jayhgq/django-vue3-admin-web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55617d125d
django-vue3-admin-web/node_modules/@smithy/credential-provider-imds/dist-es/fromContainerMetadata.js
jayhgq 55617d125d 初始化
2025-10-20 21:21:14 +08:00

78 lines
3.0 KiB
JavaScript
Raw Blame History

import { CredentialsProviderError } from "@smithy/property-provider";
import { parse } from "url";
import { httpRequest } from "./remoteProvider/httpRequest";
import { fromImdsCredentials, isImdsCredentials } from "./remoteProvider/ImdsCredentials";
import { providerConfigFromInit } from "./remoteProvider/RemoteProviderInit";
import { retry } from "./remoteProvider/retry";
export const ENV_CMDS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI";
export const ENV_CMDS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI";
export const ENV_CMDS_AUTH_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN";
export const fromContainerMetadata = (init = {}) => {
const { timeout, maxRetries } = providerConfigFromInit(init);
return () => retry(async () => {
const requestOptions = await getCmdsUri({ logger: init.logger });
const credsResponse = JSON.parse(await requestFromEcsImds(timeout, requestOptions));
if (!isImdsCredentials(credsResponse)) {
throw new CredentialsProviderError("Invalid response received from instance metadata service.", {
logger: init.logger,
});
}
return fromImdsCredentials(credsResponse);
}, maxRetries);
};
const requestFromEcsImds = async (timeout, options) => {
if (process.env[ENV_CMDS_AUTH_TOKEN]) {
options.headers = {
...options.headers,
Authorization: process.env[ENV_CMDS_AUTH_TOKEN],
};
}
const buffer = await httpRequest({
...options,
timeout,
});
return buffer.toString();
};
const CMDS_IP = "169.254.170.2";
const GREENGRASS_HOSTS = {
localhost: true,
"127.0.0.1": true,
};
const GREENGRASS_PROTOCOLS = {
"http:": true,
"https:": true,
};
const getCmdsUri = async ({ logger }) => {
if (process.env[ENV_CMDS_RELATIVE_URI]) {
return {
hostname: CMDS_IP,
path: process.env[ENV_CMDS_RELATIVE_URI],
};
}
if (process.env[ENV_CMDS_FULL_URI]) {
const parsed = parse(process.env[ENV_CMDS_FULL_URI]);
if (!parsed.hostname || !(parsed.hostname in GREENGRASS_HOSTS)) {
throw new CredentialsProviderError(`${parsed.hostname} is not a valid container metadata service hostname`, {
tryNextLink: false,
logger,
});
}
if (!parsed.protocol || !(parsed.protocol in GREENGRASS_PROTOCOLS)) {
throw new CredentialsProviderError(`${parsed.protocol} is not a valid container metadata service protocol`, {
tryNextLink: false,
logger,
});
}
return {
...parsed,
port: parsed.port ? parseInt(parsed.port, 10) : undefined,
};
}
throw new CredentialsProviderError("The container metadata credential provider cannot be used unless" +
` the ${ENV_CMDS_RELATIVE_URI} or ${ENV_CMDS_FULL_URI} environment` +
" variable is set", {
tryNextLink: false,
logger,
});
};
Reference in New Issue View Git Blame Copy Permalink