2018-05-02 21:13:12 +00:00
|
|
|
from __future__ import unicode_literals
|
|
|
|
|
|
|
|
|
|
import json
|
|
|
|
|
import os
|
|
|
|
|
|
|
|
|
|
from moto.core.responses import BaseResponse
|
|
|
|
|
from .models import cognitoidp_backends, find_region_by_value
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class CognitoIdpResponse(BaseResponse):
|
|
|
|
|
@property
|
|
|
|
|
def parameters(self):
|
|
|
|
|
return json.loads(self.body)
|
|
|
|
|
|
|
|
|
|
# User pool
|
|
|
|
|
def create_user_pool(self):
|
|
|
|
|
name = self.parameters.pop("PoolName")
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool = cognitoidp_backends[self.region].create_user_pool(
|
|
|
|
|
name, self.parameters
|
|
|
|
|
)
|
|
|
|
|
return json.dumps({"UserPool": user_pool.to_json(extended=True)})
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def list_user_pools(self):
|
2018-10-24 14:10:28 +00:00
|
|
|
max_results = self._get_param("MaxResults")
|
|
|
|
|
next_token = self._get_param("NextToken", "0")
|
|
|
|
|
user_pools, next_token = cognitoidp_backends[self.region].list_user_pools(
|
|
|
|
|
max_results=max_results, next_token=next_token
|
|
|
|
|
)
|
2019-10-31 15:44:26 +00:00
|
|
|
response = {"UserPools": [user_pool.to_json() for user_pool in user_pools]}
|
2018-10-24 14:10:28 +00:00
|
|
|
if next_token:
|
|
|
|
|
response["NextToken"] = str(next_token)
|
|
|
|
|
return json.dumps(response)
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def describe_user_pool(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
user_pool = cognitoidp_backends[self.region].describe_user_pool(user_pool_id)
|
2019-10-31 15:44:26 +00:00
|
|
|
return json.dumps({"UserPool": user_pool.to_json(extended=True)})
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def delete_user_pool(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
cognitoidp_backends[self.region].delete_user_pool(user_pool_id)
|
|
|
|
|
return ""
|
|
|
|
|
|
|
|
|
|
# User pool domain
|
|
|
|
|
def create_user_pool_domain(self):
|
|
|
|
|
domain = self._get_param("Domain")
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
2019-07-16 03:09:13 +00:00
|
|
|
custom_domain_config = self._get_param("CustomDomainConfig")
|
|
|
|
|
user_pool_domain = cognitoidp_backends[self.region].create_user_pool_domain(
|
|
|
|
|
user_pool_id, domain, custom_domain_config
|
|
|
|
|
)
|
|
|
|
|
domain_description = user_pool_domain.to_json(extended=False)
|
|
|
|
|
if domain_description:
|
|
|
|
|
return json.dumps(domain_description)
|
2018-05-02 21:13:12 +00:00
|
|
|
return ""
|
|
|
|
|
|
|
|
|
|
def describe_user_pool_domain(self):
|
|
|
|
|
domain = self._get_param("Domain")
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool_domain = cognitoidp_backends[self.region].describe_user_pool_domain(
|
|
|
|
|
domain
|
|
|
|
|
)
|
2018-05-02 21:13:12 +00:00
|
|
|
domain_description = {}
|
|
|
|
|
if user_pool_domain:
|
|
|
|
|
domain_description = user_pool_domain.to_json()
|
|
|
|
|
|
2019-10-31 15:44:26 +00:00
|
|
|
return json.dumps({"DomainDescription": domain_description})
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def delete_user_pool_domain(self):
|
|
|
|
|
domain = self._get_param("Domain")
|
|
|
|
|
cognitoidp_backends[self.region].delete_user_pool_domain(domain)
|
|
|
|
|
return ""
|
|
|
|
|
|
2019-07-16 03:09:13 +00:00
|
|
|
def update_user_pool_domain(self):
|
|
|
|
|
domain = self._get_param("Domain")
|
|
|
|
|
custom_domain_config = self._get_param("CustomDomainConfig")
|
|
|
|
|
user_pool_domain = cognitoidp_backends[self.region].update_user_pool_domain(
|
|
|
|
|
domain, custom_domain_config
|
|
|
|
|
)
|
|
|
|
|
domain_description = user_pool_domain.to_json(extended=False)
|
|
|
|
|
if domain_description:
|
|
|
|
|
return json.dumps(domain_description)
|
|
|
|
|
return ""
|
|
|
|
|
|
2018-05-02 21:13:12 +00:00
|
|
|
# User pool client
|
|
|
|
|
def create_user_pool_client(self):
|
|
|
|
|
user_pool_id = self.parameters.pop("UserPoolId")
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool_client = cognitoidp_backends[self.region].create_user_pool_client(
|
|
|
|
|
user_pool_id, self.parameters
|
|
|
|
|
)
|
|
|
|
|
return json.dumps({"UserPoolClient": user_pool_client.to_json(extended=True)})
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def list_user_pool_clients(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
2018-10-24 14:10:28 +00:00
|
|
|
max_results = self._get_param("MaxResults")
|
|
|
|
|
next_token = self._get_param("NextToken", "0")
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool_clients, next_token = cognitoidp_backends[
|
|
|
|
|
self.region
|
|
|
|
|
].list_user_pool_clients(
|
|
|
|
|
user_pool_id, max_results=max_results, next_token=next_token
|
|
|
|
|
)
|
2018-10-24 14:10:28 +00:00
|
|
|
response = {
|
2019-10-31 15:44:26 +00:00
|
|
|
"UserPoolClients": [
|
|
|
|
|
user_pool_client.to_json() for user_pool_client in user_pool_clients
|
|
|
|
|
]
|
2018-10-24 14:10:28 +00:00
|
|
|
}
|
|
|
|
|
if next_token:
|
|
|
|
|
response["NextToken"] = str(next_token)
|
|
|
|
|
return json.dumps(response)
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def describe_user_pool_client(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
client_id = self._get_param("ClientId")
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool_client = cognitoidp_backends[self.region].describe_user_pool_client(
|
|
|
|
|
user_pool_id, client_id
|
|
|
|
|
)
|
|
|
|
|
return json.dumps({"UserPoolClient": user_pool_client.to_json(extended=True)})
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def update_user_pool_client(self):
|
|
|
|
|
user_pool_id = self.parameters.pop("UserPoolId")
|
|
|
|
|
client_id = self.parameters.pop("ClientId")
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool_client = cognitoidp_backends[self.region].update_user_pool_client(
|
|
|
|
|
user_pool_id, client_id, self.parameters
|
|
|
|
|
)
|
|
|
|
|
return json.dumps({"UserPoolClient": user_pool_client.to_json(extended=True)})
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def delete_user_pool_client(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
client_id = self._get_param("ClientId")
|
2019-10-31 15:44:26 +00:00
|
|
|
cognitoidp_backends[self.region].delete_user_pool_client(
|
|
|
|
|
user_pool_id, client_id
|
|
|
|
|
)
|
2018-05-02 21:13:12 +00:00
|
|
|
return ""
|
|
|
|
|
|
|
|
|
|
# Identity provider
|
|
|
|
|
def create_identity_provider(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
name = self.parameters.pop("ProviderName")
|
2019-10-31 15:44:26 +00:00
|
|
|
identity_provider = cognitoidp_backends[self.region].create_identity_provider(
|
|
|
|
|
user_pool_id, name, self.parameters
|
|
|
|
|
)
|
|
|
|
|
return json.dumps(
|
|
|
|
|
{"IdentityProvider": identity_provider.to_json(extended=True)}
|
|
|
|
|
)
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def list_identity_providers(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
2018-10-24 14:10:28 +00:00
|
|
|
max_results = self._get_param("MaxResults")
|
|
|
|
|
next_token = self._get_param("NextToken", "0")
|
2019-10-31 15:44:26 +00:00
|
|
|
identity_providers, next_token = cognitoidp_backends[
|
|
|
|
|
self.region
|
|
|
|
|
].list_identity_providers(
|
2018-10-24 14:10:28 +00:00
|
|
|
user_pool_id, max_results=max_results, next_token=next_token
|
|
|
|
|
)
|
|
|
|
|
response = {
|
2019-10-31 15:44:26 +00:00
|
|
|
"Providers": [
|
|
|
|
|
identity_provider.to_json() for identity_provider in identity_providers
|
|
|
|
|
]
|
2018-10-24 14:10:28 +00:00
|
|
|
}
|
|
|
|
|
if next_token:
|
|
|
|
|
response["NextToken"] = str(next_token)
|
|
|
|
|
return json.dumps(response)
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def describe_identity_provider(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
name = self._get_param("ProviderName")
|
2019-10-31 15:44:26 +00:00
|
|
|
identity_provider = cognitoidp_backends[self.region].describe_identity_provider(
|
|
|
|
|
user_pool_id, name
|
|
|
|
|
)
|
|
|
|
|
return json.dumps(
|
|
|
|
|
{"IdentityProvider": identity_provider.to_json(extended=True)}
|
|
|
|
|
)
|
2018-05-02 21:13:12 +00:00
|
|
|
|
2019-01-25 01:39:55 +00:00
|
|
|
def update_identity_provider(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
name = self._get_param("ProviderName")
|
2019-10-31 15:44:26 +00:00
|
|
|
identity_provider = cognitoidp_backends[self.region].update_identity_provider(
|
|
|
|
|
user_pool_id, name, self.parameters
|
|
|
|
|
)
|
|
|
|
|
return json.dumps(
|
|
|
|
|
{"IdentityProvider": identity_provider.to_json(extended=True)}
|
|
|
|
|
)
|
2019-01-25 01:39:55 +00:00
|
|
|
|
2018-05-02 21:13:12 +00:00
|
|
|
def delete_identity_provider(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
name = self._get_param("ProviderName")
|
|
|
|
|
cognitoidp_backends[self.region].delete_identity_provider(user_pool_id, name)
|
|
|
|
|
return ""
|
|
|
|
|
|
2018-07-23 06:26:54 +00:00
|
|
|
# Group
|
|
|
|
|
def create_group(self):
|
|
|
|
|
group_name = self._get_param("GroupName")
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
description = self._get_param("Description")
|
|
|
|
|
role_arn = self._get_param("RoleArn")
|
|
|
|
|
precedence = self._get_param("Precedence")
|
|
|
|
|
|
|
|
|
|
group = cognitoidp_backends[self.region].create_group(
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool_id, group_name, description, role_arn, precedence
|
2018-07-23 06:26:54 +00:00
|
|
|
)
|
|
|
|
|
|
2019-10-31 15:44:26 +00:00
|
|
|
return json.dumps({"Group": group.to_json()})
|
2018-07-23 06:26:54 +00:00
|
|
|
|
|
|
|
|
def get_group(self):
|
|
|
|
|
group_name = self._get_param("GroupName")
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
group = cognitoidp_backends[self.region].get_group(user_pool_id, group_name)
|
2019-10-31 15:44:26 +00:00
|
|
|
return json.dumps({"Group": group.to_json()})
|
2018-07-23 06:26:54 +00:00
|
|
|
|
|
|
|
|
def list_groups(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
groups = cognitoidp_backends[self.region].list_groups(user_pool_id)
|
2019-10-31 15:44:26 +00:00
|
|
|
return json.dumps({"Groups": [group.to_json() for group in groups]})
|
2018-07-23 06:26:54 +00:00
|
|
|
|
|
|
|
|
def delete_group(self):
|
|
|
|
|
group_name = self._get_param("GroupName")
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
cognitoidp_backends[self.region].delete_group(user_pool_id, group_name)
|
|
|
|
|
return ""
|
|
|
|
|
|
2018-07-23 10:54:51 +00:00
|
|
|
def admin_add_user_to_group(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
group_name = self._get_param("GroupName")
|
|
|
|
|
|
|
|
|
|
cognitoidp_backends[self.region].admin_add_user_to_group(
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool_id, group_name, username
|
2018-07-23 10:54:51 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
return ""
|
|
|
|
|
|
|
|
|
|
def list_users_in_group(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
group_name = self._get_param("GroupName")
|
2019-10-31 15:44:26 +00:00
|
|
|
users = cognitoidp_backends[self.region].list_users_in_group(
|
|
|
|
|
user_pool_id, group_name
|
|
|
|
|
)
|
|
|
|
|
return json.dumps({"Users": [user.to_json(extended=True) for user in users]})
|
2018-07-23 10:54:51 +00:00
|
|
|
|
|
|
|
|
def admin_list_groups_for_user(self):
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
2019-10-31 15:44:26 +00:00
|
|
|
groups = cognitoidp_backends[self.region].admin_list_groups_for_user(
|
|
|
|
|
user_pool_id, username
|
|
|
|
|
)
|
|
|
|
|
return json.dumps({"Groups": [group.to_json() for group in groups]})
|
2018-07-23 10:54:51 +00:00
|
|
|
|
|
|
|
|
def admin_remove_user_from_group(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
group_name = self._get_param("GroupName")
|
|
|
|
|
|
|
|
|
|
cognitoidp_backends[self.region].admin_remove_user_from_group(
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool_id, group_name, username
|
2018-07-23 10:54:51 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
return ""
|
|
|
|
|
|
2018-05-02 21:13:12 +00:00
|
|
|
# User
|
|
|
|
|
def admin_create_user(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
temporary_password = self._get_param("TemporaryPassword")
|
|
|
|
|
user = cognitoidp_backends[self.region].admin_create_user(
|
|
|
|
|
user_pool_id,
|
|
|
|
|
username,
|
|
|
|
|
temporary_password,
|
2019-10-31 15:44:26 +00:00
|
|
|
self._get_param("UserAttributes", []),
|
2018-05-02 21:13:12 +00:00
|
|
|
)
|
|
|
|
|
|
2019-10-31 15:44:26 +00:00
|
|
|
return json.dumps({"User": user.to_json(extended=True)})
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def admin_get_user(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
user = cognitoidp_backends[self.region].admin_get_user(user_pool_id, username)
|
2019-10-31 15:44:26 +00:00
|
|
|
return json.dumps(user.to_json(extended=True, attributes_key="UserAttributes"))
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
def list_users(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
2018-10-24 14:10:28 +00:00
|
|
|
limit = self._get_param("Limit")
|
|
|
|
|
token = self._get_param("PaginationToken")
|
2019-10-31 15:44:26 +00:00
|
|
|
users, token = cognitoidp_backends[self.region].list_users(
|
|
|
|
|
user_pool_id, limit=limit, pagination_token=token
|
|
|
|
|
)
|
2018-10-24 14:10:28 +00:00
|
|
|
response = {"Users": [user.to_json(extended=True) for user in users]}
|
|
|
|
|
if token:
|
|
|
|
|
response["PaginationToken"] = str(token)
|
|
|
|
|
return json.dumps(response)
|
2018-05-02 21:13:12 +00:00
|
|
|
|
2018-07-27 06:10:26 +00:00
|
|
|
def admin_disable_user(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
cognitoidp_backends[self.region].admin_disable_user(user_pool_id, username)
|
|
|
|
|
return ""
|
|
|
|
|
|
|
|
|
|
def admin_enable_user(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
cognitoidp_backends[self.region].admin_enable_user(user_pool_id, username)
|
|
|
|
|
return ""
|
|
|
|
|
|
2018-05-02 21:13:12 +00:00
|
|
|
def admin_delete_user(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
cognitoidp_backends[self.region].admin_delete_user(user_pool_id, username)
|
|
|
|
|
return ""
|
|
|
|
|
|
|
|
|
|
def admin_initiate_auth(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
client_id = self._get_param("ClientId")
|
|
|
|
|
auth_flow = self._get_param("AuthFlow")
|
|
|
|
|
auth_parameters = self._get_param("AuthParameters")
|
|
|
|
|
|
|
|
|
|
auth_result = cognitoidp_backends[self.region].admin_initiate_auth(
|
2019-10-31 15:44:26 +00:00
|
|
|
user_pool_id, client_id, auth_flow, auth_parameters
|
2018-05-02 21:13:12 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
return json.dumps(auth_result)
|
|
|
|
|
|
|
|
|
|
def respond_to_auth_challenge(self):
|
|
|
|
|
session = self._get_param("Session")
|
|
|
|
|
client_id = self._get_param("ClientId")
|
|
|
|
|
challenge_name = self._get_param("ChallengeName")
|
|
|
|
|
challenge_responses = self._get_param("ChallengeResponses")
|
|
|
|
|
auth_result = cognitoidp_backends[self.region].respond_to_auth_challenge(
|
2019-10-31 15:44:26 +00:00
|
|
|
session, client_id, challenge_name, challenge_responses
|
2018-05-02 21:13:12 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
return json.dumps(auth_result)
|
|
|
|
|
|
|
|
|
|
def forgot_password(self):
|
2019-10-31 15:44:26 +00:00
|
|
|
return json.dumps(
|
|
|
|
|
{"CodeDeliveryDetails": {"DeliveryMedium": "EMAIL", "Destination": "..."}}
|
|
|
|
|
)
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
# This endpoint receives no authorization header, so if moto-server is listening
|
|
|
|
|
# on localhost (doesn't get a region in the host header), it doesn't know what
|
|
|
|
|
# region's backend should handle the traffic, and we use `find_region_by_value` to
|
|
|
|
|
# solve that problem.
|
|
|
|
|
def confirm_forgot_password(self):
|
|
|
|
|
client_id = self._get_param("ClientId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
password = self._get_param("Password")
|
|
|
|
|
region = find_region_by_value("client_id", client_id)
|
2019-10-31 15:44:26 +00:00
|
|
|
cognitoidp_backends[region].confirm_forgot_password(
|
|
|
|
|
client_id, username, password
|
|
|
|
|
)
|
2018-05-02 21:13:12 +00:00
|
|
|
return ""
|
|
|
|
|
|
|
|
|
|
# Ditto the comment on confirm_forgot_password.
|
|
|
|
|
def change_password(self):
|
|
|
|
|
access_token = self._get_param("AccessToken")
|
|
|
|
|
previous_password = self._get_param("PreviousPassword")
|
|
|
|
|
proposed_password = self._get_param("ProposedPassword")
|
|
|
|
|
region = find_region_by_value("access_token", access_token)
|
2019-10-31 15:44:26 +00:00
|
|
|
cognitoidp_backends[region].change_password(
|
|
|
|
|
access_token, previous_password, proposed_password
|
|
|
|
|
)
|
2018-05-02 21:13:12 +00:00
|
|
|
return ""
|
|
|
|
|
|
2019-05-20 22:58:10 +00:00
|
|
|
def admin_update_user_attributes(self):
|
|
|
|
|
user_pool_id = self._get_param("UserPoolId")
|
|
|
|
|
username = self._get_param("Username")
|
|
|
|
|
attributes = self._get_param("UserAttributes")
|
2019-10-31 15:44:26 +00:00
|
|
|
cognitoidp_backends[self.region].admin_update_user_attributes(
|
|
|
|
|
user_pool_id, username, attributes
|
|
|
|
|
)
|
2019-05-20 22:58:10 +00:00
|
|
|
return ""
|
|
|
|
|
|
2018-05-02 21:13:12 +00:00
|
|
|
|
|
|
|
|
class CognitoIdpJsonWebKeyResponse(BaseResponse):
|
|
|
|
|
def __init__(self):
|
2019-10-31 15:44:26 +00:00
|
|
|
with open(
|
|
|
|
|
os.path.join(os.path.dirname(__file__), "resources/jwks-public.json")
|
|
|
|
|
) as f:
|
2018-05-02 21:13:12 +00:00
|
|
|
self.json_web_key = f.read()
|
|
|
|
|
|
|
|
|
|
def serve_json_web_key(self, request, full_url, headers):
|
|
|
|
|
return 200, {"Content-Type": "application/json"}, self.json_web_key
|
