diff --git a/addons/addon-base-raas/packages/base-raas-services/lib/schema/create-user.json b/addons/addon-base-raas/packages/base-raas-services/lib/schema/create-user.json index 7af4150200..c4b5a2cfcd 100644 --- a/addons/addon-base-raas/packages/base-raas-services/lib/schema/create-user.json +++ b/addons/addon-base-raas/packages/base-raas-services/lib/schema/create-user.json @@ -8,7 +8,7 @@ "minLength": 3, "maxLength": 300, "format": "email", - "pattern": "^([^.%+!$&*=^|~#%{}]+)[a-zA-Z0-9\\._%+!$&*=^|~#%{}/\\-]+([^.!]+)@([^-.!](([a-zA-Z0-9\\-]+\\.){1,}([a-zA-Z]{2,3})))" + "pattern": "^([^.%+!$&*=^|~#%{}]+)[a-zA-Z0-9\\._%+!$&*=^|~#%{}/\\-]+([^.!]+)@([^-.!](([a-zA-Z0-9\\-]+\\.){1,}([a-zA-Z]{2,63})))" }, "usernameInIdp": { "type": "string", @@ -26,7 +26,7 @@ }, "email": { "type": "string", - "pattern": "^([^.%+!$&*=^|~#%{}]+)[a-zA-Z0-9\\._%+!$&*=^|~#%{}/\\-]+([^.!]+)@([^-.!](([a-zA-Z0-9\\-]+\\.){1,}([a-zA-Z]{2,3})))" + "pattern": "^([^.%+!$&*=^|~#%{}]+)[a-zA-Z0-9\\._%+!$&*=^|~#%{}/\\-]+([^.!]+)@([^-.!](([a-zA-Z0-9\\-]+\\.){1,}([a-zA-Z]{2,63})))" }, "firstName": { "type": "string", diff --git a/addons/addon-base-raas/packages/base-raas-services/lib/schema/update-user.json b/addons/addon-base-raas/packages/base-raas-services/lib/schema/update-user.json index 235865c6fa..38a41c9518 100644 --- a/addons/addon-base-raas/packages/base-raas-services/lib/schema/update-user.json +++ b/addons/addon-base-raas/packages/base-raas-services/lib/schema/update-user.json @@ -8,7 +8,7 @@ }, "email": { "type": "string", - "pattern": "^([^.%+!$&*=^|~#%{}]+)[a-zA-Z0-9\\._%+!$&*=^|~#%{}/\\-]+([^.!]+)@([^-.!](([a-zA-Z0-9\\-]+\\.){1,}([a-zA-Z]{2,3})))" + "pattern": "^([^.%+!$&*=^|~#%{}]+)[a-zA-Z0-9\\._%+!$&*=^|~#%{}/\\-]+([^.!]+)@([^-.!](([a-zA-Z0-9\\-]+\\.){1,}([a-zA-Z]{2,63})))" }, "usernameInIdp": { "type": "string", diff --git a/addons/addon-base/packages/services/lib/schema/create-user.json b/addons/addon-base/packages/services/lib/schema/create-user.json index 62004892da..684def8da8 100644 --- a/addons/addon-base/packages/services/lib/schema/create-user.json +++ b/addons/addon-base/packages/services/lib/schema/create-user.json @@ -8,7 +8,7 @@ "minLength": 3, "maxLength": 300, "format": "email", - "pattern": "^([^.%+!$&*=^|~#%{}]+)[a-zA-Z0-9\\._%+!$&*=^|~#%{}/\\-]+([^.!]+)@([^-.!](([a-zA-Z0-9\\-]+\\.){1,}([a-zA-Z]{2,3})))" + "pattern": "^([^.%+!$&*=^|~#%{}]+)[a-zA-Z0-9\\._%+!$&*=^|~#%{}/\\-]+([^.!]+)@([^-.!](([a-zA-Z0-9\\-]+\\.){1,}([a-zA-Z]{2,63})))" }, "usernameInIdp": { "type": "string", @@ -26,7 +26,7 @@ }, "email": { "type": "string", - "pattern": "^([^.%+!$&*=^|~#%{}]+)[a-zA-Z0-9\\._%+!$&*=^|~#%{}/\\-]+([^.!]+)@([^-.!](([a-zA-Z0-9\\-]+\\.){1,}([a-zA-Z]{2,3})))", + "pattern": "^([^.%+!$&*=^|~#%{}]+)[a-zA-Z0-9\\._%+!$&*=^|~#%{}/\\-]+([^.!]+)@([^-.!](([a-zA-Z0-9\\-]+\\.){1,}([a-zA-Z]{2,63})))", "format": "email", "minLength": 6, "maxLength": 512 diff --git a/addons/addon-base/packages/services/lib/schema/update-user.json b/addons/addon-base/packages/services/lib/schema/update-user.json index 213b9f616f..267f3f7ec0 100644 --- a/addons/addon-base/packages/services/lib/schema/update-user.json +++ b/addons/addon-base/packages/services/lib/schema/update-user.json @@ -13,7 +13,7 @@ }, "email": { "type": "string", - "pattern": "^([^.%+!$&*=^|~#%{}]+)[a-zA-Z0-9\\._%+!$&*=^|~#%{}/\\-]+([^.!]+)@([^-.!](([a-zA-Z0-9\\-]+\\.){1,}([a-zA-Z]{2,3})))" + "pattern": "^([^.%+!$&*=^|~#%{}]+)[a-zA-Z0-9\\._%+!$&*=^|~#%{}/\\-]+([^.!]+)@([^-.!](([a-zA-Z0-9\\-]+\\.){1,}([a-zA-Z]{2,63})))" }, "firstName": { "type": "string", diff --git a/addons/addon-base/packages/services/lib/user/__tests__/user-service.test.js b/addons/addon-base/packages/services/lib/user/__tests__/user-service.test.js index 083a40985a..99e5cbc81a 100644 --- a/addons/addon-base/packages/services/lib/user/__tests__/user-service.test.js +++ b/addons/addon-base/packages/services/lib/user/__tests__/user-service.test.js @@ -163,6 +163,7 @@ describe('UserService', () => { 'email@domain.name', 'email@domain.co.jp', 'firstname-lastname@domain.com', + 'firstname-lastname@domain.aridiculouslylongtldfortesting', ]; it.each(validEmails)('should pass when creating users with valid email: %p', async email => { // BUILD @@ -202,6 +203,7 @@ describe('UserService', () => { 'email@domain', // Missing top level domain (.com/.net/.org/etc) 'email@-domain.com', // Leading dash in front of domain is invalid 'email@domain..com', // Multiple dot in the domain portion is invalid + 'firstname-lastname@domain.12345678901234567890123456789012345678901234567890123456789012345678901234567890abittoolongtld', ]; it.each(invalidEmails)('should fail when creating users with invalid email: %p', async email => { // BUILD diff --git a/main/solution/post-deployment/config/infra/cloudformation.yml b/main/solution/post-deployment/config/infra/cloudformation.yml index 41ec7e671d..c446a62f3b 100644 --- a/main/solution/post-deployment/config/infra/cloudformation.yml +++ b/main/solution/post-deployment/config/infra/cloudformation.yml @@ -524,7 +524,7 @@ Resources: exports.handler = (event, context, callback) => { event.response.autoConfirmUser = true; // This regex check should be the same as the one in create-user email pattern - const emailRegex = /^\w+([\.+-]?\w+)*@\w+([\.-]?\w+)*(\.\w{2,3})+$/ + const emailRegex = /^\w+([\.+-]?\w+)*@\w+([\.-]?\w+)*(\.\w{2,63})+$/ const { userPoolId, triggerSource, request, userName } = event const logInfo = { userPoolId, triggerSource, userName, requestBody: { name: request.name, given_name: request.given_name, family_name: request.family_name, email: request.email } }