From 91893d9cdb23aafaa5357cb664d39a2b6b49b437 Mon Sep 17 00:00:00 2001 From: oleiade Date: Tue, 15 Aug 2023 11:09:52 +0200 Subject: [PATCH 1/2] Re-export AWSConfig from the signature bundle --- examples/signature-sign.js | 2 +- src/signature.ts | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/examples/signature-sign.js b/examples/signature-sign.js index f4e734f..cd40260 100644 --- a/examples/signature-sign.js +++ b/examples/signature-sign.js @@ -1,6 +1,6 @@ import http from 'k6/http' -import { AWSConfig, SignatureV4 } from '../build/aws.js' +import { AWSConfig, SignatureV4 } from '../build/signature.js' const awsConfig = new AWSConfig({ region: __ENV.AWS_REGION, diff --git a/src/signature.ts b/src/signature.ts index c9bd5fb..2d2b885 100644 --- a/src/signature.ts +++ b/src/signature.ts @@ -14,4 +14,6 @@ export { SIGNING_ALGORITHM_IDENTIFIER, UNSIGNED_PAYLOAD, } from './internal/constants' +export { AWSConfig, InvalidAWSConfigError } from './internal/config' +export { InvalidSignatureError } from './internal/signature' export { SignatureV4 } from './internal/signature' From 8ef0df112f5d094e8d01792250a12c4c1200bede Mon Sep 17 00:00:00 2001 From: oleiade Date: Tue, 15 Aug 2023 11:10:13 +0200 Subject: [PATCH 2/2] Update build files --- build/signature.js | 2 +- build/signature.js.map | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/build/signature.js b/build/signature.js index 4e55db8..46f7d0e 100644 --- a/build/signature.js +++ b/build/signature.js @@ -1,2 +1,2 @@ -(()=>{"use strict";var e={n:t=>{var r=t&&t.__esModule?()=>t.default:()=>t;return e.d(r,{a:r}),r},d:(t,r)=>{for(var n in r)e.o(r,n)&&!e.o(t,n)&&Object.defineProperty(t,n,{enumerable:!0,get:r[n]})},o:(e,t)=>Object.prototype.hasOwnProperty.call(e,t),r:e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})}},t={};e.r(t),e.d(t,{AMZ_ALGORITHM_QUERY_PARAM:()=>r,AMZ_CONTENT_SHA256_HEADER:()=>s,AMZ_CREDENTIAL_QUERY_PARAM:()=>n,AMZ_DATE_HEADER:()=>l,AMZ_DATE_QUERY_PARAM:()=>o,AMZ_EXPIRES_QUERY_PARAM:()=>a,AMZ_SIGNATURE_QUERY_PARAM:()=>i,AMZ_SIGNED_HEADERS_QUERY_PARAM:()=>c,AMZ_TOKEN_QUERY_PARAM:()=>u,AUTHORIZATION_HEADER:()=>p,HOST_HEADER:()=>d,SIGNING_ALGORITHM_IDENTIFIER:()=>g,SignatureV4:()=>G,UNSIGNED_PAYLOAD:()=>m});var r="X-Amz-Algorithm",n="X-Amz-Credential",o="X-Amz-Date",a="X-Amz-Expires",i="X-Amz-Signature",c="X-Amz-SignedHeaders",u="X-Amz-Security-Token",s="x-amz-content-sha256",l=o.toLowerCase(),f=i.toLowerCase(),y=("X-Amz-Target".toLowerCase(),u.toLowerCase()),p="authorization",h=[p,l,"date"],d="host",b={authorization:!0,"cache-control":!0,connection:!0,expect:!0,from:!0,"keep-alive":!0,"max-forwards":!0,pragma:!0,referer:!0,te:!0,trailer:!0,"transfer-encoding":!0,upgrade:!0,"user-agent":!0,"x-amzn-trace-id":!0},v="aws4_request",g="AWS4-HMAC-SHA256",m="UNSIGNED-PAYLOAD";const O=require("k6/crypto");var w=e.n(O);const S=require("k6/html");function A(e){return A="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},A(e)}function j(e,t){for(var r=0;r=e.length?{done:!0}:{done:!1,value:e[n++]}},e:function(e){throw e},f:o}}throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}var a,i=!0,c=!1;return{s:function(){r=r.call(e)},n:function(){var e=r.next();return i=e.done,e},e:function(e){c=!0,a=e},f:function(){try{i||null==r.return||r.return()}finally{if(c)throw a}}}}function N(e,t){(null==t||t>e.length)&&(t=e.length);for(var r=0,n=new Array(t);r1&&void 0!==arguments[1]?arguments[1]:{},r=z(z({},{signingDate:new Date,unsignableHeaders:new Set,signableHeaders:new Set}),t),n=F(r.signingDate),o=n.longDate,a=n.shortDate,i=r.signingService||this.service,c=r.signingRegion||this.region,u="".concat(a,"/").concat(c,"/").concat(i,"/").concat(v);e.headers[d]=e.hostname;for(var f=0,b=Object.keys(e.headers);f-1&&delete e.headers[m]}e.headers[l]=o,this.credentials.sessionToken&&(e.headers[y]=this.credentials.sessionToken),ArrayBuffer.isView(e.body)&&(e.body=e.body.buffer),e.body||(e.body="");var O=this.computePayloadHash(e);!function(e,t){e=e.toLowerCase();for(var r=0,n=Object.keys(t);r1&&void 0!==arguments[1]?arguments[1]:{},s=t.signingDate,l=void 0===s?new Date:s,f=t.expiresIn,y=void 0===f?3600:f,p=t.unsignableHeaders,h=t.unhoistableHeaders,b=t.signableHeaders,m=t.signingRegion,O=t.signingService,w=F(l),S=w.longDate,A=w.shortDate,j=m||this.region,_=O||this.service;if(y>604800)throw new K("Signature version 4 presigned URLs can't be valid for more than 7 days");var P="".concat(A,"/").concat(j,"/").concat(_,"/").concat(v),E=this.moveHeadersToQuery(e,{unhoistableHeaders:h});E.headers[d]=e.hostname,this.credentials.sessionToken&&(E.query[u]=this.credentials.sessionToken),E.query[r]=g,E.query[n]="".concat(this.credentials.accessKeyId,"/").concat(P),E.query[o]=S,E.query[a]=y.toString(10);var R=this.computeCanonicalHeaders(E,p,b);E.query[c]=Object.keys(R).sort().join(";");var C=this.deriveSigningKey(this.credentials,_,j,A),k=this.computePayloadHash(e),T=this.createCanonicalRequest(E,R,k);E.query[i]=this.calculateSignature(S,P,C,T);var D="".concat(E.protocol,"://").concat(E.hostname);return E.path&&(D+=E.path),E.query&&(D+="?".concat(this.serializeQueryParameters(E.query))),z({url:D},E)}},{key:"createCanonicalRequest",value:function(e,t,r){var n=Object.keys(t).sort(),o=n.map((function(e){return"".concat(e,":").concat(t[e])})).join("\n"),a=n.join(";");return"".concat(e.method,"\n")+"".concat(this.computeCanonicalURI(e),"\n")+"".concat(this.computeCanonicalQuerystring(e),"\n")+"".concat(o,"\n\n")+"".concat(a,"\n")+"".concat(r)}},{key:"createStringToSign",value:function(e,t,r){var n=w().sha256(r,"hex");return"".concat(g,"\n")+"".concat(e,"\n")+"".concat(t,"\n")+"".concat(n)}},{key:"calculateSignature",value:function(e,t,r,n){var o=this.createStringToSign(e,t,n);return w().hmac("sha256",r,o,"hex")}},{key:"deriveSigningKey",value:function(e,t,r,n){var o=e.secretAccessKey,a=w().hmac("sha256","AWS4"+o,n,"binary"),i=w().hmac("sha256",a,r,"binary"),c=w().hmac("sha256",i,t,"binary");return w().hmac("sha256",c,"aws4_request","binary")}},{key:"computeCanonicalURI",value:function(e){var t=e.path;if(this.uriEscapePath){var r,n=[],o=L(t.split("/"));try{for(o.s();!(r=o.n()).done;){var a=r.value;0!==(null==a?void 0:a.length)&&("."!==a&&(".."===a?n.pop():n.push(a)))}}catch(e){o.e(e)}finally{o.f()}var i=null!=t&&t.startsWith("/")?"/":"",c=n.join("/"),u=n.length>0&&null!=t&&t.endsWith("/")?"/":"",s="".concat(i).concat(c).concat(u);return encodeURIComponent(s).replace(/%2F/g,"/")}return t}},{key:"computeCanonicalQuerystring",value:function(e){var t,r=e.query,n=void 0===r?{}:r,o=[],a={},i=function(e){if(e.toLowerCase()===f)return"continue";o.push(e);var t=n[e];"string"==typeof t?a[e]="".concat(W(e),"=").concat(W(t)):Array.isArray(t)&&(a[e]=t.slice(0).sort().reduce((function(t,r){return t.concat(["".concat(W(e),"=").concat(W(r))])}),[]).join("&"))},c=L(Object.keys(n).sort());try{for(c.s();!(t=c.n()).done;)i(t.value)}catch(e){c.e(e)}finally{c.f()}return o.map((function(e){return a[e]})).filter((function(e){return e})).join("&")}},{key:"computeCanonicalHeaders",value:function(e,t,r){var n,o=e.headers,a={},i=L(Object.keys(o).sort());try{for(i.s();!(n=i.n()).done;){var c=n.value;if(null!=o[c]){var u=c.toLowerCase();(u in b||null!=t&&t.has(u))&&(!r||r&&!r.has(u))||(a[u]=o[c].trim().replace(/\s+/g," "))}}}catch(e){i.e(e)}finally{i.f()}return a}},{key:"computePayloadHash",value:function(e){var t,r=e.headers,n=e.body;return r[s]?r[s]:null==n?"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"string"==typeof n||(t=n,"function"==typeof ArrayBuffer&&(t instanceof ArrayBuffer||"[object ArrayBuffer]"===Object.prototype.toString.call(t)))?w().sha256(n,"hex").toLowerCase():ArrayBuffer.isView(n)?w().sha256(n.buffer,"hex").toLowerCase():m}},{key:"moveHeadersToQuery",value:function(e){for(var t=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{},r=JSON.parse(JSON.stringify(e)),n=r.headers,o=r.query,a=void 0===o?{}:o,i=0,c=Object.keys(n);i{"use strict";var e={n:t=>{var r=t&&t.__esModule?()=>t.default:()=>t;return e.d(r,{a:r}),r},d:(t,r)=>{for(var n in r)e.o(r,n)&&!e.o(t,n)&&Object.defineProperty(t,n,{enumerable:!0,get:r[n]})},o:(e,t)=>Object.prototype.hasOwnProperty.call(e,t),r:e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})}},t={};e.r(t),e.d(t,{AMZ_ALGORITHM_QUERY_PARAM:()=>r,AMZ_CONTENT_SHA256_HEADER:()=>s,AMZ_CREDENTIAL_QUERY_PARAM:()=>n,AMZ_DATE_HEADER:()=>l,AMZ_DATE_QUERY_PARAM:()=>o,AMZ_EXPIRES_QUERY_PARAM:()=>i,AMZ_SIGNATURE_QUERY_PARAM:()=>c,AMZ_SIGNED_HEADERS_QUERY_PARAM:()=>a,AMZ_TOKEN_QUERY_PARAM:()=>u,AUTHORIZATION_HEADER:()=>p,AWSConfig:()=>I,HOST_HEADER:()=>d,InvalidAWSConfigError:()=>D,InvalidSignatureError:()=>ue,SIGNING_ALGORITHM_IDENTIFIER:()=>g,SignatureV4:()=>ae,UNSIGNED_PAYLOAD:()=>m});var r="X-Amz-Algorithm",n="X-Amz-Credential",o="X-Amz-Date",i="X-Amz-Expires",c="X-Amz-Signature",a="X-Amz-SignedHeaders",u="X-Amz-Security-Token",s="x-amz-content-sha256",l=o.toLowerCase(),f=c.toLowerCase(),y=("X-Amz-Target".toLowerCase(),u.toLowerCase()),p="authorization",h=[p,l,"date"],d="host",b={authorization:!0,"cache-control":!0,connection:!0,expect:!0,from:!0,"keep-alive":!0,"max-forwards":!0,pragma:!0,referer:!0,te:!0,trailer:!0,"transfer-encoding":!0,upgrade:!0,"user-agent":!0,"x-amzn-trace-id":!0},v="aws4_request",g="AWS4-HMAC-SHA256",m="UNSIGNED-PAYLOAD";function w(e){return w="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},w(e)}function S(e){var t=j();return function(){var r,n=E(e);if(t){var o=E(this).constructor;r=Reflect.construct(n,arguments,o)}else r=n.apply(this,arguments);return function(e,t){if(t&&("object"===w(t)||"function"==typeof t))return t;if(void 0!==t)throw new TypeError("Derived constructors may only return object or undefined");return function(e){if(void 0===e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return e}(e)}(this,r)}}function O(e){var t="function"==typeof Map?new Map:void 0;return O=function(e){if(null===e||(r=e,-1===Function.toString.call(r).indexOf("[native code]")))return e;var r;if("function"!=typeof e)throw new TypeError("Super expression must either be null or a function");if(void 0!==t){if(t.has(e))return t.get(e);t.set(e,n)}function n(){return A(e,arguments,E(this).constructor)}return n.prototype=Object.create(e.prototype,{constructor:{value:n,enumerable:!1,writable:!0,configurable:!0}}),_(n,e)},O(e)}function A(e,t,r){return A=j()?Reflect.construct.bind():function(e,t,r){var n=[null];n.push.apply(n,t);var o=new(Function.bind.apply(e,n));return r&&_(o,r.prototype),o},A.apply(null,arguments)}function j(){if("undefined"==typeof Reflect||!Reflect.construct)return!1;if(Reflect.construct.sham)return!1;if("function"==typeof Proxy)return!0;try{return Boolean.prototype.valueOf.call(Reflect.construct(Boolean,[],(function(){}))),!0}catch(e){return!1}}function _(e,t){return _=Object.setPrototypeOf?Object.setPrototypeOf.bind():function(e,t){return e.__proto__=t,e},_(e,t)}function E(e){return E=Object.setPrototypeOf?Object.getPrototypeOf.bind():function(e){return e.__proto__||Object.getPrototypeOf(e)},E(e)}function P(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}function R(e,t){for(var r=0;r128)throw new D("invalid AWS access key ID; reason: size should be between 16 and 128 characters, got ".concat(t.accessKeyId.length));if(!t.secretAccessKey||""===t.secretAccessKey)throw new D("invalid AWS secret access key; reason: expected a non empty string, got `".concat(t.secretAccessKey,"`"));if(t.secretAccessKey.length<16||t.secretAccessKey.length>128)throw new D("invalid AWS secret access key; reason: size should be between 16 and 128 characters, got ".concat(t.secretAccessKey.length));this.region=t.region,this.accessKeyId=t.accessKeyId,this.secretAccessKey=t.secretAccessKey,void 0!==t.sessionToken&&(this.sessionToken=t.sessionToken),void 0!==t.scheme&&(this.scheme=t.scheme),void 0!==t.endpoint&&(this.endpoint=t.endpoint)}return k(e,null,[{key:"fromEnvironment",value:function(t){return new e({region:__ENV.AWS_REGION,accessKeyId:__ENV.AWS_ACCESS_KEY_ID,secretAccessKey:__ENV.AWS_SECRET_ACCESS_KEY,sessionToken:__ENV.AWS_SESSION_TOKEN,scheme:null==t?void 0:t.scheme,endpoint:null==t?void 0:t.endpoint})}}]),e}(),D=function(e){!function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Super expression must either be null or a function");e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,writable:!0,configurable:!0}}),Object.defineProperty(e,"prototype",{writable:!1}),t&&_(e,t)}(r,e);var t=S(r);function r(e){return P(this,r),t.call(this,e)}return k(r)}(O(Error));const H=require("k6/crypto");var M=e.n(H);const K=require("k6/html");function x(e){return x="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},x(e)}function N(e,t){for(var r=0;r=e.length?{done:!0}:{done:!1,value:e[n++]}},e:function(e){throw e},f:o}}throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}var i,c=!0,a=!1;return{s:function(){r=r.call(e)},n:function(){var e=r.next();return c=e.done,e},e:function(e){a=!0,i=e},f:function(){try{c||null==r.return||r.return()}finally{if(a)throw i}}}}function $(e,t){(null==t||t>e.length)&&(t=e.length);for(var r=0,n=new Array(t);r1&&void 0!==arguments[1]?arguments[1]:{},r=te(te({},{signingDate:new Date,unsignableHeaders:new Set,signableHeaders:new Set}),t),n=le(r.signingDate),o=n.longDate,i=n.shortDate,c=r.signingService||this.service,a=r.signingRegion||this.region,u="".concat(i,"/").concat(a,"/").concat(c,"/").concat(v);e.headers[d]=e.hostname;for(var f=0,b=Object.keys(e.headers);f-1&&delete e.headers[m]}e.headers[l]=o,this.credentials.sessionToken&&(e.headers[y]=this.credentials.sessionToken),ArrayBuffer.isView(e.body)&&(e.body=e.body.buffer),e.body||(e.body="");var w=this.computePayloadHash(e);!function(e,t){e=e.toLowerCase();for(var r=0,n=Object.keys(t);r1&&void 0!==arguments[1]?arguments[1]:{},s=t.signingDate,l=void 0===s?new Date:s,f=t.expiresIn,y=void 0===f?3600:f,p=t.unsignableHeaders,h=t.unhoistableHeaders,b=t.signableHeaders,m=t.signingRegion,w=t.signingService,S=le(l),O=S.longDate,A=S.shortDate,j=m||this.region,_=w||this.service;if(y>604800)throw new ue("Signature version 4 presigned URLs can't be valid for more than 7 days");var E="".concat(A,"/").concat(j,"/").concat(_,"/").concat(v),P=this.moveHeadersToQuery(e,{unhoistableHeaders:h});P.headers[d]=e.hostname,this.credentials.sessionToken&&(P.query[u]=this.credentials.sessionToken),P.query[r]=g,P.query[n]="".concat(this.credentials.accessKeyId,"/").concat(E),P.query[o]=O,P.query[i]=y.toString(10);var R=this.computeCanonicalHeaders(P,p,b);P.query[a]=Object.keys(R).sort().join(";");var k=this.deriveSigningKey(this.credentials,_,j,A),C=this.computePayloadHash(e),T=this.createCanonicalRequest(P,R,C);P.query[c]=this.calculateSignature(O,E,k,T);var I="".concat(P.protocol,"://").concat(P.hostname);return P.path&&(I+=P.path),P.query&&(I+="?".concat(this.serializeQueryParameters(P.query))),te({url:I},P)}},{key:"createCanonicalRequest",value:function(e,t,r){var n=Object.keys(t).sort(),o=n.map((function(e){return"".concat(e,":").concat(t[e])})).join("\n"),i=n.join(";");return"".concat(e.method,"\n")+"".concat(this.computeCanonicalURI(e),"\n")+"".concat(this.computeCanonicalQuerystring(e),"\n")+"".concat(o,"\n\n")+"".concat(i,"\n")+"".concat(r)}},{key:"createStringToSign",value:function(e,t,r){var n=M().sha256(r,"hex");return"".concat(g,"\n")+"".concat(e,"\n")+"".concat(t,"\n")+"".concat(n)}},{key:"calculateSignature",value:function(e,t,r,n){var o=this.createStringToSign(e,t,n);return M().hmac("sha256",r,o,"hex")}},{key:"deriveSigningKey",value:function(e,t,r,n){var o=e.secretAccessKey,i=M().hmac("sha256","AWS4"+o,n,"binary"),c=M().hmac("sha256",i,r,"binary"),a=M().hmac("sha256",c,t,"binary");return M().hmac("sha256",a,"aws4_request","binary")}},{key:"computeCanonicalURI",value:function(e){var t=e.path;if(this.uriEscapePath){var r,n=[],o=J(t.split("/"));try{for(o.s();!(r=o.n()).done;){var i=r.value;0!==(null==i?void 0:i.length)&&("."!==i&&(".."===i?n.pop():n.push(i)))}}catch(e){o.e(e)}finally{o.f()}var c=null!=t&&t.startsWith("/")?"/":"",a=n.join("/"),u=n.length>0&&null!=t&&t.endsWith("/")?"/":"",s="".concat(c).concat(a).concat(u);return encodeURIComponent(s).replace(/%2F/g,"/")}return t}},{key:"computeCanonicalQuerystring",value:function(e){var t,r=e.query,n=void 0===r?{}:r,o=[],i={},c=function(e){if(e.toLowerCase()===f)return"continue";o.push(e);var t=n[e];"string"==typeof t?i[e]="".concat(se(e),"=").concat(se(t)):Array.isArray(t)&&(i[e]=t.slice(0).sort().reduce((function(t,r){return t.concat(["".concat(se(e),"=").concat(se(r))])}),[]).join("&"))},a=J(Object.keys(n).sort());try{for(a.s();!(t=a.n()).done;)c(t.value)}catch(e){a.e(e)}finally{a.f()}return o.map((function(e){return i[e]})).filter((function(e){return e})).join("&")}},{key:"computeCanonicalHeaders",value:function(e,t,r){var n,o=e.headers,i={},c=J(Object.keys(o).sort());try{for(c.s();!(n=c.n()).done;){var a=n.value;if(null!=o[a]){var u=a.toLowerCase();(u in b||null!=t&&t.has(u))&&(!r||r&&!r.has(u))||(i[u]=o[a].trim().replace(/\s+/g," "))}}}catch(e){c.e(e)}finally{c.f()}return i}},{key:"computePayloadHash",value:function(e){var t,r=e.headers,n=e.body;return r[s]?r[s]:null==n?"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"string"==typeof n||(t=n,"function"==typeof ArrayBuffer&&(t instanceof ArrayBuffer||"[object ArrayBuffer]"===Object.prototype.toString.call(t)))?M().sha256(n,"hex").toLowerCase():ArrayBuffer.isView(n)?M().sha256(n.buffer,"hex").toLowerCase():m}},{key:"moveHeadersToQuery",value:function(e){for(var t=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{},r=JSON.parse(JSON.stringify(e)),n=r.headers,o=r.query,i=void 0===o?{}:o,c=0,a=Object.keys(n);c {\n\tvar getter = module && module.__esModule ?\n\t\t() => (module['default']) :\n\t\t() => (module);\n\t__webpack_require__.d(getter, { a: getter });\n\treturn getter;\n};","// define getter functions for harmony exports\n__webpack_require__.d = (exports, definition) => {\n\tfor(var key in definition) {\n\t\tif(__webpack_require__.o(definition, key) && !__webpack_require__.o(exports, key)) {\n\t\t\tObject.defineProperty(exports, key, { enumerable: true, get: definition[key] });\n\t\t}\n\t}\n};","__webpack_require__.o = (obj, prop) => (Object.prototype.hasOwnProperty.call(obj, prop))","// define __esModule on exports\n__webpack_require__.r = (exports) => {\n\tif(typeof Symbol !== 'undefined' && Symbol.toStringTag) {\n\t\tObject.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });\n\t}\n\tObject.defineProperty(exports, '__esModule', { value: true });\n};","/**\n * Standard Amazon AWS query parameter names\n */\nexport const AMZ_ALGORITHM_QUERY_PARAM = 'X-Amz-Algorithm'\nexport const AMZ_CREDENTIAL_QUERY_PARAM = 'X-Amz-Credential'\nexport const AMZ_DATE_QUERY_PARAM = 'X-Amz-Date'\nexport const AMZ_EXPIRES_QUERY_PARAM = 'X-Amz-Expires'\nexport const AMZ_SIGNATURE_QUERY_PARAM = 'X-Amz-Signature'\nexport const AMZ_SIGNED_HEADERS_QUERY_PARAM = 'X-Amz-SignedHeaders'\nexport const AMZ_TARGET_QUERY_PARAM = 'X-Amz-Target'\nexport const AMZ_TOKEN_QUERY_PARAM = 'X-Amz-Security-Token'\n\n/**\n * Standard Amazon AWS header names\n */\nexport const AMZ_CONTENT_SHA256_HEADER = 'x-amz-content-sha256'\nexport const AMZ_DATE_HEADER = AMZ_DATE_QUERY_PARAM.toLowerCase()\nexport const AMZ_SIGNATURE_HEADER = AMZ_SIGNATURE_QUERY_PARAM.toLowerCase()\nexport const AMZ_TARGET_HEADER = AMZ_TARGET_QUERY_PARAM.toLowerCase()\nexport const AMZ_TOKEN_HEADER = AMZ_TOKEN_QUERY_PARAM.toLowerCase()\n\n/**\n * Common HTTP headers we rely on in the signing process\n */\nexport const AUTHORIZATION_HEADER = 'authorization'\nexport const DATE_HEADER = 'date'\n\n/**\n * Lists the headers that are generated as part of the signature process.\n */\nexport const GENERATED_HEADERS = [AUTHORIZATION_HEADER, AMZ_DATE_HEADER, DATE_HEADER]\nexport const HOST_HEADER = 'host'\n\n/**\n * Lists the headers that should never be included in the\n * request signature signature process.\n */\nexport const ALWAYS_UNSIGNABLE_HEADERS = {\n authorization: true,\n 'cache-control': true,\n connection: true,\n expect: true,\n from: true,\n 'keep-alive': true,\n 'max-forwards': true,\n pragma: true,\n referer: true,\n te: true,\n trailer: true,\n 'transfer-encoding': true,\n upgrade: true,\n 'user-agent': true,\n 'x-amzn-trace-id': true,\n}\n\n/**\n * Signature specific constants included in the signing process\n */\nexport const KEY_TYPE_IDENTIFIER = 'aws4_request'\nexport const SIGNING_ALGORITHM_IDENTIFIER = 'AWS4-HMAC-SHA256'\n\n/**\n * Maximum time to live of a signed request in seconds: 7 days.\n */\nexport const MAX_PRESIGNED_TTL = 60 * 60 * 24 * 7\n\n/**\n * SHA256 hash of an empty string (so we don't waste cycles recomputing it)\n */\nexport const EMPTY_SHA256 = 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855'\n\n/**\n * SHA256 hash of the unsigned payload constant (so we don't waste cycles recomputing it)\n */\nexport const UNSIGNED_PAYLOAD_SHA256 =\n '5a41b0751e4537c6ff868564ab44a4d4ecceec2ec5b1c5f74d97422968e04237'\n\nexport const UNSIGNED_PAYLOAD = 'UNSIGNED-PAYLOAD'\n","const __WEBPACK_NAMESPACE_OBJECT__ = require(\"k6/crypto\");","const __WEBPACK_NAMESPACE_OBJECT__ = require(\"k6/html\");","import { parseHTML } from 'k6/html'\n\n/**\n * Base class to derive errors from\n *\n * Inspired from AWS official error types, as\n * described in:\n * * https://aws.amazon.com/blogs/developer/service-error-handling-modular-aws-sdk-js/\n * * https://github.com/aws/aws-sdk-js/blob/master/lib/error.d.ts\n */\nexport class AWSError extends Error {\n /**\n * Error code issued by the service (if any)\n */\n code?: string\n\n /**\n * Create an AWSError\n *\n * @param {string} message - A longer human readable error message.\n * @param {string?} code - A unique short code representing the error that was emitted\n */\n constructor(message: string, code?: string) {\n super(message)\n this.name = 'AWSError'\n this.code = code\n }\n\n /**\n * Parse an AWSError from an XML document\n *\n * @param {string} xmlDocument - Serialized XML document to parse the error from\n */\n static parseXML(xmlDocument: string): AWSError {\n const doc = parseHTML(xmlDocument)\n return new AWSError(doc.find('Message').text(), doc.find('Code').text())\n }\n}\n","import crypto from 'k6/crypto'\n\nimport * as constants from './constants'\nimport { AWSError } from './error'\nimport { hasHeader, HTTPHeaderBag, HTTPRequest, QueryParameterBag, SignedHTTPRequest } from './http'\nimport { isArrayBuffer } from './utils'\n\n/**\n * SignatureV4 can be used to sign HTTP requests and presign URLs using the AWS Signature\n * Version 4 signing process.\n *\n * It offers two signing methods:\n * - sign: signs the request headers and payload\n * - presign: returns a presigned (authorization information contained in the query string) URL\n *\n * @see https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html\n */\nexport class SignatureV4 {\n /**\n * The name of the service to sign for.\n */\n private readonly service: string\n\n /**\n * The name of the region to sign for.\n */\n private readonly region: string\n\n /**\n * The credentials with which the request should be signed.\n */\n private readonly credentials: Credentials\n\n /**\n * Whether to uri-escape the request URI path as part of computing the\n * canonical request string. This is required for every AWS service, except\n * Amazon S3, as of late 2017.\n *\n * @default [true]\n */\n private readonly uriEscapePath: boolean\n\n /**\n * Whether to calculate a checksum of the request body and include it as\n * either a request header (when signing) or as a query string parameter\n * (when presigning). This is required for AWS Glacier and Amazon S3 and optional for\n * every other AWS service as of late 2017.\n *\n * @default [true]\n */\n private readonly applyChecksum: boolean\n\n // TODO: uriEscapePath and applyChecksum should not be present in the constructor\n constructor({\n service,\n region,\n credentials,\n uriEscapePath,\n applyChecksum,\n }: SignatureV4Options) {\n this.service = service\n this.region = region\n this.credentials = credentials\n this.uriEscapePath = typeof uriEscapePath === 'boolean' ? uriEscapePath : true\n this.applyChecksum = typeof applyChecksum === 'boolean' ? applyChecksum : true\n }\n\n /**\n * Includes AWS v4 signing information to the provided HTTP request.\n *\n * This method adds an Authorization header to the request, containing\n * the signature and other signing information. It also returns a preformatted\n * URL that can be used to make the k6 http request.\n *\n * This method mutates the request object.\n *\n * @param request {HTTPRequest} The request to sign.\n * @param options {Partial} Options for signing the request.\n * @returns {SignedHTTPRequest} The signed request.\n */\n sign(request: HTTPRequest, options: Partial = {}): SignedHTTPRequest {\n // Set default values for options which are not provided by the user.\n const defaultOptions = {\n signingDate: new Date(),\n unsignableHeaders: new Set(),\n signableHeaders: new Set(),\n }\n\n // Merge default options with the ones maybe provided by the user.\n const finalOptions = { ...defaultOptions, ...options }\n\n const { longDate, shortDate }: DateInfo = formatDate(finalOptions.signingDate)\n const service = finalOptions.signingService || this.service\n const region = finalOptions.signingRegion || this.region\n const scope = `${shortDate}/${region}/${service}/${constants.KEY_TYPE_IDENTIFIER}`\n\n // Required by the specification:\n // \"For HTTP/1.1 requests, you must include the host header at a minimum.\n // Standard headers like content-type are optional.\n // For HTTP/2 requests, you must include the :authority header instead of\n // the host header. Different services might require other headers.\"\n request.headers[constants.HOST_HEADER] = request.hostname\n\n // Filter out headers that will be generated and managed by the signing process.\n // If the user provide any of those as part of the HTTPRequest's headers, they\n // will be ignored.\n for (const headerName of Object.keys(request.headers)) {\n if (constants.GENERATED_HEADERS.indexOf(headerName.toLowerCase()) > -1) {\n delete request.headers[headerName]\n }\n }\n\n request.headers[constants.AMZ_DATE_HEADER] = longDate\n if (this.credentials.sessionToken) {\n request.headers[constants.AMZ_TOKEN_HEADER] = this.credentials.sessionToken\n }\n\n // If the request body is a typed array, we need to convert it to a buffer\n // so that we can calculate the checksum.\n if (ArrayBuffer.isView(request.body)) {\n request.body = request.body.buffer\n }\n\n // Ensure we avoid passing undefined to the crypto hash function.\n if (!request.body) {\n request.body = ''\n }\n\n let payloadHash = this.computePayloadHash(request)\n if (\n !hasHeader(constants.AMZ_CONTENT_SHA256_HEADER, request.headers) &&\n this.applyChecksum\n ) {\n request.headers[constants.AMZ_CONTENT_SHA256_HEADER] = payloadHash\n }\n\n const canonicalHeaders = this.computeCanonicalHeaders(\n request,\n finalOptions.unsignableHeaders,\n finalOptions.signableHeaders\n )\n const signature = this.calculateSignature(\n longDate,\n scope,\n this.deriveSigningKey(this.credentials, service, region, shortDate),\n this.createCanonicalRequest(request, canonicalHeaders, payloadHash)\n )\n\n /**\n * Step 4 of the signing process: add the signature to the HTTP request's headers.\n *\n * @see https://docs.aws.amazon.com/general/latest/gr/sigv4-add-signature-to-request.html\n */\n request.headers[constants.AUTHORIZATION_HEADER] =\n `${constants.SIGNING_ALGORITHM_IDENTIFIER} ` +\n `Credential=${this.credentials.accessKeyId}/${scope}, ` +\n `SignedHeaders=${Object.keys(canonicalHeaders).sort().join(';')}, ` +\n `Signature=${signature}`\n\n // If a request path was provided, add it to the URL\n let url = `${request.protocol}://${request.hostname}`\n if (request.path) {\n url += request.path\n }\n\n // If a request query string was provided, add it to the URL\n if (request.query) {\n // We exclude the signature from the query string\n url += `?${this.serializeQueryParameters(request.query)}`\n }\n\n return {\n url: url,\n ...request,\n }\n }\n\n /**\n * Produces a presigned URL with AWS v4 signature information for the provided HTTP request.\n *\n * A presigned URL is a URL that contains the authorization information\n * (signature and other signing information) in the query string. This method\n * returns a preformatted URL that can be used to make the k6 http request.\n *\n * @param originalRequest - The original request to presign.\n * @param options - Options controlling the signing of the request.\n * @returns A signed request, including the presigned URL.\n */\n presign(originalRequest: HTTPRequest, options: PresignOptions = {}): SignedHTTPRequest {\n const {\n signingDate = new Date(),\n expiresIn = 3600,\n unsignableHeaders,\n unhoistableHeaders,\n signableHeaders,\n signingRegion,\n signingService,\n } = options\n const { longDate, shortDate }: DateInfo = formatDate(signingDate)\n const region = signingRegion || this.region\n const service = signingService || this.service\n\n if (expiresIn > constants.MAX_PRESIGNED_TTL) {\n throw new InvalidSignatureError(\n \"Signature version 4 presigned URLs can't be valid for more than 7 days\"\n )\n }\n\n const scope = `${shortDate}/${region}/${service}/${constants.KEY_TYPE_IDENTIFIER}`\n const request = this.moveHeadersToQuery(originalRequest, { unhoistableHeaders })\n\n // Required by the specification:\n // \"For HTTP/1.1 requests, you must include the host header at a minimum.\n // Standard headers like content-type are optional.\n // For HTTP/2 requests, you must include the :authority header instead of\n // the host header. Different services might require other headers.\"\n request.headers[constants.HOST_HEADER] = originalRequest.hostname\n\n // If the user provided a session token, include it in the signed url query string.\n if (this.credentials.sessionToken) {\n request.query[constants.AMZ_TOKEN_QUERY_PARAM] = this.credentials.sessionToken\n }\n\n // Add base signing query parameters to the request, as described in the documentation\n // @see https://docs.aws.amazon.com/general/latest/gr/sigv4-add-signature-to-request.html\n request.query[constants.AMZ_ALGORITHM_QUERY_PARAM] = constants.SIGNING_ALGORITHM_IDENTIFIER\n request.query[\n constants.AMZ_CREDENTIAL_QUERY_PARAM\n ] = `${this.credentials.accessKeyId}/${scope}`\n request.query[constants.AMZ_DATE_QUERY_PARAM] = longDate\n request.query[constants.AMZ_EXPIRES_QUERY_PARAM] = expiresIn.toString(10)\n\n const canonicalHeaders = this.computeCanonicalHeaders(\n request,\n unsignableHeaders,\n signableHeaders\n )\n request.query[constants.AMZ_SIGNED_HEADERS_QUERY_PARAM] = Object.keys(canonicalHeaders)\n .sort()\n .join(';')\n\n const signingKey = this.deriveSigningKey(this.credentials, service, region, shortDate)\n\n // Computing the payload from the original request. This is required\n // in the event the user attempts to produce a presigned URL for s3,\n // which requires the payload hash to be 'UNSIGNED-PAYLOAD'.\n //\n // To that effect, users need to set the 'x-amz-content-sha256' header,\n // and mark it as unhoistable and unsignable. When setup this way,\n // the computePayloadHash method will then return the string 'UNSIGNED-PAYLOAD'.\n const payloadHash = this.computePayloadHash(originalRequest)\n const canonicalRequest = this.createCanonicalRequest(request, canonicalHeaders, payloadHash)\n\n request.query[constants.AMZ_SIGNATURE_QUERY_PARAM] = this.calculateSignature(\n longDate,\n scope,\n signingKey,\n canonicalRequest\n )\n\n // If a request path was provided, add it to the URL\n let url = `${request.protocol}://${request.hostname}`\n if (request.path) {\n url += request.path\n }\n\n // If a request query string was provided, add it to the URL\n if (request.query) {\n url += `?${this.serializeQueryParameters(request.query)}`\n }\n\n return { url: url, ...request }\n }\n\n /**\n * Create a string including information from your request\n * in a AWS signature v4 standardized (canonical) format.\n *\n * Step 1 of the signing process: create the canonical request string.\n * @see https://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html\n *\n * @param request {HTTPRequest} The request to sign.\n * @param canonicalHeaders {HTTPHeaderBag} The request's canonical headers.\n * @param payloadHash {string} The hexadecimally encoded request's payload hash .\n * @returns {string} The canonical request string.\n */\n private createCanonicalRequest(\n request: HTTPRequest,\n canonicalHeaders: HTTPHeaderBag,\n payloadHash: string\n ): string {\n const sortedHeaders = Object.keys(canonicalHeaders).sort()\n const sortedCanonicalHeaders = sortedHeaders\n .map((name) => `${name}:${canonicalHeaders[name]}`)\n .join('\\n')\n const signedHeaders = sortedHeaders.join(';')\n\n return (\n `${request.method}\\n` +\n `${this.computeCanonicalURI(request)}\\n` +\n `${this.computeCanonicalQuerystring(request)}\\n` +\n `${sortedCanonicalHeaders}\\n\\n` +\n `${signedHeaders}\\n` +\n `${payloadHash}`\n )\n }\n\n /**\n * Create the \"string to sign\" part of the signature Version 4 protocol.\n *\n * The \"string to sign\" includes meta information about your request and\n * about the canonical request that you created with `createCanonicalRequest`.\n * It is used hand in hand with the signing key to create the request signature.\n * Step 2 of the signing process: create the string to sign.\n * @see https://docs.aws.amazon.com/general/latest/gr/sigv4-create-string-to-sign.html\n *\n * @param longDate {string} The request's date in iso 8601 format.\n * @param credentialScope {string} The request's credential scope.\n * @param canonicalRequest {string} The request's canonical request.\n * @returns {string} The \"string to sign\".\n */\n private createStringToSign(\n longDate: string,\n credentialScope: string,\n canonicalRequest: string\n ): string {\n const hashedCanonicalRequest = crypto.sha256(canonicalRequest, 'hex')\n\n return (\n `${constants.SIGNING_ALGORITHM_IDENTIFIER}\\n` +\n `${longDate}\\n` +\n `${credentialScope}\\n` +\n `${hashedCanonicalRequest}`\n )\n }\n\n /**\n * Calculte the signature for AWS signature version 4.\n *\n * Step 3 of the signing process: create the signature.\n * @see https://docs.aws.amazon.com/general/latest/gr/sigv4-calculate-signature.html\n *\n * @param longDate {string} The request's date in iso 8601 format.\n * @param credentialScope {string} The request's credential scope.\n * @param signingKey {string} the signing key as computed by the deriveSigningKey method.\n * @param canonicalRequest {string} The request's canonical request.\n * @returns {string} The signature.\n */\n private calculateSignature(\n longDate: string,\n credentialScope: string,\n signingKey: Uint8Array,\n canonicalRequest: string\n ): string {\n const stringToSign = this.createStringToSign(longDate, credentialScope, canonicalRequest)\n return crypto.hmac('sha256', signingKey, stringToSign, 'hex')\n }\n\n /**\n * Derives the signing key for authenticating requests signed with\n * the Signature version 4 authentication protocol.\n *\n * deriveSigningKey produces a signing key by creating a series of\n * hash-based message authentication codes (HMACs) represented in\n * a binary format.\n *\n * The derived signing key is specific to the date it's made at, as well as\n * the service and region it targets.\n *\n * @param credentials {AWSCredentials} The credentials to use for signing.\n * @param service {string} The service the request is targeted at.\n * @param region {string} The region the request is targeted at.\n * @param shortDate {string} The request's date in YYYYMMDD format.\n * @returns {Uint8Array} The derived signing key.\n */\n private deriveSigningKey(\n credentials: Credentials,\n service: string,\n region: string,\n shortDate: string\n ): Uint8Array {\n const kSecret: string = credentials.secretAccessKey\n const kDate: any = crypto.hmac('sha256', 'AWS4' + kSecret, shortDate, 'binary')\n const kRegion: any = crypto.hmac('sha256', kDate, region, 'binary')\n const kService: any = crypto.hmac('sha256', kRegion, service, 'binary')\n const kSigning: any = crypto.hmac('sha256', kService, 'aws4_request', 'binary')\n\n return kSigning\n }\n\n /**\n * Create a string that includes information from your request\n * in a AWS signature v4 standardized (canonical) format.\n *\n * @param param0 {HTTPRequest} The request to sign.\n * @returns {string} The canonical URI.\n */\n private computeCanonicalURI({ path }: HTTPRequest): string {\n if (this.uriEscapePath) {\n // Non-S3 services, we normalize the path and then double URI encode it.\n // Ref: \"Remove Dot Segments\" https://datatracker.ietf.org/doc/html/rfc3986#section-5.2.4\n const normalizedURISegments = []\n\n for (const URISegment of path.split('/')) {\n if (URISegment?.length === 0) {\n continue\n }\n\n if (URISegment === '.') {\n continue\n }\n\n if (URISegment === '..') {\n normalizedURISegments.pop()\n } else {\n normalizedURISegments.push(URISegment)\n }\n }\n\n // Normalize the URI\n const leading = path?.startsWith('/') ? '/' : ''\n const URI = normalizedURISegments.join('/')\n const trailing = normalizedURISegments.length > 0 && path?.endsWith('/') ? '/' : ''\n const normalizedURI = `${leading}${URI}${trailing}`\n\n const doubleEncoded = encodeURIComponent(normalizedURI)\n\n return doubleEncoded.replace(/%2F/g, '/')\n }\n\n // For S3, we shouldn't normalize the path. For example, object name\n // my-object//example//photo.user should not be normalized to\n // my-object/example/photo.user\n return path\n }\n\n /**\n * Serializes the request's query parameters into their canonical\n * string version. If the request does not include a query parameters,\n * returns an empty string.\n *\n * @param param0 {HTTPRequest} The request containing the query parameters.\n * @returns {string} The canonical query string.\n */\n private computeCanonicalQuerystring({ query = {} }: HTTPRequest): string {\n const keys: Array = []\n const serialized: Record = {}\n\n for (const key of Object.keys(query).sort()) {\n if (key.toLowerCase() === constants.AMZ_SIGNATURE_HEADER) {\n continue\n }\n\n keys.push(key)\n const value = query[key]\n\n if (typeof value === 'string') {\n serialized[key] = `${escapeURI(key)}=${escapeURI(value)}`\n } else if (Array.isArray(value)) {\n serialized[key] = value\n .slice(0)\n .sort()\n .reduce(\n (encoded: Array, value: string) =>\n encoded.concat([`${escapeURI(key)}=${escapeURI(value)}`]),\n []\n )\n .join('&')\n }\n }\n\n return keys\n .map((key) => serialized[key])\n .filter((serialized) => serialized)\n .join('&')\n }\n\n /**\n * Create the canonical form of the request's headers.\n * Canonical headers consist of all the HTTP headers you\n * are including with the signed request.\n *\n * @param param0 {HTTPRequest} The request to compute the canonical headers of.\n * @param unsignableHeaders {Set} The headers that should not be signed.\n * @param signableHeaders {Set} The headers that should be signed.\n * @returns {string} The canonical headers.\n */\n private computeCanonicalHeaders(\n { headers }: HTTPRequest,\n unsignableHeaders?: Set,\n signableHeaders?: Set\n ): HTTPHeaderBag {\n const canonicalHeaders: HTTPHeaderBag = {}\n\n for (const headerName of Object.keys(headers).sort()) {\n if (headers[headerName] == undefined) {\n continue\n }\n\n const canonicalHeaderName = headerName.toLowerCase()\n if (\n canonicalHeaderName in constants.ALWAYS_UNSIGNABLE_HEADERS ||\n unsignableHeaders?.has(canonicalHeaderName)\n ) {\n if (\n !signableHeaders ||\n (signableHeaders && !signableHeaders.has(canonicalHeaderName))\n ) {\n continue\n }\n }\n\n canonicalHeaders[canonicalHeaderName] = headers[headerName].trim().replace(/\\s+/g, ' ')\n }\n\n return canonicalHeaders\n }\n\n /**\n * Computes the SHA256 cryptographic hash of the request's body.\n *\n * If the headers contain the 'X-Amz-Content-Sha256' header, then\n * the value of that header is returned instead. This proves useful\n * when, for example, presiging a URL for S3, as the payload hash\n * must always be equal to 'UNSIGNED-PAYLOAD'.\n *\n * @param param0 {HTTPRequest} The request to compute the payload hash of.\n * @returns {string} The hex encoded SHA256 payload hash, or the value of the 'X-Amz-Content-Sha256' header.\n */\n private computePayloadHash({ headers, body }: HTTPRequest): string {\n // for (const headerName of Object.keys(headers)) {\n // // If the header is present, return its value.\n // // So that we let the 'UNSIGNED-PAYLOAD' value pass through.\n // if (headerName.toLowerCase() === constants.AMZ_CONTENT_SHA256_HEADER) {\n // return headers[headerName]\n // }\n // }\n\n if (headers[constants.AMZ_CONTENT_SHA256_HEADER]) {\n return headers[constants.AMZ_CONTENT_SHA256_HEADER]\n }\n\n if (body == undefined) {\n return constants.EMPTY_SHA256\n }\n\n if (typeof body === 'string' || isArrayBuffer(body)) {\n return crypto.sha256(body, 'hex').toLowerCase()\n }\n\n if (ArrayBuffer.isView(body)) {\n // If the request body is a typed array, we need to convert it to a buffer\n // so that we can calculate the checksum.\n return crypto.sha256((body as DataView).buffer, 'hex').toLowerCase()\n }\n\n return constants.UNSIGNED_PAYLOAD\n }\n\n /**\n * Moves a request's headers to its query parameters.\n *\n * The operation will ignore any amazon standard headers, prefixed\n * with 'X-Amz-'. It will also ignore any headers specified as unhoistable\n * by the options.\n *\n * The operation will delete the headers from the request.\n *\n * @param request {HTTPRequest} The request to move the headers from.\n * @param options\n * @returns {HTTPRequest} The request with the headers moved to the query parameters.\n */\n private moveHeadersToQuery(\n request: HTTPRequest,\n options: { unhoistableHeaders?: Set } = {}\n ): HTTPRequest & { query: QueryParameterBag } {\n const requestCopy = JSON.parse(JSON.stringify(request))\n const { headers, query = {} as QueryParameterBag } = requestCopy\n\n for (const name of Object.keys(headers)) {\n const lowerCaseName = name.toLowerCase()\n if (\n lowerCaseName.slice(0, 6) === 'x-amz-' &&\n !options.unhoistableHeaders?.has(lowerCaseName)\n ) {\n query[name] = headers[name]\n delete headers[name]\n }\n }\n\n return {\n ...requestCopy,\n headers,\n query,\n }\n }\n\n /**\n * Serializes a HTTPRequest's query parameter bag into a string.\n *\n * @param query {QueryParameterBag} The query parameters to serialize.\n * @param ignoreKeys {Set} The keys to ignore.\n * @returns {string} The serialized, and ready to use in a URL, query parameters.\n */\n private serializeQueryParameters(query: QueryParameterBag, ignoreKeys?: string[]): string {\n const keys: Array = []\n const serialized: Record = {}\n\n for (const key of Object.keys(query).sort()) {\n if (ignoreKeys?.includes(key.toLowerCase())) {\n continue\n }\n\n keys.push(key)\n const value = query[key]\n\n if (typeof value === 'string') {\n serialized[key] = `${escapeURI(key)}=${escapeURI(value)}`\n } else if (Array.isArray(value)) {\n serialized[key] = value\n .slice(0)\n .sort()\n .reduce(\n (encoded: Array, value: string) =>\n encoded.concat([`${escapeURI(key)}=${escapeURI(value)}`]),\n []\n )\n .join('&')\n }\n }\n\n return keys\n .map((key) => serialized[key])\n .filter((serialized) => serialized)\n .join('&')\n }\n}\n\n/**\n * Error indicating an Invalid signature has been sent to AWS services\n *\n * Inspired from AWS official error types, as\n * described in:\n * * https://aws.amazon.com/blogs/developer/service-error-handling-modular-aws-sdk-js/\n * * https://github.com/aws/aws-sdk-js/blob/master/lib/error.d.ts\n */\nexport class InvalidSignatureError extends AWSError {\n /**\n * Constructs an InvalidSignatureError\n *\n * @param {string} message - human readable error message\n */\n constructor(message: string, code?: string) {\n super(message, code)\n this.name = 'InvalidSignatureError'\n }\n}\n\nexport interface SignatureV4Options {\n /**\n * The name of the service to sign for.\n */\n service: string\n\n /**\n * The name of the region to sign for.\n */\n region: string\n\n /**\n * The credentials with which the request should be signed.\n */\n credentials: Credentials\n\n /**\n * Whether to uri-escape the request URI path as part of computing the\n * canonical request string. This is required for every AWS service, except\n * Amazon S3, as of late 2017.\n *\n * @default [true]\n */\n uriEscapePath?: boolean\n\n /**\n * Whether to calculate a checksum of the request body and include it as\n * either a request header (when signing) or as a query string parameter\n * (when presigning). This is required for AWS Glacier and Amazon S3 and optional for\n * every other AWS service as of late 2017.\n *\n * @default [true]\n */\n applyChecksum?: boolean\n}\n\nexport interface SignOptions {\n /**\n * The date and time to be used as signature metadata. This value should be\n * a Date object, a unix (epoch) timestamp, or a string that can be\n * understood by the JavaScript `Date` constructor.If not supplied, the\n * value returned by `new Date()` will be used.\n */\n signingDate?: Date\n\n /**\n * The service signing name. It will override the service name of the signer\n * in current invocation\n */\n signingService?: string\n\n /**\n * The region name to sign the request. It will override the signing region of the\n * signer in current invocation\n */\n signingRegion?: string\n}\n\nexport interface RequestSigningOptions extends SignOptions {\n /**\n * A set of strings whose members represents headers that cannot be signed.\n * All headers in the provided request will have their names converted to\n * lower case and then checked for existence in the unsignableHeaders set.\n */\n unsignableHeaders?: Set\n\n /**\n * A set of strings whose members represents headers that should be signed.\n * Any values passed here will override those provided via unsignableHeaders,\n * allowing them to be signed.\n *\n * All headers in the provided request will have their names converted to\n * lower case before signing.\n */\n signableHeaders?: Set\n}\n\nexport interface PresignOptions extends RequestSigningOptions {\n /**\n * The number of seconds before the presigned URL expires\n */\n expiresIn?: number\n\n /**\n * A set of strings whose representing headers that should not be hoisted\n * to presigned request's query string. If not supplied, the presigner\n * moves all the AWS-specific headers (starting with `x-amz-`) to the request\n * query string. If supplied, these headers remain in the presigned request's\n * header.\n * All headers in the provided request will have their names converted to\n * lower case and then checked for existence in the unhoistableHeaders set.\n */\n unhoistableHeaders?: Set\n}\n\nexport interface Credentials {\n /**\n * AWS access key ID\n */\n readonly accessKeyId: string\n\n /**\n * AWS secret access key\n */\n readonly secretAccessKey: string\n\n /**\n * A security or session token to use with these credentials. Usually\n * present for temporary credentials.\n */\n readonly sessionToken?: string\n}\n\nexport interface DateInfo {\n /**\n * ISO8601 formatted date string\n */\n longDate: string\n\n /**\n * String in the format YYYYMMDD\n */\n shortDate: string\n}\n\n/**\n * Escapes a URI following the AWS signature v4 escaping rules.\n *\n * @param URI {string} The URI to escape.\n * @returns {string} The escaped URI.\n */\nfunction escapeURI(URI: string): string {\n const hexEncode = (c: string): string => {\n return `%${c.charCodeAt(0).toString(16).toUpperCase()}`\n }\n\n return encodeURIComponent(URI).replace(/[!'()*]/g, hexEncode)\n}\n\n/**\n * formatDate formats a Date object into a ISO8601 formatted date string\n * and a string in the format YYYYMMDD.\n *\n * @param date {Date} The date to format.\n * @returns {DateInfo} The formatted date.\n */\nfunction formatDate(date: Date): DateInfo {\n const longDate = iso8601(date).replace(/[\\-:]/g, '')\n return {\n longDate,\n shortDate: longDate.slice(0, 8),\n }\n}\n\n/**\n * Formats a time into an ISO 8601 string.\n *\n * @see https://en.wikipedia.org/wiki/ISO_8601\n *\n * @param time {number | string | Date} The time to format.\n * @returns {string} The ISO 8601 formatted time.\n */\nfunction iso8601(time: number | string | Date): string {\n return toDate(time)\n .toISOString()\n .replace(/\\.\\d{3}Z$/, 'Z')\n}\n\n/**\n * Converts a time value into a Date object.\n *\n * @param time {number | string | Date} The time to convert.\n * @returns {Date} The resulting Date object.\n */\nfunction toDate(time: number | string | Date): Date {\n if (typeof time === 'number') {\n return new Date(time * 1000)\n }\n\n if (typeof time === 'string') {\n if (Number(time)) {\n return new Date(Number(time) * 1000)\n }\n\n return new Date(time)\n }\n\n return time\n}\n","/**\n * Type representing HTTP schemes\n */\nexport type HTTPScheme = 'http' | 'https'\n\n/**\n * Type representing HTTP Methods\n *\n */\nexport type HTTPMethod = 'GET' | 'POST' | 'PUT' | 'DELETE'\n\n/**\n * Type alias representing HTTP Headers\n */\nexport type HTTPHeaders = { [key: string]: string }\n\n/**\n * HTTPHeaderBag is a type alias representing HTTP Headers\n */\nexport type HTTPHeaderBag = Record\n\nexport function hasHeader(soughtHeader: string, headers: HTTPHeaderBag): boolean {\n soughtHeader = soughtHeader.toLowerCase()\n\n for (const headerName of Object.keys(headers)) {\n if (soughtHeader === headerName.toLowerCase()) {\n return true\n }\n }\n\n return false\n}\n\n/**\n * QueryParameterBag is a type alias representing HTTP Query Parameters\n */\nexport type QueryParameterBag = Record>\n\n/**\n * HTTPRequest represents an HTTP request\n */\nexport interface HTTPRequest {\n /**\n * The HTTP method to use\n */\n method: HTTPMethod\n\n /**\n * The protocol to use (http or https)\n */\n protocol: HTTPScheme\n\n /**\n * The hostname (domain name or IP address) the request targets\n */\n hostname: string\n\n /**\n * The port to the request targets\n */\n port?: number\n\n /**\n * The path to the resource\n */\n path: string\n\n /**\n * The query parameters to include in the request\n */\n query?: QueryParameterBag\n\n /**\n * The headers to include in the request\n */\n headers: HTTPHeaderBag\n\n /**\n * The body of the request\n */\n body?: string | ArrayBuffer | null\n}\n\n/**\n * SignedHTTPRequest represents an HTTP request that has been signed\n * with an AWS signature. It is a superset of HTTPRequest adding\n * the following fields:\n * - url: the fully qualified URL of the request that can be used in a k6 http.request.\n */\nexport interface SignedHTTPRequest extends HTTPRequest {\n url: string\n}\n","/**\n *\n * @param value\n * @returns\n */\nexport function isArrayBuffer(value: any): value is ArrayBuffer {\n return (\n typeof ArrayBuffer === 'function' &&\n (value instanceof ArrayBuffer ||\n Object.prototype.toString.call(value) === '[object ArrayBuffer]')\n )\n}\n\nexport function toFormUrlEncoded(form: any): string {\n return Object.keys(form).reduce((params, key) => {\n let value = form[key]\n if (value !== undefined && value !== null) {\n params.push(`${encodeURIComponent(key)}=${encodeURIComponent(value)}`)\n }\n return params;\n }, [] as string[]).join('&')\n}"],"names":["__webpack_require__","module","getter","__esModule","d","a","exports","definition","key","o","Object","defineProperty","enumerable","get","obj","prop","prototype","hasOwnProperty","call","Symbol","toStringTag","value","AMZ_ALGORITHM_QUERY_PARAM","AMZ_CREDENTIAL_QUERY_PARAM","AMZ_DATE_QUERY_PARAM","AMZ_EXPIRES_QUERY_PARAM","AMZ_SIGNATURE_QUERY_PARAM","AMZ_SIGNED_HEADERS_QUERY_PARAM","AMZ_TOKEN_QUERY_PARAM","AMZ_CONTENT_SHA256_HEADER","AMZ_DATE_HEADER","toLowerCase","AMZ_SIGNATURE_HEADER","AMZ_TOKEN_HEADER","AUTHORIZATION_HEADER","GENERATED_HEADERS","HOST_HEADER","ALWAYS_UNSIGNABLE_HEADERS","authorization","connection","expect","from","pragma","referer","te","trailer","upgrade","KEY_TYPE_IDENTIFIER","SIGNING_ALGORITHM_IDENTIFIER","UNSIGNED_PAYLOAD","require","AWSError","_Error","_inherits","_super","_createSuper","message","code","_this","_classCallCheck","_assertThisInitialized","name","xmlDocument","doc","parseHTML","find","text","_wrapNativeSuper","Error","SignatureV4","_ref","service","region","credentials","uriEscapePath","applyChecksum","_defineProperty","this","_createClass","request","options","arguments","length","undefined","finalOptions","_objectSpread","signingDate","Date","unsignableHeaders","Set","signableHeaders","_formatDate","formatDate","longDate","shortDate","signingService","signingRegion","scope","concat","constants","headers","hostname","_i","_Object$keys","keys","headerName","indexOf","sessionToken","ArrayBuffer","isView","body","buffer","payloadHash","computePayloadHash","soughtHeader","hasHeader","canonicalHeaders","computeCanonicalHeaders","signature","calculateSignature","deriveSigningKey","createCanonicalRequest","accessKeyId","sort","join","url","protocol","path","query","serializeQueryParameters","originalRequest","_options$signingDate","_options$expiresIn","expiresIn","unhoistableHeaders","_formatDate2","InvalidSignatureError","moveHeadersToQuery","toString","signingKey","canonicalRequest","sortedHeaders","sortedCanonicalHeaders","map","signedHeaders","method","computeCanonicalURI","computeCanonicalQuerystring","credentialScope","hashedCanonicalRequest","crypto","stringToSign","createStringToSign","kSecret","secretAccessKey","kDate","kRegion","kService","_ref2","_step","normalizedURISegments","_iterator","_createForOfIteratorHelper","split","s","n","done","URISegment","pop","push","err","e","f","leading","startsWith","URI","trailing","endsWith","normalizedURI","encodeURIComponent","replace","_ref3","_step2","_ref3$query","serialized","_loop","escapeURI","Array","isArray","slice","reduce","encoded","_iterator2","filter","_ref4","_step3","_iterator3","canonicalHeaderName","has","trim","_ref5","requestCopy","JSON","parse","stringify","_requestCopy$query","_i2","_Object$keys2","_options$unhoistableH","lowerCaseName","ignoreKeys","_step4","_loop2","includes","_iterator4","_AWSError","c","charCodeAt","toUpperCase","date","time","Number","toDate","toISOString"],"sourceRoot":""} \ No newline at end of file +{"version":3,"file":"signature.js","mappings":"mBACA,IAAIA,EAAsB,CCA1BA,EAAyBC,IACxB,IAAIC,EAASD,GAAUA,EAAOE,WAC7B,IAAOF,EAAiB,QACxB,IAAM,EAEP,OADAD,EAAoBI,EAAEF,EAAQ,CAAEG,EAAGH,IAC5BA,CAAM,ECLdF,EAAwB,CAACM,EAASC,KACjC,IAAI,IAAIC,KAAOD,EACXP,EAAoBS,EAAEF,EAAYC,KAASR,EAAoBS,EAAEH,EAASE,IAC5EE,OAAOC,eAAeL,EAASE,EAAK,CAAEI,YAAY,EAAMC,IAAKN,EAAWC,IAE1E,ECNDR,EAAwB,CAACc,EAAKC,IAAUL,OAAOM,UAAUC,eAAeC,KAAKJ,EAAKC,GCClFf,EAAyBM,IACH,oBAAXa,QAA0BA,OAAOC,aAC1CV,OAAOC,eAAeL,EAASa,OAAOC,YAAa,CAAEC,MAAO,WAE7DX,OAAOC,eAAeL,EAAS,aAAc,CAAEe,OAAO,GAAO,G,yeCFvD,IAAMC,EAA4B,kBAC5BC,EAA6B,mBAC7BC,EAAuB,aACvBC,EAA0B,gBAC1BC,EAA4B,kBAC5BC,EAAiC,sBAEjCC,EAAwB,uBAKxBC,EAA4B,uBAC5BC,EAAkBN,EAAqBO,cACvCC,EAAuBN,EAA0BK,cAEjDE,GAVyB,eASkBF,cACxBH,EAAsBG,eAKzCG,EAAuB,gBAMvBC,EAAoB,CAACD,EAAsBJ,EAL7B,QAMdM,EAAc,OAMdC,EAA4B,CACrCC,eAAe,EACf,iBAAiB,EACjBC,YAAY,EACZC,QAAQ,EACRC,MAAM,EACN,cAAc,EACd,gBAAgB,EAChBC,QAAQ,EACRC,SAAS,EACTC,IAAI,EACJC,SAAS,EACT,qBAAqB,EACrBC,SAAS,EACT,cAAc,EACd,mBAAmB,GAMVC,EAAsB,eACtBC,EAA+B,mBAkB/BC,EAAmB,mB,mqFC1EzB,IAAMC,EAAS,WAsFlB,SAAAA,EAAYC,GACR,GADmCC,EAAA,KAAAF,GArFvCG,EAAA,sBAOAA,EAAA,2BAOAA,EAAA,+BAOAA,EAAA,4BAOAA,EAAA,cAKqB,SAIrBA,EAAA,gBAKmB,kBA4CVF,EAAQG,QAA6B,KAAnBH,EAAQG,OAC3B,MAAM,IAAIC,EAAsB,yFAADC,OAC+DL,EAAQG,OAAM,MAIhH,IAAKH,EAAQM,aAAuC,KAAxBN,EAAQM,YAChC,MAAM,IAAIF,EAAsB,wEAADC,OAC8CL,EAAQM,YAAW,MAIpG,GAAIN,EAAQM,YAAYC,OAAS,IAAMP,EAAQM,YAAYC,OAAS,IAChE,MAAM,IAAIH,EAAsB,wFAADC,OAC6DL,EAAQM,YAAYC,SAIpH,IAAKP,EAAQQ,iBAA+C,KAA5BR,EAAQQ,gBACpC,MAAM,IAAIJ,EAAsB,4EAADC,OACkDL,EAAQQ,gBAAe,MAI5G,GAAIR,EAAQQ,gBAAgBD,OAAS,IAAMP,EAAQQ,gBAAgBD,OAAS,IACxE,MAAM,IAAIH,EAAsB,4FAADC,OACiEL,EAAQQ,gBAAgBD,SAI5HE,KAAKN,OAASH,EAAQG,OACtBM,KAAKH,YAAcN,EAAQM,YAC3BG,KAAKD,gBAAkBR,EAAQQ,qBAEFE,IAAzBV,EAAQW,eACRF,KAAKE,aAAeX,EAAQW,mBAGTD,IAAnBV,EAAQY,SACRH,KAAKG,OAASZ,EAAQY,aAGDF,IAArBV,EAAQa,WACRJ,KAAKI,SAAWb,EAAQa,SAEhC,CAtDC,OAsDAC,EAAAf,EAAA,OAAA1C,IAAA,kBAAAa,MAtED,SAAuB8B,GAQnB,OAAO,IAAID,EAAU,CACjBI,OARWY,MAAMC,WASjBV,YARgBS,MAAME,kBAStBT,gBARoBO,MAAMG,sBAS1BP,aARqCI,MAAMI,kBAS3CP,OARmCZ,aAAO,EAAPA,EAASY,OAS5CC,SARiCb,aAAO,EAAPA,EAASa,UAUlD,KAACd,CAAA,CA9EiB,GA4LTK,EAAqB,SAAAgB,I,qRAAAC,CAAAjB,EAAAgB,GAAA,IAAAE,EAAAC,EAAAnB,GAC9B,SAAAA,EAAYoB,GAAiB,OAAAvB,EAAA,KAAAG,GAAAkB,EAAAvD,KAAA,KACnByD,EACV,CAAC,OAAAV,EAAAV,EAAA,CAH6B,CAG7BqB,EAHsCC,QC/L3C,MAAM,EAA+BC,QAAQ,a,aCA7C,MAAM,EAA+BA,QAAQ,W,+1ECUtC,IAAMC,EAAQ,SAAAR,I,qRAAAC,CAAAO,EAAAR,GAAA,I,MAAAE,EAAAC,EAAAK,GAYjB,SAAAA,EAAYJ,EAAiBK,GAAe,IAAAC,E,MAGxB,O,4FAHwB7B,CAAA,KAAA2B,GACxCE,EAAAR,EAAAvD,KAAA,KAAMyD,G,EAZVO,EAAAD,G,OAAA,G,MAAA,W,wFAaIA,EAAKE,KAAO,WACZF,EAAKD,KAAOA,EAAIC,CACpB,CAUC,O,EARDF,E,EAAA,EAAAvE,IAAA,WAAAa,MAKA,SAAgB+D,GACZ,IAAMC,GAAMC,EAAAA,EAAAA,WAAUF,GACtB,OAAO,IAAIL,EAASM,EAAIE,KAAK,WAAWC,OAAQH,EAAIE,KAAK,QAAQC,OACrE,K,EARA,O,8EAQCT,CAAA,CA1BgB,CA0BhBH,EA1ByBC,Q,2kHCOvB,IAAMY,GAAW,WAoCpB,SAAAA,EAAAC,GAMuB,IALnBC,EAAOD,EAAPC,QACArC,EAAMoC,EAANpC,OACAsC,EAAWF,EAAXE,YACAC,EAAaH,EAAbG,cACAC,EAAaJ,EAAbI,cAAa1C,GAAA,KAAAqC,GAxCjBpC,GAAA,uBAKAA,GAAA,sBAKAA,GAAA,2BAKAA,GAAA,6BASAA,GAAA,6BAkBIO,KAAK+B,QAAUA,EACf/B,KAAKN,OAASA,EACdM,KAAKgC,YAAcA,EACnBhC,KAAKiC,cAAyC,kBAAlBA,GAA8BA,EAC1DjC,KAAKkC,cAAyC,kBAAlBA,GAA8BA,CAC9D,CA0jBC,OAxjBD7B,GAAAwB,EAAA,EAAAjF,IAAA,OAAAa,MAaA,SAAK0E,GAAuF,IAAjE5C,EAAuC6C,UAAAtC,OAAA,QAAAG,IAAAmC,UAAA,GAAAA,UAAA,GAAG,CAAC,EAS5DC,EAAYC,GAAAA,GAAA,GAPK,CACnBC,YAAa,IAAIC,KACjBC,kBAAmB,IAAIC,IACvBC,gBAAiB,IAAID,MAIoBnD,GAE7CqD,EAA0CC,GAAWR,EAAaE,aAA1DO,EAAQF,EAARE,SAAUC,EAASH,EAATG,UACZhB,EAAUM,EAAaW,gBAAkBhD,KAAK+B,QAC9CrC,EAAS2C,EAAaY,eAAiBjD,KAAKN,OAC5CwD,EAAQ,GAAHtD,OAAMmD,EAAS,KAAAnD,OAAIF,EAAM,KAAAE,OAAImC,EAAO,KAAAnC,OAAIuD,GAOnDhB,EAAQiB,QAAQD,GAAyBhB,EAAQkB,SAKjD,IAAK,IAALC,EAAA,EAAAC,EAAyBzG,OAAO0G,KAAKrB,EAAQiB,SAAQE,EAAAC,EAAAzD,OAAAwD,IAAE,CAAlD,IAAMG,EAAUF,EAAAD,GACbH,EAA4BO,QAAQD,EAAWtF,gBAAkB,UAC1DgE,EAAQiB,QAAQK,EAE/B,CAEAtB,EAAQiB,QAAQD,GAA6BL,EACzC9C,KAAKgC,YAAY9B,eACjBiC,EAAQiB,QAAQD,GAA8BnD,KAAKgC,YAAY9B,cAK/DyD,YAAYC,OAAOzB,EAAQ0B,QAC3B1B,EAAQ0B,KAAO1B,EAAQ0B,KAAKC,QAI3B3B,EAAQ0B,OACT1B,EAAQ0B,KAAO,IAGnB,IAAIE,EAAc/D,KAAKgE,mBAAmB7B,IC3G3C,SAAmB8B,EAAsBb,GAC5Ca,EAAeA,EAAa9F,cAE5B,IAAK,IAALmF,EAAA,EAAAC,EAAyBzG,OAAO0G,KAAKJ,GAAQE,EAAAC,EAAAzD,OAAAwD,IACzC,GAAIW,IADaV,EAAAD,GACenF,cAC5B,OAAO,EAIf,OAAO,CACX,CDmGa+F,CAAUf,EAAqChB,EAAQiB,UACxDpD,KAAKkC,gBAELC,EAAQiB,QAAQD,GAAuCY,GAG3D,IAAMI,EAAmBnE,KAAKoE,wBAC1BjC,EACAE,EAAaI,kBACbJ,EAAaM,iBAEX0B,EAAYrE,KAAKsE,mBACnBxB,EACAI,EACAlD,KAAKuE,iBAAiBvE,KAAKgC,YAAaD,EAASrC,EAAQqD,GACzD/C,KAAKwE,uBAAuBrC,EAASgC,EAAkBJ,IAQ3D5B,EAAQiB,QAAQD,GACZ,GAAAvD,OAAGuD,EAAsC,mBAAAvD,OAC3BI,KAAKgC,YAAYnC,YAAW,KAAAD,OAAIsD,EAAK,MAAI,iBAAAtD,OACtC9C,OAAO0G,KAAKW,GAAkBM,OAAOC,KAAK,KAAI,MAAI,aAAA9E,OACtDyE,GAGjB,IAAIM,EAAM,GAAH/E,OAAMuC,EAAQyC,SAAQ,OAAAhF,OAAMuC,EAAQkB,UAW3C,OAVIlB,EAAQ0C,OACRF,GAAOxC,EAAQ0C,MAIf1C,EAAQ2C,QAERH,GAAO,IAAJ/E,OAAQI,KAAK+E,yBAAyB5C,EAAQ2C,SAGrDxC,GAAA,CACIqC,IAAKA,GACFxC,EAEX,GAEA,CAAAvF,IAAA,UAAAa,MAWA,SAAQuH,GAA+E,IAAjDzF,EAAuB6C,UAAAtC,OAAA,QAAAG,IAAAmC,UAAA,GAAAA,UAAA,GAAG,CAAC,EAC7D6C,EAQI1F,EAPAgD,YAAAA,OAAW,IAAA0C,EAAG,IAAIzC,KAAMyC,EAAAC,EAOxB3F,EANA4F,UAAAA,OAAS,IAAAD,EAAG,KAAIA,EAChBzC,EAKAlD,EALAkD,kBACA2C,EAIA7F,EAJA6F,mBACAzC,EAGApD,EAHAoD,gBACAM,EAEA1D,EAFA0D,cACAD,EACAzD,EADAyD,eAEJqC,EAA0CxC,GAAWN,GAA7CO,EAAQuC,EAARvC,SAAUC,EAASsC,EAATtC,UACZrD,EAASuD,GAAiBjD,KAAKN,OAC/BqC,EAAUiB,GAAkBhD,KAAK+B,QAEvC,GAAIoD,EL1IqB,OK2IrB,MAAM,IAAIG,GACN,0EAIR,IAAMpC,EAAQ,GAAHtD,OAAMmD,EAAS,KAAAnD,OAAIF,EAAM,KAAAE,OAAImC,EAAO,KAAAnC,OAAIuD,GAC7ChB,EAAUnC,KAAKuF,mBAAmBP,EAAiB,CAAEI,mBAAAA,IAO3DjD,EAAQiB,QAAQD,GAAyB6B,EAAgB3B,SAGrDrD,KAAKgC,YAAY9B,eACjBiC,EAAQ2C,MAAM3B,GAAmCnD,KAAKgC,YAAY9B,cAKtEiC,EAAQ2C,MAAM3B,GAAuCA,EACrDhB,EAAQ2C,MACJ3B,GACA,GAAHvD,OAAMI,KAAKgC,YAAYnC,YAAW,KAAAD,OAAIsD,GACvCf,EAAQ2C,MAAM3B,GAAkCL,EAChDX,EAAQ2C,MAAM3B,GAAqCgC,EAAUK,SAAS,IAEtE,IAAMrB,EAAmBnE,KAAKoE,wBAC1BjC,EACAM,EACAE,GAEJR,EAAQ2C,MAAM3B,GAA4CrG,OAAO0G,KAAKW,GACjEM,OACAC,KAAK,KAEV,IAAMe,EAAazF,KAAKuE,iBAAiBvE,KAAKgC,YAAaD,EAASrC,EAAQqD,GAStEgB,EAAc/D,KAAKgE,mBAAmBgB,GACtCU,EAAmB1F,KAAKwE,uBAAuBrC,EAASgC,EAAkBJ,GAEhF5B,EAAQ2C,MAAM3B,GAAuCnD,KAAKsE,mBACtDxB,EACAI,EACAuC,EACAC,GAIJ,IAAIf,EAAM,GAAH/E,OAAMuC,EAAQyC,SAAQ,OAAAhF,OAAMuC,EAAQkB,UAU3C,OATIlB,EAAQ0C,OACRF,GAAOxC,EAAQ0C,MAIf1C,EAAQ2C,QACRH,GAAO,IAAJ/E,OAAQI,KAAK+E,yBAAyB5C,EAAQ2C,SAGrDxC,GAAA,CAASqC,IAAKA,GAAQxC,EAC1B,GAEA,CAAAvF,IAAA,yBAAAa,MAYA,SACI0E,EACAgC,EACAJ,GAEA,IAAM4B,EAAgB7I,OAAO0G,KAAKW,GAAkBM,OAC9CmB,EAAyBD,EAC1BE,KAAI,SAACtE,GAAI,SAAA3B,OAAQ2B,EAAI,KAAA3B,OAAIuE,EAAiB5C,GAAK,IAC/CmD,KAAK,MACJoB,EAAgBH,EAAcjB,KAAK,KAEzC,MACI,GAAA9E,OAAGuC,EAAQ4D,OAAM,SAAAnG,OACdI,KAAKgG,oBAAoB7D,GAAQ,MAAI,GAAAvC,OACrCI,KAAKiG,4BAA4B9D,GAAQ,MAAI,GAAAvC,OAC7CgG,EAAsB,QAAM,GAAAhG,OAC5BkG,EAAa,MAAI,GAAAlG,OACjBmE,EAEX,GAEA,CAAAnH,IAAA,qBAAAa,MAcA,SACIqF,EACAoD,EACAR,GAEA,IAAMS,EAAyBC,IAAAA,OAAcV,EAAkB,OAE/D,MACI,GAAA9F,OAAGuD,EAAsC,SAAAvD,OACtCkD,EAAQ,MAAI,GAAAlD,OACZsG,EAAe,MAAI,GAAAtG,OACnBuG,EAEX,GAEA,CAAAvJ,IAAA,qBAAAa,MAYA,SACIqF,EACAoD,EACAT,EACAC,GAEA,IAAMW,EAAerG,KAAKsG,mBAAmBxD,EAAUoD,EAAiBR,GACxE,OAAOU,IAAAA,KAAY,SAAUX,EAAYY,EAAc,MAC3D,GAEA,CAAAzJ,IAAA,mBAAAa,MAiBA,SACIuE,EACAD,EACArC,EACAqD,GAEA,IAAMwD,EAAkBvE,EAAYjC,gBAC9ByG,EAAaJ,IAAAA,KAAY,SAAU,OAASG,EAASxD,EAAW,UAChE0D,EAAeL,IAAAA,KAAY,SAAUI,EAAO9G,EAAQ,UACpDgH,EAAgBN,IAAAA,KAAY,SAAUK,EAAS1E,EAAS,UAG9D,OAFsBqE,IAAAA,KAAY,SAAUM,EAAU,eAAgB,SAG1E,GAEA,CAAA9J,IAAA,sBAAAa,MAOA,SAAAkJ,GAA2D,IAA7B9B,EAAI8B,EAAJ9B,KAC1B,GAAI7E,KAAKiC,cAAe,CAGpB,IAEwC2E,EAFlCC,EAAwB,GAAEC,EAAAC,EAEPlC,EAAKmC,MAAM,MAAI,IAAxC,IAAAF,EAAAG,MAAAL,EAAAE,EAAAI,KAAAC,MAA0C,KAA/BC,EAAUR,EAAAnJ,MACU,KAAvB2J,aAAU,EAAVA,EAAYtH,UAIG,MAAfsH,IAIe,OAAfA,EACAP,EAAsBQ,MAEtBR,EAAsBS,KAAKF,IAEnC,CAEA,OAAAG,GAAAT,EAAAU,EAAAD,EAAA,SAAAT,EAAAW,GAAA,CACA,IAAMC,EAAU7C,SAAAA,EAAM8C,WAAW,KAAO,IAAM,GACxCC,EAAMf,EAAsBnC,KAAK,KACjCmD,EAAWhB,EAAsB/G,OAAS,GAA/B+G,MAAoChC,GAAAA,EAAMiD,SAAS,KAAO,IAAM,GAC3EC,EAAgB,GAAHnI,OAAM8H,GAAO9H,OAAGgI,GAAGhI,OAAGiI,GAIzC,OAFsBG,mBAAmBD,GAEpBE,QAAQ,OAAQ,IACzC,CAKA,OAAOpD,CACX,GAEA,CAAAjI,IAAA,8BAAAa,MAQA,SAAAyK,GAAyE,IAI1BC,EAJ0BC,EAAAF,EAAnCpD,MAAAA,OAAK,IAAAsD,EAAG,CAAC,EAACA,EACtC5E,EAAsB,GACtB6E,EAAqC,CAAC,EAACC,EAAA,SAAA1L,GAGzC,GAAIA,EAAIuB,gBAAkBgF,EAAgC,iBAI1DK,EAAK8D,KAAK1K,GACV,IAAMa,EAAQqH,EAAMlI,GAEC,iBAAVa,EACP4K,EAAWzL,GAAO,GAAHgD,OAAM2I,GAAU3L,GAAI,KAAAgD,OAAI2I,GAAU9K,IAC1C+K,MAAMC,QAAQhL,KACrB4K,EAAWzL,GAAOa,EACbiL,MAAM,GACNjE,OACAkE,QACG,SAACC,EAAwBnL,GAAa,OAClCmL,EAAQhJ,OAAO,CAAC,GAADA,OAAI2I,GAAU3L,GAAI,KAAAgD,OAAI2I,GAAU9K,KAAU,GAC7D,IAEHiH,KAAK,KAElB,EAACmE,EAAA9B,EArBiBjK,OAAO0G,KAAKsB,GAAOL,QAAM,IAA3C,IAAAoE,EAAA5B,MAAAkB,EAAAU,EAAA3B,KAAAC,MAAcmB,EAAAH,EAAA1K,MAqBb,OAAA8J,GAAAsB,EAAArB,EAAAD,EAAA,SAAAsB,EAAApB,GAAA,CAED,OAAOjE,EACFqC,KAAI,SAACjJ,GAAG,OAAKyL,EAAWzL,EAAI,IAC5BkM,QAAO,SAACT,GAAU,OAAKA,CAAU,IACjC3D,KAAK,IACd,GAEA,CAAA9H,IAAA,0BAAAa,MAUA,SAAAsL,EAEItG,EACAE,GACa,IAGuCqG,EANlD5F,EAAO2F,EAAP3F,QAIIe,EAAkC,CAAC,EAAC8E,EAAAlC,EAEjBjK,OAAO0G,KAAKJ,GAASqB,QAAM,IAApD,IAAAwE,EAAAhC,MAAA+B,EAAAC,EAAA/B,KAAAC,MAAsD,KAA3C1D,EAAUuF,EAAAvL,MACjB,GAA2BwC,MAAvBmD,EAAQK,GAAZ,CAIA,IAAMyF,EAAsBzF,EAAWtF,eAEnC+K,KAAuB/F,GACvBV,SAAAA,EAAmB0G,IAAID,OAGlBvG,GACAA,IAAoBA,EAAgBwG,IAAID,MAMjD/E,EAAiB+E,GAAuB9F,EAAQK,GAAY2F,OAAOnB,QAAQ,OAAQ,KAfnF,CAgBJ,CAAC,OAAAV,GAAA0B,EAAAzB,EAAAD,EAAA,SAAA0B,EAAAxB,GAAA,CAED,OAAOtD,CACX,GAEA,CAAAvH,IAAA,qBAAAa,MAWA,SAAA4L,GAAmE,IE5gBzC5L,EF4gBG2F,EAAOiG,EAAPjG,QAASS,EAAIwF,EAAJxF,KASlC,OAAIT,EAAQD,GACDC,EAAQD,GAGPlD,MAAR4D,ELzdgB,mEK6dA,iBAATA,IE7hBWpG,EF6hBwBoG,EE3hBvB,mBAAhBF,cACNlG,aAAiBkG,aAC4B,yBAA1C7G,OAAOM,UAAUoI,SAASlI,KAAKG,KF0hBxB2I,IAAAA,OAAcvC,EAAM,OAAO1F,cAGlCwF,YAAYC,OAAOC,GAGZuC,IAAAA,OAAevC,EAAkBC,OAAQ,OAAO3F,cAGpDgF,CACX,GAEA,CAAAvG,IAAA,qBAAAa,MAaA,SACI0E,GAMA,IAJ0C,IAD1C5C,EAA6C6C,UAAAtC,OAAA,QAAAG,IAAAmC,UAAA,GAAAA,UAAA,GAAG,CAAC,EAE3CkH,EAAcC,KAAKC,MAAMD,KAAKE,UAAUtH,IACtCiB,EAA6CkG,EAA7ClG,QAAOsG,EAAsCJ,EAApCxE,MAAAA,OAAK,IAAA4E,EAAG,CAAC,EAACA,EAE3BC,EAAA,EAAAC,EAAmB9M,OAAO0G,KAAKJ,GAAQuG,EAAAC,EAAA9J,OAAA6J,IAAE,KAAAE,EAA9BtI,EAAIqI,EAAAD,GACLG,EAAgBvI,EAAKpD,cAEO,WAA9B2L,EAAcpB,MAAM,EAAG,IACI,QAA3BmB,EAACtK,EAAQ6F,0BAAkB,IAAAyE,GAA1BA,EAA4BV,IAAIW,KAEjChF,EAAMvD,GAAQ6B,EAAQ7B,UACf6B,EAAQ7B,GAEvB,CAEA,OAAAe,GAAAA,GAAA,GACOgH,GAAW,IACdlG,QAAAA,EACA0B,MAAAA,GAER,GAEA,CAAAlI,IAAA,2BAAAa,MAOA,SAAiCqH,EAA0BiF,GACvD,IAG2CC,EAHrCxG,EAAsB,GACtB6E,EAAqC,CAAC,EAAC4B,EAAA,SAAArN,GAGzC,GAAImN,SAAAA,EAAYG,SAAStN,EAAIuB,eAAgB,iBAI7CqF,EAAK8D,KAAK1K,GACV,IAAMa,EAAQqH,EAAMlI,GAEC,iBAAVa,EACP4K,EAAWzL,GAAO,GAAHgD,OAAM2I,GAAU3L,GAAI,KAAAgD,OAAI2I,GAAU9K,IAC1C+K,MAAMC,QAAQhL,KACrB4K,EAAWzL,GAAOa,EACbiL,MAAM,GACNjE,OACAkE,QACG,SAACC,EAAwBnL,GAAa,OAClCmL,EAAQhJ,OAAO,CAAC,GAADA,OAAI2I,GAAU3L,GAAI,KAAAgD,OAAI2I,GAAU9K,KAAU,GAC7D,IAEHiH,KAAK,KAElB,EAACyF,EAAApD,EArBiBjK,OAAO0G,KAAKsB,GAAOL,QAAM,IAA3C,IAAA0F,EAAAlD,MAAA+C,EAAAG,EAAAjD,KAAAC,MAAc8C,EAAAD,EAAAvM,MAqBb,OAAA8J,GAAA4C,EAAA3C,EAAAD,EAAA,SAAA4C,EAAA1C,GAAA,CAED,OAAOjE,EACFqC,KAAI,SAACjJ,GAAG,OAAKyL,EAAWzL,EAAI,IAC5BkM,QAAO,SAACT,GAAU,OAAKA,CAAU,IACjC3D,KAAK,IACd,KAAC7C,CAAA,CA1mBmB,GAqnBXyD,GAAqB,SAAA8E,I,qRAAAxJ,CAAA0E,EAAA8E,GAAA,IAAAvJ,EAAAC,EAAAwE,GAM9B,SAAAA,EAAYvE,EAAiBK,GAAe,IAAAC,EAEL,OAFK7B,GAAA,KAAA8F,IACxCjE,EAAAR,EAAAvD,KAAA,KAAMyD,EAASK,IACVG,KAAO,wBAAuBF,CACvC,CAAC,OAAAhB,GAAAiF,EAAA,CAT6B,CAASnE,GA+I3C,SAASoH,GAAUX,GAKf,OAAOI,mBAAmBJ,GAAKK,QAAQ,YAJrB,SAACoC,GACf,MAAO,IAAPzK,OAAWyK,EAAEC,WAAW,GAAG9E,SAAS,IAAI+E,cAC5C,GAGJ,CASA,SAAS1H,GAAW2H,GAChB,IAeaC,EAfP3H,GAeO2H,EAfYD,EA2B7B,SAAgBC,GACZ,MAAoB,iBAATA,EACA,IAAIjI,KAAY,IAAPiI,GAGA,iBAATA,EACHC,OAAOD,GACA,IAAIjI,KAAoB,IAAfkI,OAAOD,IAGpB,IAAIjI,KAAKiI,GAGbA,CACX,CAzBWE,CAAOF,GACTG,cACA3C,QAAQ,YAAa,MAlBKA,QAAQ,SAAU,IACjD,MAAO,CACHnF,SAAAA,EACAC,UAAWD,EAAS4F,MAAM,EAAG,GAErC,C","sources":["webpack://k6-jslib-aws/webpack/bootstrap","webpack://k6-jslib-aws/webpack/runtime/compat get default export","webpack://k6-jslib-aws/webpack/runtime/define property getters","webpack://k6-jslib-aws/webpack/runtime/hasOwnProperty shorthand","webpack://k6-jslib-aws/webpack/runtime/make namespace object","webpack://k6-jslib-aws/./src/internal/constants.ts","webpack://k6-jslib-aws/./src/internal/config.ts","webpack://k6-jslib-aws/external commonjs \"k6/crypto\"","webpack://k6-jslib-aws/external commonjs \"k6/html\"","webpack://k6-jslib-aws/./src/internal/error.ts","webpack://k6-jslib-aws/./src/internal/signature.ts","webpack://k6-jslib-aws/./src/internal/http.ts","webpack://k6-jslib-aws/./src/internal/utils.ts"],"sourcesContent":["// The require scope\nvar __webpack_require__ = {};\n\n","// getDefaultExport function for compatibility with non-harmony modules\n__webpack_require__.n = (module) => {\n\tvar getter = module && module.__esModule ?\n\t\t() => (module['default']) :\n\t\t() => (module);\n\t__webpack_require__.d(getter, { a: getter });\n\treturn getter;\n};","// define getter functions for harmony exports\n__webpack_require__.d = (exports, definition) => {\n\tfor(var key in definition) {\n\t\tif(__webpack_require__.o(definition, key) && !__webpack_require__.o(exports, key)) {\n\t\t\tObject.defineProperty(exports, key, { enumerable: true, get: definition[key] });\n\t\t}\n\t}\n};","__webpack_require__.o = (obj, prop) => (Object.prototype.hasOwnProperty.call(obj, prop))","// define __esModule on exports\n__webpack_require__.r = (exports) => {\n\tif(typeof Symbol !== 'undefined' && Symbol.toStringTag) {\n\t\tObject.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });\n\t}\n\tObject.defineProperty(exports, '__esModule', { value: true });\n};","/**\n * Standard Amazon AWS query parameter names\n */\nexport const AMZ_ALGORITHM_QUERY_PARAM = 'X-Amz-Algorithm'\nexport const AMZ_CREDENTIAL_QUERY_PARAM = 'X-Amz-Credential'\nexport const AMZ_DATE_QUERY_PARAM = 'X-Amz-Date'\nexport const AMZ_EXPIRES_QUERY_PARAM = 'X-Amz-Expires'\nexport const AMZ_SIGNATURE_QUERY_PARAM = 'X-Amz-Signature'\nexport const AMZ_SIGNED_HEADERS_QUERY_PARAM = 'X-Amz-SignedHeaders'\nexport const AMZ_TARGET_QUERY_PARAM = 'X-Amz-Target'\nexport const AMZ_TOKEN_QUERY_PARAM = 'X-Amz-Security-Token'\n\n/**\n * Standard Amazon AWS header names\n */\nexport const AMZ_CONTENT_SHA256_HEADER = 'x-amz-content-sha256'\nexport const AMZ_DATE_HEADER = AMZ_DATE_QUERY_PARAM.toLowerCase()\nexport const AMZ_SIGNATURE_HEADER = AMZ_SIGNATURE_QUERY_PARAM.toLowerCase()\nexport const AMZ_TARGET_HEADER = AMZ_TARGET_QUERY_PARAM.toLowerCase()\nexport const AMZ_TOKEN_HEADER = AMZ_TOKEN_QUERY_PARAM.toLowerCase()\n\n/**\n * Common HTTP headers we rely on in the signing process\n */\nexport const AUTHORIZATION_HEADER = 'authorization'\nexport const DATE_HEADER = 'date'\n\n/**\n * Lists the headers that are generated as part of the signature process.\n */\nexport const GENERATED_HEADERS = [AUTHORIZATION_HEADER, AMZ_DATE_HEADER, DATE_HEADER]\nexport const HOST_HEADER = 'host'\n\n/**\n * Lists the headers that should never be included in the\n * request signature signature process.\n */\nexport const ALWAYS_UNSIGNABLE_HEADERS = {\n authorization: true,\n 'cache-control': true,\n connection: true,\n expect: true,\n from: true,\n 'keep-alive': true,\n 'max-forwards': true,\n pragma: true,\n referer: true,\n te: true,\n trailer: true,\n 'transfer-encoding': true,\n upgrade: true,\n 'user-agent': true,\n 'x-amzn-trace-id': true,\n}\n\n/**\n * Signature specific constants included in the signing process\n */\nexport const KEY_TYPE_IDENTIFIER = 'aws4_request'\nexport const SIGNING_ALGORITHM_IDENTIFIER = 'AWS4-HMAC-SHA256'\n\n/**\n * Maximum time to live of a signed request in seconds: 7 days.\n */\nexport const MAX_PRESIGNED_TTL = 60 * 60 * 24 * 7\n\n/**\n * SHA256 hash of an empty string (so we don't waste cycles recomputing it)\n */\nexport const EMPTY_SHA256 = 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855'\n\n/**\n * SHA256 hash of the unsigned payload constant (so we don't waste cycles recomputing it)\n */\nexport const UNSIGNED_PAYLOAD_SHA256 =\n '5a41b0751e4537c6ff868564ab44a4d4ecceec2ec5b1c5f74d97422968e04237'\n\nexport const UNSIGNED_PAYLOAD = 'UNSIGNED-PAYLOAD'\n","import { HTTPScheme } from './http'\n\n/** Class holding an AWS connection information */\nexport class AWSConfig {\n /**\n * The AWS region to connect to, as listed: https://docs.aws.amazon.com/general/latest/gr/rande.html\n *\n * @type {string}\n */\n region: string\n\n /**\n * Your user's AWS access key id credential.\n *\n * @type {string}\n */\n accessKeyId: string\n\n /**\n * Your user's AWS secret access key credential.\n *\n * @type {string}\n */\n secretAccessKey: string\n\n /**\n * Your user's AWS session token credential.\n *\n * @type {string}\n */\n sessionToken?: string\n\n /**\n * The HTTP scheme to use when connecting to AWS.\n *\n * @type {HTTPScheme} ['https']\n */\n scheme: HTTPScheme = 'https'\n\n // FIXME: Should really be called \"host\" instead. When used\n // with localstack we pass a complete host (hostname:port) here.\n /**\n * The AWS hostname to connect to.\n *\n * @type {string} ['amazonaws.com']\n */\n endpoint: string = 'amazonaws.com'\n\n /**\n * fromEnvironment creates an AWSConfig from the environment variables.\n *\n * It expects to find the following compulsory environment variables:\n * * AWS_REGION\n * * AWS_ACCESS_KEY_ID\n * * AWS_SECRET_ACCESS_KEY\n *\n * If set, the following optional environment variables are also used:\n * * AWS_SESSION_TOKEN\n *\n * Finally, the options parameter allows to explicitly set the scheme and endpoint\n * to use when connecting to AWS.\n *\n * @param options {AWSConnectionOptions}\n * @returns\n */\n static fromEnvironment(options?: AWSConnectionOptions): AWSConfig {\n const region = __ENV.AWS_REGION;\n const accessKeyId = __ENV.AWS_ACCESS_KEY_ID;\n const secretAccessKey = __ENV.AWS_SECRET_ACCESS_KEY;\n const sessionToken: string | undefined = __ENV.AWS_SESSION_TOKEN;\n const scheme: HTTPScheme | undefined = options?.scheme;\n const endpoint: string | undefined = options?.endpoint;\n\n return new AWSConfig({\n region,\n accessKeyId,\n secretAccessKey,\n sessionToken,\n scheme: scheme,\n endpoint: endpoint,\n })\n }\n\n /**\n * Create an AWSConfig.\n *\n * @param {AWSConfigOptions} options - configuration attributes to use when interacting with AWS' APIs\n * @throws {InvalidArgumentException}\n */\n constructor(options: AWSConfigOptions) {\n if (!options.region || options.region === '') {\n throw new InvalidAWSConfigError(\n `invalid AWS region; reason: expected a valid AWS region name (e.g. \"us-east-1\"), got \\`${options.region}\\``\n )\n }\n\n if (!options.accessKeyId || options.accessKeyId === '') {\n throw new InvalidAWSConfigError(\n `invalid AWS access key ID; reason: expected a non empty string, got \\`${options.accessKeyId}\\``\n )\n }\n\n if (options.accessKeyId.length < 16 || options.accessKeyId.length > 128) {\n throw new InvalidAWSConfigError(\n `invalid AWS access key ID; reason: size should be between 16 and 128 characters, got ${options.accessKeyId.length}`\n )\n }\n\n if (!options.secretAccessKey || options.secretAccessKey === '') {\n throw new InvalidAWSConfigError(\n `invalid AWS secret access key; reason: expected a non empty string, got \\`${options.secretAccessKey}\\``\n )\n }\n\n if (options.secretAccessKey.length < 16 || options.secretAccessKey.length > 128) {\n throw new InvalidAWSConfigError(\n `invalid AWS secret access key; reason: size should be between 16 and 128 characters, got ${options.secretAccessKey.length}`\n )\n }\n\n this.region = options.region\n this.accessKeyId = options.accessKeyId\n this.secretAccessKey = options.secretAccessKey\n\n if (options.sessionToken !== undefined) {\n this.sessionToken = options.sessionToken\n }\n\n if (options.scheme !== undefined) {\n this.scheme = options.scheme\n }\n\n if (options.endpoint !== undefined) {\n this.endpoint = options.endpoint\n }\n }\n}\n\n/**\n * Interface representing AWSConfig options\n */\nexport interface AWSConfigOptions extends AWSConnectionOptions {\n /**\n * The AWS region to connect to, as listed: https://docs.aws.amazon.com/general/latest/gr/rande.html\n *\n * @type {string}\n */\n region: string\n\n /**\n * Your user's AWS access key id credential.\n *\n * @type {string}\n */\n accessKeyId: string\n\n /**\n * Your user's AWS secret access key credential.\n *\n * @type {string}\n */\n secretAccessKey: string\n\n /**\n * Your user's AWS session token credential.\n *\n * @type {string}\n */\n sessionToken?: string\n}\n\n/**\n * Interface representing AWS connection options\n */\nexport interface AWSConnectionOptions {\n /**\n * The HTTP scheme to use when connecting to AWS.\n *\n * @type {HTTPScheme}\n */\n scheme?: HTTPScheme\n\n /**\n * The AWS hostname to connect to.\n *\n * @type {string}\n */\n endpoint?: string\n}\n\n/** Class representing an invalid AWS configuration */\nexport class InvalidAWSConfigError extends Error {\n constructor(message: string) {\n super(message)\n }\n}\n","const __WEBPACK_NAMESPACE_OBJECT__ = require(\"k6/crypto\");","const __WEBPACK_NAMESPACE_OBJECT__ = require(\"k6/html\");","import { parseHTML } from 'k6/html'\n\n/**\n * Base class to derive errors from\n *\n * Inspired from AWS official error types, as\n * described in:\n * * https://aws.amazon.com/blogs/developer/service-error-handling-modular-aws-sdk-js/\n * * https://github.com/aws/aws-sdk-js/blob/master/lib/error.d.ts\n */\nexport class AWSError extends Error {\n /**\n * Error code issued by the service (if any)\n */\n code?: string\n\n /**\n * Create an AWSError\n *\n * @param {string} message - A longer human readable error message.\n * @param {string?} code - A unique short code representing the error that was emitted\n */\n constructor(message: string, code?: string) {\n super(message)\n this.name = 'AWSError'\n this.code = code\n }\n\n /**\n * Parse an AWSError from an XML document\n *\n * @param {string} xmlDocument - Serialized XML document to parse the error from\n */\n static parseXML(xmlDocument: string): AWSError {\n const doc = parseHTML(xmlDocument)\n return new AWSError(doc.find('Message').text(), doc.find('Code').text())\n }\n}\n","import crypto from 'k6/crypto'\n\nimport * as constants from './constants'\nimport { AWSError } from './error'\nimport { hasHeader, HTTPHeaderBag, HTTPRequest, QueryParameterBag, SignedHTTPRequest } from './http'\nimport { isArrayBuffer } from './utils'\n\n/**\n * SignatureV4 can be used to sign HTTP requests and presign URLs using the AWS Signature\n * Version 4 signing process.\n *\n * It offers two signing methods:\n * - sign: signs the request headers and payload\n * - presign: returns a presigned (authorization information contained in the query string) URL\n *\n * @see https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html\n */\nexport class SignatureV4 {\n /**\n * The name of the service to sign for.\n */\n private readonly service: string\n\n /**\n * The name of the region to sign for.\n */\n private readonly region: string\n\n /**\n * The credentials with which the request should be signed.\n */\n private readonly credentials: Credentials\n\n /**\n * Whether to uri-escape the request URI path as part of computing the\n * canonical request string. This is required for every AWS service, except\n * Amazon S3, as of late 2017.\n *\n * @default [true]\n */\n private readonly uriEscapePath: boolean\n\n /**\n * Whether to calculate a checksum of the request body and include it as\n * either a request header (when signing) or as a query string parameter\n * (when presigning). This is required for AWS Glacier and Amazon S3 and optional for\n * every other AWS service as of late 2017.\n *\n * @default [true]\n */\n private readonly applyChecksum: boolean\n\n // TODO: uriEscapePath and applyChecksum should not be present in the constructor\n constructor({\n service,\n region,\n credentials,\n uriEscapePath,\n applyChecksum,\n }: SignatureV4Options) {\n this.service = service\n this.region = region\n this.credentials = credentials\n this.uriEscapePath = typeof uriEscapePath === 'boolean' ? uriEscapePath : true\n this.applyChecksum = typeof applyChecksum === 'boolean' ? applyChecksum : true\n }\n\n /**\n * Includes AWS v4 signing information to the provided HTTP request.\n *\n * This method adds an Authorization header to the request, containing\n * the signature and other signing information. It also returns a preformatted\n * URL that can be used to make the k6 http request.\n *\n * This method mutates the request object.\n *\n * @param request {HTTPRequest} The request to sign.\n * @param options {Partial} Options for signing the request.\n * @returns {SignedHTTPRequest} The signed request.\n */\n sign(request: HTTPRequest, options: Partial = {}): SignedHTTPRequest {\n // Set default values for options which are not provided by the user.\n const defaultOptions = {\n signingDate: new Date(),\n unsignableHeaders: new Set(),\n signableHeaders: new Set(),\n }\n\n // Merge default options with the ones maybe provided by the user.\n const finalOptions = { ...defaultOptions, ...options }\n\n const { longDate, shortDate }: DateInfo = formatDate(finalOptions.signingDate)\n const service = finalOptions.signingService || this.service\n const region = finalOptions.signingRegion || this.region\n const scope = `${shortDate}/${region}/${service}/${constants.KEY_TYPE_IDENTIFIER}`\n\n // Required by the specification:\n // \"For HTTP/1.1 requests, you must include the host header at a minimum.\n // Standard headers like content-type are optional.\n // For HTTP/2 requests, you must include the :authority header instead of\n // the host header. Different services might require other headers.\"\n request.headers[constants.HOST_HEADER] = request.hostname\n\n // Filter out headers that will be generated and managed by the signing process.\n // If the user provide any of those as part of the HTTPRequest's headers, they\n // will be ignored.\n for (const headerName of Object.keys(request.headers)) {\n if (constants.GENERATED_HEADERS.indexOf(headerName.toLowerCase()) > -1) {\n delete request.headers[headerName]\n }\n }\n\n request.headers[constants.AMZ_DATE_HEADER] = longDate\n if (this.credentials.sessionToken) {\n request.headers[constants.AMZ_TOKEN_HEADER] = this.credentials.sessionToken\n }\n\n // If the request body is a typed array, we need to convert it to a buffer\n // so that we can calculate the checksum.\n if (ArrayBuffer.isView(request.body)) {\n request.body = request.body.buffer\n }\n\n // Ensure we avoid passing undefined to the crypto hash function.\n if (!request.body) {\n request.body = ''\n }\n\n let payloadHash = this.computePayloadHash(request)\n if (\n !hasHeader(constants.AMZ_CONTENT_SHA256_HEADER, request.headers) &&\n this.applyChecksum\n ) {\n request.headers[constants.AMZ_CONTENT_SHA256_HEADER] = payloadHash\n }\n\n const canonicalHeaders = this.computeCanonicalHeaders(\n request,\n finalOptions.unsignableHeaders,\n finalOptions.signableHeaders\n )\n const signature = this.calculateSignature(\n longDate,\n scope,\n this.deriveSigningKey(this.credentials, service, region, shortDate),\n this.createCanonicalRequest(request, canonicalHeaders, payloadHash)\n )\n\n /**\n * Step 4 of the signing process: add the signature to the HTTP request's headers.\n *\n * @see https://docs.aws.amazon.com/general/latest/gr/sigv4-add-signature-to-request.html\n */\n request.headers[constants.AUTHORIZATION_HEADER] =\n `${constants.SIGNING_ALGORITHM_IDENTIFIER} ` +\n `Credential=${this.credentials.accessKeyId}/${scope}, ` +\n `SignedHeaders=${Object.keys(canonicalHeaders).sort().join(';')}, ` +\n `Signature=${signature}`\n\n // If a request path was provided, add it to the URL\n let url = `${request.protocol}://${request.hostname}`\n if (request.path) {\n url += request.path\n }\n\n // If a request query string was provided, add it to the URL\n if (request.query) {\n // We exclude the signature from the query string\n url += `?${this.serializeQueryParameters(request.query)}`\n }\n\n return {\n url: url,\n ...request,\n }\n }\n\n /**\n * Produces a presigned URL with AWS v4 signature information for the provided HTTP request.\n *\n * A presigned URL is a URL that contains the authorization information\n * (signature and other signing information) in the query string. This method\n * returns a preformatted URL that can be used to make the k6 http request.\n *\n * @param originalRequest - The original request to presign.\n * @param options - Options controlling the signing of the request.\n * @returns A signed request, including the presigned URL.\n */\n presign(originalRequest: HTTPRequest, options: PresignOptions = {}): SignedHTTPRequest {\n const {\n signingDate = new Date(),\n expiresIn = 3600,\n unsignableHeaders,\n unhoistableHeaders,\n signableHeaders,\n signingRegion,\n signingService,\n } = options\n const { longDate, shortDate }: DateInfo = formatDate(signingDate)\n const region = signingRegion || this.region\n const service = signingService || this.service\n\n if (expiresIn > constants.MAX_PRESIGNED_TTL) {\n throw new InvalidSignatureError(\n \"Signature version 4 presigned URLs can't be valid for more than 7 days\"\n )\n }\n\n const scope = `${shortDate}/${region}/${service}/${constants.KEY_TYPE_IDENTIFIER}`\n const request = this.moveHeadersToQuery(originalRequest, { unhoistableHeaders })\n\n // Required by the specification:\n // \"For HTTP/1.1 requests, you must include the host header at a minimum.\n // Standard headers like content-type are optional.\n // For HTTP/2 requests, you must include the :authority header instead of\n // the host header. Different services might require other headers.\"\n request.headers[constants.HOST_HEADER] = originalRequest.hostname\n\n // If the user provided a session token, include it in the signed url query string.\n if (this.credentials.sessionToken) {\n request.query[constants.AMZ_TOKEN_QUERY_PARAM] = this.credentials.sessionToken\n }\n\n // Add base signing query parameters to the request, as described in the documentation\n // @see https://docs.aws.amazon.com/general/latest/gr/sigv4-add-signature-to-request.html\n request.query[constants.AMZ_ALGORITHM_QUERY_PARAM] = constants.SIGNING_ALGORITHM_IDENTIFIER\n request.query[\n constants.AMZ_CREDENTIAL_QUERY_PARAM\n ] = `${this.credentials.accessKeyId}/${scope}`\n request.query[constants.AMZ_DATE_QUERY_PARAM] = longDate\n request.query[constants.AMZ_EXPIRES_QUERY_PARAM] = expiresIn.toString(10)\n\n const canonicalHeaders = this.computeCanonicalHeaders(\n request,\n unsignableHeaders,\n signableHeaders\n )\n request.query[constants.AMZ_SIGNED_HEADERS_QUERY_PARAM] = Object.keys(canonicalHeaders)\n .sort()\n .join(';')\n\n const signingKey = this.deriveSigningKey(this.credentials, service, region, shortDate)\n\n // Computing the payload from the original request. This is required\n // in the event the user attempts to produce a presigned URL for s3,\n // which requires the payload hash to be 'UNSIGNED-PAYLOAD'.\n //\n // To that effect, users need to set the 'x-amz-content-sha256' header,\n // and mark it as unhoistable and unsignable. When setup this way,\n // the computePayloadHash method will then return the string 'UNSIGNED-PAYLOAD'.\n const payloadHash = this.computePayloadHash(originalRequest)\n const canonicalRequest = this.createCanonicalRequest(request, canonicalHeaders, payloadHash)\n\n request.query[constants.AMZ_SIGNATURE_QUERY_PARAM] = this.calculateSignature(\n longDate,\n scope,\n signingKey,\n canonicalRequest\n )\n\n // If a request path was provided, add it to the URL\n let url = `${request.protocol}://${request.hostname}`\n if (request.path) {\n url += request.path\n }\n\n // If a request query string was provided, add it to the URL\n if (request.query) {\n url += `?${this.serializeQueryParameters(request.query)}`\n }\n\n return { url: url, ...request }\n }\n\n /**\n * Create a string including information from your request\n * in a AWS signature v4 standardized (canonical) format.\n *\n * Step 1 of the signing process: create the canonical request string.\n * @see https://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html\n *\n * @param request {HTTPRequest} The request to sign.\n * @param canonicalHeaders {HTTPHeaderBag} The request's canonical headers.\n * @param payloadHash {string} The hexadecimally encoded request's payload hash .\n * @returns {string} The canonical request string.\n */\n private createCanonicalRequest(\n request: HTTPRequest,\n canonicalHeaders: HTTPHeaderBag,\n payloadHash: string\n ): string {\n const sortedHeaders = Object.keys(canonicalHeaders).sort()\n const sortedCanonicalHeaders = sortedHeaders\n .map((name) => `${name}:${canonicalHeaders[name]}`)\n .join('\\n')\n const signedHeaders = sortedHeaders.join(';')\n\n return (\n `${request.method}\\n` +\n `${this.computeCanonicalURI(request)}\\n` +\n `${this.computeCanonicalQuerystring(request)}\\n` +\n `${sortedCanonicalHeaders}\\n\\n` +\n `${signedHeaders}\\n` +\n `${payloadHash}`\n )\n }\n\n /**\n * Create the \"string to sign\" part of the signature Version 4 protocol.\n *\n * The \"string to sign\" includes meta information about your request and\n * about the canonical request that you created with `createCanonicalRequest`.\n * It is used hand in hand with the signing key to create the request signature.\n * Step 2 of the signing process: create the string to sign.\n * @see https://docs.aws.amazon.com/general/latest/gr/sigv4-create-string-to-sign.html\n *\n * @param longDate {string} The request's date in iso 8601 format.\n * @param credentialScope {string} The request's credential scope.\n * @param canonicalRequest {string} The request's canonical request.\n * @returns {string} The \"string to sign\".\n */\n private createStringToSign(\n longDate: string,\n credentialScope: string,\n canonicalRequest: string\n ): string {\n const hashedCanonicalRequest = crypto.sha256(canonicalRequest, 'hex')\n\n return (\n `${constants.SIGNING_ALGORITHM_IDENTIFIER}\\n` +\n `${longDate}\\n` +\n `${credentialScope}\\n` +\n `${hashedCanonicalRequest}`\n )\n }\n\n /**\n * Calculte the signature for AWS signature version 4.\n *\n * Step 3 of the signing process: create the signature.\n * @see https://docs.aws.amazon.com/general/latest/gr/sigv4-calculate-signature.html\n *\n * @param longDate {string} The request's date in iso 8601 format.\n * @param credentialScope {string} The request's credential scope.\n * @param signingKey {string} the signing key as computed by the deriveSigningKey method.\n * @param canonicalRequest {string} The request's canonical request.\n * @returns {string} The signature.\n */\n private calculateSignature(\n longDate: string,\n credentialScope: string,\n signingKey: Uint8Array,\n canonicalRequest: string\n ): string {\n const stringToSign = this.createStringToSign(longDate, credentialScope, canonicalRequest)\n return crypto.hmac('sha256', signingKey, stringToSign, 'hex')\n }\n\n /**\n * Derives the signing key for authenticating requests signed with\n * the Signature version 4 authentication protocol.\n *\n * deriveSigningKey produces a signing key by creating a series of\n * hash-based message authentication codes (HMACs) represented in\n * a binary format.\n *\n * The derived signing key is specific to the date it's made at, as well as\n * the service and region it targets.\n *\n * @param credentials {AWSCredentials} The credentials to use for signing.\n * @param service {string} The service the request is targeted at.\n * @param region {string} The region the request is targeted at.\n * @param shortDate {string} The request's date in YYYYMMDD format.\n * @returns {Uint8Array} The derived signing key.\n */\n private deriveSigningKey(\n credentials: Credentials,\n service: string,\n region: string,\n shortDate: string\n ): Uint8Array {\n const kSecret: string = credentials.secretAccessKey\n const kDate: any = crypto.hmac('sha256', 'AWS4' + kSecret, shortDate, 'binary')\n const kRegion: any = crypto.hmac('sha256', kDate, region, 'binary')\n const kService: any = crypto.hmac('sha256', kRegion, service, 'binary')\n const kSigning: any = crypto.hmac('sha256', kService, 'aws4_request', 'binary')\n\n return kSigning\n }\n\n /**\n * Create a string that includes information from your request\n * in a AWS signature v4 standardized (canonical) format.\n *\n * @param param0 {HTTPRequest} The request to sign.\n * @returns {string} The canonical URI.\n */\n private computeCanonicalURI({ path }: HTTPRequest): string {\n if (this.uriEscapePath) {\n // Non-S3 services, we normalize the path and then double URI encode it.\n // Ref: \"Remove Dot Segments\" https://datatracker.ietf.org/doc/html/rfc3986#section-5.2.4\n const normalizedURISegments = []\n\n for (const URISegment of path.split('/')) {\n if (URISegment?.length === 0) {\n continue\n }\n\n if (URISegment === '.') {\n continue\n }\n\n if (URISegment === '..') {\n normalizedURISegments.pop()\n } else {\n normalizedURISegments.push(URISegment)\n }\n }\n\n // Normalize the URI\n const leading = path?.startsWith('/') ? '/' : ''\n const URI = normalizedURISegments.join('/')\n const trailing = normalizedURISegments.length > 0 && path?.endsWith('/') ? '/' : ''\n const normalizedURI = `${leading}${URI}${trailing}`\n\n const doubleEncoded = encodeURIComponent(normalizedURI)\n\n return doubleEncoded.replace(/%2F/g, '/')\n }\n\n // For S3, we shouldn't normalize the path. For example, object name\n // my-object//example//photo.user should not be normalized to\n // my-object/example/photo.user\n return path\n }\n\n /**\n * Serializes the request's query parameters into their canonical\n * string version. If the request does not include a query parameters,\n * returns an empty string.\n *\n * @param param0 {HTTPRequest} The request containing the query parameters.\n * @returns {string} The canonical query string.\n */\n private computeCanonicalQuerystring({ query = {} }: HTTPRequest): string {\n const keys: Array = []\n const serialized: Record = {}\n\n for (const key of Object.keys(query).sort()) {\n if (key.toLowerCase() === constants.AMZ_SIGNATURE_HEADER) {\n continue\n }\n\n keys.push(key)\n const value = query[key]\n\n if (typeof value === 'string') {\n serialized[key] = `${escapeURI(key)}=${escapeURI(value)}`\n } else if (Array.isArray(value)) {\n serialized[key] = value\n .slice(0)\n .sort()\n .reduce(\n (encoded: Array, value: string) =>\n encoded.concat([`${escapeURI(key)}=${escapeURI(value)}`]),\n []\n )\n .join('&')\n }\n }\n\n return keys\n .map((key) => serialized[key])\n .filter((serialized) => serialized)\n .join('&')\n }\n\n /**\n * Create the canonical form of the request's headers.\n * Canonical headers consist of all the HTTP headers you\n * are including with the signed request.\n *\n * @param param0 {HTTPRequest} The request to compute the canonical headers of.\n * @param unsignableHeaders {Set} The headers that should not be signed.\n * @param signableHeaders {Set} The headers that should be signed.\n * @returns {string} The canonical headers.\n */\n private computeCanonicalHeaders(\n { headers }: HTTPRequest,\n unsignableHeaders?: Set,\n signableHeaders?: Set\n ): HTTPHeaderBag {\n const canonicalHeaders: HTTPHeaderBag = {}\n\n for (const headerName of Object.keys(headers).sort()) {\n if (headers[headerName] == undefined) {\n continue\n }\n\n const canonicalHeaderName = headerName.toLowerCase()\n if (\n canonicalHeaderName in constants.ALWAYS_UNSIGNABLE_HEADERS ||\n unsignableHeaders?.has(canonicalHeaderName)\n ) {\n if (\n !signableHeaders ||\n (signableHeaders && !signableHeaders.has(canonicalHeaderName))\n ) {\n continue\n }\n }\n\n canonicalHeaders[canonicalHeaderName] = headers[headerName].trim().replace(/\\s+/g, ' ')\n }\n\n return canonicalHeaders\n }\n\n /**\n * Computes the SHA256 cryptographic hash of the request's body.\n *\n * If the headers contain the 'X-Amz-Content-Sha256' header, then\n * the value of that header is returned instead. This proves useful\n * when, for example, presiging a URL for S3, as the payload hash\n * must always be equal to 'UNSIGNED-PAYLOAD'.\n *\n * @param param0 {HTTPRequest} The request to compute the payload hash of.\n * @returns {string} The hex encoded SHA256 payload hash, or the value of the 'X-Amz-Content-Sha256' header.\n */\n private computePayloadHash({ headers, body }: HTTPRequest): string {\n // for (const headerName of Object.keys(headers)) {\n // // If the header is present, return its value.\n // // So that we let the 'UNSIGNED-PAYLOAD' value pass through.\n // if (headerName.toLowerCase() === constants.AMZ_CONTENT_SHA256_HEADER) {\n // return headers[headerName]\n // }\n // }\n\n if (headers[constants.AMZ_CONTENT_SHA256_HEADER]) {\n return headers[constants.AMZ_CONTENT_SHA256_HEADER]\n }\n\n if (body == undefined) {\n return constants.EMPTY_SHA256\n }\n\n if (typeof body === 'string' || isArrayBuffer(body)) {\n return crypto.sha256(body, 'hex').toLowerCase()\n }\n\n if (ArrayBuffer.isView(body)) {\n // If the request body is a typed array, we need to convert it to a buffer\n // so that we can calculate the checksum.\n return crypto.sha256((body as DataView).buffer, 'hex').toLowerCase()\n }\n\n return constants.UNSIGNED_PAYLOAD\n }\n\n /**\n * Moves a request's headers to its query parameters.\n *\n * The operation will ignore any amazon standard headers, prefixed\n * with 'X-Amz-'. It will also ignore any headers specified as unhoistable\n * by the options.\n *\n * The operation will delete the headers from the request.\n *\n * @param request {HTTPRequest} The request to move the headers from.\n * @param options\n * @returns {HTTPRequest} The request with the headers moved to the query parameters.\n */\n private moveHeadersToQuery(\n request: HTTPRequest,\n options: { unhoistableHeaders?: Set } = {}\n ): HTTPRequest & { query: QueryParameterBag } {\n const requestCopy = JSON.parse(JSON.stringify(request))\n const { headers, query = {} as QueryParameterBag } = requestCopy\n\n for (const name of Object.keys(headers)) {\n const lowerCaseName = name.toLowerCase()\n if (\n lowerCaseName.slice(0, 6) === 'x-amz-' &&\n !options.unhoistableHeaders?.has(lowerCaseName)\n ) {\n query[name] = headers[name]\n delete headers[name]\n }\n }\n\n return {\n ...requestCopy,\n headers,\n query,\n }\n }\n\n /**\n * Serializes a HTTPRequest's query parameter bag into a string.\n *\n * @param query {QueryParameterBag} The query parameters to serialize.\n * @param ignoreKeys {Set} The keys to ignore.\n * @returns {string} The serialized, and ready to use in a URL, query parameters.\n */\n private serializeQueryParameters(query: QueryParameterBag, ignoreKeys?: string[]): string {\n const keys: Array = []\n const serialized: Record = {}\n\n for (const key of Object.keys(query).sort()) {\n if (ignoreKeys?.includes(key.toLowerCase())) {\n continue\n }\n\n keys.push(key)\n const value = query[key]\n\n if (typeof value === 'string') {\n serialized[key] = `${escapeURI(key)}=${escapeURI(value)}`\n } else if (Array.isArray(value)) {\n serialized[key] = value\n .slice(0)\n .sort()\n .reduce(\n (encoded: Array, value: string) =>\n encoded.concat([`${escapeURI(key)}=${escapeURI(value)}`]),\n []\n )\n .join('&')\n }\n }\n\n return keys\n .map((key) => serialized[key])\n .filter((serialized) => serialized)\n .join('&')\n }\n}\n\n/**\n * Error indicating an Invalid signature has been sent to AWS services\n *\n * Inspired from AWS official error types, as\n * described in:\n * * https://aws.amazon.com/blogs/developer/service-error-handling-modular-aws-sdk-js/\n * * https://github.com/aws/aws-sdk-js/blob/master/lib/error.d.ts\n */\nexport class InvalidSignatureError extends AWSError {\n /**\n * Constructs an InvalidSignatureError\n *\n * @param {string} message - human readable error message\n */\n constructor(message: string, code?: string) {\n super(message, code)\n this.name = 'InvalidSignatureError'\n }\n}\n\nexport interface SignatureV4Options {\n /**\n * The name of the service to sign for.\n */\n service: string\n\n /**\n * The name of the region to sign for.\n */\n region: string\n\n /**\n * The credentials with which the request should be signed.\n */\n credentials: Credentials\n\n /**\n * Whether to uri-escape the request URI path as part of computing the\n * canonical request string. This is required for every AWS service, except\n * Amazon S3, as of late 2017.\n *\n * @default [true]\n */\n uriEscapePath?: boolean\n\n /**\n * Whether to calculate a checksum of the request body and include it as\n * either a request header (when signing) or as a query string parameter\n * (when presigning). This is required for AWS Glacier and Amazon S3 and optional for\n * every other AWS service as of late 2017.\n *\n * @default [true]\n */\n applyChecksum?: boolean\n}\n\nexport interface SignOptions {\n /**\n * The date and time to be used as signature metadata. This value should be\n * a Date object, a unix (epoch) timestamp, or a string that can be\n * understood by the JavaScript `Date` constructor.If not supplied, the\n * value returned by `new Date()` will be used.\n */\n signingDate?: Date\n\n /**\n * The service signing name. It will override the service name of the signer\n * in current invocation\n */\n signingService?: string\n\n /**\n * The region name to sign the request. It will override the signing region of the\n * signer in current invocation\n */\n signingRegion?: string\n}\n\nexport interface RequestSigningOptions extends SignOptions {\n /**\n * A set of strings whose members represents headers that cannot be signed.\n * All headers in the provided request will have their names converted to\n * lower case and then checked for existence in the unsignableHeaders set.\n */\n unsignableHeaders?: Set\n\n /**\n * A set of strings whose members represents headers that should be signed.\n * Any values passed here will override those provided via unsignableHeaders,\n * allowing them to be signed.\n *\n * All headers in the provided request will have their names converted to\n * lower case before signing.\n */\n signableHeaders?: Set\n}\n\nexport interface PresignOptions extends RequestSigningOptions {\n /**\n * The number of seconds before the presigned URL expires\n */\n expiresIn?: number\n\n /**\n * A set of strings whose representing headers that should not be hoisted\n * to presigned request's query string. If not supplied, the presigner\n * moves all the AWS-specific headers (starting with `x-amz-`) to the request\n * query string. If supplied, these headers remain in the presigned request's\n * header.\n * All headers in the provided request will have their names converted to\n * lower case and then checked for existence in the unhoistableHeaders set.\n */\n unhoistableHeaders?: Set\n}\n\nexport interface Credentials {\n /**\n * AWS access key ID\n */\n readonly accessKeyId: string\n\n /**\n * AWS secret access key\n */\n readonly secretAccessKey: string\n\n /**\n * A security or session token to use with these credentials. Usually\n * present for temporary credentials.\n */\n readonly sessionToken?: string\n}\n\nexport interface DateInfo {\n /**\n * ISO8601 formatted date string\n */\n longDate: string\n\n /**\n * String in the format YYYYMMDD\n */\n shortDate: string\n}\n\n/**\n * Escapes a URI following the AWS signature v4 escaping rules.\n *\n * @param URI {string} The URI to escape.\n * @returns {string} The escaped URI.\n */\nfunction escapeURI(URI: string): string {\n const hexEncode = (c: string): string => {\n return `%${c.charCodeAt(0).toString(16).toUpperCase()}`\n }\n\n return encodeURIComponent(URI).replace(/[!'()*]/g, hexEncode)\n}\n\n/**\n * formatDate formats a Date object into a ISO8601 formatted date string\n * and a string in the format YYYYMMDD.\n *\n * @param date {Date} The date to format.\n * @returns {DateInfo} The formatted date.\n */\nfunction formatDate(date: Date): DateInfo {\n const longDate = iso8601(date).replace(/[\\-:]/g, '')\n return {\n longDate,\n shortDate: longDate.slice(0, 8),\n }\n}\n\n/**\n * Formats a time into an ISO 8601 string.\n *\n * @see https://en.wikipedia.org/wiki/ISO_8601\n *\n * @param time {number | string | Date} The time to format.\n * @returns {string} The ISO 8601 formatted time.\n */\nfunction iso8601(time: number | string | Date): string {\n return toDate(time)\n .toISOString()\n .replace(/\\.\\d{3}Z$/, 'Z')\n}\n\n/**\n * Converts a time value into a Date object.\n *\n * @param time {number | string | Date} The time to convert.\n * @returns {Date} The resulting Date object.\n */\nfunction toDate(time: number | string | Date): Date {\n if (typeof time === 'number') {\n return new Date(time * 1000)\n }\n\n if (typeof time === 'string') {\n if (Number(time)) {\n return new Date(Number(time) * 1000)\n }\n\n return new Date(time)\n }\n\n return time\n}\n","/**\n * Type representing HTTP schemes\n */\nexport type HTTPScheme = 'http' | 'https'\n\n/**\n * Type representing HTTP Methods\n *\n */\nexport type HTTPMethod = 'GET' | 'POST' | 'PUT' | 'DELETE'\n\n/**\n * Type alias representing HTTP Headers\n */\nexport type HTTPHeaders = { [key: string]: string }\n\n/**\n * HTTPHeaderBag is a type alias representing HTTP Headers\n */\nexport type HTTPHeaderBag = Record\n\nexport function hasHeader(soughtHeader: string, headers: HTTPHeaderBag): boolean {\n soughtHeader = soughtHeader.toLowerCase()\n\n for (const headerName of Object.keys(headers)) {\n if (soughtHeader === headerName.toLowerCase()) {\n return true\n }\n }\n\n return false\n}\n\n/**\n * QueryParameterBag is a type alias representing HTTP Query Parameters\n */\nexport type QueryParameterBag = Record>\n\n/**\n * HTTPRequest represents an HTTP request\n */\nexport interface HTTPRequest {\n /**\n * The HTTP method to use\n */\n method: HTTPMethod\n\n /**\n * The protocol to use (http or https)\n */\n protocol: HTTPScheme\n\n /**\n * The hostname (domain name or IP address) the request targets\n */\n hostname: string\n\n /**\n * The port to the request targets\n */\n port?: number\n\n /**\n * The path to the resource\n */\n path: string\n\n /**\n * The query parameters to include in the request\n */\n query?: QueryParameterBag\n\n /**\n * The headers to include in the request\n */\n headers: HTTPHeaderBag\n\n /**\n * The body of the request\n */\n body?: string | ArrayBuffer | null\n}\n\n/**\n * SignedHTTPRequest represents an HTTP request that has been signed\n * with an AWS signature. It is a superset of HTTPRequest adding\n * the following fields:\n * - url: the fully qualified URL of the request that can be used in a k6 http.request.\n */\nexport interface SignedHTTPRequest extends HTTPRequest {\n url: string\n}\n","/**\n *\n * @param value\n * @returns\n */\nexport function isArrayBuffer(value: any): value is ArrayBuffer {\n return (\n typeof ArrayBuffer === 'function' &&\n (value instanceof ArrayBuffer ||\n Object.prototype.toString.call(value) === '[object ArrayBuffer]')\n )\n}\n\nexport function toFormUrlEncoded(form: any): string {\n return Object.keys(form).reduce((params, key) => {\n let value = form[key]\n if (value !== undefined && value !== null) {\n params.push(`${encodeURIComponent(key)}=${encodeURIComponent(value)}`)\n }\n return params;\n }, [] as string[]).join('&')\n}"],"names":["__webpack_require__","module","getter","__esModule","d","a","exports","definition","key","o","Object","defineProperty","enumerable","get","obj","prop","prototype","hasOwnProperty","call","Symbol","toStringTag","value","AMZ_ALGORITHM_QUERY_PARAM","AMZ_CREDENTIAL_QUERY_PARAM","AMZ_DATE_QUERY_PARAM","AMZ_EXPIRES_QUERY_PARAM","AMZ_SIGNATURE_QUERY_PARAM","AMZ_SIGNED_HEADERS_QUERY_PARAM","AMZ_TOKEN_QUERY_PARAM","AMZ_CONTENT_SHA256_HEADER","AMZ_DATE_HEADER","toLowerCase","AMZ_SIGNATURE_HEADER","AMZ_TOKEN_HEADER","AUTHORIZATION_HEADER","GENERATED_HEADERS","HOST_HEADER","ALWAYS_UNSIGNABLE_HEADERS","authorization","connection","expect","from","pragma","referer","te","trailer","upgrade","KEY_TYPE_IDENTIFIER","SIGNING_ALGORITHM_IDENTIFIER","UNSIGNED_PAYLOAD","AWSConfig","options","_classCallCheck","_defineProperty","region","InvalidAWSConfigError","concat","accessKeyId","length","secretAccessKey","this","undefined","sessionToken","scheme","endpoint","_createClass","__ENV","AWS_REGION","AWS_ACCESS_KEY_ID","AWS_SECRET_ACCESS_KEY","AWS_SESSION_TOKEN","_Error","_inherits","_super","_createSuper","message","_wrapNativeSuper","Error","require","AWSError","code","_this","_assertThisInitialized","name","xmlDocument","doc","parseHTML","find","text","SignatureV4","_ref","service","credentials","uriEscapePath","applyChecksum","request","arguments","finalOptions","_objectSpread","signingDate","Date","unsignableHeaders","Set","signableHeaders","_formatDate","formatDate","longDate","shortDate","signingService","signingRegion","scope","constants","headers","hostname","_i","_Object$keys","keys","headerName","indexOf","ArrayBuffer","isView","body","buffer","payloadHash","computePayloadHash","soughtHeader","hasHeader","canonicalHeaders","computeCanonicalHeaders","signature","calculateSignature","deriveSigningKey","createCanonicalRequest","sort","join","url","protocol","path","query","serializeQueryParameters","originalRequest","_options$signingDate","_options$expiresIn","expiresIn","unhoistableHeaders","_formatDate2","InvalidSignatureError","moveHeadersToQuery","toString","signingKey","canonicalRequest","sortedHeaders","sortedCanonicalHeaders","map","signedHeaders","method","computeCanonicalURI","computeCanonicalQuerystring","credentialScope","hashedCanonicalRequest","crypto","stringToSign","createStringToSign","kSecret","kDate","kRegion","kService","_ref2","_step","normalizedURISegments","_iterator","_createForOfIteratorHelper","split","s","n","done","URISegment","pop","push","err","e","f","leading","startsWith","URI","trailing","endsWith","normalizedURI","encodeURIComponent","replace","_ref3","_step2","_ref3$query","serialized","_loop","escapeURI","Array","isArray","slice","reduce","encoded","_iterator2","filter","_ref4","_step3","_iterator3","canonicalHeaderName","has","trim","_ref5","requestCopy","JSON","parse","stringify","_requestCopy$query","_i2","_Object$keys2","_options$unhoistableH","lowerCaseName","ignoreKeys","_step4","_loop2","includes","_iterator4","_AWSError","c","charCodeAt","toUpperCase","date","time","Number","toDate","toISOString"],"sourceRoot":""} \ No newline at end of file