fix(api-rest): refactor ajax method to not relying on side effects (#…

…11498) * fix(api-rest): refactor ajax method to not relying on side effects the previous Signer.sign() implementation not only returns signed request, but also sets the signed headers to input request. The recent refactor makes it side-effect-less. However this change breaks RestClient.ajax() clock skew correction which relies on the x-amz-date header set by signer to the input request object to indicate the current client side time. this fix resolves #11480
aws-amplify · Jul 24, 2023 · a3c6f73 · a3c6f73
1 parent 000820d
commit a3c6f73
Show file tree

Hide file tree

Showing 2 changed files with 66 additions and 89 deletions.
diff --git a/packages/api-rest/__tests__/RestAPI-test.ts b/packages/api-rest/__tests__/RestAPI-test.ts
@@ -5,6 +5,8 @@ import { Signer, Credentials, DateUtils } from '@aws-amplify/core';
 
 jest.mock('axios');
 
+const mockAxios = jest.spyOn(axios as any, 'default');
+
 axios.CancelToken = <CancelTokenStatic>{
 	source: () => ({ token: null, cancel: null }),
 };
@@ -28,6 +30,7 @@ const config = {
 
 afterEach(() => {
 	jest.restoreAllMocks();
+	mockAxios.mockClear();
 });
 
 describe('Rest API test', () => {
@@ -166,19 +169,11 @@ describe('Rest API test', () => {
 			api.configure(custom_config);
 			const spyon = jest
 				.spyOn(Credentials, 'get')
-				.mockImplementationOnce(() => {
-					return new Promise((res, rej) => {
-						res('cred');
-					});
-				});
+				.mockResolvedValueOnce('cred');
 
 			const spyonRequest = jest
 				.spyOn(RestClient.prototype as any, '_request')
-				.mockImplementationOnce(() => {
-					return new Promise((res, rej) => {
-						res({});
-					});
-				});
+				.mockResolvedValueOnce({});
 			await api.get('apiName', 'path', {});
 
 			expect(spyonRequest).toBeCalledWith(
@@ -221,25 +216,15 @@ describe('Rest API test', () => {
 				session_token: 'token',
 			};
 
-			const spyon = jest.spyOn(Credentials, 'get').mockImplementation(() => {
-				return new Promise((res, rej) => {
-					res(creds);
-				});
-			});
+			const spyon = jest.spyOn(Credentials, 'get').mockResolvedValue(creds);
 
 			const spyonSigner = jest
 				.spyOn(Signer, 'sign')
 				.mockImplementationOnce(() => {
 					return { headers: {} };
 				});
 
-			const spyAxios = jest
-				.spyOn(axios as any, 'default')
-				.mockImplementationOnce(() => {
-					return new Promise((res, rej) => {
-						res(resp);
-					});
-				});
+			mockAxios.mockResolvedValue(resp);
 
 			const init = {
 				timeout: 2500,
@@ -297,13 +282,7 @@ describe('Rest API test', () => {
 					return { headers: {} };
 				});
 
-			const spyAxios = jest
-				.spyOn(axios as any, 'default')
-				.mockImplementationOnce(() => {
-					return new Promise((res, rej) => {
-						res(resp);
-					});
-				});
+			mockAxios.mockResolvedValue(resp);
 
 			const init = {
 				queryStringParameters: {
@@ -363,13 +342,7 @@ describe('Rest API test', () => {
 					return { headers: {} };
 				});
 
-			const spyAxios = jest
-				.spyOn(axios as any, 'default')
-				.mockImplementationOnce(() => {
-					return new Promise((res, rej) => {
-						res(resp);
-					});
-				});
+			mockAxios.mockResolvedValue(resp);
 
 			const init = {
 				queryStringParameters: {
@@ -429,13 +402,7 @@ describe('Rest API test', () => {
 					return { headers: {} };
 				});
 
-			const spyAxios = jest
-				.spyOn(axios as any, 'default')
-				.mockImplementationOnce(() => {
-					return new Promise((res, rej) => {
-						res(resp);
-					});
-				});
+			mockAxios.mockResolvedValue(resp);
 
 			const init = {
 				queryStringParameters: {
@@ -557,19 +524,31 @@ describe('Rest API test', () => {
 				.mockImplementation(() => 'endpoint');
 
 			jest.spyOn(Credentials, 'get').mockResolvedValue('creds');
-
-			jest
-				.spyOn(RestClient.prototype as any, '_signed')
-				.mockRejectedValueOnce(normalError);
+			jest.spyOn(RestClient.prototype as any, '_sign').mockReturnValue({
+				...init,
+				headers: { ...init.headers, Authorization: 'signed' },
+			});
+			mockAxios.mockImplementationOnce(() => {
+				return new Promise((_, rej) => {
+					rej(normalError);
+				});
+			});
 
 			await expect(api.post('url', 'path', init)).rejects.toThrow(normalError);
 
 			// Clock should not be skewed from normal errors
 			expect(DateUtils.getClockOffset()).toBe(0);
 
-			jest
-				.spyOn(RestClient.prototype as any, '_signed')
-				.mockRejectedValueOnce(clockSkewError);
+			// mock clock skew error response and successful response after retry
+			mockAxios
+				.mockImplementationOnce(() => {
+					return new Promise((_, rej) => {
+						rej(clockSkewError);
+					});
+				})
+				.mockResolvedValue({
+					data: [{ name: 'Bob' }],
+				});
 
 			await expect(api.post('url', 'path', init)).resolves.toEqual([
 				{ name: 'Bob' },

diff --git a/packages/api-rest/src/RestClient.ts b/packages/api-rest/src/RestClient.ts
@@ -171,39 +171,42 @@ export class RestClient {
 			return this._request(params, isAllResponse);
 		}
 
-		// Signing the request in case there credentials are available
-		return this.Credentials.get().then(
-			credentials => {
-				return this._signed({ ...params }, credentials, isAllResponse, {
-					region,
-					service,
-				}).catch(error => {
-					if (DateUtils.isClockSkewError(error)) {
-						const { headers } = error.response;
-						const dateHeader = headers && (headers.date || headers.Date);
-						const responseDate = new Date(dateHeader);
-						const requestDate = DateUtils.getDateFromHeaderString(
-							params.headers['x-amz-date']
-						);
-
-						// Compare local clock to the server clock
-						if (DateUtils.isClockSkewed(responseDate)) {
-							DateUtils.setClockOffset(
-								responseDate.getTime() - requestDate.getTime()
-							);
-
-							return this.ajax(urlOrApiInfo, method, init);
-						}
-					}
-
-					throw error;
-				});
-			},
-			err => {
-				logger.debug('No credentials available, the request will be unsigned');
-				return this._request(params, isAllResponse);
+		let credentials;
+		try {
+			credentials = await this.Credentials.get();
+		} catch (error) {
+			logger.debug('No credentials available, the request will be unsigned');
+			return this._request(params, isAllResponse);
+		}
+		let signedParams;
+		try {
+			signedParams = this._sign({ ...params }, credentials, {
+				region,
+				service,
+			});
+			const response = await axios(signedParams);
+			return isAllResponse ? response : response.data;
+		} catch (error) {
+			logger.debug(error);
+			if (DateUtils.isClockSkewError(error)) {
+				const { headers } = error.response;
+				const dateHeader = headers && (headers.date || headers.Date);
+				const responseDate = new Date(dateHeader);
+				const requestDate = DateUtils.getDateFromHeaderString(
+					signedParams.headers['x-amz-date']
+				);
+
+				// Compare local clock to the server clock
+				if (DateUtils.isClockSkewed(responseDate)) {
+					DateUtils.setClockOffset(
+						responseDate.getTime() - requestDate.getTime()
+					);
+
+					return this.ajax(urlOrApiInfo, method, init);
+				}
 			}
-		);
+			throw error;
+		}
 	}
 
 	/**
@@ -356,7 +359,7 @@ export class RestClient {
 
 	/** private methods **/
 
-	private _signed(params, credentials, isAllResponse, { service, region }) {
+	private _sign(params, credentials, { service, region }) {
 		const { signerServiceInfo: signerServiceInfoParams, ...otherParams } =
 			params;
 
@@ -391,12 +394,7 @@ export class RestClient {
 
 		delete signed_params.headers['host'];
 
-		return axios(signed_params)
-			.then(response => (isAllResponse ? response : response.data))
-			.catch(error => {
-				logger.debug(error);
-				throw error;
-			});
+		return signed_params;
 	}
 
 	private _request(params, isAllResponse = false) {