rittenhop-dev/versions/5.94.2/node_modules/@aws-sdk/credential-provider-ini/dist-es/resolveAssumeRoleCredentials.js

import { CredentialsProviderError } from "@aws-sdk/property-provider";
import { getProfileName } from "@aws-sdk/shared-ini-file-loader";
import { resolveCredentialSource } from "./resolveCredentialSource";
import { resolveProfileData } from "./resolveProfileData";
export const isAssumeRoleProfile = (arg) => Boolean(arg) &&
    typeof arg === "object" &&
    typeof arg.role_arn === "string" &&
    ["undefined", "string"].indexOf(typeof arg.role_session_name) > -1 &&
    ["undefined", "string"].indexOf(typeof arg.external_id) > -1 &&
    ["undefined", "string"].indexOf(typeof arg.mfa_serial) > -1 &&
    (isAssumeRoleWithSourceProfile(arg) || isAssumeRoleWithProviderProfile(arg));
const isAssumeRoleWithSourceProfile = (arg) => typeof arg.source_profile === "string" && typeof arg.credential_source === "undefined";
const isAssumeRoleWithProviderProfile = (arg) => typeof arg.credential_source === "string" && typeof arg.source_profile === "undefined";
export const resolveAssumeRoleCredentials = async (profileName, profiles, options, visitedProfiles = {}) => {
    const data = profiles[profileName];
    if (!options.roleAssumer) {
        throw new CredentialsProviderError(`Profile ${profileName} requires a role to be assumed, but no role assumption callback was provided.`, false);
    }
    const { source_profile } = data;
    if (source_profile && source_profile in visitedProfiles) {
        throw new CredentialsProviderError(`Detected a cycle attempting to resolve credentials for profile` +
            ` ${getProfileName(options)}. Profiles visited: ` +
            Object.keys(visitedProfiles).join(", "), false);
    }
    const sourceCredsProvider = source_profile
        ? resolveProfileData(source_profile, profiles, options, {
            ...visitedProfiles,
            [source_profile]: true,
        })
        : resolveCredentialSource(data.credential_source, profileName)();
    const params = {
        RoleArn: data.role_arn,
        RoleSessionName: data.role_session_name || `aws-sdk-js-${Date.now()}`,
        ExternalId: data.external_id,
    };
    const { mfa_serial } = data;
    if (mfa_serial) {
        if (!options.mfaCodeProvider) {
            throw new CredentialsProviderError(`Profile ${profileName} requires multi-factor authentication, but no MFA code callback was provided.`, false);
        }
        params.SerialNumber = mfa_serial;
        params.TokenCode = await options.mfaCodeProvider(mfa_serial);
    }
    const sourceCreds = await sourceCredsProvider;
    return options.roleAssumer(sourceCreds, params);
};
first commit 2024-09-23 19:40:12 -04:00			`import { CredentialsProviderError } from "@aws-sdk/property-provider";`
			`import { getProfileName } from "@aws-sdk/shared-ini-file-loader";`
			`import { resolveCredentialSource } from "./resolveCredentialSource";`
			`import { resolveProfileData } from "./resolveProfileData";`
			`export const isAssumeRoleProfile = (arg) => Boolean(arg) &&`
			`typeof arg === "object" &&`
			`typeof arg.role_arn === "string" &&`
			`["undefined", "string"].indexOf(typeof arg.role_session_name) > -1 &&`
			`["undefined", "string"].indexOf(typeof arg.external_id) > -1 &&`
			`["undefined", "string"].indexOf(typeof arg.mfa_serial) > -1 &&`
			`(isAssumeRoleWithSourceProfile(arg) \|\| isAssumeRoleWithProviderProfile(arg));`
			`const isAssumeRoleWithSourceProfile = (arg) => typeof arg.source_profile === "string" && typeof arg.credential_source === "undefined";`
			`const isAssumeRoleWithProviderProfile = (arg) => typeof arg.credential_source === "string" && typeof arg.source_profile === "undefined";`
			`export const resolveAssumeRoleCredentials = async (profileName, profiles, options, visitedProfiles = {}) => {`
			`const data = profiles[profileName];`
			`if (!options.roleAssumer) {`
			throw new CredentialsProviderError(`Profile ${profileName} requires a role to be assumed, but no role assumption callback was provided.`, false);
			`}`
			`const { source_profile } = data;`
			`if (source_profile && source_profile in visitedProfiles) {`
			throw new CredentialsProviderError(`Detected a cycle attempting to resolve credentials for profile` +
			` ${getProfileName(options)}. Profiles visited: ` +
			`Object.keys(visitedProfiles).join(", "), false);`
			`}`
			`const sourceCredsProvider = source_profile`
			`? resolveProfileData(source_profile, profiles, options, {`
			`...visitedProfiles,`
			`[source_profile]: true,`
			`})`
			`: resolveCredentialSource(data.credential_source, profileName)();`
			`const params = {`
			`RoleArn: data.role_arn,`
			RoleSessionName: data.role_session_name \|\| `aws-sdk-js-${Date.now()}`,
			`ExternalId: data.external_id,`
			`};`
			`const { mfa_serial } = data;`
			`if (mfa_serial) {`
			`if (!options.mfaCodeProvider) {`
			throw new CredentialsProviderError(`Profile ${profileName} requires multi-factor authentication, but no MFA code callback was provided.`, false);
			`}`
			`params.SerialNumber = mfa_serial;`
			`params.TokenCode = await options.mfaCodeProvider(mfa_serial);`
			`}`
			`const sourceCreds = await sourceCredsProvider;`
			`return options.roleAssumer(sourceCreds, params);`
			`};`