Skip to content

Commit

Permalink
The AWS Mobile SDK for iOS 2.0.16.
Browse files Browse the repository at this point in the history
  • Loading branch information
Yosuke Matsuda committed Feb 10, 2015
1 parent 65b5647 commit ec2c66d
Show file tree
Hide file tree
Showing 41 changed files with 2,028 additions and 781 deletions.
70 changes: 31 additions & 39 deletions AWSCore/Authentication/AWSCredentialsProvider.m
View file
Original file line number Diff line number Diff line change
Expand Up @@ -139,7 +139,6 @@ - (BFTask *)refresh {
self.secretKey = wifResponse.credentials.secretAccessKey;
self.sessionKey = wifResponse.credentials.sessionToken;
self.expiration = wifResponse.credentials.expiration;
[self.keychain synchronize];
}
} else {
// reset the values for the credentials
Expand All @@ -148,7 +147,6 @@ - (BFTask *)refresh {
self.secretKey = nil;
self.sessionKey = nil;
self.expiration = nil;
[self.keychain synchronize];
}
}

Expand Down Expand Up @@ -320,7 +318,7 @@ + (instancetype)credentialsWithRegionType:(AWSRegionType)regionType

+ (instancetype)credentialsWithRegionType:(AWSRegionType)regionType
identityPoolId:(NSString *)identityPoolId {

return [AWSCognitoCredentialsProvider credentialsWithRegionType:regionType
identityId:nil
identityPoolId:identityPoolId
Expand All @@ -331,35 +329,35 @@ + (instancetype)credentialsWithRegionType:(AWSRegionType)regionType
identityId:(NSString *)identityId
identityPoolId:(NSString *)identityPoolId
logins:(NSDictionary *)logins {

AWSCognitoCredentialsProvider *credentials = [[AWSCognitoCredentialsProvider alloc] initWithRegionType:regionType
identityId:identityId
identityPoolId:identityPoolId
logins:logins];
return credentials;

}


- (instancetype)initWithRegionType:(AWSRegionType)regionType
identityId:(NSString *)identityId
identityPoolId:(NSString *)identityPoolId
logins:(NSDictionary *)logins {

AWSEnhancedCognitoIdentityProvider *identityProvider = [[AWSEnhancedCognitoIdentityProvider alloc]
initWithRegionType:regionType
identityId:identityId
identityPoolId:identityPoolId
logins:logins];
initWithRegionType:regionType
identityId:identityId
identityPoolId:identityPoolId
logins:logins];


AWSCognitoCredentialsProvider *credentials = [[AWSCognitoCredentialsProvider alloc] initWithRegionType:regionType
identityProvider:identityProvider
unauthRoleArn:nil
authRoleArn:nil];

credentials.useEnhancedFlow = YES;

return credentials;
}

Expand Down Expand Up @@ -407,7 +405,6 @@ - (instancetype)initWithRegionType:(AWSRegionType)regionType
// If the identity provider has an identity id, use it
if (identityProvider.identityId) {
_keychain[AWSCredentialsProviderKeychainIdentityId] = identityProvider.identityId;
[_keychain synchronize];
}
// Otherwise push whatever is in the keychain down to the identity provider
else {
Expand All @@ -418,9 +415,9 @@ - (instancetype)initWithRegionType:(AWSRegionType)regionType
AWSServiceConfiguration *configuration = [AWSServiceConfiguration configurationWithRegion:regionType
credentialsProvider:credentialsProvider];

_sts = [[AWSSTS new] initWithConfiguration:configuration];
_sts = [[AWSSTS alloc] initWithConfiguration:configuration];
_cib = [[AWSCognitoIdentity new] initWithConfiguration:configuration];

// Use the new flow if we explictly created an ehancedProvider
// or if the roles are both nil (developer authenticated identities flow)
_useEnhancedFlow = [identityProvider isKindOfClass:[AWSEnhancedCognitoIdentityProvider class]] || ((unauthRoleArn == nil) && (authRoleArn == nil));
Expand All @@ -434,14 +431,14 @@ - (BFTask *)getCredentialsWithSTS:(NSString *)token authenticated:(BOOL)auth {
if (auth) {
roleArn = self.authRoleArn;
}

if (roleArn == nil) {
return [BFTask taskWithError:[NSError errorWithDomain:AWSCognitoCredentialsProviderErrorDomain
code:AWSCognitoCredentialsProviderInvalidConfiguration
userInfo:@{NSLocalizedDescriptionKey: @"Required role ARN is nil"}]
];
}

AWSSTSAssumeRoleWithWebIdentityRequest *webIdentityRequest = [AWSSTSAssumeRoleWithWebIdentityRequest new];
webIdentityRequest.roleArn = roleArn;
webIdentityRequest.webIdentityToken = token;
Expand All @@ -454,21 +451,20 @@ - (BFTask *)getCredentialsWithSTS:(NSString *)token authenticated:(BOOL)auth {
self.secretKey = webIdentityResponse.credentials.secretAccessKey;
self.sessionKey = webIdentityResponse.credentials.sessionToken;
self.expiration = webIdentityResponse.credentials.expiration;
[self.keychain synchronize];
}
} else {
// reset the values for the credentials
[self clearCredentials];
}

return task;
}];
}

- (BFTask *)getCredentialsWithCognito:(NSString *)token authenticated:(BOOL)auth {
// Grab a reference to our provider in case it changes out from under us
id<AWSCognitoIdentityProvider> providerRef = self.identityProvider;

AWSCognitoIdentityGetCredentialsForIdentityInput *getCredentialsInput = [AWSCognitoIdentityGetCredentialsForIdentityInput new];
getCredentialsInput.identityId = self.identityId;
if (token) {
Expand All @@ -477,26 +473,26 @@ - (BFTask *)getCredentialsWithCognito:(NSString *)token authenticated:(BOOL)auth
else {
getCredentialsInput.logins = self.logins;
}


return [[[self.cib getCredentialsForIdentity:getCredentialsInput] continueWithBlock:^id(BFTask *task) {
// When an invalid identityId is cached in the keychain for auth,
// we will refresh the identityId and try to get credentials token again.
if (task.error) {
AWSLogError(@"GetCredentialsForIdentity failed. Error is [%@]", task.error);

// If it's auth or we caught a not found or validation error
// we want to reset the identity id, otherwise, just return
// the error to our caller
if (!(auth || [AWSCognitoCredentialsProvider shouldResetIdentityId:task.error])) {
return task;
}

AWSLogVerbose(@"Resetting identity Id and calling getIdentityId");
// if it's auth, reset id and refetch
self.identityId = nil;
providerRef.identityId = nil;

return [[providerRef getIdentityId] continueWithSuccessBlock:^id(BFTask *task) {
// This should never happen, but just in case
if (!providerRef.identityId) {
Expand All @@ -508,14 +504,14 @@ - (BFTask *)getCredentialsWithCognito:(NSString *)token authenticated:(BOOL)auth
];
}
self.identityId = providerRef.identityId;

AWSLogVerbose(@"Retrying GetCredentialsForIdentity");

// retry get credentials
AWSCognitoIdentityGetCredentialsForIdentityInput *getCredentialsRetry = [AWSCognitoIdentityGetCredentialsForIdentityInput new];
getCredentialsRetry.identityId = self.identityId;
getCredentialsRetry.logins = self.logins;

return [self.cib getCredentialsForIdentity:getCredentialsRetry];
}];
}
Expand All @@ -529,10 +525,9 @@ - (BFTask *)getCredentialsWithCognito:(NSString *)token authenticated:(BOOL)auth
self.secretKey = getCredentialsResponse.credentials.secretKey;
self.sessionKey = getCredentialsResponse.credentials.sessionToken;
self.expiration = getCredentialsResponse.credentials.expiration;
[self.keychain synchronize];


NSString *identityIdFromResponse = getCredentialsResponse.identityId;

// This should never happen, but just in case
if (!identityIdFromResponse) {
AWSLogError(@"identityId from getCredentialsForIdentity is nil");
Expand All @@ -541,12 +536,12 @@ - (BFTask *)getCredentialsWithCognito:(NSString *)token authenticated:(BOOL)auth
userInfo:@{NSLocalizedDescriptionKey: @"identityId shouldn't be nil"}]
];
}

if (![self.identityId isEqualToString:identityIdFromResponse]) {
self.identityId = identityIdFromResponse;
providerRef.identityId = identityIdFromResponse;
}

return [BFTask taskWithResult:self.identityId];
}];
}
Expand All @@ -569,8 +564,7 @@ - (BFTask *)refresh {
}

self.identityId = providerRef.identityId;
[self.keychain synchronize];


if (self.useEnhancedFlow) {
return [self getCredentialsWithCognito:providerRef.token authenticated:[providerRef isAuthenticated]];
}
Expand Down Expand Up @@ -612,7 +606,6 @@ - (BFTask *)getIdentityId {
];
}
self.identityId = providerRef.identityId;
[self.keychain synchronize];
return task;
}];
}
Expand All @@ -631,7 +624,6 @@ - (void)clearCredentials {
self.secretKey = nil;
self.sessionKey = nil;
self.expiration = nil;
[self.keychain synchronize];
}
}

Expand Down
5 changes: 3 additions & 2 deletions AWSCore/CognitoIdentity/AWSCognitoIdentity.m
View file
Original file line number Diff line number Diff line change
Expand Up @@ -181,8 +181,9 @@ - (instancetype)initWithConfiguration:(AWSServiceConfiguration *)configuration {
if (self = [super init]) {
_configuration = [configuration copy];

_configuration.endpoint = [AWSEndpoint endpointWithRegion:_configuration.regionType
service:AWSServiceCognitoIdentityBroker];
_configuration.endpoint = [[AWSEndpoint alloc] initWithRegion:_configuration.regionType
service:AWSServiceCognitoIdentityBroker
useUnsafeURL:NO];

AWSSignatureV4Signer *signer = [AWSSignatureV4Signer signerWithCredentialsProvider:_configuration.credentialsProvider
endpoint:_configuration.endpoint];
Expand Down
12 changes: 10 additions & 2 deletions AWSCore/MobileAnalyticsERS/AWSMobileAnalyticsERS.m
View file
Original file line number Diff line number Diff line change
Expand Up @@ -219,12 +219,20 @@ + (instancetype)defaultMobileAnalyticsERS {
return _defaultAWSGameLabMobileAnalyticsERS;
}

- (instancetype)init {
@throw [NSException exceptionWithName:NSInternalInconsistencyException
reason:@"`- init` is not a valid initializer. Use `+ defaultMobileAnalyticsERS` or `- initWithConfiguration:` instead."
userInfo:nil];
return nil;
}

- (instancetype)initWithConfiguration:(AWSServiceConfiguration *)configuration {
if (self = [super init]) {
_configuration = configuration;

_configuration.endpoint = [AWSEndpoint endpointWithRegion:_configuration.regionType
service:AWSServiceMobileAnalytics];
_configuration.endpoint = [[AWSEndpoint alloc] initWithRegion:_configuration.regionType
service:AWSServiceMobileAnalytics
useUnsafeURL:NO];

AWSSignatureV4Signer *signer = [AWSSignatureV4Signer signerWithCredentialsProvider:_configuration.credentialsProvider
endpoint:_configuration.endpoint];
Expand Down
2 changes: 1 addition & 1 deletion AWSCore/Networking/AWSNetworking.m
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@
#import "AWSURLSessionManager.h"

NSString *const AWSNetworkingErrorDomain = @"com.amazonaws.AWSNetworkingErrorDomain";
NSString *const AWSiOSSDKVersion = @"2.0.15";
NSString *const AWSiOSSDKVersion = @"2.0.16";

#pragma mark - AWSHTTPMethod

Expand Down
12 changes: 10 additions & 2 deletions AWSCore/STS/AWSSTS.m
View file
Original file line number Diff line number Diff line change
Expand Up @@ -185,12 +185,20 @@ + (instancetype)defaultSTS {
return _defaultSTS;
}

- (instancetype)init {
@throw [NSException exceptionWithName:NSInternalInconsistencyException
reason:@"`- init` is not a valid initializer. Use `+ defaultSTS` or `- initWithConfiguration:` instead."
userInfo:nil];
return nil;
}

- (instancetype)initWithConfiguration:(AWSServiceConfiguration *)configuration {
if (self = [super init]) {
_configuration = [configuration copy];

_configuration.endpoint = [AWSEndpoint endpointWithRegion:_configuration.regionType
service:AWSServiceSTS];
_configuration.endpoint = [[AWSEndpoint alloc] initWithRegion:_configuration.regionType
service:AWSServiceSTS
useUnsafeURL:NO];

AWSSignatureV4Signer *signer = [AWSSignatureV4Signer signerWithCredentialsProvider:_configuration.credentialsProvider
endpoint:_configuration.endpoint];
Expand Down
22 changes: 3 additions & 19 deletions AWSCore/Service/AWSService.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,18 +74,6 @@

@end

#pragma mark - AWSRegion

@interface AWSRegion : NSObject

@property (nonatomic, readonly) NSSet *availableServices;

+ (instancetype)regionWithType:(AWSRegionType)regionType;

- (BOOL)isServiceAvailable:(AWSServiceType)serviceType;

@end

#pragma mark - AWSEndpoint

@interface AWSEndpoint : NSObject
Expand All @@ -98,12 +86,8 @@
@property (nonatomic, readonly) NSString *hostName;
@property (nonatomic, readonly) BOOL useUnsafeURL;

+ (instancetype)endpointWithRegion:(AWSRegionType)regionType
service:(AWSServiceType)serviceType;
+ (instancetype)endpointWithRegion:(AWSRegionType)regionType
service:(AWSServiceType)serviceType
useUnsafeURL:(BOOL)useUnsafeURL;

+ (instancetype)endpointWithURL:(NSURL *)url;
- (instancetype)initWithRegion:(AWSRegionType)regionType
service:(AWSServiceType)serviceType
useUnsafeURL:(BOOL)useUnsafeURL;

@end
Loading

0 comments on commit ec2c66d

Please sign in to comment.