Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(cognito-identitypool): providerUrl causes error when mappingKey is not provided and it is a token #21191

Merged
merged 8 commits into from
Jul 30, 2022
Merged

fix(cognito-identitypool): providerUrl causes error when mappingKey is not provided and it is a token #21191

Changes from 1 commit
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
4ce08e4
Add mappingKey to role mapping
SamStephens Jul 18, 2022
0eb4701
Add missing dependencies
SamStephens Jul 18, 2022
bbc6ae8
Update integ results
SamStephens Jul 18, 2022
2524a24
Merge branch 'main' into main
SamStephens Jul 18, 2022
192876d
Add missing IdentityPoolProviderUrl import to README.md
SamStephens Jul 18, 2022
68e96cc
Merge branch 'main' into main
SamStephens Jul 30, 2022
49af778
Fix providerUrl.value is token error message
SamStephens Jul 30, 2022
5ffb940
Fix test missed from previous commit
SamStephens Jul 30, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Add missing IdentityPoolProviderUrl import to README.md 
Also, move the documentation of the new feature to a more relevant
part of the README.md.
  • Loading branch information
@SamStephens
SamStephens committed Jul 18, 2022
commit 192876d6ccb765ef36332b7b24188c571943924a
37 changes: 19 additions & 18 deletions packages/@aws-cdk/aws-cognito-identitypool/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -312,24 +312,6 @@ declare const myAddedRoleMapping3: IdentityPoolRoleMapping;
identityPool.addRoleMappings(myAddedRoleMapping1, myAddedRoleMapping2, myAddedRoleMapping3);
```

If a provider URL is a CDK Token, as it will be if you are trying to use a previously defined Cognito User Pool, you will need to also provide a mappingKey.
This is because by default, the key in the Cloudformation role mapping hash is the providerUrl, and Cloudformation map keys must be concrete strings, they
cannot be references. For example:

```ts
import { UserPool } from '@aws-cdk/aws-cognito';

declare const userPool : UserPool;
new IdentityPool(this, 'myidentitypool', {
identityPoolName: 'myidentitypool',
roleMappings: [{
mappingKey: 'cognito',
providerUrl: IdentityPoolProviderUrl.userPool(userPool.userPoolProviderUrl),
useToken: true,
}],
});
```

#### Provider Urls

Role mappings must be associated with the url of an Identity Provider which can be supplied
Expand Down Expand Up @@ -367,6 +349,25 @@ new IdentityPool(this, 'myidentitypool', {
});
```

If a provider URL is a CDK Token, as it will be if you are trying to use a previously defined Cognito User Pool, you will need to also provide a mappingKey.
This is because by default, the key in the Cloudformation role mapping hash is the providerUrl, and Cloudformation map keys must be concrete strings, they
cannot be references. For example:

```ts
import { UserPool } from '@aws-cdk/aws-cognito';
import { IdentityPoolProviderUrl } from '@aws-cdk/aws-cognito-identitypool';

declare const userPool : UserPool;
new IdentityPool(this, 'myidentitypool', {
identityPoolName: 'myidentitypool',
roleMappings: [{
mappingKey: 'cognito',
providerUrl: IdentityPoolProviderUrl.userPool(userPool.userPoolProviderUrl),
useToken: true,
}],
});
```

See [here](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html#cfn-cognito-identitypoolroleattachment-rolemapping-identityprovider) for more information.

### Authentication Flow
Expand Down