File Explorer

/proc/self/root/var/runtime/node_modules/@aws-sdk/client-sts/dist-cjs
This explorer reads the filesystem of the server it runs on, so /workspace/user isn't present here. Browsing and the terminal still work against this server's own disk from /.
4 dirs
3 files
index.js18.1 KB · 422 lines
1'use strict';2 3var client$1 = require('@aws-sdk/core/client');4var core = require('@smithy/core');5var client = require('@smithy/core/client');6var config = require('@smithy/core/config');7var endpoints = require('@smithy/core/endpoints');8var protocols = require('@smithy/core/protocols');9var retry = require('@smithy/core/retry');10var schema = require('@smithy/core/schema');11var httpAuthSchemeProvider = require('./auth/httpAuthSchemeProvider');12var runtimeConfig = require('./runtimeConfig');13var schemas_0 = require('./schemas/schemas_0');14var errors = require('./models/errors');15var STSServiceException = require('./models/STSServiceException');16 17const resolveClientEndpointParameters = (options) => {18    return Object.assign(options, {19        useDualstackEndpoint: options.useDualstackEndpoint ?? false,20        useFipsEndpoint: options.useFipsEndpoint ?? false,21        useGlobalEndpoint: options.useGlobalEndpoint ?? false,22        defaultSigningName: "sts",23    });24};25const commonParams = {26    UseGlobalEndpoint: { type: "builtInParams", name: "useGlobalEndpoint" },27    UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" },28    Endpoint: { type: "builtInParams", name: "endpoint" },29    Region: { type: "builtInParams", name: "region" },30    UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" },31};32 33const getHttpAuthExtensionConfiguration = (runtimeConfig) => {34    const _httpAuthSchemes = runtimeConfig.httpAuthSchemes;35    let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider;36    let _credentials = runtimeConfig.credentials;37    return {38        setHttpAuthScheme(httpAuthScheme) {39            const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId);40            if (index === -1) {41                _httpAuthSchemes.push(httpAuthScheme);42            }43            else {44                _httpAuthSchemes.splice(index, 1, httpAuthScheme);45            }46        },47        httpAuthSchemes() {48            return _httpAuthSchemes;49        },50        setHttpAuthSchemeProvider(httpAuthSchemeProvider) {51            _httpAuthSchemeProvider = httpAuthSchemeProvider;52        },53        httpAuthSchemeProvider() {54            return _httpAuthSchemeProvider;55        },56        setCredentials(credentials) {57            _credentials = credentials;58        },59        credentials() {60            return _credentials;61        },62    };63};64const resolveHttpAuthRuntimeConfig = (config) => {65    return {66        httpAuthSchemes: config.httpAuthSchemes(),67        httpAuthSchemeProvider: config.httpAuthSchemeProvider(),68        credentials: config.credentials(),69    };70};71 72const resolveRuntimeExtensions = (runtimeConfig, extensions) => {73    const extensionConfiguration = Object.assign(client$1.getAwsRegionExtensionConfiguration(runtimeConfig), client.getDefaultExtensionConfiguration(runtimeConfig), protocols.getHttpHandlerExtensionConfiguration(runtimeConfig), getHttpAuthExtensionConfiguration(runtimeConfig));74    extensions.forEach((extension) => extension.configure(extensionConfiguration));75    return Object.assign(runtimeConfig, client$1.resolveAwsRegionExtensionConfiguration(extensionConfiguration), client.resolveDefaultRuntimeConfig(extensionConfiguration), protocols.resolveHttpHandlerRuntimeConfig(extensionConfiguration), resolveHttpAuthRuntimeConfig(extensionConfiguration));76};77 78class STSClient extends client.Client {79    config;80    constructor(...[configuration]) {81        const _config_0 = runtimeConfig.getRuntimeConfig(configuration || {});82        super(_config_0);83        this.initConfig = _config_0;84        const _config_1 = resolveClientEndpointParameters(_config_0);85        const _config_2 = client$1.resolveUserAgentConfig(_config_1);86        const _config_3 = retry.resolveRetryConfig(_config_2);87        const _config_4 = config.resolveRegionConfig(_config_3);88        const _config_5 = client$1.resolveHostHeaderConfig(_config_4);89        const _config_6 = endpoints.resolveEndpointConfig(_config_5);90        const _config_7 = httpAuthSchemeProvider.resolveHttpAuthSchemeConfig(_config_6);91        const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []);92        this.config = _config_8;93        this.middlewareStack.use(schema.getSchemaSerdePlugin(this.config));94        this.middlewareStack.use(client$1.getUserAgentPlugin(this.config));95        this.middlewareStack.use(retry.getRetryPlugin(this.config));96        this.middlewareStack.use(protocols.getContentLengthPlugin(this.config));97        this.middlewareStack.use(client$1.getHostHeaderPlugin(this.config));98        this.middlewareStack.use(client$1.getLoggerPlugin(this.config));99        this.middlewareStack.use(client$1.getRecursionDetectionPlugin(this.config));100        this.middlewareStack.use(core.getHttpAuthSchemeEndpointRuleSetPlugin(this.config, {101            httpAuthSchemeParametersProvider: httpAuthSchemeProvider.defaultSTSHttpAuthSchemeParametersProvider,102            identityProviderConfigProvider: async (config) => new core.DefaultIdentityProviderConfig({103                "aws.auth#sigv4": config.credentials,104                "aws.auth#sigv4a": config.credentials,105            }),106        }));107        this.middlewareStack.use(core.getHttpSigningPlugin(this.config));108    }109    destroy() {110        super.destroy();111    }112}113 114class AssumeRoleCommand extends client.Command115    .classBuilder()116    .ep(commonParams)117    .m(function (Command, cs, config, o) {118    return [endpoints.getEndpointPlugin(config, Command.getEndpointParameterInstructions())];119})120    .s("AWSSecurityTokenServiceV20110615", "AssumeRole", {})121    .n("STSClient", "AssumeRoleCommand")122    .sc(schemas_0.AssumeRole$)123    .build() {124}125 126class AssumeRoleWithSAMLCommand extends client.Command127    .classBuilder()128    .ep(commonParams)129    .m(function (Command, cs, config, o) {130    return [endpoints.getEndpointPlugin(config, Command.getEndpointParameterInstructions())];131})132    .s("AWSSecurityTokenServiceV20110615", "AssumeRoleWithSAML", {})133    .n("STSClient", "AssumeRoleWithSAMLCommand")134    .sc(schemas_0.AssumeRoleWithSAML$)135    .build() {136}137 138class AssumeRoleWithWebIdentityCommand extends client.Command139    .classBuilder()140    .ep(commonParams)141    .m(function (Command, cs, config, o) {142    return [endpoints.getEndpointPlugin(config, Command.getEndpointParameterInstructions())];143})144    .s("AWSSecurityTokenServiceV20110615", "AssumeRoleWithWebIdentity", {})145    .n("STSClient", "AssumeRoleWithWebIdentityCommand")146    .sc(schemas_0.AssumeRoleWithWebIdentity$)147    .build() {148}149 150class AssumeRootCommand extends client.Command151    .classBuilder()152    .ep(commonParams)153    .m(function (Command, cs, config, o) {154    return [endpoints.getEndpointPlugin(config, Command.getEndpointParameterInstructions())];155})156    .s("AWSSecurityTokenServiceV20110615", "AssumeRoot", {})157    .n("STSClient", "AssumeRootCommand")158    .sc(schemas_0.AssumeRoot$)159    .build() {160}161 162class DecodeAuthorizationMessageCommand extends client.Command163    .classBuilder()164    .ep(commonParams)165    .m(function (Command, cs, config, o) {166    return [endpoints.getEndpointPlugin(config, Command.getEndpointParameterInstructions())];167})168    .s("AWSSecurityTokenServiceV20110615", "DecodeAuthorizationMessage", {})169    .n("STSClient", "DecodeAuthorizationMessageCommand")170    .sc(schemas_0.DecodeAuthorizationMessage$)171    .build() {172}173 174class GetAccessKeyInfoCommand extends client.Command175    .classBuilder()176    .ep(commonParams)177    .m(function (Command, cs, config, o) {178    return [endpoints.getEndpointPlugin(config, Command.getEndpointParameterInstructions())];179})180    .s("AWSSecurityTokenServiceV20110615", "GetAccessKeyInfo", {})181    .n("STSClient", "GetAccessKeyInfoCommand")182    .sc(schemas_0.GetAccessKeyInfo$)183    .build() {184}185 186class GetCallerIdentityCommand extends client.Command187    .classBuilder()188    .ep(commonParams)189    .m(function (Command, cs, config, o) {190    return [endpoints.getEndpointPlugin(config, Command.getEndpointParameterInstructions())];191})192    .s("AWSSecurityTokenServiceV20110615", "GetCallerIdentity", {})193    .n("STSClient", "GetCallerIdentityCommand")194    .sc(schemas_0.GetCallerIdentity$)195    .build() {196}197 198class GetDelegatedAccessTokenCommand extends client.Command199    .classBuilder()200    .ep(commonParams)201    .m(function (Command, cs, config, o) {202    return [endpoints.getEndpointPlugin(config, Command.getEndpointParameterInstructions())];203})204    .s("AWSSecurityTokenServiceV20110615", "GetDelegatedAccessToken", {})205    .n("STSClient", "GetDelegatedAccessTokenCommand")206    .sc(schemas_0.GetDelegatedAccessToken$)207    .build() {208}209 210class GetFederationTokenCommand extends client.Command211    .classBuilder()212    .ep(commonParams)213    .m(function (Command, cs, config, o) {214    return [endpoints.getEndpointPlugin(config, Command.getEndpointParameterInstructions())];215})216    .s("AWSSecurityTokenServiceV20110615", "GetFederationToken", {})217    .n("STSClient", "GetFederationTokenCommand")218    .sc(schemas_0.GetFederationToken$)219    .build() {220}221 222class GetSessionTokenCommand extends client.Command223    .classBuilder()224    .ep(commonParams)225    .m(function (Command, cs, config, o) {226    return [endpoints.getEndpointPlugin(config, Command.getEndpointParameterInstructions())];227})228    .s("AWSSecurityTokenServiceV20110615", "GetSessionToken", {})229    .n("STSClient", "GetSessionTokenCommand")230    .sc(schemas_0.GetSessionToken$)231    .build() {232}233 234class GetWebIdentityTokenCommand extends client.Command235    .classBuilder()236    .ep(commonParams)237    .m(function (Command, cs, config, o) {238    return [endpoints.getEndpointPlugin(config, Command.getEndpointParameterInstructions())];239})240    .s("AWSSecurityTokenServiceV20110615", "GetWebIdentityToken", {})241    .n("STSClient", "GetWebIdentityTokenCommand")242    .sc(schemas_0.GetWebIdentityToken$)243    .build() {244}245 246const commands = {247    AssumeRoleCommand,248    AssumeRoleWithSAMLCommand,249    AssumeRoleWithWebIdentityCommand,250    AssumeRootCommand,251    DecodeAuthorizationMessageCommand,252    GetAccessKeyInfoCommand,253    GetCallerIdentityCommand,254    GetDelegatedAccessTokenCommand,255    GetFederationTokenCommand,256    GetSessionTokenCommand,257    GetWebIdentityTokenCommand,258};259class STS extends STSClient {260}261client.createAggregatedClient(commands, STS);262 263const getAccountIdFromAssumedRoleUser = (assumedRoleUser) => {264    if (typeof assumedRoleUser?.Arn === "string") {265        const arnComponents = assumedRoleUser.Arn.split(":");266        if (arnComponents.length > 4 && arnComponents[4] !== "") {267            return arnComponents[4];268        }269    }270    return undefined;271};272const resolveRegion = async (_region, _parentRegion, credentialProviderLogger, loaderConfig = {}) => {273    const region = typeof _region === "function" ? await _region() : _region;274    const parentRegion = typeof _parentRegion === "function" ? await _parentRegion() : _parentRegion;275    let stsDefaultRegion = "";276    const resolvedRegion = region ?? parentRegion ?? (stsDefaultRegion = await client$1.stsRegionDefaultResolver(loaderConfig)());277    credentialProviderLogger?.debug?.("@aws-sdk/client-sts::resolveRegion", "accepting first of:", `${region} (credential provider clientConfig)`, `${parentRegion} (contextual client)`, `${stsDefaultRegion} (STS default: AWS_REGION, profile region, or us-east-1)`);278    return resolvedRegion;279};280const getDefaultRoleAssumer$1 = (stsOptions, STSClient) => {281    let stsClient;282    let closureSourceCreds;283    return async (sourceCreds, params) => {284        closureSourceCreds = sourceCreds;285        if (!stsClient) {286            const { logger = stsOptions?.parentClientConfig?.logger, profile = stsOptions?.parentClientConfig?.profile, region, requestHandler = stsOptions?.parentClientConfig?.requestHandler, credentialProviderLogger, userAgentAppId = stsOptions?.parentClientConfig?.userAgentAppId, } = stsOptions;287            const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger, {288                logger,289                profile,290            });291            const isCompatibleRequestHandler = !isH2(requestHandler);292            stsClient = new STSClient({293                ...stsOptions,294                userAgentAppId,295                profile,296                credentialDefaultProvider: () => async () => closureSourceCreds,297                region: resolvedRegion,298                requestHandler: isCompatibleRequestHandler ? requestHandler : undefined,299                logger: logger,300            });301        }302        const { Credentials, AssumedRoleUser } = await stsClient.send(new AssumeRoleCommand(params));303        if (!Credentials || !Credentials.AccessKeyId || !Credentials.SecretAccessKey) {304            throw new Error(`Invalid response from STS.assumeRole call with role ${params.RoleArn}`);305        }306        const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser);307        const credentials = {308            accessKeyId: Credentials.AccessKeyId,309            secretAccessKey: Credentials.SecretAccessKey,310            sessionToken: Credentials.SessionToken,311            expiration: Credentials.Expiration,312            ...(Credentials.CredentialScope && { credentialScope: Credentials.CredentialScope }),313            ...(accountId && { accountId }),314        };315        client$1.setCredentialFeature(credentials, "CREDENTIALS_STS_ASSUME_ROLE", "i");316        return credentials;317    };318};319const getDefaultRoleAssumerWithWebIdentity$1 = (stsOptions, STSClient) => {320    let stsClient;321    return async (params) => {322        if (!stsClient) {323            const { logger = stsOptions?.parentClientConfig?.logger, profile = stsOptions?.parentClientConfig?.profile, region, requestHandler = stsOptions?.parentClientConfig?.requestHandler, credentialProviderLogger, userAgentAppId = stsOptions?.parentClientConfig?.userAgentAppId, } = stsOptions;324            const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger, {325                logger,326                profile,327            });328            const isCompatibleRequestHandler = !isH2(requestHandler);329            stsClient = new STSClient({330                ...stsOptions,331                userAgentAppId,332                profile,333                region: resolvedRegion,334                requestHandler: isCompatibleRequestHandler ? requestHandler : undefined,335                logger: logger,336            });337        }338        const { Credentials, AssumedRoleUser } = await stsClient.send(new AssumeRoleWithWebIdentityCommand(params));339        if (!Credentials || !Credentials.AccessKeyId || !Credentials.SecretAccessKey) {340            throw new Error(`Invalid response from STS.assumeRoleWithWebIdentity call with role ${params.RoleArn}`);341        }342        const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser);343        const credentials = {344            accessKeyId: Credentials.AccessKeyId,345            secretAccessKey: Credentials.SecretAccessKey,346            sessionToken: Credentials.SessionToken,347            expiration: Credentials.Expiration,348            ...(Credentials.CredentialScope && { credentialScope: Credentials.CredentialScope }),349            ...(accountId && { accountId }),350        };351        if (accountId) {352            client$1.setCredentialFeature(credentials, "RESOLVED_ACCOUNT_ID", "T");353        }354        client$1.setCredentialFeature(credentials, "CREDENTIALS_STS_ASSUME_ROLE_WEB_ID", "k");355        return credentials;356    };357};358const isH2 = (requestHandler) => {359    return requestHandler?.metadata?.handlerProtocol === "h2";360};361 362const getCustomizableStsClientCtor = (baseCtor, customizations) => {363    if (!customizations)364        return baseCtor;365    else366        return class CustomizableSTSClient extends baseCtor {367            constructor(config) {368                super(config);369                for (const customization of customizations) {370                    this.middlewareStack.use(customization);371                }372            }373        };374};375const getDefaultRoleAssumer = (stsOptions = {}, stsPlugins) => getDefaultRoleAssumer$1(stsOptions, getCustomizableStsClientCtor(STSClient, stsPlugins));376const getDefaultRoleAssumerWithWebIdentity = (stsOptions = {}, stsPlugins) => getDefaultRoleAssumerWithWebIdentity$1(stsOptions, getCustomizableStsClientCtor(STSClient, stsPlugins));377const decorateDefaultCredentialProvider = (provider) => (input) => provider({378    roleAssumer: getDefaultRoleAssumer(input),379    roleAssumerWithWebIdentity: getDefaultRoleAssumerWithWebIdentity(input),380    ...input,381});382 383exports.$Command = client.Command;384exports.__Client = client.Client;385exports.STSServiceException = STSServiceException.STSServiceException;386exports.AssumeRoleCommand = AssumeRoleCommand;387exports.AssumeRoleWithSAMLCommand = AssumeRoleWithSAMLCommand;388exports.AssumeRoleWithWebIdentityCommand = AssumeRoleWithWebIdentityCommand;389exports.AssumeRootCommand = AssumeRootCommand;390exports.DecodeAuthorizationMessageCommand = DecodeAuthorizationMessageCommand;391exports.GetAccessKeyInfoCommand = GetAccessKeyInfoCommand;392exports.GetCallerIdentityCommand = GetCallerIdentityCommand;393exports.GetDelegatedAccessTokenCommand = GetDelegatedAccessTokenCommand;394exports.GetFederationTokenCommand = GetFederationTokenCommand;395exports.GetSessionTokenCommand = GetSessionTokenCommand;396exports.GetWebIdentityTokenCommand = GetWebIdentityTokenCommand;397exports.STS = STS;398exports.STSClient = STSClient;399exports.decorateDefaultCredentialProvider = decorateDefaultCredentialProvider;400exports.getDefaultRoleAssumer = getDefaultRoleAssumer;401exports.getDefaultRoleAssumerWithWebIdentity = getDefaultRoleAssumerWithWebIdentity;402Object.prototype.hasOwnProperty.call(schemas_0, '__proto__') &&403    !Object.prototype.hasOwnProperty.call(exports, '__proto__') &&404    Object.defineProperty(exports, '__proto__', {405        enumerable: true,406        value: schemas_0['__proto__']407    });408 409Object.keys(schemas_0).forEach(function (k) {410    if (k !== 'default' && !Object.prototype.hasOwnProperty.call(exports, k)) exports[k] = schemas_0[k];411});412Object.prototype.hasOwnProperty.call(errors, '__proto__') &&413    !Object.prototype.hasOwnProperty.call(exports, '__proto__') &&414    Object.defineProperty(exports, '__proto__', {415        enumerable: true,416        value: errors['__proto__']417    });418 419Object.keys(errors).forEach(function (k) {420    if (k !== 'default' && !Object.prototype.hasOwnProperty.call(exports, k)) exports[k] = errors[k];421});422