Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

identitystore: missing Active attribute using ListUsers #2320

Closed
optplx opened this issue Oct 18, 2023 · 4 comments
Closed

identitystore: missing Active attribute using ListUsers #2320

optplx opened this issue Oct 18, 2023 · 4 comments
Assignees
@RanVaknin
Labels
guidance Question that needs advice or information.

Comments

@optplx
Copy link

optplx commented Oct 18, 2023
edited by RanVaknin
Loading

Describe the bug

I can't find a way to determine if a SSO user is active or not

Expected Behavior

In the User struct of the github.com/aws/aws-sdk-go-v2/service/identitystore package, I expected to find a boolean for the Active attribute.

In the console, there is a call to https://up.sso.eu-west-1.amazonaws.com/identitystore/ returning a list of users with this boolean for each user

{
    "Active": true,
    "Meta": {
        "CreatedAt": 1.1234567781234E9,
        "CreatedBy": "xxxxx",
        "UpdatedAt": 1.1234567781234E9,
        "UpdatedBy": "xxxxx"
    },
    "UserAttributes": {
        "emails": {
            "ComplexListValue": [
....

Current Behavior

Currently I can't find any way to check this attribute with this SDK (I am maybe missing something here)

Reproduction Steps

using this snippet, line 13 would not work

func listUsers(ctx context.Context, idstore identitystore.ListUsersAPIClient, storeID string) {
	p := identitystore.NewListUsersPaginator(
		idstore, &identitystore.ListUsersInput{
			IdentityStoreId: aws.String(storeID),
		})

	for p.HasMorePages() {
		output, err := p.NextPage(ctx)
		if err != nil {
			panic(err)
		}
		for _, user := range output.Users {
			fmt.Println(user.Active) // This won't work
		}
	}
}

Possible Solution

If possible, marshall this attribute in the json struct. I don't know the codebase well but I can have a look if you give me some pointers here

Additional Information/Context

willing to contribute if this helps

AWS Go SDK V2 Module Versions Used

v1.18.3

Compiler and Version used

go version go1.19.3

Operating System and version

darwin/amd64
@optplx optplx added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Oct 18, 2023
@lucix-aws lucix-aws added guidance Question that needs advice or information. and removed bug This issue is a bug. labels Oct 18, 2023
@lucix-aws
Copy link
Contributor

AWS SDKs are generated from models owned by service teams. In effect, the list of supported operations and their inputs/outputs (including how response fields are deserialized) are moderated externally to the SDKs.

Console- and internal- only operations/fields exist, I'm not familiar with these APIs but that is potentially the cause of the missing field here.

@optplx
Copy link
Author

optplx commented Oct 18, 2023
edited
Loading

hello @lucix-aws , thanks for your answer
So this means that there is currently no ways to work around this if I understand correctly :/ (other using the endpoint found in the console, which I prefer not to do)

Indeed checking on the CLI aws identitystore list-users I don't see the Active attribute either, which does go in the way what you say here

Maybe I can try a ticket to the support then? (we never know, Christmas isn't that far)

@RanVaknin RanVaknin self-assigned this Oct 18, 2023
@RanVaknin RanVaknin removed the needs-triage This issue or PR still needs to be triaged. label Oct 18, 2023
@RanVaknin
Copy link
Contributor

Hi @optplx ,

Just to add to what @lucix-aws have mentioned. From the looks of it, the https://up.sso.eu-west-1.amazonaws.com/identitystore/ is an endpoint owned by the SSO (IAM identity center) not the IdentityStore team. Additionally, after digging internally I can see a model that is somewhat corresponds with this shape you shared here:

{
    "Active": true,
    "Meta": {
        "CreatedAt": 1.1234567781234E9,
        "CreatedBy": "xxxxx",
        "UpdatedAt": 1.1234567781234E9,
        "UpdatedBy": "xxxxx"
    },
    "UserAttributes": {
        "emails": {
            "ComplexListValue": [
....

Unfortunately this model is not available under the IdentityStore namespace and even if the IdentityStore team updates their model, that particular team does not have service side support.
In other words, that endpoint https://up.sso.eu-west-1.amazonaws.com/identitystore/ is likely doing some fancy weight lifting behind the scene aggregating data from multiple APIs.

This will have to be a feature request opened with the SSO / identityStore service teams. You can try to use AWS console to open a support ticket and file this feature request.

Since this is not actionable by the SDK team, Im inclined to close this. If you decide to open the feature request please refer the support person to this thread.

All the best,
Ran~

@RanVaknin RanVaknin closed this as not planned Won't fix, can't repro, duplicate, stale Oct 18, 2023
@github-actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@RanVaknin RanVaknin

Labels
guidance Question that needs advice or information.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@optplx @RanVaknin @lucix-aws