1 | import { Transformer, TransformerContext } from 'graphql-transformer-core';
|
2 | import { ResourceFactory } from './resources';
|
3 | import { AuthRule, AuthProvider } from './AuthRule';
|
4 | import { ObjectTypeDefinitionNode, DirectiveNode, FieldDefinitionNode, InterfaceTypeDefinitionNode } from 'graphql';
|
5 | export declare type AppSyncAuthMode = 'API_KEY' | 'AMAZON_COGNITO_USER_POOLS' | 'AWS_IAM' | 'OPENID_CONNECT';
|
6 | export declare type AppSyncAuthConfiguration = {
|
7 | defaultAuthentication: AppSyncAuthConfigurationEntry;
|
8 | additionalAuthenticationProviders: Array<AppSyncAuthConfigurationEntry>;
|
9 | };
|
10 | export declare type AppSyncAuthConfigurationEntry = {
|
11 | authenticationType: AppSyncAuthMode;
|
12 | apiKeyConfig?: ApiKeyConfig;
|
13 | userPoolConfig?: UserPoolConfig;
|
14 | openIDConnectConfig?: OpenIDConnectConfig;
|
15 | };
|
16 | export declare type ApiKeyConfig = {
|
17 | description?: string;
|
18 | apiKeyExpirationDays: number;
|
19 | };
|
20 | export declare type UserPoolConfig = {
|
21 | userPoolId: string;
|
22 | };
|
23 | export declare type OpenIDConnectConfig = {
|
24 | name: string;
|
25 | issuerUrl: string;
|
26 | clientId?: string;
|
27 | iatTTL?: number;
|
28 | authTTL?: number;
|
29 | };
|
30 | export declare type ModelAuthTransformerConfig = {
|
31 | authConfig?: AppSyncAuthConfiguration;
|
32 | };
|
33 | export declare type ConfiguredAuthProviders = {
|
34 | default: AuthProvider;
|
35 | onlyDefaultAuthProviderConfigured: boolean;
|
36 | hasApiKey: boolean;
|
37 | hasUserPools: boolean;
|
38 | hasOIDC: boolean;
|
39 | hasIAM: boolean;
|
40 | };
|
41 | export declare class ModelAuthTransformer extends Transformer {
|
42 | resources: ResourceFactory;
|
43 | config: ModelAuthTransformerConfig;
|
44 | configuredAuthProviders: ConfiguredAuthProviders;
|
45 | generateIAMPolicyforUnauthRole: boolean;
|
46 | generateIAMPolicyforAuthRole: boolean;
|
47 | authPolicyResources: Set<string>;
|
48 | unauthPolicyResources: Set<string>;
|
49 | constructor(config?: ModelAuthTransformerConfig);
|
50 | private updateAPIAuthentication;
|
51 | before: (ctx: TransformerContext) => void;
|
52 | after: (ctx: TransformerContext) => void;
|
53 | private getApiKeyConfig;
|
54 | object: (def: ObjectTypeDefinitionNode, directive: DirectiveNode, ctx: TransformerContext) => void;
|
55 | field: (parent: ObjectTypeDefinitionNode | InterfaceTypeDefinitionNode, definition: FieldDefinitionNode, directive: DirectiveNode, ctx: TransformerContext) => void;
|
56 | private propagateAuthDirectivesToNestedTypes;
|
57 | private protectField;
|
58 | private protectReadForField;
|
59 | private protectUpdateForField;
|
60 | private protectDeleteForField;
|
61 | private protectCreateForField;
|
62 | private splitRules;
|
63 | private validateRules;
|
64 | private validateFieldRules;
|
65 | private commonRuleValidation;
|
66 | private protectGetQuery;
|
67 | private authorizationExpressionOnSingleObject;
|
68 | private protectListQuery;
|
69 | private authorizationExpressionForListResult;
|
70 | private protectCreateMutation;
|
71 | private protectUpdateOrDeleteMutation;
|
72 | private protectUpdateMutation;
|
73 | private protectDeleteMutation;
|
74 | private protectConnections;
|
75 | private protectQueries;
|
76 | private protectSearchQuery;
|
77 | protectSyncQuery(ctx: TransformerContext, def: ObjectTypeDefinitionNode, resolverResourceID: string, rules: AuthRule[]): void;
|
78 | private protectOnCreateSubscription;
|
79 | private protectOnUpdateSubscription;
|
80 | private protectOnDeleteSubscription;
|
81 | private addSubscriptionResolvers;
|
82 | private addSubscriptionOwnerArgument;
|
83 | private addOwner;
|
84 | private getOwnerRules;
|
85 | private getStaticGroupRules;
|
86 | private getDynamicGroupRules;
|
87 | hasProviderAuthRules(rules: AuthRule[]): Boolean;
|
88 | private extendTypeWithDirectives;
|
89 | private addDirectivesToOperation;
|
90 | private addDirectivesToField;
|
91 | private getDirectivesForRules;
|
92 | private ensureDefaultAuthProviderAssigned;
|
93 | private validateRuleAuthStrategy;
|
94 | private getConfiguredAuthProviders;
|
95 | private setAuthPolicyFlag;
|
96 | private setUnauthPolicyFlag;
|
97 | private getAuthRulesFromDirective;
|
98 | private isTypeNeedsDefaultProviderAccess;
|
99 | private isTypeHasRulesForOperation;
|
100 | private addTypeToResourceReferences;
|
101 | private addFieldToResourceReferences;
|
102 | private isOperationExpressionSet;
|
103 | private updateMutationConditionInput;
|
104 | private typeExist;
|
105 | private isSyncEnabled;
|
106 | }
|
107 | //# sourceMappingURL=ModelAuthTransformer.d.ts.map |
\ | No newline at end of file |