fix: Save deserialized credential object to Authentication member (#436)

Reno Seo · qhanam · web-flow · commit 6120c61ed3d2 · 2023-08-23T09:41:15.000-07:00
* fix: Save deserialized credential object to Authentication member
---------

Co-authored-by: Quinn Hanam &lt;hanquinn@amazon.com&gt;
diff --git a/src/dispatch/Authentication.ts b/src/dispatch/Authentication.ts
@@ -101,8 +101,7 @@ export class Authentication {
                     // The credentials have expired.
                     return reject();
                 }
-                this.credentials = credentials;
-                resolve(credentials);
+                resolve(this.credentials);
             });
         };
 
diff --git a/src/dispatch/EnhancedAuthentication.ts b/src/dispatch/EnhancedAuthentication.ts
@@ -77,23 +77,25 @@ export class EnhancedAuthentication {
     private AnonymousStorageCredentialsProvider =
         async (): Promise<Credentials> => {
             return new Promise<Credentials>((resolve, reject) => {
-                let credentials;
+                let credentials: Credentials;
                 try {
                     credentials = JSON.parse(localStorage.getItem(CRED_KEY)!);
                 } catch (e) {
                     // Error decoding or parsing the cookie -- abort
-                    reject();
+                    return reject();
                 }
                 // The expiration property of Credentials has a date type. Because the date was serialized as a string,
                 // we need to convert it back into a date, otherwise the AWS SDK signing middleware
                 // (@aws-sdk/middleware-signing) will throw an exception and no credentials will be returned.
-                credentials.expiration = new Date(credentials.expiration);
-                this.credentials = credentials;
+                this.credentials = {
+                    ...credentials,
+                    expiration: new Date(credentials.expiration as Date)
+                };
                 if (this.renewCredentials()) {
                     // The credentials have expired.
                     return reject();
                 }
-                resolve(credentials);
+                resolve(this.credentials);
             });
         };
 
diff --git a/src/dispatch/__tests__/Authentication.test.ts b/src/dispatch/__tests__/Authentication.test.ts
@@ -336,4 +336,69 @@ describe('Authentication tests', () => {
             })
         );
     });
+
+    test('when credentials are read from storage then a new date object is created', async () => {
+        // Init
+        const storageExpiration = new Date(Date.now() + 3600 * 1000);
+
+        localStorage.setItem(
+            CRED_KEY,
+            JSON.stringify({
+                accessKeyId: 'a',
+                secretAccessKey: 'b',
+                sessionToken: 'c',
+                expiration: storageExpiration
+            })
+        );
+
+        const config = {
+            ...DEFAULT_CONFIG,
+            ...{
+                identityPoolId: IDENTITY_POOL_ID,
+                guestRoleArn: GUEST_ROLE_ARN
+            }
+        };
+        const auth = new Authentication(config);
+
+        // Run
+        const credentials = await auth.ChainAnonymousCredentialsProvider();
+
+        // Assert
+        expect(credentials.expiration!.getTime()).toEqual(
+            storageExpiration.getTime()
+        );
+    });
+
+    test('when credentials are read from storage then the member variable stores the expiration as a date object', async () => {
+        // Init
+        const storageExpiration = new Date(Date.now() + 3600 * 1000);
+
+        localStorage.setItem(
+            CRED_KEY,
+            JSON.stringify({
+                accessKeyId: 'a',
+                secretAccessKey: 'b',
+                sessionToken: 'c',
+                expiration: storageExpiration
+            })
+        );
+
+        const config = {
+            ...DEFAULT_CONFIG,
+            ...{
+                identityPoolId: IDENTITY_POOL_ID,
+                guestRoleArn: GUEST_ROLE_ARN
+            }
+        };
+        const auth = new Authentication(config);
+
+        // Run
+        await auth.ChainAnonymousCredentialsProvider();
+        const credentials = await auth.ChainAnonymousCredentialsProvider();
+
+        // Assert
+        expect(credentials.expiration!.getTime()).toEqual(
+            storageExpiration.getTime()
+        );
+    });
 });
diff --git a/src/dispatch/__tests__/EnhancedAuthentication.test.ts b/src/dispatch/__tests__/EnhancedAuthentication.test.ts
@@ -305,4 +305,79 @@ describe('EnhancedAuthentication tests', () => {
             })
         );
     });
+
+    test('when credentials are read from storage then a new date object is created', async () => {
+        // Init
+        const fetchExpiration = new Date(0);
+        const storageExpiration = new Date(Date.now() + 3600 * 1000);
+        getCredentials.mockResolvedValue({
+            accessKeyId: 'x',
+            secretAccessKey: 'y',
+            sessionToken: 'z',
+            expiration: fetchExpiration
+        });
+
+        localStorage.setItem(
+            CRED_KEY,
+            JSON.stringify({
+                accessKeyId: 'a',
+                secretAccessKey: 'b',
+                sessionToken: 'c',
+                expiration: storageExpiration
+            })
+        );
+
+        const auth = new EnhancedAuthentication({
+            ...DEFAULT_CONFIG,
+            ...{
+                identityPoolId: IDENTITY_POOL_ID
+            }
+        });
+
+        // Run
+        const credentials = await auth.ChainAnonymousCredentialsProvider();
+
+        // Assert
+        expect(credentials.expiration!.getTime()).toEqual(
+            storageExpiration.getTime()
+        );
+    });
+
+    test('when credentials are read from storage then the member variable stores the expiration as a date object', async () => {
+        // Init
+        const fetchExpiration = new Date(0);
+        const storageExpiration = new Date(Date.now() + 3600 * 1000);
+        getCredentials.mockResolvedValue({
+            accessKeyId: 'x',
+            secretAccessKey: 'y',
+            sessionToken: 'z',
+            expiration: fetchExpiration
+        });
+
+        localStorage.setItem(
+            CRED_KEY,
+            JSON.stringify({
+                accessKeyId: 'a',
+                secretAccessKey: 'b',
+                sessionToken: 'c',
+                expiration: storageExpiration
+            })
+        );
+
+        const auth = new EnhancedAuthentication({
+            ...DEFAULT_CONFIG,
+            ...{
+                identityPoolId: IDENTITY_POOL_ID
+            }
+        });
+
+        // Run
+        await auth.ChainAnonymousCredentialsProvider();
+        const credentials = await auth.ChainAnonymousCredentialsProvider();
+
+        // Assert
+        expect(credentials.expiration!.getTime()).toEqual(
+            storageExpiration.getTime()
+        );
+    });
 });

Original file line number	Diff line number	Diff line change
`@@ -101,8 +101,7 @@ export class Authentication {`
`101`	`101`	`// The credentials have expired.`
`102`	`102`	`return reject();`
`103`	`103`	`}`
`104`		`- this.credentials = credentials;`
`105`		`- resolve(credentials);`
	`104`	`+ resolve(this.credentials);`
`106`	`105`	`});`
`107`	`106`	`};`
`108`	`107`