fix: implement new token provider to work with v3

Hweinstock · Hweinstock · commit c42a56f4efd8 · 2025-03-10T15:44:24.000-04:00
diff --git a/packages/core/src/shared/clients/codecatalystClient.ts b/packages/core/src/shared/clients/codecatalystClient.ts
@@ -99,6 +99,7 @@ import { ClientWrapper } from './clientWrapper'
 import { StandardRetryStrategy } from '@smithy/util-retry'
 import { ServiceException } from '@aws-sdk/smithy-client'
 import { AccessDeniedException } from '@aws-sdk/client-sso-oidc'
+import { TokenIdentityProvider } from '@aws-sdk/types'
 
 const requiredDevEnvProps = [
     'id',
@@ -231,7 +232,7 @@ async function createCodeCatalystClient(
 }
 
 function createCodeCatalystClientV3(
-    tokenProvider: TokenProvider,
+    tokenProvider: TokenIdentityProvider,
     regionCode: string,
     endpoint: string,
     maxRetries: number
@@ -266,7 +267,6 @@ export const onAccessDeniedException = onAccessDeniedExceptionEmitter.event
 interface AuthOptions {
     showReauthPrompt?: boolean
 }
-
 export type CodeCatalystClientFactory = () => Promise<CodeCatalystClient>
 /**
  * Factory to create a new `CodeCatalystClient`. Call `onCredentialsChanged()` before making requests.
@@ -280,7 +280,7 @@ export async function createClient(
 ): Promise<CodeCatalystClient> {
     const tokenProvider = new TokenProvider(connection)
     const sdkClient = await createCodeCatalystClient(tokenProvider, regionCode, endpoint, maxRetries)
-    const sdkv3Client = createCodeCatalystClientV3(tokenProvider, regionCode, endpoint, maxRetries)
+    const sdkv3Client = createCodeCatalystClientV3(getTokenProvider(connection), regionCode, endpoint, maxRetries)
     const c = new CodeCatalystClientInternal(connection, sdkClient, sdkv3Client)
     try {
         await c.verifySession()
@@ -297,6 +297,17 @@ export async function createClient(
     return c
 }
 
+// TODO: move this to sso auth folder?
+function getTokenProvider(connection: SsoConnection): TokenIdentityProvider {
+    return async (_props) => {
+        const token = await connection.getToken()
+        return {
+            token: token.accessToken,
+            expiration: token.expiresAt,
+        }
+    }
+}
+
 // XXX: the backend currently rejects empty strings for `alias` so the field must be removed if falsey
 function fixAliasInRequest<T extends CreateDevEnvironmentRequest | UpdateDevEnvironmentRequest>(request: T): T {
     if (!request.alias) {
@@ -533,16 +544,17 @@ class CodeCatalystClientInternal extends ClientWrapper<CodeCatalystSDKClient> {
         if (CodeCatalystClientInternal.identityCache.has(accessToken)) {
             return CodeCatalystClientInternal.identityCache.get(accessToken)!
         }
-        const resp: VerifySessionCommandOutput = await this.callV3(VerifySessionCommand, {}, false)
-        assertHasProps(resp, 'identity')
 
-        CodeCatalystClientInternal.identityCache.set(accessToken, resp.identity)
+        const r: VerifySessionCommandOutput = await this.callV3(VerifySessionCommand, {}, false)
+        assertHasProps(r, 'identity')
+
+        CodeCatalystClientInternal.identityCache.set(accessToken, r.identity)
         setTimeout(() => {
             CodeCatalystClientInternal.identityCache.delete(accessToken)
-            CodeCatalystClientInternal.userDetailsCache.delete(resp.identity)
+            CodeCatalystClientInternal.userDetailsCache.delete(r.identity)
         }, expiresAt.getTime() - Date.now())
 
-        return resp.identity
+        return r.identity
     }
 
     public async getBearerToken(): Promise<string> {
