Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Socket
Sign inDemoInstall

@aws-sdk/credential-provider-imds

Package Overview
Dependencies
Maintainers
5
Versions
140
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@aws-sdk/credential-provider-imds - npm Package Compare versions

Comparing version 3.186.0 to 3.188.0

8

CHANGELOG.md

@@ -6,2 +6,10 @@ # Change Log

# [3.188.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.187.0...v3.188.0) (2022-10-13)
**Note:** Version bump only for package @aws-sdk/credential-provider-imds
# [3.186.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.185.0...v3.186.0) (2022-10-06)

@@ -8,0 +16,0 @@

10

dist-es/config/EndpointConfigOptions.js

@@ -1,7 +0,7 @@

export var ENV_ENDPOINT_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT";
export var CONFIG_ENDPOINT_NAME = "ec2_metadata_service_endpoint";
export var ENDPOINT_CONFIG_OPTIONS = {
environmentVariableSelector: function (env) { return env[ENV_ENDPOINT_NAME]; },
configFileSelector: function (profile) { return profile[CONFIG_ENDPOINT_NAME]; },
export const ENV_ENDPOINT_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT";
export const CONFIG_ENDPOINT_NAME = "ec2_metadata_service_endpoint";
export const ENDPOINT_CONFIG_OPTIONS = {
environmentVariableSelector: (env) => env[ENV_ENDPOINT_NAME],
configFileSelector: (profile) => profile[CONFIG_ENDPOINT_NAME],
default: undefined,
};

10

dist-es/config/EndpointModeConfigOptions.js
import { EndpointMode } from "./EndpointMode";
export var ENV_ENDPOINT_MODE_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE";
export var CONFIG_ENDPOINT_MODE_NAME = "ec2_metadata_service_endpoint_mode";
export var ENDPOINT_MODE_CONFIG_OPTIONS = {
environmentVariableSelector: function (env) { return env[ENV_ENDPOINT_MODE_NAME]; },
configFileSelector: function (profile) { return profile[CONFIG_ENDPOINT_MODE_NAME]; },
export const ENV_ENDPOINT_MODE_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE";
export const CONFIG_ENDPOINT_MODE_NAME = "ec2_metadata_service_endpoint_mode";
export const ENDPOINT_MODE_CONFIG_OPTIONS = {
environmentVariableSelector: (env) => env[ENV_ENDPOINT_MODE_NAME],
configFileSelector: (profile) => profile[CONFIG_ENDPOINT_MODE_NAME],
default: EndpointMode.IPv4,
};

116

dist-es/fromContainerMetadata.js

@@ -1,2 +0,1 @@

import { __assign, __awaiter, __generator } from "tslib";
import { CredentialsProviderError } from "@aws-sdk/property-provider";

@@ -8,76 +7,61 @@ import { parse } from "url";

import { retry } from "./remoteProvider/retry";
export var ENV_CMDS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI";
export var ENV_CMDS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI";
export var ENV_CMDS_AUTH_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN";
export var fromContainerMetadata = function (init) {
if (init === void 0) { init = {}; }
var _a = providerConfigFromInit(init), timeout = _a.timeout, maxRetries = _a.maxRetries;
return function () {
return retry(function () { return __awaiter(void 0, void 0, void 0, function () {
var requestOptions, credsResponse, _a, _b;
return __generator(this, function (_c) {
switch (_c.label) {
case 0: return [4, getCmdsUri()];
case 1:
requestOptions = _c.sent();
_b = (_a = JSON).parse;
return [4, requestFromEcsImds(timeout, requestOptions)];
case 2:
credsResponse = _b.apply(_a, [_c.sent()]);
if (!isImdsCredentials(credsResponse)) {
throw new CredentialsProviderError("Invalid response received from instance metadata service.");
}
return [2, fromImdsCredentials(credsResponse)];
}
});
}); }, maxRetries);
};
export const ENV_CMDS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI";
export const ENV_CMDS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI";
export const ENV_CMDS_AUTH_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN";
export const fromContainerMetadata = (init = {}) => {
const { timeout, maxRetries } = providerConfigFromInit(init);
return () => retry(async () => {
const requestOptions = await getCmdsUri();
const credsResponse = JSON.parse(await requestFromEcsImds(timeout, requestOptions));
if (!isImdsCredentials(credsResponse)) {
throw new CredentialsProviderError("Invalid response received from instance metadata service.");
}
return fromImdsCredentials(credsResponse);
}, maxRetries);
};
var requestFromEcsImds = function (timeout, options) { return __awaiter(void 0, void 0, void 0, function () {
var buffer;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
if (process.env[ENV_CMDS_AUTH_TOKEN]) {
options.headers = __assign(__assign({}, options.headers), { Authorization: process.env[ENV_CMDS_AUTH_TOKEN] });
}
return [4, httpRequest(__assign(__assign({}, options), { timeout: timeout }))];
case 1:
buffer = _a.sent();
return [2, buffer.toString()];
}
const requestFromEcsImds = async (timeout, options) => {
if (process.env[ENV_CMDS_AUTH_TOKEN]) {
options.headers = {
...options.headers,
Authorization: process.env[ENV_CMDS_AUTH_TOKEN],
};
}
const buffer = await httpRequest({
...options,
timeout,
});
}); };
var CMDS_IP = "169.254.170.2";
var GREENGRASS_HOSTS = {
return buffer.toString();
};
const CMDS_IP = "169.254.170.2";
const GREENGRASS_HOSTS = {
localhost: true,
"127.0.0.1": true,
};
var GREENGRASS_PROTOCOLS = {
const GREENGRASS_PROTOCOLS = {
"http:": true,
"https:": true,
};
var getCmdsUri = function () { return __awaiter(void 0, void 0, void 0, function () {
var parsed;
return __generator(this, function (_a) {
if (process.env[ENV_CMDS_RELATIVE_URI]) {
return [2, {
hostname: CMDS_IP,
path: process.env[ENV_CMDS_RELATIVE_URI],
}];
const getCmdsUri = async () => {
if (process.env[ENV_CMDS_RELATIVE_URI]) {
return {
hostname: CMDS_IP,
path: process.env[ENV_CMDS_RELATIVE_URI],
};
}
if (process.env[ENV_CMDS_FULL_URI]) {
const parsed = parse(process.env[ENV_CMDS_FULL_URI]);
if (!parsed.hostname || !(parsed.hostname in GREENGRASS_HOSTS)) {
throw new CredentialsProviderError(`${parsed.hostname} is not a valid container metadata service hostname`, false);
}
if (process.env[ENV_CMDS_FULL_URI]) {
parsed = parse(process.env[ENV_CMDS_FULL_URI]);
if (!parsed.hostname || !(parsed.hostname in GREENGRASS_HOSTS)) {
throw new CredentialsProviderError("".concat(parsed.hostname, " is not a valid container metadata service hostname"), false);
}
if (!parsed.protocol || !(parsed.protocol in GREENGRASS_PROTOCOLS)) {
throw new CredentialsProviderError("".concat(parsed.protocol, " is not a valid container metadata service protocol"), false);
}
return [2, __assign(__assign({}, parsed), { port: parsed.port ? parseInt(parsed.port, 10) : undefined })];
if (!parsed.protocol || !(parsed.protocol in GREENGRASS_PROTOCOLS)) {
throw new CredentialsProviderError(`${parsed.protocol} is not a valid container metadata service protocol`, false);
}
throw new CredentialsProviderError("The container metadata credential provider cannot be used unless" +
" the ".concat(ENV_CMDS_RELATIVE_URI, " or ").concat(ENV_CMDS_FULL_URI, " environment") +
" variable is set", false);
});
}); };
return {
...parsed,
port: parsed.port ? parseInt(parsed.port, 10) : undefined,
};
}
throw new CredentialsProviderError("The container metadata credential provider cannot be used unless" +
` the ${ENV_CMDS_RELATIVE_URI} or ${ENV_CMDS_FULL_URI} environment` +
" variable is set", false);
};

200

dist-es/fromInstanceMetadata.js

@@ -1,2 +0,1 @@

import { __assign, __awaiter, __generator } from "tslib";
import { CredentialsProviderError } from "@aws-sdk/property-provider";

@@ -9,124 +8,85 @@ import { httpRequest } from "./remoteProvider/httpRequest";

import { staticStabilityProvider } from "./utils/staticStabilityProvider";
var IMDS_PATH = "/latest/meta-data/iam/security-credentials/";
var IMDS_TOKEN_PATH = "/latest/api/token";
export var fromInstanceMetadata = function (init) {
if (init === void 0) { init = {}; }
return staticStabilityProvider(getInstanceImdsProvider(init), { logger: init.logger });
};
var getInstanceImdsProvider = function (init) {
var disableFetchToken = false;
var _a = providerConfigFromInit(init), timeout = _a.timeout, maxRetries = _a.maxRetries;
var getCredentials = function (maxRetries, options) { return __awaiter(void 0, void 0, void 0, function () {
var profile;
return __generator(this, function (_a) {
switch (_a.label) {
case 0: return [4, retry(function () { return __awaiter(void 0, void 0, void 0, function () {
var profile, err_1;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
_a.trys.push([0, 2, , 3]);
return [4, getProfile(options)];
case 1:
profile = _a.sent();
return [3, 3];
case 2:
err_1 = _a.sent();
if (err_1.statusCode === 401) {
disableFetchToken = false;
}
throw err_1;
case 3: return [2, profile];
}
});
}); }, maxRetries)];
case 1:
profile = (_a.sent()).trim();
return [2, retry(function () { return __awaiter(void 0, void 0, void 0, function () {
var creds, err_2;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
_a.trys.push([0, 2, , 3]);
return [4, getCredentialsFromProfile(profile, options)];
case 1:
creds = _a.sent();
return [3, 3];
case 2:
err_2 = _a.sent();
if (err_2.statusCode === 401) {
disableFetchToken = false;
}
throw err_2;
case 3: return [2, creds];
}
});
}); }, maxRetries)];
const IMDS_PATH = "/latest/meta-data/iam/security-credentials/";
const IMDS_TOKEN_PATH = "/latest/api/token";
export const fromInstanceMetadata = (init = {}) => staticStabilityProvider(getInstanceImdsProvider(init), { logger: init.logger });
const getInstanceImdsProvider = (init) => {
let disableFetchToken = false;
const { timeout, maxRetries } = providerConfigFromInit(init);
const getCredentials = async (maxRetries, options) => {
const profile = (await retry(async () => {
let profile;
try {
profile = await getProfile(options);
}
});
}); };
return function () { return __awaiter(void 0, void 0, void 0, function () {
var endpoint, token, error_1;
return __generator(this, function (_a) {
switch (_a.label) {
case 0: return [4, getInstanceMetadataEndpoint()];
case 1:
endpoint = _a.sent();
if (!disableFetchToken) return [3, 2];
return [2, getCredentials(maxRetries, __assign(__assign({}, endpoint), { timeout: timeout }))];
case 2:
token = void 0;
_a.label = 3;
case 3:
_a.trys.push([3, 5, , 6]);
return [4, getMetadataToken(__assign(__assign({}, endpoint), { timeout: timeout }))];
case 4:
token = (_a.sent()).toString();
return [3, 6];
case 5:
error_1 = _a.sent();
if ((error_1 === null || error_1 === void 0 ? void 0 : error_1.statusCode) === 400) {
throw Object.assign(error_1, {
message: "EC2 Metadata token request returned error",
});
}
else if (error_1.message === "TimeoutError" || [403, 404, 405].includes(error_1.statusCode)) {
disableFetchToken = true;
}
return [2, getCredentials(maxRetries, __assign(__assign({}, endpoint), { timeout: timeout }))];
case 6: return [2, getCredentials(maxRetries, __assign(__assign({}, endpoint), { headers: {
"x-aws-ec2-metadata-token": token,
}, timeout: timeout }))];
catch (err) {
if (err.statusCode === 401) {
disableFetchToken = false;
}
throw err;
}
});
}); };
return profile;
}, maxRetries)).trim();
return retry(async () => {
let creds;
try {
creds = await getCredentialsFromProfile(profile, options);
}
catch (err) {
if (err.statusCode === 401) {
disableFetchToken = false;
}
throw err;
}
return creds;
}, maxRetries);
};
return async () => {
const endpoint = await getInstanceMetadataEndpoint();
if (disableFetchToken) {
return getCredentials(maxRetries, { ...endpoint, timeout });
}
else {
let token;
try {
token = (await getMetadataToken({ ...endpoint, timeout })).toString();
}
catch (error) {
if (error?.statusCode === 400) {
throw Object.assign(error, {
message: "EC2 Metadata token request returned error",
});
}
else if (error.message === "TimeoutError" || [403, 404, 405].includes(error.statusCode)) {
disableFetchToken = true;
}
return getCredentials(maxRetries, { ...endpoint, timeout });
}
return getCredentials(maxRetries, {
...endpoint,
headers: {
"x-aws-ec2-metadata-token": token,
},
timeout,
});
}
};
};
var getMetadataToken = function (options) { return __awaiter(void 0, void 0, void 0, function () {
return __generator(this, function (_a) {
return [2, httpRequest(__assign(__assign({}, options), { path: IMDS_TOKEN_PATH, method: "PUT", headers: {
"x-aws-ec2-metadata-token-ttl-seconds": "21600",
} }))];
});
}); };
var getProfile = function (options) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
switch (_a.label) {
case 0: return [4, httpRequest(__assign(__assign({}, options), { path: IMDS_PATH }))];
case 1: return [2, (_a.sent()).toString()];
const getMetadataToken = async (options) => httpRequest({
...options,
path: IMDS_TOKEN_PATH,
method: "PUT",
headers: {
"x-aws-ec2-metadata-token-ttl-seconds": "21600",
},
});
const getProfile = async (options) => (await httpRequest({ ...options, path: IMDS_PATH })).toString();
const getCredentialsFromProfile = async (profile, options) => {
const credsResponse = JSON.parse((await httpRequest({
...options,
path: IMDS_PATH + profile,
})).toString());
if (!isImdsCredentials(credsResponse)) {
throw new CredentialsProviderError("Invalid response received from instance metadata service.");
}
}); }); };
var getCredentialsFromProfile = function (profile, options) { return __awaiter(void 0, void 0, void 0, function () {
var credsResponse, _a, _b;
return __generator(this, function (_c) {
switch (_c.label) {
case 0:
_b = (_a = JSON).parse;
return [4, httpRequest(__assign(__assign({}, options), { path: IMDS_PATH + profile }))];
case 1:
credsResponse = _b.apply(_a, [(_c.sent()).toString()]);
if (!isImdsCredentials(credsResponse)) {
throw new CredentialsProviderError("Invalid response received from instance metadata service.");
}
return [2, fromImdsCredentials(credsResponse)];
}
});
}); };
return fromImdsCredentials(credsResponse);
};

26

dist-es/remoteProvider/httpRequest.js

@@ -1,2 +0,1 @@

import { __assign } from "tslib";
import { ProviderError } from "@aws-sdk/property-provider";

@@ -6,24 +5,27 @@ import { Buffer } from "buffer";

export function httpRequest(options) {
return new Promise(function (resolve, reject) {
var _a;
var req = request(__assign(__assign({ method: "GET" }, options), { hostname: (_a = options.hostname) === null || _a === void 0 ? void 0 : _a.replace(/^\[(.+)\]$/, "$1") }));
req.on("error", function (err) {
return new Promise((resolve, reject) => {
const req = request({
method: "GET",
...options,
hostname: options.hostname?.replace(/^\[(.+)\]$/, "$1"),
});
req.on("error", (err) => {
reject(Object.assign(new ProviderError("Unable to connect to instance metadata service"), err));
req.destroy();
});
req.on("timeout", function () {
req.on("timeout", () => {
reject(new ProviderError("TimeoutError from instance metadata service"));
req.destroy();
});
req.on("response", function (res) {
var _a = res.statusCode, statusCode = _a === void 0 ? 400 : _a;
req.on("response", (res) => {
const { statusCode = 400 } = res;
if (statusCode < 200 || 300 <= statusCode) {
reject(Object.assign(new ProviderError("Error response received from instance metadata service"), { statusCode: statusCode }));
reject(Object.assign(new ProviderError("Error response received from instance metadata service"), { statusCode }));
req.destroy();
}
var chunks = [];
res.on("data", function (chunk) {
const chunks = [];
res.on("data", (chunk) => {
chunks.push(chunk);
});
res.on("end", function () {
res.on("end", () => {
resolve(Buffer.concat(chunks));

@@ -30,0 +32,0 @@ req.destroy();

18

dist-es/remoteProvider/ImdsCredentials.js

@@ -1,10 +0,8 @@

export var isImdsCredentials = function (arg) {
return Boolean(arg) &&
typeof arg === "object" &&
typeof arg.AccessKeyId === "string" &&
typeof arg.SecretAccessKey === "string" &&
typeof arg.Token === "string" &&
typeof arg.Expiration === "string";
};
export var fromImdsCredentials = function (creds) { return ({
export const isImdsCredentials = (arg) => Boolean(arg) &&
typeof arg === "object" &&
typeof arg.AccessKeyId === "string" &&
typeof arg.SecretAccessKey === "string" &&
typeof arg.Token === "string" &&
typeof arg.Expiration === "string";
export const fromImdsCredentials = (creds) => ({
accessKeyId: creds.AccessKeyId,

@@ -14,2 +12,2 @@ secretAccessKey: creds.SecretAccessKey,

expiration: new Date(creds.Expiration),
}); };
});

9

dist-es/remoteProvider/RemoteProviderInit.js

@@ -1,6 +0,3 @@

export var DEFAULT_TIMEOUT = 1000;
export var DEFAULT_MAX_RETRIES = 0;
export var providerConfigFromInit = function (_a) {
var _b = _a.maxRetries, maxRetries = _b === void 0 ? DEFAULT_MAX_RETRIES : _b, _c = _a.timeout, timeout = _c === void 0 ? DEFAULT_TIMEOUT : _c;
return ({ maxRetries: maxRetries, timeout: timeout });
};
export const DEFAULT_TIMEOUT = 1000;
export const DEFAULT_MAX_RETRIES = 0;
export const providerConfigFromInit = ({ maxRetries = DEFAULT_MAX_RETRIES, timeout = DEFAULT_TIMEOUT, }) => ({ maxRetries, timeout });

6

dist-es/remoteProvider/retry.js

@@ -1,4 +0,4 @@

export var retry = function (toRetry, maxRetries) {
var promise = toRetry();
for (var i = 0; i < maxRetries; i++) {
export const retry = (toRetry, maxRetries) => {
let promise = toRetry();
for (let i = 0; i < maxRetries; i++) {
promise = promise.catch(toRetry);

@@ -5,0 +5,0 @@ }

22

dist-es/utils/getExtendedInstanceMetadataCredentials.js

@@ -1,15 +0,17 @@

import { __assign } from "tslib";
var STATIC_STABILITY_REFRESH_INTERVAL_SECONDS = 5 * 60;
var STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS = 5 * 60;
var STATIC_STABILITY_DOC_URL = "https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html";
export var getExtendedInstanceMetadataCredentials = function (credentials, logger) {
var _a;
var refreshInterval = STATIC_STABILITY_REFRESH_INTERVAL_SECONDS +
const STATIC_STABILITY_REFRESH_INTERVAL_SECONDS = 5 * 60;
const STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS = 5 * 60;
const STATIC_STABILITY_DOC_URL = "https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html";
export const getExtendedInstanceMetadataCredentials = (credentials, logger) => {
const refreshInterval = STATIC_STABILITY_REFRESH_INTERVAL_SECONDS +
Math.floor(Math.random() * STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS);
var newExpiration = new Date(Date.now() + refreshInterval * 1000);
const newExpiration = new Date(Date.now() + refreshInterval * 1000);
logger.warn("Attempting credential expiration extension due to a credential service availability issue. A refresh of these " +
"credentials will be attempted after ${new Date(newExpiration)}.\nFor more information, please visit: " +
STATIC_STABILITY_DOC_URL);
var originalExpiration = (_a = credentials.originalExpiration) !== null && _a !== void 0 ? _a : credentials.expiration;
return __assign(__assign(__assign({}, credentials), (originalExpiration ? { originalExpiration: originalExpiration } : {})), { expiration: newExpiration });
const originalExpiration = credentials.originalExpiration ?? credentials.expiration;
return {
...credentials,
...(originalExpiration ? { originalExpiration } : {}),
expiration: newExpiration,
};
};

49

dist-es/utils/getInstanceMetadataEndpoint.js

@@ -1,2 +0,1 @@

import { __awaiter, __generator } from "tslib";
import { loadConfig } from "@aws-sdk/node-config-provider";

@@ -8,38 +7,14 @@ import { parseUrl } from "@aws-sdk/url-parser";

import { ENDPOINT_MODE_CONFIG_OPTIONS, } from "../config/EndpointModeConfigOptions";
export var getInstanceMetadataEndpoint = function () { return __awaiter(void 0, void 0, void 0, function () { var _a, _b; return __generator(this, function (_c) {
switch (_c.label) {
case 0:
_a = parseUrl;
return [4, getFromEndpointConfig()];
case 1:
_b = (_c.sent());
if (_b) return [3, 3];
return [4, getFromEndpointModeConfig()];
case 2:
_b = (_c.sent());
_c.label = 3;
case 3: return [2, _a.apply(void 0, [_b])];
export const getInstanceMetadataEndpoint = async () => parseUrl((await getFromEndpointConfig()) || (await getFromEndpointModeConfig()));
const getFromEndpointConfig = async () => loadConfig(ENDPOINT_CONFIG_OPTIONS)();
const getFromEndpointModeConfig = async () => {
const endpointMode = await loadConfig(ENDPOINT_MODE_CONFIG_OPTIONS)();
switch (endpointMode) {
case EndpointMode.IPv4:
return InstanceMetadataEndpoint.IPv4;
case EndpointMode.IPv6:
return InstanceMetadataEndpoint.IPv6;
default:
throw new Error(`Unsupported endpoint mode: ${endpointMode}.` + ` Select from ${Object.values(EndpointMode)}`);
}
}); }); };
var getFromEndpointConfig = function () { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
return [2, loadConfig(ENDPOINT_CONFIG_OPTIONS)()];
}); }); };
var getFromEndpointModeConfig = function () { return __awaiter(void 0, void 0, void 0, function () {
var endpointMode;
return __generator(this, function (_a) {
switch (_a.label) {
case 0: return [4, loadConfig(ENDPOINT_MODE_CONFIG_OPTIONS)()];
case 1:
endpointMode = _a.sent();
switch (endpointMode) {
case EndpointMode.IPv4:
return [2, InstanceMetadataEndpoint.IPv4];
case EndpointMode.IPv6:
return [2, InstanceMetadataEndpoint.IPv6];
default:
throw new Error("Unsupported endpoint mode: ".concat(endpointMode, ".") + " Select from ".concat(Object.values(EndpointMode)));
}
return [2];
}
});
}); };
};

55

dist-es/utils/staticStabilityProvider.js

@@ -1,36 +0,25 @@

import { __awaiter, __generator } from "tslib";
import { getExtendedInstanceMetadataCredentials } from "./getExtendedInstanceMetadataCredentials";
export var staticStabilityProvider = function (provider, options) {
if (options === void 0) { options = {}; }
var logger = (options === null || options === void 0 ? void 0 : options.logger) || console;
var pastCredentials;
return function () { return __awaiter(void 0, void 0, void 0, function () {
var credentials, e_1;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
_a.trys.push([0, 2, , 3]);
return [4, provider()];
case 1:
credentials = _a.sent();
if (credentials.expiration && credentials.expiration.getTime() < Date.now()) {
credentials = getExtendedInstanceMetadataCredentials(credentials, logger);
}
return [3, 3];
case 2:
e_1 = _a.sent();
if (pastCredentials) {
logger.warn("Credential renew failed: ", e_1);
credentials = getExtendedInstanceMetadataCredentials(pastCredentials, logger);
}
else {
throw e_1;
}
return [3, 3];
case 3:
pastCredentials = credentials;
return [2, credentials];
export const staticStabilityProvider = (provider, options = {}) => {
const logger = options?.logger || console;
let pastCredentials;
return async () => {
let credentials;
try {
credentials = await provider();
if (credentials.expiration && credentials.expiration.getTime() < Date.now()) {
credentials = getExtendedInstanceMetadataCredentials(credentials, logger);
}
});
}); };
}
catch (e) {
if (pastCredentials) {
logger.warn("Credential renew failed: ", e);
credentials = getExtendedInstanceMetadataCredentials(pastCredentials, logger);
}
else {
throw e;
}
}
pastCredentials = credentials;
return credentials;
};
};

10

package.json
{
"name": "@aws-sdk/credential-provider-imds",
"version": "3.186.0",
"version": "3.188.0",
"description": "AWS credential provider that sources credentials from the EC2 instance metadata service and ECS container metadata service",

@@ -27,6 +27,6 @@ "main": "./dist-cjs/index.js",

"dependencies": {
"@aws-sdk/node-config-provider": "3.186.0",
"@aws-sdk/property-provider": "3.186.0",
"@aws-sdk/types": "3.186.0",
"@aws-sdk/url-parser": "3.186.0",
"@aws-sdk/node-config-provider": "3.188.0",
"@aws-sdk/property-provider": "3.188.0",
"@aws-sdk/types": "3.188.0",
"@aws-sdk/url-parser": "3.188.0",
"tslib": "^2.3.1"

@@ -33,0 +33,0 @@ },

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc