@fiado/type-kit 3.37.0 → 3.39.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/_test_/cognitoBackofficeConnector/validators/MfaTypesRequiresOne.test.ts +77 -0
- package/_test_/unit/cognitoBackofficeConnector/validators/NoTenantIdInCustomAttrs.test.ts +43 -0
- package/bin/benefitCenter/dtos/BackofficeInputLabelsUpdateRequest.d.ts +12 -0
- package/bin/benefitCenter/dtos/BackofficeInputLabelsUpdateRequest.js +29 -0
- package/bin/benefitCenter/dtos/BackofficeLeafHelpImageUpdateRequest.d.ts +9 -0
- package/bin/benefitCenter/dtos/BackofficeLeafHelpImageUpdateRequest.js +26 -0
- package/bin/benefitCenter/dtos/BackofficeProductEnabledUpdateRequest.d.ts +9 -0
- package/bin/benefitCenter/dtos/BackofficeProductEnabledUpdateRequest.js +26 -0
- package/bin/benefitCenter/dtos/BackofficeProductHelpImageUpdateRequest.d.ts +9 -0
- package/bin/benefitCenter/dtos/BackofficeProductHelpImageUpdateRequest.js +26 -0
- package/bin/benefitCenter/dtos/BackofficeSubcategoryLogoUpdateRequest.d.ts +10 -0
- package/bin/benefitCenter/dtos/BackofficeSubcategoryLogoUpdateRequest.js +27 -0
- package/bin/benefitCenter/dtos/LeafAssetUploadUrlRequest.d.ts +14 -0
- package/bin/benefitCenter/dtos/LeafAssetUploadUrlRequest.js +36 -0
- package/bin/benefitCenter/dtos/LeafAssetUploadUrlResponse.d.ts +13 -0
- package/bin/benefitCenter/dtos/LeafAssetUploadUrlResponse.js +12 -0
- package/bin/benefitCenter/dtos/ProductItem.d.ts +12 -0
- package/bin/benefitCenter/enums/LeafAssetKindEnum.d.ts +12 -0
- package/bin/benefitCenter/enums/LeafAssetKindEnum.js +16 -0
- package/bin/benefitCenter/index.d.ts +8 -0
- package/bin/benefitCenter/index.js +9 -0
- package/bin/cognitoBackofficeConnector/dtos/AppClientConfig.d.ts +19 -0
- package/bin/cognitoBackofficeConnector/dtos/AppClientConfig.js +74 -0
- package/bin/cognitoBackofficeConnector/dtos/AuthEventResponse.d.ts +8 -0
- package/bin/cognitoBackofficeConnector/dtos/AuthEventResponse.js +6 -0
- package/bin/cognitoBackofficeConnector/dtos/AuthEventsRequest.d.ts +5 -0
- package/bin/cognitoBackofficeConnector/dtos/AuthEventsRequest.js +37 -0
- package/bin/cognitoBackofficeConnector/dtos/AuthTokensResponse.d.ts +12 -0
- package/bin/cognitoBackofficeConnector/dtos/AuthTokensResponse.js +11 -0
- package/bin/cognitoBackofficeConnector/dtos/ChangePasswordRequest.d.ts +6 -0
- package/bin/cognitoBackofficeConnector/dtos/ChangePasswordRequest.js +41 -0
- package/bin/cognitoBackofficeConnector/dtos/ConfirmForgotPasswordRequest.d.ts +8 -0
- package/bin/cognitoBackofficeConnector/dtos/ConfirmForgotPasswordRequest.js +53 -0
- package/bin/cognitoBackofficeConnector/dtos/CreatePoolRequest.d.ts +19 -0
- package/bin/cognitoBackofficeConnector/dtos/CreatePoolRequest.js +63 -0
- package/bin/cognitoBackofficeConnector/dtos/CreatePoolResponse.d.ts +13 -0
- package/bin/cognitoBackofficeConnector/dtos/CreatePoolResponse.js +13 -0
- package/bin/cognitoBackofficeConnector/dtos/CreateUserRequest.d.ts +9 -0
- package/bin/cognitoBackofficeConnector/dtos/CreateUserRequest.js +57 -0
- package/bin/cognitoBackofficeConnector/dtos/CreateUserResponse.d.ts +10 -0
- package/bin/cognitoBackofficeConnector/dtos/CreateUserResponse.js +6 -0
- package/bin/cognitoBackofficeConnector/dtos/CustomAttributeSpec.d.ts +9 -0
- package/bin/cognitoBackofficeConnector/dtos/CustomAttributeSpec.js +38 -0
- package/bin/cognitoBackofficeConnector/dtos/DeletePoolRequest.d.ts +13 -0
- package/bin/cognitoBackofficeConnector/dtos/DeletePoolRequest.js +36 -0
- package/bin/cognitoBackofficeConnector/dtos/DeleteUserRequest.d.ts +4 -0
- package/bin/cognitoBackofficeConnector/dtos/DeleteUserRequest.js +29 -0
- package/bin/cognitoBackofficeConnector/dtos/ForgotPasswordRequest.d.ts +6 -0
- package/bin/cognitoBackofficeConnector/dtos/ForgotPasswordRequest.js +41 -0
- package/bin/cognitoBackofficeConnector/dtos/HealthcheckResponse.d.ts +12 -0
- package/bin/cognitoBackofficeConnector/dtos/HealthcheckResponse.js +13 -0
- package/bin/cognitoBackofficeConnector/dtos/InitiateAuthRequest.d.ts +8 -0
- package/bin/cognitoBackofficeConnector/dtos/InitiateAuthRequest.js +53 -0
- package/bin/cognitoBackofficeConnector/dtos/InitiateAuthResponse.d.ts +16 -0
- package/bin/cognitoBackofficeConnector/dtos/InitiateAuthResponse.js +14 -0
- package/bin/cognitoBackofficeConnector/dtos/MfaPoolConfig.d.ts +7 -0
- package/bin/cognitoBackofficeConnector/dtos/MfaPoolConfig.js +31 -0
- package/bin/cognitoBackofficeConnector/dtos/MfaResetRequest.d.ts +4 -0
- package/bin/cognitoBackofficeConnector/dtos/MfaResetRequest.js +29 -0
- package/bin/cognitoBackofficeConnector/dtos/MfaVerifyResponse.d.ts +8 -0
- package/bin/cognitoBackofficeConnector/dtos/MfaVerifyResponse.js +11 -0
- package/bin/cognitoBackofficeConnector/dtos/PasswordPolicyConfig.d.ts +8 -0
- package/bin/cognitoBackofficeConnector/dtos/PasswordPolicyConfig.js +51 -0
- package/bin/cognitoBackofficeConnector/dtos/PoolConfigResponse.d.ts +20 -0
- package/bin/cognitoBackofficeConnector/dtos/PoolConfigResponse.js +11 -0
- package/bin/cognitoBackofficeConnector/dtos/PoolsListResponse.d.ts +4 -0
- package/bin/cognitoBackofficeConnector/dtos/PoolsListResponse.js +6 -0
- package/bin/cognitoBackofficeConnector/dtos/RefreshTokensRequest.d.ts +6 -0
- package/bin/cognitoBackofficeConnector/dtos/RefreshTokensRequest.js +41 -0
- package/bin/cognitoBackofficeConnector/dtos/RefreshTokensResponse.d.ts +4 -0
- package/bin/cognitoBackofficeConnector/dtos/RefreshTokensResponse.js +6 -0
- package/bin/cognitoBackofficeConnector/dtos/ResendConfirmationRequest.d.ts +6 -0
- package/bin/cognitoBackofficeConnector/dtos/ResendConfirmationRequest.js +41 -0
- package/bin/cognitoBackofficeConnector/dtos/ResendInvitationRequest.d.ts +4 -0
- package/bin/cognitoBackofficeConnector/dtos/ResendInvitationRequest.js +29 -0
- package/bin/cognitoBackofficeConnector/dtos/RespondToChallengeRequest.d.ts +9 -0
- package/bin/cognitoBackofficeConnector/dtos/RespondToChallengeRequest.js +52 -0
- package/bin/cognitoBackofficeConnector/dtos/RespondToChallengeResponse.d.ts +13 -0
- package/bin/cognitoBackofficeConnector/dtos/RespondToChallengeResponse.js +11 -0
- package/bin/cognitoBackofficeConnector/dtos/SetMfaPreferenceRequest.d.ts +8 -0
- package/bin/cognitoBackofficeConnector/dtos/SetMfaPreferenceRequest.js +51 -0
- package/bin/cognitoBackofficeConnector/dtos/TotpBeginRequest.d.ts +5 -0
- package/bin/cognitoBackofficeConnector/dtos/TotpBeginRequest.js +35 -0
- package/bin/cognitoBackofficeConnector/dtos/TotpBeginResponse.d.ts +4 -0
- package/bin/cognitoBackofficeConnector/dtos/TotpBeginResponse.js +6 -0
- package/bin/cognitoBackofficeConnector/dtos/TotpVerifyRequest.d.ts +6 -0
- package/bin/cognitoBackofficeConnector/dtos/TotpVerifyRequest.js +41 -0
- package/bin/cognitoBackofficeConnector/dtos/UpdateEmailRequest.d.ts +5 -0
- package/bin/cognitoBackofficeConnector/dtos/UpdateEmailRequest.js +34 -0
- package/bin/cognitoBackofficeConnector/dtos/UpdateProfileRequest.d.ts +12 -0
- package/bin/cognitoBackofficeConnector/dtos/UpdateProfileRequest.js +47 -0
- package/bin/cognitoBackofficeConnector/dtos/UpdateUserAttributesRequest.d.ts +7 -0
- package/bin/cognitoBackofficeConnector/dtos/UpdateUserAttributesRequest.js +49 -0
- package/bin/cognitoBackofficeConnector/dtos/UserActionRequest.d.ts +9 -0
- package/bin/cognitoBackofficeConnector/dtos/UserActionRequest.js +34 -0
- package/bin/cognitoBackofficeConnector/dtos/UserDetailResponse.d.ts +13 -0
- package/bin/cognitoBackofficeConnector/dtos/UserDetailResponse.js +6 -0
- package/bin/cognitoBackofficeConnector/dtos/VerifyEmailRequest.d.ts +5 -0
- package/bin/cognitoBackofficeConnector/dtos/VerifyEmailRequest.js +35 -0
- package/bin/cognitoBackofficeConnector/enums/CognitoChallengeType.d.ts +26 -0
- package/bin/cognitoBackofficeConnector/enums/CognitoChallengeType.js +30 -0
- package/bin/cognitoBackofficeConnector/enums/CognitoUserStatus.d.ts +29 -0
- package/bin/cognitoBackofficeConnector/enums/CognitoUserStatus.js +33 -0
- package/bin/cognitoBackofficeConnector/index.d.ts +50 -0
- package/bin/cognitoBackofficeConnector/index.js +66 -0
- package/bin/cognitoBackofficeConnector/validators/MfaTypesRequiresOne.d.ts +17 -0
- package/bin/cognitoBackofficeConnector/validators/MfaTypesRequiresOne.js +39 -0
- package/bin/cognitoBackofficeConnector/validators/NoTenantIdInCustomAttrs.d.ts +27 -0
- package/bin/cognitoBackofficeConnector/validators/NoTenantIdInCustomAttrs.js +48 -0
- package/bin/index.d.ts +3 -0
- package/bin/index.js +9 -1
- package/bin/platformRbac/dtos/AuthContext.d.ts +21 -0
- package/bin/platformRbac/dtos/AuthContext.js +2 -0
- package/bin/platformRbac/dtos/PermissionMeta.d.ts +19 -0
- package/bin/platformRbac/dtos/PermissionMeta.js +2 -0
- package/bin/platformRbac/dtos/RoleAssignmentInfo.d.ts +11 -0
- package/bin/platformRbac/dtos/RoleAssignmentInfo.js +2 -0
- package/bin/platformRbac/enums/Permission.d.ts +93 -0
- package/bin/platformRbac/enums/Permission.js +118 -0
- package/bin/platformRbac/enums/PermissionCategory.d.ts +14 -0
- package/bin/platformRbac/enums/PermissionCategory.js +18 -0
- package/bin/platformRbac/enums/PermissionScope.d.ts +10 -0
- package/bin/platformRbac/enums/PermissionScope.js +14 -0
- package/bin/platformRbac/index.d.ts +6 -0
- package/bin/platformRbac/index.js +18 -0
- package/bin/rbac/enums/PoolKind.d.ts +16 -0
- package/bin/rbac/enums/PoolKind.js +20 -0
- package/bin/rbac/index.d.ts +1 -0
- package/bin/rbac/index.js +17 -0
- package/jest.config.js +8 -0
- package/package.json +5 -1
- package/src/benefitCenter/dtos/BackofficeInputLabelsUpdateRequest.ts +16 -0
- package/src/benefitCenter/dtos/BackofficeLeafHelpImageUpdateRequest.ts +13 -0
- package/src/benefitCenter/dtos/BackofficeProductEnabledUpdateRequest.ts +12 -0
- package/src/benefitCenter/dtos/BackofficeProductHelpImageUpdateRequest.ts +13 -0
- package/src/benefitCenter/dtos/BackofficeSubcategoryLogoUpdateRequest.ts +14 -0
- package/src/benefitCenter/dtos/LeafAssetUploadUrlRequest.ts +23 -0
- package/src/benefitCenter/dtos/LeafAssetUploadUrlResponse.ts +13 -0
- package/src/benefitCenter/dtos/ProductItem.ts +14 -0
- package/src/benefitCenter/enums/LeafAssetKindEnum.ts +12 -0
- package/src/benefitCenter/index.ts +9 -0
- package/src/cognitoBackofficeConnector/dtos/AppClientConfig.ts +22 -0
- package/src/cognitoBackofficeConnector/dtos/AuthEventResponse.ts +8 -0
- package/src/cognitoBackofficeConnector/dtos/AuthEventsRequest.ts +8 -0
- package/src/cognitoBackofficeConnector/dtos/AuthTokensResponse.ts +12 -0
- package/src/cognitoBackofficeConnector/dtos/ChangePasswordRequest.ts +9 -0
- package/src/cognitoBackofficeConnector/dtos/ConfirmForgotPasswordRequest.ts +11 -0
- package/src/cognitoBackofficeConnector/dtos/CreatePoolRequest.ts +30 -0
- package/src/cognitoBackofficeConnector/dtos/CreatePoolResponse.ts +13 -0
- package/src/cognitoBackofficeConnector/dtos/CreateUserRequest.ts +12 -0
- package/src/cognitoBackofficeConnector/dtos/CreateUserResponse.ts +11 -0
- package/src/cognitoBackofficeConnector/dtos/CustomAttributeSpec.ts +12 -0
- package/src/cognitoBackofficeConnector/dtos/DeletePoolRequest.ts +16 -0
- package/src/cognitoBackofficeConnector/dtos/DeleteUserRequest.ts +7 -0
- package/src/cognitoBackofficeConnector/dtos/ForgotPasswordRequest.ts +9 -0
- package/src/cognitoBackofficeConnector/dtos/HealthcheckResponse.ts +12 -0
- package/src/cognitoBackofficeConnector/dtos/InitiateAuthRequest.ts +11 -0
- package/src/cognitoBackofficeConnector/dtos/InitiateAuthResponse.ts +17 -0
- package/src/cognitoBackofficeConnector/dtos/MfaPoolConfig.ts +16 -0
- package/src/cognitoBackofficeConnector/dtos/MfaResetRequest.ts +7 -0
- package/src/cognitoBackofficeConnector/dtos/MfaVerifyResponse.ts +8 -0
- package/src/cognitoBackofficeConnector/dtos/PasswordPolicyConfig.ts +11 -0
- package/src/cognitoBackofficeConnector/dtos/RefreshTokensRequest.ts +9 -0
- package/src/cognitoBackofficeConnector/dtos/RefreshTokensResponse.ts +5 -0
- package/src/cognitoBackofficeConnector/dtos/ResendConfirmationRequest.ts +9 -0
- package/src/cognitoBackofficeConnector/dtos/ResendInvitationRequest.ts +7 -0
- package/src/cognitoBackofficeConnector/dtos/RespondToChallengeRequest.ts +12 -0
- package/src/cognitoBackofficeConnector/dtos/RespondToChallengeResponse.ts +14 -0
- package/src/cognitoBackofficeConnector/dtos/SetMfaPreferenceRequest.ts +12 -0
- package/src/cognitoBackofficeConnector/dtos/TotpBeginRequest.ts +8 -0
- package/src/cognitoBackofficeConnector/dtos/TotpBeginResponse.ts +4 -0
- package/src/cognitoBackofficeConnector/dtos/TotpVerifyRequest.ts +9 -0
- package/src/cognitoBackofficeConnector/dtos/UpdateEmailRequest.ts +8 -0
- package/src/cognitoBackofficeConnector/dtos/UpdateProfileRequest.ts +15 -0
- package/src/cognitoBackofficeConnector/dtos/UpdateUserAttributesRequest.ts +12 -0
- package/src/cognitoBackofficeConnector/dtos/UserActionRequest.ts +12 -0
- package/src/cognitoBackofficeConnector/dtos/UserDetailResponse.ts +14 -0
- package/src/cognitoBackofficeConnector/dtos/VerifyEmailRequest.ts +8 -0
- package/src/cognitoBackofficeConnector/enums/CognitoChallengeType.ts +26 -0
- package/src/cognitoBackofficeConnector/enums/CognitoUserStatus.ts +29 -0
- package/src/cognitoBackofficeConnector/index.ts +50 -0
- package/src/cognitoBackofficeConnector/validators/MfaTypesRequiresOne.ts +29 -0
- package/src/cognitoBackofficeConnector/validators/NoTenantIdInCustomAttrs.ts +36 -0
- package/src/index.ts +8 -0
- package/src/platformRbac/dtos/AuthContext.ts +22 -0
- package/src/platformRbac/dtos/PermissionMeta.ts +20 -0
- package/src/platformRbac/dtos/RoleAssignmentInfo.ts +12 -0
- package/src/platformRbac/enums/Permission.ts +120 -0
- package/src/platformRbac/enums/PermissionCategory.ts +14 -0
- package/src/platformRbac/enums/PermissionScope.ts +10 -0
- package/src/platformRbac/index.ts +17 -0
- package/src/rbac/enums/PoolKind.ts +16 -0
- package/src/rbac/index.ts +1 -0
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import { IsNotEmpty, IsString } from "class-validator";
|
|
2
|
+
|
|
3
|
+
/**
|
|
4
|
+
* Body de PUT /backoffice/leaves/categories/{category}/subcategories/{subcategory}/logo.
|
|
5
|
+
*
|
|
6
|
+
* Asigna el mismo `logo` (URL pública ya subida a S3) a TODOS los leaves de la
|
|
7
|
+
* `(category, subcategory)` — el logo es de la marca, no de cada país.
|
|
8
|
+
*/
|
|
9
|
+
export class BackofficeSubcategoryLogoUpdateRequest {
|
|
10
|
+
/** URL pública del logo (CloudFront) ya subido vía asset-upload-url. */
|
|
11
|
+
@IsString()
|
|
12
|
+
@IsNotEmpty()
|
|
13
|
+
logo!: string;
|
|
14
|
+
}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
import { IsEnum, IsNotEmpty, IsString } from "class-validator";
|
|
2
|
+
import { LeafAssetKindEnum } from "../enums/LeafAssetKindEnum";
|
|
3
|
+
|
|
4
|
+
/**
|
|
5
|
+
* Solicitud del backoffice para subir un asset de un leaf (logo o imagen de
|
|
6
|
+
* ayuda) directamente a S3. El backend responde con una presigned PUT URL y la
|
|
7
|
+
* URL pública final (CloudFront) que luego se asigna al leaf/producto.
|
|
8
|
+
*/
|
|
9
|
+
export class LeafAssetUploadUrlRequest {
|
|
10
|
+
/** Determina la subcarpeta S3 y el whitelist de MIME/tamaño. */
|
|
11
|
+
@IsEnum(LeafAssetKindEnum)
|
|
12
|
+
kind!: LeafAssetKindEnum;
|
|
13
|
+
|
|
14
|
+
/** MIME type del archivo (ej. "image/png"). Debe estar en el whitelist. */
|
|
15
|
+
@IsString()
|
|
16
|
+
@IsNotEmpty()
|
|
17
|
+
contentType!: string;
|
|
18
|
+
|
|
19
|
+
/** Extensión sin punto (ej. "png"). Se usa para componer la key en S3. */
|
|
20
|
+
@IsString()
|
|
21
|
+
@IsNotEmpty()
|
|
22
|
+
fileExtension!: string;
|
|
23
|
+
}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Respuesta con la presigned URL para subir el asset del leaf directamente a S3.
|
|
3
|
+
* El backoffice hace `PUT uploadUrl` con el `Content-Type` exacto solicitado y
|
|
4
|
+
* body binario (≤ maxSizeBytes). `publicUrl` (CloudFront) es la que se asigna
|
|
5
|
+
* luego al leaf (logo) o producto (helpImage).
|
|
6
|
+
*/
|
|
7
|
+
export class LeafAssetUploadUrlResponse {
|
|
8
|
+
uploadUrl: string;
|
|
9
|
+
publicUrl: string;
|
|
10
|
+
key: string;
|
|
11
|
+
expiresAt: string;
|
|
12
|
+
maxSizeBytes: number;
|
|
13
|
+
}
|
|
@@ -8,4 +8,18 @@ export class ProductItem {
|
|
|
8
8
|
amountType: AmountTypeEnum;
|
|
9
9
|
logo: string;
|
|
10
10
|
helpText: string;
|
|
11
|
+
|
|
12
|
+
/**
|
|
13
|
+
* Imagen de ayuda del producto (ej. dónde escanear la referencia/código).
|
|
14
|
+
* Mapea desde `refSrc` del catálogo nativo. Opcional/aditivo: ausente en
|
|
15
|
+
* datos viejos.
|
|
16
|
+
*/
|
|
17
|
+
helpImage?: string;
|
|
18
|
+
|
|
19
|
+
/**
|
|
20
|
+
* Si el producto está habilitado. Opcional/aditivo: la AUSENCIA del campo
|
|
21
|
+
* se interpreta como habilitado (`true`). Solo `enabled === false` oculta
|
|
22
|
+
* el producto del catálogo público.
|
|
23
|
+
*/
|
|
24
|
+
enabled?: boolean;
|
|
11
25
|
}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Tipo de asset que el backoffice sube para un leaf del catálogo.
|
|
3
|
+
*
|
|
4
|
+
* Determina la subcarpeta en S3 (logos/ vs help-images/) y el whitelist de
|
|
5
|
+
* MIME types / tamaño de la presigned URL que devuelve el backend.
|
|
6
|
+
*/
|
|
7
|
+
export enum LeafAssetKindEnum {
|
|
8
|
+
/** Logo del servicio (ej. CALLPACKAGE). Va al campo `logo` del leaf. */
|
|
9
|
+
LOGO = "LOGO",
|
|
10
|
+
/** Imagen de ayuda del producto (dónde escanear la referencia). Va a `refSrc`. */
|
|
11
|
+
HELP_IMAGE = "HELP_IMAGE",
|
|
12
|
+
}
|
|
@@ -12,6 +12,7 @@ export * from "./enums/FavoriteDisabledReasonEnum";
|
|
|
12
12
|
export * from "./enums/BenefitPaymentStatusEnum";
|
|
13
13
|
export * from "./enums/BenefitPaymentErrorCodeEnum";
|
|
14
14
|
export * from "./enums/BannerAssetKindEnum";
|
|
15
|
+
export * from "./enums/LeafAssetKindEnum";
|
|
15
16
|
|
|
16
17
|
//DTOs
|
|
17
18
|
export * from "./dtos/BenefitItem";
|
|
@@ -70,6 +71,14 @@ export * from "./dtos/BackofficeSubcategoryOrderUpdateRequest";
|
|
|
70
71
|
export * from "./dtos/BackofficeSubcategoryOrdersResponse";
|
|
71
72
|
//Admin leaves iteration-3 (v3.37.0): ordering por país + bulk reorder (drag-and-drop)
|
|
72
73
|
export * from "./dtos/BackofficeSubcategoryReorderRequest";
|
|
74
|
+
//Admin leaves iteration-4 (v3.39.0): assets (logo + help-image), product enable/disable, input label overrides
|
|
75
|
+
export * from "./dtos/LeafAssetUploadUrlRequest";
|
|
76
|
+
export * from "./dtos/LeafAssetUploadUrlResponse";
|
|
77
|
+
export * from "./dtos/BackofficeSubcategoryLogoUpdateRequest";
|
|
78
|
+
export * from "./dtos/BackofficeLeafHelpImageUpdateRequest";
|
|
79
|
+
export * from "./dtos/BackofficeProductHelpImageUpdateRequest";
|
|
80
|
+
export * from "./dtos/BackofficeProductEnabledUpdateRequest";
|
|
81
|
+
export * from "./dtos/BackofficeInputLabelsUpdateRequest";
|
|
73
82
|
//Banner assets upload (presigned PUT)
|
|
74
83
|
export * from "./dtos/BannerUploadUrlRequest";
|
|
75
84
|
export * from "./dtos/BannerUploadUrlResponse";
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsArray, IsBoolean, IsNumber, IsOptional, IsString } from 'class-validator';
|
|
3
|
+
|
|
4
|
+
/**
|
|
5
|
+
* Config del único App Client del pool nuevo creado por POST /pools.
|
|
6
|
+
*
|
|
7
|
+
* NO expone `generateSecret` — el connector hardcodea `GenerateSecret: false`
|
|
8
|
+
* en el SDK call (BFF pattern: rbac llama al connector server-to-server vía
|
|
9
|
+
* api-invoker en VPC, sin SPA-to-Cognito directo que requiera client secret).
|
|
10
|
+
* Decisión arquitectónica A21 del connector. Si aparece consumer B2B/M2M con
|
|
11
|
+
* flow `client_credentials`, evaluar con líder + bump major del connector.
|
|
12
|
+
*/
|
|
13
|
+
export class AppClientConfig {
|
|
14
|
+
@Expose() @IsOptional() @IsString() clientName?: string;
|
|
15
|
+
@Expose() @IsArray() @IsString({ each: true }) explicitAuthFlows!: string[];
|
|
16
|
+
@Expose() @IsOptional() @IsString() tokenValidityUnits?: string;
|
|
17
|
+
@Expose() @IsOptional() @IsNumber() accessTokenValidity?: number;
|
|
18
|
+
@Expose() @IsOptional() @IsNumber() idTokenValidity?: number;
|
|
19
|
+
@Expose() @IsOptional() @IsNumber() refreshTokenValidity?: number;
|
|
20
|
+
@Expose() @IsOptional() @IsBoolean() preventUserExistenceErrors?: boolean;
|
|
21
|
+
@Expose() @IsOptional() @IsBoolean() enableTokenRevocation?: boolean;
|
|
22
|
+
}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsInt, IsNotEmpty, IsOptional, IsString, Max, Min } from 'class-validator';
|
|
3
|
+
|
|
4
|
+
export class AuthEventsRequest {
|
|
5
|
+
@Expose() @IsString() @IsNotEmpty() userPoolId!: string;
|
|
6
|
+
@Expose() @IsString() @IsNotEmpty() region!: string;
|
|
7
|
+
@Expose() @IsOptional() @IsInt() @Min(1) @Max(60) maxResults?: number;
|
|
8
|
+
}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Tokens devueltos por Cognito tras un login exitoso o un refresh. Shared
|
|
3
|
+
* entre `InitiateAuthResponse`, `RespondToChallengeResponse` y
|
|
4
|
+
* `RefreshTokensResponse`.
|
|
5
|
+
*/
|
|
6
|
+
export class AuthTokensResponse {
|
|
7
|
+
accessToken!: string;
|
|
8
|
+
idToken!: string;
|
|
9
|
+
refreshToken!: string;
|
|
10
|
+
expiresIn!: number;
|
|
11
|
+
tokenType!: string;
|
|
12
|
+
}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsNotEmpty, IsString } from 'class-validator';
|
|
3
|
+
|
|
4
|
+
export class ChangePasswordRequest {
|
|
5
|
+
@Expose() @IsString() @IsNotEmpty() region!: string;
|
|
6
|
+
@Expose() @IsString() @IsNotEmpty() accessToken!: string;
|
|
7
|
+
@Expose() @IsString() @IsNotEmpty() previousPassword!: string;
|
|
8
|
+
@Expose() @IsString() @IsNotEmpty() proposedPassword!: string;
|
|
9
|
+
}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsNotEmpty, IsString } from 'class-validator';
|
|
3
|
+
|
|
4
|
+
export class ConfirmForgotPasswordRequest {
|
|
5
|
+
@Expose() @IsString() @IsNotEmpty() userPoolId!: string;
|
|
6
|
+
@Expose() @IsString() @IsNotEmpty() region!: string;
|
|
7
|
+
@Expose() @IsString() @IsNotEmpty() clientId!: string;
|
|
8
|
+
@Expose() @IsString() @IsNotEmpty() username!: string;
|
|
9
|
+
@Expose() @IsString() @IsNotEmpty() confirmationCode!: string;
|
|
10
|
+
@Expose() @IsString() @IsNotEmpty() newPassword!: string;
|
|
11
|
+
}
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
import { Expose, Type } from 'class-transformer';
|
|
2
|
+
import { IsArray, IsString, ValidateNested } from 'class-validator';
|
|
3
|
+
import { MfaPoolConfig } from './MfaPoolConfig';
|
|
4
|
+
import { PasswordPolicyConfig } from './PasswordPolicyConfig';
|
|
5
|
+
import { CustomAttributeSpec } from './CustomAttributeSpec';
|
|
6
|
+
import { AppClientConfig } from './AppClientConfig';
|
|
7
|
+
|
|
8
|
+
/**
|
|
9
|
+
* Request del endpoint POST /pools (pivote v1.4.1 stateless).
|
|
10
|
+
* Consumido por la saga `TenantOnboardingManager` del `platform-rbac-business`
|
|
11
|
+
* (Flujo 2 v1.2, PASO 4 de la saga). El connector ejecuta CreateUserPool +
|
|
12
|
+
* CreateUserPoolClient en secuencia. Si CreateUserPoolClient falla DESPUÉS de
|
|
13
|
+
* CreateUserPool exitoso, el connector hace DeleteUserPool de cleanup.
|
|
14
|
+
*/
|
|
15
|
+
export class CreatePoolRequest {
|
|
16
|
+
@Expose() @IsString() region!: string;
|
|
17
|
+
@Expose() @IsString() displayName!: string;
|
|
18
|
+
|
|
19
|
+
@Expose() @ValidateNested() @Type(() => MfaPoolConfig)
|
|
20
|
+
mfaConfig!: MfaPoolConfig;
|
|
21
|
+
|
|
22
|
+
@Expose() @ValidateNested() @Type(() => PasswordPolicyConfig)
|
|
23
|
+
passwordPolicy!: PasswordPolicyConfig;
|
|
24
|
+
|
|
25
|
+
@Expose() @IsArray() @ValidateNested({ each: true }) @Type(() => CustomAttributeSpec)
|
|
26
|
+
customAttributes!: CustomAttributeSpec[];
|
|
27
|
+
|
|
28
|
+
@Expose() @ValidateNested() @Type(() => AppClientConfig)
|
|
29
|
+
appClientConfig!: AppClientConfig;
|
|
30
|
+
}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Response del endpoint POST /pools (pivote v1.4.1 stateless).
|
|
3
|
+
*
|
|
4
|
+
* NO expone `clientSecret` — el SDK Cognito no lo devuelve cuando
|
|
5
|
+
* `GenerateSecret: false` (BFF pattern A21). Si aparece consumer B2B/M2M
|
|
6
|
+
* que requiera client secret, evaluar con líder + bump major del connector.
|
|
7
|
+
*/
|
|
8
|
+
export class CreatePoolResponse {
|
|
9
|
+
userPoolId!: string;
|
|
10
|
+
userPoolArn!: string;
|
|
11
|
+
appClientId!: string;
|
|
12
|
+
region!: string;
|
|
13
|
+
}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsBoolean, IsEmail, IsNotEmpty, IsOptional, IsString, IsUUID } from 'class-validator';
|
|
3
|
+
|
|
4
|
+
export class CreateUserRequest {
|
|
5
|
+
@Expose() @IsString() @IsNotEmpty() userPoolId!: string;
|
|
6
|
+
@Expose() @IsString() @IsNotEmpty() region!: string;
|
|
7
|
+
@Expose() @IsEmail() email!: string;
|
|
8
|
+
@Expose() @IsOptional() @IsString() displayName?: string;
|
|
9
|
+
@Expose() @IsUUID() tenantId!: string;
|
|
10
|
+
@Expose() @IsOptional() @IsString() temporaryPassword?: string;
|
|
11
|
+
@Expose() @IsOptional() @IsBoolean() suppressInvitationEmail?: boolean;
|
|
12
|
+
}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { CognitoUserStatus } from '../enums/CognitoUserStatus';
|
|
2
|
+
|
|
3
|
+
export class CreateUserResponse {
|
|
4
|
+
cognitoSub!: string;
|
|
5
|
+
email!: string;
|
|
6
|
+
emailVerified!: boolean;
|
|
7
|
+
status!: CognitoUserStatus;
|
|
8
|
+
enabled!: boolean;
|
|
9
|
+
temporaryPassword?: string;
|
|
10
|
+
createdAt!: number;
|
|
11
|
+
}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsBoolean, IsIn, IsString } from 'class-validator';
|
|
3
|
+
|
|
4
|
+
const ALLOWED_ATTR_TYPES = ['String', 'Number', 'Boolean', 'DateTime'] as const;
|
|
5
|
+
export type AllowedAttrType = (typeof ALLOWED_ATTR_TYPES)[number];
|
|
6
|
+
|
|
7
|
+
export class CustomAttributeSpec {
|
|
8
|
+
@Expose() @IsString() name!: string;
|
|
9
|
+
@Expose() @IsIn(ALLOWED_ATTR_TYPES) type!: AllowedAttrType;
|
|
10
|
+
@Expose() @IsBoolean() mutable!: boolean;
|
|
11
|
+
@Expose() @IsBoolean() required!: boolean;
|
|
12
|
+
}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsString } from 'class-validator';
|
|
3
|
+
|
|
4
|
+
/**
|
|
5
|
+
* Request del endpoint DELETE /pools/:userPoolId?region=X (pivote v1.4.1 stateless).
|
|
6
|
+
* Consumido por compensation chain de la saga `TenantOnboardingManager` del
|
|
7
|
+
* `platform-rbac-business` cuando falla el paso 5 (CreateUser) o paso 6
|
|
8
|
+
* (TransactWriteItems) — ver Flujo 2 v1.2 del rbac.
|
|
9
|
+
*
|
|
10
|
+
* Requiere pool VACÍO (sin users). Si tiene users, AWS rechaza con
|
|
11
|
+
* ResourceInUseException → CognitoPoolNotEmptyError 409.
|
|
12
|
+
*/
|
|
13
|
+
export class DeletePoolRequest {
|
|
14
|
+
@Expose() @IsString() userPoolId!: string;
|
|
15
|
+
@Expose() @IsString() region!: string;
|
|
16
|
+
}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsNotEmpty, IsString } from 'class-validator';
|
|
3
|
+
|
|
4
|
+
export class ForgotPasswordRequest {
|
|
5
|
+
@Expose() @IsString() @IsNotEmpty() userPoolId!: string;
|
|
6
|
+
@Expose() @IsString() @IsNotEmpty() region!: string;
|
|
7
|
+
@Expose() @IsString() @IsNotEmpty() clientId!: string;
|
|
8
|
+
@Expose() @IsString() @IsNotEmpty() username!: string;
|
|
9
|
+
}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Decisión D4: contrato literal del healthcheck.
|
|
3
|
+
* - `service`: nombre del lambda.
|
|
4
|
+
* - `status`: literal `'OK'` (cualquier desviación de health = 5xx, no
|
|
5
|
+
* status diferente).
|
|
6
|
+
* - `timestamp`: ISO 8601.
|
|
7
|
+
*/
|
|
8
|
+
export class HealthcheckResponse {
|
|
9
|
+
service!: string;
|
|
10
|
+
status!: 'OK';
|
|
11
|
+
timestamp!: string;
|
|
12
|
+
}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsNotEmpty, IsString } from 'class-validator';
|
|
3
|
+
|
|
4
|
+
export class InitiateAuthRequest {
|
|
5
|
+
@Expose() @IsString() @IsNotEmpty() userPoolId!: string;
|
|
6
|
+
@Expose() @IsString() @IsNotEmpty() region!: string;
|
|
7
|
+
@Expose() @IsString() @IsNotEmpty() clientId!: string;
|
|
8
|
+
@Expose() @IsString() @IsNotEmpty() authFlow!: string;
|
|
9
|
+
@Expose() @IsString() @IsNotEmpty() username!: string;
|
|
10
|
+
@Expose() @IsString() @IsNotEmpty() password!: string;
|
|
11
|
+
}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
import { CognitoChallengeType } from '../enums/CognitoChallengeType';
|
|
2
|
+
import { AuthTokensResponse } from './AuthTokensResponse';
|
|
3
|
+
|
|
4
|
+
/**
|
|
5
|
+
* Respuesta del inicio de auth. Si el usuario completó el flow sin challenge,
|
|
6
|
+
* `tokens` viene poblado. Si Cognito devolvió challenge, `challengeType` y
|
|
7
|
+
* `session` vienen poblados.
|
|
8
|
+
*
|
|
9
|
+
* D6: `challengeParameters` es passthrough raw del SDK — el caller decide qué
|
|
10
|
+
* hacer con los valores (ej. el BFF lo usa para renderizar el form de MFA).
|
|
11
|
+
*/
|
|
12
|
+
export class InitiateAuthResponse {
|
|
13
|
+
tokens?: AuthTokensResponse;
|
|
14
|
+
challengeType?: CognitoChallengeType;
|
|
15
|
+
session?: string;
|
|
16
|
+
challengeParameters?: Record<string, string>;
|
|
17
|
+
}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsArray, IsBoolean, IsIn, Validate } from 'class-validator';
|
|
3
|
+
import { MfaTypesRequiresOne } from '../validators/MfaTypesRequiresOne';
|
|
4
|
+
|
|
5
|
+
const ALLOWED_MFA_TYPES = ['SOFTWARE_TOKEN_MFA', 'EMAIL_OTP'] as const;
|
|
6
|
+
export type AllowedMfaType = (typeof ALLOWED_MFA_TYPES)[number];
|
|
7
|
+
|
|
8
|
+
export class MfaPoolConfig {
|
|
9
|
+
@Expose() @IsBoolean() requireMfa!: boolean;
|
|
10
|
+
|
|
11
|
+
@Expose()
|
|
12
|
+
@IsArray()
|
|
13
|
+
@IsIn(ALLOWED_MFA_TYPES, { each: true })
|
|
14
|
+
@Validate(MfaTypesRequiresOne)
|
|
15
|
+
mfaTypes!: AllowedMfaType[];
|
|
16
|
+
}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsBoolean, IsNumber, Max, Min } from 'class-validator';
|
|
3
|
+
|
|
4
|
+
export class PasswordPolicyConfig {
|
|
5
|
+
@Expose() @IsNumber() @Min(6) @Max(99) minLength!: number;
|
|
6
|
+
@Expose() @IsBoolean() requireUppercase!: boolean;
|
|
7
|
+
@Expose() @IsBoolean() requireLowercase!: boolean;
|
|
8
|
+
@Expose() @IsBoolean() requireNumbers!: boolean;
|
|
9
|
+
@Expose() @IsBoolean() requireSymbols!: boolean;
|
|
10
|
+
@Expose() @IsNumber() @Min(1) @Max(365) temporaryPasswordValidityDays!: number;
|
|
11
|
+
}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsNotEmpty, IsString } from 'class-validator';
|
|
3
|
+
|
|
4
|
+
export class RefreshTokensRequest {
|
|
5
|
+
@Expose() @IsString() @IsNotEmpty() userPoolId!: string;
|
|
6
|
+
@Expose() @IsString() @IsNotEmpty() region!: string;
|
|
7
|
+
@Expose() @IsString() @IsNotEmpty() clientId!: string;
|
|
8
|
+
@Expose() @IsString() @IsNotEmpty() refreshToken!: string;
|
|
9
|
+
}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsNotEmpty, IsString } from 'class-validator';
|
|
3
|
+
|
|
4
|
+
export class ResendConfirmationRequest {
|
|
5
|
+
@Expose() @IsString() @IsNotEmpty() userPoolId!: string;
|
|
6
|
+
@Expose() @IsString() @IsNotEmpty() region!: string;
|
|
7
|
+
@Expose() @IsString() @IsNotEmpty() clientId!: string;
|
|
8
|
+
@Expose() @IsString() @IsNotEmpty() username!: string;
|
|
9
|
+
}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsEnum, IsNotEmpty, IsObject, IsString } from 'class-validator';
|
|
3
|
+
import { CognitoChallengeType } from '../enums/CognitoChallengeType';
|
|
4
|
+
|
|
5
|
+
export class RespondToChallengeRequest {
|
|
6
|
+
@Expose() @IsString() @IsNotEmpty() userPoolId!: string;
|
|
7
|
+
@Expose() @IsString() @IsNotEmpty() region!: string;
|
|
8
|
+
@Expose() @IsString() @IsNotEmpty() clientId!: string;
|
|
9
|
+
@Expose() @IsEnum(CognitoChallengeType) challengeName!: CognitoChallengeType;
|
|
10
|
+
@Expose() @IsString() @IsNotEmpty() session!: string;
|
|
11
|
+
@Expose() @IsObject() challengeResponses!: Record<string, string>;
|
|
12
|
+
}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import { CognitoChallengeType } from '../enums/CognitoChallengeType';
|
|
2
|
+
import { AuthTokensResponse } from './AuthTokensResponse';
|
|
3
|
+
|
|
4
|
+
/**
|
|
5
|
+
* SC3: clase PROPIA con shape espejo de `InitiateAuthResponse` (NO alias) para
|
|
6
|
+
* desacoplar la evolución del endpoint `respond-to-challenge` del endpoint
|
|
7
|
+
* `initiate-auth`. Ambos pueden cambiar shape independiente.
|
|
8
|
+
*/
|
|
9
|
+
export class RespondToChallengeResponse {
|
|
10
|
+
tokens?: AuthTokensResponse;
|
|
11
|
+
challengeType?: CognitoChallengeType;
|
|
12
|
+
session?: string;
|
|
13
|
+
challengeParameters?: Record<string, string>;
|
|
14
|
+
}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsBoolean, IsIn, IsNotEmpty, IsOptional, IsString } from 'class-validator';
|
|
3
|
+
|
|
4
|
+
export class SetMfaPreferenceRequest {
|
|
5
|
+
@Expose() @IsString() @IsNotEmpty() userPoolId!: string;
|
|
6
|
+
@Expose() @IsString() @IsNotEmpty() region!: string;
|
|
7
|
+
@Expose() @IsString() @IsNotEmpty() cognitoSub!: string;
|
|
8
|
+
@Expose() @IsBoolean() softwareTokenEnabled!: boolean;
|
|
9
|
+
@Expose() @IsBoolean() emailEnabled!: boolean;
|
|
10
|
+
@Expose() @IsOptional() @IsIn(['TOTP', 'EMAIL'])
|
|
11
|
+
preferredMethod?: 'TOTP' | 'EMAIL';
|
|
12
|
+
}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsNotEmpty, IsString } from 'class-validator';
|
|
3
|
+
|
|
4
|
+
export class TotpBeginRequest {
|
|
5
|
+
@Expose() @IsString() @IsNotEmpty() userPoolId!: string;
|
|
6
|
+
@Expose() @IsString() @IsNotEmpty() region!: string;
|
|
7
|
+
@Expose() @IsString() @IsNotEmpty() accessToken!: string;
|
|
8
|
+
}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsNotEmpty, IsOptional, IsString } from 'class-validator';
|
|
3
|
+
|
|
4
|
+
export class TotpVerifyRequest {
|
|
5
|
+
@Expose() @IsString() @IsNotEmpty() region!: string;
|
|
6
|
+
@Expose() @IsString() @IsNotEmpty() accessToken!: string;
|
|
7
|
+
@Expose() @IsString() @IsNotEmpty() userCode!: string;
|
|
8
|
+
@Expose() @IsOptional() @IsString() friendlyDeviceName?: string;
|
|
9
|
+
}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsEmail, IsNotEmpty, IsString } from 'class-validator';
|
|
3
|
+
|
|
4
|
+
export class UpdateEmailRequest {
|
|
5
|
+
@Expose() @IsString() @IsNotEmpty() region!: string;
|
|
6
|
+
@Expose() @IsString() @IsNotEmpty() accessToken!: string;
|
|
7
|
+
@Expose() @IsEmail() newEmail!: string;
|
|
8
|
+
}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsNotEmpty, IsOptional, IsString } from 'class-validator';
|
|
3
|
+
|
|
4
|
+
/**
|
|
5
|
+
* D3 ajuste 2: self-service profile update NO permite tocar `customAttributes`
|
|
6
|
+
* — eso es exclusivo del path admin (`UpdateUserAttributesRequest` con
|
|
7
|
+
* `NoTenantIdInCustomAttrs`). El self-service solo modifica campos personales
|
|
8
|
+
* benignos.
|
|
9
|
+
*/
|
|
10
|
+
export class UpdateProfileRequest {
|
|
11
|
+
@Expose() @IsString() @IsNotEmpty() region!: string;
|
|
12
|
+
@Expose() @IsString() @IsNotEmpty() accessToken!: string;
|
|
13
|
+
@Expose() @IsOptional() @IsString() displayName?: string;
|
|
14
|
+
@Expose() @IsOptional() @IsString() phoneNumber?: string;
|
|
15
|
+
}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsNotEmpty, IsObject, IsOptional, IsString, Validate } from 'class-validator';
|
|
3
|
+
import { NoTenantIdInCustomAttrs } from '../validators/NoTenantIdInCustomAttrs';
|
|
4
|
+
|
|
5
|
+
export class UpdateUserAttributesRequest {
|
|
6
|
+
@Expose() @IsString() @IsNotEmpty() userPoolId!: string;
|
|
7
|
+
@Expose() @IsString() @IsNotEmpty() region!: string;
|
|
8
|
+
@Expose() @IsOptional() @IsString() displayName?: string;
|
|
9
|
+
@Expose() @IsOptional() @IsString() phoneNumber?: string;
|
|
10
|
+
@Expose() @IsOptional() @IsObject() @Validate(NoTenantIdInCustomAttrs)
|
|
11
|
+
customAttributes?: Record<string, string>;
|
|
12
|
+
}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsNotEmpty, IsString } from 'class-validator';
|
|
3
|
+
|
|
4
|
+
/**
|
|
5
|
+
* Request shared para acciones admin que solo requieren identificar el pool
|
|
6
|
+
* (el `cognitoSub` viaja por path param del endpoint): disable, enable,
|
|
7
|
+
* global sign-out, password reset.
|
|
8
|
+
*/
|
|
9
|
+
export class UserActionRequest {
|
|
10
|
+
@Expose() @IsString() @IsNotEmpty() userPoolId!: string;
|
|
11
|
+
@Expose() @IsString() @IsNotEmpty() region!: string;
|
|
12
|
+
}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import { CognitoUserStatus } from '../enums/CognitoUserStatus';
|
|
2
|
+
|
|
3
|
+
export class UserDetailResponse {
|
|
4
|
+
cognitoSub!: string;
|
|
5
|
+
email!: string;
|
|
6
|
+
emailVerified!: boolean;
|
|
7
|
+
status!: CognitoUserStatus;
|
|
8
|
+
enabled!: boolean;
|
|
9
|
+
displayName?: string;
|
|
10
|
+
phoneNumber?: string;
|
|
11
|
+
customAttributes?: Record<string, string>;
|
|
12
|
+
createdAt!: number;
|
|
13
|
+
lastModifiedAt!: number;
|
|
14
|
+
}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import { Expose } from 'class-transformer';
|
|
2
|
+
import { IsNotEmpty, IsString } from 'class-validator';
|
|
3
|
+
|
|
4
|
+
export class VerifyEmailRequest {
|
|
5
|
+
@Expose() @IsString() @IsNotEmpty() region!: string;
|
|
6
|
+
@Expose() @IsString() @IsNotEmpty() accessToken!: string;
|
|
7
|
+
@Expose() @IsString() @IsNotEmpty() confirmationCode!: string;
|
|
8
|
+
}
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Tipos de Cognito Challenge que el `cognito-backoffice-connector` propaga al
|
|
3
|
+
* caller (típicamente el BFF M18). Son los 4 valores canónicos del proyecto.
|
|
4
|
+
*
|
|
5
|
+
* Decisión A17 (MFA exclusivo): el proyecto soporta exclusivamente TOTP +
|
|
6
|
+
* Email OTP. Cualquier otro challenge que devuelva el SDK
|
|
7
|
+
* (`SELECT_MFA_TYPE`, `SMS_MFA`, `DEVICE_SRP_AUTH`, `DEVICE_PASSWORD_VERIFIER`,
|
|
8
|
+
* `CUSTOM_CHALLENGE`, `ADMIN_NO_SRP_AUTH`, etc.) NO se propaga como
|
|
9
|
+
* `challengeType` — se mapea a `CognitoUnexpectedError` con HTTP 502 en el
|
|
10
|
+
* service correspondiente.
|
|
11
|
+
*
|
|
12
|
+
* - `NEW_PASSWORD_REQUIRED` — el usuario fue creado con temp password y debe
|
|
13
|
+
* setear una definitiva en el primer login.
|
|
14
|
+
* - `MFA_SETUP` — el usuario debe enrolarse en MFA (TOTP o Email) antes de
|
|
15
|
+
* obtener tokens.
|
|
16
|
+
* - `SOFTWARE_TOKEN_MFA` — el usuario tiene TOTP enrolado y debe enviar el
|
|
17
|
+
* código del authenticator.
|
|
18
|
+
* - `EMAIL_OTP` — el usuario tiene Email MFA habilitado y debe enviar el OTP
|
|
19
|
+
* enviado al email.
|
|
20
|
+
*/
|
|
21
|
+
export enum CognitoChallengeType {
|
|
22
|
+
NEW_PASSWORD_REQUIRED = 'NEW_PASSWORD_REQUIRED',
|
|
23
|
+
MFA_SETUP = 'MFA_SETUP',
|
|
24
|
+
SOFTWARE_TOKEN_MFA = 'SOFTWARE_TOKEN_MFA',
|
|
25
|
+
EMAIL_OTP = 'EMAIL_OTP',
|
|
26
|
+
}
|