mongodb 6.5.0-dev.20240404.sha.0e3d6ea → 6.5.0-dev.20240405.sha.ce55ca9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/lib/client-side-encryption/providers/aws.js +13 -10
  2. package/lib/client-side-encryption/providers/aws.js.map +1 -1
  3. package/lib/sdam/common.js.map +1 -1
  4. package/mongodb.d.ts +8 -2
  5. package/package.json +1 -1
  6. package/src/client-side-encryption/providers/aws.ts +17 -10
  7. package/src/sdam/common.ts +8 -2
package/lib/client-side-encryption/providers/aws.js CHANGED
@@ -1,20 +1,23 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.loadAWSCredentials = void 0;
4
- const deps_1 = require("../../deps");
4
+ const aws_temporary_credentials_1 = require("../../cmap/auth/aws_temporary_credentials");
5
5
  /**
6
6
  * @internal
7
7
  */
8
8
  async function loadAWSCredentials(kmsProviders) {
9
- const credentialProvider = (0, deps_1.getAwsCredentialProvider)();
10
- if ('kModuleError' in credentialProvider) {
11
- return kmsProviders;
12
- }
13
- const { fromNodeProviderChain } = credentialProvider;
14
- const provider = fromNodeProviderChain();
15
- // The state machine is the only place calling this so it will
16
- // catch if there is a rejection here.
17
- const aws = await provider();
9
+ const credentialProvider = new aws_temporary_credentials_1.AWSSDKCredentialProvider();
10
+ // We shouldn't ever receive a response from the AWS SDK that doesn't have a `SecretAccessKey`
11
+ // or `AccessKeyId`. However, TS says these fields are optional. We provide empty strings
12
+ // and let libmongocrypt error if we're unable to fetch the required keys.
13
+ const { SecretAccessKey = '', AccessKeyId = '', Token } = await credentialProvider.getCredentials();
14
+ const aws = {
15
+ secretAccessKey: SecretAccessKey,
16
+ accessKeyId: AccessKeyId
17
+ };
18
+ // the AWS session token is only required for temporary credentials so only attach it to the
19
+ // result if it's present in the response from the aws sdk
20
+ Token != null && (aws.sessionToken = Token);
18
21
  return { ...kmsProviders, aws };
19
22
  }
20
23
  exports.loadAWSCredentials = loadAWSCredentials;
package/lib/client-side-encryption/providers/aws.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"aws.js","sourceRoot":"","sources":["../../../src/client-side-encryption/providers/aws.ts"],"names":[],"mappings":";;;AAAA,qCAAsD;AAGtD;;GAEG;AACI,KAAK,UAAU,kBAAkB,CAAC,YAA0B;IACjE,MAAM,kBAAkB,GAAG,IAAA,+BAAwB,GAAE,CAAC;IAEtD,IAAI,cAAc,IAAI,kBAAkB,EAAE;QACxC,OAAO,YAAY,CAAC;KACrB;IAED,MAAM,EAAE,qBAAqB,EAAE,GAAG,kBAAkB,CAAC;IACrD,MAAM,QAAQ,GAAG,qBAAqB,EAAE,CAAC;IACzC,8DAA8D;IAC9D,sCAAsC;IACtC,MAAM,GAAG,GAAG,MAAM,QAAQ,EAAE,CAAC;IAC7B,OAAO,EAAE,GAAG,YAAY,EAAE,GAAG,EAAE,CAAC;AAClC,CAAC;AAbD,gDAaC"}
1
+ {"version":3,"file":"aws.js","sourceRoot":"","sources":["../../../src/client-side-encryption/providers/aws.ts"],"names":[],"mappings":";;;AAAA,yFAAqF;AAGrF;;GAEG;AACI,KAAK,UAAU,kBAAkB,CAAC,YAA0B;IACjE,MAAM,kBAAkB,GAAG,IAAI,oDAAwB,EAAE,CAAC;IAE1D,8FAA8F;IAC9F,2FAA2F;IAC3F,0EAA0E;IAC1E,MAAM,EACJ,eAAe,GAAG,EAAE,EACpB,WAAW,GAAG,EAAE,EAChB,KAAK,EACN,GAAG,MAAM,kBAAkB,CAAC,cAAc,EAAE,CAAC;IAC9C,MAAM,GAAG,GAAqC;QAC5C,eAAe,EAAE,eAAe;QAChC,WAAW,EAAE,WAAW;KACzB,CAAC;IACF,4FAA4F;IAC5F,0DAA0D;IAC1D,KAAK,IAAI,IAAI,IAAI,CAAC,GAAG,CAAC,YAAY,GAAG,KAAK,CAAC,CAAC;IAE5C,OAAO,EAAE,GAAG,YAAY,EAAE,GAAG,EAAE,CAAC;AAClC,CAAC;AApBD,gDAoBC"}
package/lib/sdam/common.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"common.js","sourceRoot":"","sources":["../../src/sdam/common.ts"],"names":[],"mappings":";;;AAAA,mCAAsC;AAMtC,qBAAqB;AACR,QAAA,aAAa,GAAG,SAAS,CAAC;AAC1B,QAAA,YAAY,GAAG,QAAQ,CAAC;AACxB,QAAA,gBAAgB,GAAG,YAAY,CAAC;AAChC,QAAA,eAAe,GAAG,WAAW,CAAC;AAE3C;;;GAGG;AACU,QAAA,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC;IACxC,MAAM,EAAE,QAAQ;IAChB,mBAAmB,EAAE,qBAAqB;IAC1C,qBAAqB,EAAE,uBAAuB;IAC9C,OAAO,EAAE,SAAS;IAClB,OAAO,EAAE,SAAS;IAClB,YAAY,EAAE,cAAc;CACpB,CAAC,CAAC;AAKZ;;;GAGG;AACU,QAAA,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC;IACtC,UAAU,EAAE,YAAY;IACxB,MAAM,EAAE,QAAQ;IAChB,eAAe,EAAE,iBAAiB;IAClC,SAAS,EAAE,WAAW;IACtB,WAAW,EAAE,aAAa;IAC1B,SAAS,EAAE,WAAW;IACtB,OAAO,EAAE,SAAS;IAClB,OAAO,EAAE,SAAS;IAClB,OAAO,EAAE,SAAS;IAClB,YAAY,EAAE,cAAc;CACpB,CAAC,CAAC;AAQZ,gBAAgB;AAChB,SAAgB,eAAe,CAAC,KAAiB;IAC/C,KAAK,CAAC,OAAO,CAAC,qBAAY,CAAC,CAAC;IAC5B,KAAK,CAAC,KAAK,EAAE,CAAC;AAChB,CAAC;AAHD,0CAGC;AAWD,+EAA+E;AAC/E,SAAgB,mBAAmB,CACjC,MAAgC,EAChC,YAAyB;IAEzB,IAAI,MAAM,CAAC,WAAW,IAAI,IAAI,EAAE;QAC9B,MAAM,CAAC,WAAW,GAAG,YAAY,CAAC;KACnC;SAAM;QACL,IAAI,YAAY,CAAC,WAAW,CAAC,WAAW,CAAC,MAAM,CAAC,WAAW,CAAC,WAAW,CAAC,EAAE;YACxE,MAAM,CAAC,WAAW,GAAG,YAAY,CAAC;SACnC;KACF;AACH,CAAC;AAXD,kDAWC"}
1
+ {"version":3,"file":"common.js","sourceRoot":"","sources":["../../src/sdam/common.ts"],"names":[],"mappings":";;;AAAA,mCAAsC;AAMtC,qBAAqB;AACR,QAAA,aAAa,GAAG,SAAS,CAAC;AAC1B,QAAA,YAAY,GAAG,QAAQ,CAAC;AACxB,QAAA,gBAAgB,GAAG,YAAY,CAAC;AAChC,QAAA,eAAe,GAAG,WAAW,CAAC;AAE3C;;;GAGG;AACU,QAAA,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC;IACxC,MAAM,EAAE,QAAQ;IAChB,mBAAmB,EAAE,qBAAqB;IAC1C,qBAAqB,EAAE,uBAAuB;IAC9C,OAAO,EAAE,SAAS;IAClB,OAAO,EAAE,SAAS;IAClB,YAAY,EAAE,cAAc;CACpB,CAAC,CAAC;AAKZ;;;GAGG;AACU,QAAA,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC;IACtC,UAAU,EAAE,YAAY;IACxB,MAAM,EAAE,QAAQ;IAChB,eAAe,EAAE,iBAAiB;IAClC,SAAS,EAAE,WAAW;IACtB,WAAW,EAAE,aAAa;IAC1B,SAAS,EAAE,WAAW;IACtB,OAAO,EAAE,SAAS;IAClB,OAAO,EAAE,SAAS;IAClB,OAAO,EAAE,SAAS;IAClB,YAAY,EAAE,cAAc;CACpB,CAAC,CAAC;AAQZ,gBAAgB;AAChB,SAAgB,eAAe,CAAC,KAAiB;IAC/C,KAAK,CAAC,OAAO,CAAC,qBAAY,CAAC,CAAC;IAC5B,KAAK,CAAC,KAAK,EAAE,CAAC;AAChB,CAAC;AAHD,0CAGC;AAiBD,+EAA+E;AAC/E,SAAgB,mBAAmB,CACjC,MAAgC,EAChC,YAAyB;IAEzB,IAAI,MAAM,CAAC,WAAW,IAAI,IAAI,EAAE;QAC9B,MAAM,CAAC,WAAW,GAAG,YAAY,CAAC;KACnC;SAAM;QACL,IAAI,YAAY,CAAC,WAAW,CAAC,WAAW,CAAC,MAAM,CAAC,WAAW,CAAC,WAAW,CAAC,EAAE;YACxE,MAAM,CAAC,WAAW,GAAG,YAAY,CAAC;SACnC;KACF;AACH,CAAC;AAXD,kDAWC"}
package/mongodb.d.ts CHANGED
@@ -2076,10 +2076,16 @@ export declare interface ClusteredCollectionOptions extends Document {
2076
2076
  unique: boolean;
2077
2077
  }
2078
2078
 
2079
- /** @public */
2079
+ /**
2080
+ * @public
2081
+ * Gossiped in component for the cluster time tracking the state of user databases
2082
+ * across the cluster. It may optionally include a signature identifying the process that
2083
+ * generated such a value.
2084
+ */
2080
2085
  export declare interface ClusterTime {
2081
2086
  clusterTime: Timestamp;
2082
- signature: {
2087
+ /** Used to validate the identity of a request or response's ClusterTime. */
2088
+ signature?: {
2083
2089
  hash: Binary;
2084
2090
  keyId: Long;
2085
2091
  };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "mongodb",
3
- "version": "6.5.0-dev.20240404.sha.0e3d6ea",
3
+ "version": "6.5.0-dev.20240405.sha.ce55ca9",
4
4
  "description": "The official MongoDB driver for Node.js",
5
5
  "main": "lib/index.js",
6
6
  "files": [
package/src/client-side-encryption/providers/aws.ts CHANGED
@@ -1,20 +1,27 @@
1
- import { getAwsCredentialProvider } from '../../deps';
1
+ import { AWSSDKCredentialProvider } from '../../cmap/auth/aws_temporary_credentials';
2
2
  import { type KMSProviders } from '.';
3
3
 
4
4
  /**
5
5
  * @internal
6
6
  */
7
7
  export async function loadAWSCredentials(kmsProviders: KMSProviders): Promise<KMSProviders> {
8
- const credentialProvider = getAwsCredentialProvider();
8
+ const credentialProvider = new AWSSDKCredentialProvider();
9
9
 
10
- if ('kModuleError' in credentialProvider) {
11
- return kmsProviders;
12
- }
10
+ // We shouldn't ever receive a response from the AWS SDK that doesn't have a `SecretAccessKey`
11
+ // or `AccessKeyId`. However, TS says these fields are optional. We provide empty strings
12
+ // and let libmongocrypt error if we're unable to fetch the required keys.
13
+ const {
14
+ SecretAccessKey = '',
15
+ AccessKeyId = '',
16
+ Token
17
+ } = await credentialProvider.getCredentials();
18
+ const aws: NonNullable<KMSProviders['aws']> = {
19
+ secretAccessKey: SecretAccessKey,
20
+ accessKeyId: AccessKeyId
21
+ };
22
+ // the AWS session token is only required for temporary credentials so only attach it to the
23
+ // result if it's present in the response from the aws sdk
24
+ Token != null && (aws.sessionToken = Token);
13
25
 
14
- const { fromNodeProviderChain } = credentialProvider;
15
- const provider = fromNodeProviderChain();
16
- // The state machine is the only place calling this so it will
17
- // catch if there is a rejection here.
18
- const aws = await provider();
19
26
  return { ...kmsProviders, aws };
20
27
  }
package/src/sdam/common.ts CHANGED
@@ -55,10 +55,16 @@ export function drainTimerQueue(queue: TimerQueue): void {
55
55
  queue.clear();
56
56
  }
57
57
 
58
- /** @public */
58
+ /**
59
+ * @public
60
+ * Gossiped in component for the cluster time tracking the state of user databases
61
+ * across the cluster. It may optionally include a signature identifying the process that
62
+ * generated such a value.
63
+ */
59
64
  export interface ClusterTime {
60
65
  clusterTime: Timestamp;
61
- signature: {
66
+ /** Used to validate the identity of a request or response's ClusterTime. */
67
+ signature?: {
62
68
  hash: Binary;
63
69
  keyId: Long;
64
70
  };