feat(cognito): verify SSO users and migrate #11
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Following this https://app.clickup.com/t/86aya49x7
Summary:
We want to support partner's using SSO, for now just google.
The current migration lambda does not run when a user signs in via google sso, as it will always go to pre-signup.
We can handle this issue by allowing an SSO user to be created in pre-sign up, then we can migrate the user data in the post confirmation lambda.
Changes:
Creates an interface to calm TS down with the api call (UserResponse)
Create new API call
get_sso_user_attributes
to retrieve user attributes for migrationAdds attributes to event being returned to Cognito
Update user on the partner's Cognito pool (this will require the partner to ensure their lambda role has the
cognito-idp:AdminUpdateUserAttributes
permission)Updated the test
How to Test
This branch is currently pushed to staging, except with mock data instead of hitting the Jane backend (waiting for endpoint to be deployed).
The cognito pool jane-sandbox on AWS is linked to it and has its lambdas working as expected now