From 191bc4a5a540167189addbc4b56aeffc983ce454 Mon Sep 17 00:00:00 2001 From: Bailey Pearson Date: Wed, 27 Mar 2024 11:49:57 -0600 Subject: [PATCH] add integration in AWS environment tests --- test/integration/auth/mongodb_aws.test.ts | 54 ++++++++++++++++++----- 1 file changed, 43 insertions(+), 11 deletions(-) diff --git a/test/integration/auth/mongodb_aws.test.ts b/test/integration/auth/mongodb_aws.test.ts index a96ed91d53d..8ed0bc2cad5 100644 --- a/test/integration/auth/mongodb_aws.test.ts +++ b/test/integration/auth/mongodb_aws.test.ts @@ -5,6 +5,7 @@ import * as http from 'http'; import { performance } from 'perf_hooks'; import * as sinon from 'sinon'; +import { KMSCredentialProvider } from '../../../src/client-side-encryption/providers'; import { AWSTemporaryCredentialProvider, MongoAWSError, @@ -14,14 +15,6 @@ import { MongoServerError } from '../../mongodb'; -function awsSdk() { - try { - return require('@aws-sdk/credential-providers'); - } catch { - return null; - } -} - describe('MONGODB-AWS', function () { let awsSdkPresent; let client: MongoClient; @@ -39,7 +32,7 @@ describe('MONGODB-AWS', function () { `Always inform the AWS tests if they run with or without the SDK (MONGODB_AWS_SDK=${MONGODB_AWS_SDK})` ).to.include(MONGODB_AWS_SDK); - awsSdkPresent = !!awsSdk(); + awsSdkPresent = AWSTemporaryCredentialProvider.isAWSSDKInstalled; expect( awsSdkPresent, MONGODB_AWS_SDK === 'true' @@ -244,8 +237,10 @@ describe('MONGODB-AWS', function () { const envCheck = () => { const { AWS_WEB_IDENTITY_TOKEN_FILE = '' } = process.env; - credentialProvider = awsSdk(); - return AWS_WEB_IDENTITY_TOKEN_FILE.length === 0 || credentialProvider == null; + return ( + AWS_WEB_IDENTITY_TOKEN_FILE.length === 0 || + !AWSTemporaryCredentialProvider.isAWSSDKInstalled + ); }; beforeEach(function () { @@ -255,6 +250,9 @@ describe('MONGODB-AWS', function () { return this.skip(); } + // @ts-expect-error We intentionally access a protected variable. + credentialProvider = AWSTemporaryCredentialProvider.awsSDK; + storedEnv = process.env; if (test.env.AWS_STS_REGIONAL_ENDPOINTS === undefined) { delete process.env.AWS_STS_REGIONAL_ENDPOINTS; @@ -324,3 +322,37 @@ describe('MONGODB-AWS', function () { } }); }); + +describe('AWS KMS Credential Fetching', function () { + context('when the AWS SDK is not installed', function () { + beforeEach(function () { + if (AWSTemporaryCredentialProvider.isAWSSDKInstalled) { + this.currentTest.skipReason = + 'This test must run in an environment where the AWS SDK is not installed.'; + this.skip(); + } + }); + it('fetching AWS KMS credentials throws an error', async function () { + const error = await new KMSCredentialProvider({ aws: {} }).refreshCredentials().catch(e => e); + + expect(error).to.be.instanceOf(MongoAWSError); + }); + }); + + context('when the AWS SDK is installed', function () { + beforeEach(function () { + if (!AWSTemporaryCredentialProvider.isAWSSDKInstalled) { + this.currentTest.skipReason = + 'This test must run in an environment where the AWS SDK is installed.'; + this.skip(); + } + }); + it('KMS credentials are successfully fetched.', async function () { + const { aws } = await new KMSCredentialProvider({ aws: {} }).refreshCredentials(); + + expect(aws).to.have.property('accessKeyId'); + expect(aws).to.have.property('secretAccessKey'); + expect(aws).to.have.property('sessionToken'); + }); + }); +});