feat(cognito): user pools - non-ascii email domains #11099
Conversation
|
|
wtho
force-pushed
the
wtho/cognito-userpool-punycode-encoding
branch
from
c6c65b6
to
64d2a5f
Compare
nija-at
changed the title
nija-at
changed the title
packages/@aws-cdk/aws-cognito/test/integ.user-pool-encoding-charset-unicode.ts
Outdated
Show resolved
Hide resolved
If an email address for cognito email settings contains a non-ascii character, the cognito cdk package applies punycode encoding, which cloudformation will pick up properly.
wtho
force-pushed
the
wtho/cognito-userpool-punycode-encoding
branch
from
64d2a5f
to
d7301f4
Compare
wtho
force-pushed
the
wtho/cognito-userpool-punycode-encoding
branch
2 times, most recently
from
bdd9a31
to
308f32c
Compare
I added the lint rule in cognito's |
wtho
force-pushed
the
wtho/cognito-userpool-punycode-encoding
branch
from
74af44c
to
2b9dfa1
Compare
wtho
force-pushed
the
wtho/cognito-userpool-punycode-encoding
branch
2 times, most recently
from
bcdf43b
to
7369218
Compare
| function encodeDomain(email: string | undefined): string | undefined { | ||
| const splitEmail = email?.split('@'); | ||
| if (splitEmail === undefined || splitEmail.length !== 2) { | ||
| return email; | ||
| } | ||
| const [local, domain] = splitEmail!; | ||
| return `${local}@${punycodeEncode(domain)}`; | ||
| } |
There was a problem hiding this comment.
Can't we just use the toASCII() API instead. According to the documentation, it takes care of emails.
There was a problem hiding this comment.
Yeah, but it also encodes the part before the @, which for AWS/Cloudformation should not be encoded. See rix0rr's earlier comment and the documentation.
There was a problem hiding this comment.
Not according to the example in the docs that I've linked above. Specifically example#3 shows that the first half of the email address is NOT encoded.
Does the library behave differently? Can you test this and report?
There was a problem hiding this comment.
You are correct! Did not go through the documentation properly!
I reverted back to the toASCII method, as previously.
wtho
force-pushed
the
wtho/cognito-userpool-punycode-encoding
branch
from
7369218
to
79cba93
Compare
|
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
If an email address for cognito email settings contains a non-ascii character, the cognito cdk package applies punycode encoding, which cloudformation will pick up properly.
This pull request adds the
punycodepackage to the dependencies, as previously discussed in #8473. The package occupies 42KB innode_modulesafter installation. I am not sure if I configured the package correctly to be included in the cdk build. The project itself addedpunycodetoaws-cdk-libandmonocdk, I had to re-runyarn installin these packages.Unit- and integration tests are added, but notice that I could not manage a manual e2e test, I think I need to own a domain with non-ascii letters to do so, which I currently do not.
A similar approach as in this PR will also be interesting for other cdk packages which deal with email addresses and domains, like hosted zones.
According to the Cfn Domain Name Format Docs, characters with code point below 33, or in
[127, 255]should be escaped with an octal code, which is not applied in this pull request.Fixes #8473
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license