fix(credential-providers): undefined safety for returning creds object

siddsriv · siddsriv · commit 671c5f6acf83 · 2024-06-20T20:13:14.000Z
diff --git a/clients/client-sts/src/defaultStsRoleAssumers.ts b/clients/client-sts/src/defaultStsRoleAssumers.ts
@@ -100,8 +100,8 @@ export const getDefaultRoleAssumer = (
       sessionToken: Credentials.SessionToken,
       expiration: Credentials.Expiration,
       // TODO(credentialScope): access normally when shape is updated.
-      credentialScope: (Credentials as any).CredentialScope,
-      accountId,
+      ...((Credentials as any).CredentialScope && { credentialScope: (Credentials as any).CredentialScope }),
+      ...(accountId && { accountId }),
     };
   };
 };
@@ -157,8 +157,8 @@ export const getDefaultRoleAssumerWithWebIdentity = (
       sessionToken: Credentials.SessionToken,
       expiration: Credentials.Expiration,
       // TODO(credentialScope): access normally when shape is updated.
-      credentialScope: (Credentials as any).CredentialScope,
-      accountId,
+      ...((Credentials as any).CredentialScope && { credentialScope: (Credentials as any).CredentialScope }),
+      ...(accountId && { accountId }),
     };
   };
 };
diff --git a/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultStsRoleAssumers.ts b/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/sts-client-defaultStsRoleAssumers.ts
@@ -97,8 +97,8 @@ export const getDefaultRoleAssumer = (
       sessionToken: Credentials.SessionToken,
       expiration: Credentials.Expiration,
       // TODO(credentialScope): access normally when shape is updated.
-      credentialScope: (Credentials as any).CredentialScope,
-      accountId,
+      ...((Credentials as any).CredentialScope && { credentialScope: (Credentials as any).CredentialScope }),
+      ...(accountId && { accountId }),
     };
   };
 };
@@ -154,8 +154,8 @@ export const getDefaultRoleAssumerWithWebIdentity = (
       sessionToken: Credentials.SessionToken,
       expiration: Credentials.Expiration,
       // TODO(credentialScope): access normally when shape is updated.
-      credentialScope: (Credentials as any).CredentialScope,
-      accountId,
+      ...((Credentials as any).CredentialScope && { credentialScope: (Credentials as any).CredentialScope }),
+      ...(accountId && { accountId }),
     };
   };
 };
diff --git a/packages/credential-provider-ini/src/resolveStaticCredentials.ts b/packages/credential-provider-ini/src/resolveStaticCredentials.ts
@@ -37,6 +37,6 @@ export const resolveStaticCredentials = (
     secretAccessKey: profile.aws_secret_access_key,
     sessionToken: profile.aws_session_token,
     credentialScope: profile.aws_credential_scope,
-    accountId: profile.aws_account_id,
+    ...(profile.aws_account_id && { accountId: profile.aws_account_id }),
   });
 };
diff --git a/packages/credential-provider-sso/src/resolveSSOCredentials.ts b/packages/credential-provider-sso/src/resolveSSOCredentials.ts
@@ -108,7 +108,7 @@ export const resolveSSOCredentials = async ({
     secretAccessKey,
     sessionToken,
     expiration: new Date(expiration),
-    credentialScope,
-    accountId,
+    ...(credentialScope && { credentialScope }),
+    ...(accountId && { accountId }),
   };
 };
