feat(datastore): StartSync with Auth

[lawmicha]

Issue #, if available:

Description of changes:
This adds support for auth enabled models.

• dependency on Amplify.Auth's cognito auth plugin, ie. "awsCognitoAuthPlugin"
• moved StorageEngine's startSync to tryStartSync that does much more: checks if auth is required, check if signed in, if not then wait for sign in. if signed in, start waiting for signed out
• on sign-in, it will remoteSyncEngine.start()
• on sign-out, it will clear(). Added new clearCompleted event for tests to listen on
• pass the auth plugin down to the actual creation of the subscriptions, if auth exists, it will retrieve necessary identityClaim (initial support for this defaults to username at the moment, could be sub, or something else) to pass as ownerId to the subscription APIs

Misc updates

• change AuthError.service check to AuthError.signedOut check, to match @royjit 's expected response for unauthenticated users when processing errors in ProcessMutationErrorFromCloudOperation

Acceptance tests

1. testUnauthenticatedSavesToLocalStoreIsReconciledWithCloudStoreAfterAuthentication
2. testOwnerCreatedDataCanBeReadByOtherUsersForReadableModel

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[drochetti]

I think we could be more informative here. Since the sync engine could not start for different reasons it would be cool if we provided a more detailed message of the actual reason it didn't start (and maybe use log.warn?)

[lawmicha]

i consolidated this logic and the logic from RemoteSyncEngine over to StorageEngine and added more logging. I have some warn and some error as well now. the initial check (in the new code) checks for APIPlugin and that is an info because this is to account for developers using local store first without API. all other logging are warn afterwards where there is API but something else is unexpected

[drochetti]

what will this print? We could have a more informative message here, so it's easier to search in the logs

[lawmicha]

i believe checkIfAuthenticationRequired(). added more to all

log.debug("\(#function) <message>")

[wooj2]

I'm curious as to what isAuthEnabled refers to. Is it simply to say that the models use an @auth directive? If so, then using "Enabled" might be misleading. Perhaps a better name would be isAuth?

[drochetti]

Interesting feedback, maybe hasAuth?

[lawmicha]

i was thinking it means these "models are enabled with auth rules for finer grain control", which means that they require auth, or an authenticated signed request when syncing to the cloud. By having auth directive on the model, they can control how the service checks for access, whether that is checking the token or signed request.

from the two isAuth and hasAuth, i think isAuth makes me think of "the model is authenticated" which doesn't make a lot of sense, maybe "hasAuth" is "hasAuthentication" or "hasAuthenticationRules" which is closer to the check !authRules.isEmpty

[drochetti]

hasAuthenticationRules lgtm, I in favor of verbosity to communicate clear intent

[wooj2]

Feels like this could be combined:

let requireAuthPlugin = requireAuthPlugin()
return !requireAuthPlugin || (requireAuthPlugin && hasValidAuthPlugin())

[lawmicha]

nice, thanks! i ended up adding a bunch of guard statements to expand the checks and add logging in between

[wooj2]

Seems like we've adopted a strategy where we handle listening to auth state within the sync engine. Did we consider another approach like listening to auth state in StorageEngine and determine whether or not we should start/stop the sync engine from there?

[lawmicha]

Been chatting with @elorzafe regarding the auth strategy and we agree that DataStore should listen to auth state changes in general

JS current requires the developers to listen to auth state changes themselves:
@elorzafe, please correct me if i'm wrong here:
If sign-in event: no public facing API to start the sync engine, but can call DataStore.clear() which re-iniitializes the syncEngine as a secondary behavior
if sign out event: call DataStore.clear() to clear local data

JS DataStore
JS customers have to make a call to DataStore APIs like DataStore.query(). this wll try to

• start to start the sync engine (fail if not authenticated, fall back to IAM credentials for sigv4 signing, different architecture from iOS intercategory plugin communication - IOS cannot fall back to IAM, but utimately there is an eventual fail case).
• assuming this is async, the data returned to the customer may not be up to date since sync engine's reconcilation path may not have caught up.

The most efficient time to start the sync engine is by listening to auth sign in event. if all customers which use auth enabled models require the user to be signed in before making API calls (subscriptions and sync query) then DataStore should hold this listening logic. it should be waiting for Auth events like sign-in and sign-out.

where to put auth state listener
The different places this auth state check can live:

1. At the very top level, DataStorePlugin will wait for DataStore configure event, check for API plugin before starting the sync engine. then check if there are required API and optionally Auth plugin. this can be expanded to add the auth state change listener here
2. As you mentioned, in the StorageEngine, this looks like a possible candidate and be a good place when we address the auth state listener for sign-out because the clear() API is there. (we may then refactor the auth state lisnter code for sign-in event to the same place)
3. where it is currently in syncEngine: this allows the sync engine to do some of the non-auth related house keeping work that can be done without the API calls (subscription and sync query). leaving the wait for auth state change in the most optimal spot. and SyncEngine already exists a state machine like schedulingRestart and errored which will allow us to easily add "expoential retry if user is not signed in, then give up and listen for auth state change"

[lawmicha]

• refactored code to put it in StorageEngine
• also added the signOut listener

[lawmicha]

removed auth listener code (removed sign in/sign out listener code) for less impactful change

[wooj2]

Seems like we should open an issue around this (which contains the impact for not doing this work), and then update the comment with a link to the issue.

[lawmicha]

good idea, adding issue #485, impact, and linked in comment

[wooj2]

We seem to use a mix of XCTFail and fatalError throughout this file. Is there any reason for using one over the other? If not, i think it makes sense to just use XCTFail

[lawmicha]

the reason for fatalError is because when using XCTFail, the guard statement still requires a return. although the return will not be used because the test will fail on XCTFail first, it's confusing to have to code a return statement that returns something

[lawmicha]

i've updated to XCTFail because in these cases, the return type is just String or Bool which makes it easy to return "" and false

[wooj2]

Are you saying to change the file name from amplifyconfiguration.json to AWSDataStoreCategoryPluginAuthIntegrationTests-amplifyconfiguration.json ?

[lawmicha]

yes, currently they're added to the HostApp's bundle. If we have multiple integration test targets, we need to prefix the configuration so each target reads their own configuration file

[wooj2]

I see, we can word this to:
Copy amplifyconfiguration.json to a new file named AWSDataStoreCategoryPluginAuthIntegrationTests-amplifyconfiguration.json

[wooj2]

is there any reason for this... because we are calling tearDown() which has signOut and reset?

[lawmicha]

this was to prevent previous test executions failures so tearDown isn't called, or tearDown() is called but failed for some reason. i think this is applicable for a single test run as well since one test method may fail while the next one continues

[wooj2]

hmmm.. if teardown isnt' being called on a single test run, then should we just add signout to each one of the integration tests?

[lawmicha]

teardown should be called on a single test method run. i was referring to more of a scenario where test is stopped, say i manually terminate it by pressing Stop, then tearDown is never run