moto/tests/test_cognitoidentity/test_cognitoidentity.py

259 lines
9.2 KiB
Python
Raw Normal View History

import os
from datetime import datetime
from unittest import SkipTest, mock
from uuid import UUID
import boto3
import pytest
from botocore.exceptions import ClientError
2018-04-03 21:08:20 +00:00
2024-01-07 12:03:33 +00:00
from moto import mock_aws, settings
from moto.cognitoidentity.utils import get_random_identity_id
2022-08-13 09:49:43 +00:00
from moto.core import DEFAULT_ACCOUNT_ID as ACCOUNT_ID
from moto.core import set_initial_no_auth_action_count
2019-12-17 02:25:20 +00:00
2024-01-07 12:03:33 +00:00
@mock_aws
@pytest.mark.parametrize("name", ["pool#name", "with!excl", "with?quest"])
def test_create_identity_pool_invalid_name(name):
conn = boto3.client("cognito-identity", "us-west-2")
with pytest.raises(ClientError) as exc:
conn.create_identity_pool(
IdentityPoolName=name, AllowUnauthenticatedIdentities=False
)
err = exc.value.response["Error"]
assert err["Code"] == "ValidationException"
assert (
err["Message"]
== f"1 validation error detected: Value '{name}' at 'identityPoolName' failed to satisfy constraint: Member must satisfy regular expression pattern: [\\w\\s+=,.@-]+"
)
2024-01-07 12:03:33 +00:00
@mock_aws
@pytest.mark.parametrize("name", ["x", "pool-", "pool_name", "with space"])
def test_create_identity_pool_valid_name(name):
conn = boto3.client("cognito-identity", "us-west-2")
conn.create_identity_pool(
IdentityPoolName=name, AllowUnauthenticatedIdentities=False
)
2024-01-07 12:03:33 +00:00
@mock_aws
def test_create_identity_pool():
2019-10-31 15:44:26 +00:00
conn = boto3.client("cognito-identity", "us-west-2")
2019-10-31 15:44:26 +00:00
result = conn.create_identity_pool(
IdentityPoolName="TestPool",
2018-04-03 21:08:20 +00:00
AllowUnauthenticatedIdentities=False,
2019-10-31 15:44:26 +00:00
SupportedLoginProviders={"graph.facebook.com": "123456789012345"},
DeveloperProviderName="devname",
OpenIdConnectProviderARNs=[f"arn:aws:rds:eu-west-2:{ACCOUNT_ID}:db:mysql-db"],
CognitoIdentityProviders=[
{
2019-10-31 15:44:26 +00:00
"ProviderName": "testprovider",
"ClientId": "CLIENT12345",
"ServerSideTokenCheck": True,
}
],
SamlProviderARNs=[f"arn:aws:rds:eu-west-2:{ACCOUNT_ID}:db:mysql-db"],
2019-10-31 15:44:26 +00:00
)
assert result["IdentityPoolId"] != ""
2018-04-03 21:08:20 +00:00
2024-01-07 12:03:33 +00:00
@mock_aws
2019-09-01 15:38:33 +00:00
def test_describe_identity_pool():
2019-10-31 15:44:26 +00:00
conn = boto3.client("cognito-identity", "us-west-2")
2019-09-01 15:38:33 +00:00
2019-10-31 15:44:26 +00:00
res = conn.create_identity_pool(
IdentityPoolName="TestPool",
2019-09-01 15:38:33 +00:00
AllowUnauthenticatedIdentities=False,
2019-10-31 15:44:26 +00:00
SupportedLoginProviders={"graph.facebook.com": "123456789012345"},
DeveloperProviderName="devname",
OpenIdConnectProviderARNs=[f"arn:aws:rds:eu-west-2:{ACCOUNT_ID}:db:mysql-db"],
2019-09-01 15:38:33 +00:00
CognitoIdentityProviders=[
{
2019-10-31 15:44:26 +00:00
"ProviderName": "testprovider",
"ClientId": "CLIENT12345",
"ServerSideTokenCheck": True,
}
2019-09-01 15:38:33 +00:00
],
SamlProviderARNs=[f"arn:aws:rds:eu-west-2:{ACCOUNT_ID}:db:mysql-db"],
2019-10-31 15:44:26 +00:00
)
2019-09-01 15:38:33 +00:00
2019-10-31 15:44:26 +00:00
result = conn.describe_identity_pool(IdentityPoolId=res["IdentityPoolId"])
2019-09-01 15:38:33 +00:00
2019-10-31 15:44:26 +00:00
assert result["IdentityPoolId"] == res["IdentityPoolId"]
assert (
result["AllowUnauthenticatedIdentities"]
== res["AllowUnauthenticatedIdentities"]
)
assert result["SupportedLoginProviders"] == res["SupportedLoginProviders"]
assert result["DeveloperProviderName"] == res["DeveloperProviderName"]
assert result["OpenIdConnectProviderARNs"] == res["OpenIdConnectProviderARNs"]
assert result["CognitoIdentityProviders"] == res["CognitoIdentityProviders"]
assert result["SamlProviderARNs"] == res["SamlProviderARNs"]
2019-09-01 15:38:33 +00:00
2021-07-28 10:17:15 +00:00
@pytest.mark.parametrize(
"key,initial_value,updated_value",
[
(
"SupportedLoginProviders",
{"graph.facebook.com": "123456789012345"},
{"graph.facebook.com": "123456789012345", "graph.google.com": "00000000"},
),
("SupportedLoginProviders", {"graph.facebook.com": "123456789012345"}, {}),
("DeveloperProviderName", "dev1", "dev2"),
],
)
2024-01-07 12:03:33 +00:00
@mock_aws
2021-07-28 10:17:15 +00:00
def test_update_identity_pool(key, initial_value, updated_value):
conn = boto3.client("cognito-identity", "us-west-2")
res = conn.create_identity_pool(
IdentityPoolName="TestPool",
AllowUnauthenticatedIdentities=False,
**dict({key: initial_value}),
)
first = conn.describe_identity_pool(IdentityPoolId=res["IdentityPoolId"])
assert first[key] == initial_value
2021-07-28 10:17:15 +00:00
response = conn.update_identity_pool(
IdentityPoolId=res["IdentityPoolId"],
IdentityPoolName="TestPool",
AllowUnauthenticatedIdentities=False,
**dict({key: updated_value}),
)
assert response[key] == updated_value
2021-07-28 10:17:15 +00:00
second = conn.describe_identity_pool(IdentityPoolId=res["IdentityPoolId"])
assert second[key] == response[key]
2021-07-28 10:17:15 +00:00
2024-01-07 12:03:33 +00:00
@mock_aws
2019-09-01 15:38:33 +00:00
def test_describe_identity_pool_with_invalid_id_raises_error():
2019-10-31 15:44:26 +00:00
conn = boto3.client("cognito-identity", "us-west-2")
with pytest.raises(ClientError) as cm:
2019-10-31 15:44:26 +00:00
conn.describe_identity_pool(IdentityPoolId="us-west-2_non-existent")
2019-09-01 15:38:33 +00:00
assert cm.value.operation_name == "DescribeIdentityPool"
assert cm.value.response["Error"]["Code"] == "ResourceNotFoundException"
assert cm.value.response["Error"]["Message"] == "us-west-2_non-existent"
assert cm.value.response["ResponseMetadata"]["HTTPStatusCode"] == 400
2019-09-01 15:38:33 +00:00
# testing a helper function
def test_get_random_identity_id():
identity_id = get_random_identity_id("us-west-2")
2021-10-18 19:44:29 +00:00
region, identity_id = identity_id.split(":")
assert region == "us-west-2"
2021-10-18 19:44:29 +00:00
UUID(identity_id, version=4) # Will throw an error if it's not a valid UUID
2024-01-07 12:03:33 +00:00
@mock_aws
# Verify we can call this operation without Authentication
@set_initial_no_auth_action_count(1)
def test_get_id():
2019-10-31 15:44:26 +00:00
conn = boto3.client("cognito-identity", "us-west-2")
identity_pool_data = conn.create_identity_pool(
IdentityPoolName="test_identity_pool", AllowUnauthenticatedIdentities=True
)
2019-10-31 15:44:26 +00:00
result = conn.get_id(
AccountId="someaccount",
IdentityPoolId=identity_pool_data["IdentityPoolId"],
2019-10-31 15:44:26 +00:00
Logins={"someurl": "12345"},
)
assert result.get("IdentityId").startswith("us-west-2")
2024-01-07 12:03:33 +00:00
@mock_aws
@mock.patch.dict(os.environ, {"AWS_DEFAULT_REGION": "any-region"})
@mock.patch.dict(os.environ, {"MOTO_ALLOW_NONEXISTENT_REGION": "trUe"})
def test_get_id__unknown_region():
if settings.TEST_SERVER_MODE:
raise SkipTest("Cannot set environemnt variables in ServerMode")
conn = boto3.client("cognito-identity")
identity_pool_data = conn.create_identity_pool(
IdentityPoolName="test_identity_pool", AllowUnauthenticatedIdentities=True
2019-10-31 15:44:26 +00:00
)
result = conn.get_id(
AccountId="someaccount",
IdentityPoolId=identity_pool_data["IdentityPoolId"],
Logins={"someurl": "12345"},
)
assert result.get("IdentityId").startswith("any-region")
2018-04-03 21:08:20 +00:00
2024-01-07 12:03:33 +00:00
@mock_aws
def test_get_credentials_for_identity():
2019-10-31 15:44:26 +00:00
conn = boto3.client("cognito-identity", "us-west-2")
result = conn.get_credentials_for_identity(IdentityId="12345")
assert isinstance(result["Credentials"]["Expiration"], datetime)
assert result.get("IdentityId") == "12345"
2018-04-03 21:08:20 +00:00
2024-01-07 12:03:33 +00:00
@mock_aws
def test_get_open_id_token_for_developer_identity():
2019-10-31 15:44:26 +00:00
conn = boto3.client("cognito-identity", "us-west-2")
result = conn.get_open_id_token_for_developer_identity(
2019-10-31 15:44:26 +00:00
IdentityPoolId="us-west-2:12345",
IdentityId="12345",
Logins={"someurl": "12345"},
TokenDuration=123,
)
2019-10-31 15:44:26 +00:00
assert len(result["Token"]) > 0
assert result["IdentityId"] == "12345"
2018-10-09 17:28:15 +00:00
2019-09-01 15:38:33 +00:00
2024-01-07 12:03:33 +00:00
@mock_aws
2018-10-09 17:28:15 +00:00
def test_get_open_id_token_for_developer_identity_when_no_explicit_identity_id():
2019-10-31 15:44:26 +00:00
conn = boto3.client("cognito-identity", "us-west-2")
2018-10-09 17:28:15 +00:00
result = conn.get_open_id_token_for_developer_identity(
2019-10-31 15:44:26 +00:00
IdentityPoolId="us-west-2:12345", Logins={"someurl": "12345"}, TokenDuration=123
2018-10-09 17:28:15 +00:00
)
2019-10-31 15:44:26 +00:00
assert len(result["Token"]) > 0
assert len(result["IdentityId"]) > 0
2019-09-01 15:38:33 +00:00
2024-01-07 12:03:33 +00:00
@mock_aws
@set_initial_no_auth_action_count(0)
def test_get_open_id_token():
2019-10-31 15:44:26 +00:00
conn = boto3.client("cognito-identity", "us-west-2")
result = conn.get_open_id_token(IdentityId="12345", Logins={"someurl": "12345"})
assert len(result["Token"]) > 0
assert result["IdentityId"] == "12345"
2024-01-07 12:03:33 +00:00
@mock_aws
def test_list_identities():
conn = boto3.client("cognito-identity", "us-west-2")
identity_pool_data = conn.create_identity_pool(
IdentityPoolName="test_identity_pool", AllowUnauthenticatedIdentities=True
)
identity_pool_id = identity_pool_data["IdentityPoolId"]
identity_data = conn.get_id(
AccountId="someaccount",
IdentityPoolId=identity_pool_id,
Logins={"someurl": "12345"},
)
identity_id = identity_data["IdentityId"]
identities = conn.list_identities(IdentityPoolId=identity_pool_id, MaxResults=123)
assert "IdentityPoolId" in identities and "Identities" in identities
assert identity_id in [x["IdentityId"] for x in identities["Identities"]]
2024-01-07 12:03:33 +00:00
@mock_aws
def test_list_identity_pools():
conn = boto3.client("cognito-identity", "us-west-2")
identity_pool_data = conn.create_identity_pool(
IdentityPoolName="test_identity_pool", AllowUnauthenticatedIdentities=True
)
identity_pool_id = identity_pool_data["IdentityPoolId"]
identity_data = conn.list_identity_pools(MaxResults=10)
assert identity_pool_id == identity_data["IdentityPools"][0]["IdentityPoolId"]
assert "test_identity_pool" == identity_data["IdentityPools"][0]["IdentityPoolName"]