From 4da2f6553cf488897c0ec10cce063bd3168b726f Mon Sep 17 00:00:00 2001
From: Rico Hermans <rix0rrr@gmail.com>
Date: Fri, 27 Dec 2024 15:50:48 +0100
Subject: [PATCH] fix(cli): cli still fails for some plugins returning
 `expiration: null` (#32668)

There is one more location where we need to convert `null` into `undefined` if a plugin provider returns `expiration: null`. The SDKv3 code base also expects this value to be `undefined | Date`, just like our own code does; when the plugin returns `null` we pass the value over to the SDKv3 which then does a `getTime()` on the value, and then it crashes.

Issue this fix as a patch, so that we can unblock users of a commonly used plugin at Amazon.

This is a PR targeting `v2-release`, picking exactly one line from #32111. After merging this we can patch-release.


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
---
 packages/aws-cdk/lib/api/aws-auth/credential-plugins.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/aws-cdk/lib/api/aws-auth/credential-plugins.ts b/packages/aws-cdk/lib/api/aws-auth/credential-plugins.ts
index b2047bd3fbbfb..8737f1eed2096 100644
--- a/packages/aws-cdk/lib/api/aws-auth/credential-plugins.ts
+++ b/packages/aws-cdk/lib/api/aws-auth/credential-plugins.ts
@@ -140,7 +140,7 @@ function v3ProviderFromV2Credentials(x: SDKv2CompatibleCredentials): AwsCredenti
       accessKeyId: x.accessKeyId,
       secretAccessKey: x.secretAccessKey,
       sessionToken: x.sessionToken,
-      expiration: x.expireTime,
+      expiration: x.expireTime ?? undefined,
     };
   };
 }