@vizamodo/aws-sts-core 0.3.42 → 0.3.44
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/federation/login.js +31 -1
- package/package.json +2 -2
package/dist/federation/login.js
CHANGED
|
@@ -16,12 +16,24 @@ export async function buildFederationLoginUrl(input) {
|
|
|
16
16
|
const sessionJson = JSON.stringify(session);
|
|
17
17
|
const encoded = encodeURIComponent(sessionJson);
|
|
18
18
|
const SigninToken = await getCachedOrFetch(cacheKey, async () => {
|
|
19
|
+
console.debug("[signin] fetcher start", {
|
|
20
|
+
cacheKey,
|
|
21
|
+
expiration: input.expiration,
|
|
22
|
+
now: Date.now()
|
|
23
|
+
});
|
|
19
24
|
const tokenResp = await fetch(`https://signin.aws.amazon.com/federation?Action=getSigninToken&Session=${encoded}`);
|
|
25
|
+
console.debug("[signin] fetch response", {
|
|
26
|
+
ok: tokenResp.ok,
|
|
27
|
+
status: tokenResp.status
|
|
28
|
+
});
|
|
20
29
|
if (!tokenResp.ok) {
|
|
21
30
|
// best-effort: do not cache failures
|
|
22
31
|
throw new Error("[signin] failed to fetch SigninToken");
|
|
23
32
|
}
|
|
24
33
|
const json = await tokenResp.json();
|
|
34
|
+
console.debug("[signin] json parsed", {
|
|
35
|
+
hasToken: !!json?.SigninToken
|
|
36
|
+
});
|
|
25
37
|
const token = json?.SigninToken;
|
|
26
38
|
if (!token) {
|
|
27
39
|
// do not cache invalid response
|
|
@@ -31,12 +43,30 @@ export async function buildFederationLoginUrl(input) {
|
|
|
31
43
|
const SIGNIN_TOKEN_TTL_SEC = 15 * 60;
|
|
32
44
|
// derive effective TTL = min(tokenTTL, credentialTTL)
|
|
33
45
|
const credRemainingSec = Math.floor((Date.parse(input.expiration) - Date.now()) / 1000);
|
|
46
|
+
console.debug("[signin] TTL compute", {
|
|
47
|
+
credRemainingSec,
|
|
48
|
+
expiration: input.expiration,
|
|
49
|
+
now: Date.now()
|
|
50
|
+
});
|
|
34
51
|
const effectiveTtlSec = Math.min(SIGNIN_TOKEN_TTL_SEC, credRemainingSec);
|
|
52
|
+
console.debug("[signin] effective TTL", {
|
|
53
|
+
effectiveTtlSec,
|
|
54
|
+
SIGNIN_TOKEN_TTL_SEC
|
|
55
|
+
});
|
|
35
56
|
// if credential too close to expiry → skip caching
|
|
36
57
|
if (effectiveTtlSec <= 0) {
|
|
58
|
+
console.debug("[signin] skip cache (ttl<=0)", {
|
|
59
|
+
effectiveTtlSec
|
|
60
|
+
});
|
|
37
61
|
return token;
|
|
38
62
|
}
|
|
39
|
-
|
|
63
|
+
const expiryIso = new Date(Date.now() + effectiveTtlSec * 1000).toISOString();
|
|
64
|
+
console.debug("[signin] wrapResult", {
|
|
65
|
+
effectiveTtlSec,
|
|
66
|
+
expiryIso,
|
|
67
|
+
now: Date.now()
|
|
68
|
+
});
|
|
69
|
+
return wrapResult(token, expiryIso);
|
|
40
70
|
}, { ttlSec: 60, ...(input.forceRefresh !== undefined ? { forceRefresh: input.forceRefresh } : {}) } // allow caller-controlled retry
|
|
41
71
|
);
|
|
42
72
|
if (!SigninToken) {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@vizamodo/aws-sts-core",
|
|
3
|
-
"version": "0.3.
|
|
3
|
+
"version": "0.3.44",
|
|
4
4
|
"description": "Pure AWS STS + SigV4 (X509 Roles Anywhere) core logic",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "dist/index.js",
|
|
@@ -28,6 +28,6 @@
|
|
|
28
28
|
"vitest": "^4.1.0"
|
|
29
29
|
},
|
|
30
30
|
"dependencies": {
|
|
31
|
-
"@vizamodo/edge-cache-core": "^0.3.
|
|
31
|
+
"@vizamodo/edge-cache-core": "^0.3.35"
|
|
32
32
|
}
|
|
33
33
|
}
|