baas | Blasphemy as a Service | REST library

I'm finding the Amplify SDKs for iOS difficult to work with, likely because we don't seem to fit in with their target audience. Amplify offers mobile developers a BaaS solution, and as such the Amplify SDK is heavily-geared towards this use case. Our team however has dedicated DevOps engineers who use Terraform to provision AWS resources. While their documentation states that it is possible to use the Amplify SDK with pre-existing resources, I'm finding it clunky at best -- having to manually configure the amplifyconfiguration.json file with limited documentation is frustrating, and I've had a lot of difficulty getting the Auth SDK to work with our Cognito setup. That, along with the vendor lock-in, is making me reconsider our decision to integrate the Amplify SDK in our mobile clients.

Which leads me to my question: are there any obvious disadvantages to using open-source client-side libraries to integrate with AWS resources instead of the Amplify SDK? Considering that we don't have any need for the BaaS aspect of Amplify and are only really needing OAuth via Cognito and GraphQL via AppSync, could we get away with using libraries like AppAuth and Apollo to forego Amplify entirely?

We're using SAP Cloud SDK 3.32.0 with SpringBoot. We've generated a typed OData service based on the EDMX metadata file generated by the service and use the generated client in our code. All logs entries showing our issue are below (cleaned them up a bit to show the important parts only)

The situation is the following:

• We send a myservice.createEntity(MyEntity).exectureRequest(myDestination) with the generated client. Since this is a modifying/creating call, the client first requests a CSRF token. This works fine as shown in the logs below (first HEAD and POST calls)
• Next we call a function with myservice.myFunction(p1, p2, p3).executeRequest(myDestination). This is a function exposed by the same OData service, so the service path is the same. Since this function is a POST, the client will again try to fetch a CSRF token. However, this results in a HTTP 403 Forbidden status code. We do not get the CSRF token (see second HEAD request in the logs below).
• The function call is still executed, but with an empty X-CSRF-Token http header (second POST request in logs).
• Although we seem to receive a response from the OData service, the client finallly times out (Read time out) and we are unable to process the result of the function call.

Debugging/clicking through the code of the CloudSDK, I discovered that the generated "FluentHelperFunction" class has it's own logic for retrieving the CSRF token (e.g. it uses "Fetch" in the HEAD requests), where as the FluentHelperCreate class uses the DefaultCsrfRetriever class (which uses lower case "fetch" for the HEAD call).

So my questions are:

• Why does the HEAD call for CSRF fail when done by a function call (i.e. myservice.myFunction())
• Why does the FluentHelperFunction class have it's own logic for getting a CSRF token?
• What can I do to make this work properly. Or is this a bug in the SDK?

Logs:

If I'm building a BaaS (Backend-as-a-Service) type of app, how would I give tokens to the users of my Clients' apps?

My thoughts:

• I'm thinking Authorization grant but that would cause a redirect.
• Users ask for Client to get token for them using client credentials. Not really OAuth2.
• Users ask BaaS directly for token which then asks Client first if it should. Not OAuth2 at all.

I can mark Client's Apps as first-party but that would still need a redirect just to get an authorization code. It would not just prompt for authorization.

Say I would build an SDK for this BaaS that might look like:

There are two applications that I'm building. I need to implement calling from one application to another. How can I implement that ?

Basically, user on app1 should be able to call user on app2. It's like how UBER customers can call UBER driver app using internet. I'm using firebase as a BaaS.

Please mention links to relevant articles and tutorials.

I'm trying to have a docker container use my local mysql database. Using docker-compose up, I am able to get all the pieces running, however, the db exits with status code 1, and the rails application cannot connect to any database instance. I know that mysql is running on my system and that the service has been started. My docker-compose file:

I have a nested hash like this where it can have 50 values:

I have a recyclerView with an adapter that is inflating a custom layout (Folding cell library). after inflating, in onCreateViewHolder, I am initializing a lot of views (mostly textViews) like below:

I did create a struct GetData in which there is a func callAlamofire. I do the call to the url and get the data in the console without problems. My problem is assigning a string I did obtain after parsing to a property of the Dato struct. I have an error "Cannot assign to property: 'name' is a 'let' constant". This error is in the last written code

self.dato.name = self.name

I pretend to create an array datos of the Struct, then call it all in the ViewController, and from here populate my tableView.`

What I currently I do is to deploy my Django application to Heroku through Building Docker Images with heroku.yml. The app is built well, but it cannot connect to the database, because of the host is not configured correctly. My heroku.yml config is