109 lines
4.4 KiB
JavaScript
109 lines
4.4 KiB
JavaScript
"use strict";
|
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
exports.resolveSigV4AuthConfig = exports.resolveAwsAuthConfig = void 0;
|
|
const property_provider_1 = require("@aws-sdk/property-provider");
|
|
const signature_v4_1 = require("@aws-sdk/signature-v4");
|
|
const util_middleware_1 = require("@aws-sdk/util-middleware");
|
|
const CREDENTIAL_EXPIRE_WINDOW = 300000;
|
|
const resolveAwsAuthConfig = (input) => {
|
|
const normalizedCreds = input.credentials
|
|
? normalizeCredentialProvider(input.credentials)
|
|
: input.credentialDefaultProvider(input);
|
|
const { signingEscapePath = true, systemClockOffset = input.systemClockOffset || 0, sha256 } = input;
|
|
let signer;
|
|
if (input.signer) {
|
|
signer = (0, util_middleware_1.normalizeProvider)(input.signer);
|
|
}
|
|
else if (input.regionInfoProvider) {
|
|
signer = () => (0, util_middleware_1.normalizeProvider)(input.region)()
|
|
.then(async (region) => [
|
|
(await input.regionInfoProvider(region, {
|
|
useFipsEndpoint: await input.useFipsEndpoint(),
|
|
useDualstackEndpoint: await input.useDualstackEndpoint(),
|
|
})) || {},
|
|
region,
|
|
])
|
|
.then(([regionInfo, region]) => {
|
|
const { signingRegion, signingService } = regionInfo;
|
|
input.signingRegion = input.signingRegion || signingRegion || region;
|
|
input.signingName = input.signingName || signingService || input.serviceId;
|
|
const params = {
|
|
...input,
|
|
credentials: normalizedCreds,
|
|
region: input.signingRegion,
|
|
service: input.signingName,
|
|
sha256,
|
|
uriEscapePath: signingEscapePath,
|
|
};
|
|
const SignerCtor = input.signerConstructor || signature_v4_1.SignatureV4;
|
|
return new SignerCtor(params);
|
|
});
|
|
}
|
|
else {
|
|
signer = async (authScheme) => {
|
|
authScheme = Object.assign({}, {
|
|
name: "sigv4",
|
|
signingName: input.signingName || input.defaultSigningName,
|
|
signingRegion: await (0, util_middleware_1.normalizeProvider)(input.region)(),
|
|
properties: {},
|
|
}, authScheme);
|
|
const signingRegion = authScheme.signingRegion;
|
|
const signingService = authScheme.signingName;
|
|
input.signingRegion = input.signingRegion || signingRegion;
|
|
input.signingName = input.signingName || signingService || input.serviceId;
|
|
const params = {
|
|
...input,
|
|
credentials: normalizedCreds,
|
|
region: input.signingRegion,
|
|
service: input.signingName,
|
|
sha256,
|
|
uriEscapePath: signingEscapePath,
|
|
};
|
|
const SignerCtor = input.signerConstructor || signature_v4_1.SignatureV4;
|
|
return new SignerCtor(params);
|
|
};
|
|
}
|
|
return {
|
|
...input,
|
|
systemClockOffset,
|
|
signingEscapePath,
|
|
credentials: normalizedCreds,
|
|
signer,
|
|
};
|
|
};
|
|
exports.resolveAwsAuthConfig = resolveAwsAuthConfig;
|
|
const resolveSigV4AuthConfig = (input) => {
|
|
const normalizedCreds = input.credentials
|
|
? normalizeCredentialProvider(input.credentials)
|
|
: input.credentialDefaultProvider(input);
|
|
const { signingEscapePath = true, systemClockOffset = input.systemClockOffset || 0, sha256 } = input;
|
|
let signer;
|
|
if (input.signer) {
|
|
signer = (0, util_middleware_1.normalizeProvider)(input.signer);
|
|
}
|
|
else {
|
|
signer = (0, util_middleware_1.normalizeProvider)(new signature_v4_1.SignatureV4({
|
|
credentials: normalizedCreds,
|
|
region: input.region,
|
|
service: input.signingName,
|
|
sha256,
|
|
uriEscapePath: signingEscapePath,
|
|
}));
|
|
}
|
|
return {
|
|
...input,
|
|
systemClockOffset,
|
|
signingEscapePath,
|
|
credentials: normalizedCreds,
|
|
signer,
|
|
};
|
|
};
|
|
exports.resolveSigV4AuthConfig = resolveSigV4AuthConfig;
|
|
const normalizeCredentialProvider = (credentials) => {
|
|
if (typeof credentials === "function") {
|
|
return (0, property_provider_1.memoize)(credentials, (credentials) => credentials.expiration !== undefined &&
|
|
credentials.expiration.getTime() - Date.now() < CREDENTIAL_EXPIRE_WINDOW, (credentials) => credentials.expiration !== undefined);
|
|
}
|
|
return (0, util_middleware_1.normalizeProvider)(credentials);
|
|
};
|