diff --git a/action.yml b/action.yml index 813e334..7843b88 100644 --- a/action.yml +++ b/action.yml @@ -25,4 +25,4 @@ inputs: default: "" runs: using: 'node16' - main: 'index.js' + main: 'dist/index.js' diff --git a/dist/index.js b/dist/index.js new file mode 100644 index 0000000..2369630 --- /dev/null +++ b/dist/index.js @@ -0,0 +1,27811 @@ +/******/ (() => { // webpackBootstrap +/******/ var __webpack_modules__ = ({ + +/***/ 283: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +/******/ (() => { // webpackBootstrap +/******/ var __webpack_modules__ = ({ + +/***/ 647: +/***/ ((module, __unused_webpack_exports, __nccwpck_require2_) => { + +/******/ (() => { // webpackBootstrap +/******/ var __webpack_modules__ = ({ + +/***/ 647: +/***/ ((module, __unused_webpack_exports, __nccwpck_require3_) => { + +/******/ (() => { // webpackBootstrap +/******/ var __webpack_modules__ = ({ + +/***/ 2690: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require4_) { + +"use strict"; + +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.issue = exports.issueCommand = void 0; +const os = __importStar(__nccwpck_require4_(2037)); +const utils_1 = __nccwpck_require4_(353); +/** + * Commands + * + * Command Format: + * ::name key=value,key=value::message + * + * Examples: + * ::warning::This is the message + * ::set-env name=MY_VAR::some value + */ +function issueCommand(command, properties, message) { + const cmd = new Command(command, properties, message); + process.stdout.write(cmd.toString() + os.EOL); +} +exports.issueCommand = issueCommand; +function issue(name, message = '') { + issueCommand(name, {}, message); +} +exports.issue = issue; +const CMD_STRING = '::'; +class Command { + constructor(command, properties, message) { + if (!command) { + command = 'missing.command'; + } + this.command = command; + this.properties = properties; + this.message = message; + } + toString() { + let cmdStr = CMD_STRING + this.command; + if (this.properties && Object.keys(this.properties).length > 0) { + cmdStr += ' '; + let first = true; + for (const key in this.properties) { + if (this.properties.hasOwnProperty(key)) { + const val = this.properties[key]; + if (val) { + if (first) { + first = false; + } + else { + cmdStr += ','; + } + cmdStr += `${key}=${escapeProperty(val)}`; + } + } + } + } + cmdStr += `${CMD_STRING}${escapeData(this.message)}`; + return cmdStr; + } +} +function escapeData(s) { + return utils_1.toCommandValue(s) + .replace(/%/g, '%25') + .replace(/\r/g, '%0D') + .replace(/\n/g, '%0A'); +} +function escapeProperty(s) { + return utils_1.toCommandValue(s) + .replace(/%/g, '%25') + .replace(/\r/g, '%0D') + .replace(/\n/g, '%0A') + .replace(/:/g, '%3A') + .replace(/,/g, '%2C'); +} +//# sourceMappingURL=command.js.map + +/***/ }), + +/***/ 9935: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require4_) { + +"use strict"; + +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.getIDToken = exports.getState = exports.saveState = exports.group = exports.endGroup = exports.startGroup = exports.info = exports.notice = exports.warning = exports.error = exports.debug = exports.isDebug = exports.setFailed = exports.setCommandEcho = exports.setOutput = exports.getBooleanInput = exports.getMultilineInput = exports.getInput = exports.addPath = exports.setSecret = exports.exportVariable = exports.ExitCode = void 0; +const command_1 = __nccwpck_require4_(2690); +const file_command_1 = __nccwpck_require4_(5898); +const utils_1 = __nccwpck_require4_(353); +const os = __importStar(__nccwpck_require4_(2037)); +const path = __importStar(__nccwpck_require4_(1017)); +const uuid_1 = __nccwpck_require4_(1368); +const oidc_utils_1 = __nccwpck_require4_(7901); +/** + * The code to exit an action + */ +var ExitCode; +(function (ExitCode) { + /** + * A code indicating that the action was successful + */ + ExitCode[ExitCode["Success"] = 0] = "Success"; + /** + * A code indicating that the action was a failure + */ + ExitCode[ExitCode["Failure"] = 1] = "Failure"; +})(ExitCode = exports.ExitCode || (exports.ExitCode = {})); +//----------------------------------------------------------------------- +// Variables +//----------------------------------------------------------------------- +/** + * Sets env variable for this action and future actions in the job + * @param name the name of the variable to set + * @param val the value of the variable. Non-string values will be converted to a string via JSON.stringify + */ +// eslint-disable-next-line @typescript-eslint/no-explicit-any +function exportVariable(name, val) { + const convertedVal = utils_1.toCommandValue(val); + process.env[name] = convertedVal; + const filePath = process.env['GITHUB_ENV'] || ''; + if (filePath) { + const delimiter = `ghadelimiter_${uuid_1.v4()}`; + // These should realistically never happen, but just in case someone finds a way to exploit uuid generation let's not allow keys or values that contain the delimiter. + if (name.includes(delimiter)) { + throw new Error(`Unexpected input: name should not contain the delimiter "${delimiter}"`); + } + if (convertedVal.includes(delimiter)) { + throw new Error(`Unexpected input: value should not contain the delimiter "${delimiter}"`); + } + const commandValue = `${name}<<${delimiter}${os.EOL}${convertedVal}${os.EOL}${delimiter}`; + file_command_1.issueCommand('ENV', commandValue); + } + else { + command_1.issueCommand('set-env', { name }, convertedVal); + } +} +exports.exportVariable = exportVariable; +/** + * Registers a secret which will get masked from logs + * @param secret value of the secret + */ +function setSecret(secret) { + command_1.issueCommand('add-mask', {}, secret); +} +exports.setSecret = setSecret; +/** + * Prepends inputPath to the PATH (for this action and future actions) + * @param inputPath + */ +function addPath(inputPath) { + const filePath = process.env['GITHUB_PATH'] || ''; + if (filePath) { + file_command_1.issueCommand('PATH', inputPath); + } + else { + command_1.issueCommand('add-path', {}, inputPath); + } + process.env['PATH'] = `${inputPath}${path.delimiter}${process.env['PATH']}`; +} +exports.addPath = addPath; +/** + * Gets the value of an input. + * Unless trimWhitespace is set to false in InputOptions, the value is also trimmed. + * Returns an empty string if the value is not defined. + * + * @param name name of the input to get + * @param options optional. See InputOptions. + * @returns string + */ +function getInput(name, options) { + const val = process.env[`INPUT_${name.replace(/ /g, '_').toUpperCase()}`] || ''; + if (options && options.required && !val) { + throw new Error(`Input required and not supplied: ${name}`); + } + if (options && options.trimWhitespace === false) { + return val; + } + return val.trim(); +} +exports.getInput = getInput; +/** + * Gets the values of an multiline input. Each value is also trimmed. + * + * @param name name of the input to get + * @param options optional. See InputOptions. + * @returns string[] + * + */ +function getMultilineInput(name, options) { + const inputs = getInput(name, options) + .split('\n') + .filter(x => x !== ''); + return inputs; +} +exports.getMultilineInput = getMultilineInput; +/** + * Gets the input value of the boolean type in the YAML 1.2 "core schema" specification. + * Support boolean input list: `true | True | TRUE | false | False | FALSE` . + * The return value is also in boolean type. + * ref: https://yaml.org/spec/1.2/spec.html#id2804923 + * + * @param name name of the input to get + * @param options optional. See InputOptions. + * @returns boolean + */ +function getBooleanInput(name, options) { + const trueValue = ['true', 'True', 'TRUE']; + const falseValue = ['false', 'False', 'FALSE']; + const val = getInput(name, options); + if (trueValue.includes(val)) + return true; + if (falseValue.includes(val)) + return false; + throw new TypeError(`Input does not meet YAML 1.2 "Core Schema" specification: ${name}\n` + + `Support boolean input list: \`true | True | TRUE | false | False | FALSE\``); +} +exports.getBooleanInput = getBooleanInput; +/** + * Sets the value of an output. + * + * @param name name of the output to set + * @param value value to store. Non-string values will be converted to a string via JSON.stringify + */ +// eslint-disable-next-line @typescript-eslint/no-explicit-any +function setOutput(name, value) { + process.stdout.write(os.EOL); + command_1.issueCommand('set-output', { name }, value); +} +exports.setOutput = setOutput; +/** + * Enables or disables the echoing of commands into stdout for the rest of the step. + * Echoing is disabled by default if ACTIONS_STEP_DEBUG is not set. + * + */ +function setCommandEcho(enabled) { + command_1.issue('echo', enabled ? 'on' : 'off'); +} +exports.setCommandEcho = setCommandEcho; +//----------------------------------------------------------------------- +// Results +//----------------------------------------------------------------------- +/** + * Sets the action status to failed. + * When the action exits it will be with an exit code of 1 + * @param message add error issue message + */ +function setFailed(message) { + process.exitCode = ExitCode.Failure; + error(message); +} +exports.setFailed = setFailed; +//----------------------------------------------------------------------- +// Logging Commands +//----------------------------------------------------------------------- +/** + * Gets whether Actions Step Debug is on or not + */ +function isDebug() { + return process.env['RUNNER_DEBUG'] === '1'; +} +exports.isDebug = isDebug; +/** + * Writes debug message to user log + * @param message debug message + */ +function debug(message) { + command_1.issueCommand('debug', {}, message); +} +exports.debug = debug; +/** + * Adds an error issue + * @param message error issue message. Errors will be converted to string via toString() + * @param properties optional properties to add to the annotation. + */ +function error(message, properties = {}) { + command_1.issueCommand('error', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message); +} +exports.error = error; +/** + * Adds a warning issue + * @param message warning issue message. Errors will be converted to string via toString() + * @param properties optional properties to add to the annotation. + */ +function warning(message, properties = {}) { + command_1.issueCommand('warning', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message); +} +exports.warning = warning; +/** + * Adds a notice issue + * @param message notice issue message. Errors will be converted to string via toString() + * @param properties optional properties to add to the annotation. + */ +function notice(message, properties = {}) { + command_1.issueCommand('notice', utils_1.toCommandProperties(properties), message instanceof Error ? message.toString() : message); +} +exports.notice = notice; +/** + * Writes info to log with console.log. + * @param message info message + */ +function info(message) { + process.stdout.write(message + os.EOL); +} +exports.info = info; +/** + * Begin an output group. + * + * Output until the next `groupEnd` will be foldable in this group + * + * @param name The name of the output group + */ +function startGroup(name) { + command_1.issue('group', name); +} +exports.startGroup = startGroup; +/** + * End an output group. + */ +function endGroup() { + command_1.issue('endgroup'); +} +exports.endGroup = endGroup; +/** + * Wrap an asynchronous function call in a group. + * + * Returns the same type as the function itself. + * + * @param name The name of the group + * @param fn The function to wrap in the group + */ +function group(name, fn) { + return __awaiter(this, void 0, void 0, function* () { + startGroup(name); + let result; + try { + result = yield fn(); + } + finally { + endGroup(); + } + return result; + }); +} +exports.group = group; +//----------------------------------------------------------------------- +// Wrapper action state +//----------------------------------------------------------------------- +/** + * Saves state for current action, the state can only be retrieved by this action's post job execution. + * + * @param name name of the state to store + * @param value value to store. Non-string values will be converted to a string via JSON.stringify + */ +// eslint-disable-next-line @typescript-eslint/no-explicit-any +function saveState(name, value) { + command_1.issueCommand('save-state', { name }, value); +} +exports.saveState = saveState; +/** + * Gets the value of an state set by this action's main execution. + * + * @param name name of the state to get + * @returns string + */ +function getState(name) { + return process.env[`STATE_${name}`] || ''; +} +exports.getState = getState; +function getIDToken(aud) { + return __awaiter(this, void 0, void 0, function* () { + return yield oidc_utils_1.OidcClient.getIDToken(aud); + }); +} +exports.getIDToken = getIDToken; +/** + * Summary exports + */ +var summary_1 = __nccwpck_require4_(9050); +Object.defineProperty(exports, "summary", ({ enumerable: true, get: function () { return summary_1.summary; } })); +/** + * @deprecated use core.summary + */ +var summary_2 = __nccwpck_require4_(9050); +Object.defineProperty(exports, "markdownSummary", ({ enumerable: true, get: function () { return summary_2.markdownSummary; } })); +/** + * Path exports + */ +var path_utils_1 = __nccwpck_require4_(1341); +Object.defineProperty(exports, "toPosixPath", ({ enumerable: true, get: function () { return path_utils_1.toPosixPath; } })); +Object.defineProperty(exports, "toWin32Path", ({ enumerable: true, get: function () { return path_utils_1.toWin32Path; } })); +Object.defineProperty(exports, "toPlatformPath", ({ enumerable: true, get: function () { return path_utils_1.toPlatformPath; } })); +//# sourceMappingURL=core.js.map + +/***/ }), + +/***/ 5898: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require4_) { + +"use strict"; + +// For internal use, subject to change. +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.issueCommand = void 0; +// We use any as a valid input type +/* eslint-disable @typescript-eslint/no-explicit-any */ +const fs = __importStar(__nccwpck_require4_(7147)); +const os = __importStar(__nccwpck_require4_(2037)); +const utils_1 = __nccwpck_require4_(353); +function issueCommand(command, message) { + const filePath = process.env[`GITHUB_${command}`]; + if (!filePath) { + throw new Error(`Unable to find environment variable for file command ${command}`); + } + if (!fs.existsSync(filePath)) { + throw new Error(`Missing file at path: ${filePath}`); + } + fs.appendFileSync(filePath, `${utils_1.toCommandValue(message)}${os.EOL}`, { + encoding: 'utf8' + }); +} +exports.issueCommand = issueCommand; +//# sourceMappingURL=file-command.js.map + +/***/ }), + +/***/ 7901: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require4_) { + +"use strict"; + +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.OidcClient = void 0; +const http_client_1 = __nccwpck_require4_(3658); +const auth_1 = __nccwpck_require4_(2660); +const core_1 = __nccwpck_require4_(9935); +class OidcClient { + static createHttpClient(allowRetry = true, maxRetry = 10) { + const requestOptions = { + allowRetries: allowRetry, + maxRetries: maxRetry + }; + return new http_client_1.HttpClient('actions/oidc-client', [new auth_1.BearerCredentialHandler(OidcClient.getRequestToken())], requestOptions); + } + static getRequestToken() { + const token = process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN']; + if (!token) { + throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_TOKEN env variable'); + } + return token; + } + static getIDTokenUrl() { + const runtimeUrl = process.env['ACTIONS_ID_TOKEN_REQUEST_URL']; + if (!runtimeUrl) { + throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable'); + } + return runtimeUrl; + } + static getCall(id_token_url) { + var _a; + return __awaiter(this, void 0, void 0, function* () { + const httpclient = OidcClient.createHttpClient(); + const res = yield httpclient + .getJson(id_token_url) + .catch(error => { + throw new Error(`Failed to get ID Token. \n + Error Code : ${error.statusCode}\n + Error Message: ${error.result.message}`); + }); + const id_token = (_a = res.result) === null || _a === void 0 ? void 0 : _a.value; + if (!id_token) { + throw new Error('Response json body do not have ID Token field'); + } + return id_token; + }); + } + static getIDToken(audience) { + return __awaiter(this, void 0, void 0, function* () { + try { + // New ID Token is requested from action service + let id_token_url = OidcClient.getIDTokenUrl(); + if (audience) { + const encodedAudience = encodeURIComponent(audience); + id_token_url = `${id_token_url}&audience=${encodedAudience}`; + } + core_1.debug(`ID token url is ${id_token_url}`); + const id_token = yield OidcClient.getCall(id_token_url); + core_1.setSecret(id_token); + return id_token; + } + catch (error) { + throw new Error(`Error message: ${error.message}`); + } + }); + } +} +exports.OidcClient = OidcClient; +//# sourceMappingURL=oidc-utils.js.map + +/***/ }), + +/***/ 1341: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require4_) { + +"use strict"; + +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.toPlatformPath = exports.toWin32Path = exports.toPosixPath = void 0; +const path = __importStar(__nccwpck_require4_(1017)); +/** + * toPosixPath converts the given path to the posix form. On Windows, \\ will be + * replaced with /. + * + * @param pth. Path to transform. + * @return string Posix path. + */ +function toPosixPath(pth) { + return pth.replace(/[\\]/g, '/'); +} +exports.toPosixPath = toPosixPath; +/** + * toWin32Path converts the given path to the win32 form. On Linux, / will be + * replaced with \\. + * + * @param pth. Path to transform. + * @return string Win32 path. + */ +function toWin32Path(pth) { + return pth.replace(/[/]/g, '\\'); +} +exports.toWin32Path = toWin32Path; +/** + * toPlatformPath converts the given path to a platform-specific path. It does + * this by replacing instances of / and \ with the platform-specific path + * separator. + * + * @param pth The path to platformize. + * @return string The platform-specific path. + */ +function toPlatformPath(pth) { + return pth.replace(/[/\\]/g, path.sep); +} +exports.toPlatformPath = toPlatformPath; +//# sourceMappingURL=path-utils.js.map + +/***/ }), + +/***/ 9050: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require4_) { + +"use strict"; + +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.summary = exports.markdownSummary = exports.SUMMARY_DOCS_URL = exports.SUMMARY_ENV_VAR = void 0; +const os_1 = __nccwpck_require4_(2037); +const fs_1 = __nccwpck_require4_(7147); +const { access, appendFile, writeFile } = fs_1.promises; +exports.SUMMARY_ENV_VAR = 'GITHUB_STEP_SUMMARY'; +exports.SUMMARY_DOCS_URL = 'https://docs.github.com/actions/using-workflows/workflow-commands-for-github-actions#adding-a-job-summary'; +class Summary { + constructor() { + this._buffer = ''; + } + /** + * Finds the summary file path from the environment, rejects if env var is not found or file does not exist + * Also checks r/w permissions. + * + * @returns step summary file path + */ + filePath() { + return __awaiter(this, void 0, void 0, function* () { + if (this._filePath) { + return this._filePath; + } + const pathFromEnv = process.env[exports.SUMMARY_ENV_VAR]; + if (!pathFromEnv) { + throw new Error(`Unable to find environment variable for $${exports.SUMMARY_ENV_VAR}. Check if your runtime environment supports job summaries.`); + } + try { + yield access(pathFromEnv, fs_1.constants.R_OK | fs_1.constants.W_OK); + } + catch (_a) { + throw new Error(`Unable to access summary file: '${pathFromEnv}'. Check if the file has correct read/write permissions.`); + } + this._filePath = pathFromEnv; + return this._filePath; + }); + } + /** + * Wraps content in an HTML tag, adding any HTML attributes + * + * @param {string} tag HTML tag to wrap + * @param {string | null} content content within the tag + * @param {[attribute: string]: string} attrs key-value list of HTML attributes to add + * + * @returns {string} content wrapped in HTML element + */ + wrap(tag, content, attrs = {}) { + const htmlAttrs = Object.entries(attrs) + .map(([key, value]) => ` ${key}="${value}"`) + .join(''); + if (!content) { + return `<${tag}${htmlAttrs}>`; + } + return `<${tag}${htmlAttrs}>${content}`; + } + /** + * Writes text in the buffer to the summary buffer file and empties buffer. Will append by default. + * + * @param {SummaryWriteOptions} [options] (optional) options for write operation + * + * @returns {Promise} summary instance + */ + write(options) { + return __awaiter(this, void 0, void 0, function* () { + const overwrite = !!(options === null || options === void 0 ? void 0 : options.overwrite); + const filePath = yield this.filePath(); + const writeFunc = overwrite ? writeFile : appendFile; + yield writeFunc(filePath, this._buffer, { encoding: 'utf8' }); + return this.emptyBuffer(); + }); + } + /** + * Clears the summary buffer and wipes the summary file + * + * @returns {Summary} summary instance + */ + clear() { + return __awaiter(this, void 0, void 0, function* () { + return this.emptyBuffer().write({ overwrite: true }); + }); + } + /** + * Returns the current summary buffer as a string + * + * @returns {string} string of summary buffer + */ + stringify() { + return this._buffer; + } + /** + * If the summary buffer is empty + * + * @returns {boolen} true if the buffer is empty + */ + isEmptyBuffer() { + return this._buffer.length === 0; + } + /** + * Resets the summary buffer without writing to summary file + * + * @returns {Summary} summary instance + */ + emptyBuffer() { + this._buffer = ''; + return this; + } + /** + * Adds raw text to the summary buffer + * + * @param {string} text content to add + * @param {boolean} [addEOL=false] (optional) append an EOL to the raw text (default: false) + * + * @returns {Summary} summary instance + */ + addRaw(text, addEOL = false) { + this._buffer += text; + return addEOL ? this.addEOL() : this; + } + /** + * Adds the operating system-specific end-of-line marker to the buffer + * + * @returns {Summary} summary instance + */ + addEOL() { + return this.addRaw(os_1.EOL); + } + /** + * Adds an HTML codeblock to the summary buffer + * + * @param {string} code content to render within fenced code block + * @param {string} lang (optional) language to syntax highlight code + * + * @returns {Summary} summary instance + */ + addCodeBlock(code, lang) { + const attrs = Object.assign({}, (lang && { lang })); + const element = this.wrap('pre', this.wrap('code', code), attrs); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML list to the summary buffer + * + * @param {string[]} items list of items to render + * @param {boolean} [ordered=false] (optional) if the rendered list should be ordered or not (default: false) + * + * @returns {Summary} summary instance + */ + addList(items, ordered = false) { + const tag = ordered ? 'ol' : 'ul'; + const listItems = items.map(item => this.wrap('li', item)).join(''); + const element = this.wrap(tag, listItems); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML table to the summary buffer + * + * @param {SummaryTableCell[]} rows table rows + * + * @returns {Summary} summary instance + */ + addTable(rows) { + const tableBody = rows + .map(row => { + const cells = row + .map(cell => { + if (typeof cell === 'string') { + return this.wrap('td', cell); + } + const { header, data, colspan, rowspan } = cell; + const tag = header ? 'th' : 'td'; + const attrs = Object.assign(Object.assign({}, (colspan && { colspan })), (rowspan && { rowspan })); + return this.wrap(tag, data, attrs); + }) + .join(''); + return this.wrap('tr', cells); + }) + .join(''); + const element = this.wrap('table', tableBody); + return this.addRaw(element).addEOL(); + } + /** + * Adds a collapsable HTML details element to the summary buffer + * + * @param {string} label text for the closed state + * @param {string} content collapsable content + * + * @returns {Summary} summary instance + */ + addDetails(label, content) { + const element = this.wrap('details', this.wrap('summary', label) + content); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML image tag to the summary buffer + * + * @param {string} src path to the image you to embed + * @param {string} alt text description of the image + * @param {SummaryImageOptions} options (optional) addition image attributes + * + * @returns {Summary} summary instance + */ + addImage(src, alt, options) { + const { width, height } = options || {}; + const attrs = Object.assign(Object.assign({}, (width && { width })), (height && { height })); + const element = this.wrap('img', null, Object.assign({ src, alt }, attrs)); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML section heading element + * + * @param {string} text heading text + * @param {number | string} [level=1] (optional) the heading level, default: 1 + * + * @returns {Summary} summary instance + */ + addHeading(text, level) { + const tag = `h${level}`; + const allowedTag = ['h1', 'h2', 'h3', 'h4', 'h5', 'h6'].includes(tag) + ? tag + : 'h1'; + const element = this.wrap(allowedTag, text); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML thematic break (
) to the summary buffer + * + * @returns {Summary} summary instance + */ + addSeparator() { + const element = this.wrap('hr', null); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML line break (
) to the summary buffer + * + * @returns {Summary} summary instance + */ + addBreak() { + const element = this.wrap('br', null); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML blockquote to the summary buffer + * + * @param {string} text quote text + * @param {string} cite (optional) citation url + * + * @returns {Summary} summary instance + */ + addQuote(text, cite) { + const attrs = Object.assign({}, (cite && { cite })); + const element = this.wrap('blockquote', text, attrs); + return this.addRaw(element).addEOL(); + } + /** + * Adds an HTML anchor tag to the summary buffer + * + * @param {string} text link text/content + * @param {string} href hyperlink + * + * @returns {Summary} summary instance + */ + addLink(text, href) { + const element = this.wrap('a', text, { href }); + return this.addRaw(element).addEOL(); + } +} +const _summary = new Summary(); +/** + * @deprecated use `core.summary` + */ +exports.markdownSummary = _summary; +exports.summary = _summary; +//# sourceMappingURL=summary.js.map + +/***/ }), + +/***/ 353: +/***/ ((__unused_webpack_module, exports) => { + +"use strict"; + +// We use any as a valid input type +/* eslint-disable @typescript-eslint/no-explicit-any */ +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.toCommandProperties = exports.toCommandValue = void 0; +/** + * Sanitizes an input into a string so it can be passed into issueCommand safely + * @param input input to sanitize into a string + */ +function toCommandValue(input) { + if (input === null || input === undefined) { + return ''; + } + else if (typeof input === 'string' || input instanceof String) { + return input; + } + return JSON.stringify(input); +} +exports.toCommandValue = toCommandValue; +/** + * + * @param annotationProperties + * @returns The command properties to send with the actual annotation command + * See IssueCommandProperties: https://github.com/actions/runner/blob/main/src/Runner.Worker/ActionCommandManager.cs#L646 + */ +function toCommandProperties(annotationProperties) { + if (!Object.keys(annotationProperties).length) { + return {}; + } + return { + title: annotationProperties.title, + file: annotationProperties.file, + line: annotationProperties.startLine, + endLine: annotationProperties.endLine, + col: annotationProperties.startColumn, + endColumn: annotationProperties.endColumn + }; +} +exports.toCommandProperties = toCommandProperties; +//# sourceMappingURL=utils.js.map + +/***/ }), + +/***/ 2660: +/***/ (function(__unused_webpack_module, exports) { + +"use strict"; + +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.PersonalAccessTokenCredentialHandler = exports.BearerCredentialHandler = exports.BasicCredentialHandler = void 0; +class BasicCredentialHandler { + constructor(username, password) { + this.username = username; + this.password = password; + } + prepareRequest(options) { + if (!options.headers) { + throw Error('The request has no headers'); + } + options.headers['Authorization'] = `Basic ${Buffer.from(`${this.username}:${this.password}`).toString('base64')}`; + } + // This handler cannot handle 401 + canHandleAuthentication() { + return false; + } + handleAuthentication() { + return __awaiter(this, void 0, void 0, function* () { + throw new Error('not implemented'); + }); + } +} +exports.BasicCredentialHandler = BasicCredentialHandler; +class BearerCredentialHandler { + constructor(token) { + this.token = token; + } + // currently implements pre-authorization + // TODO: support preAuth = false where it hooks on 401 + prepareRequest(options) { + if (!options.headers) { + throw Error('The request has no headers'); + } + options.headers['Authorization'] = `Bearer ${this.token}`; + } + // This handler cannot handle 401 + canHandleAuthentication() { + return false; + } + handleAuthentication() { + return __awaiter(this, void 0, void 0, function* () { + throw new Error('not implemented'); + }); + } +} +exports.BearerCredentialHandler = BearerCredentialHandler; +class PersonalAccessTokenCredentialHandler { + constructor(token) { + this.token = token; + } + // currently implements pre-authorization + // TODO: support preAuth = false where it hooks on 401 + prepareRequest(options) { + if (!options.headers) { + throw Error('The request has no headers'); + } + options.headers['Authorization'] = `Basic ${Buffer.from(`PAT:${this.token}`).toString('base64')}`; + } + // This handler cannot handle 401 + canHandleAuthentication() { + return false; + } + handleAuthentication() { + return __awaiter(this, void 0, void 0, function* () { + throw new Error('not implemented'); + }); + } +} +exports.PersonalAccessTokenCredentialHandler = PersonalAccessTokenCredentialHandler; +//# sourceMappingURL=auth.js.map + +/***/ }), + +/***/ 3658: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require4_) { + +"use strict"; + +/* eslint-disable @typescript-eslint/no-explicit-any */ +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.HttpClient = exports.isHttps = exports.HttpClientResponse = exports.HttpClientError = exports.getProxyUrl = exports.MediaTypes = exports.Headers = exports.HttpCodes = void 0; +const http = __importStar(__nccwpck_require4_(3685)); +const https = __importStar(__nccwpck_require4_(5687)); +const pm = __importStar(__nccwpck_require4_(9697)); +const tunnel = __importStar(__nccwpck_require4_(8987)); +var HttpCodes; +(function (HttpCodes) { + HttpCodes[HttpCodes["OK"] = 200] = "OK"; + HttpCodes[HttpCodes["MultipleChoices"] = 300] = "MultipleChoices"; + HttpCodes[HttpCodes["MovedPermanently"] = 301] = "MovedPermanently"; + HttpCodes[HttpCodes["ResourceMoved"] = 302] = "ResourceMoved"; + HttpCodes[HttpCodes["SeeOther"] = 303] = "SeeOther"; + HttpCodes[HttpCodes["NotModified"] = 304] = "NotModified"; + HttpCodes[HttpCodes["UseProxy"] = 305] = "UseProxy"; + HttpCodes[HttpCodes["SwitchProxy"] = 306] = "SwitchProxy"; + HttpCodes[HttpCodes["TemporaryRedirect"] = 307] = "TemporaryRedirect"; + HttpCodes[HttpCodes["PermanentRedirect"] = 308] = "PermanentRedirect"; + HttpCodes[HttpCodes["BadRequest"] = 400] = "BadRequest"; + HttpCodes[HttpCodes["Unauthorized"] = 401] = "Unauthorized"; + HttpCodes[HttpCodes["PaymentRequired"] = 402] = "PaymentRequired"; + HttpCodes[HttpCodes["Forbidden"] = 403] = "Forbidden"; + HttpCodes[HttpCodes["NotFound"] = 404] = "NotFound"; + HttpCodes[HttpCodes["MethodNotAllowed"] = 405] = "MethodNotAllowed"; + HttpCodes[HttpCodes["NotAcceptable"] = 406] = "NotAcceptable"; + HttpCodes[HttpCodes["ProxyAuthenticationRequired"] = 407] = "ProxyAuthenticationRequired"; + HttpCodes[HttpCodes["RequestTimeout"] = 408] = "RequestTimeout"; + HttpCodes[HttpCodes["Conflict"] = 409] = "Conflict"; + HttpCodes[HttpCodes["Gone"] = 410] = "Gone"; + HttpCodes[HttpCodes["TooManyRequests"] = 429] = "TooManyRequests"; + HttpCodes[HttpCodes["InternalServerError"] = 500] = "InternalServerError"; + HttpCodes[HttpCodes["NotImplemented"] = 501] = "NotImplemented"; + HttpCodes[HttpCodes["BadGateway"] = 502] = "BadGateway"; + HttpCodes[HttpCodes["ServiceUnavailable"] = 503] = "ServiceUnavailable"; + HttpCodes[HttpCodes["GatewayTimeout"] = 504] = "GatewayTimeout"; +})(HttpCodes = exports.HttpCodes || (exports.HttpCodes = {})); +var Headers; +(function (Headers) { + Headers["Accept"] = "accept"; + Headers["ContentType"] = "content-type"; +})(Headers = exports.Headers || (exports.Headers = {})); +var MediaTypes; +(function (MediaTypes) { + MediaTypes["ApplicationJson"] = "application/json"; +})(MediaTypes = exports.MediaTypes || (exports.MediaTypes = {})); +/** + * Returns the proxy URL, depending upon the supplied url and proxy environment variables. + * @param serverUrl The server URL where the request will be sent. For example, https://api.github.com + */ +function getProxyUrl(serverUrl) { + const proxyUrl = pm.getProxyUrl(new URL(serverUrl)); + return proxyUrl ? proxyUrl.href : ''; +} +exports.getProxyUrl = getProxyUrl; +const HttpRedirectCodes = [ + HttpCodes.MovedPermanently, + HttpCodes.ResourceMoved, + HttpCodes.SeeOther, + HttpCodes.TemporaryRedirect, + HttpCodes.PermanentRedirect +]; +const HttpResponseRetryCodes = [ + HttpCodes.BadGateway, + HttpCodes.ServiceUnavailable, + HttpCodes.GatewayTimeout +]; +const RetryableHttpVerbs = ['OPTIONS', 'GET', 'DELETE', 'HEAD']; +const ExponentialBackoffCeiling = 10; +const ExponentialBackoffTimeSlice = 5; +class HttpClientError extends Error { + constructor(message, statusCode) { + super(message); + this.name = 'HttpClientError'; + this.statusCode = statusCode; + Object.setPrototypeOf(this, HttpClientError.prototype); + } +} +exports.HttpClientError = HttpClientError; +class HttpClientResponse { + constructor(message) { + this.message = message; + } + readBody() { + return __awaiter(this, void 0, void 0, function* () { + return new Promise((resolve) => __awaiter(this, void 0, void 0, function* () { + let output = Buffer.alloc(0); + this.message.on('data', (chunk) => { + output = Buffer.concat([output, chunk]); + }); + this.message.on('end', () => { + resolve(output.toString()); + }); + })); + }); + } +} +exports.HttpClientResponse = HttpClientResponse; +function isHttps(requestUrl) { + const parsedUrl = new URL(requestUrl); + return parsedUrl.protocol === 'https:'; +} +exports.isHttps = isHttps; +class HttpClient { + constructor(userAgent, handlers, requestOptions) { + this._ignoreSslError = false; + this._allowRedirects = true; + this._allowRedirectDowngrade = false; + this._maxRedirects = 50; + this._allowRetries = false; + this._maxRetries = 1; + this._keepAlive = false; + this._disposed = false; + this.userAgent = userAgent; + this.handlers = handlers || []; + this.requestOptions = requestOptions; + if (requestOptions) { + if (requestOptions.ignoreSslError != null) { + this._ignoreSslError = requestOptions.ignoreSslError; + } + this._socketTimeout = requestOptions.socketTimeout; + if (requestOptions.allowRedirects != null) { + this._allowRedirects = requestOptions.allowRedirects; + } + if (requestOptions.allowRedirectDowngrade != null) { + this._allowRedirectDowngrade = requestOptions.allowRedirectDowngrade; + } + if (requestOptions.maxRedirects != null) { + this._maxRedirects = Math.max(requestOptions.maxRedirects, 0); + } + if (requestOptions.keepAlive != null) { + this._keepAlive = requestOptions.keepAlive; + } + if (requestOptions.allowRetries != null) { + this._allowRetries = requestOptions.allowRetries; + } + if (requestOptions.maxRetries != null) { + this._maxRetries = requestOptions.maxRetries; + } + } + } + options(requestUrl, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('OPTIONS', requestUrl, null, additionalHeaders || {}); + }); + } + get(requestUrl, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('GET', requestUrl, null, additionalHeaders || {}); + }); + } + del(requestUrl, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('DELETE', requestUrl, null, additionalHeaders || {}); + }); + } + post(requestUrl, data, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('POST', requestUrl, data, additionalHeaders || {}); + }); + } + patch(requestUrl, data, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('PATCH', requestUrl, data, additionalHeaders || {}); + }); + } + put(requestUrl, data, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('PUT', requestUrl, data, additionalHeaders || {}); + }); + } + head(requestUrl, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request('HEAD', requestUrl, null, additionalHeaders || {}); + }); + } + sendStream(verb, requestUrl, stream, additionalHeaders) { + return __awaiter(this, void 0, void 0, function* () { + return this.request(verb, requestUrl, stream, additionalHeaders); + }); + } + /** + * Gets a typed object from an endpoint + * Be aware that not found returns a null. Other errors (4xx, 5xx) reject the promise + */ + getJson(requestUrl, additionalHeaders = {}) { + return __awaiter(this, void 0, void 0, function* () { + additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson); + const res = yield this.get(requestUrl, additionalHeaders); + return this._processResponse(res, this.requestOptions); + }); + } + postJson(requestUrl, obj, additionalHeaders = {}) { + return __awaiter(this, void 0, void 0, function* () { + const data = JSON.stringify(obj, null, 2); + additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson); + additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson); + const res = yield this.post(requestUrl, data, additionalHeaders); + return this._processResponse(res, this.requestOptions); + }); + } + putJson(requestUrl, obj, additionalHeaders = {}) { + return __awaiter(this, void 0, void 0, function* () { + const data = JSON.stringify(obj, null, 2); + additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson); + additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson); + const res = yield this.put(requestUrl, data, additionalHeaders); + return this._processResponse(res, this.requestOptions); + }); + } + patchJson(requestUrl, obj, additionalHeaders = {}) { + return __awaiter(this, void 0, void 0, function* () { + const data = JSON.stringify(obj, null, 2); + additionalHeaders[Headers.Accept] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.Accept, MediaTypes.ApplicationJson); + additionalHeaders[Headers.ContentType] = this._getExistingOrDefaultHeader(additionalHeaders, Headers.ContentType, MediaTypes.ApplicationJson); + const res = yield this.patch(requestUrl, data, additionalHeaders); + return this._processResponse(res, this.requestOptions); + }); + } + /** + * Makes a raw http request. + * All other methods such as get, post, patch, and request ultimately call this. + * Prefer get, del, post and patch + */ + request(verb, requestUrl, data, headers) { + return __awaiter(this, void 0, void 0, function* () { + if (this._disposed) { + throw new Error('Client has already been disposed.'); + } + const parsedUrl = new URL(requestUrl); + let info = this._prepareRequest(verb, parsedUrl, headers); + // Only perform retries on reads since writes may not be idempotent. + const maxTries = this._allowRetries && RetryableHttpVerbs.includes(verb) + ? this._maxRetries + 1 + : 1; + let numTries = 0; + let response; + do { + response = yield this.requestRaw(info, data); + // Check if it's an authentication challenge + if (response && + response.message && + response.message.statusCode === HttpCodes.Unauthorized) { + let authenticationHandler; + for (const handler of this.handlers) { + if (handler.canHandleAuthentication(response)) { + authenticationHandler = handler; + break; + } + } + if (authenticationHandler) { + return authenticationHandler.handleAuthentication(this, info, data); + } + else { + // We have received an unauthorized response but have no handlers to handle it. + // Let the response return to the caller. + return response; + } + } + let redirectsRemaining = this._maxRedirects; + while (response.message.statusCode && + HttpRedirectCodes.includes(response.message.statusCode) && + this._allowRedirects && + redirectsRemaining > 0) { + const redirectUrl = response.message.headers['location']; + if (!redirectUrl) { + // if there's no location to redirect to, we won't + break; + } + const parsedRedirectUrl = new URL(redirectUrl); + if (parsedUrl.protocol === 'https:' && + parsedUrl.protocol !== parsedRedirectUrl.protocol && + !this._allowRedirectDowngrade) { + throw new Error('Redirect from HTTPS to HTTP protocol. This downgrade is not allowed for security reasons. If you want to allow this behavior, set the allowRedirectDowngrade option to true.'); + } + // we need to finish reading the response before reassigning response + // which will leak the open socket. + yield response.readBody(); + // strip authorization header if redirected to a different hostname + if (parsedRedirectUrl.hostname !== parsedUrl.hostname) { + for (const header in headers) { + // header names are case insensitive + if (header.toLowerCase() === 'authorization') { + delete headers[header]; + } + } + } + // let's make the request with the new redirectUrl + info = this._prepareRequest(verb, parsedRedirectUrl, headers); + response = yield this.requestRaw(info, data); + redirectsRemaining--; + } + if (!response.message.statusCode || + !HttpResponseRetryCodes.includes(response.message.statusCode)) { + // If not a retry code, return immediately instead of retrying + return response; + } + numTries += 1; + if (numTries < maxTries) { + yield response.readBody(); + yield this._performExponentialBackoff(numTries); + } + } while (numTries < maxTries); + return response; + }); + } + /** + * Needs to be called if keepAlive is set to true in request options. + */ + dispose() { + if (this._agent) { + this._agent.destroy(); + } + this._disposed = true; + } + /** + * Raw request. + * @param info + * @param data + */ + requestRaw(info, data) { + return __awaiter(this, void 0, void 0, function* () { + return new Promise((resolve, reject) => { + function callbackForResult(err, res) { + if (err) { + reject(err); + } + else if (!res) { + // If `err` is not passed, then `res` must be passed. + reject(new Error('Unknown error')); + } + else { + resolve(res); + } + } + this.requestRawWithCallback(info, data, callbackForResult); + }); + }); + } + /** + * Raw request with callback. + * @param info + * @param data + * @param onResult + */ + requestRawWithCallback(info, data, onResult) { + if (typeof data === 'string') { + if (!info.options.headers) { + info.options.headers = {}; + } + info.options.headers['Content-Length'] = Buffer.byteLength(data, 'utf8'); + } + let callbackCalled = false; + function handleResult(err, res) { + if (!callbackCalled) { + callbackCalled = true; + onResult(err, res); + } + } + const req = info.httpModule.request(info.options, (msg) => { + const res = new HttpClientResponse(msg); + handleResult(undefined, res); + }); + let socket; + req.on('socket', sock => { + socket = sock; + }); + // If we ever get disconnected, we want the socket to timeout eventually + req.setTimeout(this._socketTimeout || 3 * 60000, () => { + if (socket) { + socket.end(); + } + handleResult(new Error(`Request timeout: ${info.options.path}`)); + }); + req.on('error', function (err) { + // err has statusCode property + // res should have headers + handleResult(err); + }); + if (data && typeof data === 'string') { + req.write(data, 'utf8'); + } + if (data && typeof data !== 'string') { + data.on('close', function () { + req.end(); + }); + data.pipe(req); + } + else { + req.end(); + } + } + /** + * Gets an http agent. This function is useful when you need an http agent that handles + * routing through a proxy server - depending upon the url and proxy environment variables. + * @param serverUrl The server URL where the request will be sent. For example, https://api.github.com + */ + getAgent(serverUrl) { + const parsedUrl = new URL(serverUrl); + return this._getAgent(parsedUrl); + } + _prepareRequest(method, requestUrl, headers) { + const info = {}; + info.parsedUrl = requestUrl; + const usingSsl = info.parsedUrl.protocol === 'https:'; + info.httpModule = usingSsl ? https : http; + const defaultPort = usingSsl ? 443 : 80; + info.options = {}; + info.options.host = info.parsedUrl.hostname; + info.options.port = info.parsedUrl.port + ? parseInt(info.parsedUrl.port) + : defaultPort; + info.options.path = + (info.parsedUrl.pathname || '') + (info.parsedUrl.search || ''); + info.options.method = method; + info.options.headers = this._mergeHeaders(headers); + if (this.userAgent != null) { + info.options.headers['user-agent'] = this.userAgent; + } + info.options.agent = this._getAgent(info.parsedUrl); + // gives handlers an opportunity to participate + if (this.handlers) { + for (const handler of this.handlers) { + handler.prepareRequest(info.options); + } + } + return info; + } + _mergeHeaders(headers) { + if (this.requestOptions && this.requestOptions.headers) { + return Object.assign({}, lowercaseKeys(this.requestOptions.headers), lowercaseKeys(headers || {})); + } + return lowercaseKeys(headers || {}); + } + _getExistingOrDefaultHeader(additionalHeaders, header, _default) { + let clientHeader; + if (this.requestOptions && this.requestOptions.headers) { + clientHeader = lowercaseKeys(this.requestOptions.headers)[header]; + } + return additionalHeaders[header] || clientHeader || _default; + } + _getAgent(parsedUrl) { + let agent; + const proxyUrl = pm.getProxyUrl(parsedUrl); + const useProxy = proxyUrl && proxyUrl.hostname; + if (this._keepAlive && useProxy) { + agent = this._proxyAgent; + } + if (this._keepAlive && !useProxy) { + agent = this._agent; + } + // if agent is already assigned use that agent. + if (agent) { + return agent; + } + const usingSsl = parsedUrl.protocol === 'https:'; + let maxSockets = 100; + if (this.requestOptions) { + maxSockets = this.requestOptions.maxSockets || http.globalAgent.maxSockets; + } + // This is `useProxy` again, but we need to check `proxyURl` directly for TypeScripts's flow analysis. + if (proxyUrl && proxyUrl.hostname) { + const agentOptions = { + maxSockets, + keepAlive: this._keepAlive, + proxy: Object.assign(Object.assign({}, ((proxyUrl.username || proxyUrl.password) && { + proxyAuth: `${proxyUrl.username}:${proxyUrl.password}` + })), { host: proxyUrl.hostname, port: proxyUrl.port }) + }; + let tunnelAgent; + const overHttps = proxyUrl.protocol === 'https:'; + if (usingSsl) { + tunnelAgent = overHttps ? tunnel.httpsOverHttps : tunnel.httpsOverHttp; + } + else { + tunnelAgent = overHttps ? tunnel.httpOverHttps : tunnel.httpOverHttp; + } + agent = tunnelAgent(agentOptions); + this._proxyAgent = agent; + } + // if reusing agent across request and tunneling agent isn't assigned create a new agent + if (this._keepAlive && !agent) { + const options = { keepAlive: this._keepAlive, maxSockets }; + agent = usingSsl ? new https.Agent(options) : new http.Agent(options); + this._agent = agent; + } + // if not using private agent and tunnel agent isn't setup then use global agent + if (!agent) { + agent = usingSsl ? https.globalAgent : http.globalAgent; + } + if (usingSsl && this._ignoreSslError) { + // we don't want to set NODE_TLS_REJECT_UNAUTHORIZED=0 since that will affect request for entire process + // http.RequestOptions doesn't expose a way to modify RequestOptions.agent.options + // we have to cast it to any and change it directly + agent.options = Object.assign(agent.options || {}, { + rejectUnauthorized: false + }); + } + return agent; + } + _performExponentialBackoff(retryNumber) { + return __awaiter(this, void 0, void 0, function* () { + retryNumber = Math.min(ExponentialBackoffCeiling, retryNumber); + const ms = ExponentialBackoffTimeSlice * Math.pow(2, retryNumber); + return new Promise(resolve => setTimeout(() => resolve(), ms)); + }); + } + _processResponse(res, options) { + return __awaiter(this, void 0, void 0, function* () { + return new Promise((resolve, reject) => __awaiter(this, void 0, void 0, function* () { + const statusCode = res.message.statusCode || 0; + const response = { + statusCode, + result: null, + headers: {} + }; + // not found leads to null obj returned + if (statusCode === HttpCodes.NotFound) { + resolve(response); + } + // get the result from the body + function dateTimeDeserializer(key, value) { + if (typeof value === 'string') { + const a = new Date(value); + if (!isNaN(a.valueOf())) { + return a; + } + } + return value; + } + let obj; + let contents; + try { + contents = yield res.readBody(); + if (contents && contents.length > 0) { + if (options && options.deserializeDates) { + obj = JSON.parse(contents, dateTimeDeserializer); + } + else { + obj = JSON.parse(contents); + } + response.result = obj; + } + response.headers = res.message.headers; + } + catch (err) { + // Invalid resource (contents not json); leaving result obj null + } + // note that 3xx redirects are handled by the http layer. + if (statusCode > 299) { + let msg; + // if exception/error in body, attempt to get better error + if (obj && obj.message) { + msg = obj.message; + } + else if (contents && contents.length > 0) { + // it may be the case that the exception is in the body message as string + msg = contents; + } + else { + msg = `Failed request: (${statusCode})`; + } + const err = new HttpClientError(msg, statusCode); + err.result = response.result; + reject(err); + } + else { + resolve(response); + } + })); + }); + } +} +exports.HttpClient = HttpClient; +const lowercaseKeys = (obj) => Object.keys(obj).reduce((c, k) => ((c[k.toLowerCase()] = obj[k]), c), {}); +//# sourceMappingURL=index.js.map + +/***/ }), + +/***/ 9697: +/***/ ((__unused_webpack_module, exports) => { + +"use strict"; + +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.checkBypass = exports.getProxyUrl = void 0; +function getProxyUrl(reqUrl) { + const usingSsl = reqUrl.protocol === 'https:'; + if (checkBypass(reqUrl)) { + return undefined; + } + const proxyVar = (() => { + if (usingSsl) { + return process.env['https_proxy'] || process.env['HTTPS_PROXY']; + } + else { + return process.env['http_proxy'] || process.env['HTTP_PROXY']; + } + })(); + if (proxyVar) { + return new URL(proxyVar); + } + else { + return undefined; + } +} +exports.getProxyUrl = getProxyUrl; +function checkBypass(reqUrl) { + if (!reqUrl.hostname) { + return false; + } + const noProxy = process.env['no_proxy'] || process.env['NO_PROXY'] || ''; + if (!noProxy) { + return false; + } + // Determine the request port + let reqPort; + if (reqUrl.port) { + reqPort = Number(reqUrl.port); + } + else if (reqUrl.protocol === 'http:') { + reqPort = 80; + } + else if (reqUrl.protocol === 'https:') { + reqPort = 443; + } + // Format the request hostname and hostname with port + const upperReqHosts = [reqUrl.hostname.toUpperCase()]; + if (typeof reqPort === 'number') { + upperReqHosts.push(`${upperReqHosts[0]}:${reqPort}`); + } + // Compare request host against noproxy + for (const upperNoProxyItem of noProxy + .split(',') + .map(x => x.trim().toUpperCase()) + .filter(x => x)) { + if (upperReqHosts.some(x => x === upperNoProxyItem)) { + return true; + } + } + return false; +} +exports.checkBypass = checkBypass; +//# sourceMappingURL=proxy.js.map + +/***/ }), + +/***/ 5361: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +__nccwpck_require4_(6083); +var AWS = __nccwpck_require4_(4741); +var Service = AWS.Service; +var apiLoader = AWS.apiLoader; + +apiLoader.services['cognitoidentity'] = {}; +AWS.CognitoIdentity = Service.defineService('cognitoidentity', ['2014-06-30']); +Object.defineProperty(apiLoader.services['cognitoidentity'], '2014-06-30', { + get: function get() { + var model = __nccwpck_require4_(7377); + model.paginators = (__nccwpck_require4_(5010)/* .pagination */ .o); + return model; + }, + enumerable: true, + configurable: true +}); + +module.exports = AWS.CognitoIdentity; + + +/***/ }), + +/***/ 4692: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +__nccwpck_require4_(6083); +var AWS = __nccwpck_require4_(4741); +var Service = AWS.Service; +var apiLoader = AWS.apiLoader; + +apiLoader.services['s3'] = {}; +AWS.S3 = Service.defineService('s3', ['2006-03-01']); +__nccwpck_require4_(9880); +Object.defineProperty(apiLoader.services['s3'], '2006-03-01', { + get: function get() { + var model = __nccwpck_require4_(1129); + model.paginators = (__nccwpck_require4_(7265)/* .pagination */ .o); + model.waiters = (__nccwpck_require4_(4048)/* .waiters */ .V); + return model; + }, + enumerable: true, + configurable: true +}); + +module.exports = AWS.S3; + + +/***/ }), + +/***/ 2787: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +__nccwpck_require4_(6083); +var AWS = __nccwpck_require4_(4741); +var Service = AWS.Service; +var apiLoader = AWS.apiLoader; + +apiLoader.services['sts'] = {}; +AWS.STS = Service.defineService('sts', ['2011-06-15']); +__nccwpck_require4_(6889); +Object.defineProperty(apiLoader.services['sts'], '2011-06-15', { + get: function get() { + var model = __nccwpck_require4_(753); + model.paginators = (__nccwpck_require4_(6314)/* .pagination */ .o); + return model; + }, + enumerable: true, + configurable: true +}); + +module.exports = AWS.STS; + + +/***/ }), + +/***/ 8440: +/***/ ((module) => { + +function apiLoader(svc, version) { + if (!apiLoader.services.hasOwnProperty(svc)) { + throw new Error('InvalidService: Failed to load api for ' + svc); + } + return apiLoader.services[svc][version]; +} + +/** + * @api private + * + * This member of AWS.apiLoader is private, but changing it will necessitate a + * change to ../scripts/services-table-generator.ts + */ +apiLoader.services = {}; + +/** + * @api private + */ +module.exports = apiLoader; + + +/***/ }), + +/***/ 4992: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +__nccwpck_require4_(5527); +__nccwpck_require4_(2008); +var PromisesDependency; + +/** + * The main configuration class used by all service objects to set + * the region, credentials, and other options for requests. + * + * By default, credentials and region settings are left unconfigured. + * This should be configured by the application before using any + * AWS service APIs. + * + * In order to set global configuration options, properties should + * be assigned to the global {AWS.config} object. + * + * @see AWS.config + * + * @!group General Configuration Options + * + * @!attribute credentials + * @return [AWS.Credentials] the AWS credentials to sign requests with. + * + * @!attribute region + * @example Set the global region setting to us-west-2 + * AWS.config.update({region: 'us-west-2'}); + * @return [AWS.Credentials] The region to send service requests to. + * @see http://docs.amazonwebservices.com/general/latest/gr/rande.html + * A list of available endpoints for each AWS service + * + * @!attribute maxRetries + * @return [Integer] the maximum amount of retries to perform for a + * service request. By default this value is calculated by the specific + * service object that the request is being made to. + * + * @!attribute maxRedirects + * @return [Integer] the maximum amount of redirects to follow for a + * service request. Defaults to 10. + * + * @!attribute paramValidation + * @return [Boolean|map] whether input parameters should be validated against + * the operation description before sending the request. Defaults to true. + * Pass a map to enable any of the following specific validation features: + * + * * **min** [Boolean] — Validates that a value meets the min + * constraint. This is enabled by default when paramValidation is set + * to `true`. + * * **max** [Boolean] — Validates that a value meets the max + * constraint. + * * **pattern** [Boolean] — Validates that a string value matches a + * regular expression. + * * **enum** [Boolean] — Validates that a string value matches one + * of the allowable enum values. + * + * @!attribute computeChecksums + * @return [Boolean] whether to compute checksums for payload bodies when + * the service accepts it (currently supported in S3 and SQS only). + * + * @!attribute convertResponseTypes + * @return [Boolean] whether types are converted when parsing response data. + * Currently only supported for JSON based services. Turning this off may + * improve performance on large response payloads. Defaults to `true`. + * + * @!attribute correctClockSkew + * @return [Boolean] whether to apply a clock skew correction and retry + * requests that fail because of an skewed client clock. Defaults to + * `false`. + * + * @!attribute sslEnabled + * @return [Boolean] whether SSL is enabled for requests + * + * @!attribute s3ForcePathStyle + * @return [Boolean] whether to force path style URLs for S3 objects + * + * @!attribute s3BucketEndpoint + * @note Setting this configuration option requires an `endpoint` to be + * provided explicitly to the service constructor. + * @return [Boolean] whether the provided endpoint addresses an individual + * bucket (false if it addresses the root API endpoint). + * + * @!attribute s3DisableBodySigning + * @return [Boolean] whether to disable S3 body signing when using signature version `v4`. + * Body signing can only be disabled when using https. Defaults to `true`. + * + * @!attribute s3UsEast1RegionalEndpoint + * @return ['legacy'|'regional'] when region is set to 'us-east-1', whether to send s3 + * request to global endpoints or 'us-east-1' regional endpoints. This config is only + * applicable to S3 client; + * Defaults to 'legacy' + * @!attribute s3UseArnRegion + * @return [Boolean] whether to override the request region with the region inferred + * from requested resource's ARN. Only available for S3 buckets + * Defaults to `true` + * + * @!attribute useAccelerateEndpoint + * @note This configuration option is only compatible with S3 while accessing + * dns-compatible buckets. + * @return [Boolean] Whether to use the Accelerate endpoint with the S3 service. + * Defaults to `false`. + * + * @!attribute retryDelayOptions + * @example Set the base retry delay for all services to 300 ms + * AWS.config.update({retryDelayOptions: {base: 300}}); + * // Delays with maxRetries = 3: 300, 600, 1200 + * @example Set a custom backoff function to provide delay values on retries + * AWS.config.update({retryDelayOptions: {customBackoff: function(retryCount, err) { + * // returns delay in ms + * }}}); + * @return [map] A set of options to configure the retry delay on retryable errors. + * Currently supported options are: + * + * * **base** [Integer] — The base number of milliseconds to use in the + * exponential backoff for operation retries. Defaults to 100 ms for all services except + * DynamoDB, where it defaults to 50ms. + * + * * **customBackoff ** [function] — A custom function that accepts a + * retry count and error and returns the amount of time to delay in + * milliseconds. If the result is a non-zero negative value, no further + * retry attempts will be made. The `base` option will be ignored if this + * option is supplied. The function is only called for retryable errors. + * + * @!attribute httpOptions + * @return [map] A set of options to pass to the low-level HTTP request. + * Currently supported options are: + * + * * **proxy** [String] — the URL to proxy requests through + * * **agent** [http.Agent, https.Agent] — the Agent object to perform + * HTTP requests with. Used for connection pooling. Note that for + * SSL connections, a special Agent object is used in order to enable + * peer certificate verification. This feature is only supported in the + * Node.js environment. + * * **connectTimeout** [Integer] — Sets the socket to timeout after + * failing to establish a connection with the server after + * `connectTimeout` milliseconds. This timeout has no effect once a socket + * connection has been established. + * * **timeout** [Integer] — The number of milliseconds a request can + * take before automatically being terminated. + * Defaults to two minutes (120000). + * * **xhrAsync** [Boolean] — Whether the SDK will send asynchronous + * HTTP requests. Used in the browser environment only. Set to false to + * send requests synchronously. Defaults to true (async on). + * * **xhrWithCredentials** [Boolean] — Sets the "withCredentials" + * property of an XMLHttpRequest object. Used in the browser environment + * only. Defaults to false. + * @!attribute logger + * @return [#write,#log] an object that responds to .write() (like a stream) + * or .log() (like the console object) in order to log information about + * requests + * + * @!attribute systemClockOffset + * @return [Number] an offset value in milliseconds to apply to all signing + * times. Use this to compensate for clock skew when your system may be + * out of sync with the service time. Note that this configuration option + * can only be applied to the global `AWS.config` object and cannot be + * overridden in service-specific configuration. Defaults to 0 milliseconds. + * + * @!attribute signatureVersion + * @return [String] the signature version to sign requests with (overriding + * the API configuration). Possible values are: 'v2', 'v3', 'v4'. + * + * @!attribute signatureCache + * @return [Boolean] whether the signature to sign requests with (overriding + * the API configuration) is cached. Only applies to the signature version 'v4'. + * Defaults to `true`. + * + * @!attribute endpointDiscoveryEnabled + * @return [Boolean|undefined] whether to call operations with endpoints + * given by service dynamically. Setting this config to `true` will enable + * endpoint discovery for all applicable operations. Setting it to `false` + * will explicitly disable endpoint discovery even though operations that + * require endpoint discovery will presumably fail. Leaving it to + * `undefined` means SDK only do endpoint discovery when it's required. + * Defaults to `undefined` + * + * @!attribute endpointCacheSize + * @return [Number] the size of the global cache storing endpoints from endpoint + * discovery operations. Once endpoint cache is created, updating this setting + * cannot change existing cache size. + * Defaults to 1000 + * + * @!attribute hostPrefixEnabled + * @return [Boolean] whether to marshal request parameters to the prefix of + * hostname. Defaults to `true`. + * + * @!attribute stsRegionalEndpoints + * @return ['legacy'|'regional'] whether to send sts request to global endpoints or + * regional endpoints. + * Defaults to 'legacy'. + * + * @!attribute useFipsEndpoint + * @return [Boolean] Enables FIPS compatible endpoints. Defaults to `false`. + * + * @!attribute useDualstackEndpoint + * @return [Boolean] Enables IPv6 dualstack endpoint. Defaults to `false`. + */ +AWS.Config = AWS.util.inherit({ + /** + * @!endgroup + */ + + /** + * Creates a new configuration object. This is the object that passes + * option data along to service requests, including credentials, security, + * region information, and some service specific settings. + * + * @example Creating a new configuration object with credentials and region + * var config = new AWS.Config({ + * accessKeyId: 'AKID', secretAccessKey: 'SECRET', region: 'us-west-2' + * }); + * @option options accessKeyId [String] your AWS access key ID. + * @option options secretAccessKey [String] your AWS secret access key. + * @option options sessionToken [AWS.Credentials] the optional AWS + * session token to sign requests with. + * @option options credentials [AWS.Credentials] the AWS credentials + * to sign requests with. You can either specify this object, or + * specify the accessKeyId and secretAccessKey options directly. + * @option options credentialProvider [AWS.CredentialProviderChain] the + * provider chain used to resolve credentials if no static `credentials` + * property is set. + * @option options region [String] the region to send service requests to. + * See {region} for more information. + * @option options maxRetries [Integer] the maximum amount of retries to + * attempt with a request. See {maxRetries} for more information. + * @option options maxRedirects [Integer] the maximum amount of redirects to + * follow with a request. See {maxRedirects} for more information. + * @option options sslEnabled [Boolean] whether to enable SSL for + * requests. + * @option options paramValidation [Boolean|map] whether input parameters + * should be validated against the operation description before sending + * the request. Defaults to true. Pass a map to enable any of the + * following specific validation features: + * + * * **min** [Boolean] — Validates that a value meets the min + * constraint. This is enabled by default when paramValidation is set + * to `true`. + * * **max** [Boolean] — Validates that a value meets the max + * constraint. + * * **pattern** [Boolean] — Validates that a string value matches a + * regular expression. + * * **enum** [Boolean] — Validates that a string value matches one + * of the allowable enum values. + * @option options computeChecksums [Boolean] whether to compute checksums + * for payload bodies when the service accepts it (currently supported + * in S3 only) + * @option options convertResponseTypes [Boolean] whether types are converted + * when parsing response data. Currently only supported for JSON based + * services. Turning this off may improve performance on large response + * payloads. Defaults to `true`. + * @option options correctClockSkew [Boolean] whether to apply a clock skew + * correction and retry requests that fail because of an skewed client + * clock. Defaults to `false`. + * @option options s3ForcePathStyle [Boolean] whether to force path + * style URLs for S3 objects. + * @option options s3BucketEndpoint [Boolean] whether the provided endpoint + * addresses an individual bucket (false if it addresses the root API + * endpoint). Note that setting this configuration option requires an + * `endpoint` to be provided explicitly to the service constructor. + * @option options s3DisableBodySigning [Boolean] whether S3 body signing + * should be disabled when using signature version `v4`. Body signing + * can only be disabled when using https. Defaults to `true`. + * @option options s3UsEast1RegionalEndpoint ['legacy'|'regional'] when region + * is set to 'us-east-1', whether to send s3 request to global endpoints or + * 'us-east-1' regional endpoints. This config is only applicable to S3 client. + * Defaults to `legacy` + * @option options s3UseArnRegion [Boolean] whether to override the request region + * with the region inferred from requested resource's ARN. Only available for S3 buckets + * Defaults to `true` + * + * @option options retryDelayOptions [map] A set of options to configure + * the retry delay on retryable errors. Currently supported options are: + * + * * **base** [Integer] — The base number of milliseconds to use in the + * exponential backoff for operation retries. Defaults to 100 ms for all + * services except DynamoDB, where it defaults to 50ms. + * * **customBackoff ** [function] — A custom function that accepts a + * retry count and error and returns the amount of time to delay in + * milliseconds. If the result is a non-zero negative value, no further + * retry attempts will be made. The `base` option will be ignored if this + * option is supplied. The function is only called for retryable errors. + * @option options httpOptions [map] A set of options to pass to the low-level + * HTTP request. Currently supported options are: + * + * * **proxy** [String] — the URL to proxy requests through + * * **agent** [http.Agent, https.Agent] — the Agent object to perform + * HTTP requests with. Used for connection pooling. Defaults to the global + * agent (`http.globalAgent`) for non-SSL connections. Note that for + * SSL connections, a special Agent object is used in order to enable + * peer certificate verification. This feature is only available in the + * Node.js environment. + * * **connectTimeout** [Integer] — Sets the socket to timeout after + * failing to establish a connection with the server after + * `connectTimeout` milliseconds. This timeout has no effect once a socket + * connection has been established. + * * **timeout** [Integer] — Sets the socket to timeout after timeout + * milliseconds of inactivity on the socket. Defaults to two minutes + * (120000). + * * **xhrAsync** [Boolean] — Whether the SDK will send asynchronous + * HTTP requests. Used in the browser environment only. Set to false to + * send requests synchronously. Defaults to true (async on). + * * **xhrWithCredentials** [Boolean] — Sets the "withCredentials" + * property of an XMLHttpRequest object. Used in the browser environment + * only. Defaults to false. + * @option options apiVersion [String, Date] a String in YYYY-MM-DD format + * (or a date) that represents the latest possible API version that can be + * used in all services (unless overridden by `apiVersions`). Specify + * 'latest' to use the latest possible version. + * @option options apiVersions [map] a map of service + * identifiers (the lowercase service class name) with the API version to + * use when instantiating a service. Specify 'latest' for each individual + * that can use the latest available version. + * @option options logger [#write,#log] an object that responds to .write() + * (like a stream) or .log() (like the console object) in order to log + * information about requests + * @option options systemClockOffset [Number] an offset value in milliseconds + * to apply to all signing times. Use this to compensate for clock skew + * when your system may be out of sync with the service time. Note that + * this configuration option can only be applied to the global `AWS.config` + * object and cannot be overridden in service-specific configuration. + * Defaults to 0 milliseconds. + * @option options signatureVersion [String] the signature version to sign + * requests with (overriding the API configuration). Possible values are: + * 'v2', 'v3', 'v4'. + * @option options signatureCache [Boolean] whether the signature to sign + * requests with (overriding the API configuration) is cached. Only applies + * to the signature version 'v4'. Defaults to `true`. + * @option options dynamoDbCrc32 [Boolean] whether to validate the CRC32 + * checksum of HTTP response bodies returned by DynamoDB. Default: `true`. + * @option options useAccelerateEndpoint [Boolean] Whether to use the + * S3 Transfer Acceleration endpoint with the S3 service. Default: `false`. + * @option options clientSideMonitoring [Boolean] whether to collect and + * publish this client's performance metrics of all its API requests. + * @option options endpointDiscoveryEnabled [Boolean|undefined] whether to + * call operations with endpoints given by service dynamically. Setting this + * config to `true` will enable endpoint discovery for all applicable operations. + * Setting it to `false` will explicitly disable endpoint discovery even though + * operations that require endpoint discovery will presumably fail. Leaving it + * to `undefined` means SDK will only do endpoint discovery when it's required. + * Defaults to `undefined` + * @option options endpointCacheSize [Number] the size of the global cache storing + * endpoints from endpoint discovery operations. Once endpoint cache is created, + * updating this setting cannot change existing cache size. + * Defaults to 1000 + * @option options hostPrefixEnabled [Boolean] whether to marshal request + * parameters to the prefix of hostname. + * Defaults to `true`. + * @option options stsRegionalEndpoints ['legacy'|'regional'] whether to send sts request + * to global endpoints or regional endpoints. + * Defaults to 'legacy'. + * @option options useFipsEndpoint [Boolean] Enables FIPS compatible endpoints. + * Defaults to `false`. + * @option options useDualstackEndpoint [Boolean] Enables IPv6 dualstack endpoint. + * Defaults to `false`. + */ + constructor: function Config(options) { + if (options === undefined) options = {}; + options = this.extractCredentials(options); + + AWS.util.each.call(this, this.keys, function (key, value) { + this.set(key, options[key], value); + }); + }, + + /** + * @!group Managing Credentials + */ + + /** + * Loads credentials from the configuration object. This is used internally + * by the SDK to ensure that refreshable {Credentials} objects are properly + * refreshed and loaded when sending a request. If you want to ensure that + * your credentials are loaded prior to a request, you can use this method + * directly to provide accurate credential data stored in the object. + * + * @note If you configure the SDK with static or environment credentials, + * the credential data should already be present in {credentials} attribute. + * This method is primarily necessary to load credentials from asynchronous + * sources, or sources that can refresh credentials periodically. + * @example Getting your access key + * AWS.config.getCredentials(function(err) { + * if (err) console.log(err.stack); // credentials not loaded + * else console.log("Access Key:", AWS.config.credentials.accessKeyId); + * }) + * @callback callback function(err) + * Called when the {credentials} have been properly set on the configuration + * object. + * + * @param err [Error] if this is set, credentials were not successfully + * loaded and this error provides information why. + * @see credentials + * @see Credentials + */ + getCredentials: function getCredentials(callback) { + var self = this; + + function finish(err) { + callback(err, err ? null : self.credentials); + } + + function credError(msg, err) { + return new AWS.util.error(err || new Error(), { + code: 'CredentialsError', + message: msg, + name: 'CredentialsError' + }); + } + + function getAsyncCredentials() { + self.credentials.get(function(err) { + if (err) { + var msg = 'Could not load credentials from ' + + self.credentials.constructor.name; + err = credError(msg, err); + } + finish(err); + }); + } + + function getStaticCredentials() { + var err = null; + if (!self.credentials.accessKeyId || !self.credentials.secretAccessKey) { + err = credError('Missing credentials'); + } + finish(err); + } + + if (self.credentials) { + if (typeof self.credentials.get === 'function') { + getAsyncCredentials(); + } else { // static credentials + getStaticCredentials(); + } + } else if (self.credentialProvider) { + self.credentialProvider.resolve(function(err, creds) { + if (err) { + err = credError('Could not load credentials from any providers', err); + } + self.credentials = creds; + finish(err); + }); + } else { + finish(credError('No credentials to load')); + } + }, + + /** + * Loads token from the configuration object. This is used internally + * by the SDK to ensure that refreshable {Token} objects are properly + * refreshed and loaded when sending a request. If you want to ensure that + * your token is loaded prior to a request, you can use this method + * directly to provide accurate token data stored in the object. + * + * @note If you configure the SDK with static token, the token data should + * already be present in {token} attribute. This method is primarily necessary + * to load token from asynchronous sources, or sources that can refresh + * token periodically. + * @example Getting your access token + * AWS.config.getToken(function(err) { + * if (err) console.log(err.stack); // token not loaded + * else console.log("Token:", AWS.config.token.token); + * }) + * @callback callback function(err) + * Called when the {token} have been properly set on the configuration object. + * + * @param err [Error] if this is set, token was not successfully loaded and + * this error provides information why. + * @see token + */ + getToken: function getToken(callback) { + var self = this; + + function finish(err) { + callback(err, err ? null : self.token); + } + + function tokenError(msg, err) { + return new AWS.util.error(err || new Error(), { + code: 'TokenError', + message: msg, + name: 'TokenError' + }); + } + + function getAsyncToken() { + self.token.get(function(err) { + if (err) { + var msg = 'Could not load token from ' + + self.token.constructor.name; + err = tokenError(msg, err); + } + finish(err); + }); + } + + function getStaticToken() { + var err = null; + if (!self.token.token) { + err = tokenError('Missing token'); + } + finish(err); + } + + if (self.token) { + if (typeof self.token.get === 'function') { + getAsyncToken(); + } else { // static token + getStaticToken(); + } + } else if (self.tokenProvider) { + self.tokenProvider.resolve(function(err, token) { + if (err) { + err = tokenError('Could not load token from any providers', err); + } + self.token = token; + finish(err); + }); + } else { + finish(tokenError('No token to load')); + } + }, + + /** + * @!group Loading and Setting Configuration Options + */ + + /** + * @overload update(options, allowUnknownKeys = false) + * Updates the current configuration object with new options. + * + * @example Update maxRetries property of a configuration object + * config.update({maxRetries: 10}); + * @param [Object] options a map of option keys and values. + * @param [Boolean] allowUnknownKeys whether unknown keys can be set on + * the configuration object. Defaults to `false`. + * @see constructor + */ + update: function update(options, allowUnknownKeys) { + allowUnknownKeys = allowUnknownKeys || false; + options = this.extractCredentials(options); + AWS.util.each.call(this, options, function (key, value) { + if (allowUnknownKeys || Object.prototype.hasOwnProperty.call(this.keys, key) || + AWS.Service.hasService(key)) { + this.set(key, value); + } + }); + }, + + /** + * Loads configuration data from a JSON file into this config object. + * @note Loading configuration will reset all existing configuration + * on the object. + * @!macro nobrowser + * @param path [String] the path relative to your process's current + * working directory to load configuration from. + * @return [AWS.Config] the same configuration object + */ + loadFromPath: function loadFromPath(path) { + this.clear(); + + var options = JSON.parse(AWS.util.readFileSync(path)); + var fileSystemCreds = new AWS.FileSystemCredentials(path); + var chain = new AWS.CredentialProviderChain(); + chain.providers.unshift(fileSystemCreds); + chain.resolve(function (err, creds) { + if (err) throw err; + else options.credentials = creds; + }); + + this.constructor(options); + + return this; + }, + + /** + * Clears configuration data on this object + * + * @api private + */ + clear: function clear() { + /*jshint forin:false */ + AWS.util.each.call(this, this.keys, function (key) { + delete this[key]; + }); + + // reset credential provider + this.set('credentials', undefined); + this.set('credentialProvider', undefined); + }, + + /** + * Sets a property on the configuration object, allowing for a + * default value + * @api private + */ + set: function set(property, value, defaultValue) { + if (value === undefined) { + if (defaultValue === undefined) { + defaultValue = this.keys[property]; + } + if (typeof defaultValue === 'function') { + this[property] = defaultValue.call(this); + } else { + this[property] = defaultValue; + } + } else if (property === 'httpOptions' && this[property]) { + // deep merge httpOptions + this[property] = AWS.util.merge(this[property], value); + } else { + this[property] = value; + } + }, + + /** + * All of the keys with their default values. + * + * @constant + * @api private + */ + keys: { + credentials: null, + credentialProvider: null, + region: null, + logger: null, + apiVersions: {}, + apiVersion: null, + endpoint: undefined, + httpOptions: { + timeout: 120000 + }, + maxRetries: undefined, + maxRedirects: 10, + paramValidation: true, + sslEnabled: true, + s3ForcePathStyle: false, + s3BucketEndpoint: false, + s3DisableBodySigning: true, + s3UsEast1RegionalEndpoint: 'legacy', + s3UseArnRegion: undefined, + computeChecksums: true, + convertResponseTypes: true, + correctClockSkew: false, + customUserAgent: null, + dynamoDbCrc32: true, + systemClockOffset: 0, + signatureVersion: null, + signatureCache: true, + retryDelayOptions: {}, + useAccelerateEndpoint: false, + clientSideMonitoring: false, + endpointDiscoveryEnabled: undefined, + endpointCacheSize: 1000, + hostPrefixEnabled: true, + stsRegionalEndpoints: 'legacy', + useFipsEndpoint: false, + useDualstackEndpoint: false, + token: null + }, + + /** + * Extracts accessKeyId, secretAccessKey and sessionToken + * from a configuration hash. + * + * @api private + */ + extractCredentials: function extractCredentials(options) { + if (options.accessKeyId && options.secretAccessKey) { + options = AWS.util.copy(options); + options.credentials = new AWS.Credentials(options); + } + return options; + }, + + /** + * Sets the promise dependency the SDK will use wherever Promises are returned. + * Passing `null` will force the SDK to use native Promises if they are available. + * If native Promises are not available, passing `null` will have no effect. + * @param [Constructor] dep A reference to a Promise constructor + */ + setPromisesDependency: function setPromisesDependency(dep) { + PromisesDependency = dep; + // if null was passed in, we should try to use native promises + if (dep === null && typeof Promise === 'function') { + PromisesDependency = Promise; + } + var constructors = [AWS.Request, AWS.Credentials, AWS.CredentialProviderChain]; + if (AWS.S3) { + constructors.push(AWS.S3); + if (AWS.S3.ManagedUpload) { + constructors.push(AWS.S3.ManagedUpload); + } + } + AWS.util.addPromises(constructors, PromisesDependency); + }, + + /** + * Gets the promise dependency set by `AWS.config.setPromisesDependency`. + */ + getPromisesDependency: function getPromisesDependency() { + return PromisesDependency; + } +}); + +/** + * @return [AWS.Config] The global configuration object singleton instance + * @readonly + * @see AWS.Config + */ +AWS.config = new AWS.Config(); + + +/***/ }), + +/***/ 4872: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +/** + * @api private + */ +function validateRegionalEndpointsFlagValue(configValue, errorOptions) { + if (typeof configValue !== 'string') return undefined; + else if (['legacy', 'regional'].indexOf(configValue.toLowerCase()) >= 0) { + return configValue.toLowerCase(); + } else { + throw AWS.util.error(new Error(), errorOptions); + } +} + +/** + * Resolve the configuration value for regional endpoint from difference sources: client + * config, environmental variable, shared config file. Value can be case-insensitive + * 'legacy' or 'reginal'. + * @param originalConfig user-supplied config object to resolve + * @param options a map of config property names from individual configuration source + * - env: name of environmental variable that refers to the config + * - sharedConfig: name of shared configuration file property that refers to the config + * - clientConfig: name of client configuration property that refers to the config + * + * @api private + */ +function resolveRegionalEndpointsFlag(originalConfig, options) { + originalConfig = originalConfig || {}; + //validate config value + var resolved; + if (originalConfig[options.clientConfig]) { + resolved = validateRegionalEndpointsFlagValue(originalConfig[options.clientConfig], { + code: 'InvalidConfiguration', + message: 'invalid "' + options.clientConfig + '" configuration. Expect "legacy" ' + + ' or "regional". Got "' + originalConfig[options.clientConfig] + '".' + }); + if (resolved) return resolved; + } + if (!AWS.util.isNode()) return resolved; + //validate environmental variable + if (Object.prototype.hasOwnProperty.call(process.env, options.env)) { + var envFlag = process.env[options.env]; + resolved = validateRegionalEndpointsFlagValue(envFlag, { + code: 'InvalidEnvironmentalVariable', + message: 'invalid ' + options.env + ' environmental variable. Expect "legacy" ' + + ' or "regional". Got "' + process.env[options.env] + '".' + }); + if (resolved) return resolved; + } + //validate shared config file + var profile = {}; + try { + var profiles = AWS.util.getProfilesFromSharedConfig(AWS.util.iniLoader); + profile = profiles[process.env.AWS_PROFILE || AWS.util.defaultProfile]; + } catch (e) {}; + if (profile && Object.prototype.hasOwnProperty.call(profile, options.sharedConfig)) { + var fileFlag = profile[options.sharedConfig]; + resolved = validateRegionalEndpointsFlagValue(fileFlag, { + code: 'InvalidConfiguration', + message: 'invalid ' + options.sharedConfig + ' profile config. Expect "legacy" ' + + ' or "regional". Got "' + profile[options.sharedConfig] + '".' + }); + if (resolved) return resolved; + } + return resolved; +} + +module.exports = resolveRegionalEndpointsFlag; + + +/***/ }), + +/***/ 4741: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +/** + * The main AWS namespace + */ +var AWS = { util: __nccwpck_require4_(3956) }; + +/** + * @api private + * @!macro [new] nobrowser + * @note This feature is not supported in the browser environment of the SDK. + */ +var _hidden = {}; _hidden.toString(); // hack to parse macro + +/** + * @api private + */ +module.exports = AWS; + +AWS.util.update(AWS, { + + /** + * @constant + */ + VERSION: '2.1210.0', + + /** + * @api private + */ + Signers: {}, + + /** + * @api private + */ + Protocol: { + Json: __nccwpck_require4_(7372), + Query: __nccwpck_require4_(6556), + Rest: __nccwpck_require4_(9008), + RestJson: __nccwpck_require4_(4839), + RestXml: __nccwpck_require4_(8932) + }, + + /** + * @api private + */ + XML: { + Builder: __nccwpck_require4_(8611), + Parser: null // conditionally set based on environment + }, + + /** + * @api private + */ + JSON: { + Builder: __nccwpck_require4_(4387), + Parser: __nccwpck_require4_(1039) + }, + + /** + * @api private + */ + Model: { + Api: __nccwpck_require4_(9101), + Operation: __nccwpck_require4_(130), + Shape: __nccwpck_require4_(7478), + Paginator: __nccwpck_require4_(6186), + ResourceWaiter: __nccwpck_require4_(4343) + }, + + /** + * @api private + */ + apiLoader: __nccwpck_require4_(8440), + + /** + * @api private + */ + EndpointCache: (__nccwpck_require4_(123)/* .EndpointCache */ .$) +}); +__nccwpck_require4_(5555); +__nccwpck_require4_(4466); +__nccwpck_require4_(4992); +__nccwpck_require4_(2574); +__nccwpck_require4_(3091); +__nccwpck_require4_(9265); +__nccwpck_require4_(6275); +__nccwpck_require4_(8265); +__nccwpck_require4_(3922); +__nccwpck_require4_(9717); + +/** + * @readonly + * @return [AWS.SequentialExecutor] a collection of global event listeners that + * are attached to every sent request. + * @see AWS.Request AWS.Request for a list of events to listen for + * @example Logging the time taken to send a request + * AWS.events.on('send', function startSend(resp) { + * resp.startTime = new Date().getTime(); + * }).on('complete', function calculateTime(resp) { + * var time = (new Date().getTime() - resp.startTime) / 1000; + * console.log('Request took ' + time + ' seconds'); + * }); + * + * new AWS.S3().listBuckets(); // prints 'Request took 0.285 seconds' + */ +AWS.events = new AWS.SequentialExecutor(); + +//create endpoint cache lazily +AWS.util.memoizedProperty(AWS, 'endpointCache', function() { + return new AWS.EndpointCache(AWS.config.endpointCacheSize); +}, true); + + +/***/ }), + +/***/ 5527: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); + +/** + * Represents your AWS security credentials, specifically the + * {accessKeyId}, {secretAccessKey}, and optional {sessionToken}. + * Creating a `Credentials` object allows you to pass around your + * security information to configuration and service objects. + * + * Note that this class typically does not need to be constructed manually, + * as the {AWS.Config} and {AWS.Service} classes both accept simple + * options hashes with the three keys. These structures will be converted + * into Credentials objects automatically. + * + * ## Expiring and Refreshing Credentials + * + * Occasionally credentials can expire in the middle of a long-running + * application. In this case, the SDK will automatically attempt to + * refresh the credentials from the storage location if the Credentials + * class implements the {refresh} method. + * + * If you are implementing a credential storage location, you + * will want to create a subclass of the `Credentials` class and + * override the {refresh} method. This method allows credentials to be + * retrieved from the backing store, be it a file system, database, or + * some network storage. The method should reset the credential attributes + * on the object. + * + * @!attribute expired + * @return [Boolean] whether the credentials have been expired and + * require a refresh. Used in conjunction with {expireTime}. + * @!attribute expireTime + * @return [Date] a time when credentials should be considered expired. Used + * in conjunction with {expired}. + * @!attribute accessKeyId + * @return [String] the AWS access key ID + * @!attribute secretAccessKey + * @return [String] the AWS secret access key + * @!attribute sessionToken + * @return [String] an optional AWS session token + */ +AWS.Credentials = AWS.util.inherit({ + /** + * A credentials object can be created using positional arguments or an options + * hash. + * + * @overload AWS.Credentials(accessKeyId, secretAccessKey, sessionToken=null) + * Creates a Credentials object with a given set of credential information + * as positional arguments. + * @param accessKeyId [String] the AWS access key ID + * @param secretAccessKey [String] the AWS secret access key + * @param sessionToken [String] the optional AWS session token + * @example Create a credentials object with AWS credentials + * var creds = new AWS.Credentials('akid', 'secret', 'session'); + * @overload AWS.Credentials(options) + * Creates a Credentials object with a given set of credential information + * as an options hash. + * @option options accessKeyId [String] the AWS access key ID + * @option options secretAccessKey [String] the AWS secret access key + * @option options sessionToken [String] the optional AWS session token + * @example Create a credentials object with AWS credentials + * var creds = new AWS.Credentials({ + * accessKeyId: 'akid', secretAccessKey: 'secret', sessionToken: 'session' + * }); + */ + constructor: function Credentials() { + // hide secretAccessKey from being displayed with util.inspect + AWS.util.hideProperties(this, ['secretAccessKey']); + + this.expired = false; + this.expireTime = null; + this.refreshCallbacks = []; + if (arguments.length === 1 && typeof arguments[0] === 'object') { + var creds = arguments[0].credentials || arguments[0]; + this.accessKeyId = creds.accessKeyId; + this.secretAccessKey = creds.secretAccessKey; + this.sessionToken = creds.sessionToken; + } else { + this.accessKeyId = arguments[0]; + this.secretAccessKey = arguments[1]; + this.sessionToken = arguments[2]; + } + }, + + /** + * @return [Integer] the number of seconds before {expireTime} during which + * the credentials will be considered expired. + */ + expiryWindow: 15, + + /** + * @return [Boolean] whether the credentials object should call {refresh} + * @note Subclasses should override this method to provide custom refresh + * logic. + */ + needsRefresh: function needsRefresh() { + var currentTime = AWS.util.date.getDate().getTime(); + var adjustedTime = new Date(currentTime + this.expiryWindow * 1000); + + if (this.expireTime && adjustedTime > this.expireTime) { + return true; + } else { + return this.expired || !this.accessKeyId || !this.secretAccessKey; + } + }, + + /** + * Gets the existing credentials, refreshing them if they are not yet loaded + * or have expired. Users should call this method before using {refresh}, + * as this will not attempt to reload credentials when they are already + * loaded into the object. + * + * @callback callback function(err) + * When this callback is called with no error, it means either credentials + * do not need to be refreshed or refreshed credentials information has + * been loaded into the object (as the `accessKeyId`, `secretAccessKey`, + * and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + */ + get: function get(callback) { + var self = this; + if (this.needsRefresh()) { + this.refresh(function(err) { + if (!err) self.expired = false; // reset expired flag + if (callback) callback(err); + }); + } else if (callback) { + callback(); + } + }, + + /** + * @!method getPromise() + * Returns a 'thenable' promise. + * Gets the existing credentials, refreshing them if they are not yet loaded + * or have expired. Users should call this method before using {refresh}, + * as this will not attempt to reload credentials when they are already + * loaded into the object. + * + * Two callbacks can be provided to the `then` method on the returned promise. + * The first callback will be called if the promise is fulfilled, and the second + * callback will be called if the promise is rejected. + * @callback fulfilledCallback function() + * Called if the promise is fulfilled. When this callback is called, it + * means either credentials do not need to be refreshed or refreshed + * credentials information has been loaded into the object (as the + * `accessKeyId`, `secretAccessKey`, and `sessionToken` properties). + * @callback rejectedCallback function(err) + * Called if the promise is rejected. + * @param err [Error] if an error occurred, this value will be filled + * @return [Promise] A promise that represents the state of the `get` call. + * @example Calling the `getPromise` method. + * var promise = credProvider.getPromise(); + * promise.then(function() { ... }, function(err) { ... }); + */ + + /** + * @!method refreshPromise() + * Returns a 'thenable' promise. + * Refreshes the credentials. Users should call {get} before attempting + * to forcibly refresh credentials. + * + * Two callbacks can be provided to the `then` method on the returned promise. + * The first callback will be called if the promise is fulfilled, and the second + * callback will be called if the promise is rejected. + * @callback fulfilledCallback function() + * Called if the promise is fulfilled. When this callback is called, it + * means refreshed credentials information has been loaded into the object + * (as the `accessKeyId`, `secretAccessKey`, and `sessionToken` properties). + * @callback rejectedCallback function(err) + * Called if the promise is rejected. + * @param err [Error] if an error occurred, this value will be filled + * @return [Promise] A promise that represents the state of the `refresh` call. + * @example Calling the `refreshPromise` method. + * var promise = credProvider.refreshPromise(); + * promise.then(function() { ... }, function(err) { ... }); + */ + + /** + * Refreshes the credentials. Users should call {get} before attempting + * to forcibly refresh credentials. + * + * @callback callback function(err) + * When this callback is called with no error, it means refreshed + * credentials information has been loaded into the object (as the + * `accessKeyId`, `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @note Subclasses should override this class to reset the + * {accessKeyId}, {secretAccessKey} and optional {sessionToken} + * on the credentials object and then call the callback with + * any error information. + * @see get + */ + refresh: function refresh(callback) { + this.expired = false; + callback(); + }, + + /** + * @api private + * @param callback + */ + coalesceRefresh: function coalesceRefresh(callback, sync) { + var self = this; + if (self.refreshCallbacks.push(callback) === 1) { + self.load(function onLoad(err) { + AWS.util.arrayEach(self.refreshCallbacks, function(callback) { + if (sync) { + callback(err); + } else { + // callback could throw, so defer to ensure all callbacks are notified + AWS.util.defer(function () { + callback(err); + }); + } + }); + self.refreshCallbacks.length = 0; + }); + } + }, + + /** + * @api private + * @param callback + */ + load: function load(callback) { + callback(); + } +}); + +/** + * @api private + */ +AWS.Credentials.addPromisesToClass = function addPromisesToClass(PromiseDependency) { + this.prototype.getPromise = AWS.util.promisifyMethod('get', PromiseDependency); + this.prototype.refreshPromise = AWS.util.promisifyMethod('refresh', PromiseDependency); +}; + +/** + * @api private + */ +AWS.Credentials.deletePromisesFromClass = function deletePromisesFromClass() { + delete this.prototype.getPromise; + delete this.prototype.refreshPromise; +}; + +AWS.util.addPromises(AWS.Credentials); + + +/***/ }), + +/***/ 6684: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var STS = __nccwpck_require4_(2787); + +/** + * Represents temporary credentials retrieved from {AWS.STS}. Without any + * extra parameters, credentials will be fetched from the + * {AWS.STS.getSessionToken} operation. If an IAM role is provided, the + * {AWS.STS.assumeRole} operation will be used to fetch credentials for the + * role instead. + * + * AWS.ChainableTemporaryCredentials differs from AWS.TemporaryCredentials in + * the way masterCredentials and refreshes are handled. + * AWS.ChainableTemporaryCredentials refreshes expired credentials using the + * masterCredentials passed by the user to support chaining of STS credentials. + * However, AWS.TemporaryCredentials recursively collapses the masterCredentials + * during instantiation, precluding the ability to refresh credentials which + * require intermediate, temporary credentials. + * + * For example, if the application should use RoleA, which must be assumed from + * RoleB, and the environment provides credentials which can assume RoleB, then + * AWS.ChainableTemporaryCredentials must be used to support refreshing the + * temporary credentials for RoleA: + * + * ```javascript + * var roleACreds = new AWS.ChainableTemporaryCredentials({ + * params: {RoleArn: 'RoleA'}, + * masterCredentials: new AWS.ChainableTemporaryCredentials({ + * params: {RoleArn: 'RoleB'}, + * masterCredentials: new AWS.EnvironmentCredentials('AWS') + * }) + * }); + * ``` + * + * If AWS.TemporaryCredentials had been used in the previous example, + * `roleACreds` would fail to refresh because `roleACreds` would + * use the environment credentials for the AssumeRole request. + * + * Another difference is that AWS.ChainableTemporaryCredentials creates the STS + * service instance during instantiation while AWS.TemporaryCredentials creates + * the STS service instance during the first refresh. Creating the service + * instance during instantiation effectively captures the master credentials + * from the global config, so that subsequent changes to the global config do + * not affect the master credentials used to refresh the temporary credentials. + * + * This allows an instance of AWS.ChainableTemporaryCredentials to be assigned + * to AWS.config.credentials: + * + * ```javascript + * var envCreds = new AWS.EnvironmentCredentials('AWS'); + * AWS.config.credentials = envCreds; + * // masterCredentials will be envCreds + * AWS.config.credentials = new AWS.ChainableTemporaryCredentials({ + * params: {RoleArn: '...'} + * }); + * ``` + * + * Similarly, to use the CredentialProviderChain's default providers as the + * master credentials, simply create a new instance of + * AWS.ChainableTemporaryCredentials: + * + * ```javascript + * AWS.config.credentials = new ChainableTemporaryCredentials({ + * params: {RoleArn: '...'} + * }); + * ``` + * + * @!attribute service + * @return [AWS.STS] the STS service instance used to + * get and refresh temporary credentials from AWS STS. + * @note (see constructor) + */ +AWS.ChainableTemporaryCredentials = AWS.util.inherit(AWS.Credentials, { + /** + * Creates a new temporary credentials object. + * + * @param options [map] a set of options + * @option options params [map] ({}) a map of options that are passed to the + * {AWS.STS.assumeRole} or {AWS.STS.getSessionToken} operations. + * If a `RoleArn` parameter is passed in, credentials will be based on the + * IAM role. If a `SerialNumber` parameter is passed in, {tokenCodeFn} must + * also be passed in or an error will be thrown. + * @option options masterCredentials [AWS.Credentials] the master credentials + * used to get and refresh temporary credentials from AWS STS. By default, + * AWS.config.credentials or AWS.config.credentialProvider will be used. + * @option options tokenCodeFn [Function] (null) Function to provide + * `TokenCode`, if `SerialNumber` is provided for profile in {params}. Function + * is called with value of `SerialNumber` and `callback`, and should provide + * the `TokenCode` or an error to the callback in the format + * `callback(err, token)`. + * @example Creating a new credentials object for generic temporary credentials + * AWS.config.credentials = new AWS.ChainableTemporaryCredentials(); + * @example Creating a new credentials object for an IAM role + * AWS.config.credentials = new AWS.ChainableTemporaryCredentials({ + * params: { + * RoleArn: 'arn:aws:iam::1234567890:role/TemporaryCredentials' + * } + * }); + * @see AWS.STS.assumeRole + * @see AWS.STS.getSessionToken + */ + constructor: function ChainableTemporaryCredentials(options) { + AWS.Credentials.call(this); + options = options || {}; + this.errorCode = 'ChainableTemporaryCredentialsProviderFailure'; + this.expired = true; + this.tokenCodeFn = null; + + var params = AWS.util.copy(options.params) || {}; + if (params.RoleArn) { + params.RoleSessionName = params.RoleSessionName || 'temporary-credentials'; + } + if (params.SerialNumber) { + if (!options.tokenCodeFn || (typeof options.tokenCodeFn !== 'function')) { + throw new AWS.util.error( + new Error('tokenCodeFn must be a function when params.SerialNumber is given'), + {code: this.errorCode} + ); + } else { + this.tokenCodeFn = options.tokenCodeFn; + } + } + var config = AWS.util.merge( + { + params: params, + credentials: options.masterCredentials || AWS.config.credentials + }, + options.stsConfig || {} + ); + this.service = new STS(config); + }, + + /** + * Refreshes credentials using {AWS.STS.assumeRole} or + * {AWS.STS.getSessionToken}, depending on whether an IAM role ARN was passed + * to the credentials {constructor}. + * + * @callback callback function(err) + * Called when the STS service responds (or fails). When + * this callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see AWS.Credentials.get + */ + refresh: function refresh(callback) { + this.coalesceRefresh(callback || AWS.util.fn.callback); + }, + + /** + * @api private + * @param callback + */ + load: function load(callback) { + var self = this; + var operation = self.service.config.params.RoleArn ? 'assumeRole' : 'getSessionToken'; + this.getTokenCode(function (err, tokenCode) { + var params = {}; + if (err) { + callback(err); + return; + } + if (tokenCode) { + params.TokenCode = tokenCode; + } + self.service[operation](params, function (err, data) { + if (!err) { + self.service.credentialsFrom(data, self); + } + callback(err); + }); + }); + }, + + /** + * @api private + */ + getTokenCode: function getTokenCode(callback) { + var self = this; + if (this.tokenCodeFn) { + this.tokenCodeFn(this.service.config.params.SerialNumber, function (err, token) { + if (err) { + var message = err; + if (err instanceof Error) { + message = err.message; + } + callback( + AWS.util.error( + new Error('Error fetching MFA token: ' + message), + { code: self.errorCode} + ) + ); + return; + } + callback(null, token); + }); + } else { + callback(null); + } + } +}); + + +/***/ }), + +/***/ 5263: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var CognitoIdentity = __nccwpck_require4_(5361); +var STS = __nccwpck_require4_(2787); + +/** + * Represents credentials retrieved from STS Web Identity Federation using + * the Amazon Cognito Identity service. + * + * By default this provider gets credentials using the + * {AWS.CognitoIdentity.getCredentialsForIdentity} service operation, which + * requires either an `IdentityId` or an `IdentityPoolId` (Amazon Cognito + * Identity Pool ID), which is used to call {AWS.CognitoIdentity.getId} to + * obtain an `IdentityId`. If the identity or identity pool is not configured in + * the Amazon Cognito Console to use IAM roles with the appropriate permissions, + * then additionally a `RoleArn` is required containing the ARN of the IAM trust + * policy for the Amazon Cognito role that the user will log into. If a `RoleArn` + * is provided, then this provider gets credentials using the + * {AWS.STS.assumeRoleWithWebIdentity} service operation, after first getting an + * Open ID token from {AWS.CognitoIdentity.getOpenIdToken}. + * + * In addition, if this credential provider is used to provide authenticated + * login, the `Logins` map may be set to the tokens provided by the respective + * identity providers. See {constructor} for an example on creating a credentials + * object with proper property values. + * + * ## Refreshing Credentials from Identity Service + * + * In addition to AWS credentials expiring after a given amount of time, the + * login token from the identity provider will also expire. Once this token + * expires, it will not be usable to refresh AWS credentials, and another + * token will be needed. The SDK does not manage refreshing of the token value, + * but this can be done through a "refresh token" supported by most identity + * providers. Consult the documentation for the identity provider for refreshing + * tokens. Once the refreshed token is acquired, you should make sure to update + * this new token in the credentials object's {params} property. The following + * code will update the WebIdentityToken, assuming you have retrieved an updated + * token from the identity provider: + * + * ```javascript + * AWS.config.credentials.params.Logins['graph.facebook.com'] = updatedToken; + * ``` + * + * Future calls to `credentials.refresh()` will now use the new token. + * + * @!attribute params + * @return [map] the map of params passed to + * {AWS.CognitoIdentity.getId}, + * {AWS.CognitoIdentity.getOpenIdToken}, and + * {AWS.STS.assumeRoleWithWebIdentity}. To update the token, set the + * `params.WebIdentityToken` property. + * @!attribute data + * @return [map] the raw data response from the call to + * {AWS.CognitoIdentity.getCredentialsForIdentity}, or + * {AWS.STS.assumeRoleWithWebIdentity}. Use this if you want to get + * access to other properties from the response. + * @!attribute identityId + * @return [String] the Cognito ID returned by the last call to + * {AWS.CognitoIdentity.getOpenIdToken}. This ID represents the actual + * final resolved identity ID from Amazon Cognito. + */ +AWS.CognitoIdentityCredentials = AWS.util.inherit(AWS.Credentials, { + /** + * @api private + */ + localStorageKey: { + id: 'aws.cognito.identity-id.', + providers: 'aws.cognito.identity-providers.' + }, + + /** + * Creates a new credentials object. + * @example Creating a new credentials object + * AWS.config.credentials = new AWS.CognitoIdentityCredentials({ + * + * // either IdentityPoolId or IdentityId is required + * // See the IdentityPoolId param for AWS.CognitoIdentity.getID (linked below) + * // See the IdentityId param for AWS.CognitoIdentity.getCredentialsForIdentity + * // or AWS.CognitoIdentity.getOpenIdToken (linked below) + * IdentityPoolId: 'us-east-1:1699ebc0-7900-4099-b910-2df94f52a030', + * IdentityId: 'us-east-1:128d0a74-c82f-4553-916d-90053e4a8b0f' + * + * // optional, only necessary when the identity pool is not configured + * // to use IAM roles in the Amazon Cognito Console + * // See the RoleArn param for AWS.STS.assumeRoleWithWebIdentity (linked below) + * RoleArn: 'arn:aws:iam::1234567890:role/MYAPP-CognitoIdentity', + * + * // optional tokens, used for authenticated login + * // See the Logins param for AWS.CognitoIdentity.getID (linked below) + * Logins: { + * 'graph.facebook.com': 'FBTOKEN', + * 'www.amazon.com': 'AMAZONTOKEN', + * 'accounts.google.com': 'GOOGLETOKEN', + * 'api.twitter.com': 'TWITTERTOKEN', + * 'www.digits.com': 'DIGITSTOKEN' + * }, + * + * // optional name, defaults to web-identity + * // See the RoleSessionName param for AWS.STS.assumeRoleWithWebIdentity (linked below) + * RoleSessionName: 'web', + * + * // optional, only necessary when application runs in a browser + * // and multiple users are signed in at once, used for caching + * LoginId: 'example@gmail.com' + * + * }, { + * // optionally provide configuration to apply to the underlying service clients + * // if configuration is not provided, then configuration will be pulled from AWS.config + * + * // region should match the region your identity pool is located in + * region: 'us-east-1', + * + * // specify timeout options + * httpOptions: { + * timeout: 100 + * } + * }); + * @see AWS.CognitoIdentity.getId + * @see AWS.CognitoIdentity.getCredentialsForIdentity + * @see AWS.STS.assumeRoleWithWebIdentity + * @see AWS.CognitoIdentity.getOpenIdToken + * @see AWS.Config + * @note If a region is not provided in the global AWS.config, or + * specified in the `clientConfig` to the CognitoIdentityCredentials + * constructor, you may encounter a 'Missing credentials in config' error + * when calling making a service call. + */ + constructor: function CognitoIdentityCredentials(params, clientConfig) { + AWS.Credentials.call(this); + this.expired = true; + this.params = params; + this.data = null; + this._identityId = null; + this._clientConfig = AWS.util.copy(clientConfig || {}); + this.loadCachedId(); + var self = this; + Object.defineProperty(this, 'identityId', { + get: function() { + self.loadCachedId(); + return self._identityId || self.params.IdentityId; + }, + set: function(identityId) { + self._identityId = identityId; + } + }); + }, + + /** + * Refreshes credentials using {AWS.CognitoIdentity.getCredentialsForIdentity}, + * or {AWS.STS.assumeRoleWithWebIdentity}. + * + * @callback callback function(err) + * Called when the STS service responds (or fails). When + * this callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see AWS.Credentials.get + */ + refresh: function refresh(callback) { + this.coalesceRefresh(callback || AWS.util.fn.callback); + }, + + /** + * @api private + * @param callback + */ + load: function load(callback) { + var self = this; + self.createClients(); + self.data = null; + self._identityId = null; + self.getId(function(err) { + if (!err) { + if (!self.params.RoleArn) { + self.getCredentialsForIdentity(callback); + } else { + self.getCredentialsFromSTS(callback); + } + } else { + self.clearIdOnNotAuthorized(err); + callback(err); + } + }); + }, + + /** + * Clears the cached Cognito ID associated with the currently configured + * identity pool ID. Use this to manually invalidate your cache if + * the identity pool ID was deleted. + */ + clearCachedId: function clearCache() { + this._identityId = null; + delete this.params.IdentityId; + + var poolId = this.params.IdentityPoolId; + var loginId = this.params.LoginId || ''; + delete this.storage[this.localStorageKey.id + poolId + loginId]; + delete this.storage[this.localStorageKey.providers + poolId + loginId]; + }, + + /** + * @api private + */ + clearIdOnNotAuthorized: function clearIdOnNotAuthorized(err) { + var self = this; + if (err.code == 'NotAuthorizedException') { + self.clearCachedId(); + } + }, + + /** + * Retrieves a Cognito ID, loading from cache if it was already retrieved + * on this device. + * + * @callback callback function(err, identityId) + * @param err [Error, null] an error object if the call failed or null if + * it succeeded. + * @param identityId [String, null] if successful, the callback will return + * the Cognito ID. + * @note If not loaded explicitly, the Cognito ID is loaded and stored in + * localStorage in the browser environment of a device. + * @api private + */ + getId: function getId(callback) { + var self = this; + if (typeof self.params.IdentityId === 'string') { + return callback(null, self.params.IdentityId); + } + + self.cognito.getId(function(err, data) { + if (!err && data.IdentityId) { + self.params.IdentityId = data.IdentityId; + callback(null, data.IdentityId); + } else { + callback(err); + } + }); + }, + + + /** + * @api private + */ + loadCredentials: function loadCredentials(data, credentials) { + if (!data || !credentials) return; + credentials.expired = false; + credentials.accessKeyId = data.Credentials.AccessKeyId; + credentials.secretAccessKey = data.Credentials.SecretKey; + credentials.sessionToken = data.Credentials.SessionToken; + credentials.expireTime = data.Credentials.Expiration; + }, + + /** + * @api private + */ + getCredentialsForIdentity: function getCredentialsForIdentity(callback) { + var self = this; + self.cognito.getCredentialsForIdentity(function(err, data) { + if (!err) { + self.cacheId(data); + self.data = data; + self.loadCredentials(self.data, self); + } else { + self.clearIdOnNotAuthorized(err); + } + callback(err); + }); + }, + + /** + * @api private + */ + getCredentialsFromSTS: function getCredentialsFromSTS(callback) { + var self = this; + self.cognito.getOpenIdToken(function(err, data) { + if (!err) { + self.cacheId(data); + self.params.WebIdentityToken = data.Token; + self.webIdentityCredentials.refresh(function(webErr) { + if (!webErr) { + self.data = self.webIdentityCredentials.data; + self.sts.credentialsFrom(self.data, self); + } + callback(webErr); + }); + } else { + self.clearIdOnNotAuthorized(err); + callback(err); + } + }); + }, + + /** + * @api private + */ + loadCachedId: function loadCachedId() { + var self = this; + + // in the browser we source default IdentityId from localStorage + if (AWS.util.isBrowser() && !self.params.IdentityId) { + var id = self.getStorage('id'); + if (id && self.params.Logins) { + var actualProviders = Object.keys(self.params.Logins); + var cachedProviders = + (self.getStorage('providers') || '').split(','); + + // only load ID if at least one provider used this ID before + var intersect = cachedProviders.filter(function(n) { + return actualProviders.indexOf(n) !== -1; + }); + if (intersect.length !== 0) { + self.params.IdentityId = id; + } + } else if (id) { + self.params.IdentityId = id; + } + } + }, + + /** + * @api private + */ + createClients: function() { + var clientConfig = this._clientConfig; + this.webIdentityCredentials = this.webIdentityCredentials || + new AWS.WebIdentityCredentials(this.params, clientConfig); + if (!this.cognito) { + var cognitoConfig = AWS.util.merge({}, clientConfig); + cognitoConfig.params = this.params; + this.cognito = new CognitoIdentity(cognitoConfig); + } + this.sts = this.sts || new STS(clientConfig); + }, + + /** + * @api private + */ + cacheId: function cacheId(data) { + this._identityId = data.IdentityId; + this.params.IdentityId = this._identityId; + + // cache this IdentityId in browser localStorage if possible + if (AWS.util.isBrowser()) { + this.setStorage('id', data.IdentityId); + + if (this.params.Logins) { + this.setStorage('providers', Object.keys(this.params.Logins).join(',')); + } + } + }, + + /** + * @api private + */ + getStorage: function getStorage(key) { + return this.storage[this.localStorageKey[key] + this.params.IdentityPoolId + (this.params.LoginId || '')]; + }, + + /** + * @api private + */ + setStorage: function setStorage(key, val) { + try { + this.storage[this.localStorageKey[key] + this.params.IdentityPoolId + (this.params.LoginId || '')] = val; + } catch (_) {} + }, + + /** + * @api private + */ + storage: (function() { + try { + var storage = AWS.util.isBrowser() && window.localStorage !== null && typeof window.localStorage === 'object' ? + window.localStorage : {}; + + // Test set/remove which would throw an error in Safari's private browsing + storage['aws.test-storage'] = 'foobar'; + delete storage['aws.test-storage']; + + return storage; + } catch (_) { + return {}; + } + })() +}); + + +/***/ }), + +/***/ 2008: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); + +/** + * Creates a credential provider chain that searches for AWS credentials + * in a list of credential providers specified by the {providers} property. + * + * By default, the chain will use the {defaultProviders} to resolve credentials. + * These providers will look in the environment using the + * {AWS.EnvironmentCredentials} class with the 'AWS' and 'AMAZON' prefixes. + * + * ## Setting Providers + * + * Each provider in the {providers} list should be a function that returns + * a {AWS.Credentials} object, or a hardcoded credentials object. The function + * form allows for delayed execution of the credential construction. + * + * ## Resolving Credentials from a Chain + * + * Call {resolve} to return the first valid credential object that can be + * loaded by the provider chain. + * + * For example, to resolve a chain with a custom provider that checks a file + * on disk after the set of {defaultProviders}: + * + * ```javascript + * var diskProvider = new AWS.FileSystemCredentials('./creds.json'); + * var chain = new AWS.CredentialProviderChain(); + * chain.providers.push(diskProvider); + * chain.resolve(); + * ``` + * + * The above code will return the `diskProvider` object if the + * file contains credentials and the `defaultProviders` do not contain + * any credential settings. + * + * @!attribute providers + * @return [Array] + * a list of credentials objects or functions that return credentials + * objects. If the provider is a function, the function will be + * executed lazily when the provider needs to be checked for valid + * credentials. By default, this object will be set to the + * {defaultProviders}. + * @see defaultProviders + */ +AWS.CredentialProviderChain = AWS.util.inherit(AWS.Credentials, { + + /** + * Creates a new CredentialProviderChain with a default set of providers + * specified by {defaultProviders}. + */ + constructor: function CredentialProviderChain(providers) { + if (providers) { + this.providers = providers; + } else { + this.providers = AWS.CredentialProviderChain.defaultProviders.slice(0); + } + this.resolveCallbacks = []; + }, + + /** + * @!method resolvePromise() + * Returns a 'thenable' promise. + * Resolves the provider chain by searching for the first set of + * credentials in {providers}. + * + * Two callbacks can be provided to the `then` method on the returned promise. + * The first callback will be called if the promise is fulfilled, and the second + * callback will be called if the promise is rejected. + * @callback fulfilledCallback function(credentials) + * Called if the promise is fulfilled and the provider resolves the chain + * to a credentials object + * @param credentials [AWS.Credentials] the credentials object resolved + * by the provider chain. + * @callback rejectedCallback function(error) + * Called if the promise is rejected. + * @param err [Error] the error object returned if no credentials are found. + * @return [Promise] A promise that represents the state of the `resolve` method call. + * @example Calling the `resolvePromise` method. + * var promise = chain.resolvePromise(); + * promise.then(function(credentials) { ... }, function(err) { ... }); + */ + + /** + * Resolves the provider chain by searching for the first set of + * credentials in {providers}. + * + * @callback callback function(err, credentials) + * Called when the provider resolves the chain to a credentials object + * or null if no credentials can be found. + * + * @param err [Error] the error object returned if no credentials are + * found. + * @param credentials [AWS.Credentials] the credentials object resolved + * by the provider chain. + * @return [AWS.CredentialProviderChain] the provider, for chaining. + */ + resolve: function resolve(callback) { + var self = this; + if (self.providers.length === 0) { + callback(new Error('No providers')); + return self; + } + + if (self.resolveCallbacks.push(callback) === 1) { + var index = 0; + var providers = self.providers.slice(0); + + function resolveNext(err, creds) { + if ((!err && creds) || index === providers.length) { + AWS.util.arrayEach(self.resolveCallbacks, function (callback) { + callback(err, creds); + }); + self.resolveCallbacks.length = 0; + return; + } + + var provider = providers[index++]; + if (typeof provider === 'function') { + creds = provider.call(); + } else { + creds = provider; + } + + if (creds.get) { + creds.get(function (getErr) { + resolveNext(getErr, getErr ? null : creds); + }); + } else { + resolveNext(null, creds); + } + } + + resolveNext(); + } + + return self; + } +}); + +/** + * The default set of providers used by a vanilla CredentialProviderChain. + * + * In the browser: + * + * ```javascript + * AWS.CredentialProviderChain.defaultProviders = [] + * ``` + * + * In Node.js: + * + * ```javascript + * AWS.CredentialProviderChain.defaultProviders = [ + * function () { return new AWS.EnvironmentCredentials('AWS'); }, + * function () { return new AWS.EnvironmentCredentials('AMAZON'); }, + * function () { return new AWS.SsoCredentials(); }, + * function () { return new AWS.SharedIniFileCredentials(); }, + * function () { return new AWS.ECSCredentials(); }, + * function () { return new AWS.ProcessCredentials(); }, + * function () { return new AWS.TokenFileWebIdentityCredentials(); }, + * function () { return new AWS.EC2MetadataCredentials() } + * ] + * ``` + */ +AWS.CredentialProviderChain.defaultProviders = []; + +/** + * @api private + */ +AWS.CredentialProviderChain.addPromisesToClass = function addPromisesToClass(PromiseDependency) { + this.prototype.resolvePromise = AWS.util.promisifyMethod('resolve', PromiseDependency); +}; + +/** + * @api private + */ +AWS.CredentialProviderChain.deletePromisesFromClass = function deletePromisesFromClass() { + delete this.prototype.resolvePromise; +}; + +AWS.util.addPromises(AWS.CredentialProviderChain); + + +/***/ }), + +/***/ 8712: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +__nccwpck_require4_(2803); + +/** + * Represents credentials received from the metadata service on an EC2 instance. + * + * By default, this class will connect to the metadata service using + * {AWS.MetadataService} and attempt to load any available credentials. If it + * can connect, and credentials are available, these will be used with zero + * configuration. + * + * This credentials class will by default timeout after 1 second of inactivity + * and retry 3 times. + * If your requests to the EC2 metadata service are timing out, you can increase + * these values by configuring them directly: + * + * ```javascript + * AWS.config.credentials = new AWS.EC2MetadataCredentials({ + * httpOptions: { timeout: 5000 }, // 5 second timeout + * maxRetries: 10, // retry 10 times + * retryDelayOptions: { base: 200 }, // see AWS.Config for information + * logger: console // see AWS.Config for information + * }); + * ``` + * + * If your requests are timing out in connecting to the metadata service, such + * as when testing on a development machine, you can use the connectTimeout + * option, specified in milliseconds, which also defaults to 1 second. + * + * If the requests failed or returns expired credentials, it will + * extend the expiration of current credential, with a warning message. For more + * information, please go to: + * https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html + * + * @!attribute originalExpiration + * @return [Date] The optional original expiration of the current credential. + * In case of AWS outage, the EC2 metadata will extend expiration of the + * existing credential. + * + * @see AWS.Config.retryDelayOptions + * @see AWS.Config.logger + * + * @!macro nobrowser + */ +AWS.EC2MetadataCredentials = AWS.util.inherit(AWS.Credentials, { + constructor: function EC2MetadataCredentials(options) { + AWS.Credentials.call(this); + + options = options ? AWS.util.copy(options) : {}; + options = AWS.util.merge( + {maxRetries: this.defaultMaxRetries}, options); + if (!options.httpOptions) options.httpOptions = {}; + options.httpOptions = AWS.util.merge( + {timeout: this.defaultTimeout, + connectTimeout: this.defaultConnectTimeout}, + options.httpOptions); + + this.metadataService = new AWS.MetadataService(options); + this.logger = options.logger || AWS.config && AWS.config.logger; + }, + + /** + * @api private + */ + defaultTimeout: 1000, + + /** + * @api private + */ + defaultConnectTimeout: 1000, + + /** + * @api private + */ + defaultMaxRetries: 3, + + /** + * The original expiration of the current credential. In case of AWS + * outage, the EC2 metadata will extend expiration of the existing + * credential. + */ + originalExpiration: undefined, + + /** + * Loads the credentials from the instance metadata service + * + * @callback callback function(err) + * Called when the instance metadata service responds (or fails). When + * this callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see get + */ + refresh: function refresh(callback) { + this.coalesceRefresh(callback || AWS.util.fn.callback); + }, + + /** + * @api private + * @param callback + */ + load: function load(callback) { + var self = this; + self.metadataService.loadCredentials(function(err, creds) { + if (err) { + if (self.hasLoadedCredentials()) { + self.extendExpirationIfExpired(); + callback(); + } else { + callback(err); + } + } else { + self.setCredentials(creds); + self.extendExpirationIfExpired(); + callback(); + } + }); + }, + + /** + * Whether this credential has been loaded. + * @api private + */ + hasLoadedCredentials: function hasLoadedCredentials() { + return this.AccessKeyId && this.secretAccessKey; + }, + + /** + * if expired, extend the expiration by 15 minutes base plus a jitter of 5 + * minutes range. + * @api private + */ + extendExpirationIfExpired: function extendExpirationIfExpired() { + if (this.needsRefresh()) { + this.originalExpiration = this.originalExpiration || this.expireTime; + this.expired = false; + var nextTimeout = 15 * 60 + Math.floor(Math.random() * 5 * 60); + var currentTime = AWS.util.date.getDate().getTime(); + this.expireTime = new Date(currentTime + nextTimeout * 1000); + // TODO: add doc link; + this.logger.warn('Attempting credential expiration extension due to a ' + + 'credential service availability issue. A refresh of these ' + + 'credentials will be attempted again at ' + this.expireTime + + '\nFor more information, please visit: https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html'); + } + }, + + /** + * Update the credential with new credential responded from EC2 metadata + * service. + * @api private + */ + setCredentials: function setCredentials(creds) { + var currentTime = AWS.util.date.getDate().getTime(); + var expireTime = new Date(creds.Expiration); + this.expired = currentTime >= expireTime ? true : false; + this.metadata = creds; + this.accessKeyId = creds.AccessKeyId; + this.secretAccessKey = creds.SecretAccessKey; + this.sessionToken = creds.Token; + this.expireTime = expireTime; + } +}); + + +/***/ }), + +/***/ 5589: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); + +/** + * Represents credentials received from relative URI specified in the ECS container. + * + * This class will request refreshable credentials from the relative URI + * specified by the AWS_CONTAINER_CREDENTIALS_RELATIVE_URI or the + * AWS_CONTAINER_CREDENTIALS_FULL_URI environment variable. If valid credentials + * are returned in the response, these will be used with zero configuration. + * + * This credentials class will by default timeout after 1 second of inactivity + * and retry 3 times. + * If your requests to the relative URI are timing out, you can increase + * the value by configuring them directly: + * + * ```javascript + * AWS.config.credentials = new AWS.ECSCredentials({ + * httpOptions: { timeout: 5000 }, // 5 second timeout + * maxRetries: 10, // retry 10 times + * retryDelayOptions: { base: 200 } // see AWS.Config for information + * }); + * ``` + * + * @see AWS.Config.retryDelayOptions + * + * @!macro nobrowser + */ +AWS.ECSCredentials = AWS.RemoteCredentials; + + +/***/ }), + +/***/ 4925: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); + +/** + * Represents credentials from the environment. + * + * By default, this class will look for the matching environment variables + * prefixed by a given {envPrefix}. The un-prefixed environment variable names + * for each credential value is listed below: + * + * ```javascript + * accessKeyId: ACCESS_KEY_ID + * secretAccessKey: SECRET_ACCESS_KEY + * sessionToken: SESSION_TOKEN + * ``` + * + * With the default prefix of 'AWS', the environment variables would be: + * + * AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN + * + * @!attribute envPrefix + * @readonly + * @return [String] the prefix for the environment variable names excluding + * the separating underscore ('_'). + */ +AWS.EnvironmentCredentials = AWS.util.inherit(AWS.Credentials, { + + /** + * Creates a new EnvironmentCredentials class with a given variable + * prefix {envPrefix}. For example, to load credentials using the 'AWS' + * prefix: + * + * ```javascript + * var creds = new AWS.EnvironmentCredentials('AWS'); + * creds.accessKeyId == 'AKID' // from AWS_ACCESS_KEY_ID env var + * ``` + * + * @param envPrefix [String] the prefix to use (e.g., 'AWS') for environment + * variables. Do not include the separating underscore. + */ + constructor: function EnvironmentCredentials(envPrefix) { + AWS.Credentials.call(this); + this.envPrefix = envPrefix; + this.get(function() {}); + }, + + /** + * Loads credentials from the environment using the prefixed + * environment variables. + * + * @callback callback function(err) + * Called after the (prefixed) ACCESS_KEY_ID, SECRET_ACCESS_KEY, and + * SESSION_TOKEN environment variables are read. When this callback is + * called with no error, it means that the credentials information has + * been loaded into the object (as the `accessKeyId`, `secretAccessKey`, + * and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see get + */ + refresh: function refresh(callback) { + if (!callback) callback = AWS.util.fn.callback; + + if (!process || !process.env) { + callback(AWS.util.error( + new Error('No process info or environment variables available'), + { code: 'EnvironmentCredentialsProviderFailure' } + )); + return; + } + + var keys = ['ACCESS_KEY_ID', 'SECRET_ACCESS_KEY', 'SESSION_TOKEN']; + var values = []; + + for (var i = 0; i < keys.length; i++) { + var prefix = ''; + if (this.envPrefix) prefix = this.envPrefix + '_'; + values[i] = process.env[prefix + keys[i]]; + if (!values[i] && keys[i] !== 'SESSION_TOKEN') { + callback(AWS.util.error( + new Error('Variable ' + prefix + keys[i] + ' not set.'), + { code: 'EnvironmentCredentialsProviderFailure' } + )); + return; + } + } + + this.expired = false; + AWS.Credentials.apply(this, values); + callback(); + } + +}); + + +/***/ }), + +/***/ 6493: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); + +/** + * Represents credentials from a JSON file on disk. + * If the credentials expire, the SDK can {refresh} the credentials + * from the file. + * + * The format of the file should be similar to the options passed to + * {AWS.Config}: + * + * ```javascript + * {accessKeyId: 'akid', secretAccessKey: 'secret', sessionToken: 'optional'} + * ``` + * + * @example Loading credentials from disk + * var creds = new AWS.FileSystemCredentials('./configuration.json'); + * creds.accessKeyId == 'AKID' + * + * @!attribute filename + * @readonly + * @return [String] the path to the JSON file on disk containing the + * credentials. + * @!macro nobrowser + */ +AWS.FileSystemCredentials = AWS.util.inherit(AWS.Credentials, { + + /** + * @overload AWS.FileSystemCredentials(filename) + * Creates a new FileSystemCredentials object from a filename + * + * @param filename [String] the path on disk to the JSON file to load. + */ + constructor: function FileSystemCredentials(filename) { + AWS.Credentials.call(this); + this.filename = filename; + this.get(function() {}); + }, + + /** + * Loads the credentials from the {filename} on disk. + * + * @callback callback function(err) + * Called after the JSON file on disk is read and parsed. When this callback + * is called with no error, it means that the credentials information + * has been loaded into the object (as the `accessKeyId`, `secretAccessKey`, + * and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see get + */ + refresh: function refresh(callback) { + if (!callback) callback = AWS.util.fn.callback; + try { + var creds = JSON.parse(AWS.util.readFileSync(this.filename)); + AWS.Credentials.call(this, creds); + if (!this.accessKeyId || !this.secretAccessKey) { + throw AWS.util.error( + new Error('Credentials not set in ' + this.filename), + { code: 'FileSystemCredentialsProviderFailure' } + ); + } + this.expired = false; + callback(); + } catch (err) { + callback(err); + } + } + +}); + + +/***/ }), + +/***/ 8247: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var proc = __nccwpck_require4_(2081); +var iniLoader = AWS.util.iniLoader; + +/** + * Represents credentials loaded from shared credentials file + * (defaulting to ~/.aws/credentials or defined by the + * `AWS_SHARED_CREDENTIALS_FILE` environment variable). + * + * ## Using process credentials + * + * The credentials file can specify a credential provider that executes + * a given process and attempts to read its stdout to recieve a JSON payload + * containing the credentials: + * + * [default] + * credential_process = /usr/bin/credential_proc + * + * Automatically handles refreshing credentials if an Expiration time is + * provided in the credentials payload. Credentials supplied in the same profile + * will take precedence over the credential_process. + * + * Sourcing credentials from an external process can potentially be dangerous, + * so proceed with caution. Other credential providers should be preferred if + * at all possible. If using this option, you should make sure that the shared + * credentials file is as locked down as possible using security best practices + * for your operating system. + * + * ## Using custom profiles + * + * The SDK supports loading credentials for separate profiles. This can be done + * in two ways: + * + * 1. Set the `AWS_PROFILE` environment variable in your process prior to + * loading the SDK. + * 2. Directly load the AWS.ProcessCredentials provider: + * + * ```javascript + * var creds = new AWS.ProcessCredentials({profile: 'myprofile'}); + * AWS.config.credentials = creds; + * ``` + * + * @!macro nobrowser + */ +AWS.ProcessCredentials = AWS.util.inherit(AWS.Credentials, { + /** + * Creates a new ProcessCredentials object. + * + * @param options [map] a set of options + * @option options profile [String] (AWS_PROFILE env var or 'default') + * the name of the profile to load. + * @option options filename [String] ('~/.aws/credentials' or defined by + * AWS_SHARED_CREDENTIALS_FILE process env var) + * the filename to use when loading credentials. + * @option options callback [Function] (err) Credentials are eagerly loaded + * by the constructor. When the callback is called with no error, the + * credentials have been loaded successfully. + */ + constructor: function ProcessCredentials(options) { + AWS.Credentials.call(this); + + options = options || {}; + + this.filename = options.filename; + this.profile = options.profile || process.env.AWS_PROFILE || AWS.util.defaultProfile; + this.get(options.callback || AWS.util.fn.noop); + }, + + /** + * @api private + */ + load: function load(callback) { + var self = this; + try { + var profiles = AWS.util.getProfilesFromSharedConfig(iniLoader, this.filename); + var profile = profiles[this.profile] || {}; + + if (Object.keys(profile).length === 0) { + throw AWS.util.error( + new Error('Profile ' + this.profile + ' not found'), + { code: 'ProcessCredentialsProviderFailure' } + ); + } + + if (profile['credential_process']) { + this.loadViaCredentialProcess(profile, function(err, data) { + if (err) { + callback(err, null); + } else { + self.expired = false; + self.accessKeyId = data.AccessKeyId; + self.secretAccessKey = data.SecretAccessKey; + self.sessionToken = data.SessionToken; + if (data.Expiration) { + self.expireTime = new Date(data.Expiration); + } + callback(null); + } + }); + } else { + throw AWS.util.error( + new Error('Profile ' + this.profile + ' did not include credential process'), + { code: 'ProcessCredentialsProviderFailure' } + ); + } + } catch (err) { + callback(err); + } + }, + + /** + * Executes the credential_process and retrieves + * credentials from the output + * @api private + * @param profile [map] credentials profile + * @throws ProcessCredentialsProviderFailure + */ + loadViaCredentialProcess: function loadViaCredentialProcess(profile, callback) { + proc.exec(profile['credential_process'], { env: process.env }, function(err, stdOut, stdErr) { + if (err) { + callback(AWS.util.error( + new Error('credential_process returned error'), + { code: 'ProcessCredentialsProviderFailure'} + ), null); + } else { + try { + var credData = JSON.parse(stdOut); + if (credData.Expiration) { + var currentTime = AWS.util.date.getDate(); + var expireTime = new Date(credData.Expiration); + if (expireTime < currentTime) { + throw Error('credential_process returned expired credentials'); + } + } + + if (credData.Version !== 1) { + throw Error('credential_process does not return Version == 1'); + } + callback(null, credData); + } catch (err) { + callback(AWS.util.error( + new Error(err.message), + { code: 'ProcessCredentialsProviderFailure'} + ), null); + } + } + }); + }, + + /** + * Loads the credentials from the credential process + * + * @callback callback function(err) + * Called after the credential process has been executed. When this + * callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see get + */ + refresh: function refresh(callback) { + iniLoader.clearCachedFiles(); + this.coalesceRefresh(callback || AWS.util.fn.callback); + } +}); + + +/***/ }), + +/***/ 3429: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741), + ENV_RELATIVE_URI = 'AWS_CONTAINER_CREDENTIALS_RELATIVE_URI', + ENV_FULL_URI = 'AWS_CONTAINER_CREDENTIALS_FULL_URI', + ENV_AUTH_TOKEN = 'AWS_CONTAINER_AUTHORIZATION_TOKEN', + FULL_URI_UNRESTRICTED_PROTOCOLS = ['https:'], + FULL_URI_ALLOWED_PROTOCOLS = ['http:', 'https:'], + FULL_URI_ALLOWED_HOSTNAMES = ['localhost', '127.0.0.1'], + RELATIVE_URI_HOST = '169.254.170.2'; + +/** + * Represents credentials received from specified URI. + * + * This class will request refreshable credentials from the relative URI + * specified by the AWS_CONTAINER_CREDENTIALS_RELATIVE_URI or the + * AWS_CONTAINER_CREDENTIALS_FULL_URI environment variable. If valid credentials + * are returned in the response, these will be used with zero configuration. + * + * This credentials class will by default timeout after 1 second of inactivity + * and retry 3 times. + * If your requests to the relative URI are timing out, you can increase + * the value by configuring them directly: + * + * ```javascript + * AWS.config.credentials = new AWS.RemoteCredentials({ + * httpOptions: { timeout: 5000 }, // 5 second timeout + * maxRetries: 10, // retry 10 times + * retryDelayOptions: { base: 200 } // see AWS.Config for information + * }); + * ``` + * + * @see AWS.Config.retryDelayOptions + * + * @!macro nobrowser + */ +AWS.RemoteCredentials = AWS.util.inherit(AWS.Credentials, { + constructor: function RemoteCredentials(options) { + AWS.Credentials.call(this); + options = options ? AWS.util.copy(options) : {}; + if (!options.httpOptions) options.httpOptions = {}; + options.httpOptions = AWS.util.merge( + this.httpOptions, options.httpOptions); + AWS.util.update(this, options); + }, + + /** + * @api private + */ + httpOptions: { timeout: 1000 }, + + /** + * @api private + */ + maxRetries: 3, + + /** + * @api private + */ + isConfiguredForEcsCredentials: function isConfiguredForEcsCredentials() { + return Boolean( + process && + process.env && + (process.env[ENV_RELATIVE_URI] || process.env[ENV_FULL_URI]) + ); + }, + + /** + * @api private + */ + getECSFullUri: function getECSFullUri() { + if (process && process.env) { + var relative = process.env[ENV_RELATIVE_URI], + full = process.env[ENV_FULL_URI]; + if (relative) { + return 'http://' + RELATIVE_URI_HOST + relative; + } else if (full) { + var parsed = AWS.util.urlParse(full); + if (FULL_URI_ALLOWED_PROTOCOLS.indexOf(parsed.protocol) < 0) { + throw AWS.util.error( + new Error('Unsupported protocol: AWS.RemoteCredentials supports ' + + FULL_URI_ALLOWED_PROTOCOLS.join(',') + ' only; ' + + parsed.protocol + ' requested.'), + { code: 'ECSCredentialsProviderFailure' } + ); + } + + if (FULL_URI_UNRESTRICTED_PROTOCOLS.indexOf(parsed.protocol) < 0 && + FULL_URI_ALLOWED_HOSTNAMES.indexOf(parsed.hostname) < 0) { + throw AWS.util.error( + new Error('Unsupported hostname: AWS.RemoteCredentials only supports ' + + FULL_URI_ALLOWED_HOSTNAMES.join(',') + ' for ' + parsed.protocol + '; ' + + parsed.protocol + '//' + parsed.hostname + ' requested.'), + { code: 'ECSCredentialsProviderFailure' } + ); + } + + return full; + } else { + throw AWS.util.error( + new Error('Variable ' + ENV_RELATIVE_URI + ' or ' + ENV_FULL_URI + + ' must be set to use AWS.RemoteCredentials.'), + { code: 'ECSCredentialsProviderFailure' } + ); + } + } else { + throw AWS.util.error( + new Error('No process info available'), + { code: 'ECSCredentialsProviderFailure' } + ); + } + }, + + /** + * @api private + */ + getECSAuthToken: function getECSAuthToken() { + if (process && process.env && process.env[ENV_FULL_URI]) { + return process.env[ENV_AUTH_TOKEN]; + } + }, + + /** + * @api private + */ + credsFormatIsValid: function credsFormatIsValid(credData) { + return (!!credData.accessKeyId && !!credData.secretAccessKey && + !!credData.sessionToken && !!credData.expireTime); + }, + + /** + * @api private + */ + formatCreds: function formatCreds(credData) { + if (!!credData.credentials) { + credData = credData.credentials; + } + + return { + expired: false, + accessKeyId: credData.accessKeyId || credData.AccessKeyId, + secretAccessKey: credData.secretAccessKey || credData.SecretAccessKey, + sessionToken: credData.sessionToken || credData.Token, + expireTime: new Date(credData.expiration || credData.Expiration) + }; + }, + + /** + * @api private + */ + request: function request(url, callback) { + var httpRequest = new AWS.HttpRequest(url); + httpRequest.method = 'GET'; + httpRequest.headers.Accept = 'application/json'; + var token = this.getECSAuthToken(); + if (token) { + httpRequest.headers.Authorization = token; + } + AWS.util.handleRequestWithRetries(httpRequest, this, callback); + }, + + /** + * Loads the credentials from the relative URI specified by container + * + * @callback callback function(err) + * Called when the request to the relative URI responds (or fails). When + * this callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, `sessionToken`, and `expireTime` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see get + */ + refresh: function refresh(callback) { + this.coalesceRefresh(callback || AWS.util.fn.callback); + }, + + /** + * @api private + */ + load: function load(callback) { + var self = this; + var fullUri; + + try { + fullUri = this.getECSFullUri(); + } catch (err) { + callback(err); + return; + } + + this.request(fullUri, function(err, data) { + if (!err) { + try { + data = JSON.parse(data); + var creds = self.formatCreds(data); + if (!self.credsFormatIsValid(creds)) { + throw AWS.util.error( + new Error('Response data is not in valid format'), + { code: 'ECSCredentialsProviderFailure' } + ); + } + AWS.util.update(self, creds); + } catch (dataError) { + err = dataError; + } + } + callback(err, creds); + }); + } +}); + + +/***/ }), + +/***/ 1937: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var STS = __nccwpck_require4_(2787); + +/** + * Represents credentials retrieved from STS SAML support. + * + * By default this provider gets credentials using the + * {AWS.STS.assumeRoleWithSAML} service operation. This operation + * requires a `RoleArn` containing the ARN of the IAM trust policy for the + * application for which credentials will be given, as well as a `PrincipalArn` + * representing the ARN for the SAML identity provider. In addition, the + * `SAMLAssertion` must be set to the token provided by the identity + * provider. See {constructor} for an example on creating a credentials + * object with proper `RoleArn`, `PrincipalArn`, and `SAMLAssertion` values. + * + * ## Refreshing Credentials from Identity Service + * + * In addition to AWS credentials expiring after a given amount of time, the + * login token from the identity provider will also expire. Once this token + * expires, it will not be usable to refresh AWS credentials, and another + * token will be needed. The SDK does not manage refreshing of the token value, + * but this can be done through a "refresh token" supported by most identity + * providers. Consult the documentation for the identity provider for refreshing + * tokens. Once the refreshed token is acquired, you should make sure to update + * this new token in the credentials object's {params} property. The following + * code will update the SAMLAssertion, assuming you have retrieved an updated + * token from the identity provider: + * + * ```javascript + * AWS.config.credentials.params.SAMLAssertion = updatedToken; + * ``` + * + * Future calls to `credentials.refresh()` will now use the new token. + * + * @!attribute params + * @return [map] the map of params passed to + * {AWS.STS.assumeRoleWithSAML}. To update the token, set the + * `params.SAMLAssertion` property. + */ +AWS.SAMLCredentials = AWS.util.inherit(AWS.Credentials, { + /** + * Creates a new credentials object. + * @param (see AWS.STS.assumeRoleWithSAML) + * @example Creating a new credentials object + * AWS.config.credentials = new AWS.SAMLCredentials({ + * RoleArn: 'arn:aws:iam::1234567890:role/SAMLRole', + * PrincipalArn: 'arn:aws:iam::1234567890:role/SAMLPrincipal', + * SAMLAssertion: 'base64-token', // base64-encoded token from IdP + * }); + * @see AWS.STS.assumeRoleWithSAML + */ + constructor: function SAMLCredentials(params) { + AWS.Credentials.call(this); + this.expired = true; + this.params = params; + }, + + /** + * Refreshes credentials using {AWS.STS.assumeRoleWithSAML} + * + * @callback callback function(err) + * Called when the STS service responds (or fails). When + * this callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see get + */ + refresh: function refresh(callback) { + this.coalesceRefresh(callback || AWS.util.fn.callback); + }, + + /** + * @api private + */ + load: function load(callback) { + var self = this; + self.createClients(); + self.service.assumeRoleWithSAML(function (err, data) { + if (!err) { + self.service.credentialsFrom(data, self); + } + callback(err); + }); + }, + + /** + * @api private + */ + createClients: function() { + this.service = this.service || new STS({params: this.params}); + } + +}); + + +/***/ }), + +/***/ 1587: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var STS = __nccwpck_require4_(2787); +var iniLoader = AWS.util.iniLoader; + +var ASSUME_ROLE_DEFAULT_REGION = 'us-east-1'; + +/** + * Represents credentials loaded from shared credentials file + * (defaulting to ~/.aws/credentials or defined by the + * `AWS_SHARED_CREDENTIALS_FILE` environment variable). + * + * ## Using the shared credentials file + * + * This provider is checked by default in the Node.js environment. To use the + * credentials file provider, simply add your access and secret keys to the + * ~/.aws/credentials file in the following format: + * + * [default] + * aws_access_key_id = AKID... + * aws_secret_access_key = YOUR_SECRET_KEY + * + * ## Using custom profiles + * + * The SDK supports loading credentials for separate profiles. This can be done + * in two ways: + * + * 1. Set the `AWS_PROFILE` environment variable in your process prior to + * loading the SDK. + * 2. Directly load the AWS.SharedIniFileCredentials provider: + * + * ```javascript + * var creds = new AWS.SharedIniFileCredentials({profile: 'myprofile'}); + * AWS.config.credentials = creds; + * ``` + * + * @!macro nobrowser + */ +AWS.SharedIniFileCredentials = AWS.util.inherit(AWS.Credentials, { + /** + * Creates a new SharedIniFileCredentials object. + * + * @param options [map] a set of options + * @option options profile [String] (AWS_PROFILE env var or 'default') + * the name of the profile to load. + * @option options filename [String] ('~/.aws/credentials' or defined by + * AWS_SHARED_CREDENTIALS_FILE process env var) + * the filename to use when loading credentials. + * @option options disableAssumeRole [Boolean] (false) True to disable + * support for profiles that assume an IAM role. If true, and an assume + * role profile is selected, an error is raised. + * @option options preferStaticCredentials [Boolean] (false) True to + * prefer static credentials to role_arn if both are present. + * @option options tokenCodeFn [Function] (null) Function to provide + * STS Assume Role TokenCode, if mfa_serial is provided for profile in ini + * file. Function is called with value of mfa_serial and callback, and + * should provide the TokenCode or an error to the callback in the format + * callback(err, token) + * @option options callback [Function] (err) Credentials are eagerly loaded + * by the constructor. When the callback is called with no error, the + * credentials have been loaded successfully. + * @option options httpOptions [map] A set of options to pass to the low-level + * HTTP request. Currently supported options are: + * * **proxy** [String] — the URL to proxy requests through + * * **agent** [http.Agent, https.Agent] — the Agent object to perform + * HTTP requests with. Used for connection pooling. Defaults to the global + * agent (`http.globalAgent`) for non-SSL connections. Note that for + * SSL connections, a special Agent object is used in order to enable + * peer certificate verification. This feature is only available in the + * Node.js environment. + * * **connectTimeout** [Integer] — Sets the socket to timeout after + * failing to establish a connection with the server after + * `connectTimeout` milliseconds. This timeout has no effect once a socket + * connection has been established. + * * **timeout** [Integer] — The number of milliseconds a request can + * take before automatically being terminated. + * Defaults to two minutes (120000). + */ + constructor: function SharedIniFileCredentials(options) { + AWS.Credentials.call(this); + + options = options || {}; + + this.filename = options.filename; + this.profile = options.profile || process.env.AWS_PROFILE || AWS.util.defaultProfile; + this.disableAssumeRole = Boolean(options.disableAssumeRole); + this.preferStaticCredentials = Boolean(options.preferStaticCredentials); + this.tokenCodeFn = options.tokenCodeFn || null; + this.httpOptions = options.httpOptions || null; + this.get(options.callback || AWS.util.fn.noop); + }, + + /** + * @api private + */ + load: function load(callback) { + var self = this; + try { + var profiles = AWS.util.getProfilesFromSharedConfig(iniLoader, this.filename); + var profile = profiles[this.profile] || {}; + + if (Object.keys(profile).length === 0) { + throw AWS.util.error( + new Error('Profile ' + this.profile + ' not found'), + { code: 'SharedIniFileCredentialsProviderFailure' } + ); + } + + /* + In the CLI, the presence of both a role_arn and static credentials have + different meanings depending on how many profiles have been visited. For + the first profile processed, role_arn takes precedence over any static + credentials, but for all subsequent profiles, static credentials are + used if present, and only in their absence will the profile's + source_profile and role_arn keys be used to load another set of + credentials. This var is intended to yield compatible behaviour in this + sdk. + */ + var preferStaticCredentialsToRoleArn = Boolean( + this.preferStaticCredentials + && profile['aws_access_key_id'] + && profile['aws_secret_access_key'] + ); + + if (profile['role_arn'] && !preferStaticCredentialsToRoleArn) { + this.loadRoleProfile(profiles, profile, function(err, data) { + if (err) { + callback(err); + } else { + self.expired = false; + self.accessKeyId = data.Credentials.AccessKeyId; + self.secretAccessKey = data.Credentials.SecretAccessKey; + self.sessionToken = data.Credentials.SessionToken; + self.expireTime = data.Credentials.Expiration; + callback(null); + } + }); + return; + } + + this.accessKeyId = profile['aws_access_key_id']; + this.secretAccessKey = profile['aws_secret_access_key']; + this.sessionToken = profile['aws_session_token']; + + if (!this.accessKeyId || !this.secretAccessKey) { + throw AWS.util.error( + new Error('Credentials not set for profile ' + this.profile), + { code: 'SharedIniFileCredentialsProviderFailure' } + ); + } + this.expired = false; + callback(null); + } catch (err) { + callback(err); + } + }, + + /** + * Loads the credentials from the shared credentials file + * + * @callback callback function(err) + * Called after the shared INI file on disk is read and parsed. When this + * callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see get + */ + refresh: function refresh(callback) { + iniLoader.clearCachedFiles(); + this.coalesceRefresh( + callback || AWS.util.fn.callback, + this.disableAssumeRole + ); + }, + + /** + * @api private + */ + loadRoleProfile: function loadRoleProfile(creds, roleProfile, callback) { + if (this.disableAssumeRole) { + throw AWS.util.error( + new Error('Role assumption profiles are disabled. ' + + 'Failed to load profile ' + this.profile + + ' from ' + creds.filename), + { code: 'SharedIniFileCredentialsProviderFailure' } + ); + } + + var self = this; + var roleArn = roleProfile['role_arn']; + var roleSessionName = roleProfile['role_session_name']; + var externalId = roleProfile['external_id']; + var mfaSerial = roleProfile['mfa_serial']; + var sourceProfileName = roleProfile['source_profile']; + + // From experimentation, the following behavior mimics the AWS CLI: + // + // 1. Use region from the profile if present. + // 2. Otherwise fall back to N. Virginia (global endpoint). + // + // It is necessary to do the fallback explicitly, because if + // 'AWS_STS_REGIONAL_ENDPOINTS=regional', the underlying STS client will + // otherwise throw an error if region is left 'undefined'. + // + // Experimentation shows that the AWS CLI (tested at version 1.18.136) + // ignores the following potential sources of a region for the purposes of + // this AssumeRole call: + // + // - The [default] profile + // - The AWS_REGION environment variable + // + // Ignoring the [default] profile for the purposes of AssumeRole is arguably + // a bug in the CLI since it does use the [default] region for service + // calls... but right now we're matching behavior of the other tool. + var profileRegion = roleProfile['region'] || ASSUME_ROLE_DEFAULT_REGION; + + if (!sourceProfileName) { + throw AWS.util.error( + new Error('source_profile is not set using profile ' + this.profile), + { code: 'SharedIniFileCredentialsProviderFailure' } + ); + } + + var sourceProfileExistanceTest = creds[sourceProfileName]; + + if (typeof sourceProfileExistanceTest !== 'object') { + throw AWS.util.error( + new Error('source_profile ' + sourceProfileName + ' using profile ' + + this.profile + ' does not exist'), + { code: 'SharedIniFileCredentialsProviderFailure' } + ); + } + + var sourceCredentials = new AWS.SharedIniFileCredentials( + AWS.util.merge(this.options || {}, { + profile: sourceProfileName, + preferStaticCredentials: true + }) + ); + + this.roleArn = roleArn; + var sts = new STS({ + credentials: sourceCredentials, + region: profileRegion, + httpOptions: this.httpOptions + }); + + var roleParams = { + RoleArn: roleArn, + RoleSessionName: roleSessionName || 'aws-sdk-js-' + Date.now() + }; + + if (externalId) { + roleParams.ExternalId = externalId; + } + + if (mfaSerial && self.tokenCodeFn) { + roleParams.SerialNumber = mfaSerial; + self.tokenCodeFn(mfaSerial, function(err, token) { + if (err) { + var message; + if (err instanceof Error) { + message = err.message; + } else { + message = err; + } + callback( + AWS.util.error( + new Error('Error fetching MFA token: ' + message), + { code: 'SharedIniFileCredentialsProviderFailure' } + )); + return; + } + + roleParams.TokenCode = token; + sts.assumeRole(roleParams, callback); + }); + return; + } + sts.assumeRole(roleParams, callback); + } +}); + + +/***/ }), + +/***/ 157: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var path = __nccwpck_require4_(1017); +var crypto = __nccwpck_require4_(6113); +var iniLoader = AWS.util.iniLoader; + +/** + * Represents credentials from sso.getRoleCredentials API for + * `sso_*` values defined in shared credentials file. + * + * ## Using SSO credentials + * + * The credentials file must specify the information below to use sso: + * + * [default] + * sso_account_id = 012345678901 + * sso_region = us-east-1 + * sso_role_name = SampleRole + * sso_start_url = https://d-abc123.awsapps.com/start + * + * This information will be automatically added to your shared credentials file by running + * `aws configure sso`. + * + * ## Using custom profiles + * + * The SDK supports loading credentials for separate profiles. This can be done + * in two ways: + * + * 1. Set the `AWS_PROFILE` environment variable in your process prior to + * loading the SDK. + * 2. Directly load the AWS.SsoCredentials provider: + * + * ```javascript + * var creds = new AWS.SsoCredentials({profile: 'myprofile'}); + * AWS.config.credentials = creds; + * ``` + * + * @!macro nobrowser + */ +AWS.SsoCredentials = AWS.util.inherit(AWS.Credentials, { + /** + * Creates a new SsoCredentials object. + * + * @param options [map] a set of options + * @option options profile [String] (AWS_PROFILE env var or 'default') + * the name of the profile to load. + * @option options filename [String] ('~/.aws/credentials' or defined by + * AWS_SHARED_CREDENTIALS_FILE process env var) + * the filename to use when loading credentials. + * @option options callback [Function] (err) Credentials are eagerly loaded + * by the constructor. When the callback is called with no error, the + * credentials have been loaded successfully. + */ + constructor: function SsoCredentials(options) { + AWS.Credentials.call(this); + + options = options || {}; + this.errorCode = 'SsoCredentialsProviderFailure'; + this.expired = true; + + this.filename = options.filename; + this.profile = options.profile || process.env.AWS_PROFILE || AWS.util.defaultProfile; + this.service = options.ssoClient; + this.get(options.callback || AWS.util.fn.noop); + }, + + /** + * @api private + */ + load: function load(callback) { + /** + * The time window (15 mins) that SDK will treat the SSO token expires in before the defined expiration date in token. + * This is needed because server side may have invalidated the token before the defined expiration date. + * + * @internal + */ + var EXPIRE_WINDOW_MS = 15 * 60 * 1000; + var self = this; + try { + var profiles = AWS.util.getProfilesFromSharedConfig(iniLoader, this.filename); + var profile = profiles[this.profile] || {}; + + if (Object.keys(profile).length === 0) { + throw AWS.util.error( + new Error('Profile ' + this.profile + ' not found'), + { code: self.errorCode } + ); + } + + if (!profile.sso_start_url || !profile.sso_account_id || !profile.sso_region || !profile.sso_role_name) { + throw AWS.util.error( + new Error('Profile ' + this.profile + ' does not have valid SSO credentials. Required parameters "sso_account_id", "sso_region", ' + + '"sso_role_name", "sso_start_url". Reference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html'), + { code: self.errorCode } + ); + } + + var hasher = crypto.createHash('sha1'); + var fileName = hasher.update(profile.sso_start_url).digest('hex') + '.json'; + + var cachePath = path.join( + iniLoader.getHomeDir(), + '.aws', + 'sso', + 'cache', + fileName + ); + var cacheFile = AWS.util.readFileSync(cachePath); + var cacheContent = null; + if (cacheFile) { + cacheContent = JSON.parse(cacheFile); + } + + if (!cacheContent) { + throw AWS.util.error( + new Error('Cached credentials not found under ' + this.profile + ' profile. Please make sure you log in with aws sso login first'), + { code: self.errorCode } + ); + } + + if (!cacheContent.startUrl || !cacheContent.region || !cacheContent.accessToken || !cacheContent.expiresAt) { + throw AWS.util.error( + new Error('Cached credentials are missing required properties. Try running aws sso login.') + ); + } + + if (new Date(cacheContent.expiresAt).getTime() - Date.now() <= EXPIRE_WINDOW_MS) { + throw AWS.util.error(new Error( + 'The SSO session associated with this profile has expired. To refresh this SSO session run aws sso login with the corresponding profile.' + )); + } + + if (!self.service || self.service.config.region !== profile.sso_region) { + self.service = new AWS.SSO({ region: profile.sso_region }); + } + var request = { + accessToken: cacheContent.accessToken, + accountId: profile.sso_account_id, + roleName: profile.sso_role_name, + }; + self.service.getRoleCredentials(request, function(err, data) { + if (err || !data || !data.roleCredentials) { + callback(AWS.util.error( + err || new Error('Please log in using "aws sso login"'), + { code: self.errorCode } + ), null); + } else if (!data.roleCredentials.accessKeyId || !data.roleCredentials.secretAccessKey || !data.roleCredentials.sessionToken || !data.roleCredentials.expiration) { + throw AWS.util.error(new Error( + 'SSO returns an invalid temporary credential.' + )); + } else { + self.expired = false; + self.accessKeyId = data.roleCredentials.accessKeyId; + self.secretAccessKey = data.roleCredentials.secretAccessKey; + self.sessionToken = data.roleCredentials.sessionToken; + self.expireTime = new Date(data.roleCredentials.expiration); + callback(null); + } + }); + } catch (err) { + callback(err); + } + }, + + /** + * Loads the credentials from the AWS SSO process + * + * @callback callback function(err) + * Called after the AWS SSO process has been executed. When this + * callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see get + */ + refresh: function refresh(callback) { + iniLoader.clearCachedFiles(); + this.coalesceRefresh(callback || AWS.util.fn.callback); + }, +}); + + +/***/ }), + +/***/ 8849: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var STS = __nccwpck_require4_(2787); + +/** + * Represents temporary credentials retrieved from {AWS.STS}. Without any + * extra parameters, credentials will be fetched from the + * {AWS.STS.getSessionToken} operation. If an IAM role is provided, the + * {AWS.STS.assumeRole} operation will be used to fetch credentials for the + * role instead. + * + * @note AWS.TemporaryCredentials is deprecated, but remains available for + * backwards compatibility. {AWS.ChainableTemporaryCredentials} is the + * preferred class for temporary credentials. + * + * To setup temporary credentials, configure a set of master credentials + * using the standard credentials providers (environment, EC2 instance metadata, + * or from the filesystem), then set the global credentials to a new + * temporary credentials object: + * + * ```javascript + * // Note that environment credentials are loaded by default, + * // the following line is shown for clarity: + * AWS.config.credentials = new AWS.EnvironmentCredentials('AWS'); + * + * // Now set temporary credentials seeded from the master credentials + * AWS.config.credentials = new AWS.TemporaryCredentials(); + * + * // subsequent requests will now use temporary credentials from AWS STS. + * new AWS.S3().listBucket(function(err, data) { ... }); + * ``` + * + * @!attribute masterCredentials + * @return [AWS.Credentials] the master (non-temporary) credentials used to + * get and refresh temporary credentials from AWS STS. + * @note (see constructor) + */ +AWS.TemporaryCredentials = AWS.util.inherit(AWS.Credentials, { + /** + * Creates a new temporary credentials object. + * + * @note In order to create temporary credentials, you first need to have + * "master" credentials configured in {AWS.Config.credentials}. These + * master credentials are necessary to retrieve the temporary credentials, + * as well as refresh the credentials when they expire. + * @param params [map] a map of options that are passed to the + * {AWS.STS.assumeRole} or {AWS.STS.getSessionToken} operations. + * If a `RoleArn` parameter is passed in, credentials will be based on the + * IAM role. + * @param masterCredentials [AWS.Credentials] the master (non-temporary) credentials + * used to get and refresh temporary credentials from AWS STS. + * @example Creating a new credentials object for generic temporary credentials + * AWS.config.credentials = new AWS.TemporaryCredentials(); + * @example Creating a new credentials object for an IAM role + * AWS.config.credentials = new AWS.TemporaryCredentials({ + * RoleArn: 'arn:aws:iam::1234567890:role/TemporaryCredentials', + * }); + * @see AWS.STS.assumeRole + * @see AWS.STS.getSessionToken + */ + constructor: function TemporaryCredentials(params, masterCredentials) { + AWS.Credentials.call(this); + this.loadMasterCredentials(masterCredentials); + this.expired = true; + + this.params = params || {}; + if (this.params.RoleArn) { + this.params.RoleSessionName = + this.params.RoleSessionName || 'temporary-credentials'; + } + }, + + /** + * Refreshes credentials using {AWS.STS.assumeRole} or + * {AWS.STS.getSessionToken}, depending on whether an IAM role ARN was passed + * to the credentials {constructor}. + * + * @callback callback function(err) + * Called when the STS service responds (or fails). When + * this callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see get + */ + refresh: function refresh (callback) { + this.coalesceRefresh(callback || AWS.util.fn.callback); + }, + + /** + * @api private + */ + load: function load (callback) { + var self = this; + self.createClients(); + self.masterCredentials.get(function () { + self.service.config.credentials = self.masterCredentials; + var operation = self.params.RoleArn ? + self.service.assumeRole : self.service.getSessionToken; + operation.call(self.service, function (err, data) { + if (!err) { + self.service.credentialsFrom(data, self); + } + callback(err); + }); + }); + }, + + /** + * @api private + */ + loadMasterCredentials: function loadMasterCredentials (masterCredentials) { + this.masterCredentials = masterCredentials || AWS.config.credentials; + while (this.masterCredentials.masterCredentials) { + this.masterCredentials = this.masterCredentials.masterCredentials; + } + + if (typeof this.masterCredentials.get !== 'function') { + this.masterCredentials = new AWS.Credentials(this.masterCredentials); + } + }, + + /** + * @api private + */ + createClients: function () { + this.service = this.service || new STS({params: this.params}); + } + +}); + + +/***/ }), + +/***/ 191: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var fs = __nccwpck_require4_(7147); +var STS = __nccwpck_require4_(2787); +var iniLoader = AWS.util.iniLoader; + +/** + * Represents OIDC credentials from a file on disk + * If the credentials expire, the SDK can {refresh} the credentials + * from the file. + * + * ## Using the web identity token file + * + * This provider is checked by default in the Node.js environment. To use + * the provider simply add your OIDC token to a file (ASCII encoding) and + * share the filename in either AWS_WEB_IDENTITY_TOKEN_FILE environment + * variable or web_identity_token_file shared config variable + * + * The file contains encoded OIDC token and the characters are + * ASCII encoded. OIDC tokens are JSON Web Tokens (JWT). + * JWT's are 3 base64 encoded strings joined by the '.' character. + * + * This class will read filename from AWS_WEB_IDENTITY_TOKEN_FILE + * environment variable or web_identity_token_file shared config variable, + * and get the OIDC token from filename. + * It will also read IAM role to be assumed from AWS_ROLE_ARN + * environment variable or role_arn shared config variable. + * This provider gets credetials using the {AWS.STS.assumeRoleWithWebIdentity} + * service operation + * + * @!macro nobrowser + */ +AWS.TokenFileWebIdentityCredentials = AWS.util.inherit(AWS.Credentials, { + + /** + * @example Creating a new credentials object + * AWS.config.credentials = new AWS.TokenFileWebIdentityCredentials( + * // optionally provide configuration to apply to the underlying AWS.STS service client + * // if configuration is not provided, then configuration will be pulled from AWS.config + * { + * // specify timeout options + * httpOptions: { + * timeout: 100 + * } + * }); + * @see AWS.Config + */ + constructor: function TokenFileWebIdentityCredentials(clientConfig) { + AWS.Credentials.call(this); + this.data = null; + this.clientConfig = AWS.util.copy(clientConfig || {}); + }, + + /** + * Returns params from environment variables + * + * @api private + */ + getParamsFromEnv: function getParamsFromEnv() { + var ENV_TOKEN_FILE = 'AWS_WEB_IDENTITY_TOKEN_FILE', + ENV_ROLE_ARN = 'AWS_ROLE_ARN'; + if (process.env[ENV_TOKEN_FILE] && process.env[ENV_ROLE_ARN]) { + return [{ + envTokenFile: process.env[ENV_TOKEN_FILE], + roleArn: process.env[ENV_ROLE_ARN], + roleSessionName: process.env['AWS_ROLE_SESSION_NAME'] + }]; + } + }, + + /** + * Returns params from shared config variables + * + * @api private + */ + getParamsFromSharedConfig: function getParamsFromSharedConfig() { + var profiles = AWS.util.getProfilesFromSharedConfig(iniLoader); + var profileName = process.env.AWS_PROFILE || AWS.util.defaultProfile; + var profile = profiles[profileName] || {}; + + if (Object.keys(profile).length === 0) { + throw AWS.util.error( + new Error('Profile ' + profileName + ' not found'), + { code: 'TokenFileWebIdentityCredentialsProviderFailure' } + ); + } + + var paramsArray = []; + + while (!profile['web_identity_token_file'] && profile['source_profile']) { + paramsArray.unshift({ + roleArn: profile['role_arn'], + roleSessionName: profile['role_session_name'] + }); + var sourceProfile = profile['source_profile']; + profile = profiles[sourceProfile]; + } + + paramsArray.unshift({ + envTokenFile: profile['web_identity_token_file'], + roleArn: profile['role_arn'], + roleSessionName: profile['role_session_name'] + }); + + return paramsArray; + }, + + /** + * Refreshes credentials using {AWS.STS.assumeRoleWithWebIdentity} + * + * @callback callback function(err) + * Called when the STS service responds (or fails). When + * this callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see AWS.Credentials.get + */ + refresh: function refresh(callback) { + this.coalesceRefresh(callback || AWS.util.fn.callback); + }, + + /** + * @api private + */ + assumeRoleChaining: function assumeRoleChaining(paramsArray, callback) { + var self = this; + if (paramsArray.length === 0) { + self.service.credentialsFrom(self.data, self); + callback(); + } else { + var params = paramsArray.shift(); + self.service.config.credentials = self.service.credentialsFrom(self.data, self); + self.service.assumeRole( + { + RoleArn: params.roleArn, + RoleSessionName: params.roleSessionName || 'token-file-web-identity' + }, + function (err, data) { + self.data = null; + if (err) { + callback(err); + } else { + self.data = data; + self.assumeRoleChaining(paramsArray, callback); + } + } + ); + } + }, + + /** + * @api private + */ + load: function load(callback) { + var self = this; + try { + var paramsArray = self.getParamsFromEnv(); + if (!paramsArray) { + paramsArray = self.getParamsFromSharedConfig(); + } + if (paramsArray) { + var params = paramsArray.shift(); + var oidcToken = fs.readFileSync(params.envTokenFile, {encoding: 'ascii'}); + if (!self.service) { + self.createClients(); + } + self.service.assumeRoleWithWebIdentity( + { + WebIdentityToken: oidcToken, + RoleArn: params.roleArn, + RoleSessionName: params.roleSessionName || 'token-file-web-identity' + }, + function (err, data) { + self.data = null; + if (err) { + callback(err); + } else { + self.data = data; + self.assumeRoleChaining(paramsArray, callback); + } + } + ); + } + } catch (err) { + callback(err); + } + }, + + /** + * @api private + */ + createClients: function() { + if (!this.service) { + var stsConfig = AWS.util.merge({}, this.clientConfig); + this.service = new STS(stsConfig); + + // Retry in case of IDPCommunicationErrorException or InvalidIdentityToken + this.service.retryableError = function(error) { + if (error.code === 'IDPCommunicationErrorException' || error.code === 'InvalidIdentityToken') { + return true; + } else { + return AWS.Service.prototype.retryableError.call(this, error); + } + }; + } + } +}); + + +/***/ }), + +/***/ 8787: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var STS = __nccwpck_require4_(2787); + +/** + * Represents credentials retrieved from STS Web Identity Federation support. + * + * By default this provider gets credentials using the + * {AWS.STS.assumeRoleWithWebIdentity} service operation. This operation + * requires a `RoleArn` containing the ARN of the IAM trust policy for the + * application for which credentials will be given. In addition, the + * `WebIdentityToken` must be set to the token provided by the identity + * provider. See {constructor} for an example on creating a credentials + * object with proper `RoleArn` and `WebIdentityToken` values. + * + * ## Refreshing Credentials from Identity Service + * + * In addition to AWS credentials expiring after a given amount of time, the + * login token from the identity provider will also expire. Once this token + * expires, it will not be usable to refresh AWS credentials, and another + * token will be needed. The SDK does not manage refreshing of the token value, + * but this can be done through a "refresh token" supported by most identity + * providers. Consult the documentation for the identity provider for refreshing + * tokens. Once the refreshed token is acquired, you should make sure to update + * this new token in the credentials object's {params} property. The following + * code will update the WebIdentityToken, assuming you have retrieved an updated + * token from the identity provider: + * + * ```javascript + * AWS.config.credentials.params.WebIdentityToken = updatedToken; + * ``` + * + * Future calls to `credentials.refresh()` will now use the new token. + * + * @!attribute params + * @return [map] the map of params passed to + * {AWS.STS.assumeRoleWithWebIdentity}. To update the token, set the + * `params.WebIdentityToken` property. + * @!attribute data + * @return [map] the raw data response from the call to + * {AWS.STS.assumeRoleWithWebIdentity}. Use this if you want to get + * access to other properties from the response. + */ +AWS.WebIdentityCredentials = AWS.util.inherit(AWS.Credentials, { + /** + * Creates a new credentials object. + * @param (see AWS.STS.assumeRoleWithWebIdentity) + * @example Creating a new credentials object + * AWS.config.credentials = new AWS.WebIdentityCredentials({ + * RoleArn: 'arn:aws:iam::1234567890:role/WebIdentity', + * WebIdentityToken: 'ABCDEFGHIJKLMNOP', // token from identity service + * RoleSessionName: 'web' // optional name, defaults to web-identity + * }, { + * // optionally provide configuration to apply to the underlying AWS.STS service client + * // if configuration is not provided, then configuration will be pulled from AWS.config + * + * // specify timeout options + * httpOptions: { + * timeout: 100 + * } + * }); + * @see AWS.STS.assumeRoleWithWebIdentity + * @see AWS.Config + */ + constructor: function WebIdentityCredentials(params, clientConfig) { + AWS.Credentials.call(this); + this.expired = true; + this.params = params; + this.params.RoleSessionName = this.params.RoleSessionName || 'web-identity'; + this.data = null; + this._clientConfig = AWS.util.copy(clientConfig || {}); + }, + + /** + * Refreshes credentials using {AWS.STS.assumeRoleWithWebIdentity} + * + * @callback callback function(err) + * Called when the STS service responds (or fails). When + * this callback is called with no error, it means that the credentials + * information has been loaded into the object (as the `accessKeyId`, + * `secretAccessKey`, and `sessionToken` properties). + * @param err [Error] if an error occurred, this value will be filled + * @see get + */ + refresh: function refresh(callback) { + this.coalesceRefresh(callback || AWS.util.fn.callback); + }, + + /** + * @api private + */ + load: function load(callback) { + var self = this; + self.createClients(); + self.service.assumeRoleWithWebIdentity(function (err, data) { + self.data = null; + if (!err) { + self.data = data; + self.service.credentialsFrom(data, self); + } + callback(err); + }); + }, + + /** + * @api private + */ + createClients: function() { + if (!this.service) { + var stsConfig = AWS.util.merge({}, this._clientConfig); + stsConfig.params = this.params; + this.service = new STS(stsConfig); + } + } + +}); + + +/***/ }), + +/***/ 9249: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var util = __nccwpck_require4_(3956); +var endpointDiscoveryEnabledEnvs = ['AWS_ENABLE_ENDPOINT_DISCOVERY', 'AWS_ENDPOINT_DISCOVERY_ENABLED']; + +/** + * Generate key (except resources and operation part) to index the endpoints in the cache + * If input shape has endpointdiscoveryid trait then use + * accessKey + operation + resources + region + service as cache key + * If input shape doesn't have endpointdiscoveryid trait then use + * accessKey + region + service as cache key + * @return [map] object with keys to index endpoints. + * @api private + */ +function getCacheKey(request) { + var service = request.service; + var api = service.api || {}; + var operations = api.operations; + var identifiers = {}; + if (service.config.region) { + identifiers.region = service.config.region; + } + if (api.serviceId) { + identifiers.serviceId = api.serviceId; + } + if (service.config.credentials.accessKeyId) { + identifiers.accessKeyId = service.config.credentials.accessKeyId; + } + return identifiers; +} + +/** + * Recursive helper for marshallCustomIdentifiers(). + * Looks for required string input members that have 'endpointdiscoveryid' trait. + * @api private + */ +function marshallCustomIdentifiersHelper(result, params, shape) { + if (!shape || params === undefined || params === null) return; + if (shape.type === 'structure' && shape.required && shape.required.length > 0) { + util.arrayEach(shape.required, function(name) { + var memberShape = shape.members[name]; + if (memberShape.endpointDiscoveryId === true) { + var locationName = memberShape.isLocationName ? memberShape.name : name; + result[locationName] = String(params[name]); + } else { + marshallCustomIdentifiersHelper(result, params[name], memberShape); + } + }); + } +} + +/** + * Get custom identifiers for cache key. + * Identifies custom identifiers by checking each shape's `endpointDiscoveryId` trait. + * @param [object] request object + * @param [object] input shape of the given operation's api + * @api private + */ +function marshallCustomIdentifiers(request, shape) { + var identifiers = {}; + marshallCustomIdentifiersHelper(identifiers, request.params, shape); + return identifiers; +} + +/** + * Call endpoint discovery operation when it's optional. + * When endpoint is available in cache then use the cached endpoints. If endpoints + * are unavailable then use regional endpoints and call endpoint discovery operation + * asynchronously. This is turned off by default. + * @param [object] request object + * @api private + */ +function optionalDiscoverEndpoint(request) { + var service = request.service; + var api = service.api; + var operationModel = api.operations ? api.operations[request.operation] : undefined; + var inputShape = operationModel ? operationModel.input : undefined; + + var identifiers = marshallCustomIdentifiers(request, inputShape); + var cacheKey = getCacheKey(request); + if (Object.keys(identifiers).length > 0) { + cacheKey = util.update(cacheKey, identifiers); + if (operationModel) cacheKey.operation = operationModel.name; + } + var endpoints = AWS.endpointCache.get(cacheKey); + if (endpoints && endpoints.length === 1 && endpoints[0].Address === '') { + //endpoint operation is being made but response not yet received + //or endpoint operation just failed in 1 minute + return; + } else if (endpoints && endpoints.length > 0) { + //found endpoint record from cache + request.httpRequest.updateEndpoint(endpoints[0].Address); + } else { + //endpoint record not in cache or outdated. make discovery operation + var endpointRequest = service.makeRequest(api.endpointOperation, { + Operation: operationModel.name, + Identifiers: identifiers, + }); + addApiVersionHeader(endpointRequest); + endpointRequest.removeListener('validate', AWS.EventListeners.Core.VALIDATE_PARAMETERS); + endpointRequest.removeListener('retry', AWS.EventListeners.Core.RETRY_CHECK); + //put in a placeholder for endpoints already requested, prevent + //too much in-flight calls + AWS.endpointCache.put(cacheKey, [{ + Address: '', + CachePeriodInMinutes: 1 + }]); + endpointRequest.send(function(err, data) { + if (data && data.Endpoints) { + AWS.endpointCache.put(cacheKey, data.Endpoints); + } else if (err) { + AWS.endpointCache.put(cacheKey, [{ + Address: '', + CachePeriodInMinutes: 1 //not to make more endpoint operation in next 1 minute + }]); + } + }); + } +} + +var requestQueue = {}; + +/** + * Call endpoint discovery operation when it's required. + * When endpoint is available in cache then use cached ones. If endpoints are + * unavailable then SDK should call endpoint operation then use returned new + * endpoint for the api call. SDK will automatically attempt to do endpoint + * discovery. This is turned off by default + * @param [object] request object + * @api private + */ +function requiredDiscoverEndpoint(request, done) { + var service = request.service; + var api = service.api; + var operationModel = api.operations ? api.operations[request.operation] : undefined; + var inputShape = operationModel ? operationModel.input : undefined; + + var identifiers = marshallCustomIdentifiers(request, inputShape); + var cacheKey = getCacheKey(request); + if (Object.keys(identifiers).length > 0) { + cacheKey = util.update(cacheKey, identifiers); + if (operationModel) cacheKey.operation = operationModel.name; + } + var cacheKeyStr = AWS.EndpointCache.getKeyString(cacheKey); + var endpoints = AWS.endpointCache.get(cacheKeyStr); //endpoint cache also accepts string keys + if (endpoints && endpoints.length === 1 && endpoints[0].Address === '') { + //endpoint operation is being made but response not yet received + //push request object to a pending queue + if (!requestQueue[cacheKeyStr]) requestQueue[cacheKeyStr] = []; + requestQueue[cacheKeyStr].push({request: request, callback: done}); + return; + } else if (endpoints && endpoints.length > 0) { + request.httpRequest.updateEndpoint(endpoints[0].Address); + done(); + } else { + var endpointRequest = service.makeRequest(api.endpointOperation, { + Operation: operationModel.name, + Identifiers: identifiers, + }); + endpointRequest.removeListener('validate', AWS.EventListeners.Core.VALIDATE_PARAMETERS); + addApiVersionHeader(endpointRequest); + + //put in a placeholder for endpoints already requested, prevent + //too much in-flight calls + AWS.endpointCache.put(cacheKeyStr, [{ + Address: '', + CachePeriodInMinutes: 60 //long-live cache + }]); + endpointRequest.send(function(err, data) { + if (err) { + request.response.error = util.error(err, { retryable: false }); + AWS.endpointCache.remove(cacheKey); + + //fail all the pending requests in batch + if (requestQueue[cacheKeyStr]) { + var pendingRequests = requestQueue[cacheKeyStr]; + util.arrayEach(pendingRequests, function(requestContext) { + requestContext.request.response.error = util.error(err, { retryable: false }); + requestContext.callback(); + }); + delete requestQueue[cacheKeyStr]; + } + } else if (data) { + AWS.endpointCache.put(cacheKeyStr, data.Endpoints); + request.httpRequest.updateEndpoint(data.Endpoints[0].Address); + + //update the endpoint for all the pending requests in batch + if (requestQueue[cacheKeyStr]) { + var pendingRequests = requestQueue[cacheKeyStr]; + util.arrayEach(pendingRequests, function(requestContext) { + requestContext.request.httpRequest.updateEndpoint(data.Endpoints[0].Address); + requestContext.callback(); + }); + delete requestQueue[cacheKeyStr]; + } + } + done(); + }); + } +} + +/** + * add api version header to endpoint operation + * @api private + */ +function addApiVersionHeader(endpointRequest) { + var api = endpointRequest.service.api; + var apiVersion = api.apiVersion; + if (apiVersion && !endpointRequest.httpRequest.headers['x-amz-api-version']) { + endpointRequest.httpRequest.headers['x-amz-api-version'] = apiVersion; + } +} + +/** + * If api call gets invalid endpoint exception, SDK should attempt to remove the invalid + * endpoint from cache. + * @api private + */ +function invalidateCachedEndpoints(response) { + var error = response.error; + var httpResponse = response.httpResponse; + if (error && + (error.code === 'InvalidEndpointException' || httpResponse.statusCode === 421) + ) { + var request = response.request; + var operations = request.service.api.operations || {}; + var inputShape = operations[request.operation] ? operations[request.operation].input : undefined; + var identifiers = marshallCustomIdentifiers(request, inputShape); + var cacheKey = getCacheKey(request); + if (Object.keys(identifiers).length > 0) { + cacheKey = util.update(cacheKey, identifiers); + if (operations[request.operation]) cacheKey.operation = operations[request.operation].name; + } + AWS.endpointCache.remove(cacheKey); + } +} + +/** + * If endpoint is explicitly configured, SDK should not do endpoint discovery in anytime. + * @param [object] client Service client object. + * @api private + */ +function hasCustomEndpoint(client) { + //if set endpoint is set for specific client, enable endpoint discovery will raise an error. + if (client._originalConfig && client._originalConfig.endpoint && client._originalConfig.endpointDiscoveryEnabled === true) { + throw util.error(new Error(), { + code: 'ConfigurationException', + message: 'Custom endpoint is supplied; endpointDiscoveryEnabled must not be true.' + }); + }; + var svcConfig = AWS.config[client.serviceIdentifier] || {}; + return Boolean(AWS.config.endpoint || svcConfig.endpoint || (client._originalConfig && client._originalConfig.endpoint)); +} + +/** + * @api private + */ +function isFalsy(value) { + return ['false', '0'].indexOf(value) >= 0; +} + +/** + * If endpoint discovery should perform for this request when no operation requires endpoint + * discovery for the given service. + * SDK performs config resolution in order like below: + * 1. If set in client configuration. + * 2. If set in env AWS_ENABLE_ENDPOINT_DISCOVERY. + * 3. If set in shared ini config file with key 'endpoint_discovery_enabled'. + * @param [object] request request object. + * @returns [boolean|undefined] if endpoint discovery config is not set in any source, this + * function returns undefined + * @api private + */ +function resolveEndpointDiscoveryConfig(request) { + var service = request.service || {}; + if (service.config.endpointDiscoveryEnabled !== undefined) { + return service.config.endpointDiscoveryEnabled; + } + + //shared ini file is only available in Node + //not to check env in browser + if (util.isBrowser()) return undefined; + + // If any of recognized endpoint discovery config env is set + for (var i = 0; i < endpointDiscoveryEnabledEnvs.length; i++) { + var env = endpointDiscoveryEnabledEnvs[i]; + if (Object.prototype.hasOwnProperty.call(process.env, env)) { + if (process.env[env] === '' || process.env[env] === undefined) { + throw util.error(new Error(), { + code: 'ConfigurationException', + message: 'environmental variable ' + env + ' cannot be set to nothing' + }); + } + return !isFalsy(process.env[env]); + } + } + + var configFile = {}; + try { + configFile = AWS.util.iniLoader ? AWS.util.iniLoader.loadFrom({ + isConfig: true, + filename: process.env[AWS.util.sharedConfigFileEnv] + }) : {}; + } catch (e) {} + var sharedFileConfig = configFile[ + process.env.AWS_PROFILE || AWS.util.defaultProfile + ] || {}; + if (Object.prototype.hasOwnProperty.call(sharedFileConfig, 'endpoint_discovery_enabled')) { + if (sharedFileConfig.endpoint_discovery_enabled === undefined) { + throw util.error(new Error(), { + code: 'ConfigurationException', + message: 'config file entry \'endpoint_discovery_enabled\' cannot be set to nothing' + }); + } + return !isFalsy(sharedFileConfig.endpoint_discovery_enabled); + } + return undefined; +} + +/** + * attach endpoint discovery logic to request object + * @param [object] request + * @api private + */ +function discoverEndpoint(request, done) { + var service = request.service || {}; + if (hasCustomEndpoint(service) || request.isPresigned()) return done(); + + var operations = service.api.operations || {}; + var operationModel = operations[request.operation]; + var isEndpointDiscoveryRequired = operationModel ? operationModel.endpointDiscoveryRequired : 'NULL'; + var isEnabled = resolveEndpointDiscoveryConfig(request); + var hasRequiredEndpointDiscovery = service.api.hasRequiredEndpointDiscovery; + if (isEnabled || hasRequiredEndpointDiscovery) { + // Once a customer enables endpoint discovery, the SDK should start appending + // the string endpoint-discovery to the user-agent on all requests. + request.httpRequest.appendToUserAgent('endpoint-discovery'); + } + switch (isEndpointDiscoveryRequired) { + case 'OPTIONAL': + if (isEnabled || hasRequiredEndpointDiscovery) { + // For a given service; if at least one operation requires endpoint discovery then the SDK must enable endpoint discovery + // by default for all operations of that service, including operations where endpoint discovery is optional. + optionalDiscoverEndpoint(request); + request.addNamedListener('INVALIDATE_CACHED_ENDPOINTS', 'extractError', invalidateCachedEndpoints); + } + done(); + break; + case 'REQUIRED': + if (isEnabled === false) { + // For a given operation; if endpoint discovery is required and it has been disabled on the SDK client, + // then the SDK must return a clear and actionable exception. + request.response.error = util.error(new Error(), { + code: 'ConfigurationException', + message: 'Endpoint Discovery is disabled but ' + service.api.className + '.' + request.operation + + '() requires it. Please check your configurations.' + }); + done(); + break; + } + request.addNamedListener('INVALIDATE_CACHED_ENDPOINTS', 'extractError', invalidateCachedEndpoints); + requiredDiscoverEndpoint(request, done); + break; + case 'NULL': + default: + done(); + break; + } +} + +module.exports = { + discoverEndpoint: discoverEndpoint, + requiredDiscoverEndpoint: requiredDiscoverEndpoint, + optionalDiscoverEndpoint: optionalDiscoverEndpoint, + marshallCustomIdentifiers: marshallCustomIdentifiers, + getCacheKey: getCacheKey, + invalidateCachedEndpoint: invalidateCachedEndpoints, +}; + + +/***/ }), + +/***/ 3000: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var eventMessageChunker = (__nccwpck_require4_(291).eventMessageChunker); +var parseEvent = (__nccwpck_require4_(7626).parseEvent); + +function createEventStream(body, parser, model) { + var eventMessages = eventMessageChunker(body); + + var events = []; + + for (var i = 0; i < eventMessages.length; i++) { + events.push(parseEvent(parser, eventMessages[i], model)); + } + + return events; +} + +/** + * @api private + */ +module.exports = { + createEventStream: createEventStream +}; + + +/***/ }), + +/***/ 7980: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var util = (__nccwpck_require4_(4741).util); +var Transform = (__nccwpck_require4_(2781).Transform); +var allocBuffer = util.buffer.alloc; + +/** @type {Transform} */ +function EventMessageChunkerStream(options) { + Transform.call(this, options); + + this.currentMessageTotalLength = 0; + this.currentMessagePendingLength = 0; + /** @type {Buffer} */ + this.currentMessage = null; + + /** @type {Buffer} */ + this.messageLengthBuffer = null; +} + +EventMessageChunkerStream.prototype = Object.create(Transform.prototype); + +/** + * + * @param {Buffer} chunk + * @param {string} encoding + * @param {*} callback + */ +EventMessageChunkerStream.prototype._transform = function(chunk, encoding, callback) { + var chunkLength = chunk.length; + var currentOffset = 0; + + while (currentOffset < chunkLength) { + // create new message if necessary + if (!this.currentMessage) { + // working on a new message, determine total length + var bytesRemaining = chunkLength - currentOffset; + // prevent edge case where total length spans 2 chunks + if (!this.messageLengthBuffer) { + this.messageLengthBuffer = allocBuffer(4); + } + var numBytesForTotal = Math.min( + 4 - this.currentMessagePendingLength, // remaining bytes to fill the messageLengthBuffer + bytesRemaining // bytes left in chunk + ); + + chunk.copy( + this.messageLengthBuffer, + this.currentMessagePendingLength, + currentOffset, + currentOffset + numBytesForTotal + ); + + this.currentMessagePendingLength += numBytesForTotal; + currentOffset += numBytesForTotal; + + if (this.currentMessagePendingLength < 4) { + // not enough information to create the current message + break; + } + this.allocateMessage(this.messageLengthBuffer.readUInt32BE(0)); + this.messageLengthBuffer = null; + } + + // write data into current message + var numBytesToWrite = Math.min( + this.currentMessageTotalLength - this.currentMessagePendingLength, // number of bytes left to complete message + chunkLength - currentOffset // number of bytes left in the original chunk + ); + chunk.copy( + this.currentMessage, // target buffer + this.currentMessagePendingLength, // target offset + currentOffset, // chunk offset + currentOffset + numBytesToWrite // chunk end to write + ); + this.currentMessagePendingLength += numBytesToWrite; + currentOffset += numBytesToWrite; + + // check if a message is ready to be pushed + if (this.currentMessageTotalLength && this.currentMessageTotalLength === this.currentMessagePendingLength) { + // push out the message + this.push(this.currentMessage); + // cleanup + this.currentMessage = null; + this.currentMessageTotalLength = 0; + this.currentMessagePendingLength = 0; + } + } + + callback(); +}; + +EventMessageChunkerStream.prototype._flush = function(callback) { + if (this.currentMessageTotalLength) { + if (this.currentMessageTotalLength === this.currentMessagePendingLength) { + callback(null, this.currentMessage); + } else { + callback(new Error('Truncated event message received.')); + } + } else { + callback(); + } +}; + +/** + * @param {number} size Size of the message to be allocated. + * @api private + */ +EventMessageChunkerStream.prototype.allocateMessage = function(size) { + if (typeof size !== 'number') { + throw new Error('Attempted to allocate an event message where size was not a number: ' + size); + } + this.currentMessageTotalLength = size; + this.currentMessagePendingLength = 4; + this.currentMessage = allocBuffer(size); + this.currentMessage.writeUInt32BE(size, 0); +}; + +/** + * @api private + */ +module.exports = { + EventMessageChunkerStream: EventMessageChunkerStream +}; + + +/***/ }), + +/***/ 291: +/***/ ((module) => { + +/** + * Takes in a buffer of event messages and splits them into individual messages. + * @param {Buffer} buffer + * @api private + */ +function eventMessageChunker(buffer) { + /** @type Buffer[] */ + var messages = []; + var offset = 0; + + while (offset < buffer.length) { + var totalLength = buffer.readInt32BE(offset); + + // create new buffer for individual message (shares memory with original) + var message = buffer.slice(offset, totalLength + offset); + // increment offset to it starts at the next message + offset += totalLength; + + messages.push(message); + } + + return messages; +} + +/** + * @api private + */ +module.exports = { + eventMessageChunker: eventMessageChunker +}; + + +/***/ }), + +/***/ 1760: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var Transform = (__nccwpck_require4_(2781).Transform); +var parseEvent = (__nccwpck_require4_(7626).parseEvent); + +/** @type {Transform} */ +function EventUnmarshallerStream(options) { + options = options || {}; + // set output to object mode + options.readableObjectMode = true; + Transform.call(this, options); + this._readableState.objectMode = true; + + this.parser = options.parser; + this.eventStreamModel = options.eventStreamModel; +} + +EventUnmarshallerStream.prototype = Object.create(Transform.prototype); + +/** + * + * @param {Buffer} chunk + * @param {string} encoding + * @param {*} callback + */ +EventUnmarshallerStream.prototype._transform = function(chunk, encoding, callback) { + try { + var event = parseEvent(this.parser, chunk, this.eventStreamModel); + this.push(event); + return callback(); + } catch (err) { + callback(err); + } +}; + +/** + * @api private + */ +module.exports = { + EventUnmarshallerStream: EventUnmarshallerStream +}; + + +/***/ }), + +/***/ 6634: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var util = (__nccwpck_require4_(4741).util); +var toBuffer = util.buffer.toBuffer; + +/** + * A lossless representation of a signed, 64-bit integer. Instances of this + * class may be used in arithmetic expressions as if they were numeric + * primitives, but the binary representation will be preserved unchanged as the + * `bytes` property of the object. The bytes should be encoded as big-endian, + * two's complement integers. + * @param {Buffer} bytes + * + * @api private + */ +function Int64(bytes) { + if (bytes.length !== 8) { + throw new Error('Int64 buffers must be exactly 8 bytes'); + } + if (!util.Buffer.isBuffer(bytes)) bytes = toBuffer(bytes); + + this.bytes = bytes; +} + +/** + * @param {number} number + * @returns {Int64} + * + * @api private + */ +Int64.fromNumber = function(number) { + if (number > 9223372036854775807 || number < -9223372036854775808) { + throw new Error( + number + ' is too large (or, if negative, too small) to represent as an Int64' + ); + } + + var bytes = new Uint8Array(8); + for ( + var i = 7, remaining = Math.abs(Math.round(number)); + i > -1 && remaining > 0; + i--, remaining /= 256 + ) { + bytes[i] = remaining; + } + + if (number < 0) { + negate(bytes); + } + + return new Int64(bytes); +}; + +/** + * @returns {number} + * + * @api private + */ +Int64.prototype.valueOf = function() { + var bytes = this.bytes.slice(0); + var negative = bytes[0] & 128; + if (negative) { + negate(bytes); + } + + return parseInt(bytes.toString('hex'), 16) * (negative ? -1 : 1); +}; + +Int64.prototype.toString = function() { + return String(this.valueOf()); +}; + +/** + * @param {Buffer} bytes + * + * @api private + */ +function negate(bytes) { + for (var i = 0; i < 8; i++) { + bytes[i] ^= 0xFF; + } + for (var i = 7; i > -1; i--) { + bytes[i]++; + if (bytes[i] !== 0) { + break; + } + } +} + +/** + * @api private + */ +module.exports = { + Int64: Int64 +}; + + +/***/ }), + +/***/ 7626: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var parseMessage = (__nccwpck_require4_(5539).parseMessage); + +/** + * + * @param {*} parser + * @param {Buffer} message + * @param {*} shape + * @api private + */ +function parseEvent(parser, message, shape) { + var parsedMessage = parseMessage(message); + + // check if message is an event or error + var messageType = parsedMessage.headers[':message-type']; + if (messageType) { + if (messageType.value === 'error') { + throw parseError(parsedMessage); + } else if (messageType.value !== 'event') { + // not sure how to parse non-events/non-errors, ignore for now + return; + } + } + + // determine event type + var eventType = parsedMessage.headers[':event-type']; + // check that the event type is modeled + var eventModel = shape.members[eventType.value]; + if (!eventModel) { + return; + } + + var result = {}; + // check if an event payload exists + var eventPayloadMemberName = eventModel.eventPayloadMemberName; + if (eventPayloadMemberName) { + var payloadShape = eventModel.members[eventPayloadMemberName]; + // if the shape is binary, return the byte array + if (payloadShape.type === 'binary') { + result[eventPayloadMemberName] = parsedMessage.body; + } else { + result[eventPayloadMemberName] = parser.parse(parsedMessage.body.toString(), payloadShape); + } + } + + // read event headers + var eventHeaderNames = eventModel.eventHeaderMemberNames; + for (var i = 0; i < eventHeaderNames.length; i++) { + var name = eventHeaderNames[i]; + if (parsedMessage.headers[name]) { + // parse the header! + result[name] = eventModel.members[name].toType(parsedMessage.headers[name].value); + } + } + + var output = {}; + output[eventType.value] = result; + return output; +} + +function parseError(message) { + var errorCode = message.headers[':error-code']; + var errorMessage = message.headers[':error-message']; + var error = new Error(errorMessage.value || errorMessage); + error.code = error.name = errorCode.value || errorCode; + return error; +} + +/** + * @api private + */ +module.exports = { + parseEvent: parseEvent +}; + + +/***/ }), + +/***/ 5539: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var Int64 = (__nccwpck_require4_(6634).Int64); + +var splitMessage = (__nccwpck_require4_(8797).splitMessage); + +var BOOLEAN_TAG = 'boolean'; +var BYTE_TAG = 'byte'; +var SHORT_TAG = 'short'; +var INT_TAG = 'integer'; +var LONG_TAG = 'long'; +var BINARY_TAG = 'binary'; +var STRING_TAG = 'string'; +var TIMESTAMP_TAG = 'timestamp'; +var UUID_TAG = 'uuid'; + +/** + * @api private + * + * @param {Buffer} headers + */ +function parseHeaders(headers) { + var out = {}; + var position = 0; + while (position < headers.length) { + var nameLength = headers.readUInt8(position++); + var name = headers.slice(position, position + nameLength).toString(); + position += nameLength; + switch (headers.readUInt8(position++)) { + case 0 /* boolTrue */: + out[name] = { + type: BOOLEAN_TAG, + value: true + }; + break; + case 1 /* boolFalse */: + out[name] = { + type: BOOLEAN_TAG, + value: false + }; + break; + case 2 /* byte */: + out[name] = { + type: BYTE_TAG, + value: headers.readInt8(position++) + }; + break; + case 3 /* short */: + out[name] = { + type: SHORT_TAG, + value: headers.readInt16BE(position) + }; + position += 2; + break; + case 4 /* integer */: + out[name] = { + type: INT_TAG, + value: headers.readInt32BE(position) + }; + position += 4; + break; + case 5 /* long */: + out[name] = { + type: LONG_TAG, + value: new Int64(headers.slice(position, position + 8)) + }; + position += 8; + break; + case 6 /* byteArray */: + var binaryLength = headers.readUInt16BE(position); + position += 2; + out[name] = { + type: BINARY_TAG, + value: headers.slice(position, position + binaryLength) + }; + position += binaryLength; + break; + case 7 /* string */: + var stringLength = headers.readUInt16BE(position); + position += 2; + out[name] = { + type: STRING_TAG, + value: headers.slice( + position, + position + stringLength + ).toString() + }; + position += stringLength; + break; + case 8 /* timestamp */: + out[name] = { + type: TIMESTAMP_TAG, + value: new Date( + new Int64(headers.slice(position, position + 8)) + .valueOf() + ) + }; + position += 8; + break; + case 9 /* uuid */: + var uuidChars = headers.slice(position, position + 16) + .toString('hex'); + position += 16; + out[name] = { + type: UUID_TAG, + value: uuidChars.substr(0, 8) + '-' + + uuidChars.substr(8, 4) + '-' + + uuidChars.substr(12, 4) + '-' + + uuidChars.substr(16, 4) + '-' + + uuidChars.substr(20) + }; + break; + default: + throw new Error('Unrecognized header type tag'); + } + } + return out; +} + +function parseMessage(message) { + var parsed = splitMessage(message); + return { headers: parseHeaders(parsed.headers), body: parsed.body }; +} + +/** + * @api private + */ +module.exports = { + parseMessage: parseMessage +}; + + +/***/ }), + +/***/ 8797: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var util = (__nccwpck_require4_(4741).util); +var toBuffer = util.buffer.toBuffer; + +// All prelude components are unsigned, 32-bit integers +var PRELUDE_MEMBER_LENGTH = 4; +// The prelude consists of two components +var PRELUDE_LENGTH = PRELUDE_MEMBER_LENGTH * 2; +// Checksums are always CRC32 hashes. +var CHECKSUM_LENGTH = 4; +// Messages must include a full prelude, a prelude checksum, and a message checksum +var MINIMUM_MESSAGE_LENGTH = PRELUDE_LENGTH + CHECKSUM_LENGTH * 2; + +/** + * @api private + * + * @param {Buffer} message + */ +function splitMessage(message) { + if (!util.Buffer.isBuffer(message)) message = toBuffer(message); + + if (message.length < MINIMUM_MESSAGE_LENGTH) { + throw new Error('Provided message too short to accommodate event stream message overhead'); + } + + if (message.length !== message.readUInt32BE(0)) { + throw new Error('Reported message length does not match received message length'); + } + + var expectedPreludeChecksum = message.readUInt32BE(PRELUDE_LENGTH); + + if ( + expectedPreludeChecksum !== util.crypto.crc32( + message.slice(0, PRELUDE_LENGTH) + ) + ) { + throw new Error( + 'The prelude checksum specified in the message (' + + expectedPreludeChecksum + + ') does not match the calculated CRC32 checksum.' + ); + } + + var expectedMessageChecksum = message.readUInt32BE(message.length - CHECKSUM_LENGTH); + + if ( + expectedMessageChecksum !== util.crypto.crc32( + message.slice(0, message.length - CHECKSUM_LENGTH) + ) + ) { + throw new Error( + 'The message checksum did not match the expected value of ' + + expectedMessageChecksum + ); + } + + var headersStart = PRELUDE_LENGTH + CHECKSUM_LENGTH; + var headersEnd = headersStart + message.readUInt32BE(PRELUDE_MEMBER_LENGTH); + + return { + headers: message.slice(headersStart, headersEnd), + body: message.slice(headersEnd, message.length - CHECKSUM_LENGTH), + }; +} + +/** + * @api private + */ +module.exports = { + splitMessage: splitMessage +}; + + +/***/ }), + +/***/ 8523: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +/** + * What is necessary to create an event stream in node? + * - http response stream + * - parser + * - event stream model + */ + +var EventMessageChunkerStream = (__nccwpck_require4_(7980).EventMessageChunkerStream); +var EventUnmarshallerStream = (__nccwpck_require4_(1760).EventUnmarshallerStream); + +function createEventStream(stream, parser, model) { + var eventStream = new EventUnmarshallerStream({ + parser: parser, + eventStreamModel: model + }); + + var eventMessageChunker = new EventMessageChunkerStream(); + + stream.pipe( + eventMessageChunker + ).pipe(eventStream); + + stream.on('error', function(err) { + eventMessageChunker.emit('error', err); + }); + + eventMessageChunker.on('error', function(err) { + eventStream.emit('error', err); + }); + + return eventStream; +} + +/** + * @api private + */ +module.exports = { + createEventStream: createEventStream +}; + + +/***/ }), + +/***/ 3091: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var SequentialExecutor = __nccwpck_require4_(5555); +var DISCOVER_ENDPOINT = (__nccwpck_require4_(9249).discoverEndpoint); +/** + * The namespace used to register global event listeners for request building + * and sending. + */ +AWS.EventListeners = { + /** + * @!attribute VALIDATE_CREDENTIALS + * A request listener that validates whether the request is being + * sent with credentials. + * Handles the {AWS.Request~validate 'validate' Request event} + * @example Sending a request without validating credentials + * var listener = AWS.EventListeners.Core.VALIDATE_CREDENTIALS; + * request.removeListener('validate', listener); + * @readonly + * @return [Function] + * @!attribute VALIDATE_REGION + * A request listener that validates whether the region is set + * for a request. + * Handles the {AWS.Request~validate 'validate' Request event} + * @example Sending a request without validating region configuration + * var listener = AWS.EventListeners.Core.VALIDATE_REGION; + * request.removeListener('validate', listener); + * @readonly + * @return [Function] + * @!attribute VALIDATE_PARAMETERS + * A request listener that validates input parameters in a request. + * Handles the {AWS.Request~validate 'validate' Request event} + * @example Sending a request without validating parameters + * var listener = AWS.EventListeners.Core.VALIDATE_PARAMETERS; + * request.removeListener('validate', listener); + * @example Disable parameter validation globally + * AWS.EventListeners.Core.removeListener('validate', + * AWS.EventListeners.Core.VALIDATE_REGION); + * @readonly + * @return [Function] + * @!attribute SEND + * A request listener that initiates the HTTP connection for a + * request being sent. Handles the {AWS.Request~send 'send' Request event} + * @example Replacing the HTTP handler + * var listener = AWS.EventListeners.Core.SEND; + * request.removeListener('send', listener); + * request.on('send', function(response) { + * customHandler.send(response); + * }); + * @return [Function] + * @readonly + * @!attribute HTTP_DATA + * A request listener that reads data from the HTTP connection in order + * to build the response data. + * Handles the {AWS.Request~httpData 'httpData' Request event}. + * Remove this handler if you are overriding the 'httpData' event and + * do not want extra data processing and buffering overhead. + * @example Disabling default data processing + * var listener = AWS.EventListeners.Core.HTTP_DATA; + * request.removeListener('httpData', listener); + * @return [Function] + * @readonly + */ + Core: {} /* doc hack */ +}; + +/** + * @api private + */ +function getOperationAuthtype(req) { + if (!req.service.api.operations) { + return ''; + } + var operation = req.service.api.operations[req.operation]; + return operation ? operation.authtype : ''; +} + +AWS.EventListeners = { + Core: new SequentialExecutor().addNamedListeners(function(add, addAsync) { + addAsync('VALIDATE_CREDENTIALS', 'validate', + function VALIDATE_CREDENTIALS(req, done) { + if (!req.service.api.signatureVersion && !req.service.config.signatureVersion) return done(); // none + req.service.config.getCredentials(function(err) { + if (err) { + req.response.error = AWS.util.error(err, + {code: 'CredentialsError', message: 'Missing credentials in config, if using AWS_CONFIG_FILE, set AWS_SDK_LOAD_CONFIG=1'}); + } + done(); + }); + }); + + add('VALIDATE_REGION', 'validate', function VALIDATE_REGION(req) { + if (!req.service.isGlobalEndpoint) { + var dnsHostRegex = new RegExp(/^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]{0,61}[a-zA-Z0-9])$/); + if (!req.service.config.region) { + req.response.error = AWS.util.error(new Error(), + {code: 'ConfigError', message: 'Missing region in config'}); + } else if (!dnsHostRegex.test(req.service.config.region)) { + req.response.error = AWS.util.error(new Error(), + {code: 'ConfigError', message: 'Invalid region in config'}); + } + } + }); + + add('BUILD_IDEMPOTENCY_TOKENS', 'validate', function BUILD_IDEMPOTENCY_TOKENS(req) { + if (!req.service.api.operations) { + return; + } + var operation = req.service.api.operations[req.operation]; + if (!operation) { + return; + } + var idempotentMembers = operation.idempotentMembers; + if (!idempotentMembers.length) { + return; + } + // creates a copy of params so user's param object isn't mutated + var params = AWS.util.copy(req.params); + for (var i = 0, iLen = idempotentMembers.length; i < iLen; i++) { + if (!params[idempotentMembers[i]]) { + // add the member + params[idempotentMembers[i]] = AWS.util.uuid.v4(); + } + } + req.params = params; + }); + + add('VALIDATE_PARAMETERS', 'validate', function VALIDATE_PARAMETERS(req) { + if (!req.service.api.operations) { + return; + } + var rules = req.service.api.operations[req.operation].input; + var validation = req.service.config.paramValidation; + new AWS.ParamValidator(validation).validate(rules, req.params); + }); + + add('COMPUTE_CHECKSUM', 'afterBuild', function COMPUTE_CHECKSUM(req) { + if (!req.service.api.operations) { + return; + } + var operation = req.service.api.operations[req.operation]; + if (!operation) { + return; + } + var body = req.httpRequest.body; + var isNonStreamingPayload = body && (AWS.util.Buffer.isBuffer(body) || typeof body === 'string'); + var headers = req.httpRequest.headers; + if ( + operation.httpChecksumRequired && + req.service.config.computeChecksums && + isNonStreamingPayload && + !headers['Content-MD5'] + ) { + var md5 = AWS.util.crypto.md5(body, 'base64'); + headers['Content-MD5'] = md5; + } + }); + + addAsync('COMPUTE_SHA256', 'afterBuild', function COMPUTE_SHA256(req, done) { + req.haltHandlersOnError(); + if (!req.service.api.operations) { + return; + } + var operation = req.service.api.operations[req.operation]; + var authtype = operation ? operation.authtype : ''; + if (!req.service.api.signatureVersion && !authtype && !req.service.config.signatureVersion) return done(); // none + if (req.service.getSignerClass(req) === AWS.Signers.V4) { + var body = req.httpRequest.body || ''; + if (authtype.indexOf('unsigned-body') >= 0) { + req.httpRequest.headers['X-Amz-Content-Sha256'] = 'UNSIGNED-PAYLOAD'; + return done(); + } + AWS.util.computeSha256(body, function(err, sha) { + if (err) { + done(err); + } + else { + req.httpRequest.headers['X-Amz-Content-Sha256'] = sha; + done(); + } + }); + } else { + done(); + } + }); + + add('SET_CONTENT_LENGTH', 'afterBuild', function SET_CONTENT_LENGTH(req) { + var authtype = getOperationAuthtype(req); + var payloadMember = AWS.util.getRequestPayloadShape(req); + if (req.httpRequest.headers['Content-Length'] === undefined) { + try { + var length = AWS.util.string.byteLength(req.httpRequest.body); + req.httpRequest.headers['Content-Length'] = length; + } catch (err) { + if (payloadMember && payloadMember.isStreaming) { + if (payloadMember.requiresLength) { + //streaming payload requires length(s3, glacier) + throw err; + } else if (authtype.indexOf('unsigned-body') >= 0) { + //unbounded streaming payload(lex, mediastore) + req.httpRequest.headers['Transfer-Encoding'] = 'chunked'; + return; + } else { + throw err; + } + } + throw err; + } + } + }); + + add('SET_HTTP_HOST', 'afterBuild', function SET_HTTP_HOST(req) { + req.httpRequest.headers['Host'] = req.httpRequest.endpoint.host; + }); + + add('SET_TRACE_ID', 'afterBuild', function SET_TRACE_ID(req) { + var traceIdHeaderName = 'X-Amzn-Trace-Id'; + if (AWS.util.isNode() && !Object.hasOwnProperty.call(req.httpRequest.headers, traceIdHeaderName)) { + var ENV_LAMBDA_FUNCTION_NAME = 'AWS_LAMBDA_FUNCTION_NAME'; + var ENV_TRACE_ID = '_X_AMZN_TRACE_ID'; + var functionName = process.env[ENV_LAMBDA_FUNCTION_NAME]; + var traceId = process.env[ENV_TRACE_ID]; + if ( + typeof functionName === 'string' && + functionName.length > 0 && + typeof traceId === 'string' && + traceId.length > 0 + ) { + req.httpRequest.headers[traceIdHeaderName] = traceId; + } + } + }); + + add('RESTART', 'restart', function RESTART() { + var err = this.response.error; + if (!err || !err.retryable) return; + + this.httpRequest = new AWS.HttpRequest( + this.service.endpoint, + this.service.region + ); + + if (this.response.retryCount < this.service.config.maxRetries) { + this.response.retryCount++; + } else { + this.response.error = null; + } + }); + + var addToHead = true; + addAsync('DISCOVER_ENDPOINT', 'sign', DISCOVER_ENDPOINT, addToHead); + + addAsync('SIGN', 'sign', function SIGN(req, done) { + var service = req.service; + var operations = req.service.api.operations || {}; + var operation = operations[req.operation]; + var authtype = operation ? operation.authtype : ''; + if (!service.api.signatureVersion && !authtype && !service.config.signatureVersion) return done(); // none + + if (authtype === 'bearer' || service.config.signatureVersion === 'bearer') { + service.config.getToken(function (err, token) { + if (err) { + req.response.error = err; + return done(); + } + + try { + var SignerClass = service.getSignerClass(req); + var signer = new SignerClass(req.httpRequest); + signer.addAuthorization(token); + } catch (e) { + req.response.error = e; + } + done(); + }); + } else { + service.config.getCredentials(function (err, credentials) { + if (err) { + req.response.error = err; + return done(); + } + + try { + var date = service.getSkewCorrectedDate(); + var SignerClass = service.getSignerClass(req); + var signer = new SignerClass(req.httpRequest, + service.getSigningName(req), + { + signatureCache: service.config.signatureCache, + operation: operation, + signatureVersion: service.api.signatureVersion + }); + signer.setServiceClientId(service._clientId); + + // clear old authorization headers + delete req.httpRequest.headers['Authorization']; + delete req.httpRequest.headers['Date']; + delete req.httpRequest.headers['X-Amz-Date']; + + // add new authorization + signer.addAuthorization(credentials, date); + req.signedAt = date; + } catch (e) { + req.response.error = e; + } + done(); + }); + + } + }); + + add('VALIDATE_RESPONSE', 'validateResponse', function VALIDATE_RESPONSE(resp) { + if (this.service.successfulResponse(resp, this)) { + resp.data = {}; + resp.error = null; + } else { + resp.data = null; + resp.error = AWS.util.error(new Error(), + {code: 'UnknownError', message: 'An unknown error occurred.'}); + } + }); + + add('ERROR', 'error', function ERROR(err, resp) { + var errorCodeMapping = resp.request.service.api.errorCodeMapping; + if (errorCodeMapping && err && err.code) { + var mapping = errorCodeMapping[err.code]; + if (mapping) { + resp.error.code = mapping.code; + } + } + }, true); + + addAsync('SEND', 'send', function SEND(resp, done) { + resp.httpResponse._abortCallback = done; + resp.error = null; + resp.data = null; + + function callback(httpResp) { + resp.httpResponse.stream = httpResp; + var stream = resp.request.httpRequest.stream; + var service = resp.request.service; + var api = service.api; + var operationName = resp.request.operation; + var operation = api.operations[operationName] || {}; + + httpResp.on('headers', function onHeaders(statusCode, headers, statusMessage) { + resp.request.emit( + 'httpHeaders', + [statusCode, headers, resp, statusMessage] + ); + + if (!resp.httpResponse.streaming) { + if (AWS.HttpClient.streamsApiVersion === 2) { // streams2 API check + // if we detect event streams, we're going to have to + // return the stream immediately + if (operation.hasEventOutput && service.successfulResponse(resp)) { + // skip reading the IncomingStream + resp.request.emit('httpDone'); + done(); + return; + } + + httpResp.on('readable', function onReadable() { + var data = httpResp.read(); + if (data !== null) { + resp.request.emit('httpData', [data, resp]); + } + }); + } else { // legacy streams API + httpResp.on('data', function onData(data) { + resp.request.emit('httpData', [data, resp]); + }); + } + } + }); + + httpResp.on('end', function onEnd() { + if (!stream || !stream.didCallback) { + if (AWS.HttpClient.streamsApiVersion === 2 && (operation.hasEventOutput && service.successfulResponse(resp))) { + // don't concatenate response chunks when streaming event stream data when response is successful + return; + } + resp.request.emit('httpDone'); + done(); + } + }); + } + + function progress(httpResp) { + httpResp.on('sendProgress', function onSendProgress(value) { + resp.request.emit('httpUploadProgress', [value, resp]); + }); + + httpResp.on('receiveProgress', function onReceiveProgress(value) { + resp.request.emit('httpDownloadProgress', [value, resp]); + }); + } + + function error(err) { + if (err.code !== 'RequestAbortedError') { + var errCode = err.code === 'TimeoutError' ? err.code : 'NetworkingError'; + err = AWS.util.error(err, { + code: errCode, + region: resp.request.httpRequest.region, + hostname: resp.request.httpRequest.endpoint.hostname, + retryable: true + }); + } + resp.error = err; + resp.request.emit('httpError', [resp.error, resp], function() { + done(); + }); + } + + function executeSend() { + var http = AWS.HttpClient.getInstance(); + var httpOptions = resp.request.service.config.httpOptions || {}; + try { + var stream = http.handleRequest(resp.request.httpRequest, httpOptions, + callback, error); + progress(stream); + } catch (err) { + error(err); + } + } + var timeDiff = (resp.request.service.getSkewCorrectedDate() - this.signedAt) / 1000; + if (timeDiff >= 60 * 10) { // if we signed 10min ago, re-sign + this.emit('sign', [this], function(err) { + if (err) done(err); + else executeSend(); + }); + } else { + executeSend(); + } + }); + + add('HTTP_HEADERS', 'httpHeaders', + function HTTP_HEADERS(statusCode, headers, resp, statusMessage) { + resp.httpResponse.statusCode = statusCode; + resp.httpResponse.statusMessage = statusMessage; + resp.httpResponse.headers = headers; + resp.httpResponse.body = AWS.util.buffer.toBuffer(''); + resp.httpResponse.buffers = []; + resp.httpResponse.numBytes = 0; + var dateHeader = headers.date || headers.Date; + var service = resp.request.service; + if (dateHeader) { + var serverTime = Date.parse(dateHeader); + if (service.config.correctClockSkew + && service.isClockSkewed(serverTime)) { + service.applyClockOffset(serverTime); + } + } + }); + + add('HTTP_DATA', 'httpData', function HTTP_DATA(chunk, resp) { + if (chunk) { + if (AWS.util.isNode()) { + resp.httpResponse.numBytes += chunk.length; + + var total = resp.httpResponse.headers['content-length']; + var progress = { loaded: resp.httpResponse.numBytes, total: total }; + resp.request.emit('httpDownloadProgress', [progress, resp]); + } + + resp.httpResponse.buffers.push(AWS.util.buffer.toBuffer(chunk)); + } + }); + + add('HTTP_DONE', 'httpDone', function HTTP_DONE(resp) { + // convert buffers array into single buffer + if (resp.httpResponse.buffers && resp.httpResponse.buffers.length > 0) { + var body = AWS.util.buffer.concat(resp.httpResponse.buffers); + resp.httpResponse.body = body; + } + delete resp.httpResponse.numBytes; + delete resp.httpResponse.buffers; + }); + + add('FINALIZE_ERROR', 'retry', function FINALIZE_ERROR(resp) { + if (resp.httpResponse.statusCode) { + resp.error.statusCode = resp.httpResponse.statusCode; + if (resp.error.retryable === undefined) { + resp.error.retryable = this.service.retryableError(resp.error, this); + } + } + }); + + add('INVALIDATE_CREDENTIALS', 'retry', function INVALIDATE_CREDENTIALS(resp) { + if (!resp.error) return; + switch (resp.error.code) { + case 'RequestExpired': // EC2 only + case 'ExpiredTokenException': + case 'ExpiredToken': + resp.error.retryable = true; + resp.request.service.config.credentials.expired = true; + } + }); + + add('EXPIRED_SIGNATURE', 'retry', function EXPIRED_SIGNATURE(resp) { + var err = resp.error; + if (!err) return; + if (typeof err.code === 'string' && typeof err.message === 'string') { + if (err.code.match(/Signature/) && err.message.match(/expired/)) { + resp.error.retryable = true; + } + } + }); + + add('CLOCK_SKEWED', 'retry', function CLOCK_SKEWED(resp) { + if (!resp.error) return; + if (this.service.clockSkewError(resp.error) + && this.service.config.correctClockSkew) { + resp.error.retryable = true; + } + }); + + add('REDIRECT', 'retry', function REDIRECT(resp) { + if (resp.error && resp.error.statusCode >= 300 && + resp.error.statusCode < 400 && resp.httpResponse.headers['location']) { + this.httpRequest.endpoint = + new AWS.Endpoint(resp.httpResponse.headers['location']); + this.httpRequest.headers['Host'] = this.httpRequest.endpoint.host; + resp.error.redirect = true; + resp.error.retryable = true; + } + }); + + add('RETRY_CHECK', 'retry', function RETRY_CHECK(resp) { + if (resp.error) { + if (resp.error.redirect && resp.redirectCount < resp.maxRedirects) { + resp.error.retryDelay = 0; + } else if (resp.retryCount < resp.maxRetries) { + resp.error.retryDelay = this.service.retryDelays(resp.retryCount, resp.error) || 0; + } + } + }); + + addAsync('RESET_RETRY_STATE', 'afterRetry', function RESET_RETRY_STATE(resp, done) { + var delay, willRetry = false; + + if (resp.error) { + delay = resp.error.retryDelay || 0; + if (resp.error.retryable && resp.retryCount < resp.maxRetries) { + resp.retryCount++; + willRetry = true; + } else if (resp.error.redirect && resp.redirectCount < resp.maxRedirects) { + resp.redirectCount++; + willRetry = true; + } + } + + // delay < 0 is a signal from customBackoff to skip retries + if (willRetry && delay >= 0) { + resp.error = null; + setTimeout(done, delay); + } else { + done(); + } + }); + }), + + CorePost: new SequentialExecutor().addNamedListeners(function(add) { + add('EXTRACT_REQUEST_ID', 'extractData', AWS.util.extractRequestId); + add('EXTRACT_REQUEST_ID', 'extractError', AWS.util.extractRequestId); + + add('ENOTFOUND_ERROR', 'httpError', function ENOTFOUND_ERROR(err) { + function isDNSError(err) { + return err.errno === 'ENOTFOUND' || + typeof err.errno === 'number' && + typeof AWS.util.getSystemErrorName === 'function' && + ['EAI_NONAME', 'EAI_NODATA'].indexOf(AWS.util.getSystemErrorName(err.errno) >= 0); + } + if (err.code === 'NetworkingError' && isDNSError(err)) { + var message = 'Inaccessible host: `' + err.hostname + '\' at port `' + err.port + + '\'. This service may not be available in the `' + err.region + + '\' region.'; + this.response.error = AWS.util.error(new Error(message), { + code: 'UnknownEndpoint', + region: err.region, + hostname: err.hostname, + retryable: true, + originalError: err + }); + } + }); + }), + + Logger: new SequentialExecutor().addNamedListeners(function(add) { + add('LOG_REQUEST', 'complete', function LOG_REQUEST(resp) { + var req = resp.request; + var logger = req.service.config.logger; + if (!logger) return; + function filterSensitiveLog(inputShape, shape) { + if (!shape) { + return shape; + } + if (inputShape.isSensitive) { + return '***SensitiveInformation***'; + } + switch (inputShape.type) { + case 'structure': + var struct = {}; + AWS.util.each(shape, function(subShapeName, subShape) { + if (Object.prototype.hasOwnProperty.call(inputShape.members, subShapeName)) { + struct[subShapeName] = filterSensitiveLog(inputShape.members[subShapeName], subShape); + } else { + struct[subShapeName] = subShape; + } + }); + return struct; + case 'list': + var list = []; + AWS.util.arrayEach(shape, function(subShape, index) { + list.push(filterSensitiveLog(inputShape.member, subShape)); + }); + return list; + case 'map': + var map = {}; + AWS.util.each(shape, function(key, value) { + map[key] = filterSensitiveLog(inputShape.value, value); + }); + return map; + default: + return shape; + } + } + + function buildMessage() { + var time = resp.request.service.getSkewCorrectedDate().getTime(); + var delta = (time - req.startTime.getTime()) / 1000; + var ansi = logger.isTTY ? true : false; + var status = resp.httpResponse.statusCode; + var censoredParams = req.params; + if ( + req.service.api.operations && + req.service.api.operations[req.operation] && + req.service.api.operations[req.operation].input + ) { + var inputShape = req.service.api.operations[req.operation].input; + censoredParams = filterSensitiveLog(inputShape, req.params); + } + var params = (__nccwpck_require4_(3837).inspect)(censoredParams, true, null); + var message = ''; + if (ansi) message += '\x1B[33m'; + message += '[AWS ' + req.service.serviceIdentifier + ' ' + status; + message += ' ' + delta.toString() + 's ' + resp.retryCount + ' retries]'; + if (ansi) message += '\x1B[0;1m'; + message += ' ' + AWS.util.string.lowerFirst(req.operation); + message += '(' + params + ')'; + if (ansi) message += '\x1B[0m'; + return message; + } + + var line = buildMessage(); + if (typeof logger.log === 'function') { + logger.log(line); + } else if (typeof logger.write === 'function') { + logger.write(line + '\n'); + } + }); + }), + + Json: new SequentialExecutor().addNamedListeners(function(add) { + var svc = __nccwpck_require4_(7372); + add('BUILD', 'build', svc.buildRequest); + add('EXTRACT_DATA', 'extractData', svc.extractData); + add('EXTRACT_ERROR', 'extractError', svc.extractError); + }), + + Rest: new SequentialExecutor().addNamedListeners(function(add) { + var svc = __nccwpck_require4_(9008); + add('BUILD', 'build', svc.buildRequest); + add('EXTRACT_DATA', 'extractData', svc.extractData); + add('EXTRACT_ERROR', 'extractError', svc.extractError); + }), + + RestJson: new SequentialExecutor().addNamedListeners(function(add) { + var svc = __nccwpck_require4_(4839); + add('BUILD', 'build', svc.buildRequest); + add('EXTRACT_DATA', 'extractData', svc.extractData); + add('EXTRACT_ERROR', 'extractError', svc.extractError); + }), + + RestXml: new SequentialExecutor().addNamedListeners(function(add) { + var svc = __nccwpck_require4_(8932); + add('BUILD', 'build', svc.buildRequest); + add('EXTRACT_DATA', 'extractData', svc.extractData); + add('EXTRACT_ERROR', 'extractError', svc.extractError); + }), + + Query: new SequentialExecutor().addNamedListeners(function(add) { + var svc = __nccwpck_require4_(6556); + add('BUILD', 'build', svc.buildRequest); + add('EXTRACT_DATA', 'extractData', svc.extractData); + add('EXTRACT_ERROR', 'extractError', svc.extractError); + }) +}; + + +/***/ }), + +/***/ 2574: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var inherit = AWS.util.inherit; + +/** + * The endpoint that a service will talk to, for example, + * `'https://ec2.ap-southeast-1.amazonaws.com'`. If + * you need to override an endpoint for a service, you can + * set the endpoint on a service by passing the endpoint + * object with the `endpoint` option key: + * + * ```javascript + * var ep = new AWS.Endpoint('awsproxy.example.com'); + * var s3 = new AWS.S3({endpoint: ep}); + * s3.service.endpoint.hostname == 'awsproxy.example.com' + * ``` + * + * Note that if you do not specify a protocol, the protocol will + * be selected based on your current {AWS.config} configuration. + * + * @!attribute protocol + * @return [String] the protocol (http or https) of the endpoint + * URL + * @!attribute hostname + * @return [String] the host portion of the endpoint, e.g., + * example.com + * @!attribute host + * @return [String] the host portion of the endpoint including + * the port, e.g., example.com:80 + * @!attribute port + * @return [Integer] the port of the endpoint + * @!attribute href + * @return [String] the full URL of the endpoint + */ +AWS.Endpoint = inherit({ + + /** + * @overload Endpoint(endpoint) + * Constructs a new endpoint given an endpoint URL. If the + * URL omits a protocol (http or https), the default protocol + * set in the global {AWS.config} will be used. + * @param endpoint [String] the URL to construct an endpoint from + */ + constructor: function Endpoint(endpoint, config) { + AWS.util.hideProperties(this, ['slashes', 'auth', 'hash', 'search', 'query']); + + if (typeof endpoint === 'undefined' || endpoint === null) { + throw new Error('Invalid endpoint: ' + endpoint); + } else if (typeof endpoint !== 'string') { + return AWS.util.copy(endpoint); + } + + if (!endpoint.match(/^http/)) { + var useSSL = config && config.sslEnabled !== undefined ? + config.sslEnabled : AWS.config.sslEnabled; + endpoint = (useSSL ? 'https' : 'http') + '://' + endpoint; + } + + AWS.util.update(this, AWS.util.urlParse(endpoint)); + + // Ensure the port property is set as an integer + if (this.port) { + this.port = parseInt(this.port, 10); + } else { + this.port = this.protocol === 'https:' ? 443 : 80; + } + } + +}); + +/** + * The low level HTTP request object, encapsulating all HTTP header + * and body data sent by a service request. + * + * @!attribute method + * @return [String] the HTTP method of the request + * @!attribute path + * @return [String] the path portion of the URI, e.g., + * "/list/?start=5&num=10" + * @!attribute headers + * @return [map] + * a map of header keys and their respective values + * @!attribute body + * @return [String] the request body payload + * @!attribute endpoint + * @return [AWS.Endpoint] the endpoint for the request + * @!attribute region + * @api private + * @return [String] the region, for signing purposes only. + */ +AWS.HttpRequest = inherit({ + + /** + * @api private + */ + constructor: function HttpRequest(endpoint, region) { + endpoint = new AWS.Endpoint(endpoint); + this.method = 'POST'; + this.path = endpoint.path || '/'; + this.headers = {}; + this.body = ''; + this.endpoint = endpoint; + this.region = region; + this._userAgent = ''; + this.setUserAgent(); + }, + + /** + * @api private + */ + setUserAgent: function setUserAgent() { + this._userAgent = this.headers[this.getUserAgentHeaderName()] = AWS.util.userAgent(); + }, + + getUserAgentHeaderName: function getUserAgentHeaderName() { + var prefix = AWS.util.isBrowser() ? 'X-Amz-' : ''; + return prefix + 'User-Agent'; + }, + + /** + * @api private + */ + appendToUserAgent: function appendToUserAgent(agentPartial) { + if (typeof agentPartial === 'string' && agentPartial) { + this._userAgent += ' ' + agentPartial; + } + this.headers[this.getUserAgentHeaderName()] = this._userAgent; + }, + + /** + * @api private + */ + getUserAgent: function getUserAgent() { + return this._userAgent; + }, + + /** + * @return [String] the part of the {path} excluding the + * query string + */ + pathname: function pathname() { + return this.path.split('?', 1)[0]; + }, + + /** + * @return [String] the query string portion of the {path} + */ + search: function search() { + var query = this.path.split('?', 2)[1]; + if (query) { + query = AWS.util.queryStringParse(query); + return AWS.util.queryParamsToString(query); + } + return ''; + }, + + /** + * @api private + * update httpRequest endpoint with endpoint string + */ + updateEndpoint: function updateEndpoint(endpointStr) { + var newEndpoint = new AWS.Endpoint(endpointStr); + this.endpoint = newEndpoint; + this.path = newEndpoint.path || '/'; + if (this.headers['Host']) { + this.headers['Host'] = newEndpoint.host; + } + } +}); + +/** + * The low level HTTP response object, encapsulating all HTTP header + * and body data returned from the request. + * + * @!attribute statusCode + * @return [Integer] the HTTP status code of the response (e.g., 200, 404) + * @!attribute headers + * @return [map] + * a map of response header keys and their respective values + * @!attribute body + * @return [String] the response body payload + * @!attribute [r] streaming + * @return [Boolean] whether this response is being streamed at a low-level. + * Defaults to `false` (buffered reads). Do not modify this manually, use + * {createUnbufferedStream} to convert the stream to unbuffered mode + * instead. + */ +AWS.HttpResponse = inherit({ + + /** + * @api private + */ + constructor: function HttpResponse() { + this.statusCode = undefined; + this.headers = {}; + this.body = undefined; + this.streaming = false; + this.stream = null; + }, + + /** + * Disables buffering on the HTTP response and returns the stream for reading. + * @return [Stream, XMLHttpRequest, null] the underlying stream object. + * Use this object to directly read data off of the stream. + * @note This object is only available after the {AWS.Request~httpHeaders} + * event has fired. This method must be called prior to + * {AWS.Request~httpData}. + * @example Taking control of a stream + * request.on('httpHeaders', function(statusCode, headers) { + * if (statusCode < 300) { + * if (headers.etag === 'xyz') { + * // pipe the stream, disabling buffering + * var stream = this.response.httpResponse.createUnbufferedStream(); + * stream.pipe(process.stdout); + * } else { // abort this request and set a better error message + * this.abort(); + * this.response.error = new Error('Invalid ETag'); + * } + * } + * }).send(console.log); + */ + createUnbufferedStream: function createUnbufferedStream() { + this.streaming = true; + return this.stream; + } +}); + + +AWS.HttpClient = inherit({}); + +/** + * @api private + */ +AWS.HttpClient.getInstance = function getInstance() { + if (this.singleton === undefined) { + this.singleton = new this(); + } + return this.singleton; +}; + + +/***/ }), + +/***/ 773: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var Stream = AWS.util.stream.Stream; +var TransformStream = AWS.util.stream.Transform; +var ReadableStream = AWS.util.stream.Readable; +__nccwpck_require4_(2574); +var CONNECTION_REUSE_ENV_NAME = 'AWS_NODEJS_CONNECTION_REUSE_ENABLED'; + +/** + * @api private + */ +AWS.NodeHttpClient = AWS.util.inherit({ + handleRequest: function handleRequest(httpRequest, httpOptions, callback, errCallback) { + var self = this; + var endpoint = httpRequest.endpoint; + var pathPrefix = ''; + if (!httpOptions) httpOptions = {}; + if (httpOptions.proxy) { + pathPrefix = endpoint.protocol + '//' + endpoint.hostname; + if (endpoint.port !== 80 && endpoint.port !== 443) { + pathPrefix += ':' + endpoint.port; + } + endpoint = new AWS.Endpoint(httpOptions.proxy); + } + + var useSSL = endpoint.protocol === 'https:'; + var http = useSSL ? __nccwpck_require4_(5687) : __nccwpck_require4_(3685); + var options = { + host: endpoint.hostname, + port: endpoint.port, + method: httpRequest.method, + headers: httpRequest.headers, + path: pathPrefix + httpRequest.path + }; + + if (!httpOptions.agent) { + options.agent = this.getAgent(useSSL, { + keepAlive: process.env[CONNECTION_REUSE_ENV_NAME] === '1' ? true : false + }); + } + + AWS.util.update(options, httpOptions); + delete options.proxy; // proxy isn't an HTTP option + delete options.timeout; // timeout isn't an HTTP option + + var stream = http.request(options, function (httpResp) { + if (stream.didCallback) return; + + callback(httpResp); + httpResp.emit( + 'headers', + httpResp.statusCode, + httpResp.headers, + httpResp.statusMessage + ); + }); + httpRequest.stream = stream; // attach stream to httpRequest + stream.didCallback = false; + + // connection timeout support + if (httpOptions.connectTimeout) { + var connectTimeoutId; + stream.on('socket', function(socket) { + if (socket.connecting) { + connectTimeoutId = setTimeout(function connectTimeout() { + if (stream.didCallback) return; stream.didCallback = true; + + stream.abort(); + errCallback(AWS.util.error( + new Error('Socket timed out without establishing a connection'), + {code: 'TimeoutError'} + )); + }, httpOptions.connectTimeout); + socket.on('connect', function() { + clearTimeout(connectTimeoutId); + connectTimeoutId = null; + }); + } + }); + } + + // timeout support + stream.setTimeout(httpOptions.timeout || 0, function() { + if (stream.didCallback) return; stream.didCallback = true; + + var msg = 'Connection timed out after ' + httpOptions.timeout + 'ms'; + errCallback(AWS.util.error(new Error(msg), {code: 'TimeoutError'})); + stream.abort(); + }); + + stream.on('error', function(err) { + if (connectTimeoutId) { + clearTimeout(connectTimeoutId); + connectTimeoutId = null; + } + if (stream.didCallback) return; stream.didCallback = true; + if ('ECONNRESET' === err.code || 'EPIPE' === err.code || 'ETIMEDOUT' === err.code) { + errCallback(AWS.util.error(err, {code: 'TimeoutError'})); + } else { + errCallback(err); + } + }); + + var expect = httpRequest.headers.Expect || httpRequest.headers.expect; + if (expect === '100-continue') { + stream.once('continue', function() { + self.writeBody(stream, httpRequest); + }); + } else { + this.writeBody(stream, httpRequest); + } + + return stream; + }, + + writeBody: function writeBody(stream, httpRequest) { + var body = httpRequest.body; + var totalBytes = parseInt(httpRequest.headers['Content-Length'], 10); + + if (body instanceof Stream) { + // For progress support of streaming content - + // pipe the data through a transform stream to emit 'sendProgress' events + var progressStream = this.progressStream(stream, totalBytes); + if (progressStream) { + body.pipe(progressStream).pipe(stream); + } else { + body.pipe(stream); + } + } else if (body) { + // The provided body is a buffer/string and is already fully available in memory - + // For performance it's best to send it as a whole by calling stream.end(body), + // Callers expect a 'sendProgress' event which is best emitted once + // the http request stream has been fully written and all data flushed. + // The use of totalBytes is important over body.length for strings where + // length is char length and not byte length. + stream.once('finish', function() { + stream.emit('sendProgress', { + loaded: totalBytes, + total: totalBytes + }); + }); + stream.end(body); + } else { + // no request body + stream.end(); + } + }, + + /** + * Create the https.Agent or http.Agent according to the request schema. + */ + getAgent: function getAgent(useSSL, agentOptions) { + var http = useSSL ? __nccwpck_require4_(5687) : __nccwpck_require4_(3685); + if (useSSL) { + if (!AWS.NodeHttpClient.sslAgent) { + AWS.NodeHttpClient.sslAgent = new http.Agent(AWS.util.merge({ + rejectUnauthorized: process.env.NODE_TLS_REJECT_UNAUTHORIZED === '0' ? false : true + }, agentOptions || {})); + AWS.NodeHttpClient.sslAgent.setMaxListeners(0); + + // delegate maxSockets to globalAgent, set a default limit of 50 if current value is Infinity. + // Users can bypass this default by supplying their own Agent as part of SDK configuration. + Object.defineProperty(AWS.NodeHttpClient.sslAgent, 'maxSockets', { + enumerable: true, + get: function() { + var defaultMaxSockets = 50; + var globalAgent = http.globalAgent; + if (globalAgent && globalAgent.maxSockets !== Infinity && typeof globalAgent.maxSockets === 'number') { + return globalAgent.maxSockets; + } + return defaultMaxSockets; + } + }); + } + return AWS.NodeHttpClient.sslAgent; + } else { + if (!AWS.NodeHttpClient.agent) { + AWS.NodeHttpClient.agent = new http.Agent(agentOptions); + } + return AWS.NodeHttpClient.agent; + } + }, + + progressStream: function progressStream(stream, totalBytes) { + if (typeof TransformStream === 'undefined') { + // for node 0.8 there is no streaming progress + return; + } + var loadedBytes = 0; + var reporter = new TransformStream(); + reporter._transform = function(chunk, encoding, callback) { + if (chunk) { + loadedBytes += chunk.length; + stream.emit('sendProgress', { + loaded: loadedBytes, + total: totalBytes + }); + } + callback(null, chunk); + }; + return reporter; + }, + + emitter: null +}); + +/** + * @!ignore + */ + +/** + * @api private + */ +AWS.HttpClient.prototype = AWS.NodeHttpClient.prototype; + +/** + * @api private + */ +AWS.HttpClient.streamsApiVersion = ReadableStream ? 2 : 1; + + +/***/ }), + +/***/ 4387: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var util = __nccwpck_require4_(3956); + +function JsonBuilder() { } + +JsonBuilder.prototype.build = function(value, shape) { + return JSON.stringify(translate(value, shape)); +}; + +function translate(value, shape) { + if (!shape || value === undefined || value === null) return undefined; + + switch (shape.type) { + case 'structure': return translateStructure(value, shape); + case 'map': return translateMap(value, shape); + case 'list': return translateList(value, shape); + default: return translateScalar(value, shape); + } +} + +function translateStructure(structure, shape) { + if (shape.isDocument) { + return structure; + } + var struct = {}; + util.each(structure, function(name, value) { + var memberShape = shape.members[name]; + if (memberShape) { + if (memberShape.location !== 'body') return; + var locationName = memberShape.isLocationName ? memberShape.name : name; + var result = translate(value, memberShape); + if (result !== undefined) struct[locationName] = result; + } + }); + return struct; +} + +function translateList(list, shape) { + var out = []; + util.arrayEach(list, function(value) { + var result = translate(value, shape.member); + if (result !== undefined) out.push(result); + }); + return out; +} + +function translateMap(map, shape) { + var out = {}; + util.each(map, function(key, value) { + var result = translate(value, shape.value); + if (result !== undefined) out[key] = result; + }); + return out; +} + +function translateScalar(value, shape) { + return shape.toWireFormat(value); +} + +/** + * @api private + */ +module.exports = JsonBuilder; + + +/***/ }), + +/***/ 1039: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var util = __nccwpck_require4_(3956); + +function JsonParser() { } + +JsonParser.prototype.parse = function(value, shape) { + return translate(JSON.parse(value), shape); +}; + +function translate(value, shape) { + if (!shape || value === undefined) return undefined; + + switch (shape.type) { + case 'structure': return translateStructure(value, shape); + case 'map': return translateMap(value, shape); + case 'list': return translateList(value, shape); + default: return translateScalar(value, shape); + } +} + +function translateStructure(structure, shape) { + if (structure == null) return undefined; + if (shape.isDocument) return structure; + + var struct = {}; + var shapeMembers = shape.members; + util.each(shapeMembers, function(name, memberShape) { + var locationName = memberShape.isLocationName ? memberShape.name : name; + if (Object.prototype.hasOwnProperty.call(structure, locationName)) { + var value = structure[locationName]; + var result = translate(value, memberShape); + if (result !== undefined) struct[name] = result; + } + }); + return struct; +} + +function translateList(list, shape) { + if (list == null) return undefined; + + var out = []; + util.arrayEach(list, function(value) { + var result = translate(value, shape.member); + if (result === undefined) out.push(null); + else out.push(result); + }); + return out; +} + +function translateMap(map, shape) { + if (map == null) return undefined; + + var out = {}; + util.each(map, function(key, value) { + var result = translate(value, shape.value); + if (result === undefined) out[key] = null; + else out[key] = result; + }); + return out; +} + +function translateScalar(value, shape) { + return shape.toType(value); +} + +/** + * @api private + */ +module.exports = JsonParser; + + +/***/ }), + +/***/ 2803: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +__nccwpck_require4_(2574); +var inherit = AWS.util.inherit; +var getMetadataServiceEndpoint = __nccwpck_require4_(7552); +var URL = (__nccwpck_require4_(7310).URL); + +/** + * Represents a metadata service available on EC2 instances. Using the + * {request} method, you can receieve metadata about any available resource + * on the metadata service. + * + * You can disable the use of the IMDS by setting the AWS_EC2_METADATA_DISABLED + * environment variable to a truthy value. + * + * @!attribute [r] httpOptions + * @return [map] a map of options to pass to the underlying HTTP request: + * + * * **timeout** (Number) — a timeout value in milliseconds to wait + * before aborting the connection. Set to 0 for no timeout. + * + * @!macro nobrowser + */ +AWS.MetadataService = inherit({ + /** + * @return [String] the endpoint of the instance metadata service + */ + endpoint: getMetadataServiceEndpoint(), + + /** + * @!ignore + */ + + /** + * Default HTTP options. By default, the metadata service is set to not + * timeout on long requests. This means that on non-EC2 machines, this + * request will never return. If you are calling this operation from an + * environment that may not always run on EC2, set a `timeout` value so + * the SDK will abort the request after a given number of milliseconds. + */ + httpOptions: { timeout: 0 }, + + /** + * when enabled, metadata service will not fetch token + */ + disableFetchToken: false, + + /** + * Creates a new MetadataService object with a given set of options. + * + * @option options host [String] the hostname of the instance metadata + * service + * @option options httpOptions [map] a map of options to pass to the + * underlying HTTP request: + * + * * **timeout** (Number) — a timeout value in milliseconds to wait + * before aborting the connection. Set to 0 for no timeout. + * @option options maxRetries [Integer] the maximum number of retries to + * perform for timeout errors + * @option options retryDelayOptions [map] A set of options to configure the + * retry delay on retryable errors. See AWS.Config for details. + */ + constructor: function MetadataService(options) { + if (options && options.host) { + options.endpoint = 'http://' + options.host; + delete options.host; + } + AWS.util.update(this, options); + }, + + /** + * Sends a request to the instance metadata service for a given resource. + * + * @param path [String] the path of the resource to get + * + * @param options [map] an optional map used to make request + * + * * **method** (String) — HTTP request method + * + * * **headers** (map) — a map of response header keys and their respective values + * + * @callback callback function(err, data) + * Called when a response is available from the service. + * @param err [Error, null] if an error occurred, this value will be set + * @param data [String, null] if the request was successful, the body of + * the response + */ + request: function request(path, options, callback) { + if (arguments.length === 2) { + callback = options; + options = {}; + } + + if (process.env[AWS.util.imdsDisabledEnv]) { + callback(new Error('EC2 Instance Metadata Service access disabled')); + return; + } + + path = path || '/'; + + // Verify that host is a valid URL + if (URL) { new URL(this.endpoint); } + + var httpRequest = new AWS.HttpRequest(this.endpoint + path); + httpRequest.method = options.method || 'GET'; + if (options.headers) { + httpRequest.headers = options.headers; + } + AWS.util.handleRequestWithRetries(httpRequest, this, callback); + }, + + /** + * @api private + */ + loadCredentialsCallbacks: [], + + /** + * Fetches metadata token used for getting credentials + * + * @api private + * @callback callback function(err, token) + * Called when token is loaded from the resource + */ + fetchMetadataToken: function fetchMetadataToken(callback) { + var self = this; + var tokenFetchPath = '/latest/api/token'; + self.request( + tokenFetchPath, + { + 'method': 'PUT', + 'headers': { + 'x-aws-ec2-metadata-token-ttl-seconds': '21600' + } + }, + callback + ); + }, + + /** + * Fetches credentials + * + * @api private + * @callback cb function(err, creds) + * Called when credentials are loaded from the resource + */ + fetchCredentials: function fetchCredentials(options, cb) { + var self = this; + var basePath = '/latest/meta-data/iam/security-credentials/'; + + self.request(basePath, options, function (err, roleName) { + if (err) { + self.disableFetchToken = !(err.statusCode === 401); + cb(AWS.util.error( + err, + { + message: 'EC2 Metadata roleName request returned error' + } + )); + return; + } + roleName = roleName.split('\n')[0]; // grab first (and only) role + self.request(basePath + roleName, options, function (credErr, credData) { + if (credErr) { + self.disableFetchToken = !(credErr.statusCode === 401); + cb(AWS.util.error( + credErr, + { + message: 'EC2 Metadata creds request returned error' + } + )); + return; + } + try { + var credentials = JSON.parse(credData); + cb(null, credentials); + } catch (parseError) { + cb(parseError); + } + }); + }); + }, + + /** + * Loads a set of credentials stored in the instance metadata service + * + * @api private + * @callback callback function(err, credentials) + * Called when credentials are loaded from the resource + * @param err [Error] if an error occurred, this value will be set + * @param credentials [Object] the raw JSON object containing all + * metadata from the credentials resource + */ + loadCredentials: function loadCredentials(callback) { + var self = this; + self.loadCredentialsCallbacks.push(callback); + if (self.loadCredentialsCallbacks.length > 1) { return; } + + function callbacks(err, creds) { + var cb; + while ((cb = self.loadCredentialsCallbacks.shift()) !== undefined) { + cb(err, creds); + } + } + + if (self.disableFetchToken) { + self.fetchCredentials({}, callbacks); + } else { + self.fetchMetadataToken(function(tokenError, token) { + if (tokenError) { + if (tokenError.code === 'TimeoutError') { + self.disableFetchToken = true; + } else if (tokenError.retryable === true) { + callbacks(AWS.util.error( + tokenError, + { + message: 'EC2 Metadata token request returned error' + } + )); + return; + } else if (tokenError.statusCode === 400) { + callbacks(AWS.util.error( + tokenError, + { + message: 'EC2 Metadata token request returned 400' + } + )); + return; + } + } + var options = {}; + if (token) { + options.headers = { + 'x-aws-ec2-metadata-token': token + }; + } + self.fetchCredentials(options, callbacks); + }); + + } + } +}); + +/** + * @api private + */ +module.exports = AWS.MetadataService; + + +/***/ }), + +/***/ 1799: +/***/ ((module) => { + +var getEndpoint = function() { + return { + IPv4: 'http://169.254.169.254', + IPv6: 'http://[fd00:ec2::254]', + }; +}; + +module.exports = getEndpoint; + + +/***/ }), + +/***/ 1570: +/***/ ((module) => { + +var ENV_ENDPOINT_NAME = 'AWS_EC2_METADATA_SERVICE_ENDPOINT'; +var CONFIG_ENDPOINT_NAME = 'ec2_metadata_service_endpoint'; + +var getEndpointConfigOptions = function() { + return { + environmentVariableSelector: function(env) { return env[ENV_ENDPOINT_NAME]; }, + configFileSelector: function(profile) { return profile[CONFIG_ENDPOINT_NAME]; }, + default: undefined, + }; +}; + +module.exports = getEndpointConfigOptions; + + +/***/ }), + +/***/ 7153: +/***/ ((module) => { + +var getEndpointMode = function() { + return { + IPv4: 'IPv4', + IPv6: 'IPv6', + }; +}; + +module.exports = getEndpointMode; + + +/***/ }), + +/***/ 4968: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var EndpointMode = __nccwpck_require4_(7153)(); + +var ENV_ENDPOINT_MODE_NAME = 'AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE'; +var CONFIG_ENDPOINT_MODE_NAME = 'ec2_metadata_service_endpoint_mode'; + +var getEndpointModeConfigOptions = function() { + return { + environmentVariableSelector: function(env) { return env[ENV_ENDPOINT_MODE_NAME]; }, + configFileSelector: function(profile) { return profile[CONFIG_ENDPOINT_MODE_NAME]; }, + default: EndpointMode.IPv4, + }; +}; + +module.exports = getEndpointModeConfigOptions; + + +/***/ }), + +/***/ 7552: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); + +var Endpoint = __nccwpck_require4_(1799)(); +var EndpointMode = __nccwpck_require4_(7153)(); + +var ENDPOINT_CONFIG_OPTIONS = __nccwpck_require4_(1570)(); +var ENDPOINT_MODE_CONFIG_OPTIONS = __nccwpck_require4_(4968)(); + +var getMetadataServiceEndpoint = function() { + var endpoint = AWS.util.loadConfig(ENDPOINT_CONFIG_OPTIONS); + if (endpoint !== undefined) return endpoint; + + var endpointMode = AWS.util.loadConfig(ENDPOINT_MODE_CONFIG_OPTIONS); + switch (endpointMode) { + case EndpointMode.IPv4: + return Endpoint.IPv4; + case EndpointMode.IPv6: + return Endpoint.IPv6; + default: + throw new Error('Unsupported endpoint mode: ' + endpointMode); + } +}; + +module.exports = getMetadataServiceEndpoint; + + +/***/ }), + +/***/ 9101: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var Collection = __nccwpck_require4_(7002); +var Operation = __nccwpck_require4_(130); +var Shape = __nccwpck_require4_(7478); +var Paginator = __nccwpck_require4_(6186); +var ResourceWaiter = __nccwpck_require4_(4343); +var metadata = __nccwpck_require4_(7752); + +var util = __nccwpck_require4_(3956); +var property = util.property; +var memoizedProperty = util.memoizedProperty; + +function Api(api, options) { + var self = this; + api = api || {}; + options = options || {}; + options.api = this; + + api.metadata = api.metadata || {}; + + var serviceIdentifier = options.serviceIdentifier; + delete options.serviceIdentifier; + + property(this, 'isApi', true, false); + property(this, 'apiVersion', api.metadata.apiVersion); + property(this, 'endpointPrefix', api.metadata.endpointPrefix); + property(this, 'signingName', api.metadata.signingName); + property(this, 'globalEndpoint', api.metadata.globalEndpoint); + property(this, 'signatureVersion', api.metadata.signatureVersion); + property(this, 'jsonVersion', api.metadata.jsonVersion); + property(this, 'targetPrefix', api.metadata.targetPrefix); + property(this, 'protocol', api.metadata.protocol); + property(this, 'timestampFormat', api.metadata.timestampFormat); + property(this, 'xmlNamespaceUri', api.metadata.xmlNamespace); + property(this, 'abbreviation', api.metadata.serviceAbbreviation); + property(this, 'fullName', api.metadata.serviceFullName); + property(this, 'serviceId', api.metadata.serviceId); + if (serviceIdentifier && metadata[serviceIdentifier]) { + property(this, 'xmlNoDefaultLists', metadata[serviceIdentifier].xmlNoDefaultLists, false); + } + + memoizedProperty(this, 'className', function() { + var name = api.metadata.serviceAbbreviation || api.metadata.serviceFullName; + if (!name) return null; + + name = name.replace(/^Amazon|AWS\s*|\(.*|\s+|\W+/g, ''); + if (name === 'ElasticLoadBalancing') name = 'ELB'; + return name; + }); + + function addEndpointOperation(name, operation) { + if (operation.endpointoperation === true) { + property(self, 'endpointOperation', util.string.lowerFirst(name)); + } + if (operation.endpointdiscovery && !self.hasRequiredEndpointDiscovery) { + property( + self, + 'hasRequiredEndpointDiscovery', + operation.endpointdiscovery.required === true + ); + } + } + + property(this, 'operations', new Collection(api.operations, options, function(name, operation) { + return new Operation(name, operation, options); + }, util.string.lowerFirst, addEndpointOperation)); + + property(this, 'shapes', new Collection(api.shapes, options, function(name, shape) { + return Shape.create(shape, options); + })); + + property(this, 'paginators', new Collection(api.paginators, options, function(name, paginator) { + return new Paginator(name, paginator, options); + })); + + property(this, 'waiters', new Collection(api.waiters, options, function(name, waiter) { + return new ResourceWaiter(name, waiter, options); + }, util.string.lowerFirst)); + + if (options.documentation) { + property(this, 'documentation', api.documentation); + property(this, 'documentationUrl', api.documentationUrl); + } + property(this, 'errorCodeMapping', api.awsQueryCompatible); +} + +/** + * @api private + */ +module.exports = Api; + + +/***/ }), + +/***/ 7002: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var memoizedProperty = (__nccwpck_require4_(3956).memoizedProperty); + +function memoize(name, value, factory, nameTr) { + memoizedProperty(this, nameTr(name), function() { + return factory(name, value); + }); +} + +function Collection(iterable, options, factory, nameTr, callback) { + nameTr = nameTr || String; + var self = this; + + for (var id in iterable) { + if (Object.prototype.hasOwnProperty.call(iterable, id)) { + memoize.call(self, id, iterable[id], factory, nameTr); + if (callback) callback(id, iterable[id]); + } + } +} + +/** + * @api private + */ +module.exports = Collection; + + +/***/ }), + +/***/ 130: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var Shape = __nccwpck_require4_(7478); + +var util = __nccwpck_require4_(3956); +var property = util.property; +var memoizedProperty = util.memoizedProperty; + +function Operation(name, operation, options) { + var self = this; + options = options || {}; + + property(this, 'name', operation.name || name); + property(this, 'api', options.api, false); + + operation.http = operation.http || {}; + property(this, 'endpoint', operation.endpoint); + property(this, 'httpMethod', operation.http.method || 'POST'); + property(this, 'httpPath', operation.http.requestUri || '/'); + property(this, 'authtype', operation.authtype || ''); + property( + this, + 'endpointDiscoveryRequired', + operation.endpointdiscovery ? + (operation.endpointdiscovery.required ? 'REQUIRED' : 'OPTIONAL') : + 'NULL' + ); + + // httpChecksum replaces usage of httpChecksumRequired, but some APIs + // (s3control) still uses old trait. + var httpChecksumRequired = operation.httpChecksumRequired + || (operation.httpChecksum && operation.httpChecksum.requestChecksumRequired); + property(this, 'httpChecksumRequired', httpChecksumRequired, false); + + memoizedProperty(this, 'input', function() { + if (!operation.input) { + return new Shape.create({type: 'structure'}, options); + } + return Shape.create(operation.input, options); + }); + + memoizedProperty(this, 'output', function() { + if (!operation.output) { + return new Shape.create({type: 'structure'}, options); + } + return Shape.create(operation.output, options); + }); + + memoizedProperty(this, 'errors', function() { + var list = []; + if (!operation.errors) return null; + + for (var i = 0; i < operation.errors.length; i++) { + list.push(Shape.create(operation.errors[i], options)); + } + + return list; + }); + + memoizedProperty(this, 'paginator', function() { + return options.api.paginators[name]; + }); + + if (options.documentation) { + property(this, 'documentation', operation.documentation); + property(this, 'documentationUrl', operation.documentationUrl); + } + + // idempotentMembers only tracks top-level input shapes + memoizedProperty(this, 'idempotentMembers', function() { + var idempotentMembers = []; + var input = self.input; + var members = input.members; + if (!input.members) { + return idempotentMembers; + } + for (var name in members) { + if (!members.hasOwnProperty(name)) { + continue; + } + if (members[name].isIdempotent === true) { + idempotentMembers.push(name); + } + } + return idempotentMembers; + }); + + memoizedProperty(this, 'hasEventOutput', function() { + var output = self.output; + return hasEventStream(output); + }); +} + +function hasEventStream(topLevelShape) { + var members = topLevelShape.members; + var payload = topLevelShape.payload; + + if (!topLevelShape.members) { + return false; + } + + if (payload) { + var payloadMember = members[payload]; + return payloadMember.isEventStream; + } + + // check if any member is an event stream + for (var name in members) { + if (!members.hasOwnProperty(name)) { + if (members[name].isEventStream === true) { + return true; + } + } + } + return false; +} + +/** + * @api private + */ +module.exports = Operation; + + +/***/ }), + +/***/ 6186: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var property = (__nccwpck_require4_(3956).property); + +function Paginator(name, paginator) { + property(this, 'inputToken', paginator.input_token); + property(this, 'limitKey', paginator.limit_key); + property(this, 'moreResults', paginator.more_results); + property(this, 'outputToken', paginator.output_token); + property(this, 'resultKey', paginator.result_key); +} + +/** + * @api private + */ +module.exports = Paginator; + + +/***/ }), + +/***/ 4343: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var util = __nccwpck_require4_(3956); +var property = util.property; + +function ResourceWaiter(name, waiter, options) { + options = options || {}; + property(this, 'name', name); + property(this, 'api', options.api, false); + + if (waiter.operation) { + property(this, 'operation', util.string.lowerFirst(waiter.operation)); + } + + var self = this; + var keys = [ + 'type', + 'description', + 'delay', + 'maxAttempts', + 'acceptors' + ]; + + keys.forEach(function(key) { + var value = waiter[key]; + if (value) { + property(self, key, value); + } + }); +} + +/** + * @api private + */ +module.exports = ResourceWaiter; + + +/***/ }), + +/***/ 7478: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var Collection = __nccwpck_require4_(7002); + +var util = __nccwpck_require4_(3956); + +function property(obj, name, value) { + if (value !== null && value !== undefined) { + util.property.apply(this, arguments); + } +} + +function memoizedProperty(obj, name) { + if (!obj.constructor.prototype[name]) { + util.memoizedProperty.apply(this, arguments); + } +} + +function Shape(shape, options, memberName) { + options = options || {}; + + property(this, 'shape', shape.shape); + property(this, 'api', options.api, false); + property(this, 'type', shape.type); + property(this, 'enum', shape.enum); + property(this, 'min', shape.min); + property(this, 'max', shape.max); + property(this, 'pattern', shape.pattern); + property(this, 'location', shape.location || this.location || 'body'); + property(this, 'name', this.name || shape.xmlName || shape.queryName || + shape.locationName || memberName); + property(this, 'isStreaming', shape.streaming || this.isStreaming || false); + property(this, 'requiresLength', shape.requiresLength, false); + property(this, 'isComposite', shape.isComposite || false); + property(this, 'isShape', true, false); + property(this, 'isQueryName', Boolean(shape.queryName), false); + property(this, 'isLocationName', Boolean(shape.locationName), false); + property(this, 'isIdempotent', shape.idempotencyToken === true); + property(this, 'isJsonValue', shape.jsonvalue === true); + property(this, 'isSensitive', shape.sensitive === true || shape.prototype && shape.prototype.sensitive === true); + property(this, 'isEventStream', Boolean(shape.eventstream), false); + property(this, 'isEvent', Boolean(shape.event), false); + property(this, 'isEventPayload', Boolean(shape.eventpayload), false); + property(this, 'isEventHeader', Boolean(shape.eventheader), false); + property(this, 'isTimestampFormatSet', Boolean(shape.timestampFormat) || shape.prototype && shape.prototype.isTimestampFormatSet === true, false); + property(this, 'endpointDiscoveryId', Boolean(shape.endpointdiscoveryid), false); + property(this, 'hostLabel', Boolean(shape.hostLabel), false); + + if (options.documentation) { + property(this, 'documentation', shape.documentation); + property(this, 'documentationUrl', shape.documentationUrl); + } + + if (shape.xmlAttribute) { + property(this, 'isXmlAttribute', shape.xmlAttribute || false); + } + + // type conversion and parsing + property(this, 'defaultValue', null); + this.toWireFormat = function(value) { + if (value === null || value === undefined) return ''; + return value; + }; + this.toType = function(value) { return value; }; +} + +/** + * @api private + */ +Shape.normalizedTypes = { + character: 'string', + double: 'float', + long: 'integer', + short: 'integer', + biginteger: 'integer', + bigdecimal: 'float', + blob: 'binary' +}; + +/** + * @api private + */ +Shape.types = { + 'structure': StructureShape, + 'list': ListShape, + 'map': MapShape, + 'boolean': BooleanShape, + 'timestamp': TimestampShape, + 'float': FloatShape, + 'integer': IntegerShape, + 'string': StringShape, + 'base64': Base64Shape, + 'binary': BinaryShape +}; + +Shape.resolve = function resolve(shape, options) { + if (shape.shape) { + var refShape = options.api.shapes[shape.shape]; + if (!refShape) { + throw new Error('Cannot find shape reference: ' + shape.shape); + } + + return refShape; + } else { + return null; + } +}; + +Shape.create = function create(shape, options, memberName) { + if (shape.isShape) return shape; + + var refShape = Shape.resolve(shape, options); + if (refShape) { + var filteredKeys = Object.keys(shape); + if (!options.documentation) { + filteredKeys = filteredKeys.filter(function(name) { + return !name.match(/documentation/); + }); + } + + // create an inline shape with extra members + var InlineShape = function() { + refShape.constructor.call(this, shape, options, memberName); + }; + InlineShape.prototype = refShape; + return new InlineShape(); + } else { + // set type if not set + if (!shape.type) { + if (shape.members) shape.type = 'structure'; + else if (shape.member) shape.type = 'list'; + else if (shape.key) shape.type = 'map'; + else shape.type = 'string'; + } + + // normalize types + var origType = shape.type; + if (Shape.normalizedTypes[shape.type]) { + shape.type = Shape.normalizedTypes[shape.type]; + } + + if (Shape.types[shape.type]) { + return new Shape.types[shape.type](shape, options, memberName); + } else { + throw new Error('Unrecognized shape type: ' + origType); + } + } +}; + +function CompositeShape(shape) { + Shape.apply(this, arguments); + property(this, 'isComposite', true); + + if (shape.flattened) { + property(this, 'flattened', shape.flattened || false); + } +} + +function StructureShape(shape, options) { + var self = this; + var requiredMap = null, firstInit = !this.isShape; + + CompositeShape.apply(this, arguments); + + if (firstInit) { + property(this, 'defaultValue', function() { return {}; }); + property(this, 'members', {}); + property(this, 'memberNames', []); + property(this, 'required', []); + property(this, 'isRequired', function() { return false; }); + property(this, 'isDocument', Boolean(shape.document)); + } + + if (shape.members) { + property(this, 'members', new Collection(shape.members, options, function(name, member) { + return Shape.create(member, options, name); + })); + memoizedProperty(this, 'memberNames', function() { + return shape.xmlOrder || Object.keys(shape.members); + }); + + if (shape.event) { + memoizedProperty(this, 'eventPayloadMemberName', function() { + var members = self.members; + var memberNames = self.memberNames; + // iterate over members to find ones that are event payloads + for (var i = 0, iLen = memberNames.length; i < iLen; i++) { + if (members[memberNames[i]].isEventPayload) { + return memberNames[i]; + } + } + }); + + memoizedProperty(this, 'eventHeaderMemberNames', function() { + var members = self.members; + var memberNames = self.memberNames; + var eventHeaderMemberNames = []; + // iterate over members to find ones that are event headers + for (var i = 0, iLen = memberNames.length; i < iLen; i++) { + if (members[memberNames[i]].isEventHeader) { + eventHeaderMemberNames.push(memberNames[i]); + } + } + return eventHeaderMemberNames; + }); + } + } + + if (shape.required) { + property(this, 'required', shape.required); + property(this, 'isRequired', function(name) { + if (!requiredMap) { + requiredMap = {}; + for (var i = 0; i < shape.required.length; i++) { + requiredMap[shape.required[i]] = true; + } + } + + return requiredMap[name]; + }, false, true); + } + + property(this, 'resultWrapper', shape.resultWrapper || null); + + if (shape.payload) { + property(this, 'payload', shape.payload); + } + + if (typeof shape.xmlNamespace === 'string') { + property(this, 'xmlNamespaceUri', shape.xmlNamespace); + } else if (typeof shape.xmlNamespace === 'object') { + property(this, 'xmlNamespacePrefix', shape.xmlNamespace.prefix); + property(this, 'xmlNamespaceUri', shape.xmlNamespace.uri); + } +} + +function ListShape(shape, options) { + var self = this, firstInit = !this.isShape; + CompositeShape.apply(this, arguments); + + if (firstInit) { + property(this, 'defaultValue', function() { return []; }); + } + + if (shape.member) { + memoizedProperty(this, 'member', function() { + return Shape.create(shape.member, options); + }); + } + + if (this.flattened) { + var oldName = this.name; + memoizedProperty(this, 'name', function() { + return self.member.name || oldName; + }); + } +} + +function MapShape(shape, options) { + var firstInit = !this.isShape; + CompositeShape.apply(this, arguments); + + if (firstInit) { + property(this, 'defaultValue', function() { return {}; }); + property(this, 'key', Shape.create({type: 'string'}, options)); + property(this, 'value', Shape.create({type: 'string'}, options)); + } + + if (shape.key) { + memoizedProperty(this, 'key', function() { + return Shape.create(shape.key, options); + }); + } + if (shape.value) { + memoizedProperty(this, 'value', function() { + return Shape.create(shape.value, options); + }); + } +} + +function TimestampShape(shape) { + var self = this; + Shape.apply(this, arguments); + + if (shape.timestampFormat) { + property(this, 'timestampFormat', shape.timestampFormat); + } else if (self.isTimestampFormatSet && this.timestampFormat) { + property(this, 'timestampFormat', this.timestampFormat); + } else if (this.location === 'header') { + property(this, 'timestampFormat', 'rfc822'); + } else if (this.location === 'querystring') { + property(this, 'timestampFormat', 'iso8601'); + } else if (this.api) { + switch (this.api.protocol) { + case 'json': + case 'rest-json': + property(this, 'timestampFormat', 'unixTimestamp'); + break; + case 'rest-xml': + case 'query': + case 'ec2': + property(this, 'timestampFormat', 'iso8601'); + break; + } + } + + this.toType = function(value) { + if (value === null || value === undefined) return null; + if (typeof value.toUTCString === 'function') return value; + return typeof value === 'string' || typeof value === 'number' ? + util.date.parseTimestamp(value) : null; + }; + + this.toWireFormat = function(value) { + return util.date.format(value, self.timestampFormat); + }; +} + +function StringShape() { + Shape.apply(this, arguments); + + var nullLessProtocols = ['rest-xml', 'query', 'ec2']; + this.toType = function(value) { + value = this.api && nullLessProtocols.indexOf(this.api.protocol) > -1 ? + value || '' : value; + if (this.isJsonValue) { + return JSON.parse(value); + } + + return value && typeof value.toString === 'function' ? + value.toString() : value; + }; + + this.toWireFormat = function(value) { + return this.isJsonValue ? JSON.stringify(value) : value; + }; +} + +function FloatShape() { + Shape.apply(this, arguments); + + this.toType = function(value) { + if (value === null || value === undefined) return null; + return parseFloat(value); + }; + this.toWireFormat = this.toType; +} + +function IntegerShape() { + Shape.apply(this, arguments); + + this.toType = function(value) { + if (value === null || value === undefined) return null; + return parseInt(value, 10); + }; + this.toWireFormat = this.toType; +} + +function BinaryShape() { + Shape.apply(this, arguments); + this.toType = function(value) { + var buf = util.base64.decode(value); + if (this.isSensitive && util.isNode() && typeof util.Buffer.alloc === 'function') { + /* Node.js can create a Buffer that is not isolated. + * i.e. buf.byteLength !== buf.buffer.byteLength + * This means that the sensitive data is accessible to anyone with access to buf.buffer. + * If this is the node shared Buffer, then other code within this process _could_ find this secret. + * Copy sensitive data to an isolated Buffer and zero the sensitive data. + * While this is safe to do here, copying this code somewhere else may produce unexpected results. + */ + var secureBuf = util.Buffer.alloc(buf.length, buf); + buf.fill(0); + buf = secureBuf; + } + return buf; + }; + this.toWireFormat = util.base64.encode; +} + +function Base64Shape() { + BinaryShape.apply(this, arguments); +} + +function BooleanShape() { + Shape.apply(this, arguments); + + this.toType = function(value) { + if (typeof value === 'boolean') return value; + if (value === null || value === undefined) return null; + return value === 'true'; + }; +} + +/** + * @api private + */ +Shape.shapes = { + StructureShape: StructureShape, + ListShape: ListShape, + MapShape: MapShape, + StringShape: StringShape, + BooleanShape: BooleanShape, + Base64Shape: Base64Shape +}; + +/** + * @api private + */ +module.exports = Shape; + + +/***/ }), + +/***/ 6083: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var util = __nccwpck_require4_(3956); + +var region_utils = __nccwpck_require4_(8099); +var isFipsRegion = region_utils.isFipsRegion; +var getRealRegion = region_utils.getRealRegion; + +util.isBrowser = function() { return false; }; +util.isNode = function() { return true; }; + +// node.js specific modules +util.crypto.lib = __nccwpck_require4_(6113); +util.Buffer = (__nccwpck_require4_(4300).Buffer); +util.domain = __nccwpck_require4_(3639); +util.stream = __nccwpck_require4_(2781); +util.url = __nccwpck_require4_(7310); +util.querystring = __nccwpck_require4_(3477); +util.environment = 'nodejs'; +util.createEventStream = util.stream.Readable ? + (__nccwpck_require4_(8523).createEventStream) : (__nccwpck_require4_(3000).createEventStream); +util.realClock = __nccwpck_require4_(8734); +util.clientSideMonitoring = { + Publisher: (__nccwpck_require4_(9464).Publisher), + configProvider: __nccwpck_require4_(7165), +}; +util.iniLoader = (__nccwpck_require4_(5858)/* .iniLoader */ .b); +util.getSystemErrorName = (__nccwpck_require4_(3837).getSystemErrorName); + +util.loadConfig = function(options) { + var envValue = options.environmentVariableSelector(process.env); + if (envValue !== undefined) { + return envValue; + } + + var configFile = {}; + try { + configFile = util.iniLoader ? util.iniLoader.loadFrom({ + isConfig: true, + filename: process.env[util.sharedConfigFileEnv] + }) : {}; + } catch (e) {} + var sharedFileConfig = configFile[ + process.env.AWS_PROFILE || util.defaultProfile + ] || {}; + var configValue = options.configFileSelector(sharedFileConfig); + if (configValue !== undefined) { + return configValue; + } + + if (typeof options.default === 'function') { + return options.default(); + } + return options.default; +}; + +var AWS; + +/** + * @api private + */ +module.exports = AWS = __nccwpck_require4_(4741); + +__nccwpck_require4_(5527); +__nccwpck_require4_(2008); +__nccwpck_require4_(8849); +__nccwpck_require4_(6684); +__nccwpck_require4_(8787); +__nccwpck_require4_(5263); +__nccwpck_require4_(1937); +__nccwpck_require4_(8247); + +// Load the xml2js XML parser +AWS.XML.Parser = __nccwpck_require4_(6687); + +// Load Node HTTP client +__nccwpck_require4_(773); + +__nccwpck_require4_(4544); + +// Load custom credential providers +__nccwpck_require4_(191); +__nccwpck_require4_(8712); +__nccwpck_require4_(3429); +__nccwpck_require4_(5589); +__nccwpck_require4_(4925); +__nccwpck_require4_(6493); +__nccwpck_require4_(1587); +__nccwpck_require4_(8247); +__nccwpck_require4_(157); + +// Setup default providers for credentials chain +// If this changes, please update documentation for +// AWS.CredentialProviderChain.defaultProviders in +// credentials/credential_provider_chain.js +AWS.CredentialProviderChain.defaultProviders = [ + function () { return new AWS.EnvironmentCredentials('AWS'); }, + function () { return new AWS.EnvironmentCredentials('AMAZON'); }, + function () { return new AWS.SsoCredentials(); }, + function () { return new AWS.SharedIniFileCredentials(); }, + function () { return new AWS.ECSCredentials(); }, + function () { return new AWS.ProcessCredentials(); }, + function () { return new AWS.TokenFileWebIdentityCredentials(); }, + function () { return new AWS.EC2MetadataCredentials(); } +]; + +// Load custom token providers +__nccwpck_require4_(3918); +__nccwpck_require4_(7477); +__nccwpck_require4_(5521); + +// Setup default providers for token chain +// If this changes, please update documentation for +// AWS.TokenProviderChain.defaultProviders in +// token/token_provider_chain.js +AWS.TokenProviderChain.defaultProviders = [ + function () { return new AWS.SSOTokenProvider(); }, +]; + +var getRegion = function() { + var env = process.env; + var region = env.AWS_REGION || env.AMAZON_REGION; + if (env[AWS.util.configOptInEnv]) { + var toCheck = [ + {filename: env[AWS.util.sharedCredentialsFileEnv]}, + {isConfig: true, filename: env[AWS.util.sharedConfigFileEnv]} + ]; + var iniLoader = AWS.util.iniLoader; + while (!region && toCheck.length) { + var configFile = {}; + var fileInfo = toCheck.shift(); + try { + configFile = iniLoader.loadFrom(fileInfo); + } catch (err) { + if (fileInfo.isConfig) throw err; + } + var profile = configFile[env.AWS_PROFILE || AWS.util.defaultProfile]; + region = profile && profile.region; + } + } + return region; +}; + +var getBooleanValue = function(value) { + return value === 'true' ? true: value === 'false' ? false: undefined; +}; + +var USE_FIPS_ENDPOINT_CONFIG_OPTIONS = { + environmentVariableSelector: function(env) { + return getBooleanValue(env['AWS_USE_FIPS_ENDPOINT']); + }, + configFileSelector: function(profile) { + return getBooleanValue(profile['use_fips_endpoint']); + }, + default: false, +}; + +var USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS = { + environmentVariableSelector: function(env) { + return getBooleanValue(env['AWS_USE_DUALSTACK_ENDPOINT']); + }, + configFileSelector: function(profile) { + return getBooleanValue(profile['use_dualstack_endpoint']); + }, + default: false, +}; + +// Update configuration keys +AWS.util.update(AWS.Config.prototype.keys, { + credentials: function () { + var credentials = null; + new AWS.CredentialProviderChain([ + function () { return new AWS.EnvironmentCredentials('AWS'); }, + function () { return new AWS.EnvironmentCredentials('AMAZON'); }, + function () { return new AWS.SharedIniFileCredentials({ disableAssumeRole: true }); } + ]).resolve(function(err, creds) { + if (!err) credentials = creds; + }); + return credentials; + }, + credentialProvider: function() { + return new AWS.CredentialProviderChain(); + }, + logger: function () { + return process.env.AWSJS_DEBUG ? console : null; + }, + region: function() { + var region = getRegion(); + return region ? getRealRegion(region): undefined; + }, + tokenProvider: function() { + return new AWS.TokenProviderChain(); + }, + useFipsEndpoint: function() { + var region = getRegion(); + return isFipsRegion(region) + ? true + : util.loadConfig(USE_FIPS_ENDPOINT_CONFIG_OPTIONS); + }, + useDualstackEndpoint: function() { + return util.loadConfig(USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS); + } +}); + +// Reset configuration +AWS.config = new AWS.Config(); + + +/***/ }), + +/***/ 9717: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); + +/** + * @api private + */ +AWS.ParamValidator = AWS.util.inherit({ + /** + * Create a new validator object. + * + * @param validation [Boolean|map] whether input parameters should be + * validated against the operation description before sending the + * request. Pass a map to enable any of the following specific + * validation features: + * + * * **min** [Boolean] — Validates that a value meets the min + * constraint. This is enabled by default when paramValidation is set + * to `true`. + * * **max** [Boolean] — Validates that a value meets the max + * constraint. + * * **pattern** [Boolean] — Validates that a string value matches a + * regular expression. + * * **enum** [Boolean] — Validates that a string value matches one + * of the allowable enum values. + */ + constructor: function ParamValidator(validation) { + if (validation === true || validation === undefined) { + validation = {'min': true}; + } + this.validation = validation; + }, + + validate: function validate(shape, params, context) { + this.errors = []; + this.validateMember(shape, params || {}, context || 'params'); + + if (this.errors.length > 1) { + var msg = this.errors.join('\n* '); + msg = 'There were ' + this.errors.length + + ' validation errors:\n* ' + msg; + throw AWS.util.error(new Error(msg), + {code: 'MultipleValidationErrors', errors: this.errors}); + } else if (this.errors.length === 1) { + throw this.errors[0]; + } else { + return true; + } + }, + + fail: function fail(code, message) { + this.errors.push(AWS.util.error(new Error(message), {code: code})); + }, + + validateStructure: function validateStructure(shape, params, context) { + if (shape.isDocument) return true; + + this.validateType(params, context, ['object'], 'structure'); + var paramName; + for (var i = 0; shape.required && i < shape.required.length; i++) { + paramName = shape.required[i]; + var value = params[paramName]; + if (value === undefined || value === null) { + this.fail('MissingRequiredParameter', + 'Missing required key \'' + paramName + '\' in ' + context); + } + } + + // validate hash members + for (paramName in params) { + if (!Object.prototype.hasOwnProperty.call(params, paramName)) continue; + + var paramValue = params[paramName], + memberShape = shape.members[paramName]; + + if (memberShape !== undefined) { + var memberContext = [context, paramName].join('.'); + this.validateMember(memberShape, paramValue, memberContext); + } else if (paramValue !== undefined && paramValue !== null) { + this.fail('UnexpectedParameter', + 'Unexpected key \'' + paramName + '\' found in ' + context); + } + } + + return true; + }, + + validateMember: function validateMember(shape, param, context) { + switch (shape.type) { + case 'structure': + return this.validateStructure(shape, param, context); + case 'list': + return this.validateList(shape, param, context); + case 'map': + return this.validateMap(shape, param, context); + default: + return this.validateScalar(shape, param, context); + } + }, + + validateList: function validateList(shape, params, context) { + if (this.validateType(params, context, [Array])) { + this.validateRange(shape, params.length, context, 'list member count'); + // validate array members + for (var i = 0; i < params.length; i++) { + this.validateMember(shape.member, params[i], context + '[' + i + ']'); + } + } + }, + + validateMap: function validateMap(shape, params, context) { + if (this.validateType(params, context, ['object'], 'map')) { + // Build up a count of map members to validate range traits. + var mapCount = 0; + for (var param in params) { + if (!Object.prototype.hasOwnProperty.call(params, param)) continue; + // Validate any map key trait constraints + this.validateMember(shape.key, param, + context + '[key=\'' + param + '\']'); + this.validateMember(shape.value, params[param], + context + '[\'' + param + '\']'); + mapCount++; + } + this.validateRange(shape, mapCount, context, 'map member count'); + } + }, + + validateScalar: function validateScalar(shape, value, context) { + switch (shape.type) { + case null: + case undefined: + case 'string': + return this.validateString(shape, value, context); + case 'base64': + case 'binary': + return this.validatePayload(value, context); + case 'integer': + case 'float': + return this.validateNumber(shape, value, context); + case 'boolean': + return this.validateType(value, context, ['boolean']); + case 'timestamp': + return this.validateType(value, context, [Date, + /^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(\.\d+)?Z$/, 'number'], + 'Date object, ISO-8601 string, or a UNIX timestamp'); + default: + return this.fail('UnkownType', 'Unhandled type ' + + shape.type + ' for ' + context); + } + }, + + validateString: function validateString(shape, value, context) { + var validTypes = ['string']; + if (shape.isJsonValue) { + validTypes = validTypes.concat(['number', 'object', 'boolean']); + } + if (value !== null && this.validateType(value, context, validTypes)) { + this.validateEnum(shape, value, context); + this.validateRange(shape, value.length, context, 'string length'); + this.validatePattern(shape, value, context); + this.validateUri(shape, value, context); + } + }, + + validateUri: function validateUri(shape, value, context) { + if (shape['location'] === 'uri') { + if (value.length === 0) { + this.fail('UriParameterError', 'Expected uri parameter to have length >= 1,' + + ' but found "' + value +'" for ' + context); + } + } + }, + + validatePattern: function validatePattern(shape, value, context) { + if (this.validation['pattern'] && shape['pattern'] !== undefined) { + if (!(new RegExp(shape['pattern'])).test(value)) { + this.fail('PatternMatchError', 'Provided value "' + value + '" ' + + 'does not match regex pattern /' + shape['pattern'] + '/ for ' + + context); + } + } + }, + + validateRange: function validateRange(shape, value, context, descriptor) { + if (this.validation['min']) { + if (shape['min'] !== undefined && value < shape['min']) { + this.fail('MinRangeError', 'Expected ' + descriptor + ' >= ' + + shape['min'] + ', but found ' + value + ' for ' + context); + } + } + if (this.validation['max']) { + if (shape['max'] !== undefined && value > shape['max']) { + this.fail('MaxRangeError', 'Expected ' + descriptor + ' <= ' + + shape['max'] + ', but found ' + value + ' for ' + context); + } + } + }, + + validateEnum: function validateRange(shape, value, context) { + if (this.validation['enum'] && shape['enum'] !== undefined) { + // Fail if the string value is not present in the enum list + if (shape['enum'].indexOf(value) === -1) { + this.fail('EnumError', 'Found string value of ' + value + ', but ' + + 'expected ' + shape['enum'].join('|') + ' for ' + context); + } + } + }, + + validateType: function validateType(value, context, acceptedTypes, type) { + // We will not log an error for null or undefined, but we will return + // false so that callers know that the expected type was not strictly met. + if (value === null || value === undefined) return false; + + var foundInvalidType = false; + for (var i = 0; i < acceptedTypes.length; i++) { + if (typeof acceptedTypes[i] === 'string') { + if (typeof value === acceptedTypes[i]) return true; + } else if (acceptedTypes[i] instanceof RegExp) { + if ((value || '').toString().match(acceptedTypes[i])) return true; + } else { + if (value instanceof acceptedTypes[i]) return true; + if (AWS.util.isType(value, acceptedTypes[i])) return true; + if (!type && !foundInvalidType) acceptedTypes = acceptedTypes.slice(); + acceptedTypes[i] = AWS.util.typeName(acceptedTypes[i]); + } + foundInvalidType = true; + } + + var acceptedType = type; + if (!acceptedType) { + acceptedType = acceptedTypes.join(', ').replace(/,([^,]+)$/, ', or$1'); + } + + var vowel = acceptedType.match(/^[aeiou]/i) ? 'n' : ''; + this.fail('InvalidParameterType', 'Expected ' + context + ' to be a' + + vowel + ' ' + acceptedType); + return false; + }, + + validateNumber: function validateNumber(shape, value, context) { + if (value === null || value === undefined) return; + if (typeof value === 'string') { + var castedValue = parseFloat(value); + if (castedValue.toString() === value) value = castedValue; + } + if (this.validateType(value, context, ['number'])) { + this.validateRange(shape, value, context, 'numeric value'); + } + }, + + validatePayload: function validatePayload(value, context) { + if (value === null || value === undefined) return; + if (typeof value === 'string') return; + if (value && typeof value.byteLength === 'number') return; // typed arrays + if (AWS.util.isNode()) { // special check for buffer/stream in Node.js + var Stream = AWS.util.stream.Stream; + if (AWS.util.Buffer.isBuffer(value) || value instanceof Stream) return; + } else { + if (typeof Blob !== void 0 && value instanceof Blob) return; + } + + var types = ['Buffer', 'Stream', 'File', 'Blob', 'ArrayBuffer', 'DataView']; + if (value) { + for (var i = 0; i < types.length; i++) { + if (AWS.util.isType(value, types[i])) return; + if (AWS.util.typeName(value.constructor) === types[i]) return; + } + } + + this.fail('InvalidParameterType', 'Expected ' + context + ' to be a ' + + 'string, Buffer, Stream, Blob, or typed array object'); + } +}); + + +/***/ }), + +/***/ 3613: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var util = __nccwpck_require4_(3956); +var AWS = __nccwpck_require4_(4741); + +/** + * Prepend prefix defined by API model to endpoint that's already + * constructed. This feature does not apply to operations using + * endpoint discovery and can be disabled. + * @api private + */ +function populateHostPrefix(request) { + var enabled = request.service.config.hostPrefixEnabled; + if (!enabled) return request; + var operationModel = request.service.api.operations[request.operation]; + //don't marshal host prefix when operation has endpoint discovery traits + if (hasEndpointDiscover(request)) return request; + if (operationModel.endpoint && operationModel.endpoint.hostPrefix) { + var hostPrefixNotation = operationModel.endpoint.hostPrefix; + var hostPrefix = expandHostPrefix(hostPrefixNotation, request.params, operationModel.input); + prependEndpointPrefix(request.httpRequest.endpoint, hostPrefix); + validateHostname(request.httpRequest.endpoint.hostname); + } + return request; +} + +/** + * @api private + */ +function hasEndpointDiscover(request) { + var api = request.service.api; + var operationModel = api.operations[request.operation]; + var isEndpointOperation = api.endpointOperation && (api.endpointOperation === util.string.lowerFirst(operationModel.name)); + return (operationModel.endpointDiscoveryRequired !== 'NULL' || isEndpointOperation === true); +} + +/** + * @api private + */ +function expandHostPrefix(hostPrefixNotation, params, shape) { + util.each(shape.members, function(name, member) { + if (member.hostLabel === true) { + if (typeof params[name] !== 'string' || params[name] === '') { + throw util.error(new Error(), { + message: 'Parameter ' + name + ' should be a non-empty string.', + code: 'InvalidParameter' + }); + } + var regex = new RegExp('\\{' + name + '\\}', 'g'); + hostPrefixNotation = hostPrefixNotation.replace(regex, params[name]); + } + }); + return hostPrefixNotation; +} + +/** + * @api private + */ +function prependEndpointPrefix(endpoint, prefix) { + if (endpoint.host) { + endpoint.host = prefix + endpoint.host; + } + if (endpoint.hostname) { + endpoint.hostname = prefix + endpoint.hostname; + } +} + +/** + * @api private + */ +function validateHostname(hostname) { + var labels = hostname.split('.'); + //Reference: https://tools.ietf.org/html/rfc1123#section-2 + var hostPattern = /^[a-zA-Z0-9]{1}$|^[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9]$/; + util.arrayEach(labels, function(label) { + if (!label.length || label.length < 1 || label.length > 63) { + throw util.error(new Error(), { + code: 'ValidationError', + message: 'Hostname label length should be between 1 to 63 characters, inclusive.' + }); + } + if (!hostPattern.test(label)) { + throw AWS.util.error(new Error(), + {code: 'ValidationError', message: label + ' is not hostname compatible.'}); + } + }); +} + +module.exports = { + populateHostPrefix: populateHostPrefix +}; + + +/***/ }), + +/***/ 7372: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var util = __nccwpck_require4_(3956); +var JsonBuilder = __nccwpck_require4_(4387); +var JsonParser = __nccwpck_require4_(1039); +var populateHostPrefix = (__nccwpck_require4_(3613).populateHostPrefix); + +function buildRequest(req) { + var httpRequest = req.httpRequest; + var api = req.service.api; + var target = api.targetPrefix + '.' + api.operations[req.operation].name; + var version = api.jsonVersion || '1.0'; + var input = api.operations[req.operation].input; + var builder = new JsonBuilder(); + + if (version === 1) version = '1.0'; + httpRequest.body = builder.build(req.params || {}, input); + httpRequest.headers['Content-Type'] = 'application/x-amz-json-' + version; + httpRequest.headers['X-Amz-Target'] = target; + + populateHostPrefix(req); +} + +function extractError(resp) { + var error = {}; + var httpResponse = resp.httpResponse; + + error.code = httpResponse.headers['x-amzn-errortype'] || 'UnknownError'; + if (typeof error.code === 'string') { + error.code = error.code.split(':')[0]; + } + + if (httpResponse.body.length > 0) { + try { + var e = JSON.parse(httpResponse.body.toString()); + var code = e.__type || e.code || e.Code; + if (code) { + error.code = code.split('#').pop(); + } + if (error.code === 'RequestEntityTooLarge') { + error.message = 'Request body must be less than 1 MB'; + } else { + error.message = (e.message || e.Message || null); + } + } catch (e) { + error.statusCode = httpResponse.statusCode; + error.message = httpResponse.statusMessage; + } + } else { + error.statusCode = httpResponse.statusCode; + error.message = httpResponse.statusCode.toString(); + } + + resp.error = util.error(new Error(), error); +} + +function extractData(resp) { + var body = resp.httpResponse.body.toString() || '{}'; + if (resp.request.service.config.convertResponseTypes === false) { + resp.data = JSON.parse(body); + } else { + var operation = resp.request.service.api.operations[resp.request.operation]; + var shape = operation.output || {}; + var parser = new JsonParser(); + resp.data = parser.parse(body, shape); + } +} + +/** + * @api private + */ +module.exports = { + buildRequest: buildRequest, + extractError: extractError, + extractData: extractData +}; + + +/***/ }), + +/***/ 6556: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var util = __nccwpck_require4_(3956); +var QueryParamSerializer = __nccwpck_require4_(5792); +var Shape = __nccwpck_require4_(7478); +var populateHostPrefix = (__nccwpck_require4_(3613).populateHostPrefix); + +function buildRequest(req) { + var operation = req.service.api.operations[req.operation]; + var httpRequest = req.httpRequest; + httpRequest.headers['Content-Type'] = + 'application/x-www-form-urlencoded; charset=utf-8'; + httpRequest.params = { + Version: req.service.api.apiVersion, + Action: operation.name + }; + + // convert the request parameters into a list of query params, + // e.g. Deeply.NestedParam.0.Name=value + var builder = new QueryParamSerializer(); + builder.serialize(req.params, operation.input, function(name, value) { + httpRequest.params[name] = value; + }); + httpRequest.body = util.queryParamsToString(httpRequest.params); + + populateHostPrefix(req); +} + +function extractError(resp) { + var data, body = resp.httpResponse.body.toString(); + if (body.match(' { + +var util = __nccwpck_require4_(3956); +var populateHostPrefix = (__nccwpck_require4_(3613).populateHostPrefix); + +function populateMethod(req) { + req.httpRequest.method = req.service.api.operations[req.operation].httpMethod; +} + +function generateURI(endpointPath, operationPath, input, params) { + var uri = [endpointPath, operationPath].join('/'); + uri = uri.replace(/\/+/g, '/'); + + var queryString = {}, queryStringSet = false; + util.each(input.members, function (name, member) { + var paramValue = params[name]; + if (paramValue === null || paramValue === undefined) return; + if (member.location === 'uri') { + var regex = new RegExp('\\{' + member.name + '(\\+)?\\}'); + uri = uri.replace(regex, function(_, plus) { + var fn = plus ? util.uriEscapePath : util.uriEscape; + return fn(String(paramValue)); + }); + } else if (member.location === 'querystring') { + queryStringSet = true; + + if (member.type === 'list') { + queryString[member.name] = paramValue.map(function(val) { + return util.uriEscape(member.member.toWireFormat(val).toString()); + }); + } else if (member.type === 'map') { + util.each(paramValue, function(key, value) { + if (Array.isArray(value)) { + queryString[key] = value.map(function(val) { + return util.uriEscape(String(val)); + }); + } else { + queryString[key] = util.uriEscape(String(value)); + } + }); + } else { + queryString[member.name] = util.uriEscape(member.toWireFormat(paramValue).toString()); + } + } + }); + + if (queryStringSet) { + uri += (uri.indexOf('?') >= 0 ? '&' : '?'); + var parts = []; + util.arrayEach(Object.keys(queryString).sort(), function(key) { + if (!Array.isArray(queryString[key])) { + queryString[key] = [queryString[key]]; + } + for (var i = 0; i < queryString[key].length; i++) { + parts.push(util.uriEscape(String(key)) + '=' + queryString[key][i]); + } + }); + uri += parts.join('&'); + } + + return uri; +} + +function populateURI(req) { + var operation = req.service.api.operations[req.operation]; + var input = operation.input; + + var uri = generateURI(req.httpRequest.endpoint.path, operation.httpPath, input, req.params); + req.httpRequest.path = uri; +} + +function populateHeaders(req) { + var operation = req.service.api.operations[req.operation]; + util.each(operation.input.members, function (name, member) { + var value = req.params[name]; + if (value === null || value === undefined) return; + + if (member.location === 'headers' && member.type === 'map') { + util.each(value, function(key, memberValue) { + req.httpRequest.headers[member.name + key] = memberValue; + }); + } else if (member.location === 'header') { + value = member.toWireFormat(value).toString(); + if (member.isJsonValue) { + value = util.base64.encode(value); + } + req.httpRequest.headers[member.name] = value; + } + }); +} + +function buildRequest(req) { + populateMethod(req); + populateURI(req); + populateHeaders(req); + populateHostPrefix(req); +} + +function extractError() { +} + +function extractData(resp) { + var req = resp.request; + var data = {}; + var r = resp.httpResponse; + var operation = req.service.api.operations[req.operation]; + var output = operation.output; + + // normalize headers names to lower-cased keys for matching + var headers = {}; + util.each(r.headers, function (k, v) { + headers[k.toLowerCase()] = v; + }); + + util.each(output.members, function(name, member) { + var header = (member.name || name).toLowerCase(); + if (member.location === 'headers' && member.type === 'map') { + data[name] = {}; + var location = member.isLocationName ? member.name : ''; + var pattern = new RegExp('^' + location + '(.+)', 'i'); + util.each(r.headers, function (k, v) { + var result = k.match(pattern); + if (result !== null) { + data[name][result[1]] = v; + } + }); + } else if (member.location === 'header') { + if (headers[header] !== undefined) { + var value = member.isJsonValue ? + util.base64.decode(headers[header]) : + headers[header]; + data[name] = member.toType(value); + } + } else if (member.location === 'statusCode') { + data[name] = parseInt(r.statusCode, 10); + } + }); + + resp.data = data; +} + +/** + * @api private + */ +module.exports = { + buildRequest: buildRequest, + extractError: extractError, + extractData: extractData, + generateURI: generateURI +}; + + +/***/ }), + +/***/ 4839: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var util = __nccwpck_require4_(3956); +var Rest = __nccwpck_require4_(9008); +var Json = __nccwpck_require4_(7372); +var JsonBuilder = __nccwpck_require4_(4387); +var JsonParser = __nccwpck_require4_(1039); + +function populateBody(req) { + var builder = new JsonBuilder(); + var input = req.service.api.operations[req.operation].input; + + if (input.payload) { + var params = {}; + var payloadShape = input.members[input.payload]; + params = req.params[input.payload]; + + if (payloadShape.type === 'structure') { + req.httpRequest.body = builder.build(params || {}, payloadShape); + applyContentTypeHeader(req); + } else if (params !== undefined) { + // non-JSON payload + req.httpRequest.body = params; + if (payloadShape.type === 'binary' || payloadShape.isStreaming) { + applyContentTypeHeader(req, true); + } + } + } else { + req.httpRequest.body = builder.build(req.params, input); + applyContentTypeHeader(req); + } +} + +function applyContentTypeHeader(req, isBinary) { + if (!req.httpRequest.headers['Content-Type']) { + var type = isBinary ? 'binary/octet-stream' : 'application/json'; + req.httpRequest.headers['Content-Type'] = type; + } +} + +function buildRequest(req) { + Rest.buildRequest(req); + + // never send body payload on GET/HEAD/DELETE + if (['GET', 'HEAD', 'DELETE'].indexOf(req.httpRequest.method) < 0) { + populateBody(req); + } +} + +function extractError(resp) { + Json.extractError(resp); +} + +function extractData(resp) { + Rest.extractData(resp); + + var req = resp.request; + var operation = req.service.api.operations[req.operation]; + var rules = req.service.api.operations[req.operation].output || {}; + var parser; + var hasEventOutput = operation.hasEventOutput; + + if (rules.payload) { + var payloadMember = rules.members[rules.payload]; + var body = resp.httpResponse.body; + if (payloadMember.isEventStream) { + parser = new JsonParser(); + resp.data[payload] = util.createEventStream( + AWS.HttpClient.streamsApiVersion === 2 ? resp.httpResponse.stream : body, + parser, + payloadMember + ); + } else if (payloadMember.type === 'structure' || payloadMember.type === 'list') { + var parser = new JsonParser(); + resp.data[rules.payload] = parser.parse(body, payloadMember); + } else if (payloadMember.type === 'binary' || payloadMember.isStreaming) { + resp.data[rules.payload] = body; + } else { + resp.data[rules.payload] = payloadMember.toType(body); + } + } else { + var data = resp.data; + Json.extractData(resp); + resp.data = util.merge(data, resp.data); + } +} + +/** + * @api private + */ +module.exports = { + buildRequest: buildRequest, + extractError: extractError, + extractData: extractData +}; + + +/***/ }), + +/***/ 8932: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var util = __nccwpck_require4_(3956); +var Rest = __nccwpck_require4_(9008); + +function populateBody(req) { + var input = req.service.api.operations[req.operation].input; + var builder = new AWS.XML.Builder(); + var params = req.params; + + var payload = input.payload; + if (payload) { + var payloadMember = input.members[payload]; + params = params[payload]; + if (params === undefined) return; + + if (payloadMember.type === 'structure') { + var rootElement = payloadMember.name; + req.httpRequest.body = builder.toXML(params, payloadMember, rootElement, true); + } else { // non-xml payload + req.httpRequest.body = params; + } + } else { + req.httpRequest.body = builder.toXML(params, input, input.name || + input.shape || util.string.upperFirst(req.operation) + 'Request'); + } +} + +function buildRequest(req) { + Rest.buildRequest(req); + + // never send body payload on GET/HEAD + if (['GET', 'HEAD'].indexOf(req.httpRequest.method) < 0) { + populateBody(req); + } +} + +function extractError(resp) { + Rest.extractError(resp); + + var data; + try { + data = new AWS.XML.Parser().parse(resp.httpResponse.body.toString()); + } catch (e) { + data = { + Code: resp.httpResponse.statusCode, + Message: resp.httpResponse.statusMessage + }; + } + + if (data.Errors) data = data.Errors; + if (data.Error) data = data.Error; + if (data.Code) { + resp.error = util.error(new Error(), { + code: data.Code, + message: data.Message + }); + } else { + resp.error = util.error(new Error(), { + code: resp.httpResponse.statusCode, + message: null + }); + } +} + +function extractData(resp) { + Rest.extractData(resp); + + var parser; + var req = resp.request; + var body = resp.httpResponse.body; + var operation = req.service.api.operations[req.operation]; + var output = operation.output; + + var hasEventOutput = operation.hasEventOutput; + + var payload = output.payload; + if (payload) { + var payloadMember = output.members[payload]; + if (payloadMember.isEventStream) { + parser = new AWS.XML.Parser(); + resp.data[payload] = util.createEventStream( + AWS.HttpClient.streamsApiVersion === 2 ? resp.httpResponse.stream : resp.httpResponse.body, + parser, + payloadMember + ); + } else if (payloadMember.type === 'structure') { + parser = new AWS.XML.Parser(); + resp.data[payload] = parser.parse(body.toString(), payloadMember); + } else if (payloadMember.type === 'binary' || payloadMember.isStreaming) { + resp.data[payload] = body; + } else { + resp.data[payload] = payloadMember.toType(body); + } + } else if (body.length > 0) { + parser = new AWS.XML.Parser(); + var data = parser.parse(body.toString(), output); + util.update(resp.data, data); + } +} + +/** + * @api private + */ +module.exports = { + buildRequest: buildRequest, + extractError: extractError, + extractData: extractData +}; + + +/***/ }), + +/***/ 7165: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); + +/** + * Resolve client-side monitoring configuration from either environmental variables + * or shared config file. Configurations from environmental variables have higher priority + * than those from shared config file. The resolver will try to read the shared config file + * no matter whether the AWS_SDK_LOAD_CONFIG variable is set. + * @api private + */ +function resolveMonitoringConfig() { + var config = { + port: undefined, + clientId: undefined, + enabled: undefined, + host: undefined + }; + if (fromEnvironment(config) || fromConfigFile(config)) return toJSType(config); + return toJSType(config); +} + +/** + * Resolve configurations from environmental variables. + * @param {object} client side monitoring config object needs to be resolved + * @returns {boolean} whether resolving configurations is done + * @api private + */ +function fromEnvironment(config) { + config.port = config.port || process.env.AWS_CSM_PORT; + config.enabled = config.enabled || process.env.AWS_CSM_ENABLED; + config.clientId = config.clientId || process.env.AWS_CSM_CLIENT_ID; + config.host = config.host || process.env.AWS_CSM_HOST; + return config.port && config.enabled && config.clientId && config.host || + ['false', '0'].indexOf(config.enabled) >= 0; //no need to read shared config file if explicitely disabled +} + +/** + * Resolve cofigurations from shared config file with specified role name + * @param {object} client side monitoring config object needs to be resolved + * @returns {boolean} whether resolving configurations is done + * @api private + */ +function fromConfigFile(config) { + var sharedFileConfig; + try { + var configFile = AWS.util.iniLoader.loadFrom({ + isConfig: true, + filename: process.env[AWS.util.sharedConfigFileEnv] + }); + var sharedFileConfig = configFile[ + process.env.AWS_PROFILE || AWS.util.defaultProfile + ]; + } catch (err) { + return false; + } + if (!sharedFileConfig) return config; + config.port = config.port || sharedFileConfig.csm_port; + config.enabled = config.enabled || sharedFileConfig.csm_enabled; + config.clientId = config.clientId || sharedFileConfig.csm_client_id; + config.host = config.host || sharedFileConfig.csm_host; + return config.port && config.enabled && config.clientId && config.host; +} + +/** + * Transfer the resolved configuration value to proper types: port as number, enabled + * as boolean and clientId as string. The 'enabled' flag is valued to false when set + * to 'false' or '0'. + * @param {object} resolved client side monitoring config + * @api private + */ +function toJSType(config) { + //config.XXX is either undefined or string + var falsyNotations = ['false', '0', undefined]; + if (!config.enabled || falsyNotations.indexOf(config.enabled.toLowerCase()) >= 0) { + config.enabled = false; + } else { + config.enabled = true; + } + config.port = config.port ? parseInt(config.port, 10) : undefined; + return config; +} + +module.exports = resolveMonitoringConfig; + + +/***/ }), + +/***/ 9464: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var util = (__nccwpck_require4_(4741).util); +var dgram = __nccwpck_require4_(1891); +var stringToBuffer = util.buffer.toBuffer; + +var MAX_MESSAGE_SIZE = 1024 * 8; // 8 KB + +/** + * Publishes metrics via udp. + * @param {object} options Paramters for Publisher constructor + * @param {number} [options.port = 31000] Port number + * @param {string} [options.clientId = ''] Client Identifier + * @param {boolean} [options.enabled = false] enable sending metrics datagram + * @api private + */ +function Publisher(options) { + // handle configuration + options = options || {}; + this.enabled = options.enabled || false; + this.port = options.port || 31000; + this.clientId = options.clientId || ''; + this.address = options.host || '127.0.0.1'; + if (this.clientId.length > 255) { + // ClientId has a max length of 255 + this.clientId = this.clientId.substr(0, 255); + } + this.messagesInFlight = 0; +} + +Publisher.prototype.fieldsToTrim = { + UserAgent: 256, + SdkException: 128, + SdkExceptionMessage: 512, + AwsException: 128, + AwsExceptionMessage: 512, + FinalSdkException: 128, + FinalSdkExceptionMessage: 512, + FinalAwsException: 128, + FinalAwsExceptionMessage: 512 + +}; + +/** + * Trims fields that have a specified max length. + * @param {object} event ApiCall or ApiCallAttempt event. + * @returns {object} + * @api private + */ +Publisher.prototype.trimFields = function(event) { + var trimmableFields = Object.keys(this.fieldsToTrim); + for (var i = 0, iLen = trimmableFields.length; i < iLen; i++) { + var field = trimmableFields[i]; + if (event.hasOwnProperty(field)) { + var maxLength = this.fieldsToTrim[field]; + var value = event[field]; + if (value && value.length > maxLength) { + event[field] = value.substr(0, maxLength); + } + } + } + return event; +}; + +/** + * Handles ApiCall and ApiCallAttempt events. + * @param {Object} event apiCall or apiCallAttempt event. + * @api private + */ +Publisher.prototype.eventHandler = function(event) { + // set the clientId + event.ClientId = this.clientId; + + this.trimFields(event); + + var message = stringToBuffer(JSON.stringify(event)); + if (!this.enabled || message.length > MAX_MESSAGE_SIZE) { + // drop the message if publisher not enabled or it is too large + return; + } + + this.publishDatagram(message); +}; + +/** + * Publishes message to an agent. + * @param {Buffer} message JSON message to send to agent. + * @api private + */ +Publisher.prototype.publishDatagram = function(message) { + var self = this; + var client = this.getClient(); + + this.messagesInFlight++; + this.client.send(message, 0, message.length, this.port, this.address, function(err, bytes) { + if (--self.messagesInFlight <= 0) { + // destroy existing client so the event loop isn't kept open + self.destroyClient(); + } + }); +}; + +/** + * Returns an existing udp socket, or creates one if it doesn't already exist. + * @api private + */ +Publisher.prototype.getClient = function() { + if (!this.client) { + this.client = dgram.createSocket('udp4'); + } + return this.client; +}; + +/** + * Destroys the udp socket. + * @api private + */ +Publisher.prototype.destroyClient = function() { + if (this.client) { + this.client.close(); + this.client = void 0; + } +}; + +module.exports = { + Publisher: Publisher +}; + + +/***/ }), + +/***/ 5792: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var util = __nccwpck_require4_(3956); + +function QueryParamSerializer() { +} + +QueryParamSerializer.prototype.serialize = function(params, shape, fn) { + serializeStructure('', params, shape, fn); +}; + +function ucfirst(shape) { + if (shape.isQueryName || shape.api.protocol !== 'ec2') { + return shape.name; + } else { + return shape.name[0].toUpperCase() + shape.name.substr(1); + } +} + +function serializeStructure(prefix, struct, rules, fn) { + util.each(rules.members, function(name, member) { + var value = struct[name]; + if (value === null || value === undefined) return; + + var memberName = ucfirst(member); + memberName = prefix ? prefix + '.' + memberName : memberName; + serializeMember(memberName, value, member, fn); + }); +} + +function serializeMap(name, map, rules, fn) { + var i = 1; + util.each(map, function (key, value) { + var prefix = rules.flattened ? '.' : '.entry.'; + var position = prefix + (i++) + '.'; + var keyName = position + (rules.key.name || 'key'); + var valueName = position + (rules.value.name || 'value'); + serializeMember(name + keyName, key, rules.key, fn); + serializeMember(name + valueName, value, rules.value, fn); + }); +} + +function serializeList(name, list, rules, fn) { + var memberRules = rules.member || {}; + + if (list.length === 0) { + fn.call(this, name, null); + return; + } + + util.arrayEach(list, function (v, n) { + var suffix = '.' + (n + 1); + if (rules.api.protocol === 'ec2') { + // Do nothing for EC2 + suffix = suffix + ''; // make linter happy + } else if (rules.flattened) { + if (memberRules.name) { + var parts = name.split('.'); + parts.pop(); + parts.push(ucfirst(memberRules)); + name = parts.join('.'); + } + } else { + suffix = '.' + (memberRules.name ? memberRules.name : 'member') + suffix; + } + serializeMember(name + suffix, v, memberRules, fn); + }); +} + +function serializeMember(name, value, rules, fn) { + if (value === null || value === undefined) return; + if (rules.type === 'structure') { + serializeStructure(name, value, rules, fn); + } else if (rules.type === 'list') { + serializeList(name, value, rules, fn); + } else if (rules.type === 'map') { + serializeMap(name, value, rules, fn); + } else { + fn(name, rules.toWireFormat(value).toString()); + } +} + +/** + * @api private + */ +module.exports = QueryParamSerializer; + + +/***/ }), + +/***/ 8734: +/***/ ((module) => { + +module.exports = { + //provide realtime clock for performance measurement + now: function now() { + var second = process.hrtime(); + return second[0] * 1000 + (second[1] / 1000000); + } +}; + + +/***/ }), + +/***/ 8099: +/***/ ((module) => { + +function isFipsRegion(region) { + return typeof region === 'string' && (region.startsWith('fips-') || region.endsWith('-fips')); +} + +function isGlobalRegion(region) { + return typeof region === 'string' && ['aws-global', 'aws-us-gov-global'].includes(region); +} + +function getRealRegion(region) { + return ['fips-aws-global', 'aws-fips', 'aws-global'].includes(region) + ? 'us-east-1' + : ['fips-aws-us-gov-global', 'aws-us-gov-global'].includes(region) + ? 'us-gov-west-1' + : region.replace(/fips-(dkr-|prod-)?|-fips/, ''); +} + +module.exports = { + isFipsRegion: isFipsRegion, + isGlobalRegion: isGlobalRegion, + getRealRegion: getRealRegion +}; + + +/***/ }), + +/***/ 3698: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var util = __nccwpck_require4_(3956); +var regionConfig = __nccwpck_require4_(738); + +function generateRegionPrefix(region) { + if (!region) return null; + var parts = region.split('-'); + if (parts.length < 3) return null; + return parts.slice(0, parts.length - 2).join('-') + '-*'; +} + +function derivedKeys(service) { + var region = service.config.region; + var regionPrefix = generateRegionPrefix(region); + var endpointPrefix = service.api.endpointPrefix; + + return [ + [region, endpointPrefix], + [regionPrefix, endpointPrefix], + [region, '*'], + [regionPrefix, '*'], + ['*', endpointPrefix], + ['*', '*'] + ].map(function(item) { + return item[0] && item[1] ? item.join('/') : null; + }); +} + +function applyConfig(service, config) { + util.each(config, function(key, value) { + if (key === 'globalEndpoint') return; + if (service.config[key] === undefined || service.config[key] === null) { + service.config[key] = value; + } + }); +} + +function configureEndpoint(service) { + var keys = derivedKeys(service); + var useFipsEndpoint = service.config.useFipsEndpoint; + var useDualstackEndpoint = service.config.useDualstackEndpoint; + for (var i = 0; i < keys.length; i++) { + var key = keys[i]; + if (!key) continue; + + var rules = useFipsEndpoint + ? useDualstackEndpoint + ? regionConfig.dualstackFipsRules + : regionConfig.fipsRules + : useDualstackEndpoint + ? regionConfig.dualstackRules + : regionConfig.rules; + + if (Object.prototype.hasOwnProperty.call(rules, key)) { + var config = rules[key]; + if (typeof config === 'string') { + config = regionConfig.patterns[config]; + } + + // set global endpoint + service.isGlobalEndpoint = !!config.globalEndpoint; + if (config.signingRegion) { + service.signingRegion = config.signingRegion; + } + + // signature version + if (!config.signatureVersion) config.signatureVersion = 'v4'; + + // merge config + applyConfig(service, config); + return; + } + } +} + +function getEndpointSuffix(region) { + var regionRegexes = { + '^(us|eu|ap|sa|ca|me)\\-\\w+\\-\\d+$': 'amazonaws.com', + '^cn\\-\\w+\\-\\d+$': 'amazonaws.com.cn', + '^us\\-gov\\-\\w+\\-\\d+$': 'amazonaws.com', + '^us\\-iso\\-\\w+\\-\\d+$': 'c2s.ic.gov', + '^us\\-isob\\-\\w+\\-\\d+$': 'sc2s.sgov.gov' + }; + var defaultSuffix = 'amazonaws.com'; + var regexes = Object.keys(regionRegexes); + for (var i = 0; i < regexes.length; i++) { + var regionPattern = RegExp(regexes[i]); + var dnsSuffix = regionRegexes[regexes[i]]; + if (regionPattern.test(region)) return dnsSuffix; + } + return defaultSuffix; +} + +/** + * @api private + */ +module.exports = { + configureEndpoint: configureEndpoint, + getEndpointSuffix: getEndpointSuffix, +}; + + +/***/ }), + +/***/ 9265: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var AcceptorStateMachine = __nccwpck_require4_(8093); +var inherit = AWS.util.inherit; +var domain = AWS.util.domain; +var jmespath = __nccwpck_require4_(3178); + +/** + * @api private + */ +var hardErrorStates = {success: 1, error: 1, complete: 1}; + +function isTerminalState(machine) { + return Object.prototype.hasOwnProperty.call(hardErrorStates, machine._asm.currentState); +} + +var fsm = new AcceptorStateMachine(); +fsm.setupStates = function() { + var transition = function(_, done) { + var self = this; + self._haltHandlersOnError = false; + + self.emit(self._asm.currentState, function(err) { + if (err) { + if (isTerminalState(self)) { + if (domain && self.domain instanceof domain.Domain) { + err.domainEmitter = self; + err.domain = self.domain; + err.domainThrown = false; + self.domain.emit('error', err); + } else { + throw err; + } + } else { + self.response.error = err; + done(err); + } + } else { + done(self.response.error); + } + }); + + }; + + this.addState('validate', 'build', 'error', transition); + this.addState('build', 'afterBuild', 'restart', transition); + this.addState('afterBuild', 'sign', 'restart', transition); + this.addState('sign', 'send', 'retry', transition); + this.addState('retry', 'afterRetry', 'afterRetry', transition); + this.addState('afterRetry', 'sign', 'error', transition); + this.addState('send', 'validateResponse', 'retry', transition); + this.addState('validateResponse', 'extractData', 'extractError', transition); + this.addState('extractError', 'extractData', 'retry', transition); + this.addState('extractData', 'success', 'retry', transition); + this.addState('restart', 'build', 'error', transition); + this.addState('success', 'complete', 'complete', transition); + this.addState('error', 'complete', 'complete', transition); + this.addState('complete', null, null, transition); +}; +fsm.setupStates(); + +/** + * ## Asynchronous Requests + * + * All requests made through the SDK are asynchronous and use a + * callback interface. Each service method that kicks off a request + * returns an `AWS.Request` object that you can use to register + * callbacks. + * + * For example, the following service method returns the request + * object as "request", which can be used to register callbacks: + * + * ```javascript + * // request is an AWS.Request object + * var request = ec2.describeInstances(); + * + * // register callbacks on request to retrieve response data + * request.on('success', function(response) { + * console.log(response.data); + * }); + * ``` + * + * When a request is ready to be sent, the {send} method should + * be called: + * + * ```javascript + * request.send(); + * ``` + * + * Since registered callbacks may or may not be idempotent, requests should only + * be sent once. To perform the same operation multiple times, you will need to + * create multiple request objects, each with its own registered callbacks. + * + * ## Removing Default Listeners for Events + * + * Request objects are built with default listeners for the various events, + * depending on the service type. In some cases, you may want to remove + * some built-in listeners to customize behaviour. Doing this requires + * access to the built-in listener functions, which are exposed through + * the {AWS.EventListeners.Core} namespace. For instance, you may + * want to customize the HTTP handler used when sending a request. In this + * case, you can remove the built-in listener associated with the 'send' + * event, the {AWS.EventListeners.Core.SEND} listener and add your own. + * + * ## Multiple Callbacks and Chaining + * + * You can register multiple callbacks on any request object. The + * callbacks can be registered for different events, or all for the + * same event. In addition, you can chain callback registration, for + * example: + * + * ```javascript + * request. + * on('success', function(response) { + * console.log("Success!"); + * }). + * on('error', function(error, response) { + * console.log("Error!"); + * }). + * on('complete', function(response) { + * console.log("Always!"); + * }). + * send(); + * ``` + * + * The above example will print either "Success! Always!", or "Error! Always!", + * depending on whether the request succeeded or not. + * + * @!attribute httpRequest + * @readonly + * @!group HTTP Properties + * @return [AWS.HttpRequest] the raw HTTP request object + * containing request headers and body information + * sent by the service. + * + * @!attribute startTime + * @readonly + * @!group Operation Properties + * @return [Date] the time that the request started + * + * @!group Request Building Events + * + * @!event validate(request) + * Triggered when a request is being validated. Listeners + * should throw an error if the request should not be sent. + * @param request [Request] the request object being sent + * @see AWS.EventListeners.Core.VALIDATE_CREDENTIALS + * @see AWS.EventListeners.Core.VALIDATE_REGION + * @example Ensuring that a certain parameter is set before sending a request + * var req = s3.putObject(params); + * req.on('validate', function() { + * if (!req.params.Body.match(/^Hello\s/)) { + * throw new Error('Body must start with "Hello "'); + * } + * }); + * req.send(function(err, data) { ... }); + * + * @!event build(request) + * Triggered when the request payload is being built. Listeners + * should fill the necessary information to send the request + * over HTTP. + * @param (see AWS.Request~validate) + * @example Add a custom HTTP header to a request + * var req = s3.putObject(params); + * req.on('build', function() { + * req.httpRequest.headers['Custom-Header'] = 'value'; + * }); + * req.send(function(err, data) { ... }); + * + * @!event sign(request) + * Triggered when the request is being signed. Listeners should + * add the correct authentication headers and/or adjust the body, + * depending on the authentication mechanism being used. + * @param (see AWS.Request~validate) + * + * @!group Request Sending Events + * + * @!event send(response) + * Triggered when the request is ready to be sent. Listeners + * should call the underlying transport layer to initiate + * the sending of the request. + * @param response [Response] the response object + * @context [Request] the request object that was sent + * @see AWS.EventListeners.Core.SEND + * + * @!event retry(response) + * Triggered when a request failed and might need to be retried or redirected. + * If the response is retryable, the listener should set the + * `response.error.retryable` property to `true`, and optionally set + * `response.error.retryDelay` to the millisecond delay for the next attempt. + * In the case of a redirect, `response.error.redirect` should be set to + * `true` with `retryDelay` set to an optional delay on the next request. + * + * If a listener decides that a request should not be retried, + * it should set both `retryable` and `redirect` to false. + * + * Note that a retryable error will be retried at most + * {AWS.Config.maxRetries} times (based on the service object's config). + * Similarly, a request that is redirected will only redirect at most + * {AWS.Config.maxRedirects} times. + * + * @param (see AWS.Request~send) + * @context (see AWS.Request~send) + * @example Adding a custom retry for a 404 response + * request.on('retry', function(response) { + * // this resource is not yet available, wait 10 seconds to get it again + * if (response.httpResponse.statusCode === 404 && response.error) { + * response.error.retryable = true; // retry this error + * response.error.retryDelay = 10000; // wait 10 seconds + * } + * }); + * + * @!group Data Parsing Events + * + * @!event extractError(response) + * Triggered on all non-2xx requests so that listeners can extract + * error details from the response body. Listeners to this event + * should set the `response.error` property. + * @param (see AWS.Request~send) + * @context (see AWS.Request~send) + * + * @!event extractData(response) + * Triggered in successful requests to allow listeners to + * de-serialize the response body into `response.data`. + * @param (see AWS.Request~send) + * @context (see AWS.Request~send) + * + * @!group Completion Events + * + * @!event success(response) + * Triggered when the request completed successfully. + * `response.data` will contain the response data and + * `response.error` will be null. + * @param (see AWS.Request~send) + * @context (see AWS.Request~send) + * + * @!event error(error, response) + * Triggered when an error occurs at any point during the + * request. `response.error` will contain details about the error + * that occurred. `response.data` will be null. + * @param error [Error] the error object containing details about + * the error that occurred. + * @param (see AWS.Request~send) + * @context (see AWS.Request~send) + * + * @!event complete(response) + * Triggered whenever a request cycle completes. `response.error` + * should be checked, since the request may have failed. + * @param (see AWS.Request~send) + * @context (see AWS.Request~send) + * + * @!group HTTP Events + * + * @!event httpHeaders(statusCode, headers, response, statusMessage) + * Triggered when headers are sent by the remote server + * @param statusCode [Integer] the HTTP response code + * @param headers [map] the response headers + * @param (see AWS.Request~send) + * @param statusMessage [String] A status message corresponding to the HTTP + * response code + * @context (see AWS.Request~send) + * + * @!event httpData(chunk, response) + * Triggered when data is sent by the remote server + * @param chunk [Buffer] the buffer data containing the next data chunk + * from the server + * @param (see AWS.Request~send) + * @context (see AWS.Request~send) + * @see AWS.EventListeners.Core.HTTP_DATA + * + * @!event httpUploadProgress(progress, response) + * Triggered when the HTTP request has uploaded more data + * @param progress [map] An object containing the `loaded` and `total` bytes + * of the request. + * @param (see AWS.Request~send) + * @context (see AWS.Request~send) + * @note This event will not be emitted in Node.js 0.8.x. + * + * @!event httpDownloadProgress(progress, response) + * Triggered when the HTTP request has downloaded more data + * @param progress [map] An object containing the `loaded` and `total` bytes + * of the request. + * @param (see AWS.Request~send) + * @context (see AWS.Request~send) + * @note This event will not be emitted in Node.js 0.8.x. + * + * @!event httpError(error, response) + * Triggered when the HTTP request failed + * @param error [Error] the error object that was thrown + * @param (see AWS.Request~send) + * @context (see AWS.Request~send) + * + * @!event httpDone(response) + * Triggered when the server is finished sending data + * @param (see AWS.Request~send) + * @context (see AWS.Request~send) + * + * @see AWS.Response + */ +AWS.Request = inherit({ + + /** + * Creates a request for an operation on a given service with + * a set of input parameters. + * + * @param service [AWS.Service] the service to perform the operation on + * @param operation [String] the operation to perform on the service + * @param params [Object] parameters to send to the operation. + * See the operation's documentation for the format of the + * parameters. + */ + constructor: function Request(service, operation, params) { + var endpoint = service.endpoint; + var region = service.config.region; + var customUserAgent = service.config.customUserAgent; + + if (service.signingRegion) { + region = service.signingRegion; + } else if (service.isGlobalEndpoint) { + region = 'us-east-1'; + } + + this.domain = domain && domain.active; + this.service = service; + this.operation = operation; + this.params = params || {}; + this.httpRequest = new AWS.HttpRequest(endpoint, region); + this.httpRequest.appendToUserAgent(customUserAgent); + this.startTime = service.getSkewCorrectedDate(); + + this.response = new AWS.Response(this); + this._asm = new AcceptorStateMachine(fsm.states, 'validate'); + this._haltHandlersOnError = false; + + AWS.SequentialExecutor.call(this); + this.emit = this.emitEvent; + }, + + /** + * @!group Sending a Request + */ + + /** + * @overload send(callback = null) + * Sends the request object. + * + * @callback callback function(err, data) + * If a callback is supplied, it is called when a response is returned + * from the service. + * @context [AWS.Request] the request object being sent. + * @param err [Error] the error object returned from the request. + * Set to `null` if the request is successful. + * @param data [Object] the de-serialized data returned from + * the request. Set to `null` if a request error occurs. + * @example Sending a request with a callback + * request = s3.putObject({Bucket: 'bucket', Key: 'key'}); + * request.send(function(err, data) { console.log(err, data); }); + * @example Sending a request with no callback (using event handlers) + * request = s3.putObject({Bucket: 'bucket', Key: 'key'}); + * request.on('complete', function(response) { ... }); // register a callback + * request.send(); + */ + send: function send(callback) { + if (callback) { + // append to user agent + this.httpRequest.appendToUserAgent('callback'); + this.on('complete', function (resp) { + callback.call(resp, resp.error, resp.data); + }); + } + this.runTo(); + + return this.response; + }, + + /** + * @!method promise() + * Sends the request and returns a 'thenable' promise. + * + * Two callbacks can be provided to the `then` method on the returned promise. + * The first callback will be called if the promise is fulfilled, and the second + * callback will be called if the promise is rejected. + * @callback fulfilledCallback function(data) + * Called if the promise is fulfilled. + * @param data [Object] the de-serialized data returned from the request. + * @callback rejectedCallback function(error) + * Called if the promise is rejected. + * @param error [Error] the error object returned from the request. + * @return [Promise] A promise that represents the state of the request. + * @example Sending a request using promises. + * var request = s3.putObject({Bucket: 'bucket', Key: 'key'}); + * var result = request.promise(); + * result.then(function(data) { ... }, function(error) { ... }); + */ + + /** + * @api private + */ + build: function build(callback) { + return this.runTo('send', callback); + }, + + /** + * @api private + */ + runTo: function runTo(state, done) { + this._asm.runTo(state, done, this); + return this; + }, + + /** + * Aborts a request, emitting the error and complete events. + * + * @!macro nobrowser + * @example Aborting a request after sending + * var params = { + * Bucket: 'bucket', Key: 'key', + * Body: Buffer.alloc(1024 * 1024 * 5) // 5MB payload + * }; + * var request = s3.putObject(params); + * request.send(function (err, data) { + * if (err) console.log("Error:", err.code, err.message); + * else console.log(data); + * }); + * + * // abort request in 1 second + * setTimeout(request.abort.bind(request), 1000); + * + * // prints "Error: RequestAbortedError Request aborted by user" + * @return [AWS.Request] the same request object, for chaining. + * @since v1.4.0 + */ + abort: function abort() { + this.removeAllListeners('validateResponse'); + this.removeAllListeners('extractError'); + this.on('validateResponse', function addAbortedError(resp) { + resp.error = AWS.util.error(new Error('Request aborted by user'), { + code: 'RequestAbortedError', retryable: false + }); + }); + + if (this.httpRequest.stream && !this.httpRequest.stream.didCallback) { // abort HTTP stream + this.httpRequest.stream.abort(); + if (this.httpRequest._abortCallback) { + this.httpRequest._abortCallback(); + } else { + this.removeAllListeners('send'); // haven't sent yet, so let's not + } + } + + return this; + }, + + /** + * Iterates over each page of results given a pageable request, calling + * the provided callback with each page of data. After all pages have been + * retrieved, the callback is called with `null` data. + * + * @note This operation can generate multiple requests to a service. + * @example Iterating over multiple pages of objects in an S3 bucket + * var pages = 1; + * s3.listObjects().eachPage(function(err, data) { + * if (err) return; + * console.log("Page", pages++); + * console.log(data); + * }); + * @example Iterating over multiple pages with an asynchronous callback + * s3.listObjects(params).eachPage(function(err, data, done) { + * doSomethingAsyncAndOrExpensive(function() { + * // The next page of results isn't fetched until done is called + * done(); + * }); + * }); + * @callback callback function(err, data, [doneCallback]) + * Called with each page of resulting data from the request. If the + * optional `doneCallback` is provided in the function, it must be called + * when the callback is complete. + * + * @param err [Error] an error object, if an error occurred. + * @param data [Object] a single page of response data. If there is no + * more data, this object will be `null`. + * @param doneCallback [Function] an optional done callback. If this + * argument is defined in the function declaration, it should be called + * when the next page is ready to be retrieved. This is useful for + * controlling serial pagination across asynchronous operations. + * @return [Boolean] if the callback returns `false`, pagination will + * stop. + * + * @see AWS.Request.eachItem + * @see AWS.Response.nextPage + * @since v1.4.0 + */ + eachPage: function eachPage(callback) { + // Make all callbacks async-ish + callback = AWS.util.fn.makeAsync(callback, 3); + + function wrappedCallback(response) { + callback.call(response, response.error, response.data, function (result) { + if (result === false) return; + + if (response.hasNextPage()) { + response.nextPage().on('complete', wrappedCallback).send(); + } else { + callback.call(response, null, null, AWS.util.fn.noop); + } + }); + } + + this.on('complete', wrappedCallback).send(); + }, + + /** + * Enumerates over individual items of a request, paging the responses if + * necessary. + * + * @api experimental + * @since v1.4.0 + */ + eachItem: function eachItem(callback) { + var self = this; + function wrappedCallback(err, data) { + if (err) return callback(err, null); + if (data === null) return callback(null, null); + + var config = self.service.paginationConfig(self.operation); + var resultKey = config.resultKey; + if (Array.isArray(resultKey)) resultKey = resultKey[0]; + var items = jmespath.search(data, resultKey); + var continueIteration = true; + AWS.util.arrayEach(items, function(item) { + continueIteration = callback(null, item); + if (continueIteration === false) { + return AWS.util.abort; + } + }); + return continueIteration; + } + + this.eachPage(wrappedCallback); + }, + + /** + * @return [Boolean] whether the operation can return multiple pages of + * response data. + * @see AWS.Response.eachPage + * @since v1.4.0 + */ + isPageable: function isPageable() { + return this.service.paginationConfig(this.operation) ? true : false; + }, + + /** + * Sends the request and converts the request object into a readable stream + * that can be read from or piped into a writable stream. + * + * @note The data read from a readable stream contains only + * the raw HTTP body contents. + * @example Manually reading from a stream + * request.createReadStream().on('data', function(data) { + * console.log("Got data:", data.toString()); + * }); + * @example Piping a request body into a file + * var out = fs.createWriteStream('/path/to/outfile.jpg'); + * s3.service.getObject(params).createReadStream().pipe(out); + * @return [Stream] the readable stream object that can be piped + * or read from (by registering 'data' event listeners). + * @!macro nobrowser + */ + createReadStream: function createReadStream() { + var streams = AWS.util.stream; + var req = this; + var stream = null; + + if (AWS.HttpClient.streamsApiVersion === 2) { + stream = new streams.PassThrough(); + process.nextTick(function() { req.send(); }); + } else { + stream = new streams.Stream(); + stream.readable = true; + + stream.sent = false; + stream.on('newListener', function(event) { + if (!stream.sent && event === 'data') { + stream.sent = true; + process.nextTick(function() { req.send(); }); + } + }); + } + + this.on('error', function(err) { + stream.emit('error', err); + }); + + this.on('httpHeaders', function streamHeaders(statusCode, headers, resp) { + if (statusCode < 300) { + req.removeListener('httpData', AWS.EventListeners.Core.HTTP_DATA); + req.removeListener('httpError', AWS.EventListeners.Core.HTTP_ERROR); + req.on('httpError', function streamHttpError(error) { + resp.error = error; + resp.error.retryable = false; + }); + + var shouldCheckContentLength = false; + var expectedLen; + if (req.httpRequest.method !== 'HEAD') { + expectedLen = parseInt(headers['content-length'], 10); + } + if (expectedLen !== undefined && !isNaN(expectedLen) && expectedLen >= 0) { + shouldCheckContentLength = true; + var receivedLen = 0; + } + + var checkContentLengthAndEmit = function checkContentLengthAndEmit() { + if (shouldCheckContentLength && receivedLen !== expectedLen) { + stream.emit('error', AWS.util.error( + new Error('Stream content length mismatch. Received ' + + receivedLen + ' of ' + expectedLen + ' bytes.'), + { code: 'StreamContentLengthMismatch' } + )); + } else if (AWS.HttpClient.streamsApiVersion === 2) { + stream.end(); + } else { + stream.emit('end'); + } + }; + + var httpStream = resp.httpResponse.createUnbufferedStream(); + + if (AWS.HttpClient.streamsApiVersion === 2) { + if (shouldCheckContentLength) { + var lengthAccumulator = new streams.PassThrough(); + lengthAccumulator._write = function(chunk) { + if (chunk && chunk.length) { + receivedLen += chunk.length; + } + return streams.PassThrough.prototype._write.apply(this, arguments); + }; + + lengthAccumulator.on('end', checkContentLengthAndEmit); + stream.on('error', function(err) { + shouldCheckContentLength = false; + httpStream.unpipe(lengthAccumulator); + lengthAccumulator.emit('end'); + lengthAccumulator.end(); + }); + httpStream.pipe(lengthAccumulator).pipe(stream, { end: false }); + } else { + httpStream.pipe(stream); + } + } else { + + if (shouldCheckContentLength) { + httpStream.on('data', function(arg) { + if (arg && arg.length) { + receivedLen += arg.length; + } + }); + } + + httpStream.on('data', function(arg) { + stream.emit('data', arg); + }); + httpStream.on('end', checkContentLengthAndEmit); + } + + httpStream.on('error', function(err) { + shouldCheckContentLength = false; + stream.emit('error', err); + }); + } + }); + + return stream; + }, + + /** + * @param [Array,Response] args This should be the response object, + * or an array of args to send to the event. + * @api private + */ + emitEvent: function emit(eventName, args, done) { + if (typeof args === 'function') { done = args; args = null; } + if (!done) done = function() { }; + if (!args) args = this.eventParameters(eventName, this.response); + + var origEmit = AWS.SequentialExecutor.prototype.emit; + origEmit.call(this, eventName, args, function (err) { + if (err) this.response.error = err; + done.call(this, err); + }); + }, + + /** + * @api private + */ + eventParameters: function eventParameters(eventName) { + switch (eventName) { + case 'restart': + case 'validate': + case 'sign': + case 'build': + case 'afterValidate': + case 'afterBuild': + return [this]; + case 'error': + return [this.response.error, this.response]; + default: + return [this.response]; + } + }, + + /** + * @api private + */ + presign: function presign(expires, callback) { + if (!callback && typeof expires === 'function') { + callback = expires; + expires = null; + } + return new AWS.Signers.Presign().sign(this.toGet(), expires, callback); + }, + + /** + * @api private + */ + isPresigned: function isPresigned() { + return Object.prototype.hasOwnProperty.call(this.httpRequest.headers, 'presigned-expires'); + }, + + /** + * @api private + */ + toUnauthenticated: function toUnauthenticated() { + this._unAuthenticated = true; + this.removeListener('validate', AWS.EventListeners.Core.VALIDATE_CREDENTIALS); + this.removeListener('sign', AWS.EventListeners.Core.SIGN); + return this; + }, + + /** + * @api private + */ + toGet: function toGet() { + if (this.service.api.protocol === 'query' || + this.service.api.protocol === 'ec2') { + this.removeListener('build', this.buildAsGet); + this.addListener('build', this.buildAsGet); + } + return this; + }, + + /** + * @api private + */ + buildAsGet: function buildAsGet(request) { + request.httpRequest.method = 'GET'; + request.httpRequest.path = request.service.endpoint.path + + '?' + request.httpRequest.body; + request.httpRequest.body = ''; + + // don't need these headers on a GET request + delete request.httpRequest.headers['Content-Length']; + delete request.httpRequest.headers['Content-Type']; + }, + + /** + * @api private + */ + haltHandlersOnError: function haltHandlersOnError() { + this._haltHandlersOnError = true; + } +}); + +/** + * @api private + */ +AWS.Request.addPromisesToClass = function addPromisesToClass(PromiseDependency) { + this.prototype.promise = function promise() { + var self = this; + // append to user agent + this.httpRequest.appendToUserAgent('promise'); + return new PromiseDependency(function(resolve, reject) { + self.on('complete', function(resp) { + if (resp.error) { + reject(resp.error); + } else { + // define $response property so that it is not enumerable + // this prevents circular reference errors when stringifying the JSON object + resolve(Object.defineProperty( + resp.data || {}, + '$response', + {value: resp} + )); + } + }); + self.runTo(); + }); + }; +}; + +/** + * @api private + */ +AWS.Request.deletePromisesFromClass = function deletePromisesFromClass() { + delete this.prototype.promise; +}; + +AWS.util.addPromises(AWS.Request); + +AWS.util.mixin(AWS.Request, AWS.SequentialExecutor); + + +/***/ }), + +/***/ 8265: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +/** + * Copyright 2012-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"). You + * may not use this file except in compliance with the License. A copy of + * the License is located at + * + * http://aws.amazon.com/apache2.0/ + * + * or in the "license" file accompanying this file. This file is + * distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF + * ANY KIND, either express or implied. See the License for the specific + * language governing permissions and limitations under the License. + */ + +var AWS = __nccwpck_require4_(4741); +var inherit = AWS.util.inherit; +var jmespath = __nccwpck_require4_(3178); + +/** + * @api private + */ +function CHECK_ACCEPTORS(resp) { + var waiter = resp.request._waiter; + var acceptors = waiter.config.acceptors; + var acceptorMatched = false; + var state = 'retry'; + + acceptors.forEach(function(acceptor) { + if (!acceptorMatched) { + var matcher = waiter.matchers[acceptor.matcher]; + if (matcher && matcher(resp, acceptor.expected, acceptor.argument)) { + acceptorMatched = true; + state = acceptor.state; + } + } + }); + + if (!acceptorMatched && resp.error) state = 'failure'; + + if (state === 'success') { + waiter.setSuccess(resp); + } else { + waiter.setError(resp, state === 'retry'); + } +} + +/** + * @api private + */ +AWS.ResourceWaiter = inherit({ + /** + * Waits for a given state on a service object + * @param service [Service] the service object to wait on + * @param state [String] the state (defined in waiter configuration) to wait + * for. + * @example Create a waiter for running EC2 instances + * var ec2 = new AWS.EC2; + * var waiter = new AWS.ResourceWaiter(ec2, 'instanceRunning'); + */ + constructor: function constructor(service, state) { + this.service = service; + this.state = state; + this.loadWaiterConfig(this.state); + }, + + service: null, + + state: null, + + config: null, + + matchers: { + path: function(resp, expected, argument) { + try { + var result = jmespath.search(resp.data, argument); + } catch (err) { + return false; + } + + return jmespath.strictDeepEqual(result,expected); + }, + + pathAll: function(resp, expected, argument) { + try { + var results = jmespath.search(resp.data, argument); + } catch (err) { + return false; + } + + if (!Array.isArray(results)) results = [results]; + var numResults = results.length; + if (!numResults) return false; + for (var ind = 0 ; ind < numResults; ind++) { + if (!jmespath.strictDeepEqual(results[ind], expected)) { + return false; + } + } + return true; + }, + + pathAny: function(resp, expected, argument) { + try { + var results = jmespath.search(resp.data, argument); + } catch (err) { + return false; + } + + if (!Array.isArray(results)) results = [results]; + var numResults = results.length; + for (var ind = 0 ; ind < numResults; ind++) { + if (jmespath.strictDeepEqual(results[ind], expected)) { + return true; + } + } + return false; + }, + + status: function(resp, expected) { + var statusCode = resp.httpResponse.statusCode; + return (typeof statusCode === 'number') && (statusCode === expected); + }, + + error: function(resp, expected) { + if (typeof expected === 'string' && resp.error) { + return expected === resp.error.code; + } + // if expected is not string, can be boolean indicating presence of error + return expected === !!resp.error; + } + }, + + listeners: new AWS.SequentialExecutor().addNamedListeners(function(add) { + add('RETRY_CHECK', 'retry', function(resp) { + var waiter = resp.request._waiter; + if (resp.error && resp.error.code === 'ResourceNotReady') { + resp.error.retryDelay = (waiter.config.delay || 0) * 1000; + } + }); + + add('CHECK_OUTPUT', 'extractData', CHECK_ACCEPTORS); + + add('CHECK_ERROR', 'extractError', CHECK_ACCEPTORS); + }), + + /** + * @return [AWS.Request] + */ + wait: function wait(params, callback) { + if (typeof params === 'function') { + callback = params; params = undefined; + } + + if (params && params.$waiter) { + params = AWS.util.copy(params); + if (typeof params.$waiter.delay === 'number') { + this.config.delay = params.$waiter.delay; + } + if (typeof params.$waiter.maxAttempts === 'number') { + this.config.maxAttempts = params.$waiter.maxAttempts; + } + delete params.$waiter; + } + + var request = this.service.makeRequest(this.config.operation, params); + request._waiter = this; + request.response.maxRetries = this.config.maxAttempts; + request.addListeners(this.listeners); + + if (callback) request.send(callback); + return request; + }, + + setSuccess: function setSuccess(resp) { + resp.error = null; + resp.data = resp.data || {}; + resp.request.removeAllListeners('extractData'); + }, + + setError: function setError(resp, retryable) { + resp.data = null; + resp.error = AWS.util.error(resp.error || new Error(), { + code: 'ResourceNotReady', + message: 'Resource is not in the state ' + this.state, + retryable: retryable + }); + }, + + /** + * Loads waiter configuration from API configuration + * + * @api private + */ + loadWaiterConfig: function loadWaiterConfig(state) { + if (!this.service.api.waiters[state]) { + throw new AWS.util.error(new Error(), { + code: 'StateNotFoundError', + message: 'State ' + state + ' not found.' + }); + } + + this.config = AWS.util.copy(this.service.api.waiters[state]); + } +}); + + +/***/ }), + +/***/ 6275: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var inherit = AWS.util.inherit; +var jmespath = __nccwpck_require4_(3178); + +/** + * This class encapsulates the response information + * from a service request operation sent through {AWS.Request}. + * The response object has two main properties for getting information + * back from a request: + * + * ## The `data` property + * + * The `response.data` property contains the serialized object data + * retrieved from the service request. For instance, for an + * Amazon DynamoDB `listTables` method call, the response data might + * look like: + * + * ``` + * > resp.data + * { TableNames: + * [ 'table1', 'table2', ... ] } + * ``` + * + * The `data` property can be null if an error occurs (see below). + * + * ## The `error` property + * + * In the event of a service error (or transfer error), the + * `response.error` property will be filled with the given + * error data in the form: + * + * ``` + * { code: 'SHORT_UNIQUE_ERROR_CODE', + * message: 'Some human readable error message' } + * ``` + * + * In the case of an error, the `data` property will be `null`. + * Note that if you handle events that can be in a failure state, + * you should always check whether `response.error` is set + * before attempting to access the `response.data` property. + * + * @!attribute data + * @readonly + * @!group Data Properties + * @note Inside of a {AWS.Request~httpData} event, this + * property contains a single raw packet instead of the + * full de-serialized service response. + * @return [Object] the de-serialized response data + * from the service. + * + * @!attribute error + * An structure containing information about a service + * or networking error. + * @readonly + * @!group Data Properties + * @note This attribute is only filled if a service or + * networking error occurs. + * @return [Error] + * * code [String] a unique short code representing the + * error that was emitted. + * * message [String] a longer human readable error message + * * retryable [Boolean] whether the error message is + * retryable. + * * statusCode [Numeric] in the case of a request that reached the service, + * this value contains the response status code. + * * time [Date] the date time object when the error occurred. + * * hostname [String] set when a networking error occurs to easily + * identify the endpoint of the request. + * * region [String] set when a networking error occurs to easily + * identify the region of the request. + * + * @!attribute requestId + * @readonly + * @!group Data Properties + * @return [String] the unique request ID associated with the response. + * Log this value when debugging requests for AWS support. + * + * @!attribute retryCount + * @readonly + * @!group Operation Properties + * @return [Integer] the number of retries that were + * attempted before the request was completed. + * + * @!attribute redirectCount + * @readonly + * @!group Operation Properties + * @return [Integer] the number of redirects that were + * followed before the request was completed. + * + * @!attribute httpResponse + * @readonly + * @!group HTTP Properties + * @return [AWS.HttpResponse] the raw HTTP response object + * containing the response headers and body information + * from the server. + * + * @see AWS.Request + */ +AWS.Response = inherit({ + + /** + * @api private + */ + constructor: function Response(request) { + this.request = request; + this.data = null; + this.error = null; + this.retryCount = 0; + this.redirectCount = 0; + this.httpResponse = new AWS.HttpResponse(); + if (request) { + this.maxRetries = request.service.numRetries(); + this.maxRedirects = request.service.config.maxRedirects; + } + }, + + /** + * Creates a new request for the next page of response data, calling the + * callback with the page data if a callback is provided. + * + * @callback callback function(err, data) + * Called when a page of data is returned from the next request. + * + * @param err [Error] an error object, if an error occurred in the request + * @param data [Object] the next page of data, or null, if there are no + * more pages left. + * @return [AWS.Request] the request object for the next page of data + * @return [null] if no callback is provided and there are no pages left + * to retrieve. + * @since v1.4.0 + */ + nextPage: function nextPage(callback) { + var config; + var service = this.request.service; + var operation = this.request.operation; + try { + config = service.paginationConfig(operation, true); + } catch (e) { this.error = e; } + + if (!this.hasNextPage()) { + if (callback) callback(this.error, null); + else if (this.error) throw this.error; + return null; + } + + var params = AWS.util.copy(this.request.params); + if (!this.nextPageTokens) { + return callback ? callback(null, null) : null; + } else { + var inputTokens = config.inputToken; + if (typeof inputTokens === 'string') inputTokens = [inputTokens]; + for (var i = 0; i < inputTokens.length; i++) { + params[inputTokens[i]] = this.nextPageTokens[i]; + } + return service.makeRequest(this.request.operation, params, callback); + } + }, + + /** + * @return [Boolean] whether more pages of data can be returned by further + * requests + * @since v1.4.0 + */ + hasNextPage: function hasNextPage() { + this.cacheNextPageTokens(); + if (this.nextPageTokens) return true; + if (this.nextPageTokens === undefined) return undefined; + else return false; + }, + + /** + * @api private + */ + cacheNextPageTokens: function cacheNextPageTokens() { + if (Object.prototype.hasOwnProperty.call(this, 'nextPageTokens')) return this.nextPageTokens; + this.nextPageTokens = undefined; + + var config = this.request.service.paginationConfig(this.request.operation); + if (!config) return this.nextPageTokens; + + this.nextPageTokens = null; + if (config.moreResults) { + if (!jmespath.search(this.data, config.moreResults)) { + return this.nextPageTokens; + } + } + + var exprs = config.outputToken; + if (typeof exprs === 'string') exprs = [exprs]; + AWS.util.arrayEach.call(this, exprs, function (expr) { + var output = jmespath.search(this.data, expr); + if (output) { + this.nextPageTokens = this.nextPageTokens || []; + this.nextPageTokens.push(output); + } + }); + + return this.nextPageTokens; + } + +}); + + +/***/ }), + +/***/ 3664: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var byteLength = AWS.util.string.byteLength; +var Buffer = AWS.util.Buffer; + +/** + * The managed uploader allows for easy and efficient uploading of buffers, + * blobs, or streams, using a configurable amount of concurrency to perform + * multipart uploads where possible. This abstraction also enables uploading + * streams of unknown size due to the use of multipart uploads. + * + * To construct a managed upload object, see the {constructor} function. + * + * ## Tracking upload progress + * + * The managed upload object can also track progress by attaching an + * 'httpUploadProgress' listener to the upload manager. This event is similar + * to {AWS.Request~httpUploadProgress} but groups all concurrent upload progress + * into a single event. See {AWS.S3.ManagedUpload~httpUploadProgress} for more + * information. + * + * ## Handling Multipart Cleanup + * + * By default, this class will automatically clean up any multipart uploads + * when an individual part upload fails. This behavior can be disabled in order + * to manually handle failures by setting the `leavePartsOnError` configuration + * option to `true` when initializing the upload object. + * + * @!event httpUploadProgress(progress) + * Triggered when the uploader has uploaded more data. + * @note The `total` property may not be set if the stream being uploaded has + * not yet finished chunking. In this case the `total` will be undefined + * until the total stream size is known. + * @note This event will not be emitted in Node.js 0.8.x. + * @param progress [map] An object containing the `loaded` and `total` bytes + * of the request and the `key` of the S3 object. Note that `total` may be undefined until the payload + * size is known. + * @context (see AWS.Request~send) + */ +AWS.S3.ManagedUpload = AWS.util.inherit({ + /** + * Creates a managed upload object with a set of configuration options. + * + * @note A "Body" parameter is required to be set prior to calling {send}. + * @note In Node.js, sending "Body" as {https://nodejs.org/dist/latest/docs/api/stream.html#stream_object_mode object-mode stream} + * may result in upload hangs. Using buffer stream is preferable. + * @option options params [map] a map of parameters to pass to the upload + * requests. The "Body" parameter is required to be specified either on + * the service or in the params option. + * @note ContentMD5 should not be provided when using the managed upload object. + * Instead, setting "computeChecksums" to true will enable automatic ContentMD5 generation + * by the managed upload object. + * @option options queueSize [Number] (4) the size of the concurrent queue + * manager to upload parts in parallel. Set to 1 for synchronous uploading + * of parts. Note that the uploader will buffer at most queueSize * partSize + * bytes into memory at any given time. + * @option options partSize [Number] (5mb) the size in bytes for each + * individual part to be uploaded. Adjust the part size to ensure the number + * of parts does not exceed {maxTotalParts}. See {minPartSize} for the + * minimum allowed part size. + * @option options leavePartsOnError [Boolean] (false) whether to abort the + * multipart upload if an error occurs. Set to true if you want to handle + * failures manually. + * @option options service [AWS.S3] an optional S3 service object to use for + * requests. This object might have bound parameters used by the uploader. + * @option options tags [Array] The tags to apply to the uploaded object. + * Each tag should have a `Key` and `Value` keys. + * @example Creating a default uploader for a stream object + * var upload = new AWS.S3.ManagedUpload({ + * params: {Bucket: 'bucket', Key: 'key', Body: stream} + * }); + * @example Creating an uploader with concurrency of 1 and partSize of 10mb + * var upload = new AWS.S3.ManagedUpload({ + * partSize: 10 * 1024 * 1024, queueSize: 1, + * params: {Bucket: 'bucket', Key: 'key', Body: stream} + * }); + * @example Creating an uploader with tags + * var upload = new AWS.S3.ManagedUpload({ + * params: {Bucket: 'bucket', Key: 'key', Body: stream}, + * tags: [{Key: 'tag1', Value: 'value1'}, {Key: 'tag2', Value: 'value2'}] + * }); + * @see send + */ + constructor: function ManagedUpload(options) { + var self = this; + AWS.SequentialExecutor.call(self); + self.body = null; + self.sliceFn = null; + self.callback = null; + self.parts = {}; + self.completeInfo = []; + self.fillQueue = function() { + self.callback(new Error('Unsupported body payload ' + typeof self.body)); + }; + + self.configure(options); + }, + + /** + * @api private + */ + configure: function configure(options) { + options = options || {}; + this.partSize = this.minPartSize; + + if (options.queueSize) this.queueSize = options.queueSize; + if (options.partSize) this.partSize = options.partSize; + if (options.leavePartsOnError) this.leavePartsOnError = true; + if (options.tags) { + if (!Array.isArray(options.tags)) { + throw new Error('Tags must be specified as an array; ' + + typeof options.tags + ' provided.'); + } + this.tags = options.tags; + } + + if (this.partSize < this.minPartSize) { + throw new Error('partSize must be greater than ' + + this.minPartSize); + } + + this.service = options.service; + this.bindServiceObject(options.params); + this.validateBody(); + this.adjustTotalBytes(); + }, + + /** + * @api private + */ + leavePartsOnError: false, + + /** + * @api private + */ + queueSize: 4, + + /** + * @api private + */ + partSize: null, + + /** + * @readonly + * @return [Number] the minimum number of bytes for an individual part + * upload. + */ + minPartSize: 1024 * 1024 * 5, + + /** + * @readonly + * @return [Number] the maximum allowed number of parts in a multipart upload. + */ + maxTotalParts: 10000, + + /** + * Initiates the managed upload for the payload. + * + * @callback callback function(err, data) + * @param err [Error] an error or null if no error occurred. + * @param data [map] The response data from the successful upload: + * * `Location` (String) the URL of the uploaded object + * * `ETag` (String) the ETag of the uploaded object + * * `Bucket` (String) the bucket to which the object was uploaded + * * `Key` (String) the key to which the object was uploaded + * @example Sending a managed upload object + * var params = {Bucket: 'bucket', Key: 'key', Body: stream}; + * var upload = new AWS.S3.ManagedUpload({params: params}); + * upload.send(function(err, data) { + * console.log(err, data); + * }); + */ + send: function(callback) { + var self = this; + self.failed = false; + self.callback = callback || function(err) { if (err) throw err; }; + + var runFill = true; + if (self.sliceFn) { + self.fillQueue = self.fillBuffer; + } else if (AWS.util.isNode()) { + var Stream = AWS.util.stream.Stream; + if (self.body instanceof Stream) { + runFill = false; + self.fillQueue = self.fillStream; + self.partBuffers = []; + self.body. + on('error', function(err) { self.cleanup(err); }). + on('readable', function() { self.fillQueue(); }). + on('end', function() { + self.isDoneChunking = true; + self.numParts = self.totalPartNumbers; + self.fillQueue.call(self); + + if (self.isDoneChunking && self.totalPartNumbers >= 1 && self.doneParts === self.numParts) { + self.finishMultiPart(); + } + }); + } + } + + if (runFill) self.fillQueue.call(self); + }, + + /** + * @!method promise() + * Returns a 'thenable' promise. + * + * Two callbacks can be provided to the `then` method on the returned promise. + * The first callback will be called if the promise is fulfilled, and the second + * callback will be called if the promise is rejected. + * @callback fulfilledCallback function(data) + * Called if the promise is fulfilled. + * @param data [map] The response data from the successful upload: + * `Location` (String) the URL of the uploaded object + * `ETag` (String) the ETag of the uploaded object + * `Bucket` (String) the bucket to which the object was uploaded + * `Key` (String) the key to which the object was uploaded + * @callback rejectedCallback function(err) + * Called if the promise is rejected. + * @param err [Error] an error or null if no error occurred. + * @return [Promise] A promise that represents the state of the upload request. + * @example Sending an upload request using promises. + * var upload = s3.upload({Bucket: 'bucket', Key: 'key', Body: stream}); + * var promise = upload.promise(); + * promise.then(function(data) { ... }, function(err) { ... }); + */ + + /** + * Aborts a managed upload, including all concurrent upload requests. + * @note By default, calling this function will cleanup a multipart upload + * if one was created. To leave the multipart upload around after aborting + * a request, configure `leavePartsOnError` to `true` in the {constructor}. + * @note Calling {abort} in the browser environment will not abort any requests + * that are already in flight. If a multipart upload was created, any parts + * not yet uploaded will not be sent, and the multipart upload will be cleaned up. + * @example Aborting an upload + * var params = { + * Bucket: 'bucket', Key: 'key', + * Body: Buffer.alloc(1024 * 1024 * 25) // 25MB payload + * }; + * var upload = s3.upload(params); + * upload.send(function (err, data) { + * if (err) console.log("Error:", err.code, err.message); + * else console.log(data); + * }); + * + * // abort request in 1 second + * setTimeout(upload.abort.bind(upload), 1000); + */ + abort: function() { + var self = this; + //abort putObject request + if (self.isDoneChunking === true && self.totalPartNumbers === 1 && self.singlePart) { + self.singlePart.abort(); + } else { + self.cleanup(AWS.util.error(new Error('Request aborted by user'), { + code: 'RequestAbortedError', retryable: false + })); + } + }, + + /** + * @api private + */ + validateBody: function validateBody() { + var self = this; + self.body = self.service.config.params.Body; + if (typeof self.body === 'string') { + self.body = AWS.util.buffer.toBuffer(self.body); + } else if (!self.body) { + throw new Error('params.Body is required'); + } + self.sliceFn = AWS.util.arraySliceFn(self.body); + }, + + /** + * @api private + */ + bindServiceObject: function bindServiceObject(params) { + params = params || {}; + var self = this; + // bind parameters to new service object + if (!self.service) { + self.service = new AWS.S3({params: params}); + } else { + // Create a new S3 client from the supplied client's constructor. + var service = self.service; + var config = AWS.util.copy(service.config); + config.signatureVersion = service.getSignatureVersion(); + self.service = new service.constructor.__super__(config); + self.service.config.params = + AWS.util.merge(self.service.config.params || {}, params); + Object.defineProperty(self.service, '_originalConfig', { + get: function() { return service._originalConfig; }, + enumerable: false, + configurable: true + }); + } + }, + + /** + * @api private + */ + adjustTotalBytes: function adjustTotalBytes() { + var self = this; + try { // try to get totalBytes + self.totalBytes = byteLength(self.body); + } catch (e) { } + + // try to adjust partSize if we know payload length + if (self.totalBytes) { + var newPartSize = Math.ceil(self.totalBytes / self.maxTotalParts); + if (newPartSize > self.partSize) self.partSize = newPartSize; + } else { + self.totalBytes = undefined; + } + }, + + /** + * @api private + */ + isDoneChunking: false, + + /** + * @api private + */ + partPos: 0, + + /** + * @api private + */ + totalChunkedBytes: 0, + + /** + * @api private + */ + totalUploadedBytes: 0, + + /** + * @api private + */ + totalBytes: undefined, + + /** + * @api private + */ + numParts: 0, + + /** + * @api private + */ + totalPartNumbers: 0, + + /** + * @api private + */ + activeParts: 0, + + /** + * @api private + */ + doneParts: 0, + + /** + * @api private + */ + parts: null, + + /** + * @api private + */ + completeInfo: null, + + /** + * @api private + */ + failed: false, + + /** + * @api private + */ + multipartReq: null, + + /** + * @api private + */ + partBuffers: null, + + /** + * @api private + */ + partBufferLength: 0, + + /** + * @api private + */ + fillBuffer: function fillBuffer() { + var self = this; + var bodyLen = byteLength(self.body); + + if (bodyLen === 0) { + self.isDoneChunking = true; + self.numParts = 1; + self.nextChunk(self.body); + return; + } + + while (self.activeParts < self.queueSize && self.partPos < bodyLen) { + var endPos = Math.min(self.partPos + self.partSize, bodyLen); + var buf = self.sliceFn.call(self.body, self.partPos, endPos); + self.partPos += self.partSize; + + if (byteLength(buf) < self.partSize || self.partPos === bodyLen) { + self.isDoneChunking = true; + self.numParts = self.totalPartNumbers + 1; + } + self.nextChunk(buf); + } + }, + + /** + * @api private + */ + fillStream: function fillStream() { + var self = this; + if (self.activeParts >= self.queueSize) return; + + var buf = self.body.read(self.partSize - self.partBufferLength) || + self.body.read(); + if (buf) { + self.partBuffers.push(buf); + self.partBufferLength += buf.length; + self.totalChunkedBytes += buf.length; + } + + if (self.partBufferLength >= self.partSize) { + // if we have single buffer we avoid copyfull concat + var pbuf = self.partBuffers.length === 1 ? + self.partBuffers[0] : Buffer.concat(self.partBuffers); + self.partBuffers = []; + self.partBufferLength = 0; + + // if we have more than partSize, push the rest back on the queue + if (pbuf.length > self.partSize) { + var rest = pbuf.slice(self.partSize); + self.partBuffers.push(rest); + self.partBufferLength += rest.length; + pbuf = pbuf.slice(0, self.partSize); + } + + self.nextChunk(pbuf); + } + + if (self.isDoneChunking && !self.isDoneSending) { + // if we have single buffer we avoid copyfull concat + pbuf = self.partBuffers.length === 1 ? + self.partBuffers[0] : Buffer.concat(self.partBuffers); + self.partBuffers = []; + self.partBufferLength = 0; + self.totalBytes = self.totalChunkedBytes; + self.isDoneSending = true; + + if (self.numParts === 0 || pbuf.length > 0) { + self.numParts++; + self.nextChunk(pbuf); + } + } + + self.body.read(0); + }, + + /** + * @api private + */ + nextChunk: function nextChunk(chunk) { + var self = this; + if (self.failed) return null; + + var partNumber = ++self.totalPartNumbers; + if (self.isDoneChunking && partNumber === 1) { + var params = {Body: chunk}; + if (this.tags) { + params.Tagging = this.getTaggingHeader(); + } + var req = self.service.putObject(params); + req._managedUpload = self; + req.on('httpUploadProgress', self.progress).send(self.finishSinglePart); + self.singlePart = req; //save the single part request + return null; + } else if (self.service.config.params.ContentMD5) { + var err = AWS.util.error(new Error('The Content-MD5 you specified is invalid for multi-part uploads.'), { + code: 'InvalidDigest', retryable: false + }); + + self.cleanup(err); + return null; + } + + if (self.completeInfo[partNumber] && self.completeInfo[partNumber].ETag !== null) { + return null; // Already uploaded this part. + } + + self.activeParts++; + if (!self.service.config.params.UploadId) { + + if (!self.multipartReq) { // create multipart + self.multipartReq = self.service.createMultipartUpload(); + self.multipartReq.on('success', function(resp) { + self.service.config.params.UploadId = resp.data.UploadId; + self.multipartReq = null; + }); + self.queueChunks(chunk, partNumber); + self.multipartReq.on('error', function(err) { + self.cleanup(err); + }); + self.multipartReq.send(); + } else { + self.queueChunks(chunk, partNumber); + } + } else { // multipart is created, just send + self.uploadPart(chunk, partNumber); + } + }, + + /** + * @api private + */ + getTaggingHeader: function getTaggingHeader() { + var kvPairStrings = []; + for (var i = 0; i < this.tags.length; i++) { + kvPairStrings.push(AWS.util.uriEscape(this.tags[i].Key) + '=' + + AWS.util.uriEscape(this.tags[i].Value)); + } + + return kvPairStrings.join('&'); + }, + + /** + * @api private + */ + uploadPart: function uploadPart(chunk, partNumber) { + var self = this; + + var partParams = { + Body: chunk, + ContentLength: AWS.util.string.byteLength(chunk), + PartNumber: partNumber + }; + + var partInfo = {ETag: null, PartNumber: partNumber}; + self.completeInfo[partNumber] = partInfo; + + var req = self.service.uploadPart(partParams); + self.parts[partNumber] = req; + req._lastUploadedBytes = 0; + req._managedUpload = self; + req.on('httpUploadProgress', self.progress); + req.send(function(err, data) { + delete self.parts[partParams.PartNumber]; + self.activeParts--; + + if (!err && (!data || !data.ETag)) { + var message = 'No access to ETag property on response.'; + if (AWS.util.isBrowser()) { + message += ' Check CORS configuration to expose ETag header.'; + } + + err = AWS.util.error(new Error(message), { + code: 'ETagMissing', retryable: false + }); + } + if (err) return self.cleanup(err); + //prevent sending part being returned twice (https://github.com/aws/aws-sdk-js/issues/2304) + if (self.completeInfo[partNumber] && self.completeInfo[partNumber].ETag !== null) return null; + partInfo.ETag = data.ETag; + self.doneParts++; + if (self.isDoneChunking && self.doneParts === self.totalPartNumbers) { + self.finishMultiPart(); + } else { + self.fillQueue.call(self); + } + }); + }, + + /** + * @api private + */ + queueChunks: function queueChunks(chunk, partNumber) { + var self = this; + self.multipartReq.on('success', function() { + self.uploadPart(chunk, partNumber); + }); + }, + + /** + * @api private + */ + cleanup: function cleanup(err) { + var self = this; + if (self.failed) return; + + // clean up stream + if (typeof self.body.removeAllListeners === 'function' && + typeof self.body.resume === 'function') { + self.body.removeAllListeners('readable'); + self.body.removeAllListeners('end'); + self.body.resume(); + } + + // cleanup multipartReq listeners + if (self.multipartReq) { + self.multipartReq.removeAllListeners('success'); + self.multipartReq.removeAllListeners('error'); + self.multipartReq.removeAllListeners('complete'); + delete self.multipartReq; + } + + if (self.service.config.params.UploadId && !self.leavePartsOnError) { + self.service.abortMultipartUpload().send(); + } else if (self.leavePartsOnError) { + self.isDoneChunking = false; + } + + AWS.util.each(self.parts, function(partNumber, part) { + part.removeAllListeners('complete'); + part.abort(); + }); + + self.activeParts = 0; + self.partPos = 0; + self.numParts = 0; + self.totalPartNumbers = 0; + self.parts = {}; + self.failed = true; + self.callback(err); + }, + + /** + * @api private + */ + finishMultiPart: function finishMultiPart() { + var self = this; + var completeParams = { MultipartUpload: { Parts: self.completeInfo.slice(1) } }; + self.service.completeMultipartUpload(completeParams, function(err, data) { + if (err) { + return self.cleanup(err); + } + + if (data && typeof data.Location === 'string') { + data.Location = data.Location.replace(/%2F/g, '/'); + } + + if (Array.isArray(self.tags)) { + for (var i = 0; i < self.tags.length; i++) { + self.tags[i].Value = String(self.tags[i].Value); + } + self.service.putObjectTagging( + {Tagging: {TagSet: self.tags}}, + function(e, d) { + if (e) { + self.callback(e); + } else { + self.callback(e, data); + } + } + ); + } else { + self.callback(err, data); + } + }); + }, + + /** + * @api private + */ + finishSinglePart: function finishSinglePart(err, data) { + var upload = this.request._managedUpload; + var httpReq = this.request.httpRequest; + var endpoint = httpReq.endpoint; + if (err) return upload.callback(err); + data.Location = + [endpoint.protocol, '//', endpoint.host, httpReq.path].join(''); + data.key = this.request.params.Key; // will stay undocumented + data.Key = this.request.params.Key; + data.Bucket = this.request.params.Bucket; + upload.callback(err, data); + }, + + /** + * @api private + */ + progress: function progress(info) { + var upload = this._managedUpload; + if (this.operation === 'putObject') { + info.part = 1; + info.key = this.params.Key; + } else { + upload.totalUploadedBytes += info.loaded - this._lastUploadedBytes; + this._lastUploadedBytes = info.loaded; + info = { + loaded: upload.totalUploadedBytes, + total: upload.totalBytes, + part: this.params.PartNumber, + key: this.params.Key + }; + } + upload.emit('httpUploadProgress', [info]); + } +}); + +AWS.util.mixin(AWS.S3.ManagedUpload, AWS.SequentialExecutor); + +/** + * @api private + */ +AWS.S3.ManagedUpload.addPromisesToClass = function addPromisesToClass(PromiseDependency) { + this.prototype.promise = AWS.util.promisifyMethod('send', PromiseDependency); +}; + +/** + * @api private + */ +AWS.S3.ManagedUpload.deletePromisesFromClass = function deletePromisesFromClass() { + delete this.prototype.promise; +}; + +AWS.util.addPromises(AWS.S3.ManagedUpload); + +/** + * @api private + */ +module.exports = AWS.S3.ManagedUpload; + + +/***/ }), + +/***/ 5555: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); + +/** + * @api private + * @!method on(eventName, callback) + * Registers an event listener callback for the event given by `eventName`. + * Parameters passed to the callback function depend on the individual event + * being triggered. See the event documentation for those parameters. + * + * @param eventName [String] the event name to register the listener for + * @param callback [Function] the listener callback function + * @param toHead [Boolean] attach the listener callback to the head of callback array if set to true. + * Default to be false. + * @return [AWS.SequentialExecutor] the same object for chaining + */ +AWS.SequentialExecutor = AWS.util.inherit({ + + constructor: function SequentialExecutor() { + this._events = {}; + }, + + /** + * @api private + */ + listeners: function listeners(eventName) { + return this._events[eventName] ? this._events[eventName].slice(0) : []; + }, + + on: function on(eventName, listener, toHead) { + if (this._events[eventName]) { + toHead ? + this._events[eventName].unshift(listener) : + this._events[eventName].push(listener); + } else { + this._events[eventName] = [listener]; + } + return this; + }, + + onAsync: function onAsync(eventName, listener, toHead) { + listener._isAsync = true; + return this.on(eventName, listener, toHead); + }, + + removeListener: function removeListener(eventName, listener) { + var listeners = this._events[eventName]; + if (listeners) { + var length = listeners.length; + var position = -1; + for (var i = 0; i < length; ++i) { + if (listeners[i] === listener) { + position = i; + } + } + if (position > -1) { + listeners.splice(position, 1); + } + } + return this; + }, + + removeAllListeners: function removeAllListeners(eventName) { + if (eventName) { + delete this._events[eventName]; + } else { + this._events = {}; + } + return this; + }, + + /** + * @api private + */ + emit: function emit(eventName, eventArgs, doneCallback) { + if (!doneCallback) doneCallback = function() { }; + var listeners = this.listeners(eventName); + var count = listeners.length; + this.callListeners(listeners, eventArgs, doneCallback); + return count > 0; + }, + + /** + * @api private + */ + callListeners: function callListeners(listeners, args, doneCallback, prevError) { + var self = this; + var error = prevError || null; + + function callNextListener(err) { + if (err) { + error = AWS.util.error(error || new Error(), err); + if (self._haltHandlersOnError) { + return doneCallback.call(self, error); + } + } + self.callListeners(listeners, args, doneCallback, error); + } + + while (listeners.length > 0) { + var listener = listeners.shift(); + if (listener._isAsync) { // asynchronous listener + listener.apply(self, args.concat([callNextListener])); + return; // stop here, callNextListener will continue + } else { // synchronous listener + try { + listener.apply(self, args); + } catch (err) { + error = AWS.util.error(error || new Error(), err); + } + if (error && self._haltHandlersOnError) { + doneCallback.call(self, error); + return; + } + } + } + doneCallback.call(self, error); + }, + + /** + * Adds or copies a set of listeners from another list of + * listeners or SequentialExecutor object. + * + * @param listeners [map>, AWS.SequentialExecutor] + * a list of events and callbacks, or an event emitter object + * containing listeners to add to this emitter object. + * @return [AWS.SequentialExecutor] the emitter object, for chaining. + * @example Adding listeners from a map of listeners + * emitter.addListeners({ + * event1: [function() { ... }, function() { ... }], + * event2: [function() { ... }] + * }); + * emitter.emit('event1'); // emitter has event1 + * emitter.emit('event2'); // emitter has event2 + * @example Adding listeners from another emitter object + * var emitter1 = new AWS.SequentialExecutor(); + * emitter1.on('event1', function() { ... }); + * emitter1.on('event2', function() { ... }); + * var emitter2 = new AWS.SequentialExecutor(); + * emitter2.addListeners(emitter1); + * emitter2.emit('event1'); // emitter2 has event1 + * emitter2.emit('event2'); // emitter2 has event2 + */ + addListeners: function addListeners(listeners) { + var self = this; + + // extract listeners if parameter is an SequentialExecutor object + if (listeners._events) listeners = listeners._events; + + AWS.util.each(listeners, function(event, callbacks) { + if (typeof callbacks === 'function') callbacks = [callbacks]; + AWS.util.arrayEach(callbacks, function(callback) { + self.on(event, callback); + }); + }); + + return self; + }, + + /** + * Registers an event with {on} and saves the callback handle function + * as a property on the emitter object using a given `name`. + * + * @param name [String] the property name to set on this object containing + * the callback function handle so that the listener can be removed in + * the future. + * @param (see on) + * @return (see on) + * @example Adding a named listener DATA_CALLBACK + * var listener = function() { doSomething(); }; + * emitter.addNamedListener('DATA_CALLBACK', 'data', listener); + * + * // the following prints: true + * console.log(emitter.DATA_CALLBACK == listener); + */ + addNamedListener: function addNamedListener(name, eventName, callback, toHead) { + this[name] = callback; + this.addListener(eventName, callback, toHead); + return this; + }, + + /** + * @api private + */ + addNamedAsyncListener: function addNamedAsyncListener(name, eventName, callback, toHead) { + callback._isAsync = true; + return this.addNamedListener(name, eventName, callback, toHead); + }, + + /** + * Helper method to add a set of named listeners using + * {addNamedListener}. The callback contains a parameter + * with a handle to the `addNamedListener` method. + * + * @callback callback function(add) + * The callback function is called immediately in order to provide + * the `add` function to the block. This simplifies the addition of + * a large group of named listeners. + * @param add [Function] the {addNamedListener} function to call + * when registering listeners. + * @example Adding a set of named listeners + * emitter.addNamedListeners(function(add) { + * add('DATA_CALLBACK', 'data', function() { ... }); + * add('OTHER', 'otherEvent', function() { ... }); + * add('LAST', 'lastEvent', function() { ... }); + * }); + * + * // these properties are now set: + * emitter.DATA_CALLBACK; + * emitter.OTHER; + * emitter.LAST; + */ + addNamedListeners: function addNamedListeners(callback) { + var self = this; + callback( + function() { + self.addNamedListener.apply(self, arguments); + }, + function() { + self.addNamedAsyncListener.apply(self, arguments); + } + ); + return this; + } +}); + +/** + * {on} is the prefered method. + * @api private + */ +AWS.SequentialExecutor.prototype.addListener = AWS.SequentialExecutor.prototype.on; + +/** + * @api private + */ +module.exports = AWS.SequentialExecutor; + + +/***/ }), + +/***/ 4466: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var Api = __nccwpck_require4_(9101); +var regionConfig = __nccwpck_require4_(3698); + +var inherit = AWS.util.inherit; +var clientCount = 0; +var region_utils = __nccwpck_require4_(8099); + +/** + * The service class representing an AWS service. + * + * @class_abstract This class is an abstract class. + * + * @!attribute apiVersions + * @return [Array] the list of API versions supported by this service. + * @readonly + */ +AWS.Service = inherit({ + /** + * Create a new service object with a configuration object + * + * @param config [map] a map of configuration options + */ + constructor: function Service(config) { + if (!this.loadServiceClass) { + throw AWS.util.error(new Error(), + 'Service must be constructed with `new\' operator'); + } + + if (config) { + if (config.region) { + var region = config.region; + if (region_utils.isFipsRegion(region)) { + config.region = region_utils.getRealRegion(region); + config.useFipsEndpoint = true; + } + if (region_utils.isGlobalRegion(region)) { + config.region = region_utils.getRealRegion(region); + } + } + if (typeof config.useDualstack === 'boolean' + && typeof config.useDualstackEndpoint !== 'boolean') { + config.useDualstackEndpoint = config.useDualstack; + } + } + + var ServiceClass = this.loadServiceClass(config || {}); + if (ServiceClass) { + var originalConfig = AWS.util.copy(config); + var svc = new ServiceClass(config); + Object.defineProperty(svc, '_originalConfig', { + get: function() { return originalConfig; }, + enumerable: false, + configurable: true + }); + svc._clientId = ++clientCount; + return svc; + } + this.initialize(config); + }, + + /** + * @api private + */ + initialize: function initialize(config) { + var svcConfig = AWS.config[this.serviceIdentifier]; + this.config = new AWS.Config(AWS.config); + if (svcConfig) this.config.update(svcConfig, true); + if (config) this.config.update(config, true); + + this.validateService(); + if (!this.config.endpoint) regionConfig.configureEndpoint(this); + + this.config.endpoint = this.endpointFromTemplate(this.config.endpoint); + this.setEndpoint(this.config.endpoint); + //enable attaching listeners to service client + AWS.SequentialExecutor.call(this); + AWS.Service.addDefaultMonitoringListeners(this); + if ((this.config.clientSideMonitoring || AWS.Service._clientSideMonitoring) && this.publisher) { + var publisher = this.publisher; + this.addNamedListener('PUBLISH_API_CALL', 'apiCall', function PUBLISH_API_CALL(event) { + process.nextTick(function() {publisher.eventHandler(event);}); + }); + this.addNamedListener('PUBLISH_API_ATTEMPT', 'apiCallAttempt', function PUBLISH_API_ATTEMPT(event) { + process.nextTick(function() {publisher.eventHandler(event);}); + }); + } + }, + + /** + * @api private + */ + validateService: function validateService() { + }, + + /** + * @api private + */ + loadServiceClass: function loadServiceClass(serviceConfig) { + var config = serviceConfig; + if (!AWS.util.isEmpty(this.api)) { + return null; + } else if (config.apiConfig) { + return AWS.Service.defineServiceApi(this.constructor, config.apiConfig); + } else if (!this.constructor.services) { + return null; + } else { + config = new AWS.Config(AWS.config); + config.update(serviceConfig, true); + var version = config.apiVersions[this.constructor.serviceIdentifier]; + version = version || config.apiVersion; + return this.getLatestServiceClass(version); + } + }, + + /** + * @api private + */ + getLatestServiceClass: function getLatestServiceClass(version) { + version = this.getLatestServiceVersion(version); + if (this.constructor.services[version] === null) { + AWS.Service.defineServiceApi(this.constructor, version); + } + + return this.constructor.services[version]; + }, + + /** + * @api private + */ + getLatestServiceVersion: function getLatestServiceVersion(version) { + if (!this.constructor.services || this.constructor.services.length === 0) { + throw new Error('No services defined on ' + + this.constructor.serviceIdentifier); + } + + if (!version) { + version = 'latest'; + } else if (AWS.util.isType(version, Date)) { + version = AWS.util.date.iso8601(version).split('T')[0]; + } + + if (Object.hasOwnProperty(this.constructor.services, version)) { + return version; + } + + var keys = Object.keys(this.constructor.services).sort(); + var selectedVersion = null; + for (var i = keys.length - 1; i >= 0; i--) { + // versions that end in "*" are not available on disk and can be + // skipped, so do not choose these as selectedVersions + if (keys[i][keys[i].length - 1] !== '*') { + selectedVersion = keys[i]; + } + if (keys[i].substr(0, 10) <= version) { + return selectedVersion; + } + } + + throw new Error('Could not find ' + this.constructor.serviceIdentifier + + ' API to satisfy version constraint `' + version + '\''); + }, + + /** + * @api private + */ + api: {}, + + /** + * @api private + */ + defaultRetryCount: 3, + + /** + * @api private + */ + customizeRequests: function customizeRequests(callback) { + if (!callback) { + this.customRequestHandler = null; + } else if (typeof callback === 'function') { + this.customRequestHandler = callback; + } else { + throw new Error('Invalid callback type \'' + typeof callback + '\' provided in customizeRequests'); + } + }, + + /** + * Calls an operation on a service with the given input parameters. + * + * @param operation [String] the name of the operation to call on the service. + * @param params [map] a map of input options for the operation + * @callback callback function(err, data) + * If a callback is supplied, it is called when a response is returned + * from the service. + * @param err [Error] the error object returned from the request. + * Set to `null` if the request is successful. + * @param data [Object] the de-serialized data returned from + * the request. Set to `null` if a request error occurs. + */ + makeRequest: function makeRequest(operation, params, callback) { + if (typeof params === 'function') { + callback = params; + params = null; + } + + params = params || {}; + if (this.config.params) { // copy only toplevel bound params + var rules = this.api.operations[operation]; + if (rules) { + params = AWS.util.copy(params); + AWS.util.each(this.config.params, function(key, value) { + if (rules.input.members[key]) { + if (params[key] === undefined || params[key] === null) { + params[key] = value; + } + } + }); + } + } + + var request = new AWS.Request(this, operation, params); + this.addAllRequestListeners(request); + this.attachMonitoringEmitter(request); + if (callback) request.send(callback); + return request; + }, + + /** + * Calls an operation on a service with the given input parameters, without + * any authentication data. This method is useful for "public" API operations. + * + * @param operation [String] the name of the operation to call on the service. + * @param params [map] a map of input options for the operation + * @callback callback function(err, data) + * If a callback is supplied, it is called when a response is returned + * from the service. + * @param err [Error] the error object returned from the request. + * Set to `null` if the request is successful. + * @param data [Object] the de-serialized data returned from + * the request. Set to `null` if a request error occurs. + */ + makeUnauthenticatedRequest: function makeUnauthenticatedRequest(operation, params, callback) { + if (typeof params === 'function') { + callback = params; + params = {}; + } + + var request = this.makeRequest(operation, params).toUnauthenticated(); + return callback ? request.send(callback) : request; + }, + + /** + * Waits for a given state + * + * @param state [String] the state on the service to wait for + * @param params [map] a map of parameters to pass with each request + * @option params $waiter [map] a map of configuration options for the waiter + * @option params $waiter.delay [Number] The number of seconds to wait between + * requests + * @option params $waiter.maxAttempts [Number] The maximum number of requests + * to send while waiting + * @callback callback function(err, data) + * If a callback is supplied, it is called when a response is returned + * from the service. + * @param err [Error] the error object returned from the request. + * Set to `null` if the request is successful. + * @param data [Object] the de-serialized data returned from + * the request. Set to `null` if a request error occurs. + */ + waitFor: function waitFor(state, params, callback) { + var waiter = new AWS.ResourceWaiter(this, state); + return waiter.wait(params, callback); + }, + + /** + * @api private + */ + addAllRequestListeners: function addAllRequestListeners(request) { + var list = [AWS.events, AWS.EventListeners.Core, this.serviceInterface(), + AWS.EventListeners.CorePost]; + for (var i = 0; i < list.length; i++) { + if (list[i]) request.addListeners(list[i]); + } + + // disable parameter validation + if (!this.config.paramValidation) { + request.removeListener('validate', + AWS.EventListeners.Core.VALIDATE_PARAMETERS); + } + + if (this.config.logger) { // add logging events + request.addListeners(AWS.EventListeners.Logger); + } + + this.setupRequestListeners(request); + // call prototype's customRequestHandler + if (typeof this.constructor.prototype.customRequestHandler === 'function') { + this.constructor.prototype.customRequestHandler(request); + } + // call instance's customRequestHandler + if (Object.prototype.hasOwnProperty.call(this, 'customRequestHandler') && typeof this.customRequestHandler === 'function') { + this.customRequestHandler(request); + } + }, + + /** + * Event recording metrics for a whole API call. + * @returns {object} a subset of api call metrics + * @api private + */ + apiCallEvent: function apiCallEvent(request) { + var api = request.service.api.operations[request.operation]; + var monitoringEvent = { + Type: 'ApiCall', + Api: api ? api.name : request.operation, + Version: 1, + Service: request.service.api.serviceId || request.service.api.endpointPrefix, + Region: request.httpRequest.region, + MaxRetriesExceeded: 0, + UserAgent: request.httpRequest.getUserAgent(), + }; + var response = request.response; + if (response.httpResponse.statusCode) { + monitoringEvent.FinalHttpStatusCode = response.httpResponse.statusCode; + } + if (response.error) { + var error = response.error; + var statusCode = response.httpResponse.statusCode; + if (statusCode > 299) { + if (error.code) monitoringEvent.FinalAwsException = error.code; + if (error.message) monitoringEvent.FinalAwsExceptionMessage = error.message; + } else { + if (error.code || error.name) monitoringEvent.FinalSdkException = error.code || error.name; + if (error.message) monitoringEvent.FinalSdkExceptionMessage = error.message; + } + } + return monitoringEvent; + }, + + /** + * Event recording metrics for an API call attempt. + * @returns {object} a subset of api call attempt metrics + * @api private + */ + apiAttemptEvent: function apiAttemptEvent(request) { + var api = request.service.api.operations[request.operation]; + var monitoringEvent = { + Type: 'ApiCallAttempt', + Api: api ? api.name : request.operation, + Version: 1, + Service: request.service.api.serviceId || request.service.api.endpointPrefix, + Fqdn: request.httpRequest.endpoint.hostname, + UserAgent: request.httpRequest.getUserAgent(), + }; + var response = request.response; + if (response.httpResponse.statusCode) { + monitoringEvent.HttpStatusCode = response.httpResponse.statusCode; + } + if ( + !request._unAuthenticated && + request.service.config.credentials && + request.service.config.credentials.accessKeyId + ) { + monitoringEvent.AccessKey = request.service.config.credentials.accessKeyId; + } + if (!response.httpResponse.headers) return monitoringEvent; + if (request.httpRequest.headers['x-amz-security-token']) { + monitoringEvent.SessionToken = request.httpRequest.headers['x-amz-security-token']; + } + if (response.httpResponse.headers['x-amzn-requestid']) { + monitoringEvent.XAmznRequestId = response.httpResponse.headers['x-amzn-requestid']; + } + if (response.httpResponse.headers['x-amz-request-id']) { + monitoringEvent.XAmzRequestId = response.httpResponse.headers['x-amz-request-id']; + } + if (response.httpResponse.headers['x-amz-id-2']) { + monitoringEvent.XAmzId2 = response.httpResponse.headers['x-amz-id-2']; + } + return monitoringEvent; + }, + + /** + * Add metrics of failed request. + * @api private + */ + attemptFailEvent: function attemptFailEvent(request) { + var monitoringEvent = this.apiAttemptEvent(request); + var response = request.response; + var error = response.error; + if (response.httpResponse.statusCode > 299 ) { + if (error.code) monitoringEvent.AwsException = error.code; + if (error.message) monitoringEvent.AwsExceptionMessage = error.message; + } else { + if (error.code || error.name) monitoringEvent.SdkException = error.code || error.name; + if (error.message) monitoringEvent.SdkExceptionMessage = error.message; + } + return monitoringEvent; + }, + + /** + * Attach listeners to request object to fetch metrics of each request + * and emit data object through \'ApiCall\' and \'ApiCallAttempt\' events. + * @api private + */ + attachMonitoringEmitter: function attachMonitoringEmitter(request) { + var attemptTimestamp; //timestamp marking the beginning of a request attempt + var attemptStartRealTime; //Start time of request attempt. Used to calculating attemptLatency + var attemptLatency; //latency from request sent out to http response reaching SDK + var callStartRealTime; //Start time of API call. Used to calculating API call latency + var attemptCount = 0; //request.retryCount is not reliable here + var region; //region cache region for each attempt since it can be updated in plase (e.g. s3) + var callTimestamp; //timestamp when the request is created + var self = this; + var addToHead = true; + + request.on('validate', function () { + callStartRealTime = AWS.util.realClock.now(); + callTimestamp = Date.now(); + }, addToHead); + request.on('sign', function () { + attemptStartRealTime = AWS.util.realClock.now(); + attemptTimestamp = Date.now(); + region = request.httpRequest.region; + attemptCount++; + }, addToHead); + request.on('validateResponse', function() { + attemptLatency = Math.round(AWS.util.realClock.now() - attemptStartRealTime); + }); + request.addNamedListener('API_CALL_ATTEMPT', 'success', function API_CALL_ATTEMPT() { + var apiAttemptEvent = self.apiAttemptEvent(request); + apiAttemptEvent.Timestamp = attemptTimestamp; + apiAttemptEvent.AttemptLatency = attemptLatency >= 0 ? attemptLatency : 0; + apiAttemptEvent.Region = region; + self.emit('apiCallAttempt', [apiAttemptEvent]); + }); + request.addNamedListener('API_CALL_ATTEMPT_RETRY', 'retry', function API_CALL_ATTEMPT_RETRY() { + var apiAttemptEvent = self.attemptFailEvent(request); + apiAttemptEvent.Timestamp = attemptTimestamp; + //attemptLatency may not be available if fail before response + attemptLatency = attemptLatency || + Math.round(AWS.util.realClock.now() - attemptStartRealTime); + apiAttemptEvent.AttemptLatency = attemptLatency >= 0 ? attemptLatency : 0; + apiAttemptEvent.Region = region; + self.emit('apiCallAttempt', [apiAttemptEvent]); + }); + request.addNamedListener('API_CALL', 'complete', function API_CALL() { + var apiCallEvent = self.apiCallEvent(request); + apiCallEvent.AttemptCount = attemptCount; + if (apiCallEvent.AttemptCount <= 0) return; + apiCallEvent.Timestamp = callTimestamp; + var latency = Math.round(AWS.util.realClock.now() - callStartRealTime); + apiCallEvent.Latency = latency >= 0 ? latency : 0; + var response = request.response; + if ( + response.error && + response.error.retryable && + typeof response.retryCount === 'number' && + typeof response.maxRetries === 'number' && + (response.retryCount >= response.maxRetries) + ) { + apiCallEvent.MaxRetriesExceeded = 1; + } + self.emit('apiCall', [apiCallEvent]); + }); + }, + + /** + * Override this method to setup any custom request listeners for each + * new request to the service. + * + * @method_abstract This is an abstract method. + */ + setupRequestListeners: function setupRequestListeners(request) { + }, + + /** + * Gets the signing name for a given request + * @api private + */ + getSigningName: function getSigningName() { + return this.api.signingName || this.api.endpointPrefix; + }, + + /** + * Gets the signer class for a given request + * @api private + */ + getSignerClass: function getSignerClass(request) { + var version; + // get operation authtype if present + var operation = null; + var authtype = ''; + if (request) { + var operations = request.service.api.operations || {}; + operation = operations[request.operation] || null; + authtype = operation ? operation.authtype : ''; + } + if (this.config.signatureVersion) { + version = this.config.signatureVersion; + } else if (authtype === 'v4' || authtype === 'v4-unsigned-body') { + version = 'v4'; + } else if (authtype === 'bearer') { + version = 'bearer'; + } else { + version = this.api.signatureVersion; + } + return AWS.Signers.RequestSigner.getVersion(version); + }, + + /** + * @api private + */ + serviceInterface: function serviceInterface() { + switch (this.api.protocol) { + case 'ec2': return AWS.EventListeners.Query; + case 'query': return AWS.EventListeners.Query; + case 'json': return AWS.EventListeners.Json; + case 'rest-json': return AWS.EventListeners.RestJson; + case 'rest-xml': return AWS.EventListeners.RestXml; + } + if (this.api.protocol) { + throw new Error('Invalid service `protocol\' ' + + this.api.protocol + ' in API config'); + } + }, + + /** + * @api private + */ + successfulResponse: function successfulResponse(resp) { + return resp.httpResponse.statusCode < 300; + }, + + /** + * How many times a failed request should be retried before giving up. + * the defaultRetryCount can be overriden by service classes. + * + * @api private + */ + numRetries: function numRetries() { + if (this.config.maxRetries !== undefined) { + return this.config.maxRetries; + } else { + return this.defaultRetryCount; + } + }, + + /** + * @api private + */ + retryDelays: function retryDelays(retryCount, err) { + return AWS.util.calculateRetryDelay(retryCount, this.config.retryDelayOptions, err); + }, + + /** + * @api private + */ + retryableError: function retryableError(error) { + if (this.timeoutError(error)) return true; + if (this.networkingError(error)) return true; + if (this.expiredCredentialsError(error)) return true; + if (this.throttledError(error)) return true; + if (error.statusCode >= 500) return true; + return false; + }, + + /** + * @api private + */ + networkingError: function networkingError(error) { + return error.code === 'NetworkingError'; + }, + + /** + * @api private + */ + timeoutError: function timeoutError(error) { + return error.code === 'TimeoutError'; + }, + + /** + * @api private + */ + expiredCredentialsError: function expiredCredentialsError(error) { + // TODO : this only handles *one* of the expired credential codes + return (error.code === 'ExpiredTokenException'); + }, + + /** + * @api private + */ + clockSkewError: function clockSkewError(error) { + switch (error.code) { + case 'RequestTimeTooSkewed': + case 'RequestExpired': + case 'InvalidSignatureException': + case 'SignatureDoesNotMatch': + case 'AuthFailure': + case 'RequestInTheFuture': + return true; + default: return false; + } + }, + + /** + * @api private + */ + getSkewCorrectedDate: function getSkewCorrectedDate() { + return new Date(Date.now() + this.config.systemClockOffset); + }, + + /** + * @api private + */ + applyClockOffset: function applyClockOffset(newServerTime) { + if (newServerTime) { + this.config.systemClockOffset = newServerTime - Date.now(); + } + }, + + /** + * @api private + */ + isClockSkewed: function isClockSkewed(newServerTime) { + if (newServerTime) { + return Math.abs(this.getSkewCorrectedDate().getTime() - newServerTime) >= 300000; + } + }, + + /** + * @api private + */ + throttledError: function throttledError(error) { + // this logic varies between services + if (error.statusCode === 429) return true; + switch (error.code) { + case 'ProvisionedThroughputExceededException': + case 'Throttling': + case 'ThrottlingException': + case 'RequestLimitExceeded': + case 'RequestThrottled': + case 'RequestThrottledException': + case 'TooManyRequestsException': + case 'TransactionInProgressException': //dynamodb + case 'EC2ThrottledException': + return true; + default: + return false; + } + }, + + /** + * @api private + */ + endpointFromTemplate: function endpointFromTemplate(endpoint) { + if (typeof endpoint !== 'string') return endpoint; + + var e = endpoint; + e = e.replace(/\{service\}/g, this.api.endpointPrefix); + e = e.replace(/\{region\}/g, this.config.region); + e = e.replace(/\{scheme\}/g, this.config.sslEnabled ? 'https' : 'http'); + return e; + }, + + /** + * @api private + */ + setEndpoint: function setEndpoint(endpoint) { + this.endpoint = new AWS.Endpoint(endpoint, this.config); + }, + + /** + * @api private + */ + paginationConfig: function paginationConfig(operation, throwException) { + var paginator = this.api.operations[operation].paginator; + if (!paginator) { + if (throwException) { + var e = new Error(); + throw AWS.util.error(e, 'No pagination configuration for ' + operation); + } + return null; + } + + return paginator; + } +}); + +AWS.util.update(AWS.Service, { + + /** + * Adds one method for each operation described in the api configuration + * + * @api private + */ + defineMethods: function defineMethods(svc) { + AWS.util.each(svc.prototype.api.operations, function iterator(method) { + if (svc.prototype[method]) return; + var operation = svc.prototype.api.operations[method]; + if (operation.authtype === 'none') { + svc.prototype[method] = function (params, callback) { + return this.makeUnauthenticatedRequest(method, params, callback); + }; + } else { + svc.prototype[method] = function (params, callback) { + return this.makeRequest(method, params, callback); + }; + } + }); + }, + + /** + * Defines a new Service class using a service identifier and list of versions + * including an optional set of features (functions) to apply to the class + * prototype. + * + * @param serviceIdentifier [String] the identifier for the service + * @param versions [Array] a list of versions that work with this + * service + * @param features [Object] an object to attach to the prototype + * @return [Class] the service class defined by this function. + */ + defineService: function defineService(serviceIdentifier, versions, features) { + AWS.Service._serviceMap[serviceIdentifier] = true; + if (!Array.isArray(versions)) { + features = versions; + versions = []; + } + + var svc = inherit(AWS.Service, features || {}); + + if (typeof serviceIdentifier === 'string') { + AWS.Service.addVersions(svc, versions); + + var identifier = svc.serviceIdentifier || serviceIdentifier; + svc.serviceIdentifier = identifier; + } else { // defineService called with an API + svc.prototype.api = serviceIdentifier; + AWS.Service.defineMethods(svc); + } + AWS.SequentialExecutor.call(this.prototype); + //util.clientSideMonitoring is only available in node + if (!this.prototype.publisher && AWS.util.clientSideMonitoring) { + var Publisher = AWS.util.clientSideMonitoring.Publisher; + var configProvider = AWS.util.clientSideMonitoring.configProvider; + var publisherConfig = configProvider(); + this.prototype.publisher = new Publisher(publisherConfig); + if (publisherConfig.enabled) { + //if csm is enabled in environment, SDK should send all metrics + AWS.Service._clientSideMonitoring = true; + } + } + AWS.SequentialExecutor.call(svc.prototype); + AWS.Service.addDefaultMonitoringListeners(svc.prototype); + return svc; + }, + + /** + * @api private + */ + addVersions: function addVersions(svc, versions) { + if (!Array.isArray(versions)) versions = [versions]; + + svc.services = svc.services || {}; + for (var i = 0; i < versions.length; i++) { + if (svc.services[versions[i]] === undefined) { + svc.services[versions[i]] = null; + } + } + + svc.apiVersions = Object.keys(svc.services).sort(); + }, + + /** + * @api private + */ + defineServiceApi: function defineServiceApi(superclass, version, apiConfig) { + var svc = inherit(superclass, { + serviceIdentifier: superclass.serviceIdentifier + }); + + function setApi(api) { + if (api.isApi) { + svc.prototype.api = api; + } else { + svc.prototype.api = new Api(api, { + serviceIdentifier: superclass.serviceIdentifier + }); + } + } + + if (typeof version === 'string') { + if (apiConfig) { + setApi(apiConfig); + } else { + try { + setApi(AWS.apiLoader(superclass.serviceIdentifier, version)); + } catch (err) { + throw AWS.util.error(err, { + message: 'Could not find API configuration ' + + superclass.serviceIdentifier + '-' + version + }); + } + } + if (!Object.prototype.hasOwnProperty.call(superclass.services, version)) { + superclass.apiVersions = superclass.apiVersions.concat(version).sort(); + } + superclass.services[version] = svc; + } else { + setApi(version); + } + + AWS.Service.defineMethods(svc); + return svc; + }, + + /** + * @api private + */ + hasService: function(identifier) { + return Object.prototype.hasOwnProperty.call(AWS.Service._serviceMap, identifier); + }, + + /** + * @param attachOn attach default monitoring listeners to object + * + * Each monitoring event should be emitted from service client to service constructor prototype and then + * to global service prototype like bubbling up. These default monitoring events listener will transfer + * the monitoring events to the upper layer. + * @api private + */ + addDefaultMonitoringListeners: function addDefaultMonitoringListeners(attachOn) { + attachOn.addNamedListener('MONITOR_EVENTS_BUBBLE', 'apiCallAttempt', function EVENTS_BUBBLE(event) { + var baseClass = Object.getPrototypeOf(attachOn); + if (baseClass._events) baseClass.emit('apiCallAttempt', [event]); + }); + attachOn.addNamedListener('CALL_EVENTS_BUBBLE', 'apiCall', function CALL_EVENTS_BUBBLE(event) { + var baseClass = Object.getPrototypeOf(attachOn); + if (baseClass._events) baseClass.emit('apiCall', [event]); + }); + }, + + /** + * @api private + */ + _serviceMap: {} +}); + +AWS.util.mixin(AWS.Service, AWS.SequentialExecutor); + +/** + * @api private + */ +module.exports = AWS.Service; + + +/***/ }), + +/***/ 9880: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var v4Credentials = __nccwpck_require4_(4178); +var resolveRegionalEndpointsFlag = __nccwpck_require4_(4872); +var s3util = __nccwpck_require4_(280); +var regionUtil = __nccwpck_require4_(3698); + +// Pull in managed upload extension +__nccwpck_require4_(3664); + +/** + * @api private + */ +var operationsWith200StatusCodeError = { + 'completeMultipartUpload': true, + 'copyObject': true, + 'uploadPartCopy': true +}; + +/** + * @api private + */ + var regionRedirectErrorCodes = [ + 'AuthorizationHeaderMalformed', // non-head operations on virtual-hosted global bucket endpoints + 'BadRequest', // head operations on virtual-hosted global bucket endpoints + 'PermanentRedirect', // non-head operations on path-style or regional endpoints + 301 // head operations on path-style or regional endpoints + ]; + +var OBJECT_LAMBDA_SERVICE = 's3-object-lambda'; + +AWS.util.update(AWS.S3.prototype, { + /** + * @api private + */ + getSignatureVersion: function getSignatureVersion(request) { + var defaultApiVersion = this.api.signatureVersion; + var userDefinedVersion = this._originalConfig ? this._originalConfig.signatureVersion : null; + var regionDefinedVersion = this.config.signatureVersion; + var isPresigned = request ? request.isPresigned() : false; + /* + 1) User defined version specified: + a) always return user defined version + 2) No user defined version specified: + a) If not using presigned urls, default to V4 + b) If using presigned urls, default to lowest version the region supports + */ + if (userDefinedVersion) { + userDefinedVersion = userDefinedVersion === 'v2' ? 's3' : userDefinedVersion; + return userDefinedVersion; + } + if (isPresigned !== true) { + defaultApiVersion = 'v4'; + } else if (regionDefinedVersion) { + defaultApiVersion = regionDefinedVersion; + } + return defaultApiVersion; + }, + + /** + * @api private + */ + getSigningName: function getSigningName(req) { + if (req && req.operation === 'writeGetObjectResponse') { + return OBJECT_LAMBDA_SERVICE; + } + + var _super = AWS.Service.prototype.getSigningName; + return (req && req._parsedArn && req._parsedArn.service) + ? req._parsedArn.service + : _super.call(this); + }, + + /** + * @api private + */ + getSignerClass: function getSignerClass(request) { + var signatureVersion = this.getSignatureVersion(request); + return AWS.Signers.RequestSigner.getVersion(signatureVersion); + }, + + /** + * @api private + */ + validateService: function validateService() { + var msg; + var messages = []; + + // default to us-east-1 when no region is provided + if (!this.config.region) this.config.region = 'us-east-1'; + + if (!this.config.endpoint && this.config.s3BucketEndpoint) { + messages.push('An endpoint must be provided when configuring ' + + '`s3BucketEndpoint` to true.'); + } + if (messages.length === 1) { + msg = messages[0]; + } else if (messages.length > 1) { + msg = 'Multiple configuration errors:\n' + messages.join('\n'); + } + if (msg) { + throw AWS.util.error(new Error(), + {name: 'InvalidEndpoint', message: msg}); + } + }, + + /** + * @api private + */ + shouldDisableBodySigning: function shouldDisableBodySigning(request) { + var signerClass = this.getSignerClass(); + if (this.config.s3DisableBodySigning === true && signerClass === AWS.Signers.V4 + && request.httpRequest.endpoint.protocol === 'https:') { + return true; + } + return false; + }, + + /** + * @api private + */ + setupRequestListeners: function setupRequestListeners(request) { + var prependListener = true; + request.addListener('validate', this.validateScheme); + request.addListener('validate', this.validateBucketName, prependListener); + request.addListener('validate', this.optInUsEast1RegionalEndpoint, prependListener); + + request.removeListener('validate', + AWS.EventListeners.Core.VALIDATE_REGION); + request.addListener('build', this.addContentType); + request.addListener('build', this.computeContentMd5); + request.addListener('build', this.computeSseCustomerKeyMd5); + request.addListener('build', this.populateURI); + request.addListener('afterBuild', this.addExpect100Continue); + request.addListener('extractError', this.extractError); + request.addListener('extractData', AWS.util.hoistPayloadMember); + request.addListener('extractData', this.extractData); + request.addListener('extractData', this.extractErrorFrom200Response); + request.addListener('beforePresign', this.prepareSignedUrl); + if (this.shouldDisableBodySigning(request)) { + request.removeListener('afterBuild', AWS.EventListeners.Core.COMPUTE_SHA256); + request.addListener('afterBuild', this.disableBodySigning); + } + //deal with ARNs supplied to Bucket + if (request.operation !== 'createBucket' && s3util.isArnInParam(request, 'Bucket')) { + // avoid duplicate parsing in the future + request._parsedArn = AWS.util.ARN.parse(request.params.Bucket); + + request.removeListener('validate', this.validateBucketName); + request.removeListener('build', this.populateURI); + if (request._parsedArn.service === 's3') { + request.addListener('validate', s3util.validateS3AccessPointArn); + request.addListener('validate', this.validateArnResourceType); + request.addListener('validate', this.validateArnRegion); + } else if (request._parsedArn.service === 's3-outposts') { + request.addListener('validate', s3util.validateOutpostsAccessPointArn); + request.addListener('validate', s3util.validateOutpostsArn); + request.addListener('validate', s3util.validateArnRegion); + } + request.addListener('validate', s3util.validateArnAccount); + request.addListener('validate', s3util.validateArnService); + request.addListener('build', this.populateUriFromAccessPointArn); + request.addListener('build', s3util.validatePopulateUriFromArn); + return; + } + //listeners regarding region inference + request.addListener('validate', this.validateBucketEndpoint); + request.addListener('validate', this.correctBucketRegionFromCache); + request.onAsync('extractError', this.requestBucketRegion); + if (AWS.util.isBrowser()) { + request.onAsync('retry', this.reqRegionForNetworkingError); + } + }, + + /** + * @api private + */ + validateScheme: function(req) { + var params = req.params, + scheme = req.httpRequest.endpoint.protocol, + sensitive = params.SSECustomerKey || params.CopySourceSSECustomerKey; + if (sensitive && scheme !== 'https:') { + var msg = 'Cannot send SSE keys over HTTP. Set \'sslEnabled\'' + + 'to \'true\' in your configuration'; + throw AWS.util.error(new Error(), + { code: 'ConfigError', message: msg }); + } + }, + + /** + * @api private + */ + validateBucketEndpoint: function(req) { + if (!req.params.Bucket && req.service.config.s3BucketEndpoint) { + var msg = 'Cannot send requests to root API with `s3BucketEndpoint` set.'; + throw AWS.util.error(new Error(), + { code: 'ConfigError', message: msg }); + } + }, + + /** + * @api private + */ + validateArnRegion: function validateArnRegion(req) { + s3util.validateArnRegion(req, { allowFipsEndpoint: true }); + }, + + /** + * Validate resource-type supplied in S3 ARN + */ + validateArnResourceType: function validateArnResourceType(req) { + var resource = req._parsedArn.resource; + + if ( + resource.indexOf('accesspoint:') !== 0 && + resource.indexOf('accesspoint/') !== 0 + ) { + throw AWS.util.error(new Error(), { + code: 'InvalidARN', + message: 'ARN resource should begin with \'accesspoint/\'' + }); + } + }, + + /** + * @api private + */ + validateBucketName: function validateBucketName(req) { + var service = req.service; + var signatureVersion = service.getSignatureVersion(req); + var bucket = req.params && req.params.Bucket; + var key = req.params && req.params.Key; + var slashIndex = bucket && bucket.indexOf('/'); + if (bucket && slashIndex >= 0) { + if (typeof key === 'string' && slashIndex > 0) { + req.params = AWS.util.copy(req.params); + // Need to include trailing slash to match sigv2 behavior + var prefix = bucket.substr(slashIndex + 1) || ''; + req.params.Key = prefix + '/' + key; + req.params.Bucket = bucket.substr(0, slashIndex); + } else if (signatureVersion === 'v4') { + var msg = 'Bucket names cannot contain forward slashes. Bucket: ' + bucket; + throw AWS.util.error(new Error(), + { code: 'InvalidBucket', message: msg }); + } + } + }, + + /** + * @api private + */ + isValidAccelerateOperation: function isValidAccelerateOperation(operation) { + var invalidOperations = [ + 'createBucket', + 'deleteBucket', + 'listBuckets' + ]; + return invalidOperations.indexOf(operation) === -1; + }, + + /** + * When us-east-1 region endpoint configuration is set, in stead of sending request to + * global endpoint(e.g. 's3.amazonaws.com'), we will send request to + * 's3.us-east-1.amazonaws.com'. + * @api private + */ + optInUsEast1RegionalEndpoint: function optInUsEast1RegionalEndpoint(req) { + var service = req.service; + var config = service.config; + config.s3UsEast1RegionalEndpoint = resolveRegionalEndpointsFlag(service._originalConfig, { + env: 'AWS_S3_US_EAST_1_REGIONAL_ENDPOINT', + sharedConfig: 's3_us_east_1_regional_endpoint', + clientConfig: 's3UsEast1RegionalEndpoint' + }); + if ( + !(service._originalConfig || {}).endpoint && + req.httpRequest.region === 'us-east-1' && + config.s3UsEast1RegionalEndpoint === 'regional' && + req.httpRequest.endpoint.hostname.indexOf('s3.amazonaws.com') >= 0 + ) { + var insertPoint = config.endpoint.indexOf('.amazonaws.com'); + regionalEndpoint = config.endpoint.substring(0, insertPoint) + + '.us-east-1' + config.endpoint.substring(insertPoint); + req.httpRequest.updateEndpoint(regionalEndpoint); + } + }, + + /** + * S3 prefers dns-compatible bucket names to be moved from the uri path + * to the hostname as a sub-domain. This is not possible, even for dns-compat + * buckets when using SSL and the bucket name contains a dot ('.'). The + * ssl wildcard certificate is only 1-level deep. + * + * @api private + */ + populateURI: function populateURI(req) { + var httpRequest = req.httpRequest; + var b = req.params.Bucket; + var service = req.service; + var endpoint = httpRequest.endpoint; + if (b) { + if (!service.pathStyleBucketName(b)) { + if (service.config.useAccelerateEndpoint && service.isValidAccelerateOperation(req.operation)) { + if (service.config.useDualstackEndpoint) { + endpoint.hostname = b + '.s3-accelerate.dualstack.amazonaws.com'; + } else { + endpoint.hostname = b + '.s3-accelerate.amazonaws.com'; + } + } else if (!service.config.s3BucketEndpoint) { + endpoint.hostname = + b + '.' + endpoint.hostname; + } + + var port = endpoint.port; + if (port !== 80 && port !== 443) { + endpoint.host = endpoint.hostname + ':' + + endpoint.port; + } else { + endpoint.host = endpoint.hostname; + } + + httpRequest.virtualHostedBucket = b; // needed for signing the request + service.removeVirtualHostedBucketFromPath(req); + } + } + }, + + /** + * Takes the bucket name out of the path if bucket is virtual-hosted + * + * @api private + */ + removeVirtualHostedBucketFromPath: function removeVirtualHostedBucketFromPath(req) { + var httpRequest = req.httpRequest; + var bucket = httpRequest.virtualHostedBucket; + if (bucket && httpRequest.path) { + if (req.params && req.params.Key) { + var encodedS3Key = '/' + AWS.util.uriEscapePath(req.params.Key); + if (httpRequest.path.indexOf(encodedS3Key) === 0 && (httpRequest.path.length === encodedS3Key.length || httpRequest.path[encodedS3Key.length] === '?')) { + //path only contains key or path contains only key and querystring + return; + } + } + httpRequest.path = httpRequest.path.replace(new RegExp('/' + bucket), ''); + if (httpRequest.path[0] !== '/') { + httpRequest.path = '/' + httpRequest.path; + } + } + }, + + /** + * When user supply an access point ARN in the Bucket parameter, we need to + * populate the URI according to the ARN. + */ + populateUriFromAccessPointArn: function populateUriFromAccessPointArn(req) { + var accessPointArn = req._parsedArn; + + var isOutpostArn = accessPointArn.service === 's3-outposts'; + var isObjectLambdaArn = accessPointArn.service === 's3-object-lambda'; + + var outpostsSuffix = isOutpostArn ? '.' + accessPointArn.outpostId: ''; + var serviceName = isOutpostArn ? 's3-outposts': 's3-accesspoint'; + var fipsSuffix = !isOutpostArn && req.service.config.useFipsEndpoint ? '-fips': ''; + var dualStackSuffix = !isOutpostArn && + req.service.config.useDualstackEndpoint ? '.dualstack' : ''; + + var endpoint = req.httpRequest.endpoint; + var dnsSuffix = regionUtil.getEndpointSuffix(accessPointArn.region); + var useArnRegion = req.service.config.s3UseArnRegion; + + endpoint.hostname = [ + accessPointArn.accessPoint + '-' + accessPointArn.accountId + outpostsSuffix, + serviceName + fipsSuffix + dualStackSuffix, + useArnRegion ? accessPointArn.region : req.service.config.region, + dnsSuffix + ].join('.'); + + if (isObjectLambdaArn) { + // should be in the format: "accesspoint/${accesspointName}" + var serviceName = 's3-object-lambda'; + var accesspointName = accessPointArn.resource.split('/')[1]; + var fipsSuffix = req.service.config.useFipsEndpoint ? '-fips': ''; + endpoint.hostname = [ + accesspointName + '-' + accessPointArn.accountId, + serviceName + fipsSuffix, + useArnRegion ? accessPointArn.region : req.service.config.region, + dnsSuffix + ].join('.'); + } + endpoint.host = endpoint.hostname; + var encodedArn = AWS.util.uriEscape(req.params.Bucket); + var path = req.httpRequest.path; + //remove the Bucket value from path + req.httpRequest.path = path.replace(new RegExp('/' + encodedArn), ''); + if (req.httpRequest.path[0] !== '/') { + req.httpRequest.path = '/' + req.httpRequest.path; + } + req.httpRequest.region = accessPointArn.region; //region used to sign + }, + + /** + * Adds Expect: 100-continue header if payload is greater-or-equal 1MB + * @api private + */ + addExpect100Continue: function addExpect100Continue(req) { + var len = req.httpRequest.headers['Content-Length']; + if (AWS.util.isNode() && (len >= 1024 * 1024 || req.params.Body instanceof AWS.util.stream.Stream)) { + req.httpRequest.headers['Expect'] = '100-continue'; + } + }, + + /** + * Adds a default content type if none is supplied. + * + * @api private + */ + addContentType: function addContentType(req) { + var httpRequest = req.httpRequest; + if (httpRequest.method === 'GET' || httpRequest.method === 'HEAD') { + // Content-Type is not set in GET/HEAD requests + delete httpRequest.headers['Content-Type']; + return; + } + + if (!httpRequest.headers['Content-Type']) { // always have a Content-Type + httpRequest.headers['Content-Type'] = 'application/octet-stream'; + } + + var contentType = httpRequest.headers['Content-Type']; + if (AWS.util.isBrowser()) { + if (typeof httpRequest.body === 'string' && !contentType.match(/;\s*charset=/)) { + var charset = '; charset=UTF-8'; + httpRequest.headers['Content-Type'] += charset; + } else { + var replaceFn = function(_, prefix, charsetName) { + return prefix + charsetName.toUpperCase(); + }; + + httpRequest.headers['Content-Type'] = + contentType.replace(/(;\s*charset=)(.+)$/, replaceFn); + } + } + }, + + /** + * Checks whether checksums should be computed for the request if it's not + * already set by {AWS.EventListeners.Core.COMPUTE_CHECKSUM}. It depends on + * whether {AWS.Config.computeChecksums} is set. + * + * @param req [AWS.Request] the request to check against + * @return [Boolean] whether to compute checksums for a request. + * @api private + */ + willComputeChecksums: function willComputeChecksums(req) { + var rules = req.service.api.operations[req.operation].input.members; + var body = req.httpRequest.body; + var needsContentMD5 = req.service.config.computeChecksums && + rules.ContentMD5 && + !req.params.ContentMD5 && + body && + (AWS.util.Buffer.isBuffer(req.httpRequest.body) || typeof req.httpRequest.body === 'string'); + + // Sha256 signing disabled, and not a presigned url + if (needsContentMD5 && req.service.shouldDisableBodySigning(req) && !req.isPresigned()) { + return true; + } + + // SigV2 and presign, for backwards compatibility purpose. + if (needsContentMD5 && this.getSignatureVersion(req) === 's3' && req.isPresigned()) { + return true; + } + + return false; + }, + + /** + * A listener that computes the Content-MD5 and sets it in the header. + * This listener is to support S3-specific features like + * s3DisableBodySigning and SigV2 presign. Content MD5 logic for SigV4 is + * handled in AWS.EventListeners.Core.COMPUTE_CHECKSUM + * + * @api private + */ + computeContentMd5: function computeContentMd5(req) { + if (req.service.willComputeChecksums(req)) { + var md5 = AWS.util.crypto.md5(req.httpRequest.body, 'base64'); + req.httpRequest.headers['Content-MD5'] = md5; + } + }, + + /** + * @api private + */ + computeSseCustomerKeyMd5: function computeSseCustomerKeyMd5(req) { + var keys = { + SSECustomerKey: 'x-amz-server-side-encryption-customer-key-MD5', + CopySourceSSECustomerKey: 'x-amz-copy-source-server-side-encryption-customer-key-MD5' + }; + AWS.util.each(keys, function(key, header) { + if (req.params[key]) { + var value = AWS.util.crypto.md5(req.params[key], 'base64'); + req.httpRequest.headers[header] = value; + } + }); + }, + + /** + * Returns true if the bucket name should be left in the URI path for + * a request to S3. This function takes into account the current + * endpoint protocol (e.g. http or https). + * + * @api private + */ + pathStyleBucketName: function pathStyleBucketName(bucketName) { + // user can force path style requests via the configuration + if (this.config.s3ForcePathStyle) return true; + if (this.config.s3BucketEndpoint) return false; + + if (s3util.dnsCompatibleBucketName(bucketName)) { + return (this.config.sslEnabled && bucketName.match(/\./)) ? true : false; + } else { + return true; // not dns compatible names must always use path style + } + }, + + /** + * For COPY operations, some can be error even with status code 200. + * SDK treats the response as exception when response body indicates + * an exception or body is empty. + * + * @api private + */ + extractErrorFrom200Response: function extractErrorFrom200Response(resp) { + if (!operationsWith200StatusCodeError[resp.request.operation]) return; + var httpResponse = resp.httpResponse; + if (httpResponse.body && httpResponse.body.toString().match('')) { + // Response body with '...' indicates an exception. + // Get S3 client object. In ManagedUpload, this.service refers to + // S3 client object. + resp.data = null; + var service = this.service ? this.service : this; + service.extractError(resp); + throw resp.error; + } else if (!httpResponse.body || !httpResponse.body.toString().match(/<[\w_]/)) { + // When body is empty or incomplete, S3 might stop the request on detecting client + // side aborting the request. + resp.data = null; + throw AWS.util.error(new Error(), { + code: 'InternalError', + message: 'S3 aborted request' + }); + } + }, + + /** + * @return [Boolean] whether the error can be retried + * @api private + */ + retryableError: function retryableError(error, request) { + if (operationsWith200StatusCodeError[request.operation] && + error.statusCode === 200) { + return true; + } else if (request._requestRegionForBucket && + request.service.bucketRegionCache[request._requestRegionForBucket]) { + return false; + } else if (error && error.code === 'RequestTimeout') { + return true; + } else if (error && + regionRedirectErrorCodes.indexOf(error.code) != -1 && + error.region && error.region != request.httpRequest.region) { + request.httpRequest.region = error.region; + if (error.statusCode === 301) { + request.service.updateReqBucketRegion(request); + } + return true; + } else { + var _super = AWS.Service.prototype.retryableError; + return _super.call(this, error, request); + } + }, + + /** + * Updates httpRequest with region. If region is not provided, then + * the httpRequest will be updated based on httpRequest.region + * + * @api private + */ + updateReqBucketRegion: function updateReqBucketRegion(request, region) { + var httpRequest = request.httpRequest; + if (typeof region === 'string' && region.length) { + httpRequest.region = region; + } + if (!httpRequest.endpoint.host.match(/s3(?!-accelerate).*\.amazonaws\.com$/)) { + return; + } + var service = request.service; + var s3Config = service.config; + var s3BucketEndpoint = s3Config.s3BucketEndpoint; + if (s3BucketEndpoint) { + delete s3Config.s3BucketEndpoint; + } + var newConfig = AWS.util.copy(s3Config); + delete newConfig.endpoint; + newConfig.region = httpRequest.region; + + httpRequest.endpoint = (new AWS.S3(newConfig)).endpoint; + service.populateURI(request); + s3Config.s3BucketEndpoint = s3BucketEndpoint; + httpRequest.headers.Host = httpRequest.endpoint.host; + + if (request._asm.currentState === 'validate') { + request.removeListener('build', service.populateURI); + request.addListener('build', service.removeVirtualHostedBucketFromPath); + } + }, + + /** + * Provides a specialized parser for getBucketLocation -- all other + * operations are parsed by the super class. + * + * @api private + */ + extractData: function extractData(resp) { + var req = resp.request; + if (req.operation === 'getBucketLocation') { + var match = resp.httpResponse.body.toString().match(/>(.+)<\/Location/); + delete resp.data['_']; + if (match) { + resp.data.LocationConstraint = match[1]; + } else { + resp.data.LocationConstraint = ''; + } + } + var bucket = req.params.Bucket || null; + if (req.operation === 'deleteBucket' && typeof bucket === 'string' && !resp.error) { + req.service.clearBucketRegionCache(bucket); + } else { + var headers = resp.httpResponse.headers || {}; + var region = headers['x-amz-bucket-region'] || null; + if (!region && req.operation === 'createBucket' && !resp.error) { + var createBucketConfiguration = req.params.CreateBucketConfiguration; + if (!createBucketConfiguration) { + region = 'us-east-1'; + } else if (createBucketConfiguration.LocationConstraint === 'EU') { + region = 'eu-west-1'; + } else { + region = createBucketConfiguration.LocationConstraint; + } + } + if (region) { + if (bucket && region !== req.service.bucketRegionCache[bucket]) { + req.service.bucketRegionCache[bucket] = region; + } + } + } + req.service.extractRequestIds(resp); + }, + + /** + * Extracts an error object from the http response. + * + * @api private + */ + extractError: function extractError(resp) { + var codes = { + 304: 'NotModified', + 403: 'Forbidden', + 400: 'BadRequest', + 404: 'NotFound' + }; + + var req = resp.request; + var code = resp.httpResponse.statusCode; + var body = resp.httpResponse.body || ''; + + var headers = resp.httpResponse.headers || {}; + var region = headers['x-amz-bucket-region'] || null; + var bucket = req.params.Bucket || null; + var bucketRegionCache = req.service.bucketRegionCache; + if (region && bucket && region !== bucketRegionCache[bucket]) { + bucketRegionCache[bucket] = region; + } + + var cachedRegion; + if (codes[code] && body.length === 0) { + if (bucket && !region) { + cachedRegion = bucketRegionCache[bucket] || null; + if (cachedRegion !== req.httpRequest.region) { + region = cachedRegion; + } + } + resp.error = AWS.util.error(new Error(), { + code: codes[code], + message: null, + region: region + }); + } else { + var data = new AWS.XML.Parser().parse(body.toString()); + + if (data.Region && !region) { + region = data.Region; + if (bucket && region !== bucketRegionCache[bucket]) { + bucketRegionCache[bucket] = region; + } + } else if (bucket && !region && !data.Region) { + cachedRegion = bucketRegionCache[bucket] || null; + if (cachedRegion !== req.httpRequest.region) { + region = cachedRegion; + } + } + + resp.error = AWS.util.error(new Error(), { + code: data.Code || code, + message: data.Message || null, + region: region + }); + } + req.service.extractRequestIds(resp); + }, + + /** + * If region was not obtained synchronously, then send async request + * to get bucket region for errors resulting from wrong region. + * + * @api private + */ + requestBucketRegion: function requestBucketRegion(resp, done) { + var error = resp.error; + var req = resp.request; + var bucket = req.params.Bucket || null; + + if (!error || !bucket || error.region || req.operation === 'listObjects' || + (AWS.util.isNode() && req.operation === 'headBucket') || + (error.statusCode === 400 && req.operation !== 'headObject') || + regionRedirectErrorCodes.indexOf(error.code) === -1) { + return done(); + } + var reqOperation = AWS.util.isNode() ? 'headBucket' : 'listObjects'; + var reqParams = {Bucket: bucket}; + if (reqOperation === 'listObjects') reqParams.MaxKeys = 0; + var regionReq = req.service[reqOperation](reqParams); + regionReq._requestRegionForBucket = bucket; + regionReq.send(function() { + var region = req.service.bucketRegionCache[bucket] || null; + error.region = region; + done(); + }); + }, + + /** + * For browser only. If NetworkingError received, will attempt to obtain + * the bucket region. + * + * @api private + */ + reqRegionForNetworkingError: function reqRegionForNetworkingError(resp, done) { + if (!AWS.util.isBrowser()) { + return done(); + } + var error = resp.error; + var request = resp.request; + var bucket = request.params.Bucket; + if (!error || error.code !== 'NetworkingError' || !bucket || + request.httpRequest.region === 'us-east-1') { + return done(); + } + var service = request.service; + var bucketRegionCache = service.bucketRegionCache; + var cachedRegion = bucketRegionCache[bucket] || null; + + if (cachedRegion && cachedRegion !== request.httpRequest.region) { + service.updateReqBucketRegion(request, cachedRegion); + done(); + } else if (!s3util.dnsCompatibleBucketName(bucket)) { + service.updateReqBucketRegion(request, 'us-east-1'); + if (bucketRegionCache[bucket] !== 'us-east-1') { + bucketRegionCache[bucket] = 'us-east-1'; + } + done(); + } else if (request.httpRequest.virtualHostedBucket) { + var getRegionReq = service.listObjects({Bucket: bucket, MaxKeys: 0}); + service.updateReqBucketRegion(getRegionReq, 'us-east-1'); + getRegionReq._requestRegionForBucket = bucket; + + getRegionReq.send(function() { + var region = service.bucketRegionCache[bucket] || null; + if (region && region !== request.httpRequest.region) { + service.updateReqBucketRegion(request, region); + } + done(); + }); + } else { + // DNS-compatible path-style + // (s3ForcePathStyle or bucket name with dot over https) + // Cannot obtain region information for this case + done(); + } + }, + + /** + * Cache for bucket region. + * + * @api private + */ + bucketRegionCache: {}, + + /** + * Clears bucket region cache. + * + * @api private + */ + clearBucketRegionCache: function(buckets) { + var bucketRegionCache = this.bucketRegionCache; + if (!buckets) { + buckets = Object.keys(bucketRegionCache); + } else if (typeof buckets === 'string') { + buckets = [buckets]; + } + for (var i = 0; i < buckets.length; i++) { + delete bucketRegionCache[buckets[i]]; + } + return bucketRegionCache; + }, + + /** + * Corrects request region if bucket's cached region is different + * + * @api private + */ + correctBucketRegionFromCache: function correctBucketRegionFromCache(req) { + var bucket = req.params.Bucket || null; + if (bucket) { + var service = req.service; + var requestRegion = req.httpRequest.region; + var cachedRegion = service.bucketRegionCache[bucket]; + if (cachedRegion && cachedRegion !== requestRegion) { + service.updateReqBucketRegion(req, cachedRegion); + } + } + }, + + /** + * Extracts S3 specific request ids from the http response. + * + * @api private + */ + extractRequestIds: function extractRequestIds(resp) { + var extendedRequestId = resp.httpResponse.headers ? resp.httpResponse.headers['x-amz-id-2'] : null; + var cfId = resp.httpResponse.headers ? resp.httpResponse.headers['x-amz-cf-id'] : null; + resp.extendedRequestId = extendedRequestId; + resp.cfId = cfId; + + if (resp.error) { + resp.error.requestId = resp.requestId || null; + resp.error.extendedRequestId = extendedRequestId; + resp.error.cfId = cfId; + } + }, + + /** + * Get a pre-signed URL for a given operation name. + * + * @note You must ensure that you have static or previously resolved + * credentials if you call this method synchronously (with no callback), + * otherwise it may not properly sign the request. If you cannot guarantee + * this (you are using an asynchronous credential provider, i.e., EC2 + * IAM roles), you should always call this method with an asynchronous + * callback. + * @note Not all operation parameters are supported when using pre-signed + * URLs. Certain parameters, such as `SSECustomerKey`, `ACL`, `Expires`, + * `ContentLength`, or `Tagging` must be provided as headers when sending a + * request. If you are using pre-signed URLs to upload from a browser and + * need to use these fields, see {createPresignedPost}. + * @note The default signer allows altering the request by adding corresponding + * headers to set some parameters (e.g. Range) and these added parameters + * won't be signed. You must use signatureVersion v4 to to include these + * parameters in the signed portion of the URL and enforce exact matching + * between headers and signed params in the URL. + * @note This operation cannot be used with a promise. See note above regarding + * asynchronous credentials and use with a callback. + * @param operation [String] the name of the operation to call + * @param params [map] parameters to pass to the operation. See the given + * operation for the expected operation parameters. In addition, you can + * also pass the "Expires" parameter to inform S3 how long the URL should + * work for. + * @option params Expires [Integer] (900) the number of seconds to expire + * the pre-signed URL operation in. Defaults to 15 minutes. + * @param callback [Function] if a callback is provided, this function will + * pass the URL as the second parameter (after the error parameter) to + * the callback function. + * @return [String] if called synchronously (with no callback), returns the + * signed URL. + * @return [null] nothing is returned if a callback is provided. + * @example Pre-signing a getObject operation (synchronously) + * var params = {Bucket: 'bucket', Key: 'key'}; + * var url = s3.getSignedUrl('getObject', params); + * console.log('The URL is', url); + * @example Pre-signing a putObject (asynchronously) + * var params = {Bucket: 'bucket', Key: 'key'}; + * s3.getSignedUrl('putObject', params, function (err, url) { + * console.log('The URL is', url); + * }); + * @example Pre-signing a putObject operation with a specific payload + * var params = {Bucket: 'bucket', Key: 'key', Body: 'body'}; + * var url = s3.getSignedUrl('putObject', params); + * console.log('The URL is', url); + * @example Passing in a 1-minute expiry time for a pre-signed URL + * var params = {Bucket: 'bucket', Key: 'key', Expires: 60}; + * var url = s3.getSignedUrl('getObject', params); + * console.log('The URL is', url); // expires in 60 seconds + */ + getSignedUrl: function getSignedUrl(operation, params, callback) { + params = AWS.util.copy(params || {}); + var expires = params.Expires || 900; + + if (typeof expires !== 'number') { + throw AWS.util.error(new Error(), + { code: 'InvalidParameterException', message: 'The expiration must be a number, received ' + typeof expires }); + } + + delete params.Expires; // we can't validate this + var request = this.makeRequest(operation, params); + + if (callback) { + AWS.util.defer(function() { + request.presign(expires, callback); + }); + } else { + return request.presign(expires, callback); + } + }, + + /** + * @!method getSignedUrlPromise() + * Returns a 'thenable' promise that will be resolved with a pre-signed URL + * for a given operation name. + * + * Two callbacks can be provided to the `then` method on the returned promise. + * The first callback will be called if the promise is fulfilled, and the second + * callback will be called if the promise is rejected. + * @note Not all operation parameters are supported when using pre-signed + * URLs. Certain parameters, such as `SSECustomerKey`, `ACL`, `Expires`, + * `ContentLength`, or `Tagging` must be provided as headers when sending a + * request. If you are using pre-signed URLs to upload from a browser and + * need to use these fields, see {createPresignedPost}. + * @param operation [String] the name of the operation to call + * @param params [map] parameters to pass to the operation. See the given + * operation for the expected operation parameters. In addition, you can + * also pass the "Expires" parameter to inform S3 how long the URL should + * work for. + * @option params Expires [Integer] (900) the number of seconds to expire + * the pre-signed URL operation in. Defaults to 15 minutes. + * @callback fulfilledCallback function(url) + * Called if the promise is fulfilled. + * @param url [String] the signed url + * @callback rejectedCallback function(err) + * Called if the promise is rejected. + * @param err [Error] if an error occurred, this value will be filled + * @return [Promise] A promise that represents the state of the `refresh` call. + * @example Pre-signing a getObject operation + * var params = {Bucket: 'bucket', Key: 'key'}; + * var promise = s3.getSignedUrlPromise('getObject', params); + * promise.then(function(url) { + * console.log('The URL is', url); + * }, function(err) { ... }); + * @example Pre-signing a putObject operation with a specific payload + * var params = {Bucket: 'bucket', Key: 'key', Body: 'body'}; + * var promise = s3.getSignedUrlPromise('putObject', params); + * promise.then(function(url) { + * console.log('The URL is', url); + * }, function(err) { ... }); + * @example Passing in a 1-minute expiry time for a pre-signed URL + * var params = {Bucket: 'bucket', Key: 'key', Expires: 60}; + * var promise = s3.getSignedUrlPromise('getObject', params); + * promise.then(function(url) { + * console.log('The URL is', url); + * }, function(err) { ... }); + */ + + /** + * Get a pre-signed POST policy to support uploading to S3 directly from an + * HTML form. + * + * @param params [map] + * @option params Bucket [String] The bucket to which the post should be + * uploaded + * @option params Expires [Integer] (3600) The number of seconds for which + * the presigned policy should be valid. + * @option params Conditions [Array] An array of conditions that must be met + * for the presigned policy to allow the + * upload. This can include required tags, + * the accepted range for content lengths, + * etc. + * @see http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-HTTPPOSTConstructPolicy.html + * @option params Fields [map] Fields to include in the form. All + * values passed in as fields will be + * signed as exact match conditions. + * @param callback [Function] + * + * @note All fields passed in when creating presigned post data will be signed + * as exact match conditions. Any fields that will be interpolated by S3 + * must be added to the fields hash after signing, and an appropriate + * condition for such fields must be explicitly added to the Conditions + * array passed to this function before signing. + * + * @example Presiging post data with a known key + * var params = { + * Bucket: 'bucket', + * Fields: { + * key: 'key' + * } + * }; + * s3.createPresignedPost(params, function(err, data) { + * if (err) { + * console.error('Presigning post data encountered an error', err); + * } else { + * console.log('The post data is', data); + * } + * }); + * + * @example Presigning post data with an interpolated key + * var params = { + * Bucket: 'bucket', + * Conditions: [ + * ['starts-with', '$key', 'path/to/uploads/'] + * ] + * }; + * s3.createPresignedPost(params, function(err, data) { + * if (err) { + * console.error('Presigning post data encountered an error', err); + * } else { + * data.Fields.key = 'path/to/uploads/${filename}'; + * console.log('The post data is', data); + * } + * }); + * + * @note You must ensure that you have static or previously resolved + * credentials if you call this method synchronously (with no callback), + * otherwise it may not properly sign the request. If you cannot guarantee + * this (you are using an asynchronous credential provider, i.e., EC2 + * IAM roles), you should always call this method with an asynchronous + * callback. + * + * @return [map] If called synchronously (with no callback), returns a hash + * with the url to set as the form action and a hash of fields + * to include in the form. + * @return [null] Nothing is returned if a callback is provided. + * + * @callback callback function (err, data) + * @param err [Error] the error object returned from the policy signer + * @param data [map] The data necessary to construct an HTML form + * @param data.url [String] The URL to use as the action of the form + * @param data.fields [map] A hash of fields that must be included in the + * form for the upload to succeed. This hash will + * include the signed POST policy, your access key + * ID and security token (if present), etc. These + * may be safely included as input elements of type + * 'hidden.' + */ + createPresignedPost: function createPresignedPost(params, callback) { + if (typeof params === 'function' && callback === undefined) { + callback = params; + params = null; + } + + params = AWS.util.copy(params || {}); + var boundParams = this.config.params || {}; + var bucket = params.Bucket || boundParams.Bucket, + self = this, + config = this.config, + endpoint = AWS.util.copy(this.endpoint); + if (!config.s3BucketEndpoint) { + endpoint.pathname = '/' + bucket; + } + + function finalizePost() { + return { + url: AWS.util.urlFormat(endpoint), + fields: self.preparePostFields( + config.credentials, + config.region, + bucket, + params.Fields, + params.Conditions, + params.Expires + ) + }; + } + + if (callback) { + config.getCredentials(function (err) { + if (err) { + callback(err); + } else { + try { + callback(null, finalizePost()); + } catch (err) { + callback(err); + } + } + }); + } else { + return finalizePost(); + } + }, + + /** + * @api private + */ + preparePostFields: function preparePostFields( + credentials, + region, + bucket, + fields, + conditions, + expiresInSeconds + ) { + var now = this.getSkewCorrectedDate(); + if (!credentials || !region || !bucket) { + throw new Error('Unable to create a POST object policy without a bucket,' + + ' region, and credentials'); + } + fields = AWS.util.copy(fields || {}); + conditions = (conditions || []).slice(0); + expiresInSeconds = expiresInSeconds || 3600; + + var signingDate = AWS.util.date.iso8601(now).replace(/[:\-]|\.\d{3}/g, ''); + var shortDate = signingDate.substr(0, 8); + var scope = v4Credentials.createScope(shortDate, region, 's3'); + var credential = credentials.accessKeyId + '/' + scope; + + fields['bucket'] = bucket; + fields['X-Amz-Algorithm'] = 'AWS4-HMAC-SHA256'; + fields['X-Amz-Credential'] = credential; + fields['X-Amz-Date'] = signingDate; + if (credentials.sessionToken) { + fields['X-Amz-Security-Token'] = credentials.sessionToken; + } + for (var field in fields) { + if (fields.hasOwnProperty(field)) { + var condition = {}; + condition[field] = fields[field]; + conditions.push(condition); + } + } + + fields.Policy = this.preparePostPolicy( + new Date(now.valueOf() + expiresInSeconds * 1000), + conditions + ); + fields['X-Amz-Signature'] = AWS.util.crypto.hmac( + v4Credentials.getSigningKey(credentials, shortDate, region, 's3', true), + fields.Policy, + 'hex' + ); + + return fields; + }, + + /** + * @api private + */ + preparePostPolicy: function preparePostPolicy(expiration, conditions) { + return AWS.util.base64.encode(JSON.stringify({ + expiration: AWS.util.date.iso8601(expiration), + conditions: conditions + })); + }, + + /** + * @api private + */ + prepareSignedUrl: function prepareSignedUrl(request) { + request.addListener('validate', request.service.noPresignedContentLength); + request.removeListener('build', request.service.addContentType); + if (!request.params.Body) { + // no Content-MD5/SHA-256 if body is not provided + request.removeListener('build', request.service.computeContentMd5); + } else { + request.addListener('afterBuild', AWS.EventListeners.Core.COMPUTE_SHA256); + } + }, + + /** + * @api private + * @param request + */ + disableBodySigning: function disableBodySigning(request) { + var headers = request.httpRequest.headers; + // Add the header to anything that isn't a presigned url, unless that presigned url had a body defined + if (!Object.prototype.hasOwnProperty.call(headers, 'presigned-expires')) { + headers['X-Amz-Content-Sha256'] = 'UNSIGNED-PAYLOAD'; + } + }, + + /** + * @api private + */ + noPresignedContentLength: function noPresignedContentLength(request) { + if (request.params.ContentLength !== undefined) { + throw AWS.util.error(new Error(), {code: 'UnexpectedParameter', + message: 'ContentLength is not supported in pre-signed URLs.'}); + } + }, + + createBucket: function createBucket(params, callback) { + // When creating a bucket *outside* the classic region, the location + // constraint must be set for the bucket and it must match the endpoint. + // This chunk of code will set the location constraint param based + // on the region (when possible), but it will not override a passed-in + // location constraint. + if (typeof params === 'function' || !params) { + callback = callback || params; + params = {}; + } + var hostname = this.endpoint.hostname; + // copy params so that appending keys does not unintentioinallly + // mutate params object argument passed in by user + var copiedParams = AWS.util.copy(params); + + if (hostname !== this.api.globalEndpoint && !params.CreateBucketConfiguration) { + copiedParams.CreateBucketConfiguration = { LocationConstraint: this.config.region }; + } + return this.makeRequest('createBucket', copiedParams, callback); + }, + + writeGetObjectResponse: function writeGetObjectResponse(params, callback) { + + var request = this.makeRequest('writeGetObjectResponse', AWS.util.copy(params), callback); + var hostname = this.endpoint.hostname; + if (hostname.indexOf(this.config.region) !== -1) { + // hostname specifies a region already + hostname = hostname.replace('s3.', OBJECT_LAMBDA_SERVICE + '.'); + } else { + // Hostname doesn't have a region. + // Object Lambda requires an explicit region. + hostname = hostname.replace('s3.', OBJECT_LAMBDA_SERVICE + '.' + this.config.region + '.'); + } + + request.httpRequest.endpoint = new AWS.Endpoint(hostname, this.config); + return request; + }, + + /** + * @see AWS.S3.ManagedUpload + * @overload upload(params = {}, [options], [callback]) + * Uploads an arbitrarily sized buffer, blob, or stream, using intelligent + * concurrent handling of parts if the payload is large enough. You can + * configure the concurrent queue size by setting `options`. Note that this + * is the only operation for which the SDK can retry requests with stream + * bodies. + * + * @param (see AWS.S3.putObject) + * @option (see AWS.S3.ManagedUpload.constructor) + * @return [AWS.S3.ManagedUpload] the managed upload object that can call + * `send()` or track progress. + * @example Uploading a stream object + * var params = {Bucket: 'bucket', Key: 'key', Body: stream}; + * s3.upload(params, function(err, data) { + * console.log(err, data); + * }); + * @example Uploading a stream with concurrency of 1 and partSize of 10mb + * var params = {Bucket: 'bucket', Key: 'key', Body: stream}; + * var options = {partSize: 10 * 1024 * 1024, queueSize: 1}; + * s3.upload(params, options, function(err, data) { + * console.log(err, data); + * }); + * @callback callback function(err, data) + * @param err [Error] an error or null if no error occurred. + * @param data [map] The response data from the successful upload: + * @param data.Location [String] the URL of the uploaded object + * @param data.ETag [String] the ETag of the uploaded object + * @param data.Bucket [String] the bucket to which the object was uploaded + * @param data.Key [String] the key to which the object was uploaded + */ + upload: function upload(params, options, callback) { + if (typeof options === 'function' && callback === undefined) { + callback = options; + options = null; + } + + options = options || {}; + options = AWS.util.merge(options || {}, {service: this, params: params}); + + var uploader = new AWS.S3.ManagedUpload(options); + if (typeof callback === 'function') uploader.send(callback); + return uploader; + } +}); + +/** + * @api private + */ +AWS.S3.addPromisesToClass = function addPromisesToClass(PromiseDependency) { + this.prototype.getSignedUrlPromise = AWS.util.promisifyMethod('getSignedUrl', PromiseDependency); +}; + +/** + * @api private + */ +AWS.S3.deletePromisesFromClass = function deletePromisesFromClass() { + delete this.prototype.getSignedUrlPromise; +}; + +AWS.util.addPromises(AWS.S3); + + +/***/ }), + +/***/ 280: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var regionUtil = __nccwpck_require4_(3698); + +var s3util = { + /** + * @api private + */ + isArnInParam: function isArnInParam(req, paramName) { + var inputShape = (req.service.api.operations[req.operation] || {}).input || {}; + var inputMembers = inputShape.members || {}; + if (!req.params[paramName] || !inputMembers[paramName]) return false; + return AWS.util.ARN.validate(req.params[paramName]); + }, + + /** + * Validate service component from ARN supplied in Bucket parameter + */ + validateArnService: function validateArnService(req) { + var parsedArn = req._parsedArn; + + if (parsedArn.service !== 's3' + && parsedArn.service !== 's3-outposts' + && parsedArn.service !== 's3-object-lambda') { + throw AWS.util.error(new Error(), { + code: 'InvalidARN', + message: 'expect \'s3\' or \'s3-outposts\' or \'s3-object-lambda\' in ARN service component' + }); + } + }, + + /** + * Validate account ID from ARN supplied in Bucket parameter is a valid account + */ + validateArnAccount: function validateArnAccount(req) { + var parsedArn = req._parsedArn; + + if (!/[0-9]{12}/.exec(parsedArn.accountId)) { + throw AWS.util.error(new Error(), { + code: 'InvalidARN', + message: 'ARN accountID does not match regex "[0-9]{12}"' + }); + } + }, + + /** + * Validate ARN supplied in Bucket parameter is a valid access point ARN + */ + validateS3AccessPointArn: function validateS3AccessPointArn(req) { + var parsedArn = req._parsedArn; + + //can be ':' or '/' + var delimiter = parsedArn.resource['accesspoint'.length]; + + if (parsedArn.resource.split(delimiter).length !== 2) { + throw AWS.util.error(new Error(), { + code: 'InvalidARN', + message: 'Access Point ARN should have one resource accesspoint/{accesspointName}' + }); + } + + var accessPoint = parsedArn.resource.split(delimiter)[1]; + var accessPointPrefix = accessPoint + '-' + parsedArn.accountId; + if (!s3util.dnsCompatibleBucketName(accessPointPrefix) || accessPointPrefix.match(/\./)) { + throw AWS.util.error(new Error(), { + code: 'InvalidARN', + message: 'Access point resource in ARN is not DNS compatible. Got ' + accessPoint + }); + } + + //set parsed valid access point + req._parsedArn.accessPoint = accessPoint; + }, + + /** + * Validate Outposts ARN supplied in Bucket parameter is a valid outposts ARN + */ + validateOutpostsArn: function validateOutpostsArn(req) { + var parsedArn = req._parsedArn; + + if ( + parsedArn.resource.indexOf('outpost:') !== 0 && + parsedArn.resource.indexOf('outpost/') !== 0 + ) { + throw AWS.util.error(new Error(), { + code: 'InvalidARN', + message: 'ARN resource should begin with \'outpost/\'' + }); + } + + //can be ':' or '/' + var delimiter = parsedArn.resource['outpost'.length]; + var outpostId = parsedArn.resource.split(delimiter)[1]; + var dnsHostRegex = new RegExp(/^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]{0,61}[a-zA-Z0-9])$/); + if (!dnsHostRegex.test(outpostId)) { + throw AWS.util.error(new Error(), { + code: 'InvalidARN', + message: 'Outpost resource in ARN is not DNS compatible. Got ' + outpostId + }); + } + req._parsedArn.outpostId = outpostId; + }, + + /** + * Validate Outposts ARN supplied in Bucket parameter is a valid outposts ARN + */ + validateOutpostsAccessPointArn: function validateOutpostsAccessPointArn(req) { + var parsedArn = req._parsedArn; + + //can be ':' or '/' + var delimiter = parsedArn.resource['outpost'.length]; + + if (parsedArn.resource.split(delimiter).length !== 4) { + throw AWS.util.error(new Error(), { + code: 'InvalidARN', + message: 'Outposts ARN should have two resources outpost/{outpostId}/accesspoint/{accesspointName}' + }); + } + + var accessPoint = parsedArn.resource.split(delimiter)[3]; + var accessPointPrefix = accessPoint + '-' + parsedArn.accountId; + if (!s3util.dnsCompatibleBucketName(accessPointPrefix) || accessPointPrefix.match(/\./)) { + throw AWS.util.error(new Error(), { + code: 'InvalidARN', + message: 'Access point resource in ARN is not DNS compatible. Got ' + accessPoint + }); + } + + //set parsed valid access point + req._parsedArn.accessPoint = accessPoint; + }, + + /** + * Validate region field in ARN supplied in Bucket parameter is a valid region + */ + validateArnRegion: function validateArnRegion(req, options) { + if (options === undefined) { + options = {}; + } + + var useArnRegion = s3util.loadUseArnRegionConfig(req); + var regionFromArn = req._parsedArn.region; + var clientRegion = req.service.config.region; + var useFipsEndpoint = req.service.config.useFipsEndpoint; + var allowFipsEndpoint = options.allowFipsEndpoint || false; + + if (!regionFromArn) { + var message = 'ARN region is empty'; + if (req._parsedArn.service === 's3') { + message = message + '\nYou may want to use multi-regional ARN. The feature is not supported in current SDK. ' + + 'You should consider switching to V3(https://github.com/aws/aws-sdk-js-v3).'; + } + throw AWS.util.error(new Error(), { + code: 'InvalidARN', + message: message + }); + } + + if (useFipsEndpoint && !allowFipsEndpoint) { + throw AWS.util.error(new Error(), { + code: 'InvalidConfiguration', + message: 'ARN endpoint is not compatible with FIPS region' + }); + } + + if (regionFromArn.indexOf('fips') >= 0) { + throw AWS.util.error(new Error(), { + code: 'InvalidConfiguration', + message: 'FIPS region not allowed in ARN' + }); + } + + if (!useArnRegion && regionFromArn !== clientRegion) { + throw AWS.util.error(new Error(), { + code: 'InvalidConfiguration', + message: 'Configured region conflicts with access point region' + }); + } else if ( + useArnRegion && + regionUtil.getEndpointSuffix(regionFromArn) !== regionUtil.getEndpointSuffix(clientRegion) + ) { + throw AWS.util.error(new Error(), { + code: 'InvalidConfiguration', + message: 'Configured region and access point region not in same partition' + }); + } + + if (req.service.config.useAccelerateEndpoint) { + throw AWS.util.error(new Error(), { + code: 'InvalidConfiguration', + message: 'useAccelerateEndpoint config is not supported with access point ARN' + }); + } + + if (req._parsedArn.service === 's3-outposts' && req.service.config.useDualstackEndpoint) { + throw AWS.util.error(new Error(), { + code: 'InvalidConfiguration', + message: 'Dualstack is not supported with outposts access point ARN' + }); + } + }, + + loadUseArnRegionConfig: function loadUseArnRegionConfig(req) { + var envName = 'AWS_S3_USE_ARN_REGION'; + var configName = 's3_use_arn_region'; + var useArnRegion = true; + var originalConfig = req.service._originalConfig || {}; + if (req.service.config.s3UseArnRegion !== undefined) { + return req.service.config.s3UseArnRegion; + } else if (originalConfig.s3UseArnRegion !== undefined) { + useArnRegion = originalConfig.s3UseArnRegion === true; + } else if (AWS.util.isNode()) { + //load from environmental variable AWS_USE_ARN_REGION + if (process.env[envName]) { + var value = process.env[envName].trim().toLowerCase(); + if (['false', 'true'].indexOf(value) < 0) { + throw AWS.util.error(new Error(), { + code: 'InvalidConfiguration', + message: envName + ' only accepts true or false. Got ' + process.env[envName], + retryable: false + }); + } + useArnRegion = value === 'true'; + } else { //load from shared config property use_arn_region + var profiles = {}; + var profile = {}; + try { + profiles = AWS.util.getProfilesFromSharedConfig(AWS.util.iniLoader); + profile = profiles[process.env.AWS_PROFILE || AWS.util.defaultProfile]; + } catch (e) {} + if (profile[configName]) { + if (['false', 'true'].indexOf(profile[configName].trim().toLowerCase()) < 0) { + throw AWS.util.error(new Error(), { + code: 'InvalidConfiguration', + message: configName + ' only accepts true or false. Got ' + profile[configName], + retryable: false + }); + } + useArnRegion = profile[configName].trim().toLowerCase() === 'true'; + } + } + } + req.service.config.s3UseArnRegion = useArnRegion; + return useArnRegion; + }, + + /** + * Validations before URI can be populated + */ + validatePopulateUriFromArn: function validatePopulateUriFromArn(req) { + if (req.service._originalConfig && req.service._originalConfig.endpoint) { + throw AWS.util.error(new Error(), { + code: 'InvalidConfiguration', + message: 'Custom endpoint is not compatible with access point ARN' + }); + } + + if (req.service.config.s3ForcePathStyle) { + throw AWS.util.error(new Error(), { + code: 'InvalidConfiguration', + message: 'Cannot construct path-style endpoint with access point' + }); + } + }, + + /** + * Returns true if the bucket name is DNS compatible. Buckets created + * outside of the classic region MUST be DNS compatible. + * + * @api private + */ + dnsCompatibleBucketName: function dnsCompatibleBucketName(bucketName) { + var b = bucketName; + var domain = new RegExp(/^[a-z0-9][a-z0-9\.\-]{1,61}[a-z0-9]$/); + var ipAddress = new RegExp(/(\d+\.){3}\d+/); + var dots = new RegExp(/\.\./); + return (b.match(domain) && !b.match(ipAddress) && !b.match(dots)) ? true : false; + }, +}; + +/** + * @api private + */ +module.exports = s3util; + + +/***/ }), + +/***/ 6889: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var resolveRegionalEndpointsFlag = __nccwpck_require4_(4872); +var ENV_REGIONAL_ENDPOINT_ENABLED = 'AWS_STS_REGIONAL_ENDPOINTS'; +var CONFIG_REGIONAL_ENDPOINT_ENABLED = 'sts_regional_endpoints'; + +AWS.util.update(AWS.STS.prototype, { + /** + * @overload credentialsFrom(data, credentials = null) + * Creates a credentials object from STS response data containing + * credentials information. Useful for quickly setting AWS credentials. + * + * @note This is a low-level utility function. If you want to load temporary + * credentials into your process for subsequent requests to AWS resources, + * you should use {AWS.TemporaryCredentials} instead. + * @param data [map] data retrieved from a call to {getFederatedToken}, + * {getSessionToken}, {assumeRole}, or {assumeRoleWithWebIdentity}. + * @param credentials [AWS.Credentials] an optional credentials object to + * fill instead of creating a new object. Useful when modifying an + * existing credentials object from a refresh call. + * @return [AWS.TemporaryCredentials] the set of temporary credentials + * loaded from a raw STS operation response. + * @example Using credentialsFrom to load global AWS credentials + * var sts = new AWS.STS(); + * sts.getSessionToken(function (err, data) { + * if (err) console.log("Error getting credentials"); + * else { + * AWS.config.credentials = sts.credentialsFrom(data); + * } + * }); + * @see AWS.TemporaryCredentials + */ + credentialsFrom: function credentialsFrom(data, credentials) { + if (!data) return null; + if (!credentials) credentials = new AWS.TemporaryCredentials(); + credentials.expired = false; + credentials.accessKeyId = data.Credentials.AccessKeyId; + credentials.secretAccessKey = data.Credentials.SecretAccessKey; + credentials.sessionToken = data.Credentials.SessionToken; + credentials.expireTime = data.Credentials.Expiration; + return credentials; + }, + + assumeRoleWithWebIdentity: function assumeRoleWithWebIdentity(params, callback) { + return this.makeUnauthenticatedRequest('assumeRoleWithWebIdentity', params, callback); + }, + + assumeRoleWithSAML: function assumeRoleWithSAML(params, callback) { + return this.makeUnauthenticatedRequest('assumeRoleWithSAML', params, callback); + }, + + /** + * @api private + */ + setupRequestListeners: function setupRequestListeners(request) { + request.addListener('validate', this.optInRegionalEndpoint, true); + }, + + /** + * @api private + */ + optInRegionalEndpoint: function optInRegionalEndpoint(req) { + var service = req.service; + var config = service.config; + config.stsRegionalEndpoints = resolveRegionalEndpointsFlag(service._originalConfig, { + env: ENV_REGIONAL_ENDPOINT_ENABLED, + sharedConfig: CONFIG_REGIONAL_ENDPOINT_ENABLED, + clientConfig: 'stsRegionalEndpoints' + }); + if ( + config.stsRegionalEndpoints === 'regional' && + service.isGlobalEndpoint + ) { + //client will throw if region is not supplied; request will be signed with specified region + if (!config.region) { + throw AWS.util.error(new Error(), + {code: 'ConfigError', message: 'Missing region in config'}); + } + var insertPoint = config.endpoint.indexOf('.amazonaws.com'); + var regionalEndpoint = config.endpoint.substring(0, insertPoint) + + '.' + config.region + config.endpoint.substring(insertPoint); + req.httpRequest.updateEndpoint(regionalEndpoint); + req.httpRequest.region = config.region; + } + } + +}); + + +/***/ }), + +/***/ 5858: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var IniLoader = (__nccwpck_require4_(4544).IniLoader); +/** + * Singleton object to load specified config/credentials files. + * It will cache all the files ever loaded; + */ +module.exports.b = new IniLoader(); + + +/***/ }), + +/***/ 4544: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var os = __nccwpck_require4_(2037); +var path = __nccwpck_require4_(1017); + +function parseFile(filename) { + return AWS.util.ini.parse(AWS.util.readFileSync(filename)); +} + +function getProfiles(fileContent) { + var tmpContent = {}; + Object.keys(fileContent).forEach(function(sectionName) { + if (/^sso-session\s/.test(sectionName)) return; + Object.defineProperty(tmpContent, sectionName.replace(/^profile\s/, ''), { + value: fileContent[sectionName], + enumerable: true + }); + }); + return tmpContent; +} + +function getSsoSessions(fileContent) { + var tmpContent = {}; + Object.keys(fileContent).forEach(function(sectionName) { + if (!/^sso-session\s/.test(sectionName)) return; + Object.defineProperty(tmpContent, sectionName.replace(/^sso-session\s/, ''), { + value: fileContent[sectionName], + enumerable: true + }); + }); + return tmpContent; +} + +/** + * Ini file loader class the same as that used in the SDK. It loads and + * parses config and credentials files in .ini format and cache the content + * to assure files are only read once. + * Note that calling operations on the instance instantiated from this class + * won't affect the behavior of SDK since SDK uses an internal singleton of + * this class. + * @!macro nobrowser + */ +AWS.IniLoader = AWS.util.inherit({ + constructor: function IniLoader() { + this.resolvedProfiles = {}; + this.resolvedSsoSessions = {}; + }, + + /** Remove all cached files. Used after config files are updated. */ + clearCachedFiles: function clearCachedFiles() { + this.resolvedProfiles = {}; + this.resolvedSsoSessions = {}; + }, + + /** + * Load configurations from config/credentials files and cache them + * for later use. If no file is specified it will try to load default files. + * + * @param options [map] information describing the file + * @option options filename [String] ('~/.aws/credentials' or defined by + * AWS_SHARED_CREDENTIALS_FILE process env var or '~/.aws/config' if + * isConfig is set to true) + * path to the file to be read. + * @option options isConfig [Boolean] (false) True to read config file. + * @return [map] object containing contents from file in key-value + * pairs. + */ + loadFrom: function loadFrom(options) { + options = options || {}; + var isConfig = options.isConfig === true; + var filename = options.filename || this.getDefaultFilePath(isConfig); + if (!this.resolvedProfiles[filename]) { + var fileContent = parseFile(filename); + if (isConfig) { + Object.defineProperty(this.resolvedProfiles, filename, { + value: getProfiles(fileContent) + }); + } else { + Object.defineProperty(this.resolvedProfiles, filename, { value: fileContent }); + } + } + return this.resolvedProfiles[filename]; + }, + + /** + * Load sso sessions from config/credentials files and cache them + * for later use. If no file is specified it will try to load default file. + * + * @param options [map] information describing the file + * @option options filename [String] ('~/.aws/config' or defined by + * AWS_CONFIG_FILE process env var) + * @return [map] object containing contents from file in key-value + * pairs. + */ + loadSsoSessionsFrom: function loadSsoSessionsFrom(options) { + options = options || {}; + var filename = options.filename || this.getDefaultFilePath(true); + if (!this.resolvedSsoSessions[filename]) { + var fileContent = parseFile(filename); + Object.defineProperty(this.resolvedSsoSessions, filename, { + value: getSsoSessions(fileContent) + }); + } + return this.resolvedSsoSessions[filename]; + }, + + /** + * @api private + */ + getDefaultFilePath: function getDefaultFilePath(isConfig) { + return path.join( + this.getHomeDir(), + '.aws', + isConfig ? 'config' : 'credentials' + ); + }, + + /** + * @api private + */ + getHomeDir: function getHomeDir() { + var env = process.env; + var home = env.HOME || + env.USERPROFILE || + (env.HOMEPATH ? ((env.HOMEDRIVE || 'C:/') + env.HOMEPATH) : null); + + if (home) { + return home; + } + + if (typeof os.homedir === 'function') { + return os.homedir(); + } + + throw AWS.util.error( + new Error('Cannot load credentials, HOME path not set') + ); + } +}); + +var IniLoader = AWS.IniLoader; + +module.exports = { + IniLoader: IniLoader +}; + + +/***/ }), + +/***/ 6398: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); + +/** + * @api private + */ +AWS.Signers.Bearer = AWS.util.inherit(AWS.Signers.RequestSigner, { + constructor: function Bearer(request) { + AWS.Signers.RequestSigner.call(this, request); + }, + + addAuthorization: function addAuthorization(token) { + this.request.httpRequest.headers['Authorization'] = 'Bearer ' + token.token; + } +}); + + +/***/ }), + +/***/ 7969: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var inherit = AWS.util.inherit; + +/** + * @api private + */ +var expiresHeader = 'presigned-expires'; + +/** + * @api private + */ +function signedUrlBuilder(request) { + var expires = request.httpRequest.headers[expiresHeader]; + var signerClass = request.service.getSignerClass(request); + + delete request.httpRequest.headers['User-Agent']; + delete request.httpRequest.headers['X-Amz-User-Agent']; + + if (signerClass === AWS.Signers.V4) { + if (expires > 604800) { // one week expiry is invalid + var message = 'Presigning does not support expiry time greater ' + + 'than a week with SigV4 signing.'; + throw AWS.util.error(new Error(), { + code: 'InvalidExpiryTime', message: message, retryable: false + }); + } + request.httpRequest.headers[expiresHeader] = expires; + } else if (signerClass === AWS.Signers.S3) { + var now = request.service ? request.service.getSkewCorrectedDate() : AWS.util.date.getDate(); + request.httpRequest.headers[expiresHeader] = parseInt( + AWS.util.date.unixTimestamp(now) + expires, 10).toString(); + } else { + throw AWS.util.error(new Error(), { + message: 'Presigning only supports S3 or SigV4 signing.', + code: 'UnsupportedSigner', retryable: false + }); + } +} + +/** + * @api private + */ +function signedUrlSigner(request) { + var endpoint = request.httpRequest.endpoint; + var parsedUrl = AWS.util.urlParse(request.httpRequest.path); + var queryParams = {}; + + if (parsedUrl.search) { + queryParams = AWS.util.queryStringParse(parsedUrl.search.substr(1)); + } + + var auth = request.httpRequest.headers['Authorization'].split(' '); + if (auth[0] === 'AWS') { + auth = auth[1].split(':'); + queryParams['Signature'] = auth.pop(); + queryParams['AWSAccessKeyId'] = auth.join(':'); + + AWS.util.each(request.httpRequest.headers, function (key, value) { + if (key === expiresHeader) key = 'Expires'; + if (key.indexOf('x-amz-meta-') === 0) { + // Delete existing, potentially not normalized key + delete queryParams[key]; + key = key.toLowerCase(); + } + queryParams[key] = value; + }); + delete request.httpRequest.headers[expiresHeader]; + delete queryParams['Authorization']; + delete queryParams['Host']; + } else if (auth[0] === 'AWS4-HMAC-SHA256') { // SigV4 signing + auth.shift(); + var rest = auth.join(' '); + var signature = rest.match(/Signature=(.*?)(?:,|\s|\r?\n|$)/)[1]; + queryParams['X-Amz-Signature'] = signature; + delete queryParams['Expires']; + } + + // build URL + endpoint.pathname = parsedUrl.pathname; + endpoint.search = AWS.util.queryParamsToString(queryParams); +} + +/** + * @api private + */ +AWS.Signers.Presign = inherit({ + /** + * @api private + */ + sign: function sign(request, expireTime, callback) { + request.httpRequest.headers[expiresHeader] = expireTime || 3600; + request.on('build', signedUrlBuilder); + request.on('sign', signedUrlSigner); + request.removeListener('afterBuild', + AWS.EventListeners.Core.SET_CONTENT_LENGTH); + request.removeListener('afterBuild', + AWS.EventListeners.Core.COMPUTE_SHA256); + + request.emit('beforePresign', [request]); + + if (callback) { + request.build(function() { + if (this.response.error) callback(this.response.error); + else { + callback(null, AWS.util.urlFormat(request.httpRequest.endpoint)); + } + }); + } else { + request.build(); + if (request.response.error) throw request.response.error; + return AWS.util.urlFormat(request.httpRequest.endpoint); + } + } +}); + +/** + * @api private + */ +module.exports = AWS.Signers.Presign; + + +/***/ }), + +/***/ 3922: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); + +var inherit = AWS.util.inherit; + +/** + * @api private + */ +AWS.Signers.RequestSigner = inherit({ + constructor: function RequestSigner(request) { + this.request = request; + }, + + setServiceClientId: function setServiceClientId(id) { + this.serviceClientId = id; + }, + + getServiceClientId: function getServiceClientId() { + return this.serviceClientId; + } +}); + +AWS.Signers.RequestSigner.getVersion = function getVersion(version) { + switch (version) { + case 'v2': return AWS.Signers.V2; + case 'v3': return AWS.Signers.V3; + case 's3v4': return AWS.Signers.V4; + case 'v4': return AWS.Signers.V4; + case 's3': return AWS.Signers.S3; + case 'v3https': return AWS.Signers.V3Https; + case 'bearer': return AWS.Signers.Bearer; + } + throw new Error('Unknown signing version ' + version); +}; + +__nccwpck_require4_(7004); +__nccwpck_require4_(4507); +__nccwpck_require4_(2096); +__nccwpck_require4_(1833); +__nccwpck_require4_(4399); +__nccwpck_require4_(7969); +__nccwpck_require4_(6398); + + +/***/ }), + +/***/ 4399: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var inherit = AWS.util.inherit; + +/** + * @api private + */ +AWS.Signers.S3 = inherit(AWS.Signers.RequestSigner, { + /** + * When building the stringToSign, these sub resource params should be + * part of the canonical resource string with their NON-decoded values + */ + subResources: { + 'acl': 1, + 'accelerate': 1, + 'analytics': 1, + 'cors': 1, + 'lifecycle': 1, + 'delete': 1, + 'inventory': 1, + 'location': 1, + 'logging': 1, + 'metrics': 1, + 'notification': 1, + 'partNumber': 1, + 'policy': 1, + 'requestPayment': 1, + 'replication': 1, + 'restore': 1, + 'tagging': 1, + 'torrent': 1, + 'uploadId': 1, + 'uploads': 1, + 'versionId': 1, + 'versioning': 1, + 'versions': 1, + 'website': 1 + }, + + // when building the stringToSign, these querystring params should be + // part of the canonical resource string with their NON-encoded values + responseHeaders: { + 'response-content-type': 1, + 'response-content-language': 1, + 'response-expires': 1, + 'response-cache-control': 1, + 'response-content-disposition': 1, + 'response-content-encoding': 1 + }, + + addAuthorization: function addAuthorization(credentials, date) { + if (!this.request.headers['presigned-expires']) { + this.request.headers['X-Amz-Date'] = AWS.util.date.rfc822(date); + } + + if (credentials.sessionToken) { + // presigned URLs require this header to be lowercased + this.request.headers['x-amz-security-token'] = credentials.sessionToken; + } + + var signature = this.sign(credentials.secretAccessKey, this.stringToSign()); + var auth = 'AWS ' + credentials.accessKeyId + ':' + signature; + + this.request.headers['Authorization'] = auth; + }, + + stringToSign: function stringToSign() { + var r = this.request; + + var parts = []; + parts.push(r.method); + parts.push(r.headers['Content-MD5'] || ''); + parts.push(r.headers['Content-Type'] || ''); + + // This is the "Date" header, but we use X-Amz-Date. + // The S3 signing mechanism requires us to pass an empty + // string for this Date header regardless. + parts.push(r.headers['presigned-expires'] || ''); + + var headers = this.canonicalizedAmzHeaders(); + if (headers) parts.push(headers); + parts.push(this.canonicalizedResource()); + + return parts.join('\n'); + + }, + + canonicalizedAmzHeaders: function canonicalizedAmzHeaders() { + + var amzHeaders = []; + + AWS.util.each(this.request.headers, function (name) { + if (name.match(/^x-amz-/i)) + amzHeaders.push(name); + }); + + amzHeaders.sort(function (a, b) { + return a.toLowerCase() < b.toLowerCase() ? -1 : 1; + }); + + var parts = []; + AWS.util.arrayEach.call(this, amzHeaders, function (name) { + parts.push(name.toLowerCase() + ':' + String(this.request.headers[name])); + }); + + return parts.join('\n'); + + }, + + canonicalizedResource: function canonicalizedResource() { + + var r = this.request; + + var parts = r.path.split('?'); + var path = parts[0]; + var querystring = parts[1]; + + var resource = ''; + + if (r.virtualHostedBucket) + resource += '/' + r.virtualHostedBucket; + + resource += path; + + if (querystring) { + + // collect a list of sub resources and query params that need to be signed + var resources = []; + + AWS.util.arrayEach.call(this, querystring.split('&'), function (param) { + var name = param.split('=')[0]; + var value = param.split('=')[1]; + if (this.subResources[name] || this.responseHeaders[name]) { + var subresource = { name: name }; + if (value !== undefined) { + if (this.subResources[name]) { + subresource.value = value; + } else { + subresource.value = decodeURIComponent(value); + } + } + resources.push(subresource); + } + }); + + resources.sort(function (a, b) { return a.name < b.name ? -1 : 1; }); + + if (resources.length) { + + querystring = []; + AWS.util.arrayEach(resources, function (res) { + if (res.value === undefined) { + querystring.push(res.name); + } else { + querystring.push(res.name + '=' + res.value); + } + }); + + resource += '?' + querystring.join('&'); + } + + } + + return resource; + + }, + + sign: function sign(secret, string) { + return AWS.util.crypto.hmac(secret, string, 'base64', 'sha1'); + } +}); + +/** + * @api private + */ +module.exports = AWS.Signers.S3; + + +/***/ }), + +/***/ 7004: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var inherit = AWS.util.inherit; + +/** + * @api private + */ +AWS.Signers.V2 = inherit(AWS.Signers.RequestSigner, { + addAuthorization: function addAuthorization(credentials, date) { + + if (!date) date = AWS.util.date.getDate(); + + var r = this.request; + + r.params.Timestamp = AWS.util.date.iso8601(date); + r.params.SignatureVersion = '2'; + r.params.SignatureMethod = 'HmacSHA256'; + r.params.AWSAccessKeyId = credentials.accessKeyId; + + if (credentials.sessionToken) { + r.params.SecurityToken = credentials.sessionToken; + } + + delete r.params.Signature; // delete old Signature for re-signing + r.params.Signature = this.signature(credentials); + + r.body = AWS.util.queryParamsToString(r.params); + r.headers['Content-Length'] = r.body.length; + }, + + signature: function signature(credentials) { + return AWS.util.crypto.hmac(credentials.secretAccessKey, this.stringToSign(), 'base64'); + }, + + stringToSign: function stringToSign() { + var parts = []; + parts.push(this.request.method); + parts.push(this.request.endpoint.host.toLowerCase()); + parts.push(this.request.pathname()); + parts.push(AWS.util.queryParamsToString(this.request.params)); + return parts.join('\n'); + } + +}); + +/** + * @api private + */ +module.exports = AWS.Signers.V2; + + +/***/ }), + +/***/ 4507: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var inherit = AWS.util.inherit; + +/** + * @api private + */ +AWS.Signers.V3 = inherit(AWS.Signers.RequestSigner, { + addAuthorization: function addAuthorization(credentials, date) { + + var datetime = AWS.util.date.rfc822(date); + + this.request.headers['X-Amz-Date'] = datetime; + + if (credentials.sessionToken) { + this.request.headers['x-amz-security-token'] = credentials.sessionToken; + } + + this.request.headers['X-Amzn-Authorization'] = + this.authorization(credentials, datetime); + + }, + + authorization: function authorization(credentials) { + return 'AWS3 ' + + 'AWSAccessKeyId=' + credentials.accessKeyId + ',' + + 'Algorithm=HmacSHA256,' + + 'SignedHeaders=' + this.signedHeaders() + ',' + + 'Signature=' + this.signature(credentials); + }, + + signedHeaders: function signedHeaders() { + var headers = []; + AWS.util.arrayEach(this.headersToSign(), function iterator(h) { + headers.push(h.toLowerCase()); + }); + return headers.sort().join(';'); + }, + + canonicalHeaders: function canonicalHeaders() { + var headers = this.request.headers; + var parts = []; + AWS.util.arrayEach(this.headersToSign(), function iterator(h) { + parts.push(h.toLowerCase().trim() + ':' + String(headers[h]).trim()); + }); + return parts.sort().join('\n') + '\n'; + }, + + headersToSign: function headersToSign() { + var headers = []; + AWS.util.each(this.request.headers, function iterator(k) { + if (k === 'Host' || k === 'Content-Encoding' || k.match(/^X-Amz/i)) { + headers.push(k); + } + }); + return headers; + }, + + signature: function signature(credentials) { + return AWS.util.crypto.hmac(credentials.secretAccessKey, this.stringToSign(), 'base64'); + }, + + stringToSign: function stringToSign() { + var parts = []; + parts.push(this.request.method); + parts.push('/'); + parts.push(''); + parts.push(this.canonicalHeaders()); + parts.push(this.request.body); + return AWS.util.crypto.sha256(parts.join('\n')); + } + +}); + +/** + * @api private + */ +module.exports = AWS.Signers.V3; + + +/***/ }), + +/***/ 2096: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var inherit = AWS.util.inherit; + +__nccwpck_require4_(4507); + +/** + * @api private + */ +AWS.Signers.V3Https = inherit(AWS.Signers.V3, { + authorization: function authorization(credentials) { + return 'AWS3-HTTPS ' + + 'AWSAccessKeyId=' + credentials.accessKeyId + ',' + + 'Algorithm=HmacSHA256,' + + 'Signature=' + this.signature(credentials); + }, + + stringToSign: function stringToSign() { + return this.request.headers['X-Amz-Date']; + } +}); + +/** + * @api private + */ +module.exports = AWS.Signers.V3Https; + + +/***/ }), + +/***/ 1833: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var v4Credentials = __nccwpck_require4_(4178); +var inherit = AWS.util.inherit; + +/** + * @api private + */ +var expiresHeader = 'presigned-expires'; + +/** + * @api private + */ +AWS.Signers.V4 = inherit(AWS.Signers.RequestSigner, { + constructor: function V4(request, serviceName, options) { + AWS.Signers.RequestSigner.call(this, request); + this.serviceName = serviceName; + options = options || {}; + this.signatureCache = typeof options.signatureCache === 'boolean' ? options.signatureCache : true; + this.operation = options.operation; + this.signatureVersion = options.signatureVersion; + }, + + algorithm: 'AWS4-HMAC-SHA256', + + addAuthorization: function addAuthorization(credentials, date) { + var datetime = AWS.util.date.iso8601(date).replace(/[:\-]|\.\d{3}/g, ''); + + if (this.isPresigned()) { + this.updateForPresigned(credentials, datetime); + } else { + this.addHeaders(credentials, datetime); + } + + this.request.headers['Authorization'] = + this.authorization(credentials, datetime); + }, + + addHeaders: function addHeaders(credentials, datetime) { + this.request.headers['X-Amz-Date'] = datetime; + if (credentials.sessionToken) { + this.request.headers['x-amz-security-token'] = credentials.sessionToken; + } + }, + + updateForPresigned: function updateForPresigned(credentials, datetime) { + var credString = this.credentialString(datetime); + var qs = { + 'X-Amz-Date': datetime, + 'X-Amz-Algorithm': this.algorithm, + 'X-Amz-Credential': credentials.accessKeyId + '/' + credString, + 'X-Amz-Expires': this.request.headers[expiresHeader], + 'X-Amz-SignedHeaders': this.signedHeaders() + }; + + if (credentials.sessionToken) { + qs['X-Amz-Security-Token'] = credentials.sessionToken; + } + + if (this.request.headers['Content-Type']) { + qs['Content-Type'] = this.request.headers['Content-Type']; + } + if (this.request.headers['Content-MD5']) { + qs['Content-MD5'] = this.request.headers['Content-MD5']; + } + if (this.request.headers['Cache-Control']) { + qs['Cache-Control'] = this.request.headers['Cache-Control']; + } + + // need to pull in any other X-Amz-* headers + AWS.util.each.call(this, this.request.headers, function(key, value) { + if (key === expiresHeader) return; + if (this.isSignableHeader(key)) { + var lowerKey = key.toLowerCase(); + // Metadata should be normalized + if (lowerKey.indexOf('x-amz-meta-') === 0) { + qs[lowerKey] = value; + } else if (lowerKey.indexOf('x-amz-') === 0) { + qs[key] = value; + } + } + }); + + var sep = this.request.path.indexOf('?') >= 0 ? '&' : '?'; + this.request.path += sep + AWS.util.queryParamsToString(qs); + }, + + authorization: function authorization(credentials, datetime) { + var parts = []; + var credString = this.credentialString(datetime); + parts.push(this.algorithm + ' Credential=' + + credentials.accessKeyId + '/' + credString); + parts.push('SignedHeaders=' + this.signedHeaders()); + parts.push('Signature=' + this.signature(credentials, datetime)); + return parts.join(', '); + }, + + signature: function signature(credentials, datetime) { + var signingKey = v4Credentials.getSigningKey( + credentials, + datetime.substr(0, 8), + this.request.region, + this.serviceName, + this.signatureCache + ); + return AWS.util.crypto.hmac(signingKey, this.stringToSign(datetime), 'hex'); + }, + + stringToSign: function stringToSign(datetime) { + var parts = []; + parts.push('AWS4-HMAC-SHA256'); + parts.push(datetime); + parts.push(this.credentialString(datetime)); + parts.push(this.hexEncodedHash(this.canonicalString())); + return parts.join('\n'); + }, + + canonicalString: function canonicalString() { + var parts = [], pathname = this.request.pathname(); + if (this.serviceName !== 's3' && this.signatureVersion !== 's3v4') pathname = AWS.util.uriEscapePath(pathname); + + parts.push(this.request.method); + parts.push(pathname); + parts.push(this.request.search()); + parts.push(this.canonicalHeaders() + '\n'); + parts.push(this.signedHeaders()); + parts.push(this.hexEncodedBodyHash()); + return parts.join('\n'); + }, + + canonicalHeaders: function canonicalHeaders() { + var headers = []; + AWS.util.each.call(this, this.request.headers, function (key, item) { + headers.push([key, item]); + }); + headers.sort(function (a, b) { + return a[0].toLowerCase() < b[0].toLowerCase() ? -1 : 1; + }); + var parts = []; + AWS.util.arrayEach.call(this, headers, function (item) { + var key = item[0].toLowerCase(); + if (this.isSignableHeader(key)) { + var value = item[1]; + if (typeof value === 'undefined' || value === null || typeof value.toString !== 'function') { + throw AWS.util.error(new Error('Header ' + key + ' contains invalid value'), { + code: 'InvalidHeader' + }); + } + parts.push(key + ':' + + this.canonicalHeaderValues(value.toString())); + } + }); + return parts.join('\n'); + }, + + canonicalHeaderValues: function canonicalHeaderValues(values) { + return values.replace(/\s+/g, ' ').replace(/^\s+|\s+$/g, ''); + }, + + signedHeaders: function signedHeaders() { + var keys = []; + AWS.util.each.call(this, this.request.headers, function (key) { + key = key.toLowerCase(); + if (this.isSignableHeader(key)) keys.push(key); + }); + return keys.sort().join(';'); + }, + + credentialString: function credentialString(datetime) { + return v4Credentials.createScope( + datetime.substr(0, 8), + this.request.region, + this.serviceName + ); + }, + + hexEncodedHash: function hash(string) { + return AWS.util.crypto.sha256(string, 'hex'); + }, + + hexEncodedBodyHash: function hexEncodedBodyHash() { + var request = this.request; + if (this.isPresigned() && (['s3', 's3-object-lambda'].indexOf(this.serviceName) > -1) && !request.body) { + return 'UNSIGNED-PAYLOAD'; + } else if (request.headers['X-Amz-Content-Sha256']) { + return request.headers['X-Amz-Content-Sha256']; + } else { + return this.hexEncodedHash(this.request.body || ''); + } + }, + + unsignableHeaders: [ + 'authorization', + 'content-type', + 'content-length', + 'user-agent', + expiresHeader, + 'expect', + 'x-amzn-trace-id' + ], + + isSignableHeader: function isSignableHeader(key) { + if (key.toLowerCase().indexOf('x-amz-') === 0) return true; + return this.unsignableHeaders.indexOf(key) < 0; + }, + + isPresigned: function isPresigned() { + return this.request.headers[expiresHeader] ? true : false; + } + +}); + +/** + * @api private + */ +module.exports = AWS.Signers.V4; + + +/***/ }), + +/***/ 4178: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); + +/** + * @api private + */ +var cachedSecret = {}; + +/** + * @api private + */ +var cacheQueue = []; + +/** + * @api private + */ +var maxCacheEntries = 50; + +/** + * @api private + */ +var v4Identifier = 'aws4_request'; + +/** + * @api private + */ +module.exports = { + /** + * @api private + * + * @param date [String] + * @param region [String] + * @param serviceName [String] + * @return [String] + */ + createScope: function createScope(date, region, serviceName) { + return [ + date.substr(0, 8), + region, + serviceName, + v4Identifier + ].join('/'); + }, + + /** + * @api private + * + * @param credentials [Credentials] + * @param date [String] + * @param region [String] + * @param service [String] + * @param shouldCache [Boolean] + * @return [String] + */ + getSigningKey: function getSigningKey( + credentials, + date, + region, + service, + shouldCache + ) { + var credsIdentifier = AWS.util.crypto + .hmac(credentials.secretAccessKey, credentials.accessKeyId, 'base64'); + var cacheKey = [credsIdentifier, date, region, service].join('_'); + shouldCache = shouldCache !== false; + if (shouldCache && (cacheKey in cachedSecret)) { + return cachedSecret[cacheKey]; + } + + var kDate = AWS.util.crypto.hmac( + 'AWS4' + credentials.secretAccessKey, + date, + 'buffer' + ); + var kRegion = AWS.util.crypto.hmac(kDate, region, 'buffer'); + var kService = AWS.util.crypto.hmac(kRegion, service, 'buffer'); + + var signingKey = AWS.util.crypto.hmac(kService, v4Identifier, 'buffer'); + if (shouldCache) { + cachedSecret[cacheKey] = signingKey; + cacheQueue.push(cacheKey); + if (cacheQueue.length > maxCacheEntries) { + // remove the oldest entry (not the least recently used) + delete cachedSecret[cacheQueue.shift()]; + } + } + + return signingKey; + }, + + /** + * @api private + * + * Empties the derived signing key cache. Made available for testing purposes + * only. + */ + emptyCache: function emptyCache() { + cachedSecret = {}; + cacheQueue = []; + } +}; + + +/***/ }), + +/***/ 8093: +/***/ ((module) => { + +function AcceptorStateMachine(states, state) { + this.currentState = state || null; + this.states = states || {}; +} + +AcceptorStateMachine.prototype.runTo = function runTo(finalState, done, bindObject, inputError) { + if (typeof finalState === 'function') { + inputError = bindObject; bindObject = done; + done = finalState; finalState = null; + } + + var self = this; + var state = self.states[self.currentState]; + state.fn.call(bindObject || self, inputError, function(err) { + if (err) { + if (state.fail) self.currentState = state.fail; + else return done ? done.call(bindObject, err) : null; + } else { + if (state.accept) self.currentState = state.accept; + else return done ? done.call(bindObject) : null; + } + if (self.currentState === finalState) { + return done ? done.call(bindObject, err) : null; + } + + self.runTo(finalState, done, bindObject, err); + }); +}; + +AcceptorStateMachine.prototype.addState = function addState(name, acceptState, failState, fn) { + if (typeof acceptState === 'function') { + fn = acceptState; acceptState = null; failState = null; + } else if (typeof failState === 'function') { + fn = failState; failState = null; + } + + if (!this.currentState) this.currentState = name; + this.states[name] = { accept: acceptState, fail: failState, fn: fn }; + return this; +}; + +/** + * @api private + */ +module.exports = AcceptorStateMachine; + + +/***/ }), + +/***/ 3918: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); + +/** + * Represents AWS token object, which contains {token}, and optional + * {expireTime}. + * Creating a `Token` object allows you to pass around your + * token to configuration and service objects. + * + * Note that this class typically does not need to be constructed manually, + * as the {AWS.Config} and {AWS.Service} classes both accept simple + * options hashes with the two keys. The token from this object will be used + * automatically in operations which require them. + * + * ## Expiring and Refreshing Token + * + * Occasionally token can expire in the middle of a long-running + * application. In this case, the SDK will automatically attempt to + * refresh the token from the storage location if the Token + * class implements the {refresh} method. + * + * If you are implementing a token storage location, you + * will want to create a subclass of the `Token` class and + * override the {refresh} method. This method allows token to be + * retrieved from the backing store, be it a file system, database, or + * some network storage. The method should reset the token attributes + * on the object. + * + * @!attribute token + * @return [String] represents the literal token string. This will typically + * be a base64 encoded string. + * @!attribute expireTime + * @return [Date] a time when token should be considered expired. Used + * in conjunction with {expired}. + * @!attribute expired + * @return [Boolean] whether the token is expired and require a refresh. Used + * in conjunction with {expireTime}. + */ +AWS.Token = AWS.util.inherit({ + /** + * Creates a Token object with a given set of information in options hash. + * @option options token [String] represents the literal token string. + * @option options expireTime [Date] field representing the time at which + * the token expires. + * @example Create a token object + * var token = new AWS.Token({ token: 'token' }); + */ + constructor: function Token(options) { + // hide token from being displayed with util.inspect + AWS.util.hideProperties(this, ['token']); + + this.expired = false; + this.expireTime = null; + this.refreshCallbacks = []; + if (arguments.length === 1) { + var options = arguments[0]; + this.token = options.token; + this.expireTime = options.expireTime; + } + }, + + /** + * @return [Integer] the number of seconds before {expireTime} during which + * the token will be considered expired. + */ + expiryWindow: 15, + + /** + * @return [Boolean] whether the Token object should call {refresh} + * @note Subclasses should override this method to provide custom refresh + * logic. + */ + needsRefresh: function needsRefresh() { + var currentTime = AWS.util.date.getDate().getTime(); + var adjustedTime = new Date(currentTime + this.expiryWindow * 1000); + + if (this.expireTime && adjustedTime > this.expireTime) + return true; + + return this.expired || !this.token; + }, + + /** + * Gets the existing token, refreshing them if they are not yet loaded + * or have expired. Users should call this method before using {refresh}, + * as this will not attempt to reload token when they are already + * loaded into the object. + * + * @callback callback function(err) + * When this callback is called with no error, it means either token + * do not need to be refreshed or refreshed token information has + * been loaded into the object (as the `token` property). + * @param err [Error] if an error occurred, this value will be filled + */ + get: function get(callback) { + var self = this; + if (this.needsRefresh()) { + this.refresh(function(err) { + if (!err) self.expired = false; // reset expired flag + if (callback) callback(err); + }); + } else if (callback) { + callback(); + } + }, + + /** + * @!method getPromise() + * Returns a 'thenable' promise. + * Gets the existing token, refreshing it if it's not yet loaded + * or have expired. Users should call this method before using {refresh}, + * as this will not attempt to reload token when it's already + * loaded into the object. + * + * Two callbacks can be provided to the `then` method on the returned promise. + * The first callback will be called if the promise is fulfilled, and the second + * callback will be called if the promise is rejected. + * @callback fulfilledCallback function() + * Called if the promise is fulfilled. When this callback is called, it means + * either token does not need to be refreshed or refreshed token information + * has been loaded into the object (as the `token` property). + * @callback rejectedCallback function(err) + * Called if the promise is rejected. + * @param err [Error] if an error occurred, this value will be filled. + * @return [Promise] A promise that represents the state of the `get` call. + * @example Calling the `getPromise` method. + * var promise = tokenProvider.getPromise(); + * promise.then(function() { ... }, function(err) { ... }); + */ + + /** + * @!method refreshPromise() + * Returns a 'thenable' promise. + * Refreshes the token. Users should call {get} before attempting + * to forcibly refresh token. + * + * Two callbacks can be provided to the `then` method on the returned promise. + * The first callback will be called if the promise is fulfilled, and the second + * callback will be called if the promise is rejected. + * @callback fulfilledCallback function() + * Called if the promise is fulfilled. When this callback is called, it + * means refreshed token information has been loaded into the object + * (as the `token` property). + * @callback rejectedCallback function(err) + * Called if the promise is rejected. + * @param err [Error] if an error occurred, this value will be filled. + * @return [Promise] A promise that represents the state of the `refresh` call. + * @example Calling the `refreshPromise` method. + * var promise = tokenProvider.refreshPromise(); + * promise.then(function() { ... }, function(err) { ... }); + */ + + /** + * Refreshes the token. Users should call {get} before attempting + * to forcibly refresh token. + * + * @callback callback function(err) + * When this callback is called with no error, it means refreshed + * token information has been loaded into the object (as the + * `token` property). + * @param err [Error] if an error occurred, this value will be filled + * @note Subclasses should override this class to reset the + * {token} on the token object and then call the callback with + * any error information. + * @see get + */ + refresh: function refresh(callback) { + this.expired = false; + callback(); + }, + + /** + * @api private + * @param callback + */ + coalesceRefresh: function coalesceRefresh(callback, sync) { + var self = this; + if (self.refreshCallbacks.push(callback) === 1) { + self.load(function onLoad(err) { + AWS.util.arrayEach(self.refreshCallbacks, function(callback) { + if (sync) { + callback(err); + } else { + // callback could throw, so defer to ensure all callbacks are notified + AWS.util.defer(function () { + callback(err); + }); + } + }); + self.refreshCallbacks.length = 0; + }); + } + }, + + /** + * @api private + * @param callback + */ + load: function load(callback) { + callback(); + } +}); + +/** + * @api private + */ +AWS.Token.addPromisesToClass = function addPromisesToClass(PromiseDependency) { + this.prototype.getPromise = AWS.util.promisifyMethod('get', PromiseDependency); + this.prototype.refreshPromise = AWS.util.promisifyMethod('refresh', PromiseDependency); +}; + +/** + * @api private + */ +AWS.Token.deletePromisesFromClass = function deletePromisesFromClass() { + delete this.prototype.getPromise; + delete this.prototype.refreshPromise; +}; + +AWS.util.addPromises(AWS.Token); + + +/***/ }), + +/***/ 5521: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var crypto = __nccwpck_require4_(6113); +var fs = __nccwpck_require4_(7147); +var path = __nccwpck_require4_(1017); +var iniLoader = AWS.util.iniLoader; + +// Tracking refresh attempt to ensure refresh is not attempted more than once every 30 seconds. +var lastRefreshAttemptTime = 0; + +/** + * Throws error is key is not present in token object. + * + * @param token [Object] Object to be validated. + * @param key [String] The key to be validated on the object. + */ +var validateTokenKey = function validateTokenKey(token, key) { + if (!token[key]) { + throw AWS.util.error( + new Error('Key "' + key + '" not present in SSO Token'), + { code: 'SSOTokenProviderFailure' } + ); + } +}; + +/** + * Calls callback function with or without error based on provided times in case + * of unsuccessful refresh. + * + * @param currentTime [number] current time in milliseconds since ECMAScript epoch. + * @param tokenExpireTime [number] token expire time in milliseconds since ECMAScript epoch. + * @param callback [Function] Callback to call in case of error. + */ +var refreshUnsuccessful = function refreshUnsuccessful( + currentTime, + tokenExpireTime, + callback +) { + if (tokenExpireTime > currentTime) { + // Cached token is still valid, return. + callback(null); + } else { + // Token invalid, throw error requesting user to sso login. + throw AWS.util.error( + new Error('SSO Token refresh failed. Please log in using "aws sso login"'), + { code: 'SSOTokenProviderFailure' } + ); + } +}; + +/** + * Represents token loaded from disk derived from the AWS SSO device grant authorication flow. + * + * ## Using SSO Token Provider + * + * This provider is checked by default in the Node.js environment in TokenProviderChain. + * To use the SSO Token Provider, simply add your SSO Start URL and Region to the + * ~/.aws/config file in the following format: + * + * [default] + * sso_start_url = https://d-abc123.awsapps.com/start + * sso_region = us-east-1 + * + * ## Using custom profiles + * + * The SDK supports loading token for separate profiles. This can be done in two ways: + * + * 1. Set the `AWS_PROFILE` environment variable in your process prior to loading the SDK. + * 2. Directly load the AWS.SSOTokenProvider: + * + * ```javascript + * var ssoTokenProvider = new AWS.SSOTokenProvider({profile: 'myprofile'}); + * ``` + * + * @!macro nobrowser + */ +AWS.SSOTokenProvider = AWS.util.inherit(AWS.Token, { + /** + * Expiry window of five minutes. + */ + expiryWindow: 5 * 60, + + /** + * Creates a new token object from cached access token. + * + * @param options [map] a set of options + * @option options profile [String] (AWS_PROFILE env var or 'default') + * the name of the profile to load. + * @option options callback [Function] (err) Token is eagerly loaded + * by the constructor. When the callback is called with no error, the + * token has been loaded successfully. + */ + constructor: function SSOTokenProvider(options) { + AWS.Token.call(this); + + options = options || {}; + + this.expired = true; + this.profile = options.profile || process.env.AWS_PROFILE || AWS.util.defaultProfile; + this.get(options.callback || AWS.util.fn.noop); + }, + + /** + * Reads sso_start_url from provided profile, and reads token from + * ~/.aws/sso/cache/.json + * + * Throws an error if required fields token and expiresAt are missing. + * Throws an error if token has expired and metadata to perform refresh is + * not available. + * Attempts to refresh the token if it's within 5 minutes before expiry time. + * + * @api private + */ + load: function load(callback) { + var self = this; + var profiles = iniLoader.loadFrom({ isConfig: true }); + var profile = profiles[this.profile] || {}; + + if (Object.keys(profile).length === 0) { + throw AWS.util.error( + new Error('Profile "' + this.profile + '" not found'), + { code: 'SSOTokenProviderFailure' } + ); + } else if (!profile['sso_session']) { + throw AWS.util.error( + new Error('Profile "' + profileName + '" is missing required property "sso_session".'), + { code: 'SSOTokenProviderFailure' } + ); + } + + var ssoSessionName = profile['sso_session']; + var ssoSessions = iniLoader.loadSsoSessionsFrom(); + var ssoSession = ssoSessions[ssoSessionName]; + + if (!ssoSession) { + throw AWS.util.error( + new Error('Sso session "' + ssoSessionName + '" not found'), + { code: 'SSOTokenProviderFailure' } + ); + } else if (!ssoSession['sso_start_url']) { + throw AWS.util.error( + new Error('Sso session "' + profileName + '" is missing required property "sso_start_url".'), + { code: 'SSOTokenProviderFailure' } + ); + } else if (!ssoSession['sso_region']) { + throw AWS.util.error( + new Error('Sso session "' + profileName + '" is missing required property "sso_region".'), + { code: 'SSOTokenProviderFailure' } + ); + } + + var hasher = crypto.createHash('sha1'); + var fileName = hasher.update(ssoSessionName).digest('hex') + '.json'; + var cachePath = path.join(iniLoader.getHomeDir(), '.aws', 'sso', 'cache', fileName); + var tokenFromCache = JSON.parse(fs.readFileSync(cachePath)); + + if (!tokenFromCache) { + throw AWS.util.error( + new Error('Cached token not found. Please log in using "aws sso login"' + + ' for profile "' + this.profile + '".'), + { code: 'SSOTokenProviderFailure' } + ); + } + + validateTokenKey(tokenFromCache, 'accessToken'); + validateTokenKey(tokenFromCache, 'expiresAt'); + + var currentTime = AWS.util.date.getDate().getTime(); + var adjustedTime = new Date(currentTime + this.expiryWindow * 1000); + var tokenExpireTime = new Date(tokenFromCache['expiresAt']); + + if (tokenExpireTime > adjustedTime) { + // Token is valid and not expired. + self.token = tokenFromCache.accessToken; + self.expireTime = tokenExpireTime; + self.expired = false; + callback(null); + return; + } + + // Skip new refresh, if last refresh was done within 30 seconds. + if (currentTime - lastRefreshAttemptTime < 30 * 1000) { + refreshUnsuccessful(currentTime, tokenExpireTime, callback); + return; + } + + // Token is in expiry window, refresh from SSOOIDC.createToken() call. + validateTokenKey(tokenFromCache, 'clientId'); + validateTokenKey(tokenFromCache, 'clientSecret'); + validateTokenKey(tokenFromCache, 'refreshToken'); + + if (!self.service || self.service.config.region !== ssoSession.sso_region) { + self.service = new AWS.SSOOIDC({ region: ssoSession.sso_region }); + } + + var params = { + clientId: tokenFromCache.clientId, + clientSecret: tokenFromCache.clientSecret, + refreshToken: tokenFromCache.refreshToken, + grantType: 'refresh_token', + }; + + lastRefreshAttemptTime = AWS.util.date.getDate().getTime(); + self.service.createToken(params, function(err, data) { + if (err || !data) { + refreshUnsuccessful(currentTime, tokenExpireTime, callback); + } else { + try { + validateTokenKey(data, 'accessToken'); + validateTokenKey(data, 'expiresIn'); + self.expired = false; + self.token = data.accessToken; + self.expireTime = new Date(Date.now() + data.expiresIn * 1000); + callback(null); + + try { + // Write updated token data to disk. + tokenFromCache.accessToken = data.accessToken; + tokenFromCache.expiresAt = self.expireTime.toISOString(); + tokenFromCache.refreshToken = data.refreshToken; + fs.writeFileSync(cachePath, JSON.stringify(tokenFromCache, null, 2)); + } catch (error) { + // Swallow error if unable to write token to file. + } + } catch (error) { + refreshUnsuccessful(currentTime, tokenExpireTime, callback); + } + } + }); + }, + + /** + * Loads the cached access token from disk. + * + * @callback callback function(err) + * Called after the AWS SSO process has been executed. When this + * callback is called with no error, it means that the token information + * has been loaded into the object (as the `token` property). + * @param err [Error] if an error occurred, this value will be filled. + * @see get + */ + refresh: function refresh(callback) { + iniLoader.clearCachedFiles(); + this.coalesceRefresh(callback || AWS.util.fn.callback); + }, +}); + + +/***/ }), + +/***/ 7477: +/***/ ((__unused_webpack_module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); + +/** + * Creates a token provider chain that searches for token in a list of + * token providers specified by the {providers} property. + * + * By default, the chain will use the {defaultProviders} to resolve token. + * + * ## Setting Providers + * + * Each provider in the {providers} list should be a function that returns + * a {AWS.Token} object, or a hardcoded token object. The function + * form allows for delayed execution of the Token construction. + * + * ## Resolving Token from a Chain + * + * Call {resolve} to return the first valid token object that can be + * loaded by the provider chain. + * + * For example, to resolve a chain with a custom provider that checks a file + * on disk after the set of {defaultProviders}: + * + * ```javascript + * var diskProvider = new FileTokenProvider('./token.json'); + * var chain = new AWS.TokenProviderChain(); + * chain.providers.push(diskProvider); + * chain.resolve(); + * ``` + * + * The above code will return the `diskProvider` object if the + * file contains token and the `defaultProviders` do not contain + * any token. + * + * @!attribute providers + * @return [Array] + * a list of token objects or functions that return token + * objects. If the provider is a function, the function will be + * executed lazily when the provider needs to be checked for valid + * token. By default, this object will be set to the {defaultProviders}. + * @see defaultProviders + */ +AWS.TokenProviderChain = AWS.util.inherit(AWS.Token, { + + /** + * Creates a new TokenProviderChain with a default set of providers + * specified by {defaultProviders}. + */ + constructor: function TokenProviderChain(providers) { + if (providers) { + this.providers = providers; + } else { + this.providers = AWS.TokenProviderChain.defaultProviders.slice(0); + } + this.resolveCallbacks = []; + }, + + /** + * @!method resolvePromise() + * Returns a 'thenable' promise. + * Resolves the provider chain by searching for the first token in {providers}. + * + * Two callbacks can be provided to the `then` method on the returned promise. + * The first callback will be called if the promise is fulfilled, and the second + * callback will be called if the promise is rejected. + * @callback fulfilledCallback function(token) + * Called if the promise is fulfilled and the provider resolves the chain + * to a token object + * @param token [AWS.Token] the token object resolved by the provider chain. + * @callback rejectedCallback function(error) + * Called if the promise is rejected. + * @param err [Error] the error object returned if no token is found. + * @return [Promise] A promise that represents the state of the `resolve` method call. + * @example Calling the `resolvePromise` method. + * var promise = chain.resolvePromise(); + * promise.then(function(token) { ... }, function(err) { ... }); + */ + + /** + * Resolves the provider chain by searching for the first token in {providers}. + * + * @callback callback function(err, token) + * Called when the provider resolves the chain to a token object + * or null if no token can be found. + * + * @param err [Error] the error object returned if no token is found. + * @param token [AWS.Token] the token object resolved by the provider chain. + * @return [AWS.TokenProviderChain] the provider, for chaining. + */ + resolve: function resolve(callback) { + var self = this; + if (self.providers.length === 0) { + callback(new Error('No providers')); + return self; + } + + if (self.resolveCallbacks.push(callback) === 1) { + var index = 0; + var providers = self.providers.slice(0); + + function resolveNext(err, token) { + if ((!err && token) || index === providers.length) { + AWS.util.arrayEach(self.resolveCallbacks, function (callback) { + callback(err, token); + }); + self.resolveCallbacks.length = 0; + return; + } + + var provider = providers[index++]; + if (typeof provider === 'function') { + token = provider.call(); + } else { + token = provider; + } + + if (token.get) { + token.get(function (getErr) { + resolveNext(getErr, getErr ? null : token); + }); + } else { + resolveNext(null, token); + } + } + + resolveNext(); + } + + return self; + } +}); + +/** + * The default set of providers used by a vanilla TokenProviderChain. + * + * In the browser: + * + * ```javascript + * AWS.TokenProviderChain.defaultProviders = [] + * ``` + * + * In Node.js: + * + * ```javascript + * AWS.TokenProviderChain.defaultProviders = [ + * function () { return new AWS.SSOTokenProvider(); }, + * ] + * ``` + */ +AWS.TokenProviderChain.defaultProviders = []; + +/** + * @api private + */ +AWS.TokenProviderChain.addPromisesToClass = function addPromisesToClass(PromiseDependency) { + this.prototype.resolvePromise = AWS.util.promisifyMethod('resolve', PromiseDependency); +}; + +/** + * @api private + */ +AWS.TokenProviderChain.deletePromisesFromClass = function deletePromisesFromClass() { + delete this.prototype.resolvePromise; +}; + +AWS.util.addPromises(AWS.TokenProviderChain); + + +/***/ }), + +/***/ 3956: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +/* eslint guard-for-in:0 */ +var AWS; + +/** + * A set of utility methods for use with the AWS SDK. + * + * @!attribute abort + * Return this value from an iterator function {each} or {arrayEach} + * to break out of the iteration. + * @example Breaking out of an iterator function + * AWS.util.each({a: 1, b: 2, c: 3}, function(key, value) { + * if (key == 'b') return AWS.util.abort; + * }); + * @see each + * @see arrayEach + * @api private + */ +var util = { + environment: 'nodejs', + engine: function engine() { + if (util.isBrowser() && typeof navigator !== 'undefined') { + return navigator.userAgent; + } else { + var engine = process.platform + '/' + process.version; + if (process.env.AWS_EXECUTION_ENV) { + engine += ' exec-env/' + process.env.AWS_EXECUTION_ENV; + } + return engine; + } + }, + + userAgent: function userAgent() { + var name = util.environment; + var agent = 'aws-sdk-' + name + '/' + (__nccwpck_require4_(4741).VERSION); + if (name === 'nodejs') agent += ' ' + util.engine(); + return agent; + }, + + uriEscape: function uriEscape(string) { + var output = encodeURIComponent(string); + output = output.replace(/[^A-Za-z0-9_.~\-%]+/g, escape); + + // AWS percent-encodes some extra non-standard characters in a URI + output = output.replace(/[*]/g, function(ch) { + return '%' + ch.charCodeAt(0).toString(16).toUpperCase(); + }); + + return output; + }, + + uriEscapePath: function uriEscapePath(string) { + var parts = []; + util.arrayEach(string.split('/'), function (part) { + parts.push(util.uriEscape(part)); + }); + return parts.join('/'); + }, + + urlParse: function urlParse(url) { + return util.url.parse(url); + }, + + urlFormat: function urlFormat(url) { + return util.url.format(url); + }, + + queryStringParse: function queryStringParse(qs) { + return util.querystring.parse(qs); + }, + + queryParamsToString: function queryParamsToString(params) { + var items = []; + var escape = util.uriEscape; + var sortedKeys = Object.keys(params).sort(); + + util.arrayEach(sortedKeys, function(name) { + var value = params[name]; + var ename = escape(name); + var result = ename + '='; + if (Array.isArray(value)) { + var vals = []; + util.arrayEach(value, function(item) { vals.push(escape(item)); }); + result = ename + '=' + vals.sort().join('&' + ename + '='); + } else if (value !== undefined && value !== null) { + result = ename + '=' + escape(value); + } + items.push(result); + }); + + return items.join('&'); + }, + + readFileSync: function readFileSync(path) { + if (util.isBrowser()) return null; + return (__nccwpck_require4_(7147).readFileSync)(path, 'utf-8'); + }, + + base64: { + encode: function encode64(string) { + if (typeof string === 'number') { + throw util.error(new Error('Cannot base64 encode number ' + string)); + } + if (string === null || typeof string === 'undefined') { + return string; + } + var buf = util.buffer.toBuffer(string); + return buf.toString('base64'); + }, + + decode: function decode64(string) { + if (typeof string === 'number') { + throw util.error(new Error('Cannot base64 decode number ' + string)); + } + if (string === null || typeof string === 'undefined') { + return string; + } + return util.buffer.toBuffer(string, 'base64'); + } + + }, + + buffer: { + /** + * Buffer constructor for Node buffer and buffer pollyfill + */ + toBuffer: function(data, encoding) { + return (typeof util.Buffer.from === 'function' && util.Buffer.from !== Uint8Array.from) ? + util.Buffer.from(data, encoding) : new util.Buffer(data, encoding); + }, + + alloc: function(size, fill, encoding) { + if (typeof size !== 'number') { + throw new Error('size passed to alloc must be a number.'); + } + if (typeof util.Buffer.alloc === 'function') { + return util.Buffer.alloc(size, fill, encoding); + } else { + var buf = new util.Buffer(size); + if (fill !== undefined && typeof buf.fill === 'function') { + buf.fill(fill, undefined, undefined, encoding); + } + return buf; + } + }, + + toStream: function toStream(buffer) { + if (!util.Buffer.isBuffer(buffer)) buffer = util.buffer.toBuffer(buffer); + + var readable = new (util.stream.Readable)(); + var pos = 0; + readable._read = function(size) { + if (pos >= buffer.length) return readable.push(null); + + var end = pos + size; + if (end > buffer.length) end = buffer.length; + readable.push(buffer.slice(pos, end)); + pos = end; + }; + + return readable; + }, + + /** + * Concatenates a list of Buffer objects. + */ + concat: function(buffers) { + var length = 0, + offset = 0, + buffer = null, i; + + for (i = 0; i < buffers.length; i++) { + length += buffers[i].length; + } + + buffer = util.buffer.alloc(length); + + for (i = 0; i < buffers.length; i++) { + buffers[i].copy(buffer, offset); + offset += buffers[i].length; + } + + return buffer; + } + }, + + string: { + byteLength: function byteLength(string) { + if (string === null || string === undefined) return 0; + if (typeof string === 'string') string = util.buffer.toBuffer(string); + + if (typeof string.byteLength === 'number') { + return string.byteLength; + } else if (typeof string.length === 'number') { + return string.length; + } else if (typeof string.size === 'number') { + return string.size; + } else if (typeof string.path === 'string') { + return (__nccwpck_require4_(7147).lstatSync)(string.path).size; + } else { + throw util.error(new Error('Cannot determine length of ' + string), + { object: string }); + } + }, + + upperFirst: function upperFirst(string) { + return string[0].toUpperCase() + string.substr(1); + }, + + lowerFirst: function lowerFirst(string) { + return string[0].toLowerCase() + string.substr(1); + } + }, + + ini: { + parse: function string(ini) { + var currentSection, map = {}; + util.arrayEach(ini.split(/\r?\n/), function(line) { + line = line.split(/(^|\s)[;#]/)[0].trim(); // remove comments and trim + var isSection = line[0] === '[' && line[line.length - 1] === ']'; + if (isSection) { + currentSection = line.substring(1, line.length - 1); + if (currentSection === '__proto__' || currentSection.split(/\s/)[1] === '__proto__') { + throw util.error( + new Error('Cannot load profile name \'' + currentSection + '\' from shared ini file.') + ); + } + } else if (currentSection) { + var indexOfEqualsSign = line.indexOf('='); + var start = 0; + var end = line.length - 1; + var isAssignment = + indexOfEqualsSign !== -1 && indexOfEqualsSign !== start && indexOfEqualsSign !== end; + + if (isAssignment) { + var name = line.substring(0, indexOfEqualsSign).trim(); + var value = line.substring(indexOfEqualsSign + 1).trim(); + + map[currentSection] = map[currentSection] || {}; + map[currentSection][name] = value; + } + } + }); + + return map; + } + }, + + fn: { + noop: function() {}, + callback: function (err) { if (err) throw err; }, + + /** + * Turn a synchronous function into as "async" function by making it call + * a callback. The underlying function is called with all but the last argument, + * which is treated as the callback. The callback is passed passed a first argument + * of null on success to mimick standard node callbacks. + */ + makeAsync: function makeAsync(fn, expectedArgs) { + if (expectedArgs && expectedArgs <= fn.length) { + return fn; + } + + return function() { + var args = Array.prototype.slice.call(arguments, 0); + var callback = args.pop(); + var result = fn.apply(null, args); + callback(result); + }; + } + }, + + /** + * Date and time utility functions. + */ + date: { + + /** + * @return [Date] the current JavaScript date object. Since all + * AWS services rely on this date object, you can override + * this function to provide a special time value to AWS service + * requests. + */ + getDate: function getDate() { + if (!AWS) AWS = __nccwpck_require4_(4741); + if (AWS.config.systemClockOffset) { // use offset when non-zero + return new Date(new Date().getTime() + AWS.config.systemClockOffset); + } else { + return new Date(); + } + }, + + /** + * @return [String] the date in ISO-8601 format + */ + iso8601: function iso8601(date) { + if (date === undefined) { date = util.date.getDate(); } + return date.toISOString().replace(/\.\d{3}Z$/, 'Z'); + }, + + /** + * @return [String] the date in RFC 822 format + */ + rfc822: function rfc822(date) { + if (date === undefined) { date = util.date.getDate(); } + return date.toUTCString(); + }, + + /** + * @return [Integer] the UNIX timestamp value for the current time + */ + unixTimestamp: function unixTimestamp(date) { + if (date === undefined) { date = util.date.getDate(); } + return date.getTime() / 1000; + }, + + /** + * @param [String,number,Date] date + * @return [Date] + */ + from: function format(date) { + if (typeof date === 'number') { + return new Date(date * 1000); // unix timestamp + } else { + return new Date(date); + } + }, + + /** + * Given a Date or date-like value, this function formats the + * date into a string of the requested value. + * @param [String,number,Date] date + * @param [String] formatter Valid formats are: + # * 'iso8601' + # * 'rfc822' + # * 'unixTimestamp' + * @return [String] + */ + format: function format(date, formatter) { + if (!formatter) formatter = 'iso8601'; + return util.date[formatter](util.date.from(date)); + }, + + parseTimestamp: function parseTimestamp(value) { + if (typeof value === 'number') { // unix timestamp (number) + return new Date(value * 1000); + } else if (value.match(/^\d+$/)) { // unix timestamp + return new Date(value * 1000); + } else if (value.match(/^\d{4}/)) { // iso8601 + return new Date(value); + } else if (value.match(/^\w{3},/)) { // rfc822 + return new Date(value); + } else { + throw util.error( + new Error('unhandled timestamp format: ' + value), + {code: 'TimestampParserError'}); + } + } + + }, + + crypto: { + crc32Table: [ + 0x00000000, 0x77073096, 0xEE0E612C, 0x990951BA, 0x076DC419, + 0x706AF48F, 0xE963A535, 0x9E6495A3, 0x0EDB8832, 0x79DCB8A4, + 0xE0D5E91E, 0x97D2D988, 0x09B64C2B, 0x7EB17CBD, 0xE7B82D07, + 0x90BF1D91, 0x1DB71064, 0x6AB020F2, 0xF3B97148, 0x84BE41DE, + 0x1ADAD47D, 0x6DDDE4EB, 0xF4D4B551, 0x83D385C7, 0x136C9856, + 0x646BA8C0, 0xFD62F97A, 0x8A65C9EC, 0x14015C4F, 0x63066CD9, + 0xFA0F3D63, 0x8D080DF5, 0x3B6E20C8, 0x4C69105E, 0xD56041E4, + 0xA2677172, 0x3C03E4D1, 0x4B04D447, 0xD20D85FD, 0xA50AB56B, + 0x35B5A8FA, 0x42B2986C, 0xDBBBC9D6, 0xACBCF940, 0x32D86CE3, + 0x45DF5C75, 0xDCD60DCF, 0xABD13D59, 0x26D930AC, 0x51DE003A, + 0xC8D75180, 0xBFD06116, 0x21B4F4B5, 0x56B3C423, 0xCFBA9599, + 0xB8BDA50F, 0x2802B89E, 0x5F058808, 0xC60CD9B2, 0xB10BE924, + 0x2F6F7C87, 0x58684C11, 0xC1611DAB, 0xB6662D3D, 0x76DC4190, + 0x01DB7106, 0x98D220BC, 0xEFD5102A, 0x71B18589, 0x06B6B51F, + 0x9FBFE4A5, 0xE8B8D433, 0x7807C9A2, 0x0F00F934, 0x9609A88E, + 0xE10E9818, 0x7F6A0DBB, 0x086D3D2D, 0x91646C97, 0xE6635C01, + 0x6B6B51F4, 0x1C6C6162, 0x856530D8, 0xF262004E, 0x6C0695ED, + 0x1B01A57B, 0x8208F4C1, 0xF50FC457, 0x65B0D9C6, 0x12B7E950, + 0x8BBEB8EA, 0xFCB9887C, 0x62DD1DDF, 0x15DA2D49, 0x8CD37CF3, + 0xFBD44C65, 0x4DB26158, 0x3AB551CE, 0xA3BC0074, 0xD4BB30E2, + 0x4ADFA541, 0x3DD895D7, 0xA4D1C46D, 0xD3D6F4FB, 0x4369E96A, + 0x346ED9FC, 0xAD678846, 0xDA60B8D0, 0x44042D73, 0x33031DE5, + 0xAA0A4C5F, 0xDD0D7CC9, 0x5005713C, 0x270241AA, 0xBE0B1010, + 0xC90C2086, 0x5768B525, 0x206F85B3, 0xB966D409, 0xCE61E49F, + 0x5EDEF90E, 0x29D9C998, 0xB0D09822, 0xC7D7A8B4, 0x59B33D17, + 0x2EB40D81, 0xB7BD5C3B, 0xC0BA6CAD, 0xEDB88320, 0x9ABFB3B6, + 0x03B6E20C, 0x74B1D29A, 0xEAD54739, 0x9DD277AF, 0x04DB2615, + 0x73DC1683, 0xE3630B12, 0x94643B84, 0x0D6D6A3E, 0x7A6A5AA8, + 0xE40ECF0B, 0x9309FF9D, 0x0A00AE27, 0x7D079EB1, 0xF00F9344, + 0x8708A3D2, 0x1E01F268, 0x6906C2FE, 0xF762575D, 0x806567CB, + 0x196C3671, 0x6E6B06E7, 0xFED41B76, 0x89D32BE0, 0x10DA7A5A, + 0x67DD4ACC, 0xF9B9DF6F, 0x8EBEEFF9, 0x17B7BE43, 0x60B08ED5, + 0xD6D6A3E8, 0xA1D1937E, 0x38D8C2C4, 0x4FDFF252, 0xD1BB67F1, + 0xA6BC5767, 0x3FB506DD, 0x48B2364B, 0xD80D2BDA, 0xAF0A1B4C, + 0x36034AF6, 0x41047A60, 0xDF60EFC3, 0xA867DF55, 0x316E8EEF, + 0x4669BE79, 0xCB61B38C, 0xBC66831A, 0x256FD2A0, 0x5268E236, + 0xCC0C7795, 0xBB0B4703, 0x220216B9, 0x5505262F, 0xC5BA3BBE, + 0xB2BD0B28, 0x2BB45A92, 0x5CB36A04, 0xC2D7FFA7, 0xB5D0CF31, + 0x2CD99E8B, 0x5BDEAE1D, 0x9B64C2B0, 0xEC63F226, 0x756AA39C, + 0x026D930A, 0x9C0906A9, 0xEB0E363F, 0x72076785, 0x05005713, + 0x95BF4A82, 0xE2B87A14, 0x7BB12BAE, 0x0CB61B38, 0x92D28E9B, + 0xE5D5BE0D, 0x7CDCEFB7, 0x0BDBDF21, 0x86D3D2D4, 0xF1D4E242, + 0x68DDB3F8, 0x1FDA836E, 0x81BE16CD, 0xF6B9265B, 0x6FB077E1, + 0x18B74777, 0x88085AE6, 0xFF0F6A70, 0x66063BCA, 0x11010B5C, + 0x8F659EFF, 0xF862AE69, 0x616BFFD3, 0x166CCF45, 0xA00AE278, + 0xD70DD2EE, 0x4E048354, 0x3903B3C2, 0xA7672661, 0xD06016F7, + 0x4969474D, 0x3E6E77DB, 0xAED16A4A, 0xD9D65ADC, 0x40DF0B66, + 0x37D83BF0, 0xA9BCAE53, 0xDEBB9EC5, 0x47B2CF7F, 0x30B5FFE9, + 0xBDBDF21C, 0xCABAC28A, 0x53B39330, 0x24B4A3A6, 0xBAD03605, + 0xCDD70693, 0x54DE5729, 0x23D967BF, 0xB3667A2E, 0xC4614AB8, + 0x5D681B02, 0x2A6F2B94, 0xB40BBE37, 0xC30C8EA1, 0x5A05DF1B, + 0x2D02EF8D], + + crc32: function crc32(data) { + var tbl = util.crypto.crc32Table; + var crc = 0 ^ -1; + + if (typeof data === 'string') { + data = util.buffer.toBuffer(data); + } + + for (var i = 0; i < data.length; i++) { + var code = data.readUInt8(i); + crc = (crc >>> 8) ^ tbl[(crc ^ code) & 0xFF]; + } + return (crc ^ -1) >>> 0; + }, + + hmac: function hmac(key, string, digest, fn) { + if (!digest) digest = 'binary'; + if (digest === 'buffer') { digest = undefined; } + if (!fn) fn = 'sha256'; + if (typeof string === 'string') string = util.buffer.toBuffer(string); + return util.crypto.lib.createHmac(fn, key).update(string).digest(digest); + }, + + md5: function md5(data, digest, callback) { + return util.crypto.hash('md5', data, digest, callback); + }, + + sha256: function sha256(data, digest, callback) { + return util.crypto.hash('sha256', data, digest, callback); + }, + + hash: function(algorithm, data, digest, callback) { + var hash = util.crypto.createHash(algorithm); + if (!digest) { digest = 'binary'; } + if (digest === 'buffer') { digest = undefined; } + if (typeof data === 'string') data = util.buffer.toBuffer(data); + var sliceFn = util.arraySliceFn(data); + var isBuffer = util.Buffer.isBuffer(data); + //Identifying objects with an ArrayBuffer as buffers + if (util.isBrowser() && typeof ArrayBuffer !== 'undefined' && data && data.buffer instanceof ArrayBuffer) isBuffer = true; + + if (callback && typeof data === 'object' && + typeof data.on === 'function' && !isBuffer) { + data.on('data', function(chunk) { hash.update(chunk); }); + data.on('error', function(err) { callback(err); }); + data.on('end', function() { callback(null, hash.digest(digest)); }); + } else if (callback && sliceFn && !isBuffer && + typeof FileReader !== 'undefined') { + // this might be a File/Blob + var index = 0, size = 1024 * 512; + var reader = new FileReader(); + reader.onerror = function() { + callback(new Error('Failed to read data.')); + }; + reader.onload = function() { + var buf = new util.Buffer(new Uint8Array(reader.result)); + hash.update(buf); + index += buf.length; + reader._continueReading(); + }; + reader._continueReading = function() { + if (index >= data.size) { + callback(null, hash.digest(digest)); + return; + } + + var back = index + size; + if (back > data.size) back = data.size; + reader.readAsArrayBuffer(sliceFn.call(data, index, back)); + }; + + reader._continueReading(); + } else { + if (util.isBrowser() && typeof data === 'object' && !isBuffer) { + data = new util.Buffer(new Uint8Array(data)); + } + var out = hash.update(data).digest(digest); + if (callback) callback(null, out); + return out; + } + }, + + toHex: function toHex(data) { + var out = []; + for (var i = 0; i < data.length; i++) { + out.push(('0' + data.charCodeAt(i).toString(16)).substr(-2, 2)); + } + return out.join(''); + }, + + createHash: function createHash(algorithm) { + return util.crypto.lib.createHash(algorithm); + } + + }, + + /** @!ignore */ + + /* Abort constant */ + abort: {}, + + each: function each(object, iterFunction) { + for (var key in object) { + if (Object.prototype.hasOwnProperty.call(object, key)) { + var ret = iterFunction.call(this, key, object[key]); + if (ret === util.abort) break; + } + } + }, + + arrayEach: function arrayEach(array, iterFunction) { + for (var idx in array) { + if (Object.prototype.hasOwnProperty.call(array, idx)) { + var ret = iterFunction.call(this, array[idx], parseInt(idx, 10)); + if (ret === util.abort) break; + } + } + }, + + update: function update(obj1, obj2) { + util.each(obj2, function iterator(key, item) { + obj1[key] = item; + }); + return obj1; + }, + + merge: function merge(obj1, obj2) { + return util.update(util.copy(obj1), obj2); + }, + + copy: function copy(object) { + if (object === null || object === undefined) return object; + var dupe = {}; + // jshint forin:false + for (var key in object) { + dupe[key] = object[key]; + } + return dupe; + }, + + isEmpty: function isEmpty(obj) { + for (var prop in obj) { + if (Object.prototype.hasOwnProperty.call(obj, prop)) { + return false; + } + } + return true; + }, + + arraySliceFn: function arraySliceFn(obj) { + var fn = obj.slice || obj.webkitSlice || obj.mozSlice; + return typeof fn === 'function' ? fn : null; + }, + + isType: function isType(obj, type) { + // handle cross-"frame" objects + if (typeof type === 'function') type = util.typeName(type); + return Object.prototype.toString.call(obj) === '[object ' + type + ']'; + }, + + typeName: function typeName(type) { + if (Object.prototype.hasOwnProperty.call(type, 'name')) return type.name; + var str = type.toString(); + var match = str.match(/^\s*function (.+)\(/); + return match ? match[1] : str; + }, + + error: function error(err, options) { + var originalError = null; + if (typeof err.message === 'string' && err.message !== '') { + if (typeof options === 'string' || (options && options.message)) { + originalError = util.copy(err); + originalError.message = err.message; + } + } + err.message = err.message || null; + + if (typeof options === 'string') { + err.message = options; + } else if (typeof options === 'object' && options !== null) { + util.update(err, options); + if (options.message) + err.message = options.message; + if (options.code || options.name) + err.code = options.code || options.name; + if (options.stack) + err.stack = options.stack; + } + + if (typeof Object.defineProperty === 'function') { + Object.defineProperty(err, 'name', {writable: true, enumerable: false}); + Object.defineProperty(err, 'message', {enumerable: true}); + } + + err.name = String(options && options.name || err.name || err.code || 'Error'); + err.time = new Date(); + + if (originalError) err.originalError = originalError; + + return err; + }, + + /** + * @api private + */ + inherit: function inherit(klass, features) { + var newObject = null; + if (features === undefined) { + features = klass; + klass = Object; + newObject = {}; + } else { + var ctor = function ConstructorWrapper() {}; + ctor.prototype = klass.prototype; + newObject = new ctor(); + } + + // constructor not supplied, create pass-through ctor + if (features.constructor === Object) { + features.constructor = function() { + if (klass !== Object) { + return klass.apply(this, arguments); + } + }; + } + + features.constructor.prototype = newObject; + util.update(features.constructor.prototype, features); + features.constructor.__super__ = klass; + return features.constructor; + }, + + /** + * @api private + */ + mixin: function mixin() { + var klass = arguments[0]; + for (var i = 1; i < arguments.length; i++) { + // jshint forin:false + for (var prop in arguments[i].prototype) { + var fn = arguments[i].prototype[prop]; + if (prop !== 'constructor') { + klass.prototype[prop] = fn; + } + } + } + return klass; + }, + + /** + * @api private + */ + hideProperties: function hideProperties(obj, props) { + if (typeof Object.defineProperty !== 'function') return; + + util.arrayEach(props, function (key) { + Object.defineProperty(obj, key, { + enumerable: false, writable: true, configurable: true }); + }); + }, + + /** + * @api private + */ + property: function property(obj, name, value, enumerable, isValue) { + var opts = { + configurable: true, + enumerable: enumerable !== undefined ? enumerable : true + }; + if (typeof value === 'function' && !isValue) { + opts.get = value; + } + else { + opts.value = value; opts.writable = true; + } + + Object.defineProperty(obj, name, opts); + }, + + /** + * @api private + */ + memoizedProperty: function memoizedProperty(obj, name, get, enumerable) { + var cachedValue = null; + + // build enumerable attribute for each value with lazy accessor. + util.property(obj, name, function() { + if (cachedValue === null) { + cachedValue = get(); + } + return cachedValue; + }, enumerable); + }, + + /** + * TODO Remove in major version revision + * This backfill populates response data without the + * top-level payload name. + * + * @api private + */ + hoistPayloadMember: function hoistPayloadMember(resp) { + var req = resp.request; + var operationName = req.operation; + var operation = req.service.api.operations[operationName]; + var output = operation.output; + if (output.payload && !operation.hasEventOutput) { + var payloadMember = output.members[output.payload]; + var responsePayload = resp.data[output.payload]; + if (payloadMember.type === 'structure') { + util.each(responsePayload, function(key, value) { + util.property(resp.data, key, value, false); + }); + } + } + }, + + /** + * Compute SHA-256 checksums of streams + * + * @api private + */ + computeSha256: function computeSha256(body, done) { + if (util.isNode()) { + var Stream = util.stream.Stream; + var fs = __nccwpck_require4_(7147); + if (typeof Stream === 'function' && body instanceof Stream) { + if (typeof body.path === 'string') { // assume file object + var settings = {}; + if (typeof body.start === 'number') { + settings.start = body.start; + } + if (typeof body.end === 'number') { + settings.end = body.end; + } + body = fs.createReadStream(body.path, settings); + } else { // TODO support other stream types + return done(new Error('Non-file stream objects are ' + + 'not supported with SigV4')); + } + } + } + + util.crypto.sha256(body, 'hex', function(err, sha) { + if (err) done(err); + else done(null, sha); + }); + }, + + /** + * @api private + */ + isClockSkewed: function isClockSkewed(serverTime) { + if (serverTime) { + util.property(AWS.config, 'isClockSkewed', + Math.abs(new Date().getTime() - serverTime) >= 300000, false); + return AWS.config.isClockSkewed; + } + }, + + applyClockOffset: function applyClockOffset(serverTime) { + if (serverTime) + AWS.config.systemClockOffset = serverTime - new Date().getTime(); + }, + + /** + * @api private + */ + extractRequestId: function extractRequestId(resp) { + var requestId = resp.httpResponse.headers['x-amz-request-id'] || + resp.httpResponse.headers['x-amzn-requestid']; + + if (!requestId && resp.data && resp.data.ResponseMetadata) { + requestId = resp.data.ResponseMetadata.RequestId; + } + + if (requestId) { + resp.requestId = requestId; + } + + if (resp.error) { + resp.error.requestId = requestId; + } + }, + + /** + * @api private + */ + addPromises: function addPromises(constructors, PromiseDependency) { + var deletePromises = false; + if (PromiseDependency === undefined && AWS && AWS.config) { + PromiseDependency = AWS.config.getPromisesDependency(); + } + if (PromiseDependency === undefined && typeof Promise !== 'undefined') { + PromiseDependency = Promise; + } + if (typeof PromiseDependency !== 'function') deletePromises = true; + if (!Array.isArray(constructors)) constructors = [constructors]; + + for (var ind = 0; ind < constructors.length; ind++) { + var constructor = constructors[ind]; + if (deletePromises) { + if (constructor.deletePromisesFromClass) { + constructor.deletePromisesFromClass(); + } + } else if (constructor.addPromisesToClass) { + constructor.addPromisesToClass(PromiseDependency); + } + } + }, + + /** + * @api private + * Return a function that will return a promise whose fate is decided by the + * callback behavior of the given method with `methodName`. The method to be + * promisified should conform to node.js convention of accepting a callback as + * last argument and calling that callback with error as the first argument + * and success value on the second argument. + */ + promisifyMethod: function promisifyMethod(methodName, PromiseDependency) { + return function promise() { + var self = this; + var args = Array.prototype.slice.call(arguments); + return new PromiseDependency(function(resolve, reject) { + args.push(function(err, data) { + if (err) { + reject(err); + } else { + resolve(data); + } + }); + self[methodName].apply(self, args); + }); + }; + }, + + /** + * @api private + */ + isDualstackAvailable: function isDualstackAvailable(service) { + if (!service) return false; + var metadata = __nccwpck_require4_(7752); + if (typeof service !== 'string') service = service.serviceIdentifier; + if (typeof service !== 'string' || !metadata.hasOwnProperty(service)) return false; + return !!metadata[service].dualstackAvailable; + }, + + /** + * @api private + */ + calculateRetryDelay: function calculateRetryDelay(retryCount, retryDelayOptions, err) { + if (!retryDelayOptions) retryDelayOptions = {}; + var customBackoff = retryDelayOptions.customBackoff || null; + if (typeof customBackoff === 'function') { + return customBackoff(retryCount, err); + } + var base = typeof retryDelayOptions.base === 'number' ? retryDelayOptions.base : 100; + var delay = Math.random() * (Math.pow(2, retryCount) * base); + return delay; + }, + + /** + * @api private + */ + handleRequestWithRetries: function handleRequestWithRetries(httpRequest, options, cb) { + if (!options) options = {}; + var http = AWS.HttpClient.getInstance(); + var httpOptions = options.httpOptions || {}; + var retryCount = 0; + + var errCallback = function(err) { + var maxRetries = options.maxRetries || 0; + if (err && err.code === 'TimeoutError') err.retryable = true; + + // Call `calculateRetryDelay()` only when relevant, see #3401 + if (err && err.retryable && retryCount < maxRetries) { + var delay = util.calculateRetryDelay(retryCount, options.retryDelayOptions, err); + if (delay >= 0) { + retryCount++; + setTimeout(sendRequest, delay + (err.retryAfter || 0)); + return; + } + } + cb(err); + }; + + var sendRequest = function() { + var data = ''; + http.handleRequest(httpRequest, httpOptions, function(httpResponse) { + httpResponse.on('data', function(chunk) { data += chunk.toString(); }); + httpResponse.on('end', function() { + var statusCode = httpResponse.statusCode; + if (statusCode < 300) { + cb(null, data); + } else { + var retryAfter = parseInt(httpResponse.headers['retry-after'], 10) * 1000 || 0; + var err = util.error(new Error(), + { + statusCode: statusCode, + retryable: statusCode >= 500 || statusCode === 429 + } + ); + if (retryAfter && err.retryable) err.retryAfter = retryAfter; + errCallback(err); + } + }); + }, errCallback); + }; + + AWS.util.defer(sendRequest); + }, + + /** + * @api private + */ + uuid: { + v4: function uuidV4() { + return (__nccwpck_require4_(3370).v4)(); + } + }, + + /** + * @api private + */ + convertPayloadToString: function convertPayloadToString(resp) { + var req = resp.request; + var operation = req.operation; + var rules = req.service.api.operations[operation].output || {}; + if (rules.payload && resp.data[rules.payload]) { + resp.data[rules.payload] = resp.data[rules.payload].toString(); + } + }, + + /** + * @api private + */ + defer: function defer(callback) { + if (typeof process === 'object' && typeof process.nextTick === 'function') { + process.nextTick(callback); + } else if (typeof setImmediate === 'function') { + setImmediate(callback); + } else { + setTimeout(callback, 0); + } + }, + + /** + * @api private + */ + getRequestPayloadShape: function getRequestPayloadShape(req) { + var operations = req.service.api.operations; + if (!operations) return undefined; + var operation = (operations || {})[req.operation]; + if (!operation || !operation.input || !operation.input.payload) return undefined; + return operation.input.members[operation.input.payload]; + }, + + getProfilesFromSharedConfig: function getProfilesFromSharedConfig(iniLoader, filename) { + var profiles = {}; + var profilesFromConfig = {}; + if (process.env[util.configOptInEnv]) { + var profilesFromConfig = iniLoader.loadFrom({ + isConfig: true, + filename: process.env[util.sharedConfigFileEnv] + }); + } + var profilesFromCreds= {}; + try { + var profilesFromCreds = iniLoader.loadFrom({ + filename: filename || + (process.env[util.configOptInEnv] && process.env[util.sharedCredentialsFileEnv]) + }); + } catch (error) { + // if using config, assume it is fully descriptive without a credentials file: + if (!process.env[util.configOptInEnv]) throw error; + } + for (var i = 0, profileNames = Object.keys(profilesFromConfig); i < profileNames.length; i++) { + profiles[profileNames[i]] = objectAssign(profiles[profileNames[i]] || {}, profilesFromConfig[profileNames[i]]); + } + for (var i = 0, profileNames = Object.keys(profilesFromCreds); i < profileNames.length; i++) { + profiles[profileNames[i]] = objectAssign(profiles[profileNames[i]] || {}, profilesFromCreds[profileNames[i]]); + } + return profiles; + + /** + * Roughly the semantics of `Object.assign(target, source)` + */ + function objectAssign(target, source) { + for (var i = 0, keys = Object.keys(source); i < keys.length; i++) { + target[keys[i]] = source[keys[i]]; + } + return target; + } + }, + + /** + * @api private + */ + ARN: { + validate: function validateARN(str) { + return str && str.indexOf('arn:') === 0 && str.split(':').length >= 6; + }, + parse: function parseARN(arn) { + var matched = arn.split(':'); + return { + partition: matched[1], + service: matched[2], + region: matched[3], + accountId: matched[4], + resource: matched.slice(5).join(':') + }; + }, + build: function buildARN(arnObject) { + if ( + arnObject.service === undefined || + arnObject.region === undefined || + arnObject.accountId === undefined || + arnObject.resource === undefined + ) throw util.error(new Error('Input ARN object is invalid')); + return 'arn:'+ (arnObject.partition || 'aws') + ':' + arnObject.service + + ':' + arnObject.region + ':' + arnObject.accountId + ':' + arnObject.resource; + } + }, + + /** + * @api private + */ + defaultProfile: 'default', + + /** + * @api private + */ + configOptInEnv: 'AWS_SDK_LOAD_CONFIG', + + /** + * @api private + */ + sharedCredentialsFileEnv: 'AWS_SHARED_CREDENTIALS_FILE', + + /** + * @api private + */ + sharedConfigFileEnv: 'AWS_CONFIG_FILE', + + /** + * @api private + */ + imdsDisabledEnv: 'AWS_EC2_METADATA_DISABLED' +}; + +/** + * @api private + */ +module.exports = util; + + +/***/ }), + +/***/ 8611: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var util = __nccwpck_require4_(3956); +var XmlNode = (__nccwpck_require4_(6427).XmlNode); +var XmlText = (__nccwpck_require4_(7181).XmlText); + +function XmlBuilder() { } + +XmlBuilder.prototype.toXML = function(params, shape, rootElement, noEmpty) { + var xml = new XmlNode(rootElement); + applyNamespaces(xml, shape, true); + serialize(xml, params, shape); + return xml.children.length > 0 || noEmpty ? xml.toString() : ''; +}; + +function serialize(xml, value, shape) { + switch (shape.type) { + case 'structure': return serializeStructure(xml, value, shape); + case 'map': return serializeMap(xml, value, shape); + case 'list': return serializeList(xml, value, shape); + default: return serializeScalar(xml, value, shape); + } +} + +function serializeStructure(xml, params, shape) { + util.arrayEach(shape.memberNames, function(memberName) { + var memberShape = shape.members[memberName]; + if (memberShape.location !== 'body') return; + + var value = params[memberName]; + var name = memberShape.name; + if (value !== undefined && value !== null) { + if (memberShape.isXmlAttribute) { + xml.addAttribute(name, value); + } else if (memberShape.flattened) { + serialize(xml, value, memberShape); + } else { + var element = new XmlNode(name); + xml.addChildNode(element); + applyNamespaces(element, memberShape); + serialize(element, value, memberShape); + } + } + }); +} + +function serializeMap(xml, map, shape) { + var xmlKey = shape.key.name || 'key'; + var xmlValue = shape.value.name || 'value'; + + util.each(map, function(key, value) { + var entry = new XmlNode(shape.flattened ? shape.name : 'entry'); + xml.addChildNode(entry); + + var entryKey = new XmlNode(xmlKey); + var entryValue = new XmlNode(xmlValue); + entry.addChildNode(entryKey); + entry.addChildNode(entryValue); + + serialize(entryKey, key, shape.key); + serialize(entryValue, value, shape.value); + }); +} + +function serializeList(xml, list, shape) { + if (shape.flattened) { + util.arrayEach(list, function(value) { + var name = shape.member.name || shape.name; + var element = new XmlNode(name); + xml.addChildNode(element); + serialize(element, value, shape.member); + }); + } else { + util.arrayEach(list, function(value) { + var name = shape.member.name || 'member'; + var element = new XmlNode(name); + xml.addChildNode(element); + serialize(element, value, shape.member); + }); + } +} + +function serializeScalar(xml, value, shape) { + xml.addChildNode( + new XmlText(shape.toWireFormat(value)) + ); +} + +function applyNamespaces(xml, shape, isRoot) { + var uri, prefix = 'xmlns'; + if (shape.xmlNamespaceUri) { + uri = shape.xmlNamespaceUri; + if (shape.xmlNamespacePrefix) prefix += ':' + shape.xmlNamespacePrefix; + } else if (isRoot && shape.api.xmlNamespaceUri) { + uri = shape.api.xmlNamespaceUri; + } + + if (uri) xml.addAttribute(prefix, uri); +} + +/** + * @api private + */ +module.exports = XmlBuilder; + + +/***/ }), + +/***/ 1931: +/***/ ((module) => { + +/** + * Escapes characters that can not be in an XML attribute. + */ +function escapeAttribute(value) { + return value.replace(/&/g, '&').replace(/'/g, ''').replace(//g, '>').replace(/"/g, '"'); +} + +/** + * @api private + */ +module.exports = { + escapeAttribute: escapeAttribute +}; + + +/***/ }), + +/***/ 3479: +/***/ ((module) => { + +/** + * Escapes characters that can not be in an XML element. + */ +function escapeElement(value) { + return value.replace(/&/g, '&') + .replace(//g, '>') + .replace(/\r/g, ' ') + .replace(/\n/g, ' ') + .replace(/\u0085/g, '…') + .replace(/\u2028/, '
'); +} + +/** + * @api private + */ +module.exports = { + escapeElement: escapeElement +}; + + +/***/ }), + +/***/ 6687: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var AWS = __nccwpck_require4_(4741); +var util = AWS.util; +var Shape = AWS.Model.Shape; + +var xml2js = __nccwpck_require4_(8245); + +/** + * @api private + */ +var options = { // options passed to xml2js parser + explicitCharkey: false, // undocumented + trim: false, // trim the leading/trailing whitespace from text nodes + normalize: false, // trim interior whitespace inside text nodes + explicitRoot: false, // return the root node in the resulting object? + emptyTag: null, // the default value for empty nodes + explicitArray: true, // always put child nodes in an array + ignoreAttrs: false, // ignore attributes, only create text nodes + mergeAttrs: false, // merge attributes and child elements + validator: null // a callable validator +}; + +function NodeXmlParser() { } + +NodeXmlParser.prototype.parse = function(xml, shape) { + shape = shape || {}; + + var result = null; + var error = null; + + var parser = new xml2js.Parser(options); + parser.parseString(xml, function (e, r) { + error = e; + result = r; + }); + + if (result) { + var data = parseXml(result, shape); + if (result.ResponseMetadata) { + data.ResponseMetadata = parseXml(result.ResponseMetadata[0], {}); + } + return data; + } else if (error) { + throw util.error(error, {code: 'XMLParserError', retryable: true}); + } else { // empty xml document + return parseXml({}, shape); + } +}; + +function parseXml(xml, shape) { + switch (shape.type) { + case 'structure': return parseStructure(xml, shape); + case 'map': return parseMap(xml, shape); + case 'list': return parseList(xml, shape); + case undefined: case null: return parseUnknown(xml); + default: return parseScalar(xml, shape); + } +} + +function parseStructure(xml, shape) { + var data = {}; + if (xml === null) return data; + + util.each(shape.members, function(memberName, memberShape) { + var xmlName = memberShape.name; + if (Object.prototype.hasOwnProperty.call(xml, xmlName) && Array.isArray(xml[xmlName])) { + var xmlChild = xml[xmlName]; + if (!memberShape.flattened) xmlChild = xmlChild[0]; + + data[memberName] = parseXml(xmlChild, memberShape); + } else if (memberShape.isXmlAttribute && + xml.$ && Object.prototype.hasOwnProperty.call(xml.$, xmlName)) { + data[memberName] = parseScalar(xml.$[xmlName], memberShape); + } else if (memberShape.type === 'list' && !shape.api.xmlNoDefaultLists) { + data[memberName] = memberShape.defaultValue; + } + }); + + return data; +} + +function parseMap(xml, shape) { + var data = {}; + if (xml === null) return data; + + var xmlKey = shape.key.name || 'key'; + var xmlValue = shape.value.name || 'value'; + var iterable = shape.flattened ? xml : xml.entry; + + if (Array.isArray(iterable)) { + util.arrayEach(iterable, function(child) { + data[child[xmlKey][0]] = parseXml(child[xmlValue][0], shape.value); + }); + } + + return data; +} + +function parseList(xml, shape) { + var data = []; + var name = shape.member.name || 'member'; + if (shape.flattened) { + util.arrayEach(xml, function(xmlChild) { + data.push(parseXml(xmlChild, shape.member)); + }); + } else if (xml && Array.isArray(xml[name])) { + util.arrayEach(xml[name], function(child) { + data.push(parseXml(child, shape.member)); + }); + } + + return data; +} + +function parseScalar(text, shape) { + if (text && text.$ && text.$.encoding === 'base64') { + shape = new Shape.create({type: text.$.encoding}); + } + if (text && text._) text = text._; + + if (typeof shape.toType === 'function') { + return shape.toType(text); + } else { + return text; + } +} + +function parseUnknown(xml) { + if (xml === undefined || xml === null) return ''; + if (typeof xml === 'string') return xml; + + // parse a list + if (Array.isArray(xml)) { + var arr = []; + for (i = 0; i < xml.length; i++) { + arr.push(parseXml(xml[i], {})); + } + return arr; + } + + // empty object + var keys = Object.keys(xml), i; + if (keys.length === 0 || (keys.length === 1 && keys[0] === '$')) { + return {}; + } + + // object, parse as structure + var data = {}; + for (i = 0; i < keys.length; i++) { + var key = keys[i], value = xml[key]; + if (key === '$') continue; + if (value.length > 1) { // this member is a list + data[key] = parseList(value, {member: {}}); + } else { // this member is a single item + data[key] = parseXml(value[0], {}); + } + } + return data; +} + +/** + * @api private + */ +module.exports = NodeXmlParser; + + +/***/ }), + +/***/ 6427: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var escapeAttribute = (__nccwpck_require4_(1931).escapeAttribute); + +/** + * Represents an XML node. + * @api private + */ +function XmlNode(name, children) { + if (children === void 0) { children = []; } + this.name = name; + this.children = children; + this.attributes = {}; +} +XmlNode.prototype.addAttribute = function (name, value) { + this.attributes[name] = value; + return this; +}; +XmlNode.prototype.addChildNode = function (child) { + this.children.push(child); + return this; +}; +XmlNode.prototype.removeAttribute = function (name) { + delete this.attributes[name]; + return this; +}; +XmlNode.prototype.toString = function () { + var hasChildren = Boolean(this.children.length); + var xmlText = '<' + this.name; + // add attributes + var attributes = this.attributes; + for (var i = 0, attributeNames = Object.keys(attributes); i < attributeNames.length; i++) { + var attributeName = attributeNames[i]; + var attribute = attributes[attributeName]; + if (typeof attribute !== 'undefined' && attribute !== null) { + xmlText += ' ' + attributeName + '=\"' + escapeAttribute('' + attribute) + '\"'; + } + } + return xmlText += !hasChildren ? '/>' : '>' + this.children.map(function (c) { return c.toString(); }).join('') + ''; +}; + +/** + * @api private + */ +module.exports = { + XmlNode: XmlNode +}; + + +/***/ }), + +/***/ 7181: +/***/ ((module, __unused_webpack_exports, __nccwpck_require4_) => { + +var escapeElement = (__nccwpck_require4_(3479).escapeElement); + +/** + * Represents an XML text value. + * @api private + */ +function XmlText(value) { + this.value = value; +} + +XmlText.prototype.toString = function () { + return escapeElement('' + this.value); +}; + +/** + * @api private + */ +module.exports = { + XmlText: XmlText +}; + + +/***/ }), + +/***/ 7126: +/***/ ((__unused_webpack_module, exports) => { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = void 0; + +/** + * Convert array of 16 byte values to UUID string format of the form: + * XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX + */ +var byteToHex = []; + +for (var i = 0; i < 256; ++i) { + byteToHex[i] = (i + 0x100).toString(16).substr(1); +} + +function bytesToUuid(buf, offset) { + var i = offset || 0; + var bth = byteToHex; // join used to fix memory issue caused by concatenation: https://bugs.chromium.org/p/v8/issues/detail?id=3175#c4 + + return [bth[buf[i++]], bth[buf[i++]], bth[buf[i++]], bth[buf[i++]], '-', bth[buf[i++]], bth[buf[i++]], '-', bth[buf[i++]], bth[buf[i++]], '-', bth[buf[i++]], bth[buf[i++]], '-', bth[buf[i++]], bth[buf[i++]], bth[buf[i++]], bth[buf[i++]], bth[buf[i++]], bth[buf[i++]]].join(''); +} + +var _default = bytesToUuid; +exports["default"] = _default; + +/***/ }), + +/***/ 3370: +/***/ ((__unused_webpack_module, exports, __nccwpck_require4_) => { + +"use strict"; +var __webpack_unused_export__; + + +__webpack_unused_export__ = ({ + value: true +}); +__webpack_unused_export__ = ({ + enumerable: true, + get: function () { + return _v.default; + } +}); +__webpack_unused_export__ = ({ + enumerable: true, + get: function () { + return _v2.default; + } +}); +Object.defineProperty(exports, "v4", ({ + enumerable: true, + get: function () { + return _v3.default; + } +})); +__webpack_unused_export__ = ({ + enumerable: true, + get: function () { + return _v4.default; + } +}); + +var _v = _interopRequireDefault(__nccwpck_require4_(6674)); + +var _v2 = _interopRequireDefault(__nccwpck_require4_(4053)); + +var _v3 = _interopRequireDefault(__nccwpck_require4_(9474)); + +var _v4 = _interopRequireDefault(__nccwpck_require4_(3733)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +/***/ }), + +/***/ 2639: +/***/ ((__unused_webpack_module, exports, __nccwpck_require4_) => { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = void 0; + +var _crypto = _interopRequireDefault(__nccwpck_require4_(6113)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +function md5(bytes) { + if (Array.isArray(bytes)) { + bytes = Buffer.from(bytes); + } else if (typeof bytes === 'string') { + bytes = Buffer.from(bytes, 'utf8'); + } + + return _crypto.default.createHash('md5').update(bytes).digest(); +} + +var _default = md5; +exports["default"] = _default; + +/***/ }), + +/***/ 4357: +/***/ ((__unused_webpack_module, exports, __nccwpck_require4_) => { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = rng; + +var _crypto = _interopRequireDefault(__nccwpck_require4_(6113)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +function rng() { + return _crypto.default.randomBytes(16); +} + +/***/ }), + +/***/ 2539: +/***/ ((__unused_webpack_module, exports, __nccwpck_require4_) => { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = void 0; + +var _crypto = _interopRequireDefault(__nccwpck_require4_(6113)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +function sha1(bytes) { + if (Array.isArray(bytes)) { + bytes = Buffer.from(bytes); + } else if (typeof bytes === 'string') { + bytes = Buffer.from(bytes, 'utf8'); + } + + return _crypto.default.createHash('sha1').update(bytes).digest(); +} + +var _default = sha1; +exports["default"] = _default; + +/***/ }), + +/***/ 6674: +/***/ ((__unused_webpack_module, exports, __nccwpck_require4_) => { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = void 0; + +var _rng = _interopRequireDefault(__nccwpck_require4_(4357)); + +var _bytesToUuid = _interopRequireDefault(__nccwpck_require4_(7126)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +// **`v1()` - Generate time-based UUID** +// +// Inspired by https://github.com/LiosK/UUID.js +// and http://docs.python.org/library/uuid.html +var _nodeId; + +var _clockseq; // Previous uuid creation time + + +var _lastMSecs = 0; +var _lastNSecs = 0; // See https://github.com/uuidjs/uuid for API details + +function v1(options, buf, offset) { + var i = buf && offset || 0; + var b = buf || []; + options = options || {}; + var node = options.node || _nodeId; + var clockseq = options.clockseq !== undefined ? options.clockseq : _clockseq; // node and clockseq need to be initialized to random values if they're not + // specified. We do this lazily to minimize issues related to insufficient + // system entropy. See #189 + + if (node == null || clockseq == null) { + var seedBytes = options.random || (options.rng || _rng.default)(); + + if (node == null) { + // Per 4.5, create and 48-bit node id, (47 random bits + multicast bit = 1) + node = _nodeId = [seedBytes[0] | 0x01, seedBytes[1], seedBytes[2], seedBytes[3], seedBytes[4], seedBytes[5]]; + } + + if (clockseq == null) { + // Per 4.2.2, randomize (14 bit) clockseq + clockseq = _clockseq = (seedBytes[6] << 8 | seedBytes[7]) & 0x3fff; + } + } // UUID timestamps are 100 nano-second units since the Gregorian epoch, + // (1582-10-15 00:00). JSNumbers aren't precise enough for this, so + // time is handled internally as 'msecs' (integer milliseconds) and 'nsecs' + // (100-nanoseconds offset from msecs) since unix epoch, 1970-01-01 00:00. + + + var msecs = options.msecs !== undefined ? options.msecs : new Date().getTime(); // Per 4.2.1.2, use count of uuid's generated during the current clock + // cycle to simulate higher resolution clock + + var nsecs = options.nsecs !== undefined ? options.nsecs : _lastNSecs + 1; // Time since last uuid creation (in msecs) + + var dt = msecs - _lastMSecs + (nsecs - _lastNSecs) / 10000; // Per 4.2.1.2, Bump clockseq on clock regression + + if (dt < 0 && options.clockseq === undefined) { + clockseq = clockseq + 1 & 0x3fff; + } // Reset nsecs if clock regresses (new clockseq) or we've moved onto a new + // time interval + + + if ((dt < 0 || msecs > _lastMSecs) && options.nsecs === undefined) { + nsecs = 0; + } // Per 4.2.1.2 Throw error if too many uuids are requested + + + if (nsecs >= 10000) { + throw new Error("uuid.v1(): Can't create more than 10M uuids/sec"); + } + + _lastMSecs = msecs; + _lastNSecs = nsecs; + _clockseq = clockseq; // Per 4.1.4 - Convert from unix epoch to Gregorian epoch + + msecs += 12219292800000; // `time_low` + + var tl = ((msecs & 0xfffffff) * 10000 + nsecs) % 0x100000000; + b[i++] = tl >>> 24 & 0xff; + b[i++] = tl >>> 16 & 0xff; + b[i++] = tl >>> 8 & 0xff; + b[i++] = tl & 0xff; // `time_mid` + + var tmh = msecs / 0x100000000 * 10000 & 0xfffffff; + b[i++] = tmh >>> 8 & 0xff; + b[i++] = tmh & 0xff; // `time_high_and_version` + + b[i++] = tmh >>> 24 & 0xf | 0x10; // include version + + b[i++] = tmh >>> 16 & 0xff; // `clock_seq_hi_and_reserved` (Per 4.2.2 - include variant) + + b[i++] = clockseq >>> 8 | 0x80; // `clock_seq_low` + + b[i++] = clockseq & 0xff; // `node` + + for (var n = 0; n < 6; ++n) { + b[i + n] = node[n]; + } + + return buf ? buf : (0, _bytesToUuid.default)(b); +} + +var _default = v1; +exports["default"] = _default; + +/***/ }), + +/***/ 4053: +/***/ ((__unused_webpack_module, exports, __nccwpck_require4_) => { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = void 0; + +var _v = _interopRequireDefault(__nccwpck_require4_(1672)); + +var _md = _interopRequireDefault(__nccwpck_require4_(2639)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +const v3 = (0, _v.default)('v3', 0x30, _md.default); +var _default = v3; +exports["default"] = _default; + +/***/ }), + +/***/ 1672: +/***/ ((__unused_webpack_module, exports, __nccwpck_require4_) => { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = _default; +exports.URL = exports.DNS = void 0; + +var _bytesToUuid = _interopRequireDefault(__nccwpck_require4_(7126)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +function uuidToBytes(uuid) { + // Note: We assume we're being passed a valid uuid string + var bytes = []; + uuid.replace(/[a-fA-F0-9]{2}/g, function (hex) { + bytes.push(parseInt(hex, 16)); + }); + return bytes; +} + +function stringToBytes(str) { + str = unescape(encodeURIComponent(str)); // UTF8 escape + + var bytes = new Array(str.length); + + for (var i = 0; i < str.length; i++) { + bytes[i] = str.charCodeAt(i); + } + + return bytes; +} + +const DNS = '6ba7b810-9dad-11d1-80b4-00c04fd430c8'; +exports.DNS = DNS; +const URL = '6ba7b811-9dad-11d1-80b4-00c04fd430c8'; +exports.URL = URL; + +function _default(name, version, hashfunc) { + var generateUUID = function (value, namespace, buf, offset) { + var off = buf && offset || 0; + if (typeof value == 'string') value = stringToBytes(value); + if (typeof namespace == 'string') namespace = uuidToBytes(namespace); + if (!Array.isArray(value)) throw TypeError('value must be an array of bytes'); + if (!Array.isArray(namespace) || namespace.length !== 16) throw TypeError('namespace must be uuid string or an Array of 16 byte values'); // Per 4.3 + + var bytes = hashfunc(namespace.concat(value)); + bytes[6] = bytes[6] & 0x0f | version; + bytes[8] = bytes[8] & 0x3f | 0x80; + + if (buf) { + for (var idx = 0; idx < 16; ++idx) { + buf[off + idx] = bytes[idx]; + } + } + + return buf || (0, _bytesToUuid.default)(bytes); + }; // Function#name is not settable on some platforms (#270) + + + try { + generateUUID.name = name; + } catch (err) {} // For CommonJS default export support + + + generateUUID.DNS = DNS; + generateUUID.URL = URL; + return generateUUID; +} + +/***/ }), + +/***/ 9474: +/***/ ((__unused_webpack_module, exports, __nccwpck_require4_) => { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = void 0; + +var _rng = _interopRequireDefault(__nccwpck_require4_(4357)); + +var _bytesToUuid = _interopRequireDefault(__nccwpck_require4_(7126)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +function v4(options, buf, offset) { + var i = buf && offset || 0; + + if (typeof options == 'string') { + buf = options === 'binary' ? new Array(16) : null; + options = null; + } + + options = options || {}; + + var rnds = options.random || (options.rng || _rng.default)(); // Per 4.4, set bits for version and `clock_seq_hi_and_reserved` + + + rnds[6] = rnds[6] & 0x0f | 0x40; + rnds[8] = rnds[8] & 0x3f | 0x80; // Copy bytes to buffer, if provided + + if (buf) { + for (var ii = 0; ii < 16; ++ii) { + buf[i + ii] = rnds[ii]; + } + } + + return buf || (0, _bytesToUuid.default)(rnds); +} + +var _default = v4; +exports["default"] = _default; + +/***/ }), + +/***/ 3733: +/***/ ((__unused_webpack_module, exports, __nccwpck_require4_) => { + +"use strict"; + + +Object.defineProperty(exports, "__esModule", ({ + value: true +})); +exports["default"] = void 0; + +var _v = _interopRequireDefault(__nccwpck_require4_(1672)); + +var _sha = _interopRequireDefault(__nccwpck_require4_(2539)); + +function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } + +const v5 = (0, _v.default)('v5', 0x50, _sha.default); +var _default = v5; +exports["default"] = _default; + +/***/ }), + +/***/ 123: +/***/ ((__unused_webpack_module, exports, __nccwpck_require4_) => { + +"use strict"; +var __webpack_unused_export__; + +__webpack_unused_export__ = ({ value: true }); +var LRU_1 = __nccwpck_require4_(1635); +var CACHE_SIZE = 1000; +/** + * Inspired node-lru-cache[https://github.com/isaacs/node-lru-cache] + */ +var EndpointCache = /** @class */ (function () { + function EndpointCache(maxSize) { + if (maxSize === void 0) { maxSize = CACHE_SIZE; } + this.maxSize = maxSize; + this.cache = new LRU_1.LRUCache(maxSize); + } + ; + Object.defineProperty(EndpointCache.prototype, "size", { + get: function () { + return this.cache.length; + }, + enumerable: true, + configurable: true + }); + EndpointCache.prototype.put = function (key, value) { + var keyString = typeof key !== 'string' ? EndpointCache.getKeyString(key) : key; + var endpointRecord = this.populateValue(value); + this.cache.put(keyString, endpointRecord); + }; + EndpointCache.prototype.get = function (key) { + var keyString = typeof key !== 'string' ? EndpointCache.getKeyString(key) : key; + var now = Date.now(); + var records = this.cache.get(keyString); + if (records) { + for (var i = records.length-1; i >= 0; i--) { + var record = records[i]; + if (record.Expire < now) { + records.splice(i, 1); + } + } + if (records.length === 0) { + this.cache.remove(keyString); + return undefined; + } + } + return records; + }; + EndpointCache.getKeyString = function (key) { + var identifiers = []; + var identifierNames = Object.keys(key).sort(); + for (var i = 0; i < identifierNames.length; i++) { + var identifierName = identifierNames[i]; + if (key[identifierName] === undefined) + continue; + identifiers.push(key[identifierName]); + } + return identifiers.join(' '); + }; + EndpointCache.prototype.populateValue = function (endpoints) { + var now = Date.now(); + return endpoints.map(function (endpoint) { return ({ + Address: endpoint.Address || '', + Expire: now + (endpoint.CachePeriodInMinutes || 1) * 60 * 1000 + }); }); + }; + EndpointCache.prototype.empty = function () { + this.cache.empty(); + }; + EndpointCache.prototype.remove = function (key) { + var keyString = typeof key !== 'string' ? EndpointCache.getKeyString(key) : key; + this.cache.remove(keyString); + }; + return EndpointCache; +}()); +exports.$ = EndpointCache; + +/***/ }), + +/***/ 1635: +/***/ ((__unused_webpack_module, exports) => { + +"use strict"; + +Object.defineProperty(exports, "__esModule", ({ value: true })); +var LinkedListNode = /** @class */ (function () { + function LinkedListNode(key, value) { + this.key = key; + this.value = value; + } + return LinkedListNode; +}()); +var LRUCache = /** @class */ (function () { + function LRUCache(size) { + this.nodeMap = {}; + this.size = 0; + if (typeof size !== 'number' || size < 1) { + throw new Error('Cache size can only be positive number'); + } + this.sizeLimit = size; + } + Object.defineProperty(LRUCache.prototype, "length", { + get: function () { + return this.size; + }, + enumerable: true, + configurable: true + }); + LRUCache.prototype.prependToList = function (node) { + if (!this.headerNode) { + this.tailNode = node; + } + else { + this.headerNode.prev = node; + node.next = this.headerNode; + } + this.headerNode = node; + this.size++; + }; + LRUCache.prototype.removeFromTail = function () { + if (!this.tailNode) { + return undefined; + } + var node = this.tailNode; + var prevNode = node.prev; + if (prevNode) { + prevNode.next = undefined; + } + node.prev = undefined; + this.tailNode = prevNode; + this.size--; + return node; + }; + LRUCache.prototype.detachFromList = function (node) { + if (this.headerNode === node) { + this.headerNode = node.next; + } + if (this.tailNode === node) { + this.tailNode = node.prev; + } + if (node.prev) { + node.prev.next = node.next; + } + if (node.next) { + node.next.prev = node.prev; + } + node.next = undefined; + node.prev = undefined; + this.size--; + }; + LRUCache.prototype.get = function (key) { + if (this.nodeMap[key]) { + var node = this.nodeMap[key]; + this.detachFromList(node); + this.prependToList(node); + return node.value; + } + }; + LRUCache.prototype.remove = function (key) { + if (this.nodeMap[key]) { + var node = this.nodeMap[key]; + this.detachFromList(node); + delete this.nodeMap[key]; + } + }; + LRUCache.prototype.put = function (key, value) { + if (this.nodeMap[key]) { + this.remove(key); + } + else if (this.size === this.sizeLimit) { + var tailNode = this.removeFromTail(); + var key_1 = tailNode.key; + delete this.nodeMap[key_1]; + } + var newNode = new LinkedListNode(key, value); + this.nodeMap[key] = newNode; + this.prependToList(newNode); + }; + LRUCache.prototype.empty = function () { + var keys = Object.keys(this.nodeMap); + for (var i = 0; i < keys.length; i++) { + var key = keys[i]; + var node = this.nodeMap[key]; + this.detachFromList(node); + delete this.nodeMap[key]; + } + }; + return LRUCache; +}()); +exports.LRUCache = LRUCache; + +/***/ }), + +/***/ 3178: +/***/ ((__unused_webpack_module, exports) => { + +(function(exports) { + "use strict"; + + function isArray(obj) { + if (obj !== null) { + return Object.prototype.toString.call(obj) === "[object Array]"; + } else { + return false; + } + } + + function isObject(obj) { + if (obj !== null) { + return Object.prototype.toString.call(obj) === "[object Object]"; + } else { + return false; + } + } + + function strictDeepEqual(first, second) { + // Check the scalar case first. + if (first === second) { + return true; + } + + // Check if they are the same type. + var firstType = Object.prototype.toString.call(first); + if (firstType !== Object.prototype.toString.call(second)) { + return false; + } + // We know that first and second have the same type so we can just check the + // first type from now on. + if (isArray(first) === true) { + // Short circuit if they're not the same length; + if (first.length !== second.length) { + return false; + } + for (var i = 0; i < first.length; i++) { + if (strictDeepEqual(first[i], second[i]) === false) { + return false; + } + } + return true; + } + if (isObject(first) === true) { + // An object is equal if it has the same key/value pairs. + var keysSeen = {}; + for (var key in first) { + if (hasOwnProperty.call(first, key)) { + if (strictDeepEqual(first[key], second[key]) === false) { + return false; + } + keysSeen[key] = true; + } + } + // Now check that there aren't any keys in second that weren't + // in first. + for (var key2 in second) { + if (hasOwnProperty.call(second, key2)) { + if (keysSeen[key2] !== true) { + return false; + } + } + } + return true; + } + return false; + } + + function isFalse(obj) { + // From the spec: + // A false value corresponds to the following values: + // Empty list + // Empty object + // Empty string + // False boolean + // null value + + // First check the scalar values. + if (obj === "" || obj === false || obj === null) { + return true; + } else if (isArray(obj) && obj.length === 0) { + // Check for an empty array. + return true; + } else if (isObject(obj)) { + // Check for an empty object. + for (var key in obj) { + // If there are any keys, then + // the object is not empty so the object + // is not false. + if (obj.hasOwnProperty(key)) { + return false; + } + } + return true; + } else { + return false; + } + } + + function objValues(obj) { + var keys = Object.keys(obj); + var values = []; + for (var i = 0; i < keys.length; i++) { + values.push(obj[keys[i]]); + } + return values; + } + + function merge(a, b) { + var merged = {}; + for (var key in a) { + merged[key] = a[key]; + } + for (var key2 in b) { + merged[key2] = b[key2]; + } + return merged; + } + + var trimLeft; + if (typeof String.prototype.trimLeft === "function") { + trimLeft = function(str) { + return str.trimLeft(); + }; + } else { + trimLeft = function(str) { + return str.match(/^\s*(.*)/)[1]; + }; + } + + // Type constants used to define functions. + var TYPE_NUMBER = 0; + var TYPE_ANY = 1; + var TYPE_STRING = 2; + var TYPE_ARRAY = 3; + var TYPE_OBJECT = 4; + var TYPE_BOOLEAN = 5; + var TYPE_EXPREF = 6; + var TYPE_NULL = 7; + var TYPE_ARRAY_NUMBER = 8; + var TYPE_ARRAY_STRING = 9; + var TYPE_NAME_TABLE = { + 0: 'number', + 1: 'any', + 2: 'string', + 3: 'array', + 4: 'object', + 5: 'boolean', + 6: 'expression', + 7: 'null', + 8: 'Array', + 9: 'Array' + }; + + var TOK_EOF = "EOF"; + var TOK_UNQUOTEDIDENTIFIER = "UnquotedIdentifier"; + var TOK_QUOTEDIDENTIFIER = "QuotedIdentifier"; + var TOK_RBRACKET = "Rbracket"; + var TOK_RPAREN = "Rparen"; + var TOK_COMMA = "Comma"; + var TOK_COLON = "Colon"; + var TOK_RBRACE = "Rbrace"; + var TOK_NUMBER = "Number"; + var TOK_CURRENT = "Current"; + var TOK_EXPREF = "Expref"; + var TOK_PIPE = "Pipe"; + var TOK_OR = "Or"; + var TOK_AND = "And"; + var TOK_EQ = "EQ"; + var TOK_GT = "GT"; + var TOK_LT = "LT"; + var TOK_GTE = "GTE"; + var TOK_LTE = "LTE"; + var TOK_NE = "NE"; + var TOK_FLATTEN = "Flatten"; + var TOK_STAR = "Star"; + var TOK_FILTER = "Filter"; + var TOK_DOT = "Dot"; + var TOK_NOT = "Not"; + var TOK_LBRACE = "Lbrace"; + var TOK_LBRACKET = "Lbracket"; + var TOK_LPAREN= "Lparen"; + var TOK_LITERAL= "Literal"; + + // The "&", "[", "<", ">" tokens + // are not in basicToken because + // there are two token variants + // ("&&", "[?", "<=", ">="). This is specially handled + // below. + + var basicTokens = { + ".": TOK_DOT, + "*": TOK_STAR, + ",": TOK_COMMA, + ":": TOK_COLON, + "{": TOK_LBRACE, + "}": TOK_RBRACE, + "]": TOK_RBRACKET, + "(": TOK_LPAREN, + ")": TOK_RPAREN, + "@": TOK_CURRENT + }; + + var operatorStartToken = { + "<": true, + ">": true, + "=": true, + "!": true + }; + + var skipChars = { + " ": true, + "\t": true, + "\n": true + }; + + + function isAlpha(ch) { + return (ch >= "a" && ch <= "z") || + (ch >= "A" && ch <= "Z") || + ch === "_"; + } + + function isNum(ch) { + return (ch >= "0" && ch <= "9") || + ch === "-"; + } + function isAlphaNum(ch) { + return (ch >= "a" && ch <= "z") || + (ch >= "A" && ch <= "Z") || + (ch >= "0" && ch <= "9") || + ch === "_"; + } + + function Lexer() { + } + Lexer.prototype = { + tokenize: function(stream) { + var tokens = []; + this._current = 0; + var start; + var identifier; + var token; + while (this._current < stream.length) { + if (isAlpha(stream[this._current])) { + start = this._current; + identifier = this._consumeUnquotedIdentifier(stream); + tokens.push({type: TOK_UNQUOTEDIDENTIFIER, + value: identifier, + start: start}); + } else if (basicTokens[stream[this._current]] !== undefined) { + tokens.push({type: basicTokens[stream[this._current]], + value: stream[this._current], + start: this._current}); + this._current++; + } else if (isNum(stream[this._current])) { + token = this._consumeNumber(stream); + tokens.push(token); + } else if (stream[this._current] === "[") { + // No need to increment this._current. This happens + // in _consumeLBracket + token = this._consumeLBracket(stream); + tokens.push(token); + } else if (stream[this._current] === "\"") { + start = this._current; + identifier = this._consumeQuotedIdentifier(stream); + tokens.push({type: TOK_QUOTEDIDENTIFIER, + value: identifier, + start: start}); + } else if (stream[this._current] === "'") { + start = this._current; + identifier = this._consumeRawStringLiteral(stream); + tokens.push({type: TOK_LITERAL, + value: identifier, + start: start}); + } else if (stream[this._current] === "`") { + start = this._current; + var literal = this._consumeLiteral(stream); + tokens.push({type: TOK_LITERAL, + value: literal, + start: start}); + } else if (operatorStartToken[stream[this._current]] !== undefined) { + tokens.push(this._consumeOperator(stream)); + } else if (skipChars[stream[this._current]] !== undefined) { + // Ignore whitespace. + this._current++; + } else if (stream[this._current] === "&") { + start = this._current; + this._current++; + if (stream[this._current] === "&") { + this._current++; + tokens.push({type: TOK_AND, value: "&&", start: start}); + } else { + tokens.push({type: TOK_EXPREF, value: "&", start: start}); + } + } else if (stream[this._current] === "|") { + start = this._current; + this._current++; + if (stream[this._current] === "|") { + this._current++; + tokens.push({type: TOK_OR, value: "||", start: start}); + } else { + tokens.push({type: TOK_PIPE, value: "|", start: start}); + } + } else { + var error = new Error("Unknown character:" + stream[this._current]); + error.name = "LexerError"; + throw error; + } + } + return tokens; + }, + + _consumeUnquotedIdentifier: function(stream) { + var start = this._current; + this._current++; + while (this._current < stream.length && isAlphaNum(stream[this._current])) { + this._current++; + } + return stream.slice(start, this._current); + }, + + _consumeQuotedIdentifier: function(stream) { + var start = this._current; + this._current++; + var maxLength = stream.length; + while (stream[this._current] !== "\"" && this._current < maxLength) { + // You can escape a double quote and you can escape an escape. + var current = this._current; + if (stream[current] === "\\" && (stream[current + 1] === "\\" || + stream[current + 1] === "\"")) { + current += 2; + } else { + current++; + } + this._current = current; + } + this._current++; + return JSON.parse(stream.slice(start, this._current)); + }, + + _consumeRawStringLiteral: function(stream) { + var start = this._current; + this._current++; + var maxLength = stream.length; + while (stream[this._current] !== "'" && this._current < maxLength) { + // You can escape a single quote and you can escape an escape. + var current = this._current; + if (stream[current] === "\\" && (stream[current + 1] === "\\" || + stream[current + 1] === "'")) { + current += 2; + } else { + current++; + } + this._current = current; + } + this._current++; + var literal = stream.slice(start + 1, this._current - 1); + return literal.replace("\\'", "'"); + }, + + _consumeNumber: function(stream) { + var start = this._current; + this._current++; + var maxLength = stream.length; + while (isNum(stream[this._current]) && this._current < maxLength) { + this._current++; + } + var value = parseInt(stream.slice(start, this._current)); + return {type: TOK_NUMBER, value: value, start: start}; + }, + + _consumeLBracket: function(stream) { + var start = this._current; + this._current++; + if (stream[this._current] === "?") { + this._current++; + return {type: TOK_FILTER, value: "[?", start: start}; + } else if (stream[this._current] === "]") { + this._current++; + return {type: TOK_FLATTEN, value: "[]", start: start}; + } else { + return {type: TOK_LBRACKET, value: "[", start: start}; + } + }, + + _consumeOperator: function(stream) { + var start = this._current; + var startingChar = stream[start]; + this._current++; + if (startingChar === "!") { + if (stream[this._current] === "=") { + this._current++; + return {type: TOK_NE, value: "!=", start: start}; + } else { + return {type: TOK_NOT, value: "!", start: start}; + } + } else if (startingChar === "<") { + if (stream[this._current] === "=") { + this._current++; + return {type: TOK_LTE, value: "<=", start: start}; + } else { + return {type: TOK_LT, value: "<", start: start}; + } + } else if (startingChar === ">") { + if (stream[this._current] === "=") { + this._current++; + return {type: TOK_GTE, value: ">=", start: start}; + } else { + return {type: TOK_GT, value: ">", start: start}; + } + } else if (startingChar === "=") { + if (stream[this._current] === "=") { + this._current++; + return {type: TOK_EQ, value: "==", start: start}; + } + } + }, + + _consumeLiteral: function(stream) { + this._current++; + var start = this._current; + var maxLength = stream.length; + var literal; + while(stream[this._current] !== "`" && this._current < maxLength) { + // You can escape a literal char or you can escape the escape. + var current = this._current; + if (stream[current] === "\\" && (stream[current + 1] === "\\" || + stream[current + 1] === "`")) { + current += 2; + } else { + current++; + } + this._current = current; + } + var literalString = trimLeft(stream.slice(start, this._current)); + literalString = literalString.replace("\\`", "`"); + if (this._looksLikeJSON(literalString)) { + literal = JSON.parse(literalString); + } else { + // Try to JSON parse it as "" + literal = JSON.parse("\"" + literalString + "\""); + } + // +1 gets us to the ending "`", +1 to move on to the next char. + this._current++; + return literal; + }, + + _looksLikeJSON: function(literalString) { + var startingChars = "[{\""; + var jsonLiterals = ["true", "false", "null"]; + var numberLooking = "-0123456789"; + + if (literalString === "") { + return false; + } else if (startingChars.indexOf(literalString[0]) >= 0) { + return true; + } else if (jsonLiterals.indexOf(literalString) >= 0) { + return true; + } else if (numberLooking.indexOf(literalString[0]) >= 0) { + try { + JSON.parse(literalString); + return true; + } catch (ex) { + return false; + } + } else { + return false; + } + } + }; + + var bindingPower = {}; + bindingPower[TOK_EOF] = 0; + bindingPower[TOK_UNQUOTEDIDENTIFIER] = 0; + bindingPower[TOK_QUOTEDIDENTIFIER] = 0; + bindingPower[TOK_RBRACKET] = 0; + bindingPower[TOK_RPAREN] = 0; + bindingPower[TOK_COMMA] = 0; + bindingPower[TOK_RBRACE] = 0; + bindingPower[TOK_NUMBER] = 0; + bindingPower[TOK_CURRENT] = 0; + bindingPower[TOK_EXPREF] = 0; + bindingPower[TOK_PIPE] = 1; + bindingPower[TOK_OR] = 2; + bindingPower[TOK_AND] = 3; + bindingPower[TOK_EQ] = 5; + bindingPower[TOK_GT] = 5; + bindingPower[TOK_LT] = 5; + bindingPower[TOK_GTE] = 5; + bindingPower[TOK_LTE] = 5; + bindingPower[TOK_NE] = 5; + bindingPower[TOK_FLATTEN] = 9; + bindingPower[TOK_STAR] = 20; + bindingPower[TOK_FILTER] = 21; + bindingPower[TOK_DOT] = 40; + bindingPower[TOK_NOT] = 45; + bindingPower[TOK_LBRACE] = 50; + bindingPower[TOK_LBRACKET] = 55; + bindingPower[TOK_LPAREN] = 60; + + function Parser() { + } + + Parser.prototype = { + parse: function(expression) { + this._loadTokens(expression); + this.index = 0; + var ast = this.expression(0); + if (this._lookahead(0) !== TOK_EOF) { + var t = this._lookaheadToken(0); + var error = new Error( + "Unexpected token type: " + t.type + ", value: " + t.value); + error.name = "ParserError"; + throw error; + } + return ast; + }, + + _loadTokens: function(expression) { + var lexer = new Lexer(); + var tokens = lexer.tokenize(expression); + tokens.push({type: TOK_EOF, value: "", start: expression.length}); + this.tokens = tokens; + }, + + expression: function(rbp) { + var leftToken = this._lookaheadToken(0); + this._advance(); + var left = this.nud(leftToken); + var currentToken = this._lookahead(0); + while (rbp < bindingPower[currentToken]) { + this._advance(); + left = this.led(currentToken, left); + currentToken = this._lookahead(0); + } + return left; + }, + + _lookahead: function(number) { + return this.tokens[this.index + number].type; + }, + + _lookaheadToken: function(number) { + return this.tokens[this.index + number]; + }, + + _advance: function() { + this.index++; + }, + + nud: function(token) { + var left; + var right; + var expression; + switch (token.type) { + case TOK_LITERAL: + return {type: "Literal", value: token.value}; + case TOK_UNQUOTEDIDENTIFIER: + return {type: "Field", name: token.value}; + case TOK_QUOTEDIDENTIFIER: + var node = {type: "Field", name: token.value}; + if (this._lookahead(0) === TOK_LPAREN) { + throw new Error("Quoted identifier not allowed for function names."); + } + return node; + case TOK_NOT: + right = this.expression(bindingPower.Not); + return {type: "NotExpression", children: [right]}; + case TOK_STAR: + left = {type: "Identity"}; + right = null; + if (this._lookahead(0) === TOK_RBRACKET) { + // This can happen in a multiselect, + // [a, b, *] + right = {type: "Identity"}; + } else { + right = this._parseProjectionRHS(bindingPower.Star); + } + return {type: "ValueProjection", children: [left, right]}; + case TOK_FILTER: + return this.led(token.type, {type: "Identity"}); + case TOK_LBRACE: + return this._parseMultiselectHash(); + case TOK_FLATTEN: + left = {type: TOK_FLATTEN, children: [{type: "Identity"}]}; + right = this._parseProjectionRHS(bindingPower.Flatten); + return {type: "Projection", children: [left, right]}; + case TOK_LBRACKET: + if (this._lookahead(0) === TOK_NUMBER || this._lookahead(0) === TOK_COLON) { + right = this._parseIndexExpression(); + return this._projectIfSlice({type: "Identity"}, right); + } else if (this._lookahead(0) === TOK_STAR && + this._lookahead(1) === TOK_RBRACKET) { + this._advance(); + this._advance(); + right = this._parseProjectionRHS(bindingPower.Star); + return {type: "Projection", + children: [{type: "Identity"}, right]}; + } + return this._parseMultiselectList(); + case TOK_CURRENT: + return {type: TOK_CURRENT}; + case TOK_EXPREF: + expression = this.expression(bindingPower.Expref); + return {type: "ExpressionReference", children: [expression]}; + case TOK_LPAREN: + var args = []; + while (this._lookahead(0) !== TOK_RPAREN) { + if (this._lookahead(0) === TOK_CURRENT) { + expression = {type: TOK_CURRENT}; + this._advance(); + } else { + expression = this.expression(0); + } + args.push(expression); + } + this._match(TOK_RPAREN); + return args[0]; + default: + this._errorToken(token); + } + }, + + led: function(tokenName, left) { + var right; + switch(tokenName) { + case TOK_DOT: + var rbp = bindingPower.Dot; + if (this._lookahead(0) !== TOK_STAR) { + right = this._parseDotRHS(rbp); + return {type: "Subexpression", children: [left, right]}; + } + // Creating a projection. + this._advance(); + right = this._parseProjectionRHS(rbp); + return {type: "ValueProjection", children: [left, right]}; + case TOK_PIPE: + right = this.expression(bindingPower.Pipe); + return {type: TOK_PIPE, children: [left, right]}; + case TOK_OR: + right = this.expression(bindingPower.Or); + return {type: "OrExpression", children: [left, right]}; + case TOK_AND: + right = this.expression(bindingPower.And); + return {type: "AndExpression", children: [left, right]}; + case TOK_LPAREN: + var name = left.name; + var args = []; + var expression, node; + while (this._lookahead(0) !== TOK_RPAREN) { + if (this._lookahead(0) === TOK_CURRENT) { + expression = {type: TOK_CURRENT}; + this._advance(); + } else { + expression = this.expression(0); + } + if (this._lookahead(0) === TOK_COMMA) { + this._match(TOK_COMMA); + } + args.push(expression); + } + this._match(TOK_RPAREN); + node = {type: "Function", name: name, children: args}; + return node; + case TOK_FILTER: + var condition = this.expression(0); + this._match(TOK_RBRACKET); + if (this._lookahead(0) === TOK_FLATTEN) { + right = {type: "Identity"}; + } else { + right = this._parseProjectionRHS(bindingPower.Filter); + } + return {type: "FilterProjection", children: [left, right, condition]}; + case TOK_FLATTEN: + var leftNode = {type: TOK_FLATTEN, children: [left]}; + var rightNode = this._parseProjectionRHS(bindingPower.Flatten); + return {type: "Projection", children: [leftNode, rightNode]}; + case TOK_EQ: + case TOK_NE: + case TOK_GT: + case TOK_GTE: + case TOK_LT: + case TOK_LTE: + return this._parseComparator(left, tokenName); + case TOK_LBRACKET: + var token = this._lookaheadToken(0); + if (token.type === TOK_NUMBER || token.type === TOK_COLON) { + right = this._parseIndexExpression(); + return this._projectIfSlice(left, right); + } + this._match(TOK_STAR); + this._match(TOK_RBRACKET); + right = this._parseProjectionRHS(bindingPower.Star); + return {type: "Projection", children: [left, right]}; + default: + this._errorToken(this._lookaheadToken(0)); + } + }, + + _match: function(tokenType) { + if (this._lookahead(0) === tokenType) { + this._advance(); + } else { + var t = this._lookaheadToken(0); + var error = new Error("Expected " + tokenType + ", got: " + t.type); + error.name = "ParserError"; + throw error; + } + }, + + _errorToken: function(token) { + var error = new Error("Invalid token (" + + token.type + "): \"" + + token.value + "\""); + error.name = "ParserError"; + throw error; + }, + + + _parseIndexExpression: function() { + if (this._lookahead(0) === TOK_COLON || this._lookahead(1) === TOK_COLON) { + return this._parseSliceExpression(); + } else { + var node = { + type: "Index", + value: this._lookaheadToken(0).value}; + this._advance(); + this._match(TOK_RBRACKET); + return node; + } + }, + + _projectIfSlice: function(left, right) { + var indexExpr = {type: "IndexExpression", children: [left, right]}; + if (right.type === "Slice") { + return { + type: "Projection", + children: [indexExpr, this._parseProjectionRHS(bindingPower.Star)] + }; + } else { + return indexExpr; + } + }, + + _parseSliceExpression: function() { + // [start:end:step] where each part is optional, as well as the last + // colon. + var parts = [null, null, null]; + var index = 0; + var currentToken = this._lookahead(0); + while (currentToken !== TOK_RBRACKET && index < 3) { + if (currentToken === TOK_COLON) { + index++; + this._advance(); + } else if (currentToken === TOK_NUMBER) { + parts[index] = this._lookaheadToken(0).value; + this._advance(); + } else { + var t = this._lookahead(0); + var error = new Error("Syntax error, unexpected token: " + + t.value + "(" + t.type + ")"); + error.name = "Parsererror"; + throw error; + } + currentToken = this._lookahead(0); + } + this._match(TOK_RBRACKET); + return { + type: "Slice", + children: parts + }; + }, + + _parseComparator: function(left, comparator) { + var right = this.expression(bindingPower[comparator]); + return {type: "Comparator", name: comparator, children: [left, right]}; + }, + + _parseDotRHS: function(rbp) { + var lookahead = this._lookahead(0); + var exprTokens = [TOK_UNQUOTEDIDENTIFIER, TOK_QUOTEDIDENTIFIER, TOK_STAR]; + if (exprTokens.indexOf(lookahead) >= 0) { + return this.expression(rbp); + } else if (lookahead === TOK_LBRACKET) { + this._match(TOK_LBRACKET); + return this._parseMultiselectList(); + } else if (lookahead === TOK_LBRACE) { + this._match(TOK_LBRACE); + return this._parseMultiselectHash(); + } + }, + + _parseProjectionRHS: function(rbp) { + var right; + if (bindingPower[this._lookahead(0)] < 10) { + right = {type: "Identity"}; + } else if (this._lookahead(0) === TOK_LBRACKET) { + right = this.expression(rbp); + } else if (this._lookahead(0) === TOK_FILTER) { + right = this.expression(rbp); + } else if (this._lookahead(0) === TOK_DOT) { + this._match(TOK_DOT); + right = this._parseDotRHS(rbp); + } else { + var t = this._lookaheadToken(0); + var error = new Error("Sytanx error, unexpected token: " + + t.value + "(" + t.type + ")"); + error.name = "ParserError"; + throw error; + } + return right; + }, + + _parseMultiselectList: function() { + var expressions = []; + while (this._lookahead(0) !== TOK_RBRACKET) { + var expression = this.expression(0); + expressions.push(expression); + if (this._lookahead(0) === TOK_COMMA) { + this._match(TOK_COMMA); + if (this._lookahead(0) === TOK_RBRACKET) { + throw new Error("Unexpected token Rbracket"); + } + } + } + this._match(TOK_RBRACKET); + return {type: "MultiSelectList", children: expressions}; + }, + + _parseMultiselectHash: function() { + var pairs = []; + var identifierTypes = [TOK_UNQUOTEDIDENTIFIER, TOK_QUOTEDIDENTIFIER]; + var keyToken, keyName, value, node; + for (;;) { + keyToken = this._lookaheadToken(0); + if (identifierTypes.indexOf(keyToken.type) < 0) { + throw new Error("Expecting an identifier token, got: " + + keyToken.type); + } + keyName = keyToken.value; + this._advance(); + this._match(TOK_COLON); + value = this.expression(0); + node = {type: "KeyValuePair", name: keyName, value: value}; + pairs.push(node); + if (this._lookahead(0) === TOK_COMMA) { + this._match(TOK_COMMA); + } else if (this._lookahead(0) === TOK_RBRACE) { + this._match(TOK_RBRACE); + break; + } + } + return {type: "MultiSelectHash", children: pairs}; + } + }; + + + function TreeInterpreter(runtime) { + this.runtime = runtime; + } + + TreeInterpreter.prototype = { + search: function(node, value) { + return this.visit(node, value); + }, + + visit: function(node, value) { + var matched, current, result, first, second, field, left, right, collected, i; + switch (node.type) { + case "Field": + if (value !== null && isObject(value)) { + field = value[node.name]; + if (field === undefined) { + return null; + } else { + return field; + } + } + return null; + case "Subexpression": + result = this.visit(node.children[0], value); + for (i = 1; i < node.children.length; i++) { + result = this.visit(node.children[1], result); + if (result === null) { + return null; + } + } + return result; + case "IndexExpression": + left = this.visit(node.children[0], value); + right = this.visit(node.children[1], left); + return right; + case "Index": + if (!isArray(value)) { + return null; + } + var index = node.value; + if (index < 0) { + index = value.length + index; + } + result = value[index]; + if (result === undefined) { + result = null; + } + return result; + case "Slice": + if (!isArray(value)) { + return null; + } + var sliceParams = node.children.slice(0); + var computed = this.computeSliceParams(value.length, sliceParams); + var start = computed[0]; + var stop = computed[1]; + var step = computed[2]; + result = []; + if (step > 0) { + for (i = start; i < stop; i += step) { + result.push(value[i]); + } + } else { + for (i = start; i > stop; i += step) { + result.push(value[i]); + } + } + return result; + case "Projection": + // Evaluate left child. + var base = this.visit(node.children[0], value); + if (!isArray(base)) { + return null; + } + collected = []; + for (i = 0; i < base.length; i++) { + current = this.visit(node.children[1], base[i]); + if (current !== null) { + collected.push(current); + } + } + return collected; + case "ValueProjection": + // Evaluate left child. + base = this.visit(node.children[0], value); + if (!isObject(base)) { + return null; + } + collected = []; + var values = objValues(base); + for (i = 0; i < values.length; i++) { + current = this.visit(node.children[1], values[i]); + if (current !== null) { + collected.push(current); + } + } + return collected; + case "FilterProjection": + base = this.visit(node.children[0], value); + if (!isArray(base)) { + return null; + } + var filtered = []; + var finalResults = []; + for (i = 0; i < base.length; i++) { + matched = this.visit(node.children[2], base[i]); + if (!isFalse(matched)) { + filtered.push(base[i]); + } + } + for (var j = 0; j < filtered.length; j++) { + current = this.visit(node.children[1], filtered[j]); + if (current !== null) { + finalResults.push(current); + } + } + return finalResults; + case "Comparator": + first = this.visit(node.children[0], value); + second = this.visit(node.children[1], value); + switch(node.name) { + case TOK_EQ: + result = strictDeepEqual(first, second); + break; + case TOK_NE: + result = !strictDeepEqual(first, second); + break; + case TOK_GT: + result = first > second; + break; + case TOK_GTE: + result = first >= second; + break; + case TOK_LT: + result = first < second; + break; + case TOK_LTE: + result = first <= second; + break; + default: + throw new Error("Unknown comparator: " + node.name); + } + return result; + case TOK_FLATTEN: + var original = this.visit(node.children[0], value); + if (!isArray(original)) { + return null; + } + var merged = []; + for (i = 0; i < original.length; i++) { + current = original[i]; + if (isArray(current)) { + merged.push.apply(merged, current); + } else { + merged.push(current); + } + } + return merged; + case "Identity": + return value; + case "MultiSelectList": + if (value === null) { + return null; + } + collected = []; + for (i = 0; i < node.children.length; i++) { + collected.push(this.visit(node.children[i], value)); + } + return collected; + case "MultiSelectHash": + if (value === null) { + return null; + } + collected = {}; + var child; + for (i = 0; i < node.children.length; i++) { + child = node.children[i]; + collected[child.name] = this.visit(child.value, value); + } + return collected; + case "OrExpression": + matched = this.visit(node.children[0], value); + if (isFalse(matched)) { + matched = this.visit(node.children[1], value); + } + return matched; + case "AndExpression": + first = this.visit(node.children[0], value); + + if (isFalse(first) === true) { + return first; + } + return this.visit(node.children[1], value); + case "NotExpression": + first = this.visit(node.children[0], value); + return isFalse(first); + case "Literal": + return node.value; + case TOK_PIPE: + left = this.visit(node.children[0], value); + return this.visit(node.children[1], left); + case TOK_CURRENT: + return value; + case "Function": + var resolvedArgs = []; + for (i = 0; i < node.children.length; i++) { + resolvedArgs.push(this.visit(node.children[i], value)); + } + return this.runtime.callFunction(node.name, resolvedArgs); + case "ExpressionReference": + var refNode = node.children[0]; + // Tag the node with a specific attribute so the type + // checker verify the type. + refNode.jmespathType = TOK_EXPREF; + return refNode; + default: + throw new Error("Unknown node type: " + node.type); + } + }, + + computeSliceParams: function(arrayLength, sliceParams) { + var start = sliceParams[0]; + var stop = sliceParams[1]; + var step = sliceParams[2]; + var computed = [null, null, null]; + if (step === null) { + step = 1; + } else if (step === 0) { + var error = new Error("Invalid slice, step cannot be 0"); + error.name = "RuntimeError"; + throw error; + } + var stepValueNegative = step < 0 ? true : false; + + if (start === null) { + start = stepValueNegative ? arrayLength - 1 : 0; + } else { + start = this.capSliceRange(arrayLength, start, step); + } + + if (stop === null) { + stop = stepValueNegative ? -1 : arrayLength; + } else { + stop = this.capSliceRange(arrayLength, stop, step); + } + computed[0] = start; + computed[1] = stop; + computed[2] = step; + return computed; + }, + + capSliceRange: function(arrayLength, actualValue, step) { + if (actualValue < 0) { + actualValue += arrayLength; + if (actualValue < 0) { + actualValue = step < 0 ? -1 : 0; + } + } else if (actualValue >= arrayLength) { + actualValue = step < 0 ? arrayLength - 1 : arrayLength; + } + return actualValue; + } + + }; + + function Runtime(interpreter) { + this._interpreter = interpreter; + this.functionTable = { + // name: [function, ] + // The can be: + // + // { + // args: [[type1, type2], [type1, type2]], + // variadic: true|false + // } + // + // Each arg in the arg list is a list of valid types + // (if the function is overloaded and supports multiple + // types. If the type is "any" then no type checking + // occurs on the argument. Variadic is optional + // and if not provided is assumed to be false. + abs: {_func: this._functionAbs, _signature: [{types: [TYPE_NUMBER]}]}, + avg: {_func: this._functionAvg, _signature: [{types: [TYPE_ARRAY_NUMBER]}]}, + ceil: {_func: this._functionCeil, _signature: [{types: [TYPE_NUMBER]}]}, + contains: { + _func: this._functionContains, + _signature: [{types: [TYPE_STRING, TYPE_ARRAY]}, + {types: [TYPE_ANY]}]}, + "ends_with": { + _func: this._functionEndsWith, + _signature: [{types: [TYPE_STRING]}, {types: [TYPE_STRING]}]}, + floor: {_func: this._functionFloor, _signature: [{types: [TYPE_NUMBER]}]}, + length: { + _func: this._functionLength, + _signature: [{types: [TYPE_STRING, TYPE_ARRAY, TYPE_OBJECT]}]}, + map: { + _func: this._functionMap, + _signature: [{types: [TYPE_EXPREF]}, {types: [TYPE_ARRAY]}]}, + max: { + _func: this._functionMax, + _signature: [{types: [TYPE_ARRAY_NUMBER, TYPE_ARRAY_STRING]}]}, + "merge": { + _func: this._functionMerge, + _signature: [{types: [TYPE_OBJECT], variadic: true}] + }, + "max_by": { + _func: this._functionMaxBy, + _signature: [{types: [TYPE_ARRAY]}, {types: [TYPE_EXPREF]}] + }, + sum: {_func: this._functionSum, _signature: [{types: [TYPE_ARRAY_NUMBER]}]}, + "starts_with": { + _func: this._functionStartsWith, + _signature: [{types: [TYPE_STRING]}, {types: [TYPE_STRING]}]}, + min: { + _func: this._functionMin, + _signature: [{types: [TYPE_ARRAY_NUMBER, TYPE_ARRAY_STRING]}]}, + "min_by": { + _func: this._functionMinBy, + _signature: [{types: [TYPE_ARRAY]}, {types: [TYPE_EXPREF]}] + }, + type: {_func: this._functionType, _signature: [{types: [TYPE_ANY]}]}, + keys: {_func: this._functionKeys, _signature: [{types: [TYPE_OBJECT]}]}, + values: {_func: this._functionValues, _signature: [{types: [TYPE_OBJECT]}]}, + sort: {_func: this._functionSort, _signature: [{types: [TYPE_ARRAY_STRING, TYPE_ARRAY_NUMBER]}]}, + "sort_by": { + _func: this._functionSortBy, + _signature: [{types: [TYPE_ARRAY]}, {types: [TYPE_EXPREF]}] + }, + join: { + _func: this._functionJoin, + _signature: [ + {types: [TYPE_STRING]}, + {types: [TYPE_ARRAY_STRING]} + ] + }, + reverse: { + _func: this._functionReverse, + _signature: [{types: [TYPE_STRING, TYPE_ARRAY]}]}, + "to_array": {_func: this._functionToArray, _signature: [{types: [TYPE_ANY]}]}, + "to_string": {_func: this._functionToString, _signature: [{types: [TYPE_ANY]}]}, + "to_number": {_func: this._functionToNumber, _signature: [{types: [TYPE_ANY]}]}, + "not_null": { + _func: this._functionNotNull, + _signature: [{types: [TYPE_ANY], variadic: true}] + } + }; + } + + Runtime.prototype = { + callFunction: function(name, resolvedArgs) { + var functionEntry = this.functionTable[name]; + if (functionEntry === undefined) { + throw new Error("Unknown function: " + name + "()"); + } + this._validateArgs(name, resolvedArgs, functionEntry._signature); + return functionEntry._func.call(this, resolvedArgs); + }, + + _validateArgs: function(name, args, signature) { + // Validating the args requires validating + // the correct arity and the correct type of each arg. + // If the last argument is declared as variadic, then we need + // a minimum number of args to be required. Otherwise it has to + // be an exact amount. + var pluralized; + if (signature[signature.length - 1].variadic) { + if (args.length < signature.length) { + pluralized = signature.length === 1 ? " argument" : " arguments"; + throw new Error("ArgumentError: " + name + "() " + + "takes at least" + signature.length + pluralized + + " but received " + args.length); + } + } else if (args.length !== signature.length) { + pluralized = signature.length === 1 ? " argument" : " arguments"; + throw new Error("ArgumentError: " + name + "() " + + "takes " + signature.length + pluralized + + " but received " + args.length); + } + var currentSpec; + var actualType; + var typeMatched; + for (var i = 0; i < signature.length; i++) { + typeMatched = false; + currentSpec = signature[i].types; + actualType = this._getTypeName(args[i]); + for (var j = 0; j < currentSpec.length; j++) { + if (this._typeMatches(actualType, currentSpec[j], args[i])) { + typeMatched = true; + break; + } + } + if (!typeMatched) { + var expected = currentSpec + .map(function(typeIdentifier) { + return TYPE_NAME_TABLE[typeIdentifier]; + }) + .join(','); + throw new Error("TypeError: " + name + "() " + + "expected argument " + (i + 1) + + " to be type " + expected + + " but received type " + + TYPE_NAME_TABLE[actualType] + " instead."); + } + } + }, + + _typeMatches: function(actual, expected, argValue) { + if (expected === TYPE_ANY) { + return true; + } + if (expected === TYPE_ARRAY_STRING || + expected === TYPE_ARRAY_NUMBER || + expected === TYPE_ARRAY) { + // The expected type can either just be array, + // or it can require a specific subtype (array of numbers). + // + // The simplest case is if "array" with no subtype is specified. + if (expected === TYPE_ARRAY) { + return actual === TYPE_ARRAY; + } else if (actual === TYPE_ARRAY) { + // Otherwise we need to check subtypes. + // I think this has potential to be improved. + var subtype; + if (expected === TYPE_ARRAY_NUMBER) { + subtype = TYPE_NUMBER; + } else if (expected === TYPE_ARRAY_STRING) { + subtype = TYPE_STRING; + } + for (var i = 0; i < argValue.length; i++) { + if (!this._typeMatches( + this._getTypeName(argValue[i]), subtype, + argValue[i])) { + return false; + } + } + return true; + } + } else { + return actual === expected; + } + }, + _getTypeName: function(obj) { + switch (Object.prototype.toString.call(obj)) { + case "[object String]": + return TYPE_STRING; + case "[object Number]": + return TYPE_NUMBER; + case "[object Array]": + return TYPE_ARRAY; + case "[object Boolean]": + return TYPE_BOOLEAN; + case "[object Null]": + return TYPE_NULL; + case "[object Object]": + // Check if it's an expref. If it has, it's been + // tagged with a jmespathType attr of 'Expref'; + if (obj.jmespathType === TOK_EXPREF) { + return TYPE_EXPREF; + } else { + return TYPE_OBJECT; + } + } + }, + + _functionStartsWith: function(resolvedArgs) { + return resolvedArgs[0].lastIndexOf(resolvedArgs[1]) === 0; + }, + + _functionEndsWith: function(resolvedArgs) { + var searchStr = resolvedArgs[0]; + var suffix = resolvedArgs[1]; + return searchStr.indexOf(suffix, searchStr.length - suffix.length) !== -1; + }, + + _functionReverse: function(resolvedArgs) { + var typeName = this._getTypeName(resolvedArgs[0]); + if (typeName === TYPE_STRING) { + var originalStr = resolvedArgs[0]; + var reversedStr = ""; + for (var i = originalStr.length - 1; i >= 0; i--) { + reversedStr += originalStr[i]; + } + return reversedStr; + } else { + var reversedArray = resolvedArgs[0].slice(0); + reversedArray.reverse(); + return reversedArray; + } + }, + + _functionAbs: function(resolvedArgs) { + return Math.abs(resolvedArgs[0]); + }, + + _functionCeil: function(resolvedArgs) { + return Math.ceil(resolvedArgs[0]); + }, + + _functionAvg: function(resolvedArgs) { + var sum = 0; + var inputArray = resolvedArgs[0]; + for (var i = 0; i < inputArray.length; i++) { + sum += inputArray[i]; + } + return sum / inputArray.length; + }, + + _functionContains: function(resolvedArgs) { + return resolvedArgs[0].indexOf(resolvedArgs[1]) >= 0; + }, + + _functionFloor: function(resolvedArgs) { + return Math.floor(resolvedArgs[0]); + }, + + _functionLength: function(resolvedArgs) { + if (!isObject(resolvedArgs[0])) { + return resolvedArgs[0].length; + } else { + // As far as I can tell, there's no way to get the length + // of an object without O(n) iteration through the object. + return Object.keys(resolvedArgs[0]).length; + } + }, + + _functionMap: function(resolvedArgs) { + var mapped = []; + var interpreter = this._interpreter; + var exprefNode = resolvedArgs[0]; + var elements = resolvedArgs[1]; + for (var i = 0; i < elements.length; i++) { + mapped.push(interpreter.visit(exprefNode, elements[i])); + } + return mapped; + }, + + _functionMerge: function(resolvedArgs) { + var merged = {}; + for (var i = 0; i < resolvedArgs.length; i++) { + var current = resolvedArgs[i]; + for (var key in current) { + merged[key] = current[key]; + } + } + return merged; + }, + + _functionMax: function(resolvedArgs) { + if (resolvedArgs[0].length > 0) { + var typeName = this._getTypeName(resolvedArgs[0][0]); + if (typeName === TYPE_NUMBER) { + return Math.max.apply(Math, resolvedArgs[0]); + } else { + var elements = resolvedArgs[0]; + var maxElement = elements[0]; + for (var i = 1; i < elements.length; i++) { + if (maxElement.localeCompare(elements[i]) < 0) { + maxElement = elements[i]; + } + } + return maxElement; + } + } else { + return null; + } + }, + + _functionMin: function(resolvedArgs) { + if (resolvedArgs[0].length > 0) { + var typeName = this._getTypeName(resolvedArgs[0][0]); + if (typeName === TYPE_NUMBER) { + return Math.min.apply(Math, resolvedArgs[0]); + } else { + var elements = resolvedArgs[0]; + var minElement = elements[0]; + for (var i = 1; i < elements.length; i++) { + if (elements[i].localeCompare(minElement) < 0) { + minElement = elements[i]; + } + } + return minElement; + } + } else { + return null; + } + }, + + _functionSum: function(resolvedArgs) { + var sum = 0; + var listToSum = resolvedArgs[0]; + for (var i = 0; i < listToSum.length; i++) { + sum += listToSum[i]; + } + return sum; + }, + + _functionType: function(resolvedArgs) { + switch (this._getTypeName(resolvedArgs[0])) { + case TYPE_NUMBER: + return "number"; + case TYPE_STRING: + return "string"; + case TYPE_ARRAY: + return "array"; + case TYPE_OBJECT: + return "object"; + case TYPE_BOOLEAN: + return "boolean"; + case TYPE_EXPREF: + return "expref"; + case TYPE_NULL: + return "null"; + } + }, + + _functionKeys: function(resolvedArgs) { + return Object.keys(resolvedArgs[0]); + }, + + _functionValues: function(resolvedArgs) { + var obj = resolvedArgs[0]; + var keys = Object.keys(obj); + var values = []; + for (var i = 0; i < keys.length; i++) { + values.push(obj[keys[i]]); + } + return values; + }, + + _functionJoin: function(resolvedArgs) { + var joinChar = resolvedArgs[0]; + var listJoin = resolvedArgs[1]; + return listJoin.join(joinChar); + }, + + _functionToArray: function(resolvedArgs) { + if (this._getTypeName(resolvedArgs[0]) === TYPE_ARRAY) { + return resolvedArgs[0]; + } else { + return [resolvedArgs[0]]; + } + }, + + _functionToString: function(resolvedArgs) { + if (this._getTypeName(resolvedArgs[0]) === TYPE_STRING) { + return resolvedArgs[0]; + } else { + return JSON.stringify(resolvedArgs[0]); + } + }, + + _functionToNumber: function(resolvedArgs) { + var typeName = this._getTypeName(resolvedArgs[0]); + var convertedValue; + if (typeName === TYPE_NUMBER) { + return resolvedArgs[0]; + } else if (typeName === TYPE_STRING) { + convertedValue = +resolvedArgs[0]; + if (!isNaN(convertedValue)) { + return convertedValue; + } + } + return null; + }, + + _functionNotNull: function(resolvedArgs) { + for (var i = 0; i < resolvedArgs.length; i++) { + if (this._getTypeName(resolvedArgs[i]) !== TYPE_NULL) { + return resolvedArgs[i]; + } + } + return null; + }, + + _functionSort: function(resolvedArgs) { + var sortedArray = resolvedArgs[0].slice(0); + sortedArray.sort(); + return sortedArray; + }, + + _functionSortBy: function(resolvedArgs) { + var sortedArray = resolvedArgs[0].slice(0); + if (sortedArray.length === 0) { + return sortedArray; + } + var interpreter = this._interpreter; + var exprefNode = resolvedArgs[1]; + var requiredType = this._getTypeName( + interpreter.visit(exprefNode, sortedArray[0])); + if ([TYPE_NUMBER, TYPE_STRING].indexOf(requiredType) < 0) { + throw new Error("TypeError"); + } + var that = this; + // In order to get a stable sort out of an unstable + // sort algorithm, we decorate/sort/undecorate (DSU) + // by creating a new list of [index, element] pairs. + // In the cmp function, if the evaluated elements are + // equal, then the index will be used as the tiebreaker. + // After the decorated list has been sorted, it will be + // undecorated to extract the original elements. + var decorated = []; + for (var i = 0; i < sortedArray.length; i++) { + decorated.push([i, sortedArray[i]]); + } + decorated.sort(function(a, b) { + var exprA = interpreter.visit(exprefNode, a[1]); + var exprB = interpreter.visit(exprefNode, b[1]); + if (that._getTypeName(exprA) !== requiredType) { + throw new Error( + "TypeError: expected " + requiredType + ", received " + + that._getTypeName(exprA)); + } else if (that._getTypeName(exprB) !== requiredType) { + throw new Error( + "TypeError: expected " + requiredType + ", received " + + that._getTypeName(exprB)); + } + if (exprA > exprB) { + return 1; + } else if (exprA < exprB) { + return -1; + } else { + // If they're equal compare the items by their + // order to maintain relative order of equal keys + // (i.e. to get a stable sort). + return a[0] - b[0]; + } + }); + // Undecorate: extract out the original list elements. + for (var j = 0; j < decorated.length; j++) { + sortedArray[j] = decorated[j][1]; + } + return sortedArray; + }, + + _functionMaxBy: function(resolvedArgs) { + var exprefNode = resolvedArgs[1]; + var resolvedArray = resolvedArgs[0]; + var keyFunction = this.createKeyFunction(exprefNode, [TYPE_NUMBER, TYPE_STRING]); + var maxNumber = -Infinity; + var maxRecord; + var current; + for (var i = 0; i < resolvedArray.length; i++) { + current = keyFunction(resolvedArray[i]); + if (current > maxNumber) { + maxNumber = current; + maxRecord = resolvedArray[i]; + } + } + return maxRecord; + }, + + _functionMinBy: function(resolvedArgs) { + var exprefNode = resolvedArgs[1]; + var resolvedArray = resolvedArgs[0]; + var keyFunction = this.createKeyFunction(exprefNode, [TYPE_NUMBER, TYPE_STRING]); + var minNumber = Infinity; + var minRecord; + var current; + for (var i = 0; i < resolvedArray.length; i++) { + current = keyFunction(resolvedArray[i]); + if (current < minNumber) { + minNumber = current; + minRecord = resolvedArray[i]; + } + } + return minRecord; + }, + + createKeyFunction: function(exprefNode, allowedTypes) { + var that = this; + var interpreter = this._interpreter; + var keyFunc = function(x) { + var current = interpreter.visit(exprefNode, x); + if (allowedTypes.indexOf(that._getTypeName(current)) < 0) { + var msg = "TypeError: expected one of " + allowedTypes + + ", received " + that._getTypeName(current); + throw new Error(msg); + } + return current; + }; + return keyFunc; + } + + }; + + function compile(stream) { + var parser = new Parser(); + var ast = parser.parse(stream); + return ast; + } + + function tokenize(stream) { + var lexer = new Lexer(); + return lexer.tokenize(stream); + } + + function search(data, expression) { + var parser = new Parser(); + // This needs to be improved. Both the interpreter and runtime depend on + // each other. The runtime needs the interpreter to support exprefs. + // There's likely a clean way to avoid the cyclic dependency. + var runtime = new Runtime(); + var interpreter = new TreeInterpreter(runtime); + runtime._interpreter = interpreter; + var node = parser.parse(expression); + return interpreter.search(node, data); + } + + exports.tokenize = tokenize; + exports.compile = compile; + exports.search = search; + exports.strictDeepEqual = strictDeepEqual; +})( false ? 0 : exports); + + +/***/ }), + +/***/ 7269: +/***/ ((__unused_webpack_module, exports, __nccwpck_require4_) => { + +;(function (sax) { // wrapper for non-node envs + sax.parser = function (strict, opt) { return new SAXParser(strict, opt) } + sax.SAXParser = SAXParser + sax.SAXStream = SAXStream + sax.createStream = createStream + + // When we pass the MAX_BUFFER_LENGTH position, start checking for buffer overruns. + // When we check, schedule the next check for MAX_BUFFER_LENGTH - (max(buffer lengths)), + // since that's the earliest that a buffer overrun could occur. This way, checks are + // as rare as required, but as often as necessary to ensure never crossing this bound. + // Furthermore, buffers are only tested at most once per write(), so passing a very + // large string into write() might have undesirable effects, but this is manageable by + // the caller, so it is assumed to be safe. Thus, a call to write() may, in the extreme + // edge case, result in creating at most one complete copy of the string passed in. + // Set to Infinity to have unlimited buffers. + sax.MAX_BUFFER_LENGTH = 64 * 1024 + + var buffers = [ + 'comment', 'sgmlDecl', 'textNode', 'tagName', 'doctype', + 'procInstName', 'procInstBody', 'entity', 'attribName', + 'attribValue', 'cdata', 'script' + ] + + sax.EVENTS = [ + 'text', + 'processinginstruction', + 'sgmldeclaration', + 'doctype', + 'comment', + 'opentagstart', + 'attribute', + 'opentag', + 'closetag', + 'opencdata', + 'cdata', + 'closecdata', + 'error', + 'end', + 'ready', + 'script', + 'opennamespace', + 'closenamespace' + ] + + function SAXParser (strict, opt) { + if (!(this instanceof SAXParser)) { + return new SAXParser(strict, opt) + } + + var parser = this + clearBuffers(parser) + parser.q = parser.c = '' + parser.bufferCheckPosition = sax.MAX_BUFFER_LENGTH + parser.opt = opt || {} + parser.opt.lowercase = parser.opt.lowercase || parser.opt.lowercasetags + parser.looseCase = parser.opt.lowercase ? 'toLowerCase' : 'toUpperCase' + parser.tags = [] + parser.closed = parser.closedRoot = parser.sawRoot = false + parser.tag = parser.error = null + parser.strict = !!strict + parser.noscript = !!(strict || parser.opt.noscript) + parser.state = S.BEGIN + parser.strictEntities = parser.opt.strictEntities + parser.ENTITIES = parser.strictEntities ? Object.create(sax.XML_ENTITIES) : Object.create(sax.ENTITIES) + parser.attribList = [] + + // namespaces form a prototype chain. + // it always points at the current tag, + // which protos to its parent tag. + if (parser.opt.xmlns) { + parser.ns = Object.create(rootNS) + } + + // mostly just for error reporting + parser.trackPosition = parser.opt.position !== false + if (parser.trackPosition) { + parser.position = parser.line = parser.column = 0 + } + emit(parser, 'onready') + } + + if (!Object.create) { + Object.create = function (o) { + function F () {} + F.prototype = o + var newf = new F() + return newf + } + } + + if (!Object.keys) { + Object.keys = function (o) { + var a = [] + for (var i in o) if (o.hasOwnProperty(i)) a.push(i) + return a + } + } + + function checkBufferLength (parser) { + var maxAllowed = Math.max(sax.MAX_BUFFER_LENGTH, 10) + var maxActual = 0 + for (var i = 0, l = buffers.length; i < l; i++) { + var len = parser[buffers[i]].length + if (len > maxAllowed) { + // Text/cdata nodes can get big, and since they're buffered, + // we can get here under normal conditions. + // Avoid issues by emitting the text node now, + // so at least it won't get any bigger. + switch (buffers[i]) { + case 'textNode': + closeText(parser) + break + + case 'cdata': + emitNode(parser, 'oncdata', parser.cdata) + parser.cdata = '' + break + + case 'script': + emitNode(parser, 'onscript', parser.script) + parser.script = '' + break + + default: + error(parser, 'Max buffer length exceeded: ' + buffers[i]) + } + } + maxActual = Math.max(maxActual, len) + } + // schedule the next check for the earliest possible buffer overrun. + var m = sax.MAX_BUFFER_LENGTH - maxActual + parser.bufferCheckPosition = m + parser.position + } + + function clearBuffers (parser) { + for (var i = 0, l = buffers.length; i < l; i++) { + parser[buffers[i]] = '' + } + } + + function flushBuffers (parser) { + closeText(parser) + if (parser.cdata !== '') { + emitNode(parser, 'oncdata', parser.cdata) + parser.cdata = '' + } + if (parser.script !== '') { + emitNode(parser, 'onscript', parser.script) + parser.script = '' + } + } + + SAXParser.prototype = { + end: function () { end(this) }, + write: write, + resume: function () { this.error = null; return this }, + close: function () { return this.write(null) }, + flush: function () { flushBuffers(this) } + } + + var Stream + try { + Stream = (__nccwpck_require4_(2781).Stream) + } catch (ex) { + Stream = function () {} + } + + var streamWraps = sax.EVENTS.filter(function (ev) { + return ev !== 'error' && ev !== 'end' + }) + + function createStream (strict, opt) { + return new SAXStream(strict, opt) + } + + function SAXStream (strict, opt) { + if (!(this instanceof SAXStream)) { + return new SAXStream(strict, opt) + } + + Stream.apply(this) + + this._parser = new SAXParser(strict, opt) + this.writable = true + this.readable = true + + var me = this + + this._parser.onend = function () { + me.emit('end') + } + + this._parser.onerror = function (er) { + me.emit('error', er) + + // if didn't throw, then means error was handled. + // go ahead and clear error, so we can write again. + me._parser.error = null + } + + this._decoder = null + + streamWraps.forEach(function (ev) { + Object.defineProperty(me, 'on' + ev, { + get: function () { + return me._parser['on' + ev] + }, + set: function (h) { + if (!h) { + me.removeAllListeners(ev) + me._parser['on' + ev] = h + return h + } + me.on(ev, h) + }, + enumerable: true, + configurable: false + }) + }) + } + + SAXStream.prototype = Object.create(Stream.prototype, { + constructor: { + value: SAXStream + } + }) + + SAXStream.prototype.write = function (data) { + if (typeof Buffer === 'function' && + typeof Buffer.isBuffer === 'function' && + Buffer.isBuffer(data)) { + if (!this._decoder) { + var SD = (__nccwpck_require4_(1576).StringDecoder) + this._decoder = new SD('utf8') + } + data = this._decoder.write(data) + } + + this._parser.write(data.toString()) + this.emit('data', data) + return true + } + + SAXStream.prototype.end = function (chunk) { + if (chunk && chunk.length) { + this.write(chunk) + } + this._parser.end() + return true + } + + SAXStream.prototype.on = function (ev, handler) { + var me = this + if (!me._parser['on' + ev] && streamWraps.indexOf(ev) !== -1) { + me._parser['on' + ev] = function () { + var args = arguments.length === 1 ? [arguments[0]] : Array.apply(null, arguments) + args.splice(0, 0, ev) + me.emit.apply(me, args) + } + } + + return Stream.prototype.on.call(me, ev, handler) + } + + // character classes and tokens + var whitespace = '\r\n\t ' + + // this really needs to be replaced with character classes. + // XML allows all manner of ridiculous numbers and digits. + var number = '0124356789' + var letter = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ' + + // (Letter | "_" | ":") + var quote = '\'"' + var attribEnd = whitespace + '>' + var CDATA = '[CDATA[' + var DOCTYPE = 'DOCTYPE' + var XML_NAMESPACE = 'http://www.w3.org/XML/1998/namespace' + var XMLNS_NAMESPACE = 'http://www.w3.org/2000/xmlns/' + var rootNS = { xml: XML_NAMESPACE, xmlns: XMLNS_NAMESPACE } + + // turn all the string character sets into character class objects. + whitespace = charClass(whitespace) + number = charClass(number) + letter = charClass(letter) + + // http://www.w3.org/TR/REC-xml/#NT-NameStartChar + // This implementation works on strings, a single character at a time + // as such, it cannot ever support astral-plane characters (10000-EFFFF) + // without a significant breaking change to either this parser, or the + // JavaScript language. Implementation of an emoji-capable xml parser + // is left as an exercise for the reader. + var nameStart = /[:_A-Za-z\u00C0-\u00D6\u00D8-\u00F6\u00F8-\u02FF\u0370-\u037D\u037F-\u1FFF\u200C-\u200D\u2070-\u218F\u2C00-\u2FEF\u3001-\uD7FF\uF900-\uFDCF\uFDF0-\uFFFD]/ + + var nameBody = /[:_A-Za-z\u00C0-\u00D6\u00D8-\u00F6\u00F8-\u02FF\u0370-\u037D\u037F-\u1FFF\u200C-\u200D\u2070-\u218F\u2C00-\u2FEF\u3001-\uD7FF\uF900-\uFDCF\uFDF0-\uFFFD\u00B7\u0300-\u036F\u203F-\u2040\.\d-]/ + + var entityStart = /[#:_A-Za-z\u00C0-\u00D6\u00D8-\u00F6\u00F8-\u02FF\u0370-\u037D\u037F-\u1FFF\u200C-\u200D\u2070-\u218F\u2C00-\u2FEF\u3001-\uD7FF\uF900-\uFDCF\uFDF0-\uFFFD]/ + var entityBody = /[#:_A-Za-z\u00C0-\u00D6\u00D8-\u00F6\u00F8-\u02FF\u0370-\u037D\u037F-\u1FFF\u200C-\u200D\u2070-\u218F\u2C00-\u2FEF\u3001-\uD7FF\uF900-\uFDCF\uFDF0-\uFFFD\u00B7\u0300-\u036F\u203F-\u2040\.\d-]/ + + quote = charClass(quote) + attribEnd = charClass(attribEnd) + + function charClass (str) { + return str.split('').reduce(function (s, c) { + s[c] = true + return s + }, {}) + } + + function isRegExp (c) { + return Object.prototype.toString.call(c) === '[object RegExp]' + } + + function is (charclass, c) { + return isRegExp(charclass) ? !!c.match(charclass) : charclass[c] + } + + function not (charclass, c) { + return !is(charclass, c) + } + + var S = 0 + sax.STATE = { + BEGIN: S++, // leading byte order mark or whitespace + BEGIN_WHITESPACE: S++, // leading whitespace + TEXT: S++, // general stuff + TEXT_ENTITY: S++, // & and such. + OPEN_WAKA: S++, // < + SGML_DECL: S++, // + SCRIPT: S++, //