feat(auth): Add support of custom endpoint for CognitoUserPool (#1715)

Author: rusik

AmplifyPlugins/Auth/AWSCognitoAuthPlugin/AWSCognitoAuthPlugin+Configure.swift

@@ -66,7 +66,7 @@ extension AWSCognitoAuthPlugin {
 
     func awsMobileClientAdapter(from authConfiguration: JSONValue) throws -> AWSMobileClientBehavior {
         let identityPoolConfig = identityPoolServiceConfiguration(from: authConfiguration)
-        let userPoolConfig = userPoolServiceConfiguration(from: authConfiguration)
+        let userPoolConfig = try userPoolServiceConfiguration(from: authConfiguration)
 
         // Auth plugin require atleast one of the Cognito service to work. Throw an error if both the service
         // configuration are nil.
@@ -100,16 +100,52 @@ extension AWSCognitoAuthPlugin {
         return AmplifyAWSServiceConfiguration(region: region, credentialsProvider: anonymousCredentialProvider)
     }
 
-    func userPoolServiceConfiguration(from authConfiguration: JSONValue) -> AmplifyAWSServiceConfiguration? {
+    func userPoolServiceConfiguration(from authConfiguration: JSONValue) throws -> AmplifyAWSServiceConfiguration? {
         let regionKeyPath = "CognitoUserPool.Default.Region"
         guard case .string(let regionString) = authConfiguration.value(at: regionKeyPath) else {
             Amplify.Logging.warn("Could not read Cognito user pool information from the configuration.")
             return nil
         }
         let region = (regionString as NSString).aws_regionTypeValue()
-        return AmplifyAWSServiceConfiguration(region: region)
+
+        if  let endpoint = try resolveCognitoOverrideEndpoint(using: authConfiguration, region: region) {
+            return AmplifyAWSServiceConfiguration(region: region, endpoint: endpoint)
+        } else {
+            return AmplifyAWSServiceConfiguration(region: region)
+        }
     }
 
+    func resolveCognitoOverrideEndpoint(
+        using authConfiguration: JSONValue,
+        region: AWSRegionType) throws -> AWSEndpoint? {
+
+            let endpointKeyPath = "CognitoUserPool.Default.Endpoint"
+            guard case .string(let endpointString) = authConfiguration.value(at: endpointKeyPath) else {
+                return nil
+            }
+
+            let amplifyError = AuthError.configuration(
+                "Error configuring \(String(describing: self))",
+            """
+            Invalid Endpoint value \(endpointString). Expected a fully-qualified hostname.
+            """)
+
+            guard (URLComponents(string: endpointString)?.scheme ?? "").isEmpty else {
+                throw amplifyError
+            }
+
+            let endpointStringWithScheme = "https://" + endpointString
+            guard
+                let components = URLComponents(string: endpointStringWithScheme),
+                components.path == "",
+                let url = components.url
+            else {
+                throw amplifyError
+            }
+
+            return AWSEndpoint(region: region, service: .CognitoIdentityProvider, url: url)
+        }
+
     // MARK: Internal
 
     /// Internal configure method to set the properties of the plugin

AmplifyPlugins/Auth/AWSCognitoAuthPluginTests/ConfigurationTests/AWSCognitoAuthPluginConfigTests.swift

@@ -62,7 +62,8 @@ class AWSCognitoAuthPluginConfigTests: XCTestCase {
                     "PoolId": "xx",
                     "Region": "us-east-1",
                     "AppClientId": "xx",
-                    "AppClientSecret": "xx"]]
+                    "AppClientSecret": "xx",
+                    "Endpoint": "example.org"]]
             ]
         ])
         let amplifyConfig = AmplifyConfiguration(auth: categoryConfig)
@@ -119,7 +120,8 @@ class AWSCognitoAuthPluginConfigTests: XCTestCase {
                     "PoolId": "xx",
                     "Region": "us-east-1",
                     "AppClientId": "xx",
-                    "AppClientSecret": "xx"]]
+                    "AppClientSecret": "xx",
+                    "Endpoint": "example.org"]]
             ]
         ])
         let amplifyConfig = AmplifyConfiguration(auth: categoryConfig)
@@ -166,6 +168,76 @@ class AWSCognitoAuthPluginConfigTests: XCTestCase {
         }
     }
 
+    /// Test Auth configuration with endpoint url containing scheme for user pool
+    ///
+    /// - Given: Given invalid config with endpoint url containing scheme for user pool
+    /// - When:
+    ///    - I configure auth with the given configuration
+    /// - Then:
+    ///    - I should get an exception.
+    ///
+    func testConfigWithInvalidUserPoolEndpointWithScheme() throws {
+        let plugin = AWSCognitoAuthPlugin()
+        try Amplify.add(plugin: plugin)
+
+        let categoryConfig = AuthCategoryConfiguration(plugins: [
+            "awsCognitoAuthPlugin": [
+                "CognitoUserPool": ["Default": [
+                    "PoolId": "xx",
+                    "Region": "us-east-1",
+                    "AppClientId": "xx",
+                    "AppClientSecret": "xx",
+                    "Endpoint": "https://example.org"]]
+            ]
+        ])
+
+        let amplifyConfig = AmplifyConfiguration(auth: categoryConfig)
+        do {
+            try Amplify.configure(amplifyConfig)
+            XCTFail("Should have thrown a AuthError.configuration error for invalid endpoint url")
+        } catch {
+            guard case AuthError.configuration = error else {
+                XCTFail("Should have thrown a AuthError.configuration error for invalid endpoint url")
+                return
+            }
+        }
+    }
+
+    /// Test Auth configuration with endpoint url containing path for user pool
+    ///
+    /// - Given: Given invalid config with endpoint url containing path for user pool
+    /// - When:
+    ///    - I configure auth with the given configuration
+    /// - Then:
+    ///    - I should get an exception.
+    ///
+    func testConfigWithInvalidUserPoolEndpointWithPath() throws {
+        let plugin = AWSCognitoAuthPlugin()
+        try Amplify.add(plugin: plugin)
+
+        let categoryConfig = AuthCategoryConfiguration(plugins: [
+            "awsCognitoAuthPlugin": [
+                "CognitoUserPool": ["Default": [
+                    "PoolId": "xx",
+                    "Region": "us-east-1",
+                    "AppClientId": "xx",
+                    "AppClientSecret": "xx",
+                    "Endpoint": "example.org/path"]]
+            ]
+        ])
+
+        let amplifyConfig = AmplifyConfiguration(auth: categoryConfig)
+        do {
+            try Amplify.configure(amplifyConfig)
+            XCTFail("Should have thrown a AuthError.configuration error for invalid endpoint url")
+        } catch {
+            guard case AuthError.configuration = error else {
+                XCTFail("Should have thrown a AuthError.configuration error for invalid endpoint url")
+                return
+            }
+        }
+    }
+
     /// Test Auth configuration with nil value
     ///
     /// - Given: Given a nil config for user pool and identity pool
@@ -210,7 +282,8 @@ class AWSCognitoAuthPluginConfigTests: XCTestCase {
                     "PoolId": "xx",
                     "Region": "us-east-1",
                     "AppClientId": "xx",
-                    "AppClientSecret": "xx"]]
+                    "AppClientSecret": "xx",
+                    "Endpoint": "example.org"]]
             ]
         ])
         let amplifyConfig = AmplifyConfiguration(auth: categoryConfig)

AmplifyPlugins/Core/AWSPluginsCore/ServiceConfiguration/AmplifyAWSServiceConfiguration.swift

@@ -40,6 +40,10 @@ public class AmplifyAWSServiceConfiguration: AWSServiceConfiguration {
         super.init(region: regionType, credentialsProvider: nil)
     }
 
+    public init(region regionType: AWSRegionType, endpoint: AWSEndpoint) {
+        super.init(region: regionType, endpoint: endpoint, credentialsProvider: nil)
+    }
+
     override public init(region regionType: AWSRegionType,
                          endpoint: AWSEndpoint,
                          credentialsProvider: AWSCredentialsProvider,