2018-05-02 21:13:12 +00:00
|
|
|
import json
|
|
|
|
|
import os
|
2021-10-11 22:31:40 +00:00
|
|
|
import re
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
from moto.core.responses import BaseResponse
|
2020-09-01 08:20:31 +00:00
|
|
|
from .models import cognitoidp_backends, find_region_by_value, UserStatus
|
2021-05-06 16:59:04 +00:00
|
|
|
from .exceptions import InvalidParameterException
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
class CognitoIdpResponse(BaseResponse):
|
|
|
|
|
@property
|
|
|
|
|
def parameters(self):
|
|
|
|
|
return json.loads(self.body)
|
|
|
|
|
|
|
|
|
|
# User pool
|
|
|
|
|
def create_user_pool(self):
|
|
|
|
|
name = self.parameters.pop("PoolName")
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool = cognitoidp_backends[self.region].create_user_pool(
|
|
|
|
|
name, self.parameters
|
|
|
|
|
)
|
|
|
|
|
return json.dumps({"UserPool": user_pool.to_json(extended=True)})
|
2018-05-02 21:13:12 +00:00
|
|
|
|
2021-05-06 16:59:04 +00:00
|
|
|
def set_user_pool_mfa_config(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
sms_config = self._get_param("SmsMfaConfiguration", None)
|
|
|
|
|
token_config = self._get_param("SoftwareTokenMfaConfiguration", None)
|
|
|
|
|
mfa_config = self._get_param("MfaConfiguration")
|
|
|
|
|
|
|
|
|
|
if mfa_config not in ["ON", "OFF", "OPTIONAL"]:
|
|
|
|
|
raise InvalidParameterException(
|
|
|
|
|
"[MfaConfiguration] must be one of 'ON', 'OFF', or 'OPTIONAL'."
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
if mfa_config in ["ON", "OPTIONAL"]:
|
|
|
|
|
if sms_config is None and token_config is None:
|
|
|
|
|
raise InvalidParameterException(
|
|
|
|
|
"At least one of [SmsMfaConfiguration] or [SoftwareTokenMfaConfiguration] must be provided."
|
|
|
|
|
)
|
|
|
|
|
if sms_config is not None:
|
|
|
|
|
if "SmsConfiguration" not in sms_config:
|
|
|
|
|
raise InvalidParameterException(
|
|
|
|
|
"[SmsConfiguration] is a required member of [SoftwareTokenMfaConfiguration]."
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
response = cognitoidp_backends[self.region].set_user_pool_mfa_config(
|
|
|
|
|
user_pool_id, sms_config, token_config, mfa_config
|
|
|
|
|
)
|
|
|
|
|
return json.dumps(response)
|
|
|
|
|
|
|
|
|
|
def get_user_pool_mfa_config(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
response = cognitoidp_backends[self.region].get_user_pool_mfa_config(
|
|
|
|
|
user_pool_id
|
|
|
|
|
)
|
|
|
|
|
return json.dumps(response)
|
|
|
|
|
|
2018-05-02 21:13:12 +00:00
|
|
|
def list_user_pools(self):
|
2018-10-24 14:10:28 +00:00
|
|
|
max_results = self._get_param("MaxResults")
|
2021-10-09 20:18:13 +00:00
|
|
|
next_token = self._get_param("NextToken")
|
2018-10-24 14:10:28 +00:00
|
|
|
user_pools, next_token = cognitoidp_backends[self.region].list_user_pools(
|
|
|
|
|
max_results=max_results, next_token=next_token
|
|
|
|
|
)
|
2019-10-31 15:44:26 +00:00
|
|
|
response = {"UserPools": [user_pool.to_json() for user_pool in user_pools]}
|
2018-10-24 14:10:28 +00:00
|
|
|
if next_token:
|
|
|
|
|
response["NextToken"] = str(next_token)
|
|
|
|
|
return json.dumps(response)
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def describe_user_pool(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
user_pool = cognitoidp_backends[self.region].describe_user_pool(user_pool_id)
|
2019-10-31 15:44:26 +00:00
|
|
|
return json.dumps({"UserPool": user_pool.to_json(extended=True)})
|
2018-05-02 21:13:12 +00:00
|
|
|
|
2021-10-19 09:18:52 +00:00
|
|
|
def update_user_pool(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
cognitoidp_backends[self.region].update_user_pool(user_pool_id, self.parameters)
|
|
|
|
|
|
2018-05-02 21:13:12 +00:00
|
|
|
def delete_user_pool(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
cognitoidp_backends[self.region].delete_user_pool(user_pool_id)
|
|
|
|
|
return ""
|
|
|
|
|
|
|
|
|
|
# User pool domain
|
|
|
|
|
def create_user_pool_domain(self):
|
|
|
|
|
domain = self._get_param("Domain")
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
2019-07-16 03:09:13 +00:00
|
|
|
custom_domain_config = self._get_param("CustomDomainConfig")
|
|
|
|
|
user_pool_domain = cognitoidp_backends[self.region].create_user_pool_domain(
|
|
|
|
|
user_pool_id, domain, custom_domain_config
|
|
|
|
|
)
|
|
|
|
|
domain_description = user_pool_domain.to_json(extended=False)
|
|
|
|
|
if domain_description:
|
|
|
|
|
return json.dumps(domain_description)
|
2018-05-02 21:13:12 +00:00
|
|
|
return ""
|
|
|
|
|
|
|
|
|
|
def describe_user_pool_domain(self):
|
|
|
|
|
domain = self._get_param("Domain")
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool_domain = cognitoidp_backends[self.region].describe_user_pool_domain(
|
|
|
|
|
domain
|
|
|
|
|
)
|
2018-05-02 21:13:12 +00:00
|
|
|
domain_description = {}
|
|
|
|
|
if user_pool_domain:
|
|
|
|
|
domain_description = user_pool_domain.to_json()
|
|
|
|
|
|
2019-10-31 15:44:26 +00:00
|
|
|
return json.dumps({"DomainDescription": domain_description})
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def delete_user_pool_domain(self):
|
|
|
|
|
domain = self._get_param("Domain")
|
|
|
|
|
cognitoidp_backends[self.region].delete_user_pool_domain(domain)
|
|
|
|
|
return ""
|
|
|
|
|
|
2019-07-16 03:09:13 +00:00
|
|
|
def update_user_pool_domain(self):
|
|
|
|
|
domain = self._get_param("Domain")
|
|
|
|
|
custom_domain_config = self._get_param("CustomDomainConfig")
|
|
|
|
|
user_pool_domain = cognitoidp_backends[self.region].update_user_pool_domain(
|
|
|
|
|
domain, custom_domain_config
|
|
|
|
|
)
|
|
|
|
|
domain_description = user_pool_domain.to_json(extended=False)
|
|
|
|
|
if domain_description:
|
|
|
|
|
return json.dumps(domain_description)
|
|
|
|
|
return ""
|
|
|
|
|
|
2018-05-02 21:13:12 +00:00
|
|
|
# User pool client
|
|
|
|
|
def create_user_pool_client(self):
|
|
|
|
|
user_pool_id = self.parameters.pop("UserPoolId")
|
2020-07-16 08:13:12 +00:00
|
|
|
generate_secret = self.parameters.pop("GenerateSecret", False)
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool_client = cognitoidp_backends[self.region].create_user_pool_client(
|
2020-07-16 08:13:12 +00:00
|
|
|
user_pool_id, generate_secret, self.parameters
|
2019-10-31 15:44:26 +00:00
|
|
|
)
|
|
|
|
|
return json.dumps({"UserPoolClient": user_pool_client.to_json(extended=True)})
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def list_user_pool_clients(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
2018-10-24 14:10:28 +00:00
|
|
|
max_results = self._get_param("MaxResults")
|
2021-10-09 20:18:13 +00:00
|
|
|
next_token = self._get_param("NextToken")
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool_clients, next_token = cognitoidp_backends[
|
|
|
|
|
self.region
|
|
|
|
|
].list_user_pool_clients(
|
|
|
|
|
user_pool_id, max_results=max_results, next_token=next_token
|
|
|
|
|
)
|
2018-10-24 14:10:28 +00:00
|
|
|
response = {
|
2019-10-31 15:44:26 +00:00
|
|
|
"UserPoolClients": [
|
|
|
|
|
user_pool_client.to_json() for user_pool_client in user_pool_clients
|
|
|
|
|
]
|
2018-10-24 14:10:28 +00:00
|
|
|
}
|
|
|
|
|
if next_token:
|
|
|
|
|
response["NextToken"] = str(next_token)
|
|
|
|
|
return json.dumps(response)
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def describe_user_pool_client(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
client_id = self._get_param("ClientId")
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool_client = cognitoidp_backends[self.region].describe_user_pool_client(
|
|
|
|
|
user_pool_id, client_id
|
|
|
|
|
)
|
|
|
|
|
return json.dumps({"UserPoolClient": user_pool_client.to_json(extended=True)})
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def update_user_pool_client(self):
|
|
|
|
|
user_pool_id = self.parameters.pop("UserPoolId")
|
|
|
|
|
client_id = self.parameters.pop("ClientId")
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool_client = cognitoidp_backends[self.region].update_user_pool_client(
|
|
|
|
|
user_pool_id, client_id, self.parameters
|
|
|
|
|
)
|
|
|
|
|
return json.dumps({"UserPoolClient": user_pool_client.to_json(extended=True)})
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def delete_user_pool_client(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
client_id = self._get_param("ClientId")
|
2019-10-31 15:44:26 +00:00
|
|
|
cognitoidp_backends[self.region].delete_user_pool_client(
|
|
|
|
|
user_pool_id, client_id
|
|
|
|
|
)
|
2018-05-02 21:13:12 +00:00
|
|
|
return ""
|
|
|
|
|
|
|
|
|
|
# Identity provider
|
|
|
|
|
def create_identity_provider(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
name = self.parameters.pop("ProviderName")
|
2019-10-31 15:44:26 +00:00
|
|
|
identity_provider = cognitoidp_backends[self.region].create_identity_provider(
|
|
|
|
|
user_pool_id, name, self.parameters
|
|
|
|
|
)
|
|
|
|
|
return json.dumps(
|
|
|
|
|
{"IdentityProvider": identity_provider.to_json(extended=True)}
|
|
|
|
|
)
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def list_identity_providers(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
2018-10-24 14:10:28 +00:00
|
|
|
max_results = self._get_param("MaxResults")
|
2021-10-09 20:18:13 +00:00
|
|
|
next_token = self._get_param("NextToken")
|
2019-10-31 15:44:26 +00:00
|
|
|
identity_providers, next_token = cognitoidp_backends[
|
|
|
|
|
self.region
|
|
|
|
|
].list_identity_providers(
|
2018-10-24 14:10:28 +00:00
|
|
|
user_pool_id, max_results=max_results, next_token=next_token
|
|
|
|
|
)
|
|
|
|
|
response = {
|
2019-10-31 15:44:26 +00:00
|
|
|
"Providers": [
|
|
|
|
|
identity_provider.to_json() for identity_provider in identity_providers
|
|
|
|
|
]
|
2018-10-24 14:10:28 +00:00
|
|
|
}
|
|
|
|
|
if next_token:
|
|
|
|
|
response["NextToken"] = str(next_token)
|
|
|
|
|
return json.dumps(response)
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def describe_identity_provider(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
name = self._get_param("ProviderName")
|
2019-10-31 15:44:26 +00:00
|
|
|
identity_provider = cognitoidp_backends[self.region].describe_identity_provider(
|
|
|
|
|
user_pool_id, name
|
|
|
|
|
)
|
|
|
|
|
return json.dumps(
|
|
|
|
|
{"IdentityProvider": identity_provider.to_json(extended=True)}
|
|
|
|
|
)
|
2018-05-02 21:13:12 +00:00
|
|
|
|
2019-01-25 01:39:55 +00:00
|
|
|
def update_identity_provider(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
name = self._get_param("ProviderName")
|
2019-10-31 15:44:26 +00:00
|
|
|
identity_provider = cognitoidp_backends[self.region].update_identity_provider(
|
|
|
|
|
user_pool_id, name, self.parameters
|
|
|
|
|
)
|
|
|
|
|
return json.dumps(
|
|
|
|
|
{"IdentityProvider": identity_provider.to_json(extended=True)}
|
|
|
|
|
)
|
2019-01-25 01:39:55 +00:00
|
|
|
|
2018-05-02 21:13:12 +00:00
|
|
|
def delete_identity_provider(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
name = self._get_param("ProviderName")
|
|
|
|
|
cognitoidp_backends[self.region].delete_identity_provider(user_pool_id, name)
|
|
|
|
|
return ""
|
|
|
|
|
|
2018-07-23 06:26:54 +00:00
|
|
|
# Group
|
|
|
|
|
def create_group(self):
|
|
|
|
|
group_name = self._get_param("GroupName")
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
description = self._get_param("Description")
|
|
|
|
|
role_arn = self._get_param("RoleArn")
|
|
|
|
|
precedence = self._get_param("Precedence")
|
|
|
|
|
|
|
|
|
|
group = cognitoidp_backends[self.region].create_group(
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool_id, group_name, description, role_arn, precedence
|
2018-07-23 06:26:54 +00:00
|
|
|
)
|
|
|
|
|
|
2019-10-31 15:44:26 +00:00
|
|
|
return json.dumps({"Group": group.to_json()})
|
2018-07-23 06:26:54 +00:00
|
|
|
|
|
|
|
|
def get_group(self):
|
|
|
|
|
group_name = self._get_param("GroupName")
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
group = cognitoidp_backends[self.region].get_group(user_pool_id, group_name)
|
2019-10-31 15:44:26 +00:00
|
|
|
return json.dumps({"Group": group.to_json()})
|
2018-07-23 06:26:54 +00:00
|
|
|
|
|
|
|
|
def list_groups(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
groups = cognitoidp_backends[self.region].list_groups(user_pool_id)
|
2019-10-31 15:44:26 +00:00
|
|
|
return json.dumps({"Groups": [group.to_json() for group in groups]})
|
2018-07-23 06:26:54 +00:00
|
|
|
|
|
|
|
|
def delete_group(self):
|
|
|
|
|
group_name = self._get_param("GroupName")
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
cognitoidp_backends[self.region].delete_group(user_pool_id, group_name)
|
|
|
|
|
return ""
|
|
|
|
|
|
2018-07-23 10:54:51 +00:00
|
|
|
def admin_add_user_to_group(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
group_name = self._get_param("GroupName")
|
|
|
|
|
|
|
|
|
|
cognitoidp_backends[self.region].admin_add_user_to_group(
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool_id, group_name, username
|
2018-07-23 10:54:51 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
return ""
|
|
|
|
|
|
|
|
|
|
def list_users_in_group(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
group_name = self._get_param("GroupName")
|
2019-10-31 15:44:26 +00:00
|
|
|
users = cognitoidp_backends[self.region].list_users_in_group(
|
|
|
|
|
user_pool_id, group_name
|
|
|
|
|
)
|
|
|
|
|
return json.dumps({"Users": [user.to_json(extended=True) for user in users]})
|
2018-07-23 10:54:51 +00:00
|
|
|
|
|
|
|
|
def admin_list_groups_for_user(self):
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
2019-10-31 15:44:26 +00:00
|
|
|
groups = cognitoidp_backends[self.region].admin_list_groups_for_user(
|
|
|
|
|
user_pool_id, username
|
|
|
|
|
)
|
|
|
|
|
return json.dumps({"Groups": [group.to_json() for group in groups]})
|
2018-07-23 10:54:51 +00:00
|
|
|
|
|
|
|
|
def admin_remove_user_from_group(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
group_name = self._get_param("GroupName")
|
|
|
|
|
|
|
|
|
|
cognitoidp_backends[self.region].admin_remove_user_from_group(
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool_id, group_name, username
|
2018-07-23 10:54:51 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
return ""
|
|
|
|
|
|
2021-10-14 10:12:08 +00:00
|
|
|
def admin_reset_user_password(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
cognitoidp_backends[self.region].admin_reset_user_password(
|
|
|
|
|
user_pool_id, username
|
|
|
|
|
)
|
|
|
|
|
return ""
|
|
|
|
|
|
2018-05-02 21:13:12 +00:00
|
|
|
# User
|
|
|
|
|
def admin_create_user(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
2020-02-10 17:09:15 +00:00
|
|
|
message_action = self._get_param("MessageAction")
|
2018-05-02 21:13:12 +00:00
|
|
|
temporary_password = self._get_param("TemporaryPassword")
|
|
|
|
|
user = cognitoidp_backends[self.region].admin_create_user(
|
|
|
|
|
user_pool_id,
|
|
|
|
|
username,
|
2020-02-10 17:09:15 +00:00
|
|
|
message_action,
|
2018-05-02 21:13:12 +00:00
|
|
|
temporary_password,
|
2019-10-31 15:44:26 +00:00
|
|
|
self._get_param("UserAttributes", []),
|
2018-05-02 21:13:12 +00:00
|
|
|
)
|
|
|
|
|
|
2019-10-31 15:44:26 +00:00
|
|
|
return json.dumps({"User": user.to_json(extended=True)})
|
2018-05-02 21:13:12 +00:00
|
|
|
|
2021-10-23 11:32:56 +00:00
|
|
|
def admin_confirm_sign_up(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
return cognitoidp_backends[self.region].admin_confirm_sign_up(
|
|
|
|
|
user_pool_id, username
|
|
|
|
|
)
|
|
|
|
|
|
2018-05-02 21:13:12 +00:00
|
|
|
def admin_get_user(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
user = cognitoidp_backends[self.region].admin_get_user(user_pool_id, username)
|
2019-10-31 15:44:26 +00:00
|
|
|
return json.dumps(user.to_json(extended=True, attributes_key="UserAttributes"))
|
2018-05-02 21:13:12 +00:00
|
|
|
|
2021-06-27 14:48:31 +00:00
|
|
|
def get_user(self):
|
|
|
|
|
access_token = self._get_param("AccessToken")
|
|
|
|
|
user = cognitoidp_backends[self.region].get_user(access_token=access_token)
|
|
|
|
|
return json.dumps(user.to_json(extended=True, attributes_key="UserAttributes"))
|
|
|
|
|
|
2018-05-02 21:13:12 +00:00
|
|
|
def list_users(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
2018-10-24 14:10:28 +00:00
|
|
|
limit = self._get_param("Limit")
|
|
|
|
|
token = self._get_param("PaginationToken")
|
2020-02-05 11:03:24 +00:00
|
|
|
filt = self._get_param("Filter")
|
2019-10-31 15:44:26 +00:00
|
|
|
users, token = cognitoidp_backends[self.region].list_users(
|
|
|
|
|
user_pool_id, limit=limit, pagination_token=token
|
|
|
|
|
)
|
2020-02-05 11:03:24 +00:00
|
|
|
if filt:
|
2021-08-03 06:56:41 +00:00
|
|
|
inherent_attributes = {
|
|
|
|
|
"cognito:user_status": lambda u: u.status,
|
2021-08-03 15:34:07 +00:00
|
|
|
"status": lambda u: "Enabled" if u.enabled else "Disabled",
|
2021-08-03 06:56:41 +00:00
|
|
|
"username": lambda u: u.username,
|
|
|
|
|
}
|
2021-10-11 22:31:40 +00:00
|
|
|
comparisons = {"=": lambda x, y: x == y, "^=": lambda x, y: x.startswith(y)}
|
2021-10-13 09:55:58 +00:00
|
|
|
allowed_attributes = [
|
|
|
|
|
"username",
|
|
|
|
|
"email",
|
|
|
|
|
"phone_number",
|
|
|
|
|
"name",
|
|
|
|
|
"given_name",
|
|
|
|
|
"family_name",
|
|
|
|
|
"preferred_username",
|
|
|
|
|
"cognito:user_status",
|
|
|
|
|
"status",
|
|
|
|
|
"sub",
|
|
|
|
|
]
|
2021-10-11 22:31:40 +00:00
|
|
|
|
|
|
|
|
match = re.match(r"([\w:]+)\s*(=|\^=)\s*\"(.*)\"", filt)
|
|
|
|
|
if match:
|
|
|
|
|
name, op, value = match.groups()
|
|
|
|
|
else:
|
|
|
|
|
raise InvalidParameterException("Error while parsing filter")
|
2021-10-13 09:55:58 +00:00
|
|
|
if name not in allowed_attributes:
|
|
|
|
|
raise InvalidParameterException(f"Invalid search attribute: {name}")
|
2021-10-11 22:31:40 +00:00
|
|
|
compare = comparisons[op]
|
2020-02-05 13:19:08 +00:00
|
|
|
users = [
|
|
|
|
|
user
|
|
|
|
|
for user in users
|
2021-07-26 14:21:17 +00:00
|
|
|
if [
|
|
|
|
|
attr
|
|
|
|
|
for attr in user.attributes
|
2021-10-11 22:31:40 +00:00
|
|
|
if attr["Name"] == name and compare(attr["Value"], value)
|
2021-07-26 14:21:17 +00:00
|
|
|
]
|
2021-08-03 06:56:41 +00:00
|
|
|
or (
|
|
|
|
|
name in inherent_attributes
|
2021-10-11 22:31:40 +00:00
|
|
|
and compare(inherent_attributes[name](user), value)
|
2021-08-03 06:56:41 +00:00
|
|
|
)
|
2020-02-05 13:19:08 +00:00
|
|
|
]
|
2018-10-24 14:10:28 +00:00
|
|
|
response = {"Users": [user.to_json(extended=True) for user in users]}
|
|
|
|
|
if token:
|
|
|
|
|
response["PaginationToken"] = str(token)
|
|
|
|
|
return json.dumps(response)
|
2018-05-02 21:13:12 +00:00
|
|
|
|
2018-07-27 06:10:26 +00:00
|
|
|
def admin_disable_user(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
cognitoidp_backends[self.region].admin_disable_user(user_pool_id, username)
|
|
|
|
|
return ""
|
|
|
|
|
|
|
|
|
|
def admin_enable_user(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
cognitoidp_backends[self.region].admin_enable_user(user_pool_id, username)
|
|
|
|
|
return ""
|
|
|
|
|
|
2018-05-02 21:13:12 +00:00
|
|
|
def admin_delete_user(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
cognitoidp_backends[self.region].admin_delete_user(user_pool_id, username)
|
|
|
|
|
return ""
|
|
|
|
|
|
|
|
|
|
def admin_initiate_auth(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
client_id = self._get_param("ClientId")
|
|
|
|
|
auth_flow = self._get_param("AuthFlow")
|
|
|
|
|
auth_parameters = self._get_param("AuthParameters")
|
|
|
|
|
|
|
|
|
|
auth_result = cognitoidp_backends[self.region].admin_initiate_auth(
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool_id, client_id, auth_flow, auth_parameters
|
2018-05-02 21:13:12 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
return json.dumps(auth_result)
|
|
|
|
|
|
|
|
|
|
def respond_to_auth_challenge(self):
|
|
|
|
|
session = self._get_param("Session")
|
|
|
|
|
client_id = self._get_param("ClientId")
|
|
|
|
|
challenge_name = self._get_param("ChallengeName")
|
|
|
|
|
challenge_responses = self._get_param("ChallengeResponses")
|
|
|
|
|
auth_result = cognitoidp_backends[self.region].respond_to_auth_challenge(
|
2019-10-31 15:44:26 +00:00
|
|
|
session, client_id, challenge_name, challenge_responses
|
2018-05-02 21:13:12 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
return json.dumps(auth_result)
|
|
|
|
|
|
|
|
|
|
def forgot_password(self):
|
2021-10-24 14:26:57 +00:00
|
|
|
client_id = self._get_param("ClientId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
region = find_region_by_value("client_id", client_id)
|
|
|
|
|
response = cognitoidp_backends[region].forgot_password(client_id, username)
|
|
|
|
|
return json.dumps(response)
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
# This endpoint receives no authorization header, so if moto-server is listening
|
|
|
|
|
# on localhost (doesn't get a region in the host header), it doesn't know what
|
|
|
|
|
# region's backend should handle the traffic, and we use `find_region_by_value` to
|
|
|
|
|
# solve that problem.
|
|
|
|
|
def confirm_forgot_password(self):
|
|
|
|
|
client_id = self._get_param("ClientId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
password = self._get_param("Password")
|
|
|
|
|
region = find_region_by_value("client_id", client_id)
|
2019-10-31 15:44:26 +00:00
|
|
|
cognitoidp_backends[region].confirm_forgot_password(
|
|
|
|
|
client_id, username, password
|
|
|
|
|
)
|
2018-05-02 21:13:12 +00:00
|
|
|
return ""
|
|
|
|
|
|
|
|
|
|
# Ditto the comment on confirm_forgot_password.
|
|
|
|
|
def change_password(self):
|
|
|
|
|
access_token = self._get_param("AccessToken")
|
|
|
|
|
previous_password = self._get_param("PreviousPassword")
|
|
|
|
|
proposed_password = self._get_param("ProposedPassword")
|
|
|
|
|
region = find_region_by_value("access_token", access_token)
|
2019-10-31 15:44:26 +00:00
|
|
|
cognitoidp_backends[region].change_password(
|
|
|
|
|
access_token, previous_password, proposed_password
|
|
|
|
|
)
|
2018-05-02 21:13:12 +00:00
|
|
|
return ""
|
|
|
|
|
|
2019-05-20 22:58:10 +00:00
|
|
|
def admin_update_user_attributes(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
attributes = self._get_param("UserAttributes")
|
2019-10-31 15:44:26 +00:00
|
|
|
cognitoidp_backends[self.region].admin_update_user_attributes(
|
|
|
|
|
user_pool_id, username, attributes
|
|
|
|
|
)
|
2019-05-20 22:58:10 +00:00
|
|
|
return ""
|
|
|
|
|
|
2021-07-27 17:49:19 +00:00
|
|
|
def admin_user_global_sign_out(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
cognitoidp_backends[self.region].admin_user_global_sign_out(
|
|
|
|
|
user_pool_id, username
|
|
|
|
|
)
|
|
|
|
|
return ""
|
|
|
|
|
|
2020-07-20 11:31:30 +00:00
|
|
|
# Resource Server
|
|
|
|
|
def create_resource_server(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
identifier = self._get_param("Identifier")
|
|
|
|
|
name = self._get_param("Name")
|
|
|
|
|
scopes = self._get_param("Scopes")
|
|
|
|
|
resource_server = cognitoidp_backends[self.region].create_resource_server(
|
|
|
|
|
user_pool_id, identifier, name, scopes
|
|
|
|
|
)
|
|
|
|
|
return json.dumps({"ResourceServer": resource_server.to_json()})
|
|
|
|
|
|
2020-09-01 08:20:31 +00:00
|
|
|
def sign_up(self):
|
|
|
|
|
client_id = self._get_param("ClientId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
password = self._get_param("Password")
|
|
|
|
|
user = cognitoidp_backends[self.region].sign_up(
|
|
|
|
|
client_id=client_id,
|
|
|
|
|
username=username,
|
|
|
|
|
password=password,
|
|
|
|
|
attributes=self._get_param("UserAttributes", []),
|
|
|
|
|
)
|
|
|
|
|
return json.dumps(
|
|
|
|
|
{
|
|
|
|
|
"UserConfirmed": user.status == UserStatus["CONFIRMED"],
|
|
|
|
|
"UserSub": user.id,
|
|
|
|
|
}
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
def confirm_sign_up(self):
|
|
|
|
|
client_id = self._get_param("ClientId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
confirmation_code = self._get_param("ConfirmationCode")
|
|
|
|
|
cognitoidp_backends[self.region].confirm_sign_up(
|
|
|
|
|
client_id=client_id, username=username, confirmation_code=confirmation_code,
|
|
|
|
|
)
|
|
|
|
|
return ""
|
|
|
|
|
|
|
|
|
|
def initiate_auth(self):
|
|
|
|
|
client_id = self._get_param("ClientId")
|
|
|
|
|
auth_flow = self._get_param("AuthFlow")
|
|
|
|
|
auth_parameters = self._get_param("AuthParameters")
|
|
|
|
|
|
|
|
|
|
auth_result = cognitoidp_backends[self.region].initiate_auth(
|
|
|
|
|
client_id, auth_flow, auth_parameters
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
return json.dumps(auth_result)
|
|
|
|
|
|
|
|
|
|
def associate_software_token(self):
|
|
|
|
|
access_token = self._get_param("AccessToken")
|
|
|
|
|
result = cognitoidp_backends[self.region].associate_software_token(access_token)
|
|
|
|
|
return json.dumps(result)
|
|
|
|
|
|
|
|
|
|
def verify_software_token(self):
|
|
|
|
|
access_token = self._get_param("AccessToken")
|
|
|
|
|
user_code = self._get_param("UserCode")
|
|
|
|
|
result = cognitoidp_backends[self.region].verify_software_token(
|
|
|
|
|
access_token, user_code
|
|
|
|
|
)
|
|
|
|
|
return json.dumps(result)
|
|
|
|
|
|
|
|
|
|
def set_user_mfa_preference(self):
|
|
|
|
|
access_token = self._get_param("AccessToken")
|
|
|
|
|
software_token_mfa_settings = self._get_param("SoftwareTokenMfaSettings")
|
|
|
|
|
sms_mfa_settings = self._get_param("SMSMfaSettings")
|
|
|
|
|
cognitoidp_backends[self.region].set_user_mfa_preference(
|
|
|
|
|
access_token, software_token_mfa_settings, sms_mfa_settings
|
|
|
|
|
)
|
|
|
|
|
return ""
|
|
|
|
|
|
2020-09-21 17:40:07 +00:00
|
|
|
def admin_set_user_password(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
password = self._get_param("Password")
|
|
|
|
|
permanent = self._get_param("Permanent")
|
|
|
|
|
cognitoidp_backends[self.region].admin_set_user_password(
|
|
|
|
|
user_pool_id, username, password, permanent
|
|
|
|
|
)
|
|
|
|
|
return ""
|
|
|
|
|
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
class CognitoIdpJsonWebKeyResponse(BaseResponse):
|
|
|
|
|
def __init__(self):
|
2019-10-31 15:44:26 +00:00
|
|
|
with open(
|
|
|
|
|
os.path.join(os.path.dirname(__file__), "resources/jwks-public.json")
|
|
|
|
|
) as f:
|
2018-05-02 21:13:12 +00:00
|
|
|
self.json_web_key = f.read()
|
|
|
|
|
|
|
|
|
|
def serve_json_web_key(self, request, full_url, headers):
|
|
|
|
|
return 200, {"Content-Type": "application/json"}, self.json_web_key
|
