feat(AWSPluginsCore): Add non-blocking methods to AWSAuthServiceBehavior / deprecate existing blocking methods (#1502)

Author: atierian

Amplify.xcodeproj/project.pbxproj

@@ -289,6 +289,7 @@
 		76C0F4EC26797F4500F0E6AB /* AuthModeStrategyTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 76C0F4EA26797F3C00F0E6AB /* AuthModeStrategyTests.swift */; };
 		76FFFC91267966D9001EC92B /* RetryableGraphQLOperationTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 76FFFC90267966D9001EC92B /* RetryableGraphQLOperationTests.swift */; };
 		8484A17AAAFE78545A932849 /* Pods_Amplify.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 7A1769ED39B45A981FD1D8AC /* Pods_Amplify.framework */; };
+		90A8901327619D780042C3C1 /* AWSAuthServiceBehaviorTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 90A8901227619D780042C3C1 /* AWSAuthServiceBehaviorTests.swift */; };
 		950A26DB23D15D7E00D92B19 /* PredictionsTranslateTextOperation.swift in Sources */ = {isa = PBXBuildFile; fileRef = 950A26D823D15D7E00D92B19 /* PredictionsTranslateTextOperation.swift */; };
 		950A26DC23D15D7E00D92B19 /* PredictionsTextToSpeechOperation.swift in Sources */ = {isa = PBXBuildFile; fileRef = 950A26D923D15D7E00D92B19 /* PredictionsTextToSpeechOperation.swift */; };
 		950A26DD23D15D7E00D92B19 /* PredictionsSpeechToTextOperation.swift in Sources */ = {isa = PBXBuildFile; fileRef = 950A26DA23D15D7E00D92B19 /* PredictionsSpeechToTextOperation.swift */; };
@@ -1147,6 +1148,7 @@
 		7D502982E80B9B2796D71A48 /* Pods-Amplify-AWSPluginsCore-AWSPluginsTestConfigs-AWSPluginsTestCommon.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Amplify-AWSPluginsCore-AWSPluginsTestConfigs-AWSPluginsTestCommon.debug.xcconfig"; path = "Target Support Files/Pods-Amplify-AWSPluginsCore-AWSPluginsTestConfigs-AWSPluginsTestCommon/Pods-Amplify-AWSPluginsCore-AWSPluginsTestConfigs-AWSPluginsTestCommon.debug.xcconfig"; sourceTree = "<group>"; };
 		852B5530E9E8794DAC86E44E /* Pods-Amplify-AmplifyTestConfigs-AmplifyTestCommon.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Amplify-AmplifyTestConfigs-AmplifyTestCommon.release.xcconfig"; path = "Target Support Files/Pods-Amplify-AmplifyTestConfigs-AmplifyTestCommon/Pods-Amplify-AmplifyTestConfigs-AmplifyTestCommon.release.xcconfig"; sourceTree = "<group>"; };
 		8E125EAA66C26B6F0705BB0C /* Pods-Amplify-AmplifyTestConfigs-AmplifyFunctionalTests.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Amplify-AmplifyTestConfigs-AmplifyFunctionalTests.release.xcconfig"; path = "Target Support Files/Pods-Amplify-AmplifyTestConfigs-AmplifyFunctionalTests/Pods-Amplify-AmplifyTestConfigs-AmplifyFunctionalTests.release.xcconfig"; sourceTree = "<group>"; };
+		90A8901227619D780042C3C1 /* AWSAuthServiceBehaviorTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AWSAuthServiceBehaviorTests.swift; sourceTree = "<group>"; };
 		950A26D823D15D7E00D92B19 /* PredictionsTranslateTextOperation.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = PredictionsTranslateTextOperation.swift; sourceTree = "<group>"; };
 		950A26D923D15D7E00D92B19 /* PredictionsTextToSpeechOperation.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = PredictionsTextToSpeechOperation.swift; sourceTree = "<group>"; };
 		950A26DA23D15D7E00D92B19 /* PredictionsSpeechToTextOperation.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = PredictionsSpeechToTextOperation.swift; sourceTree = "<group>"; };
@@ -2372,6 +2374,7 @@
 				76C0F4EA26797F3C00F0E6AB /* AuthModeStrategyTests.swift */,
 				211A82002718631800C5483D /* AWSAuthorizationTypeTests.swift */,
 				6BEE0816253114FD00133961 /* AWSAuthServiceTests.swift */,
+				90A8901227619D780042C3C1 /* AWSAuthServiceBehaviorTests.swift */,
 			);
 			path = Auth;
 			sourceTree = "<group>";
@@ -4676,6 +4679,7 @@
 				21A3FDB9246494CD00E76120 /* GraphQLRequestAuthRuleTests.swift in Sources */,
 				21A3FDB62464590600E76120 /* ModelMultipleOwnerAuthRuleTests.swift in Sources */,
 				6B5087BD2565E5AD000AB673 /* QueryPredicateEvaluateGeneratedDoubleTests.swift in Sources */,
+				90A8901327619D780042C3C1 /* AWSAuthServiceBehaviorTests.swift in Sources */,
 				6B5087C5256632D3000AB673 /* QueryPredicateEvaluateGeneratedStringTests.swift in Sources */,
 				76C0F4EC26797F4500F0E6AB /* AuthModeStrategyTests.swift in Sources */,
 				2129BE3A2394828B006363A1 /* QueryPredicateGraphQLTests.swift in Sources */,
@@ -5508,6 +5512,7 @@
 			baseConfigurationReference = 1FA86170C161C5E46E57A5F9 /* Pods-Amplify-AWSPluginsCore.debug.xcconfig */;
 			buildSettings = {
 				CLANG_ENABLE_MODULES = YES;
+				CODE_SIGN_IDENTITY = "Apple Development";
 				CODE_SIGN_STYLE = Automatic;
 				DEFINES_MODULE = YES;
 				DEVELOPMENT_TEAM = "";
@@ -5536,6 +5541,7 @@
 			baseConfigurationReference = 09D90ABD9EDED6D6B1780253 /* Pods-Amplify-AWSPluginsCore.release.xcconfig */;
 			buildSettings = {
 				CLANG_ENABLE_MODULES = YES;
+				CODE_SIGN_IDENTITY = "Apple Development";
 				CODE_SIGN_STYLE = Automatic;
 				DEFINES_MODULE = YES;
 				DEVELOPMENT_TEAM = "";
@@ -5564,7 +5570,7 @@
 			buildSettings = {
 				ALWAYS_EMBED_SWIFT_STANDARD_LIBRARIES = YES;
 				CODE_SIGN_STYLE = Automatic;
-				DEVELOPMENT_TEAM = W3DRXD72QU;
+				DEVELOPMENT_TEAM = "";
 				INFOPLIST_FILE = AmplifyPlugins/Core/AWSPluginsCoreTests/Info.plist;
 				IPHONEOS_DEPLOYMENT_TARGET = 11.0;
 				LD_RUNPATH_SEARCH_PATHS = (
@@ -5608,7 +5614,7 @@
 			buildSettings = {
 				CODE_SIGN_STYLE = Automatic;
 				DEFINES_MODULE = YES;
-				DEVELOPMENT_TEAM = W3DRXD72QU;
+				DEVELOPMENT_TEAM = "";
 				DYLIB_COMPATIBILITY_VERSION = 1;
 				DYLIB_CURRENT_VERSION = 1;
 				DYLIB_INSTALL_NAME_BASE = "@rpath";
@@ -5634,7 +5640,7 @@
 			buildSettings = {
 				CODE_SIGN_STYLE = Automatic;
 				DEFINES_MODULE = YES;
-				DEVELOPMENT_TEAM = W3DRXD72QU;
+				DEVELOPMENT_TEAM = "";
 				DYLIB_COMPATIBILITY_VERSION = 1;
 				DYLIB_CURRENT_VERSION = 1;
 				DYLIB_INSTALL_NAME_BASE = "@rpath";
@@ -5780,7 +5786,7 @@
 			isa = XCBuildConfiguration;
 			baseConfigurationReference = 7B9806D365E82306EE138710 /* Pods-Amplify.debug.xcconfig */;
 			buildSettings = {
-				CODE_SIGN_IDENTITY = "";
+				CODE_SIGN_IDENTITY = "Apple Development";
 				CODE_SIGN_STYLE = Automatic;
 				DEFINES_MODULE = YES;
 				DEVELOPMENT_TEAM = "";
@@ -5807,7 +5813,7 @@
 			isa = XCBuildConfiguration;
 			baseConfigurationReference = D4D30E30A8210AC1B2F74F4C /* Pods-Amplify.release.xcconfig */;
 			buildSettings = {
-				CODE_SIGN_IDENTITY = "";
+				CODE_SIGN_IDENTITY = "Apple Development";
 				CODE_SIGN_STYLE = Automatic;
 				DEFINES_MODULE = YES;
 				DEVELOPMENT_TEAM = "";
@@ -5915,7 +5921,7 @@
 			baseConfigurationReference = F8459E074A4A470F48829BEE /* Pods-Amplify-AmplifyTestConfigs-AmplifyTestCommon.debug.xcconfig */;
 			buildSettings = {
 				ALWAYS_EMBED_SWIFT_STANDARD_LIBRARIES = YES;
-				CODE_SIGN_IDENTITY = "";
+				CODE_SIGN_IDENTITY = "Apple Development";
 				CODE_SIGN_STYLE = Automatic;
 				DEFINES_MODULE = YES;
 				DEVELOPMENT_TEAM = "";
@@ -5948,7 +5954,7 @@
 			baseConfigurationReference = 852B5530E9E8794DAC86E44E /* Pods-Amplify-AmplifyTestConfigs-AmplifyTestCommon.release.xcconfig */;
 			buildSettings = {
 				ALWAYS_EMBED_SWIFT_STANDARD_LIBRARIES = YES;
-				CODE_SIGN_IDENTITY = "";
+				CODE_SIGN_IDENTITY = "Apple Development";
 				CODE_SIGN_STYLE = Automatic;
 				DEFINES_MODULE = YES;
 				DEVELOPMENT_TEAM = "";

AmplifyPlugins/Core/AWSPluginsCore/Auth/AWSAuthService.swift

@@ -17,6 +17,28 @@ public class AWSAuthService: AWSAuthServiceBehavior {
         return AmplifyAWSCredentialsProvider()
     }
 
+    /// Retrieves the identity identifier for this authentication session from Cognito.
+    /// - Parameter completion: Completion handler defined for the input `Result<String, AuthError>`
+    public func getIdentityID(completion: @escaping (Result<String, AuthError>) -> Void) {
+        Amplify.Auth.fetchAuthSession { event in
+            switch event {
+            case .success(let session):
+                guard
+                    let identityID = (session as? AuthCognitoIdentityProvider)?.getIdentityId()
+                else {
+                    return completion(.failure(.unknown("""
+                    Did not receive a valid response from fetchAuthSession for identityId.
+                    """)))
+                }
+
+                completion(identityID)
+            case .failure(let error):
+                completion(.failure(error))
+            }
+        }
+    }
+
+    @available(*, deprecated, message: "Use getIdentityID(completion:) instead")
     public func getIdentityId() -> Result<String, AuthError> {
         var result: Result<String, AuthError>?
         let semaphore = DispatchSemaphore(value: 0)
@@ -43,21 +65,22 @@ public class AWSAuthService: AWSAuthServiceBehavior {
     }
 
     // This algorithm was heavily based on the implementation here:
-    // https://github.com/aws-amplify/aws-sdk-ios/blob/main/AWSAuthSDK/Sources/AWSMobileClient/AWSMobileClientExtensions.swift#L29
+    // swiftlint:disable:next line_length
+    //  https://github.com/aws-amplify/aws-sdk-ios/blob/main/AWSAuthSDK/Sources/AWSMobileClient/AWSMobileClientExtensions.swift#L29
     public func getTokenClaims(tokenString: String) -> Result<[String: AnyObject], AuthError> {
         let tokenSplit = tokenString.split(separator: ".")
         guard tokenSplit.count > 2 else {
             return .failure(.validation("", "Token is not valid base64 encoded string.", "", nil))
         }
 
-        //Add ability to do URL decoding
-        //https://stackoverflow.com/questions/40915607/how-can-i-decode-jwt-json-web-token-token-in-swift
+        // Add ability to do URL decoding
+        // https://stackoverflow.com/questions/40915607/how-can-i-decode-jwt-json-web-token-token-in-swift
         let claims = tokenSplit[1]
             .replacingOccurrences(of: "-", with: "+")
             .replacingOccurrences(of: "_", with: "/")
 
         let paddedLength = claims.count + (4 - (claims.count % 4)) % 4
-        //JWT is not padded with =, pad it if necessary
+        // JWT is not padded with =, pad it if necessary
         let updatedClaims = claims.padding(toLength: paddedLength, withPad: "=", startingAt: 0)
         let encodedData = Data(base64Encoded: updatedClaims, options: .ignoreUnknownCharacters)
 
@@ -84,6 +107,27 @@ public class AWSAuthService: AWSAuthServiceBehavior {
         return .success(convertedDictionary)
     }
 
+    /// Retrieves the Cognito token from the AuthCognitoTokensProvider
+    /// - Parameter completion: Completion handler defined for the input `Result<String, AuthError>`
+    public func getUserPoolAccessToken(completion: @escaping (Result<String, AuthError>) -> Void) {
+        Amplify.Auth.fetchAuthSession { [weak self] event in
+            switch event {
+            case .success(let session):
+                guard
+                    let tokenResult = self?.getTokenString(from: session)
+                else {
+                    return completion(.failure(.unknown("""
+                    Did not receive a valid response from fetchAuthSession for get token.
+                    """)))
+                }
+                completion(tokenResult)
+            case .failure(let error):
+                completion(.failure(error))
+            }
+        }
+    }
+
+    @available(*, deprecated, message: "Use getUserPoolAccessToken(completion:) instead")
     public func getToken() -> Result<String, AuthError> {
         var result: Result<String, AuthError>?
         let semaphore = DispatchSemaphore(value: 0)

AmplifyPlugins/Core/AWSPluginsCore/Auth/AWSAuthServiceBehavior.swift

@@ -12,9 +12,67 @@ public protocol AWSAuthServiceBehavior: AnyObject {
 
     func getCredentialsProvider() -> AWSCredentialsProvider
 
+    @available(*, deprecated, message: "Use getIdentityID(completion:) instead")
     func getIdentityId() -> Result<String, AuthError>
 
+    @available(*, deprecated, message: "Use getUserPoolAccessToken(completion:) instead")
     func getToken() -> Result<String, AuthError>
 
     func getTokenClaims(tokenString: String) -> Result<[String: AnyObject], AuthError>
+
+    /// Retrieves the identity identifier of for the Auth service
+    /// - Parameter completion: Completion handler defined for the input `Result<String, AuthError>`
+    func getIdentityID(completion: @escaping (Result<String, AuthError>) -> Void)
+
+    /// Retrieves the token from the Auth token provider
+    /// - Parameter completion: Completion handler defined for the input `Result<String, AuthError>`
+    func getUserPoolAccessToken(completion: @escaping (Result<String, AuthError>) -> Void)
+}
+
+extension AWSAuthServiceBehavior {
+    // MARK: List of Amplify internal usages of now deprecated AWSAuthServiceBehavior methods.
+    /**
+     `StorageAccessLevelAwarePrefixResolver`
+        - File Path: `AmplifyPlugins/Storage/AWSS3StoragePlugin/Configuration/AWSS3PluginPrefixResolver.swift`
+        - Uses: `getIdentityId()`
+
+     `IncomingAsyncSubscriptionEventPublisher`
+        - File Path: `AmplifyPlugins/Core/AWSPluginsCore/Auth/AWSAuthServiceBehavior.swift`
+        - Uses: `getToken()`
+
+     `BasicUserPoolTokenProvider`
+        - File Path: `AmplifyPlugins/Core/AWSPluginsCore/Auth/Provider/AuthTokenProvider.swift`
+        - Uses: `getToken()`
+
+     `AWSOIDCAuthProvider`
+        - File Path: `AmplifyPlugins/API/AWSAPICategoryPlugin/SubscriptionFactory/AWSOIDCAuthProvider.swift`
+        - Uses: `getToken()`
+
+     `AWSAuthServiceBehavior` protocol extension.
+        Default implementation of new completion handler APIs to prevent breaking change.
+         - File Path: `AmplifyPlugins/Core/AWSPluginsCore/Auth/AWSAuthServiceBehavior.swift`
+         - Uses: `getToken()`, `getIdentityId()`
+     */
+
+    /// Retrieves the identity identifier of for the Auth service
+    /// - Parameter completion: Completion handler defined for the input `Result<String, AuthError>`
+    /// - Note: This default implementation was added to prevent a breaking change,
+    /// and will be removed when the blocking API versions are removed.
+    public func getIdentityID(completion: @escaping (Result<String, AuthError>) -> Void) {
+        DispatchQueue.global().async { [weak self] in
+            guard let identityIdResult = self?.getIdentityId() else { return }
+            completion(identityIdResult)
+        }
+    }
+
+    /// Retrieves the token from the Auth token provider
+    /// - Parameter completion: Completion handler defined for the input `Result<String, AuthError>`
+    /// - Note: This default implementation was added to prevent a breaking change,
+    ///  and will be removed when the blocking API versions are removed.
+    public func getUserPoolAccessToken(completion: @escaping (Result<String, AuthError>) -> Void) {
+        DispatchQueue.global().async { [weak self] in
+            guard let tokenResult = self?.getToken() else { return }
+            completion(tokenResult)
+        }
+    }
 }

AmplifyPlugins/Core/AWSPluginsCoreTests/Auth/AWSAuthServiceBehaviorTests.swift

@@ -0,0 +1,128 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+import XCTest
+
+@testable import Amplify
+@testable import AWSPluginsCore
+import AWSCore
+
+class AWSAuthServiceBehaviorTests: XCTestCase {
+    // MARK: Tests for change from blocking to non-blocking
+    /**
+     Confirm that calling the non-blocking replacements of `getIdentityId()` (`getIdentityID(completion:)`)
+     and `getToken()` (`getUserPoolAccessToken(completion:)`) in `AWSAuthServiceBehavior` conforming
+     objects that have yet to implement the non-blocking methods, will act as a pass through to
+     the existing blocking methods.
+
+     - IMPORTANT: This tests can be removed after the deprecation process of
+     the blocking methods `getIdentityId` and `getToken` is complete
+     */
+
+    func testNonBlockingDefaultImplementationSuccess() {
+        let mockAWSAuthService: AWSAuthServiceBehavior = _MockAWSAuthService.init(
+            identityID: .success("42"),
+            userPoolAccessToken: .success("25")
+        )
+
+        /// Calling `getIdentityID(completion:)` on an `AWSAuthServiceBehavior` conforming type
+        /// without an explicit implementation should use the now deprecated `getIdentityId()` method as a
+        /// default implementation.
+        mockAWSAuthService.getIdentityID {
+            switch $0 {
+            case .success(let id): XCTAssertEqual(id, "42")
+            case .failure: XCTFail("This instance of _MockAWSAuthService should return .success")
+            }
+        }
+
+        /// Calling `getUserPoolAccessToken(completion:)` on an `AWSAuthServiceBehavior` conforming type
+        /// without an explicit implementation should use the now deprecated `getToken()` method as a
+        /// default implementation.
+        mockAWSAuthService.getUserPoolAccessToken {
+            switch $0 {
+            case .success(let id): XCTAssertEqual(id, "25")
+            case .failure: XCTFail("This instance of _MockAWSAuthService should return .success")
+            }
+        }
+    }
+
+    func testNonBlockingDefaultImplementationFailure() {
+        let identityIDErrorDescription = "identityID_description"
+        let identityIDErrorRecovery = "identityID_recovery"
+
+        let userPoolAccessTokenIDErrorDescription = "userPoolAccessToken_description"
+        let userPoolAccessTokenIDErrorRecovery = "userPoolAccessToken_recovery"
+
+        let mockAWSAuthService: AWSAuthServiceBehavior = _MockAWSAuthService.init(
+            identityID: .failure(
+                .notAuthorized(
+                    identityIDErrorDescription,
+                    identityIDErrorRecovery
+                )
+            ),
+            userPoolAccessToken: .failure(
+                .invalidState(
+                    userPoolAccessTokenIDErrorDescription,
+                    userPoolAccessTokenIDErrorRecovery
+                )
+            )
+        )
+
+        /// Calling `getIdentityID(completion:)` on an `AWSAuthServiceBehavior` conforming type
+        /// without an explicit implementation should use the now deprecated `getIdentityId()` method as a
+        /// default implementation.
+        mockAWSAuthService.getIdentityID {
+            switch $0 {
+            case let .failure(.notAuthorized(description, recovery, _)):
+                XCTAssertEqual(description, identityIDErrorDescription)
+                XCTAssertEqual(recovery, identityIDErrorRecovery)
+            default: XCTFail("This instance of _MockAWSAuthService should return .failure(.notAuthorized)")
+            }
+        }
+
+        /// Calling `getUserPoolAccessToken(completion:)` on an `AWSAuthServiceBehavior` conforming type
+        /// without an explicit implementation should use the now deprecated `getToken()` method as a
+        /// default implementation.
+        mockAWSAuthService.getUserPoolAccessToken {
+            switch $0 {
+            case let .failure(.invalidState(description, recovery, _)):
+                XCTAssertEqual(description, userPoolAccessTokenIDErrorDescription)
+                XCTAssertEqual(recovery, userPoolAccessTokenIDErrorRecovery)
+            default: XCTFail("This instance of _MockAWSAuthService should return .failure(.invalidState)")
+            }
+        }
+    }
+}
+
+fileprivate class _MockAWSAuthService: AWSAuthServiceBehavior {
+    let identityID: () -> Result<String, AuthError>
+    let userPoolAccessToken: () -> Result<String, AuthError>
+
+    init(
+        identityID: @escaping @autoclosure () -> Result<String, AuthError>,
+        userPoolAccessToken: @escaping @autoclosure () -> Result<String, AuthError>
+    ) {
+        self.identityID = identityID
+        self.userPoolAccessToken = userPoolAccessToken
+    }
+
+    func getCredentialsProvider() -> AWSCredentialsProvider {
+        AWSCognitoCredentialsProvider()
+    }
+
+    func getIdentityId() -> Result<String, AuthError> {
+        identityID()
+    }
+
+    func getToken() -> Result<String, AuthError> {
+        userPoolAccessToken()
+    }
+
+    func getTokenClaims(tokenString: String) -> Result<[String: AnyObject], AuthError> {
+        .success([:])
+    }
+}