"use strict"; exports.id = 998; exports.ids = [998]; exports.modules = { /***/ 62041: /***/ ((__unused_webpack_module, exports, __webpack_require__) => { Object.defineProperty(exports, "__esModule", ({ value: true })); exports.resolveHttpAuthSchemeConfig = exports.defaultSSOHttpAuthSchemeProvider = exports.defaultSSOHttpAuthSchemeParametersProvider = void 0; const core_1 = __webpack_require__(8704); const util_middleware_1 = __webpack_require__(76324); const defaultSSOHttpAuthSchemeParametersProvider = async (config, context, input) => { return { operation: (0, util_middleware_1.getSmithyContext)(context).operation, region: await (0, util_middleware_1.normalizeProvider)(config.region)() || (() => { throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); })(), }; }; exports.defaultSSOHttpAuthSchemeParametersProvider = defaultSSOHttpAuthSchemeParametersProvider; function createAwsAuthSigv4HttpAuthOption(authParameters) { return { schemeId: "aws.auth#sigv4", signingProperties: { name: "awsssoportal", region: authParameters.region, }, propertiesExtractor: (config, context) => ({ signingProperties: { config, context, }, }), }; } function createSmithyApiNoAuthHttpAuthOption(authParameters) { return { schemeId: "smithy.api#noAuth", }; } const defaultSSOHttpAuthSchemeProvider = (authParameters) => { const options = []; switch (authParameters.operation) { case "GetRoleCredentials": { options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); break; } ; case "ListAccountRoles": { options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); break; } ; case "ListAccounts": { options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); break; } ; case "Logout": { options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); break; } ; default: { options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); } } return options; }; exports.defaultSSOHttpAuthSchemeProvider = defaultSSOHttpAuthSchemeProvider; const resolveHttpAuthSchemeConfig = (config) => { const config_0 = (0, core_1.resolveAwsSdkSigV4Config)(config); return Object.assign(config_0, { authSchemePreference: (0, util_middleware_1.normalizeProvider)(config.authSchemePreference ?? []), }); }; exports.resolveHttpAuthSchemeConfig = resolveHttpAuthSchemeConfig; /***/ }), /***/ 13903: /***/ ((__unused_webpack_module, exports, __webpack_require__) => { Object.defineProperty(exports, "__esModule", ({ value: true })); exports.defaultEndpointResolver = void 0; const util_endpoints_1 = __webpack_require__(83068); const util_endpoints_2 = __webpack_require__(79674); const ruleset_1 = __webpack_require__(41308); const cache = new util_endpoints_2.EndpointCache({ size: 50, params: ["Endpoint", "Region", "UseDualStack", "UseFIPS"], }); const defaultEndpointResolver = (endpointParams, context = {}) => { return cache.get(endpointParams, () => (0, util_endpoints_2.resolveEndpoint)(ruleset_1.ruleSet, { endpointParams: endpointParams, logger: context.logger, })); }; exports.defaultEndpointResolver = defaultEndpointResolver; util_endpoints_2.customEndpointFunctions.aws = util_endpoints_1.awsEndpointFunctions; /***/ }), /***/ 41308: /***/ ((__unused_webpack_module, exports) => { Object.defineProperty(exports, "__esModule", ({ value: true })); exports.ruleSet = void 0; const u = "required", v = "fn", w = "argv", x = "ref"; const a = true, b = "isSet", c = "booleanEquals", d = "error", e = "endpoint", f = "tree", g = "PartitionResult", h = "getAttr", i = { [u]: false, "type": "string" }, j = { [u]: true, "default": false, "type": "boolean" }, k = { [x]: "Endpoint" }, l = { [v]: c, [w]: [{ [x]: "UseFIPS" }, true] }, m = { [v]: c, [w]: [{ [x]: "UseDualStack" }, true] }, n = {}, o = { [v]: h, [w]: [{ [x]: g }, "supportsFIPS"] }, p = { [x]: g }, q = { [v]: c, [w]: [true, { [v]: h, [w]: [p, "supportsDualStack"] }] }, r = [l], s = [m], t = [{ [x]: "Region" }]; const _data = { version: "1.0", parameters: { Region: i, UseDualStack: j, UseFIPS: j, Endpoint: i }, rules: [{ conditions: [{ [v]: b, [w]: [k] }], rules: [{ conditions: r, error: "Invalid Configuration: FIPS and custom endpoint are not supported", type: d }, { conditions: s, error: "Invalid Configuration: Dualstack and custom endpoint are not supported", type: d }, { endpoint: { url: k, properties: n, headers: n }, type: e }], type: f }, { conditions: [{ [v]: b, [w]: t }], rules: [{ conditions: [{ [v]: "aws.partition", [w]: t, assign: g }], rules: [{ conditions: [l, m], rules: [{ conditions: [{ [v]: c, [w]: [a, o] }, q], rules: [{ endpoint: { url: "https://portal.sso-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "FIPS and DualStack are enabled, but this partition does not support one or both", type: d }], type: f }, { conditions: r, rules: [{ conditions: [{ [v]: c, [w]: [o, a] }], rules: [{ conditions: [{ [v]: "stringEquals", [w]: [{ [v]: h, [w]: [p, "name"] }, "aws-us-gov"] }], endpoint: { url: "https://portal.sso.{Region}.amazonaws.com", properties: n, headers: n }, type: e }, { endpoint: { url: "https://portal.sso-fips.{Region}.{PartitionResult#dnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "FIPS is enabled but this partition does not support FIPS", type: d }], type: f }, { conditions: s, rules: [{ conditions: [q], rules: [{ endpoint: { url: "https://portal.sso.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: n, headers: n }, type: e }], type: f }, { error: "DualStack is enabled but this partition does not support DualStack", type: d }], type: f }, { endpoint: { url: "https://portal.sso.{Region}.{PartitionResult#dnsSuffix}", properties: n, headers: n }, type: e }], type: f }], type: f }, { error: "Invalid Configuration: Missing Region", type: d }] }; exports.ruleSet = _data; /***/ }), /***/ 62054: /***/ ((__unused_webpack_module, exports, __webpack_require__) => { var middlewareHostHeader = __webpack_require__(52590); var middlewareLogger = __webpack_require__(85242); var middlewareRecursionDetection = __webpack_require__(81568); var middlewareUserAgent = __webpack_require__(32959); var configResolver = __webpack_require__(39316); var core = __webpack_require__(90402); var schema = __webpack_require__(26890); var middlewareContentLength = __webpack_require__(47212); var middlewareEndpoint = __webpack_require__(40099); var middlewareRetry = __webpack_require__(19618); var smithyClient = __webpack_require__(61411); var httpAuthSchemeProvider = __webpack_require__(62041); var runtimeConfig = __webpack_require__(82696); var regionConfigResolver = __webpack_require__(36463); var protocolHttp = __webpack_require__(72356); const resolveClientEndpointParameters = (options) => { return Object.assign(options, { useDualstackEndpoint: options.useDualstackEndpoint ?? false, useFipsEndpoint: options.useFipsEndpoint ?? false, defaultSigningName: "awsssoportal", }); }; const commonParams = { UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, Endpoint: { type: "builtInParams", name: "endpoint" }, Region: { type: "builtInParams", name: "region" }, UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }, }; const getHttpAuthExtensionConfiguration = (runtimeConfig) => { const _httpAuthSchemes = runtimeConfig.httpAuthSchemes; let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider; let _credentials = runtimeConfig.credentials; return { setHttpAuthScheme(httpAuthScheme) { const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); if (index === -1) { _httpAuthSchemes.push(httpAuthScheme); } else { _httpAuthSchemes.splice(index, 1, httpAuthScheme); } }, httpAuthSchemes() { return _httpAuthSchemes; }, setHttpAuthSchemeProvider(httpAuthSchemeProvider) { _httpAuthSchemeProvider = httpAuthSchemeProvider; }, httpAuthSchemeProvider() { return _httpAuthSchemeProvider; }, setCredentials(credentials) { _credentials = credentials; }, credentials() { return _credentials; }, }; }; const resolveHttpAuthRuntimeConfig = (config) => { return { httpAuthSchemes: config.httpAuthSchemes(), httpAuthSchemeProvider: config.httpAuthSchemeProvider(), credentials: config.credentials(), }; }; const resolveRuntimeExtensions = (runtimeConfig, extensions) => { const extensionConfiguration = Object.assign(regionConfigResolver.getAwsRegionExtensionConfiguration(runtimeConfig), smithyClient.getDefaultExtensionConfiguration(runtimeConfig), protocolHttp.getHttpHandlerExtensionConfiguration(runtimeConfig), getHttpAuthExtensionConfiguration(runtimeConfig)); extensions.forEach((extension) => extension.configure(extensionConfiguration)); return Object.assign(runtimeConfig, regionConfigResolver.resolveAwsRegionExtensionConfiguration(extensionConfiguration), smithyClient.resolveDefaultRuntimeConfig(extensionConfiguration), protocolHttp.resolveHttpHandlerRuntimeConfig(extensionConfiguration), resolveHttpAuthRuntimeConfig(extensionConfiguration)); }; class SSOClient extends smithyClient.Client { config; constructor(...[configuration]) { const _config_0 = runtimeConfig.getRuntimeConfig(configuration || {}); super(_config_0); this.initConfig = _config_0; const _config_1 = resolveClientEndpointParameters(_config_0); const _config_2 = middlewareUserAgent.resolveUserAgentConfig(_config_1); const _config_3 = middlewareRetry.resolveRetryConfig(_config_2); const _config_4 = configResolver.resolveRegionConfig(_config_3); const _config_5 = middlewareHostHeader.resolveHostHeaderConfig(_config_4); const _config_6 = middlewareEndpoint.resolveEndpointConfig(_config_5); const _config_7 = httpAuthSchemeProvider.resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); this.config = _config_8; this.middlewareStack.use(schema.getSchemaSerdePlugin(this.config)); this.middlewareStack.use(middlewareUserAgent.getUserAgentPlugin(this.config)); this.middlewareStack.use(middlewareRetry.getRetryPlugin(this.config)); this.middlewareStack.use(middlewareContentLength.getContentLengthPlugin(this.config)); this.middlewareStack.use(middlewareHostHeader.getHostHeaderPlugin(this.config)); this.middlewareStack.use(middlewareLogger.getLoggerPlugin(this.config)); this.middlewareStack.use(middlewareRecursionDetection.getRecursionDetectionPlugin(this.config)); this.middlewareStack.use(core.getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { httpAuthSchemeParametersProvider: httpAuthSchemeProvider.defaultSSOHttpAuthSchemeParametersProvider, identityProviderConfigProvider: async (config) => new core.DefaultIdentityProviderConfig({ "aws.auth#sigv4": config.credentials, }), })); this.middlewareStack.use(core.getHttpSigningPlugin(this.config)); } destroy() { super.destroy(); } } class SSOServiceException extends smithyClient.ServiceException { constructor(options) { super(options); Object.setPrototypeOf(this, SSOServiceException.prototype); } } class InvalidRequestException extends SSOServiceException { name = "InvalidRequestException"; $fault = "client"; constructor(opts) { super({ name: "InvalidRequestException", $fault: "client", ...opts, }); Object.setPrototypeOf(this, InvalidRequestException.prototype); } } class ResourceNotFoundException extends SSOServiceException { name = "ResourceNotFoundException"; $fault = "client"; constructor(opts) { super({ name: "ResourceNotFoundException", $fault: "client", ...opts, }); Object.setPrototypeOf(this, ResourceNotFoundException.prototype); } } class TooManyRequestsException extends SSOServiceException { name = "TooManyRequestsException"; $fault = "client"; constructor(opts) { super({ name: "TooManyRequestsException", $fault: "client", ...opts, }); Object.setPrototypeOf(this, TooManyRequestsException.prototype); } } class UnauthorizedException extends SSOServiceException { name = "UnauthorizedException"; $fault = "client"; constructor(opts) { super({ name: "UnauthorizedException", $fault: "client", ...opts, }); Object.setPrototypeOf(this, UnauthorizedException.prototype); } } const _AI = "AccountInfo"; const _ALT = "AccountListType"; const _ATT = "AccessTokenType"; const _GRC = "GetRoleCredentials"; const _GRCR = "GetRoleCredentialsRequest"; const _GRCRe = "GetRoleCredentialsResponse"; const _IRE = "InvalidRequestException"; const _L = "Logout"; const _LA = "ListAccounts"; const _LAR = "ListAccountsRequest"; const _LARR = "ListAccountRolesRequest"; const _LARRi = "ListAccountRolesResponse"; const _LARi = "ListAccountsResponse"; const _LARis = "ListAccountRoles"; const _LR = "LogoutRequest"; const _RC = "RoleCredentials"; const _RI = "RoleInfo"; const _RLT = "RoleListType"; const _RNFE = "ResourceNotFoundException"; const _SAKT = "SecretAccessKeyType"; const _STT = "SessionTokenType"; const _TMRE = "TooManyRequestsException"; const _UE = "UnauthorizedException"; const _aI = "accountId"; const _aKI = "accessKeyId"; const _aL = "accountList"; const _aN = "accountName"; const _aT = "accessToken"; const _ai = "account_id"; const _c = "client"; const _e = "error"; const _eA = "emailAddress"; const _ex = "expiration"; const _h = "http"; const _hE = "httpError"; const _hH = "httpHeader"; const _hQ = "httpQuery"; const _m = "message"; const _mR = "maxResults"; const _mr = "max_result"; const _nT = "nextToken"; const _nt = "next_token"; const _rC = "roleCredentials"; const _rL = "roleList"; const _rN = "roleName"; const _rn = "role_name"; const _s = "smithy.ts.sdk.synthetic.com.amazonaws.sso"; const _sAK = "secretAccessKey"; const _sT = "sessionToken"; const _xasbt = "x-amz-sso_bearer_token"; const n0 = "com.amazonaws.sso"; var AccessTokenType = [0, n0, _ATT, 8, 0]; var SecretAccessKeyType = [0, n0, _SAKT, 8, 0]; var SessionTokenType = [0, n0, _STT, 8, 0]; var AccountInfo$ = [3, n0, _AI, 0, [_aI, _aN, _eA], [0, 0, 0] ]; var GetRoleCredentialsRequest$ = [3, n0, _GRCR, 0, [_rN, _aI, _aT], [[0, { [_hQ]: _rn }], [0, { [_hQ]: _ai }], [() => AccessTokenType, { [_hH]: _xasbt }]], 3 ]; var GetRoleCredentialsResponse$ = [3, n0, _GRCRe, 0, [_rC], [[() => RoleCredentials$, 0]] ]; var InvalidRequestException$ = [-3, n0, _IRE, { [_e]: _c, [_hE]: 400 }, [_m], [0] ]; schema.TypeRegistry.for(n0).registerError(InvalidRequestException$, InvalidRequestException); var ListAccountRolesRequest$ = [3, n0, _LARR, 0, [_aT, _aI, _nT, _mR], [[() => AccessTokenType, { [_hH]: _xasbt }], [0, { [_hQ]: _ai }], [0, { [_hQ]: _nt }], [1, { [_hQ]: _mr }]], 2 ]; var ListAccountRolesResponse$ = [3, n0, _LARRi, 0, [_nT, _rL], [0, () => RoleListType] ]; var ListAccountsRequest$ = [3, n0, _LAR, 0, [_aT, _nT, _mR], [[() => AccessTokenType, { [_hH]: _xasbt }], [0, { [_hQ]: _nt }], [1, { [_hQ]: _mr }]], 1 ]; var ListAccountsResponse$ = [3, n0, _LARi, 0, [_nT, _aL], [0, () => AccountListType] ]; var LogoutRequest$ = [3, n0, _LR, 0, [_aT], [[() => AccessTokenType, { [_hH]: _xasbt }]], 1 ]; var ResourceNotFoundException$ = [-3, n0, _RNFE, { [_e]: _c, [_hE]: 404 }, [_m], [0] ]; schema.TypeRegistry.for(n0).registerError(ResourceNotFoundException$, ResourceNotFoundException); var RoleCredentials$ = [3, n0, _RC, 0, [_aKI, _sAK, _sT, _ex], [0, [() => SecretAccessKeyType, 0], [() => SessionTokenType, 0], 1] ]; var RoleInfo$ = [3, n0, _RI, 0, [_rN, _aI], [0, 0] ]; var TooManyRequestsException$ = [-3, n0, _TMRE, { [_e]: _c, [_hE]: 429 }, [_m], [0] ]; schema.TypeRegistry.for(n0).registerError(TooManyRequestsException$, TooManyRequestsException); var UnauthorizedException$ = [-3, n0, _UE, { [_e]: _c, [_hE]: 401 }, [_m], [0] ]; schema.TypeRegistry.for(n0).registerError(UnauthorizedException$, UnauthorizedException); var __Unit = "unit"; var SSOServiceException$ = [-3, _s, "SSOServiceException", 0, [], []]; schema.TypeRegistry.for(_s).registerError(SSOServiceException$, SSOServiceException); var AccountListType = [1, n0, _ALT, 0, () => AccountInfo$ ]; var RoleListType = [1, n0, _RLT, 0, () => RoleInfo$ ]; var GetRoleCredentials$ = [9, n0, _GRC, { [_h]: ["GET", "/federation/credentials", 200] }, () => GetRoleCredentialsRequest$, () => GetRoleCredentialsResponse$ ]; var ListAccountRoles$ = [9, n0, _LARis, { [_h]: ["GET", "/assignment/roles", 200] }, () => ListAccountRolesRequest$, () => ListAccountRolesResponse$ ]; var ListAccounts$ = [9, n0, _LA, { [_h]: ["GET", "/assignment/accounts", 200] }, () => ListAccountsRequest$, () => ListAccountsResponse$ ]; var Logout$ = [9, n0, _L, { [_h]: ["POST", "/logout", 200] }, () => LogoutRequest$, () => __Unit ]; class GetRoleCredentialsCommand extends smithyClient.Command .classBuilder() .ep(commonParams) .m(function (Command, cs, config, o) { return [middlewareEndpoint.getEndpointPlugin(config, Command.getEndpointParameterInstructions())]; }) .s("SWBPortalService", "GetRoleCredentials", {}) .n("SSOClient", "GetRoleCredentialsCommand") .sc(GetRoleCredentials$) .build() { } class ListAccountRolesCommand extends smithyClient.Command .classBuilder() .ep(commonParams) .m(function (Command, cs, config, o) { return [middlewareEndpoint.getEndpointPlugin(config, Command.getEndpointParameterInstructions())]; }) .s("SWBPortalService", "ListAccountRoles", {}) .n("SSOClient", "ListAccountRolesCommand") .sc(ListAccountRoles$) .build() { } class ListAccountsCommand extends smithyClient.Command .classBuilder() .ep(commonParams) .m(function (Command, cs, config, o) { return [middlewareEndpoint.getEndpointPlugin(config, Command.getEndpointParameterInstructions())]; }) .s("SWBPortalService", "ListAccounts", {}) .n("SSOClient", "ListAccountsCommand") .sc(ListAccounts$) .build() { } class LogoutCommand extends smithyClient.Command .classBuilder() .ep(commonParams) .m(function (Command, cs, config, o) { return [middlewareEndpoint.getEndpointPlugin(config, Command.getEndpointParameterInstructions())]; }) .s("SWBPortalService", "Logout", {}) .n("SSOClient", "LogoutCommand") .sc(Logout$) .build() { } const commands = { GetRoleCredentialsCommand, ListAccountRolesCommand, ListAccountsCommand, LogoutCommand, }; class SSO extends SSOClient { } smithyClient.createAggregatedClient(commands, SSO); const paginateListAccountRoles = core.createPaginator(SSOClient, ListAccountRolesCommand, "nextToken", "nextToken", "maxResults"); const paginateListAccounts = core.createPaginator(SSOClient, ListAccountsCommand, "nextToken", "nextToken", "maxResults"); Object.defineProperty(exports, "$Command", ({ enumerable: true, get: function () { return smithyClient.Command; } })); Object.defineProperty(exports, "__Client", ({ enumerable: true, get: function () { return smithyClient.Client; } })); exports.AccountInfo$ = AccountInfo$; exports.GetRoleCredentials$ = GetRoleCredentials$; exports.GetRoleCredentialsCommand = GetRoleCredentialsCommand; exports.GetRoleCredentialsRequest$ = GetRoleCredentialsRequest$; exports.GetRoleCredentialsResponse$ = GetRoleCredentialsResponse$; exports.InvalidRequestException = InvalidRequestException; exports.InvalidRequestException$ = InvalidRequestException$; exports.ListAccountRoles$ = ListAccountRoles$; exports.ListAccountRolesCommand = ListAccountRolesCommand; exports.ListAccountRolesRequest$ = ListAccountRolesRequest$; exports.ListAccountRolesResponse$ = ListAccountRolesResponse$; exports.ListAccounts$ = ListAccounts$; exports.ListAccountsCommand = ListAccountsCommand; exports.ListAccountsRequest$ = ListAccountsRequest$; exports.ListAccountsResponse$ = ListAccountsResponse$; exports.Logout$ = Logout$; exports.LogoutCommand = LogoutCommand; exports.LogoutRequest$ = LogoutRequest$; exports.ResourceNotFoundException = ResourceNotFoundException; exports.ResourceNotFoundException$ = ResourceNotFoundException$; exports.RoleCredentials$ = RoleCredentials$; exports.RoleInfo$ = RoleInfo$; exports.SSO = SSO; exports.SSOClient = SSOClient; exports.SSOServiceException = SSOServiceException; exports.SSOServiceException$ = SSOServiceException$; exports.TooManyRequestsException = TooManyRequestsException; exports.TooManyRequestsException$ = TooManyRequestsException$; exports.UnauthorizedException = UnauthorizedException; exports.UnauthorizedException$ = UnauthorizedException$; exports.paginateListAccountRoles = paginateListAccountRoles; exports.paginateListAccounts = paginateListAccounts; /***/ }), /***/ 82696: /***/ ((__unused_webpack_module, exports, __webpack_require__) => { Object.defineProperty(exports, "__esModule", ({ value: true })); exports.getRuntimeConfig = void 0; const tslib_1 = __webpack_require__(61860); const package_json_1 = tslib_1.__importDefault(__webpack_require__(45188)); const core_1 = __webpack_require__(8704); const util_user_agent_node_1 = __webpack_require__(51656); const config_resolver_1 = __webpack_require__(39316); const hash_node_1 = __webpack_require__(5092); const middleware_retry_1 = __webpack_require__(19618); const node_config_provider_1 = __webpack_require__(55704); const node_http_handler_1 = __webpack_require__(61279); const smithy_client_1 = __webpack_require__(61411); const util_body_length_node_1 = __webpack_require__(13638); const util_defaults_mode_node_1 = __webpack_require__(15435); const util_retry_1 = __webpack_require__(15518); const runtimeConfig_shared_1 = __webpack_require__(8073); const getRuntimeConfig = (config) => { (0, smithy_client_1.emitWarningIfUnsupportedVersion)(process.version); const defaultsMode = (0, util_defaults_mode_node_1.resolveDefaultsModeConfig)(config); const defaultConfigProvider = () => defaultsMode().then(smithy_client_1.loadConfigsForDefaultMode); const clientSharedValues = (0, runtimeConfig_shared_1.getRuntimeConfig)(config); (0, core_1.emitWarningIfUnsupportedVersion)(process.version); const loaderConfig = { profile: config?.profile, logger: clientSharedValues.logger, }; return { ...clientSharedValues, ...config, runtime: "node", defaultsMode, authSchemePreference: config?.authSchemePreference ?? (0, node_config_provider_1.loadConfig)(core_1.NODE_AUTH_SCHEME_PREFERENCE_OPTIONS, loaderConfig), bodyLengthChecker: config?.bodyLengthChecker ?? util_body_length_node_1.calculateBodyLength, defaultUserAgentProvider: config?.defaultUserAgentProvider ?? (0, util_user_agent_node_1.createDefaultUserAgentProvider)({ serviceId: clientSharedValues.serviceId, clientVersion: package_json_1.default.version }), maxAttempts: config?.maxAttempts ?? (0, node_config_provider_1.loadConfig)(middleware_retry_1.NODE_MAX_ATTEMPT_CONFIG_OPTIONS, config), region: config?.region ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_REGION_CONFIG_OPTIONS, { ...config_resolver_1.NODE_REGION_CONFIG_FILE_OPTIONS, ...loaderConfig }), requestHandler: node_http_handler_1.NodeHttpHandler.create(config?.requestHandler ?? defaultConfigProvider), retryMode: config?.retryMode ?? (0, node_config_provider_1.loadConfig)({ ...middleware_retry_1.NODE_RETRY_MODE_CONFIG_OPTIONS, default: async () => (await defaultConfigProvider()).retryMode || util_retry_1.DEFAULT_RETRY_MODE, }, config), sha256: config?.sha256 ?? hash_node_1.Hash.bind(null, "sha256"), streamCollector: config?.streamCollector ?? node_http_handler_1.streamCollector, useDualstackEndpoint: config?.useDualstackEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS, loaderConfig), useFipsEndpoint: config?.useFipsEndpoint ?? (0, node_config_provider_1.loadConfig)(config_resolver_1.NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS, loaderConfig), userAgentAppId: config?.userAgentAppId ?? (0, node_config_provider_1.loadConfig)(util_user_agent_node_1.NODE_APP_ID_CONFIG_OPTIONS, loaderConfig), }; }; exports.getRuntimeConfig = getRuntimeConfig; /***/ }), /***/ 8073: /***/ ((__unused_webpack_module, exports, __webpack_require__) => { Object.defineProperty(exports, "__esModule", ({ value: true })); exports.getRuntimeConfig = void 0; const core_1 = __webpack_require__(8704); const protocols_1 = __webpack_require__(37288); const core_2 = __webpack_require__(90402); const smithy_client_1 = __webpack_require__(61411); const url_parser_1 = __webpack_require__(14494); const util_base64_1 = __webpack_require__(68385); const util_utf8_1 = __webpack_require__(71577); const httpAuthSchemeProvider_1 = __webpack_require__(62041); const endpointResolver_1 = __webpack_require__(13903); const getRuntimeConfig = (config) => { return { apiVersion: "2019-06-10", base64Decoder: config?.base64Decoder ?? util_base64_1.fromBase64, base64Encoder: config?.base64Encoder ?? util_base64_1.toBase64, disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? endpointResolver_1.defaultEndpointResolver, extensions: config?.extensions ?? [], httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? httpAuthSchemeProvider_1.defaultSSOHttpAuthSchemeProvider, httpAuthSchemes: config?.httpAuthSchemes ?? [ { schemeId: "aws.auth#sigv4", identityProvider: (ipc) => ipc.getIdentityProvider("aws.auth#sigv4"), signer: new core_1.AwsSdkSigV4Signer(), }, { schemeId: "smithy.api#noAuth", identityProvider: (ipc) => ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})), signer: new core_2.NoAuthSigner(), }, ], logger: config?.logger ?? new smithy_client_1.NoOpLogger(), protocol: config?.protocol ?? protocols_1.AwsRestJsonProtocol, protocolSettings: config?.protocolSettings ?? { defaultNamespace: "com.amazonaws.sso", version: "2019-06-10", serviceTarget: "SWBPortalService", }, serviceId: config?.serviceId ?? "SSO", urlParser: config?.urlParser ?? url_parser_1.parseUrl, utf8Decoder: config?.utf8Decoder ?? util_utf8_1.fromUtf8, utf8Encoder: config?.utf8Encoder ?? util_utf8_1.toUtf8, }; }; exports.getRuntimeConfig = getRuntimeConfig; /***/ }), /***/ 97523: /***/ ((__unused_webpack_module, exports, __webpack_require__) => { var protocolHttp = __webpack_require__(72356); var core = __webpack_require__(90402); var propertyProvider = __webpack_require__(71238); var client = __webpack_require__(5152); var signatureV4 = __webpack_require__(75118); const getDateHeader = (response) => protocolHttp.HttpResponse.isInstance(response) ? response.headers?.date ?? response.headers?.Date : undefined; const getSkewCorrectedDate = (systemClockOffset) => new Date(Date.now() + systemClockOffset); const isClockSkewed = (clockTime, systemClockOffset) => Math.abs(getSkewCorrectedDate(systemClockOffset).getTime() - clockTime) >= 300000; const getUpdatedSystemClockOffset = (clockTime, currentSystemClockOffset) => { const clockTimeInMs = Date.parse(clockTime); if (isClockSkewed(clockTimeInMs, currentSystemClockOffset)) { return clockTimeInMs - Date.now(); } return currentSystemClockOffset; }; const throwSigningPropertyError = (name, property) => { if (!property) { throw new Error(`Property \`${name}\` is not resolved for AWS SDK SigV4Auth`); } return property; }; const validateSigningProperties = async (signingProperties) => { const context = throwSigningPropertyError("context", signingProperties.context); const config = throwSigningPropertyError("config", signingProperties.config); const authScheme = context.endpointV2?.properties?.authSchemes?.[0]; const signerFunction = throwSigningPropertyError("signer", config.signer); const signer = await signerFunction(authScheme); const signingRegion = signingProperties?.signingRegion; const signingRegionSet = signingProperties?.signingRegionSet; const signingName = signingProperties?.signingName; return { config, signer, signingRegion, signingRegionSet, signingName, }; }; class AwsSdkSigV4Signer { async sign(httpRequest, identity, signingProperties) { if (!protocolHttp.HttpRequest.isInstance(httpRequest)) { throw new Error("The request is not an instance of `HttpRequest` and cannot be signed"); } const validatedProps = await validateSigningProperties(signingProperties); const { config, signer } = validatedProps; let { signingRegion, signingName } = validatedProps; const handlerExecutionContext = signingProperties.context; if (handlerExecutionContext?.authSchemes?.length ?? 0 > 1) { const [first, second] = handlerExecutionContext.authSchemes; if (first?.name === "sigv4a" && second?.name === "sigv4") { signingRegion = second?.signingRegion ?? signingRegion; signingName = second?.signingName ?? signingName; } } const signedRequest = await signer.sign(httpRequest, { signingDate: getSkewCorrectedDate(config.systemClockOffset), signingRegion: signingRegion, signingService: signingName, }); return signedRequest; } errorHandler(signingProperties) { return (error) => { const serverTime = error.ServerTime ?? getDateHeader(error.$response); if (serverTime) { const config = throwSigningPropertyError("config", signingProperties.config); const initialSystemClockOffset = config.systemClockOffset; config.systemClockOffset = getUpdatedSystemClockOffset(serverTime, config.systemClockOffset); const clockSkewCorrected = config.systemClockOffset !== initialSystemClockOffset; if (clockSkewCorrected && error.$metadata) { error.$metadata.clockSkewCorrected = true; } } throw error; }; } successHandler(httpResponse, signingProperties) { const dateHeader = getDateHeader(httpResponse); if (dateHeader) { const config = throwSigningPropertyError("config", signingProperties.config); config.systemClockOffset = getUpdatedSystemClockOffset(dateHeader, config.systemClockOffset); } } } const AWSSDKSigV4Signer = AwsSdkSigV4Signer; class AwsSdkSigV4ASigner extends AwsSdkSigV4Signer { async sign(httpRequest, identity, signingProperties) { if (!protocolHttp.HttpRequest.isInstance(httpRequest)) { throw new Error("The request is not an instance of `HttpRequest` and cannot be signed"); } const { config, signer, signingRegion, signingRegionSet, signingName } = await validateSigningProperties(signingProperties); const configResolvedSigningRegionSet = await config.sigv4aSigningRegionSet?.(); const multiRegionOverride = (configResolvedSigningRegionSet ?? signingRegionSet ?? [signingRegion]).join(","); const signedRequest = await signer.sign(httpRequest, { signingDate: getSkewCorrectedDate(config.systemClockOffset), signingRegion: multiRegionOverride, signingService: signingName, }); return signedRequest; } } const getArrayForCommaSeparatedString = (str) => typeof str === "string" && str.length > 0 ? str.split(",").map((item) => item.trim()) : []; const getBearerTokenEnvKey = (signingName) => `AWS_BEARER_TOKEN_${signingName.replace(/[\s-]/g, "_").toUpperCase()}`; const NODE_AUTH_SCHEME_PREFERENCE_ENV_KEY = "AWS_AUTH_SCHEME_PREFERENCE"; const NODE_AUTH_SCHEME_PREFERENCE_CONFIG_KEY = "auth_scheme_preference"; const NODE_AUTH_SCHEME_PREFERENCE_OPTIONS = { environmentVariableSelector: (env, options) => { if (options?.signingName) { const bearerTokenKey = getBearerTokenEnvKey(options.signingName); if (bearerTokenKey in env) return ["httpBearerAuth"]; } if (!(NODE_AUTH_SCHEME_PREFERENCE_ENV_KEY in env)) return undefined; return getArrayForCommaSeparatedString(env[NODE_AUTH_SCHEME_PREFERENCE_ENV_KEY]); }, configFileSelector: (profile) => { if (!(NODE_AUTH_SCHEME_PREFERENCE_CONFIG_KEY in profile)) return undefined; return getArrayForCommaSeparatedString(profile[NODE_AUTH_SCHEME_PREFERENCE_CONFIG_KEY]); }, default: [], }; const resolveAwsSdkSigV4AConfig = (config) => { config.sigv4aSigningRegionSet = core.normalizeProvider(config.sigv4aSigningRegionSet); return config; }; const NODE_SIGV4A_CONFIG_OPTIONS = { environmentVariableSelector(env) { if (env.AWS_SIGV4A_SIGNING_REGION_SET) { return env.AWS_SIGV4A_SIGNING_REGION_SET.split(",").map((_) => _.trim()); } throw new propertyProvider.ProviderError("AWS_SIGV4A_SIGNING_REGION_SET not set in env.", { tryNextLink: true, }); }, configFileSelector(profile) { if (profile.sigv4a_signing_region_set) { return (profile.sigv4a_signing_region_set ?? "").split(",").map((_) => _.trim()); } throw new propertyProvider.ProviderError("sigv4a_signing_region_set not set in profile.", { tryNextLink: true, }); }, default: undefined, }; const resolveAwsSdkSigV4Config = (config) => { let inputCredentials = config.credentials; let isUserSupplied = !!config.credentials; let resolvedCredentials = undefined; Object.defineProperty(config, "credentials", { set(credentials) { if (credentials && credentials !== inputCredentials && credentials !== resolvedCredentials) { isUserSupplied = true; } inputCredentials = credentials; const memoizedProvider = normalizeCredentialProvider(config, { credentials: inputCredentials, credentialDefaultProvider: config.credentialDefaultProvider, }); const boundProvider = bindCallerConfig(config, memoizedProvider); if (isUserSupplied && !boundProvider.attributed) { const isCredentialObject = typeof inputCredentials === "object" && inputCredentials !== null; resolvedCredentials = async (options) => { const creds = await boundProvider(options); const attributedCreds = creds; if (isCredentialObject && (!attributedCreds.$source || Object.keys(attributedCreds.$source).length === 0)) { return client.setCredentialFeature(attributedCreds, "CREDENTIALS_CODE", "e"); } return attributedCreds; }; resolvedCredentials.memoized = boundProvider.memoized; resolvedCredentials.configBound = boundProvider.configBound; resolvedCredentials.attributed = true; } else { resolvedCredentials = boundProvider; } }, get() { return resolvedCredentials; }, enumerable: true, configurable: true, }); config.credentials = inputCredentials; const { signingEscapePath = true, systemClockOffset = config.systemClockOffset || 0, sha256, } = config; let signer; if (config.signer) { signer = core.normalizeProvider(config.signer); } else if (config.regionInfoProvider) { signer = () => core.normalizeProvider(config.region)() .then(async (region) => [ (await config.regionInfoProvider(region, { useFipsEndpoint: await config.useFipsEndpoint(), useDualstackEndpoint: await config.useDualstackEndpoint(), })) || {}, region, ]) .then(([regionInfo, region]) => { const { signingRegion, signingService } = regionInfo; config.signingRegion = config.signingRegion || signingRegion || region; config.signingName = config.signingName || signingService || config.serviceId; const params = { ...config, credentials: config.credentials, region: config.signingRegion, service: config.signingName, sha256, uriEscapePath: signingEscapePath, }; const SignerCtor = config.signerConstructor || signatureV4.SignatureV4; return new SignerCtor(params); }); } else { signer = async (authScheme) => { authScheme = Object.assign({}, { name: "sigv4", signingName: config.signingName || config.defaultSigningName, signingRegion: await core.normalizeProvider(config.region)(), properties: {}, }, authScheme); const signingRegion = authScheme.signingRegion; const signingService = authScheme.signingName; config.signingRegion = config.signingRegion || signingRegion; config.signingName = config.signingName || signingService || config.serviceId; const params = { ...config, credentials: config.credentials, region: config.signingRegion, service: config.signingName, sha256, uriEscapePath: signingEscapePath, }; const SignerCtor = config.signerConstructor || signatureV4.SignatureV4; return new SignerCtor(params); }; } const resolvedConfig = Object.assign(config, { systemClockOffset, signingEscapePath, signer, }); return resolvedConfig; }; const resolveAWSSDKSigV4Config = resolveAwsSdkSigV4Config; function normalizeCredentialProvider(config, { credentials, credentialDefaultProvider, }) { let credentialsProvider; if (credentials) { if (!credentials?.memoized) { credentialsProvider = core.memoizeIdentityProvider(credentials, core.isIdentityExpired, core.doesIdentityRequireRefresh); } else { credentialsProvider = credentials; } } else { if (credentialDefaultProvider) { credentialsProvider = core.normalizeProvider(credentialDefaultProvider(Object.assign({}, config, { parentClientConfig: config, }))); } else { credentialsProvider = async () => { throw new Error("@aws-sdk/core::resolveAwsSdkSigV4Config - `credentials` not provided and no credentialDefaultProvider was configured."); }; } } credentialsProvider.memoized = true; return credentialsProvider; } function bindCallerConfig(config, credentialsProvider) { if (credentialsProvider.configBound) { return credentialsProvider; } const fn = async (options) => credentialsProvider({ ...options, callerClientConfig: config }); fn.memoized = credentialsProvider.memoized; fn.configBound = true; return fn; } exports.AWSSDKSigV4Signer = AWSSDKSigV4Signer; exports.AwsSdkSigV4ASigner = AwsSdkSigV4ASigner; exports.AwsSdkSigV4Signer = AwsSdkSigV4Signer; exports.NODE_AUTH_SCHEME_PREFERENCE_OPTIONS = NODE_AUTH_SCHEME_PREFERENCE_OPTIONS; exports.NODE_SIGV4A_CONFIG_OPTIONS = NODE_SIGV4A_CONFIG_OPTIONS; exports.getBearerTokenEnvKey = getBearerTokenEnvKey; exports.resolveAWSSDKSigV4Config = resolveAWSSDKSigV4Config; exports.resolveAwsSdkSigV4AConfig = resolveAwsSdkSigV4AConfig; exports.resolveAwsSdkSigV4Config = resolveAwsSdkSigV4Config; exports.validateSigningProperties = validateSigningProperties; /***/ }), /***/ 60998: /***/ ((__unused_webpack_module, exports, __webpack_require__) => { var __webpack_unused_export__; var propertyProvider = __webpack_require__(71238); var sharedIniFileLoader = __webpack_require__(94964); var client = __webpack_require__(5152); var tokenProviders = __webpack_require__(75433); const isSsoProfile = (arg) => arg && (typeof arg.sso_start_url === "string" || typeof arg.sso_account_id === "string" || typeof arg.sso_session === "string" || typeof arg.sso_region === "string" || typeof arg.sso_role_name === "string"); const SHOULD_FAIL_CREDENTIAL_CHAIN = false; const resolveSSOCredentials = async ({ ssoStartUrl, ssoSession, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, clientConfig, parentClientConfig, callerClientConfig, profile, filepath, configFilepath, ignoreCache, logger, }) => { let token; const refreshMessage = `To refresh this SSO session run aws sso login with the corresponding profile.`; if (ssoSession) { try { const _token = await tokenProviders.fromSso({ profile, filepath, configFilepath, ignoreCache, })(); token = { accessToken: _token.token, expiresAt: new Date(_token.expiration).toISOString(), }; } catch (e) { throw new propertyProvider.CredentialsProviderError(e.message, { tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN, logger, }); } } else { try { token = await sharedIniFileLoader.getSSOTokenFromFile(ssoStartUrl); } catch (e) { throw new propertyProvider.CredentialsProviderError(`The SSO session associated with this profile is invalid. ${refreshMessage}`, { tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN, logger, }); } } if (new Date(token.expiresAt).getTime() - Date.now() <= 0) { throw new propertyProvider.CredentialsProviderError(`The SSO session associated with this profile has expired. ${refreshMessage}`, { tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN, logger, }); } const { accessToken } = token; const { SSOClient, GetRoleCredentialsCommand } = await Promise.resolve().then(function () { return __webpack_require__(16553); }); const sso = ssoClient || new SSOClient(Object.assign({}, clientConfig ?? {}, { logger: clientConfig?.logger ?? callerClientConfig?.logger ?? parentClientConfig?.logger, region: clientConfig?.region ?? ssoRegion, userAgentAppId: clientConfig?.userAgentAppId ?? callerClientConfig?.userAgentAppId ?? parentClientConfig?.userAgentAppId, })); let ssoResp; try { ssoResp = await sso.send(new GetRoleCredentialsCommand({ accountId: ssoAccountId, roleName: ssoRoleName, accessToken, })); } catch (e) { throw new propertyProvider.CredentialsProviderError(e, { tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN, logger, }); } const { roleCredentials: { accessKeyId, secretAccessKey, sessionToken, expiration, credentialScope, accountId } = {}, } = ssoResp; if (!accessKeyId || !secretAccessKey || !sessionToken || !expiration) { throw new propertyProvider.CredentialsProviderError("SSO returns an invalid temporary credential.", { tryNextLink: SHOULD_FAIL_CREDENTIAL_CHAIN, logger, }); } const credentials = { accessKeyId, secretAccessKey, sessionToken, expiration: new Date(expiration), ...(credentialScope && { credentialScope }), ...(accountId && { accountId }), }; if (ssoSession) { client.setCredentialFeature(credentials, "CREDENTIALS_SSO", "s"); } else { client.setCredentialFeature(credentials, "CREDENTIALS_SSO_LEGACY", "u"); } return credentials; }; const validateSsoProfile = (profile, logger) => { const { sso_start_url, sso_account_id, sso_region, sso_role_name } = profile; if (!sso_start_url || !sso_account_id || !sso_region || !sso_role_name) { throw new propertyProvider.CredentialsProviderError(`Profile is configured with invalid SSO credentials. Required parameters "sso_account_id", ` + `"sso_region", "sso_role_name", "sso_start_url". Got ${Object.keys(profile).join(", ")}\nReference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html`, { tryNextLink: false, logger }); } return profile; }; const fromSSO = (init = {}) => async ({ callerClientConfig } = {}) => { init.logger?.debug("@aws-sdk/credential-provider-sso - fromSSO"); const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoSession } = init; const { ssoClient } = init; const profileName = sharedIniFileLoader.getProfileName({ profile: init.profile ?? callerClientConfig?.profile, }); if (!ssoStartUrl && !ssoAccountId && !ssoRegion && !ssoRoleName && !ssoSession) { const profiles = await sharedIniFileLoader.parseKnownFiles(init); const profile = profiles[profileName]; if (!profile) { throw new propertyProvider.CredentialsProviderError(`Profile ${profileName} was not found.`, { logger: init.logger }); } if (!isSsoProfile(profile)) { throw new propertyProvider.CredentialsProviderError(`Profile ${profileName} is not configured with SSO credentials.`, { logger: init.logger, }); } if (profile?.sso_session) { const ssoSessions = await sharedIniFileLoader.loadSsoSessionData(init); const session = ssoSessions[profile.sso_session]; const conflictMsg = ` configurations in profile ${profileName} and sso-session ${profile.sso_session}`; if (ssoRegion && ssoRegion !== session.sso_region) { throw new propertyProvider.CredentialsProviderError(`Conflicting SSO region` + conflictMsg, { tryNextLink: false, logger: init.logger, }); } if (ssoStartUrl && ssoStartUrl !== session.sso_start_url) { throw new propertyProvider.CredentialsProviderError(`Conflicting SSO start_url` + conflictMsg, { tryNextLink: false, logger: init.logger, }); } profile.sso_region = session.sso_region; profile.sso_start_url = session.sso_start_url; } const { sso_start_url, sso_account_id, sso_region, sso_role_name, sso_session } = validateSsoProfile(profile, init.logger); return resolveSSOCredentials({ ssoStartUrl: sso_start_url, ssoSession: sso_session, ssoAccountId: sso_account_id, ssoRegion: sso_region, ssoRoleName: sso_role_name, ssoClient: ssoClient, clientConfig: init.clientConfig, parentClientConfig: init.parentClientConfig, callerClientConfig: init.callerClientConfig, profile: profileName, filepath: init.filepath, configFilepath: init.configFilepath, ignoreCache: init.ignoreCache, logger: init.logger, }); } else if (!ssoStartUrl || !ssoAccountId || !ssoRegion || !ssoRoleName) { throw new propertyProvider.CredentialsProviderError("Incomplete configuration. The fromSSO() argument hash must include " + '"ssoStartUrl", "ssoAccountId", "ssoRegion", "ssoRoleName"', { tryNextLink: false, logger: init.logger }); } else { return resolveSSOCredentials({ ssoStartUrl, ssoSession, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, clientConfig: init.clientConfig, parentClientConfig: init.parentClientConfig, callerClientConfig: init.callerClientConfig, profile: profileName, filepath: init.filepath, configFilepath: init.configFilepath, ignoreCache: init.ignoreCache, logger: init.logger, }); } }; exports.fromSSO = fromSSO; __webpack_unused_export__ = isSsoProfile; __webpack_unused_export__ = validateSsoProfile; /***/ }), /***/ 16553: /***/ ((__unused_webpack_module, exports, __webpack_require__) => { var clientSso = __webpack_require__(62054); Object.defineProperty(exports, "GetRoleCredentialsCommand", ({ enumerable: true, get: function () { return clientSso.GetRoleCredentialsCommand; } })); Object.defineProperty(exports, "SSOClient", ({ enumerable: true, get: function () { return clientSso.SSOClient; } })); /***/ }), /***/ 75433: /***/ ((__unused_webpack_module, exports, __webpack_require__) => { var client = __webpack_require__(5152); var httpAuthSchemes = __webpack_require__(97523); var propertyProvider = __webpack_require__(71238); var sharedIniFileLoader = __webpack_require__(94964); var fs = __webpack_require__(79896); const fromEnvSigningName = ({ logger, signingName } = {}) => async () => { logger?.debug?.("@aws-sdk/token-providers - fromEnvSigningName"); if (!signingName) { throw new propertyProvider.TokenProviderError("Please pass 'signingName' to compute environment variable key", { logger }); } const bearerTokenKey = httpAuthSchemes.getBearerTokenEnvKey(signingName); if (!(bearerTokenKey in process.env)) { throw new propertyProvider.TokenProviderError(`Token not present in '${bearerTokenKey}' environment variable`, { logger }); } const token = { token: process.env[bearerTokenKey] }; client.setTokenFeature(token, "BEARER_SERVICE_ENV_VARS", "3"); return token; }; const EXPIRE_WINDOW_MS = 5 * 60 * 1000; const REFRESH_MESSAGE = `To refresh this SSO session run 'aws sso login' with the corresponding profile.`; const getSsoOidcClient = async (ssoRegion, init = {}, callerClientConfig) => { const { SSOOIDCClient } = await __webpack_require__.e(/* import() */ 443).then(__webpack_require__.t.bind(__webpack_require__, 89443, 19)); const coalesce = (prop) => init.clientConfig?.[prop] ?? init.parentClientConfig?.[prop] ?? callerClientConfig?.[prop]; const ssoOidcClient = new SSOOIDCClient(Object.assign({}, init.clientConfig ?? {}, { region: ssoRegion ?? init.clientConfig?.region, logger: coalesce("logger"), userAgentAppId: coalesce("userAgentAppId"), })); return ssoOidcClient; }; const getNewSsoOidcToken = async (ssoToken, ssoRegion, init = {}, callerClientConfig) => { const { CreateTokenCommand } = await __webpack_require__.e(/* import() */ 443).then(__webpack_require__.t.bind(__webpack_require__, 89443, 19)); const ssoOidcClient = await getSsoOidcClient(ssoRegion, init, callerClientConfig); return ssoOidcClient.send(new CreateTokenCommand({ clientId: ssoToken.clientId, clientSecret: ssoToken.clientSecret, refreshToken: ssoToken.refreshToken, grantType: "refresh_token", })); }; const validateTokenExpiry = (token) => { if (token.expiration && token.expiration.getTime() < Date.now()) { throw new propertyProvider.TokenProviderError(`Token is expired. ${REFRESH_MESSAGE}`, false); } }; const validateTokenKey = (key, value, forRefresh = false) => { if (typeof value === "undefined") { throw new propertyProvider.TokenProviderError(`Value not present for '${key}' in SSO Token${forRefresh ? ". Cannot refresh" : ""}. ${REFRESH_MESSAGE}`, false); } }; const { writeFile } = fs.promises; const writeSSOTokenToFile = (id, ssoToken) => { const tokenFilepath = sharedIniFileLoader.getSSOTokenFilepath(id); const tokenString = JSON.stringify(ssoToken, null, 2); return writeFile(tokenFilepath, tokenString); }; const lastRefreshAttemptTime = new Date(0); const fromSso = (init = {}) => async ({ callerClientConfig } = {}) => { init.logger?.debug("@aws-sdk/token-providers - fromSso"); const profiles = await sharedIniFileLoader.parseKnownFiles(init); const profileName = sharedIniFileLoader.getProfileName({ profile: init.profile ?? callerClientConfig?.profile, }); const profile = profiles[profileName]; if (!profile) { throw new propertyProvider.TokenProviderError(`Profile '${profileName}' could not be found in shared credentials file.`, false); } else if (!profile["sso_session"]) { throw new propertyProvider.TokenProviderError(`Profile '${profileName}' is missing required property 'sso_session'.`); } const ssoSessionName = profile["sso_session"]; const ssoSessions = await sharedIniFileLoader.loadSsoSessionData(init); const ssoSession = ssoSessions[ssoSessionName]; if (!ssoSession) { throw new propertyProvider.TokenProviderError(`Sso session '${ssoSessionName}' could not be found in shared credentials file.`, false); } for (const ssoSessionRequiredKey of ["sso_start_url", "sso_region"]) { if (!ssoSession[ssoSessionRequiredKey]) { throw new propertyProvider.TokenProviderError(`Sso session '${ssoSessionName}' is missing required property '${ssoSessionRequiredKey}'.`, false); } } ssoSession["sso_start_url"]; const ssoRegion = ssoSession["sso_region"]; let ssoToken; try { ssoToken = await sharedIniFileLoader.getSSOTokenFromFile(ssoSessionName); } catch (e) { throw new propertyProvider.TokenProviderError(`The SSO session token associated with profile=${profileName} was not found or is invalid. ${REFRESH_MESSAGE}`, false); } validateTokenKey("accessToken", ssoToken.accessToken); validateTokenKey("expiresAt", ssoToken.expiresAt); const { accessToken, expiresAt } = ssoToken; const existingToken = { token: accessToken, expiration: new Date(expiresAt) }; if (existingToken.expiration.getTime() - Date.now() > EXPIRE_WINDOW_MS) { return existingToken; } if (Date.now() - lastRefreshAttemptTime.getTime() < 30 * 1000) { validateTokenExpiry(existingToken); return existingToken; } validateTokenKey("clientId", ssoToken.clientId, true); validateTokenKey("clientSecret", ssoToken.clientSecret, true); validateTokenKey("refreshToken", ssoToken.refreshToken, true); try { lastRefreshAttemptTime.setTime(Date.now()); const newSsoOidcToken = await getNewSsoOidcToken(ssoToken, ssoRegion, init, callerClientConfig); validateTokenKey("accessToken", newSsoOidcToken.accessToken); validateTokenKey("expiresIn", newSsoOidcToken.expiresIn); const newTokenExpiration = new Date(Date.now() + newSsoOidcToken.expiresIn * 1000); try { await writeSSOTokenToFile(ssoSessionName, { ...ssoToken, accessToken: newSsoOidcToken.accessToken, expiresAt: newTokenExpiration.toISOString(), refreshToken: newSsoOidcToken.refreshToken, }); } catch (error) { } return { token: newSsoOidcToken.accessToken, expiration: newTokenExpiration, }; } catch (error) { validateTokenExpiry(existingToken); return existingToken; } }; const fromStatic = ({ token, logger }) => async () => { logger?.debug("@aws-sdk/token-providers - fromStatic"); if (!token || !token.token) { throw new propertyProvider.TokenProviderError(`Please pass a valid token to fromStatic`, false); } return token; }; const nodeProvider = (init = {}) => propertyProvider.memoize(propertyProvider.chain(fromSso(init), async () => { throw new propertyProvider.TokenProviderError("Could not load token from any providers", false); }), (token) => token.expiration !== undefined && token.expiration.getTime() - Date.now() < 300000, (token) => token.expiration !== undefined); exports.fromEnvSigningName = fromEnvSigningName; exports.fromSso = fromSso; exports.fromStatic = fromStatic; exports.nodeProvider = nodeProvider; /***/ }), /***/ 45188: /***/ ((module) => { module.exports = /*#__PURE__*/JSON.parse('{"name":"@aws-sdk/client-sso","description":"AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native","version":"3.975.0","scripts":{"build":"concurrently \'yarn:build:types\' \'yarn:build:es\' && yarn build:cjs","build:cjs":"node ../../scripts/compilation/inline client-sso","build:es":"tsc -p tsconfig.es.json","build:include:deps":"yarn g:turbo run build -F=\\"$npm_package_name\\"","build:types":"tsc -p tsconfig.types.json","build:types:downlevel":"downlevel-dts dist-types dist-types/ts3.4","clean":"premove dist-cjs dist-es dist-types tsconfig.cjs.tsbuildinfo tsconfig.es.tsbuildinfo tsconfig.types.tsbuildinfo","extract:docs":"api-extractor run --local","generate:client":"node ../../scripts/generate-clients/single-service --solo sso","test:index":"tsc --noEmit ./test/index-types.ts && node ./test/index-objects.spec.mjs"},"main":"./dist-cjs/index.js","types":"./dist-types/index.d.ts","module":"./dist-es/index.js","sideEffects":false,"dependencies":{"@aws-crypto/sha256-browser":"5.2.0","@aws-crypto/sha256-js":"5.2.0","@aws-sdk/core":"^3.973.1","@aws-sdk/middleware-host-header":"^3.972.1","@aws-sdk/middleware-logger":"^3.972.1","@aws-sdk/middleware-recursion-detection":"^3.972.1","@aws-sdk/middleware-user-agent":"^3.972.2","@aws-sdk/region-config-resolver":"^3.972.1","@aws-sdk/types":"^3.973.0","@aws-sdk/util-endpoints":"3.972.0","@aws-sdk/util-user-agent-browser":"^3.972.1","@aws-sdk/util-user-agent-node":"^3.972.1","@smithy/config-resolver":"^4.4.6","@smithy/core":"^3.21.1","@smithy/fetch-http-handler":"^5.3.9","@smithy/hash-node":"^4.2.8","@smithy/invalid-dependency":"^4.2.8","@smithy/middleware-content-length":"^4.2.8","@smithy/middleware-endpoint":"^4.4.11","@smithy/middleware-retry":"^4.4.27","@smithy/middleware-serde":"^4.2.9","@smithy/middleware-stack":"^4.2.8","@smithy/node-config-provider":"^4.3.8","@smithy/node-http-handler":"^4.4.8","@smithy/protocol-http":"^5.3.8","@smithy/smithy-client":"^4.10.12","@smithy/types":"^4.12.0","@smithy/url-parser":"^4.2.8","@smithy/util-base64":"^4.3.0","@smithy/util-body-length-browser":"^4.2.0","@smithy/util-body-length-node":"^4.2.1","@smithy/util-defaults-mode-browser":"^4.3.26","@smithy/util-defaults-mode-node":"^4.2.29","@smithy/util-endpoints":"^3.2.8","@smithy/util-middleware":"^4.2.8","@smithy/util-retry":"^4.2.8","@smithy/util-utf8":"^4.2.0","tslib":"^2.6.2"},"devDependencies":{"@tsconfig/node20":"20.1.8","@types/node":"^20.14.8","concurrently":"7.0.0","downlevel-dts":"0.10.1","premove":"4.0.0","typescript":"~5.8.3"},"engines":{"node":">=20.0.0"},"typesVersions":{"<4.0":{"dist-types/*":["dist-types/ts3.4/*"]}},"files":["dist-*/**"],"author":{"name":"AWS SDK for JavaScript Team","url":"https://aws.amazon.com/javascript/"},"license":"Apache-2.0","browser":{"./dist-es/runtimeConfig":"./dist-es/runtimeConfig.browser"},"react-native":{"./dist-es/runtimeConfig":"./dist-es/runtimeConfig.native"},"homepage":"https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso","repository":{"type":"git","url":"https://github.com/aws/aws-sdk-js-v3.git","directory":"clients/client-sso"}}'); /***/ }) }; ; //# sourceMappingURL=998.index.js.map