aws-sdk-js-v3
aws-sdk-js-v3 copied to clipboard
aws
(@aws-sdk/cloudfront-signer) getSignedCookies does not work with Policy
Checkboxes for prior research
- [X] I've gone through Developer Guide and API reference
- [X] I've checked AWS Forums and StackOverflow.
- [X] I've searched for previous similar issues and didn't find any solution.
Describe the bug
CloudfrontSignInputWithPolicy Ts definition is not accurate.
In reference to issue, solution Proposed by Yenfry doesn't work as when passing policy and not providing url in getSignedCookies method I'm getting ts error.
SDK version number
@aws-sdk/cloudfront-signer: ^3.521.0
Which JavaScript Runtime is this issue in?
Node.js
Details of the browser/Node.js/ReactNative version
v20.11.0
Reproduction Steps
const privateKey = readFileSync('./private_key.pem');
const keyPairId = 'KEY-PAIR-ID';
const policy = {
'Statement': [
{
'Resource': cloudfrontDistributionDomain + '/*',
'Condition': {
'DateLessThan': {
'AWS:EpochTime': Date.now(),
},
},
},
],
};
const policyString = JSON.stringify(policy);
const signedUrl = getSignedCookies({
keyPairId,
privateKey,
policy: policyString,
});
Observed Behavior
On implementin same I'm getting ts error
Argument of type '{ keyPairId: string; privateKey: Buffer; policy: string; }' is not assignable to parameter of type 'CloudfrontSignInput'. Type '{ keyPairId: string; privateKey: Buffer; policy: string; }' is not assignable to type 'CloudfrontSignInputWithPolicy'. Property 'url' is missing in type '{ keyPairId: string; privateKey: Buffer; policy: string; }' but required in type 'CloudfrontSignInputBase'.ts(2345) sign.d.ts(6, 5): 'url' is declared here.
Expected Behavior
If I'm passing policy, url should not be mandatory in Ts definition.
Possible Solution
On modifying ts definition getSignedCookies function works perfectly fine.
I've removed url from CloudfrontSignInputBase and added it to CloudfrontSignInputWithParameters.
After doing this getSignedCookies works like a charm
Here is modified ts definition of CloudfrontSignInputWithParameters
export interface CloudfrontSignInputBase {
/** The ID of the Cloudfront key pair. */
keyPairId: string;
/** The content of the Cloudfront private key. */
privateKey: string | Buffer;
/** The passphrase of RSA-SHA1 key*/
passphrase?: string;
/** The date string for when the signed URL or cookie can no longer be accessed. */
dateLessThan?: string;
/** The IP address string to restrict signed URL access to. */
ipAddress?: string;
/** The date string for when the signed URL or cookie can start to be accessed. */
dateGreaterThan?: string;
}
export type CloudfrontSignInputWithParameters = CloudfrontSignInputBase & {
/** The date string for when the signed URL or cookie can no longer be accessed */
dateLessThan: string;
/** For this type policy should not be provided. */
policy?: never;
/** The URL string to sign. */
url: string;
};
Additional Information/Context
No response
