-
Notifications
You must be signed in to change notification settings - Fork 230
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adds the V2 version of the pre token generation event. (#465)
- Loading branch information
Showing
4 changed files
with
185 additions
and
1 deletion.
There are no files selected for viewing
134 changes: 134 additions & 0 deletions
134
...om/amazonaws/services/lambda/runtime/events/CognitoUserPoolPreTokenGenerationEventV2.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,134 @@ | ||
/* Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. */ | ||
|
||
package com.amazonaws.services.lambda.runtime.events; | ||
|
||
import lombok.AllArgsConstructor; | ||
import lombok.Builder; | ||
import lombok.Data; | ||
import lombok.EqualsAndHashCode; | ||
import lombok.NoArgsConstructor; | ||
import lombok.ToString; | ||
|
||
import java.util.Map; | ||
|
||
/** | ||
* Represent the class for the Cognito User Pool Pre Token Generation Lambda Trigger V2 | ||
* <p> | ||
* See <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html">Pre Token Generation Lambda Trigger</a> | ||
*/ | ||
@Data | ||
@EqualsAndHashCode(callSuper = true) | ||
@NoArgsConstructor | ||
@ToString(callSuper = true) | ||
public class CognitoUserPoolPreTokenGenerationEventV2 extends CognitoUserPoolEvent { | ||
/** | ||
* The request from the Amazon Cognito service. | ||
*/ | ||
private Request request; | ||
|
||
/** | ||
* The response from your Lambda trigger. | ||
*/ | ||
private Response response; | ||
|
||
@Builder(setterPrefix = "with") | ||
public CognitoUserPoolPreTokenGenerationEventV2( | ||
String version, | ||
String triggerSource, | ||
String region, | ||
String userPoolId, | ||
String userName, | ||
CallerContext callerContext, | ||
Request request, | ||
Response response) { | ||
super(version, triggerSource, region, userPoolId, userName, callerContext); | ||
this.request = request; | ||
this.response = response; | ||
} | ||
|
||
@Data | ||
@EqualsAndHashCode(callSuper = true) | ||
@NoArgsConstructor | ||
@ToString(callSuper = true) | ||
public static class Request extends CognitoUserPoolEvent.Request { | ||
|
||
private String[] scopes; | ||
private GroupConfiguration groupConfiguration; | ||
private Map<String, String> clientMetadata; | ||
|
||
@Builder(setterPrefix = "with") | ||
public Request(Map<String, String> userAttributes, String[] scopes, GroupConfiguration groupConfiguration, Map<String, String> clientMetadata) { | ||
super(userAttributes); | ||
this.scopes = scopes; | ||
this.groupConfiguration = groupConfiguration; | ||
this.clientMetadata = clientMetadata; | ||
} | ||
} | ||
|
||
@Data | ||
@AllArgsConstructor | ||
@Builder(setterPrefix = "with") | ||
@NoArgsConstructor | ||
public static class GroupConfiguration { | ||
/** | ||
* A list of the group names that are associated with the user that the identity token is issued for. | ||
*/ | ||
private String[] groupsToOverride; | ||
/** | ||
* A list of the current IAM roles associated with these groups. | ||
*/ | ||
private String[] iamRolesToOverride; | ||
/** | ||
* Indicates the preferred IAM role. | ||
*/ | ||
private String preferredRole; | ||
} | ||
|
||
@Data | ||
@AllArgsConstructor | ||
@Builder(setterPrefix = "with") | ||
@NoArgsConstructor | ||
public static class Response { | ||
private ClaimsAndScopeOverrideDetails claimsAndScopeOverrideDetails; | ||
} | ||
|
||
@Data | ||
@AllArgsConstructor | ||
@Builder(setterPrefix = "with") | ||
@NoArgsConstructor | ||
public static class ClaimsAndScopeOverrideDetails { | ||
private IdTokenGeneration idTokenGeneration; | ||
private AccessTokenGeneration accessTokenGeneration; | ||
private GroupOverrideDetails groupOverrideDetails; | ||
} | ||
|
||
@Data | ||
@AllArgsConstructor | ||
@Builder(setterPrefix = "with") | ||
@NoArgsConstructor | ||
public static class IdTokenGeneration { | ||
private Map<String, String> claimsToAddOrOverride; | ||
private String[] claimsToSuppress; | ||
} | ||
|
||
@Data | ||
@AllArgsConstructor | ||
@Builder(setterPrefix = "with") | ||
@NoArgsConstructor | ||
public static class AccessTokenGeneration { | ||
private Map<String, String> claimsToAddOrOverride; | ||
private String[] claimsToSuppress; | ||
private String[] scopesToAdd; | ||
private String[] scopesToSuppress; | ||
} | ||
|
||
@Data | ||
@AllArgsConstructor | ||
@Builder(setterPrefix = "with") | ||
@NoArgsConstructor | ||
public static class GroupOverrideDetails { | ||
private Map<String, String> groupsToOverride; | ||
private Map<String, String> iamRolesToOverride; | ||
private String preferredRole; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
33 changes: 33 additions & 0 deletions
33
...lambda-java-tests/src/test/resources/cognito_user_pool_pre_token_generation_event_v2.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
{ | ||
"version": "2", | ||
"triggerSource": "TokenGeneration_Authentication", | ||
"region": "us-east-1", | ||
"userPoolId": "us-east-1_EXAMPLE", | ||
"userName": "JaneDoe", | ||
"callerContext": { | ||
"awsSdkVersion": "aws-sdk-unknown-unknown", | ||
"clientId": "1example23456789" | ||
}, | ||
"request": { | ||
"userAttributes": { | ||
"sub": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", | ||
"cognito:user_status": "CONFIRMED", | ||
"email_verified": "true", | ||
"phone_number_verified": "true", | ||
"phone_number": "+12065551212", | ||
"family_name": "Zoe", | ||
"email": "[email protected]" | ||
}, | ||
"groupConfiguration": { | ||
"groupsToOverride": ["group-1", "group-2", "group-3"], | ||
"iamRolesToOverride": ["arn:aws:iam::123456789012:role/sns_caller1", "arn:aws:iam::123456789012:role/sns_caller2", "arn:aws:iam::123456789012:role/sns_caller3"], | ||
"preferredRole": ["arn:aws:iam::123456789012:role/sns_caller"] | ||
}, | ||
"scopes": [ | ||
"aws.cognito.signin.user.admin", "openid", "email", "phone" | ||
] | ||
}, | ||
"response": { | ||
"claimsAndScopeOverrideDetails": [] | ||
} | ||
} |