Search cognito identities from iot moto backend (#4555)

2021-11-11 11:32:58 +01:00 · 2021-11-11 11:32:58 +01:00 · 02a7e272e9
commit 02a7e272e9
parent d324532e1a
2 changed files with 38 additions and 4 deletions
--- a/moto/iot/models.py
+++ b/moto/iot/models.py
@ -913,9 +913,18 @@ class IoTBackend(BaseBackend):
                raise ResourceNotFoundException()
            principal = certs[0]
            return principal
-        else:
-            # TODO: search for cognito_ids
-            pass
+        from moto.cognitoidentity import cognitoidentity_backends
+
+        cognito = cognitoidentity_backends[self.region_name]
+        identities = []
+        for identity_pool in cognito.identity_pools:
+            pool_identities = cognito.pools_identities.get(identity_pool, None)
+            identities.extend(
+                [pi["IdentityId"] for pi in pool_identities.get("Identities", [])]
+            )
+            if principal_arn in identities:
+                return {"IdentityId": principal_arn}
+
        raise ResourceNotFoundException()

    def attach_principal_policy(self, policy_name, principal_arn):
--- a/tests/test_iot/test_iot.py
+++ b/tests/test_iot/test_iot.py
@ -2,7 +2,7 @@ import json
 import sure  # noqa # pylint: disable=unused-import
 import boto3

-from moto import mock_iot
+from moto import mock_iot, mock_cognitoidentity
 from botocore.exceptions import ClientError
 import pytest

@ -55,6 +55,31 @@ def test_attach_policy():
    res["policies"][0]["policyName"].should.equal("my-policy")


+@mock_iot
+@mock_cognitoidentity
+def test_attach_policy_to_identity():
+    region = "ap-northeast-1"
+
+    cognito_identity_client = boto3.client("cognito-identity", region_name=region)
+    identity_pool_name = "test_identity_pool"
+    identity_pool = cognito_identity_client.create_identity_pool(
+        IdentityPoolName=identity_pool_name, AllowUnauthenticatedIdentities=True
+    )
+    identity = cognito_identity_client.get_id(
+        AccountId="test", IdentityPoolId=identity_pool["IdentityPoolId"]
+    )
+
+    client = boto3.client("iot", region_name=region)
+    policy_name = "my-policy"
+    doc = "{}"
+    client.create_policy(policyName=policy_name, policyDocument=doc)
+    client.attach_policy(policyName=policy_name, target=identity["IdentityId"])
+
+    res = client.list_attached_policies(target=identity["IdentityId"])
+    res.should.have.key("policies").which.should.have.length_of(1)
+    res["policies"][0]["policyName"].should.equal(policy_name)
+
+
@mock_iot
 def test_detach_policy():
    client = boto3.client("iot", region_name="ap-northeast-1")