-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.js
108 lines (90 loc) · 2.8 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
// SPDX-License-Identifier: MIT-0
const { Signer } = require("@aws-amplify/core");
const {
fromCognitoIdentityPool,
} = require("@aws-sdk/credential-provider-cognito-identity");
const { CognitoIdentityClient } = require("@aws-sdk/client-cognito-identity");
let maplibregl;
let mapboxgl;
try {
maplibregl = require("maplibre-gl");
} catch {}
try {
mapboxgl = require("mapbox-gl");
} catch {}
function validateCredentials(credentials) {
const { accessKeyId, secretAccessKey } = credentials;
if (!accessKeyId || !secretAccessKey) {
throw new Error("Valid credentials are required to fetch map resources.");
}
}
function validateRegion(region) {
if (!region) {
throw new Error("A valid region is required to fetch map resources.");
}
}
function createCognitoCredentialProvider(identityPoolId) {
return fromCognitoIdentityPool({
client: new CognitoIdentityClient({
region: identityPoolId.split(":")[0],
}),
identityPoolId,
});
}
async function createRequestTransformer({
credentials,
identityPoolId,
region,
}) {
if (identityPoolId != null) {
// use the region containing the identity pool if one wasn't provided
region = region || identityPoolId.split(":")[0];
const provider = createCognitoCredentialProvider(identityPoolId);
// refresh credentials before they expire
async function refreshCognitoCredentials() {
credentials = await provider();
setTimeout(
refreshCognitoCredentials,
credentials.expiration - new Date()
);
}
await refreshCognitoCredentials();
}
validateCredentials(credentials);
validateRegion(region);
return (url, resourceType) => {
if (resourceType === "Style" && !url.includes("://")) {
// resolve to an AWS URL
url = `https://maps.geo.${region}.amazonaws.com/maps/v0/maps/${url}/style-descriptor`;
}
if (url.includes("amazonaws.com")) {
// only sign AWS requests (with the signature as part of the query string)
return {
// @aws-sdk/signature-v4 would be another option, but this needs to be synchronous
url: Signer.signUrl(url, {
access_key: credentials.accessKeyId,
secret_key: credentials.secretAccessKey,
session_token: credentials.sessionToken,
}),
};
}
// don't sign
return { url };
};
}
async function createMap(config, options, mapgl) {
const transformRequest = await createRequestTransformer(config);
return new (mapgl || maplibregl || mapboxgl).Map({
...options,
transformRequest,
});
}
function getCredentialsForIdentityPool(identityPoolId) {
return createCognitoCredentialProvider(identityPoolId)();
}
module.exports = {
createMap,
createRequestTransformer,
getCredentialsForIdentityPool,
};