DMleadgen
46d973904b
Next.js website for Rocky Mountain Vending company featuring: - Product catalog with Stripe integration - Service areas and parts pages - Admin dashboard with Clerk authentication - SEO optimized pages with JSON-LD structured data Co-authored-by: Cursor <cursoragent@cursor.com>
83 lines
3.8 KiB
Text
83 lines
3.8 KiB
Text
import { CredentialsProviderError } from "@smithy/property-provider";
|
|
import { getProfileName, loadSsoSessionData, parseKnownFiles } from "@smithy/shared-ini-file-loader";
|
|
import { isSsoProfile } from "./isSsoProfile";
|
|
import { resolveSSOCredentials } from "./resolveSSOCredentials";
|
|
import { validateSsoProfile } from "./validateSsoProfile";
|
|
export const fromSSO = (init = {}) => async ({ callerClientConfig } = {}) => {
|
|
init.logger?.debug("@aws-sdk/credential-provider-sso - fromSSO");
|
|
const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoSession } = init;
|
|
const { ssoClient } = init;
|
|
const profileName = getProfileName({
|
|
profile: init.profile ?? callerClientConfig?.profile,
|
|
});
|
|
if (!ssoStartUrl && !ssoAccountId && !ssoRegion && !ssoRoleName && !ssoSession) {
|
|
const profiles = await parseKnownFiles(init);
|
|
const profile = profiles[profileName];
|
|
if (!profile) {
|
|
throw new CredentialsProviderError(`Profile ${profileName} was not found.`, { logger: init.logger });
|
|
}
|
|
if (!isSsoProfile(profile)) {
|
|
throw new CredentialsProviderError(`Profile ${profileName} is not configured with SSO credentials.`, {
|
|
logger: init.logger,
|
|
});
|
|
}
|
|
if (profile?.sso_session) {
|
|
const ssoSessions = await loadSsoSessionData(init);
|
|
const session = ssoSessions[profile.sso_session];
|
|
const conflictMsg = ` configurations in profile ${profileName} and sso-session ${profile.sso_session}`;
|
|
if (ssoRegion && ssoRegion !== session.sso_region) {
|
|
throw new CredentialsProviderError(`Conflicting SSO region` + conflictMsg, {
|
|
tryNextLink: false,
|
|
logger: init.logger,
|
|
});
|
|
}
|
|
if (ssoStartUrl && ssoStartUrl !== session.sso_start_url) {
|
|
throw new CredentialsProviderError(`Conflicting SSO start_url` + conflictMsg, {
|
|
tryNextLink: false,
|
|
logger: init.logger,
|
|
});
|
|
}
|
|
profile.sso_region = session.sso_region;
|
|
profile.sso_start_url = session.sso_start_url;
|
|
}
|
|
const { sso_start_url, sso_account_id, sso_region, sso_role_name, sso_session } = validateSsoProfile(profile, init.logger);
|
|
return resolveSSOCredentials({
|
|
ssoStartUrl: sso_start_url,
|
|
ssoSession: sso_session,
|
|
ssoAccountId: sso_account_id,
|
|
ssoRegion: sso_region,
|
|
ssoRoleName: sso_role_name,
|
|
ssoClient: ssoClient,
|
|
clientConfig: init.clientConfig,
|
|
parentClientConfig: init.parentClientConfig,
|
|
callerClientConfig: init.callerClientConfig,
|
|
profile: profileName,
|
|
filepath: init.filepath,
|
|
configFilepath: init.configFilepath,
|
|
ignoreCache: init.ignoreCache,
|
|
logger: init.logger,
|
|
});
|
|
}
|
|
else if (!ssoStartUrl || !ssoAccountId || !ssoRegion || !ssoRoleName) {
|
|
throw new CredentialsProviderError("Incomplete configuration. The fromSSO() argument hash must include " +
|
|
'"ssoStartUrl", "ssoAccountId", "ssoRegion", "ssoRoleName"', { tryNextLink: false, logger: init.logger });
|
|
}
|
|
else {
|
|
return resolveSSOCredentials({
|
|
ssoStartUrl,
|
|
ssoSession,
|
|
ssoAccountId,
|
|
ssoRegion,
|
|
ssoRoleName,
|
|
ssoClient,
|
|
clientConfig: init.clientConfig,
|
|
parentClientConfig: init.parentClientConfig,
|
|
callerClientConfig: init.callerClientConfig,
|
|
profile: profileName,
|
|
filepath: init.filepath,
|
|
configFilepath: init.configFilepath,
|
|
ignoreCache: init.ignoreCache,
|
|
logger: init.logger,
|
|
});
|
|
}
|
|
};
|