quidproquo-actionprocessor-awslambda 0.0.99 → 0.0.101

package/lib/getActionProcessor/core/event/utils/isAuthValid.js

@@ -34,10 +34,8 @@ const isAuthValidForCognito = (qpqConfig, authSettings, authHeader) => __awaiter
     const region = quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig);
     // Resolve the user pool id
     const userPoolId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolIdFromConfig)(userDirectoryName, qpqConfig, authSettings.serviceName, authSettings.applicationName), region);
-    // Resolve the user pool client id
-    const userPoolClientId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolClientIdFromConfig)(userDirectoryName, qpqConfig, authSettings.serviceName, authSettings.applicationName), region);
     // Verify the token
-    return yield (0, verifyJwt_1.verifyJwt)(accessToken, userPoolId, userPoolClientId, 'access');
+    return yield (0, verifyJwt_1.verifyJwt)(accessToken, userPoolId, region, false);
 });
 const isAuthValidForApiKeys = (qpqConfig, authSettings, apiKeyHeader) => __awaiter(void 0, void 0, void 0, function* () {
     const apiKeys = authSettings.apiKeys || [];

package/lib/getActionProcessor/core/keyValueStore/getKeyValueStoreUpsertActionProcessor.d.ts

@@ -0,0 +1,6 @@
+import { QPQConfig } from 'quidproquo-core';
+import { KeyValueStoreUpsertActionProcessor } from 'quidproquo-core';
+declare const _default: (qpqConfig: QPQConfig) => {
+    "@quidproquo-core/KeyValueStore/Upsert": KeyValueStoreUpsertActionProcessor<any>;
+};
+export default _default;

package/lib/getActionProcessor/core/keyValueStore/getKeyValueStoreUpsertActionProcessor.js

@@ -0,0 +1,35 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const quidproquo_core_1 = require("quidproquo-core");
+const getProcessKeyValueStoreUpsert = (qpqConfig) => {
+    return ({ keyValueStoreName, item, options }) => __awaiter(void 0, void 0, void 0, function* () {
+        // const dynamoTableName = getQpqRuntimeResourceNameFromConfig(
+        //   keyValueStoreName,
+        //   qpqConfig,
+        //   'kvs',
+        // );
+        // const region = qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig);
+        // await putItem(
+        //   dynamoTableName,
+        //   key,
+        //   value,
+        //   {
+        //     expires: options?.ttlInSeconds,
+        //   },
+        //   region,
+        // );
+        return (0, quidproquo_core_1.actionResult)(void 0);
+    });
+};
+exports.default = (qpqConfig) => ({
+    [quidproquo_core_1.KeyValueStoreActionType.Upsert]: getProcessKeyValueStoreUpsert(qpqConfig),
+});

package/lib/getActionProcessor/core/keyValueStore/index.d.ts

@@ -1,7 +1,7 @@
 import { QPQConfig } from 'quidproquo-core';
 declare const _default: (qpqConfig: QPQConfig) => {
     "@quidproquo-core/KeyValueStore/Update": import("quidproquo-core").KeyValueStoreUpdateActionProcessor<any>;
-    "@quidproquo-core/KeyValueStore/Set": import("quidproquo-core").KeyValueStoreSetActionProcessor<any>;
+    "@quidproquo-core/KeyValueStore/Upsert": import("quidproquo-core").KeyValueStoreUpsertActionProcessor<any>;
     "@quidproquo-core/KeyValueStore/Get": import("quidproquo-core").KeyValueStoreGetActionProcessor<any>;
     "@quidproquo-core/KeyValueStore/Delete": import("quidproquo-core").KeyValueStoreDeleteActionProcessor;
 };

package/lib/getActionProcessor/core/keyValueStore/index.js

@@ -5,6 +5,6 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 const getKeyValueStoreDeleteActionProcessor_1 = __importDefault(require("./getKeyValueStoreDeleteActionProcessor"));
 const getKeyValueStoreGetActionProcessor_1 = __importDefault(require("./getKeyValueStoreGetActionProcessor"));
-const getKeyValueStoreSetActionProcessor_1 = __importDefault(require("./getKeyValueStoreSetActionProcessor"));
+const getKeyValueStoreUpsertActionProcessor_1 = __importDefault(require("./getKeyValueStoreUpsertActionProcessor"));
 const getKeyValueStoreUpdateActionProcessor_1 = __importDefault(require("./getKeyValueStoreUpdateActionProcessor"));
-exports.default = (qpqConfig) => (Object.assign(Object.assign(Object.assign(Object.assign({}, (0, getKeyValueStoreDeleteActionProcessor_1.default)(qpqConfig)), (0, getKeyValueStoreGetActionProcessor_1.default)(qpqConfig)), (0, getKeyValueStoreSetActionProcessor_1.default)(qpqConfig)), (0, getKeyValueStoreUpdateActionProcessor_1.default)(qpqConfig)));
+exports.default = (qpqConfig) => (Object.assign(Object.assign(Object.assign(Object.assign({}, (0, getKeyValueStoreDeleteActionProcessor_1.default)(qpqConfig)), (0, getKeyValueStoreGetActionProcessor_1.default)(qpqConfig)), (0, getKeyValueStoreUpsertActionProcessor_1.default)(qpqConfig)), (0, getKeyValueStoreUpdateActionProcessor_1.default)(qpqConfig)));

package/lib/getActionProcessor/core/system/getExecuteStoryActionProcessor.js

@@ -30,7 +30,8 @@ const getProcessExecuteStory = (qpqConfig, dynamicModuleLoader) => {
         `${moduleName}::${(0, awsLambdaUtils_1.randomGuid)()}`, quidproquo_core_1.QpqRuntimeType.EXECUTE_STORY, [`${payload.src}::${payload.runtime}`]);
         const storyResult = yield resolveStory(story, payload.params);
         if (storyResult.error) {
-            return (0, quidproquo_core_1.actionResultError)(storyResult.error.errorType, storyResult.error.errorText, `story error! in ${payload.src}::${payload.runtime} -> [${storyResult.error.errorStack}]`);
+            const stack = `${payload.src}::${payload.runtime}`;
+            return (0, quidproquo_core_1.actionResultError)(storyResult.error.errorType, storyResult.error.errorText, storyResult.error.errorStack ? `${stack} -> [${storyResult.error.errorStack}]` : stack);
         }
         return (0, quidproquo_core_1.actionResult)(storyResult.result);
     });

package/lib/getActionProcessor/core/userDirectory/getUserDirectoryAuthenticateUserActionProcessor.js

@@ -18,8 +18,16 @@ const getUserDirectoryAuthenticateUserActionProcessor = (qpqConfig) => {
         const region = quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig);
         const userPoolId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolIdFromConfig)(payload.userDirectoryName, qpqConfig), region);
         const userPoolClientId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolClientIdFromConfig)(payload.userDirectoryName, qpqConfig), region);
-        const authResponse = yield (0, authenticateUser_1.authenticateUser)(userPoolId, userPoolClientId, quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig), payload.authenticateUserRequest.email, payload.authenticateUserRequest.password);
-        return (0, quidproquo_core_1.actionResult)(authResponse);
+        try {
+            const authResponse = yield (0, authenticateUser_1.authenticateUser)(userPoolId, userPoolClientId, quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig), payload.authenticateUserRequest.email, payload.authenticateUserRequest.password);
+            return (0, quidproquo_core_1.actionResult)(authResponse);
+        }
+        catch (e) {
+            if (e instanceof Error) {
+                return (0, quidproquo_core_1.actionResultError)(quidproquo_core_1.ErrorTypeEnum.Unauthorized, e.message);
+            }
+            return (0, quidproquo_core_1.actionResultError)(quidproquo_core_1.ErrorTypeEnum.GenericError, 'An unknown error has occurred.');
+        }
     });
 };
 exports.default = (qpqConfig) => {

package/lib/getActionProcessor/core/userDirectory/getUserDirectoryGetUserAttributesActionProcessor.d.ts

@@ -0,0 +1,5 @@
+import { UserDirectoryGetUserAttributesActionProcessor, QPQConfig } from 'quidproquo-core';
+declare const _default: (qpqConfig: QPQConfig) => {
+    "@quidproquo-core/UserDirectory/GetUserAttributes": UserDirectoryGetUserAttributesActionProcessor;
+};
+export default _default;

package/lib/getActionProcessor/core/{keyValueStore/getKeyValueStoreSetActionProcessor.js → userDirectory/getUserDirectoryGetUserAttributesActionProcessor.js}

@@ -11,18 +11,18 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 Object.defineProperty(exports, "__esModule", { value: true });
 const quidproquo_core_1 = require("quidproquo-core");
 const awsNamingUtils_1 = require("../../../awsNamingUtils");
-const quidproquo_core_2 = require("quidproquo-core");
-const dynamo_1 = require("../../../logic/dynamo");
-const getProcessKeyValueStoreSet = (qpqConfig) => {
-    return ({ keyValueStoreName, key, value, options }) => __awaiter(void 0, void 0, void 0, function* () {
-        const dynamoTableName = (0, awsNamingUtils_1.getQpqRuntimeResourceNameFromConfig)(keyValueStoreName, qpqConfig, 'kvs');
+const getExportedValue_1 = require("../../../logic/cloudformation/getExportedValue");
+const getUserAttributes_1 = require("../../../logic/cognito/getUserAttributes");
+const getUserDirectoryGetUserAttributesActionProcessor = (qpqConfig) => {
+    return ({ userDirectoryName, serviceOverride, username }, session) => __awaiter(void 0, void 0, void 0, function* () {
         const region = quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig);
-        yield (0, dynamo_1.putItem)(dynamoTableName, key, value, {
-            expires: options === null || options === void 0 ? void 0 : options.ttl,
-        }, region);
-        return (0, quidproquo_core_2.actionResult)(void 0);
+        const userPoolId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolIdFromConfig)(userDirectoryName, qpqConfig, serviceOverride), region);
+        const userAttributes = yield (0, getUserAttributes_1.getUserAttributes)(userPoolId, region, username);
+        return (0, quidproquo_core_1.actionResult)(userAttributes);
     });
 };
-exports.default = (qpqConfig) => ({
-    [quidproquo_core_2.KeyValueStoreActionType.Set]: getProcessKeyValueStoreSet(qpqConfig),
-});
+exports.default = (qpqConfig) => {
+    return {
+        [quidproquo_core_1.UserDirectoryActionType.GetUserAttributes]: getUserDirectoryGetUserAttributesActionProcessor(qpqConfig),
+    };
+};

package/lib/getActionProcessor/core/userDirectory/getUserDirectoryReadAccessTokenActionProcessor.js

@@ -14,11 +14,10 @@ const awsNamingUtils_1 = require("../../../awsNamingUtils");
 const getExportedValue_1 = require("../../../logic/cloudformation/getExportedValue");
 const decodeValidJwt_1 = require("../../../logic/cognito/decodeValidJwt");
 const getUserDirectoryReadAccessTokenActionProcessor = (qpqConfig) => {
-    return ({ userDirectoryName, serviceOverride }, session) => __awaiter(void 0, void 0, void 0, function* () {
+    return ({ userDirectoryName, serviceOverride, ignoreExpiration }, session) => __awaiter(void 0, void 0, void 0, function* () {
         const region = quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig);
         const userPoolId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolIdFromConfig)(userDirectoryName, qpqConfig, serviceOverride), region);
-        const userPoolClientId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolClientIdFromConfig)(userDirectoryName, qpqConfig, serviceOverride), region);
-        const authInfo = yield (0, decodeValidJwt_1.decodeValidJwt)(userPoolId, userPoolClientId, 'access', session.accessToken);
+        const authInfo = yield (0, decodeValidJwt_1.decodeValidJwt)(userPoolId, region, ignoreExpiration, session.accessToken);
         if (!authInfo || !(authInfo === null || authInfo === void 0 ? void 0 : authInfo.username)) {
             return (0, quidproquo_core_1.actionResultError)(quidproquo_core_1.ErrorTypeEnum.Unauthorized, 'Invalid accessToken');
         }

package/lib/getActionProcessor/core/userDirectory/getUserDirectoryRefreshTokenActionProcessor.js

@@ -19,7 +19,7 @@ const getUserDirectoryRefreshTokenActionProcessor = (qpqConfig) => {
         const region = quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig);
         const userPoolId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolIdFromConfig)(userDirectoryName, qpqConfig), region);
         const userPoolClientId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolClientIdFromConfig)(userDirectoryName, qpqConfig), region);
-        const authInfo = yield (0, decodeValidJwt_1.decodeValidJwt)(userPoolId, userPoolClientId, 'access', session.accessToken);
+        const authInfo = yield (0, decodeValidJwt_1.decodeValidJwt)(userPoolId, region, true, session.accessToken);
         if (!authInfo || !(authInfo === null || authInfo === void 0 ? void 0 : authInfo.username)) {
             return (0, quidproquo_core_1.actionResultError)(quidproquo_core_1.ErrorTypeEnum.Unauthorized, 'Invalid accessToken');
         }

package/lib/getActionProcessor/core/userDirectory/getUserDirectorySetUserAttributesActionProcessor.d.ts

@@ -0,0 +1,5 @@
+import { UserDirectorySetUserAttributesActionProcessor, QPQConfig } from 'quidproquo-core';
+declare const _default: (qpqConfig: QPQConfig) => {
+    "@quidproquo-core/UserDirectory/SetUserAttributes": UserDirectorySetUserAttributesActionProcessor;
+};
+export default _default;

package/lib/getActionProcessor/core/userDirectory/getUserDirectorySetUserAttributesActionProcessor.js

@@ -0,0 +1,28 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const quidproquo_core_1 = require("quidproquo-core");
+const awsNamingUtils_1 = require("../../../awsNamingUtils");
+const getExportedValue_1 = require("../../../logic/cloudformation/getExportedValue");
+const setUserAttributes_1 = require("../../../logic/cognito/setUserAttributes");
+const getUserDirectorySetUserAttributesActionProcessor = (qpqConfig) => {
+    return ({ userDirectoryName, serviceOverride, username, userAttributes }, session) => __awaiter(void 0, void 0, void 0, function* () {
+        const region = quidproquo_core_1.qpqCoreUtils.getApplicationModuleDeployRegion(qpqConfig);
+        const userPoolId = yield (0, getExportedValue_1.getExportedValue)((0, awsNamingUtils_1.getCFExportNameUserPoolIdFromConfig)(userDirectoryName, qpqConfig, serviceOverride), region);
+        yield (0, setUserAttributes_1.setUserAttributes)(userPoolId, region, username, userAttributes);
+        return (0, quidproquo_core_1.actionResult)(void 0);
+    });
+};
+exports.default = (qpqConfig) => {
+    return {
+        [quidproquo_core_1.UserDirectoryActionType.SetUserAttributes]: getUserDirectorySetUserAttributesActionProcessor(qpqConfig),
+    };
+};

package/lib/getActionProcessor/core/userDirectory/index.d.ts

@@ -1,9 +1,11 @@
 import { QPQConfig } from 'quidproquo-core';
 declare const _default: (qpqConfig: QPQConfig) => {
+    "@quidproquo-core/UserDirectory/SetUserAttributes": import("quidproquo-core").UserDirectorySetUserAttributesActionProcessor;
     "@quidproquo-core/UserDirectory/RespondToAuthChallenge": import("quidproquo-core").UserDirectoryRespondToAuthChallengeActionProcessor;
     "@quidproquo-core/UserDirectory/RequestEmailVerification": import("quidproquo-core").UserDirectoryRequestEmailVerificationActionProcessor;
     "@quidproquo-core/UserDirectory/RefreshToken": import("quidproquo-core").UserDirectoryRefreshTokenActionProcessor;
     "@quidproquo-core/UserDirectory/ReadAccessToken": import("quidproquo-core").UserDirectoryReadAccessTokenActionProcessor;
+    "@quidproquo-core/UserDirectory/GetUserAttributes": import("quidproquo-core").UserDirectoryGetUserAttributesActionProcessor;
     "@quidproquo-core/UserDirectory/ForgotPassword": import("quidproquo-core").UserDirectoryForgotPasswordActionProcessor;
     "@quidproquo-core/UserDirectory/CreateUser": import("quidproquo-core").UserDirectoryCreateUserActionProcessor;
     "@quidproquo-core/UserDirectory/ConfirmForgotPassword": import("quidproquo-core").UserDirectoryConfirmForgotPasswordActionProcessor;

package/lib/getActionProcessor/core/userDirectory/index.js

@@ -8,8 +8,10 @@ const getUserDirectoryConfirmEmailVerificationActionProcessor_1 = __importDefaul
 const getUserDirectoryConfirmForgetPasswordActionProcessor_1 = __importDefault(require("./getUserDirectoryConfirmForgetPasswordActionProcessor"));
 const getUserDirectoryCreateUserActionProcessor_1 = __importDefault(require("./getUserDirectoryCreateUserActionProcessor"));
 const getUserDirectoryForgetPasswordActionProcessor_1 = __importDefault(require("./getUserDirectoryForgetPasswordActionProcessor"));
+const getUserDirectoryGetUserAttributesActionProcessor_1 = __importDefault(require("./getUserDirectoryGetUserAttributesActionProcessor"));
 const getUserDirectoryReadAccessTokenActionProcessor_1 = __importDefault(require("./getUserDirectoryReadAccessTokenActionProcessor"));
 const getUserDirectoryRefreshTokenActionProcessor_1 = __importDefault(require("./getUserDirectoryRefreshTokenActionProcessor"));
 const getUserDirectoryRequestEmailVerificationActionProcessor_1 = __importDefault(require("./getUserDirectoryRequestEmailVerificationActionProcessor"));
 const getUserDirectoryRespondToAuthChallengeActionProcessor_1 = __importDefault(require("./getUserDirectoryRespondToAuthChallengeActionProcessor"));
-exports.default = (qpqConfig) => (Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign({}, (0, getUserDirectoryAuthenticateUserActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryConfirmEmailVerificationActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryConfirmForgetPasswordActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryCreateUserActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryForgetPasswordActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryReadAccessTokenActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryRefreshTokenActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryRequestEmailVerificationActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryRespondToAuthChallengeActionProcessor_1.default)(qpqConfig)));
+const getUserDirectorySetUserAttributesActionProcessor_1 = __importDefault(require("./getUserDirectorySetUserAttributesActionProcessor"));
+exports.default = (qpqConfig) => (Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign({}, (0, getUserDirectoryAuthenticateUserActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryConfirmEmailVerificationActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryConfirmForgetPasswordActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryCreateUserActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryForgetPasswordActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryGetUserAttributesActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryReadAccessTokenActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryRefreshTokenActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryRequestEmailVerificationActionProcessor_1.default)(qpqConfig)), (0, getUserDirectoryRespondToAuthChallengeActionProcessor_1.default)(qpqConfig)), (0, getUserDirectorySetUserAttributesActionProcessor_1.default)(qpqConfig)));

package/lib/logic/cognito/authenticateUser.js

@@ -10,7 +10,6 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.authenticateUser = void 0;
-const quidproquo_core_1 = require("quidproquo-core");
 const client_cognito_identity_provider_1 = require("@aws-sdk/client-cognito-identity-provider");
 const calculateSecretHash_1 = require("./utils/calculateSecretHash");
 const getUserPoolClientSecret_1 = require("./getUserPoolClientSecret");
@@ -32,23 +31,7 @@ const authenticateUser = (userPoolId, clientId, region, username, password) => _
             SECRET_HASH: secretHash,
         },
     };
-    try {
-        const response = yield cognitoClient.send(new client_cognito_identity_provider_1.AdminInitiateAuthCommand(params));
-        console.log('authenticateUser response: ', JSON.stringify(response, null, 2));
-        return (0, transformCognitoResponse_1.cognitoAdminInitiateAuthResponseToQpqAuthenticationInfo)(response, issueDateTime);
-    }
-    catch (e) {
-        if (e instanceof Error) {
-            switch (e.name) {
-                case 'PasswordResetRequiredException':
-                    return {
-                        challenge: quidproquo_core_1.AuthenticateUserChallenge.RESET_PASSWORD,
-                    };
-            }
-            throw new Error(`${e.name}: ${e.message}`);
-        }
-        console.log('authenticateUser Error: ', e);
-        throw new Error(`Unknown error has occurred in authenticateUser`);
-    }
+    const response = yield cognitoClient.send(new client_cognito_identity_provider_1.AdminInitiateAuthCommand(params));
+    return (0, transformCognitoResponse_1.cognitoAdminInitiateAuthResponseToQpqAuthenticationInfo)(response, issueDateTime);
 });
 exports.authenticateUser = authenticateUser;

package/lib/logic/cognito/cognitoAttributeMap.d.ts

@@ -0,0 +1,10 @@
+import { UserAttributes } from 'quidproquo-core';
+export declare const cognitoAttributeMap: Record<keyof UserAttributes, string>;
+export declare const getCognitoUserAttributesFromQpqUserAttributes: (userAttributes: UserAttributes) => {
+    Name: string;
+    Value: string;
+}[];
+export declare const getQpqAttributesFromCognitoUserAttributes: (cognitoUserAttributes: {
+    Name: string;
+    Value: string;
+}[]) => UserAttributes;

package/lib/logic/cognito/cognitoAttributeMap.js

@@ -0,0 +1,50 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getQpqAttributesFromCognitoUserAttributes = exports.getCognitoUserAttributesFromQpqUserAttributes = exports.cognitoAttributeMap = void 0;
+exports.cognitoAttributeMap = {
+    email: 'email',
+    emailVerified: 'email_verified',
+    userId: 'sub',
+    address: 'address',
+    birthDate: 'birthdate',
+    familyName: 'family_name',
+    gender: 'gender',
+    givenName: 'given_name',
+    locale: 'locale',
+    middleName: 'middle_name',
+    name: 'name',
+    nickname: 'nickname',
+    phoneNumber: 'phone_number',
+    picture: 'picture',
+    preferredUsername: 'preferred_username',
+    profile: 'profile',
+    website: 'website',
+    zoneInfo: 'zoneinfo',
+};
+// Flip the cognitoAttributeMap for reverse mapping
+const reversedCognitoAttributeMap = Object.entries(exports.cognitoAttributeMap).reduce((acc, [key, value]) => (Object.assign(Object.assign({}, acc), { [value]: key })), {});
+const getCognitoUserAttributesFromQpqUserAttributes = (userAttributes) => {
+    return Object.keys(userAttributes)
+        .map((key) => ({
+        Name: exports.cognitoAttributeMap[key],
+        Value: `${userAttributes[key]}`,
+    }))
+        .filter((attribute) => !!attribute.Name && !!attribute.Value);
+};
+exports.getCognitoUserAttributesFromQpqUserAttributes = getCognitoUserAttributesFromQpqUserAttributes;
+const getQpqAttributesFromCognitoUserAttributes = (cognitoUserAttributes) => {
+    // Map cognitoUserAttributes to your UserAttributes format
+    const userAttributes = cognitoUserAttributes.reduce((acc, { Name, Value }) => {
+        const userAttributeKey = reversedCognitoAttributeMap[Name];
+        if (!userAttributeKey) {
+            return acc; // If there's no matching key in your mapping, just continue with the current accumulation
+        }
+        if (userAttributeKey === 'emailVerified') {
+            // Assume the value of 'email_verified' is a string of 'true' or 'false'
+            return Object.assign(Object.assign({}, acc), { [userAttributeKey]: Value === 'true' });
+        }
+        return Object.assign(Object.assign({}, acc), { [userAttributeKey]: Value });
+    }, {});
+    return userAttributes;
+};
+exports.getQpqAttributesFromCognitoUserAttributes = getQpqAttributesFromCognitoUserAttributes;

package/lib/logic/cognito/createUser.d.ts

@@ -1,6 +1,2 @@
 import { CreateUserRequest, AuthenticateUserResponse } from 'quidproquo-core';
-export declare const getUserAttributesFromCreateUserRequest: (createUserRequest: CreateUserRequest) => {
-    Name: string;
-    Value: string;
-}[];
 export declare const createUser: (userPoolId: string, region: string, clientId: string, createUserRequest: CreateUserRequest) => Promise<AuthenticateUserResponse>;

package/lib/logic/cognito/createUser.js

@@ -9,39 +9,11 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.createUser = exports.getUserAttributesFromCreateUserRequest = void 0;
+exports.createUser = void 0;
 const client_cognito_identity_provider_1 = require("@aws-sdk/client-cognito-identity-provider");
 const authenticateUser_1 = require("./authenticateUser");
 const setUserPassword_1 = require("./setUserPassword");
-const cognitoAttributeMap = {
-    email: 'email',
-    emailVerified: 'email_verified',
-    password: 'password',
-    address: 'address',
-    birthDate: 'birthdate',
-    familyName: 'family_name',
-    gender: 'gender',
-    givenName: 'given_name',
-    locale: 'locale',
-    middleName: 'middle_name',
-    name: 'name',
-    nickname: 'nickname',
-    phoneNumber: 'phone_number',
-    picture: 'picture',
-    preferredUsername: 'preferred_username',
-    profile: 'profile',
-    website: 'website',
-    zoneInfo: 'zoneinfo',
-};
-const getUserAttributesFromCreateUserRequest = (createUserRequest) => {
-    return Object.keys(createUserRequest)
-        .map((key) => ({
-        Name: cognitoAttributeMap[key],
-        Value: `${createUserRequest[key]}`,
-    }))
-        .filter((attribute) => !!attribute.Value && attribute.Name !== 'password');
-};
-exports.getUserAttributesFromCreateUserRequest = getUserAttributesFromCreateUserRequest;
+const cognitoAttributeMap_1 = require("./cognitoAttributeMap");
 const createUser = (userPoolId, region, clientId, createUserRequest) => __awaiter(void 0, void 0, void 0, function* () {
     var _a;
     const cognitoClient = new client_cognito_identity_provider_1.CognitoIdentityProviderClient({ region });
@@ -50,7 +22,7 @@ const createUser = (userPoolId, region, clientId, createUserRequest) => __awaite
         Username: createUserRequest.email,
         MessageAction: client_cognito_identity_provider_1.MessageActionType.SUPPRESS,
         DesiredDeliveryMediums: [client_cognito_identity_provider_1.DeliveryMediumType.EMAIL],
-        UserAttributes: (0, exports.getUserAttributesFromCreateUserRequest)(createUserRequest),
+        UserAttributes: (0, cognitoAttributeMap_1.getCognitoUserAttributesFromQpqUserAttributes)(createUserRequest),
         ForceAliasCreation: false,
     };
     if (createUserRequest.phoneNumber) {

package/lib/logic/cognito/decodeValidJwt.d.ts

@@ -2,4 +2,4 @@ export type AuthInfo = {
     userId: string;
     username: string;
 };
-export declare const decodeValidJwt: (userPoolId: string, clientId: string, tokenType: 'id' | 'access', accessToken?: string) => Promise<AuthInfo | null>;
+export declare const decodeValidJwt: (userPoolId: string, region: string, ignoreExpiration: boolean, accessToken?: string) => Promise<AuthInfo | null>;

package/lib/logic/cognito/decodeValidJwt.js

@@ -8,28 +8,38 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.decodeValidJwt = void 0;
-const aws_jwt_verify_1 = require("aws-jwt-verify");
-const decodeValidJwt = (userPoolId, clientId, tokenType, accessToken) => __awaiter(void 0, void 0, void 0, function* () {
-    var _a;
+const jsonwebtoken_1 = require("jsonwebtoken");
+const jwks_rsa_1 = __importDefault(require("jwks-rsa"));
+const decodeValidJwt = (userPoolId, region, ignoreExpiration, accessToken) => __awaiter(void 0, void 0, void 0, function* () {
     if (!accessToken) {
         return null;
     }
-    const verifier = aws_jwt_verify_1.CognitoJwtVerifier.create({
-        userPoolId: userPoolId,
-        tokenUse: tokenType,
-        clientId: clientId,
-    });
     try {
-        const payload = yield verifier.verify(accessToken);
+        const decodedToken = (0, jsonwebtoken_1.decode)(accessToken, { complete: true });
+        if (!decodedToken) {
+            return null;
+        }
+        const client = (0, jwks_rsa_1.default)({
+            jwksUri: `https://cognito-idp.${region}.amazonaws.com/${userPoolId}/.well-known/jwks.json`,
+        });
+        const key = yield client.getSigningKey(decodedToken.header.kid);
+        const signingKey = key.getPublicKey();
+        const payload = (0, jsonwebtoken_1.verify)(accessToken, signingKey, {
+            algorithms: ['RS256'],
+            ignoreExpiration,
+        });
         return {
             userId: payload.sub,
-            username: ((_a = payload.username) === null || _a === void 0 ? void 0 : _a.toString()) || '',
+            username: payload.username,
         };
     }
     catch (e) {
-        console.log('Invalid jwt token', e);
+        console.log('Failed to decode jwt token', e);
         return null;
     }
 });

package/lib/logic/cognito/forgotPassword.js

@@ -21,6 +21,9 @@ const forgotPassword = (userPoolId, clientId, region, username) => __awaiter(voi
         ClientId: clientId,
         Username: username,
         SecretHash: secretHash,
+        ClientMetadata: {
+            userInitiated: 'true',
+        },
     };
     const response = yield cognitoClient.send(new client_cognito_identity_provider_1.ForgotPasswordCommand(params));
     const deliveryInfo = {

package/lib/logic/cognito/getUser.js

@@ -22,7 +22,6 @@ const getUser = (accessToken, region) => __awaiter(void 0, void 0, void 0, funct
         AccessToken: accessToken,
     };
     const response = yield cognitoClient.send(new client_cognito_identity_provider_1.GetUserCommand(params));
-    console.log(JSON.stringify(response, null, 2));
     const attributeTypes = (response.UserAttributes || []).filter((ua) => !!ua.Value);
     const userAttributes = attributeTypes.reduce((acc, ua) => (Object.assign(Object.assign({}, acc), { [ua.Name]: ua.Value })), {});
     const user = {
@@ -31,7 +30,6 @@ const getUser = (accessToken, region) => __awaiter(void 0, void 0, void 0, funct
         email: getUserAttribute('email', attributeTypes),
         userAttributes,
     };
-    console.log(JSON.stringify(user, null, 2));
     return user;
 });
 exports.getUser = getUser;

package/lib/logic/cognito/getUserAttributes.d.ts

@@ -0,0 +1,2 @@
+import { UserAttributes } from 'quidproquo-core';
+export declare const getUserAttributes: (userPoolId: string, region: string, username: string) => Promise<UserAttributes>;

package/lib/logic/cognito/getUserAttributes.js

@@ -0,0 +1,26 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getUserAttributes = void 0;
+const client_cognito_identity_provider_1 = require("@aws-sdk/client-cognito-identity-provider");
+const cognitoAttributeMap_1 = require("./cognitoAttributeMap");
+const getUserAttributes = (userPoolId, region, username) => __awaiter(void 0, void 0, void 0, function* () {
+    const cognitoClient = new client_cognito_identity_provider_1.CognitoIdentityProviderClient({ region });
+    const params = {
+        UserPoolId: userPoolId,
+        Username: username,
+    };
+    const response = yield cognitoClient.send(new client_cognito_identity_provider_1.AdminGetUserCommand(params));
+    const validAttributes = (response.UserAttributes || []).filter((attr) => attr.Name && attr.Value);
+    const attributes = (0, cognitoAttributeMap_1.getQpqAttributesFromCognitoUserAttributes)(validAttributes);
+    return attributes;
+});
+exports.getUserAttributes = getUserAttributes;

package/lib/logic/cognito/requestEmailVerificationCode.js

@@ -18,6 +18,5 @@ const requestEmailVerificationCode = (region, accessToken) => __awaiter(void 0,
         AttributeName: 'email', // Request verification for the email attribute
     };
     const requestEmailVerificationCodeResponse = yield cognitoClient.send(new client_cognito_identity_provider_1.GetUserAttributeVerificationCodeCommand(params));
-    console.log(JSON.stringify(requestEmailVerificationCodeResponse, null, 2));
 });
 exports.requestEmailVerificationCode = requestEmailVerificationCode;

package/lib/logic/cognito/respondToAuthChallengeChallenge.js

@@ -24,7 +24,6 @@ const respondToAuthChallengeChallenge = (userPoolId, clientId, region, username,
         Session: session,
         ChallengeResponses: Object.assign({ USERNAME: username, SECRET_HASH: secretHash }, attributes),
     };
-    console.log('params', JSON.stringify(params, null, 2));
     const issueDateTime = new Date().toISOString();
     const response = yield cognitoClient.send(new client_cognito_identity_provider_1.RespondToAuthChallengeCommand(params));
     // transform the response into your custom format, similar to your refreshToken function

package/lib/logic/cognito/setUserAttributes.d.ts

@@ -0,0 +1,2 @@
+import { UserAttributes } from 'quidproquo-core';
+export declare const setUserAttributes: (userPoolId: string, region: string, username: string, userAttributes: UserAttributes) => Promise<void>;

package/lib/logic/cognito/setUserAttributes.js

@@ -0,0 +1,36 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __rest = (this && this.__rest) || function (s, e) {
+    var t = {};
+    for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
+        t[p] = s[p];
+    if (s != null && typeof Object.getOwnPropertySymbols === "function")
+        for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
+            if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
+                t[p[i]] = s[p[i]];
+        }
+    return t;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.setUserAttributes = void 0;
+const client_cognito_identity_provider_1 = require("@aws-sdk/client-cognito-identity-provider");
+const cognitoAttributeMap_1 = require("./cognitoAttributeMap");
+const setUserAttributes = (userPoolId, region, username, userAttributes) => __awaiter(void 0, void 0, void 0, function* () {
+    const cognitoClient = new client_cognito_identity_provider_1.CognitoIdentityProviderClient({ region });
+    const { userId } = userAttributes, writeableUserAttributes = __rest(userAttributes, ["userId"]);
+    const params = {
+        UserPoolId: userPoolId,
+        Username: username,
+        UserAttributes: (0, cognitoAttributeMap_1.getCognitoUserAttributesFromQpqUserAttributes)(writeableUserAttributes),
+    };
+    yield cognitoClient.send(new client_cognito_identity_provider_1.AdminUpdateUserAttributesCommand(params));
+});
+exports.setUserAttributes = setUserAttributes;

package/lib/logic/cognito/verifyJwt.d.ts

@@ -1 +1 @@
-export declare const verifyJwt: (accessToken: string, userPoolId: string, clientId: string, tokenType: 'id' | 'access') => Promise<boolean>;
+export declare const verifyJwt: (accessToken: string, userPoolId: string, region: string, ignoreExpiration?: boolean) => Promise<boolean>;

package/lib/logic/cognito/verifyJwt.js

@@ -11,8 +11,8 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.verifyJwt = void 0;
 const decodeValidJwt_1 = require("./decodeValidJwt");
-const verifyJwt = (accessToken, userPoolId, clientId, tokenType) => __awaiter(void 0, void 0, void 0, function* () {
-    const info = yield (0, decodeValidJwt_1.decodeValidJwt)(userPoolId, clientId, tokenType, accessToken);
+const verifyJwt = (accessToken, userPoolId, region, ignoreExpiration = false) => __awaiter(void 0, void 0, void 0, function* () {
+    const info = yield (0, decodeValidJwt_1.decodeValidJwt)(userPoolId, region, ignoreExpiration, accessToken);
     // if we hav info, its valid
     return !!info;
 });

package/lib/logic/dynamo/putItem.d.ts

@@ -1,4 +1,12 @@
+import { KvsKey } from 'quidproquo-core';
 export interface PutItemOptions {
     expires?: number;
 }
-export declare function putItem<Value>(tableName: string, key: string, value: Value, options: PutItemOptions, region: string): Promise<void>;
+export type KvsKeyValue<T> = {
+    key: KvsKey;
+    value: T;
+};
+export type DynamoAttributeType = 'S' | 'N' | 'B';
+export declare const readKvsAttributeValue: <T, K extends keyof T>(item: T, key: KvsKey) => KvsKeyValue<T[K]>;
+export declare const getDynamoValueTypeFromKvsKey: (key: KvsKey) => DynamoAttributeType;
+export declare function putItem<Item>(tableName: string, key: string, item: Item, attributes: KvsKey[], options: PutItemOptions, region: string): Promise<void>;

package/lib/logic/dynamo/putItem.js

@@ -9,14 +9,45 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.putItem = void 0;
+exports.putItem = exports.getDynamoValueTypeFromKvsKey = exports.readKvsAttributeValue = void 0;
 const client_dynamodb_1 = require("@aws-sdk/client-dynamodb");
-function putItem(tableName, key, value, options, region) {
+const lodash_1 = require("lodash");
+const readKvsAttributeValue = (item, key) => {
+    const value = (0, lodash_1.get)(item, key.key);
+    return {
+        key,
+        value,
+    };
+};
+exports.readKvsAttributeValue = readKvsAttributeValue;
+const getDynamoValueTypeFromKvsKey = (key) => {
+    switch (key.type) {
+        case 'string':
+            return 'S';
+        case 'number':
+            return 'N';
+        case 'binary':
+            return 'B';
+    }
+};
+exports.getDynamoValueTypeFromKvsKey = getDynamoValueTypeFromKvsKey;
+function putItem(tableName, key, item, attributes, options, region) {
     return __awaiter(this, void 0, void 0, function* () {
         const dynamoClient = new client_dynamodb_1.DynamoDBClient({ region });
+        // Read all the values from the item
+        const dynamoProps = attributes
+            .filter((a, index, self) => index === self.findIndex((t) => t.key === a.key))
+            .reduce((acc, attribute) => {
+            const { key, value } = (0, exports.readKvsAttributeValue)(item, attribute);
+            const attributeValue = {
+                [(0, exports.getDynamoValueTypeFromKvsKey)(key)]: value,
+            };
+            acc[key.key] = attributeValue;
+            return acc;
+        }, {});
         yield dynamoClient.send(new client_dynamodb_1.PutItemCommand({
             TableName: tableName,
-            Item: Object.assign({ key: { S: key }, value: { S: JSON.stringify(value) } }, (options.expires ? { expires: { N: options.expires.toString() } } : {})),
+            Item: Object.assign({}, dynamoProps),
         }));
     });
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "quidproquo-actionprocessor-awslambda",
-  "version": "0.0.99",
+  "version": "0.0.101",
   "description": "",
   "main": "./lib/index.js",
   "types": "./lib/index.d.js",
@@ -38,12 +38,17 @@
     "@aws-sdk/client-ssm": "^3.278.0",
     "aws-jwt-verify": "^3.4.0",
     "aws-sdk": "^2.1322.0",
+    "jsonwebtoken": "^9.0.0",
+    "jwks-rsa": "^3.0.1",
+    "lodash": "^4.17.21",
     "node-match-path": "^0.6.3",
     "quidproquo-core": "*",
     "quidproquo-webserver": "*"
   },
   "devDependencies": {
     "@types/aws-lambda": "^8.10.109",
+    "@types/jsonwebtoken": "^9.0.2",
+    "@types/lodash": "^4.14.194",
     "@types/node": "^18.11.9",
     "quidproquo-tsconfig": "*",
     "typescript": "^4.9.3"

package/lib/getActionProcessor/core/keyValueStore/getKeyValueStoreSetActionProcessor.d.ts

@@ -1,6 +0,0 @@
-import { QPQConfig } from 'quidproquo-core';
-import { KeyValueStoreSetActionProcessor } from 'quidproquo-core';
-declare const _default: (qpqConfig: QPQConfig) => {
-    "@quidproquo-core/KeyValueStore/Set": KeyValueStoreSetActionProcessor<any>;
-};
-export default _default;