Skip to content

Comments

AUT-5136: Connect account-data-api to Authenticator table#7821

Merged
ChristianSoftwire merged 6 commits intomainfrom
AUT-5136-connect-account-data-api-to-authenticator-table
Feb 20, 2026
Merged

AUT-5136: Connect account-data-api to Authenticator table#7821
ChristianSoftwire merged 6 commits intomainfrom
AUT-5136-connect-account-data-api-to-authenticator-table

Conversation

@ChristianSoftwire
Copy link
Contributor

@ChristianSoftwire ChristianSoftwire commented Feb 13, 2026
edited
Loading

What

  • Add Authenticator entity which has base attributes
  • Add Passkey entity which inherits from the Authenticator entity
  • Add DynamoPasskeyService to interact with the DB for passkey entities
  • Setup account-data-api-integration-tests and add test for the DynamoPasskeyService

How to review

  1. Code Review
  2. Manual testing will be done in the upcoming tickets, when we access the db from the lambdas

Checklist

  • Deployment of this PR will not break active user journeys
  • Impact on orch and auth mutual dependencies has been checked.
  • No changes required or changes have been made to stub-orchestration.
  • A UCD review has been performed.
  • All commits contain one or more Co-authored-by lines where pairing or mobbing has taken place

@ChristianSoftwire
AUT-5136: Add read/write/delete policies and link them to passkeys la…
8e99527 
…mbdas

- Add read/write/delete policies for the authenticator table
- Reference the relevant policies in the passkeys-{action} lambdas
- Add the encryption keys for the authenticator table

Signed-off-by: Christian Sophocleous <145482922+ChristianSoftwire@users.noreply.github.com>
@ChristianSoftwire ChristianSoftwire requested review from a team as code owners February 13, 2026 14:49
@ChristianSoftwire ChristianSoftwire force-pushed the AUT-5136-connect-account-data-api-to-authenticator-table branch 2 times, most recently from e149194 to 208df91 Compare February 16, 2026 14:25
@ChristianSoftwire
AUT-5136: Add new entities for Authenticator and Passkey
6346ff3 
- Authenticator is an abstract class that forms the base class for entries in the Authenticator table
- The Authenticator abstract class takes a generic parameter. This is because the methods on Authenticator should return the class that inherits from Authenticator, rather than an Authenticator itself
- The protected self() method is used by the methods in Authenticator to return the child class rather than Authenticator
- Both of the above means that when constructing a Passkey, we can use methods from both the Passkey.class and the Authenticator.class
- Partition key is the PublicSubjectId and sort key is the SortKey which will be made of the CredentialType and CredentialId

Signed-off-by: Christian Sophocleous <145482922+ChristianSoftwire@users.noreply.github.com>
@ChristianSoftwire
AUT-5136: Move entities into a passkey module to keep things organised
f912e00 
Signed-off-by: Christian Sophocleous <145482922+ChristianSoftwire@users.noreply.github.com>
@ChristianSoftwire
AUT-5136: Create account-data-api-integration-tests module
09e9f94 
Signed-off-by: Christian Sophocleous <145482922+ChristianSoftwire@users.noreply.github.com>
@ChristianSoftwire ChristianSoftwire force-pushed the AUT-5136-connect-account-data-api-to-authenticator-table branch from 208df91 to 425b50c Compare February 18, 2026 16:21
@ChristianSoftwire
AUT-5136: Create DynamoPasskeyService to access the Passkeys entities…
57741d9 
… within the Authenticator table

- This is a specific DynamoPasskeyService, to access Passkey entities
- This is needed because Authenticator is abstract and will be inherited from. We can't set up an DynamoAuthenticatorService as we need to know if it's a passkey or another authenticator (for example MFA)

Signed-off-by: Christian Sophocleous <145482922+ChristianSoftwire@users.noreply.github.com>
@ChristianSoftwire
AUT-5136: Add action to run the account-data-api-integration-tests in…
cb33195 
… the GHA pre-merge checks

Signed-off-by: Christian Sophocleous <145482922+ChristianSoftwire@users.noreply.github.com>
@ChristianSoftwire ChristianSoftwire force-pushed the AUT-5136-connect-account-data-api-to-authenticator-table branch from 425b50c to cb33195 Compare February 20, 2026 14:50
@sonarqubecloud
Copy link

sonarqubecloud bot commented Feb 20, 2026

Quality Gate Failed Quality Gate failed

Failed conditions
1 Security Hotspot

See analysis details on SonarQube Cloud

alhcomer
alhcomer approved these changes Feb 20, 2026
View reviewed changes
Copy link
Contributor

@alhcomer alhcomer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM nice one

@ChristianSoftwire ChristianSoftwire added this pull request to the merge queue Feb 20, 2026
Merged via the queue into main with commit dc23711 Feb 20, 2026
18 of 19 checks passed
@ChristianSoftwire ChristianSoftwire deleted the AUT-5136-connect-account-data-api-to-authenticator-table branch February 20, 2026 15:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alhcomer alhcomer alhcomer approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ChristianSoftwire @alhcomer