"use strict"; exports.id = 605; exports.ids = [605]; exports.modules = { /***/ 1509: /***/ ((__unused_webpack_module, exports, __webpack_require__) => { Object.defineProperty(exports, "__esModule", ({ value: true })); exports.checkUrl = void 0; const property_provider_1 = __webpack_require__(71238); const LOOPBACK_CIDR_IPv4 = "127.0.0.0/8"; const LOOPBACK_CIDR_IPv6 = "::1/128"; const ECS_CONTAINER_HOST = "169.254.170.2"; const EKS_CONTAINER_HOST_IPv4 = "169.254.170.23"; const EKS_CONTAINER_HOST_IPv6 = "[fd00:ec2::23]"; const checkUrl = (url, logger) => { if (url.protocol === "https:") { return; } if (url.hostname === ECS_CONTAINER_HOST || url.hostname === EKS_CONTAINER_HOST_IPv4 || url.hostname === EKS_CONTAINER_HOST_IPv6) { return; } if (url.hostname.includes("[")) { if (url.hostname === "[::1]" || url.hostname === "[0000:0000:0000:0000:0000:0000:0000:0001]") { return; } } else { if (url.hostname === "localhost") { return; } const ipComponents = url.hostname.split("."); const inRange = (component) => { const num = parseInt(component, 10); return 0 <= num && num <= 255; }; if (ipComponents[0] === "127" && inRange(ipComponents[1]) && inRange(ipComponents[2]) && inRange(ipComponents[3]) && ipComponents.length === 4) { return; } } throw new property_provider_1.CredentialsProviderError(`URL not accepted. It must either be HTTPS or match one of the following: - loopback CIDR 127.0.0.0/8 or [::1/128] - ECS container host 169.254.170.2 - EKS container host 169.254.170.23 or [fd00:ec2::23]`, { logger }); }; exports.checkUrl = checkUrl; /***/ }), /***/ 68712: /***/ ((__unused_webpack_module, exports, __webpack_require__) => { Object.defineProperty(exports, "__esModule", ({ value: true })); exports.fromHttp = void 0; const tslib_1 = __webpack_require__(61860); const client_1 = __webpack_require__(5152); const node_http_handler_1 = __webpack_require__(61279); const property_provider_1 = __webpack_require__(71238); const promises_1 = tslib_1.__importDefault(__webpack_require__(91943)); const checkUrl_1 = __webpack_require__(1509); const requestHelpers_1 = __webpack_require__(78914); const retry_wrapper_1 = __webpack_require__(51122); const AWS_CONTAINER_CREDENTIALS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI"; const DEFAULT_LINK_LOCAL_HOST = "http://169.254.170.2"; const AWS_CONTAINER_CREDENTIALS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI"; const AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE"; const AWS_CONTAINER_AUTHORIZATION_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN"; const fromHttp = (options = {}) => { options.logger?.debug("@aws-sdk/credential-provider-http - fromHttp"); let host; const relative = options.awsContainerCredentialsRelativeUri ?? process.env[AWS_CONTAINER_CREDENTIALS_RELATIVE_URI]; const full = options.awsContainerCredentialsFullUri ?? process.env[AWS_CONTAINER_CREDENTIALS_FULL_URI]; const token = options.awsContainerAuthorizationToken ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN]; const tokenFile = options.awsContainerAuthorizationTokenFile ?? process.env[AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE]; const warn = options.logger?.constructor?.name === "NoOpLogger" || !options.logger?.warn ? console.warn : options.logger.warn.bind(options.logger); if (relative && full) { warn("@aws-sdk/credential-provider-http: " + "you have set both awsContainerCredentialsRelativeUri and awsContainerCredentialsFullUri."); warn("awsContainerCredentialsFullUri will take precedence."); } if (token && tokenFile) { warn("@aws-sdk/credential-provider-http: " + "you have set both awsContainerAuthorizationToken and awsContainerAuthorizationTokenFile."); warn("awsContainerAuthorizationToken will take precedence."); } if (full) { host = full; } else if (relative) { host = `${DEFAULT_LINK_LOCAL_HOST}${relative}`; } else { throw new property_provider_1.CredentialsProviderError(`No HTTP credential provider host provided. Set AWS_CONTAINER_CREDENTIALS_FULL_URI or AWS_CONTAINER_CREDENTIALS_RELATIVE_URI.`, { logger: options.logger }); } const url = new URL(host); (0, checkUrl_1.checkUrl)(url, options.logger); const requestHandler = node_http_handler_1.NodeHttpHandler.create({ requestTimeout: options.timeout ?? 1000, connectionTimeout: options.timeout ?? 1000, }); return (0, retry_wrapper_1.retryWrapper)(async () => { const request = (0, requestHelpers_1.createGetRequest)(url); if (token) { request.headers.Authorization = token; } else if (tokenFile) { request.headers.Authorization = (await promises_1.default.readFile(tokenFile)).toString(); } try { const result = await requestHandler.handle(request); return (0, requestHelpers_1.getCredentials)(result.response).then((creds) => (0, client_1.setCredentialFeature)(creds, "CREDENTIALS_HTTP", "z")); } catch (e) { throw new property_provider_1.CredentialsProviderError(String(e), { logger: options.logger }); } }, options.maxRetries ?? 3, options.timeout ?? 1000); }; exports.fromHttp = fromHttp; /***/ }), /***/ 78914: /***/ ((__unused_webpack_module, exports, __webpack_require__) => { Object.defineProperty(exports, "__esModule", ({ value: true })); exports.createGetRequest = createGetRequest; exports.getCredentials = getCredentials; const property_provider_1 = __webpack_require__(71238); const protocol_http_1 = __webpack_require__(72356); const smithy_client_1 = __webpack_require__(61411); const util_stream_1 = __webpack_require__(4252); function createGetRequest(url) { return new protocol_http_1.HttpRequest({ protocol: url.protocol, hostname: url.hostname, port: Number(url.port), path: url.pathname, query: Array.from(url.searchParams.entries()).reduce((acc, [k, v]) => { acc[k] = v; return acc; }, {}), fragment: url.hash, }); } async function getCredentials(response, logger) { const stream = (0, util_stream_1.sdkStreamMixin)(response.body); const str = await stream.transformToString(); if (response.statusCode === 200) { const parsed = JSON.parse(str); if (typeof parsed.AccessKeyId !== "string" || typeof parsed.SecretAccessKey !== "string" || typeof parsed.Token !== "string" || typeof parsed.Expiration !== "string") { throw new property_provider_1.CredentialsProviderError("HTTP credential provider response not of the required format, an object matching: " + "{ AccessKeyId: string, SecretAccessKey: string, Token: string, Expiration: string(rfc3339) }", { logger }); } return { accessKeyId: parsed.AccessKeyId, secretAccessKey: parsed.SecretAccessKey, sessionToken: parsed.Token, expiration: (0, smithy_client_1.parseRfc3339DateTime)(parsed.Expiration), }; } if (response.statusCode >= 400 && response.statusCode < 500) { let parsedBody = {}; try { parsedBody = JSON.parse(str); } catch (e) { } throw Object.assign(new property_provider_1.CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger }), { Code: parsedBody.Code, Message: parsedBody.Message, }); } throw new property_provider_1.CredentialsProviderError(`Server responded with status: ${response.statusCode}`, { logger }); } /***/ }), /***/ 51122: /***/ ((__unused_webpack_module, exports) => { Object.defineProperty(exports, "__esModule", ({ value: true })); exports.retryWrapper = void 0; const retryWrapper = (toRetry, maxRetries, delayMs) => { return async () => { for (let i = 0; i < maxRetries; ++i) { try { return await toRetry(); } catch (e) { await new Promise((resolve) => setTimeout(resolve, delayMs)); } } return await toRetry(); }; }; exports.retryWrapper = retryWrapper; /***/ }), /***/ 98605: /***/ ((__unused_webpack_module, exports, __webpack_require__) => { var __webpack_unused_export__; __webpack_unused_export__ = ({ value: true }); exports.fromHttp = void 0; var fromHttp_1 = __webpack_require__(68712); Object.defineProperty(exports, "fromHttp", ({ enumerable: true, get: function () { return fromHttp_1.fromHttp; } })); /***/ }) }; ; //# sourceMappingURL=605.index.js.map