Fixed generator
This commit is contained in:
Daniel Hougaard
@@ -33,73 +33,6 @@ export default class AuthClient {
|
||||
}
|
||||
};
|
||||
|
||||
awsIam = {
|
||||
login: async (identityId: string) => {
|
||||
if (!identityId) {
|
||||
identityId = process.env.INFISICAL_AWS_IAM_AUTH_IDENTITY_ID_ENV_NAME || "";
|
||||
}
|
||||
|
||||
const awsRegion = getAwsRegion();
|
||||
|
||||
const credentials = await fromNodeProviderChain()();
|
||||
|
||||
// Prepare request for signing
|
||||
const iamRequestURL = `https://sts.${awsRegion}.amazonaws.com/`;
|
||||
const iamRequestBody = "Action=GetCallerIdentity&Version=2011-06-15";
|
||||
|
||||
const currentTime = new Date().toISOString().replace(/[:-]|\.\d{3}/g, "");
|
||||
const headers = {
|
||||
"X-Amz-Date": currentTime,
|
||||
Host: `sts.${awsRegion}.amazonaws.com`,
|
||||
"Content-Type": "application/x-www-form-urlencoded; charset=utf-8",
|
||||
"Content-Length": iamRequestBody.length.toString()
|
||||
};
|
||||
|
||||
const signer = new SignatureV4({
|
||||
credentials,
|
||||
region: awsRegion,
|
||||
service: "sts",
|
||||
sha256: Sha256
|
||||
});
|
||||
|
||||
const signedRequest = await signer.sign({
|
||||
method: "POST",
|
||||
protocol: "https",
|
||||
hostname: `sts.${awsRegion}.amazonaws.com`,
|
||||
path: "/",
|
||||
headers,
|
||||
body: iamRequestBody
|
||||
});
|
||||
|
||||
const realHeaders: Record<string, string> = {};
|
||||
for (const [key, value] of Object.entries(signedRequest.headers)) {
|
||||
if (key.toLowerCase() !== "content-length") {
|
||||
realHeaders[key] = Array.isArray(value) ? value[0] : value;
|
||||
}
|
||||
}
|
||||
|
||||
const jsonStringHeaders = JSON.stringify(realHeaders);
|
||||
|
||||
const request = {
|
||||
httpRequestMethod: "POST",
|
||||
iamRequestBody: Buffer.from(iamRequestBody).toString("base64"),
|
||||
iamRequestHeaders: Buffer.from(jsonStringHeaders).toString("base64"),
|
||||
identityId
|
||||
};
|
||||
|
||||
const credential = await this.apiClient.apiV1AuthAwsAuthLoginPost({
|
||||
apiV1AuthAwsAuthLoginPostRequest: {
|
||||
iamHttpRequestMethod: request.httpRequestMethod,
|
||||
iamRequestBody: request.iamRequestBody,
|
||||
iamRequestHeaders: request.iamRequestHeaders,
|
||||
identityId: request.identityId
|
||||
}
|
||||
});
|
||||
|
||||
return this.sdkAuthenticator(credential.data.accessToken);
|
||||
}
|
||||
};
|
||||
|
||||
accessToken = (token: string) => {
|
||||
return this.sdkAuthenticator(token);
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user