Remove unused LSP methods and add encrypt/decrypt tests

Author: satyakigh

src/auth/AuthProtocol.ts

@@ -1,96 +1,15 @@
-import {
-    MessageDirection,
-    ProtocolRequestType,
-    ProtocolNotificationType,
-    ProtocolRequestType0,
-} from 'vscode-languageserver';
-import {
-    UpdateCredentialsParams,
-    UpdateCredentialsResult,
-    ConnectionMetadata,
-    ListProfilesParams,
-    ListProfilesResult,
-    UpdateProfileParams,
-    UpdateProfileResult,
-    GetSsoTokenParams,
-    GetSsoTokenResult,
-    InvalidateSsoTokenParams,
-    InvalidateSsoTokenResult,
-    SsoTokenChangedParams,
-} from './AwsLspAuthTypes';
+import { MessageDirection, NotificationType } from 'vscode-languageserver';
+import { RequestType } from 'vscode-languageserver-protocol';
+import { UpdateCredentialsParams, UpdateCredentialsResult } from './AwsLspAuthTypes';
 
-// AWS Credential Requests
 export const IamCredentialsUpdateRequest = Object.freeze({
     method: 'aws/credentials/iam/update' as const,
     messageDirection: MessageDirection.clientToServer,
-    type: new ProtocolRequestType<UpdateCredentialsParams, UpdateCredentialsResult, never, void, void>(
-        'aws/credentials/iam/update',
-    ),
+    type: new RequestType<UpdateCredentialsParams, UpdateCredentialsResult, void>('aws/credentials/iam/update'),
 } as const);
 
-export const BearerCredentialsUpdateRequest = Object.freeze({
-    method: 'aws/credentials/token/update' as const,
-    messageDirection: MessageDirection.clientToServer,
-    type: new ProtocolRequestType<UpdateCredentialsParams, void, never, void, void>('aws/credentials/token/update'),
-} as const);
-
-export const GetConnectionMetadataRequest = Object.freeze({
-    method: 'aws/credentials/getConnectionMetadata' as const,
-    messageDirection: MessageDirection.serverToClient,
-    type: new ProtocolRequestType0<ConnectionMetadata | null, never, void, void>(
-        'aws/credentials/getConnectionMetadata',
-    ),
-} as const);
-
-// AWS Credential Notifications
 export const IamCredentialsDeleteNotification = Object.freeze({
     method: 'aws/credentials/iam/delete' as const,
     messageDirection: MessageDirection.clientToServer,
-    type: new ProtocolNotificationType<void, void>('aws/credentials/iam/delete'),
-} as const);
-
-export const BearerCredentialsDeleteNotification = Object.freeze({
-    method: 'aws/credentials/token/delete' as const,
-    messageDirection: MessageDirection.clientToServer,
-    type: new ProtocolNotificationType<void, void>('aws/credentials/token/delete'),
-} as const);
-
-// AWS Identity Requests
-export const ListProfilesRequest = Object.freeze({
-    method: 'aws/identity/listProfiles' as const,
-    messageDirection: MessageDirection.serverToClient,
-    type: new ProtocolRequestType<ListProfilesParams, ListProfilesResult | null, never, void, void>(
-        'aws/identity/listProfiles',
-    ),
-} as const);
-
-export const UpdateProfileRequest = Object.freeze({
-    method: 'aws/identity/updateProfile' as const,
-    messageDirection: MessageDirection.serverToClient,
-    type: new ProtocolRequestType<UpdateProfileParams, UpdateProfileResult | null, never, void, void>(
-        'aws/identity/updateProfile',
-    ),
-} as const);
-
-export const GetSsoTokenRequest = Object.freeze({
-    method: 'aws/identity/getSsoToken' as const,
-    messageDirection: MessageDirection.serverToClient,
-    type: new ProtocolRequestType<GetSsoTokenParams, GetSsoTokenResult | null, never, void, void>(
-        'aws/identity/getSsoToken',
-    ),
-} as const);
-
-export const InvalidateSsoTokenRequest = Object.freeze({
-    method: 'aws/identity/invalidateSsoToken' as const,
-    messageDirection: MessageDirection.serverToClient,
-    type: new ProtocolRequestType<InvalidateSsoTokenParams, InvalidateSsoTokenResult | null, never, void, void>(
-        'aws/identity/invalidateSsoToken',
-    ),
-} as const);
-
-// AWS Identity Notifications
-export const SsoTokenChangedNotification = Object.freeze({
-    method: 'aws/identity/ssoTokenChanged' as const,
-    messageDirection: MessageDirection.both,
-    type: new ProtocolNotificationType<SsoTokenChangedParams, void>('aws/identity/ssoTokenChanged'),
+    type: new NotificationType<void>('aws/credentials/iam/delete'),
 } as const);

src/auth/AwsCredentials.ts

@@ -8,30 +8,7 @@ import { LoggerFactory } from '../telemetry/LoggerFactory';
 import { extractErrorMessage } from '../utils/Errors';
 import { getRegion } from '../utils/Region';
 import { parseWithPrettyError } from '../utils/ZodErrorWrapper';
-import {
-    parseListProfilesResult,
-    parseUpdateCredentialsParams,
-    parseSsoTokenChangedParams,
-    parseInvalidateSsoTokenParams,
-    parseGetSsoTokenParams,
-    parseUpdateProfileParams,
-    parseGetSsoTokenResult,
-} from './AwsCredentialsParser';
-import {
-    SsoConnectionType,
-    BearerCredentials,
-    ConnectionMetadata,
-    UpdateCredentialsParams,
-    ListProfilesResult,
-    UpdateProfileParams,
-    UpdateProfileResult,
-    GetSsoTokenParams,
-    GetSsoTokenResult,
-    InvalidateSsoTokenParams,
-    InvalidateSsoTokenResult,
-    SsoTokenChangedParams,
-    IamCredentials,
-} from './AwsLspAuthTypes';
+import { UpdateCredentialsParams, IamCredentials } from './AwsLspAuthTypes';
 
 const DecryptedCredentialsSchema = z.object({
     data: z.object({
@@ -47,8 +24,6 @@ export class AwsCredentials {
     private readonly logger = LoggerFactory.getLogger(AwsCredentials);
 
     private iamCredentials?: IamCredentials;
-    private bearerCredentials?: BearerCredentials;
-    private connectionMetadata?: ConnectionMetadata;
     private readonly encryptionKey: Buffer;
 
     constructor(
@@ -66,96 +41,9 @@ export class AwsCredentials {
         return structuredClone(this.iamCredentials);
     }
 
-    getBearer(): DeepReadonly<BearerCredentials> {
-        if (!this.bearerCredentials) {
-            throw new Error('Bearer credentials not configured');
-        }
-        return structuredClone(this.bearerCredentials);
-    }
-
-    getConnectionMetadata(): ConnectionMetadata | undefined {
-        return this.connectionMetadata;
-    }
-
-    getConnectionType(): SsoConnectionType {
-        const startUrl = this.connectionMetadata?.sso?.startUrl;
-        if (!startUrl) return 'none';
-
-        return startUrl.includes('view.awsapps.com/start') ? 'builderId' : 'identityCenter';
-    }
-
-    async listProfiles(): Promise<ListProfilesResult | undefined> {
-        try {
-            const result = await this.awsHandlers.sendListProfiles({});
-            if (!result) return undefined;
-
-            const parsedResult = parseListProfilesResult(result);
-
-            this.logger.info(`Found ${parsedResult.profiles.length} profiles`);
-            return parsedResult;
-        } catch (error) {
-            this.logger.error({ error }, 'Failed to list profiles');
-            return undefined;
-        }
-    }
-
-    async updateProfile(params: UpdateProfileParams): Promise<UpdateProfileResult | undefined> {
-        try {
-            const parsedParams = parseUpdateProfileParams(params);
-            const result = await this.awsHandlers.sendUpdateProfile(parsedParams);
-
-            this.logger.info(`Profile updated: ${parsedParams.profile.name}`);
-            return result ?? undefined;
-        } catch (error) {
-            this.logger.error({ error }, 'Failed to update profile');
-            return undefined;
-        }
-    }
-
-    async getSsoToken(params: GetSsoTokenParams): Promise<GetSsoTokenResult | undefined> {
-        try {
-            const parsedParams = parseGetSsoTokenParams(params);
-            const result = await this.awsHandlers.sendGetSsoToken(parsedParams);
-
-            if (!result?.ssoToken) return result ?? undefined;
-
-            const parsedResult = parseGetSsoTokenResult(result);
-            this.logger.info('Retrieved SSO token');
-
-            const { data, metadata } = parsedResult.updateCredentialsParams;
-            if (data && 'token' in data) {
-                this.bearerCredentials = data;
-                if (metadata) {
-                    this.connectionMetadata = metadata;
-                }
-            }
-
-            return parsedResult;
-        } catch (error) {
-            this.logger.error({ error }, 'Failed to get SSO token');
-            return undefined;
-        }
-    }
-
-    async invalidateSsoToken(params: InvalidateSsoTokenParams): Promise<InvalidateSsoTokenResult | undefined> {
-        try {
-            const parsedParams = parseInvalidateSsoTokenParams(params);
-            const result = await this.awsHandlers.sendInvalidateSsoToken(parsedParams);
-
-            this.bearerCredentials = undefined;
-            this.connectionMetadata = undefined;
-
-            this.logger.info('SSO token invalidated');
-            return result ?? undefined;
-        } catch (error) {
-            this.logger.error({ error }, 'Failed to invalidate SSO token');
-            return undefined;
-        }
-    }
-
     async handleIamCredentialsUpdate(params: UpdateCredentialsParams): Promise<boolean> {
         try {
-            const decrypted = await compactDecrypt(params.data as unknown as string, this.encryptionKey);
+            const decrypted = await compactDecrypt(params.data, this.encryptionKey);
             const rawCredentials = JSON.parse(new TextDecoder().decode(decrypted.plaintext)) as unknown;
 
             const validatedCredentials = parseWithPrettyError(
@@ -181,46 +69,8 @@ export class AwsCredentials {
         }
     }
 
-    handleBearerCredentialsUpdate(params: UpdateCredentialsParams) {
-        try {
-            const { data, metadata } = parseWithPrettyError(parseUpdateCredentialsParams, params);
-
-            if ('token' in data) {
-                this.bearerCredentials = data;
-                if (metadata) {
-                    this.connectionMetadata = metadata;
-                }
-                this.logger.info('Updated bearer credentials');
-            }
-        } catch (error) {
-            this.logger.error(`Failed to update Bearer token: ${extractErrorMessage(error)}`);
-            this.bearerCredentials = undefined;
-            this.connectionMetadata = undefined;
-        }
-    }
-
     handleIamCredentialsDelete() {
         this.logger.info('IAM credentials deleted');
         this.iamCredentials = undefined;
     }
-
-    handleBearerCredentialsDelete() {
-        this.logger.info('Bearer credentials deleted');
-        this.bearerCredentials = undefined;
-        this.connectionMetadata = undefined;
-    }
-
-    handleSsoTokenChanged(params: SsoTokenChangedParams) {
-        try {
-            const { kind } = parseSsoTokenChangedParams(params);
-            if (kind === 'Expired') {
-                this.bearerCredentials = undefined;
-                this.connectionMetadata = undefined;
-            } else if (kind === 'Refreshed') {
-                this.logger.info('SSO token refreshed');
-            }
-        } catch (error) {
-            this.logger.error({ error }, 'Error handling SSO token change');
-        }
-    }
 }