@aws-sdk/credential-provider-ini
Advanced tools
Comparing version 3.583.0 to 3.587.0
@@ -50,7 +50,20 @@ "use strict"; | ||
var import_property_provider = require("@smithy/property-provider"); | ||
var resolveCredentialSource = /* @__PURE__ */ __name((credentialSource, profileName) => { | ||
var resolveCredentialSource = /* @__PURE__ */ __name((credentialSource, profileName, logger) => { | ||
const sourceProvidersMap = { | ||
EcsContainer: (options) => Promise.resolve().then(() => __toESM(require("@smithy/credential-provider-imds"))).then(({ fromContainerMetadata }) => fromContainerMetadata(options)), | ||
Ec2InstanceMetadata: (options) => Promise.resolve().then(() => __toESM(require("@smithy/credential-provider-imds"))).then(({ fromInstanceMetadata }) => fromInstanceMetadata(options)), | ||
Environment: (options) => Promise.resolve().then(() => __toESM(require("@aws-sdk/credential-provider-env"))).then(({ fromEnv }) => fromEnv(options)) | ||
EcsContainer: async (options) => { | ||
const { fromHttp } = await Promise.resolve().then(() => __toESM(require("@aws-sdk/credential-provider-http"))); | ||
const { fromContainerMetadata } = await Promise.resolve().then(() => __toESM(require("@smithy/credential-provider-imds"))); | ||
logger == null ? void 0 : logger.debug("@aws-sdk/credential-provider-ini - credential_source is EcsContainer"); | ||
return (0, import_property_provider.chain)(fromHttp(options ?? {}), fromContainerMetadata(options)); | ||
}, | ||
Ec2InstanceMetadata: async (options) => { | ||
logger == null ? void 0 : logger.debug("@aws-sdk/credential-provider-ini - credential_source is Ec2InstanceMetadata"); | ||
const { fromInstanceMetadata } = await Promise.resolve().then(() => __toESM(require("@smithy/credential-provider-imds"))); | ||
return fromInstanceMetadata(options); | ||
}, | ||
Environment: async (options) => { | ||
logger == null ? void 0 : logger.debug("@aws-sdk/credential-provider-ini - credential_source is Environment"); | ||
const { fromEnv } = await Promise.resolve().then(() => __toESM(require("@aws-sdk/credential-provider-env"))); | ||
return fromEnv(options); | ||
} | ||
}; | ||
@@ -61,3 +74,4 @@ if (credentialSource in sourceProvidersMap) { | ||
throw new import_property_provider.CredentialsProviderError( | ||
`Unsupported credential source in profile ${profileName}. Got ${credentialSource}, expected EcsContainer or Ec2InstanceMetadata or Environment.` | ||
`Unsupported credential source in profile ${profileName}. Got ${credentialSource}, expected EcsContainer or Ec2InstanceMetadata or Environment.`, | ||
{ logger } | ||
); | ||
@@ -68,8 +82,24 @@ } | ||
// src/resolveAssumeRoleCredentials.ts | ||
var isAssumeRoleProfile = /* @__PURE__ */ __name((arg) => Boolean(arg) && typeof arg === "object" && typeof arg.role_arn === "string" && ["undefined", "string"].indexOf(typeof arg.role_session_name) > -1 && ["undefined", "string"].indexOf(typeof arg.external_id) > -1 && ["undefined", "string"].indexOf(typeof arg.mfa_serial) > -1 && (isAssumeRoleWithSourceProfile(arg) || isAssumeRoleWithProviderProfile(arg)), "isAssumeRoleProfile"); | ||
var isAssumeRoleWithSourceProfile = /* @__PURE__ */ __name((arg) => typeof arg.source_profile === "string" && typeof arg.credential_source === "undefined", "isAssumeRoleWithSourceProfile"); | ||
var isAssumeRoleWithProviderProfile = /* @__PURE__ */ __name((arg) => typeof arg.credential_source === "string" && typeof arg.source_profile === "undefined", "isAssumeRoleWithProviderProfile"); | ||
var isAssumeRoleProfile = /* @__PURE__ */ __name((arg, { profile = "default", logger } = {}) => { | ||
return Boolean(arg) && typeof arg === "object" && typeof arg.role_arn === "string" && ["undefined", "string"].indexOf(typeof arg.role_session_name) > -1 && ["undefined", "string"].indexOf(typeof arg.external_id) > -1 && ["undefined", "string"].indexOf(typeof arg.mfa_serial) > -1 && (isAssumeRoleWithSourceProfile(arg, { profile, logger }) || isCredentialSourceProfile(arg, { profile, logger })); | ||
}, "isAssumeRoleProfile"); | ||
var isAssumeRoleWithSourceProfile = /* @__PURE__ */ __name((arg, { profile, logger }) => { | ||
var _a; | ||
const withSourceProfile = typeof arg.source_profile === "string" && typeof arg.credential_source === "undefined"; | ||
if (withSourceProfile) { | ||
(_a = logger == null ? void 0 : logger.debug) == null ? void 0 : _a.call(logger, ` ${profile} isAssumeRoleWithSourceProfile source_profile=${arg.source_profile}`); | ||
} | ||
return withSourceProfile; | ||
}, "isAssumeRoleWithSourceProfile"); | ||
var isCredentialSourceProfile = /* @__PURE__ */ __name((arg, { profile, logger }) => { | ||
var _a; | ||
const withProviderProfile = typeof arg.credential_source === "string" && typeof arg.source_profile === "undefined"; | ||
if (withProviderProfile) { | ||
(_a = logger == null ? void 0 : logger.debug) == null ? void 0 : _a.call(logger, ` ${profile} isCredentialSourceProfile credential_source=${arg.credential_source}`); | ||
} | ||
return withProviderProfile; | ||
}, "isCredentialSourceProfile"); | ||
var resolveAssumeRoleCredentials = /* @__PURE__ */ __name(async (profileName, profiles, options, visitedProfiles = {}) => { | ||
var _a; | ||
(_a = options.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-ini", "resolveAssumeRoleCredentials (STS)"); | ||
var _a, _b; | ||
(_a = options.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-ini - resolveAssumeRoleCredentials (STS)"); | ||
const data = profiles[profileName]; | ||
@@ -91,9 +121,26 @@ if (!options.roleAssumer) { | ||
`Detected a cycle attempting to resolve credentials for profile ${(0, import_shared_ini_file_loader.getProfileName)(options)}. Profiles visited: ` + Object.keys(visitedProfiles).join(", "), | ||
false | ||
{ logger: options.logger } | ||
); | ||
} | ||
const sourceCredsProvider = source_profile ? resolveProfileData(source_profile, profiles, options, { | ||
...visitedProfiles, | ||
[source_profile]: true | ||
}) : (await resolveCredentialSource(data.credential_source, profileName)(options))(); | ||
(_b = options.logger) == null ? void 0 : _b.debug( | ||
`@aws-sdk/credential-provider-ini - finding credential resolver using ${source_profile ? `source_profile=[${source_profile}]` : `profile=[${profileName}]`}` | ||
); | ||
const sourceCredsProvider = source_profile ? resolveProfileData( | ||
source_profile, | ||
{ | ||
...profiles, | ||
[source_profile]: { | ||
...profiles[source_profile], | ||
// This assigns the role_arn of the "root" profile | ||
// to the credential_source profile so this recursive call knows | ||
// what role to assume. | ||
role_arn: data.role_arn ?? profiles[source_profile].role_arn | ||
} | ||
}, | ||
options, | ||
{ | ||
...visitedProfiles, | ||
[source_profile]: true | ||
} | ||
) : (await resolveCredentialSource(data.credential_source, profileName, options.logger)(options))(); | ||
const params = { | ||
@@ -110,3 +157,3 @@ RoleArn: data.role_arn, | ||
`Profile ${profileName} requires multi-factor authentication, but no MFA code callback was provided.`, | ||
false | ||
{ logger: options.logger, tryNextLink: false } | ||
); | ||
@@ -144,3 +191,3 @@ } | ||
var _a; | ||
(_a = options == null ? void 0 : options.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-ini", "resolveStaticCredentials"); | ||
(_a = options == null ? void 0 : options.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-ini - resolveStaticCredentials"); | ||
return Promise.resolve({ | ||
@@ -173,3 +220,3 @@ accessKeyId: profile.aws_access_key_id, | ||
} | ||
if (isAssumeRoleProfile(data)) { | ||
if (isAssumeRoleProfile(data, { profile: profileName, logger: options.logger })) { | ||
return resolveAssumeRoleCredentials(profileName, profiles, options, visitedProfiles); | ||
@@ -189,3 +236,6 @@ } | ||
} | ||
throw new import_property_provider.CredentialsProviderError(`Profile ${profileName} could not be found or parsed in shared credentials file.`); | ||
throw new import_property_provider.CredentialsProviderError( | ||
`Could not resolve credentials using profile: [${profileName}] in configuration/credentials file(s).`, | ||
{ logger: options.logger } | ||
); | ||
}, "resolveProfileData"); | ||
@@ -196,3 +246,3 @@ | ||
var _a; | ||
(_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-ini", "fromIni"); | ||
(_a = init.logger) == null ? void 0 : _a.debug("@aws-sdk/credential-provider-ini - fromIni"); | ||
const profiles = await (0, import_shared_ini_file_loader.parseKnownFiles)(init); | ||
@@ -199,0 +249,0 @@ return resolveProfileData((0, import_shared_ini_file_loader.getProfileName)(init), profiles, init); |
import { getProfileName, parseKnownFiles } from "@smithy/shared-ini-file-loader"; | ||
import { resolveProfileData } from "./resolveProfileData"; | ||
export const fromIni = (init = {}) => async () => { | ||
init.logger?.debug("@aws-sdk/credential-provider-ini", "fromIni"); | ||
init.logger?.debug("@aws-sdk/credential-provider-ini - fromIni"); | ||
const profiles = await parseKnownFiles(init); | ||
return resolveProfileData(getProfileName(init), profiles, init); | ||
}; |
@@ -5,13 +5,27 @@ import { CredentialsProviderError } from "@smithy/property-provider"; | ||
import { resolveProfileData } from "./resolveProfileData"; | ||
export const isAssumeRoleProfile = (arg) => Boolean(arg) && | ||
typeof arg === "object" && | ||
typeof arg.role_arn === "string" && | ||
["undefined", "string"].indexOf(typeof arg.role_session_name) > -1 && | ||
["undefined", "string"].indexOf(typeof arg.external_id) > -1 && | ||
["undefined", "string"].indexOf(typeof arg.mfa_serial) > -1 && | ||
(isAssumeRoleWithSourceProfile(arg) || isAssumeRoleWithProviderProfile(arg)); | ||
const isAssumeRoleWithSourceProfile = (arg) => typeof arg.source_profile === "string" && typeof arg.credential_source === "undefined"; | ||
const isAssumeRoleWithProviderProfile = (arg) => typeof arg.credential_source === "string" && typeof arg.source_profile === "undefined"; | ||
export const isAssumeRoleProfile = (arg, { profile = "default", logger } = {}) => { | ||
return (Boolean(arg) && | ||
typeof arg === "object" && | ||
typeof arg.role_arn === "string" && | ||
["undefined", "string"].indexOf(typeof arg.role_session_name) > -1 && | ||
["undefined", "string"].indexOf(typeof arg.external_id) > -1 && | ||
["undefined", "string"].indexOf(typeof arg.mfa_serial) > -1 && | ||
(isAssumeRoleWithSourceProfile(arg, { profile, logger }) || isCredentialSourceProfile(arg, { profile, logger }))); | ||
}; | ||
const isAssumeRoleWithSourceProfile = (arg, { profile, logger }) => { | ||
const withSourceProfile = typeof arg.source_profile === "string" && typeof arg.credential_source === "undefined"; | ||
if (withSourceProfile) { | ||
logger?.debug?.(` ${profile} isAssumeRoleWithSourceProfile source_profile=${arg.source_profile}`); | ||
} | ||
return withSourceProfile; | ||
}; | ||
const isCredentialSourceProfile = (arg, { profile, logger }) => { | ||
const withProviderProfile = typeof arg.credential_source === "string" && typeof arg.source_profile === "undefined"; | ||
if (withProviderProfile) { | ||
logger?.debug?.(` ${profile} isCredentialSourceProfile credential_source=${arg.credential_source}`); | ||
} | ||
return withProviderProfile; | ||
}; | ||
export const resolveAssumeRoleCredentials = async (profileName, profiles, options, visitedProfiles = {}) => { | ||
options.logger?.debug("@aws-sdk/credential-provider-ini", "resolveAssumeRoleCredentials (STS)"); | ||
options.logger?.debug("@aws-sdk/credential-provider-ini - resolveAssumeRoleCredentials (STS)"); | ||
const data = profiles[profileName]; | ||
@@ -30,10 +44,17 @@ if (!options.roleAssumer) { | ||
` ${getProfileName(options)}. Profiles visited: ` + | ||
Object.keys(visitedProfiles).join(", "), false); | ||
Object.keys(visitedProfiles).join(", "), { logger: options.logger }); | ||
} | ||
options.logger?.debug(`@aws-sdk/credential-provider-ini - finding credential resolver using ${source_profile ? `source_profile=[${source_profile}]` : `profile=[${profileName}]`}`); | ||
const sourceCredsProvider = source_profile | ||
? resolveProfileData(source_profile, profiles, options, { | ||
? resolveProfileData(source_profile, { | ||
...profiles, | ||
[source_profile]: { | ||
...profiles[source_profile], | ||
role_arn: data.role_arn ?? profiles[source_profile].role_arn, | ||
}, | ||
}, options, { | ||
...visitedProfiles, | ||
[source_profile]: true, | ||
}) | ||
: (await resolveCredentialSource(data.credential_source, profileName)(options))(); | ||
: (await resolveCredentialSource(data.credential_source, profileName, options.logger)(options))(); | ||
const params = { | ||
@@ -48,3 +69,3 @@ RoleArn: data.role_arn, | ||
if (!options.mfaCodeProvider) { | ||
throw new CredentialsProviderError(`Profile ${profileName} requires multi-factor authentication, but no MFA code callback was provided.`, false); | ||
throw new CredentialsProviderError(`Profile ${profileName} requires multi-factor authentication, but no MFA code callback was provided.`, { logger: options.logger, tryNextLink: false }); | ||
} | ||
@@ -51,0 +72,0 @@ params.SerialNumber = mfa_serial; |
@@ -1,7 +0,20 @@ | ||
import { CredentialsProviderError } from "@smithy/property-provider"; | ||
export const resolveCredentialSource = (credentialSource, profileName) => { | ||
import { chain, CredentialsProviderError } from "@smithy/property-provider"; | ||
export const resolveCredentialSource = (credentialSource, profileName, logger) => { | ||
const sourceProvidersMap = { | ||
EcsContainer: (options) => import("@smithy/credential-provider-imds").then(({ fromContainerMetadata }) => fromContainerMetadata(options)), | ||
Ec2InstanceMetadata: (options) => import("@smithy/credential-provider-imds").then(({ fromInstanceMetadata }) => fromInstanceMetadata(options)), | ||
Environment: (options) => import("@aws-sdk/credential-provider-env").then(({ fromEnv }) => fromEnv(options)), | ||
EcsContainer: async (options) => { | ||
const { fromHttp } = await import("@aws-sdk/credential-provider-http"); | ||
const { fromContainerMetadata } = await import("@smithy/credential-provider-imds"); | ||
logger?.debug("@aws-sdk/credential-provider-ini - credential_source is EcsContainer"); | ||
return chain(fromHttp(options ?? {}), fromContainerMetadata(options)); | ||
}, | ||
Ec2InstanceMetadata: async (options) => { | ||
logger?.debug("@aws-sdk/credential-provider-ini - credential_source is Ec2InstanceMetadata"); | ||
const { fromInstanceMetadata } = await import("@smithy/credential-provider-imds"); | ||
return fromInstanceMetadata(options); | ||
}, | ||
Environment: async (options) => { | ||
logger?.debug("@aws-sdk/credential-provider-ini - credential_source is Environment"); | ||
const { fromEnv } = await import("@aws-sdk/credential-provider-env"); | ||
return fromEnv(options); | ||
}, | ||
}; | ||
@@ -13,4 +26,4 @@ if (credentialSource in sourceProvidersMap) { | ||
throw new CredentialsProviderError(`Unsupported credential source in profile ${profileName}. Got ${credentialSource}, ` + | ||
`expected EcsContainer or Ec2InstanceMetadata or Environment.`); | ||
`expected EcsContainer or Ec2InstanceMetadata or Environment.`, { logger }); | ||
} | ||
}; |
@@ -12,3 +12,3 @@ import { CredentialsProviderError } from "@smithy/property-provider"; | ||
} | ||
if (isAssumeRoleProfile(data)) { | ||
if (isAssumeRoleProfile(data, { profile: profileName, logger: options.logger })) { | ||
return resolveAssumeRoleCredentials(profileName, profiles, options, visitedProfiles); | ||
@@ -28,3 +28,3 @@ } | ||
} | ||
throw new CredentialsProviderError(`Profile ${profileName} could not be found or parsed in shared credentials file.`); | ||
throw new CredentialsProviderError(`Could not resolve credentials using profile: [${profileName}] in configuration/credentials file(s).`, { logger: options.logger }); | ||
}; |
@@ -7,3 +7,3 @@ export const isStaticCredsProfile = (arg) => Boolean(arg) && | ||
export const resolveStaticCredentials = (profile, options) => { | ||
options?.logger?.debug("@aws-sdk/credential-provider-ini", "resolveStaticCredentials"); | ||
options?.logger?.debug("@aws-sdk/credential-provider-ini - resolveStaticCredentials"); | ||
return Promise.resolve({ | ||
@@ -10,0 +10,0 @@ accessKeyId: profile.aws_access_key_id, |
@@ -1,2 +0,2 @@ | ||
import { AwsCredentialIdentity, ParsedIniData } from "@smithy/types"; | ||
import { AwsCredentialIdentity, Logger, ParsedIniData } from "@smithy/types"; | ||
import { FromIniInit } from "./fromIni"; | ||
@@ -40,3 +40,6 @@ /** | ||
*/ | ||
export declare const isAssumeRoleProfile: (arg: any) => boolean; | ||
export declare const isAssumeRoleProfile: (arg: any, { profile, logger }?: { | ||
profile?: string | undefined; | ||
logger?: Logger | undefined; | ||
}) => boolean; | ||
/** | ||
@@ -43,0 +46,0 @@ * @internal |
import type { CredentialProviderOptions } from "@aws-sdk/types"; | ||
import { AwsCredentialIdentityProvider } from "@smithy/types"; | ||
import { AwsCredentialIdentityProvider, Logger } from "@smithy/types"; | ||
/** | ||
@@ -12,2 +12,2 @@ * @internal | ||
*/ | ||
export declare const resolveCredentialSource: (credentialSource: string, profileName: string) => (options?: CredentialProviderOptions) => Promise<AwsCredentialIdentityProvider>; | ||
export declare const resolveCredentialSource: (credentialSource: string, profileName: string, logger?: Logger) => (options?: CredentialProviderOptions) => Promise<AwsCredentialIdentityProvider>; |
@@ -1,2 +0,2 @@ | ||
import { AwsCredentialIdentity, ParsedIniData } from "@smithy/types"; | ||
import { AwsCredentialIdentity, Logger, ParsedIniData } from "@smithy/types"; | ||
import { FromIniInit } from "./fromIni"; | ||
@@ -11,3 +11,12 @@ export interface AssumeRoleParams { | ||
} | ||
export declare const isAssumeRoleProfile: (arg: any) => boolean; | ||
export declare const isAssumeRoleProfile: ( | ||
arg: any, | ||
{ | ||
profile, | ||
logger, | ||
}?: { | ||
profile?: string | undefined; | ||
logger?: Logger | undefined; | ||
} | ||
) => boolean; | ||
export declare const resolveAssumeRoleCredentials: ( | ||
@@ -14,0 +23,0 @@ profileName: string, |
import { CredentialProviderOptions } from "@aws-sdk/types"; | ||
import { AwsCredentialIdentityProvider } from "@smithy/types"; | ||
import { AwsCredentialIdentityProvider, Logger } from "@smithy/types"; | ||
export declare const resolveCredentialSource: ( | ||
credentialSource: string, | ||
profileName: string | ||
profileName: string, | ||
logger?: Logger | ||
) => ( | ||
options?: CredentialProviderOptions | ||
) => Promise<AwsCredentialIdentityProvider>; |
{ | ||
"name": "@aws-sdk/credential-provider-ini", | ||
"version": "3.583.0", | ||
"version": "3.587.0", | ||
"description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", | ||
@@ -27,10 +27,11 @@ "main": "./dist-cjs/index.js", | ||
"dependencies": { | ||
"@aws-sdk/credential-provider-env": "3.577.0", | ||
"@aws-sdk/credential-provider-process": "3.577.0", | ||
"@aws-sdk/credential-provider-sso": "3.583.0", | ||
"@aws-sdk/credential-provider-web-identity": "3.577.0", | ||
"@aws-sdk/credential-provider-env": "3.587.0", | ||
"@aws-sdk/credential-provider-http": "3.587.0", | ||
"@aws-sdk/credential-provider-process": "3.587.0", | ||
"@aws-sdk/credential-provider-sso": "3.587.0", | ||
"@aws-sdk/credential-provider-web-identity": "3.587.0", | ||
"@aws-sdk/types": "3.577.0", | ||
"@smithy/credential-provider-imds": "^3.0.0", | ||
"@smithy/property-provider": "^3.0.0", | ||
"@smithy/shared-ini-file-loader": "^3.0.0", | ||
"@smithy/credential-provider-imds": "^3.1.0", | ||
"@smithy/property-provider": "^3.1.0", | ||
"@smithy/shared-ini-file-loader": "^3.1.0", | ||
"@smithy/types": "^3.0.0", | ||
@@ -48,3 +49,3 @@ "tslib": "^2.6.2" | ||
"peerDependencies": { | ||
"@aws-sdk/client-sts": "^3.583.0" | ||
"@aws-sdk/client-sts": "^3.587.0" | ||
}, | ||
@@ -51,0 +52,0 @@ "types": "./dist-types/index.d.ts", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
47044
714
12
+ Added@aws-sdk/client-sso@3.587.0(transitive)
+ Added@aws-sdk/core@3.587.0(transitive)
+ Added@aws-sdk/credential-provider-env@3.587.0(transitive)
+ Added@aws-sdk/credential-provider-http@3.587.0(transitive)
+ Added@aws-sdk/credential-provider-process@3.587.0(transitive)
+ Added@aws-sdk/credential-provider-sso@3.587.0(transitive)
+ Added@aws-sdk/credential-provider-web-identity@3.587.0(transitive)
+ Added@aws-sdk/middleware-user-agent@3.587.0(transitive)
+ Added@aws-sdk/region-config-resolver@3.587.0(transitive)
+ Added@aws-sdk/token-providers@3.587.0(transitive)
+ Added@aws-sdk/util-endpoints@3.587.0(transitive)
+ Added@aws-sdk/util-user-agent-node@3.587.0(transitive)
- Removed@aws-sdk/client-sso@3.583.0(transitive)
- Removed@aws-sdk/core@3.582.0(transitive)
- Removed@aws-sdk/credential-provider-env@3.577.0(transitive)
- Removed@aws-sdk/credential-provider-process@3.577.0(transitive)
- Removed@aws-sdk/credential-provider-sso@3.583.0(transitive)
- Removed@aws-sdk/credential-provider-web-identity@3.577.0(transitive)
- Removed@aws-sdk/middleware-user-agent@3.583.0(transitive)
- Removed@aws-sdk/region-config-resolver@3.577.0(transitive)
- Removed@aws-sdk/token-providers@3.577.0(transitive)
- Removed@aws-sdk/util-endpoints@3.583.0(transitive)
- Removed@aws-sdk/util-user-agent-node@3.577.0(transitive)