From 7d18f0f965ec5d8da567db61d355639e5b40935e Mon Sep 17 00:00:00 2001 From: Mark Neves Date: Sun, 28 Jul 2019 15:49:32 -0700 Subject: [PATCH 1/2] Add Cognito trigger: PreAuthentication --- ...DME_Cognito_UserPools_PreAuthentication.md | 25 +++++++++++++++++ events/cognito.go | 18 +++++++++++++ events/cognito_test.go | 27 +++++++++++++++++++ 3 files changed, 70 insertions(+) create mode 100644 events/README_Cognito_UserPools_PreAuthentication.md diff --git a/events/README_Cognito_UserPools_PreAuthentication.md b/events/README_Cognito_UserPools_PreAuthentication.md new file mode 100644 index 00000000..1717508a --- /dev/null +++ b/events/README_Cognito_UserPools_PreAuthentication.md @@ -0,0 +1,25 @@ +# Sample Function + +The following is a sample Lambda function that receives Amazon Cognito User Pools pre-authentication event as an input and writes some of the record data to CloudWatch Logs. (Note that by default anything written to Console will be logged as CloudWatch Logs events.) + +Please see instructions for setting up the Cognito triggers at https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html . + +```go +package main + +import ( + "fmt" + + "github.com/aws/aws-lambda-go/lambda" + "github.com/aws/aws-lambda-go/events" +) + +func handler(event events.CognitoEventUserPoolsPreAuthentication) (events.CognitoEventUserPoolsPreAuthentication, error) { + fmt.Printf("PreAuthentication of user: %s\n", event.UserName) + return event, nil +} + +func main() { + lambda.Start(handler) +} +``` diff --git a/events/cognito.go b/events/cognito.go index 9de9a615..246021b1 100644 --- a/events/cognito.go +++ b/events/cognito.go @@ -28,6 +28,14 @@ type CognitoEventUserPoolsPreSignup struct { Response CognitoEventUserPoolsPreSignupResponse `json:"response"` } +// CognitoEventUserPoolsPreAuthentication is sent by AWS Cognito User Pools when a user submits their information +// to be authenticated, allowing you to perform custom validations to accept or deny the sign in request. +type CognitoEventUserPoolsPreAuthentication struct { + CognitoEventUserPoolsHeader + Request CognitoEventUserPoolsPreAuthenticationRequest `json:"request"` + Response CognitoEventUserPoolsPreAuthenticationResponse `json:"response"` +} + // CognitoEventUserPoolsPostConfirmation is sent by AWS Cognito User Pools after a user is confirmed, // allowing the Lambda to send custom messages or add custom logic. type CognitoEventUserPoolsPostConfirmation struct { @@ -89,6 +97,16 @@ type CognitoEventUserPoolsPreSignupResponse struct { AutoVerifyPhone bool `json:"autoVerifyPhone"` } +// CognitoEventUserPoolsPreAuthenticationRequest contains the request portion of a PreAuthentication event +type CognitoEventUserPoolsPreAuthenticationRequest struct { + UserAttributes map[string]string `json:"userAttributes"` + ValidationData map[string]string `json:"validationData"` +} + +// CognitoEventUserPoolsPreAuthenticationResponse contains the response portion of a PreAuthentication event +type CognitoEventUserPoolsPreAuthenticationResponse struct { +} + // CognitoEventUserPoolsPostConfirmationRequest contains the request portion of a PostConfirmation event type CognitoEventUserPoolsPostConfirmationRequest struct { UserAttributes map[string]string `json:"userAttributes"` diff --git a/events/cognito_test.go b/events/cognito_test.go index fad8755d..6156faba 100644 --- a/events/cognito_test.go +++ b/events/cognito_test.go @@ -64,6 +64,33 @@ func TestCognitoUserPoolsPreSignupMarshalingMalformedJson(t *testing.T) { test.TestMalformedJson(t, CognitoEventUserPoolsPreSignup{}) } +func TestCognitoEventUserPoolsPreAuthenticationMarshaling(t *testing.T) { + + // read json from file + inputJSON, err := ioutil.ReadFile("./testdata/cognito-event-userpools-presignup.json") + if err != nil { + t.Errorf("could not open test file. details: %v", err) + } + + // de-serialize into CognitoEvent + var inputEvent CognitoEventUserPoolsPreAuthentication + if err := json.Unmarshal(inputJSON, &inputEvent); err != nil { + t.Errorf("could not unmarshal event. details: %v", err) + } + + // serialize to json + outputJSON, err := json.Marshal(inputEvent) + if err != nil { + t.Errorf("could not marshal event. details: %v", err) + } + + assert.JSONEq(t, string(inputJSON), string(outputJSON)) +} + +func TestCognitoUserPoolsPreAuthenticationMarshalingMalformedJson(t *testing.T) { + test.TestMalformedJson(t, CognitoEventUserPoolsPreAuthentication{}) +} + func TestCognitoEventUserPoolsPostConfirmationMarshaling(t *testing.T) { // read json from file From 8b8292b6126a332a25d652921d5cd5560ccb9cc1 Mon Sep 17 00:00:00 2001 From: Mark Neves Date: Sun, 28 Jul 2019 16:37:47 -0700 Subject: [PATCH 2/2] Add PreAuthentication test event --- events/cognito_test.go | 2 +- ...ito-event-userpools-preauthentication.json | 21 +++++++++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) create mode 100644 events/testdata/cognito-event-userpools-preauthentication.json diff --git a/events/cognito_test.go b/events/cognito_test.go index 6156faba..fdb1d437 100644 --- a/events/cognito_test.go +++ b/events/cognito_test.go @@ -67,7 +67,7 @@ func TestCognitoUserPoolsPreSignupMarshalingMalformedJson(t *testing.T) { func TestCognitoEventUserPoolsPreAuthenticationMarshaling(t *testing.T) { // read json from file - inputJSON, err := ioutil.ReadFile("./testdata/cognito-event-userpools-presignup.json") + inputJSON, err := ioutil.ReadFile("./testdata/cognito-event-userpools-preauthentication.json") if err != nil { t.Errorf("could not open test file. details: %v", err) } diff --git a/events/testdata/cognito-event-userpools-preauthentication.json b/events/testdata/cognito-event-userpools-preauthentication.json new file mode 100644 index 00000000..71e2c352 --- /dev/null +++ b/events/testdata/cognito-event-userpools-preauthentication.json @@ -0,0 +1,21 @@ +{ + "version": "1", + "triggerSource": "PreAuthentication_Authentication", + "region": "", + "userPoolId": "", + "userName": "", + "callerContext": { + "awsSdkVersion": "", + "clientId": "" + }, + "request": { + "userAttributes": { + "email": "" + }, + "validationData": { + "k1": "v1", + "k2": "v2" + } + }, + "response": {} +} \ No newline at end of file