Remove Amazon IAM.
This commit is contained in:
2494
package-lock.json
generated
2494
package-lock.json
generated
File diff suppressed because it is too large
Load Diff
16
package.json
16
package.json
@@ -17,22 +17,18 @@
|
||||
],
|
||||
"repository": {
|
||||
"type": "git",
|
||||
"url": "git+https://github.com/infisical/infisical-node-sdk.git"
|
||||
"url": "git+https://git.hep.gg/nix/infisical-node-sdk.git"
|
||||
},
|
||||
"author": "Infisical Inc, <daniel@infisical.com>",
|
||||
"author": "Nix Krystik <nix@archwing.dev>",
|
||||
"license": "ISC",
|
||||
"description": "The Infisical SDK provides a convenient way to programmatically interact with the Infisical API.",
|
||||
"description": "Modified fork of the Infisical NodeJS SDK removing unnecessary features.",
|
||||
"devDependencies": {
|
||||
"@types/node": "^22.5.1",
|
||||
"tsc": "^2.0.4",
|
||||
"tsup": "^8.2.4"
|
||||
},
|
||||
"dependencies": {
|
||||
"@aws-crypto/sha256-js": "^5.2.0",
|
||||
"@aws-sdk/credential-providers": "3.600.0",
|
||||
"@aws-sdk/protocol-http": "^3.370.0",
|
||||
"@aws-sdk/signature-v4": "^3.370.0",
|
||||
"axios": "^1.11.0",
|
||||
"axios": "^1.13.2",
|
||||
"typescript": "^5.5.4",
|
||||
"zod": "^3.23.8"
|
||||
},
|
||||
@@ -42,7 +38,7 @@
|
||||
},
|
||||
"types": "./lib/index.d.ts",
|
||||
"bugs": {
|
||||
"url": "https://github.com/infisical/infisical-node-sdk/issues"
|
||||
"url": "https://git.hep.gg/nix/infisical-node-sdk/issues"
|
||||
},
|
||||
"homepage": "https://github.com/infisical/infisical-node-sdk#readme"
|
||||
"homepage": "https://git.hep.gg/nix/infisical-node-sdk#readme"
|
||||
}
|
||||
|
||||
@@ -2,8 +2,6 @@ import { ApiClient } from "../base";
|
||||
import {
|
||||
UniversalAuthLoginRequest,
|
||||
UniversalAuthLoginResponse,
|
||||
AwsIamAuthLoginRequest,
|
||||
AwsIamAuthLoginResponse,
|
||||
TokenRenewRequest,
|
||||
TokenRenewResponse,
|
||||
} from "../types";
|
||||
@@ -20,15 +18,6 @@ export class AuthApi {
|
||||
);
|
||||
}
|
||||
|
||||
async awsIamAuthLogin(
|
||||
data: AwsIamAuthLoginRequest
|
||||
): Promise<AwsIamAuthLoginResponse> {
|
||||
return this.apiClient.post<AwsIamAuthLoginResponse>(
|
||||
"/api/v1/auth/aws-auth/login",
|
||||
data
|
||||
);
|
||||
}
|
||||
|
||||
async renewToken(data: TokenRenewRequest): Promise<TokenRenewResponse> {
|
||||
return this.apiClient.post<TokenRenewResponse>(
|
||||
"/api/v1/auth/token/renew",
|
||||
|
||||
@@ -8,18 +8,6 @@ export interface UniversalAuthLoginResponse {
|
||||
expiresIn: number;
|
||||
}
|
||||
|
||||
export interface AwsIamAuthLoginRequest {
|
||||
identityId: string;
|
||||
iamHttpRequestMethod: string;
|
||||
iamRequestBody: string;
|
||||
iamRequestHeaders: string;
|
||||
}
|
||||
|
||||
export interface AwsIamAuthLoginResponse {
|
||||
accessToken: string;
|
||||
expiresIn: number;
|
||||
}
|
||||
|
||||
export interface TokenRenewRequest {
|
||||
accessToken: string;
|
||||
}
|
||||
|
||||
@@ -1,16 +1,10 @@
|
||||
import { InfisicalSDK } from "..";
|
||||
import { AuthApi } from "../api/endpoints/auth";
|
||||
import { UniversalAuthLoginRequest } from "../api/types";
|
||||
import { MACHINE_IDENTITY_ID_ENV_NAME } from "./constants";
|
||||
import { InfisicalSDKError, newInfisicalError } from "./errors";
|
||||
import { getAwsRegion, performAwsIamLogin } from "./util";
|
||||
|
||||
type AuthenticatorFunction = (accessToken: string) => InfisicalSDK;
|
||||
|
||||
type AwsAuthLoginOptions = {
|
||||
identityId?: string;
|
||||
};
|
||||
|
||||
export const renewToken = async (apiClient: AuthApi, token?: string) => {
|
||||
try {
|
||||
if (!token) {
|
||||
@@ -33,47 +27,6 @@ export default class AuthClient {
|
||||
private _accessToken?: string
|
||||
) {}
|
||||
|
||||
awsIamAuth = {
|
||||
login: async (options?: AwsAuthLoginOptions) => {
|
||||
try {
|
||||
const identityId =
|
||||
options?.identityId || process.env[MACHINE_IDENTITY_ID_ENV_NAME];
|
||||
if (!identityId) {
|
||||
throw new InfisicalSDKError(
|
||||
"Identity ID is required for AWS IAM authentication"
|
||||
);
|
||||
}
|
||||
|
||||
const iamRequest = await performAwsIamLogin(await getAwsRegion());
|
||||
const res = await this.apiClient.awsIamAuthLogin({
|
||||
iamHttpRequestMethod: iamRequest.iamHttpRequestMethod,
|
||||
iamRequestBody: Buffer.from(iamRequest.iamRequestBody).toString(
|
||||
"base64"
|
||||
),
|
||||
iamRequestHeaders: Buffer.from(
|
||||
JSON.stringify(iamRequest.iamRequestHeaders)
|
||||
).toString("base64"),
|
||||
identityId,
|
||||
});
|
||||
|
||||
return this.sdkAuthenticator(res.accessToken);
|
||||
} catch (err) {
|
||||
throw newInfisicalError(err);
|
||||
}
|
||||
},
|
||||
renew: async () => {
|
||||
try {
|
||||
const refreshedToken = await renewToken(
|
||||
this.apiClient,
|
||||
this._accessToken
|
||||
);
|
||||
return this.sdkAuthenticator(refreshedToken.accessToken);
|
||||
} catch (err) {
|
||||
throw newInfisicalError(err);
|
||||
}
|
||||
},
|
||||
};
|
||||
|
||||
universalAuth = {
|
||||
login: async (options: UniversalAuthLoginRequest) => {
|
||||
try {
|
||||
|
||||
@@ -1,3 +0,0 @@
|
||||
export const MACHINE_IDENTITY_ID_ENV_NAME = "INFISICAL_MACHINE_IDENTITY_ID";
|
||||
export const AWS_TOKEN_METADATA_URI = "http://169.254.169.254/latest/api/token";
|
||||
export const AWS_IDENTITY_DOCUMENT_URI = "http://169.254.169.254/latest/dynamic/instance-identity/document";
|
||||
|
||||
Reference in New Issue
Block a user