public Principal getUserPrincipal()

in aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/jaxrs/AwsProxySecurityContext.java [78:111]

• 28 lines of code
• 10 McCabe index (conditional complexity)

    public Principal getUserPrincipal() {
        if (getAuthenticationScheme() == null) {
            return () -> null;
        }

        if (getAuthenticationScheme().equals(AUTH_SCHEME_CUSTOM) || getAuthenticationScheme().equals(AUTH_SCHEME_AWS_IAM)) {
            return () -> {
                if (getAuthenticationScheme().equals(AUTH_SCHEME_CUSTOM)) {
                    switch (event.getRequestSource()) {
                    case API_GATEWAY:
                        return event.getRequestContext().getAuthorizer().getPrincipalId();
                    case ALB:
                        return event.getMultiValueHeaders().getFirst(ALB_IDENTITY_HEADER);
                    }
                } else if (getAuthenticationScheme().equals(AUTH_SCHEME_AWS_IAM)) {
                    // if we received credentials from Cognito Federated Identities then we return the identity id
                    if (event.getRequestContext().getIdentity().getCognitoIdentityId() != null) {
                        return event.getRequestContext().getIdentity().getCognitoIdentityId();
                    } else { // otherwise the user arn from the credentials
                        return event.getRequestContext().getIdentity().getUserArn();
                    }
                }

                // return null if we couldn't find a valid scheme
                return null;
            };
        }

        if (getAuthenticationScheme().equals(AUTH_SCHEME_COGNITO_POOL)) {
            return new CognitoUserPoolPrincipal(event.getRequestContext().getAuthorizer().getClaims());
        }

        throw new RuntimeException("Cannot recognize authorization scheme in event");
    }