Skip to content

Commit

Permalink
feat(api): Pass authorization in header instead of query parameter fo…
Browse files Browse the repository at this point in the history
…r API category (#2918)
  • Loading branch information
mattcreaser authored Sep 24, 2024
1 parent 2485058 commit 5cbc21b
Show file tree
Hide file tree
Showing 2 changed files with 38 additions and 14 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -16,14 +16,14 @@
package com.amplifyframework.api.aws;

import android.net.Uri;
import android.util.Base64;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.core.util.ObjectsCompat;

import com.amplifyframework.AmplifyException;
import com.amplifyframework.api.ApiException;
import com.amplifyframework.api.ApiException.ApiAuthException;
import com.amplifyframework.api.aws.utils.JSONObjectExtensionsKt;
import com.amplifyframework.api.graphql.GraphQLRequest;
import com.amplifyframework.api.graphql.GraphQLResponse;
import com.amplifyframework.core.Action;
Expand Down Expand Up @@ -126,11 +126,13 @@ <T> void requestSubscription(
if (webSocketListener == null || webSocketListener.isDisconnectedState()) {
webSocketListener = new AmplifyWebSocketListener();
try {
webSocket = okHttpClient.newWebSocket(new Request.Builder()
.url(buildConnectionRequestUrl(authType))
.addHeader("Sec-WebSocket-Protocol", "graphql-ws")
.header("User-Agent", UserAgent.string())
.build(), webSocketListener);
Request.Builder builder = new Request.Builder()
.url(buildConnectionRequestUrl())
.addHeader("Sec-WebSocket-Protocol", "graphql-ws")
.header("User-Agent", UserAgent.string());
// Add all authorization headers
getConnectionAuthorizationHeaders(authType).forEach(builder::header);
webSocket = okHttpClient.newWebSocket(builder.build(), webSocketListener);
} catch (ApiException apiException) {
onSubscriptionError.accept(apiException);
return;
Expand Down Expand Up @@ -303,17 +305,17 @@ void releaseSubscription(String subscriptionId) throws ApiException {
}
}

private Map<String, String> getConnectionAuthorizationHeaders(AuthorizationType authType) throws ApiException {
JSONObject headers = authorizer.createHeadersForConnection(authType);
return JSONObjectExtensionsKt.toStringMap(headers);
}

/*
* Discover WebSocket endpoint from the AppSync endpoint.
* AppSync endpoint : https://xxxxxxxxxxxx.appsync-api.ap-southeast-2.amazonaws.com/graphql
* Discovered WebSocket endpoint : wss:// xxxxxxxxxxxx.appsync-realtime-api.ap-southeast-2.amazonaws.com/graphql
*/
private String buildConnectionRequestUrl(AuthorizationType authType) throws ApiException {
// Construct the authorization header for connection request
final byte[] rawHeader = authorizer.createHeadersForConnection(authType)
.toString()
.getBytes();

private String buildConnectionRequestUrl() throws ApiException {
URL appSyncEndpoint = null;
try {
appSyncEndpoint = new URL(apiConfiguration.getEndpoint());
Expand Down Expand Up @@ -343,8 +345,6 @@ private String buildConnectionRequestUrl(AuthorizationType authType) throws ApiE
.scheme("wss")
.authority(authority)
.path(path)
.appendQueryParameter("header", Base64.encodeToString(rawHeader, Base64.DEFAULT))
.appendQueryParameter("payload", "e30=")
.build()
.toString();
}
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
/*
* Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/

package com.amplifyframework.api.aws.utils

import org.json.JSONObject

internal fun JSONObject.toStringMap(): Map<String, String> {
val map = mutableMapOf<String, String>()
this.keys().forEach { key -> map[key] = this.getString(key) }
return map
}

0 comments on commit 5cbc21b

Please sign in to comment.