@ttoss/react-auth 1.2.17 → 1.2.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/esm/index.js +124 -13
- package/dist/index.js +124 -13
- package/package.json +10 -10
package/dist/esm/index.js
CHANGED
|
@@ -212,10 +212,16 @@ var PASSWORD_MINIMUM_LENGTH = 8;
|
|
|
212
212
|
var CognitoUserPoolLogicalId = "CognitoUserPool";
|
|
213
213
|
var CognitoUserPoolClientLogicalId = "CognitoUserPoolClient";
|
|
214
214
|
var CognitoIdentityPoolLogicalId = "CognitoIdentityPool";
|
|
215
|
+
var IdentityPoolAuthenticatedIAMRoleLogicalId = "IdentityPoolAuthenticatedIAMRole";
|
|
216
|
+
var IdentityPoolUnauthenticatedIAMRoleLogicalId = "IdentityPoolUnauthenticatedIAMRole";
|
|
217
|
+
var DenyStatement = {
|
|
218
|
+
Effect: "Deny",
|
|
219
|
+
Action: ["*"],
|
|
220
|
+
Resource: ["*"]
|
|
221
|
+
};
|
|
215
222
|
var createAuthTemplate = ({
|
|
216
223
|
autoVerifiedAttributes = ["email"],
|
|
217
|
-
identityPool
|
|
218
|
-
roles,
|
|
224
|
+
identityPool,
|
|
219
225
|
schema,
|
|
220
226
|
usernameAttributes = ["email"]
|
|
221
227
|
} = {}) => {
|
|
@@ -225,6 +231,7 @@ var createAuthTemplate = ({
|
|
|
225
231
|
Resources: {
|
|
226
232
|
[CognitoUserPoolLogicalId]: {
|
|
227
233
|
Type: "AWS::Cognito::UserPool",
|
|
234
|
+
DeletionPolicy: "Retain",
|
|
228
235
|
Properties: {
|
|
229
236
|
AutoVerifiedAttributes,
|
|
230
237
|
Policies: {
|
|
@@ -237,7 +244,6 @@ var createAuthTemplate = ({
|
|
|
237
244
|
TemporaryPasswordValidityDays: 30
|
|
238
245
|
}
|
|
239
246
|
},
|
|
240
|
-
Schema: schema,
|
|
241
247
|
UsernameAttributes: usernameAttributes,
|
|
242
248
|
UsernameConfiguration: {
|
|
243
249
|
CaseSensitive: false
|
|
@@ -293,7 +299,35 @@ var createAuthTemplate = ({
|
|
|
293
299
|
}
|
|
294
300
|
}
|
|
295
301
|
};
|
|
296
|
-
if (
|
|
302
|
+
if (schema) {
|
|
303
|
+
const Schema = schema.map((attribute) => {
|
|
304
|
+
let NumberAttributeConstraints = void 0;
|
|
305
|
+
if (attribute.numberAttributeConstraints) {
|
|
306
|
+
NumberAttributeConstraints = {
|
|
307
|
+
MaxValue: attribute.numberAttributeConstraints?.maxValue,
|
|
308
|
+
MinValue: attribute.numberAttributeConstraints?.minValue
|
|
309
|
+
};
|
|
310
|
+
}
|
|
311
|
+
let StringAttributeConstraints = void 0;
|
|
312
|
+
if (attribute.stringAttributeConstraints) {
|
|
313
|
+
StringAttributeConstraints = {
|
|
314
|
+
MaxLength: attribute.stringAttributeConstraints?.maxLength,
|
|
315
|
+
MinLength: attribute.stringAttributeConstraints?.minLength
|
|
316
|
+
};
|
|
317
|
+
}
|
|
318
|
+
return {
|
|
319
|
+
AttributeDataType: attribute.attributeDataType,
|
|
320
|
+
DeveloperOnlyAttribute: attribute.developerOnlyAttribute,
|
|
321
|
+
Mutable: attribute.mutable,
|
|
322
|
+
Name: attribute.name,
|
|
323
|
+
NumberAttributeConstraints,
|
|
324
|
+
Required: attribute.required,
|
|
325
|
+
StringAttributeConstraints
|
|
326
|
+
};
|
|
327
|
+
});
|
|
328
|
+
template.Resources[CognitoUserPoolLogicalId].Properties.Schema = Schema;
|
|
329
|
+
}
|
|
330
|
+
if (identityPool?.enabled) {
|
|
297
331
|
template.Resources[CognitoIdentityPoolLogicalId] = {
|
|
298
332
|
Type: "AWS::Cognito::IdentityPool",
|
|
299
333
|
Properties: {
|
|
@@ -310,17 +344,94 @@ var createAuthTemplate = ({
|
|
|
310
344
|
]
|
|
311
345
|
}
|
|
312
346
|
};
|
|
313
|
-
|
|
314
|
-
|
|
315
|
-
|
|
316
|
-
|
|
317
|
-
|
|
318
|
-
|
|
347
|
+
template.Resources[IdentityPoolAuthenticatedIAMRoleLogicalId] = {
|
|
348
|
+
Type: "AWS::IAM::Role",
|
|
349
|
+
Properties: {
|
|
350
|
+
AssumeRolePolicyDocument: {
|
|
351
|
+
Version: "2012-10-17",
|
|
352
|
+
Statement: [
|
|
353
|
+
{
|
|
354
|
+
Effect: "Allow",
|
|
355
|
+
Principal: {
|
|
356
|
+
Federated: "cognito-identity.amazonaws.com"
|
|
357
|
+
},
|
|
358
|
+
Action: ["sts:AssumeRoleWithWebIdentity", "sts:TagSession"],
|
|
359
|
+
Condition: {
|
|
360
|
+
StringEquals: {
|
|
361
|
+
"cognito-identity.amazonaws.com:aud": {
|
|
362
|
+
Ref: CognitoIdentityPoolLogicalId
|
|
363
|
+
}
|
|
364
|
+
},
|
|
365
|
+
"ForAnyValue:StringLike": {
|
|
366
|
+
"cognito-identity.amazonaws.com:amr": "authenticated"
|
|
367
|
+
}
|
|
368
|
+
}
|
|
369
|
+
}
|
|
370
|
+
]
|
|
371
|
+
},
|
|
372
|
+
Policies: identityPool.authenticatedPolicies || [
|
|
373
|
+
{
|
|
374
|
+
PolicyName: "IdentityPoolAuthenticatedIAMRolePolicyName",
|
|
375
|
+
PolicyDocument: {
|
|
376
|
+
Version: "2012-10-17",
|
|
377
|
+
Statement: [DenyStatement]
|
|
378
|
+
}
|
|
379
|
+
}
|
|
380
|
+
]
|
|
381
|
+
}
|
|
382
|
+
};
|
|
383
|
+
template.Resources[IdentityPoolUnauthenticatedIAMRoleLogicalId] = {
|
|
384
|
+
Type: "AWS::IAM::Role",
|
|
385
|
+
Properties: {
|
|
386
|
+
AssumeRolePolicyDocument: {
|
|
387
|
+
Version: "2012-10-17",
|
|
388
|
+
Statement: [
|
|
389
|
+
{
|
|
390
|
+
Effect: "Allow",
|
|
391
|
+
Principal: {
|
|
392
|
+
Federated: "cognito-identity.amazonaws.com"
|
|
393
|
+
},
|
|
394
|
+
Action: "sts:AssumeRoleWithWebIdentity",
|
|
395
|
+
Condition: {
|
|
396
|
+
StringEquals: {
|
|
397
|
+
"cognito-identity.amazonaws.com:aud": {
|
|
398
|
+
Ref: CognitoIdentityPoolLogicalId
|
|
399
|
+
}
|
|
400
|
+
},
|
|
401
|
+
"ForAnyValue:StringLike": {
|
|
402
|
+
"cognito-identity.amazonaws.com:amr": "unauthenticated"
|
|
403
|
+
}
|
|
404
|
+
}
|
|
405
|
+
}
|
|
406
|
+
]
|
|
407
|
+
},
|
|
408
|
+
Policies: identityPool.authenticatedPolicies || [
|
|
409
|
+
{
|
|
410
|
+
PolicyName: "IdentityPoolUnauthenticatedIAMRolePolicyName",
|
|
411
|
+
PolicyDocument: {
|
|
412
|
+
Version: "2012-10-17",
|
|
413
|
+
Statement: [DenyStatement]
|
|
414
|
+
}
|
|
415
|
+
}
|
|
416
|
+
]
|
|
417
|
+
}
|
|
418
|
+
};
|
|
419
|
+
template.Resources.CognitoIdentityPoolRoleAttachment = {
|
|
420
|
+
Type: "AWS::Cognito::IdentityPoolRoleAttachment",
|
|
421
|
+
Properties: {
|
|
422
|
+
IdentityPoolId: {
|
|
423
|
+
Ref: CognitoIdentityPoolLogicalId
|
|
424
|
+
},
|
|
425
|
+
Roles: {
|
|
426
|
+
authenticated: {
|
|
427
|
+
"Fn::GetAtt": [IdentityPoolAuthenticatedIAMRoleLogicalId, "Arn"]
|
|
319
428
|
},
|
|
320
|
-
|
|
429
|
+
unauthenticated: {
|
|
430
|
+
"Fn::GetAtt": [IdentityPoolUnauthenticatedIAMRoleLogicalId, "Arn"]
|
|
431
|
+
}
|
|
321
432
|
}
|
|
322
|
-
}
|
|
323
|
-
}
|
|
433
|
+
}
|
|
434
|
+
};
|
|
324
435
|
if (!template.Outputs) {
|
|
325
436
|
template.Outputs = {};
|
|
326
437
|
}
|
package/dist/index.js
CHANGED
|
@@ -249,10 +249,16 @@ var PASSWORD_MINIMUM_LENGTH = 8;
|
|
|
249
249
|
var CognitoUserPoolLogicalId = "CognitoUserPool";
|
|
250
250
|
var CognitoUserPoolClientLogicalId = "CognitoUserPoolClient";
|
|
251
251
|
var CognitoIdentityPoolLogicalId = "CognitoIdentityPool";
|
|
252
|
+
var IdentityPoolAuthenticatedIAMRoleLogicalId = "IdentityPoolAuthenticatedIAMRole";
|
|
253
|
+
var IdentityPoolUnauthenticatedIAMRoleLogicalId = "IdentityPoolUnauthenticatedIAMRole";
|
|
254
|
+
var DenyStatement = {
|
|
255
|
+
Effect: "Deny",
|
|
256
|
+
Action: ["*"],
|
|
257
|
+
Resource: ["*"]
|
|
258
|
+
};
|
|
252
259
|
var createAuthTemplate = ({
|
|
253
260
|
autoVerifiedAttributes = ["email"],
|
|
254
|
-
identityPool
|
|
255
|
-
roles,
|
|
261
|
+
identityPool,
|
|
256
262
|
schema,
|
|
257
263
|
usernameAttributes = ["email"]
|
|
258
264
|
} = {}) => {
|
|
@@ -262,6 +268,7 @@ var createAuthTemplate = ({
|
|
|
262
268
|
Resources: {
|
|
263
269
|
[CognitoUserPoolLogicalId]: {
|
|
264
270
|
Type: "AWS::Cognito::UserPool",
|
|
271
|
+
DeletionPolicy: "Retain",
|
|
265
272
|
Properties: {
|
|
266
273
|
AutoVerifiedAttributes,
|
|
267
274
|
Policies: {
|
|
@@ -274,7 +281,6 @@ var createAuthTemplate = ({
|
|
|
274
281
|
TemporaryPasswordValidityDays: 30
|
|
275
282
|
}
|
|
276
283
|
},
|
|
277
|
-
Schema: schema,
|
|
278
284
|
UsernameAttributes: usernameAttributes,
|
|
279
285
|
UsernameConfiguration: {
|
|
280
286
|
CaseSensitive: false
|
|
@@ -330,7 +336,35 @@ var createAuthTemplate = ({
|
|
|
330
336
|
}
|
|
331
337
|
}
|
|
332
338
|
};
|
|
333
|
-
if (
|
|
339
|
+
if (schema) {
|
|
340
|
+
const Schema = schema.map((attribute) => {
|
|
341
|
+
let NumberAttributeConstraints = void 0;
|
|
342
|
+
if (attribute.numberAttributeConstraints) {
|
|
343
|
+
NumberAttributeConstraints = {
|
|
344
|
+
MaxValue: attribute.numberAttributeConstraints?.maxValue,
|
|
345
|
+
MinValue: attribute.numberAttributeConstraints?.minValue
|
|
346
|
+
};
|
|
347
|
+
}
|
|
348
|
+
let StringAttributeConstraints = void 0;
|
|
349
|
+
if (attribute.stringAttributeConstraints) {
|
|
350
|
+
StringAttributeConstraints = {
|
|
351
|
+
MaxLength: attribute.stringAttributeConstraints?.maxLength,
|
|
352
|
+
MinLength: attribute.stringAttributeConstraints?.minLength
|
|
353
|
+
};
|
|
354
|
+
}
|
|
355
|
+
return {
|
|
356
|
+
AttributeDataType: attribute.attributeDataType,
|
|
357
|
+
DeveloperOnlyAttribute: attribute.developerOnlyAttribute,
|
|
358
|
+
Mutable: attribute.mutable,
|
|
359
|
+
Name: attribute.name,
|
|
360
|
+
NumberAttributeConstraints,
|
|
361
|
+
Required: attribute.required,
|
|
362
|
+
StringAttributeConstraints
|
|
363
|
+
};
|
|
364
|
+
});
|
|
365
|
+
template.Resources[CognitoUserPoolLogicalId].Properties.Schema = Schema;
|
|
366
|
+
}
|
|
367
|
+
if (identityPool?.enabled) {
|
|
334
368
|
template.Resources[CognitoIdentityPoolLogicalId] = {
|
|
335
369
|
Type: "AWS::Cognito::IdentityPool",
|
|
336
370
|
Properties: {
|
|
@@ -347,17 +381,94 @@ var createAuthTemplate = ({
|
|
|
347
381
|
]
|
|
348
382
|
}
|
|
349
383
|
};
|
|
350
|
-
|
|
351
|
-
|
|
352
|
-
|
|
353
|
-
|
|
354
|
-
|
|
355
|
-
|
|
384
|
+
template.Resources[IdentityPoolAuthenticatedIAMRoleLogicalId] = {
|
|
385
|
+
Type: "AWS::IAM::Role",
|
|
386
|
+
Properties: {
|
|
387
|
+
AssumeRolePolicyDocument: {
|
|
388
|
+
Version: "2012-10-17",
|
|
389
|
+
Statement: [
|
|
390
|
+
{
|
|
391
|
+
Effect: "Allow",
|
|
392
|
+
Principal: {
|
|
393
|
+
Federated: "cognito-identity.amazonaws.com"
|
|
394
|
+
},
|
|
395
|
+
Action: ["sts:AssumeRoleWithWebIdentity", "sts:TagSession"],
|
|
396
|
+
Condition: {
|
|
397
|
+
StringEquals: {
|
|
398
|
+
"cognito-identity.amazonaws.com:aud": {
|
|
399
|
+
Ref: CognitoIdentityPoolLogicalId
|
|
400
|
+
}
|
|
401
|
+
},
|
|
402
|
+
"ForAnyValue:StringLike": {
|
|
403
|
+
"cognito-identity.amazonaws.com:amr": "authenticated"
|
|
404
|
+
}
|
|
405
|
+
}
|
|
406
|
+
}
|
|
407
|
+
]
|
|
408
|
+
},
|
|
409
|
+
Policies: identityPool.authenticatedPolicies || [
|
|
410
|
+
{
|
|
411
|
+
PolicyName: "IdentityPoolAuthenticatedIAMRolePolicyName",
|
|
412
|
+
PolicyDocument: {
|
|
413
|
+
Version: "2012-10-17",
|
|
414
|
+
Statement: [DenyStatement]
|
|
415
|
+
}
|
|
416
|
+
}
|
|
417
|
+
]
|
|
418
|
+
}
|
|
419
|
+
};
|
|
420
|
+
template.Resources[IdentityPoolUnauthenticatedIAMRoleLogicalId] = {
|
|
421
|
+
Type: "AWS::IAM::Role",
|
|
422
|
+
Properties: {
|
|
423
|
+
AssumeRolePolicyDocument: {
|
|
424
|
+
Version: "2012-10-17",
|
|
425
|
+
Statement: [
|
|
426
|
+
{
|
|
427
|
+
Effect: "Allow",
|
|
428
|
+
Principal: {
|
|
429
|
+
Federated: "cognito-identity.amazonaws.com"
|
|
430
|
+
},
|
|
431
|
+
Action: "sts:AssumeRoleWithWebIdentity",
|
|
432
|
+
Condition: {
|
|
433
|
+
StringEquals: {
|
|
434
|
+
"cognito-identity.amazonaws.com:aud": {
|
|
435
|
+
Ref: CognitoIdentityPoolLogicalId
|
|
436
|
+
}
|
|
437
|
+
},
|
|
438
|
+
"ForAnyValue:StringLike": {
|
|
439
|
+
"cognito-identity.amazonaws.com:amr": "unauthenticated"
|
|
440
|
+
}
|
|
441
|
+
}
|
|
442
|
+
}
|
|
443
|
+
]
|
|
444
|
+
},
|
|
445
|
+
Policies: identityPool.authenticatedPolicies || [
|
|
446
|
+
{
|
|
447
|
+
PolicyName: "IdentityPoolUnauthenticatedIAMRolePolicyName",
|
|
448
|
+
PolicyDocument: {
|
|
449
|
+
Version: "2012-10-17",
|
|
450
|
+
Statement: [DenyStatement]
|
|
451
|
+
}
|
|
452
|
+
}
|
|
453
|
+
]
|
|
454
|
+
}
|
|
455
|
+
};
|
|
456
|
+
template.Resources.CognitoIdentityPoolRoleAttachment = {
|
|
457
|
+
Type: "AWS::Cognito::IdentityPoolRoleAttachment",
|
|
458
|
+
Properties: {
|
|
459
|
+
IdentityPoolId: {
|
|
460
|
+
Ref: CognitoIdentityPoolLogicalId
|
|
461
|
+
},
|
|
462
|
+
Roles: {
|
|
463
|
+
authenticated: {
|
|
464
|
+
"Fn::GetAtt": [IdentityPoolAuthenticatedIAMRoleLogicalId, "Arn"]
|
|
356
465
|
},
|
|
357
|
-
|
|
466
|
+
unauthenticated: {
|
|
467
|
+
"Fn::GetAtt": [IdentityPoolUnauthenticatedIAMRoleLogicalId, "Arn"]
|
|
468
|
+
}
|
|
358
469
|
}
|
|
359
|
-
}
|
|
360
|
-
}
|
|
470
|
+
}
|
|
471
|
+
};
|
|
361
472
|
if (!template.Outputs) {
|
|
362
473
|
template.Outputs = {};
|
|
363
474
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@ttoss/react-auth",
|
|
3
|
-
"version": "1.2.
|
|
3
|
+
"version": "1.2.19",
|
|
4
4
|
"description": "ttoss authentication module for React apps.",
|
|
5
5
|
"license": "UNLICENSED",
|
|
6
6
|
"author": "ttoss",
|
|
@@ -22,7 +22,7 @@
|
|
|
22
22
|
"sideEffects": false,
|
|
23
23
|
"typings": "./dist/index.d.ts",
|
|
24
24
|
"dependencies": {
|
|
25
|
-
"@ttoss/forms": "^0.14.
|
|
25
|
+
"@ttoss/forms": "^0.14.7",
|
|
26
26
|
"@xstate/react": "^3.0.1",
|
|
27
27
|
"xstate": "^4.35.0"
|
|
28
28
|
},
|
|
@@ -34,13 +34,13 @@
|
|
|
34
34
|
"react": ">=16.8.0"
|
|
35
35
|
},
|
|
36
36
|
"devDependencies": {
|
|
37
|
-
"@ttoss/cloud-auth": "^0.
|
|
38
|
-
"@ttoss/config": "^1.28.
|
|
39
|
-
"@ttoss/i18n-cli": "^0.3.
|
|
40
|
-
"@ttoss/react-i18n": "^1.18.
|
|
41
|
-
"@ttoss/react-notifications": "^1.20.
|
|
42
|
-
"@ttoss/test-utils": "^1.20.
|
|
43
|
-
"@ttoss/ui": "^1.30.
|
|
37
|
+
"@ttoss/cloud-auth": "^0.7.1",
|
|
38
|
+
"@ttoss/config": "^1.28.3",
|
|
39
|
+
"@ttoss/i18n-cli": "^0.3.6",
|
|
40
|
+
"@ttoss/react-i18n": "^1.18.9",
|
|
41
|
+
"@ttoss/react-notifications": "^1.20.7",
|
|
42
|
+
"@ttoss/test-utils": "^1.20.5",
|
|
43
|
+
"@ttoss/ui": "^1.30.7",
|
|
44
44
|
"aws-amplify": "^5.0.14"
|
|
45
45
|
},
|
|
46
46
|
"keywords": [
|
|
@@ -50,5 +50,5 @@
|
|
|
50
50
|
"publishConfig": {
|
|
51
51
|
"access": "public"
|
|
52
52
|
},
|
|
53
|
-
"gitHead": "
|
|
53
|
+
"gitHead": "56e8cfde36a962deaa5514453618280699824b4f"
|
|
54
54
|
}
|