83 lines
3.8 KiB
Swift
83 lines
3.8 KiB
Swift
//
|
|
// Copyright Amazon.com Inc. or its affiliates.
|
|
// All Rights Reserved.
|
|
//
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
//
|
|
|
|
import Amplify
|
|
import Foundation
|
|
import AWSPluginsCore
|
|
|
|
struct AWSAPIEndpointInterceptors {
|
|
// API name
|
|
let apiEndpointName: APIEndpointName
|
|
|
|
let apiAuthProviderFactory: APIAuthProviderFactory
|
|
let authService: AWSAuthServiceBehavior?
|
|
|
|
var interceptors: [URLRequestInterceptor] = []
|
|
|
|
init(endpointName: APIEndpointName,
|
|
apiAuthProviderFactory: APIAuthProviderFactory,
|
|
authService: AWSAuthServiceBehavior? = nil) {
|
|
self.apiEndpointName = endpointName
|
|
self.apiAuthProviderFactory = apiAuthProviderFactory
|
|
self.authService = authService
|
|
}
|
|
|
|
/// Registers an interceptor
|
|
/// - Parameter interceptor: operation interceptor used to decorate API requests
|
|
public mutating func addInterceptor(_ interceptor: URLRequestInterceptor) {
|
|
interceptors.append(interceptor)
|
|
}
|
|
|
|
/// Initialize authorization interceptors
|
|
mutating func addAuthInterceptorsToEndpoint(endpointType: AWSAPICategoryPluginEndpointType,
|
|
authConfiguration: AWSAuthorizationConfiguration) throws {
|
|
switch authConfiguration {
|
|
case .none:
|
|
// No interceptors needed
|
|
break
|
|
case .apiKey(let apiKeyConfig):
|
|
let provider = BasicAPIKeyProvider(apiKey: apiKeyConfig.apiKey)
|
|
let interceptor = APIKeyURLRequestInterceptor(apiKeyProvider: provider)
|
|
addInterceptor(interceptor)
|
|
case .awsIAM(let iamConfig):
|
|
guard let authService = authService else {
|
|
throw PluginError.pluginConfigurationError("AuthService is not set for IAM",
|
|
"")
|
|
}
|
|
let provider = BasicIAMCredentialsProvider(authService: authService)
|
|
let interceptor = IAMURLRequestInterceptor(iamCredentialsProvider: provider,
|
|
region: iamConfig.region,
|
|
endpointType: endpointType)
|
|
addInterceptor(interceptor)
|
|
case .amazonCognitoUserPools:
|
|
guard let authService = authService else {
|
|
throw PluginError.pluginConfigurationError("AuthService not set for cognito user pools",
|
|
"")
|
|
}
|
|
let provider = BasicUserPoolTokenProvider(authService: authService)
|
|
let interceptor = AuthTokenURLRequestInterceptor(authTokenProvider: provider)
|
|
addInterceptor(interceptor)
|
|
case .openIDConnect:
|
|
guard let oidcAuthProvider = apiAuthProviderFactory.oidcAuthProvider() else {
|
|
throw PluginError.pluginConfigurationError("AuthService not set for OIDC",
|
|
"Provide an AmplifyOIDCAuthProvider via API plugin configuration")
|
|
}
|
|
let wrappedAuthProvider = AuthTokenProviderWrapper(tokenAuthProvider: oidcAuthProvider)
|
|
let interceptor = AuthTokenURLRequestInterceptor(authTokenProvider: wrappedAuthProvider)
|
|
addInterceptor(interceptor)
|
|
case .function:
|
|
guard let functionAuthProvider = apiAuthProviderFactory.functionAuthProvider() else {
|
|
throw PluginError.pluginConfigurationError("AuthService not set for function auth",
|
|
"Provide an AmplifyFunctionAuthProvider via API plugin configuration")
|
|
}
|
|
let wrappedAuthProvider = AuthTokenProviderWrapper(tokenAuthProvider: functionAuthProvider)
|
|
let interceptor = AuthTokenURLRequestInterceptor(authTokenProvider: wrappedAuthProvider)
|
|
addInterceptor(interceptor)
|
|
}
|
|
}
|
|
}
|