npm - @middy/secrets-manager - Versions diffs - 5.1.0 → 5.2.1 - Mend

@middy/secrets-manager 5.1.0 → 5.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/index.js +112 -67
package/package.json +4 -4

package/index.js CHANGED Viewed

@@ -1,72 +1,117 @@
-import { canPrefetch, createPrefetchClient, createClient, getCache, getInternal, processCache, modifyCache, jsonSafeParse } from '@middy/util';
-import { SecretsManagerClient, DescribeSecretCommand, GetSecretValueCommand } from '@aws-sdk/client-secrets-manager';
+import {
+  canPrefetch,
+  createPrefetchClient,
+  createClient,
+  getCache,
+  getInternal,
+  processCache,
+  modifyCache,
+  jsonSafeParse,
+  catchInvalidSignatureException
+} from '@middy/util'
+import {
+  SecretsManagerClient,
+  DescribeSecretCommand,
+  GetSecretValueCommand
+} from '@aws-sdk/client-secrets-manager'
 const defaults = {
-    AwsClient: SecretsManagerClient,
-    awsClientOptions: {},
-    awsClientAssumeRole: undefined,
-    awsClientCapture: undefined,
-    fetchData: {},
-    fetchRotationDate: false,
-    disablePrefetch: false,
-    cacheKey: 'secrets-manager',
-    cacheKeyExpiry: {},
-    cacheExpiry: -1,
-    setToContext: false
-};
-const secretsManagerMiddleware = (opts = {})=>{
-    const options = {
-        ...defaults,
-        ...opts
-    };
-    const fetch = (request, cachedValues = {})=>{
-        const values = {};
-        for (const internalKey of Object.keys(options.fetchData)){
-            if (cachedValues[internalKey]) continue;
-            values[internalKey] = Promise.resolve().then(()=>{
-                if (options.fetchRotationDate === true || options.fetchRotationDate?.[internalKey]) {
-                    return client.send(new DescribeSecretCommand({
-                        SecretId: options.fetchData[internalKey]
-                    })).then((resp)=>{
-                        if (options.cacheExpiry < 0) {
-                            options.cacheKeyExpiry[internalKey] = resp.NextRotationDate * 1000;
-                        } else {
-                            options.cacheKeyExpiry[internalKey] = Math.min(Math.max(resp.LastRotationDate, resp.LastChangedDate) * 1000 + options.cacheExpiry, resp.NextRotationDate * 1000);
-                        }
-                    });
+  AwsClient: SecretsManagerClient,
+  awsClientOptions: {},
+  awsClientAssumeRole: undefined,
+  awsClientCapture: undefined,
+  fetchData: {},
+  fetchRotationDate: false, // true: apply to all or {key: true} for individual
+  disablePrefetch: false,
+  cacheKey: 'secrets-manager',
+  cacheKeyExpiry: {},
+  cacheExpiry: -1, // ignored when fetchRotationRules is true/object
+  setToContext: false
+}
+const secretsManagerMiddleware = (opts = {}) => {
+  const options = { ...defaults, ...opts }
+  const fetch = (request, cachedValues = {}) => {
+    const values = {}
+    for (const internalKey of Object.keys(options.fetchData)) {
+      if (cachedValues[internalKey]) continue
+      values[internalKey] = Promise.resolve()
+        .then(() => {
+          if (
+            options.fetchRotationDate === true ||
+            options.fetchRotationDate?.[internalKey]
+          ) {
+            const command = new DescribeSecretCommand({
+              SecretId: options.fetchData[internalKey]
+            })
+            return client
+              .send(command)
+              .catch((e) => catchInvalidSignatureException(e, client, command))
+              .then((resp) => {
+                if (options.cacheExpiry < 0) {
+                  options.cacheKeyExpiry[internalKey] =
+                    resp.NextRotationDate * 1000
+                } else {
+                  options.cacheKeyExpiry[internalKey] = Math.min(
+                    Math.max(resp.LastRotationDate, resp.LastChangedDate) *
+                      1000 +
+                      options.cacheExpiry,
+                    resp.NextRotationDate * 1000
+                  )
                 }
-            }).then(()=>client.send(new GetSecretValueCommand({
-                    SecretId: options.fetchData[internalKey]
-                }))).then((resp)=>jsonSafeParse(resp.SecretString)).catch((e)=>{
-                const value = getCache(options.cacheKey).value ?? {};
-                value[internalKey] = undefined;
-                modifyCache(options.cacheKey, value);
-                throw e;
-            });
-        }
-        return values;
-    };
-    let client;
-    if (canPrefetch(options)) {
-        client = createPrefetchClient(options);
-        processCache(options, fetch);
+              })
+          }
+        })
+        .then(() => {
+          const command = new GetSecretValueCommand({
+            SecretId: options.fetchData[internalKey]
+          })
+          return client
+            .send(command)
+            .catch((e) => catchInvalidSignatureException(e, client, command))
+        })
+        .then((resp) => jsonSafeParse(resp.SecretString))
+        .catch((e) => {
+          const value = getCache(options.cacheKey).value ?? {}
+          value[internalKey] = undefined
+          modifyCache(options.cacheKey, value)
+          throw e
+        })
     }
-    const secretsManagerMiddlewareBefore = async (request)=>{
-        if (!client) {
-            client = await createClient(options, request);
-        }
-        const { value } = processCache(options, fetch, request);
-        Object.assign(request.internal, value);
-        if (options.setToContext) {
-            const data = await getInternal(Object.keys(options.fetchData), request);
-            Object.assign(request.context, data);
-        }
-    };
-    return {
-        before: secretsManagerMiddlewareBefore
-    };
-};
-export default secretsManagerMiddleware;
-export function secret(name) {
-    return name;
+    return values
+  }
+  let client
+  if (canPrefetch(options)) {
+    client = createPrefetchClient(options)
+    processCache(options, fetch)
+  }
+  const secretsManagerMiddlewareBefore = async (request) => {
+    if (!client) {
+      client = await createClient(options, request)
+    }
+    const { value } = processCache(options, fetch, request)
+    Object.assign(request.internal, value)
+    if (options.setToContext) {
+      const data = await getInternal(Object.keys(options.fetchData), request)
+      Object.assign(request.context, data)
+    }
+  }
+  return {
+    before: secretsManagerMiddlewareBefore
+  }
 }
+export default secretsManagerMiddleware
+// used for TS type inference (see index.d.ts)
+export function secret (name) {
+  return name
+}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@middy/secrets-manager",
-  "version": "5.1.0",
+  "version": "5.2.1",
   "description": "Secrets Manager middleware for the middy framework",
   "type": "module",
   "engines": {
@@ -58,13 +58,13 @@
     "url": "https://github.com/sponsors/willfarrell"
   },
   "dependencies": {
-    "@middy/util": "5.1.0"
+    "@middy/util": "5.2.1"
   },
   "devDependencies": {
     "@aws-sdk/client-secrets-manager": "^3.0.0",
-    "@middy/core": "5.1.0",
+    "@middy/core": "5.2.1",
     "@types/aws-lambda": "^8.10.101",
     "aws-xray-sdk": "^3.3.3"
   },
-  "gitHead": "bbdaf5843914921804ba085dd58117273febe6b5"
+  "gitHead": "4d55da221b9165b4b3e59a12632fd40a149a1e92"
 }