aws-sdk-js
aws-sdk-js copied to clipboard
aws
exception thrown on new AWS.SSOTokenProvider()
Describe the bug
I have a working sso token verified using 'aws s3 ls --profile prod'.
Configured using aws configure sso.
I'm attempting to get the credentials for building other AWS services.
However, the following exception is thrown 'ReferenceError: profileName is not defined'
credentials = null;
try {
console.log(`try the call`);
credentials = new AWS.SSOTokenProvider({profile: 'prod'}, (err) => {
console.log(`load error was ${err}`);
});
console.log(`got creds ${JSON.stringify(credentials, null, 3)}`);
} catch (e) {
console.log(`call error was ${e}`); <<<<<<----- Exception is caught here and 'e' is message shown above.
}
Expected Behavior
the call returns the credentials associated with the current sso token.
that credential object can be passed to create other AWS classes.
for e.g.,
return new AWS.QuickSight({ apiVersion: '2018-04-01', region: region, credentials: creds });
Current Behavior
exception is thrown on new. Showing the error the following text is printed.
'ReferenceError: profileName is not defined'
Reproduction Steps
configure an aws sso token in your local environment.
credentials = null;
try {
console.log(`try the call`);
credentials = new AWS.SSOTokenProvider({profile: 'prod'}, (err) => {
console.log(`load error was ${err}`);
});
console.log(`got creds ${JSON.stringify(credentials, null, 3)}`);
} catch (e) {
console.log(`call error was ${e}`); <<<<<<----- Exception is caught here and 'e' is message shown above.
}
Possible Solution
No response
Additional Information/Context
No response
SDK version used
"aws-sdk": "^2.1387.0"
Environment details (OS name and version, etc.)
windows 10 Version 10.0.19045 Build 19045
Hi @scott-irwin ,
Sorry for the long wait. I'm able to confirm that this is a bug. I believe this is the offending line:
https://github.com/aws/aws-sdk-js/blob/95576944a3f7af2b6641597c1e48f06a72c8871b/lib/token/sso_token_provider.js#L125
profileName here is undefined. It should this.profile.
Additionally, there is a lot of references to sso-session which should not be required.
Reproduction steps:
config file:
[default]
output = json
region = us-east-1
[profile my-sso]
sso_region = us-east-1
sso_start_url = https://d-REDACTED.awsapps.com/start
sso_registration_scopes = sso:account:access
sso_account_id = REDACTED
sso_role_name = s3FullAccess
Using JS SDK v3 works as expected ✅ :
const { S3Client, ListBucketsCommand } = require("@aws-sdk/client-s3");
const { fromIni } = require("@aws-sdk/credential-providers")
const client = new S3Client({
region: 'us-east-1',
credentials: fromIni({
profile: "my-sso"
})
});
const command = new ListBucketsCommand({});
client.send(command)
.then(response => {
console.log(response)
})
.catch(error => {
console.error('Error:', error);
});
Go SDK v2 works as expected ✅ :
package main
import (
"context"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/config"
"github.com/aws/aws-sdk-go-v2/service/s3"
"log"
)
func main() {
cfg, err := config.LoadDefaultConfig(context.TODO(), config.WithRegion("us-east-1"), config.WithClientLogMode(aws.LogResponseWithBody), config.WithSharedConfigProfile("my-sso"))
if err != nil {
log.Fatalf("unable to load SDK config, %v", err)
}
client := s3.NewFromConfig(cfg)
out, err := client.ListBuckets(context.TODO(), &s3.ListBucketsInput{})
if err != nil {
panic(err)
}
fmt.Println(len(out.Buckets))
}
SDK v2's SSOTokenProvider is not working correctly ❌ :
const AWS = require("aws-sdk")
const s3 = new AWS.S3({
credentialProvider: new AWS.SSOTokenProvider({
profile: "my-sso"
})
})
s3.listBuckets({}, (err, data)=>{
if(err){
console.log(err)
}else {
console.log(data)
}
})
Will result in:
ReferenceError: profileName is not defined
at SSOTokenProvider.load (/Users/rvaknin/test_folder/5086/node_modules/aws-sdk/lib/token/sso_token_provider.js:125:33)
at SSOTokenProvider.coalesceRefresh (/Users/rvaknin/test_folder/5086/node_modules/aws-sdk/lib/token.js:178:12)
at SSOTokenProvider.refresh (/Users/rvaknin/test_folder/5086/node_modules/aws-sdk/lib/token/sso_token_provider.js:243:10)
at SSOTokenProvider.get (/Users/rvaknin/test_folder/5086/node_modules/aws-sdk/lib/token.js:97:12)
at new SSOTokenProvider (/Users/rvaknin/test_folder/5086/node_modules/aws-sdk/lib/token/sso_token_provider.js:99:10)
at Object.<anonymous> (/Users/rvaknin/test_folder/5086/v2sample.js:6:25)
at Module._compile (node:internal/modules/cjs/loader:1275:14)
at Module._extensions..js (node:internal/modules/cjs/loader:1329:10)
at Module.load (node:internal/modules/cjs/loader:1133:32)
at Module._load (node:internal/modules/cjs/loader:972:12)
and even after the fix with this.profile we still get sso session requirements:
SSOTokenProviderFailure: Sso session "undefined" not found
at SSOTokenProvider.load (/Users/rvaknin/test_folder/5086/node_modules/aws-sdk/lib/token/sso_token_provider.js:132:9)
at SSOTokenProvider.coalesceRefresh (/Users/rvaknin/test_folder/5086/node_modules/aws-sdk/lib/token.js:178:12)
at SSOTokenProvider.refresh (/Users/rvaknin/test_folder/5086/node_modules/aws-sdk/lib/token/sso_token_provider.js:239:10)
at SSOTokenProvider.get (/Users/rvaknin/test_folder/5086/node_modules/aws-sdk/lib/token.js:97:12)
at new SSOTokenProvider (/Users/rvaknin/test_folder/5086/node_modules/aws-sdk/lib/token/sso_token_provider.js:99:10)
at Object.<anonymous> (/Users/rvaknin/test_folder/5086/v2sample.js:6:25)
at Module._compile (node:internal/modules/cjs/loader:1275:14)
at Module._extensions..js (node:internal/modules/cjs/loader:1329:10)
at Module.load (node:internal/modules/cjs/loader:1133:32)
at Module._load (node:internal/modules/cjs/loader:972:12) {
code: 'SSOTokenProviderFailure',
time: 2023-08-22T22:54:33.988Z
}
The workaround is to remove the SSOTokenProvider from the code, and instead configure the sso profile via environment variables:
AWS_REGION=us-east-1 AWS_SDK_LOAD_CONFIG=1 AWS_PROFILE=my-sso node v2sample.js
I will discuss this with the team and see if we can fix this.
Thanks again, Ran~
Fixed in https://github.com/aws/aws-sdk-js/pull/4481, and published in https://github.com/aws/aws-sdk-js/releases/tag/v2.1445.0
