Merge master into feature/amazonqLSP

aws-toolkit-automation · web-flow · commit 9832cbbac7b7 · 2024-12-11T19:59:47.000+01:00
diff --git a/packages/amazonq/.changes/next-release/Bug Fix-a243e8d5-b494-46a1-9ec0-c8c6af3cbf35.json b/packages/amazonq/.changes/next-release/Bug Fix-a243e8d5-b494-46a1-9ec0-c8c6af3cbf35.json
@@ -0,0 +1,4 @@
+{
+	"type": "Bug Fix",
+	"description": "Auth: SSO session was bad, but no reauth prompt given"
+}
diff --git a/packages/core/src/auth/sso/cache.ts b/packages/core/src/auth/sso/cache.ts
@@ -10,11 +10,12 @@ import { getLogger } from '../../shared/logger/logger'
 import fs from '../../shared/fs/fs'
 import { createDiskCache, KeyedCache, mapCache } from '../../shared/utilities/cacheUtils'
 import { stripUndefined } from '../../shared/utilities/collectionUtils'
-import { hasProps, selectFrom } from '../../shared/utilities/tsUtils'
+import { getMissingProps, hasProps, selectFrom } from '../../shared/utilities/tsUtils'
 import { SsoToken, ClientRegistration } from './model'
 import { DevSettings } from '../../shared/settings'
 import { onceChanged } from '../../shared/utilities/functionUtils'
 import globals from '../../shared/extensionGlobals'
+import { ToolkitError } from '../../shared/errors'
 
 interface RegistrationKey {
     readonly startUrl: string
@@ -92,6 +93,12 @@ export function getTokenCache(directory = getCacheDir()): KeyedCache<SsoAccess>
 
         stripUndefined(token)
 
+        // Validate data is not missing.
+        const missingProps = getMissingProps(token, 'accessToken', 'refreshToken')
+        if (missingProps.length > 0) {
+            throw new ToolkitError(`SSO cache data unexpectedly missing props: ${JSON.stringify(missingProps)}`)
+        }
+
         return {
             token,
             registration,
diff --git a/packages/core/src/shared/regions/regionProvider.ts b/packages/core/src/shared/regions/regionProvider.ts
@@ -15,7 +15,7 @@ import { AwsContext } from '../awsContext'
 import { getIdeProperties, isAmazonQ, isCloud9 } from '../extensionUtilities'
 import { ResourceFetcher } from '../resourcefetcher/resourcefetcher'
 import { isSsoConnection } from '../../auth/connection'
-import { Auth } from '../../auth'
+import { Auth } from '../../auth/auth'
 
 export const defaultRegion = 'us-east-1'
 export const defaultPartition = 'aws'
diff --git a/packages/core/src/shared/utilities/cacheUtils.ts b/packages/core/src/shared/utilities/cacheUtils.ts
@@ -116,10 +116,23 @@ export function createDiskCache<V, K>(
                 log('loaded', key)
                 return result
             } catch (error) {
+                // Non-recoverable errors mean there is no usable data.
+                // Recoverable errors mean we can possibly use the data for something like
+                // an SSO token refresh, or to just retry.
+                // Returning undefined implies non-recoverable.
+
+                // -- Non-recoverable Errors --
                 if (isFileNotFoundError(error)) {
                     log('read failed (file not found)', key)
                     return
                 }
+                if (error instanceof SyntaxError) {
+                    // file content was malformed or empty
+                    log(`read failed (invalid JSON)`, key)
+                    return
+                }
+
+                // -- Recoverable Errors --
                 log(`read failed ${error}`, key)
                 throw createDiskCacheError(error, 'LOAD', target, key)
             }
diff --git a/packages/core/src/test/credentials/sso/cache.test.ts b/packages/core/src/test/credentials/sso/cache.test.ts
@@ -8,6 +8,7 @@ import * as path from 'path'
 import { makeTemporaryToolkitFolder, tryRemoveFolder } from '../../../shared/filesystemUtilities'
 import { getRegistrationCache, getTokenCache } from '../../../auth/sso/cache'
 import { fs } from '../../../shared'
+import { SsoToken } from '../../../auth/sso/model'
 
 describe('SSO Cache', function () {
     const region = 'dummyRegion'
@@ -26,7 +27,8 @@ describe('SSO Cache', function () {
     const validToken = {
         accessToken: 'longstringofrandomcharacters',
         expiresAt: new Date(Date.now() + hourInMs),
-    }
+        refreshToken: 'dummyRefreshToken',
+    } as SsoToken
 
     beforeEach(async function () {
         testDir = await makeTemporaryToolkitFolder()
diff --git a/packages/core/src/test/credentials/sso/ssoAccessTokenProvider.test.ts b/packages/core/src/test/credentials/sso/ssoAccessTokenProvider.test.ts
@@ -45,6 +45,7 @@ describe('SsoAccessTokenProvider', function () {
         return {
             accessToken: 'dummyAccessToken',
             expiresAt: new clock.Date(clock.Date.now() + timeDelta),
+            refreshToken: 'dummyRefreshToken',
             ...extras,
         }
     }
diff --git a/packages/toolkit/.changes/next-release/Bug Fix-868c7cda-80c1-4947-a498-3792f88622ad.json b/packages/toolkit/.changes/next-release/Bug Fix-868c7cda-80c1-4947-a498-3792f88622ad.json
@@ -0,0 +1,4 @@
+{
+	"type": "Bug Fix",
+	"description": "Auth: SSO session was bad, but no reauth prompt given"
+}

-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +{
 +	"type": "Bug Fix",
 +	"description": "Auth: SSO session was bad, but no reauth prompt given"
 +}
Original file line number	Diff line number	Diff line change
`@@ -45,6 +45,7 @@ describe('SsoAccessTokenProvider', function () {`
`45`	`45`	`return {`
`46`	`46`	`accessToken: 'dummyAccessToken',`
`47`	`47`	`expiresAt: new clock.Date(clock.Date.now() + timeDelta),`
	`48`	`+ refreshToken: 'dummyRefreshToken',`
`48`	`49`	`...extras,`
`49`	`50`	`}`
`50`	`51`	`}`