@itentialopensource/adapter-utils 5.7.1 → 5.7.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +8 -0
- package/lib/authenticationHandler.js +33 -3
- package/lib/connectorRest.js +14 -8
- package/package.json +1 -1
- package/refs?service=git-upload-pack +0 -0
package/CHANGELOG.md
CHANGED
|
@@ -117,13 +117,33 @@ class AuthenticationHandler {
|
|
|
117
117
|
if (STSParams) {
|
|
118
118
|
log.info('Using STS for AWS Authentication');
|
|
119
119
|
|
|
120
|
-
// set the
|
|
121
|
-
|
|
120
|
+
// set up the config object
|
|
121
|
+
const configObj = {
|
|
122
122
|
sessionToken: this.allProps.authentication.aws_session_token,
|
|
123
123
|
accessKeyId: this.allProps.authentication.aws_access_key,
|
|
124
124
|
secretAccessKey: this.allProps.authentication.aws_secret_key,
|
|
125
125
|
region: this.allProps.region
|
|
126
|
-
}
|
|
126
|
+
};
|
|
127
|
+
// Add optional config items (ssl, endpoint, proxy)
|
|
128
|
+
if (this.allProps.authentication.aws_sts) {
|
|
129
|
+
if (this.allProps.authentication.aws_sts.sslEnable === false) {
|
|
130
|
+
configObj.sslEnabled = false;
|
|
131
|
+
}
|
|
132
|
+
if (this.allProps.authentication.aws_sts.endpoint) {
|
|
133
|
+
configObj.endpoint = this.allProps.authentication.aws_sts.endpoint;
|
|
134
|
+
}
|
|
135
|
+
if (this.allProps.authentication.aws_sts.proxy) {
|
|
136
|
+
configObj.httpOptions = {
|
|
137
|
+
proxy: this.allProps.authentication.aws_sts.proxy
|
|
138
|
+
};
|
|
139
|
+
|
|
140
|
+
if (this.allProps.authentication.aws_sts.proxyagent) {
|
|
141
|
+
configObj.httpOptions.agent = this.allProps.authentication.aws_sts.proxyagent;
|
|
142
|
+
}
|
|
143
|
+
}
|
|
144
|
+
}
|
|
145
|
+
// set the original AWS access information (from properties)
|
|
146
|
+
AWS.config.update(configObj);
|
|
127
147
|
|
|
128
148
|
// use STS to get the AWS access information for the user defined in STWS Params
|
|
129
149
|
const sts = new AWS.STS();
|
|
@@ -138,6 +158,11 @@ class AuthenticationHandler {
|
|
|
138
158
|
log.error(`${origin}: ${errorObj.IAPerror.displayString}`);
|
|
139
159
|
return callback(null, errorObj);
|
|
140
160
|
}
|
|
161
|
+
if (!data || !data.Credentials || !data.Credentials.AccessKeyId || !data.Credentials.SecretAccessKey) {
|
|
162
|
+
const errorObj = this.requestHandlerInst.formatErrorObject(this.myid, meth, 'AWS Assume Role did not return credentials', null, null, null, null);
|
|
163
|
+
log.error(`${origin}: ${errorObj.IAPerror.displayString}`);
|
|
164
|
+
return callback(null, errorObj);
|
|
165
|
+
}
|
|
141
166
|
// extract the user specific info from the response
|
|
142
167
|
const accessKeyId = data.Credentials.AccessKeyId;
|
|
143
168
|
const secretAccessKey = data.Credentials.SecretAccessKey;
|
|
@@ -192,6 +217,11 @@ class AuthenticationHandler {
|
|
|
192
217
|
log.error(`${origin}: ${errorObj.IAPerror.displayString}`);
|
|
193
218
|
return callback(null, errorObj);
|
|
194
219
|
}
|
|
220
|
+
if (!data || !data.Credentials || !data.Credentials.AccessKeyId || !data.Credentials.SecretAccessKey) {
|
|
221
|
+
const errorObj = this.requestHandlerInst.formatErrorObject(this.myid, meth, 'AWS Assume Role did not return credentials', null, null, null, null);
|
|
222
|
+
log.error(`${origin}: ${errorObj.IAPerror.displayString}`);
|
|
223
|
+
return callback(null, errorObj);
|
|
224
|
+
}
|
|
195
225
|
|
|
196
226
|
// get role keys from response so we can sign the request
|
|
197
227
|
const accessKeyId = data.Credentials.AccessKeyId;
|
package/lib/connectorRest.js
CHANGED
|
@@ -3170,7 +3170,7 @@ function requestAuthenticate(request, entitySchema, invalidToken, callProperties
|
|
|
3170
3170
|
|
|
3171
3171
|
return addAuthToRequest(request, authStrs, callProperties, (authReq, aerror) => {
|
|
3172
3172
|
if (aerror) {
|
|
3173
|
-
return callback(aerror);
|
|
3173
|
+
return callback(null, aerror);
|
|
3174
3174
|
}
|
|
3175
3175
|
|
|
3176
3176
|
request.tokenUsed = authReq.token;
|
|
@@ -3231,7 +3231,7 @@ function requestAuthenticate(request, entitySchema, invalidToken, callProperties
|
|
|
3231
3231
|
|
|
3232
3232
|
return addAuthToRequest(request, authStrs, callProperties, (authReq, aerror) => {
|
|
3233
3233
|
if (aerror) {
|
|
3234
|
-
return callback(aerror);
|
|
3234
|
+
return callback(null, aerror);
|
|
3235
3235
|
}
|
|
3236
3236
|
|
|
3237
3237
|
request.tokenUsed = tres.token;
|
|
@@ -3293,7 +3293,7 @@ function requestAuthenticate(request, entitySchema, invalidToken, callProperties
|
|
|
3293
3293
|
|
|
3294
3294
|
return addAuthToRequest(request, authStrs, callProperties, (authReq, aerror) => {
|
|
3295
3295
|
if (aerror) {
|
|
3296
|
-
return callback(aerror);
|
|
3296
|
+
return callback(null, aerror);
|
|
3297
3297
|
}
|
|
3298
3298
|
|
|
3299
3299
|
// actually make the request now that the authentication has been added
|
|
@@ -3342,7 +3342,7 @@ function requestAuthenticate(request, entitySchema, invalidToken, callProperties
|
|
|
3342
3342
|
|
|
3343
3343
|
return addAuthToRequest(request, authStrs, callProperties, (authReq, aerror) => {
|
|
3344
3344
|
if (aerror) {
|
|
3345
|
-
return callback(aerror);
|
|
3345
|
+
return callback(null, aerror);
|
|
3346
3346
|
}
|
|
3347
3347
|
|
|
3348
3348
|
// actually make the request now that the authentication has been added
|
|
@@ -3383,7 +3383,7 @@ function requestAuthenticate(request, entitySchema, invalidToken, callProperties
|
|
|
3383
3383
|
|
|
3384
3384
|
return addAuthToRequest(request, authStrs, callProperties, (authReq, aerror) => {
|
|
3385
3385
|
if (aerror) {
|
|
3386
|
-
return callback(aerror);
|
|
3386
|
+
return callback(null, aerror);
|
|
3387
3387
|
}
|
|
3388
3388
|
|
|
3389
3389
|
// actually make the request now that the authentication has been added
|
|
@@ -3424,7 +3424,7 @@ function requestAuthenticate(request, entitySchema, invalidToken, callProperties
|
|
|
3424
3424
|
|
|
3425
3425
|
return addAuthToRequest(request, authStrs, callProperties, (authReq, aerror) => {
|
|
3426
3426
|
if (aerror) {
|
|
3427
|
-
return callback(aerror);
|
|
3427
|
+
return callback(null, aerror);
|
|
3428
3428
|
}
|
|
3429
3429
|
|
|
3430
3430
|
// actually make the request now that the authentication has been added
|
|
@@ -3433,7 +3433,8 @@ function requestAuthenticate(request, entitySchema, invalidToken, callProperties
|
|
|
3433
3433
|
}
|
|
3434
3434
|
|
|
3435
3435
|
if (authMethod === 'aws_authentication') {
|
|
3436
|
-
let stsParams = null;
|
|
3436
|
+
let stsParams = null;
|
|
3437
|
+
let roleName = null;
|
|
3437
3438
|
if (request.authData) {
|
|
3438
3439
|
stsParams = request.authData.stsParams;
|
|
3439
3440
|
roleName = request.authData.roleName;
|
|
@@ -3449,7 +3450,12 @@ function requestAuthenticate(request, entitySchema, invalidToken, callProperties
|
|
|
3449
3450
|
};
|
|
3450
3451
|
return authUtilInst.getAWSAuthorization(request.header.method, reqObjAWS, request.header.path, service, stsParams, roleName, (signature, awsError) => {
|
|
3451
3452
|
if (awsError) {
|
|
3452
|
-
return callback(awsError);
|
|
3453
|
+
return callback(null, awsError);
|
|
3454
|
+
}
|
|
3455
|
+
if (!signature) {
|
|
3456
|
+
const errorObj = transUtilInst.formatErrorObject(origin, 'Failed to get AWS Signature', null, null, null, null);
|
|
3457
|
+
log.error(`${origin}: ${errorObj.IAPerror.displayString}`);
|
|
3458
|
+
return callback(null, errorObj);
|
|
3453
3459
|
}
|
|
3454
3460
|
request.header.headers = { ...request.header.headers, ...signature };
|
|
3455
3461
|
return makeRequest(request, entitySchema, callProperties, null, 0, callback);
|
package/package.json
CHANGED
|
Binary file
|