Closed pahud closed 2 weeks ago
Exemption Request
Exemption Request
Have you tested this by deploying to CFN?
@GavinZZ
Unfortunately I don't have a valid private_key for that. And there's no existing integ test for that as well so I am offering unit tests only.
8:07:08 PM | CREATE_FAILED | AWS::Cognito::UserPoolIdentityProvider | AppleIdentityProvider6271AB3B Provided private key cannot be used for Sign in with Apple. (Service: AWSCognitoIdentityProviderService; Status Code: 400; Error Code: InvalidParameterException; Request ID: b28d3b10-14ca-42bc-a288-e1db34e7d6e3; Proxy: null)
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).
Comments on closed issues and PRs are hard for our team to see. If you need help, please open a new issue that references this one.
Issue # (if applicable)
Closes https://github.com/aws/aws-cdk/issues/31378
Reason for this change
privateKey
was typedstring
which should beSecureValue
just as clientSecretValue in Google IdP. This PR deprecatesprivateKey
and addsprivateKeyValue
with correct type.apple.ts
was named by mistake and it won't be unit tested. This PR renames it toapple.test.ts
so it would be covered. Figured an existing test was failed, just fixed that failed one as well.Description of changes
privateKeyValue
property of type SecretValue to UserPoolIdentityProviderApplePropsprivateKey
string propertyprivateKey
orprivateKeyValue
is providedprivateKeyValue
when availableUsers must now provide either
privateKey
orprivateKeyValue
, but not both. This change enhances security by allowing the use of SecretValue for the Apple IDP private key.Description of how you validated changes
Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license