# Copyright (c) 2014 Amazon.com, Inc. or its affiliates. All Rights Reserved
#
# Permission is hereby granted, free of charge, to any person obtaining a
# copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish, dis-
# tribute, sublicense, and/or sell copies of the Software, and to permit
# persons to whom the Software is furnished to do so, subject to the fol-
# lowing conditions:
#
# The above copyright notice and this permission notice shall be included
# in all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABIL-
# ITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT
# SHALL THE AUTHOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
# WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
#
from boto.compat import json
from boto.exception import JSONResponseError
from boto.connection import AWSAuthConnection
from boto.regioninfo import RegionInfo
from boto.cognito.sync import exceptions
class CognitoSyncConnection(AWSAuthConnection):
"""
Amazon Cognito Sync
Amazon Cognito Sync provides an AWS service and client library
that enable cross-device syncing of application-related user data.
High-level client libraries are available for both iOS and
Android. You can use these libraries to persist data locally so
that it's available even if the device is offline. Developer
credentials don't need to be stored on the mobile device to access
the service. You can use Amazon Cognito to obtain a normalized
user ID and credentials. User data is persisted in a dataset that
can store up to 1 MB of key-value pairs, and you can have up to 20
datasets per user identity.
With Amazon Cognito Sync, the data stored for each identity is
accessible only to credentials assigned to that identity. In order
to use the Cognito Sync service, you need to make API calls using
credentials retrieved with `Amazon Cognito Identity service`_.
"""
APIVersion = "2014-06-30"
DefaultRegionName = "us-east-1"
DefaultRegionEndpoint = "cognito-sync.us-east-1.amazonaws.com"
ResponseError = JSONResponseError
_faults = {
"LimitExceededException": exceptions.LimitExceededException,
"ResourceConflictException": exceptions.ResourceConflictException,
"InvalidConfigurationException": exceptions.InvalidConfigurationException,
"TooManyRequestsException": exceptions.TooManyRequestsException,
"InvalidParameterException": exceptions.InvalidParameterException,
"ResourceNotFoundException": exceptions.ResourceNotFoundException,
"InternalErrorException": exceptions.InternalErrorException,
"NotAuthorizedException": exceptions.NotAuthorizedException,
}
def __init__(self, **kwargs):
region = kwargs.get('region')
if not region:
region = RegionInfo(self, self.DefaultRegionName,
self.DefaultRegionEndpoint)
else:
del kwargs['region']
kwargs['host'] = region.endpoint
super(CognitoSyncConnection, self).__init__(**kwargs)
self.region = region
def _required_auth_capability(self):
return ['hmac-v4']
def delete_dataset(self, identity_pool_id, identity_id, dataset_name):
"""
Deletes the specific dataset. The dataset will be deleted
permanently, and the action can't be undone. Datasets that
this dataset was merged with will no longer report the merge.
Any consequent operation on this dataset will result in a
ResourceNotFoundException.
:type identity_pool_id: string
:param identity_pool_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. GUID generation is unique within a region.
:type identity_id: string
:param identity_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. GUID generation is unique within a region.
:type dataset_name: string
:param dataset_name: A string of up to 128 characters. Allowed
characters are a-z, A-Z, 0-9, '_' (underscore), '-' (dash), and '.'
(dot).
"""
uri = '/identitypools/{0}/identities/{1}/datasets/{2}'.format(
identity_pool_id, identity_id, dataset_name)
return self.make_request('DELETE', uri, expected_status=200)
def describe_dataset(self, identity_pool_id, identity_id, dataset_name):
"""
Gets metadata about a dataset by identity and dataset name.
The credentials used to make this API call need to have access
to the identity data. With Amazon Cognito Sync, each identity
has access only to its own data. You should use Amazon Cognito
Identity service to retrieve the credentials necessary to make
this API call.
:type identity_pool_id: string
:param identity_pool_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. GUID generation is unique within a region.
:type identity_id: string
:param identity_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. GUID generation is unique within a region.
:type dataset_name: string
:param dataset_name: A string of up to 128 characters. Allowed
characters are a-z, A-Z, 0-9, '_' (underscore), '-' (dash), and '.'
(dot).
"""
uri = '/identitypools/{0}/identities/{1}/datasets/{2}'.format(
identity_pool_id, identity_id, dataset_name)
return self.make_request('GET', uri, expected_status=200)
def describe_identity_pool_usage(self, identity_pool_id):
"""
Gets usage details (for example, data storage) about a
particular identity pool.
:type identity_pool_id: string
:param identity_pool_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. GUID generation is unique within a region.
"""
uri = '/identitypools/{0}'.format(identity_pool_id)
return self.make_request('GET', uri, expected_status=200)
def describe_identity_usage(self, identity_pool_id, identity_id):
"""
Gets usage information for an identity, including number of
datasets and data usage.
:type identity_pool_id: string
:param identity_pool_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. GUID generation is unique within a region.
:type identity_id: string
:param identity_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. GUID generation is unique within a region.
"""
uri = '/identitypools/{0}/identities/{1}'.format(
identity_pool_id, identity_id)
return self.make_request('GET', uri, expected_status=200)
def get_identity_pool_configuration(self, identity_pool_id):
"""
Gets the configuration settings of an identity pool.
:type identity_pool_id: string
:param identity_pool_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. This is the ID of the pool for which to return a
configuration.
"""
uri = '/identitypools/{0}/configuration'.format(identity_pool_id)
return self.make_request('GET', uri, expected_status=200)
def list_datasets(self, identity_pool_id, identity_id, next_token=None,
max_results=None):
"""
Lists datasets for an identity. The credentials used to make
this API call need to have access to the identity data. With
Amazon Cognito Sync, each identity has access only to its own
data. You should use Amazon Cognito Identity service to
retrieve the credentials necessary to make this API call.
:type identity_pool_id: string
:param identity_pool_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. GUID generation is unique within a region.
:type identity_id: string
:param identity_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. GUID generation is unique within a region.
:type next_token: string
:param next_token: A pagination token for obtaining the next page of
results.
:type max_results: integer
:param max_results: The maximum number of results to be returned.
"""
uri = '/identitypools/{0}/identities/{1}/datasets'.format(
identity_pool_id, identity_id)
params = {}
headers = {}
query_params = {}
if next_token is not None:
query_params['nextToken'] = next_token
if max_results is not None:
query_params['maxResults'] = max_results
return self.make_request('GET', uri, expected_status=200,
data=json.dumps(params), headers=headers,
params=query_params)
def list_identity_pool_usage(self, next_token=None, max_results=None):
"""
Gets a list of identity pools registered with Cognito.
:type next_token: string
:param next_token: A pagination token for obtaining the next page of
results.
:type max_results: integer
:param max_results: The maximum number of results to be returned.
"""
uri = '/identitypools'
params = {}
headers = {}
query_params = {}
if next_token is not None:
query_params['nextToken'] = next_token
if max_results is not None:
query_params['maxResults'] = max_results
return self.make_request('GET', uri, expected_status=200,
data=json.dumps(params), headers=headers,
params=query_params)
def list_records(self, identity_pool_id, identity_id, dataset_name,
last_sync_count=None, next_token=None, max_results=None,
sync_session_token=None):
"""
Gets paginated records, optionally changed after a particular
sync count for a dataset and identity. The credentials used to
make this API call need to have access to the identity data.
With Amazon Cognito Sync, each identity has access only to its
own data. You should use Amazon Cognito Identity service to
retrieve the credentials necessary to make this API call.
:type identity_pool_id: string
:param identity_pool_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. GUID generation is unique within a region.
:type identity_id: string
:param identity_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. GUID generation is unique within a region.
:type dataset_name: string
:param dataset_name: A string of up to 128 characters. Allowed
characters are a-z, A-Z, 0-9, '_' (underscore), '-' (dash), and '.'
(dot).
:type last_sync_count: long
:param last_sync_count: The last server sync count for this record.
:type next_token: string
:param next_token: A pagination token for obtaining the next page of
results.
:type max_results: integer
:param max_results: The maximum number of results to be returned.
:type sync_session_token: string
:param sync_session_token: A token containing a session ID, identity
ID, and expiration.
"""
uri = '/identitypools/{0}/identities/{1}/datasets/{2}/records'.format(
identity_pool_id, identity_id, dataset_name)
params = {}
headers = {}
query_params = {}
if last_sync_count is not None:
query_params['lastSyncCount'] = last_sync_count
if next_token is not None:
query_params['nextToken'] = next_token
if max_results is not None:
query_params['maxResults'] = max_results
if sync_session_token is not None:
query_params['syncSessionToken'] = sync_session_token
return self.make_request('GET', uri, expected_status=200,
data=json.dumps(params), headers=headers,
params=query_params)
def register_device(self, identity_pool_id, identity_id, platform, token):
"""
Registers a device to receive push sync notifications.
:type identity_pool_id: string
:param identity_pool_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. Here, the ID of the pool that the identity belongs to.
:type identity_id: string
:param identity_id: The unique ID for this identity.
:type platform: string
:param platform: The SNS platform type (e.g. GCM, SDM, APNS,
APNS_SANDBOX).
:type token: string
:param token: The push token.
"""
uri = '/identitypools/{0}/identity/{1}/device'.format(
identity_pool_id, identity_id)
params = {'Platform': platform, 'Token': token, }
headers = {}
query_params = {}
return self.make_request('POST', uri, expected_status=200,
data=json.dumps(params), headers=headers,
params=query_params)
def set_identity_pool_configuration(self, identity_pool_id,
push_sync=None):
"""
Sets the necessary configuration for push sync.
:type identity_pool_id: string
:param identity_pool_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. This is the ID of the pool to modify.
:type push_sync: dict
:param push_sync: Configuration options to be applied to the identity
pool.
"""
uri = '/identitypools/{0}/configuration'.format(identity_pool_id)
params = {}
headers = {}
query_params = {}
if push_sync is not None:
params['PushSync'] = push_sync
return self.make_request('POST', uri, expected_status=200,
data=json.dumps(params), headers=headers,
params=query_params)
def subscribe_to_dataset(self, identity_pool_id, identity_id,
dataset_name, device_id):
"""
Subscribes to receive notifications when a dataset is modified
by another device.
:type identity_pool_id: string
:param identity_pool_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. The ID of the pool to which the identity belongs.
:type identity_id: string
:param identity_id: Unique ID for this identity.
:type dataset_name: string
:param dataset_name: The name of the dataset to subcribe to.
:type device_id: string
:param device_id: The unique ID generated for this device by Cognito.
"""
uri = '/identitypools/{0}/identities/{1}/datasets/{2}/subscriptions/{3}'.format(
identity_pool_id, identity_id, dataset_name, device_id)
return self.make_request('POST', uri, expected_status=200)
def unsubscribe_from_dataset(self, identity_pool_id, identity_id,
dataset_name, device_id):
"""
Unsubscribe from receiving notifications when a dataset is
modified by another device.
:type identity_pool_id: string
:param identity_pool_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. The ID of the pool to which this identity belongs.
:type identity_id: string
:param identity_id: Unique ID for this identity.
:type dataset_name: string
:param dataset_name: The name of the dataset from which to unsubcribe.
:type device_id: string
:param device_id: The unique ID generated for this device by Cognito.
"""
uri = '/identitypools/{0}/identities/{1}/datasets/{2}/subscriptions/{3}'.format(
identity_pool_id, identity_id, dataset_name, device_id)
return self.make_request('DELETE', uri, expected_status=200)
def update_records(self, identity_pool_id, identity_id, dataset_name,
sync_session_token, device_id=None,
record_patches=None, client_context=None):
"""
Posts updates to records and add and delete records for a
dataset and user. The credentials used to make this API call
need to have access to the identity data. With Amazon Cognito
Sync, each identity has access only to its own data. You
should use Amazon Cognito Identity service to retrieve the
credentials necessary to make this API call.
:type identity_pool_id: string
:param identity_pool_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. GUID generation is unique within a region.
:type identity_id: string
:param identity_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. GUID generation is unique within a region.
:type dataset_name: string
:param dataset_name: A string of up to 128 characters. Allowed
characters are a-z, A-Z, 0-9, '_' (underscore), '-' (dash), and '.'
(dot).
:type device_id: string
:param device_id: The unique ID generated for this device by Cognito.
:type record_patches: list
:param record_patches: A list of patch operations.
:type sync_session_token: string
:param sync_session_token: The SyncSessionToken returned by a previous
call to ListRecords for this dataset and identity.
:type client_context: string
:param client_context: Intended to supply a device ID that will
populate the `lastModifiedBy` field referenced in other methods.
The `ClientContext` field is not yet implemented.
"""
uri = '/identitypools/{0}/identities/{1}/datasets/{2}'.format(
identity_pool_id, identity_id, dataset_name)
params = {'SyncSessionToken': sync_session_token, }
headers = {}
query_params = {}
if device_id is not None:
params['DeviceId'] = device_id
if record_patches is not None:
params['RecordPatches'] = record_patches
if client_context is not None:
headers['x-amz-Client-Context'] = client_context
if client_context is not None:
headers['x-amz-Client-Context'] = client_context
return self.make_request('POST', uri, expected_status=200,
data=json.dumps(params), headers=headers,
params=query_params)
def make_request(self, verb, resource, headers=None, data='',
expected_status=None, params=None):
if headers is None:
headers = {}
response = AWSAuthConnection.make_request(
self, verb, resource, headers=headers, data=data, params=params)
body = json.loads(response.read().decode('utf-8'))
if response.status == expected_status:
return body
else:
error_type = response.getheader('x-amzn-ErrorType').split(':')[0]
error_class = self._faults.get(error_type, self.ResponseError)
raise error_class(response.status, response.reason, body)