Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cognito credential provider support #306

Open
wants to merge 17 commits into
base: secitem_bindings
Choose a base branch
from
Open

Cognito credential provider support #306

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
b3be803
add cognito credential provider support
xiazhvera Dec 23, 2024
70e4dd6
Merge branch 'secitem_bindings' of https://github.com/awslabs/aws-crt…
xiazhvera Dec 23, 2024
732e885
fix test name
xiazhvera Dec 23, 2024
af00a88
fix shutdown flag
xiazhvera Dec 23, 2024
3e17395
skip the test if env is not set
xiazhvera Dec 24, 2024
d4c6b07
swift lint format
xiazhvera Dec 24, 2024
cddd848
test with new env var
xiazhvera Dec 31, 2024
3ac6ec0
set use xcodebuild
xiazhvera Dec 31, 2024
5b3d2a5
remove cognito test
xiazhvera Dec 31, 2024
5eb25e9
waiting for shutdown credential provider
xiazhvera Dec 31, 2024
eb57164
add scope to make sure the provider released
xiazhvera Dec 31, 2024
d982864
setup ci for xcodebuild
xiazhvera Dec 31, 2024
3b3ded9
Merge branch 'iot_ci_env_var' of https://github.com/awslabs/aws-crt-s…
xiazhvera Dec 31, 2024
95487a4
[WIP]cognito test
xiazhvera Dec 31, 2024
59ac4e4
WIP remove test vars
xiazhvera Dec 31, 2024
4b84fcb
add cognito connecton test
xiazhvera Jan 6, 2025
1895e9a
fix spacing...
xiazhvera Jan 6, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions .builder/actions/crt-ci-prep-xcodebuild.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
import Builder

class CrtCiPrepXCodebuild(Builder.Action):
Copy link
Contributor

@waahm7 waahm7 Jan 2, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I haven't looked at the PR but can we avoid adding this action in crt-swift? We don't need to test the Cognito credential provider functionality in bindings; we can just create/destroy it for simple binding tests. The MQTT-specific tests should be in the IoT SDK.

This action makes it harder to run these tests locally. I think we will likely need this action for MQTT unit tests but we should try to avoid it if possible.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This script change is used to allow passing environment variables into xcodebuild tests. Regardless of the Cognito credential provider changes, we still need it for the unit tests that requires environment variables.

def run(self, env):
env.shell.setenv("TEST_RUNNER_AWS_TESTING_STS_ROLE_ARN", env.shell.get_secret("aws-c-auth-testing/sts-role-arn"))
actions = [
Builder.SetupCrossCICrtEnvironment(use_xcodebuild=True)
]
return Builder.Script(actions, name='crt-ci-prep-xcodebuild')
4 changes: 2 additions & 2 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ on:
- 'main'

env:
BUILDER_VERSION: v0.9.73
BUILDER_SOURCE: releases
BUILDER_VERSION: xcodebuild_setup
BUILDER_SOURCE: channels
BUILDER_HOST: https://d19elf31gohf1l.cloudfront.net
PACKAGE_NAME: aws-crt-swift
RUN: ${{ github.run_id }}-${{ github.run_number }}
Expand Down
1 change: 0 additions & 1 deletion Package.swift
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -113,7 +113,6 @@ packageTargets.append(.target(
.define("S2N_BUILD_RELEASE"),
.define("_FORTIFY_SOURCE", to: "2"),
.define("POSIX_C_SOURCE", to: "200809L"),

]
))
#endif
Expand Down
284 changes: 203 additions & 81 deletions Source/AwsCommonRuntimeKit/auth/credentials/CredentialsProvider.swift
View file
Open in desktop

Large diffs are not rendered by default.

46 changes: 45 additions & 1 deletion Test/AwsCommonRuntimeKitTests/auth/CredentialsProviderTests.swift
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -205,6 +205,50 @@ class CredentialsProviderTests: XCBaseTestCase {
wait(for: [shutdownWasCalled], timeout: 15)
}


func testCreateDestroyCognitoCredsProviderWithoutHttpProxy() async throws {
let exceptionWasThrown = XCTestExpectation(description: "Exception was thrown")
do {
let cognitoEndpoint = try getEnvironmentVarOrSkipTest(environmentVarName: "AWS_TEST_MQTT5_COGNITO_ENDPOINT")
let cognitoIdentity = try getEnvironmentVarOrSkipTest(environmentVarName: "AWS_TEST_MQTT5_COGNITO_IDENTITY")


let provider = try CredentialsProvider(source: .cognito(bootstrap: getClientBootstrap(), tlsContext: getTlsContext(), endpoint: cognitoEndpoint, identity: cognitoIdentity, shutdownCallback: getShutdownCallback()))
let credentials = try await provider.getCredentials()
XCTAssertNotNil(credentials)
} catch is XCTSkip{ // skip the test as the environment var is not set
shutdownWasCalled.fulfill()
}catch {
exceptionWasThrown.fulfill()
}
wait(for: [shutdownWasCalled], timeout: 15)
}

// Http proxy related tests could only run behind vpc to access the proxy
func testCreateDestroyCognitoCredsProviderWithHttpProxy() async throws {
let exceptionWasThrown = XCTestExpectation(description: "Exception was thrown")
do {
let cognitoEndpoint = try getEnvironmentVarOrSkipTest(environmentVarName: "AWS_TEST_MQTT5_COGNITO_ENDPOINT")
let cognitoIdentity = try getEnvironmentVarOrSkipTest(environmentVarName: "AWS_TEST_MQTT5_COGNITO_IDENTITY")

let httpproxyHost = try getEnvironmentVarOrSkipTest(environmentVarName: "AWS_TEST_HTTP_PROXY_HOST")
let httpproxyPort = try getEnvironmentVarOrSkipTest(environmentVarName: "AWS_TEST_HTTP_PROXY_PORT")

let httpProxys = HTTPProxyOptions(hostName: httpproxyHost, port: UInt32(httpproxyPort)!, connectionType: .tunnel)

let provider = try CredentialsProvider(source: .cognito(bootstrap: getClientBootstrap(), tlsContext: getTlsContext(), endpoint: cognitoEndpoint, identity: cognitoIdentity, shutdownCallback: getShutdownCallback()))
let credentials = try await provider.getCredentials()
XCTAssertNotNil(credentials)
}
catch is XCTSkip{ // skip the test as the environment var is not set
shutdownWasCalled.fulfill()
}
catch {
exceptionWasThrown.fulfill()
}
wait(for: [shutdownWasCalled], timeout: 15)
}

func testCreateDestroyStsWebIdentityInvalidEnv() async throws {
XCTAssertThrowsError(try CredentialsProvider(source: .stsWebIdentity(
bootstrap: getClientBootstrap(),
Expand Down Expand Up @@ -252,4 +296,4 @@ class CredentialsProviderTests: XCBaseTestCase {
}
wait(for: [exceptionWasThrown], timeout: 15)
}
}
}
Loading
Loading