-
Notifications
You must be signed in to change notification settings - Fork 88
feat: Add Cognito Credentials provider #2001
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
Conversation
3e431d7
to
cd975ee
Compare
cd975ee
to
fb32eba
Compare
// SPDX-License-Identifier: Apache-2.0 | ||
// | ||
|
||
// Code generated by smithy-swift-codegen. DO NOT EDIT! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code generated based off service client, no need to review
// SPDX-License-Identifier: Apache-2.0 | ||
// | ||
|
||
// Code generated by smithy-swift-codegen. DO NOT EDIT! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code generated based off service client, no need to review
// SPDX-License-Identifier: Apache-2.0 | ||
// | ||
|
||
// Code generated by smithy-swift-codegen. DO NOT EDIT! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code generated based off service client, no need to review
// SPDX-License-Identifier: Apache-2.0 | ||
// | ||
|
||
// Code generated by smithy-swift-codegen. DO NOT EDIT! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code generated based off service client, no need to review
// SPDX-License-Identifier: Apache-2.0 | ||
// | ||
|
||
// Code generated by smithy-swift-codegen. DO NOT EDIT! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code generated based off service client, no need to review
@@ -0,0 +1,16 @@ | |||
[ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
generated
@@ -94,7 +94,7 @@ private func integrationTestTarget(_ name: String) -> Target { | |||
case "AWSSTS": | |||
additionalDependencies = ["AWSIAM", "AWSCognitoIdentity"] | |||
case "AWSCognitoIdentity": | |||
additionalDependencies = ["AWSSTS"] | |||
additionalDependencies = ["AWSSTS", "AWSIAM"] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In the integration test I am using AWSIAM to make a call to getCallerIdentity using the cognito provider
import struct Foundation.Date | ||
@_spi(FileBasedConfig) import AWSSDKCommon | ||
|
||
protocol CognitoIdentityClientProtocol: Sendable { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This protocol is here only for testing purposes. It allows the test cases to utilize a mock CognitoIdentityClient and have it get used by the credentials provider
} | ||
|
||
// testing-only initializer | ||
internal init( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Internal init allows tests to pass in a mock via cognitoClient
which conforms to protocol CognitoIdentityClientProtocol
. Note that we are not applying this protocol to the actual service client for now which would enable users to pass in preconfigured instances of the client. Per discussions offline we don't see a need or want in the Swift SDK to allow that behavior.
|
||
import InternalAWSCognitoIdentity | ||
|
||
protocol CognitoIdentityClientProtocol: Sendable { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This protocol is here only for testing purposes. It allows the test cases to utilize a mock CognitoIdentityClient and have it get used by the credentials provider
Issue #
SWIFT-3751, #1082
Description of changes
Added a new
CognitoAWSCredentialIdentityResolver
to enable credential resolution via Amazon Cognito Identity Pools.Generated and integrated the internal
AWSCognitoIdentity
client and its dependencies.Updated
Package.swift
, CLI manifest builder, and related resources to include the new internal Cognito client and its dependencies.Added integration tests (
CognitoAWSCredentialIdentityResolverTests
) to verify end-to-end credential resolution using Cognito and STS.Added unit tests for the new resolver.
Updated codegen and internal model integration to support Cognito Identity operations and dependencies.
New/existing dependencies impact assessment, if applicable
Added
InternalAWSCognitoIdentity
as an internal target with dependencies on existing AWS SDK and Smithy modules.All new dependencies are internal and consistent with the existing dependency structure.
Conventional Commits
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.