bug: Cognito CustomMessage_SignUp Lambda trigger event schema does not match AWS

[goistjt]

Is there an existing issue for this? No

• I have searched the existing issues

Current Behavior

When calling awslocal cognito-idp sign-up --client-id s2tgoilejvkhku14yr9vz7o7k7 --username <email> --password <pass> --user-attributes "Name=phone_number,Value=<phone>" "Name=given_name,Value=Test" "Name=family_name,Value=User" with a CustomMessage Lambda trigger configured, the Lambda is receiving the following event object:

{
  "version": "$LATEST",
  "triggerSource": "CustomMessage_SignUp",
  "userName": "<email>",
  "region": "us-gov-west-1",
  "userPoolId": "<localstackUserPoolId",
  "callerContext": {
    "awsSdkVersion": "aws-sdk-unknown-unknown",
    "clientId": "CLIENT_ID_NOT_APPLICABLE"
  },
  "request": {
    "validationData": {},
    "clientMetadata": {},
    "session": [],
    "codeParameter": "125155",
    "usernameParameter": "<email>"
  },
  "response": {}
}

Expected Behavior

Given the same input targeting AWS Cognito, I'd expect an event object with this shape:

{
  "version": "1",
  "region": "us-gov-west-1",
  "userPoolId": "<AWS UserPoolId>",
  "userName": "cf77b4bb-5af8-4831-b4c1-8733a03e1ba2",
  "callerContext": {
    "awsSdkVersion": "aws-sdk-js-3.473.0",
    "clientId": "<clientId>"
  },
  "triggerSource": "CustomMessage_SignUp",
  "request": {
    "userAttributes": {
      "sub": "cf77b4bb-5af8-4831-b4c1-8733a03e1ba2",
      "cognito:email_alias": "<email>",
      "email_verified": "false",
      "cognito:user_status": "UNCONFIRMED",
      "phone_number_verified": "false",
      "phone_number": "<phone>",
      "given_name": "User",
      "family_name": "Test",
      "email": "<email>"
    },
    "codeParameter": "{####}",
    "linkParameter": "{##Click Here##}",
    "usernameParameter": null
  },
  "response": {
    "smsMessage": null,
    "emailMessage": null,
    "emailSubject": null
  }
}

How are you starting LocalStack?

With a docker-compose file

Steps To Reproduce

How are you starting localstack (e.g., bin/localstack command, arguments, or docker-compose.yml)

docker-compose.yml

services:
  localstack:
    container_name: '${LOCALSTACK_DOCKER_NAME:-localstack-main}'
    image: localstack/localstack-pro
    ports:
      - '127.0.0.1:4566:4566' # LocalStack Gateway
      - '127.0.0.1:4510-4559:4510-4559' # external services port range
      - '127.0.0.1:443:443' # LocalStack HTTPS Gateway (Pro)
    environment:
      - HOSTNAME_EXTERNAL=localstack
      - HOSTNAME=localstack
      - LOCALSTACK_AUTH_TOKEN=${LOCALSTACK_AUTH_TOKEN:?MISSING_LOCALSTACK_TOKEN}
      - DEBUG=${DEBUG:-0}
      - PERSISTENCE=${PERSISTENCE:-0}
      - SMTP_HOST=http://smtp4dev:25
      - [email protected]
      - DISABLE_CORS_CHECKS=1
    volumes:
      - '${LOCALSTACK_VOLUME_DIR:-../../.localstack-volume}:/var/lib/localstack'
      - '/var/run/docker.sock:/var/run/docker.sock'
    networks:
      - infra
    
  smtp4dev:
    image: rnwood/smtp4dev:latest
    ports:
      - '5000:80'
      - '25:25'
      - '143:143'
    volumes:
      - '../../.smtp-volume:/smtp4dev'
    environment:
      - ServerOptions__HostName=smtp4dev

networks:
  infra:
    name: infra

docker compose up -d

Client commands (e.g., AWS SDK code snippet, or sequence of "awslocal" commands)

cdklocal deploy auth-stack

aws-cdk Cognito configuration

export class AuthStack extends Stack {
  userPool: aws_cognito.UserPool;
  userPoolClient: aws_cognito.UserPoolClient;
  cognitoPolicyDocument: PolicyDocument;
  sesPolicyDocument: PolicyDocument;
  s3PolicyDocument: PolicyDocument;
  private readonly emailIdentityName = 'domain.tld';

  constructor(scope: App, id: string, props?: AuthStackProps) {
    super(scope, getEnvSpecificId(id), props);
    this.userPool = new aws_cognito.UserPool(
      this,
      getEnvSpecificId('user-pool'),
      {
        lambdaTriggers: {
          customMessage: props.customMessageLambda,
        },
        selfSignUpEnabled: true,
        userVerification: {
          emailSubject: 'Email Confirmation',
          emailBody:
            "Here's your verification code for your account: {####}",
          emailStyle: aws_cognito.VerificationEmailStyle.CODE,
          smsMessage: "Here's your verification code: {####}",
        },
        signInAliases: {
          email: true,
        },
        autoVerify: {
          email: true,
        },
        passwordPolicy: {
          minLength: 8,
          requireLowercase: true,
          requireUppercase: true,
          requireDigits: true,
          requireSymbols: true,
        },
        accountRecovery: aws_cognito.AccountRecovery.EMAIL_ONLY,
        mfa: aws_cognito.Mfa.OPTIONAL,
        mfaSecondFactor: {
          otp: true,
          sms: true,
        },
        signInCaseSensitive: false,
        standardAttributes: {
          email: {
            required: true,
            mutable: true,
          },
          phoneNumber: {
            required: true,
            mutable: true,
          },
        },
        // Whether to keep the original attributes until the new ones are verified
        keepOriginal: {
          email: true,
        },
      }
    );

    this.userPoolClient = this.userPool.addClient(
      getEnvSpecificId('app-client'),
      {
        authFlows: {
          userPassword: true,
          userSrp: true,
        },
      }
    );
  }
}

Trying to create a user:
awslocal cognito-idp sign-up --client-id --username --password --user-attributes "Name=phone_number,Value=" "Name=given_name,Value=Test" "Name=family_name,Value=User"

Environment

- OS: macOS Sonoma 14.4.1 (MB Air M3)
- LocalStack: localstack/localstack-pro:latest

Anything else?

No response

[localstack-bot]

Welcome to LocalStack! Thanks for reporting your first issue and our team will be working towards fixing the issue for you or reach out for more background information. We recommend joining our Slack Community for real-time help and drop a message to LocalStack Pro Support if you are a Pro user! If you are willing to contribute towards fixing this issue, please have a look at our contributing guidelines and our contributing guide.