From 32e1e4488b0871bef1c85cf6b7402b466263b4e0 Mon Sep 17 00:00:00 2001
From: Otavio Macedo <288203+otaviomacedo@users.noreply.github.com>
Date: Thu, 14 Nov 2024 14:37:12 +0000
Subject: [PATCH] Grouped all assigments together

---
 .../aws-cdk/lib/api/aws-auth/awscli-compatible.ts | 10 ++++++----
 .../test/api/aws-auth/awscli-compatible.test.ts   | 15 ++++-----------
 2 files changed, 10 insertions(+), 15 deletions(-)

diff --git a/packages/aws-cdk/lib/api/aws-auth/awscli-compatible.ts b/packages/aws-cdk/lib/api/aws-auth/awscli-compatible.ts
index 146aa4ac3c57a..782a7a2222b11 100644
--- a/packages/aws-cdk/lib/api/aws-auth/awscli-compatible.ts
+++ b/packages/aws-cdk/lib/api/aws-auth/awscli-compatible.ts
@@ -182,14 +182,16 @@ function caBundlePathFromEnvironment(): string | undefined {
 function shouldPrioritizeEnv() {
   const id = process.env.AWS_ACCESS_KEY_ID || process.env.AMAZON_ACCESS_KEY_ID;
   const key = process.env.AWS_SECRET_ACCESS_KEY || process.env.AMAZON_SECRET_ACCESS_KEY;
-  const sessionToken = process.env.AWS_SESSION_TOKEN || process.env.AMAZON_SESSION_TOKEN;
-  if (sessionToken) {
-    process.env.AWS_SESSION_TOKEN = sessionToken;
-  }
 
   if (!!id && !!key) {
     process.env.AWS_ACCESS_KEY_ID = id;
     process.env.AWS_SECRET_ACCESS_KEY = key;
+
+    const sessionToken = process.env.AWS_SESSION_TOKEN ?? process.env.AMAZON_SESSION_TOKEN;
+    if (sessionToken) {
+      process.env.AWS_SESSION_TOKEN = sessionToken;
+    }
+
     return true;
   }
 
diff --git a/packages/aws-cdk/test/api/aws-auth/awscli-compatible.test.ts b/packages/aws-cdk/test/api/aws-auth/awscli-compatible.test.ts
index 7e11b83f468df..1c9ef12e45624 100644
--- a/packages/aws-cdk/test/api/aws-auth/awscli-compatible.test.ts
+++ b/packages/aws-cdk/test/api/aws-auth/awscli-compatible.test.ts
@@ -1,10 +1,12 @@
 import { AwsCliCompatible } from '../../../lib/api/aws-auth/awscli-compatible';
 
 describe('Session token', () => {
-  test('does not mess up with session token env variables if they are undefined', async () => {
+  beforeEach(() => {
     process.env.AWS_ACCESS_KEY_ID = 'foo';
-    process.env.SECRET_ACCESS_KEY = 'bar';
+    process.env.AWS_SECRET_ACCESS_KEY = 'bar';
+  });
 
+  test('does not mess up with session token env variables if they are undefined', async () => {
     // Making sure these variables are not defined
     delete process.env.AWS_SESSION_TOKEN;
     delete process.env.AMAZON_SESSION_TOKEN;
@@ -15,9 +17,6 @@ describe('Session token', () => {
   });
 
   test('preserves AWS_SESSION_TOKEN if it is defined', async () => {
-    process.env.AWS_ACCESS_KEY_ID = 'foo';
-    process.env.SECRET_ACCESS_KEY = 'bar';
-
     process.env.AWS_SESSION_TOKEN = 'aaa';
     delete process.env.AMAZON_SESSION_TOKEN;
 
@@ -27,9 +26,6 @@ describe('Session token', () => {
   });
 
   test('assigns AWS_SESSION_TOKEN if it is not defined but AMAZON_SESSION_TOKEN is', async () => {
-    process.env.AWS_ACCESS_KEY_ID = 'foo';
-    process.env.SECRET_ACCESS_KEY = 'bar';
-
     delete process.env.AWS_SESSION_TOKEN;
     process.env.AMAZON_SESSION_TOKEN = 'aaa';
 
@@ -39,9 +35,6 @@ describe('Session token', () => {
   });
 
   test('preserves AWS_SESSION_TOKEN if both are defined', async () => {
-    process.env.AWS_ACCESS_KEY_ID = 'foo';
-    process.env.SECRET_ACCESS_KEY = 'bar';
-
     process.env.AWS_SESSION_TOKEN = 'aaa';
     process.env.AMAZON_SESSION_TOKEN = 'bbb';