From f622d88d510785df5f58d9eed3db338ac565f8b0 Mon Sep 17 00:00:00 2001
From: catherine meng <mcatherine1994@gmail.com>
Date: Tue, 2 Apr 2024 14:57:28 -0700
Subject: [PATCH 1/3] spike(1272): try to add username attribute for mapping,
 refs: #1272

---
 infrastructure/server/variables_provided.tf | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/infrastructure/server/variables_provided.tf b/infrastructure/server/variables_provided.tf
index aac7703bf..90503caea 100644
--- a/infrastructure/server/variables_provided.tf
+++ b/infrastructure/server/variables_provided.tf
@@ -272,7 +272,8 @@ variable "maximum_oidc_attribute_read_list" {
     "profile",
     "updated_at",
     "website",
-    "zoneinfo"
+    "zoneinfo",
+    "username"
   ]
 
 }
@@ -305,7 +306,9 @@ variable "maximum_oidc_attribute_write_list" {
     "profile",
     "updated_at",
     "website",
-    "zoneinfo"]
+    "zoneinfo",
+    "username"
+  ]
 }
 
 # Variables for connecting Cognito to BCSC OIDC

From ff509d01aeed35bb54fe6f3c4ead67f5e82ede28 Mon Sep 17 00:00:00 2001
From: catherine meng <mcatherine1994@gmail.com>
Date: Wed, 3 Apr 2024 10:07:53 -0700
Subject: [PATCH 2/3] fix(1272): remove username attribute from read,write list
 as it is an invalid option, refs: #1272

---
 infrastructure/server/variables_provided.tf | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/infrastructure/server/variables_provided.tf b/infrastructure/server/variables_provided.tf
index 90503caea..2177d2d6a 100644
--- a/infrastructure/server/variables_provided.tf
+++ b/infrastructure/server/variables_provided.tf
@@ -272,8 +272,7 @@ variable "maximum_oidc_attribute_read_list" {
     "profile",
     "updated_at",
     "website",
-    "zoneinfo",
-    "username"
+    "zoneinfo"
   ]
 
 }
@@ -306,8 +305,7 @@ variable "maximum_oidc_attribute_write_list" {
     "profile",
     "updated_at",
     "website",
-    "zoneinfo",
-    "username"
+    "zoneinfo"
   ]
 }
 

From 29c53d26c2c93b1af513aa0b9a7ade051f52e87b Mon Sep 17 00:00:00 2001
From: catherine meng <mcatherine1994@gmail.com>
Date: Wed, 3 Apr 2024 10:23:34 -0700
Subject: [PATCH 3/3] fix(1272): try to remove the username from attribute
 mapping, cause cognito seems will auto map it, refs: #1272

---
 infrastructure/server/oidc_idp_bcsc.tf | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/infrastructure/server/oidc_idp_bcsc.tf b/infrastructure/server/oidc_idp_bcsc.tf
index ca1bb6c60..bf9e3de45 100644
--- a/infrastructure/server/oidc_idp_bcsc.tf
+++ b/infrastructure/server/oidc_idp_bcsc.tf
@@ -24,7 +24,6 @@ resource "aws_cognito_identity_provider" "dev_bcsc_oidc_provider" {
   }
 
   attribute_mapping = {
-    username = "sub",
     given_name = "given_name",
     family_name = "family_name",
     birthdate = "birthdate",
@@ -59,7 +58,6 @@ resource "aws_cognito_identity_provider" "test_bcsc_oidc_provider" {
   }
 
   attribute_mapping = {
-    username = "sub",
     given_name = "given_name",
     family_name = "family_name",
     birthdate = "birthdate",
@@ -95,7 +93,6 @@ resource "aws_cognito_identity_provider" "prod_bcsc_oidc_provider" {
   }
 
   attribute_mapping = {
-    username = "sub",
     given_name = "given_name",
     family_name = "family_name",
     birthdate = "birthdate",