search

awslabs / aws-mobile-appsync-sdk-android

Android SDK for AWS AppSync.
https://docs.amplify.aws/sdk/api/graphql/q/platform/android/
Apache License 2.0
105 stars 58 forks source link

feat: add support for AWS_LAMBDA auth mode #358

Closed richardmcclellan closed 3 years ago

richardmcclellan commented 3 years ago

Today, AppSync supports four authorization types - API_KEY, AWS_IAM, OPENID_CONNECT, and AMAZON_COGNITO_USER_POOLS. This PR adds support for a 5th type: AWS_LAMBDA. Customers will be able to create their own AWS Lambda function, which will determine whether to authorize each request based on an authorization token that the customer provides to Amplify.

The developer experience is very similar to OPENID_CONNECT. Today, customers can provide their own OIDC token to Amplify by implementing an OIDCTokenProvider, and providing it to the AWSApiPlugin like this:

mAWSAppSyncClient = AWSAppSyncClient.builder()
    .context(getApplicationContext())
    .awsConfiguration(new AWSConfiguration(getApplicationContext()))
   .oidcAuthProvider(() -> "MyOidcAuthToken")
    .build();

For AWS Lambda custom auth, developers can provide their own token by implementing a CustomAuthProvider like this:

mAWSAppSyncClient = AWSAppSyncClient.builder()
    .context(getApplicationContext())
    .awsConfiguration(new AWSConfiguration(getApplicationContext()))
    .awsLambdaAuthProvider(() -> "MyAwsLambdaAuthToken")
    .build();

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.