Add callbackUrls to aws cognito userpool client args

[dimitor115]

Hi all, while implementing an AWS User Pool in AWS Cognito I ran into a small inconvenience with the addClient method. AFAIK, the callbackUrl is required for the managed login flow to redirect back to your app, but it isn’t exposed as an input parameter, so you currently have to rely on a small transform workaround:

My current code:

    const webClient = userPool.addClient("Web", {
      transform: {
        client: (args: UserPoolClientArgs) => {
          args.callbackUrls = [adminUI.url.apply(url => `${url}/auth/callback`)];
        },
      },
    });

While I believe it's quite convenient requirement, so it could look like this:

    const webClient = userPool.addClient("Web", {
      callbackUrls: [adminUI.url.apply(url => `${url}/auth/callback`)]
    });

Please let me know if that makes sense for you to expose it.

[vimtor]

thanks for the contribution @dimitor115

problem now is that if the user skips callbackUrls you get:

| Error Web sst:aws:CognitoUserPoolClient → WebClient aws:cognito:UserPoolClient
creating Cognito User Pool Client (Web): operation error Cognito Identity Provider: CreateUserPoolClient, https response error StatusCode: 400, RequestID: d56889f8-e70d-4983-a441-97ce613d900e, InvalidOAuthFlowException: CallbackUrls can not be empty when code flow or implicit flow is selected

i proposed a change to keep it compatible with existing defaults, but yeah that https://example.com looks suspicious

maybe callbackUrls should just be required?

[dimitor115]

Personally I believe it should be required, but as far as I see it's not required in Pulumi as well. This makes me think, let's keep it backward compatible and fallback to example.com

[vimtor]

good work!

const userPool = new sst.aws.CognitoUserPool("MyUserPool", {
  triggers: {
    preSignUp: {
      handler: "index.handler",
    },
  },
});

const client = userPool.addClient("Web", {
  callbackUrls: ["https://sst.dev/auth/callback"],
});