Skip to content

Commit

Permalink
chore: update tests
Browse files Browse the repository at this point in the history
  • Loading branch information
awsluja committed May 23, 2024
1 parent 438ccf0 commit 9c6057f
Show file tree
Hide file tree
Showing 2 changed files with 64 additions and 30 deletions.
18 changes: 12 additions & 6 deletions packages/auth-construct/src/construct.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -753,7 +753,10 @@ void describe('Auth construct', () => {
authConstruct.node.findChild('UserPoolAppClient') as UserPoolClient
).userPoolClientId;
const expectedRegion = Stack.of(authConstruct).region;

const expectedCognitoDomain =
authConstruct.resources.userPool.node['_children']['UserPoolDomain'][
'domainName'
];
const storeOutputArgs = storeOutputMock.mock.calls[0].arguments;
assert.equal(storeOutputArgs.length, 2);
const oidcProviders = authConstruct['providerSetupResult']['oidc'];
Expand Down Expand Up @@ -788,8 +791,8 @@ void describe('Auth construct', () => {
verificationMechanisms: '["email"]',
usernameAttributes: '["email"]',
oauthClientId: expectedWebClientId, // same thing
oauthCognitoDomain: `test-prefix.auth.${expectedRegion}.amazoncognito.com`,
oauthScope: '["email","profile"]',
oauthCognitoDomain: expectedCognitoDomain,
oauthScope: '["email","profile","openid"]',
oauthRedirectSignIn: 'http://callback.com',
oauthRedirectSignOut: 'http://logout.com',
oauthResponseType: 'code',
Expand Down Expand Up @@ -831,7 +834,10 @@ void describe('Auth construct', () => {
authConstruct.node.findChild('UserPoolAppClient') as UserPoolClient
).userPoolClientId;
const expectedRegion = Stack.of(authConstruct).region;

const expectedCognitoDomain =
authConstruct.resources.userPool.node['_children']['UserPoolDomain'][
'domainName'
];
const storeOutputArgs = storeOutputMock.mock.calls[0].arguments;
assert.equal(storeOutputArgs.length, 2);
assert.deepStrictEqual(storeOutputArgs, [
Expand All @@ -851,8 +857,8 @@ void describe('Auth construct', () => {
verificationMechanisms: '["email"]',
usernameAttributes: '["email"]',
oauthClientId: expectedWebClientId, // same thing
oauthCognitoDomain: `test-prefix.auth.${expectedRegion}.amazoncognito.com`,
oauthScope: '["email","profile"]',
oauthCognitoDomain: expectedCognitoDomain,
oauthScope: '["email","profile","openid"]',
oauthRedirectSignIn: 'http://callback.com',
oauthRedirectSignOut: 'http://logout.com',
oauthResponseType: 'code',
Expand Down
76 changes: 52 additions & 24 deletions packages/auth-construct/src/construct.ts
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,6 @@ import * as path from 'path';
type DefaultRoles = { auth: Role; unAuth: Role };
type IdentityProviderSetupResult = {
oAuthMappings: Record<string, string>;
providersList: string[];
oAuthSettings: cognito.OAuthSettings | undefined;
google?: UserPoolIdentityProviderGoogle;
facebook?: UserPoolIdentityProviderFacebook;
Expand Down Expand Up @@ -636,7 +635,6 @@ export class AmplifyAuth
const shouldMapEmailAttributes = loginOptions.email && !loginOptions.phone;
const result: IdentityProviderSetupResult = {
oAuthMappings: {},
providersList: [],
oAuthSettings: {
flows: DEFAULTS.OAUTH_FLOWS,
},
Expand Down Expand Up @@ -681,7 +679,6 @@ export class AmplifyAuth
);
result.oAuthMappings[oauthProviderToProviderDomainMap.google] =
external.google.clientId;
result.providersList.push('GOOGLE');
}
if (external.facebook) {
result.facebook = new cognito.UserPoolIdentityProviderFacebook(
Expand All @@ -704,7 +701,6 @@ export class AmplifyAuth
);
result.oAuthMappings[oauthProviderToProviderDomainMap.facebook] =
external.facebook.clientId;
result.providersList.push('FACEBOOK');
}
if (external.loginWithAmazon) {
result.amazon = new cognito.UserPoolIdentityProviderAmazon(
Expand All @@ -727,7 +723,6 @@ export class AmplifyAuth
);
result.oAuthMappings[oauthProviderToProviderDomainMap.amazon] =
external.loginWithAmazon.clientId;
result.providersList.push('LOGIN_WITH_AMAZON');
}
if (external.signInWithApple) {
result.apple = new cognito.UserPoolIdentityProviderApple(
Expand All @@ -750,7 +745,6 @@ export class AmplifyAuth
);
result.oAuthMappings[oauthProviderToProviderDomainMap.apple] =
external.signInWithApple.clientId;
result.providersList.push('SIGN_IN_WITH_APPLE');
}
if (external.oidc && external.oidc.length > 0) {
result.oidc = [];
Expand Down Expand Up @@ -790,7 +784,6 @@ export class AmplifyAuth
}
);
result.oidc?.push(generatedProvider);
result.providersList.push(generatedProvider.providerName);
});
}
if (external.saml) {
Expand All @@ -815,7 +808,6 @@ export class AmplifyAuth
name: saml.name,
}
);
result.providersList.push('SAML');
}

// Always generate a domain prefix if external provider is configured
Expand Down Expand Up @@ -915,7 +907,18 @@ export class AmplifyAuth
.allowUnauthenticatedIdentities === true
? 'true'
: 'false',
// socialProviders: Lazy.string({
// produce: () => {
// const getProviders = () => {

// }
// return undefined;
// };
// return getProviders();
// },
// }),
};

const cfnUserPool = this.resources.cfnResources.cfnUserPool;
// extract signupAttributes from UserPool schema's required attributes
const requiredAttributes: string[] = [];
Expand Down Expand Up @@ -969,37 +972,62 @@ export class AmplifyAuth
});
output.mfaTypes = JSON.stringify(mfaTypes);

if (this.providerSetupResult.providersList.length > 0) {
output.socialProviders = JSON.stringify(
this.providerSetupResult.providersList
);
const outputProviders = [];
const userPoolProviders = this.resources.userPool.identityProviders;
if (userPoolProviders) {
for (const provider of userPoolProviders) {
const providerType =
provider.node['_children']['Resource']['providerType'];

if (providerType === 'Google') {
outputProviders.push('GOOGLE');
}
if (providerType === 'Facebook') {
outputProviders.push('FACEBOOK');
}
if (providerType === 'SignInWithApple') {
outputProviders.push('SIGN_IN_WITH_APPLE');
}
if (providerType === 'LoginWithAmazon') {
outputProviders.push('LOGIN_WITH_AMAZON');
}
if (providerType === 'OIDC') {
outputProviders.push(provider.providerName);
}
if (providerType === 'SAML') {
outputProviders.push('SAML');
}
}
if (outputProviders.length > 0) {
output.socialProviders = JSON.stringify(outputProviders);
}
}

//TODO: extract callback URLs from cfn and remove this block below
// if callback URLs are configured, we must expose the oauth settings to the output
if (
//cfnUserPoolClient.callbackUrLs
this.providerSetupResult.oAuthSettings &&
this.providerSetupResult.oAuthSettings.callbackUrls
) {
const oAuthSettings = this.providerSetupResult.oAuthSettings;
if (this.domainPrefix) {
output.oauthCognitoDomain = `${this.domainPrefix}.auth.${
Stack.of(this).region
}.amazoncognito.com`;
if (this.userPool.node['_children']['UserPoolDomain']) {
output.oauthCognitoDomain =
this.userPool.node['_children']['UserPoolDomain']['domainName'];
}
const userPoolClientResource =
this.resources.userPoolClient.node['_children']['Resource'];

output.oauthScope = JSON.stringify(
oAuthSettings.scopes?.map((s) => s.scopeName) ?? []
userPoolClientResource['allowedOAuthScopes'] ?? []
);
output.oauthRedirectSignIn = oAuthSettings.callbackUrls
? oAuthSettings.callbackUrls.join(',')
output.oauthRedirectSignIn = userPoolClientResource['callbackUrLs']
? userPoolClientResource['callbackUrLs'].join(',')
: '';
output.oauthRedirectSignOut = oAuthSettings.logoutUrls
? oAuthSettings.logoutUrls.join(',')
output.oauthRedirectSignOut = userPoolClientResource['logoutUrLs']
? userPoolClientResource['logoutUrLs'].join(',')
: '';
output.oauthClientId = this.resources.userPoolClient.userPoolClientId;
output.oauthResponseType = 'code';
output.oauthResponseType =
userPoolClientResource['allowedOAuthFlows'].join(',');
}

outputStorageStrategy.addBackendOutputEntry(authOutputKey, {
Expand Down

0 comments on commit 9c6057f

Please sign in to comment.