@openhi/constructs 0.0.0

package/lib/components/auth.d.ts

@@ -0,0 +1,75 @@
+import { IUserPool, IUserPoolClient, IUserPoolDomain, UserPoolProps } from "aws-cdk-lib/aws-cognito";
+import { IKey } from "aws-cdk-lib/aws-kms";
+import { Construct } from "constructs";
+export interface AuthProps {
+    /**
+     * Optional props for creating the user pool.
+     */
+    readonly userPoolProps?: UserPoolProps;
+}
+/**
+ * Auth construct that manages Cognito authentication resources.
+ *
+ * @remarks
+ * The Auth construct provides authentication infrastructure including:
+ * - Cognito User Pool for user management and authentication
+ * - User Pool Client for application integration
+ * - User Pool Domain for hosting the Cognito hosted UI
+ * - KMS Key for Cognito User Pool encryption
+ *
+ * When created in the Auth service (`serviceType === OPEN_HI_SERVICE_TYPE.AUTH`),
+ * it creates concrete resources. Otherwise, it imports existing resources
+ * from SSM Parameter Store.
+ *
+ * Use {@link Auth.fromConstruct} to obtain an Auth instance (with resources
+ * imported from AUTH SSM parameters) when not in the Auth service, e.g. from
+ * the Core construct.
+ *
+ * @public
+ */
+export declare class Auth extends Construct {
+    /**
+     * Returns an Auth instance that uses resources imported from AUTH SSM
+     * parameters. Use this when creating Core or other stacks that consume
+     * auth resources; the Auth stack must be deployed first.
+     *
+     * @param scope - Construct scope (e.g. Core); must be in a stack that has
+     *   access to the same account/region as the deployed Auth stack.
+     */
+    static fromConstruct(scope: Construct): Auth;
+    /**
+     * Is this construct being created in the auth service or elsewhere?
+     */
+    readonly isAuthService: boolean;
+    /**
+     * KMS Key used to encrypt the Cognito User Pool. We need a custom key so that
+     * we can decrypt tokens when sending emails using something other than SES.
+     */
+    readonly userPoolKmsKey: IKey;
+    /**
+     * Cognito User Pool for user management and authentication.
+     */
+    readonly userPool: IUserPool;
+    /**
+     * Cognito User Pool Client for application integration with the User Pool.
+     */
+    readonly userPoolClient: IUserPoolClient;
+    /**
+     * Cognito User Pool Domain for hosting the Cognito hosted UI.
+     */
+    readonly userPoolDomain: IUserPoolDomain;
+    constructor(scope: Construct, props?: AuthProps);
+    /*****************************************************************************
+     *
+     * Auth Support
+     *
+     ****************************************************************************/
+    protected createUserPoolKmsKey(): IKey;
+    protected createUserPool(props?: UserPoolProps): IUserPool;
+    protected createUserPoolClient(props: {
+        userPool: IUserPool;
+    }): IUserPoolClient;
+    protected createUserPoolDomain(props: {
+        userPool: IUserPool;
+    }): IUserPoolDomain;
+}

package/lib/components/auth.js

@@ -0,0 +1,100 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Auth = void 0;
+const constructs_1 = require("constructs");
+const open_hi_service_1 = require("../app/open-hi-service");
+const core_user_pool_1 = require("./cognito/core-user-pool");
+const core_user_pool_client_1 = require("./cognito/core-user-pool-client");
+const core_user_pool_domain_1 = require("./cognito/core-user-pool-domain");
+const core_user_pool_kms_key_1 = require("./cognito/core-user-pool-kms-key");
+/**
+ * Auth construct that manages Cognito authentication resources.
+ *
+ * @remarks
+ * The Auth construct provides authentication infrastructure including:
+ * - Cognito User Pool for user management and authentication
+ * - User Pool Client for application integration
+ * - User Pool Domain for hosting the Cognito hosted UI
+ * - KMS Key for Cognito User Pool encryption
+ *
+ * When created in the Auth service (`serviceType === OPEN_HI_SERVICE_TYPE.AUTH`),
+ * it creates concrete resources. Otherwise, it imports existing resources
+ * from SSM Parameter Store.
+ *
+ * Use {@link Auth.fromConstruct} to obtain an Auth instance (with resources
+ * imported from AUTH SSM parameters) when not in the Auth service, e.g. from
+ * the Core construct.
+ *
+ * @public
+ */
+class Auth extends constructs_1.Construct {
+    /**
+     * Returns an Auth instance that uses resources imported from AUTH SSM
+     * parameters. Use this when creating Core or other stacks that consume
+     * auth resources; the Auth stack must be deployed first.
+     *
+     * @param scope - Construct scope (e.g. Core); must be in a stack that has
+     *   access to the same account/region as the deployed Auth stack.
+     */
+    static fromConstruct(scope) {
+        return new Auth(scope, {});
+    }
+    constructor(scope, props = {}) {
+        super(scope, "auth");
+        /**
+         * Reference to parent stack this belongs to.
+         */
+        const service = open_hi_service_1.OpenHiService.of(this);
+        /**
+         * Determine if we are in the auth service or not.
+         */
+        this.isAuthService = service.serviceType === open_hi_service_1.OPEN_HI_SERVICE_TYPE.AUTH;
+        /**
+         * Auth Support
+         */
+        this.userPoolKmsKey = this.createUserPoolKmsKey();
+        this.userPool = this.createUserPool({
+            ...props.userPoolProps,
+            customSenderKmsKey: this.userPoolKmsKey,
+        });
+        this.userPoolClient = this.createUserPoolClient({
+            userPool: this.userPool,
+        });
+        this.userPoolDomain = this.createUserPoolDomain({
+            userPool: this.userPool,
+        });
+    }
+    /*****************************************************************************
+     *
+     * Auth Support
+     *
+     ****************************************************************************/
+    createUserPoolKmsKey() {
+        return this.isAuthService
+            ? new core_user_pool_kms_key_1.CoreUserPoolKmsKey(this)
+            : core_user_pool_kms_key_1.CoreUserPoolKmsKey.fromConstruct(this);
+    }
+    createUserPool(props) {
+        return this.isAuthService
+            ? new core_user_pool_1.CoreUserPool(this, props)
+            : core_user_pool_1.CoreUserPool.fromConstruct(this);
+    }
+    createUserPoolClient(props) {
+        return this.isAuthService
+            ? new core_user_pool_client_1.CoreUserPoolClient(this, { userPool: props.userPool })
+            : core_user_pool_client_1.CoreUserPoolClient.fromConstruct(this);
+    }
+    createUserPoolDomain(props) {
+        const service = open_hi_service_1.OpenHiService.of(this);
+        return this.isAuthService
+            ? new core_user_pool_domain_1.CoreUserPoolDomain(this, {
+                userPool: props.userPool,
+                cognitoDomain: {
+                    domainPrefix: `auth-${service.branchHash}`,
+                },
+            })
+            : core_user_pool_domain_1.CoreUserPoolDomain.fromConstruct(this);
+    }
+}
+exports.Auth = Auth;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXV0aC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9jb21wb25lbnRzL2F1dGgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBT0EsMkNBQXVDO0FBQ3ZDLDREQUE2RTtBQUM3RSw2REFBd0Q7QUFDeEQsMkVBQXFFO0FBQ3JFLDJFQUFxRTtBQUNyRSw2RUFBc0U7QUFTdEU7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7R0FtQkc7QUFDSCxNQUFhLElBQUssU0FBUSxzQkFBUztJQUNqQzs7Ozs7OztPQU9HO0lBQ0ksTUFBTSxDQUFDLGFBQWEsQ0FBQyxLQUFnQjtRQUMxQyxPQUFPLElBQUksSUFBSSxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztJQUM3QixDQUFDO0lBNEJELFlBQVksS0FBZ0IsRUFBRSxRQUFtQixFQUFFO1FBQ2pELEtBQUssQ0FBQyxLQUFLLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFFckI7O1dBRUc7UUFDSCxNQUFNLE9BQU8sR0FBRywrQkFBYSxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQWtCLENBQUM7UUFFeEQ7O1dBRUc7UUFDSCxJQUFJLENBQUMsYUFBYSxHQUFHLE9BQU8sQ0FBQyxXQUFXLEtBQUssc0NBQW9CLENBQUMsSUFBSSxDQUFDO1FBRXZFOztXQUVHO1FBQ0gsSUFBSSxDQUFDLGNBQWMsR0FBRyxJQUFJLENBQUMsb0JBQW9CLEVBQUUsQ0FBQztRQUNsRCxJQUFJLENBQUMsUUFBUSxHQUFHLElBQUksQ0FBQyxjQUFjLENBQUM7WUFDbEMsR0FBRyxLQUFLLENBQUMsYUFBYTtZQUN0QixrQkFBa0IsRUFBRSxJQUFJLENBQUMsY0FBYztTQUN4QyxDQUFDLENBQUM7UUFDSCxJQUFJLENBQUMsY0FBYyxHQUFHLElBQUksQ0FBQyxvQkFBb0IsQ0FBQztZQUM5QyxRQUFRLEVBQUUsSUFBSSxDQUFDLFFBQVE7U0FDeEIsQ0FBQyxDQUFDO1FBQ0gsSUFBSSxDQUFDLGNBQWMsR0FBRyxJQUFJLENBQUMsb0JBQW9CLENBQUM7WUFDOUMsUUFBUSxFQUFFLElBQUksQ0FBQyxRQUFRO1NBQ3hCLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRDs7OztrRkFJOEU7SUFFcEUsb0JBQW9CO1FBQzVCLE9BQU8sSUFBSSxDQUFDLGFBQWE7WUFDdkIsQ0FBQyxDQUFDLElBQUksMkNBQWtCLENBQUMsSUFBSSxDQUFDO1lBQzlCLENBQUMsQ0FBQywyQ0FBa0IsQ0FBQyxhQUFhLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDN0MsQ0FBQztJQUVTLGNBQWMsQ0FBQyxLQUFxQjtRQUM1QyxPQUFPLElBQUksQ0FBQyxhQUFhO1lBQ3ZCLENBQUMsQ0FBQyxJQUFJLDZCQUFZLENBQUMsSUFBSSxFQUFFLEtBQUssQ0FBQztZQUMvQixDQUFDLENBQUMsNkJBQVksQ0FBQyxhQUFhLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDdkMsQ0FBQztJQUVTLG9CQUFvQixDQUFDLEtBRTlCO1FBQ0MsT0FBTyxJQUFJLENBQUMsYUFBYTtZQUN2QixDQUFDLENBQUMsSUFBSSwwQ0FBa0IsQ0FBQyxJQUFJLEVBQUUsRUFBRSxRQUFRLEVBQUUsS0FBSyxDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQzVELENBQUMsQ0FBQywwQ0FBa0IsQ0FBQyxhQUFhLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDN0MsQ0FBQztJQUVTLG9CQUFvQixDQUFDLEtBRTlCO1FBQ0MsTUFBTSxPQUFPLEdBQUcsK0JBQWEsQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFrQixDQUFDO1FBQ3hELE9BQU8sSUFBSSxDQUFDLGFBQWE7WUFDdkIsQ0FBQyxDQUFDLElBQUksMENBQWtCLENBQUMsSUFBSSxFQUFFO2dCQUMzQixRQUFRLEVBQUUsS0FBSyxDQUFDLFFBQVE7Z0JBQ3hCLGFBQWEsRUFBRTtvQkFDYixZQUFZLEVBQUUsUUFBUSxPQUFPLENBQUMsVUFBVSxFQUFFO2lCQUMzQzthQUNGLENBQUM7WUFDSixDQUFDLENBQUMsMENBQWtCLENBQUMsYUFBYSxDQUFDLElBQUksQ0FBQyxDQUFDO0lBQzdDLENBQUM7Q0FDRjtBQTNHRCxvQkEyR0MiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQge1xuICBJVXNlclBvb2wsXG4gIElVc2VyUG9vbENsaWVudCxcbiAgSVVzZXJQb29sRG9tYWluLFxuICBVc2VyUG9vbFByb3BzLFxufSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWNvZ25pdG9cIjtcbmltcG9ydCB7IElLZXkgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWttc1wiO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcbmltcG9ydCB7IE9QRU5fSElfU0VSVklDRV9UWVBFLCBPcGVuSGlTZXJ2aWNlIH0gZnJvbSBcIi4uL2FwcC9vcGVuLWhpLXNlcnZpY2VcIjtcbmltcG9ydCB7IENvcmVVc2VyUG9vbCB9IGZyb20gXCIuL2NvZ25pdG8vY29yZS11c2VyLXBvb2xcIjtcbmltcG9ydCB7IENvcmVVc2VyUG9vbENsaWVudCB9IGZyb20gXCIuL2NvZ25pdG8vY29yZS11c2VyLXBvb2wtY2xpZW50XCI7XG5pbXBvcnQgeyBDb3JlVXNlclBvb2xEb21haW4gfSBmcm9tIFwiLi9jb2duaXRvL2NvcmUtdXNlci1wb29sLWRvbWFpblwiO1xuaW1wb3J0IHsgQ29yZVVzZXJQb29sS21zS2V5IH0gZnJvbSBcIi4vY29nbml0by9jb3JlLXVzZXItcG9vbC1rbXMta2V5XCI7XG5cbmV4cG9ydCBpbnRlcmZhY2UgQXV0aFByb3BzIHtcbiAgLyoqXG4gICAqIE9wdGlvbmFsIHByb3BzIGZvciBjcmVhdGluZyB0aGUgdXNlciBwb29sLlxuICAgKi9cbiAgcmVhZG9ubHkgdXNlclBvb2xQcm9wcz86IFVzZXJQb29sUHJvcHM7XG59XG5cbi8qKlxuICogQXV0aCBjb25zdHJ1Y3QgdGhhdCBtYW5hZ2VzIENvZ25pdG8gYXV0aGVudGljYXRpb24gcmVzb3VyY2VzLlxuICpcbiAqIEByZW1hcmtzXG4gKiBUaGUgQXV0aCBjb25zdHJ1Y3QgcHJvdmlkZXMgYXV0aGVudGljYXRpb24gaW5mcmFzdHJ1Y3R1cmUgaW5jbHVkaW5nOlxuICogLSBDb2duaXRvIFVzZXIgUG9vbCBmb3IgdXNlciBtYW5hZ2VtZW50IGFuZCBhdXRoZW50aWNhdGlvblxuICogLSBVc2VyIFBvb2wgQ2xpZW50IGZvciBhcHBsaWNhdGlvbiBpbnRlZ3JhdGlvblxuICogLSBVc2VyIFBvb2wgRG9tYWluIGZvciBob3N0aW5nIHRoZSBDb2duaXRvIGhvc3RlZCBVSVxuICogLSBLTVMgS2V5IGZvciBDb2duaXRvIFVzZXIgUG9vbCBlbmNyeXB0aW9uXG4gKlxuICogV2hlbiBjcmVhdGVkIGluIHRoZSBBdXRoIHNlcnZpY2UgKGBzZXJ2aWNlVHlwZSA9PT0gT1BFTl9ISV9TRVJWSUNFX1RZUEUuQVVUSGApLFxuICogaXQgY3JlYXRlcyBjb25jcmV0ZSByZXNvdXJjZXMuIE90aGVyd2lzZSwgaXQgaW1wb3J0cyBleGlzdGluZyByZXNvdXJjZXNcbiAqIGZyb20gU1NNIFBhcmFtZXRlciBTdG9yZS5cbiAqXG4gKiBVc2Uge0BsaW5rIEF1dGguZnJvbUNvbnN0cnVjdH0gdG8gb2J0YWluIGFuIEF1dGggaW5zdGFuY2UgKHdpdGggcmVzb3VyY2VzXG4gKiBpbXBvcnRlZCBmcm9tIEFVVEggU1NNIHBhcmFtZXRlcnMpIHdoZW4gbm90IGluIHRoZSBBdXRoIHNlcnZpY2UsIGUuZy4gZnJvbVxuICogdGhlIENvcmUgY29uc3RydWN0LlxuICpcbiAqIEBwdWJsaWNcbiAqL1xuZXhwb3J0IGNsYXNzIEF1dGggZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICAvKipcbiAgICogUmV0dXJucyBhbiBBdXRoIGluc3RhbmNlIHRoYXQgdXNlcyByZXNvdXJjZXMgaW1wb3J0ZWQgZnJvbSBBVVRIIFNTTVxuICAgKiBwYXJhbWV0ZXJzLiBVc2UgdGhpcyB3aGVuIGNyZWF0aW5nIENvcmUgb3Igb3RoZXIgc3RhY2tzIHRoYXQgY29uc3VtZVxuICAgKiBhdXRoIHJlc291cmNlczsgdGhlIEF1dGggc3RhY2sgbXVzdCBiZSBkZXBsb3llZCBmaXJzdC5cbiAgICpcbiAgICogQHBhcmFtIHNjb3BlIC0gQ29uc3RydWN0IHNjb3BlIChlLmcuIENvcmUpOyBtdXN0IGJlIGluIGEgc3RhY2sgdGhhdCBoYXNcbiAgICogICBhY2Nlc3MgdG8gdGhlIHNhbWUgYWNjb3VudC9yZWdpb24gYXMgdGhlIGRlcGxveWVkIEF1dGggc3RhY2suXG4gICAqL1xuICBwdWJsaWMgc3RhdGljIGZyb21Db25zdHJ1Y3Qoc2NvcGU6IENvbnN0cnVjdCk6IEF1dGgge1xuICAgIHJldHVybiBuZXcgQXV0aChzY29wZSwge30pO1xuICB9XG5cbiAgLyoqXG4gICAqIElzIHRoaXMgY29uc3RydWN0IGJlaW5nIGNyZWF0ZWQgaW4gdGhlIGF1dGggc2VydmljZSBvciBlbHNld2hlcmU/XG4gICAqL1xuICBwdWJsaWMgcmVhZG9ubHkgaXNBdXRoU2VydmljZTogYm9vbGVhbjtcblxuICAvKipcbiAgICogS01TIEtleSB1c2VkIHRvIGVuY3J5cHQgdGhlIENvZ25pdG8gVXNlciBQb29sLiBXZSBuZWVkIGEgY3VzdG9tIGtleSBzbyB0aGF0XG4gICAqIHdlIGNhbiBkZWNyeXB0IHRva2VucyB3aGVuIHNlbmRpbmcgZW1haWxzIHVzaW5nIHNvbWV0aGluZyBvdGhlciB0aGFuIFNFUy5cbiAgICovXG4gIHB1YmxpYyByZWFkb25seSB1c2VyUG9vbEttc0tleTogSUtleTtcblxuICAvKipcbiAgICogQ29nbml0byBVc2VyIFBvb2wgZm9yIHVzZXIgbWFuYWdlbWVudCBhbmQgYXV0aGVudGljYXRpb24uXG4gICAqL1xuICBwdWJsaWMgcmVhZG9ubHkgdXNlclBvb2w6IElVc2VyUG9vbDtcblxuICAvKipcbiAgICogQ29nbml0byBVc2VyIFBvb2wgQ2xpZW50IGZvciBhcHBsaWNhdGlvbiBpbnRlZ3JhdGlvbiB3aXRoIHRoZSBVc2VyIFBvb2wuXG4gICAqL1xuICBwdWJsaWMgcmVhZG9ubHkgdXNlclBvb2xDbGllbnQ6IElVc2VyUG9vbENsaWVudDtcblxuICAvKipcbiAgICogQ29nbml0byBVc2VyIFBvb2wgRG9tYWluIGZvciBob3N0aW5nIHRoZSBDb2duaXRvIGhvc3RlZCBVSS5cbiAgICovXG4gIHB1YmxpYyByZWFkb25seSB1c2VyUG9vbERvbWFpbjogSVVzZXJQb29sRG9tYWluO1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIHByb3BzOiBBdXRoUHJvcHMgPSB7fSkge1xuICAgIHN1cGVyKHNjb3BlLCBcImF1dGhcIik7XG5cbiAgICAvKipcbiAgICAgKiBSZWZlcmVuY2UgdG8gcGFyZW50IHN0YWNrIHRoaXMgYmVsb25ncyB0by5cbiAgICAgKi9cbiAgICBjb25zdCBzZXJ2aWNlID0gT3BlbkhpU2VydmljZS5vZih0aGlzKSBhcyBPcGVuSGlTZXJ2aWNlO1xuXG4gICAgLyoqXG4gICAgICogRGV0ZXJtaW5lIGlmIHdlIGFyZSBpbiB0aGUgYXV0aCBzZXJ2aWNlIG9yIG5vdC5cbiAgICAgKi9cbiAgICB0aGlzLmlzQXV0aFNlcnZpY2UgPSBzZXJ2aWNlLnNlcnZpY2VUeXBlID09PSBPUEVOX0hJX1NFUlZJQ0VfVFlQRS5BVVRIO1xuXG4gICAgLyoqXG4gICAgICogQXV0aCBTdXBwb3J0XG4gICAgICovXG4gICAgdGhpcy51c2VyUG9vbEttc0tleSA9IHRoaXMuY3JlYXRlVXNlclBvb2xLbXNLZXkoKTtcbiAgICB0aGlzLnVzZXJQb29sID0gdGhpcy5jcmVhdGVVc2VyUG9vbCh7XG4gICAgICAuLi5wcm9wcy51c2VyUG9vbFByb3BzLFxuICAgICAgY3VzdG9tU2VuZGVyS21zS2V5OiB0aGlzLnVzZXJQb29sS21zS2V5LFxuICAgIH0pO1xuICAgIHRoaXMudXNlclBvb2xDbGllbnQgPSB0aGlzLmNyZWF0ZVVzZXJQb29sQ2xpZW50KHtcbiAgICAgIHVzZXJQb29sOiB0aGlzLnVzZXJQb29sLFxuICAgIH0pO1xuICAgIHRoaXMudXNlclBvb2xEb21haW4gPSB0aGlzLmNyZWF0ZVVzZXJQb29sRG9tYWluKHtcbiAgICAgIHVzZXJQb29sOiB0aGlzLnVzZXJQb29sLFxuICAgIH0pO1xuICB9XG5cbiAgLyoqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqXG4gICAqXG4gICAqIEF1dGggU3VwcG9ydFxuICAgKlxuICAgKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKi9cblxuICBwcm90ZWN0ZWQgY3JlYXRlVXNlclBvb2xLbXNLZXkoKTogSUtleSB7XG4gICAgcmV0dXJuIHRoaXMuaXNBdXRoU2VydmljZVxuICAgICAgPyBuZXcgQ29yZVVzZXJQb29sS21zS2V5KHRoaXMpXG4gICAgICA6IENvcmVVc2VyUG9vbEttc0tleS5mcm9tQ29uc3RydWN0KHRoaXMpO1xuICB9XG5cbiAgcHJvdGVjdGVkIGNyZWF0ZVVzZXJQb29sKHByb3BzPzogVXNlclBvb2xQcm9wcyk6IElVc2VyUG9vbCB7XG4gICAgcmV0dXJuIHRoaXMuaXNBdXRoU2VydmljZVxuICAgICAgPyBuZXcgQ29yZVVzZXJQb29sKHRoaXMsIHByb3BzKVxuICAgICAgOiBDb3JlVXNlclBvb2wuZnJvbUNvbnN0cnVjdCh0aGlzKTtcbiAgfVxuXG4gIHByb3RlY3RlZCBjcmVhdGVVc2VyUG9vbENsaWVudChwcm9wczoge1xuICAgIHVzZXJQb29sOiBJVXNlclBvb2w7XG4gIH0pOiBJVXNlclBvb2xDbGllbnQge1xuICAgIHJldHVybiB0aGlzLmlzQXV0aFNlcnZpY2VcbiAgICAgID8gbmV3IENvcmVVc2VyUG9vbENsaWVudCh0aGlzLCB7IHVzZXJQb29sOiBwcm9wcy51c2VyUG9vbCB9KVxuICAgICAgOiBDb3JlVXNlclBvb2xDbGllbnQuZnJvbUNvbnN0cnVjdCh0aGlzKTtcbiAgfVxuXG4gIHByb3RlY3RlZCBjcmVhdGVVc2VyUG9vbERvbWFpbihwcm9wczoge1xuICAgIHVzZXJQb29sOiBJVXNlclBvb2w7XG4gIH0pOiBJVXNlclBvb2xEb21haW4ge1xuICAgIGNvbnN0IHNlcnZpY2UgPSBPcGVuSGlTZXJ2aWNlLm9mKHRoaXMpIGFzIE9wZW5IaVNlcnZpY2U7XG4gICAgcmV0dXJuIHRoaXMuaXNBdXRoU2VydmljZVxuICAgICAgPyBuZXcgQ29yZVVzZXJQb29sRG9tYWluKHRoaXMsIHtcbiAgICAgICAgICB1c2VyUG9vbDogcHJvcHMudXNlclBvb2wsXG4gICAgICAgICAgY29nbml0b0RvbWFpbjoge1xuICAgICAgICAgICAgZG9tYWluUHJlZml4OiBgYXV0aC0ke3NlcnZpY2UuYnJhbmNoSGFzaH1gLFxuICAgICAgICAgIH0sXG4gICAgICAgIH0pXG4gICAgICA6IENvcmVVc2VyUG9vbERvbWFpbi5mcm9tQ29uc3RydWN0KHRoaXMpO1xuICB9XG59XG4iXX0=

package/lib/components/cognito/core-user-pool-client.d.ts

@@ -0,0 +1,10 @@
+import { IUserPoolClient, UserPoolClient, UserPoolClientProps } from "aws-cdk-lib/aws-cognito";
+import { Construct } from "constructs";
+export declare class CoreUserPoolClient extends UserPoolClient {
+    /**
+     * Used when storing the User Pool Client ID in SSM.
+     */
+    static readonly SSM_PARAM_NAME = "CORE_USER_POOL_CLIENT";
+    static fromConstruct(scope: Construct): IUserPoolClient;
+    constructor(scope: Construct, props: UserPoolClientProps);
+}

package/lib/components/cognito/core-user-pool-client.js

@@ -0,0 +1,47 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CoreUserPoolClient = void 0;
+const aws_cognito_1 = require("aws-cdk-lib/aws-cognito");
+const open_hi_service_1 = require("../../app/open-hi-service");
+const ssm_1 = require("../ssm");
+class CoreUserPoolClient extends aws_cognito_1.UserPoolClient {
+    static fromConstruct(scope) {
+        const userPoolClientId = ssm_1.DiscoverableStringParameter.valueForLookupName(scope, {
+            ssmParamName: CoreUserPoolClient.SSM_PARAM_NAME,
+            serviceType: open_hi_service_1.OPEN_HI_SERVICE_TYPE.AUTH,
+        });
+        return aws_cognito_1.UserPoolClient.fromUserPoolClientId(scope, "user-pool-client", userPoolClientId);
+    }
+    constructor(scope, props) {
+        super(scope, "user-pool-client", {
+            /**
+             * Defaults
+             */
+            generateSecret: false,
+            oAuth: {
+                flows: {
+                    authorizationCodeGrant: true,
+                    implicitCodeGrant: true,
+                },
+                callbackUrls: [`https://localhost:3000/oauth/callback`],
+            },
+            /**
+             * Overrideable props
+             */
+            ...props,
+        });
+        /**
+         * Generate the SSM Parameter used to store this User Pool's ID.
+         */
+        new ssm_1.DiscoverableStringParameter(this, "user-pool-client-param", {
+            ssmParamName: CoreUserPoolClient.SSM_PARAM_NAME,
+            stringValue: this.userPoolClientId,
+        });
+    }
+}
+exports.CoreUserPoolClient = CoreUserPoolClient;
+/**
+ * Used when storing the User Pool Client ID in SSM.
+ */
+CoreUserPoolClient.SSM_PARAM_NAME = "CORE_USER_POOL_CLIENT";
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29yZS11c2VyLXBvb2wtY2xpZW50LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2NvbXBvbmVudHMvY29nbml0by9jb3JlLXVzZXItcG9vbC1jbGllbnQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEseURBSWlDO0FBRWpDLCtEQUFpRTtBQUNqRSxnQ0FBcUQ7QUFFckQsTUFBYSxrQkFBbUIsU0FBUSw0QkFBYztJQU03QyxNQUFNLENBQUMsYUFBYSxDQUFDLEtBQWdCO1FBQzFDLE1BQU0sZ0JBQWdCLEdBQUcsaUNBQTJCLENBQUMsa0JBQWtCLENBQ3JFLEtBQUssRUFDTDtZQUNFLFlBQVksRUFBRSxrQkFBa0IsQ0FBQyxjQUFjO1lBQy9DLFdBQVcsRUFBRSxzQ0FBb0IsQ0FBQyxJQUFJO1NBQ3ZDLENBQ0YsQ0FBQztRQUVGLE9BQU8sNEJBQWMsQ0FBQyxvQkFBb0IsQ0FDeEMsS0FBSyxFQUNMLGtCQUFrQixFQUNsQixnQkFBZ0IsQ0FDakIsQ0FBQztJQUNKLENBQUM7SUFFRCxZQUFZLEtBQWdCLEVBQUUsS0FBMEI7UUFDdEQsS0FBSyxDQUFDLEtBQUssRUFBRSxrQkFBa0IsRUFBRTtZQUMvQjs7ZUFFRztZQUNILGNBQWMsRUFBRSxLQUFLO1lBQ3JCLEtBQUssRUFBRTtnQkFDTCxLQUFLLEVBQUU7b0JBQ0wsc0JBQXNCLEVBQUUsSUFBSTtvQkFDNUIsaUJBQWlCLEVBQUUsSUFBSTtpQkFDeEI7Z0JBQ0QsWUFBWSxFQUFFLENBQUMsdUNBQXVDLENBQUM7YUFDeEQ7WUFFRDs7ZUFFRztZQUNILEdBQUcsS0FBSztTQUNULENBQUMsQ0FBQztRQUVIOztXQUVHO1FBQ0gsSUFBSSxpQ0FBMkIsQ0FBQyxJQUFJLEVBQUUsd0JBQXdCLEVBQUU7WUFDOUQsWUFBWSxFQUFFLGtCQUFrQixDQUFDLGNBQWM7WUFDL0MsV0FBVyxFQUFFLElBQUksQ0FBQyxnQkFBZ0I7U0FDbkMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQzs7QUFqREgsZ0RBa0RDO0FBakRDOztHQUVHO0FBQ29CLGlDQUFjLEdBQUcsdUJBQXVCLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQge1xuICBJVXNlclBvb2xDbGllbnQsXG4gIFVzZXJQb29sQ2xpZW50LFxuICBVc2VyUG9vbENsaWVudFByb3BzLFxufSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWNvZ25pdG9cIjtcbmltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5pbXBvcnQgeyBPUEVOX0hJX1NFUlZJQ0VfVFlQRSB9IGZyb20gXCIuLi8uLi9hcHAvb3Blbi1oaS1zZXJ2aWNlXCI7XG5pbXBvcnQgeyBEaXNjb3ZlcmFibGVTdHJpbmdQYXJhbWV0ZXIgfSBmcm9tIFwiLi4vc3NtXCI7XG5cbmV4cG9ydCBjbGFzcyBDb3JlVXNlclBvb2xDbGllbnQgZXh0ZW5kcyBVc2VyUG9vbENsaWVudCB7XG4gIC8qKlxuICAgKiBVc2VkIHdoZW4gc3RvcmluZyB0aGUgVXNlciBQb29sIENsaWVudCBJRCBpbiBTU00uXG4gICAqL1xuICBwdWJsaWMgc3RhdGljIHJlYWRvbmx5IFNTTV9QQVJBTV9OQU1FID0gXCJDT1JFX1VTRVJfUE9PTF9DTElFTlRcIjtcblxuICBwdWJsaWMgc3RhdGljIGZyb21Db25zdHJ1Y3Qoc2NvcGU6IENvbnN0cnVjdCk6IElVc2VyUG9vbENsaWVudCB7XG4gICAgY29uc3QgdXNlclBvb2xDbGllbnRJZCA9IERpc2NvdmVyYWJsZVN0cmluZ1BhcmFtZXRlci52YWx1ZUZvckxvb2t1cE5hbWUoXG4gICAgICBzY29wZSxcbiAgICAgIHtcbiAgICAgICAgc3NtUGFyYW1OYW1lOiBDb3JlVXNlclBvb2xDbGllbnQuU1NNX1BBUkFNX05BTUUsXG4gICAgICAgIHNlcnZpY2VUeXBlOiBPUEVOX0hJX1NFUlZJQ0VfVFlQRS5BVVRILFxuICAgICAgfSxcbiAgICApO1xuXG4gICAgcmV0dXJuIFVzZXJQb29sQ2xpZW50LmZyb21Vc2VyUG9vbENsaWVudElkKFxuICAgICAgc2NvcGUsXG4gICAgICBcInVzZXItcG9vbC1jbGllbnRcIixcbiAgICAgIHVzZXJQb29sQ2xpZW50SWQsXG4gICAgKTtcbiAgfVxuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIHByb3BzOiBVc2VyUG9vbENsaWVudFByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIFwidXNlci1wb29sLWNsaWVudFwiLCB7XG4gICAgICAvKipcbiAgICAgICAqIERlZmF1bHRzXG4gICAgICAgKi9cbiAgICAgIGdlbmVyYXRlU2VjcmV0OiBmYWxzZSxcbiAgICAgIG9BdXRoOiB7XG4gICAgICAgIGZsb3dzOiB7XG4gICAgICAgICAgYXV0aG9yaXphdGlvbkNvZGVHcmFudDogdHJ1ZSxcbiAgICAgICAgICBpbXBsaWNpdENvZGVHcmFudDogdHJ1ZSxcbiAgICAgICAgfSxcbiAgICAgICAgY2FsbGJhY2tVcmxzOiBbYGh0dHBzOi8vbG9jYWxob3N0OjMwMDAvb2F1dGgvY2FsbGJhY2tgXSxcbiAgICAgIH0sXG5cbiAgICAgIC8qKlxuICAgICAgICogT3ZlcnJpZGVhYmxlIHByb3BzXG4gICAgICAgKi9cbiAgICAgIC4uLnByb3BzLFxuICAgIH0pO1xuXG4gICAgLyoqXG4gICAgICogR2VuZXJhdGUgdGhlIFNTTSBQYXJhbWV0ZXIgdXNlZCB0byBzdG9yZSB0aGlzIFVzZXIgUG9vbCdzIElELlxuICAgICAqL1xuICAgIG5ldyBEaXNjb3ZlcmFibGVTdHJpbmdQYXJhbWV0ZXIodGhpcywgXCJ1c2VyLXBvb2wtY2xpZW50LXBhcmFtXCIsIHtcbiAgICAgIHNzbVBhcmFtTmFtZTogQ29yZVVzZXJQb29sQ2xpZW50LlNTTV9QQVJBTV9OQU1FLFxuICAgICAgc3RyaW5nVmFsdWU6IHRoaXMudXNlclBvb2xDbGllbnRJZCxcbiAgICB9KTtcbiAgfVxufVxuIl19

package/lib/components/cognito/core-user-pool-domain.d.ts

@@ -0,0 +1,10 @@
+import { IUserPoolDomain, UserPoolDomain, UserPoolDomainProps } from "aws-cdk-lib/aws-cognito";
+import { Construct } from "constructs";
+export declare class CoreUserPoolDomain extends UserPoolDomain {
+    /**
+     * Used when storing the User Pool Domain in SSM.
+     */
+    static readonly SSM_PARAM_NAME = "CORE_USER_POOL_DOMAIN";
+    static fromConstruct(scope: Construct): IUserPoolDomain;
+    constructor(scope: Construct, props: UserPoolDomainProps);
+}

package/lib/components/cognito/core-user-pool-domain.js

@@ -0,0 +1,41 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CoreUserPoolDomain = void 0;
+const aws_cognito_1 = require("aws-cdk-lib/aws-cognito");
+const open_hi_service_1 = require("../../app/open-hi-service");
+const ssm_1 = require("../ssm");
+class CoreUserPoolDomain extends aws_cognito_1.UserPoolDomain {
+    static fromConstruct(scope) {
+        const userPoolDomain = ssm_1.DiscoverableStringParameter.valueForLookupName(scope, {
+            ssmParamName: CoreUserPoolDomain.SSM_PARAM_NAME,
+            serviceType: open_hi_service_1.OPEN_HI_SERVICE_TYPE.AUTH,
+        });
+        return aws_cognito_1.UserPoolDomain.fromDomainName(scope, "user-pool-domain", userPoolDomain);
+    }
+    constructor(scope, props) {
+        /**
+         * This supports both custom and native Cognito domains, but we need to
+         * name them uniquely so that swap outs work and don't cause conflicts
+         * when cloudformation does it's deploy.
+         */
+        const id = props.cognitoDomain?.domainPrefix
+            ? "cognito-domain"
+            : "custom-domain";
+        super(scope, id, {
+            ...props,
+        });
+        /**
+         * Generate the SSM Parameter used to store this User Pool's Domain.
+         */
+        new ssm_1.DiscoverableStringParameter(this, "user-pool-domain-param", {
+            ssmParamName: CoreUserPoolDomain.SSM_PARAM_NAME,
+            stringValue: this.domainName,
+        });
+    }
+}
+exports.CoreUserPoolDomain = CoreUserPoolDomain;
+/**
+ * Used when storing the User Pool Domain in SSM.
+ */
+CoreUserPoolDomain.SSM_PARAM_NAME = "CORE_USER_POOL_DOMAIN";
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29yZS11c2VyLXBvb2wtZG9tYWluLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2NvbXBvbmVudHMvY29nbml0by9jb3JlLXVzZXItcG9vbC1kb21haW4udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEseURBSWlDO0FBRWpDLCtEQUFpRTtBQUNqRSxnQ0FBcUQ7QUFFckQsTUFBYSxrQkFBbUIsU0FBUSw0QkFBYztJQU03QyxNQUFNLENBQUMsYUFBYSxDQUFDLEtBQWdCO1FBQzFDLE1BQU0sY0FBYyxHQUFHLGlDQUEyQixDQUFDLGtCQUFrQixDQUNuRSxLQUFLLEVBQ0w7WUFDRSxZQUFZLEVBQUUsa0JBQWtCLENBQUMsY0FBYztZQUMvQyxXQUFXLEVBQUUsc0NBQW9CLENBQUMsSUFBSTtTQUN2QyxDQUNGLENBQUM7UUFFRixPQUFPLDRCQUFjLENBQUMsY0FBYyxDQUNsQyxLQUFLLEVBQ0wsa0JBQWtCLEVBQ2xCLGNBQWMsQ0FDZixDQUFDO0lBQ0osQ0FBQztJQUVELFlBQVksS0FBZ0IsRUFBRSxLQUEwQjtRQUN0RDs7OztXQUlHO1FBQ0gsTUFBTSxFQUFFLEdBQUcsS0FBSyxDQUFDLGFBQWEsRUFBRSxZQUFZO1lBQzFDLENBQUMsQ0FBQyxnQkFBZ0I7WUFDbEIsQ0FBQyxDQUFDLGVBQWUsQ0FBQztRQUVwQixLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsRUFBRTtZQUNmLEdBQUcsS0FBSztTQUNULENBQUMsQ0FBQztRQUVIOztXQUVHO1FBQ0gsSUFBSSxpQ0FBMkIsQ0FBQyxJQUFJLEVBQUUsd0JBQXdCLEVBQUU7WUFDOUQsWUFBWSxFQUFFLGtCQUFrQixDQUFDLGNBQWM7WUFDL0MsV0FBVyxFQUFFLElBQUksQ0FBQyxVQUFVO1NBQzdCLENBQUMsQ0FBQztJQUNMLENBQUM7O0FBM0NILGdEQTRDQztBQTNDQzs7R0FFRztBQUNvQixpQ0FBYyxHQUFHLHVCQUF1QixDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHtcbiAgSVVzZXJQb29sRG9tYWluLFxuICBVc2VyUG9vbERvbWFpbixcbiAgVXNlclBvb2xEb21haW5Qcm9wcyxcbn0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1jb2duaXRvXCI7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0IHsgT1BFTl9ISV9TRVJWSUNFX1RZUEUgfSBmcm9tIFwiLi4vLi4vYXBwL29wZW4taGktc2VydmljZVwiO1xuaW1wb3J0IHsgRGlzY292ZXJhYmxlU3RyaW5nUGFyYW1ldGVyIH0gZnJvbSBcIi4uL3NzbVwiO1xuXG5leHBvcnQgY2xhc3MgQ29yZVVzZXJQb29sRG9tYWluIGV4dGVuZHMgVXNlclBvb2xEb21haW4ge1xuICAvKipcbiAgICogVXNlZCB3aGVuIHN0b3JpbmcgdGhlIFVzZXIgUG9vbCBEb21haW4gaW4gU1NNLlxuICAgKi9cbiAgcHVibGljIHN0YXRpYyByZWFkb25seSBTU01fUEFSQU1fTkFNRSA9IFwiQ09SRV9VU0VSX1BPT0xfRE9NQUlOXCI7XG5cbiAgcHVibGljIHN0YXRpYyBmcm9tQ29uc3RydWN0KHNjb3BlOiBDb25zdHJ1Y3QpOiBJVXNlclBvb2xEb21haW4ge1xuICAgIGNvbnN0IHVzZXJQb29sRG9tYWluID0gRGlzY292ZXJhYmxlU3RyaW5nUGFyYW1ldGVyLnZhbHVlRm9yTG9va3VwTmFtZShcbiAgICAgIHNjb3BlLFxuICAgICAge1xuICAgICAgICBzc21QYXJhbU5hbWU6IENvcmVVc2VyUG9vbERvbWFpbi5TU01fUEFSQU1fTkFNRSxcbiAgICAgICAgc2VydmljZVR5cGU6IE9QRU5fSElfU0VSVklDRV9UWVBFLkFVVEgsXG4gICAgICB9LFxuICAgICk7XG5cbiAgICByZXR1cm4gVXNlclBvb2xEb21haW4uZnJvbURvbWFpbk5hbWUoXG4gICAgICBzY29wZSxcbiAgICAgIFwidXNlci1wb29sLWRvbWFpblwiLFxuICAgICAgdXNlclBvb2xEb21haW4sXG4gICAgKTtcbiAgfVxuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIHByb3BzOiBVc2VyUG9vbERvbWFpblByb3BzKSB7XG4gICAgLyoqXG4gICAgICogVGhpcyBzdXBwb3J0cyBib3RoIGN1c3RvbSBhbmQgbmF0aXZlIENvZ25pdG8gZG9tYWlucywgYnV0IHdlIG5lZWQgdG9cbiAgICAgKiBuYW1lIHRoZW0gdW5pcXVlbHkgc28gdGhhdCBzd2FwIG91dHMgd29yayBhbmQgZG9uJ3QgY2F1c2UgY29uZmxpY3RzXG4gICAgICogd2hlbiBjbG91ZGZvcm1hdGlvbiBkb2VzIGl0J3MgZGVwbG95LlxuICAgICAqL1xuICAgIGNvbnN0IGlkID0gcHJvcHMuY29nbml0b0RvbWFpbj8uZG9tYWluUHJlZml4XG4gICAgICA/IFwiY29nbml0by1kb21haW5cIlxuICAgICAgOiBcImN1c3RvbS1kb21haW5cIjtcblxuICAgIHN1cGVyKHNjb3BlLCBpZCwge1xuICAgICAgLi4ucHJvcHMsXG4gICAgfSk7XG5cbiAgICAvKipcbiAgICAgKiBHZW5lcmF0ZSB0aGUgU1NNIFBhcmFtZXRlciB1c2VkIHRvIHN0b3JlIHRoaXMgVXNlciBQb29sJ3MgRG9tYWluLlxuICAgICAqL1xuICAgIG5ldyBEaXNjb3ZlcmFibGVTdHJpbmdQYXJhbWV0ZXIodGhpcywgXCJ1c2VyLXBvb2wtZG9tYWluLXBhcmFtXCIsIHtcbiAgICAgIHNzbVBhcmFtTmFtZTogQ29yZVVzZXJQb29sRG9tYWluLlNTTV9QQVJBTV9OQU1FLFxuICAgICAgc3RyaW5nVmFsdWU6IHRoaXMuZG9tYWluTmFtZSxcbiAgICB9KTtcbiAgfVxufVxuIl19

package/lib/components/cognito/core-user-pool-kms-key.d.ts

@@ -0,0 +1,10 @@
+import { IKey, Key, KeyProps } from "aws-cdk-lib/aws-kms";
+import { Construct } from "constructs";
+export declare class CoreUserPoolKmsKey extends Key {
+    /**
+     * Used when storing the KMS Key in SSM.
+     */
+    static readonly SSM_PARAM_NAME = "CORE_USER_POOL_KMS_KEY";
+    static fromConstruct(scope: Construct): IKey;
+    constructor(scope: Construct, props?: KeyProps);
+}

package/lib/components/cognito/core-user-pool-kms-key.js

@@ -0,0 +1,37 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CoreUserPoolKmsKey = void 0;
+const aws_kms_1 = require("aws-cdk-lib/aws-kms");
+const open_hi_service_1 = require("../../app/open-hi-service");
+const ssm_1 = require("../ssm");
+class CoreUserPoolKmsKey extends aws_kms_1.Key {
+    static fromConstruct(scope) {
+        const keyArn = ssm_1.DiscoverableStringParameter.valueForLookupName(scope, {
+            ssmParamName: CoreUserPoolKmsKey.SSM_PARAM_NAME,
+            serviceType: open_hi_service_1.OPEN_HI_SERVICE_TYPE.AUTH,
+        });
+        return aws_kms_1.Key.fromKeyArn(scope, "kms-key", keyArn);
+    }
+    constructor(scope, props = {}) {
+        const service = open_hi_service_1.OpenHiService.of(scope);
+        super(scope, "kms-key", {
+            ...props,
+            // alias: ["alias", "cognito", service.branchHash].join("/"),
+            description: `KMS Key for Cognito User Pool - ${service.branchHash}`,
+            removalPolicy: props.removalPolicy ?? service.removalPolicy,
+        });
+        /**
+         * Generate the SSM Parameter used to store this KMS Key.
+         */
+        new ssm_1.DiscoverableStringParameter(this, "kms-key-param", {
+            ssmParamName: CoreUserPoolKmsKey.SSM_PARAM_NAME,
+            stringValue: this.keyArn,
+        });
+    }
+}
+exports.CoreUserPoolKmsKey = CoreUserPoolKmsKey;
+/**
+ * Used when storing the KMS Key in SSM.
+ */
+CoreUserPoolKmsKey.SSM_PARAM_NAME = "CORE_USER_POOL_KMS_KEY";
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29yZS11c2VyLXBvb2wta21zLWtleS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9jb21wb25lbnRzL2NvZ25pdG8vY29yZS11c2VyLXBvb2wta21zLWtleS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxpREFBMEQ7QUFFMUQsK0RBQWdGO0FBQ2hGLGdDQUFxRDtBQUVyRCxNQUFhLGtCQUFtQixTQUFRLGFBQUc7SUFNbEMsTUFBTSxDQUFDLGFBQWEsQ0FBQyxLQUFnQjtRQUMxQyxNQUFNLE1BQU0sR0FBRyxpQ0FBMkIsQ0FBQyxrQkFBa0IsQ0FBQyxLQUFLLEVBQUU7WUFDbkUsWUFBWSxFQUFFLGtCQUFrQixDQUFDLGNBQWM7WUFDL0MsV0FBVyxFQUFFLHNDQUFvQixDQUFDLElBQUk7U0FDdkMsQ0FBQyxDQUFDO1FBRUgsT0FBTyxhQUFHLENBQUMsVUFBVSxDQUFDLEtBQUssRUFBRSxTQUFTLEVBQUUsTUFBTSxDQUFDLENBQUM7SUFDbEQsQ0FBQztJQUVELFlBQVksS0FBZ0IsRUFBRSxRQUFrQixFQUFFO1FBQ2hELE1BQU0sT0FBTyxHQUFHLCtCQUFhLENBQUMsRUFBRSxDQUFDLEtBQUssQ0FBa0IsQ0FBQztRQUV6RCxLQUFLLENBQUMsS0FBSyxFQUFFLFNBQVMsRUFBRTtZQUN0QixHQUFHLEtBQUs7WUFDUiw2REFBNkQ7WUFDN0QsV0FBVyxFQUFFLG1DQUFtQyxPQUFPLENBQUMsVUFBVSxFQUFFO1lBQ3BFLGFBQWEsRUFBRSxLQUFLLENBQUMsYUFBYSxJQUFJLE9BQU8sQ0FBQyxhQUFhO1NBQzVELENBQUMsQ0FBQztRQUVIOztXQUVHO1FBQ0gsSUFBSSxpQ0FBMkIsQ0FBQyxJQUFJLEVBQUUsZUFBZSxFQUFFO1lBQ3JELFlBQVksRUFBRSxrQkFBa0IsQ0FBQyxjQUFjO1lBQy9DLFdBQVcsRUFBRSxJQUFJLENBQUMsTUFBTTtTQUN6QixDQUFDLENBQUM7SUFDTCxDQUFDOztBQWhDSCxnREFpQ0M7QUFoQ0M7O0dBRUc7QUFDb0IsaUNBQWMsR0FBRyx3QkFBd0IsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IElLZXksIEtleSwgS2V5UHJvcHMgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWttc1wiO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcbmltcG9ydCB7IE9QRU5fSElfU0VSVklDRV9UWVBFLCBPcGVuSGlTZXJ2aWNlIH0gZnJvbSBcIi4uLy4uL2FwcC9vcGVuLWhpLXNlcnZpY2VcIjtcbmltcG9ydCB7IERpc2NvdmVyYWJsZVN0cmluZ1BhcmFtZXRlciB9IGZyb20gXCIuLi9zc21cIjtcblxuZXhwb3J0IGNsYXNzIENvcmVVc2VyUG9vbEttc0tleSBleHRlbmRzIEtleSB7XG4gIC8qKlxuICAgKiBVc2VkIHdoZW4gc3RvcmluZyB0aGUgS01TIEtleSBpbiBTU00uXG4gICAqL1xuICBwdWJsaWMgc3RhdGljIHJlYWRvbmx5IFNTTV9QQVJBTV9OQU1FID0gXCJDT1JFX1VTRVJfUE9PTF9LTVNfS0VZXCI7XG5cbiAgcHVibGljIHN0YXRpYyBmcm9tQ29uc3RydWN0KHNjb3BlOiBDb25zdHJ1Y3QpOiBJS2V5IHtcbiAgICBjb25zdCBrZXlBcm4gPSBEaXNjb3ZlcmFibGVTdHJpbmdQYXJhbWV0ZXIudmFsdWVGb3JMb29rdXBOYW1lKHNjb3BlLCB7XG4gICAgICBzc21QYXJhbU5hbWU6IENvcmVVc2VyUG9vbEttc0tleS5TU01fUEFSQU1fTkFNRSxcbiAgICAgIHNlcnZpY2VUeXBlOiBPUEVOX0hJX1NFUlZJQ0VfVFlQRS5BVVRILFxuICAgIH0pO1xuXG4gICAgcmV0dXJuIEtleS5mcm9tS2V5QXJuKHNjb3BlLCBcImttcy1rZXlcIiwga2V5QXJuKTtcbiAgfVxuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIHByb3BzOiBLZXlQcm9wcyA9IHt9KSB7XG4gICAgY29uc3Qgc2VydmljZSA9IE9wZW5IaVNlcnZpY2Uub2Yoc2NvcGUpIGFzIE9wZW5IaVNlcnZpY2U7XG5cbiAgICBzdXBlcihzY29wZSwgXCJrbXMta2V5XCIsIHtcbiAgICAgIC4uLnByb3BzLFxuICAgICAgLy8gYWxpYXM6IFtcImFsaWFzXCIsIFwiY29nbml0b1wiLCBzZXJ2aWNlLmJyYW5jaEhhc2hdLmpvaW4oXCIvXCIpLFxuICAgICAgZGVzY3JpcHRpb246IGBLTVMgS2V5IGZvciBDb2duaXRvIFVzZXIgUG9vbCAtICR7c2VydmljZS5icmFuY2hIYXNofWAsXG4gICAgICByZW1vdmFsUG9saWN5OiBwcm9wcy5yZW1vdmFsUG9saWN5ID8/IHNlcnZpY2UucmVtb3ZhbFBvbGljeSxcbiAgICB9KTtcblxuICAgIC8qKlxuICAgICAqIEdlbmVyYXRlIHRoZSBTU00gUGFyYW1ldGVyIHVzZWQgdG8gc3RvcmUgdGhpcyBLTVMgS2V5LlxuICAgICAqL1xuICAgIG5ldyBEaXNjb3ZlcmFibGVTdHJpbmdQYXJhbWV0ZXIodGhpcywgXCJrbXMta2V5LXBhcmFtXCIsIHtcbiAgICAgIHNzbVBhcmFtTmFtZTogQ29yZVVzZXJQb29sS21zS2V5LlNTTV9QQVJBTV9OQU1FLFxuICAgICAgc3RyaW5nVmFsdWU6IHRoaXMua2V5QXJuLFxuICAgIH0pO1xuICB9XG59XG4iXX0=

package/lib/components/cognito/core-user-pool.d.ts

@@ -0,0 +1,10 @@
+import { IUserPool, UserPool, UserPoolProps } from "aws-cdk-lib/aws-cognito";
+import { Construct } from "constructs";
+export declare class CoreUserPool extends UserPool {
+    /**
+     * Used when storing the User Pool ID in SSM.
+     */
+    static readonly SSM_PARAM_NAME = "CORE_USER_POOL";
+    static fromConstruct(scope: Construct): IUserPool;
+    constructor(scope: Construct, props?: UserPoolProps);
+}

package/lib/components/cognito/core-user-pool.js

@@ -0,0 +1,54 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CoreUserPool = void 0;
+const aws_cognito_1 = require("aws-cdk-lib/aws-cognito");
+const open_hi_service_1 = require("../../app/open-hi-service");
+const ssm_1 = require("../ssm");
+class CoreUserPool extends aws_cognito_1.UserPool {
+    static fromConstruct(scope) {
+        const userPoolId = ssm_1.DiscoverableStringParameter.valueForLookupName(scope, {
+            ssmParamName: CoreUserPool.SSM_PARAM_NAME,
+            serviceType: open_hi_service_1.OPEN_HI_SERVICE_TYPE.AUTH,
+        });
+        return aws_cognito_1.UserPool.fromUserPoolId(scope, "user-pool", userPoolId);
+    }
+    constructor(scope, props = {}) {
+        const service = open_hi_service_1.OpenHiService.of(scope);
+        super(scope, "user-pool", {
+            /**
+             * Defaults
+             */
+            selfSignUpEnabled: true,
+            signInAliases: {
+                email: true,
+            },
+            userVerification: {
+                emailSubject: "Verify your email!",
+                emailBody: "Your verification code is {####}.",
+                emailStyle: aws_cognito_1.VerificationEmailStyle.CODE,
+            },
+            removalPolicy: props.removalPolicy ?? service.removalPolicy,
+            /**
+             * Over-rideable props
+             */
+            ...props,
+            /**
+             * Required
+             */
+            userPoolName: ["core", "user", "pool", service.branchHash].join("-"),
+        });
+        /**
+         * Generate the SSM Parameter used to store this User Pool's ID.
+         */
+        new ssm_1.DiscoverableStringParameter(this, "user-pool-param", {
+            ssmParamName: CoreUserPool.SSM_PARAM_NAME,
+            stringValue: this.userPoolId,
+        });
+    }
+}
+exports.CoreUserPool = CoreUserPool;
+/**
+ * Used when storing the User Pool ID in SSM.
+ */
+CoreUserPool.SSM_PARAM_NAME = "CORE_USER_POOL";
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29yZS11c2VyLXBvb2wuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvY29tcG9uZW50cy9jb2duaXRvL2NvcmUtdXNlci1wb29sLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLHlEQUtpQztBQUVqQywrREFBZ0Y7QUFDaEYsZ0NBQXFEO0FBRXJELE1BQWEsWUFBYSxTQUFRLHNCQUFRO0lBTWpDLE1BQU0sQ0FBQyxhQUFhLENBQUMsS0FBZ0I7UUFDMUMsTUFBTSxVQUFVLEdBQUcsaUNBQTJCLENBQUMsa0JBQWtCLENBQUMsS0FBSyxFQUFFO1lBQ3ZFLFlBQVksRUFBRSxZQUFZLENBQUMsY0FBYztZQUN6QyxXQUFXLEVBQUUsc0NBQW9CLENBQUMsSUFBSTtTQUN2QyxDQUFDLENBQUM7UUFFSCxPQUFPLHNCQUFRLENBQUMsY0FBYyxDQUFDLEtBQUssRUFBRSxXQUFXLEVBQUUsVUFBVSxDQUFDLENBQUM7SUFDakUsQ0FBQztJQUVELFlBQVksS0FBZ0IsRUFBRSxRQUF1QixFQUFFO1FBQ3JELE1BQU0sT0FBTyxHQUFHLCtCQUFhLENBQUMsRUFBRSxDQUFDLEtBQUssQ0FBa0IsQ0FBQztRQUV6RCxLQUFLLENBQUMsS0FBSyxFQUFFLFdBQVcsRUFBRTtZQUN4Qjs7ZUFFRztZQUNILGlCQUFpQixFQUFFLElBQUk7WUFDdkIsYUFBYSxFQUFFO2dCQUNiLEtBQUssRUFBRSxJQUFJO2FBQ1o7WUFDRCxnQkFBZ0IsRUFBRTtnQkFDaEIsWUFBWSxFQUFFLG9CQUFvQjtnQkFDbEMsU0FBUyxFQUFFLG1DQUFtQztnQkFDOUMsVUFBVSxFQUFFLG9DQUFzQixDQUFDLElBQUk7YUFDeEM7WUFDRCxhQUFhLEVBQUUsS0FBSyxDQUFDLGFBQWEsSUFBSSxPQUFPLENBQUMsYUFBYTtZQUUzRDs7ZUFFRztZQUNILEdBQUcsS0FBSztZQUVSOztlQUVHO1lBQ0gsWUFBWSxFQUFFLENBQUMsTUFBTSxFQUFFLE1BQU0sRUFBRSxNQUFNLEVBQUUsT0FBTyxDQUFDLFVBQVUsQ0FBQyxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUM7U0FDckUsQ0FBQyxDQUFDO1FBRUg7O1dBRUc7UUFDSCxJQUFJLGlDQUEyQixDQUFDLElBQUksRUFBRSxpQkFBaUIsRUFBRTtZQUN2RCxZQUFZLEVBQUUsWUFBWSxDQUFDLGNBQWM7WUFDekMsV0FBVyxFQUFFLElBQUksQ0FBQyxVQUFVO1NBQzdCLENBQUMsQ0FBQztJQUNMLENBQUM7O0FBbkRILG9DQW9EQztBQW5EQzs7R0FFRztBQUNvQiwyQkFBYyxHQUFHLGdCQUFnQixDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHtcbiAgSVVzZXJQb29sLFxuICBVc2VyUG9vbCxcbiAgVXNlclBvb2xQcm9wcyxcbiAgVmVyaWZpY2F0aW9uRW1haWxTdHlsZSxcbn0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1jb2duaXRvXCI7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0IHsgT1BFTl9ISV9TRVJWSUNFX1RZUEUsIE9wZW5IaVNlcnZpY2UgfSBmcm9tIFwiLi4vLi4vYXBwL29wZW4taGktc2VydmljZVwiO1xuaW1wb3J0IHsgRGlzY292ZXJhYmxlU3RyaW5nUGFyYW1ldGVyIH0gZnJvbSBcIi4uL3NzbVwiO1xuXG5leHBvcnQgY2xhc3MgQ29yZVVzZXJQb29sIGV4dGVuZHMgVXNlclBvb2wge1xuICAvKipcbiAgICogVXNlZCB3aGVuIHN0b3JpbmcgdGhlIFVzZXIgUG9vbCBJRCBpbiBTU00uXG4gICAqL1xuICBwdWJsaWMgc3RhdGljIHJlYWRvbmx5IFNTTV9QQVJBTV9OQU1FID0gXCJDT1JFX1VTRVJfUE9PTFwiO1xuXG4gIHB1YmxpYyBzdGF0aWMgZnJvbUNvbnN0cnVjdChzY29wZTogQ29uc3RydWN0KTogSVVzZXJQb29sIHtcbiAgICBjb25zdCB1c2VyUG9vbElkID0gRGlzY292ZXJhYmxlU3RyaW5nUGFyYW1ldGVyLnZhbHVlRm9yTG9va3VwTmFtZShzY29wZSwge1xuICAgICAgc3NtUGFyYW1OYW1lOiBDb3JlVXNlclBvb2wuU1NNX1BBUkFNX05BTUUsXG4gICAgICBzZXJ2aWNlVHlwZTogT1BFTl9ISV9TRVJWSUNFX1RZUEUuQVVUSCxcbiAgICB9KTtcblxuICAgIHJldHVybiBVc2VyUG9vbC5mcm9tVXNlclBvb2xJZChzY29wZSwgXCJ1c2VyLXBvb2xcIiwgdXNlclBvb2xJZCk7XG4gIH1cblxuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBwcm9wczogVXNlclBvb2xQcm9wcyA9IHt9KSB7XG4gICAgY29uc3Qgc2VydmljZSA9IE9wZW5IaVNlcnZpY2Uub2Yoc2NvcGUpIGFzIE9wZW5IaVNlcnZpY2U7XG5cbiAgICBzdXBlcihzY29wZSwgXCJ1c2VyLXBvb2xcIiwge1xuICAgICAgLyoqXG4gICAgICAgKiBEZWZhdWx0c1xuICAgICAgICovXG4gICAgICBzZWxmU2lnblVwRW5hYmxlZDogdHJ1ZSxcbiAgICAgIHNpZ25JbkFsaWFzZXM6IHtcbiAgICAgICAgZW1haWw6IHRydWUsXG4gICAgICB9LFxuICAgICAgdXNlclZlcmlmaWNhdGlvbjoge1xuICAgICAgICBlbWFpbFN1YmplY3Q6IFwiVmVyaWZ5IHlvdXIgZW1haWwhXCIsXG4gICAgICAgIGVtYWlsQm9keTogXCJZb3VyIHZlcmlmaWNhdGlvbiBjb2RlIGlzIHsjIyMjfS5cIixcbiAgICAgICAgZW1haWxTdHlsZTogVmVyaWZpY2F0aW9uRW1haWxTdHlsZS5DT0RFLFxuICAgICAgfSxcbiAgICAgIHJlbW92YWxQb2xpY3k6IHByb3BzLnJlbW92YWxQb2xpY3kgPz8gc2VydmljZS5yZW1vdmFsUG9saWN5LFxuXG4gICAgICAvKipcbiAgICAgICAqIE92ZXItcmlkZWFibGUgcHJvcHNcbiAgICAgICAqL1xuICAgICAgLi4ucHJvcHMsXG5cbiAgICAgIC8qKlxuICAgICAgICogUmVxdWlyZWRcbiAgICAgICAqL1xuICAgICAgdXNlclBvb2xOYW1lOiBbXCJjb3JlXCIsIFwidXNlclwiLCBcInBvb2xcIiwgc2VydmljZS5icmFuY2hIYXNoXS5qb2luKFwiLVwiKSxcbiAgICB9KTtcblxuICAgIC8qKlxuICAgICAqIEdlbmVyYXRlIHRoZSBTU00gUGFyYW1ldGVyIHVzZWQgdG8gc3RvcmUgdGhpcyBVc2VyIFBvb2wncyBJRC5cbiAgICAgKi9cbiAgICBuZXcgRGlzY292ZXJhYmxlU3RyaW5nUGFyYW1ldGVyKHRoaXMsIFwidXNlci1wb29sLXBhcmFtXCIsIHtcbiAgICAgIHNzbVBhcmFtTmFtZTogQ29yZVVzZXJQb29sLlNTTV9QQVJBTV9OQU1FLFxuICAgICAgc3RyaW5nVmFsdWU6IHRoaXMudXNlclBvb2xJZCxcbiAgICB9KTtcbiAgfVxufVxuIl19

package/lib/components/core.d.ts

@@ -0,0 +1,102 @@
+import { HttpApiProps } from "aws-cdk-lib/aws-apigatewayv2";
+import { GraphqlApiProps } from "aws-cdk-lib/aws-appsync";
+import { IUserPool, IUserPoolClient, IUserPoolDomain } from "aws-cdk-lib/aws-cognito";
+import { EventBusProps, IEventBus } from "aws-cdk-lib/aws-events";
+import { IKey } from "aws-cdk-lib/aws-kms";
+import { Construct } from "constructs";
+import { OpenHiService } from "../app";
+export interface CoreProps {
+    /**
+     * Pass in options for an event bus, optional.
+     */
+    readonly dataEventBusProps?: EventBusProps;
+    /**
+     * Pass in options for an event bus, optional.
+     */
+    readonly opsEventBusProps?: EventBusProps;
+    /**
+     * Optional args for creating HTTP API.
+     */
+    readonly httpApiProps?: HttpApiProps;
+    /**
+     * Optional args for creating the core GraphQL API.
+     */
+    readonly graphqlApiProps?: GraphqlApiProps;
+}
+export declare class Core extends Construct {
+    /**
+     * Is this construct being created in the core service or elsewhere?
+     */
+    readonly isCoreService: boolean;
+    /**
+     * Reference to the stack this core construct is part of.
+     */
+    readonly service: OpenHiService;
+    /*****************************************************************************
+     *
+     * Event Bus
+     *
+     * These are the event bus constructs used across all services in an OpenHI
+     * application.
+     *
+     ****************************************************************************/
+    /**
+     * Event bus that handles data events. This bus is used for events related to
+     * data processing, such as data ingestion, transformation, and storage.
+     */
+    readonly dataEventBus: IEventBus;
+    /**
+     * Event bus that handles operational events. This bus is used for events
+     * related to system operations, such as monitoring, alerting, and system
+     * health.
+     */
+    readonly opsEventBus: IEventBus;
+    /*****************************************************************************
+     *
+     * Auth Support
+     *
+     * These are the authentication constructs used across all services in an
+     * OpenHI application.
+     *
+     ****************************************************************************/
+    /**
+     * KMS Key used to encrypt the Cognito User Pool. We need a custom key so that
+     * we can decrypt tokens when sending emails using something other than SES.
+     */
+    readonly userPoolKmsKey: IKey;
+    /**
+     * Cognito User Pool for user management and authentication.
+     */
+    readonly userPool: IUserPool;
+    /**
+     * Cognito User Pool Client for application integration with the User Pool.
+     */
+    readonly userPoolClient: IUserPoolClient;
+    /**
+     * Cognito User Pool Domain for hosting the Cognito hosted UI.
+     */
+    readonly userPoolDomain: IUserPoolDomain;
+    /*****************************************************************************
+     *
+     * API Support
+     *
+     * Global endpoints for both App Sync and API Gateway are defined here. These
+     * endpoints can be used/attached to globally by any service.
+     *
+     ****************************************************************************/
+    /**
+     * API Gateway HTTP API for inbound endpoint traffic.
+     */
+    /**
+     * App Sync GraphQL API for inbound endpoint traffic. This is the primary
+     * entrypoint for all subgraphs.
+     */
+    constructor(scope: Construct, props?: CoreProps);
+    /*****************************************************************************
+     *
+     * Event Bus Support
+     *
+     ****************************************************************************/
+    protected createDataEventBus(props?: EventBusProps): IEventBus;
+    protected createOpsEventBus(props?: EventBusProps): IEventBus;
+}

package/lib/components/core.js

@@ -0,0 +1,79 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Core = void 0;
+const constructs_1 = require("constructs");
+const app_1 = require("../app");
+const auth_1 = require("./auth");
+const data_event_bus_1 = require("./event-bridge/data-event-bus");
+const ops_event_bus_1 = require("./event-bridge/ops-event-bus");
+class Core extends constructs_1.Construct {
+    /*****************************************************************************
+     *
+     * API Support
+     *
+     * Global endpoints for both App Sync and API Gateway are defined here. These
+     * endpoints can be used/attached to globally by any service.
+     *
+     ****************************************************************************/
+    /**
+     * API Gateway HTTP API for inbound endpoint traffic.
+     */
+    // public readonly httpApi: IHttpApi;
+    /**
+     * App Sync GraphQL API for inbound endpoint traffic. This is the primary
+     * entrypoint for all subgraphs.
+     */
+    // public readonly graphqlApi: IGraphqlApi;
+    constructor(scope, props = {}) {
+        super(scope, "core");
+        /**
+         * Determine if we are in the core service or not.
+         */
+        /**
+         * Reference to parent stack this belongs to.
+         */
+        this.service = app_1.OpenHiService.of(this);
+        this.isCoreService = this.service.serviceType === app_1.OPEN_HI_SERVICE_TYPE.CORE;
+        /**
+         * Event Bus Support
+         */
+        this.dataEventBus = this.createDataEventBus(props.dataEventBusProps);
+        this.opsEventBus = this.createOpsEventBus(props.opsEventBusProps);
+        /**
+         * Auth Support
+         */
+        const auth = auth_1.Auth.fromConstruct(this);
+        this.userPoolKmsKey = auth.userPoolKmsKey;
+        this.userPool = auth.userPool;
+        this.userPoolClient = auth.userPoolClient;
+        this.userPoolDomain = auth.userPoolDomain;
+        /**
+         * API Support
+         */
+        // this.httpApi = this.createHttpApi(props.httpApiProps);
+        // this.graphqlApi = this.createGraphQlApi(props.graphqlApiProps);
+    }
+    /*****************************************************************************
+     *
+     * Event Bus Support
+     *
+     ****************************************************************************/
+    createDataEventBus(props) {
+        if (!this.dataEventBus) {
+            return this.isCoreService
+                ? new data_event_bus_1.DataEventBus(this, props)
+                : data_event_bus_1.DataEventBus.fromConstruct(this);
+        }
+        return this.dataEventBus;
+    }
+    createOpsEventBus(props) {
+        if (!this.opsEventBus) {
+            return this.isCoreService
+                ? new ops_event_bus_1.OpsEventBus(this, props)
+                : ops_event_bus_1.OpsEventBus.fromConstruct(this);
+        }
+        return this.opsEventBus;
+    }
+}
+exports.Core = Core;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29yZS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9jb21wb25lbnRzL2NvcmUudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBU0EsMkNBQXVDO0FBQ3ZDLGdDQUE2RDtBQUM3RCxpQ0FBOEI7QUFDOUIsa0VBQTZEO0FBQzdELGdFQUEyRDtBQXdCM0QsTUFBYSxJQUFLLFNBQVEsc0JBQVM7SUErRGpDOzs7Ozs7O2tGQU84RTtJQUU5RTs7T0FFRztJQUNILHFDQUFxQztJQUVyQzs7O09BR0c7SUFDSCwyQ0FBMkM7SUFFM0MsWUFBWSxLQUFnQixFQUFFLFFBQW1CLEVBQUU7UUFDakQsS0FBSyxDQUFDLEtBQUssRUFBRSxNQUFNLENBQUMsQ0FBQztRQUVyQjs7V0FFRztRQUNIOztXQUVHO1FBQ0gsSUFBSSxDQUFDLE9BQU8sR0FBRyxtQkFBYSxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQWtCLENBQUM7UUFDdkQsSUFBSSxDQUFDLGFBQWEsR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLFdBQVcsS0FBSywwQkFBb0IsQ0FBQyxJQUFJLENBQUM7UUFFNUU7O1dBRUc7UUFDSCxJQUFJLENBQUMsWUFBWSxHQUFHLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxLQUFLLENBQUMsaUJBQWlCLENBQUMsQ0FBQztRQUNyRSxJQUFJLENBQUMsV0FBVyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxLQUFLLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztRQUVsRTs7V0FFRztRQUNILE1BQU0sSUFBSSxHQUFHLFdBQUksQ0FBQyxhQUFhLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDdEMsSUFBSSxDQUFDLGNBQWMsR0FBRyxJQUFJLENBQUMsY0FBYyxDQUFDO1FBQzFDLElBQUksQ0FBQyxRQUFRLEdBQUcsSUFBSSxDQUFDLFFBQVEsQ0FBQztRQUM5QixJQUFJLENBQUMsY0FBYyxHQUFHLElBQUksQ0FBQyxjQUFjLENBQUM7UUFDMUMsSUFBSSxDQUFDLGNBQWMsR0FBRyxJQUFJLENBQUMsY0FBYyxDQUFDO1FBRTFDOztXQUVHO1FBQ0gseURBQXlEO1FBQ3pELGtFQUFrRTtJQUNwRSxDQUFDO0lBRUQ7Ozs7a0ZBSThFO0lBRXBFLGtCQUFrQixDQUFDLEtBQXFCO1FBQ2hELElBQUksQ0FBQyxJQUFJLENBQUMsWUFBWSxFQUFFLENBQUM7WUFDdkIsT0FBTyxJQUFJLENBQUMsYUFBYTtnQkFDdkIsQ0FBQyxDQUFDLElBQUksNkJBQVksQ0FBQyxJQUFJLEVBQUUsS0FBSyxDQUFDO2dCQUMvQixDQUFDLENBQUMsNkJBQVksQ0FBQyxhQUFhLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDdkMsQ0FBQztRQUNELE9BQU8sSUFBSSxDQUFDLFlBQVksQ0FBQztJQUMzQixDQUFDO0lBRVMsaUJBQWlCLENBQUMsS0FBcUI7UUFDL0MsSUFBSSxDQUFDLElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUN0QixPQUFPLElBQUksQ0FBQyxhQUFhO2dCQUN2QixDQUFDLENBQUMsSUFBSSwyQkFBVyxDQUFDLElBQUksRUFBRSxLQUFLLENBQUM7Z0JBQzlCLENBQUMsQ0FBQywyQkFBVyxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUN0QyxDQUFDO1FBQ0QsT0FBTyxJQUFJLENBQUMsV0FBVyxDQUFDO0lBQzFCLENBQUM7Q0F5REY7QUFwTUQsb0JBb01DIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgSHR0cEFwaVByb3BzIH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1hcGlnYXRld2F5djJcIjtcbmltcG9ydCB7IEdyYXBocWxBcGlQcm9wcyB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtYXBwc3luY1wiO1xuaW1wb3J0IHtcbiAgSVVzZXJQb29sLFxuICBJVXNlclBvb2xDbGllbnQsXG4gIElVc2VyUG9vbERvbWFpbixcbn0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1jb2duaXRvXCI7XG5pbXBvcnQgeyBFdmVudEJ1c1Byb3BzLCBJRXZlbnRCdXMgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWV2ZW50c1wiO1xuaW1wb3J0IHsgSUtleSB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3Mta21zXCI7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0IHsgT1BFTl9ISV9TRVJWSUNFX1RZUEUsIE9wZW5IaVNlcnZpY2UgfSBmcm9tIFwiLi4vYXBwXCI7XG5pbXBvcnQgeyBBdXRoIH0gZnJvbSBcIi4vYXV0aFwiO1xuaW1wb3J0IHsgRGF0YUV2ZW50QnVzIH0gZnJvbSBcIi4vZXZlbnQtYnJpZGdlL2RhdGEtZXZlbnQtYnVzXCI7XG5pbXBvcnQgeyBPcHNFdmVudEJ1cyB9IGZyb20gXCIuL2V2ZW50LWJyaWRnZS9vcHMtZXZlbnQtYnVzXCI7XG5cbmV4cG9ydCBpbnRlcmZhY2UgQ29yZVByb3BzIHtcbiAgLyoqXG4gICAqIFBhc3MgaW4gb3B0aW9ucyBmb3IgYW4gZXZlbnQgYnVzLCBvcHRpb25hbC5cbiAgICovXG4gIHJlYWRvbmx5IGRhdGFFdmVudEJ1c1Byb3BzPzogRXZlbnRCdXNQcm9wcztcblxuICAvKipcbiAgICogUGFzcyBpbiBvcHRpb25zIGZvciBhbiBldmVudCBidXMsIG9wdGlvbmFsLlxuICAgKi9cbiAgcmVhZG9ubHkgb3BzRXZlbnRCdXNQcm9wcz86IEV2ZW50QnVzUHJvcHM7XG5cbiAgLyoqXG4gICAqIE9wdGlvbmFsIGFyZ3MgZm9yIGNyZWF0aW5nIEhUVFAgQVBJLlxuICAgKi9cbiAgcmVhZG9ubHkgaHR0cEFwaVByb3BzPzogSHR0cEFwaVByb3BzO1xuXG4gIC8qKlxuICAgKiBPcHRpb25hbCBhcmdzIGZvciBjcmVhdGluZyB0aGUgY29yZSBHcmFwaFFMIEFQSS5cbiAgICovXG4gIHJlYWRvbmx5IGdyYXBocWxBcGlQcm9wcz86IEdyYXBocWxBcGlQcm9wcztcbn1cblxuZXhwb3J0IGNsYXNzIENvcmUgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICAvKipcbiAgICogSXMgdGhpcyBjb25zdHJ1Y3QgYmVpbmcgY3JlYXRlZCBpbiB0aGUgY29yZSBzZXJ2aWNlIG9yIGVsc2V3aGVyZT9cbiAgICovXG4gIHB1YmxpYyByZWFkb25seSBpc0NvcmVTZXJ2aWNlOiBib29sZWFuO1xuXG4gIC8qKlxuICAgKiBSZWZlcmVuY2UgdG8gdGhlIHN0YWNrIHRoaXMgY29yZSBjb25zdHJ1Y3QgaXMgcGFydCBvZi5cbiAgICovXG4gIHB1YmxpYyByZWFkb25seSBzZXJ2aWNlOiBPcGVuSGlTZXJ2aWNlO1xuXG4gIC8qKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKlxuICAgKlxuICAgKiBFdmVudCBCdXNcbiAgICpcbiAgICogVGhlc2UgYXJlIHRoZSBldmVudCBidXMgY29uc3RydWN0cyB1c2VkIGFjcm9zcyBhbGwgc2VydmljZXMgaW4gYW4gT3BlbkhJXG4gICAqIGFwcGxpY2F0aW9uLlxuICAgKlxuICAgKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKi9cblxuICAvKipcbiAgICogRXZlbnQgYnVzIHRoYXQgaGFuZGxlcyBkYXRhIGV2ZW50cy4gVGhpcyBidXMgaXMgdXNlZCBmb3IgZXZlbnRzIHJlbGF0ZWQgdG9cbiAgICogZGF0YSBwcm9jZXNzaW5nLCBzdWNoIGFzIGRhdGEgaW5nZXN0aW9uLCB0cmFuc2Zvcm1hdGlvbiwgYW5kIHN0b3JhZ2UuXG4gICAqL1xuICBwdWJsaWMgcmVhZG9ubHkgZGF0YUV2ZW50QnVzOiBJRXZlbnRCdXM7XG5cbiAgLyoqXG4gICAqIEV2ZW50IGJ1cyB0aGF0IGhhbmRsZXMgb3BlcmF0aW9uYWwgZXZlbnRzLiBUaGlzIGJ1cyBpcyB1c2VkIGZvciBldmVudHNcbiAgICogcmVsYXRlZCB0byBzeXN0ZW0gb3BlcmF0aW9ucywgc3VjaCBhcyBtb25pdG9yaW5nLCBhbGVydGluZywgYW5kIHN5c3RlbVxuICAgKiBoZWFsdGguXG4gICAqL1xuICBwdWJsaWMgcmVhZG9ubHkgb3BzRXZlbnRCdXM6IElFdmVudEJ1cztcblxuICAvKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKipcbiAgICpcbiAgICogQXV0aCBTdXBwb3J0XG4gICAqXG4gICAqIFRoZXNlIGFyZSB0aGUgYXV0aGVudGljYXRpb24gY29uc3RydWN0cyB1c2VkIGFjcm9zcyBhbGwgc2VydmljZXMgaW4gYW5cbiAgICogT3BlbkhJIGFwcGxpY2F0aW9uLlxuICAgKlxuICAgKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKi9cblxuICAvKipcbiAgICogS01TIEtleSB1c2VkIHRvIGVuY3J5cHQgdGhlIENvZ25pdG8gVXNlciBQb29sLiBXZSBuZWVkIGEgY3VzdG9tIGtleSBzbyB0aGF0XG4gICAqIHdlIGNhbiBkZWNyeXB0IHRva2VucyB3aGVuIHNlbmRpbmcgZW1haWxzIHVzaW5nIHNvbWV0aGluZyBvdGhlciB0aGFuIFNFUy5cbiAgICovXG4gIHB1YmxpYyByZWFkb25seSB1c2VyUG9vbEttc0tleTogSUtleTtcblxuICAvKipcbiAgICogQ29nbml0byBVc2VyIFBvb2wgZm9yIHVzZXIgbWFuYWdlbWVudCBhbmQgYXV0aGVudGljYXRpb24uXG4gICAqL1xuICBwdWJsaWMgcmVhZG9ubHkgdXNlclBvb2w6IElVc2VyUG9vbDtcblxuICAvKipcbiAgICogQ29nbml0byBVc2VyIFBvb2wgQ2xpZW50IGZvciBhcHBsaWNhdGlvbiBpbnRlZ3JhdGlvbiB3aXRoIHRoZSBVc2VyIFBvb2wuXG4gICAqL1xuICBwdWJsaWMgcmVhZG9ubHkgdXNlclBvb2xDbGllbnQ6IElVc2VyUG9vbENsaWVudDtcblxuICAvKipcbiAgICogQ29nbml0byBVc2VyIFBvb2wgRG9tYWluIGZvciBob3N0aW5nIHRoZSBDb2duaXRvIGhvc3RlZCBVSS5cbiAgICovXG4gIHB1YmxpYyByZWFkb25seSB1c2VyUG9vbERvbWFpbjogSVVzZXJQb29sRG9tYWluO1xuXG4gIC8qKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKlxuICAgKlxuICAgKiBBUEkgU3VwcG9ydFxuICAgKlxuICAgKiBHbG9iYWwgZW5kcG9pbnRzIGZvciBib3RoIEFwcCBTeW5jIGFuZCBBUEkgR2F0ZXdheSBhcmUgZGVmaW5lZCBoZXJlLiBUaGVzZVxuICAgKiBlbmRwb2ludHMgY2FuIGJlIHVzZWQvYXR0YWNoZWQgdG8gZ2xvYmFsbHkgYnkgYW55IHNlcnZpY2UuXG4gICAqXG4gICAqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqL1xuXG4gIC8qKlxuICAgKiBBUEkgR2F0ZXdheSBIVFRQIEFQSSBmb3IgaW5ib3VuZCBlbmRwb2ludCB0cmFmZmljLlxuICAgKi9cbiAgLy8gcHVibGljIHJlYWRvbmx5IGh0dHBBcGk6IElIdHRwQXBpO1xuXG4gIC8qKlxuICAgKiBBcHAgU3luYyBHcmFwaFFMIEFQSSBmb3IgaW5ib3VuZCBlbmRwb2ludCB0cmFmZmljLiBUaGlzIGlzIHRoZSBwcmltYXJ5XG4gICAqIGVudHJ5cG9pbnQgZm9yIGFsbCBzdWJncmFwaHMuXG4gICAqL1xuICAvLyBwdWJsaWMgcmVhZG9ubHkgZ3JhcGhxbEFwaTogSUdyYXBocWxBcGk7XG5cbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgcHJvcHM6IENvcmVQcm9wcyA9IHt9KSB7XG4gICAgc3VwZXIoc2NvcGUsIFwiY29yZVwiKTtcblxuICAgIC8qKlxuICAgICAqIERldGVybWluZSBpZiB3ZSBhcmUgaW4gdGhlIGNvcmUgc2VydmljZSBvciBub3QuXG4gICAgICovXG4gICAgLyoqXG4gICAgICogUmVmZXJlbmNlIHRvIHBhcmVudCBzdGFjayB0aGlzIGJlbG9uZ3MgdG8uXG4gICAgICovXG4gICAgdGhpcy5zZXJ2aWNlID0gT3BlbkhpU2VydmljZS5vZih0aGlzKSBhcyBPcGVuSGlTZXJ2aWNlO1xuICAgIHRoaXMuaXNDb3JlU2VydmljZSA9IHRoaXMuc2VydmljZS5zZXJ2aWNlVHlwZSA9PT0gT1BFTl9ISV9TRVJWSUNFX1RZUEUuQ09SRTtcblxuICAgIC8qKlxuICAgICAqIEV2ZW50IEJ1cyBTdXBwb3J0XG4gICAgICovXG4gICAgdGhpcy5kYXRhRXZlbnRCdXMgPSB0aGlzLmNyZWF0ZURhdGFFdmVudEJ1cyhwcm9wcy5kYXRhRXZlbnRCdXNQcm9wcyk7XG4gICAgdGhpcy5vcHNFdmVudEJ1cyA9IHRoaXMuY3JlYXRlT3BzRXZlbnRCdXMocHJvcHMub3BzRXZlbnRCdXNQcm9wcyk7XG5cbiAgICAvKipcbiAgICAgKiBBdXRoIFN1cHBvcnRcbiAgICAgKi9cbiAgICBjb25zdCBhdXRoID0gQXV0aC5mcm9tQ29uc3RydWN0KHRoaXMpO1xuICAgIHRoaXMudXNlclBvb2xLbXNLZXkgPSBhdXRoLnVzZXJQb29sS21zS2V5O1xuICAgIHRoaXMudXNlclBvb2wgPSBhdXRoLnVzZXJQb29sO1xuICAgIHRoaXMudXNlclBvb2xDbGllbnQgPSBhdXRoLnVzZXJQb29sQ2xpZW50O1xuICAgIHRoaXMudXNlclBvb2xEb21haW4gPSBhdXRoLnVzZXJQb29sRG9tYWluO1xuXG4gICAgLyoqXG4gICAgICogQVBJIFN1cHBvcnRcbiAgICAgKi9cbiAgICAvLyB0aGlzLmh0dHBBcGkgPSB0aGlzLmNyZWF0ZUh0dHBBcGkocHJvcHMuaHR0cEFwaVByb3BzKTtcbiAgICAvLyB0aGlzLmdyYXBocWxBcGkgPSB0aGlzLmNyZWF0ZUdyYXBoUWxBcGkocHJvcHMuZ3JhcGhxbEFwaVByb3BzKTtcbiAgfVxuXG4gIC8qKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKlxuICAgKlxuICAgKiBFdmVudCBCdXMgU3VwcG9ydFxuICAgKlxuICAgKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKi9cblxuICBwcm90ZWN0ZWQgY3JlYXRlRGF0YUV2ZW50QnVzKHByb3BzPzogRXZlbnRCdXNQcm9wcyk6IElFdmVudEJ1cyB7XG4gICAgaWYgKCF0aGlzLmRhdGFFdmVudEJ1cykge1xuICAgICAgcmV0dXJuIHRoaXMuaXNDb3JlU2VydmljZVxuICAgICAgICA/IG5ldyBEYXRhRXZlbnRCdXModGhpcywgcHJvcHMpXG4gICAgICAgIDogRGF0YUV2ZW50QnVzLmZyb21Db25zdHJ1Y3QodGhpcyk7XG4gICAgfVxuICAgIHJldHVybiB0aGlzLmRhdGFFdmVudEJ1cztcbiAgfVxuXG4gIHByb3RlY3RlZCBjcmVhdGVPcHNFdmVudEJ1cyhwcm9wcz86IEV2ZW50QnVzUHJvcHMpOiBJRXZlbnRCdXMge1xuICAgIGlmICghdGhpcy5vcHNFdmVudEJ1cykge1xuICAgICAgcmV0dXJuIHRoaXMuaXNDb3JlU2VydmljZVxuICAgICAgICA/IG5ldyBPcHNFdmVudEJ1cyh0aGlzLCBwcm9wcylcbiAgICAgICAgOiBPcHNFdmVudEJ1cy5mcm9tQ29uc3RydWN0KHRoaXMpO1xuICAgIH1cbiAgICByZXR1cm4gdGhpcy5vcHNFdmVudEJ1cztcbiAgfVxuXG4gIC8qKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKlxuICAgKlxuICAgKiBBUEkgRW5kcG9pbnRzIFN1cHBvcnRcbiAgICpcbiAgICoqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKiovXG5cbiAgLy8gcHJvdGVjdGVkIGNyZWF0ZUh0dHBBcGkocHJvcHM/OiBIdHRwQXBpUHJvcHMpOiBJSHR0cEFwaSB7XG4gIC8vICAgaWYgKCF0aGlzLmh0dHBBcGkpIHtcbiAgLy8gICAgIHJldHVybiB0aGlzLmlzQ29yZVNlcnZpY2VcbiAgLy8gICAgICAgPyBuZXcgQ29yZUh0dHBBcGkodGhpcywge1xuICAvLyAgICAgICAgICAgLyoqXG4gIC8vICAgICAgICAgICAgKiBVc2VyIHByb3ZpZGVkIHByb3BzXG4gIC8vICAgICAgICAgICAgKi9cbiAgLy8gICAgICAgICAgIC4uLnByb3BzLFxuXG4gIC8vICAgICAgICAgICAvKipcbiAgLy8gICAgICAgICAgICAqIFJlcXVpcmVkXG4gIC8vICAgICAgICAgICAgKi9cbiAgLy8gICAgICAgICAgIGRlZmF1bHRBdXRob3JpemVyOiBuZXcgSHR0cFVzZXJQb29sQXV0aG9yaXplcihcbiAgLy8gICAgICAgICAgICAgXCJjb2duaXRvLWF1dGhvcml6ZXJcIixcbiAgLy8gICAgICAgICAgICAgdGhpcy51c2VyUG9vbCxcbiAgLy8gICAgICAgICAgICksXG4gIC8vICAgICAgICAgfSlcbiAgLy8gICAgICAgOiBDb3JlSHR0cEFwaS5mcm9tQ29uc3RydWN0KHRoaXMpO1xuICAvLyAgIH1cbiAgLy8gICByZXR1cm4gdGhpcy5odHRwQXBpO1xuICAvLyB9XG5cbiAgLy8gcHJvdGVjdGVkIGNyZWF0ZUdyYXBoUWxBcGkoXG4gIC8vICAgcHJvcHM/OiBPbWl0PEdyYXBocWxBcGlQcm9wcywgXCJuYW1lXCI+LFxuICAvLyApOiBJR3JhcGhxbEFwaSB7XG4gIC8vICAgaWYgKCF0aGlzLmdyYXBocWxBcGkpIHtcbiAgLy8gICAgIHJldHVybiB0aGlzLmlzQ29yZVNlcnZpY2VcbiAgLy8gICAgICAgPyBuZXcgQ29yZUdyYXBocWxBcGkodGhpcywge1xuICAvLyAgICAgICAgICAgLyoqXG4gIC8vICAgICAgICAgICAgKiBVc2VyIGFyZ3NcbiAgLy8gICAgICAgICAgICAqL1xuICAvLyAgICAgICAgICAgLi4ucHJvcHMsXG5cbiAgLy8gICAgICAgICAgIC8qKlxuICAvLyAgICAgICAgICAgICogUmVxdWlyZWQgYXJnc1xuICAvLyAgICAgICAgICAgICovXG4gIC8vICAgICAgICAgICBhdXRob3JpemF0aW9uQ29uZmlnOiB7XG4gIC8vICAgICAgICAgICAgIGRlZmF1bHRBdXRob3JpemF0aW9uOiB7XG4gIC8vICAgICAgICAgICAgICAgYXV0aG9yaXphdGlvblR5cGU6IEF1dGhvcml6YXRpb25UeXBlLlVTRVJfUE9PTCxcbiAgLy8gICAgICAgICAgICAgICB1c2VyUG9vbENvbmZpZzoge1xuICAvLyAgICAgICAgICAgICAgICAgdXNlclBvb2w6IHRoaXMudXNlclBvb2wsXG4gIC8vICAgICAgICAgICAgICAgfSxcbiAgLy8gICAgICAgICAgICAgfSxcbiAgLy8gICAgICAgICAgIH0sXG4gIC8vICAgICAgICAgfSlcbiAgLy8gICAgICAgOiBDb3JlR3JhcGhxbEFwaS5mcm9tQ29uc3RydWN0KHRoaXMpO1xuICAvLyAgIH1cbiAgLy8gICByZXR1cm4gdGhpcy5ncmFwaHFsQXBpO1xuICAvLyB9XG59XG4iXX0=