From 8bad71ec091c9604ee735b361dc674961218ff00 Mon Sep 17 00:00:00 2001 From: Ashwin Kumar Date: Fri, 17 May 2024 11:23:39 -0700 Subject: [PATCH 01/11] feat(adapter-nextjs): validate if access and id tokens are valid cognito tokens --- .../createRunWithAmplifyServerContext.ts | 6 ++ .../adapter-nextjs/src/utils/validator.ts | 48 +++++++++++++ ...KeyValueStorageFromCookieStorageAdapter.ts | 13 +++- .../adapter-core/storageFactories/types.ts | 10 +++ .../utils/isValidCognitoToken.test.ts | 68 +++++++++++++++++++ packages/core/package.json | 1 + packages/core/src/libraryUtils.ts | 1 + .../core/src/utils/isValidCognitoToken.ts | 35 ++++++++++ 8 files changed, 180 insertions(+), 2 deletions(-) create mode 100644 packages/adapter-nextjs/src/utils/validator.ts create mode 100644 packages/aws-amplify/src/adapter-core/storageFactories/types.ts create mode 100644 packages/core/__tests__/utils/isValidCognitoToken.test.ts create mode 100644 packages/core/src/utils/isValidCognitoToken.ts diff --git a/packages/adapter-nextjs/src/utils/createRunWithAmplifyServerContext.ts b/packages/adapter-nextjs/src/utils/createRunWithAmplifyServerContext.ts index 787e934c11b..8d47dad07c6 100644 --- a/packages/adapter-nextjs/src/utils/createRunWithAmplifyServerContext.ts +++ b/packages/adapter-nextjs/src/utils/createRunWithAmplifyServerContext.ts @@ -11,6 +11,7 @@ import { import { NextServer } from '../types'; +import { validator } from './validator'; import { createCookieStorageAdapterFromNextServerContext } from './createCookieStorageAdapterFromNextServerContext'; export const createRunWithAmplifyServerContext = ({ @@ -34,6 +35,11 @@ export const createRunWithAmplifyServerContext = ({ createCookieStorageAdapterFromNextServerContext( nextServerContext, ), + validator({ + userPoolId: resourcesConfig?.Auth.Cognito?.userPoolId, + userPoolClientId: + resourcesConfig?.Auth.Cognito?.userPoolClientId, + }), ); const credentialsProvider = createAWSCredentialsAndIdentityIdProvider( resourcesConfig.Auth, diff --git a/packages/adapter-nextjs/src/utils/validator.ts b/packages/adapter-nextjs/src/utils/validator.ts new file mode 100644 index 00000000000..44fdba1a2ff --- /dev/null +++ b/packages/adapter-nextjs/src/utils/validator.ts @@ -0,0 +1,48 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { isValidCognitoToken } from '@aws-amplify/core/internals/utils'; +import { KeyValueStorageInterface } from '@aws-amplify/core'; + +// TODO import type from here +// import { Validator } from '@aws-amplify/core/internals/adapter-core'; + +export type Validator = Partial< + Record +>; + +type ValidatorFunction = (...args: any[]) => Promise; + +/** + * Creates a validator object for validating methods in a KeyValueStorage. + */ +export const validator = ({ + userPoolId, + userPoolClientId: clientId, +}: { + userPoolId: string | undefined; + userPoolClientId: string | undefined; +}): Validator => { + return { + // validate access, id tokens + getItem: async (key: string, value: string): Promise => { + const tokenType = key.includes('.accessToken') + ? 'access' + : key.includes('.idToken') + ? 'id' + : null; + if (!tokenType) return true; + + // TODO: is this correct ? + // make sure userPoolId && clientId are present if token is access/id + if (!userPoolId || !clientId) return false; + + return isValidCognitoToken({ + clientId, + userPoolId, + tokenType, + token: value, + }); + }, + }; +}; diff --git a/packages/aws-amplify/src/adapter-core/storageFactories/createKeyValueStorageFromCookieStorageAdapter.ts b/packages/aws-amplify/src/adapter-core/storageFactories/createKeyValueStorageFromCookieStorageAdapter.ts index dffd9bc4752..546a78d2b96 100644 --- a/packages/aws-amplify/src/adapter-core/storageFactories/createKeyValueStorageFromCookieStorageAdapter.ts +++ b/packages/aws-amplify/src/adapter-core/storageFactories/createKeyValueStorageFromCookieStorageAdapter.ts @@ -4,6 +4,8 @@ import { KeyValueStorageInterface } from '@aws-amplify/core'; import { CookieStorage } from '@aws-amplify/core/internals/adapter-core'; +import { Validator } from './types'; + export const defaultSetCookieOptions: CookieStorage.SetCookieOptions = { // TODO: allow configure with a public interface sameSite: 'lax', @@ -18,6 +20,7 @@ const ONE_YEAR_IN_MS = 365 * 24 * 60 * 60 * 1000; */ export const createKeyValueStorageFromCookieStorageAdapter = ( cookieStorageAdapter: CookieStorage.Adapter, + validatorMap?: Validator, ): KeyValueStorageInterface => { return { setItem(key, value) { @@ -29,10 +32,16 @@ export const createKeyValueStorageFromCookieStorageAdapter = ( return Promise.resolve(); }, - getItem(key) { + async getItem(key) { const cookie = cookieStorageAdapter.get(key); + const value = cookie?.value ?? null; + + if (value && validatorMap?.getItem) { + const isValid = await validatorMap.getItem(key, value); + if (!isValid) return null; + } - return Promise.resolve(cookie?.value ?? null); + return value; }, removeItem(key) { cookieStorageAdapter.delete(key); diff --git a/packages/aws-amplify/src/adapter-core/storageFactories/types.ts b/packages/aws-amplify/src/adapter-core/storageFactories/types.ts new file mode 100644 index 00000000000..6c9a3ee99c5 --- /dev/null +++ b/packages/aws-amplify/src/adapter-core/storageFactories/types.ts @@ -0,0 +1,10 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { KeyValueStorageInterface } from '@aws-amplify/core'; + +export type Validator = Partial< + Record +>; + +type ValidatorFunction = (...args: any[]) => Promise; diff --git a/packages/core/__tests__/utils/isValidCognitoToken.test.ts b/packages/core/__tests__/utils/isValidCognitoToken.test.ts new file mode 100644 index 00000000000..3b08b389ceb --- /dev/null +++ b/packages/core/__tests__/utils/isValidCognitoToken.test.ts @@ -0,0 +1,68 @@ +import { CognitoJwtVerifier } from 'aws-jwt-verify'; + +import { isValidCognitoToken } from '../../src/utils/isValidCognitoToken'; + +jest.mock('aws-jwt-verify', () => { + return { + CognitoJwtVerifier: { + create: jest.fn(), + }, + }; +}); + +const mockedCreate = CognitoJwtVerifier.create as jest.MockedFunction< + typeof CognitoJwtVerifier.create +>; + +describe('isValidCognitoToken', () => { + const token = 'mocked-token'; + const userPoolId = 'us-east-1_test'; + const clientId = 'client-id-test'; + const tokenType = 'id'; + + beforeEach(() => { + jest.clearAllMocks(); + }); + + it('should return true for a valid token', async () => { + const mockVerifier: any = { + verify: jest.fn().mockResolvedValue({}), + }; + mockedCreate.mockReturnValue(mockVerifier); + + const isValid = await isValidCognitoToken({ + token, + userPoolId, + clientId, + tokenType, + }); + expect(isValid).toBe(true); + expect(CognitoJwtVerifier.create).toHaveBeenCalledWith({ + userPoolId, + clientId, + tokenUse: tokenType, + }); + expect(mockVerifier.verify).toHaveBeenCalledWith(token); + }); + + it('should return false for an invalid token', async () => { + const mockVerifier: any = { + verify: jest.fn().mockRejectedValue(new Error('Invalid token')), + }; + mockedCreate.mockReturnValue(mockVerifier); + + const isValid = await isValidCognitoToken({ + token, + userPoolId, + clientId, + tokenType, + }); + expect(isValid).toBe(false); + expect(CognitoJwtVerifier.create).toHaveBeenCalledWith({ + userPoolId, + clientId, + tokenUse: tokenType, + }); + expect(mockVerifier.verify).toHaveBeenCalledWith(token); + }); +}); diff --git a/packages/core/package.json b/packages/core/package.json index 759d8aa3b7d..c0496846182 100644 --- a/packages/core/package.json +++ b/packages/core/package.json @@ -54,6 +54,7 @@ "@aws-sdk/types": "3.398.0", "@smithy/util-hex-encoding": "2.0.0", "@types/uuid": "^9.0.0", + "aws-jwt-verify": "^4.0.1", "js-cookie": "^3.0.5", "rxjs": "^7.8.1", "tslib": "^2.5.0", diff --git a/packages/core/src/libraryUtils.ts b/packages/core/src/libraryUtils.ts index 1eadf9d5c5a..2165832a09d 100644 --- a/packages/core/src/libraryUtils.ts +++ b/packages/core/src/libraryUtils.ts @@ -69,6 +69,7 @@ export { AWSCredentials, } from './singleton/Auth/types'; export { haveCredentialsChanged } from './utils/haveCredentialsChanged'; +export { isValidCognitoToken } from './utils/isValidCognitoToken'; // Platform & user-agent utilities export { diff --git a/packages/core/src/utils/isValidCognitoToken.ts b/packages/core/src/utils/isValidCognitoToken.ts new file mode 100644 index 00000000000..9eb8a7a5e6a --- /dev/null +++ b/packages/core/src/utils/isValidCognitoToken.ts @@ -0,0 +1,35 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import { CognitoJwtVerifier } from 'aws-jwt-verify'; + +/** + * Verifies a Cognito JWT token for its validity. + * + * @param input - An object containing: + * - token: The JWT token as a string that needs to be verified. + * - userPoolId: The ID of the AWS Cognito User Pool to which the token belongs. + * - clientId: The Client ID associated with the Cognito User Pool. + * @internal + */ +export const isValidCognitoToken = async (input: { + token: string; + userPoolId: string; + clientId: string; + tokenType: 'id' | 'access'; +}): Promise => { + const { userPoolId, clientId, tokenType, token } = input; + + try { + const verifier = CognitoJwtVerifier.create({ + userPoolId, + tokenUse: tokenType, + clientId, + }); + await verifier.verify(token); + + return true; + } catch (error) { + return false; + } +}; From 6c053e0f797c65a4195bfab4600269d696671b48 Mon Sep 17 00:00:00 2001 From: Ashwin Kumar Date: Fri, 17 May 2024 13:50:06 -0700 Subject: [PATCH 02/11] add unit tests and cleanups --- .../__tests__/utils/validator.test.ts | 94 +++++++++++++++++++ .../createRunWithAmplifyServerContext.ts | 4 +- .../{validator.ts => createTokenValidator.ts} | 15 +-- ...lueStorageFromCookieStorageAdapter.test.ts | 9 +- ...KeyValueStorageFromCookieStorageAdapter.ts | 9 +- packages/core/src/adapterCore/index.ts | 1 + .../src/adapterCore/serverContext/index.ts | 6 +- .../types/KeyValueStorageValidator.ts} | 4 +- .../adapterCore/serverContext/types/index.ts | 1 + 9 files changed, 121 insertions(+), 22 deletions(-) create mode 100644 packages/adapter-nextjs/__tests__/utils/validator.test.ts rename packages/adapter-nextjs/src/utils/{validator.ts => createTokenValidator.ts} (71%) rename packages/{aws-amplify/src/adapter-core/storageFactories/types.ts => core/src/adapterCore/serverContext/types/KeyValueStorageValidator.ts} (68%) diff --git a/packages/adapter-nextjs/__tests__/utils/validator.test.ts b/packages/adapter-nextjs/__tests__/utils/validator.test.ts new file mode 100644 index 00000000000..68046b3e754 --- /dev/null +++ b/packages/adapter-nextjs/__tests__/utils/validator.test.ts @@ -0,0 +1,94 @@ +// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +import * as coreUtils from '@aws-amplify/core/internals/utils'; + +import { createTokenValidator } from '../../src/utils/createTokenValidator'; + +jest.mock('@aws-amplify/core/internals/utils', () => ({ + isValidCognitoToken: jest.fn(), +})); + +const userPoolId = 'userPoolId'; +const userPoolClientId = 'clientId'; +const tokenValidatorInput = { + userPoolId, + userPoolClientId, +}; +const accessToken = { + key: 'CognitoIdentityServiceProvider.clientId.usersub.accessToken', + value: + 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxMTEiLCJpc3MiOiJodHRwc', +}; +const idToken = { + key: 'CognitoIdentityServiceProvider.clientId.usersub.idToken', + value: 'eyJzdWIiOiIxMTEiLCJpc3MiOiJodHRwc.XAiOiJKV1QiLCJhbGciOiJIUzI1NiJ', +}; + +const tokenValidator = createTokenValidator({ + userPoolId, + userPoolClientId, +}); + +describe('Validator', () => { + afterEach(() => { + jest.resetAllMocks(); + }); + it('should return a key value storage', () => { + expect(createTokenValidator(tokenValidatorInput)).toBeDefined(); + }); + + it('should return true for non-token keys', async () => { + const isValidCognitoTokenSpy = jest.spyOn(coreUtils, 'isValidCognitoToken'); + + const result = await tokenValidator?.getItem?.('mockKey', 'mockValue'); + expect(result).toBe(true); + expect(isValidCognitoTokenSpy).toHaveBeenCalledTimes(0); + }); + + it('should return true for valid accessToken', async () => { + const isValidCognitoTokenSpy = jest + .spyOn(coreUtils, 'isValidCognitoToken') + .mockReturnValue(Promise.resolve(true)); + + const result = await tokenValidator?.getItem?.( + accessToken.key, + accessToken.value, + ); + + expect(result).toBe(true); + expect(isValidCognitoTokenSpy).toHaveBeenCalledTimes(1); + expect(isValidCognitoTokenSpy).toHaveBeenCalledWith({ + userPoolId, + clientId: userPoolClientId, + token: accessToken.value, + tokenType: 'access', + }); + }); + + it('should return true for valid idToken', async () => { + const isValidCognitoTokenSpy = jest + .spyOn(coreUtils, 'isValidCognitoToken') + .mockReturnValue(Promise.resolve(true)); + + const result = await tokenValidator?.getItem?.(idToken.key, idToken.value); + expect(result).toBe(true); + expect(isValidCognitoTokenSpy).toHaveBeenCalledTimes(1); + expect(isValidCognitoTokenSpy).toHaveBeenCalledWith({ + userPoolId, + clientId: userPoolClientId, + token: idToken.value, + tokenType: 'id', + }); + }); + + it('should return false if invalid tokenType is access', async () => { + const isValidCognitoTokenSpy = jest + .spyOn(coreUtils, 'isValidCognitoToken') + .mockReturnValue(Promise.resolve(false)); + + const result = await tokenValidator?.getItem?.(idToken.key, idToken.value); + expect(result).toBe(false); + expect(isValidCognitoTokenSpy).toHaveBeenCalledTimes(1); + }); +}); diff --git a/packages/adapter-nextjs/src/utils/createRunWithAmplifyServerContext.ts b/packages/adapter-nextjs/src/utils/createRunWithAmplifyServerContext.ts index 8d47dad07c6..3d20f19cd67 100644 --- a/packages/adapter-nextjs/src/utils/createRunWithAmplifyServerContext.ts +++ b/packages/adapter-nextjs/src/utils/createRunWithAmplifyServerContext.ts @@ -11,7 +11,7 @@ import { import { NextServer } from '../types'; -import { validator } from './validator'; +import { createTokenValidator } from './createTokenValidator'; import { createCookieStorageAdapterFromNextServerContext } from './createCookieStorageAdapterFromNextServerContext'; export const createRunWithAmplifyServerContext = ({ @@ -35,7 +35,7 @@ export const createRunWithAmplifyServerContext = ({ createCookieStorageAdapterFromNextServerContext( nextServerContext, ), - validator({ + createTokenValidator({ userPoolId: resourcesConfig?.Auth.Cognito?.userPoolId, userPoolClientId: resourcesConfig?.Auth.Cognito?.userPoolClientId, diff --git a/packages/adapter-nextjs/src/utils/validator.ts b/packages/adapter-nextjs/src/utils/createTokenValidator.ts similarity index 71% rename from packages/adapter-nextjs/src/utils/validator.ts rename to packages/adapter-nextjs/src/utils/createTokenValidator.ts index 44fdba1a2ff..c6bf9995ed5 100644 --- a/packages/adapter-nextjs/src/utils/validator.ts +++ b/packages/adapter-nextjs/src/utils/createTokenValidator.ts @@ -2,27 +2,18 @@ // SPDX-License-Identifier: Apache-2.0 import { isValidCognitoToken } from '@aws-amplify/core/internals/utils'; -import { KeyValueStorageInterface } from '@aws-amplify/core'; - -// TODO import type from here -// import { Validator } from '@aws-amplify/core/internals/adapter-core'; - -export type Validator = Partial< - Record ->; - -type ValidatorFunction = (...args: any[]) => Promise; +import { KeyValueStorageValidator } from '@aws-amplify/core/internals/adapter-core'; /** * Creates a validator object for validating methods in a KeyValueStorage. */ -export const validator = ({ +export const createTokenValidator = ({ userPoolId, userPoolClientId: clientId, }: { userPoolId: string | undefined; userPoolClientId: string | undefined; -}): Validator => { +}): KeyValueStorageValidator => { return { // validate access, id tokens getItem: async (key: string, value: string): Promise => { diff --git a/packages/aws-amplify/__tests__/adapterCore/storageFactories/createKeyValueStorageFromCookieStorageAdapter.test.ts b/packages/aws-amplify/__tests__/adapterCore/storageFactories/createKeyValueStorageFromCookieStorageAdapter.test.ts index b3d1e24022e..40a07736c88 100644 --- a/packages/aws-amplify/__tests__/adapterCore/storageFactories/createKeyValueStorageFromCookieStorageAdapter.test.ts +++ b/packages/aws-amplify/__tests__/adapterCore/storageFactories/createKeyValueStorageFromCookieStorageAdapter.test.ts @@ -22,7 +22,7 @@ describe('keyValueStorage', () => { }); describe('the returned key value storage', () => { - const keyValueStorage = createKeyValueStorageFromCookieStorageAdapter( + let keyValueStorage = createKeyValueStorageFromCookieStorageAdapter( mockCookiesStorageAdapter, ); @@ -55,6 +55,12 @@ describe('keyValueStorage', () => { }); it('should get item', async () => { + const getItemValidator = jest.fn().mockImplementation(() => true); + keyValueStorage = createKeyValueStorageFromCookieStorageAdapter( + mockCookiesStorageAdapter, + { getItem: getItemValidator }, + ); + const testKey = 'testKey'; const testValue = 'testValue'; mockCookiesStorageAdapter.get.mockReturnValueOnce({ @@ -63,6 +69,7 @@ describe('keyValueStorage', () => { }); const value = await keyValueStorage.getItem(testKey); expect(value).toBe(testValue); + expect(getItemValidator).toHaveBeenCalledTimes(1); }); it('should get null if item not found', async () => { diff --git a/packages/aws-amplify/src/adapter-core/storageFactories/createKeyValueStorageFromCookieStorageAdapter.ts b/packages/aws-amplify/src/adapter-core/storageFactories/createKeyValueStorageFromCookieStorageAdapter.ts index 546a78d2b96..e945468ce2e 100644 --- a/packages/aws-amplify/src/adapter-core/storageFactories/createKeyValueStorageFromCookieStorageAdapter.ts +++ b/packages/aws-amplify/src/adapter-core/storageFactories/createKeyValueStorageFromCookieStorageAdapter.ts @@ -2,9 +2,10 @@ // SPDX-License-Identifier: Apache-2.0 import { KeyValueStorageInterface } from '@aws-amplify/core'; -import { CookieStorage } from '@aws-amplify/core/internals/adapter-core'; - -import { Validator } from './types'; +import { + CookieStorage, + KeyValueStorageValidator, +} from '@aws-amplify/core/internals/adapter-core'; export const defaultSetCookieOptions: CookieStorage.SetCookieOptions = { // TODO: allow configure with a public interface @@ -20,7 +21,7 @@ const ONE_YEAR_IN_MS = 365 * 24 * 60 * 60 * 1000; */ export const createKeyValueStorageFromCookieStorageAdapter = ( cookieStorageAdapter: CookieStorage.Adapter, - validatorMap?: Validator, + validatorMap?: KeyValueStorageValidator, ): KeyValueStorageInterface => { return { setItem(key, value) { diff --git a/packages/core/src/adapterCore/index.ts b/packages/core/src/adapterCore/index.ts index 88abe3e4bba..ec3422a065f 100644 --- a/packages/core/src/adapterCore/index.ts +++ b/packages/core/src/adapterCore/index.ts @@ -7,5 +7,6 @@ export { destroyAmplifyServerContext, AmplifyServer, CookieStorage, + KeyValueStorageValidator, } from './serverContext'; export { AmplifyServerContextError } from './error'; diff --git a/packages/core/src/adapterCore/serverContext/index.ts b/packages/core/src/adapterCore/serverContext/index.ts index 0a69fb6c9d8..5dabb2dbd1d 100644 --- a/packages/core/src/adapterCore/serverContext/index.ts +++ b/packages/core/src/adapterCore/serverContext/index.ts @@ -7,4 +7,8 @@ export { getAmplifyServerContext, } from './serverContext'; -export { AmplifyServer, CookieStorage } from './types'; +export { + AmplifyServer, + CookieStorage, + KeyValueStorageValidator, +} from './types'; diff --git a/packages/aws-amplify/src/adapter-core/storageFactories/types.ts b/packages/core/src/adapterCore/serverContext/types/KeyValueStorageValidator.ts similarity index 68% rename from packages/aws-amplify/src/adapter-core/storageFactories/types.ts rename to packages/core/src/adapterCore/serverContext/types/KeyValueStorageValidator.ts index 6c9a3ee99c5..22b11322473 100644 --- a/packages/aws-amplify/src/adapter-core/storageFactories/types.ts +++ b/packages/core/src/adapterCore/serverContext/types/KeyValueStorageValidator.ts @@ -1,9 +1,9 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { KeyValueStorageInterface } from '@aws-amplify/core'; +import { KeyValueStorageInterface } from '../../../index'; -export type Validator = Partial< +export type KeyValueStorageValidator = Partial< Record >; diff --git a/packages/core/src/adapterCore/serverContext/types/index.ts b/packages/core/src/adapterCore/serverContext/types/index.ts index 0c73229ee50..36aed168bc7 100644 --- a/packages/core/src/adapterCore/serverContext/types/index.ts +++ b/packages/core/src/adapterCore/serverContext/types/index.ts @@ -7,3 +7,4 @@ type AmplifyServerContextSpec = AmplifyServer.ContextSpec; export { AmplifyServerContextSpec, AmplifyServer }; export { CookieStorage } from './cookieStorage'; +export { KeyValueStorageValidator } from './KeyValueStorageValidator'; From f00745063dc1357ac7213305a545e1cc3e333e1d Mon Sep 17 00:00:00 2001 From: Ashwin Kumar Date: Fri, 17 May 2024 14:02:56 -0700 Subject: [PATCH 03/11] increase bundle size --- packages/aws-amplify/package.json | 56 +++++++++++++++---------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/packages/aws-amplify/package.json b/packages/aws-amplify/package.json index 7e2f6090c8a..b1e81b37896 100644 --- a/packages/aws-amplify/package.json +++ b/packages/aws-amplify/package.json @@ -293,31 +293,31 @@ "name": "[Analytics] record (Pinpoint)", "path": "./dist/esm/analytics/index.mjs", "import": "{ record }", - "limit": "17.02 kB" + "limit": "17.23 kB" }, { "name": "[Analytics] record (Kinesis)", "path": "./dist/esm/analytics/kinesis/index.mjs", "import": "{ record }", - "limit": "48.56 kB" + "limit": "48.67 kB" }, { "name": "[Analytics] record (Kinesis Firehose)", "path": "./dist/esm/analytics/kinesis-firehose/index.mjs", "import": "{ record }", - "limit": "45.68 kB" + "limit": "45.81 kB" }, { "name": "[Analytics] record (Personalize)", "path": "./dist/esm/analytics/personalize/index.mjs", "import": "{ record }", - "limit": "49.50 kB" + "limit": "49.63 kB" }, { "name": "[Analytics] identifyUser (Pinpoint)", "path": "./dist/esm/analytics/index.mjs", "import": "{ identifyUser }", - "limit": "15.53 kB" + "limit": "15.73 kB" }, { "name": "[Analytics] enable", @@ -335,7 +335,7 @@ "name": "[API] generateClient (AppSync)", "path": "./dist/esm/api/index.mjs", "import": "{ generateClient }", - "limit": "40.09 kB" + "limit": "40.19 kB" }, { "name": "[API] REST API handlers", @@ -353,13 +353,13 @@ "name": "[Auth] resetPassword (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ resetPassword }", - "limit": "12.44 kB" + "limit": "12.57 kB" }, { "name": "[Auth] confirmResetPassword (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ confirmResetPassword }", - "limit": "12.39 kB" + "limit": "12.51 kB" }, { "name": "[Auth] signIn (Cognito)", @@ -371,7 +371,7 @@ "name": "[Auth] resendSignUpCode (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ resendSignUpCode }", - "limit": "12.40 kB" + "limit": "12.53 kB" }, { "name": "[Auth] confirmSignUp (Cognito)", @@ -383,31 +383,31 @@ "name": "[Auth] confirmSignIn (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ confirmSignIn }", - "limit": "28.10 kB" + "limit": "28.42 kB" }, { "name": "[Auth] updateMFAPreference (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ updateMFAPreference }", - "limit": "11.74 kB" + "limit": "11.87 kB" }, { "name": "[Auth] fetchMFAPreference (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ fetchMFAPreference }", - "limit": "11.78 kB" + "limit": "11.90 kB" }, { "name": "[Auth] verifyTOTPSetup (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ verifyTOTPSetup }", - "limit": "12.59 kB" + "limit": "12.74 kB" }, { "name": "[Auth] updatePassword (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ updatePassword }", - "limit": "12.63 kB" + "limit": "12.76 kB" }, { "name": "[Auth] setUpTOTP (Cognito)", @@ -419,85 +419,85 @@ "name": "[Auth] updateUserAttributes (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ updateUserAttributes }", - "limit": "11.87 kB" + "limit": "11.99 kB" }, { "name": "[Auth] getCurrentUser (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ getCurrentUser }", - "limit": "7.75 kB" + "limit": "7.89 kB" }, { "name": "[Auth] confirmUserAttribute (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ confirmUserAttribute }", - "limit": "12.61 kB" + "limit": "12.74 kB" }, { "name": "[Auth] signInWithRedirect (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ signInWithRedirect }", - "limit": "21.10 kB" + "limit": "21.18 kB" }, { "name": "[Auth] fetchUserAttributes (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ fetchUserAttributes }", - "limit": "11.69 kB" + "limit": "11.81 kB" }, { "name": "[Auth] Basic Auth Flow (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ signIn, signOut, fetchAuthSession, confirmSignIn }", - "limit": "29.90 kB" + "limit": "30.19 kB" }, { "name": "[Auth] OAuth Auth Flow (Cognito)", "path": "./dist/esm/auth/index.mjs", "import": "{ signInWithRedirect, signOut, fetchAuthSession }", - "limit": "21.47 kB" + "limit": "21.61 kB" }, { "name": "[Storage] copy (S3)", "path": "./dist/esm/storage/index.mjs", "import": "{ copy }", - "limit": "14.54 kB" + "limit": "14.65 kB" }, { "name": "[Storage] downloadData (S3)", "path": "./dist/esm/storage/index.mjs", "import": "{ downloadData }", - "limit": "15.17 kB" + "limit": "15.28 kB" }, { "name": "[Storage] getProperties (S3)", "path": "./dist/esm/storage/index.mjs", "import": "{ getProperties }", - "limit": "14.43 kB" + "limit": "14.54 kB" }, { "name": "[Storage] getUrl (S3)", "path": "./dist/esm/storage/index.mjs", "import": "{ getUrl }", - "limit": "15.51 kB" + "limit": "15.63 kB" }, { "name": "[Storage] list (S3)", "path": "./dist/esm/storage/index.mjs", "import": "{ list }", - "limit": "14.94 kB" + "limit": "15.05 kB" }, { "name": "[Storage] remove (S3)", "path": "./dist/esm/storage/index.mjs", "import": "{ remove }", - "limit": "14.29 kB" + "limit": "14.40 kB" }, { "name": "[Storage] uploadData (S3)", "path": "./dist/esm/storage/index.mjs", "import": "{ uploadData }", - "limit": "19.64 kB" + "limit": "19.74 kB" } ] } From e741faa85086173f4d796a61a0e20a0e420d4d95 Mon Sep 17 00:00:00 2001 From: Ashwin Kumar Date: Fri, 17 May 2024 14:25:30 -0700 Subject: [PATCH 04/11] increase bundle size --- .../{validator.test.ts => createTokenValidator.test.ts} | 0 packages/interactions/package.json | 6 +++--- 2 files changed, 3 insertions(+), 3 deletions(-) rename packages/adapter-nextjs/__tests__/utils/{validator.test.ts => createTokenValidator.test.ts} (100%) diff --git a/packages/adapter-nextjs/__tests__/utils/validator.test.ts b/packages/adapter-nextjs/__tests__/utils/createTokenValidator.test.ts similarity index 100% rename from packages/adapter-nextjs/__tests__/utils/validator.test.ts rename to packages/adapter-nextjs/__tests__/utils/createTokenValidator.test.ts diff --git a/packages/interactions/package.json b/packages/interactions/package.json index 8387d89a7bc..de4bfcd87fc 100644 --- a/packages/interactions/package.json +++ b/packages/interactions/package.json @@ -89,19 +89,19 @@ "name": "Interactions (default to Lex v2)", "path": "./dist/esm/index.mjs", "import": "{ Interactions }", - "limit": "52.52 kB" + "limit": "52.64 kB" }, { "name": "Interactions (Lex v2)", "path": "./dist/esm/lex-v2/index.mjs", "import": "{ Interactions }", - "limit": "52.52 kB" + "limit": "52.64 kB" }, { "name": "Interactions (Lex v1)", "path": "./dist/esm/lex-v1/index.mjs", "import": "{ Interactions }", - "limit": "47.33 kB" + "limit": "47.45 kB" } ] } From d149005e841367e604e0b4944cedb9db4a86eb1e Mon Sep 17 00:00:00 2001 From: Ashwin Kumar Date: Mon, 20 May 2024 08:25:39 -0700 Subject: [PATCH 05/11] Update packages/core/src/adapterCore/serverContext/types/KeyValueStorageValidator.ts Co-authored-by: Hui Zhao <10602282+HuiSF@users.noreply.github.com> --- .../adapterCore/serverContext/types/KeyValueStorageValidator.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/core/src/adapterCore/serverContext/types/KeyValueStorageValidator.ts b/packages/core/src/adapterCore/serverContext/types/KeyValueStorageValidator.ts index 22b11322473..e385ebbb17f 100644 --- a/packages/core/src/adapterCore/serverContext/types/KeyValueStorageValidator.ts +++ b/packages/core/src/adapterCore/serverContext/types/KeyValueStorageValidator.ts @@ -1,7 +1,7 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import { KeyValueStorageInterface } from '../../../index'; +import { KeyValueStorageInterface } from '../../../types/storage'; export type KeyValueStorageValidator = Partial< Record From 7970a4193ece4973762b1b5fa92a4f8e2b39e8e8 Mon Sep 17 00:00:00 2001 From: Ashwin Kumar Date: Mon, 20 May 2024 08:29:04 -0700 Subject: [PATCH 06/11] Update packages/adapter-nextjs/__tests__/utils/createTokenValidator.test.ts Co-authored-by: Hui Zhao <10602282+HuiSF@users.noreply.github.com> --- .../adapter-nextjs/__tests__/utils/createTokenValidator.test.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/adapter-nextjs/__tests__/utils/createTokenValidator.test.ts b/packages/adapter-nextjs/__tests__/utils/createTokenValidator.test.ts index 68046b3e754..cec4ff7b220 100644 --- a/packages/adapter-nextjs/__tests__/utils/createTokenValidator.test.ts +++ b/packages/adapter-nextjs/__tests__/utils/createTokenValidator.test.ts @@ -34,7 +34,7 @@ describe('Validator', () => { afterEach(() => { jest.resetAllMocks(); }); - it('should return a key value storage', () => { + it('should return a validator', () => { expect(createTokenValidator(tokenValidatorInput)).toBeDefined(); }); From 2b300b479956c4b4ae2b524a70c52cff06525640 Mon Sep 17 00:00:00 2001 From: Ashwin Kumar Date: Mon, 20 May 2024 08:47:33 -0700 Subject: [PATCH 07/11] Update packages/core/src/adapterCore/serverContext/types/KeyValueStorageValidator.ts Co-authored-by: Hui Zhao <10602282+HuiSF@users.noreply.github.com> --- .../adapterCore/serverContext/types/KeyValueStorageValidator.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/core/src/adapterCore/serverContext/types/KeyValueStorageValidator.ts b/packages/core/src/adapterCore/serverContext/types/KeyValueStorageValidator.ts index e385ebbb17f..fe69d511b8d 100644 --- a/packages/core/src/adapterCore/serverContext/types/KeyValueStorageValidator.ts +++ b/packages/core/src/adapterCore/serverContext/types/KeyValueStorageValidator.ts @@ -3,7 +3,7 @@ import { KeyValueStorageInterface } from '../../../types/storage'; -export type KeyValueStorageValidator = Partial< +export type KeyValueStorageMethodValidator = Partial< Record >; From afb3ba2b092778fffeae645e932337905608b02a Mon Sep 17 00:00:00 2001 From: Ashwin Kumar Date: Mon, 20 May 2024 09:51:10 -0700 Subject: [PATCH 08/11] address feedback --- .../utils/createTokenValidator.test.ts | 38 +++++++-------- .../src/utils/createTokenValidator.ts | 6 +-- ...lueStorageFromCookieStorageAdapter.test.ts | 48 +++++++++++++++---- ...KeyValueStorageFromCookieStorageAdapter.ts | 4 +- packages/core/src/adapterCore/index.ts | 2 +- .../src/adapterCore/serverContext/index.ts | 2 +- ...r.ts => KeyValueStorageMethodValidator.ts} | 0 .../adapterCore/serverContext/types/index.ts | 2 +- 8 files changed, 63 insertions(+), 39 deletions(-) rename packages/core/src/adapterCore/serverContext/types/{KeyValueStorageValidator.ts => KeyValueStorageMethodValidator.ts} (100%) diff --git a/packages/adapter-nextjs/__tests__/utils/createTokenValidator.test.ts b/packages/adapter-nextjs/__tests__/utils/createTokenValidator.test.ts index cec4ff7b220..574e14dec8e 100644 --- a/packages/adapter-nextjs/__tests__/utils/createTokenValidator.test.ts +++ b/packages/adapter-nextjs/__tests__/utils/createTokenValidator.test.ts @@ -1,13 +1,15 @@ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -import * as coreUtils from '@aws-amplify/core/internals/utils'; +import { isValidCognitoToken } from '@aws-amplify/core/internals/utils'; import { createTokenValidator } from '../../src/utils/createTokenValidator'; jest.mock('@aws-amplify/core/internals/utils', () => ({ + ...jest.requireActual('@aws-amplify/core/internals/utils'), isValidCognitoToken: jest.fn(), })); +const mockIsValidCognitoToken = isValidCognitoToken as jest.Mock; const userPoolId = 'userPoolId'; const userPoolClientId = 'clientId'; @@ -39,26 +41,22 @@ describe('Validator', () => { }); it('should return true for non-token keys', async () => { - const isValidCognitoTokenSpy = jest.spyOn(coreUtils, 'isValidCognitoToken'); - - const result = await tokenValidator?.getItem?.('mockKey', 'mockValue'); + const result = await tokenValidator.getItem?.('mockKey', 'mockValue'); expect(result).toBe(true); - expect(isValidCognitoTokenSpy).toHaveBeenCalledTimes(0); + expect(mockIsValidCognitoToken).toHaveBeenCalledTimes(0); }); it('should return true for valid accessToken', async () => { - const isValidCognitoTokenSpy = jest - .spyOn(coreUtils, 'isValidCognitoToken') - .mockReturnValue(Promise.resolve(true)); + mockIsValidCognitoToken.mockImplementation(() => Promise.resolve(true)); - const result = await tokenValidator?.getItem?.( + const result = await tokenValidator.getItem?.( accessToken.key, accessToken.value, ); expect(result).toBe(true); - expect(isValidCognitoTokenSpy).toHaveBeenCalledTimes(1); - expect(isValidCognitoTokenSpy).toHaveBeenCalledWith({ + expect(mockIsValidCognitoToken).toHaveBeenCalledTimes(1); + expect(mockIsValidCognitoToken).toHaveBeenCalledWith({ userPoolId, clientId: userPoolClientId, token: accessToken.value, @@ -67,14 +65,12 @@ describe('Validator', () => { }); it('should return true for valid idToken', async () => { - const isValidCognitoTokenSpy = jest - .spyOn(coreUtils, 'isValidCognitoToken') - .mockReturnValue(Promise.resolve(true)); + mockIsValidCognitoToken.mockImplementation(() => Promise.resolve(true)); - const result = await tokenValidator?.getItem?.(idToken.key, idToken.value); + const result = await tokenValidator.getItem?.(idToken.key, idToken.value); expect(result).toBe(true); - expect(isValidCognitoTokenSpy).toHaveBeenCalledTimes(1); - expect(isValidCognitoTokenSpy).toHaveBeenCalledWith({ + expect(mockIsValidCognitoToken).toHaveBeenCalledTimes(1); + expect(mockIsValidCognitoToken).toHaveBeenCalledWith({ userPoolId, clientId: userPoolClientId, token: idToken.value, @@ -83,12 +79,10 @@ describe('Validator', () => { }); it('should return false if invalid tokenType is access', async () => { - const isValidCognitoTokenSpy = jest - .spyOn(coreUtils, 'isValidCognitoToken') - .mockReturnValue(Promise.resolve(false)); + mockIsValidCognitoToken.mockImplementation(() => Promise.resolve(false)); - const result = await tokenValidator?.getItem?.(idToken.key, idToken.value); + const result = await tokenValidator.getItem?.(idToken.key, idToken.value); expect(result).toBe(false); - expect(isValidCognitoTokenSpy).toHaveBeenCalledTimes(1); + expect(mockIsValidCognitoToken).toHaveBeenCalledTimes(1); }); }); diff --git a/packages/adapter-nextjs/src/utils/createTokenValidator.ts b/packages/adapter-nextjs/src/utils/createTokenValidator.ts index c6bf9995ed5..0ffe5db1d2b 100644 --- a/packages/adapter-nextjs/src/utils/createTokenValidator.ts +++ b/packages/adapter-nextjs/src/utils/createTokenValidator.ts @@ -2,7 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 import { isValidCognitoToken } from '@aws-amplify/core/internals/utils'; -import { KeyValueStorageValidator } from '@aws-amplify/core/internals/adapter-core'; +import { KeyValueStorageMethodValidator } from '@aws-amplify/core/internals/adapter-core'; /** * Creates a validator object for validating methods in a KeyValueStorage. @@ -13,7 +13,7 @@ export const createTokenValidator = ({ }: { userPoolId: string | undefined; userPoolClientId: string | undefined; -}): KeyValueStorageValidator => { +}): KeyValueStorageMethodValidator => { return { // validate access, id tokens getItem: async (key: string, value: string): Promise => { @@ -24,8 +24,6 @@ export const createTokenValidator = ({ : null; if (!tokenType) return true; - // TODO: is this correct ? - // make sure userPoolId && clientId are present if token is access/id if (!userPoolId || !clientId) return false; return isValidCognitoToken({ diff --git a/packages/aws-amplify/__tests__/adapterCore/storageFactories/createKeyValueStorageFromCookieStorageAdapter.test.ts b/packages/aws-amplify/__tests__/adapterCore/storageFactories/createKeyValueStorageFromCookieStorageAdapter.test.ts index 40a07736c88..eae5ffe22a8 100644 --- a/packages/aws-amplify/__tests__/adapterCore/storageFactories/createKeyValueStorageFromCookieStorageAdapter.test.ts +++ b/packages/aws-amplify/__tests__/adapterCore/storageFactories/createKeyValueStorageFromCookieStorageAdapter.test.ts @@ -22,7 +22,7 @@ describe('keyValueStorage', () => { }); describe('the returned key value storage', () => { - let keyValueStorage = createKeyValueStorageFromCookieStorageAdapter( + const keyValueStorage = createKeyValueStorageFromCookieStorageAdapter( mockCookiesStorageAdapter, ); @@ -55,12 +55,6 @@ describe('keyValueStorage', () => { }); it('should get item', async () => { - const getItemValidator = jest.fn().mockImplementation(() => true); - keyValueStorage = createKeyValueStorageFromCookieStorageAdapter( - mockCookiesStorageAdapter, - { getItem: getItemValidator }, - ); - const testKey = 'testKey'; const testValue = 'testValue'; mockCookiesStorageAdapter.get.mockReturnValueOnce({ @@ -69,7 +63,6 @@ describe('keyValueStorage', () => { }); const value = await keyValueStorage.getItem(testKey); expect(value).toBe(testValue); - expect(getItemValidator).toHaveBeenCalledTimes(1); }); it('should get null if item not found', async () => { @@ -91,5 +84,44 @@ describe('keyValueStorage', () => { }).toThrow('This method has not implemented.'); }); }); + + describe('in conjunction with token validator', () => { + const testKey = 'testKey'; + const testValue = 'testValue'; + + beforeEach(() => { + mockCookiesStorageAdapter.get.mockReturnValueOnce({ + name: testKey, + value: testValue, + }); + }); + afterEach(() => { + jest.clearAllMocks(); + }); + + it('should return item successfully if validation passes when getting item', async () => { + const getItemValidator = jest.fn().mockImplementation(() => true); + const keyValueStorage = createKeyValueStorageFromCookieStorageAdapter( + mockCookiesStorageAdapter, + { getItem: getItemValidator }, + ); + + const value = await keyValueStorage.getItem(testKey); + expect(value).toBe(testValue); + expect(getItemValidator).toHaveBeenCalledTimes(1); + }); + + it('should return null if validation fails when getting item', async () => { + const getItemValidator = jest.fn().mockImplementation(() => false); + const keyValueStorage = createKeyValueStorageFromCookieStorageAdapter( + mockCookiesStorageAdapter, + { getItem: getItemValidator }, + ); + + const value = await keyValueStorage.getItem(testKey); + expect(value).toBe(null); + expect(getItemValidator).toHaveBeenCalledTimes(1); + }); + }); }); }); diff --git a/packages/aws-amplify/src/adapter-core/storageFactories/createKeyValueStorageFromCookieStorageAdapter.ts b/packages/aws-amplify/src/adapter-core/storageFactories/createKeyValueStorageFromCookieStorageAdapter.ts index e945468ce2e..9cfd141c47c 100644 --- a/packages/aws-amplify/src/adapter-core/storageFactories/createKeyValueStorageFromCookieStorageAdapter.ts +++ b/packages/aws-amplify/src/adapter-core/storageFactories/createKeyValueStorageFromCookieStorageAdapter.ts @@ -4,7 +4,7 @@ import { KeyValueStorageInterface } from '@aws-amplify/core'; import { CookieStorage, - KeyValueStorageValidator, + KeyValueStorageMethodValidator, } from '@aws-amplify/core/internals/adapter-core'; export const defaultSetCookieOptions: CookieStorage.SetCookieOptions = { @@ -21,7 +21,7 @@ const ONE_YEAR_IN_MS = 365 * 24 * 60 * 60 * 1000; */ export const createKeyValueStorageFromCookieStorageAdapter = ( cookieStorageAdapter: CookieStorage.Adapter, - validatorMap?: KeyValueStorageValidator, + validatorMap?: KeyValueStorageMethodValidator, ): KeyValueStorageInterface => { return { setItem(key, value) { diff --git a/packages/core/src/adapterCore/index.ts b/packages/core/src/adapterCore/index.ts index ec3422a065f..ddeb6480fb5 100644 --- a/packages/core/src/adapterCore/index.ts +++ b/packages/core/src/adapterCore/index.ts @@ -7,6 +7,6 @@ export { destroyAmplifyServerContext, AmplifyServer, CookieStorage, - KeyValueStorageValidator, + KeyValueStorageMethodValidator, } from './serverContext'; export { AmplifyServerContextError } from './error'; diff --git a/packages/core/src/adapterCore/serverContext/index.ts b/packages/core/src/adapterCore/serverContext/index.ts index 5dabb2dbd1d..5d7477b0a1c 100644 --- a/packages/core/src/adapterCore/serverContext/index.ts +++ b/packages/core/src/adapterCore/serverContext/index.ts @@ -10,5 +10,5 @@ export { export { AmplifyServer, CookieStorage, - KeyValueStorageValidator, + KeyValueStorageMethodValidator, } from './types'; diff --git a/packages/core/src/adapterCore/serverContext/types/KeyValueStorageValidator.ts b/packages/core/src/adapterCore/serverContext/types/KeyValueStorageMethodValidator.ts similarity index 100% rename from packages/core/src/adapterCore/serverContext/types/KeyValueStorageValidator.ts rename to packages/core/src/adapterCore/serverContext/types/KeyValueStorageMethodValidator.ts diff --git a/packages/core/src/adapterCore/serverContext/types/index.ts b/packages/core/src/adapterCore/serverContext/types/index.ts index 36aed168bc7..80b35fdf74b 100644 --- a/packages/core/src/adapterCore/serverContext/types/index.ts +++ b/packages/core/src/adapterCore/serverContext/types/index.ts @@ -7,4 +7,4 @@ type AmplifyServerContextSpec = AmplifyServer.ContextSpec; export { AmplifyServerContextSpec, AmplifyServer }; export { CookieStorage } from './cookieStorage'; -export { KeyValueStorageValidator } from './KeyValueStorageValidator'; +export { KeyValueStorageMethodValidator } from './KeyValueStorageMethodValidator'; From dffa3cb82090b879d30dc6209f0ab033bb481bad Mon Sep 17 00:00:00 2001 From: Ashwin Kumar Date: Mon, 20 May 2024 10:08:37 -0700 Subject: [PATCH 09/11] address feedback --- packages/core/src/utils/isValidCognitoToken.ts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/packages/core/src/utils/isValidCognitoToken.ts b/packages/core/src/utils/isValidCognitoToken.ts index 9eb8a7a5e6a..2f4c6742df0 100644 --- a/packages/core/src/utils/isValidCognitoToken.ts +++ b/packages/core/src/utils/isValidCognitoToken.ts @@ -30,6 +30,8 @@ export const isValidCognitoToken = async (input: { return true; } catch (error) { + // TODO (ashwinkumar6): surface invalid cognito token error to customer + // TODO: clear invalid tokens from Storage return false; } }; From 27f25d75edd5f798c056f9c672be46143d959a75 Mon Sep 17 00:00:00 2001 From: Ashwin Kumar Date: Mon, 20 May 2024 14:26:39 -0700 Subject: [PATCH 10/11] Update packages/adapter-nextjs/src/utils/createTokenValidator.ts Co-authored-by: israx <70438514+israx@users.noreply.github.com> --- packages/adapter-nextjs/src/utils/createTokenValidator.ts | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/packages/adapter-nextjs/src/utils/createTokenValidator.ts b/packages/adapter-nextjs/src/utils/createTokenValidator.ts index 0ffe5db1d2b..a731dd96bfd 100644 --- a/packages/adapter-nextjs/src/utils/createTokenValidator.ts +++ b/packages/adapter-nextjs/src/utils/createTokenValidator.ts @@ -10,10 +10,10 @@ import { KeyValueStorageMethodValidator } from '@aws-amplify/core/internals/adap export const createTokenValidator = ({ userPoolId, userPoolClientId: clientId, -}: { - userPoolId: string | undefined; - userPoolClientId: string | undefined; -}): KeyValueStorageMethodValidator => { +interface CreateTokenValidatorProps { + userPoolId?: string; + userPoolClientId?: string; +} return { // validate access, id tokens getItem: async (key: string, value: string): Promise => { From 008eb270cf3b7328b7ab6702c86f840012644027 Mon Sep 17 00:00:00 2001 From: Ashwin Kumar Date: Mon, 20 May 2024 14:35:02 -0700 Subject: [PATCH 11/11] address feedback --- .../adapter-nextjs/src/utils/createTokenValidator.ts | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/packages/adapter-nextjs/src/utils/createTokenValidator.ts b/packages/adapter-nextjs/src/utils/createTokenValidator.ts index a731dd96bfd..290d47cb1a3 100644 --- a/packages/adapter-nextjs/src/utils/createTokenValidator.ts +++ b/packages/adapter-nextjs/src/utils/createTokenValidator.ts @@ -4,16 +4,17 @@ import { isValidCognitoToken } from '@aws-amplify/core/internals/utils'; import { KeyValueStorageMethodValidator } from '@aws-amplify/core/internals/adapter-core'; +interface CreateTokenValidatorInput { + userPoolId?: string; + userPoolClientId?: string; +} /** * Creates a validator object for validating methods in a KeyValueStorage. */ export const createTokenValidator = ({ userPoolId, userPoolClientId: clientId, -interface CreateTokenValidatorProps { - userPoolId?: string; - userPoolClientId?: string; -} +}: CreateTokenValidatorInput): KeyValueStorageMethodValidator => { return { // validate access, id tokens getItem: async (key: string, value: string): Promise => {