@pristine-ts/aws-cognito 0.0.213 → 0.0.217
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/lib/cjs/authenticators/aws-cognito.authenticator.js +6 -0
- package/dist/lib/cjs/authenticators/aws-cognito.authenticator.js.map +1 -1
- package/dist/lib/cjs/aws-cognito.module.js +6 -2
- package/dist/lib/cjs/aws-cognito.module.js.map +1 -1
- package/dist/lib/cjs/guards/aws-cognito-group.guard.js +5 -2
- package/dist/lib/cjs/guards/aws-cognito-group.guard.js.map +1 -1
- package/dist/lib/esm/authenticators/aws-cognito.authenticator.js +6 -0
- package/dist/lib/esm/authenticators/aws-cognito.authenticator.js.map +1 -1
- package/dist/lib/esm/aws-cognito.module.js +6 -2
- package/dist/lib/esm/aws-cognito.module.js.map +1 -1
- package/dist/lib/esm/guards/aws-cognito-group.guard.js +5 -2
- package/dist/lib/esm/guards/aws-cognito-group.guard.js.map +1 -1
- package/dist/types/authenticators/aws-cognito.authenticator.d.ts +22 -0
- package/dist/types/guards/aws-cognito-group.guard.d.ts +8 -2
- package/dist/types/interfaces/claim.interface.d.ts +24 -0
- package/dist/types/interfaces/public-key.interface.d.ts +18 -0
- package/dist/types/interfaces/token-header.interface.d.ts +6 -0
- package/package.json +5 -5
|
@@ -54,6 +54,12 @@ const jwt = __importStar(require("jsonwebtoken"));
|
|
|
54
54
|
const common_1 = require("@pristine-ts/common");
|
|
55
55
|
const http_1 = require("@pristine-ts/http");
|
|
56
56
|
const jwk_to_pem_1 = __importDefault(require("jwk-to-pem"));
|
|
57
|
+
/**
|
|
58
|
+
* The AwsCognitoAuthenticator is an authenticator that can be passed to the @authenticator decorator on a
|
|
59
|
+
* controller class to authenticate the incoming requests using AWS Cognito.
|
|
60
|
+
*
|
|
61
|
+
* It is singleton so that the PEMs can be cached.
|
|
62
|
+
*/
|
|
57
63
|
let AwsCognitoAuthenticator = class AwsCognitoAuthenticator {
|
|
58
64
|
/**
|
|
59
65
|
* The AWS cognito authenticator that can be passed to the @authenticator decorator.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"aws-cognito.authenticator.js","sourceRoot":"","sources":["../../../../src/authenticators/aws-cognito.authenticator.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAuD;AACvD,8EAAsE;AACtE,kDAAoC;AACpC,gDAAkE;AAIlE,4CAAwE;AAExE,4DAAqC;
|
|
1
|
+
{"version":3,"file":"aws-cognito.authenticator.js","sourceRoot":"","sources":["../../../../src/authenticators/aws-cognito.authenticator.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAuD;AACvD,8EAAsE;AACtE,kDAAoC;AACpC,gDAAkE;AAIlE,4CAAwE;AAExE,4DAAqC;AAGrC;;;;;GAKG;AAGI,IAAM,uBAAuB,GAA7B,MAAM,uBAAuB;IA0BhC;;;;;;OAMG;IACH,YAA4E,MAAc,EACd,MAAc,EAC9B,UAA+B,EAC/B,UAA+B;QAHf,WAAM,GAAN,MAAM,CAAQ;QACd,WAAM,GAAN,MAAM,CAAQ;QAC9B,eAAU,GAAV,UAAU,CAAqB;QAC/B,eAAU,GAAV,UAAU,CAAqB;QAEvF,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAC7C,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC;IAC/C,CAAC;IAED;;;OAGG;IACH,UAAU,CAAC,OAAY;QACnB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC7B,CAAC;IAED;;;OAGG;IACG,YAAY,CAAC,OAAgB;;;YAC/B,IAAI,CAAC,UAAU,GAAG,MAAA,IAAI,CAAC,UAAU,mCAAI,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;YAC1D,MAAM,KAAK,GAAG,IAAI,CAAC,6BAA6B,CAAC,OAAO,CAAC,CAAC;YAC1D,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;YAEzD,MAAM,KAAK,GAAG,IAAI,CAAC,kBAAkB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;YAElD,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,iBAAiB,EAAE;gBACrC,KAAK;aACR,EAAE,oDAAuB,CAAC,CAAC;YAE5B,OAAO;gBACH,EAAE,EAAE,KAAK,CAAC,kBAAkB,CAAC;gBAC7B,MAAM,EAAE,KAAK;aAChB,CAAA;;KACJ;IAED;;;OAGG;IACK,gBAAgB;QACpB,OAAO,sBAAsB,GAAG,IAAI,CAAC,MAAM,GAAG,iBAAiB,GAAG,IAAI,CAAC,MAAM,CAAA;IACjF,CAAC;IAED;;;OAGG;IACK,eAAe;QACnB,OAAO,IAAI,CAAC,aAAa,GAAG,wBAAwB,CAAC;IACzD,CAAC;IAED;;;OAGG;IACW,OAAO;;YACjB,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;gBACrD,UAAU,EAAE,mBAAU,CAAC,GAAG;gBAC1B,GAAG,EAAE,IAAI,CAAC,YAAY;aACzB,EAAE;gBACC,YAAY,EAAE,uBAAgB,CAAC,IAAI;aACtC,CAAC,CAAC;YAEH,MAAM,UAAU,GAAG,kBAAkB,CAAC,IAAI,CAAC;YAE3C,MAAM,IAAI,GAA4B,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,GAAQ,EAAE,OAAY,EAAE,EAAE;gBACpF,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,IAAA,oBAAW,EAAC,OAAO,CAAC,CAAC;gBACxC,OAAO,GAAG,CAAC;YACf,CAAC,EAAE,EAA6B,CAAC,CAAC;YAElC,OAAO,IAAI,CAAC;QAChB,CAAC;KAAA;IAED;;;;OAIG;IACH,8EAA8E;IACtE,6BAA6B,CAAC,OAAgB;;QAClD,IAAI,OAAO,CAAC,OAAO,KAAK,SAAS,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,eAAe,CAAC,KAAK,KAAK,IAAI,OAAO,CAAC,SAAS,CAAC,eAAe,CAAC,KAAK,KAAK,CAAC,EAAE;YACjI,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;YACzE,sGAAsG;SACzG;QAED,MAAM,mBAAmB,GAAG,MAAA,OAAO,CAAC,OAAO,CAAC,aAAa,mCAAI,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QAE3F,IAAI,mBAAmB,KAAK,SAAS,EAAE;YACnC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;YAEzE,sGAAsG;SACzG;QAED,IAAI,mBAAmB,CAAC,UAAU,CAAC,SAAS,CAAC,KAAK,KAAK,EAAE;YACrD,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;YAElF,8GAA8G;SACjH;QAED,OAAO,mBAAmB,CAAC,MAAM,CAAC,CAAC,EAAE,mBAAmB,CAAC,MAAM,CAAC,CAAC;IACrE,CAAC;IAED;;;;;OAKG;IACK,kBAAkB,CAAC,KAAa,EAAE,GAAW;QACjD,IAAI,KAAK,CAAC;QACV,IAAI;YACA,KAAK,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,GAAG,CAAmB,CAAC;SACpD;QAAC,OAAM,GAAG,EAAE;YACT,MAAM,IAAI,KAAK,CAAC,eAAe,GAAI,GAAa,CAAC,OAAO,CAAC,CAAC;SAC7D;QAED,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAAE,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;QAClE,IAAI,cAAc,GAAG,KAAK,CAAC,GAAG,IAAI,cAAc,GAAG,KAAK,CAAC,SAAS,EAAE;YAChE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;SAClD;QACD,IAAI,KAAK,CAAC,GAAG,KAAK,IAAI,CAAC,aAAa,EAAE;YAClC,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;SAC9C;QAED,4EAA4E;QAC5E,sCAAsC;QACtC,kDAAkD;QAClD,IAAI;QAEJ,OAAO,KAAK,CAAC;IACjB,CAAC;IAED;;;;;OAKG;IACK,eAAe,CAAC,KAAa,EAAE,IAA4B;QAC/D,MAAM,MAAM,GAAG,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;QAC1C,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7B,IAAI,GAAG,KAAK,SAAS,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;SACjD;QACD,OAAO,GAAG,CAAC;IACf,CAAC;IAED;;;;OAIG;IACK,cAAc,CAAC,KAAa;QAChC,MAAM,aAAa,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/C,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE;YAC1B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;SACvC;QACD,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC5E,OAAQ,IAAI,CAAC,KAAK,CAAC,UAAU,CAAyB,CAAC;IAC3D,CAAC;CACJ,CAAA;AArMY,uBAAuB;IAFnC,IAAA,oBAAS,GAAE;IACX,IAAA,qBAAU,GAAE;IAkCI,WAAA,IAAA,iBAAM,EAAC,IAAI,oDAAuB,UAAU,CAAC,CAAA;IAC7C,WAAA,IAAA,iBAAM,EAAC,IAAI,oDAAuB,UAAU,CAAC,CAAA;IAC7C,WAAA,IAAA,iBAAM,EAAC,qBAAqB,CAAC,CAAA;IAC7B,WAAA,IAAA,iBAAM,EAAC,qBAAqB,CAAC,CAAA;;GApCjC,uBAAuB,CAqMnC;AArMY,0DAAuB"}
|
|
@@ -24,7 +24,9 @@ __exportStar(require("./interfaces/interfaces"), exports);
|
|
|
24
24
|
exports.AwsCognitoModule = {
|
|
25
25
|
keyname: aws_cognito_module_keyname_1.AwsCognitoModuleKeyname,
|
|
26
26
|
configurationDefinitions: [
|
|
27
|
-
|
|
27
|
+
/**
|
|
28
|
+
* The AWS region in which Cognito is setup.
|
|
29
|
+
*/
|
|
28
30
|
{
|
|
29
31
|
parameterName: aws_cognito_module_keyname_1.AwsCognitoModuleKeyname + ".region",
|
|
30
32
|
isRequired: false,
|
|
@@ -33,7 +35,9 @@ exports.AwsCognitoModule = {
|
|
|
33
35
|
new configuration_1.EnvironmentVariableResolver("AWS_REGION"),
|
|
34
36
|
]
|
|
35
37
|
},
|
|
36
|
-
|
|
38
|
+
/**
|
|
39
|
+
* The pool id of the Cognito user pool.
|
|
40
|
+
*/
|
|
37
41
|
{
|
|
38
42
|
parameterName: aws_cognito_module_keyname_1.AwsCognitoModuleKeyname + ".poolId",
|
|
39
43
|
isRequired: true,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"aws-cognito.module.js","sourceRoot":"","sources":["../../../src/aws-cognito.module.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AACA,6EAAqE;AACrE,4CAA6C;AAC7C,8DAAuE;AAEvE,kEAAgD;AAChD,kDAAgC;AAChC,0DAAwC;AAE3B,QAAA,gBAAgB,GAAoB;IAC7C,OAAO,EAAE,oDAAuB;IAChC,wBAAwB,EAAE;QACtB
|
|
1
|
+
{"version":3,"file":"aws-cognito.module.js","sourceRoot":"","sources":["../../../src/aws-cognito.module.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AACA,6EAAqE;AACrE,4CAA6C;AAC7C,8DAAuE;AAEvE,kEAAgD;AAChD,kDAAgC;AAChC,0DAAwC;AAE3B,QAAA,gBAAgB,GAAoB;IAC7C,OAAO,EAAE,oDAAuB;IAChC,wBAAwB,EAAE;QACtB;;WAEG;QACH;YACI,aAAa,EAAE,oDAAuB,GAAG,SAAS;YAClD,UAAU,EAAE,KAAK;YACjB,YAAY,EAAE,WAAW;YACzB,gBAAgB,EAAE;gBACd,IAAI,2CAA2B,CAAC,YAAY,CAAC;aAChD;SACJ;QACD;;WAEG;QACH;YACI,aAAa,EAAE,oDAAuB,GAAG,SAAS;YAClD,UAAU,EAAE,IAAI;YAChB,gBAAgB,EAAE;gBACd,IAAI,2CAA2B,CAAC,8BAA8B,CAAC;aAClE;SACJ;KACJ;IACD,aAAa,EAAE;QACX,iBAAU;KACb;CACJ,CAAA"}
|
|
@@ -18,11 +18,14 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
18
18
|
exports.AwsCognitoGroupGuard = void 0;
|
|
19
19
|
const tsyringe_1 = require("tsyringe");
|
|
20
20
|
/**
|
|
21
|
-
* A guard for which you can specify the Cognito groups that a user needs to access call. To be used with the @guard decorator (ie:
|
|
22
|
-
@guard(AwsCognitoGroupGuard, {groups: ["ADMIN"]}) ).
|
|
21
|
+
* A guard for which you can specify the Cognito groups that a user needs to access the call. To be used with the @guard decorator (ie:
|
|
22
|
+
* @guard(AwsCognitoGroupGuard, {groups: ["ADMIN"]}) ).
|
|
23
23
|
*/
|
|
24
24
|
let AwsCognitoGroupGuard = class AwsCognitoGroupGuard {
|
|
25
25
|
constructor() {
|
|
26
|
+
/**
|
|
27
|
+
* The keyname of the guard.
|
|
28
|
+
*/
|
|
26
29
|
this.keyname = "cognito.group";
|
|
27
30
|
}
|
|
28
31
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"aws-cognito-group.guard.js","sourceRoot":"","sources":["../../../../src/guards/aws-cognito-group.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;AAAA,uCAA4C;AAK5C;;;GAGG;
|
|
1
|
+
{"version":3,"file":"aws-cognito-group.guard.js","sourceRoot":"","sources":["../../../../src/guards/aws-cognito-group.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;AAAA,uCAA4C;AAK5C;;;GAGG;AAEI,IAAM,oBAAoB,GAA1B,MAAM,oBAAoB;IAA1B;QACH;;WAEG;QACI,YAAO,GAAG,eAAe,CAAC;IA2CrC,CAAC;IApCG;;;OAGG;IACH,UAAU,CAAC,OAAY;QACnB,IAAI,CAAC,YAAY,GAAG,OAAO,CAAC;QAE5B,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC7B,CAAC;IAED;;;;OAIG;IACG,YAAY,CAAC,OAAgB,EAAE,QAA4B;;;YAC7D,MAAM,YAAY,GAAa,EAAE,CAAC;YAClC,IAAG,IAAI,CAAC,YAAY,KAAK,SAAS,EAAE;gBAChC,OAAO,KAAK,CAAC;aAChB;YAED,IAAG,IAAI,CAAC,YAAY,CAAC,OAAO,IAAI,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,cAAc,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,MAAM,CAAC,EAAC;gBAClI,YAAY,CAAC,IAAI,CAAC,GAAI,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;aAC3D;YAED,wDAAwD;YACxD,IAAG,YAAY,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,CAAA,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,0CAAE,cAAc,CAAC,gBAAgB,CAAC,MAAK,KAAK,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAC;gBAC/I,OAAO,KAAK,CAAC;aAChB;YACD,KAAI,MAAM,KAAK,IAAI,YAAY,EAAE;gBAC7B,IAAG,CAAC,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,CAAC,gBAAgB,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAA,EAAC;oBACnD,OAAO,KAAK,CAAC;iBAChB;aACJ;YACD,OAAO,IAAI,CAAC;;KACf;CACJ,CAAA;AA/CY,oBAAoB;IADhC,IAAA,qBAAU,GAAE;GACA,oBAAoB,CA+ChC;AA/CY,oDAAoB"}
|
|
@@ -25,6 +25,12 @@ import * as jwt from "jsonwebtoken";
|
|
|
25
25
|
import { HttpMethod } from "@pristine-ts/common";
|
|
26
26
|
import { ResponseTypeEnum } from "@pristine-ts/http";
|
|
27
27
|
import jwkToBuffer from "jwk-to-pem";
|
|
28
|
+
/**
|
|
29
|
+
* The AwsCognitoAuthenticator is an authenticator that can be passed to the @authenticator decorator on a
|
|
30
|
+
* controller class to authenticate the incoming requests using AWS Cognito.
|
|
31
|
+
*
|
|
32
|
+
* It is singleton so that the PEMs can be cached.
|
|
33
|
+
*/
|
|
28
34
|
let AwsCognitoAuthenticator = class AwsCognitoAuthenticator {
|
|
29
35
|
/**
|
|
30
36
|
* The AWS cognito authenticator that can be passed to the @authenticator decorator.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"aws-cognito.authenticator.js","sourceRoot":"","sources":["../../../../src/authenticators/aws-cognito.authenticator.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA,OAAO,EAAC,MAAM,EAAE,UAAU,EAAE,SAAS,EAAC,MAAM,UAAU,CAAC;AACvD,OAAO,EAAC,uBAAuB,EAAC,MAAM,+BAA+B,CAAC;AACtE,OAAO,KAAK,GAAG,MAAM,cAAc,CAAC;AACpC,OAAO,EAAC,UAAU,EAAoB,MAAM,qBAAqB,CAAC;AAIlE,OAAO,EAAsB,gBAAgB,EAAC,MAAM,mBAAmB,CAAC;AAExE,OAAO,WAAW,MAAM,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"aws-cognito.authenticator.js","sourceRoot":"","sources":["../../../../src/authenticators/aws-cognito.authenticator.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA,OAAO,EAAC,MAAM,EAAE,UAAU,EAAE,SAAS,EAAC,MAAM,UAAU,CAAC;AACvD,OAAO,EAAC,uBAAuB,EAAC,MAAM,+BAA+B,CAAC;AACtE,OAAO,KAAK,GAAG,MAAM,cAAc,CAAC;AACpC,OAAO,EAAC,UAAU,EAAoB,MAAM,qBAAqB,CAAC;AAIlE,OAAO,EAAsB,gBAAgB,EAAC,MAAM,mBAAmB,CAAC;AAExE,OAAO,WAAW,MAAM,YAAY,CAAC;AAGrC;;;;;GAKG;AAGI,IAAM,uBAAuB,GAA7B,MAAM,uBAAuB;IA0BhC;;;;;;OAMG;IACH,YAA4E,MAAc,EACd,MAAc,EAC9B,UAA+B,EAC/B,UAA+B;QAHf,WAAM,GAAN,MAAM,CAAQ;QACd,WAAM,GAAN,MAAM,CAAQ;QAC9B,eAAU,GAAV,UAAU,CAAqB;QAC/B,eAAU,GAAV,UAAU,CAAqB;QAEvF,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAC7C,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC;IAC/C,CAAC;IAED;;;OAGG;IACH,UAAU,CAAC,OAAY;QACnB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC7B,CAAC;IAED;;;OAGG;IACG,YAAY,CAAC,OAAgB;;;YAC/B,IAAI,CAAC,UAAU,GAAG,MAAA,IAAI,CAAC,UAAU,mCAAI,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;YAC1D,MAAM,KAAK,GAAG,IAAI,CAAC,6BAA6B,CAAC,OAAO,CAAC,CAAC;YAC1D,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;YAEzD,MAAM,KAAK,GAAG,IAAI,CAAC,kBAAkB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;YAElD,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,iBAAiB,EAAE;gBACrC,KAAK;aACR,EAAE,uBAAuB,CAAC,CAAC;YAE5B,OAAO;gBACH,EAAE,EAAE,KAAK,CAAC,kBAAkB,CAAC;gBAC7B,MAAM,EAAE,KAAK;aAChB,CAAA;;KACJ;IAED;;;OAGG;IACK,gBAAgB;QACpB,OAAO,sBAAsB,GAAG,IAAI,CAAC,MAAM,GAAG,iBAAiB,GAAG,IAAI,CAAC,MAAM,CAAA;IACjF,CAAC;IAED;;;OAGG;IACK,eAAe;QACnB,OAAO,IAAI,CAAC,aAAa,GAAG,wBAAwB,CAAC;IACzD,CAAC;IAED;;;OAGG;IACW,OAAO;;YACjB,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;gBACrD,UAAU,EAAE,UAAU,CAAC,GAAG;gBAC1B,GAAG,EAAE,IAAI,CAAC,YAAY;aACzB,EAAE;gBACC,YAAY,EAAE,gBAAgB,CAAC,IAAI;aACtC,CAAC,CAAC;YAEH,MAAM,UAAU,GAAG,kBAAkB,CAAC,IAAI,CAAC;YAE3C,MAAM,IAAI,GAA4B,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,GAAQ,EAAE,OAAY,EAAE,EAAE;gBACpF,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;gBACxC,OAAO,GAAG,CAAC;YACf,CAAC,EAAE,EAA6B,CAAC,CAAC;YAElC,OAAO,IAAI,CAAC;QAChB,CAAC;KAAA;IAED;;;;OAIG;IACH,8EAA8E;IACtE,6BAA6B,CAAC,OAAgB;;QAClD,IAAI,OAAO,CAAC,OAAO,KAAK,SAAS,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,eAAe,CAAC,KAAK,KAAK,IAAI,OAAO,CAAC,SAAS,CAAC,eAAe,CAAC,KAAK,KAAK,CAAC,EAAE;YACjI,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;YACzE,sGAAsG;SACzG;QAED,MAAM,mBAAmB,GAAG,MAAA,OAAO,CAAC,OAAO,CAAC,aAAa,mCAAI,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QAE3F,IAAI,mBAAmB,KAAK,SAAS,EAAE;YACnC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;YAEzE,sGAAsG;SACzG;QAED,IAAI,mBAAmB,CAAC,UAAU,CAAC,SAAS,CAAC,KAAK,KAAK,EAAE;YACrD,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;YAElF,8GAA8G;SACjH;QAED,OAAO,mBAAmB,CAAC,MAAM,CAAC,CAAC,EAAE,mBAAmB,CAAC,MAAM,CAAC,CAAC;IACrE,CAAC;IAED;;;;;OAKG;IACK,kBAAkB,CAAC,KAAa,EAAE,GAAW;QACjD,IAAI,KAAK,CAAC;QACV,IAAI;YACA,KAAK,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,GAAG,CAAmB,CAAC;SACpD;QAAC,OAAM,GAAG,EAAE;YACT,MAAM,IAAI,KAAK,CAAC,eAAe,GAAI,GAAa,CAAC,OAAO,CAAC,CAAC;SAC7D;QAED,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAAE,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;QAClE,IAAI,cAAc,GAAG,KAAK,CAAC,GAAG,IAAI,cAAc,GAAG,KAAK,CAAC,SAAS,EAAE;YAChE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;SAClD;QACD,IAAI,KAAK,CAAC,GAAG,KAAK,IAAI,CAAC,aAAa,EAAE;YAClC,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;SAC9C;QAED,4EAA4E;QAC5E,sCAAsC;QACtC,kDAAkD;QAClD,IAAI;QAEJ,OAAO,KAAK,CAAC;IACjB,CAAC;IAED;;;;;OAKG;IACK,eAAe,CAAC,KAAa,EAAE,IAA4B;QAC/D,MAAM,MAAM,GAAG,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;QAC1C,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7B,IAAI,GAAG,KAAK,SAAS,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;SACjD;QACD,OAAO,GAAG,CAAC;IACf,CAAC;IAED;;;;OAIG;IACK,cAAc,CAAC,KAAa;QAChC,MAAM,aAAa,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/C,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE;YAC1B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;SACvC;QACD,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC5E,OAAQ,IAAI,CAAC,KAAK,CAAC,UAAU,CAAyB,CAAC;IAC3D,CAAC;CACJ,CAAA;AArMY,uBAAuB;IAFnC,SAAS,EAAE;IACX,UAAU,EAAE;IAkCI,WAAA,MAAM,CAAC,IAAI,uBAAuB,UAAU,CAAC,CAAA;IAC7C,WAAA,MAAM,CAAC,IAAI,uBAAuB,UAAU,CAAC,CAAA;IAC7C,WAAA,MAAM,CAAC,qBAAqB,CAAC,CAAA;IAC7B,WAAA,MAAM,CAAC,qBAAqB,CAAC,CAAA;;GApCjC,uBAAuB,CAqMnC;SArMY,uBAAuB"}
|
|
@@ -7,7 +7,9 @@ export * from "./interfaces/interfaces";
|
|
|
7
7
|
export const AwsCognitoModule = {
|
|
8
8
|
keyname: AwsCognitoModuleKeyname,
|
|
9
9
|
configurationDefinitions: [
|
|
10
|
-
|
|
10
|
+
/**
|
|
11
|
+
* The AWS region in which Cognito is setup.
|
|
12
|
+
*/
|
|
11
13
|
{
|
|
12
14
|
parameterName: AwsCognitoModuleKeyname + ".region",
|
|
13
15
|
isRequired: false,
|
|
@@ -16,7 +18,9 @@ export const AwsCognitoModule = {
|
|
|
16
18
|
new EnvironmentVariableResolver("AWS_REGION"),
|
|
17
19
|
]
|
|
18
20
|
},
|
|
19
|
-
|
|
21
|
+
/**
|
|
22
|
+
* The pool id of the Cognito user pool.
|
|
23
|
+
*/
|
|
20
24
|
{
|
|
21
25
|
parameterName: AwsCognitoModuleKeyname + ".poolId",
|
|
22
26
|
isRequired: true,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"aws-cognito.module.js","sourceRoot":"","sources":["../../../src/aws-cognito.module.ts"],"names":[],"mappings":"AACA,OAAO,EAAC,uBAAuB,EAAC,MAAM,8BAA8B,CAAC;AACrE,OAAO,EAAC,UAAU,EAAC,MAAM,mBAAmB,CAAC;AAC7C,OAAO,EAAC,2BAA2B,EAAC,MAAM,4BAA4B,CAAC;AAEvE,cAAc,iCAAiC,CAAC;AAChD,cAAc,iBAAiB,CAAC;AAChC,cAAc,yBAAyB,CAAC;AAExC,MAAM,CAAC,MAAM,gBAAgB,GAAoB;IAC7C,OAAO,EAAE,uBAAuB;IAChC,wBAAwB,EAAE;QACtB
|
|
1
|
+
{"version":3,"file":"aws-cognito.module.js","sourceRoot":"","sources":["../../../src/aws-cognito.module.ts"],"names":[],"mappings":"AACA,OAAO,EAAC,uBAAuB,EAAC,MAAM,8BAA8B,CAAC;AACrE,OAAO,EAAC,UAAU,EAAC,MAAM,mBAAmB,CAAC;AAC7C,OAAO,EAAC,2BAA2B,EAAC,MAAM,4BAA4B,CAAC;AAEvE,cAAc,iCAAiC,CAAC;AAChD,cAAc,iBAAiB,CAAC;AAChC,cAAc,yBAAyB,CAAC;AAExC,MAAM,CAAC,MAAM,gBAAgB,GAAoB;IAC7C,OAAO,EAAE,uBAAuB;IAChC,wBAAwB,EAAE;QACtB;;WAEG;QACH;YACI,aAAa,EAAE,uBAAuB,GAAG,SAAS;YAClD,UAAU,EAAE,KAAK;YACjB,YAAY,EAAE,WAAW;YACzB,gBAAgB,EAAE;gBACd,IAAI,2BAA2B,CAAC,YAAY,CAAC;aAChD;SACJ;QACD;;WAEG;QACH;YACI,aAAa,EAAE,uBAAuB,GAAG,SAAS;YAClD,UAAU,EAAE,IAAI;YAChB,gBAAgB,EAAE;gBACd,IAAI,2BAA2B,CAAC,8BAA8B,CAAC;aAClE;SACJ;KACJ;IACD,aAAa,EAAE;QACX,UAAU;KACb;CACJ,CAAA"}
|
|
@@ -15,11 +15,14 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
15
15
|
};
|
|
16
16
|
import { injectable } from "tsyringe";
|
|
17
17
|
/**
|
|
18
|
-
* A guard for which you can specify the Cognito groups that a user needs to access call. To be used with the @guard decorator (ie:
|
|
19
|
-
@guard(AwsCognitoGroupGuard, {groups: ["ADMIN"]}) ).
|
|
18
|
+
* A guard for which you can specify the Cognito groups that a user needs to access the call. To be used with the @guard decorator (ie:
|
|
19
|
+
* @guard(AwsCognitoGroupGuard, {groups: ["ADMIN"]}) ).
|
|
20
20
|
*/
|
|
21
21
|
let AwsCognitoGroupGuard = class AwsCognitoGroupGuard {
|
|
22
22
|
constructor() {
|
|
23
|
+
/**
|
|
24
|
+
* The keyname of the guard.
|
|
25
|
+
*/
|
|
23
26
|
this.keyname = "cognito.group";
|
|
24
27
|
}
|
|
25
28
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"aws-cognito-group.guard.js","sourceRoot":"","sources":["../../../../src/guards/aws-cognito-group.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,OAAO,EAAS,UAAU,EAAC,MAAM,UAAU,CAAC;AAK5C;;;GAGG;
|
|
1
|
+
{"version":3,"file":"aws-cognito-group.guard.js","sourceRoot":"","sources":["../../../../src/guards/aws-cognito-group.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,OAAO,EAAS,UAAU,EAAC,MAAM,UAAU,CAAC;AAK5C;;;GAGG;AAEI,IAAM,oBAAoB,GAA1B,MAAM,oBAAoB;IAA1B;QACH;;WAEG;QACI,YAAO,GAAG,eAAe,CAAC;IA2CrC,CAAC;IApCG;;;OAGG;IACH,UAAU,CAAC,OAAY;QACnB,IAAI,CAAC,YAAY,GAAG,OAAO,CAAC;QAE5B,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC7B,CAAC;IAED;;;;OAIG;IACG,YAAY,CAAC,OAAgB,EAAE,QAA4B;;;YAC7D,MAAM,YAAY,GAAa,EAAE,CAAC;YAClC,IAAG,IAAI,CAAC,YAAY,KAAK,SAAS,EAAE;gBAChC,OAAO,KAAK,CAAC;aAChB;YAED,IAAG,IAAI,CAAC,YAAY,CAAC,OAAO,IAAI,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,cAAc,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,MAAM,CAAC,EAAC;gBAClI,YAAY,CAAC,IAAI,CAAC,GAAI,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;aAC3D;YAED,wDAAwD;YACxD,IAAG,YAAY,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,CAAA,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,0CAAE,cAAc,CAAC,gBAAgB,CAAC,MAAK,KAAK,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAC;gBAC/I,OAAO,KAAK,CAAC;aAChB;YACD,KAAI,MAAM,KAAK,IAAI,YAAY,EAAE;gBAC7B,IAAG,CAAC,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,CAAC,gBAAgB,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAA,EAAC;oBACnD,OAAO,KAAK,CAAC;iBAChB;aACJ;YACD,OAAO,IAAI,CAAC;;KACf;CACJ,CAAA;AA/CY,oBAAoB;IADhC,UAAU,EAAE;GACA,oBAAoB,CA+ChC;SA/CY,oBAAoB"}
|
|
@@ -3,14 +3,36 @@ import { AuthenticatorInterface } from "@pristine-ts/security";
|
|
|
3
3
|
import { HttpClientInterface } from "@pristine-ts/http";
|
|
4
4
|
import { LogHandlerInterface } from "@pristine-ts/logging";
|
|
5
5
|
import { Request } from "@pristine-ts/common";
|
|
6
|
+
/**
|
|
7
|
+
* The AwsCognitoAuthenticator is an authenticator that can be passed to the @authenticator decorator on a
|
|
8
|
+
* controller class to authenticate the incoming requests using AWS Cognito.
|
|
9
|
+
*
|
|
10
|
+
* It is singleton so that the PEMs can be cached.
|
|
11
|
+
*/
|
|
6
12
|
export declare class AwsCognitoAuthenticator implements AuthenticatorInterface {
|
|
7
13
|
private readonly region;
|
|
8
14
|
private readonly poolId;
|
|
9
15
|
private readonly httpClient;
|
|
10
16
|
private readonly logHandler;
|
|
17
|
+
/**
|
|
18
|
+
* The cached PEMs to avoid fetching everytime.
|
|
19
|
+
* @private
|
|
20
|
+
*/
|
|
11
21
|
private cachedPems;
|
|
22
|
+
/**
|
|
23
|
+
* The complete url of the AWS Cognito issuer.
|
|
24
|
+
* @private
|
|
25
|
+
*/
|
|
12
26
|
private cognitoIssuer;
|
|
27
|
+
/**
|
|
28
|
+
* The url where to get the public key.
|
|
29
|
+
* @private
|
|
30
|
+
*/
|
|
13
31
|
private publicKeyUrl;
|
|
32
|
+
/**
|
|
33
|
+
* The context passed by the decorator.
|
|
34
|
+
* @private
|
|
35
|
+
*/
|
|
14
36
|
private context;
|
|
15
37
|
/**
|
|
16
38
|
* The AWS cognito authenticator that can be passed to the @authenticator decorator.
|
|
@@ -2,11 +2,17 @@ import { IdentityInterface } from "@pristine-ts/common";
|
|
|
2
2
|
import { GuardContextInterface, GuardInterface } from "@pristine-ts/security";
|
|
3
3
|
import { Request } from "@pristine-ts/common";
|
|
4
4
|
/**
|
|
5
|
-
* A guard for which you can specify the Cognito groups that a user needs to access call. To be used with the @guard decorator (ie:
|
|
6
|
-
@guard(AwsCognitoGroupGuard, {groups: ["ADMIN"]}) ).
|
|
5
|
+
* A guard for which you can specify the Cognito groups that a user needs to access the call. To be used with the @guard decorator (ie:
|
|
6
|
+
* @guard(AwsCognitoGroupGuard, {groups: ["ADMIN"]}) ).
|
|
7
7
|
*/
|
|
8
8
|
export declare class AwsCognitoGroupGuard implements GuardInterface {
|
|
9
|
+
/**
|
|
10
|
+
* The keyname of the guard.
|
|
11
|
+
*/
|
|
9
12
|
keyname: string;
|
|
13
|
+
/**
|
|
14
|
+
* The guard context.
|
|
15
|
+
*/
|
|
10
16
|
guardContext?: GuardContextInterface;
|
|
11
17
|
/**
|
|
12
18
|
* Sets the context for the guard.
|
|
@@ -2,12 +2,36 @@
|
|
|
2
2
|
* The interface of the claims in AWS Cognito.
|
|
3
3
|
*/
|
|
4
4
|
export interface ClaimInterface {
|
|
5
|
+
/**
|
|
6
|
+
* The use for which the token is used (ie: access)
|
|
7
|
+
*/
|
|
5
8
|
token_use: string;
|
|
9
|
+
/**
|
|
10
|
+
* The time at which the authentication happened.
|
|
11
|
+
*/
|
|
6
12
|
auth_time: number;
|
|
13
|
+
/**
|
|
14
|
+
* The issuer of the token.
|
|
15
|
+
*/
|
|
7
16
|
iss: string;
|
|
17
|
+
/**
|
|
18
|
+
* The expiration timestamp of the token.
|
|
19
|
+
*/
|
|
8
20
|
exp: number;
|
|
21
|
+
/**
|
|
22
|
+
* The cognito username.
|
|
23
|
+
*/
|
|
9
24
|
["cognito:username"]: string;
|
|
25
|
+
/**
|
|
26
|
+
* The client id.
|
|
27
|
+
*/
|
|
10
28
|
client_id: string;
|
|
29
|
+
/**
|
|
30
|
+
* The cognito groups.
|
|
31
|
+
*/
|
|
11
32
|
["cognito:groups"]: string[];
|
|
33
|
+
/**
|
|
34
|
+
* The other claims part of the token.
|
|
35
|
+
*/
|
|
12
36
|
[key: string]: any;
|
|
13
37
|
}
|
|
@@ -2,10 +2,28 @@
|
|
|
2
2
|
* The public key interface.
|
|
3
3
|
*/
|
|
4
4
|
export interface PublicKeyInterface {
|
|
5
|
+
/**
|
|
6
|
+
* The specific cryptographic algorithm used with the key.
|
|
7
|
+
*/
|
|
5
8
|
alg: string;
|
|
9
|
+
/**
|
|
10
|
+
* The exponent for the RSA public key.
|
|
11
|
+
*/
|
|
6
12
|
e: string;
|
|
13
|
+
/**
|
|
14
|
+
* The unique identifier for the key.
|
|
15
|
+
*/
|
|
7
16
|
kid: string;
|
|
17
|
+
/**
|
|
18
|
+
* The family of cryptographic algorithms used with the key.
|
|
19
|
+
*/
|
|
8
20
|
kty: string;
|
|
21
|
+
/**
|
|
22
|
+
* The modulus for the RSA public key.
|
|
23
|
+
*/
|
|
9
24
|
n: string;
|
|
25
|
+
/**
|
|
26
|
+
* How the key was meant to be used; sig represents the signature.
|
|
27
|
+
*/
|
|
10
28
|
use: string;
|
|
11
29
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@pristine-ts/aws-cognito",
|
|
3
|
-
"version": "0.0.
|
|
3
|
+
"version": "0.0.217",
|
|
4
4
|
"description": "",
|
|
5
5
|
"module": "dist/lib/esm/aws-cognito.module.js",
|
|
6
6
|
"main": "dist/lib/cjs/aws-cognito.module.js",
|
|
@@ -23,9 +23,9 @@
|
|
|
23
23
|
"@types/jwk-to-pem": "^2.0.0"
|
|
24
24
|
},
|
|
25
25
|
"dependencies": {
|
|
26
|
-
"@pristine-ts/common": "^0.0.
|
|
27
|
-
"@pristine-ts/http": "^0.0.
|
|
28
|
-
"@pristine-ts/networking": "^0.0.
|
|
26
|
+
"@pristine-ts/common": "^0.0.217",
|
|
27
|
+
"@pristine-ts/http": "^0.0.217",
|
|
28
|
+
"@pristine-ts/networking": "^0.0.217",
|
|
29
29
|
"jsonwebtoken": "^8.5.1",
|
|
30
30
|
"jwk-to-pem": "^2.0.5"
|
|
31
31
|
},
|
|
@@ -63,5 +63,5 @@
|
|
|
63
63
|
"src/*.{js,ts}"
|
|
64
64
|
]
|
|
65
65
|
},
|
|
66
|
-
"gitHead": "
|
|
66
|
+
"gitHead": "09d75c294b086344ec20d8226436aaee06cf2caa"
|
|
67
67
|
}
|