Skip to content

Commit

Permalink
accept userPool and userPoolClient instead of string URL
Browse files Browse the repository at this point in the history
  • Loading branch information
Tietew committed Feb 8, 2024
1 parent 5f73ff2 commit b516bf1
Show file tree
Hide file tree
Showing 4 changed files with 29 additions and 7 deletions.
6 changes: 4 additions & 2 deletions packages/@aws-cdk/aws-cognito-identitypool-alpha/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -334,11 +334,14 @@ For identity providers that don't have static Urls, a custom Url or User Pool Cl
```ts
import { IdentityPoolProviderUrl } from '@aws-cdk/aws-cognito-identitypool-alpha';

declare const userPool: UserPool;
declare const userPoolClient: UserPoolClient;

new IdentityPool(this, 'myidentitypool', {
identityPoolName: 'myidentitypool',
roleMappings: [
{
providerUrl: IdentityPoolProviderUrl.userPool('cognito-idp.my-idp-region.amazonaws.com/my-idp-region_abcdefghi:app_client_id'),
providerUrl: IdentityPoolProviderUrl.userPool(userPool, userPoolClient),
useToken: true,
},
{
Expand Down Expand Up @@ -399,4 +402,3 @@ IdentityPool.fromIdentityPoolId(this, 'my-imported-identity-pool',
IdentityPool.fromIdentityPoolArn(this, 'my-imported-identity-pool',
'arn:aws:cognito-identity:us-east-1:123456789012:identitypool/us-east-1:dj2823ryiwuhef937');
```

Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
import {
CfnIdentityPool,
UserPool,
UserPoolClient,
} from 'aws-cdk-lib/aws-cognito';
import {
IOpenIdConnectProvider,
Expand Down Expand Up @@ -155,7 +157,8 @@ export class IdentityPoolProviderUrl {
}

/** User Pool Provider Url */
public static userPool(url: string): IdentityPoolProviderUrl {
public static userPool(userPool: UserPool, userPoolClient: UserPoolClient): IdentityPoolProviderUrl {
const url = `${userPool.userPoolProviderName}:${userPoolClient.userPoolClientId}`;
return new IdentityPoolProviderUrl(IdentityPoolProviderType.USER_POOL, url);
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -440,7 +440,7 @@ describe('role mappings', () => {
const providerUrl = Fn.importValue('ProviderUrl');
expect(() => new IdentityPool(stack, 'TestIdentityPoolRoleMappingErrors', {
roleMappings: [{
providerUrl: IdentityPoolProviderUrl.userPool(providerUrl),
providerUrl: IdentityPoolProviderUrl.custom(providerUrl),
useToken: true,
}],
})).toThrowError('mappingKey must be provided when providerUrl.value is a token');
Expand All @@ -452,7 +452,7 @@ describe('role mappings', () => {
new IdentityPool(stack, 'TestIdentityPoolRoleMappingToken', {
roleMappings: [{
mappingKey: 'theKey',
providerUrl: IdentityPoolProviderUrl.userPool(providerUrl),
providerUrl: IdentityPoolProviderUrl.custom(providerUrl),
useToken: true,
}],
});
Expand Down Expand Up @@ -532,6 +532,8 @@ describe('role mappings', () => {

test('role mapping with rules configuration', () => {
const stack = new Stack();
const pool = new UserPool(stack, 'Pool');
const client = pool.addClient('Client');
const adminRole = new Role(stack, 'adminRole', {
assumedBy: new ServicePrincipal('admin.amazonaws.com'),
});
Expand All @@ -557,6 +559,11 @@ describe('role mappings', () => {
});
const idPool = new IdentityPool(stack, 'TestIdentityPoolRoleMappingRules', {
roleMappings: [{
mappingKey: 'cognito',
providerUrl: IdentityPoolProviderUrl.userPool(pool, client),
useToken: true,
},
{
providerUrl: IdentityPoolProviderUrl.AMAZON,
resolveAmbiguousRoles: true,
rules: [
Expand Down Expand Up @@ -601,6 +608,16 @@ describe('role mappings', () => {
Ref: 'TestIdentityPoolRoleMappingRulesC8C07BC3',
},
RoleMappings: {
'cognito': {
IdentityProvider: {
'Fn::Join': ['', [
{ 'Fn::GetAtt': ['PoolD3F588B8', 'ProviderName'] },
':',
{ Ref: 'PoolClient8A3E5EB7' },
]],
},
Type: 'Token',
},
'www.amazon.com': {
AmbiguousRoleResolution: 'AuthenticatedRole',
IdentityProvider: 'www.amazon.com',
Expand Down Expand Up @@ -696,4 +713,4 @@ describe('role mappings', () => {
},
});
});
});
});
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ const idPool = new IdentityPool(stack, 'identitypool', {
roleMappings: [
{
mappingKey: 'theKey',
providerUrl: IdentityPoolProviderUrl.userPool(`${userPool.userPoolProviderName}:${client.userPoolClientId}`),
providerUrl: IdentityPoolProviderUrl.userPool(userPool, client),
useToken: true,
},
],
Expand Down

0 comments on commit b516bf1

Please sign in to comment.