From 7fd1e1a3c32b49eafecb28e562af3eebcd893246 Mon Sep 17 00:00:00 2001
From: Quan HL <quan.luuhoang8@gmail.com>
Date: Mon, 29 Jul 2024 18:18:37 +0700
Subject: [PATCH] allow configure STS session expiry

---
 lib/get-aws-sts-token.js | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/lib/get-aws-sts-token.js b/lib/get-aws-sts-token.js
index 4d9340e..018670e 100644
--- a/lib/get-aws-sts-token.js
+++ b/lib/get-aws-sts-token.js
@@ -1,7 +1,9 @@
 const { STSClient, GetSessionTokenCommand, AssumeRoleCommand } = require('@aws-sdk/client-sts');
 const {makeAwsKey, noopLogger} = require('./utils');
 const debug = require('debug')('jambonz:speech-utils');
-const EXPIRY = 3600;
+const EXPIRY = process.env.AWS_STS_SESSION_DURATION || 3600;
+// by default reset aws session before expiry time 10 mins
+const CACHE_EXPIRY = process.env.AWS_STS_SESSION_RESET_EXPIRY || (EXPIRY - 600);
 
 async function getAwsAuthToken(
   logger, createHash, retrieveHash,
@@ -39,8 +41,7 @@ async function getAwsAuthToken(
       securityToken: data.Credentials.SessionToken
     };
 
-    /* expire 10 minutes before the hour, so we don't lose the use of it during a call */
-    createHash(key, credentials, EXPIRY - 600)
+    createHash(key, credentials, CACHE_EXPIRY)
       .catch((err) => logger.error(err, `Error saving hash for key ${key}`));
 
     return {...credentials, servedFromCache: false};