Open tannerabread opened 1 year ago
Hey @tannerabread, was able to find a workaround by using the following.
import { AmplifyAuthCognitoStackTemplate } from "@aws-amplify/cli-extensibility-helper";
export function override(resources: AmplifyAuthCognitoStackTemplate) {
resources.addCfnResource(
{
type: "AWS::Cognito::UserPoolIdentityProvider",
properties: {
UserPoolId: { Ref: "UserPool" },
ProviderName: "Azure",
ProviderDetails: {
MetadataURL:
"<microsoft url>",
},
ProviderType: "SAML",
AttributeMapping: {
email:
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
},
IdpIdentifiers: ["Azure"],
},
},
"Azure"
);
resources.userPoolClient.supportedIdentityProviders = [
"LoginWithAmazon",
"Azure",
];
resources.userPoolClient.logoutUrLs = [
"http://localhost:3000/",
];
resources.userPoolClient.callbackUrLs = [
"http://localhost:3000/",
];
resources.userPoolClient.allowedOAuthFlows = ["code"];
resources.userPoolClient.allowedOAuthScopes = ["openid", "email", "profile"];
resources.userPoolClient.allowedOAuthFlowsUserPoolClient = true;
}
Needed to push azure
resource first then push the other resources next.
observed when using ...resources.userPoolClient.supportedIdentityProviders
to append to resource it fails with an iterable error and observed the attribute value was undefined
.
Marking as bug.
Would be good if addCfnResource
returned a reference to the CfnResource created, so it could be used in addDependency
calls, like so:
import { AmplifyAuthCognitoStackTemplate, AmplifyProjectInfo } from '@aws-amplify/cli-extensibility-helper';
export function override(resources: AmplifyAuthCognitoStackTemplate, amplifyProjectInfo: AmplifyProjectInfo) {
const my_sso = resources.addCfnResource({
type: "AWS::Cognito::UserPoolIdentityProvider",
properties: {
AttributeMapping: { [...] },
ProviderName: "MySSO",
}
}, "new-social-provider");
resources.userPoolClientWeb.supportedIdentityProviders = [ "MySSO" ];
resources.userPoolClientWeb.addDependency(my_sso);
}
Today this is not possible because resources.addCfnResource
returns void... 👎
How did you install the Amplify CLI?
npm
If applicable, what version of Node.js are you using?
16.18..1
Amplify CLI Version
10.7.3
What operating system are you using?
Mac
Did you make any manual changes to the cloud resources managed by Amplify? Please describe the changes made.
No manual changes, but other overrides in the same file
Describe the bug
I am trying to add a SAML provider to my cognito user pool after running
amplify override auth
, which works great with the following code:The problem then comes in when I try to add the new SAML provider to the User Pool Clients (regular and web) to add the new SAML option to the Hosted UI.
I have tried with the following:
I have logged
resources.userPoolClient
and it returns the following, noting theundefined
in the originalsupportedIdentityProviders
:Expected behavior
I expected to be able to do one of the previous methods for overriding, either customizing directly as shown in the docs, or using the
addPropertyOverride
method.This instead removes all settings other than the newly added supported provider. See the screenshots below for the comparison:
Original, before trying to override
New, after overriding
Reproduction steps
amplify add auth
, add a provider such as googleamplify push
amplify override auth
supportedIdentityProviders
field on eitheruserPoolClient
oruserPoolClientWeb
Project Identifier
No response
Log output
Additional information
No response
Before submitting, please confirm: