@@ -139,7 +139,6 @@ - (BFTask *)refresh {
139139 self.secretKey = wifResponse.credentials .secretAccessKey ;
140140 self.sessionKey = wifResponse.credentials .sessionToken ;
141141 self.expiration = wifResponse.credentials .expiration ;
142- [self .keychain synchronize ];
143142 }
144143 } else {
145144 // reset the values for the credentials
@@ -148,7 +147,6 @@ - (BFTask *)refresh {
148147 self.secretKey = nil ;
149148 self.sessionKey = nil ;
150149 self.expiration = nil ;
151- [self .keychain synchronize ];
152150 }
153151 }
154152
@@ -320,7 +318,7 @@ + (instancetype)credentialsWithRegionType:(AWSRegionType)regionType
320318
321319+ (instancetype )credentialsWithRegionType : (AWSRegionType)regionType
322320 identityPoolId : (NSString *)identityPoolId {
323-
321+
324322 return [AWSCognitoCredentialsProvider credentialsWithRegionType: regionType
325323 identityId: nil
326324 identityPoolId: identityPoolId
@@ -331,35 +329,35 @@ + (instancetype)credentialsWithRegionType:(AWSRegionType)regionType
331329 identityId : (NSString *)identityId
332330 identityPoolId : (NSString *)identityPoolId
333331 logins : (NSDictionary *)logins {
334-
332+
335333 AWSCognitoCredentialsProvider *credentials = [[AWSCognitoCredentialsProvider alloc ] initWithRegionType: regionType
336334 identityId: identityId
337335 identityPoolId: identityPoolId
338336 logins: logins];
339337 return credentials;
340-
338+
341339}
342340
343341
344342- (instancetype )initWithRegionType : (AWSRegionType)regionType
345343 identityId : (NSString *)identityId
346344 identityPoolId : (NSString *)identityPoolId
347345 logins : (NSDictionary *)logins {
348-
346+
349347 AWSEnhancedCognitoIdentityProvider *identityProvider = [[AWSEnhancedCognitoIdentityProvider alloc ]
350- initWithRegionType: regionType
351- identityId: identityId
352- identityPoolId: identityPoolId
353- logins: logins];
354-
355-
348+ initWithRegionType: regionType
349+ identityId: identityId
350+ identityPoolId: identityPoolId
351+ logins: logins];
352+
353+
356354 AWSCognitoCredentialsProvider *credentials = [[AWSCognitoCredentialsProvider alloc ] initWithRegionType: regionType
357355 identityProvider: identityProvider
358356 unauthRoleArn: nil
359357 authRoleArn: nil ];
360-
358+
361359 credentials.useEnhancedFlow = YES ;
362-
360+
363361 return credentials;
364362}
365363
@@ -407,7 +405,6 @@ - (instancetype)initWithRegionType:(AWSRegionType)regionType
407405 // If the identity provider has an identity id, use it
408406 if (identityProvider.identityId ) {
409407 _keychain[AWSCredentialsProviderKeychainIdentityId] = identityProvider.identityId ;
410- [_keychain synchronize ];
411408 }
412409 // Otherwise push whatever is in the keychain down to the identity provider
413410 else {
@@ -418,9 +415,9 @@ - (instancetype)initWithRegionType:(AWSRegionType)regionType
418415 AWSServiceConfiguration *configuration = [AWSServiceConfiguration configurationWithRegion: regionType
419416 credentialsProvider: credentialsProvider];
420417
421- _sts = [[AWSSTS new ] initWithConfiguration: configuration];
418+ _sts = [[AWSSTS alloc ] initWithConfiguration: configuration];
422419 _cib = [[AWSCognitoIdentity new ] initWithConfiguration: configuration];
423-
420+
424421 // Use the new flow if we explictly created an ehancedProvider
425422 // or if the roles are both nil (developer authenticated identities flow)
426423 _useEnhancedFlow = [identityProvider isKindOfClass: [AWSEnhancedCognitoIdentityProvider class ]] || ((unauthRoleArn == nil ) && (authRoleArn == nil ));
@@ -434,14 +431,14 @@ - (BFTask *)getCredentialsWithSTS:(NSString *)token authenticated:(BOOL)auth {
434431 if (auth) {
435432 roleArn = self.authRoleArn ;
436433 }
437-
434+
438435 if (roleArn == nil ) {
439436 return [BFTask taskWithError: [NSError errorWithDomain: AWSCognitoCredentialsProviderErrorDomain
440437 code: AWSCognitoCredentialsProviderInvalidConfiguration
441438 userInfo: @{NSLocalizedDescriptionKey : @" Required role ARN is nil"
442439 ];
443440 }
444-
441+
445442 AWSSTSAssumeRoleWithWebIdentityRequest *webIdentityRequest = [AWSSTSAssumeRoleWithWebIdentityRequest new ];
446443 webIdentityRequest.roleArn = roleArn;
447444 webIdentityRequest.webIdentityToken = token;
@@ -454,21 +451,20 @@ - (BFTask *)getCredentialsWithSTS:(NSString *)token authenticated:(BOOL)auth {
454451 self.secretKey = webIdentityResponse.credentials .secretAccessKey ;
455452 self.sessionKey = webIdentityResponse.credentials .sessionToken ;
456453 self.expiration = webIdentityResponse.credentials .expiration ;
457- [self .keychain synchronize ];
458454 }
459455 } else {
460456 // reset the values for the credentials
461457 [self clearCredentials ];
462458 }
463-
459+
464460 return task;
465461 }];
466462}
467463
468464- (BFTask *)getCredentialsWithCognito : (NSString *)token authenticated : (BOOL )auth {
469465 // Grab a reference to our provider in case it changes out from under us
470466 id <AWSCognitoIdentityProvider> providerRef = self.
identityProvider ;
471-
467+
472468 AWSCognitoIdentityGetCredentialsForIdentityInput *getCredentialsInput = [AWSCognitoIdentityGetCredentialsForIdentityInput new ];
473469 getCredentialsInput.identityId = self.identityId ;
474470 if (token) {
@@ -477,26 +473,26 @@ - (BFTask *)getCredentialsWithCognito:(NSString *)token authenticated:(BOOL)auth
477473 else {
478474 getCredentialsInput.logins = self.logins ;
479475 }
480-
481-
476+
477+
482478 return [[[self .cib getCredentialsForIdentity: getCredentialsInput] continueWithBlock: ^id (BFTask *task) {
483479 // When an invalid identityId is cached in the keychain for auth,
484480 // we will refresh the identityId and try to get credentials token again.
485481 if (task.error ) {
486482 AWSLogError (@" GetCredentialsForIdentity failed. Error is [%@ ]" error );
487-
483+
488484 // If it's auth or we caught a not found or validation error
489485 // we want to reset the identity id, otherwise, just return
490486 // the error to our caller
491487 if (!(auth || [AWSCognitoCredentialsProvider shouldResetIdentityId: task.error])) {
492488 return task;
493489 }
494-
490+
495491 AWSLogVerbose (@" Resetting identity Id and calling getIdentityId"
496492 // if it's auth, reset id and refetch
497493 self.identityId = nil ;
498494 providerRef.identityId = nil ;
499-
495+
500496 return [[providerRef getIdentityId ] continueWithSuccessBlock: ^id (BFTask *task) {
501497 // This should never happen, but just in case
502498 if (!providerRef.identityId ) {
@@ -508,14 +504,14 @@ - (BFTask *)getCredentialsWithCognito:(NSString *)token authenticated:(BOOL)auth
508504 ];
509505 }
510506 self.identityId = providerRef.identityId ;
511-
507+
512508 AWSLogVerbose (@" Retrying GetCredentialsForIdentity"
513-
509+
514510 // retry get credentials
515511 AWSCognitoIdentityGetCredentialsForIdentityInput *getCredentialsRetry = [AWSCognitoIdentityGetCredentialsForIdentityInput new ];
516512 getCredentialsRetry.identityId = self.identityId ;
517513 getCredentialsRetry.logins = self.logins ;
518-
514+
519515 return [self .cib getCredentialsForIdentity: getCredentialsRetry];
520516 }];
521517 }
@@ -529,10 +525,9 @@ - (BFTask *)getCredentialsWithCognito:(NSString *)token authenticated:(BOOL)auth
529525 self.secretKey = getCredentialsResponse.credentials .secretKey ;
530526 self.sessionKey = getCredentialsResponse.credentials .sessionToken ;
531527 self.expiration = getCredentialsResponse.credentials .expiration ;
532- [self .keychain synchronize ];
533-
528+
534529 NSString *identityIdFromResponse = getCredentialsResponse.identityId ;
535-
530+
536531 // This should never happen, but just in case
537532 if (!identityIdFromResponse) {
538533 AWSLogError (@" identityId from getCredentialsForIdentity is nil"
@@ -541,12 +536,12 @@ - (BFTask *)getCredentialsWithCognito:(NSString *)token authenticated:(BOOL)auth
541536 userInfo: @{NSLocalizedDescriptionKey : @" identityId shouldn't be nil"
542537 ];
543538 }
544-
539+
545540 if (![self .identityId isEqualToString: identityIdFromResponse]) {
546541 self.identityId = identityIdFromResponse;
547542 providerRef.identityId = identityIdFromResponse;
548543 }
549-
544+
550545 return [BFTask taskWithResult: self .identityId];
551546 }];
552547}
@@ -569,8 +564,7 @@ - (BFTask *)refresh {
569564 }
570565
571566 self.identityId = providerRef.identityId ;
572- [self .keychain synchronize ];
573-
567+
574568 if (self.useEnhancedFlow ) {
575569 return [self getCredentialsWithCognito: providerRef.token authenticated: [providerRef isAuthenticated ]];
576570 }
@@ -612,7 +606,6 @@ - (BFTask *)getIdentityId {
612606 ];
613607 }
614608 self.identityId = providerRef.identityId ;
615- [self .keychain synchronize ];
616609 return task;
617610 }];
618611}
@@ -631,7 +624,6 @@ - (void)clearCredentials {
631624 self.secretKey = nil ;
632625 self.sessionKey = nil ;
633626 self.expiration = nil ;
634- [self .keychain synchronize ];
635627 }
636628}
637629
0 commit comments