Skip to content

fix(data-classes): ensure lazy initialization for Cognito token generation response properties #7653

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 10 commits into
base: develop
Choose a base branch
from
+27 −19
Open

fix(data-classes): ensure lazy initialization for Cognito token generation response properties #7653

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
5ae740e
fix(data-classes): ensure lazy initialization for Cognito token gener…
Nov 10, 2025
d3d42ff
test(data-classes): use the original test scenario but keep the fixed…
Nov 10, 2025
8a8bea9
Merge branch 'develop' into fix-7651
nc-dirknilius Nov 11, 2025
ef4729c
test(data-classes): fix linter format issues
Nov 12, 2025
36cbe36
Merge branch 'develop' into fix-7651
nc-dirknilius Nov 12, 2025
2787fe2
test(data-classes): add assertions for lazy initialization of token g…
Nov 13, 2025
d39af4e
Merge branch 'develop' into fix-7651
nc-dirknilius Nov 13, 2025
59e3760
Merge branch 'develop' into fix-7651
nc-dirknilius Nov 13, 2025
98d0186
Merge branch 'develop' into fix-7651
leandrodamascena Nov 13, 2025
04a6147
Merge branch 'develop' into fix-7651
anafalcao Nov 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 14 additions & 16 deletions aws_lambda_powertools/utilities/data_classes/cognito_user_pool_event.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -575,13 +575,10 @@ def scopes_to_suppress(self, value: list[str]):

class ClaimsAndScopeOverrideDetails(GroupConfigurationBase):
@property
def id_token_generation(self) -> TokenClaimsAndScopeOverrideDetails | None:
id_token_generation_details = self._data.get("idTokenGeneration")
return (
None
if id_token_generation_details is None
else TokenClaimsAndScopeOverrideDetails(id_token_generation_details)
)
def id_token_generation(self) -> TokenClaimsAndScopeOverrideDetails:
if self._data.get("idTokenGeneration") is None:
self._data["idTokenGeneration"] = {}
return TokenClaimsAndScopeOverrideDetails(self._data["idTokenGeneration"])

@id_token_generation.setter
def id_token_generation(self, value: dict[str, Any]):
Expand All @@ -597,13 +594,10 @@ def id_token_generation(self, value: dict[str, Any]):
self._data["idTokenGeneration"] = value

@property
def access_token_generation(self) -> TokenClaimsAndScopeOverrideDetails | None:
access_token_generation_details = self._data.get("accessTokenGeneration")
return (
None
if access_token_generation_details is None
else TokenClaimsAndScopeOverrideDetails(access_token_generation_details)
)
def access_token_generation(self) -> TokenClaimsAndScopeOverrideDetails:
if self._data.get("accessTokenGeneration") is None:
self._data["accessTokenGeneration"] = {}
return TokenClaimsAndScopeOverrideDetails(self._data["accessTokenGeneration"])

@access_token_generation.setter
def access_token_generation(self, value: dict[str, Any]):
Expand All @@ -622,13 +616,17 @@ def access_token_generation(self, value: dict[str, Any]):
class PreTokenGenerationTriggerEventResponse(DictWrapper):
@property
def claims_override_details(self) -> ClaimsOverrideDetails:
return ClaimsOverrideDetails(self.get("claimsOverrideDetails") or {})
if self._data.get("claimsOverrideDetails") is None:
self._data["claimsOverrideDetails"] = {}
return ClaimsOverrideDetails(self._data["claimsOverrideDetails"])


class PreTokenGenerationTriggerV2EventResponse(DictWrapper):
@property
def claims_scope_override_details(self) -> ClaimsAndScopeOverrideDetails:
return ClaimsAndScopeOverrideDetails(self.get("claimsAndScopeOverrideDetails") or {})
if self._data.get("claimsAndScopeOverrideDetails") is None:
self._data["claimsAndScopeOverrideDetails"] = {}
return ClaimsAndScopeOverrideDetails(self._data["claimsAndScopeOverrideDetails"])


class PreTokenGenerationTriggerEvent(BaseTriggerEvent):
Expand Down
16 changes: 13 additions & 3 deletions tests/unit/data_classes/required_dependencies/test_cognito_user_pool_event.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -187,7 +187,7 @@ def test_cognito_pre_token_generation_trigger_event():

expected_claims = {"test": "value"}
claims_override_details.claims_to_add_or_override = expected_claims
assert claims_override_details.claims_to_add_or_override["test"] == "value"
assert parsed_event.response.claims_override_details.claims_to_add_or_override["test"] == "value"

claims_override_details.claims_to_suppress = ["email"]
assert claims_override_details.claims_to_suppress[0] == "email"
Expand Down Expand Up @@ -229,6 +229,10 @@ def test_cognito_pre_token_v2_generation_trigger_event():
assert parsed_event.request.scopes == raw_event["request"]["scopes"]

claims_scope_override_details = parsed_event.response.claims_scope_override_details
# Test that accessing id_token_generation and access_token_generation properties initialize empty dicts
assert claims_scope_override_details.id_token_generation.claims_to_add_or_override == {}
assert claims_scope_override_details.access_token_generation.claims_to_add_or_override == {}

claims_scope_override_details.id_token_generation = claims_scope_override_details.access_token_generation = {}
assert claims_scope_override_details.id_token_generation.claims_to_add_or_override == {}
assert claims_scope_override_details.id_token_generation.claims_to_suppress == []
Expand All @@ -246,8 +250,14 @@ def test_cognito_pre_token_v2_generation_trigger_event():
expected_claims = {"test": "value"}
claims_scope_override_details.id_token_generation.claims_to_add_or_override = expected_claims
claims_scope_override_details.access_token_generation.claims_to_add_or_override = expected_claims
assert claims_scope_override_details.id_token_generation.claims_to_add_or_override["test"] == "value"
assert claims_scope_override_details.access_token_generation.claims_to_add_or_override["test"] == "value"
assert (
parsed_event.response.claims_scope_override_details.id_token_generation.claims_to_add_or_override["test"]
== "value"
)
assert (
parsed_event.response.claims_scope_override_details.access_token_generation.claims_to_add_or_override["test"]
== "value"
)

claims_scope_override_details.id_token_generation.claims_to_suppress = (
claims_scope_override_details.access_token_generation.claims_to_suppress
Expand Down