I'm new to ios development and I am trying to integrate AWS into a mobile app written in Swift. I used the following code to connect and upload files to s3:
let credentialsProvider = AWSCognitoCredentialsProvider(regionType: AWSRegionType.USEast1, identityPoolId: "us-east-1:xxxx")
let serviceConfiguration = AWSServiceConfiguration(region: AWSRegionType.USEast1, credentialsProvider: credentialsProvider)
AWSServiceManager.defaultServiceManager().defaultServiceConfiguration = serviceConfiguration
var uploadRequest = AWSS3TransferManagerUploadRequest()
uploadRequest.bucket = "my-bucket" // Bucket where the file is uploaded
uploadRequest.key = "myFile.txt" // The file's name on s3
uploadRequest.body = getFileURL() // The file's path on my computer
var transferManager = AWSS3TransferManager.defaultS3TransferManager()
transferManager.upload(uploadRequest).continueWithBlock({
(task: BFTask!) -> BFTask! in
if(task.error != nil){
println("Couldn't upload the file");
println(task.error.code)
println(task.error.localizedDescription)
}
return nil
})
This does what I expected, it uploads myFile.txt to s3. But it is doing so via the unauth role, which I have given "s3:*" permission. I would like to restrict these actions to an authenticated role. In AWS' documentation the solutions involve using Facebook, Twitter, Amazon, Google, etc or making a developer authenticated identity.
I was having difficulty making a developer authenticated identity because all of the documentation is in objective-c or java. So now I'm trying to find an alternative. Is it possible to authenticate with an accessKey, secretKey pair? Or is there any other way of authenticating?
If there is no such way, how am I supposed implement a developer authenticated identity?
class DevAuthProvider: AWSAbstractCognitoIdentityProvider{
var _token: String!
var _logins: [NSObject : AnyObject ]!
var someURL: String!
override var token: String {
get {
return _token
}
}
override var logins: [NSObject : AnyObject]! {
get {
return _logins
}
set {
_logins = newValue
}
}
override func getIdentityId() -> BFTask! {
if self.identityId != nil {
return BFTask(result: self.identityId)
}
else{
return BFTask(result: nil).continueWithBlock({ (task) -> AnyObject! in
if self.identityId == nil {
return self.refresh()
}
return BFTask(result: self.identityId)
})
}
}
override func refresh() -> BFTask! {
let task = BFTaskCompletionSource()
let request = AFHTTPRequestOperationManager()
request.GET(someURL, parameters: nil, success: { (request: AFHTTPRequestOperation!, response: AnyObject!) -> Void in
var tmp = NSMutableDictionary()
tmp.setObject("temp", forKey: "App")
self.logins = tmp as [NSObject : AnyObject]
let properties: NSDictionary = response.objectForKey("properties") as! NSDictionary
let amazonId = properties.objectForKey("amazon_identity") as! String
let amazonToken = properties.objectForKey("token") as! String
self.identityId = amazonId
self._token = amazonToken
task.setResult(response)
}, failure: {(request: AFHTTPRequestOperation!, error: NSError!) -> Void in
task.setError(error)
})
return task
}
}
I'm using the following code as a start, an instance of this class would be used to instantiate a AWSCognitoCredentialsProvider but I'm not sure how it works and how I'm supposed to use it. Specifically, the URL in the get request is supposed to be where I get the authorization token right? If so, where would that be?
Any help is appreciated
Aucun commentaire:
Enregistrer un commentaire