From 055041ca280cefae0546e3e82f286ddf887aa2e0 Mon Sep 17 00:00:00 2001 From: George Fu Date: Wed, 9 Oct 2024 16:01:48 +0000 Subject: [PATCH 1/2] fix(credentials): used selected auth scheme identity instead of calling credentials provider --- .../src/check-features.spec.ts | 30 +++++++++++++++++++ .../src/check-features.ts | 24 +++++++-------- 2 files changed, 40 insertions(+), 14 deletions(-) create mode 100644 packages/middleware-user-agent/src/check-features.spec.ts diff --git a/packages/middleware-user-agent/src/check-features.spec.ts b/packages/middleware-user-agent/src/check-features.spec.ts new file mode 100644 index 000000000000..a29b5c944c11 --- /dev/null +++ b/packages/middleware-user-agent/src/check-features.spec.ts @@ -0,0 +1,30 @@ +import { AwsHandlerExecutionContext } from "@aws-sdk/types"; + +import { checkFeatures } from "./check-features"; + +describe(checkFeatures.name, () => { + it("should not call the credentials provider to retrieve the identity", async () => { + const config = { + credentials: jest.fn(), + }; + + const context = { + __smithy_context: { + selectedHttpAuthScheme: { + identity: { + accountId: "123456789012", + $source: {}, + }, + }, + }, + } as AwsHandlerExecutionContext; + + await checkFeatures(context, config, { + request: undefined, + input: undefined, + }); + + expect(config.credentials).not.toHaveBeenCalled(); + expect(context.__aws_sdk_context?.features?.RESOLVED_ACCOUNT_ID).toBe("T"); + }); +}); diff --git a/packages/middleware-user-agent/src/check-features.ts b/packages/middleware-user-agent/src/check-features.ts index 0c808d5dcf4d..18b41d24ac4e 100644 --- a/packages/middleware-user-agent/src/check-features.ts +++ b/packages/middleware-user-agent/src/check-features.ts @@ -42,20 +42,16 @@ export async function checkFeatures( } } - if (typeof config.credentials === "function") { - try { - const credentials: AttributedAwsCredentialIdentity = await config.credentials?.(); - if (credentials.accountId) { - setFeature(context, "RESOLVED_ACCOUNT_ID", "T"); - } - for (const [key, value] of Object.entries(credentials.$source ?? {})) { - setFeature(context, key as keyof AwsSdkCredentialsFeatures, value); - } - } catch (e: unknown) { - // Sometimes config.credentials is a function but only throws - // as a way of informing users that something is missing. - // That error and any other credential retrieval errors are - // not relevant for feature-checking and should be ignored. + // TODO: later version of @smithy/types has explicit typing for this. + const identity = (context.__smithy_context?.selectedHttpAuthScheme as any)?.identity; + + if ((identity as AttributedAwsCredentialIdentity)?.$source) { + const credentials = identity as AttributedAwsCredentialIdentity; + if (credentials.accountId) { + setFeature(context, "RESOLVED_ACCOUNT_ID", "T"); + } + for (const [key, value] of Object.entries(credentials.$source ?? {})) { + setFeature(context, key as keyof AwsSdkCredentialsFeatures, value); } } } From 20c082d4f63698689837360c6bebfd8f201b4918 Mon Sep 17 00:00:00 2001 From: George Fu Date: Wed, 9 Oct 2024 16:14:05 +0000 Subject: [PATCH 2/2] test(middleware-user-agent): add unit test for empty config/context --- packages/middleware-user-agent/src/check-features.spec.ts | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/packages/middleware-user-agent/src/check-features.spec.ts b/packages/middleware-user-agent/src/check-features.spec.ts index a29b5c944c11..685afb723d98 100644 --- a/packages/middleware-user-agent/src/check-features.spec.ts +++ b/packages/middleware-user-agent/src/check-features.spec.ts @@ -27,4 +27,8 @@ describe(checkFeatures.name, () => { expect(config.credentials).not.toHaveBeenCalled(); expect(context.__aws_sdk_context?.features?.RESOLVED_ACCOUNT_ID).toBe("T"); }); + + it("should not throw an error if no fields are present", async () => { + await checkFeatures({}, {}, {} as any); + }); });