File Explorer

/proc/self/root/var/runtime/node_modules/@aws-sdk/middleware-signing/dist-cjs
This explorer reads the filesystem of the server it runs on, so /workspace/user isn't present here. Browsing and the terminal still work against this server's own disk from /.
0 dirs
1 file
index.js8.8 KB
index.js8.8 KB · 222 lines
1'use strict';2 3var client = require('@smithy/core/client');4var config = require('@smithy/core/config');5var signatureV4 = require('@smithy/signature-v4');6var protocols = require('@smithy/core/protocols');7 8const CREDENTIAL_EXPIRE_WINDOW = 300000;9const resolveAwsAuthConfig = (input) => {10    const normalizedCreds = createConfigBoundCredentialProvider(input);11    const { signingEscapePath = true, systemClockOffset = input.systemClockOffset || 0, sha256 } = input;12    let signer;13    if (input.signer) {14        signer = client.normalizeProvider(input.signer);15    }16    else if (input.regionInfoProvider) {17        signer = () => client.normalizeProvider(input.region)()18            .then(async (region) => [19            (await input.regionInfoProvider(region, {20                useFipsEndpoint: await input.useFipsEndpoint(),21                useDualstackEndpoint: await input.useDualstackEndpoint(),22            })) || {},23            region,24        ])25            .then(([regionInfo, region]) => {26            const { signingRegion, signingService } = regionInfo;27            input.signingRegion = input.signingRegion || signingRegion || region;28            input.signingName = input.signingName || signingService || input.serviceId;29            const params = {30                ...input,31                credentials: normalizedCreds,32                region: input.signingRegion,33                service: input.signingName,34                sha256,35                uriEscapePath: signingEscapePath,36            };37            const SignerCtor = input.signerConstructor || signatureV4.SignatureV4;38            return new SignerCtor(params);39        });40    }41    else {42        signer = async (authScheme) => {43            authScheme = Object.assign({}, {44                name: "sigv4",45                signingName: input.signingName || input.defaultSigningName,46                signingRegion: await client.normalizeProvider(input.region)(),47                properties: {},48            }, authScheme);49            const isSigv4a = authScheme?.name === "sigv4a";50            const signingRegion = authScheme.signingRegion;51            const signingService = authScheme.signingName;52            let regionForSigner;53            if (isSigv4a) {54                regionForSigner = input.signingRegion || signingRegion;55            }56            else {57                input.signingRegion = input.signingRegion || signingRegion;58                regionForSigner = input.signingRegion;59            }60            input.signingName = input.signingName || signingService || input.serviceId;61            const params = {62                ...input,63                credentials: normalizedCreds,64                region: regionForSigner,65                service: input.signingName,66                sha256,67                uriEscapePath: signingEscapePath,68            };69            const SignerCtor = input.signerConstructor || signatureV4.SignatureV4;70            return new SignerCtor(params);71        };72    }73    return Object.assign(input, {74        systemClockOffset,75        signingEscapePath,76        credentials: normalizedCreds,77        signer,78    });79};80const resolveSigV4AuthConfig = (input) => {81    const normalizedCreds = createConfigBoundCredentialProvider(input);82    const { signingEscapePath = true, systemClockOffset = input.systemClockOffset || 0, sha256 } = input;83    let signer;84    if (input.signer) {85        signer = client.normalizeProvider(input.signer);86    }87    else {88        signer = client.normalizeProvider(new signatureV4.SignatureV4({89            credentials: normalizedCreds,90            region: input.region,91            service: input.signingName,92            sha256,93            uriEscapePath: signingEscapePath,94        }));95    }96    return Object.assign(input, {97        systemClockOffset,98        signingEscapePath,99        credentials: normalizedCreds,100        signer,101    });102};103const normalizeCredentialProvider = (credentials) => {104    if (typeof credentials === "function") {105        return config.memoize(credentials, (credentials) => credentials.expiration !== undefined &&106            credentials.expiration.getTime() - Date.now() < CREDENTIAL_EXPIRE_WINDOW, (credentials) => credentials.expiration !== undefined);107    }108    return client.normalizeProvider(credentials);109};110const createConfigBoundCredentialProvider = (input) => {111    const normalizedCredentialsProvider = input.credentials112        ? normalizeCredentialProvider(input.credentials)113        : input.credentialDefaultProvider(Object.assign({}, input, {114            parentClientConfig: input,115        }));116    const normalizedCreds = async () => normalizedCredentialsProvider({117        callerClientConfig: {118            region: client.normalizeProvider(input.region),119            profile: input.profile,120        },121    });122    return normalizedCreds;123};124 125const getSkewCorrectedDate = (systemClockOffset) => new Date(Date.now() + systemClockOffset);126 127const isClockSkewed = (clockTime, systemClockOffset) => Math.abs(getSkewCorrectedDate(systemClockOffset).getTime() - clockTime) >= 300000;128 129const getUpdatedSystemClockOffset = (clockTime, currentSystemClockOffset) => {130    const clockTimeInMs = Date.parse(clockTime);131    if (isClockSkewed(clockTimeInMs, currentSystemClockOffset)) {132        return clockTimeInMs - Date.now();133    }134    return currentSystemClockOffset;135};136 137const awsAuthMiddleware = (options) => (next, context) => async function (args) {138    if (!protocols.HttpRequest.isInstance(args.request))139        return next(args);140    let authScheme;141    let signer;142    const firstAuthScheme = context.endpointV2?.properties?.authSchemes?.[0];143    const secondAuthScheme = context.endpointV2?.properties?.authSchemes?.[1];144    const firstAuthSchemeIsSigv4a = firstAuthScheme?.name === "sigv4a";145    if (firstAuthSchemeIsSigv4a && secondAuthScheme) {146        signer = await options.signer((authScheme = firstAuthScheme));147        const uncheckedSigner = signer;148        const sigv4aAvailable = (() => {149            if (typeof uncheckedSigner?.getSigv4aSigner === "function") {150                if (uncheckedSigner?.signerOptions?.runtime !== "node") {151                    return false;152                }153                try {154                    uncheckedSigner.getSigv4aSigner();155                    return true;156                }157                catch (e) { }158            }159            return false;160        })();161        if (!sigv4aAvailable) {162            signer = await options.signer((authScheme = secondAuthScheme));163        }164    }165    else {166        signer = await options.signer((authScheme = firstAuthScheme));167    }168    let signedRequest;169    const multiRegionOverride = authScheme?.name === "sigv4a" ? authScheme?.signingRegionSet?.join(",") : undefined;170    const signingOptions = {171        signingDate: getSkewCorrectedDate(options.systemClockOffset),172        signingRegion: multiRegionOverride || context["signing_region"],173        signingService: context["signing_service"],174    };175    if (context.s3ExpressIdentity) {176        const sigV4MultiRegion = signer;177        signedRequest = await sigV4MultiRegion.signWithCredentials(args.request, context.s3ExpressIdentity, signingOptions);178        if (signedRequest.headers["X-Amz-Security-Token"] || signedRequest.headers["x-amz-security-token"]) {179            throw new Error("X-Amz-Security-Token must not be set for s3-express requests.");180        }181    }182    else {183        signedRequest = await signer.sign(args.request, signingOptions);184    }185    const output = await next({186        ...args,187        request: signedRequest,188    }).catch((error) => {189        const serverTime = error.ServerTime ?? getDateHeader(error.$response);190        if (serverTime) {191            options.systemClockOffset = getUpdatedSystemClockOffset(serverTime, options.systemClockOffset);192        }193        throw error;194    });195    const dateHeader = getDateHeader(output.response);196    if (dateHeader) {197        options.systemClockOffset = getUpdatedSystemClockOffset(dateHeader, options.systemClockOffset);198    }199    return output;200};201const getDateHeader = (response) => protocols.HttpResponse.isInstance(response) ? response.headers?.date ?? response.headers?.Date : undefined;202const awsAuthMiddlewareOptions = {203    name: "awsAuthMiddleware",204    tags: ["SIGNATURE", "AWSAUTH"],205    relation: "after",206    toMiddleware: "retryMiddleware",207    override: true,208};209const getAwsAuthPlugin = (options) => ({210    applyToStack: (clientStack) => {211        clientStack.addRelativeTo(awsAuthMiddleware(options), awsAuthMiddlewareOptions);212    },213});214const getSigV4AuthPlugin = getAwsAuthPlugin;215 216exports.awsAuthMiddleware = awsAuthMiddleware;217exports.awsAuthMiddlewareOptions = awsAuthMiddlewareOptions;218exports.getAwsAuthPlugin = getAwsAuthPlugin;219exports.getSigV4AuthPlugin = getSigV4AuthPlugin;220exports.resolveAwsAuthConfig = resolveAwsAuthConfig;221exports.resolveSigV4AuthConfig = resolveSigV4AuthConfig;222