From 3a151096b06250c3f5f0e25cc1fd0af64a269e95 Mon Sep 17 00:00:00 2001 From: Shaswot Subedi Date: Mon, 26 Jan 2026 10:12:20 +0000 Subject: [PATCH] Refactor AWS SDK v3 client config to support async credentials Refactored AWS provider to resolve and hydrate v2 credentials asynchronously before building v3 client config. Updated related methods to be async and added logic to handle lazy credential providers, improving compatibility with various AWS credential sources. --- lib/plugins/aws/provider.js | 64 ++++++++++++++++++++++++------------- 1 file changed, 42 insertions(+), 22 deletions(-) diff --git a/lib/plugins/aws/provider.js b/lib/plugins/aws/provider.js index 2bb29e701..593f19935 100644 --- a/lib/plugins/aws/provider.js +++ b/lib/plugins/aws/provider.js @@ -1802,11 +1802,9 @@ class AwsProvider { */ async _requestV3(service, method, params = {}, options = {}) { try { - if (!this.clientFactory) { - this.clientFactory = new AWSClientFactory(this._getV3BaseConfig()); - } + await this._ensureV3ClientFactory(); - const clientConfig = this._buildV3ClientConfig(service, method, options); + const clientConfig = await this._buildV3ClientConfig(service, method, options); const command = createCommand(service, method, params); @@ -1823,30 +1821,28 @@ class AwsProvider { * @param {Object} options - Client configuration options * @returns {Object} AWS SDK v3 client instance */ - getV3Client(service, options = {}) { - if (!this.clientFactory) { - this.clientFactory = new AWSClientFactory(this._getV3BaseConfig()); - } + async getV3Client(service, options = {}) { + await this._ensureV3ClientFactory(); - const clientConfig = this._buildV3ClientConfig(service, null, options); + const clientConfig = await this._buildV3ClientConfig(service, null, options); return this.clientFactory.getClient(service, clientConfig); } + async _ensureV3ClientFactory() { + if (this.clientFactory) { + return; + } + + const baseConfig = await this._getV3BaseConfig(); + this.clientFactory = new AWSClientFactory(baseConfig); + } + /** * Build base configuration for AWS SDK v3 clients * @private */ - _getV3BaseConfig() { - // Convert v2 credentials format to v3 format - const { credentials: v2Creds } = this.getCredentials(); - const credentials = - v2Creds && v2Creds.accessKeyId - ? { - accessKeyId: v2Creds.accessKeyId, - secretAccessKey: v2Creds.secretAccessKey, - sessionToken: v2Creds.sessionToken, - } - : undefined; + async _getV3BaseConfig() { + const credentials = await this._resolveV2CredentialsForV3(); return buildClientConfig({ region: this.getRegion(), @@ -1854,12 +1850,36 @@ class AwsProvider { }); } + async _resolveV2CredentialsForV3() { + const { credentials: v2Creds } = this.getCredentials(); + if (!v2Creds) { + return undefined; + } + + // Hydrate lazy v2 credentials before copying + if (typeof v2Creds.getPromise === 'function') { + await v2Creds.getPromise(); + } else if (typeof v2Creds.refreshPromise === 'function') { + await v2Creds.refreshPromise(); + } + + if (!v2Creds.accessKeyId || !v2Creds.secretAccessKey) { + return undefined; + } + + return { + accessKeyId: v2Creds.accessKeyId, + secretAccessKey: v2Creds.secretAccessKey, + sessionToken: v2Creds.sessionToken, + }; + } + /** * Build client-specific configuration for AWS SDK v3 * @private */ - _buildV3ClientConfig(service, method, options) { - const baseConfig = this._getV3BaseConfig(); + async _buildV3ClientConfig(service, method, options) { + const baseConfig = await this._getV3BaseConfig(); const requestOptions = _.isObject(options) ? options : {}; // Override region if specified