New resource: aws_cognito_user_pool_app_client #2874
Conversation
|
tomelliff
changed the title
Minimal Cognito User Pool App/Client resource. Only implements generate_secret, refresh_token_validity and read/write_attributes so far. All the Oauth stuff has been left for work at a later date.
tomelliff
force-pushed
the
add-cognito-user-pool-app-client
branch
from
8a70324
to
9b9c56a
Compare
|
Interestingly I managed to accidentally return I've since fixed the mistake and squashed the fix but have I done something wrong there? |
tomelliff
changed the title
|
Moving this back to WIP because after a little bit of testing it looks like updating either read or write attributes but not both then wipes the other one. I'll try and debug what's going on there but it's not good to be merged until then. |
tomelliff
changed the title
tomelliff
force-pushed
the
add-cognito-user-pool-app-client
branch
from
6ced0dc
to
80fb1be
Compare
|
Think that's fixed everything and have tests to cover that last issue too: |
…clients If these aren't set when the resource is updated then they are removed. If there are no read/write attributes set then Cognito defaults to allowing users to read/write all attributes. From testing, the 'name' and 'refresh_token_validity' parameters aren't affected in the same way.
tomelliff
force-pushed
the
add-cognito-user-pool-app-client
branch
from
80fb1be
to
25508a2
Compare
|
Hi @tomelliff! Thanks for the comprehensive pull request. I have another couple to review ahead of this one but if no-one else picks this up first I will do so shortly. |
|
Cool, thanks. The only time I get to write any Go is when I contribute to Terraform so let me know if there's anything I've done wrong or could do better. |
tomelliff
changed the title
|
Hi @tomelliff Can you please take a look and confirm that we can close this PR? Thanks. |
radeksimko
added
the
waiting-response
|
Ack, I'm not doing too well with Github search apparently and keep missing things that other people have done before starting. Looking at the discussion in the PR I can see this comment that seems to suggest that there's no support for custom attributes but I can't see why not because it was straightforward for me to add them (and I have tests for them too). I also noticed that the read_attributes and write_attributes are only set on an update when they are changed (c583147#diff-691a9416b6661d1ee9e2ed38b6dce6fdR269) but this won't actually work because if you set just the read attributes and not the write attributes the API annoyingly blanks the write attributes and vice versa. This has the awful fallback of making everything readable/writable as well :( I added a test in my PR to cover that use case but I could probably rework fixes on top of that work and close that PR if you want? I'd probably want to test the update a bit more heavily with a test case that loops through a lot of changes just from the weirdness going on with the attributes. |
That sounds like a good plan 👍 Thanks. |
|
I'm going to close this PR then and let you pick any changes & PR them separately. Thanks for all the efforts! |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
breathingdust
removed
the
waiting-response
Minimal Cognito User Pool App/Client resource.
Only implements generate_secret, refresh_token_validity and read/write_attributes so far.
All the Oauth stuff has been left for work at a later date.