@vizamodo/aws-sts-core 0.3.14 → 0.3.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/runtime/edge-cache.d.ts +0 -6
- package/dist/runtime/edge-cache.js +0 -16
- package/dist/sts/issue.js +1 -17
- package/package.json +1 -1
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
import type { AwsCredentialResult } from "../types";
|
|
2
1
|
/**
|
|
3
2
|
* Generic edge cache GET helper
|
|
4
3
|
*/
|
|
@@ -7,8 +6,3 @@ export declare function getEdgeCache<T>(key: string): Promise<T | null>;
|
|
|
7
6
|
* Generic edge cache SET helper
|
|
8
7
|
*/
|
|
9
8
|
export declare function setEdgeCache(key: string, value: unknown, ttlSec: number): Promise<void>;
|
|
10
|
-
/**
|
|
11
|
-
* ---- STS credential cache helpers ----
|
|
12
|
-
*/
|
|
13
|
-
export declare function getCachedCredentials(cacheKey: string): Promise<AwsCredentialResult | null>;
|
|
14
|
-
export declare function setCachedCredentials(cacheKey: string, result: AwsCredentialResult): Promise<void>;
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
const CACHE_KEY_PREFIX = "https://edge-cache.internal/";
|
|
2
|
-
const CACHE_TTL_BUFFER_SEC = 5 * 60; // 5 minutes safety buffer
|
|
3
2
|
/**
|
|
4
3
|
* Generic edge cache GET helper
|
|
5
4
|
*/
|
|
@@ -45,18 +44,3 @@ export async function setEdgeCache(key, value, ttlSec) {
|
|
|
45
44
|
// cache write failure is non-fatal
|
|
46
45
|
}
|
|
47
46
|
}
|
|
48
|
-
/**
|
|
49
|
-
* ---- STS credential cache helpers ----
|
|
50
|
-
*/
|
|
51
|
-
export async function getCachedCredentials(cacheKey) {
|
|
52
|
-
return getEdgeCache(cacheKey);
|
|
53
|
-
}
|
|
54
|
-
export async function setCachedCredentials(cacheKey, result) {
|
|
55
|
-
if (!result.expiration)
|
|
56
|
-
return;
|
|
57
|
-
const expiresAt = Date.parse(result.expiration);
|
|
58
|
-
if (!Number.isFinite(expiresAt))
|
|
59
|
-
return;
|
|
60
|
-
const ttlSec = Math.floor((expiresAt - Date.now()) / 1000) - CACHE_TTL_BUFFER_SEC;
|
|
61
|
-
await setEdgeCache(cacheKey, result, ttlSec);
|
|
62
|
-
}
|
package/dist/sts/issue.js
CHANGED
|
@@ -138,35 +138,19 @@ export async function issueAwsCredentials(input) {
|
|
|
138
138
|
cacheKey = `${region}|${roleArn}|${profileArn}|${trustAnchorArn}|${certSerialDec}`;
|
|
139
139
|
const externalCached = await getEdgeCache(cacheKey);
|
|
140
140
|
if (externalCached) {
|
|
141
|
-
console.log("[sts-cache] edge-hit", { cacheKey });
|
|
142
141
|
return externalCached;
|
|
143
142
|
}
|
|
144
143
|
// ---- isolate-level cache lookup (dedupe concurrent refresh within isolate) ----
|
|
145
144
|
const cachedEntry = stsCredentialCache.get(cacheKey);
|
|
146
|
-
if (cachedEntry) {
|
|
147
|
-
console.log("[sts-cache] isolate-hit", {
|
|
148
|
-
cacheKey,
|
|
149
|
-
expiresAt: cachedEntry.expiresAt,
|
|
150
|
-
now: Date.now(),
|
|
151
|
-
});
|
|
152
|
-
}
|
|
153
|
-
else {
|
|
154
|
-
console.log("[sts-cache] isolate-miss", { cacheKey });
|
|
155
|
-
}
|
|
156
145
|
// Only reuse cached credentials if they still have >10p remaining
|
|
157
146
|
const MIN_REMAINING_MS = 5 * 60 * 1000;
|
|
158
147
|
if (cachedEntry) {
|
|
159
148
|
// If refresh already in-flight → await the same promise
|
|
160
149
|
if (cachedEntry.expiresAt === 0) {
|
|
161
|
-
console.log("[sts-cache] reuse-inflight-refresh", { cacheKey });
|
|
162
150
|
return cachedEntry.promise;
|
|
163
151
|
}
|
|
164
152
|
// If credentials still valid with safe remaining window → reuse
|
|
165
153
|
if (cachedEntry.expiresAt > Date.now() + MIN_REMAINING_MS) {
|
|
166
|
-
console.log("[sts-cache] reuse-valid-credentials", {
|
|
167
|
-
cacheKey,
|
|
168
|
-
expiresAt: cachedEntry.expiresAt,
|
|
169
|
-
});
|
|
170
154
|
return cachedEntry.promise;
|
|
171
155
|
}
|
|
172
156
|
}
|
|
@@ -249,7 +233,7 @@ export async function issueAwsCredentials(input) {
|
|
|
249
233
|
if (result.expiration) {
|
|
250
234
|
const expiresAt = Date.parse(result.expiration);
|
|
251
235
|
if (Number.isFinite(expiresAt)) {
|
|
252
|
-
const ttlSec = Math.floor((expiresAt - Date.now()) / 1000) - (
|
|
236
|
+
const ttlSec = Math.floor((expiresAt - Date.now()) / 1000) - (15 * 60);
|
|
253
237
|
setEdgeCache(cacheKey, result, ttlSec).catch(() => { });
|
|
254
238
|
}
|
|
255
239
|
}
|