@aws-sdk/client-cognito-identity-provider 3.625.0 → 3.627.0

package/dist-cjs/index.js

@@ -79,6 +79,7 @@ __export(src_exports, {
   AdminUpdateUserAttributesRequestFilterSensitiveLog: () => AdminUpdateUserAttributesRequestFilterSensitiveLog,
   AdminUserGlobalSignOutCommand: () => AdminUserGlobalSignOutCommand,
   AdminUserGlobalSignOutRequestFilterSensitiveLog: () => AdminUserGlobalSignOutRequestFilterSensitiveLog,
+  AdvancedSecurityEnabledModeType: () => AdvancedSecurityEnabledModeType,
   AdvancedSecurityModeType: () => AdvancedSecurityModeType,
   AliasAttributeType: () => AliasAttributeType,
   AliasExistsException: () => AliasExistsException,
@@ -1081,6 +1082,10 @@ var DeviceRememberedStatusType = {
   NOT_REMEMBERED: "not_remembered",
   REMEMBERED: "remembered"
 };
+var AdvancedSecurityEnabledModeType = {
+  AUDIT: "AUDIT",
+  ENFORCED: "ENFORCED"
+};
 var AdvancedSecurityModeType = {
   AUDIT: "AUDIT",
   ENFORCED: "ENFORCED",
@@ -1333,23 +1338,6 @@ var LogLevel = {
   ERROR: "ERROR",
   INFO: "INFO"
 };
-var _UnauthorizedException = class _UnauthorizedException extends CognitoIdentityProviderServiceException {
-  /**
-   * @internal
-   */
-  constructor(opts) {
-    super({
-      name: "UnauthorizedException",
-      $fault: "client",
-      ...opts
-    });
-    this.name = "UnauthorizedException";
-    this.$fault = "client";
-    Object.setPrototypeOf(this, _UnauthorizedException.prototype);
-  }
-};
-__name(_UnauthorizedException, "UnauthorizedException");
-var UnauthorizedException = _UnauthorizedException;
 var AdminAddUserToGroupRequestFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
   ...obj,
   ...obj.Username && { Username: import_smithy_client.SENSITIVE_STRING }
@@ -1710,6 +1698,23 @@ var RevokeTokenRequestFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
 
 // src/models/models_1.ts
 
+var _UnauthorizedException = class _UnauthorizedException extends CognitoIdentityProviderServiceException {
+  /**
+   * @internal
+   */
+  constructor(opts) {
+    super({
+      name: "UnauthorizedException",
+      $fault: "client",
+      ...opts
+    });
+    this.name = "UnauthorizedException";
+    this.$fault = "client";
+    Object.setPrototypeOf(this, _UnauthorizedException.prototype);
+  }
+};
+__name(_UnauthorizedException, "UnauthorizedException");
+var UnauthorizedException = _UnauthorizedException;
 var _UnsupportedOperationException = class _UnsupportedOperationException extends CognitoIdentityProviderServiceException {
   /**
    * @internal
@@ -6700,6 +6705,7 @@ var paginateListUsers = (0, import_core.createPaginator)(CognitoIdentityProvider
   PasswordHistoryPolicyViolationException,
   SoftwareTokenMFANotFoundException,
   DeviceRememberedStatusType,
+  AdvancedSecurityEnabledModeType,
   AdvancedSecurityModeType,
   AliasAttributeType,
   ConcurrentModificationException,
@@ -6731,7 +6737,6 @@ var paginateListUsers = (0, import_core.createPaginator)(CognitoIdentityProvider
   DomainStatusType,
   EventSourceName,
   LogLevel,
-  UnauthorizedException,
   AdminAddUserToGroupRequestFilterSensitiveLog,
   AdminConfirmSignUpRequestFilterSensitiveLog,
   AttributeTypeFilterSensitiveLog,
@@ -6806,6 +6811,7 @@ var paginateListUsers = (0, import_core.createPaginator)(CognitoIdentityProvider
   RespondToAuthChallengeRequestFilterSensitiveLog,
   RespondToAuthChallengeResponseFilterSensitiveLog,
   RevokeTokenRequestFilterSensitiveLog,
+  UnauthorizedException,
   UnsupportedOperationException,
   UnsupportedTokenTypeException,
   EnableSoftwareTokenMFAException,

package/dist-es/models/models_0.js

@@ -454,6 +454,10 @@ export const DeviceRememberedStatusType = {
     NOT_REMEMBERED: "not_remembered",
     REMEMBERED: "remembered",
 };
+export const AdvancedSecurityEnabledModeType = {
+    AUDIT: "AUDIT",
+    ENFORCED: "ENFORCED",
+};
 export const AdvancedSecurityModeType = {
     AUDIT: "AUDIT",
     ENFORCED: "ENFORCED",
@@ -666,18 +670,6 @@ export const LogLevel = {
     ERROR: "ERROR",
     INFO: "INFO",
 };
-export class UnauthorizedException extends __BaseException {
-    constructor(opts) {
-        super({
-            name: "UnauthorizedException",
-            $fault: "client",
-            ...opts,
-        });
-        this.name = "UnauthorizedException";
-        this.$fault = "client";
-        Object.setPrototypeOf(this, UnauthorizedException.prototype);
-    }
-}
 export const AdminAddUserToGroupRequestFilterSensitiveLog = (obj) => ({
     ...obj,
     ...(obj.Username && { Username: SENSITIVE_STRING }),

package/dist-es/models/models_1.js

@@ -1,6 +1,18 @@
 import { SENSITIVE_STRING } from "@smithy/smithy-client";
 import { CognitoIdentityProviderServiceException as __BaseException } from "./CognitoIdentityProviderServiceException";
 import { AttributeTypeFilterSensitiveLog, RiskConfigurationTypeFilterSensitiveLog, UICustomizationTypeFilterSensitiveLog, UserPoolClientTypeFilterSensitiveLog, } from "./models_0";
+export class UnauthorizedException extends __BaseException {
+    constructor(opts) {
+        super({
+            name: "UnauthorizedException",
+            $fault: "client",
+            ...opts,
+        });
+        this.name = "UnauthorizedException";
+        this.$fault = "client";
+        Object.setPrototypeOf(this, UnauthorizedException.prototype);
+    }
+}
 export class UnsupportedOperationException extends __BaseException {
     constructor(opts) {
         super({

package/dist-es/protocols/Aws_json1_1.js

@@ -2,8 +2,8 @@ import { loadRestJsonErrorCode, parseJsonBody as parseBody, parseJsonErrorBody a
 import { HttpRequest as __HttpRequest } from "@smithy/protocol-http";
 import { _json, collectBody, decorateServiceException as __decorateServiceException, expectBoolean as __expectBoolean, expectInt32 as __expectInt32, expectLong as __expectLong, expectNonNull as __expectNonNull, expectNumber as __expectNumber, expectString as __expectString, parseEpochTimestamp as __parseEpochTimestamp, take, withBaseException, } from "@smithy/smithy-client";
 import { CognitoIdentityProviderServiceException as __BaseException } from "../models/CognitoIdentityProviderServiceException";
-import { AliasExistsException, CodeDeliveryFailureException, CodeMismatchException, ConcurrentModificationException, DuplicateProviderException, ExpiredCodeException, ForbiddenException, GroupExistsException, InternalErrorException, InvalidEmailRoleAccessPolicyException, InvalidLambdaResponseException, InvalidOAuthFlowException, InvalidParameterException, InvalidPasswordException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, InvalidUserPoolConfigurationException, LimitExceededException, MFAMethodNotFoundException, NotAuthorizedException, PasswordHistoryPolicyViolationException, PasswordResetRequiredException, PreconditionNotMetException, ResourceNotFoundException, ScopeDoesNotExistException, SoftwareTokenMFANotFoundException, TooManyFailedAttemptsException, TooManyRequestsException, UnauthorizedException, UnexpectedLambdaException, UnsupportedIdentityProviderException, UnsupportedUserStateException, UserImportInProgressException, UserLambdaValidationException, UsernameExistsException, UserNotConfirmedException, UserNotFoundException, UserPoolAddOnNotEnabledException, UserPoolTaggingException, } from "../models/models_0";
-import { EnableSoftwareTokenMFAException, UnsupportedOperationException, UnsupportedTokenTypeException, } from "../models/models_1";
+import { AliasExistsException, CodeDeliveryFailureException, CodeMismatchException, ConcurrentModificationException, DuplicateProviderException, ExpiredCodeException, ForbiddenException, GroupExistsException, InternalErrorException, InvalidEmailRoleAccessPolicyException, InvalidLambdaResponseException, InvalidOAuthFlowException, InvalidParameterException, InvalidPasswordException, InvalidSmsRoleAccessPolicyException, InvalidSmsRoleTrustRelationshipException, InvalidUserPoolConfigurationException, LimitExceededException, MFAMethodNotFoundException, NotAuthorizedException, PasswordHistoryPolicyViolationException, PasswordResetRequiredException, PreconditionNotMetException, ResourceNotFoundException, ScopeDoesNotExistException, SoftwareTokenMFANotFoundException, TooManyFailedAttemptsException, TooManyRequestsException, UnexpectedLambdaException, UnsupportedIdentityProviderException, UnsupportedUserStateException, UserImportInProgressException, UserLambdaValidationException, UsernameExistsException, UserNotConfirmedException, UserNotFoundException, UserPoolAddOnNotEnabledException, UserPoolTaggingException, } from "../models/models_0";
+import { EnableSoftwareTokenMFAException, UnauthorizedException, UnsupportedOperationException, UnsupportedTokenTypeException, } from "../models/models_1";
 export const se_AddCustomAttributesCommand = async (input, context) => {
     const headers = sharedHeaders("AddCustomAttributes");
     let body;

package/dist-types/commands/CreateUserPoolCommand.d.ts

@@ -188,6 +188,9 @@ declare const CreateUserPoolCommand_base: {
  *   ],
  *   UserPoolAddOns: { // UserPoolAddOnsType
  *     AdvancedSecurityMode: "OFF" || "AUDIT" || "ENFORCED", // required
+ *     AdvancedSecurityAdditionalFlows: { // AdvancedSecurityAdditionalFlowsType
+ *       CustomAuthMode: "AUDIT" || "ENFORCED",
+ *     },
  *   },
  *   UsernameConfiguration: { // UsernameConfigurationType
  *     CaseSensitive: true || false, // required
@@ -326,6 +329,9 @@ declare const CreateUserPoolCommand_base: {
  * //     },
  * //     UserPoolAddOns: { // UserPoolAddOnsType
  * //       AdvancedSecurityMode: "OFF" || "AUDIT" || "ENFORCED", // required
+ * //       AdvancedSecurityAdditionalFlows: { // AdvancedSecurityAdditionalFlowsType
+ * //         CustomAuthMode: "AUDIT" || "ENFORCED",
+ * //       },
  * //     },
  * //     UsernameConfiguration: { // UsernameConfigurationType
  * //       CaseSensitive: true || false, // required

package/dist-types/commands/DescribeUserPoolCommand.d.ts

@@ -182,6 +182,9 @@ declare const DescribeUserPoolCommand_base: {
  * //     },
  * //     UserPoolAddOns: { // UserPoolAddOnsType
  * //       AdvancedSecurityMode: "OFF" || "AUDIT" || "ENFORCED", // required
+ * //       AdvancedSecurityAdditionalFlows: { // AdvancedSecurityAdditionalFlowsType
+ * //         CustomAuthMode: "AUDIT" || "ENFORCED",
+ * //       },
  * //     },
  * //     UsernameConfiguration: { // UsernameConfigurationType
  * //       CaseSensitive: true || false, // required

package/dist-types/commands/RevokeTokenCommand.d.ts

@@ -1,7 +1,8 @@
 import { Command as $Command } from "@smithy/smithy-client";
 import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 import { CognitoIdentityProviderClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../CognitoIdentityProviderClient";
-import { RevokeTokenRequest, RevokeTokenResponse } from "../models/models_0";
+import { RevokeTokenRequest } from "../models/models_0";
+import { RevokeTokenResponse } from "../models/models_1";
 /**
  * @public
  */

package/dist-types/commands/UpdateUserPoolCommand.d.ts

@@ -165,6 +165,9 @@ declare const UpdateUserPoolCommand_base: {
  *   },
  *   UserPoolAddOns: { // UserPoolAddOnsType
  *     AdvancedSecurityMode: "OFF" || "AUDIT" || "ENFORCED", // required
+ *     AdvancedSecurityAdditionalFlows: { // AdvancedSecurityAdditionalFlowsType
+ *       CustomAuthMode: "AUDIT" || "ENFORCED",
+ *     },
  *   },
  *   AccountRecoverySetting: { // AccountRecoverySettingType
  *     RecoveryMechanisms: [ // RecoveryMechanismsType

package/dist-types/models/models_0.d.ts

@@ -3143,6 +3143,35 @@ export interface AdminUserGlobalSignOutRequest {
  */
 export interface AdminUserGlobalSignOutResponse {
 }
+/**
+ * @public
+ * @enum
+ */
+export declare const AdvancedSecurityEnabledModeType: {
+    readonly AUDIT: "AUDIT";
+    readonly ENFORCED: "ENFORCED";
+};
+/**
+ * @public
+ */
+export type AdvancedSecurityEnabledModeType = (typeof AdvancedSecurityEnabledModeType)[keyof typeof AdvancedSecurityEnabledModeType];
+/**
+ * <p>Advanced security configuration options for additional authentication types
+ *             in your user pool, including custom authentication and refresh-token
+ *             authentication.
+ *         </p>
+ * @public
+ */
+export interface AdvancedSecurityAdditionalFlowsType {
+    /**
+     * <p>The operating mode of advanced security features in custom authentication with
+     *             <a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html">
+     *                 Custom authentication challenge Lambda triggers</a>.
+     *         </p>
+     * @public
+     */
+    CustomAuthMode?: AdvancedSecurityEnabledModeType;
+}
 /**
  * @public
  * @enum
@@ -4816,10 +4845,21 @@ export interface UsernameConfigurationType {
  */
 export interface UserPoolAddOnsType {
     /**
-     * <p>The operating mode of advanced security features in your user pool.</p>
+     * <p>The operating mode of advanced security features for standard authentication types
+     *             in your user pool, including username-password and secure remote password (SRP)
+     *             authentication.
+     *         </p>
      * @public
      */
     AdvancedSecurityMode: AdvancedSecurityModeType | undefined;
+    /**
+     * <p>Advanced security configuration options for additional authentication types
+     *             in your user pool, including custom authentication and refresh-token
+     *             authentication.
+     *         </p>
+     * @public
+     */
+    AdvancedSecurityAdditionalFlows?: AdvancedSecurityAdditionalFlowsType;
 }
 /**
  * @public
@@ -8589,24 +8629,6 @@ export interface RevokeTokenRequest {
      */
     ClientSecret?: string;
 }
-/**
- * @public
- */
-export interface RevokeTokenResponse {
-}
-/**
- * <p>Exception that is thrown when the request isn't authorized. This can happen due to an
- *             invalid access token in the request.</p>
- * @public
- */
-export declare class UnauthorizedException extends __BaseException {
-    readonly name: "UnauthorizedException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<UnauthorizedException, __BaseException>);
-}
 /**
  * @internal
  */

package/dist-types/models/models_1.d.ts

@@ -1,6 +1,24 @@
 import { ExceptionOptionType as __ExceptionOptionType } from "@smithy/smithy-client";
 import { CognitoIdentityProviderServiceException as __BaseException } from "./CognitoIdentityProviderServiceException";
 import { AccountRecoverySettingType, AccountTakeoverRiskConfigurationType, AdminCreateUserConfigType, AnalyticsConfigurationType, AnalyticsMetadataType, AttributeType, CodeDeliveryDetailsType, CompromisedCredentialsRiskConfigurationType, CustomDomainConfigType, DeletionProtectionType, DeviceConfigurationType, DeviceRememberedStatusType, EmailConfigurationType, ExplicitAuthFlowsType, FeedbackValueType, GroupType, IdentityProviderType, LambdaConfigType, LogConfigurationType, LogDeliveryConfigurationType, MFAOptionType, OAuthFlowType, PreventUserExistenceErrorTypes, ResourceServerScopeType, ResourceServerType, RiskConfigurationType, RiskExceptionConfigurationType, SmsConfigurationType, SmsMfaConfigType, SMSMfaSettingsType, SoftwareTokenMfaConfigType, SoftwareTokenMfaSettingsType, TokenValidityUnitsType, UICustomizationType, UserAttributeUpdateSettingsType, UserContextDataType, UserImportJobType, UserPoolAddOnsType, UserPoolClientType, UserPoolMfaType, UserPoolPolicyType, VerificationMessageTemplateType, VerifiedAttributeType } from "./models_0";
+/**
+ * @public
+ */
+export interface RevokeTokenResponse {
+}
+/**
+ * <p>Exception that is thrown when the request isn't authorized. This can happen due to an
+ *             invalid access token in the request.</p>
+ * @public
+ */
+export declare class UnauthorizedException extends __BaseException {
+    readonly name: "UnauthorizedException";
+    readonly $fault: "client";
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<UnauthorizedException, __BaseException>);
+}
 /**
  * <p>Exception that is thrown when you attempt to perform an operation that isn't enabled
  *             for the user pool client.</p>

package/dist-types/ts3.4/commands/RevokeTokenCommand.d.ts

@@ -5,7 +5,8 @@ import {
   ServiceInputTypes,
   ServiceOutputTypes,
 } from "../CognitoIdentityProviderClient";
-import { RevokeTokenRequest, RevokeTokenResponse } from "../models/models_0";
+import { RevokeTokenRequest } from "../models/models_0";
+import { RevokeTokenResponse } from "../models/models_1";
 export { __MetadataBearer };
 export { $Command };
 export interface RevokeTokenCommandInput extends RevokeTokenRequest {}

package/dist-types/ts3.4/models/models_0.d.ts

@@ -723,6 +723,15 @@ export interface AdminUserGlobalSignOutRequest {
   Username: string | undefined;
 }
 export interface AdminUserGlobalSignOutResponse {}
+export declare const AdvancedSecurityEnabledModeType: {
+  readonly AUDIT: "AUDIT";
+  readonly ENFORCED: "ENFORCED";
+};
+export type AdvancedSecurityEnabledModeType =
+  (typeof AdvancedSecurityEnabledModeType)[keyof typeof AdvancedSecurityEnabledModeType];
+export interface AdvancedSecurityAdditionalFlowsType {
+  CustomAuthMode?: AdvancedSecurityEnabledModeType;
+}
 export declare const AdvancedSecurityModeType: {
   readonly AUDIT: "AUDIT";
   readonly ENFORCED: "ENFORCED";
@@ -1032,6 +1041,7 @@ export interface UsernameConfigurationType {
 }
 export interface UserPoolAddOnsType {
   AdvancedSecurityMode: AdvancedSecurityModeType | undefined;
+  AdvancedSecurityAdditionalFlows?: AdvancedSecurityAdditionalFlowsType;
 }
 export declare const DefaultEmailOptionType: {
   readonly CONFIRM_WITH_CODE: "CONFIRM_WITH_CODE";
@@ -1674,14 +1684,6 @@ export interface RevokeTokenRequest {
   ClientId: string | undefined;
   ClientSecret?: string;
 }
-export interface RevokeTokenResponse {}
-export declare class UnauthorizedException extends __BaseException {
-  readonly name: "UnauthorizedException";
-  readonly $fault: "client";
-  constructor(
-    opts: __ExceptionOptionType<UnauthorizedException, __BaseException>
-  );
-}
 export declare const AdminAddUserToGroupRequestFilterSensitiveLog: (
   obj: AdminAddUserToGroupRequest
 ) => any;

package/dist-types/ts3.4/models/models_1.d.ts

@@ -45,6 +45,14 @@ import {
   VerificationMessageTemplateType,
   VerifiedAttributeType,
 } from "./models_0";
+export interface RevokeTokenResponse {}
+export declare class UnauthorizedException extends __BaseException {
+  readonly name: "UnauthorizedException";
+  readonly $fault: "client";
+  constructor(
+    opts: __ExceptionOptionType<UnauthorizedException, __BaseException>
+  );
+}
 export declare class UnsupportedOperationException extends __BaseException {
   readonly name: "UnsupportedOperationException";
   readonly $fault: "client";

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-cognito-identity-provider",
   "description": "AWS SDK for JavaScript Cognito Identity Provider Client for Node.js, Browser and React Native",
-  "version": "3.625.0",
+  "version": "3.627.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "node ../../scripts/compilation/inline client-cognito-identity-provider",