feat(api): updateUserAttributes full support

README.md

@@ -124,7 +124,7 @@ A _Good Enough_ offline emulator for [Amazon Cognito](https://aws.amazon.com/cog
 | UpdateGroup                      | ❌                   |
 | UpdateIdentityProvider           | ❌                   |
 | UpdateResourceServer             | ❌                   |
-| UpdateUserAttributes             | ❌                   |
+| UpdateUserAttributes             | ✅                   |
 | UpdateUserPool                   | ❌                   |
 | UpdateUserPoolClient             | ❌                   |
 | UpdateUserPoolDomain             | ❌                   |

integration-tests/aws-sdk/updateUserAttributes.test.ts

@@ -0,0 +1,93 @@
+import Pino from "pino";
+import { UUID } from "../../src/__tests__/patterns";
+import { withCognitoSdk } from "./setup";
+
+describe(
+  "CognitoIdentityServiceProvider.updateUserAttributes",
+  withCognitoSdk((Cognito) => {
+    it("updates a user's attributes", async () => {
+      const client = Cognito();
+
+      const pool = await client
+        .createUserPool({
+          PoolName: "test",
+          AutoVerifiedAttributes: ["email"],
+        })
+        .promise();
+      const userPoolId = pool.UserPool?.Id as string;
+
+      const upc = await client
+        .createUserPoolClient({
+          UserPoolId: userPoolId,
+          ClientName: "test",
+        })
+        .promise();
+
+      await client
+        .adminCreateUser({
+          UserAttributes: [
+            { Name: "email", Value: "[email protected]" },
+            { Name: "phone_number", Value: "0400000000" },
+          ],
+          Username: "abc",
+          UserPoolId: userPoolId,
+          TemporaryPassword: "def",
+        })
+        .promise();
+
+      await client
+        .adminConfirmSignUp({
+          UserPoolId: userPoolId,
+          Username: "abc",
+        })
+        .promise();
+
+      // login as the user
+      const initiateAuthResponse = await client
+        .initiateAuth({
+          AuthFlow: "USER_PASSWORD_AUTH",
+          AuthParameters: {
+            USERNAME: "abc",
+            PASSWORD: "def",
+          },
+          ClientId: upc.UserPoolClient?.ClientId as string,
+        })
+        .promise();
+
+      let user = await client
+        .adminGetUser({
+          UserPoolId: userPoolId,
+          Username: "abc",
+        })
+        .promise();
+
+      expect(user.UserAttributes).toEqual([
+        { Name: "sub", Value: expect.stringMatching(UUID) },
+        { Name: "email", Value: "[email protected]" },
+        { Name: "phone_number", Value: "0400000000" },
+      ]);
+
+      await client
+        .updateUserAttributes({
+          AccessToken: initiateAuthResponse.AuthenticationResult
+            ?.AccessToken as string,
+          UserAttributes: [{ Name: "email", Value: "[email protected]" }],
+        })
+        .promise();
+
+      user = await client
+        .adminGetUser({
+          UserPoolId: userPoolId,
+          Username: "abc",
+        })
+        .promise();
+
+      expect(user.UserAttributes).toEqual([
+        { Name: "sub", Value: expect.stringMatching(UUID) },
+        { Name: "email", Value: "[email protected]" },
+        { Name: "phone_number", Value: "0400000000" },
+        { Name: "email_verified", Value: "false" },
+      ]);
+    });
+  })
+);

src/services/userPoolService.ts

@@ -2,9 +2,11 @@ import {
   AttributeListType,
   AttributeType,
   MFAOptionListType,
+  SchemaAttributesListType,
   UserPoolType,
   UserStatusType,
 } from "aws-sdk/clients/cognitoidentityserviceprovider";
+import { InvalidParameterError } from "../errors";
 import { AppClient, newId } from "./appClient";
 import { Clock } from "./clock";
 import { Context } from "./context";
@@ -351,3 +353,67 @@ export class UserPoolServiceFactoryImpl implements UserPoolServiceFactory {
     );
   }
 }
+
+export const validatePermittedAttributeChanges = (
+  requestAttributes: AttributeListType,
+  schemaAttributes: SchemaAttributesListType
+): AttributeListType => {
+  for (const attr of requestAttributes) {
+    const attrSchema = schemaAttributes.find((x) => x.Name === attr.Name);
+    if (!attrSchema) {
+      throw new InvalidParameterError(
+        `user.${attr.Name}: Attribute does not exist in the schema.`
+      );
+    }
+    if (!attrSchema.Mutable) {
+      throw new InvalidParameterError(
+        `user.${attr.Name}: Attribute cannot be updated. (changing an immutable attribute)`
+      );
+    }
+  }
+
+  if (
+    attributesInclude("email_verified", requestAttributes) &&
+    !attributesInclude("email", requestAttributes)
+  ) {
+    throw new InvalidParameterError(
+      "Email is required to verify/un-verify an email"
+    );
+  }
+
+  if (
+    attributesInclude("phone_number_verified", requestAttributes) &&
+    !attributesInclude("phone_number", requestAttributes)
+  ) {
+    throw new InvalidParameterError(
+      "Phone Number is required to verify/un-verify a phone number"
+    );
+  }
+
+  return requestAttributes;
+};
+
+export const defaultVerifiedAttributesIfModified = (
+  attributes: AttributeListType
+): AttributeListType => {
+  const attributesToSet = [...attributes];
+  if (
+    attributesInclude("email", attributes) &&
+    !attributesInclude("email_verified", attributes)
+  ) {
+    attributesToSet.push(attribute("email_verified", "false"));
+  }
+  if (
+    attributesInclude("phone_number", attributes) &&
+    !attributesInclude("phone_number_verified", attributes)
+  ) {
+    attributesToSet.push(attribute("phone_number_verified", "false"));
+  }
+  return attributesToSet;
+};
+
+export const hasUnverifiedContactAttributes = (
+  userAttributesToSet: AttributeListType
+): boolean =>
+  attributeValue("email_verified", userAttributesToSet) === "false" ||
+  attributeValue("phone_number_verified", userAttributesToSet) === "false";

src/targets/adminUpdateUserAttributes.ts

@@ -1,86 +1,20 @@
 import {
   AdminUpdateUserAttributesRequest,
   AdminUpdateUserAttributesResponse,
-  AttributeListType,
-  SchemaAttributesListType,
 } from "aws-sdk/clients/cognitoidentityserviceprovider";
-import { Messages, Services, UserPoolService } from "../services";
 import { InvalidParameterError, NotAuthorizedError } from "../errors";
+import { Messages, Services, UserPoolService } from "../services";
 import { USER_POOL_AWS_DEFAULTS } from "../services/cognitoService";
 import { selectAppropriateDeliveryMethod } from "../services/messageDelivery/deliveryMethod";
 import {
-  attribute,
   attributesAppend,
-  attributesInclude,
-  attributeValue,
+  defaultVerifiedAttributesIfModified,
+  hasUnverifiedContactAttributes,
   User,
+  validatePermittedAttributeChanges,
 } from "../services/userPoolService";
 import { Context, Target } from "./router";
 
-const validatePermittedAttributeChanges = (
-  requestAttributes: AttributeListType,
-  schemaAttributes: SchemaAttributesListType
-): AttributeListType => {
-  for (const attr of requestAttributes) {
-    const attrSchema = schemaAttributes.find((x) => x.Name === attr.Name);
-    if (!attrSchema) {
-      throw new InvalidParameterError(
-        `user.${attr.Name}: Attribute does not exist in the schema.`
-      );
-    }
-    if (!attrSchema.Mutable) {
-      throw new InvalidParameterError(
-        `user.${attr.Name}: Attribute cannot be updated. (changing an immutable attribute)`
-      );
-    }
-  }
-
-  if (
-    attributesInclude("email_verified", requestAttributes) &&
-    !attributesInclude("email", requestAttributes)
-  ) {
-    throw new InvalidParameterError(
-      "Email is required to verify/un-verify an email"
-    );
-  }
-
-  if (
-    attributesInclude("phone_number_verified", requestAttributes) &&
-    !attributesInclude("phone_number", requestAttributes)
-  ) {
-    throw new InvalidParameterError(
-      "Phone Number is required to verify/un-verify a phone number"
-    );
-  }
-
-  return requestAttributes;
-};
-
-const defaultVerifiedAttributesIfModified = (
-  attributes: AttributeListType
-): AttributeListType => {
-  const attributesToSet = [...attributes];
-  if (
-    attributesInclude("email", attributes) &&
-    !attributesInclude("email_verified", attributes)
-  ) {
-    attributesToSet.push(attribute("email_verified", "false"));
-  }
-  if (
-    attributesInclude("phone_number", attributes) &&
-    !attributesInclude("phone_number_verified", attributes)
-  ) {
-    attributesToSet.push(attribute("phone_number_verified", "false"));
-  }
-  return attributesToSet;
-};
-
-const hasUnverifiedContactAttributes = (
-  userAttributesToSet: AttributeListType
-): boolean =>
-  attributeValue("email_verified", userAttributesToSet) === "false" ||
-  attributeValue("phone_number_verified", userAttributesToSet) === "false";
-
 const sendAttributeVerificationCode = async (
   ctx: Context,
   userPool: UserPoolService,

src/targets/router.ts

@@ -26,14 +26,15 @@ import { AdminConfirmSignUp } from "./adminConfirmSignUp";
 import { AdminUpdateUserAttributes } from "./adminUpdateUserAttributes";
 import { AdminInitiateAuth } from "./adminInitiateAuth";
 import { RevokeToken } from "./revokeToken";
+import { UpdateUserAttributes } from "./updateUserAttributes";
 import { VerifyUserAttribute } from "./verifyUserAttribute";
 
 export const Targets = {
   AdminConfirmSignUp,
   AdminCreateUser,
   AdminDeleteUser,
-  AdminInitiateAuth,
   AdminGetUser,
+  AdminInitiateAuth,
   AdminSetUserPassword,
   AdminUpdateUserAttributes,
   ChangePassword,
@@ -49,11 +50,12 @@ export const Targets = {
   GetUserAttributeVerificationCode,
   InitiateAuth,
   ListGroups,
-  ListUsers,
   ListUserPools,
+  ListUsers,
   RespondToAuthChallenge,
   RevokeToken,
   SignUp,
+  UpdateUserAttributes,
   VerifyUserAttribute,
 } as const;