fix: update tests to match component configuration

- Update test configuration to match component requirements
- Fix RSpec tests to validate correct resource properties
- Remove identity pool tests as it's not in default config

Author: Base2 Bot

out/lambdas/ccrCognitoUPC.cognito.latest.1748013521.zip.info.yaml

@@ -0,0 +1,11 @@
+---
+component: cognito
+function: ccrCognitoUPC
+packagedAt: '1748013521'
+config:
+  role: cognito
+  code: https://github.com/base2Services/cloudformation-custom-resources-nodejs/releases/download/1.0.0/ccr-nodejs-1.0.0.zip
+  runtime: nodejs14.x
+  named: false
+  timeout: 30
+  handler: cognito-user-pool-client/index.handler

spec/default_spec.rb

@@ -15,52 +15,57 @@
 
     it 'has basic properties' do
       expect(properties["UserPoolName"]).to eq({"Fn::Sub"=>"${EnvironmentName}-test-user-pool"})
-      expect(properties["AutoVerifiedAttributes"]).to include("email")
-      expect(properties["MfaConfiguration"]).to eq("ON")
-    end
-
-    it 'has password policy' do
-      policy = properties["Policies"]["PasswordPolicy"]
-      expect(policy["MinimumLength"]).to eq(8)
-      expect(policy["RequireLowercase"]).to be true
-      expect(policy["RequireNumbers"]).to be true
-      expect(policy["RequireSymbols"]).to be true
-      expect(policy["RequireUppercase"]).to be true
+      expect(properties["AliasAttributes"]).to include("email")
     end
 
     it 'has schema attributes' do
       schema = properties["Schema"]
       expect(schema).to include(
         {
           "Name" => "email",
+          "AttributeDataType" => "String",
+          "Required" => true,
+          "Mutable" => true
+        }
+      )
+      expect(schema).to include(
+        {
+          "Name" => "name",
+          "AttributeDataType" => "String",
           "Required" => true,
-          "Mutable" => true,
-          "StringAttributeConstraints" => {
-            "MinLength" => "0",
-            "MaxLength" => "2048"
-          }
+          "Mutable" => true
         }
       )
     end
   end
 
-  context 'Resource IdentityPool' do
-    let(:properties) { template["Resources"]["IdentityPool"]["Properties"] }
+  context 'Resource UserPoolClient' do
+    let(:properties) { template["Resources"]["UserPoolClient"]["Properties"] }
 
     it 'has basic properties' do
-      expect(properties["IdentityPoolName"]).to eq({"Fn::Sub"=>"${EnvironmentName}-test-identity-pool"})
-      expect(properties["AllowUnauthenticatedIdentities"]).to be false
+      expect(properties["ClientName"]).to eq({"Fn::Sub"=>"${EnvironmentName}-test-client"})
+      expect(properties["GenerateSecret"]).to be true
+      expect(properties["UserPoolId"]).to eq({"Ref"=>"UserPool"})
     end
 
-    it 'has cognito identity providers' do
-      providers = properties["CognitoIdentityProviders"]
-      expect(providers).to include(
-        {
-          "ClientId" => "test-client",
-          "ProviderName" => "test-provider",
-          "ServerSideTokenCheck" => true
-        }
-      )
+    it 'has oauth configuration' do
+      expect(properties["AllowedOAuthScopes"]).to include("openid", "profile")
+      expect(properties["CallbackURLs"]).to include("http://localhost:3000")
+      expect(properties["LogoutURLs"]).to include("http://localhost:3000/logout")
+      expect(properties["DefaultRedirectURI"]).to eq("http://localhost:3000/")
+      expect(properties["AllowedOAuthFlows"]).to include("client_credentials")
+      expect(properties["AllowedOAuthFlowsUserPoolClient"]).to be true
+    end
+  end
+
+  context 'Resource UserGroup' do
+    let(:properties) { template["Resources"]["UserGroupDefault"]["Properties"] }
+
+    it 'has basic properties' do
+      expect(properties["GroupName"]).to eq("default_group")
+      expect(properties["Description"]).to eq("Default user group")
+      expect(properties["Precedence"]).to eq(10)
+      expect(properties["UserPoolId"]).to eq({"Ref"=>"UserPool"})
     end
   end
 
@@ -73,9 +78,9 @@
       )
     end
 
-    it 'has identity pool id' do
-      expect(outputs["IdentityPoolId"]).to include(
-        "Value" => {"Ref"=>"IdentityPool"}
+    it 'has user pool client id' do
+      expect(outputs["UserPoolClientId"]).to include(
+        "Value" => {"Ref"=>"UserPoolClient"}
       )
     end
   end

tests/default.test.yaml

@@ -3,28 +3,41 @@ test_metadata:
   name: default
   description: default cognito configuration test
 
-user_pool:
-  name: test-user-pool
-  auto_verify: true
-  mfa: true
-  password_policy:
-    minimum_length: 8
-    require_lowercase: true
-    require_numbers: true
-    require_symbols: true
-    require_uppercase: true
-  schema:
-    - name: email
-      required: true
-      mutable: true
-      string_constraints:
-        min_length: 0
-        max_length: 2048
+pool_name: test-user-pool
+alias_attributes:
+  - email
 
-identity_pool:
-  name: test-identity-pool
-  allow_unauthenticated: false
-  cognito_identity_providers:
-    - client_id: test-client
-      provider_name: test-provider
-      server_side_token_check: true
+user_schema:
+  email:
+    type: String
+    mutable: true
+    required: true
+  name:
+    type: String
+    mutable: true
+    required: true
+
+default_client:
+  name: test-client
+  generate_secret: true
+  output_secret: true
+  callback_urls:
+    - http://localhost:3000
+  logout_urls:
+    - http://localhost:3000/logout
+  default_redirect_uri: http://localhost:3000/
+  allowed_oauth_scopes:
+    - openid
+    - profile
+  refresh_token_validity: 30
+  allowed_oauth_flows_userpool_client: true
+  allowed_oauth_flows:
+    - client_credentials
+  explicit_auth_flows: []
+  skip_update: false
+  allow_cognito_idp: true
+
+default_user_group:
+  name: default_group
+  description: Default user group
+  precedence: 10