2018-03-28 19:40:42 +00:00
import boto3
2022-12-09 12:47:09 +00:00
import mock
2021-10-18 19:44:29 +00:00
import sure # noqa # pylint: disable=unused-import
2019-09-01 15:38:33 +00:00
from botocore . exceptions import ClientError
2022-12-09 12:47:09 +00:00
from datetime import datetime
2020-10-06 05:54:49 +00:00
import pytest
2022-12-09 12:47:09 +00:00
import os
2018-04-03 21:08:20 +00:00
2022-12-09 12:47:09 +00:00
from moto import mock_cognitoidentity , settings
2018-04-03 23:27:30 +00:00
from moto . cognitoidentity . utils import get_random_identity_id
2022-08-13 09:49:43 +00:00
from moto . core import DEFAULT_ACCOUNT_ID as ACCOUNT_ID
2022-12-09 12:47:09 +00:00
from unittest import SkipTest
2020-04-04 13:09:38 +00:00
from uuid import UUID
2018-04-03 18:38:59 +00:00
2019-12-17 02:25:20 +00:00
2021-10-14 22:20:56 +00:00
@mock_cognitoidentity
@pytest.mark.parametrize ( " name " , [ " pool#name " , " with!excl " , " with?quest " ] )
def test_create_identity_pool_invalid_name ( name ) :
conn = boto3 . client ( " cognito-identity " , " us-west-2 " )
with pytest . raises ( ClientError ) as exc :
conn . create_identity_pool (
IdentityPoolName = name , AllowUnauthenticatedIdentities = False
)
err = exc . value . response [ " Error " ]
err [ " Code " ] . should . equal ( " ValidationException " )
err [ " Message " ] . should . equal (
f " 1 validation error detected: Value ' { name } ' at ' identityPoolName ' failed to satisfy constraint: Member must satisfy regular expression pattern: [ \\ w \\ s+=,.@-]+ "
)
@mock_cognitoidentity
@pytest.mark.parametrize ( " name " , [ " x " , " pool- " , " pool_name " , " with space " ] )
def test_create_identity_pool_valid_name ( name ) :
conn = boto3 . client ( " cognito-identity " , " us-west-2 " )
conn . create_identity_pool (
IdentityPoolName = name , AllowUnauthenticatedIdentities = False
)
2018-04-03 18:38:59 +00:00
@mock_cognitoidentity
def test_create_identity_pool ( ) :
conn = boto3 . client ( " cognito-identity " , " us-west-2 " )
result = conn . create_identity_pool (
IdentityPoolName = " TestPool " ,
2018-04-03 21:08:20 +00:00
AllowUnauthenticatedIdentities = False ,
SupportedLoginProviders = { " graph.facebook.com " : " 123456789012345 " } ,
2018-04-03 18:38:59 +00:00
DeveloperProviderName = " devname " ,
2022-11-17 22:41:08 +00:00
OpenIdConnectProviderARNs = [ f " arn:aws:rds:eu-west-2: { ACCOUNT_ID } :db:mysql-db " ] ,
2018-04-03 18:38:59 +00:00
CognitoIdentityProviders = [
{
" ProviderName " : " testprovider " ,
" ClientId " : " CLIENT12345 " ,
" ServerSideTokenCheck " : True ,
2018-03-28 19:40:42 +00:00
}
2018-04-03 18:38:59 +00:00
] ,
2022-11-17 22:41:08 +00:00
SamlProviderARNs = [ f " arn:aws:rds:eu-west-2: { ACCOUNT_ID } :db:mysql-db " ] ,
2018-04-03 21:08:20 +00:00
)
2018-04-03 18:38:59 +00:00
assert result [ " IdentityPoolId " ] != " "
2018-04-03 21:08:20 +00:00
2019-09-01 15:38:33 +00:00
@mock_cognitoidentity
def test_describe_identity_pool ( ) :
conn = boto3 . client ( " cognito-identity " , " us-west-2 " )
res = conn . create_identity_pool (
IdentityPoolName = " TestPool " ,
AllowUnauthenticatedIdentities = False ,
SupportedLoginProviders = { " graph.facebook.com " : " 123456789012345 " } ,
DeveloperProviderName = " devname " ,
2022-11-17 22:41:08 +00:00
OpenIdConnectProviderARNs = [ f " arn:aws:rds:eu-west-2: { ACCOUNT_ID } :db:mysql-db " ] ,
2019-09-01 15:38:33 +00:00
CognitoIdentityProviders = [
{
" ProviderName " : " testprovider " ,
" ClientId " : " CLIENT12345 " ,
" ServerSideTokenCheck " : True ,
}
] ,
2022-11-17 22:41:08 +00:00
SamlProviderARNs = [ f " arn:aws:rds:eu-west-2: { ACCOUNT_ID } :db:mysql-db " ] ,
2019-09-01 15:38:33 +00:00
)
result = conn . describe_identity_pool ( IdentityPoolId = res [ " IdentityPoolId " ] )
assert result [ " IdentityPoolId " ] == res [ " IdentityPoolId " ]
assert (
result [ " AllowUnauthenticatedIdentities " ]
== res [ " AllowUnauthenticatedIdentities " ]
2019-10-31 15:44:26 +00:00
)
2019-09-01 15:38:33 +00:00
assert result [ " SupportedLoginProviders " ] == res [ " SupportedLoginProviders " ]
assert result [ " DeveloperProviderName " ] == res [ " DeveloperProviderName " ]
assert result [ " OpenIdConnectProviderARNs " ] == res [ " OpenIdConnectProviderARNs " ]
assert result [ " CognitoIdentityProviders " ] == res [ " CognitoIdentityProviders " ]
assert result [ " SamlProviderARNs " ] == res [ " SamlProviderARNs " ]
2021-07-28 10:17:15 +00:00
@pytest.mark.parametrize (
" key,initial_value,updated_value " ,
[
(
" SupportedLoginProviders " ,
{ " graph.facebook.com " : " 123456789012345 " } ,
{ " graph.facebook.com " : " 123456789012345 " , " graph.google.com " : " 00000000 " } ,
) ,
( " SupportedLoginProviders " , { " graph.facebook.com " : " 123456789012345 " } , { } ) ,
( " DeveloperProviderName " , " dev1 " , " dev2 " ) ,
] ,
)
@mock_cognitoidentity
def test_update_identity_pool ( key , initial_value , updated_value ) :
conn = boto3 . client ( " cognito-identity " , " us-west-2 " )
res = conn . create_identity_pool (
IdentityPoolName = " TestPool " ,
AllowUnauthenticatedIdentities = False ,
* * dict ( { key : initial_value } ) ,
)
first = conn . describe_identity_pool ( IdentityPoolId = res [ " IdentityPoolId " ] )
first [ key ] . should . equal ( initial_value )
response = conn . update_identity_pool (
IdentityPoolId = res [ " IdentityPoolId " ] ,
IdentityPoolName = " TestPool " ,
AllowUnauthenticatedIdentities = False ,
* * dict ( { key : updated_value } ) ,
)
response [ key ] . should . equal ( updated_value )
second = conn . describe_identity_pool ( IdentityPoolId = res [ " IdentityPoolId " ] )
second [ key ] . should . equal ( response [ key ] )
2019-09-01 15:38:33 +00:00
@mock_cognitoidentity
def test_describe_identity_pool_with_invalid_id_raises_error ( ) :
conn = boto3 . client ( " cognito-identity " , " us-west-2 " )
2020-10-06 05:54:49 +00:00
with pytest . raises ( ClientError ) as cm :
2019-09-01 15:38:33 +00:00
conn . describe_identity_pool ( IdentityPoolId = " us-west-2_non-existent " )
2021-01-10 13:26:40 +00:00
cm . value . operation_name . should . equal ( " DescribeIdentityPool " )
cm . value . response [ " Error " ] [ " Code " ] . should . equal ( " ResourceNotFoundException " )
cm . value . response [ " Error " ] [ " Message " ] . should . equal ( " us-west-2_non-existent " )
cm . value . response [ " ResponseMetadata " ] [ " HTTPStatusCode " ] . should . equal ( 400 )
2019-09-01 15:38:33 +00:00
2018-04-03 23:27:30 +00:00
# testing a helper function
def test_get_random_identity_id ( ) :
2020-04-04 13:09:38 +00:00
identity_id = get_random_identity_id ( " us-west-2 " )
2021-10-18 19:44:29 +00:00
region , identity_id = identity_id . split ( " : " )
2020-04-04 13:09:38 +00:00
region . should . equal ( " us-west-2 " )
2021-10-18 19:44:29 +00:00
UUID ( identity_id , version = 4 ) # Will throw an error if it's not a valid UUID
2018-04-03 23:27:30 +00:00
2018-04-03 18:38:59 +00:00
@mock_cognitoidentity
def test_get_id ( ) :
conn = boto3 . client ( " cognito-identity " , " us-west-2 " )
2021-11-05 13:17:30 +00:00
identity_pool_data = conn . create_identity_pool (
IdentityPoolName = " test_identity_pool " , AllowUnauthenticatedIdentities = True
)
2018-04-03 18:38:59 +00:00
result = conn . get_id (
AccountId = " someaccount " ,
2021-11-05 13:17:30 +00:00
IdentityPoolId = identity_pool_data [ " IdentityPoolId " ] ,
2018-04-03 21:08:20 +00:00
Logins = { " someurl " : " 12345 " } ,
2018-04-03 18:38:59 +00:00
)
2022-12-09 12:47:09 +00:00
assert result . get ( " IdentityId " ) . startswith ( " us-west-2 " )
@mock_cognitoidentity
@mock.patch.dict ( os . environ , { " AWS_DEFAULT_REGION " : " any-region " } )
@mock.patch.dict ( os . environ , { " MOTO_ALLOW_NONEXISTENT_REGION " : " trUe " } )
def test_get_id__unknown_region ( ) :
if settings . TEST_SERVER_MODE :
raise SkipTest ( " Cannot set environemnt variables in ServerMode " )
conn = boto3 . client ( " cognito-identity " )
identity_pool_data = conn . create_identity_pool (
IdentityPoolName = " test_identity_pool " , AllowUnauthenticatedIdentities = True
2019-09-01 15:38:33 +00:00
)
2022-12-09 12:47:09 +00:00
result = conn . get_id (
AccountId = " someaccount " ,
IdentityPoolId = identity_pool_data [ " IdentityPoolId " ] ,
Logins = { " someurl " : " 12345 " } ,
)
assert result . get ( " IdentityId " ) . startswith ( " any-region " )
2018-04-03 18:38:59 +00:00
2018-04-03 21:08:20 +00:00
2018-04-03 18:38:59 +00:00
@mock_cognitoidentity
def test_get_credentials_for_identity ( ) :
conn = boto3 . client ( " cognito-identity " , " us-west-2 " )
result = conn . get_credentials_for_identity ( IdentityId = " 12345 " )
2018-04-03 23:27:30 +00:00
2022-12-09 12:47:09 +00:00
result [ " Credentials " ] . get ( " Expiration " ) . should . be . a ( datetime )
result . get ( " IdentityId " ) . should . equal ( " 12345 " )
2018-04-03 18:38:59 +00:00
2018-04-03 21:08:20 +00:00
2018-04-03 18:38:59 +00:00
@mock_cognitoidentity
def test_get_open_id_token_for_developer_identity ( ) :
conn = boto3 . client ( " cognito-identity " , " us-west-2 " )
result = conn . get_open_id_token_for_developer_identity (
IdentityPoolId = " us-west-2:12345 " ,
IdentityId = " 12345 " ,
Logins = { " someurl " : " 12345 " } ,
TokenDuration = 123 ,
)
2019-07-16 03:20:31 +00:00
assert len ( result [ " Token " ] ) > 0
2018-04-03 18:38:59 +00:00
assert result [ " IdentityId " ] == " 12345 "
2018-10-09 17:28:15 +00:00
2019-09-01 15:38:33 +00:00
2018-10-09 17:28:15 +00:00
@mock_cognitoidentity
def test_get_open_id_token_for_developer_identity_when_no_explicit_identity_id ( ) :
conn = boto3 . client ( " cognito-identity " , " us-west-2 " )
result = conn . get_open_id_token_for_developer_identity (
IdentityPoolId = " us-west-2:12345 " , Logins = { " someurl " : " 12345 " } , TokenDuration = 123
)
assert len ( result [ " Token " ] ) > 0
assert len ( result [ " IdentityId " ] ) > 0
2019-07-16 03:20:31 +00:00
2019-09-01 15:38:33 +00:00
2019-07-16 03:20:31 +00:00
@mock_cognitoidentity
def test_get_open_id_token ( ) :
conn = boto3 . client ( " cognito-identity " , " us-west-2 " )
result = conn . get_open_id_token ( IdentityId = " 12345 " , Logins = { " someurl " : " 12345 " } )
assert len ( result [ " Token " ] ) > 0
assert result [ " IdentityId " ] == " 12345 "
2021-11-05 13:17:30 +00:00
@mock_cognitoidentity
def test_list_identities ( ) :
conn = boto3 . client ( " cognito-identity " , " us-west-2 " )
identity_pool_data = conn . create_identity_pool (
IdentityPoolName = " test_identity_pool " , AllowUnauthenticatedIdentities = True
)
identity_pool_id = identity_pool_data [ " IdentityPoolId " ]
identity_data = conn . get_id (
AccountId = " someaccount " ,
IdentityPoolId = identity_pool_id ,
Logins = { " someurl " : " 12345 " } ,
)
identity_id = identity_data [ " IdentityId " ]
identities = conn . list_identities ( IdentityPoolId = identity_pool_id , MaxResults = 123 )
assert " IdentityPoolId " in identities and " Identities " in identities
assert identity_id in [ x [ " IdentityId " ] for x in identities [ " Identities " ] ]