@vizamodo/aws-sts-core 0.1.36 → 0.1.40
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/sts/issue.js +4 -31
- package/package.json +1 -1
package/dist/sts/issue.js
CHANGED
|
@@ -63,7 +63,7 @@ export async function issueAwsCredentials(input) {
|
|
|
63
63
|
"content-type": "application/json",
|
|
64
64
|
"host": host,
|
|
65
65
|
"x-amz-date": amzDate,
|
|
66
|
-
"x-amz-x509
|
|
66
|
+
"x-amz-x509": normalizedCert,
|
|
67
67
|
};
|
|
68
68
|
const { canonicalHeaders, signedHeaders } = canonicalizeHeaders(baseHeaders);
|
|
69
69
|
const credentialScope = `${dateStamp}/${region}/${service}/aws4_request`;
|
|
@@ -86,7 +86,7 @@ export async function issueAwsCredentials(input) {
|
|
|
86
86
|
const finalHeaders = new Headers({
|
|
87
87
|
"Content-Type": "application/json",
|
|
88
88
|
"X-Amz-Date": amzDate,
|
|
89
|
-
"X-Amz-X509
|
|
89
|
+
"X-Amz-X509": normalizedCert,
|
|
90
90
|
"Authorization": `AWS4-X509-ECDSA-SHA256 Credential=${profileArn}/${credentialScope}, SignedHeaders=${signedHeaders}, Signature=${signatureHex}`
|
|
91
91
|
});
|
|
92
92
|
// 6. Execution (fetch)
|
|
@@ -98,37 +98,10 @@ export async function issueAwsCredentials(input) {
|
|
|
98
98
|
});
|
|
99
99
|
if (!res.ok) {
|
|
100
100
|
const errorBody = await res.text();
|
|
101
|
-
console.error("[aws-rejected]
|
|
101
|
+
console.error("[aws-rejected]", {
|
|
102
102
|
status: res.status,
|
|
103
103
|
statusText: res.statusText,
|
|
104
|
-
|
|
105
|
-
// ---- Input parameters ----
|
|
106
|
-
roleArn,
|
|
107
|
-
profileArn,
|
|
108
|
-
trustAnchorArn,
|
|
109
|
-
region,
|
|
110
|
-
profile,
|
|
111
|
-
// ---- Derived signing values ----
|
|
112
|
-
host,
|
|
113
|
-
path,
|
|
114
|
-
amzDate,
|
|
115
|
-
dateStamp,
|
|
116
|
-
credentialScope,
|
|
117
|
-
signedHeaders,
|
|
118
|
-
signatureHex,
|
|
119
|
-
// ---- Body & payload ----
|
|
120
|
-
requestBody: body,
|
|
121
|
-
payloadHash,
|
|
122
|
-
// ---- Canonical ----
|
|
123
|
-
canonicalRequest,
|
|
124
|
-
stringToSign,
|
|
125
|
-
// ---- Headers actually sent ----
|
|
126
|
-
sentHeaders: {
|
|
127
|
-
"Content-Type": "application/json",
|
|
128
|
-
"X-Amz-Date": amzDate,
|
|
129
|
-
"X-Amz-X509-Chain": normalizedCert,
|
|
130
|
-
"Authorization": `AWS4-X509-ECDSA-SHA256 Credential=${profileArn}/${credentialScope}, SignedHeaders=${signedHeaders}, Signature=${signatureHex}`
|
|
131
|
-
}
|
|
104
|
+
profile
|
|
132
105
|
});
|
|
133
106
|
throw new InternalError("aws_rejected");
|
|
134
107
|
}
|