feat: Enhance AWS client configuration to support optional credentials in DocumentProcessorController and ReportsService

adamrefaey · adamrefaey · commit ca1f9c9f4ed8 · 2025-04-15T00:02:35.000+02:00
diff --git a/backend/src/document-processor/controllers/document-processor.controller.ts b/backend/src/document-processor/controllers/document-processor.controller.ts
@@ -186,7 +186,23 @@ export class DocumentProcessorController {
 
       const region = this.configService.get<string>('aws.region') || 'us-east-1';
 
-      const s3Client = new S3Client({ region });
+      // Get optional AWS credentials if they exist
+      const accessKeyId = this.configService.get<string>('aws.aws.accessKeyId');
+      const secretAccessKey = this.configService.get<string>('aws.aws.secretAccessKey');
+      const sessionToken = this.configService.get<string>('aws.aws.sessionToken');
+
+      // Create S3 client with credentials if they exist
+      const s3ClientOptions: any = { region };
+
+      if (accessKeyId && secretAccessKey) {
+        s3ClientOptions.credentials = {
+          accessKeyId,
+          secretAccessKey,
+          ...(sessionToken && { sessionToken }),
+        };
+      }
+
+      const s3Client = new S3Client(s3ClientOptions);
 
       const command = new GetObjectCommand({
         Bucket: bucketName,
diff --git a/backend/src/reports/reports.service.ts b/backend/src/reports/reports.service.ts
@@ -27,20 +27,25 @@ export class ReportsService {
   private readonly logger = new Logger(ReportsService.name);
 
   constructor(private configService: ConfigService) {
-    const region = this.configService.get<string>('AWS_REGION', 'us-east-1');
-    const accessKeyId = this.configService.get<string>('AWS_ACCESS_KEY_ID');
-    const secretAccessKey = this.configService.get<string>('AWS_SECRET_ACCESS_KEY');
+    const region = this.configService.get<string>('aws.region') || 'us-east-1';
 
-    // Prepare client configuration
-    const clientConfig: any = { region };
+    // Get optional AWS credentials if they exist
+    const accessKeyId = this.configService.get<string>('aws.aws.accessKeyId');
+    const secretAccessKey = this.configService.get<string>('aws.aws.secretAccessKey');
+    const sessionToken = this.configService.get<string>('aws.aws.sessionToken');
+
+    const clientOptions: any = { region };
 
-    // Only add credentials if both values are present
     if (accessKeyId && secretAccessKey) {
-      clientConfig.credentials = { accessKeyId, secretAccessKey };
+      clientOptions.credentials = {
+        accessKeyId,
+        secretAccessKey,
+        ...(sessionToken && { sessionToken }),
+      };
     }
 
     try {
-      this.dynamoClient = new DynamoDBClient(clientConfig);
+      this.dynamoClient = new DynamoDBClient(clientOptions);
     } catch (error: unknown) {
       this.logger.error('Failed to initialize DynamoDB client:', error);
       throw new InternalServerErrorException('Failed to initialize database connection');
