quidproquo-actionprocessor-awslambda 0.0.88 → 0.0.90

package/lib/getActionProcessor/core/userDirectory/getUserDirectoryConfirmEmailVerificationActionProcessor.d.ts

@@ -0,0 +1,5 @@
+import { UserDirectoryConfirmEmailVerificationActionProcessor, QPQConfig } from 'quidproquo-core';
+declare const _default: (qpqConfig: QPQConfig) => {
+    "@quidproquo-core/UserDirectory/ConfirmEmailVerification": UserDirectoryConfirmEmailVerificationActionProcessor;
+};
+export default _default;

package/lib/getActionProcessor/core/userDirectory/getUserDirectoryConfirmEmailVerificationActionProcessor.js

@@ -0,0 +1,25 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const quidproquo_core_1 = require("quidproquo-core");
+const verifyUserEmail_1 = require("../../../logic/cognito/verifyUserEmail");
+const getUserDirectoryConfirmEmailVerificationActionProcessor = (qpqConfig) => {
+    return ({ code, accessToken }) => __awaiter(void 0, void 0, void 0, function* () {
+        const region = quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig);
+        yield (0, verifyUserEmail_1.verifyUserEmail)(region, accessToken, code);
+        return (0, quidproquo_core_1.actionResult)(void 0);
+    });
+};
+exports.default = (qpqConfig) => {
+    return {
+        [quidproquo_core_1.UserDirectoryActionType.ConfirmEmailVerification]: getUserDirectoryConfirmEmailVerificationActionProcessor(qpqConfig),
+    };
+};

package/lib/getActionProcessor/core/userDirectory/getUserDirectoryConfirmForgetPasswordActionProcessor.d.ts

@@ -0,0 +1,5 @@
+import { UserDirectoryConfirmForgotPasswordActionProcessor, QPQConfig } from 'quidproquo-core';
+declare const _default: (qpqConfig: QPQConfig) => {
+    "@quidproquo-core/UserDirectory/ConfirmForgotPassword": UserDirectoryConfirmForgotPasswordActionProcessor;
+};
+export default _default;

package/lib/getActionProcessor/core/userDirectory/getUserDirectoryConfirmForgetPasswordActionProcessor.js

@@ -0,0 +1,29 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const quidproquo_core_1 = require("quidproquo-core");
+const awsNamingUtils_1 = require("../../../awsNamingUtils");
+const confirmForgotPassword_1 = require("../../../logic/cognito/confirmForgotPassword");
+const getExportedValue_1 = require("../../../logic/cloudformation/getExportedValue");
+const getUserDirectoryConfirmForgotPasswordActionProcessor = (qpqConfig) => {
+    return ({ userDirectoryName, code, username, password }) => __awaiter(void 0, void 0, void 0, function* () {
+        const region = quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig);
+        const userPoolId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolIdFromConfig)(userDirectoryName, qpqConfig), region);
+        const userPoolClientId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolClientIdFromConfig)(userDirectoryName, qpqConfig), region);
+        const authResponse = yield (0, confirmForgotPassword_1.confirmForgotPassword)(userPoolId, userPoolClientId, region, code, username, password);
+        return (0, quidproquo_core_1.actionResult)(authResponse);
+    });
+};
+exports.default = (qpqConfig) => {
+    return {
+        [quidproquo_core_1.UserDirectoryActionType.ConfirmForgotPassword]: getUserDirectoryConfirmForgotPasswordActionProcessor(qpqConfig),
+    };
+};

package/lib/getActionProcessor/core/userDirectory/getUserDirectoryForgetPasswordActionProcessor.d.ts

@@ -0,0 +1,5 @@
+import { UserDirectoryForgotPasswordActionProcessor, QPQConfig } from 'quidproquo-core';
+declare const _default: (qpqConfig: QPQConfig) => {
+    "@quidproquo-core/UserDirectory/ForgotPassword": UserDirectoryForgotPasswordActionProcessor;
+};
+export default _default;

package/lib/getActionProcessor/core/userDirectory/getUserDirectoryForgetPasswordActionProcessor.js

@@ -0,0 +1,29 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const quidproquo_core_1 = require("quidproquo-core");
+const awsNamingUtils_1 = require("../../../awsNamingUtils");
+const forgotPassword_1 = require("../../../logic/cognito/forgotPassword");
+const getExportedValue_1 = require("../../../logic/cloudformation/getExportedValue");
+const getUserDirectoryForgotPasswordActionProcessor = (qpqConfig) => {
+    return ({ username, userDirectoryName }) => __awaiter(void 0, void 0, void 0, function* () {
+        const region = quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig);
+        const userPoolId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolIdFromConfig)(userDirectoryName, qpqConfig), region);
+        const userPoolClientId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolClientIdFromConfig)(userDirectoryName, qpqConfig), region);
+        const authResponse = yield (0, forgotPassword_1.forgotPassword)(userPoolId, userPoolClientId, quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig), username);
+        return (0, quidproquo_core_1.actionResult)(authResponse);
+    });
+};
+exports.default = (qpqConfig) => {
+    return {
+        [quidproquo_core_1.UserDirectoryActionType.ForgotPassword]: getUserDirectoryForgotPasswordActionProcessor(qpqConfig),
+    };
+};

package/lib/getActionProcessor/core/userDirectory/getUserDirectoryRefreshTokenActionProcessor.d.ts

@@ -0,0 +1,5 @@
+import { UserDirectoryRefreshTokenActionProcessor, QPQConfig } from 'quidproquo-core';
+declare const _default: (qpqConfig: QPQConfig) => {
+    "@quidproquo-core/UserDirectory/RefreshToken": UserDirectoryRefreshTokenActionProcessor;
+};
+export default _default;

package/lib/getActionProcessor/core/userDirectory/getUserDirectoryRefreshTokenActionProcessor.js

@@ -0,0 +1,29 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const quidproquo_core_1 = require("quidproquo-core");
+const awsNamingUtils_1 = require("../../../awsNamingUtils");
+const refreshToken_1 = require("../../../logic/cognito/refreshToken");
+const getExportedValue_1 = require("../../../logic/cloudformation/getExportedValue");
+const getUserDirectoryRefreshTokenActionProcessor = (qpqConfig) => {
+    return ({ userDirectoryName, username, refreshToken }) => __awaiter(void 0, void 0, void 0, function* () {
+        const region = quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig);
+        const userPoolId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolIdFromConfig)(userDirectoryName, qpqConfig), region);
+        const userPoolClientId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolClientIdFromConfig)(userDirectoryName, qpqConfig), region);
+        const authResponse = yield (0, refreshToken_1.refreshToken)(userPoolId, userPoolClientId, quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig), username, refreshToken);
+        return (0, quidproquo_core_1.actionResult)(authResponse);
+    });
+};
+exports.default = (qpqConfig) => {
+    return {
+        [quidproquo_core_1.UserDirectoryActionType.RefreshToken]: getUserDirectoryRefreshTokenActionProcessor(qpqConfig),
+    };
+};

package/lib/getActionProcessor/core/userDirectory/getUserDirectoryRequestEmailVerificationActionProcessor.d.ts

@@ -0,0 +1,5 @@
+import { UserDirectoryRequestEmailVerificationActionProcessor, QPQConfig } from 'quidproquo-core';
+declare const _default: (qpqConfig: QPQConfig) => {
+    "@quidproquo-core/UserDirectory/RequestEmailVerification": UserDirectoryRequestEmailVerificationActionProcessor;
+};
+export default _default;

package/lib/getActionProcessor/core/userDirectory/getUserDirectoryRequestEmailVerificationActionProcessor.js

@@ -0,0 +1,25 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const quidproquo_core_1 = require("quidproquo-core");
+const requestEmailVerificationCode_1 = require("../../../logic/cognito/requestEmailVerificationCode");
+const getUserDirectoryRequestEmailVerificationActionProcessor = (qpqConfig) => {
+    return ({ userDirectoryName, accessToken }) => __awaiter(void 0, void 0, void 0, function* () {
+        const region = quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig);
+        yield (0, requestEmailVerificationCode_1.requestEmailVerificationCode)(region, accessToken);
+        return (0, quidproquo_core_1.actionResult)(void 0);
+    });
+};
+exports.default = (qpqConfig) => {
+    return {
+        [quidproquo_core_1.UserDirectoryActionType.RequestEmailVerification]: getUserDirectoryRequestEmailVerificationActionProcessor(qpqConfig),
+    };
+};

package/lib/getActionProcessor/core/userDirectory/index.d.ts

@@ -1,6 +1,11 @@
 import { QPQConfig } from 'quidproquo-core';
 declare const _default: (qpqConfig: QPQConfig) => {
+    "@quidproquo-core/UserDirectory/RequestEmailVerification": import("quidproquo-core").UserDirectoryRequestEmailVerificationActionProcessor;
+    "@quidproquo-core/UserDirectory/RefreshToken": import("quidproquo-core").UserDirectoryRefreshTokenActionProcessor;
+    "@quidproquo-core/UserDirectory/ForgotPassword": import("quidproquo-core").UserDirectoryForgotPasswordActionProcessor;
     "@quidproquo-core/UserDirectory/CreateUser": import("quidproquo-core").UserDirectoryCreateUserActionProcessor;
+    "@quidproquo-core/UserDirectory/ConfirmForgotPassword": import("quidproquo-core").UserDirectoryConfirmForgotPasswordActionProcessor;
+    "@quidproquo-core/UserDirectory/ConfirmEmailVerification": import("quidproquo-core").UserDirectoryConfirmEmailVerificationActionProcessor;
     "@quidproquo-core/UserDirectory/AuthenticateUser": import("quidproquo-core").UserDirectoryAuthenticateUserActionProcessor;
 };
 export default _default;

package/lib/getActionProcessor/core/userDirectory/index.js

@@ -4,5 +4,10 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 const getUserDirectoryAuthenticateUserActionProcessor_1 = __importDefault(require("./getUserDirectoryAuthenticateUserActionProcessor"));
+const getUserDirectoryConfirmEmailVerificationActionProcessor_1 = __importDefault(require("./getUserDirectoryConfirmEmailVerificationActionProcessor"));
+const getUserDirectoryConfirmForgetPasswordActionProcessor_1 = __importDefault(require("./getUserDirectoryConfirmForgetPasswordActionProcessor"));
 const getUserDirectoryCreateUserActionProcessor_1 = __importDefault(require("./getUserDirectoryCreateUserActionProcessor"));
-exports.default = (qpqConfig) => (Object.assign(Object.assign({}, (0, getUserDirectoryAuthenticateUserActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryCreateUserActionProcessor_1.default)(qpqConfig)));
+const getUserDirectoryForgetPasswordActionProcessor_1 = __importDefault(require("./getUserDirectoryForgetPasswordActionProcessor"));
+const getUserDirectoryRefreshTokenActionProcessor_1 = __importDefault(require("./getUserDirectoryRefreshTokenActionProcessor"));
+const getUserDirectoryRequestEmailVerificationActionProcessor_1 = __importDefault(require("./getUserDirectoryRequestEmailVerificationActionProcessor"));
+exports.default = (qpqConfig) => (Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign({}, (0, getUserDirectoryAuthenticateUserActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryConfirmEmailVerificationActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryConfirmForgetPasswordActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryCreateUserActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryForgetPasswordActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryRefreshTokenActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryRequestEmailVerificationActionProcessor_1.default)(qpqConfig)));

package/lib/logic/cognito/authenticateUser.js

@@ -14,13 +14,8 @@ const quidproquo_core_1 = require("quidproquo-core");
 const client_cognito_identity_provider_1 = require("@aws-sdk/client-cognito-identity-provider");
 const calculateSecretHash_1 = require("./utils/calculateSecretHash");
 const getUserPoolClientSecret_1 = require("./getUserPoolClientSecret");
-const cognitoAuthenticationResultTypeToQpqAuthenticationInfo = (authResult) => ({
-    accessToken: authResult.AccessToken,
-    idToken: authResult.IdToken,
-    expiresIn: authResult.ExpiresIn,
-    refreshToken: authResult.RefreshToken,
-    tokenType: authResult.TokenType,
-});
+const transformCognitoResponse_1 = require("./utils/transformCognitoResponse");
+// TODO: retry for TooManyRequestsException
 const authenticateUser = (userPoolId, clientId, region, username, password) => __awaiter(void 0, void 0, void 0, function* () {
     const cognitoClient = new client_cognito_identity_provider_1.CognitoIdentityProviderClient({ region });
     const clientSecret = yield (0, getUserPoolClientSecret_1.getUserPoolClientSecret)(userPoolId, clientId, region);
@@ -35,15 +30,22 @@ const authenticateUser = (userPoolId, clientId, region, username, password) => _
             SECRET_HASH: secretHash,
         },
     };
-    const response = yield cognitoClient.send(new client_cognito_identity_provider_1.AdminInitiateAuthCommand(params));
-    const authenticateUserResponse = {
-        session: response.Session,
-        challenge: quidproquo_core_1.AuthenticateUserChallenge.NONE,
-    };
-    if (response.AuthenticationResult) {
-        authenticateUserResponse.authenticationInfo =
-            cognitoAuthenticationResultTypeToQpqAuthenticationInfo(response.AuthenticationResult);
+    try {
+        const response = yield cognitoClient.send(new client_cognito_identity_provider_1.AdminInitiateAuthCommand(params));
+        return (0, transformCognitoResponse_1.cognitoAdminInitiateAuthResponseToQpqAuthenticationInfo)(response);
+    }
+    catch (e) {
+        if (e instanceof Error) {
+            switch (e.name) {
+                case 'PasswordResetRequiredException':
+                    return {
+                        challenge: quidproquo_core_1.AuthenticateUserChallenge.RESET_PASSWORD,
+                    };
+            }
+            throw new Error(`${e.name}: ${e.message}`);
+        }
+        console.log('authenticateUser Error: ', e);
+        throw new Error(`Unknown error has occurred in authenticateUser`);
     }
-    return authenticateUserResponse;
 });
 exports.authenticateUser = authenticateUser;

package/lib/logic/cognito/confirmForgotPassword.d.ts

@@ -0,0 +1,2 @@
+import { AuthenticateUserResponse } from 'quidproquo-core';
+export declare const confirmForgotPassword: (userPoolId: string, clientId: string, region: string, code: string, username: string, password: string) => Promise<AuthenticateUserResponse>;

package/lib/logic/cognito/confirmForgotPassword.js

@@ -0,0 +1,33 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.confirmForgotPassword = void 0;
+const client_cognito_identity_provider_1 = require("@aws-sdk/client-cognito-identity-provider");
+const calculateSecretHash_1 = require("./utils/calculateSecretHash");
+const getUserPoolClientSecret_1 = require("./getUserPoolClientSecret");
+const authenticateUser_1 = require("./authenticateUser");
+const confirmForgotPassword = (userPoolId, clientId, region, code, username, password) => __awaiter(void 0, void 0, void 0, function* () {
+    const cognitoClient = new client_cognito_identity_provider_1.CognitoIdentityProviderClient({ region });
+    const clientSecret = yield (0, getUserPoolClientSecret_1.getUserPoolClientSecret)(userPoolId, clientId, region);
+    const secretHash = (0, calculateSecretHash_1.calculateSecretHash)(username, clientId, clientSecret);
+    const params = {
+        ClientId: clientId,
+        ConfirmationCode: code,
+        SecretHash: secretHash,
+        Password: password,
+        Username: username,
+    };
+    yield cognitoClient.send(new client_cognito_identity_provider_1.ConfirmForgotPasswordCommand(params));
+    // Authenticate the user
+    const authResponse = yield (0, authenticateUser_1.authenticateUser)(userPoolId, clientId, region, username, password);
+    return authResponse;
+});
+exports.confirmForgotPassword = confirmForgotPassword;

package/lib/logic/cognito/createUser.d.ts

@@ -1,2 +1,6 @@
 import { CreateUserRequest, AuthenticateUserResponse } from 'quidproquo-core';
+export declare const getUserAttributesFromCreateUserRequest: (createUserRequest: CreateUserRequest) => {
+    Name: string;
+    Value: string;
+}[];
 export declare const createUser: (userPoolId: string, region: string, clientId: string, createUserRequest: CreateUserRequest) => Promise<AuthenticateUserResponse>;

package/lib/logic/cognito/createUser.js

@@ -9,10 +9,39 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.createUser = void 0;
+exports.createUser = exports.getUserAttributesFromCreateUserRequest = void 0;
 const client_cognito_identity_provider_1 = require("@aws-sdk/client-cognito-identity-provider");
 const authenticateUser_1 = require("./authenticateUser");
 const setUserPassword_1 = require("./setUserPassword");
+const cognitoAttributeMap = {
+    email: 'email',
+    emailVerified: 'email_verified',
+    password: 'password',
+    address: 'address',
+    birthDate: 'birthdate',
+    familyName: 'family_name',
+    gender: 'gender',
+    givenName: 'given_name',
+    locale: 'locale',
+    middleName: 'middle_name',
+    name: 'name',
+    nickname: 'nickname',
+    phoneNumber: 'phone_number',
+    picture: 'picture',
+    preferredUsername: 'preferred_username',
+    profile: 'profile',
+    website: 'website',
+    zoneInfo: 'zoneinfo',
+};
+const getUserAttributesFromCreateUserRequest = (createUserRequest) => {
+    return Object.keys(createUserRequest)
+        .map((key) => ({
+        Name: cognitoAttributeMap[key],
+        Value: `${createUserRequest[key]}`,
+    }))
+        .filter((attribute) => !!attribute.Value && attribute.Name !== 'password');
+};
+exports.getUserAttributesFromCreateUserRequest = getUserAttributesFromCreateUserRequest;
 const createUser = (userPoolId, region, clientId, createUserRequest) => __awaiter(void 0, void 0, void 0, function* () {
     var _a;
     const cognitoClient = new client_cognito_identity_provider_1.CognitoIdentityProviderClient({ region });
@@ -21,15 +50,11 @@ const createUser = (userPoolId, region, clientId, createUserRequest) => __awaite
         Username: createUserRequest.email,
         MessageAction: client_cognito_identity_provider_1.MessageActionType.SUPPRESS,
         DesiredDeliveryMediums: [client_cognito_identity_provider_1.DeliveryMediumType.EMAIL],
-        UserAttributes: [
-            { Name: 'email', Value: createUserRequest.email },
-            { Name: 'email_verified', Value: 'false' },
-        ],
+        UserAttributes: (0, exports.getUserAttributesFromCreateUserRequest)(createUserRequest),
         ForceAliasCreation: false,
     };
-    if (createUserRequest.phone) {
+    if (createUserRequest.phoneNumber) {
         params.DesiredDeliveryMediums.push(client_cognito_identity_provider_1.DeliveryMediumType.SMS);
-        params.UserAttributes.push({ Name: 'phone_number', Value: createUserRequest.phone });
     }
     const response = yield cognitoClient.send(new client_cognito_identity_provider_1.AdminCreateUserCommand(params));
     const username = ((_a = response.User) === null || _a === void 0 ? void 0 : _a.Username) || '';

package/lib/logic/cognito/forgotPassword.d.ts

@@ -0,0 +1,2 @@
+import { AuthenticationDeliveryDetails } from 'quidproquo-core';
+export declare const forgotPassword: (userPoolId: string, clientId: string, region: string, username: string) => Promise<AuthenticationDeliveryDetails>;

package/lib/logic/cognito/forgotPassword.js

@@ -0,0 +1,33 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.forgotPassword = void 0;
+const client_cognito_identity_provider_1 = require("@aws-sdk/client-cognito-identity-provider");
+const calculateSecretHash_1 = require("./utils/calculateSecretHash");
+const getUserPoolClientSecret_1 = require("./getUserPoolClientSecret");
+const forgotPassword = (userPoolId, clientId, region, username) => __awaiter(void 0, void 0, void 0, function* () {
+    const cognitoClient = new client_cognito_identity_provider_1.CognitoIdentityProviderClient({ region });
+    const clientSecret = yield (0, getUserPoolClientSecret_1.getUserPoolClientSecret)(userPoolId, clientId, region);
+    const secretHash = (0, calculateSecretHash_1.calculateSecretHash)(username, clientId, clientSecret);
+    const params = {
+        ClientId: clientId,
+        Username: username,
+        SecretHash: secretHash,
+    };
+    const response = yield cognitoClient.send(new client_cognito_identity_provider_1.ForgotPasswordCommand(params));
+    const deliveryInfo = {
+        attributeName: response.CodeDeliveryDetails.AttributeName || 'email',
+        destination: response.CodeDeliveryDetails.Destination || 'unknown@email.com',
+        deliveryMedium: response.CodeDeliveryDetails.DeliveryMedium || 'EMAIL',
+    };
+    return deliveryInfo;
+});
+exports.forgotPassword = forgotPassword;

package/lib/logic/cognito/refreshToken.d.ts

@@ -0,0 +1,2 @@
+import { AuthenticateUserResponse } from 'quidproquo-core';
+export declare const refreshToken: (userPoolId: string, clientId: string, region: string, username: string, refreshToken: string) => Promise<AuthenticateUserResponse>;

package/lib/logic/cognito/refreshToken.js

@@ -0,0 +1,33 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.refreshToken = void 0;
+const client_cognito_identity_provider_1 = require("@aws-sdk/client-cognito-identity-provider");
+const calculateSecretHash_1 = require("./utils/calculateSecretHash");
+const getUserPoolClientSecret_1 = require("./getUserPoolClientSecret");
+const transformCognitoResponse_1 = require("./utils/transformCognitoResponse");
+const refreshToken = (userPoolId, clientId, region, username, refreshToken) => __awaiter(void 0, void 0, void 0, function* () {
+    const cognitoClient = new client_cognito_identity_provider_1.CognitoIdentityProviderClient({ region });
+    const clientSecret = yield (0, getUserPoolClientSecret_1.getUserPoolClientSecret)(userPoolId, clientId, region);
+    const secretHash = (0, calculateSecretHash_1.calculateSecretHash)(username, clientId, clientSecret);
+    const params = {
+        AuthFlow: client_cognito_identity_provider_1.AuthFlowType.REFRESH_TOKEN_AUTH,
+        UserPoolId: userPoolId,
+        ClientId: clientId,
+        AuthParameters: {
+            REFRESH_TOKEN: refreshToken,
+            SECRET_HASH: secretHash,
+        },
+    };
+    const response = yield cognitoClient.send(new client_cognito_identity_provider_1.AdminInitiateAuthCommand(params));
+    return (0, transformCognitoResponse_1.cognitoAdminInitiateAuthResponseToQpqAuthenticationInfo)(response);
+});
+exports.refreshToken = refreshToken;

package/lib/logic/cognito/utils/transformCognitoResponse.d.ts

@@ -0,0 +1,4 @@
+import { AuthenticateUserResponse, AuthenticationInfo } from 'quidproquo-core';
+import { AuthenticationResultType, AdminInitiateAuthResponse } from '@aws-sdk/client-cognito-identity-provider';
+export declare const cognitoAuthenticationResultTypeToQpqAuthenticationInfo: (authResult: AuthenticationResultType) => AuthenticationInfo;
+export declare const cognitoAdminInitiateAuthResponseToQpqAuthenticationInfo: (authResponse: AdminInitiateAuthResponse) => AuthenticateUserResponse;

package/lib/logic/cognito/utils/transformCognitoResponse.js

@@ -0,0 +1,23 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.cognitoAdminInitiateAuthResponseToQpqAuthenticationInfo = exports.cognitoAuthenticationResultTypeToQpqAuthenticationInfo = void 0;
+const quidproquo_core_1 = require("quidproquo-core");
+const cognitoAuthenticationResultTypeToQpqAuthenticationInfo = (authResult) => ({
+    accessToken: authResult.AccessToken,
+    idToken: authResult.IdToken,
+    expiresIn: authResult.ExpiresIn,
+    refreshToken: authResult.RefreshToken,
+    tokenType: authResult.TokenType,
+});
+exports.cognitoAuthenticationResultTypeToQpqAuthenticationInfo = cognitoAuthenticationResultTypeToQpqAuthenticationInfo;
+const cognitoAdminInitiateAuthResponseToQpqAuthenticationInfo = (authResponse) => {
+    const res = {
+        session: authResponse.Session,
+        challenge: quidproquo_core_1.AuthenticateUserChallenge.NONE,
+    };
+    if (authResponse.AuthenticationResult) {
+        res.authenticationInfo = (0, exports.cognitoAuthenticationResultTypeToQpqAuthenticationInfo)(authResponse.AuthenticationResult);
+    }
+    return res;
+};
+exports.cognitoAdminInitiateAuthResponseToQpqAuthenticationInfo = cognitoAdminInitiateAuthResponseToQpqAuthenticationInfo;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "quidproquo-actionprocessor-awslambda",
-  "version": "0.0.88",
+  "version": "0.0.90",
   "description": "",
   "main": "./lib/index.js",
   "types": "./lib/index.d.js",