add integration in AWS environment tests

baileympearson · baileympearson · commit 191bc4a5a540 · 2024-03-27T12:00:07.000-06:00
diff --git a/test/integration/auth/mongodb_aws.test.ts b/test/integration/auth/mongodb_aws.test.ts
@@ -5,6 +5,7 @@ import * as http from 'http';
 import { performance } from 'perf_hooks';
 import * as sinon from 'sinon';
 
+import { KMSCredentialProvider } from '../../../src/client-side-encryption/providers';
 import {
   AWSTemporaryCredentialProvider,
   MongoAWSError,
@@ -14,14 +15,6 @@ import {
   MongoServerError
 } from '../../mongodb';
 
-function awsSdk() {
-  try {
-    return require('@aws-sdk/credential-providers');
-  } catch {
-    return null;
-  }
-}
-
 describe('MONGODB-AWS', function () {
   let awsSdkPresent;
   let client: MongoClient;
@@ -39,7 +32,7 @@ describe('MONGODB-AWS', function () {
       `Always inform the AWS tests if they run with or without the SDK (MONGODB_AWS_SDK=${MONGODB_AWS_SDK})`
     ).to.include(MONGODB_AWS_SDK);
 
-    awsSdkPresent = !!awsSdk();
+    awsSdkPresent = AWSTemporaryCredentialProvider.isAWSSDKInstalled;
     expect(
       awsSdkPresent,
       MONGODB_AWS_SDK === 'true'
@@ -244,8 +237,10 @@ describe('MONGODB-AWS', function () {
 
         const envCheck = () => {
           const { AWS_WEB_IDENTITY_TOKEN_FILE = '' } = process.env;
-          credentialProvider = awsSdk();
-          return AWS_WEB_IDENTITY_TOKEN_FILE.length === 0 || credentialProvider == null;
+          return (
+            AWS_WEB_IDENTITY_TOKEN_FILE.length === 0 ||
+            !AWSTemporaryCredentialProvider.isAWSSDKInstalled
+          );
         };
 
         beforeEach(function () {
@@ -255,6 +250,9 @@ describe('MONGODB-AWS', function () {
             return this.skip();
           }
 
+          // @ts-expect-error We intentionally access a protected variable.
+          credentialProvider = AWSTemporaryCredentialProvider.awsSDK;
+
           storedEnv = process.env;
           if (test.env.AWS_STS_REGIONAL_ENDPOINTS === undefined) {
             delete process.env.AWS_STS_REGIONAL_ENDPOINTS;
@@ -324,3 +322,37 @@ describe('MONGODB-AWS', function () {
     }
   });
 });
+
+describe('AWS KMS Credential Fetching', function () {
+  context('when the AWS SDK is not installed', function () {
+    beforeEach(function () {
+      if (AWSTemporaryCredentialProvider.isAWSSDKInstalled) {
+        this.currentTest.skipReason =
+          'This test must run in an environment where the AWS SDK is not installed.';
+        this.skip();
+      }
+    });
+    it('fetching AWS KMS credentials throws an error', async function () {
+      const error = await new KMSCredentialProvider({ aws: {} }).refreshCredentials().catch(e => e);
+
+      expect(error).to.be.instanceOf(MongoAWSError);
+    });
+  });
+
+  context('when the AWS SDK is installed', function () {
+    beforeEach(function () {
+      if (!AWSTemporaryCredentialProvider.isAWSSDKInstalled) {
+        this.currentTest.skipReason =
+          'This test must run in an environment where the AWS SDK is installed.';
+        this.skip();
+      }
+    });
+    it('KMS credentials are successfully fetched.', async function () {
+      const { aws } = await new KMSCredentialProvider({ aws: {} }).refreshCredentials();
+
+      expect(aws).to.have.property('accessKeyId');
+      expect(aws).to.have.property('secretAccessKey');
+      expect(aws).to.have.property('sessionToken');
+    });
+  });
+});
