npm - @justworkflowit/cdk-constructs - Versions diffs - 0.0.40 → 0.0.42 - Mend

@justworkflowit/cdk-constructs 0.0.40 → 0.0.42

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/constructs/justWorkflowItConstructs.js +0 -1
package/dist/lambda/definitionDeployerLambda.js +6721 -1643
package/dist/lambda/justWorkflowItApiClient.d.ts +4 -0
package/dist/lambda/justWorkflowItApiClient.js +28 -2
package/package.json +1 -1

package/dist/lambda/justWorkflowItApiClient.d.ts CHANGED Viewed

@@ -1,4 +1,8 @@
 import { JustWorkflowIt } from '@justworkflowit/api-client';
 import { AssertiveClient } from '@smithy/types';
+/**
+ * Fetch a secret value by its name from AWS Secrets Manager.
+ */
+export declare const getSecretValueByName: (secretName: string) => Promise<string | undefined>;
 export declare const getErrorMessage: (err: unknown) => string;
 export declare const getApiClient: () => AssertiveClient<JustWorkflowIt>;

package/dist/lambda/justWorkflowItApiClient.js CHANGED Viewed

@@ -1,12 +1,38 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getApiClient = exports.getErrorMessage = void 0;
+exports.getApiClient = exports.getErrorMessage = exports.getSecretValueByName = void 0;
 /* eslint-disable @typescript-eslint/no-explicit-any */
 const api_client_1 = require("@justworkflowit/api-client");
 const justWorkflowItApiExceptions_1 = require("./justWorkflowItApiExceptions");
+const client_secrets_manager_1 = require("@aws-sdk/client-secrets-manager");
 const endpoint = process.env.API_BASE_URL;
+// Helper to cache the client (no repeated instantiation)
+let secretsManager;
+const getSecretsManager = () => {
+    if (!secretsManager) {
+        secretsManager = new client_secrets_manager_1.SecretsManagerClient({});
+    }
+    return secretsManager;
+};
+/**
+ * Fetch a secret value by its name from AWS Secrets Manager.
+ */
+const getSecretValueByName = async (secretName) => {
+    const client = getSecretsManager();
+    const cmd = new client_secrets_manager_1.GetSecretValueCommand({ SecretId: secretName });
+    const resp = await client.send(cmd);
+    return resp.SecretString;
+};
+exports.getSecretValueByName = getSecretValueByName;
+// Swap getAccessToken to use getSecretValueByName
 const getAccessToken = async () => {
-    return process.env.AUTH_SECRET_NAME;
+    const secretName = process.env.AUTH_SECRET_NAME;
+    if (!secretName)
+        throw new Error("AUTH_SECRET_NAME env var not set");
+    const secret = await (0, exports.getSecretValueByName)(secretName);
+    if (!secret)
+        throw new Error("Could not fetch access token secret");
+    return secret;
 };
 const cognitoIdentityProviderFactory = (_config) => {
     const identityProvider = async (_props) => {

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@justworkflowit/cdk-constructs",
   "description": "",
-  "version": "0.0.40",
+  "version": "0.0.42",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "publishConfig": {