Adds the V2 version of the pre token generation event.

Author: msailes

Diff for: aws-lambda-java-events/src/main/java/com/amazonaws/services/lambda/runtime/events/CognitoUserPoolPreTokenGenerationEventV2.java

@@ -0,0 +1,134 @@
+/* Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. */
+
+package com.amazonaws.services.lambda.runtime.events;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import lombok.NoArgsConstructor;
+import lombok.ToString;
+
+import java.util.Map;
+
+/**
+ * Represent the class for the Cognito User Pool Pre Token Generation Lambda Trigger V2
+ * <p>
+ * See <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html">Pre Token Generation Lambda Trigger</a>
+ */
+@Data
+@EqualsAndHashCode(callSuper = true)
+@NoArgsConstructor
+@ToString(callSuper = true)
+public class CognitoUserPoolPreTokenGenerationEventV2 extends CognitoUserPoolEvent {
+    /**
+     * The request from the Amazon Cognito service.
+     */
+    private Request request;
+
+    /**
+     * The response from your Lambda trigger.
+     */
+    private Response response;
+
+    @Builder(setterPrefix = "with")
+    public CognitoUserPoolPreTokenGenerationEventV2(
+            String version,
+            String triggerSource,
+            String region,
+            String userPoolId,
+            String userName,
+            CallerContext callerContext,
+            Request request,
+            Response response) {
+        super(version, triggerSource, region, userPoolId, userName, callerContext);
+        this.request = request;
+        this.response = response;
+    }
+
+    @Data
+    @EqualsAndHashCode(callSuper = true)
+    @NoArgsConstructor
+    @ToString(callSuper = true)
+    public static class Request extends CognitoUserPoolEvent.Request {
+
+        private String[] scopes;
+        private GroupConfiguration groupConfiguration;
+        private Map<String, String> clientMetadata;
+
+        @Builder(setterPrefix = "with")
+        public Request(Map<String, String> userAttributes, String[] scopes, GroupConfiguration groupConfiguration, Map<String, String> clientMetadata) {
+            super(userAttributes);
+            this.scopes = scopes;
+            this.groupConfiguration = groupConfiguration;
+            this.clientMetadata = clientMetadata;
+        }
+    }
+
+    @Data
+    @AllArgsConstructor
+    @Builder(setterPrefix = "with")
+    @NoArgsConstructor
+    public static class GroupConfiguration {
+        /**
+         * A list of the group names that are associated with the user that the identity token is issued for.
+         */
+        private String[] groupsToOverride;
+        /**
+         * A list of the current IAM roles associated with these groups.
+         */
+        private String[] iamRolesToOverride;
+        /**
+         * Indicates the preferred IAM role.
+         */
+        private String preferredRole;
+    }
+
+    @Data
+    @AllArgsConstructor
+    @Builder(setterPrefix = "with")
+    @NoArgsConstructor
+    public static class Response {
+        private ClaimsAndScopeOverrideDetails claimsAndScopeOverrideDetails;
+    }
+
+    @Data
+    @AllArgsConstructor
+    @Builder(setterPrefix = "with")
+    @NoArgsConstructor
+    public static class ClaimsAndScopeOverrideDetails {
+        private IdTokenGeneration idTokenGeneration;
+        private AccessTokenGeneration accessTokenGeneration;
+        private GroupOverrideDetails groupOverrideDetails;
+    }
+
+    @Data
+    @AllArgsConstructor
+    @Builder(setterPrefix = "with")
+    @NoArgsConstructor
+    public static class IdTokenGeneration {
+        private Map<String, String> claimsToAddOrOverride;
+        private String[] claimsToSuppress;
+    }
+
+    @Data
+    @AllArgsConstructor
+    @Builder(setterPrefix = "with")
+    @NoArgsConstructor
+    public static class AccessTokenGeneration {
+        private Map<String, String> claimsToAddOrOverride;
+        private String[] claimsToSuppress;
+        private String[] scopesToAdd;
+        private String[] scopesToSuppress;
+    }
+
+    @Data
+    @AllArgsConstructor
+    @Builder(setterPrefix = "with")
+    @NoArgsConstructor
+    public static class GroupOverrideDetails {
+        private Map<String, String> groupsToOverride;
+        private Map<String, String> iamRolesToOverride;
+        private String preferredRole;
+    }
+}

Diff for: aws-lambda-java-tests/src/main/java/com/amazonaws/services/lambda/runtime/tests/EventLoader.java

@@ -113,6 +113,10 @@ public static RabbitMQEvent loadRabbitMQEvent(String filename) {
         return loadEvent(filename, RabbitMQEvent.class);
     }
 
+    public static CognitoUserPoolPreTokenGenerationEventV2 loadCognitoUserPoolPreTokenGenerationEventV2(String filename) {
+        return loadEvent(filename, CognitoUserPoolPreTokenGenerationEventV2.class);
+    }
+
     public static <T> T loadEvent(String filename, Class<T> targetClass) {
 
         if (!filename.endsWith("json")) {

Diff for: aws-lambda-java-tests/src/test/java/com/amazonaws/services/lambda/runtime/tests/EventLoaderTest.java

@@ -14,7 +14,6 @@
 
 import static java.time.Instant.ofEpochSecond;
 import static org.assertj.core.api.Assertions.*;
-import static org.assertj.core.api.Assertions.from;
 
 import com.amazonaws.services.lambda.runtime.events.*;
 
@@ -363,4 +362,18 @@ public void testLoadRabbitMQEvent() {
         assertThat(header1.get("bytes")).contains(118, 97, 108, 117, 101, 49);
         assertThat((Integer) headers.get("numberInHeader")).isEqualTo(10);
     }
+
+    @Test
+    public void testLoadCognitoUserPoolPreTokenGenerationEventV2() {
+        CognitoUserPoolPreTokenGenerationEventV2 event = EventLoader.loadCognitoUserPoolPreTokenGenerationEventV2("cognito_user_pool_pre_token_generation_event_v2.json");
+        assertThat(event).isNotNull();
+        assertThat(event)
+                .returns("2", from(CognitoUserPoolPreTokenGenerationEventV2::getVersion))
+                .returns("us-east-1", from(CognitoUserPoolPreTokenGenerationEventV2::getRegion))
+                .returns("TokenGeneration_Authentication", from(CognitoUserPoolPreTokenGenerationEventV2::getTriggerSource));
+
+        CognitoUserPoolPreTokenGenerationEventV2.Request request = event.getRequest();
+        assertThat(request)
+                .returns("aws.cognito.signin.user.admin", from(CognitoUserPoolPreTokenGenerationEventV2.Request::getScopes));
+    }
 }

Diff for: aws-lambda-java-tests/src/test/resources/cognito_user_pool_pre_token_generation_event_v2.json

@@ -0,0 +1,33 @@
+{
+    "version": "2",
+    "triggerSource": "TokenGeneration_Authentication",
+    "region": "us-east-1",
+    "userPoolId": "us-east-1_EXAMPLE",
+    "userName": "JaneDoe",
+    "callerContext": {
+        "awsSdkVersion": "aws-sdk-unknown-unknown",
+        "clientId": "1example23456789"
+    },
+    "request": {
+        "userAttributes": {
+            "sub": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
+            "cognito:user_status": "CONFIRMED",
+            "email_verified": "true",
+            "phone_number_verified": "true",
+            "phone_number": "+12065551212",
+            "family_name": "Zoe",
+            "email": "[email protected]"
+        },
+        "groupConfiguration": {
+            "groupsToOverride": ["group-1", "group-2", "group-3"],
+            "iamRolesToOverride": ["arn:aws:iam::123456789012:role/sns_caller1", "arn:aws:iam::123456789012:role/sns_caller2", "arn:aws:iam::123456789012:role/sns_caller3"],
+            "preferredRole": ["arn:aws:iam::123456789012:role/sns_caller"]
+        },
+        "scopes": [
+            "aws.cognito.signin.user.admin", "openid", "email", "phone"
+        ]
+    },
+    "response": {
+        "claimsAndScopeOverrideDetails": []
+    }
+}