open-next-cdk
Version:
Deploy a NextJS app using OpenNext packaging to serverless AWS using CDK
40 lines (39 loc) • 1.78 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.clearCredentialCache = exports.getSigningKey = exports.createScope = void 0;
const util_hex_encoding_1 = require("@smithy/util-hex-encoding");
const util_utf8_1 = require("@smithy/util-utf8");
const constants_1 = require("./constants");
const signingKeyCache = {};
const cacheQueue = [];
const createScope = (shortDate, region, service) => `${shortDate}/${region}/${service}/${constants_1.KEY_TYPE_IDENTIFIER}`;
exports.createScope = createScope;
const getSigningKey = async (sha256Constructor, credentials, shortDate, region, service) => {
const credsHash = await hmac(sha256Constructor, credentials.secretAccessKey, credentials.accessKeyId);
const cacheKey = `${shortDate}:${region}:${service}:${(0, util_hex_encoding_1.toHex)(credsHash)}:${credentials.sessionToken}`;
if (cacheKey in signingKeyCache) {
return signingKeyCache[cacheKey];
}
cacheQueue.push(cacheKey);
while (cacheQueue.length > constants_1.MAX_CACHE_SIZE) {
delete signingKeyCache[cacheQueue.shift()];
}
let key = `AWS4${credentials.secretAccessKey}`;
for (const signable of [shortDate, region, service, constants_1.KEY_TYPE_IDENTIFIER]) {
key = await hmac(sha256Constructor, key, signable);
}
return (signingKeyCache[cacheKey] = key);
};
exports.getSigningKey = getSigningKey;
const clearCredentialCache = () => {
cacheQueue.length = 0;
Object.keys(signingKeyCache).forEach((cacheKey) => {
delete signingKeyCache[cacheKey];
});
};
exports.clearCredentialCache = clearCredentialCache;
const hmac = (ctor, secret, data) => {
const hash = new ctor(secret);
hash.update((0, util_utf8_1.toUint8Array)(data));
return hash.digest();
};