amplify-category-api
amplify-category-api copied to clipboard
aws-amplify
Owner @auth authorization limited to fields that are String type
Before opening, please confirm:
- [X] I have installed the latest version of the Amplify CLI (see above), and confirmed that the issue still persists.
- [X] I have searched for duplicate or closed issues.
- [X] I have read the guide for submitting bug reports.
- [X] I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.
How did you install the Amplify CLI?
No response
If applicable, what version of Node.js are you using?
No response
Amplify CLI Version
latest
What operating system are you using?
OSX
Amplify Categories
auth, api
Amplify Commands
codegen
Describe the bug
We have a custom attribute in cognito that is of "number" type.
We'd like to use this attribute as part of owner authorization via the identityClaim attribute.
The field is stored in dynamo as a "Float" type.
In the vtl resolver however, the identityClaim is returned as a string, and so the owner authorization comparison fails (string compared to float) and so owner authorization never works.
I'll send example code / screenshot to [email protected]
Expected behavior
-
JWT Token decoding should respect cognito attribute type (something that is a number should be returned as number not string)
-
Owner authorization should work with both strings and numbers
Reproduction steps
I sent code that reproduces with annotations to [email protected]
GraphQL schema(s)
Sent to [email protected]
Log output
# Put your logs below this line
Additional information
At minimum this should be documented in amplify cli docs, that owner authorization only works with string fields.
