Support for alternate credentials option

README.md

@@ -143,7 +143,17 @@ Complete the following steps:
 
 ##### Note
 
-* _This sample application has been tested in iPhone XS and iPhone 6._
+* _This sample application has been tested in Simulator (iPhone 16e) and iPhone SE 2nd Generation._
+
+
+#### Using AWS credentials directly instead of Cognito
+
+> [!IMPORTANT]
+> This is not recommended for production use.
+
+In the `Constants.swift`, replaces awsAccessKey and awsSecretKey (optional: awsSessionToken) with your values.
+
+Upon launching the application, it will skip the sign in screen and go straight to the channel configuration screen.
 
 ## Troubleshooting
 

Swift/KVSiOSApp/AppDelegate.swift

@@ -15,6 +15,22 @@ class AppDelegate: UIResponder, UIApplicationDelegate {
     func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplicationLaunchOptionsKey: Any]?) -> Bool {
         // Override point for customization after application launch.
 
+        // Check if AWS credentials are provided to bypass Cognito
+        if let accessKey = awsAccessKey, let secretKey = awsSecretKey, !accessKey.isEmpty, !secretKey.isEmpty {
+            // Use static AWS credentials
+            print("Bypassing Cognito sign-in screen")
+            print("⚠️ WARNING: Using static AWS credentials - FOR PROTOTYPING ONLY, DO NOT USE IN PRODUCTION!")
+
+            // Skip to channel configuration
+            self.storyboard = UIStoryboard(name: "Main", bundle: nil)
+            self.navigationController = self.storyboard?.instantiateViewController(withIdentifier: "channelConfig") as? UINavigationController
+            self.channelConfigViewController = self.navigationController?.viewControllers[0] as? ChannelConfigurationViewController
+            DispatchQueue.main.async {
+                self.window?.rootViewController?.present(self.navigationController!, animated: true, completion: nil)
+            }
+            return true
+        }
+
         // Warn user if configuration not updated
         if (cognitoIdentityUserPoolId == "REPLACEME") {
             let alertController = UIAlertController(title: "Invalid Configuration",

Swift/KVSiOSApp/ChannelConfigurationViewController.swift

@@ -44,6 +44,20 @@ class ChannelConfigurationViewController: UIViewController, UITextFieldDelegate
 
     var peerConnection: RTCPeerConnection?
 
+    // Helper function to get appropriate credentials provider
+    private func getCredentialsProvider() -> AWSCredentialsProvider {
+        if let accessKey = awsAccessKey, let secretKey = awsSecretKey, !accessKey.isEmpty, !secretKey.isEmpty {
+            print("⚠️ WARNING: Using static AWS credentials - FOR PROTOTYPING ONLY, DO NOT USE IN PRODUCTION!")
+
+            if let sessionToken = awsSessionToken, !sessionToken.isEmpty {
+                return AWSBasicSessionCredentialsProvider(accessKey: accessKey, secretKey: secretKey, sessionToken: sessionToken)
+            } else {
+                return AWSStaticCredentialsProvider(accessKey: accessKey, secretKey: secretKey)
+            }
+        }
+        return AWSMobileClient.default()
+    }
+
     override func viewDidAppear(_ animated: Bool) {
         super.viewDidAppear(true)
         self.signalingConnected = false
@@ -94,6 +108,11 @@ class ChannelConfigurationViewController: UIViewController, UITextFieldDelegate
     }
 
     @IBAction func signOut(_ sender: AnyObject) {
+        if let accessKey = awsAccessKey, let secretKey = awsSecretKey, !accessKey.isEmpty, !secretKey.isEmpty {
+            popUpError(title: "Using hard-coded credentials", message: "Do not use this in production")
+            return
+        }
+
         AWSMobileClient.default().signOut()
         let mainStoryBoard: UIStoryboard = UIStoryboard(name: "Main", bundle: nil)
         self.present((mainStoryBoard.instantiateViewController(withIdentifier: "signinController") as? UINavigationController)!, animated: true, completion: nil)
@@ -145,7 +164,7 @@ class ChannelConfigurationViewController: UIViewController, UITextFieldDelegate
             print("Generated clientID is \(self.localSenderId)")
         }
         // Kinesis Video Client Configuration
-        let configuration = AWSServiceConfiguration(region: awsRegionType, credentialsProvider: AWSMobileClient.default())
+        let configuration = AWSServiceConfiguration(region: awsRegionType, credentialsProvider: getCredentialsProvider())
         AWSKinesisVideo.register(with: configuration!, forKey: awsKinesisVideoKey)
 
         // Attempt to retrieve signalling channel.  If it does not exist create the channel
@@ -297,7 +316,7 @@ class ChannelConfigurationViewController: UIViewController, UITextFieldDelegate
         let configuration =
             AWSServiceConfiguration(region: regionType,
                                     endpoint: endpoint,
-                                    credentialsProvider: AWSMobileClient.default())
+                                    credentialsProvider: getCredentialsProvider())
         AWSKinesisVideoSignaling.register(with: configuration!, forKey: awsKinesisVideoKey)
         let kvsSignalingClient = AWSKinesisVideoSignaling(forKey: awsKinesisVideoKey)
 
@@ -373,13 +392,16 @@ class ChannelConfigurationViewController: UIViewController, UITextFieldDelegate
 
     func createSignedWSSUrl(channelARN: String, region: String, wssEndpoint: String?, isMaster: Bool) -> URL? {
         // get AWS credentials to sign WSS Url with
-        var AWSCredentials : AWSCredentials?
-        AWSMobileClient.default().getAWSCredentials { credentials, _ in
-            AWSCredentials = credentials
-        }
+        var awsCreds : AWSCredentials?
+
+        getCredentialsProvider().credentials().continueWith { task in
+                awsCreds = task.result
+                return nil
+            }.waitUntilFinished()
 
-        while(AWSCredentials == nil){
-            usleep(5)
+        guard awsCreds != nil else {
+            popUpError(title: "Error fetching credentials", message: "Unable to fetch the credentials")
+            return nil
         }
 
         var httpURlString = wssEndpoint!
@@ -391,9 +413,9 @@ class ChannelConfigurationViewController: UIViewController, UITextFieldDelegate
         let wssRequestURL = URL(string: wssEndpoint!)
         let wssURL = KVSSigner
             .sign(signRequest: httpRequestURL!,
-                  secretKey: (AWSCredentials?.secretKey)!,
-                  accessKey: (AWSCredentials?.accessKey)!,
-                  sessionToken: (AWSCredentials?.sessionKey)!,
+                  secretKey: (awsCreds?.secretKey)!,
+                  accessKey: (awsCreds?.accessKey)!,
+                  sessionToken: (awsCreds?.sessionKey ?? ""),
                   wssRequest: wssRequestURL!,
                   region: region)
         return wssURL

Swift/KVSiOSApp/Constants.swift

@@ -28,6 +28,12 @@ let connectAsViewClientId = "ConsumerViewer"
 
 let userAgentHeader = "User-Agent"
 
+// AWS Credentials (set these to bypass Cognito authentication)
+// Not recommended to use this in production
+let awsAccessKey: String? = nil // "YOUR_ACCESS_KEY"
+let awsSecretKey: String? = nil // "YOUR_SECRET_KEY"
+let awsSessionToken: String? = nil // "YOUR_SESSION_TOKEN", leave as nil if not using ephemeral credentials
+
 // AWSv4 signer constants
 let signerAlgorithm = "AWS4-HMAC-SHA256"
 let awsRequestTypeKey = "aws4_request"