login-action/dist/566.index.js

export const id = 566;
export const ids = [566];
export const modules = {

/***/ 566:
/***/ ((__unused_webpack_module, exports, __webpack_require__) => {

var __webpack_unused_export__;


var propertyProvider = __webpack_require__(8857);
var url = __webpack_require__(7016);
var buffer = __webpack_require__(181);
var http = __webpack_require__(8611);
var nodeConfigProvider = __webpack_require__(5704);
var urlParser = __webpack_require__(4494);

function httpRequest(options) {
    return new Promise((resolve, reject) => {
        const req = http.request({
            method: "GET",
            ...options,
            hostname: options.hostname?.replace(/^\[(.+)\]$/, "$1"),
        });
        req.on("error", (err) => {
            reject(Object.assign(new propertyProvider.ProviderError("Unable to connect to instance metadata service"), err));
            req.destroy();
        });
        req.on("timeout", () => {
            reject(new propertyProvider.ProviderError("TimeoutError from instance metadata service"));
            req.destroy();
        });
        req.on("response", (res) => {
            const { statusCode = 400 } = res;
            if (statusCode < 200 || 300 <= statusCode) {
                reject(Object.assign(new propertyProvider.ProviderError("Error response received from instance metadata service"), { statusCode }));
                req.destroy();
            }
            const chunks = [];
            res.on("data", (chunk) => {
                chunks.push(chunk);
            });
            res.on("end", () => {
                resolve(buffer.Buffer.concat(chunks));
                req.destroy();
            });
        });
        req.end();
    });
}

const isImdsCredentials = (arg) => Boolean(arg) &&
    typeof arg === "object" &&
    typeof arg.AccessKeyId === "string" &&
    typeof arg.SecretAccessKey === "string" &&
    typeof arg.Token === "string" &&
    typeof arg.Expiration === "string";
const fromImdsCredentials = (creds) => ({
    accessKeyId: creds.AccessKeyId,
    secretAccessKey: creds.SecretAccessKey,
    sessionToken: creds.Token,
    expiration: new Date(creds.Expiration),
    ...(creds.AccountId && { accountId: creds.AccountId }),
});

const DEFAULT_TIMEOUT = 1000;
const DEFAULT_MAX_RETRIES = 0;
const providerConfigFromInit = ({ maxRetries = DEFAULT_MAX_RETRIES, timeout = DEFAULT_TIMEOUT, }) => ({ maxRetries, timeout });

const retry = (toRetry, maxRetries) => {
    let promise = toRetry();
    for (let i = 0; i < maxRetries; i++) {
        promise = promise.catch(toRetry);
    }
    return promise;
};

const ENV_CMDS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI";
const ENV_CMDS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI";
const ENV_CMDS_AUTH_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN";
const fromContainerMetadata = (init = {}) => {
    const { timeout, maxRetries } = providerConfigFromInit(init);
    return () => retry(async () => {
        const requestOptions = await getCmdsUri({ logger: init.logger });
        const credsResponse = JSON.parse(await requestFromEcsImds(timeout, requestOptions));
        if (!isImdsCredentials(credsResponse)) {
            throw new propertyProvider.CredentialsProviderError("Invalid response received from instance metadata service.", {
                logger: init.logger,
            });
        }
        return fromImdsCredentials(credsResponse);
    }, maxRetries);
};
const requestFromEcsImds = async (timeout, options) => {
    if (process.env[ENV_CMDS_AUTH_TOKEN]) {
        options.headers = {
            ...options.headers,
            Authorization: process.env[ENV_CMDS_AUTH_TOKEN],
        };
    }
    const buffer = await httpRequest({
        ...options,
        timeout,
    });
    return buffer.toString();
};
const CMDS_IP = "169.254.170.2";
const GREENGRASS_HOSTS = {
    localhost: true,
    "127.0.0.1": true,
};
const GREENGRASS_PROTOCOLS = {
    "http:": true,
    "https:": true,
};
const getCmdsUri = async ({ logger }) => {
    if (process.env[ENV_CMDS_RELATIVE_URI]) {
        return {
            hostname: CMDS_IP,
            path: process.env[ENV_CMDS_RELATIVE_URI],
        };
    }
    if (process.env[ENV_CMDS_FULL_URI]) {
        const parsed = url.parse(process.env[ENV_CMDS_FULL_URI]);
        if (!parsed.hostname || !(parsed.hostname in GREENGRASS_HOSTS)) {
            throw new propertyProvider.CredentialsProviderError(`${parsed.hostname} is not a valid container metadata service hostname`, {
                tryNextLink: false,
                logger,
            });
        }
        if (!parsed.protocol || !(parsed.protocol in GREENGRASS_PROTOCOLS)) {
            throw new propertyProvider.CredentialsProviderError(`${parsed.protocol} is not a valid container metadata service protocol`, {
                tryNextLink: false,
                logger,
            });
        }
        return {
            ...parsed,
            port: parsed.port ? parseInt(parsed.port, 10) : undefined,
        };
    }
    throw new propertyProvider.CredentialsProviderError("The container metadata credential provider cannot be used unless" +
        ` the ${ENV_CMDS_RELATIVE_URI} or ${ENV_CMDS_FULL_URI} environment` +
        " variable is set", {
        tryNextLink: false,
        logger,
    });
};

class InstanceMetadataV1FallbackError extends propertyProvider.CredentialsProviderError {
    tryNextLink;
    name = "InstanceMetadataV1FallbackError";
    constructor(message, tryNextLink = true) {
        super(message, tryNextLink);
        this.tryNextLink = tryNextLink;
        Object.setPrototypeOf(this, InstanceMetadataV1FallbackError.prototype);
    }
}

exports.yI = void 0;
(function (Endpoint) {
    Endpoint["IPv4"] = "http://169.254.169.254";
    Endpoint["IPv6"] = "http://[fd00:ec2::254]";
})(exports.yI || (exports.yI = {}));

const ENV_ENDPOINT_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT";
const CONFIG_ENDPOINT_NAME = "ec2_metadata_service_endpoint";
const ENDPOINT_CONFIG_OPTIONS = {
    environmentVariableSelector: (env) => env[ENV_ENDPOINT_NAME],
    configFileSelector: (profile) => profile[CONFIG_ENDPOINT_NAME],
    default: undefined,
};

var EndpointMode;
(function (EndpointMode) {
    EndpointMode["IPv4"] = "IPv4";
    EndpointMode["IPv6"] = "IPv6";
})(EndpointMode || (EndpointMode = {}));

const ENV_ENDPOINT_MODE_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE";
const CONFIG_ENDPOINT_MODE_NAME = "ec2_metadata_service_endpoint_mode";
const ENDPOINT_MODE_CONFIG_OPTIONS = {
    environmentVariableSelector: (env) => env[ENV_ENDPOINT_MODE_NAME],
    configFileSelector: (profile) => profile[CONFIG_ENDPOINT_MODE_NAME],
    default: EndpointMode.IPv4,
};

const getInstanceMetadataEndpoint = async () => urlParser.parseUrl((await getFromEndpointConfig()) || (await getFromEndpointModeConfig()));
const getFromEndpointConfig = async () => nodeConfigProvider.loadConfig(ENDPOINT_CONFIG_OPTIONS)();
const getFromEndpointModeConfig = async () => {
    const endpointMode = await nodeConfigProvider.loadConfig(ENDPOINT_MODE_CONFIG_OPTIONS)();
    switch (endpointMode) {
        case EndpointMode.IPv4:
            return exports.yI.IPv4;
        case EndpointMode.IPv6:
            return exports.yI.IPv6;
        default:
            throw new Error(`Unsupported endpoint mode: ${endpointMode}.` + ` Select from ${Object.values(EndpointMode)}`);
    }
};

const STATIC_STABILITY_REFRESH_INTERVAL_SECONDS = 5 * 60;
const STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS = 5 * 60;
const STATIC_STABILITY_DOC_URL = "https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html";
const getExtendedInstanceMetadataCredentials = (credentials, logger) => {
    const refreshInterval = STATIC_STABILITY_REFRESH_INTERVAL_SECONDS +
        Math.floor(Math.random() * STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS);
    const newExpiration = new Date(Date.now() + refreshInterval * 1000);
    logger.warn("Attempting credential expiration extension due to a credential service availability issue. A refresh of these " +
        `credentials will be attempted after ${new Date(newExpiration)}.\nFor more information, please visit: ` +
        STATIC_STABILITY_DOC_URL);
    const originalExpiration = credentials.originalExpiration ?? credentials.expiration;
    return {
        ...credentials,
        ...(originalExpiration ? { originalExpiration } : {}),
        expiration: newExpiration,
    };
};

const staticStabilityProvider = (provider, options = {}) => {
    const logger = options?.logger || console;
    let pastCredentials;
    return async () => {
        let credentials;
        try {
            credentials = await provider();
            if (credentials.expiration && credentials.expiration.getTime() < Date.now()) {
                credentials = getExtendedInstanceMetadataCredentials(credentials, logger);
            }
        }
        catch (e) {
            if (pastCredentials) {
                logger.warn("Credential renew failed: ", e);
                credentials = getExtendedInstanceMetadataCredentials(pastCredentials, logger);
            }
            else {
                throw e;
            }
        }
        pastCredentials = credentials;
        return credentials;
    };
};

const IMDS_PATH = "/latest/meta-data/iam/security-credentials/";
const IMDS_TOKEN_PATH = "/latest/api/token";
const AWS_EC2_METADATA_V1_DISABLED = "AWS_EC2_METADATA_V1_DISABLED";
const PROFILE_AWS_EC2_METADATA_V1_DISABLED = "ec2_metadata_v1_disabled";
const X_AWS_EC2_METADATA_TOKEN = "x-aws-ec2-metadata-token";
const fromInstanceMetadata = (init = {}) => staticStabilityProvider(getInstanceMetadataProvider(init), { logger: init.logger });
const getInstanceMetadataProvider = (init = {}) => {
    let disableFetchToken = false;
    const { logger, profile } = init;
    const { timeout, maxRetries } = providerConfigFromInit(init);
    const getCredentials = async (maxRetries, options) => {
        const isImdsV1Fallback = disableFetchToken || options.headers?.[X_AWS_EC2_METADATA_TOKEN] == null;
        if (isImdsV1Fallback) {
            let fallbackBlockedFromProfile = false;
            let fallbackBlockedFromProcessEnv = false;
            const configValue = await nodeConfigProvider.loadConfig({
                environmentVariableSelector: (env) => {
                    const envValue = env[AWS_EC2_METADATA_V1_DISABLED];
                    fallbackBlockedFromProcessEnv = !!envValue && envValue !== "false";
                    if (envValue === undefined) {
                        throw new propertyProvider.CredentialsProviderError(`${AWS_EC2_METADATA_V1_DISABLED} not set in env, checking config file next.`, { logger: init.logger });
                    }
                    return fallbackBlockedFromProcessEnv;
                },
                configFileSelector: (profile) => {
                    const profileValue = profile[PROFILE_AWS_EC2_METADATA_V1_DISABLED];
                    fallbackBlockedFromProfile = !!profileValue && profileValue !== "false";
                    return fallbackBlockedFromProfile;
                },
                default: false,
            }, {
                profile,
            })();
            if (init.ec2MetadataV1Disabled || configValue) {
                const causes = [];
                if (init.ec2MetadataV1Disabled)
                    causes.push("credential provider initialization (runtime option ec2MetadataV1Disabled)");
                if (fallbackBlockedFromProfile)
                    causes.push(`config file profile (${PROFILE_AWS_EC2_METADATA_V1_DISABLED})`);
                if (fallbackBlockedFromProcessEnv)
                    causes.push(`process environment variable (${AWS_EC2_METADATA_V1_DISABLED})`);
                throw new InstanceMetadataV1FallbackError(`AWS EC2 Metadata v1 fallback has been blocked by AWS SDK configuration in the following: [${causes.join(", ")}].`);
            }
        }
        const imdsProfile = (await retry(async () => {
            let profile;
            try {
                profile = await getProfile(options);
            }
            catch (err) {
                if (err.statusCode === 401) {
                    disableFetchToken = false;
                }
                throw err;
            }
            return profile;
        }, maxRetries)).trim();
        return retry(async () => {
            let creds;
            try {
                creds = await getCredentialsFromProfile(imdsProfile, options, init);
            }
            catch (err) {
                if (err.statusCode === 401) {
                    disableFetchToken = false;
                }
                throw err;
            }
            return creds;
        }, maxRetries);
    };
    return async () => {
        const endpoint = await getInstanceMetadataEndpoint();
        if (disableFetchToken) {
            logger?.debug("AWS SDK Instance Metadata", "using v1 fallback (no token fetch)");
            return getCredentials(maxRetries, { ...endpoint, timeout });
        }
        else {
            let token;
            try {
                token = (await getMetadataToken({ ...endpoint, timeout })).toString();
            }
            catch (error) {
                if (error?.statusCode === 400) {
                    throw Object.assign(error, {
                        message: "EC2 Metadata token request returned error",
                    });
                }
                else if (error.message === "TimeoutError" || [403, 404, 405].includes(error.statusCode)) {
                    disableFetchToken = true;
                }
                logger?.debug("AWS SDK Instance Metadata", "using v1 fallback (initial)");
                return getCredentials(maxRetries, { ...endpoint, timeout });
            }
            return getCredentials(maxRetries, {
                ...endpoint,
                headers: {
                    [X_AWS_EC2_METADATA_TOKEN]: token,
                },
                timeout,
            });
        }
    };
};
const getMetadataToken = async (options) => httpRequest({
    ...options,
    path: IMDS_TOKEN_PATH,
    method: "PUT",
    headers: {
        "x-aws-ec2-metadata-token-ttl-seconds": "21600",
    },
});
const getProfile = async (options) => (await httpRequest({ ...options, path: IMDS_PATH })).toString();
const getCredentialsFromProfile = async (profile, options, init) => {
    const credentialsResponse = JSON.parse((await httpRequest({
        ...options,
        path: IMDS_PATH + profile,
    })).toString());
    if (!isImdsCredentials(credentialsResponse)) {
        throw new propertyProvider.CredentialsProviderError("Invalid response received from instance metadata service.", {
            logger: init.logger,
        });
    }
    return fromImdsCredentials(credentialsResponse);
};

__webpack_unused_export__ = DEFAULT_MAX_RETRIES;
__webpack_unused_export__ = DEFAULT_TIMEOUT;
__webpack_unused_export__ = ENV_CMDS_AUTH_TOKEN;
exports.ENV_CMDS_FULL_URI = ENV_CMDS_FULL_URI;
exports.ENV_CMDS_RELATIVE_URI = ENV_CMDS_RELATIVE_URI;
exports.fromContainerMetadata = fromContainerMetadata;
exports.fromInstanceMetadata = fromInstanceMetadata;
exports.getInstanceMetadataEndpoint = getInstanceMetadataEndpoint;
exports.httpRequest = httpRequest;
__webpack_unused_export__ = providerConfigFromInit;


/***/ })

};

//# sourceMappingURL=566.index.js.map
chore: update generated content Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> 2026-03-01 10:29:20 +00:00			`export const id = 566;`
			`export const ids = [566];`
			`export const modules = {`
chore: update generated content 2026-01-30 14:42:57 +00:00
chore: update generated content 2026-03-03 17:05:14 +00:00			`/***/ 566:`
chore: update generated content 2026-01-30 14:42:57 +00:00			`/***/ ((__unused_webpack_module, exports, __webpack_require__) => {`

			`var __webpack_unused_export__;`


chore: update generated content 2026-03-03 17:05:14 +00:00			`var propertyProvider = __webpack_require__(8857);`
			`var url = __webpack_require__(7016);`
			`var buffer = __webpack_require__(181);`
			`var http = __webpack_require__(8611);`
			`var nodeConfigProvider = __webpack_require__(5704);`
			`var urlParser = __webpack_require__(4494);`
chore: update generated content 2026-01-30 14:42:57 +00:00
			`function httpRequest(options) {`
			`return new Promise((resolve, reject) => {`
			`const req = http.request({`
			`method: "GET",`
			`...options,`
			`hostname: options.hostname?.replace(/^\[(.+)\]$/, "$1"),`
			`});`
			`req.on("error", (err) => {`
			`reject(Object.assign(new propertyProvider.ProviderError("Unable to connect to instance metadata service"), err));`
			`req.destroy();`
			`});`
			`req.on("timeout", () => {`
			`reject(new propertyProvider.ProviderError("TimeoutError from instance metadata service"));`
			`req.destroy();`
			`});`
			`req.on("response", (res) => {`
			`const { statusCode = 400 } = res;`
			`if (statusCode < 200 \|\| 300 <= statusCode) {`
			`reject(Object.assign(new propertyProvider.ProviderError("Error response received from instance metadata service"), { statusCode }));`
			`req.destroy();`
			`}`
			`const chunks = [];`
			`res.on("data", (chunk) => {`
			`chunks.push(chunk);`
			`});`
			`res.on("end", () => {`
			`resolve(buffer.Buffer.concat(chunks));`
			`req.destroy();`
			`});`
			`});`
			`req.end();`
			`});`
			`}`

			`const isImdsCredentials = (arg) => Boolean(arg) &&`
			`typeof arg === "object" &&`
			`typeof arg.AccessKeyId === "string" &&`
			`typeof arg.SecretAccessKey === "string" &&`
			`typeof arg.Token === "string" &&`
			`typeof arg.Expiration === "string";`
			`const fromImdsCredentials = (creds) => ({`
			`accessKeyId: creds.AccessKeyId,`
			`secretAccessKey: creds.SecretAccessKey,`
			`sessionToken: creds.Token,`
			`expiration: new Date(creds.Expiration),`
			`...(creds.AccountId && { accountId: creds.AccountId }),`
			`});`

			`const DEFAULT_TIMEOUT = 1000;`
			`const DEFAULT_MAX_RETRIES = 0;`
			`const providerConfigFromInit = ({ maxRetries = DEFAULT_MAX_RETRIES, timeout = DEFAULT_TIMEOUT, }) => ({ maxRetries, timeout });`

			`const retry = (toRetry, maxRetries) => {`
			`let promise = toRetry();`
			`for (let i = 0; i < maxRetries; i++) {`
			`promise = promise.catch(toRetry);`
			`}`
			`return promise;`
			`};`

			`const ENV_CMDS_FULL_URI = "AWS_CONTAINER_CREDENTIALS_FULL_URI";`
			`const ENV_CMDS_RELATIVE_URI = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI";`
			`const ENV_CMDS_AUTH_TOKEN = "AWS_CONTAINER_AUTHORIZATION_TOKEN";`
			`const fromContainerMetadata = (init = {}) => {`
			`const { timeout, maxRetries } = providerConfigFromInit(init);`
			`return () => retry(async () => {`
			`const requestOptions = await getCmdsUri({ logger: init.logger });`
			`const credsResponse = JSON.parse(await requestFromEcsImds(timeout, requestOptions));`
			`if (!isImdsCredentials(credsResponse)) {`
			`throw new propertyProvider.CredentialsProviderError("Invalid response received from instance metadata service.", {`
			`logger: init.logger,`
			`});`
			`}`
			`return fromImdsCredentials(credsResponse);`
			`}, maxRetries);`
			`};`
			`const requestFromEcsImds = async (timeout, options) => {`
			`if (process.env[ENV_CMDS_AUTH_TOKEN]) {`
			`options.headers = {`
			`...options.headers,`
			`Authorization: process.env[ENV_CMDS_AUTH_TOKEN],`
			`};`
			`}`
			`const buffer = await httpRequest({`
			`...options,`
			`timeout,`
			`});`
			`return buffer.toString();`
			`};`
			`const CMDS_IP = "169.254.170.2";`
			`const GREENGRASS_HOSTS = {`
			`localhost: true,`
			`"127.0.0.1": true,`
			`};`
			`const GREENGRASS_PROTOCOLS = {`
			`"http:": true,`
			`"https:": true,`
			`};`
			`const getCmdsUri = async ({ logger }) => {`
			`if (process.env[ENV_CMDS_RELATIVE_URI]) {`
			`return {`
			`hostname: CMDS_IP,`
			`path: process.env[ENV_CMDS_RELATIVE_URI],`
			`};`
			`}`
			`if (process.env[ENV_CMDS_FULL_URI]) {`
			`const parsed = url.parse(process.env[ENV_CMDS_FULL_URI]);`
			`if (!parsed.hostname \|\| !(parsed.hostname in GREENGRASS_HOSTS)) {`
			throw new propertyProvider.CredentialsProviderError(`${parsed.hostname} is not a valid container metadata service hostname`, {
			`tryNextLink: false,`
			`logger,`
			`});`
			`}`
			`if (!parsed.protocol \|\| !(parsed.protocol in GREENGRASS_PROTOCOLS)) {`
			throw new propertyProvider.CredentialsProviderError(`${parsed.protocol} is not a valid container metadata service protocol`, {
			`tryNextLink: false,`
			`logger,`
			`});`
			`}`
			`return {`
			`...parsed,`
			`port: parsed.port ? parseInt(parsed.port, 10) : undefined,`
			`};`
			`}`
			`throw new propertyProvider.CredentialsProviderError("The container metadata credential provider cannot be used unless" +`
			` the ${ENV_CMDS_RELATIVE_URI} or ${ENV_CMDS_FULL_URI} environment` +
			`" variable is set", {`
			`tryNextLink: false,`
			`logger,`
			`});`
			`};`

			`class InstanceMetadataV1FallbackError extends propertyProvider.CredentialsProviderError {`
			`tryNextLink;`
			`name = "InstanceMetadataV1FallbackError";`
			`constructor(message, tryNextLink = true) {`
			`super(message, tryNextLink);`
			`this.tryNextLink = tryNextLink;`
			`Object.setPrototypeOf(this, InstanceMetadataV1FallbackError.prototype);`
			`}`
			`}`

			`exports.yI = void 0;`
			`(function (Endpoint) {`
			`Endpoint["IPv4"] = "http://169.254.169.254";`
			`Endpoint["IPv6"] = "http://[fd00:ec2::254]";`
			`})(exports.yI \|\| (exports.yI = {}));`

			`const ENV_ENDPOINT_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT";`
			`const CONFIG_ENDPOINT_NAME = "ec2_metadata_service_endpoint";`
			`const ENDPOINT_CONFIG_OPTIONS = {`
			`environmentVariableSelector: (env) => env[ENV_ENDPOINT_NAME],`
			`configFileSelector: (profile) => profile[CONFIG_ENDPOINT_NAME],`
			`default: undefined,`
			`};`

			`var EndpointMode;`
			`(function (EndpointMode) {`
			`EndpointMode["IPv4"] = "IPv4";`
			`EndpointMode["IPv6"] = "IPv6";`
			`})(EndpointMode \|\| (EndpointMode = {}));`

			`const ENV_ENDPOINT_MODE_NAME = "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE";`
			`const CONFIG_ENDPOINT_MODE_NAME = "ec2_metadata_service_endpoint_mode";`
			`const ENDPOINT_MODE_CONFIG_OPTIONS = {`
			`environmentVariableSelector: (env) => env[ENV_ENDPOINT_MODE_NAME],`
			`configFileSelector: (profile) => profile[CONFIG_ENDPOINT_MODE_NAME],`
			`default: EndpointMode.IPv4,`
			`};`

			`const getInstanceMetadataEndpoint = async () => urlParser.parseUrl((await getFromEndpointConfig()) \|\| (await getFromEndpointModeConfig()));`
			`const getFromEndpointConfig = async () => nodeConfigProvider.loadConfig(ENDPOINT_CONFIG_OPTIONS)();`
			`const getFromEndpointModeConfig = async () => {`
			`const endpointMode = await nodeConfigProvider.loadConfig(ENDPOINT_MODE_CONFIG_OPTIONS)();`
			`switch (endpointMode) {`
			`case EndpointMode.IPv4:`
			`return exports.yI.IPv4;`
			`case EndpointMode.IPv6:`
			`return exports.yI.IPv6;`
			`default:`
			throw new Error(`Unsupported endpoint mode: ${endpointMode}.` + ` Select from ${Object.values(EndpointMode)}`);
			`}`
			`};`

			`const STATIC_STABILITY_REFRESH_INTERVAL_SECONDS = 5 * 60;`
			`const STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS = 5 * 60;`
			`const STATIC_STABILITY_DOC_URL = "https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html";`
			`const getExtendedInstanceMetadataCredentials = (credentials, logger) => {`
			`const refreshInterval = STATIC_STABILITY_REFRESH_INTERVAL_SECONDS +`
			`Math.floor(Math.random() * STATIC_STABILITY_REFRESH_INTERVAL_JITTER_WINDOW_SECONDS);`
			`const newExpiration = new Date(Date.now() + refreshInterval * 1000);`
			`logger.warn("Attempting credential expiration extension due to a credential service availability issue. A refresh of these " +`
			`credentials will be attempted after ${new Date(newExpiration)}.\nFor more information, please visit: ` +
			`STATIC_STABILITY_DOC_URL);`
			`const originalExpiration = credentials.originalExpiration ?? credentials.expiration;`
			`return {`
			`...credentials,`
			`...(originalExpiration ? { originalExpiration } : {}),`
			`expiration: newExpiration,`
			`};`
			`};`

			`const staticStabilityProvider = (provider, options = {}) => {`
			`const logger = options?.logger \|\| console;`
			`let pastCredentials;`
			`return async () => {`
			`let credentials;`
			`try {`
			`credentials = await provider();`
			`if (credentials.expiration && credentials.expiration.getTime() < Date.now()) {`
			`credentials = getExtendedInstanceMetadataCredentials(credentials, logger);`
			`}`
			`}`
			`catch (e) {`
			`if (pastCredentials) {`
			`logger.warn("Credential renew failed: ", e);`
			`credentials = getExtendedInstanceMetadataCredentials(pastCredentials, logger);`
			`}`
			`else {`
			`throw e;`
			`}`
			`}`
			`pastCredentials = credentials;`
			`return credentials;`
			`};`
			`};`

			`const IMDS_PATH = "/latest/meta-data/iam/security-credentials/";`
			`const IMDS_TOKEN_PATH = "/latest/api/token";`
			`const AWS_EC2_METADATA_V1_DISABLED = "AWS_EC2_METADATA_V1_DISABLED";`
			`const PROFILE_AWS_EC2_METADATA_V1_DISABLED = "ec2_metadata_v1_disabled";`
			`const X_AWS_EC2_METADATA_TOKEN = "x-aws-ec2-metadata-token";`
			`const fromInstanceMetadata = (init = {}) => staticStabilityProvider(getInstanceMetadataProvider(init), { logger: init.logger });`
			`const getInstanceMetadataProvider = (init = {}) => {`
			`let disableFetchToken = false;`
			`const { logger, profile } = init;`
			`const { timeout, maxRetries } = providerConfigFromInit(init);`
			`const getCredentials = async (maxRetries, options) => {`
			`const isImdsV1Fallback = disableFetchToken \|\| options.headers?.[X_AWS_EC2_METADATA_TOKEN] == null;`
			`if (isImdsV1Fallback) {`
			`let fallbackBlockedFromProfile = false;`
			`let fallbackBlockedFromProcessEnv = false;`
			`const configValue = await nodeConfigProvider.loadConfig({`
			`environmentVariableSelector: (env) => {`
			`const envValue = env[AWS_EC2_METADATA_V1_DISABLED];`
			`fallbackBlockedFromProcessEnv = !!envValue && envValue !== "false";`
			`if (envValue === undefined) {`
			throw new propertyProvider.CredentialsProviderError(`${AWS_EC2_METADATA_V1_DISABLED} not set in env, checking config file next.`, { logger: init.logger });
			`}`
			`return fallbackBlockedFromProcessEnv;`
			`},`
			`configFileSelector: (profile) => {`
			`const profileValue = profile[PROFILE_AWS_EC2_METADATA_V1_DISABLED];`
			`fallbackBlockedFromProfile = !!profileValue && profileValue !== "false";`
			`return fallbackBlockedFromProfile;`
			`},`
			`default: false,`
			`}, {`
			`profile,`
			`})();`
			`if (init.ec2MetadataV1Disabled \|\| configValue) {`
			`const causes = [];`
			`if (init.ec2MetadataV1Disabled)`
			`causes.push("credential provider initialization (runtime option ec2MetadataV1Disabled)");`
			`if (fallbackBlockedFromProfile)`
			causes.push(`config file profile (${PROFILE_AWS_EC2_METADATA_V1_DISABLED})`);
			`if (fallbackBlockedFromProcessEnv)`
			causes.push(`process environment variable (${AWS_EC2_METADATA_V1_DISABLED})`);
			throw new InstanceMetadataV1FallbackError(`AWS EC2 Metadata v1 fallback has been blocked by AWS SDK configuration in the following: [${causes.join(", ")}].`);
			`}`
			`}`
			`const imdsProfile = (await retry(async () => {`
			`let profile;`
			`try {`
			`profile = await getProfile(options);`
			`}`
			`catch (err) {`
			`if (err.statusCode === 401) {`
			`disableFetchToken = false;`
			`}`
			`throw err;`
			`}`
			`return profile;`
			`}, maxRetries)).trim();`
			`return retry(async () => {`
			`let creds;`
			`try {`
			`creds = await getCredentialsFromProfile(imdsProfile, options, init);`
			`}`
			`catch (err) {`
			`if (err.statusCode === 401) {`
			`disableFetchToken = false;`
			`}`
			`throw err;`
			`}`
			`return creds;`
			`}, maxRetries);`
			`};`
			`return async () => {`
			`const endpoint = await getInstanceMetadataEndpoint();`
			`if (disableFetchToken) {`
			`logger?.debug("AWS SDK Instance Metadata", "using v1 fallback (no token fetch)");`
			`return getCredentials(maxRetries, { ...endpoint, timeout });`
			`}`
			`else {`
			`let token;`
			`try {`
			`token = (await getMetadataToken({ ...endpoint, timeout })).toString();`
			`}`
			`catch (error) {`
			`if (error?.statusCode === 400) {`
			`throw Object.assign(error, {`
			`message: "EC2 Metadata token request returned error",`
			`});`
			`}`
			`else if (error.message === "TimeoutError" \|\| [403, 404, 405].includes(error.statusCode)) {`
			`disableFetchToken = true;`
			`}`
			`logger?.debug("AWS SDK Instance Metadata", "using v1 fallback (initial)");`
			`return getCredentials(maxRetries, { ...endpoint, timeout });`
			`}`
			`return getCredentials(maxRetries, {`
			`...endpoint,`
			`headers: {`
			`[X_AWS_EC2_METADATA_TOKEN]: token,`
			`},`
			`timeout,`
			`});`
			`}`
			`};`
			`};`
			`const getMetadataToken = async (options) => httpRequest({`
			`...options,`
			`path: IMDS_TOKEN_PATH,`
			`method: "PUT",`
			`headers: {`
			`"x-aws-ec2-metadata-token-ttl-seconds": "21600",`
			`},`
			`});`
			`const getProfile = async (options) => (await httpRequest({ ...options, path: IMDS_PATH })).toString();`
			`const getCredentialsFromProfile = async (profile, options, init) => {`
			`const credentialsResponse = JSON.parse((await httpRequest({`
			`...options,`
			`path: IMDS_PATH + profile,`
			`})).toString());`
			`if (!isImdsCredentials(credentialsResponse)) {`
			`throw new propertyProvider.CredentialsProviderError("Invalid response received from instance metadata service.", {`
			`logger: init.logger,`
			`});`
			`}`
			`return fromImdsCredentials(credentialsResponse);`
			`};`

			`__webpack_unused_export__ = DEFAULT_MAX_RETRIES;`
			`__webpack_unused_export__ = DEFAULT_TIMEOUT;`
			`__webpack_unused_export__ = ENV_CMDS_AUTH_TOKEN;`
			`exports.ENV_CMDS_FULL_URI = ENV_CMDS_FULL_URI;`
			`exports.ENV_CMDS_RELATIVE_URI = ENV_CMDS_RELATIVE_URI;`
			`exports.fromContainerMetadata = fromContainerMetadata;`
			`exports.fromInstanceMetadata = fromInstanceMetadata;`
			`exports.getInstanceMetadataEndpoint = getInstanceMetadataEndpoint;`
			`exports.httpRequest = httpRequest;`
			`__webpack_unused_export__ = providerConfigFromInit;`


			`/***/ })`

			`};`
chore: update generated content Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> 2026-03-01 10:29:20 +00:00
chore: update generated content 2026-01-30 14:42:57 +00:00			`//# sourceMappingURL=566.index.js.map`