feat(lambda): preTokenGeneration trigger called when tokens generated

jagregory · Dec 7, 2021 · d04506e · d04506e
1 parent 87833e2
commit d04506e
Show file tree

Hide file tree

Showing 30 changed files with 963 additions and 468 deletions.
diff --git a/README.md b/README.md
@@ -174,29 +174,33 @@ cognito-local how to connect to your local Lambda server:
 
 #### Supported Lambda Triggers
 
-| Trigger                     | Operation                         | Support |
-| --------------------------- | --------------------------------- | ------- |
-| CreateAuthChallenge         | \*                                | ❌      |
-| CustomEmailSender           | \*                                | ❌      |
-| CustomMessage               | AdminCreateUser                   | ✅      |
-| CustomMessage               | Authentication                    | ✅      |
-| CustomMessage               | ForgotPassword                    | ✅      |
-| CustomMessage               | ResendCode                        | ❌      |
-| CustomMessage               | SignUp                            | ✅      |
-| CustomMessage               | UpdateUserAttribute               | ❌      |
-| CustomMessage               | VerifyUserAttribute               | ❌      |
-| DefineAuthChallenge         | \*                                | ❌      |
-| PostAuthentication          | PostAuthentication_Authentication | ✅      |
-| PostConfirmation            | ConfirmForgotPassword             | ✅      |
-| PostConfirmation            | ConfirmSignUp                     | ✅      |
-| PreAuthentication           | \*                                | ❌      |
-| PreSignUp                   | PreSignUp_AdminCreateUser         | ❌      |
-| PreSignUp                   | PreSignUp_ExternalProvider        | ❌      |
-| PreSignUp                   | PreSignUp_SignUp                  | ✅      |
-| PreTokenGeneration          | \*                                | ❌      |
-| UserMigration               | Authentication                    | ✅      |
-| UserMigration               | ForgotPassword                    | ❌      |
-| VerifyAuthChallengeResponse | \*                                | ❌      |
+| Trigger                     | Operation                            | Support |
+| --------------------------- | ------------------------------------ | ------- |
+| CreateAuthChallenge         | \*                                   | ❌      |
+| CustomEmailSender           | \*                                   | ❌      |
+| CustomMessage               | AdminCreateUser                      | ✅      |
+| CustomMessage               | Authentication                       | ✅      |
+| CustomMessage               | ForgotPassword                       | ✅      |
+| CustomMessage               | ResendCode                           | ❌      |
+| CustomMessage               | SignUp                               | ✅      |
+| CustomMessage               | UpdateUserAttribute                  | ❌      |
+| CustomMessage               | VerifyUserAttribute                  | ❌      |
+| DefineAuthChallenge         | \*                                   | ❌      |
+| PostAuthentication          | PostAuthentication_Authentication    | ✅      |
+| PostConfirmation            | ConfirmForgotPassword                | ✅      |
+| PostConfirmation            | ConfirmSignUp                        | ✅      |
+| PreAuthentication           | \*                                   | ❌      |
+| PreSignUp                   | PreSignUp_AdminCreateUser            | ❌      |
+| PreSignUp                   | PreSignUp_ExternalProvider           | ❌      |
+| PreSignUp                   | PreSignUp_SignUp                     | ✅      |
+| PreTokenGeneration          | TokenGeneration_AuthenticateDevice   | ❌      |
+| PreTokenGeneration          | TokenGeneration_Authentication       | ✅      |
+| PreTokenGeneration          | TokenGeneration_HostedAuth           | ❌      |
+| PreTokenGeneration          | TokenGeneration_NewPasswordChallenge | ❌      |
+| PreTokenGeneration          | TokenGeneration_RefreshTokens        | ✅      |
+| UserMigration               | Authentication                       | ✅      |
+| UserMigration               | ForgotPassword                       | ❌      |
+| VerifyAuthChallengeResponse | \*                                   | ❌      |
 
 #### Known limitations
 
@@ -291,7 +295,7 @@ Before starting Cognito Local, create a config file if one doesn't already exist
 You can edit that `.cognito/config.json` and add any of the following settings:
 
 | Setting                                    | Type       | Default                 | Description                                                 |
-| ------------------------------------------ | ---------- | ----------------------- | ----------------------------------------------------------- |
+|--------------------------------------------| ---------- | ----------------------- |-------------------------------------------------------------|
 | `LambdaClient`                             | `object`   |                         | Any setting you would pass to the AWS.Lambda Node.js client |
 | `LambdaClient.credentials.accessKeyId`     | `string`   | `local`                 |                                                             |
 | `LambdaClient.credentials.secretAccessKey` | `string`   | `local`                 |                                                             |
@@ -303,6 +307,7 @@ You can edit that `.cognito/config.json` and add any of the following settings:
 | `TriggerFunctions.PostAuthentication`      | `string`   |                         | PostAuthentication local lambda function name               |
 | `TriggerFunctions.PostConfirmation`        | `string`   |                         | PostConfirmation local lambda function name                 |
 | `TriggerFunctions.PreSignUp`               | `string`   |                         | PostConfirmation local lambda function name                 |
+| `TriggerFunctions.PreTokenGeneration`      | `string`   |                         | PreTokenGeneration local lambda function name               |
 | `TriggerFunctions.UserMigration`           | `string`   |                         | PreSignUp local lambda function name                        |
 | `UserPoolDefaults`                         | `object`   |                         | Default behaviour to use for the User Pool                  |
 | `UserPoolDefaults.MfaConfiguration`        | `string`   |                         | MFA type                                                    |

diff --git a/integration-tests/aws-sdk/adminInitiateAuth.test.ts b/integration-tests/aws-sdk/adminInitiateAuth.test.ts
@@ -47,7 +47,10 @@ describe(
         .adminCreateUser({
           DesiredDeliveryMediums: ["EMAIL"],
           TemporaryPassword: "def",
-          UserAttributes: [{ Name: "email", Value: "[email protected]" }],
+          UserAttributes: [
+            { Name: "email", Value: "[email protected]" },
+            { Name: "email_verified", Value: "true" },
+          ],
           Username: "abc",
           UserPoolId: "test",
         })
@@ -128,7 +131,10 @@ describe(
         .adminCreateUser({
           DesiredDeliveryMediums: ["EMAIL"],
           TemporaryPassword: "def",
-          UserAttributes: [{ Name: "email", Value: "[email protected]" }],
+          UserAttributes: [
+            { Name: "email", Value: "[email protected]" },
+            { Name: "email_verified", Value: "true" },
+          ],
           Username: "abc",
           UserPoolId: "test",
         })

diff --git a/integration-tests/aws-sdk/setup.ts b/integration-tests/aws-sdk/setup.ts
@@ -16,6 +16,7 @@ import { CognitoServiceFactoryImpl } from "../../src/services/cognitoService";
 import { NoOpCache } from "../../src/services/dataStore/cache";
 import { StormDBDataStoreFactory } from "../../src/services/dataStore/stormDb";
 import { otp } from "../../src/services/otp";
+import { JwtTokenGenerator } from "../../src/services/tokenGenerator";
 import { UserPoolServiceFactoryImpl } from "../../src/services/userPoolService";
 import { Router } from "../../src/targets/router";
 
@@ -64,6 +65,11 @@ export const withCognitoSdk =
         messages: new MessagesService(triggers),
         otp,
         triggers,
+        tokenGenerator: new JwtTokenGenerator(
+          clock,
+          triggers,
+          DefaultConfig.TokenConfig
+        ),
       });
       const server = createServer(router, ctx.logger);
       httpServer = await server.start({

diff --git a/package.json b/package.json
@@ -53,8 +53,8 @@
     "prettier": "^2.5.0",
     "semantic-release": "^17.4.4",
     "supertest": "^4.0.2",
-    "ts-node": "^10.1.0",
-    "typescript": "^3.8.3"
+    "ts-node": "^10.4.0",
+    "typescript": "^4.5.2"
   },
   "dependencies": {
     "aws-sdk": "^2.953.0",

diff --git a/src/__tests__/mockTokenGenerator.ts b/src/__tests__/mockTokenGenerator.ts
@@ -0,0 +1,5 @@
+import { TokenGenerator } from "../services/tokenGenerator";
+
+export const newMockTokenGenerator = (): jest.Mocked<TokenGenerator> => ({
+  generate: jest.fn(),
+});
diff --git a/src/__tests__/mockTriggers.ts b/src/__tests__/mockTriggers.ts
@@ -6,5 +6,6 @@ export const newMockTriggers = (): jest.Mocked<Triggers> => ({
   postAuthentication: jest.fn(),
   postConfirmation: jest.fn(),
   preSignUp: jest.fn(),
+  preTokenGeneration: jest.fn(),
   userMigration: jest.fn(),
 });
diff --git a/src/server/config.ts b/src/server/config.ts
@@ -2,7 +2,7 @@ import { Context } from "../services/context";
 import { DataStoreFactory } from "../services/dataStore/factory";
 import { FunctionConfig } from "../services/lambda";
 import { UserPool } from "../services/userPoolService";
-import { TokenConfig } from "../services/tokens";
+import { TokenConfig } from "../services/tokenGenerator";
 import mergeWith from "lodash.mergewith";
 
 export type UserPoolDefaults = Omit<

diff --git a/src/server/defaults.ts b/src/server/defaults.ts
@@ -12,6 +12,7 @@ import { StormDBDataStoreFactory } from "../services/dataStore/stormDb";
 import { ConsoleMessageSender } from "../services/messageDelivery/consoleMessageSender";
 import { MessageDeliveryService } from "../services/messageDelivery/messageDelivery";
 import { otp } from "../services/otp";
+import { JwtTokenGenerator } from "../services/tokenGenerator";
 import { UserPoolServiceFactoryImpl } from "../services/userPoolService";
 import { Router } from "../targets/router";
 import { loadConfig } from "./config";
@@ -68,6 +69,11 @@ export const createDefaultServer = async (
       messageDelivery: new MessageDeliveryService(new ConsoleMessageSender()),
       messages: new MessagesService(triggers),
       otp,
+      tokenGenerator: new JwtTokenGenerator(
+        clock,
+        triggers,
+        config.TokenConfig
+      ),
       triggers,
     }),
     logger,

diff --git a/src/services/index.ts b/src/services/index.ts
@@ -1,6 +1,7 @@
 import { Config } from "../server/config";
 import { Clock } from "./clock";
 import { Messages } from "./messages";
+import { TokenGenerator } from "./tokenGenerator";
 import { Triggers } from "./triggers";
 import { MessageDelivery } from "./messageDelivery/messageDelivery";
 import { CognitoService } from "./cognitoService";
@@ -20,5 +21,6 @@ export interface Services {
   messageDelivery: MessageDelivery;
   messages: Messages;
   otp: () => string;
+  tokenGenerator: TokenGenerator;
   triggers: Triggers;
 }
diff --git a/src/services/lambda.test.ts b/src/services/lambda.test.ts
@@ -409,6 +409,67 @@ describe("Lambda function invoker", () => {
       });
     });
 
+    describe.each`
+      trigger              | source
+      ${"TokenGeneration"} | ${"TokenGeneration_AuthenticateDevice"}
+      ${"TokenGeneration"} | ${"TokenGeneration_Authentication"}
+      ${"TokenGeneration"} | ${"TokenGeneration_HostedAuth"}
+      ${"TokenGeneration"} | ${"TokenGeneration_NewPasswordChallenge"}
+      ${"TokenGeneration"} | ${"TokenGeneration_RefreshTokens"}
+    `("$source", ({ trigger, source }) => {
+      it("invokes the lambda", async () => {
+        const response = Promise.resolve({
+          StatusCode: 200,
+          Payload: '{ "some": "json" }',
+        });
+        mockLambdaClient.invoke.mockReturnValue({
+          promise: () => response,
+        } as any);
+        const lambda = new LambdaService(
+          {
+            [trigger]: "MyLambdaName",
+          },
+          mockLambdaClient
+        );
+
+        await lambda.invoke(TestContext, trigger, {
+          clientId: "clientId",
+          triggerSource: source,
+          username: "username",
+          userPoolId: "userPoolId",
+          userAttributes: {
+            user: "attributes",
+          },
+          clientMetadata: {
+            client: "metadata",
+          },
+        });
+
+        expect(mockLambdaClient.invoke).toHaveBeenCalledWith({
+          FunctionName: "MyLambdaName",
+          InvocationType: "RequestResponse",
+          Payload: expect.jsonMatching({
+            version: "0",
+            callerContext: { awsSdkVersion: version, clientId: "clientId" },
+            region: "local",
+            userPoolId: "userPoolId",
+            triggerSource: source,
+            request: {
+              userAttributes: {
+                user: "attributes",
+              },
+              clientMetadata: {
+                client: "metadata",
+              },
+              groupConfiguration: {},
+            },
+            response: { claimsOverrideDetails: {} },
+            userName: "username",
+          }),
+        });
+      });
+    });
+
     describe.each([
       "CustomMessage_SignUp",
       "CustomMessage_AdminCreateUser",