Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(credential-providers): expose node.js default credential provide…
…r chain (#3588) * feat(credential-providers): expose node.js default credential provider chain * feat(credential-providers): address feedbacks * test(credential-providers): refactor unit test import statement * docs(credential-provider-node): mention fromNodeProviderChain in README
- Loading branch information
1 parent
91f13da
commit 51aaffc
Showing
14 changed files
with
201 additions
and
57 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
10 changes: 5 additions & 5 deletions
10
packages/credential-providers/src/fromCognitoIdentity.spec.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
10 changes: 5 additions & 5 deletions
10
packages/credential-providers/src/fromCognitoIdentityPool.spec.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
58 changes: 58 additions & 0 deletions
58
packages/credential-providers/src/fromNodeProviderChain.spec.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
import { getDefaultRoleAssumer, getDefaultRoleAssumerWithWebIdentity } from "@aws-sdk/client-sts"; | ||
import { defaultProvider } from "@aws-sdk/credential-provider-node"; | ||
|
||
import { fromNodeProviderChain } from "./fromNodeProviderChain"; | ||
|
||
const mockRoleAssumer = jest.fn().mockResolvedValue("ROLE_ASSUMER"); | ||
const mockRoleAssumerWithWebIdentity = jest.fn().mockResolvedValue("ROLE_ASSUMER_WITH_WEB_IDENTITY"); | ||
|
||
jest.mock("@aws-sdk/client-sts", () => ({ | ||
getDefaultRoleAssumer: jest.fn().mockImplementation(() => mockRoleAssumer), | ||
getDefaultRoleAssumerWithWebIdentity: jest.fn().mockImplementation(() => mockRoleAssumerWithWebIdentity), | ||
})); | ||
|
||
jest.mock("@aws-sdk/credential-provider-node", () => ({ | ||
defaultProvider: jest.fn(), | ||
})); | ||
|
||
describe(fromNodeProviderChain.name, () => { | ||
beforeEach(() => { | ||
jest.clearAllMocks(); | ||
}); | ||
|
||
it("should inject default role assumers", () => { | ||
const profile = "profile"; | ||
fromNodeProviderChain({ profile }); | ||
expect(defaultProvider).toBeCalledWith({ | ||
profile, | ||
roleAssumer: mockRoleAssumer, | ||
roleAssumerWithWebIdentity: mockRoleAssumerWithWebIdentity, | ||
}); | ||
expect(getDefaultRoleAssumer).toBeCalled(); | ||
expect(getDefaultRoleAssumerWithWebIdentity).toBeCalled(); | ||
}); | ||
|
||
it("should use supplied role assumers", () => { | ||
const profile = "profile"; | ||
const roleAssumer = jest.fn(); | ||
const roleAssumerWithWebIdentity = jest.fn(); | ||
fromNodeProviderChain({ profile, roleAssumer, roleAssumerWithWebIdentity }); | ||
expect(defaultProvider).toBeCalledWith({ | ||
profile, | ||
roleAssumer, | ||
roleAssumerWithWebIdentity, | ||
}); | ||
expect(getDefaultRoleAssumer).not.toBeCalled(); | ||
expect(getDefaultRoleAssumerWithWebIdentity).not.toBeCalled(); | ||
}); | ||
|
||
it("should use supplied sts options", () => { | ||
const profile = "profile"; | ||
const clientConfig = { | ||
region: "US_BAR_1", | ||
}; | ||
fromNodeProviderChain({ profile, clientConfig }); | ||
expect(getDefaultRoleAssumer).toBeCalledWith(clientConfig); | ||
expect(getDefaultRoleAssumerWithWebIdentity).toBeCalledWith(clientConfig); | ||
}); | ||
}); |
37 changes: 37 additions & 0 deletions
37
packages/credential-providers/src/fromNodeProviderChain.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
import { getDefaultRoleAssumer, getDefaultRoleAssumerWithWebIdentity, STSClientConfig } from "@aws-sdk/client-sts"; | ||
import { defaultProvider, DefaultProviderInit } from "@aws-sdk/credential-provider-node"; | ||
import { CredentialProvider } from "@aws-sdk/types"; | ||
|
||
export interface fromNodeProviderChainInit extends DefaultProviderInit { | ||
clientConfig?: STSClientConfig; | ||
} | ||
|
||
/** | ||
* This is the same credential provider as {@link defaultProvider|the default provider for Node.js SDK}, | ||
* but with default role assumers so you don't need to import them from | ||
* STS client and supply them manually. | ||
* | ||
* You normally don't need to use this explicitly in the client constructor. | ||
* It is useful for utility functions requiring credentials like S3 presigner, | ||
* or RDS signer. | ||
* | ||
* ```js | ||
* import { fromNodeProviderChain } from "@aws-sdk/credential-providers"; // ES6 import | ||
* // const { fromNodeProviderChain } = require("@aws-sdk/credential-providers") // CommonJS import | ||
* | ||
* const credentialProvider = fromNodeProviderChain({ | ||
* //...any input of fromEnv(), fromSSO(), fromTokenFile(), fromIni(), | ||
* // fromProcess(), fromInstanceMetadata(), fromContainerMetadata() | ||
* | ||
* // Optional. Custom STS client configurations overriding the default ones. | ||
* clientConfig: { region }, | ||
* }) | ||
* ``` | ||
*/ | ||
export const fromNodeProviderChain = (init: fromNodeProviderChainInit = {}): CredentialProvider => | ||
defaultProvider({ | ||
...init, | ||
roleAssumer: init.roleAssumer ?? getDefaultRoleAssumer(init.clientConfig), | ||
roleAssumerWithWebIdentity: | ||
init.roleAssumerWithWebIdentity ?? getDefaultRoleAssumerWithWebIdentity(init.clientConfig), | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.