fix(DataStore): auth plugin requirement for single auth rule

[lawmicha]

Issue #

aws-amplify/amplify-flutter#3967
aws-amplify/amplify-flutter#3967 (comment)

V1 PR #3454

Description

The auth mode strategy and the auth rules are used in determination of whether the auth plugin is required for DataStore. Some common scenarios are

• No auth rules on the models does not require auth plugin
• Single auth rule on a model should make its determination based on the provider.
  • OIDC/lambda - does not require auth plugin, but requires auth provider on the APIPLugin
  • APIKey - does not require auth plugin, the key is the configuration of the APIPlugin.
  • UserPools/IAM - requires auth plugin
• Multi-Auth rules with multi-auth enabled, require auth plugin if any of the rules requires auth plugin.

The issue in aws-amplify/amplify-flutter#3967 describes the scenario

• multi-auth rules: OIDC and IAM
• OIDC auth provider on the APIPlugin
• multi-auth not enabled- only want to use the default authorization (OIDC) from the API

The problem was DataStore was requiring auth plugin for this scenario. The change in this PR addresses that by only checking the auth rules if and only if there is one auth rule when multi-auth is not enabled. If there is more than one auth rule, fall back to the API's default auth type. There are also some edge cases that remains the same in the logic and were not changed by this PR: if there are no auth rules, do not require auth plugin. if there is an auth rule but no provider can be found, also fall back to the API's default auth type.

General Checklist

• Added new tests to cover change, if needed
• Build succeeds with all target using Swift Package Manager
• All unit tests pass
• All integration tests pass
• Security oriented best practices and standards are followed (e.g. using input sanitization, principle of least privilege, etc)
• Documentation update for the change if required
• PR title conforms to conventional commit style
• New or updated tests include Given When Then inline code documentation and are named accordingly testThing_condition_expectation()
• If breaking change, documentation/changelog update with migration instructions

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (a0ee257) 68.13% compared to head (15d76ae) 68.14%.
Report is 18 commits behind head on main.

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3453      +/-   ##
==========================================
+ Coverage   68.13%   68.14%   +0.01%     
==========================================
  Files        1085     1085              
  Lines       36248    36266      +18     
==========================================
+ Hits        24699    24715      +16     
- Misses      11549    11551       +2     

Flag	Coverage Δ
API_plugin_unit_test	67.07% <ø> (ø)
AWSPluginsCore	64.38% <ø> (ø)
Amplify	48.21% <ø> (ø)
Analytics_plugin_unit_test	81.16% <ø> (ø)
Auth_plugin_unit_test	79.04% <ø> (+0.01%)	⬆️
CoreMLPredictions_plugin_unit_test	59.44% <ø> (ø)
DataStore_plugin_unit_test	81.26% <100.00%> (-0.01%)	⬇️
Geo_plugin_unit_test	70.75% <ø> (ø)
Logging_plugin_unit_test	63.22% <ø> (ø)
Predictions_plugin_unit_test	37.29% <ø> (ø)
PushNotifications_plugin_unit_test	87.03% <ø> (ø)
Storage_plugin_unit_test	78.10% <ø> (ø)
unit_tests	68.14% <100.00%> (+0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.