From cc14fa2189f6a296fdac7ba79f546334c4ba71ce Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 25 Sep 2024 14:41:49 -0700 Subject: [PATCH 01/61] feat: reference auth basic setup --- package-lock.json | 178 ++++++++------- packages/backend-auth/src/index.ts | 5 + .../backend-auth/src/reference_factory.ts | 212 ++++++++++++++++++ packages/plugin-types/src/auth_resources.ts | 26 +++ packages/reference-auth-construct/.npmignore | 14 ++ packages/reference-auth-construct/README.md | 3 + .../api-extractor.json | 3 + .../reference-auth-construct/package.json | 29 +++ .../src/construct.test.ts | 20 ++ .../reference-auth-construct/src/construct.ts | 84 +++++++ .../reference-auth-construct/src/index.ts | 2 + .../reference-auth-construct/src/types.ts | 14 ++ .../reference-auth-construct/tsconfig.json | 17 ++ .../reference-auth-construct/typedoc.json | 3 + 14 files changed, 531 insertions(+), 79 deletions(-) create mode 100644 packages/backend-auth/src/reference_factory.ts create mode 100644 packages/reference-auth-construct/.npmignore create mode 100644 packages/reference-auth-construct/README.md create mode 100644 packages/reference-auth-construct/api-extractor.json create mode 100644 packages/reference-auth-construct/package.json create mode 100644 packages/reference-auth-construct/src/construct.test.ts create mode 100644 packages/reference-auth-construct/src/construct.ts create mode 100644 packages/reference-auth-construct/src/index.ts create mode 100644 packages/reference-auth-construct/src/types.ts create mode 100644 packages/reference-auth-construct/tsconfig.json create mode 100644 packages/reference-auth-construct/typedoc.json diff --git a/package-lock.json b/package-lock.json index ba819efd32..2f2601548b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5954,6 +5954,10 @@ "resolved": "packages/plugin-types", "link": true }, + "node_modules/@aws-amplify/reference-auth-construct": { + "resolved": "packages/reference-auth-construct", + "link": true + }, "node_modules/@aws-amplify/sandbox": { "resolved": "packages/sandbox", "link": true @@ -23297,6 +23301,7 @@ "version": "11.2.0", "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-11.2.0.tgz", "integrity": "sha512-PmDi3uwK5nFuXh7XDTlVnS17xJS7vW36is2+w3xcv8SVxiB4NyATf4ctkVY5bkSjX0Y4nbvZCq1/EjtEyr9ktw==", + "dev": true, "license": "MIT", "dependencies": { "graceful-fs": "^4.2.0", @@ -23971,6 +23976,7 @@ "version": "9.0.6", "resolved": "https://registry.npmjs.org/immer/-/immer-9.0.6.tgz", "integrity": "sha512-G95ivKpy+EvVAnAab4fVa4YGYn24J1SpEktnJX7JJ45Bd7xqME/SCplFzYFmTbrkwZbQ4xJK1xMTUYBkN6pWsQ==", + "dev": true, "license": "MIT", "funding": { "type": "opencollective", @@ -30147,6 +30153,7 @@ "version": "8.3.2", "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "dev": true, "license": "MIT", "bin": { "uuid": "dist/bin/uuid" @@ -30930,17 +30937,17 @@ } }, "packages/ampx": { - "version": "0.2.1", + "version": "0.2.2", "license": "Apache-2.0" }, "packages/auth-construct": { "name": "@aws-amplify/auth-construct", - "version": "1.3.0", + "version": "1.3.1", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.1.0", - "@aws-amplify/backend-output-storage": "^1.1.1", - "@aws-amplify/plugin-types": "^1.2.1", + "@aws-amplify/backend-output-storage": "^1.1.2", + "@aws-amplify/plugin-types": "^1.2.2", "@aws-sdk/util-arn-parser": "^3.568.0" }, "peerDependencies": { @@ -30950,20 +30957,20 @@ }, "packages/backend": { "name": "@aws-amplify/backend", - "version": "1.2.1", + "version": "1.3.0", "license": "Apache-2.0", "dependencies": { - "@aws-amplify/backend-auth": "^1.1.2", - "@aws-amplify/backend-data": "^1.1.3", - "@aws-amplify/backend-function": "^1.4.0", + "@aws-amplify/backend-auth": "^1.2.0", + "@aws-amplify/backend-data": "^1.1.4", + "@aws-amplify/backend-function": "^1.5.0", "@aws-amplify/backend-output-schemas": "^1.2.0", - "@aws-amplify/backend-output-storage": "^1.1.1", - "@aws-amplify/backend-secret": "^1.0.1", - "@aws-amplify/backend-storage": "^1.1.1", - "@aws-amplify/client-config": "^1.3.0", + "@aws-amplify/backend-output-storage": "^1.1.2", + "@aws-amplify/backend-secret": "^1.1.2", + "@aws-amplify/backend-storage": "^1.2.0", + "@aws-amplify/client-config": "^1.3.1", "@aws-amplify/data-schema": "^1.0.0", "@aws-amplify/platform-core": "^1.1.0", - "@aws-amplify/plugin-types": "^1.2.1", + "@aws-amplify/plugin-types": "^1.3.0", "@aws-sdk/client-amplify": "^3.624.0", "lodash.snakecase": "^4.1.1" }, @@ -30996,15 +31003,15 @@ }, "packages/backend-auth": { "name": "@aws-amplify/backend-auth", - "version": "1.1.4", + "version": "1.2.0", "license": "Apache-2.0", "dependencies": { - "@aws-amplify/auth-construct": "^1.3.0", - "@aws-amplify/backend-output-storage": "^1.1.1", - "@aws-amplify/plugin-types": "^1.2.1" + "@aws-amplify/auth-construct": "^1.3.1", + "@aws-amplify/backend-output-storage": "^1.1.2", + "@aws-amplify/plugin-types": "^1.3.0" }, "devDependencies": { - "@aws-amplify/backend-platform-test-stubs": "^0.3.4", + "@aws-amplify/backend-platform-test-stubs": "^0.3.5", "@aws-amplify/platform-core": "^1.0.6" }, "peerDependencies": { @@ -31014,17 +31021,17 @@ }, "packages/backend-data": { "name": "@aws-amplify/backend-data", - "version": "1.1.3", + "version": "1.1.4", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.1.0", - "@aws-amplify/backend-output-storage": "^1.1.1", + "@aws-amplify/backend-output-storage": "^1.1.2", "@aws-amplify/data-construct": "^1.10.1", "@aws-amplify/data-schema-types": "^1.1.1", - "@aws-amplify/plugin-types": "^1.2.1" + "@aws-amplify/plugin-types": "^1.2.2" }, "devDependencies": { - "@aws-amplify/backend-platform-test-stubs": "^0.3.4", + "@aws-amplify/backend-platform-test-stubs": "^0.3.5", "@aws-amplify/data-schema": "^1.0.0", "@aws-amplify/platform-core": "^1.0.7" }, @@ -31035,11 +31042,11 @@ }, "packages/backend-deployer": { "name": "@aws-amplify/backend-deployer", - "version": "1.1.2", + "version": "1.1.4", "license": "Apache-2.0", "dependencies": { "@aws-amplify/platform-core": "^1.0.6", - "@aws-amplify/plugin-types": "^1.2.1", + "@aws-amplify/plugin-types": "^1.2.2", "execa": "^8.0.1", "tsx": "^4.6.1" }, @@ -31050,16 +31057,16 @@ }, "packages/backend-function": { "name": "@aws-amplify/backend-function", - "version": "1.4.0", + "version": "1.5.0", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.1.0", - "@aws-amplify/backend-output-storage": "^1.1.1", - "@aws-amplify/plugin-types": "^1.2.1", + "@aws-amplify/backend-output-storage": "^1.1.2", + "@aws-amplify/plugin-types": "^1.3.0", "execa": "^8.0.1" }, "devDependencies": { - "@aws-amplify/backend-platform-test-stubs": "^0.3.4", + "@aws-amplify/backend-platform-test-stubs": "^0.3.5", "@aws-amplify/platform-core": "^1.1.0", "@aws-sdk/client-ssm": "^3.624.0", "aws-sdk": "^2.1550.0", @@ -31097,12 +31104,12 @@ }, "packages/backend-output-storage": { "name": "@aws-amplify/backend-output-storage", - "version": "1.1.1", + "version": "1.1.2", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.2.0", "@aws-amplify/platform-core": "^1.0.6", - "@aws-amplify/plugin-types": "^1.2.1" + "@aws-amplify/plugin-types": "^1.2.2" }, "peerDependencies": { "aws-cdk-lib": "^2.152.0" @@ -31110,21 +31117,21 @@ }, "packages/backend-platform-test-stubs": { "name": "@aws-amplify/backend-platform-test-stubs", - "version": "0.3.4", + "version": "0.3.5", "license": "Apache-2.0", "dependencies": { - "@aws-amplify/plugin-types": "^1.2.1", + "@aws-amplify/plugin-types": "^1.2.2", "aws-cdk-lib": "^2.152.0", "constructs": "^10.0.0" } }, "packages/backend-secret": { "name": "@aws-amplify/backend-secret", - "version": "1.1.1", + "version": "1.1.3", "license": "Apache-2.0", "dependencies": { "@aws-amplify/platform-core": "^1.0.5", - "@aws-amplify/plugin-types": "^1.1.1", + "@aws-amplify/plugin-types": "^1.2.2", "@aws-sdk/client-ssm": "^3.624.0" }, "devDependencies": { @@ -31133,15 +31140,15 @@ }, "packages/backend-storage": { "name": "@aws-amplify/backend-storage", - "version": "1.1.2", + "version": "1.2.0", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.2.0", - "@aws-amplify/backend-output-storage": "^1.1.1", - "@aws-amplify/plugin-types": "^1.2.1" + "@aws-amplify/backend-output-storage": "^1.1.2", + "@aws-amplify/plugin-types": "^1.3.0" }, "devDependencies": { - "@aws-amplify/backend-platform-test-stubs": "^0.3.4", + "@aws-amplify/backend-platform-test-stubs": "^0.3.5", "@aws-amplify/platform-core": "^1.0.6" }, "peerDependencies": { @@ -31151,21 +31158,21 @@ }, "packages/cli": { "name": "@aws-amplify/backend-cli", - "version": "1.2.6", + "version": "1.2.8", "license": "Apache-2.0", "dependencies": { - "@aws-amplify/backend-deployer": "^1.1.1", + "@aws-amplify/backend-deployer": "^1.1.3", "@aws-amplify/backend-output-schemas": "^1.1.0", - "@aws-amplify/backend-secret": "^1.1.0", - "@aws-amplify/cli-core": "^1.1.2", - "@aws-amplify/client-config": "^1.2.1", - "@aws-amplify/deployed-backend-client": "^1.3.0", - "@aws-amplify/form-generator": "^1.0.1", - "@aws-amplify/model-generator": "^1.0.5", + "@aws-amplify/backend-secret": "^1.1.2", + "@aws-amplify/cli-core": "^1.1.3", + "@aws-amplify/client-config": "^1.3.1", + "@aws-amplify/deployed-backend-client": "^1.4.1", + "@aws-amplify/form-generator": "^1.0.3", + "@aws-amplify/model-generator": "^1.0.8", "@aws-amplify/platform-core": "^1.0.5", - "@aws-amplify/plugin-types": "^1.2.1", - "@aws-amplify/sandbox": "^1.2.0", - "@aws-amplify/schema-generator": "^1.2.1", + "@aws-amplify/plugin-types": "^1.3.0", + "@aws-amplify/sandbox": "^1.2.2", + "@aws-amplify/schema-generator": "^1.2.4", "@aws-sdk/client-amplify": "^3.624.0", "@aws-sdk/client-cloudformation": "^3.624.0", "@aws-sdk/client-s3": "^3.624.0", @@ -31198,7 +31205,7 @@ }, "packages/cli-core": { "name": "@aws-amplify/cli-core", - "version": "1.1.2", + "version": "1.1.3", "license": "Apache-2.0", "dependencies": { "@aws-amplify/platform-core": "^1.0.5", @@ -31305,14 +31312,14 @@ }, "packages/client-config": { "name": "@aws-amplify/client-config", - "version": "1.3.0", + "version": "1.3.2", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.2.0", - "@aws-amplify/deployed-backend-client": "^1.4.0", - "@aws-amplify/model-generator": "^1.0.5", + "@aws-amplify/deployed-backend-client": "^1.4.1", + "@aws-amplify/model-generator": "^1.0.7", "@aws-amplify/platform-core": "^1.0.7", - "@aws-amplify/plugin-types": "^1.2.1", + "@aws-amplify/plugin-types": "^1.2.2", "zod": "^3.22.2" }, "devDependencies": { @@ -31327,12 +31334,12 @@ } }, "packages/create-amplify": { - "version": "1.0.5", + "version": "1.0.6", "license": "Apache-2.0", "dependencies": { - "@aws-amplify/cli-core": "^1.1.1", + "@aws-amplify/cli-core": "^1.1.3", "@aws-amplify/platform-core": "^1.0.3", - "@aws-amplify/plugin-types": "^1.1.0", + "@aws-amplify/plugin-types": "^1.2.2", "execa": "^8.0.1", "kleur": "^4.1.5", "yargs": "^17.7.2" @@ -31442,12 +31449,12 @@ }, "packages/deployed-backend-client": { "name": "@aws-amplify/deployed-backend-client", - "version": "1.4.0", + "version": "1.4.1", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.2.0", "@aws-amplify/platform-core": "^1.0.5", - "@aws-amplify/plugin-types": "^1.2.1", + "@aws-amplify/plugin-types": "^1.2.2", "zod": "^3.22.2" }, "peerDependencies": { @@ -31470,7 +31477,7 @@ }, "packages/form-generator": { "name": "@aws-amplify/form-generator", - "version": "1.0.1", + "version": "1.0.3", "license": "Apache-2.0", "dependencies": { "@aws-amplify/appsync-modelgen-plugin": "^2.11.0", @@ -31490,20 +31497,20 @@ }, "packages/integration-tests": { "name": "@aws-amplify/integration-tests", - "version": "0.5.8", + "version": "0.5.9", "license": "Apache-2.0", "devDependencies": { "@apollo/client": "^3.10.1", "@aws-amplify/ai-constructs": "^0.1.0", - "@aws-amplify/auth-construct": "^1.2.2", - "@aws-amplify/backend": "^1.2.1", + "@aws-amplify/auth-construct": "^1.3.1", + "@aws-amplify/backend": "^1.2.2", "@aws-amplify/backend-ai": "^0.1.0", - "@aws-amplify/backend-secret": "^1.0.1", - "@aws-amplify/client-config": "^1.1.3", + "@aws-amplify/backend-secret": "^1.1.2", + "@aws-amplify/client-config": "^1.3.1", "@aws-amplify/data-schema": "^1.0.0", - "@aws-amplify/deployed-backend-client": "^1.3.0", + "@aws-amplify/deployed-backend-client": "^1.4.1", "@aws-amplify/platform-core": "^1.1.0", - "@aws-amplify/plugin-types": "^1.2.1", + "@aws-amplify/plugin-types": "^1.2.2", "@aws-sdk/client-accessanalyzer": "^3.624.0", "@aws-sdk/client-amplify": "^3.624.0", "@aws-sdk/client-bedrock-runtime": "^3.622.0", @@ -31549,15 +31556,15 @@ }, "packages/model-generator": { "name": "@aws-amplify/model-generator", - "version": "1.0.6", + "version": "1.0.8", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.1.0", - "@aws-amplify/deployed-backend-client": "^1.3.0", + "@aws-amplify/deployed-backend-client": "^1.4.1", "@aws-amplify/graphql-generator": "^0.4.0", "@aws-amplify/graphql-types-generator": "^3.6.0", "@aws-amplify/platform-core": "^1.0.5", - "@aws-amplify/plugin-types": "^1.2.1", + "@aws-amplify/plugin-types": "^1.3.0", "@aws-sdk/client-appsync": "^3.624.0", "@aws-sdk/client-s3": "^3.624.0", "@aws-sdk/credential-providers": "^3.624.0", @@ -31603,7 +31610,7 @@ }, "packages/plugin-types": { "name": "@aws-amplify/plugin-types", - "version": "1.2.1", + "version": "1.3.0", "license": "Apache-2.0", "devDependencies": { "execa": "^5.1.1" @@ -31730,18 +31737,31 @@ "node": ">=6" } }, + "packages/reference-auth-construct": { + "version": "0.1.0", + "license": "Apache-2.0", + "dependencies": { + "@aws-amplify/backend-output-schemas": "^1.1.0", + "@aws-amplify/backend-output-storage": "^1.0.2", + "@aws-amplify/plugin-types": "^1.0.1" + }, + "peerDependencies": { + "aws-cdk-lib": "^2.132.0", + "constructs": "^10.0.0" + } + }, "packages/sandbox": { "name": "@aws-amplify/sandbox", - "version": "1.2.1", + "version": "1.2.2", "license": "Apache-2.0", "dependencies": { - "@aws-amplify/backend-deployer": "^1.1.0", - "@aws-amplify/backend-secret": "^1.1.1", - "@aws-amplify/cli-core": "^1.1.2", - "@aws-amplify/client-config": "^1.1.3", - "@aws-amplify/deployed-backend-client": "^1.3.0", + "@aws-amplify/backend-deployer": "^1.1.3", + "@aws-amplify/backend-secret": "^1.1.2", + "@aws-amplify/cli-core": "^1.1.3", + "@aws-amplify/client-config": "^1.3.1", + "@aws-amplify/deployed-backend-client": "^1.4.1", "@aws-amplify/platform-core": "^1.0.6", - "@aws-amplify/plugin-types": "^1.2.1", + "@aws-amplify/plugin-types": "^1.2.2", "@aws-sdk/client-cloudformation": "^3.624.0", "@aws-sdk/client-cloudwatch-logs": "^3.624.0", "@aws-sdk/client-lambda": "^3.624.0", @@ -31765,7 +31785,7 @@ }, "packages/schema-generator": { "name": "@aws-amplify/schema-generator", - "version": "1.2.2", + "version": "1.2.4", "license": "Apache-2.0", "dependencies": { "@aws-amplify/graphql-schema-generator": "^0.9.4", diff --git a/packages/backend-auth/src/index.ts b/packages/backend-auth/src/index.ts index 90ce00ddc3..6d55380a5a 100644 --- a/packages/backend-auth/src/index.ts +++ b/packages/backend-auth/src/index.ts @@ -1,2 +1,7 @@ export { BackendAuth, AmplifyAuthProps, defineAuth } from './factory.js'; +export { + BackendReferenceAuth, + AmplifyReferenceAuthProps, + referenceAuth, +} from './reference_factory.js'; export * from './types.js'; diff --git a/packages/backend-auth/src/reference_factory.ts b/packages/backend-auth/src/reference_factory.ts new file mode 100644 index 0000000000..95e0cf86dc --- /dev/null +++ b/packages/backend-auth/src/reference_factory.ts @@ -0,0 +1,212 @@ +import { + AuthRoleName, + ConstructContainerEntryGenerator, + ConstructFactory, + ConstructFactoryGetInstanceProps, + GenerateContainerEntryProps, + ReferenceAuthResources, + ResourceAccessAcceptor, + ResourceAccessAcceptorFactory, + ResourceProvider, + StackProvider, +} from '@aws-amplify/plugin-types'; +import { AuthAccessGenerator, Expand } from './types.js'; +import { + AmplifyReferenceAuth, + ReferenceAuthProps, +} from '@aws-amplify/reference-auth-construct'; +import { authAccessBuilder as _authAccessBuilder } from './access_builder.js'; +import path from 'path'; +import { AmplifyUserError, TagName } from '@aws-amplify/platform-core'; +import { AuthAccessPolicyArbiterFactory } from './auth_access_policy_arbiter.js'; +import { Stack, Tags } from 'aws-cdk-lib'; +import { Policy } from 'aws-cdk-lib/aws-iam'; +import { UserPoolAccessPolicyFactory } from './userpool_access_policy_factory.js'; + +export type BackendReferenceAuth = ResourceProvider & + ResourceAccessAcceptorFactory & + StackProvider; + +export type AmplifyReferenceAuthProps = Expand< + Omit & { + /** + * Configure access to auth for other Amplify resources + * @see https://docs.amplify.aws/react/build-a-backend/auth/grant-access-to-auth-resources/ + * @example + * access: (allow) => [allow.resource(postConfirmation).to(["addUserToGroup"])] + * @example + * access: (allow) => [allow.resource(groupManager).to(["manageGroups"])] + */ + access?: AuthAccessGenerator; + } +>; +/** + * Singleton factory for AmplifyReferenceAuth that can be used in Amplify project files. + * + * Exported for testing purpose only & should NOT be exported out of the package. + */ +export class AmplifyReferenceAuthFactory + implements ConstructFactory +{ + // publicly accessible for testing purpose only. + static factoryCount = 0; + + readonly provides = 'AuthResources'; + + private generator: ConstructContainerEntryGenerator; + + /** + * Set the properties that will be used to initialize AmplifyReferenceAuth + */ + constructor( + private readonly props: AmplifyReferenceAuthProps, + // eslint-disable-next-line amplify-backend-rules/prefer-amplify-errors + private readonly importStack = new Error().stack + ) { + if (AmplifyReferenceAuthFactory.factoryCount > 0) { + throw new AmplifyUserError('MultipleSingletonResourcesError', { + message: + 'Multiple `referenceAuth` calls are not allowed within an Amplify backend', + resolution: 'Remove all but one `referenceAuth` call', + }); + } + AmplifyReferenceAuthFactory.factoryCount++; + } + /** + * Get a singleton instance of AmplifyReferenceAuth + */ + getInstance = ( + getInstanceProps: ConstructFactoryGetInstanceProps + ): BackendReferenceAuth => { + const { constructContainer, importPathVerifier } = getInstanceProps; + importPathVerifier?.verify( + this.importStack, + path.join('amplify', 'auth', 'resource'), + 'Amplify Auth must be defined in amplify/auth/resource.ts' + ); + if (!this.generator) { + this.generator = new AmplifyReferenceAuthGenerator( + this.props, + getInstanceProps + ); + } + return constructContainer.getOrCompute( + this.generator + ) as BackendReferenceAuth; + }; +} +class AmplifyReferenceAuthGenerator + implements ConstructContainerEntryGenerator +{ + readonly resourceGroupName = 'auth'; + private readonly name: string; + + constructor( + private readonly props: AmplifyReferenceAuthProps, + private readonly getInstanceProps: ConstructFactoryGetInstanceProps, + private readonly authAccessBuilder = _authAccessBuilder, + private readonly authAccessPolicyArbiterFactory = new AuthAccessPolicyArbiterFactory() + ) { + this.name = 'amplifyAuth'; + } + + generateContainerEntry = ({ + scope, + ssmEnvironmentEntriesGenerator, + }: GenerateContainerEntryProps) => { + const authProps: ReferenceAuthProps = { + ...this.props, + outputStorageStrategy: this.getInstanceProps.outputStorageStrategy, + }; + + let authConstruct: AmplifyReferenceAuth; + try { + authConstruct = new AmplifyReferenceAuth(scope, this.name, authProps); + } catch (error) { + throw new AmplifyUserError( + 'AmplifyReferenceAuthConstructInitializationError', + { + message: 'Failed to instantiate reference auth construct', + resolution: 'See the underlying error message for more details.', + }, + error as Error + ); + } + + Tags.of(authConstruct).add(TagName.FRIENDLY_NAME, this.name); + + const authConstructMixin: BackendReferenceAuth = { + ...authConstruct, + /** + * Returns a resourceAccessAcceptor for the given role + * @param roleIdentifier Either the auth or unauth role name or the name of a UserPool group + */ + getResourceAccessAcceptor: ( + roleIdentifier: AuthRoleName | string + ): ResourceAccessAcceptor => ({ + identifier: `${roleIdentifier}ResourceAccessAcceptor`, + acceptResourceAccess: (policy: Policy) => { + // TODO: figure out how we're going to handle group roles for reference auth + // const role = roleNameIsAuthRoleName(roleIdentifier) + // ? authConstruct.resources[roleIdentifier] + // : authConstruct.resources.groups?.[roleIdentifier]?.role; + const role = roleNameIsAuthRoleName(roleIdentifier) + ? authConstruct.resources[roleIdentifier] + : undefined; + if (!role) { + throw new AmplifyUserError('InvalidResourceAccessConfigError', { + message: `No auth IAM role found for "${roleIdentifier}".`, + resolution: `If you are trying to configure UserPool group access, ensure that the group name is specified correctly.`, + }); + } + policy.attachToRole(role); + }, + }), + stack: Stack.of(authConstruct), + }; + if (!this.props.access) { + return authConstructMixin; + } + // props.access is the access callback defined by the customer + // here we inject the authAccessBuilder into the callback and run it + // this produces the access definition that will be used to create the auth access policies + const accessDefinition = this.props.access(this.authAccessBuilder); + + const ssmEnvironmentEntries = + ssmEnvironmentEntriesGenerator.generateSsmEnvironmentEntries({ + [`${this.name}_USERPOOL_ID`]: + authConstructMixin.resources.userPool.userPoolId, + }); + + const authPolicyArbiter = this.authAccessPolicyArbiterFactory.getInstance( + accessDefinition, + this.getInstanceProps, + ssmEnvironmentEntries, + new UserPoolAccessPolicyFactory(authConstruct.resources.userPool) + ); + + authPolicyArbiter.arbitratePolicies(); + + return authConstructMixin; + }; +} + +const roleNameIsAuthRoleName = (roleName: string): roleName is AuthRoleName => { + return ( + roleName === 'authenticatedUserIamRole' || + roleName === 'unauthenticatedUserIamRole' + ); +}; + +/** + * Provide references to existing auth resources. + */ +export const referenceAuth = ( + props: AmplifyReferenceAuthProps +): ConstructFactory => { + return new AmplifyReferenceAuthFactory( + props, + // eslint-disable-next-line amplify-backend-rules/prefer-amplify-errors + new Error().stack + ); +}; diff --git a/packages/plugin-types/src/auth_resources.ts b/packages/plugin-types/src/auth_resources.ts index 3b571a497c..490ca51fcc 100644 --- a/packages/plugin-types/src/auth_resources.ts +++ b/packages/plugin-types/src/auth_resources.ts @@ -72,6 +72,32 @@ export type AuthResources = { }; }; +/** + * Reference auth resources + */ +export type ReferenceAuthResources = { + /** + * The referenced UserPool L2 Resource. + */ + userPool: IUserPool; + /** + * The referenced UserPoolClient L2 Resource. + */ + userPoolClient: IUserPoolClient; + /** + * The referenced auth role. + */ + authenticatedUserIamRole: IRole; + /** + * The referenced unauth role. + */ + unauthenticatedUserIamRole: IRole; + /** + * Identity pool Id + */ + identityPoolId: string; +}; + export type AuthRoleName = keyof Pick< AuthResources, 'authenticatedUserIamRole' | 'unauthenticatedUserIamRole' diff --git a/packages/reference-auth-construct/.npmignore b/packages/reference-auth-construct/.npmignore new file mode 100644 index 0000000000..1015fa09fd --- /dev/null +++ b/packages/reference-auth-construct/.npmignore @@ -0,0 +1,14 @@ +# Be very careful editing this file. It is crafted to work around [this issue](https://github.com/npm/npm/issues/4479) + +# First ignore everything +**/* + +# Then add back in transpiled js and ts declaration files +!lib/**/*.js +!lib/**/*.d.ts + +# Then ignore test js and ts declaration files +*.test.js +*.test.d.ts + +# This leaves us with including only js and ts declaration files of functional code \ No newline at end of file diff --git a/packages/reference-auth-construct/README.md b/packages/reference-auth-construct/README.md new file mode 100644 index 0000000000..873d89df95 --- /dev/null +++ b/packages/reference-auth-construct/README.md @@ -0,0 +1,3 @@ +# Description + +The Reference Auth construct allows developers to provide references to existing auth resources, which can be used by the rest of their Amplify resources. diff --git a/packages/reference-auth-construct/api-extractor.json b/packages/reference-auth-construct/api-extractor.json new file mode 100644 index 0000000000..0f56de03f6 --- /dev/null +++ b/packages/reference-auth-construct/api-extractor.json @@ -0,0 +1,3 @@ +{ + "extends": "../../api-extractor.base.json" +} diff --git a/packages/reference-auth-construct/package.json b/packages/reference-auth-construct/package.json new file mode 100644 index 0000000000..c092fc6944 --- /dev/null +++ b/packages/reference-auth-construct/package.json @@ -0,0 +1,29 @@ +{ + "name": "@aws-amplify/reference-auth-construct", + "version": "0.1.0", + "type": "commonjs", + "publishConfig": { + "access": "public" + }, + "exports": { + ".": { + "types": "./lib/index.d.ts", + "import": "./lib/index.js", + "require": "./lib/index.js" + } + }, + "types": "lib/index.d.ts", + "scripts": { + "update:api": "api-extractor run --local" + }, + "license": "Apache-2.0", + "dependencies": { + "@aws-amplify/backend-output-schemas": "^1.1.0", + "@aws-amplify/backend-output-storage": "^1.0.2", + "@aws-amplify/plugin-types": "^1.0.1" + }, + "peerDependencies": { + "aws-cdk-lib": "^2.132.0", + "constructs": "^10.0.0" + } +} diff --git a/packages/reference-auth-construct/src/construct.test.ts b/packages/reference-auth-construct/src/construct.test.ts new file mode 100644 index 0000000000..68c022ee63 --- /dev/null +++ b/packages/reference-auth-construct/src/construct.test.ts @@ -0,0 +1,20 @@ +import { describe, it } from 'node:test'; +import { AmplifyReferenceAuth } from './index.js'; +import { App, Stack } from 'aws-cdk-lib'; + +void describe('AmplifyConstruct', () => { + void it('creates a queue if specified', () => { + const app = new App(); + const stack = new Stack(app); + new AmplifyReferenceAuth(stack, 'test', { + authRoleArn: + 'arn:aws:cognito-idp:us-east-1:000000000000:userpool/us-east-1_IDSAMPLE1', + unauthRoleArn: + // eslint-disable-next-line spellcheck/spell-checker + 'arn:aws:cognito-identity:us-east-1:000000000000:identitypool/us-east-1:00000000-abcd-efgh-ijkl-000000000000', + identityPoolId: 'identityPoolId', + userPoolClientId: 'userPoolClientId', + userPoolId: 'userPoolId', + }); + }); +}); diff --git a/packages/reference-auth-construct/src/construct.ts b/packages/reference-auth-construct/src/construct.ts new file mode 100644 index 0000000000..47de3cff20 --- /dev/null +++ b/packages/reference-auth-construct/src/construct.ts @@ -0,0 +1,84 @@ +import { Construct } from 'constructs'; +import { Stack, aws_cognito, aws_iam } from 'aws-cdk-lib'; +import { + BackendOutputStorageStrategy, + ReferenceAuthResources, + ResourceProvider, +} from '@aws-amplify/plugin-types'; +import { AuthOutput, authOutputKey } from '@aws-amplify/backend-output-schemas'; +import { + AttributionMetadataStorage, + StackMetadataBackendOutputStorageStrategy, +} from '@aws-amplify/backend-output-storage'; +import * as path from 'path'; +import { ReferenceAuthProps } from './types'; + +const authStackType = 'auth-Cognito'; +/** + * Reference Auth construct for using external auth resources + */ +export class AmplifyReferenceAuth + extends Construct + implements ResourceProvider +{ + resources: ReferenceAuthResources; + + /** + * Create a new AmplifyConstruct + */ + constructor(scope: Construct, id: string, props: ReferenceAuthProps) { + super(scope, id); + + this.resources = { + userPool: aws_cognito.UserPool.fromUserPoolId( + this, + 'UserPool', + props.userPoolId + ), + userPoolClient: aws_cognito.UserPoolClient.fromUserPoolClientId( + this, + 'UserPoolClient', + props.userPoolClientId + ), + authenticatedUserIamRole: aws_iam.Role.fromRoleArn( + this, + 'authenticatedUserRole', + props.authRoleArn + ), + unauthenticatedUserIamRole: aws_iam.Role.fromRoleArn( + this, + 'unauthenticatedUserRole', + props.unauthRoleArn + ), + identityPoolId: props.identityPoolId, + }; + + this.storeOutput(props.outputStorageStrategy); + new AttributionMetadataStorage().storeAttributionMetadata( + Stack.of(this), + authStackType, + path.resolve(__dirname, '..', 'package.json') + ); + } + + /** + * Stores auth output using the provided strategy + */ + private storeOutput = ( + outputStorageStrategy: BackendOutputStorageStrategy = new StackMetadataBackendOutputStorageStrategy( + Stack.of(this) + ) + ): void => { + // these properties cannot be overwritten + const output: AuthOutput['payload'] = { + userPoolId: this.resources.userPool.userPoolId, + webClientId: this.resources.userPoolClient.userPoolClientId, + identityPoolId: this.resources.identityPoolId, + authRegion: Stack.of(this).region, + }; + outputStorageStrategy.addBackendOutputEntry(authOutputKey, { + version: '1', + payload: output, + }); + }; +} diff --git a/packages/reference-auth-construct/src/index.ts b/packages/reference-auth-construct/src/index.ts new file mode 100644 index 0000000000..925d4d7cf9 --- /dev/null +++ b/packages/reference-auth-construct/src/index.ts @@ -0,0 +1,2 @@ +export { ReferenceAuthProps } from './types'; +export { AmplifyReferenceAuth } from './construct'; diff --git a/packages/reference-auth-construct/src/types.ts b/packages/reference-auth-construct/src/types.ts new file mode 100644 index 0000000000..b9f4cd56db --- /dev/null +++ b/packages/reference-auth-construct/src/types.ts @@ -0,0 +1,14 @@ +import { AuthOutput } from '@aws-amplify/backend-output-schemas'; +import { BackendOutputStorageStrategy } from '@aws-amplify/plugin-types'; + +export type ReferenceAuthProps = { + /** + * @internal + */ + outputStorageStrategy?: BackendOutputStorageStrategy; + userPoolId: string; + identityPoolId: string; + userPoolClientId: string; + authRoleArn: string; + unauthRoleArn: string; +}; diff --git a/packages/reference-auth-construct/tsconfig.json b/packages/reference-auth-construct/tsconfig.json new file mode 100644 index 0000000000..5af708fff9 --- /dev/null +++ b/packages/reference-auth-construct/tsconfig.json @@ -0,0 +1,17 @@ +{ + "extends": "../../tsconfig.base.json", + "compilerOptions": { + "target": "ES2018", + "module": "commonjs", + "moduleResolution": "Node", + "lib": ["DOM", "ESnext"], + "rootDir": "src", + "outDir": "lib", + "allowJs": true + }, + "references": [ + { "path": "../backend-output-schemas" }, + { "path": "../backend-output-storage" }, + { "path": "../plugin-types" } + ] +} diff --git a/packages/reference-auth-construct/typedoc.json b/packages/reference-auth-construct/typedoc.json new file mode 100644 index 0000000000..35fed2c958 --- /dev/null +++ b/packages/reference-auth-construct/typedoc.json @@ -0,0 +1,3 @@ +{ + "entryPoints": ["src/index.ts"] +} From e72d6bcedffd7d4e404b0853c08853172782f3b3 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 25 Sep 2024 15:08:16 -0700 Subject: [PATCH 02/61] chore: factory basic tests --- .../src/reference_factory.test.ts | 300 ++++++++++++++++++ 1 file changed, 300 insertions(+) create mode 100644 packages/backend-auth/src/reference_factory.test.ts diff --git a/packages/backend-auth/src/reference_factory.test.ts b/packages/backend-auth/src/reference_factory.test.ts new file mode 100644 index 0000000000..af33e0f2db --- /dev/null +++ b/packages/backend-auth/src/reference_factory.test.ts @@ -0,0 +1,300 @@ +import { beforeEach, describe, it, mock } from 'node:test'; +import { App, Stack } from 'aws-cdk-lib'; +import assert from 'node:assert'; +import { Template } from 'aws-cdk-lib/assertions'; +import { + BackendOutputEntry, + BackendOutputStorageStrategy, + ConstructContainer, + ConstructFactory, + ConstructFactoryGetInstanceProps, + ImportPathVerifier, + ResourceAccessAcceptorFactory, + ResourceNameValidator, + ResourceProvider, +} from '@aws-amplify/plugin-types'; +import { StackMetadataBackendOutputStorageStrategy } from '@aws-amplify/backend-output-storage'; +import { + ConstructContainerStub, + ImportPathVerifierStub, + ResourceNameValidatorStub, + StackResolverStub, +} from '@aws-amplify/backend-platform-test-stubs'; +import { Policy, PolicyStatement } from 'aws-cdk-lib/aws-iam'; +import { AmplifyUserError } from '@aws-amplify/platform-core'; +import { + AmplifyReferenceAuthFactory, + AmplifyReferenceAuthProps, + BackendReferenceAuth, + referenceAuth, +} from './reference_factory.js'; + +const defaultReferenceAuthProps: AmplifyReferenceAuthProps = { + userPoolId: '', + userPoolClientId: '', + identityPoolId: '', + authRoleArn: '', + unauthRoleArn: '', +}; + +const createStackAndSetContext = (): Stack => { + const app = new App(); + app.node.setContext('amplify-backend-name', 'testEnvName'); + app.node.setContext('amplify-backend-namespace', 'testBackendId'); + app.node.setContext('amplify-backend-type', 'branch'); + const stack = new Stack(app); + return stack; +}; + +void describe('AmplifyReferenceAuthFactory', () => { + let authFactory: ConstructFactory; + let constructContainer: ConstructContainer; + let outputStorageStrategy: BackendOutputStorageStrategy; + let importPathVerifier: ImportPathVerifier; + let getInstanceProps: ConstructFactoryGetInstanceProps; + let resourceNameValidator: ResourceNameValidator; + let stack: Stack; + beforeEach(() => { + resetFactoryCount(); + authFactory = referenceAuth(defaultReferenceAuthProps); + + stack = createStackAndSetContext(); + + constructContainer = new ConstructContainerStub( + new StackResolverStub(stack) + ); + + outputStorageStrategy = new StackMetadataBackendOutputStorageStrategy( + stack + ); + + importPathVerifier = new ImportPathVerifierStub(); + + resourceNameValidator = new ResourceNameValidatorStub(); + + getInstanceProps = { + constructContainer, + outputStorageStrategy, + importPathVerifier, + resourceNameValidator, + }; + }); + + void it('returns singleton instance', () => { + const instance1 = authFactory.getInstance(getInstanceProps); + const instance2 = authFactory.getInstance(getInstanceProps); + + assert.strictEqual(instance1, instance2); + }); + + void it('verifies stack property exists and is equivalent to auth stack', () => { + const backendAuth = authFactory.getInstance(getInstanceProps); + assert.equal(backendAuth.stack, Stack.of(backendAuth.resources.userPool)); + }); + + void it('adds construct to stack', () => { + const backendAuth = authFactory.getInstance(getInstanceProps); + + const template = Template.fromStack(backendAuth.stack); + + template.resourceCountIs('AWS::Cognito::UserPool', 1); + }); + + void it('verifies constructor import path', () => { + const importPathVerifier = { + verify: mock.fn(), + }; + + authFactory.getInstance({ ...getInstanceProps, importPathVerifier }); + + assert.ok( + (importPathVerifier.verify.mock.calls[0].arguments[0] as string).includes( + 'referenceAuth' + ) + ); + }); + + void it('should throw TooManyAmplifyAuthFactoryError when referenceAuth is called multiple times', () => { + assert.throws( + () => { + referenceAuth({ + ...defaultReferenceAuthProps, + }); + referenceAuth({ + ...defaultReferenceAuthProps, + }); + }, + new AmplifyUserError('MultipleSingletonResourcesError', { + message: + 'Multiple `referenceAuth` calls are not allowed within an Amplify backend', + resolution: 'Remove all but one `referenceAuth` call', + }) + ); + }); + + void it('if access is defined, it should attach valid policy to the resource', () => { + const mockAcceptResourceAccess = mock.fn(); + const lambdaResourceStub = { + getInstance: () => ({ + getResourceAccessAcceptor: () => ({ + acceptResourceAccess: mockAcceptResourceAccess, + }), + }), + } as unknown as ConstructFactory< + ResourceProvider & ResourceAccessAcceptorFactory + >; + + resetFactoryCount(); + + authFactory = referenceAuth({ + userPoolId: '', + userPoolClientId: '', + identityPoolId: '', + authRoleArn: '', + unauthRoleArn: '', + access: (allow) => [ + allow.resource(lambdaResourceStub).to(['managePasswordRecovery']), + allow.resource(lambdaResourceStub).to(['createUser']), + ], + }); + + const backendAuth = authFactory.getInstance(getInstanceProps); + + assert.equal(mockAcceptResourceAccess.mock.callCount(), 2); + assert.ok( + mockAcceptResourceAccess.mock.calls[0].arguments[0] instanceof Policy + ); + assert.deepStrictEqual( + mockAcceptResourceAccess.mock.calls[0].arguments[0].document.toJSON(), + { + Statement: [ + { + Action: [ + 'cognito-idp:AdminResetUserPassword', + 'cognito-idp:AdminSetUserPassword', + ], + Effect: 'Allow', + Resource: backendAuth.resources.userPool.userPoolArn, + }, + ], + Version: '2012-10-17', + } + ); + assert.ok( + mockAcceptResourceAccess.mock.calls[1].arguments[0] instanceof Policy + ); + assert.deepStrictEqual( + mockAcceptResourceAccess.mock.calls[1].arguments[0].document.toJSON(), + { + Statement: [ + { + Action: 'cognito-idp:AdminCreateUser', + Effect: 'Allow', + Resource: backendAuth.resources.userPool.userPoolArn, + }, + ], + Version: '2012-10-17', + } + ); + }); + + void describe('getResourceAccessAcceptor', () => { + void it('attaches policies to the authenticated role', () => { + const backendAuth = authFactory.getInstance(getInstanceProps); + const testPolicy = new Policy(stack, 'testPolicy', { + statements: [ + new PolicyStatement({ + actions: ['s3:GetObject'], + resources: ['testBucket/testObject/*'], + }), + ], + }); + const resourceAccessAcceptor = backendAuth.getResourceAccessAcceptor( + 'authenticatedUserIamRole' + ); + + assert.equal( + resourceAccessAcceptor.identifier, + 'authenticatedUserIamRoleResourceAccessAcceptor' + ); + + resourceAccessAcceptor.acceptResourceAccess(testPolicy, [ + { name: 'test', path: 'test' }, + ]); + const template = Template.fromStack(stack); + template.resourceCountIs('AWS::IAM::Policy', 1); + template.hasResourceProperties('AWS::IAM::Policy', { + PolicyDocument: { + Statement: [ + { + Action: 's3:GetObject', + Effect: 'Allow', + Resource: 'testBucket/testObject/*', + }, + ], + }, + Roles: [ + { + 'Fn::GetAtt': [ + // eslint-disable-next-line spellcheck/spell-checker + 'authNestedStackauthNestedStackResource179371D7', + // eslint-disable-next-line spellcheck/spell-checker + 'Outputs.authamplifyAuthauthenticatedUserRoleF3353E83Ref', + ], + }, + ], + }); + }); + + void it('attaches policies to the unauthenticated role', () => { + const backendAuth = authFactory.getInstance(getInstanceProps); + const testPolicy = new Policy(stack, 'testPolicy', { + statements: [ + new PolicyStatement({ + actions: ['s3:GetObject'], + resources: ['testBucket/testObject/*'], + }), + ], + }); + const resourceAccessAcceptor = backendAuth.getResourceAccessAcceptor( + 'unauthenticatedUserIamRole' + ); + + assert.equal( + resourceAccessAcceptor.identifier, + 'unauthenticatedUserIamRoleResourceAccessAcceptor' + ); + + resourceAccessAcceptor.acceptResourceAccess(testPolicy, [ + { name: 'test', path: 'test' }, + ]); + const template = Template.fromStack(stack); + template.resourceCountIs('AWS::IAM::Policy', 1); + template.hasResourceProperties('AWS::IAM::Policy', { + PolicyDocument: { + Statement: [ + { + Action: 's3:GetObject', + Effect: 'Allow', + Resource: 'testBucket/testObject/*', + }, + ], + }, + Roles: [ + { + 'Fn::GetAtt': [ + // eslint-disable-next-line spellcheck/spell-checker + 'authNestedStackauthNestedStackResource179371D7', + // eslint-disable-next-line spellcheck/spell-checker + 'Outputs.authamplifyAuthunauthenticatedUserRoleE350B280Ref', + ], + }, + ], + }); + }); + }); +}); + +const resetFactoryCount = () => { + AmplifyReferenceAuthFactory.factoryCount = 0; +}; From b1ea9192ad62d180037c20595713a0549b7ece71 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 25 Sep 2024 15:11:19 -0700 Subject: [PATCH 03/61] chore: update api --- packages/backend-auth/API.md | 13 ++++++++++ packages/client-config/API.md | 2 +- packages/plugin-types/API.md | 9 +++++++ packages/reference-auth-construct/API.md | 32 ++++++++++++++++++++++++ 4 files changed, 55 insertions(+), 1 deletion(-) create mode 100644 packages/reference-auth-construct/API.md diff --git a/packages/backend-auth/API.md b/packages/backend-auth/API.md index f9b6247ced..76be66f977 100644 --- a/packages/backend-auth/API.md +++ b/packages/backend-auth/API.md @@ -17,6 +17,8 @@ import { FacebookProviderProps } from '@aws-amplify/auth-construct'; import { FunctionResources } from '@aws-amplify/plugin-types'; import { GoogleProviderProps } from '@aws-amplify/auth-construct'; import { OidcProviderProps } from '@aws-amplify/auth-construct'; +import { ReferenceAuthProps } from '@aws-amplify/reference-auth-construct'; +import { ReferenceAuthResources } from '@aws-amplify/plugin-types'; import { ResourceAccessAcceptor } from '@aws-amplify/plugin-types'; import { ResourceAccessAcceptorFactory } from '@aws-amplify/plugin-types'; import { ResourceProvider } from '@aws-amplify/plugin-types'; @@ -42,6 +44,11 @@ export type AmplifyAuthProps = Expand; +// @public (undocumented) +export type AmplifyReferenceAuthProps = Expand & { + access?: AuthAccessGenerator; +}>; + // @public export type AppleProviderFactoryProps = Omit & { clientId: BackendSecret; @@ -80,6 +87,9 @@ export type AuthLoginWithFactoryProps = Omit & ResourceAccessAcceptorFactory & StackProvider; +// @public (undocumented) +export type BackendReferenceAuth = ResourceProvider & ResourceAccessAcceptorFactory & StackProvider; + // @public export const defineAuth: (props: AmplifyAuthProps) => ConstructFactory; @@ -118,6 +128,9 @@ export type OidcProviderFactoryProps = Omit ConstructFactory; + // (No @packageDocumentation comment for this package) ``` diff --git a/packages/client-config/API.md b/packages/client-config/API.md index 40b7882c3e..0288f214da 100644 --- a/packages/client-config/API.md +++ b/packages/client-config/API.md @@ -329,7 +329,7 @@ export type CustomClientConfig = { export const DEFAULT_CLIENT_CONFIG_VERSION: ClientConfigVersion; // @public -export const generateClientConfig: (backendIdentifier: DeployedBackendIdentifier, version: T, awsClientProvider?: AWSClientProvider<{ +export const generateClientConfig: (backendIdentifier: DeployedBackendIdentifier, version: T, awsClientProvider?: AWSClientProvider<{ getS3Client: S3Client; getAmplifyClient: AmplifyClient; getCloudFormationClient: CloudFormationClient; diff --git a/packages/plugin-types/API.md b/packages/plugin-types/API.md index 97bf48886a..77820c7182 100644 --- a/packages/plugin-types/API.md +++ b/packages/plugin-types/API.md @@ -192,6 +192,15 @@ export type PackageManagerController = { // @public (undocumented) export type ProjectName = string; +// @public +export type ReferenceAuthResources = { + userPool: IUserPool; + userPoolClient: IUserPoolClient; + authenticatedUserIamRole: IRole; + unauthenticatedUserIamRole: IRole; + identityPoolId: string; +}; + // @public (undocumented) export type ResolvePathResult = { branchSecretPath: string; diff --git a/packages/reference-auth-construct/API.md b/packages/reference-auth-construct/API.md new file mode 100644 index 0000000000..c6917cdfea --- /dev/null +++ b/packages/reference-auth-construct/API.md @@ -0,0 +1,32 @@ +## API Report File for "@aws-amplify/reference-auth-construct" + +> Do not edit this file. It is a report generated by [API Extractor](https://api-extractor.com/). + +```ts + +import { AuthOutput } from '@aws-amplify/backend-output-schemas'; +import { BackendOutputStorageStrategy } from '@aws-amplify/plugin-types'; +import { Construct } from 'constructs'; +import { ReferenceAuthResources } from '@aws-amplify/plugin-types'; +import { ResourceProvider } from '@aws-amplify/plugin-types'; + +// @public +export class AmplifyReferenceAuth extends Construct implements ResourceProvider { + constructor(scope: Construct, id: string, props: ReferenceAuthProps); + // (undocumented) + resources: ReferenceAuthResources; +} + +// @public (undocumented) +export type ReferenceAuthProps = { + outputStorageStrategy?: BackendOutputStorageStrategy; + userPoolId: string; + identityPoolId: string; + userPoolClientId: string; + authRoleArn: string; + unauthRoleArn: string; +}; + +// (No @packageDocumentation comment for this package) + +``` From eb664e442e3acd5e298482cb88d52518f3521cad Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 25 Sep 2024 15:56:24 -0700 Subject: [PATCH 04/61] chore: add ref auth package as dependency to backend-auth --- package-lock.json | 4 +++- packages/backend-auth/package.json | 1 + packages/backend-auth/tsconfig.json | 5 +++-- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2f2601548b..1b6cdaf2f6 100644 --- a/package-lock.json +++ b/package-lock.json @@ -31008,7 +31008,8 @@ "dependencies": { "@aws-amplify/auth-construct": "^1.3.1", "@aws-amplify/backend-output-storage": "^1.1.2", - "@aws-amplify/plugin-types": "^1.3.0" + "@aws-amplify/plugin-types": "^1.3.0", + "@aws-amplify/reference-auth-construct": "0.1.0" }, "devDependencies": { "@aws-amplify/backend-platform-test-stubs": "^0.3.5", @@ -31738,6 +31739,7 @@ } }, "packages/reference-auth-construct": { + "name": "@aws-amplify/reference-auth-construct", "version": "0.1.0", "license": "Apache-2.0", "dependencies": { diff --git a/packages/backend-auth/package.json b/packages/backend-auth/package.json index c9bddfe7c9..eacfeee59e 100644 --- a/packages/backend-auth/package.json +++ b/packages/backend-auth/package.json @@ -20,6 +20,7 @@ "license": "Apache-2.0", "dependencies": { "@aws-amplify/auth-construct": "^1.3.1", + "@aws-amplify/reference-auth-construct": "0.1.0", "@aws-amplify/backend-output-storage": "^1.1.2", "@aws-amplify/plugin-types": "^1.3.0" }, diff --git a/packages/backend-auth/tsconfig.json b/packages/backend-auth/tsconfig.json index b98614a812..7246b68afb 100644 --- a/packages/backend-auth/tsconfig.json +++ b/packages/backend-auth/tsconfig.json @@ -4,8 +4,9 @@ "references": [ { "path": "../auth-construct" }, { "path": "../backend-output-storage" }, - { "path": "../plugin-types" }, { "path": "../backend-platform-test-stubs" }, - { "path": "../platform-core" } + { "path": "../platform-core" }, + { "path": "../plugin-types" }, + { "path": "../reference-auth-construct" } ] } From 0a5243dbd5cd9deba7e46aa5a5f4ca7b9bf7db64 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 25 Sep 2024 15:56:41 -0700 Subject: [PATCH 05/61] chore: lint --- packages/backend-auth/tsconfig.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/backend-auth/tsconfig.json b/packages/backend-auth/tsconfig.json index 7246b68afb..1cb9ae1917 100644 --- a/packages/backend-auth/tsconfig.json +++ b/packages/backend-auth/tsconfig.json @@ -3,10 +3,10 @@ "compilerOptions": { "rootDir": "src", "outDir": "lib" }, "references": [ { "path": "../auth-construct" }, + { "path": "../reference-auth-construct" }, { "path": "../backend-output-storage" }, - { "path": "../backend-platform-test-stubs" }, - { "path": "../platform-core" }, { "path": "../plugin-types" }, - { "path": "../reference-auth-construct" } + { "path": "../backend-platform-test-stubs" }, + { "path": "../platform-core" } ] } From ab370bc66e07fdcece81bf8331295012f27ea9b3 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Thu, 26 Sep 2024 13:21:36 -0700 Subject: [PATCH 06/61] chore: add tests for construct --- package-lock.json | 33 +--- .../reference-auth-construct/package.json | 11 +- .../src/construct.test.ts | 146 ++++++++++++++++-- .../reference-auth-construct/src/construct.ts | 70 ++++++++- .../reference-auth-construct/src/index.ts | 4 +- .../src/lambda/.eslintrc.json | 5 + .../src/lambda/reference_auth_initializer.ts | 45 ++++++ .../reference-auth-construct/tsconfig.json | 7 +- 8 files changed, 265 insertions(+), 56 deletions(-) create mode 100644 packages/reference-auth-construct/src/lambda/.eslintrc.json create mode 100644 packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts diff --git a/package-lock.json b/package-lock.json index 1b6cdaf2f6..175dc2087e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -18576,7 +18576,6 @@ "version": "1.0.10", "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, "license": "MIT", "dependencies": { "sprintf-js": "~1.0.2" @@ -19304,7 +19303,6 @@ "version": "1.0.7", "resolved": "https://registry.npmjs.org/aws-lambda/-/aws-lambda-1.0.7.tgz", "integrity": "sha512-9GNFMRrEMG5y3Jvv+V4azWvc+qNWdWLTjDdhf/zgMlz8haaaLWv0xeAIWxz9PuWUBawsVxy0zZotjCdR3Xq+2w==", - "dev": true, "license": "MIT", "dependencies": { "aws-sdk": "^2.814.0", @@ -19320,14 +19318,12 @@ "version": "3.0.2", "resolved": "https://registry.npmjs.org/commander/-/commander-3.0.2.tgz", "integrity": "sha512-Gar0ASD4BDyKC4hl4DwHqDrmvjoxWKZigVnAbn5H1owvm4CxCPdb0HQDehwNYMJpla5+M2tPmPARzhtYuwpHow==", - "dev": true, "license": "MIT" }, "node_modules/aws-sdk": { "version": "2.1691.0", "resolved": "https://registry.npmjs.org/aws-sdk/-/aws-sdk-2.1691.0.tgz", "integrity": "sha512-/F2YC+DlsY3UBM2Bdnh5RLHOPNibS/+IcjUuhP8XuctyrN+MlL+fWDAiela32LTDk7hMy4rx8MTgvbJ+0blO5g==", - "dev": true, "hasInstallScript": true, "license": "Apache-2.0", "dependencies": { @@ -19362,7 +19358,6 @@ "version": "8.0.0", "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.0.0.tgz", "integrity": "sha512-jOXGuXZAWdsTH7eZLtyXMqUb9EcWMGZNbL9YcGBJl4MH4nrxHmZJhEHvyLFrkxo+28uLb/NYRcStH48fnD0Vzw==", - "dev": true, "license": "MIT", "bin": { "uuid": "dist/bin/uuid" @@ -19565,7 +19560,6 @@ "version": "1.5.1", "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==", - "dev": true, "funding": [ { "type": "github", @@ -19791,7 +19785,6 @@ "version": "4.9.2", "resolved": "https://registry.npmjs.org/buffer/-/buffer-4.9.2.tgz", "integrity": "sha512-xq+q3SRMOxGivLhBNaUdC64hDTQwejJ+H0T/NB1XMtTVEwNTrfFF3gAxiyW0Bu/xWEGhjVKgUcMhCrUy2+uCWg==", - "dev": true, "license": "MIT", "dependencies": { "base64-js": "^1.0.2", @@ -22628,7 +22621,6 @@ "version": "4.0.1", "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "dev": true, "license": "BSD-2-Clause", "bin": { "esparse": "bin/esparse.js", @@ -22711,7 +22703,6 @@ "version": "1.1.1", "resolved": "https://registry.npmjs.org/events/-/events-1.1.1.tgz", "integrity": "sha512-kEcvvCBByWXGnZy6JUlgAp2gBIUjfCAV6P6TgT1/aaQKcmuAEC4OZTV1I4EWQLz2gxZw76atuVyvHhTxvi0Flw==", - "dev": true, "license": "MIT", "engines": { "node": ">=0.4.x" @@ -23516,7 +23507,6 @@ "version": "0.4.1", "resolved": "https://registry.npmjs.org/glob-to-regexp/-/glob-to-regexp-0.4.1.tgz", "integrity": "sha512-lkX1HJXwyMcprw/5YUZc2s7DrpAiHB21/V+E1rHUrVNokkvB6bqMzT0VfV6/86ZNabt1k14YOIaT7nDvOX3Iiw==", - "dev": true, "license": "BSD-2-Clause" }, "node_modules/glob/node_modules/brace-expansion": { @@ -23960,7 +23950,6 @@ "version": "1.1.13", "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", "integrity": "sha512-4vf7I2LYV/HaWerSo3XmlMkp5eZ83i+/CDluXi/IGTs/O1sejBNhTtnxzmRZfvOUqj7lZjqHkeTvpgSFDlWZTg==", - "dev": true, "license": "BSD-3-Clause" }, "node_modules/ignore": { @@ -24140,7 +24129,6 @@ "version": "1.1.1", "resolved": "https://registry.npmjs.org/is-arguments/-/is-arguments-1.1.1.tgz", "integrity": "sha512-8Q7EARjzEnKpt/PCD7e1cgUS0a6X8u5tdSiMqXhojOdoV9TsMsiO+9VLC5vAmO8N7/GmXn7yjR8qnA6bVAEzfA==", - "dev": true, "license": "MIT", "dependencies": { "call-bind": "^1.0.2", @@ -24384,7 +24372,6 @@ "version": "1.0.10", "resolved": "https://registry.npmjs.org/is-generator-function/-/is-generator-function-1.0.10.tgz", "integrity": "sha512-jsEjy9l3yiXEQ+PsXdmBwEPcOxaXWLspKdplFUVI9vq1iZgIekeC0L167qeu86czQaxed3q/Uzuw0swL0irL8A==", - "dev": true, "license": "MIT", "dependencies": { "has-tostringtag": "^1.0.0" @@ -24761,7 +24748,6 @@ "version": "1.0.0", "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", "integrity": "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==", - "dev": true, "license": "MIT" }, "node_modules/isexe": { @@ -24869,7 +24855,6 @@ "version": "0.16.0", "resolved": "https://registry.npmjs.org/jmespath/-/jmespath-0.16.0.tgz", "integrity": "sha512-9FzQjJ7MATs1tSpnco1K6ayiYE3figslrXA72G2HQ/n76RzvYlofyi5QM+iX4YRs/pu3yzxlVQSST23+dMDknw==", - "dev": true, "license": "Apache-2.0", "engines": { "node": ">= 0.6.0" @@ -24895,7 +24880,6 @@ "version": "3.14.1", "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, "license": "MIT", "dependencies": { "argparse": "^1.0.7", @@ -27574,7 +27558,6 @@ "resolved": "https://registry.npmjs.org/querystring/-/querystring-0.2.0.tgz", "integrity": "sha512-X/xY82scca2tau62i9mDyU9K+I+djTMUsvwf7xnUX5GLvVzgJybOJf4Y6o9Zx3oJK/LSXg5tTZBjwzqVPaPO2g==", "deprecated": "The querystring API is considered Legacy. new code should use the URLSearchParams API instead.", - "dev": true, "engines": { "node": ">=0.4.x" } @@ -28353,7 +28336,6 @@ "version": "1.2.1", "resolved": "https://registry.npmjs.org/sax/-/sax-1.2.1.tgz", "integrity": "sha512-8I2a3LovHTOpm7NV5yOyO8IHqgVsfK4+UuySrXU8YXkSRX7k6hCV9b3HrkKCr3nMpgj+0bmocaJJWpvp1oc7ZA==", - "dev": true, "license": "ISC" }, "node_modules/scheduler": { @@ -28857,7 +28839,6 @@ "version": "1.0.3", "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", - "dev": true, "license": "BSD-3-Clause" }, "node_modules/sqlstring": { @@ -30087,7 +30068,6 @@ "version": "0.10.3", "resolved": "https://registry.npmjs.org/url/-/url-0.10.3.tgz", "integrity": "sha512-hzSUW2q06EqL1gKM/a+obYHLIO6ct2hwPuviqTTOcfFVc61UbfJ2Q32+uGL/HCPxKqrdGB5QUwIe7UqlDgwsOQ==", - "dev": true, "license": "MIT", "dependencies": { "punycode": "1.3.2", @@ -30109,7 +30089,6 @@ "version": "1.3.2", "resolved": "https://registry.npmjs.org/punycode/-/punycode-1.3.2.tgz", "integrity": "sha512-RofWgt/7fL5wP1Y7fxE7/EmTLzQVnB0ycyibJ0OOHIlJqTNzglYFxVwETOcIoJqJmpDXJ9xImDv+Fq34F/d4Dw==", - "dev": true, "license": "MIT" }, "node_modules/urlpattern-polyfill": { @@ -30122,7 +30101,6 @@ "version": "0.12.5", "resolved": "https://registry.npmjs.org/util/-/util-0.12.5.tgz", "integrity": "sha512-kZf/K6hEIrWHI6XqOFUiiMa+79wE/D8Q+NCNAWclkyg3b4d2k7s0QGepNjiABc+aR3N1PAyHL7p6UcLY6LmrnA==", - "dev": true, "license": "MIT", "dependencies": { "inherits": "^2.0.3", @@ -30460,7 +30438,6 @@ "version": "2.4.2", "resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.4.2.tgz", "integrity": "sha512-TnbFSbcOCcDgjZ4piURLCbJ3nJhznVh9kw6F6iokjiFPl8ONxe9A6nMDVXDiNbrSfLILs6vB07F7wLBrwPYzJw==", - "dev": true, "license": "MIT", "dependencies": { "glob-to-regexp": "^0.4.1", @@ -30741,7 +30718,6 @@ "version": "0.6.2", "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", "integrity": "sha512-T4rieHaC1EXcES0Kxxj4JWgaUQHDk+qwHcYOCFHfiwKz7tOVPLq7Hjq9dM1WCMhylqMEfP7hMcOIChvotiZegA==", - "dev": true, "license": "MIT", "dependencies": { "sax": ">=0.6.0", @@ -30755,7 +30731,6 @@ "version": "11.0.1", "resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-11.0.1.tgz", "integrity": "sha512-fDlsI/kFEx7gLvbecc0/ohLG50fugQp8ryHzMTuW9vSa1GJ0XYWKnhsUx7oie3G98+r56aTQIUB4kht42R3JvA==", - "dev": true, "license": "MIT", "engines": { "node": ">=4.0" @@ -31744,11 +31719,13 @@ "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.1.0", - "@aws-amplify/backend-output-storage": "^1.0.2", - "@aws-amplify/plugin-types": "^1.0.1" + "@aws-amplify/backend-output-storage": "^1.1.2", + "@aws-amplify/plugin-types": "^1.2.2", + "@types/aws-lambda": "^8.10.119", + "aws-lambda": "^1.0.7" }, "peerDependencies": { - "aws-cdk-lib": "^2.132.0", + "aws-cdk-lib": "^2.152.0", "constructs": "^10.0.0" } }, diff --git a/packages/reference-auth-construct/package.json b/packages/reference-auth-construct/package.json index c092fc6944..d3884259dc 100644 --- a/packages/reference-auth-construct/package.json +++ b/packages/reference-auth-construct/package.json @@ -1,7 +1,7 @@ { "name": "@aws-amplify/reference-auth-construct", "version": "0.1.0", - "type": "commonjs", + "type": "module", "publishConfig": { "access": "public" }, @@ -12,6 +12,7 @@ "require": "./lib/index.js" } }, + "main": "lib/index.js", "types": "lib/index.d.ts", "scripts": { "update:api": "api-extractor run --local" @@ -19,11 +20,13 @@ "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.1.0", - "@aws-amplify/backend-output-storage": "^1.0.2", - "@aws-amplify/plugin-types": "^1.0.1" + "@aws-amplify/backend-output-storage": "^1.1.2", + "@aws-amplify/plugin-types": "^1.2.2", + "@types/aws-lambda": "^8.10.119", + "aws-lambda": "^1.0.7" }, "peerDependencies": { - "aws-cdk-lib": "^2.132.0", + "aws-cdk-lib": "^2.152.0", "constructs": "^10.0.0" } } diff --git a/packages/reference-auth-construct/src/construct.test.ts b/packages/reference-auth-construct/src/construct.test.ts index 68c022ee63..c3be5baa2f 100644 --- a/packages/reference-auth-construct/src/construct.test.ts +++ b/packages/reference-auth-construct/src/construct.test.ts @@ -1,20 +1,140 @@ -import { describe, it } from 'node:test'; -import { AmplifyReferenceAuth } from './index.js'; +import { beforeEach, describe, it, mock } from 'node:test'; +import { AmplifyReferenceAuth, ReferenceAuthProps } from './index.js'; import { App, Stack } from 'aws-cdk-lib'; - +import { Template } from 'aws-cdk-lib/assertions'; +import { authOutputKey } from '@aws-amplify/backend-output-schemas'; +import assert from 'assert'; +import { + BackendOutputEntry, + BackendOutputStorageStrategy, +} from '@aws-amplify/plugin-types'; +const refAuthProps: ReferenceAuthProps = { + authRoleArn: + 'arn:aws:cognito-idp:us-east-1:000000000000:userpool/us-east-1_IDSAMPLE1', + unauthRoleArn: + // eslint-disable-next-line spellcheck/spell-checker + 'arn:aws:cognito-identity:us-east-1:000000000000:identitypool/us-east-1:00000000-abcd-efgh-ijkl-000000000000', + identityPoolId: 'identityPoolId', + userPoolClientId: 'userPoolClientId', + userPoolId: 'userPoolId', +}; void describe('AmplifyConstruct', () => { - void it('creates a queue if specified', () => { + // beforeEach(() => { + + // }) + void it('creates custom resource initializer', () => { const app = new App(); const stack = new Stack(app); - new AmplifyReferenceAuth(stack, 'test', { - authRoleArn: - 'arn:aws:cognito-idp:us-east-1:000000000000:userpool/us-east-1_IDSAMPLE1', - unauthRoleArn: - // eslint-disable-next-line spellcheck/spell-checker - 'arn:aws:cognito-identity:us-east-1:000000000000:identitypool/us-east-1:00000000-abcd-efgh-ijkl-000000000000', - identityPoolId: 'identityPoolId', - userPoolClientId: 'userPoolClientId', - userPoolId: 'userPoolId', + new AmplifyReferenceAuth(stack, 'test', refAuthProps); + // eslint-disable-next-line @typescript-eslint/no-unused-vars + const template = Template.fromStack(stack); + // check that custom resource is created with properties + template.hasResourceProperties( + 'Custom::AmplifyReferenceAuthConfigurationResource', + { + identityPoolId: 'identityPoolId', + userPoolId: 'userPoolId', + userPoolClientId: 'userPoolClientId', + } + ); + // check custom resource lambda provider permissions + + // check custom resource lambda permissions + }); + + void it('generates the correct output values', () => { + const app = new App(); + const stack = new Stack(app); + new AmplifyReferenceAuth(stack, 'test', refAuthProps); + const template = Template.fromStack(stack); + // check that outputs reference custom resource attributes + const outputs = template.findOutputs('*'); + const allowUnauthenticatedIdentitiesRef = + outputs['allowUnauthenticatedIdentities']['Value']; + assert.deepEqual( + { + 'Fn::GetAtt': [ + 'AmplifyRefAuthConfigCustomResource', + 'allowUnauthenticatedIdentities', + ], + }, + allowUnauthenticatedIdentitiesRef + ); + }); + + void describe('storeOutput strategy', () => { + let app: App; + let stack: Stack; + const storeOutputMock = mock.fn(); + const stubBackendOutputStorageStrategy: BackendOutputStorageStrategy = + { + addBackendOutputEntry: storeOutputMock, + appendToBackendOutputList: storeOutputMock, + }; + + void beforeEach(() => { + app = new App(); + stack = new Stack(app); + storeOutputMock.mock.resetCalls(); + }); + + void it('stores output using custom strategy and basic props', () => { + const authConstruct = new AmplifyReferenceAuth(stack, 'test', { + ...refAuthProps, + outputStorageStrategy: stubBackendOutputStorageStrategy, + }); + + const expectedUserPoolId = authConstruct.resources.userPool.userPoolId; + const expectedIdentityPoolId = authConstruct.resources.identityPoolId; + const expectedWebClientId = + authConstruct.resources.userPoolClient.userPoolClientId; + const expectedRegion = Stack.of(authConstruct).region; + + const storeOutputArgs = storeOutputMock.mock.calls[0].arguments; + assert.equal(storeOutputArgs.length, 2); + assert.equal(storeOutputArgs[0], authOutputKey); + assert.equal(storeOutputArgs[1]['version'], '1'); + const payload = storeOutputArgs[1]['payload']; + assert.equal(payload['userPoolId'], expectedUserPoolId); + assert.equal(payload['identityPoolId'], expectedIdentityPoolId); + assert.equal(payload['webClientId'], expectedWebClientId); + assert.equal(payload['authRegion'], expectedRegion); + }); + + void it('stores output when no storage strategy is injected', () => { + const app = new App(); + const stack = new Stack(app); + new AmplifyReferenceAuth(stack, 'test', refAuthProps); + + const template = Template.fromStack(stack); + template.templateMatches({ + Metadata: { + [authOutputKey]: { + version: '1', + stackOutputs: [ + 'userPoolId', + 'webClientId', + 'identityPoolId', + 'authRegion', + 'allowUnauthenticatedIdentities', + // 'signupAttributes', + // 'usernameAttributes', + // 'verificationMechanisms', + // 'passwordPolicyMinLength', + // 'passwordPolicyRequirements', + // 'mfaConfiguration', + // 'mfaTypes', + // 'socialProviders', + // 'oauthCognitoDomain', + // 'oauthScope', + // 'oauthRedirectSignIn', + // 'oauthRedirectSignOut', + // 'oauthResponseType', + // 'oauthClientId', + ], + }, + }, + }); }); }); }); diff --git a/packages/reference-auth-construct/src/construct.ts b/packages/reference-auth-construct/src/construct.ts index 47de3cff20..3f9a1cb8b3 100644 --- a/packages/reference-auth-construct/src/construct.ts +++ b/packages/reference-auth-construct/src/construct.ts @@ -1,5 +1,11 @@ import { Construct } from 'constructs'; -import { Stack, aws_cognito, aws_iam } from 'aws-cdk-lib'; +import { + CustomResource, + Duration, + Stack, + aws_cognito, + aws_iam, +} from 'aws-cdk-lib'; import { BackendOutputStorageStrategy, ReferenceAuthResources, @@ -11,7 +17,23 @@ import { StackMetadataBackendOutputStorageStrategy, } from '@aws-amplify/backend-output-storage'; import * as path from 'path'; -import { ReferenceAuthProps } from './types'; +import { ReferenceAuthProps } from './types.js'; +import { NodejsFunction } from 'aws-cdk-lib/aws-lambda-nodejs'; +import { fileURLToPath } from 'url'; +import { Runtime } from 'aws-cdk-lib/aws-lambda'; +import { Provider } from 'aws-cdk-lib/custom-resources'; + +const REFERENCE_AUTH_CUSTOM_RESOURCE_PROVIDER_ID = + 'AmplifyRefAuthConfigCustomResourceProvider'; +const REFERENCE_AUTH_CUSTOM_RESOURCE_ID = 'AmplifyRefAuthConfigCustomResource'; +const RESOURCE_TYPE = 'Custom::AmplifyReferenceAuthConfigurationResource'; +const filename = fileURLToPath(import.meta.url); +const dirname = path.dirname(filename); +const resourcesRoot = path.normalize(path.join(dirname, 'lambda')); +const configurationLambdaFilePath = path.join( + resourcesRoot, + 'reference_auth_initializer.ts' +); const authStackType = 'auth-Cognito'; /** @@ -23,6 +45,8 @@ export class AmplifyReferenceAuth { resources: ReferenceAuthResources; + private configurationCustomResource: CustomResource; + /** * Create a new AmplifyConstruct */ @@ -53,11 +77,45 @@ export class AmplifyReferenceAuth identityPoolId: props.identityPoolId, }; + // custom resource provider + const configurationLambda = new NodejsFunction( + scope, + `${REFERENCE_AUTH_CUSTOM_RESOURCE_PROVIDER_ID}Lambda`, + { + runtime: Runtime.NODEJS_18_X, + timeout: Duration.seconds(10), + entry: configurationLambdaFilePath, + handler: 'handler', + } + ); + const provider = new Provider( + scope, + REFERENCE_AUTH_CUSTOM_RESOURCE_PROVIDER_ID, + { + onEventHandler: configurationLambda, + } + ); + // custom resource + this.configurationCustomResource = new CustomResource( + scope, + REFERENCE_AUTH_CUSTOM_RESOURCE_ID, + { + serviceToken: provider.serviceToken, + properties: { + userPoolId: props.userPoolId, + identityPoolId: props.identityPoolId, + userPoolClientId: props.userPoolClientId, + lastUpdated: Date.now(), + }, + resourceType: RESOURCE_TYPE, + } + ); + this.storeOutput(props.outputStorageStrategy); new AttributionMetadataStorage().storeAttributionMetadata( Stack.of(this), authStackType, - path.resolve(__dirname, '..', 'package.json') + path.resolve(dirname, '..', 'package.json') ); } @@ -76,6 +134,12 @@ export class AmplifyReferenceAuth identityPoolId: this.resources.identityPoolId, authRegion: Stack.of(this).region, }; + + output.allowUnauthenticatedIdentities = + this.configurationCustomResource.getAttString( + 'allowUnauthenticatedIdentities' + ); + outputStorageStrategy.addBackendOutputEntry(authOutputKey, { version: '1', payload: output, diff --git a/packages/reference-auth-construct/src/index.ts b/packages/reference-auth-construct/src/index.ts index 925d4d7cf9..184db4cd6c 100644 --- a/packages/reference-auth-construct/src/index.ts +++ b/packages/reference-auth-construct/src/index.ts @@ -1,2 +1,2 @@ -export { ReferenceAuthProps } from './types'; -export { AmplifyReferenceAuth } from './construct'; +export * from './types.js'; +export { AmplifyReferenceAuth } from './construct.js'; diff --git a/packages/reference-auth-construct/src/lambda/.eslintrc.json b/packages/reference-auth-construct/src/lambda/.eslintrc.json new file mode 100644 index 0000000000..d5ba8f9d9c --- /dev/null +++ b/packages/reference-auth-construct/src/lambda/.eslintrc.json @@ -0,0 +1,5 @@ +{ + "rules": { + "no-console": "off" + } +} diff --git a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts new file mode 100644 index 0000000000..0cab73e943 --- /dev/null +++ b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts @@ -0,0 +1,45 @@ +import { + CloudFormationCustomResourceEvent, + CloudFormationCustomResourceSuccessResponse, +} from 'aws-lambda'; +import { randomUUID } from 'node:crypto'; + +/** + * Entry point for the lambda-backend custom resource to retrieve a backend secret. + */ +export const handler = async ( + event: CloudFormationCustomResourceEvent +): Promise => { + console.info(`Received '${event.RequestType}' event`); + + const physicalId = + event.RequestType === 'Create' ? randomUUID() : event.PhysicalResourceId; + let data: { allowUnauthenticatedIdentities: boolean } | undefined = undefined; + if (event.RequestType === 'Update' || event.RequestType === 'Create') { + // const val = await handleCreateUpdateEvent(); + data = { + allowUnauthenticatedIdentities: true, + }; + } + + return { + RequestId: event.RequestId, + LogicalResourceId: event.LogicalResourceId, + PhysicalResourceId: physicalId, + Data: data, + StackId: event.StackId, + NoEcho: true, + Status: 'SUCCESS', + } as CloudFormationCustomResourceSuccessResponse; +}; + +/** + * Handles create/update event for the secret custom resource. + */ +export const handleCreateUpdateEvent = + async (): // event: CloudFormationCustomResourceEvent + Promise => { + // const props = event.ResourceProperties; + + return 'secret'; + }; diff --git a/packages/reference-auth-construct/tsconfig.json b/packages/reference-auth-construct/tsconfig.json index 5af708fff9..1725c8822f 100644 --- a/packages/reference-auth-construct/tsconfig.json +++ b/packages/reference-auth-construct/tsconfig.json @@ -1,13 +1,8 @@ { "extends": "../../tsconfig.base.json", "compilerOptions": { - "target": "ES2018", - "module": "commonjs", - "moduleResolution": "Node", - "lib": ["DOM", "ESnext"], "rootDir": "src", - "outDir": "lib", - "allowJs": true + "outDir": "lib" }, "references": [ { "path": "../backend-output-schemas" }, From 1add05c001601a53e024a1e4de4c7b3f30b6f4f5 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Thu, 26 Sep 2024 13:22:31 -0700 Subject: [PATCH 07/61] chore: cleanup tsconfig --- packages/reference-auth-construct/tsconfig.json | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/packages/reference-auth-construct/tsconfig.json b/packages/reference-auth-construct/tsconfig.json index 1725c8822f..4b69ecc6df 100644 --- a/packages/reference-auth-construct/tsconfig.json +++ b/packages/reference-auth-construct/tsconfig.json @@ -1,9 +1,6 @@ { "extends": "../../tsconfig.base.json", - "compilerOptions": { - "rootDir": "src", - "outDir": "lib" - }, + "compilerOptions": { "rootDir": "src", "outDir": "lib" }, "references": [ { "path": "../backend-output-schemas" }, { "path": "../backend-output-storage" }, From f7ca211fe5e77878b7e44336d34c7b72cfd5398b Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Thu, 26 Sep 2024 13:24:28 -0700 Subject: [PATCH 08/61] chore: add changeset --- .changeset/nervous-timers-walk.md | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 .changeset/nervous-timers-walk.md diff --git a/.changeset/nervous-timers-walk.md b/.changeset/nervous-timers-walk.md new file mode 100644 index 0000000000..4127f1193a --- /dev/null +++ b/.changeset/nervous-timers-walk.md @@ -0,0 +1,8 @@ +--- +'@aws-amplify/reference-auth-construct': minor +'@aws-amplify/client-config': minor +'@aws-amplify/backend-auth': minor +'@aws-amplify/plugin-types': minor +--- + +Add support for referencing existing auth resources via referenceAuth. From 4fe3a0612060f351d1285e50f94b759d74a04ba1 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Thu, 26 Sep 2024 13:55:07 -0700 Subject: [PATCH 09/61] chore: fix tests inputs --- packages/backend-auth/src/reference_factory.test.ts | 13 ++++++++----- packages/reference-auth-construct/src/construct.ts | 2 +- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/packages/backend-auth/src/reference_factory.test.ts b/packages/backend-auth/src/reference_factory.test.ts index af33e0f2db..0e5862c1fa 100644 --- a/packages/backend-auth/src/reference_factory.test.ts +++ b/packages/backend-auth/src/reference_factory.test.ts @@ -30,11 +30,14 @@ import { } from './reference_factory.js'; const defaultReferenceAuthProps: AmplifyReferenceAuthProps = { - userPoolId: '', - userPoolClientId: '', - identityPoolId: '', - authRoleArn: '', - unauthRoleArn: '', + authRoleArn: + 'arn:aws:cognito-idp:us-east-1:000000000000:userpool/us-east-1_IDSAMPLE1', + unauthRoleArn: + // eslint-disable-next-line spellcheck/spell-checker + 'arn:aws:cognito-identity:us-east-1:000000000000:identitypool/us-east-1:00000000-abcd-efgh-ijkl-000000000000', + identityPoolId: 'identityPoolId', + userPoolClientId: 'userPoolClientId', + userPoolId: 'userPoolId', }; const createStackAndSetContext = (): Stack => { diff --git a/packages/reference-auth-construct/src/construct.ts b/packages/reference-auth-construct/src/construct.ts index 3f9a1cb8b3..54ac8d38f0 100644 --- a/packages/reference-auth-construct/src/construct.ts +++ b/packages/reference-auth-construct/src/construct.ts @@ -32,7 +32,7 @@ const dirname = path.dirname(filename); const resourcesRoot = path.normalize(path.join(dirname, 'lambda')); const configurationLambdaFilePath = path.join( resourcesRoot, - 'reference_auth_initializer.ts' + 'reference_auth_initializer.js' ); const authStackType = 'auth-Cognito'; From 4d60278f94fd904a4328f25c25cc3371bc4dd4e1 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Fri, 27 Sep 2024 13:36:52 -0700 Subject: [PATCH 10/61] chore: update tests --- .../src/reference_factory.test.ts | 33 ++++--------------- 1 file changed, 7 insertions(+), 26 deletions(-) diff --git a/packages/backend-auth/src/reference_factory.test.ts b/packages/backend-auth/src/reference_factory.test.ts index 0e5862c1fa..ca8ccc0332 100644 --- a/packages/backend-auth/src/reference_factory.test.ts +++ b/packages/backend-auth/src/reference_factory.test.ts @@ -100,7 +100,10 @@ void describe('AmplifyReferenceAuthFactory', () => { const template = Template.fromStack(backendAuth.stack); - template.resourceCountIs('AWS::Cognito::UserPool', 1); + template.resourceCountIs( + 'Custom::AmplifyReferenceAuthConfigurationResource', + 1 + ); }); void it('verifies constructor import path', () => { @@ -150,11 +153,7 @@ void describe('AmplifyReferenceAuthFactory', () => { resetFactoryCount(); authFactory = referenceAuth({ - userPoolId: '', - userPoolClientId: '', - identityPoolId: '', - authRoleArn: '', - unauthRoleArn: '', + ...defaultReferenceAuthProps, access: (allow) => [ allow.resource(lambdaResourceStub).to(['managePasswordRecovery']), allow.resource(lambdaResourceStub).to(['createUser']), @@ -236,16 +235,7 @@ void describe('AmplifyReferenceAuthFactory', () => { }, ], }, - Roles: [ - { - 'Fn::GetAtt': [ - // eslint-disable-next-line spellcheck/spell-checker - 'authNestedStackauthNestedStackResource179371D7', - // eslint-disable-next-line spellcheck/spell-checker - 'Outputs.authamplifyAuthauthenticatedUserRoleF3353E83Ref', - ], - }, - ], + Roles: [backendAuth.resources.authenticatedUserIamRole.roleName], }); }); @@ -283,16 +273,7 @@ void describe('AmplifyReferenceAuthFactory', () => { }, ], }, - Roles: [ - { - 'Fn::GetAtt': [ - // eslint-disable-next-line spellcheck/spell-checker - 'authNestedStackauthNestedStackResource179371D7', - // eslint-disable-next-line spellcheck/spell-checker - 'Outputs.authamplifyAuthunauthenticatedUserRoleE350B280Ref', - ], - }, - ], + Roles: [backendAuth.resources.unauthenticatedUserIamRole.roleName], }); }); }); From 000fd3068354614c1989486d1064320cb23b9bf7 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Mon, 30 Sep 2024 10:13:20 -0700 Subject: [PATCH 11/61] fix: update resource provider types --- packages/auth-construct/src/construct.ts | 1 + .../backend-auth/src/reference_factory.ts | 6 +---- .../src/convert_authorization_modes.test.ts | 1 + .../src/convert_authorization_modes.ts | 9 ++++---- packages/backend-data/src/factory.test.ts | 1 + packages/backend-data/src/factory.ts | 7 +++--- packages/plugin-types/src/auth_resources.ts | 15 +++++++++++++ .../reference-auth-construct/src/construct.ts | 11 ++++++++++ .../reference-auth-construct/src/types.ts | 22 +++++++++++++++++++ 9 files changed, 61 insertions(+), 12 deletions(-) diff --git a/packages/auth-construct/src/construct.ts b/packages/auth-construct/src/construct.ts index 6c033aaf5b..f5b7ee02b1 100644 --- a/packages/auth-construct/src/construct.ts +++ b/packages/auth-construct/src/construct.ts @@ -201,6 +201,7 @@ export class AmplifyAuth userPoolClient, authenticatedUserIamRole: auth, unauthenticatedUserIamRole: unAuth, + identityPoolId: identityPool.ref, cfnResources: { cfnUserPool, cfnUserPoolClient, diff --git a/packages/backend-auth/src/reference_factory.ts b/packages/backend-auth/src/reference_factory.ts index 95e0cf86dc..dae84b56d6 100644 --- a/packages/backend-auth/src/reference_factory.ts +++ b/packages/backend-auth/src/reference_factory.ts @@ -146,13 +146,9 @@ class AmplifyReferenceAuthGenerator ): ResourceAccessAcceptor => ({ identifier: `${roleIdentifier}ResourceAccessAcceptor`, acceptResourceAccess: (policy: Policy) => { - // TODO: figure out how we're going to handle group roles for reference auth - // const role = roleNameIsAuthRoleName(roleIdentifier) - // ? authConstruct.resources[roleIdentifier] - // : authConstruct.resources.groups?.[roleIdentifier]?.role; const role = roleNameIsAuthRoleName(roleIdentifier) ? authConstruct.resources[roleIdentifier] - : undefined; + : authConstruct.resources.groups?.[roleIdentifier]?.role; if (!role) { throw new AmplifyUserError('InvalidResourceAccessConfigError', { message: `No auth IAM role found for "${roleIdentifier}".`, diff --git a/packages/backend-data/src/convert_authorization_modes.test.ts b/packages/backend-data/src/convert_authorization_modes.test.ts index f685414449..f728c7bd72 100644 --- a/packages/backend-data/src/convert_authorization_modes.test.ts +++ b/packages/backend-data/src/convert_authorization_modes.test.ts @@ -36,6 +36,7 @@ void describe('buildConstructFactoryProvidedAuthConfig', () => { userPool: 'ThisIsAUserPool', authenticatedUserIamRole: 'ThisIsAnAuthenticatedUserIamRole', unauthenticatedUserIamRole: 'ThisIsAnUnauthenticatedUserIamRole', + identityPoolId: 'us-fake-1:123123-123123', cfnResources: { cfnIdentityPool: { logicalId: 'IdentityPoolLogicalId', diff --git a/packages/backend-data/src/convert_authorization_modes.ts b/packages/backend-data/src/convert_authorization_modes.ts index fadfec4fbb..02df9d4a04 100644 --- a/packages/backend-data/src/convert_authorization_modes.ts +++ b/packages/backend-data/src/convert_authorization_modes.ts @@ -20,6 +20,7 @@ import { import { AuthResources, ConstructFactoryGetInstanceProps, + ReferenceAuthResources, ResourceProvider, } from '@aws-amplify/plugin-types'; import { AmplifyUserError } from '@aws-amplify/platform-core'; @@ -38,14 +39,14 @@ export type ProvidedAuthConfig = { * Function instance provider which uses the */ export const buildConstructFactoryProvidedAuthConfig = ( - authResourceProvider: ResourceProvider | undefined + authResourceProvider: + | ResourceProvider + | undefined ): ProvidedAuthConfig | undefined => { if (!authResourceProvider) return; - return { userPool: authResourceProvider.resources.userPool, - identityPoolId: - authResourceProvider.resources.cfnResources.cfnIdentityPool.ref, + identityPoolId: authResourceProvider.resources.identityPoolId, authenticatedUserRole: authResourceProvider.resources.authenticatedUserIamRole, unauthenticatedUserRole: diff --git a/packages/backend-data/src/factory.test.ts b/packages/backend-data/src/factory.test.ts index c4cc45b9ad..51e2aabf45 100644 --- a/packages/backend-data/src/factory.test.ts +++ b/packages/backend-data/src/factory.test.ts @@ -85,6 +85,7 @@ const createConstructContainerWithUserPoolAuthRegistered = ( authenticatedUserIamRole: new Role(stack, 'testAuthRole', { assumedBy: new ServicePrincipal('test.amazon.com'), }), + identityPoolId: 'identityPoolId', cfnResources: { cfnUserPool: new CfnUserPool(stack, 'CfnUserPool', {}), cfnUserPoolClient: new CfnUserPoolClient(stack, 'CfnUserPoolClient', { diff --git a/packages/backend-data/src/factory.ts b/packages/backend-data/src/factory.ts index c40ad8db70..6274c2c823 100644 --- a/packages/backend-data/src/factory.ts +++ b/packages/backend-data/src/factory.ts @@ -7,6 +7,7 @@ import { ConstructFactory, ConstructFactoryGetInstanceProps, GenerateContainerEntryProps, + ReferenceAuthResources, ResourceProvider, } from '@aws-amplify/plugin-types'; import { @@ -97,9 +98,9 @@ export class DataFactory implements ConstructFactory { this.props, buildConstructFactoryProvidedAuthConfig( props.constructContainer - .getConstructFactory>( - 'AuthResources' - ) + .getConstructFactory< + ResourceProvider + >('AuthResources') ?.getInstance(props) ), props, diff --git a/packages/plugin-types/src/auth_resources.ts b/packages/plugin-types/src/auth_resources.ts index 490ca51fcc..0112e06a31 100644 --- a/packages/plugin-types/src/auth_resources.ts +++ b/packages/plugin-types/src/auth_resources.ts @@ -51,6 +51,10 @@ export type AuthResources = { * The generated unauth role. */ unauthenticatedUserIamRole: IRole; + /** + * Identity pool Id + */ + identityPoolId: string; /** * L1 Cfn Resources, for when dipping down a level of abstraction is desirable. */ @@ -96,6 +100,17 @@ export type ReferenceAuthResources = { * Identity pool Id */ identityPoolId: string; + /** + * A map of existing group names and their associated group role. + */ + groups: { + [groupName: string]: { + /** + * The generated Role for this group + */ + role: IRole; + }; + }; }; export type AuthRoleName = keyof Pick< diff --git a/packages/reference-auth-construct/src/construct.ts b/packages/reference-auth-construct/src/construct.ts index 54ac8d38f0..7ee95ece72 100644 --- a/packages/reference-auth-construct/src/construct.ts +++ b/packages/reference-auth-construct/src/construct.ts @@ -22,6 +22,7 @@ import { NodejsFunction } from 'aws-cdk-lib/aws-lambda-nodejs'; import { fileURLToPath } from 'url'; import { Runtime } from 'aws-cdk-lib/aws-lambda'; import { Provider } from 'aws-cdk-lib/custom-resources'; +import { Role } from 'aws-cdk-lib/aws-iam'; const REFERENCE_AUTH_CUSTOM_RESOURCE_PROVIDER_ID = 'AmplifyRefAuthConfigCustomResourceProvider'; @@ -75,8 +76,18 @@ export class AmplifyReferenceAuth props.unauthRoleArn ), identityPoolId: props.identityPoolId, + groups: {}, }; + // mapping of existing group roles + if (props.groups) { + Object.entries(props.groups).forEach(([groupName, roleArn]) => { + this.resources.groups[groupName] = { + role: Role.fromRoleArn(this, `${groupName}GroupRole`, roleArn), + }; + }); + } + // custom resource provider const configurationLambda = new NodejsFunction( scope, diff --git a/packages/reference-auth-construct/src/types.ts b/packages/reference-auth-construct/src/types.ts index b9f4cd56db..dc8305c81b 100644 --- a/packages/reference-auth-construct/src/types.ts +++ b/packages/reference-auth-construct/src/types.ts @@ -6,9 +6,31 @@ export type ReferenceAuthProps = { * @internal */ outputStorageStrategy?: BackendOutputStorageStrategy; + /** + * Existing UserPool Id + */ userPoolId: string; + /** + * Existing IdentityPool Id + */ identityPoolId: string; + /** + * Existing UserPoolClient Id + */ userPoolClientId: string; + /** + * Existing AuthRole ARN + */ authRoleArn: string; + /** + * Existing UnauthRole ARN + */ unauthRoleArn: string; + /** + * A mapping of existing group names and their associated role ARNs + * which can be used for group permissions. + */ + groups?: { + [groupName: string]: string; + }; }; From 52baff25dd683d244d5c51c9a2c6ee72784bf6ea Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Mon, 30 Sep 2024 10:41:42 -0700 Subject: [PATCH 12/61] chore: update api --- packages/plugin-types/API.md | 6 ++++++ packages/reference-auth-construct/API.md | 3 +++ 2 files changed, 9 insertions(+) diff --git a/packages/plugin-types/API.md b/packages/plugin-types/API.md index 77820c7182..5633bd63c6 100644 --- a/packages/plugin-types/API.md +++ b/packages/plugin-types/API.md @@ -43,6 +43,7 @@ export type AuthResources = { userPoolClient: IUserPoolClient; authenticatedUserIamRole: IRole; unauthenticatedUserIamRole: IRole; + identityPoolId: string; cfnResources: AuthCfnResources; groups: { [groupName: string]: { @@ -199,6 +200,11 @@ export type ReferenceAuthResources = { authenticatedUserIamRole: IRole; unauthenticatedUserIamRole: IRole; identityPoolId: string; + groups: { + [groupName: string]: { + role: IRole; + }; + }; }; // @public (undocumented) diff --git a/packages/reference-auth-construct/API.md b/packages/reference-auth-construct/API.md index c6917cdfea..364cdb2504 100644 --- a/packages/reference-auth-construct/API.md +++ b/packages/reference-auth-construct/API.md @@ -25,6 +25,9 @@ export type ReferenceAuthProps = { userPoolClientId: string; authRoleArn: string; unauthRoleArn: string; + groups?: { + [groupName: string]: string; + }; }; // (No @packageDocumentation comment for this package) From e5c1d0711435506a15bf74ded5299218b85f7ffa Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 2 Oct 2024 14:25:15 -0700 Subject: [PATCH 13/61] feat: reference auth outputs --- package-lock.json | 1556 +++++++++++++---- .../reference-auth-construct/package.json | 5 + .../reference-auth-construct/src/construct.ts | 76 +- .../src/lambda/reference_auth_initializer.ts | 223 ++- .../reference_auth_initializer_types.ts | 5 + 5 files changed, 1535 insertions(+), 330 deletions(-) create mode 100644 packages/reference-auth-construct/src/lambda/reference_auth_initializer_types.ts diff --git a/package-lock.json b/package-lock.json index 175dc2087e..57a20858ff 100644 --- a/package-lock.json +++ b/package-lock.json @@ -7001,51 +7001,97 @@ } }, "node_modules/@aws-sdk/client-cognito-identity-provider": { - "version": "3.651.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-cognito-identity-provider/-/client-cognito-identity-provider-3.651.0.tgz", - "integrity": "sha512-ghIZlEOFHb5TYzoWMlvupD0vvZpQaTMk9DPbtvwDs1EW6iegs/Y4eJVIGL+ITkiPS/86MlySvSw1hUZseiTXVQ==", - "dev": true, - "license": "Apache-2.0", + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-cognito-identity-provider/-/client-cognito-identity-provider-3.662.0.tgz", + "integrity": "sha512-GqKKoVIBwkGqIxFJh5gJY7aMZhijjJkk/hmI1eIuS4vex7LpS941uYH/3CpyuI0u3hq+ABjwul2W6dDNleVq4Q==", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/client-sso-oidc": "3.650.0", - "@aws-sdk/client-sts": "3.650.0", - "@aws-sdk/core": "3.649.0", - "@aws-sdk/credential-provider-node": "3.650.0", - "@aws-sdk/middleware-host-header": "3.649.0", - "@aws-sdk/middleware-logger": "3.649.0", - "@aws-sdk/middleware-recursion-detection": "3.649.0", - "@aws-sdk/middleware-user-agent": "3.649.0", - "@aws-sdk/region-config-resolver": "3.649.0", - "@aws-sdk/types": "3.649.0", - "@aws-sdk/util-endpoints": "3.649.0", - "@aws-sdk/util-user-agent-browser": "3.649.0", - "@aws-sdk/util-user-agent-node": "3.649.0", - "@smithy/config-resolver": "^3.0.6", - "@smithy/core": "^2.4.1", - "@smithy/fetch-http-handler": "^3.2.5", - "@smithy/hash-node": "^3.0.4", - "@smithy/invalid-dependency": "^3.0.4", - "@smithy/middleware-content-length": "^3.0.6", - "@smithy/middleware-endpoint": "^3.1.1", - "@smithy/middleware-retry": "^3.0.16", - "@smithy/middleware-serde": "^3.0.4", - "@smithy/middleware-stack": "^3.0.4", - "@smithy/node-config-provider": "^3.1.5", - "@smithy/node-http-handler": "^3.2.0", - "@smithy/protocol-http": "^4.1.1", - "@smithy/smithy-client": "^3.3.0", - "@smithy/types": "^3.4.0", - "@smithy/url-parser": "^3.0.4", + "@aws-sdk/client-sso-oidc": "3.662.0", + "@aws-sdk/client-sts": "3.662.0", + "@aws-sdk/core": "3.662.0", + "@aws-sdk/credential-provider-node": "3.662.0", + "@aws-sdk/middleware-host-header": "3.662.0", + "@aws-sdk/middleware-logger": "3.662.0", + "@aws-sdk/middleware-recursion-detection": "3.662.0", + "@aws-sdk/middleware-user-agent": "3.662.0", + "@aws-sdk/region-config-resolver": "3.662.0", + "@aws-sdk/types": "3.662.0", + "@aws-sdk/util-endpoints": "3.662.0", + "@aws-sdk/util-user-agent-browser": "3.662.0", + "@aws-sdk/util-user-agent-node": "3.662.0", + "@smithy/config-resolver": "^3.0.9", + "@smithy/core": "^2.4.7", + "@smithy/fetch-http-handler": "^3.2.9", + "@smithy/hash-node": "^3.0.7", + "@smithy/invalid-dependency": "^3.0.7", + "@smithy/middleware-content-length": "^3.0.9", + "@smithy/middleware-endpoint": "^3.1.4", + "@smithy/middleware-retry": "^3.0.22", + "@smithy/middleware-serde": "^3.0.7", + "@smithy/middleware-stack": "^3.0.7", + "@smithy/node-config-provider": "^3.1.8", + "@smithy/node-http-handler": "^3.2.4", + "@smithy/protocol-http": "^4.1.4", + "@smithy/smithy-client": "^3.3.6", + "@smithy/types": "^3.5.0", + "@smithy/url-parser": "^3.0.7", "@smithy/util-base64": "^3.0.0", "@smithy/util-body-length-browser": "^3.0.0", "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.16", - "@smithy/util-defaults-mode-node": "^3.0.16", - "@smithy/util-endpoints": "^2.1.0", - "@smithy/util-middleware": "^3.0.4", - "@smithy/util-retry": "^3.0.4", + "@smithy/util-defaults-mode-browser": "^3.0.22", + "@smithy/util-defaults-mode-node": "^3.0.22", + "@smithy/util-endpoints": "^2.1.3", + "@smithy/util-middleware": "^3.0.7", + "@smithy/util-retry": "^3.0.7", + "@smithy/util-utf8": "^3.0.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/client-sso": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.662.0.tgz", + "integrity": "sha512-4j3+eNSnNblcIYCJrsRRdyXFjAWGpGa7s7pdIyDMLwtYA7AKNlnlyQV14jtezhMrN2j6qZ7zZmnwEyFGipgfWA==", + "dependencies": { + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/core": "3.662.0", + "@aws-sdk/middleware-host-header": "3.662.0", + "@aws-sdk/middleware-logger": "3.662.0", + "@aws-sdk/middleware-recursion-detection": "3.662.0", + "@aws-sdk/middleware-user-agent": "3.662.0", + "@aws-sdk/region-config-resolver": "3.662.0", + "@aws-sdk/types": "3.662.0", + "@aws-sdk/util-endpoints": "3.662.0", + "@aws-sdk/util-user-agent-browser": "3.662.0", + "@aws-sdk/util-user-agent-node": "3.662.0", + "@smithy/config-resolver": "^3.0.9", + "@smithy/core": "^2.4.7", + "@smithy/fetch-http-handler": "^3.2.9", + "@smithy/hash-node": "^3.0.7", + "@smithy/invalid-dependency": "^3.0.7", + "@smithy/middleware-content-length": "^3.0.9", + "@smithy/middleware-endpoint": "^3.1.4", + "@smithy/middleware-retry": "^3.0.22", + "@smithy/middleware-serde": "^3.0.7", + "@smithy/middleware-stack": "^3.0.7", + "@smithy/node-config-provider": "^3.1.8", + "@smithy/node-http-handler": "^3.2.4", + "@smithy/protocol-http": "^4.1.4", + "@smithy/smithy-client": "^3.3.6", + "@smithy/types": "^3.5.0", + "@smithy/url-parser": "^3.0.7", + "@smithy/util-base64": "^3.0.0", + "@smithy/util-body-length-browser": "^3.0.0", + "@smithy/util-body-length-node": "^3.0.0", + "@smithy/util-defaults-mode-browser": "^3.0.22", + "@smithy/util-defaults-mode-node": "^3.0.22", + "@smithy/util-endpoints": "^2.1.3", + "@smithy/util-middleware": "^3.0.7", + "@smithy/util-retry": "^3.0.7", "@smithy/util-utf8": "^3.0.0", "tslib": "^2.6.2" }, @@ -7053,16 +7099,413 @@ "node": ">=16.0.0" } }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/client-sso-oidc": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.662.0.tgz", + "integrity": "sha512-YZrH0sftdmjvEIY8u0LCrfEhyaMVpN0+K0K9WsUrFRMZ7DK6nB9YD1f5EaKUN5UjNw5S7gbjSdI8neSCoELjhw==", + "dependencies": { + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/core": "3.662.0", + "@aws-sdk/credential-provider-node": "3.662.0", + "@aws-sdk/middleware-host-header": "3.662.0", + "@aws-sdk/middleware-logger": "3.662.0", + "@aws-sdk/middleware-recursion-detection": "3.662.0", + "@aws-sdk/middleware-user-agent": "3.662.0", + "@aws-sdk/region-config-resolver": "3.662.0", + "@aws-sdk/types": "3.662.0", + "@aws-sdk/util-endpoints": "3.662.0", + "@aws-sdk/util-user-agent-browser": "3.662.0", + "@aws-sdk/util-user-agent-node": "3.662.0", + "@smithy/config-resolver": "^3.0.9", + "@smithy/core": "^2.4.7", + "@smithy/fetch-http-handler": "^3.2.9", + "@smithy/hash-node": "^3.0.7", + "@smithy/invalid-dependency": "^3.0.7", + "@smithy/middleware-content-length": "^3.0.9", + "@smithy/middleware-endpoint": "^3.1.4", + "@smithy/middleware-retry": "^3.0.22", + "@smithy/middleware-serde": "^3.0.7", + "@smithy/middleware-stack": "^3.0.7", + "@smithy/node-config-provider": "^3.1.8", + "@smithy/node-http-handler": "^3.2.4", + "@smithy/protocol-http": "^4.1.4", + "@smithy/smithy-client": "^3.3.6", + "@smithy/types": "^3.5.0", + "@smithy/url-parser": "^3.0.7", + "@smithy/util-base64": "^3.0.0", + "@smithy/util-body-length-browser": "^3.0.0", + "@smithy/util-body-length-node": "^3.0.0", + "@smithy/util-defaults-mode-browser": "^3.0.22", + "@smithy/util-defaults-mode-node": "^3.0.22", + "@smithy/util-endpoints": "^2.1.3", + "@smithy/util-middleware": "^3.0.7", + "@smithy/util-retry": "^3.0.7", + "@smithy/util-utf8": "^3.0.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + }, + "peerDependencies": { + "@aws-sdk/client-sts": "^3.662.0" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/client-sts": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.662.0.tgz", + "integrity": "sha512-RjiXvfW3a36ybHuzYuZ6ZgddYiENiXLDGC3tlZMsKWuoVQNeoh2grx1wxUA6e4ajAIqJLXs5dAYTSXzGaAqHTA==", + "dependencies": { + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/client-sso-oidc": "3.662.0", + "@aws-sdk/core": "3.662.0", + "@aws-sdk/credential-provider-node": "3.662.0", + "@aws-sdk/middleware-host-header": "3.662.0", + "@aws-sdk/middleware-logger": "3.662.0", + "@aws-sdk/middleware-recursion-detection": "3.662.0", + "@aws-sdk/middleware-user-agent": "3.662.0", + "@aws-sdk/region-config-resolver": "3.662.0", + "@aws-sdk/types": "3.662.0", + "@aws-sdk/util-endpoints": "3.662.0", + "@aws-sdk/util-user-agent-browser": "3.662.0", + "@aws-sdk/util-user-agent-node": "3.662.0", + "@smithy/config-resolver": "^3.0.9", + "@smithy/core": "^2.4.7", + "@smithy/fetch-http-handler": "^3.2.9", + "@smithy/hash-node": "^3.0.7", + "@smithy/invalid-dependency": "^3.0.7", + "@smithy/middleware-content-length": "^3.0.9", + "@smithy/middleware-endpoint": "^3.1.4", + "@smithy/middleware-retry": "^3.0.22", + "@smithy/middleware-serde": "^3.0.7", + "@smithy/middleware-stack": "^3.0.7", + "@smithy/node-config-provider": "^3.1.8", + "@smithy/node-http-handler": "^3.2.4", + "@smithy/protocol-http": "^4.1.4", + "@smithy/smithy-client": "^3.3.6", + "@smithy/types": "^3.5.0", + "@smithy/url-parser": "^3.0.7", + "@smithy/util-base64": "^3.0.0", + "@smithy/util-body-length-browser": "^3.0.0", + "@smithy/util-body-length-node": "^3.0.0", + "@smithy/util-defaults-mode-browser": "^3.0.22", + "@smithy/util-defaults-mode-node": "^3.0.22", + "@smithy/util-endpoints": "^2.1.3", + "@smithy/util-middleware": "^3.0.7", + "@smithy/util-retry": "^3.0.7", + "@smithy/util-utf8": "^3.0.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/core": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.662.0.tgz", + "integrity": "sha512-w64Fa4dsgM8vN7Z+QPR3n+aAl5GXThQRH8deT/iF1rLrzfq7V8xxACJ/CLVaxrZMZUPUUgG7DUAo95nXFWmGjA==", + "dependencies": { + "@smithy/core": "^2.4.7", + "@smithy/node-config-provider": "^3.1.8", + "@smithy/property-provider": "^3.1.7", + "@smithy/protocol-http": "^4.1.4", + "@smithy/signature-v4": "^4.2.0", + "@smithy/smithy-client": "^3.3.6", + "@smithy/types": "^3.5.0", + "@smithy/util-middleware": "^3.0.7", + "fast-xml-parser": "4.4.1", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/credential-provider-env": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.662.0.tgz", + "integrity": "sha512-Dgwb0c/FH4xT5QZZFdLTFmCkdG3woXIAgLx5HCoH9Ty5G7T8keHOU9Jm4Vpe2ZJXL7JJHlLakGS65+bgXTuLSQ==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/property-provider": "^3.1.7", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/credential-provider-http": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.662.0.tgz", + "integrity": "sha512-Wnle/uJI4Ku9ABJHof9sio28VlaSbF3jVQKTSVCJftvbKELlFOlY5aXSjtu0wwcJqDS5r78N5KM7aARUJES+DA==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/fetch-http-handler": "^3.2.9", + "@smithy/node-http-handler": "^3.2.4", + "@smithy/property-provider": "^3.1.7", + "@smithy/protocol-http": "^4.1.4", + "@smithy/smithy-client": "^3.3.6", + "@smithy/types": "^3.5.0", + "@smithy/util-stream": "^3.1.9", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/credential-provider-ini": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.662.0.tgz", + "integrity": "sha512-jk+A5B0NRYG4KrjJ8ef1+r9bFjhpwUm/A9grJmp3JOwcHKXvI2Gy9BXNqfqqVgrK0Gns+WyhJZy6rsRaC+v1oQ==", + "dependencies": { + "@aws-sdk/credential-provider-env": "3.662.0", + "@aws-sdk/credential-provider-http": "3.662.0", + "@aws-sdk/credential-provider-process": "3.662.0", + "@aws-sdk/credential-provider-sso": "3.662.0", + "@aws-sdk/credential-provider-web-identity": "3.662.0", + "@aws-sdk/types": "3.662.0", + "@smithy/credential-provider-imds": "^3.2.4", + "@smithy/property-provider": "^3.1.7", + "@smithy/shared-ini-file-loader": "^3.1.8", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + }, + "peerDependencies": { + "@aws-sdk/client-sts": "^3.662.0" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/credential-provider-node": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.662.0.tgz", + "integrity": "sha512-2O9wjxdLcU1b+bWVkp3YYbPHo15SU3pW4KfWTca5bB/C01i1eqiHnwsOFz/WKPYYKNj0FhXtJJjeDQLtNFYI8A==", + "dependencies": { + "@aws-sdk/credential-provider-env": "3.662.0", + "@aws-sdk/credential-provider-http": "3.662.0", + "@aws-sdk/credential-provider-ini": "3.662.0", + "@aws-sdk/credential-provider-process": "3.662.0", + "@aws-sdk/credential-provider-sso": "3.662.0", + "@aws-sdk/credential-provider-web-identity": "3.662.0", + "@aws-sdk/types": "3.662.0", + "@smithy/credential-provider-imds": "^3.2.4", + "@smithy/property-provider": "^3.1.7", + "@smithy/shared-ini-file-loader": "^3.1.8", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/credential-provider-process": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.662.0.tgz", + "integrity": "sha512-1QUdtr/JiuvRjVgA8enpgCwjq7Eud8eVUT0i/vpWuFp5TV2FFq/8BD3GBkesTdy4Ylms6QVGf7J6INdfUWQEmw==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/property-provider": "^3.1.7", + "@smithy/shared-ini-file-loader": "^3.1.8", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/credential-provider-sso": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.662.0.tgz", + "integrity": "sha512-zxze6pDPgwBwl7S3h4JDALCCz93pTAfulbCY8FqMEd7GvnAiofHpL9svyt4+gytXwwUSsQ6KxCMVLbi+8k8YIg==", + "dependencies": { + "@aws-sdk/client-sso": "3.662.0", + "@aws-sdk/token-providers": "3.662.0", + "@aws-sdk/types": "3.662.0", + "@smithy/property-provider": "^3.1.7", + "@smithy/shared-ini-file-loader": "^3.1.8", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/credential-provider-web-identity": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.662.0.tgz", + "integrity": "sha512-GhPwxmHSFtwCckuT+34JG+U99qKfDWVYPLJOPI6b35+aLhfVqW5CHPmVjtM4WZqbxzsA0a3KAYA/U1ZaluI4SA==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/property-provider": "^3.1.7", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + }, + "peerDependencies": { + "@aws-sdk/client-sts": "^3.662.0" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/middleware-host-header": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.662.0.tgz", + "integrity": "sha512-Gkb0J1LTvD8LOS8uwoRI5weFXvvJwP1jfnYwzQrFgLymRFHJm5JtORQZtmw34dtdou+IBTUsH1mgI8b3QVVH3w==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/protocol-http": "^4.1.4", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/middleware-logger": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-logger/-/middleware-logger-3.662.0.tgz", + "integrity": "sha512-aSpwVHtfMlqzpmnmmUgRNCaIcxXdRrGqGWG+VWXuYR1F6jJARDDCxGkSuKiPEOLX0h0BroUo4gqbM8ILXQ8rVw==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/middleware-recursion-detection": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.662.0.tgz", + "integrity": "sha512-V/MYE+LOFIQDLnpWMHLxnKu+ELhD3pLOrWXVhKpVit6YcHxaOz6nvB40CPamSPDXenA11FGXKAGNHZ0loTpDQg==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/protocol-http": "^4.1.4", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/middleware-user-agent": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.662.0.tgz", + "integrity": "sha512-NT940BLSSys/A8W3zO3g2Kj+zpeydqGbSQgN6qz84jTskQjnrlamoq+Zl9Rrp8Cn8sC10UQ09kGg97lvjVOlmg==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@aws-sdk/util-endpoints": "3.662.0", + "@smithy/protocol-http": "^4.1.4", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/region-config-resolver": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.662.0.tgz", + "integrity": "sha512-MDiWl4wZSVnnTELLb+jFSe0nj9HwxJPX2JnghXKkOXmbKEiE2/21DCQwU9mr9VUq2ZOQqaSnMFPr94iRu0AVTQ==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/node-config-provider": "^3.1.8", + "@smithy/types": "^3.5.0", + "@smithy/util-config-provider": "^3.0.0", + "@smithy/util-middleware": "^3.0.7", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/token-providers": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.662.0.tgz", + "integrity": "sha512-OqtBPutNC9Am10P1W5IwqRvzCVQAHRxWxZnfDBh1FQjNmoboGWYSriKxbrCRYLFffusNuzo8KnOFOmg1sRlhJQ==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/property-provider": "^3.1.7", + "@smithy/shared-ini-file-loader": "^3.1.8", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + }, + "peerDependencies": { + "@aws-sdk/client-sso-oidc": "^3.662.0" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/types": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.662.0.tgz", + "integrity": "sha512-Ff9/KRmIm8iEzodxzISLj4/pB/0hX2nVw1RFeOBC65OuM6nHrAdWHHog/CVx25hS5JPU0uE3h6NlWRaBJ7AV5w==", + "dependencies": { + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/util-endpoints": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.662.0.tgz", + "integrity": "sha512-RQ/78yNUxZZZULFg7VxT7oObGOR/FBc0ojiFoCAKC20ycY8VvVX5Eof4gyxoVpwOP7EoZO3UlWSIqtaEV/X70w==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/types": "^3.5.0", + "@smithy/util-endpoints": "^2.1.3", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/util-user-agent-browser": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.662.0.tgz", + "integrity": "sha512-5wQd+HbNTY1r1Gndxf93dAEFtKz1DqcalI4Ym40To+RIonSsYQNRomFoizYNgJ1P+Mkfsr4P1dy/MNTlkqTZuQ==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/types": "^3.5.0", + "bowser": "^2.11.0", + "tslib": "^2.6.2" + } + }, + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/util-user-agent-node": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.662.0.tgz", + "integrity": "sha512-vBRbZ9Hr1OGmdJPWj36X0fR8/VdI2JiwK6+oJRa6qfJ6AnhqCYZbCyeA6JIDeEu3M9iu1OLjenU8NdXhTz8c2w==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/node-config-provider": "^3.1.8", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + }, + "peerDependencies": { + "aws-crt": ">=1.0.0" + }, + "peerDependenciesMeta": { + "aws-crt": { + "optional": true + } + } + }, "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@smithy/node-config-provider": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", - "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", - "dev": true, - "license": "Apache-2.0", + "version": "3.1.8", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.8.tgz", + "integrity": "sha512-E0rU0DglpeJn5ge64mk8wTGEXcQwmpUTY5Zr7IzTpDLmHKiIamINERNZYrPQjg58Ck236sEKSwRSHA4CwshU6Q==", "dependencies": { - "@smithy/property-provider": "^3.1.4", - "@smithy/shared-ini-file-loader": "^3.1.5", - "@smithy/types": "^3.4.0", + "@smithy/property-provider": "^3.1.7", + "@smithy/shared-ini-file-loader": "^3.1.8", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -7070,13 +7513,11 @@ } }, "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", - "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", - "dev": true, - "license": "Apache-2.0", + "version": "3.1.8", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.8.tgz", + "integrity": "sha512-0NHdQiSkeGl0ICQKcJQ2lCOKH23Nb0EaAa7RDRId6ZqwXkw4LJyIyZ0t3iusD4bnKYDPLGy2/5e2rfUhrt0Acw==", "dependencies": { - "@smithy/types": "^3.4.0", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16135,12 +16576,11 @@ "license": "(Unlicense OR Apache-2.0)" }, "node_modules/@smithy/abort-controller": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/@smithy/abort-controller/-/abort-controller-3.1.2.tgz", - "integrity": "sha512-b5g+PNujlfqIib9BjkNB108NyO5aZM/RXjfOCXRCqXQ1oPnIkfvdORrztbGgCZdPe/BN/MKDlrGA7PafKPM2jw==", - "license": "Apache-2.0", + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/abort-controller/-/abort-controller-3.1.5.tgz", + "integrity": "sha512-DhNPnqTqPoG8aZ5dWkFOgsuY+i0GQ3CI6hMmvCoduNsnU9gUZWZBwGfDQsTTB7NvFPkom1df7jMIJWU90kuXXg==", "dependencies": { - "@smithy/types": "^3.4.0", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16167,15 +16607,14 @@ } }, "node_modules/@smithy/config-resolver": { - "version": "3.0.6", - "resolved": "https://registry.npmjs.org/@smithy/config-resolver/-/config-resolver-3.0.6.tgz", - "integrity": "sha512-j7HuVNoRd8EhcFp0MzcUb4fG40C7BcyshH+fAd3Jhd8bINNFvEQYBrZoS/SK6Pun9WPlfoI8uuU2SMz8DsEGlA==", - "license": "Apache-2.0", + "version": "3.0.9", + "resolved": "https://registry.npmjs.org/@smithy/config-resolver/-/config-resolver-3.0.9.tgz", + "integrity": "sha512-5d9oBf40qC7n2xUoHmntKLdqsyTMMo/r49+eqSIjJ73eDfEtljAxEhzIQ3bkgXJtR3xiv7YzMT/3FF3ORkjWdg==", "dependencies": { - "@smithy/node-config-provider": "^3.1.5", - "@smithy/types": "^3.4.0", + "@smithy/node-config-provider": "^3.1.8", + "@smithy/types": "^3.5.0", "@smithy/util-config-provider": "^3.0.0", - "@smithy/util-middleware": "^3.0.4", + "@smithy/util-middleware": "^3.0.7", "tslib": "^2.6.2" }, "engines": { @@ -16183,14 +16622,13 @@ } }, "node_modules/@smithy/config-resolver/node_modules/@smithy/node-config-provider": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", - "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", - "license": "Apache-2.0", + "version": "3.1.8", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.8.tgz", + "integrity": "sha512-E0rU0DglpeJn5ge64mk8wTGEXcQwmpUTY5Zr7IzTpDLmHKiIamINERNZYrPQjg58Ck236sEKSwRSHA4CwshU6Q==", "dependencies": { - "@smithy/property-provider": "^3.1.4", - "@smithy/shared-ini-file-loader": "^3.1.5", - "@smithy/types": "^3.4.0", + "@smithy/property-provider": "^3.1.7", + "@smithy/shared-ini-file-loader": "^3.1.8", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16198,12 +16636,11 @@ } }, "node_modules/@smithy/config-resolver/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", - "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", - "license": "Apache-2.0", + "version": "3.1.8", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.8.tgz", + "integrity": "sha512-0NHdQiSkeGl0ICQKcJQ2lCOKH23Nb0EaAa7RDRId6ZqwXkw4LJyIyZ0t3iusD4bnKYDPLGy2/5e2rfUhrt0Acw==", "dependencies": { - "@smithy/types": "^3.4.0", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16211,19 +16648,18 @@ } }, "node_modules/@smithy/core": { - "version": "2.4.1", - "resolved": "https://registry.npmjs.org/@smithy/core/-/core-2.4.1.tgz", - "integrity": "sha512-7cts7/Oni7aCHebHGiBeWoz5z+vmH+Vx2Z/UW3XtXMslcxI3PEwBZxNinepwZjixS3n12fPc247PHWmjU7ndsQ==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/middleware-endpoint": "^3.1.1", - "@smithy/middleware-retry": "^3.0.16", - "@smithy/middleware-serde": "^3.0.4", - "@smithy/protocol-http": "^4.1.1", - "@smithy/smithy-client": "^3.3.0", - "@smithy/types": "^3.4.0", + "version": "2.4.7", + "resolved": "https://registry.npmjs.org/@smithy/core/-/core-2.4.7.tgz", + "integrity": "sha512-goqMjX+IoVEnHZjYuzu8xwoZjoteMiLXsPHuXPBkWsGwu0o9c3nTjqkUlP1Ez/V8E501aOU7CJ3INk8mQcW2gw==", + "dependencies": { + "@smithy/middleware-endpoint": "^3.1.4", + "@smithy/middleware-retry": "^3.0.22", + "@smithy/middleware-serde": "^3.0.7", + "@smithy/protocol-http": "^4.1.4", + "@smithy/smithy-client": "^3.3.6", + "@smithy/types": "^3.5.0", "@smithy/util-body-length-browser": "^3.0.0", - "@smithy/util-middleware": "^3.0.4", + "@smithy/util-middleware": "^3.0.7", "@smithy/util-utf8": "^3.0.0", "tslib": "^2.6.2" }, @@ -16232,15 +16668,14 @@ } }, "node_modules/@smithy/credential-provider-imds": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/@smithy/credential-provider-imds/-/credential-provider-imds-3.2.1.tgz", - "integrity": "sha512-4z/oTWpRF2TqQI3aCM89/PWu3kim58XU4kOCTtuTJnoaS4KT95cPWMxbQfTN2vzcOe96SOKO8QouQW/+ESB1fQ==", - "license": "Apache-2.0", + "version": "3.2.4", + "resolved": "https://registry.npmjs.org/@smithy/credential-provider-imds/-/credential-provider-imds-3.2.4.tgz", + "integrity": "sha512-S9bb0EIokfYEuar4kEbLta+ivlKCWOCFsLZuilkNy9i0uEUEHSi47IFLPaxqqCl+0ftKmcOTHayY5nQhAuq7+w==", "dependencies": { - "@smithy/node-config-provider": "^3.1.5", - "@smithy/property-provider": "^3.1.4", - "@smithy/types": "^3.4.0", - "@smithy/url-parser": "^3.0.4", + "@smithy/node-config-provider": "^3.1.8", + "@smithy/property-provider": "^3.1.7", + "@smithy/types": "^3.5.0", + "@smithy/url-parser": "^3.0.7", "tslib": "^2.6.2" }, "engines": { @@ -16248,14 +16683,13 @@ } }, "node_modules/@smithy/credential-provider-imds/node_modules/@smithy/node-config-provider": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", - "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", - "license": "Apache-2.0", + "version": "3.1.8", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.8.tgz", + "integrity": "sha512-E0rU0DglpeJn5ge64mk8wTGEXcQwmpUTY5Zr7IzTpDLmHKiIamINERNZYrPQjg58Ck236sEKSwRSHA4CwshU6Q==", "dependencies": { - "@smithy/property-provider": "^3.1.4", - "@smithy/shared-ini-file-loader": "^3.1.5", - "@smithy/types": "^3.4.0", + "@smithy/property-provider": "^3.1.7", + "@smithy/shared-ini-file-loader": "^3.1.8", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16263,12 +16697,11 @@ } }, "node_modules/@smithy/credential-provider-imds/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", - "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", - "license": "Apache-2.0", + "version": "3.1.8", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.8.tgz", + "integrity": "sha512-0NHdQiSkeGl0ICQKcJQ2lCOKH23Nb0EaAa7RDRId6ZqwXkw4LJyIyZ0t3iusD4bnKYDPLGy2/5e2rfUhrt0Acw==", "dependencies": { - "@smithy/types": "^3.4.0", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16343,14 +16776,13 @@ } }, "node_modules/@smithy/fetch-http-handler": { - "version": "3.2.5", - "resolved": "https://registry.npmjs.org/@smithy/fetch-http-handler/-/fetch-http-handler-3.2.5.tgz", - "integrity": "sha512-DjRtGmK8pKQMIo9+JlAKUt14Z448bg8nAN04yKIvlrrpmpRSG57s5d2Y83npks1r4gPtTRNbAFdQCoj9l3P2KQ==", - "license": "Apache-2.0", + "version": "3.2.9", + "resolved": "https://registry.npmjs.org/@smithy/fetch-http-handler/-/fetch-http-handler-3.2.9.tgz", + "integrity": "sha512-hYNVQOqhFQ6vOpenifFME546f0GfJn2OiQ3M0FDmuUu8V/Uiwy2wej7ZXxFBNqdx0R5DZAqWM1l6VRhGz8oE6A==", "dependencies": { - "@smithy/protocol-http": "^4.1.1", - "@smithy/querystring-builder": "^3.0.4", - "@smithy/types": "^3.4.0", + "@smithy/protocol-http": "^4.1.4", + "@smithy/querystring-builder": "^3.0.7", + "@smithy/types": "^3.5.0", "@smithy/util-base64": "^3.0.0", "tslib": "^2.6.2" } @@ -16368,12 +16800,11 @@ } }, "node_modules/@smithy/hash-node": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/@smithy/hash-node/-/hash-node-3.0.4.tgz", - "integrity": "sha512-6FgTVqEfCr9z/7+Em8BwSkJKA2y3krf1em134x3yr2NHWVCo2KYI8tcA53cjeO47y41jwF84ntsEE0Pe6pNKlg==", - "license": "Apache-2.0", + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@smithy/hash-node/-/hash-node-3.0.7.tgz", + "integrity": "sha512-SAGHN+QkrwcHFjfWzs/czX94ZEjPJ0CrWJS3M43WswDXVEuP4AVy9gJ3+AF6JQHZD13bojmuf/Ap/ItDeZ+Qfw==", "dependencies": { - "@smithy/types": "^3.4.0", + "@smithy/types": "^3.5.0", "@smithy/util-buffer-from": "^3.0.0", "@smithy/util-utf8": "^3.0.0", "tslib": "^2.6.2" @@ -16397,12 +16828,11 @@ } }, "node_modules/@smithy/invalid-dependency": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/@smithy/invalid-dependency/-/invalid-dependency-3.0.4.tgz", - "integrity": "sha512-MJBUrojC4SEXi9aJcnNOE3oNAuYNphgCGFXscaCj2TA/59BTcXhzHACP8jnnEU3n4yir/NSLKzxqez0T4x4tjA==", - "license": "Apache-2.0", + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@smithy/invalid-dependency/-/invalid-dependency-3.0.7.tgz", + "integrity": "sha512-Bq00GsAhHeYSuZX8Kpu4sbI9agH2BNYnqUmmbTGWOhki9NVsWn2jFr896vvoTMH8KAjNX/ErC/8t5QHuEXG+IA==", "dependencies": { - "@smithy/types": "^3.4.0", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" } }, @@ -16430,13 +16860,12 @@ } }, "node_modules/@smithy/middleware-content-length": { - "version": "3.0.6", - "resolved": "https://registry.npmjs.org/@smithy/middleware-content-length/-/middleware-content-length-3.0.6.tgz", - "integrity": "sha512-AFyHCfe8rumkJkz+hCOVJmBagNBj05KypyDwDElA4TgMSA4eYDZRjVePFZuyABrJZFDc7uVj3dpFIDCEhf59SA==", - "license": "Apache-2.0", + "version": "3.0.9", + "resolved": "https://registry.npmjs.org/@smithy/middleware-content-length/-/middleware-content-length-3.0.9.tgz", + "integrity": "sha512-t97PidoGElF9hTtLCrof32wfWMqC5g2SEJNxaVH3NjlatuNGsdxXRYO/t+RPnxA15RpYiS0f+zG7FuE2DeGgjA==", "dependencies": { - "@smithy/protocol-http": "^4.1.1", - "@smithy/types": "^3.4.0", + "@smithy/protocol-http": "^4.1.4", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16444,17 +16873,16 @@ } }, "node_modules/@smithy/middleware-endpoint": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/@smithy/middleware-endpoint/-/middleware-endpoint-3.1.1.tgz", - "integrity": "sha512-Irv+soW8NKluAtFSEsF8O3iGyLxa5oOevJb/e1yNacV9H7JP/yHyJuKST5YY2ORS1+W34VR8EuUrOF+K29Pl4g==", - "license": "Apache-2.0", + "version": "3.1.4", + "resolved": "https://registry.npmjs.org/@smithy/middleware-endpoint/-/middleware-endpoint-3.1.4.tgz", + "integrity": "sha512-/ChcVHekAyzUbyPRI8CzPPLj6y8QRAfJngWcLMgsWxKVzw/RzBV69mSOzJYDD3pRwushA1+5tHtPF8fjmzBnrQ==", "dependencies": { - "@smithy/middleware-serde": "^3.0.4", - "@smithy/node-config-provider": "^3.1.5", - "@smithy/shared-ini-file-loader": "^3.1.5", - "@smithy/types": "^3.4.0", - "@smithy/url-parser": "^3.0.4", - "@smithy/util-middleware": "^3.0.4", + "@smithy/middleware-serde": "^3.0.7", + "@smithy/node-config-provider": "^3.1.8", + "@smithy/shared-ini-file-loader": "^3.1.8", + "@smithy/types": "^3.5.0", + "@smithy/url-parser": "^3.0.7", + "@smithy/util-middleware": "^3.0.7", "tslib": "^2.6.2" }, "engines": { @@ -16462,14 +16890,13 @@ } }, "node_modules/@smithy/middleware-endpoint/node_modules/@smithy/node-config-provider": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", - "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", - "license": "Apache-2.0", + "version": "3.1.8", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.8.tgz", + "integrity": "sha512-E0rU0DglpeJn5ge64mk8wTGEXcQwmpUTY5Zr7IzTpDLmHKiIamINERNZYrPQjg58Ck236sEKSwRSHA4CwshU6Q==", "dependencies": { - "@smithy/property-provider": "^3.1.4", - "@smithy/shared-ini-file-loader": "^3.1.5", - "@smithy/types": "^3.4.0", + "@smithy/property-provider": "^3.1.7", + "@smithy/shared-ini-file-loader": "^3.1.8", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16477,12 +16904,11 @@ } }, "node_modules/@smithy/middleware-endpoint/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", - "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", - "license": "Apache-2.0", + "version": "3.1.8", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.8.tgz", + "integrity": "sha512-0NHdQiSkeGl0ICQKcJQ2lCOKH23Nb0EaAa7RDRId6ZqwXkw4LJyIyZ0t3iusD4bnKYDPLGy2/5e2rfUhrt0Acw==", "dependencies": { - "@smithy/types": "^3.4.0", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16490,18 +16916,17 @@ } }, "node_modules/@smithy/middleware-retry": { - "version": "3.0.16", - "resolved": "https://registry.npmjs.org/@smithy/middleware-retry/-/middleware-retry-3.0.16.tgz", - "integrity": "sha512-08kI36p1yB4CWO3Qi+UQxjzobt8iQJpnruF0K5BkbZmA/N/sJ51A1JJGJ36GgcbFyPfWw2FU48S5ZoqXt0h0jw==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/node-config-provider": "^3.1.5", - "@smithy/protocol-http": "^4.1.1", - "@smithy/service-error-classification": "^3.0.4", - "@smithy/smithy-client": "^3.3.0", - "@smithy/types": "^3.4.0", - "@smithy/util-middleware": "^3.0.4", - "@smithy/util-retry": "^3.0.4", + "version": "3.0.22", + "resolved": "https://registry.npmjs.org/@smithy/middleware-retry/-/middleware-retry-3.0.22.tgz", + "integrity": "sha512-svEN7O2Tf7BoaBkPzX/8AE2Bv7p16d9/ulFAD1Gmn5g19iMqNk1WIkMxAY7SpB9/tVtUwKx0NaIsBRl88gumZA==", + "dependencies": { + "@smithy/node-config-provider": "^3.1.8", + "@smithy/protocol-http": "^4.1.4", + "@smithy/service-error-classification": "^3.0.7", + "@smithy/smithy-client": "^3.3.6", + "@smithy/types": "^3.5.0", + "@smithy/util-middleware": "^3.0.7", + "@smithy/util-retry": "^3.0.7", "tslib": "^2.6.2", "uuid": "^9.0.1" }, @@ -16510,14 +16935,13 @@ } }, "node_modules/@smithy/middleware-retry/node_modules/@smithy/node-config-provider": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", - "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", - "license": "Apache-2.0", + "version": "3.1.8", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.8.tgz", + "integrity": "sha512-E0rU0DglpeJn5ge64mk8wTGEXcQwmpUTY5Zr7IzTpDLmHKiIamINERNZYrPQjg58Ck236sEKSwRSHA4CwshU6Q==", "dependencies": { - "@smithy/property-provider": "^3.1.4", - "@smithy/shared-ini-file-loader": "^3.1.5", - "@smithy/types": "^3.4.0", + "@smithy/property-provider": "^3.1.7", + "@smithy/shared-ini-file-loader": "^3.1.8", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16525,12 +16949,11 @@ } }, "node_modules/@smithy/middleware-retry/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", - "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", - "license": "Apache-2.0", + "version": "3.1.8", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.8.tgz", + "integrity": "sha512-0NHdQiSkeGl0ICQKcJQ2lCOKH23Nb0EaAa7RDRId6ZqwXkw4LJyIyZ0t3iusD4bnKYDPLGy2/5e2rfUhrt0Acw==", "dependencies": { - "@smithy/types": "^3.4.0", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16551,12 +16974,11 @@ } }, "node_modules/@smithy/middleware-serde": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/@smithy/middleware-serde/-/middleware-serde-3.0.4.tgz", - "integrity": "sha512-1lPDB2O6IJ50Ucxgn7XrvZXbbuI48HmPCcMTuSoXT1lDzuTUfIuBjgAjpD8YLVMfnrjdepi/q45556LA51Pubw==", - "license": "Apache-2.0", + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@smithy/middleware-serde/-/middleware-serde-3.0.7.tgz", + "integrity": "sha512-VytaagsQqtH2OugzVTq4qvjkLNbWehHfGcGr0JLJmlDRrNCeZoWkWsSOw1nhS/4hyUUWF/TLGGml4X/OnEep5g==", "dependencies": { - "@smithy/types": "^3.4.0", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16564,12 +16986,11 @@ } }, "node_modules/@smithy/middleware-stack": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/@smithy/middleware-stack/-/middleware-stack-3.0.4.tgz", - "integrity": "sha512-sLMRjtMCqtVcrOqaOZ10SUnlFE25BSlmLsi4bRSGFD7dgR54eqBjfqkVkPBQyrKBortfGM0+2DJoUPcGECR+nQ==", - "license": "Apache-2.0", + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@smithy/middleware-stack/-/middleware-stack-3.0.7.tgz", + "integrity": "sha512-EyTbMCdqS1DoeQsO4gI7z2Gzq1MoRFAeS8GkFYIwbedB7Lp5zlLHJdg+56tllIIG5Hnf9ZWX48YKSHlsKvugGA==", "dependencies": { - "@smithy/types": "^3.4.0", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16617,15 +17038,14 @@ } }, "node_modules/@smithy/node-http-handler": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/@smithy/node-http-handler/-/node-http-handler-3.2.0.tgz", - "integrity": "sha512-5TFqaABbiY7uJMKbqR4OARjwI/l4TRoysDJ75pLpVQyO3EcmeloKYwDGyCtgB9WJniFx3BMkmGCB9+j+QiB+Ww==", - "license": "Apache-2.0", + "version": "3.2.4", + "resolved": "https://registry.npmjs.org/@smithy/node-http-handler/-/node-http-handler-3.2.4.tgz", + "integrity": "sha512-49reY3+JgLMFNm7uTAKBWiKCA6XSvkNp9FqhVmusm2jpVnHORYFeFZ704LShtqWfjZW/nhX+7Iexyb6zQfXYIQ==", "dependencies": { - "@smithy/abort-controller": "^3.1.2", - "@smithy/protocol-http": "^4.1.1", - "@smithy/querystring-builder": "^3.0.4", - "@smithy/types": "^3.4.0", + "@smithy/abort-controller": "^3.1.5", + "@smithy/protocol-http": "^4.1.4", + "@smithy/querystring-builder": "^3.0.7", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16633,12 +17053,11 @@ } }, "node_modules/@smithy/property-provider": { - "version": "3.1.4", - "resolved": "https://registry.npmjs.org/@smithy/property-provider/-/property-provider-3.1.4.tgz", - "integrity": "sha512-BmhefQbfkSl9DeU0/e6k9N4sT5bya5etv2epvqLUz3eGyfRBhtQq60nDkc1WPp4c+KWrzK721cUc/3y0f2psPQ==", - "license": "Apache-2.0", + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/@smithy/property-provider/-/property-provider-3.1.7.tgz", + "integrity": "sha512-QfzLi1GPMisY7bAM5hOUqBdGYnY5S2JAlr201pghksrQv139f8iiiMalXtjczIP5f6owxFn3MINLNUNvUkgtPw==", "dependencies": { - "@smithy/types": "^3.4.0", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16646,12 +17065,11 @@ } }, "node_modules/@smithy/protocol-http": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/@smithy/protocol-http/-/protocol-http-4.1.1.tgz", - "integrity": "sha512-Fm5+8LkeIus83Y8jTL1XHsBGP8sPvE1rEVyKf/87kbOPTbzEDMcgOlzcmYXat2h+nC3wwPtRy8hFqtJS71+Wow==", - "license": "Apache-2.0", + "version": "4.1.4", + "resolved": "https://registry.npmjs.org/@smithy/protocol-http/-/protocol-http-4.1.4.tgz", + "integrity": "sha512-MlWK8eqj0JlpZBnWmjQLqmFp71Ug00P+m72/1xQB3YByXD4zZ+y9N4hYrR0EDmrUCZIkyATWHOXFgtavwGDTzQ==", "dependencies": { - "@smithy/types": "^3.4.0", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16659,12 +17077,11 @@ } }, "node_modules/@smithy/querystring-builder": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/@smithy/querystring-builder/-/querystring-builder-3.0.4.tgz", - "integrity": "sha512-NEoPAsZPdpfVbF98qm8i5k1XMaRKeEnO47CaL5ja6Y1Z2DgJdwIJuJkTJypKm/IKfp8gc0uimIFLwhml8+/pAw==", - "license": "Apache-2.0", + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@smithy/querystring-builder/-/querystring-builder-3.0.7.tgz", + "integrity": "sha512-65RXGZZ20rzqqxTsChdqSpbhA6tdt5IFNgG6o7e1lnPVLCe6TNWQq4rTl4N87hTDD8mV4IxJJnvyE7brbnRkQw==", "dependencies": { - "@smithy/types": "^3.4.0", + "@smithy/types": "^3.5.0", "@smithy/util-uri-escape": "^3.0.0", "tslib": "^2.6.2" }, @@ -16673,12 +17090,11 @@ } }, "node_modules/@smithy/querystring-parser": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/@smithy/querystring-parser/-/querystring-parser-3.0.4.tgz", - "integrity": "sha512-7CHPXffFcakFzhO0OZs/rn6fXlTHrSDdLhIT6/JIk1u2bvwguTL3fMCc1+CfcbXA7TOhjWXu3TcB1EGMqJQwHg==", - "license": "Apache-2.0", + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@smithy/querystring-parser/-/querystring-parser-3.0.7.tgz", + "integrity": "sha512-Fouw4KJVWqqUVIu1gZW8BH2HakwLz6dvdrAhXeXfeymOBrZw+hcqaWs+cS1AZPVp4nlbeIujYrKA921ZW2WMPA==", "dependencies": { - "@smithy/types": "^3.4.0", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16686,12 +17102,11 @@ } }, "node_modules/@smithy/service-error-classification": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/@smithy/service-error-classification/-/service-error-classification-3.0.4.tgz", - "integrity": "sha512-KciDHHKFVTb9A1KlJHBt2F26PBaDtoE23uTZy5qRvPzHPqrooXFi6fmx98lJb3Jl38PuUTqIuCUmmY3pacuMBQ==", - "license": "Apache-2.0", + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@smithy/service-error-classification/-/service-error-classification-3.0.7.tgz", + "integrity": "sha512-91PRkTfiBf9hxkIchhRKJfl1rsplRDyBnmyFca3y0Z3x/q0JJN480S83LBd8R6sBCkm2bBbqw2FHp0Mbh+ecSA==", "dependencies": { - "@smithy/types": "^3.4.0" + "@smithy/types": "^3.5.0" }, "engines": { "node": ">=16.0.0" @@ -16723,16 +17138,15 @@ } }, "node_modules/@smithy/signature-v4": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/@smithy/signature-v4/-/signature-v4-4.1.1.tgz", - "integrity": "sha512-SH9J9be81TMBNGCmjhrgMWu4YSpQ3uP1L06u/K9SDrE2YibUix1qxedPCxEQu02At0P0SrYDjvz+y91vLG0KRQ==", - "license": "Apache-2.0", + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/@smithy/signature-v4/-/signature-v4-4.2.0.tgz", + "integrity": "sha512-LafbclHNKnsorMgUkKm7Tk7oJ7xizsZ1VwqhGKqoCIrXh4fqDDp73fK99HOEEgcsQbtemmeY/BPv0vTVYYUNEQ==", "dependencies": { "@smithy/is-array-buffer": "^3.0.0", - "@smithy/protocol-http": "^4.1.1", - "@smithy/types": "^3.4.0", + "@smithy/protocol-http": "^4.1.4", + "@smithy/types": "^3.5.0", "@smithy/util-hex-encoding": "^3.0.0", - "@smithy/util-middleware": "^3.0.4", + "@smithy/util-middleware": "^3.0.7", "@smithy/util-uri-escape": "^3.0.0", "@smithy/util-utf8": "^3.0.0", "tslib": "^2.6.2" @@ -16742,16 +17156,15 @@ } }, "node_modules/@smithy/smithy-client": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/@smithy/smithy-client/-/smithy-client-3.3.0.tgz", - "integrity": "sha512-H32nVo8tIX82kB0xI2LBrIcj8jx/3/ITotNLbeG1UL0b3b440YPR/hUvqjFJiaB24pQrMjRbU8CugqH5sV0hkw==", - "license": "Apache-2.0", + "version": "3.3.6", + "resolved": "https://registry.npmjs.org/@smithy/smithy-client/-/smithy-client-3.3.6.tgz", + "integrity": "sha512-qdH+mvDHgq1ss6mocyIl2/VjlWXew7pGwZQydwYJczEc22HZyX3k8yVPV9aZsbYbssHPvMDRA5rfBDrjQUbIIw==", "dependencies": { - "@smithy/middleware-endpoint": "^3.1.1", - "@smithy/middleware-stack": "^3.0.4", - "@smithy/protocol-http": "^4.1.1", - "@smithy/types": "^3.4.0", - "@smithy/util-stream": "^3.1.4", + "@smithy/middleware-endpoint": "^3.1.4", + "@smithy/middleware-stack": "^3.0.7", + "@smithy/protocol-http": "^4.1.4", + "@smithy/types": "^3.5.0", + "@smithy/util-stream": "^3.1.9", "tslib": "^2.6.2" }, "engines": { @@ -16759,10 +17172,9 @@ } }, "node_modules/@smithy/types": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/@smithy/types/-/types-3.4.0.tgz", - "integrity": "sha512-0shOWSg/pnFXPcsSU8ZbaJ4JBHZJPPzLCJxafJvbMVFo9l1w81CqpgUqjlKGNHVrVB7fhIs+WS82JDTyzaLyLA==", - "license": "Apache-2.0", + "version": "3.5.0", + "resolved": "https://registry.npmjs.org/@smithy/types/-/types-3.5.0.tgz", + "integrity": "sha512-QN0twHNfe8mNJdH9unwsCK13GURU7oEAZqkBI+rsvpv1jrmserO+WnLE7jidR9W/1dxwZ0u/CB01mV2Gms/K2Q==", "dependencies": { "tslib": "^2.6.2" }, @@ -16771,13 +17183,12 @@ } }, "node_modules/@smithy/url-parser": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/@smithy/url-parser/-/url-parser-3.0.4.tgz", - "integrity": "sha512-XdXfObA8WrloavJYtDuzoDhJAYc5rOt+FirFmKBRKaihu7QtU/METAxJgSo7uMK6hUkx0vFnqxV75urtRaLkLg==", - "license": "Apache-2.0", + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@smithy/url-parser/-/url-parser-3.0.7.tgz", + "integrity": "sha512-70UbSSR8J97c1rHZOWhl+VKiZDqHWxs/iW8ZHrHp5fCCPLSBE7GcUlUvKSle3Ca+J9LLbYCj/A79BxztBvAfpA==", "dependencies": { - "@smithy/querystring-parser": "^3.0.4", - "@smithy/types": "^3.4.0", + "@smithy/querystring-parser": "^3.0.7", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" } }, @@ -16842,14 +17253,13 @@ } }, "node_modules/@smithy/util-defaults-mode-browser": { - "version": "3.0.16", - "resolved": "https://registry.npmjs.org/@smithy/util-defaults-mode-browser/-/util-defaults-mode-browser-3.0.16.tgz", - "integrity": "sha512-Os8ddfNBe7hmc5UMWZxygIHCyAqY0aWR8Wnp/aKbti3f8Df/r0J9ttMZIxeMjsFgtVjEryB0q7SGcwBsHk8WEw==", - "license": "Apache-2.0", + "version": "3.0.22", + "resolved": "https://registry.npmjs.org/@smithy/util-defaults-mode-browser/-/util-defaults-mode-browser-3.0.22.tgz", + "integrity": "sha512-WKzUxNsOun5ETwEOrvooXeI1mZ8tjDTOcN4oruELWHhEYDgQYWwxZupURVyovcv+h5DyQT/DzK5nm4ZoR/Tw5Q==", "dependencies": { - "@smithy/property-provider": "^3.1.4", - "@smithy/smithy-client": "^3.3.0", - "@smithy/types": "^3.4.0", + "@smithy/property-provider": "^3.1.7", + "@smithy/smithy-client": "^3.3.6", + "@smithy/types": "^3.5.0", "bowser": "^2.11.0", "tslib": "^2.6.2" }, @@ -16858,32 +17268,30 @@ } }, "node_modules/@smithy/util-defaults-mode-node": { - "version": "3.0.16", - "resolved": "https://registry.npmjs.org/@smithy/util-defaults-mode-node/-/util-defaults-mode-node-3.0.16.tgz", - "integrity": "sha512-rNhFIYRtrOrrhRlj6RL8jWA6/dcwrbGYAmy8+OAHjjzQ6zdzUBB1P+3IuJAgwWN6Y5GxI+mVXlM/pOjaoIgHow==", - "license": "Apache-2.0", + "version": "3.0.22", + "resolved": "https://registry.npmjs.org/@smithy/util-defaults-mode-node/-/util-defaults-mode-node-3.0.22.tgz", + "integrity": "sha512-hUsciOmAq8fsGwqg4+pJfNRmrhfqMH4Y9UeGcgeUl88kPAoYANFATJqCND+O4nUvwp5TzsYwGpqpcBKyA8LUUg==", "dependencies": { - "@smithy/config-resolver": "^3.0.6", - "@smithy/credential-provider-imds": "^3.2.1", - "@smithy/node-config-provider": "^3.1.5", - "@smithy/property-provider": "^3.1.4", - "@smithy/smithy-client": "^3.3.0", - "@smithy/types": "^3.4.0", + "@smithy/config-resolver": "^3.0.9", + "@smithy/credential-provider-imds": "^3.2.4", + "@smithy/node-config-provider": "^3.1.8", + "@smithy/property-provider": "^3.1.7", + "@smithy/smithy-client": "^3.3.6", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { "node": ">= 10.0.0" } }, - "node_modules/@smithy/util-defaults-mode-node/node_modules/@smithy/node-config-provider": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", - "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", - "license": "Apache-2.0", + "node_modules/@smithy/util-defaults-mode-node/node_modules/@smithy/node-config-provider": { + "version": "3.1.8", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.8.tgz", + "integrity": "sha512-E0rU0DglpeJn5ge64mk8wTGEXcQwmpUTY5Zr7IzTpDLmHKiIamINERNZYrPQjg58Ck236sEKSwRSHA4CwshU6Q==", "dependencies": { - "@smithy/property-provider": "^3.1.4", - "@smithy/shared-ini-file-loader": "^3.1.5", - "@smithy/types": "^3.4.0", + "@smithy/property-provider": "^3.1.7", + "@smithy/shared-ini-file-loader": "^3.1.8", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16891,12 +17299,11 @@ } }, "node_modules/@smithy/util-defaults-mode-node/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", - "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", - "license": "Apache-2.0", + "version": "3.1.8", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.8.tgz", + "integrity": "sha512-0NHdQiSkeGl0ICQKcJQ2lCOKH23Nb0EaAa7RDRId6ZqwXkw4LJyIyZ0t3iusD4bnKYDPLGy2/5e2rfUhrt0Acw==", "dependencies": { - "@smithy/types": "^3.4.0", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16904,13 +17311,12 @@ } }, "node_modules/@smithy/util-endpoints": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@smithy/util-endpoints/-/util-endpoints-2.1.0.tgz", - "integrity": "sha512-ilS7/0jcbS2ELdg0fM/4GVvOiuk8/U3bIFXUW25xE1Vh1Ol4DP6vVHQKqM40rCMizCLmJ9UxK+NeJrKlhI3HVA==", - "license": "Apache-2.0", + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/@smithy/util-endpoints/-/util-endpoints-2.1.3.tgz", + "integrity": "sha512-34eACeKov6jZdHqS5hxBMJ4KyWKztTMulhuQ2UdOoP6vVxMLrOKUqIXAwJe/wiWMhXhydLW664B02CNpQBQ4Aw==", "dependencies": { - "@smithy/node-config-provider": "^3.1.5", - "@smithy/types": "^3.4.0", + "@smithy/node-config-provider": "^3.1.8", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16918,14 +17324,13 @@ } }, "node_modules/@smithy/util-endpoints/node_modules/@smithy/node-config-provider": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", - "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", - "license": "Apache-2.0", + "version": "3.1.8", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.8.tgz", + "integrity": "sha512-E0rU0DglpeJn5ge64mk8wTGEXcQwmpUTY5Zr7IzTpDLmHKiIamINERNZYrPQjg58Ck236sEKSwRSHA4CwshU6Q==", "dependencies": { - "@smithy/property-provider": "^3.1.4", - "@smithy/shared-ini-file-loader": "^3.1.5", - "@smithy/types": "^3.4.0", + "@smithy/property-provider": "^3.1.7", + "@smithy/shared-ini-file-loader": "^3.1.8", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16933,12 +17338,11 @@ } }, "node_modules/@smithy/util-endpoints/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", - "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", - "license": "Apache-2.0", + "version": "3.1.8", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.8.tgz", + "integrity": "sha512-0NHdQiSkeGl0ICQKcJQ2lCOKH23Nb0EaAa7RDRId6ZqwXkw4LJyIyZ0t3iusD4bnKYDPLGy2/5e2rfUhrt0Acw==", "dependencies": { - "@smithy/types": "^3.4.0", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16958,12 +17362,11 @@ } }, "node_modules/@smithy/util-middleware": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/@smithy/util-middleware/-/util-middleware-3.0.4.tgz", - "integrity": "sha512-uSXHTBhstb1c4nHdmQEdkNMv9LiRNaJ/lWV2U/GO+5F236YFpdPw+hyWI9Zc0Rp9XKzwD9kVZvhZmEgp0UCVnA==", - "license": "Apache-2.0", + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@smithy/util-middleware/-/util-middleware-3.0.7.tgz", + "integrity": "sha512-OVA6fv/3o7TMJTpTgOi1H5OTwnuUa8hzRzhSFDtZyNxi6OZ70L/FHattSmhE212I7b6WSOJAAmbYnvcjTHOJCA==", "dependencies": { - "@smithy/types": "^3.4.0", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16971,13 +17374,12 @@ } }, "node_modules/@smithy/util-retry": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/@smithy/util-retry/-/util-retry-3.0.4.tgz", - "integrity": "sha512-JJr6g0tO1qO2tCQyK+n3J18r34ZpvatlFN5ULcLranFIBZPxqoivb77EPyNTVwTGMEvvq2qMnyjm4jMIxjdLFg==", - "license": "Apache-2.0", + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/@smithy/util-retry/-/util-retry-3.0.7.tgz", + "integrity": "sha512-nh1ZO1vTeo2YX1plFPSe/OXaHkLAHza5jpokNiiKX2M5YpNUv6RxGJZhpfmiR4jSvVHCjIDmILjrxKmP+/Ghug==", "dependencies": { - "@smithy/service-error-classification": "^3.0.4", - "@smithy/types": "^3.4.0", + "@smithy/service-error-classification": "^3.0.7", + "@smithy/types": "^3.5.0", "tslib": "^2.6.2" }, "engines": { @@ -16985,14 +17387,13 @@ } }, "node_modules/@smithy/util-stream": { - "version": "3.1.4", - "resolved": "https://registry.npmjs.org/@smithy/util-stream/-/util-stream-3.1.4.tgz", - "integrity": "sha512-txU3EIDLhrBZdGfon6E9V6sZz/irYnKFMblz4TLVjyq8hObNHNS2n9a2t7GIrl7d85zgEPhwLE0gANpZsvpsKg==", - "license": "Apache-2.0", + "version": "3.1.9", + "resolved": "https://registry.npmjs.org/@smithy/util-stream/-/util-stream-3.1.9.tgz", + "integrity": "sha512-7YAR0Ub3MwTMjDfjnup4qa6W8gygZMxikBhFMPESi6ASsl/rZJhwLpF/0k9TuezScCojsM0FryGdz4LZtjKPPQ==", "dependencies": { - "@smithy/fetch-http-handler": "^3.2.5", - "@smithy/node-http-handler": "^3.2.0", - "@smithy/types": "^3.4.0", + "@smithy/fetch-http-handler": "^3.2.9", + "@smithy/node-http-handler": "^3.2.4", + "@smithy/types": "^3.5.0", "@smithy/util-base64": "^3.0.0", "@smithy/util-buffer-from": "^3.0.0", "@smithy/util-hex-encoding": "^3.0.0", @@ -31721,14 +32122,543 @@ "@aws-amplify/backend-output-schemas": "^1.1.0", "@aws-amplify/backend-output-storage": "^1.1.2", "@aws-amplify/plugin-types": "^1.2.2", + "@aws-sdk/client-cognito-identity": "^3.662.0", + "@aws-sdk/client-cognito-identity-provider": "^3.662.0", "@types/aws-lambda": "^8.10.119", "aws-lambda": "^1.0.7" }, + "devDependencies": { + "@aws-sdk/types": "^3.662.0" + }, "peerDependencies": { "aws-cdk-lib": "^2.152.0", "constructs": "^10.0.0" } }, + "packages/reference-auth-construct/node_modules/@aws-sdk/client-cognito-identity": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-cognito-identity/-/client-cognito-identity-3.662.0.tgz", + "integrity": "sha512-ZHftalHETCtrEn0Nf6LFCjSbJFBAs/LawNR4N/evSmK4e+YjqbYUw/rzKISKHr6gdFEWYnYDcl2iLR5yX2b3yg==", + "dependencies": { + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/client-sso-oidc": "3.662.0", + "@aws-sdk/client-sts": "3.662.0", + "@aws-sdk/core": "3.662.0", + "@aws-sdk/credential-provider-node": "3.662.0", + "@aws-sdk/middleware-host-header": "3.662.0", + "@aws-sdk/middleware-logger": "3.662.0", + "@aws-sdk/middleware-recursion-detection": "3.662.0", + "@aws-sdk/middleware-user-agent": "3.662.0", + "@aws-sdk/region-config-resolver": "3.662.0", + "@aws-sdk/types": "3.662.0", + "@aws-sdk/util-endpoints": "3.662.0", + "@aws-sdk/util-user-agent-browser": "3.662.0", + "@aws-sdk/util-user-agent-node": "3.662.0", + "@smithy/config-resolver": "^3.0.9", + "@smithy/core": "^2.4.7", + "@smithy/fetch-http-handler": "^3.2.9", + "@smithy/hash-node": "^3.0.7", + "@smithy/invalid-dependency": "^3.0.7", + "@smithy/middleware-content-length": "^3.0.9", + "@smithy/middleware-endpoint": "^3.1.4", + "@smithy/middleware-retry": "^3.0.22", + "@smithy/middleware-serde": "^3.0.7", + "@smithy/middleware-stack": "^3.0.7", + "@smithy/node-config-provider": "^3.1.8", + "@smithy/node-http-handler": "^3.2.4", + "@smithy/protocol-http": "^4.1.4", + "@smithy/smithy-client": "^3.3.6", + "@smithy/types": "^3.5.0", + "@smithy/url-parser": "^3.0.7", + "@smithy/util-base64": "^3.0.0", + "@smithy/util-body-length-browser": "^3.0.0", + "@smithy/util-body-length-node": "^3.0.0", + "@smithy/util-defaults-mode-browser": "^3.0.22", + "@smithy/util-defaults-mode-node": "^3.0.22", + "@smithy/util-endpoints": "^2.1.3", + "@smithy/util-middleware": "^3.0.7", + "@smithy/util-retry": "^3.0.7", + "@smithy/util-utf8": "^3.0.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/client-sso": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.662.0.tgz", + "integrity": "sha512-4j3+eNSnNblcIYCJrsRRdyXFjAWGpGa7s7pdIyDMLwtYA7AKNlnlyQV14jtezhMrN2j6qZ7zZmnwEyFGipgfWA==", + "dependencies": { + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/core": "3.662.0", + "@aws-sdk/middleware-host-header": "3.662.0", + "@aws-sdk/middleware-logger": "3.662.0", + "@aws-sdk/middleware-recursion-detection": "3.662.0", + "@aws-sdk/middleware-user-agent": "3.662.0", + "@aws-sdk/region-config-resolver": "3.662.0", + "@aws-sdk/types": "3.662.0", + "@aws-sdk/util-endpoints": "3.662.0", + "@aws-sdk/util-user-agent-browser": "3.662.0", + "@aws-sdk/util-user-agent-node": "3.662.0", + "@smithy/config-resolver": "^3.0.9", + "@smithy/core": "^2.4.7", + "@smithy/fetch-http-handler": "^3.2.9", + "@smithy/hash-node": "^3.0.7", + "@smithy/invalid-dependency": "^3.0.7", + "@smithy/middleware-content-length": "^3.0.9", + "@smithy/middleware-endpoint": "^3.1.4", + "@smithy/middleware-retry": "^3.0.22", + "@smithy/middleware-serde": "^3.0.7", + "@smithy/middleware-stack": "^3.0.7", + "@smithy/node-config-provider": "^3.1.8", + "@smithy/node-http-handler": "^3.2.4", + "@smithy/protocol-http": "^4.1.4", + "@smithy/smithy-client": "^3.3.6", + "@smithy/types": "^3.5.0", + "@smithy/url-parser": "^3.0.7", + "@smithy/util-base64": "^3.0.0", + "@smithy/util-body-length-browser": "^3.0.0", + "@smithy/util-body-length-node": "^3.0.0", + "@smithy/util-defaults-mode-browser": "^3.0.22", + "@smithy/util-defaults-mode-node": "^3.0.22", + "@smithy/util-endpoints": "^2.1.3", + "@smithy/util-middleware": "^3.0.7", + "@smithy/util-retry": "^3.0.7", + "@smithy/util-utf8": "^3.0.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/client-sso-oidc": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.662.0.tgz", + "integrity": "sha512-YZrH0sftdmjvEIY8u0LCrfEhyaMVpN0+K0K9WsUrFRMZ7DK6nB9YD1f5EaKUN5UjNw5S7gbjSdI8neSCoELjhw==", + "dependencies": { + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/core": "3.662.0", + "@aws-sdk/credential-provider-node": "3.662.0", + "@aws-sdk/middleware-host-header": "3.662.0", + "@aws-sdk/middleware-logger": "3.662.0", + "@aws-sdk/middleware-recursion-detection": "3.662.0", + "@aws-sdk/middleware-user-agent": "3.662.0", + "@aws-sdk/region-config-resolver": "3.662.0", + "@aws-sdk/types": "3.662.0", + "@aws-sdk/util-endpoints": "3.662.0", + "@aws-sdk/util-user-agent-browser": "3.662.0", + "@aws-sdk/util-user-agent-node": "3.662.0", + "@smithy/config-resolver": "^3.0.9", + "@smithy/core": "^2.4.7", + "@smithy/fetch-http-handler": "^3.2.9", + "@smithy/hash-node": "^3.0.7", + "@smithy/invalid-dependency": "^3.0.7", + "@smithy/middleware-content-length": "^3.0.9", + "@smithy/middleware-endpoint": "^3.1.4", + "@smithy/middleware-retry": "^3.0.22", + "@smithy/middleware-serde": "^3.0.7", + "@smithy/middleware-stack": "^3.0.7", + "@smithy/node-config-provider": "^3.1.8", + "@smithy/node-http-handler": "^3.2.4", + "@smithy/protocol-http": "^4.1.4", + "@smithy/smithy-client": "^3.3.6", + "@smithy/types": "^3.5.0", + "@smithy/url-parser": "^3.0.7", + "@smithy/util-base64": "^3.0.0", + "@smithy/util-body-length-browser": "^3.0.0", + "@smithy/util-body-length-node": "^3.0.0", + "@smithy/util-defaults-mode-browser": "^3.0.22", + "@smithy/util-defaults-mode-node": "^3.0.22", + "@smithy/util-endpoints": "^2.1.3", + "@smithy/util-middleware": "^3.0.7", + "@smithy/util-retry": "^3.0.7", + "@smithy/util-utf8": "^3.0.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + }, + "peerDependencies": { + "@aws-sdk/client-sts": "^3.662.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/client-sts": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.662.0.tgz", + "integrity": "sha512-RjiXvfW3a36ybHuzYuZ6ZgddYiENiXLDGC3tlZMsKWuoVQNeoh2grx1wxUA6e4ajAIqJLXs5dAYTSXzGaAqHTA==", + "dependencies": { + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/client-sso-oidc": "3.662.0", + "@aws-sdk/core": "3.662.0", + "@aws-sdk/credential-provider-node": "3.662.0", + "@aws-sdk/middleware-host-header": "3.662.0", + "@aws-sdk/middleware-logger": "3.662.0", + "@aws-sdk/middleware-recursion-detection": "3.662.0", + "@aws-sdk/middleware-user-agent": "3.662.0", + "@aws-sdk/region-config-resolver": "3.662.0", + "@aws-sdk/types": "3.662.0", + "@aws-sdk/util-endpoints": "3.662.0", + "@aws-sdk/util-user-agent-browser": "3.662.0", + "@aws-sdk/util-user-agent-node": "3.662.0", + "@smithy/config-resolver": "^3.0.9", + "@smithy/core": "^2.4.7", + "@smithy/fetch-http-handler": "^3.2.9", + "@smithy/hash-node": "^3.0.7", + "@smithy/invalid-dependency": "^3.0.7", + "@smithy/middleware-content-length": "^3.0.9", + "@smithy/middleware-endpoint": "^3.1.4", + "@smithy/middleware-retry": "^3.0.22", + "@smithy/middleware-serde": "^3.0.7", + "@smithy/middleware-stack": "^3.0.7", + "@smithy/node-config-provider": "^3.1.8", + "@smithy/node-http-handler": "^3.2.4", + "@smithy/protocol-http": "^4.1.4", + "@smithy/smithy-client": "^3.3.6", + "@smithy/types": "^3.5.0", + "@smithy/url-parser": "^3.0.7", + "@smithy/util-base64": "^3.0.0", + "@smithy/util-body-length-browser": "^3.0.0", + "@smithy/util-body-length-node": "^3.0.0", + "@smithy/util-defaults-mode-browser": "^3.0.22", + "@smithy/util-defaults-mode-node": "^3.0.22", + "@smithy/util-endpoints": "^2.1.3", + "@smithy/util-middleware": "^3.0.7", + "@smithy/util-retry": "^3.0.7", + "@smithy/util-utf8": "^3.0.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/core": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.662.0.tgz", + "integrity": "sha512-w64Fa4dsgM8vN7Z+QPR3n+aAl5GXThQRH8deT/iF1rLrzfq7V8xxACJ/CLVaxrZMZUPUUgG7DUAo95nXFWmGjA==", + "dependencies": { + "@smithy/core": "^2.4.7", + "@smithy/node-config-provider": "^3.1.8", + "@smithy/property-provider": "^3.1.7", + "@smithy/protocol-http": "^4.1.4", + "@smithy/signature-v4": "^4.2.0", + "@smithy/smithy-client": "^3.3.6", + "@smithy/types": "^3.5.0", + "@smithy/util-middleware": "^3.0.7", + "fast-xml-parser": "4.4.1", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/credential-provider-env": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.662.0.tgz", + "integrity": "sha512-Dgwb0c/FH4xT5QZZFdLTFmCkdG3woXIAgLx5HCoH9Ty5G7T8keHOU9Jm4Vpe2ZJXL7JJHlLakGS65+bgXTuLSQ==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/property-provider": "^3.1.7", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/credential-provider-http": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.662.0.tgz", + "integrity": "sha512-Wnle/uJI4Ku9ABJHof9sio28VlaSbF3jVQKTSVCJftvbKELlFOlY5aXSjtu0wwcJqDS5r78N5KM7aARUJES+DA==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/fetch-http-handler": "^3.2.9", + "@smithy/node-http-handler": "^3.2.4", + "@smithy/property-provider": "^3.1.7", + "@smithy/protocol-http": "^4.1.4", + "@smithy/smithy-client": "^3.3.6", + "@smithy/types": "^3.5.0", + "@smithy/util-stream": "^3.1.9", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/credential-provider-ini": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.662.0.tgz", + "integrity": "sha512-jk+A5B0NRYG4KrjJ8ef1+r9bFjhpwUm/A9grJmp3JOwcHKXvI2Gy9BXNqfqqVgrK0Gns+WyhJZy6rsRaC+v1oQ==", + "dependencies": { + "@aws-sdk/credential-provider-env": "3.662.0", + "@aws-sdk/credential-provider-http": "3.662.0", + "@aws-sdk/credential-provider-process": "3.662.0", + "@aws-sdk/credential-provider-sso": "3.662.0", + "@aws-sdk/credential-provider-web-identity": "3.662.0", + "@aws-sdk/types": "3.662.0", + "@smithy/credential-provider-imds": "^3.2.4", + "@smithy/property-provider": "^3.1.7", + "@smithy/shared-ini-file-loader": "^3.1.8", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + }, + "peerDependencies": { + "@aws-sdk/client-sts": "^3.662.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/credential-provider-node": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.662.0.tgz", + "integrity": "sha512-2O9wjxdLcU1b+bWVkp3YYbPHo15SU3pW4KfWTca5bB/C01i1eqiHnwsOFz/WKPYYKNj0FhXtJJjeDQLtNFYI8A==", + "dependencies": { + "@aws-sdk/credential-provider-env": "3.662.0", + "@aws-sdk/credential-provider-http": "3.662.0", + "@aws-sdk/credential-provider-ini": "3.662.0", + "@aws-sdk/credential-provider-process": "3.662.0", + "@aws-sdk/credential-provider-sso": "3.662.0", + "@aws-sdk/credential-provider-web-identity": "3.662.0", + "@aws-sdk/types": "3.662.0", + "@smithy/credential-provider-imds": "^3.2.4", + "@smithy/property-provider": "^3.1.7", + "@smithy/shared-ini-file-loader": "^3.1.8", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/credential-provider-process": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.662.0.tgz", + "integrity": "sha512-1QUdtr/JiuvRjVgA8enpgCwjq7Eud8eVUT0i/vpWuFp5TV2FFq/8BD3GBkesTdy4Ylms6QVGf7J6INdfUWQEmw==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/property-provider": "^3.1.7", + "@smithy/shared-ini-file-loader": "^3.1.8", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/credential-provider-sso": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.662.0.tgz", + "integrity": "sha512-zxze6pDPgwBwl7S3h4JDALCCz93pTAfulbCY8FqMEd7GvnAiofHpL9svyt4+gytXwwUSsQ6KxCMVLbi+8k8YIg==", + "dependencies": { + "@aws-sdk/client-sso": "3.662.0", + "@aws-sdk/token-providers": "3.662.0", + "@aws-sdk/types": "3.662.0", + "@smithy/property-provider": "^3.1.7", + "@smithy/shared-ini-file-loader": "^3.1.8", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/credential-provider-web-identity": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.662.0.tgz", + "integrity": "sha512-GhPwxmHSFtwCckuT+34JG+U99qKfDWVYPLJOPI6b35+aLhfVqW5CHPmVjtM4WZqbxzsA0a3KAYA/U1ZaluI4SA==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/property-provider": "^3.1.7", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + }, + "peerDependencies": { + "@aws-sdk/client-sts": "^3.662.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/middleware-host-header": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.662.0.tgz", + "integrity": "sha512-Gkb0J1LTvD8LOS8uwoRI5weFXvvJwP1jfnYwzQrFgLymRFHJm5JtORQZtmw34dtdou+IBTUsH1mgI8b3QVVH3w==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/protocol-http": "^4.1.4", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/middleware-logger": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-logger/-/middleware-logger-3.662.0.tgz", + "integrity": "sha512-aSpwVHtfMlqzpmnmmUgRNCaIcxXdRrGqGWG+VWXuYR1F6jJARDDCxGkSuKiPEOLX0h0BroUo4gqbM8ILXQ8rVw==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/middleware-recursion-detection": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.662.0.tgz", + "integrity": "sha512-V/MYE+LOFIQDLnpWMHLxnKu+ELhD3pLOrWXVhKpVit6YcHxaOz6nvB40CPamSPDXenA11FGXKAGNHZ0loTpDQg==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/protocol-http": "^4.1.4", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/middleware-user-agent": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.662.0.tgz", + "integrity": "sha512-NT940BLSSys/A8W3zO3g2Kj+zpeydqGbSQgN6qz84jTskQjnrlamoq+Zl9Rrp8Cn8sC10UQ09kGg97lvjVOlmg==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@aws-sdk/util-endpoints": "3.662.0", + "@smithy/protocol-http": "^4.1.4", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/region-config-resolver": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.662.0.tgz", + "integrity": "sha512-MDiWl4wZSVnnTELLb+jFSe0nj9HwxJPX2JnghXKkOXmbKEiE2/21DCQwU9mr9VUq2ZOQqaSnMFPr94iRu0AVTQ==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/node-config-provider": "^3.1.8", + "@smithy/types": "^3.5.0", + "@smithy/util-config-provider": "^3.0.0", + "@smithy/util-middleware": "^3.0.7", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/token-providers": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.662.0.tgz", + "integrity": "sha512-OqtBPutNC9Am10P1W5IwqRvzCVQAHRxWxZnfDBh1FQjNmoboGWYSriKxbrCRYLFffusNuzo8KnOFOmg1sRlhJQ==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/property-provider": "^3.1.7", + "@smithy/shared-ini-file-loader": "^3.1.8", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + }, + "peerDependencies": { + "@aws-sdk/client-sso-oidc": "^3.662.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/types": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.662.0.tgz", + "integrity": "sha512-Ff9/KRmIm8iEzodxzISLj4/pB/0hX2nVw1RFeOBC65OuM6nHrAdWHHog/CVx25hS5JPU0uE3h6NlWRaBJ7AV5w==", + "dependencies": { + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/util-endpoints": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.662.0.tgz", + "integrity": "sha512-RQ/78yNUxZZZULFg7VxT7oObGOR/FBc0ojiFoCAKC20ycY8VvVX5Eof4gyxoVpwOP7EoZO3UlWSIqtaEV/X70w==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/types": "^3.5.0", + "@smithy/util-endpoints": "^2.1.3", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/util-user-agent-browser": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.662.0.tgz", + "integrity": "sha512-5wQd+HbNTY1r1Gndxf93dAEFtKz1DqcalI4Ym40To+RIonSsYQNRomFoizYNgJ1P+Mkfsr4P1dy/MNTlkqTZuQ==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/types": "^3.5.0", + "bowser": "^2.11.0", + "tslib": "^2.6.2" + } + }, + "packages/reference-auth-construct/node_modules/@aws-sdk/util-user-agent-node": { + "version": "3.662.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.662.0.tgz", + "integrity": "sha512-vBRbZ9Hr1OGmdJPWj36X0fR8/VdI2JiwK6+oJRa6qfJ6AnhqCYZbCyeA6JIDeEu3M9iu1OLjenU8NdXhTz8c2w==", + "dependencies": { + "@aws-sdk/types": "3.662.0", + "@smithy/node-config-provider": "^3.1.8", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + }, + "peerDependencies": { + "aws-crt": ">=1.0.0" + }, + "peerDependenciesMeta": { + "aws-crt": { + "optional": true + } + } + }, + "packages/reference-auth-construct/node_modules/@smithy/node-config-provider": { + "version": "3.1.8", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.8.tgz", + "integrity": "sha512-E0rU0DglpeJn5ge64mk8wTGEXcQwmpUTY5Zr7IzTpDLmHKiIamINERNZYrPQjg58Ck236sEKSwRSHA4CwshU6Q==", + "dependencies": { + "@smithy/property-provider": "^3.1.7", + "@smithy/shared-ini-file-loader": "^3.1.8", + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "packages/reference-auth-construct/node_modules/@smithy/shared-ini-file-loader": { + "version": "3.1.8", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.8.tgz", + "integrity": "sha512-0NHdQiSkeGl0ICQKcJQ2lCOKH23Nb0EaAa7RDRId6ZqwXkw4LJyIyZ0t3iusD4bnKYDPLGy2/5e2rfUhrt0Acw==", + "dependencies": { + "@smithy/types": "^3.5.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, "packages/sandbox": { "name": "@aws-amplify/sandbox", "version": "1.2.2", diff --git a/packages/reference-auth-construct/package.json b/packages/reference-auth-construct/package.json index d3884259dc..3e32741531 100644 --- a/packages/reference-auth-construct/package.json +++ b/packages/reference-auth-construct/package.json @@ -22,11 +22,16 @@ "@aws-amplify/backend-output-schemas": "^1.1.0", "@aws-amplify/backend-output-storage": "^1.1.2", "@aws-amplify/plugin-types": "^1.2.2", + "@aws-sdk/client-cognito-identity-provider": "^3.662.0", + "@aws-sdk/client-cognito-identity": "^3.662.0", "@types/aws-lambda": "^8.10.119", "aws-lambda": "^1.0.7" }, "peerDependencies": { "aws-cdk-lib": "^2.152.0", "constructs": "^10.0.0" + }, + "devDependencies": { + "@aws-sdk/types": "^3.662.0" } } diff --git a/packages/reference-auth-construct/src/construct.ts b/packages/reference-auth-construct/src/construct.ts index 7ee95ece72..80d441e616 100644 --- a/packages/reference-auth-construct/src/construct.ts +++ b/packages/reference-auth-construct/src/construct.ts @@ -23,6 +23,7 @@ import { fileURLToPath } from 'url'; import { Runtime } from 'aws-cdk-lib/aws-lambda'; import { Provider } from 'aws-cdk-lib/custom-resources'; import { Role } from 'aws-cdk-lib/aws-iam'; +import { ReferenceAuthInitializerProps } from './lambda/reference_auth_initializer_types.js'; const REFERENCE_AUTH_CUSTOM_RESOURCE_PROVIDER_ID = 'AmplifyRefAuthConfigCustomResourceProvider'; @@ -99,6 +100,30 @@ export class AmplifyReferenceAuth handler: 'handler', } ); + // UserPool & UserPoolClient specific permissions + configurationLambda.grantPrincipal.addToPrincipalPolicy( + new aws_iam.PolicyStatement({ + effect: aws_iam.Effect.ALLOW, + actions: [ + 'cognito-idp:DescribeUserPool', + 'cognito-idp:GetUserPoolMfaConfig', + 'cognito-idp:ListIdentityProviders', + 'cognito-idp:DescribeUserPoolClient', + ], + resources: [this.resources.userPool.userPoolArn], + }) + ); + // IdentityPool specific permissions + const stack = Stack.of(this); + configurationLambda.grantPrincipal.addToPrincipalPolicy( + new aws_iam.PolicyStatement({ + effect: aws_iam.Effect.ALLOW, + actions: ['cognito-identity:DescribeIdentityPool'], + resources: [ + `arn:aws:cognito-identity:${stack.region}:${stack.account}:identitypool/${this.resources.identityPoolId}`, + ], + }) + ); const provider = new Provider( scope, REFERENCE_AUTH_CUSTOM_RESOURCE_PROVIDER_ID, @@ -106,6 +131,11 @@ export class AmplifyReferenceAuth onEventHandler: configurationLambda, } ); + const initializerProps: ReferenceAuthInitializerProps = { + userPoolId: props.userPoolId, + identityPoolId: props.identityPoolId, + userPoolClientId: props.userPoolClientId, + }; // custom resource this.configurationCustomResource = new CustomResource( scope, @@ -113,9 +143,7 @@ export class AmplifyReferenceAuth { serviceToken: provider.serviceToken, properties: { - userPoolId: props.userPoolId, - identityPoolId: props.identityPoolId, - userPoolClientId: props.userPoolClientId, + ...initializerProps, lastUpdated: Date.now(), }, resourceType: RESOURCE_TYPE, @@ -150,6 +178,48 @@ export class AmplifyReferenceAuth this.configurationCustomResource.getAttString( 'allowUnauthenticatedIdentities' ); + output.signupAttributes = + this.configurationCustomResource.getAttString('signupAttributes'); + output.usernameAttributes = + this.configurationCustomResource.getAttString('usernameAttributes'); + output.verificationMechanisms = + this.configurationCustomResource.getAttString('verificationMechanisms'); + + output.passwordPolicyMinLength = + this.configurationCustomResource.getAttString('passwordPolicyMinLength'); + + output.passwordPolicyRequirements = + this.configurationCustomResource.getAttString( + 'passwordPolicyRequirements' + ); + + output.mfaConfiguration = + this.configurationCustomResource.getAttString('mfaConfiguration'); + + output.mfaTypes = this.configurationCustomResource.getAttString('mfaTypes'); + + output.socialProviders = + this.configurationCustomResource.getAttString('socialProviders'); + + output.oauthCognitoDomain = + this.configurationCustomResource.getAttString('oauthCognitoDomain'); + + output.oauthScope = + this.configurationCustomResource.getAttString('oauthScope'); + + output.oauthRedirectSignIn = this.configurationCustomResource.getAttString( + 'oauthRedirectSignIn' + ); + + output.oauthRedirectSignOut = this.configurationCustomResource.getAttString( + 'oauthRedirectSignOut' + ); + + output.oauthResponseType = + this.configurationCustomResource.getAttString('oauthResponseType'); + + output.oauthClientId = + this.configurationCustomResource.getAttString('oauthClientId'); outputStorageStrategy.addBackendOutputEntry(authOutputKey, { version: '1', diff --git a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts index 0cab73e943..5de913294e 100644 --- a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts +++ b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts @@ -1,25 +1,39 @@ import { CloudFormationCustomResourceEvent, + CloudFormationCustomResourceFailedResponse, CloudFormationCustomResourceSuccessResponse, } from 'aws-lambda'; +import { + CognitoIdentityProviderClient, + DescribeUserPoolClientCommand, + DescribeUserPoolCommand, + GetUserPoolMfaConfigCommand, + ListIdentityProvidersCommand, +} from '@aws-sdk/client-cognito-identity-provider'; +import { + CognitoIdentityClient, + DescribeIdentityPoolCommand, +} from '@aws-sdk/client-cognito-identity'; import { randomUUID } from 'node:crypto'; +import { ReferenceAuthInitializerProps } from './reference_auth_initializer_types.js'; +import { AuthOutput } from '@aws-amplify/backend-output-schemas'; /** * Entry point for the lambda-backend custom resource to retrieve a backend secret. */ export const handler = async ( event: CloudFormationCustomResourceEvent -): Promise => { +): Promise< + | CloudFormationCustomResourceSuccessResponse + | CloudFormationCustomResourceFailedResponse +> => { console.info(`Received '${event.RequestType}' event`); - const physicalId = event.RequestType === 'Create' ? randomUUID() : event.PhysicalResourceId; - let data: { allowUnauthenticatedIdentities: boolean } | undefined = undefined; - if (event.RequestType === 'Update' || event.RequestType === 'Create') { - // const val = await handleCreateUpdateEvent(); - data = { - allowUnauthenticatedIdentities: true, - }; + + let data; + if (!(event.RequestType === 'Update' || event.RequestType === 'Create')) { + data = await initialize(event); } return { @@ -34,12 +48,193 @@ export const handler = async ( }; /** - * Handles create/update event for the secret custom resource. + * Fetches relevant information required for auth outputs. + * @param event the CloudFormationCustomResourceEvent */ -export const handleCreateUpdateEvent = - async (): // event: CloudFormationCustomResourceEvent - Promise => { - // const props = event.ResourceProperties; +export const initialize = async (event: CloudFormationCustomResourceEvent) => { + const props = + event.ResourceProperties as unknown as ReferenceAuthInitializerProps; - return 'secret'; + const userPoolOutputs = await getUserPoolOutputs(props.userPoolId); + const identityPoolOutputs = await getIdentityPoolOutputs( + props.identityPoolId + ); + const userPoolClientOutputs = await getUserPoolClientOutputs( + props.userPoolId, + props.userPoolClientId + ); + const data: Omit = { + userPoolId: props.userPoolId, + webClientId: props.userPoolClientId, + identityPoolId: props.identityPoolId, + ...userPoolOutputs, + ...identityPoolOutputs, + ...userPoolClientOutputs, }; + return data; +}; + +/** + * Fetch UserPool information and transform it into outputs. + * @param userPoolId the ID of the userPool + * @returns formatted outputs + */ +export const getUserPoolOutputs = async (userPoolId: string) => { + const userPoolClient = new CognitoIdentityProviderClient(); + const userPoolCommand = new DescribeUserPoolCommand({ + UserPoolId: userPoolId, + }); + + const userPoolResponse = await userPoolClient.send(userPoolCommand); + const userPool = userPoolResponse.UserPool; + if (!userPool) { + return undefined; + } + const mfaCommand = new GetUserPoolMfaConfigCommand({ + UserPoolId: userPoolId, + }); + const mfaResponse = await userPoolClient.send(mfaCommand); + // TBD - what to do with userpool containing lots of providers? ie, pagination + const providersCommand = new ListIdentityProvidersCommand({ + UserPoolId: userPoolId, + MaxResults: 20, + }); + const providersResponse = await userPoolClient.send(providersCommand); + const policy = userPool.Policies?.PasswordPolicy; + if (!policy) { + return undefined; + } + // password policy requirements + const requirements: string[] = []; + policy.RequireNumbers && requirements.push('REQUIRES_NUMBERS'); + policy.RequireLowercase && requirements.push('REQUIRES_LOWERCASE'); + policy.RequireUppercase && requirements.push('REQUIRES_UPPERCASE'); + policy.RequireSymbols && requirements.push('REQUIRES_SYMBOLS'); + + // mfa types + const mfaTypes: string[] = []; + if ( + mfaResponse.SmsMfaConfiguration && + mfaResponse.SmsMfaConfiguration.SmsConfiguration + ) { + mfaTypes.push('SMS_MFA'); + } + if (mfaResponse.SoftwareTokenMfaConfiguration?.Enabled) { + mfaTypes.push('TOTP'); + } + + // social providers + const socialProviders: string[] = []; + if (providersResponse.Providers) { + for (const provider of providersResponse.Providers) { + const providerType = provider.ProviderType; + const providerName = provider.ProviderName; + if (providerType === 'Google') { + socialProviders.push('GOOGLE'); + } + if (providerType === 'Facebook') { + socialProviders.push('FACEBOOK'); + } + if (providerType === 'SignInWithApple') { + socialProviders.push('SIGN_IN_WITH_APPLE'); + } + if (providerType === 'LoginWithAmazon') { + socialProviders.push('LOGIN_WITH_AMAZON'); + } + if (providerType === 'OIDC' && providerName) { + socialProviders.push(providerName); + } + if (providerType === 'SAML' && providerName) { + socialProviders.push(providerName); + } + } + } + + // domain + const oauthDomain = userPool.CustomDomain ?? userPool.Domain ?? ''; + + const data = { + signupAttributes: JSON.stringify( + userPool.SchemaAttributes?.filter( + (attribute) => attribute.Required && attribute.Name + ).map((attribute) => attribute.Name?.toLowerCase()) || [] + ), + usernameAttributes: JSON.stringify( + userPool.UsernameAttributes?.map((attribute) => + attribute.toLowerCase() + ) || [] + ), + verificationMechanisms: JSON.stringify( + userPool.AutoVerifiedAttributes ?? [] + ), + passwordPolicyMinLength: + policy.MinimumLength === undefined ? '' : policy.MinimumLength.toString(), + passwordPolicyRequirements: JSON.stringify(requirements), + mfaConfiguration: userPool.MfaConfiguration ?? 'OFF', + mfaTypes: JSON.stringify(mfaTypes), + socialProviders: JSON.stringify(socialProviders), + oauthCognitoDomain: oauthDomain, + }; + return data; +}; + +/** + * Fetch IdentityPool information and transform it into outputs. + * @param identityPoolId the ID of the identityPool + * @returns formatted outputs + */ +export const getIdentityPoolOutputs = async (identityPoolId: string) => { + const identityPoolClient = new CognitoIdentityClient(); + + const idpCommand = new DescribeIdentityPoolCommand({ + IdentityPoolId: identityPoolId, + }); + + const idpResponse = await identityPoolClient.send(idpCommand); + idpResponse.SupportedLoginProviders; + const data = { + allowUnauthenticatedIdentities: + idpResponse.AllowUnauthenticatedIdentities === true ? 'true' : 'false', + }; + return data; +}; + +/** + * Fetch UserPoolClient information and transform it into outputs. + * @param userPoolId the ID of the userPool + * @param userPoolClientId the ID of the userPoolClient + * @returns formatted outputs + */ +export const getUserPoolClientOutputs = async ( + userPoolId: string, + userPoolClientId: string +) => { + const identityProviderClient = new CognitoIdentityProviderClient(); + + const userPoolClientCommand = new DescribeUserPoolClientCommand({ + UserPoolId: userPoolId, + ClientId: userPoolClientId, + }); + + const userPoolClientResponse = await identityProviderClient.send( + userPoolClientCommand + ); + const userPoolClient = userPoolClientResponse.UserPoolClient; + if (!userPoolClient) { + return undefined; + } + const data = { + oauthScope: JSON.stringify(userPoolClient.AllowedOAuthScopes ?? []), + oauthRedirectSignIn: JSON.stringify( + userPoolClient.CallbackURLs?.join(',') ?? [] + ), + oauthRedirectSignOut: JSON.stringify( + userPoolClient.LogoutURLs?.join(',') ?? [] + ), + oauthResponseType: JSON.stringify( + userPoolClient.AllowedOAuthFlows?.join(',') ?? [] + ), + oauthClientId: userPoolClientId, + }; + return data; +}; diff --git a/packages/reference-auth-construct/src/lambda/reference_auth_initializer_types.ts b/packages/reference-auth-construct/src/lambda/reference_auth_initializer_types.ts new file mode 100644 index 0000000000..11430f4f89 --- /dev/null +++ b/packages/reference-auth-construct/src/lambda/reference_auth_initializer_types.ts @@ -0,0 +1,5 @@ +export type ReferenceAuthInitializerProps = { + userPoolId: string; + identityPoolId: string; + userPoolClientId: string; +}; From da2b1523db520fcf5bda60b88eb210d9d3308ef7 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 2 Oct 2024 17:01:03 -0700 Subject: [PATCH 14/61] chore: add tests --- CONTRIBUTING.md | 2 + .../reference-auth-construct/package.json | 5 +- .../src/construct.test.ts | 153 +++++++++++++----- .../reference-auth-construct/src/construct.ts | 102 +++++------- .../reference-auth-construct/src/index.ts | 2 +- .../reference-auth-construct/tsconfig.json | 10 +- 6 files changed, 166 insertions(+), 108 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 424876cb2f..d76eea6cdf 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -82,6 +82,8 @@ For local testing we recommend writing unit tests that exercise the code you are npm run test:dir packages//lib/.test.ts ``` +> Note: If your test depends on \_\_dirname or import.meta.url paths, you may see errors resolving paths if you specify the entire path to the test file. You should specify just the `packages/` portion of the test you are running. + > Note: You must rebuild using `npm run build` for tests to pick up your changes. Sometimes it's nice to have a test project to use as a testing environment for local changes. You can create test projects in the `local-testing` directory using diff --git a/packages/reference-auth-construct/package.json b/packages/reference-auth-construct/package.json index 3e32741531..9fe9473c26 100644 --- a/packages/reference-auth-construct/package.json +++ b/packages/reference-auth-construct/package.json @@ -1,15 +1,14 @@ { "name": "@aws-amplify/reference-auth-construct", "version": "0.1.0", - "type": "module", + "type": "commonjs", "publishConfig": { "access": "public" }, "exports": { ".": { "types": "./lib/index.d.ts", - "import": "./lib/index.js", - "require": "./lib/index.js" + "default": "./lib/index.js" } }, "main": "lib/index.js", diff --git a/packages/reference-auth-construct/src/construct.test.ts b/packages/reference-auth-construct/src/construct.test.ts index c3be5baa2f..df4532c1e3 100644 --- a/packages/reference-auth-construct/src/construct.test.ts +++ b/packages/reference-auth-construct/src/construct.test.ts @@ -9,15 +9,30 @@ import { BackendOutputStorageStrategy, } from '@aws-amplify/plugin-types'; const refAuthProps: ReferenceAuthProps = { - authRoleArn: - 'arn:aws:cognito-idp:us-east-1:000000000000:userpool/us-east-1_IDSAMPLE1', + authRoleArn: 'arn:aws:iam::000000000000:role/amplify-sample-auth-role-name', unauthRoleArn: - // eslint-disable-next-line spellcheck/spell-checker - 'arn:aws:cognito-identity:us-east-1:000000000000:identitypool/us-east-1:00000000-abcd-efgh-ijkl-000000000000', - identityPoolId: 'identityPoolId', + 'arn:aws:iam::000000000000:role/amplify-sample-unauth-role-name', + identityPoolId: 'us-east-1:identityPoolId', userPoolClientId: 'userPoolClientId', - userPoolId: 'userPoolId', + userPoolId: 'us-east-1_userPoolId', }; +const customResourceProperties = [ + 'allowUnauthenticatedIdentities', + 'signupAttributes', + 'usernameAttributes', + 'verificationMechanisms', + 'passwordPolicyMinLength', + 'passwordPolicyRequirements', + 'mfaConfiguration', + 'mfaTypes', + 'socialProviders', + 'oauthCognitoDomain', + 'oauthScope', + 'oauthRedirectSignIn', + 'oauthRedirectSignOut', + 'oauthResponseType', + 'oauthClientId', +]; void describe('AmplifyConstruct', () => { // beforeEach(() => { @@ -26,20 +41,77 @@ void describe('AmplifyConstruct', () => { const app = new App(); const stack = new Stack(app); new AmplifyReferenceAuth(stack, 'test', refAuthProps); - // eslint-disable-next-line @typescript-eslint/no-unused-vars const template = Template.fromStack(stack); // check that custom resource is created with properties - template.hasResourceProperties( - 'Custom::AmplifyReferenceAuthConfigurationResource', - { - identityPoolId: 'identityPoolId', - userPoolId: 'userPoolId', - userPoolClientId: 'userPoolClientId', - } - ); - // check custom resource lambda provider permissions + template.hasResourceProperties('Custom::AmplifyRefAuth', { + identityPoolId: refAuthProps.identityPoolId, + userPoolId: refAuthProps.userPoolId, + userPoolClientId: refAuthProps.userPoolClientId, + }); + }); - // check custom resource lambda permissions + void it('creates policy documents for custom resource', () => { + const app = new App(); + const stack = new Stack(app); + new AmplifyReferenceAuth(stack, 'test', refAuthProps); + const template = Template.fromStack(stack); + const policyStatements = [ + { + Action: [ + 'cognito-idp:DescribeUserPool', + 'cognito-idp:GetUserPoolMfaConfig', + 'cognito-idp:ListIdentityProviders', + 'cognito-idp:DescribeUserPoolClient', + ], + Effect: 'Allow', + Resource: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':cognito-idp:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + `:userpool/${refAuthProps.userPoolId}`, + ], + ], + }, + }, + { + Action: 'cognito-identity:DescribeIdentityPool', + Effect: 'Allow', + Resource: { + 'Fn::Join': [ + '', + [ + 'arn:aws:cognito-identity:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + `:identitypool/${refAuthProps.identityPoolId}`, + ], + ], + }, + }, + ]; + template.hasResourceProperties('AWS::IAM::Policy', { + PolicyDocument: { + Statement: policyStatements, + Version: '2012-10-17', + }, + }); }); void it('generates the correct output values', () => { @@ -49,17 +121,14 @@ void describe('AmplifyConstruct', () => { const template = Template.fromStack(stack); // check that outputs reference custom resource attributes const outputs = template.findOutputs('*'); - const allowUnauthenticatedIdentitiesRef = - outputs['allowUnauthenticatedIdentities']['Value']; - assert.deepEqual( - { - 'Fn::GetAtt': [ - 'AmplifyRefAuthConfigCustomResource', - 'allowUnauthenticatedIdentities', - ], - }, - allowUnauthenticatedIdentitiesRef - ); + for (const property of customResourceProperties) { + const expectedValue = { + 'Fn::GetAtt': ['AmplifyRefAuthCustomResource', `${property}`], + }; + assert.ok(outputs[property]); + const actualValue = outputs[property]['Value']; + assert.deepEqual(actualValue, expectedValue); + } }); void describe('storeOutput strategy', () => { @@ -117,20 +186,20 @@ void describe('AmplifyConstruct', () => { 'identityPoolId', 'authRegion', 'allowUnauthenticatedIdentities', - // 'signupAttributes', - // 'usernameAttributes', - // 'verificationMechanisms', - // 'passwordPolicyMinLength', - // 'passwordPolicyRequirements', - // 'mfaConfiguration', - // 'mfaTypes', - // 'socialProviders', - // 'oauthCognitoDomain', - // 'oauthScope', - // 'oauthRedirectSignIn', - // 'oauthRedirectSignOut', - // 'oauthResponseType', - // 'oauthClientId', + 'signupAttributes', + 'usernameAttributes', + 'verificationMechanisms', + 'passwordPolicyMinLength', + 'passwordPolicyRequirements', + 'mfaConfiguration', + 'mfaTypes', + 'socialProviders', + 'oauthCognitoDomain', + 'oauthScope', + 'oauthRedirectSignIn', + 'oauthRedirectSignOut', + 'oauthResponseType', + 'oauthClientId', ], }, }, diff --git a/packages/reference-auth-construct/src/construct.ts b/packages/reference-auth-construct/src/construct.ts index 80d441e616..b116a52502 100644 --- a/packages/reference-auth-construct/src/construct.ts +++ b/packages/reference-auth-construct/src/construct.ts @@ -19,25 +19,46 @@ import { import * as path from 'path'; import { ReferenceAuthProps } from './types.js'; import { NodejsFunction } from 'aws-cdk-lib/aws-lambda-nodejs'; -import { fileURLToPath } from 'url'; import { Runtime } from 'aws-cdk-lib/aws-lambda'; import { Provider } from 'aws-cdk-lib/custom-resources'; import { Role } from 'aws-cdk-lib/aws-iam'; import { ReferenceAuthInitializerProps } from './lambda/reference_auth_initializer_types.js'; const REFERENCE_AUTH_CUSTOM_RESOURCE_PROVIDER_ID = - 'AmplifyRefAuthConfigCustomResourceProvider'; -const REFERENCE_AUTH_CUSTOM_RESOURCE_ID = 'AmplifyRefAuthConfigCustomResource'; -const RESOURCE_TYPE = 'Custom::AmplifyReferenceAuthConfigurationResource'; -const filename = fileURLToPath(import.meta.url); -const dirname = path.dirname(filename); -const resourcesRoot = path.normalize(path.join(dirname, 'lambda')); -const configurationLambdaFilePath = path.join( + 'AmplifyRefAuthCustomResourceProvider'; +const REFERENCE_AUTH_CUSTOM_RESOURCE_ID = 'AmplifyRefAuthCustomResource'; +const RESOURCE_TYPE = 'Custom::AmplifyRefAuth'; + +const resourcesRoot = path.normalize(path.join(__dirname, 'lambda')); +const refAuthLambdaFilePath = path.join( resourcesRoot, 'reference_auth_initializer.js' ); const authStackType = 'auth-Cognito'; + +/** + * These properties are fetched by the custom resource and must be accounted for + * in the final AuthOutput payload. + */ +const OUTPUT_PROPERTIES_PROVIDED_BY_CUSTOM_RESOURCE: (keyof AuthOutput['payload'])[] = + [ + 'allowUnauthenticatedIdentities', + 'signupAttributes', + 'usernameAttributes', + 'verificationMechanisms', + 'passwordPolicyMinLength', + 'passwordPolicyRequirements', + 'mfaConfiguration', + 'mfaTypes', + 'socialProviders', + 'oauthCognitoDomain', + 'oauthScope', + 'oauthRedirectSignIn', + 'oauthRedirectSignOut', + 'oauthResponseType', + 'oauthClientId', + ]; /** * Reference Auth construct for using external auth resources */ @@ -89,19 +110,19 @@ export class AmplifyReferenceAuth }); } - // custom resource provider - const configurationLambda = new NodejsFunction( + // custom resource lambda + const refAuthLambda = new NodejsFunction( scope, `${REFERENCE_AUTH_CUSTOM_RESOURCE_PROVIDER_ID}Lambda`, { runtime: Runtime.NODEJS_18_X, timeout: Duration.seconds(10), - entry: configurationLambdaFilePath, + entry: refAuthLambdaFilePath, handler: 'handler', } ); // UserPool & UserPoolClient specific permissions - configurationLambda.grantPrincipal.addToPrincipalPolicy( + refAuthLambda.grantPrincipal.addToPrincipalPolicy( new aws_iam.PolicyStatement({ effect: aws_iam.Effect.ALLOW, actions: [ @@ -115,7 +136,7 @@ export class AmplifyReferenceAuth ); // IdentityPool specific permissions const stack = Stack.of(this); - configurationLambda.grantPrincipal.addToPrincipalPolicy( + refAuthLambda.grantPrincipal.addToPrincipalPolicy( new aws_iam.PolicyStatement({ effect: aws_iam.Effect.ALLOW, actions: ['cognito-identity:DescribeIdentityPool'], @@ -128,7 +149,7 @@ export class AmplifyReferenceAuth scope, REFERENCE_AUTH_CUSTOM_RESOURCE_PROVIDER_ID, { - onEventHandler: configurationLambda, + onEventHandler: refAuthLambda, } ); const initializerProps: ReferenceAuthInitializerProps = { @@ -154,7 +175,7 @@ export class AmplifyReferenceAuth new AttributionMetadataStorage().storeAttributionMetadata( Stack.of(this), authStackType, - path.resolve(dirname, '..', 'package.json') + path.resolve(__dirname, '..', 'package.json') ); } @@ -174,52 +195,11 @@ export class AmplifyReferenceAuth authRegion: Stack.of(this).region, }; - output.allowUnauthenticatedIdentities = - this.configurationCustomResource.getAttString( - 'allowUnauthenticatedIdentities' - ); - output.signupAttributes = - this.configurationCustomResource.getAttString('signupAttributes'); - output.usernameAttributes = - this.configurationCustomResource.getAttString('usernameAttributes'); - output.verificationMechanisms = - this.configurationCustomResource.getAttString('verificationMechanisms'); - - output.passwordPolicyMinLength = - this.configurationCustomResource.getAttString('passwordPolicyMinLength'); - - output.passwordPolicyRequirements = - this.configurationCustomResource.getAttString( - 'passwordPolicyRequirements' - ); - - output.mfaConfiguration = - this.configurationCustomResource.getAttString('mfaConfiguration'); - - output.mfaTypes = this.configurationCustomResource.getAttString('mfaTypes'); - - output.socialProviders = - this.configurationCustomResource.getAttString('socialProviders'); - - output.oauthCognitoDomain = - this.configurationCustomResource.getAttString('oauthCognitoDomain'); - - output.oauthScope = - this.configurationCustomResource.getAttString('oauthScope'); - - output.oauthRedirectSignIn = this.configurationCustomResource.getAttString( - 'oauthRedirectSignIn' - ); - - output.oauthRedirectSignOut = this.configurationCustomResource.getAttString( - 'oauthRedirectSignOut' - ); - - output.oauthResponseType = - this.configurationCustomResource.getAttString('oauthResponseType'); - - output.oauthClientId = - this.configurationCustomResource.getAttString('oauthClientId'); + // assign cdk tokens which will be resolved during deployment + for (const property of OUTPUT_PROPERTIES_PROVIDED_BY_CUSTOM_RESOURCE) { + output[property] = + this.configurationCustomResource.getAttString(property); + } outputStorageStrategy.addBackendOutputEntry(authOutputKey, { version: '1', diff --git a/packages/reference-auth-construct/src/index.ts b/packages/reference-auth-construct/src/index.ts index 184db4cd6c..bf71d8c1e6 100644 --- a/packages/reference-auth-construct/src/index.ts +++ b/packages/reference-auth-construct/src/index.ts @@ -1,2 +1,2 @@ -export * from './types.js'; +export { ReferenceAuthProps } from './types.js'; export { AmplifyReferenceAuth } from './construct.js'; diff --git a/packages/reference-auth-construct/tsconfig.json b/packages/reference-auth-construct/tsconfig.json index 4b69ecc6df..9d14dcca40 100644 --- a/packages/reference-auth-construct/tsconfig.json +++ b/packages/reference-auth-construct/tsconfig.json @@ -1,6 +1,14 @@ { "extends": "../../tsconfig.base.json", - "compilerOptions": { "rootDir": "src", "outDir": "lib" }, + "compilerOptions": { + "target": "ES2018", + "module": "commonjs", + "moduleResolution": "Node", + "lib": ["ESnext"], + "rootDir": "src", + "outDir": "lib", + "allowJs": true + }, "references": [ { "path": "../backend-output-schemas" }, { "path": "../backend-output-storage" }, From 4efac9540e161c099109842940fa4ea41f715285 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 2 Oct 2024 17:07:17 -0700 Subject: [PATCH 15/61] chore: fix test --- .../backend-auth/src/reference_factory.test.ts | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/packages/backend-auth/src/reference_factory.test.ts b/packages/backend-auth/src/reference_factory.test.ts index ca8ccc0332..71633f28d2 100644 --- a/packages/backend-auth/src/reference_factory.test.ts +++ b/packages/backend-auth/src/reference_factory.test.ts @@ -30,14 +30,12 @@ import { } from './reference_factory.js'; const defaultReferenceAuthProps: AmplifyReferenceAuthProps = { - authRoleArn: - 'arn:aws:cognito-idp:us-east-1:000000000000:userpool/us-east-1_IDSAMPLE1', + authRoleArn: 'arn:aws:iam::000000000000:role/amplify-sample-auth-role-name', unauthRoleArn: - // eslint-disable-next-line spellcheck/spell-checker - 'arn:aws:cognito-identity:us-east-1:000000000000:identitypool/us-east-1:00000000-abcd-efgh-ijkl-000000000000', - identityPoolId: 'identityPoolId', + 'arn:aws:iam::000000000000:role/amplify-sample-unauth-role-name', + identityPoolId: 'us-east-1:identityPoolId', userPoolClientId: 'userPoolClientId', - userPoolId: 'userPoolId', + userPoolId: 'us-east-1_userPoolId', }; const createStackAndSetContext = (): Stack => { @@ -100,10 +98,7 @@ void describe('AmplifyReferenceAuthFactory', () => { const template = Template.fromStack(backendAuth.stack); - template.resourceCountIs( - 'Custom::AmplifyReferenceAuthConfigurationResource', - 1 - ); + template.resourceCountIs('Custom::AmplifyRefAuth', 1); }); void it('verifies constructor import path', () => { From 36df2540c12f6ff9ca7d162a007989bc26971844 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 2 Oct 2024 17:14:03 -0700 Subject: [PATCH 16/61] chore: cleanup reused variables --- .../src/construct.test.ts | 37 ++----------------- .../reference-auth-construct/src/construct.ts | 4 +- 2 files changed, 6 insertions(+), 35 deletions(-) diff --git a/packages/reference-auth-construct/src/construct.test.ts b/packages/reference-auth-construct/src/construct.test.ts index df4532c1e3..a0715efeae 100644 --- a/packages/reference-auth-construct/src/construct.test.ts +++ b/packages/reference-auth-construct/src/construct.test.ts @@ -8,6 +8,7 @@ import { BackendOutputEntry, BackendOutputStorageStrategy, } from '@aws-amplify/plugin-types'; +import { OUTPUT_PROPERTIES_PROVIDED_BY_AUTH_CUSTOM_RESOURCE } from './construct.js'; const refAuthProps: ReferenceAuthProps = { authRoleArn: 'arn:aws:iam::000000000000:role/amplify-sample-auth-role-name', unauthRoleArn: @@ -16,23 +17,7 @@ const refAuthProps: ReferenceAuthProps = { userPoolClientId: 'userPoolClientId', userPoolId: 'us-east-1_userPoolId', }; -const customResourceProperties = [ - 'allowUnauthenticatedIdentities', - 'signupAttributes', - 'usernameAttributes', - 'verificationMechanisms', - 'passwordPolicyMinLength', - 'passwordPolicyRequirements', - 'mfaConfiguration', - 'mfaTypes', - 'socialProviders', - 'oauthCognitoDomain', - 'oauthScope', - 'oauthRedirectSignIn', - 'oauthRedirectSignOut', - 'oauthResponseType', - 'oauthClientId', -]; + void describe('AmplifyConstruct', () => { // beforeEach(() => { @@ -121,7 +106,7 @@ void describe('AmplifyConstruct', () => { const template = Template.fromStack(stack); // check that outputs reference custom resource attributes const outputs = template.findOutputs('*'); - for (const property of customResourceProperties) { + for (const property of OUTPUT_PROPERTIES_PROVIDED_BY_AUTH_CUSTOM_RESOURCE) { const expectedValue = { 'Fn::GetAtt': ['AmplifyRefAuthCustomResource', `${property}`], }; @@ -185,21 +170,7 @@ void describe('AmplifyConstruct', () => { 'webClientId', 'identityPoolId', 'authRegion', - 'allowUnauthenticatedIdentities', - 'signupAttributes', - 'usernameAttributes', - 'verificationMechanisms', - 'passwordPolicyMinLength', - 'passwordPolicyRequirements', - 'mfaConfiguration', - 'mfaTypes', - 'socialProviders', - 'oauthCognitoDomain', - 'oauthScope', - 'oauthRedirectSignIn', - 'oauthRedirectSignOut', - 'oauthResponseType', - 'oauthClientId', + ...OUTPUT_PROPERTIES_PROVIDED_BY_AUTH_CUSTOM_RESOURCE, ], }, }, diff --git a/packages/reference-auth-construct/src/construct.ts b/packages/reference-auth-construct/src/construct.ts index b116a52502..15e9a96778 100644 --- a/packages/reference-auth-construct/src/construct.ts +++ b/packages/reference-auth-construct/src/construct.ts @@ -41,7 +41,7 @@ const authStackType = 'auth-Cognito'; * These properties are fetched by the custom resource and must be accounted for * in the final AuthOutput payload. */ -const OUTPUT_PROPERTIES_PROVIDED_BY_CUSTOM_RESOURCE: (keyof AuthOutput['payload'])[] = +export const OUTPUT_PROPERTIES_PROVIDED_BY_AUTH_CUSTOM_RESOURCE: (keyof AuthOutput['payload'])[] = [ 'allowUnauthenticatedIdentities', 'signupAttributes', @@ -196,7 +196,7 @@ export class AmplifyReferenceAuth }; // assign cdk tokens which will be resolved during deployment - for (const property of OUTPUT_PROPERTIES_PROVIDED_BY_CUSTOM_RESOURCE) { + for (const property of OUTPUT_PROPERTIES_PROVIDED_BY_AUTH_CUSTOM_RESOURCE) { output[property] = this.configurationCustomResource.getAttString(property); } From 22e7ccf79ea0d9944d814a0fed6a457b297cda7f Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 2 Oct 2024 17:28:11 -0700 Subject: [PATCH 17/61] chore: changeset --- .changeset/blue-guests-sort.md | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 .changeset/blue-guests-sort.md diff --git a/.changeset/blue-guests-sort.md b/.changeset/blue-guests-sort.md new file mode 100644 index 0000000000..3cb67cc8a8 --- /dev/null +++ b/.changeset/blue-guests-sort.md @@ -0,0 +1,9 @@ +--- +'@aws-amplify/reference-auth-construct': minor +'@aws-amplify/auth-construct': minor +'@aws-amplify/backend-auth': minor +'@aws-amplify/backend-data': minor +'@aws-amplify/plugin-types': minor +--- + +Support for referenced auth resources in data and storage categories. From bd984c41949d59c876ef2d8933563c867772a0f7 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 2 Oct 2024 17:30:44 -0700 Subject: [PATCH 18/61] chore: cleanup changeset --- .changeset/blue-guests-sort.md | 9 --------- .changeset/nervous-timers-walk.md | 6 ++++-- 2 files changed, 4 insertions(+), 11 deletions(-) delete mode 100644 .changeset/blue-guests-sort.md diff --git a/.changeset/blue-guests-sort.md b/.changeset/blue-guests-sort.md deleted file mode 100644 index 3cb67cc8a8..0000000000 --- a/.changeset/blue-guests-sort.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -'@aws-amplify/reference-auth-construct': minor -'@aws-amplify/auth-construct': minor -'@aws-amplify/backend-auth': minor -'@aws-amplify/backend-data': minor -'@aws-amplify/plugin-types': minor ---- - -Support for referenced auth resources in data and storage categories. diff --git a/.changeset/nervous-timers-walk.md b/.changeset/nervous-timers-walk.md index 4127f1193a..3bcfe0fa54 100644 --- a/.changeset/nervous-timers-walk.md +++ b/.changeset/nervous-timers-walk.md @@ -1,8 +1,10 @@ --- -'@aws-amplify/reference-auth-construct': minor -'@aws-amplify/client-config': minor +'@aws-amplify/auth-construct': minor '@aws-amplify/backend-auth': minor +'@aws-amplify/backend-data': minor +'@aws-amplify/client-config': minor '@aws-amplify/plugin-types': minor +'@aws-amplify/reference-auth-construct': minor --- Add support for referencing existing auth resources via referenceAuth. From 1bfcfb296bc80cfebd219b63c9f20bbede435be8 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 2 Oct 2024 17:35:36 -0700 Subject: [PATCH 19/61] chore: cleanup --- .../src/lambda/reference_auth_initializer.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts index 5de913294e..9bdafbc77f 100644 --- a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts +++ b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts @@ -191,7 +191,6 @@ export const getIdentityPoolOutputs = async (identityPoolId: string) => { }); const idpResponse = await identityPoolClient.send(idpCommand); - idpResponse.SupportedLoginProviders; const data = { allowUnauthenticatedIdentities: idpResponse.AllowUnauthenticatedIdentities === true ? 'true' : 'false', From 5b38b6e71b47367114007437812f152d5aa8e438 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 2 Oct 2024 17:52:35 -0700 Subject: [PATCH 20/61] chore: cleanup changesets, lockfile, and api --- ...s-walk.md => healthy-kangaroos-deliver.md} | 4 +- package-lock.json | 3790 ++++++----------- packages/backend-auth/package.json | 2 +- packages/backend/API.md | 3 + packages/backend/src/index.ts | 2 +- .../reference-auth-construct/package.json | 4 +- 6 files changed, 1420 insertions(+), 2385 deletions(-) rename .changeset/{nervous-timers-walk.md => healthy-kangaroos-deliver.md} (88%) diff --git a/.changeset/nervous-timers-walk.md b/.changeset/healthy-kangaroos-deliver.md similarity index 88% rename from .changeset/nervous-timers-walk.md rename to .changeset/healthy-kangaroos-deliver.md index 3bcfe0fa54..646106b560 100644 --- a/.changeset/nervous-timers-walk.md +++ b/.changeset/healthy-kangaroos-deliver.md @@ -1,10 +1,10 @@ --- +'@aws-amplify/reference-auth-construct': minor '@aws-amplify/auth-construct': minor '@aws-amplify/backend-auth': minor '@aws-amplify/backend-data': minor -'@aws-amplify/client-config': minor '@aws-amplify/plugin-types': minor -'@aws-amplify/reference-auth-construct': minor +'@aws-amplify/backend': minor --- Add support for referencing existing auth resources via referenceAuth. diff --git a/package-lock.json b/package-lock.json index e1e23174d2..7be6e4f80a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -7549,49 +7549,50 @@ } }, "node_modules/@aws-sdk/client-cognito-identity-provider": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-cognito-identity-provider/-/client-cognito-identity-provider-3.662.0.tgz", - "integrity": "sha512-GqKKoVIBwkGqIxFJh5gJY7aMZhijjJkk/hmI1eIuS4vex7LpS941uYH/3CpyuI0u3hq+ABjwul2W6dDNleVq4Q==", + "version": "3.651.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-cognito-identity-provider/-/client-cognito-identity-provider-3.651.0.tgz", + "integrity": "sha512-ghIZlEOFHb5TYzoWMlvupD0vvZpQaTMk9DPbtvwDs1EW6iegs/Y4eJVIGL+ITkiPS/86MlySvSw1hUZseiTXVQ==", + "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/client-sso-oidc": "3.662.0", - "@aws-sdk/client-sts": "3.662.0", - "@aws-sdk/core": "3.662.0", - "@aws-sdk/credential-provider-node": "3.662.0", - "@aws-sdk/middleware-host-header": "3.662.0", - "@aws-sdk/middleware-logger": "3.662.0", - "@aws-sdk/middleware-recursion-detection": "3.662.0", - "@aws-sdk/middleware-user-agent": "3.662.0", - "@aws-sdk/region-config-resolver": "3.662.0", - "@aws-sdk/types": "3.662.0", - "@aws-sdk/util-endpoints": "3.662.0", - "@aws-sdk/util-user-agent-browser": "3.662.0", - "@aws-sdk/util-user-agent-node": "3.662.0", - "@smithy/config-resolver": "^3.0.9", - "@smithy/core": "^2.4.7", - "@smithy/fetch-http-handler": "^3.2.9", - "@smithy/hash-node": "^3.0.7", - "@smithy/invalid-dependency": "^3.0.7", - "@smithy/middleware-content-length": "^3.0.9", - "@smithy/middleware-endpoint": "^3.1.4", - "@smithy/middleware-retry": "^3.0.22", - "@smithy/middleware-serde": "^3.0.7", - "@smithy/middleware-stack": "^3.0.7", - "@smithy/node-config-provider": "^3.1.8", - "@smithy/node-http-handler": "^3.2.4", - "@smithy/protocol-http": "^4.1.4", - "@smithy/smithy-client": "^3.3.6", - "@smithy/types": "^3.5.0", - "@smithy/url-parser": "^3.0.7", + "@aws-sdk/client-sso-oidc": "3.650.0", + "@aws-sdk/client-sts": "3.650.0", + "@aws-sdk/core": "3.649.0", + "@aws-sdk/credential-provider-node": "3.650.0", + "@aws-sdk/middleware-host-header": "3.649.0", + "@aws-sdk/middleware-logger": "3.649.0", + "@aws-sdk/middleware-recursion-detection": "3.649.0", + "@aws-sdk/middleware-user-agent": "3.649.0", + "@aws-sdk/region-config-resolver": "3.649.0", + "@aws-sdk/types": "3.649.0", + "@aws-sdk/util-endpoints": "3.649.0", + "@aws-sdk/util-user-agent-browser": "3.649.0", + "@aws-sdk/util-user-agent-node": "3.649.0", + "@smithy/config-resolver": "^3.0.6", + "@smithy/core": "^2.4.1", + "@smithy/fetch-http-handler": "^3.2.5", + "@smithy/hash-node": "^3.0.4", + "@smithy/invalid-dependency": "^3.0.4", + "@smithy/middleware-content-length": "^3.0.6", + "@smithy/middleware-endpoint": "^3.1.1", + "@smithy/middleware-retry": "^3.0.16", + "@smithy/middleware-serde": "^3.0.4", + "@smithy/middleware-stack": "^3.0.4", + "@smithy/node-config-provider": "^3.1.5", + "@smithy/node-http-handler": "^3.2.0", + "@smithy/protocol-http": "^4.1.1", + "@smithy/smithy-client": "^3.3.0", + "@smithy/types": "^3.4.0", + "@smithy/url-parser": "^3.0.4", "@smithy/util-base64": "^3.0.0", "@smithy/util-body-length-browser": "^3.0.0", "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.22", - "@smithy/util-defaults-mode-node": "^3.0.22", - "@smithy/util-endpoints": "^2.1.3", - "@smithy/util-middleware": "^3.0.7", - "@smithy/util-retry": "^3.0.7", + "@smithy/util-defaults-mode-browser": "^3.0.16", + "@smithy/util-defaults-mode-node": "^3.0.16", + "@smithy/util-endpoints": "^2.1.0", + "@smithy/util-middleware": "^3.0.4", + "@smithy/util-retry": "^3.0.4", "@smithy/util-utf8": "^3.0.0", "tslib": "^2.6.2" }, @@ -7599,671 +7600,788 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/client-sso": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.662.0.tgz", - "integrity": "sha512-4j3+eNSnNblcIYCJrsRRdyXFjAWGpGa7s7pdIyDMLwtYA7AKNlnlyQV14jtezhMrN2j6qZ7zZmnwEyFGipgfWA==", + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@smithy/node-config-provider": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", + "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", + "license": "Apache-2.0", "dependencies": { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "3.662.0", - "@aws-sdk/middleware-host-header": "3.662.0", - "@aws-sdk/middleware-logger": "3.662.0", - "@aws-sdk/middleware-recursion-detection": "3.662.0", - "@aws-sdk/middleware-user-agent": "3.662.0", - "@aws-sdk/region-config-resolver": "3.662.0", - "@aws-sdk/types": "3.662.0", - "@aws-sdk/util-endpoints": "3.662.0", - "@aws-sdk/util-user-agent-browser": "3.662.0", - "@aws-sdk/util-user-agent-node": "3.662.0", - "@smithy/config-resolver": "^3.0.9", - "@smithy/core": "^2.4.7", - "@smithy/fetch-http-handler": "^3.2.9", - "@smithy/hash-node": "^3.0.7", - "@smithy/invalid-dependency": "^3.0.7", - "@smithy/middleware-content-length": "^3.0.9", - "@smithy/middleware-endpoint": "^3.1.4", - "@smithy/middleware-retry": "^3.0.22", - "@smithy/middleware-serde": "^3.0.7", - "@smithy/middleware-stack": "^3.0.7", - "@smithy/node-config-provider": "^3.1.8", - "@smithy/node-http-handler": "^3.2.4", - "@smithy/protocol-http": "^4.1.4", - "@smithy/smithy-client": "^3.3.6", - "@smithy/types": "^3.5.0", - "@smithy/url-parser": "^3.0.7", - "@smithy/util-base64": "^3.0.0", - "@smithy/util-body-length-browser": "^3.0.0", - "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.22", - "@smithy/util-defaults-mode-node": "^3.0.22", - "@smithy/util-endpoints": "^2.1.3", - "@smithy/util-middleware": "^3.0.7", - "@smithy/util-retry": "^3.0.7", - "@smithy/util-utf8": "^3.0.0", + "@smithy/property-provider": "^3.1.4", + "@smithy/shared-ini-file-loader": "^3.1.5", + "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/client-sso-oidc": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.662.0.tgz", - "integrity": "sha512-YZrH0sftdmjvEIY8u0LCrfEhyaMVpN0+K0K9WsUrFRMZ7DK6nB9YD1f5EaKUN5UjNw5S7gbjSdI8neSCoELjhw==", + "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@smithy/shared-ini-file-loader": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", + "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", + "license": "Apache-2.0", "dependencies": { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "3.662.0", - "@aws-sdk/credential-provider-node": "3.662.0", - "@aws-sdk/middleware-host-header": "3.662.0", - "@aws-sdk/middleware-logger": "3.662.0", - "@aws-sdk/middleware-recursion-detection": "3.662.0", - "@aws-sdk/middleware-user-agent": "3.662.0", - "@aws-sdk/region-config-resolver": "3.662.0", - "@aws-sdk/types": "3.662.0", - "@aws-sdk/util-endpoints": "3.662.0", - "@aws-sdk/util-user-agent-browser": "3.662.0", - "@aws-sdk/util-user-agent-node": "3.662.0", - "@smithy/config-resolver": "^3.0.9", - "@smithy/core": "^2.4.7", - "@smithy/fetch-http-handler": "^3.2.9", - "@smithy/hash-node": "^3.0.7", - "@smithy/invalid-dependency": "^3.0.7", - "@smithy/middleware-content-length": "^3.0.9", - "@smithy/middleware-endpoint": "^3.1.4", - "@smithy/middleware-retry": "^3.0.22", - "@smithy/middleware-serde": "^3.0.7", - "@smithy/middleware-stack": "^3.0.7", - "@smithy/node-config-provider": "^3.1.8", - "@smithy/node-http-handler": "^3.2.4", - "@smithy/protocol-http": "^4.1.4", - "@smithy/smithy-client": "^3.3.6", - "@smithy/types": "^3.5.0", - "@smithy/url-parser": "^3.0.7", - "@smithy/util-base64": "^3.0.0", - "@smithy/util-body-length-browser": "^3.0.0", - "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.22", - "@smithy/util-defaults-mode-node": "^3.0.22", - "@smithy/util-endpoints": "^2.1.3", - "@smithy/util-middleware": "^3.0.7", - "@smithy/util-retry": "^3.0.7", - "@smithy/util-utf8": "^3.0.0", + "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" - }, - "peerDependencies": { - "@aws-sdk/client-sts": "^3.662.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/client-sts": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.662.0.tgz", - "integrity": "sha512-RjiXvfW3a36ybHuzYuZ6ZgddYiENiXLDGC3tlZMsKWuoVQNeoh2grx1wxUA6e4ajAIqJLXs5dAYTSXzGaAqHTA==", + "node_modules/@aws-sdk/client-cognito-identity/node_modules/@smithy/node-config-provider": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", + "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", + "license": "Apache-2.0", "dependencies": { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/client-sso-oidc": "3.662.0", - "@aws-sdk/core": "3.662.0", - "@aws-sdk/credential-provider-node": "3.662.0", - "@aws-sdk/middleware-host-header": "3.662.0", - "@aws-sdk/middleware-logger": "3.662.0", - "@aws-sdk/middleware-recursion-detection": "3.662.0", - "@aws-sdk/middleware-user-agent": "3.662.0", - "@aws-sdk/region-config-resolver": "3.662.0", - "@aws-sdk/types": "3.662.0", - "@aws-sdk/util-endpoints": "3.662.0", - "@aws-sdk/util-user-agent-browser": "3.662.0", - "@aws-sdk/util-user-agent-node": "3.662.0", - "@smithy/config-resolver": "^3.0.9", - "@smithy/core": "^2.4.7", - "@smithy/fetch-http-handler": "^3.2.9", - "@smithy/hash-node": "^3.0.7", - "@smithy/invalid-dependency": "^3.0.7", - "@smithy/middleware-content-length": "^3.0.9", - "@smithy/middleware-endpoint": "^3.1.4", - "@smithy/middleware-retry": "^3.0.22", - "@smithy/middleware-serde": "^3.0.7", - "@smithy/middleware-stack": "^3.0.7", - "@smithy/node-config-provider": "^3.1.8", - "@smithy/node-http-handler": "^3.2.4", - "@smithy/protocol-http": "^4.1.4", - "@smithy/smithy-client": "^3.3.6", - "@smithy/types": "^3.5.0", - "@smithy/url-parser": "^3.0.7", - "@smithy/util-base64": "^3.0.0", - "@smithy/util-body-length-browser": "^3.0.0", - "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.22", - "@smithy/util-defaults-mode-node": "^3.0.22", - "@smithy/util-endpoints": "^2.1.3", - "@smithy/util-middleware": "^3.0.7", - "@smithy/util-retry": "^3.0.7", - "@smithy/util-utf8": "^3.0.0", + "@smithy/property-provider": "^3.1.4", + "@smithy/shared-ini-file-loader": "^3.1.5", + "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/core": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.662.0.tgz", - "integrity": "sha512-w64Fa4dsgM8vN7Z+QPR3n+aAl5GXThQRH8deT/iF1rLrzfq7V8xxACJ/CLVaxrZMZUPUUgG7DUAo95nXFWmGjA==", + "node_modules/@aws-sdk/client-cognito-identity/node_modules/@smithy/shared-ini-file-loader": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", + "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", + "license": "Apache-2.0", "dependencies": { - "@smithy/core": "^2.4.7", - "@smithy/node-config-provider": "^3.1.8", - "@smithy/property-provider": "^3.1.7", - "@smithy/protocol-http": "^4.1.4", - "@smithy/signature-v4": "^4.2.0", - "@smithy/smithy-client": "^3.3.6", - "@smithy/types": "^3.5.0", - "@smithy/util-middleware": "^3.0.7", - "fast-xml-parser": "4.4.1", + "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/credential-provider-env": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.662.0.tgz", - "integrity": "sha512-Dgwb0c/FH4xT5QZZFdLTFmCkdG3woXIAgLx5HCoH9Ty5G7T8keHOU9Jm4Vpe2ZJXL7JJHlLakGS65+bgXTuLSQ==", + "node_modules/@aws-sdk/client-dynamodb": { + "version": "3.650.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-dynamodb/-/client-dynamodb-3.650.0.tgz", + "integrity": "sha512-WdlBZsDJqufse4DcCeAwDV+kP/fh8QgVfH/IsUc0ST534inx9fiztr41/H2rE1qRf7t2iLtVkF5Jm1+Ew+GqPg==", + "dev": true, + "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/property-provider": "^3.1.7", - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/client-sso-oidc": "3.650.0", + "@aws-sdk/client-sts": "3.650.0", + "@aws-sdk/core": "3.649.0", + "@aws-sdk/credential-provider-node": "3.650.0", + "@aws-sdk/middleware-endpoint-discovery": "3.649.0", + "@aws-sdk/middleware-host-header": "3.649.0", + "@aws-sdk/middleware-logger": "3.649.0", + "@aws-sdk/middleware-recursion-detection": "3.649.0", + "@aws-sdk/middleware-user-agent": "3.649.0", + "@aws-sdk/region-config-resolver": "3.649.0", + "@aws-sdk/types": "3.649.0", + "@aws-sdk/util-endpoints": "3.649.0", + "@aws-sdk/util-user-agent-browser": "3.649.0", + "@aws-sdk/util-user-agent-node": "3.649.0", + "@smithy/config-resolver": "^3.0.6", + "@smithy/core": "^2.4.1", + "@smithy/fetch-http-handler": "^3.2.5", + "@smithy/hash-node": "^3.0.4", + "@smithy/invalid-dependency": "^3.0.4", + "@smithy/middleware-content-length": "^3.0.6", + "@smithy/middleware-endpoint": "^3.1.1", + "@smithy/middleware-retry": "^3.0.16", + "@smithy/middleware-serde": "^3.0.4", + "@smithy/middleware-stack": "^3.0.4", + "@smithy/node-config-provider": "^3.1.5", + "@smithy/node-http-handler": "^3.2.0", + "@smithy/protocol-http": "^4.1.1", + "@smithy/smithy-client": "^3.3.0", + "@smithy/types": "^3.4.0", + "@smithy/url-parser": "^3.0.4", + "@smithy/util-base64": "^3.0.0", + "@smithy/util-body-length-browser": "^3.0.0", + "@smithy/util-body-length-node": "^3.0.0", + "@smithy/util-defaults-mode-browser": "^3.0.16", + "@smithy/util-defaults-mode-node": "^3.0.16", + "@smithy/util-endpoints": "^2.1.0", + "@smithy/util-middleware": "^3.0.4", + "@smithy/util-retry": "^3.0.4", + "@smithy/util-utf8": "^3.0.0", + "@smithy/util-waiter": "^3.1.3", + "tslib": "^2.6.2", + "uuid": "^9.0.1" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/credential-provider-http": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.662.0.tgz", - "integrity": "sha512-Wnle/uJI4Ku9ABJHof9sio28VlaSbF3jVQKTSVCJftvbKELlFOlY5aXSjtu0wwcJqDS5r78N5KM7aARUJES+DA==", + "node_modules/@aws-sdk/client-dynamodb/node_modules/@smithy/node-config-provider": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", + "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", + "dev": true, + "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/fetch-http-handler": "^3.2.9", - "@smithy/node-http-handler": "^3.2.4", - "@smithy/property-provider": "^3.1.7", - "@smithy/protocol-http": "^4.1.4", - "@smithy/smithy-client": "^3.3.6", - "@smithy/types": "^3.5.0", - "@smithy/util-stream": "^3.1.9", + "@smithy/property-provider": "^3.1.4", + "@smithy/shared-ini-file-loader": "^3.1.5", + "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/credential-provider-ini": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.662.0.tgz", - "integrity": "sha512-jk+A5B0NRYG4KrjJ8ef1+r9bFjhpwUm/A9grJmp3JOwcHKXvI2Gy9BXNqfqqVgrK0Gns+WyhJZy6rsRaC+v1oQ==", + "node_modules/@aws-sdk/client-dynamodb/node_modules/@smithy/shared-ini-file-loader": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", + "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", + "dev": true, + "license": "Apache-2.0", "dependencies": { - "@aws-sdk/credential-provider-env": "3.662.0", - "@aws-sdk/credential-provider-http": "3.662.0", - "@aws-sdk/credential-provider-process": "3.662.0", - "@aws-sdk/credential-provider-sso": "3.662.0", - "@aws-sdk/credential-provider-web-identity": "3.662.0", - "@aws-sdk/types": "3.662.0", - "@smithy/credential-provider-imds": "^3.2.4", - "@smithy/property-provider": "^3.1.7", - "@smithy/shared-ini-file-loader": "^3.1.8", - "@smithy/types": "^3.5.0", + "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" - }, - "peerDependencies": { - "@aws-sdk/client-sts": "^3.662.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/credential-provider-node": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.662.0.tgz", - "integrity": "sha512-2O9wjxdLcU1b+bWVkp3YYbPHo15SU3pW4KfWTca5bB/C01i1eqiHnwsOFz/WKPYYKNj0FhXtJJjeDQLtNFYI8A==", - "dependencies": { - "@aws-sdk/credential-provider-env": "3.662.0", - "@aws-sdk/credential-provider-http": "3.662.0", - "@aws-sdk/credential-provider-ini": "3.662.0", - "@aws-sdk/credential-provider-process": "3.662.0", - "@aws-sdk/credential-provider-sso": "3.662.0", - "@aws-sdk/credential-provider-web-identity": "3.662.0", - "@aws-sdk/types": "3.662.0", - "@smithy/credential-provider-imds": "^3.2.4", - "@smithy/property-provider": "^3.1.7", - "@smithy/shared-ini-file-loader": "^3.1.8", - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" + "node_modules/@aws-sdk/client-dynamodb/node_modules/uuid": { + "version": "9.0.1", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-9.0.1.tgz", + "integrity": "sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==", + "dev": true, + "funding": [ + "https://github.com/sponsors/broofa", + "https://github.com/sponsors/ctavan" + ], + "license": "MIT", + "bin": { + "uuid": "dist/bin/uuid" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/credential-provider-process": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.662.0.tgz", - "integrity": "sha512-1QUdtr/JiuvRjVgA8enpgCwjq7Eud8eVUT0i/vpWuFp5TV2FFq/8BD3GBkesTdy4Ylms6QVGf7J6INdfUWQEmw==", + "node_modules/@aws-sdk/client-ec2": { + "version": "3.624.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-ec2/-/client-ec2-3.624.0.tgz", + "integrity": "sha512-n3IHWiNSP5Cj0ZbENJGtDeJPsx6EVNMeePh8Nqe9Ja5l5/Brkdyu4TV6t/taPXHJQDH7E6cq4/uMiiEPRNuf6Q==", + "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/property-provider": "^3.1.7", - "@smithy/shared-ini-file-loader": "^3.1.8", - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/client-sso-oidc": "3.624.0", + "@aws-sdk/client-sts": "3.624.0", + "@aws-sdk/core": "3.624.0", + "@aws-sdk/credential-provider-node": "3.624.0", + "@aws-sdk/middleware-host-header": "3.620.0", + "@aws-sdk/middleware-logger": "3.609.0", + "@aws-sdk/middleware-recursion-detection": "3.620.0", + "@aws-sdk/middleware-sdk-ec2": "3.622.0", + "@aws-sdk/middleware-user-agent": "3.620.0", + "@aws-sdk/region-config-resolver": "3.614.0", + "@aws-sdk/types": "3.609.0", + "@aws-sdk/util-endpoints": "3.614.0", + "@aws-sdk/util-user-agent-browser": "3.609.0", + "@aws-sdk/util-user-agent-node": "3.614.0", + "@smithy/config-resolver": "^3.0.5", + "@smithy/core": "^2.3.2", + "@smithy/fetch-http-handler": "^3.2.4", + "@smithy/hash-node": "^3.0.3", + "@smithy/invalid-dependency": "^3.0.3", + "@smithy/middleware-content-length": "^3.0.5", + "@smithy/middleware-endpoint": "^3.1.0", + "@smithy/middleware-retry": "^3.0.14", + "@smithy/middleware-serde": "^3.0.3", + "@smithy/middleware-stack": "^3.0.3", + "@smithy/node-config-provider": "^3.1.4", + "@smithy/node-http-handler": "^3.1.4", + "@smithy/protocol-http": "^4.1.0", + "@smithy/smithy-client": "^3.1.12", + "@smithy/types": "^3.3.0", + "@smithy/url-parser": "^3.0.3", + "@smithy/util-base64": "^3.0.0", + "@smithy/util-body-length-browser": "^3.0.0", + "@smithy/util-body-length-node": "^3.0.0", + "@smithy/util-defaults-mode-browser": "^3.0.14", + "@smithy/util-defaults-mode-node": "^3.0.14", + "@smithy/util-endpoints": "^2.0.5", + "@smithy/util-middleware": "^3.0.3", + "@smithy/util-retry": "^3.0.3", + "@smithy/util-utf8": "^3.0.0", + "@smithy/util-waiter": "^3.1.2", + "tslib": "^2.6.2", + "uuid": "^9.0.1" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/credential-provider-sso": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.662.0.tgz", - "integrity": "sha512-zxze6pDPgwBwl7S3h4JDALCCz93pTAfulbCY8FqMEd7GvnAiofHpL9svyt4+gytXwwUSsQ6KxCMVLbi+8k8YIg==", + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/client-sso": { + "version": "3.624.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.624.0.tgz", + "integrity": "sha512-EX6EF+rJzMPC5dcdsu40xSi2To7GSvdGQNIpe97pD9WvZwM9tRNQnNM4T6HA4gjV1L6Jwk8rBlG/CnveXtLEMw==", + "license": "Apache-2.0", "dependencies": { - "@aws-sdk/client-sso": "3.662.0", - "@aws-sdk/token-providers": "3.662.0", - "@aws-sdk/types": "3.662.0", - "@smithy/property-provider": "^3.1.7", - "@smithy/shared-ini-file-loader": "^3.1.8", - "@smithy/types": "^3.5.0", + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/core": "3.624.0", + "@aws-sdk/middleware-host-header": "3.620.0", + "@aws-sdk/middleware-logger": "3.609.0", + "@aws-sdk/middleware-recursion-detection": "3.620.0", + "@aws-sdk/middleware-user-agent": "3.620.0", + "@aws-sdk/region-config-resolver": "3.614.0", + "@aws-sdk/types": "3.609.0", + "@aws-sdk/util-endpoints": "3.614.0", + "@aws-sdk/util-user-agent-browser": "3.609.0", + "@aws-sdk/util-user-agent-node": "3.614.0", + "@smithy/config-resolver": "^3.0.5", + "@smithy/core": "^2.3.2", + "@smithy/fetch-http-handler": "^3.2.4", + "@smithy/hash-node": "^3.0.3", + "@smithy/invalid-dependency": "^3.0.3", + "@smithy/middleware-content-length": "^3.0.5", + "@smithy/middleware-endpoint": "^3.1.0", + "@smithy/middleware-retry": "^3.0.14", + "@smithy/middleware-serde": "^3.0.3", + "@smithy/middleware-stack": "^3.0.3", + "@smithy/node-config-provider": "^3.1.4", + "@smithy/node-http-handler": "^3.1.4", + "@smithy/protocol-http": "^4.1.0", + "@smithy/smithy-client": "^3.1.12", + "@smithy/types": "^3.3.0", + "@smithy/url-parser": "^3.0.3", + "@smithy/util-base64": "^3.0.0", + "@smithy/util-body-length-browser": "^3.0.0", + "@smithy/util-body-length-node": "^3.0.0", + "@smithy/util-defaults-mode-browser": "^3.0.14", + "@smithy/util-defaults-mode-node": "^3.0.14", + "@smithy/util-endpoints": "^2.0.5", + "@smithy/util-middleware": "^3.0.3", + "@smithy/util-retry": "^3.0.3", + "@smithy/util-utf8": "^3.0.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/credential-provider-web-identity": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.662.0.tgz", - "integrity": "sha512-GhPwxmHSFtwCckuT+34JG+U99qKfDWVYPLJOPI6b35+aLhfVqW5CHPmVjtM4WZqbxzsA0a3KAYA/U1ZaluI4SA==", + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/client-sso-oidc": { + "version": "3.624.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.624.0.tgz", + "integrity": "sha512-Ki2uKYJKKtfHxxZsiMTOvJoVRP6b2pZ1u3rcUb2m/nVgBPUfLdl8ZkGpqE29I+t5/QaS/sEdbn6cgMUZwl+3Dg==", + "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/property-provider": "^3.1.7", - "@smithy/types": "^3.5.0", + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/core": "3.624.0", + "@aws-sdk/credential-provider-node": "3.624.0", + "@aws-sdk/middleware-host-header": "3.620.0", + "@aws-sdk/middleware-logger": "3.609.0", + "@aws-sdk/middleware-recursion-detection": "3.620.0", + "@aws-sdk/middleware-user-agent": "3.620.0", + "@aws-sdk/region-config-resolver": "3.614.0", + "@aws-sdk/types": "3.609.0", + "@aws-sdk/util-endpoints": "3.614.0", + "@aws-sdk/util-user-agent-browser": "3.609.0", + "@aws-sdk/util-user-agent-node": "3.614.0", + "@smithy/config-resolver": "^3.0.5", + "@smithy/core": "^2.3.2", + "@smithy/fetch-http-handler": "^3.2.4", + "@smithy/hash-node": "^3.0.3", + "@smithy/invalid-dependency": "^3.0.3", + "@smithy/middleware-content-length": "^3.0.5", + "@smithy/middleware-endpoint": "^3.1.0", + "@smithy/middleware-retry": "^3.0.14", + "@smithy/middleware-serde": "^3.0.3", + "@smithy/middleware-stack": "^3.0.3", + "@smithy/node-config-provider": "^3.1.4", + "@smithy/node-http-handler": "^3.1.4", + "@smithy/protocol-http": "^4.1.0", + "@smithy/smithy-client": "^3.1.12", + "@smithy/types": "^3.3.0", + "@smithy/url-parser": "^3.0.3", + "@smithy/util-base64": "^3.0.0", + "@smithy/util-body-length-browser": "^3.0.0", + "@smithy/util-body-length-node": "^3.0.0", + "@smithy/util-defaults-mode-browser": "^3.0.14", + "@smithy/util-defaults-mode-node": "^3.0.14", + "@smithy/util-endpoints": "^2.0.5", + "@smithy/util-middleware": "^3.0.3", + "@smithy/util-retry": "^3.0.3", + "@smithy/util-utf8": "^3.0.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" }, "peerDependencies": { - "@aws-sdk/client-sts": "^3.662.0" - } - }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/middleware-host-header": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.662.0.tgz", - "integrity": "sha512-Gkb0J1LTvD8LOS8uwoRI5weFXvvJwP1jfnYwzQrFgLymRFHJm5JtORQZtmw34dtdou+IBTUsH1mgI8b3QVVH3w==", - "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/protocol-http": "^4.1.4", - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" + "@aws-sdk/client-sts": "^3.624.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/middleware-logger": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-logger/-/middleware-logger-3.662.0.tgz", - "integrity": "sha512-aSpwVHtfMlqzpmnmmUgRNCaIcxXdRrGqGWG+VWXuYR1F6jJARDDCxGkSuKiPEOLX0h0BroUo4gqbM8ILXQ8rVw==", + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/client-sts": { + "version": "3.624.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.624.0.tgz", + "integrity": "sha512-k36fLZCb2nfoV/DKK3jbRgO/Yf7/R80pgYfMiotkGjnZwDmRvNN08z4l06L9C+CieazzkgRxNUzyppsYcYsQaw==", + "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/types": "^3.5.0", + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/client-sso-oidc": "3.624.0", + "@aws-sdk/core": "3.624.0", + "@aws-sdk/credential-provider-node": "3.624.0", + "@aws-sdk/middleware-host-header": "3.620.0", + "@aws-sdk/middleware-logger": "3.609.0", + "@aws-sdk/middleware-recursion-detection": "3.620.0", + "@aws-sdk/middleware-user-agent": "3.620.0", + "@aws-sdk/region-config-resolver": "3.614.0", + "@aws-sdk/types": "3.609.0", + "@aws-sdk/util-endpoints": "3.614.0", + "@aws-sdk/util-user-agent-browser": "3.609.0", + "@aws-sdk/util-user-agent-node": "3.614.0", + "@smithy/config-resolver": "^3.0.5", + "@smithy/core": "^2.3.2", + "@smithy/fetch-http-handler": "^3.2.4", + "@smithy/hash-node": "^3.0.3", + "@smithy/invalid-dependency": "^3.0.3", + "@smithy/middleware-content-length": "^3.0.5", + "@smithy/middleware-endpoint": "^3.1.0", + "@smithy/middleware-retry": "^3.0.14", + "@smithy/middleware-serde": "^3.0.3", + "@smithy/middleware-stack": "^3.0.3", + "@smithy/node-config-provider": "^3.1.4", + "@smithy/node-http-handler": "^3.1.4", + "@smithy/protocol-http": "^4.1.0", + "@smithy/smithy-client": "^3.1.12", + "@smithy/types": "^3.3.0", + "@smithy/url-parser": "^3.0.3", + "@smithy/util-base64": "^3.0.0", + "@smithy/util-body-length-browser": "^3.0.0", + "@smithy/util-body-length-node": "^3.0.0", + "@smithy/util-defaults-mode-browser": "^3.0.14", + "@smithy/util-defaults-mode-node": "^3.0.14", + "@smithy/util-endpoints": "^2.0.5", + "@smithy/util-middleware": "^3.0.3", + "@smithy/util-retry": "^3.0.3", + "@smithy/util-utf8": "^3.0.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/middleware-recursion-detection": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.662.0.tgz", - "integrity": "sha512-V/MYE+LOFIQDLnpWMHLxnKu+ELhD3pLOrWXVhKpVit6YcHxaOz6nvB40CPamSPDXenA11FGXKAGNHZ0loTpDQg==", + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/core": { + "version": "3.624.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.624.0.tgz", + "integrity": "sha512-WyFmPbhRIvtWi7hBp8uSFy+iPpj8ccNV/eX86hwF4irMjfc/FtsGVIAeBXxXM/vGCjkdfEzOnl+tJ2XACD4OXg==", + "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/protocol-http": "^4.1.4", - "@smithy/types": "^3.5.0", + "@smithy/core": "^2.3.2", + "@smithy/node-config-provider": "^3.1.4", + "@smithy/protocol-http": "^4.1.0", + "@smithy/signature-v4": "^4.1.0", + "@smithy/smithy-client": "^3.1.12", + "@smithy/types": "^3.3.0", + "@smithy/util-middleware": "^3.0.3", + "fast-xml-parser": "4.4.1", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/middleware-user-agent": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.662.0.tgz", - "integrity": "sha512-NT940BLSSys/A8W3zO3g2Kj+zpeydqGbSQgN6qz84jTskQjnrlamoq+Zl9Rrp8Cn8sC10UQ09kGg97lvjVOlmg==", + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/credential-provider-env": { + "version": "3.620.1", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.620.1.tgz", + "integrity": "sha512-ExuILJ2qLW5ZO+rgkNRj0xiAipKT16Rk77buvPP8csR7kkCflT/gXTyzRe/uzIiETTxM7tr8xuO9MP/DQXqkfg==", + "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.662.0", - "@aws-sdk/util-endpoints": "3.662.0", - "@smithy/protocol-http": "^4.1.4", - "@smithy/types": "^3.5.0", + "@aws-sdk/types": "3.609.0", + "@smithy/property-provider": "^3.1.3", + "@smithy/types": "^3.3.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/region-config-resolver": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.662.0.tgz", - "integrity": "sha512-MDiWl4wZSVnnTELLb+jFSe0nj9HwxJPX2JnghXKkOXmbKEiE2/21DCQwU9mr9VUq2ZOQqaSnMFPr94iRu0AVTQ==", + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/credential-provider-http": { + "version": "3.622.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.622.0.tgz", + "integrity": "sha512-VUHbr24Oll1RK3WR8XLUugLpgK9ZuxEm/NVeVqyFts1Ck9gsKpRg1x4eH7L7tW3SJ4TDEQNMbD7/7J+eoL2svg==", + "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/node-config-provider": "^3.1.8", - "@smithy/types": "^3.5.0", - "@smithy/util-config-provider": "^3.0.0", - "@smithy/util-middleware": "^3.0.7", + "@aws-sdk/types": "3.609.0", + "@smithy/fetch-http-handler": "^3.2.4", + "@smithy/node-http-handler": "^3.1.4", + "@smithy/property-provider": "^3.1.3", + "@smithy/protocol-http": "^4.1.0", + "@smithy/smithy-client": "^3.1.12", + "@smithy/types": "^3.3.0", + "@smithy/util-stream": "^3.1.3", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/token-providers": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.662.0.tgz", - "integrity": "sha512-OqtBPutNC9Am10P1W5IwqRvzCVQAHRxWxZnfDBh1FQjNmoboGWYSriKxbrCRYLFffusNuzo8KnOFOmg1sRlhJQ==", + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/credential-provider-ini": { + "version": "3.624.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.624.0.tgz", + "integrity": "sha512-mMoNIy7MO2WTBbdqMyLpbt6SZpthE6e0GkRYpsd0yozPt0RZopcBhEh+HG1U9Y1PVODo+jcMk353vAi61CfnhQ==", + "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/property-provider": "^3.1.7", - "@smithy/shared-ini-file-loader": "^3.1.8", - "@smithy/types": "^3.5.0", + "@aws-sdk/credential-provider-env": "3.620.1", + "@aws-sdk/credential-provider-http": "3.622.0", + "@aws-sdk/credential-provider-process": "3.620.1", + "@aws-sdk/credential-provider-sso": "3.624.0", + "@aws-sdk/credential-provider-web-identity": "3.621.0", + "@aws-sdk/types": "3.609.0", + "@smithy/credential-provider-imds": "^3.2.0", + "@smithy/property-provider": "^3.1.3", + "@smithy/shared-ini-file-loader": "^3.1.4", + "@smithy/types": "^3.3.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" }, "peerDependencies": { - "@aws-sdk/client-sso-oidc": "^3.662.0" + "@aws-sdk/client-sts": "^3.624.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/types": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.662.0.tgz", - "integrity": "sha512-Ff9/KRmIm8iEzodxzISLj4/pB/0hX2nVw1RFeOBC65OuM6nHrAdWHHog/CVx25hS5JPU0uE3h6NlWRaBJ7AV5w==", - "dependencies": { - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/credential-provider-node": { + "version": "3.624.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.624.0.tgz", + "integrity": "sha512-vYyGK7oNpd81BdbH5IlmQ6zfaQqU+rPwsKTDDBeLRjshtrGXOEpfoahVpG9PX0ibu32IOWp4ZyXBNyVrnvcMOw==", + "license": "Apache-2.0", + "dependencies": { + "@aws-sdk/credential-provider-env": "3.620.1", + "@aws-sdk/credential-provider-http": "3.622.0", + "@aws-sdk/credential-provider-ini": "3.624.0", + "@aws-sdk/credential-provider-process": "3.620.1", + "@aws-sdk/credential-provider-sso": "3.624.0", + "@aws-sdk/credential-provider-web-identity": "3.621.0", + "@aws-sdk/types": "3.609.0", + "@smithy/credential-provider-imds": "^3.2.0", + "@smithy/property-provider": "^3.1.3", + "@smithy/shared-ini-file-loader": "^3.1.4", + "@smithy/types": "^3.3.0", + "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/util-endpoints": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.662.0.tgz", - "integrity": "sha512-RQ/78yNUxZZZULFg7VxT7oObGOR/FBc0ojiFoCAKC20ycY8VvVX5Eof4gyxoVpwOP7EoZO3UlWSIqtaEV/X70w==", + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/credential-provider-process": { + "version": "3.620.1", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.620.1.tgz", + "integrity": "sha512-hWqFMidqLAkaV9G460+1at6qa9vySbjQKKc04p59OT7lZ5cO5VH5S4aI05e+m4j364MBROjjk2ugNvfNf/8ILg==", + "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/types": "^3.5.0", - "@smithy/util-endpoints": "^2.1.3", + "@aws-sdk/types": "3.609.0", + "@smithy/property-provider": "^3.1.3", + "@smithy/shared-ini-file-loader": "^3.1.4", + "@smithy/types": "^3.3.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/util-user-agent-browser": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.662.0.tgz", - "integrity": "sha512-5wQd+HbNTY1r1Gndxf93dAEFtKz1DqcalI4Ym40To+RIonSsYQNRomFoizYNgJ1P+Mkfsr4P1dy/MNTlkqTZuQ==", + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/credential-provider-sso": { + "version": "3.624.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.624.0.tgz", + "integrity": "sha512-A02bayIjU9APEPKr3HudrFHEx0WfghoSPsPopckDkW7VBqO4wizzcxr75Q9A3vNX+cwg0wCN6UitTNe6pVlRaQ==", + "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/types": "^3.5.0", - "bowser": "^2.11.0", + "@aws-sdk/client-sso": "3.624.0", + "@aws-sdk/token-providers": "3.614.0", + "@aws-sdk/types": "3.609.0", + "@smithy/property-provider": "^3.1.3", + "@smithy/shared-ini-file-loader": "^3.1.4", + "@smithy/types": "^3.3.0", "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@aws-sdk/util-user-agent-node": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.662.0.tgz", - "integrity": "sha512-vBRbZ9Hr1OGmdJPWj36X0fR8/VdI2JiwK6+oJRa6qfJ6AnhqCYZbCyeA6JIDeEu3M9iu1OLjenU8NdXhTz8c2w==", + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/credential-provider-web-identity": { + "version": "3.621.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.621.0.tgz", + "integrity": "sha512-w7ASSyfNvcx7+bYGep3VBgC3K6vEdLmlpjT7nSIHxxQf+WSdvy+HynwJosrpZax0sK5q0D1Jpn/5q+r5lwwW6w==", + "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/node-config-provider": "^3.1.8", - "@smithy/types": "^3.5.0", + "@aws-sdk/types": "3.609.0", + "@smithy/property-provider": "^3.1.3", + "@smithy/types": "^3.3.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" }, "peerDependencies": { - "aws-crt": ">=1.0.0" - }, - "peerDependenciesMeta": { - "aws-crt": { - "optional": true - } + "@aws-sdk/client-sts": "^3.621.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@smithy/node-config-provider": { - "version": "3.1.8", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.8.tgz", - "integrity": "sha512-E0rU0DglpeJn5ge64mk8wTGEXcQwmpUTY5Zr7IzTpDLmHKiIamINERNZYrPQjg58Ck236sEKSwRSHA4CwshU6Q==", + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/middleware-host-header": { + "version": "3.620.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.620.0.tgz", + "integrity": "sha512-VMtPEZwqYrII/oUkffYsNWY9PZ9xpNJpMgmyU0rlDQ25O1c0Hk3fJmZRe6pEkAJ0omD7kLrqGl1DUjQVxpd/Rg==", + "license": "Apache-2.0", "dependencies": { - "@smithy/property-provider": "^3.1.7", - "@smithy/shared-ini-file-loader": "^3.1.8", - "@smithy/types": "^3.5.0", + "@aws-sdk/types": "3.609.0", + "@smithy/protocol-http": "^4.1.0", + "@smithy/types": "^3.3.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-cognito-identity-provider/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.8", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.8.tgz", - "integrity": "sha512-0NHdQiSkeGl0ICQKcJQ2lCOKH23Nb0EaAa7RDRId6ZqwXkw4LJyIyZ0t3iusD4bnKYDPLGy2/5e2rfUhrt0Acw==", + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/middleware-logger": { + "version": "3.609.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-logger/-/middleware-logger-3.609.0.tgz", + "integrity": "sha512-S62U2dy4jMDhDFDK5gZ4VxFdWzCtLzwbYyFZx2uvPYTECkepLUfzLic2BHg2Qvtu4QjX+oGE3P/7fwaGIsGNuQ==", + "license": "Apache-2.0", "dependencies": { - "@smithy/types": "^3.5.0", + "@aws-sdk/types": "3.609.0", + "@smithy/types": "^3.3.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-cognito-identity/node_modules/@smithy/node-config-provider": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", - "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/middleware-recursion-detection": { + "version": "3.620.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.620.0.tgz", + "integrity": "sha512-nh91S7aGK3e/o1ck64sA/CyoFw+gAYj2BDOnoNa6ouyCrVJED96ZXWbhye/fz9SgmNUZR2g7GdVpiLpMKZoI5w==", "license": "Apache-2.0", "dependencies": { - "@smithy/property-provider": "^3.1.4", - "@smithy/shared-ini-file-loader": "^3.1.5", - "@smithy/types": "^3.4.0", + "@aws-sdk/types": "3.609.0", + "@smithy/protocol-http": "^4.1.0", + "@smithy/types": "^3.3.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-cognito-identity/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", - "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/middleware-user-agent": { + "version": "3.620.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.620.0.tgz", + "integrity": "sha512-bvS6etn+KsuL32ubY5D3xNof1qkenpbJXf/ugGXbg0n98DvDFQ/F+SMLxHgbnER5dsKYchNnhmtI6/FC3HFu/A==", "license": "Apache-2.0", "dependencies": { - "@smithy/types": "^3.4.0", + "@aws-sdk/types": "3.609.0", + "@aws-sdk/util-endpoints": "3.614.0", + "@smithy/protocol-http": "^4.1.0", + "@smithy/types": "^3.3.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-dynamodb": { - "version": "3.650.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-dynamodb/-/client-dynamodb-3.650.0.tgz", - "integrity": "sha512-WdlBZsDJqufse4DcCeAwDV+kP/fh8QgVfH/IsUc0ST534inx9fiztr41/H2rE1qRf7t2iLtVkF5Jm1+Ew+GqPg==", - "dev": true, + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/region-config-resolver": { + "version": "3.614.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.614.0.tgz", + "integrity": "sha512-vDCeMXvic/LU0KFIUjpC3RiSTIkkvESsEfbVHiHH0YINfl8HnEqR5rj+L8+phsCeVg2+LmYwYxd5NRz4PHxt5g==", "license": "Apache-2.0", "dependencies": { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/client-sso-oidc": "3.650.0", - "@aws-sdk/client-sts": "3.650.0", - "@aws-sdk/core": "3.649.0", - "@aws-sdk/credential-provider-node": "3.650.0", - "@aws-sdk/middleware-endpoint-discovery": "3.649.0", - "@aws-sdk/middleware-host-header": "3.649.0", - "@aws-sdk/middleware-logger": "3.649.0", - "@aws-sdk/middleware-recursion-detection": "3.649.0", - "@aws-sdk/middleware-user-agent": "3.649.0", - "@aws-sdk/region-config-resolver": "3.649.0", - "@aws-sdk/types": "3.649.0", - "@aws-sdk/util-endpoints": "3.649.0", - "@aws-sdk/util-user-agent-browser": "3.649.0", - "@aws-sdk/util-user-agent-node": "3.649.0", - "@smithy/config-resolver": "^3.0.6", - "@smithy/core": "^2.4.1", - "@smithy/fetch-http-handler": "^3.2.5", - "@smithy/hash-node": "^3.0.4", - "@smithy/invalid-dependency": "^3.0.4", - "@smithy/middleware-content-length": "^3.0.6", - "@smithy/middleware-endpoint": "^3.1.1", - "@smithy/middleware-retry": "^3.0.16", - "@smithy/middleware-serde": "^3.0.4", - "@smithy/middleware-stack": "^3.0.4", - "@smithy/node-config-provider": "^3.1.5", - "@smithy/node-http-handler": "^3.2.0", - "@smithy/protocol-http": "^4.1.1", - "@smithy/smithy-client": "^3.3.0", - "@smithy/types": "^3.4.0", - "@smithy/url-parser": "^3.0.4", - "@smithy/util-base64": "^3.0.0", - "@smithy/util-body-length-browser": "^3.0.0", - "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.16", - "@smithy/util-defaults-mode-node": "^3.0.16", - "@smithy/util-endpoints": "^2.1.0", - "@smithy/util-middleware": "^3.0.4", - "@smithy/util-retry": "^3.0.4", - "@smithy/util-utf8": "^3.0.0", - "@smithy/util-waiter": "^3.1.3", - "tslib": "^2.6.2", - "uuid": "^9.0.1" + "@aws-sdk/types": "3.609.0", + "@smithy/node-config-provider": "^3.1.4", + "@smithy/types": "^3.3.0", + "@smithy/util-config-provider": "^3.0.0", + "@smithy/util-middleware": "^3.0.3", + "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-dynamodb/node_modules/@smithy/node-config-provider": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", - "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", - "dev": true, + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/token-providers": { + "version": "3.614.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.614.0.tgz", + "integrity": "sha512-okItqyY6L9IHdxqs+Z116y5/nda7rHxLvROxtAJdLavWTYDydxrZstImNgGWTeVdmc0xX2gJCI77UYUTQWnhRw==", "license": "Apache-2.0", "dependencies": { - "@smithy/property-provider": "^3.1.4", - "@smithy/shared-ini-file-loader": "^3.1.5", - "@smithy/types": "^3.4.0", + "@aws-sdk/types": "3.609.0", + "@smithy/property-provider": "^3.1.3", + "@smithy/shared-ini-file-loader": "^3.1.4", + "@smithy/types": "^3.3.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" + }, + "peerDependencies": { + "@aws-sdk/client-sso-oidc": "^3.614.0" } }, - "node_modules/@aws-sdk/client-dynamodb/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", - "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", - "dev": true, + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/types": { + "version": "3.609.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.609.0.tgz", + "integrity": "sha512-+Tqnh9w0h2LcrUsdXyT1F8mNhXz+tVYBtP19LpeEGntmvHwa2XzvLUCWpoIAIVsHp5+HdB2X9Sn0KAtmbFXc2Q==", "license": "Apache-2.0", "dependencies": { - "@smithy/types": "^3.4.0", + "@smithy/types": "^3.3.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-dynamodb/node_modules/uuid": { - "version": "9.0.1", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-9.0.1.tgz", - "integrity": "sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==", - "dev": true, - "funding": [ - "https://github.com/sponsors/broofa", - "https://github.com/sponsors/ctavan" - ], - "license": "MIT", - "bin": { - "uuid": "dist/bin/uuid" + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/util-endpoints": { + "version": "3.614.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.614.0.tgz", + "integrity": "sha512-wK2cdrXHH4oz4IomV/yrGkftU9A+ITB6nFL+rxxyO78is2ifHJpFdV4aqk4LSkXYPi6CXWNru/Dqc7yiKXgJPw==", + "license": "Apache-2.0", + "dependencies": { + "@aws-sdk/types": "3.609.0", + "@smithy/types": "^3.3.0", + "@smithy/util-endpoints": "^2.0.5", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ec2": { - "version": "3.624.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-ec2/-/client-ec2-3.624.0.tgz", - "integrity": "sha512-n3IHWiNSP5Cj0ZbENJGtDeJPsx6EVNMeePh8Nqe9Ja5l5/Brkdyu4TV6t/taPXHJQDH7E6cq4/uMiiEPRNuf6Q==", + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/util-user-agent-browser": { + "version": "3.609.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.609.0.tgz", + "integrity": "sha512-fojPU+mNahzQ0YHYBsx0ZIhmMA96H+ZIZ665ObU9tl+SGdbLneVZVikGve+NmHTQwHzwkFsZYYnVKAkreJLAtA==", "license": "Apache-2.0", "dependencies": { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/client-sso-oidc": "3.624.0", - "@aws-sdk/client-sts": "3.624.0", - "@aws-sdk/core": "3.624.0", - "@aws-sdk/credential-provider-node": "3.624.0", - "@aws-sdk/middleware-host-header": "3.620.0", - "@aws-sdk/middleware-logger": "3.609.0", - "@aws-sdk/middleware-recursion-detection": "3.620.0", - "@aws-sdk/middleware-sdk-ec2": "3.622.0", - "@aws-sdk/middleware-user-agent": "3.620.0", - "@aws-sdk/region-config-resolver": "3.614.0", "@aws-sdk/types": "3.609.0", - "@aws-sdk/util-endpoints": "3.614.0", - "@aws-sdk/util-user-agent-browser": "3.609.0", - "@aws-sdk/util-user-agent-node": "3.614.0", - "@smithy/config-resolver": "^3.0.5", - "@smithy/core": "^2.3.2", - "@smithy/fetch-http-handler": "^3.2.4", - "@smithy/hash-node": "^3.0.3", + "@smithy/types": "^3.3.0", + "bowser": "^2.11.0", + "tslib": "^2.6.2" + } + }, + "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/util-user-agent-node": { + "version": "3.614.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.614.0.tgz", + "integrity": "sha512-15ElZT88peoHnq5TEoEtZwoXTXRxNrk60TZNdpl/TUBJ5oNJ9Dqb5Z4ryb8ofN6nm9aFf59GVAerFDz8iUoHBA==", + "license": "Apache-2.0", + "dependencies": { + "@aws-sdk/types": "3.609.0", + "@smithy/node-config-provider": "^3.1.4", + "@smithy/types": "^3.3.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + }, + "peerDependencies": { + "aws-crt": ">=1.0.0" + }, + "peerDependenciesMeta": { + "aws-crt": { + "optional": true + } + } + }, + "node_modules/@aws-sdk/client-ec2/node_modules/@smithy/node-config-provider": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", + "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", + "license": "Apache-2.0", + "dependencies": { + "@smithy/property-provider": "^3.1.4", + "@smithy/shared-ini-file-loader": "^3.1.5", + "@smithy/types": "^3.4.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/client-ec2/node_modules/@smithy/shared-ini-file-loader": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", + "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", + "license": "Apache-2.0", + "dependencies": { + "@smithy/types": "^3.4.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/client-ec2/node_modules/uuid": { + "version": "9.0.1", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-9.0.1.tgz", + "integrity": "sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==", + "funding": [ + "https://github.com/sponsors/broofa", + "https://github.com/sponsors/ctavan" + ], + "license": "MIT", + "bin": { + "uuid": "dist/bin/uuid" + } + }, + "node_modules/@aws-sdk/client-firehose": { + "version": "3.621.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-firehose/-/client-firehose-3.621.0.tgz", + "integrity": "sha512-XAjAkXdb35PDvBYph609Fxn4g00HYH/U6N4+KjF9gLQrdTU+wkjf3D9YD02DZNbApJVcu4eIxWh/8M25YkW02A==", + "dev": true, + "license": "Apache-2.0", + "dependencies": { + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/client-sso-oidc": "3.621.0", + "@aws-sdk/client-sts": "3.621.0", + "@aws-sdk/core": "3.621.0", + "@aws-sdk/credential-provider-node": "3.621.0", + "@aws-sdk/middleware-host-header": "3.620.0", + "@aws-sdk/middleware-logger": "3.609.0", + "@aws-sdk/middleware-recursion-detection": "3.620.0", + "@aws-sdk/middleware-user-agent": "3.620.0", + "@aws-sdk/region-config-resolver": "3.614.0", + "@aws-sdk/types": "3.609.0", + "@aws-sdk/util-endpoints": "3.614.0", + "@aws-sdk/util-user-agent-browser": "3.609.0", + "@aws-sdk/util-user-agent-node": "3.614.0", + "@smithy/config-resolver": "^3.0.5", + "@smithy/core": "^2.3.1", + "@smithy/fetch-http-handler": "^3.2.4", + "@smithy/hash-node": "^3.0.3", "@smithy/invalid-dependency": "^3.0.3", "@smithy/middleware-content-length": "^3.0.5", "@smithy/middleware-endpoint": "^3.1.0", - "@smithy/middleware-retry": "^3.0.14", + "@smithy/middleware-retry": "^3.0.13", "@smithy/middleware-serde": "^3.0.3", "@smithy/middleware-stack": "^3.0.3", "@smithy/node-config-provider": "^3.1.4", "@smithy/node-http-handler": "^3.1.4", "@smithy/protocol-http": "^4.1.0", - "@smithy/smithy-client": "^3.1.12", + "@smithy/smithy-client": "^3.1.11", "@smithy/types": "^3.3.0", "@smithy/url-parser": "^3.0.3", "@smithy/util-base64": "^3.0.0", "@smithy/util-body-length-browser": "^3.0.0", "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.14", - "@smithy/util-defaults-mode-node": "^3.0.14", + "@smithy/util-defaults-mode-browser": "^3.0.13", + "@smithy/util-defaults-mode-node": "^3.0.13", "@smithy/util-endpoints": "^2.0.5", "@smithy/util-middleware": "^3.0.3", "@smithy/util-retry": "^3.0.3", "@smithy/util-utf8": "^3.0.0", - "@smithy/util-waiter": "^3.1.2", - "tslib": "^2.6.2", - "uuid": "^9.0.1" + "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/client-sso": { - "version": "3.624.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.624.0.tgz", - "integrity": "sha512-EX6EF+rJzMPC5dcdsu40xSi2To7GSvdGQNIpe97pD9WvZwM9tRNQnNM4T6HA4gjV1L6Jwk8rBlG/CnveXtLEMw==", + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/client-sso": { + "version": "3.621.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.621.0.tgz", + "integrity": "sha512-xpKfikN4u0BaUYZA9FGUMkkDmfoIP0Q03+A86WjqDWhcOoqNA1DkHsE4kZ+r064ifkPUfcNuUvlkVTEoBZoFjA==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "3.624.0", + "@aws-sdk/core": "3.621.0", "@aws-sdk/middleware-host-header": "3.620.0", "@aws-sdk/middleware-logger": "3.609.0", "@aws-sdk/middleware-recursion-detection": "3.620.0", @@ -8274,26 +8392,26 @@ "@aws-sdk/util-user-agent-browser": "3.609.0", "@aws-sdk/util-user-agent-node": "3.614.0", "@smithy/config-resolver": "^3.0.5", - "@smithy/core": "^2.3.2", + "@smithy/core": "^2.3.1", "@smithy/fetch-http-handler": "^3.2.4", "@smithy/hash-node": "^3.0.3", "@smithy/invalid-dependency": "^3.0.3", "@smithy/middleware-content-length": "^3.0.5", "@smithy/middleware-endpoint": "^3.1.0", - "@smithy/middleware-retry": "^3.0.14", + "@smithy/middleware-retry": "^3.0.13", "@smithy/middleware-serde": "^3.0.3", "@smithy/middleware-stack": "^3.0.3", "@smithy/node-config-provider": "^3.1.4", "@smithy/node-http-handler": "^3.1.4", "@smithy/protocol-http": "^4.1.0", - "@smithy/smithy-client": "^3.1.12", + "@smithy/smithy-client": "^3.1.11", "@smithy/types": "^3.3.0", "@smithy/url-parser": "^3.0.3", "@smithy/util-base64": "^3.0.0", "@smithy/util-body-length-browser": "^3.0.0", "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.14", - "@smithy/util-defaults-mode-node": "^3.0.14", + "@smithy/util-defaults-mode-browser": "^3.0.13", + "@smithy/util-defaults-mode-node": "^3.0.13", "@smithy/util-endpoints": "^2.0.5", "@smithy/util-middleware": "^3.0.3", "@smithy/util-retry": "^3.0.3", @@ -8304,16 +8422,17 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/client-sso-oidc": { - "version": "3.624.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.624.0.tgz", - "integrity": "sha512-Ki2uKYJKKtfHxxZsiMTOvJoVRP6b2pZ1u3rcUb2m/nVgBPUfLdl8ZkGpqE29I+t5/QaS/sEdbn6cgMUZwl+3Dg==", + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/client-sso-oidc": { + "version": "3.621.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.621.0.tgz", + "integrity": "sha512-mMjk3mFUwV2Y68POf1BQMTF+F6qxt5tPu6daEUCNGC9Cenk3h2YXQQoS4/eSyYzuBiYk3vx49VgleRvdvkg8rg==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "3.624.0", - "@aws-sdk/credential-provider-node": "3.624.0", + "@aws-sdk/core": "3.621.0", + "@aws-sdk/credential-provider-node": "3.621.0", "@aws-sdk/middleware-host-header": "3.620.0", "@aws-sdk/middleware-logger": "3.609.0", "@aws-sdk/middleware-recursion-detection": "3.620.0", @@ -8324,26 +8443,26 @@ "@aws-sdk/util-user-agent-browser": "3.609.0", "@aws-sdk/util-user-agent-node": "3.614.0", "@smithy/config-resolver": "^3.0.5", - "@smithy/core": "^2.3.2", + "@smithy/core": "^2.3.1", "@smithy/fetch-http-handler": "^3.2.4", "@smithy/hash-node": "^3.0.3", "@smithy/invalid-dependency": "^3.0.3", "@smithy/middleware-content-length": "^3.0.5", "@smithy/middleware-endpoint": "^3.1.0", - "@smithy/middleware-retry": "^3.0.14", + "@smithy/middleware-retry": "^3.0.13", "@smithy/middleware-serde": "^3.0.3", "@smithy/middleware-stack": "^3.0.3", "@smithy/node-config-provider": "^3.1.4", "@smithy/node-http-handler": "^3.1.4", "@smithy/protocol-http": "^4.1.0", - "@smithy/smithy-client": "^3.1.12", + "@smithy/smithy-client": "^3.1.11", "@smithy/types": "^3.3.0", "@smithy/url-parser": "^3.0.3", "@smithy/util-base64": "^3.0.0", "@smithy/util-body-length-browser": "^3.0.0", "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.14", - "@smithy/util-defaults-mode-node": "^3.0.14", + "@smithy/util-defaults-mode-browser": "^3.0.13", + "@smithy/util-defaults-mode-node": "^3.0.13", "@smithy/util-endpoints": "^2.0.5", "@smithy/util-middleware": "^3.0.3", "@smithy/util-retry": "^3.0.3", @@ -8354,20 +8473,21 @@ "node": ">=16.0.0" }, "peerDependencies": { - "@aws-sdk/client-sts": "^3.624.0" + "@aws-sdk/client-sts": "^3.621.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/client-sts": { - "version": "3.624.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.624.0.tgz", - "integrity": "sha512-k36fLZCb2nfoV/DKK3jbRgO/Yf7/R80pgYfMiotkGjnZwDmRvNN08z4l06L9C+CieazzkgRxNUzyppsYcYsQaw==", + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/client-sts": { + "version": "3.621.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.621.0.tgz", + "integrity": "sha512-707uiuReSt+nAx6d0c21xLjLm2lxeKc7padxjv92CIrIocnQSlJPxSCM7r5zBhwiahJA6MNQwmTl2xznU67KgA==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/client-sso-oidc": "3.624.0", - "@aws-sdk/core": "3.624.0", - "@aws-sdk/credential-provider-node": "3.624.0", + "@aws-sdk/client-sso-oidc": "3.621.0", + "@aws-sdk/core": "3.621.0", + "@aws-sdk/credential-provider-node": "3.621.0", "@aws-sdk/middleware-host-header": "3.620.0", "@aws-sdk/middleware-logger": "3.609.0", "@aws-sdk/middleware-recursion-detection": "3.620.0", @@ -8378,26 +8498,26 @@ "@aws-sdk/util-user-agent-browser": "3.609.0", "@aws-sdk/util-user-agent-node": "3.614.0", "@smithy/config-resolver": "^3.0.5", - "@smithy/core": "^2.3.2", + "@smithy/core": "^2.3.1", "@smithy/fetch-http-handler": "^3.2.4", "@smithy/hash-node": "^3.0.3", "@smithy/invalid-dependency": "^3.0.3", "@smithy/middleware-content-length": "^3.0.5", "@smithy/middleware-endpoint": "^3.1.0", - "@smithy/middleware-retry": "^3.0.14", + "@smithy/middleware-retry": "^3.0.13", "@smithy/middleware-serde": "^3.0.3", "@smithy/middleware-stack": "^3.0.3", "@smithy/node-config-provider": "^3.1.4", "@smithy/node-http-handler": "^3.1.4", "@smithy/protocol-http": "^4.1.0", - "@smithy/smithy-client": "^3.1.12", + "@smithy/smithy-client": "^3.1.11", "@smithy/types": "^3.3.0", "@smithy/url-parser": "^3.0.3", "@smithy/util-base64": "^3.0.0", "@smithy/util-body-length-browser": "^3.0.0", "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.14", - "@smithy/util-defaults-mode-node": "^3.0.14", + "@smithy/util-defaults-mode-browser": "^3.0.13", + "@smithy/util-defaults-mode-node": "^3.0.13", "@smithy/util-endpoints": "^2.0.5", "@smithy/util-middleware": "^3.0.3", "@smithy/util-retry": "^3.0.3", @@ -8408,17 +8528,18 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/core": { - "version": "3.624.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.624.0.tgz", - "integrity": "sha512-WyFmPbhRIvtWi7hBp8uSFy+iPpj8ccNV/eX86hwF4irMjfc/FtsGVIAeBXxXM/vGCjkdfEzOnl+tJ2XACD4OXg==", + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/core": { + "version": "3.621.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.621.0.tgz", + "integrity": "sha512-CtOwWmDdEiINkGXD93iGfXjN0WmCp9l45cDWHHGa8lRgEDyhuL7bwd/pH5aSzj0j8SiQBG2k0S7DHbd5RaqvbQ==", + "dev": true, "license": "Apache-2.0", "dependencies": { - "@smithy/core": "^2.3.2", + "@smithy/core": "^2.3.1", "@smithy/node-config-provider": "^3.1.4", "@smithy/protocol-http": "^4.1.0", "@smithy/signature-v4": "^4.1.0", - "@smithy/smithy-client": "^3.1.12", + "@smithy/smithy-client": "^3.1.11", "@smithy/types": "^3.3.0", "@smithy/util-middleware": "^3.0.3", "fast-xml-parser": "4.4.1", @@ -8428,10 +8549,11 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/credential-provider-env": { + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/credential-provider-env": { "version": "3.620.1", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.620.1.tgz", "integrity": "sha512-ExuILJ2qLW5ZO+rgkNRj0xiAipKT16Rk77buvPP8csR7kkCflT/gXTyzRe/uzIiETTxM7tr8xuO9MP/DQXqkfg==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -8443,10 +8565,11 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/credential-provider-http": { - "version": "3.622.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.622.0.tgz", - "integrity": "sha512-VUHbr24Oll1RK3WR8XLUugLpgK9ZuxEm/NVeVqyFts1Ck9gsKpRg1x4eH7L7tW3SJ4TDEQNMbD7/7J+eoL2svg==", + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/credential-provider-http": { + "version": "3.621.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.621.0.tgz", + "integrity": "sha512-/jc2tEsdkT1QQAI5Dvoci50DbSxtJrevemwFsm0B73pwCcOQZ5ZwwSdVqGsPutzYzUVx3bcXg3LRL7jLACqRIg==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -8454,7 +8577,7 @@ "@smithy/node-http-handler": "^3.1.4", "@smithy/property-provider": "^3.1.3", "@smithy/protocol-http": "^4.1.0", - "@smithy/smithy-client": "^3.1.12", + "@smithy/smithy-client": "^3.1.11", "@smithy/types": "^3.3.0", "@smithy/util-stream": "^3.1.3", "tslib": "^2.6.2" @@ -8463,16 +8586,17 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/credential-provider-ini": { - "version": "3.624.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.624.0.tgz", - "integrity": "sha512-mMoNIy7MO2WTBbdqMyLpbt6SZpthE6e0GkRYpsd0yozPt0RZopcBhEh+HG1U9Y1PVODo+jcMk353vAi61CfnhQ==", + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/credential-provider-ini": { + "version": "3.621.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.621.0.tgz", + "integrity": "sha512-0EWVnSc+JQn5HLnF5Xv405M8n4zfdx9gyGdpnCmAmFqEDHA8LmBdxJdpUk1Ovp/I5oPANhjojxabIW5f1uU0RA==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/credential-provider-env": "3.620.1", - "@aws-sdk/credential-provider-http": "3.622.0", + "@aws-sdk/credential-provider-http": "3.621.0", "@aws-sdk/credential-provider-process": "3.620.1", - "@aws-sdk/credential-provider-sso": "3.624.0", + "@aws-sdk/credential-provider-sso": "3.621.0", "@aws-sdk/credential-provider-web-identity": "3.621.0", "@aws-sdk/types": "3.609.0", "@smithy/credential-provider-imds": "^3.2.0", @@ -8485,20 +8609,21 @@ "node": ">=16.0.0" }, "peerDependencies": { - "@aws-sdk/client-sts": "^3.624.0" + "@aws-sdk/client-sts": "^3.621.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/credential-provider-node": { - "version": "3.624.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.624.0.tgz", - "integrity": "sha512-vYyGK7oNpd81BdbH5IlmQ6zfaQqU+rPwsKTDDBeLRjshtrGXOEpfoahVpG9PX0ibu32IOWp4ZyXBNyVrnvcMOw==", + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/credential-provider-node": { + "version": "3.621.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.621.0.tgz", + "integrity": "sha512-4JqpccUgz5Snanpt2+53hbOBbJQrSFq7E1sAAbgY6BKVQUsW5qyXqnjvSF32kDeKa5JpBl3bBWLZl04IadcPHw==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/credential-provider-env": "3.620.1", - "@aws-sdk/credential-provider-http": "3.622.0", - "@aws-sdk/credential-provider-ini": "3.624.0", + "@aws-sdk/credential-provider-http": "3.621.0", + "@aws-sdk/credential-provider-ini": "3.621.0", "@aws-sdk/credential-provider-process": "3.620.1", - "@aws-sdk/credential-provider-sso": "3.624.0", + "@aws-sdk/credential-provider-sso": "3.621.0", "@aws-sdk/credential-provider-web-identity": "3.621.0", "@aws-sdk/types": "3.609.0", "@smithy/credential-provider-imds": "^3.2.0", @@ -8511,10 +8636,11 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/credential-provider-process": { + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/credential-provider-process": { "version": "3.620.1", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.620.1.tgz", "integrity": "sha512-hWqFMidqLAkaV9G460+1at6qa9vySbjQKKc04p59OT7lZ5cO5VH5S4aI05e+m4j364MBROjjk2ugNvfNf/8ILg==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -8527,13 +8653,14 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/credential-provider-sso": { - "version": "3.624.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.624.0.tgz", - "integrity": "sha512-A02bayIjU9APEPKr3HudrFHEx0WfghoSPsPopckDkW7VBqO4wizzcxr75Q9A3vNX+cwg0wCN6UitTNe6pVlRaQ==", + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/credential-provider-sso": { + "version": "3.621.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.621.0.tgz", + "integrity": "sha512-Kza0jcFeA/GEL6xJlzR2KFf1PfZKMFnxfGzJzl5yN7EjoGdMijl34KaRyVnfRjnCWcsUpBWKNIDk9WZVMY9yiw==", + "dev": true, "license": "Apache-2.0", "dependencies": { - "@aws-sdk/client-sso": "3.624.0", + "@aws-sdk/client-sso": "3.621.0", "@aws-sdk/token-providers": "3.614.0", "@aws-sdk/types": "3.609.0", "@smithy/property-provider": "^3.1.3", @@ -8545,10 +8672,11 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/credential-provider-web-identity": { + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/credential-provider-web-identity": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.621.0.tgz", "integrity": "sha512-w7ASSyfNvcx7+bYGep3VBgC3K6vEdLmlpjT7nSIHxxQf+WSdvy+HynwJosrpZax0sK5q0D1Jpn/5q+r5lwwW6w==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -8563,10 +8691,11 @@ "@aws-sdk/client-sts": "^3.621.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/middleware-host-header": { + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/middleware-host-header": { "version": "3.620.0", "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.620.0.tgz", "integrity": "sha512-VMtPEZwqYrII/oUkffYsNWY9PZ9xpNJpMgmyU0rlDQ25O1c0Hk3fJmZRe6pEkAJ0omD7kLrqGl1DUjQVxpd/Rg==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -8578,10 +8707,11 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/middleware-logger": { + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/middleware-logger": { "version": "3.609.0", "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-logger/-/middleware-logger-3.609.0.tgz", "integrity": "sha512-S62U2dy4jMDhDFDK5gZ4VxFdWzCtLzwbYyFZx2uvPYTECkepLUfzLic2BHg2Qvtu4QjX+oGE3P/7fwaGIsGNuQ==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -8592,10 +8722,11 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/middleware-recursion-detection": { + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/middleware-recursion-detection": { "version": "3.620.0", "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.620.0.tgz", "integrity": "sha512-nh91S7aGK3e/o1ck64sA/CyoFw+gAYj2BDOnoNa6ouyCrVJED96ZXWbhye/fz9SgmNUZR2g7GdVpiLpMKZoI5w==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -8607,10 +8738,11 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/middleware-user-agent": { + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/middleware-user-agent": { "version": "3.620.0", "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.620.0.tgz", "integrity": "sha512-bvS6etn+KsuL32ubY5D3xNof1qkenpbJXf/ugGXbg0n98DvDFQ/F+SMLxHgbnER5dsKYchNnhmtI6/FC3HFu/A==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -8623,10 +8755,11 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/region-config-resolver": { + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/region-config-resolver": { "version": "3.614.0", "resolved": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.614.0.tgz", "integrity": "sha512-vDCeMXvic/LU0KFIUjpC3RiSTIkkvESsEfbVHiHH0YINfl8HnEqR5rj+L8+phsCeVg2+LmYwYxd5NRz4PHxt5g==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -8640,10 +8773,11 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/token-providers": { + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/token-providers": { "version": "3.614.0", "resolved": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.614.0.tgz", "integrity": "sha512-okItqyY6L9IHdxqs+Z116y5/nda7rHxLvROxtAJdLavWTYDydxrZstImNgGWTeVdmc0xX2gJCI77UYUTQWnhRw==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -8659,10 +8793,11 @@ "@aws-sdk/client-sso-oidc": "^3.614.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/types": { + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/types": { "version": "3.609.0", "resolved": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.609.0.tgz", "integrity": "sha512-+Tqnh9w0h2LcrUsdXyT1F8mNhXz+tVYBtP19LpeEGntmvHwa2XzvLUCWpoIAIVsHp5+HdB2X9Sn0KAtmbFXc2Q==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@smithy/types": "^3.3.0", @@ -8672,10 +8807,11 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/util-endpoints": { + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/util-endpoints": { "version": "3.614.0", "resolved": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.614.0.tgz", "integrity": "sha512-wK2cdrXHH4oz4IomV/yrGkftU9A+ITB6nFL+rxxyO78is2ifHJpFdV4aqk4LSkXYPi6CXWNru/Dqc7yiKXgJPw==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -8687,10 +8823,11 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/util-user-agent-browser": { + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/util-user-agent-browser": { "version": "3.609.0", "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.609.0.tgz", "integrity": "sha512-fojPU+mNahzQ0YHYBsx0ZIhmMA96H+ZIZ665ObU9tl+SGdbLneVZVikGve+NmHTQwHzwkFsZYYnVKAkreJLAtA==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -8699,10 +8836,11 @@ "tslib": "^2.6.2" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@aws-sdk/util-user-agent-node": { + "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/util-user-agent-node": { "version": "3.614.0", "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.614.0.tgz", "integrity": "sha512-15ElZT88peoHnq5TEoEtZwoXTXRxNrk60TZNdpl/TUBJ5oNJ9Dqb5Z4ryb8ofN6nm9aFf59GVAerFDz8iUoHBA==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -8722,10 +8860,11 @@ } } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@smithy/node-config-provider": { + "node_modules/@aws-sdk/client-firehose/node_modules/@smithy/node-config-provider": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@smithy/property-provider": "^3.1.4", @@ -8737,10 +8876,11 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/@smithy/shared-ini-file-loader": { + "node_modules/@aws-sdk/client-firehose/node_modules/@smithy/shared-ini-file-loader": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@smithy/types": "^3.4.0", @@ -8750,23 +8890,94 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ec2/node_modules/uuid": { - "version": "9.0.1", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-9.0.1.tgz", - "integrity": "sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==", - "funding": [ - "https://github.com/sponsors/broofa", - "https://github.com/sponsors/ctavan" - ], - "license": "MIT", - "bin": { - "uuid": "dist/bin/uuid" + "node_modules/@aws-sdk/client-iam": { + "version": "3.650.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-iam/-/client-iam-3.650.0.tgz", + "integrity": "sha512-LVXeP5ArnSWQK846U8q/v0+WrbIuJtUvkm9KSlcqWpDGgoN/u6SoMM/9D75olxgSXwKP5NQj9LNNP+BSQb7vGg==", + "dev": true, + "license": "Apache-2.0", + "dependencies": { + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/client-sso-oidc": "3.650.0", + "@aws-sdk/client-sts": "3.650.0", + "@aws-sdk/core": "3.649.0", + "@aws-sdk/credential-provider-node": "3.650.0", + "@aws-sdk/middleware-host-header": "3.649.0", + "@aws-sdk/middleware-logger": "3.649.0", + "@aws-sdk/middleware-recursion-detection": "3.649.0", + "@aws-sdk/middleware-user-agent": "3.649.0", + "@aws-sdk/region-config-resolver": "3.649.0", + "@aws-sdk/types": "3.649.0", + "@aws-sdk/util-endpoints": "3.649.0", + "@aws-sdk/util-user-agent-browser": "3.649.0", + "@aws-sdk/util-user-agent-node": "3.649.0", + "@smithy/config-resolver": "^3.0.6", + "@smithy/core": "^2.4.1", + "@smithy/fetch-http-handler": "^3.2.5", + "@smithy/hash-node": "^3.0.4", + "@smithy/invalid-dependency": "^3.0.4", + "@smithy/middleware-content-length": "^3.0.6", + "@smithy/middleware-endpoint": "^3.1.1", + "@smithy/middleware-retry": "^3.0.16", + "@smithy/middleware-serde": "^3.0.4", + "@smithy/middleware-stack": "^3.0.4", + "@smithy/node-config-provider": "^3.1.5", + "@smithy/node-http-handler": "^3.2.0", + "@smithy/protocol-http": "^4.1.1", + "@smithy/smithy-client": "^3.3.0", + "@smithy/types": "^3.4.0", + "@smithy/url-parser": "^3.0.4", + "@smithy/util-base64": "^3.0.0", + "@smithy/util-body-length-browser": "^3.0.0", + "@smithy/util-body-length-node": "^3.0.0", + "@smithy/util-defaults-mode-browser": "^3.0.16", + "@smithy/util-defaults-mode-node": "^3.0.16", + "@smithy/util-endpoints": "^2.1.0", + "@smithy/util-middleware": "^3.0.4", + "@smithy/util-retry": "^3.0.4", + "@smithy/util-utf8": "^3.0.0", + "@smithy/util-waiter": "^3.1.3", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-firehose": { + "node_modules/@aws-sdk/client-iam/node_modules/@smithy/node-config-provider": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", + "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", + "dev": true, + "license": "Apache-2.0", + "dependencies": { + "@smithy/property-provider": "^3.1.4", + "@smithy/shared-ini-file-loader": "^3.1.5", + "@smithy/types": "^3.4.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/client-iam/node_modules/@smithy/shared-ini-file-loader": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", + "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", + "dev": true, + "license": "Apache-2.0", + "dependencies": { + "@smithy/types": "^3.4.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/client-kinesis": { "version": "3.621.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-firehose/-/client-firehose-3.621.0.tgz", - "integrity": "sha512-XAjAkXdb35PDvBYph609Fxn4g00HYH/U6N4+KjF9gLQrdTU+wkjf3D9YD02DZNbApJVcu4eIxWh/8M25YkW02A==", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-kinesis/-/client-kinesis-3.621.0.tgz", + "integrity": "sha512-53Omt/beFmTQPjQNpMuPMk5nMzYVsXCRiO+MeqygZEKYG1fWw/UGluCWVbi7WjClOHacsW8lQcsqIRvkPDFNag==", "dev": true, "license": "Apache-2.0", "dependencies": { @@ -8787,6 +8998,9 @@ "@aws-sdk/util-user-agent-node": "3.614.0", "@smithy/config-resolver": "^3.0.5", "@smithy/core": "^2.3.1", + "@smithy/eventstream-serde-browser": "^3.0.5", + "@smithy/eventstream-serde-config-resolver": "^3.0.3", + "@smithy/eventstream-serde-node": "^3.0.4", "@smithy/fetch-http-handler": "^3.2.4", "@smithy/hash-node": "^3.0.3", "@smithy/invalid-dependency": "^3.0.3", @@ -8810,13 +9024,14 @@ "@smithy/util-middleware": "^3.0.3", "@smithy/util-retry": "^3.0.3", "@smithy/util-utf8": "^3.0.0", + "@smithy/util-waiter": "^3.1.2", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/client-sso": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/client-sso": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.621.0.tgz", "integrity": "sha512-xpKfikN4u0BaUYZA9FGUMkkDmfoIP0Q03+A86WjqDWhcOoqNA1DkHsE4kZ+r064ifkPUfcNuUvlkVTEoBZoFjA==", @@ -8866,7 +9081,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/client-sso-oidc": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/client-sso-oidc": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.621.0.tgz", "integrity": "sha512-mMjk3mFUwV2Y68POf1BQMTF+F6qxt5tPu6daEUCNGC9Cenk3h2YXQQoS4/eSyYzuBiYk3vx49VgleRvdvkg8rg==", @@ -8920,7 +9135,7 @@ "@aws-sdk/client-sts": "^3.621.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/client-sts": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/client-sts": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.621.0.tgz", "integrity": "sha512-707uiuReSt+nAx6d0c21xLjLm2lxeKc7padxjv92CIrIocnQSlJPxSCM7r5zBhwiahJA6MNQwmTl2xznU67KgA==", @@ -8972,7 +9187,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/core": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/core": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.621.0.tgz", "integrity": "sha512-CtOwWmDdEiINkGXD93iGfXjN0WmCp9l45cDWHHGa8lRgEDyhuL7bwd/pH5aSzj0j8SiQBG2k0S7DHbd5RaqvbQ==", @@ -8993,7 +9208,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/credential-provider-env": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/credential-provider-env": { "version": "3.620.1", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.620.1.tgz", "integrity": "sha512-ExuILJ2qLW5ZO+rgkNRj0xiAipKT16Rk77buvPP8csR7kkCflT/gXTyzRe/uzIiETTxM7tr8xuO9MP/DQXqkfg==", @@ -9009,7 +9224,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/credential-provider-http": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/credential-provider-http": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.621.0.tgz", "integrity": "sha512-/jc2tEsdkT1QQAI5Dvoci50DbSxtJrevemwFsm0B73pwCcOQZ5ZwwSdVqGsPutzYzUVx3bcXg3LRL7jLACqRIg==", @@ -9030,7 +9245,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/credential-provider-ini": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/credential-provider-ini": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.621.0.tgz", "integrity": "sha512-0EWVnSc+JQn5HLnF5Xv405M8n4zfdx9gyGdpnCmAmFqEDHA8LmBdxJdpUk1Ovp/I5oPANhjojxabIW5f1uU0RA==", @@ -9056,7 +9271,7 @@ "@aws-sdk/client-sts": "^3.621.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/credential-provider-node": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/credential-provider-node": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.621.0.tgz", "integrity": "sha512-4JqpccUgz5Snanpt2+53hbOBbJQrSFq7E1sAAbgY6BKVQUsW5qyXqnjvSF32kDeKa5JpBl3bBWLZl04IadcPHw==", @@ -9080,7 +9295,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/credential-provider-process": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/credential-provider-process": { "version": "3.620.1", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.620.1.tgz", "integrity": "sha512-hWqFMidqLAkaV9G460+1at6qa9vySbjQKKc04p59OT7lZ5cO5VH5S4aI05e+m4j364MBROjjk2ugNvfNf/8ILg==", @@ -9097,7 +9312,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/credential-provider-sso": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/credential-provider-sso": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.621.0.tgz", "integrity": "sha512-Kza0jcFeA/GEL6xJlzR2KFf1PfZKMFnxfGzJzl5yN7EjoGdMijl34KaRyVnfRjnCWcsUpBWKNIDk9WZVMY9yiw==", @@ -9116,7 +9331,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/credential-provider-web-identity": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/credential-provider-web-identity": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.621.0.tgz", "integrity": "sha512-w7ASSyfNvcx7+bYGep3VBgC3K6vEdLmlpjT7nSIHxxQf+WSdvy+HynwJosrpZax0sK5q0D1Jpn/5q+r5lwwW6w==", @@ -9135,7 +9350,7 @@ "@aws-sdk/client-sts": "^3.621.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/middleware-host-header": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/middleware-host-header": { "version": "3.620.0", "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.620.0.tgz", "integrity": "sha512-VMtPEZwqYrII/oUkffYsNWY9PZ9xpNJpMgmyU0rlDQ25O1c0Hk3fJmZRe6pEkAJ0omD7kLrqGl1DUjQVxpd/Rg==", @@ -9151,7 +9366,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/middleware-logger": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/middleware-logger": { "version": "3.609.0", "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-logger/-/middleware-logger-3.609.0.tgz", "integrity": "sha512-S62U2dy4jMDhDFDK5gZ4VxFdWzCtLzwbYyFZx2uvPYTECkepLUfzLic2BHg2Qvtu4QjX+oGE3P/7fwaGIsGNuQ==", @@ -9166,7 +9381,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/middleware-recursion-detection": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/middleware-recursion-detection": { "version": "3.620.0", "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.620.0.tgz", "integrity": "sha512-nh91S7aGK3e/o1ck64sA/CyoFw+gAYj2BDOnoNa6ouyCrVJED96ZXWbhye/fz9SgmNUZR2g7GdVpiLpMKZoI5w==", @@ -9182,7 +9397,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/middleware-user-agent": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/middleware-user-agent": { "version": "3.620.0", "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.620.0.tgz", "integrity": "sha512-bvS6etn+KsuL32ubY5D3xNof1qkenpbJXf/ugGXbg0n98DvDFQ/F+SMLxHgbnER5dsKYchNnhmtI6/FC3HFu/A==", @@ -9199,7 +9414,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/region-config-resolver": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/region-config-resolver": { "version": "3.614.0", "resolved": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.614.0.tgz", "integrity": "sha512-vDCeMXvic/LU0KFIUjpC3RiSTIkkvESsEfbVHiHH0YINfl8HnEqR5rj+L8+phsCeVg2+LmYwYxd5NRz4PHxt5g==", @@ -9217,7 +9432,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/token-providers": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/token-providers": { "version": "3.614.0", "resolved": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.614.0.tgz", "integrity": "sha512-okItqyY6L9IHdxqs+Z116y5/nda7rHxLvROxtAJdLavWTYDydxrZstImNgGWTeVdmc0xX2gJCI77UYUTQWnhRw==", @@ -9237,7 +9452,7 @@ "@aws-sdk/client-sso-oidc": "^3.614.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/types": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/types": { "version": "3.609.0", "resolved": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.609.0.tgz", "integrity": "sha512-+Tqnh9w0h2LcrUsdXyT1F8mNhXz+tVYBtP19LpeEGntmvHwa2XzvLUCWpoIAIVsHp5+HdB2X9Sn0KAtmbFXc2Q==", @@ -9251,7 +9466,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/util-endpoints": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/util-endpoints": { "version": "3.614.0", "resolved": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.614.0.tgz", "integrity": "sha512-wK2cdrXHH4oz4IomV/yrGkftU9A+ITB6nFL+rxxyO78is2ifHJpFdV4aqk4LSkXYPi6CXWNru/Dqc7yiKXgJPw==", @@ -9267,7 +9482,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/util-user-agent-browser": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/util-user-agent-browser": { "version": "3.609.0", "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.609.0.tgz", "integrity": "sha512-fojPU+mNahzQ0YHYBsx0ZIhmMA96H+ZIZ665ObU9tl+SGdbLneVZVikGve+NmHTQwHzwkFsZYYnVKAkreJLAtA==", @@ -9280,7 +9495,7 @@ "tslib": "^2.6.2" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@aws-sdk/util-user-agent-node": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/util-user-agent-node": { "version": "3.614.0", "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.614.0.tgz", "integrity": "sha512-15ElZT88peoHnq5TEoEtZwoXTXRxNrk60TZNdpl/TUBJ5oNJ9Dqb5Z4ryb8ofN6nm9aFf59GVAerFDz8iUoHBA==", @@ -9304,7 +9519,7 @@ } } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@smithy/node-config-provider": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@smithy/node-config-provider": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", @@ -9320,7 +9535,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-firehose/node_modules/@smithy/shared-ini-file-loader": { + "node_modules/@aws-sdk/client-kinesis/node_modules/@smithy/shared-ini-file-loader": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", @@ -9334,11 +9549,10 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-iam": { + "node_modules/@aws-sdk/client-lambda": { "version": "3.650.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-iam/-/client-iam-3.650.0.tgz", - "integrity": "sha512-LVXeP5ArnSWQK846U8q/v0+WrbIuJtUvkm9KSlcqWpDGgoN/u6SoMM/9D75olxgSXwKP5NQj9LNNP+BSQb7vGg==", - "dev": true, + "resolved": "https://registry.npmjs.org/@aws-sdk/client-lambda/-/client-lambda-3.650.0.tgz", + "integrity": "sha512-u8fqVod+EeMXxal72TbDWPAnMpmGvo1Z3P07qZ6M+dm5FkwUVzRhDkp8jLokwsIzlSt0lkasqDhn97rZLfgTZg==", "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", @@ -9358,6 +9572,9 @@ "@aws-sdk/util-user-agent-node": "3.649.0", "@smithy/config-resolver": "^3.0.6", "@smithy/core": "^2.4.1", + "@smithy/eventstream-serde-browser": "^3.0.7", + "@smithy/eventstream-serde-config-resolver": "^3.0.4", + "@smithy/eventstream-serde-node": "^3.0.6", "@smithy/fetch-http-handler": "^3.2.5", "@smithy/hash-node": "^3.0.4", "@smithy/invalid-dependency": "^3.0.4", @@ -9380,6 +9597,7 @@ "@smithy/util-endpoints": "^2.1.0", "@smithy/util-middleware": "^3.0.4", "@smithy/util-retry": "^3.0.4", + "@smithy/util-stream": "^3.1.4", "@smithy/util-utf8": "^3.0.0", "@smithy/util-waiter": "^3.1.3", "tslib": "^2.6.2" @@ -9388,11 +9606,10 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-iam/node_modules/@smithy/node-config-provider": { + "node_modules/@aws-sdk/client-lambda/node_modules/@smithy/node-config-provider": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", - "dev": true, "license": "Apache-2.0", "dependencies": { "@smithy/property-provider": "^3.1.4", @@ -9404,11 +9621,10 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-iam/node_modules/@smithy/shared-ini-file-loader": { + "node_modules/@aws-sdk/client-lambda/node_modules/@smithy/shared-ini-file-loader": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", - "dev": true, "license": "Apache-2.0", "dependencies": { "@smithy/types": "^3.4.0", @@ -9418,10 +9634,10 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-kinesis": { + "node_modules/@aws-sdk/client-personalize-events": { "version": "3.621.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-kinesis/-/client-kinesis-3.621.0.tgz", - "integrity": "sha512-53Omt/beFmTQPjQNpMuPMk5nMzYVsXCRiO+MeqygZEKYG1fWw/UGluCWVbi7WjClOHacsW8lQcsqIRvkPDFNag==", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-personalize-events/-/client-personalize-events-3.621.0.tgz", + "integrity": "sha512-qkVkqYvOe3WVuVNL/gRITGYFfHJCx2ijGFK7H3hNUJH3P4AwskmouAd1pWf+3cbGedRnj2is7iw7E602LeJIHA==", "dev": true, "license": "Apache-2.0", "dependencies": { @@ -9442,9 +9658,6 @@ "@aws-sdk/util-user-agent-node": "3.614.0", "@smithy/config-resolver": "^3.0.5", "@smithy/core": "^2.3.1", - "@smithy/eventstream-serde-browser": "^3.0.5", - "@smithy/eventstream-serde-config-resolver": "^3.0.3", - "@smithy/eventstream-serde-node": "^3.0.4", "@smithy/fetch-http-handler": "^3.2.4", "@smithy/hash-node": "^3.0.3", "@smithy/invalid-dependency": "^3.0.3", @@ -9468,14 +9681,13 @@ "@smithy/util-middleware": "^3.0.3", "@smithy/util-retry": "^3.0.3", "@smithy/util-utf8": "^3.0.0", - "@smithy/util-waiter": "^3.1.2", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/client-sso": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/client-sso": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.621.0.tgz", "integrity": "sha512-xpKfikN4u0BaUYZA9FGUMkkDmfoIP0Q03+A86WjqDWhcOoqNA1DkHsE4kZ+r064ifkPUfcNuUvlkVTEoBZoFjA==", @@ -9525,7 +9737,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/client-sso-oidc": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/client-sso-oidc": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.621.0.tgz", "integrity": "sha512-mMjk3mFUwV2Y68POf1BQMTF+F6qxt5tPu6daEUCNGC9Cenk3h2YXQQoS4/eSyYzuBiYk3vx49VgleRvdvkg8rg==", @@ -9579,7 +9791,7 @@ "@aws-sdk/client-sts": "^3.621.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/client-sts": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/client-sts": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.621.0.tgz", "integrity": "sha512-707uiuReSt+nAx6d0c21xLjLm2lxeKc7padxjv92CIrIocnQSlJPxSCM7r5zBhwiahJA6MNQwmTl2xznU67KgA==", @@ -9631,7 +9843,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/core": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/core": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.621.0.tgz", "integrity": "sha512-CtOwWmDdEiINkGXD93iGfXjN0WmCp9l45cDWHHGa8lRgEDyhuL7bwd/pH5aSzj0j8SiQBG2k0S7DHbd5RaqvbQ==", @@ -9652,7 +9864,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/credential-provider-env": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/credential-provider-env": { "version": "3.620.1", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.620.1.tgz", "integrity": "sha512-ExuILJ2qLW5ZO+rgkNRj0xiAipKT16Rk77buvPP8csR7kkCflT/gXTyzRe/uzIiETTxM7tr8xuO9MP/DQXqkfg==", @@ -9668,7 +9880,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/credential-provider-http": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/credential-provider-http": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.621.0.tgz", "integrity": "sha512-/jc2tEsdkT1QQAI5Dvoci50DbSxtJrevemwFsm0B73pwCcOQZ5ZwwSdVqGsPutzYzUVx3bcXg3LRL7jLACqRIg==", @@ -9689,7 +9901,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/credential-provider-ini": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/credential-provider-ini": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.621.0.tgz", "integrity": "sha512-0EWVnSc+JQn5HLnF5Xv405M8n4zfdx9gyGdpnCmAmFqEDHA8LmBdxJdpUk1Ovp/I5oPANhjojxabIW5f1uU0RA==", @@ -9715,7 +9927,7 @@ "@aws-sdk/client-sts": "^3.621.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/credential-provider-node": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/credential-provider-node": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.621.0.tgz", "integrity": "sha512-4JqpccUgz5Snanpt2+53hbOBbJQrSFq7E1sAAbgY6BKVQUsW5qyXqnjvSF32kDeKa5JpBl3bBWLZl04IadcPHw==", @@ -9739,7 +9951,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/credential-provider-process": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/credential-provider-process": { "version": "3.620.1", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.620.1.tgz", "integrity": "sha512-hWqFMidqLAkaV9G460+1at6qa9vySbjQKKc04p59OT7lZ5cO5VH5S4aI05e+m4j364MBROjjk2ugNvfNf/8ILg==", @@ -9756,7 +9968,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/credential-provider-sso": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/credential-provider-sso": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.621.0.tgz", "integrity": "sha512-Kza0jcFeA/GEL6xJlzR2KFf1PfZKMFnxfGzJzl5yN7EjoGdMijl34KaRyVnfRjnCWcsUpBWKNIDk9WZVMY9yiw==", @@ -9775,7 +9987,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/credential-provider-web-identity": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/credential-provider-web-identity": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.621.0.tgz", "integrity": "sha512-w7ASSyfNvcx7+bYGep3VBgC3K6vEdLmlpjT7nSIHxxQf+WSdvy+HynwJosrpZax0sK5q0D1Jpn/5q+r5lwwW6w==", @@ -9794,7 +10006,7 @@ "@aws-sdk/client-sts": "^3.621.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/middleware-host-header": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/middleware-host-header": { "version": "3.620.0", "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.620.0.tgz", "integrity": "sha512-VMtPEZwqYrII/oUkffYsNWY9PZ9xpNJpMgmyU0rlDQ25O1c0Hk3fJmZRe6pEkAJ0omD7kLrqGl1DUjQVxpd/Rg==", @@ -9810,7 +10022,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/middleware-logger": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/middleware-logger": { "version": "3.609.0", "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-logger/-/middleware-logger-3.609.0.tgz", "integrity": "sha512-S62U2dy4jMDhDFDK5gZ4VxFdWzCtLzwbYyFZx2uvPYTECkepLUfzLic2BHg2Qvtu4QjX+oGE3P/7fwaGIsGNuQ==", @@ -9825,7 +10037,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/middleware-recursion-detection": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/middleware-recursion-detection": { "version": "3.620.0", "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.620.0.tgz", "integrity": "sha512-nh91S7aGK3e/o1ck64sA/CyoFw+gAYj2BDOnoNa6ouyCrVJED96ZXWbhye/fz9SgmNUZR2g7GdVpiLpMKZoI5w==", @@ -9841,7 +10053,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/middleware-user-agent": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/middleware-user-agent": { "version": "3.620.0", "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.620.0.tgz", "integrity": "sha512-bvS6etn+KsuL32ubY5D3xNof1qkenpbJXf/ugGXbg0n98DvDFQ/F+SMLxHgbnER5dsKYchNnhmtI6/FC3HFu/A==", @@ -9858,7 +10070,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/region-config-resolver": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/region-config-resolver": { "version": "3.614.0", "resolved": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.614.0.tgz", "integrity": "sha512-vDCeMXvic/LU0KFIUjpC3RiSTIkkvESsEfbVHiHH0YINfl8HnEqR5rj+L8+phsCeVg2+LmYwYxd5NRz4PHxt5g==", @@ -9876,7 +10088,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/token-providers": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/token-providers": { "version": "3.614.0", "resolved": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.614.0.tgz", "integrity": "sha512-okItqyY6L9IHdxqs+Z116y5/nda7rHxLvROxtAJdLavWTYDydxrZstImNgGWTeVdmc0xX2gJCI77UYUTQWnhRw==", @@ -9896,7 +10108,7 @@ "@aws-sdk/client-sso-oidc": "^3.614.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/types": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/types": { "version": "3.609.0", "resolved": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.609.0.tgz", "integrity": "sha512-+Tqnh9w0h2LcrUsdXyT1F8mNhXz+tVYBtP19LpeEGntmvHwa2XzvLUCWpoIAIVsHp5+HdB2X9Sn0KAtmbFXc2Q==", @@ -9910,7 +10122,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/util-endpoints": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/util-endpoints": { "version": "3.614.0", "resolved": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.614.0.tgz", "integrity": "sha512-wK2cdrXHH4oz4IomV/yrGkftU9A+ITB6nFL+rxxyO78is2ifHJpFdV4aqk4LSkXYPi6CXWNru/Dqc7yiKXgJPw==", @@ -9926,7 +10138,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/util-user-agent-browser": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/util-user-agent-browser": { "version": "3.609.0", "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.609.0.tgz", "integrity": "sha512-fojPU+mNahzQ0YHYBsx0ZIhmMA96H+ZIZ665ObU9tl+SGdbLneVZVikGve+NmHTQwHzwkFsZYYnVKAkreJLAtA==", @@ -9939,7 +10151,7 @@ "tslib": "^2.6.2" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/util-user-agent-node": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/util-user-agent-node": { "version": "3.614.0", "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.614.0.tgz", "integrity": "sha512-15ElZT88peoHnq5TEoEtZwoXTXRxNrk60TZNdpl/TUBJ5oNJ9Dqb5Z4ryb8ofN6nm9aFf59GVAerFDz8iUoHBA==", @@ -9963,7 +10175,7 @@ } } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@smithy/node-config-provider": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@smithy/node-config-provider": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", @@ -9979,7 +10191,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-kinesis/node_modules/@smithy/shared-ini-file-loader": { + "node_modules/@aws-sdk/client-personalize-events/node_modules/@smithy/shared-ini-file-loader": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", @@ -9993,107 +10205,22 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-lambda": { - "version": "3.650.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-lambda/-/client-lambda-3.650.0.tgz", - "integrity": "sha512-u8fqVod+EeMXxal72TbDWPAnMpmGvo1Z3P07qZ6M+dm5FkwUVzRhDkp8jLokwsIzlSt0lkasqDhn97rZLfgTZg==", - "license": "Apache-2.0", - "dependencies": { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/client-sso-oidc": "3.650.0", - "@aws-sdk/client-sts": "3.650.0", - "@aws-sdk/core": "3.649.0", - "@aws-sdk/credential-provider-node": "3.650.0", - "@aws-sdk/middleware-host-header": "3.649.0", - "@aws-sdk/middleware-logger": "3.649.0", - "@aws-sdk/middleware-recursion-detection": "3.649.0", - "@aws-sdk/middleware-user-agent": "3.649.0", - "@aws-sdk/region-config-resolver": "3.649.0", - "@aws-sdk/types": "3.649.0", - "@aws-sdk/util-endpoints": "3.649.0", - "@aws-sdk/util-user-agent-browser": "3.649.0", - "@aws-sdk/util-user-agent-node": "3.649.0", - "@smithy/config-resolver": "^3.0.6", - "@smithy/core": "^2.4.1", - "@smithy/eventstream-serde-browser": "^3.0.7", - "@smithy/eventstream-serde-config-resolver": "^3.0.4", - "@smithy/eventstream-serde-node": "^3.0.6", - "@smithy/fetch-http-handler": "^3.2.5", - "@smithy/hash-node": "^3.0.4", - "@smithy/invalid-dependency": "^3.0.4", - "@smithy/middleware-content-length": "^3.0.6", - "@smithy/middleware-endpoint": "^3.1.1", - "@smithy/middleware-retry": "^3.0.16", - "@smithy/middleware-serde": "^3.0.4", - "@smithy/middleware-stack": "^3.0.4", - "@smithy/node-config-provider": "^3.1.5", - "@smithy/node-http-handler": "^3.2.0", - "@smithy/protocol-http": "^4.1.1", - "@smithy/smithy-client": "^3.3.0", - "@smithy/types": "^3.4.0", - "@smithy/url-parser": "^3.0.4", - "@smithy/util-base64": "^3.0.0", - "@smithy/util-body-length-browser": "^3.0.0", - "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.16", - "@smithy/util-defaults-mode-node": "^3.0.16", - "@smithy/util-endpoints": "^2.1.0", - "@smithy/util-middleware": "^3.0.4", - "@smithy/util-retry": "^3.0.4", - "@smithy/util-stream": "^3.1.4", - "@smithy/util-utf8": "^3.0.0", - "@smithy/util-waiter": "^3.1.3", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/client-lambda/node_modules/@smithy/node-config-provider": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", - "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/property-provider": "^3.1.4", - "@smithy/shared-ini-file-loader": "^3.1.5", - "@smithy/types": "^3.4.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/client-lambda/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", - "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/types": "^3.4.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/client-personalize-events": { - "version": "3.621.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-personalize-events/-/client-personalize-events-3.621.0.tgz", - "integrity": "sha512-qkVkqYvOe3WVuVNL/gRITGYFfHJCx2ijGFK7H3hNUJH3P4AwskmouAd1pWf+3cbGedRnj2is7iw7E602LeJIHA==", - "dev": true, + "node_modules/@aws-sdk/client-rds": { + "version": "3.624.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-rds/-/client-rds-3.624.0.tgz", + "integrity": "sha512-WZytF5YaDqEaJ/+2xm//ux+ER3pDwHU4ub4xXgMs46vG8WVLEDzILXp+Nn78w7W2sMwaQO12RYMvqgIB+/wF2A==", "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/client-sso-oidc": "3.621.0", - "@aws-sdk/client-sts": "3.621.0", - "@aws-sdk/core": "3.621.0", - "@aws-sdk/credential-provider-node": "3.621.0", + "@aws-sdk/client-sso-oidc": "3.624.0", + "@aws-sdk/client-sts": "3.624.0", + "@aws-sdk/core": "3.624.0", + "@aws-sdk/credential-provider-node": "3.624.0", "@aws-sdk/middleware-host-header": "3.620.0", "@aws-sdk/middleware-logger": "3.609.0", "@aws-sdk/middleware-recursion-detection": "3.620.0", + "@aws-sdk/middleware-sdk-rds": "3.620.0", "@aws-sdk/middleware-user-agent": "3.620.0", "@aws-sdk/region-config-resolver": "3.614.0", "@aws-sdk/types": "3.609.0", @@ -10101,46 +10228,46 @@ "@aws-sdk/util-user-agent-browser": "3.609.0", "@aws-sdk/util-user-agent-node": "3.614.0", "@smithy/config-resolver": "^3.0.5", - "@smithy/core": "^2.3.1", + "@smithy/core": "^2.3.2", "@smithy/fetch-http-handler": "^3.2.4", "@smithy/hash-node": "^3.0.3", "@smithy/invalid-dependency": "^3.0.3", "@smithy/middleware-content-length": "^3.0.5", "@smithy/middleware-endpoint": "^3.1.0", - "@smithy/middleware-retry": "^3.0.13", + "@smithy/middleware-retry": "^3.0.14", "@smithy/middleware-serde": "^3.0.3", "@smithy/middleware-stack": "^3.0.3", "@smithy/node-config-provider": "^3.1.4", "@smithy/node-http-handler": "^3.1.4", "@smithy/protocol-http": "^4.1.0", - "@smithy/smithy-client": "^3.1.11", + "@smithy/smithy-client": "^3.1.12", "@smithy/types": "^3.3.0", "@smithy/url-parser": "^3.0.3", "@smithy/util-base64": "^3.0.0", "@smithy/util-body-length-browser": "^3.0.0", "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.13", - "@smithy/util-defaults-mode-node": "^3.0.13", + "@smithy/util-defaults-mode-browser": "^3.0.14", + "@smithy/util-defaults-mode-node": "^3.0.14", "@smithy/util-endpoints": "^2.0.5", "@smithy/util-middleware": "^3.0.3", "@smithy/util-retry": "^3.0.3", "@smithy/util-utf8": "^3.0.0", + "@smithy/util-waiter": "^3.1.2", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/client-sso": { - "version": "3.621.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.621.0.tgz", - "integrity": "sha512-xpKfikN4u0BaUYZA9FGUMkkDmfoIP0Q03+A86WjqDWhcOoqNA1DkHsE4kZ+r064ifkPUfcNuUvlkVTEoBZoFjA==", - "dev": true, + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/client-sso": { + "version": "3.624.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.624.0.tgz", + "integrity": "sha512-EX6EF+rJzMPC5dcdsu40xSi2To7GSvdGQNIpe97pD9WvZwM9tRNQnNM4T6HA4gjV1L6Jwk8rBlG/CnveXtLEMw==", "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "3.621.0", + "@aws-sdk/core": "3.624.0", "@aws-sdk/middleware-host-header": "3.620.0", "@aws-sdk/middleware-logger": "3.609.0", "@aws-sdk/middleware-recursion-detection": "3.620.0", @@ -10151,26 +10278,26 @@ "@aws-sdk/util-user-agent-browser": "3.609.0", "@aws-sdk/util-user-agent-node": "3.614.0", "@smithy/config-resolver": "^3.0.5", - "@smithy/core": "^2.3.1", + "@smithy/core": "^2.3.2", "@smithy/fetch-http-handler": "^3.2.4", "@smithy/hash-node": "^3.0.3", "@smithy/invalid-dependency": "^3.0.3", "@smithy/middleware-content-length": "^3.0.5", "@smithy/middleware-endpoint": "^3.1.0", - "@smithy/middleware-retry": "^3.0.13", + "@smithy/middleware-retry": "^3.0.14", "@smithy/middleware-serde": "^3.0.3", "@smithy/middleware-stack": "^3.0.3", "@smithy/node-config-provider": "^3.1.4", "@smithy/node-http-handler": "^3.1.4", "@smithy/protocol-http": "^4.1.0", - "@smithy/smithy-client": "^3.1.11", + "@smithy/smithy-client": "^3.1.12", "@smithy/types": "^3.3.0", "@smithy/url-parser": "^3.0.3", "@smithy/util-base64": "^3.0.0", "@smithy/util-body-length-browser": "^3.0.0", "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.13", - "@smithy/util-defaults-mode-node": "^3.0.13", + "@smithy/util-defaults-mode-browser": "^3.0.14", + "@smithy/util-defaults-mode-node": "^3.0.14", "@smithy/util-endpoints": "^2.0.5", "@smithy/util-middleware": "^3.0.3", "@smithy/util-retry": "^3.0.3", @@ -10181,17 +10308,16 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/client-sso-oidc": { - "version": "3.621.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.621.0.tgz", - "integrity": "sha512-mMjk3mFUwV2Y68POf1BQMTF+F6qxt5tPu6daEUCNGC9Cenk3h2YXQQoS4/eSyYzuBiYk3vx49VgleRvdvkg8rg==", - "dev": true, + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/client-sso-oidc": { + "version": "3.624.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.624.0.tgz", + "integrity": "sha512-Ki2uKYJKKtfHxxZsiMTOvJoVRP6b2pZ1u3rcUb2m/nVgBPUfLdl8ZkGpqE29I+t5/QaS/sEdbn6cgMUZwl+3Dg==", "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "3.621.0", - "@aws-sdk/credential-provider-node": "3.621.0", + "@aws-sdk/core": "3.624.0", + "@aws-sdk/credential-provider-node": "3.624.0", "@aws-sdk/middleware-host-header": "3.620.0", "@aws-sdk/middleware-logger": "3.609.0", "@aws-sdk/middleware-recursion-detection": "3.620.0", @@ -10202,26 +10328,26 @@ "@aws-sdk/util-user-agent-browser": "3.609.0", "@aws-sdk/util-user-agent-node": "3.614.0", "@smithy/config-resolver": "^3.0.5", - "@smithy/core": "^2.3.1", + "@smithy/core": "^2.3.2", "@smithy/fetch-http-handler": "^3.2.4", "@smithy/hash-node": "^3.0.3", "@smithy/invalid-dependency": "^3.0.3", "@smithy/middleware-content-length": "^3.0.5", "@smithy/middleware-endpoint": "^3.1.0", - "@smithy/middleware-retry": "^3.0.13", + "@smithy/middleware-retry": "^3.0.14", "@smithy/middleware-serde": "^3.0.3", "@smithy/middleware-stack": "^3.0.3", "@smithy/node-config-provider": "^3.1.4", "@smithy/node-http-handler": "^3.1.4", "@smithy/protocol-http": "^4.1.0", - "@smithy/smithy-client": "^3.1.11", + "@smithy/smithy-client": "^3.1.12", "@smithy/types": "^3.3.0", "@smithy/url-parser": "^3.0.3", "@smithy/util-base64": "^3.0.0", "@smithy/util-body-length-browser": "^3.0.0", "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.13", - "@smithy/util-defaults-mode-node": "^3.0.13", + "@smithy/util-defaults-mode-browser": "^3.0.14", + "@smithy/util-defaults-mode-node": "^3.0.14", "@smithy/util-endpoints": "^2.0.5", "@smithy/util-middleware": "^3.0.3", "@smithy/util-retry": "^3.0.3", @@ -10232,21 +10358,20 @@ "node": ">=16.0.0" }, "peerDependencies": { - "@aws-sdk/client-sts": "^3.621.0" + "@aws-sdk/client-sts": "^3.624.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/client-sts": { - "version": "3.621.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.621.0.tgz", - "integrity": "sha512-707uiuReSt+nAx6d0c21xLjLm2lxeKc7padxjv92CIrIocnQSlJPxSCM7r5zBhwiahJA6MNQwmTl2xznU67KgA==", - "dev": true, + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/client-sts": { + "version": "3.624.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.624.0.tgz", + "integrity": "sha512-k36fLZCb2nfoV/DKK3jbRgO/Yf7/R80pgYfMiotkGjnZwDmRvNN08z4l06L9C+CieazzkgRxNUzyppsYcYsQaw==", "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/client-sso-oidc": "3.621.0", - "@aws-sdk/core": "3.621.0", - "@aws-sdk/credential-provider-node": "3.621.0", + "@aws-sdk/client-sso-oidc": "3.624.0", + "@aws-sdk/core": "3.624.0", + "@aws-sdk/credential-provider-node": "3.624.0", "@aws-sdk/middleware-host-header": "3.620.0", "@aws-sdk/middleware-logger": "3.609.0", "@aws-sdk/middleware-recursion-detection": "3.620.0", @@ -10257,26 +10382,26 @@ "@aws-sdk/util-user-agent-browser": "3.609.0", "@aws-sdk/util-user-agent-node": "3.614.0", "@smithy/config-resolver": "^3.0.5", - "@smithy/core": "^2.3.1", + "@smithy/core": "^2.3.2", "@smithy/fetch-http-handler": "^3.2.4", "@smithy/hash-node": "^3.0.3", "@smithy/invalid-dependency": "^3.0.3", "@smithy/middleware-content-length": "^3.0.5", "@smithy/middleware-endpoint": "^3.1.0", - "@smithy/middleware-retry": "^3.0.13", + "@smithy/middleware-retry": "^3.0.14", "@smithy/middleware-serde": "^3.0.3", "@smithy/middleware-stack": "^3.0.3", "@smithy/node-config-provider": "^3.1.4", "@smithy/node-http-handler": "^3.1.4", "@smithy/protocol-http": "^4.1.0", - "@smithy/smithy-client": "^3.1.11", + "@smithy/smithy-client": "^3.1.12", "@smithy/types": "^3.3.0", "@smithy/url-parser": "^3.0.3", "@smithy/util-base64": "^3.0.0", "@smithy/util-body-length-browser": "^3.0.0", "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.13", - "@smithy/util-defaults-mode-node": "^3.0.13", + "@smithy/util-defaults-mode-browser": "^3.0.14", + "@smithy/util-defaults-mode-node": "^3.0.14", "@smithy/util-endpoints": "^2.0.5", "@smithy/util-middleware": "^3.0.3", "@smithy/util-retry": "^3.0.3", @@ -10287,18 +10412,17 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/core": { - "version": "3.621.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.621.0.tgz", - "integrity": "sha512-CtOwWmDdEiINkGXD93iGfXjN0WmCp9l45cDWHHGa8lRgEDyhuL7bwd/pH5aSzj0j8SiQBG2k0S7DHbd5RaqvbQ==", - "dev": true, + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/core": { + "version": "3.624.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.624.0.tgz", + "integrity": "sha512-WyFmPbhRIvtWi7hBp8uSFy+iPpj8ccNV/eX86hwF4irMjfc/FtsGVIAeBXxXM/vGCjkdfEzOnl+tJ2XACD4OXg==", "license": "Apache-2.0", "dependencies": { - "@smithy/core": "^2.3.1", + "@smithy/core": "^2.3.2", "@smithy/node-config-provider": "^3.1.4", "@smithy/protocol-http": "^4.1.0", "@smithy/signature-v4": "^4.1.0", - "@smithy/smithy-client": "^3.1.11", + "@smithy/smithy-client": "^3.1.12", "@smithy/types": "^3.3.0", "@smithy/util-middleware": "^3.0.3", "fast-xml-parser": "4.4.1", @@ -10308,11 +10432,10 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/credential-provider-env": { + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/credential-provider-env": { "version": "3.620.1", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.620.1.tgz", "integrity": "sha512-ExuILJ2qLW5ZO+rgkNRj0xiAipKT16Rk77buvPP8csR7kkCflT/gXTyzRe/uzIiETTxM7tr8xuO9MP/DQXqkfg==", - "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -10324,11 +10447,10 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/credential-provider-http": { - "version": "3.621.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.621.0.tgz", - "integrity": "sha512-/jc2tEsdkT1QQAI5Dvoci50DbSxtJrevemwFsm0B73pwCcOQZ5ZwwSdVqGsPutzYzUVx3bcXg3LRL7jLACqRIg==", - "dev": true, + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/credential-provider-http": { + "version": "3.622.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.622.0.tgz", + "integrity": "sha512-VUHbr24Oll1RK3WR8XLUugLpgK9ZuxEm/NVeVqyFts1Ck9gsKpRg1x4eH7L7tW3SJ4TDEQNMbD7/7J+eoL2svg==", "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -10336,7 +10458,7 @@ "@smithy/node-http-handler": "^3.1.4", "@smithy/property-provider": "^3.1.3", "@smithy/protocol-http": "^4.1.0", - "@smithy/smithy-client": "^3.1.11", + "@smithy/smithy-client": "^3.1.12", "@smithy/types": "^3.3.0", "@smithy/util-stream": "^3.1.3", "tslib": "^2.6.2" @@ -10345,17 +10467,16 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/credential-provider-ini": { - "version": "3.621.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.621.0.tgz", - "integrity": "sha512-0EWVnSc+JQn5HLnF5Xv405M8n4zfdx9gyGdpnCmAmFqEDHA8LmBdxJdpUk1Ovp/I5oPANhjojxabIW5f1uU0RA==", - "dev": true, + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/credential-provider-ini": { + "version": "3.624.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.624.0.tgz", + "integrity": "sha512-mMoNIy7MO2WTBbdqMyLpbt6SZpthE6e0GkRYpsd0yozPt0RZopcBhEh+HG1U9Y1PVODo+jcMk353vAi61CfnhQ==", "license": "Apache-2.0", "dependencies": { "@aws-sdk/credential-provider-env": "3.620.1", - "@aws-sdk/credential-provider-http": "3.621.0", + "@aws-sdk/credential-provider-http": "3.622.0", "@aws-sdk/credential-provider-process": "3.620.1", - "@aws-sdk/credential-provider-sso": "3.621.0", + "@aws-sdk/credential-provider-sso": "3.624.0", "@aws-sdk/credential-provider-web-identity": "3.621.0", "@aws-sdk/types": "3.609.0", "@smithy/credential-provider-imds": "^3.2.0", @@ -10368,21 +10489,20 @@ "node": ">=16.0.0" }, "peerDependencies": { - "@aws-sdk/client-sts": "^3.621.0" + "@aws-sdk/client-sts": "^3.624.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/credential-provider-node": { - "version": "3.621.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.621.0.tgz", - "integrity": "sha512-4JqpccUgz5Snanpt2+53hbOBbJQrSFq7E1sAAbgY6BKVQUsW5qyXqnjvSF32kDeKa5JpBl3bBWLZl04IadcPHw==", - "dev": true, + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/credential-provider-node": { + "version": "3.624.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.624.0.tgz", + "integrity": "sha512-vYyGK7oNpd81BdbH5IlmQ6zfaQqU+rPwsKTDDBeLRjshtrGXOEpfoahVpG9PX0ibu32IOWp4ZyXBNyVrnvcMOw==", "license": "Apache-2.0", "dependencies": { "@aws-sdk/credential-provider-env": "3.620.1", - "@aws-sdk/credential-provider-http": "3.621.0", - "@aws-sdk/credential-provider-ini": "3.621.0", + "@aws-sdk/credential-provider-http": "3.622.0", + "@aws-sdk/credential-provider-ini": "3.624.0", "@aws-sdk/credential-provider-process": "3.620.1", - "@aws-sdk/credential-provider-sso": "3.621.0", + "@aws-sdk/credential-provider-sso": "3.624.0", "@aws-sdk/credential-provider-web-identity": "3.621.0", "@aws-sdk/types": "3.609.0", "@smithy/credential-provider-imds": "^3.2.0", @@ -10395,11 +10515,10 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/credential-provider-process": { + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/credential-provider-process": { "version": "3.620.1", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.620.1.tgz", "integrity": "sha512-hWqFMidqLAkaV9G460+1at6qa9vySbjQKKc04p59OT7lZ5cO5VH5S4aI05e+m4j364MBROjjk2ugNvfNf/8ILg==", - "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -10412,14 +10531,13 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/credential-provider-sso": { - "version": "3.621.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.621.0.tgz", - "integrity": "sha512-Kza0jcFeA/GEL6xJlzR2KFf1PfZKMFnxfGzJzl5yN7EjoGdMijl34KaRyVnfRjnCWcsUpBWKNIDk9WZVMY9yiw==", - "dev": true, + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/credential-provider-sso": { + "version": "3.624.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.624.0.tgz", + "integrity": "sha512-A02bayIjU9APEPKr3HudrFHEx0WfghoSPsPopckDkW7VBqO4wizzcxr75Q9A3vNX+cwg0wCN6UitTNe6pVlRaQ==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/client-sso": "3.621.0", + "@aws-sdk/client-sso": "3.624.0", "@aws-sdk/token-providers": "3.614.0", "@aws-sdk/types": "3.609.0", "@smithy/property-provider": "^3.1.3", @@ -10431,11 +10549,10 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/credential-provider-web-identity": { + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/credential-provider-web-identity": { "version": "3.621.0", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.621.0.tgz", "integrity": "sha512-w7ASSyfNvcx7+bYGep3VBgC3K6vEdLmlpjT7nSIHxxQf+WSdvy+HynwJosrpZax0sK5q0D1Jpn/5q+r5lwwW6w==", - "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -10450,11 +10567,10 @@ "@aws-sdk/client-sts": "^3.621.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/middleware-host-header": { + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/middleware-host-header": { "version": "3.620.0", "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.620.0.tgz", "integrity": "sha512-VMtPEZwqYrII/oUkffYsNWY9PZ9xpNJpMgmyU0rlDQ25O1c0Hk3fJmZRe6pEkAJ0omD7kLrqGl1DUjQVxpd/Rg==", - "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -10466,11 +10582,10 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/middleware-logger": { + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/middleware-logger": { "version": "3.609.0", "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-logger/-/middleware-logger-3.609.0.tgz", "integrity": "sha512-S62U2dy4jMDhDFDK5gZ4VxFdWzCtLzwbYyFZx2uvPYTECkepLUfzLic2BHg2Qvtu4QjX+oGE3P/7fwaGIsGNuQ==", - "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -10481,11 +10596,10 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/middleware-recursion-detection": { + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/middleware-recursion-detection": { "version": "3.620.0", "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.620.0.tgz", "integrity": "sha512-nh91S7aGK3e/o1ck64sA/CyoFw+gAYj2BDOnoNa6ouyCrVJED96ZXWbhye/fz9SgmNUZR2g7GdVpiLpMKZoI5w==", - "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -10497,11 +10611,10 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/middleware-user-agent": { + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/middleware-user-agent": { "version": "3.620.0", "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.620.0.tgz", "integrity": "sha512-bvS6etn+KsuL32ubY5D3xNof1qkenpbJXf/ugGXbg0n98DvDFQ/F+SMLxHgbnER5dsKYchNnhmtI6/FC3HFu/A==", - "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -10514,11 +10627,10 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/region-config-resolver": { + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/region-config-resolver": { "version": "3.614.0", "resolved": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.614.0.tgz", "integrity": "sha512-vDCeMXvic/LU0KFIUjpC3RiSTIkkvESsEfbVHiHH0YINfl8HnEqR5rj+L8+phsCeVg2+LmYwYxd5NRz4PHxt5g==", - "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -10532,11 +10644,10 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/token-providers": { + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/token-providers": { "version": "3.614.0", "resolved": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.614.0.tgz", "integrity": "sha512-okItqyY6L9IHdxqs+Z116y5/nda7rHxLvROxtAJdLavWTYDydxrZstImNgGWTeVdmc0xX2gJCI77UYUTQWnhRw==", - "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -10552,11 +10663,10 @@ "@aws-sdk/client-sso-oidc": "^3.614.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/types": { + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/types": { "version": "3.609.0", "resolved": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.609.0.tgz", "integrity": "sha512-+Tqnh9w0h2LcrUsdXyT1F8mNhXz+tVYBtP19LpeEGntmvHwa2XzvLUCWpoIAIVsHp5+HdB2X9Sn0KAtmbFXc2Q==", - "dev": true, "license": "Apache-2.0", "dependencies": { "@smithy/types": "^3.3.0", @@ -10566,11 +10676,10 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/util-endpoints": { + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/util-endpoints": { "version": "3.614.0", "resolved": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.614.0.tgz", "integrity": "sha512-wK2cdrXHH4oz4IomV/yrGkftU9A+ITB6nFL+rxxyO78is2ifHJpFdV4aqk4LSkXYPi6CXWNru/Dqc7yiKXgJPw==", - "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -10582,11 +10691,10 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/util-user-agent-browser": { + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/util-user-agent-browser": { "version": "3.609.0", "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.609.0.tgz", "integrity": "sha512-fojPU+mNahzQ0YHYBsx0ZIhmMA96H+ZIZ665ObU9tl+SGdbLneVZVikGve+NmHTQwHzwkFsZYYnVKAkreJLAtA==", - "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -10595,11 +10703,10 @@ "tslib": "^2.6.2" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@aws-sdk/util-user-agent-node": { + "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/util-user-agent-node": { "version": "3.614.0", "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.614.0.tgz", "integrity": "sha512-15ElZT88peoHnq5TEoEtZwoXTXRxNrk60TZNdpl/TUBJ5oNJ9Dqb5Z4ryb8ofN6nm9aFf59GVAerFDz8iUoHBA==", - "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-sdk/types": "3.609.0", @@ -10619,11 +10726,10 @@ } } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@smithy/node-config-provider": { + "node_modules/@aws-sdk/client-rds/node_modules/@smithy/node-config-provider": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", - "dev": true, "license": "Apache-2.0", "dependencies": { "@smithy/property-provider": "^3.1.4", @@ -10635,11 +10741,10 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-personalize-events/node_modules/@smithy/shared-ini-file-loader": { + "node_modules/@aws-sdk/client-rds/node_modules/@smithy/shared-ini-file-loader": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", - "dev": true, "license": "Apache-2.0", "dependencies": { "@smithy/types": "^3.4.0", @@ -10649,206 +10754,151 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-rds": { - "version": "3.624.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-rds/-/client-rds-3.624.0.tgz", - "integrity": "sha512-WZytF5YaDqEaJ/+2xm//ux+ER3pDwHU4ub4xXgMs46vG8WVLEDzILXp+Nn78w7W2sMwaQO12RYMvqgIB+/wF2A==", + "node_modules/@aws-sdk/client-s3": { + "version": "3.651.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-s3/-/client-s3-3.651.0.tgz", + "integrity": "sha512-37+kxxjnlOAUCb1aHpoLakW4XRG23HrkX8X3cEjxaFLQxorPUiMvfAYQEQQkYD5yggaG+5aM5GAhxkTUTqA5xw==", "license": "Apache-2.0", "dependencies": { + "@aws-crypto/sha1-browser": "5.2.0", "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/client-sso-oidc": "3.624.0", - "@aws-sdk/client-sts": "3.624.0", - "@aws-sdk/core": "3.624.0", - "@aws-sdk/credential-provider-node": "3.624.0", - "@aws-sdk/middleware-host-header": "3.620.0", - "@aws-sdk/middleware-logger": "3.609.0", - "@aws-sdk/middleware-recursion-detection": "3.620.0", - "@aws-sdk/middleware-sdk-rds": "3.620.0", - "@aws-sdk/middleware-user-agent": "3.620.0", - "@aws-sdk/region-config-resolver": "3.614.0", - "@aws-sdk/types": "3.609.0", - "@aws-sdk/util-endpoints": "3.614.0", - "@aws-sdk/util-user-agent-browser": "3.609.0", - "@aws-sdk/util-user-agent-node": "3.614.0", - "@smithy/config-resolver": "^3.0.5", - "@smithy/core": "^2.3.2", - "@smithy/fetch-http-handler": "^3.2.4", - "@smithy/hash-node": "^3.0.3", - "@smithy/invalid-dependency": "^3.0.3", - "@smithy/middleware-content-length": "^3.0.5", - "@smithy/middleware-endpoint": "^3.1.0", - "@smithy/middleware-retry": "^3.0.14", - "@smithy/middleware-serde": "^3.0.3", - "@smithy/middleware-stack": "^3.0.3", - "@smithy/node-config-provider": "^3.1.4", - "@smithy/node-http-handler": "^3.1.4", - "@smithy/protocol-http": "^4.1.0", - "@smithy/smithy-client": "^3.1.12", - "@smithy/types": "^3.3.0", - "@smithy/url-parser": "^3.0.3", + "@aws-sdk/client-sso-oidc": "3.650.0", + "@aws-sdk/client-sts": "3.650.0", + "@aws-sdk/core": "3.649.0", + "@aws-sdk/credential-provider-node": "3.650.0", + "@aws-sdk/middleware-bucket-endpoint": "3.649.0", + "@aws-sdk/middleware-expect-continue": "3.649.0", + "@aws-sdk/middleware-flexible-checksums": "3.651.0", + "@aws-sdk/middleware-host-header": "3.649.0", + "@aws-sdk/middleware-location-constraint": "3.649.0", + "@aws-sdk/middleware-logger": "3.649.0", + "@aws-sdk/middleware-recursion-detection": "3.649.0", + "@aws-sdk/middleware-sdk-s3": "3.649.0", + "@aws-sdk/middleware-ssec": "3.649.0", + "@aws-sdk/middleware-user-agent": "3.649.0", + "@aws-sdk/region-config-resolver": "3.649.0", + "@aws-sdk/signature-v4-multi-region": "3.649.0", + "@aws-sdk/types": "3.649.0", + "@aws-sdk/util-endpoints": "3.649.0", + "@aws-sdk/util-user-agent-browser": "3.649.0", + "@aws-sdk/util-user-agent-node": "3.649.0", + "@aws-sdk/xml-builder": "3.649.0", + "@smithy/config-resolver": "^3.0.6", + "@smithy/core": "^2.4.1", + "@smithy/eventstream-serde-browser": "^3.0.7", + "@smithy/eventstream-serde-config-resolver": "^3.0.4", + "@smithy/eventstream-serde-node": "^3.0.6", + "@smithy/fetch-http-handler": "^3.2.5", + "@smithy/hash-blob-browser": "^3.1.3", + "@smithy/hash-node": "^3.0.4", + "@smithy/hash-stream-node": "^3.1.3", + "@smithy/invalid-dependency": "^3.0.4", + "@smithy/md5-js": "^3.0.4", + "@smithy/middleware-content-length": "^3.0.6", + "@smithy/middleware-endpoint": "^3.1.1", + "@smithy/middleware-retry": "^3.0.16", + "@smithy/middleware-serde": "^3.0.4", + "@smithy/middleware-stack": "^3.0.4", + "@smithy/node-config-provider": "^3.1.5", + "@smithy/node-http-handler": "^3.2.0", + "@smithy/protocol-http": "^4.1.1", + "@smithy/smithy-client": "^3.3.0", + "@smithy/types": "^3.4.0", + "@smithy/url-parser": "^3.0.4", "@smithy/util-base64": "^3.0.0", "@smithy/util-body-length-browser": "^3.0.0", "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.14", - "@smithy/util-defaults-mode-node": "^3.0.14", - "@smithy/util-endpoints": "^2.0.5", - "@smithy/util-middleware": "^3.0.3", - "@smithy/util-retry": "^3.0.3", + "@smithy/util-defaults-mode-browser": "^3.0.16", + "@smithy/util-defaults-mode-node": "^3.0.16", + "@smithy/util-endpoints": "^2.1.0", + "@smithy/util-middleware": "^3.0.4", + "@smithy/util-retry": "^3.0.4", + "@smithy/util-stream": "^3.1.4", "@smithy/util-utf8": "^3.0.0", - "@smithy/util-waiter": "^3.1.2", + "@smithy/util-waiter": "^3.1.3", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/client-sso": { - "version": "3.624.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.624.0.tgz", - "integrity": "sha512-EX6EF+rJzMPC5dcdsu40xSi2To7GSvdGQNIpe97pD9WvZwM9tRNQnNM4T6HA4gjV1L6Jwk8rBlG/CnveXtLEMw==", + "node_modules/@aws-sdk/client-s3/node_modules/@smithy/node-config-provider": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", + "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", "license": "Apache-2.0", "dependencies": { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "3.624.0", - "@aws-sdk/middleware-host-header": "3.620.0", - "@aws-sdk/middleware-logger": "3.609.0", - "@aws-sdk/middleware-recursion-detection": "3.620.0", - "@aws-sdk/middleware-user-agent": "3.620.0", - "@aws-sdk/region-config-resolver": "3.614.0", - "@aws-sdk/types": "3.609.0", - "@aws-sdk/util-endpoints": "3.614.0", - "@aws-sdk/util-user-agent-browser": "3.609.0", - "@aws-sdk/util-user-agent-node": "3.614.0", - "@smithy/config-resolver": "^3.0.5", - "@smithy/core": "^2.3.2", - "@smithy/fetch-http-handler": "^3.2.4", - "@smithy/hash-node": "^3.0.3", - "@smithy/invalid-dependency": "^3.0.3", - "@smithy/middleware-content-length": "^3.0.5", - "@smithy/middleware-endpoint": "^3.1.0", - "@smithy/middleware-retry": "^3.0.14", - "@smithy/middleware-serde": "^3.0.3", - "@smithy/middleware-stack": "^3.0.3", - "@smithy/node-config-provider": "^3.1.4", - "@smithy/node-http-handler": "^3.1.4", - "@smithy/protocol-http": "^4.1.0", - "@smithy/smithy-client": "^3.1.12", - "@smithy/types": "^3.3.0", - "@smithy/url-parser": "^3.0.3", - "@smithy/util-base64": "^3.0.0", - "@smithy/util-body-length-browser": "^3.0.0", - "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.14", - "@smithy/util-defaults-mode-node": "^3.0.14", - "@smithy/util-endpoints": "^2.0.5", - "@smithy/util-middleware": "^3.0.3", - "@smithy/util-retry": "^3.0.3", - "@smithy/util-utf8": "^3.0.0", + "@smithy/property-provider": "^3.1.4", + "@smithy/shared-ini-file-loader": "^3.1.5", + "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/client-sso-oidc": { - "version": "3.624.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.624.0.tgz", - "integrity": "sha512-Ki2uKYJKKtfHxxZsiMTOvJoVRP6b2pZ1u3rcUb2m/nVgBPUfLdl8ZkGpqE29I+t5/QaS/sEdbn6cgMUZwl+3Dg==", + "node_modules/@aws-sdk/client-s3/node_modules/@smithy/shared-ini-file-loader": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", + "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", "license": "Apache-2.0", "dependencies": { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "3.624.0", - "@aws-sdk/credential-provider-node": "3.624.0", - "@aws-sdk/middleware-host-header": "3.620.0", - "@aws-sdk/middleware-logger": "3.609.0", - "@aws-sdk/middleware-recursion-detection": "3.620.0", - "@aws-sdk/middleware-user-agent": "3.620.0", - "@aws-sdk/region-config-resolver": "3.614.0", - "@aws-sdk/types": "3.609.0", - "@aws-sdk/util-endpoints": "3.614.0", - "@aws-sdk/util-user-agent-browser": "3.609.0", - "@aws-sdk/util-user-agent-node": "3.614.0", - "@smithy/config-resolver": "^3.0.5", - "@smithy/core": "^2.3.2", - "@smithy/fetch-http-handler": "^3.2.4", - "@smithy/hash-node": "^3.0.3", - "@smithy/invalid-dependency": "^3.0.3", - "@smithy/middleware-content-length": "^3.0.5", - "@smithy/middleware-endpoint": "^3.1.0", - "@smithy/middleware-retry": "^3.0.14", - "@smithy/middleware-serde": "^3.0.3", - "@smithy/middleware-stack": "^3.0.3", - "@smithy/node-config-provider": "^3.1.4", - "@smithy/node-http-handler": "^3.1.4", - "@smithy/protocol-http": "^4.1.0", - "@smithy/smithy-client": "^3.1.12", - "@smithy/types": "^3.3.0", - "@smithy/url-parser": "^3.0.3", - "@smithy/util-base64": "^3.0.0", - "@smithy/util-body-length-browser": "^3.0.0", - "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.14", - "@smithy/util-defaults-mode-node": "^3.0.14", - "@smithy/util-endpoints": "^2.0.5", - "@smithy/util-middleware": "^3.0.3", - "@smithy/util-retry": "^3.0.3", - "@smithy/util-utf8": "^3.0.0", + "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" - }, - "peerDependencies": { - "@aws-sdk/client-sts": "^3.624.0" } }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/client-sts": { - "version": "3.624.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.624.0.tgz", - "integrity": "sha512-k36fLZCb2nfoV/DKK3jbRgO/Yf7/R80pgYfMiotkGjnZwDmRvNN08z4l06L9C+CieazzkgRxNUzyppsYcYsQaw==", + "node_modules/@aws-sdk/client-sqs": { + "version": "3.650.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sqs/-/client-sqs-3.650.0.tgz", + "integrity": "sha512-QoWgJ2PQCFI9SNwTw7PM2XeqNfWIS8Nqip25j3JMo3GqiQjbqtR9tVWsf2E5V4XqmnpCC398PaY5eMwixRdLfQ==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/client-sso-oidc": "3.624.0", - "@aws-sdk/core": "3.624.0", - "@aws-sdk/credential-provider-node": "3.624.0", - "@aws-sdk/middleware-host-header": "3.620.0", - "@aws-sdk/middleware-logger": "3.609.0", - "@aws-sdk/middleware-recursion-detection": "3.620.0", - "@aws-sdk/middleware-user-agent": "3.620.0", - "@aws-sdk/region-config-resolver": "3.614.0", - "@aws-sdk/types": "3.609.0", - "@aws-sdk/util-endpoints": "3.614.0", - "@aws-sdk/util-user-agent-browser": "3.609.0", - "@aws-sdk/util-user-agent-node": "3.614.0", - "@smithy/config-resolver": "^3.0.5", - "@smithy/core": "^2.3.2", - "@smithy/fetch-http-handler": "^3.2.4", - "@smithy/hash-node": "^3.0.3", - "@smithy/invalid-dependency": "^3.0.3", - "@smithy/middleware-content-length": "^3.0.5", - "@smithy/middleware-endpoint": "^3.1.0", - "@smithy/middleware-retry": "^3.0.14", - "@smithy/middleware-serde": "^3.0.3", - "@smithy/middleware-stack": "^3.0.3", - "@smithy/node-config-provider": "^3.1.4", - "@smithy/node-http-handler": "^3.1.4", - "@smithy/protocol-http": "^4.1.0", - "@smithy/smithy-client": "^3.1.12", - "@smithy/types": "^3.3.0", - "@smithy/url-parser": "^3.0.3", + "@aws-sdk/client-sso-oidc": "3.650.0", + "@aws-sdk/client-sts": "3.650.0", + "@aws-sdk/core": "3.649.0", + "@aws-sdk/credential-provider-node": "3.650.0", + "@aws-sdk/middleware-host-header": "3.649.0", + "@aws-sdk/middleware-logger": "3.649.0", + "@aws-sdk/middleware-recursion-detection": "3.649.0", + "@aws-sdk/middleware-sdk-sqs": "3.649.0", + "@aws-sdk/middleware-user-agent": "3.649.0", + "@aws-sdk/region-config-resolver": "3.649.0", + "@aws-sdk/types": "3.649.0", + "@aws-sdk/util-endpoints": "3.649.0", + "@aws-sdk/util-user-agent-browser": "3.649.0", + "@aws-sdk/util-user-agent-node": "3.649.0", + "@smithy/config-resolver": "^3.0.6", + "@smithy/core": "^2.4.1", + "@smithy/fetch-http-handler": "^3.2.5", + "@smithy/hash-node": "^3.0.4", + "@smithy/invalid-dependency": "^3.0.4", + "@smithy/md5-js": "^3.0.4", + "@smithy/middleware-content-length": "^3.0.6", + "@smithy/middleware-endpoint": "^3.1.1", + "@smithy/middleware-retry": "^3.0.16", + "@smithy/middleware-serde": "^3.0.4", + "@smithy/middleware-stack": "^3.0.4", + "@smithy/node-config-provider": "^3.1.5", + "@smithy/node-http-handler": "^3.2.0", + "@smithy/protocol-http": "^4.1.1", + "@smithy/smithy-client": "^3.3.0", + "@smithy/types": "^3.4.0", + "@smithy/url-parser": "^3.0.4", "@smithy/util-base64": "^3.0.0", "@smithy/util-body-length-browser": "^3.0.0", "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.14", - "@smithy/util-defaults-mode-node": "^3.0.14", - "@smithy/util-endpoints": "^2.0.5", - "@smithy/util-middleware": "^3.0.3", - "@smithy/util-retry": "^3.0.3", + "@smithy/util-defaults-mode-browser": "^3.0.16", + "@smithy/util-defaults-mode-node": "^3.0.16", + "@smithy/util-endpoints": "^2.1.0", + "@smithy/util-middleware": "^3.0.4", + "@smithy/util-retry": "^3.0.4", "@smithy/util-utf8": "^3.0.0", "tslib": "^2.6.2" }, @@ -10856,321 +10906,262 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/core": { - "version": "3.624.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.624.0.tgz", - "integrity": "sha512-WyFmPbhRIvtWi7hBp8uSFy+iPpj8ccNV/eX86hwF4irMjfc/FtsGVIAeBXxXM/vGCjkdfEzOnl+tJ2XACD4OXg==", + "node_modules/@aws-sdk/client-sqs/node_modules/@smithy/node-config-provider": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", + "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", + "dev": true, "license": "Apache-2.0", "dependencies": { - "@smithy/core": "^2.3.2", - "@smithy/node-config-provider": "^3.1.4", - "@smithy/protocol-http": "^4.1.0", - "@smithy/signature-v4": "^4.1.0", - "@smithy/smithy-client": "^3.1.12", - "@smithy/types": "^3.3.0", - "@smithy/util-middleware": "^3.0.3", - "fast-xml-parser": "4.4.1", + "@smithy/property-provider": "^3.1.4", + "@smithy/shared-ini-file-loader": "^3.1.5", + "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/credential-provider-env": { - "version": "3.620.1", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.620.1.tgz", - "integrity": "sha512-ExuILJ2qLW5ZO+rgkNRj0xiAipKT16Rk77buvPP8csR7kkCflT/gXTyzRe/uzIiETTxM7tr8xuO9MP/DQXqkfg==", + "node_modules/@aws-sdk/client-sqs/node_modules/@smithy/shared-ini-file-loader": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", + "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", + "dev": true, "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.609.0", - "@smithy/property-provider": "^3.1.3", - "@smithy/types": "^3.3.0", + "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/credential-provider-http": { - "version": "3.622.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.622.0.tgz", - "integrity": "sha512-VUHbr24Oll1RK3WR8XLUugLpgK9ZuxEm/NVeVqyFts1Ck9gsKpRg1x4eH7L7tW3SJ4TDEQNMbD7/7J+eoL2svg==", + "node_modules/@aws-sdk/client-ssm": { + "version": "3.650.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-ssm/-/client-ssm-3.650.0.tgz", + "integrity": "sha512-TXHJqspaS4/89u4lFwsLUOmkfPq4igkfpXKi7MH5BD6SiKsTIq8zgF1RqlOD0QjoJL675UlzLsD5F9H9H5xj9A==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.609.0", - "@smithy/fetch-http-handler": "^3.2.4", - "@smithy/node-http-handler": "^3.1.4", - "@smithy/property-provider": "^3.1.3", - "@smithy/protocol-http": "^4.1.0", - "@smithy/smithy-client": "^3.1.12", - "@smithy/types": "^3.3.0", - "@smithy/util-stream": "^3.1.3", - "tslib": "^2.6.2" + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/client-sso-oidc": "3.650.0", + "@aws-sdk/client-sts": "3.650.0", + "@aws-sdk/core": "3.649.0", + "@aws-sdk/credential-provider-node": "3.650.0", + "@aws-sdk/middleware-host-header": "3.649.0", + "@aws-sdk/middleware-logger": "3.649.0", + "@aws-sdk/middleware-recursion-detection": "3.649.0", + "@aws-sdk/middleware-user-agent": "3.649.0", + "@aws-sdk/region-config-resolver": "3.649.0", + "@aws-sdk/types": "3.649.0", + "@aws-sdk/util-endpoints": "3.649.0", + "@aws-sdk/util-user-agent-browser": "3.649.0", + "@aws-sdk/util-user-agent-node": "3.649.0", + "@smithy/config-resolver": "^3.0.6", + "@smithy/core": "^2.4.1", + "@smithy/fetch-http-handler": "^3.2.5", + "@smithy/hash-node": "^3.0.4", + "@smithy/invalid-dependency": "^3.0.4", + "@smithy/middleware-content-length": "^3.0.6", + "@smithy/middleware-endpoint": "^3.1.1", + "@smithy/middleware-retry": "^3.0.16", + "@smithy/middleware-serde": "^3.0.4", + "@smithy/middleware-stack": "^3.0.4", + "@smithy/node-config-provider": "^3.1.5", + "@smithy/node-http-handler": "^3.2.0", + "@smithy/protocol-http": "^4.1.1", + "@smithy/smithy-client": "^3.3.0", + "@smithy/types": "^3.4.0", + "@smithy/url-parser": "^3.0.4", + "@smithy/util-base64": "^3.0.0", + "@smithy/util-body-length-browser": "^3.0.0", + "@smithy/util-body-length-node": "^3.0.0", + "@smithy/util-defaults-mode-browser": "^3.0.16", + "@smithy/util-defaults-mode-node": "^3.0.16", + "@smithy/util-endpoints": "^2.1.0", + "@smithy/util-middleware": "^3.0.4", + "@smithy/util-retry": "^3.0.4", + "@smithy/util-utf8": "^3.0.0", + "@smithy/util-waiter": "^3.1.3", + "tslib": "^2.6.2", + "uuid": "^9.0.1" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/credential-provider-ini": { - "version": "3.624.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.624.0.tgz", - "integrity": "sha512-mMoNIy7MO2WTBbdqMyLpbt6SZpthE6e0GkRYpsd0yozPt0RZopcBhEh+HG1U9Y1PVODo+jcMk353vAi61CfnhQ==", + "node_modules/@aws-sdk/client-ssm/node_modules/@smithy/node-config-provider": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", + "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/credential-provider-env": "3.620.1", - "@aws-sdk/credential-provider-http": "3.622.0", - "@aws-sdk/credential-provider-process": "3.620.1", - "@aws-sdk/credential-provider-sso": "3.624.0", - "@aws-sdk/credential-provider-web-identity": "3.621.0", - "@aws-sdk/types": "3.609.0", - "@smithy/credential-provider-imds": "^3.2.0", - "@smithy/property-provider": "^3.1.3", - "@smithy/shared-ini-file-loader": "^3.1.4", - "@smithy/types": "^3.3.0", + "@smithy/property-provider": "^3.1.4", + "@smithy/shared-ini-file-loader": "^3.1.5", + "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" - }, - "peerDependencies": { - "@aws-sdk/client-sts": "^3.624.0" } }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/credential-provider-node": { - "version": "3.624.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.624.0.tgz", - "integrity": "sha512-vYyGK7oNpd81BdbH5IlmQ6zfaQqU+rPwsKTDDBeLRjshtrGXOEpfoahVpG9PX0ibu32IOWp4ZyXBNyVrnvcMOw==", + "node_modules/@aws-sdk/client-ssm/node_modules/@smithy/shared-ini-file-loader": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", + "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/credential-provider-env": "3.620.1", - "@aws-sdk/credential-provider-http": "3.622.0", - "@aws-sdk/credential-provider-ini": "3.624.0", - "@aws-sdk/credential-provider-process": "3.620.1", - "@aws-sdk/credential-provider-sso": "3.624.0", - "@aws-sdk/credential-provider-web-identity": "3.621.0", - "@aws-sdk/types": "3.609.0", - "@smithy/credential-provider-imds": "^3.2.0", - "@smithy/property-provider": "^3.1.3", - "@smithy/shared-ini-file-loader": "^3.1.4", - "@smithy/types": "^3.3.0", + "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/credential-provider-process": { - "version": "3.620.1", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.620.1.tgz", - "integrity": "sha512-hWqFMidqLAkaV9G460+1at6qa9vySbjQKKc04p59OT7lZ5cO5VH5S4aI05e+m4j364MBROjjk2ugNvfNf/8ILg==", + "node_modules/@aws-sdk/client-ssm/node_modules/uuid": { + "version": "9.0.1", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-9.0.1.tgz", + "integrity": "sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==", + "funding": [ + "https://github.com/sponsors/broofa", + "https://github.com/sponsors/ctavan" + ], + "license": "MIT", + "bin": { + "uuid": "dist/bin/uuid" + } + }, + "node_modules/@aws-sdk/client-sso": { + "version": "3.650.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.650.0.tgz", + "integrity": "sha512-YKm14gCMChD/jlCisFlsVqB8HJujR41bl4Fup2crHwNJxhD/9LTnzwMiVVlBqlXr41Sfa6fSxczX2AMP8NM14A==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.609.0", - "@smithy/property-provider": "^3.1.3", - "@smithy/shared-ini-file-loader": "^3.1.4", - "@smithy/types": "^3.3.0", + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/core": "3.649.0", + "@aws-sdk/middleware-host-header": "3.649.0", + "@aws-sdk/middleware-logger": "3.649.0", + "@aws-sdk/middleware-recursion-detection": "3.649.0", + "@aws-sdk/middleware-user-agent": "3.649.0", + "@aws-sdk/region-config-resolver": "3.649.0", + "@aws-sdk/types": "3.649.0", + "@aws-sdk/util-endpoints": "3.649.0", + "@aws-sdk/util-user-agent-browser": "3.649.0", + "@aws-sdk/util-user-agent-node": "3.649.0", + "@smithy/config-resolver": "^3.0.6", + "@smithy/core": "^2.4.1", + "@smithy/fetch-http-handler": "^3.2.5", + "@smithy/hash-node": "^3.0.4", + "@smithy/invalid-dependency": "^3.0.4", + "@smithy/middleware-content-length": "^3.0.6", + "@smithy/middleware-endpoint": "^3.1.1", + "@smithy/middleware-retry": "^3.0.16", + "@smithy/middleware-serde": "^3.0.4", + "@smithy/middleware-stack": "^3.0.4", + "@smithy/node-config-provider": "^3.1.5", + "@smithy/node-http-handler": "^3.2.0", + "@smithy/protocol-http": "^4.1.1", + "@smithy/smithy-client": "^3.3.0", + "@smithy/types": "^3.4.0", + "@smithy/url-parser": "^3.0.4", + "@smithy/util-base64": "^3.0.0", + "@smithy/util-body-length-browser": "^3.0.0", + "@smithy/util-body-length-node": "^3.0.0", + "@smithy/util-defaults-mode-browser": "^3.0.16", + "@smithy/util-defaults-mode-node": "^3.0.16", + "@smithy/util-endpoints": "^2.1.0", + "@smithy/util-middleware": "^3.0.4", + "@smithy/util-retry": "^3.0.4", + "@smithy/util-utf8": "^3.0.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/credential-provider-sso": { - "version": "3.624.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.624.0.tgz", - "integrity": "sha512-A02bayIjU9APEPKr3HudrFHEx0WfghoSPsPopckDkW7VBqO4wizzcxr75Q9A3vNX+cwg0wCN6UitTNe6pVlRaQ==", - "license": "Apache-2.0", - "dependencies": { - "@aws-sdk/client-sso": "3.624.0", - "@aws-sdk/token-providers": "3.614.0", - "@aws-sdk/types": "3.609.0", - "@smithy/property-provider": "^3.1.3", - "@smithy/shared-ini-file-loader": "^3.1.4", - "@smithy/types": "^3.3.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/credential-provider-web-identity": { - "version": "3.621.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.621.0.tgz", - "integrity": "sha512-w7ASSyfNvcx7+bYGep3VBgC3K6vEdLmlpjT7nSIHxxQf+WSdvy+HynwJosrpZax0sK5q0D1Jpn/5q+r5lwwW6w==", - "license": "Apache-2.0", - "dependencies": { - "@aws-sdk/types": "3.609.0", - "@smithy/property-provider": "^3.1.3", - "@smithy/types": "^3.3.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - }, - "peerDependencies": { - "@aws-sdk/client-sts": "^3.621.0" - } - }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/middleware-host-header": { - "version": "3.620.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.620.0.tgz", - "integrity": "sha512-VMtPEZwqYrII/oUkffYsNWY9PZ9xpNJpMgmyU0rlDQ25O1c0Hk3fJmZRe6pEkAJ0omD7kLrqGl1DUjQVxpd/Rg==", - "license": "Apache-2.0", - "dependencies": { - "@aws-sdk/types": "3.609.0", - "@smithy/protocol-http": "^4.1.0", - "@smithy/types": "^3.3.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/middleware-logger": { - "version": "3.609.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-logger/-/middleware-logger-3.609.0.tgz", - "integrity": "sha512-S62U2dy4jMDhDFDK5gZ4VxFdWzCtLzwbYyFZx2uvPYTECkepLUfzLic2BHg2Qvtu4QjX+oGE3P/7fwaGIsGNuQ==", - "license": "Apache-2.0", - "dependencies": { - "@aws-sdk/types": "3.609.0", - "@smithy/types": "^3.3.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/middleware-recursion-detection": { - "version": "3.620.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.620.0.tgz", - "integrity": "sha512-nh91S7aGK3e/o1ck64sA/CyoFw+gAYj2BDOnoNa6ouyCrVJED96ZXWbhye/fz9SgmNUZR2g7GdVpiLpMKZoI5w==", - "license": "Apache-2.0", - "dependencies": { - "@aws-sdk/types": "3.609.0", - "@smithy/protocol-http": "^4.1.0", - "@smithy/types": "^3.3.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/middleware-user-agent": { - "version": "3.620.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.620.0.tgz", - "integrity": "sha512-bvS6etn+KsuL32ubY5D3xNof1qkenpbJXf/ugGXbg0n98DvDFQ/F+SMLxHgbnER5dsKYchNnhmtI6/FC3HFu/A==", - "license": "Apache-2.0", - "dependencies": { - "@aws-sdk/types": "3.609.0", - "@aws-sdk/util-endpoints": "3.614.0", - "@smithy/protocol-http": "^4.1.0", - "@smithy/types": "^3.3.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/region-config-resolver": { - "version": "3.614.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.614.0.tgz", - "integrity": "sha512-vDCeMXvic/LU0KFIUjpC3RiSTIkkvESsEfbVHiHH0YINfl8HnEqR5rj+L8+phsCeVg2+LmYwYxd5NRz4PHxt5g==", - "license": "Apache-2.0", - "dependencies": { - "@aws-sdk/types": "3.609.0", - "@smithy/node-config-provider": "^3.1.4", - "@smithy/types": "^3.3.0", - "@smithy/util-config-provider": "^3.0.0", - "@smithy/util-middleware": "^3.0.3", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/token-providers": { - "version": "3.614.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.614.0.tgz", - "integrity": "sha512-okItqyY6L9IHdxqs+Z116y5/nda7rHxLvROxtAJdLavWTYDydxrZstImNgGWTeVdmc0xX2gJCI77UYUTQWnhRw==", + "node_modules/@aws-sdk/client-sso-oidc": { + "version": "3.650.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.650.0.tgz", + "integrity": "sha512-6J7IS0f8ovhvbIAZaynOYP+jPX8344UlTjwHxjaXHgFvI8axu3+NslKtEEV5oHLhgzDvrKbinsu5lgE2n4Sqng==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.609.0", - "@smithy/property-provider": "^3.1.3", - "@smithy/shared-ini-file-loader": "^3.1.4", - "@smithy/types": "^3.3.0", + "@aws-crypto/sha256-browser": "5.2.0", + "@aws-crypto/sha256-js": "5.2.0", + "@aws-sdk/core": "3.649.0", + "@aws-sdk/credential-provider-node": "3.650.0", + "@aws-sdk/middleware-host-header": "3.649.0", + "@aws-sdk/middleware-logger": "3.649.0", + "@aws-sdk/middleware-recursion-detection": "3.649.0", + "@aws-sdk/middleware-user-agent": "3.649.0", + "@aws-sdk/region-config-resolver": "3.649.0", + "@aws-sdk/types": "3.649.0", + "@aws-sdk/util-endpoints": "3.649.0", + "@aws-sdk/util-user-agent-browser": "3.649.0", + "@aws-sdk/util-user-agent-node": "3.649.0", + "@smithy/config-resolver": "^3.0.6", + "@smithy/core": "^2.4.1", + "@smithy/fetch-http-handler": "^3.2.5", + "@smithy/hash-node": "^3.0.4", + "@smithy/invalid-dependency": "^3.0.4", + "@smithy/middleware-content-length": "^3.0.6", + "@smithy/middleware-endpoint": "^3.1.1", + "@smithy/middleware-retry": "^3.0.16", + "@smithy/middleware-serde": "^3.0.4", + "@smithy/middleware-stack": "^3.0.4", + "@smithy/node-config-provider": "^3.1.5", + "@smithy/node-http-handler": "^3.2.0", + "@smithy/protocol-http": "^4.1.1", + "@smithy/smithy-client": "^3.3.0", + "@smithy/types": "^3.4.0", + "@smithy/url-parser": "^3.0.4", + "@smithy/util-base64": "^3.0.0", + "@smithy/util-body-length-browser": "^3.0.0", + "@smithy/util-body-length-node": "^3.0.0", + "@smithy/util-defaults-mode-browser": "^3.0.16", + "@smithy/util-defaults-mode-node": "^3.0.16", + "@smithy/util-endpoints": "^2.1.0", + "@smithy/util-middleware": "^3.0.4", + "@smithy/util-retry": "^3.0.4", + "@smithy/util-utf8": "^3.0.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" }, "peerDependencies": { - "@aws-sdk/client-sso-oidc": "^3.614.0" - } - }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/types": { - "version": "3.609.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.609.0.tgz", - "integrity": "sha512-+Tqnh9w0h2LcrUsdXyT1F8mNhXz+tVYBtP19LpeEGntmvHwa2XzvLUCWpoIAIVsHp5+HdB2X9Sn0KAtmbFXc2Q==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/types": "^3.3.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" + "@aws-sdk/client-sts": "^3.650.0" } }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/util-endpoints": { - "version": "3.614.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.614.0.tgz", - "integrity": "sha512-wK2cdrXHH4oz4IomV/yrGkftU9A+ITB6nFL+rxxyO78is2ifHJpFdV4aqk4LSkXYPi6CXWNru/Dqc7yiKXgJPw==", + "node_modules/@aws-sdk/client-sso-oidc/node_modules/@smithy/node-config-provider": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", + "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.609.0", - "@smithy/types": "^3.3.0", - "@smithy/util-endpoints": "^2.0.5", + "@smithy/property-provider": "^3.1.4", + "@smithy/shared-ini-file-loader": "^3.1.5", + "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/util-user-agent-browser": { - "version": "3.609.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.609.0.tgz", - "integrity": "sha512-fojPU+mNahzQ0YHYBsx0ZIhmMA96H+ZIZ665ObU9tl+SGdbLneVZVikGve+NmHTQwHzwkFsZYYnVKAkreJLAtA==", - "license": "Apache-2.0", - "dependencies": { - "@aws-sdk/types": "3.609.0", - "@smithy/types": "^3.3.0", - "bowser": "^2.11.0", - "tslib": "^2.6.2" - } - }, - "node_modules/@aws-sdk/client-rds/node_modules/@aws-sdk/util-user-agent-node": { - "version": "3.614.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.614.0.tgz", - "integrity": "sha512-15ElZT88peoHnq5TEoEtZwoXTXRxNrk60TZNdpl/TUBJ5oNJ9Dqb5Z4ryb8ofN6nm9aFf59GVAerFDz8iUoHBA==", + "node_modules/@aws-sdk/client-sso-oidc/node_modules/@smithy/shared-ini-file-loader": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", + "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.609.0", - "@smithy/node-config-provider": "^3.1.4", - "@smithy/types": "^3.3.0", + "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" - }, - "peerDependencies": { - "aws-crt": ">=1.0.0" - }, - "peerDependenciesMeta": { - "aws-crt": { - "optional": true - } } }, - "node_modules/@aws-sdk/client-rds/node_modules/@smithy/node-config-provider": { + "node_modules/@aws-sdk/client-sso/node_modules/@smithy/node-config-provider": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", @@ -11185,7 +11176,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-rds/node_modules/@smithy/shared-ini-file-loader": { + "node_modules/@aws-sdk/client-sso/node_modules/@smithy/shared-ini-file-loader": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", @@ -11198,47 +11189,31 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-s3": { - "version": "3.651.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-s3/-/client-s3-3.651.0.tgz", - "integrity": "sha512-37+kxxjnlOAUCb1aHpoLakW4XRG23HrkX8X3cEjxaFLQxorPUiMvfAYQEQQkYD5yggaG+5aM5GAhxkTUTqA5xw==", + "node_modules/@aws-sdk/client-sts": { + "version": "3.650.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.650.0.tgz", + "integrity": "sha512-ISK0ZQYA7O5/WYgslpWy956lUBudGC9d7eL0FFbiL0j50N80Gx3RUv22ezvZgxJWE0W3DqNr4CE19sPYn4Lw8g==", "license": "Apache-2.0", "dependencies": { - "@aws-crypto/sha1-browser": "5.2.0", "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", "@aws-sdk/client-sso-oidc": "3.650.0", - "@aws-sdk/client-sts": "3.650.0", "@aws-sdk/core": "3.649.0", "@aws-sdk/credential-provider-node": "3.650.0", - "@aws-sdk/middleware-bucket-endpoint": "3.649.0", - "@aws-sdk/middleware-expect-continue": "3.649.0", - "@aws-sdk/middleware-flexible-checksums": "3.651.0", "@aws-sdk/middleware-host-header": "3.649.0", - "@aws-sdk/middleware-location-constraint": "3.649.0", "@aws-sdk/middleware-logger": "3.649.0", "@aws-sdk/middleware-recursion-detection": "3.649.0", - "@aws-sdk/middleware-sdk-s3": "3.649.0", - "@aws-sdk/middleware-ssec": "3.649.0", "@aws-sdk/middleware-user-agent": "3.649.0", "@aws-sdk/region-config-resolver": "3.649.0", - "@aws-sdk/signature-v4-multi-region": "3.649.0", "@aws-sdk/types": "3.649.0", "@aws-sdk/util-endpoints": "3.649.0", "@aws-sdk/util-user-agent-browser": "3.649.0", "@aws-sdk/util-user-agent-node": "3.649.0", - "@aws-sdk/xml-builder": "3.649.0", "@smithy/config-resolver": "^3.0.6", "@smithy/core": "^2.4.1", - "@smithy/eventstream-serde-browser": "^3.0.7", - "@smithy/eventstream-serde-config-resolver": "^3.0.4", - "@smithy/eventstream-serde-node": "^3.0.6", "@smithy/fetch-http-handler": "^3.2.5", - "@smithy/hash-blob-browser": "^3.1.3", "@smithy/hash-node": "^3.0.4", - "@smithy/hash-stream-node": "^3.1.3", "@smithy/invalid-dependency": "^3.0.4", - "@smithy/md5-js": "^3.0.4", "@smithy/middleware-content-length": "^3.0.6", "@smithy/middleware-endpoint": "^3.1.1", "@smithy/middleware-retry": "^3.0.16", @@ -11258,16 +11233,14 @@ "@smithy/util-endpoints": "^2.1.0", "@smithy/util-middleware": "^3.0.4", "@smithy/util-retry": "^3.0.4", - "@smithy/util-stream": "^3.1.4", "@smithy/util-utf8": "^3.0.0", - "@smithy/util-waiter": "^3.1.3", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-s3/node_modules/@smithy/node-config-provider": { + "node_modules/@aws-sdk/client-sts/node_modules/@smithy/node-config-provider": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", @@ -11282,7 +11255,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-s3/node_modules/@smithy/shared-ini-file-loader": { + "node_modules/@aws-sdk/client-sts/node_modules/@smithy/shared-ini-file-loader": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", @@ -11295,66 +11268,31 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-sqs": { - "version": "3.650.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sqs/-/client-sqs-3.650.0.tgz", - "integrity": "sha512-QoWgJ2PQCFI9SNwTw7PM2XeqNfWIS8Nqip25j3JMo3GqiQjbqtR9tVWsf2E5V4XqmnpCC398PaY5eMwixRdLfQ==", - "dev": true, + "node_modules/@aws-sdk/core": { + "version": "3.649.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.649.0.tgz", + "integrity": "sha512-dheG/X2y25RHE7K+TlS32kcy7TgDg1OpWV44BQRoE0OBPAWmFR1D1qjjTZ7WWrdqRPKzcnDj1qED8ncyncOX8g==", "license": "Apache-2.0", "dependencies": { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/client-sso-oidc": "3.650.0", - "@aws-sdk/client-sts": "3.650.0", - "@aws-sdk/core": "3.649.0", - "@aws-sdk/credential-provider-node": "3.650.0", - "@aws-sdk/middleware-host-header": "3.649.0", - "@aws-sdk/middleware-logger": "3.649.0", - "@aws-sdk/middleware-recursion-detection": "3.649.0", - "@aws-sdk/middleware-sdk-sqs": "3.649.0", - "@aws-sdk/middleware-user-agent": "3.649.0", - "@aws-sdk/region-config-resolver": "3.649.0", - "@aws-sdk/types": "3.649.0", - "@aws-sdk/util-endpoints": "3.649.0", - "@aws-sdk/util-user-agent-browser": "3.649.0", - "@aws-sdk/util-user-agent-node": "3.649.0", - "@smithy/config-resolver": "^3.0.6", "@smithy/core": "^2.4.1", - "@smithy/fetch-http-handler": "^3.2.5", - "@smithy/hash-node": "^3.0.4", - "@smithy/invalid-dependency": "^3.0.4", - "@smithy/md5-js": "^3.0.4", - "@smithy/middleware-content-length": "^3.0.6", - "@smithy/middleware-endpoint": "^3.1.1", - "@smithy/middleware-retry": "^3.0.16", - "@smithy/middleware-serde": "^3.0.4", - "@smithy/middleware-stack": "^3.0.4", "@smithy/node-config-provider": "^3.1.5", - "@smithy/node-http-handler": "^3.2.0", + "@smithy/property-provider": "^3.1.4", "@smithy/protocol-http": "^4.1.1", + "@smithy/signature-v4": "^4.1.1", "@smithy/smithy-client": "^3.3.0", "@smithy/types": "^3.4.0", - "@smithy/url-parser": "^3.0.4", - "@smithy/util-base64": "^3.0.0", - "@smithy/util-body-length-browser": "^3.0.0", - "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.16", - "@smithy/util-defaults-mode-node": "^3.0.16", - "@smithy/util-endpoints": "^2.1.0", "@smithy/util-middleware": "^3.0.4", - "@smithy/util-retry": "^3.0.4", - "@smithy/util-utf8": "^3.0.0", + "fast-xml-parser": "4.4.1", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-sqs/node_modules/@smithy/node-config-provider": { + "node_modules/@aws-sdk/core/node_modules/@smithy/node-config-provider": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", - "dev": true, "license": "Apache-2.0", "dependencies": { "@smithy/property-provider": "^3.1.4", @@ -11366,11 +11304,10 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-sqs/node_modules/@smithy/shared-ini-file-loader": { + "node_modules/@aws-sdk/core/node_modules/@smithy/shared-ini-file-loader": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", - "dev": true, "license": "Apache-2.0", "dependencies": { "@smithy/types": "^3.4.0", @@ -11380,68 +11317,15 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ssm": { + "node_modules/@aws-sdk/credential-provider-cognito-identity": { "version": "3.650.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-ssm/-/client-ssm-3.650.0.tgz", - "integrity": "sha512-TXHJqspaS4/89u4lFwsLUOmkfPq4igkfpXKi7MH5BD6SiKsTIq8zgF1RqlOD0QjoJL675UlzLsD5F9H9H5xj9A==", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-cognito-identity/-/credential-provider-cognito-identity-3.650.0.tgz", + "integrity": "sha512-QwtRKWKE6vv78Be3Lm5GmFkSl2DGWSOXPZYgkbo8GsD6SP0ParUvJvUE8wsPS5c4tUXC9KuvJAwYAYNFN10Fnw==", "license": "Apache-2.0", "dependencies": { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/client-sso-oidc": "3.650.0", - "@aws-sdk/client-sts": "3.650.0", - "@aws-sdk/core": "3.649.0", - "@aws-sdk/credential-provider-node": "3.650.0", - "@aws-sdk/middleware-host-header": "3.649.0", - "@aws-sdk/middleware-logger": "3.649.0", - "@aws-sdk/middleware-recursion-detection": "3.649.0", - "@aws-sdk/middleware-user-agent": "3.649.0", - "@aws-sdk/region-config-resolver": "3.649.0", + "@aws-sdk/client-cognito-identity": "3.650.0", "@aws-sdk/types": "3.649.0", - "@aws-sdk/util-endpoints": "3.649.0", - "@aws-sdk/util-user-agent-browser": "3.649.0", - "@aws-sdk/util-user-agent-node": "3.649.0", - "@smithy/config-resolver": "^3.0.6", - "@smithy/core": "^2.4.1", - "@smithy/fetch-http-handler": "^3.2.5", - "@smithy/hash-node": "^3.0.4", - "@smithy/invalid-dependency": "^3.0.4", - "@smithy/middleware-content-length": "^3.0.6", - "@smithy/middleware-endpoint": "^3.1.1", - "@smithy/middleware-retry": "^3.0.16", - "@smithy/middleware-serde": "^3.0.4", - "@smithy/middleware-stack": "^3.0.4", - "@smithy/node-config-provider": "^3.1.5", - "@smithy/node-http-handler": "^3.2.0", - "@smithy/protocol-http": "^4.1.1", - "@smithy/smithy-client": "^3.3.0", - "@smithy/types": "^3.4.0", - "@smithy/url-parser": "^3.0.4", - "@smithy/util-base64": "^3.0.0", - "@smithy/util-body-length-browser": "^3.0.0", - "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.16", - "@smithy/util-defaults-mode-node": "^3.0.16", - "@smithy/util-endpoints": "^2.1.0", - "@smithy/util-middleware": "^3.0.4", - "@smithy/util-retry": "^3.0.4", - "@smithy/util-utf8": "^3.0.0", - "@smithy/util-waiter": "^3.1.3", - "tslib": "^2.6.2", - "uuid": "^9.0.1" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/client-ssm/node_modules/@smithy/node-config-provider": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", - "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", - "license": "Apache-2.0", - "dependencies": { "@smithy/property-provider": "^3.1.4", - "@smithy/shared-ini-file-loader": "^3.1.5", "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, @@ -11449,12 +11333,14 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ssm/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", - "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", + "node_modules/@aws-sdk/credential-provider-env": { + "version": "3.649.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.649.0.tgz", + "integrity": "sha512-tViwzM1dauksA3fdRjsg0T8mcHklDa8EfveyiQKK6pUJopkqV6FQx+X5QNda0t/LrdEVlFZvwHNdXqOEfc83TA==", "license": "Apache-2.0", "dependencies": { + "@aws-sdk/types": "3.649.0", + "@smithy/property-provider": "^3.1.4", "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, @@ -11462,112 +11348,42 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-ssm/node_modules/uuid": { - "version": "9.0.1", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-9.0.1.tgz", - "integrity": "sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==", - "funding": [ - "https://github.com/sponsors/broofa", - "https://github.com/sponsors/ctavan" - ], - "license": "MIT", - "bin": { - "uuid": "dist/bin/uuid" - } - }, - "node_modules/@aws-sdk/client-sso": { - "version": "3.650.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.650.0.tgz", - "integrity": "sha512-YKm14gCMChD/jlCisFlsVqB8HJujR41bl4Fup2crHwNJxhD/9LTnzwMiVVlBqlXr41Sfa6fSxczX2AMP8NM14A==", + "node_modules/@aws-sdk/credential-provider-http": { + "version": "3.649.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.649.0.tgz", + "integrity": "sha512-ODAJ+AJJq6ozbns6ejGbicpsQ0dyMOpnGlg0J9J0jITQ05DKQZ581hdB8APDOZ9N8FstShP6dLZflSj8jb5fNA==", "license": "Apache-2.0", "dependencies": { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "3.649.0", - "@aws-sdk/middleware-host-header": "3.649.0", - "@aws-sdk/middleware-logger": "3.649.0", - "@aws-sdk/middleware-recursion-detection": "3.649.0", - "@aws-sdk/middleware-user-agent": "3.649.0", - "@aws-sdk/region-config-resolver": "3.649.0", "@aws-sdk/types": "3.649.0", - "@aws-sdk/util-endpoints": "3.649.0", - "@aws-sdk/util-user-agent-browser": "3.649.0", - "@aws-sdk/util-user-agent-node": "3.649.0", - "@smithy/config-resolver": "^3.0.6", - "@smithy/core": "^2.4.1", "@smithy/fetch-http-handler": "^3.2.5", - "@smithy/hash-node": "^3.0.4", - "@smithy/invalid-dependency": "^3.0.4", - "@smithy/middleware-content-length": "^3.0.6", - "@smithy/middleware-endpoint": "^3.1.1", - "@smithy/middleware-retry": "^3.0.16", - "@smithy/middleware-serde": "^3.0.4", - "@smithy/middleware-stack": "^3.0.4", - "@smithy/node-config-provider": "^3.1.5", "@smithy/node-http-handler": "^3.2.0", + "@smithy/property-provider": "^3.1.4", "@smithy/protocol-http": "^4.1.1", "@smithy/smithy-client": "^3.3.0", "@smithy/types": "^3.4.0", - "@smithy/url-parser": "^3.0.4", - "@smithy/util-base64": "^3.0.0", - "@smithy/util-body-length-browser": "^3.0.0", - "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.16", - "@smithy/util-defaults-mode-node": "^3.0.16", - "@smithy/util-endpoints": "^2.1.0", - "@smithy/util-middleware": "^3.0.4", - "@smithy/util-retry": "^3.0.4", - "@smithy/util-utf8": "^3.0.0", + "@smithy/util-stream": "^3.1.4", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-sso-oidc": { + "node_modules/@aws-sdk/credential-provider-ini": { "version": "3.650.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.650.0.tgz", - "integrity": "sha512-6J7IS0f8ovhvbIAZaynOYP+jPX8344UlTjwHxjaXHgFvI8axu3+NslKtEEV5oHLhgzDvrKbinsu5lgE2n4Sqng==", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.650.0.tgz", + "integrity": "sha512-x2M9buZxIsKuUbuDgkGHhAKYBpn0/rYdKlwuFuOhXyyAcnhvPj0lgNF2KE4ld/GF1mKr7FF/uV3G9lM6PFaYmA==", "license": "Apache-2.0", "dependencies": { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "3.649.0", - "@aws-sdk/credential-provider-node": "3.650.0", - "@aws-sdk/middleware-host-header": "3.649.0", - "@aws-sdk/middleware-logger": "3.649.0", - "@aws-sdk/middleware-recursion-detection": "3.649.0", - "@aws-sdk/middleware-user-agent": "3.649.0", - "@aws-sdk/region-config-resolver": "3.649.0", + "@aws-sdk/credential-provider-env": "3.649.0", + "@aws-sdk/credential-provider-http": "3.649.0", + "@aws-sdk/credential-provider-process": "3.649.0", + "@aws-sdk/credential-provider-sso": "3.650.0", + "@aws-sdk/credential-provider-web-identity": "3.649.0", "@aws-sdk/types": "3.649.0", - "@aws-sdk/util-endpoints": "3.649.0", - "@aws-sdk/util-user-agent-browser": "3.649.0", - "@aws-sdk/util-user-agent-node": "3.649.0", - "@smithy/config-resolver": "^3.0.6", - "@smithy/core": "^2.4.1", - "@smithy/fetch-http-handler": "^3.2.5", - "@smithy/hash-node": "^3.0.4", - "@smithy/invalid-dependency": "^3.0.4", - "@smithy/middleware-content-length": "^3.0.6", - "@smithy/middleware-endpoint": "^3.1.1", - "@smithy/middleware-retry": "^3.0.16", - "@smithy/middleware-serde": "^3.0.4", - "@smithy/middleware-stack": "^3.0.4", - "@smithy/node-config-provider": "^3.1.5", - "@smithy/node-http-handler": "^3.2.0", - "@smithy/protocol-http": "^4.1.1", - "@smithy/smithy-client": "^3.3.0", + "@smithy/credential-provider-imds": "^3.2.1", + "@smithy/property-provider": "^3.1.4", + "@smithy/shared-ini-file-loader": "^3.1.5", "@smithy/types": "^3.4.0", - "@smithy/url-parser": "^3.0.4", - "@smithy/util-base64": "^3.0.0", - "@smithy/util-body-length-browser": "^3.0.0", - "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.16", - "@smithy/util-defaults-mode-node": "^3.0.16", - "@smithy/util-endpoints": "^2.1.0", - "@smithy/util-middleware": "^3.0.4", - "@smithy/util-retry": "^3.0.4", - "@smithy/util-utf8": "^3.0.0", "tslib": "^2.6.2" }, "engines": { @@ -11577,12 +11393,33 @@ "@aws-sdk/client-sts": "^3.650.0" } }, - "node_modules/@aws-sdk/client-sso-oidc/node_modules/@smithy/node-config-provider": { + "node_modules/@aws-sdk/credential-provider-ini/node_modules/@smithy/shared-ini-file-loader": { "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", - "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", + "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", + "license": "Apache-2.0", + "dependencies": { + "@smithy/types": "^3.4.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@aws-sdk/credential-provider-node": { + "version": "3.650.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.650.0.tgz", + "integrity": "sha512-uBra5YjzS/gWSekAogfqJfY6c+oKQkkou7Cjc4d/cpMNvQtF1IBdekJ7NaE1RfsDEz3uH1+Myd07YWZAJo/2Qw==", "license": "Apache-2.0", "dependencies": { + "@aws-sdk/credential-provider-env": "3.649.0", + "@aws-sdk/credential-provider-http": "3.649.0", + "@aws-sdk/credential-provider-ini": "3.650.0", + "@aws-sdk/credential-provider-process": "3.649.0", + "@aws-sdk/credential-provider-sso": "3.650.0", + "@aws-sdk/credential-provider-web-identity": "3.649.0", + "@aws-sdk/types": "3.649.0", + "@smithy/credential-provider-imds": "^3.2.1", "@smithy/property-provider": "^3.1.4", "@smithy/shared-ini-file-loader": "^3.1.5", "@smithy/types": "^3.4.0", @@ -11592,7 +11429,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-sso-oidc/node_modules/@smithy/shared-ini-file-loader": { + "node_modules/@aws-sdk/credential-provider-node/node_modules/@smithy/shared-ini-file-loader": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", @@ -11605,12 +11442,13 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-sso/node_modules/@smithy/node-config-provider": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", - "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", + "node_modules/@aws-sdk/credential-provider-process": { + "version": "3.649.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.649.0.tgz", + "integrity": "sha512-6VYPQpEVpU+6DDS/gLoI40ppuNM5RPIEprK30qZZxnhTr5wyrGOeJ7J7wbbwPOZ5dKwta290BiJDU2ipV8Y9BQ==", "license": "Apache-2.0", "dependencies": { + "@aws-sdk/types": "3.649.0", "@smithy/property-provider": "^3.1.4", "@smithy/shared-ini-file-loader": "^3.1.5", "@smithy/types": "^3.4.0", @@ -11620,7 +11458,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-sso/node_modules/@smithy/shared-ini-file-loader": { + "node_modules/@aws-sdk/credential-provider-process/node_modules/@smithy/shared-ini-file-loader": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", @@ -11633,65 +11471,30 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-sts": { + "node_modules/@aws-sdk/credential-provider-sso": { "version": "3.650.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.650.0.tgz", - "integrity": "sha512-ISK0ZQYA7O5/WYgslpWy956lUBudGC9d7eL0FFbiL0j50N80Gx3RUv22ezvZgxJWE0W3DqNr4CE19sPYn4Lw8g==", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.650.0.tgz", + "integrity": "sha512-069nkhcwximbvyGiAC6Fr2G+yrG/p1S3NQ5BZ2cMzB1hgUKo6TvgFK7nriYI4ljMQ+UWxqPwIdTqiUmn2iJmhg==", "license": "Apache-2.0", "dependencies": { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/client-sso-oidc": "3.650.0", - "@aws-sdk/core": "3.649.0", - "@aws-sdk/credential-provider-node": "3.650.0", - "@aws-sdk/middleware-host-header": "3.649.0", - "@aws-sdk/middleware-logger": "3.649.0", - "@aws-sdk/middleware-recursion-detection": "3.649.0", - "@aws-sdk/middleware-user-agent": "3.649.0", - "@aws-sdk/region-config-resolver": "3.649.0", + "@aws-sdk/client-sso": "3.650.0", + "@aws-sdk/token-providers": "3.649.0", "@aws-sdk/types": "3.649.0", - "@aws-sdk/util-endpoints": "3.649.0", - "@aws-sdk/util-user-agent-browser": "3.649.0", - "@aws-sdk/util-user-agent-node": "3.649.0", - "@smithy/config-resolver": "^3.0.6", - "@smithy/core": "^2.4.1", - "@smithy/fetch-http-handler": "^3.2.5", - "@smithy/hash-node": "^3.0.4", - "@smithy/invalid-dependency": "^3.0.4", - "@smithy/middleware-content-length": "^3.0.6", - "@smithy/middleware-endpoint": "^3.1.1", - "@smithy/middleware-retry": "^3.0.16", - "@smithy/middleware-serde": "^3.0.4", - "@smithy/middleware-stack": "^3.0.4", - "@smithy/node-config-provider": "^3.1.5", - "@smithy/node-http-handler": "^3.2.0", - "@smithy/protocol-http": "^4.1.1", - "@smithy/smithy-client": "^3.3.0", + "@smithy/property-provider": "^3.1.4", + "@smithy/shared-ini-file-loader": "^3.1.5", "@smithy/types": "^3.4.0", - "@smithy/url-parser": "^3.0.4", - "@smithy/util-base64": "^3.0.0", - "@smithy/util-body-length-browser": "^3.0.0", - "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.16", - "@smithy/util-defaults-mode-node": "^3.0.16", - "@smithy/util-endpoints": "^2.1.0", - "@smithy/util-middleware": "^3.0.4", - "@smithy/util-retry": "^3.0.4", - "@smithy/util-utf8": "^3.0.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-sts/node_modules/@smithy/node-config-provider": { + "node_modules/@aws-sdk/credential-provider-sso/node_modules/@smithy/shared-ini-file-loader": { "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", - "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", + "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", "license": "Apache-2.0", "dependencies": { - "@smithy/property-provider": "^3.1.4", - "@smithy/shared-ini-file-loader": "^3.1.5", "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, @@ -11699,77 +11502,91 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/client-sts/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", - "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", + "node_modules/@aws-sdk/credential-provider-web-identity": { + "version": "3.649.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.649.0.tgz", + "integrity": "sha512-XVk3WsDa0g3kQFPmnCH/LaCtGY/0R2NDv7gscYZSXiBZcG/fixasglTprgWSp8zcA0t7tEIGu9suyjz8ZwhymQ==", "license": "Apache-2.0", "dependencies": { + "@aws-sdk/types": "3.649.0", + "@smithy/property-provider": "^3.1.4", "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" + }, + "peerDependencies": { + "@aws-sdk/client-sts": "^3.649.0" } }, - "node_modules/@aws-sdk/core": { - "version": "3.649.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.649.0.tgz", - "integrity": "sha512-dheG/X2y25RHE7K+TlS32kcy7TgDg1OpWV44BQRoE0OBPAWmFR1D1qjjTZ7WWrdqRPKzcnDj1qED8ncyncOX8g==", + "node_modules/@aws-sdk/credential-providers": { + "version": "3.650.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-providers/-/credential-providers-3.650.0.tgz", + "integrity": "sha512-e99xHtzfL3fwS5j2gzMXRikoux/vNO3JKlxYSTnz/yfcReYRtRIz4iNrbqOzYFIQFlPS11ToXXXcwl6FOzNM7Q==", "license": "Apache-2.0", "dependencies": { - "@smithy/core": "^2.4.1", - "@smithy/node-config-provider": "^3.1.5", + "@aws-sdk/client-cognito-identity": "3.650.0", + "@aws-sdk/client-sso": "3.650.0", + "@aws-sdk/client-sts": "3.650.0", + "@aws-sdk/credential-provider-cognito-identity": "3.650.0", + "@aws-sdk/credential-provider-env": "3.649.0", + "@aws-sdk/credential-provider-http": "3.649.0", + "@aws-sdk/credential-provider-ini": "3.650.0", + "@aws-sdk/credential-provider-node": "3.650.0", + "@aws-sdk/credential-provider-process": "3.649.0", + "@aws-sdk/credential-provider-sso": "3.650.0", + "@aws-sdk/credential-provider-web-identity": "3.649.0", + "@aws-sdk/types": "3.649.0", + "@smithy/credential-provider-imds": "^3.2.1", "@smithy/property-provider": "^3.1.4", - "@smithy/protocol-http": "^4.1.1", - "@smithy/signature-v4": "^4.1.1", - "@smithy/smithy-client": "^3.3.0", "@smithy/types": "^3.4.0", - "@smithy/util-middleware": "^3.0.4", - "fast-xml-parser": "4.4.1", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/core/node_modules/@smithy/node-config-provider": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", - "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", + "node_modules/@aws-sdk/endpoint-cache": { + "version": "3.572.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/endpoint-cache/-/endpoint-cache-3.572.0.tgz", + "integrity": "sha512-CzuRWMj/xtN9p9eP915nlPmlyniTzke732Ow/M60++gGgB3W+RtZyFftw3TEx+NzNhd1tH54dEcGiWdiNaBz3Q==", + "dev": true, "license": "Apache-2.0", "dependencies": { - "@smithy/property-provider": "^3.1.4", - "@smithy/shared-ini-file-loader": "^3.1.5", - "@smithy/types": "^3.4.0", + "mnemonist": "0.38.3", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/core/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", - "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", + "node_modules/@aws-sdk/middleware-bucket-endpoint": { + "version": "3.649.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-bucket-endpoint/-/middleware-bucket-endpoint-3.649.0.tgz", + "integrity": "sha512-ZdDICtUU4YZkrVllTUOH1Fj/F3WShLhkfNKJE3HJ/yj6pS8JS9P2lWzHiHkHiidjrHSxc6NuBo6vuZ+182XLbw==", "license": "Apache-2.0", "dependencies": { + "@aws-sdk/types": "3.649.0", + "@aws-sdk/util-arn-parser": "3.568.0", + "@smithy/node-config-provider": "^3.1.5", + "@smithy/protocol-http": "^4.1.1", "@smithy/types": "^3.4.0", + "@smithy/util-config-provider": "^3.0.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/credential-provider-cognito-identity": { - "version": "3.650.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-cognito-identity/-/credential-provider-cognito-identity-3.650.0.tgz", - "integrity": "sha512-QwtRKWKE6vv78Be3Lm5GmFkSl2DGWSOXPZYgkbo8GsD6SP0ParUvJvUE8wsPS5c4tUXC9KuvJAwYAYNFN10Fnw==", + "node_modules/@aws-sdk/middleware-bucket-endpoint/node_modules/@smithy/node-config-provider": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", + "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/client-cognito-identity": "3.650.0", - "@aws-sdk/types": "3.649.0", "@smithy/property-provider": "^3.1.4", + "@smithy/shared-ini-file-loader": "^3.1.5", "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, @@ -11777,14 +11594,12 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/credential-provider-env": { - "version": "3.649.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.649.0.tgz", - "integrity": "sha512-tViwzM1dauksA3fdRjsg0T8mcHklDa8EfveyiQKK6pUJopkqV6FQx+X5QNda0t/LrdEVlFZvwHNdXqOEfc83TA==", + "node_modules/@aws-sdk/middleware-bucket-endpoint/node_modules/@smithy/shared-ini-file-loader": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", + "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.649.0", - "@smithy/property-provider": "^3.1.4", "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, @@ -11792,39 +11607,31 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/credential-provider-http": { + "node_modules/@aws-sdk/middleware-endpoint-discovery": { "version": "3.649.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.649.0.tgz", - "integrity": "sha512-ODAJ+AJJq6ozbns6ejGbicpsQ0dyMOpnGlg0J9J0jITQ05DKQZ581hdB8APDOZ9N8FstShP6dLZflSj8jb5fNA==", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-endpoint-discovery/-/middleware-endpoint-discovery-3.649.0.tgz", + "integrity": "sha512-deyv8Vx2a7+63NVrOURfUlyfxPbpbtJSPHLbQikHthuEs3dYol/5LXr1VonFe9dlzHRa1ZPMnA2ibOBmUCwz5g==", + "dev": true, "license": "Apache-2.0", "dependencies": { + "@aws-sdk/endpoint-cache": "3.572.0", "@aws-sdk/types": "3.649.0", - "@smithy/fetch-http-handler": "^3.2.5", - "@smithy/node-http-handler": "^3.2.0", - "@smithy/property-provider": "^3.1.4", + "@smithy/node-config-provider": "^3.1.5", "@smithy/protocol-http": "^4.1.1", - "@smithy/smithy-client": "^3.3.0", "@smithy/types": "^3.4.0", - "@smithy/util-stream": "^3.1.4", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/credential-provider-ini": { - "version": "3.650.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.650.0.tgz", - "integrity": "sha512-x2M9buZxIsKuUbuDgkGHhAKYBpn0/rYdKlwuFuOhXyyAcnhvPj0lgNF2KE4ld/GF1mKr7FF/uV3G9lM6PFaYmA==", + "node_modules/@aws-sdk/middleware-endpoint-discovery/node_modules/@smithy/node-config-provider": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", + "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", + "dev": true, "license": "Apache-2.0", "dependencies": { - "@aws-sdk/credential-provider-env": "3.649.0", - "@aws-sdk/credential-provider-http": "3.649.0", - "@aws-sdk/credential-provider-process": "3.649.0", - "@aws-sdk/credential-provider-sso": "3.650.0", - "@aws-sdk/credential-provider-web-identity": "3.649.0", - "@aws-sdk/types": "3.649.0", - "@smithy/credential-provider-imds": "^3.2.1", "@smithy/property-provider": "^3.1.4", "@smithy/shared-ini-file-loader": "^3.1.5", "@smithy/types": "^3.4.0", @@ -11832,15 +11639,13 @@ }, "engines": { "node": ">=16.0.0" - }, - "peerDependencies": { - "@aws-sdk/client-sts": "^3.650.0" } }, - "node_modules/@aws-sdk/credential-provider-ini/node_modules/@smithy/shared-ini-file-loader": { + "node_modules/@aws-sdk/middleware-endpoint-discovery/node_modules/@smithy/shared-ini-file-loader": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@smithy/types": "^3.4.0", @@ -11850,22 +11655,14 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/credential-provider-node": { - "version": "3.650.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.650.0.tgz", - "integrity": "sha512-uBra5YjzS/gWSekAogfqJfY6c+oKQkkou7Cjc4d/cpMNvQtF1IBdekJ7NaE1RfsDEz3uH1+Myd07YWZAJo/2Qw==", + "node_modules/@aws-sdk/middleware-expect-continue": { + "version": "3.649.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-expect-continue/-/middleware-expect-continue-3.649.0.tgz", + "integrity": "sha512-pW2id/mWNd+L0/hZKp5yL3J+8rTwsamu9E69Hc5pM3qTF4K4DTZZ+A0sQbY6duIvZvc8IbQHbSMulBOLyWNP3A==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/credential-provider-env": "3.649.0", - "@aws-sdk/credential-provider-http": "3.649.0", - "@aws-sdk/credential-provider-ini": "3.650.0", - "@aws-sdk/credential-provider-process": "3.649.0", - "@aws-sdk/credential-provider-sso": "3.650.0", - "@aws-sdk/credential-provider-web-identity": "3.649.0", "@aws-sdk/types": "3.649.0", - "@smithy/credential-provider-imds": "^3.2.1", - "@smithy/property-provider": "^3.1.4", - "@smithy/shared-ini-file-loader": "^3.1.5", + "@smithy/protocol-http": "^4.1.1", "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, @@ -11873,26 +11670,32 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/credential-provider-node/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", - "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", + "node_modules/@aws-sdk/middleware-flexible-checksums": { + "version": "3.651.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-flexible-checksums/-/middleware-flexible-checksums-3.651.0.tgz", + "integrity": "sha512-mGAOIjhNDcBK5+JD+W+Ky5YJL98jTNFTENJV/GiQ9t3CdqK3p02MNr/T6VwzEpzsJvJD23amogiEZeiqSQiibg==", "license": "Apache-2.0", "dependencies": { + "@aws-crypto/crc32": "5.2.0", + "@aws-crypto/crc32c": "5.2.0", + "@aws-sdk/types": "3.649.0", + "@smithy/is-array-buffer": "^3.0.0", + "@smithy/node-config-provider": "^3.1.5", + "@smithy/protocol-http": "^4.1.1", "@smithy/types": "^3.4.0", + "@smithy/util-utf8": "^3.0.0", "tslib": "^2.6.2" }, "engines": { "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/credential-provider-process": { - "version": "3.649.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.649.0.tgz", - "integrity": "sha512-6VYPQpEVpU+6DDS/gLoI40ppuNM5RPIEprK30qZZxnhTr5wyrGOeJ7J7wbbwPOZ5dKwta290BiJDU2ipV8Y9BQ==", + "node_modules/@aws-sdk/middleware-flexible-checksums/node_modules/@smithy/node-config-provider": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", + "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/types": "3.649.0", "@smithy/property-provider": "^3.1.4", "@smithy/shared-ini-file-loader": "^3.1.5", "@smithy/types": "^3.4.0", @@ -11902,7 +11705,7 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/credential-provider-process/node_modules/@smithy/shared-ini-file-loader": { + "node_modules/@aws-sdk/middleware-flexible-checksums/node_modules/@smithy/shared-ini-file-loader": { "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", @@ -11915,17 +11718,14 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/credential-provider-sso": { - "version": "3.650.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.650.0.tgz", - "integrity": "sha512-069nkhcwximbvyGiAC6Fr2G+yrG/p1S3NQ5BZ2cMzB1hgUKo6TvgFK7nriYI4ljMQ+UWxqPwIdTqiUmn2iJmhg==", + "node_modules/@aws-sdk/middleware-host-header": { + "version": "3.649.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.649.0.tgz", + "integrity": "sha512-PjAe2FocbicHVgNNwdSZ05upxIO7AgTPFtQLpnIAmoyzMcgv/zNB5fBn3uAnQSAeEPPCD+4SYVEUD1hw1ZBvEg==", "license": "Apache-2.0", "dependencies": { - "@aws-sdk/client-sso": "3.650.0", - "@aws-sdk/token-providers": "3.649.0", "@aws-sdk/types": "3.649.0", - "@smithy/property-provider": "^3.1.4", - "@smithy/shared-ini-file-loader": "^3.1.5", + "@smithy/protocol-http": "^4.1.1", "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, @@ -11933,257 +11733,13 @@ "node": ">=16.0.0" } }, - "node_modules/@aws-sdk/credential-provider-sso/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", - "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", + "node_modules/@aws-sdk/middleware-location-constraint": { + "version": "3.649.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-location-constraint/-/middleware-location-constraint-3.649.0.tgz", + "integrity": "sha512-O9AXhaFUQx34UTnp/cKCcaWW/IVk4mntlWfFjsIxvRatamKaY33b5fOiakGG+J1t0QFK0niDBSvOYUR1fdlHzw==", "license": "Apache-2.0", "dependencies": { - "@smithy/types": "^3.4.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/credential-provider-web-identity": { - "version": "3.649.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.649.0.tgz", - "integrity": "sha512-XVk3WsDa0g3kQFPmnCH/LaCtGY/0R2NDv7gscYZSXiBZcG/fixasglTprgWSp8zcA0t7tEIGu9suyjz8ZwhymQ==", - "license": "Apache-2.0", - "dependencies": { - "@aws-sdk/types": "3.649.0", - "@smithy/property-provider": "^3.1.4", - "@smithy/types": "^3.4.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - }, - "peerDependencies": { - "@aws-sdk/client-sts": "^3.649.0" - } - }, - "node_modules/@aws-sdk/credential-providers": { - "version": "3.650.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-providers/-/credential-providers-3.650.0.tgz", - "integrity": "sha512-e99xHtzfL3fwS5j2gzMXRikoux/vNO3JKlxYSTnz/yfcReYRtRIz4iNrbqOzYFIQFlPS11ToXXXcwl6FOzNM7Q==", - "license": "Apache-2.0", - "dependencies": { - "@aws-sdk/client-cognito-identity": "3.650.0", - "@aws-sdk/client-sso": "3.650.0", - "@aws-sdk/client-sts": "3.650.0", - "@aws-sdk/credential-provider-cognito-identity": "3.650.0", - "@aws-sdk/credential-provider-env": "3.649.0", - "@aws-sdk/credential-provider-http": "3.649.0", - "@aws-sdk/credential-provider-ini": "3.650.0", - "@aws-sdk/credential-provider-node": "3.650.0", - "@aws-sdk/credential-provider-process": "3.649.0", - "@aws-sdk/credential-provider-sso": "3.650.0", - "@aws-sdk/credential-provider-web-identity": "3.649.0", - "@aws-sdk/types": "3.649.0", - "@smithy/credential-provider-imds": "^3.2.1", - "@smithy/property-provider": "^3.1.4", - "@smithy/types": "^3.4.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/endpoint-cache": { - "version": "3.572.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/endpoint-cache/-/endpoint-cache-3.572.0.tgz", - "integrity": "sha512-CzuRWMj/xtN9p9eP915nlPmlyniTzke732Ow/M60++gGgB3W+RtZyFftw3TEx+NzNhd1tH54dEcGiWdiNaBz3Q==", - "dev": true, - "license": "Apache-2.0", - "dependencies": { - "mnemonist": "0.38.3", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/middleware-bucket-endpoint": { - "version": "3.649.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-bucket-endpoint/-/middleware-bucket-endpoint-3.649.0.tgz", - "integrity": "sha512-ZdDICtUU4YZkrVllTUOH1Fj/F3WShLhkfNKJE3HJ/yj6pS8JS9P2lWzHiHkHiidjrHSxc6NuBo6vuZ+182XLbw==", - "license": "Apache-2.0", - "dependencies": { - "@aws-sdk/types": "3.649.0", - "@aws-sdk/util-arn-parser": "3.568.0", - "@smithy/node-config-provider": "^3.1.5", - "@smithy/protocol-http": "^4.1.1", - "@smithy/types": "^3.4.0", - "@smithy/util-config-provider": "^3.0.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/middleware-bucket-endpoint/node_modules/@smithy/node-config-provider": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", - "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/property-provider": "^3.1.4", - "@smithy/shared-ini-file-loader": "^3.1.5", - "@smithy/types": "^3.4.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/middleware-bucket-endpoint/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", - "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/types": "^3.4.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/middleware-endpoint-discovery": { - "version": "3.649.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-endpoint-discovery/-/middleware-endpoint-discovery-3.649.0.tgz", - "integrity": "sha512-deyv8Vx2a7+63NVrOURfUlyfxPbpbtJSPHLbQikHthuEs3dYol/5LXr1VonFe9dlzHRa1ZPMnA2ibOBmUCwz5g==", - "dev": true, - "license": "Apache-2.0", - "dependencies": { - "@aws-sdk/endpoint-cache": "3.572.0", - "@aws-sdk/types": "3.649.0", - "@smithy/node-config-provider": "^3.1.5", - "@smithy/protocol-http": "^4.1.1", - "@smithy/types": "^3.4.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/middleware-endpoint-discovery/node_modules/@smithy/node-config-provider": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", - "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", - "dev": true, - "license": "Apache-2.0", - "dependencies": { - "@smithy/property-provider": "^3.1.4", - "@smithy/shared-ini-file-loader": "^3.1.5", - "@smithy/types": "^3.4.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/middleware-endpoint-discovery/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", - "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", - "dev": true, - "license": "Apache-2.0", - "dependencies": { - "@smithy/types": "^3.4.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/middleware-expect-continue": { - "version": "3.649.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-expect-continue/-/middleware-expect-continue-3.649.0.tgz", - "integrity": "sha512-pW2id/mWNd+L0/hZKp5yL3J+8rTwsamu9E69Hc5pM3qTF4K4DTZZ+A0sQbY6duIvZvc8IbQHbSMulBOLyWNP3A==", - "license": "Apache-2.0", - "dependencies": { - "@aws-sdk/types": "3.649.0", - "@smithy/protocol-http": "^4.1.1", - "@smithy/types": "^3.4.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/middleware-flexible-checksums": { - "version": "3.651.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-flexible-checksums/-/middleware-flexible-checksums-3.651.0.tgz", - "integrity": "sha512-mGAOIjhNDcBK5+JD+W+Ky5YJL98jTNFTENJV/GiQ9t3CdqK3p02MNr/T6VwzEpzsJvJD23amogiEZeiqSQiibg==", - "license": "Apache-2.0", - "dependencies": { - "@aws-crypto/crc32": "5.2.0", - "@aws-crypto/crc32c": "5.2.0", - "@aws-sdk/types": "3.649.0", - "@smithy/is-array-buffer": "^3.0.0", - "@smithy/node-config-provider": "^3.1.5", - "@smithy/protocol-http": "^4.1.1", - "@smithy/types": "^3.4.0", - "@smithy/util-utf8": "^3.0.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/middleware-flexible-checksums/node_modules/@smithy/node-config-provider": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", - "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/property-provider": "^3.1.4", - "@smithy/shared-ini-file-loader": "^3.1.5", - "@smithy/types": "^3.4.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/middleware-flexible-checksums/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", - "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", - "license": "Apache-2.0", - "dependencies": { - "@smithy/types": "^3.4.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/middleware-host-header": { - "version": "3.649.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.649.0.tgz", - "integrity": "sha512-PjAe2FocbicHVgNNwdSZ05upxIO7AgTPFtQLpnIAmoyzMcgv/zNB5fBn3uAnQSAeEPPCD+4SYVEUD1hw1ZBvEg==", - "license": "Apache-2.0", - "dependencies": { - "@aws-sdk/types": "3.649.0", - "@smithy/protocol-http": "^4.1.1", - "@smithy/types": "^3.4.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@aws-sdk/middleware-location-constraint": { - "version": "3.649.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-location-constraint/-/middleware-location-constraint-3.649.0.tgz", - "integrity": "sha512-O9AXhaFUQx34UTnp/cKCcaWW/IVk4mntlWfFjsIxvRatamKaY33b5fOiakGG+J1t0QFK0niDBSvOYUR1fdlHzw==", - "license": "Apache-2.0", - "dependencies": { - "@aws-sdk/types": "3.649.0", + "@aws-sdk/types": "3.649.0", "@smithy/types": "^3.4.0", "tslib": "^2.6.2" }, @@ -31933,7 +31489,7 @@ "@aws-amplify/auth-construct": "^1.3.1", "@aws-amplify/backend-output-storage": "^1.1.2", "@aws-amplify/plugin-types": "^1.3.0", - "@aws-amplify/reference-auth-construct": "0.1.0" + "@aws-amplify/reference-auth-construct": "^0.1.0" }, "devDependencies": { "@aws-amplify/backend-platform-test-stubs": "^0.3.5", @@ -32671,8 +32227,8 @@ "@aws-amplify/backend-output-schemas": "^1.1.0", "@aws-amplify/backend-output-storage": "^1.1.2", "@aws-amplify/plugin-types": "^1.2.2", - "@aws-sdk/client-cognito-identity": "^3.662.0", - "@aws-sdk/client-cognito-identity-provider": "^3.662.0", + "@aws-sdk/client-cognito-identity": "^3.624.0", + "@aws-sdk/client-cognito-identity-provider": "^3.624.0", "@types/aws-lambda": "^8.10.119", "aws-lambda": "^1.0.7" }, @@ -32681,530 +32237,6 @@ "constructs": "^10.0.0" } }, - "packages/reference-auth-construct/node_modules/@aws-sdk/client-cognito-identity": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-cognito-identity/-/client-cognito-identity-3.662.0.tgz", - "integrity": "sha512-ZHftalHETCtrEn0Nf6LFCjSbJFBAs/LawNR4N/evSmK4e+YjqbYUw/rzKISKHr6gdFEWYnYDcl2iLR5yX2b3yg==", - "dependencies": { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/client-sso-oidc": "3.662.0", - "@aws-sdk/client-sts": "3.662.0", - "@aws-sdk/core": "3.662.0", - "@aws-sdk/credential-provider-node": "3.662.0", - "@aws-sdk/middleware-host-header": "3.662.0", - "@aws-sdk/middleware-logger": "3.662.0", - "@aws-sdk/middleware-recursion-detection": "3.662.0", - "@aws-sdk/middleware-user-agent": "3.662.0", - "@aws-sdk/region-config-resolver": "3.662.0", - "@aws-sdk/types": "3.662.0", - "@aws-sdk/util-endpoints": "3.662.0", - "@aws-sdk/util-user-agent-browser": "3.662.0", - "@aws-sdk/util-user-agent-node": "3.662.0", - "@smithy/config-resolver": "^3.0.9", - "@smithy/core": "^2.4.7", - "@smithy/fetch-http-handler": "^3.2.9", - "@smithy/hash-node": "^3.0.7", - "@smithy/invalid-dependency": "^3.0.7", - "@smithy/middleware-content-length": "^3.0.9", - "@smithy/middleware-endpoint": "^3.1.4", - "@smithy/middleware-retry": "^3.0.22", - "@smithy/middleware-serde": "^3.0.7", - "@smithy/middleware-stack": "^3.0.7", - "@smithy/node-config-provider": "^3.1.8", - "@smithy/node-http-handler": "^3.2.4", - "@smithy/protocol-http": "^4.1.4", - "@smithy/smithy-client": "^3.3.6", - "@smithy/types": "^3.5.0", - "@smithy/url-parser": "^3.0.7", - "@smithy/util-base64": "^3.0.0", - "@smithy/util-body-length-browser": "^3.0.0", - "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.22", - "@smithy/util-defaults-mode-node": "^3.0.22", - "@smithy/util-endpoints": "^2.1.3", - "@smithy/util-middleware": "^3.0.7", - "@smithy/util-retry": "^3.0.7", - "@smithy/util-utf8": "^3.0.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/client-sso": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.662.0.tgz", - "integrity": "sha512-4j3+eNSnNblcIYCJrsRRdyXFjAWGpGa7s7pdIyDMLwtYA7AKNlnlyQV14jtezhMrN2j6qZ7zZmnwEyFGipgfWA==", - "dependencies": { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "3.662.0", - "@aws-sdk/middleware-host-header": "3.662.0", - "@aws-sdk/middleware-logger": "3.662.0", - "@aws-sdk/middleware-recursion-detection": "3.662.0", - "@aws-sdk/middleware-user-agent": "3.662.0", - "@aws-sdk/region-config-resolver": "3.662.0", - "@aws-sdk/types": "3.662.0", - "@aws-sdk/util-endpoints": "3.662.0", - "@aws-sdk/util-user-agent-browser": "3.662.0", - "@aws-sdk/util-user-agent-node": "3.662.0", - "@smithy/config-resolver": "^3.0.9", - "@smithy/core": "^2.4.7", - "@smithy/fetch-http-handler": "^3.2.9", - "@smithy/hash-node": "^3.0.7", - "@smithy/invalid-dependency": "^3.0.7", - "@smithy/middleware-content-length": "^3.0.9", - "@smithy/middleware-endpoint": "^3.1.4", - "@smithy/middleware-retry": "^3.0.22", - "@smithy/middleware-serde": "^3.0.7", - "@smithy/middleware-stack": "^3.0.7", - "@smithy/node-config-provider": "^3.1.8", - "@smithy/node-http-handler": "^3.2.4", - "@smithy/protocol-http": "^4.1.4", - "@smithy/smithy-client": "^3.3.6", - "@smithy/types": "^3.5.0", - "@smithy/url-parser": "^3.0.7", - "@smithy/util-base64": "^3.0.0", - "@smithy/util-body-length-browser": "^3.0.0", - "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.22", - "@smithy/util-defaults-mode-node": "^3.0.22", - "@smithy/util-endpoints": "^2.1.3", - "@smithy/util-middleware": "^3.0.7", - "@smithy/util-retry": "^3.0.7", - "@smithy/util-utf8": "^3.0.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/client-sso-oidc": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.662.0.tgz", - "integrity": "sha512-YZrH0sftdmjvEIY8u0LCrfEhyaMVpN0+K0K9WsUrFRMZ7DK6nB9YD1f5EaKUN5UjNw5S7gbjSdI8neSCoELjhw==", - "dependencies": { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/core": "3.662.0", - "@aws-sdk/credential-provider-node": "3.662.0", - "@aws-sdk/middleware-host-header": "3.662.0", - "@aws-sdk/middleware-logger": "3.662.0", - "@aws-sdk/middleware-recursion-detection": "3.662.0", - "@aws-sdk/middleware-user-agent": "3.662.0", - "@aws-sdk/region-config-resolver": "3.662.0", - "@aws-sdk/types": "3.662.0", - "@aws-sdk/util-endpoints": "3.662.0", - "@aws-sdk/util-user-agent-browser": "3.662.0", - "@aws-sdk/util-user-agent-node": "3.662.0", - "@smithy/config-resolver": "^3.0.9", - "@smithy/core": "^2.4.7", - "@smithy/fetch-http-handler": "^3.2.9", - "@smithy/hash-node": "^3.0.7", - "@smithy/invalid-dependency": "^3.0.7", - "@smithy/middleware-content-length": "^3.0.9", - "@smithy/middleware-endpoint": "^3.1.4", - "@smithy/middleware-retry": "^3.0.22", - "@smithy/middleware-serde": "^3.0.7", - "@smithy/middleware-stack": "^3.0.7", - "@smithy/node-config-provider": "^3.1.8", - "@smithy/node-http-handler": "^3.2.4", - "@smithy/protocol-http": "^4.1.4", - "@smithy/smithy-client": "^3.3.6", - "@smithy/types": "^3.5.0", - "@smithy/url-parser": "^3.0.7", - "@smithy/util-base64": "^3.0.0", - "@smithy/util-body-length-browser": "^3.0.0", - "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.22", - "@smithy/util-defaults-mode-node": "^3.0.22", - "@smithy/util-endpoints": "^2.1.3", - "@smithy/util-middleware": "^3.0.7", - "@smithy/util-retry": "^3.0.7", - "@smithy/util-utf8": "^3.0.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - }, - "peerDependencies": { - "@aws-sdk/client-sts": "^3.662.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/client-sts": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.662.0.tgz", - "integrity": "sha512-RjiXvfW3a36ybHuzYuZ6ZgddYiENiXLDGC3tlZMsKWuoVQNeoh2grx1wxUA6e4ajAIqJLXs5dAYTSXzGaAqHTA==", - "dependencies": { - "@aws-crypto/sha256-browser": "5.2.0", - "@aws-crypto/sha256-js": "5.2.0", - "@aws-sdk/client-sso-oidc": "3.662.0", - "@aws-sdk/core": "3.662.0", - "@aws-sdk/credential-provider-node": "3.662.0", - "@aws-sdk/middleware-host-header": "3.662.0", - "@aws-sdk/middleware-logger": "3.662.0", - "@aws-sdk/middleware-recursion-detection": "3.662.0", - "@aws-sdk/middleware-user-agent": "3.662.0", - "@aws-sdk/region-config-resolver": "3.662.0", - "@aws-sdk/types": "3.662.0", - "@aws-sdk/util-endpoints": "3.662.0", - "@aws-sdk/util-user-agent-browser": "3.662.0", - "@aws-sdk/util-user-agent-node": "3.662.0", - "@smithy/config-resolver": "^3.0.9", - "@smithy/core": "^2.4.7", - "@smithy/fetch-http-handler": "^3.2.9", - "@smithy/hash-node": "^3.0.7", - "@smithy/invalid-dependency": "^3.0.7", - "@smithy/middleware-content-length": "^3.0.9", - "@smithy/middleware-endpoint": "^3.1.4", - "@smithy/middleware-retry": "^3.0.22", - "@smithy/middleware-serde": "^3.0.7", - "@smithy/middleware-stack": "^3.0.7", - "@smithy/node-config-provider": "^3.1.8", - "@smithy/node-http-handler": "^3.2.4", - "@smithy/protocol-http": "^4.1.4", - "@smithy/smithy-client": "^3.3.6", - "@smithy/types": "^3.5.0", - "@smithy/url-parser": "^3.0.7", - "@smithy/util-base64": "^3.0.0", - "@smithy/util-body-length-browser": "^3.0.0", - "@smithy/util-body-length-node": "^3.0.0", - "@smithy/util-defaults-mode-browser": "^3.0.22", - "@smithy/util-defaults-mode-node": "^3.0.22", - "@smithy/util-endpoints": "^2.1.3", - "@smithy/util-middleware": "^3.0.7", - "@smithy/util-retry": "^3.0.7", - "@smithy/util-utf8": "^3.0.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/core": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.662.0.tgz", - "integrity": "sha512-w64Fa4dsgM8vN7Z+QPR3n+aAl5GXThQRH8deT/iF1rLrzfq7V8xxACJ/CLVaxrZMZUPUUgG7DUAo95nXFWmGjA==", - "dependencies": { - "@smithy/core": "^2.4.7", - "@smithy/node-config-provider": "^3.1.8", - "@smithy/property-provider": "^3.1.7", - "@smithy/protocol-http": "^4.1.4", - "@smithy/signature-v4": "^4.2.0", - "@smithy/smithy-client": "^3.3.6", - "@smithy/types": "^3.5.0", - "@smithy/util-middleware": "^3.0.7", - "fast-xml-parser": "4.4.1", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/credential-provider-env": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.662.0.tgz", - "integrity": "sha512-Dgwb0c/FH4xT5QZZFdLTFmCkdG3woXIAgLx5HCoH9Ty5G7T8keHOU9Jm4Vpe2ZJXL7JJHlLakGS65+bgXTuLSQ==", - "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/property-provider": "^3.1.7", - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/credential-provider-http": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.662.0.tgz", - "integrity": "sha512-Wnle/uJI4Ku9ABJHof9sio28VlaSbF3jVQKTSVCJftvbKELlFOlY5aXSjtu0wwcJqDS5r78N5KM7aARUJES+DA==", - "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/fetch-http-handler": "^3.2.9", - "@smithy/node-http-handler": "^3.2.4", - "@smithy/property-provider": "^3.1.7", - "@smithy/protocol-http": "^4.1.4", - "@smithy/smithy-client": "^3.3.6", - "@smithy/types": "^3.5.0", - "@smithy/util-stream": "^3.1.9", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/credential-provider-ini": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.662.0.tgz", - "integrity": "sha512-jk+A5B0NRYG4KrjJ8ef1+r9bFjhpwUm/A9grJmp3JOwcHKXvI2Gy9BXNqfqqVgrK0Gns+WyhJZy6rsRaC+v1oQ==", - "dependencies": { - "@aws-sdk/credential-provider-env": "3.662.0", - "@aws-sdk/credential-provider-http": "3.662.0", - "@aws-sdk/credential-provider-process": "3.662.0", - "@aws-sdk/credential-provider-sso": "3.662.0", - "@aws-sdk/credential-provider-web-identity": "3.662.0", - "@aws-sdk/types": "3.662.0", - "@smithy/credential-provider-imds": "^3.2.4", - "@smithy/property-provider": "^3.1.7", - "@smithy/shared-ini-file-loader": "^3.1.8", - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - }, - "peerDependencies": { - "@aws-sdk/client-sts": "^3.662.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/credential-provider-node": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.662.0.tgz", - "integrity": "sha512-2O9wjxdLcU1b+bWVkp3YYbPHo15SU3pW4KfWTca5bB/C01i1eqiHnwsOFz/WKPYYKNj0FhXtJJjeDQLtNFYI8A==", - "dependencies": { - "@aws-sdk/credential-provider-env": "3.662.0", - "@aws-sdk/credential-provider-http": "3.662.0", - "@aws-sdk/credential-provider-ini": "3.662.0", - "@aws-sdk/credential-provider-process": "3.662.0", - "@aws-sdk/credential-provider-sso": "3.662.0", - "@aws-sdk/credential-provider-web-identity": "3.662.0", - "@aws-sdk/types": "3.662.0", - "@smithy/credential-provider-imds": "^3.2.4", - "@smithy/property-provider": "^3.1.7", - "@smithy/shared-ini-file-loader": "^3.1.8", - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/credential-provider-process": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.662.0.tgz", - "integrity": "sha512-1QUdtr/JiuvRjVgA8enpgCwjq7Eud8eVUT0i/vpWuFp5TV2FFq/8BD3GBkesTdy4Ylms6QVGf7J6INdfUWQEmw==", - "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/property-provider": "^3.1.7", - "@smithy/shared-ini-file-loader": "^3.1.8", - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/credential-provider-sso": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.662.0.tgz", - "integrity": "sha512-zxze6pDPgwBwl7S3h4JDALCCz93pTAfulbCY8FqMEd7GvnAiofHpL9svyt4+gytXwwUSsQ6KxCMVLbi+8k8YIg==", - "dependencies": { - "@aws-sdk/client-sso": "3.662.0", - "@aws-sdk/token-providers": "3.662.0", - "@aws-sdk/types": "3.662.0", - "@smithy/property-provider": "^3.1.7", - "@smithy/shared-ini-file-loader": "^3.1.8", - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/credential-provider-web-identity": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.662.0.tgz", - "integrity": "sha512-GhPwxmHSFtwCckuT+34JG+U99qKfDWVYPLJOPI6b35+aLhfVqW5CHPmVjtM4WZqbxzsA0a3KAYA/U1ZaluI4SA==", - "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/property-provider": "^3.1.7", - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - }, - "peerDependencies": { - "@aws-sdk/client-sts": "^3.662.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/middleware-host-header": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.662.0.tgz", - "integrity": "sha512-Gkb0J1LTvD8LOS8uwoRI5weFXvvJwP1jfnYwzQrFgLymRFHJm5JtORQZtmw34dtdou+IBTUsH1mgI8b3QVVH3w==", - "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/protocol-http": "^4.1.4", - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/middleware-logger": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-logger/-/middleware-logger-3.662.0.tgz", - "integrity": "sha512-aSpwVHtfMlqzpmnmmUgRNCaIcxXdRrGqGWG+VWXuYR1F6jJARDDCxGkSuKiPEOLX0h0BroUo4gqbM8ILXQ8rVw==", - "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/middleware-recursion-detection": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.662.0.tgz", - "integrity": "sha512-V/MYE+LOFIQDLnpWMHLxnKu+ELhD3pLOrWXVhKpVit6YcHxaOz6nvB40CPamSPDXenA11FGXKAGNHZ0loTpDQg==", - "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/protocol-http": "^4.1.4", - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/middleware-user-agent": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.662.0.tgz", - "integrity": "sha512-NT940BLSSys/A8W3zO3g2Kj+zpeydqGbSQgN6qz84jTskQjnrlamoq+Zl9Rrp8Cn8sC10UQ09kGg97lvjVOlmg==", - "dependencies": { - "@aws-sdk/types": "3.662.0", - "@aws-sdk/util-endpoints": "3.662.0", - "@smithy/protocol-http": "^4.1.4", - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/region-config-resolver": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.662.0.tgz", - "integrity": "sha512-MDiWl4wZSVnnTELLb+jFSe0nj9HwxJPX2JnghXKkOXmbKEiE2/21DCQwU9mr9VUq2ZOQqaSnMFPr94iRu0AVTQ==", - "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/node-config-provider": "^3.1.8", - "@smithy/types": "^3.5.0", - "@smithy/util-config-provider": "^3.0.0", - "@smithy/util-middleware": "^3.0.7", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/token-providers": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.662.0.tgz", - "integrity": "sha512-OqtBPutNC9Am10P1W5IwqRvzCVQAHRxWxZnfDBh1FQjNmoboGWYSriKxbrCRYLFffusNuzo8KnOFOmg1sRlhJQ==", - "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/property-provider": "^3.1.7", - "@smithy/shared-ini-file-loader": "^3.1.8", - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - }, - "peerDependencies": { - "@aws-sdk/client-sso-oidc": "^3.662.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/types": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.662.0.tgz", - "integrity": "sha512-Ff9/KRmIm8iEzodxzISLj4/pB/0hX2nVw1RFeOBC65OuM6nHrAdWHHog/CVx25hS5JPU0uE3h6NlWRaBJ7AV5w==", - "dependencies": { - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/util-endpoints": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.662.0.tgz", - "integrity": "sha512-RQ/78yNUxZZZULFg7VxT7oObGOR/FBc0ojiFoCAKC20ycY8VvVX5Eof4gyxoVpwOP7EoZO3UlWSIqtaEV/X70w==", - "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/types": "^3.5.0", - "@smithy/util-endpoints": "^2.1.3", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/util-user-agent-browser": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.662.0.tgz", - "integrity": "sha512-5wQd+HbNTY1r1Gndxf93dAEFtKz1DqcalI4Ym40To+RIonSsYQNRomFoizYNgJ1P+Mkfsr4P1dy/MNTlkqTZuQ==", - "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/types": "^3.5.0", - "bowser": "^2.11.0", - "tslib": "^2.6.2" - } - }, - "packages/reference-auth-construct/node_modules/@aws-sdk/util-user-agent-node": { - "version": "3.662.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.662.0.tgz", - "integrity": "sha512-vBRbZ9Hr1OGmdJPWj36X0fR8/VdI2JiwK6+oJRa6qfJ6AnhqCYZbCyeA6JIDeEu3M9iu1OLjenU8NdXhTz8c2w==", - "dependencies": { - "@aws-sdk/types": "3.662.0", - "@smithy/node-config-provider": "^3.1.8", - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - }, - "peerDependencies": { - "aws-crt": ">=1.0.0" - }, - "peerDependenciesMeta": { - "aws-crt": { - "optional": true - } - } - }, - "packages/reference-auth-construct/node_modules/@smithy/node-config-provider": { - "version": "3.1.8", - "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.8.tgz", - "integrity": "sha512-E0rU0DglpeJn5ge64mk8wTGEXcQwmpUTY5Zr7IzTpDLmHKiIamINERNZYrPQjg58Ck236sEKSwRSHA4CwshU6Q==", - "dependencies": { - "@smithy/property-provider": "^3.1.7", - "@smithy/shared-ini-file-loader": "^3.1.8", - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, - "packages/reference-auth-construct/node_modules/@smithy/shared-ini-file-loader": { - "version": "3.1.8", - "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.8.tgz", - "integrity": "sha512-0NHdQiSkeGl0ICQKcJQ2lCOKH23Nb0EaAa7RDRId6ZqwXkw4LJyIyZ0t3iusD4bnKYDPLGy2/5e2rfUhrt0Acw==", - "dependencies": { - "@smithy/types": "^3.5.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=16.0.0" - } - }, "packages/sandbox": { "name": "@aws-amplify/sandbox", "version": "1.2.2", diff --git a/packages/backend-auth/package.json b/packages/backend-auth/package.json index eacfeee59e..94fbdbdf75 100644 --- a/packages/backend-auth/package.json +++ b/packages/backend-auth/package.json @@ -20,7 +20,7 @@ "license": "Apache-2.0", "dependencies": { "@aws-amplify/auth-construct": "^1.3.1", - "@aws-amplify/reference-auth-construct": "0.1.0", + "@aws-amplify/reference-auth-construct": "^0.1.0", "@aws-amplify/backend-output-storage": "^1.1.2", "@aws-amplify/plugin-types": "^1.3.0" }, diff --git a/packages/backend/API.md b/packages/backend/API.md index ba53fec175..c9d790427f 100644 --- a/packages/backend/API.md +++ b/packages/backend/API.md @@ -26,6 +26,7 @@ import { defineStorage } from '@aws-amplify/backend-storage'; import { FunctionResources } from '@aws-amplify/plugin-types'; import { GenerateContainerEntryProps } from '@aws-amplify/plugin-types'; import { ImportPathVerifier } from '@aws-amplify/plugin-types'; +import { referenceAuth } from '@aws-amplify/backend-auth'; import { ResourceAccessAcceptorFactory } from '@aws-amplify/plugin-types'; import { ResourceProvider } from '@aws-amplify/plugin-types'; import { SsmEnvironmentEntriesGenerator } from '@aws-amplify/plugin-types'; @@ -90,6 +91,8 @@ export { GenerateContainerEntryProps } export { ImportPathVerifier } +export { referenceAuth } + export { ResourceProvider } // @public diff --git a/packages/backend/src/index.ts b/packages/backend/src/index.ts index 46adc6515e..5150f93a8e 100644 --- a/packages/backend/src/index.ts +++ b/packages/backend/src/index.ts @@ -17,7 +17,7 @@ export { defineData } from '@aws-amplify/backend-data'; export { type ClientSchema, a } from '@aws-amplify/data-schema'; // auth -export { defineAuth } from '@aws-amplify/backend-auth'; +export { defineAuth, referenceAuth } from '@aws-amplify/backend-auth'; // storage export { defineStorage } from '@aws-amplify/backend-storage'; diff --git a/packages/reference-auth-construct/package.json b/packages/reference-auth-construct/package.json index da0e7ecc41..66250b0ed8 100644 --- a/packages/reference-auth-construct/package.json +++ b/packages/reference-auth-construct/package.json @@ -21,8 +21,8 @@ "@aws-amplify/backend-output-schemas": "^1.1.0", "@aws-amplify/backend-output-storage": "^1.1.2", "@aws-amplify/plugin-types": "^1.2.2", - "@aws-sdk/client-cognito-identity-provider": "^3.662.0", - "@aws-sdk/client-cognito-identity": "^3.662.0", + "@aws-sdk/client-cognito-identity-provider": "^3.624.0", + "@aws-sdk/client-cognito-identity": "^3.624.0", "@types/aws-lambda": "^8.10.119", "aws-lambda": "^1.0.7" }, From b4ccb574806f21e552497169f365f1349caaa01e Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Thu, 3 Oct 2024 13:53:53 -0700 Subject: [PATCH 21/61] chore: fix mismatched output structure --- .../src/lambda/reference_auth_initializer.ts | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts index 9bdafbc77f..443042b89c 100644 --- a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts +++ b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts @@ -32,7 +32,7 @@ export const handler = async ( event.RequestType === 'Create' ? randomUUID() : event.PhysicalResourceId; let data; - if (!(event.RequestType === 'Update' || event.RequestType === 'Create')) { + if (event.RequestType === 'Update' || event.RequestType === 'Create') { data = await initialize(event); } @@ -224,15 +224,15 @@ export const getUserPoolClientOutputs = async ( } const data = { oauthScope: JSON.stringify(userPoolClient.AllowedOAuthScopes ?? []), - oauthRedirectSignIn: JSON.stringify( - userPoolClient.CallbackURLs?.join(',') ?? [] - ), - oauthRedirectSignOut: JSON.stringify( - userPoolClient.LogoutURLs?.join(',') ?? [] - ), - oauthResponseType: JSON.stringify( - userPoolClient.AllowedOAuthFlows?.join(',') ?? [] - ), + oauthRedirectSignIn: userPoolClient.CallbackURLs + ? userPoolClient.CallbackURLs.join(',') + : '', + oauthRedirectSignOut: userPoolClient.LogoutURLs + ? userPoolClient.LogoutURLs.join(',') + : '', + oauthResponseType: userPoolClient.AllowedOAuthFlows + ? userPoolClient.AllowedOAuthFlows.join(',') + : '', oauthClientId: userPoolClientId, }; return data; From 618a0eb3100d4da7c2f4e8877e72318dd9b97f6b Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Fri, 11 Oct 2024 14:25:01 -0700 Subject: [PATCH 22/61] chore: refactor and add tests --- .../reference-auth-construct/src/construct.ts | 3 + .../lambda/reference_auth_initializer.test.ts | 306 ++++++++ .../src/lambda/reference_auth_initializer.ts | 667 ++++++++++++------ .../reference_auth_initializer_types.ts | 3 + .../src/lambda/sample_data.ts | 426 +++++++++++ 5 files changed, 1204 insertions(+), 201 deletions(-) create mode 100644 packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts create mode 100644 packages/reference-auth-construct/src/lambda/sample_data.ts diff --git a/packages/reference-auth-construct/src/construct.ts b/packages/reference-auth-construct/src/construct.ts index 15e9a96778..63a3a28ec2 100644 --- a/packages/reference-auth-construct/src/construct.ts +++ b/packages/reference-auth-construct/src/construct.ts @@ -156,6 +156,9 @@ export class AmplifyReferenceAuth userPoolId: props.userPoolId, identityPoolId: props.identityPoolId, userPoolClientId: props.userPoolClientId, + authRoleArn: props.authRoleArn, + unauthRoleArn: props.unauthRoleArn, + region: Stack.of(this).region, }; // custom resource this.configurationCustomResource = new CustomResource( diff --git a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts new file mode 100644 index 0000000000..4c5731b7a9 --- /dev/null +++ b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts @@ -0,0 +1,306 @@ +import { beforeEach, describe, it, mock } from 'node:test'; +import { ReferenceAuthInitializer } from './reference_auth_initializer'; +import { CloudFormationCustomResourceEvent } from 'aws-lambda'; +import { ReferenceAuthInitializerProps } from './reference_auth_initializer_types'; +import assert from 'node:assert'; +import { + CognitoIdentityProviderClient, + DescribeUserPoolClientCommand, + DescribeUserPoolClientCommandOutput, + DescribeUserPoolCommand, + DescribeUserPoolCommandOutput, + GetUserPoolMfaConfigCommand, + GetUserPoolMfaConfigCommandOutput, + ListIdentityProvidersCommand, + ListIdentityProvidersCommandOutput, +} from '@aws-sdk/client-cognito-identity-provider'; +import { + CognitoIdentityClient, + DescribeIdentityPoolCommand, + GetIdentityPoolRolesCommand, +} from '@aws-sdk/client-cognito-identity'; +import { + IdentityPool, + IdentityPoolRoles, + IdentityProviders, + MFAResponse, + UserPool, + UserPoolClient, +} from './sample_data'; + +const inputProperties: ReferenceAuthInitializerProps = { + authRoleArn: 'arn:aws:iam::000000000000:role/service-role/ref-auth-role-1', + unauthRoleArn: 'arn:aws:iam::000000000000:role/service-role/ref-unauth-role1', + identityPoolId: 'us-east-1:sample-identity-pool-id', + userPoolClientId: 'sampleUserPoolClientId', + userPoolId: 'us-east-1_userpoolTest', + region: 'us-east-1', +}; +const customResourceEventCommon: Omit< + CloudFormationCustomResourceEvent, + 'RequestType' +> = { + ServiceToken: 'mockServiceToken', + ResponseURL: 'mockPreSignedS3Url', + StackId: 'mockStackId', + RequestId: '123', + LogicalResourceId: 'logicalId', + ResourceType: 'AWS::CloudFormation::CustomResource', + ResourceProperties: { + ...inputProperties, + ServiceToken: 'token', + }, +}; +const createCfnEvent: CloudFormationCustomResourceEvent = { + RequestType: 'Create', + ...customResourceEventCommon, +}; + +const updateCfnEvent: CloudFormationCustomResourceEvent = { + RequestType: 'Update', + PhysicalResourceId: 'physicalId', + OldResourceProperties: { + ...inputProperties, + ServiceToken: 'token', + }, + ...customResourceEventCommon, +}; + +const deleteCfnEvent: CloudFormationCustomResourceEvent = { + RequestType: 'Delete', + PhysicalResourceId: 'physicalId', + ...customResourceEventCommon, +}; + +const uuidMock = () => '00000000-0000-0000-0000-000000000000'; +const identityProviderClient = new CognitoIdentityProviderClient(); +const identityClient = new CognitoIdentityClient(); +const expectedData = { + userPoolId: 'us-east-1_userpoolTest', + webClientId: 'sampleUserPoolClientId', + identityPoolId: 'us-east-1:sample-identity-pool-id', + signupAttributes: '["sub","email","name"]', + usernameAttributes: '[]', + verificationMechanisms: '["email"]', + passwordPolicyMinLength: '10', + passwordPolicyRequirements: + '["REQUIRES_NUMBERS","REQUIRES_LOWERCASE","REQUIRES_UPPERCASE"]', + mfaConfiguration: 'ON', + mfaTypes: '["TOTP"]', + socialProviders: '["FACEBOOK","GOOGLE","LOGIN_WITH_AMAZON"]', + oauthCognitoDomain: 'ref-auth-userpool-1', + allowUnauthenticatedIdentities: 'true', + oauthScope: '["email","openid","phone"]', + oauthRedirectSignIn: 'https://redirect.com,https://redirect2.com', + oauthRedirectSignOut: 'https://anotherlogouturl.com,https://logouturl.com', + oauthResponseType: 'code', + oauthClientId: 'sampleUserPoolClientId', +}; + +void describe('ReferenceAuthInitializer', () => { + let handler: ReferenceAuthInitializer; + let describeUserPoolResponse: DescribeUserPoolCommandOutput; + let getUserPoolMfaConfigResponse: GetUserPoolMfaConfigCommandOutput; + let listIdentityProvidersResponse: ListIdentityProvidersCommandOutput; + let describeUserPoolClientResponse: DescribeUserPoolClientCommandOutput; + + beforeEach(() => { + handler = new ReferenceAuthInitializer( + identityClient, + identityProviderClient, + uuidMock + ); + describeUserPoolResponse = { + $metadata: { + httpStatusCode: 200, + }, + UserPool: UserPool, + }; + getUserPoolMfaConfigResponse = { + $metadata: { + httpStatusCode: 200, + }, + ...MFAResponse, + }; + listIdentityProvidersResponse = { + $metadata: { + httpStatusCode: 200, + }, + Providers: [...IdentityProviders], + }; + describeUserPoolClientResponse = { + $metadata: { + httpStatusCode: 200, + }, + UserPoolClient: UserPoolClient, + }; + mock.method( + identityProviderClient, + 'send', + async ( + request: + | DescribeUserPoolCommand + | GetUserPoolMfaConfigCommand + | ListIdentityProvidersCommand + | DescribeUserPoolClientCommand + ) => { + if (request instanceof DescribeUserPoolCommand) { + return describeUserPoolResponse; + } + if (request instanceof GetUserPoolMfaConfigCommand) { + return getUserPoolMfaConfigResponse; + } + if (request instanceof ListIdentityProvidersCommand) { + return listIdentityProvidersResponse; + } + if (request instanceof DescribeUserPoolClientCommand) { + return describeUserPoolClientResponse; + } + return undefined; + } + ); + mock.method( + identityClient, + 'send', + async ( + request: DescribeIdentityPoolCommand | GetIdentityPoolRolesCommand + ) => { + if (request instanceof DescribeIdentityPoolCommand) { + return { + $metadata: { + httpStatusCode: 200, + }, + ...IdentityPool, + }; + } + if (request instanceof GetIdentityPoolRolesCommand) { + return { + $metadata: { + httpStatusCode: 200, + }, + ...IdentityPoolRoles, + }; + } + return undefined; + } + ); + }); + void it('handles create events', async () => { + const result = await handler.handleEvent(createCfnEvent); + assert.deepEqual(result.Status, 'SUCCESS'); + assert.equal( + result.PhysicalResourceId, + '00000000-0000-0000-0000-000000000000' + ); + assert.deepEqual(result.Data, expectedData); + }); + + void it('handles update events', async () => { + const result = await handler.handleEvent(updateCfnEvent); + assert.deepEqual(result.Status, 'SUCCESS'); + assert.deepEqual(result.Data, expectedData); + }); + + void it('handles delete events', async () => { + const result = await handler.handleEvent(deleteCfnEvent); + assert.deepEqual(result.Status, 'SUCCESS'); + }); + + void it('fails gracefully if fetching user pool fails', async () => { + describeUserPoolResponse = { + $metadata: { + httpStatusCode: 500, + }, + }; + const result = await handler.handleEvent(createCfnEvent); + assert.equal(result.Status, 'FAILED'); + assert.equal(result.Reason, 'Failed to retrieve the specified UserPool.'); + }); + + void it('fails gracefully if fetching user pool fails', async () => { + describeUserPoolResponse = { + $metadata: { + httpStatusCode: 200, + }, + UserPool: { + ...UserPool, + Policies: undefined, + }, + }; + const noPoliciesResult = await handler.handleEvent(createCfnEvent); + assert.equal(noPoliciesResult.Status, 'FAILED'); + assert.equal( + noPoliciesResult.Reason, + 'Failed to retrieve password policy.' + ); + }); + + void it('fails gracefully if fetching user pool MFA config fails', async () => { + getUserPoolMfaConfigResponse = { + $metadata: { + httpStatusCode: 500, + }, + }; + const result = await handler.handleEvent(createCfnEvent); + assert.equal(result.Status, 'FAILED'); + assert.equal( + result.Reason, + 'Failed to retrieve the MFA configuration for the specified UserPool.' + ); + }); + + void it('fails gracefully if fetching user pool providers fails', async () => { + listIdentityProvidersResponse = { + $metadata: { + httpStatusCode: 500, + }, + Providers: [], + }; + const httpErrorResult = await handler.handleEvent(createCfnEvent); + assert.equal(httpErrorResult.Status, 'FAILED'); + assert.equal( + httpErrorResult.Reason, + 'An error occurred while retrieving identity providers for the user pool.' + ); + listIdentityProvidersResponse = { + $metadata: { + httpStatusCode: 200, + }, + Providers: undefined, + }; + const undefinedProvidersResult = await handler.handleEvent(createCfnEvent); + assert.equal(undefinedProvidersResult.Status, 'FAILED'); + assert.equal( + undefinedProvidersResult.Reason, + 'An error occurred while retrieving identity providers for the user pool.' + ); + }); + + void it('fails gracefully if fetching user pool client fails', async () => { + describeUserPoolClientResponse = { + $metadata: { + httpStatusCode: 500, + }, + }; + const result = await handler.handleEvent(createCfnEvent); + assert.equal(result.Status, 'FAILED'); + assert.equal( + result.Reason, + 'An error occurred while retrieving the user pool client details.' + ); + describeUserPoolClientResponse = { + $metadata: { + httpStatusCode: 200, + }, + UserPoolClient: undefined, + }; + const undefinedUserPoolClientResult = await handler.handleEvent( + createCfnEvent + ); + assert.equal(undefinedUserPoolClientResult.Status, 'FAILED'); + assert.equal( + undefinedUserPoolClientResult.Reason, + 'An error occurred while retrieving the user pool client details.' + ); + }); +}); diff --git a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts index 443042b89c..508b3ae852 100644 --- a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts +++ b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts @@ -1,6 +1,7 @@ import { CloudFormationCustomResourceEvent, CloudFormationCustomResourceFailedResponse, + CloudFormationCustomResourceResponse, CloudFormationCustomResourceSuccessResponse, } from 'aws-lambda'; import { @@ -8,232 +9,496 @@ import { DescribeUserPoolClientCommand, DescribeUserPoolCommand, GetUserPoolMfaConfigCommand, + GetUserPoolMfaConfigCommandOutput, ListIdentityProvidersCommand, + PasswordPolicyType, + ProviderDescription, + UserPoolClientType, + UserPoolType, } from '@aws-sdk/client-cognito-identity-provider'; import { CognitoIdentityClient, DescribeIdentityPoolCommand, + DescribeIdentityPoolCommandOutput, + GetIdentityPoolRolesCommand, } from '@aws-sdk/client-cognito-identity'; import { randomUUID } from 'node:crypto'; import { ReferenceAuthInitializerProps } from './reference_auth_initializer_types.js'; import { AuthOutput } from '@aws-amplify/backend-output-schemas'; /** - * Entry point for the lambda-backend custom resource to retrieve a backend secret. + * Initializer that fetches and process auth resources. */ -export const handler = async ( - event: CloudFormationCustomResourceEvent -): Promise< - | CloudFormationCustomResourceSuccessResponse - | CloudFormationCustomResourceFailedResponse -> => { - console.info(`Received '${event.RequestType}' event`); - const physicalId = - event.RequestType === 'Create' ? randomUUID() : event.PhysicalResourceId; - - let data; - if (event.RequestType === 'Update' || event.RequestType === 'Create') { - data = await initialize(event); - } - - return { - RequestId: event.RequestId, - LogicalResourceId: event.LogicalResourceId, - PhysicalResourceId: physicalId, - Data: data, - StackId: event.StackId, - NoEcho: true, - Status: 'SUCCESS', - } as CloudFormationCustomResourceSuccessResponse; -}; +export class ReferenceAuthInitializer { + /** + * Create a new initializer + * @param cognitoIdentityClient identity client + * @param cognitoIdentityProviderClient identity provider client + */ + constructor( + private cognitoIdentityClient: CognitoIdentityClient, + private cognitoIdentityProviderClient: CognitoIdentityProviderClient, + private uuidGenerator: () => string + ) {} -/** - * Fetches relevant information required for auth outputs. - * @param event the CloudFormationCustomResourceEvent - */ -export const initialize = async (event: CloudFormationCustomResourceEvent) => { - const props = - event.ResourceProperties as unknown as ReferenceAuthInitializerProps; + /** + * Handles custom resource events + * @param event event to process + * @returns custom resource response + */ + public handleEvent = async (event: CloudFormationCustomResourceEvent) => { + console.info(`Received '${event.RequestType}' event`); + // physical id is only generated on create, otherwise it must stay the same + const physicalId = + event.RequestType === 'Create' + ? this.uuidGenerator() + : event.PhysicalResourceId; - const userPoolOutputs = await getUserPoolOutputs(props.userPoolId); - const identityPoolOutputs = await getIdentityPoolOutputs( - props.identityPoolId - ); - const userPoolClientOutputs = await getUserPoolClientOutputs( - props.userPoolId, - props.userPoolClientId - ); - const data: Omit = { - userPoolId: props.userPoolId, - webClientId: props.userPoolClientId, - identityPoolId: props.identityPoolId, - ...userPoolOutputs, - ...identityPoolOutputs, - ...userPoolClientOutputs, - }; - return data; -}; + // on delete, just respond with success since we don't need to do anything + if (event.RequestType === 'Delete') { + return { + RequestId: event.RequestId, + LogicalResourceId: event.LogicalResourceId, + PhysicalResourceId: physicalId, + StackId: event.StackId, + NoEcho: true, + Status: 'SUCCESS', + } as CloudFormationCustomResourceSuccessResponse; + } + // for create or update events, we will fetch and validate resource properties + const props = + event.ResourceProperties as unknown as ReferenceAuthInitializerProps; + try { + const { + userPool, + userPoolPasswordPolicy, + userPoolClient, + userPoolMFA, + userPoolProviders, + identityPool, + roles, + } = await this.getResourceDetails( + props.userPoolId, + props.identityPoolId, + props.userPoolClientId + ); -/** - * Fetch UserPool information and transform it into outputs. - * @param userPoolId the ID of the userPool - * @returns formatted outputs - */ -export const getUserPoolOutputs = async (userPoolId: string) => { - const userPoolClient = new CognitoIdentityProviderClient(); - const userPoolCommand = new DescribeUserPoolCommand({ - UserPoolId: userPoolId, - }); - - const userPoolResponse = await userPoolClient.send(userPoolCommand); - const userPool = userPoolResponse.UserPool; - if (!userPool) { - return undefined; - } - const mfaCommand = new GetUserPoolMfaConfigCommand({ - UserPoolId: userPoolId, - }); - const mfaResponse = await userPoolClient.send(mfaCommand); - // TBD - what to do with userpool containing lots of providers? ie, pagination - const providersCommand = new ListIdentityProvidersCommand({ - UserPoolId: userPoolId, - MaxResults: 20, - }); - const providersResponse = await userPoolClient.send(providersCommand); - const policy = userPool.Policies?.PasswordPolicy; - if (!policy) { - return undefined; - } - // password policy requirements - const requirements: string[] = []; - policy.RequireNumbers && requirements.push('REQUIRES_NUMBERS'); - policy.RequireLowercase && requirements.push('REQUIRES_LOWERCASE'); - policy.RequireUppercase && requirements.push('REQUIRES_UPPERCASE'); - policy.RequireSymbols && requirements.push('REQUIRES_SYMBOLS'); - - // mfa types - const mfaTypes: string[] = []; - if ( - mfaResponse.SmsMfaConfiguration && - mfaResponse.SmsMfaConfiguration.SmsConfiguration - ) { - mfaTypes.push('SMS_MFA'); - } - if (mfaResponse.SoftwareTokenMfaConfiguration?.Enabled) { - mfaTypes.push('TOTP'); - } - - // social providers - const socialProviders: string[] = []; - if (providersResponse.Providers) { - for (const provider of providersResponse.Providers) { - const providerType = provider.ProviderType; - const providerName = provider.ProviderName; - if (providerType === 'Google') { - socialProviders.push('GOOGLE'); - } - if (providerType === 'Facebook') { - socialProviders.push('FACEBOOK'); - } - if (providerType === 'SignInWithApple') { - socialProviders.push('SIGN_IN_WITH_APPLE'); - } - if (providerType === 'LoginWithAmazon') { - socialProviders.push('LOGIN_WITH_AMAZON'); - } - if (providerType === 'OIDC' && providerName) { - socialProviders.push(providerName); + this.validateResourceAssociations( + userPool, + userPoolClient, + identityPool, + roles, + props + ); + + const userPoolOutputs = await this.getUserPoolOutputs( + userPool, + userPoolPasswordPolicy, + userPoolProviders, + userPoolMFA + ); + const identityPoolOutputs = await this.getIdentityPoolOutputs( + identityPool + ); + const userPoolClientOutputs = await this.getUserPoolClientOutputs( + userPoolClient + ); + const data: Omit = { + userPoolId: props.userPoolId, + webClientId: props.userPoolClientId, + identityPoolId: props.identityPoolId, + ...userPoolOutputs, + ...identityPoolOutputs, + ...userPoolClientOutputs, + }; + return { + RequestId: event.RequestId, + LogicalResourceId: event.LogicalResourceId, + PhysicalResourceId: physicalId, + StackId: event.StackId, + NoEcho: true, + Data: data, + Status: 'SUCCESS', + } as CloudFormationCustomResourceSuccessResponse; + } catch (e) { + if (e instanceof Error) { + return this.failureResponse(event, physicalId, e.message); } - if (providerType === 'SAML' && providerName) { - socialProviders.push(providerName); + return this.failureResponse( + event, + physicalId, + 'An unknown error occurred while initializing auth resources.' + ); + } + }; + + private failureResponse = ( + event: CloudFormationCustomResourceEvent, + physicalId: string, + reason: string + ): CloudFormationCustomResourceFailedResponse => { + return { + RequestId: event.RequestId, + LogicalResourceId: event.LogicalResourceId, + PhysicalResourceId: physicalId, + StackId: event.StackId, + NoEcho: true, + Reason: reason, + Status: 'FAILED', + } as CloudFormationCustomResourceFailedResponse; + }; + + private getUserPool = async (userPoolId: string) => { + const userPoolCommand = new DescribeUserPoolCommand({ + UserPoolId: userPoolId, + }); + const userPoolResponse = await this.cognitoIdentityProviderClient.send( + userPoolCommand + ); + if ( + userPoolResponse.$metadata.httpStatusCode !== 200 || + !userPoolResponse.UserPool + ) { + throw new Error('Failed to retrieve the specified UserPool.'); + } + const userPool = userPoolResponse.UserPool; + const policy = userPool.Policies?.PasswordPolicy; + if (!policy) { + throw new Error('Failed to retrieve password policy.'); + } + return { + userPool: userPoolResponse.UserPool, + userPoolPasswordPolicy: policy, + }; + }; + + private getUserPoolMFASettings = async (userPoolId: string) => { + // mfa types + const mfaCommand = new GetUserPoolMfaConfigCommand({ + UserPoolId: userPoolId, + }); + const mfaResponse = await this.cognitoIdentityProviderClient.send( + mfaCommand + ); + if (mfaResponse.$metadata.httpStatusCode !== 200) { + throw new Error( + 'Failed to retrieve the MFA configuration for the specified UserPool.' + ); + } + return mfaResponse; + }; + + private getUserPoolProviders = async (userPoolId: string) => { + const providers: ProviderDescription[] = []; + let nextToken: string | undefined; + do { + const providersResponse = await this.cognitoIdentityProviderClient.send( + new ListIdentityProvidersCommand({ + UserPoolId: userPoolId, + NextToken: nextToken, + }) + ); + if ( + providersResponse.$metadata.httpStatusCode !== 200 || + providersResponse.Providers === undefined + ) { + throw new Error( + 'An error occurred while retrieving identity providers for the user pool.' + ); } + providers.push(...providersResponse.Providers); + nextToken = providersResponse.NextToken; + } while (nextToken); + return providers; + }; + + private getIdentityPool = async (identityPoolId: string) => { + const idpResponse = await this.cognitoIdentityClient.send( + new DescribeIdentityPoolCommand({ + IdentityPoolId: identityPoolId, + }) + ); + if ( + idpResponse.$metadata.httpStatusCode !== 200 || + !idpResponse.IdentityPoolId + ) { + throw new Error( + 'An error occurred while retrieving the identity pool details.' + ); } - } - - // domain - const oauthDomain = userPool.CustomDomain ?? userPool.Domain ?? ''; - - const data = { - signupAttributes: JSON.stringify( - userPool.SchemaAttributes?.filter( - (attribute) => attribute.Required && attribute.Name - ).map((attribute) => attribute.Name?.toLowerCase()) || [] - ), - usernameAttributes: JSON.stringify( - userPool.UsernameAttributes?.map((attribute) => - attribute.toLowerCase() - ) || [] - ), - verificationMechanisms: JSON.stringify( - userPool.AutoVerifiedAttributes ?? [] - ), - passwordPolicyMinLength: - policy.MinimumLength === undefined ? '' : policy.MinimumLength.toString(), - passwordPolicyRequirements: JSON.stringify(requirements), - mfaConfiguration: userPool.MfaConfiguration ?? 'OFF', - mfaTypes: JSON.stringify(mfaTypes), - socialProviders: JSON.stringify(socialProviders), - oauthCognitoDomain: oauthDomain, + return idpResponse; }; - return data; -}; -/** - * Fetch IdentityPool information and transform it into outputs. - * @param identityPoolId the ID of the identityPool - * @returns formatted outputs - */ -export const getIdentityPoolOutputs = async (identityPoolId: string) => { - const identityPoolClient = new CognitoIdentityClient(); + private getIdentityPoolRoles = async (identityPoolId: string) => { + const rolesCommand = new GetIdentityPoolRolesCommand({ + IdentityPoolId: identityPoolId, + }); + const rolesResponse = await this.cognitoIdentityClient.send(rolesCommand); + if ( + rolesResponse.$metadata.httpStatusCode !== 200 || + !rolesResponse.Roles + ) { + throw new Error( + 'An error occurred while retrieving the roles for the identity pool.' + ); + } + return rolesResponse.Roles; + }; - const idpCommand = new DescribeIdentityPoolCommand({ - IdentityPoolId: identityPoolId, - }); + private getUserPoolClient = async ( + userPoolId: string, + userPoolClientId: string + ) => { + const userPoolClientCommand = new DescribeUserPoolClientCommand({ + UserPoolId: userPoolId, + ClientId: userPoolClientId, + }); + const userPoolClientResponse = + await this.cognitoIdentityProviderClient.send(userPoolClientCommand); + if ( + userPoolClientResponse.$metadata.httpStatusCode !== 200 || + !userPoolClientResponse.UserPoolClient + ) { + throw new Error( + 'An error occurred while retrieving the user pool client details.' + ); + } + return userPoolClientResponse.UserPoolClient; + }; - const idpResponse = await identityPoolClient.send(idpCommand); - const data = { - allowUnauthenticatedIdentities: - idpResponse.AllowUnauthenticatedIdentities === true ? 'true' : 'false', + /** + * Retrieves all of the resource data that is necessary for validation and output generation. + * @param userPoolId userPoolId + * @param identityPoolId identityPoolId + * @param userPoolClientId userPoolClientId + * @returns all necessary resource data + */ + private getResourceDetails = async ( + userPoolId: string, + identityPoolId: string, + userPoolClientId: string + ) => { + const { userPool, userPoolPasswordPolicy } = await this.getUserPool( + userPoolId + ); + const userPoolMFA = await this.getUserPoolMFASettings(userPoolId); + const userPoolProviders = await this.getUserPoolProviders(userPoolId); + const userPoolClient = await this.getUserPoolClient( + userPoolId, + userPoolClientId + ); + const identityPool = await this.getIdentityPool(identityPoolId); + const roles = await this.getIdentityPoolRoles(identityPoolId); + return { + userPool, + userPoolPasswordPolicy, + userPoolClient, + userPoolMFA, + userPoolProviders, + identityPool, + roles, + }; + }; + + /** + * Validate the resource associations. + * 1. make sure the user pool & user pool client pair are a cognito provider for the identity pool + * 2. make sure the provided auth/unauth role ARNs match the roles for the identity pool + * 3. make sure the user pool client is a web client + * @param userPool userPool + * @param userPoolClient userPoolClient + * @param identityPool identityPool + * @param identityPoolRoles identityPool roles + * @param props props that include the roles which we compare with the actual roles for the identity pool + */ + private validateResourceAssociations = ( + userPool: UserPoolType, + userPoolClient: UserPoolClientType, + identityPool: DescribeIdentityPoolCommandOutput, + identityPoolRoles: Record, + props: ReferenceAuthInitializerProps + ) => { + // verify the user pool is a cognito provider for this identity pool + if (!identityPool.CognitoIdentityProviders) { + throw new Error( + 'The specified identity pool does not have any cognito identity providers.' + ); + } + // verify that the user pool + user pool client pair are configured with the identity pool + const matchingProvider = identityPool.CognitoIdentityProviders.find((p) => { + const matchingUserPool: boolean = + p.ProviderName === + `cognito-idp.${props.region}.amazonaws.com/${userPool.Id}`; + const matchingUserPoolClient: boolean = + p.ClientId === userPoolClient.ClientId; + return matchingUserPool && matchingUserPoolClient; + }); + if (!matchingProvider) { + throw new Error( + 'The user pool and user pool client pair do not match any cognito identity providers for the specified identity pool.' + ); + } + // verify the auth / unauth roles from the props match the identity pool roles that we retrieved + const authRoleArn = identityPoolRoles['authenticated']; + const unauthRoleArn = identityPoolRoles['unauthenticated']; + if (authRoleArn !== props.authRoleArn) { + throw new Error( + 'The provided authRoleArn does not match the authenticated role for the specified identity pool.' + ); + } + if (unauthRoleArn !== props.unauthRoleArn) { + throw new Error( + 'The provided unauthRoleArn does not match the unauthenticated role for the specified identity pool.' + ); + } + + // make sure the client is a web client here (web clients shouldn't have client secrets) + if (userPoolClient?.ClientSecret) { + throw new Error( + 'The specified user pool client is not configured as a web client.' + ); + } + }; + + /** + * Transform the userPool data into outputs. + * @param userPool user pool + * @param userPoolPasswordPolicy user pool password policy + * @param userPoolProviders user pool providers + * @param userPoolMFA user pool MFA settings + * @returns formatted outputs + */ + private getUserPoolOutputs = ( + userPool: UserPoolType, + userPoolPasswordPolicy: PasswordPolicyType, + userPoolProviders: ProviderDescription[], + userPoolMFA: GetUserPoolMfaConfigCommandOutput + ) => { + // password policy requirements + const requirements: string[] = []; + userPoolPasswordPolicy.RequireNumbers && + requirements.push('REQUIRES_NUMBERS'); + userPoolPasswordPolicy.RequireLowercase && + requirements.push('REQUIRES_LOWERCASE'); + userPoolPasswordPolicy.RequireUppercase && + requirements.push('REQUIRES_UPPERCASE'); + userPoolPasswordPolicy.RequireSymbols && + requirements.push('REQUIRES_SYMBOLS'); + // mfa types + const mfaTypes: string[] = []; + if ( + userPoolMFA.SmsMfaConfiguration && + userPoolMFA.SmsMfaConfiguration.SmsConfiguration + ) { + mfaTypes.push('SMS_MFA'); + } + if (userPoolMFA.SoftwareTokenMfaConfiguration?.Enabled) { + mfaTypes.push('TOTP'); + } + // social providers + const socialProviders: string[] = []; + if (userPoolProviders) { + for (const provider of userPoolProviders) { + const providerType = provider.ProviderType; + const providerName = provider.ProviderName; + if (providerType === 'Google') { + socialProviders.push('GOOGLE'); + } + if (providerType === 'Facebook') { + socialProviders.push('FACEBOOK'); + } + if (providerType === 'SignInWithApple') { + socialProviders.push('SIGN_IN_WITH_APPLE'); + } + if (providerType === 'LoginWithAmazon') { + socialProviders.push('LOGIN_WITH_AMAZON'); + } + if (providerType === 'OIDC' && providerName) { + socialProviders.push(providerName); + } + if (providerType === 'SAML' && providerName) { + socialProviders.push(providerName); + } + } + } + + // domain + const oauthDomain = userPool.CustomDomain ?? userPool.Domain ?? ''; + const data = { + signupAttributes: JSON.stringify( + userPool.SchemaAttributes?.filter( + (attribute) => attribute.Required && attribute.Name + ).map((attribute) => attribute.Name?.toLowerCase()) || [] + ), + usernameAttributes: JSON.stringify( + userPool.UsernameAttributes?.map((attribute) => + attribute.toLowerCase() + ) || [] + ), + verificationMechanisms: JSON.stringify( + userPool.AutoVerifiedAttributes ?? [] + ), + passwordPolicyMinLength: + userPoolPasswordPolicy.MinimumLength === undefined + ? '' + : userPoolPasswordPolicy.MinimumLength.toString(), + passwordPolicyRequirements: JSON.stringify(requirements), + mfaConfiguration: userPool.MfaConfiguration ?? 'OFF', + mfaTypes: JSON.stringify(mfaTypes), + socialProviders: JSON.stringify(socialProviders), + oauthCognitoDomain: oauthDomain, + }; + return data; }; - return data; -}; + + /** + * Transforms identityPool info into outputs. + * @param identityPool identity pool data + * @returns formatted outputs + */ + private getIdentityPoolOutputs = ( + identityPool: DescribeIdentityPoolCommandOutput + ) => { + const data = { + allowUnauthenticatedIdentities: + identityPool.AllowUnauthenticatedIdentities === true ? 'true' : 'false', + }; + return data; + }; + + /** + * Transforms userPoolClient info into outputs. + * @param userPoolClient userPoolClient data + * @returns formatted outputs + */ + private getUserPoolClientOutputs = (userPoolClient: UserPoolClientType) => { + const data = { + oauthScope: JSON.stringify(userPoolClient.AllowedOAuthScopes ?? []), + oauthRedirectSignIn: userPoolClient.CallbackURLs + ? userPoolClient.CallbackURLs.join(',') + : '', + oauthRedirectSignOut: userPoolClient.LogoutURLs + ? userPoolClient.LogoutURLs.join(',') + : '', + oauthResponseType: userPoolClient.AllowedOAuthFlows + ? userPoolClient.AllowedOAuthFlows.join(',') + : '', + oauthClientId: userPoolClient.ClientId, + }; + return data; + }; +} /** - * Fetch UserPoolClient information and transform it into outputs. - * @param userPoolId the ID of the userPool - * @param userPoolClientId the ID of the userPoolClient - * @returns formatted outputs + * Entry point for the lambda-backend custom resource to retrieve auth outputs. */ -export const getUserPoolClientOutputs = async ( - userPoolId: string, - userPoolClientId: string -) => { - const identityProviderClient = new CognitoIdentityProviderClient(); - - const userPoolClientCommand = new DescribeUserPoolClientCommand({ - UserPoolId: userPoolId, - ClientId: userPoolClientId, - }); - - const userPoolClientResponse = await identityProviderClient.send( - userPoolClientCommand +export const handler = async ( + event: CloudFormationCustomResourceEvent +): Promise => { + const initializer = new ReferenceAuthInitializer( + new CognitoIdentityClient(), + new CognitoIdentityProviderClient(), + randomUUID ); - const userPoolClient = userPoolClientResponse.UserPoolClient; - if (!userPoolClient) { - return undefined; - } - const data = { - oauthScope: JSON.stringify(userPoolClient.AllowedOAuthScopes ?? []), - oauthRedirectSignIn: userPoolClient.CallbackURLs - ? userPoolClient.CallbackURLs.join(',') - : '', - oauthRedirectSignOut: userPoolClient.LogoutURLs - ? userPoolClient.LogoutURLs.join(',') - : '', - oauthResponseType: userPoolClient.AllowedOAuthFlows - ? userPoolClient.AllowedOAuthFlows.join(',') - : '', - oauthClientId: userPoolClientId, - }; - return data; + return initializer.handleEvent(event); }; diff --git a/packages/reference-auth-construct/src/lambda/reference_auth_initializer_types.ts b/packages/reference-auth-construct/src/lambda/reference_auth_initializer_types.ts index 11430f4f89..2c83a4b062 100644 --- a/packages/reference-auth-construct/src/lambda/reference_auth_initializer_types.ts +++ b/packages/reference-auth-construct/src/lambda/reference_auth_initializer_types.ts @@ -1,5 +1,8 @@ export type ReferenceAuthInitializerProps = { userPoolId: string; identityPoolId: string; + authRoleArn: string; + unauthRoleArn: string; userPoolClientId: string; + region: string; }; diff --git a/packages/reference-auth-construct/src/lambda/sample_data.ts b/packages/reference-auth-construct/src/lambda/sample_data.ts new file mode 100644 index 0000000000..7c679e16f0 --- /dev/null +++ b/packages/reference-auth-construct/src/lambda/sample_data.ts @@ -0,0 +1,426 @@ +import { + GetUserPoolMfaConfigCommandOutput, + ProviderDescription, + UserPoolClientType, + UserPoolType, +} from '@aws-sdk/client-cognito-identity-provider'; + +/** + * Sample response from describe user pool command + */ +export const UserPool: Readonly = { + Id: 'us-east-1_userpoolTest', + Name: 'ref-auth-userpool-1', + Policies: { + PasswordPolicy: { + MinimumLength: 10, + RequireUppercase: true, + RequireLowercase: true, + RequireNumbers: true, + RequireSymbols: false, + TemporaryPasswordValidityDays: 7, + }, + }, + DeletionProtection: 'ACTIVE', + LambdaConfig: {}, + SchemaAttributes: [ + { + Name: 'profile', + AttributeDataType: 'String', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: false, + StringAttributeConstraints: { + MinLength: '0', + MaxLength: '2048', + }, + }, + { + Name: 'address', + AttributeDataType: 'String', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: false, + StringAttributeConstraints: { + MinLength: '0', + MaxLength: '2048', + }, + }, + { + Name: 'birthdate', + AttributeDataType: 'String', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: false, + StringAttributeConstraints: { + MinLength: '10', + MaxLength: '10', + }, + }, + { + Name: 'gender', + AttributeDataType: 'String', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: false, + StringAttributeConstraints: { + MinLength: '0', + MaxLength: '2048', + }, + }, + { + Name: 'preferred_username', + AttributeDataType: 'String', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: false, + StringAttributeConstraints: { + MinLength: '0', + MaxLength: '2048', + }, + }, + { + Name: 'updated_at', + AttributeDataType: 'Number', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: false, + NumberAttributeConstraints: { + MinValue: '0', + }, + }, + { + Name: 'website', + AttributeDataType: 'String', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: false, + StringAttributeConstraints: { + MinLength: '0', + MaxLength: '2048', + }, + }, + { + Name: 'picture', + AttributeDataType: 'String', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: false, + StringAttributeConstraints: { + MinLength: '0', + MaxLength: '2048', + }, + }, + { + Name: 'identities', + AttributeDataType: 'String', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: false, + StringAttributeConstraints: {}, + }, + { + Name: 'sub', + AttributeDataType: 'String', + DeveloperOnlyAttribute: false, + Mutable: false, + Required: true, + StringAttributeConstraints: { + MinLength: '1', + MaxLength: '2048', + }, + }, + { + Name: 'phone_number', + AttributeDataType: 'String', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: false, + StringAttributeConstraints: { + MinLength: '0', + MaxLength: '2048', + }, + }, + { + Name: 'phone_number_verified', + AttributeDataType: 'Boolean', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: false, + }, + { + Name: 'zoneinfo', + AttributeDataType: 'String', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: false, + StringAttributeConstraints: { + MinLength: '0', + MaxLength: '2048', + }, + }, + { + // eslint-disable-next-line spellcheck/spell-checker + Name: 'custom:duplicateemail', + AttributeDataType: 'String', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: false, + StringAttributeConstraints: {}, + }, + { + Name: 'locale', + AttributeDataType: 'String', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: false, + StringAttributeConstraints: { + MinLength: '0', + MaxLength: '2048', + }, + }, + { + Name: 'email', + AttributeDataType: 'String', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: true, + StringAttributeConstraints: { + MinLength: '0', + MaxLength: '2048', + }, + }, + { + Name: 'email_verified', + AttributeDataType: 'Boolean', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: false, + }, + { + Name: 'given_name', + AttributeDataType: 'String', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: false, + StringAttributeConstraints: { + MinLength: '0', + MaxLength: '2048', + }, + }, + { + Name: 'family_name', + AttributeDataType: 'String', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: false, + StringAttributeConstraints: { + MinLength: '0', + MaxLength: '2048', + }, + }, + { + Name: 'middle_name', + AttributeDataType: 'String', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: false, + StringAttributeConstraints: { + MinLength: '0', + MaxLength: '2048', + }, + }, + { + Name: 'name', + AttributeDataType: 'String', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: true, + StringAttributeConstraints: { + MinLength: '0', + MaxLength: '2048', + }, + }, + { + Name: 'nickname', + AttributeDataType: 'String', + DeveloperOnlyAttribute: false, + Mutable: true, + Required: false, + StringAttributeConstraints: { + MinLength: '0', + MaxLength: '2048', + }, + }, + ], + AutoVerifiedAttributes: ['email'], + AliasAttributes: ['email'], + VerificationMessageTemplate: { + DefaultEmailOption: 'CONFIRM_WITH_CODE', + }, + UserAttributeUpdateSettings: { + AttributesRequireVerificationBeforeUpdate: ['email'], + }, + MfaConfiguration: 'ON', + EstimatedNumberOfUsers: 0, + EmailConfiguration: { + EmailSendingAccount: 'COGNITO_DEFAULT', + }, + UserPoolTags: {}, + Domain: 'ref-auth-userpool-1', + AdminCreateUserConfig: { + AllowAdminCreateUserOnly: false, + UnusedAccountValidityDays: 7, + }, + UsernameConfiguration: { + CaseSensitive: false, + }, + Arn: 'arn:aws:cognito-idp:us-east-1:000000000000:userpool/us-east-1_userpoolTest', + AccountRecoverySetting: { + RecoveryMechanisms: [ + { + Priority: 1, + Name: 'verified_email', + }, + ], + }, +}; + +/** + * Sample data from get user pool mfa config + */ +export const MFAResponse: Readonly< + Omit +> = { + SoftwareTokenMfaConfiguration: { + Enabled: true, + }, + MfaConfiguration: 'ON', +}; + +/** + * Sample data from list identity providers + */ +export const IdentityProviders: Readonly = [ + { + ProviderName: 'Facebook', + ProviderType: 'Facebook', + }, + { + ProviderName: 'Google', + ProviderType: 'Google', + }, + { + ProviderName: 'LoginWithAmazon', + ProviderType: 'LoginWithAmazon', + }, +]; + +/** + * Sample data for describe identity pool + */ +export const IdentityPool = { + IdentityPoolId: 'us-east-1:sample-identity-pool-id', + IdentityPoolName: 'sample-identity-pool-name', + AllowUnauthenticatedIdentities: true, + AllowClassicFlow: false, + CognitoIdentityProviders: [ + { + ProviderName: + 'cognito-idp.us-east-1.amazonaws.com/us-east-1_userpoolTest', + ClientId: 'sampleUserPoolClientId', + ServerSideTokenCheck: false, + }, + ], + IdentityPoolTags: {}, +}; + +/** + * Sample data for get identity pool roles + */ +export const IdentityPoolRoles = { + IdentityPoolId: 'us-east-1:sample-identity-pool-id', + Roles: { + authenticated: + 'arn:aws:iam::000000000000:role/service-role/ref-auth-role-1', + unauthenticated: + 'arn:aws:iam::000000000000:role/service-role/ref-unauth-role1', + }, +}; + +/** + * Sample data from describe user pool client + */ +export const UserPoolClient: UserPoolClientType = { + UserPoolId: 'us-east-1_userpoolTest', + ClientName: 'ref-auth-app-client-1', + ClientId: 'sampleUserPoolClientId', + RefreshTokenValidity: 30, + AccessTokenValidity: 60, + IdTokenValidity: 60, + TokenValidityUnits: { + AccessToken: 'minutes', + IdToken: 'minutes', + RefreshToken: 'days', + }, + ReadAttributes: [ + 'address', + 'birthdate', + // eslint-disable-next-line spellcheck/spell-checker + 'custom:duplicateemail', + 'email', + 'email_verified', + 'family_name', + 'gender', + 'given_name', + 'locale', + 'middle_name', + 'name', + 'nickname', + 'phone_number', + 'phone_number_verified', + 'picture', + 'preferred_username', + 'profile', + 'updated_at', + 'website', + 'zoneinfo', + ], + WriteAttributes: [ + 'address', + 'birthdate', + // eslint-disable-next-line spellcheck/spell-checker + 'custom:duplicateemail', + 'email', + 'family_name', + 'gender', + 'given_name', + 'locale', + 'middle_name', + 'name', + 'nickname', + 'phone_number', + 'picture', + 'preferred_username', + 'profile', + 'updated_at', + 'website', + 'zoneinfo', + ], + ExplicitAuthFlows: ['ALLOW_REFRESH_TOKEN_AUTH', 'ALLOW_USER_SRP_AUTH'], + SupportedIdentityProviders: [ + 'COGNITO', + 'Facebook', + 'Google', + 'LoginWithAmazon', + ], + CallbackURLs: ['https://redirect.com', 'https://redirect2.com'], + LogoutURLs: ['https://anotherlogouturl.com', 'https://logouturl.com'], + AllowedOAuthFlows: ['code'], + AllowedOAuthScopes: ['email', 'openid', 'phone'], + AllowedOAuthFlowsUserPoolClient: true, + PreventUserExistenceErrors: 'ENABLED', + EnableTokenRevocation: true, + EnablePropagateAdditionalUserContextData: false, + AuthSessionValidity: 3, +}; From 5075e5c7decfa00ab7cc086b6c84629b0e68bde4 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Fri, 11 Oct 2024 14:52:28 -0700 Subject: [PATCH 23/61] chore: add more tests for identity pool errors --- .../lambda/reference_auth_initializer.test.ts | 94 ++++++++++++++++--- .../src/lambda/sample_data.ts | 3 +- 2 files changed, 82 insertions(+), 15 deletions(-) diff --git a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts index 4c5731b7a9..b3e73552fc 100644 --- a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts +++ b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts @@ -17,7 +17,9 @@ import { import { CognitoIdentityClient, DescribeIdentityPoolCommand, + DescribeIdentityPoolCommandOutput, GetIdentityPoolRolesCommand, + GetIdentityPoolRolesCommandOutput, } from '@aws-sdk/client-cognito-identity'; import { IdentityPool, @@ -103,7 +105,8 @@ void describe('ReferenceAuthInitializer', () => { let getUserPoolMfaConfigResponse: GetUserPoolMfaConfigCommandOutput; let listIdentityProvidersResponse: ListIdentityProvidersCommandOutput; let describeUserPoolClientResponse: DescribeUserPoolClientCommandOutput; - + let describeIdentityPoolResponse: DescribeIdentityPoolCommandOutput; + let getIdentityPoolRolesResponse: GetIdentityPoolRolesCommandOutput; beforeEach(() => { handler = new ReferenceAuthInitializer( identityClient, @@ -134,6 +137,18 @@ void describe('ReferenceAuthInitializer', () => { }, UserPoolClient: UserPoolClient, }; + describeIdentityPoolResponse = { + $metadata: { + httpStatusCode: 200, + }, + ...IdentityPool, + }; + getIdentityPoolRolesResponse = { + $metadata: { + httpStatusCode: 200, + }, + ...IdentityPoolRoles, + }; mock.method( identityProviderClient, 'send', @@ -166,20 +181,10 @@ void describe('ReferenceAuthInitializer', () => { request: DescribeIdentityPoolCommand | GetIdentityPoolRolesCommand ) => { if (request instanceof DescribeIdentityPoolCommand) { - return { - $metadata: { - httpStatusCode: 200, - }, - ...IdentityPool, - }; + return describeIdentityPoolResponse; } if (request instanceof GetIdentityPoolRolesCommand) { - return { - $metadata: { - httpStatusCode: 200, - }, - ...IdentityPoolRoles, - }; + return getIdentityPoolRolesResponse; } return undefined; } @@ -217,7 +222,7 @@ void describe('ReferenceAuthInitializer', () => { assert.equal(result.Reason, 'Failed to retrieve the specified UserPool.'); }); - void it('fails gracefully if fetching user pool fails', async () => { + void it('fails gracefully if user pool has no password policy', async () => { describeUserPoolResponse = { $metadata: { httpStatusCode: 200, @@ -303,4 +308,65 @@ void describe('ReferenceAuthInitializer', () => { 'An error occurred while retrieving the user pool client details.' ); }); + + void it('fails gracefully if fetching identity pool fails', async () => { + describeIdentityPoolResponse = { + $metadata: { + httpStatusCode: 500, + }, + IdentityPoolId: undefined, + IdentityPoolName: undefined, + AllowUnauthenticatedIdentities: undefined, + }; + const result = await handler.handleEvent(createCfnEvent); + assert.equal(result.Status, 'FAILED'); + assert.equal( + result.Reason, + 'An error occurred while retrieving the identity pool details.' + ); + describeIdentityPoolResponse = { + $metadata: { + httpStatusCode: 200, + }, + IdentityPoolId: undefined, + IdentityPoolName: undefined, + AllowUnauthenticatedIdentities: undefined, + }; + const undefinedIdentityPoolIdResult = await handler.handleEvent( + createCfnEvent + ); + assert.equal(undefinedIdentityPoolIdResult.Status, 'FAILED'); + assert.equal( + undefinedIdentityPoolIdResult.Reason, + 'An error occurred while retrieving the identity pool details.' + ); + }); + + void it('fails gracefully if fetching identity pool roles fails', async () => { + getIdentityPoolRolesResponse = { + $metadata: { + httpStatusCode: 500, + }, + }; + const result = await handler.handleEvent(createCfnEvent); + assert.equal(result.Status, 'FAILED'); + assert.equal( + result.Reason, + 'An error occurred while retrieving the roles for the identity pool.' + ); + getIdentityPoolRolesResponse = { + $metadata: { + httpStatusCode: 200, + }, + Roles: undefined, + }; + const undefinedIdentityPoolIdResult = await handler.handleEvent( + createCfnEvent + ); + assert.equal(undefinedIdentityPoolIdResult.Status, 'FAILED'); + assert.equal( + undefinedIdentityPoolIdResult.Reason, + 'An error occurred while retrieving the roles for the identity pool.' + ); + }); }); diff --git a/packages/reference-auth-construct/src/lambda/sample_data.ts b/packages/reference-auth-construct/src/lambda/sample_data.ts index 7c679e16f0..1097c1b3e9 100644 --- a/packages/reference-auth-construct/src/lambda/sample_data.ts +++ b/packages/reference-auth-construct/src/lambda/sample_data.ts @@ -1,3 +1,4 @@ +import { IdentityPool as IdentityPoolType } from '@aws-sdk/client-cognito-identity'; import { GetUserPoolMfaConfigCommandOutput, ProviderDescription, @@ -319,7 +320,7 @@ export const IdentityProviders: Readonly = [ /** * Sample data for describe identity pool */ -export const IdentityPool = { +export const IdentityPool: Readonly = { IdentityPoolId: 'us-east-1:sample-identity-pool-id', IdentityPoolName: 'sample-identity-pool-name', AllowUnauthenticatedIdentities: true, From 62a6129fe45cbe200b9d540bea2a6e924ab8a447 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Fri, 11 Oct 2024 15:13:53 -0700 Subject: [PATCH 24/61] chore: cleanup --- .../lambda/reference_auth_initializer.test.ts | 76 +++++++++++++++---- .../src/lambda/reference_auth_initializer.ts | 14 +++- .../src/lambda/sample_data.ts | 35 +++++---- 3 files changed, 93 insertions(+), 32 deletions(-) diff --git a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts index b3e73552fc..c609a4b05b 100644 --- a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts +++ b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts @@ -1,7 +1,6 @@ import { beforeEach, describe, it, mock } from 'node:test'; import { ReferenceAuthInitializer } from './reference_auth_initializer'; import { CloudFormationCustomResourceEvent } from 'aws-lambda'; -import { ReferenceAuthInitializerProps } from './reference_auth_initializer_types'; import assert from 'node:assert'; import { CognitoIdentityProviderClient, @@ -26,18 +25,11 @@ import { IdentityPoolRoles, IdentityProviders, MFAResponse, + SampleInputProperties, UserPool, UserPoolClient, } from './sample_data'; -const inputProperties: ReferenceAuthInitializerProps = { - authRoleArn: 'arn:aws:iam::000000000000:role/service-role/ref-auth-role-1', - unauthRoleArn: 'arn:aws:iam::000000000000:role/service-role/ref-unauth-role1', - identityPoolId: 'us-east-1:sample-identity-pool-id', - userPoolClientId: 'sampleUserPoolClientId', - userPoolId: 'us-east-1_userpoolTest', - region: 'us-east-1', -}; const customResourceEventCommon: Omit< CloudFormationCustomResourceEvent, 'RequestType' @@ -49,7 +41,7 @@ const customResourceEventCommon: Omit< LogicalResourceId: 'logicalId', ResourceType: 'AWS::CloudFormation::CustomResource', ResourceProperties: { - ...inputProperties, + ...SampleInputProperties, ServiceToken: 'token', }, }; @@ -62,7 +54,7 @@ const updateCfnEvent: CloudFormationCustomResourceEvent = { RequestType: 'Update', PhysicalResourceId: 'physicalId', OldResourceProperties: { - ...inputProperties, + ...SampleInputProperties, ServiceToken: 'token', }, ...customResourceEventCommon, @@ -78,9 +70,9 @@ const uuidMock = () => '00000000-0000-0000-0000-000000000000'; const identityProviderClient = new CognitoIdentityProviderClient(); const identityClient = new CognitoIdentityClient(); const expectedData = { - userPoolId: 'us-east-1_userpoolTest', - webClientId: 'sampleUserPoolClientId', - identityPoolId: 'us-east-1:sample-identity-pool-id', + userPoolId: SampleInputProperties.userPoolId, + webClientId: SampleInputProperties.userPoolClientId, + identityPoolId: SampleInputProperties.identityPoolId, signupAttributes: '["sub","email","name"]', usernameAttributes: '[]', verificationMechanisms: '["email"]', @@ -96,7 +88,7 @@ const expectedData = { oauthRedirectSignIn: 'https://redirect.com,https://redirect2.com', oauthRedirectSignOut: 'https://anotherlogouturl.com,https://logouturl.com', oauthResponseType: 'code', - oauthClientId: 'sampleUserPoolClientId', + oauthClientId: SampleInputProperties.userPoolClientId, }; void describe('ReferenceAuthInitializer', () => { @@ -369,4 +361,58 @@ void describe('ReferenceAuthInitializer', () => { 'An error occurred while retrieving the roles for the identity pool.' ); }); + // fails gracefully if userPool or client doesn't match identity pool + void it('fails gracefully there is not matching userPool for the identity pool', async () => { + describeIdentityPoolResponse = { + ...describeIdentityPoolResponse, + CognitoIdentityProviders: [ + { + ProviderName: + 'cognito-idp.us-east-1.amazonaws.com/us-east-1_wrongUserPool', + ClientId: 'sampleUserPoolClientId', + ServerSideTokenCheck: false, + }, + ], + }; + const result = await handler.handleEvent(createCfnEvent); + assert.equal(result.Status, 'FAILED'); + assert.equal( + result.Reason, + 'The user pool and user pool client pair do not match any cognito identity providers for the specified identity pool.' + ); + }); + void it('fails gracefully if the client id does not match any cognito provider on the identity pool', async () => { + describeIdentityPoolResponse = { + ...describeIdentityPoolResponse, + CognitoIdentityProviders: [ + { + ProviderName: + 'cognito-idp.us-east-1.amazonaws.com/us-east-1_userpoolTest', + ClientId: 'wrongClientId', + ServerSideTokenCheck: false, + }, + ], + }; + const result = await handler.handleEvent(createCfnEvent); + assert.equal(result.Status, 'FAILED'); + assert.equal( + result.Reason, + 'The user pool and user pool client pair do not match any cognito identity providers for the specified identity pool.' + ); + }); + void it('fails gracefully if identity pool does not have cognito identity providers configured', async () => { + describeIdentityPoolResponse = { + ...describeIdentityPoolResponse, + CognitoIdentityProviders: [], + }; + const result = await handler.handleEvent(createCfnEvent); + assert.equal(result.Status, 'FAILED'); + assert.equal( + result.Reason, + 'The specified identity pool does not have any cognito identity providers.' + ); + }); + // fails gracefully if roles don't match identity pool + + // fails gracefully if client is not a web client }); diff --git a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts index 508b3ae852..8d3ef8d5e8 100644 --- a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts +++ b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts @@ -95,7 +95,8 @@ export class ReferenceAuthInitializer { userPool, userPoolPasswordPolicy, userPoolProviders, - userPoolMFA + userPoolMFA, + props.region ); const identityPoolOutputs = await this.getIdentityPoolOutputs( identityPool @@ -319,7 +320,10 @@ export class ReferenceAuthInitializer { props: ReferenceAuthInitializerProps ) => { // verify the user pool is a cognito provider for this identity pool - if (!identityPool.CognitoIdentityProviders) { + if ( + !identityPool.CognitoIdentityProviders || + identityPool.CognitoIdentityProviders.length === 0 + ) { throw new Error( 'The specified identity pool does not have any cognito identity providers.' ); @@ -372,7 +376,8 @@ export class ReferenceAuthInitializer { userPool: UserPoolType, userPoolPasswordPolicy: PasswordPolicyType, userPoolProviders: ProviderDescription[], - userPoolMFA: GetUserPoolMfaConfigCommandOutput + userPoolMFA: GetUserPoolMfaConfigCommandOutput, + region: string ) => { // password policy requirements const requirements: string[] = []; @@ -424,6 +429,7 @@ export class ReferenceAuthInitializer { // domain const oauthDomain = userPool.CustomDomain ?? userPool.Domain ?? ''; + const fullDomainPath = `${oauthDomain}.auth.${region}.amazoncognito.com`; const data = { signupAttributes: JSON.stringify( userPool.SchemaAttributes?.filter( @@ -446,7 +452,7 @@ export class ReferenceAuthInitializer { mfaConfiguration: userPool.MfaConfiguration ?? 'OFF', mfaTypes: JSON.stringify(mfaTypes), socialProviders: JSON.stringify(socialProviders), - oauthCognitoDomain: oauthDomain, + oauthCognitoDomain: fullDomainPath, }; return data; }; diff --git a/packages/reference-auth-construct/src/lambda/sample_data.ts b/packages/reference-auth-construct/src/lambda/sample_data.ts index 1097c1b3e9..f1004615ae 100644 --- a/packages/reference-auth-construct/src/lambda/sample_data.ts +++ b/packages/reference-auth-construct/src/lambda/sample_data.ts @@ -5,12 +5,24 @@ import { UserPoolClientType, UserPoolType, } from '@aws-sdk/client-cognito-identity-provider'; +import { ReferenceAuthInitializerProps } from './reference_auth_initializer_types'; +/** + * Sample referenceAuth properties + */ +export const SampleInputProperties: ReferenceAuthInitializerProps = { + authRoleArn: 'arn:aws:iam::000000000000:role/service-role/ref-auth-role-1', + unauthRoleArn: 'arn:aws:iam::000000000000:role/service-role/ref-unauth-role1', + identityPoolId: 'us-east-1:sample-identity-pool-id', + userPoolClientId: 'sampleUserPoolClientId', + userPoolId: 'us-east-1_userpoolTest', + region: 'us-east-1', +}; /** * Sample response from describe user pool command */ export const UserPool: Readonly = { - Id: 'us-east-1_userpoolTest', + Id: SampleInputProperties.userPoolId, Name: 'ref-auth-userpool-1', Policies: { PasswordPolicy: { @@ -276,7 +288,7 @@ export const UserPool: Readonly = { UsernameConfiguration: { CaseSensitive: false, }, - Arn: 'arn:aws:cognito-idp:us-east-1:000000000000:userpool/us-east-1_userpoolTest', + Arn: `arn:aws:cognito-idp:us-east-1:000000000000:userpool/${SampleInputProperties.userPoolId}`, AccountRecoverySetting: { RecoveryMechanisms: [ { @@ -321,15 +333,14 @@ export const IdentityProviders: Readonly = [ * Sample data for describe identity pool */ export const IdentityPool: Readonly = { - IdentityPoolId: 'us-east-1:sample-identity-pool-id', + IdentityPoolId: SampleInputProperties.identityPoolId, IdentityPoolName: 'sample-identity-pool-name', AllowUnauthenticatedIdentities: true, AllowClassicFlow: false, CognitoIdentityProviders: [ { - ProviderName: - 'cognito-idp.us-east-1.amazonaws.com/us-east-1_userpoolTest', - ClientId: 'sampleUserPoolClientId', + ProviderName: `cognito-idp.us-east-1.amazonaws.com/${SampleInputProperties.userPoolId}`, + ClientId: SampleInputProperties.userPoolClientId, ServerSideTokenCheck: false, }, ], @@ -340,12 +351,10 @@ export const IdentityPool: Readonly = { * Sample data for get identity pool roles */ export const IdentityPoolRoles = { - IdentityPoolId: 'us-east-1:sample-identity-pool-id', + IdentityPoolId: SampleInputProperties.identityPoolId, Roles: { - authenticated: - 'arn:aws:iam::000000000000:role/service-role/ref-auth-role-1', - unauthenticated: - 'arn:aws:iam::000000000000:role/service-role/ref-unauth-role1', + authenticated: SampleInputProperties.authRoleArn, + unauthenticated: SampleInputProperties.unauthRoleArn, }, }; @@ -353,9 +362,9 @@ export const IdentityPoolRoles = { * Sample data from describe user pool client */ export const UserPoolClient: UserPoolClientType = { - UserPoolId: 'us-east-1_userpoolTest', + UserPoolId: SampleInputProperties.userPoolId, ClientName: 'ref-auth-app-client-1', - ClientId: 'sampleUserPoolClientId', + ClientId: SampleInputProperties.userPoolClientId, RefreshTokenValidity: 30, AccessTokenValidity: 60, IdTokenValidity: 60, From 0c3fd2859ba87b08fc59e012107b8ba6dd73c05f Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Fri, 11 Oct 2024 15:15:41 -0700 Subject: [PATCH 25/61] chore: fix test --- .../src/lambda/reference_auth_initializer.test.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts index c609a4b05b..6398f3d342 100644 --- a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts +++ b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts @@ -82,7 +82,7 @@ const expectedData = { mfaConfiguration: 'ON', mfaTypes: '["TOTP"]', socialProviders: '["FACEBOOK","GOOGLE","LOGIN_WITH_AMAZON"]', - oauthCognitoDomain: 'ref-auth-userpool-1', + oauthCognitoDomain: 'ref-auth-userpool-1.auth.us-east-1.amazoncognito.com', allowUnauthenticatedIdentities: 'true', oauthScope: '["email","openid","phone"]', oauthRedirectSignIn: 'https://redirect.com,https://redirect2.com', From 23649d8cec26cedc70d588844891c7e102938a40 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Fri, 11 Oct 2024 15:24:53 -0700 Subject: [PATCH 26/61] chore: add role tests --- .../lambda/reference_auth_initializer.test.ts | 75 ++++++++++++++++--- 1 file changed, 66 insertions(+), 9 deletions(-) diff --git a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts index 6398f3d342..852d3cf63f 100644 --- a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts +++ b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts @@ -381,6 +381,18 @@ void describe('ReferenceAuthInitializer', () => { 'The user pool and user pool client pair do not match any cognito identity providers for the specified identity pool.' ); }); + void it('fails gracefully if identity pool does not have cognito identity providers configured', async () => { + describeIdentityPoolResponse = { + ...describeIdentityPoolResponse, + CognitoIdentityProviders: [], + }; + const result = await handler.handleEvent(createCfnEvent); + assert.equal(result.Status, 'FAILED'); + assert.equal( + result.Reason, + 'The specified identity pool does not have any cognito identity providers.' + ); + }); void it('fails gracefully if the client id does not match any cognito provider on the identity pool', async () => { describeIdentityPoolResponse = { ...describeIdentityPoolResponse, @@ -400,19 +412,64 @@ void describe('ReferenceAuthInitializer', () => { 'The user pool and user pool client pair do not match any cognito identity providers for the specified identity pool.' ); }); - void it('fails gracefully if identity pool does not have cognito identity providers configured', async () => { - describeIdentityPoolResponse = { - ...describeIdentityPoolResponse, - CognitoIdentityProviders: [], + // fails gracefully if roles don't match identity pool + void it('fails gracefully if fetching identity pool roles fails', async () => { + getIdentityPoolRolesResponse = { + $metadata: { + httpStatusCode: 200, + }, + IdentityPoolId: SampleInputProperties.identityPoolId, + Roles: { + authenticated: 'wrongAuthRole', + unauthenticated: SampleInputProperties.unauthRoleArn, + }, }; - const result = await handler.handleEvent(createCfnEvent); - assert.equal(result.Status, 'FAILED'); + const undefinedIdentityPoolIdResult = await handler.handleEvent( + createCfnEvent + ); + assert.equal(undefinedIdentityPoolIdResult.Status, 'FAILED'); assert.equal( - result.Reason, - 'The specified identity pool does not have any cognito identity providers.' + undefinedIdentityPoolIdResult.Reason, + 'The provided authRoleArn does not match the authenticated role for the specified identity pool.' + ); + }); + + void it('fails gracefully if auth role ARN does not match', async () => { + getIdentityPoolRolesResponse = { + $metadata: { + httpStatusCode: 200, + }, + IdentityPoolId: SampleInputProperties.identityPoolId, + Roles: { + authenticated: 'wrongAuthRole', + unauthenticated: SampleInputProperties.unauthRoleArn, + }, + }; + const badAuthRoleResult = await handler.handleEvent(createCfnEvent); + assert.equal(badAuthRoleResult.Status, 'FAILED'); + assert.equal( + badAuthRoleResult.Reason, + 'The provided authRoleArn does not match the authenticated role for the specified identity pool.' + ); + }); + void it('fails gracefully if auth role ARN does not match', async () => { + getIdentityPoolRolesResponse = { + $metadata: { + httpStatusCode: 200, + }, + IdentityPoolId: SampleInputProperties.identityPoolId, + Roles: { + authenticated: SampleInputProperties.authRoleArn, + unauthenticated: 'wrongUnauthRole', + }, + }; + const badUnAuthRoleResult = await handler.handleEvent(createCfnEvent); + assert.equal(badUnAuthRoleResult.Status, 'FAILED'); + assert.equal( + badUnAuthRoleResult.Reason, + 'The provided unauthRoleArn does not match the unauthenticated role for the specified identity pool.' ); }); - // fails gracefully if roles don't match identity pool // fails gracefully if client is not a web client }); From 1f118cdb09f08a69c6420c88ced38508c0e581c8 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Fri, 11 Oct 2024 15:28:17 -0700 Subject: [PATCH 27/61] chore: add tests for user pool client --- .../lambda/reference_auth_initializer.test.ts | 17 +++++++++++++++++ .../src/lambda/sample_data.ts | 2 +- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts index 852d3cf63f..84a1d983fe 100644 --- a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts +++ b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts @@ -472,4 +472,21 @@ void describe('ReferenceAuthInitializer', () => { }); // fails gracefully if client is not a web client + void it('fails gracefully if user pool client is not a web client', async () => { + describeUserPoolClientResponse = { + $metadata: { + httpStatusCode: 200, + }, + UserPoolClient: { + ...UserPoolClient, + ClientSecret: 'sample', + }, + }; + const result = await handler.handleEvent(createCfnEvent); + assert.equal(result.Status, 'FAILED'); + assert.equal( + result.Reason, + 'The specified user pool client is not configured as a web client.' + ); + }); }); diff --git a/packages/reference-auth-construct/src/lambda/sample_data.ts b/packages/reference-auth-construct/src/lambda/sample_data.ts index f1004615ae..40151e07ed 100644 --- a/packages/reference-auth-construct/src/lambda/sample_data.ts +++ b/packages/reference-auth-construct/src/lambda/sample_data.ts @@ -361,7 +361,7 @@ export const IdentityPoolRoles = { /** * Sample data from describe user pool client */ -export const UserPoolClient: UserPoolClientType = { +export const UserPoolClient: Readonly = { UserPoolId: SampleInputProperties.userPoolId, ClientName: 'ref-auth-app-client-1', ClientId: SampleInputProperties.userPoolClientId, From b4a5293e3e8646fae2d1a33916e36f7f44be850c Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Fri, 11 Oct 2024 15:31:45 -0700 Subject: [PATCH 28/61] chore: cleanup --- .../lambda/reference_auth_initializer.test.ts | 26 ++----------------- 1 file changed, 2 insertions(+), 24 deletions(-) diff --git a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts index 84a1d983fe..5be2d8707c 100644 --- a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts +++ b/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts @@ -412,8 +412,7 @@ void describe('ReferenceAuthInitializer', () => { 'The user pool and user pool client pair do not match any cognito identity providers for the specified identity pool.' ); }); - // fails gracefully if roles don't match identity pool - void it('fails gracefully if fetching identity pool roles fails', async () => { + void it('fails gracefully if auth role ARN does not match', async () => { getIdentityPoolRolesResponse = { $metadata: { httpStatusCode: 200, @@ -433,26 +432,7 @@ void describe('ReferenceAuthInitializer', () => { 'The provided authRoleArn does not match the authenticated role for the specified identity pool.' ); }); - - void it('fails gracefully if auth role ARN does not match', async () => { - getIdentityPoolRolesResponse = { - $metadata: { - httpStatusCode: 200, - }, - IdentityPoolId: SampleInputProperties.identityPoolId, - Roles: { - authenticated: 'wrongAuthRole', - unauthenticated: SampleInputProperties.unauthRoleArn, - }, - }; - const badAuthRoleResult = await handler.handleEvent(createCfnEvent); - assert.equal(badAuthRoleResult.Status, 'FAILED'); - assert.equal( - badAuthRoleResult.Reason, - 'The provided authRoleArn does not match the authenticated role for the specified identity pool.' - ); - }); - void it('fails gracefully if auth role ARN does not match', async () => { + void it('fails gracefully if unauth role ARN does not match', async () => { getIdentityPoolRolesResponse = { $metadata: { httpStatusCode: 200, @@ -470,8 +450,6 @@ void describe('ReferenceAuthInitializer', () => { 'The provided unauthRoleArn does not match the unauthenticated role for the specified identity pool.' ); }); - - // fails gracefully if client is not a web client void it('fails gracefully if user pool client is not a web client', async () => { describeUserPoolClientResponse = { $metadata: { From ae4d34ee922e92a3c474acc7508423ff2295be36 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Fri, 11 Oct 2024 17:49:55 -0700 Subject: [PATCH 29/61] chore: refactor --- .changeset/healthy-kangaroos-deliver.md | 1 - package-lock.json | 31 +++----------- packages/auth-construct/API.md | 21 ++++++++++ packages/auth-construct/package.json | 6 ++- packages/auth-construct/src/index.ts | 2 + .../src/lambda/.eslintrc.json | 0 .../lambda/reference_auth_initializer.test.ts | 0 .../src/lambda/reference_auth_initializer.ts | 2 +- .../src/lambda/sample_data.ts | 2 +- .../src/reference_construct.test.ts} | 13 +++--- .../src/reference_construct.ts} | 4 +- packages/auth-construct/src/types.ts | 42 +++++++++++++++++++ packages/backend-auth/API.md | 5 ++- packages/backend-auth/package.json | 1 - .../backend-auth/src/reference_factory.ts | 6 +-- packages/backend-auth/tsconfig.json | 1 - packages/reference-auth-construct/.npmignore | 14 ------- packages/reference-auth-construct/API.md | 35 ---------------- packages/reference-auth-construct/README.md | 3 -- .../api-extractor.json | 3 -- .../reference-auth-construct/package.json | 33 --------------- .../reference-auth-construct/src/index.ts | 2 - .../reference_auth_initializer_types.ts | 8 ---- .../reference-auth-construct/src/types.ts | 36 ---------------- .../reference-auth-construct/tsconfig.json | 17 -------- .../reference-auth-construct/typedoc.json | 3 -- scripts/concurrent_workspace_script.ts | 37 +++++++++------- 27 files changed, 116 insertions(+), 212 deletions(-) rename packages/{reference-auth-construct => auth-construct}/src/lambda/.eslintrc.json (100%) rename packages/{reference-auth-construct => auth-construct}/src/lambda/reference_auth_initializer.test.ts (100%) rename packages/{reference-auth-construct => auth-construct}/src/lambda/reference_auth_initializer.ts (99%) rename packages/{reference-auth-construct => auth-construct}/src/lambda/sample_data.ts (99%) rename packages/{reference-auth-construct/src/construct.test.ts => auth-construct/src/reference_construct.test.ts} (97%) rename packages/{reference-auth-construct/src/construct.ts => auth-construct/src/reference_construct.ts} (97%) delete mode 100644 packages/reference-auth-construct/.npmignore delete mode 100644 packages/reference-auth-construct/API.md delete mode 100644 packages/reference-auth-construct/README.md delete mode 100644 packages/reference-auth-construct/api-extractor.json delete mode 100644 packages/reference-auth-construct/package.json delete mode 100644 packages/reference-auth-construct/src/index.ts delete mode 100644 packages/reference-auth-construct/src/lambda/reference_auth_initializer_types.ts delete mode 100644 packages/reference-auth-construct/src/types.ts delete mode 100644 packages/reference-auth-construct/tsconfig.json delete mode 100644 packages/reference-auth-construct/typedoc.json diff --git a/.changeset/healthy-kangaroos-deliver.md b/.changeset/healthy-kangaroos-deliver.md index 646106b560..9d4249bdb8 100644 --- a/.changeset/healthy-kangaroos-deliver.md +++ b/.changeset/healthy-kangaroos-deliver.md @@ -1,5 +1,4 @@ --- -'@aws-amplify/reference-auth-construct': minor '@aws-amplify/auth-construct': minor '@aws-amplify/backend-auth': minor '@aws-amplify/backend-data': minor diff --git a/package-lock.json b/package-lock.json index 7be6e4f80a..3bde6201b1 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5954,10 +5954,6 @@ "resolved": "packages/plugin-types", "link": true }, - "node_modules/@aws-amplify/reference-auth-construct": { - "resolved": "packages/reference-auth-construct", - "link": true - }, "node_modules/@aws-amplify/sandbox": { "resolved": "packages/sandbox", "link": true @@ -31428,7 +31424,11 @@ "@aws-amplify/backend-output-schemas": "^1.1.0", "@aws-amplify/backend-output-storage": "^1.1.2", "@aws-amplify/plugin-types": "^1.2.2", - "@aws-sdk/util-arn-parser": "^3.568.0" + "@aws-sdk/client-cognito-identity": "^3.624.0", + "@aws-sdk/client-cognito-identity-provider": "^3.624.0", + "@aws-sdk/util-arn-parser": "^3.568.0", + "@types/aws-lambda": "^8.10.119", + "aws-lambda": "^1.0.7" }, "peerDependencies": { "aws-cdk-lib": "^2.152.0", @@ -31488,8 +31488,7 @@ "dependencies": { "@aws-amplify/auth-construct": "^1.3.1", "@aws-amplify/backend-output-storage": "^1.1.2", - "@aws-amplify/plugin-types": "^1.3.0", - "@aws-amplify/reference-auth-construct": "^0.1.0" + "@aws-amplify/plugin-types": "^1.3.0" }, "devDependencies": { "@aws-amplify/backend-platform-test-stubs": "^0.3.5", @@ -32219,24 +32218,6 @@ "node": ">=6" } }, - "packages/reference-auth-construct": { - "name": "@aws-amplify/reference-auth-construct", - "version": "0.1.0", - "license": "Apache-2.0", - "dependencies": { - "@aws-amplify/backend-output-schemas": "^1.1.0", - "@aws-amplify/backend-output-storage": "^1.1.2", - "@aws-amplify/plugin-types": "^1.2.2", - "@aws-sdk/client-cognito-identity": "^3.624.0", - "@aws-sdk/client-cognito-identity-provider": "^3.624.0", - "@types/aws-lambda": "^8.10.119", - "aws-lambda": "^1.0.7" - }, - "peerDependencies": { - "aws-cdk-lib": "^2.152.0", - "constructs": "^10.0.0" - } - }, "packages/sandbox": { "name": "@aws-amplify/sandbox", "version": "1.2.2", diff --git a/packages/auth-construct/API.md b/packages/auth-construct/API.md index 6afb8647cb..3817d5062e 100644 --- a/packages/auth-construct/API.md +++ b/packages/auth-construct/API.md @@ -10,6 +10,7 @@ import { aws_cognito } from 'aws-cdk-lib'; import { BackendOutputStorageStrategy } from '@aws-amplify/plugin-types'; import { Construct } from 'constructs'; import { NumberAttributeConstraints } from 'aws-cdk-lib/aws-cognito'; +import { ReferenceAuthResources } from '@aws-amplify/plugin-types'; import { ResourceProvider } from '@aws-amplify/plugin-types'; import { SecretValue } from 'aws-cdk-lib'; import { StandardAttributes } from 'aws-cdk-lib/aws-cognito'; @@ -26,6 +27,13 @@ export class AmplifyAuth extends Construct implements ResourceProvider { + constructor(scope: Construct, id: string, props: ReferenceAuthProps); + // (undocumented) + resources: ReferenceAuthResources; +} + // @public export type AppleProviderProps = Omit & IdentityProviderProps; @@ -157,6 +165,19 @@ export type PhoneNumberLogin = true | { verificationMessage?: (createCode: () => string) => string; }; +// @public (undocumented) +export type ReferenceAuthProps = { + outputStorageStrategy?: BackendOutputStorageStrategy; + userPoolId: string; + identityPoolId: string; + userPoolClientId: string; + authRoleArn: string; + unauthRoleArn: string; + groups?: { + [groupName: string]: string; + }; +}; + // @public export type SamlProviderProps = Omit & { metadata: Omit & { diff --git a/packages/auth-construct/package.json b/packages/auth-construct/package.json index f69909104b..b24aa7d4b2 100644 --- a/packages/auth-construct/package.json +++ b/packages/auth-construct/package.json @@ -22,7 +22,11 @@ "@aws-amplify/backend-output-schemas": "^1.1.0", "@aws-amplify/backend-output-storage": "^1.1.2", "@aws-amplify/plugin-types": "^1.2.2", - "@aws-sdk/util-arn-parser": "^3.568.0" + "@aws-sdk/util-arn-parser": "^3.568.0", + "@aws-sdk/client-cognito-identity-provider": "^3.624.0", + "@aws-sdk/client-cognito-identity": "^3.624.0", + "@types/aws-lambda": "^8.10.119", + "aws-lambda": "^1.0.7" }, "peerDependencies": { "aws-cdk-lib": "^2.152.0", diff --git a/packages/auth-construct/src/index.ts b/packages/auth-construct/src/index.ts index 13af450f20..a45cc7f70d 100644 --- a/packages/auth-construct/src/index.ts +++ b/packages/auth-construct/src/index.ts @@ -1,5 +1,6 @@ export { AuthProps, + ReferenceAuthProps, EmailLogin, EmailLoginSettings, GoogleProviderProps, @@ -28,4 +29,5 @@ export { CustomAttributeBase, } from './types.js'; export { AmplifyAuth } from './construct.js'; +export { AmplifyReferenceAuth } from './reference_construct.js'; export { triggerEvents } from './trigger_events.js'; diff --git a/packages/reference-auth-construct/src/lambda/.eslintrc.json b/packages/auth-construct/src/lambda/.eslintrc.json similarity index 100% rename from packages/reference-auth-construct/src/lambda/.eslintrc.json rename to packages/auth-construct/src/lambda/.eslintrc.json diff --git a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts b/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts similarity index 100% rename from packages/reference-auth-construct/src/lambda/reference_auth_initializer.test.ts rename to packages/auth-construct/src/lambda/reference_auth_initializer.test.ts diff --git a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts b/packages/auth-construct/src/lambda/reference_auth_initializer.ts similarity index 99% rename from packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts rename to packages/auth-construct/src/lambda/reference_auth_initializer.ts index 8d3ef8d5e8..8d2801c03a 100644 --- a/packages/reference-auth-construct/src/lambda/reference_auth_initializer.ts +++ b/packages/auth-construct/src/lambda/reference_auth_initializer.ts @@ -23,7 +23,7 @@ import { GetIdentityPoolRolesCommand, } from '@aws-sdk/client-cognito-identity'; import { randomUUID } from 'node:crypto'; -import { ReferenceAuthInitializerProps } from './reference_auth_initializer_types.js'; +import { ReferenceAuthInitializerProps } from '../types.js'; import { AuthOutput } from '@aws-amplify/backend-output-schemas'; /** diff --git a/packages/reference-auth-construct/src/lambda/sample_data.ts b/packages/auth-construct/src/lambda/sample_data.ts similarity index 99% rename from packages/reference-auth-construct/src/lambda/sample_data.ts rename to packages/auth-construct/src/lambda/sample_data.ts index 40151e07ed..e25fdf3dab 100644 --- a/packages/reference-auth-construct/src/lambda/sample_data.ts +++ b/packages/auth-construct/src/lambda/sample_data.ts @@ -5,7 +5,7 @@ import { UserPoolClientType, UserPoolType, } from '@aws-sdk/client-cognito-identity-provider'; -import { ReferenceAuthInitializerProps } from './reference_auth_initializer_types'; +import { ReferenceAuthInitializerProps } from '../types.js'; /** * Sample referenceAuth properties diff --git a/packages/reference-auth-construct/src/construct.test.ts b/packages/auth-construct/src/reference_construct.test.ts similarity index 97% rename from packages/reference-auth-construct/src/construct.test.ts rename to packages/auth-construct/src/reference_construct.test.ts index a0715efeae..b663150534 100644 --- a/packages/reference-auth-construct/src/construct.test.ts +++ b/packages/auth-construct/src/reference_construct.test.ts @@ -1,14 +1,17 @@ import { beforeEach, describe, it, mock } from 'node:test'; -import { AmplifyReferenceAuth, ReferenceAuthProps } from './index.js'; -import { App, Stack } from 'aws-cdk-lib'; -import { Template } from 'aws-cdk-lib/assertions'; -import { authOutputKey } from '@aws-amplify/backend-output-schemas'; import assert from 'assert'; +import { + AmplifyReferenceAuth, + OUTPUT_PROPERTIES_PROVIDED_BY_AUTH_CUSTOM_RESOURCE, +} from './reference_construct.js'; +import { ReferenceAuthProps } from './types.js'; import { BackendOutputEntry, BackendOutputStorageStrategy, } from '@aws-amplify/plugin-types'; -import { OUTPUT_PROPERTIES_PROVIDED_BY_AUTH_CUSTOM_RESOURCE } from './construct.js'; +import { authOutputKey } from '@aws-amplify/backend-output-schemas'; +import { Template } from 'aws-cdk-lib/assertions'; +import { App, Stack } from 'aws-cdk-lib'; const refAuthProps: ReferenceAuthProps = { authRoleArn: 'arn:aws:iam::000000000000:role/amplify-sample-auth-role-name', unauthRoleArn: diff --git a/packages/reference-auth-construct/src/construct.ts b/packages/auth-construct/src/reference_construct.ts similarity index 97% rename from packages/reference-auth-construct/src/construct.ts rename to packages/auth-construct/src/reference_construct.ts index 63a3a28ec2..51d07ed3b0 100644 --- a/packages/reference-auth-construct/src/construct.ts +++ b/packages/auth-construct/src/reference_construct.ts @@ -17,13 +17,11 @@ import { StackMetadataBackendOutputStorageStrategy, } from '@aws-amplify/backend-output-storage'; import * as path from 'path'; -import { ReferenceAuthProps } from './types.js'; import { NodejsFunction } from 'aws-cdk-lib/aws-lambda-nodejs'; import { Runtime } from 'aws-cdk-lib/aws-lambda'; import { Provider } from 'aws-cdk-lib/custom-resources'; import { Role } from 'aws-cdk-lib/aws-iam'; -import { ReferenceAuthInitializerProps } from './lambda/reference_auth_initializer_types.js'; - +import { ReferenceAuthInitializerProps, ReferenceAuthProps } from './types.js'; const REFERENCE_AUTH_CUSTOM_RESOURCE_PROVIDER_ID = 'AmplifyRefAuthCustomResourceProvider'; const REFERENCE_AUTH_CUSTOM_RESOURCE_ID = 'AmplifyRefAuthCustomResource'; diff --git a/packages/auth-construct/src/types.ts b/packages/auth-construct/src/types.ts index 5083ffb73c..460b8c6c8f 100644 --- a/packages/auth-construct/src/types.ts +++ b/packages/auth-construct/src/types.ts @@ -474,3 +474,45 @@ export type AuthProps = { */ outputStorageStrategy?: BackendOutputStorageStrategy; }; + +export type ReferenceAuthProps = { + /** + * @internal + */ + outputStorageStrategy?: BackendOutputStorageStrategy; + /** + * Existing UserPool Id + */ + userPoolId: string; + /** + * Existing IdentityPool Id + */ + identityPoolId: string; + /** + * Existing UserPoolClient Id + */ + userPoolClientId: string; + /** + * Existing AuthRole ARN + */ + authRoleArn: string; + /** + * Existing UnauthRole ARN + */ + unauthRoleArn: string; + /** + * A mapping of existing group names and their associated role ARNs + * which can be used for group permissions. + */ + groups?: { + [groupName: string]: string; + }; +}; +export type ReferenceAuthInitializerProps = { + userPoolId: string; + identityPoolId: string; + authRoleArn: string; + unauthRoleArn: string; + userPoolClientId: string; + region: string; +}; diff --git a/packages/backend-auth/API.md b/packages/backend-auth/API.md index 76be66f977..107dd3262f 100644 --- a/packages/backend-auth/API.md +++ b/packages/backend-auth/API.md @@ -6,9 +6,11 @@ import { AmazonProviderProps } from '@aws-amplify/auth-construct'; import { AppleProviderProps } from '@aws-amplify/auth-construct'; +import { AuthOutput } from '@aws-amplify/backend-output-schemas'; import { AuthProps } from '@aws-amplify/auth-construct'; import { AuthResources } from '@aws-amplify/plugin-types'; import { AuthRoleName } from '@aws-amplify/plugin-types'; +import { BackendOutputStorageStrategy } from '@aws-amplify/plugin-types'; import { BackendSecret } from '@aws-amplify/plugin-types'; import { ConstructFactory } from '@aws-amplify/plugin-types'; import { ConstructFactoryGetInstanceProps } from '@aws-amplify/plugin-types'; @@ -17,7 +19,6 @@ import { FacebookProviderProps } from '@aws-amplify/auth-construct'; import { FunctionResources } from '@aws-amplify/plugin-types'; import { GoogleProviderProps } from '@aws-amplify/auth-construct'; import { OidcProviderProps } from '@aws-amplify/auth-construct'; -import { ReferenceAuthProps } from '@aws-amplify/reference-auth-construct'; import { ReferenceAuthResources } from '@aws-amplify/plugin-types'; import { ResourceAccessAcceptor } from '@aws-amplify/plugin-types'; import { ResourceAccessAcceptorFactory } from '@aws-amplify/plugin-types'; @@ -44,6 +45,8 @@ export type AmplifyAuthProps = Expand; +// Warning: (ae-forgotten-export) The symbol "ReferenceAuthProps" needs to be exported by the entry point index.d.ts +// // @public (undocumented) export type AmplifyReferenceAuthProps = Expand & { access?: AuthAccessGenerator; diff --git a/packages/backend-auth/package.json b/packages/backend-auth/package.json index 94fbdbdf75..c9bddfe7c9 100644 --- a/packages/backend-auth/package.json +++ b/packages/backend-auth/package.json @@ -20,7 +20,6 @@ "license": "Apache-2.0", "dependencies": { "@aws-amplify/auth-construct": "^1.3.1", - "@aws-amplify/reference-auth-construct": "^0.1.0", "@aws-amplify/backend-output-storage": "^1.1.2", "@aws-amplify/plugin-types": "^1.3.0" }, diff --git a/packages/backend-auth/src/reference_factory.ts b/packages/backend-auth/src/reference_factory.ts index dae84b56d6..222343a969 100644 --- a/packages/backend-auth/src/reference_factory.ts +++ b/packages/backend-auth/src/reference_factory.ts @@ -11,10 +11,7 @@ import { StackProvider, } from '@aws-amplify/plugin-types'; import { AuthAccessGenerator, Expand } from './types.js'; -import { - AmplifyReferenceAuth, - ReferenceAuthProps, -} from '@aws-amplify/reference-auth-construct'; +import { AmplifyReferenceAuth } from '@aws-amplify/auth-construct'; import { authAccessBuilder as _authAccessBuilder } from './access_builder.js'; import path from 'path'; import { AmplifyUserError, TagName } from '@aws-amplify/platform-core'; @@ -22,6 +19,7 @@ import { AuthAccessPolicyArbiterFactory } from './auth_access_policy_arbiter.js' import { Stack, Tags } from 'aws-cdk-lib'; import { Policy } from 'aws-cdk-lib/aws-iam'; import { UserPoolAccessPolicyFactory } from './userpool_access_policy_factory.js'; +import { ReferenceAuthProps } from '../../auth-construct/src/types.js'; export type BackendReferenceAuth = ResourceProvider & ResourceAccessAcceptorFactory & diff --git a/packages/backend-auth/tsconfig.json b/packages/backend-auth/tsconfig.json index 1cb9ae1917..b98614a812 100644 --- a/packages/backend-auth/tsconfig.json +++ b/packages/backend-auth/tsconfig.json @@ -3,7 +3,6 @@ "compilerOptions": { "rootDir": "src", "outDir": "lib" }, "references": [ { "path": "../auth-construct" }, - { "path": "../reference-auth-construct" }, { "path": "../backend-output-storage" }, { "path": "../plugin-types" }, { "path": "../backend-platform-test-stubs" }, diff --git a/packages/reference-auth-construct/.npmignore b/packages/reference-auth-construct/.npmignore deleted file mode 100644 index 1015fa09fd..0000000000 --- a/packages/reference-auth-construct/.npmignore +++ /dev/null @@ -1,14 +0,0 @@ -# Be very careful editing this file. It is crafted to work around [this issue](https://github.com/npm/npm/issues/4479) - -# First ignore everything -**/* - -# Then add back in transpiled js and ts declaration files -!lib/**/*.js -!lib/**/*.d.ts - -# Then ignore test js and ts declaration files -*.test.js -*.test.d.ts - -# This leaves us with including only js and ts declaration files of functional code \ No newline at end of file diff --git a/packages/reference-auth-construct/API.md b/packages/reference-auth-construct/API.md deleted file mode 100644 index 364cdb2504..0000000000 --- a/packages/reference-auth-construct/API.md +++ /dev/null @@ -1,35 +0,0 @@ -## API Report File for "@aws-amplify/reference-auth-construct" - -> Do not edit this file. It is a report generated by [API Extractor](https://api-extractor.com/). - -```ts - -import { AuthOutput } from '@aws-amplify/backend-output-schemas'; -import { BackendOutputStorageStrategy } from '@aws-amplify/plugin-types'; -import { Construct } from 'constructs'; -import { ReferenceAuthResources } from '@aws-amplify/plugin-types'; -import { ResourceProvider } from '@aws-amplify/plugin-types'; - -// @public -export class AmplifyReferenceAuth extends Construct implements ResourceProvider { - constructor(scope: Construct, id: string, props: ReferenceAuthProps); - // (undocumented) - resources: ReferenceAuthResources; -} - -// @public (undocumented) -export type ReferenceAuthProps = { - outputStorageStrategy?: BackendOutputStorageStrategy; - userPoolId: string; - identityPoolId: string; - userPoolClientId: string; - authRoleArn: string; - unauthRoleArn: string; - groups?: { - [groupName: string]: string; - }; -}; - -// (No @packageDocumentation comment for this package) - -``` diff --git a/packages/reference-auth-construct/README.md b/packages/reference-auth-construct/README.md deleted file mode 100644 index 873d89df95..0000000000 --- a/packages/reference-auth-construct/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# Description - -The Reference Auth construct allows developers to provide references to existing auth resources, which can be used by the rest of their Amplify resources. diff --git a/packages/reference-auth-construct/api-extractor.json b/packages/reference-auth-construct/api-extractor.json deleted file mode 100644 index 0f56de03f6..0000000000 --- a/packages/reference-auth-construct/api-extractor.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "extends": "../../api-extractor.base.json" -} diff --git a/packages/reference-auth-construct/package.json b/packages/reference-auth-construct/package.json deleted file mode 100644 index 66250b0ed8..0000000000 --- a/packages/reference-auth-construct/package.json +++ /dev/null @@ -1,33 +0,0 @@ -{ - "name": "@aws-amplify/reference-auth-construct", - "version": "0.1.0", - "type": "commonjs", - "publishConfig": { - "access": "public" - }, - "exports": { - ".": { - "types": "./lib/index.d.ts", - "default": "./lib/index.js" - } - }, - "main": "lib/index.js", - "types": "lib/index.d.ts", - "scripts": { - "update:api": "api-extractor run --local" - }, - "license": "Apache-2.0", - "dependencies": { - "@aws-amplify/backend-output-schemas": "^1.1.0", - "@aws-amplify/backend-output-storage": "^1.1.2", - "@aws-amplify/plugin-types": "^1.2.2", - "@aws-sdk/client-cognito-identity-provider": "^3.624.0", - "@aws-sdk/client-cognito-identity": "^3.624.0", - "@types/aws-lambda": "^8.10.119", - "aws-lambda": "^1.0.7" - }, - "peerDependencies": { - "aws-cdk-lib": "^2.152.0", - "constructs": "^10.0.0" - } -} diff --git a/packages/reference-auth-construct/src/index.ts b/packages/reference-auth-construct/src/index.ts deleted file mode 100644 index bf71d8c1e6..0000000000 --- a/packages/reference-auth-construct/src/index.ts +++ /dev/null @@ -1,2 +0,0 @@ -export { ReferenceAuthProps } from './types.js'; -export { AmplifyReferenceAuth } from './construct.js'; diff --git a/packages/reference-auth-construct/src/lambda/reference_auth_initializer_types.ts b/packages/reference-auth-construct/src/lambda/reference_auth_initializer_types.ts deleted file mode 100644 index 2c83a4b062..0000000000 --- a/packages/reference-auth-construct/src/lambda/reference_auth_initializer_types.ts +++ /dev/null @@ -1,8 +0,0 @@ -export type ReferenceAuthInitializerProps = { - userPoolId: string; - identityPoolId: string; - authRoleArn: string; - unauthRoleArn: string; - userPoolClientId: string; - region: string; -}; diff --git a/packages/reference-auth-construct/src/types.ts b/packages/reference-auth-construct/src/types.ts deleted file mode 100644 index dc8305c81b..0000000000 --- a/packages/reference-auth-construct/src/types.ts +++ /dev/null @@ -1,36 +0,0 @@ -import { AuthOutput } from '@aws-amplify/backend-output-schemas'; -import { BackendOutputStorageStrategy } from '@aws-amplify/plugin-types'; - -export type ReferenceAuthProps = { - /** - * @internal - */ - outputStorageStrategy?: BackendOutputStorageStrategy; - /** - * Existing UserPool Id - */ - userPoolId: string; - /** - * Existing IdentityPool Id - */ - identityPoolId: string; - /** - * Existing UserPoolClient Id - */ - userPoolClientId: string; - /** - * Existing AuthRole ARN - */ - authRoleArn: string; - /** - * Existing UnauthRole ARN - */ - unauthRoleArn: string; - /** - * A mapping of existing group names and their associated role ARNs - * which can be used for group permissions. - */ - groups?: { - [groupName: string]: string; - }; -}; diff --git a/packages/reference-auth-construct/tsconfig.json b/packages/reference-auth-construct/tsconfig.json deleted file mode 100644 index 9d14dcca40..0000000000 --- a/packages/reference-auth-construct/tsconfig.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "extends": "../../tsconfig.base.json", - "compilerOptions": { - "target": "ES2018", - "module": "commonjs", - "moduleResolution": "Node", - "lib": ["ESnext"], - "rootDir": "src", - "outDir": "lib", - "allowJs": true - }, - "references": [ - { "path": "../backend-output-schemas" }, - { "path": "../backend-output-storage" }, - { "path": "../plugin-types" } - ] -} diff --git a/packages/reference-auth-construct/typedoc.json b/packages/reference-auth-construct/typedoc.json deleted file mode 100644 index 35fed2c958..0000000000 --- a/packages/reference-auth-construct/typedoc.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "entryPoints": ["src/index.ts"] -} diff --git a/scripts/concurrent_workspace_script.ts b/scripts/concurrent_workspace_script.ts index ed32d78a53..0742b39b0c 100644 --- a/scripts/concurrent_workspace_script.ts +++ b/scripts/concurrent_workspace_script.ts @@ -47,21 +47,30 @@ const runInDir = (dir: string) => // iterate over all the packages in the project const runPromises = packagePaths.map(async (packagePath) => { - const packageTsBuildInfoPath = path.join(packagePath, 'tsconfig.tsbuildinfo'); - // if the package doesn't have a tsbuildinfo file, execute the command - if (!existsSync(packageTsBuildInfoPath)) { - return runInDir(packagePath); - } - const packageTsBuildInfoHash = createHash('sha512') - .update(await fs.readFile(packageTsBuildInfoPath)) - .digest('hex'); - // if the tsbuildinfo file has a different hash than the last time the command ran, run it again - if (commandHashCache[packagePath] !== packageTsBuildInfoHash) { - await runInDir(packagePath); + try { + const packageTsBuildInfoPath = path.join( + packagePath, + 'tsconfig.tsbuildinfo' + ); + // if the package doesn't have a tsbuildinfo file, execute the command + if (!existsSync(packageTsBuildInfoPath)) { + return runInDir(packagePath); + } + const packageTsBuildInfoHash = createHash('sha512') + .update(await fs.readFile(packageTsBuildInfoPath)) + .digest('hex'); + // if the tsbuildinfo file has a different hash than the last time the command ran, run it again + if (commandHashCache[packagePath] !== packageTsBuildInfoHash) { + await runInDir(packagePath); + } + // store the new hash in the cache + commandHashCache[packagePath] = packageTsBuildInfoHash; + return undefined; + } catch (e) { + console.error('command failed for package:', packagePath); + console.log(e); + return undefined; } - // store the new hash in the cache - commandHashCache[packagePath] = packageTsBuildInfoHash; - return undefined; }); await Promise.all(runPromises); From 61164765a659dd0b87b8bb799b6fc81d3e086433 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Fri, 11 Oct 2024 18:03:22 -0700 Subject: [PATCH 30/61] chore: fix api --- packages/backend-auth/API.md | 5 +---- packages/backend-auth/src/reference_factory.ts | 6 ++++-- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/packages/backend-auth/API.md b/packages/backend-auth/API.md index 107dd3262f..1dcb854693 100644 --- a/packages/backend-auth/API.md +++ b/packages/backend-auth/API.md @@ -6,11 +6,9 @@ import { AmazonProviderProps } from '@aws-amplify/auth-construct'; import { AppleProviderProps } from '@aws-amplify/auth-construct'; -import { AuthOutput } from '@aws-amplify/backend-output-schemas'; import { AuthProps } from '@aws-amplify/auth-construct'; import { AuthResources } from '@aws-amplify/plugin-types'; import { AuthRoleName } from '@aws-amplify/plugin-types'; -import { BackendOutputStorageStrategy } from '@aws-amplify/plugin-types'; import { BackendSecret } from '@aws-amplify/plugin-types'; import { ConstructFactory } from '@aws-amplify/plugin-types'; import { ConstructFactoryGetInstanceProps } from '@aws-amplify/plugin-types'; @@ -19,6 +17,7 @@ import { FacebookProviderProps } from '@aws-amplify/auth-construct'; import { FunctionResources } from '@aws-amplify/plugin-types'; import { GoogleProviderProps } from '@aws-amplify/auth-construct'; import { OidcProviderProps } from '@aws-amplify/auth-construct'; +import { ReferenceAuthProps } from '@aws-amplify/auth-construct'; import { ReferenceAuthResources } from '@aws-amplify/plugin-types'; import { ResourceAccessAcceptor } from '@aws-amplify/plugin-types'; import { ResourceAccessAcceptorFactory } from '@aws-amplify/plugin-types'; @@ -45,8 +44,6 @@ export type AmplifyAuthProps = Expand; -// Warning: (ae-forgotten-export) The symbol "ReferenceAuthProps" needs to be exported by the entry point index.d.ts -// // @public (undocumented) export type AmplifyReferenceAuthProps = Expand & { access?: AuthAccessGenerator; diff --git a/packages/backend-auth/src/reference_factory.ts b/packages/backend-auth/src/reference_factory.ts index 222343a969..3fd7689d4b 100644 --- a/packages/backend-auth/src/reference_factory.ts +++ b/packages/backend-auth/src/reference_factory.ts @@ -11,7 +11,10 @@ import { StackProvider, } from '@aws-amplify/plugin-types'; import { AuthAccessGenerator, Expand } from './types.js'; -import { AmplifyReferenceAuth } from '@aws-amplify/auth-construct'; +import { + AmplifyReferenceAuth, + ReferenceAuthProps, +} from '@aws-amplify/auth-construct'; import { authAccessBuilder as _authAccessBuilder } from './access_builder.js'; import path from 'path'; import { AmplifyUserError, TagName } from '@aws-amplify/platform-core'; @@ -19,7 +22,6 @@ import { AuthAccessPolicyArbiterFactory } from './auth_access_policy_arbiter.js' import { Stack, Tags } from 'aws-cdk-lib'; import { Policy } from 'aws-cdk-lib/aws-iam'; import { UserPoolAccessPolicyFactory } from './userpool_access_policy_factory.js'; -import { ReferenceAuthProps } from '../../auth-construct/src/types.js'; export type BackendReferenceAuth = ResourceProvider & ResourceAccessAcceptorFactory & From d4358f90555aaf78cfd9948cca7ba2373376b167 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Fri, 11 Oct 2024 18:24:16 -0700 Subject: [PATCH 31/61] chore: undo changes to concurrent workspace script --- scripts/concurrent_workspace_script.ts | 37 ++++++++++---------------- 1 file changed, 14 insertions(+), 23 deletions(-) diff --git a/scripts/concurrent_workspace_script.ts b/scripts/concurrent_workspace_script.ts index 0742b39b0c..ed32d78a53 100644 --- a/scripts/concurrent_workspace_script.ts +++ b/scripts/concurrent_workspace_script.ts @@ -47,30 +47,21 @@ const runInDir = (dir: string) => // iterate over all the packages in the project const runPromises = packagePaths.map(async (packagePath) => { - try { - const packageTsBuildInfoPath = path.join( - packagePath, - 'tsconfig.tsbuildinfo' - ); - // if the package doesn't have a tsbuildinfo file, execute the command - if (!existsSync(packageTsBuildInfoPath)) { - return runInDir(packagePath); - } - const packageTsBuildInfoHash = createHash('sha512') - .update(await fs.readFile(packageTsBuildInfoPath)) - .digest('hex'); - // if the tsbuildinfo file has a different hash than the last time the command ran, run it again - if (commandHashCache[packagePath] !== packageTsBuildInfoHash) { - await runInDir(packagePath); - } - // store the new hash in the cache - commandHashCache[packagePath] = packageTsBuildInfoHash; - return undefined; - } catch (e) { - console.error('command failed for package:', packagePath); - console.log(e); - return undefined; + const packageTsBuildInfoPath = path.join(packagePath, 'tsconfig.tsbuildinfo'); + // if the package doesn't have a tsbuildinfo file, execute the command + if (!existsSync(packageTsBuildInfoPath)) { + return runInDir(packagePath); + } + const packageTsBuildInfoHash = createHash('sha512') + .update(await fs.readFile(packageTsBuildInfoPath)) + .digest('hex'); + // if the tsbuildinfo file has a different hash than the last time the command ran, run it again + if (commandHashCache[packagePath] !== packageTsBuildInfoHash) { + await runInDir(packagePath); } + // store the new hash in the cache + commandHashCache[packagePath] = packageTsBuildInfoHash; + return undefined; }); await Promise.all(runPromises); From 1d190987bdc706d721b0a09a98bf30e0fa187718 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Fri, 11 Oct 2024 18:30:40 -0700 Subject: [PATCH 32/61] chore: add missing roles permission --- packages/auth-construct/src/reference_construct.ts | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/packages/auth-construct/src/reference_construct.ts b/packages/auth-construct/src/reference_construct.ts index 51d07ed3b0..54639b4741 100644 --- a/packages/auth-construct/src/reference_construct.ts +++ b/packages/auth-construct/src/reference_construct.ts @@ -137,7 +137,10 @@ export class AmplifyReferenceAuth refAuthLambda.grantPrincipal.addToPrincipalPolicy( new aws_iam.PolicyStatement({ effect: aws_iam.Effect.ALLOW, - actions: ['cognito-identity:DescribeIdentityPool'], + actions: [ + 'cognito-identity:DescribeIdentityPool', + 'cognito-identity:GetIdentityPoolRoles', + ], resources: [ `arn:aws:cognito-identity:${stack.region}:${stack.account}:identitypool/${this.resources.identityPoolId}`, ], From 880bc841818849f884dc231dc5949de8199e040e Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Fri, 11 Oct 2024 18:35:17 -0700 Subject: [PATCH 33/61] chore: update expected IAM policy permissions for identity pool --- packages/auth-construct/src/reference_construct.test.ts | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/packages/auth-construct/src/reference_construct.test.ts b/packages/auth-construct/src/reference_construct.test.ts index b663150534..3a2b609ea4 100644 --- a/packages/auth-construct/src/reference_construct.test.ts +++ b/packages/auth-construct/src/reference_construct.test.ts @@ -74,7 +74,10 @@ void describe('AmplifyConstruct', () => { }, }, { - Action: 'cognito-identity:DescribeIdentityPool', + Action: [ + 'cognito-identity:DescribeIdentityPool', + 'cognito-identity:GetIdentityPoolRoles', + ], Effect: 'Allow', Resource: { 'Fn::Join': [ From 8e5cc6829d817a456a713910ae2a5cac7d2755a2 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Mon, 14 Oct 2024 16:14:58 -0700 Subject: [PATCH 34/61] fix: make sure to throw on errors when using Provider framework --- .../lambda/reference_auth_initializer.test.ts | 268 ++++++++++++------ .../src/lambda/reference_auth_initializer.ts | 144 +++------- 2 files changed, 223 insertions(+), 189 deletions(-) diff --git a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts b/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts index 5be2d8707c..4c5c7837eb 100644 --- a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts +++ b/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts @@ -65,7 +65,8 @@ const deleteCfnEvent: CloudFormationCustomResourceEvent = { PhysicalResourceId: 'physicalId', ...customResourceEventCommon, }; - +// aws sdk will throw with error message for any non 200 status so we don't need to re-package it +const awsSDKErrorMessageMock = new Error('this message comes from the aws sdk'); const uuidMock = () => '00000000-0000-0000-0000-000000000000'; const identityProviderClient = new CognitoIdentityProviderClient(); const identityClient = new CognitoIdentityClient(); @@ -152,15 +153,27 @@ void describe('ReferenceAuthInitializer', () => { | DescribeUserPoolClientCommand ) => { if (request instanceof DescribeUserPoolCommand) { + if (describeUserPoolResponse.$metadata.httpStatusCode !== 200) { + throw awsSDKErrorMessageMock; + } return describeUserPoolResponse; } if (request instanceof GetUserPoolMfaConfigCommand) { + if (getUserPoolMfaConfigResponse.$metadata.httpStatusCode !== 200) { + throw awsSDKErrorMessageMock; + } return getUserPoolMfaConfigResponse; } if (request instanceof ListIdentityProvidersCommand) { + if (listIdentityProvidersResponse.$metadata.httpStatusCode !== 200) { + throw awsSDKErrorMessageMock; + } return listIdentityProvidersResponse; } if (request instanceof DescribeUserPoolClientCommand) { + if (describeUserPoolClientResponse.$metadata.httpStatusCode !== 200) { + throw awsSDKErrorMessageMock; + } return describeUserPoolClientResponse; } return undefined; @@ -173,9 +186,15 @@ void describe('ReferenceAuthInitializer', () => { request: DescribeIdentityPoolCommand | GetIdentityPoolRolesCommand ) => { if (request instanceof DescribeIdentityPoolCommand) { + if (describeIdentityPoolResponse.$metadata.httpStatusCode !== 200) { + throw awsSDKErrorMessageMock; + } return describeIdentityPoolResponse; } if (request instanceof GetIdentityPoolRolesCommand) { + if (getIdentityPoolRolesResponse.$metadata.httpStatusCode !== 200) { + throw awsSDKErrorMessageMock; + } return getIdentityPoolRolesResponse; } return undefined; @@ -209,9 +228,32 @@ void describe('ReferenceAuthInitializer', () => { httpStatusCode: 500, }, }; - const result = await handler.handleEvent(createCfnEvent); - assert.equal(result.Status, 'FAILED'); - assert.equal(result.Reason, 'Failed to retrieve the specified UserPool.'); + await assert.rejects( + handler.handleEvent(createCfnEvent), + (error: Error) => { + assert.strictEqual(error.message, awsSDKErrorMessageMock.message); + return true; + } + ); + }); + + void it('fails gracefully if fetching user pool fails', async () => { + describeUserPoolResponse = { + $metadata: { + httpStatusCode: 200, + }, + UserPool: undefined, + }; + await assert.rejects( + handler.handleEvent(createCfnEvent), + (error: Error) => { + assert.strictEqual( + error.message, + 'Failed to retrieve the specified UserPool.' + ); + return true; + } + ); }); void it('fails gracefully if user pool has no password policy', async () => { @@ -224,11 +266,16 @@ void describe('ReferenceAuthInitializer', () => { Policies: undefined, }, }; - const noPoliciesResult = await handler.handleEvent(createCfnEvent); - assert.equal(noPoliciesResult.Status, 'FAILED'); - assert.equal( - noPoliciesResult.Reason, - 'Failed to retrieve password policy.' + + await assert.rejects( + handler.handleEvent(createCfnEvent), + (error: Error) => { + assert.strictEqual( + error.message, + 'Failed to retrieve password policy.' + ); + return true; + } ); }); @@ -238,11 +285,12 @@ void describe('ReferenceAuthInitializer', () => { httpStatusCode: 500, }, }; - const result = await handler.handleEvent(createCfnEvent); - assert.equal(result.Status, 'FAILED'); - assert.equal( - result.Reason, - 'Failed to retrieve the MFA configuration for the specified UserPool.' + await assert.rejects( + handler.handleEvent(createCfnEvent), + (error: Error) => { + assert.strictEqual(error.message, awsSDKErrorMessageMock.message); + return true; + } ); }); @@ -253,11 +301,12 @@ void describe('ReferenceAuthInitializer', () => { }, Providers: [], }; - const httpErrorResult = await handler.handleEvent(createCfnEvent); - assert.equal(httpErrorResult.Status, 'FAILED'); - assert.equal( - httpErrorResult.Reason, - 'An error occurred while retrieving identity providers for the user pool.' + await assert.rejects( + handler.handleEvent(createCfnEvent), + (error: Error) => { + assert.strictEqual(error.message, awsSDKErrorMessageMock.message); + return true; + } ); listIdentityProvidersResponse = { $metadata: { @@ -265,11 +314,15 @@ void describe('ReferenceAuthInitializer', () => { }, Providers: undefined, }; - const undefinedProvidersResult = await handler.handleEvent(createCfnEvent); - assert.equal(undefinedProvidersResult.Status, 'FAILED'); - assert.equal( - undefinedProvidersResult.Reason, - 'An error occurred while retrieving identity providers for the user pool.' + await assert.rejects( + handler.handleEvent(createCfnEvent), + (error: Error) => { + assert.strictEqual( + error.message, + 'An error occurred while retrieving identity providers for the user pool.' + ); + return true; + } ); }); @@ -279,11 +332,12 @@ void describe('ReferenceAuthInitializer', () => { httpStatusCode: 500, }, }; - const result = await handler.handleEvent(createCfnEvent); - assert.equal(result.Status, 'FAILED'); - assert.equal( - result.Reason, - 'An error occurred while retrieving the user pool client details.' + await assert.rejects( + handler.handleEvent(createCfnEvent), + (error: Error) => { + assert.strictEqual(error.message, awsSDKErrorMessageMock.message); + return true; + } ); describeUserPoolClientResponse = { $metadata: { @@ -291,13 +345,15 @@ void describe('ReferenceAuthInitializer', () => { }, UserPoolClient: undefined, }; - const undefinedUserPoolClientResult = await handler.handleEvent( - createCfnEvent - ); - assert.equal(undefinedUserPoolClientResult.Status, 'FAILED'); - assert.equal( - undefinedUserPoolClientResult.Reason, - 'An error occurred while retrieving the user pool client details.' + await assert.rejects( + handler.handleEvent(createCfnEvent), + (error: Error) => { + assert.strictEqual( + error.message, + 'An error occurred while retrieving the user pool client details.' + ); + return true; + } ); }); @@ -310,11 +366,12 @@ void describe('ReferenceAuthInitializer', () => { IdentityPoolName: undefined, AllowUnauthenticatedIdentities: undefined, }; - const result = await handler.handleEvent(createCfnEvent); - assert.equal(result.Status, 'FAILED'); - assert.equal( - result.Reason, - 'An error occurred while retrieving the identity pool details.' + await assert.rejects( + handler.handleEvent(createCfnEvent), + (error: Error) => { + assert.strictEqual(error.message, awsSDKErrorMessageMock.message); + return true; + } ); describeIdentityPoolResponse = { $metadata: { @@ -324,13 +381,15 @@ void describe('ReferenceAuthInitializer', () => { IdentityPoolName: undefined, AllowUnauthenticatedIdentities: undefined, }; - const undefinedIdentityPoolIdResult = await handler.handleEvent( - createCfnEvent - ); - assert.equal(undefinedIdentityPoolIdResult.Status, 'FAILED'); - assert.equal( - undefinedIdentityPoolIdResult.Reason, - 'An error occurred while retrieving the identity pool details.' + await assert.rejects( + handler.handleEvent(createCfnEvent), + (error: Error) => { + assert.strictEqual( + error.message, + 'An error occurred while retrieving the identity pool details.' + ); + return true; + } ); }); @@ -340,11 +399,12 @@ void describe('ReferenceAuthInitializer', () => { httpStatusCode: 500, }, }; - const result = await handler.handleEvent(createCfnEvent); - assert.equal(result.Status, 'FAILED'); - assert.equal( - result.Reason, - 'An error occurred while retrieving the roles for the identity pool.' + await assert.rejects( + handler.handleEvent(createCfnEvent), + (error: Error) => { + assert.strictEqual(error.message, awsSDKErrorMessageMock.message); + return true; + } ); getIdentityPoolRolesResponse = { $metadata: { @@ -352,13 +412,15 @@ void describe('ReferenceAuthInitializer', () => { }, Roles: undefined, }; - const undefinedIdentityPoolIdResult = await handler.handleEvent( - createCfnEvent - ); - assert.equal(undefinedIdentityPoolIdResult.Status, 'FAILED'); - assert.equal( - undefinedIdentityPoolIdResult.Reason, - 'An error occurred while retrieving the roles for the identity pool.' + await assert.rejects( + handler.handleEvent(createCfnEvent), + (error: Error) => { + assert.strictEqual( + error.message, + 'An error occurred while retrieving the roles for the identity pool.' + ); + return true; + } ); }); // fails gracefully if userPool or client doesn't match identity pool @@ -374,11 +436,15 @@ void describe('ReferenceAuthInitializer', () => { }, ], }; - const result = await handler.handleEvent(createCfnEvent); - assert.equal(result.Status, 'FAILED'); - assert.equal( - result.Reason, - 'The user pool and user pool client pair do not match any cognito identity providers for the specified identity pool.' + await assert.rejects( + handler.handleEvent(createCfnEvent), + (error: Error) => { + assert.strictEqual( + error.message, + 'The user pool and user pool client pair do not match any cognito identity providers for the specified identity pool.' + ); + return true; + } ); }); void it('fails gracefully if identity pool does not have cognito identity providers configured', async () => { @@ -386,11 +452,15 @@ void describe('ReferenceAuthInitializer', () => { ...describeIdentityPoolResponse, CognitoIdentityProviders: [], }; - const result = await handler.handleEvent(createCfnEvent); - assert.equal(result.Status, 'FAILED'); - assert.equal( - result.Reason, - 'The specified identity pool does not have any cognito identity providers.' + await assert.rejects( + handler.handleEvent(createCfnEvent), + (error: Error) => { + assert.strictEqual( + error.message, + 'The specified identity pool does not have any cognito identity providers.' + ); + return true; + } ); }); void it('fails gracefully if the client id does not match any cognito provider on the identity pool', async () => { @@ -405,11 +475,15 @@ void describe('ReferenceAuthInitializer', () => { }, ], }; - const result = await handler.handleEvent(createCfnEvent); - assert.equal(result.Status, 'FAILED'); - assert.equal( - result.Reason, - 'The user pool and user pool client pair do not match any cognito identity providers for the specified identity pool.' + await assert.rejects( + handler.handleEvent(createCfnEvent), + (error: Error) => { + assert.strictEqual( + error.message, + 'The user pool and user pool client pair do not match any cognito identity providers for the specified identity pool.' + ); + return true; + } ); }); void it('fails gracefully if auth role ARN does not match', async () => { @@ -423,13 +497,15 @@ void describe('ReferenceAuthInitializer', () => { unauthenticated: SampleInputProperties.unauthRoleArn, }, }; - const undefinedIdentityPoolIdResult = await handler.handleEvent( - createCfnEvent - ); - assert.equal(undefinedIdentityPoolIdResult.Status, 'FAILED'); - assert.equal( - undefinedIdentityPoolIdResult.Reason, - 'The provided authRoleArn does not match the authenticated role for the specified identity pool.' + await assert.rejects( + handler.handleEvent(createCfnEvent), + (error: Error) => { + assert.strictEqual( + error.message, + 'The provided authRoleArn does not match the authenticated role for the specified identity pool.' + ); + return true; + } ); }); void it('fails gracefully if unauth role ARN does not match', async () => { @@ -443,11 +519,15 @@ void describe('ReferenceAuthInitializer', () => { unauthenticated: 'wrongUnauthRole', }, }; - const badUnAuthRoleResult = await handler.handleEvent(createCfnEvent); - assert.equal(badUnAuthRoleResult.Status, 'FAILED'); - assert.equal( - badUnAuthRoleResult.Reason, - 'The provided unauthRoleArn does not match the unauthenticated role for the specified identity pool.' + await assert.rejects( + handler.handleEvent(createCfnEvent), + (error: Error) => { + assert.strictEqual( + error.message, + 'The provided unauthRoleArn does not match the unauthenticated role for the specified identity pool.' + ); + return true; + } ); }); void it('fails gracefully if user pool client is not a web client', async () => { @@ -460,11 +540,15 @@ void describe('ReferenceAuthInitializer', () => { ClientSecret: 'sample', }, }; - const result = await handler.handleEvent(createCfnEvent); - assert.equal(result.Status, 'FAILED'); - assert.equal( - result.Reason, - 'The specified user pool client is not configured as a web client.' + await assert.rejects( + handler.handleEvent(createCfnEvent), + (error: Error) => { + assert.strictEqual( + error.message, + 'The specified user pool client is not configured as a web client.' + ); + return true; + } ); }); }); diff --git a/packages/auth-construct/src/lambda/reference_auth_initializer.ts b/packages/auth-construct/src/lambda/reference_auth_initializer.ts index 8d2801c03a..19abac366e 100644 --- a/packages/auth-construct/src/lambda/reference_auth_initializer.ts +++ b/packages/auth-construct/src/lambda/reference_auth_initializer.ts @@ -1,6 +1,5 @@ import { CloudFormationCustomResourceEvent, - CloudFormationCustomResourceFailedResponse, CloudFormationCustomResourceResponse, CloudFormationCustomResourceSuccessResponse, } from 'aws-lambda'; @@ -68,85 +67,56 @@ export class ReferenceAuthInitializer { // for create or update events, we will fetch and validate resource properties const props = event.ResourceProperties as unknown as ReferenceAuthInitializerProps; - try { - const { - userPool, - userPoolPasswordPolicy, - userPoolClient, - userPoolMFA, - userPoolProviders, - identityPool, - roles, - } = await this.getResourceDetails( - props.userPoolId, - props.identityPoolId, - props.userPoolClientId - ); - - this.validateResourceAssociations( - userPool, - userPoolClient, - identityPool, - roles, - props - ); + const { + userPool, + userPoolPasswordPolicy, + userPoolClient, + userPoolMFA, + userPoolProviders, + identityPool, + roles, + } = await this.getResourceDetails( + props.userPoolId, + props.identityPoolId, + props.userPoolClientId + ); - const userPoolOutputs = await this.getUserPoolOutputs( - userPool, - userPoolPasswordPolicy, - userPoolProviders, - userPoolMFA, - props.region - ); - const identityPoolOutputs = await this.getIdentityPoolOutputs( - identityPool - ); - const userPoolClientOutputs = await this.getUserPoolClientOutputs( - userPoolClient - ); - const data: Omit = { - userPoolId: props.userPoolId, - webClientId: props.userPoolClientId, - identityPoolId: props.identityPoolId, - ...userPoolOutputs, - ...identityPoolOutputs, - ...userPoolClientOutputs, - }; - return { - RequestId: event.RequestId, - LogicalResourceId: event.LogicalResourceId, - PhysicalResourceId: physicalId, - StackId: event.StackId, - NoEcho: true, - Data: data, - Status: 'SUCCESS', - } as CloudFormationCustomResourceSuccessResponse; - } catch (e) { - if (e instanceof Error) { - return this.failureResponse(event, physicalId, e.message); - } - return this.failureResponse( - event, - physicalId, - 'An unknown error occurred while initializing auth resources.' - ); - } - }; + this.validateResourceAssociations( + userPool, + userPoolClient, + identityPool, + roles, + props + ); - private failureResponse = ( - event: CloudFormationCustomResourceEvent, - physicalId: string, - reason: string - ): CloudFormationCustomResourceFailedResponse => { + const userPoolOutputs = await this.getUserPoolOutputs( + userPool, + userPoolPasswordPolicy, + userPoolProviders, + userPoolMFA, + props.region + ); + const identityPoolOutputs = await this.getIdentityPoolOutputs(identityPool); + const userPoolClientOutputs = await this.getUserPoolClientOutputs( + userPoolClient + ); + const data: Omit = { + userPoolId: props.userPoolId, + webClientId: props.userPoolClientId, + identityPoolId: props.identityPoolId, + ...userPoolOutputs, + ...identityPoolOutputs, + ...userPoolClientOutputs, + }; return { RequestId: event.RequestId, LogicalResourceId: event.LogicalResourceId, PhysicalResourceId: physicalId, StackId: event.StackId, NoEcho: true, - Reason: reason, - Status: 'FAILED', - } as CloudFormationCustomResourceFailedResponse; + Data: data, + Status: 'SUCCESS', + } as CloudFormationCustomResourceSuccessResponse; }; private getUserPool = async (userPoolId: string) => { @@ -156,10 +126,7 @@ export class ReferenceAuthInitializer { const userPoolResponse = await this.cognitoIdentityProviderClient.send( userPoolCommand ); - if ( - userPoolResponse.$metadata.httpStatusCode !== 200 || - !userPoolResponse.UserPool - ) { + if (!userPoolResponse.UserPool) { throw new Error('Failed to retrieve the specified UserPool.'); } const userPool = userPoolResponse.UserPool; @@ -181,11 +148,6 @@ export class ReferenceAuthInitializer { const mfaResponse = await this.cognitoIdentityProviderClient.send( mfaCommand ); - if (mfaResponse.$metadata.httpStatusCode !== 200) { - throw new Error( - 'Failed to retrieve the MFA configuration for the specified UserPool.' - ); - } return mfaResponse; }; @@ -199,10 +161,7 @@ export class ReferenceAuthInitializer { NextToken: nextToken, }) ); - if ( - providersResponse.$metadata.httpStatusCode !== 200 || - providersResponse.Providers === undefined - ) { + if (providersResponse.Providers === undefined) { throw new Error( 'An error occurred while retrieving identity providers for the user pool.' ); @@ -219,10 +178,7 @@ export class ReferenceAuthInitializer { IdentityPoolId: identityPoolId, }) ); - if ( - idpResponse.$metadata.httpStatusCode !== 200 || - !idpResponse.IdentityPoolId - ) { + if (!idpResponse.IdentityPoolId) { throw new Error( 'An error occurred while retrieving the identity pool details.' ); @@ -235,10 +191,7 @@ export class ReferenceAuthInitializer { IdentityPoolId: identityPoolId, }); const rolesResponse = await this.cognitoIdentityClient.send(rolesCommand); - if ( - rolesResponse.$metadata.httpStatusCode !== 200 || - !rolesResponse.Roles - ) { + if (!rolesResponse.Roles) { throw new Error( 'An error occurred while retrieving the roles for the identity pool.' ); @@ -256,10 +209,7 @@ export class ReferenceAuthInitializer { }); const userPoolClientResponse = await this.cognitoIdentityProviderClient.send(userPoolClientCommand); - if ( - userPoolClientResponse.$metadata.httpStatusCode !== 200 || - !userPoolClientResponse.UserPoolClient - ) { + if (!userPoolClientResponse.UserPoolClient) { throw new Error( 'An error occurred while retrieving the user pool client details.' ); From cffabc943540791ac38abd08dbc4edcd5e2e986d Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Mon, 14 Oct 2024 16:38:56 -0700 Subject: [PATCH 35/61] chore: refactor --- .../lambda/reference_auth_initializer.test.ts | 180 ++++++------------ 1 file changed, 53 insertions(+), 127 deletions(-) diff --git a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts b/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts index 4c5c7837eb..a9db7e0dc3 100644 --- a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts +++ b/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts @@ -100,6 +100,15 @@ void describe('ReferenceAuthInitializer', () => { let describeUserPoolClientResponse: DescribeUserPoolClientCommandOutput; let describeIdentityPoolResponse: DescribeIdentityPoolCommandOutput; let getIdentityPoolRolesResponse: GetIdentityPoolRolesCommandOutput; + const rejectsAndMatchError = async ( + fn: Promise, + expectedErrorMessage: string + ) => { + await assert.rejects(fn, (error: Error) => { + assert.strictEqual(error.message, expectedErrorMessage); + return true; + }); + }; beforeEach(() => { handler = new ReferenceAuthInitializer( identityClient, @@ -228,12 +237,9 @@ void describe('ReferenceAuthInitializer', () => { httpStatusCode: 500, }, }; - await assert.rejects( + await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - (error: Error) => { - assert.strictEqual(error.message, awsSDKErrorMessageMock.message); - return true; - } + awsSDKErrorMessageMock.message ); }); @@ -244,15 +250,9 @@ void describe('ReferenceAuthInitializer', () => { }, UserPool: undefined, }; - await assert.rejects( + await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - (error: Error) => { - assert.strictEqual( - error.message, - 'Failed to retrieve the specified UserPool.' - ); - return true; - } + 'Failed to retrieve the specified UserPool.' ); }); @@ -266,16 +266,9 @@ void describe('ReferenceAuthInitializer', () => { Policies: undefined, }, }; - - await assert.rejects( + await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - (error: Error) => { - assert.strictEqual( - error.message, - 'Failed to retrieve password policy.' - ); - return true; - } + 'Failed to retrieve password policy.' ); }); @@ -285,12 +278,9 @@ void describe('ReferenceAuthInitializer', () => { httpStatusCode: 500, }, }; - await assert.rejects( + await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - (error: Error) => { - assert.strictEqual(error.message, awsSDKErrorMessageMock.message); - return true; - } + awsSDKErrorMessageMock.message ); }); @@ -301,28 +291,21 @@ void describe('ReferenceAuthInitializer', () => { }, Providers: [], }; - await assert.rejects( + await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - (error: Error) => { - assert.strictEqual(error.message, awsSDKErrorMessageMock.message); - return true; - } + awsSDKErrorMessageMock.message ); + }); + void it('fails gracefully if fetching user pool providers returns undefined', async () => { listIdentityProvidersResponse = { $metadata: { httpStatusCode: 200, }, Providers: undefined, }; - await assert.rejects( + await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - (error: Error) => { - assert.strictEqual( - error.message, - 'An error occurred while retrieving identity providers for the user pool.' - ); - return true; - } + 'An error occurred while retrieving identity providers for the user pool.' ); }); @@ -332,28 +315,21 @@ void describe('ReferenceAuthInitializer', () => { httpStatusCode: 500, }, }; - await assert.rejects( + await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - (error: Error) => { - assert.strictEqual(error.message, awsSDKErrorMessageMock.message); - return true; - } + awsSDKErrorMessageMock.message ); + }); + void it('fails gracefully if fetching user pool client returns undefined', async () => { describeUserPoolClientResponse = { $metadata: { httpStatusCode: 200, }, UserPoolClient: undefined, }; - await assert.rejects( + await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - (error: Error) => { - assert.strictEqual( - error.message, - 'An error occurred while retrieving the user pool client details.' - ); - return true; - } + 'An error occurred while retrieving the user pool client details.' ); }); @@ -366,13 +342,12 @@ void describe('ReferenceAuthInitializer', () => { IdentityPoolName: undefined, AllowUnauthenticatedIdentities: undefined, }; - await assert.rejects( + await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - (error: Error) => { - assert.strictEqual(error.message, awsSDKErrorMessageMock.message); - return true; - } + awsSDKErrorMessageMock.message ); + }); + void it('fails gracefully if fetching identity pool returns undefined', async () => { describeIdentityPoolResponse = { $metadata: { httpStatusCode: 200, @@ -381,15 +356,9 @@ void describe('ReferenceAuthInitializer', () => { IdentityPoolName: undefined, AllowUnauthenticatedIdentities: undefined, }; - await assert.rejects( + await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - (error: Error) => { - assert.strictEqual( - error.message, - 'An error occurred while retrieving the identity pool details.' - ); - return true; - } + 'An error occurred while retrieving the identity pool details.' ); }); @@ -399,28 +368,21 @@ void describe('ReferenceAuthInitializer', () => { httpStatusCode: 500, }, }; - await assert.rejects( + await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - (error: Error) => { - assert.strictEqual(error.message, awsSDKErrorMessageMock.message); - return true; - } + awsSDKErrorMessageMock.message ); + }); + void it('fails gracefully if fetching identity pool roles return undefined', async () => { getIdentityPoolRolesResponse = { $metadata: { httpStatusCode: 200, }, Roles: undefined, }; - await assert.rejects( + await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - (error: Error) => { - assert.strictEqual( - error.message, - 'An error occurred while retrieving the roles for the identity pool.' - ); - return true; - } + 'An error occurred while retrieving the roles for the identity pool.' ); }); // fails gracefully if userPool or client doesn't match identity pool @@ -436,15 +398,9 @@ void describe('ReferenceAuthInitializer', () => { }, ], }; - await assert.rejects( + await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - (error: Error) => { - assert.strictEqual( - error.message, - 'The user pool and user pool client pair do not match any cognito identity providers for the specified identity pool.' - ); - return true; - } + 'The user pool and user pool client pair do not match any cognito identity providers for the specified identity pool.' ); }); void it('fails gracefully if identity pool does not have cognito identity providers configured', async () => { @@ -452,15 +408,9 @@ void describe('ReferenceAuthInitializer', () => { ...describeIdentityPoolResponse, CognitoIdentityProviders: [], }; - await assert.rejects( + await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - (error: Error) => { - assert.strictEqual( - error.message, - 'The specified identity pool does not have any cognito identity providers.' - ); - return true; - } + 'The specified identity pool does not have any cognito identity providers.' ); }); void it('fails gracefully if the client id does not match any cognito provider on the identity pool', async () => { @@ -475,15 +425,9 @@ void describe('ReferenceAuthInitializer', () => { }, ], }; - await assert.rejects( + await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - (error: Error) => { - assert.strictEqual( - error.message, - 'The user pool and user pool client pair do not match any cognito identity providers for the specified identity pool.' - ); - return true; - } + 'The user pool and user pool client pair do not match any cognito identity providers for the specified identity pool.' ); }); void it('fails gracefully if auth role ARN does not match', async () => { @@ -497,15 +441,9 @@ void describe('ReferenceAuthInitializer', () => { unauthenticated: SampleInputProperties.unauthRoleArn, }, }; - await assert.rejects( + await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - (error: Error) => { - assert.strictEqual( - error.message, - 'The provided authRoleArn does not match the authenticated role for the specified identity pool.' - ); - return true; - } + 'The provided authRoleArn does not match the authenticated role for the specified identity pool.' ); }); void it('fails gracefully if unauth role ARN does not match', async () => { @@ -519,15 +457,9 @@ void describe('ReferenceAuthInitializer', () => { unauthenticated: 'wrongUnauthRole', }, }; - await assert.rejects( + await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - (error: Error) => { - assert.strictEqual( - error.message, - 'The provided unauthRoleArn does not match the unauthenticated role for the specified identity pool.' - ); - return true; - } + 'The provided unauthRoleArn does not match the unauthenticated role for the specified identity pool.' ); }); void it('fails gracefully if user pool client is not a web client', async () => { @@ -540,15 +472,9 @@ void describe('ReferenceAuthInitializer', () => { ClientSecret: 'sample', }, }; - await assert.rejects( + await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - (error: Error) => { - assert.strictEqual( - error.message, - 'The specified user pool client is not configured as a web client.' - ); - return true; - } + 'The specified user pool client is not configured as a web client.' ); }); }); From 1a91132c6d6527b9a2b036d32f69f3b72ccbaad5 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Mon, 14 Oct 2024 16:43:53 -0700 Subject: [PATCH 36/61] chore: cleanup --- .../lambda/reference_auth_initializer.test.ts | 94 ++++++------------- 1 file changed, 29 insertions(+), 65 deletions(-) diff --git a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts b/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts index a9db7e0dc3..1d64966fbc 100644 --- a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts +++ b/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts @@ -65,6 +65,16 @@ const deleteCfnEvent: CloudFormationCustomResourceEvent = { PhysicalResourceId: 'physicalId', ...customResourceEventCommon, }; +const httpError = { + $metadata: { + httpStatusCode: 500, + }, +}; +const httpSuccess = { + $metadata: { + httpStatusCode: 200, + }, +}; // aws sdk will throw with error message for any non 200 status so we don't need to re-package it const awsSDKErrorMessageMock = new Error('this message comes from the aws sdk'); const uuidMock = () => '00000000-0000-0000-0000-000000000000'; @@ -116,39 +126,27 @@ void describe('ReferenceAuthInitializer', () => { uuidMock ); describeUserPoolResponse = { - $metadata: { - httpStatusCode: 200, - }, + ...httpSuccess, UserPool: UserPool, }; getUserPoolMfaConfigResponse = { - $metadata: { - httpStatusCode: 200, - }, + ...httpSuccess, ...MFAResponse, }; listIdentityProvidersResponse = { - $metadata: { - httpStatusCode: 200, - }, + ...httpSuccess, Providers: [...IdentityProviders], }; describeUserPoolClientResponse = { - $metadata: { - httpStatusCode: 200, - }, + ...httpSuccess, UserPoolClient: UserPoolClient, }; describeIdentityPoolResponse = { - $metadata: { - httpStatusCode: 200, - }, + ...httpSuccess, ...IdentityPool, }; getIdentityPoolRolesResponse = { - $metadata: { - httpStatusCode: 200, - }, + ...httpSuccess, ...IdentityPoolRoles, }; mock.method( @@ -232,11 +230,7 @@ void describe('ReferenceAuthInitializer', () => { }); void it('fails gracefully if fetching user pool fails', async () => { - describeUserPoolResponse = { - $metadata: { - httpStatusCode: 500, - }, - }; + describeUserPoolResponse = httpError; await rejectsAndMatchError( handler.handleEvent(createCfnEvent), awsSDKErrorMessageMock.message @@ -245,9 +239,7 @@ void describe('ReferenceAuthInitializer', () => { void it('fails gracefully if fetching user pool fails', async () => { describeUserPoolResponse = { - $metadata: { - httpStatusCode: 200, - }, + ...httpSuccess, UserPool: undefined, }; await rejectsAndMatchError( @@ -258,9 +250,7 @@ void describe('ReferenceAuthInitializer', () => { void it('fails gracefully if user pool has no password policy', async () => { describeUserPoolResponse = { - $metadata: { - httpStatusCode: 200, - }, + ...httpSuccess, UserPool: { ...UserPool, Policies: undefined, @@ -273,11 +263,7 @@ void describe('ReferenceAuthInitializer', () => { }); void it('fails gracefully if fetching user pool MFA config fails', async () => { - getUserPoolMfaConfigResponse = { - $metadata: { - httpStatusCode: 500, - }, - }; + getUserPoolMfaConfigResponse = httpError; await rejectsAndMatchError( handler.handleEvent(createCfnEvent), awsSDKErrorMessageMock.message @@ -298,9 +284,7 @@ void describe('ReferenceAuthInitializer', () => { }); void it('fails gracefully if fetching user pool providers returns undefined', async () => { listIdentityProvidersResponse = { - $metadata: { - httpStatusCode: 200, - }, + ...httpSuccess, Providers: undefined, }; await rejectsAndMatchError( @@ -310,11 +294,7 @@ void describe('ReferenceAuthInitializer', () => { }); void it('fails gracefully if fetching user pool client fails', async () => { - describeUserPoolClientResponse = { - $metadata: { - httpStatusCode: 500, - }, - }; + describeUserPoolClientResponse = httpError; await rejectsAndMatchError( handler.handleEvent(createCfnEvent), awsSDKErrorMessageMock.message @@ -322,9 +302,7 @@ void describe('ReferenceAuthInitializer', () => { }); void it('fails gracefully if fetching user pool client returns undefined', async () => { describeUserPoolClientResponse = { - $metadata: { - httpStatusCode: 200, - }, + ...httpSuccess, UserPoolClient: undefined, }; await rejectsAndMatchError( @@ -349,9 +327,7 @@ void describe('ReferenceAuthInitializer', () => { }); void it('fails gracefully if fetching identity pool returns undefined', async () => { describeIdentityPoolResponse = { - $metadata: { - httpStatusCode: 200, - }, + ...httpSuccess, IdentityPoolId: undefined, IdentityPoolName: undefined, AllowUnauthenticatedIdentities: undefined, @@ -363,11 +339,7 @@ void describe('ReferenceAuthInitializer', () => { }); void it('fails gracefully if fetching identity pool roles fails', async () => { - getIdentityPoolRolesResponse = { - $metadata: { - httpStatusCode: 500, - }, - }; + getIdentityPoolRolesResponse = httpError; await rejectsAndMatchError( handler.handleEvent(createCfnEvent), awsSDKErrorMessageMock.message @@ -375,9 +347,7 @@ void describe('ReferenceAuthInitializer', () => { }); void it('fails gracefully if fetching identity pool roles return undefined', async () => { getIdentityPoolRolesResponse = { - $metadata: { - httpStatusCode: 200, - }, + ...httpSuccess, Roles: undefined, }; await rejectsAndMatchError( @@ -432,9 +402,7 @@ void describe('ReferenceAuthInitializer', () => { }); void it('fails gracefully if auth role ARN does not match', async () => { getIdentityPoolRolesResponse = { - $metadata: { - httpStatusCode: 200, - }, + ...httpSuccess, IdentityPoolId: SampleInputProperties.identityPoolId, Roles: { authenticated: 'wrongAuthRole', @@ -448,9 +416,7 @@ void describe('ReferenceAuthInitializer', () => { }); void it('fails gracefully if unauth role ARN does not match', async () => { getIdentityPoolRolesResponse = { - $metadata: { - httpStatusCode: 200, - }, + ...httpSuccess, IdentityPoolId: SampleInputProperties.identityPoolId, Roles: { authenticated: SampleInputProperties.authRoleArn, @@ -464,9 +430,7 @@ void describe('ReferenceAuthInitializer', () => { }); void it('fails gracefully if user pool client is not a web client', async () => { describeUserPoolClientResponse = { - $metadata: { - httpStatusCode: 200, - }, + ...httpSuccess, UserPoolClient: { ...UserPoolClient, ClientSecret: 'sample', From 3c5f9a97f17e63fb463002934118c13a9efc5dd6 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Mon, 14 Oct 2024 16:52:59 -0700 Subject: [PATCH 37/61] chore: more cleanup --- .../lambda/reference_auth_initializer.test.ts | 40 +++++++++---------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts b/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts index 1d64966fbc..59e00c4444 100644 --- a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts +++ b/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts @@ -113,7 +113,7 @@ void describe('ReferenceAuthInitializer', () => { const rejectsAndMatchError = async ( fn: Promise, expectedErrorMessage: string - ) => { + ): Promise => { await assert.rejects(fn, (error: Error) => { assert.strictEqual(error.message, expectedErrorMessage); return true; @@ -229,7 +229,7 @@ void describe('ReferenceAuthInitializer', () => { assert.deepEqual(result.Status, 'SUCCESS'); }); - void it('fails gracefully if fetching user pool fails', async () => { + void it('throws if fetching user pool fails', async () => { describeUserPoolResponse = httpError; await rejectsAndMatchError( handler.handleEvent(createCfnEvent), @@ -237,7 +237,7 @@ void describe('ReferenceAuthInitializer', () => { ); }); - void it('fails gracefully if fetching user pool fails', async () => { + void it('throws if fetching user pool fails', async () => { describeUserPoolResponse = { ...httpSuccess, UserPool: undefined, @@ -248,7 +248,7 @@ void describe('ReferenceAuthInitializer', () => { ); }); - void it('fails gracefully if user pool has no password policy', async () => { + void it('throws if user pool has no password policy', async () => { describeUserPoolResponse = { ...httpSuccess, UserPool: { @@ -262,7 +262,7 @@ void describe('ReferenceAuthInitializer', () => { ); }); - void it('fails gracefully if fetching user pool MFA config fails', async () => { + void it('throws if fetching user pool MFA config fails', async () => { getUserPoolMfaConfigResponse = httpError; await rejectsAndMatchError( handler.handleEvent(createCfnEvent), @@ -270,7 +270,7 @@ void describe('ReferenceAuthInitializer', () => { ); }); - void it('fails gracefully if fetching user pool providers fails', async () => { + void it('throws if fetching user pool providers fails', async () => { listIdentityProvidersResponse = { $metadata: { httpStatusCode: 500, @@ -282,7 +282,7 @@ void describe('ReferenceAuthInitializer', () => { awsSDKErrorMessageMock.message ); }); - void it('fails gracefully if fetching user pool providers returns undefined', async () => { + void it('throws if fetching user pool providers returns undefined', async () => { listIdentityProvidersResponse = { ...httpSuccess, Providers: undefined, @@ -293,14 +293,14 @@ void describe('ReferenceAuthInitializer', () => { ); }); - void it('fails gracefully if fetching user pool client fails', async () => { + void it('throws if fetching user pool client fails', async () => { describeUserPoolClientResponse = httpError; await rejectsAndMatchError( handler.handleEvent(createCfnEvent), awsSDKErrorMessageMock.message ); }); - void it('fails gracefully if fetching user pool client returns undefined', async () => { + void it('throws if fetching user pool client returns undefined', async () => { describeUserPoolClientResponse = { ...httpSuccess, UserPoolClient: undefined, @@ -311,7 +311,7 @@ void describe('ReferenceAuthInitializer', () => { ); }); - void it('fails gracefully if fetching identity pool fails', async () => { + void it('throws if fetching identity pool fails', async () => { describeIdentityPoolResponse = { $metadata: { httpStatusCode: 500, @@ -325,7 +325,7 @@ void describe('ReferenceAuthInitializer', () => { awsSDKErrorMessageMock.message ); }); - void it('fails gracefully if fetching identity pool returns undefined', async () => { + void it('throws if fetching identity pool returns undefined', async () => { describeIdentityPoolResponse = { ...httpSuccess, IdentityPoolId: undefined, @@ -338,14 +338,14 @@ void describe('ReferenceAuthInitializer', () => { ); }); - void it('fails gracefully if fetching identity pool roles fails', async () => { + void it('throws if fetching identity pool roles fails', async () => { getIdentityPoolRolesResponse = httpError; await rejectsAndMatchError( handler.handleEvent(createCfnEvent), awsSDKErrorMessageMock.message ); }); - void it('fails gracefully if fetching identity pool roles return undefined', async () => { + void it('throws if fetching identity pool roles return undefined', async () => { getIdentityPoolRolesResponse = { ...httpSuccess, Roles: undefined, @@ -355,8 +355,8 @@ void describe('ReferenceAuthInitializer', () => { 'An error occurred while retrieving the roles for the identity pool.' ); }); - // fails gracefully if userPool or client doesn't match identity pool - void it('fails gracefully there is not matching userPool for the identity pool', async () => { + // throws if userPool or client doesn't match identity pool + void it('throws there is not matching userPool for the identity pool', async () => { describeIdentityPoolResponse = { ...describeIdentityPoolResponse, CognitoIdentityProviders: [ @@ -373,7 +373,7 @@ void describe('ReferenceAuthInitializer', () => { 'The user pool and user pool client pair do not match any cognito identity providers for the specified identity pool.' ); }); - void it('fails gracefully if identity pool does not have cognito identity providers configured', async () => { + void it('throws if identity pool does not have cognito identity providers configured', async () => { describeIdentityPoolResponse = { ...describeIdentityPoolResponse, CognitoIdentityProviders: [], @@ -383,7 +383,7 @@ void describe('ReferenceAuthInitializer', () => { 'The specified identity pool does not have any cognito identity providers.' ); }); - void it('fails gracefully if the client id does not match any cognito provider on the identity pool', async () => { + void it('throws if the client id does not match any cognito provider on the identity pool', async () => { describeIdentityPoolResponse = { ...describeIdentityPoolResponse, CognitoIdentityProviders: [ @@ -400,7 +400,7 @@ void describe('ReferenceAuthInitializer', () => { 'The user pool and user pool client pair do not match any cognito identity providers for the specified identity pool.' ); }); - void it('fails gracefully if auth role ARN does not match', async () => { + void it('throws if auth role ARN does not match', async () => { getIdentityPoolRolesResponse = { ...httpSuccess, IdentityPoolId: SampleInputProperties.identityPoolId, @@ -414,7 +414,7 @@ void describe('ReferenceAuthInitializer', () => { 'The provided authRoleArn does not match the authenticated role for the specified identity pool.' ); }); - void it('fails gracefully if unauth role ARN does not match', async () => { + void it('throws if unauth role ARN does not match', async () => { getIdentityPoolRolesResponse = { ...httpSuccess, IdentityPoolId: SampleInputProperties.identityPoolId, @@ -428,7 +428,7 @@ void describe('ReferenceAuthInitializer', () => { 'The provided unauthRoleArn does not match the unauthenticated role for the specified identity pool.' ); }); - void it('fails gracefully if user pool client is not a web client', async () => { + void it('throws if user pool client is not a web client', async () => { describeUserPoolClientResponse = { ...httpSuccess, UserPoolClient: { From 8c14444c92fa46644951312b41484fe1a7dfd089 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Tue, 15 Oct 2024 15:37:46 -0700 Subject: [PATCH 38/61] chore: check for alias attributes and fix tests --- .../lambda/reference_auth_initializer.test.ts | 19 +++++++++++++++++-- .../src/lambda/reference_auth_initializer.ts | 11 +++++++++-- .../auth-construct/src/lambda/sample_data.ts | 4 ++-- 3 files changed, 28 insertions(+), 6 deletions(-) diff --git a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts b/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts index 59e00c4444..de5f8b2428 100644 --- a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts +++ b/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts @@ -84,8 +84,8 @@ const expectedData = { userPoolId: SampleInputProperties.userPoolId, webClientId: SampleInputProperties.userPoolClientId, identityPoolId: SampleInputProperties.identityPoolId, - signupAttributes: '["sub","email","name"]', - usernameAttributes: '[]', + signupAttributes: '["sub","email"]', + usernameAttributes: '["email"]', verificationMechanisms: '["email"]', passwordPolicyMinLength: '10', passwordPolicyRequirements: @@ -262,6 +262,21 @@ void describe('ReferenceAuthInitializer', () => { ); }); + void it('throws if user pool uses alias attributes', async () => { + describeUserPoolResponse = { + ...httpSuccess, + UserPool: { + ...UserPool, + UsernameAttributes: [], + AliasAttributes: ['email', 'phone_number'], + }, + }; + await rejectsAndMatchError( + handler.handleEvent(createCfnEvent), + 'The specified user pool is configured with alias attributes which are not currently supported.' + ); + }); + void it('throws if fetching user pool MFA config fails', async () => { getUserPoolMfaConfigResponse = httpError; await rejectsAndMatchError( diff --git a/packages/auth-construct/src/lambda/reference_auth_initializer.ts b/packages/auth-construct/src/lambda/reference_auth_initializer.ts index 19abac366e..7b09a951ad 100644 --- a/packages/auth-construct/src/lambda/reference_auth_initializer.ts +++ b/packages/auth-construct/src/lambda/reference_auth_initializer.ts @@ -81,7 +81,7 @@ export class ReferenceAuthInitializer { props.userPoolClientId ); - this.validateResourceAssociations( + this.validateResources( userPool, userPoolClient, identityPool, @@ -262,7 +262,7 @@ export class ReferenceAuthInitializer { * @param identityPoolRoles identityPool roles * @param props props that include the roles which we compare with the actual roles for the identity pool */ - private validateResourceAssociations = ( + private validateResources = ( userPool: UserPoolType, userPoolClient: UserPoolClientType, identityPool: DescribeIdentityPoolCommandOutput, @@ -278,6 +278,13 @@ export class ReferenceAuthInitializer { 'The specified identity pool does not have any cognito identity providers.' ); } + // check for alias attributes, since we don't support this yet + if (userPool.AliasAttributes && userPool.AliasAttributes.length > 0) { + throw new Error( + 'The specified user pool is configured with alias attributes which are not currently supported.' + ); + } + // verify that the user pool + user pool client pair are configured with the identity pool const matchingProvider = identityPool.CognitoIdentityProviders.find((p) => { const matchingUserPool: boolean = diff --git a/packages/auth-construct/src/lambda/sample_data.ts b/packages/auth-construct/src/lambda/sample_data.ts index e25fdf3dab..3d0104e437 100644 --- a/packages/auth-construct/src/lambda/sample_data.ts +++ b/packages/auth-construct/src/lambda/sample_data.ts @@ -248,7 +248,7 @@ export const UserPool: Readonly = { AttributeDataType: 'String', DeveloperOnlyAttribute: false, Mutable: true, - Required: true, + Required: false, StringAttributeConstraints: { MinLength: '0', MaxLength: '2048', @@ -267,7 +267,7 @@ export const UserPool: Readonly = { }, ], AutoVerifiedAttributes: ['email'], - AliasAttributes: ['email'], + UsernameAttributes: ['email'], VerificationMessageTemplate: { DefaultEmailOption: 'CONFIRM_WITH_CODE', }, From 2ed2ed2505b724287587e531df17086948456008 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Tue, 15 Oct 2024 23:16:51 -0700 Subject: [PATCH 39/61] chore: add support for validating group roles exist for user pool --- .../lambda/reference_auth_initializer.test.ts | 58 +++++++++++++++++++ .../src/lambda/reference_auth_initializer.ts | 44 +++++++++++++- .../auth-construct/src/lambda/sample_data.ts | 13 +++++ .../src/reference_construct.test.ts | 1 + .../auth-construct/src/reference_construct.ts | 2 + packages/auth-construct/src/types.ts | 1 + 6 files changed, 116 insertions(+), 3 deletions(-) diff --git a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts b/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts index de5f8b2428..5b79360f31 100644 --- a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts +++ b/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts @@ -10,6 +10,8 @@ import { DescribeUserPoolCommandOutput, GetUserPoolMfaConfigCommand, GetUserPoolMfaConfigCommandOutput, + ListGroupsCommand, + ListGroupsCommandOutput, ListIdentityProvidersCommand, ListIdentityProvidersCommandOutput, } from '@aws-sdk/client-cognito-identity-provider'; @@ -28,6 +30,7 @@ import { SampleInputProperties, UserPool, UserPoolClient, + UserPoolGroups, } from './sample_data'; const customResourceEventCommon: Omit< @@ -75,6 +78,10 @@ const httpSuccess = { httpStatusCode: 200, }, }; +const groupName = 'ADMINS'; +const groupRoleARN = 'arn:aws:iam::000000000000:role/sample-group-role'; +const groupRoleARNNotOnUserPool = + 'arn:aws:iam::000000000000:role/sample-bad-group-role'; // aws sdk will throw with error message for any non 200 status so we don't need to re-package it const awsSDKErrorMessageMock = new Error('this message comes from the aws sdk'); const uuidMock = () => '00000000-0000-0000-0000-000000000000'; @@ -110,6 +117,7 @@ void describe('ReferenceAuthInitializer', () => { let describeUserPoolClientResponse: DescribeUserPoolClientCommandOutput; let describeIdentityPoolResponse: DescribeIdentityPoolCommandOutput; let getIdentityPoolRolesResponse: GetIdentityPoolRolesCommandOutput; + let listGroupsResponse: ListGroupsCommandOutput; const rejectsAndMatchError = async ( fn: Promise, expectedErrorMessage: string @@ -149,6 +157,10 @@ void describe('ReferenceAuthInitializer', () => { ...httpSuccess, ...IdentityPoolRoles, }; + listGroupsResponse = { + ...httpSuccess, + ...UserPoolGroups, + }; mock.method( identityProviderClient, 'send', @@ -158,6 +170,7 @@ void describe('ReferenceAuthInitializer', () => { | GetUserPoolMfaConfigCommand | ListIdentityProvidersCommand | DescribeUserPoolClientCommand + | ListGroupsCommand ) => { if (request instanceof DescribeUserPoolCommand) { if (describeUserPoolResponse.$metadata.httpStatusCode !== 200) { @@ -183,6 +196,12 @@ void describe('ReferenceAuthInitializer', () => { } return describeUserPoolClientResponse; } + if (request instanceof ListGroupsCommand) { + if (listGroupsResponse.$metadata.httpStatusCode !== 200) { + throw awsSDKErrorMessageMock; + } + return listGroupsResponse; + } return undefined; } ); @@ -277,6 +296,44 @@ void describe('ReferenceAuthInitializer', () => { ); }); + void it('throws if user pool group is not found', async () => { + listGroupsResponse = { + ...httpSuccess, + Groups: [ + { + GroupName: 'OTHERGROUP', + RoleArn: groupRoleARNNotOnUserPool, + }, + ], + }; + await rejectsAndMatchError( + handler.handleEvent(createCfnEvent), + `The group '${groupName}' with role '${groupRoleARN}' does not match any group for the specified user pool.` + ); + }); + + void it('throws if user pool groups request fails', async () => { + listGroupsResponse = { + ...httpError, + Groups: undefined, + }; + await rejectsAndMatchError( + handler.handleEvent(createCfnEvent), + awsSDKErrorMessageMock.message + ); + }); + + void it('throws if user pool groups response is undefined', async () => { + listGroupsResponse = { + ...httpSuccess, + Groups: undefined, + }; + await rejectsAndMatchError( + handler.handleEvent(createCfnEvent), + 'An error occurred while retrieving the groups for the user pool.' + ); + }); + void it('throws if fetching user pool MFA config fails', async () => { getUserPoolMfaConfigResponse = httpError; await rejectsAndMatchError( @@ -297,6 +354,7 @@ void describe('ReferenceAuthInitializer', () => { awsSDKErrorMessageMock.message ); }); + void it('throws if fetching user pool providers returns undefined', async () => { listIdentityProvidersResponse = { ...httpSuccess, diff --git a/packages/auth-construct/src/lambda/reference_auth_initializer.ts b/packages/auth-construct/src/lambda/reference_auth_initializer.ts index 7b09a951ad..c81481363c 100644 --- a/packages/auth-construct/src/lambda/reference_auth_initializer.ts +++ b/packages/auth-construct/src/lambda/reference_auth_initializer.ts @@ -9,6 +9,8 @@ import { DescribeUserPoolCommand, GetUserPoolMfaConfigCommand, GetUserPoolMfaConfigCommandOutput, + GroupType, + ListGroupsCommand, ListIdentityProvidersCommand, PasswordPolicyType, ProviderDescription, @@ -70,9 +72,10 @@ export class ReferenceAuthInitializer { const { userPool, userPoolPasswordPolicy, - userPoolClient, userPoolMFA, + userPoolGroups, userPoolProviders, + userPoolClient, identityPool, roles, } = await this.getResourceDetails( @@ -83,6 +86,7 @@ export class ReferenceAuthInitializer { this.validateResources( userPool, + userPoolGroups, userPoolClient, identityPool, roles, @@ -151,6 +155,27 @@ export class ReferenceAuthInitializer { return mfaResponse; }; + private getUserPoolGroups = async (userPoolId: string) => { + let nextToken: string | undefined; + const groups: GroupType[] = []; + do { + const listGroupsResponse = await this.cognitoIdentityProviderClient.send( + new ListGroupsCommand({ + UserPoolId: userPoolId, + NextToken: nextToken, + }) + ); + if (!listGroupsResponse.Groups) { + throw new Error( + 'An error occurred while retrieving the groups for the user pool.' + ); + } + groups.push(...listGroupsResponse.Groups); + nextToken = listGroupsResponse.NextToken; + } while (nextToken); + return groups; + }; + private getUserPoolProviders = async (userPoolId: string) => { const providers: ProviderDescription[] = []; let nextToken: string | undefined; @@ -234,6 +259,7 @@ export class ReferenceAuthInitializer { ); const userPoolMFA = await this.getUserPoolMFASettings(userPoolId); const userPoolProviders = await this.getUserPoolProviders(userPoolId); + const userPoolGroups = await this.getUserPoolGroups(userPoolId); const userPoolClient = await this.getUserPoolClient( userPoolId, userPoolClientId @@ -243,9 +269,10 @@ export class ReferenceAuthInitializer { return { userPool, userPoolPasswordPolicy, - userPoolClient, userPoolMFA, userPoolProviders, + userPoolGroups, + userPoolClient, identityPool, roles, }; @@ -257,6 +284,7 @@ export class ReferenceAuthInitializer { * 2. make sure the provided auth/unauth role ARNs match the roles for the identity pool * 3. make sure the user pool client is a web client * @param userPool userPool + * @param userPoolGroups the existing groups for the userPool * @param userPoolClient userPoolClient * @param identityPool identityPool * @param identityPoolRoles identityPool roles @@ -264,6 +292,7 @@ export class ReferenceAuthInitializer { */ private validateResources = ( userPool: UserPoolType, + userPoolGroups: GroupType[], userPoolClient: UserPoolClientType, identityPool: DescribeIdentityPoolCommandOutput, identityPoolRoles: Record, @@ -284,7 +313,16 @@ export class ReferenceAuthInitializer { 'The specified user pool is configured with alias attributes which are not currently supported.' ); } - + // make sure props groups Roles actually exist for the user pool + const groupEntries = Object.entries(props.groups); + for (const [groupName, groupRoleARN] of groupEntries) { + const match = userPoolGroups.find((g) => g.RoleArn === groupRoleARN); + if (match === undefined) { + throw new Error( + `The group '${groupName}' with role '${groupRoleARN}' does not match any group for the specified user pool.` + ); + } + } // verify that the user pool + user pool client pair are configured with the identity pool const matchingProvider = identityPool.CognitoIdentityProviders.find((p) => { const matchingUserPool: boolean = diff --git a/packages/auth-construct/src/lambda/sample_data.ts b/packages/auth-construct/src/lambda/sample_data.ts index 3d0104e437..48ca0dc125 100644 --- a/packages/auth-construct/src/lambda/sample_data.ts +++ b/packages/auth-construct/src/lambda/sample_data.ts @@ -1,6 +1,7 @@ import { IdentityPool as IdentityPoolType } from '@aws-sdk/client-cognito-identity'; import { GetUserPoolMfaConfigCommandOutput, + ListGroupsResponse, ProviderDescription, UserPoolClientType, UserPoolType, @@ -16,6 +17,9 @@ export const SampleInputProperties: ReferenceAuthInitializerProps = { identityPoolId: 'us-east-1:sample-identity-pool-id', userPoolClientId: 'sampleUserPoolClientId', userPoolId: 'us-east-1_userpoolTest', + groups: { + ADMINS: 'arn:aws:iam::000000000000:role/sample-group-role', + }, region: 'us-east-1', }; /** @@ -299,6 +303,15 @@ export const UserPool: Readonly = { }, }; +export const UserPoolGroups: Readonly = { + Groups: [ + { + GroupName: 'sample-group-name', + RoleArn: 'arn:aws:iam::000000000000:role/sample-group-role', + }, + ], +}; + /** * Sample data from get user pool mfa config */ diff --git a/packages/auth-construct/src/reference_construct.test.ts b/packages/auth-construct/src/reference_construct.test.ts index 3a2b609ea4..e77e2dc88f 100644 --- a/packages/auth-construct/src/reference_construct.test.ts +++ b/packages/auth-construct/src/reference_construct.test.ts @@ -49,6 +49,7 @@ void describe('AmplifyConstruct', () => { 'cognito-idp:DescribeUserPool', 'cognito-idp:GetUserPoolMfaConfig', 'cognito-idp:ListIdentityProviders', + 'cognito-idp:ListGroups', 'cognito-idp:DescribeUserPoolClient', ], Effect: 'Allow', diff --git a/packages/auth-construct/src/reference_construct.ts b/packages/auth-construct/src/reference_construct.ts index 54639b4741..d15df4df20 100644 --- a/packages/auth-construct/src/reference_construct.ts +++ b/packages/auth-construct/src/reference_construct.ts @@ -127,6 +127,7 @@ export class AmplifyReferenceAuth 'cognito-idp:DescribeUserPool', 'cognito-idp:GetUserPoolMfaConfig', 'cognito-idp:ListIdentityProviders', + 'cognito-idp:ListGroups', 'cognito-idp:DescribeUserPoolClient', ], resources: [this.resources.userPool.userPoolArn], @@ -159,6 +160,7 @@ export class AmplifyReferenceAuth userPoolClientId: props.userPoolClientId, authRoleArn: props.authRoleArn, unauthRoleArn: props.unauthRoleArn, + groups: props.groups ?? {}, region: Stack.of(this).region, }; // custom resource diff --git a/packages/auth-construct/src/types.ts b/packages/auth-construct/src/types.ts index 460b8c6c8f..c73265dc17 100644 --- a/packages/auth-construct/src/types.ts +++ b/packages/auth-construct/src/types.ts @@ -514,5 +514,6 @@ export type ReferenceAuthInitializerProps = { authRoleArn: string; unauthRoleArn: string; userPoolClientId: string; + groups: Record; region: string; }; From 07e33d6e4c44f81443976e613ee9056227db6d73 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Tue, 15 Oct 2024 23:39:06 -0700 Subject: [PATCH 40/61] chore: update package-lock file --- package-lock.json | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/package-lock.json b/package-lock.json index 225ca7152a..52a0ecd5ed 100644 --- a/package-lock.json +++ b/package-lock.json @@ -31427,7 +31427,7 @@ }, "packages/ai-constructs": { "name": "@aws-amplify/ai-constructs", - "version": "0.4.0", + "version": "0.5.0", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.3.0", @@ -31471,15 +31471,15 @@ }, "packages/backend": { "name": "@aws-amplify/backend", - "version": "1.4.0", + "version": "1.5.0", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-auth": "^1.2.0", "@aws-amplify/backend-data": "^1.1.4", - "@aws-amplify/backend-function": "^1.6.0", + "@aws-amplify/backend-function": "^1.7.0", "@aws-amplify/backend-output-schemas": "^1.3.0", "@aws-amplify/backend-output-storage": "^1.1.2", - "@aws-amplify/backend-secret": "^1.1.2", + "@aws-amplify/backend-secret": "^1.1.4", "@aws-amplify/backend-storage": "^1.2.1", "@aws-amplify/client-config": "^1.4.0", "@aws-amplify/data-schema": "^1.0.0", @@ -31500,10 +31500,10 @@ }, "packages/backend-ai": { "name": "@aws-amplify/backend-ai", - "version": "0.3.0", + "version": "0.3.1", "license": "Apache-2.0", "dependencies": { - "@aws-amplify/ai-constructs": "^0.4.0", + "@aws-amplify/ai-constructs": "^0.5.0", "@aws-amplify/backend-output-schemas": "^1.3.0", "@aws-amplify/backend-output-storage": "^1.0.2", "@aws-amplify/platform-core": "^1.1.0", @@ -31555,7 +31555,7 @@ }, "packages/backend-deployer": { "name": "@aws-amplify/backend-deployer", - "version": "1.1.4", + "version": "1.1.5", "license": "Apache-2.0", "dependencies": { "@aws-amplify/platform-core": "^1.0.6", @@ -31570,7 +31570,7 @@ }, "packages/backend-function": { "name": "@aws-amplify/backend-function", - "version": "1.6.0", + "version": "1.7.0", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.1.0", @@ -31640,7 +31640,7 @@ }, "packages/backend-secret": { "name": "@aws-amplify/backend-secret", - "version": "1.1.3", + "version": "1.1.4", "license": "Apache-2.0", "dependencies": { "@aws-amplify/platform-core": "^1.0.5", @@ -32014,11 +32014,11 @@ "license": "Apache-2.0", "devDependencies": { "@apollo/client": "^3.10.1", - "@aws-amplify/ai-constructs": "^0.4.0", + "@aws-amplify/ai-constructs": "^0.5.0", "@aws-amplify/auth-construct": "^1.3.1", - "@aws-amplify/backend": "^1.4.0", - "@aws-amplify/backend-ai": "^0.3.0", - "@aws-amplify/backend-secret": "^1.1.2", + "@aws-amplify/backend": "^1.5.0", + "@aws-amplify/backend-ai": "^0.3.1", + "@aws-amplify/backend-secret": "^1.1.4", "@aws-amplify/client-config": "^1.4.0", "@aws-amplify/data-schema": "^1.0.0", "@aws-amplify/deployed-backend-client": "^1.4.1", From 0cccf4b8df738a8b9d497d97683e34110ebe02cf Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 16 Oct 2024 13:32:19 -0700 Subject: [PATCH 41/61] chore: add checks for oauth validation --- .../lambda/reference_auth_initializer.test.ts | 41 +++++++++++++++++++ .../src/lambda/reference_auth_initializer.ts | 31 ++++++++++++++ 2 files changed, 72 insertions(+) diff --git a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts b/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts index 5b79360f31..6bb3a3e4ad 100644 --- a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts +++ b/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts @@ -296,6 +296,21 @@ void describe('ReferenceAuthInitializer', () => { ); }); + void it('throws if user pool does not have a domain configured and external login providers are enabled', async () => { + describeUserPoolResponse = { + ...httpSuccess, + UserPool: { + ...UserPool, + Domain: undefined, + CustomDomain: undefined, + }, + }; + await rejectsAndMatchError( + handler.handleEvent(createCfnEvent), + 'You must configure a domain for your UserPool if external login providers are enabled.' + ); + }); + void it('throws if user pool group is not found', async () => { listGroupsResponse = { ...httpSuccess, @@ -383,6 +398,32 @@ void describe('ReferenceAuthInitializer', () => { 'An error occurred while retrieving the user pool client details.' ); }); + void it('throws if user pool client does not have sign-out / logout URLs configured and external login providers are enabled', async () => { + describeUserPoolClientResponse = { + ...httpSuccess, + UserPoolClient: { + ...UserPoolClient, + LogoutURLs: [], + }, + }; + await rejectsAndMatchError( + handler.handleEvent(createCfnEvent), + 'You UserPool client must have "Allowed sign-out URLs" configured if external login providers are enabled.' + ); + }); + void it('throws if user pool client does not have callback URLs configured and external login providers are enabled', async () => { + describeUserPoolClientResponse = { + ...httpSuccess, + UserPoolClient: { + ...UserPoolClient, + CallbackURLs: [], + }, + }; + await rejectsAndMatchError( + handler.handleEvent(createCfnEvent), + 'You UserPool client must have "Allowed callback URLs" configured if external login providers are enabled.' + ); + }); void it('throws if fetching identity pool fails', async () => { describeIdentityPoolResponse = { diff --git a/packages/auth-construct/src/lambda/reference_auth_initializer.ts b/packages/auth-construct/src/lambda/reference_auth_initializer.ts index c81481363c..33ce042590 100644 --- a/packages/auth-construct/src/lambda/reference_auth_initializer.ts +++ b/packages/auth-construct/src/lambda/reference_auth_initializer.ts @@ -86,6 +86,7 @@ export class ReferenceAuthInitializer { this.validateResources( userPool, + userPoolProviders, userPoolGroups, userPoolClient, identityPool, @@ -284,6 +285,7 @@ export class ReferenceAuthInitializer { * 2. make sure the provided auth/unauth role ARNs match the roles for the identity pool * 3. make sure the user pool client is a web client * @param userPool userPool + * @param userPoolProviders the user pool providers * @param userPoolGroups the existing groups for the userPool * @param userPoolClient userPoolClient * @param identityPool identityPool @@ -292,6 +294,7 @@ export class ReferenceAuthInitializer { */ private validateResources = ( userPool: UserPoolType, + userPoolProviders: ProviderDescription[], userPoolGroups: GroupType[], userPoolClient: UserPoolClientType, identityPool: DescribeIdentityPoolCommandOutput, @@ -313,6 +316,34 @@ export class ReferenceAuthInitializer { 'The specified user pool is configured with alias attributes which are not currently supported.' ); } + + // check OAuth settings + if (userPoolProviders.length > 0) { + // validate user pool + const domainSpecified = userPool.Domain || userPool.CustomDomain; + if (!domainSpecified) { + throw new Error( + 'You must configure a domain for your UserPool if external login providers are enabled.' + ); + } + + // validate user pool client + const hasLogoutUrls = + userPoolClient.LogoutURLs && userPoolClient.LogoutURLs.length > 0; + const hasCallbackUrls = + userPoolClient.CallbackURLs && userPoolClient.CallbackURLs.length > 0; + if (!hasLogoutUrls) { + throw new Error( + 'You UserPool client must have "Allowed sign-out URLs" configured if external login providers are enabled.' + ); + } + if (!hasCallbackUrls) { + throw new Error( + 'You UserPool client must have "Allowed callback URLs" configured if external login providers are enabled.' + ); + } + } + // make sure props groups Roles actually exist for the user pool const groupEntries = Object.entries(props.groups); for (const [groupName, groupRoleARN] of groupEntries) { From ee8c52a556d4e569c86dec08aa03fe2f6b35eb21 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 16 Oct 2024 13:43:53 -0700 Subject: [PATCH 42/61] chore: fix typo --- .../src/lambda/reference_auth_initializer.test.ts | 4 ++-- .../auth-construct/src/lambda/reference_auth_initializer.ts | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts b/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts index 6bb3a3e4ad..63afac3f4a 100644 --- a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts +++ b/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts @@ -408,7 +408,7 @@ void describe('ReferenceAuthInitializer', () => { }; await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - 'You UserPool client must have "Allowed sign-out URLs" configured if external login providers are enabled.' + 'Your UserPool client must have "Allowed sign-out URLs" configured if external login providers are enabled.' ); }); void it('throws if user pool client does not have callback URLs configured and external login providers are enabled', async () => { @@ -421,7 +421,7 @@ void describe('ReferenceAuthInitializer', () => { }; await rejectsAndMatchError( handler.handleEvent(createCfnEvent), - 'You UserPool client must have "Allowed callback URLs" configured if external login providers are enabled.' + 'Your UserPool client must have "Allowed callback URLs" configured if external login providers are enabled.' ); }); diff --git a/packages/auth-construct/src/lambda/reference_auth_initializer.ts b/packages/auth-construct/src/lambda/reference_auth_initializer.ts index 33ce042590..767f58595b 100644 --- a/packages/auth-construct/src/lambda/reference_auth_initializer.ts +++ b/packages/auth-construct/src/lambda/reference_auth_initializer.ts @@ -334,12 +334,12 @@ export class ReferenceAuthInitializer { userPoolClient.CallbackURLs && userPoolClient.CallbackURLs.length > 0; if (!hasLogoutUrls) { throw new Error( - 'You UserPool client must have "Allowed sign-out URLs" configured if external login providers are enabled.' + 'Your UserPool client must have "Allowed sign-out URLs" configured if external login providers are enabled.' ); } if (!hasCallbackUrls) { throw new Error( - 'You UserPool client must have "Allowed callback URLs" configured if external login providers are enabled.' + 'Your UserPool client must have "Allowed callback URLs" configured if external login providers are enabled.' ); } } From 2681a50f25478b7c43db1880afad957642f7aa11 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 16 Oct 2024 13:51:31 -0700 Subject: [PATCH 43/61] chore: eliminate forcing updates on any change --- packages/auth-construct/src/reference_construct.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/packages/auth-construct/src/reference_construct.ts b/packages/auth-construct/src/reference_construct.ts index d15df4df20..7fd5c304fe 100644 --- a/packages/auth-construct/src/reference_construct.ts +++ b/packages/auth-construct/src/reference_construct.ts @@ -171,7 +171,6 @@ export class AmplifyReferenceAuth serviceToken: provider.serviceToken, properties: { ...initializerProps, - lastUpdated: Date.now(), }, resourceType: RESOURCE_TYPE, } From 97f94270937a8d42533e6f94436f33ec976e7b7f Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 16 Oct 2024 14:03:47 -0700 Subject: [PATCH 44/61] chore: remove commented out code --- packages/auth-construct/src/reference_construct.test.ts | 3 --- 1 file changed, 3 deletions(-) diff --git a/packages/auth-construct/src/reference_construct.test.ts b/packages/auth-construct/src/reference_construct.test.ts index e77e2dc88f..b82999e6e5 100644 --- a/packages/auth-construct/src/reference_construct.test.ts +++ b/packages/auth-construct/src/reference_construct.test.ts @@ -22,9 +22,6 @@ const refAuthProps: ReferenceAuthProps = { }; void describe('AmplifyConstruct', () => { - // beforeEach(() => { - - // }) void it('creates custom resource initializer', () => { const app = new App(); const stack = new Stack(app); From 30866c546feafa91a12434dd69fb6d0c1233fec0 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 16 Oct 2024 14:30:43 -0700 Subject: [PATCH 45/61] chore: merge factory count into single count for all auth factories --- packages/backend-auth/src/factory.test.ts | 4 ++-- packages/backend-auth/src/factory.ts | 4 ++-- packages/backend-auth/src/reference_factory.test.ts | 8 ++++---- packages/backend-auth/src/reference_factory.ts | 12 +++++------- 4 files changed, 13 insertions(+), 15 deletions(-) diff --git a/packages/backend-auth/src/factory.test.ts b/packages/backend-auth/src/factory.test.ts index bbf285b7cd..f41c00bd45 100644 --- a/packages/backend-auth/src/factory.test.ts +++ b/packages/backend-auth/src/factory.test.ts @@ -151,8 +151,8 @@ void describe('AmplifyAuthFactory', () => { }, new AmplifyUserError('MultipleSingletonResourcesError', { message: - 'Multiple `defineAuth` calls are not allowed within an Amplify backend', - resolution: 'Remove all but one `defineAuth` call', + 'Multiple `defineAuth` or `referenceAuth` calls are not allowed within an Amplify backend', + resolution: 'Remove all but one `defineAuth` or `referenceAuth` call', }) ); }); diff --git a/packages/backend-auth/src/factory.ts b/packages/backend-auth/src/factory.ts index 02edd4695c..76710084ba 100644 --- a/packages/backend-auth/src/factory.ts +++ b/packages/backend-auth/src/factory.ts @@ -87,8 +87,8 @@ export class AmplifyAuthFactory implements ConstructFactory { if (AmplifyAuthFactory.factoryCount > 0) { throw new AmplifyUserError('MultipleSingletonResourcesError', { message: - 'Multiple `defineAuth` calls are not allowed within an Amplify backend', - resolution: 'Remove all but one `defineAuth` call', + 'Multiple `defineAuth` or `referenceAuth` calls are not allowed within an Amplify backend', + resolution: 'Remove all but one `defineAuth` or `referenceAuth` call', }); } AmplifyAuthFactory.factoryCount++; diff --git a/packages/backend-auth/src/reference_factory.test.ts b/packages/backend-auth/src/reference_factory.test.ts index 71633f28d2..ee16e7317e 100644 --- a/packages/backend-auth/src/reference_factory.test.ts +++ b/packages/backend-auth/src/reference_factory.test.ts @@ -23,11 +23,11 @@ import { import { Policy, PolicyStatement } from 'aws-cdk-lib/aws-iam'; import { AmplifyUserError } from '@aws-amplify/platform-core'; import { - AmplifyReferenceAuthFactory, AmplifyReferenceAuthProps, BackendReferenceAuth, referenceAuth, } from './reference_factory.js'; +import { AmplifyAuthFactory } from './factory.js'; const defaultReferenceAuthProps: AmplifyReferenceAuthProps = { authRoleArn: 'arn:aws:iam::000000000000:role/amplify-sample-auth-role-name', @@ -127,8 +127,8 @@ void describe('AmplifyReferenceAuthFactory', () => { }, new AmplifyUserError('MultipleSingletonResourcesError', { message: - 'Multiple `referenceAuth` calls are not allowed within an Amplify backend', - resolution: 'Remove all but one `referenceAuth` call', + 'Multiple `defineAuth` or `referenceAuth` calls are not allowed within an Amplify backend', + resolution: 'Remove all but one `defineAuth` or `referenceAuth` call', }) ); }); @@ -275,5 +275,5 @@ void describe('AmplifyReferenceAuthFactory', () => { }); const resetFactoryCount = () => { - AmplifyReferenceAuthFactory.factoryCount = 0; + AmplifyAuthFactory.factoryCount = 0; }; diff --git a/packages/backend-auth/src/reference_factory.ts b/packages/backend-auth/src/reference_factory.ts index 3fd7689d4b..3c3b0a8438 100644 --- a/packages/backend-auth/src/reference_factory.ts +++ b/packages/backend-auth/src/reference_factory.ts @@ -22,6 +22,7 @@ import { AuthAccessPolicyArbiterFactory } from './auth_access_policy_arbiter.js' import { Stack, Tags } from 'aws-cdk-lib'; import { Policy } from 'aws-cdk-lib/aws-iam'; import { UserPoolAccessPolicyFactory } from './userpool_access_policy_factory.js'; +import { AmplifyAuthFactory } from './factory.js'; export type BackendReferenceAuth = ResourceProvider & ResourceAccessAcceptorFactory & @@ -48,9 +49,6 @@ export type AmplifyReferenceAuthProps = Expand< export class AmplifyReferenceAuthFactory implements ConstructFactory { - // publicly accessible for testing purpose only. - static factoryCount = 0; - readonly provides = 'AuthResources'; private generator: ConstructContainerEntryGenerator; @@ -63,14 +61,14 @@ export class AmplifyReferenceAuthFactory // eslint-disable-next-line amplify-backend-rules/prefer-amplify-errors private readonly importStack = new Error().stack ) { - if (AmplifyReferenceAuthFactory.factoryCount > 0) { + if (AmplifyAuthFactory.factoryCount > 0) { throw new AmplifyUserError('MultipleSingletonResourcesError', { message: - 'Multiple `referenceAuth` calls are not allowed within an Amplify backend', - resolution: 'Remove all but one `referenceAuth` call', + 'Multiple `defineAuth` or `referenceAuth` calls are not allowed within an Amplify backend', + resolution: 'Remove all but one `defineAuth` or `referenceAuth` call', }); } - AmplifyReferenceAuthFactory.factoryCount++; + AmplifyAuthFactory.factoryCount++; } /** * Get a singleton instance of AmplifyReferenceAuth From e746416552c855faba006966c371dee0ef31fa0a Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 16 Oct 2024 14:57:40 -0700 Subject: [PATCH 46/61] chore: move sample data and npmignore it --- .../src/lambda/reference_auth_initializer.test.ts | 2 +- .../src/{lambda => test-resources}/sample_data.ts | 0 packages/backend-auth/.npmignore | 1 + 3 files changed, 2 insertions(+), 1 deletion(-) rename packages/auth-construct/src/{lambda => test-resources}/sample_data.ts (100%) diff --git a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts b/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts index 63afac3f4a..6cef2387a5 100644 --- a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts +++ b/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts @@ -31,7 +31,7 @@ import { UserPool, UserPoolClient, UserPoolGroups, -} from './sample_data'; +} from '../test-resources/sample_data'; const customResourceEventCommon: Omit< CloudFormationCustomResourceEvent, diff --git a/packages/auth-construct/src/lambda/sample_data.ts b/packages/auth-construct/src/test-resources/sample_data.ts similarity index 100% rename from packages/auth-construct/src/lambda/sample_data.ts rename to packages/auth-construct/src/test-resources/sample_data.ts diff --git a/packages/backend-auth/.npmignore b/packages/backend-auth/.npmignore index dbde1fb5db..78143c7113 100644 --- a/packages/backend-auth/.npmignore +++ b/packages/backend-auth/.npmignore @@ -10,5 +10,6 @@ # Then ignore test js and ts declaration files *.test.js *.test.d.ts +**/test-resources/** # This leaves us with including only js and ts declaration files of functional code From 41566402b627a20fb85cc76b498b776da3741601 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 16 Oct 2024 15:01:01 -0700 Subject: [PATCH 47/61] chore: cleanup --- packages/auth-construct/.npmignore | 1 + packages/backend-auth/.npmignore | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/auth-construct/.npmignore b/packages/auth-construct/.npmignore index dbde1fb5db..0eedb937cc 100644 --- a/packages/auth-construct/.npmignore +++ b/packages/auth-construct/.npmignore @@ -10,5 +10,6 @@ # Then ignore test js and ts declaration files *.test.js *.test.d.ts +**/test_resources/** # This leaves us with including only js and ts declaration files of functional code diff --git a/packages/backend-auth/.npmignore b/packages/backend-auth/.npmignore index 78143c7113..dbde1fb5db 100644 --- a/packages/backend-auth/.npmignore +++ b/packages/backend-auth/.npmignore @@ -10,6 +10,5 @@ # Then ignore test js and ts declaration files *.test.js *.test.d.ts -**/test-resources/** # This leaves us with including only js and ts declaration files of functional code From 46ad0491527e2eb36c72980846ed3baa11f93826 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 16 Oct 2024 15:19:32 -0700 Subject: [PATCH 48/61] chore: fix path --- packages/auth-construct/.npmignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/auth-construct/.npmignore b/packages/auth-construct/.npmignore index 0eedb937cc..78143c7113 100644 --- a/packages/auth-construct/.npmignore +++ b/packages/auth-construct/.npmignore @@ -10,6 +10,6 @@ # Then ignore test js and ts declaration files *.test.js *.test.d.ts -**/test_resources/** +**/test-resources/** # This leaves us with including only js and ts declaration files of functional code From 6971eea5127197e83b8091f98c90a22eb966de44 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Fri, 1 Nov 2024 13:50:57 -0700 Subject: [PATCH 49/61] chore: update package lock --- package-lock.json | 130 +++++++++++++++++++++++----------------------- 1 file changed, 65 insertions(+), 65 deletions(-) diff --git a/package-lock.json b/package-lock.json index 5cfee2c88c..a6a2cb7c4b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -31730,18 +31730,18 @@ }, "packages/ai-constructs": { "name": "@aws-amplify/ai-constructs", - "version": "0.7.0", + "version": "0.8.0", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.4.0", "@aws-amplify/platform-core": "^1.1.0", - "@aws-amplify/plugin-types": "^1.0.1", + "@aws-amplify/plugin-types": "^1.3.1", "@aws-sdk/client-bedrock-runtime": "^3.622.0", "@smithy/types": "^3.3.0", "json-schema-to-ts": "^3.1.1" }, "devDependencies": { - "@aws-amplify/backend-output-storage": "^1.1.2", + "@aws-amplify/backend-output-storage": "^1.1.3", "typescript": "^5.0.0" }, "peerDependencies": { @@ -31755,12 +31755,12 @@ }, "packages/auth-construct": { "name": "@aws-amplify/auth-construct", - "version": "1.3.2", + "version": "1.4.0", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.4.0", - "@aws-amplify/backend-output-storage": "^1.1.2", - "@aws-amplify/plugin-types": "^1.2.2", + "@aws-amplify/backend-output-storage": "^1.1.3", + "@aws-amplify/plugin-types": "^1.3.1", "@aws-sdk/client-cognito-identity": "^3.624.0", "@aws-sdk/client-cognito-identity-provider": "^3.624.0", "@aws-sdk/util-arn-parser": "^3.568.0", @@ -31774,20 +31774,20 @@ }, "packages/backend": { "name": "@aws-amplify/backend", - "version": "1.5.2", + "version": "1.6.0", "license": "Apache-2.0", "dependencies": { - "@aws-amplify/backend-auth": "^1.2.0", - "@aws-amplify/backend-data": "^1.1.5", - "@aws-amplify/backend-function": "^1.7.2", + "@aws-amplify/backend-auth": "^1.3.0", + "@aws-amplify/backend-data": "^1.1.6", + "@aws-amplify/backend-function": "^1.7.3", "@aws-amplify/backend-output-schemas": "^1.4.0", - "@aws-amplify/backend-output-storage": "^1.1.2", + "@aws-amplify/backend-output-storage": "^1.1.3", "@aws-amplify/backend-secret": "^1.1.4", - "@aws-amplify/backend-storage": "^1.2.1", - "@aws-amplify/client-config": "^1.5.0", + "@aws-amplify/backend-storage": "^1.2.2", + "@aws-amplify/client-config": "^1.5.1", "@aws-amplify/data-schema": "^1.0.0", "@aws-amplify/platform-core": "^1.1.0", - "@aws-amplify/plugin-types": "^1.3.0", + "@aws-amplify/plugin-types": "^1.3.1", "@aws-sdk/client-amplify": "^3.624.0", "lodash.snakecase": "^4.1.1" }, @@ -31803,15 +31803,15 @@ }, "packages/backend-ai": { "name": "@aws-amplify/backend-ai", - "version": "0.3.4", + "version": "0.3.5", "license": "Apache-2.0", "dependencies": { - "@aws-amplify/ai-constructs": "^0.7.0", + "@aws-amplify/ai-constructs": "^0.8.0", "@aws-amplify/backend-output-schemas": "^1.4.0", - "@aws-amplify/backend-output-storage": "^1.0.2", + "@aws-amplify/backend-output-storage": "^1.1.3", "@aws-amplify/data-schema-types": "^1.2.0", "@aws-amplify/platform-core": "^1.1.0", - "@aws-amplify/plugin-types": "^1.0.1" + "@aws-amplify/plugin-types": "^1.3.1" }, "peerDependencies": { "aws-cdk-lib": "^2.158.0", @@ -31820,15 +31820,15 @@ }, "packages/backend-auth": { "name": "@aws-amplify/backend-auth", - "version": "1.2.0", + "version": "1.3.0", "license": "Apache-2.0", "dependencies": { - "@aws-amplify/auth-construct": "^1.3.1", - "@aws-amplify/backend-output-storage": "^1.1.2", - "@aws-amplify/plugin-types": "^1.3.0" + "@aws-amplify/auth-construct": "^1.4.0", + "@aws-amplify/backend-output-storage": "^1.1.3", + "@aws-amplify/plugin-types": "^1.3.1" }, "devDependencies": { - "@aws-amplify/backend-platform-test-stubs": "^0.3.5", + "@aws-amplify/backend-platform-test-stubs": "^0.3.6", "@aws-amplify/platform-core": "^1.0.6" }, "peerDependencies": { @@ -31838,17 +31838,17 @@ }, "packages/backend-data": { "name": "@aws-amplify/backend-data", - "version": "1.1.5", + "version": "1.1.6", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.4.0", - "@aws-amplify/backend-output-storage": "^1.1.2", + "@aws-amplify/backend-output-storage": "^1.1.3", "@aws-amplify/data-construct": "^1.10.1", "@aws-amplify/data-schema-types": "^1.2.0", - "@aws-amplify/plugin-types": "^1.2.2" + "@aws-amplify/plugin-types": "^1.3.1" }, "devDependencies": { - "@aws-amplify/backend-platform-test-stubs": "^0.3.5", + "@aws-amplify/backend-platform-test-stubs": "^0.3.6", "@aws-amplify/data-schema": "^1.0.0", "@aws-amplify/platform-core": "^1.0.7" }, @@ -31859,11 +31859,11 @@ }, "packages/backend-deployer": { "name": "@aws-amplify/backend-deployer", - "version": "1.1.5", + "version": "1.1.6", "license": "Apache-2.0", "dependencies": { "@aws-amplify/platform-core": "^1.0.6", - "@aws-amplify/plugin-types": "^1.2.2", + "@aws-amplify/plugin-types": "^1.3.1", "execa": "^8.0.1", "tsx": "^4.6.1" }, @@ -31874,16 +31874,16 @@ }, "packages/backend-function": { "name": "@aws-amplify/backend-function", - "version": "1.7.2", + "version": "1.7.3", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.4.0", - "@aws-amplify/backend-output-storage": "^1.1.2", - "@aws-amplify/plugin-types": "^1.3.0", + "@aws-amplify/backend-output-storage": "^1.1.3", + "@aws-amplify/plugin-types": "^1.3.1", "execa": "^8.0.1" }, "devDependencies": { - "@aws-amplify/backend-platform-test-stubs": "^0.3.5", + "@aws-amplify/backend-platform-test-stubs": "^0.3.6", "@aws-amplify/platform-core": "^1.1.0", "@aws-sdk/client-ssm": "^3.624.0", "aws-sdk": "^2.1550.0", @@ -31921,12 +31921,12 @@ }, "packages/backend-output-storage": { "name": "@aws-amplify/backend-output-storage", - "version": "1.1.2", + "version": "1.1.3", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.2.0", "@aws-amplify/platform-core": "^1.0.6", - "@aws-amplify/plugin-types": "^1.2.2" + "@aws-amplify/plugin-types": "^1.3.1" }, "peerDependencies": { "aws-cdk-lib": "^2.158.0" @@ -31934,10 +31934,10 @@ }, "packages/backend-platform-test-stubs": { "name": "@aws-amplify/backend-platform-test-stubs", - "version": "0.3.5", + "version": "0.3.6", "license": "Apache-2.0", "dependencies": { - "@aws-amplify/plugin-types": "^1.2.2", + "@aws-amplify/plugin-types": "^1.3.1", "aws-cdk-lib": "^2.158.0", "constructs": "^10.0.0" } @@ -31957,15 +31957,15 @@ }, "packages/backend-storage": { "name": "@aws-amplify/backend-storage", - "version": "1.2.1", + "version": "1.2.2", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.2.1", - "@aws-amplify/backend-output-storage": "^1.1.2", - "@aws-amplify/plugin-types": "^1.3.0" + "@aws-amplify/backend-output-storage": "^1.1.3", + "@aws-amplify/plugin-types": "^1.3.1" }, "devDependencies": { - "@aws-amplify/backend-platform-test-stubs": "^0.3.5", + "@aws-amplify/backend-platform-test-stubs": "^0.3.6", "@aws-amplify/platform-core": "^1.0.6" }, "peerDependencies": { @@ -31975,21 +31975,21 @@ }, "packages/cli": { "name": "@aws-amplify/backend-cli", - "version": "1.3.0", + "version": "1.4.0", "license": "Apache-2.0", "dependencies": { - "@aws-amplify/backend-deployer": "^1.1.3", + "@aws-amplify/backend-deployer": "^1.1.6", "@aws-amplify/backend-output-schemas": "^1.4.0", "@aws-amplify/backend-secret": "^1.1.2", - "@aws-amplify/cli-core": "^1.1.3", - "@aws-amplify/client-config": "^1.5.0", + "@aws-amplify/cli-core": "^1.2.0", + "@aws-amplify/client-config": "^1.5.1", "@aws-amplify/deployed-backend-client": "^1.4.1", "@aws-amplify/form-generator": "^1.0.3", "@aws-amplify/model-generator": "^1.0.8", "@aws-amplify/platform-core": "^1.0.5", - "@aws-amplify/plugin-types": "^1.3.0", - "@aws-amplify/sandbox": "^1.2.2", - "@aws-amplify/schema-generator": "^1.2.4", + "@aws-amplify/plugin-types": "^1.3.1", + "@aws-amplify/sandbox": "^1.2.4", + "@aws-amplify/schema-generator": "^1.2.5", "@aws-sdk/client-amplify": "^3.624.0", "@aws-sdk/client-cloudformation": "^3.624.0", "@aws-sdk/client-s3": "^3.624.0", @@ -32022,7 +32022,7 @@ }, "packages/cli-core": { "name": "@aws-amplify/cli-core", - "version": "1.1.3", + "version": "1.2.0", "license": "Apache-2.0", "dependencies": { "@aws-amplify/platform-core": "^1.0.5", @@ -32129,14 +32129,14 @@ }, "packages/client-config": { "name": "@aws-amplify/client-config", - "version": "1.5.0", + "version": "1.5.1", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.4.0", "@aws-amplify/deployed-backend-client": "^1.4.1", "@aws-amplify/model-generator": "^1.0.7", "@aws-amplify/platform-core": "^1.0.7", - "@aws-amplify/plugin-types": "^1.2.2", + "@aws-amplify/plugin-types": "^1.3.1", "zod": "^3.22.2" }, "devDependencies": { @@ -32314,20 +32314,20 @@ }, "packages/integration-tests": { "name": "@aws-amplify/integration-tests", - "version": "0.5.10", + "version": "0.6.0", "license": "Apache-2.0", "devDependencies": { "@apollo/client": "^3.10.1", - "@aws-amplify/ai-constructs": "^0.7.0", - "@aws-amplify/auth-construct": "^1.3.1", - "@aws-amplify/backend": "^1.5.2", - "@aws-amplify/backend-ai": "^0.3.4", + "@aws-amplify/ai-constructs": "^0.8.0", + "@aws-amplify/auth-construct": "^1.4.0", + "@aws-amplify/backend": "^1.6.0", + "@aws-amplify/backend-ai": "^0.3.5", "@aws-amplify/backend-secret": "^1.1.4", - "@aws-amplify/client-config": "^1.4.0", + "@aws-amplify/client-config": "^1.5.1", "@aws-amplify/data-schema": "^1.0.0", "@aws-amplify/deployed-backend-client": "^1.4.1", "@aws-amplify/platform-core": "^1.1.0", - "@aws-amplify/plugin-types": "^1.2.2", + "@aws-amplify/plugin-types": "^1.3.1", "@aws-sdk/client-accessanalyzer": "^3.624.0", "@aws-sdk/client-amplify": "^3.624.0", "@aws-sdk/client-bedrock-runtime": "^3.622.0", @@ -32429,7 +32429,7 @@ }, "packages/plugin-types": { "name": "@aws-amplify/plugin-types", - "version": "1.3.0", + "version": "1.3.1", "license": "Apache-2.0", "devDependencies": { "execa": "^5.1.1" @@ -32558,16 +32558,16 @@ }, "packages/sandbox": { "name": "@aws-amplify/sandbox", - "version": "1.2.3", + "version": "1.2.4", "license": "Apache-2.0", "dependencies": { - "@aws-amplify/backend-deployer": "^1.1.3", + "@aws-amplify/backend-deployer": "^1.1.6", "@aws-amplify/backend-secret": "^1.1.2", - "@aws-amplify/cli-core": "^1.1.3", - "@aws-amplify/client-config": "^1.3.1", + "@aws-amplify/cli-core": "^1.2.0", + "@aws-amplify/client-config": "^1.5.1", "@aws-amplify/deployed-backend-client": "^1.4.1", "@aws-amplify/platform-core": "^1.0.6", - "@aws-amplify/plugin-types": "^1.2.2", + "@aws-amplify/plugin-types": "^1.3.1", "@aws-sdk/client-cloudwatch-logs": "^3.624.0", "@aws-sdk/client-lambda": "^3.624.0", "@aws-sdk/client-ssm": "^3.624.0", @@ -32589,7 +32589,7 @@ }, "packages/schema-generator": { "name": "@aws-amplify/schema-generator", - "version": "1.2.4", + "version": "1.2.5", "license": "Apache-2.0", "dependencies": { "@aws-amplify/graphql-schema-generator": "^0.11.0", From cc9d7eb8fe06076feb85dd787f909da0f443697f Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Tue, 5 Nov 2024 15:25:47 -0800 Subject: [PATCH 50/61] chore: update package-lock --- package-lock.json | 44 ++++++++++++++++++++++---------------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/package-lock.json b/package-lock.json index a6a2cb7c4b..0047ca8e74 100644 --- a/package-lock.json +++ b/package-lock.json @@ -31730,11 +31730,11 @@ }, "packages/ai-constructs": { "name": "@aws-amplify/ai-constructs", - "version": "0.8.0", + "version": "0.8.1", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.4.0", - "@aws-amplify/platform-core": "^1.1.0", + "@aws-amplify/platform-core": "^1.2.0", "@aws-amplify/plugin-types": "^1.3.1", "@aws-sdk/client-bedrock-runtime": "^3.622.0", "@smithy/types": "^3.3.0", @@ -31774,19 +31774,19 @@ }, "packages/backend": { "name": "@aws-amplify/backend", - "version": "1.6.0", + "version": "1.6.2", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-auth": "^1.3.0", - "@aws-amplify/backend-data": "^1.1.6", - "@aws-amplify/backend-function": "^1.7.3", + "@aws-amplify/backend-data": "^1.1.7", + "@aws-amplify/backend-function": "^1.7.4", "@aws-amplify/backend-output-schemas": "^1.4.0", "@aws-amplify/backend-output-storage": "^1.1.3", "@aws-amplify/backend-secret": "^1.1.4", "@aws-amplify/backend-storage": "^1.2.2", - "@aws-amplify/client-config": "^1.5.1", + "@aws-amplify/client-config": "^1.5.2", "@aws-amplify/data-schema": "^1.0.0", - "@aws-amplify/platform-core": "^1.1.0", + "@aws-amplify/platform-core": "^1.2.0", "@aws-amplify/plugin-types": "^1.3.1", "@aws-sdk/client-amplify": "^3.624.0", "lodash.snakecase": "^4.1.1" @@ -31838,7 +31838,7 @@ }, "packages/backend-data": { "name": "@aws-amplify/backend-data", - "version": "1.1.6", + "version": "1.1.7", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.4.0", @@ -31850,7 +31850,7 @@ "devDependencies": { "@aws-amplify/backend-platform-test-stubs": "^0.3.6", "@aws-amplify/data-schema": "^1.0.0", - "@aws-amplify/platform-core": "^1.0.7" + "@aws-amplify/platform-core": "^1.2.0" }, "peerDependencies": { "aws-cdk-lib": "^2.158.0", @@ -31859,10 +31859,10 @@ }, "packages/backend-deployer": { "name": "@aws-amplify/backend-deployer", - "version": "1.1.6", + "version": "1.1.8", "license": "Apache-2.0", "dependencies": { - "@aws-amplify/platform-core": "^1.0.6", + "@aws-amplify/platform-core": "^1.2.0", "@aws-amplify/plugin-types": "^1.3.1", "execa": "^8.0.1", "tsx": "^4.6.1" @@ -31874,7 +31874,7 @@ }, "packages/backend-function": { "name": "@aws-amplify/backend-function", - "version": "1.7.3", + "version": "1.7.4", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.4.0", @@ -31944,7 +31944,7 @@ }, "packages/backend-secret": { "name": "@aws-amplify/backend-secret", - "version": "1.1.4", + "version": "1.1.5", "license": "Apache-2.0", "dependencies": { "@aws-amplify/platform-core": "^1.0.5", @@ -31975,10 +31975,10 @@ }, "packages/cli": { "name": "@aws-amplify/backend-cli", - "version": "1.4.0", + "version": "1.4.1", "license": "Apache-2.0", "dependencies": { - "@aws-amplify/backend-deployer": "^1.1.6", + "@aws-amplify/backend-deployer": "^1.1.8", "@aws-amplify/backend-output-schemas": "^1.4.0", "@aws-amplify/backend-secret": "^1.1.2", "@aws-amplify/cli-core": "^1.2.0", @@ -31986,9 +31986,9 @@ "@aws-amplify/deployed-backend-client": "^1.4.1", "@aws-amplify/form-generator": "^1.0.3", "@aws-amplify/model-generator": "^1.0.8", - "@aws-amplify/platform-core": "^1.0.5", + "@aws-amplify/platform-core": "^1.2.0", "@aws-amplify/plugin-types": "^1.3.1", - "@aws-amplify/sandbox": "^1.2.4", + "@aws-amplify/sandbox": "^1.2.5", "@aws-amplify/schema-generator": "^1.2.5", "@aws-sdk/client-amplify": "^3.624.0", "@aws-sdk/client-cloudformation": "^3.624.0", @@ -32129,7 +32129,7 @@ }, "packages/client-config": { "name": "@aws-amplify/client-config", - "version": "1.5.1", + "version": "1.5.2", "license": "Apache-2.0", "dependencies": { "@aws-amplify/backend-output-schemas": "^1.4.0", @@ -32397,7 +32397,7 @@ }, "packages/platform-core": { "name": "@aws-amplify/platform-core", - "version": "1.1.0", + "version": "1.2.0", "license": "Apache-2.0", "dependencies": { "@aws-amplify/plugin-types": "^1.2.1", @@ -32558,15 +32558,15 @@ }, "packages/sandbox": { "name": "@aws-amplify/sandbox", - "version": "1.2.4", + "version": "1.2.5", "license": "Apache-2.0", "dependencies": { - "@aws-amplify/backend-deployer": "^1.1.6", + "@aws-amplify/backend-deployer": "^1.1.8", "@aws-amplify/backend-secret": "^1.1.2", "@aws-amplify/cli-core": "^1.2.0", "@aws-amplify/client-config": "^1.5.1", "@aws-amplify/deployed-backend-client": "^1.4.1", - "@aws-amplify/platform-core": "^1.0.6", + "@aws-amplify/platform-core": "^1.2.0", "@aws-amplify/plugin-types": "^1.3.1", "@aws-sdk/client-cloudwatch-logs": "^3.624.0", "@aws-sdk/client-lambda": "^3.624.0", From 8083ef19e0e2586405c1c8988243906816233768 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 6 Nov 2024 14:28:55 -0800 Subject: [PATCH 51/61] chore: move construct into backend-auth --- package-lock.json | 12 ++--- packages/auth-construct/.npmignore | 1 - packages/auth-construct/package.json | 6 +-- packages/auth-construct/src/index.ts | 2 - packages/auth-construct/src/types.ts | 43 ---------------- packages/backend-auth/.npmignore | 1 + packages/backend-auth/package.json | 6 ++- .../src/lambda/.eslintrc.json | 0 .../lambda/reference_auth_initializer.test.ts | 4 +- .../src/lambda/reference_auth_initializer.ts | 14 ++++- .../src/reference_construct.test.ts | 4 +- .../src/reference_construct.ts | 51 +++++++++++++++++-- .../backend-auth/src/reference_factory.ts | 8 +-- .../src/test-resources/sample_data.ts | 3 +- 14 files changed, 81 insertions(+), 74 deletions(-) rename packages/{auth-construct => backend-auth}/src/lambda/.eslintrc.json (100%) rename packages/{auth-construct => backend-auth}/src/lambda/reference_auth_initializer.test.ts (99%) rename packages/{auth-construct => backend-auth}/src/lambda/reference_auth_initializer.ts (97%) rename packages/{auth-construct => backend-auth}/src/reference_construct.test.ts (98%) rename packages/{auth-construct => backend-auth}/src/reference_construct.ts (83%) rename packages/{auth-construct => backend-auth}/src/test-resources/sample_data.ts (99%) diff --git a/package-lock.json b/package-lock.json index 0047ca8e74..d8c16fa0a4 100644 --- a/package-lock.json +++ b/package-lock.json @@ -31761,11 +31761,7 @@ "@aws-amplify/backend-output-schemas": "^1.4.0", "@aws-amplify/backend-output-storage": "^1.1.3", "@aws-amplify/plugin-types": "^1.3.1", - "@aws-sdk/client-cognito-identity": "^3.624.0", - "@aws-sdk/client-cognito-identity-provider": "^3.624.0", - "@aws-sdk/util-arn-parser": "^3.568.0", - "@types/aws-lambda": "^8.10.119", - "aws-lambda": "^1.0.7" + "@aws-sdk/util-arn-parser": "^3.568.0" }, "peerDependencies": { "aws-cdk-lib": "^2.158.0", @@ -31825,7 +31821,11 @@ "dependencies": { "@aws-amplify/auth-construct": "^1.4.0", "@aws-amplify/backend-output-storage": "^1.1.3", - "@aws-amplify/plugin-types": "^1.3.1" + "@aws-amplify/plugin-types": "^1.3.1", + "@aws-sdk/client-cognito-identity": "^3.624.0", + "@aws-sdk/client-cognito-identity-provider": "^3.624.0", + "@types/aws-lambda": "^8.10.119", + "aws-lambda": "^1.0.7" }, "devDependencies": { "@aws-amplify/backend-platform-test-stubs": "^0.3.6", diff --git a/packages/auth-construct/.npmignore b/packages/auth-construct/.npmignore index 78143c7113..dbde1fb5db 100644 --- a/packages/auth-construct/.npmignore +++ b/packages/auth-construct/.npmignore @@ -10,6 +10,5 @@ # Then ignore test js and ts declaration files *.test.js *.test.d.ts -**/test-resources/** # This leaves us with including only js and ts declaration files of functional code diff --git a/packages/auth-construct/package.json b/packages/auth-construct/package.json index 52371bd809..d24130f5ab 100644 --- a/packages/auth-construct/package.json +++ b/packages/auth-construct/package.json @@ -22,11 +22,7 @@ "@aws-amplify/backend-output-schemas": "^1.4.0", "@aws-amplify/backend-output-storage": "^1.1.3", "@aws-amplify/plugin-types": "^1.3.1", - "@aws-sdk/util-arn-parser": "^3.568.0", - "@aws-sdk/client-cognito-identity-provider": "^3.624.0", - "@aws-sdk/client-cognito-identity": "^3.624.0", - "@types/aws-lambda": "^8.10.119", - "aws-lambda": "^1.0.7" + "@aws-sdk/util-arn-parser": "^3.568.0" }, "peerDependencies": { "aws-cdk-lib": "^2.158.0", diff --git a/packages/auth-construct/src/index.ts b/packages/auth-construct/src/index.ts index c6eaae8376..85e3aa6c6c 100644 --- a/packages/auth-construct/src/index.ts +++ b/packages/auth-construct/src/index.ts @@ -1,6 +1,5 @@ export { AuthProps, - ReferenceAuthProps, EmailLogin, EmailLoginSettings, GoogleProviderProps, @@ -30,5 +29,4 @@ export { CustomEmailSender, } from './types.js'; export { AmplifyAuth } from './construct.js'; -export { AmplifyReferenceAuth } from './reference_construct.js'; export { triggerEvents } from './trigger_events.js'; diff --git a/packages/auth-construct/src/types.ts b/packages/auth-construct/src/types.ts index 1565ae9e20..c3d4ddbbea 100644 --- a/packages/auth-construct/src/types.ts +++ b/packages/auth-construct/src/types.ts @@ -487,46 +487,3 @@ export type AuthProps = { */ outputStorageStrategy?: BackendOutputStorageStrategy; }; - -export type ReferenceAuthProps = { - /** - * @internal - */ - outputStorageStrategy?: BackendOutputStorageStrategy; - /** - * Existing UserPool Id - */ - userPoolId: string; - /** - * Existing IdentityPool Id - */ - identityPoolId: string; - /** - * Existing UserPoolClient Id - */ - userPoolClientId: string; - /** - * Existing AuthRole ARN - */ - authRoleArn: string; - /** - * Existing UnauthRole ARN - */ - unauthRoleArn: string; - /** - * A mapping of existing group names and their associated role ARNs - * which can be used for group permissions. - */ - groups?: { - [groupName: string]: string; - }; -}; -export type ReferenceAuthInitializerProps = { - userPoolId: string; - identityPoolId: string; - authRoleArn: string; - unauthRoleArn: string; - userPoolClientId: string; - groups: Record; - region: string; -}; diff --git a/packages/backend-auth/.npmignore b/packages/backend-auth/.npmignore index dbde1fb5db..78143c7113 100644 --- a/packages/backend-auth/.npmignore +++ b/packages/backend-auth/.npmignore @@ -10,5 +10,6 @@ # Then ignore test js and ts declaration files *.test.js *.test.d.ts +**/test-resources/** # This leaves us with including only js and ts declaration files of functional code diff --git a/packages/backend-auth/package.json b/packages/backend-auth/package.json index dd5dab4e33..10f12b30d3 100644 --- a/packages/backend-auth/package.json +++ b/packages/backend-auth/package.json @@ -21,7 +21,11 @@ "dependencies": { "@aws-amplify/auth-construct": "^1.4.0", "@aws-amplify/backend-output-storage": "^1.1.3", - "@aws-amplify/plugin-types": "^1.3.1" + "@aws-amplify/plugin-types": "^1.3.1", + "@aws-sdk/client-cognito-identity-provider": "^3.624.0", + "@aws-sdk/client-cognito-identity": "^3.624.0", + "@types/aws-lambda": "^8.10.119", + "aws-lambda": "^1.0.7" }, "devDependencies": { "@aws-amplify/backend-platform-test-stubs": "^0.3.6", diff --git a/packages/auth-construct/src/lambda/.eslintrc.json b/packages/backend-auth/src/lambda/.eslintrc.json similarity index 100% rename from packages/auth-construct/src/lambda/.eslintrc.json rename to packages/backend-auth/src/lambda/.eslintrc.json diff --git a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts b/packages/backend-auth/src/lambda/reference_auth_initializer.test.ts similarity index 99% rename from packages/auth-construct/src/lambda/reference_auth_initializer.test.ts rename to packages/backend-auth/src/lambda/reference_auth_initializer.test.ts index 6cef2387a5..81c50484aa 100644 --- a/packages/auth-construct/src/lambda/reference_auth_initializer.test.ts +++ b/packages/backend-auth/src/lambda/reference_auth_initializer.test.ts @@ -1,5 +1,5 @@ import { beforeEach, describe, it, mock } from 'node:test'; -import { ReferenceAuthInitializer } from './reference_auth_initializer'; +import { ReferenceAuthInitializer } from './reference_auth_initializer.js'; import { CloudFormationCustomResourceEvent } from 'aws-lambda'; import assert from 'node:assert'; import { @@ -31,7 +31,7 @@ import { UserPool, UserPoolClient, UserPoolGroups, -} from '../test-resources/sample_data'; +} from '../test-resources/sample_data.js'; const customResourceEventCommon: Omit< CloudFormationCustomResourceEvent, diff --git a/packages/auth-construct/src/lambda/reference_auth_initializer.ts b/packages/backend-auth/src/lambda/reference_auth_initializer.ts similarity index 97% rename from packages/auth-construct/src/lambda/reference_auth_initializer.ts rename to packages/backend-auth/src/lambda/reference_auth_initializer.ts index 767f58595b..785cb68a4f 100644 --- a/packages/auth-construct/src/lambda/reference_auth_initializer.ts +++ b/packages/backend-auth/src/lambda/reference_auth_initializer.ts @@ -1,3 +1,5 @@ +// This executes within the custom resource lambda and errors get handled by the provider framework +/* eslint-disable amplify-backend-rules/prefer-amplify-errors */ import { CloudFormationCustomResourceEvent, CloudFormationCustomResourceResponse, @@ -24,8 +26,16 @@ import { GetIdentityPoolRolesCommand, } from '@aws-sdk/client-cognito-identity'; import { randomUUID } from 'node:crypto'; -import { ReferenceAuthInitializerProps } from '../types.js'; -import { AuthOutput } from '@aws-amplify/backend-output-schemas'; +import { AuthOutput } from '../../../backend-output-schemas/src/index.js'; +export type ReferenceAuthInitializerProps = { + userPoolId: string; + identityPoolId: string; + authRoleArn: string; + unauthRoleArn: string; + userPoolClientId: string; + groups: Record; + region: string; +}; /** * Initializer that fetches and process auth resources. diff --git a/packages/auth-construct/src/reference_construct.test.ts b/packages/backend-auth/src/reference_construct.test.ts similarity index 98% rename from packages/auth-construct/src/reference_construct.test.ts rename to packages/backend-auth/src/reference_construct.test.ts index b82999e6e5..96ae4acdbd 100644 --- a/packages/auth-construct/src/reference_construct.test.ts +++ b/packages/backend-auth/src/reference_construct.test.ts @@ -3,13 +3,13 @@ import assert from 'assert'; import { AmplifyReferenceAuth, OUTPUT_PROPERTIES_PROVIDED_BY_AUTH_CUSTOM_RESOURCE, + ReferenceAuthProps, + authOutputKey, } from './reference_construct.js'; -import { ReferenceAuthProps } from './types.js'; import { BackendOutputEntry, BackendOutputStorageStrategy, } from '@aws-amplify/plugin-types'; -import { authOutputKey } from '@aws-amplify/backend-output-schemas'; import { Template } from 'aws-cdk-lib/assertions'; import { App, Stack } from 'aws-cdk-lib'; const refAuthProps: ReferenceAuthProps = { diff --git a/packages/auth-construct/src/reference_construct.ts b/packages/backend-auth/src/reference_construct.ts similarity index 83% rename from packages/auth-construct/src/reference_construct.ts rename to packages/backend-auth/src/reference_construct.ts index 7fd5c304fe..1bc6c67820 100644 --- a/packages/auth-construct/src/reference_construct.ts +++ b/packages/backend-auth/src/reference_construct.ts @@ -11,7 +11,6 @@ import { ReferenceAuthResources, ResourceProvider, } from '@aws-amplify/plugin-types'; -import { AuthOutput, authOutputKey } from '@aws-amplify/backend-output-schemas'; import { AttributionMetadataStorage, StackMetadataBackendOutputStorageStrategy, @@ -21,13 +20,23 @@ import { NodejsFunction } from 'aws-cdk-lib/aws-lambda-nodejs'; import { Runtime } from 'aws-cdk-lib/aws-lambda'; import { Provider } from 'aws-cdk-lib/custom-resources'; import { Role } from 'aws-cdk-lib/aws-iam'; -import { ReferenceAuthInitializerProps, ReferenceAuthProps } from './types.js'; +import { AuthOutput } from '../../backend-output-schemas/src/auth/index.js'; +import { ReferenceAuthInitializerProps } from './lambda/reference_auth_initializer.js'; +import { fileURLToPath } from 'node:url'; + +/** + * Expected key that auth output is stored under - must match backend-output-schemas's authOutputKey + */ +export const authOutputKey = 'AWS::Amplify::Auth'; + const REFERENCE_AUTH_CUSTOM_RESOURCE_PROVIDER_ID = 'AmplifyRefAuthCustomResourceProvider'; const REFERENCE_AUTH_CUSTOM_RESOURCE_ID = 'AmplifyRefAuthCustomResource'; const RESOURCE_TYPE = 'Custom::AmplifyRefAuth'; -const resourcesRoot = path.normalize(path.join(__dirname, 'lambda')); +const filename = fileURLToPath(import.meta.url); +const dirname = path.dirname(filename); +const resourcesRoot = path.normalize(path.join(dirname, 'lambda')); const refAuthLambdaFilePath = path.join( resourcesRoot, 'reference_auth_initializer.js' @@ -180,7 +189,7 @@ export class AmplifyReferenceAuth new AttributionMetadataStorage().storeAttributionMetadata( Stack.of(this), authStackType, - path.resolve(__dirname, '..', 'package.json') + fileURLToPath(new URL('../package.json', import.meta.url)) ); } @@ -212,3 +221,37 @@ export class AmplifyReferenceAuth }); }; } + +export type ReferenceAuthProps = { + /** + * @internal + */ + outputStorageStrategy?: BackendOutputStorageStrategy; + /** + * Existing UserPool Id + */ + userPoolId: string; + /** + * Existing IdentityPool Id + */ + identityPoolId: string; + /** + * Existing UserPoolClient Id + */ + userPoolClientId: string; + /** + * Existing AuthRole ARN + */ + authRoleArn: string; + /** + * Existing UnauthRole ARN + */ + unauthRoleArn: string; + /** + * A mapping of existing group names and their associated role ARNs + * which can be used for group permissions. + */ + groups?: { + [groupName: string]: string; + }; +}; diff --git a/packages/backend-auth/src/reference_factory.ts b/packages/backend-auth/src/reference_factory.ts index 3c3b0a8438..4216d6b5eb 100644 --- a/packages/backend-auth/src/reference_factory.ts +++ b/packages/backend-auth/src/reference_factory.ts @@ -11,10 +11,6 @@ import { StackProvider, } from '@aws-amplify/plugin-types'; import { AuthAccessGenerator, Expand } from './types.js'; -import { - AmplifyReferenceAuth, - ReferenceAuthProps, -} from '@aws-amplify/auth-construct'; import { authAccessBuilder as _authAccessBuilder } from './access_builder.js'; import path from 'path'; import { AmplifyUserError, TagName } from '@aws-amplify/platform-core'; @@ -23,6 +19,10 @@ import { Stack, Tags } from 'aws-cdk-lib'; import { Policy } from 'aws-cdk-lib/aws-iam'; import { UserPoolAccessPolicyFactory } from './userpool_access_policy_factory.js'; import { AmplifyAuthFactory } from './factory.js'; +import { + AmplifyReferenceAuth, + ReferenceAuthProps, +} from './reference_construct.js'; export type BackendReferenceAuth = ResourceProvider & ResourceAccessAcceptorFactory & diff --git a/packages/auth-construct/src/test-resources/sample_data.ts b/packages/backend-auth/src/test-resources/sample_data.ts similarity index 99% rename from packages/auth-construct/src/test-resources/sample_data.ts rename to packages/backend-auth/src/test-resources/sample_data.ts index 48ca0dc125..1ac099f65b 100644 --- a/packages/auth-construct/src/test-resources/sample_data.ts +++ b/packages/backend-auth/src/test-resources/sample_data.ts @@ -6,8 +6,7 @@ import { UserPoolClientType, UserPoolType, } from '@aws-sdk/client-cognito-identity-provider'; -import { ReferenceAuthInitializerProps } from '../types.js'; - +import { ReferenceAuthInitializerProps } from '../lambda/reference_auth_initializer.js'; /** * Sample referenceAuth properties */ From 47c514e3d95102d83985e2959af032f9cea1548d Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 6 Nov 2024 14:47:57 -0800 Subject: [PATCH 52/61] chore: update api --- package-lock.json | 1 + packages/auth-construct/API.md | 21 ------------------- packages/backend-auth/API.md | 16 +++++++++++++- packages/backend-auth/package.json | 1 + packages/backend-auth/src/index.ts | 2 ++ .../src/lambda/reference_auth_initializer.ts | 2 +- .../backend-auth/src/reference_construct.ts | 2 +- 7 files changed, 21 insertions(+), 24 deletions(-) diff --git a/package-lock.json b/package-lock.json index d8c16fa0a4..d515fd8544 100644 --- a/package-lock.json +++ b/package-lock.json @@ -31820,6 +31820,7 @@ "license": "Apache-2.0", "dependencies": { "@aws-amplify/auth-construct": "^1.4.0", + "@aws-amplify/backend-output-schemas": "^1.4.0", "@aws-amplify/backend-output-storage": "^1.1.3", "@aws-amplify/plugin-types": "^1.3.1", "@aws-sdk/client-cognito-identity": "^3.624.0", diff --git a/packages/auth-construct/API.md b/packages/auth-construct/API.md index ccea7a9002..f3c895c6ce 100644 --- a/packages/auth-construct/API.md +++ b/packages/auth-construct/API.md @@ -11,7 +11,6 @@ import { BackendOutputStorageStrategy } from '@aws-amplify/plugin-types'; import { Construct } from 'constructs'; import { IFunction } from 'aws-cdk-lib/aws-lambda'; import { NumberAttributeConstraints } from 'aws-cdk-lib/aws-cognito'; -import { ReferenceAuthResources } from '@aws-amplify/plugin-types'; import { ResourceProvider } from '@aws-amplify/plugin-types'; import { SecretValue } from 'aws-cdk-lib'; import { StandardAttributes } from 'aws-cdk-lib/aws-cognito'; @@ -28,13 +27,6 @@ export class AmplifyAuth extends Construct implements ResourceProvider { - constructor(scope: Construct, id: string, props: ReferenceAuthProps); - // (undocumented) - resources: ReferenceAuthResources; -} - // @public export type AppleProviderProps = Omit & IdentityProviderProps; @@ -172,19 +164,6 @@ export type PhoneNumberLogin = true | { verificationMessage?: (createCode: () => string) => string; }; -// @public (undocumented) -export type ReferenceAuthProps = { - outputStorageStrategy?: BackendOutputStorageStrategy; - userPoolId: string; - identityPoolId: string; - userPoolClientId: string; - authRoleArn: string; - unauthRoleArn: string; - groups?: { - [groupName: string]: string; - }; -}; - // @public export type SamlProviderProps = Omit & { metadata: Omit & { diff --git a/packages/backend-auth/API.md b/packages/backend-auth/API.md index 233dbe2ed4..6663c93e78 100644 --- a/packages/backend-auth/API.md +++ b/packages/backend-auth/API.md @@ -7,9 +7,11 @@ import { AmazonProviderProps } from '@aws-amplify/auth-construct'; import { AmplifyFunction } from '@aws-amplify/plugin-types'; import { AppleProviderProps } from '@aws-amplify/auth-construct'; +import { AuthOutput } from '@aws-amplify/backend-output-schemas'; import { AuthProps } from '@aws-amplify/auth-construct'; import { AuthResources } from '@aws-amplify/plugin-types'; import { AuthRoleName } from '@aws-amplify/plugin-types'; +import { BackendOutputStorageStrategy } from '@aws-amplify/plugin-types'; import { BackendSecret } from '@aws-amplify/plugin-types'; import { ConstructFactory } from '@aws-amplify/plugin-types'; import { ConstructFactoryGetInstanceProps } from '@aws-amplify/plugin-types'; @@ -19,7 +21,6 @@ import { FunctionResources } from '@aws-amplify/plugin-types'; import { GoogleProviderProps } from '@aws-amplify/auth-construct'; import { IFunction } from 'aws-cdk-lib/aws-lambda'; import { OidcProviderProps } from '@aws-amplify/auth-construct'; -import { ReferenceAuthProps } from '@aws-amplify/auth-construct'; import { ReferenceAuthResources } from '@aws-amplify/plugin-types'; import { ResourceAccessAcceptor } from '@aws-amplify/plugin-types'; import { ResourceAccessAcceptorFactory } from '@aws-amplify/plugin-types'; @@ -143,6 +144,19 @@ export type OidcProviderFactoryProps = Omit ConstructFactory; +// @public (undocumented) +export type ReferenceAuthProps = { + outputStorageStrategy?: BackendOutputStorageStrategy; + userPoolId: string; + identityPoolId: string; + userPoolClientId: string; + authRoleArn: string; + unauthRoleArn: string; + groups?: { + [groupName: string]: string; + }; +}; + // (No @packageDocumentation comment for this package) ``` diff --git a/packages/backend-auth/package.json b/packages/backend-auth/package.json index 10f12b30d3..38c7790e80 100644 --- a/packages/backend-auth/package.json +++ b/packages/backend-auth/package.json @@ -20,6 +20,7 @@ "license": "Apache-2.0", "dependencies": { "@aws-amplify/auth-construct": "^1.4.0", + "@aws-amplify/backend-output-schemas": "^1.4.0", "@aws-amplify/backend-output-storage": "^1.1.3", "@aws-amplify/plugin-types": "^1.3.1", "@aws-sdk/client-cognito-identity-provider": "^3.624.0", diff --git a/packages/backend-auth/src/index.ts b/packages/backend-auth/src/index.ts index 6d55380a5a..f7d4131280 100644 --- a/packages/backend-auth/src/index.ts +++ b/packages/backend-auth/src/index.ts @@ -1,4 +1,6 @@ export { BackendAuth, AmplifyAuthProps, defineAuth } from './factory.js'; +// ReferenceAuthConstruct is intentionally not public, but props are required +export { ReferenceAuthProps } from './reference_construct.js'; export { BackendReferenceAuth, AmplifyReferenceAuthProps, diff --git a/packages/backend-auth/src/lambda/reference_auth_initializer.ts b/packages/backend-auth/src/lambda/reference_auth_initializer.ts index 785cb68a4f..341a9ab8c0 100644 --- a/packages/backend-auth/src/lambda/reference_auth_initializer.ts +++ b/packages/backend-auth/src/lambda/reference_auth_initializer.ts @@ -26,7 +26,7 @@ import { GetIdentityPoolRolesCommand, } from '@aws-sdk/client-cognito-identity'; import { randomUUID } from 'node:crypto'; -import { AuthOutput } from '../../../backend-output-schemas/src/index.js'; +import { AuthOutput } from '@aws-amplify/backend-output-schemas'; export type ReferenceAuthInitializerProps = { userPoolId: string; identityPoolId: string; diff --git a/packages/backend-auth/src/reference_construct.ts b/packages/backend-auth/src/reference_construct.ts index 1bc6c67820..8b7efef3b7 100644 --- a/packages/backend-auth/src/reference_construct.ts +++ b/packages/backend-auth/src/reference_construct.ts @@ -15,12 +15,12 @@ import { AttributionMetadataStorage, StackMetadataBackendOutputStorageStrategy, } from '@aws-amplify/backend-output-storage'; +import { AuthOutput } from '@aws-amplify/backend-output-schemas'; import * as path from 'path'; import { NodejsFunction } from 'aws-cdk-lib/aws-lambda-nodejs'; import { Runtime } from 'aws-cdk-lib/aws-lambda'; import { Provider } from 'aws-cdk-lib/custom-resources'; import { Role } from 'aws-cdk-lib/aws-iam'; -import { AuthOutput } from '../../backend-output-schemas/src/auth/index.js'; import { ReferenceAuthInitializerProps } from './lambda/reference_auth_initializer.js'; import { fileURLToPath } from 'node:url'; From 8d25476d783b62920104ae146e09f014f6378541 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 6 Nov 2024 14:51:19 -0800 Subject: [PATCH 53/61] chore: update changeset --- .../{healthy-kangaroos-deliver.md => good-pugs-rescue.md} | 2 +- packages/backend-auth/tsconfig.json | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) rename .changeset/{healthy-kangaroos-deliver.md => good-pugs-rescue.md} (71%) diff --git a/.changeset/healthy-kangaroos-deliver.md b/.changeset/good-pugs-rescue.md similarity index 71% rename from .changeset/healthy-kangaroos-deliver.md rename to .changeset/good-pugs-rescue.md index 9d4249bdb8..7f4a210605 100644 --- a/.changeset/healthy-kangaroos-deliver.md +++ b/.changeset/good-pugs-rescue.md @@ -6,4 +6,4 @@ '@aws-amplify/backend': minor --- -Add support for referencing existing auth resources via referenceAuth. +Add support for referenceAuth. diff --git a/packages/backend-auth/tsconfig.json b/packages/backend-auth/tsconfig.json index b98614a812..42a487d8e7 100644 --- a/packages/backend-auth/tsconfig.json +++ b/packages/backend-auth/tsconfig.json @@ -3,6 +3,7 @@ "compilerOptions": { "rootDir": "src", "outDir": "lib" }, "references": [ { "path": "../auth-construct" }, + { "path": "../backend-output-schemas" }, { "path": "../backend-output-storage" }, { "path": "../plugin-types" }, { "path": "../backend-platform-test-stubs" }, From 555f993da644c1db17869517267d39e375e156b7 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 6 Nov 2024 16:21:46 -0800 Subject: [PATCH 54/61] chore: cleanup --- packages/backend-auth/src/lambda/.eslintrc.json | 3 ++- packages/backend-auth/src/lambda/reference_auth_initializer.ts | 2 -- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/packages/backend-auth/src/lambda/.eslintrc.json b/packages/backend-auth/src/lambda/.eslintrc.json index d5ba8f9d9c..fa0db4e422 100644 --- a/packages/backend-auth/src/lambda/.eslintrc.json +++ b/packages/backend-auth/src/lambda/.eslintrc.json @@ -1,5 +1,6 @@ { "rules": { - "no-console": "off" + "no-console": "off", + "amplify-backend-rules/prefer-amplify-errors": "off" } } diff --git a/packages/backend-auth/src/lambda/reference_auth_initializer.ts b/packages/backend-auth/src/lambda/reference_auth_initializer.ts index 341a9ab8c0..9f31a7302b 100644 --- a/packages/backend-auth/src/lambda/reference_auth_initializer.ts +++ b/packages/backend-auth/src/lambda/reference_auth_initializer.ts @@ -1,5 +1,3 @@ -// This executes within the custom resource lambda and errors get handled by the provider framework -/* eslint-disable amplify-backend-rules/prefer-amplify-errors */ import { CloudFormationCustomResourceEvent, CloudFormationCustomResourceResponse, From e1ffd8993adbe529bb978ddf9ece7454dbaa10ea Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Wed, 6 Nov 2024 16:30:48 -0800 Subject: [PATCH 55/61] chore: move props type to factory --- packages/backend-auth/src/index.ts | 3 +- .../src/reference_construct.test.ts | 2 +- .../backend-auth/src/reference_construct.ts | 35 +--------------- .../backend-auth/src/reference_factory.ts | 41 +++++++++++++++++-- 4 files changed, 40 insertions(+), 41 deletions(-) diff --git a/packages/backend-auth/src/index.ts b/packages/backend-auth/src/index.ts index f7d4131280..8a53f0225d 100644 --- a/packages/backend-auth/src/index.ts +++ b/packages/backend-auth/src/index.ts @@ -1,9 +1,8 @@ export { BackendAuth, AmplifyAuthProps, defineAuth } from './factory.js'; -// ReferenceAuthConstruct is intentionally not public, but props are required -export { ReferenceAuthProps } from './reference_construct.js'; export { BackendReferenceAuth, AmplifyReferenceAuthProps, referenceAuth, + ReferenceAuthProps, } from './reference_factory.js'; export * from './types.js'; diff --git a/packages/backend-auth/src/reference_construct.test.ts b/packages/backend-auth/src/reference_construct.test.ts index 96ae4acdbd..8c852add5e 100644 --- a/packages/backend-auth/src/reference_construct.test.ts +++ b/packages/backend-auth/src/reference_construct.test.ts @@ -3,7 +3,6 @@ import assert from 'assert'; import { AmplifyReferenceAuth, OUTPUT_PROPERTIES_PROVIDED_BY_AUTH_CUSTOM_RESOURCE, - ReferenceAuthProps, authOutputKey, } from './reference_construct.js'; import { @@ -12,6 +11,7 @@ import { } from '@aws-amplify/plugin-types'; import { Template } from 'aws-cdk-lib/assertions'; import { App, Stack } from 'aws-cdk-lib'; +import { ReferenceAuthProps } from './reference_factory.js'; const refAuthProps: ReferenceAuthProps = { authRoleArn: 'arn:aws:iam::000000000000:role/amplify-sample-auth-role-name', unauthRoleArn: diff --git a/packages/backend-auth/src/reference_construct.ts b/packages/backend-auth/src/reference_construct.ts index 8b7efef3b7..939319a26f 100644 --- a/packages/backend-auth/src/reference_construct.ts +++ b/packages/backend-auth/src/reference_construct.ts @@ -23,6 +23,7 @@ import { Provider } from 'aws-cdk-lib/custom-resources'; import { Role } from 'aws-cdk-lib/aws-iam'; import { ReferenceAuthInitializerProps } from './lambda/reference_auth_initializer.js'; import { fileURLToPath } from 'node:url'; +import { ReferenceAuthProps } from './reference_factory.js'; /** * Expected key that auth output is stored under - must match backend-output-schemas's authOutputKey @@ -221,37 +222,3 @@ export class AmplifyReferenceAuth }); }; } - -export type ReferenceAuthProps = { - /** - * @internal - */ - outputStorageStrategy?: BackendOutputStorageStrategy; - /** - * Existing UserPool Id - */ - userPoolId: string; - /** - * Existing IdentityPool Id - */ - identityPoolId: string; - /** - * Existing UserPoolClient Id - */ - userPoolClientId: string; - /** - * Existing AuthRole ARN - */ - authRoleArn: string; - /** - * Existing UnauthRole ARN - */ - unauthRoleArn: string; - /** - * A mapping of existing group names and their associated role ARNs - * which can be used for group permissions. - */ - groups?: { - [groupName: string]: string; - }; -}; diff --git a/packages/backend-auth/src/reference_factory.ts b/packages/backend-auth/src/reference_factory.ts index 4216d6b5eb..926db833c9 100644 --- a/packages/backend-auth/src/reference_factory.ts +++ b/packages/backend-auth/src/reference_factory.ts @@ -1,5 +1,6 @@ import { AuthRoleName, + BackendOutputStorageStrategy, ConstructContainerEntryGenerator, ConstructFactory, ConstructFactoryGetInstanceProps, @@ -19,10 +20,42 @@ import { Stack, Tags } from 'aws-cdk-lib'; import { Policy } from 'aws-cdk-lib/aws-iam'; import { UserPoolAccessPolicyFactory } from './userpool_access_policy_factory.js'; import { AmplifyAuthFactory } from './factory.js'; -import { - AmplifyReferenceAuth, - ReferenceAuthProps, -} from './reference_construct.js'; +import { AmplifyReferenceAuth } from './reference_construct.js'; +import { AuthOutput } from '@aws-amplify/backend-output-schemas'; + +export type ReferenceAuthProps = { + /** + * @internal + */ + outputStorageStrategy?: BackendOutputStorageStrategy; + /** + * Existing UserPool Id + */ + userPoolId: string; + /** + * Existing IdentityPool Id + */ + identityPoolId: string; + /** + * Existing UserPoolClient Id + */ + userPoolClientId: string; + /** + * Existing AuthRole ARN + */ + authRoleArn: string; + /** + * Existing UnauthRole ARN + */ + unauthRoleArn: string; + /** + * A mapping of existing group names and their associated role ARNs + * which can be used for group permissions. + */ + groups?: { + [groupName: string]: string; + }; +}; export type BackendReferenceAuth = ResourceProvider & ResourceAccessAcceptorFactory & From 703ef45c041b990dca00bdc46a192fdc9ee64389 Mon Sep 17 00:00:00 2001 From: awsluja <110861985+awsluja@users.noreply.github.com> Date: Thu, 7 Nov 2024 14:06:23 -0800 Subject: [PATCH 56/61] chore: add working setup for e2e resources in ref auth (#2122) * chore: add working setup for e2e resources in ref auth * feed pr base sha and ref into envs before scripts (#2168) * feed pr base sha and ref into envs before scripts * removing empty file * chore: update names to use test prefix * chore: remove extra hyphen * chore: fix cleanup and add sandbox test * chore: make sure to throw if error describing stack is unknown --------- Co-authored-by: Roshane Pascual --- .changeset/spicy-rules-speak.md | 2 + .../auth_resource_creator.ts | 385 ++++++++++++++++++ .../reference_auth_project.deployment.test.ts | 4 + .../reference_auth_project.sandbox.test.ts | 4 + .../reference_auth_project.ts | 340 ++++++++++++++++ .../test-project-setup/test_project_base.ts | 76 +++- .../reference-auth/amplify/auth/resource.ts | 14 + .../reference-auth/amplify/backend.ts | 10 + .../amplify/data/add-user-to-group/handler.ts | 3 + .../data/add-user-to-group/resource.ts | 5 + .../reference-auth/amplify/data/resource.ts | 24 ++ .../amplify/storage/resource.ts | 15 + .../test-types/env/add-user-to-group.ts | 10 + 13 files changed, 889 insertions(+), 3 deletions(-) create mode 100644 .changeset/spicy-rules-speak.md create mode 100644 packages/integration-tests/src/resource-creation/auth_resource_creator.ts create mode 100644 packages/integration-tests/src/test-e2e/deployment/reference_auth_project.deployment.test.ts create mode 100644 packages/integration-tests/src/test-e2e/sandbox/reference_auth_project.sandbox.test.ts create mode 100644 packages/integration-tests/src/test-project-setup/reference_auth_project.ts create mode 100644 packages/integration-tests/src/test-projects/reference-auth/amplify/auth/resource.ts create mode 100644 packages/integration-tests/src/test-projects/reference-auth/amplify/backend.ts create mode 100644 packages/integration-tests/src/test-projects/reference-auth/amplify/data/add-user-to-group/handler.ts create mode 100644 packages/integration-tests/src/test-projects/reference-auth/amplify/data/add-user-to-group/resource.ts create mode 100644 packages/integration-tests/src/test-projects/reference-auth/amplify/data/resource.ts create mode 100644 packages/integration-tests/src/test-projects/reference-auth/amplify/storage/resource.ts create mode 100644 packages/integration-tests/src/test-projects/reference-auth/test-types/env/add-user-to-group.ts diff --git a/.changeset/spicy-rules-speak.md b/.changeset/spicy-rules-speak.md new file mode 100644 index 0000000000..a845151cc8 --- /dev/null +++ b/.changeset/spicy-rules-speak.md @@ -0,0 +1,2 @@ +--- +--- diff --git a/packages/integration-tests/src/resource-creation/auth_resource_creator.ts b/packages/integration-tests/src/resource-creation/auth_resource_creator.ts new file mode 100644 index 0000000000..bc521e2c31 --- /dev/null +++ b/packages/integration-tests/src/resource-creation/auth_resource_creator.ts @@ -0,0 +1,385 @@ +import { + CognitoIdentityProviderClient, + CreateGroupCommand, + CreateGroupCommandInput, + CreateIdentityProviderCommand, + CreateIdentityProviderCommandInput, + CreateUserPoolClientCommand, + CreateUserPoolClientCommandInput, + CreateUserPoolCommand, + CreateUserPoolCommandInput, + CreateUserPoolDomainCommand, + CreateUserPoolDomainCommandInput, + DeleteGroupCommand, + DeleteIdentityProviderCommand, + DeleteUserPoolClientCommand, + DeleteUserPoolCommand, + DeleteUserPoolDomainCommand, +} from '@aws-sdk/client-cognito-identity-provider'; +import { + CreateRoleCommand, + CreateRoleCommandInput, + DeleteRoleCommand, + IAMClient, +} from '@aws-sdk/client-iam'; +import { + CognitoIdentityClient, + CreateIdentityPoolCommand, + CreateIdentityPoolCommandInput, + DeleteIdentityPoolCommand, + SetIdentityPoolRolesCommand, +} from '@aws-sdk/client-cognito-identity'; +import { shortUuid } from '../short_uuid.js'; +import { e2eToolingClientConfig } from '../e2e_tooling_client_config.js'; +const RESOURCE_TAG_KEY = 'amplify-e2e-resource'; +const RESOURCE_TAG_VALUE = 'true'; +const TEST_RESOURCE_TAGS = { + [RESOURCE_TAG_KEY]: RESOURCE_TAG_VALUE, +}; +const TEST_RESOURCE_TAGS_ARRAY = [ + { Key: RESOURCE_TAG_KEY, Value: RESOURCE_TAG_VALUE }, +]; +const TEST_AMPLIFY_RESOURCE_PREFIX = 'amplify-'; + +type CleanupTask = { + run: () => Promise; + arn?: string | undefined; + id?: string | undefined; +}; +/** + * Provides a way to create auth resources using aws sdk + */ +export class AuthResourceCreator { + private cleanup: CleanupTask[] = []; + + /** + * Setup a new auth resource creator + * @param cognitoIdentityProviderClient client + * @param cognitoIdentityClient client + * @param iamClient client + */ + constructor( + private cognitoIdentityProviderClient: CognitoIdentityProviderClient = new CognitoIdentityProviderClient( + e2eToolingClientConfig + ), + private cognitoIdentityClient: CognitoIdentityClient = new CognitoIdentityClient( + e2eToolingClientConfig + ), + private iamClient: IAMClient = new IAMClient(e2eToolingClientConfig), + private createResourceNameSuffix: () => string = shortUuid + ) {} + + cleanupResources = async () => { + // delete in reverse order + const list = this.cleanup.map((t) => t.arn ?? t.id); + console.log( + `Attempting to delete a total of ${this.cleanup.length} resources` + ); + console.log('Resource descriptions/ARNs/IDs:', list); + const failedTasks: CleanupTask[] = []; + for (let i = this.cleanup.length - 1; i >= 0; i--) { + const task = this.cleanup[i]; + try { + await task.run(); + console.log(`Deleted: ${task.arn ?? task.id}`); + } catch (e) { + failedTasks.push(task); + console.error(`Failed to delete resource: ${task.arn ?? task.id}`, e); + } + } + console.error( + 'Failed tasks:', + failedTasks.map((t) => t.arn ?? t.id) + ); + }; + + createUserPoolBase = async (props: CreateUserPoolCommandInput) => { + const result = await this.cognitoIdentityProviderClient.send( + new CreateUserPoolCommand({ + ...props, + PoolName: `${TEST_AMPLIFY_RESOURCE_PREFIX}${ + props.PoolName + }-${this.createResourceNameSuffix()}`, + UserPoolTags: TEST_RESOURCE_TAGS, + }) + ); + const userPool = result.UserPool; + if (!userPool) { + throw new Error('Failed to create user pool.'); + } + this.cleanup.push({ + run: async () => { + await this.cognitoIdentityProviderClient.send( + new DeleteUserPoolCommand({ UserPoolId: userPool.Id }) + ); + }, + arn: userPool.Arn, + }); + return userPool; + }; + + createUserPoolClientBase = async ( + props: CreateUserPoolClientCommandInput + ) => { + const result = await this.cognitoIdentityProviderClient.send( + new CreateUserPoolClientCommand({ + ...props, + ClientName: `${TEST_AMPLIFY_RESOURCE_PREFIX}${ + props.ClientName + }-${this.createResourceNameSuffix()}`, + }) + ); + const client = result.UserPoolClient; + if (!client) { + throw new Error('Failed to create user pool client.'); + } + this.cleanup.push({ + run: async () => { + await this.cognitoIdentityProviderClient.send( + new DeleteUserPoolClientCommand({ + ClientId: client.ClientId, + UserPoolId: client.UserPoolId, + }) + ); + }, + id: `UserPoolClientId: ${client.ClientId}`, + }); + return client; + }; + + createUserPoolDomainBase = async ( + props: CreateUserPoolDomainCommandInput + ) => { + const domain = `${TEST_AMPLIFY_RESOURCE_PREFIX}${ + props.Domain + }-${this.createResourceNameSuffix()}`; + await this.cognitoIdentityProviderClient.send( + new CreateUserPoolDomainCommand({ + ...props, + Domain: domain, + }) + ); + // if it didn't throw, domain was created. + this.cleanup.push({ + run: async () => { + await this.cognitoIdentityProviderClient.send( + new DeleteUserPoolDomainCommand({ + Domain: domain, + UserPoolId: props.UserPoolId, + }) + ); + }, + id: `Domain: ${domain}`, + }); + return domain; + }; + + createIdentityProviderBase = async ( + props: CreateIdentityProviderCommandInput + ) => { + const result = await this.cognitoIdentityProviderClient.send( + new CreateIdentityProviderCommand({ + ...props, + }) + ); + const provider = result.IdentityProvider; + if (!provider) { + throw new Error( + `An error occurred while creating the identity provider ${props.ProviderName}` + ); + } + this.cleanup.push({ + run: async () => { + await this.cognitoIdentityProviderClient.send( + new DeleteIdentityProviderCommand({ + UserPoolId: props.UserPoolId, + ProviderName: provider.ProviderName, + }) + ); + }, + id: `Provider: ${provider.ProviderName}`, + }); + return provider; + }; + + createIdentityPoolBase = async (props: CreateIdentityPoolCommandInput) => { + const identityPoolResponse = await this.cognitoIdentityClient.send( + new CreateIdentityPoolCommand({ + ...props, + IdentityPoolTags: TEST_RESOURCE_TAGS, + IdentityPoolName: `${TEST_AMPLIFY_RESOURCE_PREFIX}${ + props.IdentityPoolName + }-${this.createResourceNameSuffix()}`, + }) + ); + const identityPoolId = identityPoolResponse.IdentityPoolId; + if (!identityPoolId) { + throw new Error('An error occurred while creating the identity pool'); + } + this.cleanup.push({ + run: async () => { + await this.cognitoIdentityClient.send( + new DeleteIdentityPoolCommand({ IdentityPoolId: identityPoolId }) + ); + }, + id: `IdentityPool: ${identityPoolResponse.IdentityPoolId}`, + }); + return { + ...identityPoolResponse, + // the line below ensures that the type engine sees IdentityPoolId as string, not string | undefined. + IdentityPoolId: identityPoolId, + }; + }; + + createRoleBase = async (props: CreateRoleCommandInput) => { + const result = await this.iamClient.send( + new CreateRoleCommand({ + ...props, + RoleName: `${TEST_AMPLIFY_RESOURCE_PREFIX}${ + props.RoleName + }-${this.createResourceNameSuffix()}`, + }) + ); + const role = result.Role; + if (!role) { + throw new Error( + `An error occurred while creating the role: ${props.RoleName}` + ); + } + this.cleanup.push({ + run: async () => { + await this.iamClient.send( + new DeleteRoleCommand({ RoleName: role.RoleName }) + ); + }, + arn: role.Arn, + }); + return role; + }; + + createUserPoolGroupBase = async (props: CreateGroupCommandInput) => { + const result = await this.cognitoIdentityProviderClient.send( + new CreateGroupCommand({ + ...props, + GroupName: `${TEST_AMPLIFY_RESOURCE_PREFIX}${ + props.GroupName + }-${this.createResourceNameSuffix()}`, + }) + ); + const group = result.Group; + if (!group || !group.GroupName) { + throw new Error(`Error creating group with name: ${props.GroupName}`); + } + this.cleanup.push({ + run: async () => { + await this.cognitoIdentityProviderClient.send( + new DeleteGroupCommand({ + UserPoolId: props.UserPoolId, + GroupName: group.GroupName, + }) + ); + }, + id: `Group: ${group.GroupName}`, + }); + return group; + }; + + setupUserPoolGroup = async ( + groupName: string, + userPoolId: string, + identityPoolId: string + ) => { + const groupRole = await this.createRoleBase({ + RoleName: 'ref-auth-group-role', + AssumeRolePolicyDocument: this.getIdentityPoolAssumeRolePolicyDocument( + identityPoolId, + 'authenticated' + ), + Tags: TEST_RESOURCE_TAGS_ARRAY, + }); + const group = await this.createUserPoolGroupBase({ + GroupName: groupName, + UserPoolId: userPoolId, + RoleArn: groupRole.Arn, + }); + return group; + }; + + /** + * Setup standard auth and unauth roles for an identity pool + * @param userPoolId user pool id + * @param userPoolClientId user pool client id + * @param identityPoolId identity pool id + * @returns auth and unauth roles + */ + setupIdentityPoolRoles = async ( + userPoolId: string, + userPoolClientId: string, + identityPoolId: string + ) => { + const authRole = await this.createRoleBase({ + RoleName: `ref-auth-role`, + AssumeRolePolicyDocument: this.getIdentityPoolAssumeRolePolicyDocument( + identityPoolId, + 'authenticated' + ), + Tags: TEST_RESOURCE_TAGS_ARRAY, + }); + const unauthRole = await this.createRoleBase({ + RoleName: `ref-unauth-role`, + AssumeRolePolicyDocument: this.getIdentityPoolAssumeRolePolicyDocument( + identityPoolId, + 'unauthenticated' + ), + Tags: TEST_RESOURCE_TAGS_ARRAY, + }); + const region = await this.cognitoIdentityClient.config.region(); + await this.cognitoIdentityClient.send( + new SetIdentityPoolRolesCommand({ + IdentityPoolId: identityPoolId, + Roles: { + unauthenticated: unauthRole.Arn!, + authenticated: authRole.Arn!, + }, + RoleMappings: { + [`cognito-idp.${region}.amazonaws.com/${userPoolId}:${userPoolClientId}`]: + { + Type: 'Token', + AmbiguousRoleResolution: 'AuthenticatedRole', + }, + }, + }) + ); + + return { + authRole, + unauthRole, + }; + }; + + private getIdentityPoolAssumeRolePolicyDocument = ( + identityPoolId: string, + roleType: 'authenticated' | 'unauthenticated' + ) => { + return `{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "Federated": "cognito-identity.amazonaws.com" + }, + "Action": "sts:AssumeRoleWithWebIdentity", + "Condition": { + "StringEquals": { + "cognito-identity.amazonaws.com:aud": "${identityPoolId}" + }, + "ForAnyValue:StringLike": { + "cognito-identity.amazonaws.com:amr": "${roleType}" + } + } + } + ] + }`; + }; +} diff --git a/packages/integration-tests/src/test-e2e/deployment/reference_auth_project.deployment.test.ts b/packages/integration-tests/src/test-e2e/deployment/reference_auth_project.deployment.test.ts new file mode 100644 index 0000000000..2a30ffa54e --- /dev/null +++ b/packages/integration-tests/src/test-e2e/deployment/reference_auth_project.deployment.test.ts @@ -0,0 +1,4 @@ +import { ReferenceAuthTestProjectCreator } from '../../test-project-setup/reference_auth_project.js'; +import { defineDeploymentTest } from './deployment.test.template.js'; + +defineDeploymentTest(new ReferenceAuthTestProjectCreator()); diff --git a/packages/integration-tests/src/test-e2e/sandbox/reference_auth_project.sandbox.test.ts b/packages/integration-tests/src/test-e2e/sandbox/reference_auth_project.sandbox.test.ts new file mode 100644 index 0000000000..c7c19bdcf0 --- /dev/null +++ b/packages/integration-tests/src/test-e2e/sandbox/reference_auth_project.sandbox.test.ts @@ -0,0 +1,4 @@ +import { ReferenceAuthTestProjectCreator } from '../../test-project-setup/reference_auth_project.js'; +import { defineSandboxTest } from './sandbox.test.template.js'; + +defineSandboxTest(new ReferenceAuthTestProjectCreator()); diff --git a/packages/integration-tests/src/test-project-setup/reference_auth_project.ts b/packages/integration-tests/src/test-project-setup/reference_auth_project.ts new file mode 100644 index 0000000000..66c893c9c1 --- /dev/null +++ b/packages/integration-tests/src/test-project-setup/reference_auth_project.ts @@ -0,0 +1,340 @@ +import { TestProjectBase } from './test_project_base.js'; +import fsp from 'fs/promises'; +import { createEmptyAmplifyProject } from './create_empty_amplify_project.js'; +import { CloudFormationClient } from '@aws-sdk/client-cloudformation'; +import { TestProjectCreator } from './test_project_creator.js'; +import { AmplifyClient } from '@aws-sdk/client-amplify'; +import { AuthResourceCreator } from '../resource-creation/auth_resource_creator.js'; +import { CognitoIdentityProviderClient } from '@aws-sdk/client-cognito-identity-provider'; +import { CognitoIdentityClient } from '@aws-sdk/client-cognito-identity'; +import { IAMClient } from '@aws-sdk/client-iam'; +import { BackendIdentifier } from '@aws-amplify/plugin-types'; +import { e2eToolingClientConfig } from '../e2e_tooling_client_config.js'; + +/** + * Creates a reference auth project + */ +export class ReferenceAuthTestProjectCreator implements TestProjectCreator { + readonly name = 'reference-auth'; + + /** + * Creates project creator. + */ + constructor( + private readonly cfnClient: CloudFormationClient = new CloudFormationClient( + e2eToolingClientConfig + ), + private readonly amplifyClient: AmplifyClient = new AmplifyClient( + e2eToolingClientConfig + ), + private readonly cognitoIdentityProviderClient: CognitoIdentityProviderClient = new CognitoIdentityProviderClient( + e2eToolingClientConfig + ), + private readonly cognitoIdentityClient: CognitoIdentityClient = new CognitoIdentityClient( + e2eToolingClientConfig + ), + private readonly iamClient: IAMClient = new IAMClient( + e2eToolingClientConfig + ) + ) {} + + createProject = async (e2eProjectDir: string): Promise => { + const { projectName, projectRoot, projectAmplifyDir } = + await createEmptyAmplifyProject(this.name, e2eProjectDir); + + const project = new ReferenceAuthTestProject( + projectName, + projectRoot, + projectAmplifyDir, + this.cfnClient, + this.amplifyClient, + this.cognitoIdentityProviderClient, + this.cognitoIdentityClient, + this.iamClient + ); + + await fsp.cp( + project.sourceProjectAmplifyDirURL, + project.projectAmplifyDirPath, + { + recursive: true, + } + ); + + // generate resources + const { + userPool, + userPoolClient, + identityPool, + authRole, + unauthRole, + adminGroup, + } = await project.setupTestResources(); + // copy generated resource ids into project's auth/resource.ts file + const authResourceFilePath = `${project.projectAmplifyDirPath}/auth/resource.ts`; + await fsp.writeFile( + authResourceFilePath, + `import { referenceAuth } from '@aws-amplify/backend'; + import { addUserToGroup } from "../data/add-user-to-group/resource.js"; + + export const auth = referenceAuth({ + identityPoolId: "${identityPool.IdentityPoolId}", + authRoleArn: "${authRole.Arn}", + unauthRoleArn: "${unauthRole.Arn}", + userPoolId: "${userPool.Id}", + userPoolClientId: "${userPoolClient.ClientId}", + groups: { + "ADMINS": '${adminGroup.RoleArn}', + }, + access: (allow) => [ + allow.resource(addUserToGroup).to(["addUserToGroup"]) + ], + })` + ); + return project; + }; +} + +/** + * The minimal test with typescript idioms. + */ +class ReferenceAuthTestProject extends TestProjectBase { + readonly sourceProjectDirPath = '../../src/test-projects/reference-auth'; + + readonly sourceProjectAmplifyDirSuffix = `${this.sourceProjectDirPath}/amplify`; + + readonly sourceProjectAmplifyDirURL: URL = new URL( + this.sourceProjectAmplifyDirSuffix, + import.meta.url + ); + + authResourceCreator: AuthResourceCreator; + + /** + * Create a test project instance. + */ + constructor( + name: string, + projectDirPath: string, + projectAmplifyDirPath: string, + cfnClient: CloudFormationClient, + amplifyClient: AmplifyClient, + cognitoIdentityProviderClient: CognitoIdentityProviderClient, + private cognitoIdentityClient: CognitoIdentityClient, + iamClient: IAMClient + ) { + super( + name, + projectDirPath, + projectAmplifyDirPath, + cfnClient, + amplifyClient + ); + this.authResourceCreator = new AuthResourceCreator( + cognitoIdentityProviderClient, + cognitoIdentityClient, + iamClient + ); + } + + setupTestResources = async () => { + try { + const userPool = await this.authResourceCreator.createUserPoolBase({ + PoolName: `RefUserPool`, + AccountRecoverySetting: { + RecoveryMechanisms: [ + { + Name: 'verified_email', + Priority: 1, + }, + ], + }, + AdminCreateUserConfig: { + AllowAdminCreateUserOnly: false, + }, + AutoVerifiedAttributes: ['email'], + UserAttributeUpdateSettings: { + AttributesRequireVerificationBeforeUpdate: ['email'], + }, + EmailConfiguration: { + EmailSendingAccount: 'COGNITO_DEFAULT', + }, + Schema: [ + { + Name: 'email', + Required: true, + }, + ], + Policies: { + PasswordPolicy: { + MinimumLength: 8, + RequireUppercase: true, + RequireLowercase: true, + RequireNumbers: true, + RequireSymbols: true, + TemporaryPasswordValidityDays: 7, + }, + }, + UsernameAttributes: ['email'], + UsernameConfiguration: { + CaseSensitive: false, + }, + MfaConfiguration: 'OFF', + DeletionProtection: 'INACTIVE', + }); + + const domain = await this.authResourceCreator.createUserPoolDomainBase({ + UserPoolId: userPool.Id, + Domain: `ref-auth`, + }); + + await this.authResourceCreator.createIdentityProviderBase({ + UserPoolId: userPool.Id, + ProviderType: 'Facebook', + ProviderDetails: { + client_id: 'clientId', + client_secret: 'clientSecret', + authorize_scopes: 'openid,email', + api_version: 'v17.0', + }, + AttributeMapping: { + email: 'email', + }, + ProviderName: 'Facebook', + }); + + await this.authResourceCreator.createIdentityProviderBase({ + UserPoolId: userPool.Id, + ProviderType: 'Google', + ProviderDetails: { + client_id: 'clientId', + client_secret: 'clientSecret', + authorize_scopes: 'openid,email', + }, + AttributeMapping: { + email: 'email', + }, + ProviderName: 'Google', + }); + + const userPoolClient = + await this.authResourceCreator.createUserPoolClientBase({ + ClientName: `ref-auth-client`, + UserPoolId: userPool.Id, + ExplicitAuthFlows: [ + 'ALLOW_REFRESH_TOKEN_AUTH', + 'ALLOW_USER_SRP_AUTH', + ], + AuthSessionValidity: 3, + RefreshTokenValidity: 30, + AccessTokenValidity: 60, + IdTokenValidity: 60, + TokenValidityUnits: { + RefreshToken: 'days', + AccessToken: 'minutes', + IdToken: 'minutes', + }, + EnableTokenRevocation: true, + PreventUserExistenceErrors: 'ENABLED', + AllowedOAuthFlows: ['code'], + AllowedOAuthScopes: ['openid', 'phone', 'email'], + SupportedIdentityProviders: ['COGNITO', 'Facebook', 'Google'], + CallbackURLs: ['https://callback.com'], + LogoutURLs: ['https://logout.com'], + AllowedOAuthFlowsUserPoolClient: true, + GenerateSecret: false, + ReadAttributes: [ + 'address', + 'birthdate', + 'email', + 'email_verified', + 'family_name', + 'gender', + 'given_name', + 'locale', + 'middle_name', + 'name', + 'nickname', + 'phone_number', + 'phone_number_verified', + 'picture', + 'preferred_username', + 'profile', + 'updated_at', + 'website', + 'zoneinfo', + ], + WriteAttributes: [ + 'address', + 'birthdate', + 'email', + 'family_name', + 'gender', + 'given_name', + 'locale', + 'middle_name', + 'name', + 'nickname', + 'phone_number', + 'picture', + 'preferred_username', + 'profile', + 'updated_at', + 'website', + 'zoneinfo', + ], + }); + + const region = await this.cognitoIdentityClient.config.region(); + const identityPool = + await this.authResourceCreator.createIdentityPoolBase({ + AllowUnauthenticatedIdentities: true, + IdentityPoolName: `ref-auth-ip`, + AllowClassicFlow: false, + CognitoIdentityProviders: [ + { + ClientId: userPoolClient.ClientId, + ProviderName: `cognito-idp.${region}.amazonaws.com/${userPool.Id}`, + ServerSideTokenCheck: false, + }, + ], + SupportedLoginProviders: { + 'graph.facebook.com': 'clientId', + 'accounts.google.com': 'clientId', + }, + }); + + const roles = await this.authResourceCreator.setupIdentityPoolRoles( + userPool.Id!, + userPoolClient.ClientId!, + identityPool.IdentityPoolId + ); + + const adminGroup = await this.authResourceCreator.setupUserPoolGroup( + 'ADMINS', + userPool.Id!, + identityPool.IdentityPoolId + ); + return { + userPool, + userPoolClient, + domain, + identityPool, + authRole: roles.authRole, + unauthRole: roles.unauthRole, + adminGroup, + }; + } catch (e) { + await this.authResourceCreator.cleanupResources(); + throw e; + } + }; + + /** + * @inheritdoc + */ + override async tearDown(backendIdentifier: BackendIdentifier) { + await super.tearDown(backendIdentifier, true); + await this.authResourceCreator.cleanupResources(); + } +} diff --git a/packages/integration-tests/src/test-project-setup/test_project_base.ts b/packages/integration-tests/src/test-project-setup/test_project_base.ts index 1b1650a5b3..81eb6b71be 100644 --- a/packages/integration-tests/src/test-project-setup/test_project_base.ts +++ b/packages/integration-tests/src/test-project-setup/test_project_base.ts @@ -14,7 +14,9 @@ import { import { CloudFormationClient, + CloudFormationServiceException, DeleteStackCommand, + DescribeStacksCommand, } from '@aws-sdk/client-cloudformation'; import fsp from 'fs/promises'; import assert from 'node:assert'; @@ -100,21 +102,89 @@ export abstract class TestProjectBase { /** * Tear down the project. */ - async tearDown(backendIdentifier: BackendIdentifier) { + async tearDown( + backendIdentifier: BackendIdentifier, + waitForStackDeletion: boolean = false + ) { if (backendIdentifier.type === 'sandbox') { await ampxCli(['sandbox', 'delete'], this.projectDirPath) .do(confirmDeleteSandbox()) .run(); } else { + const stackName = + BackendIdentifierConversions.toStackName(backendIdentifier); await this.cfnClient.send( new DeleteStackCommand({ - StackName: - BackendIdentifierConversions.toStackName(backendIdentifier), + StackName: stackName, }) ); + if (waitForStackDeletion) { + await this.waitForStackDeletion(stackName); + } } } + /** + * Wait for a stack to be deleted, returns true if deleted within allotted time. + * @param stackName name of the stack + * @returns true if delete completes within allotted time (3 minutes) + */ + async waitForStackDeletion( + stackName: string, + timeoutInMS: number = 3 * 60 * 1000 + ): Promise { + let deleted = false; + let attempts = 1; + let totalTimeWaitedMs = 0; + const maxIntervalMs = 32 * 1000; + do { + const intervalMs = Math.min(Math.pow(2, attempts) * 1000, maxIntervalMs); + console.log(`waiting: ${intervalMs} milliseconds`); + await new Promise((resolve) => setTimeout(resolve, intervalMs)); + totalTimeWaitedMs += intervalMs; + try { + const status = await this.cfnClient.send( + new DescribeStacksCommand({ + StackName: stackName, + }) + ); + console.log( + JSON.stringify(status.Stacks?.map((s) => s.StackName) ?? []) + ); + if (!status.Stacks || status.Stacks.length == 0) { + deleted = true; + console.log(`Stack ${stackName} was deleted successfully.`); + break; + } + } catch (e) { + if ( + e instanceof CloudFormationServiceException && + e.message.includes('does not exist') + ) { + deleted = true; + console.log(`Stack ${stackName} was deleted successfully.`); + break; + } else { + console.error( + `Could not describe stack ${stackName} while waiting for deletion.`, + e + ); + throw e; + } + } + if (totalTimeWaitedMs >= timeoutInMS) { + console.error( + `Stack ${stackName} did not delete within ${ + timeoutInMS / 1000 + } seconds, continuing.` + ); + break; + } + attempts++; + } while (!deleted); + return deleted; + } + /** * Gets all project update cases. Override this method if the update (hotswap) test is relevant. */ diff --git a/packages/integration-tests/src/test-projects/reference-auth/amplify/auth/resource.ts b/packages/integration-tests/src/test-projects/reference-auth/amplify/auth/resource.ts new file mode 100644 index 0000000000..bb04424328 --- /dev/null +++ b/packages/integration-tests/src/test-projects/reference-auth/amplify/auth/resource.ts @@ -0,0 +1,14 @@ +import { referenceAuth } from '@aws-amplify/backend'; +import { addUserToGroup } from '../data/add-user-to-group/resource.js'; + +export const auth = referenceAuth({ + identityPoolId: '', + authRoleArn: '', + unauthRoleArn: '', + userPoolId: '', + userPoolClientId: '', + groups: { + ADMINS: '', + }, + access: (allow) => [allow.resource(addUserToGroup).to(['addUserToGroup'])], +}); diff --git a/packages/integration-tests/src/test-projects/reference-auth/amplify/backend.ts b/packages/integration-tests/src/test-projects/reference-auth/amplify/backend.ts new file mode 100644 index 0000000000..c2f97db584 --- /dev/null +++ b/packages/integration-tests/src/test-projects/reference-auth/amplify/backend.ts @@ -0,0 +1,10 @@ +import { defineBackend } from '@aws-amplify/backend'; +import { auth } from './auth/resource.js'; +import { data } from './data/resource.js'; +import { storage } from './storage/resource.js'; + +const backend = defineBackend({ + auth, + data, + storage, +}); diff --git a/packages/integration-tests/src/test-projects/reference-auth/amplify/data/add-user-to-group/handler.ts b/packages/integration-tests/src/test-projects/reference-auth/amplify/data/add-user-to-group/handler.ts new file mode 100644 index 0000000000..48a0db7cb6 --- /dev/null +++ b/packages/integration-tests/src/test-projects/reference-auth/amplify/data/add-user-to-group/handler.ts @@ -0,0 +1,3 @@ +export const handler = async (event: any) => { + return 'Hello world!'; +}; diff --git a/packages/integration-tests/src/test-projects/reference-auth/amplify/data/add-user-to-group/resource.ts b/packages/integration-tests/src/test-projects/reference-auth/amplify/data/add-user-to-group/resource.ts new file mode 100644 index 0000000000..dd1d930b07 --- /dev/null +++ b/packages/integration-tests/src/test-projects/reference-auth/amplify/data/add-user-to-group/resource.ts @@ -0,0 +1,5 @@ +import { defineFunction } from '@aws-amplify/backend'; + +export const addUserToGroup = defineFunction({ + name: 'add-user-to-group', +}); diff --git a/packages/integration-tests/src/test-projects/reference-auth/amplify/data/resource.ts b/packages/integration-tests/src/test-projects/reference-auth/amplify/data/resource.ts new file mode 100644 index 0000000000..d6842ab5d0 --- /dev/null +++ b/packages/integration-tests/src/test-projects/reference-auth/amplify/data/resource.ts @@ -0,0 +1,24 @@ +import { type ClientSchema, a, defineData } from '@aws-amplify/backend'; +import { addUserToGroup } from './add-user-to-group/resource.js'; + +const schema = a.schema({ + Todo: a + .model({ + name: a.string(), + description: a.string(), + }) + .authorization((allow) => allow.group('ADMINS')), + addUserToGroup: a + .mutation() + .arguments({ + userId: a.string().required(), + groupName: a.string().required(), + }) + .authorization((allow) => [allow.group('ADMINS')]) + .handler(a.handler.function(addUserToGroup)) + .returns(a.json()), +}) as never; + +export type Schema = ClientSchema; + +export const data = defineData({ schema }); diff --git a/packages/integration-tests/src/test-projects/reference-auth/amplify/storage/resource.ts b/packages/integration-tests/src/test-projects/reference-auth/amplify/storage/resource.ts new file mode 100644 index 0000000000..9404344b2b --- /dev/null +++ b/packages/integration-tests/src/test-projects/reference-auth/amplify/storage/resource.ts @@ -0,0 +1,15 @@ +import { defineStorage } from '@aws-amplify/backend'; +export const storage = defineStorage({ + name: 'amplifyTeamDrive', + access: (allow) => ({ + 'profile-pictures/{entity_id}/*': [ + allow.guest.to(['read']), + allow.groups(['ADMINS']).to(['read']), + allow.entity('identity').to(['read', 'write', 'delete']), + ], + 'picture-submissions/*': [ + allow.authenticated.to(['read', 'write']), + allow.guest.to(['read', 'write']), + ], + }), +}); diff --git a/packages/integration-tests/src/test-projects/reference-auth/test-types/env/add-user-to-group.ts b/packages/integration-tests/src/test-projects/reference-auth/test-types/env/add-user-to-group.ts new file mode 100644 index 0000000000..f58ac10994 --- /dev/null +++ b/packages/integration-tests/src/test-projects/reference-auth/test-types/env/add-user-to-group.ts @@ -0,0 +1,10 @@ +export const env = process.env as { + TEST_NAME_BUCKET_NAME: string; + AWS_REGION: string; + AWS_ACCESS_KEY_ID: string; + AWS_SECRET_ACCESS_KEY: string; + AWS_SESSION_TOKEN: string; + TEST_SECRET: string; + TEST_SHARED_SECRET: string; + AMPLIFY_AUTH_USERPOOL_ID: string; +}; From bbacf222518b5e8ea76bc1facb2786500c27b592 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Fri, 8 Nov 2024 10:15:05 -0800 Subject: [PATCH 57/61] chore: add bsd-3-clause-clear license to allow list --- .github/dependency_review_config.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/dependency_review_config.yml b/.github/dependency_review_config.yml index 47a5ab98e7..2daa79c71e 100644 --- a/.github/dependency_review_config.yml +++ b/.github/dependency_review_config.yml @@ -6,6 +6,7 @@ allow-licenses: - BSD-2-Clause - BSD-3-Clause-Attribution - BSD-3-Clause + - BSD-3-Clause-Clear - BSD-Source-Code - bzip2-1.0.6 - CC-BY-3.0 From 89937450937f46853c68d423cdfeaa8258fad7da Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Fri, 8 Nov 2024 10:41:43 -0800 Subject: [PATCH 58/61] chore: cleanup --- .../test-project-setup/test_project_base.ts | 37 ++++++++----------- .../reference-auth/amplify/backend.ts | 2 +- 2 files changed, 16 insertions(+), 23 deletions(-) diff --git a/packages/integration-tests/src/test-project-setup/test_project_base.ts b/packages/integration-tests/src/test-project-setup/test_project_base.ts index 81eb6b71be..706d68114c 100644 --- a/packages/integration-tests/src/test-project-setup/test_project_base.ts +++ b/packages/integration-tests/src/test-project-setup/test_project_base.ts @@ -133,11 +133,11 @@ export abstract class TestProjectBase { stackName: string, timeoutInMS: number = 3 * 60 * 1000 ): Promise { - let deleted = false; - let attempts = 1; + let attempts = 0; let totalTimeWaitedMs = 0; const maxIntervalMs = 32 * 1000; - do { + while (totalTimeWaitedMs < timeoutInMS) { + attempts++; const intervalMs = Math.min(Math.pow(2, attempts) * 1000, maxIntervalMs); console.log(`waiting: ${intervalMs} milliseconds`); await new Promise((resolve) => setTimeout(resolve, intervalMs)); @@ -152,37 +152,30 @@ export abstract class TestProjectBase { JSON.stringify(status.Stacks?.map((s) => s.StackName) ?? []) ); if (!status.Stacks || status.Stacks.length == 0) { - deleted = true; console.log(`Stack ${stackName} was deleted successfully.`); - break; + return true; } } catch (e) { if ( e instanceof CloudFormationServiceException && e.message.includes('does not exist') ) { - deleted = true; console.log(`Stack ${stackName} was deleted successfully.`); - break; - } else { - console.error( - `Could not describe stack ${stackName} while waiting for deletion.`, - e - ); - throw e; + return true; } - } - if (totalTimeWaitedMs >= timeoutInMS) { console.error( - `Stack ${stackName} did not delete within ${ - timeoutInMS / 1000 - } seconds, continuing.` + `Could not describe stack ${stackName} while waiting for deletion.`, + e ); - break; + throw e; } - attempts++; - } while (!deleted); - return deleted; + } + console.error( + `Stack ${stackName} did not delete within ${ + timeoutInMS / 1000 + } seconds, continuing.` + ); + return false; } /** diff --git a/packages/integration-tests/src/test-projects/reference-auth/amplify/backend.ts b/packages/integration-tests/src/test-projects/reference-auth/amplify/backend.ts index c2f97db584..8aac23b543 100644 --- a/packages/integration-tests/src/test-projects/reference-auth/amplify/backend.ts +++ b/packages/integration-tests/src/test-projects/reference-auth/amplify/backend.ts @@ -3,7 +3,7 @@ import { auth } from './auth/resource.js'; import { data } from './data/resource.js'; import { storage } from './storage/resource.js'; -const backend = defineBackend({ +defineBackend({ auth, data, storage, From aeda43a57d7f254c6f9cfe4789f5d8424f25bfe5 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Fri, 8 Nov 2024 12:06:43 -0800 Subject: [PATCH 59/61] chore: make lambda deps dev dependencies --- package-lock.json | 38 ++++++++++++++++++++++++++---- packages/backend-auth/package.json | 10 ++++---- 2 files changed, 38 insertions(+), 10 deletions(-) diff --git a/package-lock.json b/package-lock.json index d515fd8544..7a6f5adcaa 100644 --- a/package-lock.json +++ b/package-lock.json @@ -7587,6 +7587,7 @@ "version": "3.651.0", "resolved": "https://registry.npmjs.org/@aws-sdk/client-cognito-identity-provider/-/client-cognito-identity-provider-3.651.0.tgz", "integrity": "sha512-ghIZlEOFHb5TYzoWMlvupD0vvZpQaTMk9DPbtvwDs1EW6iegs/Y4eJVIGL+ITkiPS/86MlySvSw1hUZseiTXVQ==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", @@ -7639,6 +7640,7 @@ "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.5.tgz", "integrity": "sha512-dq/oR3/LxgCgizVk7in7FGTm0w9a3qM4mg3IIXLTCHeW3fV+ipssSvBZ2bvEx1+asfQJTyCnVLeYf7JKfd9v3Q==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@smithy/property-provider": "^3.1.4", @@ -7654,6 +7656,7 @@ "version": "3.1.5", "resolved": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.5.tgz", "integrity": "sha512-6jxsJ4NOmY5Du4FD0enYegNJl4zTSuKLiChIMqIkh+LapxiP7lmz5lYUNLE9/4cvA65mbBmtdzZ8yxmcqM5igg==", + "dev": true, "license": "Apache-2.0", "dependencies": { "@smithy/types": "^3.4.0", @@ -19288,6 +19291,7 @@ "version": "1.0.10", "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", + "dev": true, "license": "MIT", "dependencies": { "sprintf-js": "~1.0.2" @@ -20015,6 +20019,7 @@ "version": "1.0.7", "resolved": "https://registry.npmjs.org/aws-lambda/-/aws-lambda-1.0.7.tgz", "integrity": "sha512-9GNFMRrEMG5y3Jvv+V4azWvc+qNWdWLTjDdhf/zgMlz8haaaLWv0xeAIWxz9PuWUBawsVxy0zZotjCdR3Xq+2w==", + "dev": true, "license": "MIT", "dependencies": { "aws-sdk": "^2.814.0", @@ -20030,12 +20035,14 @@ "version": "3.0.2", "resolved": "https://registry.npmjs.org/commander/-/commander-3.0.2.tgz", "integrity": "sha512-Gar0ASD4BDyKC4hl4DwHqDrmvjoxWKZigVnAbn5H1owvm4CxCPdb0HQDehwNYMJpla5+M2tPmPARzhtYuwpHow==", + "dev": true, "license": "MIT" }, "node_modules/aws-sdk": { "version": "2.1691.0", "resolved": "https://registry.npmjs.org/aws-sdk/-/aws-sdk-2.1691.0.tgz", "integrity": "sha512-/F2YC+DlsY3UBM2Bdnh5RLHOPNibS/+IcjUuhP8XuctyrN+MlL+fWDAiela32LTDk7hMy4rx8MTgvbJ+0blO5g==", + "dev": true, "hasInstallScript": true, "license": "Apache-2.0", "dependencies": { @@ -20070,6 +20077,7 @@ "version": "8.0.0", "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.0.0.tgz", "integrity": "sha512-jOXGuXZAWdsTH7eZLtyXMqUb9EcWMGZNbL9YcGBJl4MH4nrxHmZJhEHvyLFrkxo+28uLb/NYRcStH48fnD0Vzw==", + "dev": true, "license": "MIT", "bin": { "uuid": "dist/bin/uuid" @@ -20272,6 +20280,7 @@ "version": "1.5.1", "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==", + "dev": true, "funding": [ { "type": "github", @@ -20481,6 +20490,7 @@ "version": "4.9.2", "resolved": "https://registry.npmjs.org/buffer/-/buffer-4.9.2.tgz", "integrity": "sha512-xq+q3SRMOxGivLhBNaUdC64hDTQwejJ+H0T/NB1XMtTVEwNTrfFF3gAxiyW0Bu/xWEGhjVKgUcMhCrUy2+uCWg==", + "dev": true, "license": "MIT", "dependencies": { "base64-js": "^1.0.2", @@ -23383,6 +23393,7 @@ "version": "4.0.1", "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", + "dev": true, "license": "BSD-2-Clause", "bin": { "esparse": "bin/esparse.js", @@ -23465,6 +23476,7 @@ "version": "1.1.1", "resolved": "https://registry.npmjs.org/events/-/events-1.1.1.tgz", "integrity": "sha512-kEcvvCBByWXGnZy6JUlgAp2gBIUjfCAV6P6TgT1/aaQKcmuAEC4OZTV1I4EWQLz2gxZw76atuVyvHhTxvi0Flw==", + "dev": true, "license": "MIT", "engines": { "node": ">=0.4.x" @@ -24266,6 +24278,7 @@ "version": "0.4.1", "resolved": "https://registry.npmjs.org/glob-to-regexp/-/glob-to-regexp-0.4.1.tgz", "integrity": "sha512-lkX1HJXwyMcprw/5YUZc2s7DrpAiHB21/V+E1rHUrVNokkvB6bqMzT0VfV6/86ZNabt1k14YOIaT7nDvOX3Iiw==", + "dev": true, "license": "BSD-2-Clause" }, "node_modules/glob/node_modules/brace-expansion": { @@ -24709,6 +24722,7 @@ "version": "1.1.13", "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", "integrity": "sha512-4vf7I2LYV/HaWerSo3XmlMkp5eZ83i+/CDluXi/IGTs/O1sejBNhTtnxzmRZfvOUqj7lZjqHkeTvpgSFDlWZTg==", + "dev": true, "license": "BSD-3-Clause" }, "node_modules/ignore": { @@ -24888,6 +24902,7 @@ "version": "1.1.1", "resolved": "https://registry.npmjs.org/is-arguments/-/is-arguments-1.1.1.tgz", "integrity": "sha512-8Q7EARjzEnKpt/PCD7e1cgUS0a6X8u5tdSiMqXhojOdoV9TsMsiO+9VLC5vAmO8N7/GmXn7yjR8qnA6bVAEzfA==", + "dev": true, "license": "MIT", "dependencies": { "call-bind": "^1.0.2", @@ -25131,6 +25146,7 @@ "version": "1.0.10", "resolved": "https://registry.npmjs.org/is-generator-function/-/is-generator-function-1.0.10.tgz", "integrity": "sha512-jsEjy9l3yiXEQ+PsXdmBwEPcOxaXWLspKdplFUVI9vq1iZgIekeC0L167qeu86czQaxed3q/Uzuw0swL0irL8A==", + "dev": true, "license": "MIT", "dependencies": { "has-tostringtag": "^1.0.0" @@ -25507,6 +25523,7 @@ "version": "1.0.0", "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", "integrity": "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==", + "dev": true, "license": "MIT" }, "node_modules/isexe": { @@ -25614,6 +25631,7 @@ "version": "0.16.0", "resolved": "https://registry.npmjs.org/jmespath/-/jmespath-0.16.0.tgz", "integrity": "sha512-9FzQjJ7MATs1tSpnco1K6ayiYE3figslrXA72G2HQ/n76RzvYlofyi5QM+iX4YRs/pu3yzxlVQSST23+dMDknw==", + "dev": true, "license": "Apache-2.0", "engines": { "node": ">= 0.6.0" @@ -25639,6 +25657,7 @@ "version": "3.14.1", "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", + "dev": true, "license": "MIT", "dependencies": { "argparse": "^1.0.7", @@ -28358,6 +28377,7 @@ "resolved": "https://registry.npmjs.org/querystring/-/querystring-0.2.0.tgz", "integrity": "sha512-X/xY82scca2tau62i9mDyU9K+I+djTMUsvwf7xnUX5GLvVzgJybOJf4Y6o9Zx3oJK/LSXg5tTZBjwzqVPaPO2g==", "deprecated": "The querystring API is considered Legacy. new code should use the URLSearchParams API instead.", + "dev": true, "engines": { "node": ">=0.4.x" } @@ -29119,6 +29139,7 @@ "version": "1.2.1", "resolved": "https://registry.npmjs.org/sax/-/sax-1.2.1.tgz", "integrity": "sha512-8I2a3LovHTOpm7NV5yOyO8IHqgVsfK4+UuySrXU8YXkSRX7k6hCV9b3HrkKCr3nMpgj+0bmocaJJWpvp1oc7ZA==", + "dev": true, "license": "ISC" }, "node_modules/scheduler": { @@ -29622,6 +29643,7 @@ "version": "1.0.3", "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", + "dev": true, "license": "BSD-3-Clause" }, "node_modules/sqlstring": { @@ -30840,6 +30862,7 @@ "version": "0.10.3", "resolved": "https://registry.npmjs.org/url/-/url-0.10.3.tgz", "integrity": "sha512-hzSUW2q06EqL1gKM/a+obYHLIO6ct2hwPuviqTTOcfFVc61UbfJ2Q32+uGL/HCPxKqrdGB5QUwIe7UqlDgwsOQ==", + "dev": true, "license": "MIT", "dependencies": { "punycode": "1.3.2", @@ -30861,6 +30884,7 @@ "version": "1.3.2", "resolved": "https://registry.npmjs.org/punycode/-/punycode-1.3.2.tgz", "integrity": "sha512-RofWgt/7fL5wP1Y7fxE7/EmTLzQVnB0ycyibJ0OOHIlJqTNzglYFxVwETOcIoJqJmpDXJ9xImDv+Fq34F/d4Dw==", + "dev": true, "license": "MIT" }, "node_modules/urlpattern-polyfill": { @@ -30873,6 +30897,7 @@ "version": "0.12.5", "resolved": "https://registry.npmjs.org/util/-/util-0.12.5.tgz", "integrity": "sha512-kZf/K6hEIrWHI6XqOFUiiMa+79wE/D8Q+NCNAWclkyg3b4d2k7s0QGepNjiABc+aR3N1PAyHL7p6UcLY6LmrnA==", + "dev": true, "license": "MIT", "dependencies": { "inherits": "^2.0.3", @@ -31266,6 +31291,7 @@ "version": "2.4.2", "resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.4.2.tgz", "integrity": "sha512-TnbFSbcOCcDgjZ4piURLCbJ3nJhznVh9kw6F6iokjiFPl8ONxe9A6nMDVXDiNbrSfLILs6vB07F7wLBrwPYzJw==", + "dev": true, "license": "MIT", "dependencies": { "glob-to-regexp": "^0.4.1", @@ -31546,6 +31572,7 @@ "version": "0.6.2", "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", "integrity": "sha512-T4rieHaC1EXcES0Kxxj4JWgaUQHDk+qwHcYOCFHfiwKz7tOVPLq7Hjq9dM1WCMhylqMEfP7hMcOIChvotiZegA==", + "dev": true, "license": "MIT", "dependencies": { "sax": ">=0.6.0", @@ -31559,6 +31586,7 @@ "version": "11.0.1", "resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-11.0.1.tgz", "integrity": "sha512-fDlsI/kFEx7gLvbecc0/ohLG50fugQp8ryHzMTuW9vSa1GJ0XYWKnhsUx7oie3G98+r56aTQIUB4kht42R3JvA==", + "dev": true, "license": "MIT", "engines": { "node": ">=4.0" @@ -31822,16 +31850,16 @@ "@aws-amplify/auth-construct": "^1.4.0", "@aws-amplify/backend-output-schemas": "^1.4.0", "@aws-amplify/backend-output-storage": "^1.1.3", - "@aws-amplify/plugin-types": "^1.3.1", + "@aws-amplify/plugin-types": "^1.3.1" + }, + "devDependencies": { + "@aws-amplify/backend-platform-test-stubs": "^0.3.6", + "@aws-amplify/platform-core": "^1.0.6", "@aws-sdk/client-cognito-identity": "^3.624.0", "@aws-sdk/client-cognito-identity-provider": "^3.624.0", "@types/aws-lambda": "^8.10.119", "aws-lambda": "^1.0.7" }, - "devDependencies": { - "@aws-amplify/backend-platform-test-stubs": "^0.3.6", - "@aws-amplify/platform-core": "^1.0.6" - }, "peerDependencies": { "aws-cdk-lib": "^2.158.0", "constructs": "^10.0.0" diff --git a/packages/backend-auth/package.json b/packages/backend-auth/package.json index 38c7790e80..4c3a4aed8a 100644 --- a/packages/backend-auth/package.json +++ b/packages/backend-auth/package.json @@ -22,16 +22,16 @@ "@aws-amplify/auth-construct": "^1.4.0", "@aws-amplify/backend-output-schemas": "^1.4.0", "@aws-amplify/backend-output-storage": "^1.1.3", - "@aws-amplify/plugin-types": "^1.3.1", + "@aws-amplify/plugin-types": "^1.3.1" + }, + "devDependencies": { + "@aws-amplify/backend-platform-test-stubs": "^0.3.6", + "@aws-amplify/platform-core": "^1.0.6", "@aws-sdk/client-cognito-identity-provider": "^3.624.0", "@aws-sdk/client-cognito-identity": "^3.624.0", "@types/aws-lambda": "^8.10.119", "aws-lambda": "^1.0.7" }, - "devDependencies": { - "@aws-amplify/backend-platform-test-stubs": "^0.3.6", - "@aws-amplify/platform-core": "^1.0.6" - }, "peerDependencies": { "aws-cdk-lib": "^2.158.0", "constructs": "^10.0.0" From 38661a27ce8b790387e5219d81b9823aa3e84dca Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Fri, 8 Nov 2024 12:09:47 -0800 Subject: [PATCH 60/61] chore: revert license changes --- .github/dependency_review_config.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/dependency_review_config.yml b/.github/dependency_review_config.yml index 2daa79c71e..47a5ab98e7 100644 --- a/.github/dependency_review_config.yml +++ b/.github/dependency_review_config.yml @@ -6,7 +6,6 @@ allow-licenses: - BSD-2-Clause - BSD-3-Clause-Attribution - BSD-3-Clause - - BSD-3-Clause-Clear - BSD-Source-Code - bzip2-1.0.6 - CC-BY-3.0 From 4a115f8021691de9a5900d4ced34d8399e73e5b5 Mon Sep 17 00:00:00 2001 From: Armando Luja Date: Fri, 8 Nov 2024 14:00:08 -0800 Subject: [PATCH 61/61] chore: remove tag mechanism as not needed for cleanup --- .../src/resource-creation/auth_resource_creator.ts | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/packages/integration-tests/src/resource-creation/auth_resource_creator.ts b/packages/integration-tests/src/resource-creation/auth_resource_creator.ts index bc521e2c31..da405b6bbe 100644 --- a/packages/integration-tests/src/resource-creation/auth_resource_creator.ts +++ b/packages/integration-tests/src/resource-creation/auth_resource_creator.ts @@ -31,14 +31,6 @@ import { } from '@aws-sdk/client-cognito-identity'; import { shortUuid } from '../short_uuid.js'; import { e2eToolingClientConfig } from '../e2e_tooling_client_config.js'; -const RESOURCE_TAG_KEY = 'amplify-e2e-resource'; -const RESOURCE_TAG_VALUE = 'true'; -const TEST_RESOURCE_TAGS = { - [RESOURCE_TAG_KEY]: RESOURCE_TAG_VALUE, -}; -const TEST_RESOURCE_TAGS_ARRAY = [ - { Key: RESOURCE_TAG_KEY, Value: RESOURCE_TAG_VALUE }, -]; const TEST_AMPLIFY_RESOURCE_PREFIX = 'amplify-'; type CleanupTask = { @@ -100,7 +92,6 @@ export class AuthResourceCreator { PoolName: `${TEST_AMPLIFY_RESOURCE_PREFIX}${ props.PoolName }-${this.createResourceNameSuffix()}`, - UserPoolTags: TEST_RESOURCE_TAGS, }) ); const userPool = result.UserPool; @@ -206,7 +197,6 @@ export class AuthResourceCreator { const identityPoolResponse = await this.cognitoIdentityClient.send( new CreateIdentityPoolCommand({ ...props, - IdentityPoolTags: TEST_RESOURCE_TAGS, IdentityPoolName: `${TEST_AMPLIFY_RESOURCE_PREFIX}${ props.IdentityPoolName }-${this.createResourceNameSuffix()}`, @@ -295,7 +285,6 @@ export class AuthResourceCreator { identityPoolId, 'authenticated' ), - Tags: TEST_RESOURCE_TAGS_ARRAY, }); const group = await this.createUserPoolGroupBase({ GroupName: groupName, @@ -323,7 +312,6 @@ export class AuthResourceCreator { identityPoolId, 'authenticated' ), - Tags: TEST_RESOURCE_TAGS_ARRAY, }); const unauthRole = await this.createRoleBase({ RoleName: `ref-unauth-role`, @@ -331,7 +319,6 @@ export class AuthResourceCreator { identityPoolId, 'unauthenticated' ), - Tags: TEST_RESOURCE_TAGS_ARRAY, }); const region = await this.cognitoIdentityClient.config.region(); await this.cognitoIdentityClient.send(