customBaseQuery.ts

import { getToken } from 'ducks/Auth/selectors';
import {
  getSelectedCompanyId,
  environmentSelector,
  regionSelector,
  apiKeySelector,
  SMApiUrlSelector,
  SMapiKeySelector,
} from 'ducks/selectors';
import {
  calculateSigningKey,
  buildCanonicalRequest,
  buildAuthorizationHeader,
  sha256Str,
  toHex,
  hmacSha256,
} from './sigV4Utils';

export const customBaseQuery = async (
  {
    url, method, body, params = {},
  }: { url: string; method: 'GET' | 'POST' | 'PUT' | 'DELETE'; body?: any; params?: { pathParams?: Record<string, string>; queryParams?: Record<string, any> } },
  { getState }: { getState: () => any },
) => {
  const state = getState();

  // Get configuration from state using your selectors
  const token = getToken(state);
  const companyId = getSelectedCompanyId(state);
  const region = regionSelector(state) || 'us-east-1';
  const SMApiUrl = SMApiUrlSelector(state);
  const SMapiKey = SMapiKeySelector(state);

  // Prepare AWS credentials
  const accessKey = token?.Credentials?.AccessKeyId || '';
  const secretKey = token?.Credentials?.SecretKey || '';
  const sessionToken = token?.Credentials?.SessionToken;
  const service = 'execute-api';
  const baseURL = SMApiUrl;

  // Replace path parameters in the URL.
  let resolvedUrl = url.replace(/{(\w+)}/g, (_, key) => (params.pathParams && params.pathParams[key] ? encodeURIComponent(params.pathParams[key]) : `{${key}}`));
  resolvedUrl = `${baseURL}${resolvedUrl}`;

  // Handle query parameters
  const queryString = params.queryParams
    ? new URLSearchParams(params.queryParams).toString()
    : '';
  const fullUrl = queryString ? `${resolvedUrl}?${queryString}` : resolvedUrl;

  // Prepare headers
  const headers: Record<string, string> = {
    'Content-Type': 'application/json',
    Accept: 'application/json',
    ...(SMapiKey && { 'x-api-key': SMapiKey }),
    ...(sessionToken && { 'x-amz-security-token': sessionToken }),
  };

  const datetime = new Date().toISOString().replace(/[:-]|\.\d{3}/g, '');
  const date = datetime.substring(0, 8);
  headers['x-amz-date'] = datetime;

  const bodyString = body ? JSON.stringify(body) : '';

  try {
    // Build canonical request
    const canonicalRequest = await buildCanonicalRequest(
      method.toUpperCase(),
      new URL(fullUrl).pathname,
      params.queryParams || {},
      headers,
      bodyString,
    );

    const hashedCanonicalRequest = toHex(await sha256Str(canonicalRequest));
    const signingKey = await calculateSigningKey(secretKey, date, region, service);
    const stringToSign = [
      'AWS4-HMAC-SHA256',
      datetime,
      `${date}/${region}/${service}/aws4_request`,
      hashedCanonicalRequest,
    ].join('\n');
    const signature = toHex(await hmacSha256(signingKey, stringToSign));

    headers.Authorization = buildAuthorizationHeader(
      accessKey,
      `${date}/${region}/${service}/aws4_request`,
      headers,
      signature,
    );

    const response = await fetch(fullUrl, {
      method: method.toUpperCase(),
      headers,
      body: bodyString,
    });

    const data = await response.json().catch(() => ({}));
    return response.ok ? { data } : { error: { status: response.status, data } };
  } catch (error: any) {
    return { error: { status: 500, data: error.message } };
  }
};