'use strict'; var STSClient = require('./STSClient'); var smithyClient = require('@smithy/smithy-client'); var middlewareEndpoint = require('@smithy/middleware-endpoint'); var middlewareSerde = require('@smithy/middleware-serde'); var EndpointParameters = require('./endpoint/EndpointParameters'); var core = require('@aws-sdk/core'); var protocolHttp = require('@smithy/protocol-http'); var client = require('@aws-sdk/core/client'); class STSServiceException extends smithyClient.ServiceException { constructor(options) { super(options); Object.setPrototypeOf(this, STSServiceException.prototype); } } const CredentialsFilterSensitiveLog = (obj) => ({ ...obj, ...(obj.SecretAccessKey && { SecretAccessKey: smithyClient.SENSITIVE_STRING }), }); const AssumeRoleResponseFilterSensitiveLog = (obj) => ({ ...obj, ...(obj.Credentials && { Credentials: CredentialsFilterSensitiveLog(obj.Credentials) }), }); class ExpiredTokenException extends STSServiceException { name = "ExpiredTokenException"; $fault = "client"; constructor(opts) { super({ name: "ExpiredTokenException", $fault: "client", ...opts, }); Object.setPrototypeOf(this, ExpiredTokenException.prototype); } } class MalformedPolicyDocumentException extends STSServiceException { name = "MalformedPolicyDocumentException"; $fault = "client"; constructor(opts) { super({ name: "MalformedPolicyDocumentException", $fault: "client", ...opts, }); Object.setPrototypeOf(this, MalformedPolicyDocumentException.prototype); } } class PackedPolicyTooLargeException extends STSServiceException { name = "PackedPolicyTooLargeException"; $fault = "client"; constructor(opts) { super({ name: "PackedPolicyTooLargeException", $fault: "client", ...opts, }); Object.setPrototypeOf(this, PackedPolicyTooLargeException.prototype); } } class RegionDisabledException extends STSServiceException { name = "RegionDisabledException"; $fault = "client"; constructor(opts) { super({ name: "RegionDisabledException", $fault: "client", ...opts, }); Object.setPrototypeOf(this, RegionDisabledException.prototype); } } class IDPRejectedClaimException extends STSServiceException { name = "IDPRejectedClaimException"; $fault = "client"; constructor(opts) { super({ name: "IDPRejectedClaimException", $fault: "client", ...opts, }); Object.setPrototypeOf(this, IDPRejectedClaimException.prototype); } } class InvalidIdentityTokenException extends STSServiceException { name = "InvalidIdentityTokenException"; $fault = "client"; constructor(opts) { super({ name: "InvalidIdentityTokenException", $fault: "client", ...opts, }); Object.setPrototypeOf(this, InvalidIdentityTokenException.prototype); } } const AssumeRoleWithWebIdentityRequestFilterSensitiveLog = (obj) => ({ ...obj, ...(obj.WebIdentityToken && { WebIdentityToken: smithyClient.SENSITIVE_STRING }), }); const AssumeRoleWithWebIdentityResponseFilterSensitiveLog = (obj) => ({ ...obj, ...(obj.Credentials && { Credentials: CredentialsFilterSensitiveLog(obj.Credentials) }), }); class IDPCommunicationErrorException extends STSServiceException { name = "IDPCommunicationErrorException"; $fault = "client"; constructor(opts) { super({ name: "IDPCommunicationErrorException", $fault: "client", ...opts, }); Object.setPrototypeOf(this, IDPCommunicationErrorException.prototype); } } const se_AssumeRoleCommand = async (input, context) => { const headers = SHARED_HEADERS; let body; body = buildFormUrlencodedString({ ...se_AssumeRoleRequest(input), [_A]: _AR, [_V]: _, }); return buildHttpRpcRequest(context, headers, "/", undefined, body); }; const se_AssumeRoleWithWebIdentityCommand = async (input, context) => { const headers = SHARED_HEADERS; let body; body = buildFormUrlencodedString({ ...se_AssumeRoleWithWebIdentityRequest(input), [_A]: _ARWWI, [_V]: _, }); return buildHttpRpcRequest(context, headers, "/", undefined, body); }; const de_AssumeRoleCommand = async (output, context) => { if (output.statusCode >= 300) { return de_CommandError(output, context); } const data = await core.parseXmlBody(output.body, context); let contents = {}; contents = de_AssumeRoleResponse(data.AssumeRoleResult); const response = { $metadata: deserializeMetadata(output), ...contents, }; return response; }; const de_AssumeRoleWithWebIdentityCommand = async (output, context) => { if (output.statusCode >= 300) { return de_CommandError(output, context); } const data = await core.parseXmlBody(output.body, context); let contents = {}; contents = de_AssumeRoleWithWebIdentityResponse(data.AssumeRoleWithWebIdentityResult); const response = { $metadata: deserializeMetadata(output), ...contents, }; return response; }; const de_CommandError = async (output, context) => { const parsedOutput = { ...output, body: await core.parseXmlErrorBody(output.body, context), }; const errorCode = loadQueryErrorCode(output, parsedOutput.body); switch (errorCode) { case "ExpiredTokenException": case "com.amazonaws.sts#ExpiredTokenException": throw await de_ExpiredTokenExceptionRes(parsedOutput); case "MalformedPolicyDocument": case "com.amazonaws.sts#MalformedPolicyDocumentException": throw await de_MalformedPolicyDocumentExceptionRes(parsedOutput); case "PackedPolicyTooLarge": case "com.amazonaws.sts#PackedPolicyTooLargeException": throw await de_PackedPolicyTooLargeExceptionRes(parsedOutput); case "RegionDisabledException": case "com.amazonaws.sts#RegionDisabledException": throw await de_RegionDisabledExceptionRes(parsedOutput); case "IDPCommunicationError": case "com.amazonaws.sts#IDPCommunicationErrorException": throw await de_IDPCommunicationErrorExceptionRes(parsedOutput); case "IDPRejectedClaim": case "com.amazonaws.sts#IDPRejectedClaimException": throw await de_IDPRejectedClaimExceptionRes(parsedOutput); case "InvalidIdentityToken": case "com.amazonaws.sts#InvalidIdentityTokenException": throw await de_InvalidIdentityTokenExceptionRes(parsedOutput); default: const parsedBody = parsedOutput.body; return throwDefaultError({ output, parsedBody: parsedBody.Error, errorCode, }); } }; const de_ExpiredTokenExceptionRes = async (parsedOutput, context) => { const body = parsedOutput.body; const deserialized = de_ExpiredTokenException(body.Error); const exception = new ExpiredTokenException({ $metadata: deserializeMetadata(parsedOutput), ...deserialized, }); return smithyClient.decorateServiceException(exception, body); }; const de_IDPCommunicationErrorExceptionRes = async (parsedOutput, context) => { const body = parsedOutput.body; const deserialized = de_IDPCommunicationErrorException(body.Error); const exception = new IDPCommunicationErrorException({ $metadata: deserializeMetadata(parsedOutput), ...deserialized, }); return smithyClient.decorateServiceException(exception, body); }; const de_IDPRejectedClaimExceptionRes = async (parsedOutput, context) => { const body = parsedOutput.body; const deserialized = de_IDPRejectedClaimException(body.Error); const exception = new IDPRejectedClaimException({ $metadata: deserializeMetadata(parsedOutput), ...deserialized, }); return smithyClient.decorateServiceException(exception, body); }; const de_InvalidIdentityTokenExceptionRes = async (parsedOutput, context) => { const body = parsedOutput.body; const deserialized = de_InvalidIdentityTokenException(body.Error); const exception = new InvalidIdentityTokenException({ $metadata: deserializeMetadata(parsedOutput), ...deserialized, }); return smithyClient.decorateServiceException(exception, body); }; const de_MalformedPolicyDocumentExceptionRes = async (parsedOutput, context) => { const body = parsedOutput.body; const deserialized = de_MalformedPolicyDocumentException(body.Error); const exception = new MalformedPolicyDocumentException({ $metadata: deserializeMetadata(parsedOutput), ...deserialized, }); return smithyClient.decorateServiceException(exception, body); }; const de_PackedPolicyTooLargeExceptionRes = async (parsedOutput, context) => { const body = parsedOutput.body; const deserialized = de_PackedPolicyTooLargeException(body.Error); const exception = new PackedPolicyTooLargeException({ $metadata: deserializeMetadata(parsedOutput), ...deserialized, }); return smithyClient.decorateServiceException(exception, body); }; const de_RegionDisabledExceptionRes = async (parsedOutput, context) => { const body = parsedOutput.body; const deserialized = de_RegionDisabledException(body.Error); const exception = new RegionDisabledException({ $metadata: deserializeMetadata(parsedOutput), ...deserialized, }); return smithyClient.decorateServiceException(exception, body); }; const se_AssumeRoleRequest = (input, context) => { const entries = {}; if (input[_RA] != null) { entries[_RA] = input[_RA]; } if (input[_RSN] != null) { entries[_RSN] = input[_RSN]; } if (input[_PA] != null) { const memberEntries = se_policyDescriptorListType(input[_PA]); if (input[_PA]?.length === 0) { entries.PolicyArns = []; } Object.entries(memberEntries).forEach(([key, value]) => { const loc = `PolicyArns.${key}`; entries[loc] = value; }); } if (input[_P] != null) { entries[_P] = input[_P]; } if (input[_DS] != null) { entries[_DS] = input[_DS]; } if (input[_T] != null) { const memberEntries = se_tagListType(input[_T]); if (input[_T]?.length === 0) { entries.Tags = []; } Object.entries(memberEntries).forEach(([key, value]) => { const loc = `Tags.${key}`; entries[loc] = value; }); } if (input[_TTK] != null) { const memberEntries = se_tagKeyListType(input[_TTK]); if (input[_TTK]?.length === 0) { entries.TransitiveTagKeys = []; } Object.entries(memberEntries).forEach(([key, value]) => { const loc = `TransitiveTagKeys.${key}`; entries[loc] = value; }); } if (input[_EI] != null) { entries[_EI] = input[_EI]; } if (input[_SN] != null) { entries[_SN] = input[_SN]; } if (input[_TC] != null) { entries[_TC] = input[_TC]; } if (input[_SI] != null) { entries[_SI] = input[_SI]; } if (input[_PC] != null) { const memberEntries = se_ProvidedContextsListType(input[_PC]); if (input[_PC]?.length === 0) { entries.ProvidedContexts = []; } Object.entries(memberEntries).forEach(([key, value]) => { const loc = `ProvidedContexts.${key}`; entries[loc] = value; }); } return entries; }; const se_AssumeRoleWithWebIdentityRequest = (input, context) => { const entries = {}; if (input[_RA] != null) { entries[_RA] = input[_RA]; } if (input[_RSN] != null) { entries[_RSN] = input[_RSN]; } if (input[_WIT] != null) { entries[_WIT] = input[_WIT]; } if (input[_PI] != null) { entries[_PI] = input[_PI]; } if (input[_PA] != null) { const memberEntries = se_policyDescriptorListType(input[_PA]); if (input[_PA]?.length === 0) { entries.PolicyArns = []; } Object.entries(memberEntries).forEach(([key, value]) => { const loc = `PolicyArns.${key}`; entries[loc] = value; }); } if (input[_P] != null) { entries[_P] = input[_P]; } if (input[_DS] != null) { entries[_DS] = input[_DS]; } return entries; }; const se_policyDescriptorListType = (input, context) => { const entries = {}; let counter = 1; for (const entry of input) { if (entry === null) { continue; } const memberEntries = se_PolicyDescriptorType(entry); Object.entries(memberEntries).forEach(([key, value]) => { entries[`member.${counter}.${key}`] = value; }); counter++; } return entries; }; const se_PolicyDescriptorType = (input, context) => { const entries = {}; if (input[_a] != null) { entries[_a] = input[_a]; } return entries; }; const se_ProvidedContext = (input, context) => { const entries = {}; if (input[_PAr] != null) { entries[_PAr] = input[_PAr]; } if (input[_CA] != null) { entries[_CA] = input[_CA]; } return entries; }; const se_ProvidedContextsListType = (input, context) => { const entries = {}; let counter = 1; for (const entry of input) { if (entry === null) { continue; } const memberEntries = se_ProvidedContext(entry); Object.entries(memberEntries).forEach(([key, value]) => { entries[`member.${counter}.${key}`] = value; }); counter++; } return entries; }; const se_Tag = (input, context) => { const entries = {}; if (input[_K] != null) { entries[_K] = input[_K]; } if (input[_Va] != null) { entries[_Va] = input[_Va]; } return entries; }; const se_tagKeyListType = (input, context) => { const entries = {}; let counter = 1; for (const entry of input) { if (entry === null) { continue; } entries[`member.${counter}`] = entry; counter++; } return entries; }; const se_tagListType = (input, context) => { const entries = {}; let counter = 1; for (const entry of input) { if (entry === null) { continue; } const memberEntries = se_Tag(entry); Object.entries(memberEntries).forEach(([key, value]) => { entries[`member.${counter}.${key}`] = value; }); counter++; } return entries; }; const de_AssumedRoleUser = (output, context) => { const contents = {}; if (output[_ARI] != null) { contents[_ARI] = smithyClient.expectString(output[_ARI]); } if (output[_Ar] != null) { contents[_Ar] = smithyClient.expectString(output[_Ar]); } return contents; }; const de_AssumeRoleResponse = (output, context) => { const contents = {}; if (output[_C] != null) { contents[_C] = de_Credentials(output[_C]); } if (output[_ARU] != null) { contents[_ARU] = de_AssumedRoleUser(output[_ARU]); } if (output[_PPS] != null) { contents[_PPS] = smithyClient.strictParseInt32(output[_PPS]); } if (output[_SI] != null) { contents[_SI] = smithyClient.expectString(output[_SI]); } return contents; }; const de_AssumeRoleWithWebIdentityResponse = (output, context) => { const contents = {}; if (output[_C] != null) { contents[_C] = de_Credentials(output[_C]); } if (output[_SFWIT] != null) { contents[_SFWIT] = smithyClient.expectString(output[_SFWIT]); } if (output[_ARU] != null) { contents[_ARU] = de_AssumedRoleUser(output[_ARU]); } if (output[_PPS] != null) { contents[_PPS] = smithyClient.strictParseInt32(output[_PPS]); } if (output[_Pr] != null) { contents[_Pr] = smithyClient.expectString(output[_Pr]); } if (output[_Au] != null) { contents[_Au] = smithyClient.expectString(output[_Au]); } if (output[_SI] != null) { contents[_SI] = smithyClient.expectString(output[_SI]); } return contents; }; const de_Credentials = (output, context) => { const contents = {}; if (output[_AKI] != null) { contents[_AKI] = smithyClient.expectString(output[_AKI]); } if (output[_SAK] != null) { contents[_SAK] = smithyClient.expectString(output[_SAK]); } if (output[_ST] != null) { contents[_ST] = smithyClient.expectString(output[_ST]); } if (output[_E] != null) { contents[_E] = smithyClient.expectNonNull(smithyClient.parseRfc3339DateTimeWithOffset(output[_E])); } return contents; }; const de_ExpiredTokenException = (output, context) => { const contents = {}; if (output[_m] != null) { contents[_m] = smithyClient.expectString(output[_m]); } return contents; }; const de_IDPCommunicationErrorException = (output, context) => { const contents = {}; if (output[_m] != null) { contents[_m] = smithyClient.expectString(output[_m]); } return contents; }; const de_IDPRejectedClaimException = (output, context) => { const contents = {}; if (output[_m] != null) { contents[_m] = smithyClient.expectString(output[_m]); } return contents; }; const de_InvalidIdentityTokenException = (output, context) => { const contents = {}; if (output[_m] != null) { contents[_m] = smithyClient.expectString(output[_m]); } return contents; }; const de_MalformedPolicyDocumentException = (output, context) => { const contents = {}; if (output[_m] != null) { contents[_m] = smithyClient.expectString(output[_m]); } return contents; }; const de_PackedPolicyTooLargeException = (output, context) => { const contents = {}; if (output[_m] != null) { contents[_m] = smithyClient.expectString(output[_m]); } return contents; }; const de_RegionDisabledException = (output, context) => { const contents = {}; if (output[_m] != null) { contents[_m] = smithyClient.expectString(output[_m]); } return contents; }; const deserializeMetadata = (output) => ({ httpStatusCode: output.statusCode, requestId: output.headers["x-amzn-requestid"] ?? output.headers["x-amzn-request-id"] ?? output.headers["x-amz-request-id"], extendedRequestId: output.headers["x-amz-id-2"], cfId: output.headers["x-amz-cf-id"], }); const throwDefaultError = smithyClient.withBaseException(STSServiceException); const buildHttpRpcRequest = async (context, headers, path, resolvedHostname, body) => { const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); const contents = { protocol, hostname, port, method: "POST", path: basePath.endsWith("/") ? basePath.slice(0, -1) + path : basePath + path, headers, }; if (body !== undefined) { contents.body = body; } return new protocolHttp.HttpRequest(contents); }; const SHARED_HEADERS = { "content-type": "application/x-www-form-urlencoded", }; const _ = "2011-06-15"; const _A = "Action"; const _AKI = "AccessKeyId"; const _AR = "AssumeRole"; const _ARI = "AssumedRoleId"; const _ARU = "AssumedRoleUser"; const _ARWWI = "AssumeRoleWithWebIdentity"; const _Ar = "Arn"; const _Au = "Audience"; const _C = "Credentials"; const _CA = "ContextAssertion"; const _DS = "DurationSeconds"; const _E = "Expiration"; const _EI = "ExternalId"; const _K = "Key"; const _P = "Policy"; const _PA = "PolicyArns"; const _PAr = "ProviderArn"; const _PC = "ProvidedContexts"; const _PI = "ProviderId"; const _PPS = "PackedPolicySize"; const _Pr = "Provider"; const _RA = "RoleArn"; const _RSN = "RoleSessionName"; const _SAK = "SecretAccessKey"; const _SFWIT = "SubjectFromWebIdentityToken"; const _SI = "SourceIdentity"; const _SN = "SerialNumber"; const _ST = "SessionToken"; const _T = "Tags"; const _TC = "TokenCode"; const _TTK = "TransitiveTagKeys"; const _V = "Version"; const _Va = "Value"; const _WIT = "WebIdentityToken"; const _a = "arn"; const _m = "message"; const buildFormUrlencodedString = (formEntries) => Object.entries(formEntries) .map(([key, value]) => smithyClient.extendedEncodeURIComponent(key) + "=" + smithyClient.extendedEncodeURIComponent(value)) .join("&"); const loadQueryErrorCode = (output, data) => { if (data.Error?.Code !== undefined) { return data.Error.Code; } if (output.statusCode == 404) { return "NotFound"; } }; class AssumeRoleCommand extends smithyClient.Command .classBuilder() .ep(EndpointParameters.commonParams) .m(function (Command, cs, config, o) { return [ middlewareSerde.getSerdePlugin(config, this.serialize, this.deserialize), middlewareEndpoint.getEndpointPlugin(config, Command.getEndpointParameterInstructions()), ]; }) .s("AWSSecurityTokenServiceV20110615", "AssumeRole", {}) .n("STSClient", "AssumeRoleCommand") .f(void 0, AssumeRoleResponseFilterSensitiveLog) .ser(se_AssumeRoleCommand) .de(de_AssumeRoleCommand) .build() { } class AssumeRoleWithWebIdentityCommand extends smithyClient.Command .classBuilder() .ep(EndpointParameters.commonParams) .m(function (Command, cs, config, o) { return [ middlewareSerde.getSerdePlugin(config, this.serialize, this.deserialize), middlewareEndpoint.getEndpointPlugin(config, Command.getEndpointParameterInstructions()), ]; }) .s("AWSSecurityTokenServiceV20110615", "AssumeRoleWithWebIdentity", {}) .n("STSClient", "AssumeRoleWithWebIdentityCommand") .f(AssumeRoleWithWebIdentityRequestFilterSensitiveLog, AssumeRoleWithWebIdentityResponseFilterSensitiveLog) .ser(se_AssumeRoleWithWebIdentityCommand) .de(de_AssumeRoleWithWebIdentityCommand) .build() { } const commands = { AssumeRoleCommand, AssumeRoleWithWebIdentityCommand, }; class STS extends STSClient.STSClient { } smithyClient.createAggregatedClient(commands, STS); const ASSUME_ROLE_DEFAULT_REGION = "us-east-1"; const getAccountIdFromAssumedRoleUser = (assumedRoleUser) => { if (typeof assumedRoleUser?.Arn === "string") { const arnComponents = assumedRoleUser.Arn.split(":"); if (arnComponents.length > 4 && arnComponents[4] !== "") { return arnComponents[4]; } } return undefined; }; const resolveRegion = async (_region, _parentRegion, credentialProviderLogger) => { const region = typeof _region === "function" ? await _region() : _region; const parentRegion = typeof _parentRegion === "function" ? await _parentRegion() : _parentRegion; credentialProviderLogger?.debug?.("@aws-sdk/client-sts::resolveRegion", "accepting first of:", `${region} (provider)`, `${parentRegion} (parent client)`, `${ASSUME_ROLE_DEFAULT_REGION} (STS default)`); return region ?? parentRegion ?? ASSUME_ROLE_DEFAULT_REGION; }; const getDefaultRoleAssumer$1 = (stsOptions, STSClient) => { let stsClient; let closureSourceCreds; return async (sourceCreds, params) => { closureSourceCreds = sourceCreds; if (!stsClient) { const { logger = stsOptions?.parentClientConfig?.logger, region, requestHandler = stsOptions?.parentClientConfig?.requestHandler, credentialProviderLogger, } = stsOptions; const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger); const isCompatibleRequestHandler = !isH2(requestHandler); stsClient = new STSClient({ profile: stsOptions?.parentClientConfig?.profile, credentialDefaultProvider: () => async () => closureSourceCreds, region: resolvedRegion, requestHandler: isCompatibleRequestHandler ? requestHandler : undefined, logger: logger, }); } const { Credentials, AssumedRoleUser } = await stsClient.send(new AssumeRoleCommand(params)); if (!Credentials || !Credentials.AccessKeyId || !Credentials.SecretAccessKey) { throw new Error(`Invalid response from STS.assumeRole call with role ${params.RoleArn}`); } const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser); const credentials = { accessKeyId: Credentials.AccessKeyId, secretAccessKey: Credentials.SecretAccessKey, sessionToken: Credentials.SessionToken, expiration: Credentials.Expiration, ...(Credentials.CredentialScope && { credentialScope: Credentials.CredentialScope }), ...(accountId && { accountId }), }; client.setCredentialFeature(credentials, "CREDENTIALS_STS_ASSUME_ROLE", "i"); return credentials; }; }; const getDefaultRoleAssumerWithWebIdentity$1 = (stsOptions, STSClient) => { let stsClient; return async (params) => { if (!stsClient) { const { logger = stsOptions?.parentClientConfig?.logger, region, requestHandler = stsOptions?.parentClientConfig?.requestHandler, credentialProviderLogger, } = stsOptions; const resolvedRegion = await resolveRegion(region, stsOptions?.parentClientConfig?.region, credentialProviderLogger); const isCompatibleRequestHandler = !isH2(requestHandler); stsClient = new STSClient({ profile: stsOptions?.parentClientConfig?.profile, region: resolvedRegion, requestHandler: isCompatibleRequestHandler ? requestHandler : undefined, logger: logger, }); } const { Credentials, AssumedRoleUser } = await stsClient.send(new AssumeRoleWithWebIdentityCommand(params)); if (!Credentials || !Credentials.AccessKeyId || !Credentials.SecretAccessKey) { throw new Error(`Invalid response from STS.assumeRoleWithWebIdentity call with role ${params.RoleArn}`); } const accountId = getAccountIdFromAssumedRoleUser(AssumedRoleUser); const credentials = { accessKeyId: Credentials.AccessKeyId, secretAccessKey: Credentials.SecretAccessKey, sessionToken: Credentials.SessionToken, expiration: Credentials.Expiration, ...(Credentials.CredentialScope && { credentialScope: Credentials.CredentialScope }), ...(accountId && { accountId }), }; if (accountId) { client.setCredentialFeature(credentials, "RESOLVED_ACCOUNT_ID", "T"); } client.setCredentialFeature(credentials, "CREDENTIALS_STS_ASSUME_ROLE_WEB_ID", "k"); return credentials; }; }; const isH2 = (requestHandler) => { return requestHandler?.metadata?.handlerProtocol === "h2"; }; const getCustomizableStsClientCtor = (baseCtor, customizations) => { if (!customizations) return baseCtor; else return class CustomizableSTSClient extends baseCtor { constructor(config) { super(config); for (const customization of customizations) { this.middlewareStack.use(customization); } } }; }; const getDefaultRoleAssumer = (stsOptions = {}, stsPlugins) => getDefaultRoleAssumer$1(stsOptions, getCustomizableStsClientCtor(STSClient.STSClient, stsPlugins)); const getDefaultRoleAssumerWithWebIdentity = (stsOptions = {}, stsPlugins) => getDefaultRoleAssumerWithWebIdentity$1(stsOptions, getCustomizableStsClientCtor(STSClient.STSClient, stsPlugins)); const decorateDefaultCredentialProvider = (provider) => (input) => provider({ roleAssumer: getDefaultRoleAssumer(input), roleAssumerWithWebIdentity: getDefaultRoleAssumerWithWebIdentity(input), ...input, }); Object.defineProperty(exports, "$Command", { enumerable: true, get: function () { return smithyClient.Command; } }); exports.AssumeRoleCommand = AssumeRoleCommand; exports.AssumeRoleResponseFilterSensitiveLog = AssumeRoleResponseFilterSensitiveLog; exports.AssumeRoleWithWebIdentityCommand = AssumeRoleWithWebIdentityCommand; exports.AssumeRoleWithWebIdentityRequestFilterSensitiveLog = AssumeRoleWithWebIdentityRequestFilterSensitiveLog; exports.AssumeRoleWithWebIdentityResponseFilterSensitiveLog = AssumeRoleWithWebIdentityResponseFilterSensitiveLog; exports.CredentialsFilterSensitiveLog = CredentialsFilterSensitiveLog; exports.ExpiredTokenException = ExpiredTokenException; exports.IDPCommunicationErrorException = IDPCommunicationErrorException; exports.IDPRejectedClaimException = IDPRejectedClaimException; exports.InvalidIdentityTokenException = InvalidIdentityTokenException; exports.MalformedPolicyDocumentException = MalformedPolicyDocumentException; exports.PackedPolicyTooLargeException = PackedPolicyTooLargeException; exports.RegionDisabledException = RegionDisabledException; exports.STS = STS; exports.STSServiceException = STSServiceException; exports.decorateDefaultCredentialProvider = decorateDefaultCredentialProvider; exports.getDefaultRoleAssumer = getDefaultRoleAssumer; exports.getDefaultRoleAssumerWithWebIdentity = getDefaultRoleAssumerWithWebIdentity; Object.keys(STSClient).forEach(function (k) { if (k !== 'default' && !Object.prototype.hasOwnProperty.call(exports, k)) Object.defineProperty(exports, k, { enumerable: true, get: function () { return STSClient[k]; } }); });