gql.transport.appsync_auth¶

class gql.transport.appsync_auth.AppSyncAuthentication¶

Bases: ABC

AWS authentication abstract base class

All AWS authentication class should have a get_headers method which defines the headers used in the authentication process.

get_auth_url(url: str) → str¶

Returns: a url with base64 encoded headers used to establish a websocket connection to the appsync-realtime-api.

abstract get_headers(data: Optional[str] = None, headers: Optional[Dict[str, Any]] = None) → Dict[str, Any]¶

class gql.transport.appsync_auth.AppSyncApiKeyAuthentication(host: str, api_key: str)¶

Bases: AppSyncAuthentication

AWS authentication class using an API key

__init__(host: str, api_key: str) → None¶

Parameters

host – the host, something like: XXXXXXXXXXXXXXXXXXXXXXXXXX.appsync-api.REGION.amazonaws.com
api_key – the API key

get_headers(data: Optional[str] = None, headers: Optional[Dict[str, Any]] = None) → Dict[str, Any]¶

get_auth_url(url: str) → str¶

Returns: a url with base64 encoded headers used to establish a websocket connection to the appsync-realtime-api.

class gql.transport.appsync_auth.AppSyncJWTAuthentication(host: str, jwt: str)¶

Bases: AppSyncAuthentication

AWS authentication class using a JWT access token.

It can be used either for:

Amazon Cognito user pools
OpenID Connect (OIDC)

__init__(host: str, jwt: str) → None¶

Parameters

host – the host, something like: XXXXXXXXXXXXXXXXXXXXXXXXXX.appsync-api.REGION.amazonaws.com
jwt – the JWT Access Token

get_headers(data: Optional[str] = None, headers: Optional[Dict[str, Any]] = None) → Dict[str, Any]¶

get_auth_url(url: str) → str¶

Returns: a url with base64 encoded headers used to establish a websocket connection to the appsync-realtime-api.

class gql.transport.appsync_auth.AppSyncIAMAuthentication(host: str, region_name: Optional[str] = None, signer: Optional[botocore.auth.BaseSigner] = None, request_creator: Optional[Callable[[Dict[str, Any]], botocore.awsrequest.AWSRequest]] = None, credentials: Optional[botocore.credentials.Credentials] = None, session: Optional[botocore.session.Session] = None)¶

Bases: AppSyncAuthentication

AWS authentication class using IAM.

Note

There is no need for you to use this class directly, you could instead intantiate gql.transport.appsync_websockets.AppSyncWebsocketsTransport without an auth argument.

During initialization, this class will use botocore to attempt to find your IAM credentials, either from environment variables or from your AWS credentials file.

__init__(host: str, region_name: Optional[str] = None, signer: Optional[botocore.auth.BaseSigner] = None, request_creator: Optional[Callable[[Dict[str, Any]], botocore.awsrequest.AWSRequest]] = None, credentials: Optional[botocore.credentials.Credentials] = None, session: Optional[botocore.session.Session] = None) → None¶

Initialize itself, saving the found credentials used to sign the headers later.

if no credentials are found, then a NoCredentialsError is raised.

get_headers(data: Optional[str] = None, headers: Optional[Dict[str, Any]] = None) → Dict[str, Any]¶

get_auth_url(url: str) → str¶

Returns: a url with base64 encoded headers used to establish a websocket connection to the appsync-realtime-api.