///
import { AxiosInstance } from 'axios';
import type { CookieJar } from 'tough-cookie';
import { Debugger } from 'debug';
import { OutgoingHttpHeaders } from 'http';
import { Stream } from 'stream';
/**
* Checks for at least one of two elements being defined.
*
* @param a - the first object
* @param b - the second object
* @returns true if a or b is defined; false if both are undefined
*/
export declare function atLeastOne(a: any, b: any): boolean;
/**
* Verifies that both properties are not specified.
*
* @param a - The first object
* @param b - The second object
*
* @returns false if a and b are both defined, true otherwise
*/
export declare function atMostOne(a: any, b: any): boolean;
/**
* The request object containing the headers property that
* authentication information will be added to.
*/
declare interface AuthenticateOptions {
/**
* Headers to augment with authentication information.
*/
headers?: OutgoingHttpHeaders;
[propName: string]: any;
}
/**
* Base Authenticator class for other Authenticators to extend. Not intended
* to be used as a stand-alone authenticator.
*/
export declare class Authenticator implements AuthenticatorInterface {
/**
* Constants that define the various authenticator types.
*/
static AUTHTYPE_BASIC: string;
static AUTHTYPE_BEARERTOKEN: string;
static AUTHTYPE_IAM: string;
static AUTHTYPE_CONTAINER: string;
static AUTHTYPE_CP4D: string;
static AUTHTYPE_NOAUTH: string;
static AUTHTYPE_VPC: string;
static AUTHTYPE_MCSP: string;
static AUTHTYPE_UNKNOWN: string;
/**
* Create a new Authenticator instance.
*
* @throws Error: the "new" keyword was not used to construct the authenticator.
*/
constructor();
/**
* Augment the request with authentication information.
*
* @param requestOptions - The request to augment with authentication information.
* @throws Error: The authenticate method was not implemented by a subclass.
*/
authenticate(requestOptions: AuthenticateOptions): Promise;
/**
* Retrieves the authenticator's type.
* The returned value will be the same string that is used
* when configuring an instance of the authenticator with the
* \_AUTH_TYPE configuration property
* (e.g. "basic", "iam", etc.).
* This function should be overridden in each authenticator
* implementation class that extends this class.
*
* @returns a string that indicates the authenticator's type
*/
authenticationType(): string;
}
/**
* This interface defines the common methods associated with an Authenticator
* implementation.
*/
export declare interface AuthenticatorInterface {
/**
* Add authentication information to the specified request.
*
* @param requestOptions - The request to which authentication information is added
* (in the headers field).
*/
authenticate(requestOptions: AuthenticateOptions): Promise;
/**
* Returns a string that indicates the authentication type.
*/
authenticationType(): string;
}
/** Configuration options for token-based authentication. */
declare type BaseOptions = {
/** Headers to be sent with every outbound HTTP requests to token services. */
headers?: OutgoingHttpHeaders;
/**
* A flag that indicates whether verification of the token server's SSL
* certificate should be disabled or not.
*/
disableSslVerification?: boolean;
/** Endpoint for HTTP token requests. */
url?: string;
/** Allow additional request config parameters */
[propName: string]: any;
};
/**
* Common functionality shared by generated service classes.
*
* The base service authenticates requests via its authenticator, and sends
* them to the service endpoint.
*/
export declare class BaseService {
static DEFAULT_SERVICE_URL: string;
static DEFAULT_SERVICE_NAME: string;
protected baseOptions: BaseServiceOptions;
private authenticator;
private requestWrapperInstance;
private defaultUserAgent;
/**
* Configuration values for a service.
*
* @param userOptions - the configuration options to set on the service instance.
* This should be an object with the following fields:
* - authenticator: (required) an Object used to authenticate requests to the service.
* - serviceUrl: (optional) the base url to use when contacting the service.
* The base url may differ between IBM Cloud regions.
* - headers: (optional) a set of HTTP headers that should be included with every request sent to the service
* - disableSslVerification: (optional) a flag that indicates whether verification of the server's SSL certificate should be
* disabled or not.
*/
constructor(userOptions: UserOptions);
/**
* Get the instance of the authenticator set on the service.
*
* @returns the Authenticator instance
*/
getAuthenticator(): any;
/**
* Set the service URL to send requests to.
*
* @param url - the base URL for the service.
*/
setServiceUrl(url: string): void;
/**
* Set the HTTP headers to be sent in every request.
*
* @param headers - the map of headers to include in requests.
*/
setDefaultHeaders(headers: OutgoingHttpHeaders): void;
/**
* Turn request body compression on or off.
*
* @param setting - Will turn it on if 'true', off if 'false'.
*/
setEnableGzipCompression(setting: boolean): void;
/**
* Get the Axios instance set on the service.
* All requests will be made using this instance.
*/
getHttpClient(): AxiosInstance;
/**
* Enable retries for unfulfilled requests.
*
* @param retryOptions - the configuration for retries
*/
enableRetries(retryOptions?: RetryOptions): void;
/**
* Disables retries.
*/
disableRetries(): void;
/**
* Applies a given modifier function on a model object.
* Since the model object can be a map, or an array, or a model,
* these types needs different handling.
* Considering whether the input object is a map happens with an explicit parameter.
* @param input - the input model object
* @param converterFn - the function that is applied on the input object
* @param isMap - is `true` when the input object should be handled as a map
*/
static convertModel(input: any, converterFn: any, isMap?: boolean): any;
/**
* Configure the service using external configuration
*
* @param serviceName - the name of the service. This will be used to read from external
* configuration.
*/
protected configureService(serviceName: string): void;
/**
* Wrapper around `sendRequest` that enforces the request will be authenticated.
*
* @param parameters - Service request options passed in by user.
* This should be an object with the following fields:
* - options.method: the http method
* - options.url: the path portion of the URL to be appended to the serviceUrl
* - options.path: the path parameters to be inserted into the URL
* - options.qs: the querystring to be included in the URL
* - options.body: the data to be sent as the request body
* - options.form: an object containing the key/value pairs for a www-form-urlencoded request.
* - options.formData: an object containing the contents for a multipart/form-data request
* The following processing is performed on formData values:
* - string: no special processing -- the value is sent as is
* - object: the value is converted to a JSON string before insertion into the form body
* - NodeJS.ReadableStream|Buffer|FileWithMetadata: sent as a file, with any associated metadata
* - array: each element of the array is sent as a separate form part using any special processing as described above
* - defaultOptions.serviceUrl: the base URL of the service
* - defaultOptions.headers: additional HTTP headers to be sent with the request
* @returns a Promise
*/
protected createRequest(parameters: any): Promise;
/**
* Wrapper around `createRequest` that enforces arrived response to be deserialized.
* @param parameters - see `parameters` in `createRequest`
* @param deserializerFn - the deserializer function that is applied on the response object
* @param isMap - is `true` when the response object should be handled as a map
* @returns a Promise
*/
protected createRequestAndDeserializeResponse(parameters: any, deserializerFn: (any: any) => any, isMap?: boolean): Promise;
private readOptionsFromExternalConfig;
private static convertArray;
private static convertMap;
}
/**
* Additional service configuration.
*/
declare interface BaseServiceOptions extends UserOptions {
/** Querystring to be sent with every request. If not a string will be stringified. */
qs?: any;
enableRetries?: boolean;
maxRetries?: number;
retryInterval?: number;
}
/**
* The BasicAuthenticator is used to add basic authentication information to
* requests.
*
* Basic Authorization will be sent as an Authorization header in the form:
*
* Authorization: Basic \
*
*/
export declare class BasicAuthenticator extends Authenticator {
protected requiredOptions: string[];
protected authHeader: {
Authorization: string;
};
/**
* Create a new BasicAuthenticator instance.
*
* @param options - Configuration options for basic authentication.
* This should be an object containing these fields:
* - username: the username portion of basic authentication
* - password: the password portion of basic authentication
*
* @throws Error: the configuration options are not valid.
*/
constructor(options: Options);
/**
* Add basic authentication information to `requestOptions`. The basic authentication information
* will be set in the Authorization property of `requestOptions.headers` in the form:
*
* Authorization: Basic \
*
* @param requestOptions - The request to augment with authentication information.
*/
authenticate(requestOptions: AuthenticateOptions): Promise;
/**
* Returns the authenticator's type ('basic').
*
* @returns a string that indicates the authenticator's type
*/
authenticationType(): string;
}
/**
* The BearerTokenAuthenticator will set a user-provided bearer token
* in requests.
*
* The bearer token will be sent as an Authorization header in the form:
*
* Authorization: Bearer \
*/
export declare class BearerTokenAuthenticator extends Authenticator {
protected requiredOptions: string[];
private bearerToken;
/**
* Create a new BearerTokenAuthenticator instance.
*
* @param options - Configuration options for bearer authentication.
* This should be an object containing the "bearerToken" field.
*
* @throws Error: the options.bearerToken field is not valid, or unspecified
*/
constructor(options: Options_2);
/**
* Set a new bearer token to be sent in subsequent requests.
*
* @param bearerToken - The bearer token that will be sent in service
* requests.
*/
setBearerToken(bearerToken: string): void;
/**
* Add a bearer token to `requestOptions`. The bearer token information
* will be set in the Authorization property of "requestOptions.headers" in the form:
*
* Authorization: Bearer \
*
* @param requestOptions - The request to augment with authentication information.
*/
authenticate(requestOptions: AuthenticateOptions): Promise;
/**
* Returns the authenticator's type ('bearertoken').
*
* @returns a string that indicates the authenticator's type
*/
authenticationType(): string;
}
/**
* This function builds a `form-data` object for each file parameter.
* @param fileParam - The FileWithMetadata instance that contains the file information
* @returns the FileObject instance
*/
export declare function buildRequestFileObject(fileParam: FileWithMetadata): Promise;
/**
* Checks credentials for common user mistakes of copying \{, \}, or \" characters from the documentation
*
* @param obj - the options object holding credentials
* @param credsToCheck - an array containing the keys of the credentials to check for problems
* @returns a string with the error message if there were problems, null if not
*/
export declare function checkCredentials(obj: any, credsToCheck: string[]): Error | null;
/**
* This method simply ensures that the method executed without any issues by extracting
* the argument from the mock object for the `createRequest` method and verifying that it is an object.
*
* @param createRequestMock - the jest mock object for the `createRequest` method in the `RequestWrapper` class
*/
declare function checkForSuccessfulExecution(createRequestMock: any): void;
/**
* Takes the mock object for the `createRequest` method, extracts the headers that were sent with the call,
* and checks for the expected values for `Accept` and `Content-Type`. This to verify that the SDK sets
* the correct values in the code.
*
* @param createRequestMock - the jest mock object for the `createRequest` method in the `RequestWrapper` class
* @param accept - the expected value for the `Accept` header
* @param contentType - the expected value for the `Content-Type` header
*/
declare function checkMediaHeaders(createRequestMock: any, accept: string, contentType: string): void;
/**
* (C) Copyright IBM Corp. 2019, 2022.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* This module provides a set of helper methods used to reduce code duplication in the generated unit tests
* for the SDKs that depend on this core package. Note that these methods are not used by the tests for this
* package - they are meant to be exported and made available to dependent libraries.
*/
/**
* Takes the request options constructed by the SDK and checks that the `url` and `method` properties
* were set to their correct values.
*
* @param options - the options object put together by the SDK, retrieved from the createRequest mock
* @param url - The URL path of the service endpoint, from the paths section of the API definition
* @param method - The HTTP method for the request, from the API definition
*/
declare function checkUrlAndMethod(options: any, url: string, method: any): void;
/**
* Takes the mock object for the `createRequest` method, extracts the headers that were sent with the call,
* and checks for the expected value for a user-defined header. This is verify that the SDK accepts header
* parameters and sends them as headers in the request.
*
* @param createRequestMock - the jest mock object for the `createRequest` method in the `RequestWrapper` class
* @param userHeaderName - the name of the header passed by the user, e.g. `Contained-Content-Type`
* @param userHeaderValue - the expected value for the header passed by the user
*/
declare function checkUserHeader(createRequestMock: any, userHeaderName: string, userHeaderValue: string): void;
/**
* The CloudPakForDataAuthenticator will either use a username/password pair or a username/apikey pair to obtain
* a bearer token from a token server. When the bearer token expires, a new token is obtained from the token server.
*
* The bearer token will be sent as an Authorization header in the form:
*
* Authorization: Bearer \
*/
export declare class CloudPakForDataAuthenticator extends TokenRequestBasedAuthenticator {
protected requiredOptions: string[];
protected tokenManager: Cp4dTokenManager;
private username;
private password;
private apikey;
/**
* Create a new CloudPakForDataAuthenticator instance.
*
* @param options - Configuration options for CloudPakForData authentication.
* This should be an object containing these fields:
* - url: (required) the endpoint URL for the CloudPakForData token service
* - username: (required) the username used to obtain a bearer token
* - password: (optional) the password used to obtain a bearer token (required if apikey is not specified)
* - apikey: (optional) the API key used to obtain a bearer token (required if password is not specified)
* - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
* should be disabled or not
* - headers: (optional) a set of HTTP headers to be sent with each request to the token service
*
* @throws Error: the username, password, and/or url are not valid, or unspecified, for Cloud Pak For Data token requests.
*/
constructor(options: Options_4);
/**
* Returns the authenticator's type ('cp4d').
*
* @returns a string that indicates the authenticator's type
*/
authenticationType(): string;
}
/**
* (C) Copyright IBM Corp. 2019, 2022.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* Compute and return a Basic Authorization header from a username and password.
*
* @param username - The username or client id
* @param password - The password or client secret
* @returns a Basic Auth header with format "Basic "
*/
export declare function computeBasicAuthHeader(username: string, password: string): string;
export declare function constructFilepath(filepath: string): string;
/**
* Constructs a service URL by formatting a parameterized URL.
*
* @param parameterizedUrl - a URL that contains variable placeholders, e.g. '\{scheme\}://ibm.com'.
* @param defaultUrlVariables - a Map of variable names to default values.
* Each variable in the parameterized URL must have a default value specified in this map.
* @param providedUrlVariables - a Map of variable names to desired values.
* If a variable is not provided in this map, the default variable value will be used instead.
* @returns the formatted URL with all variable placeholders replaced by values.
*/
export declare function constructServiceUrl(parameterizedUrl: string, defaultUrlVariables: Map, providedUrlVariables: Map | null): string;
/**
* The ContainerAuthenticator will read a compute resource token from the file system
* and use this value to obtain a bearer token from the IAM token server. When the bearer
* token expires, a new token is obtained from the token server.
*
* The bearer token will be sent as an Authorization header in the form:
*
* Authorization: Bearer \
*/
export declare class ContainerAuthenticator extends IamRequestBasedAuthenticator {
protected tokenManager: ContainerTokenManager;
private crTokenFilename;
private iamProfileName;
private iamProfileId;
/**
*
* Create a new ContainerAuthenticator instance.
*
* @param options - Configuration options for IAM authentication.
* This should be an object containing these fields:
* - url: (optional) the endpoint URL for the token service
* - crTokenFilename: (optional) the file containing the compute resource token
* - iamProfileName: (optional) the name of the IAM trusted profile associated with the compute resource token (required if iamProfileId is not specified)
* - iamProfileId]: (optional) the ID of the IAM trusted profile associated with the compute resource token (required if iamProfileName is not specified)
* - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
* should be disabled or not
* - headers: (optional) a set of HTTP headers to be sent with each request to the token service
* - clientId: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
* Authorization header to be included in each request to the token service
* - clientSecret: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
* Authorization header to be included in each request to the token service
* - scope: (optional) the "scope" parameter to use when fetching the bearer token from the token service
*
* @throws Error: the configuration options are not valid.
*/
constructor(options: Options_8);
/**
* Setter for the filename of the compute resource token.
* @param crTokenFilename - A string containing a path to the CR token file
*/
setCrTokenFilename(crTokenFilename: string): void;
/**
* Setter for the "profile_name" parameter to use when fetching the bearer token from the IAM token server.
* @param iamProfileName - the name of the IAM trusted profile
*/
setIamProfileName(iamProfileName: string): void;
/**
* Setter for the "profile_id" parameter to use when fetching the bearer token from the IAM token server.
* @param iamProfileId - the ID of the IAM trusted profile
*/
setIamProfileId(iamProfileId: string): void;
/**
* Returns the authenticator's type ('container').
*
* @returns a string that indicates the authenticator's type
*/
authenticationType(): string;
}
/**
* The ContainerTokenManager retrieves a compute resource token from a file on the container. This token
* is used to perform the necessary interactions with the IAM token service to obtain and store a suitable
* bearer (access) token.
*/
export declare class ContainerTokenManager extends IamRequestBasedTokenManager {
private crTokenFilename;
private iamProfileName;
private iamProfileId;
/**
*
* Create a new ContainerTokenManager instance.
*
* @param options - Configuration options.
* This should be an object containing these fields:
* - url: (optional) the endpoint URL for the token service (default: "https://iam.cloud.ibm.com")
* - crTokenFilename: (optional) the file containing the compute resource token (default: "/var/run/secrets/tokens/vault-token")
* - iamProfileName: (optional) the name of the IAM trusted profile associated with the compute resource token (required if iamProfileId is not specified)
* - iamProfileId]: (optional) the ID of the IAM trusted profile associated with the compute resource token (required if iamProfileName is not specified)
* - headers: (optional) a set of HTTP headers to be sent with each request to the token service
* - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
* should be disabled or not
* - clientId: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
* Authorization header to be included in each request to the token service
* - clientSecret: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
* Authorization header to be included in each request to the token service
*
* @throws Error: the configuration options were invalid
*/
constructor(options: Options_7);
/**
* Sets the "crTokenFilename" field
* @param crTokenFilename - the name of the file containing the CR token
*/
setCrTokenFilename(crTokenFilename: string): void;
/**
* Sets the name of the IAM trusted profile to use when obtaining an access token from the IAM token server.
* @param iamProfileName - the name of the IAM trusted profile
*/
setIamProfileName(iamProfileName: string): void;
/**
* Sets the ID of the IAM trusted profile to use when obtaining an access token from the IAM token server.
* @param iamProfileId - the ID of the IAM trusted profile
*/
setIamProfileId(iamProfileId: string): void;
/**
* Request an IAM token using a compute resource token.
*/
protected requestToken(): Promise;
/**
* Retrieves the CR token from a file using this search order:
* 1. User-specified filename (if specified)
* 2. Default file #1 (/var/run/secrets/tokens/vault-token)
* 3. Default file #2 (/var/run/secrets/tokens/sa-token)
* First one found wins.
*
* @returns the CR token value as a string
*/
protected getCrToken(): string;
}
export declare const contentType: {
fromFilename: (file: String | File | FileObject | NodeJS.ReadableStream | Buffer) => string;
fromHeader: (buffer: Buffer) => string;
};
/**
* Token Manager of CloudPak for data.
*
* The Token Manager performs basic auth with a username and password
* to acquire CP4D tokens.
*/
export declare class Cp4dTokenManager extends JwtTokenManager {
protected requiredOptions: string[];
private username;
private password;
private apikey;
/**
* Create a new Cp4dTokenManager instance.
*
* @param options - Configuration options
* This should be an object containing these fields:
* - url: (required) the endpoint URL for the CloudPakForData token service
* - username: (required) the username used to obtain a bearer token
* - password: (optional) the password used to obtain a bearer token (required if apikey is not specified)
* - apikey: (optional) the API key used to obtain a bearer token (required if password is not specified)
* - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
* should be disabled or not
* - headers: (optional) a set of HTTP headers to be sent with each request to the token service
*
* @throws Error: the configuration options were invalid.
*/
constructor(options: Options_3);
protected requestToken(): Promise;
}
/**
* This method simply ensures that the SDK methods return Promises by checking for
* the `then` function - common way to assess whether or not an object is a Promise.
*
* @param sdkPromise - the Promise returned by an SDK method
*/
declare function expectToBePromise(sdkPromise: any): void;
export declare function fileExistsAtPath(filepath: string): boolean;
/**
* (C) Copyright IBM Corp. 2014, 2023.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
///
export declare interface FileObject {
value: NodeJS.ReadableStream | Buffer | string;
options?: FileOptions;
}
export declare interface FileOptions {
filename?: string;
contentType?: string;
}
export declare interface FileStream extends NodeJS.ReadableStream {
path: string | Buffer;
}
export declare interface FileWithMetadata {
data: NodeJS.ReadableStream | Buffer;
filename: string;
contentType: string;
}
/**
* Look for external configuration of authenticator.
*
* Try to get authenticator from external sources, with the following priority:
* 1. Credentials file (ibm-credentials.env)
* 2. Environment variables
* 3. VCAP Services (Cloud Foundry)
*
* @param serviceName - the service name prefix.
*
*/
export declare function getAuthenticatorFromEnvironment(serviceName: string): Authenticator;
/**
* This function retrieves the content type of the input.
* @param inputData - The data to retrieve content type for.
* @returns the content type of the input.
*/
export declare function getContentType(inputData: NodeJS.ReadableStream | Buffer): Promise;
/**
* Gets the current time.
*
* @returns the current time in seconds.
*/
export declare function getCurrentTime(): number;
/**
* Returns the first match from formats that is key the params map
* otherwise null
* @param params - The parameters.
* @param requires - The keys we want to check
*/
export declare function getFormat(params: {
[key: string]: any;
}, formats: string[]): string;
/**
* Validates that all required params are provided
* @param params - the method parameters.
* @param requires - the required parameter names.
* @returns null if no errors found, otherwise an Error instance
*/
export declare function getMissingParams(params: {
[key: string]: any;
}, requires: string[]): null | Error;
/**
* Return a new logger, formatted with a particular name. The logging functions, in
* order of increasing verbosity, are: `error`, `warn`, `info`, `verbose`, and `debug`.
*
* The logger will be an instance of the `debug` package and utilizes its support for
* configuration with environment variables.
*
* Additionally, the logger will be turned on automatically if the "NODE_DEBUG"
* environment variable is set to "axios".
*
* @param moduleName - the namespace for the logger. The name will appear in
* the logs and it will be the name used for configuring the log level.
*
* @returns the new logger
*/
export declare function getNewLogger(moduleName: string): SDKLogger;
/**
* This method extracts the `options` property from the object passed into `createRequest`. This property is
* an object containing all of the SDK method-specific information (like `path` and `body`) used to build a request.
* This method is just a convenience method for the unit tests to be able to make assertions on the items in the request.
*
* @param createRequestMock - the jest mock object for the `createRequest` method in the `RequestWrapper` class
* @returns Object
*/
declare function getOptions(createRequestMock: any): any;
/**
* Return a query parameter value from a URL
*
* @param urlStr - the url string.
* @param param - the name of the query parameter whose value should be returned
* @returns the value of the "param" query parameter
*/
export declare function getQueryParam(urlStr: string, param: string): string;
/**
* The IamAuthenticator will use the user-supplied `apikey`
* value to obtain a bearer token from a token server. When the bearer token
* expires, a new token is obtained from the token server. If specified, the
* optional, mutually inclusive "clientId" and "clientSecret" pair can be used to
* influence rate-limiting for requests to the IAM token server.
*
* The bearer token will be sent as an Authorization header in the form:
*
* Authorization: Bearer \
*/
export declare class IamAuthenticator extends IamRequestBasedAuthenticator {
protected requiredOptions: string[];
protected tokenManager: IamTokenManager;
private apikey;
/**
*
* Create a new IamAuthenticator instance.
*
* @param options - Configuration options for IAM authentication.
* This should be an object containing these fields:
* - url: (optional) the endpoint URL for the token service
* - apikey: (required) the IAM api key
* - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
* should be disabled or not
* - headers: (optional) a set of HTTP headers to be sent with each request to the token service
* - clientId: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
* Authorization header to be included in each request to the token service
* - clientSecret: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
* Authorization header to be included in each request to the token service
* - scope: (optional) the "scope" parameter to use when fetching the bearer token from the token service
*
* @throws Error: the configuration options are not valid.
*/
constructor(options: Options_6);
/**
* Returns the authenticator's type ('iam').
*
* @returns a string that indicates the authenticator's type
*/
authenticationType(): string;
}
/**
* The IamRequestBasedAuthenticator provides shared configuration and functionality
* for authenticators that interact with the IAM token service. This authenticator
* is not meant for use on its own.
*/
export declare class IamRequestBasedAuthenticator extends TokenRequestBasedAuthenticator {
protected tokenManager: IamRequestBasedTokenManager;
protected clientId: string;
protected clientSecret: string;
protected scope: string;
/**
*
* Create a new IamRequestBasedAuthenticator instance.
*
* @param options - Configuration options for IAM authentication.
* This should be an object containing these fields:
* - url: (optional) the endpoint URL for the token service
* - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
* should be disabled or not
* - headers: (optional) a set of HTTP headers to be sent with each request to the token service
* - clientId: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
* Authorization header to be included in each request to the token service
* - clientSecret: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
* Authorization header to be included in each request to the token service
* - scope: (optional) the "scope" parameter to use when fetching the bearer token from the token service
*
* @throws Error: the configuration options are not valid.
*/
constructor(options: IamRequestOptions_2);
/**
* Setter for the mutually inclusive "clientId" and the "clientSecret" fields.
* @param clientId - the "clientId" value used to form a Basic Authorization header for IAM token requests
* @param clientSecret - the "clientSecret" value used to form a Basic Authorization header for IAM token requests
*/
setClientIdAndSecret(clientId: string, clientSecret: string): void;
/**
* Setter for the "scope" parameter to use when fetching the bearer token from the IAM token server.
* @param scope - (optional) a space-separated string that specifies one or more scopes to be
* associated with IAM token requests
*/
setScope(scope: string): void;
/**
* Return the most recently stored refresh token.
*
* @returns the refresh token string
*/
getRefreshToken(): string;
}
/**
* The IamRequestBasedTokenManager class contains code relevant to any token manager that
* interacts with the IAM service to manage a token. It stores information relevant to all
* IAM requests, such as the client ID and secret, and performs the token request with a set
* of request options common to any IAM token management scheme. It is intended that this
* class be extended with specific implementations.
*/
export declare class IamRequestBasedTokenManager extends JwtTokenManager {
private clientId;
private clientSecret;
private scope;
protected refreshToken: string;
protected formData: any;
/**
*
* Create a new IamRequestBasedTokenManager instance.
*
* @param options - Configuration options.
* This should be an object containing these fields:
* - url: (optional) the endpoint URL for the token service (default value: "https://iam.cloud.ibm.com")
* - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
* should be disabled or not
* - headers: (optional) a set of HTTP headers to be sent with each request to the token service
* - clientId: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
* Authorization header to be included in each request to the token service
* - clientSecret: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
* Authorization header to be included in each request to the token service
* - scope: (optional) the "scope" parameter to use when fetching the bearer token from the token service
*
* @throws Error: the configuration options are not valid.
*/
constructor(options: IamRequestOptions);
/**
* Sets the IAM "scope" value.
* This value is sent as the "scope" form parameter within the request sent to the IAM token service.
*
* @param scope - a space-separated string that contains one or more scope names
*/
setScope(scope: string): void;
/**
* Sets the IAM "clientId" and "clientSecret" values.
* These values are used to compute the Authorization header used
* when retrieving the IAM access token.
* If these values are not set, no Authorization header will be
* set on the request (it is not required).
*
* @param clientId - the client id.
* @param clientSecret - the client secret.
*/
setClientIdAndSecret(clientId: string, clientSecret: string): void;
/**
* Returns the most recently stored refresh token.
*
* @returns the refresh token
*/
getRefreshToken(): string;
/**
* Extend this method from the parent class to extract the refresh token from
* the request and save it.
*
* @param tokenResponse - the response object from JWT service request
*/
protected saveTokenInfo(tokenResponse: any): void;
/**
* Request an IAM access token using an API key.
*
* @returns Promise
*/
protected requestToken(): Promise;
/**
* Returns true iff the currently-cached IAM access token is expired.
* We'll consider an access token as expired when we reach its IAM server-reported
* expiration time minus our expiration window (10 secs).
* We do this to avoid using an access token that might expire in the middle of a long-running
* transaction within an IBM Cloud service.
*
* @returns true if the token has expired, false otherwise
*/
protected isTokenExpired(): boolean;
}
/** Configuration options for IAM token retrieval. */
export declare interface IamRequestOptions extends JwtTokenManagerOptions {
clientId?: string;
clientSecret?: string;
scope?: string;
}
/** Configuration options for IAM Request based authentication. */
declare interface IamRequestOptions_2 extends BaseOptions {
/**
* The `clientId` and `clientSecret` fields are used to form a "basic"
* authorization header for IAM token requests.
*/
clientId?: string;
/**
* The `clientId` and `clientSecret` fields are used to form a "basic"
* authorization header for IAM token requests.
*/
clientSecret?: string;
/**
* The "scope" parameter to use when fetching the bearer token from the IAM token server.
*/
scope?: string;
}
/**
* The IAMTokenManager takes an api key and performs the necessary interactions with
* the IAM token service to obtain and store a suitable bearer token. Additionally, the IAMTokenManager
* will retrieve bearer tokens via basic auth using a supplied "clientId" and "clientSecret" pair.
*/
export declare class IamTokenManager extends IamRequestBasedTokenManager {
protected requiredOptions: string[];
private apikey;
/**
*
* Create a new IamTokenManager instance.
*
* @param options - Configuration options.
* This should be an object containing these fields:
* - url: (optional) the endpoint URL for the IAM token service (default value: "https://iam.cloud.ibm.com")
* - apikey: (required) the IAM api key
* - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
* should be disabled or not
* - headers: (optional) a set of HTTP headers to be sent with each request to the token service
* - clientId: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
* Authorization header to be included in each request to the token service
* - clientSecret: (optional) the "clientId" and "clientSecret" fields are used to form a Basic
* Authorization header to be included in each request to the token service
* - scope: (optional) the "scope" parameter to use when fetching the bearer token from the token service
*
* @throws Error: the configuration options are not valid.
*/
constructor(options: Options_5);
}
export declare function isEmptyObject(obj: any): boolean;
export declare function isFileData(obj: any): obj is NodeJS.ReadableStream | Buffer;
export declare function isFileWithMetadata(obj: any): obj is FileWithMetadata;
/**
* Return true if 'text' is html
* @param text - The 'text' to analyze
* @returns true if 'text' has html tags
*/
export declare function isHTML(text: string): boolean;
/**
* Returns true if and only if "mimeType" is a "JSON-like" mime type
* (e.g. "application/json; charset=utf-8").
* @param mimeType - the mimeType string
* @returns true if "mimeType" represents a JSON media type and false otherwise
*/
export declare function isJsonMimeType(mimeType: string): boolean;
/**
* A class for shared functionality for parsing, storing, and requesting
* JWT tokens. Intended to be used as a parent to be extended for token
* request management. Child classes should implement `requestToken()`
* to retrieve the bearer token from intended sources.
*/
export declare class JwtTokenManager extends TokenManager {
protected tokenName: string;
protected tokenInfo: any;
/**
* Create a new JwtTokenManager instance.
*
* @param options - Configuration options.
* This should be an object containing these fields:
* - url: (optional) the endpoint URL for the token service
* - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
* should be disabled or not
* - headers: (optional) a set of HTTP headers to be sent with each request to the token service
*/
constructor(options: JwtTokenManagerOptions);
/**
* Request a JWT using an API key.
*
* @returns Promise
*/
protected requestToken(): Promise;
/**
* Save the JWT service response and the calculated expiration time to the object's state.
*
* @param tokenResponse - the response object from JWT service request
*/
protected saveTokenInfo(tokenResponse: any): void;
}
/** Configuration options for JWT token retrieval. */
export declare type JwtTokenManagerOptions = TokenManagerOptions;
/**
* The McspAuthenticator uses an apikey to obtain an access token from the MCSP token server.
* When the access token expires, a new access token is obtained from the token server.
* The access token will be added to outbound requests via the Authorization header
* of the form: "Authorization: Bearer "
*/
export declare class McspAuthenticator extends TokenRequestBasedAuthenticator {
protected requiredOptions: string[];
protected tokenManager: McspTokenManager;
private apikey;
/**
* Create a new McspAuthenticator instance.
*
* @param options - Configuration options for CloudPakForData authentication.
* This should be an object containing these fields:
* - url: (required) the endpoint URL for the CloudPakForData token service
* - username: (required) the username used to obtain a bearer token
* - password: (optional) the password used to obtain a bearer token (required if apikey is not specified)
* - apikey: (optional) the API key used to obtain a bearer token (required if password is not specified)
* - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
* should be disabled or not
* - headers: (optional) a set of HTTP headers to be sent with each request to the token service
*
* @throws Error: the username, password, and/or url are not valid, or unspecified, for Cloud Pak For Data token requests.
*/
constructor(options: Options_12);
/**
* Returns the authenticator's type ('cp4d').
*
* @returns a string that indicates the authenticator's type
*/
authenticationType(): string;
}
/**
* Token Manager for Multi-Cloud Saas Platform (MCSP) authenticator.
*
* The Token Manager will invoke the MCSP token service's 'POST /siusermgr/api/1.0/apikeys/token'
* operation to obtain an MCSP access token for a user-supplied apikey.
*/
export declare class McspTokenManager extends JwtTokenManager {
protected requiredOptions: string[];
private apikey;
/**
* Create a new McspTokenManager instance.
*
* @param options - Configuration options
* This should be an object containing these fields:
* - url: (required) the base endpoint URL for the MCSP token service
* - apikey: (required) the API key used to obtain the MCSP access token.
* - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
* should be disabled or not
* - headers: (optional) a set of HTTP headers to be sent with each request to the token service
*
* @throws Error: the configuration options were invalid.
*/
constructor(options: Options_11);
protected requestToken(): Promise;
}
/**
* NoAuthAuthenticator is a placeholder authenticator implementation which
* performs no authentication of outgoing REST API requests. It might be
* useful during development and testing.
*/
export declare class NoAuthAuthenticator extends Authenticator {
authenticate(requestOptions: AuthenticateOptions): Promise;
/**
* Returns the authenticator's type ('noauth').
*
* @returns a string that indicates the authenticator's type
*/
authenticationType(): string;
}
/**
* Checks for only one of two elements being defined.
* Returns true if a is defined and b is undefined,
* or vice versa. Returns false if both are defined
* or both are undefined.
*
* @param a - The first object
* @param b - The second object
* @returns true if and only if exactly one of a or b is defined
*/
export declare function onlyOne(a: any, b: any): boolean;
/** Configuration options for basic authentication. */
declare type Options = {
/** The username to be used in basic authorization. */
username: string;
/** The password to be used in basic authorization. */
password: string;
};
/** Configuration options for VpcInstance authentication. */
declare interface Options_10 extends BaseOptions {
/** The CRN of the linked trusted IAM profile to be used as the identity of the compute resource */
iamProfileCrn?: string;
/** The ID of the linked trusted IAM profile to be used when obtaining the IAM access token */
iamProfileId?: string;
}
/**
* Configuration options for MCSP token retrieval.
*/
declare interface Options_11 extends JwtTokenManagerOptions {
/** The API key used to obtain an access token. */
apikey: string;
/** The base endpoint URL for MCSP token requests. */
url: string;
}
/** Configuration options for Multi-Cloud Saas Platform (MCSP) authentication. */
declare interface Options_12 extends BaseOptions {
/** The API key used to obtain an MCSP access token. */
apikey: string;
/** The URL representing the MCSP token service endpoint. */
url: string;
}
/** Configuration options for bearer authentication. */
declare type Options_2 = {
/** The bearer token to be added to requests. */
bearerToken: string;
};
/** Configuration options for CP4D token retrieval. */
declare interface Options_3 extends JwtTokenManagerOptions {
/** The endpoint for CP4D token requests. */
url: string;
/** The username used to obtain a bearer token. */
username: string;
/** The password used to obtain a bearer token [required if apikey not specified]. */
password?: string;
/** The API key used to obtain a bearer token [required if password not specified]. */
apikey?: string;
}
/** Configuration options for CloudPakForData authentication. */
declare interface Options_4 extends BaseOptions {
/** The username used to obtain a bearer token. */
username: string;
/** The password used to obtain a bearer token [required if apikey not specified]. */
password?: string;
/** The API key used to obtain a bearer token [required if password not specified]. */
apikey?: string;
/** The URL representing the Cloud Pak for Data token service endpoint. */
url: string;
}
/** Configuration options for IAM token retrieval. */
declare interface Options_5 extends IamRequestOptions {
apikey: string;
}
/** Configuration options for IAM authentication. */
declare interface Options_6 extends IamRequestOptions_2 {
/** The IAM api key */
apikey: string;
}
/** Configuration options for IAM token retrieval. */
declare interface Options_7 extends IamRequestOptions {
crTokenFilename?: string;
iamProfileName?: string;
iamProfileId?: string;
}
/** Configuration options for IAM authentication. */
declare interface Options_8 extends IamRequestOptions_2 {
/** The file containing the compute resource token. */
crTokenFilename?: string;
/** The IAM profile name associated with the compute resource token. */
iamProfileName?: string;
/** The IAM profile ID associated with the compute resource token. */
iamProfileId?: string;
}
/** Configuration options for VPC token retrieval. */
declare interface Options_9 extends JwtTokenManagerOptions {
/** The CRN of the linked trusted IAM profile to be used as the identity of the compute resource */
iamProfileCrn?: string;
/** The ID of the linked trusted IAM profile to be used when obtaining the IAM access token */
iamProfileId?: string;
}
/**
* (C) Copyright IBM Corp. 2019, 2022.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
export declare const qs: {
stringify: (queryParams: Object) => string;
};
/**
* Copyright 2021, 2024 IBM Corp. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* Return a config object based on a credentials file. Credentials files can
* be specified filepath via the environment variable: `IBM_CREDENTIALS_FILE`.
*/
export declare function readCredentialsFile(): any;
export declare function readCrTokenFile(filepath: string): string;
/**
* Read properties stored in external sources like Environment Variables,
* the credentials file, VCAP services, etc. and return them as an
* object. The keys of this object will have the service name prefix removed
* and will be converted to lower camel case.
*
* Only one source will be used at a time.
*
* @param serviceName - the service name prefix
*/
export declare function readExternalSources(serviceName: string): any;
/**
* Removes a given suffix if it exists.
*
* @param str - the base string to operate on
* @param suffix - the suffix to remove, if present
*
* @returns the substring of "str" that remains after the suffix is removed
*/
export declare function removeSuffix(str: string, suffix: string): string;
declare class RequestWrapper {
private axiosInstance;
private compressRequestData;
private retryInterceptorId;
private raxConfig;
constructor(axiosOptions?: any);
setCompressRequestData(setting: boolean): void;
/**
* Creates the request.
* 1. Merge default options with user provided options
* 2. Checks for missing parameters
* 3. Encode path and query parameters
* 4. Call the api
* @returns ReadableStream|undefined
* @throws Error
*/
sendRequest(parameters: any): Promise;
/**
* Format error returned by axios
* @param axiosError - the object returned by axios via rejection
* @returns the Error object
*/
formatError(axiosError: any): Error;
getHttpClient(): AxiosInstance;
private static getRaxConfig;
enableRetries(retryOptions?: RetryOptions): void;
disableRetries(): void;
private gzipRequestBody;
}
/**
* Retry configuration options.
*/
declare interface RetryOptions {
/**
* Maximum retries to attempt.
*/
maxRetries?: number;
/**
* Ceiling for the retry delay (in seconds) - delay will not exceed this value.
*/
maxRetryInterval?: number;
}
export declare interface SDKLogger {
error: Debugger;
warn: Debugger;
info: Debugger;
verbose: Debugger;
debug: Debugger;
}
/**
* Helper method that can be bound to a stream - it captures all of the results, and returns a promise that resolves to the final buffer
* or array of text chunks
* Essentially a smaller version of concat-stream wrapped in a promise
*
* @param stream - optional stream param for when not bound to an existing stream instance.
* @returns Promise
*/
export declare function streamToPromise(stream: Stream): Promise;
/**
* Strips trailing slashes from "url", if present.
* @param url - the url string
* @returns the url with any trailing slashes removed
*/
export declare function stripTrailingSlash(url: string): string;
/**
* A class for shared functionality for storing, and requesting tokens.
* Intended to be used as a parent to be extended for token request management.
* Child classes should implement "requestToken()" to retrieve the token
* from intended sources and "saveTokenInfo(tokenResponse)" to parse and save
* token information from the response.
*/
export declare class TokenManager {
protected url: string;
protected userAgent: string;
protected disableSslVerification: boolean;
protected headers: OutgoingHttpHeaders;
protected requestWrapperInstance: RequestWrapper;
protected accessToken: string;
protected expireTime: number;
protected refreshTime: number;
private requestTime;
private pendingRequests;
/**
* Create a new TokenManager instance.
*
* @param options - Configuration options.
* This should be an object containing these fields:
* - url: (optional) the endpoint URL for the token service
* - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
* should be disabled or not
* - headers: (optional) a set of HTTP headers to be sent with each request to the token service
*/
constructor(options: TokenManagerOptions);
/**
* Retrieves a new token using "requestToken()" if there is not a
* currently stored token from a previous call, or the previous token
* has expired.
*/
getToken(): Promise;
/**
* Sets the "disableSslVerification" property.
*
* @param value - the new value for the disableSslVerification property
*/
setDisableSslVerification(value: boolean): void;
/**
* Sets the headers to be included with each outbound request to the token server.
*
* @param headers - the set of headers to send with each request to the token server
*/
setHeaders(headers: OutgoingHttpHeaders): void;
/**
* Paces requests to requestToken().
*
* This method pseudo-serializes requests for an access_token
* when the current token is undefined or expired.
* The first caller to this method records its `requestTime` and
* then issues the token request. Subsequent callers will check the
* `requestTime` to see if a request is active (has been issued within
* the past 60 seconds), and if so will queue their promise for the
* active requestor to resolve when that request completes.
*/
protected pacedRequestToken(): Promise;
/**
* Request a token using an API endpoint.
*
* @returns Promise
*/
protected requestToken(): Promise;
/**
* Parse and save token information from the response.
* Save the requested token into field `accessToken`.
* Calculate expiration and refresh time from the received info
* and store them in fields `expireTime` and `refreshTime`.
*
* @param tokenResponse - the response object from a token service request
*/
protected saveTokenInfo(tokenResponse: any): void;
/**
* Checks if currently-stored token is expired
*/
protected isTokenExpired(): boolean;
/**
* Checks if currently-stored token should be refreshed
* i.e. past the window to request a new token
*/
private tokenNeedsRefresh;
}
/** Configuration options for token retrieval. */
export declare type TokenManagerOptions = {
/** The endpoint for token requests. */
url?: string;
/** Headers to be sent with every service token request. */
headers?: OutgoingHttpHeaders;
/**
* A flag that indicates whether verification of
* the server's SSL certificate should be disabled or not.
*/
disableSslVerification?: boolean;
/** Allow additional request config parameters */
[propName: string]: any;
};
/**
* Class for common functionality shared by token-request authenticators.
* TokenRequestBasedAuthenticators use token managers to retrieve, store,
* and refresh tokens. Not intended to be used as stand-alone authenticator,
* but as base class to authenticators that have their own token manager
* implementations.
*
* The token will be added as an Authorization header in the form:
*
* Authorization: Bearer \
*/
export declare class TokenRequestBasedAuthenticator extends Authenticator {
protected tokenManager: JwtTokenManager;
protected url: string;
protected headers: OutgoingHttpHeaders;
protected disableSslVerification: boolean;
/**
* Create a new TokenRequestBasedAuthenticator instance with an internal JwtTokenManager.
*
* @param options - Configuration options.
* This should be an object containing these fields:
* - url: (optional) the endpoint URL for the token service
* - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
* should be disabled or not
* - headers: (optional) a set of HTTP headers to be sent with each request to the token service
*/
constructor(options: BaseOptions);
/**
* Set the flag that indicates whether verification of the server's SSL
* certificate should be disabled or not.
*
* @param value - a flag that indicates whether verification of the
* token server's SSL certificate should be disabled or not.
*/
setDisableSslVerification(value: boolean): void;
/**
* Set headers.
*
* @param headers - a set of HTTP headers to be sent with each outbound token server request.
* Overwrites previous default headers.
*/
setHeaders(headers: OutgoingHttpHeaders): void;
/**
* Adds bearer token information to "requestOptions". The bearer token information
* will be set in the Authorization property of "requestOptions.headers" in the form:
*
* Authorization: Bearer \
*
* @param requestOptions - The request to augment with authentication information.
*/
authenticate(requestOptions: AuthenticateOptions): Promise;
}
/**
* This function converts an object's keys to lower case.
* note: does not convert nested keys
* @param obj - The object to convert the keys of.
* @returns the object with keys folded to lowercase
*/
export declare function toLowerKeys(obj: Object): Object;
declare namespace unitTestUtils {
export {
checkUrlAndMethod,
checkMediaHeaders,
checkUserHeader,
checkForSuccessfulExecution,
getOptions,
expectToBePromise
}
}
export { unitTestUtils }
/**
* Configuration values for a service.
*/
export declare interface UserOptions {
/** The Authenticator object used to authenticate requests to the service */
authenticator?: AuthenticatorInterface;
/** The base url to use when contacting the service. The base url may differ between IBM Cloud regions. */
serviceUrl?: string;
/** Default headers that shall be included with every request to the service. */
headers?: OutgoingHttpHeaders;
/** The API version date to use with the service, in "YYYY-MM-DD" format. */
version?: string;
/** Set to `true` to allow unauthorized requests - not recommended for production use. */
disableSslVerification?: boolean;
/** Set your own cookie jar object */
jar?: CookieJar | boolean;
/** Deprecated. Use `serviceUrl` instead. */
url?: string;
/** Allow additional request config parameters */
[propName: string]: any;
}
/**
* Validates "options".
* @param options - a configuration options object
* @param requiredOptions - the list of properties that must be present in "options"
*
* @throws Error: "options" failed validation
*/
export declare function validateInput(options: any, requiredOptions: string[]): void;
/**
* Validates that "params" contains a value for each key listed in "requiredParams",
* and that each key contained in "params" is a valid key listed in "allParams".
* In essence, we want params to contain only valid keys and we want params
* to contain at least the required keys.
*
* @param params - the "params" object passed into an operation containing method parameters.
* @param requiredParams - the names of required parameters.
* If null, then the "required params" check is bypassed.
* @param allParams - the names of all valid parameters.
* If null, then the "valid params" check is bypassed.
* @returns null if no errors found, otherwise an Error instance
*/
export declare function validateParams(params: {
[key: string]: any;
}, requiredParams: string[], allParams: string[]): null | Error;
/**
* The VpcInstanceAuthenticator implements an authentication scheme in which it retrieves an "instance identity token"
* and exchanges that for an IAM access token using the VPC Instance Metadata Service API which is available on the local
* compute resource (VM). The instance identity token is similar to an IAM apikey, except that it is managed automatically
* by the compute resource provider (VPC).
*
* The resulting IAM access token is then added to outbound requests in an Authorization header
*
* Authorization: Bearer \
*/
export declare class VpcInstanceAuthenticator extends TokenRequestBasedAuthenticator {
protected tokenManager: VpcInstanceTokenManager;
private iamProfileCrn;
private iamProfileId;
/**
* Create a new VpcInstanceAuthenticator instance.
*
* @param options - Configuration options for VpcInstance authentication.
* This should be an object containing these fields:
* - url: (optional) the endpoint URL for the VPC Instance Metadata Service (default value: "http://169.254.169.254")
* - iamProfileCrn: (optional) the CRN of the linked IAM trusted profile to be used to obtain the IAM access token
* - iamProfileId: (optional) the ID of the linked IAM trusted profile to be used to obtain the IAM access token
*
* @remarks
* At most one of "iamProfileCrn" or "iamProfileId" may be specified. If neither one is specified,
* then the default IAM profile defined for the compute resource will be used.
*/
constructor(options: Options_10);
/**
* Sets the "iamProfileCrn" value to be used when obtaining an IAM access token
* @param iamProfileCrn - the CRN of the linked IAM trusted profile to use when obtaining an IAM access token
*/
setIamProfileCrn(iamProfileCrn: string): void;
/**
* Sets the "iamProfileId" value to be used when obtaining an IAM access token
* @param iamProfileId - the ID of the linked IAM trusted profile to use when obtaining an IAM access token
*/
setIamProfileId(iamProfileId: string): void;
/**
* Returns the authenticator's type ('vpc').
*
* @returns a string that indicates the authenticator's type
*/
authenticationType(): string;
}
/**
* Token Manager for VPC Instance Authentication.
*/
export declare class VpcInstanceTokenManager extends JwtTokenManager {
private iamProfileCrn;
private iamProfileId;
/**
* Create a new VpcInstanceTokenManager instance.
*
* @param options - Configuration options.
* This should be an object containing these fields:
* - url: (optional) the endpoint URL for the VPC Instance Metadata Service (default value: "http://169.254.169.254")
* - iamProfileCrn: (optional) the CRN of the linked IAM trusted profile to be used to obtain the IAM access token
* - iamProfileId: (optional) the ID of the linked IAM trusted profile to be used to obtain the IAM access token
*
* @remarks
* At most one of "iamProfileCrn" or "iamProfileId" may be specified. If neither one is specified,
* then the default IAM profile defined for the compute resource will be used.
*/
constructor(options: Options_9);
/**
* Sets the CRN of the IAM trusted profile to use when fetching the access token from the IAM token server.
* @param iamProfileCrn - the CRN of the IAM trusted profile
*/
setIamProfileCrn(iamProfileCrn: string): void;
/**
* Sets the Id of the IAM trusted profile to use when fetching the access token from the IAM token server.
* @param iamProfileId - the ID of the IAM trusted profile
*/
setIamProfileId(iamProfileId: string): void;
protected requestToken(): Promise;
private getInstanceIdentityToken;
/**
* Returns true iff the currently-cached IAM access token is expired.
* We'll consider an access token as expired when we reach its IAM server-reported
* expiration time minus our expiration window (10 secs).
* We do this to avoid using an access token that might expire in the middle of a long-running
* transaction within an IBM Cloud service.
*
* @returns true if the token has expired, false otherwise
*/
protected isTokenExpired(): boolean;
}
export { }