From efa2a2ba60766ffc7e429b54ec88ca9a730a4500 Mon Sep 17 00:00:00 2001 From: Trivikram Kamat <16024985+trivikr@users.noreply.github.com> Date: Thu, 8 May 2025 17:53:20 +0000 Subject: [PATCH 1/2] chore(core): return httpBearerAuth in authSchemePreference if token is set in env --- ...ODE_AUTH_SCHEME_PREFERENCE_OPTIONS.spec.ts | 28 +++++++++++++++++++ .../NODE_AUTH_SCHEME_PREFERENCE_OPTIONS.ts | 9 +++++- .../utils/getBearerTokenEnvKey.spec.ts | 14 ++++++++++ .../utils/getBearerTokenEnvKey.ts | 7 +++++ 4 files changed, 57 insertions(+), 1 deletion(-) create mode 100644 packages/core/src/submodules/httpAuthSchemes/utils/getBearerTokenEnvKey.spec.ts create mode 100644 packages/core/src/submodules/httpAuthSchemes/utils/getBearerTokenEnvKey.ts diff --git a/packages/core/src/submodules/httpAuthSchemes/aws_sdk/NODE_AUTH_SCHEME_PREFERENCE_OPTIONS.spec.ts b/packages/core/src/submodules/httpAuthSchemes/aws_sdk/NODE_AUTH_SCHEME_PREFERENCE_OPTIONS.spec.ts index b11ff6f4d10e0..c1ad898c14bb6 100644 --- a/packages/core/src/submodules/httpAuthSchemes/aws_sdk/NODE_AUTH_SCHEME_PREFERENCE_OPTIONS.spec.ts +++ b/packages/core/src/submodules/httpAuthSchemes/aws_sdk/NODE_AUTH_SCHEME_PREFERENCE_OPTIONS.spec.ts @@ -1,15 +1,19 @@ import { afterEach, describe, expect, test as it, vi } from "vitest"; import { getArrayForCommaSeparatedString } from "../utils/getArrayForCommaSeparatedString"; +import { getBearerTokenEnvKey } from "../utils/getBearerTokenEnvKey"; import { NODE_AUTH_SCHEME_PREFERENCE_OPTIONS } from "./NODE_AUTH_SCHEME_PREFERENCE_OPTIONS"; vi.mock("../utils/getArrayForCommaSeparatedString"); +vi.mock("../utils/getBearerTokenEnvKey"); describe("NODE_AUTH_SCHEME_PREFERENCE_OPTIONS", () => { const mockInput = "a,b,c"; const mockOutput = ["a", "b", "c"]; + const mockBearerTokenEnvKey = "AWS_BEARER_TOKEN_SERVICE_NAME"; vi.mocked(getArrayForCommaSeparatedString).mockReturnValue(mockOutput); + vi.mocked(getBearerTokenEnvKey).mockReturnValue(mockBearerTokenEnvKey); afterEach(() => { vi.clearAllMocks(); @@ -19,18 +23,42 @@ describe("NODE_AUTH_SCHEME_PREFERENCE_OPTIONS", () => { it("returns undefined if no value is provided", () => { expect(func({})).toEqual(undefined); expect(getArrayForCommaSeparatedString).not.toBeCalled(); + expect(getBearerTokenEnvKey).not.toBeCalled(); }); it("returns list if value is defined", () => { expect(func({ [key]: mockInput })).toEqual(mockOutput); expect(getArrayForCommaSeparatedString).toHaveBeenCalledTimes(1); expect(getArrayForCommaSeparatedString).toBeCalledWith(mockInput); + expect(getBearerTokenEnvKey).not.toBeCalled(); }); }; describe("environmentVariableSelector", () => { const { environmentVariableSelector } = NODE_AUTH_SCHEME_PREFERENCE_OPTIONS; test(environmentVariableSelector, "AWS_AUTH_SCHEME_PREFERENCE"); + + describe("if signingName is defined", () => { + const env = { AWS_AUTH_SCHEME_PREFERENCE: mockInput }; + const options = { signingName: "Signing Name" }; + + afterEach(() => { + expect(getBearerTokenEnvKey).toHaveBeenCalledTimes(1); + expect(getBearerTokenEnvKey).toBeCalledWith(options.signingName); + }); + + it(`ignores if mockBearerTokenEnvKey is not set`, () => { + expect(environmentVariableSelector(env, options)).toEqual(mockOutput); + expect(getArrayForCommaSeparatedString).toHaveBeenCalledTimes(1); + expect(getArrayForCommaSeparatedString).toBeCalledWith(mockInput); + }); + + it("returns ['httpBearerAuth'] if mockBearerTokenEnvKey is set", () => { + const envWithToken = { ...env, [mockBearerTokenEnvKey]: "token" }; + expect(environmentVariableSelector(envWithToken, options)).toEqual(["httpBearerAuth"]); + expect(getArrayForCommaSeparatedString).not.toHaveBeenCalled(); + }); + }); }); describe("configFileSelector", () => { diff --git a/packages/core/src/submodules/httpAuthSchemes/aws_sdk/NODE_AUTH_SCHEME_PREFERENCE_OPTIONS.ts b/packages/core/src/submodules/httpAuthSchemes/aws_sdk/NODE_AUTH_SCHEME_PREFERENCE_OPTIONS.ts index 5417d122c7256..ca8ff1bfe68e5 100644 --- a/packages/core/src/submodules/httpAuthSchemes/aws_sdk/NODE_AUTH_SCHEME_PREFERENCE_OPTIONS.ts +++ b/packages/core/src/submodules/httpAuthSchemes/aws_sdk/NODE_AUTH_SCHEME_PREFERENCE_OPTIONS.ts @@ -1,6 +1,9 @@ +// ToDo: replace with EnvOptions once exported from node-config-provider import { LoadedConfigSelectors } from "@smithy/node-config-provider"; +import { EnvOptions } from "@smithy/node-config-provider/dist-types/fromEnv"; import { getArrayForCommaSeparatedString } from "../utils/getArrayForCommaSeparatedString"; +import { getBearerTokenEnvKey } from "../utils/getBearerTokenEnvKey"; const NODE_AUTH_SCHEME_PREFERENCE_ENV_KEY = "AWS_AUTH_SCHEME_PREFERENCE"; const NODE_AUTH_SCHEME_PREFERENCE_CONFIG_KEY = "auth_scheme_preference"; @@ -14,7 +17,11 @@ export const NODE_AUTH_SCHEME_PREFERENCE_OPTIONS: LoadedConfigSelectors { + environmentVariableSelector: (env: NodeJS.ProcessEnv, options?: EnvOptions) => { + if (options?.signingName) { + const bearerTokenKey = getBearerTokenEnvKey(options.signingName); + if (bearerTokenKey in env) return ["httpBearerAuth"]; + } if (!(NODE_AUTH_SCHEME_PREFERENCE_ENV_KEY in env)) return undefined; return getArrayForCommaSeparatedString(env[NODE_AUTH_SCHEME_PREFERENCE_ENV_KEY] as string); }, diff --git a/packages/core/src/submodules/httpAuthSchemes/utils/getBearerTokenEnvKey.spec.ts b/packages/core/src/submodules/httpAuthSchemes/utils/getBearerTokenEnvKey.spec.ts new file mode 100644 index 0000000000000..df3e8b1dd5544 --- /dev/null +++ b/packages/core/src/submodules/httpAuthSchemes/utils/getBearerTokenEnvKey.spec.ts @@ -0,0 +1,14 @@ +import { describe, expect, it } from "vitest"; + +import { getBearerTokenEnvKey } from "./getBearerTokenEnvKey"; + +describe("getBearerTokenEnvKey", () => { + it.each([ + ["SIGNING_NAME", "signing name"], + ["SIGNING_NAME", "SigNinG nAmE"], + ["SIGNING_NAME", "signing-name"], + ["SIGNING_NAME", "signing\tname"], + ])("returns AWS_BEARER_TOKEN_%s for '%s'", (output, input) => { + expect(getBearerTokenEnvKey(input)).toEqual(`AWS_BEARER_TOKEN_${output}`); + }); +}); diff --git a/packages/core/src/submodules/httpAuthSchemes/utils/getBearerTokenEnvKey.ts b/packages/core/src/submodules/httpAuthSchemes/utils/getBearerTokenEnvKey.ts new file mode 100644 index 0000000000000..c6955122ce082 --- /dev/null +++ b/packages/core/src/submodules/httpAuthSchemes/utils/getBearerTokenEnvKey.ts @@ -0,0 +1,7 @@ +/** + * Returns an environment variable key base on signing name. + * @param signingName - The signing name to use in the key + * @returns The environment variable key in format AWS_BEARER_TOKEN_ + */ +export const getBearerTokenEnvKey = (signingName: string) => + `AWS_BEARER_TOKEN_${signingName.replace(/[\s-]/g, "_").toUpperCase()}`; From baed49f29f11973375054df339a74a7651287ef7 Mon Sep 17 00:00:00 2001 From: Trivikram Kamat <16024985+trivikr@users.noreply.github.com> Date: Fri, 9 May 2025 20:06:07 +0000 Subject: [PATCH 2/2] chore: import EnvOptions from node-config-provider --- .../aws_sdk/NODE_AUTH_SCHEME_PREFERENCE_OPTIONS.ts | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/packages/core/src/submodules/httpAuthSchemes/aws_sdk/NODE_AUTH_SCHEME_PREFERENCE_OPTIONS.ts b/packages/core/src/submodules/httpAuthSchemes/aws_sdk/NODE_AUTH_SCHEME_PREFERENCE_OPTIONS.ts index ca8ff1bfe68e5..c6f285b84d13f 100644 --- a/packages/core/src/submodules/httpAuthSchemes/aws_sdk/NODE_AUTH_SCHEME_PREFERENCE_OPTIONS.ts +++ b/packages/core/src/submodules/httpAuthSchemes/aws_sdk/NODE_AUTH_SCHEME_PREFERENCE_OPTIONS.ts @@ -1,6 +1,4 @@ -// ToDo: replace with EnvOptions once exported from node-config-provider -import { LoadedConfigSelectors } from "@smithy/node-config-provider"; -import { EnvOptions } from "@smithy/node-config-provider/dist-types/fromEnv"; +import { EnvOptions, LoadedConfigSelectors } from "@smithy/node-config-provider"; import { getArrayForCommaSeparatedString } from "../utils/getArrayForCommaSeparatedString"; import { getBearerTokenEnvKey } from "../utils/getBearerTokenEnvKey";