UNPKG

sst

Version:

github.com/sst/sst

sst/sst

119 lines (118 loc) 3.81 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
import { IoTCustomAuthorizerHandler, PolicyDocument } from "aws-lambda"; /** * The `realtime` client SDK is available through the following. * * @example * ```js title="src/authorizer.ts" * import { realtime } from "sst/aws/realtime"; * ``` */ export declare namespace realtime { interface AuthResult { /** * The principal ID of the authorized client. This could be a user ID, username, or * phone number. * * The value must be an alphanumeric string with at least one, and no more than 128, * characters and match the regex pattern, `([a-zA-Z0-9]){1,128}`. */ principalId?: string; /** * The maximum duration in seconds of the connection to IoT Core. * * :::note * This is set when the connection is established and cannot be modified during subsequent * policy refresh authorization handler invocations. * ::: * * The minimum value is 300 seconds, and the maximum is 86400 seconds. * @default `86400` */ disconnectAfterInSeconds?: number; /** * The duration in seconds between policy refreshes. After the given duration, IoT Core * will invoke the authorization handler function. * * The minimum value is 300 seconds, and the maximum value is 86400 seconds. */ refreshAfterInSeconds?: number; /** * The topics the client can subscribe to. * @example * For example, this subscribes to two specific topics. * ```js * { * subscribe: ["chat/room1", "chat/room2"] * } * ``` * * And to subscribe to all topics under a given prefix. * ```js * { * subscribe: ["chat/*"] * } * ``` */ subscribe?: string[]; /** * The topics the client can publish to. * @example * For example, this publishes to two specific topics. * ```js * { * publish: ["chat/room1", "chat/room2"] * } * ``` * And to publish to all topics under a given prefix. * ```js * { * publish: ["chat/*"] * } * ``` */ publish?: string[]; /** * Any additional [IoT Core policy documents](https://docs.aws.amazon.com/iot/latest/developerguide/iot-policies.html) to attach to the client. * * There's a maximum of 10 policy documents. Where each document can contain a maximum of * 2048 characters. * @example * ```js * { * policyDocuments: [ * { * Version: "2012-10-17", * Statement: [ * { * Action: "iot:Publish", * Effect: "Allow", * Resource: "*" * } * ] * } * ] * } * ``` */ policyDocuments?: PolicyDocument[]; } /** * Creates an authorization handler for the `Realtime` component. It validates * the token and grants permissions for the topics the client can subscribe and publish to. * * @example * ```js title="src/authorizer.ts" "realtime.authorizer" * export const handler = realtime.authorizer(async (token) => { * // Validate the token * console.log(token); * * // Return the topics to subscribe and publish * return { * subscribe: ["*"], * publish: ["*"], * }; * }); * ``` */ function authorizer(input: (token: string) => Promise<AuthResult>): IoTCustomAuthorizerHandler; }