From d983c39ffd8cd4d82b8f298bebc8082fb2fe1fa9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Torbj=C3=B8rn=20Kv=C3=A5le?= Date: Mon, 9 Dec 2024 14:19:25 +0100 Subject: [PATCH 1/2] add test for groupsToOverride and iamRolesToOverride --- .../lambda/runtime/tests/EventLoaderTest.java | 32 +++++++++++-- ...ken_generation_event_v2_with_response.json | 48 +++++++++++++++++++ 2 files changed, 77 insertions(+), 3 deletions(-) create mode 100644 aws-lambda-java-tests/src/test/resources/cognito_user_pool_pre_token_generation_event_v2_with_response.json diff --git a/aws-lambda-java-tests/src/test/java/com/amazonaws/services/lambda/runtime/tests/EventLoaderTest.java b/aws-lambda-java-tests/src/test/java/com/amazonaws/services/lambda/runtime/tests/EventLoaderTest.java index 4aa920f8..73bda334 100644 --- a/aws-lambda-java-tests/src/test/java/com/amazonaws/services/lambda/runtime/tests/EventLoaderTest.java +++ b/aws-lambda-java-tests/src/test/java/com/amazonaws/services/lambda/runtime/tests/EventLoaderTest.java @@ -17,7 +17,10 @@ import com.amazonaws.services.lambda.runtime.events.CloudWatchLogsEvent; import com.amazonaws.services.lambda.runtime.events.CloudWatchMetricAlarmEvent; import com.amazonaws.services.lambda.runtime.events.CodeCommitEvent; +import com.amazonaws.services.lambda.runtime.events.CognitoUserPoolPreTokenGenerationEventV2.ClaimsAndScopeOverrideDetails; +import com.amazonaws.services.lambda.runtime.events.CognitoUserPoolPreTokenGenerationEventV2.Response; import com.amazonaws.services.lambda.runtime.events.CognitoUserPoolPreTokenGenerationEventV2; +import com.amazonaws.services.lambda.runtime.events.CognitoUserPoolPreTokenGenerationEventV2.GroupOverrideDetails; import com.amazonaws.services.lambda.runtime.events.ConfigEvent; import com.amazonaws.services.lambda.runtime.events.ConnectEvent; import com.amazonaws.services.lambda.runtime.events.DynamodbEvent; @@ -111,8 +114,8 @@ public void testLoadKafkaEvent() { KafkaEvent.KafkaEventRecord record = event.getRecords().get("mytopic-01").get(0); assertThat(record.getValue()).decodedAsBase64().asString().isEqualTo("Hello from Kafka !!"); - - String headerValue = new String(record.getHeaders().get(0).get("headerKey")); + + String headerValue = new String(record.getHeaders().get(0).get("headerKey")); assertThat(headerValue).isEqualTo("headerValue"); } @@ -151,7 +154,7 @@ public void testLoadKinesisFirehoseEvent() { @Test public void testLoadMSKFirehoseEvent() { MSKFirehoseEvent event = EventLoader.loadMSKFirehoseEvent("msk_firehose_event.json"); - + assertThat(event).isNotNull(); assertThat(event.getSourceMSKArn()).isEqualTo("arn:aws:kafka:EXAMPLE"); assertThat(event.getDeliveryStreamArn()).isEqualTo("arn:aws:firehose:EXAMPLE"); @@ -420,6 +423,29 @@ public void testLoadCognitoUserPoolPreTokenGenerationEventV2() { assertThat("aws.cognito.signin.user.admin").isEqualTo(requestScopes[0]); } + @Test + public void testGroupOverrideDetailsCognitoUserPoolPreTokenGenerationEventV2() { + CognitoUserPoolPreTokenGenerationEventV2 event = EventLoader.loadCognitoUserPoolPreTokenGenerationEventV2( + "cognito_user_pool_pre_token_generation_event_v2_with_response.json"); + + assertThat(event).isNotNull(); + assertThat(event) + .extracting(CognitoUserPoolPreTokenGenerationEventV2::getResponse) + .extracting(Response::getClaimsAndScopeOverrideDetails) + .extracting(ClaimsAndScopeOverrideDetails::getGroupOverrideDetails) + .extracting(GroupOverrideDetails::getGroupsToOverride) + .asList() + .contains("my_group"); + + assertThat(event) + .extracting(CognitoUserPoolPreTokenGenerationEventV2::getResponse) + .extracting(Response::getClaimsAndScopeOverrideDetails) + .extracting(ClaimsAndScopeOverrideDetails::getGroupOverrideDetails) + .extracting(GroupOverrideDetails::getIamRolesToOverride) + .asList() + .contains("my_role"); + } + @Test public void testCloudWatchCompositeAlarmEvent() { CloudWatchCompositeAlarmEvent event = EventLoader.loadCloudWatchCompositeAlarmEvent("cloudwatch_composite_alarm.json"); diff --git a/aws-lambda-java-tests/src/test/resources/cognito_user_pool_pre_token_generation_event_v2_with_response.json b/aws-lambda-java-tests/src/test/resources/cognito_user_pool_pre_token_generation_event_v2_with_response.json new file mode 100644 index 00000000..47bf1579 --- /dev/null +++ b/aws-lambda-java-tests/src/test/resources/cognito_user_pool_pre_token_generation_event_v2_with_response.json @@ -0,0 +1,48 @@ +{ + "version": "2", + "triggerSource": "TokenGeneration_Authentication", + "region": "us-east-1", + "userPoolId": "us-east-1_EXAMPLE", + "userName": "JaneDoe", + "callerContext": { + "awsSdkVersion": "aws-sdk-unknown-unknown", + "clientId": "1example23456789" + }, + "request": { + "userAttributes": { + "string": "string" + }, + "scopes": ["string", "string"], + "groupConfiguration": { + "groupsToOverride": ["string", "string"], + "iamRolesToOverride": ["string", "string"], + "preferredRole": "string" + }, + "clientMetadata": { + "string": "string" + } + }, + "response": { + "claimsAndScopeOverrideDetails": { + "idTokenGeneration": { + "claimsToAddOrOverride": { + "string": ["accepted datatype"] + }, + "claimsToSuppress": ["string", "string"] + }, + "accessTokenGeneration": { + "claimsToAddOrOverride": { + "string": ["accepted datatype"] + }, + "claimsToSuppress": ["string", "string"], + "scopesToAdd": ["string", "string"], + "scopesToSuppress": ["string", "string"] + }, + "groupOverrideDetails": { + "groupsToOverride": ["my_group", "string"], + "iamRolesToOverride": ["my_role", "string"], + "preferredRole": "string" + } + } + } +} From fb4bd7387f47631000f220a0e90947936e67232a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Torbj=C3=B8rn=20Kv=C3=A5le?= Date: Mon, 9 Dec 2024 14:23:22 +0100 Subject: [PATCH 2/2] fix GroupOverrideDetails from map to array types --- .../events/CognitoUserPoolPreTokenGenerationEventV2.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aws-lambda-java-events/src/main/java/com/amazonaws/services/lambda/runtime/events/CognitoUserPoolPreTokenGenerationEventV2.java b/aws-lambda-java-events/src/main/java/com/amazonaws/services/lambda/runtime/events/CognitoUserPoolPreTokenGenerationEventV2.java index c7250570..9faeb970 100644 --- a/aws-lambda-java-events/src/main/java/com/amazonaws/services/lambda/runtime/events/CognitoUserPoolPreTokenGenerationEventV2.java +++ b/aws-lambda-java-events/src/main/java/com/amazonaws/services/lambda/runtime/events/CognitoUserPoolPreTokenGenerationEventV2.java @@ -127,8 +127,8 @@ public static class AccessTokenGeneration { @Builder(setterPrefix = "with") @NoArgsConstructor public static class GroupOverrideDetails { - private Map groupsToOverride; - private Map iamRolesToOverride; + private String[] groupsToOverride; + private String[] iamRolesToOverride; private String preferredRole; } } \ No newline at end of file