diff --git a/.eslintrc.json b/.eslintrc.json index d5c6dd9..c0f19c5 100644 --- a/.eslintrc.json +++ b/.eslintrc.json @@ -55,4 +55,4 @@ "es6": true, "jest/globals": true } - } \ No newline at end of file + } diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 834e957..508f11d 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -6,18 +6,19 @@ on: - master - 'v*' env: - node_version: "12.x" + node_version: "16.x" jobs: build: # make sure build/ci work properly name: Build runs-on: ubuntu-latest steps: - - uses: actions/checkout@v1 + - uses: actions/checkout@v3 - name: Set up Node.js - uses: actions/setup-node@v1 + uses: actions/setup-node@v3 with: node-version: ${{ env.node_version }} + cache: yarn - name: yarn install run: yarn install @@ -32,12 +33,13 @@ jobs: name: Audit runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up Node.js - uses: actions/setup-node@v1 + uses: actions/setup-node@v3 with: node-version: ${{ env.node_version }} + cache: yarn - name: yarn audit run: yarn audit --level critical [[ $? -ge 16 ]] && exit 1 || exit 0 # this last part is needed because yarn audit returns a non-0 code if any vulnerabilities are found @@ -46,12 +48,13 @@ jobs: name: Lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up Node.js - uses: actions/setup-node@v1 + uses: actions/setup-node@v3 with: node-version: ${{ env.node_version }} + cache: yarn - name: yarn install run: yarn install @@ -63,10 +66,10 @@ jobs: name: Test runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up Node.js - uses: actions/setup-node@v1 + uses: actions/setup-node@v3 with: node-version: ${{ env.node_version }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index b3abad4..290e4aa 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -10,7 +10,7 @@ on: # name: Test # runs-on: ubuntu-latest # steps: -# - uses: actions/checkout@v1 +# - uses: actions/checkout@v3 # - name: CodeDeploy # uses: ./ # with: diff --git a/action.yaml b/action.yaml index 4513714..6e15ed2 100644 --- a/action.yaml +++ b/action.yaml @@ -11,5 +11,5 @@ inputs: description: 'Appspec file' required: true runs: - using: 'node12' + using: 'node16' main: 'dist/index.js' diff --git a/dist/index.js b/dist/index.js index dc71bfd..3e64d4e 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1,663 +1,1080 @@ -module.exports = -/******/ (function(modules, runtime) { // webpackBootstrap -/******/ "use strict"; -/******/ // The module cache -/******/ var installedModules = {}; -/******/ -/******/ // The require function -/******/ function __webpack_require__(moduleId) { -/******/ -/******/ // Check if module is in cache -/******/ if(installedModules[moduleId]) { -/******/ return installedModules[moduleId].exports; -/******/ } -/******/ // Create a new module (and put it into the cache) -/******/ var module = installedModules[moduleId] = { -/******/ i: moduleId, -/******/ l: false, -/******/ exports: {} -/******/ }; -/******/ -/******/ // Execute the module function -/******/ modules[moduleId].call(module.exports, module, module.exports, __webpack_require__); -/******/ -/******/ // Flag the module as loaded -/******/ module.l = true; -/******/ -/******/ // Return the exports of the module -/******/ return module.exports; -/******/ } -/******/ -/******/ -/******/ __webpack_require__.ab = __dirname + "/"; -/******/ -/******/ // the startup function -/******/ function startup() { -/******/ // Load entry module and return exports -/******/ return __webpack_require__(526); -/******/ }; -/******/ -/******/ // run startup -/******/ return startup(); -/******/ }) -/************************************************************************/ -/******/ ({ +/******/ (() => { // webpackBootstrap +/******/ var __webpack_modules__ = ({ -/***/ 2: -/***/ (function(module, __unusedexports, __webpack_require__) { +/***/ 4822: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { -var AWS = __webpack_require__(395); -var util = __webpack_require__(153); -var Rest = __webpack_require__(618); - -function populateBody(req) { - var input = req.service.api.operations[req.operation].input; - var builder = new AWS.XML.Builder(); - var params = req.params; +"use strict"; - var payload = input.payload; - if (payload) { - var payloadMember = input.members[payload]; - params = params[payload]; - if (params === undefined) return; +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +var __importDefault = (this && this.__importDefault) || function (mod) { + return (mod && mod.__esModule) ? mod : { "default": mod }; +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +const core = __importStar(__nccwpck_require__(2186)); +const fs = __importStar(__nccwpck_require__(7147)); +const codedeploy_1 = __importDefault(__nccwpck_require__(4599)); +const iam_1 = __importDefault(__nccwpck_require__(58)); +const sts_1 = __importDefault(__nccwpck_require__(7513)); +async function run() { + try { + const appName = core.getInput('application-name', { required: true }); + const groupName = core.getInput('deployment-group-name', { required: true }); + const appspecFile = core.getInput('appspec-file', { required: true }); + core.debug(`Hello world! ${appName}, ${groupName}, ${appspecFile}`); + const appspecJson = fs.readFileSync(appspecFile, 'utf8'); + core.debug('*** appspecJson ***'); + core.debug(appspecJson); + core.debug('*** end appspecJson ***'); + const codeDeploy = new codedeploy_1.default(); + const deployment = await codeDeploy + .createDeployment({ + applicationName: appName, + deploymentGroupName: groupName, + revision: { + revisionType: 'AppSpecContent', + appSpecContent: { + content: appspecJson + } + } + }) + .promise(); + core.debug(`deployment: ${JSON.stringify(deployment)}`); + if (deployment.deploymentId == null) { + core.setFailed('deploymentId should not be null'); + return; + } + const { awsAccountAlias, awsAccountId } = await getAccountInformation(); + const region = codeDeploy.config.region; + const linkToLogIn = 'https://aws.byu.edu/'; + const linkToDeployment = `https://${region}.console.aws.amazon.com/codesuite/codedeploy/deployments/${deployment.deploymentId}?region=${region}`; + core.info(`Started deployment. + +Deployment ID: ${deployment.deploymentId} +AWS Account: ${awsAccountAlias} (${awsAccountId}) +Region: ${region} - if (payloadMember.type === 'structure') { - var rootElement = payloadMember.name; - req.httpRequest.body = builder.toXML(params, payloadMember, rootElement, true); - } else { // non-xml payload - req.httpRequest.body = params; +To view the progress of this deployment: + • Log into the ${awsAccountAlias} AWS account at ${linkToLogIn} + • Go to ${linkToDeployment}`); + await codeDeploy + .waitFor('deploymentSuccessful', { + deploymentId: deployment.deploymentId + }) + .promise(); + process.exit(0); } - } else { - req.httpRequest.body = builder.toXML(params, input, input.name || - input.shape || util.string.upperFirst(req.operation) + 'Request'); - } + catch (error) { + if (error instanceof Error) { + core.setFailed(error.message); + } + else if (typeof error === 'string') { + core.setFailed(error); + } + else { + core.setFailed(`An unexpected error occurred: ${error}`); + } + } +} +run(); +async function getAccountInformation() { + const iam = new iam_1.default(); + const sts = new sts_1.default(); + const [{ AccountAliases: [awsAccountAlias = '?'] }, { Account: awsAccountId = '?' }] = await Promise.all([ + iam + .listAccountAliases() + .promise() + .catch(() => { + return { AccountAliases: ['?'] }; + }), + sts + .getCallerIdentity() + .promise() + .catch(() => ({ Account: '?' })) + ]); + return { awsAccountAlias, awsAccountId }; } -function buildRequest(req) { - Rest.buildRequest(req); - // never send body payload on GET/HEAD - if (['GET', 'HEAD'].indexOf(req.httpRequest.method) < 0) { - populateBody(req); - } -} +/***/ }), -function extractError(resp) { - Rest.extractError(resp); +/***/ 7351: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { - var data; - try { - data = new AWS.XML.Parser().parse(resp.httpResponse.body.toString()); - } catch (e) { - data = { - Code: resp.httpResponse.statusCode, - Message: resp.httpResponse.statusMessage - }; - } +"use strict"; - if (data.Errors) data = data.Errors; - if (data.Error) data = data.Error; - if (data.Code) { - resp.error = util.error(new Error(), { - code: data.Code, - message: data.Message - }); - } else { - resp.error = util.error(new Error(), { - code: resp.httpResponse.statusCode, - message: null - }); - } +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.issue = exports.issueCommand = void 0; +const os = __importStar(__nccwpck_require__(2037)); +const utils_1 = __nccwpck_require__(5278); +/** + * Commands + * + * Command Format: + * ::name key=value,key=value::message + * + * Examples: + * ::warning::This is the message + * ::set-env name=MY_VAR::some value + */ +function issueCommand(command, properties, message) { + const cmd = new Command(command, properties, message); + process.stdout.write(cmd.toString() + os.EOL); +} +exports.issueCommand = issueCommand; +function issue(name, message = '') { + issueCommand(name, {}, message); +} +exports.issue = issue; +const CMD_STRING = '::'; +class Command { + constructor(command, properties, message) { + if (!command) { + command = 'missing.command'; + } + this.command = command; + this.properties = properties; + this.message = message; + } + toString() { + let cmdStr = CMD_STRING + this.command; + if (this.properties && Object.keys(this.properties).length > 0) { + cmdStr += ' '; + let first = true; + for (const key in this.properties) { + if (this.properties.hasOwnProperty(key)) { + const val = this.properties[key]; + if (val) { + if (first) { + first = false; + } + else { + cmdStr += ','; + } + cmdStr += `${key}=${escapeProperty(val)}`; + } + } + } + } + cmdStr += `${CMD_STRING}${escapeData(this.message)}`; + return cmdStr; + } +} +function escapeData(s) { + return utils_1.toCommandValue(s) + .replace(/%/g, '%25') + .replace(/\r/g, '%0D') + .replace(/\n/g, '%0A'); +} +function escapeProperty(s) { + return utils_1.toCommandValue(s) + .replace(/%/g, '%25') + .replace(/\r/g, '%0D') + .replace(/\n/g, '%0A') + .replace(/:/g, '%3A') + .replace(/,/g, '%2C'); } +//# sourceMappingURL=command.js.map -function extractData(resp) { - Rest.extractData(resp); +/***/ }), - var parser; - var req = resp.request; - var body = resp.httpResponse.body; - var operation = req.service.api.operations[req.operation]; - var output = operation.output; +/***/ 2186: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { - var hasEventOutput = operation.hasEventOutput; +"use strict"; - var payload = output.payload; - if (payload) { - var payloadMember = output.members[payload]; - if (payloadMember.isEventStream) { - parser = new AWS.XML.Parser(); - resp.data[payload] = util.createEventStream( - AWS.HttpClient.streamsApiVersion === 2 ? resp.httpResponse.stream : resp.httpResponse.body, - parser, - payloadMember - ); - } else if (payloadMember.type === 'structure') { - parser = new AWS.XML.Parser(); - resp.data[payload] = parser.parse(body.toString(), payloadMember); - } else if (payloadMember.type === 'binary' || payloadMember.isStreaming) { - resp.data[payload] = body; - } else { - resp.data[payload] = payloadMember.toType(body); +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.getIDToken = exports.getState = exports.saveState = exports.group = exports.endGroup = exports.startGroup = exports.info = exports.notice = exports.warning = exports.error = exports.debug = exports.isDebug = exports.setFailed = exports.setCommandEcho = exports.setOutput = exports.getBooleanInput = exports.getMultilineInput = exports.getInput = exports.addPath = exports.setSecret = exports.exportVariable = exports.ExitCode = void 0; +const command_1 = __nccwpck_require__(7351); +const file_command_1 = __nccwpck_require__(717); +const utils_1 = __nccwpck_require__(5278); +const os = __importStar(__nccwpck_require__(2037)); +const path = __importStar(__nccwpck_require__(1017)); +const oidc_utils_1 = __nccwpck_require__(8041); +/** + * The code to exit an action + */ +var ExitCode; +(function (ExitCode) { + /** + * A code indicating that the action was successful + */ + ExitCode[ExitCode["Success"] = 0] = "Success"; + /** + * A code indicating that the action was a failure + */ + ExitCode[ExitCode["Failure"] = 1] = "Failure"; +})(ExitCode = exports.ExitCode || (exports.ExitCode = {})); +//----------------------------------------------------------------------- +// Variables +//----------------------------------------------------------------------- +/** + * Sets env variable for this action and future actions in the job + * @param name the name of the variable to set + * @param val the value of the variable. Non-string values will be converted to a string via JSON.stringify + */ +// eslint-disable-next-line @typescript-eslint/no-explicit-any +function exportVariable(name, val) { + const convertedVal = utils_1.toCommandValue(val); + process.env[name] = convertedVal; + const filePath = process.env['GITHUB_ENV'] || ''; + if (filePath) { + return file_command_1.issueFileCommand('ENV', file_command_1.prepareKeyValueMessage(name, val)); } - } else if (body.length > 0) { - parser = new AWS.XML.Parser(); - var data = parser.parse(body.toString(), output); - util.update(resp.data, data); - } + command_1.issueCommand('set-env', { name }, convertedVal); } - +exports.exportVariable = exportVariable; /** - * @api private + * Registers a secret which will get masked from logs + * @param secret value of the secret */ -module.exports = { - buildRequest: buildRequest, - extractError: extractError, - extractData: extractData -}; - - -/***/ }), - -/***/ 19: -/***/ (function(module, __unusedexports, __webpack_require__) { - -// Generated by CoffeeScript 1.12.7 -(function() { - var XMLDTDNotation, XMLNode, - extend = function(child, parent) { for (var key in parent) { if (hasProp.call(parent, key)) child[key] = parent[key]; } function ctor() { this.constructor = child; } ctor.prototype = parent.prototype; child.prototype = new ctor(); child.__super__ = parent.prototype; return child; }, - hasProp = {}.hasOwnProperty; - - XMLNode = __webpack_require__(855); - - module.exports = XMLDTDNotation = (function(superClass) { - extend(XMLDTDNotation, superClass); - - function XMLDTDNotation(parent, name, value) { - XMLDTDNotation.__super__.constructor.call(this, parent); - if (name == null) { - throw new Error("Missing notation name"); - } - if (!value.pubID && !value.sysID) { - throw new Error("Public or system identifiers are required for an external entity"); - } - this.name = this.stringify.eleName(name); - if (value.pubID != null) { - this.pubID = this.stringify.dtdPubID(value.pubID); - } - if (value.sysID != null) { - this.sysID = this.stringify.dtdSysID(value.sysID); - } +function setSecret(secret) { + command_1.issueCommand('add-mask', {}, secret); +} +exports.setSecret = setSecret; +/** + * Prepends inputPath to the PATH (for this action and future actions) + * @param inputPath + */ +function addPath(inputPath) { + const filePath = process.env['GITHUB_PATH'] || ''; + if (filePath) { + file_command_1.issueFileCommand('PATH', inputPath); } - - XMLDTDNotation.prototype.toString = function(options) { - return this.options.writer.set(options).dtdNotation(this); - }; - - return XMLDTDNotation; - - })(XMLNode); - -}).call(this); - - -/***/ }), - -/***/ 22: -/***/ (function(__unusedmodule, __unusedexports, __webpack_require__) { - -var AWS = __webpack_require__(395); -var STS = __webpack_require__(733); -var iniLoader = AWS.util.iniLoader; - + else { + command_1.issueCommand('add-path', {}, inputPath); + } + process.env['PATH'] = `${inputPath}${path.delimiter}${process.env['PATH']}`; +} +exports.addPath = addPath; /** - * Represents credentials loaded from shared credentials file - * (defaulting to ~/.aws/credentials or defined by the - * `AWS_SHARED_CREDENTIALS_FILE` environment variable). - * - * ## Using the shared credentials file - * - * This provider is checked by default in the Node.js environment. To use the - * credentials file provider, simply add your access and secret keys to the - * ~/.aws/credentials file in the following format: + * Gets the value of an input. + * Unless trimWhitespace is set to false in InputOptions, the value is also trimmed. + * Returns an empty string if the value is not defined. * - * [default] - * aws_access_key_id = AKID... - * aws_secret_access_key = YOUR_SECRET_KEY + * @param name name of the input to get + * @param options optional. See InputOptions. + * @returns string + */ +function getInput(name, options) { + const val = process.env[`INPUT_${name.replace(/ /g, '_').toUpperCase()}`] || ''; + if (options && options.required && !val) { + throw new Error(`Input required and not supplied: ${name}`); + } + if (options && options.trimWhitespace === false) { + return val; + } + return val.trim(); +} +exports.getInput = getInput; +/** + * Gets the values of an multiline input. Each value is also trimmed. * - * ## Using custom profiles + * @param name name of the input to get + * @param options optional. See InputOptions. + * @returns string[] * - * The SDK supports loading credentials for separate profiles. This can be done - * in two ways: + */ +function getMultilineInput(name, options) { + const inputs = getInput(name, options) + .split('\n') + .filter(x => x !== ''); + if (options && options.trimWhitespace === false) { + return inputs; + } + return inputs.map(input => input.trim()); +} +exports.getMultilineInput = getMultilineInput; +/** + * Gets the input value of the boolean type in the YAML 1.2 "core schema" specification. + * Support boolean input list: `true | True | TRUE | false | False | FALSE` . + * The return value is also in boolean type. + * ref: https://yaml.org/spec/1.2/spec.html#id2804923 * - * 1. Set the `AWS_PROFILE` environment variable in your process prior to - * loading the SDK. - * 2. Directly load the AWS.SharedIniFileCredentials provider: + * @param name name of the input to get + * @param options optional. See InputOptions. + * @returns boolean + */ +function getBooleanInput(name, options) { + const trueValue = ['true', 'True', 'TRUE']; + const falseValue = ['false', 'False', 'FALSE']; + const val = getInput(name, options); + if (trueValue.includes(val)) + return true; + if (falseValue.includes(val)) + return false; + throw new TypeError(`Input does not meet YAML 1.2 "Core Schema" specification: ${name}\n` + + `Support boolean input list: \`true | True | TRUE | false | False | FALSE\``); +} +exports.getBooleanInput = getBooleanInput; +/** + * Sets the value of an output. * - * ```javascript - * var creds = new AWS.SharedIniFileCredentials({profile: 'myprofile'}); - * AWS.config.credentials = creds; - * ``` + * @param name name of the output to set + * @param value value to store. Non-string values will be converted to a string via JSON.stringify + */ +// eslint-disable-next-line @typescript-eslint/no-explicit-any +function setOutput(name, value) { + const filePath = process.env['GITHUB_OUTPUT'] || ''; + if (filePath) { + return file_command_1.issueFileCommand('OUTPUT', file_command_1.prepareKeyValueMessage(name, value)); + } + process.stdout.write(os.EOL); + command_1.issueCommand('set-output', { name }, utils_1.toCommandValue(value)); +} +exports.setOutput = setOutput; +/** + * Enables or disables the echoing of commands into stdout for the rest of the step. + * Echoing is disabled by default if ACTIONS_STEP_DEBUG is not set. * - * @!macro nobrowser */ -AWS.SharedIniFileCredentials = AWS.util.inherit(AWS.Credentials, { - /** - * Creates a new SharedIniFileCredentials object. - * - * @param options [map] a set of options - * @option options profile [String] (AWS_PROFILE env var or 'default') - * the name of the profile to load. - * @option options filename [String] ('~/.aws/credentials' or defined by - * AWS_SHARED_CREDENTIALS_FILE process env var) - * the filename to use when loading credentials. - * @option options disableAssumeRole [Boolean] (false) True to disable - * support for profiles that assume an IAM role. If true, and an assume - * role profile is selected, an error is raised. - * @option options preferStaticCredentials [Boolean] (false) True to - * prefer static credentials to role_arn if both are present. - * @option options tokenCodeFn [Function] (null) Function to provide - * STS Assume Role TokenCode, if mfa_serial is provided for profile in ini - * file. Function is called with value of mfa_serial and callback, and - * should provide the TokenCode or an error to the callback in the format - * callback(err, token) - * @option options callback [Function] (err) Credentials are eagerly loaded - * by the constructor. When the callback is called with no error, the - * credentials have been loaded successfully. - * @option options httpOptions [map] A set of options to pass to the low-level - * HTTP request. Currently supported options are: - * * **proxy** [String] — the URL to proxy requests through - * * **agent** [http.Agent, https.Agent] — the Agent object to perform - * HTTP requests with. Used for connection pooling. Defaults to the global - * agent (`http.globalAgent`) for non-SSL connections. Note that for - * SSL connections, a special Agent object is used in order to enable - * peer certificate verification. This feature is only available in the - * Node.js environment. - * * **connectTimeout** [Integer] — Sets the socket to timeout after - * failing to establish a connection with the server after - * `connectTimeout` milliseconds. This timeout has no effect once a socket - * connection has been established. - * * **timeout** [Integer] — Sets the socket to timeout after timeout - * milliseconds of inactivity on the socket. Defaults to two minutes - * (120000). - */ - constructor: function SharedIniFileCredentials(options) { - AWS.Credentials.call(this); +function setCommandEcho(enabled) { + command_1.issue('echo', enabled ? 'on' : 'off'); +} +exports.setCommandEcho = setCommandEcho; +//----------------------------------------------------------------------- +// Results +//----------------------------------------------------------------------- +/** + * Sets the action status to failed. + * When the action exits it will be with an exit code of 1 + * @param message add error issue message + */ +function setFailed(message) { + process.exitCode = ExitCode.Failure; + error(message); +} +exports.setFailed = setFailed; +//----------------------------------------------------------------------- +// Logging Commands +//----------------------------------------------------------------------- +/** + * Gets whether Actions Step Debug is on or not + */ +function isDebug() { + return process.env['RUNNER_DEBUG'] === '1'; +} +exports.isDebug = isDebug; +/** + * Writes debug message to user log + * @param message debug message + */ +function debug(message) { + command_1.issueCommand('debug', {}, message); +} +exports.debug = debug; +/** + * Adds an error issue + * @param message error issue message. Errors will be converted to string via toString() + * @param properties optional properties to add to the annotation. + */ +function error(message, properties = {}) { + command_1.issueCommand('error', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message); +} +exports.error = error; +/** + * Adds a warning issue + * @param message warning issue message. Errors will be converted to string via toString() + * @param properties optional properties to add to the annotation. + */ +function warning(message, properties = {}) { + command_1.issueCommand('warning', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message); +} +exports.warning = warning; +/** + * Adds a notice issue + * @param message notice issue message. Errors will be converted to string via toString() + * @param properties optional properties to add to the annotation. + */ +function notice(message, properties = {}) { + command_1.issueCommand('notice', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message); +} +exports.notice = notice; +/** + * Writes info to log with console.log. + * @param message info message + */ +function info(message) { + process.stdout.write(message + os.EOL); +} +exports.info = info; +/** + * Begin an output group. + * + * Output until the next `groupEnd` will be foldable in this group + * + * @param name The name of the output group + */ +function startGroup(name) { + command_1.issue('group', name); +} +exports.startGroup = startGroup; +/** + * End an output group. + */ +function endGroup() { + command_1.issue('endgroup'); +} +exports.endGroup = endGroup; +/** + * Wrap an asynchronous function call in a group. + * + * Returns the same type as the function itself. + * + * @param name The name of the group + * @param fn The function to wrap in the group + */ +function group(name, fn) { + return __awaiter(this, void 0, void 0, function* () { + startGroup(name); + let result; + try { + result = yield fn(); + } + finally { + endGroup(); + } + return result; + }); +} +exports.group = group; +//----------------------------------------------------------------------- +// Wrapper action state +//----------------------------------------------------------------------- +/** + * Saves state for current action, the state can only be retrieved by this action's post job execution. + * + * @param name name of the state to store + * @param value value to store. Non-string values will be converted to a string via JSON.stringify + */ +// eslint-disable-next-line @typescript-eslint/no-explicit-any +function saveState(name, value) { + const filePath = process.env['GITHUB_STATE'] || ''; + if (filePath) { + return file_command_1.issueFileCommand('STATE', file_command_1.prepareKeyValueMessage(name, value)); + } + command_1.issueCommand('save-state', { name }, utils_1.toCommandValue(value)); +} +exports.saveState = saveState; +/** + * Gets the value of an state set by this action's main execution. + * + * @param name name of the state to get + * @returns string + */ +function getState(name) { + return process.env[`STATE_${name}`] || ''; +} +exports.getState = getState; +function getIDToken(aud) { + return __awaiter(this, void 0, void 0, function* () { + return yield oidc_utils_1.OidcClient.getIDToken(aud); + }); +} +exports.getIDToken = getIDToken; +/** + * Summary exports + */ +var summary_1 = __nccwpck_require__(1327); +Object.defineProperty(exports, "summary", ({ enumerable: true, get: function () { return summary_1.summary; } })); +/** + * @deprecated use core.summary + */ +var summary_2 = __nccwpck_require__(1327); +Object.defineProperty(exports, "markdownSummary", ({ enumerable: true, get: function () { return summary_2.markdownSummary; } })); +/** + * Path exports + */ +var path_utils_1 = __nccwpck_require__(2981); +Object.defineProperty(exports, "toPosixPath", ({ enumerable: true, get: function () { return path_utils_1.toPosixPath; } })); +Object.defineProperty(exports, "toWin32Path", ({ enumerable: true, get: function () { return path_utils_1.toWin32Path; } })); +Object.defineProperty(exports, "toPlatformPath", ({ enumerable: true, get: function () { return path_utils_1.toPlatformPath; } })); +//# sourceMappingURL=core.js.map - options = options || {}; +/***/ }), - this.filename = options.filename; - this.profile = options.profile || process.env.AWS_PROFILE || AWS.util.defaultProfile; - this.disableAssumeRole = Boolean(options.disableAssumeRole); - this.preferStaticCredentials = Boolean(options.preferStaticCredentials); - this.tokenCodeFn = options.tokenCodeFn || null; - this.httpOptions = options.httpOptions || null; - this.get(options.callback || AWS.util.fn.noop); - }, +/***/ 717: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { - /** - * @api private - */ - load: function load(callback) { - var self = this; - try { - var profiles = AWS.util.getProfilesFromSharedConfig(iniLoader, this.filename); - var profile = profiles[this.profile] || {}; +"use strict"; - if (Object.keys(profile).length === 0) { - throw AWS.util.error( - new Error('Profile ' + this.profile + ' not found'), - { code: 'SharedIniFileCredentialsProviderFailure' } - ); - } +// For internal use, subject to change. +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.prepareKeyValueMessage = exports.issueFileCommand = void 0; +// We use any as a valid input type +/* eslint-disable @typescript-eslint/no-explicit-any */ +const fs = __importStar(__nccwpck_require__(7147)); +const os = __importStar(__nccwpck_require__(2037)); +const uuid_1 = __nccwpck_require__(8974); +const utils_1 = __nccwpck_require__(5278); +function issueFileCommand(command, message) { + const filePath = process.env[`GITHUB_${command}`]; + if (!filePath) { + throw new Error(`Unable to find environment variable for file command ${command}`); + } + if (!fs.existsSync(filePath)) { + throw new Error(`Missing file at path: ${filePath}`); + } + fs.appendFileSync(filePath, `${utils_1.toCommandValue(message)}${os.EOL}`, { + encoding: 'utf8' + }); +} +exports.issueFileCommand = issueFileCommand; +function prepareKeyValueMessage(key, value) { + const delimiter = `ghadelimiter_${uuid_1.v4()}`; + const convertedValue = utils_1.toCommandValue(value); + // These should realistically never happen, but just in case someone finds a + // way to exploit uuid generation let's not allow keys or values that contain + // the delimiter. + if (key.includes(delimiter)) { + throw new Error(`Unexpected input: name should not contain the delimiter "${delimiter}"`); + } + if (convertedValue.includes(delimiter)) { + throw new Error(`Unexpected input: value should not contain the delimiter "${delimiter}"`); + } + return `${key}<<${delimiter}${os.EOL}${convertedValue}${os.EOL}${delimiter}`; +} +exports.prepareKeyValueMessage = prepareKeyValueMessage; +//# sourceMappingURL=file-command.js.map - /* - In the CLI, the presence of both a role_arn and static credentials have - different meanings depending on how many profiles have been visited. For - the first profile processed, role_arn takes precedence over any static - credentials, but for all subsequent profiles, static credentials are - used if present, and only in their absence will the profile's - source_profile and role_arn keys be used to load another set of - credentials. This var is intended to yield compatible behaviour in this - sdk. - */ - var preferStaticCredentialsToRoleArn = Boolean( - this.preferStaticCredentials - && profile['aws_access_key_id'] - && profile['aws_secret_access_key'] - ); +/***/ }), - if (profile['role_arn'] && !preferStaticCredentialsToRoleArn) { - this.loadRoleProfile(profiles, profile, function(err, data) { - if (err) { - callback(err); - } else { - self.expired = false; - self.accessKeyId = data.Credentials.AccessKeyId; - self.secretAccessKey = data.Credentials.SecretAccessKey; - self.sessionToken = data.Credentials.SessionToken; - self.expireTime = data.Credentials.Expiration; - callback(null); - } - }); - return; - } +/***/ 8041: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { - this.accessKeyId = profile['aws_access_key_id']; - this.secretAccessKey = profile['aws_secret_access_key']; - this.sessionToken = profile['aws_session_token']; +"use strict"; - if (!this.accessKeyId || !this.secretAccessKey) { - throw AWS.util.error( - new Error('Credentials not set for profile ' + this.profile), - { code: 'SharedIniFileCredentialsProviderFailure' } - ); - } - this.expired = false; - callback(null); - } catch (err) { - callback(err); - } - }, - - /** - * Loads the credentials from the shared credentials file - * - * @callback callback function(err) - * Called after the shared INI file on disk is read and parsed. When this - * callback is called with no error, it means that the credentials - * information has been loaded into the object (as the `accessKeyId`, - * `secretAccessKey`, and `sessionToken` properties). - * @param err [Error] if an error occurred, this value will be filled - * @see get - */ - refresh: function refresh(callback) { - iniLoader.clearCachedFiles(); - this.coalesceRefresh( - callback || AWS.util.fn.callback, - this.disableAssumeRole - ); - }, - - /** - * @api private - */ - loadRoleProfile: function loadRoleProfile(creds, roleProfile, callback) { - if (this.disableAssumeRole) { - throw AWS.util.error( - new Error('Role assumption profiles are disabled. ' + - 'Failed to load profile ' + this.profile + - ' from ' + creds.filename), - { code: 'SharedIniFileCredentialsProviderFailure' } - ); +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.OidcClient = void 0; +const http_client_1 = __nccwpck_require__(6255); +const auth_1 = __nccwpck_require__(5526); +const core_1 = __nccwpck_require__(2186); +class OidcClient { + static createHttpClient(allowRetry = true, maxRetry = 10) { + const requestOptions = { + allowRetries: allowRetry, + maxRetries: maxRetry + }; + return new http_client_1.HttpClient('actions/oidc-client', [new auth_1.BearerCredentialHandler(OidcClient.getRequestToken())], requestOptions); } - - var self = this; - var roleArn = roleProfile['role_arn']; - var roleSessionName = roleProfile['role_session_name']; - var externalId = roleProfile['external_id']; - var mfaSerial = roleProfile['mfa_serial']; - var sourceProfileName = roleProfile['source_profile']; - - if (!sourceProfileName) { - throw AWS.util.error( - new Error('source_profile is not set using profile ' + this.profile), - { code: 'SharedIniFileCredentialsProviderFailure' } - ); + static getRequestToken() { + const token = process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN']; + if (!token) { + throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_TOKEN env variable'); + } + return token; } - - var sourceProfileExistanceTest = creds[sourceProfileName]; - - if (typeof sourceProfileExistanceTest !== 'object') { - throw AWS.util.error( - new Error('source_profile ' + sourceProfileName + ' using profile ' - + this.profile + ' does not exist'), - { code: 'SharedIniFileCredentialsProviderFailure' } - ); + static getIDTokenUrl() { + const runtimeUrl = process.env['ACTIONS_ID_TOKEN_REQUEST_URL']; + if (!runtimeUrl) { + throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable'); + } + return runtimeUrl; + } + static getCall(id_token_url) { + var _a; + return __awaiter(this, void 0, void 0, function* () { + const httpclient = OidcClient.createHttpClient(); + const res = yield httpclient + .getJson(id_token_url) + .catch(error => { + throw new Error(`Failed to get ID Token. \n + Error Code : ${error.statusCode}\n + Error Message: ${error.result.message}`); + }); + const id_token = (_a = res.result) === null || _a === void 0 ? void 0 : _a.value; + if (!id_token) { + throw new Error('Response json body do not have ID Token field'); + } + return id_token; + }); } + static getIDToken(audience) { + return __awaiter(this, void 0, void 0, function* () { + try { + // New ID Token is requested from action service + let id_token_url = OidcClient.getIDTokenUrl(); + if (audience) { + const encodedAudience = encodeURIComponent(audience); + id_token_url = `${id_token_url}&audience=${encodedAudience}`; + } + core_1.debug(`ID token url is ${id_token_url}`); + const id_token = yield OidcClient.getCall(id_token_url); + core_1.setSecret(id_token); + return id_token; + } + catch (error) { + throw new Error(`Error message: ${error.message}`); + } + }); + } +} +exports.OidcClient = OidcClient; +//# sourceMappingURL=oidc-utils.js.map - var sourceCredentials = new AWS.SharedIniFileCredentials( - AWS.util.merge(this.options || {}, { - profile: sourceProfileName, - preferStaticCredentials: true - }) - ); - - this.roleArn = roleArn; - var sts = new STS({ - credentials: sourceCredentials, - httpOptions: this.httpOptions - }); - - var roleParams = { - RoleArn: roleArn, - RoleSessionName: roleSessionName || 'aws-sdk-js-' + Date.now() - }; +/***/ }), - if (externalId) { - roleParams.ExternalId = externalId; - } +/***/ 2981: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { - if (mfaSerial && self.tokenCodeFn) { - roleParams.SerialNumber = mfaSerial; - self.tokenCodeFn(mfaSerial, function(err, token) { - if (err) { - var message; - if (err instanceof Error) { - message = err.message; - } else { - message = err; - } - callback( - AWS.util.error( - new Error('Error fetching MFA token: ' + message), - { code: 'SharedIniFileCredentialsProviderFailure' } - )); - return; - } +"use strict"; - roleParams.TokenCode = token; - sts.assumeRole(roleParams, callback); - }); - return; - } - sts.assumeRole(roleParams, callback); - } +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; }); - +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.toPlatformPath = exports.toWin32Path = exports.toPosixPath = void 0; +const path = __importStar(__nccwpck_require__(1017)); +/** + * toPosixPath converts the given path to the posix form. On Windows, \\ will be + * replaced with /. + * + * @param pth. Path to transform. + * @return string Posix path. + */ +function toPosixPath(pth) { + return pth.replace(/[\\]/g, '/'); +} +exports.toPosixPath = toPosixPath; +/** + * toWin32Path converts the given path to the win32 form. On Linux, / will be + * replaced with \\. + * + * @param pth. Path to transform. + * @return string Win32 path. + */ +function toWin32Path(pth) { + return pth.replace(/[/]/g, '\\'); +} +exports.toWin32Path = toWin32Path; +/** + * toPlatformPath converts the given path to a platform-specific path. It does + * this by replacing instances of / and \ with the platform-specific path + * separator. + * + * @param pth The path to platformize. + * @return string The platform-specific path. + */ +function toPlatformPath(pth) { + return pth.replace(/[/\\]/g, path.sep); +} +exports.toPlatformPath = toPlatformPath; +//# sourceMappingURL=path-utils.js.map /***/ }), -/***/ 35: -/***/ (function(module, __unusedexports, __webpack_require__) { - -// Generated by CoffeeScript 1.12.7 -(function() { - var XMLCData, XMLNode, - extend = function(child, parent) { for (var key in parent) { if (hasProp.call(parent, key)) child[key] = parent[key]; } function ctor() { this.constructor = child; } ctor.prototype = parent.prototype; child.prototype = new ctor(); child.__super__ = parent.prototype; return child; }, - hasProp = {}.hasOwnProperty; - - XMLNode = __webpack_require__(855); +/***/ 1327: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { - module.exports = XMLCData = (function(superClass) { - extend(XMLCData, superClass); +"use strict"; - function XMLCData(parent, text) { - XMLCData.__super__.constructor.call(this, parent); - if (text == null) { - throw new Error("Missing CDATA text"); - } - this.text = this.stringify.cdata(text); +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.summary = exports.markdownSummary = exports.SUMMARY_DOCS_URL = exports.SUMMARY_ENV_VAR = void 0; +const os_1 = __nccwpck_require__(2037); +const fs_1 = __nccwpck_require__(7147); +const { access, appendFile, writeFile } = fs_1.promises; +exports.SUMMARY_ENV_VAR = 'GITHUB_STEP_SUMMARY'; +exports.SUMMARY_DOCS_URL = 'https://docs.github.com/actions/using-workflows/workflow-commands-for-github-actions#adding-a-job-summary'; +class Summary { + constructor() { + this._buffer = ''; + } + /** + * Finds the summary file path from the environment, rejects if env var is not found or file does not exist + * Also checks r/w permissions. + * + * @returns step summary file path + */ + filePath() { + return __awaiter(this, void 0, void 0, function* () { + if (this._filePath) { + return this._filePath; + } + const pathFromEnv = process.env[exports.SUMMARY_ENV_VAR]; + if (!pathFromEnv) { + throw new Error(`Unable to find environment variable for $${exports.SUMMARY_ENV_VAR}. Check if your runtime environment supports job summaries.`); + } + try { + yield access(pathFromEnv, fs_1.constants.R_OK | fs_1.constants.W_OK); + } + catch (_a) { + throw new Error(`Unable to access summary file: '${pathFromEnv}'. Check if the file has correct read/write permissions.`); + } + this._filePath = pathFromEnv; + return this._filePath; + }); + } + /** + * Wraps content in an HTML tag, adding any HTML attributes + * + * @param {string} tag HTML tag to wrap + * @param {string | null} content content within the tag + * @param {[attribute: string]: string} attrs key-value list of HTML attributes to add + * + * @returns {string} content wrapped in HTML element + */ + wrap(tag, content, attrs = {}) { + const htmlAttrs = Object.entries(attrs) + .map(([key, value]) => ` ${key}="${value}"`) + .join(''); + if (!content) { + return `<${tag}${htmlAttrs}>`; + } + return `<${tag}${htmlAttrs}>${content}`; + } + /** + * Writes text in the buffer to the summary buffer file and empties buffer. Will append by default. + * + * @param {SummaryWriteOptions} [options] (optional) options for write operation + * + * @returns {Promise} summary instance + */ + write(options) { + return __awaiter(this, void 0, void 0, function* () { + const overwrite = !!(options === null || options === void 0 ? void 0 : options.overwrite); + const filePath = yield this.filePath(); + const writeFunc = overwrite ? writeFile : appendFile; + yield writeFunc(filePath, this._buffer, { encoding: 'utf8' }); + return this.emptyBuffer(); + }); } + /** + * Clears the summary buffer and wipes the summary file + * + * @returns {Summary} summary instance + */ + clear() { + return __awaiter(this, void 0, void 0, function* () { + return this.emptyBuffer().write({ overwrite: true }); + }); + } + /** + * Returns the current summary buffer as a string + * + * @returns {string} string of summary buffer + */ + stringify() { + return this._buffer; + } + /** + * If the summary buffer is empty + * + * @returns {boolen} true if the buffer is empty + */ + isEmptyBuffer() { + return this._buffer.length === 0; + } + /** + * Resets the summary buffer without writing to summary file + * + * @returns {Summary} summary instance + */ + emptyBuffer() { + this._buffer = ''; + return this; + } + /** + * Adds raw text to the summary buffer + * + * @param {string} text content to add + * @param {boolean} [addEOL=false] (optional) append an EOL to the raw text (default: false) + * + * @returns {Summary} summary instance + */ + addRaw(text, addEOL = false) { + this._buffer += text; + return addEOL ? this.addEOL() : this; + } + /** + * Adds the operating system-specific end-of-line marker to the buffer + * + * @returns {Summary} summary instance + */ + addEOL() { + return this.addRaw(os_1.EOL); + } + /** + * Adds an HTML codeblock to the summary buffer + * + * @param {string} code content to render within fenced code block + * @param {string} lang (optional) language to syntax highlight code + * + * @returns {Summary} summary instance + */ + addCodeBlock(code, lang) { + const attrs = Object.assign({}, (lang && { lang })); + const element = this.wrap('pre', this.wrap('code', code), attrs); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML list to the summary buffer + * + * @param {string[]} items list of items to render + * @param {boolean} [ordered=false] (optional) if the rendered list should be ordered or not (default: false) + * + * @returns {Summary} summary instance + */ + addList(items, ordered = false) { + const tag = ordered ? 'ol' : 'ul'; + const listItems = items.map(item => this.wrap('li', item)).join(''); + const element = this.wrap(tag, listItems); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML table to the summary buffer + * + * @param {SummaryTableCell[]} rows table rows + * + * @returns {Summary} summary instance + */ + addTable(rows) { + const tableBody = rows + .map(row => { + const cells = row + .map(cell => { + if (typeof cell === 'string') { + return this.wrap('td', cell); + } + const { header, data, colspan, rowspan } = cell; + const tag = header ? 'th' : 'td'; + const attrs = Object.assign(Object.assign({}, (colspan && { colspan })), (rowspan && { rowspan })); + return this.wrap(tag, data, attrs); + }) + .join(''); + return this.wrap('tr', cells); + }) + .join(''); + const element = this.wrap('table', tableBody); + return this.addRaw(element).addEOL(); + } + /** + * Adds a collapsable HTML details element to the summary buffer + * + * @param {string} label text for the closed state + * @param {string} content collapsable content + * + * @returns {Summary} summary instance + */ + addDetails(label, content) { + const element = this.wrap('details', this.wrap('summary', label) + content); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML image tag to the summary buffer + * + * @param {string} src path to the image you to embed + * @param {string} alt text description of the image + * @param {SummaryImageOptions} options (optional) addition image attributes + * + * @returns {Summary} summary instance + */ + addImage(src, alt, options) { + const { width, height } = options || {}; + const attrs = Object.assign(Object.assign({}, (width && { width })), (height && { height })); + const element = this.wrap('img', null, Object.assign({ src, alt }, attrs)); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML section heading element + * + * @param {string} text heading text + * @param {number | string} [level=1] (optional) the heading level, default: 1 + * + * @returns {Summary} summary instance + */ + addHeading(text, level) { + const tag = `h${level}`; + const allowedTag = ['h1', 'h2', 'h3', 'h4', 'h5', 'h6'].includes(tag) + ? tag + : 'h1'; + const element = this.wrap(allowedTag, text); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML thematic break (
) to the summary buffer + * + * @returns {Summary} summary instance + */ + addSeparator() { + const element = this.wrap('hr', null); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML line break (
) to the summary buffer + * + * @returns {Summary} summary instance + */ + addBreak() { + const element = this.wrap('br', null); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML blockquote to the summary buffer + * + * @param {string} text quote text + * @param {string} cite (optional) citation url + * + * @returns {Summary} summary instance + */ + addQuote(text, cite) { + const attrs = Object.assign({}, (cite && { cite })); + const element = this.wrap('blockquote', text, attrs); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML anchor tag to the summary buffer + * + * @param {string} text link text/content + * @param {string} href hyperlink + * + * @returns {Summary} summary instance + */ + addLink(text, href) { + const element = this.wrap('a', text, { href }); + return this.addRaw(element).addEOL(); + } +} +const _summary = new Summary(); +/** + * @deprecated use `core.summary` + */ +exports.markdownSummary = _summary; +exports.summary = _summary; +//# sourceMappingURL=summary.js.map - XMLCData.prototype.clone = function() { - return Object.create(this); - }; +/***/ }), - XMLCData.prototype.toString = function(options) { - return this.options.writer.set(options).cdata(this); - }; +/***/ 5278: +/***/ ((__unused_webpack_module, exports) => { - return XMLCData; - - })(XMLNode); - -}).call(this); - - -/***/ }), - -/***/ 43: -/***/ (function(__unusedmodule, __unusedexports, __webpack_require__) { - -var AWS = __webpack_require__(395); -var STS = __webpack_require__(733); - -/** - * Represents temporary credentials retrieved from {AWS.STS}. Without any - * extra parameters, credentials will be fetched from the - * {AWS.STS.getSessionToken} operation. If an IAM role is provided, the - * {AWS.STS.assumeRole} operation will be used to fetch credentials for the - * role instead. - * - * @note AWS.TemporaryCredentials is deprecated, but remains available for - * backwards compatibility. {AWS.ChainableTemporaryCredentials} is the - * preferred class for temporary credentials. - * - * To setup temporary credentials, configure a set of master credentials - * using the standard credentials providers (environment, EC2 instance metadata, - * or from the filesystem), then set the global credentials to a new - * temporary credentials object: - * - * ```javascript - * // Note that environment credentials are loaded by default, - * // the following line is shown for clarity: - * AWS.config.credentials = new AWS.EnvironmentCredentials('AWS'); - * - * // Now set temporary credentials seeded from the master credentials - * AWS.config.credentials = new AWS.TemporaryCredentials(); - * - * // subsequent requests will now use temporary credentials from AWS STS. - * new AWS.S3().listBucket(function(err, data) { ... }); - * ``` - * - * @!attribute masterCredentials - * @return [AWS.Credentials] the master (non-temporary) credentials used to - * get and refresh temporary credentials from AWS STS. - * @note (see constructor) - */ -AWS.TemporaryCredentials = AWS.util.inherit(AWS.Credentials, { - /** - * Creates a new temporary credentials object. - * - * @note In order to create temporary credentials, you first need to have - * "master" credentials configured in {AWS.Config.credentials}. These - * master credentials are necessary to retrieve the temporary credentials, - * as well as refresh the credentials when they expire. - * @param params [map] a map of options that are passed to the - * {AWS.STS.assumeRole} or {AWS.STS.getSessionToken} operations. - * If a `RoleArn` parameter is passed in, credentials will be based on the - * IAM role. - * @param masterCredentials [AWS.Credentials] the master (non-temporary) credentials - * used to get and refresh temporary credentials from AWS STS. - * @example Creating a new credentials object for generic temporary credentials - * AWS.config.credentials = new AWS.TemporaryCredentials(); - * @example Creating a new credentials object for an IAM role - * AWS.config.credentials = new AWS.TemporaryCredentials({ - * RoleArn: 'arn:aws:iam::1234567890:role/TemporaryCredentials', - * }); - * @see AWS.STS.assumeRole - * @see AWS.STS.getSessionToken - */ - constructor: function TemporaryCredentials(params, masterCredentials) { - AWS.Credentials.call(this); - this.loadMasterCredentials(masterCredentials); - this.expired = true; - - this.params = params || {}; - if (this.params.RoleArn) { - this.params.RoleSessionName = - this.params.RoleSessionName || 'temporary-credentials'; - } - }, - - /** - * Refreshes credentials using {AWS.STS.assumeRole} or - * {AWS.STS.getSessionToken}, depending on whether an IAM role ARN was passed - * to the credentials {constructor}. - * - * @callback callback function(err) - * Called when the STS service responds (or fails). When - * this callback is called with no error, it means that the credentials - * information has been loaded into the object (as the `accessKeyId`, - * `secretAccessKey`, and `sessionToken` properties). - * @param err [Error] if an error occurred, this value will be filled - * @see get - */ - refresh: function refresh (callback) { - this.coalesceRefresh(callback || AWS.util.fn.callback); - }, - - /** - * @api private - */ - load: function load (callback) { - var self = this; - self.createClients(); - self.masterCredentials.get(function () { - self.service.config.credentials = self.masterCredentials; - var operation = self.params.RoleArn ? - self.service.assumeRole : self.service.getSessionToken; - operation.call(self.service, function (err, data) { - if (!err) { - self.service.credentialsFrom(data, self); - } - callback(err); - }); - }); - }, - - /** - * @api private - */ - loadMasterCredentials: function loadMasterCredentials (masterCredentials) { - this.masterCredentials = masterCredentials || AWS.config.credentials; - while (this.masterCredentials.masterCredentials) { - this.masterCredentials = this.masterCredentials.masterCredentials; - } - - if (typeof this.masterCredentials.get !== 'function') { - this.masterCredentials = new AWS.Credentials(this.masterCredentials); - } - }, - - /** - * @api private - */ - createClients: function () { - this.service = this.service || new STS({params: this.params}); - } - -}); - - -/***/ }), - -/***/ 56: -/***/ (function(module) { - -module.exports = {"version":"2.0","metadata":{"apiVersion":"2014-06-30","endpointPrefix":"cognito-identity","jsonVersion":"1.1","protocol":"json","serviceFullName":"Amazon Cognito Identity","serviceId":"Cognito Identity","signatureVersion":"v4","targetPrefix":"AWSCognitoIdentityService","uid":"cognito-identity-2014-06-30"},"operations":{"CreateIdentityPool":{"input":{"type":"structure","required":["IdentityPoolName","AllowUnauthenticatedIdentities"],"members":{"IdentityPoolName":{},"AllowUnauthenticatedIdentities":{"type":"boolean"},"AllowClassicFlow":{"type":"boolean"},"SupportedLoginProviders":{"shape":"S5"},"DeveloperProviderName":{},"OpenIdConnectProviderARNs":{"shape":"S9"},"CognitoIdentityProviders":{"shape":"Sb"},"SamlProviderARNs":{"shape":"Sg"},"IdentityPoolTags":{"shape":"Sh"}}},"output":{"shape":"Sk"}},"DeleteIdentities":{"input":{"type":"structure","required":["IdentityIdsToDelete"],"members":{"IdentityIdsToDelete":{"type":"list","member":{}}}},"output":{"type":"structure","members":{"UnprocessedIdentityIds":{"type":"list","member":{"type":"structure","members":{"IdentityId":{},"ErrorCode":{}}}}}}},"DeleteIdentityPool":{"input":{"type":"structure","required":["IdentityPoolId"],"members":{"IdentityPoolId":{}}}},"DescribeIdentity":{"input":{"type":"structure","required":["IdentityId"],"members":{"IdentityId":{}}},"output":{"shape":"Sv"}},"DescribeIdentityPool":{"input":{"type":"structure","required":["IdentityPoolId"],"members":{"IdentityPoolId":{}}},"output":{"shape":"Sk"}},"GetCredentialsForIdentity":{"input":{"type":"structure","required":["IdentityId"],"members":{"IdentityId":{},"Logins":{"shape":"S10"},"CustomRoleArn":{}}},"output":{"type":"structure","members":{"IdentityId":{},"Credentials":{"type":"structure","members":{"AccessKeyId":{},"SecretKey":{},"SessionToken":{},"Expiration":{"type":"timestamp"}}}}}},"GetId":{"input":{"type":"structure","required":["IdentityPoolId"],"members":{"AccountId":{},"IdentityPoolId":{},"Logins":{"shape":"S10"}}},"output":{"type":"structure","members":{"IdentityId":{}}}},"GetIdentityPoolRoles":{"input":{"type":"structure","required":["IdentityPoolId"],"members":{"IdentityPoolId":{}}},"output":{"type":"structure","members":{"IdentityPoolId":{},"Roles":{"shape":"S1c"},"RoleMappings":{"shape":"S1e"}}}},"GetOpenIdToken":{"input":{"type":"structure","required":["IdentityId"],"members":{"IdentityId":{},"Logins":{"shape":"S10"}}},"output":{"type":"structure","members":{"IdentityId":{},"Token":{}}}},"GetOpenIdTokenForDeveloperIdentity":{"input":{"type":"structure","required":["IdentityPoolId","Logins"],"members":{"IdentityPoolId":{},"IdentityId":{},"Logins":{"shape":"S10"},"TokenDuration":{"type":"long"}}},"output":{"type":"structure","members":{"IdentityId":{},"Token":{}}}},"ListIdentities":{"input":{"type":"structure","required":["IdentityPoolId","MaxResults"],"members":{"IdentityPoolId":{},"MaxResults":{"type":"integer"},"NextToken":{},"HideDisabled":{"type":"boolean"}}},"output":{"type":"structure","members":{"IdentityPoolId":{},"Identities":{"type":"list","member":{"shape":"Sv"}},"NextToken":{}}}},"ListIdentityPools":{"input":{"type":"structure","required":["MaxResults"],"members":{"MaxResults":{"type":"integer"},"NextToken":{}}},"output":{"type":"structure","members":{"IdentityPools":{"type":"list","member":{"type":"structure","members":{"IdentityPoolId":{},"IdentityPoolName":{}}}},"NextToken":{}}}},"ListTagsForResource":{"input":{"type":"structure","required":["ResourceArn"],"members":{"ResourceArn":{}}},"output":{"type":"structure","members":{"Tags":{"shape":"Sh"}}}},"LookupDeveloperIdentity":{"input":{"type":"structure","required":["IdentityPoolId"],"members":{"IdentityPoolId":{},"IdentityId":{},"DeveloperUserIdentifier":{},"MaxResults":{"type":"integer"},"NextToken":{}}},"output":{"type":"structure","members":{"IdentityId":{},"DeveloperUserIdentifierList":{"type":"list","member":{}},"NextToken":{}}}},"MergeDeveloperIdentities":{"input":{"type":"structure","required":["SourceUserIdentifier","DestinationUserIdentifier","DeveloperProviderName","IdentityPoolId"],"members":{"SourceUserIdentifier":{},"DestinationUserIdentifier":{},"DeveloperProviderName":{},"IdentityPoolId":{}}},"output":{"type":"structure","members":{"IdentityId":{}}}},"SetIdentityPoolRoles":{"input":{"type":"structure","required":["IdentityPoolId","Roles"],"members":{"IdentityPoolId":{},"Roles":{"shape":"S1c"},"RoleMappings":{"shape":"S1e"}}}},"TagResource":{"input":{"type":"structure","required":["ResourceArn","Tags"],"members":{"ResourceArn":{},"Tags":{"shape":"Sh"}}},"output":{"type":"structure","members":{}}},"UnlinkDeveloperIdentity":{"input":{"type":"structure","required":["IdentityId","IdentityPoolId","DeveloperProviderName","DeveloperUserIdentifier"],"members":{"IdentityId":{},"IdentityPoolId":{},"DeveloperProviderName":{},"DeveloperUserIdentifier":{}}}},"UnlinkIdentity":{"input":{"type":"structure","required":["IdentityId","Logins","LoginsToRemove"],"members":{"IdentityId":{},"Logins":{"shape":"S10"},"LoginsToRemove":{"shape":"Sw"}}}},"UntagResource":{"input":{"type":"structure","required":["ResourceArn","TagKeys"],"members":{"ResourceArn":{},"TagKeys":{"type":"list","member":{}}}},"output":{"type":"structure","members":{}}},"UpdateIdentityPool":{"input":{"shape":"Sk"},"output":{"shape":"Sk"}}},"shapes":{"S5":{"type":"map","key":{},"value":{}},"S9":{"type":"list","member":{}},"Sb":{"type":"list","member":{"type":"structure","members":{"ProviderName":{},"ClientId":{},"ServerSideTokenCheck":{"type":"boolean"}}}},"Sg":{"type":"list","member":{}},"Sh":{"type":"map","key":{},"value":{}},"Sk":{"type":"structure","required":["IdentityPoolId","IdentityPoolName","AllowUnauthenticatedIdentities"],"members":{"IdentityPoolId":{},"IdentityPoolName":{},"AllowUnauthenticatedIdentities":{"type":"boolean"},"AllowClassicFlow":{"type":"boolean"},"SupportedLoginProviders":{"shape":"S5"},"DeveloperProviderName":{},"OpenIdConnectProviderARNs":{"shape":"S9"},"CognitoIdentityProviders":{"shape":"Sb"},"SamlProviderARNs":{"shape":"Sg"},"IdentityPoolTags":{"shape":"Sh"}}},"Sv":{"type":"structure","members":{"IdentityId":{},"Logins":{"shape":"Sw"},"CreationDate":{"type":"timestamp"},"LastModifiedDate":{"type":"timestamp"}}},"Sw":{"type":"list","member":{}},"S10":{"type":"map","key":{},"value":{}},"S1c":{"type":"map","key":{},"value":{}},"S1e":{"type":"map","key":{},"value":{"type":"structure","required":["Type"],"members":{"Type":{},"AmbiguousRoleResolution":{},"RulesConfiguration":{"type":"structure","required":["Rules"],"members":{"Rules":{"type":"list","member":{"type":"structure","required":["Claim","MatchType","Value","RoleARN"],"members":{"Claim":{},"MatchType":{},"Value":{},"RoleARN":{}}}}}}}}}}}; - -/***/ }), - -/***/ 82: -/***/ (function(__unusedmodule, exports) { - -"use strict"; +"use strict"; // We use any as a valid input type /* eslint-disable @typescript-eslint/no-explicit-any */ -Object.defineProperty(exports, "__esModule", { value: true }); -exports.toCommandValue = void 0; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.toCommandProperties = exports.toCommandValue = void 0; /** * Sanitizes an input into a string so it can be passed into issueCommand safely * @param input input to sanitize into a string @@ -672,1941 +1089,1579 @@ function toCommandValue(input) { return JSON.stringify(input); } exports.toCommandValue = toCommandValue; +/** + * + * @param annotationProperties + * @returns The command properties to send with the actual annotation command + * See IssueCommandProperties: https://github.com/actions/runner/blob/main/src/Runner.Worker/ActionCommandManager.cs#L646 + */ +function toCommandProperties(annotationProperties) { + if (!Object.keys(annotationProperties).length) { + return {}; + } + return { + title: annotationProperties.title, + file: annotationProperties.file, + line: annotationProperties.startLine, + endLine: annotationProperties.endLine, + col: annotationProperties.startColumn, + endColumn: annotationProperties.endColumn + }; +} +exports.toCommandProperties = toCommandProperties; //# sourceMappingURL=utils.js.map /***/ }), -/***/ 86: -/***/ (function(module, __unusedexports, __webpack_require__) { +/***/ 8974: +/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { -var rng = __webpack_require__(139); -var bytesToUuid = __webpack_require__(722); +"use strict"; -// **`v1()` - Generate time-based UUID** -// -// Inspired by https://github.com/LiosK/UUID.js -// and http://docs.python.org/library/uuid.html -var _nodeId; -var _clockseq; +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +Object.defineProperty(exports, "v1", ({ + enumerable: true, + get: function () { + return _v.default; + } +})); +Object.defineProperty(exports, "v3", ({ + enumerable: true, + get: function () { + return _v2.default; + } +})); +Object.defineProperty(exports, "v4", ({ + enumerable: true, + get: function () { + return _v3.default; + } +})); +Object.defineProperty(exports, "v5", ({ + enumerable: true, + get: function () { + return _v4.default; + } +})); +Object.defineProperty(exports, "NIL", ({ + enumerable: true, + get: function () { + return _nil.default; + } +})); +Object.defineProperty(exports, "version", ({ + enumerable: true, + get: function () { + return _version.default; + } +})); +Object.defineProperty(exports, "validate", ({ + enumerable: true, + get: function () { + return _validate.default; + } +})); +Object.defineProperty(exports, "stringify", ({ + enumerable: true, + get: function () { + return _stringify.default; + } +})); +Object.defineProperty(exports, "parse", ({ + enumerable: true, + get: function () { + return _parse.default; + } +})); -// Previous uuid creation time -var _lastMSecs = 0; -var _lastNSecs = 0; +var _v = _interopRequireDefault(__nccwpck_require__(1595)); -// See https://github.com/broofa/node-uuid for API details -function v1(options, buf, offset) { - var i = buf && offset || 0; - var b = buf || []; +var _v2 = _interopRequireDefault(__nccwpck_require__(6993)); - options = options || {}; - var node = options.node || _nodeId; - var clockseq = options.clockseq !== undefined ? options.clockseq : _clockseq; +var _v3 = _interopRequireDefault(__nccwpck_require__(1472)); - // node and clockseq need to be initialized to random values if they're not - // specified. We do this lazily to minimize issues related to insufficient - // system entropy. See #189 - if (node == null || clockseq == null) { - var seedBytes = rng(); - if (node == null) { - // Per 4.5, create and 48-bit node id, (47 random bits + multicast bit = 1) - node = _nodeId = [ - seedBytes[0] | 0x01, - seedBytes[1], seedBytes[2], seedBytes[3], seedBytes[4], seedBytes[5] - ]; - } - if (clockseq == null) { - // Per 4.2.2, randomize (14 bit) clockseq - clockseq = _clockseq = (seedBytes[6] << 8 | seedBytes[7]) & 0x3fff; - } - } +var _v4 = _interopRequireDefault(__nccwpck_require__(6217)); - // UUID timestamps are 100 nano-second units since the Gregorian epoch, - // (1582-10-15 00:00). JSNumbers aren't precise enough for this, so - // time is handled internally as 'msecs' (integer milliseconds) and 'nsecs' - // (100-nanoseconds offset from msecs) since unix epoch, 1970-01-01 00:00. - var msecs = options.msecs !== undefined ? options.msecs : new Date().getTime(); +var _nil = _interopRequireDefault(__nccwpck_require__(2381)); - // Per 4.2.1.2, use count of uuid's generated during the current clock - // cycle to simulate higher resolution clock - var nsecs = options.nsecs !== undefined ? options.nsecs : _lastNSecs + 1; +var _version = _interopRequireDefault(__nccwpck_require__(427)); - // Time since last uuid creation (in msecs) - var dt = (msecs - _lastMSecs) + (nsecs - _lastNSecs)/10000; +var _validate = _interopRequireDefault(__nccwpck_require__(2609)); - // Per 4.2.1.2, Bump clockseq on clock regression - if (dt < 0 && options.clockseq === undefined) { - clockseq = clockseq + 1 & 0x3fff; - } +var _stringify = _interopRequireDefault(__nccwpck_require__(1458)); - // Reset nsecs if clock regresses (new clockseq) or we've moved onto a new - // time interval - if ((dt < 0 || msecs > _lastMSecs) && options.nsecs === undefined) { - nsecs = 0; - } +var _parse = _interopRequireDefault(__nccwpck_require__(6385)); - // Per 4.2.1.2 Throw error if too many uuids are requested - if (nsecs >= 10000) { - throw new Error('uuid.v1(): Can\'t create more than 10M uuids/sec'); - } +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } - _lastMSecs = msecs; - _lastNSecs = nsecs; - _clockseq = clockseq; +/***/ }), - // Per 4.1.4 - Convert from unix epoch to Gregorian epoch - msecs += 12219292800000; +/***/ 5842: +/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { - // `time_low` - var tl = ((msecs & 0xfffffff) * 10000 + nsecs) % 0x100000000; - b[i++] = tl >>> 24 & 0xff; - b[i++] = tl >>> 16 & 0xff; - b[i++] = tl >>> 8 & 0xff; - b[i++] = tl & 0xff; +"use strict"; - // `time_mid` - var tmh = (msecs / 0x100000000 * 10000) & 0xfffffff; - b[i++] = tmh >>> 8 & 0xff; - b[i++] = tmh & 0xff; - // `time_high_and_version` - b[i++] = tmh >>> 24 & 0xf | 0x10; // include version - b[i++] = tmh >>> 16 & 0xff; +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = void 0; - // `clock_seq_hi_and_reserved` (Per 4.2.2 - include variant) - b[i++] = clockseq >>> 8 | 0x80; +var _crypto = _interopRequireDefault(__nccwpck_require__(6113)); - // `clock_seq_low` - b[i++] = clockseq & 0xff; +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } - // `node` - for (var n = 0; n < 6; ++n) { - b[i + n] = node[n]; +function md5(bytes) { + if (Array.isArray(bytes)) { + bytes = Buffer.from(bytes); + } else if (typeof bytes === 'string') { + bytes = Buffer.from(bytes, 'utf8'); } - return buf ? buf : bytesToUuid(b); + return _crypto.default.createHash('md5').update(bytes).digest(); } -module.exports = v1; - +var _default = md5; +exports["default"] = _default; /***/ }), -/***/ 87: -/***/ (function(module) { +/***/ 2381: +/***/ ((__unused_webpack_module, exports) => { + +"use strict"; -module.exports = require("os"); + +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = void 0; +var _default = '00000000-0000-0000-0000-000000000000'; +exports["default"] = _default; /***/ }), -/***/ 102: -/***/ (function(__unusedmodule, exports, __webpack_require__) { +/***/ 6385: +/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { "use strict"; -// For internal use, subject to change. -var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); -}) : (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - o[k2] = m[k]; + +Object.defineProperty(exports, "__esModule", ({ + value: true })); -var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { - Object.defineProperty(o, "default", { enumerable: true, value: v }); -}) : function(o, v) { - o["default"] = v; -}); -var __importStar = (this && this.__importStar) || function (mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); - __setModuleDefault(result, mod); - return result; -}; -Object.defineProperty(exports, "__esModule", { value: true }); -exports.issueCommand = void 0; -// We use any as a valid input type -/* eslint-disable @typescript-eslint/no-explicit-any */ -const fs = __importStar(__webpack_require__(747)); -const os = __importStar(__webpack_require__(87)); -const utils_1 = __webpack_require__(82); -function issueCommand(command, message) { - const filePath = process.env[`GITHUB_${command}`]; - if (!filePath) { - throw new Error(`Unable to find environment variable for file command ${command}`); - } - if (!fs.existsSync(filePath)) { - throw new Error(`Missing file at path: ${filePath}`); - } - fs.appendFileSync(filePath, `${utils_1.toCommandValue(message)}${os.EOL}`, { - encoding: 'utf8' - }); +exports["default"] = void 0; + +var _validate = _interopRequireDefault(__nccwpck_require__(2609)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +function parse(uuid) { + if (!(0, _validate.default)(uuid)) { + throw TypeError('Invalid UUID'); + } + + let v; + const arr = new Uint8Array(16); // Parse ########-....-....-....-............ + + arr[0] = (v = parseInt(uuid.slice(0, 8), 16)) >>> 24; + arr[1] = v >>> 16 & 0xff; + arr[2] = v >>> 8 & 0xff; + arr[3] = v & 0xff; // Parse ........-####-....-....-............ + + arr[4] = (v = parseInt(uuid.slice(9, 13), 16)) >>> 8; + arr[5] = v & 0xff; // Parse ........-....-####-....-............ + + arr[6] = (v = parseInt(uuid.slice(14, 18), 16)) >>> 8; + arr[7] = v & 0xff; // Parse ........-....-....-####-............ + + arr[8] = (v = parseInt(uuid.slice(19, 23), 16)) >>> 8; + arr[9] = v & 0xff; // Parse ........-....-....-....-############ + // (Use "/" to avoid 32-bit truncation when bit-shifting high-order bytes) + + arr[10] = (v = parseInt(uuid.slice(24, 36), 16)) / 0x10000000000 & 0xff; + arr[11] = v / 0x100000000 & 0xff; + arr[12] = v >>> 24 & 0xff; + arr[13] = v >>> 16 & 0xff; + arr[14] = v >>> 8 & 0xff; + arr[15] = v & 0xff; + return arr; } -exports.issueCommand = issueCommand; -//# sourceMappingURL=file-command.js.map + +var _default = parse; +exports["default"] = _default; /***/ }), -/***/ 103: -/***/ (function(__unusedmodule, __unusedexports, __webpack_require__) { +/***/ 6230: +/***/ ((__unused_webpack_module, exports) => { -var AWS = __webpack_require__(395); -__webpack_require__(751); +"use strict"; -/** - * Represents credentials received from the metadata service on an EC2 instance. - * - * By default, this class will connect to the metadata service using - * {AWS.MetadataService} and attempt to load any available credentials. If it - * can connect, and credentials are available, these will be used with zero - * configuration. - * - * This credentials class will by default timeout after 1 second of inactivity - * and retry 3 times. - * If your requests to the EC2 metadata service are timing out, you can increase - * these values by configuring them directly: - * - * ```javascript - * AWS.config.credentials = new AWS.EC2MetadataCredentials({ - * httpOptions: { timeout: 5000 }, // 5 second timeout - * maxRetries: 10, // retry 10 times - * retryDelayOptions: { base: 200 } // see AWS.Config for information - * }); - * ``` - * - * @see AWS.Config.retryDelayOptions - * - * @!macro nobrowser - */ -AWS.EC2MetadataCredentials = AWS.util.inherit(AWS.Credentials, { - constructor: function EC2MetadataCredentials(options) { - AWS.Credentials.call(this); - options = options ? AWS.util.copy(options) : {}; - options = AWS.util.merge( - {maxRetries: this.defaultMaxRetries}, options); - if (!options.httpOptions) options.httpOptions = {}; - options.httpOptions = AWS.util.merge( - {timeout: this.defaultTimeout}, options.httpOptions); +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = void 0; +var _default = /^(?:[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}|00000000-0000-0000-0000-000000000000)$/i; +exports["default"] = _default; - this.metadataService = new AWS.MetadataService(options); - this.metadata = {}; - }, +/***/ }), - /** - * @api private - */ - defaultTimeout: 1000, +/***/ 9784: +/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { - /** - * @api private - */ - defaultMaxRetries: 3, +"use strict"; - /** - * Loads the credentials from the instance metadata service - * - * @callback callback function(err) - * Called when the instance metadata service responds (or fails). When - * this callback is called with no error, it means that the credentials - * information has been loaded into the object (as the `accessKeyId`, - * `secretAccessKey`, and `sessionToken` properties). - * @param err [Error] if an error occurred, this value will be filled - * @see get - */ - refresh: function refresh(callback) { - this.coalesceRefresh(callback || AWS.util.fn.callback); - }, - /** - * @api private - * @param callback - */ - load: function load(callback) { - var self = this; - self.metadataService.loadCredentials(function(err, creds) { - if (!err) { - var currentTime = AWS.util.date.getDate(); - var expireTime = new Date(creds.Expiration); - if (expireTime < currentTime) { - err = AWS.util.error( - new Error('EC2 Instance Metadata Serivce provided expired credentials'), - { code: 'EC2MetadataCredentialsProviderFailure' } - ); - } else { - self.expired = false; - self.metadata = creds; - self.accessKeyId = creds.AccessKeyId; - self.secretAccessKey = creds.SecretAccessKey; - self.sessionToken = creds.Token; - self.expireTime = expireTime; - } - } - callback(err); - }); +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = rng; + +var _crypto = _interopRequireDefault(__nccwpck_require__(6113)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +const rnds8Pool = new Uint8Array(256); // # of random values to pre-allocate + +let poolPtr = rnds8Pool.length; + +function rng() { + if (poolPtr > rnds8Pool.length - 16) { + _crypto.default.randomFillSync(rnds8Pool); + + poolPtr = 0; } -}); + return rnds8Pool.slice(poolPtr, poolPtr += 16); +} /***/ }), -/***/ 120: -/***/ (function(__unusedmodule, exports, __webpack_require__) { +/***/ 8844: +/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { "use strict"; -Object.defineProperty(exports, "__esModule", { value: true }); -var LRU_1 = __webpack_require__(629); -var CACHE_SIZE = 1000; -/** - * Inspired node-lru-cache[https://github.com/isaacs/node-lru-cache] - */ -var EndpointCache = /** @class */ (function () { - function EndpointCache(maxSize) { - if (maxSize === void 0) { maxSize = CACHE_SIZE; } - this.maxSize = maxSize; - this.cache = new LRU_1.LRUCache(maxSize); - } - ; - Object.defineProperty(EndpointCache.prototype, "size", { - get: function () { - return this.cache.length; - }, - enumerable: true, - configurable: true - }); - EndpointCache.prototype.put = function (key, value) { - var keyString = typeof key !== 'string' ? EndpointCache.getKeyString(key) : key; - var endpointRecord = this.populateValue(value); - this.cache.put(keyString, endpointRecord); - }; - EndpointCache.prototype.get = function (key) { - var keyString = typeof key !== 'string' ? EndpointCache.getKeyString(key) : key; - var now = Date.now(); - var records = this.cache.get(keyString); - if (records) { - for (var i = 0; i < records.length; i++) { - var record = records[i]; - if (record.Expire < now) { - this.cache.remove(keyString); - return undefined; - } - } - } - return records; - }; - EndpointCache.getKeyString = function (key) { - var identifiers = []; - var identifierNames = Object.keys(key).sort(); - for (var i = 0; i < identifierNames.length; i++) { - var identifierName = identifierNames[i]; - if (key[identifierName] === undefined) - continue; - identifiers.push(key[identifierName]); - } - return identifiers.join(' '); - }; - EndpointCache.prototype.populateValue = function (endpoints) { - var now = Date.now(); - return endpoints.map(function (endpoint) { return ({ - Address: endpoint.Address || '', - Expire: now + (endpoint.CachePeriodInMinutes || 1) * 60 * 1000 - }); }); - }; - EndpointCache.prototype.empty = function () { - this.cache.empty(); - }; - EndpointCache.prototype.remove = function (key) { - var keyString = typeof key !== 'string' ? EndpointCache.getKeyString(key) : key; - this.cache.remove(keyString); - }; - return EndpointCache; -}()); -exports.EndpointCache = EndpointCache; -/***/ }), +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = void 0; -/***/ 129: -/***/ (function(module) { +var _crypto = _interopRequireDefault(__nccwpck_require__(6113)); -module.exports = require("child_process"); +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } -/***/ }), +function sha1(bytes) { + if (Array.isArray(bytes)) { + bytes = Buffer.from(bytes); + } else if (typeof bytes === 'string') { + bytes = Buffer.from(bytes, 'utf8'); + } -/***/ 139: -/***/ (function(module, __unusedexports, __webpack_require__) { + return _crypto.default.createHash('sha1').update(bytes).digest(); +} + +var _default = sha1; +exports["default"] = _default; -// Unique ID creation requires a high quality random # generator. In node.js -// this is pretty straight-forward - we use the crypto API. +/***/ }), -var crypto = __webpack_require__(417); +/***/ 1458: +/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { -module.exports = function nodeRNG() { - return crypto.randomBytes(16); -}; +"use strict"; -/***/ }), +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = void 0; -/***/ 153: -/***/ (function(module, __unusedexports, __webpack_require__) { +var _validate = _interopRequireDefault(__nccwpck_require__(2609)); -/* eslint guard-for-in:0 */ -var AWS; +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } /** - * A set of utility methods for use with the AWS SDK. - * - * @!attribute abort - * Return this value from an iterator function {each} or {arrayEach} - * to break out of the iteration. - * @example Breaking out of an iterator function - * AWS.util.each({a: 1, b: 2, c: 3}, function(key, value) { - * if (key == 'b') return AWS.util.abort; - * }); - * @see each - * @see arrayEach - * @api private + * Convert array of 16 byte values to UUID string format of the form: + * XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX */ -var util = { - environment: 'nodejs', - engine: function engine() { - if (util.isBrowser() && typeof navigator !== 'undefined') { - return navigator.userAgent; - } else { - var engine = process.platform + '/' + process.version; - if (process.env.AWS_EXECUTION_ENV) { - engine += ' exec-env/' + process.env.AWS_EXECUTION_ENV; - } - return engine; - } - }, +const byteToHex = []; - userAgent: function userAgent() { - var name = util.environment; - var agent = 'aws-sdk-' + name + '/' + __webpack_require__(395).VERSION; - if (name === 'nodejs') agent += ' ' + util.engine(); - return agent; - }, +for (let i = 0; i < 256; ++i) { + byteToHex.push((i + 0x100).toString(16).substr(1)); +} - uriEscape: function uriEscape(string) { - var output = encodeURIComponent(string); - output = output.replace(/[^A-Za-z0-9_.~\-%]+/g, escape); +function stringify(arr, offset = 0) { + // Note: Be careful editing this code! It's been tuned for performance + // and works in ways you may not expect. See https://github.com/uuidjs/uuid/pull/434 + const uuid = (byteToHex[arr[offset + 0]] + byteToHex[arr[offset + 1]] + byteToHex[arr[offset + 2]] + byteToHex[arr[offset + 3]] + '-' + byteToHex[arr[offset + 4]] + byteToHex[arr[offset + 5]] + '-' + byteToHex[arr[offset + 6]] + byteToHex[arr[offset + 7]] + '-' + byteToHex[arr[offset + 8]] + byteToHex[arr[offset + 9]] + '-' + byteToHex[arr[offset + 10]] + byteToHex[arr[offset + 11]] + byteToHex[arr[offset + 12]] + byteToHex[arr[offset + 13]] + byteToHex[arr[offset + 14]] + byteToHex[arr[offset + 15]]).toLowerCase(); // Consistency check for valid UUID. If this throws, it's likely due to one + // of the following: + // - One or more input array values don't map to a hex octet (leading to + // "undefined" in the uuid) + // - Invalid input values for the RFC `version` or `variant` fields + + if (!(0, _validate.default)(uuid)) { + throw TypeError('Stringified UUID is invalid'); + } - // AWS percent-encodes some extra non-standard characters in a URI - output = output.replace(/[*]/g, function(ch) { - return '%' + ch.charCodeAt(0).toString(16).toUpperCase(); - }); + return uuid; +} - return output; - }, +var _default = stringify; +exports["default"] = _default; - uriEscapePath: function uriEscapePath(string) { - var parts = []; - util.arrayEach(string.split('/'), function (part) { - parts.push(util.uriEscape(part)); - }); - return parts.join('/'); - }, +/***/ }), - urlParse: function urlParse(url) { - return util.url.parse(url); - }, +/***/ 1595: +/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { - urlFormat: function urlFormat(url) { - return util.url.format(url); - }, +"use strict"; - queryStringParse: function queryStringParse(qs) { - return util.querystring.parse(qs); - }, - queryParamsToString: function queryParamsToString(params) { - var items = []; - var escape = util.uriEscape; - var sortedKeys = Object.keys(params).sort(); +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = void 0; - util.arrayEach(sortedKeys, function(name) { - var value = params[name]; - var ename = escape(name); - var result = ename + '='; - if (Array.isArray(value)) { - var vals = []; - util.arrayEach(value, function(item) { vals.push(escape(item)); }); - result = ename + '=' + vals.sort().join('&' + ename + '='); - } else if (value !== undefined && value !== null) { - result = ename + '=' + escape(value); - } - items.push(result); - }); +var _rng = _interopRequireDefault(__nccwpck_require__(9784)); - return items.join('&'); - }, +var _stringify = _interopRequireDefault(__nccwpck_require__(1458)); - readFileSync: function readFileSync(path) { - if (util.isBrowser()) return null; - return __webpack_require__(747).readFileSync(path, 'utf-8'); - }, +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } - base64: { - encode: function encode64(string) { - if (typeof string === 'number') { - throw util.error(new Error('Cannot base64 encode number ' + string)); - } - if (string === null || typeof string === 'undefined') { - return string; - } - var buf = util.buffer.toBuffer(string); - return buf.toString('base64'); - }, +// **`v1()` - Generate time-based UUID** +// +// Inspired by https://github.com/LiosK/UUID.js +// and http://docs.python.org/library/uuid.html +let _nodeId; - decode: function decode64(string) { - if (typeof string === 'number') { - throw util.error(new Error('Cannot base64 decode number ' + string)); - } - if (string === null || typeof string === 'undefined') { - return string; - } - return util.buffer.toBuffer(string, 'base64'); +let _clockseq; // Previous uuid creation time + + +let _lastMSecs = 0; +let _lastNSecs = 0; // See https://github.com/uuidjs/uuid for API details + +function v1(options, buf, offset) { + let i = buf && offset || 0; + const b = buf || new Array(16); + options = options || {}; + let node = options.node || _nodeId; + let clockseq = options.clockseq !== undefined ? options.clockseq : _clockseq; // node and clockseq need to be initialized to random values if they're not + // specified. We do this lazily to minimize issues related to insufficient + // system entropy. See #189 + + if (node == null || clockseq == null) { + const seedBytes = options.random || (options.rng || _rng.default)(); + + if (node == null) { + // Per 4.5, create and 48-bit node id, (47 random bits + multicast bit = 1) + node = _nodeId = [seedBytes[0] | 0x01, seedBytes[1], seedBytes[2], seedBytes[3], seedBytes[4], seedBytes[5]]; } - }, + if (clockseq == null) { + // Per 4.2.2, randomize (14 bit) clockseq + clockseq = _clockseq = (seedBytes[6] << 8 | seedBytes[7]) & 0x3fff; + } + } // UUID timestamps are 100 nano-second units since the Gregorian epoch, + // (1582-10-15 00:00). JSNumbers aren't precise enough for this, so + // time is handled internally as 'msecs' (integer milliseconds) and 'nsecs' + // (100-nanoseconds offset from msecs) since unix epoch, 1970-01-01 00:00. - buffer: { - /** - * Buffer constructor for Node buffer and buffer pollyfill - */ - toBuffer: function(data, encoding) { - return (typeof util.Buffer.from === 'function' && util.Buffer.from !== Uint8Array.from) ? - util.Buffer.from(data, encoding) : new util.Buffer(data, encoding); - }, - alloc: function(size, fill, encoding) { - if (typeof size !== 'number') { - throw new Error('size passed to alloc must be a number.'); - } - if (typeof util.Buffer.alloc === 'function') { - return util.Buffer.alloc(size, fill, encoding); - } else { - var buf = new util.Buffer(size); - if (fill !== undefined && typeof buf.fill === 'function') { - buf.fill(fill, undefined, undefined, encoding); - } - return buf; - } - }, + let msecs = options.msecs !== undefined ? options.msecs : Date.now(); // Per 4.2.1.2, use count of uuid's generated during the current clock + // cycle to simulate higher resolution clock - toStream: function toStream(buffer) { - if (!util.Buffer.isBuffer(buffer)) buffer = util.buffer.toBuffer(buffer); + let nsecs = options.nsecs !== undefined ? options.nsecs : _lastNSecs + 1; // Time since last uuid creation (in msecs) - var readable = new (util.stream.Readable)(); - var pos = 0; - readable._read = function(size) { - if (pos >= buffer.length) return readable.push(null); + const dt = msecs - _lastMSecs + (nsecs - _lastNSecs) / 10000; // Per 4.2.1.2, Bump clockseq on clock regression - var end = pos + size; - if (end > buffer.length) end = buffer.length; - readable.push(buffer.slice(pos, end)); - pos = end; - }; + if (dt < 0 && options.clockseq === undefined) { + clockseq = clockseq + 1 & 0x3fff; + } // Reset nsecs if clock regresses (new clockseq) or we've moved onto a new + // time interval - return readable; - }, - /** - * Concatenates a list of Buffer objects. - */ - concat: function(buffers) { - var length = 0, - offset = 0, - buffer = null, i; + if ((dt < 0 || msecs > _lastMSecs) && options.nsecs === undefined) { + nsecs = 0; + } // Per 4.2.1.2 Throw error if too many uuids are requested - for (i = 0; i < buffers.length; i++) { - length += buffers[i].length; - } - buffer = util.buffer.alloc(length); + if (nsecs >= 10000) { + throw new Error("uuid.v1(): Can't create more than 10M uuids/sec"); + } - for (i = 0; i < buffers.length; i++) { - buffers[i].copy(buffer, offset); - offset += buffers[i].length; - } + _lastMSecs = msecs; + _lastNSecs = nsecs; + _clockseq = clockseq; // Per 4.1.4 - Convert from unix epoch to Gregorian epoch - return buffer; - } - }, + msecs += 12219292800000; // `time_low` - string: { - byteLength: function byteLength(string) { - if (string === null || string === undefined) return 0; - if (typeof string === 'string') string = util.buffer.toBuffer(string); + const tl = ((msecs & 0xfffffff) * 10000 + nsecs) % 0x100000000; + b[i++] = tl >>> 24 & 0xff; + b[i++] = tl >>> 16 & 0xff; + b[i++] = tl >>> 8 & 0xff; + b[i++] = tl & 0xff; // `time_mid` - if (typeof string.byteLength === 'number') { - return string.byteLength; - } else if (typeof string.length === 'number') { - return string.length; - } else if (typeof string.size === 'number') { - return string.size; - } else if (typeof string.path === 'string') { - return __webpack_require__(747).lstatSync(string.path).size; - } else { - throw util.error(new Error('Cannot determine length of ' + string), - { object: string }); - } - }, + const tmh = msecs / 0x100000000 * 10000 & 0xfffffff; + b[i++] = tmh >>> 8 & 0xff; + b[i++] = tmh & 0xff; // `time_high_and_version` - upperFirst: function upperFirst(string) { - return string[0].toUpperCase() + string.substr(1); - }, + b[i++] = tmh >>> 24 & 0xf | 0x10; // include version - lowerFirst: function lowerFirst(string) { - return string[0].toLowerCase() + string.substr(1); - } - }, + b[i++] = tmh >>> 16 & 0xff; // `clock_seq_hi_and_reserved` (Per 4.2.2 - include variant) - ini: { - parse: function string(ini) { - var currentSection, map = {}; - util.arrayEach(ini.split(/\r?\n/), function(line) { - line = line.split(/(^|\s)[;#]/)[0]; // remove comments - var section = line.match(/^\s*\[([^\[\]]+)\]\s*$/); - if (section) { - currentSection = section[1]; - } else if (currentSection) { - var item = line.match(/^\s*(.+?)\s*=\s*(.+?)\s*$/); - if (item) { - map[currentSection] = map[currentSection] || {}; - map[currentSection][item[1]] = item[2]; - } - } - }); + b[i++] = clockseq >>> 8 | 0x80; // `clock_seq_low` - return map; - } - }, + b[i++] = clockseq & 0xff; // `node` - fn: { - noop: function() {}, - callback: function (err) { if (err) throw err; }, + for (let n = 0; n < 6; ++n) { + b[i + n] = node[n]; + } - /** - * Turn a synchronous function into as "async" function by making it call - * a callback. The underlying function is called with all but the last argument, - * which is treated as the callback. The callback is passed passed a first argument - * of null on success to mimick standard node callbacks. - */ - makeAsync: function makeAsync(fn, expectedArgs) { - if (expectedArgs && expectedArgs <= fn.length) { - return fn; - } + return buf || (0, _stringify.default)(b); +} - return function() { - var args = Array.prototype.slice.call(arguments, 0); - var callback = args.pop(); - var result = fn.apply(null, args); - callback(result); - }; - } - }, +var _default = v1; +exports["default"] = _default; - /** - * Date and time utility functions. - */ - date: { +/***/ }), - /** - * @return [Date] the current JavaScript date object. Since all - * AWS services rely on this date object, you can override - * this function to provide a special time value to AWS service - * requests. - */ - getDate: function getDate() { - if (!AWS) AWS = __webpack_require__(395); - if (AWS.config.systemClockOffset) { // use offset when non-zero - return new Date(new Date().getTime() + AWS.config.systemClockOffset); - } else { - return new Date(); - } - }, +/***/ 6993: +/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { - /** - * @return [String] the date in ISO-8601 format - */ - iso8601: function iso8601(date) { - if (date === undefined) { date = util.date.getDate(); } - return date.toISOString().replace(/\.\d{3}Z$/, 'Z'); - }, +"use strict"; - /** - * @return [String] the date in RFC 822 format - */ - rfc822: function rfc822(date) { - if (date === undefined) { date = util.date.getDate(); } - return date.toUTCString(); - }, - /** - * @return [Integer] the UNIX timestamp value for the current time - */ - unixTimestamp: function unixTimestamp(date) { - if (date === undefined) { date = util.date.getDate(); } - return date.getTime() / 1000; - }, +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = void 0; - /** - * @param [String,number,Date] date - * @return [Date] - */ - from: function format(date) { - if (typeof date === 'number') { - return new Date(date * 1000); // unix timestamp - } else { - return new Date(date); - } - }, +var _v = _interopRequireDefault(__nccwpck_require__(5920)); - /** - * Given a Date or date-like value, this function formats the - * date into a string of the requested value. - * @param [String,number,Date] date - * @param [String] formatter Valid formats are: - # * 'iso8601' - # * 'rfc822' - # * 'unixTimestamp' - * @return [String] - */ - format: function format(date, formatter) { - if (!formatter) formatter = 'iso8601'; - return util.date[formatter](util.date.from(date)); - }, +var _md = _interopRequireDefault(__nccwpck_require__(5842)); - parseTimestamp: function parseTimestamp(value) { - if (typeof value === 'number') { // unix timestamp (number) - return new Date(value * 1000); - } else if (value.match(/^\d+$/)) { // unix timestamp - return new Date(value * 1000); - } else if (value.match(/^\d{4}/)) { // iso8601 - return new Date(value); - } else if (value.match(/^\w{3},/)) { // rfc822 - return new Date(value); - } else { - throw util.error( - new Error('unhandled timestamp format: ' + value), - {code: 'TimestampParserError'}); - } - } +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } - }, +const v3 = (0, _v.default)('v3', 0x30, _md.default); +var _default = v3; +exports["default"] = _default; - crypto: { - crc32Table: [ - 0x00000000, 0x77073096, 0xEE0E612C, 0x990951BA, 0x076DC419, - 0x706AF48F, 0xE963A535, 0x9E6495A3, 0x0EDB8832, 0x79DCB8A4, - 0xE0D5E91E, 0x97D2D988, 0x09B64C2B, 0x7EB17CBD, 0xE7B82D07, - 0x90BF1D91, 0x1DB71064, 0x6AB020F2, 0xF3B97148, 0x84BE41DE, - 0x1ADAD47D, 0x6DDDE4EB, 0xF4D4B551, 0x83D385C7, 0x136C9856, - 0x646BA8C0, 0xFD62F97A, 0x8A65C9EC, 0x14015C4F, 0x63066CD9, - 0xFA0F3D63, 0x8D080DF5, 0x3B6E20C8, 0x4C69105E, 0xD56041E4, - 0xA2677172, 0x3C03E4D1, 0x4B04D447, 0xD20D85FD, 0xA50AB56B, - 0x35B5A8FA, 0x42B2986C, 0xDBBBC9D6, 0xACBCF940, 0x32D86CE3, - 0x45DF5C75, 0xDCD60DCF, 0xABD13D59, 0x26D930AC, 0x51DE003A, - 0xC8D75180, 0xBFD06116, 0x21B4F4B5, 0x56B3C423, 0xCFBA9599, - 0xB8BDA50F, 0x2802B89E, 0x5F058808, 0xC60CD9B2, 0xB10BE924, - 0x2F6F7C87, 0x58684C11, 0xC1611DAB, 0xB6662D3D, 0x76DC4190, - 0x01DB7106, 0x98D220BC, 0xEFD5102A, 0x71B18589, 0x06B6B51F, - 0x9FBFE4A5, 0xE8B8D433, 0x7807C9A2, 0x0F00F934, 0x9609A88E, - 0xE10E9818, 0x7F6A0DBB, 0x086D3D2D, 0x91646C97, 0xE6635C01, - 0x6B6B51F4, 0x1C6C6162, 0x856530D8, 0xF262004E, 0x6C0695ED, - 0x1B01A57B, 0x8208F4C1, 0xF50FC457, 0x65B0D9C6, 0x12B7E950, - 0x8BBEB8EA, 0xFCB9887C, 0x62DD1DDF, 0x15DA2D49, 0x8CD37CF3, - 0xFBD44C65, 0x4DB26158, 0x3AB551CE, 0xA3BC0074, 0xD4BB30E2, - 0x4ADFA541, 0x3DD895D7, 0xA4D1C46D, 0xD3D6F4FB, 0x4369E96A, - 0x346ED9FC, 0xAD678846, 0xDA60B8D0, 0x44042D73, 0x33031DE5, - 0xAA0A4C5F, 0xDD0D7CC9, 0x5005713C, 0x270241AA, 0xBE0B1010, - 0xC90C2086, 0x5768B525, 0x206F85B3, 0xB966D409, 0xCE61E49F, - 0x5EDEF90E, 0x29D9C998, 0xB0D09822, 0xC7D7A8B4, 0x59B33D17, - 0x2EB40D81, 0xB7BD5C3B, 0xC0BA6CAD, 0xEDB88320, 0x9ABFB3B6, - 0x03B6E20C, 0x74B1D29A, 0xEAD54739, 0x9DD277AF, 0x04DB2615, - 0x73DC1683, 0xE3630B12, 0x94643B84, 0x0D6D6A3E, 0x7A6A5AA8, - 0xE40ECF0B, 0x9309FF9D, 0x0A00AE27, 0x7D079EB1, 0xF00F9344, - 0x8708A3D2, 0x1E01F268, 0x6906C2FE, 0xF762575D, 0x806567CB, - 0x196C3671, 0x6E6B06E7, 0xFED41B76, 0x89D32BE0, 0x10DA7A5A, - 0x67DD4ACC, 0xF9B9DF6F, 0x8EBEEFF9, 0x17B7BE43, 0x60B08ED5, - 0xD6D6A3E8, 0xA1D1937E, 0x38D8C2C4, 0x4FDFF252, 0xD1BB67F1, - 0xA6BC5767, 0x3FB506DD, 0x48B2364B, 0xD80D2BDA, 0xAF0A1B4C, - 0x36034AF6, 0x41047A60, 0xDF60EFC3, 0xA867DF55, 0x316E8EEF, - 0x4669BE79, 0xCB61B38C, 0xBC66831A, 0x256FD2A0, 0x5268E236, - 0xCC0C7795, 0xBB0B4703, 0x220216B9, 0x5505262F, 0xC5BA3BBE, - 0xB2BD0B28, 0x2BB45A92, 0x5CB36A04, 0xC2D7FFA7, 0xB5D0CF31, - 0x2CD99E8B, 0x5BDEAE1D, 0x9B64C2B0, 0xEC63F226, 0x756AA39C, - 0x026D930A, 0x9C0906A9, 0xEB0E363F, 0x72076785, 0x05005713, - 0x95BF4A82, 0xE2B87A14, 0x7BB12BAE, 0x0CB61B38, 0x92D28E9B, - 0xE5D5BE0D, 0x7CDCEFB7, 0x0BDBDF21, 0x86D3D2D4, 0xF1D4E242, - 0x68DDB3F8, 0x1FDA836E, 0x81BE16CD, 0xF6B9265B, 0x6FB077E1, - 0x18B74777, 0x88085AE6, 0xFF0F6A70, 0x66063BCA, 0x11010B5C, - 0x8F659EFF, 0xF862AE69, 0x616BFFD3, 0x166CCF45, 0xA00AE278, - 0xD70DD2EE, 0x4E048354, 0x3903B3C2, 0xA7672661, 0xD06016F7, - 0x4969474D, 0x3E6E77DB, 0xAED16A4A, 0xD9D65ADC, 0x40DF0B66, - 0x37D83BF0, 0xA9BCAE53, 0xDEBB9EC5, 0x47B2CF7F, 0x30B5FFE9, - 0xBDBDF21C, 0xCABAC28A, 0x53B39330, 0x24B4A3A6, 0xBAD03605, - 0xCDD70693, 0x54DE5729, 0x23D967BF, 0xB3667A2E, 0xC4614AB8, - 0x5D681B02, 0x2A6F2B94, 0xB40BBE37, 0xC30C8EA1, 0x5A05DF1B, - 0x2D02EF8D], +/***/ }), - crc32: function crc32(data) { - var tbl = util.crypto.crc32Table; - var crc = 0 ^ -1; +/***/ 5920: +/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { - if (typeof data === 'string') { - data = util.buffer.toBuffer(data); - } +"use strict"; - for (var i = 0; i < data.length; i++) { - var code = data.readUInt8(i); - crc = (crc >>> 8) ^ tbl[(crc ^ code) & 0xFF]; - } - return (crc ^ -1) >>> 0; - }, - hmac: function hmac(key, string, digest, fn) { - if (!digest) digest = 'binary'; - if (digest === 'buffer') { digest = undefined; } - if (!fn) fn = 'sha256'; - if (typeof string === 'string') string = util.buffer.toBuffer(string); - return util.crypto.lib.createHmac(fn, key).update(string).digest(digest); - }, +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = _default; +exports.URL = exports.DNS = void 0; - md5: function md5(data, digest, callback) { - return util.crypto.hash('md5', data, digest, callback); - }, +var _stringify = _interopRequireDefault(__nccwpck_require__(1458)); - sha256: function sha256(data, digest, callback) { - return util.crypto.hash('sha256', data, digest, callback); - }, +var _parse = _interopRequireDefault(__nccwpck_require__(6385)); - hash: function(algorithm, data, digest, callback) { - var hash = util.crypto.createHash(algorithm); - if (!digest) { digest = 'binary'; } - if (digest === 'buffer') { digest = undefined; } - if (typeof data === 'string') data = util.buffer.toBuffer(data); - var sliceFn = util.arraySliceFn(data); - var isBuffer = util.Buffer.isBuffer(data); - //Identifying objects with an ArrayBuffer as buffers - if (util.isBrowser() && typeof ArrayBuffer !== 'undefined' && data && data.buffer instanceof ArrayBuffer) isBuffer = true; +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } - if (callback && typeof data === 'object' && - typeof data.on === 'function' && !isBuffer) { - data.on('data', function(chunk) { hash.update(chunk); }); - data.on('error', function(err) { callback(err); }); - data.on('end', function() { callback(null, hash.digest(digest)); }); - } else if (callback && sliceFn && !isBuffer && - typeof FileReader !== 'undefined') { - // this might be a File/Blob - var index = 0, size = 1024 * 512; - var reader = new FileReader(); - reader.onerror = function() { - callback(new Error('Failed to read data.')); - }; - reader.onload = function() { - var buf = new util.Buffer(new Uint8Array(reader.result)); - hash.update(buf); - index += buf.length; - reader._continueReading(); - }; - reader._continueReading = function() { - if (index >= data.size) { - callback(null, hash.digest(digest)); - return; - } +function stringToBytes(str) { + str = unescape(encodeURIComponent(str)); // UTF8 escape - var back = index + size; - if (back > data.size) back = data.size; - reader.readAsArrayBuffer(sliceFn.call(data, index, back)); - }; + const bytes = []; - reader._continueReading(); - } else { - if (util.isBrowser() && typeof data === 'object' && !isBuffer) { - data = new util.Buffer(new Uint8Array(data)); - } - var out = hash.update(data).digest(digest); - if (callback) callback(null, out); - return out; - } - }, + for (let i = 0; i < str.length; ++i) { + bytes.push(str.charCodeAt(i)); + } - toHex: function toHex(data) { - var out = []; - for (var i = 0; i < data.length; i++) { - out.push(('0' + data.charCodeAt(i).toString(16)).substr(-2, 2)); - } - return out.join(''); - }, + return bytes; +} - createHash: function createHash(algorithm) { - return util.crypto.lib.createHash(algorithm); +const DNS = '6ba7b810-9dad-11d1-80b4-00c04fd430c8'; +exports.DNS = DNS; +const URL = '6ba7b811-9dad-11d1-80b4-00c04fd430c8'; +exports.URL = URL; + +function _default(name, version, hashfunc) { + function generateUUID(value, namespace, buf, offset) { + if (typeof value === 'string') { + value = stringToBytes(value); } - }, + if (typeof namespace === 'string') { + namespace = (0, _parse.default)(namespace); + } - /** @!ignore */ + if (namespace.length !== 16) { + throw TypeError('Namespace must be array-like (16 iterable integer values, 0-255)'); + } // Compute hash of namespace and value, Per 4.3 + // Future: Use spread syntax when supported on all platforms, e.g. `bytes = + // hashfunc([...namespace, ... value])` - /* Abort constant */ - abort: {}, - each: function each(object, iterFunction) { - for (var key in object) { - if (Object.prototype.hasOwnProperty.call(object, key)) { - var ret = iterFunction.call(this, key, object[key]); - if (ret === util.abort) break; - } - } - }, + let bytes = new Uint8Array(16 + value.length); + bytes.set(namespace); + bytes.set(value, namespace.length); + bytes = hashfunc(bytes); + bytes[6] = bytes[6] & 0x0f | version; + bytes[8] = bytes[8] & 0x3f | 0x80; - arrayEach: function arrayEach(array, iterFunction) { - for (var idx in array) { - if (Object.prototype.hasOwnProperty.call(array, idx)) { - var ret = iterFunction.call(this, array[idx], parseInt(idx, 10)); - if (ret === util.abort) break; + if (buf) { + offset = offset || 0; + + for (let i = 0; i < 16; ++i) { + buf[offset + i] = bytes[i]; } + + return buf; } - }, - update: function update(obj1, obj2) { - util.each(obj2, function iterator(key, item) { - obj1[key] = item; - }); - return obj1; - }, + return (0, _stringify.default)(bytes); + } // Function#name is not settable on some platforms (#270) - merge: function merge(obj1, obj2) { - return util.update(util.copy(obj1), obj2); - }, - copy: function copy(object) { - if (object === null || object === undefined) return object; - var dupe = {}; - // jshint forin:false - for (var key in object) { - dupe[key] = object[key]; - } - return dupe; - }, + try { + generateUUID.name = name; // eslint-disable-next-line no-empty + } catch (err) {} // For CommonJS default export support - isEmpty: function isEmpty(obj) { - for (var prop in obj) { - if (Object.prototype.hasOwnProperty.call(obj, prop)) { - return false; - } - } - return true; - }, - arraySliceFn: function arraySliceFn(obj) { - var fn = obj.slice || obj.webkitSlice || obj.mozSlice; - return typeof fn === 'function' ? fn : null; - }, + generateUUID.DNS = DNS; + generateUUID.URL = URL; + return generateUUID; +} - isType: function isType(obj, type) { - // handle cross-"frame" objects - if (typeof type === 'function') type = util.typeName(type); - return Object.prototype.toString.call(obj) === '[object ' + type + ']'; - }, +/***/ }), - typeName: function typeName(type) { - if (Object.prototype.hasOwnProperty.call(type, 'name')) return type.name; - var str = type.toString(); - var match = str.match(/^\s*function (.+)\(/); - return match ? match[1] : str; - }, +/***/ 1472: +/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { - error: function error(err, options) { - var originalError = null; - if (typeof err.message === 'string' && err.message !== '') { - if (typeof options === 'string' || (options && options.message)) { - originalError = util.copy(err); - originalError.message = err.message; - } - } - err.message = err.message || null; +"use strict"; - if (typeof options === 'string') { - err.message = options; - } else if (typeof options === 'object' && options !== null) { - util.update(err, options); - if (options.message) - err.message = options.message; - if (options.code || options.name) - err.code = options.code || options.name; - if (options.stack) - err.stack = options.stack; - } - if (typeof Object.defineProperty === 'function') { - Object.defineProperty(err, 'name', {writable: true, enumerable: false}); - Object.defineProperty(err, 'message', {enumerable: true}); - } +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = void 0; - err.name = String(options && options.name || err.name || err.code || 'Error'); - err.time = new Date(); +var _rng = _interopRequireDefault(__nccwpck_require__(9784)); - if (originalError) err.originalError = originalError; +var _stringify = _interopRequireDefault(__nccwpck_require__(1458)); - return err; - }, +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } - /** - * @api private - */ - inherit: function inherit(klass, features) { - var newObject = null; - if (features === undefined) { - features = klass; - klass = Object; - newObject = {}; - } else { - var ctor = function ConstructorWrapper() {}; - ctor.prototype = klass.prototype; - newObject = new ctor(); - } - - // constructor not supplied, create pass-through ctor - if (features.constructor === Object) { - features.constructor = function() { - if (klass !== Object) { - return klass.apply(this, arguments); - } - }; - } +function v4(options, buf, offset) { + options = options || {}; - features.constructor.prototype = newObject; - util.update(features.constructor.prototype, features); - features.constructor.__super__ = klass; - return features.constructor; - }, + const rnds = options.random || (options.rng || _rng.default)(); // Per 4.4, set bits for version and `clock_seq_hi_and_reserved` - /** - * @api private - */ - mixin: function mixin() { - var klass = arguments[0]; - for (var i = 1; i < arguments.length; i++) { - // jshint forin:false - for (var prop in arguments[i].prototype) { - var fn = arguments[i].prototype[prop]; - if (prop !== 'constructor') { - klass.prototype[prop] = fn; - } - } - } - return klass; - }, - /** - * @api private - */ - hideProperties: function hideProperties(obj, props) { - if (typeof Object.defineProperty !== 'function') return; + rnds[6] = rnds[6] & 0x0f | 0x40; + rnds[8] = rnds[8] & 0x3f | 0x80; // Copy bytes to buffer, if provided - util.arrayEach(props, function (key) { - Object.defineProperty(obj, key, { - enumerable: false, writable: true, configurable: true }); - }); - }, + if (buf) { + offset = offset || 0; - /** - * @api private - */ - property: function property(obj, name, value, enumerable, isValue) { - var opts = { - configurable: true, - enumerable: enumerable !== undefined ? enumerable : true - }; - if (typeof value === 'function' && !isValue) { - opts.get = value; - } - else { - opts.value = value; opts.writable = true; + for (let i = 0; i < 16; ++i) { + buf[offset + i] = rnds[i]; } - Object.defineProperty(obj, name, opts); - }, + return buf; + } - /** - * @api private - */ - memoizedProperty: function memoizedProperty(obj, name, get, enumerable) { - var cachedValue = null; + return (0, _stringify.default)(rnds); +} - // build enumerable attribute for each value with lazy accessor. - util.property(obj, name, function() { - if (cachedValue === null) { - cachedValue = get(); - } - return cachedValue; - }, enumerable); - }, +var _default = v4; +exports["default"] = _default; - /** - * TODO Remove in major version revision - * This backfill populates response data without the - * top-level payload name. - * - * @api private - */ - hoistPayloadMember: function hoistPayloadMember(resp) { - var req = resp.request; - var operationName = req.operation; - var operation = req.service.api.operations[operationName]; - var output = operation.output; - if (output.payload && !operation.hasEventOutput) { - var payloadMember = output.members[output.payload]; - var responsePayload = resp.data[output.payload]; - if (payloadMember.type === 'structure') { - util.each(responsePayload, function(key, value) { - util.property(resp.data, key, value, false); - }); - } - } - }, +/***/ }), - /** - * Compute SHA-256 checksums of streams - * - * @api private - */ - computeSha256: function computeSha256(body, done) { - if (util.isNode()) { - var Stream = util.stream.Stream; - var fs = __webpack_require__(747); - if (typeof Stream === 'function' && body instanceof Stream) { - if (typeof body.path === 'string') { // assume file object - var settings = {}; - if (typeof body.start === 'number') { - settings.start = body.start; - } - if (typeof body.end === 'number') { - settings.end = body.end; - } - body = fs.createReadStream(body.path, settings); - } else { // TODO support other stream types - return done(new Error('Non-file stream objects are ' + - 'not supported with SigV4')); - } - } - } +/***/ 6217: +/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { - util.crypto.sha256(body, 'hex', function(err, sha) { - if (err) done(err); - else done(null, sha); - }); - }, +"use strict"; - /** - * @api private - */ - isClockSkewed: function isClockSkewed(serverTime) { - if (serverTime) { - util.property(AWS.config, 'isClockSkewed', - Math.abs(new Date().getTime() - serverTime) >= 300000, false); - return AWS.config.isClockSkewed; - } - }, - applyClockOffset: function applyClockOffset(serverTime) { - if (serverTime) - AWS.config.systemClockOffset = serverTime - new Date().getTime(); - }, +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = void 0; - /** - * @api private - */ - extractRequestId: function extractRequestId(resp) { - var requestId = resp.httpResponse.headers['x-amz-request-id'] || - resp.httpResponse.headers['x-amzn-requestid']; +var _v = _interopRequireDefault(__nccwpck_require__(5920)); - if (!requestId && resp.data && resp.data.ResponseMetadata) { - requestId = resp.data.ResponseMetadata.RequestId; - } +var _sha = _interopRequireDefault(__nccwpck_require__(8844)); - if (requestId) { - resp.requestId = requestId; - } +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } - if (resp.error) { - resp.error.requestId = requestId; - } - }, +const v5 = (0, _v.default)('v5', 0x50, _sha.default); +var _default = v5; +exports["default"] = _default; - /** - * @api private - */ - addPromises: function addPromises(constructors, PromiseDependency) { - var deletePromises = false; - if (PromiseDependency === undefined && AWS && AWS.config) { - PromiseDependency = AWS.config.getPromisesDependency(); - } - if (PromiseDependency === undefined && typeof Promise !== 'undefined') { - PromiseDependency = Promise; - } - if (typeof PromiseDependency !== 'function') deletePromises = true; - if (!Array.isArray(constructors)) constructors = [constructors]; +/***/ }), - for (var ind = 0; ind < constructors.length; ind++) { - var constructor = constructors[ind]; - if (deletePromises) { - if (constructor.deletePromisesFromClass) { - constructor.deletePromisesFromClass(); - } - } else if (constructor.addPromisesToClass) { - constructor.addPromisesToClass(PromiseDependency); - } - } - }, +/***/ 2609: +/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { - /** - * @api private - * Return a function that will return a promise whose fate is decided by the - * callback behavior of the given method with `methodName`. The method to be - * promisified should conform to node.js convention of accepting a callback as - * last argument and calling that callback with error as the first argument - * and success value on the second argument. - */ - promisifyMethod: function promisifyMethod(methodName, PromiseDependency) { - return function promise() { - var self = this; - var args = Array.prototype.slice.call(arguments); - return new PromiseDependency(function(resolve, reject) { - args.push(function(err, data) { - if (err) { - reject(err); - } else { - resolve(data); - } - }); - self[methodName].apply(self, args); - }); - }; - }, +"use strict"; - /** - * @api private - */ - isDualstackAvailable: function isDualstackAvailable(service) { - if (!service) return false; - var metadata = __webpack_require__(694); - if (typeof service !== 'string') service = service.serviceIdentifier; - if (typeof service !== 'string' || !metadata.hasOwnProperty(service)) return false; - return !!metadata[service].dualstackAvailable; - }, - /** - * @api private - */ - calculateRetryDelay: function calculateRetryDelay(retryCount, retryDelayOptions, err) { - if (!retryDelayOptions) retryDelayOptions = {}; - var customBackoff = retryDelayOptions.customBackoff || null; - if (typeof customBackoff === 'function') { - return customBackoff(retryCount, err); - } - var base = typeof retryDelayOptions.base === 'number' ? retryDelayOptions.base : 100; - var delay = Math.random() * (Math.pow(2, retryCount) * base); - return delay; - }, +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = void 0; - /** - * @api private - */ - handleRequestWithRetries: function handleRequestWithRetries(httpRequest, options, cb) { - if (!options) options = {}; - var http = AWS.HttpClient.getInstance(); - var httpOptions = options.httpOptions || {}; - var retryCount = 0; +var _regex = _interopRequireDefault(__nccwpck_require__(6230)); - var errCallback = function(err) { - var maxRetries = options.maxRetries || 0; - if (err && err.code === 'TimeoutError') err.retryable = true; - var delay = util.calculateRetryDelay(retryCount, options.retryDelayOptions, err); - if (err && err.retryable && retryCount < maxRetries && delay >= 0) { - retryCount++; - setTimeout(sendRequest, delay + (err.retryAfter || 0)); - } else { - cb(err); - } - }; +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } - var sendRequest = function() { - var data = ''; - http.handleRequest(httpRequest, httpOptions, function(httpResponse) { - httpResponse.on('data', function(chunk) { data += chunk.toString(); }); - httpResponse.on('end', function() { - var statusCode = httpResponse.statusCode; - if (statusCode < 300) { - cb(null, data); - } else { - var retryAfter = parseInt(httpResponse.headers['retry-after'], 10) * 1000 || 0; - var err = util.error(new Error(), - { - statusCode: statusCode, - retryable: statusCode >= 500 || statusCode === 429 - } - ); - if (retryAfter && err.retryable) err.retryAfter = retryAfter; - errCallback(err); - } - }); - }, errCallback); - }; - - AWS.util.defer(sendRequest); - }, - - /** - * @api private - */ - uuid: { - v4: function uuidV4() { - return __webpack_require__(898).v4(); - } - }, - - /** - * @api private - */ - convertPayloadToString: function convertPayloadToString(resp) { - var req = resp.request; - var operation = req.operation; - var rules = req.service.api.operations[operation].output || {}; - if (rules.payload && resp.data[rules.payload]) { - resp.data[rules.payload] = resp.data[rules.payload].toString(); - } - }, +function validate(uuid) { + return typeof uuid === 'string' && _regex.default.test(uuid); +} - /** - * @api private - */ - defer: function defer(callback) { - if (typeof process === 'object' && typeof process.nextTick === 'function') { - process.nextTick(callback); - } else if (typeof setImmediate === 'function') { - setImmediate(callback); - } else { - setTimeout(callback, 0); - } - }, +var _default = validate; +exports["default"] = _default; - /** - * @api private - */ - getRequestPayloadShape: function getRequestPayloadShape(req) { - var operations = req.service.api.operations; - if (!operations) return undefined; - var operation = (operations || {})[req.operation]; - if (!operation || !operation.input || !operation.input.payload) return undefined; - return operation.input.members[operation.input.payload]; - }, +/***/ }), - getProfilesFromSharedConfig: function getProfilesFromSharedConfig(iniLoader, filename) { - var profiles = {}; - var profilesFromConfig = {}; - if (process.env[util.configOptInEnv]) { - var profilesFromConfig = iniLoader.loadFrom({ - isConfig: true, - filename: process.env[util.sharedConfigFileEnv] - }); - } - var profilesFromCreds = iniLoader.loadFrom({ - filename: filename || - (process.env[util.configOptInEnv] && process.env[util.sharedCredentialsFileEnv]) - }); - for (var i = 0, profileNames = Object.keys(profilesFromConfig); i < profileNames.length; i++) { - profiles[profileNames[i]] = profilesFromConfig[profileNames[i]]; - } - for (var i = 0, profileNames = Object.keys(profilesFromCreds); i < profileNames.length; i++) { - profiles[profileNames[i]] = profilesFromCreds[profileNames[i]]; - } - return profiles; - }, +/***/ 427: +/***/ ((__unused_webpack_module, exports, __nccwpck_require__) => { - /** - * @api private - */ - ARN: { - validate: function validateARN(str) { - return str && str.indexOf('arn:') === 0 && str.split(':').length >= 6; - }, - parse: function parseARN(arn) { - var matched = arn.split(':'); - return { - partition: matched[1], - service: matched[2], - region: matched[3], - accountId: matched[4], - resource: matched.slice(5).join(':') - }; - }, - build: function buildARN(arnObject) { - if ( - arnObject.service === undefined || - arnObject.region === undefined || - arnObject.accountId === undefined || - arnObject.resource === undefined - ) throw util.error(new Error('Input ARN object is invalid')); - return 'arn:'+ (arnObject.partition || 'aws') + ':' + arnObject.service + - ':' + arnObject.region + ':' + arnObject.accountId + ':' + arnObject.resource; - } - }, +"use strict"; - /** - * @api private - */ - defaultProfile: 'default', - /** - * @api private - */ - configOptInEnv: 'AWS_SDK_LOAD_CONFIG', +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = void 0; - /** - * @api private - */ - sharedCredentialsFileEnv: 'AWS_SHARED_CREDENTIALS_FILE', +var _validate = _interopRequireDefault(__nccwpck_require__(2609)); - /** - * @api private - */ - sharedConfigFileEnv: 'AWS_CONFIG_FILE', +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } - /** - * @api private - */ - imdsDisabledEnv: 'AWS_EC2_METADATA_DISABLED' -}; +function version(uuid) { + if (!(0, _validate.default)(uuid)) { + throw TypeError('Invalid UUID'); + } -/** - * @api private - */ -module.exports = util; + return parseInt(uuid.substr(14, 1), 16); +} +var _default = version; +exports["default"] = _default; /***/ }), -/***/ 154: -/***/ (function(module) { - -module.exports = {"version":2,"waiters":{"DeploymentSuccessful":{"delay":15,"operation":"GetDeployment","maxAttempts":120,"acceptors":[{"expected":"Succeeded","matcher":"path","state":"success","argument":"deploymentInfo.status"},{"expected":"Failed","matcher":"path","state":"failure","argument":"deploymentInfo.status"},{"expected":"Stopped","matcher":"path","state":"failure","argument":"deploymentInfo.status"}]}}}; - -/***/ }), +/***/ 5526: +/***/ (function(__unused_webpack_module, exports) { -/***/ 165: -/***/ (function(module) { +"use strict"; -function apiLoader(svc, version) { - if (!apiLoader.services.hasOwnProperty(svc)) { - throw new Error('InvalidService: Failed to load api for ' + svc); - } - return apiLoader.services[svc][version]; +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.PersonalAccessTokenCredentialHandler = exports.BearerCredentialHandler = exports.BasicCredentialHandler = void 0; +class BasicCredentialHandler { + constructor(username, password) { + this.username = username; + this.password = password; + } + prepareRequest(options) { + if (!options.headers) { + throw Error('The request has no headers'); + } + options.headers['Authorization'] = `Basic ${Buffer.from(`${this.username}:${this.password}`).toString('base64')}`; + } + // This handler cannot handle 401 + canHandleAuthentication() { + return false; + } + handleAuthentication() { + return __awaiter(this, void 0, void 0, function* () { + throw new Error('not implemented'); + }); + } } - -/** - * @api private - * - * This member of AWS.apiLoader is private, but changing it will necessitate a - * change to ../scripts/services-table-generator.ts - */ -apiLoader.services = {}; - -/** - * @api private - */ -module.exports = apiLoader; - +exports.BasicCredentialHandler = BasicCredentialHandler; +class BearerCredentialHandler { + constructor(token) { + this.token = token; + } + // currently implements pre-authorization + // TODO: support preAuth = false where it hooks on 401 + prepareRequest(options) { + if (!options.headers) { + throw Error('The request has no headers'); + } + options.headers['Authorization'] = `Bearer ${this.token}`; + } + // This handler cannot handle 401 + canHandleAuthentication() { + return false; + } + handleAuthentication() { + return __awaiter(this, void 0, void 0, function* () { + throw new Error('not implemented'); + }); + } +} +exports.BearerCredentialHandler = BearerCredentialHandler; +class PersonalAccessTokenCredentialHandler { + constructor(token) { + this.token = token; + } + // currently implements pre-authorization + // TODO: support preAuth = false where it hooks on 401 + prepareRequest(options) { + if (!options.headers) { + throw Error('The request has no headers'); + } + options.headers['Authorization'] = `Basic ${Buffer.from(`PAT:${this.token}`).toString('base64')}`; + } + // This handler cannot handle 401 + canHandleAuthentication() { + return false; + } + handleAuthentication() { + return __awaiter(this, void 0, void 0, function* () { + throw new Error('not implemented'); + }); + } +} +exports.PersonalAccessTokenCredentialHandler = PersonalAccessTokenCredentialHandler; +//# sourceMappingURL=auth.js.map /***/ }), -/***/ 170: -/***/ (function(__unusedmodule, __unusedexports, __webpack_require__) { +/***/ 6255: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { -var AWS = __webpack_require__(395); -var CognitoIdentity = __webpack_require__(214); -var STS = __webpack_require__(733); +"use strict"; +/* eslint-disable @typescript-eslint/no-explicit-any */ +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.HttpClient = exports.isHttps = exports.HttpClientResponse = exports.HttpClientError = exports.getProxyUrl = exports.MediaTypes = exports.Headers = exports.HttpCodes = void 0; +const http = __importStar(__nccwpck_require__(3685)); +const https = __importStar(__nccwpck_require__(5687)); +const pm = __importStar(__nccwpck_require__(9835)); +const tunnel = __importStar(__nccwpck_require__(4294)); +var HttpCodes; +(function (HttpCodes) { + HttpCodes[HttpCodes["OK"] = 200] = "OK"; + HttpCodes[HttpCodes["MultipleChoices"] = 300] = "MultipleChoices"; + HttpCodes[HttpCodes["MovedPermanently"] = 301] = "MovedPermanently"; + HttpCodes[HttpCodes["ResourceMoved"] = 302] = "ResourceMoved"; + HttpCodes[HttpCodes["SeeOther"] = 303] = "SeeOther"; + HttpCodes[HttpCodes["NotModified"] = 304] = "NotModified"; + HttpCodes[HttpCodes["UseProxy"] = 305] = "UseProxy"; + HttpCodes[HttpCodes["SwitchProxy"] = 306] = "SwitchProxy"; + HttpCodes[HttpCodes["TemporaryRedirect"] = 307] = "TemporaryRedirect"; + HttpCodes[HttpCodes["PermanentRedirect"] = 308] = "PermanentRedirect"; + HttpCodes[HttpCodes["BadRequest"] = 400] = "BadRequest"; + HttpCodes[HttpCodes["Unauthorized"] = 401] = "Unauthorized"; + HttpCodes[HttpCodes["PaymentRequired"] = 402] = "PaymentRequired"; + HttpCodes[HttpCodes["Forbidden"] = 403] = "Forbidden"; + HttpCodes[HttpCodes["NotFound"] = 404] = "NotFound"; + HttpCodes[HttpCodes["MethodNotAllowed"] = 405] = "MethodNotAllowed"; + HttpCodes[HttpCodes["NotAcceptable"] = 406] = "NotAcceptable"; + HttpCodes[HttpCodes["ProxyAuthenticationRequired"] = 407] = "ProxyAuthenticationRequired"; + HttpCodes[HttpCodes["RequestTimeout"] = 408] = "RequestTimeout"; + HttpCodes[HttpCodes["Conflict"] = 409] = "Conflict"; + HttpCodes[HttpCodes["Gone"] = 410] = "Gone"; + HttpCodes[HttpCodes["TooManyRequests"] = 429] = "TooManyRequests"; + HttpCodes[HttpCodes["InternalServerError"] = 500] = "InternalServerError"; + HttpCodes[HttpCodes["NotImplemented"] = 501] = "NotImplemented"; + HttpCodes[HttpCodes["BadGateway"] = 502] = "BadGateway"; + HttpCodes[HttpCodes["ServiceUnavailable"] = 503] = "ServiceUnavailable"; + HttpCodes[HttpCodes["GatewayTimeout"] = 504] = "GatewayTimeout"; +})(HttpCodes = exports.HttpCodes || (exports.HttpCodes = {})); +var Headers; +(function (Headers) { + Headers["Accept"] = "accept"; + Headers["ContentType"] = "content-type"; +})(Headers = exports.Headers || (exports.Headers = {})); +var MediaTypes; +(function (MediaTypes) { + MediaTypes["ApplicationJson"] = "application/json"; +})(MediaTypes = exports.MediaTypes || (exports.MediaTypes = {})); /** - * Represents credentials retrieved from STS Web Identity Federation using - * the Amazon Cognito Identity service. - * - * By default this provider gets credentials using the - * {AWS.CognitoIdentity.getCredentialsForIdentity} service operation, which - * requires either an `IdentityId` or an `IdentityPoolId` (Amazon Cognito - * Identity Pool ID), which is used to call {AWS.CognitoIdentity.getId} to - * obtain an `IdentityId`. If the identity or identity pool is not configured in - * the Amazon Cognito Console to use IAM roles with the appropriate permissions, - * then additionally a `RoleArn` is required containing the ARN of the IAM trust - * policy for the Amazon Cognito role that the user will log into. If a `RoleArn` - * is provided, then this provider gets credentials using the - * {AWS.STS.assumeRoleWithWebIdentity} service operation, after first getting an - * Open ID token from {AWS.CognitoIdentity.getOpenIdToken}. - * - * In addition, if this credential provider is used to provide authenticated - * login, the `Logins` map may be set to the tokens provided by the respective - * identity providers. See {constructor} for an example on creating a credentials - * object with proper property values. - * - * ## Refreshing Credentials from Identity Service - * - * In addition to AWS credentials expiring after a given amount of time, the - * login token from the identity provider will also expire. Once this token - * expires, it will not be usable to refresh AWS credentials, and another - * token will be needed. The SDK does not manage refreshing of the token value, - * but this can be done through a "refresh token" supported by most identity - * providers. Consult the documentation for the identity provider for refreshing - * tokens. Once the refreshed token is acquired, you should make sure to update - * this new token in the credentials object's {params} property. The following - * code will update the WebIdentityToken, assuming you have retrieved an updated - * token from the identity provider: - * - * ```javascript - * AWS.config.credentials.params.Logins['graph.facebook.com'] = updatedToken; - * ``` - * - * Future calls to `credentials.refresh()` will now use the new token. - * - * @!attribute params - * @return [map] the map of params passed to - * {AWS.CognitoIdentity.getId}, - * {AWS.CognitoIdentity.getOpenIdToken}, and - * {AWS.STS.assumeRoleWithWebIdentity}. To update the token, set the - * `params.WebIdentityToken` property. - * @!attribute data - * @return [map] the raw data response from the call to - * {AWS.CognitoIdentity.getCredentialsForIdentity}, or - * {AWS.STS.assumeRoleWithWebIdentity}. Use this if you want to get - * access to other properties from the response. - * @!attribute identityId - * @return [String] the Cognito ID returned by the last call to - * {AWS.CognitoIdentity.getOpenIdToken}. This ID represents the actual - * final resolved identity ID from Amazon Cognito. + * Returns the proxy URL, depending upon the supplied url and proxy environment variables. + * @param serverUrl The server URL where the request will be sent. For example, https://api.github.com */ -AWS.CognitoIdentityCredentials = AWS.util.inherit(AWS.Credentials, { - /** - * @api private - */ - localStorageKey: { - id: 'aws.cognito.identity-id.', - providers: 'aws.cognito.identity-providers.' - }, - - /** - * Creates a new credentials object. - * @example Creating a new credentials object - * AWS.config.credentials = new AWS.CognitoIdentityCredentials({ - * - * // either IdentityPoolId or IdentityId is required - * // See the IdentityPoolId param for AWS.CognitoIdentity.getID (linked below) - * // See the IdentityId param for AWS.CognitoIdentity.getCredentialsForIdentity - * // or AWS.CognitoIdentity.getOpenIdToken (linked below) - * IdentityPoolId: 'us-east-1:1699ebc0-7900-4099-b910-2df94f52a030', - * IdentityId: 'us-east-1:128d0a74-c82f-4553-916d-90053e4a8b0f' - * - * // optional, only necessary when the identity pool is not configured - * // to use IAM roles in the Amazon Cognito Console - * // See the RoleArn param for AWS.STS.assumeRoleWithWebIdentity (linked below) - * RoleArn: 'arn:aws:iam::1234567890:role/MYAPP-CognitoIdentity', - * - * // optional tokens, used for authenticated login - * // See the Logins param for AWS.CognitoIdentity.getID (linked below) - * Logins: { - * 'graph.facebook.com': 'FBTOKEN', - * 'www.amazon.com': 'AMAZONTOKEN', - * 'accounts.google.com': 'GOOGLETOKEN', - * 'api.twitter.com': 'TWITTERTOKEN', - * 'www.digits.com': 'DIGITSTOKEN' - * }, - * - * // optional name, defaults to web-identity - * // See the RoleSessionName param for AWS.STS.assumeRoleWithWebIdentity (linked below) - * RoleSessionName: 'web', - * - * // optional, only necessary when application runs in a browser - * // and multiple users are signed in at once, used for caching - * LoginId: 'example@gmail.com' - * - * }, { - * // optionally provide configuration to apply to the underlying service clients - * // if configuration is not provided, then configuration will be pulled from AWS.config - * - * // region should match the region your identity pool is located in - * region: 'us-east-1', - * - * // specify timeout options - * httpOptions: { - * timeout: 100 - * } - * }); - * @see AWS.CognitoIdentity.getId - * @see AWS.CognitoIdentity.getCredentialsForIdentity - * @see AWS.STS.assumeRoleWithWebIdentity - * @see AWS.CognitoIdentity.getOpenIdToken - * @see AWS.Config - * @note If a region is not provided in the global AWS.config, or - * specified in the `clientConfig` to the CognitoIdentityCredentials - * constructor, you may encounter a 'Missing credentials in config' error - * when calling making a service call. - */ - constructor: function CognitoIdentityCredentials(params, clientConfig) { - AWS.Credentials.call(this); - this.expired = true; - this.params = params; - this.data = null; - this._identityId = null; - this._clientConfig = AWS.util.copy(clientConfig || {}); - this.loadCachedId(); - var self = this; - Object.defineProperty(this, 'identityId', { - get: function() { - self.loadCachedId(); - return self._identityId || self.params.IdentityId; - }, - set: function(identityId) { - self._identityId = identityId; - } - }); - }, - - /** - * Refreshes credentials using {AWS.CognitoIdentity.getCredentialsForIdentity}, - * or {AWS.STS.assumeRoleWithWebIdentity}. - * - * @callback callback function(err) - * Called when the STS service responds (or fails). When - * this callback is called with no error, it means that the credentials - * information has been loaded into the object (as the `accessKeyId`, - * `secretAccessKey`, and `sessionToken` properties). - * @param err [Error] if an error occurred, this value will be filled - * @see AWS.Credentials.get - */ - refresh: function refresh(callback) { - this.coalesceRefresh(callback || AWS.util.fn.callback); - }, - - /** - * @api private - * @param callback - */ - load: function load(callback) { - var self = this; - self.createClients(); - self.data = null; - self._identityId = null; - self.getId(function(err) { - if (!err) { - if (!self.params.RoleArn) { - self.getCredentialsForIdentity(callback); - } else { - self.getCredentialsFromSTS(callback); - } - } else { - self.clearIdOnNotAuthorized(err); - callback(err); - } - }); - }, - - /** - * Clears the cached Cognito ID associated with the currently configured - * identity pool ID. Use this to manually invalidate your cache if - * the identity pool ID was deleted. - */ - clearCachedId: function clearCache() { - this._identityId = null; - delete this.params.IdentityId; - - var poolId = this.params.IdentityPoolId; - var loginId = this.params.LoginId || ''; - delete this.storage[this.localStorageKey.id + poolId + loginId]; - delete this.storage[this.localStorageKey.providers + poolId + loginId]; - }, - - /** - * @api private - */ - clearIdOnNotAuthorized: function clearIdOnNotAuthorized(err) { - var self = this; - if (err.code == 'NotAuthorizedException') { - self.clearCachedId(); +function getProxyUrl(serverUrl) { + const proxyUrl = pm.getProxyUrl(new URL(serverUrl)); + return proxyUrl ? proxyUrl.href : ''; +} +exports.getProxyUrl = getProxyUrl; +const HttpRedirectCodes = [ + HttpCodes.MovedPermanently, + HttpCodes.ResourceMoved, + HttpCodes.SeeOther, + HttpCodes.TemporaryRedirect, + HttpCodes.PermanentRedirect +]; +const HttpResponseRetryCodes = [ + HttpCodes.BadGateway, + HttpCodes.ServiceUnavailable, + HttpCodes.GatewayTimeout +]; +const RetryableHttpVerbs = ['OPTIONS', 'GET', 'DELETE', 'HEAD']; +const ExponentialBackoffCeiling = 10; +const ExponentialBackoffTimeSlice = 5; +class HttpClientError extends Error { + constructor(message, statusCode) { + super(message); + this.name = 'HttpClientError'; + this.statusCode = statusCode; + Object.setPrototypeOf(this, HttpClientError.prototype); } - }, - - /** - * Retrieves a Cognito ID, loading from cache if it was already retrieved - * on this device. - * - * @callback callback function(err, identityId) - * @param err [Error, null] an error object if the call failed or null if - * it succeeded. - * @param identityId [String, null] if successful, the callback will return - * the Cognito ID. - * @note If not loaded explicitly, the Cognito ID is loaded and stored in - * localStorage in the browser environment of a device. - * @api private - */ - getId: function getId(callback) { - var self = this; - if (typeof self.params.IdentityId === 'string') { - return callback(null, self.params.IdentityId); +} +exports.HttpClientError = HttpClientError; +class HttpClientResponse { + constructor(message) { + this.message = message; } - - self.cognito.getId(function(err, data) { - if (!err && data.IdentityId) { - self.params.IdentityId = data.IdentityId; - callback(null, data.IdentityId); - } else { - callback(err); - } - }); - }, - - - /** - * @api private - */ - loadCredentials: function loadCredentials(data, credentials) { - if (!data || !credentials) return; - credentials.expired = false; - credentials.accessKeyId = data.Credentials.AccessKeyId; - credentials.secretAccessKey = data.Credentials.SecretKey; - credentials.sessionToken = data.Credentials.SessionToken; - credentials.expireTime = data.Credentials.Expiration; - }, - - /** - * @api private - */ - getCredentialsForIdentity: function getCredentialsForIdentity(callback) { - var self = this; - self.cognito.getCredentialsForIdentity(function(err, data) { - if (!err) { - self.cacheId(data); - self.data = data; - self.loadCredentials(self.data, self); - } else { - self.clearIdOnNotAuthorized(err); - } - callback(err); - }); - }, - - /** - * @api private - */ - getCredentialsFromSTS: function getCredentialsFromSTS(callback) { - var self = this; - self.cognito.getOpenIdToken(function(err, data) { - if (!err) { - self.cacheId(data); - self.params.WebIdentityToken = data.Token; - self.webIdentityCredentials.refresh(function(webErr) { - if (!webErr) { - self.data = self.webIdentityCredentials.data; - self.sts.credentialsFrom(self.data, self); - } - callback(webErr); + readBody() { + return __awaiter(this, void 0, void 0, function* () { + return new Promise((resolve) => __awaiter(this, void 0, void 0, function* () { + let output = Buffer.alloc(0); + this.message.on('data', (chunk) => { + output = Buffer.concat([output, chunk]); + }); + this.message.on('end', () => { + resolve(output.toString()); + }); + })); }); - } else { - self.clearIdOnNotAuthorized(err); - callback(err); - } - }); - }, + } +} +exports.HttpClientResponse = HttpClientResponse; +function isHttps(requestUrl) { + const parsedUrl = new URL(requestUrl); + return parsedUrl.protocol === 'https:'; +} +exports.isHttps = isHttps; +class HttpClient { + constructor(userAgent, handlers, requestOptions) { + this._ignoreSslError = false; + this._allowRedirects = true; + this._allowRedirectDowngrade = false; + this._maxRedirects = 50; + this._allowRetries = false; + this._maxRetries = 1; + this._keepAlive = false; + this._disposed = false; + this.userAgent = userAgent; + this.handlers = handlers || []; + this.requestOptions = requestOptions; + if (requestOptions) { + if (requestOptions.ignoreSslError != null) { + this._ignoreSslError = requestOptions.ignoreSslError; + } + this._socketTimeout = requestOptions.socketTimeout; + if (requestOptions.allowRedirects != null) { + this._allowRedirects = requestOptions.allowRedirects; + } + if (requestOptions.allowRedirectDowngrade != null) { + this._allowRedirectDowngrade = requestOptions.allowRedirectDowngrade; + } + if (requestOptions.maxRedirects != null) { + this._maxRedirects = Math.max(requestOptions.maxRedirects, 0); + } + if (requestOptions.keepAlive != null) { + this._keepAlive = requestOptions.keepAlive; + } + if (requestOptions.allowRetries != null) { + this._allowRetries = requestOptions.allowRetries; + } + if (requestOptions.maxRetries != null) { + this._maxRetries = requestOptions.maxRetries; + } + } + } + options(requestUrl, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('OPTIONS', requestUrl, null, additionalHeaders || {}); + }); + } + get(requestUrl, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('GET', requestUrl, null, additionalHeaders || {}); + }); + } + del(requestUrl, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('DELETE', requestUrl, null, additionalHeaders || {}); + }); + } + post(requestUrl, data, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('POST', requestUrl, data, additionalHeaders || {}); + }); + } + patch(requestUrl, data, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('PATCH', requestUrl, data, additionalHeaders || {}); + }); + } + put(requestUrl, data, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('PUT', requestUrl, data, additionalHeaders || {}); + }); + } + head(requestUrl, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('HEAD', requestUrl, null, additionalHeaders || {}); + }); + } + sendStream(verb, requestUrl, stream, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request(verb, requestUrl, stream, additionalHeaders); + }); + } + /** + * Gets a typed object from an endpoint + * Be aware that not found returns a null. Other errors (4xx, 5xx) reject the promise + */ + getJson(requestUrl, additionalHeaders = {}) { + return __awaiter(this, void 0, void 0, function* () { + additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson); + const res = yield this.get(requestUrl, additionalHeaders); + return this._processResponse(res, this.requestOptions); + }); + } + postJson(requestUrl, obj, additionalHeaders = {}) { + return __awaiter(this, void 0, void 0, function* () { + const data = JSON.stringify(obj, null, 2); + additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson); + additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson); + const res = yield this.post(requestUrl, data, additionalHeaders); + return this._processResponse(res, this.requestOptions); + }); + } + putJson(requestUrl, obj, additionalHeaders = {}) { + return __awaiter(this, void 0, void 0, function* () { + const data = JSON.stringify(obj, null, 2); + additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson); + additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson); + const res = yield this.put(requestUrl, data, additionalHeaders); + return this._processResponse(res, this.requestOptions); + }); + } + patchJson(requestUrl, obj, additionalHeaders = {}) { + return __awaiter(this, void 0, void 0, function* () { + const data = JSON.stringify(obj, null, 2); + additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson); + additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson); + const res = yield this.patch(requestUrl, data, additionalHeaders); + return this._processResponse(res, this.requestOptions); + }); + } + /** + * Makes a raw http request. + * All other methods such as get, post, patch, and request ultimately call this. + * Prefer get, del, post and patch + */ + request(verb, requestUrl, data, headers) { + return __awaiter(this, void 0, void 0, function* () { + if (this._disposed) { + throw new Error('Client has already been disposed.'); + } + const parsedUrl = new URL(requestUrl); + let info = this._prepareRequest(verb, parsedUrl, headers); + // Only perform retries on reads since writes may not be idempotent. + const maxTries = this._allowRetries && RetryableHttpVerbs.includes(verb) + ? this._maxRetries + 1 + : 1; + let numTries = 0; + let response; + do { + response = yield this.requestRaw(info, data); + // Check if it's an authentication challenge + if (response && + response.message && + response.message.statusCode === HttpCodes.Unauthorized) { + let authenticationHandler; + for (const handler of this.handlers) { + if (handler.canHandleAuthentication(response)) { + authenticationHandler = handler; + break; + } + } + if (authenticationHandler) { + return authenticationHandler.handleAuthentication(this, info, data); + } + else { + // We have received an unauthorized response but have no handlers to handle it. + // Let the response return to the caller. + return response; + } + } + let redirectsRemaining = this._maxRedirects; + while (response.message.statusCode && + HttpRedirectCodes.includes(response.message.statusCode) && + this._allowRedirects && + redirectsRemaining > 0) { + const redirectUrl = response.message.headers['location']; + if (!redirectUrl) { + // if there's no location to redirect to, we won't + break; + } + const parsedRedirectUrl = new URL(redirectUrl); + if (parsedUrl.protocol === 'https:' && + parsedUrl.protocol !== parsedRedirectUrl.protocol && + !this._allowRedirectDowngrade) { + throw new Error('Redirect from HTTPS to HTTP protocol. This downgrade is not allowed for security reasons. If you want to allow this behavior, set the allowRedirectDowngrade option to true.'); + } + // we need to finish reading the response before reassigning response + // which will leak the open socket. + yield response.readBody(); + // strip authorization header if redirected to a different hostname + if (parsedRedirectUrl.hostname !== parsedUrl.hostname) { + for (const header in headers) { + // header names are case insensitive + if (header.toLowerCase() === 'authorization') { + delete headers[header]; + } + } + } + // let's make the request with the new redirectUrl + info = this._prepareRequest(verb, parsedRedirectUrl, headers); + response = yield this.requestRaw(info, data); + redirectsRemaining--; + } + if (!response.message.statusCode || + !HttpResponseRetryCodes.includes(response.message.statusCode)) { + // If not a retry code, return immediately instead of retrying + return response; + } + numTries += 1; + if (numTries < maxTries) { + yield response.readBody(); + yield this._performExponentialBackoff(numTries); + } + } while (numTries < maxTries); + return response; + }); + } + /** + * Needs to be called if keepAlive is set to true in request options. + */ + dispose() { + if (this._agent) { + this._agent.destroy(); + } + this._disposed = true; + } + /** + * Raw request. + * @param info + * @param data + */ + requestRaw(info, data) { + return __awaiter(this, void 0, void 0, function* () { + return new Promise((resolve, reject) => { + function callbackForResult(err, res) { + if (err) { + reject(err); + } + else if (!res) { + // If `err` is not passed, then `res` must be passed. + reject(new Error('Unknown error')); + } + else { + resolve(res); + } + } + this.requestRawWithCallback(info, data, callbackForResult); + }); + }); + } + /** + * Raw request with callback. + * @param info + * @param data + * @param onResult + */ + requestRawWithCallback(info, data, onResult) { + if (typeof data === 'string') { + if (!info.options.headers) { + info.options.headers = {}; + } + info.options.headers['Content-Length'] = Buffer.byteLength(data, 'utf8'); + } + let callbackCalled = false; + function handleResult(err, res) { + if (!callbackCalled) { + callbackCalled = true; + onResult(err, res); + } + } + const req = info.httpModule.request(info.options, (msg) => { + const res = new HttpClientResponse(msg); + handleResult(undefined, res); + }); + let socket; + req.on('socket', sock => { + socket = sock; + }); + // If we ever get disconnected, we want the socket to timeout eventually + req.setTimeout(this._socketTimeout || 3 * 60000, () => { + if (socket) { + socket.end(); + } + handleResult(new Error(`Request timeout: ${info.options.path}`)); + }); + req.on('error', function (err) { + // err has statusCode property + // res should have headers + handleResult(err); + }); + if (data && typeof data === 'string') { + req.write(data, 'utf8'); + } + if (data && typeof data !== 'string') { + data.on('close', function () { + req.end(); + }); + data.pipe(req); + } + else { + req.end(); + } + } + /** + * Gets an http agent. This function is useful when you need an http agent that handles + * routing through a proxy server - depending upon the url and proxy environment variables. + * @param serverUrl The server URL where the request will be sent. For example, https://api.github.com + */ + getAgent(serverUrl) { + const parsedUrl = new URL(serverUrl); + return this._getAgent(parsedUrl); + } + _prepareRequest(method, requestUrl, headers) { + const info = {}; + info.parsedUrl = requestUrl; + const usingSsl = info.parsedUrl.protocol === 'https:'; + info.httpModule = usingSsl ? https : http; + const defaultPort = usingSsl ? 443 : 80; + info.options = {}; + info.options.host = info.parsedUrl.hostname; + info.options.port = info.parsedUrl.port + ? parseInt(info.parsedUrl.port) + : defaultPort; + info.options.path = + (info.parsedUrl.pathname || '') + (info.parsedUrl.search || ''); + info.options.method = method; + info.options.headers = this._mergeHeaders(headers); + if (this.userAgent != null) { + info.options.headers['user-agent'] = this.userAgent; + } + info.options.agent = this._getAgent(info.parsedUrl); + // gives handlers an opportunity to participate + if (this.handlers) { + for (const handler of this.handlers) { + handler.prepareRequest(info.options); + } + } + return info; + } + _mergeHeaders(headers) { + if (this.requestOptions && this.requestOptions.headers) { + return Object.assign({}, lowercaseKeys(this.requestOptions.headers), lowercaseKeys(headers || {})); + } + return lowercaseKeys(headers || {}); + } + _getExistingOrDefaultHeader(additionalHeaders, header, _default) { + let clientHeader; + if (this.requestOptions && this.requestOptions.headers) { + clientHeader = lowercaseKeys(this.requestOptions.headers)[header]; + } + return additionalHeaders[header] || clientHeader || _default; + } + _getAgent(parsedUrl) { + let agent; + const proxyUrl = pm.getProxyUrl(parsedUrl); + const useProxy = proxyUrl && proxyUrl.hostname; + if (this._keepAlive && useProxy) { + agent = this._proxyAgent; + } + if (this._keepAlive && !useProxy) { + agent = this._agent; + } + // if agent is already assigned use that agent. + if (agent) { + return agent; + } + const usingSsl = parsedUrl.protocol === 'https:'; + let maxSockets = 100; + if (this.requestOptions) { + maxSockets = this.requestOptions.maxSockets || http.globalAgent.maxSockets; + } + // This is `useProxy` again, but we need to check `proxyURl` directly for TypeScripts's flow analysis. + if (proxyUrl && proxyUrl.hostname) { + const agentOptions = { + maxSockets, + keepAlive: this._keepAlive, + proxy: Object.assign(Object.assign({}, ((proxyUrl.username || proxyUrl.password) && { + proxyAuth: `${proxyUrl.username}:${proxyUrl.password}` + })), { host: proxyUrl.hostname, port: proxyUrl.port }) + }; + let tunnelAgent; + const overHttps = proxyUrl.protocol === 'https:'; + if (usingSsl) { + tunnelAgent = overHttps ? tunnel.httpsOverHttps : tunnel.httpsOverHttp; + } + else { + tunnelAgent = overHttps ? tunnel.httpOverHttps : tunnel.httpOverHttp; + } + agent = tunnelAgent(agentOptions); + this._proxyAgent = agent; + } + // if reusing agent across request and tunneling agent isn't assigned create a new agent + if (this._keepAlive && !agent) { + const options = { keepAlive: this._keepAlive, maxSockets }; + agent = usingSsl ? new https.Agent(options) : new http.Agent(options); + this._agent = agent; + } + // if not using private agent and tunnel agent isn't setup then use global agent + if (!agent) { + agent = usingSsl ? https.globalAgent : http.globalAgent; + } + if (usingSsl && this._ignoreSslError) { + // we don't want to set NODE_TLS_REJECT_UNAUTHORIZED=0 since that will affect request for entire process + // http.RequestOptions doesn't expose a way to modify RequestOptions.agent.options + // we have to cast it to any and change it directly + agent.options = Object.assign(agent.options || {}, { + rejectUnauthorized: false + }); + } + return agent; + } + _performExponentialBackoff(retryNumber) { + return __awaiter(this, void 0, void 0, function* () { + retryNumber = Math.min(ExponentialBackoffCeiling, retryNumber); + const ms = ExponentialBackoffTimeSlice * Math.pow(2, retryNumber); + return new Promise(resolve => setTimeout(() => resolve(), ms)); + }); + } + _processResponse(res, options) { + return __awaiter(this, void 0, void 0, function* () { + return new Promise((resolve, reject) => __awaiter(this, void 0, void 0, function* () { + const statusCode = res.message.statusCode || 0; + const response = { + statusCode, + result: null, + headers: {} + }; + // not found leads to null obj returned + if (statusCode === HttpCodes.NotFound) { + resolve(response); + } + // get the result from the body + function dateTimeDeserializer(key, value) { + if (typeof value === 'string') { + const a = new Date(value); + if (!isNaN(a.valueOf())) { + return a; + } + } + return value; + } + let obj; + let contents; + try { + contents = yield res.readBody(); + if (contents && contents.length > 0) { + if (options && options.deserializeDates) { + obj = JSON.parse(contents, dateTimeDeserializer); + } + else { + obj = JSON.parse(contents); + } + response.result = obj; + } + response.headers = res.message.headers; + } + catch (err) { + // Invalid resource (contents not json); leaving result obj null + } + // note that 3xx redirects are handled by the http layer. + if (statusCode > 299) { + let msg; + // if exception/error in body, attempt to get better error + if (obj && obj.message) { + msg = obj.message; + } + else if (contents && contents.length > 0) { + // it may be the case that the exception is in the body message as string + msg = contents; + } + else { + msg = `Failed request: (${statusCode})`; + } + const err = new HttpClientError(msg, statusCode); + err.result = response.result; + reject(err); + } + else { + resolve(response); + } + })); + }); + } +} +exports.HttpClient = HttpClient; +const lowercaseKeys = (obj) => Object.keys(obj).reduce((c, k) => ((c[k.toLowerCase()] = obj[k]), c), {}); +//# sourceMappingURL=index.js.map - /** - * @api private - */ - loadCachedId: function loadCachedId() { - var self = this; +/***/ }), - // in the browser we source default IdentityId from localStorage - if (AWS.util.isBrowser() && !self.params.IdentityId) { - var id = self.getStorage('id'); - if (id && self.params.Logins) { - var actualProviders = Object.keys(self.params.Logins); - var cachedProviders = - (self.getStorage('providers') || '').split(','); +/***/ 9835: +/***/ ((__unused_webpack_module, exports) => { - // only load ID if at least one provider used this ID before - var intersect = cachedProviders.filter(function(n) { - return actualProviders.indexOf(n) !== -1; - }); - if (intersect.length !== 0) { - self.params.IdentityId = id; +"use strict"; + +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.checkBypass = exports.getProxyUrl = void 0; +function getProxyUrl(reqUrl) { + const usingSsl = reqUrl.protocol === 'https:'; + if (checkBypass(reqUrl)) { + return undefined; + } + const proxyVar = (() => { + if (usingSsl) { + return process.env['https_proxy'] || process.env['HTTPS_PROXY']; } - } else if (id) { - self.params.IdentityId = id; - } + else { + return process.env['http_proxy'] || process.env['HTTP_PROXY']; + } + })(); + if (proxyVar) { + return new URL(proxyVar); } - }, - - /** - * @api private - */ - createClients: function() { - var clientConfig = this._clientConfig; - this.webIdentityCredentials = this.webIdentityCredentials || - new AWS.WebIdentityCredentials(this.params, clientConfig); - if (!this.cognito) { - var cognitoConfig = AWS.util.merge({}, clientConfig); - cognitoConfig.params = this.params; - this.cognito = new CognitoIdentity(cognitoConfig); + else { + return undefined; } - this.sts = this.sts || new STS(clientConfig); - }, +} +exports.getProxyUrl = getProxyUrl; +function checkBypass(reqUrl) { + if (!reqUrl.hostname) { + return false; + } + const noProxy = process.env['no_proxy'] || process.env['NO_PROXY'] || ''; + if (!noProxy) { + return false; + } + // Determine the request port + let reqPort; + if (reqUrl.port) { + reqPort = Number(reqUrl.port); + } + else if (reqUrl.protocol === 'http:') { + reqPort = 80; + } + else if (reqUrl.protocol === 'https:') { + reqPort = 443; + } + // Format the request hostname and hostname with port + const upperReqHosts = [reqUrl.hostname.toUpperCase()]; + if (typeof reqPort === 'number') { + upperReqHosts.push(`${upperReqHosts[0]}:${reqPort}`); + } + // Compare request host against noproxy + for (const upperNoProxyItem of noProxy + .split(',') + .map(x => x.trim().toUpperCase()) + .filter(x => x)) { + if (upperReqHosts.some(x => x === upperNoProxyItem)) { + return true; + } + } + return false; +} +exports.checkBypass = checkBypass; +//# sourceMappingURL=proxy.js.map - /** - * @api private - */ - cacheId: function cacheId(data) { - this._identityId = data.IdentityId; - this.params.IdentityId = this._identityId; +/***/ }), - // cache this IdentityId in browser localStorage if possible - if (AWS.util.isBrowser()) { - this.setStorage('id', data.IdentityId); +/***/ 4599: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { - if (this.params.Logins) { - this.setStorage('providers', Object.keys(this.params.Logins).join(',')); - } - } - }, +__nccwpck_require__(3639); +var AWS = __nccwpck_require__(8437); +var Service = AWS.Service; +var apiLoader = AWS.apiLoader; - /** - * @api private - */ - getStorage: function getStorage(key) { - return this.storage[this.localStorageKey[key] + this.params.IdentityPoolId + (this.params.LoginId || '')]; +apiLoader.services['codedeploy'] = {}; +AWS.CodeDeploy = Service.defineService('codedeploy', ['2014-10-06']); +Object.defineProperty(apiLoader.services['codedeploy'], '2014-10-06', { + get: function get() { + var model = __nccwpck_require__(967); + model.paginators = (__nccwpck_require__(1917)/* .pagination */ .o); + model.waiters = (__nccwpck_require__(2416)/* .waiters */ .V); + return model; }, + enumerable: true, + configurable: true +}); - /** - * @api private - */ - setStorage: function setStorage(key, val) { - try { - this.storage[this.localStorageKey[key] + this.params.IdentityPoolId + (this.params.LoginId || '')] = val; - } catch (_) {} - }, +module.exports = AWS.CodeDeploy; - /** - * @api private - */ - storage: (function() { - try { - var storage = AWS.util.isBrowser() && window.localStorage !== null && typeof window.localStorage === 'object' ? - window.localStorage : {}; - // Test set/remove which would throw an error in Safari's private browsing - storage['aws.test-storage'] = 'foobar'; - delete storage['aws.test-storage']; +/***/ }), - return storage; - } catch (_) { - return {}; - } - })() +/***/ 8291: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +__nccwpck_require__(3639); +var AWS = __nccwpck_require__(8437); +var Service = AWS.Service; +var apiLoader = AWS.apiLoader; + +apiLoader.services['cognitoidentity'] = {}; +AWS.CognitoIdentity = Service.defineService('cognitoidentity', ['2014-06-30']); +Object.defineProperty(apiLoader.services['cognitoidentity'], '2014-06-30', { + get: function get() { + var model = __nccwpck_require__(7377); + model.paginators = (__nccwpck_require__(5010)/* .pagination */ .o); + return model; + }, + enumerable: true, + configurable: true }); +module.exports = AWS.CognitoIdentity; -/***/ }), -/***/ 175: -/***/ (function(module, __unusedexports, __webpack_require__) { +/***/ }), -var util = __webpack_require__(395).util; -var toBuffer = util.buffer.toBuffer; +/***/ 58: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { -// All prelude components are unsigned, 32-bit integers -var PRELUDE_MEMBER_LENGTH = 4; -// The prelude consists of two components -var PRELUDE_LENGTH = PRELUDE_MEMBER_LENGTH * 2; -// Checksums are always CRC32 hashes. -var CHECKSUM_LENGTH = 4; -// Messages must include a full prelude, a prelude checksum, and a message checksum -var MINIMUM_MESSAGE_LENGTH = PRELUDE_LENGTH + CHECKSUM_LENGTH * 2; +__nccwpck_require__(3639); +var AWS = __nccwpck_require__(8437); +var Service = AWS.Service; +var apiLoader = AWS.apiLoader; -/** - * @api private - * - * @param {Buffer} message - */ -function splitMessage(message) { - if (!util.Buffer.isBuffer(message)) message = toBuffer(message); +apiLoader.services['iam'] = {}; +AWS.IAM = Service.defineService('iam', ['2010-05-08']); +Object.defineProperty(apiLoader.services['iam'], '2010-05-08', { + get: function get() { + var model = __nccwpck_require__(7041); + model.paginators = (__nccwpck_require__(7583)/* .pagination */ .o); + model.waiters = (__nccwpck_require__(7757)/* .waiters */ .V); + return model; + }, + enumerable: true, + configurable: true +}); - if (message.length < MINIMUM_MESSAGE_LENGTH) { - throw new Error('Provided message too short to accommodate event stream message overhead'); - } +module.exports = AWS.IAM; - if (message.length !== message.readUInt32BE(0)) { - throw new Error('Reported message length does not match received message length'); - } - var expectedPreludeChecksum = message.readUInt32BE(PRELUDE_LENGTH); +/***/ }), - if ( - expectedPreludeChecksum !== util.crypto.crc32( - message.slice(0, PRELUDE_LENGTH) - ) - ) { - throw new Error( - 'The prelude checksum specified in the message (' + - expectedPreludeChecksum + - ') does not match the calculated CRC32 checksum.' - ); - } +/***/ 7513: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { - var expectedMessageChecksum = message.readUInt32BE(message.length - CHECKSUM_LENGTH); +__nccwpck_require__(3639); +var AWS = __nccwpck_require__(8437); +var Service = AWS.Service; +var apiLoader = AWS.apiLoader; - if ( - expectedMessageChecksum !== util.crypto.crc32( - message.slice(0, message.length - CHECKSUM_LENGTH) - ) - ) { - throw new Error( - 'The message checksum did not match the expected value of ' + - expectedMessageChecksum - ); - } +apiLoader.services['sts'] = {}; +AWS.STS = Service.defineService('sts', ['2011-06-15']); +__nccwpck_require__(1055); +Object.defineProperty(apiLoader.services['sts'], '2011-06-15', { + get: function get() { + var model = __nccwpck_require__(753); + model.paginators = (__nccwpck_require__(6314)/* .pagination */ .o); + return model; + }, + enumerable: true, + configurable: true +}); - var headersStart = PRELUDE_LENGTH + CHECKSUM_LENGTH; - var headersEnd = headersStart + message.readUInt32BE(PRELUDE_MEMBER_LENGTH); +module.exports = AWS.STS; - return { - headers: message.slice(headersStart, headersEnd), - body: message.slice(headersEnd, message.length - CHECKSUM_LENGTH), - }; + +/***/ }), + +/***/ 2793: +/***/ ((module) => { + +function apiLoader(svc, version) { + if (!apiLoader.services.hasOwnProperty(svc)) { + throw new Error('InvalidService: Failed to load api for ' + svc); + } + return apiLoader.services[svc][version]; } /** * @api private + * + * This member of AWS.apiLoader is private, but changing it will necessitate a + * change to ../scripts/services-table-generator.ts */ -module.exports = { - splitMessage: splitMessage -}; - - -/***/ }), +apiLoader.services = {}; -/***/ 179: -/***/ (function(module) { +/** + * @api private + */ +module.exports = apiLoader; -module.exports = {"pagination":{"GetAccountAuthorizationDetails":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":["UserDetailList","GroupDetailList","RoleDetailList","Policies"]},"GetGroup":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"Users"},"ListAccessKeys":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"AccessKeyMetadata"},"ListAccountAliases":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"AccountAliases"},"ListAttachedGroupPolicies":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"AttachedPolicies"},"ListAttachedRolePolicies":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"AttachedPolicies"},"ListAttachedUserPolicies":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"AttachedPolicies"},"ListEntitiesForPolicy":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":["PolicyGroups","PolicyUsers","PolicyRoles"]},"ListGroupPolicies":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"PolicyNames"},"ListGroups":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"Groups"},"ListGroupsForUser":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"Groups"},"ListInstanceProfiles":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"InstanceProfiles"},"ListInstanceProfilesForRole":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"InstanceProfiles"},"ListMFADevices":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"MFADevices"},"ListPolicies":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"Policies"},"ListPolicyVersions":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"Versions"},"ListRolePolicies":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"PolicyNames"},"ListRoles":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"Roles"},"ListSAMLProviders":{"result_key":"SAMLProviderList"},"ListSSHPublicKeys":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"SSHPublicKeys"},"ListServerCertificates":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"ServerCertificateMetadataList"},"ListSigningCertificates":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"Certificates"},"ListUserPolicies":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"PolicyNames"},"ListUsers":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"Users"},"ListVirtualMFADevices":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"VirtualMFADevices"},"SimulateCustomPolicy":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"EvaluationResults"},"SimulatePrincipalPolicy":{"input_token":"Marker","limit_key":"MaxItems","more_results":"IsTruncated","output_token":"Marker","result_key":"EvaluationResults"}}}; /***/ }), -/***/ 187: -/***/ (function(__unusedmodule, __unusedexports, __webpack_require__) { +/***/ 8110: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { -var AWS = __webpack_require__(395); -__webpack_require__(923); -__webpack_require__(906); +var AWS = __nccwpck_require__(8437); +__nccwpck_require__(3819); +__nccwpck_require__(6965); var PromisesDependency; /** @@ -2660,7 +2715,7 @@ var PromisesDependency; * * @!attribute computeChecksums * @return [Boolean] whether to compute checksums for payload bodies when - * the service accepts it (currently supported in S3 only). + * the service accepts it (currently supported in S3 and SQS only). * * @!attribute convertResponseTypes * @return [Boolean] whether types are converted when parsing response data. @@ -2723,7 +2778,7 @@ var PromisesDependency; * retry count and error and returns the amount of time to delay in * milliseconds. If the result is a non-zero negative value, no further * retry attempts will be made. The `base` option will be ignored if this - * option is supplied. + * option is supplied. The function is only called for retryable errors. * * @!attribute httpOptions * @return [map] A set of options to pass to the low-level HTTP request. @@ -2739,9 +2794,9 @@ var PromisesDependency; * failing to establish a connection with the server after * `connectTimeout` milliseconds. This timeout has no effect once a socket * connection has been established. - * * **timeout** [Integer] — Sets the socket to timeout after timeout - * milliseconds of inactivity on the socket. Defaults to two minutes - * (120000) + * * **timeout** [Integer] — The number of milliseconds a request can + * take before automatically being terminated. + * Defaults to two minutes (120000). * * **xhrAsync** [Boolean] — Whether the SDK will send asynchronous * HTTP requests. Used in the browser environment only. Set to false to * send requests synchronously. Defaults to true (async on). @@ -2791,7 +2846,13 @@ var PromisesDependency; * @!attribute stsRegionalEndpoints * @return ['legacy'|'regional'] whether to send sts request to global endpoints or * regional endpoints. - * Defaults to 'legacy' + * Defaults to 'legacy'. + * + * @!attribute useFipsEndpoint + * @return [Boolean] Enables FIPS compatible endpoints. Defaults to `false`. + * + * @!attribute useDualstackEndpoint + * @return [Boolean] Enables IPv6 dualstack endpoint. Defaults to `false`. */ AWS.Config = AWS.util.inherit({ /** @@ -2876,7 +2937,7 @@ AWS.Config = AWS.util.inherit({ * retry count and error and returns the amount of time to delay in * milliseconds. If the result is a non-zero negative value, no further * retry attempts will be made. The `base` option will be ignored if this - * option is supplied. + * option is supplied. The function is only called for retryable errors. * @option options httpOptions [map] A set of options to pass to the low-level * HTTP request. Currently supported options are: * @@ -2946,6 +3007,10 @@ AWS.Config = AWS.util.inherit({ * @option options stsRegionalEndpoints ['legacy'|'regional'] whether to send sts request * to global endpoints or regional endpoints. * Defaults to 'legacy'. + * @option options useFipsEndpoint [Boolean] Enables FIPS compatible endpoints. + * Defaults to `false`. + * @option options useDualstackEndpoint [Boolean] Enables IPv6 dualstack endpoint. + * Defaults to `false`. */ constructor: function Config(options) { if (options === undefined) options = {}; @@ -3038,6 +3103,82 @@ AWS.Config = AWS.util.inherit({ } }, + /** + * Loads token from the configuration object. This is used internally + * by the SDK to ensure that refreshable {Token} objects are properly + * refreshed and loaded when sending a request. If you want to ensure that + * your token is loaded prior to a request, you can use this method + * directly to provide accurate token data stored in the object. + * + * @note If you configure the SDK with static token, the token data should + * already be present in {token} attribute. This method is primarily necessary + * to load token from asynchronous sources, or sources that can refresh + * token periodically. + * @example Getting your access token + * AWS.config.getToken(function(err) { + * if (err) console.log(err.stack); // token not loaded + * else console.log("Token:", AWS.config.token.token); + * }) + * @callback callback function(err) + * Called when the {token} have been properly set on the configuration object. + * + * @param err [Error] if this is set, token was not successfully loaded and + * this error provides information why. + * @see token + */ + getToken: function getToken(callback) { + var self = this; + + function finish(err) { + callback(err, err ? null : self.token); + } + + function tokenError(msg, err) { + return new AWS.util.error(err || new Error(), { + code: 'TokenError', + message: msg, + name: 'TokenError' + }); + } + + function getAsyncToken() { + self.token.get(function(err) { + if (err) { + var msg = 'Could not load token from ' + + self.token.constructor.name; + err = tokenError(msg, err); + } + finish(err); + }); + } + + function getStaticToken() { + var err = null; + if (!self.token.token) { + err = tokenError('Missing token'); + } + finish(err); + } + + if (self.token) { + if (typeof self.token.get === 'function') { + getAsyncToken(); + } else { // static token + getStaticToken(); + } + } else if (self.tokenProvider) { + self.tokenProvider.resolve(function(err, token) { + if (err) { + err = tokenError('Could not load token from any providers', err); + } + self.token = token; + finish(err); + }); + } else { + finish(tokenError('No token to load')); + } + }, + /** * @!group Loading and Setting Configuration Options */ @@ -3169,7 +3310,10 @@ AWS.Config = AWS.util.inherit({ endpointDiscoveryEnabled: undefined, endpointCacheSize: 1000, hostPrefixEnabled: true, - stsRegionalEndpoints: 'legacy' + stsRegionalEndpoints: 'legacy', + useFipsEndpoint: false, + useDualstackEndpoint: false, + token: null }, /** @@ -3226,458 +3370,587 @@ AWS.config = new AWS.Config(); /***/ }), -/***/ 191: -/***/ (function(module) { +/***/ 5566: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { -module.exports = require("querystring"); +var AWS = __nccwpck_require__(8437); +/** + * @api private + */ +function validateRegionalEndpointsFlagValue(configValue, errorOptions) { + if (typeof configValue !== 'string') return undefined; + else if (['legacy', 'regional'].indexOf(configValue.toLowerCase()) >= 0) { + return configValue.toLowerCase(); + } else { + throw AWS.util.error(new Error(), errorOptions); + } +} -/***/ }), +/** + * Resolve the configuration value for regional endpoint from difference sources: client + * config, environmental variable, shared config file. Value can be case-insensitive + * 'legacy' or 'reginal'. + * @param originalConfig user-supplied config object to resolve + * @param options a map of config property names from individual configuration source + * - env: name of environmental variable that refers to the config + * - sharedConfig: name of shared configuration file property that refers to the config + * - clientConfig: name of client configuration property that refers to the config + * + * @api private + */ +function resolveRegionalEndpointsFlag(originalConfig, options) { + originalConfig = originalConfig || {}; + //validate config value + var resolved; + if (originalConfig[options.clientConfig]) { + resolved = validateRegionalEndpointsFlagValue(originalConfig[options.clientConfig], { + code: 'InvalidConfiguration', + message: 'invalid "' + options.clientConfig + '" configuration. Expect "legacy" ' + + ' or "regional". Got "' + originalConfig[options.clientConfig] + '".' + }); + if (resolved) return resolved; + } + if (!AWS.util.isNode()) return resolved; + //validate environmental variable + if (Object.prototype.hasOwnProperty.call(process.env, options.env)) { + var envFlag = process.env[options.env]; + resolved = validateRegionalEndpointsFlagValue(envFlag, { + code: 'InvalidEnvironmentalVariable', + message: 'invalid ' + options.env + ' environmental variable. Expect "legacy" ' + + ' or "regional". Got "' + process.env[options.env] + '".' + }); + if (resolved) return resolved; + } + //validate shared config file + var profile = {}; + try { + var profiles = AWS.util.getProfilesFromSharedConfig(AWS.util.iniLoader); + profile = profiles[process.env.AWS_PROFILE || AWS.util.defaultProfile]; + } catch (e) {}; + if (profile && Object.prototype.hasOwnProperty.call(profile, options.sharedConfig)) { + var fileFlag = profile[options.sharedConfig]; + resolved = validateRegionalEndpointsFlagValue(fileFlag, { + code: 'InvalidConfiguration', + message: 'invalid ' + options.sharedConfig + ' profile config. Expect "legacy" ' + + ' or "regional". Got "' + profile[options.sharedConfig] + '".' + }); + if (resolved) return resolved; + } + return resolved; +} -/***/ 200: -/***/ (function(module) { +module.exports = resolveRegionalEndpointsFlag; -module.exports = require("dgram"); /***/ }), -/***/ 210: -/***/ (function(__unusedmodule, exports) { +/***/ 8437: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { -// Generated by CoffeeScript 1.12.7 -(function() { - "use strict"; - exports.stripBOM = function(str) { - if (str[0] === '\uFEFF') { - return str.substring(1); - } else { - return str; - } - }; +/** + * The main AWS namespace + */ +var AWS = { util: __nccwpck_require__(7985) }; -}).call(this); +/** + * @api private + * @!macro [new] nobrowser + * @note This feature is not supported in the browser environment of the SDK. + */ +var _hidden = {}; _hidden.toString(); // hack to parse macro +/** + * @api private + */ +module.exports = AWS; -/***/ }), +AWS.util.update(AWS, { -/***/ 211: -/***/ (function(module) { + /** + * @constant + */ + VERSION: '2.1246.0', -module.exports = require("https"); + /** + * @api private + */ + Signers: {}, -/***/ }), + /** + * @api private + */ + Protocol: { + Json: __nccwpck_require__(83), + Query: __nccwpck_require__(761), + Rest: __nccwpck_require__(8200), + RestJson: __nccwpck_require__(5883), + RestXml: __nccwpck_require__(5143) + }, -/***/ 213: -/***/ (function(module) { + /** + * @api private + */ + XML: { + Builder: __nccwpck_require__(3546), + Parser: null // conditionally set based on environment + }, -module.exports = require("timers"); - -/***/ }), - -/***/ 214: -/***/ (function(module, __unusedexports, __webpack_require__) { - -__webpack_require__(234); -var AWS = __webpack_require__(395); -var Service = AWS.Service; -var apiLoader = AWS.apiLoader; - -apiLoader.services['cognitoidentity'] = {}; -AWS.CognitoIdentity = Service.defineService('cognitoidentity', ['2014-06-30']); -__webpack_require__(382); -Object.defineProperty(apiLoader.services['cognitoidentity'], '2014-06-30', { - get: function get() { - var model = __webpack_require__(56); - model.paginators = __webpack_require__(280).pagination; - return model; - }, - enumerable: true, - configurable: true -}); - -module.exports = AWS.CognitoIdentity; - - -/***/ }), - -/***/ 220: -/***/ (function(module, __unusedexports, __webpack_require__) { - -var AWS = __webpack_require__(395); -var inherit = AWS.util.inherit; - -/** - * @api private - */ -AWS.Signers.V2 = inherit(AWS.Signers.RequestSigner, { - addAuthorization: function addAuthorization(credentials, date) { - - if (!date) date = AWS.util.date.getDate(); - - var r = this.request; - - r.params.Timestamp = AWS.util.date.iso8601(date); - r.params.SignatureVersion = '2'; - r.params.SignatureMethod = 'HmacSHA256'; - r.params.AWSAccessKeyId = credentials.accessKeyId; - - if (credentials.sessionToken) { - r.params.SecurityToken = credentials.sessionToken; - } - - delete r.params.Signature; // delete old Signature for re-signing - r.params.Signature = this.signature(credentials); - - r.body = AWS.util.queryParamsToString(r.params); - r.headers['Content-Length'] = r.body.length; + /** + * @api private + */ + JSON: { + Builder: __nccwpck_require__(7495), + Parser: __nccwpck_require__(5474) }, - signature: function signature(credentials) { - return AWS.util.crypto.hmac(credentials.secretAccessKey, this.stringToSign(), 'base64'); + /** + * @api private + */ + Model: { + Api: __nccwpck_require__(7657), + Operation: __nccwpck_require__(8083), + Shape: __nccwpck_require__(1349), + Paginator: __nccwpck_require__(5938), + ResourceWaiter: __nccwpck_require__(1368) }, - stringToSign: function stringToSign() { - var parts = []; - parts.push(this.request.method); - parts.push(this.request.endpoint.host.toLowerCase()); - parts.push(this.request.pathname()); - parts.push(AWS.util.queryParamsToString(this.request.params)); - return parts.join('\n'); - } + /** + * @api private + */ + apiLoader: __nccwpck_require__(2793), + /** + * @api private + */ + EndpointCache: (__nccwpck_require__(6323)/* .EndpointCache */ .$) }); +__nccwpck_require__(5948); +__nccwpck_require__(8903); +__nccwpck_require__(8110); +__nccwpck_require__(1556); +__nccwpck_require__(4995); +__nccwpck_require__(8652); +__nccwpck_require__(8743); +__nccwpck_require__(9925); +__nccwpck_require__(9897); +__nccwpck_require__(9127); /** - * @api private + * @readonly + * @return [AWS.SequentialExecutor] a collection of global event listeners that + * are attached to every sent request. + * @see AWS.Request AWS.Request for a list of events to listen for + * @example Logging the time taken to send a request + * AWS.events.on('send', function startSend(resp) { + * resp.startTime = new Date().getTime(); + * }).on('complete', function calculateTime(resp) { + * var time = (new Date().getTime() - resp.startTime) / 1000; + * console.log('Request took ' + time + ' seconds'); + * }); + * + * new AWS.S3().listBuckets(); // prints 'Request took 0.285 seconds' */ -module.exports = AWS.Signers.V2; - - -/***/ }), +AWS.events = new AWS.SequentialExecutor(); -/***/ 229: -/***/ (function(module) { +//create endpoint cache lazily +AWS.util.memoizedProperty(AWS, 'endpointCache', function() { + return new AWS.EndpointCache(AWS.config.endpointCacheSize); +}, true); -module.exports = require("domain"); /***/ }), -/***/ 232: -/***/ (function(module, __unusedexports, __webpack_require__) { +/***/ 3819: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { -var AWS = __webpack_require__(395); -/** - * @api private - */ -function validateRegionalEndpointsFlagValue(configValue, errorOptions) { - if (typeof configValue !== 'string') return undefined; - else if (['legacy', 'regional'].indexOf(configValue.toLowerCase()) >= 0) { - return configValue.toLowerCase(); - } else { - throw AWS.util.error(new Error(), errorOptions); - } -} +var AWS = __nccwpck_require__(8437); /** - * Resolve the configuration value for regional endpoint from difference sources: client - * config, environmental variable, shared config file. Value can be case-insensitive - * 'legacy' or 'reginal'. - * @param originalConfig user-supplied config object to resolve - * @param options a map of config property names from individual configuration source - * - env: name of environmental variable that refers to the config - * - sharedConfig: name of shared configuration file property that refers to the config - * - clientConfig: name of client configuration property that refers to the config + * Represents your AWS security credentials, specifically the + * {accessKeyId}, {secretAccessKey}, and optional {sessionToken}. + * Creating a `Credentials` object allows you to pass around your + * security information to configuration and service objects. * - * @api private + * Note that this class typically does not need to be constructed manually, + * as the {AWS.Config} and {AWS.Service} classes both accept simple + * options hashes with the three keys. These structures will be converted + * into Credentials objects automatically. + * + * ## Expiring and Refreshing Credentials + * + * Occasionally credentials can expire in the middle of a long-running + * application. In this case, the SDK will automatically attempt to + * refresh the credentials from the storage location if the Credentials + * class implements the {refresh} method. + * + * If you are implementing a credential storage location, you + * will want to create a subclass of the `Credentials` class and + * override the {refresh} method. This method allows credentials to be + * retrieved from the backing store, be it a file system, database, or + * some network storage. The method should reset the credential attributes + * on the object. + * + * @!attribute expired + * @return [Boolean] whether the credentials have been expired and + * require a refresh. Used in conjunction with {expireTime}. + * @!attribute expireTime + * @return [Date] a time when credentials should be considered expired. Used + * in conjunction with {expired}. + * @!attribute accessKeyId + * @return [String] the AWS access key ID + * @!attribute secretAccessKey + * @return [String] the AWS secret access key + * @!attribute sessionToken + * @return [String] an optional AWS session token */ -function resolveRegionalEndpointsFlag(originalConfig, options) { - originalConfig = originalConfig || {}; - //validate config value - var resolved; - if (originalConfig[options.clientConfig]) { - resolved = validateRegionalEndpointsFlagValue(originalConfig[options.clientConfig], { - code: 'InvalidConfiguration', - message: 'invalid "' + options.clientConfig + '" configuration. Expect "legacy" ' + - ' or "regional". Got "' + originalConfig[options.clientConfig] + '".' - }); - if (resolved) return resolved; - } - if (!AWS.util.isNode()) return resolved; - //validate environmental variable - if (Object.prototype.hasOwnProperty.call(process.env, options.env)) { - var envFlag = process.env[options.env]; - resolved = validateRegionalEndpointsFlagValue(envFlag, { - code: 'InvalidEnvironmentalVariable', - message: 'invalid ' + options.env + ' environmental variable. Expect "legacy" ' + - ' or "regional". Got "' + process.env[options.env] + '".' - }); - if (resolved) return resolved; - } - //validate shared config file - var profile = {}; - try { - var profiles = AWS.util.getProfilesFromSharedConfig(AWS.util.iniLoader); - profile = profiles[process.env.AWS_PROFILE || AWS.util.defaultProfile]; - } catch (e) {}; - if (profile && Object.prototype.hasOwnProperty.call(profile, options.sharedConfig)) { - var fileFlag = profile[options.sharedConfig]; - resolved = validateRegionalEndpointsFlagValue(fileFlag, { - code: 'InvalidConfiguration', - message: 'invalid ' + options.sharedConfig + ' profile config. Expect "legacy" ' + - ' or "regional". Got "' + profile[options.sharedConfig] + '".' - }); - if (resolved) return resolved; - } - return resolved; -} +AWS.Credentials = AWS.util.inherit({ + /** + * A credentials object can be created using positional arguments or an options + * hash. + * + * @overload AWS.Credentials(accessKeyId, secretAccessKey, sessionToken=null) + * Creates a Credentials object with a given set of credential information + * as positional arguments. + * @param accessKeyId [String] the AWS access key ID + * @param secretAccessKey [String] the AWS secret access key + * @param sessionToken [String] the optional AWS session token + * @example Create a credentials object with AWS credentials + * var creds = new AWS.Credentials('akid', 'secret', 'session'); + * @overload AWS.Credentials(options) + * Creates a Credentials object with a given set of credential information + * as an options hash. + * @option options accessKeyId [String] the AWS access key ID + * @option options secretAccessKey [String] the AWS secret access key + * @option options sessionToken [String] the optional AWS session token + * @example Create a credentials object with AWS credentials + * var creds = new AWS.Credentials({ + * accessKeyId: 'akid', secretAccessKey: 'secret', sessionToken: 'session' + * }); + */ + constructor: function Credentials() { + // hide secretAccessKey from being displayed with util.inspect + AWS.util.hideProperties(this, ['secretAccessKey']); -module.exports = resolveRegionalEndpointsFlag; + this.expired = false; + this.expireTime = null; + this.refreshCallbacks = []; + if (arguments.length === 1 && typeof arguments[0] === 'object') { + var creds = arguments[0].credentials || arguments[0]; + this.accessKeyId = creds.accessKeyId; + this.secretAccessKey = creds.secretAccessKey; + this.sessionToken = creds.sessionToken; + } else { + this.accessKeyId = arguments[0]; + this.secretAccessKey = arguments[1]; + this.sessionToken = arguments[2]; + } + }, + /** + * @return [Integer] the number of seconds before {expireTime} during which + * the credentials will be considered expired. + */ + expiryWindow: 15, -/***/ }), + /** + * @return [Boolean] whether the credentials object should call {refresh} + * @note Subclasses should override this method to provide custom refresh + * logic. + */ + needsRefresh: function needsRefresh() { + var currentTime = AWS.util.date.getDate().getTime(); + var adjustedTime = new Date(currentTime + this.expiryWindow * 1000); -/***/ 234: -/***/ (function(module, __unusedexports, __webpack_require__) { + if (this.expireTime && adjustedTime > this.expireTime) { + return true; + } else { + return this.expired || !this.accessKeyId || !this.secretAccessKey; + } + }, -var util = __webpack_require__(153); - -util.isBrowser = function() { return false; }; -util.isNode = function() { return true; }; - -// node.js specific modules -util.crypto.lib = __webpack_require__(417); -util.Buffer = __webpack_require__(293).Buffer; -util.domain = __webpack_require__(229); -util.stream = __webpack_require__(413); -util.url = __webpack_require__(414); -util.querystring = __webpack_require__(191); -util.environment = 'nodejs'; -util.createEventStream = util.stream.Readable ? - __webpack_require__(445).createEventStream : __webpack_require__(661).createEventStream; -util.realClock = __webpack_require__(693); -util.clientSideMonitoring = { - Publisher: __webpack_require__(701).Publisher, - configProvider: __webpack_require__(762), -}; -util.iniLoader = __webpack_require__(892).iniLoader; - -var AWS; - -/** - * @api private - */ -module.exports = AWS = __webpack_require__(395); - -__webpack_require__(923); -__webpack_require__(906); -__webpack_require__(43); -__webpack_require__(543); -__webpack_require__(306); -__webpack_require__(170); -__webpack_require__(966); -__webpack_require__(982); - -// Load the xml2js XML parser -AWS.XML.Parser = __webpack_require__(810); - -// Load Node HTTP client -__webpack_require__(888); + /** + * Gets the existing credentials, refreshing them if they are not yet loaded + * or have expired. Users should call this method before using {refresh}, + * as this will not attempt to reload credentials when they are already + * loaded into the object. + * + * @callback callback function(err) + * When this callback is called with no error, it means either credentials + * do not need to be refreshed or refreshed credentials information has + * been loaded into the object (as the `accessKeyId`, `secretAccessKey`, + * and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + */ + get: function get(callback) { + var self = this; + if (this.needsRefresh()) { + this.refresh(function(err) { + if (!err) self.expired = false; // reset expired flag + if (callback) callback(err); + }); + } else if (callback) { + callback(); + } + }, -__webpack_require__(818); + /** + * @!method getPromise() + * Returns a 'thenable' promise. + * Gets the existing credentials, refreshing them if they are not yet loaded + * or have expired. Users should call this method before using {refresh}, + * as this will not attempt to reload credentials when they are already + * loaded into the object. + * + * Two callbacks can be provided to the `then` method on the returned promise. + * The first callback will be called if the promise is fulfilled, and the second + * callback will be called if the promise is rejected. + * @callback fulfilledCallback function() + * Called if the promise is fulfilled. When this callback is called, it + * means either credentials do not need to be refreshed or refreshed + * credentials information has been loaded into the object (as the + * `accessKeyId`, `secretAccessKey`, and `sessionToken` properties). + * @callback rejectedCallback function(err) + * Called if the promise is rejected. + * @param err [Error] if an error occurred, this value will be filled + * @return [Promise] A promise that represents the state of the `get` call. + * @example Calling the `getPromise` method. + * var promise = credProvider.getPromise(); + * promise.then(function() { ... }, function(err) { ... }); + */ -// Load custom credential providers -__webpack_require__(868); -__webpack_require__(103); -__webpack_require__(426); -__webpack_require__(316); -__webpack_require__(872); -__webpack_require__(634); -__webpack_require__(22); -__webpack_require__(982); - -// Setup default chain providers -// If this changes, please update documentation for -// AWS.CredentialProviderChain.defaultProviders in -// credentials/credential_provider_chain.js -AWS.CredentialProviderChain.defaultProviders = [ - function () { return new AWS.EnvironmentCredentials('AWS'); }, - function () { return new AWS.EnvironmentCredentials('AMAZON'); }, - function () { return new AWS.SharedIniFileCredentials(); }, - function () { return new AWS.ECSCredentials(); }, - function () { return new AWS.ProcessCredentials(); }, - function () { return new AWS.TokenFileWebIdentityCredentials(); }, - function () { return new AWS.EC2MetadataCredentials(); } -]; + /** + * @!method refreshPromise() + * Returns a 'thenable' promise. + * Refreshes the credentials. Users should call {get} before attempting + * to forcibly refresh credentials. + * + * Two callbacks can be provided to the `then` method on the returned promise. + * The first callback will be called if the promise is fulfilled, and the second + * callback will be called if the promise is rejected. + * @callback fulfilledCallback function() + * Called if the promise is fulfilled. When this callback is called, it + * means refreshed credentials information has been loaded into the object + * (as the `accessKeyId`, `secretAccessKey`, and `sessionToken` properties). + * @callback rejectedCallback function(err) + * Called if the promise is rejected. + * @param err [Error] if an error occurred, this value will be filled + * @return [Promise] A promise that represents the state of the `refresh` call. + * @example Calling the `refreshPromise` method. + * var promise = credProvider.refreshPromise(); + * promise.then(function() { ... }, function(err) { ... }); + */ -// Update configuration keys -AWS.util.update(AWS.Config.prototype.keys, { - credentials: function () { - var credentials = null; - new AWS.CredentialProviderChain([ - function () { return new AWS.EnvironmentCredentials('AWS'); }, - function () { return new AWS.EnvironmentCredentials('AMAZON'); }, - function () { return new AWS.SharedIniFileCredentials({ disableAssumeRole: true }); } - ]).resolve(function(err, creds) { - if (!err) credentials = creds; - }); - return credentials; - }, - credentialProvider: function() { - return new AWS.CredentialProviderChain(); + /** + * Refreshes the credentials. Users should call {get} before attempting + * to forcibly refresh credentials. + * + * @callback callback function(err) + * When this callback is called with no error, it means refreshed + * credentials information has been loaded into the object (as the + * `accessKeyId`, `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @note Subclasses should override this class to reset the + * {accessKeyId}, {secretAccessKey} and optional {sessionToken} + * on the credentials object and then call the callback with + * any error information. + * @see get + */ + refresh: function refresh(callback) { + this.expired = false; + callback(); }, - logger: function () { - return process.env.AWSJS_DEBUG ? console : null; + + /** + * @api private + * @param callback + */ + coalesceRefresh: function coalesceRefresh(callback, sync) { + var self = this; + if (self.refreshCallbacks.push(callback) === 1) { + self.load(function onLoad(err) { + AWS.util.arrayEach(self.refreshCallbacks, function(callback) { + if (sync) { + callback(err); + } else { + // callback could throw, so defer to ensure all callbacks are notified + AWS.util.defer(function () { + callback(err); + }); + } + }); + self.refreshCallbacks.length = 0; + }); + } }, - region: function() { - var env = process.env; - var region = env.AWS_REGION || env.AMAZON_REGION; - if (env[AWS.util.configOptInEnv]) { - var toCheck = [ - {filename: env[AWS.util.sharedCredentialsFileEnv]}, - {isConfig: true, filename: env[AWS.util.sharedConfigFileEnv]} - ]; - var iniLoader = AWS.util.iniLoader; - while (!region && toCheck.length) { - var configFile = iniLoader.loadFrom(toCheck.shift()); - var profile = configFile[env.AWS_PROFILE || AWS.util.defaultProfile]; - region = profile && profile.region; - } - } - return region; + + /** + * @api private + * @param callback + */ + load: function load(callback) { + callback(); } }); -// Reset configuration -AWS.config = new AWS.Config(); - - -/***/ }), - -/***/ 262: -/***/ (function(module) { - -module.exports = {"pagination":{}}; - -/***/ }), - -/***/ 265: -/***/ (function(module, __unusedexports, __webpack_require__) { - -var property = __webpack_require__(153).property; - -function Paginator(name, paginator) { - property(this, 'inputToken', paginator.input_token); - property(this, 'limitKey', paginator.limit_key); - property(this, 'moreResults', paginator.more_results); - property(this, 'outputToken', paginator.output_token); - property(this, 'resultKey', paginator.result_key); -} - /** * @api private */ -module.exports = Paginator; - - -/***/ }), - -/***/ 280: -/***/ (function(module) { - -module.exports = {"pagination":{}}; - -/***/ }), - -/***/ 293: -/***/ (function(module) { - -module.exports = require("buffer"); +AWS.Credentials.addPromisesToClass = function addPromisesToClass(PromiseDependency) { + this.prototype.getPromise = AWS.util.promisifyMethod('get', PromiseDependency); + this.prototype.refreshPromise = AWS.util.promisifyMethod('refresh', PromiseDependency); +}; -/***/ }), +/** + * @api private + */ +AWS.Credentials.deletePromisesFromClass = function deletePromisesFromClass() { + delete this.prototype.getPromise; + delete this.prototype.refreshPromise; +}; -/***/ 304: -/***/ (function(module) { +AWS.util.addPromises(AWS.Credentials); -module.exports = require("string_decoder"); /***/ }), -/***/ 306: -/***/ (function(__unusedmodule, __unusedexports, __webpack_require__) { +/***/ 7083: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { -var AWS = __webpack_require__(395); -var STS = __webpack_require__(733); +var AWS = __nccwpck_require__(8437); +var STS = __nccwpck_require__(7513); /** - * Represents credentials retrieved from STS Web Identity Federation support. - * - * By default this provider gets credentials using the - * {AWS.STS.assumeRoleWithWebIdentity} service operation. This operation - * requires a `RoleArn` containing the ARN of the IAM trust policy for the - * application for which credentials will be given. In addition, the - * `WebIdentityToken` must be set to the token provided by the identity - * provider. See {constructor} for an example on creating a credentials - * object with proper `RoleArn` and `WebIdentityToken` values. + * Represents temporary credentials retrieved from {AWS.STS}. Without any + * extra parameters, credentials will be fetched from the + * {AWS.STS.getSessionToken} operation. If an IAM role is provided, the + * {AWS.STS.assumeRole} operation will be used to fetch credentials for the + * role instead. * - * ## Refreshing Credentials from Identity Service + * AWS.ChainableTemporaryCredentials differs from AWS.TemporaryCredentials in + * the way masterCredentials and refreshes are handled. + * AWS.ChainableTemporaryCredentials refreshes expired credentials using the + * masterCredentials passed by the user to support chaining of STS credentials. + * However, AWS.TemporaryCredentials recursively collapses the masterCredentials + * during instantiation, precluding the ability to refresh credentials which + * require intermediate, temporary credentials. * - * In addition to AWS credentials expiring after a given amount of time, the - * login token from the identity provider will also expire. Once this token - * expires, it will not be usable to refresh AWS credentials, and another - * token will be needed. The SDK does not manage refreshing of the token value, - * but this can be done through a "refresh token" supported by most identity - * providers. Consult the documentation for the identity provider for refreshing - * tokens. Once the refreshed token is acquired, you should make sure to update - * this new token in the credentials object's {params} property. The following - * code will update the WebIdentityToken, assuming you have retrieved an updated - * token from the identity provider: + * For example, if the application should use RoleA, which must be assumed from + * RoleB, and the environment provides credentials which can assume RoleB, then + * AWS.ChainableTemporaryCredentials must be used to support refreshing the + * temporary credentials for RoleA: * * ```javascript - * AWS.config.credentials.params.WebIdentityToken = updatedToken; - * ``` - * - * Future calls to `credentials.refresh()` will now use the new token. + * var roleACreds = new AWS.ChainableTemporaryCredentials({ + * params: {RoleArn: 'RoleA'}, + * masterCredentials: new AWS.ChainableTemporaryCredentials({ + * params: {RoleArn: 'RoleB'}, + * masterCredentials: new AWS.EnvironmentCredentials('AWS') + * }) + * }); + * ``` * - * @!attribute params - * @return [map] the map of params passed to - * {AWS.STS.assumeRoleWithWebIdentity}. To update the token, set the - * `params.WebIdentityToken` property. - * @!attribute data - * @return [map] the raw data response from the call to - * {AWS.STS.assumeRoleWithWebIdentity}. Use this if you want to get - * access to other properties from the response. + * If AWS.TemporaryCredentials had been used in the previous example, + * `roleACreds` would fail to refresh because `roleACreds` would + * use the environment credentials for the AssumeRole request. + * + * Another difference is that AWS.ChainableTemporaryCredentials creates the STS + * service instance during instantiation while AWS.TemporaryCredentials creates + * the STS service instance during the first refresh. Creating the service + * instance during instantiation effectively captures the master credentials + * from the global config, so that subsequent changes to the global config do + * not affect the master credentials used to refresh the temporary credentials. + * + * This allows an instance of AWS.ChainableTemporaryCredentials to be assigned + * to AWS.config.credentials: + * + * ```javascript + * var envCreds = new AWS.EnvironmentCredentials('AWS'); + * AWS.config.credentials = envCreds; + * // masterCredentials will be envCreds + * AWS.config.credentials = new AWS.ChainableTemporaryCredentials({ + * params: {RoleArn: '...'} + * }); + * ``` + * + * Similarly, to use the CredentialProviderChain's default providers as the + * master credentials, simply create a new instance of + * AWS.ChainableTemporaryCredentials: + * + * ```javascript + * AWS.config.credentials = new ChainableTemporaryCredentials({ + * params: {RoleArn: '...'} + * }); + * ``` + * + * @!attribute service + * @return [AWS.STS] the STS service instance used to + * get and refresh temporary credentials from AWS STS. + * @note (see constructor) */ -AWS.WebIdentityCredentials = AWS.util.inherit(AWS.Credentials, { +AWS.ChainableTemporaryCredentials = AWS.util.inherit(AWS.Credentials, { /** - * Creates a new credentials object. - * @param (see AWS.STS.assumeRoleWithWebIdentity) - * @example Creating a new credentials object - * AWS.config.credentials = new AWS.WebIdentityCredentials({ - * RoleArn: 'arn:aws:iam::1234567890:role/WebIdentity', - * WebIdentityToken: 'ABCDEFGHIJKLMNOP', // token from identity service - * RoleSessionName: 'web' // optional name, defaults to web-identity - * }, { - * // optionally provide configuration to apply to the underlying AWS.STS service client - * // if configuration is not provided, then configuration will be pulled from AWS.config + * Creates a new temporary credentials object. * - * // specify timeout options - * httpOptions: { - * timeout: 100 + * @param options [map] a set of options + * @option options params [map] ({}) a map of options that are passed to the + * {AWS.STS.assumeRole} or {AWS.STS.getSessionToken} operations. + * If a `RoleArn` parameter is passed in, credentials will be based on the + * IAM role. If a `SerialNumber` parameter is passed in, {tokenCodeFn} must + * also be passed in or an error will be thrown. + * @option options masterCredentials [AWS.Credentials] the master credentials + * used to get and refresh temporary credentials from AWS STS. By default, + * AWS.config.credentials or AWS.config.credentialProvider will be used. + * @option options tokenCodeFn [Function] (null) Function to provide + * `TokenCode`, if `SerialNumber` is provided for profile in {params}. Function + * is called with value of `SerialNumber` and `callback`, and should provide + * the `TokenCode` or an error to the callback in the format + * `callback(err, token)`. + * @example Creating a new credentials object for generic temporary credentials + * AWS.config.credentials = new AWS.ChainableTemporaryCredentials(); + * @example Creating a new credentials object for an IAM role + * AWS.config.credentials = new AWS.ChainableTemporaryCredentials({ + * params: { + * RoleArn: 'arn:aws:iam::1234567890:role/TemporaryCredentials' * } * }); - * @see AWS.STS.assumeRoleWithWebIdentity - * @see AWS.Config + * @see AWS.STS.assumeRole + * @see AWS.STS.getSessionToken */ - constructor: function WebIdentityCredentials(params, clientConfig) { + constructor: function ChainableTemporaryCredentials(options) { AWS.Credentials.call(this); + options = options || {}; + this.errorCode = 'ChainableTemporaryCredentialsProviderFailure'; this.expired = true; - this.params = params; - this.params.RoleSessionName = this.params.RoleSessionName || 'web-identity'; - this.data = null; - this._clientConfig = AWS.util.copy(clientConfig || {}); + this.tokenCodeFn = null; + + var params = AWS.util.copy(options.params) || {}; + if (params.RoleArn) { + params.RoleSessionName = params.RoleSessionName || 'temporary-credentials'; + } + if (params.SerialNumber) { + if (!options.tokenCodeFn || (typeof options.tokenCodeFn !== 'function')) { + throw new AWS.util.error( + new Error('tokenCodeFn must be a function when params.SerialNumber is given'), + {code: this.errorCode} + ); + } else { + this.tokenCodeFn = options.tokenCodeFn; + } + } + var config = AWS.util.merge( + { + params: params, + credentials: options.masterCredentials || AWS.config.credentials + }, + options.stsConfig || {} + ); + this.service = new STS(config); }, /** - * Refreshes credentials using {AWS.STS.assumeRoleWithWebIdentity} + * Refreshes credentials using {AWS.STS.assumeRole} or + * {AWS.STS.getSessionToken}, depending on whether an IAM role ARN was passed + * to the credentials {constructor}. * * @callback callback function(err) * Called when the STS service responds (or fails). When @@ -3685,7 +3958,7 @@ AWS.WebIdentityCredentials = AWS.util.inherit(AWS.Credentials, { * information has been loaded into the object (as the `accessKeyId`, * `secretAccessKey`, and `sessionToken` properties). * @param err [Error] if an error occurred, this value will be filled - * @see get + * @see AWS.Credentials.get */ refresh: function refresh(callback) { this.coalesceRefresh(callback || AWS.util.fn.callback); @@ -3693,699 +3966,817 @@ AWS.WebIdentityCredentials = AWS.util.inherit(AWS.Credentials, { /** * @api private + * @param callback */ load: function load(callback) { var self = this; - self.createClients(); - self.service.assumeRoleWithWebIdentity(function (err, data) { - self.data = null; - if (!err) { - self.data = data; - self.service.credentialsFrom(data, self); + var operation = self.service.config.params.RoleArn ? 'assumeRole' : 'getSessionToken'; + this.getTokenCode(function (err, tokenCode) { + var params = {}; + if (err) { + callback(err); + return; } - callback(err); + if (tokenCode) { + params.TokenCode = tokenCode; + } + self.service[operation](params, function (err, data) { + if (!err) { + self.service.credentialsFrom(data, self); + } + callback(err); + }); }); }, /** * @api private */ - createClients: function() { - if (!this.service) { - var stsConfig = AWS.util.merge({}, this._clientConfig); - stsConfig.params = this.params; - this.service = new STS(stsConfig); + getTokenCode: function getTokenCode(callback) { + var self = this; + if (this.tokenCodeFn) { + this.tokenCodeFn(this.service.config.params.SerialNumber, function (err, token) { + if (err) { + var message = err; + if (err instanceof Error) { + message = err.message; + } + callback( + AWS.util.error( + new Error('Error fetching MFA token: ' + message), + { code: self.errorCode} + ) + ); + return; + } + callback(null, token); + }); + } else { + callback(null); } } - }); /***/ }), -/***/ 312: -/***/ (function(module, __unusedexports, __webpack_require__) { - -// Generated by CoffeeScript 1.12.7 -(function() { - var XMLDocument, XMLDocumentCB, XMLStreamWriter, XMLStringWriter, assign, isFunction, ref; - - ref = __webpack_require__(582), assign = ref.assign, isFunction = ref.isFunction; - - XMLDocument = __webpack_require__(559); +/***/ 3498: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { - XMLDocumentCB = __webpack_require__(768); +var AWS = __nccwpck_require__(8437); +var CognitoIdentity = __nccwpck_require__(8291); +var STS = __nccwpck_require__(7513); - XMLStringWriter = __webpack_require__(750); - - XMLStreamWriter = __webpack_require__(458); +/** + * Represents credentials retrieved from STS Web Identity Federation using + * the Amazon Cognito Identity service. + * + * By default this provider gets credentials using the + * {AWS.CognitoIdentity.getCredentialsForIdentity} service operation, which + * requires either an `IdentityId` or an `IdentityPoolId` (Amazon Cognito + * Identity Pool ID), which is used to call {AWS.CognitoIdentity.getId} to + * obtain an `IdentityId`. If the identity or identity pool is not configured in + * the Amazon Cognito Console to use IAM roles with the appropriate permissions, + * then additionally a `RoleArn` is required containing the ARN of the IAM trust + * policy for the Amazon Cognito role that the user will log into. If a `RoleArn` + * is provided, then this provider gets credentials using the + * {AWS.STS.assumeRoleWithWebIdentity} service operation, after first getting an + * Open ID token from {AWS.CognitoIdentity.getOpenIdToken}. + * + * In addition, if this credential provider is used to provide authenticated + * login, the `Logins` map may be set to the tokens provided by the respective + * identity providers. See {constructor} for an example on creating a credentials + * object with proper property values. + * + * ## Refreshing Credentials from Identity Service + * + * In addition to AWS credentials expiring after a given amount of time, the + * login token from the identity provider will also expire. Once this token + * expires, it will not be usable to refresh AWS credentials, and another + * token will be needed. The SDK does not manage refreshing of the token value, + * but this can be done through a "refresh token" supported by most identity + * providers. Consult the documentation for the identity provider for refreshing + * tokens. Once the refreshed token is acquired, you should make sure to update + * this new token in the credentials object's {params} property. The following + * code will update the WebIdentityToken, assuming you have retrieved an updated + * token from the identity provider: + * + * ```javascript + * AWS.config.credentials.params.Logins['graph.facebook.com'] = updatedToken; + * ``` + * + * Future calls to `credentials.refresh()` will now use the new token. + * + * @!attribute params + * @return [map] the map of params passed to + * {AWS.CognitoIdentity.getId}, + * {AWS.CognitoIdentity.getOpenIdToken}, and + * {AWS.STS.assumeRoleWithWebIdentity}. To update the token, set the + * `params.WebIdentityToken` property. + * @!attribute data + * @return [map] the raw data response from the call to + * {AWS.CognitoIdentity.getCredentialsForIdentity}, or + * {AWS.STS.assumeRoleWithWebIdentity}. Use this if you want to get + * access to other properties from the response. + * @!attribute identityId + * @return [String] the Cognito ID returned by the last call to + * {AWS.CognitoIdentity.getOpenIdToken}. This ID represents the actual + * final resolved identity ID from Amazon Cognito. + */ +AWS.CognitoIdentityCredentials = AWS.util.inherit(AWS.Credentials, { + /** + * @api private + */ + localStorageKey: { + id: 'aws.cognito.identity-id.', + providers: 'aws.cognito.identity-providers.' + }, - module.exports.create = function(name, xmldec, doctype, options) { - var doc, root; - if (name == null) { - throw new Error("Root element needs a name"); - } - options = assign({}, xmldec, doctype, options); - doc = new XMLDocument(options); - root = doc.element(name); - if (!options.headless) { - doc.declaration(options); - if ((options.pubID != null) || (options.sysID != null)) { - doc.doctype(options); + /** + * Creates a new credentials object. + * @example Creating a new credentials object + * AWS.config.credentials = new AWS.CognitoIdentityCredentials({ + * + * // either IdentityPoolId or IdentityId is required + * // See the IdentityPoolId param for AWS.CognitoIdentity.getID (linked below) + * // See the IdentityId param for AWS.CognitoIdentity.getCredentialsForIdentity + * // or AWS.CognitoIdentity.getOpenIdToken (linked below) + * IdentityPoolId: 'us-east-1:1699ebc0-7900-4099-b910-2df94f52a030', + * IdentityId: 'us-east-1:128d0a74-c82f-4553-916d-90053e4a8b0f' + * + * // optional, only necessary when the identity pool is not configured + * // to use IAM roles in the Amazon Cognito Console + * // See the RoleArn param for AWS.STS.assumeRoleWithWebIdentity (linked below) + * RoleArn: 'arn:aws:iam::1234567890:role/MYAPP-CognitoIdentity', + * + * // optional tokens, used for authenticated login + * // See the Logins param for AWS.CognitoIdentity.getID (linked below) + * Logins: { + * 'graph.facebook.com': 'FBTOKEN', + * 'www.amazon.com': 'AMAZONTOKEN', + * 'accounts.google.com': 'GOOGLETOKEN', + * 'api.twitter.com': 'TWITTERTOKEN', + * 'www.digits.com': 'DIGITSTOKEN' + * }, + * + * // optional name, defaults to web-identity + * // See the RoleSessionName param for AWS.STS.assumeRoleWithWebIdentity (linked below) + * RoleSessionName: 'web', + * + * // optional, only necessary when application runs in a browser + * // and multiple users are signed in at once, used for caching + * LoginId: 'example@gmail.com' + * + * }, { + * // optionally provide configuration to apply to the underlying service clients + * // if configuration is not provided, then configuration will be pulled from AWS.config + * + * // region should match the region your identity pool is located in + * region: 'us-east-1', + * + * // specify timeout options + * httpOptions: { + * timeout: 100 + * } + * }); + * @see AWS.CognitoIdentity.getId + * @see AWS.CognitoIdentity.getCredentialsForIdentity + * @see AWS.STS.assumeRoleWithWebIdentity + * @see AWS.CognitoIdentity.getOpenIdToken + * @see AWS.Config + * @note If a region is not provided in the global AWS.config, or + * specified in the `clientConfig` to the CognitoIdentityCredentials + * constructor, you may encounter a 'Missing credentials in config' error + * when calling making a service call. + */ + constructor: function CognitoIdentityCredentials(params, clientConfig) { + AWS.Credentials.call(this); + this.expired = true; + this.params = params; + this.data = null; + this._identityId = null; + this._clientConfig = AWS.util.copy(clientConfig || {}); + this.loadCachedId(); + var self = this; + Object.defineProperty(this, 'identityId', { + get: function() { + self.loadCachedId(); + return self._identityId || self.params.IdentityId; + }, + set: function(identityId) { + self._identityId = identityId; } - } - return root; - }; - - module.exports.begin = function(options, onData, onEnd) { - var ref1; - if (isFunction(options)) { - ref1 = [options, onData], onData = ref1[0], onEnd = ref1[1]; - options = {}; - } - if (onData) { - return new XMLDocumentCB(options, onData, onEnd); - } else { - return new XMLDocument(options); - } - }; - - module.exports.stringWriter = function(options) { - return new XMLStringWriter(options); - }; - - module.exports.streamWriter = function(stream, options) { - return new XMLStreamWriter(stream, options); - }; - -}).call(this); - - -/***/ }), + }); + }, -/***/ 315: -/***/ (function(module, __unusedexports, __webpack_require__) { + /** + * Refreshes credentials using {AWS.CognitoIdentity.getCredentialsForIdentity}, + * or {AWS.STS.assumeRoleWithWebIdentity}. + * + * @callback callback function(err) + * Called when the STS service responds (or fails). When + * this callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see AWS.Credentials.get + */ + refresh: function refresh(callback) { + this.coalesceRefresh(callback || AWS.util.fn.callback); + }, -var util = __webpack_require__(153); -var Rest = __webpack_require__(618); -var Json = __webpack_require__(912); -var JsonBuilder = __webpack_require__(337); -var JsonParser = __webpack_require__(806); + /** + * @api private + * @param callback + */ + load: function load(callback) { + var self = this; + self.createClients(); + self.data = null; + self._identityId = null; + self.getId(function(err) { + if (!err) { + if (!self.params.RoleArn) { + self.getCredentialsForIdentity(callback); + } else { + self.getCredentialsFromSTS(callback); + } + } else { + self.clearIdOnNotAuthorized(err); + callback(err); + } + }); + }, -function populateBody(req) { - var builder = new JsonBuilder(); - var input = req.service.api.operations[req.operation].input; + /** + * Clears the cached Cognito ID associated with the currently configured + * identity pool ID. Use this to manually invalidate your cache if + * the identity pool ID was deleted. + */ + clearCachedId: function clearCache() { + this._identityId = null; + delete this.params.IdentityId; - if (input.payload) { - var params = {}; - var payloadShape = input.members[input.payload]; - params = req.params[input.payload]; - if (params === undefined) return; + var poolId = this.params.IdentityPoolId; + var loginId = this.params.LoginId || ''; + delete this.storage[this.localStorageKey.id + poolId + loginId]; + delete this.storage[this.localStorageKey.providers + poolId + loginId]; + }, - if (payloadShape.type === 'structure') { - req.httpRequest.body = builder.build(params, payloadShape); - applyContentTypeHeader(req); - } else { // non-JSON payload - req.httpRequest.body = params; - if (payloadShape.type === 'binary' || payloadShape.isStreaming) { - applyContentTypeHeader(req, true); - } + /** + * @api private + */ + clearIdOnNotAuthorized: function clearIdOnNotAuthorized(err) { + var self = this; + if (err.code == 'NotAuthorizedException') { + self.clearCachedId(); } - } else { - var body = builder.build(req.params, input); - if (body !== '{}' || req.httpRequest.method !== 'GET') { //don't send empty body for GET method - req.httpRequest.body = body; + }, + + /** + * Retrieves a Cognito ID, loading from cache if it was already retrieved + * on this device. + * + * @callback callback function(err, identityId) + * @param err [Error, null] an error object if the call failed or null if + * it succeeded. + * @param identityId [String, null] if successful, the callback will return + * the Cognito ID. + * @note If not loaded explicitly, the Cognito ID is loaded and stored in + * localStorage in the browser environment of a device. + * @api private + */ + getId: function getId(callback) { + var self = this; + if (typeof self.params.IdentityId === 'string') { + return callback(null, self.params.IdentityId); } - applyContentTypeHeader(req); - } -} -function applyContentTypeHeader(req, isBinary) { - var operation = req.service.api.operations[req.operation]; - var input = operation.input; + self.cognito.getId(function(err, data) { + if (!err && data.IdentityId) { + self.params.IdentityId = data.IdentityId; + callback(null, data.IdentityId); + } else { + callback(err); + } + }); + }, - if (!req.httpRequest.headers['Content-Type']) { - var type = isBinary ? 'binary/octet-stream' : 'application/json'; - req.httpRequest.headers['Content-Type'] = type; - } -} -function buildRequest(req) { - Rest.buildRequest(req); + /** + * @api private + */ + loadCredentials: function loadCredentials(data, credentials) { + if (!data || !credentials) return; + credentials.expired = false; + credentials.accessKeyId = data.Credentials.AccessKeyId; + credentials.secretAccessKey = data.Credentials.SecretKey; + credentials.sessionToken = data.Credentials.SessionToken; + credentials.expireTime = data.Credentials.Expiration; + }, - // never send body payload on HEAD/DELETE - if (['HEAD', 'DELETE'].indexOf(req.httpRequest.method) < 0) { - populateBody(req); - } -} + /** + * @api private + */ + getCredentialsForIdentity: function getCredentialsForIdentity(callback) { + var self = this; + self.cognito.getCredentialsForIdentity(function(err, data) { + if (!err) { + self.cacheId(data); + self.data = data; + self.loadCredentials(self.data, self); + } else { + self.clearIdOnNotAuthorized(err); + } + callback(err); + }); + }, -function extractError(resp) { - Json.extractError(resp); -} + /** + * @api private + */ + getCredentialsFromSTS: function getCredentialsFromSTS(callback) { + var self = this; + self.cognito.getOpenIdToken(function(err, data) { + if (!err) { + self.cacheId(data); + self.params.WebIdentityToken = data.Token; + self.webIdentityCredentials.refresh(function(webErr) { + if (!webErr) { + self.data = self.webIdentityCredentials.data; + self.sts.credentialsFrom(self.data, self); + } + callback(webErr); + }); + } else { + self.clearIdOnNotAuthorized(err); + callback(err); + } + }); + }, -function extractData(resp) { - Rest.extractData(resp); + /** + * @api private + */ + loadCachedId: function loadCachedId() { + var self = this; - var req = resp.request; - var operation = req.service.api.operations[req.operation]; - var rules = req.service.api.operations[req.operation].output || {}; - var parser; - var hasEventOutput = operation.hasEventOutput; + // in the browser we source default IdentityId from localStorage + if (AWS.util.isBrowser() && !self.params.IdentityId) { + var id = self.getStorage('id'); + if (id && self.params.Logins) { + var actualProviders = Object.keys(self.params.Logins); + var cachedProviders = + (self.getStorage('providers') || '').split(','); - if (rules.payload) { - var payloadMember = rules.members[rules.payload]; - var body = resp.httpResponse.body; - if (payloadMember.isEventStream) { - parser = new JsonParser(); - resp.data[payload] = util.createEventStream( - AWS.HttpClient.streamsApiVersion === 2 ? resp.httpResponse.stream : body, - parser, - payloadMember - ); - } else if (payloadMember.type === 'structure' || payloadMember.type === 'list') { - var parser = new JsonParser(); - resp.data[rules.payload] = parser.parse(body, payloadMember); - } else if (payloadMember.type === 'binary' || payloadMember.isStreaming) { - resp.data[rules.payload] = body; - } else { - resp.data[rules.payload] = payloadMember.toType(body); + // only load ID if at least one provider used this ID before + var intersect = cachedProviders.filter(function(n) { + return actualProviders.indexOf(n) !== -1; + }); + if (intersect.length !== 0) { + self.params.IdentityId = id; + } + } else if (id) { + self.params.IdentityId = id; + } } - } else { - var data = resp.data; - Json.extractData(resp); - resp.data = util.merge(data, resp.data); - } -} + }, -/** - * @api private - */ -module.exports = { - buildRequest: buildRequest, - extractError: extractError, - extractData: extractData -}; + /** + * @api private + */ + createClients: function() { + var clientConfig = this._clientConfig; + this.webIdentityCredentials = this.webIdentityCredentials || + new AWS.WebIdentityCredentials(this.params, clientConfig); + if (!this.cognito) { + var cognitoConfig = AWS.util.merge({}, clientConfig); + cognitoConfig.params = this.params; + this.cognito = new CognitoIdentity(cognitoConfig); + } + this.sts = this.sts || new STS(clientConfig); + }, + + /** + * @api private + */ + cacheId: function cacheId(data) { + this._identityId = data.IdentityId; + this.params.IdentityId = this._identityId; + + // cache this IdentityId in browser localStorage if possible + if (AWS.util.isBrowser()) { + this.setStorage('id', data.IdentityId); + + if (this.params.Logins) { + this.setStorage('providers', Object.keys(this.params.Logins).join(',')); + } + } + }, + + /** + * @api private + */ + getStorage: function getStorage(key) { + return this.storage[this.localStorageKey[key] + this.params.IdentityPoolId + (this.params.LoginId || '')]; + }, + + /** + * @api private + */ + setStorage: function setStorage(key, val) { + try { + this.storage[this.localStorageKey[key] + this.params.IdentityPoolId + (this.params.LoginId || '')] = val; + } catch (_) {} + }, + + /** + * @api private + */ + storage: (function() { + try { + var storage = AWS.util.isBrowser() && window.localStorage !== null && typeof window.localStorage === 'object' ? + window.localStorage : {}; + + // Test set/remove which would throw an error in Safari's private browsing + storage['aws.test-storage'] = 'foobar'; + delete storage['aws.test-storage']; + + return storage; + } catch (_) { + return {}; + } + })() +}); /***/ }), -/***/ 316: -/***/ (function(__unusedmodule, __unusedexports, __webpack_require__) { +/***/ 6965: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { -var AWS = __webpack_require__(395); +var AWS = __nccwpck_require__(8437); /** - * Represents credentials received from relative URI specified in the ECS container. + * Creates a credential provider chain that searches for AWS credentials + * in a list of credential providers specified by the {providers} property. * - * This class will request refreshable credentials from the relative URI - * specified by the AWS_CONTAINER_CREDENTIALS_RELATIVE_URI or the - * AWS_CONTAINER_CREDENTIALS_FULL_URI environment variable. If valid credentials - * are returned in the response, these will be used with zero configuration. + * By default, the chain will use the {defaultProviders} to resolve credentials. + * These providers will look in the environment using the + * {AWS.EnvironmentCredentials} class with the 'AWS' and 'AMAZON' prefixes. * - * This credentials class will by default timeout after 1 second of inactivity - * and retry 3 times. - * If your requests to the relative URI are timing out, you can increase - * the value by configuring them directly: + * ## Setting Providers + * + * Each provider in the {providers} list should be a function that returns + * a {AWS.Credentials} object, or a hardcoded credentials object. The function + * form allows for delayed execution of the credential construction. + * + * ## Resolving Credentials from a Chain + * + * Call {resolve} to return the first valid credential object that can be + * loaded by the provider chain. + * + * For example, to resolve a chain with a custom provider that checks a file + * on disk after the set of {defaultProviders}: * * ```javascript - * AWS.config.credentials = new AWS.ECSCredentials({ - * httpOptions: { timeout: 5000 }, // 5 second timeout - * maxRetries: 10, // retry 10 times - * retryDelayOptions: { base: 200 } // see AWS.Config for information - * }); + * var diskProvider = new AWS.FileSystemCredentials('./creds.json'); + * var chain = new AWS.CredentialProviderChain(); + * chain.providers.push(diskProvider); + * chain.resolve(); * ``` * - * @see AWS.Config.retryDelayOptions + * The above code will return the `diskProvider` object if the + * file contains credentials and the `defaultProviders` do not contain + * any credential settings. * - * @!macro nobrowser + * @!attribute providers + * @return [Array] + * a list of credentials objects or functions that return credentials + * objects. If the provider is a function, the function will be + * executed lazily when the provider needs to be checked for valid + * credentials. By default, this object will be set to the + * {defaultProviders}. + * @see defaultProviders */ -AWS.ECSCredentials = AWS.RemoteCredentials; - - -/***/ }), - -/***/ 317: -/***/ (function(module, __unusedexports, __webpack_require__) { - -__webpack_require__(234); -var AWS = __webpack_require__(395); -var Service = AWS.Service; -var apiLoader = AWS.apiLoader; +AWS.CredentialProviderChain = AWS.util.inherit(AWS.Credentials, { -apiLoader.services['codedeploy'] = {}; -AWS.CodeDeploy = Service.defineService('codedeploy', ['2014-10-06']); -Object.defineProperty(apiLoader.services['codedeploy'], '2014-10-06', { - get: function get() { - var model = __webpack_require__(721); - model.paginators = __webpack_require__(971).pagination; - model.waiters = __webpack_require__(154).waiters; - return model; + /** + * Creates a new CredentialProviderChain with a default set of providers + * specified by {defaultProviders}. + */ + constructor: function CredentialProviderChain(providers) { + if (providers) { + this.providers = providers; + } else { + this.providers = AWS.CredentialProviderChain.defaultProviders.slice(0); + } + this.resolveCallbacks = []; }, - enumerable: true, - configurable: true -}); - -module.exports = AWS.CodeDeploy; - -/***/ }), - -/***/ 337: -/***/ (function(module, __unusedexports, __webpack_require__) { + /** + * @!method resolvePromise() + * Returns a 'thenable' promise. + * Resolves the provider chain by searching for the first set of + * credentials in {providers}. + * + * Two callbacks can be provided to the `then` method on the returned promise. + * The first callback will be called if the promise is fulfilled, and the second + * callback will be called if the promise is rejected. + * @callback fulfilledCallback function(credentials) + * Called if the promise is fulfilled and the provider resolves the chain + * to a credentials object + * @param credentials [AWS.Credentials] the credentials object resolved + * by the provider chain. + * @callback rejectedCallback function(error) + * Called if the promise is rejected. + * @param err [Error] the error object returned if no credentials are found. + * @return [Promise] A promise that represents the state of the `resolve` method call. + * @example Calling the `resolvePromise` method. + * var promise = chain.resolvePromise(); + * promise.then(function(credentials) { ... }, function(err) { ... }); + */ -var util = __webpack_require__(153); + /** + * Resolves the provider chain by searching for the first set of + * credentials in {providers}. + * + * @callback callback function(err, credentials) + * Called when the provider resolves the chain to a credentials object + * or null if no credentials can be found. + * + * @param err [Error] the error object returned if no credentials are + * found. + * @param credentials [AWS.Credentials] the credentials object resolved + * by the provider chain. + * @return [AWS.CredentialProviderChain] the provider, for chaining. + */ + resolve: function resolve(callback) { + var self = this; + if (self.providers.length === 0) { + callback(new Error('No providers')); + return self; + } -function JsonBuilder() { } + if (self.resolveCallbacks.push(callback) === 1) { + var index = 0; + var providers = self.providers.slice(0); -JsonBuilder.prototype.build = function(value, shape) { - return JSON.stringify(translate(value, shape)); -}; + function resolveNext(err, creds) { + if ((!err && creds) || index === providers.length) { + AWS.util.arrayEach(self.resolveCallbacks, function (callback) { + callback(err, creds); + }); + self.resolveCallbacks.length = 0; + return; + } -function translate(value, shape) { - if (!shape || value === undefined || value === null) return undefined; + var provider = providers[index++]; + if (typeof provider === 'function') { + creds = provider.call(); + } else { + creds = provider; + } - switch (shape.type) { - case 'structure': return translateStructure(value, shape); - case 'map': return translateMap(value, shape); - case 'list': return translateList(value, shape); - default: return translateScalar(value, shape); - } -} + if (creds.get) { + creds.get(function (getErr) { + resolveNext(getErr, getErr ? null : creds); + }); + } else { + resolveNext(null, creds); + } + } -function translateStructure(structure, shape) { - var struct = {}; - util.each(structure, function(name, value) { - var memberShape = shape.members[name]; - if (memberShape) { - if (memberShape.location !== 'body') return; - var locationName = memberShape.isLocationName ? memberShape.name : name; - var result = translate(value, memberShape); - if (result !== undefined) struct[locationName] = result; + resolveNext(); } - }); - return struct; -} - -function translateList(list, shape) { - var out = []; - util.arrayEach(list, function(value) { - var result = translate(value, shape.member); - if (result !== undefined) out.push(result); - }); - return out; -} -function translateMap(map, shape) { - var out = {}; - util.each(map, function(key, value) { - var result = translate(value, shape.value); - if (result !== undefined) out[key] = result; - }); - return out; -} + return self; + } +}); -function translateScalar(value, shape) { - return shape.toWireFormat(value); -} +/** + * The default set of providers used by a vanilla CredentialProviderChain. + * + * In the browser: + * + * ```javascript + * AWS.CredentialProviderChain.defaultProviders = [] + * ``` + * + * In Node.js: + * + * ```javascript + * AWS.CredentialProviderChain.defaultProviders = [ + * function () { return new AWS.EnvironmentCredentials('AWS'); }, + * function () { return new AWS.EnvironmentCredentials('AMAZON'); }, + * function () { return new AWS.SsoCredentials(); }, + * function () { return new AWS.SharedIniFileCredentials(); }, + * function () { return new AWS.ECSCredentials(); }, + * function () { return new AWS.ProcessCredentials(); }, + * function () { return new AWS.TokenFileWebIdentityCredentials(); }, + * function () { return new AWS.EC2MetadataCredentials() } + * ] + * ``` + */ +AWS.CredentialProviderChain.defaultProviders = []; /** * @api private */ -module.exports = JsonBuilder; - - -/***/ }), - -/***/ 344: -/***/ (function(module) { - -module.exports = {"version":"2.0","metadata":{"apiVersion":"2010-05-08","endpointPrefix":"iam","globalEndpoint":"iam.amazonaws.com","protocol":"query","serviceAbbreviation":"IAM","serviceFullName":"AWS Identity and Access Management","serviceId":"IAM","signatureVersion":"v4","uid":"iam-2010-05-08","xmlNamespace":"https://iam.amazonaws.com/doc/2010-05-08/"},"operations":{"AddClientIDToOpenIDConnectProvider":{"input":{"type":"structure","required":["OpenIDConnectProviderArn","ClientID"],"members":{"OpenIDConnectProviderArn":{},"ClientID":{}}}},"AddRoleToInstanceProfile":{"input":{"type":"structure","required":["InstanceProfileName","RoleName"],"members":{"InstanceProfileName":{},"RoleName":{}}}},"AddUserToGroup":{"input":{"type":"structure","required":["GroupName","UserName"],"members":{"GroupName":{},"UserName":{}}}},"AttachGroupPolicy":{"input":{"type":"structure","required":["GroupName","PolicyArn"],"members":{"GroupName":{},"PolicyArn":{}}}},"AttachRolePolicy":{"input":{"type":"structure","required":["RoleName","PolicyArn"],"members":{"RoleName":{},"PolicyArn":{}}}},"AttachUserPolicy":{"input":{"type":"structure","required":["UserName","PolicyArn"],"members":{"UserName":{},"PolicyArn":{}}}},"ChangePassword":{"input":{"type":"structure","required":["OldPassword","NewPassword"],"members":{"OldPassword":{"shape":"Sf"},"NewPassword":{"shape":"Sf"}}}},"CreateAccessKey":{"input":{"type":"structure","members":{"UserName":{}}},"output":{"resultWrapper":"CreateAccessKeyResult","type":"structure","required":["AccessKey"],"members":{"AccessKey":{"type":"structure","required":["UserName","AccessKeyId","Status","SecretAccessKey"],"members":{"UserName":{},"AccessKeyId":{},"Status":{},"SecretAccessKey":{"type":"string","sensitive":true},"CreateDate":{"type":"timestamp"}}}}}},"CreateAccountAlias":{"input":{"type":"structure","required":["AccountAlias"],"members":{"AccountAlias":{}}}},"CreateGroup":{"input":{"type":"structure","required":["GroupName"],"members":{"Path":{},"GroupName":{}}},"output":{"resultWrapper":"CreateGroupResult","type":"structure","required":["Group"],"members":{"Group":{"shape":"Ss"}}}},"CreateInstanceProfile":{"input":{"type":"structure","required":["InstanceProfileName"],"members":{"InstanceProfileName":{},"Path":{}}},"output":{"resultWrapper":"CreateInstanceProfileResult","type":"structure","required":["InstanceProfile"],"members":{"InstanceProfile":{"shape":"Sw"}}}},"CreateLoginProfile":{"input":{"type":"structure","required":["UserName","Password"],"members":{"UserName":{},"Password":{"shape":"Sf"},"PasswordResetRequired":{"type":"boolean"}}},"output":{"resultWrapper":"CreateLoginProfileResult","type":"structure","required":["LoginProfile"],"members":{"LoginProfile":{"shape":"S1d"}}}},"CreateOpenIDConnectProvider":{"input":{"type":"structure","required":["Url","ThumbprintList"],"members":{"Url":{},"ClientIDList":{"shape":"S1g"},"ThumbprintList":{"shape":"S1h"}}},"output":{"resultWrapper":"CreateOpenIDConnectProviderResult","type":"structure","members":{"OpenIDConnectProviderArn":{}}}},"CreatePolicy":{"input":{"type":"structure","required":["PolicyName","PolicyDocument"],"members":{"PolicyName":{},"Path":{},"PolicyDocument":{},"Description":{}}},"output":{"resultWrapper":"CreatePolicyResult","type":"structure","members":{"Policy":{"shape":"S1p"}}}},"CreatePolicyVersion":{"input":{"type":"structure","required":["PolicyArn","PolicyDocument"],"members":{"PolicyArn":{},"PolicyDocument":{},"SetAsDefault":{"type":"boolean"}}},"output":{"resultWrapper":"CreatePolicyVersionResult","type":"structure","members":{"PolicyVersion":{"shape":"S1u"}}}},"CreateRole":{"input":{"type":"structure","required":["RoleName","AssumeRolePolicyDocument"],"members":{"Path":{},"RoleName":{},"AssumeRolePolicyDocument":{},"Description":{},"MaxSessionDuration":{"type":"integer"},"PermissionsBoundary":{},"Tags":{"shape":"S14"}}},"output":{"resultWrapper":"CreateRoleResult","type":"structure","required":["Role"],"members":{"Role":{"shape":"Sy"}}}},"CreateSAMLProvider":{"input":{"type":"structure","required":["SAMLMetadataDocument","Name"],"members":{"SAMLMetadataDocument":{},"Name":{}}},"output":{"resultWrapper":"CreateSAMLProviderResult","type":"structure","members":{"SAMLProviderArn":{}}}},"CreateServiceLinkedRole":{"input":{"type":"structure","required":["AWSServiceName"],"members":{"AWSServiceName":{},"Description":{},"CustomSuffix":{}}},"output":{"resultWrapper":"CreateServiceLinkedRoleResult","type":"structure","members":{"Role":{"shape":"Sy"}}}},"CreateServiceSpecificCredential":{"input":{"type":"structure","required":["UserName","ServiceName"],"members":{"UserName":{},"ServiceName":{}}},"output":{"resultWrapper":"CreateServiceSpecificCredentialResult","type":"structure","members":{"ServiceSpecificCredential":{"shape":"S27"}}}},"CreateUser":{"input":{"type":"structure","required":["UserName"],"members":{"Path":{},"UserName":{},"PermissionsBoundary":{},"Tags":{"shape":"S14"}}},"output":{"resultWrapper":"CreateUserResult","type":"structure","members":{"User":{"shape":"S2d"}}}},"CreateVirtualMFADevice":{"input":{"type":"structure","required":["VirtualMFADeviceName"],"members":{"Path":{},"VirtualMFADeviceName":{}}},"output":{"resultWrapper":"CreateVirtualMFADeviceResult","type":"structure","required":["VirtualMFADevice"],"members":{"VirtualMFADevice":{"shape":"S2h"}}}},"DeactivateMFADevice":{"input":{"type":"structure","required":["UserName","SerialNumber"],"members":{"UserName":{},"SerialNumber":{}}}},"DeleteAccessKey":{"input":{"type":"structure","required":["AccessKeyId"],"members":{"UserName":{},"AccessKeyId":{}}}},"DeleteAccountAlias":{"input":{"type":"structure","required":["AccountAlias"],"members":{"AccountAlias":{}}}},"DeleteAccountPasswordPolicy":{},"DeleteGroup":{"input":{"type":"structure","required":["GroupName"],"members":{"GroupName":{}}}},"DeleteGroupPolicy":{"input":{"type":"structure","required":["GroupName","PolicyName"],"members":{"GroupName":{},"PolicyName":{}}}},"DeleteInstanceProfile":{"input":{"type":"structure","required":["InstanceProfileName"],"members":{"InstanceProfileName":{}}}},"DeleteLoginProfile":{"input":{"type":"structure","required":["UserName"],"members":{"UserName":{}}}},"DeleteOpenIDConnectProvider":{"input":{"type":"structure","required":["OpenIDConnectProviderArn"],"members":{"OpenIDConnectProviderArn":{}}}},"DeletePolicy":{"input":{"type":"structure","required":["PolicyArn"],"members":{"PolicyArn":{}}}},"DeletePolicyVersion":{"input":{"type":"structure","required":["PolicyArn","VersionId"],"members":{"PolicyArn":{},"VersionId":{}}}},"DeleteRole":{"input":{"type":"structure","required":["RoleName"],"members":{"RoleName":{}}}},"DeleteRolePermissionsBoundary":{"input":{"type":"structure","required":["RoleName"],"members":{"RoleName":{}}}},"DeleteRolePolicy":{"input":{"type":"structure","required":["RoleName","PolicyName"],"members":{"RoleName":{},"PolicyName":{}}}},"DeleteSAMLProvider":{"input":{"type":"structure","required":["SAMLProviderArn"],"members":{"SAMLProviderArn":{}}}},"DeleteSSHPublicKey":{"input":{"type":"structure","required":["UserName","SSHPublicKeyId"],"members":{"UserName":{},"SSHPublicKeyId":{}}}},"DeleteServerCertificate":{"input":{"type":"structure","required":["ServerCertificateName"],"members":{"ServerCertificateName":{}}}},"DeleteServiceLinkedRole":{"input":{"type":"structure","required":["RoleName"],"members":{"RoleName":{}}},"output":{"resultWrapper":"DeleteServiceLinkedRoleResult","type":"structure","required":["DeletionTaskId"],"members":{"DeletionTaskId":{}}}},"DeleteServiceSpecificCredential":{"input":{"type":"structure","required":["ServiceSpecificCredentialId"],"members":{"UserName":{},"ServiceSpecificCredentialId":{}}}},"DeleteSigningCertificate":{"input":{"type":"structure","required":["CertificateId"],"members":{"UserName":{},"CertificateId":{}}}},"DeleteUser":{"input":{"type":"structure","required":["UserName"],"members":{"UserName":{}}}},"DeleteUserPermissionsBoundary":{"input":{"type":"structure","required":["UserName"],"members":{"UserName":{}}}},"DeleteUserPolicy":{"input":{"type":"structure","required":["UserName","PolicyName"],"members":{"UserName":{},"PolicyName":{}}}},"DeleteVirtualMFADevice":{"input":{"type":"structure","required":["SerialNumber"],"members":{"SerialNumber":{}}}},"DetachGroupPolicy":{"input":{"type":"structure","required":["GroupName","PolicyArn"],"members":{"GroupName":{},"PolicyArn":{}}}},"DetachRolePolicy":{"input":{"type":"structure","required":["RoleName","PolicyArn"],"members":{"RoleName":{},"PolicyArn":{}}}},"DetachUserPolicy":{"input":{"type":"structure","required":["UserName","PolicyArn"],"members":{"UserName":{},"PolicyArn":{}}}},"EnableMFADevice":{"input":{"type":"structure","required":["UserName","SerialNumber","AuthenticationCode1","AuthenticationCode2"],"members":{"UserName":{},"SerialNumber":{},"AuthenticationCode1":{},"AuthenticationCode2":{}}}},"GenerateCredentialReport":{"output":{"resultWrapper":"GenerateCredentialReportResult","type":"structure","members":{"State":{},"Description":{}}}},"GenerateOrganizationsAccessReport":{"input":{"type":"structure","required":["EntityPath"],"members":{"EntityPath":{},"OrganizationsPolicyId":{}}},"output":{"resultWrapper":"GenerateOrganizationsAccessReportResult","type":"structure","members":{"JobId":{}}}},"GenerateServiceLastAccessedDetails":{"input":{"type":"structure","required":["Arn"],"members":{"Arn":{},"Granularity":{}}},"output":{"resultWrapper":"GenerateServiceLastAccessedDetailsResult","type":"structure","members":{"JobId":{}}}},"GetAccessKeyLastUsed":{"input":{"type":"structure","required":["AccessKeyId"],"members":{"AccessKeyId":{}}},"output":{"resultWrapper":"GetAccessKeyLastUsedResult","type":"structure","members":{"UserName":{},"AccessKeyLastUsed":{"type":"structure","required":["LastUsedDate","ServiceName","Region"],"members":{"LastUsedDate":{"type":"timestamp"},"ServiceName":{},"Region":{}}}}}},"GetAccountAuthorizationDetails":{"input":{"type":"structure","members":{"Filter":{"type":"list","member":{}},"MaxItems":{"type":"integer"},"Marker":{}}},"output":{"resultWrapper":"GetAccountAuthorizationDetailsResult","type":"structure","members":{"UserDetailList":{"type":"list","member":{"type":"structure","members":{"Path":{},"UserName":{},"UserId":{},"Arn":{},"CreateDate":{"type":"timestamp"},"UserPolicyList":{"shape":"S43"},"GroupList":{"type":"list","member":{}},"AttachedManagedPolicies":{"shape":"S46"},"PermissionsBoundary":{"shape":"S12"},"Tags":{"shape":"S14"}}}},"GroupDetailList":{"type":"list","member":{"type":"structure","members":{"Path":{},"GroupName":{},"GroupId":{},"Arn":{},"CreateDate":{"type":"timestamp"},"GroupPolicyList":{"shape":"S43"},"AttachedManagedPolicies":{"shape":"S46"}}}},"RoleDetailList":{"type":"list","member":{"type":"structure","members":{"Path":{},"RoleName":{},"RoleId":{},"Arn":{},"CreateDate":{"type":"timestamp"},"AssumeRolePolicyDocument":{},"InstanceProfileList":{"shape":"S4c"},"RolePolicyList":{"shape":"S43"},"AttachedManagedPolicies":{"shape":"S46"},"PermissionsBoundary":{"shape":"S12"},"Tags":{"shape":"S14"},"RoleLastUsed":{"shape":"S18"}}}},"Policies":{"type":"list","member":{"type":"structure","members":{"PolicyName":{},"PolicyId":{},"Arn":{},"Path":{},"DefaultVersionId":{},"AttachmentCount":{"type":"integer"},"PermissionsBoundaryUsageCount":{"type":"integer"},"IsAttachable":{"type":"boolean"},"Description":{},"CreateDate":{"type":"timestamp"},"UpdateDate":{"type":"timestamp"},"PolicyVersionList":{"shape":"S4f"}}}},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"GetAccountPasswordPolicy":{"output":{"resultWrapper":"GetAccountPasswordPolicyResult","type":"structure","required":["PasswordPolicy"],"members":{"PasswordPolicy":{"type":"structure","members":{"MinimumPasswordLength":{"type":"integer"},"RequireSymbols":{"type":"boolean"},"RequireNumbers":{"type":"boolean"},"RequireUppercaseCharacters":{"type":"boolean"},"RequireLowercaseCharacters":{"type":"boolean"},"AllowUsersToChangePassword":{"type":"boolean"},"ExpirePasswords":{"type":"boolean"},"MaxPasswordAge":{"type":"integer"},"PasswordReusePrevention":{"type":"integer"},"HardExpiry":{"type":"boolean"}}}}}},"GetAccountSummary":{"output":{"resultWrapper":"GetAccountSummaryResult","type":"structure","members":{"SummaryMap":{"type":"map","key":{},"value":{"type":"integer"}}}}},"GetContextKeysForCustomPolicy":{"input":{"type":"structure","required":["PolicyInputList"],"members":{"PolicyInputList":{"shape":"S4s"}}},"output":{"shape":"S4t","resultWrapper":"GetContextKeysForCustomPolicyResult"}},"GetContextKeysForPrincipalPolicy":{"input":{"type":"structure","required":["PolicySourceArn"],"members":{"PolicySourceArn":{},"PolicyInputList":{"shape":"S4s"}}},"output":{"shape":"S4t","resultWrapper":"GetContextKeysForPrincipalPolicyResult"}},"GetCredentialReport":{"output":{"resultWrapper":"GetCredentialReportResult","type":"structure","members":{"Content":{"type":"blob"},"ReportFormat":{},"GeneratedTime":{"type":"timestamp"}}}},"GetGroup":{"input":{"type":"structure","required":["GroupName"],"members":{"GroupName":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"GetGroupResult","type":"structure","required":["Group","Users"],"members":{"Group":{"shape":"Ss"},"Users":{"shape":"S52"},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"GetGroupPolicy":{"input":{"type":"structure","required":["GroupName","PolicyName"],"members":{"GroupName":{},"PolicyName":{}}},"output":{"resultWrapper":"GetGroupPolicyResult","type":"structure","required":["GroupName","PolicyName","PolicyDocument"],"members":{"GroupName":{},"PolicyName":{},"PolicyDocument":{}}}},"GetInstanceProfile":{"input":{"type":"structure","required":["InstanceProfileName"],"members":{"InstanceProfileName":{}}},"output":{"resultWrapper":"GetInstanceProfileResult","type":"structure","required":["InstanceProfile"],"members":{"InstanceProfile":{"shape":"Sw"}}}},"GetLoginProfile":{"input":{"type":"structure","required":["UserName"],"members":{"UserName":{}}},"output":{"resultWrapper":"GetLoginProfileResult","type":"structure","required":["LoginProfile"],"members":{"LoginProfile":{"shape":"S1d"}}}},"GetOpenIDConnectProvider":{"input":{"type":"structure","required":["OpenIDConnectProviderArn"],"members":{"OpenIDConnectProviderArn":{}}},"output":{"resultWrapper":"GetOpenIDConnectProviderResult","type":"structure","members":{"Url":{},"ClientIDList":{"shape":"S1g"},"ThumbprintList":{"shape":"S1h"},"CreateDate":{"type":"timestamp"}}}},"GetOrganizationsAccessReport":{"input":{"type":"structure","required":["JobId"],"members":{"JobId":{},"MaxItems":{"type":"integer"},"Marker":{},"SortKey":{}}},"output":{"resultWrapper":"GetOrganizationsAccessReportResult","type":"structure","required":["JobStatus","JobCreationDate"],"members":{"JobStatus":{},"JobCreationDate":{"type":"timestamp"},"JobCompletionDate":{"type":"timestamp"},"NumberOfServicesAccessible":{"type":"integer"},"NumberOfServicesNotAccessed":{"type":"integer"},"AccessDetails":{"type":"list","member":{"type":"structure","required":["ServiceName","ServiceNamespace"],"members":{"ServiceName":{},"ServiceNamespace":{},"Region":{},"EntityPath":{},"LastAuthenticatedTime":{"type":"timestamp"},"TotalAuthenticatedEntities":{"type":"integer"}}}},"IsTruncated":{"type":"boolean"},"Marker":{},"ErrorDetails":{"shape":"S5k"}}}},"GetPolicy":{"input":{"type":"structure","required":["PolicyArn"],"members":{"PolicyArn":{}}},"output":{"resultWrapper":"GetPolicyResult","type":"structure","members":{"Policy":{"shape":"S1p"}}}},"GetPolicyVersion":{"input":{"type":"structure","required":["PolicyArn","VersionId"],"members":{"PolicyArn":{},"VersionId":{}}},"output":{"resultWrapper":"GetPolicyVersionResult","type":"structure","members":{"PolicyVersion":{"shape":"S1u"}}}},"GetRole":{"input":{"type":"structure","required":["RoleName"],"members":{"RoleName":{}}},"output":{"resultWrapper":"GetRoleResult","type":"structure","required":["Role"],"members":{"Role":{"shape":"Sy"}}}},"GetRolePolicy":{"input":{"type":"structure","required":["RoleName","PolicyName"],"members":{"RoleName":{},"PolicyName":{}}},"output":{"resultWrapper":"GetRolePolicyResult","type":"structure","required":["RoleName","PolicyName","PolicyDocument"],"members":{"RoleName":{},"PolicyName":{},"PolicyDocument":{}}}},"GetSAMLProvider":{"input":{"type":"structure","required":["SAMLProviderArn"],"members":{"SAMLProviderArn":{}}},"output":{"resultWrapper":"GetSAMLProviderResult","type":"structure","members":{"SAMLMetadataDocument":{},"CreateDate":{"type":"timestamp"},"ValidUntil":{"type":"timestamp"}}}},"GetSSHPublicKey":{"input":{"type":"structure","required":["UserName","SSHPublicKeyId","Encoding"],"members":{"UserName":{},"SSHPublicKeyId":{},"Encoding":{}}},"output":{"resultWrapper":"GetSSHPublicKeyResult","type":"structure","members":{"SSHPublicKey":{"shape":"S5y"}}}},"GetServerCertificate":{"input":{"type":"structure","required":["ServerCertificateName"],"members":{"ServerCertificateName":{}}},"output":{"resultWrapper":"GetServerCertificateResult","type":"structure","required":["ServerCertificate"],"members":{"ServerCertificate":{"type":"structure","required":["ServerCertificateMetadata","CertificateBody"],"members":{"ServerCertificateMetadata":{"shape":"S64"},"CertificateBody":{},"CertificateChain":{}}}}}},"GetServiceLastAccessedDetails":{"input":{"type":"structure","required":["JobId"],"members":{"JobId":{},"MaxItems":{"type":"integer"},"Marker":{}}},"output":{"resultWrapper":"GetServiceLastAccessedDetailsResult","type":"structure","required":["JobStatus","JobCreationDate","ServicesLastAccessed","JobCompletionDate"],"members":{"JobStatus":{},"JobType":{},"JobCreationDate":{"type":"timestamp"},"ServicesLastAccessed":{"type":"list","member":{"type":"structure","required":["ServiceName","ServiceNamespace"],"members":{"ServiceName":{},"LastAuthenticated":{"type":"timestamp"},"ServiceNamespace":{},"LastAuthenticatedEntity":{},"LastAuthenticatedRegion":{},"TotalAuthenticatedEntities":{"type":"integer"},"TrackedActionsLastAccessed":{"type":"list","member":{"type":"structure","members":{"ActionName":{},"LastAccessedEntity":{},"LastAccessedTime":{"type":"timestamp"},"LastAccessedRegion":{}}}}}}},"JobCompletionDate":{"type":"timestamp"},"IsTruncated":{"type":"boolean"},"Marker":{},"Error":{"shape":"S5k"}}}},"GetServiceLastAccessedDetailsWithEntities":{"input":{"type":"structure","required":["JobId","ServiceNamespace"],"members":{"JobId":{},"ServiceNamespace":{},"MaxItems":{"type":"integer"},"Marker":{}}},"output":{"resultWrapper":"GetServiceLastAccessedDetailsWithEntitiesResult","type":"structure","required":["JobStatus","JobCreationDate","JobCompletionDate","EntityDetailsList"],"members":{"JobStatus":{},"JobCreationDate":{"type":"timestamp"},"JobCompletionDate":{"type":"timestamp"},"EntityDetailsList":{"type":"list","member":{"type":"structure","required":["EntityInfo"],"members":{"EntityInfo":{"type":"structure","required":["Arn","Name","Type","Id"],"members":{"Arn":{},"Name":{},"Type":{},"Id":{},"Path":{}}},"LastAuthenticated":{"type":"timestamp"}}}},"IsTruncated":{"type":"boolean"},"Marker":{},"Error":{"shape":"S5k"}}}},"GetServiceLinkedRoleDeletionStatus":{"input":{"type":"structure","required":["DeletionTaskId"],"members":{"DeletionTaskId":{}}},"output":{"resultWrapper":"GetServiceLinkedRoleDeletionStatusResult","type":"structure","required":["Status"],"members":{"Status":{},"Reason":{"type":"structure","members":{"Reason":{},"RoleUsageList":{"type":"list","member":{"type":"structure","members":{"Region":{},"Resources":{"type":"list","member":{}}}}}}}}}},"GetUser":{"input":{"type":"structure","members":{"UserName":{}}},"output":{"resultWrapper":"GetUserResult","type":"structure","required":["User"],"members":{"User":{"shape":"S2d"}}}},"GetUserPolicy":{"input":{"type":"structure","required":["UserName","PolicyName"],"members":{"UserName":{},"PolicyName":{}}},"output":{"resultWrapper":"GetUserPolicyResult","type":"structure","required":["UserName","PolicyName","PolicyDocument"],"members":{"UserName":{},"PolicyName":{},"PolicyDocument":{}}}},"ListAccessKeys":{"input":{"type":"structure","members":{"UserName":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListAccessKeysResult","type":"structure","required":["AccessKeyMetadata"],"members":{"AccessKeyMetadata":{"type":"list","member":{"type":"structure","members":{"UserName":{},"AccessKeyId":{},"Status":{},"CreateDate":{"type":"timestamp"}}}},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListAccountAliases":{"input":{"type":"structure","members":{"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListAccountAliasesResult","type":"structure","required":["AccountAliases"],"members":{"AccountAliases":{"type":"list","member":{}},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListAttachedGroupPolicies":{"input":{"type":"structure","required":["GroupName"],"members":{"GroupName":{},"PathPrefix":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListAttachedGroupPoliciesResult","type":"structure","members":{"AttachedPolicies":{"shape":"S46"},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListAttachedRolePolicies":{"input":{"type":"structure","required":["RoleName"],"members":{"RoleName":{},"PathPrefix":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListAttachedRolePoliciesResult","type":"structure","members":{"AttachedPolicies":{"shape":"S46"},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListAttachedUserPolicies":{"input":{"type":"structure","required":["UserName"],"members":{"UserName":{},"PathPrefix":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListAttachedUserPoliciesResult","type":"structure","members":{"AttachedPolicies":{"shape":"S46"},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListEntitiesForPolicy":{"input":{"type":"structure","required":["PolicyArn"],"members":{"PolicyArn":{},"EntityFilter":{},"PathPrefix":{},"PolicyUsageFilter":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListEntitiesForPolicyResult","type":"structure","members":{"PolicyGroups":{"type":"list","member":{"type":"structure","members":{"GroupName":{},"GroupId":{}}}},"PolicyUsers":{"type":"list","member":{"type":"structure","members":{"UserName":{},"UserId":{}}}},"PolicyRoles":{"type":"list","member":{"type":"structure","members":{"RoleName":{},"RoleId":{}}}},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListGroupPolicies":{"input":{"type":"structure","required":["GroupName"],"members":{"GroupName":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListGroupPoliciesResult","type":"structure","required":["PolicyNames"],"members":{"PolicyNames":{"shape":"S7k"},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListGroups":{"input":{"type":"structure","members":{"PathPrefix":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListGroupsResult","type":"structure","required":["Groups"],"members":{"Groups":{"shape":"S7o"},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListGroupsForUser":{"input":{"type":"structure","required":["UserName"],"members":{"UserName":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListGroupsForUserResult","type":"structure","required":["Groups"],"members":{"Groups":{"shape":"S7o"},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListInstanceProfiles":{"input":{"type":"structure","members":{"PathPrefix":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListInstanceProfilesResult","type":"structure","required":["InstanceProfiles"],"members":{"InstanceProfiles":{"shape":"S4c"},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListInstanceProfilesForRole":{"input":{"type":"structure","required":["RoleName"],"members":{"RoleName":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListInstanceProfilesForRoleResult","type":"structure","required":["InstanceProfiles"],"members":{"InstanceProfiles":{"shape":"S4c"},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListMFADevices":{"input":{"type":"structure","members":{"UserName":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListMFADevicesResult","type":"structure","required":["MFADevices"],"members":{"MFADevices":{"type":"list","member":{"type":"structure","required":["UserName","SerialNumber","EnableDate"],"members":{"UserName":{},"SerialNumber":{},"EnableDate":{"type":"timestamp"}}}},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListOpenIDConnectProviders":{"input":{"type":"structure","members":{}},"output":{"resultWrapper":"ListOpenIDConnectProvidersResult","type":"structure","members":{"OpenIDConnectProviderList":{"type":"list","member":{"type":"structure","members":{"Arn":{}}}}}}},"ListPolicies":{"input":{"type":"structure","members":{"Scope":{},"OnlyAttached":{"type":"boolean"},"PathPrefix":{},"PolicyUsageFilter":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListPoliciesResult","type":"structure","members":{"Policies":{"type":"list","member":{"shape":"S1p"}},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListPoliciesGrantingServiceAccess":{"input":{"type":"structure","required":["Arn","ServiceNamespaces"],"members":{"Marker":{},"Arn":{},"ServiceNamespaces":{"type":"list","member":{}}}},"output":{"resultWrapper":"ListPoliciesGrantingServiceAccessResult","type":"structure","required":["PoliciesGrantingServiceAccess"],"members":{"PoliciesGrantingServiceAccess":{"type":"list","member":{"type":"structure","members":{"ServiceNamespace":{},"Policies":{"type":"list","member":{"type":"structure","required":["PolicyName","PolicyType"],"members":{"PolicyName":{},"PolicyType":{},"PolicyArn":{},"EntityType":{},"EntityName":{}}}}}}},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListPolicyVersions":{"input":{"type":"structure","required":["PolicyArn"],"members":{"PolicyArn":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListPolicyVersionsResult","type":"structure","members":{"Versions":{"shape":"S4f"},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListRolePolicies":{"input":{"type":"structure","required":["RoleName"],"members":{"RoleName":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListRolePoliciesResult","type":"structure","required":["PolicyNames"],"members":{"PolicyNames":{"shape":"S7k"},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListRoleTags":{"input":{"type":"structure","required":["RoleName"],"members":{"RoleName":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListRoleTagsResult","type":"structure","required":["Tags"],"members":{"Tags":{"shape":"S14"},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListRoles":{"input":{"type":"structure","members":{"PathPrefix":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListRolesResult","type":"structure","required":["Roles"],"members":{"Roles":{"shape":"Sx"},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListSAMLProviders":{"input":{"type":"structure","members":{}},"output":{"resultWrapper":"ListSAMLProvidersResult","type":"structure","members":{"SAMLProviderList":{"type":"list","member":{"type":"structure","members":{"Arn":{},"ValidUntil":{"type":"timestamp"},"CreateDate":{"type":"timestamp"}}}}}}},"ListSSHPublicKeys":{"input":{"type":"structure","members":{"UserName":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListSSHPublicKeysResult","type":"structure","members":{"SSHPublicKeys":{"type":"list","member":{"type":"structure","required":["UserName","SSHPublicKeyId","Status","UploadDate"],"members":{"UserName":{},"SSHPublicKeyId":{},"Status":{},"UploadDate":{"type":"timestamp"}}}},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListServerCertificates":{"input":{"type":"structure","members":{"PathPrefix":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListServerCertificatesResult","type":"structure","required":["ServerCertificateMetadataList"],"members":{"ServerCertificateMetadataList":{"type":"list","member":{"shape":"S64"}},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListServiceSpecificCredentials":{"input":{"type":"structure","members":{"UserName":{},"ServiceName":{}}},"output":{"resultWrapper":"ListServiceSpecificCredentialsResult","type":"structure","members":{"ServiceSpecificCredentials":{"type":"list","member":{"type":"structure","required":["UserName","Status","ServiceUserName","CreateDate","ServiceSpecificCredentialId","ServiceName"],"members":{"UserName":{},"Status":{},"ServiceUserName":{},"CreateDate":{"type":"timestamp"},"ServiceSpecificCredentialId":{},"ServiceName":{}}}}}}},"ListSigningCertificates":{"input":{"type":"structure","members":{"UserName":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListSigningCertificatesResult","type":"structure","required":["Certificates"],"members":{"Certificates":{"type":"list","member":{"shape":"S96"}},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListUserPolicies":{"input":{"type":"structure","required":["UserName"],"members":{"UserName":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListUserPoliciesResult","type":"structure","required":["PolicyNames"],"members":{"PolicyNames":{"shape":"S7k"},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListUserTags":{"input":{"type":"structure","required":["UserName"],"members":{"UserName":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListUserTagsResult","type":"structure","required":["Tags"],"members":{"Tags":{"shape":"S14"},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListUsers":{"input":{"type":"structure","members":{"PathPrefix":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListUsersResult","type":"structure","required":["Users"],"members":{"Users":{"shape":"S52"},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"ListVirtualMFADevices":{"input":{"type":"structure","members":{"AssignmentStatus":{},"Marker":{},"MaxItems":{"type":"integer"}}},"output":{"resultWrapper":"ListVirtualMFADevicesResult","type":"structure","required":["VirtualMFADevices"],"members":{"VirtualMFADevices":{"type":"list","member":{"shape":"S2h"}},"IsTruncated":{"type":"boolean"},"Marker":{}}}},"PutGroupPolicy":{"input":{"type":"structure","required":["GroupName","PolicyName","PolicyDocument"],"members":{"GroupName":{},"PolicyName":{},"PolicyDocument":{}}}},"PutRolePermissionsBoundary":{"input":{"type":"structure","required":["RoleName","PermissionsBoundary"],"members":{"RoleName":{},"PermissionsBoundary":{}}}},"PutRolePolicy":{"input":{"type":"structure","required":["RoleName","PolicyName","PolicyDocument"],"members":{"RoleName":{},"PolicyName":{},"PolicyDocument":{}}}},"PutUserPermissionsBoundary":{"input":{"type":"structure","required":["UserName","PermissionsBoundary"],"members":{"UserName":{},"PermissionsBoundary":{}}}},"PutUserPolicy":{"input":{"type":"structure","required":["UserName","PolicyName","PolicyDocument"],"members":{"UserName":{},"PolicyName":{},"PolicyDocument":{}}}},"RemoveClientIDFromOpenIDConnectProvider":{"input":{"type":"structure","required":["OpenIDConnectProviderArn","ClientID"],"members":{"OpenIDConnectProviderArn":{},"ClientID":{}}}},"RemoveRoleFromInstanceProfile":{"input":{"type":"structure","required":["InstanceProfileName","RoleName"],"members":{"InstanceProfileName":{},"RoleName":{}}}},"RemoveUserFromGroup":{"input":{"type":"structure","required":["GroupName","UserName"],"members":{"GroupName":{},"UserName":{}}}},"ResetServiceSpecificCredential":{"input":{"type":"structure","required":["ServiceSpecificCredentialId"],"members":{"UserName":{},"ServiceSpecificCredentialId":{}}},"output":{"resultWrapper":"ResetServiceSpecificCredentialResult","type":"structure","members":{"ServiceSpecificCredential":{"shape":"S27"}}}},"ResyncMFADevice":{"input":{"type":"structure","required":["UserName","SerialNumber","AuthenticationCode1","AuthenticationCode2"],"members":{"UserName":{},"SerialNumber":{},"AuthenticationCode1":{},"AuthenticationCode2":{}}}},"SetDefaultPolicyVersion":{"input":{"type":"structure","required":["PolicyArn","VersionId"],"members":{"PolicyArn":{},"VersionId":{}}}},"SetSecurityTokenServicePreferences":{"input":{"type":"structure","required":["GlobalEndpointTokenVersion"],"members":{"GlobalEndpointTokenVersion":{}}}},"SimulateCustomPolicy":{"input":{"type":"structure","required":["PolicyInputList","ActionNames"],"members":{"PolicyInputList":{"shape":"S4s"},"PermissionsBoundaryPolicyInputList":{"shape":"S4s"},"ActionNames":{"shape":"S9w"},"ResourceArns":{"shape":"S9y"},"ResourcePolicy":{},"ResourceOwner":{},"CallerArn":{},"ContextEntries":{"shape":"Sa0"},"ResourceHandlingOption":{},"MaxItems":{"type":"integer"},"Marker":{}}},"output":{"shape":"Sa6","resultWrapper":"SimulateCustomPolicyResult"}},"SimulatePrincipalPolicy":{"input":{"type":"structure","required":["PolicySourceArn","ActionNames"],"members":{"PolicySourceArn":{},"PolicyInputList":{"shape":"S4s"},"PermissionsBoundaryPolicyInputList":{"shape":"S4s"},"ActionNames":{"shape":"S9w"},"ResourceArns":{"shape":"S9y"},"ResourcePolicy":{},"ResourceOwner":{},"CallerArn":{},"ContextEntries":{"shape":"Sa0"},"ResourceHandlingOption":{},"MaxItems":{"type":"integer"},"Marker":{}}},"output":{"shape":"Sa6","resultWrapper":"SimulatePrincipalPolicyResult"}},"TagRole":{"input":{"type":"structure","required":["RoleName","Tags"],"members":{"RoleName":{},"Tags":{"shape":"S14"}}}},"TagUser":{"input":{"type":"structure","required":["UserName","Tags"],"members":{"UserName":{},"Tags":{"shape":"S14"}}}},"UntagRole":{"input":{"type":"structure","required":["RoleName","TagKeys"],"members":{"RoleName":{},"TagKeys":{"shape":"Sar"}}}},"UntagUser":{"input":{"type":"structure","required":["UserName","TagKeys"],"members":{"UserName":{},"TagKeys":{"shape":"Sar"}}}},"UpdateAccessKey":{"input":{"type":"structure","required":["AccessKeyId","Status"],"members":{"UserName":{},"AccessKeyId":{},"Status":{}}}},"UpdateAccountPasswordPolicy":{"input":{"type":"structure","members":{"MinimumPasswordLength":{"type":"integer"},"RequireSymbols":{"type":"boolean"},"RequireNumbers":{"type":"boolean"},"RequireUppercaseCharacters":{"type":"boolean"},"RequireLowercaseCharacters":{"type":"boolean"},"AllowUsersToChangePassword":{"type":"boolean"},"MaxPasswordAge":{"type":"integer"},"PasswordReusePrevention":{"type":"integer"},"HardExpiry":{"type":"boolean"}}}},"UpdateAssumeRolePolicy":{"input":{"type":"structure","required":["RoleName","PolicyDocument"],"members":{"RoleName":{},"PolicyDocument":{}}}},"UpdateGroup":{"input":{"type":"structure","required":["GroupName"],"members":{"GroupName":{},"NewPath":{},"NewGroupName":{}}}},"UpdateLoginProfile":{"input":{"type":"structure","required":["UserName"],"members":{"UserName":{},"Password":{"shape":"Sf"},"PasswordResetRequired":{"type":"boolean"}}}},"UpdateOpenIDConnectProviderThumbprint":{"input":{"type":"structure","required":["OpenIDConnectProviderArn","ThumbprintList"],"members":{"OpenIDConnectProviderArn":{},"ThumbprintList":{"shape":"S1h"}}}},"UpdateRole":{"input":{"type":"structure","required":["RoleName"],"members":{"RoleName":{},"Description":{},"MaxSessionDuration":{"type":"integer"}}},"output":{"resultWrapper":"UpdateRoleResult","type":"structure","members":{}}},"UpdateRoleDescription":{"input":{"type":"structure","required":["RoleName","Description"],"members":{"RoleName":{},"Description":{}}},"output":{"resultWrapper":"UpdateRoleDescriptionResult","type":"structure","members":{"Role":{"shape":"Sy"}}}},"UpdateSAMLProvider":{"input":{"type":"structure","required":["SAMLMetadataDocument","SAMLProviderArn"],"members":{"SAMLMetadataDocument":{},"SAMLProviderArn":{}}},"output":{"resultWrapper":"UpdateSAMLProviderResult","type":"structure","members":{"SAMLProviderArn":{}}}},"UpdateSSHPublicKey":{"input":{"type":"structure","required":["UserName","SSHPublicKeyId","Status"],"members":{"UserName":{},"SSHPublicKeyId":{},"Status":{}}}},"UpdateServerCertificate":{"input":{"type":"structure","required":["ServerCertificateName"],"members":{"ServerCertificateName":{},"NewPath":{},"NewServerCertificateName":{}}}},"UpdateServiceSpecificCredential":{"input":{"type":"structure","required":["ServiceSpecificCredentialId","Status"],"members":{"UserName":{},"ServiceSpecificCredentialId":{},"Status":{}}}},"UpdateSigningCertificate":{"input":{"type":"structure","required":["CertificateId","Status"],"members":{"UserName":{},"CertificateId":{},"Status":{}}}},"UpdateUser":{"input":{"type":"structure","required":["UserName"],"members":{"UserName":{},"NewPath":{},"NewUserName":{}}}},"UploadSSHPublicKey":{"input":{"type":"structure","required":["UserName","SSHPublicKeyBody"],"members":{"UserName":{},"SSHPublicKeyBody":{}}},"output":{"resultWrapper":"UploadSSHPublicKeyResult","type":"structure","members":{"SSHPublicKey":{"shape":"S5y"}}}},"UploadServerCertificate":{"input":{"type":"structure","required":["ServerCertificateName","CertificateBody","PrivateKey"],"members":{"Path":{},"ServerCertificateName":{},"CertificateBody":{},"PrivateKey":{"type":"string","sensitive":true},"CertificateChain":{}}},"output":{"resultWrapper":"UploadServerCertificateResult","type":"structure","members":{"ServerCertificateMetadata":{"shape":"S64"}}}},"UploadSigningCertificate":{"input":{"type":"structure","required":["CertificateBody"],"members":{"UserName":{},"CertificateBody":{}}},"output":{"resultWrapper":"UploadSigningCertificateResult","type":"structure","required":["Certificate"],"members":{"Certificate":{"shape":"S96"}}}}},"shapes":{"Sf":{"type":"string","sensitive":true},"Ss":{"type":"structure","required":["Path","GroupName","GroupId","Arn","CreateDate"],"members":{"Path":{},"GroupName":{},"GroupId":{},"Arn":{},"CreateDate":{"type":"timestamp"}}},"Sw":{"type":"structure","required":["Path","InstanceProfileName","InstanceProfileId","Arn","CreateDate","Roles"],"members":{"Path":{},"InstanceProfileName":{},"InstanceProfileId":{},"Arn":{},"CreateDate":{"type":"timestamp"},"Roles":{"shape":"Sx"}}},"Sx":{"type":"list","member":{"shape":"Sy"}},"Sy":{"type":"structure","required":["Path","RoleName","RoleId","Arn","CreateDate"],"members":{"Path":{},"RoleName":{},"RoleId":{},"Arn":{},"CreateDate":{"type":"timestamp"},"AssumeRolePolicyDocument":{},"Description":{},"MaxSessionDuration":{"type":"integer"},"PermissionsBoundary":{"shape":"S12"},"Tags":{"shape":"S14"},"RoleLastUsed":{"shape":"S18"}}},"S12":{"type":"structure","members":{"PermissionsBoundaryType":{},"PermissionsBoundaryArn":{}}},"S14":{"type":"list","member":{"type":"structure","required":["Key","Value"],"members":{"Key":{},"Value":{}}}},"S18":{"type":"structure","members":{"LastUsedDate":{"type":"timestamp"},"Region":{}}},"S1d":{"type":"structure","required":["UserName","CreateDate"],"members":{"UserName":{},"CreateDate":{"type":"timestamp"},"PasswordResetRequired":{"type":"boolean"}}},"S1g":{"type":"list","member":{}},"S1h":{"type":"list","member":{}},"S1p":{"type":"structure","members":{"PolicyName":{},"PolicyId":{},"Arn":{},"Path":{},"DefaultVersionId":{},"AttachmentCount":{"type":"integer"},"PermissionsBoundaryUsageCount":{"type":"integer"},"IsAttachable":{"type":"boolean"},"Description":{},"CreateDate":{"type":"timestamp"},"UpdateDate":{"type":"timestamp"}}},"S1u":{"type":"structure","members":{"Document":{},"VersionId":{},"IsDefaultVersion":{"type":"boolean"},"CreateDate":{"type":"timestamp"}}},"S27":{"type":"structure","required":["CreateDate","ServiceName","ServiceUserName","ServicePassword","ServiceSpecificCredentialId","UserName","Status"],"members":{"CreateDate":{"type":"timestamp"},"ServiceName":{},"ServiceUserName":{},"ServicePassword":{"type":"string","sensitive":true},"ServiceSpecificCredentialId":{},"UserName":{},"Status":{}}},"S2d":{"type":"structure","required":["Path","UserName","UserId","Arn","CreateDate"],"members":{"Path":{},"UserName":{},"UserId":{},"Arn":{},"CreateDate":{"type":"timestamp"},"PasswordLastUsed":{"type":"timestamp"},"PermissionsBoundary":{"shape":"S12"},"Tags":{"shape":"S14"}}},"S2h":{"type":"structure","required":["SerialNumber"],"members":{"SerialNumber":{},"Base32StringSeed":{"shape":"S2j"},"QRCodePNG":{"shape":"S2j"},"User":{"shape":"S2d"},"EnableDate":{"type":"timestamp"}}},"S2j":{"type":"blob","sensitive":true},"S43":{"type":"list","member":{"type":"structure","members":{"PolicyName":{},"PolicyDocument":{}}}},"S46":{"type":"list","member":{"type":"structure","members":{"PolicyName":{},"PolicyArn":{}}}},"S4c":{"type":"list","member":{"shape":"Sw"}},"S4f":{"type":"list","member":{"shape":"S1u"}},"S4s":{"type":"list","member":{}},"S4t":{"type":"structure","members":{"ContextKeyNames":{"shape":"S4u"}}},"S4u":{"type":"list","member":{}},"S52":{"type":"list","member":{"shape":"S2d"}},"S5k":{"type":"structure","required":["Message","Code"],"members":{"Message":{},"Code":{}}},"S5y":{"type":"structure","required":["UserName","SSHPublicKeyId","Fingerprint","SSHPublicKeyBody","Status"],"members":{"UserName":{},"SSHPublicKeyId":{},"Fingerprint":{},"SSHPublicKeyBody":{},"Status":{},"UploadDate":{"type":"timestamp"}}},"S64":{"type":"structure","required":["Path","ServerCertificateName","ServerCertificateId","Arn"],"members":{"Path":{},"ServerCertificateName":{},"ServerCertificateId":{},"Arn":{},"UploadDate":{"type":"timestamp"},"Expiration":{"type":"timestamp"}}},"S7k":{"type":"list","member":{}},"S7o":{"type":"list","member":{"shape":"Ss"}},"S96":{"type":"structure","required":["UserName","CertificateId","CertificateBody","Status"],"members":{"UserName":{},"CertificateId":{},"CertificateBody":{},"Status":{},"UploadDate":{"type":"timestamp"}}},"S9w":{"type":"list","member":{}},"S9y":{"type":"list","member":{}},"Sa0":{"type":"list","member":{"type":"structure","members":{"ContextKeyName":{},"ContextKeyValues":{"type":"list","member":{}},"ContextKeyType":{}}}},"Sa6":{"type":"structure","members":{"EvaluationResults":{"type":"list","member":{"type":"structure","required":["EvalActionName","EvalDecision"],"members":{"EvalActionName":{},"EvalResourceName":{},"EvalDecision":{},"MatchedStatements":{"shape":"Saa"},"MissingContextValues":{"shape":"S4u"},"OrganizationsDecisionDetail":{"type":"structure","members":{"AllowedByOrganizations":{"type":"boolean"}}},"PermissionsBoundaryDecisionDetail":{"shape":"Sai"},"EvalDecisionDetails":{"shape":"Saj"},"ResourceSpecificResults":{"type":"list","member":{"type":"structure","required":["EvalResourceName","EvalResourceDecision"],"members":{"EvalResourceName":{},"EvalResourceDecision":{},"MatchedStatements":{"shape":"Saa"},"MissingContextValues":{"shape":"S4u"},"EvalDecisionDetails":{"shape":"Saj"},"PermissionsBoundaryDecisionDetail":{"shape":"Sai"}}}}}}},"IsTruncated":{"type":"boolean"},"Marker":{}}},"Saa":{"type":"list","member":{"type":"structure","members":{"SourcePolicyId":{},"SourcePolicyType":{},"StartPosition":{"shape":"Sae"},"EndPosition":{"shape":"Sae"}}}},"Sae":{"type":"structure","members":{"Line":{"type":"integer"},"Column":{"type":"integer"}}},"Sai":{"type":"structure","members":{"AllowedByPermissionsBoundary":{"type":"boolean"}}},"Saj":{"type":"map","key":{},"value":{}},"Sar":{"type":"list","member":{}}}}; - -/***/ }), - -/***/ 350: -/***/ (function(__unusedmodule, exports) { - -// Generated by CoffeeScript 1.12.7 -(function() { - "use strict"; - var prefixMatch; - - prefixMatch = new RegExp(/(?!xmlns)^.*:/); - - exports.normalize = function(str) { - return str.toLowerCase(); - }; - - exports.firstCharLowerCase = function(str) { - return str.charAt(0).toLowerCase() + str.slice(1); - }; - - exports.stripPrefix = function(str) { - return str.replace(prefixMatch, ''); - }; - - exports.parseNumbers = function(str) { - if (!isNaN(str)) { - str = str % 1 === 0 ? parseInt(str, 10) : parseFloat(str); - } - return str; - }; - - exports.parseBooleans = function(str) { - if (/^(?:true|false)$/i.test(str)) { - str = str.toLowerCase() === 'true'; - } - return str; - }; - -}).call(this); - - -/***/ }), - -/***/ 382: -/***/ (function(__unusedmodule, __unusedexports, __webpack_require__) { - -var AWS = __webpack_require__(395); - -AWS.util.update(AWS.CognitoIdentity.prototype, { - getOpenIdToken: function getOpenIdToken(params, callback) { - return this.makeUnauthenticatedRequest('getOpenIdToken', params, callback); - }, +AWS.CredentialProviderChain.addPromisesToClass = function addPromisesToClass(PromiseDependency) { + this.prototype.resolvePromise = AWS.util.promisifyMethod('resolve', PromiseDependency); +}; - getId: function getId(params, callback) { - return this.makeUnauthenticatedRequest('getId', params, callback); - }, +/** + * @api private + */ +AWS.CredentialProviderChain.deletePromisesFromClass = function deletePromisesFromClass() { + delete this.prototype.resolvePromise; +}; - getCredentialsForIdentity: function getCredentialsForIdentity(params, callback) { - return this.makeUnauthenticatedRequest('getCredentialsForIdentity', params, callback); - } -}); +AWS.util.addPromises(AWS.CredentialProviderChain); /***/ }), -/***/ 395: -/***/ (function(module, __unusedexports, __webpack_require__) { +/***/ 3379: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { -/** - * The main AWS namespace - */ -var AWS = { util: __webpack_require__(153) }; +var AWS = __nccwpck_require__(8437); +__nccwpck_require__(5768); /** - * @api private - * @!macro [new] nobrowser - * @note This feature is not supported in the browser environment of the SDK. + * Represents credentials received from the metadata service on an EC2 instance. + * + * By default, this class will connect to the metadata service using + * {AWS.MetadataService} and attempt to load any available credentials. If it + * can connect, and credentials are available, these will be used with zero + * configuration. + * + * This credentials class will by default timeout after 1 second of inactivity + * and retry 3 times. + * If your requests to the EC2 metadata service are timing out, you can increase + * these values by configuring them directly: + * + * ```javascript + * AWS.config.credentials = new AWS.EC2MetadataCredentials({ + * httpOptions: { timeout: 5000 }, // 5 second timeout + * maxRetries: 10, // retry 10 times + * retryDelayOptions: { base: 200 }, // see AWS.Config for information + * logger: console // see AWS.Config for information + * }); + * ``` + * + * If your requests are timing out in connecting to the metadata service, such + * as when testing on a development machine, you can use the connectTimeout + * option, specified in milliseconds, which also defaults to 1 second. + * + * If the requests failed or returns expired credentials, it will + * extend the expiration of current credential, with a warning message. For more + * information, please go to: + * https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html + * + * @!attribute originalExpiration + * @return [Date] The optional original expiration of the current credential. + * In case of AWS outage, the EC2 metadata will extend expiration of the + * existing credential. + * + * @see AWS.Config.retryDelayOptions + * @see AWS.Config.logger + * + * @!macro nobrowser */ -var _hidden = {}; _hidden.toString(); // hack to parse macro +AWS.EC2MetadataCredentials = AWS.util.inherit(AWS.Credentials, { + constructor: function EC2MetadataCredentials(options) { + AWS.Credentials.call(this); -/** - * @api private - */ -module.exports = AWS; + options = options ? AWS.util.copy(options) : {}; + options = AWS.util.merge( + {maxRetries: this.defaultMaxRetries}, options); + if (!options.httpOptions) options.httpOptions = {}; + options.httpOptions = AWS.util.merge( + {timeout: this.defaultTimeout, + connectTimeout: this.defaultConnectTimeout}, + options.httpOptions); -AWS.util.update(AWS, { + this.metadataService = new AWS.MetadataService(options); + this.logger = options.logger || AWS.config && AWS.config.logger; + }, /** - * @constant + * @api private */ - VERSION: '2.709.0', + defaultTimeout: 1000, - /** + /** * @api private */ - Signers: {}, + defaultConnectTimeout: 1000, /** * @api private */ - Protocol: { - Json: __webpack_require__(912), - Query: __webpack_require__(576), - Rest: __webpack_require__(618), - RestJson: __webpack_require__(315), - RestXml: __webpack_require__(2) - }, + defaultMaxRetries: 3, /** - * @api private + * The original expiration of the current credential. In case of AWS + * outage, the EC2 metadata will extend expiration of the existing + * credential. */ - XML: { - Builder: __webpack_require__(492), - Parser: null // conditionally set based on environment - }, + originalExpiration: undefined, /** - * @api private + * Loads the credentials from the instance metadata service + * + * @callback callback function(err) + * Called when the instance metadata service responds (or fails). When + * this callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see get */ - JSON: { - Builder: __webpack_require__(337), - Parser: __webpack_require__(806) + refresh: function refresh(callback) { + this.coalesceRefresh(callback || AWS.util.fn.callback); }, /** * @api private + * @param callback */ - Model: { - Api: __webpack_require__(788), - Operation: __webpack_require__(964), - Shape: __webpack_require__(682), - Paginator: __webpack_require__(265), - ResourceWaiter: __webpack_require__(624) + load: function load(callback) { + var self = this; + self.metadataService.loadCredentials(function(err, creds) { + if (err) { + if (self.hasLoadedCredentials()) { + self.extendExpirationIfExpired(); + callback(); + } else { + callback(err); + } + } else { + self.setCredentials(creds); + self.extendExpirationIfExpired(); + callback(); + } + }); }, /** + * Whether this credential has been loaded. * @api private */ - apiLoader: __webpack_require__(165), + hasLoadedCredentials: function hasLoadedCredentials() { + return this.AccessKeyId && this.secretAccessKey; + }, /** + * if expired, extend the expiration by 15 minutes base plus a jitter of 5 + * minutes range. * @api private */ - EndpointCache: __webpack_require__(120).EndpointCache -}); -__webpack_require__(610); -__webpack_require__(503); -__webpack_require__(187); -__webpack_require__(711); -__webpack_require__(606); -__webpack_require__(453); -__webpack_require__(828); -__webpack_require__(930); -__webpack_require__(835); -__webpack_require__(977); - -/** - * @readonly - * @return [AWS.SequentialExecutor] a collection of global event listeners that - * are attached to every sent request. - * @see AWS.Request AWS.Request for a list of events to listen for - * @example Logging the time taken to send a request - * AWS.events.on('send', function startSend(resp) { - * resp.startTime = new Date().getTime(); - * }).on('complete', function calculateTime(resp) { - * var time = (new Date().getTime() - resp.startTime) / 1000; - * console.log('Request took ' + time + ' seconds'); - * }); - * - * new AWS.S3().listBuckets(); // prints 'Request took 0.285 seconds' - */ -AWS.events = new AWS.SequentialExecutor(); - -//create endpoint cache lazily -AWS.util.memoizedProperty(AWS, 'endpointCache', function() { - return new AWS.EndpointCache(AWS.config.endpointCacheSize); -}, true); - - -/***/ }), - -/***/ 404: -/***/ (function(module, __unusedexports, __webpack_require__) { - -var escapeAttribute = __webpack_require__(918).escapeAttribute; - -/** - * Represents an XML node. - * @api private - */ -function XmlNode(name, children) { - if (children === void 0) { children = []; } - this.name = name; - this.children = children; - this.attributes = {}; -} -XmlNode.prototype.addAttribute = function (name, value) { - this.attributes[name] = value; - return this; -}; -XmlNode.prototype.addChildNode = function (child) { - this.children.push(child); - return this; -}; -XmlNode.prototype.removeAttribute = function (name) { - delete this.attributes[name]; - return this; -}; -XmlNode.prototype.toString = function () { - var hasChildren = Boolean(this.children.length); - var xmlText = '<' + this.name; - // add attributes - var attributes = this.attributes; - for (var i = 0, attributeNames = Object.keys(attributes); i < attributeNames.length; i++) { - var attributeName = attributeNames[i]; - var attribute = attributes[attributeName]; - if (typeof attribute !== 'undefined' && attribute !== null) { - xmlText += ' ' + attributeName + '=\"' + escapeAttribute('' + attribute) + '\"'; - } - } - return xmlText += !hasChildren ? '/>' : '>' + this.children.map(function (c) { return c.toString(); }).join('') + ''; -}; - -/** - * @api private - */ -module.exports = { - XmlNode: XmlNode -}; - - -/***/ }), - -/***/ 413: -/***/ (function(module) { - -module.exports = require("stream"); - -/***/ }), - -/***/ 414: -/***/ (function(module) { - -module.exports = require("url"); - -/***/ }), - -/***/ 417: -/***/ (function(module) { - -module.exports = require("crypto"); - -/***/ }), - -/***/ 423: -/***/ (function(module) { - -// Generated by CoffeeScript 1.12.7 -(function() { - var XMLWriterBase, - hasProp = {}.hasOwnProperty; - - module.exports = XMLWriterBase = (function() { - function XMLWriterBase(options) { - var key, ref, ref1, ref2, ref3, ref4, ref5, ref6, value; - options || (options = {}); - this.pretty = options.pretty || false; - this.allowEmpty = (ref = options.allowEmpty) != null ? ref : false; - if (this.pretty) { - this.indent = (ref1 = options.indent) != null ? ref1 : ' '; - this.newline = (ref2 = options.newline) != null ? ref2 : '\n'; - this.offset = (ref3 = options.offset) != null ? ref3 : 0; - this.dontprettytextnodes = (ref4 = options.dontprettytextnodes) != null ? ref4 : 0; - } else { - this.indent = ''; - this.newline = ''; - this.offset = 0; - this.dontprettytextnodes = 0; - } - this.spacebeforeslash = (ref5 = options.spacebeforeslash) != null ? ref5 : ''; - if (this.spacebeforeslash === true) { - this.spacebeforeslash = ' '; - } - this.newlinedefault = this.newline; - this.prettydefault = this.pretty; - ref6 = options.writer || {}; - for (key in ref6) { - if (!hasProp.call(ref6, key)) continue; - value = ref6[key]; - this[key] = value; - } + extendExpirationIfExpired: function extendExpirationIfExpired() { + if (this.needsRefresh()) { + this.originalExpiration = this.originalExpiration || this.expireTime; + this.expired = false; + var nextTimeout = 15 * 60 + Math.floor(Math.random() * 5 * 60); + var currentTime = AWS.util.date.getDate().getTime(); + this.expireTime = new Date(currentTime + nextTimeout * 1000); + // TODO: add doc link; + this.logger.warn('Attempting credential expiration extension due to a ' + + 'credential service availability issue. A refresh of these ' + + 'credentials will be attempted again at ' + this.expireTime + + '\nFor more information, please visit: https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html'); } + }, - XMLWriterBase.prototype.set = function(options) { - var key, ref, value; - options || (options = {}); - if ("pretty" in options) { - this.pretty = options.pretty; - } - if ("allowEmpty" in options) { - this.allowEmpty = options.allowEmpty; - } - if (this.pretty) { - this.indent = "indent" in options ? options.indent : ' '; - this.newline = "newline" in options ? options.newline : '\n'; - this.offset = "offset" in options ? options.offset : 0; - this.dontprettytextnodes = "dontprettytextnodes" in options ? options.dontprettytextnodes : 0; - } else { - this.indent = ''; - this.newline = ''; - this.offset = 0; - this.dontprettytextnodes = 0; - } - this.spacebeforeslash = "spacebeforeslash" in options ? options.spacebeforeslash : ''; - if (this.spacebeforeslash === true) { - this.spacebeforeslash = ' '; - } - this.newlinedefault = this.newline; - this.prettydefault = this.pretty; - ref = options.writer || {}; - for (key in ref) { - if (!hasProp.call(ref, key)) continue; - value = ref[key]; - this[key] = value; - } - return this; - }; - - XMLWriterBase.prototype.space = function(level) { - var indent; - if (this.pretty) { - indent = (level || 0) + this.offset + 1; - if (indent > 0) { - return new Array(indent).join(this.indent); - } else { - return ''; - } - } else { - return ''; - } - }; - - return XMLWriterBase; - - })(); - -}).call(this); + /** + * Update the credential with new credential responded from EC2 metadata + * service. + * @api private + */ + setCredentials: function setCredentials(creds) { + var currentTime = AWS.util.date.getDate().getTime(); + var expireTime = new Date(creds.Expiration); + this.expired = currentTime >= expireTime ? true : false; + this.metadata = creds; + this.accessKeyId = creds.AccessKeyId; + this.secretAccessKey = creds.SecretAccessKey; + this.sessionToken = creds.Token; + this.expireTime = expireTime; + } +}); /***/ }), -/***/ 426: -/***/ (function(__unusedmodule, __unusedexports, __webpack_require__) { +/***/ 645: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { -var AWS = __webpack_require__(395), - ENV_RELATIVE_URI = 'AWS_CONTAINER_CREDENTIALS_RELATIVE_URI', - ENV_FULL_URI = 'AWS_CONTAINER_CREDENTIALS_FULL_URI', - ENV_AUTH_TOKEN = 'AWS_CONTAINER_AUTHORIZATION_TOKEN', - FULL_URI_UNRESTRICTED_PROTOCOLS = ['https:'], - FULL_URI_ALLOWED_PROTOCOLS = ['http:', 'https:'], - FULL_URI_ALLOWED_HOSTNAMES = ['localhost', '127.0.0.1'], - RELATIVE_URI_HOST = '169.254.170.2'; +var AWS = __nccwpck_require__(8437); /** - * Represents credentials received from specified URI. + * Represents credentials received from relative URI specified in the ECS container. * * This class will request refreshable credentials from the relative URI * specified by the AWS_CONTAINER_CREDENTIALS_RELATIVE_URI or the @@ -4398,7 +4789,7 @@ var AWS = __webpack_require__(395), * the value by configuring them directly: * * ```javascript - * AWS.config.credentials = new AWS.RemoteCredentials({ + * AWS.config.credentials = new AWS.ECSCredentials({ * httpOptions: { timeout: 5000 }, // 5 second timeout * maxRetries: 10, // retry 10 times * retryDelayOptions: { base: 200 } // see AWS.Config for information @@ -4409,10070 +4800,9748 @@ var AWS = __webpack_require__(395), * * @!macro nobrowser */ -AWS.RemoteCredentials = AWS.util.inherit(AWS.Credentials, { - constructor: function RemoteCredentials(options) { - AWS.Credentials.call(this); - options = options ? AWS.util.copy(options) : {}; - if (!options.httpOptions) options.httpOptions = {}; - options.httpOptions = AWS.util.merge( - this.httpOptions, options.httpOptions); - AWS.util.update(this, options); - }, +AWS.ECSCredentials = AWS.RemoteCredentials; - /** - * @api private - */ - httpOptions: { timeout: 1000 }, - /** - * @api private - */ - maxRetries: 3, +/***/ }), - /** - * @api private - */ - isConfiguredForEcsCredentials: function isConfiguredForEcsCredentials() { - return Boolean( - process && - process.env && - (process.env[ENV_RELATIVE_URI] || process.env[ENV_FULL_URI]) - ); - }, +/***/ 7714: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { - /** - * @api private - */ - getECSFullUri: function getECSFullUri() { - if (process && process.env) { - var relative = process.env[ENV_RELATIVE_URI], - full = process.env[ENV_FULL_URI]; - if (relative) { - return 'http://' + RELATIVE_URI_HOST + relative; - } else if (full) { - var parsed = AWS.util.urlParse(full); - if (FULL_URI_ALLOWED_PROTOCOLS.indexOf(parsed.protocol) < 0) { - throw AWS.util.error( - new Error('Unsupported protocol: AWS.RemoteCredentials supports ' - + FULL_URI_ALLOWED_PROTOCOLS.join(',') + ' only; ' - + parsed.protocol + ' requested.'), - { code: 'ECSCredentialsProviderFailure' } - ); - } - - if (FULL_URI_UNRESTRICTED_PROTOCOLS.indexOf(parsed.protocol) < 0 && - FULL_URI_ALLOWED_HOSTNAMES.indexOf(parsed.hostname) < 0) { - throw AWS.util.error( - new Error('Unsupported hostname: AWS.RemoteCredentials only supports ' - + FULL_URI_ALLOWED_HOSTNAMES.join(',') + ' for ' + parsed.protocol + '; ' - + parsed.protocol + '//' + parsed.hostname + ' requested.'), - { code: 'ECSCredentialsProviderFailure' } - ); - } +var AWS = __nccwpck_require__(8437); - return full; - } else { - throw AWS.util.error( - new Error('Variable ' + ENV_RELATIVE_URI + ' or ' + ENV_FULL_URI + - ' must be set to use AWS.RemoteCredentials.'), - { code: 'ECSCredentialsProviderFailure' } - ); - } - } else { - throw AWS.util.error( - new Error('No process info available'), - { code: 'ECSCredentialsProviderFailure' } - ); - } - }, +/** + * Represents credentials from the environment. + * + * By default, this class will look for the matching environment variables + * prefixed by a given {envPrefix}. The un-prefixed environment variable names + * for each credential value is listed below: + * + * ```javascript + * accessKeyId: ACCESS_KEY_ID + * secretAccessKey: SECRET_ACCESS_KEY + * sessionToken: SESSION_TOKEN + * ``` + * + * With the default prefix of 'AWS', the environment variables would be: + * + * AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN + * + * @!attribute envPrefix + * @readonly + * @return [String] the prefix for the environment variable names excluding + * the separating underscore ('_'). + */ +AWS.EnvironmentCredentials = AWS.util.inherit(AWS.Credentials, { /** - * @api private + * Creates a new EnvironmentCredentials class with a given variable + * prefix {envPrefix}. For example, to load credentials using the 'AWS' + * prefix: + * + * ```javascript + * var creds = new AWS.EnvironmentCredentials('AWS'); + * creds.accessKeyId == 'AKID' // from AWS_ACCESS_KEY_ID env var + * ``` + * + * @param envPrefix [String] the prefix to use (e.g., 'AWS') for environment + * variables. Do not include the separating underscore. */ - getECSAuthToken: function getECSAuthToken() { - if (process && process.env && process.env[ENV_FULL_URI]) { - return process.env[ENV_AUTH_TOKEN]; - } + constructor: function EnvironmentCredentials(envPrefix) { + AWS.Credentials.call(this); + this.envPrefix = envPrefix; + this.get(function() {}); }, /** - * @api private + * Loads credentials from the environment using the prefixed + * environment variables. + * + * @callback callback function(err) + * Called after the (prefixed) ACCESS_KEY_ID, SECRET_ACCESS_KEY, and + * SESSION_TOKEN environment variables are read. When this callback is + * called with no error, it means that the credentials information has + * been loaded into the object (as the `accessKeyId`, `secretAccessKey`, + * and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see get */ - credsFormatIsValid: function credsFormatIsValid(credData) { - return (!!credData.accessKeyId && !!credData.secretAccessKey && - !!credData.sessionToken && !!credData.expireTime); - }, + refresh: function refresh(callback) { + if (!callback) callback = AWS.util.fn.callback; - /** - * @api private - */ - formatCreds: function formatCreds(credData) { - if (!!credData.credentials) { - credData = credData.credentials; + if (!process || !process.env) { + callback(AWS.util.error( + new Error('No process info or environment variables available'), + { code: 'EnvironmentCredentialsProviderFailure' } + )); + return; } - return { - expired: false, - accessKeyId: credData.accessKeyId || credData.AccessKeyId, - secretAccessKey: credData.secretAccessKey || credData.SecretAccessKey, - sessionToken: credData.sessionToken || credData.Token, - expireTime: new Date(credData.expiration || credData.Expiration) - }; - }, + var keys = ['ACCESS_KEY_ID', 'SECRET_ACCESS_KEY', 'SESSION_TOKEN']; + var values = []; + + for (var i = 0; i < keys.length; i++) { + var prefix = ''; + if (this.envPrefix) prefix = this.envPrefix + '_'; + values[i] = process.env[prefix + keys[i]]; + if (!values[i] && keys[i] !== 'SESSION_TOKEN') { + callback(AWS.util.error( + new Error('Variable ' + prefix + keys[i] + ' not set.'), + { code: 'EnvironmentCredentialsProviderFailure' } + )); + return; + } + } + + this.expired = false; + AWS.Credentials.apply(this, values); + callback(); + } + +}); + + +/***/ }), + +/***/ 7454: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { + +var AWS = __nccwpck_require__(8437); + +/** + * Represents credentials from a JSON file on disk. + * If the credentials expire, the SDK can {refresh} the credentials + * from the file. + * + * The format of the file should be similar to the options passed to + * {AWS.Config}: + * + * ```javascript + * {accessKeyId: 'akid', secretAccessKey: 'secret', sessionToken: 'optional'} + * ``` + * + * @example Loading credentials from disk + * var creds = new AWS.FileSystemCredentials('./configuration.json'); + * creds.accessKeyId == 'AKID' + * + * @!attribute filename + * @readonly + * @return [String] the path to the JSON file on disk containing the + * credentials. + * @!macro nobrowser + */ +AWS.FileSystemCredentials = AWS.util.inherit(AWS.Credentials, { /** - * @api private + * @overload AWS.FileSystemCredentials(filename) + * Creates a new FileSystemCredentials object from a filename + * + * @param filename [String] the path on disk to the JSON file to load. */ - request: function request(url, callback) { - var httpRequest = new AWS.HttpRequest(url); - httpRequest.method = 'GET'; - httpRequest.headers.Accept = 'application/json'; - var token = this.getECSAuthToken(); - if (token) { - httpRequest.headers.Authorization = token; - } - AWS.util.handleRequestWithRetries(httpRequest, this, callback); + constructor: function FileSystemCredentials(filename) { + AWS.Credentials.call(this); + this.filename = filename; + this.get(function() {}); }, /** - * Loads the credentials from the relative URI specified by container + * Loads the credentials from the {filename} on disk. * * @callback callback function(err) - * Called when the request to the relative URI responds (or fails). When - * this callback is called with no error, it means that the credentials - * information has been loaded into the object (as the `accessKeyId`, - * `secretAccessKey`, `sessionToken`, and `expireTime` properties). + * Called after the JSON file on disk is read and parsed. When this callback + * is called with no error, it means that the credentials information + * has been loaded into the object (as the `accessKeyId`, `secretAccessKey`, + * and `sessionToken` properties). * @param err [Error] if an error occurred, this value will be filled * @see get */ refresh: function refresh(callback) { - this.coalesceRefresh(callback || AWS.util.fn.callback); - }, - - /** - * @api private - */ - load: function load(callback) { - var self = this; - var fullUri; - + if (!callback) callback = AWS.util.fn.callback; try { - fullUri = this.getECSFullUri(); + var creds = JSON.parse(AWS.util.readFileSync(this.filename)); + AWS.Credentials.call(this, creds); + if (!this.accessKeyId || !this.secretAccessKey) { + throw AWS.util.error( + new Error('Credentials not set in ' + this.filename), + { code: 'FileSystemCredentialsProviderFailure' } + ); + } + this.expired = false; + callback(); } catch (err) { callback(err); - return; } - - this.request(fullUri, function(err, data) { - if (!err) { - try { - data = JSON.parse(data); - var creds = self.formatCreds(data); - if (!self.credsFormatIsValid(creds)) { - throw AWS.util.error( - new Error('Response data is not in valid format'), - { code: 'ECSCredentialsProviderFailure' } - ); - } - AWS.util.update(self, creds); - } catch (dataError) { - err = dataError; - } - } - callback(err, creds); - }); } + }); /***/ }), -/***/ 431: -/***/ (function(__unusedmodule, exports, __webpack_require__) { +/***/ 371: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { -"use strict"; +var AWS = __nccwpck_require__(8437); +var proc = __nccwpck_require__(2081); +var iniLoader = AWS.util.iniLoader; -var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); -}) : (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - o[k2] = m[k]; -})); -var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { - Object.defineProperty(o, "default", { enumerable: true, value: v }); -}) : function(o, v) { - o["default"] = v; -}); -var __importStar = (this && this.__importStar) || function (mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); - __setModuleDefault(result, mod); - return result; -}; -Object.defineProperty(exports, "__esModule", { value: true }); -exports.issue = exports.issueCommand = void 0; -const os = __importStar(__webpack_require__(87)); -const utils_1 = __webpack_require__(82); /** - * Commands + * Represents credentials loaded from shared credentials file + * (defaulting to ~/.aws/credentials or defined by the + * `AWS_SHARED_CREDENTIALS_FILE` environment variable). * - * Command Format: - * ::name key=value,key=value::message + * ## Using process credentials * - * Examples: - * ::warning::This is the message - * ::set-env name=MY_VAR::some value + * The credentials file can specify a credential provider that executes + * a given process and attempts to read its stdout to recieve a JSON payload + * containing the credentials: + * + * [default] + * credential_process = /usr/bin/credential_proc + * + * Automatically handles refreshing credentials if an Expiration time is + * provided in the credentials payload. Credentials supplied in the same profile + * will take precedence over the credential_process. + * + * Sourcing credentials from an external process can potentially be dangerous, + * so proceed with caution. Other credential providers should be preferred if + * at all possible. If using this option, you should make sure that the shared + * credentials file is as locked down as possible using security best practices + * for your operating system. + * + * ## Using custom profiles + * + * The SDK supports loading credentials for separate profiles. This can be done + * in two ways: + * + * 1. Set the `AWS_PROFILE` environment variable in your process prior to + * loading the SDK. + * 2. Directly load the AWS.ProcessCredentials provider: + * + * ```javascript + * var creds = new AWS.ProcessCredentials({profile: 'myprofile'}); + * AWS.config.credentials = creds; + * ``` + * + * @!macro nobrowser */ -function issueCommand(command, properties, message) { - const cmd = new Command(command, properties, message); - process.stdout.write(cmd.toString() + os.EOL); -} -exports.issueCommand = issueCommand; -function issue(name, message = '') { - issueCommand(name, {}, message); -} -exports.issue = issue; -const CMD_STRING = '::'; -class Command { - constructor(command, properties, message) { - if (!command) { - command = 'missing.command'; - } - this.command = command; - this.properties = properties; - this.message = message; - } - toString() { - let cmdStr = CMD_STRING + this.command; - if (this.properties && Object.keys(this.properties).length > 0) { - cmdStr += ' '; - let first = true; - for (const key in this.properties) { - if (this.properties.hasOwnProperty(key)) { - const val = this.properties[key]; - if (val) { - if (first) { - first = false; - } - else { - cmdStr += ','; - } - cmdStr += `${key}=${escapeProperty(val)}`; - } - } - } - } - cmdStr += `${CMD_STRING}${escapeData(this.message)}`; - return cmdStr; - } -} -function escapeData(s) { - return utils_1.toCommandValue(s) - .replace(/%/g, '%25') - .replace(/\r/g, '%0D') - .replace(/\n/g, '%0A'); -} -function escapeProperty(s) { - return utils_1.toCommandValue(s) - .replace(/%/g, '%25') - .replace(/\r/g, '%0D') - .replace(/\n/g, '%0A') - .replace(/:/g, '%3A') - .replace(/,/g, '%2C'); -} -//# sourceMappingURL=command.js.map +AWS.ProcessCredentials = AWS.util.inherit(AWS.Credentials, { + /** + * Creates a new ProcessCredentials object. + * + * @param options [map] a set of options + * @option options profile [String] (AWS_PROFILE env var or 'default') + * the name of the profile to load. + * @option options filename [String] ('~/.aws/credentials' or defined by + * AWS_SHARED_CREDENTIALS_FILE process env var) + * the filename to use when loading credentials. + * @option options callback [Function] (err) Credentials are eagerly loaded + * by the constructor. When the callback is called with no error, the + * credentials have been loaded successfully. + */ + constructor: function ProcessCredentials(options) { + AWS.Credentials.call(this); -/***/ }), + options = options || {}; -/***/ 439: -/***/ (function(module, __unusedexports, __webpack_require__) { + this.filename = options.filename; + this.profile = options.profile || process.env.AWS_PROFILE || AWS.util.defaultProfile; + this.get(options.callback || AWS.util.fn.noop); + }, -var util = __webpack_require__(153); + /** + * @api private + */ + load: function load(callback) { + var self = this; + try { + var profiles = AWS.util.getProfilesFromSharedConfig(iniLoader, this.filename); + var profile = profiles[this.profile] || {}; -function QueryParamSerializer() { -} + if (Object.keys(profile).length === 0) { + throw AWS.util.error( + new Error('Profile ' + this.profile + ' not found'), + { code: 'ProcessCredentialsProviderFailure' } + ); + } -QueryParamSerializer.prototype.serialize = function(params, shape, fn) { - serializeStructure('', params, shape, fn); -}; + if (profile['credential_process']) { + this.loadViaCredentialProcess(profile, function(err, data) { + if (err) { + callback(err, null); + } else { + self.expired = false; + self.accessKeyId = data.AccessKeyId; + self.secretAccessKey = data.SecretAccessKey; + self.sessionToken = data.SessionToken; + if (data.Expiration) { + self.expireTime = new Date(data.Expiration); + } + callback(null); + } + }); + } else { + throw AWS.util.error( + new Error('Profile ' + this.profile + ' did not include credential process'), + { code: 'ProcessCredentialsProviderFailure' } + ); + } + } catch (err) { + callback(err); + } + }, -function ucfirst(shape) { - if (shape.isQueryName || shape.api.protocol !== 'ec2') { - return shape.name; - } else { - return shape.name[0].toUpperCase() + shape.name.substr(1); - } -} + /** + * Executes the credential_process and retrieves + * credentials from the output + * @api private + * @param profile [map] credentials profile + * @throws ProcessCredentialsProviderFailure + */ + loadViaCredentialProcess: function loadViaCredentialProcess(profile, callback) { + proc.exec(profile['credential_process'], { env: process.env }, function(err, stdOut, stdErr) { + if (err) { + callback(AWS.util.error( + new Error('credential_process returned error'), + { code: 'ProcessCredentialsProviderFailure'} + ), null); + } else { + try { + var credData = JSON.parse(stdOut); + if (credData.Expiration) { + var currentTime = AWS.util.date.getDate(); + var expireTime = new Date(credData.Expiration); + if (expireTime < currentTime) { + throw Error('credential_process returned expired credentials'); + } + } -function serializeStructure(prefix, struct, rules, fn) { - util.each(rules.members, function(name, member) { - var value = struct[name]; - if (value === null || value === undefined) return; + if (credData.Version !== 1) { + throw Error('credential_process does not return Version == 1'); + } + callback(null, credData); + } catch (err) { + callback(AWS.util.error( + new Error(err.message), + { code: 'ProcessCredentialsProviderFailure'} + ), null); + } + } + }); + }, - var memberName = ucfirst(member); - memberName = prefix ? prefix + '.' + memberName : memberName; - serializeMember(memberName, value, member, fn); - }); -} + /** + * Loads the credentials from the credential process + * + * @callback callback function(err) + * Called after the credential process has been executed. When this + * callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see get + */ + refresh: function refresh(callback) { + iniLoader.clearCachedFiles(); + this.coalesceRefresh(callback || AWS.util.fn.callback); + } +}); -function serializeMap(name, map, rules, fn) { - var i = 1; - util.each(map, function (key, value) { - var prefix = rules.flattened ? '.' : '.entry.'; - var position = prefix + (i++) + '.'; - var keyName = position + (rules.key.name || 'key'); - var valueName = position + (rules.value.name || 'value'); - serializeMember(name + keyName, key, rules.key, fn); - serializeMember(name + valueName, value, rules.value, fn); - }); -} -function serializeList(name, list, rules, fn) { - var memberRules = rules.member || {}; +/***/ }), - if (list.length === 0) { - fn.call(this, name, null); - return; - } +/***/ 8764: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { - util.arrayEach(list, function (v, n) { - var suffix = '.' + (n + 1); - if (rules.api.protocol === 'ec2') { - // Do nothing for EC2 - suffix = suffix + ''; // make linter happy - } else if (rules.flattened) { - if (memberRules.name) { - var parts = name.split('.'); - parts.pop(); - parts.push(ucfirst(memberRules)); - name = parts.join('.'); - } - } else { - suffix = '.' + (memberRules.name ? memberRules.name : 'member') + suffix; - } - serializeMember(name + suffix, v, memberRules, fn); - }); -} - -function serializeMember(name, value, rules, fn) { - if (value === null || value === undefined) return; - if (rules.type === 'structure') { - serializeStructure(name, value, rules, fn); - } else if (rules.type === 'list') { - serializeList(name, value, rules, fn); - } else if (rules.type === 'map') { - serializeMap(name, value, rules, fn); - } else { - fn(name, rules.toWireFormat(value).toString()); - } -} +var AWS = __nccwpck_require__(8437), + ENV_RELATIVE_URI = 'AWS_CONTAINER_CREDENTIALS_RELATIVE_URI', + ENV_FULL_URI = 'AWS_CONTAINER_CREDENTIALS_FULL_URI', + ENV_AUTH_TOKEN = 'AWS_CONTAINER_AUTHORIZATION_TOKEN', + FULL_URI_UNRESTRICTED_PROTOCOLS = ['https:'], + FULL_URI_ALLOWED_PROTOCOLS = ['http:', 'https:'], + FULL_URI_ALLOWED_HOSTNAMES = ['localhost', '127.0.0.1'], + RELATIVE_URI_HOST = '169.254.170.2'; /** - * @api private + * Represents credentials received from specified URI. + * + * This class will request refreshable credentials from the relative URI + * specified by the AWS_CONTAINER_CREDENTIALS_RELATIVE_URI or the + * AWS_CONTAINER_CREDENTIALS_FULL_URI environment variable. If valid credentials + * are returned in the response, these will be used with zero configuration. + * + * This credentials class will by default timeout after 1 second of inactivity + * and retry 3 times. + * If your requests to the relative URI are timing out, you can increase + * the value by configuring them directly: + * + * ```javascript + * AWS.config.credentials = new AWS.RemoteCredentials({ + * httpOptions: { timeout: 5000 }, // 5 second timeout + * maxRetries: 10, // retry 10 times + * retryDelayOptions: { base: 200 } // see AWS.Config for information + * }); + * ``` + * + * @see AWS.Config.retryDelayOptions + * + * @!macro nobrowser */ -module.exports = QueryParamSerializer; +AWS.RemoteCredentials = AWS.util.inherit(AWS.Credentials, { + constructor: function RemoteCredentials(options) { + AWS.Credentials.call(this); + options = options ? AWS.util.copy(options) : {}; + if (!options.httpOptions) options.httpOptions = {}; + options.httpOptions = AWS.util.merge( + this.httpOptions, options.httpOptions); + AWS.util.update(this, options); + }, + /** + * @api private + */ + httpOptions: { timeout: 1000 }, -/***/ }), + /** + * @api private + */ + maxRetries: 3, -/***/ 445: -/***/ (function(module, __unusedexports, __webpack_require__) { + /** + * @api private + */ + isConfiguredForEcsCredentials: function isConfiguredForEcsCredentials() { + return Boolean( + process && + process.env && + (process.env[ENV_RELATIVE_URI] || process.env[ENV_FULL_URI]) + ); + }, -/** - * What is necessary to create an event stream in node? - * - http response stream - * - parser - * - event stream model - */ + /** + * @api private + */ + getECSFullUri: function getECSFullUri() { + if (process && process.env) { + var relative = process.env[ENV_RELATIVE_URI], + full = process.env[ENV_FULL_URI]; + if (relative) { + return 'http://' + RELATIVE_URI_HOST + relative; + } else if (full) { + var parsed = AWS.util.urlParse(full); + if (FULL_URI_ALLOWED_PROTOCOLS.indexOf(parsed.protocol) < 0) { + throw AWS.util.error( + new Error('Unsupported protocol: AWS.RemoteCredentials supports ' + + FULL_URI_ALLOWED_PROTOCOLS.join(',') + ' only; ' + + parsed.protocol + ' requested.'), + { code: 'ECSCredentialsProviderFailure' } + ); + } -var EventMessageChunkerStream = __webpack_require__(862).EventMessageChunkerStream; -var EventUnmarshallerStream = __webpack_require__(723).EventUnmarshallerStream; + if (FULL_URI_UNRESTRICTED_PROTOCOLS.indexOf(parsed.protocol) < 0 && + FULL_URI_ALLOWED_HOSTNAMES.indexOf(parsed.hostname) < 0) { + throw AWS.util.error( + new Error('Unsupported hostname: AWS.RemoteCredentials only supports ' + + FULL_URI_ALLOWED_HOSTNAMES.join(',') + ' for ' + parsed.protocol + '; ' + + parsed.protocol + '//' + parsed.hostname + ' requested.'), + { code: 'ECSCredentialsProviderFailure' } + ); + } -function createEventStream(stream, parser, model) { - var eventStream = new EventUnmarshallerStream({ - parser: parser, - eventStreamModel: model - }); + return full; + } else { + throw AWS.util.error( + new Error('Variable ' + ENV_RELATIVE_URI + ' or ' + ENV_FULL_URI + + ' must be set to use AWS.RemoteCredentials.'), + { code: 'ECSCredentialsProviderFailure' } + ); + } + } else { + throw AWS.util.error( + new Error('No process info available'), + { code: 'ECSCredentialsProviderFailure' } + ); + } + }, - var eventMessageChunker = new EventMessageChunkerStream(); + /** + * @api private + */ + getECSAuthToken: function getECSAuthToken() { + if (process && process.env && process.env[ENV_FULL_URI]) { + return process.env[ENV_AUTH_TOKEN]; + } + }, - stream.pipe( - eventMessageChunker - ).pipe(eventStream); + /** + * @api private + */ + credsFormatIsValid: function credsFormatIsValid(credData) { + return (!!credData.accessKeyId && !!credData.secretAccessKey && + !!credData.sessionToken && !!credData.expireTime); + }, - stream.on('error', function(err) { - eventMessageChunker.emit('error', err); - }); + /** + * @api private + */ + formatCreds: function formatCreds(credData) { + if (!!credData.credentials) { + credData = credData.credentials; + } - eventMessageChunker.on('error', function(err) { - eventStream.emit('error', err); - }); + return { + expired: false, + accessKeyId: credData.accessKeyId || credData.AccessKeyId, + secretAccessKey: credData.secretAccessKey || credData.SecretAccessKey, + sessionToken: credData.sessionToken || credData.Token, + expireTime: new Date(credData.expiration || credData.Expiration) + }; + }, - return eventStream; -} + /** + * @api private + */ + request: function request(url, callback) { + var httpRequest = new AWS.HttpRequest(url); + httpRequest.method = 'GET'; + httpRequest.headers.Accept = 'application/json'; + var token = this.getECSAuthToken(); + if (token) { + httpRequest.headers.Authorization = token; + } + AWS.util.handleRequestWithRetries(httpRequest, this, callback); + }, -/** - * @api private - */ -module.exports = { - createEventStream: createEventStream -}; + /** + * Loads the credentials from the relative URI specified by container + * + * @callback callback function(err) + * Called when the request to the relative URI responds (or fails). When + * this callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, `sessionToken`, and `expireTime` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see get + */ + refresh: function refresh(callback) { + this.coalesceRefresh(callback || AWS.util.fn.callback); + }, + + /** + * @api private + */ + load: function load(callback) { + var self = this; + var fullUri; + + try { + fullUri = this.getECSFullUri(); + } catch (err) { + callback(err); + return; + } + + this.request(fullUri, function(err, data) { + if (!err) { + try { + data = JSON.parse(data); + var creds = self.formatCreds(data); + if (!self.credsFormatIsValid(creds)) { + throw AWS.util.error( + new Error('Response data is not in valid format'), + { code: 'ECSCredentialsProviderFailure' } + ); + } + AWS.util.update(self, creds); + } catch (dataError) { + err = dataError; + } + } + callback(err, creds); + }); + } +}); /***/ }), -/***/ 453: -/***/ (function(__unusedmodule, __unusedexports, __webpack_require__) { +/***/ 5037: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { -var AWS = __webpack_require__(395); -var AcceptorStateMachine = __webpack_require__(696); -var inherit = AWS.util.inherit; -var domain = AWS.util.domain; -var jmespath = __webpack_require__(802); +var AWS = __nccwpck_require__(8437); +var STS = __nccwpck_require__(7513); /** - * @api private + * Represents credentials retrieved from STS SAML support. + * + * By default this provider gets credentials using the + * {AWS.STS.assumeRoleWithSAML} service operation. This operation + * requires a `RoleArn` containing the ARN of the IAM trust policy for the + * application for which credentials will be given, as well as a `PrincipalArn` + * representing the ARN for the SAML identity provider. In addition, the + * `SAMLAssertion` must be set to the token provided by the identity + * provider. See {constructor} for an example on creating a credentials + * object with proper `RoleArn`, `PrincipalArn`, and `SAMLAssertion` values. + * + * ## Refreshing Credentials from Identity Service + * + * In addition to AWS credentials expiring after a given amount of time, the + * login token from the identity provider will also expire. Once this token + * expires, it will not be usable to refresh AWS credentials, and another + * token will be needed. The SDK does not manage refreshing of the token value, + * but this can be done through a "refresh token" supported by most identity + * providers. Consult the documentation for the identity provider for refreshing + * tokens. Once the refreshed token is acquired, you should make sure to update + * this new token in the credentials object's {params} property. The following + * code will update the SAMLAssertion, assuming you have retrieved an updated + * token from the identity provider: + * + * ```javascript + * AWS.config.credentials.params.SAMLAssertion = updatedToken; + * ``` + * + * Future calls to `credentials.refresh()` will now use the new token. + * + * @!attribute params + * @return [map] the map of params passed to + * {AWS.STS.assumeRoleWithSAML}. To update the token, set the + * `params.SAMLAssertion` property. */ -var hardErrorStates = {success: 1, error: 1, complete: 1}; +AWS.SAMLCredentials = AWS.util.inherit(AWS.Credentials, { + /** + * Creates a new credentials object. + * @param (see AWS.STS.assumeRoleWithSAML) + * @example Creating a new credentials object + * AWS.config.credentials = new AWS.SAMLCredentials({ + * RoleArn: 'arn:aws:iam::1234567890:role/SAMLRole', + * PrincipalArn: 'arn:aws:iam::1234567890:role/SAMLPrincipal', + * SAMLAssertion: 'base64-token', // base64-encoded token from IdP + * }); + * @see AWS.STS.assumeRoleWithSAML + */ + constructor: function SAMLCredentials(params) { + AWS.Credentials.call(this); + this.expired = true; + this.params = params; + }, -function isTerminalState(machine) { - return Object.prototype.hasOwnProperty.call(hardErrorStates, machine._asm.currentState); -} + /** + * Refreshes credentials using {AWS.STS.assumeRoleWithSAML} + * + * @callback callback function(err) + * Called when the STS service responds (or fails). When + * this callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see get + */ + refresh: function refresh(callback) { + this.coalesceRefresh(callback || AWS.util.fn.callback); + }, -var fsm = new AcceptorStateMachine(); -fsm.setupStates = function() { - var transition = function(_, done) { + /** + * @api private + */ + load: function load(callback) { var self = this; - self._haltHandlersOnError = false; - - self.emit(self._asm.currentState, function(err) { - if (err) { - if (isTerminalState(self)) { - if (domain && self.domain instanceof domain.Domain) { - err.domainEmitter = self; - err.domain = self.domain; - err.domainThrown = false; - self.domain.emit('error', err); - } else { - throw err; - } - } else { - self.response.error = err; - done(err); - } - } else { - done(self.response.error); + self.createClients(); + self.service.assumeRoleWithSAML(function (err, data) { + if (!err) { + self.service.credentialsFrom(data, self); } + callback(err); }); + }, - }; + /** + * @api private + */ + createClients: function() { + this.service = this.service || new STS({params: this.params}); + } - this.addState('validate', 'build', 'error', transition); - this.addState('build', 'afterBuild', 'restart', transition); - this.addState('afterBuild', 'sign', 'restart', transition); - this.addState('sign', 'send', 'retry', transition); - this.addState('retry', 'afterRetry', 'afterRetry', transition); - this.addState('afterRetry', 'sign', 'error', transition); - this.addState('send', 'validateResponse', 'retry', transition); - this.addState('validateResponse', 'extractData', 'extractError', transition); - this.addState('extractError', 'extractData', 'retry', transition); - this.addState('extractData', 'success', 'retry', transition); - this.addState('restart', 'build', 'error', transition); - this.addState('success', 'complete', 'complete', transition); - this.addState('error', 'complete', 'complete', transition); - this.addState('complete', null, null, transition); -}; -fsm.setupStates(); +}); + + +/***/ }), + +/***/ 3754: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { + +var AWS = __nccwpck_require__(8437); +var STS = __nccwpck_require__(7513); +var iniLoader = AWS.util.iniLoader; + +var ASSUME_ROLE_DEFAULT_REGION = 'us-east-1'; /** - * ## Asynchronous Requests - * - * All requests made through the SDK are asynchronous and use a - * callback interface. Each service method that kicks off a request - * returns an `AWS.Request` object that you can use to register - * callbacks. - * - * For example, the following service method returns the request - * object as "request", which can be used to register callbacks: - * - * ```javascript - * // request is an AWS.Request object - * var request = ec2.describeInstances(); - * - * // register callbacks on request to retrieve response data - * request.on('success', function(response) { - * console.log(response.data); - * }); - * ``` - * - * When a request is ready to be sent, the {send} method should - * be called: + * Represents credentials loaded from shared credentials file + * (defaulting to ~/.aws/credentials or defined by the + * `AWS_SHARED_CREDENTIALS_FILE` environment variable). * - * ```javascript - * request.send(); - * ``` + * ## Using the shared credentials file * - * Since registered callbacks may or may not be idempotent, requests should only - * be sent once. To perform the same operation multiple times, you will need to - * create multiple request objects, each with its own registered callbacks. + * This provider is checked by default in the Node.js environment. To use the + * credentials file provider, simply add your access and secret keys to the + * ~/.aws/credentials file in the following format: * - * ## Removing Default Listeners for Events + * [default] + * aws_access_key_id = AKID... + * aws_secret_access_key = YOUR_SECRET_KEY * - * Request objects are built with default listeners for the various events, - * depending on the service type. In some cases, you may want to remove - * some built-in listeners to customize behaviour. Doing this requires - * access to the built-in listener functions, which are exposed through - * the {AWS.EventListeners.Core} namespace. For instance, you may - * want to customize the HTTP handler used when sending a request. In this - * case, you can remove the built-in listener associated with the 'send' - * event, the {AWS.EventListeners.Core.SEND} listener and add your own. + * ## Using custom profiles * - * ## Multiple Callbacks and Chaining + * The SDK supports loading credentials for separate profiles. This can be done + * in two ways: * - * You can register multiple callbacks on any request object. The - * callbacks can be registered for different events, or all for the - * same event. In addition, you can chain callback registration, for - * example: + * 1. Set the `AWS_PROFILE` environment variable in your process prior to + * loading the SDK. + * 2. Directly load the AWS.SharedIniFileCredentials provider: * * ```javascript - * request. - * on('success', function(response) { - * console.log("Success!"); - * }). - * on('error', function(error, response) { - * console.log("Error!"); - * }). - * on('complete', function(response) { - * console.log("Always!"); - * }). - * send(); + * var creds = new AWS.SharedIniFileCredentials({profile: 'myprofile'}); + * AWS.config.credentials = creds; * ``` * - * The above example will print either "Success! Always!", or "Error! Always!", - * depending on whether the request succeeded or not. - * - * @!attribute httpRequest - * @readonly - * @!group HTTP Properties - * @return [AWS.HttpRequest] the raw HTTP request object - * containing request headers and body information - * sent by the service. - * - * @!attribute startTime - * @readonly - * @!group Operation Properties - * @return [Date] the time that the request started - * - * @!group Request Building Events - * - * @!event validate(request) - * Triggered when a request is being validated. Listeners - * should throw an error if the request should not be sent. - * @param request [Request] the request object being sent - * @see AWS.EventListeners.Core.VALIDATE_CREDENTIALS - * @see AWS.EventListeners.Core.VALIDATE_REGION - * @example Ensuring that a certain parameter is set before sending a request - * var req = s3.putObject(params); - * req.on('validate', function() { - * if (!req.params.Body.match(/^Hello\s/)) { - * throw new Error('Body must start with "Hello "'); - * } - * }); - * req.send(function(err, data) { ... }); - * - * @!event build(request) - * Triggered when the request payload is being built. Listeners - * should fill the necessary information to send the request - * over HTTP. - * @param (see AWS.Request~validate) - * @example Add a custom HTTP header to a request - * var req = s3.putObject(params); - * req.on('build', function() { - * req.httpRequest.headers['Custom-Header'] = 'value'; - * }); - * req.send(function(err, data) { ... }); - * - * @!event sign(request) - * Triggered when the request is being signed. Listeners should - * add the correct authentication headers and/or adjust the body, - * depending on the authentication mechanism being used. - * @param (see AWS.Request~validate) - * - * @!group Request Sending Events - * - * @!event send(response) - * Triggered when the request is ready to be sent. Listeners - * should call the underlying transport layer to initiate - * the sending of the request. - * @param response [Response] the response object - * @context [Request] the request object that was sent - * @see AWS.EventListeners.Core.SEND - * - * @!event retry(response) - * Triggered when a request failed and might need to be retried or redirected. - * If the response is retryable, the listener should set the - * `response.error.retryable` property to `true`, and optionally set - * `response.error.retryDelay` to the millisecond delay for the next attempt. - * In the case of a redirect, `response.error.redirect` should be set to - * `true` with `retryDelay` set to an optional delay on the next request. - * - * If a listener decides that a request should not be retried, - * it should set both `retryable` and `redirect` to false. - * - * Note that a retryable error will be retried at most - * {AWS.Config.maxRetries} times (based on the service object's config). - * Similarly, a request that is redirected will only redirect at most - * {AWS.Config.maxRedirects} times. - * - * @param (see AWS.Request~send) - * @context (see AWS.Request~send) - * @example Adding a custom retry for a 404 response - * request.on('retry', function(response) { - * // this resource is not yet available, wait 10 seconds to get it again - * if (response.httpResponse.statusCode === 404 && response.error) { - * response.error.retryable = true; // retry this error - * response.error.retryDelay = 10000; // wait 10 seconds - * } - * }); - * - * @!group Data Parsing Events - * - * @!event extractError(response) - * Triggered on all non-2xx requests so that listeners can extract - * error details from the response body. Listeners to this event - * should set the `response.error` property. - * @param (see AWS.Request~send) - * @context (see AWS.Request~send) - * - * @!event extractData(response) - * Triggered in successful requests to allow listeners to - * de-serialize the response body into `response.data`. - * @param (see AWS.Request~send) - * @context (see AWS.Request~send) - * - * @!group Completion Events - * - * @!event success(response) - * Triggered when the request completed successfully. - * `response.data` will contain the response data and - * `response.error` will be null. - * @param (see AWS.Request~send) - * @context (see AWS.Request~send) - * - * @!event error(error, response) - * Triggered when an error occurs at any point during the - * request. `response.error` will contain details about the error - * that occurred. `response.data` will be null. - * @param error [Error] the error object containing details about - * the error that occurred. - * @param (see AWS.Request~send) - * @context (see AWS.Request~send) - * - * @!event complete(response) - * Triggered whenever a request cycle completes. `response.error` - * should be checked, since the request may have failed. - * @param (see AWS.Request~send) - * @context (see AWS.Request~send) - * - * @!group HTTP Events - * - * @!event httpHeaders(statusCode, headers, response, statusMessage) - * Triggered when headers are sent by the remote server - * @param statusCode [Integer] the HTTP response code - * @param headers [map] the response headers - * @param (see AWS.Request~send) - * @param statusMessage [String] A status message corresponding to the HTTP - * response code - * @context (see AWS.Request~send) - * - * @!event httpData(chunk, response) - * Triggered when data is sent by the remote server - * @param chunk [Buffer] the buffer data containing the next data chunk - * from the server - * @param (see AWS.Request~send) - * @context (see AWS.Request~send) - * @see AWS.EventListeners.Core.HTTP_DATA - * - * @!event httpUploadProgress(progress, response) - * Triggered when the HTTP request has uploaded more data - * @param progress [map] An object containing the `loaded` and `total` bytes - * of the request. - * @param (see AWS.Request~send) - * @context (see AWS.Request~send) - * @note This event will not be emitted in Node.js 0.8.x. - * - * @!event httpDownloadProgress(progress, response) - * Triggered when the HTTP request has downloaded more data - * @param progress [map] An object containing the `loaded` and `total` bytes - * of the request. - * @param (see AWS.Request~send) - * @context (see AWS.Request~send) - * @note This event will not be emitted in Node.js 0.8.x. - * - * @!event httpError(error, response) - * Triggered when the HTTP request failed - * @param error [Error] the error object that was thrown - * @param (see AWS.Request~send) - * @context (see AWS.Request~send) - * - * @!event httpDone(response) - * Triggered when the server is finished sending data - * @param (see AWS.Request~send) - * @context (see AWS.Request~send) - * - * @see AWS.Response + * @!macro nobrowser */ -AWS.Request = inherit({ - +AWS.SharedIniFileCredentials = AWS.util.inherit(AWS.Credentials, { /** - * Creates a request for an operation on a given service with - * a set of input parameters. + * Creates a new SharedIniFileCredentials object. * - * @param service [AWS.Service] the service to perform the operation on - * @param operation [String] the operation to perform on the service - * @param params [Object] parameters to send to the operation. - * See the operation's documentation for the format of the - * parameters. + * @param options [map] a set of options + * @option options profile [String] (AWS_PROFILE env var or 'default') + * the name of the profile to load. + * @option options filename [String] ('~/.aws/credentials' or defined by + * AWS_SHARED_CREDENTIALS_FILE process env var) + * the filename to use when loading credentials. + * @option options disableAssumeRole [Boolean] (false) True to disable + * support for profiles that assume an IAM role. If true, and an assume + * role profile is selected, an error is raised. + * @option options preferStaticCredentials [Boolean] (false) True to + * prefer static credentials to role_arn if both are present. + * @option options tokenCodeFn [Function] (null) Function to provide + * STS Assume Role TokenCode, if mfa_serial is provided for profile in ini + * file. Function is called with value of mfa_serial and callback, and + * should provide the TokenCode or an error to the callback in the format + * callback(err, token) + * @option options callback [Function] (err) Credentials are eagerly loaded + * by the constructor. When the callback is called with no error, the + * credentials have been loaded successfully. + * @option options httpOptions [map] A set of options to pass to the low-level + * HTTP request. Currently supported options are: + * * **proxy** [String] — the URL to proxy requests through + * * **agent** [http.Agent, https.Agent] — the Agent object to perform + * HTTP requests with. Used for connection pooling. Defaults to the global + * agent (`http.globalAgent`) for non-SSL connections. Note that for + * SSL connections, a special Agent object is used in order to enable + * peer certificate verification. This feature is only available in the + * Node.js environment. + * * **connectTimeout** [Integer] — Sets the socket to timeout after + * failing to establish a connection with the server after + * `connectTimeout` milliseconds. This timeout has no effect once a socket + * connection has been established. + * * **timeout** [Integer] — The number of milliseconds a request can + * take before automatically being terminated. + * Defaults to two minutes (120000). */ - constructor: function Request(service, operation, params) { - var endpoint = service.endpoint; - var region = service.config.region; - var customUserAgent = service.config.customUserAgent; - - if (service.isGlobalEndpoint) { - if (service.signingRegion) { - region = service.signingRegion; - } else { - region = 'us-east-1'; - } - } - - this.domain = domain && domain.active; - this.service = service; - this.operation = operation; - this.params = params || {}; - this.httpRequest = new AWS.HttpRequest(endpoint, region); - this.httpRequest.appendToUserAgent(customUserAgent); - this.startTime = service.getSkewCorrectedDate(); + constructor: function SharedIniFileCredentials(options) { + AWS.Credentials.call(this); - this.response = new AWS.Response(this); - this._asm = new AcceptorStateMachine(fsm.states, 'validate'); - this._haltHandlersOnError = false; + options = options || {}; - AWS.SequentialExecutor.call(this); - this.emit = this.emitEvent; + this.filename = options.filename; + this.profile = options.profile || process.env.AWS_PROFILE || AWS.util.defaultProfile; + this.disableAssumeRole = Boolean(options.disableAssumeRole); + this.preferStaticCredentials = Boolean(options.preferStaticCredentials); + this.tokenCodeFn = options.tokenCodeFn || null; + this.httpOptions = options.httpOptions || null; + this.get(options.callback || AWS.util.fn.noop); }, /** - * @!group Sending a Request + * @api private */ + load: function load(callback) { + var self = this; + try { + var profiles = AWS.util.getProfilesFromSharedConfig(iniLoader, this.filename); + var profile = profiles[this.profile] || {}; - /** - * @overload send(callback = null) - * Sends the request object. - * - * @callback callback function(err, data) - * If a callback is supplied, it is called when a response is returned - * from the service. - * @context [AWS.Request] the request object being sent. - * @param err [Error] the error object returned from the request. - * Set to `null` if the request is successful. - * @param data [Object] the de-serialized data returned from - * the request. Set to `null` if a request error occurs. - * @example Sending a request with a callback - * request = s3.putObject({Bucket: 'bucket', Key: 'key'}); - * request.send(function(err, data) { console.log(err, data); }); - * @example Sending a request with no callback (using event handlers) - * request = s3.putObject({Bucket: 'bucket', Key: 'key'}); - * request.on('complete', function(response) { ... }); // register a callback - * request.send(); - */ - send: function send(callback) { - if (callback) { - // append to user agent - this.httpRequest.appendToUserAgent('callback'); - this.on('complete', function (resp) { - callback.call(resp, resp.error, resp.data); - }); - } - this.runTo(); + if (Object.keys(profile).length === 0) { + throw AWS.util.error( + new Error('Profile ' + this.profile + ' not found'), + { code: 'SharedIniFileCredentialsProviderFailure' } + ); + } - return this.response; - }, + /* + In the CLI, the presence of both a role_arn and static credentials have + different meanings depending on how many profiles have been visited. For + the first profile processed, role_arn takes precedence over any static + credentials, but for all subsequent profiles, static credentials are + used if present, and only in their absence will the profile's + source_profile and role_arn keys be used to load another set of + credentials. This var is intended to yield compatible behaviour in this + sdk. + */ + var preferStaticCredentialsToRoleArn = Boolean( + this.preferStaticCredentials + && profile['aws_access_key_id'] + && profile['aws_secret_access_key'] + ); - /** - * @!method promise() - * Sends the request and returns a 'thenable' promise. - * - * Two callbacks can be provided to the `then` method on the returned promise. - * The first callback will be called if the promise is fulfilled, and the second - * callback will be called if the promise is rejected. - * @callback fulfilledCallback function(data) - * Called if the promise is fulfilled. - * @param data [Object] the de-serialized data returned from the request. - * @callback rejectedCallback function(error) - * Called if the promise is rejected. - * @param error [Error] the error object returned from the request. - * @return [Promise] A promise that represents the state of the request. - * @example Sending a request using promises. - * var request = s3.putObject({Bucket: 'bucket', Key: 'key'}); - * var result = request.promise(); - * result.then(function(data) { ... }, function(error) { ... }); - */ + if (profile['role_arn'] && !preferStaticCredentialsToRoleArn) { + this.loadRoleProfile(profiles, profile, function(err, data) { + if (err) { + callback(err); + } else { + self.expired = false; + self.accessKeyId = data.Credentials.AccessKeyId; + self.secretAccessKey = data.Credentials.SecretAccessKey; + self.sessionToken = data.Credentials.SessionToken; + self.expireTime = data.Credentials.Expiration; + callback(null); + } + }); + return; + } - /** - * @api private - */ - build: function build(callback) { - return this.runTo('send', callback); + this.accessKeyId = profile['aws_access_key_id']; + this.secretAccessKey = profile['aws_secret_access_key']; + this.sessionToken = profile['aws_session_token']; + + if (!this.accessKeyId || !this.secretAccessKey) { + throw AWS.util.error( + new Error('Credentials not set for profile ' + this.profile), + { code: 'SharedIniFileCredentialsProviderFailure' } + ); + } + this.expired = false; + callback(null); + } catch (err) { + callback(err); + } }, /** - * @api private + * Loads the credentials from the shared credentials file + * + * @callback callback function(err) + * Called after the shared INI file on disk is read and parsed. When this + * callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see get */ - runTo: function runTo(state, done) { - this._asm.runTo(state, done, this); - return this; + refresh: function refresh(callback) { + iniLoader.clearCachedFiles(); + this.coalesceRefresh( + callback || AWS.util.fn.callback, + this.disableAssumeRole + ); }, /** - * Aborts a request, emitting the error and complete events. - * - * @!macro nobrowser - * @example Aborting a request after sending - * var params = { - * Bucket: 'bucket', Key: 'key', - * Body: Buffer.alloc(1024 * 1024 * 5) // 5MB payload - * }; - * var request = s3.putObject(params); - * request.send(function (err, data) { - * if (err) console.log("Error:", err.code, err.message); - * else console.log(data); - * }); - * - * // abort request in 1 second - * setTimeout(request.abort.bind(request), 1000); - * - * // prints "Error: RequestAbortedError Request aborted by user" - * @return [AWS.Request] the same request object, for chaining. - * @since v1.4.0 + * @api private */ - abort: function abort() { - this.removeAllListeners('validateResponse'); - this.removeAllListeners('extractError'); - this.on('validateResponse', function addAbortedError(resp) { - resp.error = AWS.util.error(new Error('Request aborted by user'), { - code: 'RequestAbortedError', retryable: false - }); - }); - - if (this.httpRequest.stream && !this.httpRequest.stream.didCallback) { // abort HTTP stream - this.httpRequest.stream.abort(); - if (this.httpRequest._abortCallback) { - this.httpRequest._abortCallback(); - } else { - this.removeAllListeners('send'); // haven't sent yet, so let's not - } + loadRoleProfile: function loadRoleProfile(creds, roleProfile, callback) { + if (this.disableAssumeRole) { + throw AWS.util.error( + new Error('Role assumption profiles are disabled. ' + + 'Failed to load profile ' + this.profile + + ' from ' + creds.filename), + { code: 'SharedIniFileCredentialsProviderFailure' } + ); } - return this; - }, + var self = this; + var roleArn = roleProfile['role_arn']; + var roleSessionName = roleProfile['role_session_name']; + var externalId = roleProfile['external_id']; + var mfaSerial = roleProfile['mfa_serial']; + var sourceProfileName = roleProfile['source_profile']; - /** - * Iterates over each page of results given a pageable request, calling - * the provided callback with each page of data. After all pages have been - * retrieved, the callback is called with `null` data. - * - * @note This operation can generate multiple requests to a service. - * @example Iterating over multiple pages of objects in an S3 bucket - * var pages = 1; - * s3.listObjects().eachPage(function(err, data) { - * if (err) return; - * console.log("Page", pages++); - * console.log(data); - * }); - * @example Iterating over multiple pages with an asynchronous callback - * s3.listObjects(params).eachPage(function(err, data, done) { - * doSomethingAsyncAndOrExpensive(function() { - * // The next page of results isn't fetched until done is called - * done(); - * }); - * }); - * @callback callback function(err, data, [doneCallback]) - * Called with each page of resulting data from the request. If the - * optional `doneCallback` is provided in the function, it must be called - * when the callback is complete. - * - * @param err [Error] an error object, if an error occurred. - * @param data [Object] a single page of response data. If there is no - * more data, this object will be `null`. - * @param doneCallback [Function] an optional done callback. If this - * argument is defined in the function declaration, it should be called - * when the next page is ready to be retrieved. This is useful for - * controlling serial pagination across asynchronous operations. - * @return [Boolean] if the callback returns `false`, pagination will - * stop. - * - * @see AWS.Request.eachItem - * @see AWS.Response.nextPage - * @since v1.4.0 - */ - eachPage: function eachPage(callback) { - // Make all callbacks async-ish - callback = AWS.util.fn.makeAsync(callback, 3); + // From experimentation, the following behavior mimics the AWS CLI: + // + // 1. Use region from the profile if present. + // 2. Otherwise fall back to N. Virginia (global endpoint). + // + // It is necessary to do the fallback explicitly, because if + // 'AWS_STS_REGIONAL_ENDPOINTS=regional', the underlying STS client will + // otherwise throw an error if region is left 'undefined'. + // + // Experimentation shows that the AWS CLI (tested at version 1.18.136) + // ignores the following potential sources of a region for the purposes of + // this AssumeRole call: + // + // - The [default] profile + // - The AWS_REGION environment variable + // + // Ignoring the [default] profile for the purposes of AssumeRole is arguably + // a bug in the CLI since it does use the [default] region for service + // calls... but right now we're matching behavior of the other tool. + var profileRegion = roleProfile['region'] || ASSUME_ROLE_DEFAULT_REGION; - function wrappedCallback(response) { - callback.call(response, response.error, response.data, function (result) { - if (result === false) return; + if (!sourceProfileName) { + throw AWS.util.error( + new Error('source_profile is not set using profile ' + this.profile), + { code: 'SharedIniFileCredentialsProviderFailure' } + ); + } - if (response.hasNextPage()) { - response.nextPage().on('complete', wrappedCallback).send(); - } else { - callback.call(response, null, null, AWS.util.fn.noop); - } - }); + var sourceProfileExistanceTest = creds[sourceProfileName]; + + if (typeof sourceProfileExistanceTest !== 'object') { + throw AWS.util.error( + new Error('source_profile ' + sourceProfileName + ' using profile ' + + this.profile + ' does not exist'), + { code: 'SharedIniFileCredentialsProviderFailure' } + ); } - this.on('complete', wrappedCallback).send(); - }, + var sourceCredentials = new AWS.SharedIniFileCredentials( + AWS.util.merge(this.options || {}, { + profile: sourceProfileName, + preferStaticCredentials: true + }) + ); - /** - * Enumerates over individual items of a request, paging the responses if - * necessary. - * - * @api experimental - * @since v1.4.0 - */ - eachItem: function eachItem(callback) { - var self = this; - function wrappedCallback(err, data) { - if (err) return callback(err, null); - if (data === null) return callback(null, null); + this.roleArn = roleArn; + var sts = new STS({ + credentials: sourceCredentials, + region: profileRegion, + httpOptions: this.httpOptions + }); - var config = self.service.paginationConfig(self.operation); - var resultKey = config.resultKey; - if (Array.isArray(resultKey)) resultKey = resultKey[0]; - var items = jmespath.search(data, resultKey); - var continueIteration = true; - AWS.util.arrayEach(items, function(item) { - continueIteration = callback(null, item); - if (continueIteration === false) { - return AWS.util.abort; - } - }); - return continueIteration; + var roleParams = { + RoleArn: roleArn, + RoleSessionName: roleSessionName || 'aws-sdk-js-' + Date.now() + }; + + if (externalId) { + roleParams.ExternalId = externalId; } - this.eachPage(wrappedCallback); - }, + if (mfaSerial && self.tokenCodeFn) { + roleParams.SerialNumber = mfaSerial; + self.tokenCodeFn(mfaSerial, function(err, token) { + if (err) { + var message; + if (err instanceof Error) { + message = err.message; + } else { + message = err; + } + callback( + AWS.util.error( + new Error('Error fetching MFA token: ' + message), + { code: 'SharedIniFileCredentialsProviderFailure' } + )); + return; + } - /** - * @return [Boolean] whether the operation can return multiple pages of - * response data. - * @see AWS.Response.eachPage - * @since v1.4.0 - */ - isPageable: function isPageable() { - return this.service.paginationConfig(this.operation) ? true : false; - }, + roleParams.TokenCode = token; + sts.assumeRole(roleParams, callback); + }); + return; + } + sts.assumeRole(roleParams, callback); + } +}); + + +/***/ }), + +/***/ 8335: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { + +var AWS = __nccwpck_require__(8437); +var path = __nccwpck_require__(1017); +var crypto = __nccwpck_require__(6113); +var iniLoader = AWS.util.iniLoader; +/** + * Represents credentials from sso.getRoleCredentials API for + * `sso_*` values defined in shared credentials file. + * + * ## Using SSO credentials + * + * The credentials file must specify the information below to use sso: + * + * [default] + * sso_account_id = 012345678901 + * sso_region = us-east-1 + * sso_role_name = SampleRole + * sso_start_url = https://d-abc123.awsapps.com/start + * + * This information will be automatically added to your shared credentials file by running + * `aws configure sso`. + * + * ## Using custom profiles + * + * The SDK supports loading credentials for separate profiles. This can be done + * in two ways: + * + * 1. Set the `AWS_PROFILE` environment variable in your process prior to + * loading the SDK. + * 2. Directly load the AWS.SsoCredentials provider: + * + * ```javascript + * var creds = new AWS.SsoCredentials({profile: 'myprofile'}); + * AWS.config.credentials = creds; + * ``` + * + * @!macro nobrowser + */ +AWS.SsoCredentials = AWS.util.inherit(AWS.Credentials, { /** - * Sends the request and converts the request object into a readable stream - * that can be read from or piped into a writable stream. + * Creates a new SsoCredentials object. * - * @note The data read from a readable stream contains only - * the raw HTTP body contents. - * @example Manually reading from a stream - * request.createReadStream().on('data', function(data) { - * console.log("Got data:", data.toString()); - * }); - * @example Piping a request body into a file - * var out = fs.createWriteStream('/path/to/outfile.jpg'); - * s3.service.getObject(params).createReadStream().pipe(out); - * @return [Stream] the readable stream object that can be piped - * or read from (by registering 'data' event listeners). - * @!macro nobrowser + * @param options [map] a set of options + * @option options profile [String] (AWS_PROFILE env var or 'default') + * the name of the profile to load. + * @option options filename [String] ('~/.aws/credentials' or defined by + * AWS_SHARED_CREDENTIALS_FILE process env var) + * the filename to use when loading credentials. + * @option options callback [Function] (err) Credentials are eagerly loaded + * by the constructor. When the callback is called with no error, the + * credentials have been loaded successfully. */ - createReadStream: function createReadStream() { - var streams = AWS.util.stream; - var req = this; - var stream = null; - - if (AWS.HttpClient.streamsApiVersion === 2) { - stream = new streams.PassThrough(); - process.nextTick(function() { req.send(); }); - } else { - stream = new streams.Stream(); - stream.readable = true; + constructor: function SsoCredentials(options) { + AWS.Credentials.call(this); - stream.sent = false; - stream.on('newListener', function(event) { - if (!stream.sent && event === 'data') { - stream.sent = true; - process.nextTick(function() { req.send(); }); - } - }); - } + options = options || {}; + this.errorCode = 'SsoCredentialsProviderFailure'; + this.expired = true; - this.on('error', function(err) { - stream.emit('error', err); - }); + this.filename = options.filename; + this.profile = options.profile || process.env.AWS_PROFILE || AWS.util.defaultProfile; + this.service = options.ssoClient; + this.httpOptions = options.httpOptions || null; + this.get(options.callback || AWS.util.fn.noop); + }, - this.on('httpHeaders', function streamHeaders(statusCode, headers, resp) { - if (statusCode < 300) { - req.removeListener('httpData', AWS.EventListeners.Core.HTTP_DATA); - req.removeListener('httpError', AWS.EventListeners.Core.HTTP_ERROR); - req.on('httpError', function streamHttpError(error) { - resp.error = error; - resp.error.retryable = false; - }); + /** + * @api private + */ + load: function load(callback) { + /** + * The time window (15 mins) that SDK will treat the SSO token expires in before the defined expiration date in token. + * This is needed because server side may have invalidated the token before the defined expiration date. + * + * @internal + */ + var EXPIRE_WINDOW_MS = 15 * 60 * 1000; + var self = this; + try { + var profiles = AWS.util.getProfilesFromSharedConfig(iniLoader, this.filename); + var profile = profiles[this.profile] || {}; - var shouldCheckContentLength = false; - var expectedLen; - if (req.httpRequest.method !== 'HEAD') { - expectedLen = parseInt(headers['content-length'], 10); - } - if (expectedLen !== undefined && !isNaN(expectedLen) && expectedLen >= 0) { - shouldCheckContentLength = true; - var receivedLen = 0; - } + if (Object.keys(profile).length === 0) { + throw AWS.util.error( + new Error('Profile ' + this.profile + ' not found'), + { code: self.errorCode } + ); + } - var checkContentLengthAndEmit = function checkContentLengthAndEmit() { - if (shouldCheckContentLength && receivedLen !== expectedLen) { - stream.emit('error', AWS.util.error( - new Error('Stream content length mismatch. Received ' + - receivedLen + ' of ' + expectedLen + ' bytes.'), - { code: 'StreamContentLengthMismatch' } - )); - } else if (AWS.HttpClient.streamsApiVersion === 2) { - stream.end(); - } else { - stream.emit('end'); - } - }; + if (!profile.sso_start_url || !profile.sso_account_id || !profile.sso_region || !profile.sso_role_name) { + throw AWS.util.error( + new Error('Profile ' + this.profile + ' does not have valid SSO credentials. Required parameters "sso_account_id", "sso_region", ' + + '"sso_role_name", "sso_start_url". Reference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html'), + { code: self.errorCode } + ); + } - var httpStream = resp.httpResponse.createUnbufferedStream(); + var hasher = crypto.createHash('sha1'); + var fileName = hasher.update(profile.sso_start_url).digest('hex') + '.json'; - if (AWS.HttpClient.streamsApiVersion === 2) { - if (shouldCheckContentLength) { - var lengthAccumulator = new streams.PassThrough(); - lengthAccumulator._write = function(chunk) { - if (chunk && chunk.length) { - receivedLen += chunk.length; - } - return streams.PassThrough.prototype._write.apply(this, arguments); - }; + var cachePath = path.join( + iniLoader.getHomeDir(), + '.aws', + 'sso', + 'cache', + fileName + ); + var cacheFile = AWS.util.readFileSync(cachePath); + var cacheContent = null; + if (cacheFile) { + cacheContent = JSON.parse(cacheFile); + } - lengthAccumulator.on('end', checkContentLengthAndEmit); - stream.on('error', function(err) { - shouldCheckContentLength = false; - httpStream.unpipe(lengthAccumulator); - lengthAccumulator.emit('end'); - lengthAccumulator.end(); - }); - httpStream.pipe(lengthAccumulator).pipe(stream, { end: false }); - } else { - httpStream.pipe(stream); - } - } else { + if (!cacheContent) { + throw AWS.util.error( + new Error('Cached credentials not found under ' + this.profile + ' profile. Please make sure you log in with aws sso login first'), + { code: self.errorCode } + ); + } - if (shouldCheckContentLength) { - httpStream.on('data', function(arg) { - if (arg && arg.length) { - receivedLen += arg.length; - } - }); - } + if (!cacheContent.startUrl || !cacheContent.region || !cacheContent.accessToken || !cacheContent.expiresAt) { + throw AWS.util.error( + new Error('Cached credentials are missing required properties. Try running aws sso login.') + ); + } - httpStream.on('data', function(arg) { - stream.emit('data', arg); - }); - httpStream.on('end', checkContentLengthAndEmit); - } + if (new Date(cacheContent.expiresAt).getTime() - Date.now() <= EXPIRE_WINDOW_MS) { + throw AWS.util.error(new Error( + 'The SSO session associated with this profile has expired. To refresh this SSO session run aws sso login with the corresponding profile.' + )); + } - httpStream.on('error', function(err) { - shouldCheckContentLength = false; - stream.emit('error', err); + if (!self.service || self.service.config.region !== profile.sso_region) { + self.service = new AWS.SSO({ + region: profile.sso_region, + httpOptions: this.httpOptions, }); } - }); - - return stream; + var request = { + accessToken: cacheContent.accessToken, + accountId: profile.sso_account_id, + roleName: profile.sso_role_name, + }; + self.service.getRoleCredentials(request, function(err, data) { + if (err || !data || !data.roleCredentials) { + callback(AWS.util.error( + err || new Error('Please log in using "aws sso login"'), + { code: self.errorCode } + ), null); + } else if (!data.roleCredentials.accessKeyId || !data.roleCredentials.secretAccessKey || !data.roleCredentials.sessionToken || !data.roleCredentials.expiration) { + throw AWS.util.error(new Error( + 'SSO returns an invalid temporary credential.' + )); + } else { + self.expired = false; + self.accessKeyId = data.roleCredentials.accessKeyId; + self.secretAccessKey = data.roleCredentials.secretAccessKey; + self.sessionToken = data.roleCredentials.sessionToken; + self.expireTime = new Date(data.roleCredentials.expiration); + callback(null); + } + }); + } catch (err) { + callback(err); + } }, /** - * @param [Array,Response] args This should be the response object, - * or an array of args to send to the event. - * @api private + * Loads the credentials from the AWS SSO process + * + * @callback callback function(err) + * Called after the AWS SSO process has been executed. When this + * callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see get */ - emitEvent: function emit(eventName, args, done) { - if (typeof args === 'function') { done = args; args = null; } - if (!done) done = function() { }; - if (!args) args = this.eventParameters(eventName, this.response); - - var origEmit = AWS.SequentialExecutor.prototype.emit; - origEmit.call(this, eventName, args, function (err) { - if (err) this.response.error = err; - done.call(this, err); - }); + refresh: function refresh(callback) { + iniLoader.clearCachedFiles(); + this.coalesceRefresh(callback || AWS.util.fn.callback); }, +}); - /** - * @api private - */ - eventParameters: function eventParameters(eventName) { - switch (eventName) { - case 'restart': - case 'validate': - case 'sign': - case 'build': - case 'afterValidate': - case 'afterBuild': - return [this]; - case 'error': - return [this.response.error, this.response]; - default: - return [this.response]; - } - }, - /** - * @api private - */ - presign: function presign(expires, callback) { - if (!callback && typeof expires === 'function') { - callback = expires; - expires = null; - } - return new AWS.Signers.Presign().sign(this.toGet(), expires, callback); - }, +/***/ }), +/***/ 7360: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { + +var AWS = __nccwpck_require__(8437); +var STS = __nccwpck_require__(7513); + +/** + * Represents temporary credentials retrieved from {AWS.STS}. Without any + * extra parameters, credentials will be fetched from the + * {AWS.STS.getSessionToken} operation. If an IAM role is provided, the + * {AWS.STS.assumeRole} operation will be used to fetch credentials for the + * role instead. + * + * @note AWS.TemporaryCredentials is deprecated, but remains available for + * backwards compatibility. {AWS.ChainableTemporaryCredentials} is the + * preferred class for temporary credentials. + * + * To setup temporary credentials, configure a set of master credentials + * using the standard credentials providers (environment, EC2 instance metadata, + * or from the filesystem), then set the global credentials to a new + * temporary credentials object: + * + * ```javascript + * // Note that environment credentials are loaded by default, + * // the following line is shown for clarity: + * AWS.config.credentials = new AWS.EnvironmentCredentials('AWS'); + * + * // Now set temporary credentials seeded from the master credentials + * AWS.config.credentials = new AWS.TemporaryCredentials(); + * + * // subsequent requests will now use temporary credentials from AWS STS. + * new AWS.S3().listBucket(function(err, data) { ... }); + * ``` + * + * @!attribute masterCredentials + * @return [AWS.Credentials] the master (non-temporary) credentials used to + * get and refresh temporary credentials from AWS STS. + * @note (see constructor) + */ +AWS.TemporaryCredentials = AWS.util.inherit(AWS.Credentials, { /** - * @api private + * Creates a new temporary credentials object. + * + * @note In order to create temporary credentials, you first need to have + * "master" credentials configured in {AWS.Config.credentials}. These + * master credentials are necessary to retrieve the temporary credentials, + * as well as refresh the credentials when they expire. + * @param params [map] a map of options that are passed to the + * {AWS.STS.assumeRole} or {AWS.STS.getSessionToken} operations. + * If a `RoleArn` parameter is passed in, credentials will be based on the + * IAM role. + * @param masterCredentials [AWS.Credentials] the master (non-temporary) credentials + * used to get and refresh temporary credentials from AWS STS. + * @example Creating a new credentials object for generic temporary credentials + * AWS.config.credentials = new AWS.TemporaryCredentials(); + * @example Creating a new credentials object for an IAM role + * AWS.config.credentials = new AWS.TemporaryCredentials({ + * RoleArn: 'arn:aws:iam::1234567890:role/TemporaryCredentials', + * }); + * @see AWS.STS.assumeRole + * @see AWS.STS.getSessionToken */ - isPresigned: function isPresigned() { - return Object.prototype.hasOwnProperty.call(this.httpRequest.headers, 'presigned-expires'); + constructor: function TemporaryCredentials(params, masterCredentials) { + AWS.Credentials.call(this); + this.loadMasterCredentials(masterCredentials); + this.expired = true; + + this.params = params || {}; + if (this.params.RoleArn) { + this.params.RoleSessionName = + this.params.RoleSessionName || 'temporary-credentials'; + } }, /** - * @api private + * Refreshes credentials using {AWS.STS.assumeRole} or + * {AWS.STS.getSessionToken}, depending on whether an IAM role ARN was passed + * to the credentials {constructor}. + * + * @callback callback function(err) + * Called when the STS service responds (or fails). When + * this callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see get */ - toUnauthenticated: function toUnauthenticated() { - this._unAuthenticated = true; - this.removeListener('validate', AWS.EventListeners.Core.VALIDATE_CREDENTIALS); - this.removeListener('sign', AWS.EventListeners.Core.SIGN); - return this; + refresh: function refresh (callback) { + this.coalesceRefresh(callback || AWS.util.fn.callback); }, /** * @api private */ - toGet: function toGet() { - if (this.service.api.protocol === 'query' || - this.service.api.protocol === 'ec2') { - this.removeListener('build', this.buildAsGet); - this.addListener('build', this.buildAsGet); - } - return this; + load: function load (callback) { + var self = this; + self.createClients(); + self.masterCredentials.get(function () { + self.service.config.credentials = self.masterCredentials; + var operation = self.params.RoleArn ? + self.service.assumeRole : self.service.getSessionToken; + operation.call(self.service, function (err, data) { + if (!err) { + self.service.credentialsFrom(data, self); + } + callback(err); + }); + }); }, /** * @api private */ - buildAsGet: function buildAsGet(request) { - request.httpRequest.method = 'GET'; - request.httpRequest.path = request.service.endpoint.path + - '?' + request.httpRequest.body; - request.httpRequest.body = ''; + loadMasterCredentials: function loadMasterCredentials (masterCredentials) { + this.masterCredentials = masterCredentials || AWS.config.credentials; + while (this.masterCredentials.masterCredentials) { + this.masterCredentials = this.masterCredentials.masterCredentials; + } - // don't need these headers on a GET request - delete request.httpRequest.headers['Content-Length']; - delete request.httpRequest.headers['Content-Type']; + if (typeof this.masterCredentials.get !== 'function') { + this.masterCredentials = new AWS.Credentials(this.masterCredentials); + } }, /** * @api private */ - haltHandlersOnError: function haltHandlersOnError() { - this._haltHandlersOnError = true; + createClients: function () { + this.service = this.service || new STS({params: this.params}); } -}); - -/** - * @api private - */ -AWS.Request.addPromisesToClass = function addPromisesToClass(PromiseDependency) { - this.prototype.promise = function promise() { - var self = this; - // append to user agent - this.httpRequest.appendToUserAgent('promise'); - return new PromiseDependency(function(resolve, reject) { - self.on('complete', function(resp) { - if (resp.error) { - reject(resp.error); - } else { - // define $response property so that it is not enumberable - // this prevents circular reference errors when stringifying the JSON object - resolve(Object.defineProperty( - resp.data || {}, - '$response', - {value: resp} - )); - } - }); - self.runTo(); - }); - }; -}; - -/** - * @api private - */ -AWS.Request.deletePromisesFromClass = function deletePromisesFromClass() { - delete this.prototype.promise; -}; - -AWS.util.addPromises(AWS.Request); -AWS.util.mixin(AWS.Request, AWS.SequentialExecutor); +}); /***/ }), -/***/ 458: -/***/ (function(module, __unusedexports, __webpack_require__) { - -// Generated by CoffeeScript 1.12.7 -(function() { - var XMLCData, XMLComment, XMLDTDAttList, XMLDTDElement, XMLDTDEntity, XMLDTDNotation, XMLDeclaration, XMLDocType, XMLElement, XMLProcessingInstruction, XMLRaw, XMLStreamWriter, XMLText, XMLWriterBase, - extend = function(child, parent) { for (var key in parent) { if (hasProp.call(parent, key)) child[key] = parent[key]; } function ctor() { this.constructor = child; } ctor.prototype = parent.prototype; child.prototype = new ctor(); child.__super__ = parent.prototype; return child; }, - hasProp = {}.hasOwnProperty; - - XMLDeclaration = __webpack_require__(738); - - XMLDocType = __webpack_require__(735); - - XMLCData = __webpack_require__(35); +/***/ 4420: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { - XMLComment = __webpack_require__(919); - - XMLElement = __webpack_require__(796); - - XMLRaw = __webpack_require__(660); +var AWS = __nccwpck_require__(8437); +var fs = __nccwpck_require__(7147); +var STS = __nccwpck_require__(7513); +var iniLoader = AWS.util.iniLoader; - XMLText = __webpack_require__(708); +/** + * Represents OIDC credentials from a file on disk + * If the credentials expire, the SDK can {refresh} the credentials + * from the file. + * + * ## Using the web identity token file + * + * This provider is checked by default in the Node.js environment. To use + * the provider simply add your OIDC token to a file (ASCII encoding) and + * share the filename in either AWS_WEB_IDENTITY_TOKEN_FILE environment + * variable or web_identity_token_file shared config variable + * + * The file contains encoded OIDC token and the characters are + * ASCII encoded. OIDC tokens are JSON Web Tokens (JWT). + * JWT's are 3 base64 encoded strings joined by the '.' character. + * + * This class will read filename from AWS_WEB_IDENTITY_TOKEN_FILE + * environment variable or web_identity_token_file shared config variable, + * and get the OIDC token from filename. + * It will also read IAM role to be assumed from AWS_ROLE_ARN + * environment variable or role_arn shared config variable. + * This provider gets credetials using the {AWS.STS.assumeRoleWithWebIdentity} + * service operation + * + * @!macro nobrowser + */ +AWS.TokenFileWebIdentityCredentials = AWS.util.inherit(AWS.Credentials, { - XMLProcessingInstruction = __webpack_require__(491); + /** + * @example Creating a new credentials object + * AWS.config.credentials = new AWS.TokenFileWebIdentityCredentials( + * // optionally provide configuration to apply to the underlying AWS.STS service client + * // if configuration is not provided, then configuration will be pulled from AWS.config + * { + * // specify timeout options + * httpOptions: { + * timeout: 100 + * } + * }); + * @see AWS.Config + */ + constructor: function TokenFileWebIdentityCredentials(clientConfig) { + AWS.Credentials.call(this); + this.data = null; + this.clientConfig = AWS.util.copy(clientConfig || {}); + }, - XMLDTDAttList = __webpack_require__(801); + /** + * Returns params from environment variables + * + * @api private + */ + getParamsFromEnv: function getParamsFromEnv() { + var ENV_TOKEN_FILE = 'AWS_WEB_IDENTITY_TOKEN_FILE', + ENV_ROLE_ARN = 'AWS_ROLE_ARN'; + if (process.env[ENV_TOKEN_FILE] && process.env[ENV_ROLE_ARN]) { + return [{ + envTokenFile: process.env[ENV_TOKEN_FILE], + roleArn: process.env[ENV_ROLE_ARN], + roleSessionName: process.env['AWS_ROLE_SESSION_NAME'] + }]; + } + }, - XMLDTDElement = __webpack_require__(463); + /** + * Returns params from shared config variables + * + * @api private + */ + getParamsFromSharedConfig: function getParamsFromSharedConfig() { + var profiles = AWS.util.getProfilesFromSharedConfig(iniLoader); + var profileName = process.env.AWS_PROFILE || AWS.util.defaultProfile; + var profile = profiles[profileName] || {}; - XMLDTDEntity = __webpack_require__(755); + if (Object.keys(profile).length === 0) { + throw AWS.util.error( + new Error('Profile ' + profileName + ' not found'), + { code: 'TokenFileWebIdentityCredentialsProviderFailure' } + ); + } - XMLDTDNotation = __webpack_require__(19); + var paramsArray = []; - XMLWriterBase = __webpack_require__(423); - - module.exports = XMLStreamWriter = (function(superClass) { - extend(XMLStreamWriter, superClass); - - function XMLStreamWriter(stream, options) { - XMLStreamWriter.__super__.constructor.call(this, options); - this.stream = stream; + while (!profile['web_identity_token_file'] && profile['source_profile']) { + paramsArray.unshift({ + roleArn: profile['role_arn'], + roleSessionName: profile['role_session_name'] + }); + var sourceProfile = profile['source_profile']; + profile = profiles[sourceProfile]; } - XMLStreamWriter.prototype.document = function(doc) { - var child, i, j, len, len1, ref, ref1, results; - ref = doc.children; - for (i = 0, len = ref.length; i < len; i++) { - child = ref[i]; - child.isLastRootNode = false; - } - doc.children[doc.children.length - 1].isLastRootNode = true; - ref1 = doc.children; - results = []; - for (j = 0, len1 = ref1.length; j < len1; j++) { - child = ref1[j]; - switch (false) { - case !(child instanceof XMLDeclaration): - results.push(this.declaration(child)); - break; - case !(child instanceof XMLDocType): - results.push(this.docType(child)); - break; - case !(child instanceof XMLComment): - results.push(this.comment(child)); - break; - case !(child instanceof XMLProcessingInstruction): - results.push(this.processingInstruction(child)); - break; - default: - results.push(this.element(child)); - } - } - return results; - }; - - XMLStreamWriter.prototype.attribute = function(att) { - return this.stream.write(' ' + att.name + '="' + att.value + '"'); - }; - - XMLStreamWriter.prototype.cdata = function(node, level) { - return this.stream.write(this.space(level) + '' + this.endline(node)); - }; + paramsArray.unshift({ + envTokenFile: profile['web_identity_token_file'], + roleArn: profile['role_arn'], + roleSessionName: profile['role_session_name'] + }); - XMLStreamWriter.prototype.comment = function(node, level) { - return this.stream.write(this.space(level) + '' + this.endline(node)); - }; + return paramsArray; + }, - XMLStreamWriter.prototype.declaration = function(node, level) { - this.stream.write(this.space(level)); - this.stream.write(''); - return this.stream.write(this.endline(node)); - }; + /** + * Refreshes credentials using {AWS.STS.assumeRoleWithWebIdentity} + * + * @callback callback function(err) + * Called when the STS service responds (or fails). When + * this callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see AWS.Credentials.get + */ + refresh: function refresh(callback) { + this.coalesceRefresh(callback || AWS.util.fn.callback); + }, - XMLStreamWriter.prototype.docType = function(node, level) { - var child, i, len, ref; - level || (level = 0); - this.stream.write(this.space(level)); - this.stream.write(' 0) { - this.stream.write(' ['); - this.stream.write(this.endline(node)); - ref = node.children; - for (i = 0, len = ref.length; i < len; i++) { - child = ref[i]; - switch (false) { - case !(child instanceof XMLDTDAttList): - this.dtdAttList(child, level + 1); - break; - case !(child instanceof XMLDTDElement): - this.dtdElement(child, level + 1); - break; - case !(child instanceof XMLDTDEntity): - this.dtdEntity(child, level + 1); - break; - case !(child instanceof XMLDTDNotation): - this.dtdNotation(child, level + 1); - break; - case !(child instanceof XMLCData): - this.cdata(child, level + 1); - break; - case !(child instanceof XMLComment): - this.comment(child, level + 1); - break; - case !(child instanceof XMLProcessingInstruction): - this.processingInstruction(child, level + 1); - break; - default: - throw new Error("Unknown DTD node type: " + child.constructor.name); + /** + * @api private + */ + assumeRoleChaining: function assumeRoleChaining(paramsArray, callback) { + var self = this; + if (paramsArray.length === 0) { + self.service.credentialsFrom(self.data, self); + callback(); + } else { + var params = paramsArray.shift(); + self.service.config.credentials = self.service.credentialsFrom(self.data, self); + self.service.assumeRole( + { + RoleArn: params.roleArn, + RoleSessionName: params.roleSessionName || 'token-file-web-identity' + }, + function (err, data) { + self.data = null; + if (err) { + callback(err); + } else { + self.data = data; + self.assumeRoleChaining(paramsArray, callback); } } - this.stream.write(']'); - } - this.stream.write(this.spacebeforeslash + '>'); - return this.stream.write(this.endline(node)); - }; + ); + } + }, - XMLStreamWriter.prototype.element = function(node, level) { - var att, child, i, len, name, ref, ref1, space; - level || (level = 0); - space = this.space(level); - this.stream.write(space + '<' + node.name); - ref = node.attributes; - for (name in ref) { - if (!hasProp.call(ref, name)) continue; - att = ref[name]; - this.attribute(att); + /** + * @api private + */ + load: function load(callback) { + var self = this; + try { + var paramsArray = self.getParamsFromEnv(); + if (!paramsArray) { + paramsArray = self.getParamsFromSharedConfig(); } - if (node.children.length === 0 || node.children.every(function(e) { - return e.value === ''; - })) { - if (this.allowEmpty) { - this.stream.write('>'); - } else { - this.stream.write(this.spacebeforeslash + '/>'); + if (paramsArray) { + var params = paramsArray.shift(); + var oidcToken = fs.readFileSync(params.envTokenFile, {encoding: 'ascii'}); + if (!self.service) { + self.createClients(); } - } else if (this.pretty && node.children.length === 1 && (node.children[0].value != null)) { - this.stream.write('>'); - this.stream.write(node.children[0].value); - this.stream.write(''); - } else { - this.stream.write('>' + this.newline); - ref1 = node.children; - for (i = 0, len = ref1.length; i < len; i++) { - child = ref1[i]; - switch (false) { - case !(child instanceof XMLCData): - this.cdata(child, level + 1); - break; - case !(child instanceof XMLComment): - this.comment(child, level + 1); - break; - case !(child instanceof XMLElement): - this.element(child, level + 1); - break; - case !(child instanceof XMLRaw): - this.raw(child, level + 1); - break; - case !(child instanceof XMLText): - this.text(child, level + 1); - break; - case !(child instanceof XMLProcessingInstruction): - this.processingInstruction(child, level + 1); - break; - default: - throw new Error("Unknown XML node type: " + child.constructor.name); + self.service.assumeRoleWithWebIdentity( + { + WebIdentityToken: oidcToken, + RoleArn: params.roleArn, + RoleSessionName: params.roleSessionName || 'token-file-web-identity' + }, + function (err, data) { + self.data = null; + if (err) { + callback(err); + } else { + self.data = data; + self.assumeRoleChaining(paramsArray, callback); + } } - } - this.stream.write(space + ''); - } - return this.stream.write(this.endline(node)); - }; - - XMLStreamWriter.prototype.processingInstruction = function(node, level) { - this.stream.write(this.space(level) + '' + this.endline(node)); - }; - - XMLStreamWriter.prototype.raw = function(node, level) { - return this.stream.write(this.space(level) + node.value + this.endline(node)); - }; + } catch (err) { + callback(err); + } + }, - XMLStreamWriter.prototype.text = function(node, level) { - return this.stream.write(this.space(level) + node.value + this.endline(node)); - }; - - XMLStreamWriter.prototype.dtdAttList = function(node, level) { - this.stream.write(this.space(level) + '' + this.endline(node)); - }; - - XMLStreamWriter.prototype.dtdElement = function(node, level) { - this.stream.write(this.space(level) + '' + this.endline(node)); - }; + /** + * @api private + */ + createClients: function() { + if (!this.service) { + var stsConfig = AWS.util.merge({}, this.clientConfig); + this.service = new STS(stsConfig); - XMLStreamWriter.prototype.dtdEntity = function(node, level) { - this.stream.write(this.space(level) + '' + this.endline(node)); - }; - - XMLStreamWriter.prototype.dtdNotation = function(node, level) { - this.stream.write(this.space(level) + '' + this.endline(node)); - }; - - XMLStreamWriter.prototype.endline = function(node) { - if (!node.isLastRootNode) { - return this.newline; - } else { - return ''; - } - }; - - return XMLStreamWriter; - - })(XMLWriterBase); - -}).call(this); + }; + } + } +}); /***/ }), -/***/ 463: -/***/ (function(module, __unusedexports, __webpack_require__) { +/***/ 4998: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { -// Generated by CoffeeScript 1.12.7 -(function() { - var XMLDTDElement, XMLNode, - extend = function(child, parent) { for (var key in parent) { if (hasProp.call(parent, key)) child[key] = parent[key]; } function ctor() { this.constructor = child; } ctor.prototype = parent.prototype; child.prototype = new ctor(); child.__super__ = parent.prototype; return child; }, - hasProp = {}.hasOwnProperty; +var AWS = __nccwpck_require__(8437); +var STS = __nccwpck_require__(7513); - XMLNode = __webpack_require__(855); +/** + * Represents credentials retrieved from STS Web Identity Federation support. + * + * By default this provider gets credentials using the + * {AWS.STS.assumeRoleWithWebIdentity} service operation. This operation + * requires a `RoleArn` containing the ARN of the IAM trust policy for the + * application for which credentials will be given. In addition, the + * `WebIdentityToken` must be set to the token provided by the identity + * provider. See {constructor} for an example on creating a credentials + * object with proper `RoleArn` and `WebIdentityToken` values. + * + * ## Refreshing Credentials from Identity Service + * + * In addition to AWS credentials expiring after a given amount of time, the + * login token from the identity provider will also expire. Once this token + * expires, it will not be usable to refresh AWS credentials, and another + * token will be needed. The SDK does not manage refreshing of the token value, + * but this can be done through a "refresh token" supported by most identity + * providers. Consult the documentation for the identity provider for refreshing + * tokens. Once the refreshed token is acquired, you should make sure to update + * this new token in the credentials object's {params} property. The following + * code will update the WebIdentityToken, assuming you have retrieved an updated + * token from the identity provider: + * + * ```javascript + * AWS.config.credentials.params.WebIdentityToken = updatedToken; + * ``` + * + * Future calls to `credentials.refresh()` will now use the new token. + * + * @!attribute params + * @return [map] the map of params passed to + * {AWS.STS.assumeRoleWithWebIdentity}. To update the token, set the + * `params.WebIdentityToken` property. + * @!attribute data + * @return [map] the raw data response from the call to + * {AWS.STS.assumeRoleWithWebIdentity}. Use this if you want to get + * access to other properties from the response. + */ +AWS.WebIdentityCredentials = AWS.util.inherit(AWS.Credentials, { + /** + * Creates a new credentials object. + * @param (see AWS.STS.assumeRoleWithWebIdentity) + * @example Creating a new credentials object + * AWS.config.credentials = new AWS.WebIdentityCredentials({ + * RoleArn: 'arn:aws:iam::1234567890:role/WebIdentity', + * WebIdentityToken: 'ABCDEFGHIJKLMNOP', // token from identity service + * RoleSessionName: 'web' // optional name, defaults to web-identity + * }, { + * // optionally provide configuration to apply to the underlying AWS.STS service client + * // if configuration is not provided, then configuration will be pulled from AWS.config + * + * // specify timeout options + * httpOptions: { + * timeout: 100 + * } + * }); + * @see AWS.STS.assumeRoleWithWebIdentity + * @see AWS.Config + */ + constructor: function WebIdentityCredentials(params, clientConfig) { + AWS.Credentials.call(this); + this.expired = true; + this.params = params; + this.params.RoleSessionName = this.params.RoleSessionName || 'web-identity'; + this.data = null; + this._clientConfig = AWS.util.copy(clientConfig || {}); + }, - module.exports = XMLDTDElement = (function(superClass) { - extend(XMLDTDElement, superClass); + /** + * Refreshes credentials using {AWS.STS.assumeRoleWithWebIdentity} + * + * @callback callback function(err) + * Called when the STS service responds (or fails). When + * this callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see get + */ + refresh: function refresh(callback) { + this.coalesceRefresh(callback || AWS.util.fn.callback); + }, - function XMLDTDElement(parent, name, value) { - XMLDTDElement.__super__.constructor.call(this, parent); - if (name == null) { - throw new Error("Missing DTD element name"); - } - if (!value) { - value = '(#PCDATA)'; - } - if (Array.isArray(value)) { - value = '(' + value.join(',') + ')'; + /** + * @api private + */ + load: function load(callback) { + var self = this; + self.createClients(); + self.service.assumeRoleWithWebIdentity(function (err, data) { + self.data = null; + if (!err) { + self.data = data; + self.service.credentialsFrom(data, self); } - this.name = this.stringify.eleName(name); - this.value = this.stringify.dtdElementValue(value); - } - - XMLDTDElement.prototype.toString = function(options) { - return this.options.writer.set(options).dtdElement(this); - }; - - return XMLDTDElement; + callback(err); + }); + }, - })(XMLNode); + /** + * @api private + */ + createClients: function() { + if (!this.service) { + var stsConfig = AWS.util.merge({}, this._clientConfig); + stsConfig.params = this.params; + this.service = new STS(stsConfig); + } + } -}).call(this); +}); /***/ }), -/***/ 470: -/***/ (function(__unusedmodule, exports, __webpack_require__) { +/***/ 5313: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { -"use strict"; +var AWS = __nccwpck_require__(8437); +var util = __nccwpck_require__(7985); +var endpointDiscoveryEnabledEnvs = ['AWS_ENABLE_ENDPOINT_DISCOVERY', 'AWS_ENDPOINT_DISCOVERY_ENABLED']; -var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); -}) : (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - o[k2] = m[k]; -})); -var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { - Object.defineProperty(o, "default", { enumerable: true, value: v }); -}) : function(o, v) { - o["default"] = v; -}); -var __importStar = (this && this.__importStar) || function (mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); - __setModuleDefault(result, mod); - return result; -}; -var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { - function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } - return new (P || (P = Promise))(function (resolve, reject) { - function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } - function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } - function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } - step((generator = generator.apply(thisArg, _arguments || [])).next()); - }); -}; -Object.defineProperty(exports, "__esModule", { value: true }); -exports.getState = exports.saveState = exports.group = exports.endGroup = exports.startGroup = exports.info = exports.warning = exports.error = exports.debug = exports.isDebug = exports.setFailed = exports.setCommandEcho = exports.setOutput = exports.getBooleanInput = exports.getInput = exports.addPath = exports.setSecret = exports.exportVariable = exports.ExitCode = void 0; -const command_1 = __webpack_require__(431); -const file_command_1 = __webpack_require__(102); -const utils_1 = __webpack_require__(82); -const os = __importStar(__webpack_require__(87)); -const path = __importStar(__webpack_require__(622)); /** - * The code to exit an action + * Generate key (except resources and operation part) to index the endpoints in the cache + * If input shape has endpointdiscoveryid trait then use + * accessKey + operation + resources + region + service as cache key + * If input shape doesn't have endpointdiscoveryid trait then use + * accessKey + region + service as cache key + * @return [map] object with keys to index endpoints. + * @api private */ -var ExitCode; -(function (ExitCode) { - /** - * A code indicating that the action was successful - */ - ExitCode[ExitCode["Success"] = 0] = "Success"; - /** - * A code indicating that the action was a failure - */ - ExitCode[ExitCode["Failure"] = 1] = "Failure"; -})(ExitCode = exports.ExitCode || (exports.ExitCode = {})); -//----------------------------------------------------------------------- -// Variables -//----------------------------------------------------------------------- -/** - * Sets env variable for this action and future actions in the job - * @param name the name of the variable to set - * @param val the value of the variable. Non-string values will be converted to a string via JSON.stringify - */ -// eslint-disable-next-line @typescript-eslint/no-explicit-any -function exportVariable(name, val) { - const convertedVal = utils_1.toCommandValue(val); - process.env[name] = convertedVal; - const filePath = process.env['GITHUB_ENV'] || ''; - if (filePath) { - const delimiter = '_GitHubActionsFileCommandDelimeter_'; - const commandValue = `${name}<<${delimiter}${os.EOL}${convertedVal}${os.EOL}${delimiter}`; - file_command_1.issueCommand('ENV', commandValue); - } - else { - command_1.issueCommand('set-env', { name }, convertedVal); - } +function getCacheKey(request) { + var service = request.service; + var api = service.api || {}; + var operations = api.operations; + var identifiers = {}; + if (service.config.region) { + identifiers.region = service.config.region; + } + if (api.serviceId) { + identifiers.serviceId = api.serviceId; + } + if (service.config.credentials.accessKeyId) { + identifiers.accessKeyId = service.config.credentials.accessKeyId; + } + return identifiers; } -exports.exportVariable = exportVariable; + /** - * Registers a secret which will get masked from logs - * @param secret value of the secret + * Recursive helper for marshallCustomIdentifiers(). + * Looks for required string input members that have 'endpointdiscoveryid' trait. + * @api private */ -function setSecret(secret) { - command_1.issueCommand('add-mask', {}, secret); +function marshallCustomIdentifiersHelper(result, params, shape) { + if (!shape || params === undefined || params === null) return; + if (shape.type === 'structure' && shape.required && shape.required.length > 0) { + util.arrayEach(shape.required, function(name) { + var memberShape = shape.members[name]; + if (memberShape.endpointDiscoveryId === true) { + var locationName = memberShape.isLocationName ? memberShape.name : name; + result[locationName] = String(params[name]); + } else { + marshallCustomIdentifiersHelper(result, params[name], memberShape); + } + }); + } } -exports.setSecret = setSecret; + /** - * Prepends inputPath to the PATH (for this action and future actions) - * @param inputPath + * Get custom identifiers for cache key. + * Identifies custom identifiers by checking each shape's `endpointDiscoveryId` trait. + * @param [object] request object + * @param [object] input shape of the given operation's api + * @api private */ -function addPath(inputPath) { - const filePath = process.env['GITHUB_PATH'] || ''; - if (filePath) { - file_command_1.issueCommand('PATH', inputPath); - } - else { - command_1.issueCommand('add-path', {}, inputPath); - } - process.env['PATH'] = `${inputPath}${path.delimiter}${process.env['PATH']}`; +function marshallCustomIdentifiers(request, shape) { + var identifiers = {}; + marshallCustomIdentifiersHelper(identifiers, request.params, shape); + return identifiers; } -exports.addPath = addPath; + /** - * Gets the value of an input. - * Unless trimWhitespace is set to false in InputOptions, the value is also trimmed. - * Returns an empty string if the value is not defined. - * - * @param name name of the input to get - * @param options optional. See InputOptions. - * @returns string + * Call endpoint discovery operation when it's optional. + * When endpoint is available in cache then use the cached endpoints. If endpoints + * are unavailable then use regional endpoints and call endpoint discovery operation + * asynchronously. This is turned off by default. + * @param [object] request object + * @api private */ -function getInput(name, options) { - const val = process.env[`INPUT_${name.replace(/ /g, '_').toUpperCase()}`] || ''; - if (options && options.required && !val) { - throw new Error(`Input required and not supplied: ${name}`); - } - if (options && options.trimWhitespace === false) { - return val; - } - return val.trim(); +function optionalDiscoverEndpoint(request) { + var service = request.service; + var api = service.api; + var operationModel = api.operations ? api.operations[request.operation] : undefined; + var inputShape = operationModel ? operationModel.input : undefined; + + var identifiers = marshallCustomIdentifiers(request, inputShape); + var cacheKey = getCacheKey(request); + if (Object.keys(identifiers).length > 0) { + cacheKey = util.update(cacheKey, identifiers); + if (operationModel) cacheKey.operation = operationModel.name; + } + var endpoints = AWS.endpointCache.get(cacheKey); + if (endpoints && endpoints.length === 1 && endpoints[0].Address === '') { + //endpoint operation is being made but response not yet received + //or endpoint operation just failed in 1 minute + return; + } else if (endpoints && endpoints.length > 0) { + //found endpoint record from cache + request.httpRequest.updateEndpoint(endpoints[0].Address); + } else { + //endpoint record not in cache or outdated. make discovery operation + var endpointRequest = service.makeRequest(api.endpointOperation, { + Operation: operationModel.name, + Identifiers: identifiers, + }); + addApiVersionHeader(endpointRequest); + endpointRequest.removeListener('validate', AWS.EventListeners.Core.VALIDATE_PARAMETERS); + endpointRequest.removeListener('retry', AWS.EventListeners.Core.RETRY_CHECK); + //put in a placeholder for endpoints already requested, prevent + //too much in-flight calls + AWS.endpointCache.put(cacheKey, [{ + Address: '', + CachePeriodInMinutes: 1 + }]); + endpointRequest.send(function(err, data) { + if (data && data.Endpoints) { + AWS.endpointCache.put(cacheKey, data.Endpoints); + } else if (err) { + AWS.endpointCache.put(cacheKey, [{ + Address: '', + CachePeriodInMinutes: 1 //not to make more endpoint operation in next 1 minute + }]); + } + }); + } } -exports.getInput = getInput; + +var requestQueue = {}; + /** - * Gets the input value of the boolean type in the YAML 1.2 "core schema" specification. - * Support boolean input list: `true | True | TRUE | false | False | FALSE` . - * The return value is also in boolean type. - * ref: https://yaml.org/spec/1.2/spec.html#id2804923 - * - * @param name name of the input to get - * @param options optional. See InputOptions. - * @returns boolean + * Call endpoint discovery operation when it's required. + * When endpoint is available in cache then use cached ones. If endpoints are + * unavailable then SDK should call endpoint operation then use returned new + * endpoint for the api call. SDK will automatically attempt to do endpoint + * discovery. This is turned off by default + * @param [object] request object + * @api private */ -function getBooleanInput(name, options) { - const trueValue = ['true', 'True', 'TRUE']; - const falseValue = ['false', 'False', 'FALSE']; - const val = getInput(name, options); - if (trueValue.includes(val)) - return true; - if (falseValue.includes(val)) - return false; - throw new TypeError(`Input does not meet YAML 1.2 "Core Schema" specification: ${name}\n` + - `Support boolean input list: \`true | True | TRUE | false | False | FALSE\``); +function requiredDiscoverEndpoint(request, done) { + var service = request.service; + var api = service.api; + var operationModel = api.operations ? api.operations[request.operation] : undefined; + var inputShape = operationModel ? operationModel.input : undefined; + + var identifiers = marshallCustomIdentifiers(request, inputShape); + var cacheKey = getCacheKey(request); + if (Object.keys(identifiers).length > 0) { + cacheKey = util.update(cacheKey, identifiers); + if (operationModel) cacheKey.operation = operationModel.name; + } + var cacheKeyStr = AWS.EndpointCache.getKeyString(cacheKey); + var endpoints = AWS.endpointCache.get(cacheKeyStr); //endpoint cache also accepts string keys + if (endpoints && endpoints.length === 1 && endpoints[0].Address === '') { + //endpoint operation is being made but response not yet received + //push request object to a pending queue + if (!requestQueue[cacheKeyStr]) requestQueue[cacheKeyStr] = []; + requestQueue[cacheKeyStr].push({request: request, callback: done}); + return; + } else if (endpoints && endpoints.length > 0) { + request.httpRequest.updateEndpoint(endpoints[0].Address); + done(); + } else { + var endpointRequest = service.makeRequest(api.endpointOperation, { + Operation: operationModel.name, + Identifiers: identifiers, + }); + endpointRequest.removeListener('validate', AWS.EventListeners.Core.VALIDATE_PARAMETERS); + addApiVersionHeader(endpointRequest); + + //put in a placeholder for endpoints already requested, prevent + //too much in-flight calls + AWS.endpointCache.put(cacheKeyStr, [{ + Address: '', + CachePeriodInMinutes: 60 //long-live cache + }]); + endpointRequest.send(function(err, data) { + if (err) { + request.response.error = util.error(err, { retryable: false }); + AWS.endpointCache.remove(cacheKey); + + //fail all the pending requests in batch + if (requestQueue[cacheKeyStr]) { + var pendingRequests = requestQueue[cacheKeyStr]; + util.arrayEach(pendingRequests, function(requestContext) { + requestContext.request.response.error = util.error(err, { retryable: false }); + requestContext.callback(); + }); + delete requestQueue[cacheKeyStr]; + } + } else if (data) { + AWS.endpointCache.put(cacheKeyStr, data.Endpoints); + request.httpRequest.updateEndpoint(data.Endpoints[0].Address); + + //update the endpoint for all the pending requests in batch + if (requestQueue[cacheKeyStr]) { + var pendingRequests = requestQueue[cacheKeyStr]; + util.arrayEach(pendingRequests, function(requestContext) { + requestContext.request.httpRequest.updateEndpoint(data.Endpoints[0].Address); + requestContext.callback(); + }); + delete requestQueue[cacheKeyStr]; + } + } + done(); + }); + } } -exports.getBooleanInput = getBooleanInput; + /** - * Sets the value of an output. - * - * @param name name of the output to set - * @param value value to store. Non-string values will be converted to a string via JSON.stringify + * add api version header to endpoint operation + * @api private */ -// eslint-disable-next-line @typescript-eslint/no-explicit-any -function setOutput(name, value) { - process.stdout.write(os.EOL); - command_1.issueCommand('set-output', { name }, value); +function addApiVersionHeader(endpointRequest) { + var api = endpointRequest.service.api; + var apiVersion = api.apiVersion; + if (apiVersion && !endpointRequest.httpRequest.headers['x-amz-api-version']) { + endpointRequest.httpRequest.headers['x-amz-api-version'] = apiVersion; + } } -exports.setOutput = setOutput; + /** - * Enables or disables the echoing of commands into stdout for the rest of the step. - * Echoing is disabled by default if ACTIONS_STEP_DEBUG is not set. - * + * If api call gets invalid endpoint exception, SDK should attempt to remove the invalid + * endpoint from cache. + * @api private */ -function setCommandEcho(enabled) { - command_1.issue('echo', enabled ? 'on' : 'off'); +function invalidateCachedEndpoints(response) { + var error = response.error; + var httpResponse = response.httpResponse; + if (error && + (error.code === 'InvalidEndpointException' || httpResponse.statusCode === 421) + ) { + var request = response.request; + var operations = request.service.api.operations || {}; + var inputShape = operations[request.operation] ? operations[request.operation].input : undefined; + var identifiers = marshallCustomIdentifiers(request, inputShape); + var cacheKey = getCacheKey(request); + if (Object.keys(identifiers).length > 0) { + cacheKey = util.update(cacheKey, identifiers); + if (operations[request.operation]) cacheKey.operation = operations[request.operation].name; + } + AWS.endpointCache.remove(cacheKey); + } } -exports.setCommandEcho = setCommandEcho; -//----------------------------------------------------------------------- -// Results -//----------------------------------------------------------------------- + /** - * Sets the action status to failed. - * When the action exits it will be with an exit code of 1 - * @param message add error issue message + * If endpoint is explicitly configured, SDK should not do endpoint discovery in anytime. + * @param [object] client Service client object. + * @api private */ -function setFailed(message) { - process.exitCode = ExitCode.Failure; - error(message); +function hasCustomEndpoint(client) { + //if set endpoint is set for specific client, enable endpoint discovery will raise an error. + if (client._originalConfig && client._originalConfig.endpoint && client._originalConfig.endpointDiscoveryEnabled === true) { + throw util.error(new Error(), { + code: 'ConfigurationException', + message: 'Custom endpoint is supplied; endpointDiscoveryEnabled must not be true.' + }); + }; + var svcConfig = AWS.config[client.serviceIdentifier] || {}; + return Boolean(AWS.config.endpoint || svcConfig.endpoint || (client._originalConfig && client._originalConfig.endpoint)); } -exports.setFailed = setFailed; -//----------------------------------------------------------------------- -// Logging Commands -//----------------------------------------------------------------------- + /** - * Gets whether Actions Step Debug is on or not + * @api private */ -function isDebug() { - return process.env['RUNNER_DEBUG'] === '1'; +function isFalsy(value) { + return ['false', '0'].indexOf(value) >= 0; } -exports.isDebug = isDebug; + /** - * Writes debug message to user log - * @param message debug message + * If endpoint discovery should perform for this request when no operation requires endpoint + * discovery for the given service. + * SDK performs config resolution in order like below: + * 1. If set in client configuration. + * 2. If set in env AWS_ENABLE_ENDPOINT_DISCOVERY. + * 3. If set in shared ini config file with key 'endpoint_discovery_enabled'. + * @param [object] request request object. + * @returns [boolean|undefined] if endpoint discovery config is not set in any source, this + * function returns undefined + * @api private */ -function debug(message) { - command_1.issueCommand('debug', {}, message); +function resolveEndpointDiscoveryConfig(request) { + var service = request.service || {}; + if (service.config.endpointDiscoveryEnabled !== undefined) { + return service.config.endpointDiscoveryEnabled; + } + + //shared ini file is only available in Node + //not to check env in browser + if (util.isBrowser()) return undefined; + + // If any of recognized endpoint discovery config env is set + for (var i = 0; i < endpointDiscoveryEnabledEnvs.length; i++) { + var env = endpointDiscoveryEnabledEnvs[i]; + if (Object.prototype.hasOwnProperty.call(process.env, env)) { + if (process.env[env] === '' || process.env[env] === undefined) { + throw util.error(new Error(), { + code: 'ConfigurationException', + message: 'environmental variable ' + env + ' cannot be set to nothing' + }); + } + return !isFalsy(process.env[env]); + } + } + + var configFile = {}; + try { + configFile = AWS.util.iniLoader ? AWS.util.iniLoader.loadFrom({ + isConfig: true, + filename: process.env[AWS.util.sharedConfigFileEnv] + }) : {}; + } catch (e) {} + var sharedFileConfig = configFile[ + process.env.AWS_PROFILE || AWS.util.defaultProfile + ] || {}; + if (Object.prototype.hasOwnProperty.call(sharedFileConfig, 'endpoint_discovery_enabled')) { + if (sharedFileConfig.endpoint_discovery_enabled === undefined) { + throw util.error(new Error(), { + code: 'ConfigurationException', + message: 'config file entry \'endpoint_discovery_enabled\' cannot be set to nothing' + }); + } + return !isFalsy(sharedFileConfig.endpoint_discovery_enabled); + } + return undefined; } -exports.debug = debug; + /** - * Adds an error issue - * @param message error issue message. Errors will be converted to string via toString() + * attach endpoint discovery logic to request object + * @param [object] request + * @api private */ -function error(message) { - command_1.issue('error', message instanceof Error ? message.toString() : message); +function discoverEndpoint(request, done) { + var service = request.service || {}; + if (hasCustomEndpoint(service) || request.isPresigned()) return done(); + + var operations = service.api.operations || {}; + var operationModel = operations[request.operation]; + var isEndpointDiscoveryRequired = operationModel ? operationModel.endpointDiscoveryRequired : 'NULL'; + var isEnabled = resolveEndpointDiscoveryConfig(request); + var hasRequiredEndpointDiscovery = service.api.hasRequiredEndpointDiscovery; + if (isEnabled || hasRequiredEndpointDiscovery) { + // Once a customer enables endpoint discovery, the SDK should start appending + // the string endpoint-discovery to the user-agent on all requests. + request.httpRequest.appendToUserAgent('endpoint-discovery'); + } + switch (isEndpointDiscoveryRequired) { + case 'OPTIONAL': + if (isEnabled || hasRequiredEndpointDiscovery) { + // For a given service; if at least one operation requires endpoint discovery then the SDK must enable endpoint discovery + // by default for all operations of that service, including operations where endpoint discovery is optional. + optionalDiscoverEndpoint(request); + request.addNamedListener('INVALIDATE_CACHED_ENDPOINTS', 'extractError', invalidateCachedEndpoints); + } + done(); + break; + case 'REQUIRED': + if (isEnabled === false) { + // For a given operation; if endpoint discovery is required and it has been disabled on the SDK client, + // then the SDK must return a clear and actionable exception. + request.response.error = util.error(new Error(), { + code: 'ConfigurationException', + message: 'Endpoint Discovery is disabled but ' + service.api.className + '.' + request.operation + + '() requires it. Please check your configurations.' + }); + done(); + break; + } + request.addNamedListener('INVALIDATE_CACHED_ENDPOINTS', 'extractError', invalidateCachedEndpoints); + requiredDiscoverEndpoint(request, done); + break; + case 'NULL': + default: + done(); + break; + } } -exports.error = error; -/** - * Adds an warning issue - * @param message warning issue message. Errors will be converted to string via toString() - */ -function warning(message) { - command_1.issue('warning', message instanceof Error ? message.toString() : message); + +module.exports = { + discoverEndpoint: discoverEndpoint, + requiredDiscoverEndpoint: requiredDiscoverEndpoint, + optionalDiscoverEndpoint: optionalDiscoverEndpoint, + marshallCustomIdentifiers: marshallCustomIdentifiers, + getCacheKey: getCacheKey, + invalidateCachedEndpoint: invalidateCachedEndpoints, +}; + + +/***/ }), + +/***/ 3727: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +var eventMessageChunker = (__nccwpck_require__(3630).eventMessageChunker); +var parseEvent = (__nccwpck_require__(2123).parseEvent); + +function createEventStream(body, parser, model) { + var eventMessages = eventMessageChunker(body); + + var events = []; + + for (var i = 0; i < eventMessages.length; i++) { + events.push(parseEvent(parser, eventMessages[i], model)); + } + + return events; } -exports.warning = warning; + /** - * Writes info to log with console.log. - * @param message info message + * @api private */ -function info(message) { - process.stdout.write(message + os.EOL); +module.exports = { + createEventStream: createEventStream +}; + + +/***/ }), + +/***/ 8518: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +var util = (__nccwpck_require__(8437).util); +var Transform = (__nccwpck_require__(2781).Transform); +var allocBuffer = util.buffer.alloc; + +/** @type {Transform} */ +function EventMessageChunkerStream(options) { + Transform.call(this, options); + + this.currentMessageTotalLength = 0; + this.currentMessagePendingLength = 0; + /** @type {Buffer} */ + this.currentMessage = null; + + /** @type {Buffer} */ + this.messageLengthBuffer = null; } -exports.info = info; + +EventMessageChunkerStream.prototype = Object.create(Transform.prototype); + /** - * Begin an output group. - * - * Output until the next `groupEnd` will be foldable in this group * - * @param name The name of the output group + * @param {Buffer} chunk + * @param {string} encoding + * @param {*} callback */ -function startGroup(name) { - command_1.issue('group', name); -} -exports.startGroup = startGroup; +EventMessageChunkerStream.prototype._transform = function(chunk, encoding, callback) { + var chunkLength = chunk.length; + var currentOffset = 0; + + while (currentOffset < chunkLength) { + // create new message if necessary + if (!this.currentMessage) { + // working on a new message, determine total length + var bytesRemaining = chunkLength - currentOffset; + // prevent edge case where total length spans 2 chunks + if (!this.messageLengthBuffer) { + this.messageLengthBuffer = allocBuffer(4); + } + var numBytesForTotal = Math.min( + 4 - this.currentMessagePendingLength, // remaining bytes to fill the messageLengthBuffer + bytesRemaining // bytes left in chunk + ); + + chunk.copy( + this.messageLengthBuffer, + this.currentMessagePendingLength, + currentOffset, + currentOffset + numBytesForTotal + ); + + this.currentMessagePendingLength += numBytesForTotal; + currentOffset += numBytesForTotal; + + if (this.currentMessagePendingLength < 4) { + // not enough information to create the current message + break; + } + this.allocateMessage(this.messageLengthBuffer.readUInt32BE(0)); + this.messageLengthBuffer = null; + } + + // write data into current message + var numBytesToWrite = Math.min( + this.currentMessageTotalLength - this.currentMessagePendingLength, // number of bytes left to complete message + chunkLength - currentOffset // number of bytes left in the original chunk + ); + chunk.copy( + this.currentMessage, // target buffer + this.currentMessagePendingLength, // target offset + currentOffset, // chunk offset + currentOffset + numBytesToWrite // chunk end to write + ); + this.currentMessagePendingLength += numBytesToWrite; + currentOffset += numBytesToWrite; + + // check if a message is ready to be pushed + if (this.currentMessageTotalLength && this.currentMessageTotalLength === this.currentMessagePendingLength) { + // push out the message + this.push(this.currentMessage); + // cleanup + this.currentMessage = null; + this.currentMessageTotalLength = 0; + this.currentMessagePendingLength = 0; + } + } + + callback(); +}; + +EventMessageChunkerStream.prototype._flush = function(callback) { + if (this.currentMessageTotalLength) { + if (this.currentMessageTotalLength === this.currentMessagePendingLength) { + callback(null, this.currentMessage); + } else { + callback(new Error('Truncated event message received.')); + } + } else { + callback(); + } +}; + /** - * End an output group. + * @param {number} size Size of the message to be allocated. + * @api private */ -function endGroup() { - command_1.issue('endgroup'); -} -exports.endGroup = endGroup; +EventMessageChunkerStream.prototype.allocateMessage = function(size) { + if (typeof size !== 'number') { + throw new Error('Attempted to allocate an event message where size was not a number: ' + size); + } + this.currentMessageTotalLength = size; + this.currentMessagePendingLength = 4; + this.currentMessage = allocBuffer(size); + this.currentMessage.writeUInt32BE(size, 0); +}; + /** - * Wrap an asynchronous function call in a group. - * - * Returns the same type as the function itself. - * - * @param name The name of the group - * @param fn The function to wrap in the group + * @api private */ -function group(name, fn) { - return __awaiter(this, void 0, void 0, function* () { - startGroup(name); - let result; - try { - result = yield fn(); - } - finally { - endGroup(); - } - return result; - }); -} -exports.group = group; -//----------------------------------------------------------------------- -// Wrapper action state -//----------------------------------------------------------------------- +module.exports = { + EventMessageChunkerStream: EventMessageChunkerStream +}; + + +/***/ }), + +/***/ 3630: +/***/ ((module) => { + /** - * Saves state for current action, the state can only be retrieved by this action's post job execution. - * - * @param name name of the state to store - * @param value value to store. Non-string values will be converted to a string via JSON.stringify + * Takes in a buffer of event messages and splits them into individual messages. + * @param {Buffer} buffer + * @api private */ -// eslint-disable-next-line @typescript-eslint/no-explicit-any -function saveState(name, value) { - command_1.issueCommand('save-state', { name }, value); +function eventMessageChunker(buffer) { + /** @type Buffer[] */ + var messages = []; + var offset = 0; + + while (offset < buffer.length) { + var totalLength = buffer.readInt32BE(offset); + + // create new buffer for individual message (shares memory with original) + var message = buffer.slice(offset, totalLength + offset); + // increment offset to it starts at the next message + offset += totalLength; + + messages.push(message); + } + + return messages; } -exports.saveState = saveState; + /** - * Gets the value of an state set by this action's main execution. - * - * @param name name of the state to get - * @returns string + * @api private */ -function getState(name) { - return process.env[`STATE_${name}`] || ''; -} -exports.getState = getState; -//# sourceMappingURL=core.js.map +module.exports = { + eventMessageChunker: eventMessageChunker +}; + /***/ }), -/***/ 473: -/***/ (function(module) { +/***/ 3773: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { -module.exports = {"version":2,"waiters":{"InstanceProfileExists":{"delay":1,"operation":"GetInstanceProfile","maxAttempts":40,"acceptors":[{"expected":200,"matcher":"status","state":"success"},{"state":"retry","matcher":"status","expected":404}]},"UserExists":{"delay":1,"operation":"GetUser","maxAttempts":20,"acceptors":[{"state":"success","matcher":"status","expected":200},{"state":"retry","matcher":"error","expected":"NoSuchEntity"}]},"RoleExists":{"delay":1,"operation":"GetRole","maxAttempts":20,"acceptors":[{"state":"success","matcher":"status","expected":200},{"state":"retry","matcher":"error","expected":"NoSuchEntity"}]},"PolicyExists":{"delay":1,"operation":"GetPolicy","maxAttempts":20,"acceptors":[{"state":"success","matcher":"status","expected":200},{"state":"retry","matcher":"error","expected":"NoSuchEntity"}]}}}; +var Transform = (__nccwpck_require__(2781).Transform); +var parseEvent = (__nccwpck_require__(2123).parseEvent); -/***/ }), +/** @type {Transform} */ +function EventUnmarshallerStream(options) { + options = options || {}; + // set output to object mode + options.readableObjectMode = true; + Transform.call(this, options); + this._readableState.objectMode = true; -/***/ 476: -/***/ (function(__unusedmodule, exports, __webpack_require__) { + this.parser = options.parser; + this.eventStreamModel = options.eventStreamModel; +} -// Generated by CoffeeScript 1.12.7 -(function() { - "use strict"; - var builder, defaults, escapeCDATA, requiresCDATA, wrapCDATA, - hasProp = {}.hasOwnProperty; +EventUnmarshallerStream.prototype = Object.create(Transform.prototype); + +/** + * + * @param {Buffer} chunk + * @param {string} encoding + * @param {*} callback + */ +EventUnmarshallerStream.prototype._transform = function(chunk, encoding, callback) { + try { + var event = parseEvent(this.parser, chunk, this.eventStreamModel); + this.push(event); + return callback(); + } catch (err) { + callback(err); + } +}; - builder = __webpack_require__(312); +/** + * @api private + */ +module.exports = { + EventUnmarshallerStream: EventUnmarshallerStream +}; - defaults = __webpack_require__(514).defaults; - requiresCDATA = function(entry) { - return typeof entry === "string" && (entry.indexOf('&') >= 0 || entry.indexOf('>') >= 0 || entry.indexOf('<') >= 0); - }; +/***/ }), - wrapCDATA = function(entry) { - return ""; - }; +/***/ 8583: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { - escapeCDATA = function(entry) { - return entry.replace(']]>', ']]]]>'); - }; +var util = (__nccwpck_require__(8437).util); +var toBuffer = util.buffer.toBuffer; - exports.Builder = (function() { - function Builder(opts) { - var key, ref, value; - this.options = {}; - ref = defaults["0.2"]; - for (key in ref) { - if (!hasProp.call(ref, key)) continue; - value = ref[key]; - this.options[key] = value; - } - for (key in opts) { - if (!hasProp.call(opts, key)) continue; - value = opts[key]; - this.options[key] = value; - } +/** + * A lossless representation of a signed, 64-bit integer. Instances of this + * class may be used in arithmetic expressions as if they were numeric + * primitives, but the binary representation will be preserved unchanged as the + * `bytes` property of the object. The bytes should be encoded as big-endian, + * two's complement integers. + * @param {Buffer} bytes + * + * @api private + */ +function Int64(bytes) { + if (bytes.length !== 8) { + throw new Error('Int64 buffers must be exactly 8 bytes'); } + if (!util.Buffer.isBuffer(bytes)) bytes = toBuffer(bytes); - Builder.prototype.buildObject = function(rootObj) { - var attrkey, charkey, render, rootElement, rootName; - attrkey = this.options.attrkey; - charkey = this.options.charkey; - if ((Object.keys(rootObj).length === 1) && (this.options.rootName === defaults['0.2'].rootName)) { - rootName = Object.keys(rootObj)[0]; - rootObj = rootObj[rootName]; - } else { - rootName = this.options.rootName; - } - render = (function(_this) { - return function(element, obj) { - var attr, child, entry, index, key, value; - if (typeof obj !== 'object') { - if (_this.options.cdata && requiresCDATA(obj)) { - element.raw(wrapCDATA(obj)); - } else { - element.txt(obj); - } - } else if (Array.isArray(obj)) { - for (index in obj) { - if (!hasProp.call(obj, index)) continue; - child = obj[index]; - for (key in child) { - entry = child[key]; - element = render(element.ele(key), entry).up(); - } - } - } else { - for (key in obj) { - if (!hasProp.call(obj, key)) continue; - child = obj[key]; - if (key === attrkey) { - if (typeof child === "object") { - for (attr in child) { - value = child[attr]; - element = element.att(attr, value); - } - } - } else if (key === charkey) { - if (_this.options.cdata && requiresCDATA(child)) { - element = element.raw(wrapCDATA(child)); - } else { - element = element.txt(child); - } - } else if (Array.isArray(child)) { - for (index in child) { - if (!hasProp.call(child, index)) continue; - entry = child[index]; - if (typeof entry === 'string') { - if (_this.options.cdata && requiresCDATA(entry)) { - element = element.ele(key).raw(wrapCDATA(entry)).up(); - } else { - element = element.ele(key, entry).up(); - } - } else { - element = render(element.ele(key), entry).up(); - } - } - } else if (typeof child === "object") { - element = render(element.ele(key), child).up(); - } else { - if (typeof child === 'string' && _this.options.cdata && requiresCDATA(child)) { - element = element.ele(key).raw(wrapCDATA(child)).up(); - } else { - if (child == null) { - child = ''; - } - element = element.ele(key, child.toString()).up(); - } - } - } - } - return element; - }; - })(this); - rootElement = builder.create(rootName, this.options.xmldec, this.options.doctype, { - headless: this.options.headless, - allowSurrogateChars: this.options.allowSurrogateChars - }); - return render(rootElement, rootObj).end(this.options.renderOpts); - }; + this.bytes = bytes; +} - return Builder; +/** + * @param {number} number + * @returns {Int64} + * + * @api private + */ +Int64.fromNumber = function(number) { + if (number > 9223372036854775807 || number < -9223372036854775808) { + throw new Error( + number + ' is too large (or, if negative, too small) to represent as an Int64' + ); + } - })(); + var bytes = new Uint8Array(8); + for ( + var i = 7, remaining = Math.abs(Math.round(number)); + i > -1 && remaining > 0; + i--, remaining /= 256 + ) { + bytes[i] = remaining; + } -}).call(this); + if (number < 0) { + negate(bytes); + } + return new Int64(bytes); +}; -/***/ }), +/** + * @returns {number} + * + * @api private + */ +Int64.prototype.valueOf = function() { + var bytes = this.bytes.slice(0); + var negative = bytes[0] & 128; + if (negative) { + negate(bytes); + } -/***/ 491: -/***/ (function(module, __unusedexports, __webpack_require__) { + return parseInt(bytes.toString('hex'), 16) * (negative ? -1 : 1); +}; -// Generated by CoffeeScript 1.12.7 -(function() { - var XMLNode, XMLProcessingInstruction, - extend = function(child, parent) { for (var key in parent) { if (hasProp.call(parent, key)) child[key] = parent[key]; } function ctor() { this.constructor = child; } ctor.prototype = parent.prototype; child.prototype = new ctor(); child.__super__ = parent.prototype; return child; }, - hasProp = {}.hasOwnProperty; +Int64.prototype.toString = function() { + return String(this.valueOf()); +}; - XMLNode = __webpack_require__(855); +/** + * @param {Buffer} bytes + * + * @api private + */ +function negate(bytes) { + for (var i = 0; i < 8; i++) { + bytes[i] ^= 0xFF; + } + for (var i = 7; i > -1; i--) { + bytes[i]++; + if (bytes[i] !== 0) { + break; + } + } +} - module.exports = XMLProcessingInstruction = (function(superClass) { - extend(XMLProcessingInstruction, superClass); +/** + * @api private + */ +module.exports = { + Int64: Int64 +}; - function XMLProcessingInstruction(parent, target, value) { - XMLProcessingInstruction.__super__.constructor.call(this, parent); - if (target == null) { - throw new Error("Missing instruction target"); - } - this.target = this.stringify.insTarget(target); - if (value) { - this.value = this.stringify.insValue(value); - } - } - XMLProcessingInstruction.prototype.clone = function() { - return Object.create(this); - }; +/***/ }), - XMLProcessingInstruction.prototype.toString = function(options) { - return this.options.writer.set(options).processingInstruction(this); - }; +/***/ 2123: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { - return XMLProcessingInstruction; +var parseMessage = (__nccwpck_require__(866).parseMessage); - })(XMLNode); +/** + * + * @param {*} parser + * @param {Buffer} message + * @param {*} shape + * @api private + */ +function parseEvent(parser, message, shape) { + var parsedMessage = parseMessage(message); -}).call(this); + // check if message is an event or error + var messageType = parsedMessage.headers[':message-type']; + if (messageType) { + if (messageType.value === 'error') { + throw parseError(parsedMessage); + } else if (messageType.value !== 'event') { + // not sure how to parse non-events/non-errors, ignore for now + return; + } + } + // determine event type + var eventType = parsedMessage.headers[':event-type']; + // check that the event type is modeled + var eventModel = shape.members[eventType.value]; + if (!eventModel) { + return; + } -/***/ }), + var result = {}; + // check if an event payload exists + var eventPayloadMemberName = eventModel.eventPayloadMemberName; + if (eventPayloadMemberName) { + var payloadShape = eventModel.members[eventPayloadMemberName]; + // if the shape is binary, return the byte array + if (payloadShape.type === 'binary') { + result[eventPayloadMemberName] = parsedMessage.body; + } else { + result[eventPayloadMemberName] = parser.parse(parsedMessage.body.toString(), payloadShape); + } + } -/***/ 492: -/***/ (function(module, __unusedexports, __webpack_require__) { + // read event headers + var eventHeaderNames = eventModel.eventHeaderMemberNames; + for (var i = 0; i < eventHeaderNames.length; i++) { + var name = eventHeaderNames[i]; + if (parsedMessage.headers[name]) { + // parse the header! + result[name] = eventModel.members[name].toType(parsedMessage.headers[name].value); + } + } -var util = __webpack_require__(153); -var XmlNode = __webpack_require__(404).XmlNode; -var XmlText = __webpack_require__(948).XmlText; + var output = {}; + output[eventType.value] = result; + return output; +} -function XmlBuilder() { } +function parseError(message) { + var errorCode = message.headers[':error-code']; + var errorMessage = message.headers[':error-message']; + var error = new Error(errorMessage.value || errorMessage); + error.code = error.name = errorCode.value || errorCode; + return error; +} -XmlBuilder.prototype.toXML = function(params, shape, rootElement, noEmpty) { - var xml = new XmlNode(rootElement); - applyNamespaces(xml, shape, true); - serialize(xml, params, shape); - return xml.children.length > 0 || noEmpty ? xml.toString() : ''; +/** + * @api private + */ +module.exports = { + parseEvent: parseEvent }; -function serialize(xml, value, shape) { - switch (shape.type) { - case 'structure': return serializeStructure(xml, value, shape); - case 'map': return serializeMap(xml, value, shape); - case 'list': return serializeList(xml, value, shape); - default: return serializeScalar(xml, value, shape); - } -} -function serializeStructure(xml, params, shape) { - util.arrayEach(shape.memberNames, function(memberName) { - var memberShape = shape.members[memberName]; - if (memberShape.location !== 'body') return; +/***/ }), - var value = params[memberName]; - var name = memberShape.name; - if (value !== undefined && value !== null) { - if (memberShape.isXmlAttribute) { - xml.addAttribute(name, value); - } else if (memberShape.flattened) { - serialize(xml, value, memberShape); - } else { - var element = new XmlNode(name); - xml.addChildNode(element); - applyNamespaces(element, memberShape); - serialize(element, value, memberShape); - } - } - }); -} - -function serializeMap(xml, map, shape) { - var xmlKey = shape.key.name || 'key'; - var xmlValue = shape.value.name || 'value'; - - util.each(map, function(key, value) { - var entry = new XmlNode(shape.flattened ? shape.name : 'entry'); - xml.addChildNode(entry); +/***/ 866: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { - var entryKey = new XmlNode(xmlKey); - var entryValue = new XmlNode(xmlValue); - entry.addChildNode(entryKey); - entry.addChildNode(entryValue); +var Int64 = (__nccwpck_require__(8583).Int64); - serialize(entryKey, key, shape.key); - serialize(entryValue, value, shape.value); - }); -} +var splitMessage = (__nccwpck_require__(1765).splitMessage); -function serializeList(xml, list, shape) { - if (shape.flattened) { - util.arrayEach(list, function(value) { - var name = shape.member.name || shape.name; - var element = new XmlNode(name); - xml.addChildNode(element); - serialize(element, value, shape.member); - }); - } else { - util.arrayEach(list, function(value) { - var name = shape.member.name || 'member'; - var element = new XmlNode(name); - xml.addChildNode(element); - serialize(element, value, shape.member); - }); - } -} +var BOOLEAN_TAG = 'boolean'; +var BYTE_TAG = 'byte'; +var SHORT_TAG = 'short'; +var INT_TAG = 'integer'; +var LONG_TAG = 'long'; +var BINARY_TAG = 'binary'; +var STRING_TAG = 'string'; +var TIMESTAMP_TAG = 'timestamp'; +var UUID_TAG = 'uuid'; -function serializeScalar(xml, value, shape) { - xml.addChildNode( - new XmlText(shape.toWireFormat(value)) - ); +/** + * @api private + * + * @param {Buffer} headers + */ +function parseHeaders(headers) { + var out = {}; + var position = 0; + while (position < headers.length) { + var nameLength = headers.readUInt8(position++); + var name = headers.slice(position, position + nameLength).toString(); + position += nameLength; + switch (headers.readUInt8(position++)) { + case 0 /* boolTrue */: + out[name] = { + type: BOOLEAN_TAG, + value: true + }; + break; + case 1 /* boolFalse */: + out[name] = { + type: BOOLEAN_TAG, + value: false + }; + break; + case 2 /* byte */: + out[name] = { + type: BYTE_TAG, + value: headers.readInt8(position++) + }; + break; + case 3 /* short */: + out[name] = { + type: SHORT_TAG, + value: headers.readInt16BE(position) + }; + position += 2; + break; + case 4 /* integer */: + out[name] = { + type: INT_TAG, + value: headers.readInt32BE(position) + }; + position += 4; + break; + case 5 /* long */: + out[name] = { + type: LONG_TAG, + value: new Int64(headers.slice(position, position + 8)) + }; + position += 8; + break; + case 6 /* byteArray */: + var binaryLength = headers.readUInt16BE(position); + position += 2; + out[name] = { + type: BINARY_TAG, + value: headers.slice(position, position + binaryLength) + }; + position += binaryLength; + break; + case 7 /* string */: + var stringLength = headers.readUInt16BE(position); + position += 2; + out[name] = { + type: STRING_TAG, + value: headers.slice( + position, + position + stringLength + ).toString() + }; + position += stringLength; + break; + case 8 /* timestamp */: + out[name] = { + type: TIMESTAMP_TAG, + value: new Date( + new Int64(headers.slice(position, position + 8)) + .valueOf() + ) + }; + position += 8; + break; + case 9 /* uuid */: + var uuidChars = headers.slice(position, position + 16) + .toString('hex'); + position += 16; + out[name] = { + type: UUID_TAG, + value: uuidChars.substr(0, 8) + '-' + + uuidChars.substr(8, 4) + '-' + + uuidChars.substr(12, 4) + '-' + + uuidChars.substr(16, 4) + '-' + + uuidChars.substr(20) + }; + break; + default: + throw new Error('Unrecognized header type tag'); + } + } + return out; } -function applyNamespaces(xml, shape, isRoot) { - var uri, prefix = 'xmlns'; - if (shape.xmlNamespaceUri) { - uri = shape.xmlNamespaceUri; - if (shape.xmlNamespacePrefix) prefix += ':' + shape.xmlNamespacePrefix; - } else if (isRoot && shape.api.xmlNamespaceUri) { - uri = shape.api.xmlNamespaceUri; - } - - if (uri) xml.addAttribute(prefix, uri); +function parseMessage(message) { + var parsed = splitMessage(message); + return { headers: parseHeaders(parsed.headers), body: parsed.body }; } /** * @api private */ -module.exports = XmlBuilder; +module.exports = { + parseMessage: parseMessage +}; /***/ }), -/***/ 503: -/***/ (function(module, __unusedexports, __webpack_require__) { +/***/ 1765: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { -var AWS = __webpack_require__(395); -var Api = __webpack_require__(788); -var regionConfig = __webpack_require__(546); +var util = (__nccwpck_require__(8437).util); +var toBuffer = util.buffer.toBuffer; -var inherit = AWS.util.inherit; -var clientCount = 0; +// All prelude components are unsigned, 32-bit integers +var PRELUDE_MEMBER_LENGTH = 4; +// The prelude consists of two components +var PRELUDE_LENGTH = PRELUDE_MEMBER_LENGTH * 2; +// Checksums are always CRC32 hashes. +var CHECKSUM_LENGTH = 4; +// Messages must include a full prelude, a prelude checksum, and a message checksum +var MINIMUM_MESSAGE_LENGTH = PRELUDE_LENGTH + CHECKSUM_LENGTH * 2; /** - * The service class representing an AWS service. - * - * @class_abstract This class is an abstract class. + * @api private * - * @!attribute apiVersions - * @return [Array] the list of API versions supported by this service. - * @readonly + * @param {Buffer} message */ -AWS.Service = inherit({ - /** - * Create a new service object with a configuration object - * - * @param config [map] a map of configuration options - */ - constructor: function Service(config) { - if (!this.loadServiceClass) { - throw AWS.util.error(new Error(), - 'Service must be constructed with `new\' operator'); +function splitMessage(message) { + if (!util.Buffer.isBuffer(message)) message = toBuffer(message); + + if (message.length < MINIMUM_MESSAGE_LENGTH) { + throw new Error('Provided message too short to accommodate event stream message overhead'); } - var ServiceClass = this.loadServiceClass(config || {}); - if (ServiceClass) { - var originalConfig = AWS.util.copy(config); - var svc = new ServiceClass(config); - Object.defineProperty(svc, '_originalConfig', { - get: function() { return originalConfig; }, - enumerable: false, - configurable: true - }); - svc._clientId = ++clientCount; - return svc; + + if (message.length !== message.readUInt32BE(0)) { + throw new Error('Reported message length does not match received message length'); } - this.initialize(config); - }, - /** - * @api private - */ - initialize: function initialize(config) { - var svcConfig = AWS.config[this.serviceIdentifier]; - this.config = new AWS.Config(AWS.config); - if (svcConfig) this.config.update(svcConfig, true); - if (config) this.config.update(config, true); + var expectedPreludeChecksum = message.readUInt32BE(PRELUDE_LENGTH); - this.validateService(); - if (!this.config.endpoint) regionConfig.configureEndpoint(this); + if ( + expectedPreludeChecksum !== util.crypto.crc32( + message.slice(0, PRELUDE_LENGTH) + ) + ) { + throw new Error( + 'The prelude checksum specified in the message (' + + expectedPreludeChecksum + + ') does not match the calculated CRC32 checksum.' + ); + } - this.config.endpoint = this.endpointFromTemplate(this.config.endpoint); - this.setEndpoint(this.config.endpoint); - //enable attaching listeners to service client - AWS.SequentialExecutor.call(this); - AWS.Service.addDefaultMonitoringListeners(this); - if ((this.config.clientSideMonitoring || AWS.Service._clientSideMonitoring) && this.publisher) { - var publisher = this.publisher; - this.addNamedListener('PUBLISH_API_CALL', 'apiCall', function PUBLISH_API_CALL(event) { - process.nextTick(function() {publisher.eventHandler(event);}); - }); - this.addNamedListener('PUBLISH_API_ATTEMPT', 'apiCallAttempt', function PUBLISH_API_ATTEMPT(event) { - process.nextTick(function() {publisher.eventHandler(event);}); - }); - } - }, - - /** - * @api private - */ - validateService: function validateService() { - }, - - /** - * @api private - */ - loadServiceClass: function loadServiceClass(serviceConfig) { - var config = serviceConfig; - if (!AWS.util.isEmpty(this.api)) { - return null; - } else if (config.apiConfig) { - return AWS.Service.defineServiceApi(this.constructor, config.apiConfig); - } else if (!this.constructor.services) { - return null; - } else { - config = new AWS.Config(AWS.config); - config.update(serviceConfig, true); - var version = config.apiVersions[this.constructor.serviceIdentifier]; - version = version || config.apiVersion; - return this.getLatestServiceClass(version); - } - }, + var expectedMessageChecksum = message.readUInt32BE(message.length - CHECKSUM_LENGTH); - /** - * @api private - */ - getLatestServiceClass: function getLatestServiceClass(version) { - version = this.getLatestServiceVersion(version); - if (this.constructor.services[version] === null) { - AWS.Service.defineServiceApi(this.constructor, version); + if ( + expectedMessageChecksum !== util.crypto.crc32( + message.slice(0, message.length - CHECKSUM_LENGTH) + ) + ) { + throw new Error( + 'The message checksum did not match the expected value of ' + + expectedMessageChecksum + ); } - return this.constructor.services[version]; - }, + var headersStart = PRELUDE_LENGTH + CHECKSUM_LENGTH; + var headersEnd = headersStart + message.readUInt32BE(PRELUDE_MEMBER_LENGTH); - /** - * @api private - */ - getLatestServiceVersion: function getLatestServiceVersion(version) { - if (!this.constructor.services || this.constructor.services.length === 0) { - throw new Error('No services defined on ' + - this.constructor.serviceIdentifier); - } + return { + headers: message.slice(headersStart, headersEnd), + body: message.slice(headersEnd, message.length - CHECKSUM_LENGTH), + }; +} - if (!version) { - version = 'latest'; - } else if (AWS.util.isType(version, Date)) { - version = AWS.util.date.iso8601(version).split('T')[0]; - } +/** + * @api private + */ +module.exports = { + splitMessage: splitMessage +}; - if (Object.hasOwnProperty(this.constructor.services, version)) { - return version; - } - var keys = Object.keys(this.constructor.services).sort(); - var selectedVersion = null; - for (var i = keys.length - 1; i >= 0; i--) { - // versions that end in "*" are not available on disk and can be - // skipped, so do not choose these as selectedVersions - if (keys[i][keys[i].length - 1] !== '*') { - selectedVersion = keys[i]; - } - if (keys[i].substr(0, 10) <= version) { - return selectedVersion; - } - } +/***/ }), - throw new Error('Could not find ' + this.constructor.serviceIdentifier + - ' API to satisfy version constraint `' + version + '\''); - }, +/***/ 9643: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { - /** - * @api private - */ - api: {}, +/** + * What is necessary to create an event stream in node? + * - http response stream + * - parser + * - event stream model + */ - /** - * @api private - */ - defaultRetryCount: 3, +var EventMessageChunkerStream = (__nccwpck_require__(8518).EventMessageChunkerStream); +var EventUnmarshallerStream = (__nccwpck_require__(3773).EventUnmarshallerStream); - /** - * @api private - */ - customizeRequests: function customizeRequests(callback) { - if (!callback) { - this.customRequestHandler = null; - } else if (typeof callback === 'function') { - this.customRequestHandler = callback; - } else { - throw new Error('Invalid callback type \'' + typeof callback + '\' provided in customizeRequests'); - } - }, +function createEventStream(stream, parser, model) { + var eventStream = new EventUnmarshallerStream({ + parser: parser, + eventStreamModel: model + }); - /** - * Calls an operation on a service with the given input parameters. - * - * @param operation [String] the name of the operation to call on the service. - * @param params [map] a map of input options for the operation - * @callback callback function(err, data) - * If a callback is supplied, it is called when a response is returned - * from the service. - * @param err [Error] the error object returned from the request. - * Set to `null` if the request is successful. - * @param data [Object] the de-serialized data returned from - * the request. Set to `null` if a request error occurs. - */ - makeRequest: function makeRequest(operation, params, callback) { - if (typeof params === 'function') { - callback = params; - params = null; - } + var eventMessageChunker = new EventMessageChunkerStream(); - params = params || {}; - if (this.config.params) { // copy only toplevel bound params - var rules = this.api.operations[operation]; - if (rules) { - params = AWS.util.copy(params); - AWS.util.each(this.config.params, function(key, value) { - if (rules.input.members[key]) { - if (params[key] === undefined || params[key] === null) { - params[key] = value; - } - } - }); - } - } + stream.pipe( + eventMessageChunker + ).pipe(eventStream); - var request = new AWS.Request(this, operation, params); - this.addAllRequestListeners(request); - this.attachMonitoringEmitter(request); - if (callback) request.send(callback); - return request; - }, + stream.on('error', function(err) { + eventMessageChunker.emit('error', err); + }); - /** - * Calls an operation on a service with the given input parameters, without - * any authentication data. This method is useful for "public" API operations. - * - * @param operation [String] the name of the operation to call on the service. - * @param params [map] a map of input options for the operation - * @callback callback function(err, data) - * If a callback is supplied, it is called when a response is returned - * from the service. - * @param err [Error] the error object returned from the request. - * Set to `null` if the request is successful. - * @param data [Object] the de-serialized data returned from - * the request. Set to `null` if a request error occurs. - */ - makeUnauthenticatedRequest: function makeUnauthenticatedRequest(operation, params, callback) { - if (typeof params === 'function') { - callback = params; - params = {}; - } + eventMessageChunker.on('error', function(err) { + eventStream.emit('error', err); + }); - var request = this.makeRequest(operation, params).toUnauthenticated(); - return callback ? request.send(callback) : request; - }, + return eventStream; +} - /** - * Waits for a given state - * - * @param state [String] the state on the service to wait for - * @param params [map] a map of parameters to pass with each request - * @option params $waiter [map] a map of configuration options for the waiter - * @option params $waiter.delay [Number] The number of seconds to wait between - * requests - * @option params $waiter.maxAttempts [Number] The maximum number of requests - * to send while waiting - * @callback callback function(err, data) - * If a callback is supplied, it is called when a response is returned - * from the service. - * @param err [Error] the error object returned from the request. - * Set to `null` if the request is successful. - * @param data [Object] the de-serialized data returned from - * the request. Set to `null` if a request error occurs. - */ - waitFor: function waitFor(state, params, callback) { - var waiter = new AWS.ResourceWaiter(this, state); - return waiter.wait(params, callback); - }, +/** + * @api private + */ +module.exports = { + createEventStream: createEventStream +}; - /** - * @api private - */ - addAllRequestListeners: function addAllRequestListeners(request) { - var list = [AWS.events, AWS.EventListeners.Core, this.serviceInterface(), - AWS.EventListeners.CorePost]; - for (var i = 0; i < list.length; i++) { - if (list[i]) request.addListeners(list[i]); - } - // disable parameter validation - if (!this.config.paramValidation) { - request.removeListener('validate', - AWS.EventListeners.Core.VALIDATE_PARAMETERS); - } +/***/ }), - if (this.config.logger) { // add logging events - request.addListeners(AWS.EventListeners.Logger); - } - - this.setupRequestListeners(request); - // call prototype's customRequestHandler - if (typeof this.constructor.prototype.customRequestHandler === 'function') { - this.constructor.prototype.customRequestHandler(request); - } - // call instance's customRequestHandler - if (Object.prototype.hasOwnProperty.call(this, 'customRequestHandler') && typeof this.customRequestHandler === 'function') { - this.customRequestHandler(request); - } - }, - - /** - * Event recording metrics for a whole API call. - * @returns {object} a subset of api call metrics - * @api private - */ - apiCallEvent: function apiCallEvent(request) { - var api = request.service.api.operations[request.operation]; - var monitoringEvent = { - Type: 'ApiCall', - Api: api ? api.name : request.operation, - Version: 1, - Service: request.service.api.serviceId || request.service.api.endpointPrefix, - Region: request.httpRequest.region, - MaxRetriesExceeded: 0, - UserAgent: request.httpRequest.getUserAgent(), - }; - var response = request.response; - if (response.httpResponse.statusCode) { - monitoringEvent.FinalHttpStatusCode = response.httpResponse.statusCode; - } - if (response.error) { - var error = response.error; - var statusCode = response.httpResponse.statusCode; - if (statusCode > 299) { - if (error.code) monitoringEvent.FinalAwsException = error.code; - if (error.message) monitoringEvent.FinalAwsExceptionMessage = error.message; - } else { - if (error.code || error.name) monitoringEvent.FinalSdkException = error.code || error.name; - if (error.message) monitoringEvent.FinalSdkExceptionMessage = error.message; - } - } - return monitoringEvent; - }, - - /** - * Event recording metrics for an API call attempt. - * @returns {object} a subset of api call attempt metrics - * @api private - */ - apiAttemptEvent: function apiAttemptEvent(request) { - var api = request.service.api.operations[request.operation]; - var monitoringEvent = { - Type: 'ApiCallAttempt', - Api: api ? api.name : request.operation, - Version: 1, - Service: request.service.api.serviceId || request.service.api.endpointPrefix, - Fqdn: request.httpRequest.endpoint.hostname, - UserAgent: request.httpRequest.getUserAgent(), - }; - var response = request.response; - if (response.httpResponse.statusCode) { - monitoringEvent.HttpStatusCode = response.httpResponse.statusCode; - } - if ( - !request._unAuthenticated && - request.service.config.credentials && - request.service.config.credentials.accessKeyId - ) { - monitoringEvent.AccessKey = request.service.config.credentials.accessKeyId; - } - if (!response.httpResponse.headers) return monitoringEvent; - if (request.httpRequest.headers['x-amz-security-token']) { - monitoringEvent.SessionToken = request.httpRequest.headers['x-amz-security-token']; - } - if (response.httpResponse.headers['x-amzn-requestid']) { - monitoringEvent.XAmznRequestId = response.httpResponse.headers['x-amzn-requestid']; - } - if (response.httpResponse.headers['x-amz-request-id']) { - monitoringEvent.XAmzRequestId = response.httpResponse.headers['x-amz-request-id']; - } - if (response.httpResponse.headers['x-amz-id-2']) { - monitoringEvent.XAmzId2 = response.httpResponse.headers['x-amz-id-2']; - } - return monitoringEvent; - }, +/***/ 4995: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { +var AWS = __nccwpck_require__(8437); +var SequentialExecutor = __nccwpck_require__(5948); +var DISCOVER_ENDPOINT = (__nccwpck_require__(5313).discoverEndpoint); +/** + * The namespace used to register global event listeners for request building + * and sending. + */ +AWS.EventListeners = { /** - * Add metrics of failed request. - * @api private + * @!attribute VALIDATE_CREDENTIALS + * A request listener that validates whether the request is being + * sent with credentials. + * Handles the {AWS.Request~validate 'validate' Request event} + * @example Sending a request without validating credentials + * var listener = AWS.EventListeners.Core.VALIDATE_CREDENTIALS; + * request.removeListener('validate', listener); + * @readonly + * @return [Function] + * @!attribute VALIDATE_REGION + * A request listener that validates whether the region is set + * for a request. + * Handles the {AWS.Request~validate 'validate' Request event} + * @example Sending a request without validating region configuration + * var listener = AWS.EventListeners.Core.VALIDATE_REGION; + * request.removeListener('validate', listener); + * @readonly + * @return [Function] + * @!attribute VALIDATE_PARAMETERS + * A request listener that validates input parameters in a request. + * Handles the {AWS.Request~validate 'validate' Request event} + * @example Sending a request without validating parameters + * var listener = AWS.EventListeners.Core.VALIDATE_PARAMETERS; + * request.removeListener('validate', listener); + * @example Disable parameter validation globally + * AWS.EventListeners.Core.removeListener('validate', + * AWS.EventListeners.Core.VALIDATE_REGION); + * @readonly + * @return [Function] + * @!attribute SEND + * A request listener that initiates the HTTP connection for a + * request being sent. Handles the {AWS.Request~send 'send' Request event} + * @example Replacing the HTTP handler + * var listener = AWS.EventListeners.Core.SEND; + * request.removeListener('send', listener); + * request.on('send', function(response) { + * customHandler.send(response); + * }); + * @return [Function] + * @readonly + * @!attribute HTTP_DATA + * A request listener that reads data from the HTTP connection in order + * to build the response data. + * Handles the {AWS.Request~httpData 'httpData' Request event}. + * Remove this handler if you are overriding the 'httpData' event and + * do not want extra data processing and buffering overhead. + * @example Disabling default data processing + * var listener = AWS.EventListeners.Core.HTTP_DATA; + * request.removeListener('httpData', listener); + * @return [Function] + * @readonly */ - attemptFailEvent: function attemptFailEvent(request) { - var monitoringEvent = this.apiAttemptEvent(request); - var response = request.response; - var error = response.error; - if (response.httpResponse.statusCode > 299 ) { - if (error.code) monitoringEvent.AwsException = error.code; - if (error.message) monitoringEvent.AwsExceptionMessage = error.message; - } else { - if (error.code || error.name) monitoringEvent.SdkException = error.code || error.name; - if (error.message) monitoringEvent.SdkExceptionMessage = error.message; - } - return monitoringEvent; - }, + Core: {} /* doc hack */ +}; - /** - * Attach listeners to request object to fetch metrics of each request - * and emit data object through \'ApiCall\' and \'ApiCallAttempt\' events. - * @api private - */ - attachMonitoringEmitter: function attachMonitoringEmitter(request) { - var attemptTimestamp; //timestamp marking the beginning of a request attempt - var attemptStartRealTime; //Start time of request attempt. Used to calculating attemptLatency - var attemptLatency; //latency from request sent out to http response reaching SDK - var callStartRealTime; //Start time of API call. Used to calculating API call latency - var attemptCount = 0; //request.retryCount is not reliable here - var region; //region cache region for each attempt since it can be updated in plase (e.g. s3) - var callTimestamp; //timestamp when the request is created - var self = this; - var addToHead = true; +/** + * @api private + */ +function getOperationAuthtype(req) { + if (!req.service.api.operations) { + return ''; + } + var operation = req.service.api.operations[req.operation]; + return operation ? operation.authtype : ''; +} - request.on('validate', function () { - callStartRealTime = AWS.util.realClock.now(); - callTimestamp = Date.now(); - }, addToHead); - request.on('sign', function () { - attemptStartRealTime = AWS.util.realClock.now(); - attemptTimestamp = Date.now(); - region = request.httpRequest.region; - attemptCount++; - }, addToHead); - request.on('validateResponse', function() { - attemptLatency = Math.round(AWS.util.realClock.now() - attemptStartRealTime); - }); - request.addNamedListener('API_CALL_ATTEMPT', 'success', function API_CALL_ATTEMPT() { - var apiAttemptEvent = self.apiAttemptEvent(request); - apiAttemptEvent.Timestamp = attemptTimestamp; - apiAttemptEvent.AttemptLatency = attemptLatency >= 0 ? attemptLatency : 0; - apiAttemptEvent.Region = region; - self.emit('apiCallAttempt', [apiAttemptEvent]); - }); - request.addNamedListener('API_CALL_ATTEMPT_RETRY', 'retry', function API_CALL_ATTEMPT_RETRY() { - var apiAttemptEvent = self.attemptFailEvent(request); - apiAttemptEvent.Timestamp = attemptTimestamp; - //attemptLatency may not be available if fail before response - attemptLatency = attemptLatency || - Math.round(AWS.util.realClock.now() - attemptStartRealTime); - apiAttemptEvent.AttemptLatency = attemptLatency >= 0 ? attemptLatency : 0; - apiAttemptEvent.Region = region; - self.emit('apiCallAttempt', [apiAttemptEvent]); +AWS.EventListeners = { + Core: new SequentialExecutor().addNamedListeners(function(add, addAsync) { + addAsync('VALIDATE_CREDENTIALS', 'validate', + function VALIDATE_CREDENTIALS(req, done) { + if (!req.service.api.signatureVersion && !req.service.config.signatureVersion) return done(); // none + req.service.config.getCredentials(function(err) { + if (err) { + req.response.error = AWS.util.error(err, + {code: 'CredentialsError', message: 'Missing credentials in config, if using AWS_CONFIG_FILE, set AWS_SDK_LOAD_CONFIG=1'}); + } + done(); + }); }); - request.addNamedListener('API_CALL', 'complete', function API_CALL() { - var apiCallEvent = self.apiCallEvent(request); - apiCallEvent.AttemptCount = attemptCount; - if (apiCallEvent.AttemptCount <= 0) return; - apiCallEvent.Timestamp = callTimestamp; - var latency = Math.round(AWS.util.realClock.now() - callStartRealTime); - apiCallEvent.Latency = latency >= 0 ? latency : 0; - var response = request.response; - if ( - response.error && - response.error.retryable && - typeof response.retryCount === 'number' && - typeof response.maxRetries === 'number' && - (response.retryCount >= response.maxRetries) - ) { - apiCallEvent.MaxRetriesExceeded = 1; + + add('VALIDATE_REGION', 'validate', function VALIDATE_REGION(req) { + if (!req.service.isGlobalEndpoint) { + var dnsHostRegex = new RegExp(/^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]{0,61}[a-zA-Z0-9])$/); + if (!req.service.config.region) { + req.response.error = AWS.util.error(new Error(), + {code: 'ConfigError', message: 'Missing region in config'}); + } else if (!dnsHostRegex.test(req.service.config.region)) { + req.response.error = AWS.util.error(new Error(), + {code: 'ConfigError', message: 'Invalid region in config'}); + } } - self.emit('apiCall', [apiCallEvent]); }); - }, - - /** - * Override this method to setup any custom request listeners for each - * new request to the service. - * - * @method_abstract This is an abstract method. - */ - setupRequestListeners: function setupRequestListeners(request) { - }, - /** - * Gets the signer class for a given request - * @api private - */ - getSignerClass: function getSignerClass(request) { - var version; - // get operation authtype if present - var operation = null; - var authtype = ''; - if (request) { - var operations = request.service.api.operations || {}; - operation = operations[request.operation] || null; - authtype = operation ? operation.authtype : ''; - } - if (this.config.signatureVersion) { - version = this.config.signatureVersion; - } else if (authtype === 'v4' || authtype === 'v4-unsigned-body') { - version = 'v4'; - } else { - version = this.api.signatureVersion; - } - return AWS.Signers.RequestSigner.getVersion(version); - }, + add('BUILD_IDEMPOTENCY_TOKENS', 'validate', function BUILD_IDEMPOTENCY_TOKENS(req) { + if (!req.service.api.operations) { + return; + } + var operation = req.service.api.operations[req.operation]; + if (!operation) { + return; + } + var idempotentMembers = operation.idempotentMembers; + if (!idempotentMembers.length) { + return; + } + // creates a copy of params so user's param object isn't mutated + var params = AWS.util.copy(req.params); + for (var i = 0, iLen = idempotentMembers.length; i < iLen; i++) { + if (!params[idempotentMembers[i]]) { + // add the member + params[idempotentMembers[i]] = AWS.util.uuid.v4(); + } + } + req.params = params; + }); - /** - * @api private - */ - serviceInterface: function serviceInterface() { - switch (this.api.protocol) { - case 'ec2': return AWS.EventListeners.Query; - case 'query': return AWS.EventListeners.Query; - case 'json': return AWS.EventListeners.Json; - case 'rest-json': return AWS.EventListeners.RestJson; - case 'rest-xml': return AWS.EventListeners.RestXml; - } - if (this.api.protocol) { - throw new Error('Invalid service `protocol\' ' + - this.api.protocol + ' in API config'); - } - }, + add('VALIDATE_PARAMETERS', 'validate', function VALIDATE_PARAMETERS(req) { + if (!req.service.api.operations) { + return; + } + var rules = req.service.api.operations[req.operation].input; + var validation = req.service.config.paramValidation; + new AWS.ParamValidator(validation).validate(rules, req.params); + }); - /** - * @api private - */ - successfulResponse: function successfulResponse(resp) { - return resp.httpResponse.statusCode < 300; - }, + add('COMPUTE_CHECKSUM', 'afterBuild', function COMPUTE_CHECKSUM(req) { + if (!req.service.api.operations) { + return; + } + var operation = req.service.api.operations[req.operation]; + if (!operation) { + return; + } + var body = req.httpRequest.body; + var isNonStreamingPayload = body && (AWS.util.Buffer.isBuffer(body) || typeof body === 'string'); + var headers = req.httpRequest.headers; + if ( + operation.httpChecksumRequired && + req.service.config.computeChecksums && + isNonStreamingPayload && + !headers['Content-MD5'] + ) { + var md5 = AWS.util.crypto.md5(body, 'base64'); + headers['Content-MD5'] = md5; + } + }); - /** - * How many times a failed request should be retried before giving up. - * the defaultRetryCount can be overriden by service classes. - * - * @api private - */ - numRetries: function numRetries() { - if (this.config.maxRetries !== undefined) { - return this.config.maxRetries; - } else { - return this.defaultRetryCount; - } - }, + addAsync('COMPUTE_SHA256', 'afterBuild', function COMPUTE_SHA256(req, done) { + req.haltHandlersOnError(); + if (!req.service.api.operations) { + return; + } + var operation = req.service.api.operations[req.operation]; + var authtype = operation ? operation.authtype : ''; + if (!req.service.api.signatureVersion && !authtype && !req.service.config.signatureVersion) return done(); // none + if (req.service.getSignerClass(req) === AWS.Signers.V4) { + var body = req.httpRequest.body || ''; + if (authtype.indexOf('unsigned-body') >= 0) { + req.httpRequest.headers['X-Amz-Content-Sha256'] = 'UNSIGNED-PAYLOAD'; + return done(); + } + AWS.util.computeSha256(body, function(err, sha) { + if (err) { + done(err); + } + else { + req.httpRequest.headers['X-Amz-Content-Sha256'] = sha; + done(); + } + }); + } else { + done(); + } + }); - /** - * @api private - */ - retryDelays: function retryDelays(retryCount, err) { - return AWS.util.calculateRetryDelay(retryCount, this.config.retryDelayOptions, err); - }, + add('SET_CONTENT_LENGTH', 'afterBuild', function SET_CONTENT_LENGTH(req) { + var authtype = getOperationAuthtype(req); + var payloadMember = AWS.util.getRequestPayloadShape(req); + if (req.httpRequest.headers['Content-Length'] === undefined) { + try { + var length = AWS.util.string.byteLength(req.httpRequest.body); + req.httpRequest.headers['Content-Length'] = length; + } catch (err) { + if (payloadMember && payloadMember.isStreaming) { + if (payloadMember.requiresLength) { + //streaming payload requires length(s3, glacier) + throw err; + } else if (authtype.indexOf('unsigned-body') >= 0) { + //unbounded streaming payload(lex, mediastore) + req.httpRequest.headers['Transfer-Encoding'] = 'chunked'; + return; + } else { + throw err; + } + } + throw err; + } + } + }); - /** - * @api private - */ - retryableError: function retryableError(error) { - if (this.timeoutError(error)) return true; - if (this.networkingError(error)) return true; - if (this.expiredCredentialsError(error)) return true; - if (this.throttledError(error)) return true; - if (error.statusCode >= 500) return true; - return false; - }, + add('SET_HTTP_HOST', 'afterBuild', function SET_HTTP_HOST(req) { + req.httpRequest.headers['Host'] = req.httpRequest.endpoint.host; + }); - /** - * @api private - */ - networkingError: function networkingError(error) { - return error.code === 'NetworkingError'; - }, + add('SET_TRACE_ID', 'afterBuild', function SET_TRACE_ID(req) { + var traceIdHeaderName = 'X-Amzn-Trace-Id'; + if (AWS.util.isNode() && !Object.hasOwnProperty.call(req.httpRequest.headers, traceIdHeaderName)) { + var ENV_LAMBDA_FUNCTION_NAME = 'AWS_LAMBDA_FUNCTION_NAME'; + var ENV_TRACE_ID = '_X_AMZN_TRACE_ID'; + var functionName = process.env[ENV_LAMBDA_FUNCTION_NAME]; + var traceId = process.env[ENV_TRACE_ID]; + if ( + typeof functionName === 'string' && + functionName.length > 0 && + typeof traceId === 'string' && + traceId.length > 0 + ) { + req.httpRequest.headers[traceIdHeaderName] = traceId; + } + } + }); - /** - * @api private - */ - timeoutError: function timeoutError(error) { - return error.code === 'TimeoutError'; - }, + add('RESTART', 'restart', function RESTART() { + var err = this.response.error; + if (!err || !err.retryable) return; - /** - * @api private - */ - expiredCredentialsError: function expiredCredentialsError(error) { - // TODO : this only handles *one* of the expired credential codes - return (error.code === 'ExpiredTokenException'); - }, + this.httpRequest = new AWS.HttpRequest( + this.service.endpoint, + this.service.region + ); - /** - * @api private - */ - clockSkewError: function clockSkewError(error) { - switch (error.code) { - case 'RequestTimeTooSkewed': - case 'RequestExpired': - case 'InvalidSignatureException': - case 'SignatureDoesNotMatch': - case 'AuthFailure': - case 'RequestInTheFuture': - return true; - default: return false; - } - }, + if (this.response.retryCount < this.service.config.maxRetries) { + this.response.retryCount++; + } else { + this.response.error = null; + } + }); - /** - * @api private - */ - getSkewCorrectedDate: function getSkewCorrectedDate() { - return new Date(Date.now() + this.config.systemClockOffset); - }, + var addToHead = true; + addAsync('DISCOVER_ENDPOINT', 'sign', DISCOVER_ENDPOINT, addToHead); - /** - * @api private - */ - applyClockOffset: function applyClockOffset(newServerTime) { - if (newServerTime) { - this.config.systemClockOffset = newServerTime - Date.now(); - } - }, + addAsync('SIGN', 'sign', function SIGN(req, done) { + var service = req.service; + var operations = req.service.api.operations || {}; + var operation = operations[req.operation]; + var authtype = operation ? operation.authtype : ''; + if (!service.api.signatureVersion && !authtype && !service.config.signatureVersion) return done(); // none - /** - * @api private - */ - isClockSkewed: function isClockSkewed(newServerTime) { - if (newServerTime) { - return Math.abs(this.getSkewCorrectedDate().getTime() - newServerTime) >= 300000; - } - }, + if (authtype === 'bearer' || service.config.signatureVersion === 'bearer') { + service.config.getToken(function (err, token) { + if (err) { + req.response.error = err; + return done(); + } - /** - * @api private - */ - throttledError: function throttledError(error) { - // this logic varies between services - if (error.statusCode === 429) return true; - switch (error.code) { - case 'ProvisionedThroughputExceededException': - case 'Throttling': - case 'ThrottlingException': - case 'RequestLimitExceeded': - case 'RequestThrottled': - case 'RequestThrottledException': - case 'TooManyRequestsException': - case 'TransactionInProgressException': //dynamodb - case 'EC2ThrottledException': - return true; - default: - return false; - } - }, - - /** - * @api private - */ - endpointFromTemplate: function endpointFromTemplate(endpoint) { - if (typeof endpoint !== 'string') return endpoint; - - var e = endpoint; - e = e.replace(/\{service\}/g, this.api.endpointPrefix); - e = e.replace(/\{region\}/g, this.config.region); - e = e.replace(/\{scheme\}/g, this.config.sslEnabled ? 'https' : 'http'); - return e; - }, + try { + var SignerClass = service.getSignerClass(req); + var signer = new SignerClass(req.httpRequest); + signer.addAuthorization(token); + } catch (e) { + req.response.error = e; + } + done(); + }); + } else { + service.config.getCredentials(function (err, credentials) { + if (err) { + req.response.error = err; + return done(); + } - /** - * @api private - */ - setEndpoint: function setEndpoint(endpoint) { - this.endpoint = new AWS.Endpoint(endpoint, this.config); - }, + try { + var date = service.getSkewCorrectedDate(); + var SignerClass = service.getSignerClass(req); + var signer = new SignerClass(req.httpRequest, + service.getSigningName(req), + { + signatureCache: service.config.signatureCache, + operation: operation, + signatureVersion: service.api.signatureVersion + }); + signer.setServiceClientId(service._clientId); + + // clear old authorization headers + delete req.httpRequest.headers['Authorization']; + delete req.httpRequest.headers['Date']; + delete req.httpRequest.headers['X-Amz-Date']; + + // add new authorization + signer.addAuthorization(credentials, date); + req.signedAt = date; + } catch (e) { + req.response.error = e; + } + done(); + }); - /** - * @api private - */ - paginationConfig: function paginationConfig(operation, throwException) { - var paginator = this.api.operations[operation].paginator; - if (!paginator) { - if (throwException) { - var e = new Error(); - throw AWS.util.error(e, 'No pagination configuration for ' + operation); } - return null; - } - - return paginator; - } -}); - -AWS.util.update(AWS.Service, { + }); - /** - * Adds one method for each operation described in the api configuration - * - * @api private - */ - defineMethods: function defineMethods(svc) { - AWS.util.each(svc.prototype.api.operations, function iterator(method) { - if (svc.prototype[method]) return; - var operation = svc.prototype.api.operations[method]; - if (operation.authtype === 'none') { - svc.prototype[method] = function (params, callback) { - return this.makeUnauthenticatedRequest(method, params, callback); - }; + add('VALIDATE_RESPONSE', 'validateResponse', function VALIDATE_RESPONSE(resp) { + if (this.service.successfulResponse(resp, this)) { + resp.data = {}; + resp.error = null; } else { - svc.prototype[method] = function (params, callback) { - return this.makeRequest(method, params, callback); - }; + resp.data = null; + resp.error = AWS.util.error(new Error(), + {code: 'UnknownError', message: 'An unknown error occurred.'}); } }); - }, - /** - * Defines a new Service class using a service identifier and list of versions - * including an optional set of features (functions) to apply to the class - * prototype. - * - * @param serviceIdentifier [String] the identifier for the service - * @param versions [Array] a list of versions that work with this - * service - * @param features [Object] an object to attach to the prototype - * @return [Class] the service class defined by this function. - */ - defineService: function defineService(serviceIdentifier, versions, features) { - AWS.Service._serviceMap[serviceIdentifier] = true; - if (!Array.isArray(versions)) { - features = versions; - versions = []; - } + add('ERROR', 'error', function ERROR(err, resp) { + var awsQueryCompatible = resp.request.service.api.awsQueryCompatible; + if (awsQueryCompatible) { + var headers = resp.httpResponse.headers; + var queryErrorCode = headers ? headers['x-amzn-query-error'] : undefined; + if (queryErrorCode && queryErrorCode.includes(';')) { + resp.error.code = queryErrorCode.split(';')[0]; + } + } + }, true); - var svc = inherit(AWS.Service, features || {}); + addAsync('SEND', 'send', function SEND(resp, done) { + resp.httpResponse._abortCallback = done; + resp.error = null; + resp.data = null; - if (typeof serviceIdentifier === 'string') { - AWS.Service.addVersions(svc, versions); + function callback(httpResp) { + resp.httpResponse.stream = httpResp; + var stream = resp.request.httpRequest.stream; + var service = resp.request.service; + var api = service.api; + var operationName = resp.request.operation; + var operation = api.operations[operationName] || {}; - var identifier = svc.serviceIdentifier || serviceIdentifier; - svc.serviceIdentifier = identifier; - } else { // defineService called with an API - svc.prototype.api = serviceIdentifier; - AWS.Service.defineMethods(svc); - } - AWS.SequentialExecutor.call(this.prototype); - //util.clientSideMonitoring is only available in node - if (!this.prototype.publisher && AWS.util.clientSideMonitoring) { - var Publisher = AWS.util.clientSideMonitoring.Publisher; - var configProvider = AWS.util.clientSideMonitoring.configProvider; - var publisherConfig = configProvider(); - this.prototype.publisher = new Publisher(publisherConfig); - if (publisherConfig.enabled) { - //if csm is enabled in environment, SDK should send all metrics - AWS.Service._clientSideMonitoring = true; - } - } - AWS.SequentialExecutor.call(svc.prototype); - AWS.Service.addDefaultMonitoringListeners(svc.prototype); - return svc; - }, + httpResp.on('headers', function onHeaders(statusCode, headers, statusMessage) { + resp.request.emit( + 'httpHeaders', + [statusCode, headers, resp, statusMessage] + ); - /** - * @api private - */ - addVersions: function addVersions(svc, versions) { - if (!Array.isArray(versions)) versions = [versions]; + if (!resp.httpResponse.streaming) { + if (AWS.HttpClient.streamsApiVersion === 2) { // streams2 API check + // if we detect event streams, we're going to have to + // return the stream immediately + if (operation.hasEventOutput && service.successfulResponse(resp)) { + // skip reading the IncomingStream + resp.request.emit('httpDone'); + done(); + return; + } - svc.services = svc.services || {}; - for (var i = 0; i < versions.length; i++) { - if (svc.services[versions[i]] === undefined) { - svc.services[versions[i]] = null; + httpResp.on('readable', function onReadable() { + var data = httpResp.read(); + if (data !== null) { + resp.request.emit('httpData', [data, resp]); + } + }); + } else { // legacy streams API + httpResp.on('data', function onData(data) { + resp.request.emit('httpData', [data, resp]); + }); + } + } + }); + + httpResp.on('end', function onEnd() { + if (!stream || !stream.didCallback) { + if (AWS.HttpClient.streamsApiVersion === 2 && (operation.hasEventOutput && service.successfulResponse(resp))) { + // don't concatenate response chunks when streaming event stream data when response is successful + return; + } + resp.request.emit('httpDone'); + done(); + } + }); } - } - svc.apiVersions = Object.keys(svc.services).sort(); - }, + function progress(httpResp) { + httpResp.on('sendProgress', function onSendProgress(value) { + resp.request.emit('httpUploadProgress', [value, resp]); + }); - /** - * @api private - */ - defineServiceApi: function defineServiceApi(superclass, version, apiConfig) { - var svc = inherit(superclass, { - serviceIdentifier: superclass.serviceIdentifier - }); + httpResp.on('receiveProgress', function onReceiveProgress(value) { + resp.request.emit('httpDownloadProgress', [value, resp]); + }); + } - function setApi(api) { - if (api.isApi) { - svc.prototype.api = api; - } else { - svc.prototype.api = new Api(api, { - serviceIdentifier: superclass.serviceIdentifier + function error(err) { + if (err.code !== 'RequestAbortedError') { + var errCode = err.code === 'TimeoutError' ? err.code : 'NetworkingError'; + err = AWS.util.error(err, { + code: errCode, + region: resp.request.httpRequest.region, + hostname: resp.request.httpRequest.endpoint.hostname, + retryable: true + }); + } + resp.error = err; + resp.request.emit('httpError', [resp.error, resp], function() { + done(); }); } - } - if (typeof version === 'string') { - if (apiConfig) { - setApi(apiConfig); - } else { + function executeSend() { + var http = AWS.HttpClient.getInstance(); + var httpOptions = resp.request.service.config.httpOptions || {}; try { - setApi(AWS.apiLoader(superclass.serviceIdentifier, version)); + var stream = http.handleRequest(resp.request.httpRequest, httpOptions, + callback, error); + progress(stream); } catch (err) { - throw AWS.util.error(err, { - message: 'Could not find API configuration ' + - superclass.serviceIdentifier + '-' + version - }); + error(err); } } - if (!Object.prototype.hasOwnProperty.call(superclass.services, version)) { - superclass.apiVersions = superclass.apiVersions.concat(version).sort(); + var timeDiff = (resp.request.service.getSkewCorrectedDate() - this.signedAt) / 1000; + if (timeDiff >= 60 * 10) { // if we signed 10min ago, re-sign + this.emit('sign', [this], function(err) { + if (err) done(err); + else executeSend(); + }); + } else { + executeSend(); } - superclass.services[version] = svc; - } else { - setApi(version); - } + }); - AWS.Service.defineMethods(svc); - return svc; - }, + add('HTTP_HEADERS', 'httpHeaders', + function HTTP_HEADERS(statusCode, headers, resp, statusMessage) { + resp.httpResponse.statusCode = statusCode; + resp.httpResponse.statusMessage = statusMessage; + resp.httpResponse.headers = headers; + resp.httpResponse.body = AWS.util.buffer.toBuffer(''); + resp.httpResponse.buffers = []; + resp.httpResponse.numBytes = 0; + var dateHeader = headers.date || headers.Date; + var service = resp.request.service; + if (dateHeader) { + var serverTime = Date.parse(dateHeader); + if (service.config.correctClockSkew + && service.isClockSkewed(serverTime)) { + service.applyClockOffset(serverTime); + } + } + }); - /** - * @api private - */ - hasService: function(identifier) { - return Object.prototype.hasOwnProperty.call(AWS.Service._serviceMap, identifier); - }, + add('HTTP_DATA', 'httpData', function HTTP_DATA(chunk, resp) { + if (chunk) { + if (AWS.util.isNode()) { + resp.httpResponse.numBytes += chunk.length; - /** - * @param attachOn attach default monitoring listeners to object - * - * Each monitoring event should be emitted from service client to service constructor prototype and then - * to global service prototype like bubbling up. These default monitoring events listener will transfer - * the monitoring events to the upper layer. - * @api private - */ - addDefaultMonitoringListeners: function addDefaultMonitoringListeners(attachOn) { - attachOn.addNamedListener('MONITOR_EVENTS_BUBBLE', 'apiCallAttempt', function EVENTS_BUBBLE(event) { - var baseClass = Object.getPrototypeOf(attachOn); - if (baseClass._events) baseClass.emit('apiCallAttempt', [event]); - }); - attachOn.addNamedListener('CALL_EVENTS_BUBBLE', 'apiCall', function CALL_EVENTS_BUBBLE(event) { - var baseClass = Object.getPrototypeOf(attachOn); - if (baseClass._events) baseClass.emit('apiCall', [event]); + var total = resp.httpResponse.headers['content-length']; + var progress = { loaded: resp.httpResponse.numBytes, total: total }; + resp.request.emit('httpDownloadProgress', [progress, resp]); + } + + resp.httpResponse.buffers.push(AWS.util.buffer.toBuffer(chunk)); + } }); - }, - /** - * @api private - */ - _serviceMap: {} -}); + add('HTTP_DONE', 'httpDone', function HTTP_DONE(resp) { + // convert buffers array into single buffer + if (resp.httpResponse.buffers && resp.httpResponse.buffers.length > 0) { + var body = AWS.util.buffer.concat(resp.httpResponse.buffers); + resp.httpResponse.body = body; + } + delete resp.httpResponse.numBytes; + delete resp.httpResponse.buffers; + }); -AWS.util.mixin(AWS.Service, AWS.SequentialExecutor); + add('FINALIZE_ERROR', 'retry', function FINALIZE_ERROR(resp) { + if (resp.httpResponse.statusCode) { + resp.error.statusCode = resp.httpResponse.statusCode; + if (resp.error.retryable === undefined) { + resp.error.retryable = this.service.retryableError(resp.error, this); + } + } + }); -/** - * @api private - */ -module.exports = AWS.Service; + add('INVALIDATE_CREDENTIALS', 'retry', function INVALIDATE_CREDENTIALS(resp) { + if (!resp.error) return; + switch (resp.error.code) { + case 'RequestExpired': // EC2 only + case 'ExpiredTokenException': + case 'ExpiredToken': + resp.error.retryable = true; + resp.request.service.config.credentials.expired = true; + } + }); + add('EXPIRED_SIGNATURE', 'retry', function EXPIRED_SIGNATURE(resp) { + var err = resp.error; + if (!err) return; + if (typeof err.code === 'string' && typeof err.message === 'string') { + if (err.code.match(/Signature/) && err.message.match(/expired/)) { + resp.error.retryable = true; + } + } + }); -/***/ }), + add('CLOCK_SKEWED', 'retry', function CLOCK_SKEWED(resp) { + if (!resp.error) return; + if (this.service.clockSkewError(resp.error) + && this.service.config.correctClockSkew) { + resp.error.retryable = true; + } + }); -/***/ 514: -/***/ (function(__unusedmodule, exports) { + add('REDIRECT', 'retry', function REDIRECT(resp) { + if (resp.error && resp.error.statusCode >= 300 && + resp.error.statusCode < 400 && resp.httpResponse.headers['location']) { + this.httpRequest.endpoint = + new AWS.Endpoint(resp.httpResponse.headers['location']); + this.httpRequest.headers['Host'] = this.httpRequest.endpoint.host; + resp.error.redirect = true; + resp.error.retryable = true; + } + }); -// Generated by CoffeeScript 1.12.7 -(function() { - exports.defaults = { - "0.1": { - explicitCharkey: false, - trim: true, - normalize: true, - normalizeTags: false, - attrkey: "@", - charkey: "#", - explicitArray: false, - ignoreAttrs: false, - mergeAttrs: false, - explicitRoot: false, - validator: null, - xmlns: false, - explicitChildren: false, - childkey: '@@', - charsAsChildren: false, - includeWhiteChars: false, - async: false, - strict: true, - attrNameProcessors: null, - attrValueProcessors: null, - tagNameProcessors: null, - valueProcessors: null, - emptyTag: '' - }, - "0.2": { - explicitCharkey: false, - trim: false, - normalize: false, - normalizeTags: false, - attrkey: "$", - charkey: "_", - explicitArray: true, - ignoreAttrs: false, - mergeAttrs: false, - explicitRoot: true, - validator: null, - xmlns: false, - explicitChildren: false, - preserveChildrenOrder: false, - childkey: '$$', - charsAsChildren: false, - includeWhiteChars: false, - async: false, - strict: true, - attrNameProcessors: null, - attrValueProcessors: null, - tagNameProcessors: null, - valueProcessors: null, - rootName: 'root', - xmldec: { - 'version': '1.0', - 'encoding': 'UTF-8', - 'standalone': true - }, - doctype: null, - renderOpts: { - 'pretty': true, - 'indent': ' ', - 'newline': '\n' - }, - headless: false, - chunkSize: 10000, - emptyTag: '', - cdata: false - } - }; + add('RETRY_CHECK', 'retry', function RETRY_CHECK(resp) { + if (resp.error) { + if (resp.error.redirect && resp.redirectCount < resp.maxRedirects) { + resp.error.retryDelay = 0; + } else if (resp.retryCount < resp.maxRetries) { + resp.error.retryDelay = this.service.retryDelays(resp.retryCount, resp.error) || 0; + } + } + }); -}).call(this); + addAsync('RESET_RETRY_STATE', 'afterRetry', function RESET_RETRY_STATE(resp, done) { + var delay, willRetry = false; + if (resp.error) { + delay = resp.error.retryDelay || 0; + if (resp.error.retryable && resp.retryCount < resp.maxRetries) { + resp.retryCount++; + willRetry = true; + } else if (resp.error.redirect && resp.redirectCount < resp.maxRedirects) { + resp.redirectCount++; + willRetry = true; + } + } -/***/ }), + // delay < 0 is a signal from customBackoff to skip retries + if (willRetry && delay >= 0) { + resp.error = null; + setTimeout(done, delay); + } else { + done(); + } + }); + }), -/***/ 526: -/***/ (function(__unusedmodule, exports, __webpack_require__) { + CorePost: new SequentialExecutor().addNamedListeners(function(add) { + add('EXTRACT_REQUEST_ID', 'extractData', AWS.util.extractRequestId); + add('EXTRACT_REQUEST_ID', 'extractError', AWS.util.extractRequestId); -"use strict"; + add('ENOTFOUND_ERROR', 'httpError', function ENOTFOUND_ERROR(err) { + function isDNSError(err) { + return err.errno === 'ENOTFOUND' || + typeof err.errno === 'number' && + typeof AWS.util.getSystemErrorName === 'function' && + ['EAI_NONAME', 'EAI_NODATA'].indexOf(AWS.util.getSystemErrorName(err.errno) >= 0); + } + if (err.code === 'NetworkingError' && isDNSError(err)) { + var message = 'Inaccessible host: `' + err.hostname + '\' at port `' + err.port + + '\'. This service may not be available in the `' + err.region + + '\' region.'; + this.response.error = AWS.util.error(new Error(message), { + code: 'UnknownEndpoint', + region: err.region, + hostname: err.hostname, + retryable: true, + originalError: err + }); + } + }); + }), -var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); -}) : (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - o[k2] = m[k]; -})); -var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { - Object.defineProperty(o, "default", { enumerable: true, value: v }); -}) : function(o, v) { - o["default"] = v; -}); -var __importStar = (this && this.__importStar) || function (mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); - __setModuleDefault(result, mod); - return result; -}; -var __importDefault = (this && this.__importDefault) || function (mod) { - return (mod && mod.__esModule) ? mod : { "default": mod }; -}; -Object.defineProperty(exports, "__esModule", { value: true }); -const core = __importStar(__webpack_require__(470)); -const fs = __importStar(__webpack_require__(747)); -const codedeploy_1 = __importDefault(__webpack_require__(317)); -const iam_1 = __importDefault(__webpack_require__(845)); -const sts_1 = __importDefault(__webpack_require__(733)); -async function run() { - try { - const appName = core.getInput('application-name'); - const groupName = core.getInput('deployment-group-name'); - const appspecFile = core.getInput('appspec-file'); - core.debug(`Hello world! ${appName}, ${groupName}, ${appspecFile}`); - const appspecJson = fs.readFileSync(appspecFile, 'utf8'); - core.debug('*** appspecJson ***'); - core.debug(appspecJson); - core.debug('*** end appspecJson ***'); - const codeDeploy = new codedeploy_1.default(); - const deployment = await codeDeploy - .createDeployment({ - applicationName: appName, - deploymentGroupName: groupName, - revision: { - revisionType: 'AppSpecContent', - appSpecContent: { - content: appspecJson - } - } - }) - .promise(); - core.debug(`deployment: ${JSON.stringify(deployment)}`); - if (deployment.deploymentId == null) { - core.setFailed('deploymentId should not be null'); - return; + Logger: new SequentialExecutor().addNamedListeners(function(add) { + add('LOG_REQUEST', 'complete', function LOG_REQUEST(resp) { + var req = resp.request; + var logger = req.service.config.logger; + if (!logger) return; + function filterSensitiveLog(inputShape, shape) { + if (!shape) { + return shape; } - const { awsAccountAlias, awsAccountId } = await getAccountInformation(); - const region = codeDeploy.config.region; - const linkToLogIn = 'https://aws.byu.edu/'; - const linkToDeployment = `https://${region}.console.aws.amazon.com/codesuite/codedeploy/deployments/${deployment.deploymentId}?region=${region}`; - core.info(`Started deployment. - -Deployment ID: ${deployment.deploymentId} -AWS Account: ${awsAccountAlias} (${awsAccountId}) -Region: ${region} + if (inputShape.isSensitive) { + return '***SensitiveInformation***'; + } + switch (inputShape.type) { + case 'structure': + var struct = {}; + AWS.util.each(shape, function(subShapeName, subShape) { + if (Object.prototype.hasOwnProperty.call(inputShape.members, subShapeName)) { + struct[subShapeName] = filterSensitiveLog(inputShape.members[subShapeName], subShape); + } else { + struct[subShapeName] = subShape; + } + }); + return struct; + case 'list': + var list = []; + AWS.util.arrayEach(shape, function(subShape, index) { + list.push(filterSensitiveLog(inputShape.member, subShape)); + }); + return list; + case 'map': + var map = {}; + AWS.util.each(shape, function(key, value) { + map[key] = filterSensitiveLog(inputShape.value, value); + }); + return map; + default: + return shape; + } + } -To view the progress of this deployment: - • Log into the ${awsAccountAlias} AWS account at ${linkToLogIn} - • Go to ${linkToDeployment}`); - await codeDeploy - .waitFor('deploymentSuccessful', { - deploymentId: deployment.deploymentId - }) - .promise(); - process.exit(0); - } - catch (error) { - core.error(error); - core.setFailed(error.message); - } -} -run(); -async function getAccountInformation() { - const iam = new iam_1.default(); - const sts = new sts_1.default(); - const [{ AccountAliases: [awsAccountAlias = '?'] }, { Account: awsAccountId = '?' }] = await Promise.all([ - iam - .listAccountAliases() - .promise() - .catch(() => { - return { AccountAliases: ['?'] }; - }), - sts - .getCallerIdentity() - .promise() - .catch(() => ({ Account: '?' })) - ]); - return { awsAccountAlias, awsAccountId }; -} + function buildMessage() { + var time = resp.request.service.getSkewCorrectedDate().getTime(); + var delta = (time - req.startTime.getTime()) / 1000; + var ansi = logger.isTTY ? true : false; + var status = resp.httpResponse.statusCode; + var censoredParams = req.params; + if ( + req.service.api.operations && + req.service.api.operations[req.operation] && + req.service.api.operations[req.operation].input + ) { + var inputShape = req.service.api.operations[req.operation].input; + censoredParams = filterSensitiveLog(inputShape, req.params); + } + var params = (__nccwpck_require__(3837).inspect)(censoredParams, true, null); + var message = ''; + if (ansi) message += '\x1B[33m'; + message += '[AWS ' + req.service.serviceIdentifier + ' ' + status; + message += ' ' + delta.toString() + 's ' + resp.retryCount + ' retries]'; + if (ansi) message += '\x1B[0;1m'; + message += ' ' + AWS.util.string.lowerFirst(req.operation); + message += '(' + params + ')'; + if (ansi) message += '\x1B[0m'; + return message; + } + + var line = buildMessage(); + if (typeof logger.log === 'function') { + logger.log(line); + } else if (typeof logger.write === 'function') { + logger.write(line + '\n'); + } + }); + }), + + Json: new SequentialExecutor().addNamedListeners(function(add) { + var svc = __nccwpck_require__(83); + add('BUILD', 'build', svc.buildRequest); + add('EXTRACT_DATA', 'extractData', svc.extractData); + add('EXTRACT_ERROR', 'extractError', svc.extractError); + }), + + Rest: new SequentialExecutor().addNamedListeners(function(add) { + var svc = __nccwpck_require__(8200); + add('BUILD', 'build', svc.buildRequest); + add('EXTRACT_DATA', 'extractData', svc.extractData); + add('EXTRACT_ERROR', 'extractError', svc.extractError); + }), + + RestJson: new SequentialExecutor().addNamedListeners(function(add) { + var svc = __nccwpck_require__(5883); + add('BUILD', 'build', svc.buildRequest); + add('EXTRACT_DATA', 'extractData', svc.extractData); + add('EXTRACT_ERROR', 'extractError', svc.extractError); + add('UNSET_CONTENT_LENGTH', 'afterBuild', svc.unsetContentLength); + }), + + RestXml: new SequentialExecutor().addNamedListeners(function(add) { + var svc = __nccwpck_require__(5143); + add('BUILD', 'build', svc.buildRequest); + add('EXTRACT_DATA', 'extractData', svc.extractData); + add('EXTRACT_ERROR', 'extractError', svc.extractError); + }), + + Query: new SequentialExecutor().addNamedListeners(function(add) { + var svc = __nccwpck_require__(761); + add('BUILD', 'build', svc.buildRequest); + add('EXTRACT_DATA', 'extractData', svc.extractData); + add('EXTRACT_ERROR', 'extractError', svc.extractError); + }) +}; /***/ }), -/***/ 543: -/***/ (function(__unusedmodule, __unusedexports, __webpack_require__) { +/***/ 1556: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { -var AWS = __webpack_require__(395); -var STS = __webpack_require__(733); +var AWS = __nccwpck_require__(8437); +var inherit = AWS.util.inherit; /** - * Represents temporary credentials retrieved from {AWS.STS}. Without any - * extra parameters, credentials will be fetched from the - * {AWS.STS.getSessionToken} operation. If an IAM role is provided, the - * {AWS.STS.assumeRole} operation will be used to fetch credentials for the - * role instead. - * - * AWS.ChainableTemporaryCredentials differs from AWS.TemporaryCredentials in - * the way masterCredentials and refreshes are handled. - * AWS.ChainableTemporaryCredentials refreshes expired credentials using the - * masterCredentials passed by the user to support chaining of STS credentials. - * However, AWS.TemporaryCredentials recursively collapses the masterCredentials - * during instantiation, precluding the ability to refresh credentials which - * require intermediate, temporary credentials. - * - * For example, if the application should use RoleA, which must be assumed from - * RoleB, and the environment provides credentials which can assume RoleB, then - * AWS.ChainableTemporaryCredentials must be used to support refreshing the - * temporary credentials for RoleA: - * - * ```javascript - * var roleACreds = new AWS.ChainableTemporaryCredentials({ - * params: {RoleArn: 'RoleA'}, - * masterCredentials: new AWS.ChainableTemporaryCredentials({ - * params: {RoleArn: 'RoleB'}, - * masterCredentials: new AWS.EnvironmentCredentials('AWS') - * }) - * }); - * ``` - * - * If AWS.TemporaryCredentials had been used in the previous example, - * `roleACreds` would fail to refresh because `roleACreds` would - * use the environment credentials for the AssumeRole request. - * - * Another difference is that AWS.ChainableTemporaryCredentials creates the STS - * service instance during instantiation while AWS.TemporaryCredentials creates - * the STS service instance during the first refresh. Creating the service - * instance during instantiation effectively captures the master credentials - * from the global config, so that subsequent changes to the global config do - * not affect the master credentials used to refresh the temporary credentials. - * - * This allows an instance of AWS.ChainableTemporaryCredentials to be assigned - * to AWS.config.credentials: + * The endpoint that a service will talk to, for example, + * `'https://ec2.ap-southeast-1.amazonaws.com'`. If + * you need to override an endpoint for a service, you can + * set the endpoint on a service by passing the endpoint + * object with the `endpoint` option key: * * ```javascript - * var envCreds = new AWS.EnvironmentCredentials('AWS'); - * AWS.config.credentials = envCreds; - * // masterCredentials will be envCreds - * AWS.config.credentials = new AWS.ChainableTemporaryCredentials({ - * params: {RoleArn: '...'} - * }); + * var ep = new AWS.Endpoint('awsproxy.example.com'); + * var s3 = new AWS.S3({endpoint: ep}); + * s3.service.endpoint.hostname == 'awsproxy.example.com' * ``` * - * Similarly, to use the CredentialProviderChain's default providers as the - * master credentials, simply create a new instance of - * AWS.ChainableTemporaryCredentials: - * - * ```javascript - * AWS.config.credentials = new ChainableTemporaryCredentials({ - * params: {RoleArn: '...'} - * }); - * ``` + * Note that if you do not specify a protocol, the protocol will + * be selected based on your current {AWS.config} configuration. * - * @!attribute service - * @return [AWS.STS] the STS service instance used to - * get and refresh temporary credentials from AWS STS. - * @note (see constructor) + * @!attribute protocol + * @return [String] the protocol (http or https) of the endpoint + * URL + * @!attribute hostname + * @return [String] the host portion of the endpoint, e.g., + * example.com + * @!attribute host + * @return [String] the host portion of the endpoint including + * the port, e.g., example.com:80 + * @!attribute port + * @return [Integer] the port of the endpoint + * @!attribute href + * @return [String] the full URL of the endpoint */ -AWS.ChainableTemporaryCredentials = AWS.util.inherit(AWS.Credentials, { +AWS.Endpoint = inherit({ + /** - * Creates a new temporary credentials object. - * - * @param options [map] a set of options - * @option options params [map] ({}) a map of options that are passed to the - * {AWS.STS.assumeRole} or {AWS.STS.getSessionToken} operations. - * If a `RoleArn` parameter is passed in, credentials will be based on the - * IAM role. If a `SerialNumber` parameter is passed in, {tokenCodeFn} must - * also be passed in or an error will be thrown. - * @option options masterCredentials [AWS.Credentials] the master credentials - * used to get and refresh temporary credentials from AWS STS. By default, - * AWS.config.credentials or AWS.config.credentialProvider will be used. - * @option options tokenCodeFn [Function] (null) Function to provide - * `TokenCode`, if `SerialNumber` is provided for profile in {params}. Function - * is called with value of `SerialNumber` and `callback`, and should provide - * the `TokenCode` or an error to the callback in the format - * `callback(err, token)`. - * @example Creating a new credentials object for generic temporary credentials - * AWS.config.credentials = new AWS.ChainableTemporaryCredentials(); - * @example Creating a new credentials object for an IAM role - * AWS.config.credentials = new AWS.ChainableTemporaryCredentials({ - * params: { - * RoleArn: 'arn:aws:iam::1234567890:role/TemporaryCredentials' - * } - * }); - * @see AWS.STS.assumeRole - * @see AWS.STS.getSessionToken + * @overload Endpoint(endpoint) + * Constructs a new endpoint given an endpoint URL. If the + * URL omits a protocol (http or https), the default protocol + * set in the global {AWS.config} will be used. + * @param endpoint [String] the URL to construct an endpoint from */ - constructor: function ChainableTemporaryCredentials(options) { - AWS.Credentials.call(this); - options = options || {}; - this.errorCode = 'ChainableTemporaryCredentialsProviderFailure'; - this.expired = true; - this.tokenCodeFn = null; + constructor: function Endpoint(endpoint, config) { + AWS.util.hideProperties(this, ['slashes', 'auth', 'hash', 'search', 'query']); - var params = AWS.util.copy(options.params) || {}; - if (params.RoleArn) { - params.RoleSessionName = params.RoleSessionName || 'temporary-credentials'; + if (typeof endpoint === 'undefined' || endpoint === null) { + throw new Error('Invalid endpoint: ' + endpoint); + } else if (typeof endpoint !== 'string') { + return AWS.util.copy(endpoint); } - if (params.SerialNumber) { - if (!options.tokenCodeFn || (typeof options.tokenCodeFn !== 'function')) { - throw new AWS.util.error( - new Error('tokenCodeFn must be a function when params.SerialNumber is given'), - {code: this.errorCode} - ); - } else { - this.tokenCodeFn = options.tokenCodeFn; - } + + if (!endpoint.match(/^http/)) { + var useSSL = config && config.sslEnabled !== undefined ? + config.sslEnabled : AWS.config.sslEnabled; + endpoint = (useSSL ? 'https' : 'http') + '://' + endpoint; } - var config = AWS.util.merge( - { - params: params, - credentials: options.masterCredentials || AWS.config.credentials - }, - options.stsConfig || {} - ); - this.service = new STS(config); - }, + + AWS.util.update(this, AWS.util.urlParse(endpoint)); + + // Ensure the port property is set as an integer + if (this.port) { + this.port = parseInt(this.port, 10); + } else { + this.port = this.protocol === 'https:' ? 443 : 80; + } + } + +}); + +/** + * The low level HTTP request object, encapsulating all HTTP header + * and body data sent by a service request. + * + * @!attribute method + * @return [String] the HTTP method of the request + * @!attribute path + * @return [String] the path portion of the URI, e.g., + * "/list/?start=5&num=10" + * @!attribute headers + * @return [map] + * a map of header keys and their respective values + * @!attribute body + * @return [String] the request body payload + * @!attribute endpoint + * @return [AWS.Endpoint] the endpoint for the request + * @!attribute region + * @api private + * @return [String] the region, for signing purposes only. + */ +AWS.HttpRequest = inherit({ /** - * Refreshes credentials using {AWS.STS.assumeRole} or - * {AWS.STS.getSessionToken}, depending on whether an IAM role ARN was passed - * to the credentials {constructor}. - * - * @callback callback function(err) - * Called when the STS service responds (or fails). When - * this callback is called with no error, it means that the credentials - * information has been loaded into the object (as the `accessKeyId`, - * `secretAccessKey`, and `sessionToken` properties). - * @param err [Error] if an error occurred, this value will be filled - * @see AWS.Credentials.get + * @api private */ - refresh: function refresh(callback) { - this.coalesceRefresh(callback || AWS.util.fn.callback); + constructor: function HttpRequest(endpoint, region) { + endpoint = new AWS.Endpoint(endpoint); + this.method = 'POST'; + this.path = endpoint.path || '/'; + this.headers = {}; + this.body = ''; + this.endpoint = endpoint; + this.region = region; + this._userAgent = ''; + this.setUserAgent(); }, /** * @api private - * @param callback */ - load: function load(callback) { - var self = this; - var operation = self.service.config.params.RoleArn ? 'assumeRole' : 'getSessionToken'; - this.getTokenCode(function (err, tokenCode) { - var params = {}; - if (err) { - callback(err); - return; - } - if (tokenCode) { - params.TokenCode = tokenCode; - } - self.service[operation](params, function (err, data) { - if (!err) { - self.service.credentialsFrom(data, self); - } - callback(err); - }); - }); + setUserAgent: function setUserAgent() { + this._userAgent = this.headers[this.getUserAgentHeaderName()] = AWS.util.userAgent(); + }, + + getUserAgentHeaderName: function getUserAgentHeaderName() { + var prefix = AWS.util.isBrowser() ? 'X-Amz-' : ''; + return prefix + 'User-Agent'; }, /** * @api private */ - getTokenCode: function getTokenCode(callback) { - var self = this; - if (this.tokenCodeFn) { - this.tokenCodeFn(this.service.config.params.SerialNumber, function (err, token) { - if (err) { - var message = err; - if (err instanceof Error) { - message = err.message; - } - callback( - AWS.util.error( - new Error('Error fetching MFA token: ' + message), - { code: self.errorCode} - ) - ); - return; - } - callback(null, token); - }); - } else { - callback(null); + appendToUserAgent: function appendToUserAgent(agentPartial) { + if (typeof agentPartial === 'string' && agentPartial) { + this._userAgent += ' ' + agentPartial; } - } -}); - + this.headers[this.getUserAgentHeaderName()] = this._userAgent; + }, -/***/ }), + /** + * @api private + */ + getUserAgent: function getUserAgent() { + return this._userAgent; + }, -/***/ 546: -/***/ (function(module, __unusedexports, __webpack_require__) { + /** + * @return [String] the part of the {path} excluding the + * query string + */ + pathname: function pathname() { + return this.path.split('?', 1)[0]; + }, -var util = __webpack_require__(153); -var regionConfig = __webpack_require__(572); + /** + * @return [String] the query string portion of the {path} + */ + search: function search() { + var query = this.path.split('?', 2)[1]; + if (query) { + query = AWS.util.queryStringParse(query); + return AWS.util.queryParamsToString(query); + } + return ''; + }, -function generateRegionPrefix(region) { - if (!region) return null; + /** + * @api private + * update httpRequest endpoint with endpoint string + */ + updateEndpoint: function updateEndpoint(endpointStr) { + var newEndpoint = new AWS.Endpoint(endpointStr); + this.endpoint = newEndpoint; + this.path = newEndpoint.path || '/'; + if (this.headers['Host']) { + this.headers['Host'] = newEndpoint.host; + } + } +}); - var parts = region.split('-'); - if (parts.length < 3) return null; - return parts.slice(0, parts.length - 2).join('-') + '-*'; -} +/** + * The low level HTTP response object, encapsulating all HTTP header + * and body data returned from the request. + * + * @!attribute statusCode + * @return [Integer] the HTTP status code of the response (e.g., 200, 404) + * @!attribute headers + * @return [map] + * a map of response header keys and their respective values + * @!attribute body + * @return [String] the response body payload + * @!attribute [r] streaming + * @return [Boolean] whether this response is being streamed at a low-level. + * Defaults to `false` (buffered reads). Do not modify this manually, use + * {createUnbufferedStream} to convert the stream to unbuffered mode + * instead. + */ +AWS.HttpResponse = inherit({ -function derivedKeys(service) { - var region = service.config.region; - var regionPrefix = generateRegionPrefix(region); - var endpointPrefix = service.api.endpointPrefix; + /** + * @api private + */ + constructor: function HttpResponse() { + this.statusCode = undefined; + this.headers = {}; + this.body = undefined; + this.streaming = false; + this.stream = null; + }, - return [ - [region, endpointPrefix], - [regionPrefix, endpointPrefix], - [region, '*'], - [regionPrefix, '*'], - ['*', endpointPrefix], - ['*', '*'] - ].map(function(item) { - return item[0] && item[1] ? item.join('/') : null; - }); -} - -function applyConfig(service, config) { - util.each(config, function(key, value) { - if (key === 'globalEndpoint') return; - if (service.config[key] === undefined || service.config[key] === null) { - service.config[key] = value; - } - }); -} - -function configureEndpoint(service) { - var keys = derivedKeys(service); - for (var i = 0; i < keys.length; i++) { - var key = keys[i]; - if (!key) continue; - - if (Object.prototype.hasOwnProperty.call(regionConfig.rules, key)) { - var config = regionConfig.rules[key]; - if (typeof config === 'string') { - config = regionConfig.patterns[config]; - } - - // set dualstack endpoint - if (service.config.useDualstack && util.isDualstackAvailable(service)) { - config = util.copy(config); - config.endpoint = config.endpoint.replace( - /{service}\.({region}\.)?/, - '{service}.dualstack.{region}.' - ); - } - - // set global endpoint - service.isGlobalEndpoint = !!config.globalEndpoint; - if (config.signingRegion) { - service.signingRegion = config.signingRegion; - } - - // signature version - if (!config.signatureVersion) config.signatureVersion = 'v4'; - - // merge config - applyConfig(service, config); - return; - } + /** + * Disables buffering on the HTTP response and returns the stream for reading. + * @return [Stream, XMLHttpRequest, null] the underlying stream object. + * Use this object to directly read data off of the stream. + * @note This object is only available after the {AWS.Request~httpHeaders} + * event has fired. This method must be called prior to + * {AWS.Request~httpData}. + * @example Taking control of a stream + * request.on('httpHeaders', function(statusCode, headers) { + * if (statusCode < 300) { + * if (headers.etag === 'xyz') { + * // pipe the stream, disabling buffering + * var stream = this.response.httpResponse.createUnbufferedStream(); + * stream.pipe(process.stdout); + * } else { // abort this request and set a better error message + * this.abort(); + * this.response.error = new Error('Invalid ETag'); + * } + * } + * }).send(console.log); + */ + createUnbufferedStream: function createUnbufferedStream() { + this.streaming = true; + return this.stream; } -} +}); -function getEndpointSuffix(region) { - var regionRegexes = { - '^(us|eu|ap|sa|ca|me)\\-\\w+\\-\\d+$': 'amazonaws.com', - '^cn\\-\\w+\\-\\d+$': 'amazonaws.com.cn', - '^us\\-gov\\-\\w+\\-\\d+$': 'amazonaws.com', - '^us\\-iso\\-\\w+\\-\\d+$': 'c2s.ic.gov', - '^us\\-isob\\-\\w+\\-\\d+$': 'sc2s.sgov.gov' - }; - var defaultSuffix = 'amazonaws.com'; - var regexes = Object.keys(regionRegexes); - for (var i = 0; i < regexes.length; i++) { - var regionPattern = RegExp(regexes[i]); - var dnsSuffix = regionRegexes[regexes[i]]; - if (regionPattern.test(region)) return dnsSuffix; - } - return defaultSuffix; -} + +AWS.HttpClient = inherit({}); /** * @api private */ -module.exports = { - configureEndpoint: configureEndpoint, - getEndpointSuffix: getEndpointSuffix +AWS.HttpClient.getInstance = function getInstance() { + if (this.singleton === undefined) { + this.singleton = new this(); + } + return this.singleton; }; /***/ }), -/***/ 559: -/***/ (function(module, __unusedexports, __webpack_require__) { - -// Generated by CoffeeScript 1.12.7 -(function() { - var XMLDocument, XMLNode, XMLStringWriter, XMLStringifier, isPlainObject, - extend = function(child, parent) { for (var key in parent) { if (hasProp.call(parent, key)) child[key] = parent[key]; } function ctor() { this.constructor = child; } ctor.prototype = parent.prototype; child.prototype = new ctor(); child.__super__ = parent.prototype; return child; }, - hasProp = {}.hasOwnProperty; - - isPlainObject = __webpack_require__(582).isPlainObject; - - XMLNode = __webpack_require__(855); - - XMLStringifier = __webpack_require__(602); +/***/ 2310: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { - XMLStringWriter = __webpack_require__(750); - - module.exports = XMLDocument = (function(superClass) { - extend(XMLDocument, superClass); +var AWS = __nccwpck_require__(8437); +var Stream = AWS.util.stream.Stream; +var TransformStream = AWS.util.stream.Transform; +var ReadableStream = AWS.util.stream.Readable; +__nccwpck_require__(1556); +var CONNECTION_REUSE_ENV_NAME = 'AWS_NODEJS_CONNECTION_REUSE_ENABLED'; - function XMLDocument(options) { - XMLDocument.__super__.constructor.call(this, null); - options || (options = {}); - if (!options.writer) { - options.writer = new XMLStringWriter(); +/** + * @api private + */ +AWS.NodeHttpClient = AWS.util.inherit({ + handleRequest: function handleRequest(httpRequest, httpOptions, callback, errCallback) { + var self = this; + var endpoint = httpRequest.endpoint; + var pathPrefix = ''; + if (!httpOptions) httpOptions = {}; + if (httpOptions.proxy) { + pathPrefix = endpoint.protocol + '//' + endpoint.hostname; + if (endpoint.port !== 80 && endpoint.port !== 443) { + pathPrefix += ':' + endpoint.port; } - this.options = options; - this.stringify = new XMLStringifier(options); - this.isDocument = true; + endpoint = new AWS.Endpoint(httpOptions.proxy); } - XMLDocument.prototype.end = function(writer) { - var writerOptions; - if (!writer) { - writer = this.options.writer; - } else if (isPlainObject(writer)) { - writerOptions = writer; - writer = this.options.writer.set(writerOptions); - } - return writer.document(this); - }; - - XMLDocument.prototype.toString = function(options) { - return this.options.writer.set(options).document(this); + var useSSL = endpoint.protocol === 'https:'; + var http = useSSL ? __nccwpck_require__(5687) : __nccwpck_require__(3685); + var options = { + host: endpoint.hostname, + port: endpoint.port, + method: httpRequest.method, + headers: httpRequest.headers, + path: pathPrefix + httpRequest.path }; - return XMLDocument; - - })(XMLNode); - -}).call(this); - - -/***/ }), - -/***/ 566: -/***/ (function(module, __unusedexports, __webpack_require__) { + if (!httpOptions.agent) { + options.agent = this.getAgent(useSSL, { + keepAlive: process.env[CONNECTION_REUSE_ENV_NAME] === '1' ? true : false + }); + } -var AWS = __webpack_require__(395); -var inherit = AWS.util.inherit; + AWS.util.update(options, httpOptions); + delete options.proxy; // proxy isn't an HTTP option + delete options.timeout; // timeout isn't an HTTP option -__webpack_require__(791); + var stream = http.request(options, function (httpResp) { + if (stream.didCallback) return; -/** - * @api private - */ -AWS.Signers.V3Https = inherit(AWS.Signers.V3, { - authorization: function authorization(credentials) { - return 'AWS3-HTTPS ' + - 'AWSAccessKeyId=' + credentials.accessKeyId + ',' + - 'Algorithm=HmacSHA256,' + - 'Signature=' + this.signature(credentials); - }, + callback(httpResp); + httpResp.emit( + 'headers', + httpResp.statusCode, + httpResp.headers, + httpResp.statusMessage + ); + }); + httpRequest.stream = stream; // attach stream to httpRequest + stream.didCallback = false; - stringToSign: function stringToSign() { - return this.request.headers['X-Amz-Date']; - } -}); + // connection timeout support + if (httpOptions.connectTimeout) { + var connectTimeoutId; + stream.on('socket', function(socket) { + if (socket.connecting) { + connectTimeoutId = setTimeout(function connectTimeout() { + if (stream.didCallback) return; stream.didCallback = true; -/** - * @api private - */ -module.exports = AWS.Signers.V3Https; + stream.abort(); + errCallback(AWS.util.error( + new Error('Socket timed out without establishing a connection'), + {code: 'TimeoutError'} + )); + }, httpOptions.connectTimeout); + socket.on('connect', function() { + clearTimeout(connectTimeoutId); + connectTimeoutId = null; + }); + } + }); + } + // timeout support + stream.setTimeout(httpOptions.timeout || 0, function() { + if (stream.didCallback) return; stream.didCallback = true; -/***/ }), + var msg = 'Connection timed out after ' + httpOptions.timeout + 'ms'; + errCallback(AWS.util.error(new Error(msg), {code: 'TimeoutError'})); + stream.abort(); + }); -/***/ 572: -/***/ (function(module) { + stream.on('error', function(err) { + if (connectTimeoutId) { + clearTimeout(connectTimeoutId); + connectTimeoutId = null; + } + if (stream.didCallback) return; stream.didCallback = true; + if ('ECONNRESET' === err.code || 'EPIPE' === err.code || 'ETIMEDOUT' === err.code) { + errCallback(AWS.util.error(err, {code: 'TimeoutError'})); + } else { + errCallback(err); + } + }); -module.exports = {"rules":{"*/*":{"endpoint":"{service}.{region}.amazonaws.com"},"cn-*/*":{"endpoint":"{service}.{region}.amazonaws.com.cn"},"us-iso-*/*":{"endpoint":"{service}.{region}.c2s.ic.gov"},"us-isob-*/*":{"endpoint":"{service}.{region}.sc2s.sgov.gov"},"*/budgets":"globalSSL","*/cloudfront":"globalSSL","*/sts":"globalSSL","*/importexport":{"endpoint":"{service}.amazonaws.com","signatureVersion":"v2","globalEndpoint":true},"*/route53":"globalSSL","cn-*/route53":{"endpoint":"{service}.amazonaws.com.cn","globalEndpoint":true,"signingRegion":"cn-northwest-1"},"us-gov-*/route53":"globalGovCloud","*/waf":"globalSSL","*/iam":"globalSSL","cn-*/iam":{"endpoint":"{service}.cn-north-1.amazonaws.com.cn","globalEndpoint":true,"signingRegion":"cn-north-1"},"us-gov-*/iam":"globalGovCloud","us-gov-*/sts":{"endpoint":"{service}.{region}.amazonaws.com"},"us-gov-west-1/s3":"s3signature","us-west-1/s3":"s3signature","us-west-2/s3":"s3signature","eu-west-1/s3":"s3signature","ap-southeast-1/s3":"s3signature","ap-southeast-2/s3":"s3signature","ap-northeast-1/s3":"s3signature","sa-east-1/s3":"s3signature","us-east-1/s3":{"endpoint":"{service}.amazonaws.com","signatureVersion":"s3"},"us-east-1/sdb":{"endpoint":"{service}.amazonaws.com","signatureVersion":"v2"},"*/sdb":{"endpoint":"{service}.{region}.amazonaws.com","signatureVersion":"v2"}},"patterns":{"globalSSL":{"endpoint":"https://{service}.amazonaws.com","globalEndpoint":true,"signingRegion":"us-east-1"},"globalGovCloud":{"endpoint":"{service}.us-gov.amazonaws.com","globalEndpoint":true,"signingRegion":"us-gov-west-1"},"s3signature":{"endpoint":"{service}.{region}.amazonaws.com","signatureVersion":"s3"}}}; + var expect = httpRequest.headers.Expect || httpRequest.headers.expect; + if (expect === '100-continue') { + stream.once('continue', function() { + self.writeBody(stream, httpRequest); + }); + } else { + this.writeBody(stream, httpRequest); + } -/***/ }), + return stream; + }, -/***/ 576: -/***/ (function(module, __unusedexports, __webpack_require__) { + writeBody: function writeBody(stream, httpRequest) { + var body = httpRequest.body; + var totalBytes = parseInt(httpRequest.headers['Content-Length'], 10); -var AWS = __webpack_require__(395); -var util = __webpack_require__(153); -var QueryParamSerializer = __webpack_require__(439); -var Shape = __webpack_require__(682); -var populateHostPrefix = __webpack_require__(904).populateHostPrefix; - -function buildRequest(req) { - var operation = req.service.api.operations[req.operation]; - var httpRequest = req.httpRequest; - httpRequest.headers['Content-Type'] = - 'application/x-www-form-urlencoded; charset=utf-8'; - httpRequest.params = { - Version: req.service.api.apiVersion, - Action: operation.name - }; + if (body instanceof Stream) { + // For progress support of streaming content - + // pipe the data through a transform stream to emit 'sendProgress' events + var progressStream = this.progressStream(stream, totalBytes); + if (progressStream) { + body.pipe(progressStream).pipe(stream); + } else { + body.pipe(stream); + } + } else if (body) { + // The provided body is a buffer/string and is already fully available in memory - + // For performance it's best to send it as a whole by calling stream.end(body), + // Callers expect a 'sendProgress' event which is best emitted once + // the http request stream has been fully written and all data flushed. + // The use of totalBytes is important over body.length for strings where + // length is char length and not byte length. + stream.once('finish', function() { + stream.emit('sendProgress', { + loaded: totalBytes, + total: totalBytes + }); + }); + stream.end(body); + } else { + // no request body + stream.end(); + } + }, - // convert the request parameters into a list of query params, - // e.g. Deeply.NestedParam.0.Name=value - var builder = new QueryParamSerializer(); - builder.serialize(req.params, operation.input, function(name, value) { - httpRequest.params[name] = value; - }); - httpRequest.body = util.queryParamsToString(httpRequest.params); + /** + * Create the https.Agent or http.Agent according to the request schema. + */ + getAgent: function getAgent(useSSL, agentOptions) { + var http = useSSL ? __nccwpck_require__(5687) : __nccwpck_require__(3685); + if (useSSL) { + if (!AWS.NodeHttpClient.sslAgent) { + AWS.NodeHttpClient.sslAgent = new http.Agent(AWS.util.merge({ + rejectUnauthorized: process.env.NODE_TLS_REJECT_UNAUTHORIZED === '0' ? false : true + }, agentOptions || {})); + AWS.NodeHttpClient.sslAgent.setMaxListeners(0); - populateHostPrefix(req); -} + // delegate maxSockets to globalAgent, set a default limit of 50 if current value is Infinity. + // Users can bypass this default by supplying their own Agent as part of SDK configuration. + Object.defineProperty(AWS.NodeHttpClient.sslAgent, 'maxSockets', { + enumerable: true, + get: function() { + var defaultMaxSockets = 50; + var globalAgent = http.globalAgent; + if (globalAgent && globalAgent.maxSockets !== Infinity && typeof globalAgent.maxSockets === 'number') { + return globalAgent.maxSockets; + } + return defaultMaxSockets; + } + }); + } + return AWS.NodeHttpClient.sslAgent; + } else { + if (!AWS.NodeHttpClient.agent) { + AWS.NodeHttpClient.agent = new http.Agent(agentOptions); + } + return AWS.NodeHttpClient.agent; + } + }, -function extractError(resp) { - var data, body = resp.httpResponse.body.toString(); - if (body.match(' { - if (origRules.resultWrapper) { - if (data[origRules.resultWrapper]) { - util.update(data, data[origRules.resultWrapper]); - delete data[origRules.resultWrapper]; - } +var util = __nccwpck_require__(7985); + +function JsonBuilder() { } + +JsonBuilder.prototype.build = function(value, shape) { + return JSON.stringify(translate(value, shape)); +}; + +function translate(value, shape) { + if (!shape || value === undefined || value === null) return undefined; + + switch (shape.type) { + case 'structure': return translateStructure(value, shape); + case 'map': return translateMap(value, shape); + case 'list': return translateList(value, shape); + default: return translateScalar(value, shape); } +} - resp.data = data; +function translateStructure(structure, shape) { + if (shape.isDocument) { + return structure; + } + var struct = {}; + util.each(structure, function(name, value) { + var memberShape = shape.members[name]; + if (memberShape) { + if (memberShape.location !== 'body') return; + var locationName = memberShape.isLocationName ? memberShape.name : name; + var result = translate(value, memberShape); + if (result !== undefined) struct[locationName] = result; + } + }); + return struct; +} + +function translateList(list, shape) { + var out = []; + util.arrayEach(list, function(value) { + var result = translate(value, shape.member); + if (result !== undefined) out.push(result); + }); + return out; +} + +function translateMap(map, shape) { + var out = {}; + util.each(map, function(key, value) { + var result = translate(value, shape.value); + if (result !== undefined) out[key] = result; + }); + return out; +} + +function translateScalar(value, shape) { + return shape.toWireFormat(value); } /** * @api private */ -module.exports = { - buildRequest: buildRequest, - extractError: extractError, - extractData: extractData -}; +module.exports = JsonBuilder; /***/ }), -/***/ 582: -/***/ (function(module) { +/***/ 5474: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { -// Generated by CoffeeScript 1.12.7 -(function() { - var assign, isArray, isEmpty, isFunction, isObject, isPlainObject, - slice = [].slice, - hasProp = {}.hasOwnProperty; +var util = __nccwpck_require__(7985); - assign = function() { - var i, key, len, source, sources, target; - target = arguments[0], sources = 2 <= arguments.length ? slice.call(arguments, 1) : []; - if (isFunction(Object.assign)) { - Object.assign.apply(null, arguments); - } else { - for (i = 0, len = sources.length; i < len; i++) { - source = sources[i]; - if (source != null) { - for (key in source) { - if (!hasProp.call(source, key)) continue; - target[key] = source[key]; - } - } - } - } - return target; - }; +function JsonParser() { } - isFunction = function(val) { - return !!val && Object.prototype.toString.call(val) === '[object Function]'; - }; - - isObject = function(val) { - var ref; - return !!val && ((ref = typeof val) === 'function' || ref === 'object'); - }; - - isArray = function(val) { - if (isFunction(Array.isArray)) { - return Array.isArray(val); - } else { - return Object.prototype.toString.call(val) === '[object Array]'; - } - }; - - isEmpty = function(val) { - var key; - if (isArray(val)) { - return !val.length; - } else { - for (key in val) { - if (!hasProp.call(val, key)) continue; - return false; - } - return true; - } - }; - - isPlainObject = function(val) { - var ctor, proto; - return isObject(val) && (proto = Object.getPrototypeOf(val)) && (ctor = proto.constructor) && (typeof ctor === 'function') && (ctor instanceof ctor) && (Function.prototype.toString.call(ctor) === Function.prototype.toString.call(Object)); - }; - - module.exports.assign = assign; - - module.exports.isFunction = isFunction; - - module.exports.isObject = isObject; - - module.exports.isArray = isArray; +JsonParser.prototype.parse = function(value, shape) { + return translate(JSON.parse(value), shape); +}; - module.exports.isEmpty = isEmpty; +function translate(value, shape) { + if (!shape || value === undefined) return undefined; - module.exports.isPlainObject = isPlainObject; + switch (shape.type) { + case 'structure': return translateStructure(value, shape); + case 'map': return translateMap(value, shape); + case 'list': return translateList(value, shape); + default: return translateScalar(value, shape); + } +} -}).call(this); +function translateStructure(structure, shape) { + if (structure == null) return undefined; + if (shape.isDocument) return structure; + var struct = {}; + var shapeMembers = shape.members; + util.each(shapeMembers, function(name, memberShape) { + var locationName = memberShape.isLocationName ? memberShape.name : name; + if (Object.prototype.hasOwnProperty.call(structure, locationName)) { + var value = structure[locationName]; + var result = translate(value, memberShape); + if (result !== undefined) struct[name] = result; + } + }); + return struct; +} -/***/ }), +function translateList(list, shape) { + if (list == null) return undefined; -/***/ 583: -/***/ (function(module, __unusedexports, __webpack_require__) { + var out = []; + util.arrayEach(list, function(value) { + var result = translate(value, shape.member); + if (result === undefined) out.push(null); + else out.push(result); + }); + return out; +} -var memoizedProperty = __webpack_require__(153).memoizedProperty; +function translateMap(map, shape) { + if (map == null) return undefined; -function memoize(name, value, factory, nameTr) { - memoizedProperty(this, nameTr(name), function() { - return factory(name, value); + var out = {}; + util.each(map, function(key, value) { + var result = translate(value, shape.value); + if (result === undefined) out[key] = null; + else out[key] = result; }); + return out; } -function Collection(iterable, options, factory, nameTr, callback) { - nameTr = nameTr || String; - var self = this; - - for (var id in iterable) { - if (Object.prototype.hasOwnProperty.call(iterable, id)) { - memoize.call(self, id, iterable[id], factory, nameTr); - if (callback) callback(id, iterable[id]); - } - } +function translateScalar(value, shape) { + return shape.toType(value); } /** * @api private */ -module.exports = Collection; +module.exports = JsonParser; /***/ }), -/***/ 602: -/***/ (function(module) { +/***/ 5768: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { -// Generated by CoffeeScript 1.12.7 -(function() { - var XMLStringifier, - bind = function(fn, me){ return function(){ return fn.apply(me, arguments); }; }, - hasProp = {}.hasOwnProperty; +var AWS = __nccwpck_require__(8437); +__nccwpck_require__(1556); +var inherit = AWS.util.inherit; +var getMetadataServiceEndpoint = __nccwpck_require__(608); +var URL = (__nccwpck_require__(7310).URL); - module.exports = XMLStringifier = (function() { - function XMLStringifier(options) { - this.assertLegalChar = bind(this.assertLegalChar, this); - var key, ref, value; - options || (options = {}); - this.noDoubleEncoding = options.noDoubleEncoding; - ref = options.stringify || {}; - for (key in ref) { - if (!hasProp.call(ref, key)) continue; - value = ref[key]; - this[key] = value; - } - } +/** + * Represents a metadata service available on EC2 instances. Using the + * {request} method, you can receieve metadata about any available resource + * on the metadata service. + * + * You can disable the use of the IMDS by setting the AWS_EC2_METADATA_DISABLED + * environment variable to a truthy value. + * + * @!attribute [r] httpOptions + * @return [map] a map of options to pass to the underlying HTTP request: + * + * * **timeout** (Number) — a timeout value in milliseconds to wait + * before aborting the connection. Set to 0 for no timeout. + * + * @!macro nobrowser + */ +AWS.MetadataService = inherit({ + /** + * @return [String] the endpoint of the instance metadata service + */ + endpoint: getMetadataServiceEndpoint(), - XMLStringifier.prototype.eleName = function(val) { - val = '' + val || ''; - return this.assertLegalChar(val); - }; + /** + * @!ignore + */ - XMLStringifier.prototype.eleText = function(val) { - val = '' + val || ''; - return this.assertLegalChar(this.elEscape(val)); - }; + /** + * Default HTTP options. By default, the metadata service is set to not + * timeout on long requests. This means that on non-EC2 machines, this + * request will never return. If you are calling this operation from an + * environment that may not always run on EC2, set a `timeout` value so + * the SDK will abort the request after a given number of milliseconds. + */ + httpOptions: { timeout: 0 }, - XMLStringifier.prototype.cdata = function(val) { - val = '' + val || ''; - val = val.replace(']]>', ']]]]>'); - return this.assertLegalChar(val); - }; + /** + * when enabled, metadata service will not fetch token + */ + disableFetchToken: false, - XMLStringifier.prototype.comment = function(val) { - val = '' + val || ''; - if (val.match(/--/)) { - throw new Error("Comment text cannot contain double-hypen: " + val); - } - return this.assertLegalChar(val); - }; + /** + * Creates a new MetadataService object with a given set of options. + * + * @option options host [String] the hostname of the instance metadata + * service + * @option options httpOptions [map] a map of options to pass to the + * underlying HTTP request: + * + * * **timeout** (Number) — a timeout value in milliseconds to wait + * before aborting the connection. Set to 0 for no timeout. + * @option options maxRetries [Integer] the maximum number of retries to + * perform for timeout errors + * @option options retryDelayOptions [map] A set of options to configure the + * retry delay on retryable errors. See AWS.Config for details. + */ + constructor: function MetadataService(options) { + if (options && options.host) { + options.endpoint = 'http://' + options.host; + delete options.host; + } + AWS.util.update(this, options); + }, - XMLStringifier.prototype.raw = function(val) { - return '' + val || ''; - }; + /** + * Sends a request to the instance metadata service for a given resource. + * + * @param path [String] the path of the resource to get + * + * @param options [map] an optional map used to make request + * + * * **method** (String) — HTTP request method + * + * * **headers** (map) — a map of response header keys and their respective values + * + * @callback callback function(err, data) + * Called when a response is available from the service. + * @param err [Error, null] if an error occurred, this value will be set + * @param data [String, null] if the request was successful, the body of + * the response + */ + request: function request(path, options, callback) { + if (arguments.length === 2) { + callback = options; + options = {}; + } - XMLStringifier.prototype.attName = function(val) { - return val = '' + val || ''; - }; + if (process.env[AWS.util.imdsDisabledEnv]) { + callback(new Error('EC2 Instance Metadata Service access disabled')); + return; + } - XMLStringifier.prototype.attValue = function(val) { - val = '' + val || ''; - return this.attEscape(val); - }; + path = path || '/'; - XMLStringifier.prototype.insTarget = function(val) { - return '' + val || ''; - }; + // Verify that host is a valid URL + if (URL) { new URL(this.endpoint); } - XMLStringifier.prototype.insValue = function(val) { - val = '' + val || ''; - if (val.match(/\?>/)) { - throw new Error("Invalid processing instruction value: " + val); - } - return val; - }; + var httpRequest = new AWS.HttpRequest(this.endpoint + path); + httpRequest.method = options.method || 'GET'; + if (options.headers) { + httpRequest.headers = options.headers; + } + AWS.util.handleRequestWithRetries(httpRequest, this, callback); + }, - XMLStringifier.prototype.xmlVersion = function(val) { - val = '' + val || ''; - if (!val.match(/1\.[0-9]+/)) { - throw new Error("Invalid version number: " + val); - } - return val; - }; + /** + * @api private + */ + loadCredentialsCallbacks: [], - XMLStringifier.prototype.xmlEncoding = function(val) { - val = '' + val || ''; - if (!val.match(/^[A-Za-z](?:[A-Za-z0-9._-])*$/)) { - throw new Error("Invalid encoding: " + val); + /** + * Fetches metadata token used for getting credentials + * + * @api private + * @callback callback function(err, token) + * Called when token is loaded from the resource + */ + fetchMetadataToken: function fetchMetadataToken(callback) { + var self = this; + var tokenFetchPath = '/latest/api/token'; + self.request( + tokenFetchPath, + { + 'method': 'PUT', + 'headers': { + 'x-aws-ec2-metadata-token-ttl-seconds': '21600' + } + }, + callback + ); + }, + + /** + * Fetches credentials + * + * @api private + * @callback cb function(err, creds) + * Called when credentials are loaded from the resource + */ + fetchCredentials: function fetchCredentials(options, cb) { + var self = this; + var basePath = '/latest/meta-data/iam/security-credentials/'; + + self.request(basePath, options, function (err, roleName) { + if (err) { + self.disableFetchToken = !(err.statusCode === 401); + cb(AWS.util.error( + err, + { + message: 'EC2 Metadata roleName request returned error' + } + )); + return; } - return val; - }; + roleName = roleName.split('\n')[0]; // grab first (and only) role + self.request(basePath + roleName, options, function (credErr, credData) { + if (credErr) { + self.disableFetchToken = !(credErr.statusCode === 401); + cb(AWS.util.error( + credErr, + { + message: 'EC2 Metadata creds request returned error' + } + )); + return; + } + try { + var credentials = JSON.parse(credData); + cb(null, credentials); + } catch (parseError) { + cb(parseError); + } + }); + }); + }, - XMLStringifier.prototype.xmlStandalone = function(val) { - if (val) { - return "yes"; - } else { - return "no"; + /** + * Loads a set of credentials stored in the instance metadata service + * + * @api private + * @callback callback function(err, credentials) + * Called when credentials are loaded from the resource + * @param err [Error] if an error occurred, this value will be set + * @param credentials [Object] the raw JSON object containing all + * metadata from the credentials resource + */ + loadCredentials: function loadCredentials(callback) { + var self = this; + self.loadCredentialsCallbacks.push(callback); + if (self.loadCredentialsCallbacks.length > 1) { return; } + + function callbacks(err, creds) { + var cb; + while ((cb = self.loadCredentialsCallbacks.shift()) !== undefined) { + cb(err, creds); } - }; + } - XMLStringifier.prototype.dtdPubID = function(val) { - return '' + val || ''; - }; + if (self.disableFetchToken) { + self.fetchCredentials({}, callbacks); + } else { + self.fetchMetadataToken(function(tokenError, token) { + if (tokenError) { + if (tokenError.code === 'TimeoutError') { + self.disableFetchToken = true; + } else if (tokenError.retryable === true) { + callbacks(AWS.util.error( + tokenError, + { + message: 'EC2 Metadata token request returned error' + } + )); + return; + } else if (tokenError.statusCode === 400) { + callbacks(AWS.util.error( + tokenError, + { + message: 'EC2 Metadata token request returned 400' + } + )); + return; + } + } + var options = {}; + if (token) { + options.headers = { + 'x-aws-ec2-metadata-token': token + }; + } + self.fetchCredentials(options, callbacks); + }); - XMLStringifier.prototype.dtdSysID = function(val) { - return '' + val || ''; - }; + } + } +}); - XMLStringifier.prototype.dtdElementValue = function(val) { - return '' + val || ''; - }; +/** + * @api private + */ +module.exports = AWS.MetadataService; - XMLStringifier.prototype.dtdAttType = function(val) { - return '' + val || ''; - }; - XMLStringifier.prototype.dtdAttDefault = function(val) { - if (val != null) { - return '' + val || ''; - } else { - return val; - } - }; +/***/ }), - XMLStringifier.prototype.dtdEntityValue = function(val) { - return '' + val || ''; - }; +/***/ 3205: +/***/ ((module) => { - XMLStringifier.prototype.dtdNData = function(val) { - return '' + val || ''; - }; +var getEndpoint = function() { + return { + IPv4: 'http://169.254.169.254', + IPv6: 'http://[fd00:ec2::254]', + }; +}; - XMLStringifier.prototype.convertAttKey = '@'; +module.exports = getEndpoint; - XMLStringifier.prototype.convertPIKey = '?'; - XMLStringifier.prototype.convertTextKey = '#text'; +/***/ }), - XMLStringifier.prototype.convertCDataKey = '#cdata'; +/***/ 5578: +/***/ ((module) => { - XMLStringifier.prototype.convertCommentKey = '#comment'; +var ENV_ENDPOINT_NAME = 'AWS_EC2_METADATA_SERVICE_ENDPOINT'; +var CONFIG_ENDPOINT_NAME = 'ec2_metadata_service_endpoint'; - XMLStringifier.prototype.convertRawKey = '#raw'; +var getEndpointConfigOptions = function() { + return { + environmentVariableSelector: function(env) { return env[ENV_ENDPOINT_NAME]; }, + configFileSelector: function(profile) { return profile[CONFIG_ENDPOINT_NAME]; }, + default: undefined, + }; +}; - XMLStringifier.prototype.assertLegalChar = function(str) { - var res; - res = str.match(/[\0\uFFFE\uFFFF]|[\uD800-\uDBFF](?![\uDC00-\uDFFF])|(?:[^\uD800-\uDBFF]|^)[\uDC00-\uDFFF]/); - if (res) { - throw new Error("Invalid character in string: " + str + " at index " + res.index); - } - return str; - }; +module.exports = getEndpointConfigOptions; - XMLStringifier.prototype.elEscape = function(str) { - var ampregex; - ampregex = this.noDoubleEncoding ? /(?!&\S+;)&/g : /&/g; - return str.replace(ampregex, '&').replace(//g, '>').replace(/\r/g, ' '); - }; - XMLStringifier.prototype.attEscape = function(str) { - var ampregex; - ampregex = this.noDoubleEncoding ? /(?!&\S+;)&/g : /&/g; - return str.replace(ampregex, '&').replace(/ { - })(); +var getEndpointMode = function() { + return { + IPv4: 'IPv4', + IPv6: 'IPv6', + }; +}; -}).call(this); +module.exports = getEndpointMode; /***/ }), -/***/ 605: -/***/ (function(module, __unusedexports, __webpack_require__) { +/***/ 5509: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { -var util = __webpack_require__(395).util; -var toBuffer = util.buffer.toBuffer; +var EndpointMode = __nccwpck_require__(7997)(); -/** - * A lossless representation of a signed, 64-bit integer. Instances of this - * class may be used in arithmetic expressions as if they were numeric - * primitives, but the binary representation will be preserved unchanged as the - * `bytes` property of the object. The bytes should be encoded as big-endian, - * two's complement integers. - * @param {Buffer} bytes - * - * @api private - */ -function Int64(bytes) { - if (bytes.length !== 8) { - throw new Error('Int64 buffers must be exactly 8 bytes'); - } - if (!util.Buffer.isBuffer(bytes)) bytes = toBuffer(bytes); +var ENV_ENDPOINT_MODE_NAME = 'AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE'; +var CONFIG_ENDPOINT_MODE_NAME = 'ec2_metadata_service_endpoint_mode'; - this.bytes = bytes; -} +var getEndpointModeConfigOptions = function() { + return { + environmentVariableSelector: function(env) { return env[ENV_ENDPOINT_MODE_NAME]; }, + configFileSelector: function(profile) { return profile[CONFIG_ENDPOINT_MODE_NAME]; }, + default: EndpointMode.IPv4, + }; +}; -/** - * @param {number} number - * @returns {Int64} - * - * @api private - */ -Int64.fromNumber = function(number) { - if (number > 9223372036854775807 || number < -9223372036854775808) { - throw new Error( - number + ' is too large (or, if negative, too small) to represent as an Int64' - ); - } +module.exports = getEndpointModeConfigOptions; - var bytes = new Uint8Array(8); - for ( - var i = 7, remaining = Math.abs(Math.round(number)); - i > -1 && remaining > 0; - i--, remaining /= 256 - ) { - bytes[i] = remaining; - } - if (number < 0) { - negate(bytes); - } +/***/ }), - return new Int64(bytes); +/***/ 608: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +var AWS = __nccwpck_require__(8437); + +var Endpoint = __nccwpck_require__(3205)(); +var EndpointMode = __nccwpck_require__(7997)(); + +var ENDPOINT_CONFIG_OPTIONS = __nccwpck_require__(5578)(); +var ENDPOINT_MODE_CONFIG_OPTIONS = __nccwpck_require__(5509)(); + +var getMetadataServiceEndpoint = function() { + var endpoint = AWS.util.loadConfig(ENDPOINT_CONFIG_OPTIONS); + if (endpoint !== undefined) return endpoint; + + var endpointMode = AWS.util.loadConfig(ENDPOINT_MODE_CONFIG_OPTIONS); + switch (endpointMode) { + case EndpointMode.IPv4: + return Endpoint.IPv4; + case EndpointMode.IPv6: + return Endpoint.IPv6; + default: + throw new Error('Unsupported endpoint mode: ' + endpointMode); + } }; -/** - * @returns {number} - * - * @api private - */ -Int64.prototype.valueOf = function() { - var bytes = this.bytes.slice(0); - var negative = bytes[0] & 128; - if (negative) { - negate(bytes); - } +module.exports = getMetadataServiceEndpoint; - return parseInt(bytes.toString('hex'), 16) * (negative ? -1 : 1); -}; -Int64.prototype.toString = function() { - return String(this.valueOf()); -}; +/***/ }), -/** - * @param {Buffer} bytes - * - * @api private - */ -function negate(bytes) { - for (var i = 0; i < 8; i++) { - bytes[i] ^= 0xFF; +/***/ 7657: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +var Collection = __nccwpck_require__(1965); +var Operation = __nccwpck_require__(8083); +var Shape = __nccwpck_require__(1349); +var Paginator = __nccwpck_require__(5938); +var ResourceWaiter = __nccwpck_require__(1368); +var metadata = __nccwpck_require__(7752); + +var util = __nccwpck_require__(7985); +var property = util.property; +var memoizedProperty = util.memoizedProperty; + +function Api(api, options) { + var self = this; + api = api || {}; + options = options || {}; + options.api = this; + + api.metadata = api.metadata || {}; + + var serviceIdentifier = options.serviceIdentifier; + delete options.serviceIdentifier; + + property(this, 'isApi', true, false); + property(this, 'apiVersion', api.metadata.apiVersion); + property(this, 'endpointPrefix', api.metadata.endpointPrefix); + property(this, 'signingName', api.metadata.signingName); + property(this, 'globalEndpoint', api.metadata.globalEndpoint); + property(this, 'signatureVersion', api.metadata.signatureVersion); + property(this, 'jsonVersion', api.metadata.jsonVersion); + property(this, 'targetPrefix', api.metadata.targetPrefix); + property(this, 'protocol', api.metadata.protocol); + property(this, 'timestampFormat', api.metadata.timestampFormat); + property(this, 'xmlNamespaceUri', api.metadata.xmlNamespace); + property(this, 'abbreviation', api.metadata.serviceAbbreviation); + property(this, 'fullName', api.metadata.serviceFullName); + property(this, 'serviceId', api.metadata.serviceId); + if (serviceIdentifier && metadata[serviceIdentifier]) { + property(this, 'xmlNoDefaultLists', metadata[serviceIdentifier].xmlNoDefaultLists, false); + } + + memoizedProperty(this, 'className', function() { + var name = api.metadata.serviceAbbreviation || api.metadata.serviceFullName; + if (!name) return null; + + name = name.replace(/^Amazon|AWS\s*|\(.*|\s+|\W+/g, ''); + if (name === 'ElasticLoadBalancing') name = 'ELB'; + return name; + }); + + function addEndpointOperation(name, operation) { + if (operation.endpointoperation === true) { + property(self, 'endpointOperation', util.string.lowerFirst(name)); } - for (var i = 7; i > -1; i--) { - bytes[i]++; - if (bytes[i] !== 0) { - break; - } + if (operation.endpointdiscovery && !self.hasRequiredEndpointDiscovery) { + property( + self, + 'hasRequiredEndpointDiscovery', + operation.endpointdiscovery.required === true + ); } + } + + property(this, 'operations', new Collection(api.operations, options, function(name, operation) { + return new Operation(name, operation, options); + }, util.string.lowerFirst, addEndpointOperation)); + + property(this, 'shapes', new Collection(api.shapes, options, function(name, shape) { + return Shape.create(shape, options); + })); + + property(this, 'paginators', new Collection(api.paginators, options, function(name, paginator) { + return new Paginator(name, paginator, options); + })); + + property(this, 'waiters', new Collection(api.waiters, options, function(name, waiter) { + return new ResourceWaiter(name, waiter, options); + }, util.string.lowerFirst)); + + if (options.documentation) { + property(this, 'documentation', api.documentation); + property(this, 'documentationUrl', api.documentationUrl); + } + property(this, 'awsQueryCompatible', api.metadata.awsQueryCompatible); } /** * @api private */ -module.exports = { - Int64: Int64 -}; +module.exports = Api; /***/ }), -/***/ 606: -/***/ (function(__unusedmodule, __unusedexports, __webpack_require__) { +/***/ 1965: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { -var AWS = __webpack_require__(395); -var SequentialExecutor = __webpack_require__(610); -var DISCOVER_ENDPOINT = __webpack_require__(987).discoverEndpoint; -/** - * The namespace used to register global event listeners for request building - * and sending. - */ -AWS.EventListeners = { - /** - * @!attribute VALIDATE_CREDENTIALS - * A request listener that validates whether the request is being - * sent with credentials. - * Handles the {AWS.Request~validate 'validate' Request event} - * @example Sending a request without validating credentials - * var listener = AWS.EventListeners.Core.VALIDATE_CREDENTIALS; - * request.removeListener('validate', listener); - * @readonly - * @return [Function] - * @!attribute VALIDATE_REGION - * A request listener that validates whether the region is set - * for a request. - * Handles the {AWS.Request~validate 'validate' Request event} - * @example Sending a request without validating region configuration - * var listener = AWS.EventListeners.Core.VALIDATE_REGION; - * request.removeListener('validate', listener); - * @readonly - * @return [Function] - * @!attribute VALIDATE_PARAMETERS - * A request listener that validates input parameters in a request. - * Handles the {AWS.Request~validate 'validate' Request event} - * @example Sending a request without validating parameters - * var listener = AWS.EventListeners.Core.VALIDATE_PARAMETERS; - * request.removeListener('validate', listener); - * @example Disable parameter validation globally - * AWS.EventListeners.Core.removeListener('validate', - * AWS.EventListeners.Core.VALIDATE_REGION); - * @readonly - * @return [Function] - * @!attribute SEND - * A request listener that initiates the HTTP connection for a - * request being sent. Handles the {AWS.Request~send 'send' Request event} - * @example Replacing the HTTP handler - * var listener = AWS.EventListeners.Core.SEND; - * request.removeListener('send', listener); - * request.on('send', function(response) { - * customHandler.send(response); - * }); - * @return [Function] - * @readonly - * @!attribute HTTP_DATA - * A request listener that reads data from the HTTP connection in order - * to build the response data. - * Handles the {AWS.Request~httpData 'httpData' Request event}. - * Remove this handler if you are overriding the 'httpData' event and - * do not want extra data processing and buffering overhead. - * @example Disabling default data processing - * var listener = AWS.EventListeners.Core.HTTP_DATA; - * request.removeListener('httpData', listener); - * @return [Function] - * @readonly - */ - Core: {} /* doc hack */ -}; +var memoizedProperty = (__nccwpck_require__(7985).memoizedProperty); + +function memoize(name, value, factory, nameTr) { + memoizedProperty(this, nameTr(name), function() { + return factory(name, value); + }); +} + +function Collection(iterable, options, factory, nameTr, callback) { + nameTr = nameTr || String; + var self = this; + + for (var id in iterable) { + if (Object.prototype.hasOwnProperty.call(iterable, id)) { + memoize.call(self, id, iterable[id], factory, nameTr); + if (callback) callback(id, iterable[id]); + } + } +} /** * @api private */ -function getOperationAuthtype(req) { - if (!req.service.api.operations) { - return ''; - } - var operation = req.service.api.operations[req.operation]; - return operation ? operation.authtype : ''; -} +module.exports = Collection; -AWS.EventListeners = { - Core: new SequentialExecutor().addNamedListeners(function(add, addAsync) { - addAsync('VALIDATE_CREDENTIALS', 'validate', - function VALIDATE_CREDENTIALS(req, done) { - if (!req.service.api.signatureVersion && !req.service.config.signatureVersion) return done(); // none - req.service.config.getCredentials(function(err) { - if (err) { - req.response.error = AWS.util.error(err, - {code: 'CredentialsError', message: 'Missing credentials in config, if using AWS_CONFIG_FILE, set AWS_SDK_LOAD_CONFIG=1'}); - } - done(); - }); - }); - add('VALIDATE_REGION', 'validate', function VALIDATE_REGION(req) { - if (!req.service.config.region && !req.service.isGlobalEndpoint) { - req.response.error = AWS.util.error(new Error(), - {code: 'ConfigError', message: 'Missing region in config'}); - } - }); +/***/ }), - add('BUILD_IDEMPOTENCY_TOKENS', 'validate', function BUILD_IDEMPOTENCY_TOKENS(req) { - if (!req.service.api.operations) { - return; - } - var operation = req.service.api.operations[req.operation]; - if (!operation) { - return; - } - var idempotentMembers = operation.idempotentMembers; - if (!idempotentMembers.length) { - return; - } - // creates a copy of params so user's param object isn't mutated - var params = AWS.util.copy(req.params); - for (var i = 0, iLen = idempotentMembers.length; i < iLen; i++) { - if (!params[idempotentMembers[i]]) { - // add the member - params[idempotentMembers[i]] = AWS.util.uuid.v4(); - } - } - req.params = params; - }); +/***/ 8083: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { - add('VALIDATE_PARAMETERS', 'validate', function VALIDATE_PARAMETERS(req) { - if (!req.service.api.operations) { - return; - } - var rules = req.service.api.operations[req.operation].input; - var validation = req.service.config.paramValidation; - new AWS.ParamValidator(validation).validate(rules, req.params); - }); +var Shape = __nccwpck_require__(1349); - addAsync('COMPUTE_SHA256', 'afterBuild', function COMPUTE_SHA256(req, done) { - req.haltHandlersOnError(); - if (!req.service.api.operations) { - return; - } - var operation = req.service.api.operations[req.operation]; - var authtype = operation ? operation.authtype : ''; - if (!req.service.api.signatureVersion && !authtype && !req.service.config.signatureVersion) return done(); // none - if (req.service.getSignerClass(req) === AWS.Signers.V4) { - var body = req.httpRequest.body || ''; - if (authtype.indexOf('unsigned-body') >= 0) { - req.httpRequest.headers['X-Amz-Content-Sha256'] = 'UNSIGNED-PAYLOAD'; - return done(); - } - AWS.util.computeSha256(body, function(err, sha) { - if (err) { - done(err); - } - else { - req.httpRequest.headers['X-Amz-Content-Sha256'] = sha; - done(); - } - }); - } else { - done(); - } - }); +var util = __nccwpck_require__(7985); +var property = util.property; +var memoizedProperty = util.memoizedProperty; - add('SET_CONTENT_LENGTH', 'afterBuild', function SET_CONTENT_LENGTH(req) { - var authtype = getOperationAuthtype(req); - var payloadMember = AWS.util.getRequestPayloadShape(req); - if (req.httpRequest.headers['Content-Length'] === undefined) { - try { - var length = AWS.util.string.byteLength(req.httpRequest.body); - req.httpRequest.headers['Content-Length'] = length; - } catch (err) { - if (payloadMember && payloadMember.isStreaming) { - if (payloadMember.requiresLength) { - //streaming payload requires length(s3, glacier) - throw err; - } else if (authtype.indexOf('unsigned-body') >= 0) { - //unbounded streaming payload(lex, mediastore) - req.httpRequest.headers['Transfer-Encoding'] = 'chunked'; - return; - } else { - throw err; - } - } - throw err; - } - } - }); +function Operation(name, operation, options) { + var self = this; + options = options || {}; - add('SET_HTTP_HOST', 'afterBuild', function SET_HTTP_HOST(req) { - req.httpRequest.headers['Host'] = req.httpRequest.endpoint.host; - }); + property(this, 'name', operation.name || name); + property(this, 'api', options.api, false); - add('RESTART', 'restart', function RESTART() { - var err = this.response.error; - if (!err || !err.retryable) return; + operation.http = operation.http || {}; + property(this, 'endpoint', operation.endpoint); + property(this, 'httpMethod', operation.http.method || 'POST'); + property(this, 'httpPath', operation.http.requestUri || '/'); + property(this, 'authtype', operation.authtype || ''); + property( + this, + 'endpointDiscoveryRequired', + operation.endpointdiscovery ? + (operation.endpointdiscovery.required ? 'REQUIRED' : 'OPTIONAL') : + 'NULL' + ); - this.httpRequest = new AWS.HttpRequest( - this.service.endpoint, - this.service.region - ); + // httpChecksum replaces usage of httpChecksumRequired, but some APIs + // (s3control) still uses old trait. + var httpChecksumRequired = operation.httpChecksumRequired + || (operation.httpChecksum && operation.httpChecksum.requestChecksumRequired); + property(this, 'httpChecksumRequired', httpChecksumRequired, false); - if (this.response.retryCount < this.service.config.maxRetries) { - this.response.retryCount++; - } else { - this.response.error = null; - } - }); + memoizedProperty(this, 'input', function() { + if (!operation.input) { + return new Shape.create({type: 'structure'}, options); + } + return Shape.create(operation.input, options); + }); - var addToHead = true; - addAsync('DISCOVER_ENDPOINT', 'sign', DISCOVER_ENDPOINT, addToHead); + memoizedProperty(this, 'output', function() { + if (!operation.output) { + return new Shape.create({type: 'structure'}, options); + } + return Shape.create(operation.output, options); + }); - addAsync('SIGN', 'sign', function SIGN(req, done) { - var service = req.service; - var operations = req.service.api.operations || {}; - var operation = operations[req.operation]; - var authtype = operation ? operation.authtype : ''; - if (!service.api.signatureVersion && !authtype && !service.config.signatureVersion) return done(); // none + memoizedProperty(this, 'errors', function() { + var list = []; + if (!operation.errors) return null; - service.config.getCredentials(function (err, credentials) { - if (err) { - req.response.error = err; - return done(); - } + for (var i = 0; i < operation.errors.length; i++) { + list.push(Shape.create(operation.errors[i], options)); + } - try { - var date = service.getSkewCorrectedDate(); - var SignerClass = service.getSignerClass(req); - var signer = new SignerClass(req.httpRequest, - service.api.signingName || service.api.endpointPrefix, - { - signatureCache: service.config.signatureCache, - operation: operation, - signatureVersion: service.api.signatureVersion - }); - signer.setServiceClientId(service._clientId); - - // clear old authorization headers - delete req.httpRequest.headers['Authorization']; - delete req.httpRequest.headers['Date']; - delete req.httpRequest.headers['X-Amz-Date']; - - // add new authorization - signer.addAuthorization(credentials, date); - req.signedAt = date; - } catch (e) { - req.response.error = e; - } - done(); - }); - }); + return list; + }); - add('VALIDATE_RESPONSE', 'validateResponse', function VALIDATE_RESPONSE(resp) { - if (this.service.successfulResponse(resp, this)) { - resp.data = {}; - resp.error = null; - } else { - resp.data = null; - resp.error = AWS.util.error(new Error(), - {code: 'UnknownError', message: 'An unknown error occurred.'}); - } - }); + memoizedProperty(this, 'paginator', function() { + return options.api.paginators[name]; + }); - addAsync('SEND', 'send', function SEND(resp, done) { - resp.httpResponse._abortCallback = done; - resp.error = null; - resp.data = null; + if (options.documentation) { + property(this, 'documentation', operation.documentation); + property(this, 'documentationUrl', operation.documentationUrl); + } - function callback(httpResp) { - resp.httpResponse.stream = httpResp; - var stream = resp.request.httpRequest.stream; - var service = resp.request.service; - var api = service.api; - var operationName = resp.request.operation; - var operation = api.operations[operationName] || {}; + // idempotentMembers only tracks top-level input shapes + memoizedProperty(this, 'idempotentMembers', function() { + var idempotentMembers = []; + var input = self.input; + var members = input.members; + if (!input.members) { + return idempotentMembers; + } + for (var name in members) { + if (!members.hasOwnProperty(name)) { + continue; + } + if (members[name].isIdempotent === true) { + idempotentMembers.push(name); + } + } + return idempotentMembers; + }); - httpResp.on('headers', function onHeaders(statusCode, headers, statusMessage) { - resp.request.emit( - 'httpHeaders', - [statusCode, headers, resp, statusMessage] - ); + memoizedProperty(this, 'hasEventOutput', function() { + var output = self.output; + return hasEventStream(output); + }); +} - if (!resp.httpResponse.streaming) { - if (AWS.HttpClient.streamsApiVersion === 2) { // streams2 API check - // if we detect event streams, we're going to have to - // return the stream immediately - if (operation.hasEventOutput && service.successfulResponse(resp)) { - // skip reading the IncomingStream - resp.request.emit('httpDone'); - done(); - return; - } +function hasEventStream(topLevelShape) { + var members = topLevelShape.members; + var payload = topLevelShape.payload; - httpResp.on('readable', function onReadable() { - var data = httpResp.read(); - if (data !== null) { - resp.request.emit('httpData', [data, resp]); - } - }); - } else { // legacy streams API - httpResp.on('data', function onData(data) { - resp.request.emit('httpData', [data, resp]); - }); - } - } - }); + if (!topLevelShape.members) { + return false; + } - httpResp.on('end', function onEnd() { - if (!stream || !stream.didCallback) { - if (AWS.HttpClient.streamsApiVersion === 2 && (operation.hasEventOutput && service.successfulResponse(resp))) { - // don't concatenate response chunks when streaming event stream data when response is successful - return; - } - resp.request.emit('httpDone'); - done(); - } - }); + if (payload) { + var payloadMember = members[payload]; + return payloadMember.isEventStream; + } + + // check if any member is an event stream + for (var name in members) { + if (!members.hasOwnProperty(name)) { + if (members[name].isEventStream === true) { + return true; } + } + } + return false; +} - function progress(httpResp) { - httpResp.on('sendProgress', function onSendProgress(value) { - resp.request.emit('httpUploadProgress', [value, resp]); - }); +/** + * @api private + */ +module.exports = Operation; - httpResp.on('receiveProgress', function onReceiveProgress(value) { - resp.request.emit('httpDownloadProgress', [value, resp]); - }); - } - function error(err) { - if (err.code !== 'RequestAbortedError') { - var errCode = err.code === 'TimeoutError' ? err.code : 'NetworkingError'; - err = AWS.util.error(err, { - code: errCode, - region: resp.request.httpRequest.region, - hostname: resp.request.httpRequest.endpoint.hostname, - retryable: true - }); - } - resp.error = err; - resp.request.emit('httpError', [resp.error, resp], function() { - done(); - }); - } +/***/ }), - function executeSend() { - var http = AWS.HttpClient.getInstance(); - var httpOptions = resp.request.service.config.httpOptions || {}; - try { - var stream = http.handleRequest(resp.request.httpRequest, httpOptions, - callback, error); - progress(stream); - } catch (err) { - error(err); - } - } - var timeDiff = (resp.request.service.getSkewCorrectedDate() - this.signedAt) / 1000; - if (timeDiff >= 60 * 10) { // if we signed 10min ago, re-sign - this.emit('sign', [this], function(err) { - if (err) done(err); - else executeSend(); - }); - } else { - executeSend(); - } - }); - - add('HTTP_HEADERS', 'httpHeaders', - function HTTP_HEADERS(statusCode, headers, resp, statusMessage) { - resp.httpResponse.statusCode = statusCode; - resp.httpResponse.statusMessage = statusMessage; - resp.httpResponse.headers = headers; - resp.httpResponse.body = AWS.util.buffer.toBuffer(''); - resp.httpResponse.buffers = []; - resp.httpResponse.numBytes = 0; - var dateHeader = headers.date || headers.Date; - var service = resp.request.service; - if (dateHeader) { - var serverTime = Date.parse(dateHeader); - if (service.config.correctClockSkew - && service.isClockSkewed(serverTime)) { - service.applyClockOffset(serverTime); - } - } - }); +/***/ 5938: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { - add('HTTP_DATA', 'httpData', function HTTP_DATA(chunk, resp) { - if (chunk) { - if (AWS.util.isNode()) { - resp.httpResponse.numBytes += chunk.length; +var property = (__nccwpck_require__(7985).property); - var total = resp.httpResponse.headers['content-length']; - var progress = { loaded: resp.httpResponse.numBytes, total: total }; - resp.request.emit('httpDownloadProgress', [progress, resp]); - } +function Paginator(name, paginator) { + property(this, 'inputToken', paginator.input_token); + property(this, 'limitKey', paginator.limit_key); + property(this, 'moreResults', paginator.more_results); + property(this, 'outputToken', paginator.output_token); + property(this, 'resultKey', paginator.result_key); +} - resp.httpResponse.buffers.push(AWS.util.buffer.toBuffer(chunk)); - } - }); +/** + * @api private + */ +module.exports = Paginator; - add('HTTP_DONE', 'httpDone', function HTTP_DONE(resp) { - // convert buffers array into single buffer - if (resp.httpResponse.buffers && resp.httpResponse.buffers.length > 0) { - var body = AWS.util.buffer.concat(resp.httpResponse.buffers); - resp.httpResponse.body = body; - } - delete resp.httpResponse.numBytes; - delete resp.httpResponse.buffers; - }); - add('FINALIZE_ERROR', 'retry', function FINALIZE_ERROR(resp) { - if (resp.httpResponse.statusCode) { - resp.error.statusCode = resp.httpResponse.statusCode; - if (resp.error.retryable === undefined) { - resp.error.retryable = this.service.retryableError(resp.error, this); - } - } - }); +/***/ }), - add('INVALIDATE_CREDENTIALS', 'retry', function INVALIDATE_CREDENTIALS(resp) { - if (!resp.error) return; - switch (resp.error.code) { - case 'RequestExpired': // EC2 only - case 'ExpiredTokenException': - case 'ExpiredToken': - resp.error.retryable = true; - resp.request.service.config.credentials.expired = true; - } - }); +/***/ 1368: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { - add('EXPIRED_SIGNATURE', 'retry', function EXPIRED_SIGNATURE(resp) { - var err = resp.error; - if (!err) return; - if (typeof err.code === 'string' && typeof err.message === 'string') { - if (err.code.match(/Signature/) && err.message.match(/expired/)) { - resp.error.retryable = true; - } - } - }); +var util = __nccwpck_require__(7985); +var property = util.property; - add('CLOCK_SKEWED', 'retry', function CLOCK_SKEWED(resp) { - if (!resp.error) return; - if (this.service.clockSkewError(resp.error) - && this.service.config.correctClockSkew) { - resp.error.retryable = true; - } - }); +function ResourceWaiter(name, waiter, options) { + options = options || {}; + property(this, 'name', name); + property(this, 'api', options.api, false); - add('REDIRECT', 'retry', function REDIRECT(resp) { - if (resp.error && resp.error.statusCode >= 300 && - resp.error.statusCode < 400 && resp.httpResponse.headers['location']) { - this.httpRequest.endpoint = - new AWS.Endpoint(resp.httpResponse.headers['location']); - this.httpRequest.headers['Host'] = this.httpRequest.endpoint.host; - resp.error.redirect = true; - resp.error.retryable = true; - } - }); + if (waiter.operation) { + property(this, 'operation', util.string.lowerFirst(waiter.operation)); + } - add('RETRY_CHECK', 'retry', function RETRY_CHECK(resp) { - if (resp.error) { - if (resp.error.redirect && resp.redirectCount < resp.maxRedirects) { - resp.error.retryDelay = 0; - } else if (resp.retryCount < resp.maxRetries) { - resp.error.retryDelay = this.service.retryDelays(resp.retryCount, resp.error) || 0; - } - } - }); + var self = this; + var keys = [ + 'type', + 'description', + 'delay', + 'maxAttempts', + 'acceptors' + ]; - addAsync('RESET_RETRY_STATE', 'afterRetry', function RESET_RETRY_STATE(resp, done) { - var delay, willRetry = false; + keys.forEach(function(key) { + var value = waiter[key]; + if (value) { + property(self, key, value); + } + }); +} - if (resp.error) { - delay = resp.error.retryDelay || 0; - if (resp.error.retryable && resp.retryCount < resp.maxRetries) { - resp.retryCount++; - willRetry = true; - } else if (resp.error.redirect && resp.redirectCount < resp.maxRedirects) { - resp.redirectCount++; - willRetry = true; - } - } +/** + * @api private + */ +module.exports = ResourceWaiter; - // delay < 0 is a signal from customBackoff to skip retries - if (willRetry && delay >= 0) { - resp.error = null; - setTimeout(done, delay); - } else { - done(); - } - }); - }), - CorePost: new SequentialExecutor().addNamedListeners(function(add) { - add('EXTRACT_REQUEST_ID', 'extractData', AWS.util.extractRequestId); - add('EXTRACT_REQUEST_ID', 'extractError', AWS.util.extractRequestId); +/***/ }), - add('ENOTFOUND_ERROR', 'httpError', function ENOTFOUND_ERROR(err) { - if (err.code === 'NetworkingError' && err.errno === 'ENOTFOUND') { - var message = 'Inaccessible host: `' + err.hostname + - '\'. This service may not be available in the `' + err.region + - '\' region.'; - this.response.error = AWS.util.error(new Error(message), { - code: 'UnknownEndpoint', - region: err.region, - hostname: err.hostname, - retryable: true, - originalError: err - }); - } - }); - }), +/***/ 1349: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { - Logger: new SequentialExecutor().addNamedListeners(function(add) { - add('LOG_REQUEST', 'complete', function LOG_REQUEST(resp) { - var req = resp.request; - var logger = req.service.config.logger; - if (!logger) return; - function filterSensitiveLog(inputShape, shape) { - if (!shape) { - return shape; - } - switch (inputShape.type) { - case 'structure': - var struct = {}; - AWS.util.each(shape, function(subShapeName, subShape) { - if (Object.prototype.hasOwnProperty.call(inputShape.members, subShapeName)) { - struct[subShapeName] = filterSensitiveLog(inputShape.members[subShapeName], subShape); - } else { - struct[subShapeName] = subShape; - } - }); - return struct; - case 'list': - var list = []; - AWS.util.arrayEach(shape, function(subShape, index) { - list.push(filterSensitiveLog(inputShape.member, subShape)); - }); - return list; - case 'map': - var map = {}; - AWS.util.each(shape, function(key, value) { - map[key] = filterSensitiveLog(inputShape.value, value); - }); - return map; - default: - if (inputShape.isSensitive) { - return '***SensitiveInformation***'; - } else { - return shape; - } - } - } +var Collection = __nccwpck_require__(1965); - function buildMessage() { - var time = resp.request.service.getSkewCorrectedDate().getTime(); - var delta = (time - req.startTime.getTime()) / 1000; - var ansi = logger.isTTY ? true : false; - var status = resp.httpResponse.statusCode; - var censoredParams = req.params; - if ( - req.service.api.operations && - req.service.api.operations[req.operation] && - req.service.api.operations[req.operation].input - ) { - var inputShape = req.service.api.operations[req.operation].input; - censoredParams = filterSensitiveLog(inputShape, req.params); - } - var params = __webpack_require__(669).inspect(censoredParams, true, null); - var message = ''; - if (ansi) message += '\x1B[33m'; - message += '[AWS ' + req.service.serviceIdentifier + ' ' + status; - message += ' ' + delta.toString() + 's ' + resp.retryCount + ' retries]'; - if (ansi) message += '\x1B[0;1m'; - message += ' ' + AWS.util.string.lowerFirst(req.operation); - message += '(' + params + ')'; - if (ansi) message += '\x1B[0m'; - return message; - } +var util = __nccwpck_require__(7985); - var line = buildMessage(); - if (typeof logger.log === 'function') { - logger.log(line); - } else if (typeof logger.write === 'function') { - logger.write(line + '\n'); - } - }); - }), +function property(obj, name, value) { + if (value !== null && value !== undefined) { + util.property.apply(this, arguments); + } +} - Json: new SequentialExecutor().addNamedListeners(function(add) { - var svc = __webpack_require__(912); - add('BUILD', 'build', svc.buildRequest); - add('EXTRACT_DATA', 'extractData', svc.extractData); - add('EXTRACT_ERROR', 'extractError', svc.extractError); - }), - - Rest: new SequentialExecutor().addNamedListeners(function(add) { - var svc = __webpack_require__(618); - add('BUILD', 'build', svc.buildRequest); - add('EXTRACT_DATA', 'extractData', svc.extractData); - add('EXTRACT_ERROR', 'extractError', svc.extractError); - }), - - RestJson: new SequentialExecutor().addNamedListeners(function(add) { - var svc = __webpack_require__(315); - add('BUILD', 'build', svc.buildRequest); - add('EXTRACT_DATA', 'extractData', svc.extractData); - add('EXTRACT_ERROR', 'extractError', svc.extractError); - }), +function memoizedProperty(obj, name) { + if (!obj.constructor.prototype[name]) { + util.memoizedProperty.apply(this, arguments); + } +} - RestXml: new SequentialExecutor().addNamedListeners(function(add) { - var svc = __webpack_require__(2); - add('BUILD', 'build', svc.buildRequest); - add('EXTRACT_DATA', 'extractData', svc.extractData); - add('EXTRACT_ERROR', 'extractError', svc.extractError); - }), +function Shape(shape, options, memberName) { + options = options || {}; - Query: new SequentialExecutor().addNamedListeners(function(add) { - var svc = __webpack_require__(576); - add('BUILD', 'build', svc.buildRequest); - add('EXTRACT_DATA', 'extractData', svc.extractData); - add('EXTRACT_ERROR', 'extractError', svc.extractError); - }) -}; + property(this, 'shape', shape.shape); + property(this, 'api', options.api, false); + property(this, 'type', shape.type); + property(this, 'enum', shape.enum); + property(this, 'min', shape.min); + property(this, 'max', shape.max); + property(this, 'pattern', shape.pattern); + property(this, 'location', shape.location || this.location || 'body'); + property(this, 'name', this.name || shape.xmlName || shape.queryName || + shape.locationName || memberName); + property(this, 'isStreaming', shape.streaming || this.isStreaming || false); + property(this, 'requiresLength', shape.requiresLength, false); + property(this, 'isComposite', shape.isComposite || false); + property(this, 'isShape', true, false); + property(this, 'isQueryName', Boolean(shape.queryName), false); + property(this, 'isLocationName', Boolean(shape.locationName), false); + property(this, 'isIdempotent', shape.idempotencyToken === true); + property(this, 'isJsonValue', shape.jsonvalue === true); + property(this, 'isSensitive', shape.sensitive === true || shape.prototype && shape.prototype.sensitive === true); + property(this, 'isEventStream', Boolean(shape.eventstream), false); + property(this, 'isEvent', Boolean(shape.event), false); + property(this, 'isEventPayload', Boolean(shape.eventpayload), false); + property(this, 'isEventHeader', Boolean(shape.eventheader), false); + property(this, 'isTimestampFormatSet', Boolean(shape.timestampFormat) || shape.prototype && shape.prototype.isTimestampFormatSet === true, false); + property(this, 'endpointDiscoveryId', Boolean(shape.endpointdiscoveryid), false); + property(this, 'hostLabel', Boolean(shape.hostLabel), false); + if (options.documentation) { + property(this, 'documentation', shape.documentation); + property(this, 'documentationUrl', shape.documentationUrl); + } -/***/ }), + if (shape.xmlAttribute) { + property(this, 'isXmlAttribute', shape.xmlAttribute || false); + } -/***/ 610: -/***/ (function(module, __unusedexports, __webpack_require__) { + // type conversion and parsing + property(this, 'defaultValue', null); + this.toWireFormat = function(value) { + if (value === null || value === undefined) return ''; + return value; + }; + this.toType = function(value) { return value; }; +} -var AWS = __webpack_require__(395); +/** + * @api private + */ +Shape.normalizedTypes = { + character: 'string', + double: 'float', + long: 'integer', + short: 'integer', + biginteger: 'integer', + bigdecimal: 'float', + blob: 'binary' +}; /** * @api private - * @!method on(eventName, callback) - * Registers an event listener callback for the event given by `eventName`. - * Parameters passed to the callback function depend on the individual event - * being triggered. See the event documentation for those parameters. - * - * @param eventName [String] the event name to register the listener for - * @param callback [Function] the listener callback function - * @param toHead [Boolean] attach the listener callback to the head of callback array if set to true. - * Default to be false. - * @return [AWS.SequentialExecutor] the same object for chaining */ -AWS.SequentialExecutor = AWS.util.inherit({ +Shape.types = { + 'structure': StructureShape, + 'list': ListShape, + 'map': MapShape, + 'boolean': BooleanShape, + 'timestamp': TimestampShape, + 'float': FloatShape, + 'integer': IntegerShape, + 'string': StringShape, + 'base64': Base64Shape, + 'binary': BinaryShape +}; - constructor: function SequentialExecutor() { - this._events = {}; - }, +Shape.resolve = function resolve(shape, options) { + if (shape.shape) { + var refShape = options.api.shapes[shape.shape]; + if (!refShape) { + throw new Error('Cannot find shape reference: ' + shape.shape); + } - /** - * @api private - */ - listeners: function listeners(eventName) { - return this._events[eventName] ? this._events[eventName].slice(0) : []; - }, + return refShape; + } else { + return null; + } +}; - on: function on(eventName, listener, toHead) { - if (this._events[eventName]) { - toHead ? - this._events[eventName].unshift(listener) : - this._events[eventName].push(listener); - } else { - this._events[eventName] = [listener]; +Shape.create = function create(shape, options, memberName) { + if (shape.isShape) return shape; + + var refShape = Shape.resolve(shape, options); + if (refShape) { + var filteredKeys = Object.keys(shape); + if (!options.documentation) { + filteredKeys = filteredKeys.filter(function(name) { + return !name.match(/documentation/); + }); } - return this; - }, - onAsync: function onAsync(eventName, listener, toHead) { - listener._isAsync = true; - return this.on(eventName, listener, toHead); - }, + // create an inline shape with extra members + var InlineShape = function() { + refShape.constructor.call(this, shape, options, memberName); + }; + InlineShape.prototype = refShape; + return new InlineShape(); + } else { + // set type if not set + if (!shape.type) { + if (shape.members) shape.type = 'structure'; + else if (shape.member) shape.type = 'list'; + else if (shape.key) shape.type = 'map'; + else shape.type = 'string'; + } - removeListener: function removeListener(eventName, listener) { - var listeners = this._events[eventName]; - if (listeners) { - var length = listeners.length; - var position = -1; - for (var i = 0; i < length; ++i) { - if (listeners[i] === listener) { - position = i; - } - } - if (position > -1) { - listeners.splice(position, 1); - } + // normalize types + var origType = shape.type; + if (Shape.normalizedTypes[shape.type]) { + shape.type = Shape.normalizedTypes[shape.type]; } - return this; - }, - removeAllListeners: function removeAllListeners(eventName) { - if (eventName) { - delete this._events[eventName]; + if (Shape.types[shape.type]) { + return new Shape.types[shape.type](shape, options, memberName); } else { - this._events = {}; + throw new Error('Unrecognized shape type: ' + origType); } - return this; - }, + } +}; - /** - * @api private - */ - emit: function emit(eventName, eventArgs, doneCallback) { - if (!doneCallback) doneCallback = function() { }; - var listeners = this.listeners(eventName); - var count = listeners.length; - this.callListeners(listeners, eventArgs, doneCallback); - return count > 0; - }, +function CompositeShape(shape) { + Shape.apply(this, arguments); + property(this, 'isComposite', true); - /** - * @api private - */ - callListeners: function callListeners(listeners, args, doneCallback, prevError) { - var self = this; - var error = prevError || null; + if (shape.flattened) { + property(this, 'flattened', shape.flattened || false); + } +} - function callNextListener(err) { - if (err) { - error = AWS.util.error(error || new Error(), err); - if (self._haltHandlersOnError) { - return doneCallback.call(self, error); - } - } - self.callListeners(listeners, args, doneCallback, error); - } +function StructureShape(shape, options) { + var self = this; + var requiredMap = null, firstInit = !this.isShape; - while (listeners.length > 0) { - var listener = listeners.shift(); - if (listener._isAsync) { // asynchronous listener - listener.apply(self, args.concat([callNextListener])); - return; // stop here, callNextListener will continue - } else { // synchronous listener - try { - listener.apply(self, args); - } catch (err) { - error = AWS.util.error(error || new Error(), err); - } - if (error && self._haltHandlersOnError) { - doneCallback.call(self, error); - return; - } - } - } - doneCallback.call(self, error); - }, + CompositeShape.apply(this, arguments); - /** - * Adds or copies a set of listeners from another list of - * listeners or SequentialExecutor object. - * - * @param listeners [map>, AWS.SequentialExecutor] - * a list of events and callbacks, or an event emitter object - * containing listeners to add to this emitter object. - * @return [AWS.SequentialExecutor] the emitter object, for chaining. - * @example Adding listeners from a map of listeners - * emitter.addListeners({ - * event1: [function() { ... }, function() { ... }], - * event2: [function() { ... }] - * }); - * emitter.emit('event1'); // emitter has event1 - * emitter.emit('event2'); // emitter has event2 - * @example Adding listeners from another emitter object - * var emitter1 = new AWS.SequentialExecutor(); - * emitter1.on('event1', function() { ... }); - * emitter1.on('event2', function() { ... }); - * var emitter2 = new AWS.SequentialExecutor(); - * emitter2.addListeners(emitter1); - * emitter2.emit('event1'); // emitter2 has event1 - * emitter2.emit('event2'); // emitter2 has event2 - */ - addListeners: function addListeners(listeners) { - var self = this; - - // extract listeners if parameter is an SequentialExecutor object - if (listeners._events) listeners = listeners._events; + if (firstInit) { + property(this, 'defaultValue', function() { return {}; }); + property(this, 'members', {}); + property(this, 'memberNames', []); + property(this, 'required', []); + property(this, 'isRequired', function() { return false; }); + property(this, 'isDocument', Boolean(shape.document)); + } - AWS.util.each(listeners, function(event, callbacks) { - if (typeof callbacks === 'function') callbacks = [callbacks]; - AWS.util.arrayEach(callbacks, function(callback) { - self.on(event, callback); - }); + if (shape.members) { + property(this, 'members', new Collection(shape.members, options, function(name, member) { + return Shape.create(member, options, name); + })); + memoizedProperty(this, 'memberNames', function() { + return shape.xmlOrder || Object.keys(shape.members); }); - return self; - }, - - /** - * Registers an event with {on} and saves the callback handle function - * as a property on the emitter object using a given `name`. - * - * @param name [String] the property name to set on this object containing - * the callback function handle so that the listener can be removed in - * the future. - * @param (see on) - * @return (see on) - * @example Adding a named listener DATA_CALLBACK - * var listener = function() { doSomething(); }; - * emitter.addNamedListener('DATA_CALLBACK', 'data', listener); - * - * // the following prints: true - * console.log(emitter.DATA_CALLBACK == listener); - */ - addNamedListener: function addNamedListener(name, eventName, callback, toHead) { - this[name] = callback; - this.addListener(eventName, callback, toHead); - return this; - }, + if (shape.event) { + memoizedProperty(this, 'eventPayloadMemberName', function() { + var members = self.members; + var memberNames = self.memberNames; + // iterate over members to find ones that are event payloads + for (var i = 0, iLen = memberNames.length; i < iLen; i++) { + if (members[memberNames[i]].isEventPayload) { + return memberNames[i]; + } + } + }); - /** - * @api private - */ - addNamedAsyncListener: function addNamedAsyncListener(name, eventName, callback, toHead) { - callback._isAsync = true; - return this.addNamedListener(name, eventName, callback, toHead); - }, + memoizedProperty(this, 'eventHeaderMemberNames', function() { + var members = self.members; + var memberNames = self.memberNames; + var eventHeaderMemberNames = []; + // iterate over members to find ones that are event headers + for (var i = 0, iLen = memberNames.length; i < iLen; i++) { + if (members[memberNames[i]].isEventHeader) { + eventHeaderMemberNames.push(memberNames[i]); + } + } + return eventHeaderMemberNames; + }); + } + } - /** - * Helper method to add a set of named listeners using - * {addNamedListener}. The callback contains a parameter - * with a handle to the `addNamedListener` method. - * - * @callback callback function(add) - * The callback function is called immediately in order to provide - * the `add` function to the block. This simplifies the addition of - * a large group of named listeners. - * @param add [Function] the {addNamedListener} function to call - * when registering listeners. - * @example Adding a set of named listeners - * emitter.addNamedListeners(function(add) { - * add('DATA_CALLBACK', 'data', function() { ... }); - * add('OTHER', 'otherEvent', function() { ... }); - * add('LAST', 'lastEvent', function() { ... }); - * }); - * - * // these properties are now set: - * emitter.DATA_CALLBACK; - * emitter.OTHER; - * emitter.LAST; - */ - addNamedListeners: function addNamedListeners(callback) { - var self = this; - callback( - function() { - self.addNamedListener.apply(self, arguments); - }, - function() { - self.addNamedAsyncListener.apply(self, arguments); + if (shape.required) { + property(this, 'required', shape.required); + property(this, 'isRequired', function(name) { + if (!requiredMap) { + requiredMap = {}; + for (var i = 0; i < shape.required.length; i++) { + requiredMap[shape.required[i]] = true; + } } - ); - return this; + + return requiredMap[name]; + }, false, true); } -}); -/** - * {on} is the prefered method. - * @api private - */ -AWS.SequentialExecutor.prototype.addListener = AWS.SequentialExecutor.prototype.on; + property(this, 'resultWrapper', shape.resultWrapper || null); -/** - * @api private - */ -module.exports = AWS.SequentialExecutor; + if (shape.payload) { + property(this, 'payload', shape.payload); + } + if (typeof shape.xmlNamespace === 'string') { + property(this, 'xmlNamespaceUri', shape.xmlNamespace); + } else if (typeof shape.xmlNamespace === 'object') { + property(this, 'xmlNamespacePrefix', shape.xmlNamespace.prefix); + property(this, 'xmlNamespaceUri', shape.xmlNamespace.uri); + } +} -/***/ }), +function ListShape(shape, options) { + var self = this, firstInit = !this.isShape; + CompositeShape.apply(this, arguments); -/***/ 614: -/***/ (function(module) { + if (firstInit) { + property(this, 'defaultValue', function() { return []; }); + } -module.exports = require("events"); + if (shape.member) { + memoizedProperty(this, 'member', function() { + return Shape.create(shape.member, options); + }); + } -/***/ }), + if (this.flattened) { + var oldName = this.name; + memoizedProperty(this, 'name', function() { + return self.member.name || oldName; + }); + } +} -/***/ 616: -/***/ (function(module, __unusedexports, __webpack_require__) { +function MapShape(shape, options) { + var firstInit = !this.isShape; + CompositeShape.apply(this, arguments); -var AWS = __webpack_require__(395); -var inherit = AWS.util.inherit; + if (firstInit) { + property(this, 'defaultValue', function() { return {}; }); + property(this, 'key', Shape.create({type: 'string'}, options)); + property(this, 'value', Shape.create({type: 'string'}, options)); + } -/** - * @api private - */ -AWS.Signers.S3 = inherit(AWS.Signers.RequestSigner, { - /** - * When building the stringToSign, these sub resource params should be - * part of the canonical resource string with their NON-decoded values - */ - subResources: { - 'acl': 1, - 'accelerate': 1, - 'analytics': 1, - 'cors': 1, - 'lifecycle': 1, - 'delete': 1, - 'inventory': 1, - 'location': 1, - 'logging': 1, - 'metrics': 1, - 'notification': 1, - 'partNumber': 1, - 'policy': 1, - 'requestPayment': 1, - 'replication': 1, - 'restore': 1, - 'tagging': 1, - 'torrent': 1, - 'uploadId': 1, - 'uploads': 1, - 'versionId': 1, - 'versioning': 1, - 'versions': 1, - 'website': 1 - }, + if (shape.key) { + memoizedProperty(this, 'key', function() { + return Shape.create(shape.key, options); + }); + } + if (shape.value) { + memoizedProperty(this, 'value', function() { + return Shape.create(shape.value, options); + }); + } +} - // when building the stringToSign, these querystring params should be - // part of the canonical resource string with their NON-encoded values - responseHeaders: { - 'response-content-type': 1, - 'response-content-language': 1, - 'response-expires': 1, - 'response-cache-control': 1, - 'response-content-disposition': 1, - 'response-content-encoding': 1 - }, +function TimestampShape(shape) { + var self = this; + Shape.apply(this, arguments); - addAuthorization: function addAuthorization(credentials, date) { - if (!this.request.headers['presigned-expires']) { - this.request.headers['X-Amz-Date'] = AWS.util.date.rfc822(date); + if (shape.timestampFormat) { + property(this, 'timestampFormat', shape.timestampFormat); + } else if (self.isTimestampFormatSet && this.timestampFormat) { + property(this, 'timestampFormat', this.timestampFormat); + } else if (this.location === 'header') { + property(this, 'timestampFormat', 'rfc822'); + } else if (this.location === 'querystring') { + property(this, 'timestampFormat', 'iso8601'); + } else if (this.api) { + switch (this.api.protocol) { + case 'json': + case 'rest-json': + property(this, 'timestampFormat', 'unixTimestamp'); + break; + case 'rest-xml': + case 'query': + case 'ec2': + property(this, 'timestampFormat', 'iso8601'); + break; } + } - if (credentials.sessionToken) { - // presigned URLs require this header to be lowercased - this.request.headers['x-amz-security-token'] = credentials.sessionToken; - } + this.toType = function(value) { + if (value === null || value === undefined) return null; + if (typeof value.toUTCString === 'function') return value; + return typeof value === 'string' || typeof value === 'number' ? + util.date.parseTimestamp(value) : null; + }; - var signature = this.sign(credentials.secretAccessKey, this.stringToSign()); - var auth = 'AWS ' + credentials.accessKeyId + ':' + signature; + this.toWireFormat = function(value) { + return util.date.format(value, self.timestampFormat); + }; +} - this.request.headers['Authorization'] = auth; - }, +function StringShape() { + Shape.apply(this, arguments); - stringToSign: function stringToSign() { - var r = this.request; + var nullLessProtocols = ['rest-xml', 'query', 'ec2']; + this.toType = function(value) { + value = this.api && nullLessProtocols.indexOf(this.api.protocol) > -1 ? + value || '' : value; + if (this.isJsonValue) { + return JSON.parse(value); + } - var parts = []; - parts.push(r.method); - parts.push(r.headers['Content-MD5'] || ''); - parts.push(r.headers['Content-Type'] || ''); + return value && typeof value.toString === 'function' ? + value.toString() : value; + }; - // This is the "Date" header, but we use X-Amz-Date. - // The S3 signing mechanism requires us to pass an empty - // string for this Date header regardless. - parts.push(r.headers['presigned-expires'] || ''); + this.toWireFormat = function(value) { + return this.isJsonValue ? JSON.stringify(value) : value; + }; +} - var headers = this.canonicalizedAmzHeaders(); - if (headers) parts.push(headers); - parts.push(this.canonicalizedResource()); +function FloatShape() { + Shape.apply(this, arguments); - return parts.join('\n'); + this.toType = function(value) { + if (value === null || value === undefined) return null; + return parseFloat(value); + }; + this.toWireFormat = this.toType; +} - }, +function IntegerShape() { + Shape.apply(this, arguments); - canonicalizedAmzHeaders: function canonicalizedAmzHeaders() { + this.toType = function(value) { + if (value === null || value === undefined) return null; + return parseInt(value, 10); + }; + this.toWireFormat = this.toType; +} - var amzHeaders = []; +function BinaryShape() { + Shape.apply(this, arguments); + this.toType = function(value) { + var buf = util.base64.decode(value); + if (this.isSensitive && util.isNode() && typeof util.Buffer.alloc === 'function') { + /* Node.js can create a Buffer that is not isolated. + * i.e. buf.byteLength !== buf.buffer.byteLength + * This means that the sensitive data is accessible to anyone with access to buf.buffer. + * If this is the node shared Buffer, then other code within this process _could_ find this secret. + * Copy sensitive data to an isolated Buffer and zero the sensitive data. + * While this is safe to do here, copying this code somewhere else may produce unexpected results. + */ + var secureBuf = util.Buffer.alloc(buf.length, buf); + buf.fill(0); + buf = secureBuf; + } + return buf; + }; + this.toWireFormat = util.base64.encode; +} - AWS.util.each(this.request.headers, function (name) { - if (name.match(/^x-amz-/i)) - amzHeaders.push(name); - }); +function Base64Shape() { + BinaryShape.apply(this, arguments); +} - amzHeaders.sort(function (a, b) { - return a.toLowerCase() < b.toLowerCase() ? -1 : 1; - }); +function BooleanShape() { + Shape.apply(this, arguments); - var parts = []; - AWS.util.arrayEach.call(this, amzHeaders, function (name) { - parts.push(name.toLowerCase() + ':' + String(this.request.headers[name])); - }); + this.toType = function(value) { + if (typeof value === 'boolean') return value; + if (value === null || value === undefined) return null; + return value === 'true'; + }; +} - return parts.join('\n'); +/** + * @api private + */ +Shape.shapes = { + StructureShape: StructureShape, + ListShape: ListShape, + MapShape: MapShape, + StringShape: StringShape, + BooleanShape: BooleanShape, + Base64Shape: Base64Shape +}; - }, +/** + * @api private + */ +module.exports = Shape; - canonicalizedResource: function canonicalizedResource() { - var r = this.request; +/***/ }), - var parts = r.path.split('?'); - var path = parts[0]; - var querystring = parts[1]; +/***/ 3639: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { - var resource = ''; +var util = __nccwpck_require__(7985); - if (r.virtualHostedBucket) - resource += '/' + r.virtualHostedBucket; +var region_utils = __nccwpck_require__(9517); +var isFipsRegion = region_utils.isFipsRegion; +var getRealRegion = region_utils.getRealRegion; - resource += path; +util.isBrowser = function() { return false; }; +util.isNode = function() { return true; }; - if (querystring) { +// node.js specific modules +util.crypto.lib = __nccwpck_require__(6113); +util.Buffer = (__nccwpck_require__(4300).Buffer); +util.domain = __nccwpck_require__(22); +util.stream = __nccwpck_require__(2781); +util.url = __nccwpck_require__(7310); +util.querystring = __nccwpck_require__(3477); +util.environment = 'nodejs'; +util.createEventStream = util.stream.Readable ? + (__nccwpck_require__(9643).createEventStream) : (__nccwpck_require__(3727).createEventStream); +util.realClock = __nccwpck_require__(1370); +util.clientSideMonitoring = { + Publisher: (__nccwpck_require__(6807).Publisher), + configProvider: __nccwpck_require__(1822), +}; +util.iniLoader = (__nccwpck_require__(9697)/* .iniLoader */ .b); +util.getSystemErrorName = (__nccwpck_require__(3837).getSystemErrorName); - // collect a list of sub resources and query params that need to be signed - var resources = []; +util.loadConfig = function(options) { + var envValue = options.environmentVariableSelector(process.env); + if (envValue !== undefined) { + return envValue; + } - AWS.util.arrayEach.call(this, querystring.split('&'), function (param) { - var name = param.split('=')[0]; - var value = param.split('=')[1]; - if (this.subResources[name] || this.responseHeaders[name]) { - var subresource = { name: name }; - if (value !== undefined) { - if (this.subResources[name]) { - subresource.value = value; - } else { - subresource.value = decodeURIComponent(value); - } - } - resources.push(subresource); - } - }); + var configFile = {}; + try { + configFile = util.iniLoader ? util.iniLoader.loadFrom({ + isConfig: true, + filename: process.env[util.sharedConfigFileEnv] + }) : {}; + } catch (e) {} + var sharedFileConfig = configFile[ + process.env.AWS_PROFILE || util.defaultProfile + ] || {}; + var configValue = options.configFileSelector(sharedFileConfig); + if (configValue !== undefined) { + return configValue; + } - resources.sort(function (a, b) { return a.name < b.name ? -1 : 1; }); + if (typeof options.default === 'function') { + return options.default(); + } + return options.default; +}; - if (resources.length) { +var AWS; - querystring = []; - AWS.util.arrayEach(resources, function (res) { - if (res.value === undefined) { - querystring.push(res.name); - } else { - querystring.push(res.name + '=' + res.value); - } - }); +/** + * @api private + */ +module.exports = AWS = __nccwpck_require__(8437); - resource += '?' + querystring.join('&'); - } +__nccwpck_require__(3819); +__nccwpck_require__(6965); +__nccwpck_require__(7360); +__nccwpck_require__(7083); +__nccwpck_require__(4998); +__nccwpck_require__(3498); +__nccwpck_require__(5037); +__nccwpck_require__(371); - } +// Load the xml2js XML parser +AWS.XML.Parser = __nccwpck_require__(6752); - return resource; +// Load Node HTTP client +__nccwpck_require__(2310); - }, +__nccwpck_require__(5417); - sign: function sign(secret, string) { - return AWS.util.crypto.hmac(secret, string, 'base64', 'sha1'); - } -}); +// Load custom credential providers +__nccwpck_require__(4420); +__nccwpck_require__(3379); +__nccwpck_require__(8764); +__nccwpck_require__(645); +__nccwpck_require__(7714); +__nccwpck_require__(7454); +__nccwpck_require__(3754); +__nccwpck_require__(371); +__nccwpck_require__(8335); + +// Setup default providers for credentials chain +// If this changes, please update documentation for +// AWS.CredentialProviderChain.defaultProviders in +// credentials/credential_provider_chain.js +AWS.CredentialProviderChain.defaultProviders = [ + function () { return new AWS.EnvironmentCredentials('AWS'); }, + function () { return new AWS.EnvironmentCredentials('AMAZON'); }, + function () { return new AWS.SsoCredentials(); }, + function () { return new AWS.SharedIniFileCredentials(); }, + function () { return new AWS.ECSCredentials(); }, + function () { return new AWS.ProcessCredentials(); }, + function () { return new AWS.TokenFileWebIdentityCredentials(); }, + function () { return new AWS.EC2MetadataCredentials(); } +]; -/** - * @api private - */ -module.exports = AWS.Signers.S3; +// Load custom token providers +__nccwpck_require__(2647); +__nccwpck_require__(126); +__nccwpck_require__(327); +// Setup default providers for token chain +// If this changes, please update documentation for +// AWS.TokenProviderChain.defaultProviders in +// token/token_provider_chain.js +AWS.TokenProviderChain.defaultProviders = [ + function () { return new AWS.SSOTokenProvider(); }, +]; -/***/ }), +var getRegion = function() { + var env = process.env; + var region = env.AWS_REGION || env.AMAZON_REGION; + if (env[AWS.util.configOptInEnv]) { + var toCheck = [ + {filename: env[AWS.util.sharedCredentialsFileEnv]}, + {isConfig: true, filename: env[AWS.util.sharedConfigFileEnv]} + ]; + var iniLoader = AWS.util.iniLoader; + while (!region && toCheck.length) { + var configFile = {}; + var fileInfo = toCheck.shift(); + try { + configFile = iniLoader.loadFrom(fileInfo); + } catch (err) { + if (fileInfo.isConfig) throw err; + } + var profile = configFile[env.AWS_PROFILE || AWS.util.defaultProfile]; + region = profile && profile.region; + } + } + return region; +}; -/***/ 618: -/***/ (function(module, __unusedexports, __webpack_require__) { +var getBooleanValue = function(value) { + return value === 'true' ? true: value === 'false' ? false: undefined; +}; -var util = __webpack_require__(153); -var populateHostPrefix = __webpack_require__(904).populateHostPrefix; +var USE_FIPS_ENDPOINT_CONFIG_OPTIONS = { + environmentVariableSelector: function(env) { + return getBooleanValue(env['AWS_USE_FIPS_ENDPOINT']); + }, + configFileSelector: function(profile) { + return getBooleanValue(profile['use_fips_endpoint']); + }, + default: false, +}; -function populateMethod(req) { - req.httpRequest.method = req.service.api.operations[req.operation].httpMethod; -} +var USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS = { + environmentVariableSelector: function(env) { + return getBooleanValue(env['AWS_USE_DUALSTACK_ENDPOINT']); + }, + configFileSelector: function(profile) { + return getBooleanValue(profile['use_dualstack_endpoint']); + }, + default: false, +}; -function generateURI(endpointPath, operationPath, input, params) { - var uri = [endpointPath, operationPath].join('/'); - uri = uri.replace(/\/+/g, '/'); - - var queryString = {}, queryStringSet = false; - util.each(input.members, function (name, member) { - var paramValue = params[name]; - if (paramValue === null || paramValue === undefined) return; - if (member.location === 'uri') { - var regex = new RegExp('\\{' + member.name + '(\\+)?\\}'); - uri = uri.replace(regex, function(_, plus) { - var fn = plus ? util.uriEscapePath : util.uriEscape; - return fn(String(paramValue)); - }); - } else if (member.location === 'querystring') { - queryStringSet = true; - - if (member.type === 'list') { - queryString[member.name] = paramValue.map(function(val) { - return util.uriEscape(member.member.toWireFormat(val).toString()); - }); - } else if (member.type === 'map') { - util.each(paramValue, function(key, value) { - if (Array.isArray(value)) { - queryString[key] = value.map(function(val) { - return util.uriEscape(String(val)); - }); - } else { - queryString[key] = util.uriEscape(String(value)); - } - }); - } else { - queryString[member.name] = util.uriEscape(member.toWireFormat(paramValue).toString()); - } - } - }); - - if (queryStringSet) { - uri += (uri.indexOf('?') >= 0 ? '&' : '?'); - var parts = []; - util.arrayEach(Object.keys(queryString).sort(), function(key) { - if (!Array.isArray(queryString[key])) { - queryString[key] = [queryString[key]]; - } - for (var i = 0; i < queryString[key].length; i++) { - parts.push(util.uriEscape(String(key)) + '=' + queryString[key][i]); - } +// Update configuration keys +AWS.util.update(AWS.Config.prototype.keys, { + credentials: function () { + var credentials = null; + new AWS.CredentialProviderChain([ + function () { return new AWS.EnvironmentCredentials('AWS'); }, + function () { return new AWS.EnvironmentCredentials('AMAZON'); }, + function () { return new AWS.SharedIniFileCredentials({ disableAssumeRole: true }); } + ]).resolve(function(err, creds) { + if (!err) credentials = creds; }); - uri += parts.join('&'); + return credentials; + }, + credentialProvider: function() { + return new AWS.CredentialProviderChain(); + }, + logger: function () { + return process.env.AWSJS_DEBUG ? console : null; + }, + region: function() { + var region = getRegion(); + return region ? getRealRegion(region): undefined; + }, + tokenProvider: function() { + return new AWS.TokenProviderChain(); + }, + useFipsEndpoint: function() { + var region = getRegion(); + return isFipsRegion(region) + ? true + : util.loadConfig(USE_FIPS_ENDPOINT_CONFIG_OPTIONS); + }, + useDualstackEndpoint: function() { + return util.loadConfig(USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS); } +}); - return uri; -} - -function populateURI(req) { - var operation = req.service.api.operations[req.operation]; - var input = operation.input; - - var uri = generateURI(req.httpRequest.endpoint.path, operation.httpPath, input, req.params); - req.httpRequest.path = uri; -} - -function populateHeaders(req) { - var operation = req.service.api.operations[req.operation]; - util.each(operation.input.members, function (name, member) { - var value = req.params[name]; - if (value === null || value === undefined) return; - - if (member.location === 'headers' && member.type === 'map') { - util.each(value, function(key, memberValue) { - req.httpRequest.headers[member.name + key] = memberValue; - }); - } else if (member.location === 'header') { - value = member.toWireFormat(value).toString(); - if (member.isJsonValue) { - value = util.base64.encode(value); - } - req.httpRequest.headers[member.name] = value; - } - }); -} - -function buildRequest(req) { - populateMethod(req); - populateURI(req); - populateHeaders(req); - populateHostPrefix(req); -} - -function extractError() { -} +// Reset configuration +AWS.config = new AWS.Config(); -function extractData(resp) { - var req = resp.request; - var data = {}; - var r = resp.httpResponse; - var operation = req.service.api.operations[req.operation]; - var output = operation.output; - // normalize headers names to lower-cased keys for matching - var headers = {}; - util.each(r.headers, function (k, v) { - headers[k.toLowerCase()] = v; - }); +/***/ }), - util.each(output.members, function(name, member) { - var header = (member.name || name).toLowerCase(); - if (member.location === 'headers' && member.type === 'map') { - data[name] = {}; - var location = member.isLocationName ? member.name : ''; - var pattern = new RegExp('^' + location + '(.+)', 'i'); - util.each(r.headers, function (k, v) { - var result = k.match(pattern); - if (result !== null) { - data[name][result[1]] = v; - } - }); - } else if (member.location === 'header') { - if (headers[header] !== undefined) { - var value = member.isJsonValue ? - util.base64.decode(headers[header]) : - headers[header]; - data[name] = member.toType(value); - } - } else if (member.location === 'statusCode') { - data[name] = parseInt(r.statusCode, 10); - } - }); +/***/ 9127: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require__) => { - resp.data = data; -} +var AWS = __nccwpck_require__(8437); /** * @api private */ -module.exports = { - buildRequest: buildRequest, - extractError: extractError, - extractData: extractData, - generateURI: generateURI -}; - - -/***/ }), - -/***/ 622: -/***/ (function(module) { +AWS.ParamValidator = AWS.util.inherit({ + /** + * Create a new validator object. + * + * @param validation [Boolean|map] whether input parameters should be + * validated against the operation description before sending the + * request. Pass a map to enable any of the following specific + * validation features: + * + * * **min** [Boolean] — Validates that a value meets the min + * constraint. This is enabled by default when paramValidation is set + * to `true`. + * * **max** [Boolean] — Validates that a value meets the max + * constraint. + * * **pattern** [Boolean] — Validates that a string value matches a + * regular expression. + * * **enum** [Boolean] — Validates that a string value matches one + * of the allowable enum values. + */ + constructor: function ParamValidator(validation) { + if (validation === true || validation === undefined) { + validation = {'min': true}; + } + this.validation = validation; + }, -module.exports = require("path"); + validate: function validate(shape, params, context) { + this.errors = []; + this.validateMember(shape, params || {}, context || 'params'); -/***/ }), + if (this.errors.length > 1) { + var msg = this.errors.join('\n* '); + msg = 'There were ' + this.errors.length + + ' validation errors:\n* ' + msg; + throw AWS.util.error(new Error(msg), + {code: 'MultipleValidationErrors', errors: this.errors}); + } else if (this.errors.length === 1) { + throw this.errors[0]; + } else { + return true; + } + }, -/***/ 624: -/***/ (function(module, __unusedexports, __webpack_require__) { + fail: function fail(code, message) { + this.errors.push(AWS.util.error(new Error(message), {code: code})); + }, -var util = __webpack_require__(153); -var property = util.property; + validateStructure: function validateStructure(shape, params, context) { + if (shape.isDocument) return true; -function ResourceWaiter(name, waiter, options) { - options = options || {}; - property(this, 'name', name); - property(this, 'api', options.api, false); + this.validateType(params, context, ['object'], 'structure'); + var paramName; + for (var i = 0; shape.required && i < shape.required.length; i++) { + paramName = shape.required[i]; + var value = params[paramName]; + if (value === undefined || value === null) { + this.fail('MissingRequiredParameter', + 'Missing required key \'' + paramName + '\' in ' + context); + } + } - if (waiter.operation) { - property(this, 'operation', util.string.lowerFirst(waiter.operation)); - } + // validate hash members + for (paramName in params) { + if (!Object.prototype.hasOwnProperty.call(params, paramName)) continue; - var self = this; - var keys = [ - 'type', - 'description', - 'delay', - 'maxAttempts', - 'acceptors' - ]; + var paramValue = params[paramName], + memberShape = shape.members[paramName]; - keys.forEach(function(key) { - var value = waiter[key]; - if (value) { - property(self, key, value); + if (memberShape !== undefined) { + var memberContext = [context, paramName].join('.'); + this.validateMember(memberShape, paramValue, memberContext); + } else if (paramValue !== undefined && paramValue !== null) { + this.fail('UnexpectedParameter', + 'Unexpected key \'' + paramName + '\' found in ' + context); + } } - }); -} - -/** - * @api private - */ -module.exports = ResourceWaiter; + return true; + }, -/***/ }), + validateMember: function validateMember(shape, param, context) { + switch (shape.type) { + case 'structure': + return this.validateStructure(shape, param, context); + case 'list': + return this.validateList(shape, param, context); + case 'map': + return this.validateMap(shape, param, context); + default: + return this.validateScalar(shape, param, context); + } + }, -/***/ 625: -/***/ (function(module) { + validateList: function validateList(shape, params, context) { + if (this.validateType(params, context, [Array])) { + this.validateRange(shape, params.length, context, 'list member count'); + // validate array members + for (var i = 0; i < params.length; i++) { + this.validateMember(shape.member, params[i], context + '[' + i + ']'); + } + } + }, -/** - * Takes in a buffer of event messages and splits them into individual messages. - * @param {Buffer} buffer - * @api private - */ -function eventMessageChunker(buffer) { - /** @type Buffer[] */ - var messages = []; - var offset = 0; + validateMap: function validateMap(shape, params, context) { + if (this.validateType(params, context, ['object'], 'map')) { + // Build up a count of map members to validate range traits. + var mapCount = 0; + for (var param in params) { + if (!Object.prototype.hasOwnProperty.call(params, param)) continue; + // Validate any map key trait constraints + this.validateMember(shape.key, param, + context + '[key=\'' + param + '\']'); + this.validateMember(shape.value, params[param], + context + '[\'' + param + '\']'); + mapCount++; + } + this.validateRange(shape, mapCount, context, 'map member count'); + } + }, - while (offset < buffer.length) { - var totalLength = buffer.readInt32BE(offset); + validateScalar: function validateScalar(shape, value, context) { + switch (shape.type) { + case null: + case undefined: + case 'string': + return this.validateString(shape, value, context); + case 'base64': + case 'binary': + return this.validatePayload(value, context); + case 'integer': + case 'float': + return this.validateNumber(shape, value, context); + case 'boolean': + return this.validateType(value, context, ['boolean']); + case 'timestamp': + return this.validateType(value, context, [Date, + /^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(\.\d+)?Z$/, 'number'], + 'Date object, ISO-8601 string, or a UNIX timestamp'); + default: + return this.fail('UnkownType', 'Unhandled type ' + + shape.type + ' for ' + context); + } + }, - // create new buffer for individual message (shares memory with original) - var message = buffer.slice(offset, totalLength + offset); - // increment offset to it starts at the next message - offset += totalLength; + validateString: function validateString(shape, value, context) { + var validTypes = ['string']; + if (shape.isJsonValue) { + validTypes = validTypes.concat(['number', 'object', 'boolean']); + } + if (value !== null && this.validateType(value, context, validTypes)) { + this.validateEnum(shape, value, context); + this.validateRange(shape, value.length, context, 'string length'); + this.validatePattern(shape, value, context); + this.validateUri(shape, value, context); + } + }, - messages.push(message); + validateUri: function validateUri(shape, value, context) { + if (shape['location'] === 'uri') { + if (value.length === 0) { + this.fail('UriParameterError', 'Expected uri parameter to have length >= 1,' + + ' but found "' + value +'" for ' + context); + } } + }, - return messages; -} + validatePattern: function validatePattern(shape, value, context) { + if (this.validation['pattern'] && shape['pattern'] !== undefined) { + if (!(new RegExp(shape['pattern'])).test(value)) { + this.fail('PatternMatchError', 'Provided value "' + value + '" ' + + 'does not match regex pattern /' + shape['pattern'] + '/ for ' + + context); + } + } + }, -/** - * @api private - */ -module.exports = { - eventMessageChunker: eventMessageChunker -}; + validateRange: function validateRange(shape, value, context, descriptor) { + if (this.validation['min']) { + if (shape['min'] !== undefined && value < shape['min']) { + this.fail('MinRangeError', 'Expected ' + descriptor + ' >= ' + + shape['min'] + ', but found ' + value + ' for ' + context); + } + } + if (this.validation['max']) { + if (shape['max'] !== undefined && value > shape['max']) { + this.fail('MaxRangeError', 'Expected ' + descriptor + ' <= ' + + shape['max'] + ', but found ' + value + ' for ' + context); + } + } + }, + validateEnum: function validateRange(shape, value, context) { + if (this.validation['enum'] && shape['enum'] !== undefined) { + // Fail if the string value is not present in the enum list + if (shape['enum'].indexOf(value) === -1) { + this.fail('EnumError', 'Found string value of ' + value + ', but ' + + 'expected ' + shape['enum'].join('|') + ' for ' + context); + } + } + }, -/***/ }), + validateType: function validateType(value, context, acceptedTypes, type) { + // We will not log an error for null or undefined, but we will return + // false so that callers know that the expected type was not strictly met. + if (value === null || value === undefined) return false; -/***/ 629: -/***/ (function(__unusedmodule, exports) { + var foundInvalidType = false; + for (var i = 0; i < acceptedTypes.length; i++) { + if (typeof acceptedTypes[i] === 'string') { + if (typeof value === acceptedTypes[i]) return true; + } else if (acceptedTypes[i] instanceof RegExp) { + if ((value || '').toString().match(acceptedTypes[i])) return true; + } else { + if (value instanceof acceptedTypes[i]) return true; + if (AWS.util.isType(value, acceptedTypes[i])) return true; + if (!type && !foundInvalidType) acceptedTypes = acceptedTypes.slice(); + acceptedTypes[i] = AWS.util.typeName(acceptedTypes[i]); + } + foundInvalidType = true; + } -"use strict"; + var acceptedType = type; + if (!acceptedType) { + acceptedType = acceptedTypes.join(', ').replace(/,([^,]+)$/, ', or$1'); + } -Object.defineProperty(exports, "__esModule", { value: true }); -var LinkedListNode = /** @class */ (function () { - function LinkedListNode(key, value) { - this.key = key; - this.value = value; + var vowel = acceptedType.match(/^[aeiou]/i) ? 'n' : ''; + this.fail('InvalidParameterType', 'Expected ' + context + ' to be a' + + vowel + ' ' + acceptedType); + return false; + }, + + validateNumber: function validateNumber(shape, value, context) { + if (value === null || value === undefined) return; + if (typeof value === 'string') { + var castedValue = parseFloat(value); + if (castedValue.toString() === value) value = castedValue; } - return LinkedListNode; -}()); -var LRUCache = /** @class */ (function () { - function LRUCache(size) { - this.nodeMap = {}; - this.size = 0; - if (typeof size !== 'number' || size < 1) { - throw new Error('Cache size can only be positive number'); - } - this.sizeLimit = size; + if (this.validateType(value, context, ['number'])) { + this.validateRange(shape, value, context, 'numeric value'); } - Object.defineProperty(LRUCache.prototype, "length", { - get: function () { - return this.size; - }, - enumerable: true, - configurable: true - }); - LRUCache.prototype.prependToList = function (node) { - if (!this.headerNode) { - this.tailNode = node; - } - else { - this.headerNode.prev = node; - node.next = this.headerNode; - } - this.headerNode = node; - this.size++; - }; - LRUCache.prototype.removeFromTail = function () { - if (!this.tailNode) { - return undefined; - } - var node = this.tailNode; - var prevNode = node.prev; - if (prevNode) { - prevNode.next = undefined; - } - node.prev = undefined; - this.tailNode = prevNode; - this.size--; - return node; - }; - LRUCache.prototype.detachFromList = function (node) { - if (this.headerNode === node) { - this.headerNode = node.next; - } - if (this.tailNode === node) { - this.tailNode = node.prev; - } - if (node.prev) { - node.prev.next = node.next; - } - if (node.next) { - node.next.prev = node.prev; - } - node.next = undefined; - node.prev = undefined; - this.size--; - }; - LRUCache.prototype.get = function (key) { - if (this.nodeMap[key]) { - var node = this.nodeMap[key]; - this.detachFromList(node); - this.prependToList(node); - return node.value; - } - }; - LRUCache.prototype.remove = function (key) { - if (this.nodeMap[key]) { - var node = this.nodeMap[key]; - this.detachFromList(node); - delete this.nodeMap[key]; - } - }; - LRUCache.prototype.put = function (key, value) { - if (this.nodeMap[key]) { - this.remove(key); - } - else if (this.size === this.sizeLimit) { - var tailNode = this.removeFromTail(); - var key_1 = tailNode.key; - delete this.nodeMap[key_1]; - } - var newNode = new LinkedListNode(key, value); - this.nodeMap[key] = newNode; - this.prependToList(newNode); - }; - LRUCache.prototype.empty = function () { - var keys = Object.keys(this.nodeMap); - for (var i = 0; i < keys.length; i++) { - var key = keys[i]; - var node = this.nodeMap[key]; - this.detachFromList(node); - delete this.nodeMap[key]; - } - }; - return LRUCache; -}()); -exports.LRUCache = LRUCache; + }, + + validatePayload: function validatePayload(value, context) { + if (value === null || value === undefined) return; + if (typeof value === 'string') return; + if (value && typeof value.byteLength === 'number') return; // typed arrays + if (AWS.util.isNode()) { // special check for buffer/stream in Node.js + var Stream = AWS.util.stream.Stream; + if (AWS.util.Buffer.isBuffer(value) || value instanceof Stream) return; + } else { + if (typeof Blob !== void 0 && value instanceof Blob) return; + } + + var types = ['Buffer', 'Stream', 'File', 'Blob', 'ArrayBuffer', 'DataView']; + if (value) { + for (var i = 0; i < types.length; i++) { + if (AWS.util.isType(value, types[i])) return; + if (AWS.util.typeName(value.constructor) === types[i]) return; + } + } + + this.fail('InvalidParameterType', 'Expected ' + context + ' to be a ' + + 'string, Buffer, Stream, Blob, or typed array object'); + } +}); + /***/ }), -/***/ 634: -/***/ (function(__unusedmodule, __unusedexports, __webpack_require__) { +/***/ 7969: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { -var AWS = __webpack_require__(395); +var util = __nccwpck_require__(7985); +var AWS = __nccwpck_require__(8437); /** - * Represents credentials from a JSON file on disk. - * If the credentials expire, the SDK can {refresh} the credentials - * from the file. - * - * The format of the file should be similar to the options passed to - * {AWS.Config}: - * - * ```javascript - * {accessKeyId: 'akid', secretAccessKey: 'secret', sessionToken: 'optional'} - * ``` - * - * @example Loading credentials from disk - * var creds = new AWS.FileSystemCredentials('./configuration.json'); - * creds.accessKeyId == 'AKID' - * - * @!attribute filename - * @readonly - * @return [String] the path to the JSON file on disk containing the - * credentials. - * @!macro nobrowser + * Prepend prefix defined by API model to endpoint that's already + * constructed. This feature does not apply to operations using + * endpoint discovery and can be disabled. + * @api private */ -AWS.FileSystemCredentials = AWS.util.inherit(AWS.Credentials, { +function populateHostPrefix(request) { + var enabled = request.service.config.hostPrefixEnabled; + if (!enabled) return request; + var operationModel = request.service.api.operations[request.operation]; + //don't marshal host prefix when operation has endpoint discovery traits + if (hasEndpointDiscover(request)) return request; + if (operationModel.endpoint && operationModel.endpoint.hostPrefix) { + var hostPrefixNotation = operationModel.endpoint.hostPrefix; + var hostPrefix = expandHostPrefix(hostPrefixNotation, request.params, operationModel.input); + prependEndpointPrefix(request.httpRequest.endpoint, hostPrefix); + validateHostname(request.httpRequest.endpoint.hostname); + } + return request; +} - /** - * @overload AWS.FileSystemCredentials(filename) - * Creates a new FileSystemCredentials object from a filename - * - * @param filename [String] the path on disk to the JSON file to load. - */ - constructor: function FileSystemCredentials(filename) { - AWS.Credentials.call(this); - this.filename = filename; - this.get(function() {}); - }, +/** + * @api private + */ +function hasEndpointDiscover(request) { + var api = request.service.api; + var operationModel = api.operations[request.operation]; + var isEndpointOperation = api.endpointOperation && (api.endpointOperation === util.string.lowerFirst(operationModel.name)); + return (operationModel.endpointDiscoveryRequired !== 'NULL' || isEndpointOperation === true); +} - /** - * Loads the credentials from the {filename} on disk. - * - * @callback callback function(err) - * Called after the JSON file on disk is read and parsed. When this callback - * is called with no error, it means that the credentials information - * has been loaded into the object (as the `accessKeyId`, `secretAccessKey`, - * and `sessionToken` properties). - * @param err [Error] if an error occurred, this value will be filled - * @see get - */ - refresh: function refresh(callback) { - if (!callback) callback = AWS.util.fn.callback; - try { - var creds = JSON.parse(AWS.util.readFileSync(this.filename)); - AWS.Credentials.call(this, creds); - if (!this.accessKeyId || !this.secretAccessKey) { - throw AWS.util.error( - new Error('Credentials not set in ' + this.filename), - { code: 'FileSystemCredentialsProviderFailure' } - ); +/** + * @api private + */ +function expandHostPrefix(hostPrefixNotation, params, shape) { + util.each(shape.members, function(name, member) { + if (member.hostLabel === true) { + if (typeof params[name] !== 'string' || params[name] === '') { + throw util.error(new Error(), { + message: 'Parameter ' + name + ' should be a non-empty string.', + code: 'InvalidParameter' + }); } - this.expired = false; - callback(); - } catch (err) { - callback(err); + var regex = new RegExp('\\{' + name + '\\}', 'g'); + hostPrefixNotation = hostPrefixNotation.replace(regex, params[name]); } + }); + return hostPrefixNotation; +} + +/** + * @api private + */ +function prependEndpointPrefix(endpoint, prefix) { + if (endpoint.host) { + endpoint.host = prefix + endpoint.host; + } + if (endpoint.hostname) { + endpoint.hostname = prefix + endpoint.hostname; } +} -}); +/** + * @api private + */ +function validateHostname(hostname) { + var labels = hostname.split('.'); + //Reference: https://tools.ietf.org/html/rfc1123#section-2 + var hostPattern = /^[a-zA-Z0-9]{1}$|^[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9]$/; + util.arrayEach(labels, function(label) { + if (!label.length || label.length < 1 || label.length > 63) { + throw util.error(new Error(), { + code: 'ValidationError', + message: 'Hostname label length should be between 1 to 63 characters, inclusive.' + }); + } + if (!hostPattern.test(label)) { + throw AWS.util.error(new Error(), + {code: 'ValidationError', message: label + ' is not hostname compatible.'}); + } + }); +} + +module.exports = { + populateHostPrefix: populateHostPrefix +}; /***/ }), -/***/ 645: -/***/ (function(__unusedmodule, exports, __webpack_require__) { +/***/ 83: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { -;(function (sax) { // wrapper for non-node envs - sax.parser = function (strict, opt) { return new SAXParser(strict, opt) } - sax.SAXParser = SAXParser - sax.SAXStream = SAXStream - sax.createStream = createStream +var util = __nccwpck_require__(7985); +var JsonBuilder = __nccwpck_require__(7495); +var JsonParser = __nccwpck_require__(5474); +var populateHostPrefix = (__nccwpck_require__(7969).populateHostPrefix); - // When we pass the MAX_BUFFER_LENGTH position, start checking for buffer overruns. - // When we check, schedule the next check for MAX_BUFFER_LENGTH - (max(buffer lengths)), - // since that's the earliest that a buffer overrun could occur. This way, checks are - // as rare as required, but as often as necessary to ensure never crossing this bound. - // Furthermore, buffers are only tested at most once per write(), so passing a very - // large string into write() might have undesirable effects, but this is manageable by - // the caller, so it is assumed to be safe. Thus, a call to write() may, in the extreme - // edge case, result in creating at most one complete copy of the string passed in. - // Set to Infinity to have unlimited buffers. - sax.MAX_BUFFER_LENGTH = 64 * 1024 +function buildRequest(req) { + var httpRequest = req.httpRequest; + var api = req.service.api; + var target = api.targetPrefix + '.' + api.operations[req.operation].name; + var version = api.jsonVersion || '1.0'; + var input = api.operations[req.operation].input; + var builder = new JsonBuilder(); - var buffers = [ - 'comment', 'sgmlDecl', 'textNode', 'tagName', 'doctype', - 'procInstName', 'procInstBody', 'entity', 'attribName', - 'attribValue', 'cdata', 'script' - ] + if (version === 1) version = '1.0'; + httpRequest.body = builder.build(req.params || {}, input); + httpRequest.headers['Content-Type'] = 'application/x-amz-json-' + version; + httpRequest.headers['X-Amz-Target'] = target; - sax.EVENTS = [ - 'text', - 'processinginstruction', - 'sgmldeclaration', - 'doctype', - 'comment', - 'opentagstart', - 'attribute', - 'opentag', - 'closetag', - 'opencdata', - 'cdata', - 'closecdata', - 'error', - 'end', - 'ready', - 'script', - 'opennamespace', - 'closenamespace' - ] + populateHostPrefix(req); +} - function SAXParser (strict, opt) { - if (!(this instanceof SAXParser)) { - return new SAXParser(strict, opt) - } +function extractError(resp) { + var error = {}; + var httpResponse = resp.httpResponse; - var parser = this - clearBuffers(parser) - parser.q = parser.c = '' - parser.bufferCheckPosition = sax.MAX_BUFFER_LENGTH - parser.opt = opt || {} - parser.opt.lowercase = parser.opt.lowercase || parser.opt.lowercasetags - parser.looseCase = parser.opt.lowercase ? 'toLowerCase' : 'toUpperCase' - parser.tags = [] - parser.closed = parser.closedRoot = parser.sawRoot = false - parser.tag = parser.error = null - parser.strict = !!strict - parser.noscript = !!(strict || parser.opt.noscript) - parser.state = S.BEGIN - parser.strictEntities = parser.opt.strictEntities - parser.ENTITIES = parser.strictEntities ? Object.create(sax.XML_ENTITIES) : Object.create(sax.ENTITIES) - parser.attribList = [] - - // namespaces form a prototype chain. - // it always points at the current tag, - // which protos to its parent tag. - if (parser.opt.xmlns) { - parser.ns = Object.create(rootNS) - } - - // mostly just for error reporting - parser.trackPosition = parser.opt.position !== false - if (parser.trackPosition) { - parser.position = parser.line = parser.column = 0 - } - emit(parser, 'onready') + error.code = httpResponse.headers['x-amzn-errortype'] || 'UnknownError'; + if (typeof error.code === 'string') { + error.code = error.code.split(':')[0]; } - if (!Object.create) { - Object.create = function (o) { - function F () {} - F.prototype = o - var newf = new F() - return newf + if (httpResponse.body.length > 0) { + try { + var e = JSON.parse(httpResponse.body.toString()); + var code = e.__type || e.code || e.Code; + if (code) { + error.code = code.split('#').pop(); + } + if (error.code === 'RequestEntityTooLarge') { + error.message = 'Request body must be less than 1 MB'; + } else { + error.message = (e.message || e.Message || null); + } + } catch (e) { + error.statusCode = httpResponse.statusCode; + error.message = httpResponse.statusMessage; } + } else { + error.statusCode = httpResponse.statusCode; + error.message = httpResponse.statusCode.toString(); } - if (!Object.keys) { - Object.keys = function (o) { - var a = [] - for (var i in o) if (o.hasOwnProperty(i)) a.push(i) - return a - } + resp.error = util.error(new Error(), error); +} + +function extractData(resp) { + var body = resp.httpResponse.body.toString() || '{}'; + if (resp.request.service.config.convertResponseTypes === false) { + resp.data = JSON.parse(body); + } else { + var operation = resp.request.service.api.operations[resp.request.operation]; + var shape = operation.output || {}; + var parser = new JsonParser(); + resp.data = parser.parse(body, shape); } +} - function checkBufferLength (parser) { - var maxAllowed = Math.max(sax.MAX_BUFFER_LENGTH, 10) - var maxActual = 0 - for (var i = 0, l = buffers.length; i < l; i++) { - var len = parser[buffers[i]].length - if (len > maxAllowed) { - // Text/cdata nodes can get big, and since they're buffered, - // we can get here under normal conditions. - // Avoid issues by emitting the text node now, - // so at least it won't get any bigger. - switch (buffers[i]) { - case 'textNode': - closeText(parser) - break +/** + * @api private + */ +module.exports = { + buildRequest: buildRequest, + extractError: extractError, + extractData: extractData +}; - case 'cdata': - emitNode(parser, 'oncdata', parser.cdata) - parser.cdata = '' - break - case 'script': - emitNode(parser, 'onscript', parser.script) - parser.script = '' - break +/***/ }), - default: - error(parser, 'Max buffer length exceeded: ' + buffers[i]) - } - } - maxActual = Math.max(maxActual, len) - } - // schedule the next check for the earliest possible buffer overrun. - var m = sax.MAX_BUFFER_LENGTH - maxActual - parser.bufferCheckPosition = m + parser.position - } +/***/ 761: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { - function clearBuffers (parser) { - for (var i = 0, l = buffers.length; i < l; i++) { - parser[buffers[i]] = '' - } - } +var AWS = __nccwpck_require__(8437); +var util = __nccwpck_require__(7985); +var QueryParamSerializer = __nccwpck_require__(5175); +var Shape = __nccwpck_require__(1349); +var populateHostPrefix = (__nccwpck_require__(7969).populateHostPrefix); - function flushBuffers (parser) { - closeText(parser) - if (parser.cdata !== '') { - emitNode(parser, 'oncdata', parser.cdata) - parser.cdata = '' - } - if (parser.script !== '') { - emitNode(parser, 'onscript', parser.script) - parser.script = '' +function buildRequest(req) { + var operation = req.service.api.operations[req.operation]; + var httpRequest = req.httpRequest; + httpRequest.headers['Content-Type'] = + 'application/x-www-form-urlencoded; charset=utf-8'; + httpRequest.params = { + Version: req.service.api.apiVersion, + Action: operation.name + }; + + // convert the request parameters into a list of query params, + // e.g. Deeply.NestedParam.0.Name=value + var builder = new QueryParamSerializer(); + builder.serialize(req.params, operation.input, function(name, value) { + httpRequest.params[name] = value; + }); + httpRequest.body = util.queryParamsToString(httpRequest.params); + + populateHostPrefix(req); +} + +function extractError(resp) { + var data, body = resp.httpResponse.body.toString(); + if (body.match(' { - // if didn't throw, then means error was handled. - // go ahead and clear error, so we can write again. - me._parser.error = null - } +var util = __nccwpck_require__(7985); +var populateHostPrefix = (__nccwpck_require__(7969).populateHostPrefix); - this._decoder = null +function populateMethod(req) { + req.httpRequest.method = req.service.api.operations[req.operation].httpMethod; +} - streamWraps.forEach(function (ev) { - Object.defineProperty(me, 'on' + ev, { - get: function () { - return me._parser['on' + ev] - }, - set: function (h) { - if (!h) { - me.removeAllListeners(ev) - me._parser['on' + ev] = h - return h - } - me.on(ev, h) - }, - enumerable: true, - configurable: false - }) - }) - } +function generateURI(endpointPath, operationPath, input, params) { + var uri = [endpointPath, operationPath].join('/'); + uri = uri.replace(/\/+/g, '/'); - SAXStream.prototype = Object.create(Stream.prototype, { - constructor: { - value: SAXStream - } - }) + var queryString = {}, queryStringSet = false; + util.each(input.members, function (name, member) { + var paramValue = params[name]; + if (paramValue === null || paramValue === undefined) return; + if (member.location === 'uri') { + var regex = new RegExp('\\{' + member.name + '(\\+)?\\}'); + uri = uri.replace(regex, function(_, plus) { + var fn = plus ? util.uriEscapePath : util.uriEscape; + return fn(String(paramValue)); + }); + } else if (member.location === 'querystring') { + queryStringSet = true; - SAXStream.prototype.write = function (data) { - if (typeof Buffer === 'function' && - typeof Buffer.isBuffer === 'function' && - Buffer.isBuffer(data)) { - if (!this._decoder) { - var SD = __webpack_require__(304).StringDecoder - this._decoder = new SD('utf8') + if (member.type === 'list') { + queryString[member.name] = paramValue.map(function(val) { + return util.uriEscape(member.member.toWireFormat(val).toString()); + }); + } else if (member.type === 'map') { + util.each(paramValue, function(key, value) { + if (Array.isArray(value)) { + queryString[key] = value.map(function(val) { + return util.uriEscape(String(val)); + }); + } else { + queryString[key] = util.uriEscape(String(value)); + } + }); + } else { + queryString[member.name] = util.uriEscape(member.toWireFormat(paramValue).toString()); } - data = this._decoder.write(data) } + }); - this._parser.write(data.toString()) - this.emit('data', data) - return true + if (queryStringSet) { + uri += (uri.indexOf('?') >= 0 ? '&' : '?'); + var parts = []; + util.arrayEach(Object.keys(queryString).sort(), function(key) { + if (!Array.isArray(queryString[key])) { + queryString[key] = [queryString[key]]; + } + for (var i = 0; i < queryString[key].length; i++) { + parts.push(util.uriEscape(String(key)) + '=' + queryString[key][i]); + } + }); + uri += parts.join('&'); } - SAXStream.prototype.end = function (chunk) { - if (chunk && chunk.length) { - this.write(chunk) + return uri; +} + +function populateURI(req) { + var operation = req.service.api.operations[req.operation]; + var input = operation.input; + + var uri = generateURI(req.httpRequest.endpoint.path, operation.httpPath, input, req.params); + req.httpRequest.path = uri; +} + +function populateHeaders(req) { + var operation = req.service.api.operations[req.operation]; + util.each(operation.input.members, function (name, member) { + var value = req.params[name]; + if (value === null || value === undefined) return; + + if (member.location === 'headers' && member.type === 'map') { + util.each(value, function(key, memberValue) { + req.httpRequest.headers[member.name + key] = memberValue; + }); + } else if (member.location === 'header') { + value = member.toWireFormat(value).toString(); + if (member.isJsonValue) { + value = util.base64.encode(value); + } + req.httpRequest.headers[member.name] = value; } - this._parser.end() - return true - } + }); +} - SAXStream.prototype.on = function (ev, handler) { - var me = this - if (!me._parser['on' + ev] && streamWraps.indexOf(ev) !== -1) { - me._parser['on' + ev] = function () { - var args = arguments.length === 1 ? [arguments[0]] : Array.apply(null, arguments) - args.splice(0, 0, ev) - me.emit.apply(me, args) +function buildRequest(req) { + populateMethod(req); + populateURI(req); + populateHeaders(req); + populateHostPrefix(req); +} + +function extractError() { +} + +function extractData(resp) { + var req = resp.request; + var data = {}; + var r = resp.httpResponse; + var operation = req.service.api.operations[req.operation]; + var output = operation.output; + + // normalize headers names to lower-cased keys for matching + var headers = {}; + util.each(r.headers, function (k, v) { + headers[k.toLowerCase()] = v; + }); + + util.each(output.members, function(name, member) { + var header = (member.name || name).toLowerCase(); + if (member.location === 'headers' && member.type === 'map') { + data[name] = {}; + var location = member.isLocationName ? member.name : ''; + var pattern = new RegExp('^' + location + '(.+)', 'i'); + util.each(r.headers, function (k, v) { + var result = k.match(pattern); + if (result !== null) { + data[name][result[1]] = v; + } + }); + } else if (member.location === 'header') { + if (headers[header] !== undefined) { + var value = member.isJsonValue ? + util.base64.decode(headers[header]) : + headers[header]; + data[name] = member.toType(value); } + } else if (member.location === 'statusCode') { + data[name] = parseInt(r.statusCode, 10); } + }); - return Stream.prototype.on.call(me, ev, handler) - } + resp.data = data; +} - // this really needs to be replaced with character classes. - // XML allows all manner of ridiculous numbers and digits. - var CDATA = '[CDATA[' - var DOCTYPE = 'DOCTYPE' - var XML_NAMESPACE = 'http://www.w3.org/XML/1998/namespace' - var XMLNS_NAMESPACE = 'http://www.w3.org/2000/xmlns/' - var rootNS = { xml: XML_NAMESPACE, xmlns: XMLNS_NAMESPACE } +/** + * @api private + */ +module.exports = { + buildRequest: buildRequest, + extractError: extractError, + extractData: extractData, + generateURI: generateURI +}; - // http://www.w3.org/TR/REC-xml/#NT-NameStartChar - // This implementation works on strings, a single character at a time - // as such, it cannot ever support astral-plane characters (10000-EFFFF) - // without a significant breaking change to either this parser, or the - // JavaScript language. Implementation of an emoji-capable xml parser - // is left as an exercise for the reader. - var nameStart = /[:_A-Za-z\u00C0-\u00D6\u00D8-\u00F6\u00F8-\u02FF\u0370-\u037D\u037F-\u1FFF\u200C-\u200D\u2070-\u218F\u2C00-\u2FEF\u3001-\uD7FF\uF900-\uFDCF\uFDF0-\uFFFD]/ - var nameBody = /[:_A-Za-z\u00C0-\u00D6\u00D8-\u00F6\u00F8-\u02FF\u0370-\u037D\u037F-\u1FFF\u200C-\u200D\u2070-\u218F\u2C00-\u2FEF\u3001-\uD7FF\uF900-\uFDCF\uFDF0-\uFFFD\u00B7\u0300-\u036F\u203F-\u2040.\d-]/ +/***/ }), - var entityStart = /[#:_A-Za-z\u00C0-\u00D6\u00D8-\u00F6\u00F8-\u02FF\u0370-\u037D\u037F-\u1FFF\u200C-\u200D\u2070-\u218F\u2C00-\u2FEF\u3001-\uD7FF\uF900-\uFDCF\uFDF0-\uFFFD]/ - var entityBody = /[#:_A-Za-z\u00C0-\u00D6\u00D8-\u00F6\u00F8-\u02FF\u0370-\u037D\u037F-\u1FFF\u200C-\u200D\u2070-\u218F\u2C00-\u2FEF\u3001-\uD7FF\uF900-\uFDCF\uFDF0-\uFFFD\u00B7\u0300-\u036F\u203F-\u2040.\d-]/ +/***/ 5883: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { - function isWhitespace (c) { - return c === ' ' || c === '\n' || c === '\r' || c === '\t' - } +var util = __nccwpck_require__(7985); +var Rest = __nccwpck_require__(8200); +var Json = __nccwpck_require__(83); +var JsonBuilder = __nccwpck_require__(7495); +var JsonParser = __nccwpck_require__(5474); - function isQuote (c) { - return c === '"' || c === '\'' +var METHODS_WITHOUT_BODY = ['GET', 'HEAD', 'DELETE']; + +function unsetContentLength(req) { + var payloadMember = util.getRequestPayloadShape(req); + if ( + payloadMember === undefined && + METHODS_WITHOUT_BODY.indexOf(req.httpRequest.method) >= 0 + ) { + delete req.httpRequest.headers['Content-Length']; } +} - function isAttribEnd (c) { - return c === '>' || isWhitespace(c) +function populateBody(req) { + var builder = new JsonBuilder(); + var input = req.service.api.operations[req.operation].input; + + if (input.payload) { + var params = {}; + var payloadShape = input.members[input.payload]; + params = req.params[input.payload]; + + if (payloadShape.type === 'structure') { + req.httpRequest.body = builder.build(params || {}, payloadShape); + applyContentTypeHeader(req); + } else if (params !== undefined) { + // non-JSON payload + req.httpRequest.body = params; + if (payloadShape.type === 'binary' || payloadShape.isStreaming) { + applyContentTypeHeader(req, true); + } + } + } else { + req.httpRequest.body = builder.build(req.params, input); + applyContentTypeHeader(req); } +} - function isMatch (regex, c) { - return regex.test(c) +function applyContentTypeHeader(req, isBinary) { + if (!req.httpRequest.headers['Content-Type']) { + var type = isBinary ? 'binary/octet-stream' : 'application/json'; + req.httpRequest.headers['Content-Type'] = type; } +} - function notMatch (regex, c) { - return !isMatch(regex, c) +function buildRequest(req) { + Rest.buildRequest(req); + + // never send body payload on GET/HEAD/DELETE + if (METHODS_WITHOUT_BODY.indexOf(req.httpRequest.method) < 0) { + populateBody(req); } +} - var S = 0 - sax.STATE = { - BEGIN: S++, // leading byte order mark or whitespace - BEGIN_WHITESPACE: S++, // leading whitespace - TEXT: S++, // general stuff - TEXT_ENTITY: S++, // & and such. - OPEN_WAKA: S++, // < - SGML_DECL: S++, // - SCRIPT: S++, //