diff --git a/lib/get-aws-sts-token.js b/lib/get-aws-sts-token.js index 7bb7ef5..ebac562 100644 --- a/lib/get-aws-sts-token.js +++ b/lib/get-aws-sts-token.js @@ -5,27 +5,27 @@ const EXPIRY = 3600; async function getAwsAuthToken( logger, createHash, retrieveHash, - awsAccessKeyId, awsSecretAccessKey, awsRegion, roleArn = null) { + {accessKeyId, secretAccessKey, region, RoleArn}) { logger = logger || noopLogger; try { - const key = makeAwsKey(roleArn || awsAccessKeyId); + const key = makeAwsKey(roleArn || accessKeyId); const obj = await retrieveHash(key); if (obj) return {...obj, servedFromCache: true}; let data; - if (roleArn) { - const stsClient = new STSClient({ region: awsRegion}); - const roleToAssume = { RoleArn: roleArn, RoleSessionName: 'Jambonz_Speech', DurationSeconds: EXPIRY}; + if (RoleArn) { + const stsClient = new STSClient({ region }); + const roleToAssume = { RoleArn, RoleSessionName: 'Jambonz_Speech', DurationSeconds: EXPIRY}; const command = new AssumeRoleCommand(roleToAssume); data = await stsClient.send(command); } else { /* access token not found in cache, so generate it using STS */ const stsClient = new STSClient({ - region: awsRegion, + region, credentials: { - accessKeyId: awsAccessKeyId, - secretAccessKey: awsSecretAccessKey, + accessKeyId, + secretAccessKey, } }); const command = new GetSessionTokenCommand({DurationSeconds: EXPIRY}); diff --git a/lib/get-tts-voices.js b/lib/get-tts-voices.js index 2f33899..c17c4c8 100644 --- a/lib/get-tts-voices.js +++ b/lib/get-tts-voices.js @@ -107,7 +107,13 @@ const getAwsVoices = async(_client, createHash, retrieveHash, logger, credential } else if (roleArn) { client = new PollyClient({ region, - credentials: await getAwsAuthToken(logger, createHash, retrieveHash, null, null, region, roleArn), + credentials: await getAwsAuthToken( + logger, createHash, retrieveHash, { + accessKeyId: null, + secretAccessKey: null, + region, + RoleArn: roleArn + }), }); } else { client = new PollyClient({region}); diff --git a/lib/synth-audio.js b/lib/synth-audio.js index 3fddffe..715f7b8 100644 --- a/lib/synth-audio.js +++ b/lib/synth-audio.js @@ -281,7 +281,14 @@ const synthPolly = async(createHash, retrieveHash, logger, } else if (roleArn) { polly = new PollyClient({ region, - credentials: await getAwsAuthToken(logger, createHash, retrieveHash, null, null, region, roleArn), + credentials: await getAwsAuthToken( + logger, createHash, retrieveHash, + { + accessKeyId: null, + secretAccessKey: null, + region, + RoleArn: roleArn + }), }); } else { // AWS RoleArn assigned to Instance profile diff --git a/test/aws.js b/test/aws.js index f4671a1..916d6d7 100644 --- a/test/aws.js +++ b/test/aws.js @@ -19,12 +19,20 @@ test('AWS - create and cache auth token', async(t) => { return; } try { - let obj = await getAwsAuthToken(process.env.AWS_ACCESS_KEY_ID, process.env.AWS_SECRET_ACCESS_KEY, process.env.AWS_REGION); + let obj = await getAwsAuthToken({ + accessKeyId: process.env.AWS_ACCESS_KEY_ID, + secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY, + region: process.env.AWS_REGION + }); //console.log({obj}, 'received auth token from AWS'); t.ok(obj.securityToken && !obj.servedFromCache, 'successfullY generated auth token from AWS'); await sleep(250); - obj = await getAwsAuthToken(process.env.AWS_ACCESS_KEY_ID, process.env.AWS_SECRET_ACCESS_KEY, process.env.AWS_REGION); + obj = await getAwsAuthToken({ + accessKeyId: process.env.AWS_ACCESS_KEY_ID, + secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY, + region: process.env.AWS_REGION + }); //console.log({obj}, 'received auth token from AWS - second request'); t.ok(obj.securityToken && obj.servedFromCache, 'successfully received access token from cache');