From d72c6b7baabd2cdd786725864079ae1fba332b6f Mon Sep 17 00:00:00 2001 From: Bert Blommers Date: Thu, 14 Oct 2021 22:20:56 +0000 Subject: [PATCH] CognitoIdentity:create_identity_pool: Add validation for name (#4415) --- moto/cognitoidentity/exceptions.py | 14 ++++++++++ moto/cognitoidentity/models.py | 7 ++++- .../test_cognitoidentity.py | 26 +++++++++++++++++++ 3 files changed, 46 insertions(+), 1 deletion(-) diff --git a/moto/cognitoidentity/exceptions.py b/moto/cognitoidentity/exceptions.py index 44e391abd..b3e811aee 100644 --- a/moto/cognitoidentity/exceptions.py +++ b/moto/cognitoidentity/exceptions.py @@ -11,3 +11,17 @@ class ResourceNotFoundError(BadRequest): self.description = json.dumps( {"message": message, "__type": "ResourceNotFoundException"} ) + + +class InvalidNameException(BadRequest): + + message = "1 validation error detected: Value '{}' at 'identityPoolName' failed to satisfy constraint: Member must satisfy regular expression pattern: [\\w\\s+=,.@-]+" + + def __init__(self, name): + super(InvalidNameException, self).__init__() + self.description = json.dumps( + { + "message": InvalidNameException.message.format(name), + "__type": "ValidationException", + } + ) diff --git a/moto/cognitoidentity/models.py b/moto/cognitoidentity/models.py index 90ad00c71..94827a959 100644 --- a/moto/cognitoidentity/models.py +++ b/moto/cognitoidentity/models.py @@ -2,19 +2,24 @@ from __future__ import unicode_literals import datetime import json +import re from boto3 import Session from collections import OrderedDict from moto.core import BaseBackend, BaseModel from moto.core.utils import iso_8601_datetime_with_milliseconds -from .exceptions import ResourceNotFoundError +from .exceptions import InvalidNameException, ResourceNotFoundError from .utils import get_random_identity_id class CognitoIdentity(BaseModel): def __init__(self, region, identity_pool_name, **kwargs): self.identity_pool_name = identity_pool_name + + if not re.fullmatch(r"[\w\s+=,.@-]+", identity_pool_name): + raise InvalidNameException(identity_pool_name) + self.allow_unauthenticated_identities = kwargs.get( "allow_unauthenticated_identities", "" ) diff --git a/tests/test_cognitoidentity/test_cognitoidentity.py b/tests/test_cognitoidentity/test_cognitoidentity.py index 187cc853c..2658cfd5f 100644 --- a/tests/test_cognitoidentity/test_cognitoidentity.py +++ b/tests/test_cognitoidentity/test_cognitoidentity.py @@ -11,6 +11,32 @@ from moto.core import ACCOUNT_ID from uuid import UUID +@mock_cognitoidentity +@pytest.mark.parametrize("name", ["pool#name", "with!excl", "with?quest"]) +def test_create_identity_pool_invalid_name(name): + conn = boto3.client("cognito-identity", "us-west-2") + + with pytest.raises(ClientError) as exc: + conn.create_identity_pool( + IdentityPoolName=name, AllowUnauthenticatedIdentities=False + ) + err = exc.value.response["Error"] + err["Code"].should.equal("ValidationException") + err["Message"].should.equal( + f"1 validation error detected: Value '{name}' at 'identityPoolName' failed to satisfy constraint: Member must satisfy regular expression pattern: [\\w\\s+=,.@-]+" + ) + + +@mock_cognitoidentity +@pytest.mark.parametrize("name", ["x", "pool-", "pool_name", "with space"]) +def test_create_identity_pool_valid_name(name): + conn = boto3.client("cognito-identity", "us-west-2") + + conn.create_identity_pool( + IdentityPoolName=name, AllowUnauthenticatedIdentities=False + ) + + @mock_cognitoidentity def test_create_identity_pool(): conn = boto3.client("cognito-identity", "us-west-2")