More unit tests

aws · Nov 14, 2024 · bb30e79 · bb30e79
1 parent cdb4118
commit bb30e79
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 17 deletions.
diff --git a/packages/aws-cdk/lib/api/aws-auth/awscli-compatible.ts b/packages/aws-cdk/lib/api/aws-auth/awscli-compatible.ts
@@ -182,7 +182,7 @@ function caBundlePathFromEnvironment(): string | undefined {
 function shouldPrioritizeEnv() {
   const id = process.env.AWS_ACCESS_KEY_ID || process.env.AMAZON_ACCESS_KEY_ID;
   const key = process.env.AWS_SECRET_ACCESS_KEY || process.env.AMAZON_SECRET_ACCESS_KEY;
- const sessionToken = process.env.AWS_SESSION_TOKEN || process.env.AMAZON_SESSION_TOKEN;
+  const sessionToken = process.env.AWS_SESSION_TOKEN || process.env.AMAZON_SESSION_TOKEN;
   if (sessionToken) {
     process.env.AWS_SESSION_TOKEN = sessionToken;
   }

diff --git a/packages/aws-cdk/test/api/aws-auth/awscli-compatible.test.ts b/packages/aws-cdk/test/api/aws-auth/awscli-compatible.test.ts
@@ -1,26 +1,52 @@
 import { AwsCliCompatible } from '../../../lib/api/aws-auth/awscli-compatible';
 
-test('does not mess up with session token env variables if they are undefined', async () => {
-  process.env.AWS_ACCESS_KEY_ID = 'foo';
-  process.env.SECRET_ACCESS_KEY = 'bar';
+describe('Session token', () => {
+  test('does not mess up with session token env variables if they are undefined', async () => {
+    process.env.AWS_ACCESS_KEY_ID = 'foo';
+    process.env.SECRET_ACCESS_KEY = 'bar';
 
-  // Making sure these variables are not defined
-  delete process.env.AWS_SESSION_TOKEN;
-  delete process.env.AMAZON_SESSION_TOKEN;
+    // Making sure these variables are not defined
+    delete process.env.AWS_SESSION_TOKEN;
+    delete process.env.AMAZON_SESSION_TOKEN;
 
-  await AwsCliCompatible.credentialChainBuilder();
+    await AwsCliCompatible.credentialChainBuilder();
 
-  expect(process.env.AWS_SESSION_TOKEN).toBeUndefined();
-});
+    expect(process.env.AWS_SESSION_TOKEN).toBeUndefined();
+  });
 
-test('preserves session token env variables if they are defined', async () => {
-  process.env.AWS_ACCESS_KEY_ID = 'foo';
-  process.env.SECRET_ACCESS_KEY = 'bar';
+  test('preserves AWS_SESSION_TOKEN if it is defined', async () => {
+    process.env.AWS_ACCESS_KEY_ID = 'foo';
+    process.env.SECRET_ACCESS_KEY = 'bar';
 
-  process.env.AWS_SESSION_TOKEN = 'aaa';
-  process.env.AMAZON_SESSION_TOKEN = 'bbb';
+    process.env.AWS_SESSION_TOKEN = 'aaa';
+    delete process.env.AMAZON_SESSION_TOKEN;
 
-  await AwsCliCompatible.credentialChainBuilder();
+    await AwsCliCompatible.credentialChainBuilder();
 
-  expect(process.env.AWS_SESSION_TOKEN).toEqual('aaa');
+    expect(process.env.AWS_SESSION_TOKEN).toEqual('aaa');
+  });
+
+  test('assigns AWS_SESSION_TOKEN if it is not defined but AMAZON_SESSION_TOKEN is', async () => {
+    process.env.AWS_ACCESS_KEY_ID = 'foo';
+    process.env.SECRET_ACCESS_KEY = 'bar';
+
+    delete process.env.AWS_SESSION_TOKEN;
+    process.env.AMAZON_SESSION_TOKEN = 'aaa';
+
+    await AwsCliCompatible.credentialChainBuilder();
+
+    expect(process.env.AWS_SESSION_TOKEN).toEqual('aaa');
+  });
+
+  test('preserves AWS_SESSION_TOKEN if both are defined', async () => {
+    process.env.AWS_ACCESS_KEY_ID = 'foo';
+    process.env.SECRET_ACCESS_KEY = 'bar';
+
+    process.env.AWS_SESSION_TOKEN = 'aaa';
+    process.env.AMAZON_SESSION_TOKEN = 'bbb';
+
+    await AwsCliCompatible.credentialChainBuilder();
+
+    expect(process.env.AWS_SESSION_TOKEN).toEqual('aaa');
+  });
 });