Search in sources :

Example 1 with AuthorizationType

use of com.amplifyframework.api.aws.AuthorizationType in project amplify-android by aws-amplify.

the class AuthRuleRequestDecoratorTest method ownerArgumentAddedForRestrictedReadWithOidc.

/**
 * Verify that owner argument is required for all subscriptions if ModelOperation.READ is specified
 * while using OpenID Connect auth mode.
 * @throws AmplifyException if a ModelSchema can't be derived from the Model class.
 */
@Test
public void ownerArgumentAddedForRestrictedReadWithOidc() throws AmplifyException {
    final AuthorizationType mode = AuthorizationType.OPENID_CONNECT;
    final String expectedOwner = FakeOidcAuthProvider.SUB;
    // OwnerOidc class has restriction on every operation including READ
    for (SubscriptionType subscriptionType : SubscriptionType.values()) {
        GraphQLRequest<OwnerOidc> originalRequest = createRequest(OwnerOidc.class, subscriptionType);
        GraphQLRequest<OwnerOidc> modifiedRequest = decorator.decorate(originalRequest, mode);
        assertEquals(expectedOwner, getOwnerField(modifiedRequest));
    }
}
Also used : SubscriptionType(com.amplifyframework.api.graphql.SubscriptionType) AuthorizationType(com.amplifyframework.api.aws.AuthorizationType) Test(org.junit.Test)

Example 2 with AuthorizationType

use of com.amplifyframework.api.aws.AuthorizationType in project amplify-android by aws-amplify.

the class AuthRuleRequestDecoratorTest method ownerArgumentAddedIfOwnerIsNotInGroupWithUserPools.

/**
 * Verify owner argument is added if model contains both owner-based and group-based
 * authorization and the user is not in any read-restricted group.
 * @throws AmplifyException if a ModelSchema can't be derived from the Model class.
 */
@Test
public void ownerArgumentAddedIfOwnerIsNotInGroupWithUserPools() throws AmplifyException {
    final AuthorizationType mode = AuthorizationType.AMAZON_COGNITO_USER_POOLS;
    final String expectedOwner = FakeCognitoAuthProvider.USERNAME;
    // but user is not in the read-restricted group.
    for (SubscriptionType subscriptionType : SubscriptionType.values()) {
        GraphQLRequest<OwnerNotInGroup> originalRequest = createRequest(OwnerNotInGroup.class, subscriptionType);
        GraphQLRequest<OwnerNotInGroup> modifiedRequest = decorator.decorate(originalRequest, mode);
        assertEquals(expectedOwner, getOwnerField(modifiedRequest));
    }
}
Also used : SubscriptionType(com.amplifyframework.api.graphql.SubscriptionType) AuthorizationType(com.amplifyframework.api.aws.AuthorizationType) Test(org.junit.Test)

Example 3 with AuthorizationType

use of com.amplifyframework.api.aws.AuthorizationType in project amplify-android by aws-amplify.

the class AuthRuleRequestDecoratorTest method ownerArgumentNotAddedIfOwnerIsInGroupWithUserPools.

/**
 * Verify owner argument is NOT added if model contains both owner-based and group-based
 * authorization and the user is in any of the read-restricted groups.
 * @throws AmplifyException if a ModelSchema can't be derived from the Model class.
 */
@Test
public void ownerArgumentNotAddedIfOwnerIsInGroupWithUserPools() throws AmplifyException {
    final AuthorizationType mode = AuthorizationType.AMAZON_COGNITO_USER_POOLS;
    // and user is in the read-restricted group.
    for (SubscriptionType subscriptionType : SubscriptionType.values()) {
        GraphQLRequest<OwnerInGroup> originalRequest = createRequest(OwnerInGroup.class, subscriptionType);
        GraphQLRequest<OwnerInGroup> modifiedRequest = decorator.decorate(originalRequest, mode);
        assertNull(getOwnerField(modifiedRequest));
    }
}
Also used : SubscriptionType(com.amplifyframework.api.graphql.SubscriptionType) AuthorizationType(com.amplifyframework.api.aws.AuthorizationType) Test(org.junit.Test)

Example 4 with AuthorizationType

use of com.amplifyframework.api.aws.AuthorizationType in project amplify-android by aws-amplify.

the class AuthRuleRequestDecoratorTest method requestPassThroughForNoAuth.

/**
 * Test that auth rule request decorator returns the same request if there
 * is no auth rule associated with it.
 * @throws AmplifyException if a ModelSchema can't be derived from the Model class.
 */
@Test
public void requestPassThroughForNoAuth() throws AmplifyException {
    final AuthorizationType mode = AuthorizationType.AMAZON_COGNITO_USER_POOLS;
    // NoAuth class does not have use @auth directive
    for (SubscriptionType subscriptionType : SubscriptionType.values()) {
        GraphQLRequest<NoAuth> originalRequest = createRequest(NoAuth.class, subscriptionType);
        GraphQLRequest<NoAuth> modifiedRequest = decorator.decorate(originalRequest, mode);
        assertEquals(originalRequest, modifiedRequest);
    }
}
Also used : SubscriptionType(com.amplifyframework.api.graphql.SubscriptionType) AuthorizationType(com.amplifyframework.api.aws.AuthorizationType) Test(org.junit.Test)

Example 5 with AuthorizationType

use of com.amplifyframework.api.aws.AuthorizationType in project amplify-android by aws-amplify.

the class AuthRuleRequestDecoratorTest method ownerArgumentNotAddedIfOwnerIsInCustomGroup.

/**
 * Verify owner argument is NOT added if model contains both owner-based and group-based
 * authorization and the user is in any of the read-restricted groups.
 * @throws AmplifyException if a ModelSchema can't be derived from the Model class.
 */
@Test
public void ownerArgumentNotAddedIfOwnerIsInCustomGroup() throws AmplifyException {
    final AuthorizationType mode = AuthorizationType.OPENID_CONNECT;
    // and user is in the read-restricted custom group.
    for (SubscriptionType subscriptionType : SubscriptionType.values()) {
        GraphQLRequest<OwnerInCustomGroup> originalRequest = createRequest(OwnerInCustomGroup.class, subscriptionType);
        GraphQLRequest<OwnerInCustomGroup> modifiedRequest = decorator.decorate(originalRequest, mode);
        assertNull(getOwnerField(modifiedRequest));
    }
}
Also used : SubscriptionType(com.amplifyframework.api.graphql.SubscriptionType) AuthorizationType(com.amplifyframework.api.aws.AuthorizationType) Test(org.junit.Test)

Aggregations

AuthorizationType (com.amplifyframework.api.aws.AuthorizationType)13 Test (org.junit.Test)13 SubscriptionType (com.amplifyframework.api.graphql.SubscriptionType)9 AuthRule (com.amplifyframework.core.model.AuthRule)3 MultiAuthorizationTypeIterator (com.amplifyframework.core.model.auth.MultiAuthorizationTypeIterator)3 Context (android.content.Context)1 Log (android.util.Log)1 RawRes (androidx.annotation.RawRes)1 ApplicationProvider.getApplicationContext (androidx.test.core.app.ApplicationProvider.getApplicationContext)1 CognitoJWTParser (com.amazonaws.mobileconnectors.cognitoidentityprovider.util.CognitoJWTParser)1 AmplifyException (com.amplifyframework.AmplifyException)1 ApiCategory (com.amplifyframework.api.ApiCategory)1 AWSApiPlugin (com.amplifyframework.api.aws.AWSApiPlugin)1 ApiAuthProviders (com.amplifyframework.api.aws.ApiAuthProviders)1 AuthModeStrategyType (com.amplifyframework.api.aws.AuthModeStrategyType)1 DefaultCognitoUserPoolsAuthProvider (com.amplifyframework.api.aws.sigv4.DefaultCognitoUserPoolsAuthProvider)1 AuthCategory (com.amplifyframework.auth.AuthCategory)1 AWSCognitoAuthPlugin (com.amplifyframework.auth.cognito.AWSCognitoAuthPlugin)1 AuthSignOutOptions (com.amplifyframework.auth.options.AuthSignOutOptions)1 AuthSignInResult (com.amplifyframework.auth.result.AuthSignInResult)1