undo unnecessary changes

Author: liramon1

aws-toolkit-vscode.code-workspace

@@ -12,12 +12,6 @@
         {
             "path": "packages/amazonq",
         },
-        {
-            "path": "../language-server-runtimes",
-        },
-        {
-            "path": "../language-servers",
-        },
     ],
     "settings": {
         "typescript.tsdk": "node_modules/typescript/lib",

packages/amazonq/.vscode/launch.json

@@ -15,8 +15,8 @@
                 "SSMDOCUMENT_LANGUAGESERVER_PORT": "6010",
                 "WEBPACK_DEVELOPER_SERVER": "http://localhost:8080",
                 // Below allows for overrides used during development
-                "__AMAZONQLSP_PATH": "${workspaceFolder}/../../../language-servers/app/aws-lsp-codewhisperer-runtimes/out/agent-standalone.js",
-                "__AMAZONQLSP_UI": "${workspaceFolder}/../../../language-servers/chat-client/build/amazonq-ui.js"
+                // "__AMAZONQLSP_PATH": "${workspaceFolder}/../../../language-servers/app/aws-lsp-codewhisperer-runtimes/out/agent-standalone.js",
+                // "__AMAZONQLSP_UI": "${workspaceFolder}/../../../language-servers/chat-client/build/amazonq-ui.js"
             },
             "envFile": "${workspaceFolder}/.local.env",
             "outFiles": ["${workspaceFolder}/dist/**/*.js", "${workspaceFolder}/../core/dist/**/*.js"],

packages/core/src/amazonqFeatureDev/client/featureDev.ts

@@ -51,22 +51,18 @@ const writeAPIRetryOptions = {
 
 // Create a client for featureDev proxy client based off of aws sdk v2
 export async function createFeatureDevProxyClient(options?: Partial<ServiceOptions>): Promise<FeatureDevProxyClient> {
-    const credential = await AuthUtil.instance.getCredential()
-    // TODO: handle IAM credentials when IAM version of API JSON file is generated
-    if (credential !== 'string') {
-        throw new Error('Feature dev does not support IAM credentials')
-    }
+    const bearerToken = await AuthUtil.instance.getBearerToken()
     const cwsprConfig = getCodewhispererConfig()
     return (await globals.sdkClientBuilder.createAwsService(
         Service,
         {
             apiConfig: apiConfig,
             region: cwsprConfig.region,
             endpoint: cwsprConfig.endpoint,
+            token: new Token({ token: bearerToken }),
             httpOptions: {
                 connectTimeout: 10000, // 10 seconds, 3 times P99 API latency
             },
-            token: new Token({ token: credential }),
             ...options,
         } as ServiceOptions,
         undefined

packages/core/src/codewhisperer/client/codewhisperer.ts

@@ -125,10 +125,7 @@ export class DefaultCodeWhispererClient {
     async createUserSdkClient(maxRetries?: number): Promise<CodeWhispererUserClient> {
         const isOptedOut = CodeWhispererSettings.instance.isOptoutEnabled()
         session.setFetchCredentialStart()
-        const credential = await AuthUtil.instance.getCredential()
-        if (typeof credential !== 'string') {
-            throw new TypeError('Cannot create user SDK client from IAM credentials')
-        }
+        const credential = await AuthUtil.instance.getBearerToken()
 
         session.setSdkApiCallStart()
         const cwsprConfig = getCodewhispererConfig()
@@ -161,88 +158,6 @@ export class DefaultCodeWhispererClient {
         return AuthUtil.instance.isConnected() // TODO: Handle IAM credentials
     }
 
-    // private async createServiceSdkClient(credential: IamCredentials): Promise<CodeWhispererClient> {
-    //     const isOptedOut = CodeWhispererSettings.instance.isOptoutEnabled()
-    //     const cwsprConfig = getCodewhispererConfig()
-    //     return (await globals.sdkClientBuilder.createAwsService(
-    //         Service,
-    //         {
-    //             apiConfig: apiConfig,
-    //             region: cwsprConfig.region,
-    //             credentials: undefined,
-    //             endpoint: cwsprConfig.endpoint,
-    //             onRequestSetup: [
-    //                 (req) => {
-    //                     if (req.operation === 'listRecommendations') {
-    //                         req.on('build', () => {
-    //                             req.httpRequest.headers['x-amzn-codewhisperer-optout'] = `${isOptedOut}`
-    //                         })
-    //                     }
-    //                     // This logic is for backward compatability with legacy SDK v2 behavior for refreshing
-    //                     // credentials. Once the Toolkit adds a file watcher for credentials it won't be needed.
-
-    //                     if (hasVendedIamCredentials()) {
-    //                         req.on('retry', (resp) => {
-    //                             if (
-    //                                 resp.error?.code === 'AccessDeniedException' &&
-    //                                 resp.error.message.match(/expired/i)
-    //                             ) {
-    //                                 // AuthUtil.instance.reauthenticate().catch((e) => {
-    //                                 //     getLogger().error('reauthenticate failed: %s', (e as Error).message)
-    //                                 // })
-    //                                 resp.error.retryable = true
-    //                             }
-    //                         })
-    //                     }
-    //                 },
-    //             ],
-    //         } as ServiceOptions,
-    //         undefined
-    //     )) as CodeWhispererClient
-    // }
-
-    // private async createUserServiceSdkClient(
-    //     credential: string,
-    //     maxRetries?: number
-    // ): Promise<CodeWhispererUserClient> {
-    //     const isOptedOut = CodeWhispererSettings.instance.isOptoutEnabled()
-    //     session.setFetchCredentialStart()
-    //     session.setSdkApiCallStart()
-    //     const cwsprConfig = getCodewhispererConfig()
-    //     return (await globals.sdkClientBuilder.createAwsService(
-    //         Service,
-    //         {
-    //             apiConfig: userApiConfig,
-    //             region: cwsprConfig.region,
-    //             endpoint: cwsprConfig.endpoint,
-    //             maxRetries: maxRetries,
-    //             onRequestSetup: [
-    //                 (req: any) => {
-    //                     req.on('build', ({ httpRequest }: { httpRequest: HttpRequest }) => {
-    //                         httpRequest.headers['Authorization'] = `Bearer ${credential}`
-    //                     })
-    //                     if (req.operation === 'generateCompletions') {
-    //                         req.on('build', () => {
-    //                             req.httpRequest.headers['x-amzn-codewhisperer-optout'] = `${isOptedOut}`
-    //                             req.httpRequest.headers['Connection'] = keepAliveHeader
-    //                         })
-    //                     }
-    //                 },
-    //             ],
-    //         } as ServiceOptions,
-    //         undefined
-    //     )) as CodeWhispererUserClient
-    // }
-
-    // async createSdkClient(maxRetries?: number): Promise<CodeWhispererUserClient | CodeWhispererClient> {
-    //     const credential = await AuthUtil.instance.getCredential()
-    //     if (typeof credential === 'string') {
-    //         return this.createUserServiceSdkClient(credential, maxRetries)
-    //     } else {
-    //         return this.createServiceSdkClient(credential)
-    //     }
-    // }
-
     public async generateRecommendations(
         request: GenerateRecommendationsRequest
     ): Promise<GenerateRecommendationsResponse> {

packages/core/src/codewhisperer/region/regionProfileManager.ts

@@ -13,8 +13,8 @@ import { once } from '../../shared/utilities/functionUtils'
 import CodeWhispererUserClient from '../client/codewhispereruserclient'
 import { Credentials, HttpRequest, Service } from 'aws-sdk'
 import { ServiceOptions } from '../../shared/awsClientBuilder'
-import tokenApiConfig = require('../client/user-service-2.json')
-import iamApiConfig = require('../client/service-2.json')
+import userApiConfig = require('../client/user-service-2.json')
+import apiConfig = require('../client/service-2.json')
 import { createConstantMap } from '../../shared/utilities/tsUtils'
 import { getLogger } from '../../shared/logger/logger'
 import { pageableToCollection } from '../../shared/utilities/collectionUtils'
@@ -426,28 +426,30 @@ export class RegionProfileManager {
 
     // Visible for testing only, do not use this directly, please use createQClient(profile)
     async _createQClient(region: string, endpoint: string): Promise<CodeWhispererUserClient> {
-        const credential = await this.authProvider.getCredential()
-        const authConfig: ServiceOptions =
-            typeof credential === 'string'
-                ? {
-                      onRequestSetup: [
-                          (req: any) => {
-                              req.on('build', ({ httpRequest }: { httpRequest: HttpRequest }) => {
-                                  httpRequest.headers['Authorization'] = `Bearer ${credential}`
-                              })
-                          },
-                      ],
-                  }
-                : {
-                      credentials: new Credentials({
-                          accessKeyId: credential.accessKeyId,
-                          secretAccessKey: credential.secretAccessKey,
-                          sessionToken: credential.sessionToken,
-                      }),
-                  }
-        const apiConfig = typeof credential === 'string' ? tokenApiConfig : iamApiConfig
+        let authConfig: ServiceOptions = {}
+        if (this.authProvider.isSsoSession()) {
+            const credential = await this.authProvider.getBearerToken()
+            authConfig = {
+                onRequestSetup: [
+                    (req: any) => {
+                        req.on('build', ({ httpRequest }: { httpRequest: HttpRequest }) => {
+                            httpRequest.headers['Authorization'] = `Bearer ${credential}`
+                        })
+                    },
+                ],
+            }
+        } else if (this.authProvider.isIamSession()) {
+            const credential = await this.authProvider.getIamCredential()
+            authConfig = {
+                credentials: new Credentials({
+                    accessKeyId: credential.accessKeyId,
+                    secretAccessKey: credential.secretAccessKey,
+                    sessionToken: credential.sessionToken,
+                }),
+            }
+        }
         const serviceOption: ServiceOptions = {
-            apiConfig: apiConfig,
+            apiConfig: this.authProvider.isSsoSession() ? userApiConfig : apiConfig,
             region: region,
             endpoint: endpoint,
             ...authConfig,

packages/core/src/codewhisperer/util/authUtil.ts

@@ -61,7 +61,8 @@ export interface IAuthProvider {
     isIdcConnection(): boolean
     isSsoSession(): boolean
     isIamSession(): boolean
-    getCredential(): Promise<string | IamCredentials>
+    getBearerToken(): Promise<string>
+    getIamCredential(): Promise<IamCredentials>
     readonly profileName: string
     readonly connection?: { startUrl?: string; region?: string; accessKey?: string; secretKey?: string }
 }
@@ -201,9 +202,17 @@ export class AuthUtil implements IAuthProvider {
         return response
     }
 
-    async getCredential() {
+    async getBearerToken() {
+        if (this.isSsoSession()) {
+            return (await (this.session as SsoLogin).getCredential()).credential
+        } else {
+            throw new ToolkitError('Cannot get credential without logging in.')
+        }
+    }
+
+    async getIamCredential() {
         if (this.session) {
-            return (await this.session.getCredential()).credential
+            return (await (this.session as IamLogin).getCredential()).credential
         } else {
             throw new ToolkitError('Cannot get credential without logging in.')
         }

packages/core/src/shared/clients/codewhispererChatClient.ts

@@ -7,28 +7,17 @@ import { ConfiguredRetryStrategy } from '@smithy/util-retry'
 import { getCodewhispererConfig } from '../../codewhisperer/client/codewhisperer'
 import { AuthUtil } from '../../codewhisperer/util/authUtil'
 import { getUserAgent } from '../telemetry/util'
-import { Credentials, Token } from 'aws-sdk'
 
 // Create a client for featureDev streaming based off of aws sdk v3
 export async function createCodeWhispererChatStreamingClient(): Promise<CodeWhispererStreaming> {
-    const credential = await AuthUtil.instance.getCredential()
-    const authConfig =
-        typeof credential === 'string'
-            ? { token: new Token({ token: credential }) }
-            : {
-                  credentials: new Credentials({
-                      accessKeyId: credential.accessKeyId,
-                      secretAccessKey: credential.secretAccessKey,
-                      sessionToken: credential.sessionToken,
-                  }),
-              }
+    const bearerToken = await AuthUtil.instance.getBearerToken()
     const cwsprConfig = getCodewhispererConfig()
     const streamingClient = new CodeWhispererStreaming({
         region: cwsprConfig.region,
         endpoint: cwsprConfig.endpoint,
+        token: { token: bearerToken },
         customUserAgent: getUserAgent(),
         retryStrategy: new ConfiguredRetryStrategy(1, (attempt: number) => 500 + attempt ** 10),
-        ...authConfig,
     })
     return streamingClient
 }