sst 3.0.61 → 3.0.63

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/aws/realtime.d.ts +35 -19
  2. package/dist/aws/realtime.js +11 -10
  3. package/package.json +6 -6
package/dist/aws/realtime.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { Context, IoTCustomAuthorizerEvent } from "aws-lambda";
1
+ import { IoTCustomAuthorizerHandler, PolicyDocument } from "aws-lambda";
2
2
  /**
3
3
  * The `realtime` client SDK is available through the following.
4
4
  *
@@ -9,6 +9,18 @@ import { Context, IoTCustomAuthorizerEvent } from "aws-lambda";
9
9
  */
10
10
  export declare namespace realtime {
11
11
  interface AuthResult {
12
+ /**
13
+ * The principal ID of the authorized client. This could be (but is not limited to) a user ID, an email address, or a phone number.
14
+ */
15
+ principalId?: string;
16
+ /**
17
+ * How long the client should be disconnected after the token expires.
18
+ */
19
+ disconnectAfterInSeconds?: number;
20
+ /**
21
+ * How long the client should be refreshed after the token expires.
22
+ */
23
+ refreshAfterInSeconds?: number;
12
24
  /**
13
25
  * The topics the client can subscribe to.
14
26
  * @example
@@ -44,6 +56,27 @@ export declare namespace realtime {
44
56
  * ```
45
57
  */
46
58
  publish?: string[];
59
+ /**
60
+ * Any additional policy documents to attach to the client.
61
+ * @example
62
+ * ```js
63
+ * {
64
+ * policyDocuments: [
65
+ * {
66
+ * Version: "2012-10-17",
67
+ * Statement: [
68
+ * {
69
+ * Action: "iot:GetThingShadow",
70
+ * Effect: "Allow",
71
+ * Resource: "*",
72
+ * },
73
+ * ],
74
+ * },
75
+ * ],
76
+ * };
77
+ * ```
78
+ */
79
+ policyDocuments?: PolicyDocument[];
47
80
  }
48
81
  /**
49
82
  * Creates an authorization handler for the `Realtime` component. It validates
@@ -63,22 +96,5 @@ export declare namespace realtime {
63
96
  * });
64
97
  * ```
65
98
  */
66
- function authorizer(input: (token: string) => Promise<AuthResult>): (evt: IoTCustomAuthorizerEvent, context: Context) => Promise<{
67
- isAuthenticated: boolean;
68
- principalId: string;
69
- disconnectAfterInSeconds: number;
70
- refreshAfterInSeconds: number;
71
- policyDocuments: {
72
- Version: string;
73
- Statement: ({
74
- Action: string;
75
- Effect: string;
76
- Resource: string;
77
- } | {
78
- Action: string;
79
- Effect: string;
80
- Resource: string[];
81
- })[];
82
- }[];
83
- }>;
99
+ function authorizer(input: (token: string) => Promise<AuthResult>): IoTCustomAuthorizerHandler;
84
100
  }
package/dist/aws/realtime.js CHANGED
@@ -30,12 +30,12 @@ export var realtime;
30
30
  return async (evt, context) => {
31
31
  const [, , , region, accountId] = context.invokedFunctionArn.split(":");
32
32
  const token = Buffer.from(evt.protocolData.mqtt?.password ?? "", "base64").toString();
33
- const ret = await input(token);
33
+ const { principalId = evt.protocolData.mqtt?.username || Date.now().toString(), disconnectAfterInSeconds = 86400, refreshAfterInSeconds = 300, subscribe, publish, policyDocuments, } = await input(token);
34
34
  return {
35
35
  isAuthenticated: true,
36
- principalId: Date.now().toString(),
37
- disconnectAfterInSeconds: 86400,
38
- refreshAfterInSeconds: 300,
36
+ principalId,
37
+ disconnectAfterInSeconds,
38
+ refreshAfterInSeconds,
39
39
  policyDocuments: [
40
40
  {
41
41
  Version: "2012-10-17",
@@ -45,35 +45,36 @@ export var realtime;
45
45
  Effect: "Allow",
46
46
  Resource: "*",
47
47
  },
48
- ...(ret.subscribe
48
+ ...(subscribe
49
49
  ? [
50
50
  {
51
51
  Action: "iot:Receive",
52
52
  Effect: "Allow",
53
- Resource: ret.subscribe.map((t) => `arn:aws:iot:${region}:${accountId}:topic/${t}`),
53
+ Resource: subscribe.map((t) => `arn:aws:iot:${region}:${accountId}:topic/${t}`),
54
54
  },
55
55
  ]
56
56
  : []),
57
- ...(ret.subscribe
57
+ ...(subscribe
58
58
  ? [
59
59
  {
60
60
  Action: "iot:Subscribe",
61
61
  Effect: "Allow",
62
- Resource: ret.subscribe.map((t) => `arn:aws:iot:${region}:${accountId}:topicfilter/${t}`),
62
+ Resource: subscribe.map((t) => `arn:aws:iot:${region}:${accountId}:topicfilter/${t}`),
63
63
  },
64
64
  ]
65
65
  : []),
66
- ...(ret.publish
66
+ ...(publish
67
67
  ? [
68
68
  {
69
69
  Action: "iot:Publish",
70
70
  Effect: "Allow",
71
- Resource: ret.publish.map((t) => `arn:aws:iot:${region}:${accountId}:topic/${t}`),
71
+ Resource: publish.map((t) => `arn:aws:iot:${region}:${accountId}:topic/${t}`),
72
72
  },
73
73
  ]
74
74
  : []),
75
75
  ],
76
76
  },
77
+ ...(policyDocuments ?? []),
77
78
  ],
78
79
  };
79
80
  };
package/package.json CHANGED
@@ -3,7 +3,7 @@
3
3
  "name": "sst",
4
4
  "type": "module",
5
5
  "sideEffects": false,
6
- "version": "3.0.61",
6
+ "version": "3.0.63",
7
7
  "main": "./dist/index.js",
8
8
  "exports": {
9
9
  ".": "./dist/index.js",
@@ -47,11 +47,11 @@
47
47
  }
48
48
  },
49
49
  "optionalDependencies": {
50
- "sst-linux-x64": "3.0.61",
51
- "sst-linux-x86": "3.0.61",
52
- "sst-linux-arm64": "3.0.61",
53
- "sst-darwin-x64": "3.0.61",
54
- "sst-darwin-arm64": "3.0.61"
50
+ "sst-linux-x64": "3.0.63",
51
+ "sst-linux-x86": "3.0.63",
52
+ "sst-linux-arm64": "3.0.63",
53
+ "sst-darwin-x64": "3.0.63",
54
+ "sst-darwin-arm64": "3.0.63"
55
55
  },
56
56
  "dependencies": {
57
57
  "@aws-sdk/client-lambda": "3.478.0",