Merge branch 'development' into feature/remove-v1

Austin Johnson · Austin Johnson · commit 639c77cab2c1 · 2025-09-30T12:42:08.000-04:00
diff --git a/lex-web-ui/src/lib/lex/client.js b/lex-web-ui/src/lib/lex/client.js
@@ -76,6 +76,15 @@ export default class {
       this.userId;
   }
 
+  refreshClient(region, credentials) {
+    const awsConfig = {
+      region: region,
+      credentials,
+    };
+
+    this.lexRuntimeClient = new LexRuntimeV2Client(awsConfig);
+  }
+
   async deleteSession() {
     const command = new DeleteSessionCommand({
       botAliasId: this.botV2AliasId,
diff --git a/lex-web-ui/src/store/actions.js b/lex-web-ui/src/store/actions.js
@@ -37,6 +37,7 @@ import { S3Client, PutObjectCommand } from '@aws-sdk/client-s3';
 // non-state variables that may be mutated outside of store
 // set via initializers at run time
 let awsCredentials;
+let refreshCredentials = true;
 let pollyClient;
 let lexClient;
 let audio;
@@ -675,7 +676,7 @@ export default {
   },
   deleteSession(context) {
     context.commit('setIsLexProcessing', true);
-    return context.dispatch('refreshAuthTokens')
+    return context.dispatch('checkCredentialsForRefresh')
       .then(() => context.dispatch('getCredentials', context.state.config))
       .then(() => lexClient.deleteSession())
       .then((data) => {
@@ -690,7 +691,7 @@ export default {
   },
   startNewSession(context) {
     context.commit('setIsLexProcessing', true);
-    return context.dispatch('refreshAuthTokens')
+    return context.dispatch('checkCredentialsForRefresh')
       .then(() => context.dispatch('getCredentials', context.state.config))
       .then(() => lexClient.startNewSession())
       .then((data) => {
@@ -712,7 +713,7 @@ export default {
       ? context.state.config.lex.v2BotLocaleId.split(',')[0]
       : undefined;
     const sessionId = lexClient.userId;
-    return context.dispatch('refreshAuthTokens')
+    return context.dispatch('checkCredentialsForRefresh')
       .then(() => context.dispatch('getCredentials', context.state.config))
       .then(() => {
         // TODO: Need to handle if the error occurred. typing would be broke since lexClient.postText throw error
@@ -762,7 +763,7 @@ export default {
     console.info('audio blob size:', audioBlob.size);
     let timeStart;
 
-    return context.dispatch('refreshAuthTokens')
+    return context.dispatch('checkCredentialsForRefresh')
       .then(() => context.dispatch('getCredentials', context.state.config))
       .then(() => {
         const localeId = context.state.config.lex.v2BotLocaleId
@@ -1106,7 +1107,7 @@ export default {
    *
    **********************************************************************/
 
-  getCredentialsFromParent(context) {
+  getCredentialsFromParent(context, region) {
     const expireTime = (awsCredentials && awsCredentials.expireTime) ?
       awsCredentials.expireTime : 0;
     const credsExpirationDate = new Date(expireTime).getTime();
@@ -1124,75 +1125,102 @@ export default {
         return Promise.reject(error);
       })
       .then((creds) => {
-        const { accessKeyId, identityId, secretAccessKey, sessionToken } = creds;
+        const { accessKeyId, identityId, secretAccessKey, sessionToken, expiration } = creds;
         // recreate as a static credential
-        awsCredentials = {
+        awsCredentials = Promise.resolve({
           accessKeyId: accessKeyId,
           secretAccessKey: secretAccessKey,
           sessionToken: sessionToken,
           identityId: identityId,
-          expired: false,
-        };
+          expiration: expiration,
+        });
+        
+        if (lexClient) {
+          lexClient.refreshClient(region, awsCredentials);
+        }
 
         return awsCredentials;
       });
   },
   async getCredentials(context, config) {
-    if (context.state.awsCreds.provider === 'parentWindow') {
-      return context.dispatch('getCredentialsFromParent');
-    }
-
-    if (awsCredentials) {
-      return awsCredentials;
-    }
-
-    const region = config.cognito.region || config.region || 'us-east-1';
-    const poolId = config.cognito.poolId || localStorage.getItem('poolId');
-    const appUserPoolName = config.cognito.appUserPoolName || localStorage.getItem('appUserPoolName');
-    const appUserPoolClientId = config.cognito.appUserPoolClientId || localStorage.getItem('appUserPoolClientId');
-    const idToken = config.lex.sessionAttributes.idtokenjwt || localStorage.getItem(`${appUserPoolClientId}idtokenjwt`);
-
-    if (idToken) {
-      logins = {};
-      logins[`cognito-idp.${region}.amazonaws.com/${appUserPoolName}`] = idToken;
-      const client = new CognitoIdentityClient({ region });
-      const getIdentityId = new GetIdCommand({
-        IdentityPoolId: poolId,
-        Logins: logins ? logins : {}
-      })
-      let getCreds;
-      try {
-        await client.send(getIdentityId)
-          .then((res) => {
-            identityId = res.IdentityId;
-            getCreds = new GetCredentialsForIdentityCommand({
-              IdentityId: identityId,
-              Logins: logins ? logins : {}
+    if (refreshCredentials) {
+      const region = config.cognito.region || config.region || 'us-east-1';
+      
+      if (context.state.awsCreds.provider === 'parentWindow') {
+        return context.dispatch('getCredentialsFromParent', region);
+      }
+      
+      const poolId = config.cognito.poolId || localStorage.getItem('poolId');
+      const appUserPoolName = config.cognito.appUserPoolName || localStorage.getItem('appUserPoolName');
+      const appUserPoolClientId = config.cognito.appUserPoolClientId || localStorage.getItem('appUserPoolClientId');
+      const idToken = config.lex.sessionAttributes.idtokenjwt || localStorage.getItem(`${appUserPoolClientId}idtokenjwt`);
+
+      if (idToken) {
+        logins = {};
+        logins[`cognito-idp.${region}.amazonaws.com/${appUserPoolName}`] = idToken;
+        const client = new CognitoIdentityClient({ region });
+        const getIdentityId = new GetIdCommand({
+          IdentityPoolId: poolId,
+          Logins: logins ? logins : {}
+        })
+        let getCreds;
+        try {
+          await client.send(getIdentityId)
+            .then((res) => {
+              identityId = res.IdentityId;
+              getCreds = new GetCredentialsForIdentityCommand({
+                IdentityId: identityId,
+                Logins: logins ? logins : {}
+              })
             })
-          })
-        const res = await client.send(getCreds);
-        const creds = res.Credentials;
-        const credentials = {
-          accessKeyId: creds.AccessKeyId,
-          identityId,
-          secretAccessKey: creds.SecretKey,
-          sessionToken: creds.SessionToken,
-          expiration: creds.Expiration,
-        };
-        return credentials;
-      } catch (err) {
-        console.log(err)
+          const res = await client.send(getCreds);
+          const creds = res.Credentials;
+          const credentials = {
+            accessKeyId: creds.AccessKeyId,
+            identityId,
+            secretAccessKey: creds.SecretKey,
+            sessionToken: creds.SessionToken,
+            expiration: creds.Expiration,
+          };
+          if (lexClient) {
+            lexClient.refreshClient(region, credentials);
+          }
+          return credentials;
+        } catch (err) {
+          console.log(err)
+        }
+      } else {
+        const credentialProvider = fromCognitoIdentityPool({
+          identityPoolId: poolId,
+          clientConfig: { region },
+        })
+        awsCredentials = credentialProvider();
+        if (lexClient) {
+          lexClient.refreshClient(region, awsCredentials);
+        }
+        return awsCredentials;
       }
-    } else {
-      const credentialProvider = fromCognitoIdentityPool({
-        identityPoolId: poolId,
-        clientConfig: { region },
-      })
-      const credentials = credentialProvider();
-      return credentials;
     }
   },
-
+  checkCredentialsForRefresh() {
+    if (awsCredentials) {
+      awsCredentials.then((res) => {
+        if (res.expiration) {
+          const expiration = new Date(res.expiration).getTime();
+          const now = Date.now();
+          // calculate and expiration time 5 minutes sooner and adjust to milliseconds
+          // to compare with now.
+          const expirationTime = (expiration - (5 * 60 * 1000));
+          if (now > expirationTime) {
+            refreshCredentials = true;
+            return Promise.resolve();
+          }
+        }
+      });
+    }
+    refreshCredentials = false;
+    return Promise.resolve();
+  },
   /***********************************************************************
    *
    * Auth Token Actions
@@ -1219,7 +1247,7 @@ export default {
         return Promise.resolve();
       });
   },
-  refreshAuthTokens(context) {
+  async refreshAuthTokens(context) {
     function isExpired(token) {
       if (token) {
         const decoded = jwtDecode(token);
@@ -1242,6 +1270,7 @@ export default {
       console.info('starting auth token refresh');
       return context.dispatch('refreshAuthTokensFromParent');
     }
+
     return Promise.resolve();
   },
 
diff --git a/src/lex-web-ui-loader/js/lib/iframe-component-loader.js b/src/lex-web-ui-loader/js/lib/iframe-component-loader.js
@@ -576,11 +576,14 @@ export class IframeComponentLoader {
 
       // requests credentials from the parent
       getCredentials(evt) {
-        const tcreds = JSON.parse(JSON.stringify(this.credentials));
-        return evt.ports[0].postMessage({
-          event: 'resolve',
-          type: evt.data.event,
-          data: tcreds,
+        const { poolId: cognitoPoolId } = this.config.cognito;
+        const region = this.config.cognito.region
+        this.getCredentials(cognitoPoolId, region).then((creds) => {
+          return evt.ports[0].postMessage({
+            event: 'resolve',
+            type: evt.data.event,
+            data: creds,
+          });
         });
       },
 
