Skip to content

Commit 444d7bd

Browse files
kuhekuhe
committed
test(credential-providers)): region suite
1 parent a0c91ef commit 444d7bd

12 files changed

+166
-37
lines changed

packages/credential-provider-node/tests/credential-provider-node.integ.spec.ts

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ import {
88
fromTokenFile,
99
fromWebToken,
1010
} from "@aws-sdk/credential-providers";
11-
import { MockNodeHttpHandler } from "@aws-sdk/credential-providers/tests/_test-lib.spec";
11+
import { MockNodeHttpHandler, assumeRoleArns } from "@aws-sdk/credential-providers/tests/_test-lib.spec";
1212
import { NodeHttpHandler } from "@smithy/node-http-handler";
1313
import { externalDataInterceptor } from "@smithy/shared-ini-file-loader";
1414
import type { HttpRequest, MiddlewareStack, ParsedIniData } from "@smithy/types";
@@ -22,8 +22,6 @@ import { afterAll, afterEach, beforeAll, beforeEach, describe, expect, test as i
2222
// eslint-disable-next-line no-restricted-imports
2323
import { defaultProvider } from "../src/defaultProvider";
2424

25-
const assumeRoleArns: string[] = [];
26-
2725
describe("credential-provider-node integration test", () => {
2826
let sts: STS = null as any;
2927
let processSnapshot: typeof process.env = null as any;

packages/credential-providers/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -826,7 +826,7 @@ import { fromSSO } from "@aws-sdk/credential-providers"; // ES6 import
826826
const client = new FooClient({
827827
// Optional, available on clients as of v3.714.0.
828828
profile: "my-sso-profile",
829-
credentials: fromProcess({
829+
credentials: fromSSO({
830830
// Optional. Defaults to the client's profile if that is set.
831831
// You can specify a profile here as well, but this applies
832832
// only to the credential resolution and not to the upper client.

packages/credential-providers/tests/_test-lib.spec.ts

Lines changed: 56 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,5 @@
11
import { S3 } from "@aws-sdk/client-s3";
22
import { ParsedIniData, RuntimeConfigAwsCredentialIdentityProvider } from "@aws-sdk/types";
3-
import { AttributedAwsCredentialIdentity } from "@aws-sdk/types/src";
43
import { NodeHttpHandler } from "@smithy/node-http-handler";
54
import { HttpResponse } from "@smithy/protocol-http";
65
import { externalDataInterceptor } from "@smithy/shared-ini-file-loader";
@@ -11,12 +10,13 @@ import { homedir } from "node:os";
1110
import { join } from "node:path";
1211
import { PassThrough } from "node:stream";
1312
import { afterAll, afterEach, beforeAll, beforeEach, describe, expect, test as it } from "vitest";
13+
import { fromSSO } from "@aws-sdk/credential-providers";
1414

1515
describe("placeholder for testing lib", () => {
1616
it("", () => {});
1717
});
1818

19-
const assumeRoleArns: string[] = [];
19+
export const assumeRoleArns: string[] = [];
2020
let iniProfileData: ParsedIniData = null as any;
2121

2222
export type CredentialTestParameters = {
@@ -38,13 +38,30 @@ export type CredentialTestParameters = {
3838
* Credential provider tester.
3939
*/
4040
export class CTest<P extends (init?: any) => RuntimeConfigAwsCredentialIdentityProvider> {
41-
private lastCredentials: AttributedAwsCredentialIdentity | undefined;
42-
43-
public constructor(
44-
public credentialProvider: P,
45-
public providerParams: (testParams: CredentialTestParameters) => Parameters<P>[0],
46-
public profileCredentials?: boolean
47-
) {
41+
private readonly credentialProvider: P;
42+
private readonly providerParams: (testParams: CredentialTestParameters) => Parameters<P>[0];
43+
private readonly profileCredentials: boolean;
44+
private readonly filter: (testParams: CredentialTestParameters) => boolean;
45+
private readonly fallbackRegion: string;
46+
47+
public constructor({
48+
credentialProvider,
49+
providerParams,
50+
profileCredentials,
51+
filter,
52+
fallbackRegion,
53+
}: {
54+
credentialProvider: P;
55+
providerParams: (testParams: CredentialTestParameters) => Parameters<P>[0];
56+
profileCredentials?: boolean;
57+
filter?: (testParams: CredentialTestParameters) => boolean;
58+
fallbackRegion?: string;
59+
}) {
60+
this.credentialProvider = credentialProvider;
61+
this.providerParams = providerParams;
62+
this.profileCredentials = !!profileCredentials;
63+
this.filter = filter ?? (() => true);
64+
this.fallbackRegion = fallbackRegion ?? "unresolved";
4865
this.init();
4966
}
5067

@@ -57,8 +74,11 @@ export class CTest<P extends (init?: any) => RuntimeConfigAwsCredentialIdentityP
5774
};
5875
}
5976
return {
77+
// used by fromIni
6078
profile,
6179
clientConfig: {
80+
// used by e.g. fromTemporaryCredentials that don't have top level profile selection
81+
profile,
6282
region: providerRegion ? "provider-region" : undefined,
6383
},
6484
};
@@ -157,6 +177,9 @@ export class CTest<P extends (init?: any) => RuntimeConfigAwsCredentialIdentityP
157177
public testRegion() {
158178
for (const withCaller of [true, false]) {
159179
for (const callerClientRegion of [true, false]) {
180+
if (callerClientRegion && !withCaller) {
181+
continue;
182+
}
160183
for (const envRegion of [true, false]) {
161184
for (const profileRegion of [true, false]) {
162185
for (const providerRegion of [true, false]) {
@@ -174,14 +197,33 @@ export class CTest<P extends (init?: any) => RuntimeConfigAwsCredentialIdentityP
174197
profile,
175198
};
176199

200+
if (!this.filter(params)) {
201+
continue;
202+
}
203+
177204
it(`${serializeParams(params)}`, async () => {
178-
const region = await this.resolveStsRegion(params);
205+
const region = await this.findCredentialSourceRegion(params).catch((e) => {
206+
return "failed";
207+
});
208+
const regionRequired = this.fallbackRegion === "unresolved" || withCaller;
209+
const providerParams = this.providerParams(params);
210+
const isSso = this.credentialProvider === fromSSO || providerParams.ssoStartUrl;
211+
const hasRegion = providerRegion || profileRegion || callerClientRegion || envRegion;
212+
213+
if (regionRequired && !hasRegion) {
214+
expect(region).toBe("failed");
215+
}
179216

180217
if (providerRegion) {
181218
expect(region).toBe("provider-region");
182219
return;
183220
}
184221

222+
if (isSso) {
223+
expect(region).toBe(providerParams.ssoRegion);
224+
return;
225+
}
226+
185227
const usesProfileCredentials = this.profileCredentials;
186228

187229
if (usesProfileCredentials && profileRegion) {
@@ -204,7 +246,7 @@ export class CTest<P extends (init?: any) => RuntimeConfigAwsCredentialIdentityP
204246
return;
205247
}
206248

207-
expect(region).toBe("us-east-1");
249+
expect(region).toBe(this.fallbackRegion);
208250
});
209251
}
210252
}
@@ -214,7 +256,7 @@ export class CTest<P extends (init?: any) => RuntimeConfigAwsCredentialIdentityP
214256
}
215257
}
216258

217-
private async resolveStsRegion(testParams: CredentialTestParameters) {
259+
private async findCredentialSourceRegion(testParams: CredentialTestParameters) {
218260
const { withCaller, envRegion, profile, profileRegion, callerClientRegion, providerRegion } = testParams;
219261

220262
if (envRegion) {
@@ -285,13 +327,13 @@ export class CTest<P extends (init?: any) => RuntimeConfigAwsCredentialIdentityP
285327

286328
await s3.listBuckets({});
287329
const credentials = await s3.config.credentials();
288-
return credentials.sessionToken!.replace("STS_AR_SESSION_TOKEN_", "");
330+
return credentials.sessionToken!.replace(/(.*?)SESSION_TOKEN_/, "");
289331
}
290332

291333
const provider = this.credentialProvider(this.providerParams(testParams));
292334

293335
const credentials = await provider();
294-
return credentials.sessionToken!.replace("STS_AR_SESSION_TOKEN_", "");
336+
return credentials.sessionToken!.replace(/(.*?)SESSION_TOKEN_/, "");
295337
}
296338
}
297339

packages/credential-providers/tests/fromCognitoIdentity.integ.spec.ts

Lines changed: 16 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,20 @@
11
import { fromCognitoIdentity } from "@aws-sdk/credential-providers";
2-
import { describe, test as it } from "vitest";
2+
import { describe } from "vitest";
3+
4+
import { CTest } from "./_test-lib.spec";
35

46
describe(fromCognitoIdentity.name, () => {
5-
it("placeholder", () => {});
7+
const ctest = new CTest({
8+
credentialProvider: fromCognitoIdentity,
9+
providerParams: (testParams) => {
10+
return {
11+
identityId: "us-east-1:128d0a74-c82f-4553-916d-90053example",
12+
...CTest.defaultRegionConfigProvider(testParams),
13+
};
14+
},
15+
profileCredentials: false,
16+
fallbackRegion: "unresolved",
17+
});
18+
19+
ctest.testRegion();
620
});

packages/credential-providers/tests/fromCognitoIdentityPool.integ.spec.ts

Lines changed: 16 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,20 @@
11
import { fromCognitoIdentityPool } from "@aws-sdk/credential-providers";
2-
import { describe, test as it } from "vitest";
2+
import { describe } from "vitest";
3+
4+
import { CTest } from "./_test-lib.spec";
35

46
describe(fromCognitoIdentityPool.name, () => {
5-
it("placeholder", () => {});
7+
const ctest = new CTest({
8+
credentialProvider: fromCognitoIdentityPool,
9+
providerParams: (testParams) => {
10+
return {
11+
identityPoolId: "us-east-1:1699ebc0-7900-4099-b910-2df94f52a030",
12+
...CTest.defaultRegionConfigProvider(testParams),
13+
};
14+
},
15+
profileCredentials: false,
16+
fallbackRegion: "unresolved",
17+
});
18+
19+
ctest.testRegion();
620
});

packages/credential-providers/tests/fromEnv.integ.spec.ts

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,8 +4,11 @@ import { describe, test as it } from "vitest";
44
import { CTest } from "./_test-lib.spec";
55

66
describe(fromEnv.name, () => {
7-
const ctest = new CTest(fromEnv, () => {
8-
return {};
7+
const ctest = new CTest({
8+
credentialProvider: fromEnv,
9+
providerParams: () => {
10+
return {};
11+
},
912
});
1013

1114
it("placeholder", () => {});

packages/credential-providers/tests/fromIni.integ.spec.ts

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,12 @@ import { describe } from "vitest";
44
import { CTest } from "./_test-lib.spec";
55

66
describe(fromIni.name, () => {
7-
const ctest = new CTest(fromIni, CTest.defaultRegionConfigProvider, true);
7+
const ctest = new CTest({
8+
credentialProvider: fromIni,
9+
providerParams: CTest.defaultRegionConfigProvider,
10+
profileCredentials: true,
11+
fallbackRegion: "us-east-1",
12+
});
813

914
ctest.testRegion();
1015
});

packages/credential-providers/tests/fromNodeProviderChain.integ.spec.ts

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,12 @@ import { describe } from "vitest";
44
import { CTest } from "./_test-lib.spec";
55

66
describe(fromNodeProviderChain.name, () => {
7-
const ctest = new CTest(fromNodeProviderChain, CTest.defaultRegionConfigProvider, true);
7+
const ctest = new CTest({
8+
credentialProvider: fromNodeProviderChain,
9+
providerParams: CTest.defaultRegionConfigProvider,
10+
profileCredentials: true,
11+
fallbackRegion: "us-east-1",
12+
});
813

914
ctest.testRegion();
1015
});

packages/credential-providers/tests/fromSSO.integ.spec.ts

Lines changed: 19 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,23 @@
11
import { fromSSO } from "@aws-sdk/credential-providers";
2-
import { describe, test as it } from "vitest";
2+
import { describe } from "vitest";
3+
4+
import { CTest } from "./_test-lib.spec";
35

46
describe(fromSSO.name, () => {
5-
it("placeholder", () => {});
7+
const ctest = new CTest({
8+
credentialProvider: fromSSO,
9+
providerParams: (testParams) => {
10+
return {
11+
ssoStartUrl: "SSO_START_URL",
12+
ssoAccountId: "1234567890",
13+
ssoRegion: "sso-region-1",
14+
ssoRoleName: "arn:aws:iam::1234567890:role/Rigamarole",
15+
...CTest.defaultRegionConfigProvider(testParams),
16+
};
17+
},
18+
profileCredentials: false,
19+
fallbackRegion: "unresolved",
20+
});
21+
22+
ctest.testRegion();
623
});

packages/credential-providers/tests/fromTemporaryCredentials.integ.spec.ts

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -5,18 +5,19 @@ import { describe, expect, test as it } from "vitest";
55
import { CTest } from "./_test-lib.spec";
66

77
describe(fromTemporaryCredentials.name, () => {
8-
const ctest = new CTest(
9-
fromTemporaryCredentials,
10-
(testParams) => {
8+
const ctest = new CTest({
9+
credentialProvider: fromTemporaryCredentials,
10+
providerParams: (testParams) => {
1111
return {
1212
params: {
1313
RoleArn: "arn:aws:iam::1234567890:role/Rigamarole",
1414
},
1515
...CTest.defaultRegionConfigProvider(testParams),
1616
};
1717
},
18-
false
19-
);
18+
profileCredentials: false,
19+
fallbackRegion: "us-east-1",
20+
});
2021

2122
ctest.testRegion();
2223

0 commit comments

Comments
 (0)