fix(credential-provider-sso): address README feedbacks

Co-authored-by: Trivikram Kamat <[email protected]>
aws · Feb 25, 2021 · 848bd1b · 848bd1b
1 parent d1db835
commit 848bd1b
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 21 deletions.
diff --git a/packages/credential-provider-node/src/index.spec.ts b/packages/credential-provider-node/src/index.spec.ts
@@ -469,7 +469,7 @@ describe("defaultProvider", () => {
       expect((fromInstanceMetadata() as any).mock.calls.length).toBe(0);
     });
 
-    it("should on consult SSO provider if the profile environment variable has been set", async () => {
+    it("should only consult SSO provider if the profile environment variable has been set", async () => {
       const creds = {
         accessKeyId: "foo",
         secretAccessKey: "bar",

diff --git a/packages/credential-provider-sso/README.md b/packages/credential-provider-sso/README.md
@@ -3,29 +3,29 @@
 [![NPM version](https://img.shields.io/npm/v/@aws-sdk/credential-provider-sso/latest.svg)](https://www.npmjs.com/package/@aws-sdk/credential-provider-sso)
 [![NPM downloads](https://img.shields.io/npm/dm/@aws-sdk/credential-provider-sso.svg)](https://www.npmjs.com/package/@aws-sdk/credential-provider-sso)
 
-## AWS Credential Provider for Node.JS - AWS Single Sign-On(SSO)
+## AWS Credential Provider for Node.js - AWS Single Sign-On (SSO)
 
 This module provides a function, `fromSSO` that will create `CredentialProvider`
 functions that read from [AWS SDKs and Tools shared configuration and credentials files](https://docs.aws.amazon.com/credref/latest/refdocs/creds-config-files.html)(Profile appears
 in the credentials file will be given precedence over the profile found in the
 config file). This provider will load the _resolved_ access token on local disk,
 and then request temporary AWS credentials. For the guidance over AWS Single
-Sign-On service, please refer to [the service document](https://aws.amazon.com/single-sign-on/)
+Sign-On service, please refer to [the service document](https://aws.amazon.com/single-sign-on/).
 
 ## Supported configuration
 
 You may customize how credentials are resolved by providing an options hash to
 the `fromSSO` factory function. The following options are supported:
 
 - `profile` - The configuration profile to use. If not specified, the provider
-  will use the value in the `AWS_PROFILE` environment variable or a default of
-  `default`.
+  will use the value in the `AWS_PROFILE` environment variable or `default` by
+  default.
 - `filepath` - The path to the shared credentials file. If not specified, the
   provider will use the value in the `AWS_SHARED_CREDENTIALS_FILE` environment
-  variable or a default of `~/.aws/credentials`.
+  variable or `~/.aws/credentials` by default.
 - `configFilepath` - The path to the shared config file. If not specified, the
-  provider will use the value in the `AWS_CONFIG_FILE` environment variable or a
-  default of `~/.aws/config`.
+  provider will use the value in the `AWS_CONFIG_FILE` environment variable or
+  `~/.aws/config` by default.
 - `ssoClient` - The SSO Client that used to request AWS credentials with the SSO
   access token. If not specified, a default SSO client will be created with the
   region specified in the profile `sso_region` entry.
@@ -36,11 +36,13 @@ This credential provider relies on [AWS CLI](https://docs.aws.amazon.com/cli/lat
 to login to an AWS SSO session. Here's a brief walk-through:
 
 1. Create a new AWS SSO enabled profile using AWS CLI. It will ask you to login
-   to your AWS organization and prompt for the name of the profile, let's
-   say `my-sso-profile`:
+   to your AWS SSO account and prompt for the name of the profile:
 
 ```console
 aws configure sso
+...
+...
+CLI profile name [123456789011_ReadOnly]: my-sso-profile<ENTER>
 ```
 
 2. Configure you SDK client with the SSO credential provider:
@@ -52,7 +54,7 @@ import { fromSSO } from "@aws-sdk/credential-provider-sso"; // ES6 example
 const client = new FooClient({ credentials: fromSSO({ profile: "my-sso-profile" });
 ```
 
-Alternatively, the SSO credential provider supported in default Node.js credential
+Alternatively, the SSO credential provider is supported in default Node.js credential
 provider:
 
 ```javascript
@@ -62,10 +64,11 @@ import { defaultProvider } from "@aws-sdk/credential-provider-node"; // ES6 exam
 const client = new FooClient({ credentials: defaultProvider({ profile: "my-sso-profile" });
 ```
 
-3. To log out from the current SSO session, with AWS CLI:
+3. To log out from the current SSO session, use AWS CLI:
 
 ```console
-aws sso logout
+$ aws sso logout
+Successfully signed out of all SSO profiles.
 ```
 
 ## Sample files

diff --git a/packages/credential-provider-sso/src/index.ts b/packages/credential-provider-sso/src/index.ts
@@ -8,7 +8,7 @@ import { readFileSync } from "fs";
 import { join } from "path";
 
 /**
- * The time window(15 mins) that SDK will treat the SSO token expired before the defined expiration date in token.
+ * The time window (15 mins) that SDK will treat the SSO token expires in before the defined expiration date in token.
  * This is needed because server side may have invalidated the token before the defined expiration date.
  *
  * @internal
@@ -53,11 +53,11 @@ const resolveSSOCredentials = async (
   }
   const { sso_start_url: startUrl, sso_account_id: accountId, sso_region: region, sso_role_name: roleName } = profile;
   if (!startUrl && !accountId && !region && !roleName) {
-    throw new ProviderError(`Profile ${profileName} is not configured with SSO credential`);
+    throw new ProviderError(`Profile ${profileName} is not configured with SSO credentials.`);
   }
   if (!startUrl || !accountId || !region || !roleName) {
     throw new ProviderError(
-      `Profile ${profileName} is not a valid SSO credential. Required parameters "sso_account_id", "sso_region", ` +
+      `Profile ${profileName} does not have valid SSO credentials. Required parameters "sso_account_id", "sso_region", ` +
         `"sso_role_name", "sso_start_url". Reference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html`,
       SHOULD_FAIL_CREDENTIAL_CHAIN
     );
@@ -68,10 +68,8 @@ const resolveSSOCredentials = async (
   let token: SSOToken;
   try {
     token = JSON.parse(readFileSync(tokenFile, { encoding: "utf-8" }));
-    // console.log("tokenFile", token);
-    // console.log("now", new Date().toISOString());
     if (new Date(token.expiresAt).getTime() - Date.now() <= EXPIRE_WINDOW_MS) {
-      throw new Error("Token is expired");
+      throw new Error("SSO token is expired.");
     }
   } catch (e) {
     throw new ProviderError(

diff --git a/packages/property-provider/src/ProviderError.spec.ts b/packages/property-provider/src/ProviderError.spec.ts
@@ -12,10 +12,10 @@ describe("ProviderError", () => {
   describe("from()", () => {
     it("should create ProviderError from existing error", () => {
       const error = new Error("PANIC");
-      //@ts-expect-error
+      // @ts-expect-error Property 'someValue' does not exist on type 'Error'.
       error.someValue = "foo";
       const providerError = ProviderError.from(error);
-      //@ts-expect-error
+      // @ts-expect-error Property 'someValue' does not exist on type 'ProviderError'.
       expect(providerError.someValue).toBe("foo");
       expect(providerError.tryNextLink).toBe(true);
     });