nix/infisical-node-sdk
1
0
Fork 0
Code Issues Pull Requests Activity

Remove Amazon IAM.

Browse Source
This commit is contained in:
Nix Krystik
2026-01-23 17:17:36 +08:00
parent 0e2ab78d6e
commit 73871ce238
6 changed files with 65 additions and 2518 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2494
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

16
package.json
View File

@@ -17,22 +17,18 @@
], ],
"repository": { "repository": {
"type": "git", "type": "git",
"url": "git+https://github.com/infisical/infisical-node-sdk.git" "url": "git+https://git.hep.gg/nix/infisical-node-sdk.git"
}, },
"author": "Infisical Inc, <daniel@infisical.com>", "author": "Nix Krystik <nix@archwing.dev>",
"license": "ISC", "license": "ISC",
"description": "The Infisical SDK provides a convenient way to programmatically interact with the Infisical API.", "description": "Modified fork of the Infisical NodeJS SDK removing unnecessary features.",
"devDependencies": { "devDependencies": {
"@types/node": "^22.5.1", "@types/node": "^22.5.1",
"tsc": "^2.0.4", "tsc": "^2.0.4",
"tsup": "^8.2.4" "tsup": "^8.2.4"
}, },
"dependencies": { "dependencies": {
"@aws-crypto/sha256-js": "^5.2.0", "axios": "^1.13.2",
"@aws-sdk/credential-providers": "3.600.0",
"@aws-sdk/protocol-http": "^3.370.0",
"@aws-sdk/signature-v4": "^3.370.0",
"axios": "^1.11.0",
"typescript": "^5.5.4", "typescript": "^5.5.4",
"zod": "^3.23.8" "zod": "^3.23.8"
}, },
@@ -42,7 +38,7 @@
}, },
"types": "./lib/index.d.ts", "types": "./lib/index.d.ts",
"bugs": { "bugs": {
"url": "https://github.com/infisical/infisical-node-sdk/issues" "url": "https://git.hep.gg/nix/infisical-node-sdk/issues"
}, },
"homepage": "https://github.com/infisical/infisical-node-sdk#readme" "homepage": "https://git.hep.gg/nix/infisical-node-sdk#readme"
} }

11
src/api/endpoints/auth.ts
View File

@@ -2,8 +2,6 @@ import { ApiClient } from "../base";
import { import {
UniversalAuthLoginRequest, UniversalAuthLoginRequest,
UniversalAuthLoginResponse, UniversalAuthLoginResponse,
AwsIamAuthLoginRequest,
AwsIamAuthLoginResponse,
TokenRenewRequest, TokenRenewRequest,
TokenRenewResponse, TokenRenewResponse,
} from "../types"; } from "../types";
@@ -20,15 +18,6 @@ export class AuthApi {
); );
} }
async awsIamAuthLogin(
data: AwsIamAuthLoginRequest
): Promise<AwsIamAuthLoginResponse> {
return this.apiClient.post<AwsIamAuthLoginResponse>(
"/api/v1/auth/aws-auth/login",
data
);
}
async renewToken(data: TokenRenewRequest): Promise<TokenRenewResponse> { async renewToken(data: TokenRenewRequest): Promise<TokenRenewResponse> {
return this.apiClient.post<TokenRenewResponse>( return this.apiClient.post<TokenRenewResponse>(
"/api/v1/auth/token/renew", "/api/v1/auth/token/renew",

12
src/api/types/auth.ts
View File

@@ -8,18 +8,6 @@ export interface UniversalAuthLoginResponse {
expiresIn: number; expiresIn: number;
} }
export interface AwsIamAuthLoginRequest {
identityId: string;
iamHttpRequestMethod: string;
iamRequestBody: string;
iamRequestHeaders: string;
}
export interface AwsIamAuthLoginResponse {
accessToken: string;
expiresIn: number;
}
export interface TokenRenewRequest { export interface TokenRenewRequest {
accessToken: string; accessToken: string;
} }

47
src/custom/auth.ts
View File

@@ -1,16 +1,10 @@
import { InfisicalSDK } from ".."; import { InfisicalSDK } from "..";
import { AuthApi } from "../api/endpoints/auth"; import { AuthApi } from "../api/endpoints/auth";
import { UniversalAuthLoginRequest } from "../api/types"; import { UniversalAuthLoginRequest } from "../api/types";
import { MACHINE_IDENTITY_ID_ENV_NAME } from "./constants";
import { InfisicalSDKError, newInfisicalError } from "./errors"; import { InfisicalSDKError, newInfisicalError } from "./errors";
import { getAwsRegion, performAwsIamLogin } from "./util";
type AuthenticatorFunction = (accessToken: string) => InfisicalSDK; type AuthenticatorFunction = (accessToken: string) => InfisicalSDK;
type AwsAuthLoginOptions = {
identityId?: string;
};
export const renewToken = async (apiClient: AuthApi, token?: string) => { export const renewToken = async (apiClient: AuthApi, token?: string) => {
try { try {
if (!token) { if (!token) {
@@ -33,47 +27,6 @@ export default class AuthClient {
private _accessToken?: string private _accessToken?: string
) {} ) {}
awsIamAuth = {
login: async (options?: AwsAuthLoginOptions) => {
try {
const identityId =
options?.identityId || process.env[MACHINE_IDENTITY_ID_ENV_NAME];
if (!identityId) {
throw new InfisicalSDKError(
"Identity ID is required for AWS IAM authentication"
);
}
const iamRequest = await performAwsIamLogin(await getAwsRegion());
const res = await this.apiClient.awsIamAuthLogin({
iamHttpRequestMethod: iamRequest.iamHttpRequestMethod,
iamRequestBody: Buffer.from(iamRequest.iamRequestBody).toString(
"base64"
),
iamRequestHeaders: Buffer.from(
JSON.stringify(iamRequest.iamRequestHeaders)
).toString("base64"),
identityId,
});
return this.sdkAuthenticator(res.accessToken);
} catch (err) {
throw newInfisicalError(err);
}
},
renew: async () => {
try {
const refreshedToken = await renewToken(
this.apiClient,
this._accessToken
);
return this.sdkAuthenticator(refreshedToken.accessToken);
} catch (err) {
throw newInfisicalError(err);
}
},
};
universalAuth = { universalAuth = {
login: async (options: UniversalAuthLoginRequest) => { login: async (options: UniversalAuthLoginRequest) => {
try { try {

3
src/custom/constants.ts
View File

@@ -1,3 +0,0 @@
export const MACHINE_IDENTITY_ID_ENV_NAME = "INFISICAL_MACHINE_IDENTITY_ID";
export const AWS_TOKEN_METADATA_URI = "http://169.254.169.254/latest/api/token";
export const AWS_IDENTITY_DOCUMENT_URI = "http://169.254.169.254/latest/dynamic/instance-identity/document";