Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

aws-cognito: Add PCRE Regex Validation #28667

Closed
1 of 2 tasks
IkeNefcy opened this issue Jan 11, 2024 · 3 comments · Fixed by #28802
Closed
1 of 2 tasks

aws-cognito: Add PCRE Regex Validation #28667

IkeNefcy opened this issue Jan 11, 2024 · 3 comments · Fixed by #28802
Labels
@aws-cdk/aws-cognito Related to Amazon Cognito effort/small Small work item – less than a day of effort feature-request A feature should be added or improved. p2

Comments

@IkeNefcy
Copy link

Describe the feature

When creating a userpool using an OICD identity provider, UserPoolIdentityProviderOidc(), The provider name must follow a PCRE convention, which can throw an error in CFN if not matched. CFN displays: /[^_\p{Z}][\p{L}\p{M}\p{S}\p{N}\p{P}][^_\p{Z}]+/ (basically anything, but no spaces, no underscores).
Feature would be to add a type check, or a check during a local build, that shows if the name matches this.

Use Case

Saves time, if a name is passed with "_" or " " (In my case _) then you need to wait for rollback, and depending on how much of the other cognito portions were created, may have to manually delete the user pool that was half created after rollback.

Proposed Solution

Add a Type check, maybe something like

type RegexString<P extends RegExp> = string extends P ? string : string;
const provrule = /[^_\p{Z}][\p{L}\p{M}\p{S}\p{N}\p{P}][^_\p{Z}]+/;
type provname = RegexString<typeof provrule>;

//from cdk /aws-cdk-lib/aws-cognito/lib/user-pool-idps/oidc.d.ts
export interface UserPoolIdentityProviderOidcProps extends UserPoolIdentityProviderProps {
//
// ...
//
     * @default - the unique ID of the construct
     */
    readonly name?: provname;

But this doesn't work with PCRE, if I have time later to get something working I will try, but opening this anyways.

Other Information

No response

Acknowledgements

  • I may be able to implement this feature request
  • This feature might incur a breaking change

CDK version used

2.117.0

Environment details (OS name and version, etc.)

Linux / Centos 7, x86_64
@IkeNefcy IkeNefcy added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels Jan 11, 2024
@github-actions github-actions bot added the @aws-cdk/aws-cognito Related to Amazon Cognito label Jan 11, 2024
@tim-finnigan tim-finnigan self-assigned this Jan 12, 2024
@tim-finnigan tim-finnigan added investigating This issue is being investigated and/or work is in progress to resolve the issue. and removed needs-triage This issue or PR still needs to be triaged. labels Jan 12, 2024
@tim-finnigan
Copy link

Thanks for the feature request. Linking the documentation referencing the regex pattern you mentioned: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolidentityprovider.html

@tim-finnigan tim-finnigan added p2 effort/small Small work item – less than a day of effort and removed investigating This issue is being investigated and/or work is in progress to resolve the issue. labels Jan 12, 2024
@tim-finnigan tim-finnigan removed their assignment Jan 12, 2024
@msambol
Copy link
Contributor

msambol commented Jan 21, 2024

I'll take this.

@msambol msambol mentioned this issue Jan 21, 2024
Merged
@mergify mergify bot closed this as completed in #28802 Jan 29, 2024
mergify bot pushed a commit that referenced this issue Jan 29, 2024
@msambol
feat(cognito): validate oidc provider name (#28802)
534794c 
Closes #28667.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@github-actions GitHub Actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

Vandita2020 pushed a commit to Vandita2020/aws-cdk that referenced this issue Jan 30, 2024
@msambol @Vandita2020
feat(cognito): validate oidc provider name (aws#28802)
2e3466e 
Closes aws#28667.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Vandita2020 pushed a commit to Vandita2020/aws-cdk that referenced this issue Jan 30, 2024
@msambol @Vandita2020
feat(cognito): validate oidc provider name (aws#28802)
a7244d6 
Closes aws#28667.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@github-actions github-actions bot mentioned this issue Feb 1, 2024
Closed
SankyRed pushed a commit that referenced this issue Feb 8, 2024
@msambol @SankyRed
feat(cognito): validate oidc provider name (#28802)
812d7af 
Closes #28667.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-cognito Related to Amazon Cognito effort/small Small work item – less than a day of effort feature-request A feature should be added or improved. p2
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(cognito): validate oidc provider name msambol/aws-cdk
3 participants
@msambol @IkeNefcy @tim-finnigan