feat(api): describeUserPoolClient support

jagregory · Jul 23, 2021 · 26cf370 · 26cf370
1 parent 153b71a
commit 26cf370
Show file tree

Hide file tree

Showing 17 changed files with 164 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -15,6 +15,7 @@ perfect, because it won't be.
 - [ConfirmForgotPassword](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmForgotPassword.html)
 - [ConfirmSignUp](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmSignUp.html)
 - [CreateUserPoolClient](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPoolClient.html)
+- [DescribeUserPoolClient](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPoolClient.html)
 - [ForgotPassword](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ForgotPassword.html)
 - [GetUser](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUser.html)
 - [InitiateAuth](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html)

diff --git a/src/services/cognitoClient.ts b/src/services/cognitoClient.ts
@@ -9,6 +9,7 @@ import {
 } from "./userPoolClient";
 
 export interface CognitoClient {
+  getAppClient(clientId: string): Promise<AppClient | null>;
   getUserPool(userPoolId: string): Promise<UserPoolClient>;
   getUserPoolForClientId(clientId: string): Promise<UserPoolClient>;
 }
@@ -63,7 +64,7 @@ export class CognitoClientService implements CognitoClient {
   public async getUserPoolForClientId(
     clientId: string
   ): Promise<UserPoolClient> {
-    const appClient = await this.clients.get<AppClient>(["Clients", clientId]);
+    const appClient = await this.getAppClient(clientId);
     if (!appClient) {
       throw new ResourceNotFoundError();
     }
@@ -75,4 +76,8 @@ export class CognitoClientService implements CognitoClient {
       this.logger
     );
   }
+
+  public async getAppClient(clientId: string): Promise<AppClient | null> {
+    return this.clients.get(["Clients", clientId]);
+  }
 }
diff --git a/src/services/triggers/customMessage.test.ts b/src/services/triggers/customMessage.test.ts
@@ -25,6 +25,7 @@ describe("CustomMessage trigger", () => {
       saveUser: jest.fn(),
     };
     mockCognitoClient = {
+      getAppClient: jest.fn(),
       getUserPool: jest.fn().mockResolvedValue(mockUserPoolClient),
       getUserPoolForClientId: jest.fn().mockResolvedValue(mockUserPoolClient),
     };

diff --git a/src/services/triggers/postConfirmation.test.ts b/src/services/triggers/postConfirmation.test.ts
@@ -25,6 +25,7 @@ describe("PostConfirmation trigger", () => {
       saveUser: jest.fn(),
     };
     mockCognitoClient = {
+      getAppClient: jest.fn(),
       getUserPool: jest.fn().mockResolvedValue(mockUserPoolClient),
       getUserPoolForClientId: jest.fn().mockResolvedValue(mockUserPoolClient),
     };

diff --git a/src/services/triggers/userMigration.test.ts b/src/services/triggers/userMigration.test.ts
@@ -27,6 +27,7 @@ describe("UserMigration trigger", () => {
       saveUser: jest.fn(),
     };
     mockCognitoClient = {
+      getAppClient: jest.fn(),
       getUserPool: jest.fn().mockResolvedValue(mockUserPoolClient),
       getUserPoolForClientId: jest.fn().mockResolvedValue(mockUserPoolClient),
     };

diff --git a/src/targets/confirmForgotPassword.test.ts b/src/targets/confirmForgotPassword.test.ts
@@ -27,6 +27,7 @@ describe("ConfirmForgotPassword target", () => {
       saveUser: jest.fn(),
     };
     mockCognitoClient = {
+      getAppClient: jest.fn(),
       getUserPool: jest.fn().mockResolvedValue(mockUserPoolClient),
       getUserPoolForClientId: jest.fn().mockResolvedValue(mockUserPoolClient),
     };

diff --git a/src/targets/confirmSignUp.test.ts b/src/targets/confirmSignUp.test.ts
@@ -24,6 +24,7 @@ describe("ConfirmSignUp target", () => {
       saveUser: jest.fn(),
     };
     mockCognitoClient = {
+      getAppClient: jest.fn(),
       getUserPool: jest.fn().mockResolvedValue(mockUserPoolClient),
       getUserPoolForClientId: jest.fn().mockResolvedValue(mockUserPoolClient),
     };

diff --git a/src/targets/createUserPoolClient.test.ts b/src/targets/createUserPoolClient.test.ts
@@ -26,6 +26,7 @@ describe("CreateUserPoolClient target", () => {
       saveUser: jest.fn(),
     };
     mockCognitoClient = {
+      getAppClient: jest.fn(),
       getUserPool: jest.fn().mockResolvedValue(mockUserPoolClient),
       getUserPoolForClientId: jest.fn().mockResolvedValue(mockUserPoolClient),
     };

diff --git a/src/targets/describeUserPoolClient.test.ts b/src/targets/describeUserPoolClient.test.ts
@@ -0,0 +1,70 @@
+import { advanceTo } from "jest-date-mock";
+import { ResourceNotFoundError } from "../errors";
+import { CognitoClient, UserPoolClient } from "../services";
+import { AppClient } from "../services/appClient";
+import {
+  DescribeUserPoolClient,
+  DescribeUserPoolClientTarget,
+} from "./describeUserPoolClient";
+
+describe("DescribeUserPoolClient target", () => {
+  let describeUserPoolClient: DescribeUserPoolClientTarget;
+  let mockCognitoClient: jest.Mocked<CognitoClient>;
+  let mockUserPoolClient: jest.Mocked<UserPoolClient>;
+  let now: Date;
+
+  beforeEach(() => {
+    now = new Date(2020, 1, 2, 3, 4, 5);
+    advanceTo(now);
+
+    mockUserPoolClient = {
+      config: {
+        Id: "test",
+      },
+      createAppClient: jest.fn(),
+      getUserByUsername: jest.fn(),
+      listUsers: jest.fn(),
+      saveUser: jest.fn(),
+    };
+    mockCognitoClient = {
+      getAppClient: jest.fn(),
+      getUserPool: jest.fn().mockResolvedValue(mockUserPoolClient),
+      getUserPoolForClientId: jest.fn().mockResolvedValue(mockUserPoolClient),
+    };
+
+    describeUserPoolClient = DescribeUserPoolClient({
+      cognitoClient: mockCognitoClient,
+    });
+  });
+
+  it("returns an existing app client", async () => {
+    const existingAppClient: AppClient = {
+      RefreshTokenValidity: 30,
+      AllowedOAuthFlowsUserPoolClient: false,
+      LastModifiedDate: new Date().getTime(),
+      CreationDate: new Date().getTime(),
+      UserPoolId: "userPoolId",
+      ClientId: "abc",
+      ClientName: "clientName",
+    };
+    mockCognitoClient.getAppClient.mockResolvedValue(existingAppClient);
+
+    const result = await describeUserPoolClient({
+      ClientId: "abc",
+      UserPoolId: "userPoolId",
+    });
+
+    expect(result).toEqual({ UserPoolClient: existingAppClient });
+  });
+
+  it("throws resource not found for an invalid app client", async () => {
+    mockCognitoClient.getAppClient.mockResolvedValue(null);
+
+    await expect(
+      describeUserPoolClient({
+        ClientId: "abc",
+        UserPoolId: "userPoolId",
+      })
+    ).rejects.toEqual(new ResourceNotFoundError());
+  });
+});
diff --git a/src/targets/describeUserPoolClient.ts b/src/targets/describeUserPoolClient.ts
@@ -0,0 +1,72 @@
+import { ResourceNotFoundError } from "../errors";
+import { Services } from "../services";
+import { UserAttribute } from "../services/userPoolClient";
+
+interface Input {
+  ClientId: string;
+  UserPoolId: string;
+}
+
+export interface DynamoDBUserRecord {
+  Username: string;
+  UserCreateDate: number;
+  UserLastModifiedDate: number;
+  Enabled: boolean;
+  UserStatus: "CONFIRMED" | "UNCONFIRMED" | "RESET_REQUIRED";
+  Attributes: readonly UserAttribute[];
+}
+
+interface Output {
+  UserPoolClient: {
+    AccessTokenValidity?: number;
+    AllowedOAuthFlows?: ("code" | "implicit" | "client_credentials")[];
+    AllowedOAuthFlowsUserPoolClient?: boolean;
+    AllowedOAuthScopes?: string[];
+    AnalyticsConfiguration?: {
+      ApplicationArn?: string;
+      ApplicationId?: string;
+      ExternalId?: string;
+      RoleArn?: string;
+      UserDataShared?: boolean;
+    };
+    CallbackURLs?: string[];
+    ClientId?: string;
+    ClientName?: string;
+    ClientSecret?: string;
+    CreationDate?: number;
+    DefaultRedirectURI?: string;
+    EnableTokenRevocation?: boolean;
+    ExplicitAuthFlows?: string[];
+    IdTokenValidity?: number;
+    LastModifiedDate?: number;
+    LogoutURLs?: string[];
+    PreventUserExistenceErrors?: "LEGACY" | "ENABLED";
+    ReadAttributes?: string[];
+    RefreshTokenValidity?: number;
+    SupportedIdentityProviders?: string[];
+    TokenValidityUnits?: {
+      AccessToken?: "seconds" | "minutes" | "hours" | "days";
+      IdToken?: "seconds" | "minutes" | "hours" | "days";
+      RefreshToken?: "seconds" | "minutes" | "hours" | "days";
+    };
+    UserPoolId?: string;
+    WriteAttributes?: string[];
+  };
+}
+
+export type DescribeUserPoolClientTarget = (body: Input) => Promise<Output>;
+
+export const DescribeUserPoolClient = ({
+  cognitoClient,
+}: Pick<Services, "cognitoClient">): DescribeUserPoolClientTarget => async (
+  body
+) => {
+  const client = await cognitoClient.getAppClient(body.ClientId);
+  if (client?.UserPoolId !== body.UserPoolId) {
+    throw new ResourceNotFoundError();
+  }
+
+  return {
+    UserPoolClient: client,
+  };
+};
diff --git a/src/targets/forgotPassword.test.ts b/src/targets/forgotPassword.test.ts
@@ -31,6 +31,7 @@ describe("ForgotPassword target", () => {
       saveUser: jest.fn(),
     };
     mockCognitoClient = {
+      getAppClient: jest.fn(),
       getUserPool: jest.fn().mockResolvedValue(mockUserPoolClient),
       getUserPoolForClientId: jest.fn().mockResolvedValue(mockUserPoolClient),
     };

diff --git a/src/targets/getUser.test.ts b/src/targets/getUser.test.ts
@@ -27,6 +27,7 @@ describe("GetUser target", () => {
       saveUser: jest.fn(),
     };
     mockCognitoClient = {
+      getAppClient: jest.fn(),
       getUserPool: jest.fn().mockResolvedValue(mockUserPoolClient),
       getUserPoolForClientId: jest.fn().mockResolvedValue(mockUserPoolClient),
     };

diff --git a/src/targets/initiateAuth.test.ts b/src/targets/initiateAuth.test.ts
@@ -47,6 +47,7 @@ describe("InitiateAuth target", () => {
       saveUser: jest.fn(),
     };
     mockCognitoClient = {
+      getAppClient: jest.fn(),
       getUserPool: jest.fn().mockResolvedValue(mockUserPoolClient),
       getUserPoolForClientId: jest.fn().mockResolvedValue(mockUserPoolClient),
     };

diff --git a/src/targets/listUsers.test.ts b/src/targets/listUsers.test.ts
@@ -22,6 +22,7 @@ describe("ListUsers target", () => {
       saveUser: jest.fn(),
     };
     mockCognitoClient = {
+      getAppClient: jest.fn(),
       getUserPool: jest.fn().mockResolvedValue(mockUserPoolClient),
       getUserPoolForClientId: jest.fn().mockResolvedValue(mockUserPoolClient),
     };

diff --git a/src/targets/respondToAuthChallenge.test.ts b/src/targets/respondToAuthChallenge.test.ts
@@ -30,6 +30,7 @@ describe("RespondToAuthChallenge target", () => {
       saveUser: jest.fn(),
     };
     mockCognitoClient = {
+      getAppClient: jest.fn(),
       getUserPool: jest.fn().mockResolvedValue(mockUserPoolClient),
       getUserPoolForClientId: jest.fn().mockResolvedValue(mockUserPoolClient),
     };

diff --git a/src/targets/router.ts b/src/targets/router.ts
@@ -4,6 +4,7 @@ import { UnsupportedError } from "../errors";
 import { ConfirmForgotPassword } from "./confirmForgotPassword";
 import { ConfirmSignUp } from "./confirmSignUp";
 import { CreateUserPoolClient } from "./createUserPoolClient";
+import { DescribeUserPoolClient } from "./describeUserPoolClient";
 import { ForgotPassword } from "./forgotPassword";
 import { InitiateAuth } from "./initiateAuth";
 import { ListUsers } from "./listUsers";
@@ -15,12 +16,13 @@ export const Targets = {
   ConfirmForgotPassword,
   ConfirmSignUp,
   CreateUserPoolClient,
+  DescribeUserPoolClient,
   ForgotPassword,
+  GetUser,
   InitiateAuth,
   ListUsers,
   RespondToAuthChallenge,
   SignUp,
-  GetUser,
 };
 
 type TargetName = keyof typeof Targets;

diff --git a/src/targets/signUp.test.ts b/src/targets/signUp.test.ts
@@ -35,6 +35,7 @@ describe("SignUp target", () => {
       saveUser: jest.fn(),
     };
     mockCognitoClient = {
+      getAppClient: jest.fn(),
       getUserPool: jest.fn().mockResolvedValue(mockUserPoolClient),
       getUserPoolForClientId: jest.fn().mockResolvedValue(mockUserPoolClient),
     };