File tree Expand file tree Collapse file tree 2 files changed +21
-4
lines changed
packages/aws-cdk-lib/aws-cognito Expand file tree Collapse file tree 2 files changed +21
-4
lines changed Original file line number Diff line number Diff line change @@ -107,10 +107,6 @@ export class UserPoolIdentityProviderOidc extends UserPoolIdentityProviderBase {
107107 constructor ( scope : Construct , id : string , props : UserPoolIdentityProviderOidcProps ) {
108108 super ( scope , id , props ) ;
109109
110- if ( props . name && ! Token . isUnresolved ( props . name ) && ( props . name . length < 3 || props . name . length > 32 ) ) {
111- throw new Error ( `Expected provider name to be between 3 and 32 characters, received ${ props . name } ${ props . name . length } ) ;
112- }
113-
114110 const scopes = props . scopes ?? [ 'openid' ] ;
115111
116112 const resource = new CfnUserPoolIdentityProvider ( this , 'Resource' , {
@@ -140,6 +136,11 @@ export class UserPoolIdentityProviderOidc extends UserPoolIdentityProviderBase {
140136 if ( ! Token . isUnresolved ( name ) && ( name . length < 3 || name . length > 32 ) ) {
141137 throw new Error ( `Expected provider name to be between 3 and 32 characters, received ${ name } ${ name . length } ) ;
142138 }
139+ // https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolidentityprovider.html#cfn-cognito-userpoolidentityprovider-providername
140+ // u is for unicode
141+ if ( ! name . match ( / ^ [ ^ _ \p{ Z} ] [ \p{ L} \p{ M} \p{ S} \p{ N} \p{ P} ] [ ^ _ \p{ Z} ] + $ / u) ) {
142+ throw new Error ( `Expected provider name must match [^_\p{Z}][\p{L}\p{M}\p{S}\p{N}\p{P}][^_\p{Z}]+, received ${ name } ) ;
143+ }
143144 return name ;
144145 }
145146
Original file line number Diff line number Diff line change @@ -173,6 +173,22 @@ describe('UserPoolIdentityProvider', () => {
173173 } ) ) . toThrow ( / E x p e c t e d p r o v i d e r n a m e t o b e b e t w e e n 3 a n d 3 2 c h a r a c t e r s / ) ;
174174 } ) ;
175175
176+ test ( 'throws with provider name that doesn\'t match pattern' , ( ) => {
177+ // GIVEN
178+ const stack = new Stack ( ) ;
179+ const pool = new UserPool ( stack , 'userpool' ) ;
180+ const name = ' thisisabadname' ;
181+
182+ // THEN
183+ expect ( ( ) => new UserPoolIdentityProviderOidc ( stack , 'userpoolidp' , {
184+ userPool : pool ,
185+ name,
186+ clientId : 'client-id' ,
187+ clientSecret : 'client-secret' ,
188+ issuerUrl : 'https://my-issuer-url.com' ,
189+ } ) ) . toThrow ( `Expected provider name must match [^_\p{Z}][\p{L}\p{M}\p{S}\p{N}\p{P}][^_\p{Z}]+, received ${ name } ) ;
190+ } ) ;
191+
176192 test ( 'generates a valid name when unique id is too short' , ( ) => {
177193 // GIVEN
178194 const stack = new Stack ( ) ;
You can’t perform that action at this time.
0 commit comments