Extend your AWS IAM switching roles. You can set the configuration like aws config format
Flags items published by entities that haven’t gone through the publisher verification process of the marketplace. Lack of verification may indicate higher risk, as the publisher’s identity and trustworthiness are unconfirmed.
Flags items published by individuals rather than verified companies or organizations, indicating potential risks due to limited accountability and unclear operational standards
AI-powered analysis of the extension's source code for security insights and risk assessment.
This Chrome extension code is designed to manage AWS IAM role switching configurations. It provides functionality to parse and load AWS config files in INI format, store and retrieve profiles using browser storage APIs (local, sync, session), and maintain profile data in IndexedDB for efficient access. The extension supports compressed storage of configuration data using LZString compression to handle storage size limits. It includes OAuth2 client logic to authenticate users against a custom domain (aesr.dev), handling authorization code flow with PKCE, token refresh, and fetching user-specific configuration from a remote API.
The extension listens to Chrome runtime events such as startup and installation to initialize and update profile data. It also handles external messages to update configuration securely by verifying sender IDs. Tab grouping features are implemented to manage AWS sessions, including automatic logout by opening and closing tabs upon tab group removal.
Key API and features used:
chrome.storage.local, chrome.storage.sync, chrome.storage.session)https://auth.aesr.dev and https://api.aesr.devonStartup, onInstalled)No shell command execution, PowerShell usage, Windows Registry access, or direct file system operations are present. The code is not obfuscated; it is well-structured and readable with descriptive class and function names.
Example of network communication URLs:
fetch(`https://auth.${this.domain}/oauth2/token`, ...)
fetch(`https://api.${this.domain}/user/config`, ...)
Example of IndexedDB usage:
const openReq = indexedDB.open(this.dbName, this.version);
// Create object store 'profiles'
Example of storage usage:
this.storageArea.get(keys, resolve);
this.storageArea.set(items, ...);
Example of OAuth2 PKCE code verifier and challenge generation:
const codeVerifier = createCodeVerifier();
const codeChallenge = await createCodeChallenge(codeVerifier);
Overall, the code is focused on managing AWS role switching configurations securely and efficiently within a Chrome extension environment.
API calls detected through static analysis of the source code. For more accurate insights, explore our sandbox dynamic analysis.
Any encoded/decoded secrets we managed to find in the source code, git repository, or related files
Known vulnerabilities and security issues detected in the extension's dependencies and code.
Any identifiers we detected that may indicate external communication from the item's code
Dependencies and third-party libraries used by the extension, including version information and license details.
