aurora-dsql-sqlx-connector 0.2.1

Aurora DSQL connector for SQLx
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75

// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0

use aws_sdk_dsql::auth_token::AuthTokenGenerator;

use crate::config::DsqlConnectOptions;
use crate::{DsqlError, Result};
use sqlx::postgres::{PgPool, PgPoolOptions};

/// Parse a connection string, create a PgPool, verify connectivity,
/// and spawn a background token refresh task.
pub async fn connect(url: &str) -> Result<PgPool> {
    let config = DsqlConnectOptions::from_connection_string(url)?;
    connect_with(&config, PgPoolOptions::new()).await
}

/// Create a PgPool from pre-built options, verify connectivity,
/// and spawn a background token refresh task.
pub async fn connect_with(
    config: &DsqlConnectOptions,
    pool_options: PgPoolOptions,
) -> Result<PgPool> {
    let sdk_config =
        crate::config::load_aws_config(config.profile(), config.credentials_provider()).await;
    let host = config.resolve_host(&sdk_config)?;
    let region = config.resolve_region(&sdk_config)?;
    let signer =
        crate::token::build_signer(&host, &region, &sdk_config, Some(config.token_duration()))?;

    let user = config.pg_connect_options().get_username();
    let token = crate::token::generate_token(&signer, user, &sdk_config).await?;
    let opts = config.build_connect_options(&sdk_config, &token)?;

    let pool = pool_options
        .connect_with(opts)
        .await
        .map_err(DsqlError::ConnectionError)?;

    spawn_refresh_task(pool.clone(), config.clone(), signer, sdk_config);
    Ok(pool)
}

fn spawn_refresh_task(
    pool: PgPool,
    config: DsqlConnectOptions,
    signer: AuthTokenGenerator,
    sdk_config: aws_config::SdkConfig,
) {
    tokio::spawn(async move {
        let mut interval = tokio::time::interval(config.refresh_interval());
        interval.tick().await; // skip the immediate first tick
        loop {
            tokio::select! {
                _ = pool.close_event() => break,
                _ = interval.tick() => {
                    if let Err(e) = refresh_token(&config, &signer, &sdk_config, &pool).await {
                        log::error!("token refresh failed: {:?}", e);
                    }
                }
            }
        }
    });
}

async fn refresh_token(
    config: &DsqlConnectOptions,
    signer: &AuthTokenGenerator,
    sdk_config: &aws_config::SdkConfig,
    pool: &PgPool,
) -> Result<()> {
    let user = config.pg_connect_options().get_username();
    let token = crate::token::generate_token(signer, user, sdk_config).await?;
    pool.set_connect_options(config.build_connect_options(sdk_config, &token)?);
    Ok(())
}