]) + homeDirCache[homeDirCacheKey] = (0, os_1.homedir)(); + return homeDirCache[homeDirCacheKey]; + }; + exports2.getHomeDir = getHomeDir2; + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-sso/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFilepath.js +var require_getSSOTokenFilepath5 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-sso/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFilepath.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getSSOTokenFilepath = void 0; + var crypto_1 = require("crypto"); + var path_1 = require("path"); + var getHomeDir_1 = require_getHomeDir5(); + var getSSOTokenFilepath2 = (id) => { + const hasher = (0, crypto_1.createHash)("sha1"); + const cacheName = hasher.update(id).digest("hex"); + return (0, path_1.join)((0, getHomeDir_1.getHomeDir)(), ".aws", "sso", "cache", `${cacheName}.json`); + }; + exports2.getSSOTokenFilepath = getSSOTokenFilepath2; + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-sso/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFromFile.js +var require_getSSOTokenFromFile5 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-sso/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFromFile.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getSSOTokenFromFile = void 0; + var fs_1 = require("fs"); + var getSSOTokenFilepath_1 = require_getSSOTokenFilepath5(); + var { readFile } = fs_1.promises; + var getSSOTokenFromFile2 = async (id) => { + const ssoTokenFilepath = (0, getSSOTokenFilepath_1.getSSOTokenFilepath)(id); + const ssoTokenText = await readFile(ssoTokenFilepath, "utf8"); + return JSON.parse(ssoTokenText); + }; + exports2.getSSOTokenFromFile = getSSOTokenFromFile2; + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-sso/node_modules/@smithy/shared-ini-file-loader/dist-cjs/slurpFile.js +var require_slurpFile5 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-sso/node_modules/@smithy/shared-ini-file-loader/dist-cjs/slurpFile.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.slurpFile = void 0; + var fs_1 = require("fs"); + var { readFile } = fs_1.promises; + var filePromisesHash = {}; + var slurpFile = (path, options) => { + if (!filePromisesHash[path] || (options === null || options === void 0 ? void 0 : options.ignoreCache)) { + filePromisesHash[path] = readFile(path, "utf8"); + } + return filePromisesHash[path]; + }; + exports2.slurpFile = slurpFile; + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-sso/node_modules/@smithy/shared-ini-file-loader/dist-cjs/index.js +var require_dist_cjs63 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-sso/node_modules/@smithy/shared-ini-file-loader/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); + }; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; + }; + var __reExport = (target, mod, secondTarget) => (__copyProps2(target, mod, "default"), secondTarget && __copyProps2(secondTarget, mod, "default")); + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + CONFIG_PREFIX_SEPARATOR: () => CONFIG_PREFIX_SEPARATOR, + DEFAULT_PROFILE: () => DEFAULT_PROFILE, + ENV_PROFILE: () => ENV_PROFILE, + getProfileName: () => getProfileName, + loadSharedConfigFiles: () => loadSharedConfigFiles, + loadSsoSessionData: () => loadSsoSessionData, + parseKnownFiles: () => parseKnownFiles + }); + module2.exports = __toCommonJS2(src_exports); + __reExport(src_exports, require_getHomeDir5(), module2.exports); + var ENV_PROFILE = "AWS_PROFILE"; + var DEFAULT_PROFILE = "default"; + var getProfileName = /* @__PURE__ */ __name((init) => init.profile || process.env[ENV_PROFILE] || DEFAULT_PROFILE, "getProfileName"); + __reExport(src_exports, require_getSSOTokenFilepath5(), module2.exports); + __reExport(src_exports, require_getSSOTokenFromFile5(), module2.exports); + var import_types5 = require_dist_cjs(); + var getConfigData = /* @__PURE__ */ __name((data) => Object.entries(data).filter(([key]) => { + const indexOfSeparator = key.indexOf(CONFIG_PREFIX_SEPARATOR); + if (indexOfSeparator === -1) { + return false; + } + return Object.values(import_types5.IniSectionType).includes(key.substring(0, indexOfSeparator)); + }).reduce( + (acc, [key, value]) => { + const indexOfSeparator = key.indexOf(CONFIG_PREFIX_SEPARATOR); + const updatedKey = key.substring(0, indexOfSeparator) === import_types5.IniSectionType.PROFILE ? key.substring(indexOfSeparator + 1) : key; + acc[updatedKey] = value; + return acc; + }, + { + // Populate default profile, if present. + ...data.default && { default: data.default } + } + ), "getConfigData"); + var import_path = require("path"); + var import_getHomeDir = require_getHomeDir5(); + var ENV_CONFIG_PATH = "AWS_CONFIG_FILE"; + var getConfigFilepath = /* @__PURE__ */ __name(() => process.env[ENV_CONFIG_PATH] || (0, import_path.join)((0, import_getHomeDir.getHomeDir)(), ".aws", "config"), "getConfigFilepath"); + var import_getHomeDir2 = require_getHomeDir5(); + var ENV_CREDENTIALS_PATH = "AWS_SHARED_CREDENTIALS_FILE"; + var getCredentialsFilepath = /* @__PURE__ */ __name(() => process.env[ENV_CREDENTIALS_PATH] || (0, import_path.join)((0, import_getHomeDir2.getHomeDir)(), ".aws", "credentials"), "getCredentialsFilepath"); + var import_getHomeDir3 = require_getHomeDir5(); + var prefixKeyRegex = /^([\w-]+)\s(["'])?([\w-@\+\.%:/]+)\2$/; + var profileNameBlockList = ["__proto__", "profile __proto__"]; + var parseIni = /* @__PURE__ */ __name((iniData) => { + const map = {}; + let currentSection; + let currentSubSection; + for (const iniLine of iniData.split(/\r?\n/)) { + const trimmedLine = iniLine.split(/(^|\s)[;#]/)[0].trim(); + const isSection = trimmedLine[0] === "[" && trimmedLine[trimmedLine.length - 1] === "]"; + if (isSection) { + currentSection = void 0; + currentSubSection = void 0; + const sectionName = trimmedLine.substring(1, trimmedLine.length - 1); + const matches = prefixKeyRegex.exec(sectionName); + if (matches) { + const [, prefix, , name] = matches; + if (Object.values(import_types5.IniSectionType).includes(prefix)) { + currentSection = [prefix, name].join(CONFIG_PREFIX_SEPARATOR); + } + } else { + currentSection = sectionName; + } + if (profileNameBlockList.includes(sectionName)) { + throw new Error(`Found invalid profile name "${sectionName}"`); + } + } else if (currentSection) { + const indexOfEqualsSign = trimmedLine.indexOf("="); + if (![0, -1].includes(indexOfEqualsSign)) { + const [name, value] = [ + trimmedLine.substring(0, indexOfEqualsSign).trim(), + trimmedLine.substring(indexOfEqualsSign + 1).trim() + ]; + if (value === "") { + currentSubSection = name; + } else { + if (currentSubSection && iniLine.trimStart() === iniLine) { + currentSubSection = void 0; + } + map[currentSection] = map[currentSection] || {}; + const key = currentSubSection ? [currentSubSection, name].join(CONFIG_PREFIX_SEPARATOR) : name; + map[currentSection][key] = value; + } + } + } + } + return map; + }, "parseIni"); + var import_slurpFile = require_slurpFile5(); + var swallowError = /* @__PURE__ */ __name(() => ({}), "swallowError"); + var CONFIG_PREFIX_SEPARATOR = "."; + var loadSharedConfigFiles = /* @__PURE__ */ __name(async (init = {}) => { + const { filepath = getCredentialsFilepath(), configFilepath = getConfigFilepath() } = init; + const homeDir = (0, import_getHomeDir3.getHomeDir)(); + const relativeHomeDirPrefix = "~/"; + let resolvedFilepath = filepath; + if (filepath.startsWith(relativeHomeDirPrefix)) { + resolvedFilepath = (0, import_path.join)(homeDir, filepath.slice(2)); + } + let resolvedConfigFilepath = configFilepath; + if (configFilepath.startsWith(relativeHomeDirPrefix)) { + resolvedConfigFilepath = (0, import_path.join)(homeDir, configFilepath.slice(2)); + } + const parsedFiles = await Promise.all([ + (0, import_slurpFile.slurpFile)(resolvedConfigFilepath, { + ignoreCache: init.ignoreCache + }).then(parseIni).then(getConfigData).catch(swallowError), + (0, import_slurpFile.slurpFile)(resolvedFilepath, { + ignoreCache: init.ignoreCache + }).then(parseIni).catch(swallowError) + ]); + return { + configFile: parsedFiles[0], + credentialsFile: parsedFiles[1] + }; + }, "loadSharedConfigFiles"); + var getSsoSessionData = /* @__PURE__ */ __name((data) => Object.entries(data).filter(([key]) => key.startsWith(import_types5.IniSectionType.SSO_SESSION + CONFIG_PREFIX_SEPARATOR)).reduce((acc, [key, value]) => ({ ...acc, [key.substring(key.indexOf(CONFIG_PREFIX_SEPARATOR) + 1)]: value }), {}), "getSsoSessionData"); + var import_slurpFile2 = require_slurpFile5(); + var swallowError2 = /* @__PURE__ */ __name(() => ({}), "swallowError"); + var loadSsoSessionData = /* @__PURE__ */ __name(async (init = {}) => (0, import_slurpFile2.slurpFile)(init.configFilepath ?? getConfigFilepath()).then(parseIni).then(getSsoSessionData).catch(swallowError2), "loadSsoSessionData"); + var mergeConfigFiles = /* @__PURE__ */ __name((...files) => { + const merged = {}; + for (const file of files) { + for (const [key, values] of Object.entries(file)) { + if (merged[key] !== void 0) { + Object.assign(merged[key], values); + } else { + merged[key] = values; + } + } + } + return merged; + }, "mergeConfigFiles"); + var parseKnownFiles = /* @__PURE__ */ __name(async (init) => { + const parsedFiles = await loadSharedConfigFiles(init); + return mergeConfigFiles(parsedFiles.configFile, parsedFiles.credentialsFile); + }, "parseKnownFiles"); + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-sso/dist-cjs/index.js +var require_dist_cjs64 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-sso/dist-cjs/index.js"(exports2, module2) { + "use strict"; + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __esm2 = (fn, res) => function __init() { + return fn && (res = (0, fn[__getOwnPropNames2(fn)[0]])(fn = 0)), res; + }; + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); + }; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; + }; + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var loadSso_exports = {}; + __export2(loadSso_exports, { + GetRoleCredentialsCommand: () => import_client_sso.GetRoleCredentialsCommand, + SSOClient: () => import_client_sso.SSOClient + }); + var import_client_sso; + var init_loadSso = __esm2({ + "src/loadSso.ts"() { + "use strict"; + import_client_sso = require_dist_cjs57(); + } + }); + var src_exports = {}; + __export2(src_exports, { + fromSSO: () => fromSSO, + isSsoProfile: () => isSsoProfile, + validateSsoProfile: () => validateSsoProfile + }); + module2.exports = __toCommonJS2(src_exports); + var isSsoProfile = /* @__PURE__ */ __name((arg) => arg && (typeof arg.sso_start_url === "string" || typeof arg.sso_account_id === "string" || typeof arg.sso_session === "string" || typeof arg.sso_region === "string" || typeof arg.sso_role_name === "string"), "isSsoProfile"); + var import_token_providers = require_dist_cjs61(); + var import_property_provider2 = require_dist_cjs62(); + var import_shared_ini_file_loader = require_dist_cjs63(); + var SHOULD_FAIL_CREDENTIAL_CHAIN = false; + var resolveSSOCredentials = /* @__PURE__ */ __name(async ({ + ssoStartUrl, + ssoSession, + ssoAccountId, + ssoRegion, + ssoRoleName, + ssoClient, + clientConfig, + profile, + logger + }) => { + let token; + const refreshMessage = `To refresh this SSO session run aws sso login with the corresponding profile.`; + if (ssoSession) { + try { + const _token = await (0, import_token_providers.fromSso)({ profile })(); + token = { + accessToken: _token.token, + expiresAt: new Date(_token.expiration).toISOString() + }; + } catch (e) { + throw new import_property_provider2.CredentialsProviderError(e.message, { + tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN, + logger + }); + } + } else { + try { + token = await (0, import_shared_ini_file_loader.getSSOTokenFromFile)(ssoStartUrl); + } catch (e) { + throw new import_property_provider2.CredentialsProviderError(`The SSO session associated with this profile is invalid. ${refreshMessage}`, { + tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN, + logger + }); + } + } + if (new Date(token.expiresAt).getTime() - Date.now() <= 0) { + throw new import_property_provider2.CredentialsProviderError(`The SSO session associated with this profile has expired. ${refreshMessage}`, { + tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN, + logger + }); + } + const { accessToken } = token; + const { SSOClient: SSOClient2, GetRoleCredentialsCommand: GetRoleCredentialsCommand2 } = await Promise.resolve().then(() => (init_loadSso(), loadSso_exports)); + const sso = ssoClient || new SSOClient2( + Object.assign({}, clientConfig ?? {}, { + region: (clientConfig == null ? void 0 : clientConfig.region) ?? ssoRegion + }) + ); + let ssoResp; + try { + ssoResp = await sso.send( + new GetRoleCredentialsCommand2({ + accountId: ssoAccountId, + roleName: ssoRoleName, + accessToken + }) + ); + } catch (e) { + throw new import_property_provider2.CredentialsProviderError(e, { + tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN, + logger + }); + } + const { + roleCredentials: { accessKeyId, secretAccessKey, sessionToken, expiration, credentialScope, accountId } = {} + } = ssoResp; + if (!accessKeyId || !secretAccessKey || !sessionToken || !expiration) { + throw new import_property_provider2.CredentialsProviderError("SSO returns an invalid temporary credential.", { + tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN, + logger + }); + } + return { + accessKeyId, + secretAccessKey, + sessionToken, + expiration: new Date(expiration), + ...credentialScope && { credentialScope }, + ...accountId && { accountId } + }; + }, "resolveSSOCredentials"); + var validateSsoProfile = /* @__PURE__ */ __name((profile, logger) => { + const { sso_start_url, sso_account_id, sso_region, sso_role_name } = profile; + if (!sso_start_url || !sso_account_id || !sso_region || !sso_role_name) { + throw new import_property_provider2.CredentialsProviderError( + `Profile is configured with invalid SSO credentials. Required parameters "sso_account_id", "sso_region", "sso_role_name", "sso_start_url". Got ${Object.keys(profile).join( + ", " + )} +Reference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html`, + { tryNextLink: false, logger } + ); + } + return profile; + }, "validateSsoProfile"); + var fromSSO = /* @__PURE__ */ __name((init = {}) => async () => { + var _a; + (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-sso - fromSSO"); + const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoSession } = init; + const { ssoClient } = init; + const profileName = (0, import_shared_ini_file_loader.getProfileName)(init); + if (!ssoStartUrl && !ssoAccountId && !ssoRegion && !ssoRoleName && !ssoSession) { + const profiles = await (0, import_shared_ini_file_loader.parseKnownFiles)(init); + const profile = profiles[profileName]; + if (!profile) { + throw new import_property_provider2.CredentialsProviderError(`Profile ${profileName} was not found.`, { logger: init.logger }); + } + if (!isSsoProfile(profile)) { + throw new import_property_provider2.CredentialsProviderError(`Profile ${profileName} is not configured with SSO credentials.`, { + logger: init.logger + }); + } + if (profile == null ? void 0 : profile.sso_session) { + const ssoSessions = await (0, import_shared_ini_file_loader.loadSsoSessionData)(init); + const session = ssoSessions[profile.sso_session]; + const conflictMsg = ` configurations in profile ${profileName} and sso-session ${profile.sso_session}`; + if (ssoRegion && ssoRegion !== session.sso_region) { + throw new import_property_provider2.CredentialsProviderError(`Conflicting SSO region` + conflictMsg, { + tryNextLink: false, + logger: init.logger + }); + } + if (ssoStartUrl && ssoStartUrl !== session.sso_start_url) { + throw new import_property_provider2.CredentialsProviderError(`Conflicting SSO start_url` + conflictMsg, { + tryNextLink: false, + logger: init.logger + }); + } + profile.sso_region = session.sso_region; + profile.sso_start_url = session.sso_start_url; + } + const { sso_start_url, sso_account_id, sso_region, sso_role_name, sso_session } = validateSsoProfile( + profile, + init.logger + ); + return resolveSSOCredentials({ + ssoStartUrl: sso_start_url, + ssoSession: sso_session, + ssoAccountId: sso_account_id, + ssoRegion: sso_region, + ssoRoleName: sso_role_name, + ssoClient, + clientConfig: init.clientConfig, + profile: profileName + }); + } else if (!ssoStartUrl || !ssoAccountId || !ssoRegion || !ssoRoleName) { + throw new import_property_provider2.CredentialsProviderError( + 'Incomplete configuration. The fromSSO() argument hash must include "ssoStartUrl", "ssoAccountId", "ssoRegion", "ssoRoleName"', + { tryNextLink: false, logger: init.logger } + ); + } else { + return resolveSSOCredentials({ + ssoStartUrl, + ssoSession, + ssoAccountId, + ssoRegion, + ssoRoleName, + ssoClient, + clientConfig: init.clientConfig, + profile: profileName + }); + } + }, "fromSSO"); + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-ini/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getHomeDir.js +var require_getHomeDir6 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-ini/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getHomeDir.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getHomeDir = void 0; + var os_1 = require("os"); + var path_1 = require("path"); + var homeDirCache = {}; + var getHomeDirCacheKey = () => { + if (process && process.geteuid) { + return `${process.geteuid()}`; + } + return "DEFAULT"; }; - __name(_CreateTokenCommand, "CreateTokenCommand"); - var CreateTokenCommand = _CreateTokenCommand; - var _CreateTokenWithIAMCommand = class _CreateTokenWithIAMCommand extends import_smithy_client4.Command.classBuilder().ep({ - ...commonParams - }).m(function(Command, cs, config, o) { - return [ - (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), - (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) - ]; - }).s("AWSSSOOIDCService", "CreateTokenWithIAM", {}).n("SSOOIDCClient", "CreateTokenWithIAMCommand").f(CreateTokenWithIAMRequestFilterSensitiveLog, CreateTokenWithIAMResponseFilterSensitiveLog).ser(se_CreateTokenWithIAMCommand).de(de_CreateTokenWithIAMCommand).build() { + var getHomeDir2 = () => { + const { HOME, USERPROFILE, HOMEPATH, HOMEDRIVE = `C:${path_1.sep}` } = process.env; + if (HOME) + return HOME; + if (USERPROFILE) + return USERPROFILE; + if (HOMEPATH) + return `${HOMEDRIVE}${HOMEPATH}`; + const homeDirCacheKey = getHomeDirCacheKey(); + if (!homeDirCache[homeDirCacheKey]) + homeDirCache[homeDirCacheKey] = (0, os_1.homedir)(); + return homeDirCache[homeDirCacheKey]; }; - __name(_CreateTokenWithIAMCommand, "CreateTokenWithIAMCommand"); - var CreateTokenWithIAMCommand = _CreateTokenWithIAMCommand; - var _RegisterClientCommand = class _RegisterClientCommand extends import_smithy_client4.Command.classBuilder().ep({ - ...commonParams - }).m(function(Command, cs, config, o) { - return [ - (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), - (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) - ]; - }).s("AWSSSOOIDCService", "RegisterClient", {}).n("SSOOIDCClient", "RegisterClientCommand").f(void 0, RegisterClientResponseFilterSensitiveLog).ser(se_RegisterClientCommand).de(de_RegisterClientCommand).build() { + exports2.getHomeDir = getHomeDir2; + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-ini/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFilepath.js +var require_getSSOTokenFilepath6 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-ini/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFilepath.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getSSOTokenFilepath = void 0; + var crypto_1 = require("crypto"); + var path_1 = require("path"); + var getHomeDir_1 = require_getHomeDir6(); + var getSSOTokenFilepath2 = (id) => { + const hasher = (0, crypto_1.createHash)("sha1"); + const cacheName = hasher.update(id).digest("hex"); + return (0, path_1.join)((0, getHomeDir_1.getHomeDir)(), ".aws", "sso", "cache", `${cacheName}.json`); }; - __name(_RegisterClientCommand, "RegisterClientCommand"); - var RegisterClientCommand = _RegisterClientCommand; - var _StartDeviceAuthorizationCommand = class _StartDeviceAuthorizationCommand extends import_smithy_client4.Command.classBuilder().ep({ - ...commonParams - }).m(function(Command, cs, config, o) { - return [ - (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), - (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) - ]; - }).s("AWSSSOOIDCService", "StartDeviceAuthorization", {}).n("SSOOIDCClient", "StartDeviceAuthorizationCommand").f(StartDeviceAuthorizationRequestFilterSensitiveLog, void 0).ser(se_StartDeviceAuthorizationCommand).de(de_StartDeviceAuthorizationCommand).build() { + exports2.getSSOTokenFilepath = getSSOTokenFilepath2; + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-ini/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFromFile.js +var require_getSSOTokenFromFile6 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-ini/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFromFile.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getSSOTokenFromFile = void 0; + var fs_1 = require("fs"); + var getSSOTokenFilepath_1 = require_getSSOTokenFilepath6(); + var { readFile } = fs_1.promises; + var getSSOTokenFromFile2 = async (id) => { + const ssoTokenFilepath = (0, getSSOTokenFilepath_1.getSSOTokenFilepath)(id); + const ssoTokenText = await readFile(ssoTokenFilepath, "utf8"); + return JSON.parse(ssoTokenText); }; - __name(_StartDeviceAuthorizationCommand, "StartDeviceAuthorizationCommand"); - var StartDeviceAuthorizationCommand = _StartDeviceAuthorizationCommand; - var commands = { - CreateTokenCommand, - CreateTokenWithIAMCommand, - RegisterClientCommand, - StartDeviceAuthorizationCommand + exports2.getSSOTokenFromFile = getSSOTokenFromFile2; + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-ini/node_modules/@smithy/shared-ini-file-loader/dist-cjs/slurpFile.js +var require_slurpFile6 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-ini/node_modules/@smithy/shared-ini-file-loader/dist-cjs/slurpFile.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.slurpFile = void 0; + var fs_1 = require("fs"); + var { readFile } = fs_1.promises; + var filePromisesHash = {}; + var slurpFile = (path, options) => { + if (!filePromisesHash[path] || (options === null || options === void 0 ? void 0 : options.ignoreCache)) { + filePromisesHash[path] = readFile(path, "utf8"); + } + return filePromisesHash[path]; }; - var _SSOOIDC = class _SSOOIDC extends SSOOIDCClient { + exports2.slurpFile = slurpFile; + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-ini/node_modules/@smithy/shared-ini-file-loader/dist-cjs/index.js +var require_dist_cjs65 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-ini/node_modules/@smithy/shared-ini-file-loader/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); }; - __name(_SSOOIDC, "SSOOIDC"); - var SSOOIDC = _SSOOIDC; - (0, import_smithy_client4.createAggregatedClient)(commands, SSOOIDC); + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; + }; + var __reExport = (target, mod, secondTarget) => (__copyProps2(target, mod, "default"), secondTarget && __copyProps2(secondTarget, mod, "default")); + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + CONFIG_PREFIX_SEPARATOR: () => CONFIG_PREFIX_SEPARATOR, + DEFAULT_PROFILE: () => DEFAULT_PROFILE, + ENV_PROFILE: () => ENV_PROFILE, + getProfileName: () => getProfileName, + loadSharedConfigFiles: () => loadSharedConfigFiles, + loadSsoSessionData: () => loadSsoSessionData, + parseKnownFiles: () => parseKnownFiles + }); + module2.exports = __toCommonJS2(src_exports); + __reExport(src_exports, require_getHomeDir6(), module2.exports); + var ENV_PROFILE = "AWS_PROFILE"; + var DEFAULT_PROFILE = "default"; + var getProfileName = /* @__PURE__ */ __name((init) => init.profile || process.env[ENV_PROFILE] || DEFAULT_PROFILE, "getProfileName"); + __reExport(src_exports, require_getSSOTokenFilepath6(), module2.exports); + __reExport(src_exports, require_getSSOTokenFromFile6(), module2.exports); + var import_types5 = require_dist_cjs(); + var getConfigData = /* @__PURE__ */ __name((data) => Object.entries(data).filter(([key]) => { + const indexOfSeparator = key.indexOf(CONFIG_PREFIX_SEPARATOR); + if (indexOfSeparator === -1) { + return false; + } + return Object.values(import_types5.IniSectionType).includes(key.substring(0, indexOfSeparator)); + }).reduce( + (acc, [key, value]) => { + const indexOfSeparator = key.indexOf(CONFIG_PREFIX_SEPARATOR); + const updatedKey = key.substring(0, indexOfSeparator) === import_types5.IniSectionType.PROFILE ? key.substring(indexOfSeparator + 1) : key; + acc[updatedKey] = value; + return acc; + }, + { + // Populate default profile, if present. + ...data.default && { default: data.default } + } + ), "getConfigData"); + var import_path = require("path"); + var import_getHomeDir = require_getHomeDir6(); + var ENV_CONFIG_PATH = "AWS_CONFIG_FILE"; + var getConfigFilepath = /* @__PURE__ */ __name(() => process.env[ENV_CONFIG_PATH] || (0, import_path.join)((0, import_getHomeDir.getHomeDir)(), ".aws", "config"), "getConfigFilepath"); + var import_getHomeDir2 = require_getHomeDir6(); + var ENV_CREDENTIALS_PATH = "AWS_SHARED_CREDENTIALS_FILE"; + var getCredentialsFilepath = /* @__PURE__ */ __name(() => process.env[ENV_CREDENTIALS_PATH] || (0, import_path.join)((0, import_getHomeDir2.getHomeDir)(), ".aws", "credentials"), "getCredentialsFilepath"); + var import_getHomeDir3 = require_getHomeDir6(); + var prefixKeyRegex = /^([\w-]+)\s(["'])?([\w-@\+\.%:/]+)\2$/; + var profileNameBlockList = ["__proto__", "profile __proto__"]; + var parseIni = /* @__PURE__ */ __name((iniData) => { + const map = {}; + let currentSection; + let currentSubSection; + for (const iniLine of iniData.split(/\r?\n/)) { + const trimmedLine = iniLine.split(/(^|\s)[;#]/)[0].trim(); + const isSection = trimmedLine[0] === "[" && trimmedLine[trimmedLine.length - 1] === "]"; + if (isSection) { + currentSection = void 0; + currentSubSection = void 0; + const sectionName = trimmedLine.substring(1, trimmedLine.length - 1); + const matches = prefixKeyRegex.exec(sectionName); + if (matches) { + const [, prefix, , name] = matches; + if (Object.values(import_types5.IniSectionType).includes(prefix)) { + currentSection = [prefix, name].join(CONFIG_PREFIX_SEPARATOR); + } + } else { + currentSection = sectionName; + } + if (profileNameBlockList.includes(sectionName)) { + throw new Error(`Found invalid profile name "${sectionName}"`); + } + } else if (currentSection) { + const indexOfEqualsSign = trimmedLine.indexOf("="); + if (![0, -1].includes(indexOfEqualsSign)) { + const [name, value] = [ + trimmedLine.substring(0, indexOfEqualsSign).trim(), + trimmedLine.substring(indexOfEqualsSign + 1).trim() + ]; + if (value === "") { + currentSubSection = name; + } else { + if (currentSubSection && iniLine.trimStart() === iniLine) { + currentSubSection = void 0; + } + map[currentSection] = map[currentSection] || {}; + const key = currentSubSection ? [currentSubSection, name].join(CONFIG_PREFIX_SEPARATOR) : name; + map[currentSection][key] = value; + } + } + } + } + return map; + }, "parseIni"); + var import_slurpFile = require_slurpFile6(); + var swallowError = /* @__PURE__ */ __name(() => ({}), "swallowError"); + var CONFIG_PREFIX_SEPARATOR = "."; + var loadSharedConfigFiles = /* @__PURE__ */ __name(async (init = {}) => { + const { filepath = getCredentialsFilepath(), configFilepath = getConfigFilepath() } = init; + const homeDir = (0, import_getHomeDir3.getHomeDir)(); + const relativeHomeDirPrefix = "~/"; + let resolvedFilepath = filepath; + if (filepath.startsWith(relativeHomeDirPrefix)) { + resolvedFilepath = (0, import_path.join)(homeDir, filepath.slice(2)); + } + let resolvedConfigFilepath = configFilepath; + if (configFilepath.startsWith(relativeHomeDirPrefix)) { + resolvedConfigFilepath = (0, import_path.join)(homeDir, configFilepath.slice(2)); + } + const parsedFiles = await Promise.all([ + (0, import_slurpFile.slurpFile)(resolvedConfigFilepath, { + ignoreCache: init.ignoreCache + }).then(parseIni).then(getConfigData).catch(swallowError), + (0, import_slurpFile.slurpFile)(resolvedFilepath, { + ignoreCache: init.ignoreCache + }).then(parseIni).catch(swallowError) + ]); + return { + configFile: parsedFiles[0], + credentialsFile: parsedFiles[1] + }; + }, "loadSharedConfigFiles"); + var getSsoSessionData = /* @__PURE__ */ __name((data) => Object.entries(data).filter(([key]) => key.startsWith(import_types5.IniSectionType.SSO_SESSION + CONFIG_PREFIX_SEPARATOR)).reduce((acc, [key, value]) => ({ ...acc, [key.substring(key.indexOf(CONFIG_PREFIX_SEPARATOR) + 1)]: value }), {}), "getSsoSessionData"); + var import_slurpFile2 = require_slurpFile6(); + var swallowError2 = /* @__PURE__ */ __name(() => ({}), "swallowError"); + var loadSsoSessionData = /* @__PURE__ */ __name(async (init = {}) => (0, import_slurpFile2.slurpFile)(init.configFilepath ?? getConfigFilepath()).then(parseIni).then(getSsoSessionData).catch(swallowError2), "loadSsoSessionData"); + var mergeConfigFiles = /* @__PURE__ */ __name((...files) => { + const merged = {}; + for (const file of files) { + for (const [key, values] of Object.entries(file)) { + if (merged[key] !== void 0) { + Object.assign(merged[key], values); + } else { + merged[key] = values; + } + } + } + return merged; + }, "mergeConfigFiles"); + var parseKnownFiles = /* @__PURE__ */ __name(async (init) => { + const parsedFiles = await loadSharedConfigFiles(init); + return mergeConfigFiles(parsedFiles.configFile, parsedFiles.credentialsFile); + }, "parseKnownFiles"); } }); -// ../../../node_modules/@aws-sdk/token-providers/dist-cjs/index.js -var require_dist_cjs46 = __commonJS({ - "../../../node_modules/@aws-sdk/token-providers/dist-cjs/index.js"(exports2, module2) { - "use strict"; - var __create2 = Object.create; +// ../../../node_modules/@aws-sdk/credential-provider-ini/node_modules/@smithy/property-provider/dist-cjs/index.js +var require_dist_cjs66 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-ini/node_modules/@smithy/property-provider/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; var __getOwnPropNames2 = Object.getOwnPropertyNames; - var __getProtoOf2 = Object.getPrototypeOf; var __hasOwnProp2 = Object.prototype.hasOwnProperty; var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); var __export2 = (target, all) => { @@ -15436,175 +18898,143 @@ var require_dist_cjs46 = __commonJS({ } return to; }; - var __toESM2 = (mod, isNodeMode, target) => (target = mod != null ? __create2(__getProtoOf2(mod)) : {}, __copyProps2( - // If the importer is in node compatibility mode or this is not an ESM - // file that has been converted to a CommonJS file using a Babel- - // compatible transform (i.e. "__esModule" has not been set), then set - // "default" to the CommonJS "module.exports" for node compatibility. - isNodeMode || !mod || !mod.__esModule ? __defProp2(target, "default", { value: mod, enumerable: true }) : target, - mod - )); var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var src_exports = {}; __export2(src_exports, { - fromSso: () => fromSso, + CredentialsProviderError: () => CredentialsProviderError, + ProviderError: () => ProviderError2, + TokenProviderError: () => TokenProviderError, + chain: () => chain, fromStatic: () => fromStatic, - nodeProvider: () => nodeProvider + memoize: () => memoize }); module2.exports = __toCommonJS2(src_exports); - var EXPIRE_WINDOW_MS = 5 * 60 * 1e3; - var REFRESH_MESSAGE = `To refresh this SSO session run 'aws sso login' with the corresponding profile.`; - var ssoOidcClientsHash = {}; - var getSsoOidcClient = /* @__PURE__ */ __name(async (ssoRegion) => { - const { SSOOIDCClient } = await Promise.resolve().then(() => __toESM2(require_dist_cjs45())); - if (ssoOidcClientsHash[ssoRegion]) { - return ssoOidcClientsHash[ssoRegion]; + var _ProviderError = class _ProviderError2 extends Error { + constructor(message, options = true) { + var _a; + let logger; + let tryNextLink = true; + if (typeof options === "boolean") { + logger = void 0; + tryNextLink = options; + } else if (options != null && typeof options === "object") { + logger = options.logger; + tryNextLink = options.tryNextLink ?? true; + } + super(message); + this.name = "ProviderError"; + this.tryNextLink = tryNextLink; + Object.setPrototypeOf(this, _ProviderError2.prototype); + (_a = logger == null ? void 0 : logger.debug) == null ? void 0 : _a.call(logger, `@smithy/property-provider ${tryNextLink ? "->" : "(!)"} ${message}`); } - const ssoOidcClient = new SSOOIDCClient({ region: ssoRegion }); - ssoOidcClientsHash[ssoRegion] = ssoOidcClient; - return ssoOidcClient; - }, "getSsoOidcClient"); - var getNewSsoOidcToken = /* @__PURE__ */ __name(async (ssoToken, ssoRegion) => { - const { CreateTokenCommand } = await Promise.resolve().then(() => __toESM2(require_dist_cjs45())); - const ssoOidcClient = await getSsoOidcClient(ssoRegion); - return ssoOidcClient.send( - new CreateTokenCommand({ - clientId: ssoToken.clientId, - clientSecret: ssoToken.clientSecret, - refreshToken: ssoToken.refreshToken, - grantType: "refresh_token" - }) - ); - }, "getNewSsoOidcToken"); - var import_property_provider2 = require_dist_cjs24(); - var validateTokenExpiry = /* @__PURE__ */ __name((token) => { - if (token.expiration && token.expiration.getTime() < Date.now()) { - throw new import_property_provider2.TokenProviderError(`Token is expired. ${REFRESH_MESSAGE}`, false); + /** + * @deprecated use new operator. + */ + static from(error, options = true) { + return Object.assign(new this(error.message, options), error); } - }, "validateTokenExpiry"); - var validateTokenKey = /* @__PURE__ */ __name((key, value, forRefresh = false) => { - if (typeof value === "undefined") { - throw new import_property_provider2.TokenProviderError( - `Value not present for '${key}' in SSO Token${forRefresh ? ". Cannot refresh" : ""}. ${REFRESH_MESSAGE}`, - false - ); + }; + __name(_ProviderError, "ProviderError"); + var ProviderError2 = _ProviderError; + var _CredentialsProviderError = class _CredentialsProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "CredentialsProviderError"; + Object.setPrototypeOf(this, _CredentialsProviderError2.prototype); } - }, "validateTokenKey"); - var import_shared_ini_file_loader = require_dist_cjs25(); - var import_fs = require("fs"); - var { writeFile } = import_fs.promises; - var writeSSOTokenToFile = /* @__PURE__ */ __name((id, ssoToken) => { - const tokenFilepath = (0, import_shared_ini_file_loader.getSSOTokenFilepath)(id); - const tokenString = JSON.stringify(ssoToken, null, 2); - return writeFile(tokenFilepath, tokenString); - }, "writeSSOTokenToFile"); - var lastRefreshAttemptTime = /* @__PURE__ */ new Date(0); - var fromSso = /* @__PURE__ */ __name((init = {}) => async () => { - var _a; - (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/token-providers - fromSso"); - const profiles = await (0, import_shared_ini_file_loader.parseKnownFiles)(init); - const profileName = (0, import_shared_ini_file_loader.getProfileName)(init); - const profile = profiles[profileName]; - if (!profile) { - throw new import_property_provider2.TokenProviderError(`Profile '${profileName}' could not be found in shared credentials file.`, false); - } else if (!profile["sso_session"]) { - throw new import_property_provider2.TokenProviderError(`Profile '${profileName}' is missing required property 'sso_session'.`); + }; + __name(_CredentialsProviderError, "CredentialsProviderError"); + var CredentialsProviderError = _CredentialsProviderError; + var _TokenProviderError = class _TokenProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "TokenProviderError"; + Object.setPrototypeOf(this, _TokenProviderError2.prototype); } - const ssoSessionName = profile["sso_session"]; - const ssoSessions = await (0, import_shared_ini_file_loader.loadSsoSessionData)(init); - const ssoSession = ssoSessions[ssoSessionName]; - if (!ssoSession) { - throw new import_property_provider2.TokenProviderError( - `Sso session '${ssoSessionName}' could not be found in shared credentials file.`, - false - ); + }; + __name(_TokenProviderError, "TokenProviderError"); + var TokenProviderError = _TokenProviderError; + var chain = /* @__PURE__ */ __name((...providers) => async () => { + if (providers.length === 0) { + throw new ProviderError2("No providers in chain"); } - for (const ssoSessionRequiredKey of ["sso_start_url", "sso_region"]) { - if (!ssoSession[ssoSessionRequiredKey]) { - throw new import_property_provider2.TokenProviderError( - `Sso session '${ssoSessionName}' is missing required property '${ssoSessionRequiredKey}'.`, - false - ); + let lastProviderError; + for (const provider of providers) { + try { + const credentials = await provider(); + return credentials; + } catch (err) { + lastProviderError = err; + if (err == null ? void 0 : err.tryNextLink) { + continue; + } + throw err; } } - const ssoStartUrl = ssoSession["sso_start_url"]; - const ssoRegion = ssoSession["sso_region"]; - let ssoToken; - try { - ssoToken = await (0, import_shared_ini_file_loader.getSSOTokenFromFile)(ssoSessionName); - } catch (e) { - throw new import_property_provider2.TokenProviderError( - `The SSO session token associated with profile=${profileName} was not found or is invalid. ${REFRESH_MESSAGE}`, - false - ); - } - validateTokenKey("accessToken", ssoToken.accessToken); - validateTokenKey("expiresAt", ssoToken.expiresAt); - const { accessToken, expiresAt } = ssoToken; - const existingToken = { token: accessToken, expiration: new Date(expiresAt) }; - if (existingToken.expiration.getTime() - Date.now() > EXPIRE_WINDOW_MS) { - return existingToken; - } - if (Date.now() - lastRefreshAttemptTime.getTime() < 30 * 1e3) { - validateTokenExpiry(existingToken); - return existingToken; - } - validateTokenKey("clientId", ssoToken.clientId, true); - validateTokenKey("clientSecret", ssoToken.clientSecret, true); - validateTokenKey("refreshToken", ssoToken.refreshToken, true); - try { - lastRefreshAttemptTime.setTime(Date.now()); - const newSsoOidcToken = await getNewSsoOidcToken(ssoToken, ssoRegion); - validateTokenKey("accessToken", newSsoOidcToken.accessToken); - validateTokenKey("expiresIn", newSsoOidcToken.expiresIn); - const newTokenExpiration = new Date(Date.now() + newSsoOidcToken.expiresIn * 1e3); + throw lastProviderError; + }, "chain"); + var fromStatic = /* @__PURE__ */ __name((staticValue) => () => Promise.resolve(staticValue), "fromStatic"); + var memoize = /* @__PURE__ */ __name((provider, isExpired, requiresRefresh) => { + let resolved; + let pending; + let hasResult; + let isConstant = false; + const coalesceProvider = /* @__PURE__ */ __name(async () => { + if (!pending) { + pending = provider(); + } try { - await writeSSOTokenToFile(ssoSessionName, { - ...ssoToken, - accessToken: newSsoOidcToken.accessToken, - expiresAt: newTokenExpiration.toISOString(), - refreshToken: newSsoOidcToken.refreshToken - }); - } catch (error) { + resolved = await pending; + hasResult = true; + isConstant = false; + } finally { + pending = void 0; } - return { - token: newSsoOidcToken.accessToken, - expiration: newTokenExpiration + return resolved; + }, "coalesceProvider"); + if (isExpired === void 0) { + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); + } + return resolved; }; - } catch (error) { - validateTokenExpiry(existingToken); - return existingToken; } - }, "fromSso"); - var fromStatic = /* @__PURE__ */ __name(({ token, logger }) => async () => { - logger == null ? void 0 : logger.debug("@aws-sdk/token-providers - fromStatic"); - if (!token || !token.token) { - throw new import_property_provider2.TokenProviderError(`Please pass a valid token to fromStatic`, false); - } - return token; - }, "fromStatic"); - var nodeProvider = /* @__PURE__ */ __name((init = {}) => (0, import_property_provider2.memoize)( - (0, import_property_provider2.chain)(fromSso(init), async () => { - throw new import_property_provider2.TokenProviderError("Could not load token from any providers", false); - }), - (token) => token.expiration !== void 0 && token.expiration.getTime() - Date.now() < 3e5, - (token) => token.expiration !== void 0 - ), "nodeProvider"); - } -}); - -// ../../../node_modules/@aws-sdk/credential-provider-sso/dist-cjs/index.js -var require_dist_cjs47 = __commonJS({ - "../../../node_modules/@aws-sdk/credential-provider-sso/dist-cjs/index.js"(exports2, module2) { - "use strict"; + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); + } + if (isConstant) { + return resolved; + } + if (requiresRefresh && !requiresRefresh(resolved)) { + isConstant = true; + return resolved; + } + if (isExpired(resolved)) { + await coalesceProvider(); + return resolved; + } + return resolved; + }; + }, "memoize"); + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-ini/node_modules/@smithy/credential-provider-imds/dist-cjs/index.js +var require_dist_cjs67 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-ini/node_modules/@smithy/credential-provider-imds/dist-cjs/index.js"(exports2, module2) { var __defProp2 = Object.defineProperty; var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; var __getOwnPropNames2 = Object.getOwnPropertyNames; var __hasOwnProp2 = Object.prototype.hasOwnProperty; var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); - var __esm2 = (fn, res) => function __init() { - return fn && (res = (0, fn[__getOwnPropNames2(fn)[0]])(fn = 0)), res; - }; var __export2 = (target, all) => { for (var name in all) __defProp2(target, name, { get: all[name], enumerable: true }); @@ -15618,193 +19048,379 @@ var require_dist_cjs47 = __commonJS({ return to; }; var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); - var loadSso_exports = {}; - __export2(loadSso_exports, { - GetRoleCredentialsCommand: () => import_client_sso.GetRoleCredentialsCommand, - SSOClient: () => import_client_sso.SSOClient - }); - var import_client_sso; - var init_loadSso = __esm2({ - "src/loadSso.ts"() { - "use strict"; - import_client_sso = require_dist_cjs44(); - } - }); var src_exports = {}; __export2(src_exports, { - fromSSO: () => fromSSO, - isSsoProfile: () => isSsoProfile, - validateSsoProfile: () => validateSsoProfile + DEFAULT_MAX_RETRIES: () => DEFAULT_MAX_RETRIES, + DEFAULT_TIMEOUT: () => DEFAULT_TIMEOUT, + ENV_CMDS_AUTH_TOKEN: () => ENV_CMDS_AUTH_TOKEN, + ENV_CMDS_FULL_URI: () => ENV_CMDS_FULL_URI, + ENV_CMDS_RELATIVE_URI: () => ENV_CMDS_RELATIVE_URI, + Endpoint: () => Endpoint, + fromContainerMetadata: () => fromContainerMetadata, + fromInstanceMetadata: () => fromInstanceMetadata, + getInstanceMetadataEndpoint: () => getInstanceMetadataEndpoint, + httpRequest: () => httpRequest, + providerConfigFromInit: () => providerConfigFromInit }); module2.exports = __toCommonJS2(src_exports); - var isSsoProfile = /* @__PURE__ */ __name((arg) => arg && (typeof arg.sso_start_url === "string" || typeof arg.sso_account_id === "string" || typeof arg.sso_session === "string" || typeof arg.sso_region === "string" || typeof arg.sso_role_name === "string"), "isSsoProfile"); - var import_token_providers = require_dist_cjs46(); - var import_property_provider2 = require_dist_cjs24(); - var import_shared_ini_file_loader = require_dist_cjs25(); - var SHOULD_FAIL_CREDENTIAL_CHAIN = false; - var resolveSSOCredentials = /* @__PURE__ */ __name(async ({ - ssoStartUrl, - ssoSession, - ssoAccountId, - ssoRegion, - ssoRoleName, - ssoClient, - clientConfig, - profile, - logger - }) => { - let token; - const refreshMessage = `To refresh this SSO session run aws sso login with the corresponding profile.`; - if (ssoSession) { - try { - const _token = await (0, import_token_providers.fromSso)({ profile })(); - token = { - accessToken: _token.token, - expiresAt: new Date(_token.expiration).toISOString() - }; - } catch (e) { - throw new import_property_provider2.CredentialsProviderError(e.message, { - tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN, + var import_url = require("url"); + var import_property_provider2 = require_dist_cjs66(); + var import_buffer = require("buffer"); + var import_http2 = require("http"); + function httpRequest(options) { + return new Promise((resolve, reject) => { + var _a; + const req = (0, import_http2.request)({ + method: "GET", + ...options, + // Node.js http module doesn't accept hostname with square brackets + // Refs: https://github.com/nodejs/node/issues/39738 + hostname: (_a = options.hostname) == null ? void 0 : _a.replace(/^\[(.+)\]$/, "$1") + }); + req.on("error", (err) => { + reject(Object.assign(new import_property_provider2.ProviderError("Unable to connect to instance metadata service"), err)); + req.destroy(); + }); + req.on("timeout", () => { + reject(new import_property_provider2.ProviderError("TimeoutError from instance metadata service")); + req.destroy(); + }); + req.on("response", (res) => { + const { statusCode = 400 } = res; + if (statusCode < 200 || 300 <= statusCode) { + reject( + Object.assign(new import_property_provider2.ProviderError("Error response received from instance metadata service"), { statusCode }) + ); + req.destroy(); + } + const chunks = []; + res.on("data", (chunk) => { + chunks.push(chunk); + }); + res.on("end", () => { + resolve(import_buffer.Buffer.concat(chunks)); + req.destroy(); + }); + }); + req.end(); + }); + } + __name(httpRequest, "httpRequest"); + var isImdsCredentials = /* @__PURE__ */ __name((arg) => Boolean(arg) && typeof arg === "object" && typeof arg.AccessKeyId === "string" && typeof arg.SecretAccessKey === "string" && typeof arg.Token === "string" && typeof arg.Expiration === "string", "isImdsCredentials"); + var fromImdsCredentials = /* @__PURE__ */ __name((creds) => ({ + accessKeyId: creds.AccessKeyId, + secretAccessKey: creds.SecretAccessKey, + sessionToken: creds.Token, + expiration: new Date(creds.Expiration), + ...creds.AccountId && { accountId: creds.AccountId } + }), "fromImdsCredentials"); + var DEFAULT_TIMEOUT = 1e3; + var DEFAULT_MAX_RETRIES = 0; + var providerConfigFromInit = /* @__PURE__ */ __name(({ + maxRetries = DEFAULT_MAX_RETRIES, + timeout = DEFAULT_TIMEOUT + }) => ({ maxRetries, timeout }), "providerConfigFromInit"); + var retry = /* @__PURE__ */ __name((toRetry, maxRetries) => { + let promise = toRetry(); + for (let i = 0; i < maxRetries; i++) { + promise = promise.catch(toRetry); + } + return promise; + }, "retry"); + var ENV_CMDS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI"; + var ENV_CMDS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI"; + var ENV_CMDS_AUTH_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN"; + var fromContainerMetadata = /* @__PURE__ */ __name((init = {}) => { + const { timeout, maxRetries } = providerConfigFromInit(init); + return () => retry(async () => { + const requestOptions = await getCmdsUri({ logger: init.logger }); + const credsResponse = JSON.parse(await requestFromEcsImds(timeout, requestOptions)); + if (!isImdsCredentials(credsResponse)) { + throw new import_property_provider2.CredentialsProviderError("Invalid response received from instance metadata service.", { + logger: init.logger + }); + } + return fromImdsCredentials(credsResponse); + }, maxRetries); + }, "fromContainerMetadata"); + var requestFromEcsImds = /* @__PURE__ */ __name(async (timeout, options) => { + if (process.env[ENV_CMDS_AUTH_TOKEN]) { + options.headers = { + ...options.headers, + Authorization: process.env[ENV_CMDS_AUTH_TOKEN] + }; + } + const buffer = await httpRequest({ + ...options, + timeout + }); + return buffer.toString(); + }, "requestFromEcsImds"); + var CMDS_IP = "169.254.170.2"; + var GREENGRASS_HOSTS = { + localhost: true, + "127.0.0.1": true + }; + var GREENGRASS_PROTOCOLS = { + "http:": true, + "https:": true + }; + var getCmdsUri = /* @__PURE__ */ __name(async ({ logger }) => { + if (process.env[ENV_CMDS_RELATIVE_URI]) { + return { + hostname: CMDS_IP, + path: process.env[ENV_CMDS_RELATIVE_URI] + }; + } + if (process.env[ENV_CMDS_FULL_URI]) { + const parsed = (0, import_url.parse)(process.env[ENV_CMDS_FULL_URI]); + if (!parsed.hostname || !(parsed.hostname in GREENGRASS_HOSTS)) { + throw new import_property_provider2.CredentialsProviderError(`${parsed.hostname} is not a valid container metadata service hostname`, { + tryNextLink: false, logger }); } - } else { - try { - token = await (0, import_shared_ini_file_loader.getSSOTokenFromFile)(ssoStartUrl); - } catch (e) { - throw new import_property_provider2.CredentialsProviderError(`The SSO session associated with this profile is invalid. ${refreshMessage}`, { - tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN, + if (!parsed.protocol || !(parsed.protocol in GREENGRASS_PROTOCOLS)) { + throw new import_property_provider2.CredentialsProviderError(`${parsed.protocol} is not a valid container metadata service protocol`, { + tryNextLink: false, logger }); } + return { + ...parsed, + port: parsed.port ? parseInt(parsed.port, 10) : void 0 + }; } - if (new Date(token.expiresAt).getTime() - Date.now() <= 0) { - throw new import_property_provider2.CredentialsProviderError(`The SSO session associated with this profile has expired. ${refreshMessage}`, { - tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN, + throw new import_property_provider2.CredentialsProviderError( + `The container metadata credential provider cannot be used unless the ${ENV_CMDS_RELATIVE_URI} or ${ENV_CMDS_FULL_URI} environment variable is set`, + { + tryNextLink: false, logger - }); - } - const { accessToken } = token; - const { SSOClient: SSOClient2, GetRoleCredentialsCommand: GetRoleCredentialsCommand2 } = await Promise.resolve().then(() => (init_loadSso(), loadSso_exports)); - const sso = ssoClient || new SSOClient2( - Object.assign({}, clientConfig ?? {}, { - region: (clientConfig == null ? void 0 : clientConfig.region) ?? ssoRegion - }) + } ); - let ssoResp; - try { - ssoResp = await sso.send( - new GetRoleCredentialsCommand2({ - accountId: ssoAccountId, - roleName: ssoRoleName, - accessToken - }) - ); - } catch (e) { - throw new import_property_provider2.CredentialsProviderError(e, { - tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN, - logger - }); + }, "getCmdsUri"); + var _InstanceMetadataV1FallbackError = class _InstanceMetadataV1FallbackError2 extends import_property_provider2.CredentialsProviderError { + constructor(message, tryNextLink = true) { + super(message, tryNextLink); + this.tryNextLink = tryNextLink; + this.name = "InstanceMetadataV1FallbackError"; + Object.setPrototypeOf(this, _InstanceMetadataV1FallbackError2.prototype); } - const { - roleCredentials: { accessKeyId, secretAccessKey, sessionToken, expiration, credentialScope, accountId } = {} - } = ssoResp; - if (!accessKeyId || !secretAccessKey || !sessionToken || !expiration) { - throw new import_property_provider2.CredentialsProviderError("SSO returns an invalid temporary credential.", { - tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN, - logger - }); + }; + __name(_InstanceMetadataV1FallbackError, "InstanceMetadataV1FallbackError"); + var InstanceMetadataV1FallbackError = _InstanceMetadataV1FallbackError; + var import_node_config_provider = require_dist_cjs28(); + var import_url_parser = require_dist_cjs31(); + var Endpoint = /* @__PURE__ */ ((Endpoint2) => { + Endpoint2["IPv4"] = "http://169.254.169.254"; + Endpoint2["IPv6"] = "http://[fd00:ec2::254]"; + return Endpoint2; + })(Endpoint || {}); + var ENV_ENDPOINT_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT"; + var CONFIG_ENDPOINT_NAME = "ec2_metadata_service_endpoint"; + var ENDPOINT_CONFIG_OPTIONS = { + environmentVariableSelector: (env) => env[ENV_ENDPOINT_NAME], + configFileSelector: (profile) => profile[CONFIG_ENDPOINT_NAME], + default: void 0 + }; + var EndpointMode = /* @__PURE__ */ ((EndpointMode2) => { + EndpointMode2["IPv4"] = "IPv4"; + EndpointMode2["IPv6"] = "IPv6"; + return EndpointMode2; + })(EndpointMode || {}); + var ENV_ENDPOINT_MODE_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE"; + var CONFIG_ENDPOINT_MODE_NAME = "ec2_metadata_service_endpoint_mode"; + var ENDPOINT_MODE_CONFIG_OPTIONS = { + environmentVariableSelector: (env) => env[ENV_ENDPOINT_MODE_NAME], + configFileSelector: (profile) => profile[CONFIG_ENDPOINT_MODE_NAME], + default: "IPv4" + /* IPv4 */ + }; + var getInstanceMetadataEndpoint = /* @__PURE__ */ __name(async () => (0, import_url_parser.parseUrl)(await getFromEndpointConfig() || await getFromEndpointModeConfig()), "getInstanceMetadataEndpoint"); + var getFromEndpointConfig = /* @__PURE__ */ __name(async () => (0, import_node_config_provider.loadConfig)(ENDPOINT_CONFIG_OPTIONS)(), "getFromEndpointConfig"); + var getFromEndpointModeConfig = /* @__PURE__ */ __name(async () => { + const endpointMode = await (0, import_node_config_provider.loadConfig)(ENDPOINT_MODE_CONFIG_OPTIONS)(); + switch (endpointMode) { + case "IPv4": + return "http://169.254.169.254"; + case "IPv6": + return "http://[fd00:ec2::254]"; + default: + throw new Error(`Unsupported endpoint mode: ${endpointMode}. Select from ${Object.values(EndpointMode)}`); } + }, "getFromEndpointModeConfig"); + var STATIC_STABILITY_REFRESH_INTERVAL_SECONDS = 5 * 60; + var STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS = 5 * 60; + var STATIC_STABILITY_DOC_URL = "https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html"; + var getExtendedInstanceMetadataCredentials = /* @__PURE__ */ __name((credentials, logger) => { + const refreshInterval = STATIC_STABILITY_REFRESH_INTERVAL_SECONDS + Math.floor(Math.random() * STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS); + const newExpiration = new Date(Date.now() + refreshInterval * 1e3); + logger.warn( + `Attempting credential expiration extension due to a credential service availability issue. A refresh of these credentials will be attempted after ${new Date(newExpiration)}. +For more information, please visit: ` + STATIC_STABILITY_DOC_URL + ); + const originalExpiration = credentials.originalExpiration ?? credentials.expiration; return { - accessKeyId, - secretAccessKey, - sessionToken, - expiration: new Date(expiration), - ...credentialScope && { credentialScope }, - ...accountId && { accountId } + ...credentials, + ...originalExpiration ? { originalExpiration } : {}, + expiration: newExpiration }; - }, "resolveSSOCredentials"); - var validateSsoProfile = /* @__PURE__ */ __name((profile, logger) => { - const { sso_start_url, sso_account_id, sso_region, sso_role_name } = profile; - if (!sso_start_url || !sso_account_id || !sso_region || !sso_role_name) { - throw new import_property_provider2.CredentialsProviderError( - `Profile is configured with invalid SSO credentials. Required parameters "sso_account_id", "sso_region", "sso_role_name", "sso_start_url". Got ${Object.keys(profile).join( - ", " - )} -Reference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html`, - { tryNextLink: false, logger } - ); - } - return profile; - }, "validateSsoProfile"); - var fromSSO = /* @__PURE__ */ __name((init = {}) => async () => { - var _a; - (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-sso - fromSSO"); - const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoSession } = init; - const { ssoClient } = init; - const profileName = (0, import_shared_ini_file_loader.getProfileName)(init); - if (!ssoStartUrl && !ssoAccountId && !ssoRegion && !ssoRoleName && !ssoSession) { - const profiles = await (0, import_shared_ini_file_loader.parseKnownFiles)(init); - const profile = profiles[profileName]; - if (!profile) { - throw new import_property_provider2.CredentialsProviderError(`Profile ${profileName} was not found.`, { logger: init.logger }); + }, "getExtendedInstanceMetadataCredentials"); + var staticStabilityProvider = /* @__PURE__ */ __name((provider, options = {}) => { + const logger = (options == null ? void 0 : options.logger) || console; + let pastCredentials; + return async () => { + let credentials; + try { + credentials = await provider(); + if (credentials.expiration && credentials.expiration.getTime() < Date.now()) { + credentials = getExtendedInstanceMetadataCredentials(credentials, logger); + } + } catch (e) { + if (pastCredentials) { + logger.warn("Credential renew failed: ", e); + credentials = getExtendedInstanceMetadataCredentials(pastCredentials, logger); + } else { + throw e; + } } - if (!isSsoProfile(profile)) { - throw new import_property_provider2.CredentialsProviderError(`Profile ${profileName} is not configured with SSO credentials.`, { - logger: init.logger - }); + pastCredentials = credentials; + return credentials; + }; + }, "staticStabilityProvider"); + var IMDS_PATH = "/latest/meta-data/iam/security-credentials/"; + var IMDS_TOKEN_PATH = "/latest/api/token"; + var AWS_EC2_METADATA_V1_DISABLED = "AWS_EC2_METADATA_V1_DISABLED"; + var PROFILE_AWS_EC2_METADATA_V1_DISABLED = "ec2_metadata_v1_disabled"; + var X_AWS_EC2_METADATA_TOKEN = "x-aws-ec2-metadata-token"; + var fromInstanceMetadata = /* @__PURE__ */ __name((init = {}) => staticStabilityProvider(getInstanceMetadataProvider(init), { logger: init.logger }), "fromInstanceMetadata"); + var getInstanceMetadataProvider = /* @__PURE__ */ __name((init = {}) => { + let disableFetchToken = false; + const { logger, profile } = init; + const { timeout, maxRetries } = providerConfigFromInit(init); + const getCredentials = /* @__PURE__ */ __name(async (maxRetries2, options) => { + var _a; + const isImdsV1Fallback = disableFetchToken || ((_a = options.headers) == null ? void 0 : _a[X_AWS_EC2_METADATA_TOKEN]) == null; + if (isImdsV1Fallback) { + let fallbackBlockedFromProfile = false; + let fallbackBlockedFromProcessEnv = false; + const configValue = await (0, import_node_config_provider.loadConfig)( + { + environmentVariableSelector: (env) => { + const envValue = env[AWS_EC2_METADATA_V1_DISABLED]; + fallbackBlockedFromProcessEnv = !!envValue && envValue !== "false"; + if (envValue === void 0) { + throw new import_property_provider2.CredentialsProviderError( + `${AWS_EC2_METADATA_V1_DISABLED} not set in env, checking config file next.`, + { logger: init.logger } + ); + } + return fallbackBlockedFromProcessEnv; + }, + configFileSelector: (profile2) => { + const profileValue = profile2[PROFILE_AWS_EC2_METADATA_V1_DISABLED]; + fallbackBlockedFromProfile = !!profileValue && profileValue !== "false"; + return fallbackBlockedFromProfile; + }, + default: false + }, + { + profile + } + )(); + if (init.ec2MetadataV1Disabled || configValue) { + const causes = []; + if (init.ec2MetadataV1Disabled) + causes.push("credential provider initialization (runtime option ec2MetadataV1Disabled)"); + if (fallbackBlockedFromProfile) + causes.push(`config file profile (${PROFILE_AWS_EC2_METADATA_V1_DISABLED})`); + if (fallbackBlockedFromProcessEnv) + causes.push(`process environment variable (${AWS_EC2_METADATA_V1_DISABLED})`); + throw new InstanceMetadataV1FallbackError( + `AWS EC2 Metadata v1 fallback has been blocked by AWS SDK configuration in the following: [${causes.join( + ", " + )}].` + ); + } } - if (profile == null ? void 0 : profile.sso_session) { - const ssoSessions = await (0, import_shared_ini_file_loader.loadSsoSessionData)(init); - const session = ssoSessions[profile.sso_session]; - const conflictMsg = ` configurations in profile ${profileName} and sso-session ${profile.sso_session}`; - if (ssoRegion && ssoRegion !== session.sso_region) { - throw new import_property_provider2.CredentialsProviderError(`Conflicting SSO region` + conflictMsg, { - tryNextLink: false, - logger: init.logger - }); + const imdsProfile = (await retry(async () => { + let profile2; + try { + profile2 = await getProfile(options); + } catch (err) { + if (err.statusCode === 401) { + disableFetchToken = false; + } + throw err; } - if (ssoStartUrl && ssoStartUrl !== session.sso_start_url) { - throw new import_property_provider2.CredentialsProviderError(`Conflicting SSO start_url` + conflictMsg, { - tryNextLink: false, - logger: init.logger - }); + return profile2; + }, maxRetries2)).trim(); + return retry(async () => { + let creds; + try { + creds = await getCredentialsFromProfile(imdsProfile, options, init); + } catch (err) { + if (err.statusCode === 401) { + disableFetchToken = false; + } + throw err; } - profile.sso_region = session.sso_region; - profile.sso_start_url = session.sso_start_url; + return creds; + }, maxRetries2); + }, "getCredentials"); + return async () => { + const endpoint = await getInstanceMetadataEndpoint(); + if (disableFetchToken) { + logger == null ? void 0 : logger.debug("AWS SDK Instance Metadata", "using v1 fallback (no token fetch)"); + return getCredentials(maxRetries, { ...endpoint, timeout }); + } else { + let token; + try { + token = (await getMetadataToken({ ...endpoint, timeout })).toString(); + } catch (error) { + if ((error == null ? void 0 : error.statusCode) === 400) { + throw Object.assign(error, { + message: "EC2 Metadata token request returned error" + }); + } else if (error.message === "TimeoutError" || [403, 404, 405].includes(error.statusCode)) { + disableFetchToken = true; + } + logger == null ? void 0 : logger.debug("AWS SDK Instance Metadata", "using v1 fallback (initial)"); + return getCredentials(maxRetries, { ...endpoint, timeout }); + } + return getCredentials(maxRetries, { + ...endpoint, + headers: { + [X_AWS_EC2_METADATA_TOKEN]: token + }, + timeout + }); } - const { sso_start_url, sso_account_id, sso_region, sso_role_name, sso_session } = validateSsoProfile( - profile, - init.logger - ); - return resolveSSOCredentials({ - ssoStartUrl: sso_start_url, - ssoSession: sso_session, - ssoAccountId: sso_account_id, - ssoRegion: sso_region, - ssoRoleName: sso_role_name, - ssoClient, - clientConfig: init.clientConfig, - profile: profileName - }); - } else if (!ssoStartUrl || !ssoAccountId || !ssoRegion || !ssoRoleName) { - throw new import_property_provider2.CredentialsProviderError( - 'Incomplete configuration. The fromSSO() argument hash must include "ssoStartUrl", "ssoAccountId", "ssoRegion", "ssoRoleName"', - { tryNextLink: false, logger: init.logger } - ); - } else { - return resolveSSOCredentials({ - ssoStartUrl, - ssoSession, - ssoAccountId, - ssoRegion, - ssoRoleName, - ssoClient, - clientConfig: init.clientConfig, - profile: profileName + }; + }, "getInstanceMetadataProvider"); + var getMetadataToken = /* @__PURE__ */ __name(async (options) => httpRequest({ + ...options, + path: IMDS_TOKEN_PATH, + method: "PUT", + headers: { + "x-aws-ec2-metadata-token-ttl-seconds": "21600" + } + }), "getMetadataToken"); + var getProfile = /* @__PURE__ */ __name(async (options) => (await httpRequest({ ...options, path: IMDS_PATH })).toString(), "getProfile"); + var getCredentialsFromProfile = /* @__PURE__ */ __name(async (profile, options, init) => { + const credentialsResponse = JSON.parse( + (await httpRequest({ + ...options, + path: IMDS_PATH + profile + })).toString() + ); + if (!isImdsCredentials(credentialsResponse)) { + throw new import_property_provider2.CredentialsProviderError("Invalid response received from instance metadata service.", { + logger: init.logger }); } - }, "fromSSO"); + return fromImdsCredentials(credentialsResponse); + }, "getCredentialsFromProfile"); } }); @@ -16089,10 +19705,10 @@ var require_runtimeConfig_shared3 = __commonJS({ exports2.getRuntimeConfig = void 0; var core_1 = (init_dist_es2(), __toCommonJS(dist_es_exports2)); var core_2 = (init_dist_es(), __toCommonJS(dist_es_exports)); - var smithy_client_1 = require_dist_cjs33(); - var url_parser_1 = require_dist_cjs28(); - var util_base64_1 = require_dist_cjs16(); - var util_utf8_1 = require_dist_cjs15(); + var smithy_client_1 = require_dist_cjs37(); + var url_parser_1 = require_dist_cjs31(); + var util_base64_1 = require_dist_cjs17(); + var util_utf8_1 = require_dist_cjs16(); var httpAuthSchemeProvider_1 = require_httpAuthSchemeProvider4(); var endpointResolver_1 = require_endpointResolver3(); var getRuntimeConfig = (config) => { @@ -16136,20 +19752,20 @@ var require_runtimeConfig3 = __commonJS({ var tslib_1 = (init_tslib_es6(), __toCommonJS(tslib_es6_exports)); var package_json_1 = tslib_1.__importDefault(require_package4()); var core_1 = (init_dist_es2(), __toCommonJS(dist_es_exports2)); - var credential_provider_node_1 = require_dist_cjs52(); - var util_user_agent_node_1 = require_dist_cjs39(); + var credential_provider_node_1 = require_dist_cjs75(); + var util_user_agent_node_1 = require_dist_cjs49(); var config_resolver_1 = require_dist_cjs11(); var core_2 = (init_dist_es(), __toCommonJS(dist_es_exports)); - var hash_node_1 = require_dist_cjs40(); - var middleware_retry_1 = require_dist_cjs34(); - var node_config_provider_1 = require_dist_cjs26(); - var node_http_handler_1 = require_dist_cjs19(); - var util_body_length_node_1 = require_dist_cjs41(); - var util_retry_1 = require_dist_cjs31(); + var hash_node_1 = require_dist_cjs51(); + var middleware_retry_1 = require_dist_cjs38(); + var node_config_provider_1 = require_dist_cjs28(); + var node_http_handler_1 = require_dist_cjs20(); + var util_body_length_node_1 = require_dist_cjs52(); + var util_retry_1 = require_dist_cjs34(); var runtimeConfig_shared_1 = require_runtimeConfig_shared3(); - var smithy_client_1 = require_dist_cjs33(); - var util_defaults_mode_node_1 = require_dist_cjs42(); - var smithy_client_2 = require_dist_cjs33(); + var smithy_client_1 = require_dist_cjs37(); + var util_defaults_mode_node_1 = require_dist_cjs55(); + var smithy_client_2 = require_dist_cjs37(); var getRuntimeConfig = (config) => { (0, smithy_client_2.emitWarningIfUnsupportedVersion)(process.version); const defaultsMode = (0, util_defaults_mode_node_1.resolveDefaultsModeConfig)(config); @@ -16247,9 +19863,9 @@ var require_runtimeExtensions = __commonJS({ "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); exports2.resolveRuntimeExtensions = void 0; - var region_config_resolver_1 = require_dist_cjs43(); + var region_config_resolver_1 = require_dist_cjs56(); var protocol_http_1 = require_dist_cjs2(); - var smithy_client_1 = require_dist_cjs33(); + var smithy_client_1 = require_dist_cjs37(); var httpAuthExtensionConfiguration_1 = require_httpAuthExtensionConfiguration(); var asPartial = (t) => t; var resolveRuntimeExtensions = (runtimeConfig, extensions) => { @@ -16284,10 +19900,10 @@ var require_STSClient = __commonJS({ var middleware_user_agent_1 = require_dist_cjs8(); var config_resolver_1 = require_dist_cjs11(); var core_1 = (init_dist_es(), __toCommonJS(dist_es_exports)); - var middleware_content_length_1 = require_dist_cjs23(); - var middleware_endpoint_1 = require_dist_cjs29(); - var middleware_retry_1 = require_dist_cjs34(); - var smithy_client_1 = require_dist_cjs33(); + var middleware_content_length_1 = require_dist_cjs25(); + var middleware_endpoint_1 = require_dist_cjs32(); + var middleware_retry_1 = require_dist_cjs38(); + var smithy_client_1 = require_dist_cjs37(); Object.defineProperty(exports2, "__Client", { enumerable: true, get: function() { return smithy_client_1.Client; } }); @@ -16331,7 +19947,7 @@ var require_STSClient = __commonJS({ }); // ../../../node_modules/@aws-sdk/client-sts/dist-cjs/index.js -var require_dist_cjs48 = __commonJS({ +var require_dist_cjs68 = __commonJS({ "../../../node_modules/@aws-sdk/client-sts/dist-cjs/index.js"(exports2, module2) { "use strict"; var __defProp2 = Object.defineProperty; @@ -16388,10 +20004,10 @@ var require_dist_cjs48 = __commonJS({ }); module2.exports = __toCommonJS2(src_exports); __reExport(src_exports, require_STSClient(), module2.exports); - var import_middleware_endpoint = require_dist_cjs29(); + var import_middleware_endpoint = require_dist_cjs32(); var import_middleware_serde2 = require_dist_cjs12(); var import_EndpointParameters = require_EndpointParameters(); - var import_smithy_client4 = require_dist_cjs33(); + var import_smithy_client4 = require_dist_cjs37(); var _STSServiceException = class _STSServiceException2 extends import_smithy_client4.ServiceException { /** * @internal @@ -17454,256 +21070,657 @@ var require_dist_cjs48 = __commonJS({ if (output.statusCode == 404) { return "NotFound"; } - }, "loadQueryErrorCode"); - var _AssumeRoleCommand = class _AssumeRoleCommand extends import_smithy_client4.Command.classBuilder().ep({ - ...import_EndpointParameters.commonParams - }).m(function(Command, cs, config, o) { - return [ - (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), - (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) - ]; - }).s("AWSSecurityTokenServiceV20110615", "AssumeRole", {}).n("STSClient", "AssumeRoleCommand").f(void 0, AssumeRoleResponseFilterSensitiveLog).ser(se_AssumeRoleCommand).de(de_AssumeRoleCommand).build() { + }, "loadQueryErrorCode"); + var _AssumeRoleCommand = class _AssumeRoleCommand extends import_smithy_client4.Command.classBuilder().ep({ + ...import_EndpointParameters.commonParams + }).m(function(Command, cs, config, o) { + return [ + (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), + (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) + ]; + }).s("AWSSecurityTokenServiceV20110615", "AssumeRole", {}).n("STSClient", "AssumeRoleCommand").f(void 0, AssumeRoleResponseFilterSensitiveLog).ser(se_AssumeRoleCommand).de(de_AssumeRoleCommand).build() { + }; + __name(_AssumeRoleCommand, "AssumeRoleCommand"); + var AssumeRoleCommand = _AssumeRoleCommand; + var import_EndpointParameters2 = require_EndpointParameters(); + var _AssumeRoleWithSAMLCommand = class _AssumeRoleWithSAMLCommand extends import_smithy_client4.Command.classBuilder().ep({ + ...import_EndpointParameters2.commonParams + }).m(function(Command, cs, config, o) { + return [ + (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), + (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) + ]; + }).s("AWSSecurityTokenServiceV20110615", "AssumeRoleWithSAML", {}).n("STSClient", "AssumeRoleWithSAMLCommand").f(AssumeRoleWithSAMLRequestFilterSensitiveLog, AssumeRoleWithSAMLResponseFilterSensitiveLog).ser(se_AssumeRoleWithSAMLCommand).de(de_AssumeRoleWithSAMLCommand).build() { + }; + __name(_AssumeRoleWithSAMLCommand, "AssumeRoleWithSAMLCommand"); + var AssumeRoleWithSAMLCommand = _AssumeRoleWithSAMLCommand; + var import_EndpointParameters3 = require_EndpointParameters(); + var _AssumeRoleWithWebIdentityCommand = class _AssumeRoleWithWebIdentityCommand extends import_smithy_client4.Command.classBuilder().ep({ + ...import_EndpointParameters3.commonParams + }).m(function(Command, cs, config, o) { + return [ + (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), + (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) + ]; + }).s("AWSSecurityTokenServiceV20110615", "AssumeRoleWithWebIdentity", {}).n("STSClient", "AssumeRoleWithWebIdentityCommand").f(AssumeRoleWithWebIdentityRequestFilterSensitiveLog, AssumeRoleWithWebIdentityResponseFilterSensitiveLog).ser(se_AssumeRoleWithWebIdentityCommand).de(de_AssumeRoleWithWebIdentityCommand).build() { + }; + __name(_AssumeRoleWithWebIdentityCommand, "AssumeRoleWithWebIdentityCommand"); + var AssumeRoleWithWebIdentityCommand = _AssumeRoleWithWebIdentityCommand; + var import_EndpointParameters4 = require_EndpointParameters(); + var _DecodeAuthorizationMessageCommand = class _DecodeAuthorizationMessageCommand extends import_smithy_client4.Command.classBuilder().ep({ + ...import_EndpointParameters4.commonParams + }).m(function(Command, cs, config, o) { + return [ + (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), + (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) + ]; + }).s("AWSSecurityTokenServiceV20110615", "DecodeAuthorizationMessage", {}).n("STSClient", "DecodeAuthorizationMessageCommand").f(void 0, void 0).ser(se_DecodeAuthorizationMessageCommand).de(de_DecodeAuthorizationMessageCommand).build() { + }; + __name(_DecodeAuthorizationMessageCommand, "DecodeAuthorizationMessageCommand"); + var DecodeAuthorizationMessageCommand = _DecodeAuthorizationMessageCommand; + var import_EndpointParameters5 = require_EndpointParameters(); + var _GetAccessKeyInfoCommand = class _GetAccessKeyInfoCommand extends import_smithy_client4.Command.classBuilder().ep({ + ...import_EndpointParameters5.commonParams + }).m(function(Command, cs, config, o) { + return [ + (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), + (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) + ]; + }).s("AWSSecurityTokenServiceV20110615", "GetAccessKeyInfo", {}).n("STSClient", "GetAccessKeyInfoCommand").f(void 0, void 0).ser(se_GetAccessKeyInfoCommand).de(de_GetAccessKeyInfoCommand).build() { + }; + __name(_GetAccessKeyInfoCommand, "GetAccessKeyInfoCommand"); + var GetAccessKeyInfoCommand = _GetAccessKeyInfoCommand; + var import_EndpointParameters6 = require_EndpointParameters(); + var _GetCallerIdentityCommand = class _GetCallerIdentityCommand extends import_smithy_client4.Command.classBuilder().ep({ + ...import_EndpointParameters6.commonParams + }).m(function(Command, cs, config, o) { + return [ + (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), + (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) + ]; + }).s("AWSSecurityTokenServiceV20110615", "GetCallerIdentity", {}).n("STSClient", "GetCallerIdentityCommand").f(void 0, void 0).ser(se_GetCallerIdentityCommand).de(de_GetCallerIdentityCommand).build() { + }; + __name(_GetCallerIdentityCommand, "GetCallerIdentityCommand"); + var GetCallerIdentityCommand = _GetCallerIdentityCommand; + var import_EndpointParameters7 = require_EndpointParameters(); + var _GetFederationTokenCommand = class _GetFederationTokenCommand extends import_smithy_client4.Command.classBuilder().ep({ + ...import_EndpointParameters7.commonParams + }).m(function(Command, cs, config, o) { + return [ + (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), + (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) + ]; + }).s("AWSSecurityTokenServiceV20110615", "GetFederationToken", {}).n("STSClient", "GetFederationTokenCommand").f(void 0, GetFederationTokenResponseFilterSensitiveLog).ser(se_GetFederationTokenCommand).de(de_GetFederationTokenCommand).build() { + }; + __name(_GetFederationTokenCommand, "GetFederationTokenCommand"); + var GetFederationTokenCommand = _GetFederationTokenCommand; + var import_EndpointParameters8 = require_EndpointParameters(); + var _GetSessionTokenCommand = class _GetSessionTokenCommand extends import_smithy_client4.Command.classBuilder().ep({ + ...import_EndpointParameters8.commonParams + }).m(function(Command, cs, config, o) { + return [ + (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), + (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) + ]; + }).s("AWSSecurityTokenServiceV20110615", "GetSessionToken", {}).n("STSClient", "GetSessionTokenCommand").f(void 0, GetSessionTokenResponseFilterSensitiveLog).ser(se_GetSessionTokenCommand).de(de_GetSessionTokenCommand).build() { + }; + __name(_GetSessionTokenCommand, "GetSessionTokenCommand"); + var GetSessionTokenCommand = _GetSessionTokenCommand; + var import_STSClient = require_STSClient(); + var commands = { + AssumeRoleCommand, + AssumeRoleWithSAMLCommand, + AssumeRoleWithWebIdentityCommand, + DecodeAuthorizationMessageCommand, + GetAccessKeyInfoCommand, + GetCallerIdentityCommand, + GetFederationTokenCommand, + GetSessionTokenCommand + }; + var _STS = class _STS extends import_STSClient.STSClient { + }; + __name(_STS, "STS"); + var STS = _STS; + (0, import_smithy_client4.createAggregatedClient)(commands, STS); + var import_EndpointParameters9 = require_EndpointParameters(); + var ASSUME_ROLE_DEFAULT_REGION = "us-east-1"; + var getAccountIdFromAssumedRoleUser = /* @__PURE__ */ __name((assumedRoleUser) => { + if (typeof (assumedRoleUser == null ? void 0 : assumedRoleUser.Arn) === "string") { + const arnComponents = assumedRoleUser.Arn.split(":"); + if (arnComponents.length > 4 && arnComponents[4] !== "") { + return arnComponents[4]; + } + } + return void 0; + }, "getAccountIdFromAssumedRoleUser"); + var resolveRegion = /* @__PURE__ */ __name(async (_region, _parentRegion, credentialProviderLogger) => { + var _a2; + const region = typeof _region === "function" ? await _region() : _region; + const parentRegion = typeof _parentRegion === "function" ? await _parentRegion() : _parentRegion; + (_a2 = credentialProviderLogger == null ? void 0 : credentialProviderLogger.debug) == null ? void 0 : _a2.call( + credentialProviderLogger, + "@aws-sdk/client-sts::resolveRegion", + "accepting first of:", + `${region} (provider)`, + `${parentRegion} (parent client)`, + `${ASSUME_ROLE_DEFAULT_REGION} (STS default)` + ); + return region ?? parentRegion ?? ASSUME_ROLE_DEFAULT_REGION; + }, "resolveRegion"); + var getDefaultRoleAssumer = /* @__PURE__ */ __name((stsOptions, stsClientCtor) => { + let stsClient; + let closureSourceCreds; + return async (sourceCreds, params) => { + var _a2, _b, _c; + closureSourceCreds = sourceCreds; + if (!stsClient) { + const { + logger = (_a2 = stsOptions == null ? void 0 : stsOptions.parentClientConfig) == null ? void 0 : _a2.logger, + region, + requestHandler = (_b = stsOptions == null ? void 0 : stsOptions.parentClientConfig) == null ? void 0 : _b.requestHandler, + credentialProviderLogger + } = stsOptions; + const resolvedRegion = await resolveRegion( + region, + (_c = stsOptions == null ? void 0 : stsOptions.parentClientConfig) == null ? void 0 : _c.region, + credentialProviderLogger + ); + const isCompatibleRequestHandler = !isH2(requestHandler); + stsClient = new stsClientCtor({ + // A hack to make sts client uses the credential in current closure. + credentialDefaultProvider: () => async () => closureSourceCreds, + region: resolvedRegion, + requestHandler: isCompatibleRequestHandler ? requestHandler : void 0, + logger + }); + } + const { Credentials: Credentials2, AssumedRoleUser: AssumedRoleUser2 } = await stsClient.send(new AssumeRoleCommand(params)); + if (!Credentials2 || !Credentials2.AccessKeyId || !Credentials2.SecretAccessKey) { + throw new Error(`Invalid response from STS.assumeRole call with role ${params.RoleArn}`); + } + const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser2); + return { + accessKeyId: Credentials2.AccessKeyId, + secretAccessKey: Credentials2.SecretAccessKey, + sessionToken: Credentials2.SessionToken, + expiration: Credentials2.Expiration, + // TODO(credentialScope): access normally when shape is updated. + ...Credentials2.CredentialScope && { credentialScope: Credentials2.CredentialScope }, + ...accountId && { accountId } + }; + }; + }, "getDefaultRoleAssumer"); + var getDefaultRoleAssumerWithWebIdentity = /* @__PURE__ */ __name((stsOptions, stsClientCtor) => { + let stsClient; + return async (params) => { + var _a2, _b, _c; + if (!stsClient) { + const { + logger = (_a2 = stsOptions == null ? void 0 : stsOptions.parentClientConfig) == null ? void 0 : _a2.logger, + region, + requestHandler = (_b = stsOptions == null ? void 0 : stsOptions.parentClientConfig) == null ? void 0 : _b.requestHandler, + credentialProviderLogger + } = stsOptions; + const resolvedRegion = await resolveRegion( + region, + (_c = stsOptions == null ? void 0 : stsOptions.parentClientConfig) == null ? void 0 : _c.region, + credentialProviderLogger + ); + const isCompatibleRequestHandler = !isH2(requestHandler); + stsClient = new stsClientCtor({ + region: resolvedRegion, + requestHandler: isCompatibleRequestHandler ? requestHandler : void 0, + logger + }); + } + const { Credentials: Credentials2, AssumedRoleUser: AssumedRoleUser2 } = await stsClient.send(new AssumeRoleWithWebIdentityCommand(params)); + if (!Credentials2 || !Credentials2.AccessKeyId || !Credentials2.SecretAccessKey) { + throw new Error(`Invalid response from STS.assumeRoleWithWebIdentity call with role ${params.RoleArn}`); + } + const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser2); + return { + accessKeyId: Credentials2.AccessKeyId, + secretAccessKey: Credentials2.SecretAccessKey, + sessionToken: Credentials2.SessionToken, + expiration: Credentials2.Expiration, + // TODO(credentialScope): access normally when shape is updated. + ...Credentials2.CredentialScope && { credentialScope: Credentials2.CredentialScope }, + ...accountId && { accountId } + }; + }; + }, "getDefaultRoleAssumerWithWebIdentity"); + var isH2 = /* @__PURE__ */ __name((requestHandler) => { + var _a2; + return ((_a2 = requestHandler == null ? void 0 : requestHandler.metadata) == null ? void 0 : _a2.handlerProtocol) === "h2"; + }, "isH2"); + var import_STSClient2 = require_STSClient(); + var getCustomizableStsClientCtor = /* @__PURE__ */ __name((baseCtor, customizations) => { + var _a2; + if (!customizations) + return baseCtor; + else + return _a2 = class extends baseCtor { + constructor(config) { + super(config); + for (const customization of customizations) { + this.middlewareStack.use(customization); + } + } + }, __name(_a2, "CustomizableSTSClient"), _a2; + }, "getCustomizableStsClientCtor"); + var getDefaultRoleAssumer2 = /* @__PURE__ */ __name((stsOptions = {}, stsPlugins) => getDefaultRoleAssumer(stsOptions, getCustomizableStsClientCtor(import_STSClient2.STSClient, stsPlugins)), "getDefaultRoleAssumer"); + var getDefaultRoleAssumerWithWebIdentity2 = /* @__PURE__ */ __name((stsOptions = {}, stsPlugins) => getDefaultRoleAssumerWithWebIdentity(stsOptions, getCustomizableStsClientCtor(import_STSClient2.STSClient, stsPlugins)), "getDefaultRoleAssumerWithWebIdentity"); + var decorateDefaultCredentialProvider = /* @__PURE__ */ __name((provider) => (input) => provider({ + roleAssumer: getDefaultRoleAssumer2(input), + roleAssumerWithWebIdentity: getDefaultRoleAssumerWithWebIdentity2(input), + ...input + }), "decorateDefaultCredentialProvider"); + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-process/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getHomeDir.js +var require_getHomeDir7 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-process/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getHomeDir.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getHomeDir = void 0; + var os_1 = require("os"); + var path_1 = require("path"); + var homeDirCache = {}; + var getHomeDirCacheKey = () => { + if (process && process.geteuid) { + return `${process.geteuid()}`; + } + return "DEFAULT"; }; - __name(_AssumeRoleCommand, "AssumeRoleCommand"); - var AssumeRoleCommand = _AssumeRoleCommand; - var import_EndpointParameters2 = require_EndpointParameters(); - var _AssumeRoleWithSAMLCommand = class _AssumeRoleWithSAMLCommand extends import_smithy_client4.Command.classBuilder().ep({ - ...import_EndpointParameters2.commonParams - }).m(function(Command, cs, config, o) { - return [ - (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), - (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) - ]; - }).s("AWSSecurityTokenServiceV20110615", "AssumeRoleWithSAML", {}).n("STSClient", "AssumeRoleWithSAMLCommand").f(AssumeRoleWithSAMLRequestFilterSensitiveLog, AssumeRoleWithSAMLResponseFilterSensitiveLog).ser(se_AssumeRoleWithSAMLCommand).de(de_AssumeRoleWithSAMLCommand).build() { + var getHomeDir2 = () => { + const { HOME, USERPROFILE, HOMEPATH, HOMEDRIVE = `C:${path_1.sep}` } = process.env; + if (HOME) + return HOME; + if (USERPROFILE) + return USERPROFILE; + if (HOMEPATH) + return `${HOMEDRIVE}${HOMEPATH}`; + const homeDirCacheKey = getHomeDirCacheKey(); + if (!homeDirCache[homeDirCacheKey]) + homeDirCache[homeDirCacheKey] = (0, os_1.homedir)(); + return homeDirCache[homeDirCacheKey]; }; - __name(_AssumeRoleWithSAMLCommand, "AssumeRoleWithSAMLCommand"); - var AssumeRoleWithSAMLCommand = _AssumeRoleWithSAMLCommand; - var import_EndpointParameters3 = require_EndpointParameters(); - var _AssumeRoleWithWebIdentityCommand = class _AssumeRoleWithWebIdentityCommand extends import_smithy_client4.Command.classBuilder().ep({ - ...import_EndpointParameters3.commonParams - }).m(function(Command, cs, config, o) { - return [ - (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), - (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) - ]; - }).s("AWSSecurityTokenServiceV20110615", "AssumeRoleWithWebIdentity", {}).n("STSClient", "AssumeRoleWithWebIdentityCommand").f(AssumeRoleWithWebIdentityRequestFilterSensitiveLog, AssumeRoleWithWebIdentityResponseFilterSensitiveLog).ser(se_AssumeRoleWithWebIdentityCommand).de(de_AssumeRoleWithWebIdentityCommand).build() { + exports2.getHomeDir = getHomeDir2; + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-process/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFilepath.js +var require_getSSOTokenFilepath7 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-process/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFilepath.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getSSOTokenFilepath = void 0; + var crypto_1 = require("crypto"); + var path_1 = require("path"); + var getHomeDir_1 = require_getHomeDir7(); + var getSSOTokenFilepath2 = (id) => { + const hasher = (0, crypto_1.createHash)("sha1"); + const cacheName = hasher.update(id).digest("hex"); + return (0, path_1.join)((0, getHomeDir_1.getHomeDir)(), ".aws", "sso", "cache", `${cacheName}.json`); }; - __name(_AssumeRoleWithWebIdentityCommand, "AssumeRoleWithWebIdentityCommand"); - var AssumeRoleWithWebIdentityCommand = _AssumeRoleWithWebIdentityCommand; - var import_EndpointParameters4 = require_EndpointParameters(); - var _DecodeAuthorizationMessageCommand = class _DecodeAuthorizationMessageCommand extends import_smithy_client4.Command.classBuilder().ep({ - ...import_EndpointParameters4.commonParams - }).m(function(Command, cs, config, o) { - return [ - (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), - (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) - ]; - }).s("AWSSecurityTokenServiceV20110615", "DecodeAuthorizationMessage", {}).n("STSClient", "DecodeAuthorizationMessageCommand").f(void 0, void 0).ser(se_DecodeAuthorizationMessageCommand).de(de_DecodeAuthorizationMessageCommand).build() { + exports2.getSSOTokenFilepath = getSSOTokenFilepath2; + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-process/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFromFile.js +var require_getSSOTokenFromFile7 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-process/node_modules/@smithy/shared-ini-file-loader/dist-cjs/getSSOTokenFromFile.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.getSSOTokenFromFile = void 0; + var fs_1 = require("fs"); + var getSSOTokenFilepath_1 = require_getSSOTokenFilepath7(); + var { readFile } = fs_1.promises; + var getSSOTokenFromFile2 = async (id) => { + const ssoTokenFilepath = (0, getSSOTokenFilepath_1.getSSOTokenFilepath)(id); + const ssoTokenText = await readFile(ssoTokenFilepath, "utf8"); + return JSON.parse(ssoTokenText); }; - __name(_DecodeAuthorizationMessageCommand, "DecodeAuthorizationMessageCommand"); - var DecodeAuthorizationMessageCommand = _DecodeAuthorizationMessageCommand; - var import_EndpointParameters5 = require_EndpointParameters(); - var _GetAccessKeyInfoCommand = class _GetAccessKeyInfoCommand extends import_smithy_client4.Command.classBuilder().ep({ - ...import_EndpointParameters5.commonParams - }).m(function(Command, cs, config, o) { - return [ - (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), - (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) - ]; - }).s("AWSSecurityTokenServiceV20110615", "GetAccessKeyInfo", {}).n("STSClient", "GetAccessKeyInfoCommand").f(void 0, void 0).ser(se_GetAccessKeyInfoCommand).de(de_GetAccessKeyInfoCommand).build() { + exports2.getSSOTokenFromFile = getSSOTokenFromFile2; + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-process/node_modules/@smithy/shared-ini-file-loader/dist-cjs/slurpFile.js +var require_slurpFile7 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-process/node_modules/@smithy/shared-ini-file-loader/dist-cjs/slurpFile.js"(exports2) { + "use strict"; + Object.defineProperty(exports2, "__esModule", { value: true }); + exports2.slurpFile = void 0; + var fs_1 = require("fs"); + var { readFile } = fs_1.promises; + var filePromisesHash = {}; + var slurpFile = (path, options) => { + if (!filePromisesHash[path] || (options === null || options === void 0 ? void 0 : options.ignoreCache)) { + filePromisesHash[path] = readFile(path, "utf8"); + } + return filePromisesHash[path]; }; - __name(_GetAccessKeyInfoCommand, "GetAccessKeyInfoCommand"); - var GetAccessKeyInfoCommand = _GetAccessKeyInfoCommand; - var import_EndpointParameters6 = require_EndpointParameters(); - var _GetCallerIdentityCommand = class _GetCallerIdentityCommand extends import_smithy_client4.Command.classBuilder().ep({ - ...import_EndpointParameters6.commonParams - }).m(function(Command, cs, config, o) { - return [ - (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), - (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) - ]; - }).s("AWSSecurityTokenServiceV20110615", "GetCallerIdentity", {}).n("STSClient", "GetCallerIdentityCommand").f(void 0, void 0).ser(se_GetCallerIdentityCommand).de(de_GetCallerIdentityCommand).build() { + exports2.slurpFile = slurpFile; + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-process/node_modules/@smithy/shared-ini-file-loader/dist-cjs/index.js +var require_dist_cjs69 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-process/node_modules/@smithy/shared-ini-file-loader/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); + }; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; + }; + var __reExport = (target, mod, secondTarget) => (__copyProps2(target, mod, "default"), secondTarget && __copyProps2(secondTarget, mod, "default")); + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + CONFIG_PREFIX_SEPARATOR: () => CONFIG_PREFIX_SEPARATOR, + DEFAULT_PROFILE: () => DEFAULT_PROFILE, + ENV_PROFILE: () => ENV_PROFILE, + getProfileName: () => getProfileName, + loadSharedConfigFiles: () => loadSharedConfigFiles, + loadSsoSessionData: () => loadSsoSessionData, + parseKnownFiles: () => parseKnownFiles + }); + module2.exports = __toCommonJS2(src_exports); + __reExport(src_exports, require_getHomeDir7(), module2.exports); + var ENV_PROFILE = "AWS_PROFILE"; + var DEFAULT_PROFILE = "default"; + var getProfileName = /* @__PURE__ */ __name((init) => init.profile || process.env[ENV_PROFILE] || DEFAULT_PROFILE, "getProfileName"); + __reExport(src_exports, require_getSSOTokenFilepath7(), module2.exports); + __reExport(src_exports, require_getSSOTokenFromFile7(), module2.exports); + var import_types5 = require_dist_cjs(); + var getConfigData = /* @__PURE__ */ __name((data) => Object.entries(data).filter(([key]) => { + const indexOfSeparator = key.indexOf(CONFIG_PREFIX_SEPARATOR); + if (indexOfSeparator === -1) { + return false; + } + return Object.values(import_types5.IniSectionType).includes(key.substring(0, indexOfSeparator)); + }).reduce( + (acc, [key, value]) => { + const indexOfSeparator = key.indexOf(CONFIG_PREFIX_SEPARATOR); + const updatedKey = key.substring(0, indexOfSeparator) === import_types5.IniSectionType.PROFILE ? key.substring(indexOfSeparator + 1) : key; + acc[updatedKey] = value; + return acc; + }, + { + // Populate default profile, if present. + ...data.default && { default: data.default } + } + ), "getConfigData"); + var import_path = require("path"); + var import_getHomeDir = require_getHomeDir7(); + var ENV_CONFIG_PATH = "AWS_CONFIG_FILE"; + var getConfigFilepath = /* @__PURE__ */ __name(() => process.env[ENV_CONFIG_PATH] || (0, import_path.join)((0, import_getHomeDir.getHomeDir)(), ".aws", "config"), "getConfigFilepath"); + var import_getHomeDir2 = require_getHomeDir7(); + var ENV_CREDENTIALS_PATH = "AWS_SHARED_CREDENTIALS_FILE"; + var getCredentialsFilepath = /* @__PURE__ */ __name(() => process.env[ENV_CREDENTIALS_PATH] || (0, import_path.join)((0, import_getHomeDir2.getHomeDir)(), ".aws", "credentials"), "getCredentialsFilepath"); + var import_getHomeDir3 = require_getHomeDir7(); + var prefixKeyRegex = /^([\w-]+)\s(["'])?([\w-@\+\.%:/]+)\2$/; + var profileNameBlockList = ["__proto__", "profile __proto__"]; + var parseIni = /* @__PURE__ */ __name((iniData) => { + const map = {}; + let currentSection; + let currentSubSection; + for (const iniLine of iniData.split(/\r?\n/)) { + const trimmedLine = iniLine.split(/(^|\s)[;#]/)[0].trim(); + const isSection = trimmedLine[0] === "[" && trimmedLine[trimmedLine.length - 1] === "]"; + if (isSection) { + currentSection = void 0; + currentSubSection = void 0; + const sectionName = trimmedLine.substring(1, trimmedLine.length - 1); + const matches = prefixKeyRegex.exec(sectionName); + if (matches) { + const [, prefix, , name] = matches; + if (Object.values(import_types5.IniSectionType).includes(prefix)) { + currentSection = [prefix, name].join(CONFIG_PREFIX_SEPARATOR); + } + } else { + currentSection = sectionName; + } + if (profileNameBlockList.includes(sectionName)) { + throw new Error(`Found invalid profile name "${sectionName}"`); + } + } else if (currentSection) { + const indexOfEqualsSign = trimmedLine.indexOf("="); + if (![0, -1].includes(indexOfEqualsSign)) { + const [name, value] = [ + trimmedLine.substring(0, indexOfEqualsSign).trim(), + trimmedLine.substring(indexOfEqualsSign + 1).trim() + ]; + if (value === "") { + currentSubSection = name; + } else { + if (currentSubSection && iniLine.trimStart() === iniLine) { + currentSubSection = void 0; + } + map[currentSection] = map[currentSection] || {}; + const key = currentSubSection ? [currentSubSection, name].join(CONFIG_PREFIX_SEPARATOR) : name; + map[currentSection][key] = value; + } + } + } + } + return map; + }, "parseIni"); + var import_slurpFile = require_slurpFile7(); + var swallowError = /* @__PURE__ */ __name(() => ({}), "swallowError"); + var CONFIG_PREFIX_SEPARATOR = "."; + var loadSharedConfigFiles = /* @__PURE__ */ __name(async (init = {}) => { + const { filepath = getCredentialsFilepath(), configFilepath = getConfigFilepath() } = init; + const homeDir = (0, import_getHomeDir3.getHomeDir)(); + const relativeHomeDirPrefix = "~/"; + let resolvedFilepath = filepath; + if (filepath.startsWith(relativeHomeDirPrefix)) { + resolvedFilepath = (0, import_path.join)(homeDir, filepath.slice(2)); + } + let resolvedConfigFilepath = configFilepath; + if (configFilepath.startsWith(relativeHomeDirPrefix)) { + resolvedConfigFilepath = (0, import_path.join)(homeDir, configFilepath.slice(2)); + } + const parsedFiles = await Promise.all([ + (0, import_slurpFile.slurpFile)(resolvedConfigFilepath, { + ignoreCache: init.ignoreCache + }).then(parseIni).then(getConfigData).catch(swallowError), + (0, import_slurpFile.slurpFile)(resolvedFilepath, { + ignoreCache: init.ignoreCache + }).then(parseIni).catch(swallowError) + ]); + return { + configFile: parsedFiles[0], + credentialsFile: parsedFiles[1] + }; + }, "loadSharedConfigFiles"); + var getSsoSessionData = /* @__PURE__ */ __name((data) => Object.entries(data).filter(([key]) => key.startsWith(import_types5.IniSectionType.SSO_SESSION + CONFIG_PREFIX_SEPARATOR)).reduce((acc, [key, value]) => ({ ...acc, [key.substring(key.indexOf(CONFIG_PREFIX_SEPARATOR) + 1)]: value }), {}), "getSsoSessionData"); + var import_slurpFile2 = require_slurpFile7(); + var swallowError2 = /* @__PURE__ */ __name(() => ({}), "swallowError"); + var loadSsoSessionData = /* @__PURE__ */ __name(async (init = {}) => (0, import_slurpFile2.slurpFile)(init.configFilepath ?? getConfigFilepath()).then(parseIni).then(getSsoSessionData).catch(swallowError2), "loadSsoSessionData"); + var mergeConfigFiles = /* @__PURE__ */ __name((...files) => { + const merged = {}; + for (const file of files) { + for (const [key, values] of Object.entries(file)) { + if (merged[key] !== void 0) { + Object.assign(merged[key], values); + } else { + merged[key] = values; + } + } + } + return merged; + }, "mergeConfigFiles"); + var parseKnownFiles = /* @__PURE__ */ __name(async (init) => { + const parsedFiles = await loadSharedConfigFiles(init); + return mergeConfigFiles(parsedFiles.configFile, parsedFiles.credentialsFile); + }, "parseKnownFiles"); + } +}); + +// ../../../node_modules/@aws-sdk/credential-provider-process/node_modules/@smithy/property-provider/dist-cjs/index.js +var require_dist_cjs70 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-process/node_modules/@smithy/property-provider/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); }; - __name(_GetCallerIdentityCommand, "GetCallerIdentityCommand"); - var GetCallerIdentityCommand = _GetCallerIdentityCommand; - var import_EndpointParameters7 = require_EndpointParameters(); - var _GetFederationTokenCommand = class _GetFederationTokenCommand extends import_smithy_client4.Command.classBuilder().ep({ - ...import_EndpointParameters7.commonParams - }).m(function(Command, cs, config, o) { - return [ - (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), - (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) - ]; - }).s("AWSSecurityTokenServiceV20110615", "GetFederationToken", {}).n("STSClient", "GetFederationTokenCommand").f(void 0, GetFederationTokenResponseFilterSensitiveLog).ser(se_GetFederationTokenCommand).de(de_GetFederationTokenCommand).build() { + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; }; - __name(_GetFederationTokenCommand, "GetFederationTokenCommand"); - var GetFederationTokenCommand = _GetFederationTokenCommand; - var import_EndpointParameters8 = require_EndpointParameters(); - var _GetSessionTokenCommand = class _GetSessionTokenCommand extends import_smithy_client4.Command.classBuilder().ep({ - ...import_EndpointParameters8.commonParams - }).m(function(Command, cs, config, o) { - return [ - (0, import_middleware_serde2.getSerdePlugin)(config, this.serialize, this.deserialize), - (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions()) - ]; - }).s("AWSSecurityTokenServiceV20110615", "GetSessionToken", {}).n("STSClient", "GetSessionTokenCommand").f(void 0, GetSessionTokenResponseFilterSensitiveLog).ser(se_GetSessionTokenCommand).de(de_GetSessionTokenCommand).build() { + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + CredentialsProviderError: () => CredentialsProviderError, + ProviderError: () => ProviderError2, + TokenProviderError: () => TokenProviderError, + chain: () => chain, + fromStatic: () => fromStatic, + memoize: () => memoize + }); + module2.exports = __toCommonJS2(src_exports); + var _ProviderError = class _ProviderError2 extends Error { + constructor(message, options = true) { + var _a; + let logger; + let tryNextLink = true; + if (typeof options === "boolean") { + logger = void 0; + tryNextLink = options; + } else if (options != null && typeof options === "object") { + logger = options.logger; + tryNextLink = options.tryNextLink ?? true; + } + super(message); + this.name = "ProviderError"; + this.tryNextLink = tryNextLink; + Object.setPrototypeOf(this, _ProviderError2.prototype); + (_a = logger == null ? void 0 : logger.debug) == null ? void 0 : _a.call(logger, `@smithy/property-provider ${tryNextLink ? "->" : "(!)"} ${message}`); + } + /** + * @deprecated use new operator. + */ + static from(error, options = true) { + return Object.assign(new this(error.message, options), error); + } }; - __name(_GetSessionTokenCommand, "GetSessionTokenCommand"); - var GetSessionTokenCommand = _GetSessionTokenCommand; - var import_STSClient = require_STSClient(); - var commands = { - AssumeRoleCommand, - AssumeRoleWithSAMLCommand, - AssumeRoleWithWebIdentityCommand, - DecodeAuthorizationMessageCommand, - GetAccessKeyInfoCommand, - GetCallerIdentityCommand, - GetFederationTokenCommand, - GetSessionTokenCommand + __name(_ProviderError, "ProviderError"); + var ProviderError2 = _ProviderError; + var _CredentialsProviderError = class _CredentialsProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "CredentialsProviderError"; + Object.setPrototypeOf(this, _CredentialsProviderError2.prototype); + } }; - var _STS = class _STS extends import_STSClient.STSClient { + __name(_CredentialsProviderError, "CredentialsProviderError"); + var CredentialsProviderError = _CredentialsProviderError; + var _TokenProviderError = class _TokenProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "TokenProviderError"; + Object.setPrototypeOf(this, _TokenProviderError2.prototype); + } }; - __name(_STS, "STS"); - var STS = _STS; - (0, import_smithy_client4.createAggregatedClient)(commands, STS); - var import_EndpointParameters9 = require_EndpointParameters(); - var ASSUME_ROLE_DEFAULT_REGION = "us-east-1"; - var getAccountIdFromAssumedRoleUser = /* @__PURE__ */ __name((assumedRoleUser) => { - if (typeof (assumedRoleUser == null ? void 0 : assumedRoleUser.Arn) === "string") { - const arnComponents = assumedRoleUser.Arn.split(":"); - if (arnComponents.length > 4 && arnComponents[4] !== "") { - return arnComponents[4]; + __name(_TokenProviderError, "TokenProviderError"); + var TokenProviderError = _TokenProviderError; + var chain = /* @__PURE__ */ __name((...providers) => async () => { + if (providers.length === 0) { + throw new ProviderError2("No providers in chain"); + } + let lastProviderError; + for (const provider of providers) { + try { + const credentials = await provider(); + return credentials; + } catch (err) { + lastProviderError = err; + if (err == null ? void 0 : err.tryNextLink) { + continue; + } + throw err; } } - return void 0; - }, "getAccountIdFromAssumedRoleUser"); - var resolveRegion = /* @__PURE__ */ __name(async (_region, _parentRegion, credentialProviderLogger) => { - var _a2; - const region = typeof _region === "function" ? await _region() : _region; - const parentRegion = typeof _parentRegion === "function" ? await _parentRegion() : _parentRegion; - (_a2 = credentialProviderLogger == null ? void 0 : credentialProviderLogger.debug) == null ? void 0 : _a2.call( - credentialProviderLogger, - "@aws-sdk/client-sts::resolveRegion", - "accepting first of:", - `${region} (provider)`, - `${parentRegion} (parent client)`, - `${ASSUME_ROLE_DEFAULT_REGION} (STS default)` - ); - return region ?? parentRegion ?? ASSUME_ROLE_DEFAULT_REGION; - }, "resolveRegion"); - var getDefaultRoleAssumer = /* @__PURE__ */ __name((stsOptions, stsClientCtor) => { - let stsClient; - let closureSourceCreds; - return async (sourceCreds, params) => { - var _a2, _b, _c; - closureSourceCreds = sourceCreds; - if (!stsClient) { - const { - logger = (_a2 = stsOptions == null ? void 0 : stsOptions.parentClientConfig) == null ? void 0 : _a2.logger, - region, - requestHandler = (_b = stsOptions == null ? void 0 : stsOptions.parentClientConfig) == null ? void 0 : _b.requestHandler, - credentialProviderLogger - } = stsOptions; - const resolvedRegion = await resolveRegion( - region, - (_c = stsOptions == null ? void 0 : stsOptions.parentClientConfig) == null ? void 0 : _c.region, - credentialProviderLogger - ); - const isCompatibleRequestHandler = !isH2(requestHandler); - stsClient = new stsClientCtor({ - // A hack to make sts client uses the credential in current closure. - credentialDefaultProvider: () => async () => closureSourceCreds, - region: resolvedRegion, - requestHandler: isCompatibleRequestHandler ? requestHandler : void 0, - logger - }); + throw lastProviderError; + }, "chain"); + var fromStatic = /* @__PURE__ */ __name((staticValue) => () => Promise.resolve(staticValue), "fromStatic"); + var memoize = /* @__PURE__ */ __name((provider, isExpired, requiresRefresh) => { + let resolved; + let pending; + let hasResult; + let isConstant = false; + const coalesceProvider = /* @__PURE__ */ __name(async () => { + if (!pending) { + pending = provider(); } - const { Credentials: Credentials2, AssumedRoleUser: AssumedRoleUser2 } = await stsClient.send(new AssumeRoleCommand(params)); - if (!Credentials2 || !Credentials2.AccessKeyId || !Credentials2.SecretAccessKey) { - throw new Error(`Invalid response from STS.assumeRole call with role ${params.RoleArn}`); + try { + resolved = await pending; + hasResult = true; + isConstant = false; + } finally { + pending = void 0; } - const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser2); - return { - accessKeyId: Credentials2.AccessKeyId, - secretAccessKey: Credentials2.SecretAccessKey, - sessionToken: Credentials2.SessionToken, - expiration: Credentials2.Expiration, - // TODO(credentialScope): access normally when shape is updated. - ...Credentials2.CredentialScope && { credentialScope: Credentials2.CredentialScope }, - ...accountId && { accountId } - }; - }; - }, "getDefaultRoleAssumer"); - var getDefaultRoleAssumerWithWebIdentity = /* @__PURE__ */ __name((stsOptions, stsClientCtor) => { - let stsClient; - return async (params) => { - var _a2, _b, _c; - if (!stsClient) { - const { - logger = (_a2 = stsOptions == null ? void 0 : stsOptions.parentClientConfig) == null ? void 0 : _a2.logger, - region, - requestHandler = (_b = stsOptions == null ? void 0 : stsOptions.parentClientConfig) == null ? void 0 : _b.requestHandler, - credentialProviderLogger - } = stsOptions; - const resolvedRegion = await resolveRegion( - region, - (_c = stsOptions == null ? void 0 : stsOptions.parentClientConfig) == null ? void 0 : _c.region, - credentialProviderLogger - ); - const isCompatibleRequestHandler = !isH2(requestHandler); - stsClient = new stsClientCtor({ - region: resolvedRegion, - requestHandler: isCompatibleRequestHandler ? requestHandler : void 0, - logger - }); + return resolved; + }, "coalesceProvider"); + if (isExpired === void 0) { + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); + } + return resolved; + }; + } + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); } - const { Credentials: Credentials2, AssumedRoleUser: AssumedRoleUser2 } = await stsClient.send(new AssumeRoleWithWebIdentityCommand(params)); - if (!Credentials2 || !Credentials2.AccessKeyId || !Credentials2.SecretAccessKey) { - throw new Error(`Invalid response from STS.assumeRoleWithWebIdentity call with role ${params.RoleArn}`); + if (isConstant) { + return resolved; } - const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser2); - return { - accessKeyId: Credentials2.AccessKeyId, - secretAccessKey: Credentials2.SecretAccessKey, - sessionToken: Credentials2.SessionToken, - expiration: Credentials2.Expiration, - // TODO(credentialScope): access normally when shape is updated. - ...Credentials2.CredentialScope && { credentialScope: Credentials2.CredentialScope }, - ...accountId && { accountId } - }; + if (requiresRefresh && !requiresRefresh(resolved)) { + isConstant = true; + return resolved; + } + if (isExpired(resolved)) { + await coalesceProvider(); + return resolved; + } + return resolved; }; - }, "getDefaultRoleAssumerWithWebIdentity"); - var isH2 = /* @__PURE__ */ __name((requestHandler) => { - var _a2; - return ((_a2 = requestHandler == null ? void 0 : requestHandler.metadata) == null ? void 0 : _a2.handlerProtocol) === "h2"; - }, "isH2"); - var import_STSClient2 = require_STSClient(); - var getCustomizableStsClientCtor = /* @__PURE__ */ __name((baseCtor, customizations) => { - var _a2; - if (!customizations) - return baseCtor; - else - return _a2 = class extends baseCtor { - constructor(config) { - super(config); - for (const customization of customizations) { - this.middlewareStack.use(customization); - } - } - }, __name(_a2, "CustomizableSTSClient"), _a2; - }, "getCustomizableStsClientCtor"); - var getDefaultRoleAssumer2 = /* @__PURE__ */ __name((stsOptions = {}, stsPlugins) => getDefaultRoleAssumer(stsOptions, getCustomizableStsClientCtor(import_STSClient2.STSClient, stsPlugins)), "getDefaultRoleAssumer"); - var getDefaultRoleAssumerWithWebIdentity2 = /* @__PURE__ */ __name((stsOptions = {}, stsPlugins) => getDefaultRoleAssumerWithWebIdentity(stsOptions, getCustomizableStsClientCtor(import_STSClient2.STSClient, stsPlugins)), "getDefaultRoleAssumerWithWebIdentity"); - var decorateDefaultCredentialProvider = /* @__PURE__ */ __name((provider) => (input) => provider({ - roleAssumer: getDefaultRoleAssumer2(input), - roleAssumerWithWebIdentity: getDefaultRoleAssumerWithWebIdentity2(input), - ...input - }), "decorateDefaultCredentialProvider"); + }, "memoize"); } }); // ../../../node_modules/@aws-sdk/credential-provider-process/dist-cjs/index.js -var require_dist_cjs49 = __commonJS({ +var require_dist_cjs71 = __commonJS({ "../../../node_modules/@aws-sdk/credential-provider-process/dist-cjs/index.js"(exports2, module2) { "use strict"; var __defProp2 = Object.defineProperty; @@ -17729,8 +21746,8 @@ var require_dist_cjs49 = __commonJS({ fromProcess: () => fromProcess }); module2.exports = __toCommonJS2(src_exports); - var import_shared_ini_file_loader = require_dist_cjs25(); - var import_property_provider2 = require_dist_cjs24(); + var import_shared_ini_file_loader = require_dist_cjs69(); + var import_property_provider2 = require_dist_cjs70(); var import_child_process = require("child_process"); var import_util = require("util"); var getValidatedProcessCredentials = /* @__PURE__ */ __name((profileName, data, profiles) => { @@ -17797,6 +21814,155 @@ var require_dist_cjs49 = __commonJS({ } }); +// ../../../node_modules/@aws-sdk/credential-provider-web-identity/node_modules/@smithy/property-provider/dist-cjs/index.js +var require_dist_cjs72 = __commonJS({ + "../../../node_modules/@aws-sdk/credential-provider-web-identity/node_modules/@smithy/property-provider/dist-cjs/index.js"(exports2, module2) { + var __defProp2 = Object.defineProperty; + var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor; + var __getOwnPropNames2 = Object.getOwnPropertyNames; + var __hasOwnProp2 = Object.prototype.hasOwnProperty; + var __name = (target, value) => __defProp2(target, "name", { value, configurable: true }); + var __export2 = (target, all) => { + for (var name in all) + __defProp2(target, name, { get: all[name], enumerable: true }); + }; + var __copyProps2 = (to, from, except, desc) => { + if (from && typeof from === "object" || typeof from === "function") { + for (let key of __getOwnPropNames2(from)) + if (!__hasOwnProp2.call(to, key) && key !== except) + __defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable }); + } + return to; + }; + var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); + var src_exports = {}; + __export2(src_exports, { + CredentialsProviderError: () => CredentialsProviderError, + ProviderError: () => ProviderError2, + TokenProviderError: () => TokenProviderError, + chain: () => chain, + fromStatic: () => fromStatic, + memoize: () => memoize + }); + module2.exports = __toCommonJS2(src_exports); + var _ProviderError = class _ProviderError2 extends Error { + constructor(message, options = true) { + var _a; + let logger; + let tryNextLink = true; + if (typeof options === "boolean") { + logger = void 0; + tryNextLink = options; + } else if (options != null && typeof options === "object") { + logger = options.logger; + tryNextLink = options.tryNextLink ?? true; + } + super(message); + this.name = "ProviderError"; + this.tryNextLink = tryNextLink; + Object.setPrototypeOf(this, _ProviderError2.prototype); + (_a = logger == null ? void 0 : logger.debug) == null ? void 0 : _a.call(logger, `@smithy/property-provider ${tryNextLink ? "->" : "(!)"} ${message}`); + } + /** + * @deprecated use new operator. + */ + static from(error, options = true) { + return Object.assign(new this(error.message, options), error); + } + }; + __name(_ProviderError, "ProviderError"); + var ProviderError2 = _ProviderError; + var _CredentialsProviderError = class _CredentialsProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "CredentialsProviderError"; + Object.setPrototypeOf(this, _CredentialsProviderError2.prototype); + } + }; + __name(_CredentialsProviderError, "CredentialsProviderError"); + var CredentialsProviderError = _CredentialsProviderError; + var _TokenProviderError = class _TokenProviderError2 extends ProviderError2 { + /** + * @override + */ + constructor(message, options = true) { + super(message, options); + this.name = "TokenProviderError"; + Object.setPrototypeOf(this, _TokenProviderError2.prototype); + } + }; + __name(_TokenProviderError, "TokenProviderError"); + var TokenProviderError = _TokenProviderError; + var chain = /* @__PURE__ */ __name((...providers) => async () => { + if (providers.length === 0) { + throw new ProviderError2("No providers in chain"); + } + let lastProviderError; + for (const provider of providers) { + try { + const credentials = await provider(); + return credentials; + } catch (err) { + lastProviderError = err; + if (err == null ? void 0 : err.tryNextLink) { + continue; + } + throw err; + } + } + throw lastProviderError; + }, "chain"); + var fromStatic = /* @__PURE__ */ __name((staticValue) => () => Promise.resolve(staticValue), "fromStatic"); + var memoize = /* @__PURE__ */ __name((provider, isExpired, requiresRefresh) => { + let resolved; + let pending; + let hasResult; + let isConstant = false; + const coalesceProvider = /* @__PURE__ */ __name(async () => { + if (!pending) { + pending = provider(); + } + try { + resolved = await pending; + hasResult = true; + isConstant = false; + } finally { + pending = void 0; + } + return resolved; + }, "coalesceProvider"); + if (isExpired === void 0) { + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); + } + return resolved; + }; + } + return async (options) => { + if (!hasResult || (options == null ? void 0 : options.forceRefresh)) { + resolved = await coalesceProvider(); + } + if (isConstant) { + return resolved; + } + if (requiresRefresh && !requiresRefresh(resolved)) { + isConstant = true; + return resolved; + } + if (isExpired(resolved)) { + await coalesceProvider(); + return resolved; + } + return resolved; + }; + }, "memoize"); + } +}); + // ../../../node_modules/@aws-sdk/credential-provider-web-identity/dist-cjs/fromWebToken.js var require_fromWebToken = __commonJS({ "../../../node_modules/@aws-sdk/credential-provider-web-identity/dist-cjs/fromWebToken.js"(exports2) { @@ -17835,7 +22001,7 @@ var require_fromWebToken = __commonJS({ const { roleArn, roleSessionName, webIdentityToken, providerId, policyArns, policy, durationSeconds } = init; let { roleAssumerWithWebIdentity } = init; if (!roleAssumerWithWebIdentity) { - const { getDefaultRoleAssumerWithWebIdentity } = await Promise.resolve().then(() => __importStar2(require_dist_cjs48())); + const { getDefaultRoleAssumerWithWebIdentity } = await Promise.resolve().then(() => __importStar2(require_dist_cjs68())); roleAssumerWithWebIdentity = getDefaultRoleAssumerWithWebIdentity({ ...init.clientConfig, credentialProviderLogger: init.logger, @@ -17862,7 +22028,7 @@ var require_fromTokenFile = __commonJS({ "use strict"; Object.defineProperty(exports2, "__esModule", { value: true }); exports2.fromTokenFile = void 0; - var property_provider_1 = require_dist_cjs24(); + var property_provider_1 = require_dist_cjs72(); var fs_1 = require("fs"); var fromWebToken_1 = require_fromWebToken(); var ENV_TOKEN_FILE = "AWS_WEB_IDENTITY_TOKEN_FILE"; @@ -17890,7 +22056,7 @@ var require_fromTokenFile = __commonJS({ }); // ../../../node_modules/@aws-sdk/credential-provider-web-identity/dist-cjs/index.js -var require_dist_cjs50 = __commonJS({ +var require_dist_cjs73 = __commonJS({ "../../../node_modules/@aws-sdk/credential-provider-web-identity/dist-cjs/index.js"(exports2, module2) { "use strict"; var __defProp2 = Object.defineProperty; @@ -17915,7 +22081,7 @@ var require_dist_cjs50 = __commonJS({ }); // ../../../node_modules/@aws-sdk/credential-provider-ini/dist-cjs/index.js -var require_dist_cjs51 = __commonJS({ +var require_dist_cjs74 = __commonJS({ "../../../node_modules/@aws-sdk/credential-provider-ini/dist-cjs/index.js"(exports2, module2) { "use strict"; var __create2 = Object.create; @@ -17951,24 +22117,24 @@ var require_dist_cjs51 = __commonJS({ fromIni: () => fromIni }); module2.exports = __toCommonJS2(src_exports); - var import_shared_ini_file_loader = require_dist_cjs25(); - var import_property_provider2 = require_dist_cjs24(); + var import_shared_ini_file_loader = require_dist_cjs65(); + var import_property_provider2 = require_dist_cjs66(); var resolveCredentialSource = /* @__PURE__ */ __name((credentialSource, profileName, logger) => { const sourceProvidersMap = { EcsContainer: async (options) => { - const { fromHttp } = await Promise.resolve().then(() => __toESM2(require_dist_cjs38())); - const { fromContainerMetadata } = await Promise.resolve().then(() => __toESM2(require_dist_cjs37())); + const { fromHttp } = await Promise.resolve().then(() => __toESM2(require_dist_cjs48())); + const { fromContainerMetadata } = await Promise.resolve().then(() => __toESM2(require_dist_cjs67())); logger == null ? void 0 : logger.debug("@aws-sdk/credential-provider-ini - credential_source is EcsContainer"); return (0, import_property_provider2.chain)(fromHttp(options ?? {}), fromContainerMetadata(options)); }, Ec2InstanceMetadata: async (options) => { logger == null ? void 0 : logger.debug("@aws-sdk/credential-provider-ini - credential_source is Ec2InstanceMetadata"); - const { fromInstanceMetadata } = await Promise.resolve().then(() => __toESM2(require_dist_cjs37())); + const { fromInstanceMetadata } = await Promise.resolve().then(() => __toESM2(require_dist_cjs67())); return fromInstanceMetadata(options); }, Environment: async (options) => { logger == null ? void 0 : logger.debug("@aws-sdk/credential-provider-ini - credential_source is Environment"); - const { fromEnv } = await Promise.resolve().then(() => __toESM2(require_dist_cjs36())); + const { fromEnv } = await Promise.resolve().then(() => __toESM2(require_dist_cjs43())); return fromEnv(options); } }; @@ -18005,7 +22171,7 @@ var require_dist_cjs51 = __commonJS({ (_a = options.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-ini - resolveAssumeRoleCredentials (STS)"); const data = profiles[profileName]; if (!options.roleAssumer) { - const { getDefaultRoleAssumer } = await Promise.resolve().then(() => __toESM2(require_dist_cjs48())); + const { getDefaultRoleAssumer } = await Promise.resolve().then(() => __toESM2(require_dist_cjs68())); options.roleAssumer = getDefaultRoleAssumer( { ...options.clientConfig, @@ -18064,14 +22230,14 @@ var require_dist_cjs51 = __commonJS({ return options.roleAssumer(sourceCreds, params); }, "resolveAssumeRoleCredentials"); var isProcessProfile = /* @__PURE__ */ __name((arg) => Boolean(arg) && typeof arg === "object" && typeof arg.credential_process === "string", "isProcessProfile"); - var resolveProcessCredentials = /* @__PURE__ */ __name(async (options, profile) => Promise.resolve().then(() => __toESM2(require_dist_cjs49())).then( + var resolveProcessCredentials = /* @__PURE__ */ __name(async (options, profile) => Promise.resolve().then(() => __toESM2(require_dist_cjs71())).then( ({ fromProcess }) => fromProcess({ ...options, profile })() ), "resolveProcessCredentials"); var resolveSsoCredentials = /* @__PURE__ */ __name(async (profile, options = {}) => { - const { fromSSO } = await Promise.resolve().then(() => __toESM2(require_dist_cjs47())); + const { fromSSO } = await Promise.resolve().then(() => __toESM2(require_dist_cjs64())); return fromSSO({ profile, logger: options.logger @@ -18091,7 +22257,7 @@ var require_dist_cjs51 = __commonJS({ }); }, "resolveStaticCredentials"); var isWebIdentityProfile = /* @__PURE__ */ __name((arg) => Boolean(arg) && typeof arg === "object" && typeof arg.web_identity_token_file === "string" && typeof arg.role_arn === "string" && ["undefined", "string"].indexOf(typeof arg.role_session_name) > -1, "isWebIdentityProfile"); - var resolveWebIdentityCredentials = /* @__PURE__ */ __name(async (profile, options) => Promise.resolve().then(() => __toESM2(require_dist_cjs50())).then( + var resolveWebIdentityCredentials = /* @__PURE__ */ __name(async (profile, options) => Promise.resolve().then(() => __toESM2(require_dist_cjs73())).then( ({ fromTokenFile: fromTokenFile2 }) => fromTokenFile2({ webIdentityTokenFile: profile.web_identity_token_file, roleArn: profile.role_arn, @@ -18136,7 +22302,7 @@ var require_dist_cjs51 = __commonJS({ }); // ../../../node_modules/@aws-sdk/credential-provider-node/dist-cjs/index.js -var require_dist_cjs52 = __commonJS({ +var require_dist_cjs75 = __commonJS({ "../../../node_modules/@aws-sdk/credential-provider-node/dist-cjs/index.js"(exports2, module2) { "use strict"; var __create2 = Object.create; @@ -18174,16 +22340,16 @@ var require_dist_cjs52 = __commonJS({ defaultProvider: () => defaultProvider }); module2.exports = __toCommonJS2(src_exports); - var import_credential_provider_env = require_dist_cjs36(); - var import_shared_ini_file_loader = require_dist_cjs25(); - var import_property_provider2 = require_dist_cjs24(); + var import_credential_provider_env = require_dist_cjs43(); + var import_shared_ini_file_loader = require_dist_cjs44(); + var import_property_provider2 = require_dist_cjs45(); var ENV_IMDS_DISABLED = "AWS_EC2_METADATA_DISABLED"; var remoteProvider = /* @__PURE__ */ __name(async (init) => { var _a, _b; - const { ENV_CMDS_FULL_URI, ENV_CMDS_RELATIVE_URI, fromContainerMetadata, fromInstanceMetadata } = await Promise.resolve().then(() => __toESM2(require_dist_cjs37())); + const { ENV_CMDS_FULL_URI, ENV_CMDS_RELATIVE_URI, fromContainerMetadata, fromInstanceMetadata } = await Promise.resolve().then(() => __toESM2(require_dist_cjs46())); if (process.env[ENV_CMDS_RELATIVE_URI] || process.env[ENV_CMDS_FULL_URI]) { (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-node - remoteProvider::fromHttp/fromContainerMetadata"); - const { fromHttp } = await Promise.resolve().then(() => __toESM2(require_dist_cjs38())); + const { fromHttp } = await Promise.resolve().then(() => __toESM2(require_dist_cjs48())); return (0, import_property_provider2.chain)(fromHttp(init), fromContainerMetadata(init)); } if (process.env[ENV_IMDS_DISABLED]) { @@ -18237,25 +22403,25 @@ var require_dist_cjs52 = __commonJS({ { logger: init.logger } ); } - const { fromSSO } = await Promise.resolve().then(() => __toESM2(require_dist_cjs47())); + const { fromSSO } = await Promise.resolve().then(() => __toESM2(require_dist_cjs64())); return fromSSO(init)(); }, async () => { var _a; (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-node - defaultProvider::fromIni"); - const { fromIni } = await Promise.resolve().then(() => __toESM2(require_dist_cjs51())); + const { fromIni } = await Promise.resolve().then(() => __toESM2(require_dist_cjs74())); return fromIni(init)(); }, async () => { var _a; (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-node - defaultProvider::fromProcess"); - const { fromProcess } = await Promise.resolve().then(() => __toESM2(require_dist_cjs49())); + const { fromProcess } = await Promise.resolve().then(() => __toESM2(require_dist_cjs71())); return fromProcess(init)(); }, async () => { var _a; (_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-node - defaultProvider::fromTokenFile"); - const { fromTokenFile: fromTokenFile2 } = await Promise.resolve().then(() => __toESM2(require_dist_cjs50())); + const { fromTokenFile: fromTokenFile2 } = await Promise.resolve().then(() => __toESM2(require_dist_cjs73())); return fromTokenFile2(init)(); }, async () => { @@ -18339,10 +22505,10 @@ var require_runtimeConfig_shared4 = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getRuntimeConfig = void 0; var core_1 = (init_dist_es2(), __toCommonJS(dist_es_exports2)); - var smithy_client_1 = require_dist_cjs33(); - var url_parser_1 = require_dist_cjs28(); - var util_base64_1 = require_dist_cjs16(); - var util_utf8_1 = require_dist_cjs15(); + var smithy_client_1 = require_dist_cjs37(); + var url_parser_1 = require_dist_cjs31(); + var util_base64_1 = require_dist_cjs17(); + var util_utf8_1 = require_dist_cjs16(); var httpAuthSchemeProvider_1 = require_httpAuthSchemeProvider(); var endpointResolver_1 = require_endpointResolver4(); var getRuntimeConfig = (config) => { @@ -18381,19 +22547,19 @@ var require_runtimeConfig4 = __commonJS({ var tslib_1 = (init_tslib_es6(), __toCommonJS(tslib_es6_exports)); var package_json_1 = tslib_1.__importDefault(require_package()); var core_1 = (init_dist_es2(), __toCommonJS(dist_es_exports2)); - var credential_provider_node_1 = require_dist_cjs52(); - var util_user_agent_node_1 = require_dist_cjs39(); + var credential_provider_node_1 = require_dist_cjs75(); + var util_user_agent_node_1 = require_dist_cjs49(); var config_resolver_1 = require_dist_cjs11(); - var hash_node_1 = require_dist_cjs40(); - var middleware_retry_1 = require_dist_cjs34(); - var node_config_provider_1 = require_dist_cjs26(); - var node_http_handler_1 = require_dist_cjs19(); - var util_body_length_node_1 = require_dist_cjs41(); - var util_retry_1 = require_dist_cjs31(); + var hash_node_1 = require_dist_cjs51(); + var middleware_retry_1 = require_dist_cjs38(); + var node_config_provider_1 = require_dist_cjs28(); + var node_http_handler_1 = require_dist_cjs20(); + var util_body_length_node_1 = require_dist_cjs52(); + var util_retry_1 = require_dist_cjs34(); var runtimeConfig_shared_1 = require_runtimeConfig_shared4(); - var smithy_client_1 = require_dist_cjs33(); - var util_defaults_mode_node_1 = require_dist_cjs42(); - var smithy_client_2 = require_dist_cjs33(); + var smithy_client_1 = require_dist_cjs37(); + var util_defaults_mode_node_1 = require_dist_cjs55(); + var smithy_client_2 = require_dist_cjs37(); var getRuntimeConfig = (config) => { (0, smithy_client_2.emitWarningIfUnsupportedVersion)(process.version); const defaultsMode = (0, util_defaults_mode_node_1.resolveDefaultsModeConfig)(config); @@ -18426,7 +22592,7 @@ var require_runtimeConfig4 = __commonJS({ }); // ../../../node_modules/@aws-sdk/client-sfn/dist-cjs/index.js -var require_dist_cjs53 = __commonJS({ +var require_dist_cjs76 = __commonJS({ "../../../node_modules/@aws-sdk/client-sfn/dist-cjs/index.js"(exports2, module2) { "use strict"; var __defProp2 = Object.defineProperty; @@ -18601,9 +22767,9 @@ var require_dist_cjs53 = __commonJS({ var import_middleware_user_agent = require_dist_cjs8(); var import_config_resolver = require_dist_cjs11(); var import_core3 = (init_dist_es(), __toCommonJS(dist_es_exports)); - var import_middleware_content_length = require_dist_cjs23(); - var import_middleware_endpoint = require_dist_cjs29(); - var import_middleware_retry = require_dist_cjs34(); + var import_middleware_content_length = require_dist_cjs25(); + var import_middleware_endpoint = require_dist_cjs32(); + var import_middleware_retry = require_dist_cjs38(); var import_httpAuthSchemeProvider = require_httpAuthSchemeProvider(); var resolveClientEndpointParameters = /* @__PURE__ */ __name((options) => { return { @@ -18620,9 +22786,9 @@ var require_dist_cjs53 = __commonJS({ UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" } }; var import_runtimeConfig = require_runtimeConfig4(); - var import_region_config_resolver = require_dist_cjs43(); + var import_region_config_resolver = require_dist_cjs56(); var import_protocol_http8 = require_dist_cjs2(); - var import_smithy_client4 = require_dist_cjs33(); + var import_smithy_client4 = require_dist_cjs37(); var getHttpAuthExtensionConfiguration = /* @__PURE__ */ __name((runtimeConfig) => { const _httpAuthSchemes = runtimeConfig.httpAuthSchemes; let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider; @@ -23573,9 +27739,9 @@ var require_safer = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/lib/bom-handling.js +// ../../../node_modules/iconv-lite/lib/bom-handling.js var require_bom_handling = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/lib/bom-handling.js"(exports2) { + "../../../node_modules/iconv-lite/lib/bom-handling.js"(exports2) { "use strict"; var BOMChar = "\uFEFF"; exports2.PrependBOM = PrependBOMWrapper; @@ -23617,9 +27783,9 @@ var require_bom_handling = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/encodings/internal.js +// ../../../node_modules/iconv-lite/encodings/internal.js var require_internal = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/encodings/internal.js"(exports2, module2) { + "../../../node_modules/iconv-lite/encodings/internal.js"(exports2, module2) { "use strict"; var Buffer2 = require_safer().Buffer; module2.exports = { @@ -23769,9 +27935,9 @@ var require_internal = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/encodings/utf32.js +// ../../../node_modules/iconv-lite/encodings/utf32.js var require_utf32 = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/encodings/utf32.js"(exports2) { + "../../../node_modules/iconv-lite/encodings/utf32.js"(exports2) { "use strict"; var Buffer2 = require_safer().Buffer; exports2._utf32 = Utf32Codec; @@ -23988,9 +28154,9 @@ var require_utf32 = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/encodings/utf16.js +// ../../../node_modules/iconv-lite/encodings/utf16.js var require_utf16 = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/encodings/utf16.js"(exports2) { + "../../../node_modules/iconv-lite/encodings/utf16.js"(exports2) { "use strict"; var Buffer2 = require_safer().Buffer; exports2.utf16be = Utf16BECodec; @@ -24122,9 +28288,9 @@ var require_utf16 = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/encodings/utf7.js +// ../../../node_modules/iconv-lite/encodings/utf7.js var require_utf7 = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/encodings/utf7.js"(exports2) { + "../../../node_modules/iconv-lite/encodings/utf7.js"(exports2) { "use strict"; var Buffer2 = require_safer().Buffer; exports2.utf7 = Utf7Codec; @@ -24323,9 +28489,9 @@ var require_utf7 = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/encodings/sbcs-codec.js +// ../../../node_modules/iconv-lite/encodings/sbcs-codec.js var require_sbcs_codec = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/encodings/sbcs-codec.js"(exports2) { + "../../../node_modules/iconv-lite/encodings/sbcs-codec.js"(exports2) { "use strict"; var Buffer2 = require_safer().Buffer; exports2._sbcs = SBCSCodec; @@ -24379,9 +28545,9 @@ var require_sbcs_codec = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/encodings/sbcs-data.js +// ../../../node_modules/iconv-lite/encodings/sbcs-data.js var require_sbcs_data = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/encodings/sbcs-data.js"(exports2, module2) { + "../../../node_modules/iconv-lite/encodings/sbcs-data.js"(exports2, module2) { "use strict"; module2.exports = { // Not supported by iconv, not sure why. @@ -24532,9 +28698,9 @@ var require_sbcs_data = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/encodings/sbcs-data-generated.js +// ../../../node_modules/iconv-lite/encodings/sbcs-data-generated.js var require_sbcs_data_generated = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/encodings/sbcs-data-generated.js"(exports2, module2) { + "../../../node_modules/iconv-lite/encodings/sbcs-data-generated.js"(exports2, module2) { "use strict"; module2.exports = { "437": "cp437", @@ -24987,9 +29153,9 @@ var require_sbcs_data_generated = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/encodings/dbcs-codec.js +// ../../../node_modules/iconv-lite/encodings/dbcs-codec.js var require_dbcs_codec = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/encodings/dbcs-codec.js"(exports2) { + "../../../node_modules/iconv-lite/encodings/dbcs-codec.js"(exports2) { "use strict"; var Buffer2 = require_safer().Buffer; exports2._dbcs = DBCSCodec; @@ -25404,9 +29570,9 @@ var require_dbcs_codec = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/encodings/tables/shiftjis.json +// ../../../node_modules/iconv-lite/encodings/tables/shiftjis.json var require_shiftjis = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/encodings/tables/shiftjis.json"(exports2, module2) { + "../../../node_modules/iconv-lite/encodings/tables/shiftjis.json"(exports2, module2) { module2.exports = [ ["0", "\0", 128], ["a1", "\uFF61", 62], @@ -25535,9 +29701,9 @@ var require_shiftjis = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/encodings/tables/eucjp.json +// ../../../node_modules/iconv-lite/encodings/tables/eucjp.json var require_eucjp = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/encodings/tables/eucjp.json"(exports2, module2) { + "../../../node_modules/iconv-lite/encodings/tables/eucjp.json"(exports2, module2) { module2.exports = [ ["0", "\0", 127], ["8ea1", "\uFF61", 62], @@ -25723,9 +29889,9 @@ var require_eucjp = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/encodings/tables/cp936.json +// ../../../node_modules/iconv-lite/encodings/tables/cp936.json var require_cp936 = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/encodings/tables/cp936.json"(exports2, module2) { + "../../../node_modules/iconv-lite/encodings/tables/cp936.json"(exports2, module2) { module2.exports = [ ["0", "\0", 127, "\u20AC"], ["8140", "\u4E02\u4E04\u4E05\u4E06\u4E0F\u4E12\u4E17\u4E1F\u4E20\u4E21\u4E23\u4E26\u4E29\u4E2E\u4E2F\u4E31\u4E33\u4E35\u4E37\u4E3C\u4E40\u4E41\u4E42\u4E44\u4E46\u4E4A\u4E51\u4E55\u4E57\u4E5A\u4E5B\u4E62\u4E63\u4E64\u4E65\u4E67\u4E68\u4E6A", 5, "\u4E72\u4E74", 9, "\u4E7F", 6, "\u4E87\u4E8A"], @@ -25993,9 +30159,9 @@ var require_cp936 = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/encodings/tables/gbk-added.json +// ../../../node_modules/iconv-lite/encodings/tables/gbk-added.json var require_gbk_added = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/encodings/tables/gbk-added.json"(exports2, module2) { + "../../../node_modules/iconv-lite/encodings/tables/gbk-added.json"(exports2, module2) { module2.exports = [ ["a140", "\uE4C6", 62], ["a180", "\uE505", 32], @@ -26055,16 +30221,16 @@ var require_gbk_added = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/encodings/tables/gb18030-ranges.json +// ../../../node_modules/iconv-lite/encodings/tables/gb18030-ranges.json var require_gb18030_ranges = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/encodings/tables/gb18030-ranges.json"(exports2, module2) { + "../../../node_modules/iconv-lite/encodings/tables/gb18030-ranges.json"(exports2, module2) { module2.exports = { uChars: [128, 165, 169, 178, 184, 216, 226, 235, 238, 244, 248, 251, 253, 258, 276, 284, 300, 325, 329, 334, 364, 463, 465, 467, 469, 471, 473, 475, 477, 506, 594, 610, 712, 716, 730, 930, 938, 962, 970, 1026, 1104, 1106, 8209, 8215, 8218, 8222, 8231, 8241, 8244, 8246, 8252, 8365, 8452, 8454, 8458, 8471, 8482, 8556, 8570, 8596, 8602, 8713, 8720, 8722, 8726, 8731, 8737, 8740, 8742, 8748, 8751, 8760, 8766, 8777, 8781, 8787, 8802, 8808, 8816, 8854, 8858, 8870, 8896, 8979, 9322, 9372, 9548, 9588, 9616, 9622, 9634, 9652, 9662, 9672, 9676, 9680, 9702, 9735, 9738, 9793, 9795, 11906, 11909, 11913, 11917, 11928, 11944, 11947, 11951, 11956, 11960, 11964, 11979, 12284, 12292, 12312, 12319, 12330, 12351, 12436, 12447, 12535, 12543, 12586, 12842, 12850, 12964, 13200, 13215, 13218, 13253, 13263, 13267, 13270, 13384, 13428, 13727, 13839, 13851, 14617, 14703, 14801, 14816, 14964, 15183, 15471, 15585, 16471, 16736, 17208, 17325, 17330, 17374, 17623, 17997, 18018, 18212, 18218, 18301, 18318, 18760, 18811, 18814, 18820, 18823, 18844, 18848, 18872, 19576, 19620, 19738, 19887, 40870, 59244, 59336, 59367, 59413, 59417, 59423, 59431, 59437, 59443, 59452, 59460, 59478, 59493, 63789, 63866, 63894, 63976, 63986, 64016, 64018, 64021, 64025, 64034, 64037, 64042, 65074, 65093, 65107, 65112, 65127, 65132, 65375, 65510, 65536], gbChars: [0, 36, 38, 45, 50, 81, 89, 95, 96, 100, 103, 104, 105, 109, 126, 133, 148, 172, 175, 179, 208, 306, 307, 308, 309, 310, 311, 312, 313, 341, 428, 443, 544, 545, 558, 741, 742, 749, 750, 805, 819, 820, 7922, 7924, 7925, 7927, 7934, 7943, 7944, 7945, 7950, 8062, 8148, 8149, 8152, 8164, 8174, 8236, 8240, 8262, 8264, 8374, 8380, 8381, 8384, 8388, 8390, 8392, 8393, 8394, 8396, 8401, 8406, 8416, 8419, 8424, 8437, 8439, 8445, 8482, 8485, 8496, 8521, 8603, 8936, 8946, 9046, 9050, 9063, 9066, 9076, 9092, 9100, 9108, 9111, 9113, 9131, 9162, 9164, 9218, 9219, 11329, 11331, 11334, 11336, 11346, 11361, 11363, 11366, 11370, 11372, 11375, 11389, 11682, 11686, 11687, 11692, 11694, 11714, 11716, 11723, 11725, 11730, 11736, 11982, 11989, 12102, 12336, 12348, 12350, 12384, 12393, 12395, 12397, 12510, 12553, 12851, 12962, 12973, 13738, 13823, 13919, 13933, 14080, 14298, 14585, 14698, 15583, 15847, 16318, 16434, 16438, 16481, 16729, 17102, 17122, 17315, 17320, 17402, 17418, 17859, 17909, 17911, 17915, 17916, 17936, 17939, 17961, 18664, 18703, 18814, 18962, 19043, 33469, 33470, 33471, 33484, 33485, 33490, 33497, 33501, 33505, 33513, 33520, 33536, 33550, 37845, 37921, 37948, 38029, 38038, 38064, 38065, 38066, 38069, 38075, 38076, 38078, 39108, 39109, 39113, 39114, 39115, 39116, 39265, 39394, 189e3] }; } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/encodings/tables/cp949.json +// ../../../node_modules/iconv-lite/encodings/tables/cp949.json var require_cp949 = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/encodings/tables/cp949.json"(exports2, module2) { + "../../../node_modules/iconv-lite/encodings/tables/cp949.json"(exports2, module2) { module2.exports = [ ["0", "\0", 127], ["8141", "\uAC02\uAC03\uAC05\uAC06\uAC0B", 4, "\uAC18\uAC1E\uAC1F\uAC21\uAC22\uAC23\uAC25", 6, "\uAC2E\uAC32\uAC33\uAC34"], @@ -26341,9 +30507,9 @@ var require_cp949 = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/encodings/tables/cp950.json +// ../../../node_modules/iconv-lite/encodings/tables/cp950.json var require_cp950 = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/encodings/tables/cp950.json"(exports2, module2) { + "../../../node_modules/iconv-lite/encodings/tables/cp950.json"(exports2, module2) { module2.exports = [ ["0", "\0", 127], ["a140", "\u3000\uFF0C\u3001\u3002\uFF0E\u2027\uFF1B\uFF1A\uFF1F\uFF01\uFE30\u2026\u2025\uFE50\uFE51\uFE52\xB7\uFE54\uFE55\uFE56\uFE57\uFF5C\u2013\uFE31\u2014\uFE33\u2574\uFE34\uFE4F\uFF08\uFF09\uFE35\uFE36\uFF5B\uFF5D\uFE37\uFE38\u3014\u3015\uFE39\uFE3A\u3010\u3011\uFE3B\uFE3C\u300A\u300B\uFE3D\uFE3E\u3008\u3009\uFE3F\uFE40\u300C\u300D\uFE41\uFE42\u300E\u300F\uFE43\uFE44\uFE59\uFE5A"], @@ -26524,9 +30690,9 @@ var require_cp950 = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/encodings/tables/big5-added.json +// ../../../node_modules/iconv-lite/encodings/tables/big5-added.json var require_big5_added = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/encodings/tables/big5-added.json"(exports2, module2) { + "../../../node_modules/iconv-lite/encodings/tables/big5-added.json"(exports2, module2) { module2.exports = [ ["8740", "\u43F0\u4C32\u4603\u45A6\u4578\u{27267}\u4D77\u45B3\u{27CB1}\u4CE2\u{27CC5}\u3B95\u4736\u4744\u4C47\u4C40\u{242BF}\u{23617}\u{27352}\u{26E8B}\u{270D2}\u4C57\u{2A351}\u474F\u45DA\u4C85\u{27C6C}\u4D07\u4AA4\u46A1\u{26B23}\u7225\u{25A54}\u{21A63}\u{23E06}\u{23F61}\u664D\u56FB"], ["8767", "\u7D95\u591D\u{28BB9}\u3DF4\u9734\u{27BEF}\u5BDB\u{21D5E}\u5AA4\u3625\u{29EB0}\u5AD1\u5BB7\u5CFC\u676E\u8593\u{29945}\u7461\u749D\u3875\u{21D53}\u{2369E}\u{26021}\u3EEC"], @@ -26652,9 +30818,9 @@ var require_big5_added = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/encodings/dbcs-data.js +// ../../../node_modules/iconv-lite/encodings/dbcs-data.js var require_dbcs_data = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/encodings/dbcs-data.js"(exports2, module2) { + "../../../node_modules/iconv-lite/encodings/dbcs-data.js"(exports2, module2) { "use strict"; module2.exports = { // == Japanese/ShiftJIS ==================================================== @@ -26899,9 +31065,9 @@ var require_dbcs_data = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/encodings/index.js +// ../../../node_modules/iconv-lite/encodings/index.js var require_encodings = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/encodings/index.js"(exports2, module2) { + "../../../node_modules/iconv-lite/encodings/index.js"(exports2, module2) { "use strict"; var modules = [ require_internal(), @@ -26926,9 +31092,9 @@ var require_encodings = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/lib/streams.js +// ../../../node_modules/iconv-lite/lib/streams.js var require_streams = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/lib/streams.js"(exports2, module2) { + "../../../node_modules/iconv-lite/lib/streams.js"(exports2, module2) { "use strict"; var Buffer2 = require_safer().Buffer; module2.exports = function(stream_module) { @@ -27021,9 +31187,9 @@ var require_streams = __commonJS({ } }); -// ../../../node_modules/encoding/node_modules/iconv-lite/lib/index.js +// ../../../node_modules/iconv-lite/lib/index.js var require_lib2 = __commonJS({ - "../../../node_modules/encoding/node_modules/iconv-lite/lib/index.js"(exports2, module2) { + "../../../node_modules/iconv-lite/lib/index.js"(exports2, module2) { "use strict"; var Buffer2 = require_safer().Buffer; var bomHandling = require_bom_handling(); @@ -27332,7 +31498,7 @@ var require_lib3 = __commonJS({ body = null; } else if (isURLSearchParams(body)) { body = Buffer.from(body.toString()); - } else if (isBlob(body)) ; + } else if (isBlob2(body)) ; else if (Buffer.isBuffer(body)) ; else if (Object.prototype.toString.call(body) === "[object ArrayBuffer]") { body = Buffer.from(body); @@ -27467,7 +31633,7 @@ var require_lib3 = __commonJS({ if (body === null) { return Body.Promise.resolve(Buffer.alloc(0)); } - if (isBlob(body)) { + if (isBlob2(body)) { body = body.stream(); } if (Buffer.isBuffer(body)) { @@ -27563,7 +31729,7 @@ var require_lib3 = __commonJS({ } return obj.constructor.name === "URLSearchParams" || Object.prototype.toString.call(obj) === "[object URLSearchParams]" || typeof obj.sort === "function"; } - function isBlob(obj) { + function isBlob2(obj) { return typeof obj === "object" && typeof obj.arrayBuffer === "function" && typeof obj.type === "string" && typeof obj.stream === "function" && typeof obj.constructor === "function" && typeof obj.constructor.name === "string" && /^(Blob|File)$/.test(obj.constructor.name) && /^(Blob|File)$/.test(obj[Symbol.toStringTag]); } function clone(instance) { @@ -27589,7 +31755,7 @@ var require_lib3 = __commonJS({ return "text/plain;charset=UTF-8"; } else if (isURLSearchParams(body)) { return "application/x-www-form-urlencoded;charset=UTF-8"; - } else if (isBlob(body)) { + } else if (isBlob2(body)) { return body.type || null; } else if (Buffer.isBuffer(body)) { return null; @@ -27609,7 +31775,7 @@ var require_lib3 = __commonJS({ const body = instance.body; if (body === null) { return 0; - } else if (isBlob(body)) { + } else if (isBlob2(body)) { return body.size; } else if (Buffer.isBuffer(body)) { return body.length; @@ -27627,7 +31793,7 @@ var require_lib3 = __commonJS({ const body = instance.body; if (body === null) { dest.end(); - } else if (isBlob(body)) { + } else if (isBlob2(body)) { body.stream().pipe(dest); } else if (Buffer.isBuffer(body)) { dest.write(body); @@ -28908,7 +33074,7 @@ var require_sdk_v3_metadata = __commonJS({ iamPrefix: "logs" }, cloudwatch: { - iamPrefix: "monitoring" + iamPrefix: "cloudwatch" }, codeartifact: { iamPrefix: "codeartifact" @@ -30057,13 +34223,13 @@ var require_lib4 = __commonJS({ }); // lib/assertions/providers/lambda-handler/index.ts -var lambda_handler_exports = {}; -__export(lambda_handler_exports, { +var index_exports = {}; +__export(index_exports, { handler: () => handler, isComplete: () => isComplete, onTimeout: () => onTimeout }); -module.exports = __toCommonJS(lambda_handler_exports); +module.exports = __toCommonJS(index_exports); // lib/assertions/providers/lambda-handler/assertion.ts var import_helpers_internal = __toESM(require_helpers_internal()); @@ -30071,12 +34237,11 @@ var import_helpers_internal = __toESM(require_helpers_internal()); // lib/assertions/providers/lambda-handler/base.ts var https = __toESM(require("https")); var url = __toESM(require("url")); -var import_client_sfn = __toESM(require_dist_cjs53()); +var import_client_sfn = __toESM(require_dist_cjs76()); var CustomResourceHandler = class { constructor(event, context) { this.event = event; this.context = context; - this.timedOut = false; this.timeout = setTimeout(async () => { await this.respond({ status: "FAILED", @@ -30088,6 +34253,9 @@ var CustomResourceHandler = class { this.event = event; this.physicalResourceId = extractPhysicalResourceId(event); } + physicalResourceId; + timeout; + timedOut = false; /** * Handles executing the custom resource event. If `stateMachineArn` is present * in the props then trigger the waiter statemachine @@ -30221,6 +34389,7 @@ var AssertionHandler = class extends CustomResourceHandler { } }; var MatchCreator = class { + parsedObj; constructor(obj) { this.parsedObj = { matcher: obj @@ -30325,28 +34494,6 @@ function decodeCall(call) { // lib/assertions/providers/lambda-handler/http.ts var import_node_fetch = __toESM(require_lib3()); -var HttpHandler = class extends CustomResourceHandler { - async processEvent(request2) { - console.log("request", request2); - const response = await (0, import_node_fetch.default)(request2.parameters.url, request2.parameters.fetchOptions); - const result = { - ok: response.ok, - status: response.status, - statusText: response.statusText, - headers: response.headers.raw() - }; - result.body = await response.text(); - try { - result.body = JSON.parse(result.body); - } catch (e) { - } - return { - apiCallResponse: result - }; - } -}; - -// lib/assertions/providers/lambda-handler/sdk.ts var import_aws_custom_resource_sdk_adapter = __toESM(require_lib4()); // lib/assertions/providers/lambda-handler/utils.ts @@ -30393,10 +34540,38 @@ function decodeValue(value) { return JSON.parse(value); } +// lib/assertions/providers/lambda-handler/http.ts +var HttpHandler = class extends CustomResourceHandler { + async processEvent(request2) { + console.log("request", request2); + const response = await (0, import_node_fetch.default)(request2.parameters.url, request2.parameters.fetchOptions); + const result = { + ok: response.ok, + status: response.status, + statusText: response.statusText, + headers: response.headers.raw() + }; + result.body = await response.text(); + try { + result.body = JSON.parse(result.body); + } catch (e) { + } + let resp; + if (request2.flattenResponse === "true") { + resp = (0, import_aws_custom_resource_sdk_adapter.flatten)(deepParseJson({ apiCallResponse: result })); + } else { + resp = { apiCallResponse: result }; + } + console.log(`Returning result ${JSON.stringify(resp)}`); + return resp; + } +}; + // lib/assertions/providers/lambda-handler/sdk.ts +var import_aws_custom_resource_sdk_adapter2 = __toESM(require_lib4()); var AwsApiCallHandler = class extends CustomResourceHandler { async processEvent(request2) { - const apiCall = new import_aws_custom_resource_sdk_adapter.ApiCall(request2.service, request2.api); + const apiCall = new import_aws_custom_resource_sdk_adapter2.ApiCall(request2.service, request2.api); const parameters = request2.parameters ? decodeParameters(request2.parameters) : {}; console.log(`SDK request to ${apiCall.service}.${apiCall.action} with parameters ${JSON.stringify(parameters)}`); const response = await apiCall.invoke({ parameters }); @@ -30404,7 +34579,7 @@ var AwsApiCallHandler = class extends CustomResourceHandler { delete response.$metadata; let resp; if (request2.outputPaths || request2.flattenResponse === "true") { - const flattened = (0, import_aws_custom_resource_sdk_adapter.flatten)(deepParseJson({ apiCallResponse: response })); + const flattened = (0, import_aws_custom_resource_sdk_adapter2.flatten)(deepParseJson({ apiCallResponse: response })); resp = request2.outputPaths ? filterKeys(flattened, request2.outputPaths) : flattened; } else { resp = { apiCallResponse: response }; diff --git a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/aws-cdk-scheduler-targets-firehose-put-record.assets.json b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/aws-cdk-scheduler-targets-firehose-put-record.assets.json index ca0d90710dee8..67f72213bc8fb 100644 --- a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/aws-cdk-scheduler-targets-firehose-put-record.assets.json +++ b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/aws-cdk-scheduler-targets-firehose-put-record.assets.json @@ -1,5 +1,5 @@ { - "version": "39.0.0", + "version": "40.0.0", "files": { "44e9c4d7a5d3fd2d677e1a7e416b2b56f6b0104bd5eff9cac5557b4c65a9dc61": { "source": { diff --git a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/cdk.out b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/cdk.out index 91e1a8b9901d5..1e02a2deb191b 100644 --- a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/cdk.out +++ b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"39.0.0"} \ No newline at end of file +{"version":"40.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/integ.json b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/integ.json index 0f65b88237225..21e690d9b2696 100644 --- a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/integ.json +++ b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "39.0.0", + "version": "40.0.0", "testCases": { "integrationtest-firehose-put-record/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/integrationtestfirehoseputrecordDefaultTestDeployAssert781A189E.assets.json b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/integrationtestfirehoseputrecordDefaultTestDeployAssert781A189E.assets.json index 76da9d2a4da9b..a3e4f04ceac55 100644 --- a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/integrationtestfirehoseputrecordDefaultTestDeployAssert781A189E.assets.json +++ b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/integrationtestfirehoseputrecordDefaultTestDeployAssert781A189E.assets.json @@ -1,20 +1,20 @@ { - "version": "39.0.0", + "version": "40.0.0", "files": { - "bfcf4228d6660f50e81f19efdb64c6388dda6796296eb239decdff1dbc2f4981": { + "6eae57da2b343229b97cfa6b9fd2a70b0a928ebe32bb59e744e59440381146af": { "source": { - "path": "asset.bfcf4228d6660f50e81f19efdb64c6388dda6796296eb239decdff1dbc2f4981.bundle", + "path": "asset.6eae57da2b343229b97cfa6b9fd2a70b0a928ebe32bb59e744e59440381146af.bundle", "packaging": "zip" }, "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "bfcf4228d6660f50e81f19efdb64c6388dda6796296eb239decdff1dbc2f4981.zip", + "objectKey": "6eae57da2b343229b97cfa6b9fd2a70b0a928ebe32bb59e744e59440381146af.zip", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } }, - "435b2ad97890e5e6d4bfe3b883e6e41642fe6c80ec58e13d6a182eb03d3e03ab": { + "21a2bc3a70958f5e9b96c7cfae9ae56d1d253e4ec9e4f360cea91585f290c65d": { "source": { "path": "integrationtestfirehoseputrecordDefaultTestDeployAssert781A189E.template.json", "packaging": "file" @@ -22,7 +22,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "435b2ad97890e5e6d4bfe3b883e6e41642fe6c80ec58e13d6a182eb03d3e03ab.json", + "objectKey": "21a2bc3a70958f5e9b96c7cfae9ae56d1d253e4ec9e4f360cea91585f290c65d.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/integrationtestfirehoseputrecordDefaultTestDeployAssert781A189E.template.json b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/integrationtestfirehoseputrecordDefaultTestDeployAssert781A189E.template.json index f07b0cd3b981a..6c8ec865286ef 100644 --- a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/integrationtestfirehoseputrecordDefaultTestDeployAssert781A189E.template.json +++ b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/integrationtestfirehoseputrecordDefaultTestDeployAssert781A189E.template.json @@ -31,7 +31,7 @@ "MaxKeys": "1" }, "flattenResponse": "false", - "salt": "1740190488631" + "salt": "1740787749382" }, "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" @@ -219,7 +219,7 @@ "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "S3Key": "bfcf4228d6660f50e81f19efdb64c6388dda6796296eb239decdff1dbc2f4981.zip" + "S3Key": "6eae57da2b343229b97cfa6b9fd2a70b0a928ebe32bb59e744e59440381146af.zip" }, "Timeout": 120, "Handler": "index.handler", @@ -298,7 +298,7 @@ "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "S3Key": "bfcf4228d6660f50e81f19efdb64c6388dda6796296eb239decdff1dbc2f4981.zip" + "S3Key": "6eae57da2b343229b97cfa6b9fd2a70b0a928ebe32bb59e744e59440381146af.zip" }, "Timeout": 120, "Handler": "index.isComplete", @@ -348,7 +348,7 @@ "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" }, - "S3Key": "bfcf4228d6660f50e81f19efdb64c6388dda6796296eb239decdff1dbc2f4981.zip" + "S3Key": "6eae57da2b343229b97cfa6b9fd2a70b0a928ebe32bb59e744e59440381146af.zip" }, "Timeout": 120, "Handler": "index.onTimeout", diff --git a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/manifest.json b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/manifest.json index a8e4eae545220..ffc97d15f0b2f 100644 --- a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "39.0.0", + "version": "40.0.0", "artifacts": { "aws-cdk-scheduler-targets-firehose-put-record.assets": { "type": "cdk:asset-manifest", @@ -217,7 +217,9 @@ "/aws-cdk-scheduler-targets-firehose-put-record/MyFirehoseStream": [ { "type": "aws:cdk:analytics:construct", - "data": "*" + "data": { + "destination": "*" + } } ], "/aws-cdk-scheduler-targets-firehose-put-record/MyFirehoseStream/LogGroup": [ @@ -392,7 +394,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/435b2ad97890e5e6d4bfe3b883e6e41642fe6c80ec58e13d6a182eb03d3e03ab.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21a2bc3a70958f5e9b96c7cfae9ae56d1d253e4ec9e4f360cea91585f290c65d.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/tree.json b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/tree.json index 074333c4e813e..f02fcdd206ed3 100644 --- a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.js.snapshot/tree.json @@ -477,10 +477,12 @@ } }, "constructInfo": { - "fqn": "@aws-cdk/aws-kinesisfirehose-alpha.DeliveryStream", + "fqn": "aws-cdk-lib.aws_kinesisfirehose.DeliveryStream", "version": "0.0.0", "metadata": [ - "*" + { + "destination": "*" + } ] } }, diff --git a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.ts b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.ts index 47160ad3f52fe..5476159d67ddb 100644 --- a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.ts +++ b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/integ.kinesis-data-firehose-put-record.ts @@ -1,8 +1,7 @@ -import * as firehose from '@aws-cdk/aws-kinesisfirehose-alpha'; -import * as destinations from '@aws-cdk/aws-kinesisfirehose-destinations-alpha'; import * as scheduler from '@aws-cdk/aws-scheduler-alpha'; import { AwsApiCall, ExpectedResult, IntegTest } from '@aws-cdk/integ-tests-alpha'; import * as cdk from 'aws-cdk-lib'; +import * as firehose from 'aws-cdk-lib/aws-kinesisfirehose'; import { Bucket } from 'aws-cdk-lib/aws-s3'; import { KinesisDataFirehosePutRecord } from '../lib'; @@ -31,7 +30,7 @@ const deliveryStreamRole = new cdk.aws_iam.Role(stack, 'deliveryStreamRole', { destinationBucket.grantReadWrite(deliveryStreamRole); const firehoseStream = new firehose.DeliveryStream(stack, 'MyFirehoseStream', { - destination: new destinations.S3Bucket(destinationBucket, { + destination: new firehose.S3Bucket(destinationBucket, { role: deliveryStreamRole, bufferingInterval: cdk.Duration.minutes(1), }), diff --git a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/kinesis-data-firehose-put-record.test.ts b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/kinesis-data-firehose-put-record.test.ts index 54c5aafbef085..3e3cf50b27cd9 100644 --- a/packages/@aws-cdk/aws-scheduler-targets-alpha/test/kinesis-data-firehose-put-record.test.ts +++ b/packages/@aws-cdk/aws-scheduler-targets-alpha/test/kinesis-data-firehose-put-record.test.ts @@ -1,8 +1,8 @@ -import * as firehose from '@aws-cdk/aws-kinesisfirehose-alpha'; import { ScheduleExpression, Schedule, Group } from '@aws-cdk/aws-scheduler-alpha'; import { App, CfnResource, Duration, Stack } from 'aws-cdk-lib'; import { Template } from 'aws-cdk-lib/assertions'; import { AccountRootPrincipal, Role } from 'aws-cdk-lib/aws-iam'; +import * as firehose from 'aws-cdk-lib/aws-kinesisfirehose'; import * as sqs from 'aws-cdk-lib/aws-sqs'; import { Construct } from 'constructs'; import { KinesisDataFirehosePutRecord } from '../lib';