-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(cognito): user pools - non-ascii email domains #11099
feat(cognito): user pools - non-ascii email domains #11099
Conversation
c6c65b6
to
64d2a5f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for submitting this PR. Looks pretty good. Some minor suggestions below.
You will also need to merge latest from 'master' and resolve the merge conflict.
packages/@aws-cdk/aws-cognito/test/integ.user-pool-encoding-charset-unicode.ts
Outdated
Show resolved
Hide resolved
If an email address for cognito email settings contains a non-ascii character, the cognito cdk package applies punycode encoding, which cloudformation will pick up properly.
64d2a5f
to
d7301f4
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd like to wait for this PR to be merged - #11195 - and rebase this change on top, so that we can correctly add attributions to 3rd party bundled dependencies.
bdd9a31
to
308f32c
Compare
I added the lint rule in cognito's |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for your patience with this.
A couple of more adjustments to the eslint rule.
74af44c
to
2b9dfa1
Compare
bcdf43b
to
7369218
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry for the delay. I was on vacation earlier in the week.
function encodeDomain(email: string | undefined): string | undefined { | ||
const splitEmail = email?.split('@'); | ||
if (splitEmail === undefined || splitEmail.length !== 2) { | ||
return email; | ||
} | ||
const [local, domain] = splitEmail!; | ||
return `${local}@${punycodeEncode(domain)}`; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can't we just use the toASCII()
API instead. According to the documentation, it takes care of emails.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, but it also encodes the part before the @
, which for AWS/Cloudformation should not be encoded. See rix0rr's earlier comment and the documentation.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not according to the example in the docs that I've linked above. Specifically example#3 shows that the first half of the email address is NOT encoded.
Does the library behave differently? Can you test this and report?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You are correct! Did not go through the documentation properly!
I reverted back to the toASCII
method, as previously.
7369218
to
79cba93
Compare
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
If an email address for cognito email settings contains a non-ascii character, the cognito cdk package applies punycode encoding, which cloudformation will pick up properly.
This pull request adds the
punycode
package to the dependencies, as previously discussed in #8473. The package occupies 42KB innode_modules
after installation. I am not sure if I configured the package correctly to be included in the cdk build. The project itself addedpunycode
toaws-cdk-lib
andmonocdk
, I had to re-runyarn install
in these packages.Unit- and integration tests are added, but notice that I could not manage a manual e2e test, I think I need to own a domain with non-ascii letters to do so, which I currently do not.
A similar approach as in this PR will also be interesting for other cdk packages which deal with email addresses and domains, like hosted zones.
According to the Cfn Domain Name Format Docs, characters with code point below 33, or in
[127, 255]
should be escaped with an octal code, which is not applied in this pull request.Fixes #8473
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license