How to implement custom AWSCredentialsProvider

Question

I have credentials generating from Server along with Token.I used AWSStaticCredentialsProvider whereas i need to pass the token for Authentication.

Referred many links but no further help other than the idea of custom implementation of credentials Provider.Any code would be helpful.

Refer: [AWSWebIdentityCredentialsProvider How to get parameters values?

Answer 1

1.Create a new class inherits from NSObject;
2.Make sure it implements AWSCredentialsProvider;
3.Declare required properties such as Access,Secret and Token and initialiser methods;
4.Then in implementation file implement the declared methods.

Code snippet:

.h file

@interface CustomCredentialsProvider : NSObject<AWSCredentialsProvider>
@property (nonatomic, readonly) NSString *accessKey;
@property (nonatomic, readonly) NSString *secretKey;
@property (nonatomic, readonly) NSString *sessionKey;

+ (instancetype)credentialsWithAccessKey:(NSString *)accessKey
                               secretKey:(NSString *)secretKey sessionKey:(NSString*)sessionKey;
- (instancetype)initWithAccessKey:(NSString *)accessKey
                        secretKey:(NSString *)secretKey sessionKey:(NSString*)sessionKey;
@end

.m file

+ (instancetype)credentialsWithAccessKey:(NSString *)accessKey
                               secretKey:(NSString *)secretKey sessionKey:(NSString*)sessionKey
{
    CustomCredentialsProvider *credentials = [[CustomCredentialsProvider alloc]initWithAccessKey:accessKey secretKey:secretKey sessionKey:sessionKey];
    return credentials;

}

- (instancetype)initWithAccessKey:(NSString *)accessKey
                        secretKey:(NSString *)secretKey sessionKey:(NSString*)sessionKey
{
    if (self = [super init]) {
        _accessKey = accessKey;
        _secretKey = secretKey;
        _sessionKey = sessionKey;
    }
    return self;
}

Answer 2

Please remember temporary credentials expire. Once they do, all subsequent requests fail with your implementation of the credentials provider. The credentials provider needs to be able to respond to - refresh and refreshes the credentials when the credentials are expired. The implementation of - refresh fully depends on your backend service structure and requirements.

You should take a look at the implementations of AWSWebIdentityCredentialsProvider and AWSCognitoCredentialsProvider as examples. Also, consider using AWSCognitoCredentialsProvider since it is an easier way to provide credentials to the client apps.