fix(cognito-identitypool-alpha): inconvenient IdentityPoolProviderUrl.userPool() #29025
Conversation
github-actions
bot
added
the
valued-contributor
There was a problem hiding this comment.
The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.
A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.
|
Exemption Request |
aws-cdk-automation
added
the
pr-linter/exemption-requested
aws-cdk-automation
added
the
pr/needs-community-review
| @@ -155,7 +157,8 @@ export class IdentityPoolProviderUrl { | |||
| } | |||
|
|
|||
| /** User Pool Provider Url */ | |||
| public static userPool(url: string): IdentityPoolProviderUrl { | |||
| public static userPool(userPool: UserPool, userPoolClient: UserPoolClient): IdentityPoolProviderUrl { | |||
There was a problem hiding this comment.
I know we're ok with breaking changes, but this seems like it would ruin anyone who was simply supplying a url here that was not connected to a specific UserPool or UserPoolCliet construct. I'm not sure what the difference would be if the IdentityPoolProviderType turns from USER_POOL to CUSTOM
There was a problem hiding this comment.
IdentityPoolProviderType (IdentityPoolProviderUrl.type) is not used since #16190 (implemented PR).
Changing .userPool(somthing) to .custom(something) makes no differences in CloudFormation template.
| @@ -440,7 +440,7 @@ describe('role mappings', () => { | |||
| const providerUrl = Fn.importValue('ProviderUrl'); | |||
| expect(() => new IdentityPool(stack, 'TestIdentityPoolRoleMappingErrors', { | |||
| roleMappings: [{ | |||
| providerUrl: IdentityPoolProviderUrl.userPool(providerUrl), | |||
| providerUrl: IdentityPoolProviderUrl.custom(providerUrl), | |||
There was a problem hiding this comment.
This would change the IdentityPoolProviderTyle right? How does that affect things?
There was a problem hiding this comment.
Same as above. No affects in CloudFormation template.
|
Updated BREAKING CHANGE in description |
|
This PR has been in the CHANGES REQUESTED state for 3 weeks, and looks abandoned. To keep this PR from being closed, please continue work on it. If not, it will automatically be closed in a week. |
|
This PR has been deemed to be abandoned, and will be automatically closed. Please create a new PR for these changes if you think this decision has been made in error. |
aws-cdk-automation
added
the
closed-for-staleness
paulhcsun
added
pr-linter/do-not-close
TheRealAmazonKendra
added
pr-linter/exempt-integ-test
aws-cdk-automation
dismissed
their stale review
✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.
aws-cdk-automation
removed
the
pr/needs-community-review
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
@Mergifyio update |
❌ Mergify doesn't have permission to updateFor security reasons, Mergify can't update this pull request. Try updating locally. |
mergify
bot
dismissed
TheRealAmazonKendra’s stale review
Pull request has been modified.
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
Reason for this change
IdentityPoolProviderUrl.userPool()requires a stringurlcurrently.The description is "User Pool Provider Url".
It should be
`${userPool.userPoolProviderName}:${userPoolClient.userPoolClientId}`.UserPoolhas an attributeuserPoolProviderUrlwhich description is "User Pool Provider Url", but confusingly, it cannot be specified toIdentityPoolProviderUrl.userPool().The format of the identity provider identifier isn't well documented.
See SetIdentityPoolRoles API reference for example of User Pool's identity provider identifier.
Description of changes
This PR fixes
IdentityPoolProviderUrl.userPool()to acceptUserPoolandUserPoolClientinstead of a stringurl.It generates a correct identifier described above.
Description of how you validated changes
Existing integration test generates an identifier as described above.
The snapshot won't be changed by this PR.
Checklist
BREAKING CHANGE: The argument of
IdentityPoolProviderUrl.userPool()has been changed fromurl: stringtouserPool: UserPool, userPoolClient: UserPoolClient. If you want to specify custom identifier string, useIdentityPoolProviderUrl.custom()instead.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license