Permalink
Browse files

Invalidate credentials when expired error is encountered

Closes #80
  • Loading branch information...
1 parent f6a6289 commit 4d3cf03a4bfa482207d8593ccb5991086ce24403 @lsegal lsegal committed Mar 19, 2013
Showing with 39 additions and 0 deletions.
  1. +10 −0 lib/event_listeners.js
  2. +29 −0 test/event_listeners.spec.coffee
View
@@ -215,6 +215,16 @@ AWS.EventListeners = {
}
});
+ add('INVALIDATE_CREDENTIALS', 'retry', function INVALIDATE_CREDENTIALS(resp) {
+ switch (resp.error.code) {
+ case 'RequestExpired': // EC2 only
+ case 'ExpiredTokenException':
+ case 'ExpiredToken':
+ resp.error.retryable = true;
+ resp.request.client.config.credentials.expired = true;
+ }
+ });
+
add('REDIRECT', 'retry', function REDIRECT(resp) {
if (resp.error && resp.error.statusCode == 307) {
this.httpRequest.endpoint =
@@ -239,6 +239,35 @@ describe 'AWS.EventListeners', ->
expect(response.data).toEqual('foo')
expect(errorHandler).not.toHaveBeenCalled()
+ ['ExpiredToken', 'ExpiredTokenException', 'RequestExpired'].forEach (name) ->
+ it 'invalidates expired credentials and retries', ->
+ spyOn(AWS.HttpClient, 'getInstance')
+ AWS.HttpClient.getInstance.andReturn handleRequest: (req, opts, cb, errCb) ->
+ if req.headers.Authorization.match('Credential=INVALIDKEY')
+ helpers.mockHttpSuccessfulResponse 403, {}, name, cb
+ else
+ helpers.mockHttpSuccessfulResponse 200, {}, 'DATA', cb
+
+ creds =
+ numCalls: 0
+ expired: false
+ accessKeyId: 'INVALIDKEY'
+ secretAccessKey: 'INVALIDSECRET'
+ get: (cb) ->
+ if @expired
+ @numCalls += 1
+ @expired = false
+ @accessKeyId = 'VALIDKEY' + @numCalls
+ @secretAccessKey = 'VALIDSECRET' + @numCalls
+ cb()
+
+ client.config.credentials = creds
+
+ response = makeRequest(->)
+ expect(response.retryCount).toEqual(1)
+ expect(creds.accessKeyId).toEqual('VALIDKEY1')
+ expect(creds.secretAccessKey).toEqual('VALIDSECRET1')
+
describe 'success', ->
it 'emits success on a successful response', ->
# fail every request with a fake networking error

0 comments on commit 4d3cf03

Please sign in to comment.