@middy/sts 5.0.0-alpha.0 → 5.0.0-alpha.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/README.md +3 -2
  2. package/index.d.ts +34 -17
  3. package/index.js +6 -4
  4. package/package.json +4 -10
  5. package/index.cjs +0 -67
package/README.md CHANGED
@@ -19,8 +19,9 @@
19
19
  <a href="https://snyk.io/test/github/middyjs/middy">
20
20
  <img src="https://snyk.io/test/github/middyjs/middy/badge.svg" alt="Known Vulnerabilities" data-canonical-src="https://snyk.io/test/github/middyjs/middy" style="max-width:100%;">
21
21
  </a>
22
- <a href="https://lgtm.com/projects/g/middyjs/middy/context:javascript">
23
- <img src="https://img.shields.io/lgtm/grade/javascript/g/middyjs/middy.svg?logo=lgtm&logoWidth=18" alt="Language grade: JavaScript" style="max-width:100%;">
22
+ <a href="https://github.com/middyjs/middy/actions/workflows/sast.yml">
23
+ <img src="https://github.com/middyjs/middy/actions/workflows/sast.yml/badge.svg
24
+ ?branch=main&event=push" alt="CodeQL" style="max-width:100%;">
24
25
  </a>
25
26
  <a href="https://bestpractices.coreinfrastructure.org/projects/5280">
26
27
  <img src="https://bestpractices.coreinfrastructure.org/projects/5280/badge" alt="Core Infrastructure Initiative (CII) Best Practices" style="max-width:100%;">
package/index.d.ts CHANGED
@@ -1,35 +1,52 @@
1
1
  import middy from '@middy/core'
2
2
  import { Options as MiddyOptions } from '@middy/util'
3
3
  import { Context as LambdaContext } from 'aws-lambda'
4
- import { STSClient, STSClientConfig } from '@aws-sdk/client-sts'
4
+ import { AssumeRoleCommandInput, STSClient, STSClientConfig } from '@aws-sdk/client-sts'
5
5
 
6
- interface Options<AwsSTSClient = STSClient>
6
+ export interface AssumedRoleCredentials {
7
+ accessKeyId: string
8
+ secretAccessKey: string
9
+ sessionToken: string
10
+ }
11
+
12
+ export type AssumeRoleCommandInputWithOptionalRoleSessionName = Omit<
13
+ AssumeRoleCommandInput, 'RoleSessionName'
14
+ > & { RoleSessionName?: string | undefined }
15
+
16
+ interface STSOptions<AwsSTSClient = STSClient>
7
17
  extends Pick<
8
18
  MiddyOptions<AwsSTSClient, STSClientConfig>,
9
19
  | 'AwsClient'
10
20
  | 'awsClientOptions'
11
21
  | 'awsClientCapture'
12
- | 'fetchData'
13
22
  | 'disablePrefetch'
14
23
  | 'cacheKey'
15
24
  | 'cacheExpiry'
16
25
  | 'setToContext'
17
- > {}
18
-
19
- export type Context<TOptions extends Options | undefined> = TOptions extends {
20
- setToContext: true
26
+ > {
27
+ fetchData?: { [key: string]: AssumeRoleCommandInputWithOptionalRoleSessionName }
21
28
  }
22
- ? LambdaContext &
23
- Record<
24
- keyof TOptions['fetchData'],
25
- {
26
- credentials: STSClientConfig['credentials']
27
- }
28
- >
29
- : LambdaContext
30
29
 
31
- declare function sts<TOptions extends Options> (
30
+ export type Context<TOptions extends STSOptions | undefined> =
31
+ TOptions extends { setToContext: true }
32
+ ? TOptions extends { fetchData: infer TFetchData }
33
+ ? LambdaContext & {
34
+ [Key in keyof TFetchData]: AssumedRoleCredentials
35
+ }
36
+ : never
37
+ : LambdaContext
38
+
39
+ export type Internal<TOptions extends STSOptions | undefined> =
40
+ TOptions extends STSOptions
41
+ ? TOptions extends { fetchData: infer TFetchData }
42
+ ? {
43
+ [Key in keyof TFetchData]: AssumedRoleCredentials
44
+ }
45
+ : {}
46
+ : {}
47
+
48
+ declare function sts<TOptions extends STSOptions | undefined> (
32
49
  options?: TOptions
33
- ): middy.MiddlewareObj<unknown, any, Error, Context<TOptions>>
50
+ ): middy.MiddlewareObj<unknown, any, Error, Context<TOptions>, Internal<TOptions>>
34
51
 
35
52
  export default sts
package/index.js CHANGED
@@ -3,10 +3,12 @@ import { STSClient, AssumeRoleCommand } from '@aws-sdk/client-sts';
3
3
  const defaults = {
4
4
  AwsClient: STSClient,
5
5
  awsClientOptions: {},
6
+ // awsClientAssumeRole: undefined, // Not Applicable, as this is the middleware that defines the roles
6
7
  awsClientCapture: undefined,
7
8
  fetchData: {},
8
9
  disablePrefetch: false,
9
10
  cacheKey: 'sts',
11
+ cacheKeyExpiry: {},
10
12
  cacheExpiry: -1,
11
13
  setToContext: false
12
14
  };
@@ -20,6 +22,7 @@ const stsMiddleware = (opts = {})=>{
20
22
  for (const internalKey of Object.keys(options.fetchData)){
21
23
  if (cachedValues[internalKey]) continue;
22
24
  const assumeRoleOptions = options.fetchData[internalKey];
25
+ // Date cannot be used here to assign default session name, possibility of collision when > 1 role defined
23
26
  assumeRoleOptions.RoleSessionName ??= 'middy-sts-session-' + Math.ceil(Math.random() * 99999);
24
27
  values[internalKey] = client.send(new AssumeRoleCommand(assumeRoleOptions)).then((resp)=>({
25
28
  accessKeyId: resp.Credentials.AccessKeyId,
@@ -34,22 +37,21 @@ const stsMiddleware = (opts = {})=>{
34
37
  }
35
38
  return values;
36
39
  };
37
- let prefetch, client;
40
+ let client;
38
41
  if (canPrefetch(options)) {
39
42
  client = createPrefetchClient(options);
40
- prefetch = processCache(options, fetch);
43
+ processCache(options, fetch);
41
44
  }
42
45
  const stsMiddlewareBefore = async (request)=>{
43
46
  if (!client) {
44
47
  client = await createClient(options, request);
45
48
  }
46
- const { value } = prefetch ?? processCache(options, fetch, request);
49
+ const { value } = processCache(options, fetch, request);
47
50
  Object.assign(request.internal, value);
48
51
  if (options.setToContext) {
49
52
  const data = await getInternal(Object.keys(options.fetchData), request);
50
53
  if (options.setToContext) Object.assign(request.context, data);
51
54
  }
52
- prefetch = null;
53
55
  };
54
56
  return {
55
57
  before: stsMiddlewareBefore
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@middy/sts",
3
- "version": "5.0.0-alpha.0",
3
+ "version": "5.0.0-alpha.2",
4
4
  "description": "STS (Security Token Service) credentials middleware for the middy framework",
5
5
  "type": "module",
6
6
  "engines": {
@@ -10,24 +10,18 @@
10
10
  "publishConfig": {
11
11
  "access": "public"
12
12
  },
13
- "main": "./index.cjs",
14
13
  "module": "./index.js",
15
14
  "exports": {
16
15
  ".": {
17
16
  "import": {
18
17
  "types": "./index.d.ts",
19
18
  "default": "./index.js"
20
- },
21
- "require": {
22
- "types": "./index.d.ts",
23
- "default": "./index.cjs"
24
19
  }
25
20
  }
26
21
  },
27
22
  "types": "index.d.ts",
28
23
  "files": [
29
24
  "index.js",
30
- "index.cjs",
31
25
  "index.d.ts"
32
26
  ],
33
27
  "scripts": {
@@ -66,13 +60,13 @@
66
60
  "url": "https://github.com/sponsors/willfarrell"
67
61
  },
68
62
  "dependencies": {
69
- "@middy/util": "5.0.0-alpha.0"
63
+ "@middy/util": "5.0.0-alpha.2"
70
64
  },
71
65
  "devDependencies": {
72
66
  "@aws-sdk/client-sts": "^3.0.0",
73
- "@middy/core": "5.0.0-alpha.0",
67
+ "@middy/core": "5.0.0-alpha.2",
74
68
  "@types/aws-lambda": "^8.10.101",
75
69
  "aws-xray-sdk": "^3.3.3"
76
70
  },
77
- "gitHead": "08c35e3dba9efdad0b86666ce206ce302cc65d07"
71
+ "gitHead": "ebce8d5df8783077fa49ba62ee9be20e8486a7f1"
78
72
  }
package/index.cjs DELETED
@@ -1,67 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", {
3
- value: true
4
- });
5
- Object.defineProperty(module, "exports", {
6
- enumerable: true,
7
- get: ()=>_default
8
- });
9
- const _util = require("@middy/util");
10
- const _clientSts = require("@aws-sdk/client-sts");
11
- const defaults = {
12
- AwsClient: _clientSts.STSClient,
13
- awsClientOptions: {},
14
- awsClientCapture: undefined,
15
- fetchData: {},
16
- disablePrefetch: false,
17
- cacheKey: 'sts',
18
- cacheExpiry: -1,
19
- setToContext: false
20
- };
21
- const stsMiddleware = (opts = {})=>{
22
- const options = {
23
- ...defaults,
24
- ...opts
25
- };
26
- const fetch = (request, cachedValues = {})=>{
27
- const values = {};
28
- for (const internalKey of Object.keys(options.fetchData)){
29
- if (cachedValues[internalKey]) continue;
30
- const assumeRoleOptions = options.fetchData[internalKey];
31
- assumeRoleOptions.RoleSessionName ??= 'middy-sts-session-' + Math.ceil(Math.random() * 99999);
32
- values[internalKey] = client.send(new _clientSts.AssumeRoleCommand(assumeRoleOptions)).then((resp)=>({
33
- accessKeyId: resp.Credentials.AccessKeyId,
34
- secretAccessKey: resp.Credentials.SecretAccessKey,
35
- sessionToken: resp.Credentials.SessionToken
36
- })).catch((e)=>{
37
- const value = (0, _util.getCache)(options.cacheKey).value ?? {};
38
- value[internalKey] = undefined;
39
- (0, _util.modifyCache)(options.cacheKey, value);
40
- throw e;
41
- });
42
- }
43
- return values;
44
- };
45
- let prefetch, client;
46
- if ((0, _util.canPrefetch)(options)) {
47
- client = (0, _util.createPrefetchClient)(options);
48
- prefetch = (0, _util.processCache)(options, fetch);
49
- }
50
- const stsMiddlewareBefore = async (request)=>{
51
- if (!client) {
52
- client = await (0, _util.createClient)(options, request);
53
- }
54
- const { value } = prefetch ?? (0, _util.processCache)(options, fetch, request);
55
- Object.assign(request.internal, value);
56
- if (options.setToContext) {
57
- const data = await (0, _util.getInternal)(Object.keys(options.fetchData), request);
58
- if (options.setToContext) Object.assign(request.context, data);
59
- }
60
- prefetch = null;
61
- };
62
- return {
63
- before: stsMiddlewareBefore
64
- };
65
- };
66
- const _default = stsMiddleware;
67
-