ts-ag 0.0.1-dev.2 → 1.0.0

package/dist/browser.d.ts

@@ -1,3 +1,4 @@
 export * from './lambda/browser.js';
 export * from './rehype/browser.js';
+export * from './types/index.js';
 //# sourceMappingURL=browser.d.ts.map

package/dist/browser.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"browser.d.ts","sourceRoot":"","sources":["../src/browser.ts"],"names":[],"mappings":"AAAA,cAAc,qBAAqB,CAAC;AACpC,cAAc,qBAAqB,CAAA"}
+{"version":3,"file":"browser.d.ts","sourceRoot":"","sources":["../src/browser.ts"],"names":[],"mappings":"AAAA,cAAc,qBAAqB,CAAC;AACpC,cAAc,qBAAqB,CAAC;AAEpC,cAAc,kBAAkB,CAAC"}

package/dist/browser.js

@@ -1,2 +1,3 @@
 export * from './lambda/browser.js';
 export * from './rehype/browser.js';
+export * from './types/index.js';

package/dist/cognito/client.d.ts

@@ -0,0 +1,6 @@
+import { CognitoIdentityProviderClient } from '@aws-sdk/client-cognito-identity-provider';
+/**
+ * Convenience function if process.env.REGION is set
+ */
+export declare function getCognitoClient(): CognitoIdentityProviderClient;
+//# sourceMappingURL=client.d.ts.map

package/dist/cognito/client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/cognito/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,6BAA6B,EAAE,MAAM,2CAA2C,CAAC;AAE1F;;GAEG;AACH,wBAAgB,gBAAgB,kCAK/B"}

package/dist/cognito/client.js

@@ -0,0 +1,10 @@
+import { CognitoIdentityProviderClient } from '@aws-sdk/client-cognito-identity-provider';
+/**
+ * Convenience function if process.env.REGION is set
+ */
+export function getCognitoClient() {
+    return new CognitoIdentityProviderClient({
+        region: process.env.REGION,
+        endpoint: `https://cognito-idp.${process.env.REGION}.amazonaws.com`
+    });
+}

package/dist/cognito/errors.d.ts

@@ -0,0 +1,95 @@
+export declare const error_cognito_forbidden: {
+    type: "cognito_forbidden";
+};
+export declare const error_cognito_internal: {
+    type: "cognito_internal";
+};
+export declare const error_cognito_role: {
+    type: "cognito_role";
+};
+export declare const error_cognito_input: {
+    type: "cognito_input";
+};
+export declare const error_cognito_auth: {
+    type: "cognito_auth";
+};
+export declare const error_cognito_notFound: {
+    type: "cognito_notFound";
+};
+export declare const error_cognito_userNotFound: {
+    type: "cognito_userNotFound";
+};
+export declare const error_cognito_tooManyRequests: {
+    type: "cognito_tooManyRequests";
+};
+export declare const error_cognito_passwordPolicy: {
+    type: "cognito_passwordPolicy";
+};
+export declare const error_cognito_passwordHistory: {
+    type: "cognito_passwordHistory";
+};
+export declare const error_cognito_passwordResetRequired: {
+    type: "cognito_passwordResetRequired";
+};
+export declare const error_cognito_codeExpired: {
+    type: "cognito_codeExpired";
+};
+export declare const error_cognito_codeMismatch: {
+    type: "cognito_codeMismatch";
+};
+export declare const error_cognito_delivery: {
+    type: "cognito_delivery";
+};
+export declare const error_cognito_userExists: {
+    type: "cognito_userExists";
+};
+export type type_error_cognito_forbidden = typeof error_cognito_forbidden;
+export type type_error_cognito_internal = typeof error_cognito_internal;
+export type type_error_cognito_role = typeof error_cognito_role;
+export type type_error_cognito_input = typeof error_cognito_input;
+export type type_error_cognito_auth = typeof error_cognito_auth;
+export type type_error_cognito_notFound = typeof error_cognito_notFound;
+export type type_error_cognito_userNotFound = typeof error_cognito_userNotFound;
+export type type_error_cognito_tooManyRequests = typeof error_cognito_tooManyRequests;
+export type type_error_cognito_passwordPolicy = typeof error_cognito_passwordPolicy;
+export type type_error_cognito_passwordHistory = typeof error_cognito_passwordHistory;
+export type type_error_cognito_passwordResetRequired = typeof error_cognito_passwordResetRequired;
+export type type_error_cognito_codeExpired = typeof error_cognito_codeExpired;
+export type type_error_cognito_codeMismatch = typeof error_cognito_codeMismatch;
+export type type_error_cognito_delivery = typeof error_cognito_delivery;
+export type type_error_cognito_userExists = typeof error_cognito_userExists;
+export type type_error_cognito = type_error_cognito_forbidden | type_error_cognito_internal | type_error_cognito_role | type_error_cognito_input | type_error_cognito_auth | type_error_cognito_notFound | type_error_cognito_userNotFound | type_error_cognito_tooManyRequests | type_error_cognito_passwordPolicy | type_error_cognito_passwordHistory | type_error_cognito_passwordResetRequired | type_error_cognito_codeExpired | type_error_cognito_codeMismatch | type_error_cognito_delivery | type_error_cognito_userExists;
+/**
+ * Gets a generic error from the name of the aws error
+ */
+export declare function error_cognito(error: Error): type_error_cognito;
+/**
+ * Converts a cognito error to a lambda error.
+ * Basically just for narrowing it down a bit
+ */
+export declare function error_lambda_fromCognito(e: type_error_cognito): {
+    type: "lambda_badRequest";
+    message: string;
+    fieldName: string | undefined;
+    fieldValue: string | undefined;
+} | {
+    type: "lambda_unauthorized";
+    message: string;
+} | {
+    type: "lambda_forbidden";
+    message: string;
+} | {
+    type: "lambda_notFound";
+    message: string;
+    fieldName: string | undefined;
+    fieldValue: string | undefined;
+} | {
+    type: "lambda_conflict";
+    message: string;
+    fieldName: string | undefined;
+    fieldValue: string | undefined;
+} | {
+    type: "lambda_internal";
+    message: string;
+};
+//# sourceMappingURL=errors.d.ts.map

package/dist/cognito/errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../src/cognito/errors.ts"],"names":[],"mappings":"AASA,eAAO,MAAM,uBAAuB;;CAEnC,CAAC;AACF,eAAO,MAAM,sBAAsB;;CAElC,CAAC;AACF,eAAO,MAAM,kBAAkB;;CAE9B,CAAC;AACF,eAAO,MAAM,mBAAmB;;CAE/B,CAAC;AACF,eAAO,MAAM,kBAAkB;;CAE9B,CAAC;AACF,eAAO,MAAM,sBAAsB;;CAElC,CAAC;AACF,eAAO,MAAM,0BAA0B;;CAEtC,CAAC;AACF,eAAO,MAAM,6BAA6B;;CAEzC,CAAC;AACF,eAAO,MAAM,4BAA4B;;CAExC,CAAC;AACF,eAAO,MAAM,6BAA6B;;CAEzC,CAAC;AACF,eAAO,MAAM,mCAAmC;;CAE/C,CAAC;AAGF,eAAO,MAAM,yBAAyB;;CAErC,CAAC;AACF,eAAO,MAAM,0BAA0B;;CAEtC,CAAC;AAGF,eAAO,MAAM,sBAAsB;;CAElC,CAAC;AAEF,eAAO,MAAM,wBAAwB;;CAEpC,CAAC;AAEF,MAAM,MAAM,4BAA4B,GAAG,OAAO,uBAAuB,CAAC;AAC1E,MAAM,MAAM,2BAA2B,GAAG,OAAO,sBAAsB,CAAC;AACxE,MAAM,MAAM,uBAAuB,GAAG,OAAO,kBAAkB,CAAC;AAChE,MAAM,MAAM,wBAAwB,GAAG,OAAO,mBAAmB,CAAC;AAClE,MAAM,MAAM,uBAAuB,GAAG,OAAO,kBAAkB,CAAC;AAChE,MAAM,MAAM,2BAA2B,GAAG,OAAO,sBAAsB,CAAC;AACxE,MAAM,MAAM,+BAA+B,GAAG,OAAO,0BAA0B,CAAC;AAChF,MAAM,MAAM,kCAAkC,GAAG,OAAO,6BAA6B,CAAC;AACtF,MAAM,MAAM,iCAAiC,GAAG,OAAO,4BAA4B,CAAC;AACpF,MAAM,MAAM,kCAAkC,GAAG,OAAO,6BAA6B,CAAC;AACtF,MAAM,MAAM,wCAAwC,GAAG,OAAO,mCAAmC,CAAC;AAClG,MAAM,MAAM,8BAA8B,GAAG,OAAO,yBAAyB,CAAC;AAC9E,MAAM,MAAM,+BAA+B,GAAG,OAAO,0BAA0B,CAAC;AAChF,MAAM,MAAM,2BAA2B,GAAG,OAAO,sBAAsB,CAAC;AACxE,MAAM,MAAM,6BAA6B,GAAG,OAAO,wBAAwB,CAAC;AAE5E,MAAM,MAAM,kBAAkB,GAC1B,4BAA4B,GAC5B,2BAA2B,GAC3B,uBAAuB,GACvB,wBAAwB,GACxB,uBAAuB,GACvB,2BAA2B,GAC3B,+BAA+B,GAC/B,kCAAkC,GAClC,iCAAiC,GACjC,kCAAkC,GAClC,wCAAwC,GACxC,8BAA8B,GAC9B,+BAA+B,GAC/B,2BAA2B,GAC3B,6BAA6B,CAAC;AAuClC;;GAEG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,KAAK,GAAG,kBAAkB,CAO9D;AAED;;;GAGG;AACH,wBAAgB,wBAAwB,CAAC,CAAC,EAAE,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;EA4B7D"}

package/dist/cognito/errors.js

@@ -0,0 +1,128 @@
+import { error_lambda_badRequest, error_lambda_conflict, error_lambda_internal, error_lambda_unauthorized, error_lambda_forbidden, error_lambda_notFound } from '../lambda/errors.js';
+export const error_cognito_forbidden = {
+    type: 'cognito_forbidden'
+};
+export const error_cognito_internal = {
+    type: 'cognito_internal'
+};
+export const error_cognito_role = {
+    type: 'cognito_role'
+};
+export const error_cognito_input = {
+    type: 'cognito_input'
+};
+export const error_cognito_auth = {
+    type: 'cognito_auth'
+};
+export const error_cognito_notFound = {
+    type: 'cognito_notFound'
+};
+export const error_cognito_userNotFound = {
+    type: 'cognito_userNotFound'
+};
+export const error_cognito_tooManyRequests = {
+    type: 'cognito_tooManyRequests'
+};
+export const error_cognito_passwordPolicy = {
+    type: 'cognito_passwordPolicy'
+};
+export const error_cognito_passwordHistory = {
+    type: 'cognito_passwordHistory'
+};
+export const error_cognito_passwordResetRequired = {
+    type: 'cognito_passwordResetRequired'
+};
+// Confirm forgot password
+export const error_cognito_codeExpired = {
+    type: 'cognito_codeExpired'
+};
+export const error_cognito_codeMismatch = {
+    type: 'cognito_codeMismatch'
+};
+// Forgot password
+export const error_cognito_delivery = {
+    type: 'cognito_delivery'
+};
+// Confirm signup
+export const error_cognito_userExists = {
+    type: 'cognito_userExists'
+};
+const awsToCognitoErrorMap = {
+    ForbiddenException: error_cognito_forbidden,
+    NotAuthorizedException: error_cognito_auth,
+    UserNotConfirmedException: error_cognito_auth,
+    UserNotFoundException: error_cognito_userNotFound,
+    ResourceNotFoundException: error_cognito_notFound,
+    InvalidParameterException: error_cognito_input,
+    InvalidPasswordException: error_cognito_passwordPolicy,
+    PasswordHistoryPolicyViolationException: error_cognito_passwordHistory,
+    PasswordResetRequiredException: error_cognito_passwordResetRequired,
+    LimitExceededException: error_cognito_tooManyRequests,
+    TooManyRequestsException: error_cognito_tooManyRequests,
+    InternalErrorException: error_cognito_internal,
+    // Confirm forgot password
+    CodeMismatchException: error_cognito_codeMismatch,
+    ExpiredCodeException: error_cognito_codeExpired,
+    TooManyFailedAttemptsException: error_cognito_tooManyRequests,
+    UnexpectedLambdaException: error_cognito_internal,
+    InvalidLambdaResponseException: error_cognito_internal,
+    UserLambdaValidationException: error_cognito_internal,
+    // Forgot password
+    InvalidEmailRoleAccessPolicyException: error_cognito_role,
+    InvalidSmsRoleAccessPolicyException: error_cognito_role,
+    InvalidSmsRoleTrustRelationshipException: error_cognito_role,
+    CodeDelliveryFailureException: error_cognito_delivery,
+    // Confirm signup
+    AliasExistsException: error_cognito_userExists,
+    // Login
+    InvalidUserPoolConfigurationException: error_cognito_internal,
+    MFAMethodNotFoundException: error_cognito_notFound,
+    UnsupportedOperationException: error_cognito_internal,
+    // Reset password
+    SoftwareTokenMFANotFoundException: error_cognito_notFound,
+    // Sign up
+    UsernameExistsException: error_cognito_userExists
+};
+/**
+ * Gets a generic error from the name of the aws error
+ */
+export function error_cognito(error) {
+    const type = error.name;
+    if (awsToCognitoErrorMap[type] === undefined)
+        console.warn(`${type} is not present in the cognito error map`);
+    console.error(`Cognito error: ${type}`, error);
+    return awsToCognitoErrorMap[type] || error_cognito_internal;
+}
+/**
+ * Converts a cognito error to a lambda error.
+ * Basically just for narrowing it down a bit
+ */
+export function error_lambda_fromCognito(e) {
+    switch (e.type) {
+        case 'cognito_auth':
+            return error_lambda_unauthorized('Not authorized');
+        case 'cognito_forbidden':
+            return error_lambda_forbidden('Forbidden');
+        case 'cognito_internal':
+        case 'cognito_role':
+            return error_lambda_internal('Internal server error');
+        case 'cognito_input':
+            return error_lambda_badRequest('There is an issue with your request');
+        case 'cognito_notFound':
+            return error_lambda_notFound('Resource not found');
+        case 'cognito_userNotFound':
+            return error_lambda_notFound('User not found');
+        case 'cognito_tooManyRequests':
+            return error_lambda_badRequest('Too many requests');
+        case 'cognito_passwordPolicy':
+            return error_lambda_badRequest('Password does not meet policy requirements');
+        case 'cognito_passwordHistory':
+            return error_lambda_conflict('Password was used recently');
+        case 'cognito_passwordResetRequired':
+            return error_lambda_badRequest('Password reset required');
+        case 'cognito_delivery':
+            return error_lambda_internal('Delivery failed for the provided email or phone number');
+        default:
+            return error_lambda_internal('Unknown error');
+    }
+}

package/dist/cognito/index.d.ts

@@ -0,0 +1,5 @@
+export * from './client.js';
+export * from './errors.js';
+export * from './user.js';
+export * from './password.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/cognito/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/cognito/index.ts"],"names":[],"mappings":"AAAA,cAAc,aAAa,CAAC;AAC5B,cAAc,aAAa,CAAC;AAE5B,cAAc,WAAW,CAAC;AAC1B,cAAc,eAAe,CAAC"}

package/dist/cognito/index.js

@@ -0,0 +1,4 @@
+export * from './client.js';
+export * from './errors.js';
+export * from './user.js';
+export * from './password.js';

package/dist/cognito/password.d.ts

@@ -0,0 +1,53 @@
+import type { type_error_cognito } from './errors.js';
+import { ResultAsync } from 'neverthrow';
+export declare function computeSecretHash(username: string, clientId: string, clientSecret: string): string;
+/**
+ * Changes a users password
+ * Wraps the cognito sdk to use neverthrow
+ */
+export declare const changePassword: (accessToken: string, oldPassword: string, newPassword: string) => ResultAsync<import("@aws-sdk/client-cognito-identity-provider").ChangePasswordCommandOutput, type_error_cognito>;
+/**
+ * Changes the password with the confirmation code sent to the email.
+ * Assumes the existence of process.env.COGNITO_CLIENT_ID and COGNITO_CLIENT_SECRET
+ * @param username - username or any of their alias attributes
+ * @param confirmationCode
+ * @param newPassword
+ */
+export declare const confirmForgotPassword: (data: {
+    username: string;
+    confirmationCode: string;
+    newPassword: string;
+}) => ResultAsync<import("@aws-sdk/client-cognito-identity-provider").ConfirmForgotPasswordCommandOutput, type_error_cognito>;
+/**
+ * Confirms signup
+ * @param username - username or any alias attribute
+ */
+export declare const confirmSignup: (data: {
+    username: string;
+    confirmationCode: string;
+}) => ResultAsync<import("@aws-sdk/client-cognito-identity-provider").ConfirmSignUpCommandOutput, type_error_cognito>;
+/**
+ * Sends an email for you to reset your password
+ */
+export declare const forgotPassword: (data: {
+    username: string;
+}) => ResultAsync<import("@aws-sdk/client-cognito-identity-provider").ForgotPasswordCommandOutput, type_error_cognito>;
+export declare const login: (data: {
+    username: string;
+    password: string;
+}) => ResultAsync<import("@aws-sdk/client-cognito-identity-provider").AdminInitiateAuthCommandOutput, type_error_cognito>;
+export declare const refreshTokens: (data: {
+    username: string;
+    refreshToken: string;
+}) => ResultAsync<import("@aws-sdk/client-cognito-identity-provider").AdminInitiateAuthCommandOutput, type_error_cognito>;
+export declare const logout: (accessToken: string) => ResultAsync<import("@aws-sdk/client-cognito-identity-provider").GlobalSignOutCommandOutput, type_error_cognito>;
+export declare const resetPassword: (data: {
+    session: string;
+    newPassword: string;
+    username: string;
+}) => ResultAsync<import("@aws-sdk/client-cognito-identity-provider").RespondToAuthChallengeCommandOutput, type_error_cognito>;
+export declare const signUp: (data: {
+    username: string;
+    password: string;
+} & Record<string, unknown>) => ResultAsync<import("@aws-sdk/client-cognito-identity-provider").SignUpCommandOutput, type_error_cognito>;
+//# sourceMappingURL=password.d.ts.map

package/dist/cognito/password.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"password.d.ts","sourceRoot":"","sources":["../../src/cognito/password.ts"],"names":[],"mappings":"AAUA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AAGtD,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAOzC,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,MAAM,CAIlG;AAID;;;GAGG;AACH,eAAO,MAAM,cAAc,qLAe1B,CAAC;AAIF;;;;;;GAMG;AACH,eAAO,MAAM,qBAAqB;cACb,MAAM;sBAAoB,MAAM;iBAAe,MAAM;6HAgBzE,CAAC;AAIF;;;GAGG;AACH,eAAO,MAAM,aAAa;cACL,MAAM;sBAAoB,MAAM;qHAepD,CAAC;AAIF;;GAEG;AACH,eAAO,MAAM,cAAc;cACN,MAAM;sHAc1B,CAAC;AAIF,eAAO,MAAM,KAAK;cACG,MAAM;cAAY,MAAM;yHAmB5C,CAAC;AAIF,eAAO,MAAM,aAAa;cACL,MAAM;kBAAgB,MAAM;yHAkBhD,CAAC;AAGF,eAAO,MAAM,MAAM,0IAUlB,CAAC;AAIF,eAAO,MAAM,aAAa;aACN,MAAM;iBAAe,MAAM;cAAY,MAAM;8HAmBhE,CAAC;AAGF,eAAO,MAAM,MAAM;cACE,MAAM;cAAY,MAAM;wIAuB5C,CAAC"}

package/dist/cognito/password.js

@@ -0,0 +1,161 @@
+import { AdminInitiateAuthCommand, ChangePasswordCommand, ConfirmForgotPasswordCommand, ConfirmSignUpCommand, ForgotPasswordCommand, GlobalSignOutCommand, RespondToAuthChallengeCommand, SignUpCommand } from '@aws-sdk/client-cognito-identity-provider';
+import { error_cognito } from './errors.js';
+import { getCognitoClient } from './client.js';
+import { ResultAsync } from 'neverthrow';
+import { createHmac } from 'crypto';
+const clientId = process.env.COGNITO_CLIENT_ID;
+const clientSecret = process.env.COGNITO_CLIENT_SECRET;
+const userPoolId = process.env.COGNITO_USER_POOL_ID;
+export function computeSecretHash(username, clientId, clientSecret) {
+    return createHmac('SHA256', clientSecret)
+        .update(username + clientId)
+        .digest('base64');
+}
+// ---- Change password ---- //
+/**
+ * Changes a users password
+ * Wraps the cognito sdk to use neverthrow
+ */
+export const changePassword = ResultAsync.fromThrowable(async (accessToken, oldPassword, newPassword) => {
+    const cognitoClient = getCognitoClient();
+    return cognitoClient.send(new ChangePasswordCommand({
+        AccessToken: accessToken,
+        PreviousPassword: oldPassword,
+        ProposedPassword: newPassword
+    }));
+}, (e) => {
+    console.error('ChangePasswordCommand error', e);
+    return error_cognito(e);
+});
+// ---- Confirm Forgot password ---- //
+/**
+ * Changes the password with the confirmation code sent to the email.
+ * Assumes the existence of process.env.COGNITO_CLIENT_ID and COGNITO_CLIENT_SECRET
+ * @param username - username or any of their alias attributes
+ * @param confirmationCode
+ * @param newPassword
+ */
+export const confirmForgotPassword = ResultAsync.fromThrowable((data) => {
+    const cognitoClient = getCognitoClient();
+    return cognitoClient.send(new ConfirmForgotPasswordCommand({
+        ClientId: clientId,
+        Username: data.username,
+        ConfirmationCode: data.confirmationCode,
+        Password: data.newPassword,
+        SecretHash: computeSecretHash(data.username, clientId, clientSecret)
+    }));
+}, (e) => {
+    console.error('ConfirmForgotPasswordCommand error', e);
+    return error_cognito(e);
+});
+// ---- Confirm Signup ---- //
+/**
+ * Confirms signup
+ * @param username - username or any alias attribute
+ */
+export const confirmSignup = ResultAsync.fromThrowable((data) => {
+    const cognitoClient = getCognitoClient();
+    return cognitoClient.send(new ConfirmSignUpCommand({
+        ClientId: clientId,
+        Username: data.username,
+        ConfirmationCode: data.confirmationCode,
+        SecretHash: computeSecretHash(data.username, clientId, clientSecret)
+    }));
+}, (e) => {
+    console.error('ConfirmSignUpCommand error', e);
+    return error_cognito(e);
+});
+// ---- Forgot password ---- //
+/**
+ * Sends an email for you to reset your password
+ */
+export const forgotPassword = ResultAsync.fromThrowable((data) => {
+    const cognitoClient = getCognitoClient();
+    return cognitoClient.send(new ForgotPasswordCommand({
+        ClientId: clientId,
+        Username: data.username,
+        SecretHash: computeSecretHash(data.username, clientId, clientSecret)
+    }));
+}, (e) => {
+    console.error('ForgotPasswordCommand error', e);
+    return error_cognito(e);
+});
+// ---- Login ---- //
+export const login = ResultAsync.fromThrowable((data) => {
+    const cognitoClient = getCognitoClient();
+    return cognitoClient.send(new AdminInitiateAuthCommand({
+        AuthFlow: 'ADMIN_USER_PASSWORD_AUTH',
+        ClientId: clientId,
+        UserPoolId: userPoolId,
+        AuthParameters: {
+            USERNAME: data.username,
+            PASSWORD: data.password,
+            SECRET_HASH: computeSecretHash(data.username, clientId, clientSecret)
+        }
+    }));
+}, (e) => {
+    console.error('AdminInitiateAuthCommand error', e);
+    return error_cognito(e);
+});
+// ---- Refresh token ---- //
+export const refreshTokens = ResultAsync.fromThrowable((data) => {
+    const cognitoClient = getCognitoClient();
+    return cognitoClient.send(new AdminInitiateAuthCommand({
+        AuthFlow: 'REFRESH_TOKEN_AUTH',
+        ClientId: clientId,
+        UserPoolId: userPoolId,
+        AuthParameters: {
+            REFRESH_TOKEN: data.refreshToken,
+            SECRET_HASH: computeSecretHash(data.username, clientId, clientSecret)
+        }
+    }));
+}, (e) => {
+    console.error('AdminInitiateAuthCommand error', e);
+    return error_cognito(e);
+});
+// ---- Logout ---- //
+export const logout = ResultAsync.fromThrowable((accessToken) => {
+    const cognitoClient = getCognitoClient();
+    // GlobalSignOut invalidates all refresh tokens associated with user
+    return cognitoClient.send(new GlobalSignOutCommand({ AccessToken: accessToken }));
+}, (e) => {
+    console.error('GlobalSignOutCommand error', e);
+    return error_cognito(e);
+});
+// ---- Reset password ---- //
+export const resetPassword = ResultAsync.fromThrowable((data) => {
+    const cognitoClient = getCognitoClient();
+    return cognitoClient.send(new RespondToAuthChallengeCommand({
+        ChallengeName: 'NEW_PASSWORD_REQUIRED',
+        ClientId: clientId,
+        Session: data.session,
+        ChallengeResponses: {
+            SECRET_HASH: computeSecretHash(data.username, clientId, clientSecret),
+            NEW_PASSWORD: data.newPassword,
+            USERNAME: data.username
+        }
+    }));
+}, (e) => {
+    console.error('RespondToAuthChallengeCommand error', e);
+    return error_cognito(e);
+});
+// ---- Sign up ---- //
+export const signUp = ResultAsync.fromThrowable((data) => {
+    const cognitoClient = getCognitoClient();
+    const secretHash = computeSecretHash(data.username, clientId, clientSecret);
+    return cognitoClient.send(new SignUpCommand({
+        ClientId: clientId,
+        Username: data.username,
+        Password: data.password,
+        SecretHash: secretHash,
+        UserAttributes: Object.entries(data)
+            .filter(([key]) => key !== 'username' && key !== 'password')
+            .map(([key, value]) => ({
+            Name: key,
+            Value: value
+        }))
+    }));
+}, (e) => {
+    console.error('SignUpCommand error', e);
+    return error_cognito(e);
+});

package/dist/cognito/user.d.ts

@@ -0,0 +1,14 @@
+import type { AdminGetUserCommandOutput, AttributeType } from '@aws-sdk/client-cognito-identity-provider';
+import { ResultAsync } from 'neverthrow';
+export type UserRes = Omit<AdminGetUserCommandOutput, 'UserAttributes'> & {
+    UserAttributes: Record<string, string>;
+};
+/**
+ * Performs an AdminGetUserCommand and extracts the user attributes into an object
+ */
+export declare const getUserDetails: (username: string) => ResultAsync<UserRes, import("./errors.js").type_error_cognito>;
+/**
+ * @returns An object of attributes with their names as keys and values as values.
+ */
+export declare function extractAttributes(attrs: AttributeType[] | undefined): Record<string, string>;
+//# sourceMappingURL=user.d.ts.map

package/dist/cognito/user.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"user.d.ts","sourceRoot":"","sources":["../../src/cognito/user.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,yBAAyB,EACzB,aAAa,EAEd,MAAM,2CAA2C,CAAC;AAGnD,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAGzC,MAAM,MAAM,OAAO,GAAG,IAAI,CAAC,yBAAyB,EAAE,gBAAgB,CAAC,GAAG;IAAE,cAAc,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;CAAE,CAAC;AAErH;;GAEG;AACH,eAAO,MAAM,cAAc,sFAe1B,CAAC;AAEF;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,aAAa,EAAE,GAAG,SAAS,0BAUnE"}

package/dist/cognito/user.js

@@ -0,0 +1,34 @@
+import { AdminGetUserCommand } from '@aws-sdk/client-cognito-identity-provider';
+import { getCognitoClient } from './client.js';
+import { ResultAsync } from 'neverthrow';
+import { error_cognito } from './errors.js';
+/**
+ * Performs an AdminGetUserCommand and extracts the user attributes into an object
+ */
+export const getUserDetails = ResultAsync.fromThrowable(async (username) => {
+    console.log('getUserDetails: Getting details for user: ', username);
+    const UserPoolId = process.env.COGNITO_USER_POOL_ID;
+    const cognitoClient = getCognitoClient();
+    const res = await cognitoClient.send(new AdminGetUserCommand({ UserPoolId, Username: username }));
+    return {
+        ...res,
+        UserAttributes: extractAttributes(res.UserAttributes)
+    };
+}, (e) => {
+    console.error('getUserDetails:error:', e);
+    return error_cognito(e);
+});
+/**
+ * @returns An object of attributes with their names as keys and values as values.
+ */
+export function extractAttributes(attrs) {
+    const attributes = {};
+    if (attrs) {
+        for (const attr of attrs) {
+            if (attr.Name && attr.Value) {
+                attributes[attr.Name] = attr.Value;
+            }
+        }
+    }
+    return attributes;
+}

package/dist/dynamo/errors.d.ts

@@ -0,0 +1,9 @@
+export declare const error_dynamo: {
+    type: "dynamo";
+};
+export type type_error_dynamo = typeof error_dynamo;
+export declare function error_lambda_fromDynamo(e: type_error_dynamo): {
+    type: "lambda_internal";
+    message: string;
+};
+//# sourceMappingURL=errors.d.ts.map

package/dist/dynamo/errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../src/dynamo/errors.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,YAAY;;CAExB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG,OAAO,YAAY,CAAC;AAEpD,wBAAgB,uBAAuB,CAAC,CAAC,EAAE,iBAAiB;;;EAE3D"}

package/dist/dynamo/errors.js

@@ -0,0 +1,7 @@
+import { error_lambda_internal } from '../lambda/errors.js';
+export const error_dynamo = {
+    type: 'dynamo'
+};
+export function error_lambda_fromDynamo(e) {
+    return error_lambda_internal('Internal server error');
+}

package/dist/dynamo/index.d.ts

@@ -0,0 +1,2 @@
+export * from './errors.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/dynamo/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/dynamo/index.ts"],"names":[],"mappings":"AAAA,cAAc,aAAa,CAAC"}

package/dist/dynamo/index.js

@@ -0,0 +1 @@
+export * from './errors.js';

package/dist/index.d.ts

@@ -1,4 +1,9 @@
 export * from './lambda/index.js';
+export * from './cognito/index.js';
+export * from './s3/index.js';
+export * from './dynamo/index.js';
+export * from './ses/index.js';
 export * from './rehype/index.js';
 export * from './utils/index.js';
+export * from './types/index.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,mBAAmB,CAAC;AAClC,cAAc,mBAAmB,CAAC;AAClC,cAAc,kBAAkB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,cAAc,mBAAmB,CAAC;AAClC,cAAc,oBAAoB,CAAC;AACnC,cAAc,eAAe,CAAC;AAC9B,cAAc,mBAAmB,CAAC;AAClC,cAAc,gBAAgB,CAAC;AAE/B,cAAc,mBAAmB,CAAC;AAClC,cAAc,kBAAkB,CAAC;AAEjC,cAAc,kBAAkB,CAAC"}

package/dist/index.js

@@ -1,3 +1,9 @@
+// AWS
 export * from './lambda/index.js';
+export * from './cognito/index.js';
+export * from './s3/index.js';
+export * from './dynamo/index.js';
+export * from './ses/index.js';
 export * from './rehype/index.js';
 export * from './utils/index.js';
+export * from './types/index.js';

package/dist/lambda/authentication.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=authentication.d.ts.map

package/dist/lambda/authentication.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"authentication.d.ts","sourceRoot":"","sources":["../../src/lambda/authentication.ts"],"names":[],"mappings":""}

package/dist/lambda/authentication.js

@@ -0,0 +1 @@
+export {};

package/dist/lambda/browser.d.ts

@@ -1,4 +1,6 @@
 export * from './client-types.js';
 export * from './client.js';
 export * from './handlerUtils.js';
+export * from './serializer.js';
+export * from './deserializer.js';
 //# sourceMappingURL=browser.d.ts.map

package/dist/lambda/browser.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"browser.d.ts","sourceRoot":"","sources":["../../src/lambda/browser.ts"],"names":[],"mappings":"AAAA,cAAc,mBAAmB,CAAC;AAClC,cAAc,aAAa,CAAC;AAC5B,cAAc,mBAAmB,CAAC"}
+{"version":3,"file":"browser.d.ts","sourceRoot":"","sources":["../../src/lambda/browser.ts"],"names":[],"mappings":"AAAA,cAAc,mBAAmB,CAAC;AAClC,cAAc,aAAa,CAAC;AAC5B,cAAc,mBAAmB,CAAC;AAClC,cAAc,iBAAiB,CAAC;AAChC,cAAc,mBAAmB,CAAC"}

package/dist/lambda/browser.js

@@ -1,3 +1,5 @@
 export * from './client-types.js';
 export * from './client.js';
 export * from './handlerUtils.js';
+export * from './serializer.js';
+export * from './deserializer.js';