Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(cognito): user pool - OAuth2.0 authentication #7141

Merged
merged 3 commits into from
Apr 6, 2020
Merged

feat(cognito): user pool - OAuth2.0 authentication #7141

merged 3 commits into from
Apr 6, 2020

Conversation

nija-at
Copy link
Contributor

@nija-at nija-at commented Apr 2, 2020

Commit Message

Support for OAuth2.0 properties in the UserPoolClient construct.

BREAKING CHANGES: The type of the authFlow property in
UserPoolClient has changed. This is no longer an enum, but instead a
set of fields to toggle. The list has also been updated to reflect the
change from ADMIN_NO_SRP_AUTH to its newer alias
ADMIN_USER_PASSWORD_AUTH.

End Commit Message

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

feat(cognito): user pool - OAuth2.0 authentication
6dd1173 
Support for OAuth2.0 properties in the UserPoolClient construct.

BREAKING CHANGES: The type of the `authFlow` property in
`UserPoolClient` has changed. This is no longer an enum, but instead a
set of fields to toggle. The list has also been updated to reflect the
change from `ADMIN_NO_SRP_AUTH` to its newer alias
`ADMIN_USER_PASSWORD_AUTH`.
@nija-at nija-at requested a review from a team April 2, 2020 15:35
@nija-at nija-at self-assigned this Apr 2, 2020
@mergify mergify bot added the contribution/core This is a PR that came from AWS. label Apr 2, 2020
@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildProject6AEA49D1-qxepHUsryhcu
  • Commit ID: 6dd1173
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

rix0rrr
rix0rrr requested changes Apr 3, 2020
View reviewed changes
Copy link
Contributor

@rix0rrr rix0rrr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor doc comments, all in all looks good (though confusing to a newb!)

packages/@aws-cdk/aws-cognito/README.md
});
```

Custom authentication protocols can be configured by setting the `custom` property under `authFlow` and defining lambda
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Kinda hate that this is implemented on 2 different resources. Do you know what the reason is?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Assuming your question is about the CF resources, this is because each user pool client can be configured with different combination of authentication flows, of which 'custom' is one choice. So the 'custom' property is on the client.

If a 'custom' authflow is chosen, the behaviour of the backend is determined by the user via lambda functions. The backend here is represented by the user pool, hence it's configured on the user pool.

@nija-at nija-at requested a review from rix0rrr April 6, 2020 08:06
@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildProject6AEA49D1-qxepHUsryhcu
  • Commit ID: 2c3d282
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@mergify
Copy link
Contributor

mergify bot commented Apr 6, 2020

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildProject6AEA49D1-qxepHUsryhcu
  • Commit ID: 53b7fd5
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@mergify
Copy link
Contributor

mergify bot commented Apr 6, 2020

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify mergify bot merged commit 09852d0 into master Apr 6, 2020
@mergify mergify bot deleted the nija-at/cognito-userpoolclient-oauth branch April 6, 2020 12:33
horsmand pushed a commit to horsmand/aws-cdk that referenced this pull request Apr 8, 2020
@horsmand
feat(cognito): user pool - OAuth2.0 authentication (aws#7141)
d3b7471 
Support for OAuth2.0 properties in the UserPoolClient construct.

BREAKING CHANGES: The type of the `authFlow` property in
`UserPoolClient` has changed. This is no longer an enum, but instead a
set of fields to toggle. The list has also been updated to reflect the
change from `ADMIN_NO_SRP_AUTH` to its newer alias
`ADMIN_USER_PASSWORD_AUTH`.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rix0rrr rix0rrr rix0rrr approved these changes

Assignees

@nija-at nija-at

Labels
contribution/core This is a PR that came from AWS.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@nija-at @aws-cdk-automation @rix0rrr