Skip to content

Commit 12e966a

Browse files
jeskewjeskew
committed
Avoid merging profiles
1 parent 79ebbd0 commit 12e966a

File tree

2 files changed

+27
-13
lines changed

2 files changed

+27
-13
lines changed

lib/credentials/shared_ini_file_credentials.js

Lines changed: 4 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
var AWS = require('../core');
22
var path = require('path');
33
var SharedIniFile = require('../shared_ini');
4-
require('../../clients/sts');
4+
var STS = require('../../clients/sts');
55

66
/**
77
* Represents credentials loaded from shared credentials file
@@ -87,11 +87,8 @@ AWS.SharedIniFileCredentials = AWS.util.inherit(AWS.Credentials, {
8787
filename: this.filename ||
8888
(process.env[AWS.util.configOptInEnv] && process.env[AWS.util.sharedCredentialsFileEnv])
8989
});
90-
for (var i = 0, availableProfiles = creds.getProfiles(); i < availableProfiles.length; i++) {
91-
profiles[availableProfiles[i]] = AWS.util.merge(
92-
profiles[availableProfiles[i]] || {},
93-
creds.getProfile(availableProfiles[i])
94-
);
90+
for (i = 0, availableProfiles = creds.getProfiles(); i < availableProfiles.length; i++) {
91+
profiles[availableProfiles[i]] = creds.getProfile(availableProfiles[i]);
9592
}
9693
var profile = profiles[this.profile] || {};
9794

@@ -176,7 +173,7 @@ AWS.SharedIniFileCredentials = AWS.util.inherit(AWS.Credentials, {
176173
);
177174
}
178175

179-
var sts = new AWS.STS({
176+
var sts = new STS({
180177
credentials: new AWS.Credentials(sourceCredentials)
181178
});
182179

test/credentials.spec.coffee

Lines changed: 23 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -295,6 +295,23 @@ if AWS.util.isNode()
295295
expect(creds.secretAccessKey).to.equal('secret')
296296
expect(creds.sessionToken).to.equal('session')
297297

298+
it 'will not merge profiles across the config and credentials file', ->
299+
process.env.AWS_SDK_LOAD_CONFIG = '1'
300+
helpers.spyOn(AWS.util, 'readFileSync').andCallFake (path) ->
301+
if path.match(/[\/\\]home[\/\\]user[\/\\].aws[\/\\]credentials/)
302+
'''
303+
[default]
304+
aws_access_key_id = AKIAIOSFODNN7EXAMPLE
305+
'''
306+
else
307+
'''
308+
[default]
309+
aws_secret_access_key = wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
310+
'''
311+
312+
creds = new AWS.SharedIniFileCredentials()
313+
creds.get((err, data) -> expect(err).to.be.defined);
314+
298315
it 'loads credentials from ~/.aws/credentials if AWS_SDK_LOAD_CONFIG is not set', ->
299316
process.env.AWS_SHARED_CREDENTIALS_FILE = '/path/to/aws/credentials'
300317
mock = '''
@@ -514,11 +531,11 @@ if AWS.util.isNode()
514531
</AssumeRoleResponse>
515532
'''
516533
creds = new AWS.SharedIniFileCredentials()
517-
stsCtorSpy = helpers.spyOn(AWS, 'STS').andCallThrough()
534+
credsCtorSpy = helpers.spyOn(AWS, 'Credentials').andCallThrough()
518535
expect(creds.roleArn).to.equal('arn')
519536
creds.refresh (err) ->
520-
expect(stsCtorSpy.calls.length).to.equal(1)
521-
sourceCreds = stsCtorSpy.calls[0].arguments[0].credentials
537+
expect(credsCtorSpy.calls.length).to.equal(1)
538+
sourceCreds = credsCtorSpy.calls[0].arguments[0]
522539
expect(sourceCreds.accessKeyId).to.equal('akid')
523540
expect(sourceCreds.secretAccessKey).to.equal('secret')
524541

@@ -556,11 +573,11 @@ if AWS.util.isNode()
556573
</AssumeRoleResponse>
557574
'''
558575
creds = new AWS.SharedIniFileCredentials()
559-
stsCtorSpy = helpers.spyOn(AWS, 'STS').andCallThrough()
576+
credsCtorSpy = helpers.spyOn(AWS, 'Credentials').andCallThrough()
560577
expect(creds.roleArn).to.equal('arn')
561578
creds.refresh (err) ->
562-
expect(stsCtorSpy.calls.length).to.equal(1)
563-
sourceCreds = stsCtorSpy.calls[0].arguments[0].credentials
579+
expect(credsCtorSpy.calls.length).to.equal(1)
580+
sourceCreds = credsCtorSpy.calls[0].arguments[0]
564581
expect(sourceCreds.accessKeyId).to.equal('akid')
565582
expect(sourceCreds.secretAccessKey).to.equal('secret')
566583

0 commit comments

Comments
 (0)