search

lgallard / terraform-aws-cognito-user-pool

Terraform module to create Amazon Cognito User Pools, configure its attributes and resources such as app clients, domain, resource servers. Amazon Cognito User Pools provide a secure user directory that scales to hundreds of millions of users.
Apache License 2.0
93 stars 99 forks source link

fix: support pre token customization lambda V2 #136

Closed Dogacel closed 7 months ago

Dogacel commented 8 months ago

This adds support for pre_token_generation_config which allows lambda to use V2 token customization.

@lgallard

lgallard commented 8 months ago

@Dogacel thanks for your PR. I'll ship it in the next release soon!

Dogacel commented 7 months ago

@lgallard trying to use this, I am getting 

│ Error: Too many pre_token_generation_config blocks
│
│   on .terraform/modules/cognito_user_pool/main.tf line 75, in resource "aws_cognito_user_pool" "pool":
│   75:         content {
│
│ No more than 1 "pre_token_generation_config" blocks are allowed
╵

I suspect this is due to having both pre_token_generation and config,

      pre_token_generation  = lookup(var.lambda_config, "pre_token_generation", var.lambda_config_pre_token_generation)
      dynamic "pre_token_generation_config" {
        for_each = lookup(var.lambda_config, "pre_token_generation_config", var.lambda_config_pre_token_generation_config)
        content {
          lambda_arn     = lookup(lookup(var.lambda_config, "pre_token_generation_config", var.lambda_config_pre_token_generation_config), "lambda_arn", null)
          lambda_version = lookup(lookup(var.lambda_config, "pre_token_generation_config", var.lambda_config_pre_token_generation_config), "lambda_version", null)
        }
      }

Because I am pretty sure this is only a single config,

    pre_token_generation_config = {
      lambda_arn     = data.aws_lambda_function.cognito_access_token_customization.arn
      lambda_version = "V2_0"
    }

Is there a way we can conditionally not generate pre_token_generation if config doesn't exist?

lgallard commented 7 months ago

@Dogacel can you test this PR https://github.com/lgallard/terraform-aws-cognito-user-pool/pull/139 ?

Dogacel commented 7 months ago

@Dogacel can you test this PR #139 ?

Sorry I was busy with meetings and missed the notification 😞 Checking now.

lgallard commented 7 months ago

@Dogacel I released 0.27.2 which has another fix just in case!!

Dogacel commented 7 months ago

@lgallard Just realized another bug and opened a PR to fix it:

This time I found out how I can test this.

Please LMK if anything further needs to be done 🙂