Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

test(DataStore): Update schemas for use 'sub' as default identity claim feature #1633

Open
wants to merge 21 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
21 commits
Select commit Hold shift + click to select a range
1130007
chore: update default identity claim to sub
div5yesh Jan 21, 2022
71f452c
Merge branch 'main' into chore/idclaim-sub-default
gpanshu Feb 15, 2022
2a8c4a3
Merge branch 'main' into chore/idclaim-sub-default
div5yesh Mar 9, 2022
fb85219
Merge branch 'main' into chore/idclaim-sub-default
div5yesh Apr 19, 2022
decb17b
Merge branch 'main' into chore/idclaim-sub-default
div5yesh Apr 21, 2022
e832f94
Merge branch 'main' into chore/idclaim-sub-default
sktimalsina May 3, 2022
76a6ad6
Merge branch 'main' into chore/idclaim-sub-default
div5yesh Jun 22, 2022
204c5dc
Merge branch 'main' into chore/idclaim-sub-default
div5yesh Jul 20, 2022
3f54098
Merge branch 'main' into chore/idclaim-sub-default
div5yesh Aug 13, 2022
705f408
Merge branch 'main' into chore/idclaim-sub-default
gpanshu Sep 20, 2022
0cfd555
Merge branch 'main' into chore/idclaim-sub-default
gpanshu Sep 20, 2022
e293c72
Merge branch 'main' into chore/idclaim-sub-default
gpanshu Mar 27, 2023
65374cc
Merge branch 'main' into chore/idclaim-sub-default
div5yesh Mar 28, 2023
1cd1aca
Merge branch 'main' into chore/idclaim-sub-default
gpanshu Aug 24, 2023
c37a5a4
fix(api): When a mutation response code indicates client error only c…
millsjustin Aug 24, 2023
8c7db01
Merge branch 'main' into chore/idclaim-sub-default
gpanshu Aug 24, 2023
c85f254
Fix for unit tests to pass as default value should be in the else branch
gpanshu Aug 24, 2023
f7e2886
Fix for empty claim check
gpanshu Aug 24, 2023
9c30081
Merge branch 'main' into chore/idclaim-sub-default
gpanshu Sep 1, 2023
240cdaa
Merge branch 'main' into chore/idclaim-sub-default
gpanshu Dec 20, 2023
be4f386
Merge branch 'main' into chore/idclaim-sub-default
mattcreaser Mar 27, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -120,7 +120,8 @@ public void ownerFieldAddedForImplicitOwnerAuthWhenUsingSchema() throws AmplifyE
.fields(fields)
.authRules(Collections.singletonList(AuthRule.builder()
.authStrategy(AuthStrategy.OWNER)
.identityClaim("cognito:username")
.identityClaim("sub")
.authProvider(AuthStrategy.Provider.USER_POOLS)
.ownerField("owner")
.operations(Arrays.asList(
ModelOperation.CREATE,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@
import static org.junit.Assert.assertEquals;

public class MultiAuthorizationTypeIteratorTest {
private static final String DEFAULT_ID_CLAIM = "cognito:username";
private static final String DEFAULT_ID_CLAIM = "sub";
private static final String DEFAULT_OWNER_FIELD = "owner";
private static final String DEFAULT_GROUP_CLAIM = "cognito:groups";
private static final String DEFAULT_GROUP_FIELD = "groups";
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -126,18 +126,18 @@ public String getOwnerFieldOrDefault() {
* Used to specify a custom claim.
* Defaults to "username" when using AuthStrategy.OWNER.
*
* Note: An older version of the CLI incorrectly generated a value of "cognito:username"
* Note: An older version of the CLI incorrectly generated a value of "sub"
* so we also check for this value and convert it to the proper default of "username" for
* backwards compatibility.
*
* @return identity claim
*/
@NonNull
public String getIdentityClaimOrDefault() {
final String cliGeneratedIdentityClaim = "cognito:username";
return Empty.check(identityClaim) || cliGeneratedIdentityClaim.equals(identityClaim)
? DEFAULT_IDENTITY_CLAIM
: identityClaim;
final String cliGeneratedIdentityClaim = "sub";
return cliGeneratedIdentityClaim.equals(identityClaim)
? identityClaim
: DEFAULT_IDENTITY_CLAIM;
}

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@
/** This is an auto generated class representing the OwnerPrivatePublicUPIAMAPIPost type in your schema. */
@SuppressWarnings("all")
@ModelConfig(pluralName = "OwnerPrivatePublicUPIAMAPIPosts", authRules = {
@AuthRule(allow = AuthStrategy.OWNER, ownerField = "owner", identityClaim = "cognito:username", provider = "userPools", operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ }),
@AuthRule(allow = AuthStrategy.OWNER, ownerField = "owner", identityClaim = "sub", provider = "userPools", operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ }),
@AuthRule(allow = AuthStrategy.PRIVATE, provider = "iam", operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ }),
@AuthRule(allow = AuthStrategy.PUBLIC, provider = "apiKey", operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ })
})
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@
/** This is an auto generated class representing the OwnerPrivateUPIAMPost type in your schema. */
@SuppressWarnings("all")
@ModelConfig(pluralName = "OwnerPrivateUPIAMPosts", authRules = {
@AuthRule(allow = AuthStrategy.OWNER, ownerField = "owner", identityClaim = "cognito:username", provider = "userPools", operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ }),
@AuthRule(allow = AuthStrategy.OWNER, ownerField = "owner", identityClaim = "sub", provider = "userPools", operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ }),
@AuthRule(allow = AuthStrategy.PRIVATE, provider = "iam", operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ })
})
public final class OwnerPrivateUPIAMPost implements Model {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@
/** This is an auto generated class representing the OwnerPublicUPAPIPost type in your schema. */
@SuppressWarnings("all")
@ModelConfig(pluralName = "OwnerPublicUPAPIPosts", authRules = {
@AuthRule(allow = AuthStrategy.OWNER, ownerField = "owner", identityClaim = "cognito:username", provider = "userPools", operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ }),
@AuthRule(allow = AuthStrategy.OWNER, ownerField = "owner", identityClaim = "sub", provider = "userPools", operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ }),
@AuthRule(allow = AuthStrategy.PUBLIC, provider = "apiKey", operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ })
})
public final class OwnerPublicUPAPIPost implements Model {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@
/** This is an auto generated class representing the OwnerPublicUPIAMPost type in your schema. */
@SuppressWarnings("all")
@ModelConfig(pluralName = "OwnerPublicUPIAMPosts", authRules = {
@AuthRule(allow = AuthStrategy.OWNER, ownerField = "owner", identityClaim = "cognito:username", provider = "userPools", operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ }),
@AuthRule(allow = AuthStrategy.OWNER, ownerField = "owner", identityClaim = "sub", provider = "userPools", operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ }),
@AuthRule(allow = AuthStrategy.PUBLIC, provider = "iam", operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ })
})
public final class OwnerPublicUPIAMPost implements Model {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@
/** This is an auto generated class representing the OwnerUPPost type in your schema. */
@SuppressWarnings("all")
@ModelConfig(pluralName = "OwnerUPPosts", authRules = {
@AuthRule(allow = AuthStrategy.OWNER, ownerField = "owner", identityClaim = "cognito:username", provider = "userPools", operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ })
@AuthRule(allow = AuthStrategy.OWNER, ownerField = "owner", identityClaim = "sub", provider = "userPools", operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ })
})
public final class OwnerUPPost implements Model {
public static final QueryField ID = field("OwnerUPPost", "id");
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@
/** This is an auto generated class representing the PrivatePublicComboUPPost type in your schema. */
@SuppressWarnings("all")
@ModelConfig(pluralName = "PrivatePublicComboUPPosts", authRules = {
@AuthRule(allow = AuthStrategy.OWNER, ownerField = "owner", identityClaim = "cognito:username", provider = "userPools", operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ })
@AuthRule(allow = AuthStrategy.OWNER, ownerField = "owner", identityClaim = "sub", provider = "userPools", operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ })
})
public final class PrivatePublicComboUPPost implements Model {
public static final QueryField ID = field("PrivatePublicComboUPPost", "id");
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@
@AuthRule(
allow = AuthStrategy.OWNER,
ownerField = "owner",
identityClaim = "cognito:username",
identityClaim = "sub",
operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ }
)
})
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@
/** This is an auto generated class representing the OwnerAuthExplicit type in your schema. */
@SuppressWarnings("all")
@ModelConfig(pluralName = "OwnerAuthExplicits", authRules = {
@AuthRule(allow = AuthStrategy.OWNER, ownerField = "owner", identityClaim = "cognito:username", operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ })
@AuthRule(allow = AuthStrategy.OWNER, ownerField = "owner", identityClaim = "sub", provider = "userPools", operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ })
})
public final class OwnerAuthExplicit implements Model {
public static final QueryField ID = field("id");
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@
allow = AuthStrategy.OWNER,
provider = "oidc",
ownerField = "owner",
identityClaim = "cognito:username",
identityClaim = "sub",
operations = { ModelOperation.CREATE, ModelOperation.UPDATE, ModelOperation.DELETE, ModelOperation.READ }
)
})
Expand Down
Loading