mongodb
diff --git a/‎package-lock.json
Lines changed: 93 additions & 7 deletions b/‎package-lock.json
Lines changed: 93 additions & 7 deletions
diff --git a/‎package.json
Lines changed: 1 addition & 0 deletions b/‎package.json
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/client-side-encryption/errors.ts
Lines changed: 28 additions & 14 deletions b/‎src/client-side-encryption/errors.ts
Lines changed: 28 additions & 14 deletions
diff --git a/‎src/client-side-encryption/providers/aws.ts
Lines changed: 17 additions & 18 deletions b/‎src/client-side-encryption/providers/aws.ts
Lines changed: 17 additions & 18 deletions
@@ -90,6 +90,7 @@
     "eslint-plugin-simple-import-sort": "^10.0.0",
     "eslint-plugin-tsdoc": "^0.2.17",
     "express": "^4.18.2",
+    "gcp-metadata": "^5.2.0",
     "js-yaml": "^4.1.0",
     "mocha": "^10.2.0",
     "mocha-sinon": "^2.1.2",
 
@@ -1,63 +1,77 @@
+import { type Document } from '../bson';
+
 /**
- * @class
+ * @public
  * An error indicating that something went wrong specifically with MongoDB Client Encryption
  */
 export class MongoCryptError extends Error {
-  constructor(message, options = {}) {
+  cause?: Error | string;
+  constructor(message: string, options: { cause?: Error | string } = {}) {
     super(message);
     if (options.cause != null) {
       this.cause = options.cause;
     }
   }
 
-  get name() {
+  override get name() {
     return 'MongoCryptError';
   }
 }
 
 /**
- * @class
+ * @public
  * An error indicating that `ClientEncryption.createEncryptedCollection()` failed to create data keys
  */
 export class MongoCryptCreateDataKeyError extends MongoCryptError {
+  // TODO: type encrypted fields
+  encryptedFields: Document;
   constructor({ encryptedFields, cause }) {
     super(`Unable to complete creating data keys: ${cause.message}`, { cause });
     this.encryptedFields = encryptedFields;
   }
 
-  get name() {
+  override get name() {
     return 'MongoCryptCreateDataKeyError';
   }
 }
 
 /**
- * @class
+ * @public
  * An error indicating that `ClientEncryption.createEncryptedCollection()` failed to create a collection
  */
 export class MongoCryptCreateEncryptedCollectionError extends MongoCryptError {
+  // TODO: type encrypted fields
+  encryptedFields: Document;
   constructor({ encryptedFields, cause }) {
     super(`Unable to create collection: ${cause.message}`, { cause });
     this.encryptedFields = encryptedFields;
   }
 
-  get name() {
+  override get name() {
     return 'MongoCryptCreateEncryptedCollectionError';
   }
 }
 
 /**
- * @class
+ * @public
  * An error indicating that mongodb-client-encryption failed to auto-refresh Azure KMS credentials.
  */
 export class MongoCryptAzureKMSRequestError extends MongoCryptError {
-  /**
-   * @param {string} message
-   * @param {object | undefined} body
-   */
-  constructor(message, body) {
+  /** The body of the http response that failed, if present. */
+  body?: Document;
+  constructor(message: string, body?: Document) {
     super(message);
     this.body = body;
   }
+
+  override get name(): string {
+    return 'MongoCryptAzureKMSRequestError';
+  }
 }
 
-export class MongoCryptKMSRequestNetworkTimeoutError extends MongoCryptError {}
+/** @public */
+export class MongoCryptKMSRequestNetworkTimeoutError extends MongoCryptError {
+  override get name(): string {
+    return 'MongoCryptKMSRequestNetworkTimeoutError';
+  }
+}
@@ -1,22 +1,21 @@
-let awsCredentialProviders = null;
-/** @ignore */
-export async function loadAWSCredentials(kmsProviders) {
-  if (awsCredentialProviders == null) {
-    try {
-      // Ensure you always wrap an optional require in the try block NODE-3199
-      awsCredentialProviders = require('@aws-sdk/credential-providers');
-      // eslint-disable-next-line no-empty
-    } catch {}
-  }
+import { getAwsCredentialProvider } from '../../deps';
+import { type KMSProviders } from '.';
+
+/**
+ * @internal
+ */
+export async function loadAWSCredentials(kmsProviders: KMSProviders): Promise<KMSProviders> {
+  const credentialProvider = getAwsCredentialProvider();
 
-  if (awsCredentialProviders != null) {
-    const { fromNodeProviderChain } = awsCredentialProviders;
-    const provider = fromNodeProviderChain();
-    // The state machine is the only place calling this so it will
-    // catch if there is a rejection here.
-    const aws = await provider();
-    return { ...kmsProviders, aws };
+  if ('kModuleError' in credentialProvider) {
+    return kmsProviders;
   }
 
-  return kmsProviders;
+  const { fromNodeProviderChain } = credentialProvider;
+  const provider = fromNodeProviderChain();
+  // The state machine is the only place calling this so it will
+  // catch if there is a rejection here.
+  const aws = await provider();
+  // TODO - figure out the type mismatch here
+  return { ...kmsProviders, aws };
 }