Bearer token test updates and bug fixes (#2582)

aws · Nov 28, 2022 · fe21797 · fe21797
1 parent 69a49ff
commit fe21797
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 54 deletions.
diff --git a/src/ClientResolver.php b/src/ClientResolver.php
@@ -683,12 +683,15 @@ public static function _apply_endpoint_provider($value, array &$args)
 
             $args['endpoint'] = $result['endpoint'];
 
-            if (
-                empty($args['config']['signature_version'])
-                && isset($result['signatureVersion'])
-            ) {
-                $args['config']['signature_version']
-                    = $result['signatureVersion'];
+            if (empty($args['config']['signature_version'])) {
+                if (
+                    isset($args['api'])
+                    && $args['api']->getSignatureVersion() == 'bearer'
+                ) {
+                    $args['config']['signature_version'] = 'bearer';
+                } elseif (isset($result['signatureVersion'])) {
+                    $args['config']['signature_version'] = $result['signatureVersion'];
+                }
             }
 
             if (

diff --git a/src/Token/SsoTokenProvider.php b/src/Token/SsoTokenProvider.php
@@ -186,12 +186,10 @@ private function validateTokenData($tokenLocation, $tokenData)
             );
         }
 
-        try {
-            $expiration = strtotime($tokenData['expiresAt']);
-        } catch (\Exception $e) {
+        $expiration = strtotime($tokenData['expiresAt']);
+        if ($expiration === false) {
             throw new TokenException("Cached SSO token returned an invalid expiration");
-        }
-        if ($expiration > time()) {
+        } elseif ($expiration < time()) {
             throw new TokenException("Cached SSO token returned an expired token");
         }
         return $tokenData;

diff --git a/tests/Token/TokenProviderTest.php b/tests/Token/TokenProviderTest.php
@@ -71,7 +71,10 @@ public function testSsoResolvesWithDefaultProvider()
 sso_region = us-east-1
 sso_start_url = https://d-abc123.awsapps.com/start
 EOT;
-        $time = time();
+        $time =  gmdate(
+            'Y-m-d\TH:i:s\Z',
+            time() + 5000
+        );
         $token = <<<EOT
 {
     "accessToken": "string",
@@ -121,48 +124,6 @@ public function testCreatesFromCache()
         $this->assertEquals($token->getExpiration(), $found->getExpiration());
     }
 
-    public function testRefreshesFromCache()
-    {
-        {
-            $dir = $this->clearEnv();
-            $ini = <<<EOT
-[profile test]
-sso_session = admin
-[sso-session admin]
-sso_region = us-east-1
-sso_start_url = https://d-abc123.awsapps.com/start
-EOT;
-            $time = time();
-            $token = <<<EOT
-{
-    "accessToken": "string",
-    "expiresAt": "{$time}",
-    "refreshToken": "string",
-    "clientId": "ABCDEFG323242423121312312312312312",
-    "clientSecret": "ABCDE123",
-    "registrationExpiresAt": "2012-12-21T00:00:00Z",
-    "region": "us-west-2",
-    "startUrl": "https://d-abc123.awsapps.com/start"
-}
-EOT;
-
-            file_put_contents($dir . '/config', $ini);
-            file_put_contents($dir . '/sso/cache/d033e22ae348aeb5660fc2140aec35850c4da997.json', $token);
-            putenv('HOME=' . dirname($dir));
-            putenv('AWS_PROFILE=test');
-
-            try {
-                $token = call_user_func(TokenProvider::defaultProvider())->wait();
-                $this->assertSame("string", $token->getToken());
-            } catch (\Exception $e) {
-                throw $e;
-            } finally {
-                unlink($dir . '/config');
-                unlink($dir . '/sso/cache/d033e22ae348aeb5660fc2140aec35850c4da997.json');
-            }
-        }
-    }
-
     public function tokenProviderSuccessCases() {
         return [
             "Valid token with all fields" =>