@scality/data-browser-library 1.1.7 → 1.1.9

package/dist/components/providers/DataBrowserProvider.d.ts

@@ -17,7 +17,7 @@ export interface DataBrowserProviderProps {
 }
 export declare const DataBrowserProvider: React.FC<DataBrowserProviderProps>;
 export declare const useDataBrowserConfig: () => import("../../types").S3BrowserConfig & {
-    credentials: import("../../types").S3Credentials;
+    credentials: import("../../types").S3Credentials | import("../../types").S3CredentialProvider;
 };
 /**
  * Hook to invalidate queries with automatic S3 config identifier prefixing.

package/dist/components/providers/DataBrowserProvider.js

@@ -13,10 +13,12 @@ const DataBrowserContext = /*#__PURE__*/ createContext(DEFAULT_CONTEXT_VALUE);
 const useDataBrowserContext = ()=>useContext(DataBrowserContext);
 const DataBrowserProvider = ({ children, queryClient, theme, enableDevtools, getS3Config })=>{
     const currentConfig = getS3Config?.();
+    const currentCredentials = currentConfig?.credentials;
+    const staticCredentials = 'function' == typeof currentCredentials ? void 0 : currentCredentials;
     const s3ConfigIdentifier = useMemo(()=>currentConfig ? computeS3ConfigIdentifier(currentConfig) : ANONYMOUS_S3_CONFIG_IDENTIFIER, [
         currentConfig?.cacheKey,
-        currentConfig?.credentials?.accessKeyId,
-        currentConfig?.credentials?.sessionToken,
+        staticCredentials?.accessKeyId,
+        staticCredentials?.sessionToken,
         currentConfig?.region,
         currentConfig?.endpoint
     ]);

package/dist/hooks/useFeatures.d.ts

@@ -1,7 +1,8 @@
+import type { Feature } from '../types';
 /**
  * Hook to check if a feature is enabled in the S3 configuration.
  *
  * @param feature - The feature name to check
  * @returns true if enabled, false if disabled, undefined if config not available
  */
-export declare function useFeatures(feature: string): boolean | undefined;
+export declare function useFeatures(feature: Feature): boolean | undefined;

package/dist/hooks/useS3Client.js

@@ -1,13 +1,12 @@
-import { useMemo } from "react";
+import { useMemo, useRef } from "react";
 import { useDataBrowserContext } from "../components/providers/DataBrowserProvider.js";
 import { createS3Client } from "../utils/s3Client.js";
 const useS3Client = ()=>{
     const { s3ConfigIdentifier, getS3Config } = useDataBrowserContext();
     if (!getS3Config) throw new Error('useS3Client: S3 config not available. Ensure DataBrowserProvider has getS3Config prop set.');
-    return useMemo(()=>{
-        const config = getS3Config();
-        return createS3Client(config);
-    }, [
+    const getS3ConfigRef = useRef(getS3Config);
+    getS3ConfigRef.current = getS3Config;
+    return useMemo(()=>createS3Client(getS3ConfigRef.current()), [
         s3ConfigIdentifier
     ]);
 };

package/dist/test/utils/errorHandling.test.js

@@ -36,6 +36,9 @@ const TestErrors = {
     accessDenied: ()=>createMockAWSError('AccessDenied', TEST_CONSTANTS.MESSAGES.ACCESS_DENIED, 403),
     internalError: ()=>createMockAWSError('InternalError', TEST_CONSTANTS.MESSAGES.INTERNAL_ERROR, 500),
     serviceUnavailable: ()=>createMockAWSError('ServiceUnavailable', TEST_CONSTANTS.MESSAGES.SERVICE_UNAVAILABLE, 503),
+    expiredToken: ()=>createMockAWSError('ExpiredToken', 'The provided token has expired.', 400),
+    expiredTokenException: ()=>createMockAWSError('ExpiredTokenException', 'The security token included in the request is expired', 400),
+    tokenRefreshRequired: ()=>createMockAWSError('TokenRefreshRequired', 'Token refresh is required', 400),
     abortError: ()=>{
         const error = new Error('Operation aborted');
         Object.defineProperty(error, 'name', {
@@ -61,7 +64,8 @@ const TestEnhancedErrors = {
     auth: ()=>new EnhancedS3Error('Auth error', 'AuthError', ErrorCategory.AUTHORIZATION, new Error()),
     notFound: ()=>new EnhancedS3Error('Not found', 'NotFoundError', ErrorCategory.NOT_FOUND, new Error()),
     cancelled: ()=>new EnhancedS3Error('Cancelled', 'CancelError', ErrorCategory.CANCELLATION, new Error()),
-    unknown: ()=>new EnhancedS3Error('Unknown', 'UnknownError', ErrorCategory.UNKNOWN, new Error())
+    unknown: ()=>new EnhancedS3Error('Unknown', 'UnknownError', ErrorCategory.UNKNOWN, new Error()),
+    expiredCredentials: ()=>new EnhancedS3Error('Token expired', 'ExpiredToken', ErrorCategory.EXPIRED_CREDENTIALS, new Error())
 };
 describe('ErrorCategory', ()=>{
     test('contains all expected categories', ()=>{
@@ -71,6 +75,7 @@ describe('ErrorCategory', ()=>{
         expect(ErrorCategory.CANCELLATION).toBe('CANCELLATION');
         expect(ErrorCategory.AUTHORIZATION).toBe('AUTHORIZATION');
         expect(ErrorCategory.NOT_FOUND).toBe('NOT_FOUND');
+        expect(ErrorCategory.EXPIRED_CREDENTIALS).toBe('EXPIRED_CREDENTIALS');
         expect(ErrorCategory.UNKNOWN).toBe('UNKNOWN');
     });
 });
@@ -102,6 +107,7 @@ describe('EnhancedS3Error', ()=>{
         test('returns true for retryable categories', ()=>{
             expect(TestEnhancedErrors.server().shouldRetry()).toBe(true);
             expect(TestEnhancedErrors.network().shouldRetry()).toBe(true);
+            expect(TestEnhancedErrors.expiredCredentials().shouldRetry()).toBe(true);
         });
         test('returns false for non-retryable categories', ()=>{
             expect(TestEnhancedErrors.client().shouldRetry()).toBe(false);
@@ -192,6 +198,29 @@ describe('createS3Error', ()=>{
             expect(result.category).toBe(expectedCategory);
         });
     });
+    test('handles expired credential errors as retryable', ()=>{
+        const testCases = [
+            {
+                error: TestErrors.expiredToken(),
+                expectedName: 'ExpiredToken'
+            },
+            {
+                error: TestErrors.expiredTokenException(),
+                expectedName: 'ExpiredTokenException'
+            },
+            {
+                error: TestErrors.tokenRefreshRequired(),
+                expectedName: 'TokenRefreshRequired'
+            }
+        ];
+        testCases.forEach(({ error, expectedName })=>{
+            const result = createS3Error(error);
+            expect(result.category).toBe(ErrorCategory.EXPIRED_CREDENTIALS);
+            expect(result.name).toBe(expectedName);
+            expect(result.statusCode).toBe(400);
+            expect(result.shouldRetry()).toBe(true);
+        });
+    });
     test('handles network errors', ()=>{
         const testCases = [
             TestErrors.networkError(),
@@ -325,6 +354,10 @@ describe('shouldRetryError', ()=>{
                 error: TestErrors.internalError(),
                 shouldRetry: true
             },
+            {
+                error: TestErrors.expiredToken(),
+                shouldRetry: true
+            },
             {
                 error: TestErrors.invalidRequest(),
                 shouldRetry: false

package/dist/types/index.d.ts

@@ -2,6 +2,10 @@ import type { S3ClientConfig } from '@aws-sdk/client-s3';
 import type { AwsCredentialIdentity } from '@aws-sdk/types';
 import type { ProxyConfiguration, S3EventType } from '../config/types';
 export type { _Object, Bucket, BucketCannedACL, BucketLocationConstraint, CopyObjectCommandInput, CopyObjectCommandOutput, CreateBucketCommandInput, CreateBucketCommandOutput, DeleteBucketCommandInput, DeleteBucketCommandOutput, DeleteBucketCorsCommandOutput, DeleteBucketLifecycleCommandOutput, DeleteBucketPolicyCommandOutput, DeleteBucketReplicationCommandOutput, DeleteBucketTaggingCommandOutput, DeleteMarkerEntry, DeleteObjectCommandInput, DeleteObjectCommandOutput, DeleteObjectsCommandInput, DeleteObjectsCommandOutput, DeleteObjectTaggingCommandOutput, GetBucketAclCommandOutput, GetBucketCorsCommandOutput, GetBucketEncryptionCommandOutput, GetBucketLifecycleConfigurationCommandOutput, GetBucketLocationCommandInput, GetBucketLocationCommandOutput, GetBucketNotificationConfigurationCommandOutput, GetBucketPolicyCommandOutput, GetBucketReplicationCommandOutput, GetBucketTaggingCommandOutput, GetBucketVersioningCommandOutput, GetObjectAclCommandOutput, GetObjectAttributesCommandInput, GetObjectAttributesCommandOutput, GetObjectCommandInput, GetObjectCommandOutput, GetObjectLegalHoldCommandOutput, GetObjectLockConfigurationCommandOutput, GetObjectRetentionCommandOutput, GetObjectTaggingCommandOutput, GetObjectTorrentCommandOutput, HeadObjectCommandInput, HeadObjectCommandOutput, ListBucketsCommandOutput, ListMultipartUploadsCommandInput, ListMultipartUploadsCommandOutput, ListObjectsV2CommandInput, ListObjectsV2CommandOutput, ListObjectVersionsCommandInput, ListObjectVersionsCommandOutput, ObjectCannedACL, ObjectVersion, Owner, PutBucketAclCommandInput, PutBucketCorsCommandInput, PutBucketEncryptionCommandInput, PutBucketLifecycleConfigurationCommandInput, PutBucketNotificationConfigurationCommandInput, PutBucketPolicyCommandInput, PutBucketReplicationCommandInput, PutBucketTaggingCommandInput, PutBucketTaggingCommandOutput, PutBucketVersioningCommandInput, PutObjectAclCommandInput, PutObjectCommandInput, PutObjectCommandOutput, PutObjectLegalHoldCommandInput, PutObjectLockConfigurationCommandInput, PutObjectRetentionCommandInput, PutObjectTaggingCommandInput, RestoreObjectCommandInput, RestoreObjectCommandOutput, SelectObjectContentCommandInput, SelectObjectContentCommandOutput, Tag, } from '@aws-sdk/client-s3';
+/**
+ * Known feature flags for the data browser.
+ */
+export type Feature = 'replicationAdvanced' | 'replicationV1' | 'metadatasearch' | 'ISV';
 /**
  * S3 backend capabilities configuration.
  */
@@ -22,7 +26,7 @@ export interface S3BrowserConfig extends Omit<S3ClientConfig, 'credentials'> {
     proxy?: ProxyConfiguration;
     publicAclIndicator?: string;
     s3Capabilities?: S3Capabilities;
-    features?: string[];
+    features?: Feature[];
     /**
      * Stable identifier for React Query cache isolation.
      *
@@ -46,15 +50,20 @@ export interface S3BrowserConfig extends Omit<S3ClientConfig, 'credentials'> {
  */
 export interface S3Credentials extends AwsCredentialIdentity {
 }
+/**
+ * Async credential provider function.
+ * The AWS SDK calls this before each request to resolve credentials.
+ */
+export type S3CredentialProvider = () => Promise<S3Credentials>;
 /**
  * Function type that returns the current S3 configuration with credentials.
  *
- * This function is called by the DataBrowserProvider to get the latest
- * configuration. It should return fresh credentials when they have been
- * refreshed.
+ * Credentials can be either a static object or an async provider function.
+ * When a provider is used, the AWS SDK calls it before each request,
+ * allowing transparent credential refresh.
  */
 export type GetConfigFunction = () => S3BrowserConfig & {
-    credentials: S3Credentials;
+    credentials: S3Credentials | S3CredentialProvider;
 };
 export type S3ErrorCode = 'AccessDenied' | 'NoSuchBucket' | 'NoSuchKey' | 'InvalidBucketName' | 'BucketNotFound' | 'NetworkError' | 'UnknownError';
 export interface S3Error extends Error {

package/dist/utils/errorHandling.d.ts

@@ -10,6 +10,7 @@ export declare enum ErrorCategory {
     CANCELLATION = "CANCELLATION",// User cancelled - don't retry
     AUTHORIZATION = "AUTHORIZATION",// Permission issues - don't retry
     NOT_FOUND = "NOT_FOUND",// Resource doesn't exist - don't retry
+    EXPIRED_CREDENTIALS = "EXPIRED_CREDENTIALS",// Temporary credentials expired - can retry
     UNKNOWN = "UNKNOWN"
 }
 /**
@@ -25,7 +26,7 @@ export declare class EnhancedS3Error extends Error {
     constructor(message: string, name: string, category: ErrorCategory, originalError: Error, statusCode?: number, metadata?: S3ServiceException['$metadata'], context?: Record<string, unknown>);
     /**
      * Determines if this error should be retried based on its category.
-     * Only server errors and network issues are retryable.
+     * Server errors, network issues, and expired credentials are retryable.
      */
     shouldRetry(): boolean;
 }

package/dist/utils/errorHandling.js

@@ -6,6 +6,7 @@ var errorHandling_ErrorCategory = /*#__PURE__*/ function(ErrorCategory) {
     ErrorCategory["CANCELLATION"] = "CANCELLATION";
     ErrorCategory["AUTHORIZATION"] = "AUTHORIZATION";
     ErrorCategory["NOT_FOUND"] = "NOT_FOUND";
+    ErrorCategory["EXPIRED_CREDENTIALS"] = "EXPIRED_CREDENTIALS";
     ErrorCategory["UNKNOWN"] = "UNKNOWN";
     return ErrorCategory;
 }({});
@@ -26,9 +27,17 @@ class EnhancedS3Error extends Error {
         Object.setPrototypeOf(this, EnhancedS3Error.prototype);
     }
     shouldRetry() {
-        return "SERVER_ERROR" === this.category || "NETWORK_ERROR" === this.category;
+        return "SERVER_ERROR" === this.category || "NETWORK_ERROR" === this.category || "EXPIRED_CREDENTIALS" === this.category;
     }
 }
+const EXPIRED_CREDENTIAL_ERROR_NAMES = new Set([
+    'ExpiredToken',
+    'ExpiredTokenException',
+    'TokenRefreshRequired'
+]);
+function isExpiredCredentialError(errorName) {
+    return EXPIRED_CREDENTIAL_ERROR_NAMES.has(errorName);
+}
 function classifyByStatusCode(statusCode) {
     if (statusCode >= 400 && statusCode < 500) {
         if (401 === statusCode || 403 === statusCode) return "AUTHORIZATION";
@@ -47,6 +56,7 @@ function createS3Error(error, context) {
     if (error instanceof Error && 'AbortError' === error.name) return new EnhancedS3Error('Operation was cancelled', 'AbortError', "CANCELLATION", error, void 0, void 0, context);
     if (error instanceof NoSuchBucket || error instanceof NoSuchKey || error instanceof NoSuchUpload) return new EnhancedS3Error(error.message, error.name, "NOT_FOUND", error, error.$metadata?.httpStatusCode, error.$metadata, context);
     if (error instanceof InvalidRequest || error instanceof InvalidObjectState || error instanceof InvalidWriteOffset || error instanceof ObjectAlreadyInActiveTierError || error instanceof ObjectNotInActiveTierError) return new EnhancedS3Error(error.message, error.name, "CLIENT_ERROR", error, error.$metadata?.httpStatusCode, error.$metadata, context);
+    if (isS3ServiceException(error) && isExpiredCredentialError(error.name)) return new EnhancedS3Error(error.message, error.name, "EXPIRED_CREDENTIALS", error, error.$metadata?.httpStatusCode, error.$metadata, context);
     if (isS3ServiceException(error)) {
         const category = error.$metadata?.httpStatusCode ? classifyByStatusCode(error.$metadata.httpStatusCode) : "UNKNOWN";
         return new EnhancedS3Error(error.message, error.name, category, error, error.$metadata?.httpStatusCode, error.$metadata, context);

package/dist/utils/s3Client.d.ts

@@ -1,15 +1,9 @@
 import { S3Client } from '@aws-sdk/client-s3';
-import type { S3BrowserConfig, S3Credentials } from '../types';
-/**
- * S3Client configuration with credentials
- */
-export interface S3ClientConfigWithProxy extends S3BrowserConfig {
-    credentials: S3Credentials;
-}
+import type { GetConfigFunction } from '../types';
 /**
  * Create S3 client with optional proxy middleware
  *
- * @param config - S3 configuration with credentials and optional proxy config
+ * @param config - S3 configuration with credentials (static or provider) and optional proxy config
  * @returns Configured S3Client instance
  */
-export declare const createS3Client: (config: S3ClientConfigWithProxy) => S3Client;
+export declare const createS3Client: (config: ReturnType<GetConfigFunction>) => S3Client;

package/dist/utils/s3ConfigIdentifier.js

@@ -38,13 +38,16 @@ const computeS3ConfigIdentifier = (config, fallbackIdentifier = ANONYMOUS_S3_CON
     const cacheKey = config?.cacheKey?.trim();
     if (cacheKey) parts.push(cacheKey);
     else {
-        const accessKeyId = config?.credentials?.accessKeyId?.trim();
-        if (accessKeyId) {
-            parts.push(accessKeyId);
-            const sessionToken = config?.credentials?.sessionToken?.trim();
-            if (sessionToken) {
-                const hash = hashSessionToken(sessionToken);
-                parts.push(`session:${hash}`);
+        const credentials = config?.credentials;
+        if ('object' == typeof credentials && null !== credentials) {
+            const accessKeyId = credentials.accessKeyId?.trim();
+            if (accessKeyId) {
+                parts.push(accessKeyId);
+                const sessionToken = credentials.sessionToken?.trim();
+                if (sessionToken) {
+                    const hash = hashSessionToken(sessionToken);
+                    parts.push(`session:${hash}`);
+                }
             }
         }
     }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@scality/data-browser-library",
-  "version": "1.1.7",
+  "version": "1.1.9",
   "description": "A modular React component library for browsing S3 buckets and objects",
   "type": "module",
   "types": "./dist/index.d.ts",