From e85dd9f1f6dacd9d49cfff58648a11e4d1ba1e07 Mon Sep 17 00:00:00 2001 From: aledesma Date: Wed, 8 Sep 2021 17:33:53 -0500 Subject: [PATCH] feat(amplify-category-auth): enable automatic setup of a generic OpenID Connect Provider MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Squashed commit of the following: commit 481adfd294f8e4010fa5d1ce58d5241151bae815 Author: Florian CHAZAL Date: Thu Sep 10 16:38:24 2020 +0200 Fix auto merge commit 2b05fdbf1398156c14317801815feb18ed16d607 Merge: f18ff5011 fe48ab695 Author: Florian CHAZAL Date: Thu Sep 10 06:55:25 2020 +0200 Merge remote-tracking branch 'upstream/master' commit f18ff5011923a820a3f8816c16fd7360d0ac4831 Merge: 3d86df098 9f805128a Author: Florian CHAZAL Date: Tue Sep 8 22:40:06 2020 +0200 Merge remote-tracking branch 'upstream/master' commit 3d86df0980fd80f2afb80986a746cbd6e2d5a1b3 Author: Florian CHAZAL Date: Tue Sep 8 22:29:32 2020 +0200 Fix remove scope flow commit f79debf8b306bfcf44836ee62f7aeda11993b5c9 Author: Florian CHAZAL Date: Fri Sep 4 16:59:30 2020 +0200 Fix empty list case for edit and remove mapping commit cbb8a526124cd46ba0599afecd1ec6ecd259d947 Author: Florian CHAZAL Date: Fri Sep 4 16:22:21 2020 +0200 fix wording commit 7b216f72ef57d9ea8b6b0e91a3bbc2d4d0b92e2b Author: Florian CHAZAL Date: Thu Sep 3 22:02:55 2020 +0200 remove space before '?' commit 06b313477e6b7edf405bc1ed3758c2c4f43d8e00 Author: Florian CHAZAL Date: Wed Sep 2 09:39:40 2020 +0200 Add remove scope feature commit 237169bf4d71a89c807dfd9349c580c89faa1715 Author: Florian CHAZAL Date: Tue Sep 1 18:23:30 2020 +0200 Add remove attribute mapping capability commit 26ee998cfe6c1275d6efeb8feaf41cbd6a0bee39 Author: Florian CHAZAL Date: Tue Sep 1 10:43:12 2020 +0200 Add current value to mapping prompt commit 108c3aa7cbac97782d43f51cee9c489bf867c13a Merge: edb627a42 bb06162bd Author: Florian CHAZAL Date: Tue Sep 1 09:48:58 2020 +0200 Merge remote-tracking branch 'upstream/master' commit edb627a42467a284fc29f80a5cb2f0d9d44440bb Author: Florian CHAZAL Date: Mon Aug 31 21:13:41 2020 +0200 fix console log commit fe02ef5c06427f978f1d9880a055661a26ad4f29 Author: Florian CHAZAL Date: Thu Aug 27 19:02:38 2020 +0200 fix UT commit 86357f736749b93c3f1ff5a9d64d0f9890d161de Author: Florian CHAZAL Date: Thu Aug 27 18:38:03 2020 +0200 fix 'Yes, I want to make some additional changes' flow commit 8808dbccd4f52ca165bad5f474ceee74cce1fa43 Author: Florian CHAZAL Date: Thu Aug 27 17:52:34 2020 +0200 migrated to ts commit beeff50b5b7816be9709c2a0b157e6471b54a617 Merge: 753e05aca e34226dde Author: Florian CHAZAL Date: Thu Aug 27 10:51:59 2020 +0200 Merge remote-tracking branch 'upstream/master' into fixConflict commit 753e05aca0684b50058dba71101da7f57470d986 Author: Florian CHAZAL Date: Thu Aug 20 11:14:25 2020 +0200 Modify wording for mapping and display of required field commit 491d870ebea4aba6981020f878195ea367812b69 Author: Florian CHAZAL Date: Wed Aug 19 14:48:03 2020 +0200 Improve CLI flow for add and Update commit 70da290c980dc2cdab8458a290594a04100b026f Author: Florian CHAZAL Date: Mon Aug 17 11:05:55 2020 +0200 Add while loop and simplify update cli flow for OIDC scope commit c6375bbff66031cdf438fd903aed3ceece6edeb8 Author: Florian CHAZAL Date: Fri Aug 14 10:17:39 2020 +0200 fix prompt commit f4f85b377ea79c9f09830a8dedc2e30fca2a6fd6 Author: Florian CHAZAL Date: Fri Jul 31 11:02:05 2020 +0200 Fix default for OIDC advanced settings question commit 3ee9dd66cfe06ddb2ad136cc71fcb18942fef0fc Author: Florian CHAZAL Date: Thu Jul 30 11:32:04 2020 +0200 fix tests commit 2a562966b3a6c769058bc5fdabeed9cbe0c6b1ab Merge: 2d31ce007 46351a17d Author: Florian CHAZAL Date: Thu Jul 30 07:50:06 2020 +0200 Merge remote-tracking branch 'upstream/master' commit 2d31ce007f0bf580843b0307bd7dd3ce17b53f51 Author: Florian CHAZAL Date: Thu Jul 30 07:41:57 2020 +0200 Hide OIDC scope and mapping questions behind confirm question commit 4d85180af3851ab04248debd158a614a02fd1fd5 Author: Florian CHAZAL Date: Wed Jul 22 12:01:30 2020 +0200 remove custom oidc option for manual configuration commit a4fe096d67830546e8e7ad82e8306eb7729cc755 Author: Florian CHAZAL Date: Wed Jul 22 11:44:04 2020 +0200 Fix optional secret and mapping commit 995e3f05ed03f1fa5c177a12b2489f5102f77b3e Author: Florian CHAZAL Date: Mon Jul 20 10:41:09 2020 +0200 Fixing flow commit 96cf77db00045107ab2c49294d0e3833c60833ec Author: Florian CHAZAL Date: Fri Jul 17 17:59:56 2020 +0200 fix lint commit 6d0bc431687c15aeb8b4226f0baac984442c037d Merge: fdad9baa5 183e20133 Author: Florian CHAZAL Date: Fri Jul 17 17:08:14 2020 +0200 Merge remote-tracking branch 'upstream/master' commit 183e20133eb938b596039ea63bd08e1c9b4c84e4 Author: UnleashedMind Date: Thu Jul 16 13:36:51 2020 -0700 fix(amplify-provider-awscloudformation): fix bug for no credential file (#4310) * fix(cli): fix a bug in init workflow fix a bug in init workflow when there is no credentials file and the customer select not to set up new user and directly type in credentials fix #4284 * address PR comments * run split test * dev * back to the original tests * add warning message on running init-special-case test Co-authored-by: Zhou commit 6e9a0f80f023d8e6a2f4d34c604c9106979dd5d8 Author: aws-amplify-bot Date: Wed Jul 15 22:37:55 2020 +0000 chore(release): Publish [ci skip] - amplify-category-analytics@2.17.4 - amplify-category-api@2.20.4 - amplify-category-auth@2.16.4 - amplify-category-function@2.21.4 - amplify-category-interactions@2.4.4 - amplify-category-notifications@2.15.13 - amplify-category-predictions@2.4.4 - amplify-category-storage@2.5.4 - amplify-category-xr@2.4.4 - @aws-amplify/cli@4.24.2 - amplify-codegen@2.15.13 - amplify-console-hosting@1.4.1 - amplify-console-integration-tests@1.2.14 - amplify-e2e-core@1.2.2 - amplify-e2e-tests@2.19.2 - amplify-migration-tests@2.17.11 - amplify-provider-awscloudformation@4.22.4 - amplify-util-mock@3.22.3 - graphql-auth-transformer@6.18.5 - graphql-connection-transformer@4.18.4 - graphql-dynamodb-transformer@6.19.5 - graphql-elasticsearch-transformer@4.7.7 - graphql-function-transformer@2.3.12 - graphql-http-transformer@4.15.12 - graphql-key-transformer@2.19.4 - graphql-predictions-transformer@2.3.12 - graphql-relational-schema-transformer@2.15.9 - graphql-transformer-common@4.17.4 - graphql-transformer-core@6.19.4 - graphql-transformers-e2e-tests@6.18.5 - graphql-versioned-transformer@4.15.12 commit 5884801217cd07bfcea8273a56bdf0fff21c6994 Author: Josue Ruiz Date: Wed Jul 15 11:09:58 2020 -0700 fix(cli): moving the spinner above category initialization tasks (#4836) * fix(cli): moving the spinner above category initialization tasks stopping the spinner before running category init tasks since the spinner can swallow outputs (such as questions via inquirer) re #4795 commit 89bbdb9ca661eea36d529131e5a1b8cac4a43816 Author: John Hockett Date: Wed Jul 15 10:29:44 2020 -0700 fix: Check that config object exists before creating new env (#3624) commit c9d1ff8d5f99cf558894501c12b40b6e13784575 Author: UnleashedMind Date: Tue Jul 14 22:07:56 2020 -0700 test(amplify-e2e-tests): add tests for graphql schemas in doc (#4092) * test(amplify-e2e-tests): add e2e test for schema in doc Add tests for graphql schemas in the document Amplify CLI/API(GraphQL)/Directives * minor fix * fix searchable test * split long tests * minor fix * minor fix Co-authored-by: UnleashedMind Co-authored-by: UnleashedMind commit 454fdc01f97f74fce337a25efa12950257597174 Author: Andrii Melnyk <8135246+a-melnyk@users.noreply.github.com> Date: Wed Jul 15 05:37:17 2020 +0200 fix: codegen spelling mistake (#4757) commit 79c774a8d3aa4ecb9edf7578a0f9debd9ba3efed Author: Max Scholz Date: Wed Jul 15 03:12:42 2020 +0200 fix(amplify-console-hosting): added a null check for prefix on domain (#4809) commit 1d56b40d673b257e07905d9bc1830e8f9c8495a1 Author: Josue Ruiz Date: Tue Jul 14 13:03:09 2020 -0700 fix(graphql-auth-transformer): add a time delay when creating apiKey (#4493) commit 0a6a7eabbe726d7add52b8a8811c54f7257d176f Author: Josue Ruiz Date: Tue Jul 14 10:00:55 2020 -0700 fix(graphql-connection-transformer): error if field not in relatedType (#4481) throw an invalid directive error if the primary/sort field does not exist in the related type re #4236 commit cef7351aa75f1624b8009c99464cf07d664ab57c Author: aws-amplify-bot Date: Tue Jul 14 03:00:06 2020 +0000 chore(release): Publish [ci skip] - amplify-category-analytics@2.17.3 - amplify-category-api@2.20.3 - amplify-category-auth@2.16.3 - amplify-category-function@2.21.3 - amplify-category-interactions@2.4.3 - amplify-category-notifications@2.15.12 - amplify-category-predictions@2.4.3 - amplify-category-storage@2.5.3 - amplify-category-xr@2.4.3 - @aws-amplify/cli@4.24.1 - amplify-provider-awscloudformation@4.22.3 - amplify-python-function-runtime-provider@1.2.1 - amplify-util-mock@3.22.2 - graphql-auth-transformer@6.18.4 - graphql-transformers-e2e-tests@6.18.4 commit 827c7b8df81fdae38826c94f7ac7698a8887001a Author: Josue Ruiz Date: Mon Jul 13 17:06:05 2020 -0700 fix(graphql-auth-transformer): allow auth progation to recursive types (#4788) allow auth progation to recursive types - once auth has been added to a non model type it will not re-add auth to said type re #4631 commit 28328a3d3452f34dbb649fef42211bc8849ee520 Author: Ammar <56042290+ammarkarachi@users.noreply.github.com> Date: Mon Jul 13 15:10:21 2020 -0700 fix(cli): change in usage data ux and revert usage data disable (#4791) commit 20a8dec9b4c51239760846ec94a71dc528009498 Author: John Hockett Date: Mon Jul 13 12:38:29 2020 -0700 fix: update function not loading previous selections (#4823) commit 56771d91eeed76a23a1dbf1e0d1d038070c37ad1 Author: Josue Ruiz Date: Mon Jul 13 08:28:24 2020 -0700 fix(amplify-python-function-runtime-provider): change exec to execa (#4673) changed execa, removed outputOnStderr as it's not needed for py3, remove console.log from build process since the err is thrown commit 282d1e0340dc09702ac7595203e382a015678e5d Author: aws-amplify-bot Date: Sat Jul 11 01:19:05 2020 +0000 chore(release): Publish [ci skip] - amplify-category-analytics@2.17.2 - amplify-category-api@2.20.2 - amplify-category-auth@2.16.2 - amplify-category-function@2.21.2 - amplify-category-interactions@2.4.2 - amplify-category-notifications@2.15.11 - amplify-category-predictions@2.4.2 - amplify-category-storage@2.5.2 - amplify-category-xr@2.4.2 - @aws-amplify/cli@4.24.0 - amplify-console-integration-tests@1.2.13 - amplify-e2e-core@1.2.1 - amplify-e2e-tests@2.19.1 - amplify-migration-tests@2.17.10 - amplify-provider-awscloudformation@4.22.2 commit f31057051375dcd9e04ffdc85947131eba7bc1c7 Author: UnleashedMind Date: Fri Jul 10 15:28:59 2020 -0700 ci:split test to run in multiple regions concurrently (#4797) * ci: run e2e tests in multiple regions run e2e tests in multiple region to increase concurrency * chore: test concurrency * chore: test concurrency * chore: test concurrency * more concurrency (#4775) Co-authored-by: UnleashedMind * aplit auth function api, and add more concurrency * lint * reset concurrency * reduce concurrency * reduce concurrency * remove snapshot * reduce concurrency * change regions * pinpoint * modify regions * address PR comments Co-authored-by: Yathi <511386+yuth@users.noreply.github.com> Co-authored-by: UnleashedMind Co-authored-by: UnleashedMind commit 7f38d81ef2f890c25d39b02407c5255c8760c511 Author: UnleashedMind Date: Fri Jul 10 14:05:09 2020 -0700 Revert problematic PRs (#4803) * feat(amplify-provider-awscloudformation): add region ca-central-1 * fix test * Revert "Add region ca-central-1 (#4796)" This reverts commit c8b6bd80800dcbb4c8989319cf0e71bec7da0183. * Revert "feat: add check for extra command line args provided with amplify delete (#4576)" This reverts commit 82d10933754230c311bf5f24dc1c59dfa393ce63. * Revert "perf: fulfill promises to upload files to S3 concurrently (#4575)" This reverts commit 96d1914f26507184f14371294d31b3a5e5c94954. * Revert "fix(cli): remove unnecessary stack trace log when adding services (#4610)" This reverts commit 5bee574bbcd956c032e7714b0813aedd7914a6cb. * Revert "fix test" This reverts commit 63c3c780e82b95028f9476dc8665f493f426011a. Co-authored-by: UnleashedMind commit c8b6bd80800dcbb4c8989319cf0e71bec7da0183 Author: UnleashedMind Date: Fri Jul 10 11:38:04 2020 -0700 Add region ca-central-1 (#4796) * feat(amplify-provider-awscloudformation): add region ca-central-1 * fix test Co-authored-by: UnleashedMind commit 82d10933754230c311bf5f24dc1c59dfa393ce63 Author: Nick Chaloult <31291920+nchaloult@users.noreply.github.com> Date: Fri Jul 10 12:03:26 2020 -0400 feat: add check for extra command line args provided with amplify delete (#4576) re #4115 commit 96d1914f26507184f14371294d31b3a5e5c94954 Author: Nick Chaloult <31291920+nchaloult@users.noreply.github.com> Date: Fri Jul 10 12:03:02 2020 -0400 perf: fulfill promises to upload files to S3 concurrently (#4575) fix #4158 commit d555674e4968cceab6fddd34f1b016dd57d506ea Author: akshbhu <39866697+akshbhu@users.noreply.github.com> Date: Thu Jul 9 18:51:55 2020 -0700 fix: warning added for identity pool deletion (#4731) * fix: warning added for identity pool deletion * chore: revert config.yml file * Reverted Config.yml file commit 5bee574bbcd956c032e7714b0813aedd7914a6cb Author: Sebastian Crossa Date: Thu Jul 9 15:05:10 2020 -0600 fix(cli): remove unnecessary stack trace log when adding services (#4610) commit 3e5ae0e60b1d3c52d444dcba099d4970493420ea Author: aws-amplify-bot Date: Thu Jul 9 20:24:13 2020 +0000 chore(release): Publish [ci skip] - amplify-category-analytics@2.17.1 - amplify-category-api@2.20.1 - amplify-category-auth@2.16.1 - amplify-category-function@2.21.1 - amplify-category-interactions@2.4.1 - amplify-category-notifications@2.15.10 - amplify-category-predictions@2.4.1 - amplify-category-storage@2.5.1 - amplify-category-xr@2.4.1 - @aws-amplify/cli@4.23.1 - amplify-provider-awscloudformation@4.22.1 - amplify-util-mock@3.22.1 commit 11c55e33e64d25dd198ef06fe76af7f7f402759a Author: Josue Ruiz Date: Wed Jul 8 19:56:57 2020 -0700 fix(cli): throw error on attach backend (#4779) throw pull error when running into issues on attaching backend and move spinner back until categories are initialized to show success message commit c11c6bcfe9f2f769b7650bc45b369c9889d8040d Author: Edward Foyle Date: Wed Jul 8 16:08:25 2020 -0700 fix: filter init env resources by function category (#4778) Co-authored-by: Edward Foyle commit 9b9bf316ae2ebcec651ca3c62f848cb0e409392b Author: John Hockett Date: Tue Jul 7 16:49:26 2020 -0700 fix: isMockable() handles Lambda functions without dependsOn array (#4762) commit 3cf5f914024e55904da0f782ea71bd62bfca40e3 Author: Viljami Kuosmanen Date: Tue Jul 7 21:30:25 2020 +0200 fix: validatePathName_validPath matcher (#4559) commit def0c490f43aa926c75a01d5c24e7638a12b9c00 Author: aws-amplify-bot Date: Tue Jul 7 07:24:28 2020 +0000 chore(release): Publish [ci skip] - amplify-appsync-simulator@1.21.0 - amplify-category-analytics@2.17.0 - amplify-category-api@2.20.0 - amplify-category-auth@2.16.0 - amplify-category-function@2.21.0 - amplify-category-hosting@2.4.0 - amplify-category-interactions@2.4.0 - amplify-category-notifications@2.15.9 - amplify-category-predictions@2.4.0 - amplify-category-storage@2.5.0 - amplify-category-xr@2.4.0 - @aws-amplify/cli@4.23.0 - amplify-codegen-appsync-model-plugin@1.20.0 - amplify-codegen@2.15.12 - amplify-console-hosting@1.4.0 - amplify-console-integration-tests@1.2.12 - amplify-dotnet-function-runtime-provider@1.2.0 - amplify-dotnet-function-template-provider@1.3.0 - amplify-e2e-core@1.2.0 - amplify-e2e-tests@2.19.0 - amplify-function-plugin-interface@1.4.0 - amplify-go-function-runtime-provider@1.2.0 - amplify-go-function-template-provider@1.2.0 - amplify-java-function-runtime-provider@1.2.0 - amplify-java-function-template-provider@1.2.0 - amplify-migration-tests@2.17.9 - amplify-nodejs-function-runtime-provider@1.1.0 - amplify-nodejs-function-template-provider@1.1.0 - amplify-provider-awscloudformation@4.22.0 - amplify-python-function-runtime-provider@1.2.0 - amplify-python-function-template-provider@1.2.0 - amplify-util-mock@3.22.0 commit ab4cd539559c32f836608bbe028a72e4adc07095 Author: Josue Ruiz Date: Mon Jul 6 18:30:02 2020 -0700 test(amplify-e2e-tests): remove unused deleteBucket argument (#4755) commit 2cac361439aa977eda0b92f5e4ce4a2ea4d8bb29 Author: Ammar <56042290+ammarkarachi@users.noreply.github.com> Date: Mon Jul 6 17:27:54 2020 -0700 fix(cli): disabling usage-data until new end point is enabled (#4749) commit ad5173a19ae052082ee0eda7673646f430f80223 Author: Josue Ruiz Date: Mon Jul 6 17:27:23 2020 -0700 test(amplify-console-integration-tests): fix afterEach (#4754) * test(amplify-e2e-core): add envVar toggle and allow project config pass allow delete project to pass through a project config when calling cloudformation * test(amplify-console-integration-tests): fix afterEach pass project config into delete project commit 6587bf4560a0b94aa414d74cbd03583071ef40af Author: Ammar <56042290+ammarkarachi@users.noreply.github.com> Date: Sun Jul 5 16:43:32 2020 -0700 Refactor/usage data (#4732) commit e85ddbee6ed52bdeeb21f518e85aa87031dfe465 Author: John Hockett Date: Fri Jul 3 11:25:24 2020 -0700 test: add migration test for Lambda layers (#4734) commit 20b53324a68e18e1d1922d851f09e021c8dec7a6 Author: Josue Ruiz Date: Wed Jul 1 14:54:41 2020 -0700 Allow AuthConfig to be passed into headless pull (#4684) * Allow for AuthConfig to passed into headless pull * test: updated headless pull e2e updated headless pull e2e with authConfig * remove yarn.lock from PR * test: updated console e2e moved auth headless into a seperate unit test * test: updated pull with auth config question workflow added auth config question workflow Co-authored-by: Yathi <511386+yuth@users.noreply.github.com> commit c508c137fd356c01c29053671ad7b4abe82e50aa Author: John Hockett Date: Tue Jun 30 15:32:51 2020 -0700 test: remove skipped e2e test, remove obsolete snapshot (#4721) commit c4ce4fadd257a69d3cd4f1628d2b1496a918e72e Author: Edward Foyle Date: Tue Jun 30 10:53:19 2020 -0700 fix: remove env and region from dependsOn, return resource name from addResource, update cypress test (#4715) commit e1535b72a0b9d379332fdc93238d62ea690382e3 Author: Yathi <511386+yuth@users.noreply.github.com> Date: Tue Jun 30 10:07:27 2020 -0700 test(amplify-e2e-tests): randomize ddb table name for api test (#4691) commit c55b2e0c3377127aaf887591d7bc20d7240ef11d Author: Edward Foyle Date: Mon Jun 29 23:32:57 2020 -0700 feat: Lambda layers (#4697) commit 4d217af830e04d7157d65e14f25af6c39d0315de Author: Ammar <56042290+ammarkarachi@users.noreply.github.com> Date: Mon Jun 29 20:13:43 2020 -0700 fix(cli): config init wasn't reading string (#4711) commit 11978cb42a0d5e3572eb14696703c701095e25d5 Author: Ammar <56042290+ammarkarachi@users.noreply.github.com> Date: Fri Jun 26 12:09:44 2020 -0700 test(cli): fix test check against url (#4681) commit 30a7fe70f5838a766631befcc720a721e801bc5f Author: Ammar <56042290+ammarkarachi@users.noreply.github.com> Date: Thu Jun 25 14:33:15 2020 -0700 feat(cli): usage measurement (#3641) commit 3afb335dbd82e858e5d94f739dde88bc126563c1 Author: aws-amplify-bot Date: Thu Jun 25 20:13:38 2020 +0000 chore(release): Publish [ci skip] - amplify-app@2.17.4 - amplify-category-api@2.19.8 - amplify-category-function@2.20.8 - amplify-category-predictions@2.3.14 - @aws-amplify/cli@4.22.0 - amplify-console-integration-tests@1.2.11 - amplify-e2e-core@1.1.9 - amplify-e2e-tests@2.18.5 - amplify-frontend-ios@2.13.6 - amplify-frontend-javascript@2.15.4 - amplify-migration-tests@2.17.8 - amplify-nodejs-function-runtime-provider@1.0.6 - amplify-provider-awscloudformation@4.21.1 - amplify-util-mock@3.21.3 - graphql-auth-transformer@6.18.3 - graphql-connection-transformer@4.18.3 - graphql-dynamodb-transformer@6.19.4 - graphql-elasticsearch-transformer@4.7.6 - graphql-function-transformer@2.3.11 - graphql-http-transformer@4.15.11 - graphql-key-transformer@2.19.3 - graphql-predictions-transformer@2.3.11 - graphql-relational-schema-transformer@2.15.8 - graphql-transformer-common@4.17.3 - graphql-transformer-core@6.19.3 - graphql-transformers-e2e-tests@6.18.3 - graphql-versioned-transformer@4.15.11 commit 898070f9fad1bdb665eab9e83ea80288fbbc598b Author: Yathi <511386+yuth@users.noreply.github.com> Date: Tue Jun 23 22:41:03 2020 -0700 test(amplify-e2e-tests): remove content from hosting bucket before del (#4662) Updated e2e test to remove the hosting bucket content before deleting the bucket commit a4e61d16b6ea26bd536a5dd0d0e5b48485d2d16c Author: Yathi <511386+yuth@users.noreply.github.com> Date: Tue Jun 23 17:18:54 2020 -0700 test(amplify-e2e-tests): delete hosting bucket after running test (#4652) Delete the hosting bucket after running the e2e tests commit 4afcfdf849c58e2a66116636887d06d607f71837 Author: Yathi <511386+yuth@users.noreply.github.com> Date: Tue Jun 23 17:18:15 2020 -0700 chore: update lint rule to fail on undefined variables (#4655) Updated lint rule to throw error when and undefined variable is used in code. Update the offending code to adhere to this rule commit 17d70f1c998c30c1fe0b61722c7e59b5e48b1041 Author: Yathi <511386+yuth@users.noreply.github.com> Date: Tue Jun 23 11:43:39 2020 -0700 fix(amplify-provider-awscloudformation): add missing require (#4647) Adds the missing require for fs introduced in #4398 commit ad193db03991be87a90f7c3ba1567376c2b1743b Author: Yathi <511386+yuth@users.noreply.github.com> Date: Mon Jun 22 14:25:24 2020 -0700 chore(amplify-e2e-tests): fix typo commit 73aaab1a7b1f8b2de5fa22fa1ef9aeea7de35cb4 Author: Yathi <511386+yuth@users.noreply.github.com> Date: Mon Jun 22 13:17:37 2020 -0700 Revert "fix: change scope of hashed files for AppSync (#4602)" This reverts commit 10fa9da646f4de755e2dc92cd4bb2a6319425d72. commit e9920e4d4b43ea95a0b2e0e5efd2bd12b7a291b1 Author: akshbhu <39866697+akshbhu@users.noreply.github.com> Date: Mon Jun 22 16:30:09 2020 -0700 chore: removing LGTM errors (#4637) commit 0bdbb775915f84efb863821cfa9b1b0f048a0f95 Author: Nick Chaloult <31291920+nchaloult@users.noreply.github.com> Date: Mon Jun 22 18:02:50 2020 -0400 feat: change `amplify delete` prompt default value from yes to no (#4580) re #4579 commit f4f3a2d87c2ce38cb5b34040a5465e751d35091d Author: akshbhu <39866697+akshbhu@users.noreply.github.com> Date: Mon Jun 22 13:19:31 2020 -0700 chore(amplify-provider-awscloudformation): deletes temp dir (#4398) * chore(amplify-provider-awscloudformation): deletes temp dir * chore(amplify-provider-awscloudformation): changes as per comments * chore: renames functions for clarity * chore: fixes as per comments commit bcabc528dc79ebfcd128b7e216e889dc61dd38be Author: Edward Foyle Date: Thu Jun 18 14:35:33 2020 -0700 fix: nodejs staleBuild glob (#4499) commit 748cb7a7359312e7bfede25bdb7971905df15f98 Author: Ammar <56042290+ammarkarachi@users.noreply.github.com> Date: Thu Jun 18 12:20:31 2020 -0700 Test/ios frontend delete (#4605) * test(amplify-frontend-ios): added test for deletion of ios commit fac9564dd31ab8886d5205b01bcf0c6211a53759 Author: aws-amplify-bot Date: Thu Jun 18 17:20:49 2020 +0000 chore(release): Publish [ci skip] - amplify-app@2.17.3 - amplify-category-analytics@2.16.7 - amplify-category-api@2.19.7 - amplify-category-auth@2.15.8 - amplify-category-function@2.20.7 - amplify-category-hosting@2.3.3 - amplify-category-interactions@2.3.9 - amplify-category-notifications@2.15.8 - amplify-category-predictions@2.3.13 - amplify-category-storage@2.4.7 - amplify-category-xr@2.3.8 - @aws-amplify/cli@4.21.4 - amplify-codegen-appsync-model-plugin@1.19.2 - amplify-codegen@2.15.11 - amplify-console-hosting@1.3.3 - amplify-console-integration-tests@1.2.10 - amplify-dotnet-function-template-provider@1.2.1 - amplify-e2e-core@1.1.8 - amplify-e2e-tests@2.18.4 - amplify-migration-tests@2.17.7 - amplify-nodejs-function-template-provider@1.0.4 - amplify-provider-awscloudformation@4.21.0 - amplify-util-mock@3.21.2 - graphql-auth-transformer@6.18.2 - graphql-connection-transformer@4.18.2 - graphql-dynamodb-transformer@6.19.3 - graphql-elasticsearch-transformer@4.7.5 - graphql-function-transformer@2.3.10 - graphql-http-transformer@4.15.10 - graphql-key-transformer@2.19.2 - graphql-predictions-transformer@2.3.10 - graphql-relational-schema-transformer@2.15.7 - graphql-transformer-common@4.17.2 - graphql-transformer-core@6.19.2 - graphql-transformers-e2e-tests@6.18.2 - graphql-versioned-transformer@4.15.10 commit f519e1012ae10b78d61f90bee0ac5503e995a56a Author: Nikhil Lingireddy Date: Wed Jun 17 19:00:59 2020 -0700 test: cli migration force push with key (#4603) * test: cli migration force push with key commit 10fa9da646f4de755e2dc92cd4bb2a6319425d72 Author: Attila Hajdrik Date: Wed Jun 17 17:52:21 2020 -0700 fix: change scope of hashed files for AppSync (#4602) * feat: re-enable @key enhancements feat(graphql-key-transformer): add query automatically for named keys (#4458) Automatically add query field for named queries and expose a new argument `generateQuery` to control generation of query. * fix: change scope of hashed files for AppSync Change scope of hashed files for AppSync to guarantee change detection by CloudFormation by including build artifacts of schema compilation chore: new plugin e2e test expect string commit 65fecc2fd0f13abc1657978880313dbf3143867d Author: Ammar <56042290+ammarkarachi@users.noreply.github.com> Date: Wed Jun 17 17:10:08 2020 -0700 fix(amplify-provider-awscloudformation): fixing unhandled promise (#4599) * fix(amplify-provider-awscloudformation): removed unhandled promise * fix(amplify-provider-awscloudformation): error check commit 1fc681e6588b490658e032a39b65eaf42d417be9 Author: Attila Hajdrik Date: Wed Jun 17 12:56:12 2020 -0700 chore: fix additional spelling errors (#4596) * chore: fix additional spelling errors commit eaf08e00841830e9654fea61ce901f2cb478eebe Author: Nikhil Lingireddy Date: Wed Jun 17 10:59:47 2020 -0700 fix: occurred spelling mistake (#4595) * fix: occurred spelling mistake commit 3ad26bb2a0d7beabfcfbf84d394705477682ec56 Author: Nikhil Lingireddy Date: Tue Jun 16 11:04:58 2020 -0700 fix: do not remove resources group (#4571) fix #4518 commit 7d4652be017c660379832702c6ec8eb7005d9989 Author: Michael Law <1365977+lawmicha@users.noreply.github.com> Date: Tue Jun 16 09:32:49 2020 -0700 fix(amplify-codegen-appsync-model-plugin): Support Embeddable Types for iOS (#4545) - embedded types no longer return encased in square bracket - generate schemas for non models - fix Location Schema test - updated swift presets to generate for all models, including the embedded non-models - Update packages/amplify-codegen-appsync-model-plugin/src/preset.ts - remove unsured hasDirective - rename to Embeddable - Update packages/amplify-codegen-appsync-model-plugin/src/visitors/appsync-swift-visitor.ts Co-authored-by: Yathi <511386+yuth@users.noreply.github.com> commit 543d5312823783db7794ad574d03d0ca3991c8b5 Author: Attila Hajdrik Date: Mon Jun 15 11:23:28 2020 -0700 fix: #4549 #4550 init and folder exist checks (#4553) * fix: #4549 #4550 init and folder exist checks commit 92983c4798ab4bcaf244e637686156f23e469eb7 Author: Attila Hajdrik Date: Mon Jun 15 10:39:21 2020 -0700 feat: show rest api url on amplify status (#4547) commit f45d32bc0805f498a6171b2fd3455445863d9c04 Author: Attila Hajdrik Date: Fri Jun 12 16:29:41 2020 -0700 perf: optimize appsync file upload and bucket exist check (#4533) commit 2c04c28c0f472983f54c326fc5cbc2017574ea59 Author: aws-amplify-bot Date: Thu Jun 11 06:47:16 2020 +0000 chore(release): Publish [ci skip] - amplify-app@2.17.2 - amplify-category-api@2.19.6 - amplify-category-function@2.20.6 - amplify-category-predictions@2.3.12 - @aws-amplify/cli@4.21.3 - amplify-console-integration-tests@1.2.9 - amplify-e2e-core@1.1.7 - amplify-e2e-tests@2.18.3 - amplify-frontend-ios@2.13.5 - amplify-migration-tests@2.17.6 - amplify-provider-awscloudformation@4.20.4 - amplify-util-mock@3.21.1 - graphql-auth-transformer@6.18.1 - graphql-connection-transformer@4.18.1 - graphql-dynamodb-transformer@6.19.2 - graphql-elasticsearch-transformer@4.7.4 - graphql-function-transformer@2.3.9 - graphql-http-transformer@4.15.9 - graphql-key-transformer@2.19.1 - graphql-predictions-transformer@2.3.9 - graphql-relational-schema-transformer@2.15.6 - graphql-transformer-common@4.17.1 - graphql-transformer-core@6.19.1 - graphql-transformers-e2e-tests@6.18.1 - graphql-versioned-transformer@4.15.9 commit 1d1b104e23b5cdbb451556bc76e4d111ae1c99b6 Author: Nikhil Lingireddy Date: Wed Jun 10 20:07:15 2020 -0700 fix: do not delete if generated filename is empty (#4528) commit adc8e9f77964ad98d9703663ab4cbb40f9292872 Author: Yathi <511386+yuth@users.noreply.github.com> Date: Wed Jun 10 00:20:35 2020 -0700 chore: remove missing test from e2e (#4514) commit 6d3123bfe3ba412d3b1af076e550e6733c988c8f Author: Yathi <511386+yuth@users.noreply.github.com> Date: Wed Jun 10 00:04:53 2020 -0700 revert: add query automatically for named keys (#4513) commit cf566423a25651023ca9d290a7f30abb23726135 Author: aws-amplify-bot Date: Wed Jun 10 00:53:19 2020 +0000 chore(release): Publish [ci skip] - amplify-category-api@2.19.5 - amplify-category-function@2.20.5 - amplify-category-hosting@2.3.2 - amplify-category-predictions@2.3.11 - @aws-amplify/cli@4.21.2 - amplify-codegen-appsync-model-plugin@1.19.1 - amplify-codegen@2.15.10 - amplify-console-integration-tests@1.2.8 - amplify-e2e-core@1.1.6 - amplify-e2e-tests@2.18.2 - amplify-graphql-types-generator@2.3.5 - amplify-migration-tests@2.17.5 - amplify-nodejs-function-runtime-provider@1.0.5 - amplify-nodejs-function-template-provider@1.0.3 - amplify-provider-awscloudformation@4.20.3 - amplify-util-mock@3.21.0 - graphql-auth-transformer@6.18.0 - graphql-connection-transformer@4.18.0 - graphql-dynamodb-transformer@6.19.1 - graphql-elasticsearch-transformer@4.7.3 - graphql-function-transformer@2.3.8 - graphql-http-transformer@4.15.8 - graphql-key-transformer@2.19.0 - graphql-predictions-transformer@2.3.8 - graphql-relational-schema-transformer@2.15.5 - graphql-transformer-common@4.17.0 - graphql-transformer-core@6.19.0 - graphql-transformers-e2e-tests@6.18.0 - graphql-versioned-transformer@4.15.8 commit a0a39727b477954c6c13ab519aa998addbe729a8 Author: John Pignata Date: Tue Jun 9 13:17:47 2020 -0400 fix(amplify-codegen-appsync-model-plugin): Add delimiter in Android `toString` output (#4463) * fix(amplify-codegen-appsync-model-plugin): Add delimiter in Android `toString` output commit d28083b83a4a301980affe5aedef316374f39508 Author: Benoît Bouré Date: Tue Jun 9 19:14:51 2020 +0200 fix(amplify-nodejs-function-runtime-provider): unhandled errors (#4418) commit 7dac5eac1c47818451da274573436cfbb4b9eadb Author: Edward Foyle Date: Mon Jun 8 20:03:57 2020 -0700 fix: remove deprecated use of context.done() and context.succeed() (#4206) Co-authored-by: Edward Foyle commit b5de093cb0c387ac7f902498727af2c1111a77ca Author: starpebble <33634622+starpebble@users.noreply.github.com> Date: Mon Jun 8 18:41:50 2020 -0400 perf(amplify-category-hosting): http2 for cloudfront distconfig (#3616) * perf(amplify-category-hosting): faster http2 in cloudfront distconfig Address version of http for Cloudfront distribution configuration, selecting http2. * test(amplify-e2e-tests): add e2e tests for PROD hosting * test(amplify-e2e-tests): add e2e tests for hosting PROD setup add e2e tests for hosting PROD setup, and check that CloudFront distribution configuration set the httpVersion to http2 Co-authored-by: Zhou commit 6be33e16a8a8ba52cbf717d4e299d7321d9ad400 Author: Attila Hajdrik Date: Mon Jun 8 11:57:48 2020 -0700 fix: sort direction argument for lists and queries (#4459) * fix: add sortDirection validations and tests * test: update snapshot * test: add e2e test for validation messages commit ec39eee3a8dcd0a0f1ad9e4271bd02956178c3a1 Author: John Hockett Date: Mon Jun 8 11:09:55 2020 -0700 test: fix api test to use selectTemplate function (#4482) * test: fix api test to use selectTemplate function Changing the default function template affected api test. It now uses the now exported selectTemplate function to select the correct template. * fix: removed unused import * test: update circleci test to use correct function template commit 3d194f805dcbd6325ddf78155c4327dbca3e7f4a Author: Yathi <511386+yuth@users.noreply.github.com> Date: Mon Jun 8 10:54:53 2020 -0700 feat(graphql-key-transformer): add query automatically for named keys (#4458) Automatically add query field for named queries and expose a new argument `generateQuery` to control generation of query. commit 1c60b2ba617ccba625c1a6cf56840a9eedad4fb5 Author: John Hockett Date: Sat Jun 6 10:41:31 2020 -0700 fix: make Hello World the default choice for function templates (#4466) commit 8f4bab62bce68029a04b8d15c19746e4562f7596 Author: Attila Hajdrik Date: Fri Jun 5 22:33:29 2020 -0700 fix: #3096 - glob *template*.+(yaml|yml|json) files only as cfn template (#4478) * fix: #3096 - glob *template*.+(yaml|yml|json) files only as cfn template commit 493e631b51643ab22e7497591464e882a1bba7df Author: Attila Hajdrik Date: Fri Jun 5 13:25:20 2020 -0700 fix: #3910 - propagate non-model auth to nested types (#4477) commit 4e49e0cb7c8d389a41cc3e78d5a8f021afb4f691 Author: Frederik Prijck Date: Fri Jun 5 17:55:45 2020 +0200 fix(amplify-graphql-types-generator): use zen-observable-ts (#4415) * fix(amplify-graphql-types-generator): use zen-observable-ts commit 55dbfa2de13eb9abb6d9b9faa6247d6a57177ddc Author: Nikhil Lingireddy Date: Thu Jun 4 19:01:30 2020 -0400 ci: make deploy require migration tests to pass (#4470) commit 44f2e36447ea01b32b95e8d930cc4bec7d138587 Author: Ammar <56042290+ammarkarachi@users.noreply.github.com> Date: Thu Jun 4 11:32:04 2020 -0700 test(amplify-e2e-tests): adding timeout after deleting pinpoint app (#4457) * test(amplify-e2e-tests): adding timeout after deleting pinpoint app commit 073d9c99469afc322d14d5bc51e44127c258266b Author: Attila Hajdrik Date: Wed Jun 3 08:57:49 2020 -0700 chore: update codecov package, refresh yarn.lock (#4447) * chore: update codecov package, refresh yarn.lock * chore: exclude function package output libs from linting commit 24e6d14c8561d63d4dbe34f5b1f8afe7b2d1cea4 Author: aws-amplify-bot Date: Tue Jun 2 20:44:35 2020 +0000 chore(release): Publish [ci skip] - amplify-appsync-simulator@1.20.3 - amplify-category-api@2.19.4 - amplify-category-function@2.20.4 - amplify-category-predictions@2.3.10 - @aws-amplify/cli@4.21.1 - amplify-console-integration-tests@1.2.7 - amplify-e2e-core@1.1.5 - amplify-e2e-tests@2.18.1 - amplify-migration-tests@2.17.4 - amplify-provider-awscloudformation@4.20.2 - amplify-util-mock@3.20.2 - graphql-auth-transformer@6.17.0 - graphql-connection-transformer@4.17.2 - graphql-dynamodb-transformer@6.19.0 - graphql-elasticsearch-transformer@4.7.2 - graphql-function-transformer@2.3.7 - graphql-http-transformer@4.15.7 - graphql-key-transformer@2.18.0 - graphql-predictions-transformer@2.3.7 - graphql-relational-schema-transformer@2.15.4 - graphql-transformer-common@4.16.0 - graphql-transformer-core@6.18.2 - graphql-transformers-e2e-tests@6.17.0 - graphql-versioned-transformer@4.15.7 commit c0a4f8889fc363bb9c9d08ff822c591874777f7b Author: Yathi <511386+yuth@users.noreply.github.com> Date: Mon Jun 1 12:26:57 2020 -0700 feat(graphql-key-transformer): auto population of id and timestamp (#4382) Added support for auto population of id, createdAt and updatedAt fields even when they are part of the primary key commit a74c2f80864adae0cbabce1df342a40b762ba5a7 Author: Filip Pýrek Date: Sat May 30 21:04:47 2020 +0200 fix(amplify-appsync-simulator): replace "extend" with "_.defaultsDeep" (#4285) Replace "extend" library with "defaultsDeep" function from lodash PR #4285 commit 72d403937b8ab5a298d35910c061e0c10c5c43ce Author: Benoît Bouré Date: Fri May 29 20:32:26 2020 +0200 fix(amplify-appsync-simulator): after pipeline template mapping (#4303) commit 709491fe720c76440ba1c364e7afe7688978c9a5 Author: Josue Ruiz Date: Thu May 28 19:32:37 2020 -0700 test(graphql-transformers-e2e-tests): fix typo on mutation functions (#4403) commit 15eac8454e0455cd402776308a2716ac406bacbb Author: Josue Ruiz Date: Thu May 28 14:07:31 2020 -0700 fix(graphql-auth-transformer): use read to allow subscriptions (#4340) * fix(graphql-auth-transformer): use read to allow subscriptions re #3777 re #4182 re #4137 * updated e2e to include onUpdate and onDelete commit a29d427dc23f82f04d4e7b79402dd9642591e759 Author: Edward Foyle Date: Thu May 28 11:11:24 2020 -0700 fix: add custom enum filter to connection filter (#4269) commit 129ec941df39eb5aa600a89de195fe3eeef13c4f Author: Edward Foyle Date: Thu May 28 11:10:48 2020 -0700 fix: remove permissions from meta files on func update (#4287) commit 4c0c692fa6cab2e8461f20099581ff8d7d7504f8 Author: Rick Date: Thu May 28 00:04:23 2020 +0800 fix(amplify-appsync-simulator): adds equals method to JavaString class (#4316) equals method is required for VTL functionality present in the console that is currently missing in the simulator commit 858112e75fab7628b9a0f9cd95c08ff571dc707d Author: Nikhil Lingireddy Date: Tue May 26 19:39:58 2020 -0400 chore: symlink amplify-app-dev (#4380) commit 73d939e42845b885c1d38b27621722ef860eed21 Author: aws-amplify-bot Date: Tue May 26 22:23:08 2020 +0000 chore(release): Publish [ci skip] - amplify-app@2.17.1 commit c908891e8408e1285b31e962c898e7e5072ec339 Author: Nikhil Lingireddy Date: Tue May 26 12:39:13 2020 -0400 fix: update amplify app package dependencies to latest (#4374) * fix: update amplify app package dependencies to latest commit e68ae1add5a97215d4ae0e5a2b238cb5737c6b77 Author: aws-amplify-bot Date: Tue May 26 14:45:53 2020 +0000 chore(release): Publish [ci skip] - amplify-app@2.17.0 - amplify-category-analytics@2.16.6 - amplify-category-api@2.19.3 - amplify-category-auth@2.15.7 - amplify-category-function@2.20.3 - amplify-category-interactions@2.3.8 - amplify-category-notifications@2.15.7 - amplify-category-predictions@2.3.9 - amplify-category-storage@2.4.6 - amplify-category-xr@2.3.7 - @aws-amplify/cli@4.21.0 - amplify-codegen-appsync-model-plugin@1.19.0 - amplify-codegen@2.15.9 - amplify-console-integration-tests@1.2.6 - amplify-e2e-core@1.1.4 - amplify-e2e-tests@2.18.0 - amplify-frontend-android@2.13.4 - amplify-frontend-ios@2.13.4 - amplify-migration-tests@2.17.3 - amplify-provider-awscloudformation@4.20.1 - amplify-util-mock@3.20.1 - graphql-auth-transformer@6.16.1 - graphql-connection-transformer@4.17.1 - graphql-dynamodb-transformer@6.18.1 - graphql-elasticsearch-transformer@4.7.1 - graphql-function-transformer@2.3.6 - graphql-http-transformer@4.15.6 - graphql-key-transformer@2.17.1 - graphql-predictions-transformer@2.3.6 - graphql-transformer-core@6.18.1 - graphql-transformers-e2e-tests@6.16.1 - graphql-versioned-transformer@4.15.6 commit f23efdc5565292b4577584c31d123a48fb15f638 Author: Zhou Date: Fri May 22 12:16:29 2020 -0700 bump amplify-frontend-javascript version commit c1cfde4858c4b60ee0e48a46b7c4a79ff4762fd4 Author: Zhou Date: Fri May 22 11:35:52 2020 -0700 change amplify-app package reference commit f6016bf3d5b0b3e461fb4549229c176e0c558669 Author: Zhou Date: Fri May 22 10:29:20 2020 -0700 bump amplify-frontend-android version commit c522f295304410aeb1d6f60aaba9b466d3304ee1 Author: Josue Ruiz Date: Thu May 21 15:19:48 2020 -0700 fix(amplify-category-api): toggle datastore in update (#4276) * fix(amplify-category-api): toggle datastore in update added option to toggle datastore for the api re #4058 * remove authConfig logic check * test(amplify-e2e-tests): add e2e for datastore toggle update commit 9800384efff53a57973105508482cad945523727 Author: Andrei Alecu Date: Thu May 21 22:22:02 2020 +0300 fix(graphql-connection-transformer): limit was not respected (#4021) * fix(graphql-connection-transformer): limit was not respected When using `@connection(fields: [...], limit: 999)` the limit wouldn't be respected. This PR fixes it. * test: use constant * added limit test in new connection e2e Co-authored-by: Josue Ruiz commit f74a45d0eb94e180440b2639211e43eafacee43e Author: Nikhil Lingireddy Date: Wed May 20 21:56:56 2020 -0400 fix: fix amplify-app ios when not in xcode project (#4344) commit b26c40f433d7d703878b6df25dd312f5de34afdb Author: Yathi <511386+yuth@users.noreply.github.com> Date: Wed May 20 15:48:39 2020 -0700 refactor(amplify-codegen-appsync-model-plugin): swift AWSDate->Temporal Changed AWSDate* type to Temporal namespaced types commit 696d7ac26a3e58019a91fd86be5f56dfb6702f1f Author: Yathi <511386+yuth@users.noreply.github.com> Date: Wed May 20 14:50:12 2020 -0700 refactor(amplify-codegen-appsync-model-plugin): use custom date scalars Changed AWSDate* scalar to generate Temporal.Date* types in Java commit 808e36ec763f33fd497fa56850811abd6c0c77f8 Author: akshbhu <39866697+akshbhu@users.noreply.github.com> Date: Wed May 20 17:34:23 2020 -0700 fix(amplify-util-mock): fixes #3319 java version check (#3511) * fixes Cron e2e tests and week Cron expr * fix(amplify-util-mock): fixes aws-amplify#3317 java version check * fix(amplify-util-mock): fixes aws-amplify#3319 java version check * removed yarn.lock and package.json files * fix(amplify-util-mock): added java version check * fix(amplify-util-mock): removes old versions commit 73f3eabc11def219faa1724fee93ce171949e40f Author: Daniel Rochetti Date: Wed May 20 16:24:33 2020 -0700 feat(amplify-app): group amplify files in xcode integration (#4268) * feat(amplify-app): group amplify files in xcode integration commit 17ac344d7096470e698b26d68d8c586446190352 Author: Yathi <511386+yuth@users.noreply.github.com> Date: Wed May 20 15:05:04 2020 -0700 feat(amplify-codegen-appsync-model-plugin): iOS add suport for auth (#4329) Updated model gen to add authRules when @auth directive is used in schema A schema with @auth directive type Post @model @auth(rules: [{ allow: owner }]) { id: ID! title: String! owner: String! } will generate the following authRule in Post+schema.swift import Amplify import Foundation extension Post { public static let schema = defineSchema { model in let post = Post.keys model.authRules = [ rule(allow: .owner, ownerField: "owner", identityClaim: "cognito:username", operations: [.create, .update, .delete, .read]) ] model.pluralName = "Posts" } } commit 39870f1f01a60d3bcfc0a3a0c797a51af2826195 Author: Ammar <56042290+ammarkarachi@users.noreply.github.com> Date: Tue May 19 13:08:19 2020 -0700 test(amplify-e2e-tests): removed amplify app tests (#4325) commit b4eb1733139f24612fd89c046582b14a2e643227 Author: Ammar <56042290+ammarkarachi@users.noreply.github.com> Date: Tue May 19 12:25:13 2020 -0700 Revert "test(amplify-e2e-tests):test uncommented (#3742)" (#4324) This reverts commit deb668c1e58ee1b0b18c777855941a22d6684706. commit deb668c1e58ee1b0b18c777855941a22d6684706 Author: Ammar <56042290+ammarkarachi@users.noreply.github.com> Date: Tue May 19 10:40:43 2020 -0700 test(amplify-e2e-tests):test uncommented (#3742) commit 6e5d1bbb013a80e1e3e1ef6c7c44ebb154a6e11c Author: Ammar <56042290+ammarkarachi@users.noreply.github.com> Date: Mon May 18 21:31:33 2020 -0700 ci: adding stale.yml file with question and pending-triage (#4308) * ci: adding stale.yml file with question, pending-triage and documentations commit eacaa96038ce109e8491bf9cdabb6ac8de3c02d6 Author: Nikhil Lingireddy Date: Mon May 18 19:58:21 2020 -0400 refactor: copy awsconfig into amplifyconfig (#4215) * refactor: copy awsconfig into amplifyconfig commit 329261b698dcd876dbc5723d62a0100461d1e461 Author: Josue Ruiz Date: Mon May 18 13:31:52 2020 -0700 test(amplify-e2e-tests): change delete env expect prompt (#4305) commit 432a38cadf2d4b9ee5bd6ca8da8a6bf2d9074ccd Author: Josue Ruiz Date: Sat May 16 13:40:36 2020 -0700 searchable e2e fix (#4295) * test(graphql-transformers-e2e-tests): fixed e2e typo * test(graphql-transformers-e2e-tests): fix searchable datastore e2e commit 4322a326df8c5c0a89de5f5e8f46bcfd4e1ad770 Author: John Hockett Date: Sat May 16 13:06:08 2020 -0700 fix: deleted extra carriageReturn calls, fixed grammar in Auth dx (#4237) commit 94c9efa0e0fd7a66c10f18c7bbdc24dcb1d40c16 Author: Ammar <56042290+ammarkarachi@users.noreply.github.com> Date: Sat May 16 13:00:32 2020 -0700 ci: disabling stale bot (#4289) commit 56232a78f4d1f708d7dce5a093f41b015e4e7cad Author: Josue Ruiz Date: Sat May 16 08:15:27 2020 -0700 test(graphql-transformers-e2e-tests): fixed e2e typo (#4293) commit f57f8242f18c79d48b751e29952e3cdd21409f98 Author: Yathi <511386+yuth@users.noreply.github.com> Date: Fri May 15 21:37:42 2020 -0700 fix(graphql-elasticsearch-transformer): support del in sync enabled API (#4281) * fix(graphql-elasticsearch-transformer): support del in sync enabled API AppSync does an soft delete an API is sync enabled. Streaming lambda function should delete this from index when its a soft delete fix #4228 * fix(graphql-transformer-core): edit DataStore Enable Check projects with models defined are also considered datastore enabled * fix(graphql-auth-transformer): fix datastore + es + auth account for datastore versioning in the auth resolver as well * fix(graphql-elasticsearch-transformer): fix updates/deletes with es + ds account for _ttl and _version fields when streaming to es re #4228 * change source for authExpression on Lists Co-authored-by: SwaySway commit cf0c528d9763e6a9b525893acbf609e2aa4c6495 Author: UnleashedMind Date: Fri May 15 16:30:44 2020 -0700 fix(cli): update the warning message for delete command (#4288) * fix(cli): update the warning message for delete command * text update Co-authored-by: Zhou commit eaa9bcf46c21d4ac4879919d1cadf264ecbb8eef Author: Ammar <56042290+ammarkarachi@users.noreply.github.com> Date: Fri May 15 12:35:30 2020 -0700 fix(amplify-util-mock): loading resources from amplify-meta (#4194) Loading resources from Amplify Meta if not found from CFN #4085 #4012 commit 7f3dc48fa158cdba6d3282fbb856d879f3784b8b Author: Yathi <511386+yuth@users.noreply.github.com> Date: Fri May 15 09:36:34 2020 -0700 fix(amplify-util-mock): fix inifinte reload on windows (#4270) Mock kept on triggering reload on windows even when there were no changes to the API. Added additional check to ensure reload happens only if the actual content in the file has changed fix #2736 commit db9f9635a5c0aab0bf5db8100d6cb709e91da0cd Author: Ammar <56042290+ammarkarachi@users.noreply.github.com> Date: Fri May 15 04:32:48 2020 -0700 test(amplify-e2e-tests): added test for creating roles with long envname (#4267) commit 9b12ce51673cdd8e364a96fb3cc07f938dd87309 Author: aws-amplify-bot Date: Fri May 15 01:21:42 2020 +0000 chore(release): Publish [ci skip] - amplify-appsync-simulator@1.20.2 - amplify-category-analytics@2.16.5 - amplify-category-api@2.19.2 - amplify-category-auth@2.15.6 - amplify-category-function@2.20.2 - amplify-category-interactions@2.3.7 - amplify-category-notifications@2.15.6 - amplify-category-predictions@2.3.8 - amplify-category-storage@2.4.5 - amplify-category-xr@2.3.6 - @aws-amplify/cli@4.20.0 - amplify-codegen-appsync-model-plugin@1.18.0 - amplify-codegen@2.15.8 - amplify-console-hosting@1.3.2 - amplify-console-integration-tests@1.2.5 - amplify-dotnet-function-runtime-provider@1.1.1 - amplify-e2e-core@1.1.3 - amplify-e2e-tests@2.17.3 - amplify-frontend-javascript@2.15.3 - amplify-graphql-types-generator@2.3.4 - amplify-migration-tests@2.17.2 - amplify-nodejs-function-runtime-provider@1.0.4 - amplify-provider-awscloudformation@4.20.0 - amplify-util-mock@3.20.0 - graphql-auth-transformer@6.16.0 - graphql-connection-transformer@4.17.0 - graphql-dynamodb-transformer@6.18.0 - graphql-elasticsearch-transformer@4.7.0 - graphql-function-transformer@2.3.5 - graphql-http-transformer@4.15.5 - graphql-key-transformer@2.17.0 - graphql-predictions-transformer@2.3.5 - graphql-transformer-core@6.18.0 - graphql-transformers-e2e-tests@6.16.0 - graphql-versioned-transformer@4.15.5 commit cb533c69aaddd6d2f38a7152f4471f2074cd8198 Author: Benoît Bouré Date: Thu May 14 19:21:16 2020 +0200 fix(amplify-util-mock): non-promise lambda failing (#4203) commit fdad9baa5cdf76305c71c58fec3405cb7303403b Merge: 334c8e91f 3943f9b67 Author: Florian Chazal Date: Thu Mar 26 09:45:13 2020 +0100 Merge branch 'master' into master commit 334c8e91f36808e236e830e04b6ce295f0f1d828 Author: Florian CHAZAL Date: Wed Feb 12 18:56:30 2020 +0100 feat(auth): enable automatic setup of a generic OpenID Connect Provider Instead of updating manually the generated cloud formation, this PR enable the automatic setup of a generic OpenID Connect Provider. Tested with Azure Connect and internal company OpenID Connect provider #177 Co-authored-by: flochaz Co-authored-by: arledesma --- .../auth-template.yml.ejs | 13 +- .../question-factories/core-questions.test.js | 2 + .../assets/cognito-defaults.js | 2 + .../awscloudformation/assets/string-maps.js | 48 ++- .../awscloudformation/constants.ts | 21 ++ .../provider-utils/awscloudformation/index.js | 3 + .../question-factories/core-questions.js | 23 +- .../service-walkthrough-types.ts | 3 + .../service-walkthroughs/auth-questions.js | 159 ++++++++-- .../utils/auth-request-adaptors.ts | 10 +- .../src/provider-utils/supported-services.ts | 291 ++++++++++++++++++ .../headless_init_env_auth.sh | 4 +- .../__tests__/pullAndInit.test.ts | 4 + .../src/pullAndInit/pullProject.ts | 5 + .../amplify-e2e-core/src/categories/auth.ts | 138 ++++++++- .../amplify-e2e-core/src/utils/envVars.ts | 43 ++- packages/amplify-e2e-tests/sample.env | 8 +- .../schemas/auth/1/AddAuthRequest.schema.json | 6 +- .../src/interface/auth/add.ts | 4 +- packages/amplify-migration-tests/sample.env | 6 + 20 files changed, 742 insertions(+), 51 deletions(-) diff --git a/packages/amplify-category-auth/resources/cloudformation-templates/auth-template.yml.ejs b/packages/amplify-category-auth/resources/cloudformation-templates/auth-template.yml.ejs index 2b0e184271c..53dcd9e2994 100644 --- a/packages/amplify-category-auth/resources/cloudformation-templates/auth-template.yml.ejs +++ b/packages/amplify-category-auth/resources/cloudformation-templates/auth-template.yml.ejs @@ -175,7 +175,7 @@ Resources: RequireNumbers: <%= props.passwordPolicyCharacters.includes('Requires Numbers') %> RequireSymbols: <%= props.passwordPolicyCharacters.includes('Requires Symbols') %> RequireUppercase: <%= props.passwordPolicyCharacters.includes('Requires Uppercase') %> - <% if (props.usernameAttributes && props.usernameAttributes !== 'username') { %> + <% if (props.usernameAttributes && !props.usernameAttributes.includes('username')) { %> UsernameAttributes: !Ref usernameAttributes <% } %> <% if (props.aliasAttributes && props.aliasAttributes.length > 0) { %> @@ -596,6 +596,13 @@ Resources: - ' let providerCredsIndex = hostedUIProviderCreds.findIndex((provider) => provider.ProviderName === providerName);' - ' let providerCreds = hostedUIProviderCreds[providerCredsIndex];' - ' let requestParams = {' + - ' ProviderDetails: {' + - ' ''client_id'': providerCreds.client_id,' + - ' ''client_secret'': providerCreds.client_secret,' + - ' ''oidc_issuer'': providerMeta.oidc_issuer,' + - ' ''attributes_request_method'': providerMeta.attributes_request_method,' + - ' ''authorize_scopes'': providerMeta.authorize_scopes' + - ' },' - ' ProviderName: providerMeta.ProviderName,' - ' UserPoolId: userPoolId,' - ' AttributeMapping: providerMeta.AttributeMapping,' @@ -1237,4 +1244,8 @@ Outputs : AppleWebClient: Value: !Ref appleAppId <% } %> + <%if (props.oidcAppId) { %> + OIDCWebClient: + Value: !Ref oidcAppId + <% } %> <% } %> diff --git a/packages/amplify-category-auth/src/__tests__/provider-utils/awscloudformation/question-factories/core-questions.test.js b/packages/amplify-category-auth/src/__tests__/provider-utils/awscloudformation/question-factories/core-questions.test.js index 5f9c1de771e..c00c2b9f912 100644 --- a/packages/amplify-category-auth/src/__tests__/provider-utils/awscloudformation/question-factories/core-questions.test.js +++ b/packages/amplify-category-auth/src/__tests__/provider-utils/awscloudformation/question-factories/core-questions.test.js @@ -218,6 +218,7 @@ describe('When generating auth questions...', () => { mockAmplify.getWhen.mockReturnValue(() => true); input.map = 'mappedOptions3'; input.requiredOptions = ['mappedOptions2']; + input.requiredOptionsMsg = 'required'; currentAnswers.mappedOptions2 = 'value2'; input.type = 'list'; const res = coreQuestions.parseInputs(input, mockAmplify, defaultFileName, stringMapsFileName, currentAnswers, mockContext); @@ -228,6 +229,7 @@ describe('When generating auth questions...', () => { it('should remove required options from the choices presented to the user (updatingAuth variant)', () => { mockAmplify.getWhen.mockReturnValue(() => true); input.map = 'mappedOptions3'; + input.requiredOptionsMsg = 'required'; input.requiredOptions = ['mappedOptions2']; Object.assign(mockContext, { updatingAuth: { mappedOptions2: 'value2' } }); input.type = 'list'; diff --git a/packages/amplify-category-auth/src/provider-utils/awscloudformation/assets/cognito-defaults.js b/packages/amplify-category-auth/src/provider-utils/awscloudformation/assets/cognito-defaults.js index e94f9450270..7b15c65fb48 100644 --- a/packages/amplify-category-auth/src/provider-utils/awscloudformation/assets/cognito-defaults.js +++ b/packages/amplify-category-auth/src/provider-utils/awscloudformation/assets/cognito-defaults.js @@ -43,6 +43,8 @@ const userPoolDefaults = projectName => { userpoolClientReadAttributes: ['email'], userpoolClientLambdaRole: `${projectNameTruncated}_userpoolclient_lambda_role`, userpoolClientSetAttributes: false, + OIDCAdditionalScope: false, + OIDCAdditionalMapping: false }; }; diff --git a/packages/amplify-category-auth/src/provider-utils/awscloudformation/assets/string-maps.js b/packages/amplify-category-auth/src/provider-utils/awscloudformation/assets/string-maps.js index 87a4cde193a..af740d158fb 100644 --- a/packages/amplify-category-auth/src/provider-utils/awscloudformation/assets/string-maps.js +++ b/packages/amplify-category-auth/src/provider-utils/awscloudformation/assets/string-maps.js @@ -136,6 +136,7 @@ const attributeProviderMap = { facebook: {}, google: {}, loginwithamazon: {}, + oidc: {}, signinwithapple: {}, }, birthdate: { @@ -148,6 +149,7 @@ const attributeProviderMap = { scope: 'profile', }, loginwithamazon: {}, + oidc: {}, signinwithapple: {}, }, email: { @@ -163,6 +165,7 @@ const attributeProviderMap = { attr: 'email', scope: 'profile', }, + oidc: {}, signinwithapple: { attr: 'email', scope: 'email', @@ -178,6 +181,7 @@ const attributeProviderMap = { scope: 'profile', }, loginwithamazon: {}, + oidc: {}, signinwithapple: { attr: 'lastName', scope: 'name', @@ -193,6 +197,7 @@ const attributeProviderMap = { scope: 'profile', }, loginwithamazon: {}, + oidc: {}, signinwithapple: {}, }, given_name: { @@ -205,6 +210,7 @@ const attributeProviderMap = { scope: 'profile', }, loginwithamazon: {}, + oidc: {}, signinwithapple: { attr: 'firstName', scope: 'name', @@ -217,6 +223,7 @@ const attributeProviderMap = { attr: 'postal_code', scope: 'postal_code', }, + oidc: {}, signinwithapple: {}, }, middle_name: { @@ -226,6 +233,7 @@ const attributeProviderMap = { }, google: {}, loginwithamazon: {}, + oidc: {}, signinwithapple: {}, }, name: { @@ -241,12 +249,14 @@ const attributeProviderMap = { attr: 'name', scope: 'profile', }, + oidc: {}, signinwithapple: {}, }, nickname: { facebook: {}, google: {}, loginwithamazon: {}, + oidc: {}, signinwithapple: {}, }, phone_number: { @@ -256,6 +266,7 @@ const attributeProviderMap = { scope: 'profile', }, loginwithamazon: {}, + oidc: {}, signinwithapple: {}, }, picture: { @@ -268,30 +279,35 @@ const attributeProviderMap = { scope: 'profile', }, loginwithamazon: {}, + oidc: {}, signinwithapple: {}, }, preferred_username: { facebook: {}, google: {}, loginwithamazon: {}, + oidc: {}, signinwithapple: {}, }, profile: { facebook: {}, google: {}, loginwithamazon: {}, + oidc: {}, signinwithapple: {}, }, zoneinfo: { facebook: {}, google: {}, loginwithamazon: {}, + oidc: {}, signinwithapple: {}, }, website: { facebook: {}, google: {}, loginwithamazon: {}, + oidc: {}, signinwithapple: {}, }, username: { @@ -307,6 +323,7 @@ const attributeProviderMap = { attr: 'user_id', scope: 'profile:user_id', }, + oidc: {}, signinwithapple: {}, }, updated_at: { @@ -316,6 +333,7 @@ const attributeProviderMap = { }, google: {}, loginwithamazon: {}, + oidc: {}, signinwithapple: {}, }, }; @@ -391,6 +409,11 @@ const coreAttributes = [ }, ]; +const attributesRequestMethod = [ + 'POST', + 'GET' +]; + const aliasAttributes = [ { name: 'Email', @@ -455,6 +478,10 @@ const hostedUIProviders = [ name: 'Login With Amazon', value: 'LoginWithAmazon', }, + { + name: 'Open ID Connect (OIDC)', + value: 'OIDC', + }, { name: 'Sign in with Apple', value: 'SignInWithApple', @@ -475,19 +502,19 @@ const authorizeScopes = [ const signInOptions = [ { name: 'Username', - value: 'username', + value: ['username'], }, { name: 'Email', - value: 'email', + value: ['email'], }, { name: 'Phone Number', - value: 'phone_number', + value: ['phone_number'], }, { name: 'Email or Phone Number', - value: 'email, phone_number', + value: ['email', 'phone_number'], }, ...learnMoreOption, ]; @@ -615,6 +642,17 @@ const disableOptionsOnEdit = () => { const getAllMaps = edit => { if (edit) { disableOptionsOnEdit(); + // Inject OIDC mapping + if(edit.oidcAttributesMapping ){ + let oidcAttributesMapping = JSON.parse(edit.oidcAttributesMapping); + let newMap = {}; + Object.keys(oidcAttributesMapping).map( + cognitoAttributeName => { + newMap[cognitoAttributeName] = attributeProviderMap[cognitoAttributeName]; + newMap[cognitoAttributeName]['oidc'] = { 'attr': oidcAttributesMapping[cognitoAttributeName] }; + }); + Object.assign(attributeProviderMap, newMap); + } } return { aliasAttributes, @@ -633,6 +671,7 @@ const getAllMaps = edit => { oAuthFlows, oAuthScopes, authorizeScopes, + attributesRequestMethod, attributeProviderMap, updateFlowMap, capabilities, @@ -658,6 +697,7 @@ module.exports = { authorizeScopes, oAuthFlows, oAuthScopes, + attributesRequestMethod, messages, attributeProviderMap, updateFlowMap, diff --git a/packages/amplify-category-auth/src/provider-utils/awscloudformation/constants.ts b/packages/amplify-category-auth/src/provider-utils/awscloudformation/constants.ts index 977ff1084c7..3633d313f06 100644 --- a/packages/amplify-category-auth/src/provider-utils/awscloudformation/constants.ts +++ b/packages/amplify-category-auth/src/provider-utils/awscloudformation/constants.ts @@ -11,6 +11,13 @@ export const ENV_SPECIFIC_PARAMS = [ 'facebookAppId', 'facebookAppIdUserPool', 'facebookAppSecretUserPool', + 'oidcAppId', + 'oidcAppIdUserPool', + 'oidcAppSecretUserPool', + 'oidcAppOIDCIssuer', + 'oidcAppOIDCAttributesRequestMethod', + 'oidcAttributesMapping', + 'oidcAppOIDCAuthorizeScopes', 'googleClientId', 'googleIos', 'googleAndroid', @@ -54,6 +61,20 @@ export const privateKeys = [ 'facebookAppIdUserPool', 'facebookAuthorizeScopes', 'facebookAppSecretUserPool', + 'oidcAppId', + 'oidcAppIdUserPool', + 'oidcAppSecretUserPool', + 'oidcAppOIDCIssuer', + 'oidcAppOIDCAttributesRequestMethod', + 'oidcAttributesMapping', + 'oidcAppOIDCAuthorizeScopes', + 'newOIDCAuthorizeScopes', + 'addOIDCAuthorizeScopeOnUpdate', + 'EditScopes', + 'newOIDCMapping', + 'extraOIDCMapping', + 'addOIDCMappingOnUpdate', + 'EditMappings', 'googleAppIdUserPool', 'googleAuthorizeScopes', 'googleAppSecretUserPool', diff --git a/packages/amplify-category-auth/src/provider-utils/awscloudformation/index.js b/packages/amplify-category-auth/src/provider-utils/awscloudformation/index.js index 8f0c01c5f4d..a63d731355a 100644 --- a/packages/amplify-category-auth/src/provider-utils/awscloudformation/index.js +++ b/packages/amplify-category-auth/src/provider-utils/awscloudformation/index.js @@ -309,6 +309,9 @@ function getRequiredParamsForHeadlessInit(projectType, previousValues) { if (previousValues.authProviders.includes('www.amazon.com')) { requiredParams.push('amazonAppId'); } + if (previousValues.authProviders.includes('OIDC')) { + requiredParams.push('oidcAppId'); + } if (previousValues.authProviders.includes('appleid.apple.com')) { requiredParams.push('appleAppId'); } diff --git a/packages/amplify-category-auth/src/provider-utils/awscloudformation/question-factories/core-questions.js b/packages/amplify-category-auth/src/provider-utils/awscloudformation/question-factories/core-questions.js index a3ecb040ca5..47b48bdcbe0 100644 --- a/packages/amplify-category-auth/src/provider-utils/awscloudformation/question-factories/core-questions.js +++ b/packages/amplify-category-auth/src/provider-utils/awscloudformation/question-factories/core-questions.js @@ -38,7 +38,7 @@ function parseInputs(input, amplify, defaultValuesFilename, stringMapsFilename, }; if (input.type && ['list', 'multiselect'].includes(input.type)) { - if (context.updatingAuth && input.iterator) { + if (context.updatingAuth && input.iterator && input.iterator !== 'extraoidcAttributesMapping') { question = iteratorQuestion(input, question, context); // if selecting existing value to edit it's not require to validate inputs question.validate = () => true; @@ -91,9 +91,14 @@ function parseInputs(input, amplify, defaultValuesFilename, stringMapsFilename, function iteratorQuestion(input, question, context) { if (context.updatingAuth[input.iterator]) { + let iteratorValues = context.updatingAuth[input.iterator]; + if(input.iterator === 'oidcAttributesMapping') { + // loaded from previous answers as escaped string. so parsing it + iteratorValues = Object.keys(JSON.parse(context.updatingAuth['oidcAttributesMapping'])); + } question = Object.assign( { - choices: context.updatingAuth[input.iterator].map(i => ({ + choices: iteratorValues.map(i => ({ name: i, value: i, })), @@ -115,14 +120,18 @@ function iteratorQuestion(input, question, context) { function getRequiredOptions(input, question, getAllMaps, context, currentAnswers) { const sourceValues = Object.assign(context.updatingAuth ? context.updatingAuth : {}, currentAnswers); const sourceArray = uniq(flatten(input.requiredOptions.map(i => sourceValues[i] || []))); - const requiredOptions = getAllMaps()[input.map] ? getAllMaps()[input.map].filter(x => sourceArray.includes(x.value)) : []; + let requiredOptions = getAllMaps()[input.map] ? getAllMaps()[input.map].filter(x => sourceArray.includes(x.value)) : []; + if(input.key === 'newOIDCMapping') { + requiredOptions = requiredOptions.map(opt => {opt.checked = true; opt.disabled = 'Required'; return opt;}); + } const trueOptions = getAllMaps()[input.map] ? getAllMaps()[input.map].filter(x => !sourceArray.includes(x.value)) : []; const msg = - requiredOptions && requiredOptions.length > 0 + requiredOptions && requiredOptions.length > 0 && input.requiredOptionsMsg ? `--- ${input.requiredOptionsMsg} ${requiredOptions.map(t => t.name).join(', ')} ---` : ''; + const displayedRequiredOptions = msg === '' ? requiredOptions : [new inquirer.Separator(msg)]; question = Object.assign(question, { - choices: [new inquirer.Separator(msg), ...trueOptions], + choices: [...displayedRequiredOptions, ...trueOptions], filter: userInput => { return userInput.concat(...requiredOptions.map(z => z.value)); }, @@ -135,11 +144,11 @@ function filterInputs(input, question, getAllMaps, context, currentAnswers) { const choices = input.map ? getAllMaps(context.updatingAuth)[input.map] : input.options; const { requiredAttributes } = Object.assign(context.updatingAuth ? context.updatingAuth : {}, currentAnswers); if (requiredAttributes) { - const attrMap = getAllMaps().attributeProviderMap; + const attrMap = getAllMaps(context).attributeProviderMap; requiredAttributes.forEach(attr => { choices.forEach(choice => { choice.missingAttributes = []; - if (!attrMap[attr] || !attrMap[attr][`${choice.value.toLowerCase()}`].attr) { + if ((!attrMap[attr] || !attrMap[attr][`${choice.value.toLowerCase()}`].attr) && choice.value !== 'OIDC') { choice.missingAttributes = choice.missingAttributes.length < 1 ? [attr] : choice.missingAttributes.concat(attr); const newList = choice.missingAttributes.join(', '); choice.disabled = `Your userpool is configured to require ${newList.substring( diff --git a/packages/amplify-category-auth/src/provider-utils/awscloudformation/service-walkthrough-types.ts b/packages/amplify-category-auth/src/provider-utils/awscloudformation/service-walkthrough-types.ts index 617e47b9d8d..5d96c836f8c 100644 --- a/packages/amplify-category-auth/src/provider-utils/awscloudformation/service-walkthrough-types.ts +++ b/packages/amplify-category-auth/src/provider-utils/awscloudformation/service-walkthrough-types.ts @@ -46,6 +46,8 @@ export interface SocialProviderResult { authProvidersUserPool?: string[]; facebookAppIdUserPool?: string; facebookAppSecretUserPool?: string; + oidcAppIdUserPool?: string; + oidcAppSecretUserPool?: string; googleAppIdUserPool?: string; googleAppSecretUserPool?: string; loginwithamazonAppIdUserPool?: string; @@ -67,6 +69,7 @@ export interface IdentityPoolResult { facebookAppId?: string; amazonAppId?: string; appleAppId?: string; + oidcAppId?: string; selectedParties?: string; // serialized json audiences?: string[]; } diff --git a/packages/amplify-category-auth/src/provider-utils/awscloudformation/service-walkthroughs/auth-questions.js b/packages/amplify-category-auth/src/provider-utils/awscloudformation/service-walkthroughs/auth-questions.js index b71b3bebf3d..ce11379a676 100644 --- a/packages/amplify-category-auth/src/provider-utils/awscloudformation/service-walkthroughs/auth-questions.js +++ b/packages/amplify-category-auth/src/provider-utils/awscloudformation/service-walkthroughs/auth-questions.js @@ -20,6 +20,7 @@ async function serviceWalkthrough(context, defaultValuesFilename, stringMapsFile let userPoolGroupList = context.amplify.getUserPoolGroupList(context); let adminQueryGroup; + // LOAD POTENTIAL PREVIOUS RESPONSES handleUpdates(context, coreAnswers); // QUESTION LOOP @@ -83,15 +84,44 @@ async function serviceWalkthrough(context, defaultValuesFilename, stringMapsFile answer[questionObj.key] && answer[questionObj.key].length > 0 ) { - const replacementArray = context.updatingAuth[questionObj.iterator]; - for (let t = 0; t < answer[questionObj.key].length; t += 1) { - questionObj.validation = questionObj.iteratorValidation; - const newValue = await inquirer.prompt({ - name: 'updated', - message: `Update ${answer[questionObj.key][t]}`, - validate: amplify.inputValidation(questionObj), - }); - replacementArray.splice(replacementArray.indexOf(answer[questionObj.key][t]), 1, newValue.updated); + if (questionObj.iterator.endsWith('oidcAttributesMapping')) { + // Get data from existing entries loaded from stack parameters.json + let map = context.updatingAuth && context.updatingAuth['oidcAttributesMapping'] ? JSON.parse(context.updatingAuth['oidcAttributesMapping']) : {}; + for (let t = 0; t < answer[questionObj.key].length; t += 1) { + let currentValue = map[answer[questionObj.key][t]] ? `(current value: ${map[answer[questionObj.key][t]]})`: ''; + if(questionObj.key === 'RemoveMappings') { + delete map[answer[questionObj.key][t]] + } else { + const response = await inquirer.prompt({ + name: 'oidcProviderAttributeName', + message: `Which OIDC provider’s attribute should map to Cognito’s "${chalkpipe(null, chalk.green)(answer[questionObj.key][t])}" attribute? ${currentValue}`, + }); + map[answer[questionObj.key][t]] = response.oidcProviderAttributeName; + } + } + // Override current data to take changes into account + coreAnswers.oidcAttributesMapping = {}; + Object.assign(coreAnswers.oidcAttributesMapping, map); + if (context.updatingAuth) { + context.updatingAuth['oidcAttributesMapping'] = JSON.stringify(map); + } + } + else { + const replacementArray = context.updatingAuth[questionObj.iterator]; + + for (let t = 0; t < answer[questionObj.key].length; t += 1) { + questionObj.validation = questionObj.iteratorValidation; + if (questionObj.key === 'RemoveScopes') { + replacementArray.splice(replacementArray.indexOf(answer[questionObj.key][t]), 1); + } else { + const newValue = await inquirer.prompt({ + name: 'updated', + message: `Update ${answer[questionObj.key][t]}`, + validate: amplify.inputValidation(questionObj), + }); + replacementArray.splice(replacementArray.indexOf(answer[questionObj.key][t]), 1, newValue.updated); + } + } } j += 1; // ADD-ANOTHER BLOCK @@ -166,6 +196,7 @@ async function serviceWalkthrough(context, defaultValuesFilename, stringMapsFile delete context.updatingAuth.thirdPartyAuth; delete context.updatingAuth.authProviders; delete context.updatingAuth.facebookAppId; + delete context.updatingAuth.oidcAppId; delete context.updatingAuth.googleClientId; delete context.updatingAuth.googleIos; delete context.updatingAuth.googleAndroid; @@ -195,11 +226,9 @@ async function serviceWalkthrough(context, defaultValuesFilename, stringMapsFile // formatting oAuthMetaData structureOAuthMetadata(coreAnswers, context, getAllDefaults, amplify); - if (coreAnswers.usernameAttributes && !Array.isArray(coreAnswers.usernameAttributes)) { - if (coreAnswers.usernameAttributes === 'username') { + if (coreAnswers.usernameAttributes) { + if (coreAnswers.usernameAttributes.includes('username')) { delete coreAnswers.usernameAttributes; - } else { - coreAnswers.usernameAttributes = coreAnswers.usernameAttributes.split(); } } @@ -428,24 +457,55 @@ function userPoolProviders(oAuthProviders, coreAnswers, prevAnswers) { const delimmiter = el === 'Facebook' || el === 'SignInWithApple' ? ',' : ' '; const scopes = []; const maps = {}; - attributesForMapping.forEach(a => { - const attributeKey = attributeProviderMap[a]; - if (attributeKey && attributeKey[`${lowerCaseEl}`] && attributeKey[`${lowerCaseEl}`].scope) { - if (scopes.indexOf(attributeKey[`${lowerCaseEl}`].scope) === -1) { - scopes.push(attributeKey[`${lowerCaseEl}`].scope); - } + let oidc_issuer = undefined; + let attributes_request_method = undefined; + if(el === 'OIDC') { + oidc_issuer = answers.oidcAppOIDCIssuer; + attributes_request_method = answers.oidcAppOIDCAttributesRequestMethod; + // from update auth with additional scope added + if (answers.oidcAuthorizeScopes && coreAnswers.newOIDCAuthorizeScopes) { + scopes = answers.oidcAuthorizeScopes.concat(coreAnswers.newOIDCAuthorizeScopes); + // from add auth + } else if (coreAnswers.newOIDCAuthorizeScopes) { + scopes = coreAnswers.newOIDCAuthorizeScopes; + } else { + // from add auth without specific scope or update without scope added + scopes = answers.oidcAuthorizeScopes ? answers.oidcAuthorizeScopes : ['openid']; } - if (el === 'Google' && !scopes.includes('openid')) { + // Add compulsory scope if missing + if (!scopes.includes('openid')) { scopes.unshift('openid'); } - if (attributeKey && attributeKey[`${lowerCaseEl}`] && attributeKey[`${lowerCaseEl}`].attr) { - maps[a] = attributeKey[`${lowerCaseEl}`].attr; + try { + // from update auth => previous data loaded from file as escaped string + maps = JSON.parse(answers.oidcAttributesMapping); + } catch (e) { + //from add auth + maps = answers.oidcAttributesMapping ? answers.oidcAttributesMapping : {}; } - }); + } else { + attributesForMapping.forEach(a => { + const attributeKey = attributeProviderMap[a]; + if (attributeKey && attributeKey[`${lowerCaseEl}`] && attributeKey[`${lowerCaseEl}`].scope) { + if (scopes.indexOf(attributeKey[`${lowerCaseEl}`].scope) === -1) { + scopes.push(attributeKey[`${lowerCaseEl}`].scope); + } + } + if (el === 'Google' && !scopes.includes('openid')) { + scopes.unshift('openid'); + } + if (attributeKey && attributeKey[`${lowerCaseEl}`] && attributeKey[`${lowerCaseEl}`].attr) { + maps[a] = attributeKey[`${lowerCaseEl}`].attr; + } + }); + } + return { ProviderName: el, authorize_scopes: scopes.join(delimmiter), - AttributeMapping: maps, + oidc_issuer: oidc_issuer, + attributes_request_method: attributes_request_method, + attribute_mapping: maps, }; }), ); @@ -512,7 +572,7 @@ function structureOAuthMetadata(coreAnswers, context, defaults, amplify) { AllowedOAuthFlows, AllowedOAuthScopes, CallbackURLs, - LogoutURLs, + LogoutURLs }); } @@ -548,10 +608,54 @@ function parseOAuthCreds(providers, metadata, envCreds) { providerKeys[`${lowerCaseEl}KeyIdUserPool`] = creds.key_id; providerKeys[`${lowerCaseEl}PrivateKeyUserPool`] = creds.private_key; } else { + if(el === 'OIDC') { + providerKeys[`${lowerCaseEl}AppOIDCIssuer`] = provider.oidc_issuer; + // split on ' ' for authorized scopes seem more intuitive based on OIDC but below it is splitting on ',' + providerKeys[`${lowerCaseEl}AuthorizeScopes`] = provider.authorize_scopes.split(' ').filter(scope => scope != 'openid'); + if (providerKeys[`${lowerCaseEl}AuthorizeScopes`].length === 0) { + providerKeys[`${lowerCaseEl}AuthorizeScopes`] = undefined; + } + providerKeys[`${lowerCaseEl}AttributesMapping`] = JSON.stringify(provider.attribute_mapping); + } providerKeys[`${lowerCaseEl}AppIdUserPool`] = creds.client_id; providerKeys[`${lowerCaseEl}AppSecretUserPool`] = creds.client_secret; } - providerKeys[`${lowerCaseEl}AuthorizeScopes`] = provider.authorize_scopes.split(','); + if(providerKeys[`${lowerCaseEl}AuthorizeScopes`].length === 0) { + /* + * hacky to not overwrite OIDC AuthorizeScopes that is splitting on space. + * This looks like an edge case bug to split on ',' as an OIDC scope can not contain a space but may contain a ',' + * --- + * https://www.rfc-editor.org/rfc/rfc6749.html#appendix-A.4 + * A.4. "scope" Syntax + * The "scope" element is defined in Section 3.3: + * scope = scope-token *( SP scope-token ) + * scope-token = 1*NQCHAR + * https://www.rfc-editor.org/rfc/rfc6749.html#appendix-A + * Appendix A. Augmented Backus-Naur Form (ABNF) Syntax + * + * This section provides Augmented Backus-Naur Form (ABNF) syntax + * descriptions for the elements defined in this specification using the + * notation of [RFC5234]. The ABNF below is defined in terms of Unicode + * code points [W3C.REC-xml-20081126]; these characters are typically + * encoded in UTF-8. Elements are presented in the order first defined. + * + * Some of the definitions that follow use the "URI-reference" + * definition from [RFC3986]. + * + * Some of the definitions that follow use these common definitions: + * + * VSCHAR = %x20-7E + * NQCHAR = %x21 / %x23-5B / %x5D-7E + * NQSCHAR = %x20-21 / %x23-5B / %x5D-7E + * UNICODECHARNOCRLF = %x09 /%x20-7E / %x80-D7FF / + * %xE000-FFFD / %x10000-10FFFF + * + * (The UNICODECHARNOCRLF definition is based upon the Char definition + * in Section 2.2 of [W3C.REC-xml-20081126], but omitting the Carriage + * Return and Linefeed characters.) + */ + providerKeys[`${lowerCaseEl}AuthorizeScopes`] = provider.authorize_scopes.split(','); + } } catch (e) { return null; } @@ -563,7 +667,7 @@ function parseOAuthCreds(providers, metadata, envCreds) { } /* - Handle updates + Handle updates: loading existing responses from parameters.json and team provider info into context.updatingAuth */ function handleUpdates(context, coreAnswers) { if (context.updatingAuth && context.updatingAuth.triggers) { @@ -581,6 +685,7 @@ function handleUpdates(context, coreAnswers) { /* eslint-disable */ const oAuthCreds = parseOAuthCreds(authProvidersUserPool, hostedUIProviderMeta, hostedUIProviderCreds); /* eslint-enable */ + context.updatingAuth = Object.assign(context.updatingAuth, oAuthCreds); } diff --git a/packages/amplify-category-auth/src/provider-utils/awscloudformation/utils/auth-request-adaptors.ts b/packages/amplify-category-auth/src/provider-utils/awscloudformation/utils/auth-request-adaptors.ts index 73f0562bac3..5cfecf0155b 100644 --- a/packages/amplify-category-auth/src/provider-utils/awscloudformation/utils/auth-request-adaptors.ts +++ b/packages/amplify-category-auth/src/provider-utils/awscloudformation/utils/auth-request-adaptors.ts @@ -136,7 +136,7 @@ const socialProviderMap = ( requiredAttributes: string[] = [], ): SocialProviderResult => { const authProvidersUserPool = socialConfig.map(sc => sc.provider).map(provider => pascalCase(provider)); - const socialConfigMap = socialConfig.reduce((acc, it) => { + const socialConfigMap = socialConfig.reduce((acc: SocialProviderResult, it: CognitoSocialProviderConfiguration) => { switch (it.provider) { case 'FACEBOOK': acc.facebookAppIdUserPool = it.clientId; @@ -156,6 +156,10 @@ const socialProviderMap = ( acc.signinwithappleKeyIdUserPool = it.keyId; acc.signinwithapplePrivateKeyUserPool = it.privateKey; break; + case 'OIDC': + result.oidcAppIdUserPool = it.clientId; + result.oidcAppSecretUserPool = it.clientSecret; + break; } return acc; }, {} as any) as SocialProviderResult; @@ -278,7 +282,7 @@ const aliasAttributeMap: Record = { [CognitoUserAliasAttributes.PHONE_NUMBER]: AttributeType.PHONE_NUMBER, }; -const socialFederationKeyMap = (provider: 'FACEBOOK' | 'AMAZON' | 'GOOGLE' | 'APPLE', projectType: string): string => { +const socialFederationKeyMap = (provider: 'FACEBOOK' | 'AMAZON' | 'GOOGLE' | 'APPLE' | 'OIDC', projectType: string): string => { switch (provider) { case 'FACEBOOK': return 'facebookAppId'; @@ -297,6 +301,8 @@ const socialFederationKeyMap = (provider: 'FACEBOOK' | 'AMAZON' | 'GOOGLE' | 'AP } case 'APPLE': return 'appleAppId'; + case 'OIDC': + return 'oidcAppId'; default: throw new Error(`Unknown social federation provider [${provider}]`); } diff --git a/packages/amplify-category-auth/src/provider-utils/supported-services.ts b/packages/amplify-category-auth/src/provider-utils/supported-services.ts index fbf817195a6..1f648626101 100644 --- a/packages/amplify-category-auth/src/provider-utils/supported-services.ts +++ b/packages/amplify-category-auth/src/provider-utils/supported-services.ts @@ -115,6 +115,18 @@ export const supportedServices = { }, ], }, + { + key: "oidcAppId", + question: "Enter your OIDC Client ID for your identity pool: ", + required: true, + andConditions: [ + { + key: "authProviders", + value: "OIDC", + operator: "includes" + } + ] + }, { key: 'thirdPartyAuth', question: 'Do you want to enable 3rd party authentication providers in your identity pool?', @@ -1177,6 +1189,285 @@ export const supportedServices = { }, ], }, + { + key: "oidcAppIdUserPool", + question: "Enter your OIDC App ID for your OAuth flow: ", + required: true, + andConditions: [ + { + key: "authProvidersUserPool", + value: "OIDC", + operator: "includes" + } + ] + }, + { + key: "oidcAppSecretUserPool", + question: "Enter your OIDC App Secret for your OAuth flow (optional): ", + required: false, + andConditions: [ + { + key: "authProvidersUserPool", + value: "OIDC", + operator: "includes" + } + ], + validation: { + operator: "regex", + value: ".*", + onErrorMsg: "The value can be anything." + } + }, + { + key: "oidcAppOIDCIssuer", + question: "Enter your OIDC Issuer url: ", + required: true, + andConditions: [ + { + key: "authProvidersUserPool", + value: "OIDC", + operator: "includes" + } + ], + validation: { + operator: "regex", + value: "^(((?!http://(?!localhost))([a-zA-Z0-9.]{1,})://([a-zA-Z0-9-._~:?#@!$&'()*+,;=/]{1,}))|(?!http)(?!https)([a-zA-Z0-9.]{1,})://)$", + onErrorMsg: "The value must be a valid URI with a trailing forward slash. HTTPS must be used instead of HTTP unless you are using localhost." + } + }, + { + key: "oidcAppOIDCAttributesRequestMethod", + question: "Select your OIDC Attributes Request Method:", + type: "list", + map: "attributesRequestMethod", + required: true, + andConditions: [ + { + key: "authProvidersUserPool", + value: "OIDC", + operator: "includes" + } + ] + }, + { + key: "RemoveScopeConfirmation", + question: "Do you want to remove any auth scopes?", + type: "confirm", + andConditions: [ + { + key: "authProvidersUserPool", + value: "OIDC", + operator: "includes" + }, + { + key: "oidcAuthorizeScopes", + operator: "exists" + }, + { + key: 'updateFlow', + value: 'providers', + operator: '=', + } + ] + }, + { + key: "RemoveScopes", + question: "Which scopes do you want to remove?", + type: "multiselect", + iterator: "oidcAuthorizeScopes", + andConditions: [ + { + key: "oidcAuthorizeScopes", + operator: "exists" + }, + { + onCreate: "never" + }, + { + key: "RemoveScopeConfirmation", + value: true, + operator: "=" + } + ] + }, + { + key: "OIDCAdditionalScope", + question: "Do you want to add auth scopes?", + type: "confirm", + andConditions: [ + { + key: "authProvidersUserPool", + value: "OIDC", + operator: "includes" + } + ] + }, + { + key: "newOIDCAuthorizeScopes", + question: "Enter auth scope:", + required: true, + addAnotherLoop: "auth scope", + andConditions: [ + { + key: "authProvidersUserPool", + value: "OIDC", + operator: "includes" + }, + { + key: "OIDCAdditionalScope", + value: true, + operator: "=" + }, + { + preventEdit: "existsInCurrent", + key: "oidcAuthorizeScopes" + } + ] + }, + { + key: "EditMappingConfirmation", + question: "Do you want to edit attribute mappings?", + type: "confirm", + andConditions: [ + { + key: "authProvidersUserPool", + value: "OIDC", + operator: "includes" + }, + { + key: "oidcAttributesMapping", + preventEdit: "=", + value: '{}' + }, + { + onCreate: "never" + }, + ] + }, + { + key: "EditMappings", + question: "Which attribute mappings do you want to edit?", + type: "multiselect", + iterator: "oidcAttributesMapping", + iteratorValidation: { + operator: "regex", + value: ".*", + onErrorMsg: "The value must be a valid string." + }, + andConditions: [ + { + key: "oidcAttributesMapping", + operator: "exists" + }, + { + onCreate: "never" + }, + { + key: "EditMappingConfirmation", + value: true, + operator: "=" + } + ] + }, + { + key: "RemoveMappingConfirmation", + question: "Do you want to remove any attribute mappings?", + type: "confirm", + andConditions: [ + { + key: "authProvidersUserPool", + value: "OIDC", + operator: "includes" + }, + { + key: "oidcAttributesMapping", + preventEdit: "=", + value: '{}' + }, + { + onCreate: "never" + }, + ] + }, + { + key: "RemoveMappings", + question: "Which attribute mappings do you want to remove?", + type: "multiselect", + iterator: "oidcAttributesMapping", + iteratorValidation: { + operator: "regex", + value: ".*", + onErrorMsg: "The value must be a valid string." + }, + andConditions: [ + { + key: "oidcAttributesMapping", + operator: "exists" + }, + { + onCreate: "never" + }, + { + key: "RemoveMappingConfirmation", + value: true, + operator: "=" + } + ] + }, + { + key: "OIDCAdditionalMapping", + question: "Do you want to add attribute mappings?", + type: "confirm", + andConditions: [ + { + key: "authProvidersUserPool", + value: "OIDC", + operator: "includes" + }, + ] + }, + { + key: "newOIDCMapping", + question: "Which attribute mappings do you want to add?", + required: true, + type: "multiselect", + map: "coreAttributes", + iterator: "oidcAttributesMapping", + requiredOptions: ["usernameAttributes", "requiredAttributes"], + andConditions: [ + { + key: "OIDCAdditionalMapping", + value: true, + operator: "=" + }, + { + preventEdit: 'exists', + key: 'oidcAttributesMapping', + }, + { + preventEdit: 'existsInCurrent', + key: 'oidcAttributesMapping', + }, + ] + }, + { + key: "newOIDCMappingOnUpdate", + question: "Which attribute mappings do you want to add?", + required: true, + type: "multiselect", + map: "coreAttributes", + iterator: "extraoidcAttributesMapping", + andConditions: [ + { + key: "OIDCAdditionalMapping", + value: true, + operator: "=" + }, + { + onCreate: "never" + } + ] + }, { key: 'signinwithappleClientIdUserPool', prefix: diff --git a/packages/amplify-cli/sample-headless-scripts/headless_init_env_auth.sh b/packages/amplify-cli/sample-headless-scripts/headless_init_env_auth.sh index 4173eb79c6b..b635cc9d04b 100755 --- a/packages/amplify-cli/sample-headless-scripts/headless_init_env_auth.sh +++ b/packages/amplify-cli/sample-headless-scripts/headless_init_env_auth.sh @@ -5,8 +5,10 @@ IFS='|' AUTHCONFIG="{\ \"facebookAppId\":\"fbid1\",\ \"googleClientId\":\"goog\",\ -\"amazonAppId\":\"amzn1\"\ +\"amazonAppId\":\"amzn1\",\ +\"oidcAppId\":\"oidc1\"\ }" + AWSCLOUDFORMATIONCONFIG="{\ \"configLevel\":\"project\",\ \"useProfile\":true,\ diff --git a/packages/amplify-console-integration-tests/__tests__/pullAndInit.test.ts b/packages/amplify-console-integration-tests/__tests__/pullAndInit.test.ts index 9cac3088dcc..6c1887bd7d0 100644 --- a/packages/amplify-console-integration-tests/__tests__/pullAndInit.test.ts +++ b/packages/amplify-console-integration-tests/__tests__/pullAndInit.test.ts @@ -199,6 +199,8 @@ describe('amplify app console tests', () => { GOOGLE_APP_SECRET, AMAZON_APP_ID, AMAZON_APP_SECRET, + OIDC_APP_ID, + OIDC_APP_SECRET, APPLE_APP_ID, APPLE_TEAM_ID, APPLE_KEY_ID, @@ -230,6 +232,8 @@ describe('amplify app console tests', () => { googleAppSecretUserPool: GOOGLE_APP_SECRET, loginwithamazonAppIdUserPool: AMAZON_APP_ID, loginwithamazonAppSecretUserPool: AMAZON_APP_SECRET, + oidcAppIdUserPool: OIDC_APP_ID, + oidcAppSecretUserPool: OIDC_APP_SECRET, signinwithappleClientIdUserPool: APPLE_APP_ID, signinwithappleTeamIdUserPool: APPLE_TEAM_ID, signinwithappleKeyIdUserPool: APPLE_KEY_ID, diff --git a/packages/amplify-console-integration-tests/src/pullAndInit/pullProject.ts b/packages/amplify-console-integration-tests/src/pullAndInit/pullProject.ts index 52f7234cd09..75c315ac89a 100644 --- a/packages/amplify-console-integration-tests/src/pullAndInit/pullProject.ts +++ b/packages/amplify-console-integration-tests/src/pullAndInit/pullProject.ts @@ -63,6 +63,7 @@ export function authConfigPull( if (params[key]) pullCommand.push(...[`--${key}`, JSON.stringify(params[key])]); }); const s = { ...defaultSettings, ...settings }; + const { OIDC_APP_ID, OIDC_APP_SECRET } = getSocialProviders(); return new Promise((resolve, reject) => { spawn(util.getCLIPath(), pullCommand, { cwd: projectRootDirPath, stripColors: true }) .wait('Select the authentication method you want to use:') @@ -86,6 +87,10 @@ export function authConfigPull( .wait('Do you plan on modifying this backend?') .sendLine('y') .wait('Successfully pulled backend environment dev from the cloud.') + .wait('Enter your OpenID Connect App ID for your OAuth flow:') + .sendLine(OIDC_APP_ID) + .wait('Enter your OpenID Connect App Secret for your OAuth flow:') + .sendLine(OIDC_APP_SECRET) .run((err: Error) => { if (!err) { resolve(); diff --git a/packages/amplify-e2e-core/src/categories/auth.ts b/packages/amplify-e2e-core/src/categories/auth.ts index de06efcae62..a4ce2f845b6 100644 --- a/packages/amplify-e2e-core/src/categories/auth.ts +++ b/packages/amplify-e2e-core/src/categories/auth.ts @@ -21,6 +21,8 @@ export type AddAuthUserPoolOnlyWithOAuthSettings = AddAuthUserPoolOnlyNoOAuthSet appleAppTeamId: string; appleAppKeyID: string; appleAppPrivateKey: string; + oidcAppId: string; + oidcAppSecret: string; }; export type AddAuthIdentityPoolAndUserPoolWithOAuthSettings = AddAuthUserPoolOnlyWithOAuthSettings & { @@ -632,7 +634,10 @@ export function addAuthWithDefaultSocial(cwd: string, settings: any): Promise { + if (!err) { + resolve(); + } else { + reject(err); + } + }); + }); +} + +export function addAuthWithDefaultSocialAndAdvancedOIDCOptions(cwd: string, settings: any): Promise { + return new Promise((resolve, reject) => { + const { + FACEBOOK_APP_ID, + FACEBOOK_APP_SECRET, + GOOGLE_APP_ID, + GOOGLE_APP_SECRET, + AMAZON_APP_ID, + AMAZON_APP_SECRET, + APPLE_APP_ID, + APPLE_TEAM_ID, + APPLE_KEY_ID, + APPLE_PRIVATE_KEY, + OIDC_APP_ID, + OIDC_APP_SECRET, + OIDC_APP_ISSUER, + OIDC_APP_SCOPES, + OIDC_APP_MAPPING, + }: any = getSocialProviders(true); + + spawn(getCLIPath(), ['add', 'auth'], { cwd, stripColors: true }) + .wait('Do you want to use the default authentication and security configuration?') + .send(KEY_DOWN_ARROW) + .sendCarriageReturn() + .wait('How do you want users to be able to sign in?') + .sendCarriageReturn() + .wait('Do you want to configure advanced settings?') + .sendCarriageReturn() + .wait('What domain name prefix do you want to use?') + .sendCarriageReturn() + .wait('Enter your redirect signin URI:') + .sendLine('https://www.google.com/') + .wait('Do you want to add another redirect signin URI') + .sendLine('n') + .wait('Enter your redirect signout URI:') + .sendLine('https://www.nytimes.com/') + .wait('Do you want to add another redirect signout URI') + .sendLine('n') + .wait('Select the social providers you want to configure for your user pool:') + .send('a') + .sendCarriageReturn() + .wait('Enter your Facebook App ID for your OAuth flow:') + .send(FACEBOOK_APP_ID) + .sendCarriageReturn() + .wait('Enter your Facebook App Secret for your OAuth flow:') + .send(FACEBOOK_APP_SECRET) + .sendCarriageReturn() + .wait('Enter your Google Web Client ID for your OAuth flow:') + .send(GOOGLE_APP_ID) + .sendCarriageReturn() + .wait('Enter your Google Web Client Secret for your OAuth flow:') + .send(GOOGLE_APP_SECRET) + .sendCarriageReturn() + .wait('Enter your Amazon App ID for your OAuth flow:') + .send(AMAZON_APP_ID) + .sendCarriageReturn() + .wait('Enter your Amazon App Secret for your OAuth flow:') + .send(AMAZON_APP_SECRET) + .sendCarriageReturn() + .wait('Enter your Services ID for your OAuth flow:') + .send(APPLE_APP_ID) + .sendCarriageReturn() + .wait('Enter your Team ID for your OAuth flow:') + .send(APPLE_TEAM_ID) + .sendCarriageReturn() + .wait('Enter your Key ID for your OAuth flow:') + .send(APPLE_KEY_ID) + .sendCarriageReturn() + .wait('Enter your Private Key for your OAuth flow:') + .send(APPLE_PRIVATE_KEY) + .sendCarriageReturn() + .wait('Enter your OIDC App ID for your OAuth flow:') + .send(OIDC_APP_ID) + .sendCarriageReturn() + .wait('Enter your OIDC App Secret for your OAuth flow:') + .send(OIDC_APP_SECRET) + .sendCarriageReturn() + .wait('Enter your OIDC Issuer url:') + .send(OIDC_APP_ISSUER) + .sendCarriageReturn() + .wait('Select your OIDC Attributes Request Method:') + .sendCarriageReturn() + .wait('Do you want to configure advanced settings such as setting scope and mapping ?') + .sendLine('y') + .wait('Enter authorize scopes used by your application during authentication to authorize access to a user\'s details, like name and picture as a JSON array (ex. [\"openid\",\"test\"]):') + .send(OIDC_APP_SCOPES) + .sendCarriageReturn() + .wait('Enter the expected attributes mapping between your OIDC provider and your Cognito user as a JSON (ex. {"email":"EMAIL","username":"sub"}) (optional):') + .send(OIDC_APP_MAPPING) + .sendCarriageReturn() .sendEof() .run((err: Error) => { if (!err) { @@ -944,6 +1063,8 @@ export function addAuthWithMaxOptions(cwd: string, settings: any): Promise APPLE_TEAM_ID, APPLE_KEY_ID, APPLE_PRIVATE_KEY, + OIDC_APP_ID, + OIDC_APP_SECRET, } = getSocialProviders(true); return new Promise((resolve, reject) => { @@ -977,6 +1098,9 @@ export function addAuthWithMaxOptions(cwd: string, settings: any): Promise .wait('Enter your Bundle Identifier for your identity pool') .send('appleIDPOOL') .sendCarriageReturn() + .wait('Enter your OIDC App ID for your identity pool') + .send('oidcIDPOOL') + .sendCarriageReturn() .wait('Please provide a name for your user pool') .sendCarriageReturn() .wait('How do you want users to be able to sign in') @@ -1074,6 +1198,10 @@ export function addAuthWithMaxOptions(cwd: string, settings: any): Promise .sendLine(APPLE_KEY_ID) .wait('Enter your Private Key for your OAuth flow') .sendLine(APPLE_PRIVATE_KEY) + .wait('Enter your OIDC App ID for your OAuth flow') + .sendLine(OIDC_APP_ID) + .wait('Enter your OIDC App Secret for your OAuth flow') + .sendLine(OIDC_APP_SECRET) .wait('Do you want to configure Lambda Triggers for Cognito') .sendLine('y') .wait('Which triggers do you want to enable for Cognito') @@ -1287,6 +1415,10 @@ export function addAuthUserPoolOnlyWithOAuth(cwd: string, settings: AddAuthUserP .sendLine(settings.appleAppKeyID) .wait('Enter your Private Key for your OAuth flow:') .sendLine(settings.appleAppPrivateKey) + .wait('Enter your OIDC App ID for your OAuth flow') + .sendLine(settings.oidcAppId) + .wait('Enter your OIDC App Secret for your OAuth flow') + .sendLine(settings.oidcAppSecret) .wait('Do you want to configure Lambda Triggers for Cognito') .sendConfirmNo() .sendEof() @@ -1411,6 +1543,10 @@ export function addAuthIdentityPoolAndUserPoolWithOAuth( .sendLine(settings.appleAppKeyID) .wait('Enter your Private Key for your OAuth flow:') .sendLine(settings.appleAppPrivateKey) + .wait('Enter your OIDC App ID for your OAuth flow') + .sendLine(settings.oidcAppId) + .wait('Enter your OIDC App Secret for your OAuth flow') + .sendLine(settings.oidcAppSecret) .wait('Do you want to configure Lambda Triggers for Cognito') .sendConfirmNo() .sendEof() diff --git a/packages/amplify-e2e-core/src/utils/envVars.ts b/packages/amplify-e2e-core/src/utils/envVars.ts index 27d5a63d113..c7acbe746b7 100644 --- a/packages/amplify-e2e-core/src/utils/envVars.ts +++ b/packages/amplify-e2e-core/src/utils/envVars.ts @@ -3,6 +3,7 @@ type AWSCredentials = { AWS_SECRET_ACCESS_KEY?: string; AWS_SESSION_TOKEN?: string; }; + type SocialProviders = { FACEBOOK_APP_ID?: string; FACEBOOK_APP_SECRET?: string; @@ -10,6 +11,11 @@ type SocialProviders = { GOOGLE_APP_SECRET?: string; AMAZON_APP_ID?: string; AMAZON_APP_SECRET?: string; + OIDC_APP_ID?: string; + OIDC_APP_SECRET?: string; + OIDC_APP_ISSUER?: string; + OIDC_APP_SCOPES?: string; + OIDC_APP_MAPPING?: string; APPLE_APP_ID?: string; APPLE_TEAM_ID?: string; APPLE_KEY_ID?: string; @@ -20,7 +26,7 @@ type EnvironmentVariables = AWSCredentials & SocialProviders; export function getEnvVars(): EnvironmentVariables { return { ...process.env } as EnvironmentVariables; -} +}; export function getSocialProviders(getEnv: boolean = false): SocialProviders { if (!getEnv) { @@ -31,6 +37,11 @@ export function getSocialProviders(getEnv: boolean = false): SocialProviders { GOOGLE_APP_SECRET: 'gglAppSecret', AMAZON_APP_ID: 'amaznAppID', AMAZON_APP_SECRET: 'amaznAppID', + OIDC_APP_ID: 'oidcAppID', + OIDC_APP_SECRET: 'oidcAppSecret', + OIDC_APP_ISSUER: 'oidcAppIssuer', + OIDC_APP_SCOPES: 'oidcAppScopes', + OIDC_APP_MAPPING: 'oidcAppMapping', APPLE_APP_ID: 'com.fake.app', APPLE_TEAM_ID: '2QLEWNDK6K', APPLE_KEY_ID: '2QLZXKYJ8J', @@ -38,7 +49,8 @@ export function getSocialProviders(getEnv: boolean = false): SocialProviders { APPLE_PRIVATE_KEY: 'MIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgIltgNsTgTfSzUadYiCS0VYtDDMFln/J8i1yJsSIw5g+gCgYIKoZIzj0DAQehRANCAASI8E0L/DhR/mIfTT07v3VwQu6q8I76lgn7kFhT0HvWoLuHKGQFcFkXXCgztgBrprzd419mUChAnKE6y89bWcNw', }; - } + }; + const { FACEBOOK_APP_ID, FACEBOOK_APP_SECRET, @@ -50,6 +62,11 @@ export function getSocialProviders(getEnv: boolean = false): SocialProviders { APPLE_TEAM_ID, APPLE_KEY_ID, APPLE_PRIVATE_KEY, + OIDC_APP_ID, + OIDC_APP_SECRET, + OIDC_APP_ISSUER, + OIDC_APP_SCOPES, + OIDC_APP_MAPPING, }: any = getEnvVars(); const missingVars = []; @@ -71,6 +88,21 @@ export function getSocialProviders(getEnv: boolean = false): SocialProviders { if (!AMAZON_APP_SECRET) { missingVars.push('AMAZON_APP_SECRET'); } + if (!OIDC_APP_ID) { + missingVars.push('OIDC_APP_ID'); + } + if (!OIDC_APP_SECRET) { + missingVars.push('OIDC_APP_SECRET'); + } + if (!OIDC_APP_ISSUER) { + missingVars.push('OIDC_APP_ISSUER'); + } + if (!OIDC_APP_SCOPES) { + missingVars.push('OIDC_APP_SCOPES'); + } + if (!OIDC_APP_MAPPING) { + missingVars.push('OIDC_APP_MAPPING'); + } if (!APPLE_APP_ID) { missingVars.push('APPLE_APP_ID'); } @@ -98,5 +130,10 @@ export function getSocialProviders(getEnv: boolean = false): SocialProviders { APPLE_TEAM_ID, APPLE_KEY_ID, APPLE_PRIVATE_KEY, + OIDC_APP_ID, + OIDC_APP_SECRET, + OIDC_APP_ISSUER, + OIDC_APP_SCOPES, + OIDC_APP_MAPPING, }; -} +}; diff --git a/packages/amplify-e2e-tests/sample.env b/packages/amplify-e2e-tests/sample.env index 728cb8dcb67..e60ab03a321 100644 --- a/packages/amplify-e2e-tests/sample.env +++ b/packages/amplify-e2e-tests/sample.env @@ -19,6 +19,12 @@ APPLE_TEAM_ID=2QLEWNDK6K APPLE_KEY_ID=2QLZXKYJ8J APPLE_PRIVATE_KEY=MIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgIltgNsTgTfSzUadYiCS0VYtDDMFln/J8i1yJsSIw5g+gCgYIKoZIzj0DAQehRANCAASI8E0L/DhR/mIfTT07v3VwQu6q8I76lgn7kFhT0HvWoLuHKGQFcFkXXCgztgBrprzd419mUChAnKE6y89bWcNw +OIDC_APP_ID= +OIDC_APP_SECRET= +OIDC_APP_ISSUER= +OIDC_APP_SCOPES= +OIDC_APP_MAPPING= + #Used for delete test AWS_ACCESS_KEY_ID= AWS_SECRET_ACCESS_KEY= @@ -27,4 +33,4 @@ CLI_REGION= # Used for cleanup script CIRCLECI_TOKEN = '' # Token used for querying CircleCI to get the build details CIRCLE_PROJECT_USERNAME='' -CIRCLE_PROJECT_REPONAME='amplify-cli' \ No newline at end of file +CIRCLE_PROJECT_REPONAME='amplify-cli' diff --git a/packages/amplify-headless-interface/schemas/auth/1/AddAuthRequest.schema.json b/packages/amplify-headless-interface/schemas/auth/1/AddAuthRequest.schema.json index 6b1c2082cdc..eec235d30f2 100644 --- a/packages/amplify-headless-interface/schemas/auth/1/AddAuthRequest.schema.json +++ b/packages/amplify-headless-interface/schemas/auth/1/AddAuthRequest.schema.json @@ -458,7 +458,8 @@ "enum": [ "FACEBOOK", "GOOGLE", - "LOGIN_WITH_AMAZON" + "LOGIN_WITH_AMAZON", + "OIDC" ], "type": "string" }, @@ -576,7 +577,8 @@ "AMAZON", "APPLE", "FACEBOOK", - "GOOGLE" + "GOOGLE", + "OIDC" ], "type": "string" }, diff --git a/packages/amplify-headless-interface/src/interface/auth/add.ts b/packages/amplify-headless-interface/src/interface/auth/add.ts index 157f4cc4fea..ee620ee9791 100644 --- a/packages/amplify-headless-interface/src/interface/auth/add.ts +++ b/packages/amplify-headless-interface/src/interface/auth/add.ts @@ -78,7 +78,7 @@ export interface CognitoIdentityPoolConfiguration { * Defines a social federation provider. */ export interface CognitoIdentitySocialFederation { - provider: 'FACEBOOK' | 'GOOGLE' | 'AMAZON' | 'APPLE'; + provider: 'FACEBOOK' | 'GOOGLE' | 'AMAZON' | 'APPLE' | 'OIDC'; /** * ClientId unique to your client and the provider. */ @@ -180,7 +180,7 @@ interface SocialProviderConfig { /** * Social providers supported by Amplify and Cognito */ - provider: 'FACEBOOK' | 'GOOGLE' | 'LOGIN_WITH_AMAZON'; + provider: 'FACEBOOK' | 'GOOGLE' | 'LOGIN_WITH_AMAZON' | 'OIDC'; /** * The client ID (sometimes called app ID) configured with the provider. */ diff --git a/packages/amplify-migration-tests/sample.env b/packages/amplify-migration-tests/sample.env index 5f5f5df5709..1106e017f2a 100644 --- a/packages/amplify-migration-tests/sample.env +++ b/packages/amplify-migration-tests/sample.env @@ -12,3 +12,9 @@ GOOGLE_APP_SECRET= AMAZON_APP_ID= AMAZON_APP_SECRET= + +OIDC_APP_ID= +OIDC_APP_SECRET= +OIDC_APP_ISSUER= +OIDC_APP_SCOPES= +OIDC_APP_MAPPING=