feat(api): Add async protocol implementation for token request interceptors (#2870)

royjit · royjit · commit a25527a6e962 · 2023-04-26T13:44:09.000-07:00
diff --git a/Amplify/Categories/API/AuthProvider/APIAuthProviderFactory.swift b/Amplify/Categories/API/AuthProvider/APIAuthProviderFactory.swift
@@ -25,8 +25,20 @@ open class APIAuthProviderFactory {
 }
 
 public protocol AmplifyAuthTokenProvider {
+
     typealias AuthToken = String
+
     func getLatestAuthToken() -> Result<AuthToken, Error>
+
+    func getLatestAuthToken(completion: @escaping (Result<AuthToken, Error>) -> Void)
+}
+
+public extension AmplifyAuthTokenProvider {
+
+    func getLatestAuthToken(completion: @escaping (Result<AuthToken, Error>) -> Void) {
+        let result = getLatestAuthToken()
+        completion(result)
+    }
 }
 
 /// Amplify OIDC Auth Provider
diff --git a/AmplifyPlugins.podspec b/AmplifyPlugins.podspec
@@ -36,7 +36,7 @@ Pod::Spec.new do |s|
 
   s.subspec 'AWSAPIPlugin' do |ss|
     ss.source_files = 'AmplifyPlugins/API/AWSAPICategoryPlugin/**/*.swift'
-    ss.dependency 'AppSyncRealTimeClient', "~> 3.0"
+    ss.dependency 'AppSyncRealTimeClient', "~> 3.1"
   end
 
   s.subspec 'AWSCognitoAuthPlugin' do |ss|
diff --git a/AmplifyPlugins/API/AWSAPICategoryPlugin/Interceptor/RequestInterceptor/AuthTokenProviderWrapper.swift b/AmplifyPlugins/API/AWSAPICategoryPlugin/Interceptor/RequestInterceptor/AuthTokenProviderWrapper.swift
@@ -29,4 +29,19 @@ class AuthTokenProviderWrapper: AuthTokenProvider {
         }
     }
 
+    func getToken(completion: @escaping (Result<String, AuthError>) -> Void) {
+        wrappedAuthTokenProvider.getLatestAuthToken { result in
+            switch result {
+            case .success(let token):
+                completion(.success(token))
+                return
+            case .failure(let error):
+                completion(.failure(AuthError.service("Unable to get latest auth token",
+                                                      "",
+                                                      error)))
+                return
+            }
+        }
+    }
+
 }
diff --git a/AmplifyPlugins/API/AWSAPICategoryPlugin/Interceptor/SubscriptionInterceptor/AuthenticationTokenAuthInterceptor.swift b/AmplifyPlugins/API/AWSAPICategoryPlugin/Interceptor/SubscriptionInterceptor/AuthenticationTokenAuthInterceptor.swift
@@ -19,35 +19,50 @@ class AuthenticationTokenAuthInterceptor: AuthInterceptor {
         self.authTokenProvider = authTokenProvider
     }
 
-    func interceptMessage(_ message: AppSyncMessage, for endpoint: URL) -> AppSyncMessage {
-        let host = endpoint.host!
-        guard let authToken = getAuthToken() else {
-            log.warn("Missing authentication token for subscription")
-            return message
+    func interceptMessage(
+        _ message: AppSyncMessage,
+        for endpoint: URL,
+        completion: @escaping (AppSyncMessage) -> Void) {
+            let host = endpoint.host!
+
+            guard case .subscribe = message.messageType else {
+                completion(message)
+                return
+            }
+
+            authTokenProvider.getLatestAuthToken { result in
+                let signedMessage = self.signedMessage(
+                    message,
+                    host: host,
+                    tokenResult: result)
+                completion(signedMessage)
+                return
+            }
         }
 
-        guard case .subscribe = message.messageType else {
-            return message
+    func interceptConnection(
+        _ request: AppSyncConnectionRequest,
+        for endpoint: URL,
+        completion: @escaping (AppSyncConnectionRequest) -> Void) {
+            let host = endpoint.host!
+            authTokenProvider.getLatestAuthToken { result in
+                let signedRequest = self.signedRequest(
+                    request,
+                    for: endpoint,
+                    host: host,
+                    tokenResult: result)
+                completion(signedRequest)
+                return
+            }
         }
 
-        let authHeader = TokenAuthHeader(token: authToken, host: host)
-        var payload = message.payload ?? AppSyncMessage.Payload()
-        payload.authHeader = authHeader
-
-        let signedMessage = AppSyncMessage(
-            id: message.id,
-            payload: payload,
-            type: message.messageType
-        )
-        return signedMessage
-    }
-
-    func interceptConnection(
+    private func signedRequest(
         _ request: AppSyncConnectionRequest,
-        for endpoint: URL
+        for endpoint: URL,
+        host: String,
+        tokenResult: Result<String, Error>
     ) -> AppSyncConnectionRequest {
-        let host = endpoint.host!
-        guard let authToken = getAuthToken() else {
+        guard let authToken = try? tokenResult.get() else {
             log.warn("Missing authentication token for subscription request")
             return request
         }
@@ -71,9 +86,54 @@ class AuthenticationTokenAuthInterceptor: AuthInterceptor {
         return signedRequest
     }
 
-    private func getAuthToken() -> AmplifyAuthTokenProvider.AuthToken? {
-        try? authTokenProvider.getLatestAuthToken().get()
+    private func signedMessage(
+        _ message: AppSyncMessage,
+        host: String,
+        tokenResult: Result<String, Error>) -> AppSyncMessage {
+
+            guard let authToken = try? tokenResult.get() else {
+                log.warn("Missing authentication token for subscription")
+                return message
+            }
+
+            let authHeader = TokenAuthHeader(token: authToken, host: host)
+            var payload = message.payload ?? AppSyncMessage.Payload()
+            payload.authHeader = authHeader
+
+            let signedMessage = AppSyncMessage(
+                id: message.id,
+                payload: payload,
+                type: message.messageType
+            )
+            return signedMessage
+        }
+
+    func interceptMessage(_ message: AppSyncMessage, for endpoint: URL) -> AppSyncMessage {
+        let host = endpoint.host!
+
+        guard case .subscribe = message.messageType else {
+            return message
+        }
+        let signedMessage = self.signedMessage(
+            message,
+            host: host,
+            tokenResult: authTokenProvider.getLatestAuthToken())
+        return signedMessage
+    }
+
+    func interceptConnection(
+        _ request: AppSyncConnectionRequest,
+        for endpoint: URL
+    ) -> AppSyncConnectionRequest {
+        let host = endpoint.host!
+        let signedRequest = signedRequest(
+            request,
+            for: endpoint,
+            host: host,
+            tokenResult: authTokenProvider.getLatestAuthToken())
+        return signedRequest
     }
+
 }
 
 // MARK: AuthorizationTokenAuthInterceptor + DefaultLogger
diff --git a/AmplifyPlugins/API/AWSAPICategoryPlugin/Interceptor/SubscriptionInterceptor/OIDCAuthProviderWrapper.swift b/AmplifyPlugins/API/AWSAPICategoryPlugin/Interceptor/SubscriptionInterceptor/OIDCAuthProviderWrapper.swift
@@ -20,4 +20,8 @@ class OIDCAuthProviderWrapper: OIDCAuthProvider {
     func getLatestAuthToken() -> Result<String, Error> {
         return authTokenProvider.getLatestAuthToken()
     }
+
+    func getLatestAuthToken(completion: @escaping (Result<String, Error>) -> Void ) {
+        authTokenProvider.getLatestAuthToken(completion: completion)
+    }
 }
diff --git a/AmplifyPlugins/API/AWSAPICategoryPluginTests/Configuration/AWSAPICategoryPluginConfigurationTests.swift b/AmplifyPlugins/API/AWSAPICategoryPluginTests/Configuration/AWSAPICategoryPluginConfigurationTests.swift
@@ -126,6 +126,10 @@ class AWSAPICategoryPluginConfigurationTests: XCTestCase {
         func getToken() -> Result<String, AuthError> {
             .success("token")
         }
+
+        func getToken(completion: @escaping (Result<String, AuthError>) -> Void) {
+            completion(.success("token"))
+        }
     }
 
 }
diff --git a/AmplifyPlugins/API/AWSAPICategoryPluginTests/Interceptor/AuthTokenURLRequestInterceptorTests.swift b/AmplifyPlugins/API/AWSAPICategoryPluginTests/Interceptor/AuthTokenURLRequestInterceptorTests.swift
@@ -37,5 +37,9 @@ extension AuthTokenURLRequestInterceptorTests {
         func getToken() -> Result<String, AuthError> {
             .success(authorizationToken)
         }
+
+        func getToken(completion: @escaping (Result<String, AuthError>) -> Void) {
+            completion(.success(authorizationToken))
+        }
     }
 }
diff --git a/AmplifyPlugins/API/Podfile b/AmplifyPlugins/API/Podfile
@@ -8,7 +8,7 @@ include_build_tools!
 target 'AWSAPICategoryPlugin' do
 	pod 'Amplify', :path => '../../'
   pod 'AWSPluginsCore', :path => '../../'
-  pod "AppSyncRealTimeClient", "~> 3.0"
+  pod "AppSyncRealTimeClient", "~> 3.1"
 
   target "AWSAPICategoryPluginTests" do
     inherit! :complete
diff --git a/AmplifyPlugins/API/Podfile.lock b/AmplifyPlugins/API/Podfile.lock
@@ -54,7 +54,7 @@ DEPENDENCIES:
   - Amplify (from `../../`)
   - AmplifyPlugins/AWSCognitoAuthPlugin (from `../../`)
   - AmplifyTestCommon (from `../../`)
-  - AppSyncRealTimeClient (~> 3.0)
+  - AppSyncRealTimeClient (~> 3.1)
   - AWSPluginsCore (from `../../`)
   - CwlCatchException (= 2.1.1)
   - CwlPreconditionTesting (from `https://github.com/mattgallagher/CwlPreconditionTesting.git`, tag `2.1.0`)
@@ -115,6 +115,6 @@ SPEC CHECKSUMS:
   SwiftFormat: 3b5caa6389b2b9adbc00e133b3ccc8c6e687a6a4
   SwiftLint: 32ee33ded0636d0905ef6911b2b67bbaeeedafa5
 
-PODFILE CHECKSUM: 5170578806036f2ba018abb8868d56e448fb0ada
+PODFILE CHECKSUM: f542a7a3bf7a7e882e6ea4799c9722d5b6495208
 
-COCOAPODS: 1.11.3
+COCOAPODS: 1.12.0
diff --git a/AmplifyPlugins/Core/AWSPluginsCore/Auth/Provider/AuthTokenProvider.swift b/AmplifyPlugins/Core/AWSPluginsCore/Auth/Provider/AuthTokenProvider.swift
@@ -9,7 +9,18 @@ import Foundation
 import Amplify
 
 public protocol AuthTokenProvider {
+
     func getToken() -> Result<String, AuthError>
+
+    func getToken(completion: @escaping (Result<String, AuthError>) -> Void)
+}
+
+public extension AuthTokenProvider {
+
+    func getToken(completion: @escaping (Result<String, AuthError>) -> Void) {
+        let result = getToken()
+        completion(result)
+    }
 }
 
 public struct BasicUserPoolTokenProvider: AuthTokenProvider {
@@ -23,4 +34,8 @@ public struct BasicUserPoolTokenProvider: AuthTokenProvider {
     public func getToken() -> Result<String, AuthError> {
         return authService.getToken()
     }
+
+    public func getToken(completion: @escaping (Result<String, AuthError>) -> Void) {
+        authService.getUserPoolAccessToken(completion: completion)
+    }
 }
diff --git a/AmplifyPlugins/DataStore/Podfile.lock b/AmplifyPlugins/DataStore/Podfile.lock
@@ -106,9 +106,15 @@ CHECKOUT OPTIONS:
     :tag: 2.1.0
 
 SPEC CHECKSUMS:
+<<<<<<< HEAD
   Amplify: e5b6bd8f5229d43abe147bc7390d7dce3007acea
   AmplifyPlugins: da16305d9b3b76d20c10517c815082eed0589a8e
   AmplifyTestCommon: 95c7c6c3849f7de46458754afbaf62f1d5158128
+=======
+  Amplify: 955400b4b5f29832357f682e15c659d049028306
+  AmplifyPlugins: a82d1c5ddb2b5a8fcd23dd447f84b04f93dc00c2
+  AmplifyTestCommon: 9b452352797cd82faa67e296669bb94bd531a5eb
+>>>>>>> 6d33bd24f (feat(api): Add async protocol implementation for token request interceptors (#2870))
   AppSyncRealTimeClient: 49901c6f21e541bec09281854c5695a6c1309bf7
   AWSAuthCore: 42e2d4927d94e5e323b63b2ae885f287c51b5889
   AWSCognitoIdentityProvider: 2331f5f4c8c1775c6a228bb2dae2d353198401e8
diff --git a/Package.swift b/Package.swift
@@ -35,7 +35,7 @@ let package = Package(
     ],
     dependencies: [
         .package(name: "AWSiOSSDKV2", url: "https://github.com/aws-amplify/aws-sdk-ios-spm.git", .upToNextMinor(from: "2.30.1")),
-        .package(name: "AppSyncRealTimeClient", url: "https://github.com/aws-amplify/aws-appsync-realtime-client-ios.git", from: "3.0.0"),
+        .package(name: "AppSyncRealTimeClient", url: "https://github.com/aws-amplify/aws-appsync-realtime-client-ios.git", from: "3.1.0"),
         .package(url: "https://github.com/stephencelis/SQLite.swift.git", .exact("0.13.2"))
     ],
     targets: [

Original file line number	Diff line number	Diff line change
`@@ -29,4 +29,19 @@ class AuthTokenProviderWrapper: AuthTokenProvider {`
`29`	`29`	`}`
`30`	`30`	`}`
`31`	`31`
	`32`	`+ func getToken(completion: @escaping (Result<String, AuthError>) -> Void) {`
	`33`	`+ wrappedAuthTokenProvider.getLatestAuthToken { result in`
	`34`	`+ switch result {`
	`35`	`+ case .success(let token):`
	`36`	`+ completion(.success(token))`
	`37`	`+ return`
	`38`	`+ case .failure(let error):`
	`39`	`+ completion(.failure(AuthError.service("Unable to get latest auth token",`
	`40`	`+ "",`
	`41`	`+ error)))`
	`42`	`+ return`
	`43`	`+ }`
	`44`	`+ }`
	`45`	`+ }`
	`46`	`+`
`32`	`47`	`}`
Original file line number	Diff line number	Diff line change
`@@ -20,4 +20,8 @@ class OIDCAuthProviderWrapper: OIDCAuthProvider {`
`20`	`20`	`func getLatestAuthToken() -> Result<String, Error> {`
`21`	`21`	`return authTokenProvider.getLatestAuthToken()`
`22`	`22`	`}`
	`23`	`+`
	`24`	`+ func getLatestAuthToken(completion: @escaping (Result<String, Error>) -> Void ) {`
	`25`	`+ authTokenProvider.getLatestAuthToken(completion: completion)`
	`26`	`+ }`
`23`	`27`	`}`
Original file line number	Diff line number	Diff line change
`@@ -126,6 +126,10 @@ class AWSAPICategoryPluginConfigurationTests: XCTestCase {`
`126`	`126`	`func getToken() -> Result<String, AuthError> {`
`127`	`127`	`.success("token")`
`128`	`128`	`}`
	`129`	`+`
	`130`	`+ func getToken(completion: @escaping (Result<String, AuthError>) -> Void) {`
	`131`	`+ completion(.success("token"))`
	`132`	`+ }`
`129`	`133`	`}`
`130`	`134`
`131`	`135`	`}`
Original file line number	Diff line number	Diff line change
`@@ -37,5 +37,9 @@ extension AuthTokenURLRequestInterceptorTests {`
`37`	`37`	`func getToken() -> Result<String, AuthError> {`
`38`	`38`	`.success(authorizationToken)`
`39`	`39`	`}`
	`40`	`+`
	`41`	`+ func getToken(completion: @escaping (Result<String, AuthError>) -> Void) {`
	`42`	`+ completion(.success(authorizationToken))`
	`43`	`+ }`
`40`	`44`	`}`
`41`	`45`	`}`