Skip to content

fix(e2e): disable self-registration in Cognito User Pools created by e2e tests #14898

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
adrianjoshua-strutt wants to merge 1 commit into
base: dev
Choose a base branch
from
+52 −3
Open

fix(e2e): disable self-registration in Cognito User Pools created by e2e tests #14898

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
55 changes: 52 additions & 3 deletions packages/amplify-e2e-core/src/categories/auth.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
import _ from 'lodash';
import * as fs from 'fs-extra';
import * as path from 'path';
import { getCLIPath, getSocialProviders, KEY_DOWN_ARROW, KEY_UP_ARROW, nspawn as spawn, setTransformerVersionFlag } from '..';

export type AddAuthUserPoolOnlyNoOAuthSettings = {
Expand Down Expand Up @@ -34,7 +36,7 @@ export type AddAuthIdentityPoolAndUserPoolWithOAuthSettings = AddAuthUserPoolOnl
};

export const addAuthWithDefault = async (cwd: string, testingWithLatestCodebase = false): Promise<void> => {
return spawn(getCLIPath(testingWithLatestCodebase), ['add', 'auth'], { cwd, stripColors: true })
await spawn(getCLIPath(testingWithLatestCodebase), ['add', 'auth'], { cwd, stripColors: true })
.wait('Do you want to use the default authentication')
.sendCarriageReturn()
.wait('How do you want users to be able to sign in')
Expand All @@ -43,6 +45,36 @@ export const addAuthWithDefault = async (cwd: string, testingWithLatestCodebase
.sendCarriageReturn()
.sendEof()
.runAsync();
addAuthOverrideToDisableSelfSignup(cwd);
};

/**
* Writes an override.ts file to the auth resource directory that disables self-registration
* by setting AdminCreateUserConfig.AllowAdminCreateUserOnly = true.
* This ensures e2e test Cognito pools do not allow public self-sign-up.
*/
export const addAuthOverrideToDisableSelfSignup = (cwd: string): void => {
const authDir = path.join(cwd, 'amplify', 'backend', 'auth');
if (!fs.existsSync(authDir)) return;

const resources = fs.readdirSync(authDir).filter((f) => !f.startsWith('.') && fs.statSync(path.join(authDir, f)).isDirectory());
if (resources.length === 0) return;

const resourceDir = path.join(authDir, resources[0]);
const overrideFilePath = path.join(resourceDir, 'override.ts');

const overrideContent = [
"import { AmplifyAuthCognitoStackTemplate } from '@aws-amplify/cli-extensibility-helper';",
'',
'export function override(resources: AmplifyAuthCognitoStackTemplate): void {',
' resources.userPool.adminCreateUserConfig = {',
' allowAdminCreateUserOnly: true,',
' };',
'}',
'',
].join('\n');

fs.writeFileSync(overrideFilePath, overrideContent);
};

export function runAmplifyAuthConsole(cwd: string): Promise<void> {
Expand Down Expand Up @@ -102,6 +134,7 @@ export function addAuthWithGroupTrigger(cwd: string): Promise<void> {
.sendConfirmNo()
.run((err: Error) => {
if (!err) {
addAuthOverrideToDisableSelfSignup(cwd);
resolve();
} else {
reject(err);
Expand Down Expand Up @@ -143,6 +176,7 @@ export async function addAuthWithEmailVerificationAndUserPoolGroupTriggers(cwd:
.wait('Do you want to edit your add-to-group function now?')
.sendConfirmNo()
.runAsync();
addAuthOverrideToDisableSelfSignup(cwd);
}

interface AddApiOptions {
Expand Down Expand Up @@ -197,6 +231,7 @@ export function addAuthViaAPIWithTrigger(cwd: string, opts: Partial<AddApiOption
.sendConfirmNo()
.run((err: Error) => {
if (!err) {
addAuthOverrideToDisableSelfSignup(cwd);
resolve();
} else {
reject(err);
Expand Down Expand Up @@ -286,6 +321,7 @@ export function addAuthwithUserPoolGroupsViaAPIWithTrigger(cwd: string, opts: Pa
.sendConfirmNo()
.run((err: Error) => {
if (!err) {
addAuthOverrideToDisableSelfSignup(cwd);
resolve();
} else {
reject(err);
Expand Down Expand Up @@ -368,6 +404,7 @@ export function addAuthWithCustomTrigger(cwd: string, settings: any): Promise<vo
.sendConfirmNo()
.run((err: Error) => {
if (!err) {
addAuthOverrideToDisableSelfSignup(cwd);
resolve();
} else {
reject(err);
Expand Down Expand Up @@ -872,6 +909,7 @@ export function addAuthWithRecaptchaTrigger(cwd: string): Promise<void> {
.sendConfirmNo()
.run((err: Error) => {
if (!err) {
addAuthOverrideToDisableSelfSignup(cwd);
resolve();
} else {
reject(err);
Expand Down Expand Up @@ -967,6 +1005,7 @@ export function addAuthWithSignInSignOutUrl(cwd: string, settings: any): Promise
.sendEof()
.run((err: Error) => {
if (!err) {
addAuthOverrideToDisableSelfSignup(cwd);
resolve();
} else {
reject(err);
Expand Down Expand Up @@ -1022,6 +1061,7 @@ export function addAuthWithDefaultSocial_v4_30(cwd: string): Promise<void> {
.sendEof()
.run((err: Error) => {
if (!err) {
addAuthOverrideToDisableSelfSignup(cwd);
resolve();
} else {
reject(err);
Expand Down Expand Up @@ -1099,6 +1139,7 @@ export function addAuthWithDefaultSocial(cwd: string): Promise<void> {
.sendEof()
.run((err: Error) => {
if (!err) {
addAuthOverrideToDisableSelfSignup(cwd);
resolve();
} else {
reject(err);
Expand Down Expand Up @@ -1259,6 +1300,7 @@ export function addAuthUserPoolOnly(cwd: string): Promise<void> {
.sendEof()
.run((err: Error) => {
if (!err) {
addAuthOverrideToDisableSelfSignup(cwd);
resolve();
} else {
reject(err);
Expand Down Expand Up @@ -1329,7 +1371,7 @@ export function addAuthWithGroups(cwd: string): Promise<void> {
.wait('Do you want to configure Lambda Triggers for Cognito')
.sendConfirmNo()
.sendEof()
.run((err: Error) => (err ? reject(err) : resolve()));
.run((err: Error) => (err ? reject(err) : (addAuthOverrideToDisableSelfSignup(cwd), resolve())));
});
}

Expand Down Expand Up @@ -1400,6 +1442,7 @@ export function addAuthWithGroupsAndAdminAPI(cwd: string): Promise<void> {
.sendEof()
.run((err: Error) => {
if (!err) {
addAuthOverrideToDisableSelfSignup(cwd);
resolve();
} else {
reject(err);
Expand Down Expand Up @@ -1612,6 +1655,7 @@ export function addAuthWithMaxOptions(cwd: string, settings: any): Promise<void>
.wait('Successfully')
.run((err: Error) => {
if (!err) {
addAuthOverrideToDisableSelfSignup(cwd);
resolve();
} else {
reject(err);
Expand Down Expand Up @@ -1640,6 +1684,7 @@ export function addAuthWithPreTokenGenerationTrigger(projectDir: string): Promis
.sendLine('n')
.run((err: Error) => {
if (!err) {
addAuthOverrideToDisableSelfSignup(projectDir);
resolve();
} else {
reject(err);
Expand Down Expand Up @@ -1854,6 +1899,7 @@ export function addAuthUserPoolOnlyWithOAuth(cwd: string, settings: AddAuthUserP
.sendEof()
.run((err: Error) => {
if (!err) {
addAuthOverrideToDisableSelfSignup(cwd);
resolve();
} else {
reject(err);
Expand Down Expand Up @@ -1978,6 +2024,7 @@ export function addAuthIdentityPoolAndUserPoolWithOAuth(
.sendEof()
.run((err: Error) => {
if (!err) {
addAuthOverrideToDisableSelfSignup(cwd);
resolve();
} else {
reject(err);
Expand Down Expand Up @@ -2033,6 +2080,7 @@ export function addAuthUserPoolOnlyNoOAuth(cwd: string, settings: AddAuthUserPoo
.sendEof()
.run((err: Error) => {
if (!err) {
addAuthOverrideToDisableSelfSignup(cwd);
resolve();
} else {
reject(err);
Expand Down Expand Up @@ -2370,5 +2418,6 @@ export const addAuthWithOidcForNonJSProject = async (
.sendConfirmNo()
.sendEof();

return chain.runAsync();
await chain.runAsync();
addAuthOverrideToDisableSelfSignup(cwd);
};
Loading