feat(cognito): allow mutable attributes for requiredAttributes #7754
Conversation
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
SomayaB
changed the title
| requiredAttributes: { | ||
| fullname: true, | ||
| address: true, | ||
| fullname: new StandardAttribute(), | ||
| address: StandardAttribute.asMutable(), |
There was a problem hiding this comment.
The new user experience can be made more slick and easy to use.
Something like this -
standardAttributes: {
fullname: {
required: true,
mutable: false,
},
address: {
required: false,
mutable: true,
},
}We should mark requiredAttributes as deprecated and recommend the use of standardAttributes.
There was a problem hiding this comment.
:) that's a way better experience than my proposal, I'll do the changes over the weekend
There was a problem hiding this comment.
When you said we should mark requiredAttributes as deprecated you mean we should keep the property the same and simply set it as deprecated?
Can we set it as deprecated but point to the StandardAttribute interface instead? I know it breaks the interface but just wondering what exactly you meant there
There was a problem hiding this comment.
I meant to only mark it as deprecated and not change the interface
arnulfojr
force-pushed
the
master
branch
2 times, most recently
from
c2b6161 to
fac3355
Compare
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
| * Whether the user's postal address is a required attribute. | ||
| * @default - Attribute is not required |
There was a problem hiding this comment.
| * Whether the user's postal address is a required attribute. | |
| * @default - Attribute is not required | |
| * The user's postal address. | |
| * @default - see the defaults under `StandardAttribute` |
Apply similar changes to the other attributes.
| * @default false | ||
| */ | ||
| readonly mutable?: boolean; |
There was a problem hiding this comment.
To clarify: standard attributes in Cognito are immutable by default?
| const StandardAttributeMap: Record< | ||
| keyof StandardAttributes, | ||
| StandardAttribute | ||
| > = { |
There was a problem hiding this comment.
Reduce a few line breaks to make the code a bit easier to read -
| const StandardAttributeMap: Record< | |
| keyof StandardAttributes, | |
| StandardAttribute | |
| > = { | |
| const StandardAttributeMap: Record<keyof StandardAttributes, StandardAttribute> = { |
| * The set of attributes that are required for every user in the user pool. | ||
| * Read more on attributes here - https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html | ||
| * | ||
| * @default - No attributes are required. | ||
| * @deprecated use {@link standardAttributes} | ||
| * @default - No required attributes. | ||
| */ | ||
| readonly requiredAttributes?: RequiredAttributes; |
There was a problem hiding this comment.
I was a bit hesitant in the beginning but given that aws-cognito is marked experimental, let's entirely remove the requiredAttributes and RequiredAttributes and call this out as a breaking change.
| standardAttributes[attrName as keyof StandardAttributes]!.required || | ||
| standardAttributes[attrName as keyof StandardAttributes]!.mutable, |
There was a problem hiding this comment.
@ericzbeard tells me that from his experience, the combination of required and mutable (or maybe a different combination) is invalid, and the fact that it's invalid is not clear until the attribute change is attempted. And even at this point, the error message is generic/vague.
Perhaps we should add some validations to prevent users from doing this?
@ericzbeard - can you corroborate?
There was a problem hiding this comment.
I'm not totally clear on what this PR is doing. We should make it so that all of the regular attributes like given_name, etc are mutable by default, since the failure when using an IDP has no error message and is very hard to troubleshoot. (Is that the idea here?) What's not allowed is a required custom attribute.
There was a problem hiding this comment.
Ah I see. We're not dealing with custom attributes in this PR, so I guess that doesn't apply here.
| const stdAttributes = Object.keys(standardAttributes) | ||
| .filter( | ||
| attrName => | ||
| !!standardAttributes[attrName as keyof StandardAttributes], | ||
| ).filter( | ||
| attrName => | ||
| standardAttributes[attrName as keyof StandardAttributes]!.required || | ||
| standardAttributes[attrName as keyof StandardAttributes]!.mutable, | ||
| ) | ||
| .map(attrName => ({ | ||
| name: StandardAttributeMap[attrName as keyof StandardAttributes], | ||
| ...(standardAttributes[attrName as keyof StandardAttributes] || {}), | ||
| })); |
There was a problem hiding this comment.
You may be able to avoid the repeated attrName as keyof StandardAttributes if you use Object.entries() instead of Object.keys()
rather than taking boolean feat: allow mutable attributes for requiredAttributes
…th standardAttributes
The PR aws#8403 changed the "IAM stack" to use the default environment and forgot to update the expected output (which now does not contain a token for the URL suffix). ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
I've taken the liberty to implement a preview, refer to #7752
Any feedback is welcome!
BREAKING CHANGE:
requiredAttributesonUserPoolconstruct is now replaced withstandardAttributeswith a slightly modified signature.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license