Skip to content

Commit

Permalink
fix(client-sts): pass parent logger & requestHandler to STS (#5801)
Browse files Browse the repository at this point in the history
  • Loading branch information
kuhe authored Feb 15, 2024
1 parent 1cbf57b commit c8e0047
Show file tree
Hide file tree
Showing 5 changed files with 94 additions and 15 deletions.
23 changes: 16 additions & 7 deletions clients/client-sts/src/defaultStsRoleAssumers.ts
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@
// Please do not touch this file. It's generated from template in:
// https://github.com/aws/aws-sdk-js-v3/blob/main/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultStsRoleAssumers.ts
import type { CredentialProviderOptions } from "@aws-sdk/types";
import { partition } from "@aws-sdk/util-endpoints";
import { AwsCredentialIdentity, Logger, Provider } from "@smithy/types";

import { AssumeRoleCommand, AssumeRoleCommandInput } from "./commands/AssumeRoleCommand";
Expand Down Expand Up @@ -66,18 +65,23 @@ export const getDefaultRoleAssumer = (
return async (sourceCreds, params) => {
closureSourceCreds = sourceCreds;
if (!stsClient) {
const { logger, region, requestHandler, credentialProviderLogger } = stsOptions;
const {
logger = stsOptions?.parentClientConfig?.logger,
region,
requestHandler = stsOptions?.parentClientConfig?.requestHandler,
credentialProviderLogger,
} = stsOptions;
const resolvedRegion = await resolveRegion(
region,
stsOptions?.parentClientConfig?.region,
credentialProviderLogger
);
stsClient = new stsClientCtor({
logger,
// A hack to make sts client uses the credential in current closure.
credentialDefaultProvider: () => async () => closureSourceCreds,
region: resolvedRegion,
...(requestHandler ? { requestHandler } : {}),
requestHandler: requestHandler as any,
logger: logger as any,
});
}
const { Credentials } = await stsClient.send(new AssumeRoleCommand(params));
Expand Down Expand Up @@ -113,16 +117,21 @@ export const getDefaultRoleAssumerWithWebIdentity = (
let stsClient: STSClient;
return async (params) => {
if (!stsClient) {
const { logger, region, requestHandler, credentialProviderLogger } = stsOptions;
const {
logger = stsOptions?.parentClientConfig?.logger,
region,
requestHandler = stsOptions?.parentClientConfig?.requestHandler,
credentialProviderLogger,
} = stsOptions;
const resolvedRegion = await resolveRegion(
region,
stsOptions?.parentClientConfig?.region,
credentialProviderLogger
);
stsClient = new stsClientCtor({
logger,
region: resolvedRegion,
...(requestHandler ? { requestHandler } : {}),
requestHandler: requestHandler as any,
logger: logger as any,
});
}
const { Credentials } = await stsClient.send(new AssumeRoleWithWebIdentityCommand(params));
Expand Down
30 changes: 30 additions & 0 deletions clients/client-sts/test/defaultRoleAssumers.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,36 @@ describe("getDefaultRoleAssumer", () => {
region,
logger,
requestHandler: handler,
parentClientConfig: {
region: "some-other-region",
logger: null,
requestHandler: null,
},
});
const params: AssumeRoleCommandInput = {
RoleArn: "arn:aws:foo",
RoleSessionName: "session",
};
const sourceCred = { accessKeyId: "key", secretAccessKey: "secrete" };
await roleAssumer(sourceCred, params);
expect(mockConstructorInput).toHaveBeenCalledTimes(1);
expect(mockConstructorInput.mock.calls[0][0]).toMatchObject({
logger,
requestHandler: handler,
region,
});
});

it("should use the parent client config", async () => {
const logger = console;
const region = "some-region";
const handler = new NodeHttpHandler();
const roleAssumer = getDefaultRoleAssumer({
parentClientConfig: {
region,
logger,
requestHandler: handler,
},
});
const params: AssumeRoleCommandInput = {
RoleArn: "arn:aws:foo",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,36 @@ describe("getDefaultRoleAssumer", () => {
region,
logger,
requestHandler: handler,
parentClientConfig: {
region: "some-other-region",
logger: null,
requestHandler: null,
},
});
const params: AssumeRoleCommandInput = {
RoleArn: "arn:aws:foo",
RoleSessionName: "session",
};
const sourceCred = { accessKeyId: "key", secretAccessKey: "secrete" };
await roleAssumer(sourceCred, params);
expect(mockConstructorInput).toHaveBeenCalledTimes(1);
expect(mockConstructorInput.mock.calls[0][0]).toMatchObject({
logger,
requestHandler: handler,
region,
});
});

it("should use the parent client config", async () => {
const logger = console;
const region = "some-region";
const handler = new NodeHttpHandler();
const roleAssumer = getDefaultRoleAssumer({
parentClientConfig: {
region,
logger,
requestHandler: handler,
},
});
const params: AssumeRoleCommandInput = {
RoleArn: "arn:aws:foo",
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
import type { CredentialProviderOptions } from "@aws-sdk/types";
import { partition } from "@aws-sdk/util-endpoints";
import { AwsCredentialIdentity, Logger, Provider } from "@smithy/types";

import { AssumeRoleCommand, AssumeRoleCommandInput } from "./commands/AssumeRoleCommand";
Expand Down Expand Up @@ -63,18 +62,23 @@ export const getDefaultRoleAssumer = (
return async (sourceCreds, params) => {
closureSourceCreds = sourceCreds;
if (!stsClient) {
const { logger, region, requestHandler, credentialProviderLogger } = stsOptions;
const {
logger = stsOptions?.parentClientConfig?.logger,
region,
requestHandler = stsOptions?.parentClientConfig?.requestHandler,
credentialProviderLogger,
} = stsOptions;
const resolvedRegion = await resolveRegion(
region,
stsOptions?.parentClientConfig?.region,
credentialProviderLogger
);
stsClient = new stsClientCtor({
logger,
// A hack to make sts client uses the credential in current closure.
credentialDefaultProvider: () => async () => closureSourceCreds,
region: resolvedRegion,
...(requestHandler ? { requestHandler } : {}),
requestHandler: requestHandler as any,
logger: logger as any,
});
}
const { Credentials } = await stsClient.send(new AssumeRoleCommand(params));
Expand Down Expand Up @@ -110,16 +114,21 @@ export const getDefaultRoleAssumerWithWebIdentity = (
let stsClient: STSClient;
return async (params) => {
if (!stsClient) {
const { logger, region, requestHandler, credentialProviderLogger } = stsOptions;
const {
logger = stsOptions?.parentClientConfig?.logger,
region,
requestHandler = stsOptions?.parentClientConfig?.requestHandler,
credentialProviderLogger,
} = stsOptions;
const resolvedRegion = await resolveRegion(
region,
stsOptions?.parentClientConfig?.region,
credentialProviderLogger
);
stsClient = new stsClientCtor({
logger,
region: resolvedRegion,
...(requestHandler ? { requestHandler } : {}),
requestHandler: requestHandler as any,
logger: logger as any,
});
}
const { Credentials } = await stsClient.send(new AssumeRoleWithWebIdentityCommand(params));
Expand Down
3 changes: 2 additions & 1 deletion packages/types/src/credentials.ts
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { Logger } from "@smithy/types";
import { Logger, RequestHandler } from "@smithy/types";

import { AwsCredentialIdentity } from "./identity";
import { Provider } from "./util";
Expand Down Expand Up @@ -48,5 +48,6 @@ export type CredentialProviderOptions = {
*/
parentClientConfig?: {
region?: string | Provider<string>;
[key: string]: unknown;
};
};

0 comments on commit c8e0047

Please sign in to comment.