quidproquo-actionprocessor-awslambda 0.0.71 → 0.0.72

package/lib/awsNamingUtils.d.ts

@@ -1,3 +1,7 @@
 import { QPQConfig } from 'quidproquo-core';
-export declare const getConfigRuntimeResourceName: (resourceName: string, qpqConfig: QPQConfig, resourceType?: string) => string;
-export declare const getQpqRuntimeResourceName: (resourceName: string, qpqConfig: QPQConfig, resourceType?: string) => string;
+export declare const getConfigRuntimeResourceName: (resourceName: string, application: string, service: string, environment: string, feature?: string) => string;
+export declare const getConfigRuntimeResourceNameFromConfig: (resourceName: string, qpqConfig: QPQConfig) => string;
+export declare const getQpqRuntimeResourceName: (resourceName: string, application: string, service: string, environment: string, feature?: string, resourceType?: string) => string;
+export declare const getQpqRuntimeResourceNameFromConfig: (resourceName: string, qpqConfig: QPQConfig, resourceType?: string) => string;
+export declare const getCFExportNameUserPoolIdFromConfig: (userDirectoryName: string, qpqConfig: QPQConfig, serviceOverride?: string, applicationOverride?: string) => string;
+export declare const getCFExportNameUserPoolClientIdFromConfig: (userDirectoryName: string, qpqConfig: QPQConfig, serviceOverride?: string, applicationOverride?: string) => string;

package/lib/awsNamingUtils.js

@@ -1,12 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getQpqRuntimeResourceName = exports.getConfigRuntimeResourceName = void 0;
+exports.getCFExportNameUserPoolClientIdFromConfig = exports.getCFExportNameUserPoolIdFromConfig = exports.getQpqRuntimeResourceNameFromConfig = exports.getQpqRuntimeResourceName = exports.getConfigRuntimeResourceNameFromConfig = exports.getConfigRuntimeResourceName = void 0;
 const quidproquo_core_1 = require("quidproquo-core");
-const getConfigRuntimeResourceName = (resourceName, qpqConfig, resourceType = '') => {
-    const application = quidproquo_core_1.qpqCoreUtils.getApplicationName(qpqConfig);
-    const service = quidproquo_core_1.qpqCoreUtils.getApplicationModuleName(qpqConfig);
-    const environment = quidproquo_core_1.qpqCoreUtils.getApplicationModuleEnvironment(qpqConfig);
-    const feature = quidproquo_core_1.qpqCoreUtils.getApplicationModuleFeature(qpqConfig);
+const getConfigRuntimeResourceName = (resourceName, application, service, environment, feature) => {
     const baseName = `${resourceName}-${application}-${service}-${environment}`;
     if (feature) {
         return `${baseName}-${feature}`;
@@ -14,8 +10,40 @@ const getConfigRuntimeResourceName = (resourceName, qpqConfig, resourceType = ''
     return baseName;
 };
 exports.getConfigRuntimeResourceName = getConfigRuntimeResourceName;
-const getQpqRuntimeResourceName = (resourceName, qpqConfig, resourceType = '') => {
-    const name = (0, exports.getConfigRuntimeResourceName)(resourceName, qpqConfig, resourceType);
+const getConfigRuntimeResourceNameFromConfig = (resourceName, qpqConfig) => {
+    const application = quidproquo_core_1.qpqCoreUtils.getApplicationName(qpqConfig);
+    const service = quidproquo_core_1.qpqCoreUtils.getApplicationModuleName(qpqConfig);
+    const environment = quidproquo_core_1.qpqCoreUtils.getApplicationModuleEnvironment(qpqConfig);
+    const feature = quidproquo_core_1.qpqCoreUtils.getApplicationModuleFeature(qpqConfig);
+    return (0, exports.getConfigRuntimeResourceName)(resourceName, application, service, environment, feature);
+};
+exports.getConfigRuntimeResourceNameFromConfig = getConfigRuntimeResourceNameFromConfig;
+const getQpqRuntimeResourceName = (resourceName, application, service, environment, feature, resourceType = '') => {
+    const name = (0, exports.getConfigRuntimeResourceName)(resourceName, application, service, environment, feature);
     return `${name}-qpq${resourceType}`;
 };
 exports.getQpqRuntimeResourceName = getQpqRuntimeResourceName;
+const getQpqRuntimeResourceNameFromConfig = (resourceName, qpqConfig, resourceType = '') => {
+    const application = quidproquo_core_1.qpqCoreUtils.getApplicationName(qpqConfig);
+    const service = quidproquo_core_1.qpqCoreUtils.getApplicationModuleName(qpqConfig);
+    const environment = quidproquo_core_1.qpqCoreUtils.getApplicationModuleEnvironment(qpqConfig);
+    const feature = quidproquo_core_1.qpqCoreUtils.getApplicationModuleFeature(qpqConfig);
+    return (0, exports.getQpqRuntimeResourceName)(resourceName, application, service, environment, feature, resourceType);
+};
+exports.getQpqRuntimeResourceNameFromConfig = getQpqRuntimeResourceNameFromConfig;
+const getCFExportNameUserPoolIdFromConfig = (userDirectoryName, qpqConfig, serviceOverride, applicationOverride) => {
+    const application = applicationOverride || quidproquo_core_1.qpqCoreUtils.getApplicationName(qpqConfig);
+    const service = serviceOverride || quidproquo_core_1.qpqCoreUtils.getApplicationModuleName(qpqConfig);
+    const environment = quidproquo_core_1.qpqCoreUtils.getApplicationModuleEnvironment(qpqConfig);
+    const feature = quidproquo_core_1.qpqCoreUtils.getApplicationModuleFeature(qpqConfig);
+    return (0, exports.getQpqRuntimeResourceName)(userDirectoryName, application, service, environment, feature, 'user-pool-id-export');
+};
+exports.getCFExportNameUserPoolIdFromConfig = getCFExportNameUserPoolIdFromConfig;
+const getCFExportNameUserPoolClientIdFromConfig = (userDirectoryName, qpqConfig, serviceOverride, applicationOverride) => {
+    const application = applicationOverride || quidproquo_core_1.qpqCoreUtils.getApplicationName(qpqConfig);
+    const service = serviceOverride || quidproquo_core_1.qpqCoreUtils.getApplicationModuleName(qpqConfig);
+    const environment = quidproquo_core_1.qpqCoreUtils.getApplicationModuleEnvironment(qpqConfig);
+    const feature = quidproquo_core_1.qpqCoreUtils.getApplicationModuleFeature(qpqConfig);
+    return (0, exports.getQpqRuntimeResourceName)(userDirectoryName, application, service, environment, feature, 'user-pool-client-id-export');
+};
+exports.getCFExportNameUserPoolClientIdFromConfig = getCFExportNameUserPoolClientIdFromConfig;

package/lib/getActionProcessor/core/event/getAPIGatewayEventActionProcessor.d.ts

@@ -1,10 +1,12 @@
-import { QPQConfig, EventMatchStoryActionProcessor, EventTransformEventParamsActionProcessor, EventTransformResponseResultActionProcessor, EventAutoRespondActionProcessor } from 'quidproquo-core';
-import { HTTPEventParams } from 'quidproquo-webserver';
-import { Context, APIGatewayProxyResult } from 'aws-lambda';
-declare const _default: (config: QPQConfig) => {
-    "@quidproquo-core/event/TransformEventParams": EventTransformEventParamsActionProcessor<[import("aws-lambda").APIGatewayProxyEvent, Context], HTTPEventParams<any>>;
-    "@quidproquo-core/event/TransformResponseResult": EventTransformResponseResultActionProcessor<any, any, APIGatewayProxyResult>;
-    "@quidproquo-core/event/AutoRespond": EventAutoRespondActionProcessor<HTTPEventParams<any>>;
-    "@quidproquo-core/event/MatchStory": EventMatchStoryActionProcessor<HTTPEventParams<any>>;
+import { QPQConfig, MatchStoryResult, EventMatchStoryActionProcessor, EventTransformEventParamsActionProcessor, EventTransformResponseResultActionProcessor, EventAutoRespondActionProcessor } from 'quidproquo-core';
+import { HTTPEvent, HTTPEventResponse, HttpEventRouteParams, RouteOptions } from 'quidproquo-webserver';
+import { APIGatewayEvent, Context, APIGatewayProxyResult } from 'aws-lambda';
+export type HttpRouteMatchStoryResult = MatchStoryResult<HttpEventRouteParams, RouteOptions>;
+export type ApiGatewayEventParams = [APIGatewayEvent, Context];
+declare const _default: (qpqConfig: QPQConfig) => {
+    "@quidproquo-core/event/TransformEventParams": EventTransformEventParamsActionProcessor<ApiGatewayEventParams, HTTPEvent<any>>;
+    "@quidproquo-core/event/TransformResponseResult": EventTransformResponseResultActionProcessor<HTTPEventResponse<string>, HTTPEvent<string>, APIGatewayProxyResult>;
+    "@quidproquo-core/event/AutoRespond": EventAutoRespondActionProcessor<HTTPEvent<any>, HttpRouteMatchStoryResult, HTTPEventResponse<string> | null>;
+    "@quidproquo-core/event/MatchStory": EventMatchStoryActionProcessor<HTTPEvent<any>, HttpRouteMatchStoryResult>;
 };
 export default _default;

package/lib/getActionProcessor/core/event/getAPIGatewayEventActionProcessor.js

@@ -12,10 +12,16 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const quidproquo_core_1 = require("quidproquo-core");
 const quidproquo_webserver_1 = require("quidproquo-webserver");
 const awsLambdaUtils_1 = require("../../../awsLambdaUtils");
+const isAuthValid_1 = require("./utils/isAuthValid");
+const transformHttpEventHeadersToAPIGatewayProxyResultHeaders = (headers) => {
+    return Object.keys(headers)
+        .filter((header) => !!headers[header])
+        .reduce((acc, header) => (Object.assign(Object.assign({}, acc), { [header]: headers[header] })), {});
+};
 const getProcessTransformEventParams = (serviceName) => {
     return ({ eventParams: [apiGatewayEvent, context] }) => __awaiter(void 0, void 0, void 0, function* () {
         const path = (apiGatewayEvent.path || '').replace(new RegExp(`^(\/${serviceName})/`), '/');
-        return (0, quidproquo_core_1.actionResult)({
+        const transformedEventParams = {
             path,
             query: Object.assign(Object.assign({}, (apiGatewayEvent.multiValueQueryStringParameters || {})), (apiGatewayEvent.queryStringParameters || {})),
             body: apiGatewayEvent.body,
@@ -24,40 +30,57 @@ const getProcessTransformEventParams = (serviceName) => {
             correlation: context.awsRequestId,
             sourceIp: apiGatewayEvent.requestContext.identity.sourceIp,
             isBase64Encoded: apiGatewayEvent.isBase64Encoded,
-        });
+        };
+        console.log(JSON.stringify(transformedEventParams, null, 2));
+        return (0, quidproquo_core_1.actionResult)(transformedEventParams);
     });
 };
-const getProcessTransformResponseResult = (configs) => {
+const getProcessTransformResponseResult = (qpqConfig) => {
     // We might need to JSON.stringify the body.
     return (payload) => __awaiter(void 0, void 0, void 0, function* () {
         var _a;
+        const headers = Object.assign(Object.assign({}, quidproquo_webserver_1.qpqWebServerUtils.getCorsHeaders(qpqConfig, {}, payload.transformedEventParams.headers)), (((_a = payload === null || payload === void 0 ? void 0 : payload.response) === null || _a === void 0 ? void 0 : _a.headers) || {}));
         return (0, quidproquo_core_1.actionResult)({
             statusCode: payload.response.status,
-            body: payload.response.body,
+            body: payload.response.body || '',
             isBase64Encoded: payload.response.isBase64Encoded,
-            headers: Object.assign(Object.assign({}, quidproquo_webserver_1.qpqWebServerUtils.getCorsHeaders(configs, {}, payload.transformedEventParams.headers)), (((_a = payload === null || payload === void 0 ? void 0 : payload.response) === null || _a === void 0 ? void 0 : _a.headers) || {})),
+            headers: transformHttpEventHeadersToAPIGatewayProxyResultHeaders(headers),
         });
     });
 };
-const getProcessAutoRespond = (configs) => {
+const getProcessAutoRespond = (qpqConfig) => {
     return (payload) => __awaiter(void 0, void 0, void 0, function* () {
+        var _a;
         if (payload.transformedEventParams.method === 'OPTIONS') {
             return (0, quidproquo_core_1.actionResult)({
-                result: {
-                    statusCode: 200,
-                    headers: quidproquo_webserver_1.qpqWebServerUtils.getCorsHeaders(configs, {}, payload.transformedEventParams.headers),
-                },
+                status: 200,
+                isBase64Encoded: false,
+                body: '',
+                headers: quidproquo_webserver_1.qpqWebServerUtils.getCorsHeaders(qpqConfig, payload.matchResult.config || {}, payload.transformedEventParams.headers),
+            });
+        }
+        const authValid = yield (0, isAuthValid_1.isAuthValid)(qpqConfig, quidproquo_webserver_1.qpqWebServerUtils.getHeaderValue('Authorization', payload.transformedEventParams.headers), (_a = payload.matchResult.config) === null || _a === void 0 ? void 0 : _a.routeAuthSettings);
+        if (!authValid) {
+            return (0, quidproquo_core_1.actionResult)({
+                status: 401,
+                isBase64Encoded: false,
+                body: JSON.stringify({
+                    message: 'You are unauthorized to access this resource',
+                }),
+                headers: quidproquo_webserver_1.qpqWebServerUtils.getCorsHeaders(qpqConfig, payload.matchResult.config || {}, payload.transformedEventParams.headers),
             });
         }
         return (0, quidproquo_core_1.actionResult)(null);
     });
 };
-const getProcessMatchStory = (routes) => {
+const getProcessMatchStory = (qpqConfig) => {
+    const routes = quidproquo_webserver_1.qpqWebServerUtils.getAllRoutes(qpqConfig);
     return (payload) => __awaiter(void 0, void 0, void 0, function* () {
         // Sort the routes by string length
         // Note: We may need to filter variable routes out {} as the variables are length independent
         const sortedRoutes = routes
-            .filter((r) => r.method === payload.transformedEventParams.method)
+            .filter((r) => r.method === payload.transformedEventParams.method ||
+            payload.transformedEventParams.method === 'OPTIONS')
             .sort((a, b) => {
             if (a.path.length < b.path.length)
                 return -1;
@@ -73,22 +96,24 @@ const getProcessMatchStory = (routes) => {
         }))
             .find((m) => m.match.didMatch);
         if (!matchedRoute) {
-            return (0, quidproquo_core_1.actionResultError)(quidproquo_core_1.ErrorTypeEnum.NotFound, 'route not found');
+            return (0, quidproquo_core_1.actionResultError)(quidproquo_core_1.ErrorTypeEnum.NotFound, `route not found [${payload.transformedEventParams.path}] - [${quidproquo_webserver_1.qpqWebServerUtils.getHeaderValue('user-agent', payload.transformedEventParams.headers)}]`);
         }
         return (0, quidproquo_core_1.actionResult)({
             src: matchedRoute.route.src,
             runtime: matchedRoute.route.runtime,
-            options: matchedRoute.match.params || {},
+            runtimeOptions: matchedRoute.match.params || {},
+            // TODO: Make this aware of the API that we are eventing
+            config: quidproquo_webserver_1.qpqWebServerUtils.mergeAllRouteOptions('api', matchedRoute.route, qpqConfig),
         });
     });
 };
-exports.default = (config) => {
-    const routes = quidproquo_webserver_1.qpqWebServerUtils.getAllRoutes(config);
-    const serviceName = quidproquo_core_1.qpqCoreUtils.getApplicationModuleName(config);
+exports.default = (qpqConfig) => {
+    // TODO: Make this aware of the API that we are eventing
+    const serviceName = quidproquo_core_1.qpqCoreUtils.getApplicationModuleName(qpqConfig);
     return {
         [quidproquo_core_1.EventActionType.TransformEventParams]: getProcessTransformEventParams(serviceName),
-        [quidproquo_core_1.EventActionType.TransformResponseResult]: getProcessTransformResponseResult(config),
-        [quidproquo_core_1.EventActionType.AutoRespond]: getProcessAutoRespond(config),
-        [quidproquo_core_1.EventActionType.MatchStory]: getProcessMatchStory(routes),
+        [quidproquo_core_1.EventActionType.TransformResponseResult]: getProcessTransformResponseResult(qpqConfig),
+        [quidproquo_core_1.EventActionType.AutoRespond]: getProcessAutoRespond(qpqConfig),
+        [quidproquo_core_1.EventActionType.MatchStory]: getProcessMatchStory(qpqConfig),
     };
 };

package/lib/getActionProcessor/core/event/getCloudFrontOriginRequestEventActionProcessor.d.ts

@@ -1,10 +1,11 @@
-import { QPQConfig, EventMatchStoryActionProcessor, EventTransformEventParamsActionProcessor, EventTransformResponseResultActionProcessor, EventAutoRespondActionProcessor } from 'quidproquo-core';
-import { SeoEventParams, SeoEventResponse } from 'quidproquo-webserver';
+import { QPQConfig, MatchStoryResult, EventMatchStoryActionProcessor, EventTransformEventParamsActionProcessor, EventTransformResponseResultActionProcessor, EventAutoRespondActionProcessor } from 'quidproquo-core';
+import { SeoQPQWebServerConfigSetting, SeoEvent, SeoEventResponse, SeoEventRouteParams } from 'quidproquo-webserver';
 import { CloudFrontRequestEvent, Context } from 'aws-lambda';
+export type CloudFrontOriginMatchStoryResult = MatchStoryResult<SeoEventRouteParams, SeoQPQWebServerConfigSetting>;
 declare const _default: (config: QPQConfig) => {
-    "@quidproquo-core/event/TransformEventParams": EventTransformEventParamsActionProcessor<[CloudFrontRequestEvent, Context], SeoEventParams<any>>;
-    "@quidproquo-core/event/TransformResponseResult": EventTransformResponseResultActionProcessor<SeoEventResponse, SeoEventParams<any>, SeoEventResponse>;
-    "@quidproquo-core/event/AutoRespond": EventAutoRespondActionProcessor<SeoEventParams<any>>;
-    "@quidproquo-core/event/MatchStory": EventMatchStoryActionProcessor<SeoEventParams<any>>;
+    "@quidproquo-core/event/TransformEventParams": EventTransformEventParamsActionProcessor<[CloudFrontRequestEvent, Context], SeoEvent<any>>;
+    "@quidproquo-core/event/TransformResponseResult": EventTransformResponseResultActionProcessor<SeoEventResponse, SeoEvent<any>, SeoEventResponse>;
+    "@quidproquo-core/event/AutoRespond": EventAutoRespondActionProcessor<SeoEvent<any>, CloudFrontOriginMatchStoryResult, null>;
+    "@quidproquo-core/event/MatchStory": EventMatchStoryActionProcessor<SeoEvent<any>, CloudFrontOriginMatchStoryResult>;
 };
 export default _default;

package/lib/getActionProcessor/core/event/getCloudFrontOriginRequestEventActionProcessor.js

@@ -63,7 +63,8 @@ const getProcessMatchStory = (seoConfigs) => {
         return (0, quidproquo_core_1.actionResult)({
             src: matchedSeoConfig.route.src,
             runtime: matchedSeoConfig.route.runtime,
-            options: matchedSeoConfig.match.params || {},
+            runtimeOptions: matchedSeoConfig.match.params || {},
+            config: matchedSeoConfig.route,
         });
     });
 };

package/lib/getActionProcessor/core/event/getEventBridgeEventActionProcessor.d.ts

@@ -1,10 +1,13 @@
-import { EventMatchStoryActionProcessor, EventTransformEventParamsActionProcessor, EventTransformResponseResultActionProcessor, EventAutoRespondActionProcessor, ScheduledEventParams } from 'quidproquo-core';
+import { MatchStoryResult, EventMatchStoryActionProcessor, EventTransformEventParamsActionProcessor, EventTransformResponseResultActionProcessor, EventAutoRespondActionProcessor, ScheduledEventParams } from 'quidproquo-core';
 import { LambdaRuntimeConfig } from '../../../runtimeConfig/QPQAWSResourceMap';
 import { EventBridgeEvent, Context } from 'aws-lambda';
+type MatchOptions = {};
+type MatchConfig = any;
+type EventBridgeEventMatchStoryResult = MatchStoryResult<MatchOptions, MatchConfig>;
 declare const _default: (runtimeConfig: LambdaRuntimeConfig) => {
     "@quidproquo-core/event/TransformEventParams": EventTransformEventParamsActionProcessor<[EventBridgeEvent<any, any>, Context], ScheduledEventParams<any>>;
     "@quidproquo-core/event/TransformResponseResult": EventTransformResponseResultActionProcessor<any, any, any>;
-    "@quidproquo-core/event/AutoRespond": EventAutoRespondActionProcessor<ScheduledEventParams<any>>;
-    "@quidproquo-core/event/MatchStory": EventMatchStoryActionProcessor<ScheduledEventParams<any>>;
+    "@quidproquo-core/event/AutoRespond": EventAutoRespondActionProcessor<ScheduledEventParams<any>, EventBridgeEventMatchStoryResult, null>;
+    "@quidproquo-core/event/MatchStory": EventMatchStoryActionProcessor<ScheduledEventParams<any>, EventBridgeEventMatchStoryResult>;
 };
 export default _default;

package/lib/getActionProcessor/core/event/getEventBridgeEventActionProcessor.js

@@ -35,7 +35,7 @@ const getProcessMatchStory = (lambdaRuntimeConfig) => {
         return (0, quidproquo_core_1.actionResult)({
             src: lambdaRuntimeConfig.src,
             runtime: lambdaRuntimeConfig.runtime,
-            options: {},
+            runtimeOptions: {},
         });
     });
 };

package/lib/getActionProcessor/core/event/getSQSEventRecordActionProcessor.d.ts

@@ -1,12 +1,13 @@
-import { QPQConfig, EventMatchStoryActionProcessor, EventTransformEventParamsActionProcessor, EventTransformResponseResultActionProcessor, EventAutoRespondActionProcessor, QueueMessage, QueueQPQConfigSetting } from 'quidproquo-core';
-import { QueueEventParams } from 'quidproquo-webserver';
+import { QPQConfig, MatchStoryResult, EventMatchStoryActionProcessor, EventTransformEventParamsActionProcessor, EventTransformResponseResultActionProcessor, EventAutoRespondActionProcessor, QueueMessage, QueueQPQConfigSetting } from 'quidproquo-core';
+import { QueueEvent, QueueEventTypeParams } from 'quidproquo-webserver';
 import { Context, SQSRecord } from 'aws-lambda';
-type AnyQueueEventParams = QueueEventParams<QueueMessage<any>>;
+type AnyQueueEvent = QueueEvent<QueueMessage<any>>;
+export type SqsEventMatchStoryResult = MatchStoryResult<QueueEventTypeParams, string>;
 export declare const getQueueConfigSetting: () => QueueQPQConfigSetting;
 declare const _default: (qpqConfig: QPQConfig) => {
-    "@quidproquo-core/event/TransformEventParams": EventTransformEventParamsActionProcessor<[SQSRecord, Context], AnyQueueEventParams>;
-    "@quidproquo-core/event/TransformResponseResult": EventTransformResponseResultActionProcessor<boolean, AnyQueueEventParams, boolean>;
-    "@quidproquo-core/event/AutoRespond": EventAutoRespondActionProcessor<AnyQueueEventParams>;
-    "@quidproquo-core/event/MatchStory": EventMatchStoryActionProcessor<AnyQueueEventParams>;
+    "@quidproquo-core/event/TransformEventParams": EventTransformEventParamsActionProcessor<[SQSRecord, Context], AnyQueueEvent>;
+    "@quidproquo-core/event/TransformResponseResult": EventTransformResponseResultActionProcessor<boolean, AnyQueueEvent, boolean>;
+    "@quidproquo-core/event/AutoRespond": EventAutoRespondActionProcessor<AnyQueueEvent, SqsEventMatchStoryResult, null>;
+    "@quidproquo-core/event/MatchStory": EventMatchStoryActionProcessor<AnyQueueEvent, SqsEventMatchStoryResult>;
 };
 export default _default;

package/lib/getActionProcessor/core/event/getSQSEventRecordActionProcessor.js

@@ -58,7 +58,8 @@ const getProcessMatchStory = (qpqConfig) => {
         return (0, quidproquo_core_1.actionResult)({
             src: sourceEntry.src,
             runtime: sourceEntry.runtime,
-            options: matchedQueueType.match.params || {},
+            runtimeOptions: matchedQueueType.match.params || {},
+            config: matchedQueueType.queueType,
         });
     });
 };

package/lib/getActionProcessor/core/event/utils/isAuthValid.d.ts

@@ -0,0 +1,3 @@
+import { QPQConfig } from 'quidproquo-core';
+import { RouteAuthSettings } from 'quidproquo-webserver';
+export declare const isAuthValid: (qpqConfig: QPQConfig, authHeader?: string | null, authSettings?: RouteAuthSettings) => Promise<boolean>;

package/lib/getActionProcessor/core/event/utils/isAuthValid.js

@@ -0,0 +1,41 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isAuthValid = void 0;
+const quidproquo_core_1 = require("quidproquo-core");
+const verifyJwt_1 = require("../../../../logic/cognito/verifyJwt");
+const getExportedValue_1 = require("../../../../logic/cloudformation/getExportedValue");
+const awsNamingUtils_1 = require("../../../../awsNamingUtils");
+const isAuthValid = (qpqConfig, authHeader, authSettings) => __awaiter(void 0, void 0, void 0, function* () {
+    // If there are no auth settings ~ Its valid.
+    if (!authSettings || !authSettings.userDirectoryName) {
+        return true;
+    }
+    // We need a header to be able to auth
+    if (!authHeader) {
+        return false;
+    }
+    // Make sure we have a Bearer token
+    const [authType, accessToken] = authHeader.split(' ');
+    if (authType !== 'Bearer' || !accessToken) {
+        return false;
+    }
+    // Grab the user directory to auth against
+    const userDirectoryName = authSettings.userDirectoryName;
+    const region = quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig);
+    // Resolve the user pool id
+    const userPoolId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolIdFromConfig)(userDirectoryName, qpqConfig, authSettings.serviceName, authSettings.applicationName), region);
+    // Resolve the user pool client id
+    const userPoolClientId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolClientIdFromConfig)(userDirectoryName, qpqConfig, authSettings.serviceName, authSettings.applicationName), region);
+    // Verify the token
+    return yield (0, verifyJwt_1.verifyJwt)(accessToken, userPoolId, userPoolClientId, 'access');
+});
+exports.isAuthValid = isAuthValid;

package/lib/getActionProcessor/core/index.d.ts

@@ -8,3 +8,4 @@ export { default as getEventBridgeEventActionProcessor } from './event/getEventB
 export { default as getSystemActionProcessor } from './system';
 export { default as getFileActionProcessor } from './file';
 export { default as getQueueActionProcessor } from './queue';
+export { default as getUserDirectoryActionProcessor } from './userDirectory';

package/lib/getActionProcessor/core/index.js

@@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getQueueActionProcessor = exports.getFileActionProcessor = exports.getSystemActionProcessor = exports.getEventBridgeEventActionProcessor = exports.getSQSEventRecordActionProcessor = exports.getCloudFrontOriginRequestEventActionProcessor = exports.getAPIGatewayEventActionProcessor = exports.getConfigGetParametersActionProcessor = exports.getConfigGetParameterActionProcessor = exports.getConfigGetSecretActionProcessor = void 0;
+exports.getUserDirectoryActionProcessor = exports.getQueueActionProcessor = exports.getFileActionProcessor = exports.getSystemActionProcessor = exports.getEventBridgeEventActionProcessor = exports.getSQSEventRecordActionProcessor = exports.getCloudFrontOriginRequestEventActionProcessor = exports.getAPIGatewayEventActionProcessor = exports.getConfigGetParametersActionProcessor = exports.getConfigGetParameterActionProcessor = exports.getConfigGetSecretActionProcessor = void 0;
 var getConfigGetSecretActionProcessor_1 = require("./config/getConfigGetSecretActionProcessor");
 Object.defineProperty(exports, "getConfigGetSecretActionProcessor", { enumerable: true, get: function () { return __importDefault(getConfigGetSecretActionProcessor_1).default; } });
 var getConfigGetParameterActionProcessor_1 = require("./config/getConfigGetParameterActionProcessor");
@@ -24,3 +24,5 @@ var file_1 = require("./file");
 Object.defineProperty(exports, "getFileActionProcessor", { enumerable: true, get: function () { return __importDefault(file_1).default; } });
 var queue_1 = require("./queue");
 Object.defineProperty(exports, "getQueueActionProcessor", { enumerable: true, get: function () { return __importDefault(queue_1).default; } });
+var userDirectory_1 = require("./userDirectory");
+Object.defineProperty(exports, "getUserDirectoryActionProcessor", { enumerable: true, get: function () { return __importDefault(userDirectory_1).default; } });

package/lib/getActionProcessor/core/userDirectory/getUserDirectoryAuthenticateUserActionProcessor.d.ts

@@ -0,0 +1,5 @@
+import { UserDirectoryAuthenticateUserActionProcessor, QPQConfig } from 'quidproquo-core';
+declare const _default: (qpqConfig: QPQConfig) => {
+    "@quidproquo-core/UserDirectory/AuthenticateUser": UserDirectoryAuthenticateUserActionProcessor;
+};
+export default _default;

package/lib/getActionProcessor/core/userDirectory/getUserDirectoryAuthenticateUserActionProcessor.js

@@ -0,0 +1,29 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const quidproquo_core_1 = require("quidproquo-core");
+const awsNamingUtils_1 = require("../../../awsNamingUtils");
+const authenticateUser_1 = require("../../../logic/cognito/authenticateUser");
+const getExportedValue_1 = require("../../../logic/cloudformation/getExportedValue");
+const getUserDirectoryAuthenticateUserActionProcessor = (qpqConfig) => {
+    return (payload) => __awaiter(void 0, void 0, void 0, function* () {
+        const region = quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig);
+        const userPoolId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolIdFromConfig)(payload.userDirectoryName, qpqConfig), region);
+        const userPoolClientId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolClientIdFromConfig)(payload.userDirectoryName, qpqConfig), region);
+        const authResponse = yield (0, authenticateUser_1.authenticateUser)(userPoolId, userPoolClientId, quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig), payload.authenticateUserRequest);
+        return (0, quidproquo_core_1.actionResult)(authResponse);
+    });
+};
+exports.default = (qpqConfig) => {
+    return {
+        [quidproquo_core_1.UserDirectoryActionType.AuthenticateUser]: getUserDirectoryAuthenticateUserActionProcessor(qpqConfig),
+    };
+};

package/lib/getActionProcessor/core/userDirectory/getUserDirectoryCreateUserActionProcessor.d.ts

@@ -0,0 +1,5 @@
+import { UserDirectoryCreateUserActionProcessor, QPQConfig } from 'quidproquo-core';
+declare const _default: (qpqConfig: QPQConfig) => {
+    "@quidproquo-core/UserDirectory/CreateUser": UserDirectoryCreateUserActionProcessor;
+};
+export default _default;

package/lib/getActionProcessor/core/userDirectory/getUserDirectoryCreateUserActionProcessor.js

@@ -0,0 +1,28 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const quidproquo_core_1 = require("quidproquo-core");
+const awsNamingUtils_1 = require("../../../awsNamingUtils");
+const createUser_1 = require("../../../logic/cognito/createUser");
+const getExportedValue_1 = require("../../../logic/cloudformation/getExportedValue");
+const getUserDirectoryCreateUserActionProcessor = (qpqConfig) => {
+    return (payload) => __awaiter(void 0, void 0, void 0, function* () {
+        const region = quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig);
+        const userPoolId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolIdFromConfig)(payload.userDirectoryName, qpqConfig), region);
+        const username = yield (0, createUser_1.createUser)(userPoolId, quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig), payload.createUserRequest);
+        return (0, quidproquo_core_1.actionResult)(username);
+    });
+};
+exports.default = (qpqConfig) => {
+    return {
+        [quidproquo_core_1.UserDirectoryActionType.CreateUser]: getUserDirectoryCreateUserActionProcessor(qpqConfig),
+    };
+};

package/lib/getActionProcessor/core/userDirectory/index.d.ts

@@ -0,0 +1,6 @@
+import { QPQConfig } from 'quidproquo-core';
+declare const _default: (qpqConfig: QPQConfig) => {
+    "@quidproquo-core/UserDirectory/CreateUser": import("quidproquo-core").UserDirectoryCreateUserActionProcessor;
+    "@quidproquo-core/UserDirectory/AuthenticateUser": import("quidproquo-core").UserDirectoryAuthenticateUserActionProcessor;
+};
+export default _default;

package/lib/getActionProcessor/core/userDirectory/index.js

@@ -0,0 +1,8 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const getUserDirectoryAuthenticateUserActionProcessor_1 = __importDefault(require("./getUserDirectoryAuthenticateUserActionProcessor"));
+const getUserDirectoryCreateUserActionProcessor_1 = __importDefault(require("./getUserDirectoryCreateUserActionProcessor"));
+exports.default = (qpqConfig) => (Object.assign(Object.assign({}, (0, getUserDirectoryAuthenticateUserActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryCreateUserActionProcessor_1.default)(qpqConfig)));

package/lib/logic/cloudformation/getExportedValue.d.ts

@@ -0,0 +1 @@
+export declare const getExportedValue: (variableName: string, region: string) => Promise<string>;

package/lib/logic/cloudformation/getExportedValue.js

@@ -0,0 +1,29 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getExportedValue = void 0;
+const client_cloudformation_1 = require("@aws-sdk/client-cloudformation");
+const getExportedValue = (variableName, region) => __awaiter(void 0, void 0, void 0, function* () {
+    var _a;
+    const cloudformation = new client_cloudformation_1.CloudFormationClient({ region });
+    const listCommandParams = {};
+    do {
+        const result = yield cloudformation.send(new client_cloudformation_1.ListExportsCommand(listCommandParams));
+        const value = (_a = (result.Exports || []).find((e) => e.Name === variableName)) === null || _a === void 0 ? void 0 : _a.Value;
+        if (value !== undefined) {
+            console.log(`CF Found: [${variableName}] = [${value}]`);
+            return value;
+        }
+        listCommandParams.NextToken = result.NextToken;
+    } while (!!listCommandParams.NextToken);
+    throw new Error(`CF could not find: [${variableName}]`);
+});
+exports.getExportedValue = getExportedValue;

package/lib/logic/cognito/authenticateUser.d.ts

@@ -0,0 +1,2 @@
+import { AuthenticateUserRequest, AuthenticateUserResponse } from 'quidproquo-core';
+export declare const authenticateUser: (userPoolId: string, clientId: string, region: string, authenticateUserRequest: AuthenticateUserRequest) => Promise<AuthenticateUserResponse>;

package/lib/logic/cognito/authenticateUser.js

@@ -0,0 +1,50 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.authenticateUser = void 0;
+const quidproquo_core_1 = require("quidproquo-core");
+const client_cognito_identity_provider_1 = require("@aws-sdk/client-cognito-identity-provider");
+const calculateSecretHash_1 = require("./utils/calculateSecretHash");
+const getUserPoolClientSecret_1 = require("./getUserPoolClientSecret");
+const cognitoAuthenticationResultTypeToQpqAuthenticationInfo = (authResult) => ({
+    accessToken: authResult.AccessToken,
+    idToken: authResult.IdToken,
+    expiresIn: authResult.ExpiresIn,
+    refreshToken: authResult.RefreshToken,
+    tokenType: authResult.TokenType,
+});
+const authenticateUser = (userPoolId, clientId, region, authenticateUserRequest) => __awaiter(void 0, void 0, void 0, function* () {
+    const cognitoClient = new client_cognito_identity_provider_1.CognitoIdentityProviderClient({ region });
+    const clientSecret = yield (0, getUserPoolClientSecret_1.getUserPoolClientSecret)(userPoolId, clientId, region);
+    const secretHash = (0, calculateSecretHash_1.calculateSecretHash)(authenticateUserRequest.email, clientId, clientSecret);
+    const params = {
+        AuthFlow: client_cognito_identity_provider_1.AuthFlowType.ADMIN_USER_PASSWORD_AUTH,
+        UserPoolId: userPoolId,
+        ClientId: clientId,
+        AuthParameters: {
+            USERNAME: authenticateUserRequest.email,
+            PASSWORD: authenticateUserRequest.password,
+            SECRET_HASH: secretHash,
+        },
+    };
+    const response = yield cognitoClient.send(new client_cognito_identity_provider_1.AdminInitiateAuthCommand(params));
+    console.log(JSON.stringify(response, null, 2));
+    const authenticateUserResponse = {
+        session: response.Session,
+        challenge: quidproquo_core_1.AuthenticateUserChallenge.NONE,
+    };
+    if (response.AuthenticationResult) {
+        authenticateUserResponse.authenticationInfo =
+            cognitoAuthenticationResultTypeToQpqAuthenticationInfo(response.AuthenticationResult);
+    }
+    return authenticateUserResponse;
+});
+exports.authenticateUser = authenticateUser;

package/lib/logic/cognito/createUser.d.ts

@@ -0,0 +1,2 @@
+import { CreateUserRequest } from 'quidproquo-core';
+export declare const createUser: (userPoolId: string, region: string, createUserRequest: CreateUserRequest) => Promise<string>;

package/lib/logic/cognito/createUser.js

@@ -0,0 +1,42 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createUser = void 0;
+const client_cognito_identity_provider_1 = require("@aws-sdk/client-cognito-identity-provider");
+const createUser = (userPoolId, region, createUserRequest) => __awaiter(void 0, void 0, void 0, function* () {
+    var _a;
+    const cognitoClient = new client_cognito_identity_provider_1.CognitoIdentityProviderClient({ region });
+    const params = {
+        UserPoolId: userPoolId,
+        Username: createUserRequest.email,
+        MessageAction: client_cognito_identity_provider_1.MessageActionType.SUPPRESS,
+        DesiredDeliveryMediums: [client_cognito_identity_provider_1.DeliveryMediumType.EMAIL],
+        UserAttributes: [{ Name: 'email', Value: createUserRequest.email }],
+        ForceAliasCreation: false,
+    };
+    if (createUserRequest.phone) {
+        params.DesiredDeliveryMediums.push(client_cognito_identity_provider_1.DeliveryMediumType.SMS);
+        params.UserAttributes.push({ Name: 'phone_number', Value: createUserRequest.phone });
+    }
+    const response = yield cognitoClient.send(new client_cognito_identity_provider_1.AdminCreateUserCommand(params));
+    const username = ((_a = response.User) === null || _a === void 0 ? void 0 : _a.Username) || '';
+    // There has to be a better way than this?
+    const passwordParams = {
+        Password: createUserRequest.password,
+        Username: username,
+        UserPoolId: userPoolId,
+        Permanent: true,
+    };
+    yield cognitoClient.send(new client_cognito_identity_provider_1.AdminSetUserPasswordCommand(passwordParams));
+    // ///////////////////////
+    return username;
+});
+exports.createUser = createUser;

package/lib/logic/cognito/getUser.d.ts

@@ -0,0 +1,10 @@
+export interface UserAttributes {
+    [attribute: string]: string;
+}
+export interface User {
+    id: string;
+    username: string;
+    email: string;
+    userAttributes: UserAttributes;
+}
+export declare const getUser: (accessToken: string, region: string) => Promise<User>;

package/lib/logic/cognito/getUser.js

@@ -0,0 +1,37 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getUser = void 0;
+const client_cognito_identity_provider_1 = require("@aws-sdk/client-cognito-identity-provider");
+const getUserAttribute = (attributeName, userAttributes) => {
+    const lowerAttributeName = attributeName.toLowerCase();
+    const attribute = userAttributes.find((k) => { var _a; return ((_a = k.Name) === null || _a === void 0 ? void 0 : _a.toLowerCase()) === lowerAttributeName; });
+    return attribute === null || attribute === void 0 ? void 0 : attribute.Value;
+};
+const getUser = (accessToken, region) => __awaiter(void 0, void 0, void 0, function* () {
+    const cognitoClient = new client_cognito_identity_provider_1.CognitoIdentityProviderClient({ region });
+    const params = {
+        AccessToken: accessToken,
+    };
+    const response = yield cognitoClient.send(new client_cognito_identity_provider_1.GetUserCommand(params));
+    console.log(JSON.stringify(response, null, 2));
+    const attributeTypes = (response.UserAttributes || []).filter((ua) => !!ua.Value);
+    const userAttributes = attributeTypes.reduce((acc, ua) => (Object.assign(Object.assign({}, acc), { [ua.Name]: ua.Value })), {});
+    const user = {
+        username: response.Username,
+        id: getUserAttribute('sub', attributeTypes),
+        email: getUserAttribute('email', attributeTypes),
+        userAttributes,
+    };
+    console.log(JSON.stringify(user, null, 2));
+    return user;
+});
+exports.getUser = getUser;

package/lib/logic/cognito/getUserPoolClientSecret.d.ts

@@ -0,0 +1 @@
+export declare const getUserPoolClientSecret: (userPoolId: string, clientId: string, region: string) => Promise<string>;

package/lib/logic/cognito/getUserPoolClientSecret.js

@@ -0,0 +1,27 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getUserPoolClientSecret = void 0;
+const client_cognito_identity_provider_1 = require("@aws-sdk/client-cognito-identity-provider");
+const getUserPoolClientSecret = (userPoolId, clientId, region) => __awaiter(void 0, void 0, void 0, function* () {
+    var _a, _b;
+    const cognitoClient = new client_cognito_identity_provider_1.CognitoIdentityProviderClient({ region });
+    const params = {
+        ClientId: clientId,
+        UserPoolId: userPoolId,
+    };
+    const response = yield cognitoClient.send(new client_cognito_identity_provider_1.DescribeUserPoolClientCommand(params));
+    if (!((_a = response.UserPoolClient) === null || _a === void 0 ? void 0 : _a.ClientSecret)) {
+        throw new Error('Can not find client secret for Cognito user pool client');
+    }
+    return (_b = response.UserPoolClient) === null || _b === void 0 ? void 0 : _b.ClientSecret;
+});
+exports.getUserPoolClientSecret = getUserPoolClientSecret;

package/lib/logic/cognito/utils/calculateSecretHash.d.ts

@@ -0,0 +1 @@
+export declare const calculateSecretHash: (username: string, clientId: string, clientSecret: string) => string;

package/lib/logic/cognito/utils/calculateSecretHash.js

@@ -0,0 +1,13 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.calculateSecretHash = void 0;
+const crypto_1 = require("crypto");
+const calculateSecretHash = (username, clientId, clientSecret) => {
+    // create the hmac with the sha256 algorithm and a secret key
+    const hasher = (0, crypto_1.createHmac)('sha256', clientSecret);
+    // add the value we want to hash
+    hasher.update(`${username}${clientId}`);
+    // get the hashed value as base64
+    return hasher.digest('base64');
+};
+exports.calculateSecretHash = calculateSecretHash;

package/lib/logic/cognito/verifyJwt.d.ts

@@ -0,0 +1 @@
+export declare const verifyJwt: (accessToken: string, userPoolId: string, clientId: string, tokenType: 'id' | 'access') => Promise<boolean>;

package/lib/logic/cognito/verifyJwt.js

@@ -0,0 +1,30 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyJwt = void 0;
+const aws_jwt_verify_1 = require("aws-jwt-verify");
+const verifyJwt = (accessToken, userPoolId, clientId, tokenType) => __awaiter(void 0, void 0, void 0, function* () {
+    const verifier = aws_jwt_verify_1.CognitoJwtVerifier.create({
+        userPoolId: userPoolId,
+        tokenUse: tokenType,
+        clientId: clientId,
+    });
+    try {
+        const payload = yield verifier.verify(accessToken);
+        console.log('verify: ', JSON.stringify(payload, null, 2));
+        return true;
+    }
+    catch (e) {
+        console.log(e);
+        return false;
+    }
+});
+exports.verifyJwt = verifyJwt;

package/lib/logic/s3/deleteFiles.js

@@ -11,7 +11,6 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.deleteFiles = void 0;
 const client_s3_1 = require("@aws-sdk/client-s3");
-const client_s3_2 = require("@aws-sdk/client-s3");
 const deleteFiles = (drive, filepaths, region) => __awaiter(void 0, void 0, void 0, function* () {
     const s3Client = new client_s3_1.S3Client({ region });
     const bucketParams = {
@@ -21,7 +20,7 @@ const deleteFiles = (drive, filepaths, region) => __awaiter(void 0, void 0, void
             Objects: filepaths.map((fp) => ({ Key: fp })),
         },
     };
-    const response = yield s3Client.send(new client_s3_2.DeleteObjectsCommand(bucketParams));
+    const response = yield s3Client.send(new client_s3_1.DeleteObjectsCommand(bucketParams));
     return (response.Errors || []).map((e) => e.Key || '');
 });
 exports.deleteFiles = deleteFiles;

package/lib/runtimeConfig/qpqAwsLambdaRuntimeConfigUtils.js

@@ -3,14 +3,14 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.resolveParameterKey = exports.resolveSecretKey = exports.resolveResourceName = void 0;
 const awsNamingUtils_1 = require("../awsNamingUtils");
 const resolveResourceName = (resourceName, qpqConfig) => {
-    return (0, awsNamingUtils_1.getConfigRuntimeResourceName)(resourceName, qpqConfig);
+    return (0, awsNamingUtils_1.getConfigRuntimeResourceNameFromConfig)(resourceName, qpqConfig);
 };
 exports.resolveResourceName = resolveResourceName;
 const resolveSecretKey = (secretName, qpqConfig) => {
-    return (0, awsNamingUtils_1.getConfigRuntimeResourceName)(secretName, qpqConfig);
+    return (0, awsNamingUtils_1.getConfigRuntimeResourceNameFromConfig)(secretName, qpqConfig);
 };
 exports.resolveSecretKey = resolveSecretKey;
 const resolveParameterKey = (parameterName, qpqConfig) => {
-    return (0, awsNamingUtils_1.getConfigRuntimeResourceName)(parameterName, qpqConfig);
+    return (0, awsNamingUtils_1.getConfigRuntimeResourceNameFromConfig)(parameterName, qpqConfig);
 };
 exports.resolveParameterKey = resolveParameterKey;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "quidproquo-actionprocessor-awslambda",
-  "version": "0.0.71",
+  "version": "0.0.72",
   "description": "",
   "main": "./lib/index.js",
   "types": "./lib/index.d.js",
@@ -25,10 +25,13 @@
   },
   "homepage": "https://github.com/joe-coady/quidproquo#readme",
   "dependencies": {
+    "@aws-sdk/client-cloudformation": "^3.266.0",
+    "@aws-sdk/client-cognito-identity-provider": "^3.266.0",
     "@aws-sdk/client-s3": "^3.266.0",
     "@aws-sdk/client-secrets-manager": "^3.266.0",
-    "@aws-sdk/client-sqs": "^3.266.1",
+    "@aws-sdk/client-sqs": "^3.266.0",
     "@aws-sdk/client-ssm": "^3.266.0",
+    "aws-jwt-verify": "^3.4.0",
     "aws-sdk": "^2.1264.0",
     "node-match-path": "^0.6.3",
     "quidproquo-core": "*",