fix(amazonq): delete iam profile when logout

Author: yuxianrz

aws-toolkit-vscode.code-workspace

@@ -13,10 +13,10 @@
             "path": "packages/amazonq",
         },
         {
-            "path": "../language-servers",
+            "path": "../language-server-runtimes",
         },
         {
-            "path": "../language-server-runtimes",
+            "path": "../language-servers",
         },
     ],
     "settings": {

packages/core/src/auth/auth2.ts

@@ -12,12 +12,17 @@ import {
     GetIamCredentialParams,
     getIamCredentialRequestType,
     GetIamCredentialResult,
+    InvalidateIamCredentialResult,
     IamIdentityCenterSsoTokenSource,
     InvalidateSsoTokenParams,
+    InvalidateIamCredentialParams,
     invalidateSsoTokenRequestType,
+    invalidateIamCredentialRequestType,
     ProfileKind,
     UpdateProfileParams,
     updateProfileRequestType,
+    DeleteProfileParams,
+    deleteProfileRequestType,
     SsoTokenChangedParams,
     // StsCredentialChangedParams,
     ssoTokenChangedRequestType,
@@ -45,6 +50,7 @@ import {
     iamCredentialsUpdateRequestType,
     Profile,
     SsoSession,
+    DeleteProfileResult,
     // invalidateStsCredentialRequestType,
     // InvalidateStsCredentialParams,
     // InvalidateStsCredentialResult,
@@ -187,6 +193,12 @@ export class LanguageClientAuth {
         } satisfies UpdateProfileParams)
     }
 
+    deleteIamProfile(name: string): Promise<DeleteProfileResult> {
+        return this.client.sendRequest(deleteProfileRequestType.method, {
+            profileName: name,
+        } satisfies DeleteProfileParams)
+    }
+
     listProfiles() {
         return this.client.sendRequest(listProfilesRequestType.method, {}) as Promise<ListProfilesResult>
     }
@@ -227,6 +239,12 @@ export class LanguageClientAuth {
         } satisfies InvalidateSsoTokenParams) as Promise<InvalidateSsoTokenResult>
     }
 
+    invalidateIamCredential(tokenId: string) {
+        return this.client.sendRequest(invalidateIamCredentialRequestType.method, {
+            iamCredentialsId: tokenId,
+        } satisfies InvalidateIamCredentialParams) as Promise<InvalidateIamCredentialResult>
+    }
+
     // invalidateStsCredential(tokenId: string) {
     //     return this.client.sendRequest(invalidateStsCredentialRequestType.method, {
     //         stsCredentialId: tokenId,
@@ -464,7 +482,7 @@ export class SsoLogin extends BaseLogin {
  */
 export class IamLogin extends BaseLogin {
     // Cached information from the identity server for easy reference
-    // private iamCredentialId: string | undefined
+    private iamCredentialId: string | undefined
 
     constructor(profileName: string, lspAuth: LanguageClientAuth, eventEmitter: vscode.EventEmitter<AuthStateEvent>) {
         super(profileName, lspAuth, eventEmitter)
@@ -486,9 +504,10 @@ export class IamLogin extends BaseLogin {
     }
 
     async logout() {
-        // if (this.stsCredentialId) {
-        //     await this.lspAuth.invalidateStsCredential(this.iamCredentialId)
-        // }
+        if (this.iamCredentialId) {
+            await this.lspAuth.invalidateIamCredential(this.iamCredentialId)
+        }
+        await this.deleteProfile(this.profileName)
         this.updateConnectionState('notConnected')
         this._data = undefined
         // TODO: DeleteProfile api in Identity Service (this doesn't exist yet)
@@ -502,6 +521,10 @@ export class IamLogin extends BaseLogin {
         }
     }
 
+    async deleteProfile(profileName: string) {
+        await this.lspAuth.deleteIamProfile(profileName)
+    }
+
     /**
      * Restore the connection state and connection details to memory, if they exist.
      */