Update AWS Cognito authentication example for 2.x.x (#55)

* Update auth-cognito for HB 2.x.x * Add AWS error middleware to diagnose AWS errors * Update READMEs * Use HummingbirdRouter * Remove commented out code
hummingbird-project · Jan 28, 2024 · 6cc2e32 · 6cc2e32
1 parent 97aaf0b
commit 6cc2e32
Show file tree

Hide file tree

Showing 12 changed files with 298 additions and 265 deletions.
diff --git a/README.md b/README.md
@@ -1,6 +1,7 @@
 # Hummingbird Example Code
 
 Examples converted to Hummingbird 2.0
+- [auth-cognito](https://github.com/hummingbird-project/hummingbird-examples/tree/2.x.x/auth-cognito) - Authentication via AWS Cognito.
 - [hello](https://github.com/hummingbird-project/hummingbird-examples/tree/2.x.x/hello) - Basic application setup.
 - [html-form](https://github.com/hummingbird-project/hummingbird-examples/tree/2.x.x/html-form) - Link HTML form to Hummingbird application.
 - [http2](https://github.com/hummingbird-project/hummingbird-examples/tree/2.x.x/http2) - Basic application with HTTP2 upgrade added.
@@ -12,7 +13,6 @@ Examples converted to Hummingbird 2.0
 - [webauthn](https://github.com/hummingbird-project/hummingbird-examples/tree/2.x.x/webauthn) - Web app demonstrating WebAuthn(PassKey) authentication.
 
 Examples still working with Hummingbird 1.0
-- [auth-cognito](https://github.com/hummingbird-project/hummingbird-examples/tree/main/auth-cognito) - Authentication via AWS Cognito.
 - [auth-jwt](https://github.com/hummingbird-project/hummingbird-examples/tree/main/auth-jwt) - Authentication using JWT.
 - [auth-srp](https://github.com/hummingbird-project/hummingbird-examples/tree/main/auth-srp) - Secure Remote Password authentication.
 - [graphql-server](https://github.com/hummingbird-project/hummingbird-examples/tree/main/graphql-server) - GraphQL server using [Graphiti](https://github.com/GraphQLSwift/Graphiti)

diff --git a/auth-cognito/Package.swift b/auth-cognito/Package.swift
@@ -1,38 +1,28 @@
-// swift-tools-version:5.5
+// swift-tools-version:5.9
 // The swift-tools-version declares the minimum version of Swift required to build this package.
 
 import PackageDescription
 
 let package = Package(
     name: "auth-cognito",
-    platforms: [.macOS(.v10_15)],
-    products: [
-        .executable(name: "Server", targets: ["Server"]),
-    ],
+    platforms: [.macOS(.v14)],
     dependencies: [
-        .package(url: "https://github.com/hummingbird-project/hummingbird.git", from: "1.0.0"),
-        .package(url: "https://github.com/hummingbird-project/hummingbird-auth.git", from: "1.0.0"),
-        .package(url: "https://github.com/adam-fowler/soto-cognito-authentication-kit.git", from: "4.0.0"),
+        .package(url: "https://github.com/hummingbird-project/hummingbird.git", from: "2.0.0-alpha.1"),
+        .package(url: "https://github.com/hummingbird-project/hummingbird-auth.git", from: "2.0.0-alpha.1"),
+        .package(url: "https://github.com/adam-fowler/soto-cognito-authentication-kit.git", from: "5.0.0-alpha.1"),
         .package(url: "https://github.com/apple/swift-argument-parser.git", from: "1.0.0"),
     ],
     targets: [
         .executableTarget(
-            name: "Server",
-            dependencies: [
-                .byName(name: "App"),
-                .product(name: "ArgumentParser", package: "swift-argument-parser"),
-                .product(name: "Hummingbird", package: "hummingbird"),
-            ]
-        ),
-        .target(
             name: "App",
             dependencies: [
                 .product(name: "Hummingbird", package: "hummingbird"),
+                .product(name: "HummingbirdRouter", package: "hummingbird"),
                 .product(name: "HummingbirdAuth", package: "hummingbird-auth"),
-                .product(name: "HummingbirdFoundation", package: "hummingbird"),
                 .product(name: "SotoCognitoAuthenticationKit", package: "soto-cognito-authentication-kit"),
                 .product(name: "SotoCognitoAuthenticationSRP", package: "soto-cognito-authentication-kit"),
                 .product(name: "ArgumentParser", package: "swift-argument-parser"),
+                .product(name: "Hummingbird", package: "hummingbird"),
             ],
             swiftSettings: [
                 // Enable better optimizations when building in Release configuration. Despite the use of

diff --git a/auth-cognito/README.md b/auth-cognito/README.md
@@ -1,6 +1,6 @@
 # Authentication with SotoCognitoAuthenticationKit
 
-Example of app using SotoCognitoAuthenticationKit. App includes four authenticators (basic username and password, basic username and password using SRP (Secure Remote Password) for authentication, JWT Access Token and JWT Id Token.
+Example of app using SotoCognitoAuthenticationKit. App includes four authenticators (basic username and password, basic username and password using SRP (Secure Remote Password) for authentication, JWT Access Token and JWT Id Token. This example also uses the result builder router from HummingbirdRouter.
 
 Routes are as follows
 
@@ -18,3 +18,4 @@ Routes are as follows
 - POST /user/mfa/enable - Enable software MFA for user
 - POST /user/mfa/disable - Disable software MFA for user
 
+This example requires that you setup an AWS Cognito userpool and application client with ADMIN_USER_PASSWORD, REFRESH_TOKEN and USER_SRP authentication methods all enabled. You should then set environment variables `COGNITO_USER_POOL_ID` to the userpool id, `COGNITO_CLIENT_ID` to the application client id and if you added a client secret `COGNITO_CLIENT_SECRET` to that.
diff --git a/auth-cognito/Sources/App/Application+build.swift b/auth-cognito/Sources/App/Application+build.swift
@@ -0,0 +1,44 @@
+import Hummingbird
+import HummingbirdAuth
+import HummingbirdRouter
+import ServiceLifecycle
+import SotoCognitoAuthenticationKit
+
+struct AWSClientService: Service {
+    let client: AWSClient
+
+    func run() async throws {
+        await GracefulShutdownWaiter().wait()
+        try await self.client.shutdown()
+    }
+}
+
+func buildApplication(configuration: HBApplicationConfiguration) throws -> some HBApplicationProtocol {
+    // setup Soto
+    let awsClient = AWSClient(httpClientProvider: .createNew)
+    let cognitoIdentityProvider = CognitoIdentityProvider(client: awsClient, region: .euwest1)
+    // setup SotoCognitoAuthentication
+    let env = try HBEnvironment().merging(with: .dotEnv())
+    guard let userPoolId = env.get("cognito_user_pool_id"),
+          let clientId = env.get("cognito_client_id")
+    else {
+        preconditionFailure("Requires \"cognito_user_pool_id\" and \"cognito_client_id\" environment variables")
+    }
+    let config = CognitoConfiguration(
+        userPoolId: userPoolId,
+        clientId: clientId,
+        clientSecret: env.get("cognito_client_secret"),
+        cognitoIDP: cognitoIdentityProvider,
+        adminClient: true
+    )
+    let authenticatable = CognitoAuthenticatable(configuration: config)
+
+    let router = HBRouterBuilder(context: AuthCognitoRequestContext.self) {
+        AWSErrorMiddleware()
+        UserController(cognitoAuthenticatable: authenticatable, cognitoIdentityProvider: cognitoIdentityProvider).endpoints
+    }
+
+    var app = HBApplication(router: router)
+    app.addServices(AWSClientService(client: awsClient))
+    return app
+}
diff --git a/auth-cognito/Sources/App/Application+configure.swift b/auth-cognito/Sources/App/Application+configure.swift