@openhi/constructs 0.0.146 → 0.0.148
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/index.d.mts +7 -2
- package/lib/index.d.ts +7 -2
- package/lib/index.js +12 -3
- package/lib/index.js.map +1 -1
- package/lib/index.mjs +12 -3
- package/lib/index.mjs.map +1 -1
- package/lib/pre-token-generation.handler.js +33 -22
- package/lib/pre-token-generation.handler.js.map +1 -1
- package/lib/pre-token-generation.handler.mjs +33 -22
- package/lib/pre-token-generation.handler.mjs.map +1 -1
- package/package.json +10 -10
|
@@ -3281,6 +3281,28 @@ async function resolvePlatformRoles(tenantId, workspaceId, userId) {
|
|
|
3281
3281
|
}
|
|
3282
3282
|
return Array.from(codes);
|
|
3283
3283
|
}
|
|
3284
|
+
function placeholderClaims() {
|
|
3285
|
+
return {
|
|
3286
|
+
ohi_tid: "placeholder-tenant-id",
|
|
3287
|
+
ohi_wid: "placeholder-workspace-id",
|
|
3288
|
+
ohi_uid: "placeholder-user-id",
|
|
3289
|
+
ohi_uname: "placeholder"
|
|
3290
|
+
};
|
|
3291
|
+
}
|
|
3292
|
+
function stampClaims(event, claims) {
|
|
3293
|
+
if (!event.response) {
|
|
3294
|
+
event.response = {};
|
|
3295
|
+
}
|
|
3296
|
+
const response = event.response;
|
|
3297
|
+
response.claimsAndScopeOverrideDetails = {
|
|
3298
|
+
accessTokenGeneration: {
|
|
3299
|
+
claimsToAddOrOverride: { ...claims }
|
|
3300
|
+
},
|
|
3301
|
+
idTokenGeneration: {
|
|
3302
|
+
claimsToAddOrOverride: { ...claims }
|
|
3303
|
+
}
|
|
3304
|
+
};
|
|
3305
|
+
}
|
|
3284
3306
|
var handler = async (event, _context) => {
|
|
3285
3307
|
try {
|
|
3286
3308
|
const cognitoSub = event.request?.userAttributes?.sub;
|
|
@@ -3290,32 +3312,21 @@ var handler = async (event, _context) => {
|
|
|
3290
3312
|
);
|
|
3291
3313
|
return event;
|
|
3292
3314
|
}
|
|
3293
|
-
|
|
3294
|
-
|
|
3295
|
-
claims = {
|
|
3296
|
-
ohi_tid: "placeholder-tenant-id",
|
|
3297
|
-
ohi_wid: "placeholder-workspace-id",
|
|
3298
|
-
ohi_uid: "placeholder-user-id",
|
|
3299
|
-
ohi_uname: "placeholder"
|
|
3300
|
-
};
|
|
3301
|
-
}
|
|
3302
|
-
if (!event.response) {
|
|
3303
|
-
event.response = {};
|
|
3304
|
-
}
|
|
3305
|
-
const response = event.response;
|
|
3306
|
-
response.claimsAndScopeOverrideDetails = {
|
|
3307
|
-
accessTokenGeneration: {
|
|
3308
|
-
claimsToAddOrOverride: { ...claims }
|
|
3309
|
-
},
|
|
3310
|
-
idTokenGeneration: {
|
|
3311
|
-
claimsToAddOrOverride: { ...claims }
|
|
3312
|
-
}
|
|
3313
|
-
};
|
|
3315
|
+
const resolved = await resolveClaims(cognitoSub);
|
|
3316
|
+
stampClaims(event, resolved ?? placeholderClaims());
|
|
3314
3317
|
} catch (err) {
|
|
3315
3318
|
console.warn(
|
|
3316
|
-
"PreTokenGeneration: unexpected error;
|
|
3319
|
+
"PreTokenGeneration: unexpected error; stamping placeholder claims",
|
|
3317
3320
|
err
|
|
3318
3321
|
);
|
|
3322
|
+
try {
|
|
3323
|
+
stampClaims(event, placeholderClaims());
|
|
3324
|
+
} catch (stampErr) {
|
|
3325
|
+
console.warn(
|
|
3326
|
+
"PreTokenGeneration: failed to stamp placeholder claims after error; returning event unchanged",
|
|
3327
|
+
stampErr
|
|
3328
|
+
);
|
|
3329
|
+
}
|
|
3319
3330
|
}
|
|
3320
3331
|
return event;
|
|
3321
3332
|
};
|