aws-amplify · Jordan-Nelson · Jun 14, 2024 · Jun 13, 2024
diff --git a/packages/amplify_core/lib/src/config/auth/auth_config.dart b/packages/amplify_core/lib/src/config/auth/auth_config.dart
@@ -91,22 +91,24 @@ class AuthConfig extends AmplifyPluginConfigMap {
     }
 
     final passwordSettings = plugin?.passwordProtectionSettings;
-    final requiredCharacters = passwordSettings?.passwordPolicyCharacters ?? [];
-    final passwordPolicy = PasswordPolicy(
-      minLength: passwordSettings?.passwordPolicyMinLength,
-      requireNumbers: requiredCharacters.contains(
-        PasswordPolicyCharacters.requiresNumbers,
-      ),
-      requireLowercase: requiredCharacters.contains(
-        PasswordPolicyCharacters.requiresLowercase,
-      ),
-      requireUppercase: requiredCharacters.contains(
-        PasswordPolicyCharacters.requiresUppercase,
-      ),
-      requireSymbols: requiredCharacters.contains(
-        PasswordPolicyCharacters.requiresSymbols,
-      ),
-    );
+    final passwordPolicy = switch (passwordSettings) {
+      null => null,
+      final PasswordProtectionSettings settings => PasswordPolicy(
+          minLength: settings.passwordPolicyMinLength,
+          requireNumbers: settings.passwordPolicyCharacters.contains(
+            PasswordPolicyCharacters.requiresNumbers,
+          ),
+          requireLowercase: settings.passwordPolicyCharacters.contains(
+            PasswordPolicyCharacters.requiresLowercase,
+          ),
+          requireUppercase: settings.passwordPolicyCharacters.contains(
+            PasswordPolicyCharacters.requiresUppercase,
+          ),
+          requireSymbols: settings.passwordPolicyCharacters.contains(
+            PasswordPolicyCharacters.requiresSymbols,
+          ),
+        )
+    };
 
     final oAuthConfig = plugin?.oAuth;
     final identityProviders =

diff --git a/packages/amplify_core/test/config/amplify_outputs_mapping/amplify_outputs_mapping_test.dart b/packages/amplify_core/test/config/amplify_outputs_mapping/amplify_outputs_mapping_test.dart
@@ -55,34 +55,49 @@ void main() {
       expect(restUrls, ['fake-rest-url-1', 'fake-rest-url-2']);
     });
 
-    test('maps config with all oauth options', () async {
-      final configJson = jsonDecode(oauthConfig) as Map<String, Object?>;
-      final amplifyConfig = AmplifyConfig.fromJson(configJson);
-      final mappedOutputs = amplifyConfig.toAmplifyOutputs();
-      final oauth = mappedOutputs.auth?.oauth as OAuthOutputs;
-      expect(oauth.redirectSignInUri, containsAll([signInUri1, signInUri2]));
-      expect(
-        oauth.redirectSignInUriQueryParameters,
-        {signInQueryParamKey: signInQueryParamValue},
-      );
-      expect(oauth.redirectSignOutUri, containsAll([signOutUri1, signOutUri2]));
-      expect(
-        oauth.redirectSignOutUriQueryParameters,
-        {signOutQueryParamKey: signOutQueryParamValue},
-      );
-      expect(oauth.tokenUri, tokenUri);
-      expect(
-        oauth.tokenUriQueryParameters,
-        {tokenQueryParamKey: tokenQueryParamValue},
-      );
-      expect(oauth.scopes, containsAll([scope1, scope2]));
-    });
+    group('auth', () {
+      test('maps config with all oauth options', () async {
+        final configJson = jsonDecode(oauthConfig) as Map<String, Object?>;
+        final amplifyConfig = AmplifyConfig.fromJson(configJson);
+        final mappedOutputs = amplifyConfig.toAmplifyOutputs();
+        final oauth = mappedOutputs.auth?.oauth as OAuthOutputs;
+        expect(oauth.redirectSignInUri, containsAll([signInUri1, signInUri2]));
+        expect(
+          oauth.redirectSignInUriQueryParameters,
+          {signInQueryParamKey: signInQueryParamValue},
+        );
+        expect(
+          oauth.redirectSignOutUri,
+          containsAll([signOutUri1, signOutUri2]),
+        );
+        expect(
+          oauth.redirectSignOutUriQueryParameters,
+          {signOutQueryParamKey: signOutQueryParamValue},
+        );
+        expect(oauth.tokenUri, tokenUri);
+        expect(
+          oauth.tokenUriQueryParameters,
+          {tokenQueryParamKey: tokenQueryParamValue},
+        );
+        expect(oauth.scopes, containsAll([scope1, scope2]));
+      });
 
-    test('maps config with app client secret', () async {
-      final configJson = jsonDecode(clientSecretConfig) as Map<String, Object?>;
-      final amplifyConfig = AmplifyConfig.fromJson(configJson);
-      final mappedOutputs = amplifyConfig.toAmplifyOutputs();
-      expect(mappedOutputs.auth?.appClientSecret, appClientSecret);
+      test('maps config with app client secret', () async {
+        final configJson =
+            jsonDecode(clientSecretConfig) as Map<String, Object?>;
+        final amplifyConfig = AmplifyConfig.fromJson(configJson);
+        final mappedOutputs = amplifyConfig.toAmplifyOutputs();
+        expect(mappedOutputs.auth?.appClientSecret, appClientSecret);
+      });
+
+      test('maps config with only the required options for a user pool',
+          () async {
+        final configJson =
+            jsonDecode(userPoolOnlyConfig) as Map<String, Object?>;
+        final amplifyConfig = AmplifyConfig.fromJson(configJson);
+        final mappedOutputs = amplifyConfig.toAmplifyOutputs();
+        expect(mappedOutputs.auth?.passwordPolicy, null);
+      });
     });
   });
 }
@@ -204,6 +219,23 @@ const clientSecretConfig = '''{
   }
 }''';
 
+/// hand written config with only the minimal required options for a user pool
+const userPoolOnlyConfig = '''{
+  "auth": {
+    "plugins": {
+      "awsCognitoAuthPlugin": {
+        "CognitoUserPool": {
+          "Default": {
+            "PoolId": "us-east-fake-pool-id",
+            "AppClientId": "fake-client-id",
+            "Region": "us-east-1"
+          }
+        }
+      }
+    }
+  }
+}''';
+
 /// Updates the Gen 1 Config to work around known issues
 ///
 /// Issues: