diff --git a/Libraries/src/Amazon.Lambda.CognitoEvents/AccessTokenGeneration.cs b/Libraries/src/Amazon.Lambda.CognitoEvents/AccessTokenGeneration.cs index 9c0f97302..daea448eb 100644 --- a/Libraries/src/Amazon.Lambda.CognitoEvents/AccessTokenGeneration.cs +++ b/Libraries/src/Amazon.Lambda.CognitoEvents/AccessTokenGeneration.cs @@ -17,7 +17,7 @@ public class AccessTokenGeneration #if NETCOREAPP3_1_OR_GREATER [System.Text.Json.Serialization.JsonPropertyName("claimsToAddOrOverride")] # endif - public Dictionary ClaimsToAddOrOverride { get; set; } = new Dictionary(); + public Dictionary ClaimsToAddOrOverride { get; set; } = new Dictionary(); /// /// A list that contains claims to be suppressed from the identity token. diff --git a/Libraries/src/Amazon.Lambda.CognitoEvents/IdTokenGeneration.cs b/Libraries/src/Amazon.Lambda.CognitoEvents/IdTokenGeneration.cs index e4c516961..296458a70 100644 --- a/Libraries/src/Amazon.Lambda.CognitoEvents/IdTokenGeneration.cs +++ b/Libraries/src/Amazon.Lambda.CognitoEvents/IdTokenGeneration.cs @@ -16,7 +16,7 @@ public class IdTokenGeneration #if NETCOREAPP3_1_OR_GREATER [System.Text.Json.Serialization.JsonPropertyName("claimsToAddOrOverride")] # endif - public Dictionary ClaimsToAddOrOverride { get; set; } = new Dictionary(); + public Dictionary ClaimsToAddOrOverride { get; set; } = new Dictionary(); /// /// A list that contains claims to be suppressed from the identity token. diff --git a/Libraries/test/EventsTests.Shared/EventTests.cs b/Libraries/test/EventsTests.Shared/EventTests.cs index 66bb088fe..fa2cf6e04 100644 --- a/Libraries/test/EventsTests.Shared/EventTests.cs +++ b/Libraries/test/EventsTests.Shared/EventTests.cs @@ -1258,20 +1258,26 @@ public void CognitoPreTokenGenerationV2EventTest(Type serializerType) Assert.Equal("scope_1", cognitoPreTokenGenerationV2Event.Request.Scopes.ToArray()[0]); Assert.Equal("scope_2", cognitoPreTokenGenerationV2Event.Request.Scopes.ToArray()[1]); - Assert.Equal(2, cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.IdTokenGeneration.ClaimsToAddOrOverride.Count); - Assert.Equal("claim_1", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.IdTokenGeneration.ClaimsToAddOrOverride.ToArray()[0].Key); - Assert.Equal("claim_1_value_1", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.IdTokenGeneration.ClaimsToAddOrOverride.ToArray()[0].Value); - Assert.Equal("claim_2", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.IdTokenGeneration.ClaimsToAddOrOverride.ToArray()[1].Key); - Assert.Equal("claim_1_value_2", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.IdTokenGeneration.ClaimsToAddOrOverride.ToArray()[1].Value); + // Value comparison would vary across different serializers. Skip it for now and validate the complete JSON later. + Assert.Equal(5, cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.IdTokenGeneration.ClaimsToAddOrOverride.Count); + Assert.Equal("id_claim_1", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.IdTokenGeneration.ClaimsToAddOrOverride.ToArray()[0].Key); + Assert.Equal("id_claim_2", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.IdTokenGeneration.ClaimsToAddOrOverride.ToArray()[1].Key); + Assert.Equal("id_claim_3", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.IdTokenGeneration.ClaimsToAddOrOverride.ToArray()[2].Key); + Assert.Equal("id_claim_4", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.IdTokenGeneration.ClaimsToAddOrOverride.ToArray()[3].Key); + Assert.Equal("id_claim_5", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.IdTokenGeneration.ClaimsToAddOrOverride.ToArray()[4].Key); + Assert.Equal(2, cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.IdTokenGeneration.ClaimsToSuppress.Count); Assert.Equal("suppress1", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.IdTokenGeneration.ClaimsToSuppress[0]); Assert.Equal("suppress2", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.IdTokenGeneration.ClaimsToSuppress[1]); - Assert.Equal(2, cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.AccessTokenGeneration.ClaimsToAddOrOverride.Count); - Assert.Equal("claim_1", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.AccessTokenGeneration.ClaimsToAddOrOverride.ToArray()[0].Key); - Assert.Equal("claim_1_value_1", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.AccessTokenGeneration.ClaimsToAddOrOverride.ToArray()[0].Value); - Assert.Equal("claim_2", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.AccessTokenGeneration.ClaimsToAddOrOverride.ToArray()[1].Key); - Assert.Equal("claim_1_value_2", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.AccessTokenGeneration.ClaimsToAddOrOverride.ToArray()[1].Value); + // Value comparison would vary across different serializers. Skip it for now and validate the complete JSON later. + Assert.Equal(5, cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.AccessTokenGeneration.ClaimsToAddOrOverride.Count); + Assert.Equal("access_claim_1", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.AccessTokenGeneration.ClaimsToAddOrOverride.ToArray()[0].Key); + Assert.Equal("access_claim_2", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.AccessTokenGeneration.ClaimsToAddOrOverride.ToArray()[1].Key); + Assert.Equal("access_claim_3", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.AccessTokenGeneration.ClaimsToAddOrOverride.ToArray()[2].Key); + Assert.Equal("access_claim_4", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.AccessTokenGeneration.ClaimsToAddOrOverride.ToArray()[3].Key); + Assert.Equal("access_claim_5", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.AccessTokenGeneration.ClaimsToAddOrOverride.ToArray()[4].Key); + Assert.Equal(2, cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.AccessTokenGeneration.ClaimsToSuppress.Count); Assert.Equal("suppress1", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.AccessTokenGeneration.ClaimsToSuppress[0]); Assert.Equal("suppress2", cognitoPreTokenGenerationV2Event.Response.ClaimsAndScopeOverrideDetails.AccessTokenGeneration.ClaimsToSuppress[1]); diff --git a/Libraries/test/EventsTests.Shared/cognito-pretokengenerationv2-event.json b/Libraries/test/EventsTests.Shared/cognito-pretokengenerationv2-event.json index 947960cb6..c06333a34 100644 --- a/Libraries/test/EventsTests.Shared/cognito-pretokengenerationv2-event.json +++ b/Libraries/test/EventsTests.Shared/cognito-pretokengenerationv2-event.json @@ -37,8 +37,11 @@ "claimsAndScopeOverrideDetails": { "idTokenGeneration": { "claimsToAddOrOverride": { - "claim_1": "claim_1_value_1", - "claim_2": "claim_1_value_2" + "id_claim_1": "id_claim_1_value", + "id_claim_2": "id_claim_2_value", + "id_claim_3": 1234, + "id_claim_4": true, + "id_claim_5": [ "id_claim_5_value", 5678, false ] }, "claimsToSuppress": [ "suppress1", @@ -47,8 +50,11 @@ }, "accessTokenGeneration": { "claimsToAddOrOverride": { - "claim_1": "claim_1_value_1", - "claim_2": "claim_1_value_2" + "access_claim_1": "access_claim_1_value", + "access_claim_2": "access_claim_2_value", + "access_claim_3": 1234, + "access_claim_4": true, + "access_claim_5": [ "access_claim_5_value", 5678, false ] }, "claimsToSuppress": [ "suppress1",