Skip to content

fix(gen2-migration): resolve bugs in codegen auth generator #14308

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
iliapolo merged 15 commits into from
Nov 3, 2025
Merged

fix(gen2-migration): resolve bugs in codegen auth generator #14308

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
e05fdec
chore: merge latest changes from gen2-migration
dgandhi62 Oct 28, 2025
2e1a351
feat: add extra adapter files
dgandhi62 Oct 28, 2025
9d0cd6f
chore: add dependencies and add fields to the commands
dgandhi62 Oct 28, 2025
94da7a2
chore: update dependencies
dgandhi62 Oct 28, 2025
0b6e03b
feat: complete end-to-end codegen integration
dgandhi62 Oct 28, 2025
653bf1e
chore: revert auth gen to old tool
dgandhi62 Oct 29, 2025
1e18a5d
fix: remove additional emit success to prevent exit with 0 midway
dgandhi62 Oct 29, 2025
e8b6aa4
chore: remove unintentionally added files
dgandhi62 Oct 29, 2025
ded70f5
feat: fix auth gen bugs
dgandhi62 Oct 29, 2025
ffdb396
feat: update auth generator
dgandhi62 Oct 30, 2025
b9fa308
chore: add documentation to synthesizer.ts
dgandhi62 Oct 30, 2025
c866a46
chore: restructuring and renaming directories
dgandhi62 Oct 30, 2025
acca109
feat: merge gen2-migration directory restructure while preserving loc…
dgandhi62 Oct 31, 2025
0529c81
fix: rename migration_head to codegen-head to match upstream
dgandhi62 Oct 31, 2025
7f3fd51
feat: merge upstream gen2-migration with complete functionality
dgandhi62 Oct 31, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
55 changes: 55 additions & 0 deletions packages/amplify-cli/src/commands/gen2-migration/codegen-generate/src/backend/synthesizer.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -694,6 +694,8 @@ export class BackendSynthesizer {
const defineBackendProperties = [];
const nodes = [];

// Gen 2 requires different names / casing for password rules

const mappedPolicyType: Record<string, string> = {
MinimumLength: 'minimumLength',
RequireUppercase: 'requireUppercase',
Expand All @@ -704,30 +706,46 @@ export class BackendSynthesizer {
TemporaryPasswordValidityDays: 'temporaryPasswordValidityDays',
};

// What it does: If you have auth, storage, or custom resources, adds:
// import { RemovalPolicy, Tags } from 'aws-cdk-lib';

if (renderArgs.auth || renderArgs.storage?.hasS3Bucket || renderArgs.customResources) {
imports.push(
this.createImportStatement([factory.createIdentifier('RemovalPolicy'), factory.createIdentifier('Tags')], 'aws-cdk-lib'),
);
}

// What it does: If you have auth configured:
// Adds import: import { auth } from './auth/resource';
// Adds auth to the backend definition

if (renderArgs.auth) {
imports.push(this.createImportStatement([authFunctionIdentifier], renderArgs.auth.importFrom));
const auth = factory.createShorthandPropertyAssignment(authFunctionIdentifier);
defineBackendProperties.push(auth);
}

// Same as auth

if (renderArgs.data) {
imports.push(this.createImportStatement([dataFunctionIdentifier], renderArgs.data.importFrom));
const data = factory.createShorthandPropertyAssignment(dataFunctionIdentifier);
defineBackendProperties.push(data);
}

// Same as auth

if (renderArgs.storage?.hasS3Bucket) {
imports.push(this.createImportStatement([storageFunctionIdentifier], renderArgs.storage.importFrom));
const storage = factory.createShorthandPropertyAssignment(storageFunctionIdentifier);
defineBackendProperties.push(storage);
}

// Context: Gen 1 might have multiple Lambda functions
// What it does: For each function (e.g., myFunction):
// Adds import: import { myFunction } from './function/myFunction/resource';
// Adds function to backend: defineBackend({ auth, myFunction, ... })

if (renderArgs.function) {
const functionNameCategories = renderArgs.function.functionNamesAndCategories;
for (const [functionName, category] of functionNameCategories) {
Expand All @@ -737,6 +755,8 @@ export class BackendSynthesizer {
}
}

// Dynamo table cannot be migrated

if (renderArgs.storage?.dynamoDB) {
nodes.push(
factory.createThrowStatement(
Expand All @@ -749,6 +769,8 @@ export class BackendSynthesizer {
);
}

// Adds core import: import { defineBackend } from '@aws-amplify/backend';

imports.push(this.createImportStatement([backendFunctionIdentifier], '@aws-amplify/backend'));

if (renderArgs.unsupportedCategories) {
Expand Down Expand Up @@ -797,24 +819,33 @@ export class BackendSynthesizer {
}
}

// Adds CI detection: import ci from 'ci-info';

const ciInfoImportStatement = factory.createImportDeclaration(
undefined,
factory.createImportClause(false, factory.createIdentifier('ci'), undefined),
factory.createStringLiteral('ci-info'),
);

// Creates environment name logic (sandbox vs production)

imports.push(ciInfoImportStatement);
const envNameStatements = this.createAmplifyEnvNameLogic();
errors.push(...envNameStatements);

// Creates the main line: const backend = defineBackend({ auth, data, storage })

const callBackendFn = this.defineBackendCall(backendFunctionIdentifier, defineBackendProperties);
const backendVariable = factory.createVariableDeclaration('backend', undefined, undefined, callBackendFn);
const backendStatement = factory.createVariableStatement(
[],
factory.createVariableDeclarationList([backendVariable], ts.NodeFlags.Const),
);

// CDK OVERRIDES
// When you have advanced user pool settings AND you're creating new auth (not importing existing)
if (renderArgs.auth?.userPoolOverrides && !renderArgs?.auth?.referenceAuth) {
// Generates const cfnUserPool = backend.auth.resources.cfnResources.cfnUserPool;
const cfnUserPoolVariableStatement = this.createVariableStatement(
this.createVariableDeclaration('cfnUserPool', 'auth.resources.cfnResources.cfnUserPool'),
);
Expand All @@ -823,6 +854,10 @@ export class BackendSynthesizer {
passwordPolicy: {},
};
for (const [overridePath, value] of Object.entries(renderArgs.auth.userPoolOverrides)) {
// Gen 1 name: myapp-dev
// Splits it: ['myapp', 'dev']
// Takes base: myapp
// Generates: cfnUserPool.userPoolName = \myapp-${AMPLIFY_GEN_1_ENV_NAME}`;`
if (overridePath.includes('userPoolName')) {
assert(value);
assert(typeof value === 'string');
Expand All @@ -838,15 +873,25 @@ export class BackendSynthesizer {
);

nodes.push(userPoolAssignment);
// Input: Policies.PasswordPolicy.MinimumLength = 8
// Splits: ['Policies', 'PasswordPolicy', 'MinimumLength']
// Gets: MinimumLength
// Maps to: minimumLength
// Stores: policies.passwordPolicy.minimumLength = 8
} else if (overridePath.includes('PasswordPolicy')) {
const policyKey = overridePath.split('.')[2];
if (value !== undefined && policyKey in mappedPolicyType) {
policies.passwordPolicy[mappedPolicyType[policyKey] as string] = value;
}
} else {
// Handle everything else
// This is where username attributes get handled!
// Input: usernameAttributes: ['username']
// Generates: cfnUserPool.usernameAttributes = ['username'];
nodes.push(this.setPropertyValue(factory.createIdentifier('cfnUserPool'), overridePath, value));
}
}
// Generates: cfnUserPool.policies = { passwordPolicy: { minimumLength: 8 } };
nodes.push(
this.setPropertyValue(
factory.createIdentifier('cfnUserPool'),
Expand All @@ -856,6 +901,7 @@ export class BackendSynthesizer {
);
}

// Identity pool overrides
if (renderArgs.auth?.guestLogin === false || (renderArgs.auth?.identityPoolName && !renderArgs?.auth?.referenceAuth)) {
const cfnIdentityPoolVariableStatement = this.createVariableStatement(
this.createVariableDeclaration('cfnIdentityPool', 'auth.resources.cfnResources.cfnIdentityPool'),
Expand All @@ -880,6 +926,7 @@ export class BackendSynthesizer {
}
}

// User pool client overrides
if (
(renderArgs.auth?.oAuthFlows || renderArgs.auth?.readAttributes || renderArgs.auth?.writeAttributes) &&
!renderArgs?.auth?.referenceAuth
Expand Down Expand Up @@ -920,12 +967,17 @@ export class BackendSynthesizer {
}

// Since Gen2 only supports 1 user pool client by default, we need to add CDK overrides for the additional user pool client from Gen1
// If Gen 1 had separate mobile and web clients, Gen 2 needs to recreate that setup.
if (renderArgs.auth?.userPoolClient) {
const userPoolVariableStatement = this.createVariableStatement(this.createVariableDeclaration('userPool', 'auth.resources.userPool'));
nodes.push(userPoolVariableStatement);
nodes.push(this.createUserPoolClientAssignment(renderArgs.auth?.userPoolClient, imports));
}

// Stores basic S3 bucket info
// const s3Bucket = backend.storage.resources.cfnResources.cfnBucket;
// s3Bucket.bucketName = `myapp-storage-${AMPLIFY_GEN_1_ENV_NAME}`;

if (renderArgs.storage && renderArgs.storage.hasS3Bucket) {
assert(renderArgs.storage.bucketName);
const cfnStorageVariableStatement = this.createVariableStatement(
Expand All @@ -946,6 +998,7 @@ export class BackendSynthesizer {
nodes.push(bucketNameAssignment);
}

// Features that Gen1 just doesn't support for storage
if (
renderArgs.storage?.accelerateConfiguration ||
renderArgs.storage?.versionConfiguration ||
Expand Down Expand Up @@ -1019,6 +1072,7 @@ export class BackendSynthesizer {
);
}

// I DONT UNDERSTAND THIS PART YET
if (
renderArgs.auth?.userPoolClient &&
renderArgs.auth.userPoolClient.SupportedIdentityProviders &&
Expand Down Expand Up @@ -1064,6 +1118,7 @@ export class BackendSynthesizer {
nodes.push(tagAssignment);
}

// returns backend.ts file
return factory.createNodeArray([...imports, newLineIdentifier, ...errors, newLineIdentifier, backendStatement, ...nodes], true);
}
}
Loading
Loading