Custom Amazon Cognito Messages to Phones or E-Mails

To create a custom message for Cognito do the following:

  1. Create a new lambda function NodeJS
  2. Go to your Amazon Cognito User Pool Triggers and assign your new lambda function to the “Custom Message” section.
  3. Choose which messages you want to modify
    1. The available options are(there might be more)
      1. CustomMessage_AdminCreateUser
      2. CustomMessage_ResendCode
      3. CustomMessage_ForgotPassword
        1. NOTICE: when setting the verification code for the forgot password you must have the following data in your emailMessage: {####}
          1. If you don’t have this AWS Cognito will replace your message content with it’s default.
      4. CustomMessage_UpdateUserAttribute
      5. CustomMessage_VerifyUserAttribute
      6. CustomMessage_Authentication
      7. More info: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-lambda-trigger-syntax-shared.html

 

Sample code below:

const https = require("https");

    //if(event.userPoolId === "theSpecialUserPool") {
        // Identify why was this function invoked
        if(event.triggerSource === "CustomMessage_AdminCreateUser") {
            // Ensure that your message contains event.request.codeParameter event.request.usernameParameter. This is the placeholder for the code and username that will be sent to your user.
            event.response.smsMessage = "Welcome to the service. Your user name is " + event.request.usernameParameter + " Your temporary password is " + event.request.codeParameter;
            event.response.emailSubject = "Welcome to the service";
            event.response.emailMessage = "Welcome to the service. Your user name is " + event.request.usernameParameter + " Your temporary password is " + event.request.codeParameter;
        }

        if(event.triggerSource === "CustomMessage_ForgotPassword") {
            // Ensure that your message contains event.request.codeParameter event.request.usernameParameter. This is the placeholder for the code and username that will be sent to your user.
            event.response.smsMessage = "Your temporary password is " + event.request.codeParameter;
            event.response.emailSubject = "Forgot password";
            event.response.emailMessage = "Your temporary password is " + event.request.codeParameter;
        }

        if(event.triggerSource === "CustomMessage_UpdateUserAttribute") {
            // Ensure that your message contains event.request.codeParameter event.request.usernameParameter. This is the placeholder for the code and username that will be sent to your user.
            event.response.smsMessage = "Your temporary password is " + event.request.codeParameter;
            event.response.emailSubject = "Verify email";
            event.response.emailMessage = "Your temporary password is " + event.request.codeParameter;
        }

        if(event.triggerSource === "CustomMessage_VerifyUserAttribute") {
            // Ensure that your message contains event.request.codeParameter event.request.usernameParameter. This is the placeholder for the code and username that will be sent to your user.
            event.response.smsMessage = "Your temporary password is " + event.request.codeParameter;
            event.response.emailSubject = "Verify email";
            event.response.emailMessage = "Your temporary password is " + event.request.codeParameter;
        }

        if(event.triggerSource === "CustomMessage_ForgotPassword") {
            // Ensure that your message contains event.request.codeParameter event.request.usernameParameter. This is the placeholder for the code and username that will be sent to your user.
            event.response.smsMessage = "Your temporary password is " + event.request.codeParameter;
            event.response.emailSubject = "Verify email";
            event.response.emailMessage = "Your temporary password is " + event.request.codeParameter;
        }

        if(event.triggerSource === "CustomMessage_Authentication") {
            // Ensure that your message contains event.request.codeParameter event.request.usernameParameter. This is the placeholder for the code and username that will be sent to your user.
            event.response.smsMessage = "Your temporary password is " + event.request.codeParameter;
            event.response.emailSubject = "Verify email";
            event.response.emailMessage = "Your temporary password is " + event.request.codeParameter;
        }
        // Create custom message for other events
    //}
    // Customize messages for other user pools

    //

    // Return result to Cognito
    context.done(null, event);
};

For example you can use the following for custom email verification messages.

Advertisements

Java + Spring Boot: Explicit Class Instances with Profiles, Beans and Qualifiers

Here is a simple example how to use beans to create instances of classes based on their profiles.

Firstly, you need is a base class or an interface that each class will inherit/implement.

The simple way of doing this is to just simply using the @Profile annotation on a class with the desired profile name. For example:

Use a dev profile for a class that is created when you dev profile is up and running and test profile when your test profile is used.

Then simply use the @Autowired annotation to on the base class/interface. The rest if induced automatically based on your profile. BUT this approach works fine in your classes and/or interface reside within the same package.

In a case that you are using a base class or an interface from another library/package and wanting to create a different class to be used with different profiles this might not work because you can’t change the used profile name in the base library/package.

In these cases you do the following:

  1. Create @Bean functions that return instantiate the desired class into an object based on a profile set to the bean function. The return value can be the base class or interface.
  2. Give the same bean name to all functions.
  3. On the @Autowired class member add the @Qualifier annotation giving the bean name which you want.

Spring will in this case induce the right object instance based on the profile in defined on a bean function.

@Bean(name="authenticationLogic")
    @Profile("dev")
    public BaseAuthentication getBaseAuth()
    {
        return new MockAuthenticationClient();
    }

    @Bean(name="authenticationLogic")
    @Autowired
    @Profile("test")
    public BaseAuthentication getMainAuth(MessageService messageService)
    {
        return new MainAuthClient(messageService);
    }



    @Autowired
    @Qualifier("authenticationLogic")
    private BaseAuthentication baseAuthentication;

Mac OS X and Active Directory login problems

I’ve recently had problems with my AD login with my Macbook Pro 2017 after I had to change my password and rebooted my Macbook.

I encountered the following problems:

  1. I had to enter my credentials twice
  2. My password had not changed to the one in AD
  3. Mac OS kept telling me that network account not accessible

Fix:

  1. This problem likely caused by Filevault having the old password, after running the following command I had to enter only one password: sudo diskutil apfs updatePreboot /
  2. With this problem I had to unbind and bind my Mac OS to AD using the Discovery Utility and Active Directory option in Services tab. You probable need your system admins help.
  3. This is related the previous problem. The fix to this was to go back to my office, use an Ethernet dongle and to the actions in Step 2.

Hope this helps someone, Good Luck with this one. It’s annoying.

Adding git information to your Spring Actuator Info endpoint with Gradle

Hi,

This is how you can add git related information in case you need that to keep track what functionality and code your development or test environments are using.

Configuration

First you need to add the following to your Gradle file:

plugins {
   id "com.gorylenko.gradle-git-properties" version "1.4.21"
}

apply plugin: 'com.gorylenko.gradle-git-properties'

After this you should have a new Gradle task that will generate a git.properties file that your Actuator Info Endpoint can use. This file by default is generated into the build path resources folder. So run this command before building your jar or docker image etc.

gradle generateGitProperties

Bonus

If you want to access the Info actutor enpoint to display that info from somewhere else you can do this:
@Autowired
InfoEndpoint infoEndpoint;

return new JSONObject(this.infoEndpoint.invoke()).toString();

Links

https://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#howto-git-info

https://github.com/n0mer/gradle-git-properties

Helper Scripts for Docker, git and Java developers

Hi,

Here are some of my own scripts that I use when developing to ease my life:

Building a Java Gradle project, then building a docker image and pushing it

./gradlew test
if [ $? -eq 0 ]; then
    echo Tests OK
    gradle clean
    gradle generateGitProperties
    gradle bootRepackage
    ./cleandocker.sh
    docker rmi {your image name + tag}
    docker build -t {your image name + tag} .
    ./dockerregistrylogin.sh
    docker push {your image name + tag}
else
    echo Tests Failed
    exit 1
fi

Clean docker from all running containers and stopped ones

echo "Stoping all containers"
docker stop $(docker ps -a -q)
echo "Removing all containers"
docker rm $(docker ps -a -q)
echo "Starting dev environment"

Commit your code to git after gradle tests are successfull

./gradlew test
if [ $? -eq 0 ]; then
    echo Tests OK
    git add .
    git commit -m "$1"
    git push
else
    echo Tests Failed
    exit 1
fi

Merge your branch with your master

git checkout master
git pull origin master
git merge dev -m "$1"
git push origin master
git checkout dev

This one is for AWS Developers to run and get the AWS ECR docker login

#Notice: To use a certain profile for login define additional profiles like this: aws configure --profile awscli

function doAwsDockerRegistryLogin()
{
    local  myresult=$(aws ecr get-login --no-include-email --region eu-central-1 --profile awscli)
    echo "$myresult"
}

result=$(doAwsDockerRegistryLogin)   # or result=`myfunc`
eval $result

 

AWS ECS Docker container and load balancing with service discovery

If you have a micro service architecture in AWS and you want to direct trafifc and balance the traffic you need and Elastic Load Balancer with target groups.

To my experiment this is what you need to do in order to direct traffic from a single ELB FQDN to multiple applications/containers.

This setup assumes that you have a one webapp/client and one or more back-end services to which the client talks to.

The steps:

  1.  Make sure that your container have a host port defined of 0. This will make ECS service automatically assign a dynamic port.
  2. Create a target group for each application (client app and all back-end services)
  3. Create the ELB and add rules to your listener, or example:
    1. ClientApp: no rules here, all traffic is assumed to go to the root of the DNS
    2. Backend services: IF rule with path rule of something like “/api/myapi* and associate the wanted target group
      1. This will redirect all traffic that contain /api/myapi to the designated target group
  4. Next go to ECS and in your cluster create a service or each client and back-end service that you want to redirect traffic. The reason you have to create a service or each app is that you can only associate one ELB and Target Group for each container and it’s port, even if you have multiple container in your task definition only one container can capture your traffic unless you do other configuration in your docker host.