-
Notifications
You must be signed in to change notification settings - Fork 198
/
AmplifyAWSCredentialsProvider.swift
70 lines (62 loc) · 2.53 KB
/
AmplifyAWSCredentialsProvider.swift
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
//
// Copyright Amazon.com Inc. or its affiliates.
// All Rights Reserved.
//
// SPDX-License-Identifier: Apache-2.0
//
import Amplify
import AwsCommonRuntimeKit
import AWSPluginsCore
import Foundation
import Smithy
import SmithyIdentity
public class AmplifyAWSCredentialsProvider: AwsCommonRuntimeKit.CredentialsProviding {
public func getCredentials() async throws -> AwsCommonRuntimeKit.Credentials {
let authSession = try await Amplify.Auth.fetchAuthSession()
if let awsCredentialsProvider = authSession as? AuthAWSCredentialsProvider {
let credentials = try awsCredentialsProvider.getAWSCredentials().get()
return try credentials.toAWSSDKCredentials()
} else {
let error = AuthError.unknown("Auth session does not include AWS credentials information")
throw error
}
}
}
extension AmplifyAWSCredentialsProvider: AWSCredentialIdentityResolver {
public func getIdentity(identityProperties: Smithy.Attributes? = nil) async throws -> AWSCredentialIdentity {
let authSession = try await Amplify.Auth.fetchAuthSession()
if let awsCredentialsProvider = authSession as? AuthAWSCredentialsProvider {
let credentials = try awsCredentialsProvider.getAWSCredentials().get()
return try credentials.toAWSCredentialIdentity()
} else {
let error = AuthError.unknown("Auth session does not include AWS credentials information")
throw error
}
}
}
extension AWSPluginsCore.AWSCredentials {
func toAWSSDKCredentials() throws -> AwsCommonRuntimeKit.Credentials {
if let tempCredentials = self as? AWSTemporaryCredentials {
return try AwsCommonRuntimeKit.Credentials(
accessKey: tempCredentials.accessKeyId,
secret: tempCredentials.secretAccessKey,
sessionToken: tempCredentials.sessionToken,
expiration: tempCredentials.expiration
)
} else {
return try AwsCommonRuntimeKit.Credentials(
accessKey: accessKeyId,
secret: secretAccessKey,
expiration: nil
)
}
}
func toAWSCredentialIdentity() throws -> SmithyIdentity.AWSCredentialIdentity {
return SmithyIdentity.AWSCredentialIdentity(
accessKey: accessKeyId,
secret: secretAccessKey,
expiration: (self as? AWSTemporaryCredentials)?.expiration,
sessionToken: (self as? AWSTemporaryCredentials)?.sessionToken
)
}
}