From 55e2c9837e2a8330a5b155b6010efd631b67e2d2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E0=A4=95=E0=A4=B0=E0=A4=A4=E0=A5=8B=E0=A4=AB=E0=A5=8D?= =?UTF-8?q?=E0=A4=AB=E0=A5=87=E0=A4=B2=E0=A4=B8=E0=A5=8D=E0=A4=95=E0=A5=8D?= =?UTF-8?q?=E0=A4=B0=E0=A4=BF=E0=A4=AA=E0=A5=8D=E0=A4=9F=E2=84=A2?= Date: Wed, 12 Aug 2020 05:15:37 +0200 Subject: [PATCH] =?UTF-8?q?=F0=9F=A4=96=20Merge=20PR=20#46142=20[aws-lambd?= =?UTF-8?q?a]=20add=20individual=20event=20types=20for=20all=20cognito=20t?= =?UTF-8?q?riggers=20by=20@netroy?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- types/aws-lambda/aws-lambda-tests.ts | 4 + types/aws-lambda/index.d.ts | 2 +- types/aws-lambda/test/cognito-tests.ts | 349 ++++++++++++------ .../cognito-user-pool-trigger/_common.d.ts | 41 ++ .../create-auth-challenge.d.ts | 22 ++ .../custom-message.d.ts | 44 +++ .../define-auth-challenge.d.ts | 21 ++ .../index.d.ts} | 28 +- .../post-authentication.d.ts | 15 + .../post-confirmation.d.ts | 22 ++ .../pre-authentication.d.ts | 15 + .../cognito-user-pool-trigger/pre-signup.d.ts | 31 ++ .../pre-token-generation.d.ts | 45 +++ .../user-migration.d.ts | 39 ++ .../verify-auth-challenge-response.d.ts | 20 + 15 files changed, 586 insertions(+), 112 deletions(-) create mode 100644 types/aws-lambda/trigger/cognito-user-pool-trigger/_common.d.ts create mode 100644 types/aws-lambda/trigger/cognito-user-pool-trigger/create-auth-challenge.d.ts create mode 100644 types/aws-lambda/trigger/cognito-user-pool-trigger/custom-message.d.ts create mode 100644 types/aws-lambda/trigger/cognito-user-pool-trigger/define-auth-challenge.d.ts rename types/aws-lambda/trigger/{cognito-user-pool-trigger.d.ts => cognito-user-pool-trigger/index.d.ts} (85%) create mode 100644 types/aws-lambda/trigger/cognito-user-pool-trigger/post-authentication.d.ts create mode 100644 types/aws-lambda/trigger/cognito-user-pool-trigger/post-confirmation.d.ts create mode 100644 types/aws-lambda/trigger/cognito-user-pool-trigger/pre-authentication.d.ts create mode 100644 types/aws-lambda/trigger/cognito-user-pool-trigger/pre-signup.d.ts create mode 100644 types/aws-lambda/trigger/cognito-user-pool-trigger/pre-token-generation.d.ts create mode 100644 types/aws-lambda/trigger/cognito-user-pool-trigger/user-migration.d.ts create mode 100644 types/aws-lambda/trigger/cognito-user-pool-trigger/verify-auth-challenge-response.d.ts diff --git a/types/aws-lambda/aws-lambda-tests.ts b/types/aws-lambda/aws-lambda-tests.ts index e3a42dcb26..9361b65a3a 100644 --- a/types/aws-lambda/aws-lambda-tests.ts +++ b/types/aws-lambda/aws-lambda-tests.ts @@ -9,6 +9,8 @@ declare let strOrNull: string | null; declare let strOrUndefined: string | undefined; declare let strOrUndefinedOrNull: string | undefined | null; declare let date: Date; +declare let obj: {}; +declare let array: any[]; declare let anyObj: any; declare let num: number; declare let error: Error; @@ -17,6 +19,8 @@ declare let boolOrUndefined: boolean | undefined; declare let boolOrNumOrStr: boolean | number | string; declare let numOrUndefined: number | undefined; declare let strArrayOrUndefined: string[] | undefined; +declare let nullOrUndefined: null | undefined; +declare let objectOrUndefined: {} | undefined; // handler.d.ts types declare let context: AWSLambda.Context; diff --git a/types/aws-lambda/index.d.ts b/types/aws-lambda/index.d.ts index cd7e8bd281..b72556cc22 100644 --- a/types/aws-lambda/index.d.ts +++ b/types/aws-lambda/index.d.ts @@ -61,7 +61,7 @@ export * from "./trigger/codepipeline-cloudwatch-action"; export * from "./trigger/codepipeline-cloudwatch-pipeline"; export * from "./trigger/codepipeline-cloudwatch-stage"; // TODO: export * from "./trigger/cognito-sync"; -export * from "./trigger/cognito-user-pool-trigger"; +export * from "./trigger/cognito-user-pool-trigger/"; export * from "./trigger/connect-contact-flow"; // TODO: export * from "./trigger/config"; export * from "./trigger/dynamodb-stream"; diff --git a/types/aws-lambda/test/cognito-tests.ts b/types/aws-lambda/test/cognito-tests.ts index 58fc86c24c..aaae3f3cab 100644 --- a/types/aws-lambda/test/cognito-tests.ts +++ b/types/aws-lambda/test/cognito-tests.ts @@ -1,117 +1,256 @@ -// TODO: Update test to read all event properties, and write all result -// properties, like the user will. +import { + Handler, + PreSignUpTriggerEvent, PreSignUpTriggerHandler, + PostConfirmationTriggerEvent, PostConfirmationTriggerHandler, + PreAuthenticationTriggerEvent, PreAuthenticationTriggerHandler, + PostAuthenticationTriggerEvent, PostAuthenticationTriggerHandler, + CreateAuthChallengeTriggerEvent, CreateAuthChallengeTriggerHandler, + DefineAuthChallengeTriggerEvent, DefineAuthChallengeTriggerHandler, + VerifyAuthChallengeResponseTriggerEvent, VerifyAuthChallengeResponseTriggerHandler, + PreTokenGenerationTriggerEvent, PreTokenGenerationTriggerHandler, + UserMigrationTriggerEvent, UserMigrationTriggerHandler, + CustomMessageTriggerEvent, CustomMessageTriggerHandler, +} from 'aws-lambda'; -import { CognitoUserPoolTriggerHandler } from "aws-lambda"; - -const handler: CognitoUserPoolTriggerHandler = async (event, context, callback) => { - num = event.version; - event.triggerSource === 'PreSignUp_SignUp'; - event.triggerSource === 'PreSignUp_ExternalProvider'; - event.triggerSource === 'PostConfirmation_ConfirmSignUp'; - event.triggerSource === 'PreAuthentication_Authentication'; - event.triggerSource === 'PostAuthentication_Authentication'; - event.triggerSource === 'CustomMessage_SignUp'; - event.triggerSource === 'CustomMessage_AdminCreateUser'; - event.triggerSource === 'CustomMessage_ResendCode'; - event.triggerSource === 'CustomMessage_ForgotPassword'; - event.triggerSource === 'CustomMessage_UpdateUserAttribute'; - event.triggerSource === 'CustomMessage_VerifyUserAttribute'; - event.triggerSource === 'CustomMessage_Authentication'; - event.triggerSource === 'DefineAuthChallenge_Authentication'; - event.triggerSource === 'CreateAuthChallenge_Authentication'; - event.triggerSource === 'VerifyAuthChallengeResponse_Authentication'; - event.triggerSource === 'PreSignUp_AdminCreateUser'; - event.triggerSource === 'PostConfirmation_ConfirmForgotPassword'; - event.triggerSource === 'TokenGeneration_HostedAuth'; - event.triggerSource === 'TokenGeneration_Authentication'; - event.triggerSource === 'TokenGeneration_NewPasswordChallenge'; - event.triggerSource === 'TokenGeneration_AuthenticateDevice'; - event.triggerSource === 'TokenGeneration_RefreshTokens'; - event.triggerSource === 'UserMigration_Authentication'; - event.triggerSource === 'UserMigration_ForgotPassword'; - // $ExpectError - event.triggerSource === 'NoSuch_Trigger'; +type CognitoTriggerEvent = + | PreSignUpTriggerEvent + | PostConfirmationTriggerEvent + | PreAuthenticationTriggerEvent + | PostAuthenticationTriggerEvent + | DefineAuthChallengeTriggerEvent + | CreateAuthChallengeTriggerEvent + | VerifyAuthChallengeResponseTriggerEvent + | PreTokenGenerationTriggerEvent + | UserMigrationTriggerEvent + | CustomMessageTriggerEvent; +const baseTest: Handler = async (event: CognitoTriggerEvent, _, callback) => { + str = event.version; str = event.region; str = event.userPoolId; - strOrUndefined = event.userName; + str = event.triggerSource; + str = event.userName; str = event.callerContext.awsSdkVersion; str = event.callerContext.clientId; - str = event.request.userAttributes['email']; - str = event.request.validationData!['k1']; - strOrUndefined = event.request.codeParameter; - strOrUndefined = event.request.linkParameter; - strOrUndefined = event.request.usernameParameter; - boolOrUndefined = event.request.newDeviceUsed; - event.request.session![0].challengeName === 'CUSTOM_CHALLENGE'; - event.request.session![0].challengeName === 'PASSWORD_VERIFIER'; - event.request.session![0].challengeName === 'SMS_MFA'; - event.request.session![0].challengeName === 'DEVICE_SRP_AUTH'; - event.request.session![0].challengeName === 'DEVICE_PASSWORD_VERIFIER'; - event.request.session![0].challengeName === 'ADMIN_NO_SRP_AUTH'; - event.request.session![0].challengeName === 'SRP_A'; - bool = event.request.session![0].challengeResult; - strOrUndefined = event.request.session![0].challengeMetadata; - strOrUndefined = event.request.challengeName; - str = event.request.privateChallengeParameters!['answer']; - str = event.request.challengeAnswer!; - strOrUndefined = event.request.password; - str = event.request.clientMetadata!['action']; - boolOrUndefined = event.request.userNotFound; - boolOrUndefined = event.response.answerCorrect; - strOrUndefined = event.response.smsMessage; - strOrUndefined = event.response.emailMessage; - strOrUndefined = event.response.emailSubject; - strOrUndefined = event.response.challengeName; - boolOrUndefined = event.response.issueTokens; - boolOrUndefined = event.response.failAuthentication; - str = event.response.publicChallengeParameters!['captchaUrl']; - str = event.response.privateChallengeParameters!['answer']; - strOrUndefined = event.response.challengeMetadata; - boolOrUndefined = event.response.answerCorrect; - str = event.response.userAttributes!['username']; - event.response.finalUserStatus === 'CONFIRMED'; - event.response.finalUserStatus === 'RESET_REQUIRED'; - event.response.messageAction === 'SUPPRESS'; - event.response.desiredDeliveryMediums === ['EMAIL']; - event.response.desiredDeliveryMediums === ['SMS']; - event.response.desiredDeliveryMediums === ['SMS', 'EMAIL']; - boolOrUndefined = event.response.forceAliasCreation; - // From AWS examples - event.response = { - claimsOverrideDetails: { - claimsToAddOrOverride: { - attribute_key2: 'attribute_value2', - attribute_key: 'attribute_value', - }, - claimsToSuppress: ['email'], - }, - }; - event.response = { - claimsOverrideDetails: { - claimsToAddOrOverride: { - attribute_key2: 'attribute_value2', - attribute_key: 'attribute_value', - }, - claimsToSuppress: ['email'], - groupOverrideDetails: { - groupsToOverride: ['group-A', 'group-B', 'group-C'], - iamRolesToOverride: [ - 'arn:aws:iam::XXXXXXXXXXXX:role/sns_callerA', - 'arn:aws:iam::XXXXXXXXX:role/sns_callerB', - 'arn:aws:iam::XXXXXXXXXX:role/sns_callerC', - ], - preferredRole: 'arn:aws:iam::XXXXXXXXXXX:role/sns_caller', - }, - }, - }; - event.response.claimsOverrideDetails!.groupOverrideDetails = null; + obj = event.request; + obj = event.response; callback(new Error()); callback(null, event); - callback(null, { - response: event.response, - }); + callback(null, { response: event.response }); return event; }; + +const preSignUp: PreSignUpTriggerHandler = async (event, _, callback) => { + const { request, response, triggerSource } = event; + + obj = request.userAttributes; + str = request.userAttributes.email; + str = request.validationData!['k1']; + str = request.clientMetadata!['action']; + + bool = response.autoConfirmUser; + bool = response.autoVerifyEmail; + bool = response.autoVerifyPhone; + + triggerSource === 'PreSignUp_SignUp'; + triggerSource === 'PreSignUp_ExternalProvider'; + triggerSource === 'PreSignUp_AdminCreateUser'; + + // $ExpectError + triggerSource === 'PostConfirmation_ConfirmSignUp'; + + // $ExpectError + request.session![0].challengeName === 'CUSTOM_CHALLENGE'; +}; + +const postConfirmation: PostConfirmationTriggerHandler = async (event, _, callback) => { + const { request, response, triggerSource } = event; + + obj = request.userAttributes; + str = request.userAttributes.email; + str = request.clientMetadata!['action']; + + objectOrUndefined = response; + + triggerSource === 'PostConfirmation_ConfirmSignUp'; + triggerSource === 'PostConfirmation_ConfirmForgotPassword'; + + // $ExpectError + triggerSource === 'PreSignUp_ExternalProvider'; + // $ExpectError + request.session![0].challengeName === 'CUSTOM_CHALLENGE'; + // $ExpectError + str = request.validationData!['k1']; + // $ExpectError + bool = response.autoVerifyEmail; + // $ExpectError + bool = response.autoVerifyPhone; +}; + +const defineAuthChallenge: DefineAuthChallengeTriggerHandler = async (event, _, callback) => { + const { request, response, triggerSource } = event; + + obj = request.userAttributes; + str = request.userAttributes.email; + array = request.session; + + const session = request.session[0]; + session.challengeName === 'CUSTOM_CHALLENGE'; + session.challengeName === 'PASSWORD_VERIFIER'; + session.challengeName === 'SMS_MFA'; + session.challengeName === 'DEVICE_SRP_AUTH'; + session.challengeName === 'DEVICE_PASSWORD_VERIFIER'; + session.challengeName === 'ADMIN_NO_SRP_AUTH'; + session.challengeName === 'SRP_A'; + bool = session.challengeResult; + boolOrUndefined = request.userNotFound; + + str = response.challengeName; + bool = response.failAuthentication; + bool = response.issueTokens; + + triggerSource === 'DefineAuthChallenge_Authentication'; + + // $ExpectError + nullOrUndefined = request.userAttributes; +}; + +const createAuthChallenge: CreateAuthChallengeTriggerHandler = async (event, _, callback) => { + const { request, response, triggerSource } = event; + + obj = request.userAttributes; + str = request.userAttributes.email; + str = request.challengeName; + array = request.session; + str = request.session[0].challengeName; + bool = request.session[0].challengeResult; + strOrUndefined = request.session[0].challengeMetadata; + boolOrUndefined = request.userNotFound; + + obj = response.publicChallengeParameters; + str = response.publicChallengeParameters['foo']; + obj = response.privateChallengeParameters; + str = response.privateChallengeParameters['bar']; + str = response.challengeMetadata; + + triggerSource === 'CreateAuthChallenge_Authentication'; + + // $ExpectError + nullOrUndefined = request.userAttributes; +}; + +const validateAuthChallengeResponse: VerifyAuthChallengeResponseTriggerHandler = async (event, _, callback) => { + const { request, response, triggerSource } = event; + + obj = request.userAttributes; + str = request.userAttributes.email; + obj = request.privateChallengeParameters; + str = request.privateChallengeParameters['foo']; + str = request.challengeAnswer; + boolOrUndefined = request.userNotFound; + + bool = response.answerCorrect; + + triggerSource === 'VerifyAuthChallengeResponse_Authentication'; +}; + +const preAuthentication: PreAuthenticationTriggerHandler = async (event, _, callback) => { + const { request, response, triggerSource } = event; + + obj = request.userAttributes; + str = request.userAttributes.email; + boolOrUndefined = request.userNotFound; + + objectOrUndefined = response; + + triggerSource === 'PreAuthentication_Authentication'; +}; + +const postAuthentication: PostAuthenticationTriggerHandler = async (event, _, callback) => { + const { request, response, triggerSource } = event; + + obj = request.userAttributes; + str = request.userAttributes.email; + bool = request.newDeviceUsed; + + objectOrUndefined = response; + + triggerSource === 'PostAuthentication_Authentication'; +}; + +const preTokenGeneration: PreTokenGenerationTriggerHandler = async (event, _, callback) => { + const { request, response, triggerSource } = event; + + obj = request.userAttributes; + str = request.userAttributes.email; + obj = request.groupConfiguration; + strArrayOrUndefined = request.groupConfiguration.groupsToOverride; + strArrayOrUndefined = request.groupConfiguration.iamRolesToOverride; + strOrUndefined = request.groupConfiguration.preferredRole; + + obj = response.claimsOverrideDetails; + objectOrUndefined = response.claimsOverrideDetails.claimsToAddOrOverride; + strArrayOrUndefined = response.claimsOverrideDetails.claimsToSuppress; + + const groupOverrideDetails = response.claimsOverrideDetails.groupOverrideDetails!; + strArrayOrUndefined = groupOverrideDetails.groupsToOverride; + strArrayOrUndefined = groupOverrideDetails.iamRolesToOverride; + strOrUndefined = groupOverrideDetails.preferredRole; + + triggerSource === 'TokenGeneration_AuthenticateDevice'; + triggerSource === 'TokenGeneration_Authentication'; + triggerSource === 'TokenGeneration_HostedAuth'; + triggerSource === 'TokenGeneration_NewPasswordChallenge'; + triggerSource === 'TokenGeneration_RefreshTokens'; +}; + +const userMigration: UserMigrationTriggerHandler = async (event, _, callback) => { + const { request, response, triggerSource } = event; + + str = request.password; + objectOrUndefined = request.validationData; + str = request.validationData!.foobar; + + obj = response.userAttributes; + str = response.userAttributes.email; + strOrUndefined = response.finalUserStatus; + response.finalUserStatus === 'UNCONFIRMED'; + response.finalUserStatus === 'CONFIRMED'; + response.finalUserStatus === 'ARCHIVED'; + response.finalUserStatus === 'COMPROMISED'; + response.finalUserStatus === 'UNKNOWN'; + response.finalUserStatus === 'RESET_REQUIRED'; + response.finalUserStatus === 'FORCE_CHANGE_PASSWORD'; + boolOrUndefined = response.forceAliasCreation; + response.messageAction === 'RESEND'; + response.messageAction === 'SUPPRESS'; + response.desiredDeliveryMediums === ['EMAIL']; + response.desiredDeliveryMediums === ['SMS']; + response.desiredDeliveryMediums === ['SMS', 'EMAIL']; + + triggerSource === 'UserMigration_Authentication'; + triggerSource === 'UserMigration_ForgotPassword'; +}; + +const customMessage: CustomMessageTriggerHandler = async (event, _, callback) => { + const { request, response, triggerSource } = event; + + obj = request.userAttributes; + str = request.userAttributes.email; + str = request.codeParameter; + str = request.usernameParameter; + + str = response.smsMessage; + str = response.emailMessage; + str = response.emailSubject; + + triggerSource === 'CustomMessage_AdminCreateUser'; + triggerSource === 'CustomMessage_Authentication'; + triggerSource === 'CustomMessage_ForgotPassword'; + triggerSource === 'CustomMessage_ResendCode'; + triggerSource === 'CustomMessage_SignUp'; + triggerSource === 'CustomMessage_UpdateUserAttribute'; + triggerSource === 'CustomMessage_VerifyUserAttribute'; +}; diff --git a/types/aws-lambda/trigger/cognito-user-pool-trigger/_common.d.ts b/types/aws-lambda/trigger/cognito-user-pool-trigger/_common.d.ts new file mode 100644 index 0000000000..efe405eb7d --- /dev/null +++ b/types/aws-lambda/trigger/cognito-user-pool-trigger/_common.d.ts @@ -0,0 +1,41 @@ +export interface StringMap { + [name: string]: string; +} + +export type ChallengeName = + | 'PASSWORD_VERIFIER' + | 'SMS_MFA' + | 'DEVICE_SRP_AUTH' + | 'DEVICE_PASSWORD_VERIFIER' + | 'ADMIN_NO_SRP_AUTH' + | 'SRP_A'; + +export interface ChallengeResult { + challengeName: ChallengeName; + challengeResult: boolean; + challengeMetadata?: undefined; +} + +export interface CustomChallengeResult { + challengeName: 'CUSTOM_CHALLENGE'; + challengeResult: boolean; + challengeMetadata?: string; +} + +/** + * Common attributes shared by all User Pool Lambda Trigger Events + * @see https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html#cognito-user-pools-lambda-trigger-event-parameter-shared + */ +export interface BaseTriggerEvent { + version: string; + region: string; + userPoolId: string; + triggerSource: T; + userName: string; + callerContext: { + awsSdkVersion: string; + clientId: string; + }; + request: {}; + response: {}; +} diff --git a/types/aws-lambda/trigger/cognito-user-pool-trigger/create-auth-challenge.d.ts b/types/aws-lambda/trigger/cognito-user-pool-trigger/create-auth-challenge.d.ts new file mode 100644 index 0000000000..b44c13e725 --- /dev/null +++ b/types/aws-lambda/trigger/cognito-user-pool-trigger/create-auth-challenge.d.ts @@ -0,0 +1,22 @@ +import { Handler } from '../../handler'; +import { BaseTriggerEvent, StringMap, ChallengeResult, CustomChallengeResult } from './_common'; + +/** + * @see https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-create-auth-challenge.html + */ +export interface CreateAuthChallengeTriggerEvent extends BaseTriggerEvent<'CreateAuthChallenge_Authentication'> { + request: { + userAttributes: StringMap; + challengeName: string; + session: Array; + clientMetadata?: StringMap; + userNotFound?: boolean; + }; + response: { + publicChallengeParameters: StringMap; + privateChallengeParameters: StringMap; + challengeMetadata: string; + }; +} + +export type CreateAuthChallengeTriggerHandler = Handler; diff --git a/types/aws-lambda/trigger/cognito-user-pool-trigger/custom-message.d.ts b/types/aws-lambda/trigger/cognito-user-pool-trigger/custom-message.d.ts new file mode 100644 index 0000000000..835b80de00 --- /dev/null +++ b/types/aws-lambda/trigger/cognito-user-pool-trigger/custom-message.d.ts @@ -0,0 +1,44 @@ +import { Handler } from '../../handler'; +import { BaseTriggerEvent, StringMap } from './_common'; + +export interface BaseCustomMessageTriggerEvent extends BaseTriggerEvent { + request: { + userAttributes: StringMap; + codeParameter: string; + usernameParameter: string; + clientMetadata?: StringMap; + }; + response: { + smsMessage: string; + emailMessage: string; + emailSubject: string; + }; +} + +export type CustomMessageAdminCreateUserTriggerEvent = BaseCustomMessageTriggerEvent<'CustomMessage_AdminCreateUser'>; + +export type CustomMessageAuthenticationTriggerEvent = BaseCustomMessageTriggerEvent<'CustomMessage_Authentication'>; + +export type CustomMessageForgotPasswordTriggerEvent = BaseCustomMessageTriggerEvent<'CustomMessage_ForgotPassword'>; + +export type CustomMessageResendCodeTriggerEvent = BaseCustomMessageTriggerEvent<'CustomMessage_ResendCode'>; + +export type CustomMessageSignUpTriggerEvent = BaseCustomMessageTriggerEvent<'CustomMessage_SignUp'>; + +export type CustomMessageUpdateUserAttributeTriggerEvent = BaseCustomMessageTriggerEvent<'CustomMessage_UpdateUserAttribute'>; + +export type CustomMessageVerifyUserAttributeTriggerEvent = BaseCustomMessageTriggerEvent<'CustomMessage_VerifyUserAttribute'>; + +/** + * @see https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-custom-message.html + */ +export type CustomMessageTriggerEvent = + | CustomMessageSignUpTriggerEvent + | CustomMessageAdminCreateUserTriggerEvent + | CustomMessageResendCodeTriggerEvent + | CustomMessageForgotPasswordTriggerEvent + | CustomMessageUpdateUserAttributeTriggerEvent + | CustomMessageVerifyUserAttributeTriggerEvent + | CustomMessageAuthenticationTriggerEvent; + +export type CustomMessageTriggerHandler = Handler; diff --git a/types/aws-lambda/trigger/cognito-user-pool-trigger/define-auth-challenge.d.ts b/types/aws-lambda/trigger/cognito-user-pool-trigger/define-auth-challenge.d.ts new file mode 100644 index 0000000000..a77ce1ba98 --- /dev/null +++ b/types/aws-lambda/trigger/cognito-user-pool-trigger/define-auth-challenge.d.ts @@ -0,0 +1,21 @@ +import { Handler } from '../../handler'; +import { BaseTriggerEvent, StringMap, ChallengeResult, CustomChallengeResult } from './_common'; + +/** + * @see https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-define-auth-challenge.html + */ +export interface DefineAuthChallengeTriggerEvent extends BaseTriggerEvent<'DefineAuthChallenge_Authentication'> { + request: { + userAttributes: StringMap; + session: Array; + clientMetadata?: StringMap; + userNotFound?: boolean; + }; + response: { + challengeName: string; + failAuthentication: boolean; + issueTokens: boolean; + }; +} + +export type DefineAuthChallengeTriggerHandler = Handler; diff --git a/types/aws-lambda/trigger/cognito-user-pool-trigger.d.ts b/types/aws-lambda/trigger/cognito-user-pool-trigger/index.d.ts similarity index 85% rename from types/aws-lambda/trigger/cognito-user-pool-trigger.d.ts rename to types/aws-lambda/trigger/cognito-user-pool-trigger/index.d.ts index bbd7a48e80..d4f563a7ff 100644 --- a/types/aws-lambda/trigger/cognito-user-pool-trigger.d.ts +++ b/types/aws-lambda/trigger/cognito-user-pool-trigger/index.d.ts @@ -1,12 +1,8 @@ -import { Handler } from "../handler"; - -// Result type is weird: docs and samples say to return the mutated event, but it only requires an object -// with a "response" field, the type of which is specific to the event.triggerType. Leave as any for now. -export type CognitoUserPoolTriggerHandler = Handler; -// TODO: Different event/handler types for each event trigger so we can type the result? +import { Handler } from '../../handler'; /** * Cognito User Pool event + * @deprecated Please use specific event types instead * http://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html */ export interface CognitoUserPoolTriggerEvent { @@ -99,4 +95,24 @@ export interface CognitoUserPoolTriggerEvent { }; }; } + +/** + * @deprecated Please use specific event types instead + */ export type CognitoUserPoolEvent = CognitoUserPoolTriggerEvent; + +/** + * @deprecated Please use specific event handler types instead + */ +export type CognitoUserPoolTriggerHandler = Handler; + +export * from './create-auth-challenge'; +export * from './custom-message'; +export * from './define-auth-challenge'; +export * from './post-authentication'; +export * from './post-confirmation'; +export * from './pre-authentication'; +export * from './pre-signup'; +export * from './pre-token-generation'; +export * from './user-migration'; +export * from './verify-auth-challenge-response'; diff --git a/types/aws-lambda/trigger/cognito-user-pool-trigger/post-authentication.d.ts b/types/aws-lambda/trigger/cognito-user-pool-trigger/post-authentication.d.ts new file mode 100644 index 0000000000..34556407fa --- /dev/null +++ b/types/aws-lambda/trigger/cognito-user-pool-trigger/post-authentication.d.ts @@ -0,0 +1,15 @@ +import { Handler } from '../../handler'; +import { BaseTriggerEvent, StringMap } from './_common'; + +/** + * @see https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-authentication.html + */ +export interface PostAuthenticationTriggerEvent extends BaseTriggerEvent<'PostAuthentication_Authentication'> { + request: { + userAttributes: StringMap; + newDeviceUsed: boolean; + clientMetadata?: StringMap; + }; +} + +export type PostAuthenticationTriggerHandler = Handler; diff --git a/types/aws-lambda/trigger/cognito-user-pool-trigger/post-confirmation.d.ts b/types/aws-lambda/trigger/cognito-user-pool-trigger/post-confirmation.d.ts new file mode 100644 index 0000000000..fb32bd9624 --- /dev/null +++ b/types/aws-lambda/trigger/cognito-user-pool-trigger/post-confirmation.d.ts @@ -0,0 +1,22 @@ +import { Handler } from '../../handler'; +import { BaseTriggerEvent, StringMap } from './_common'; + +export interface BasePostConfirmationTriggerEvent extends BaseTriggerEvent { + request: { + userAttributes: StringMap; + clientMetadata?: StringMap; + }; +} + +export type PostConfirmationConfirmSignUpTriggerEvent = BasePostConfirmationTriggerEvent<'PostConfirmation_ConfirmSignUp'>; + +export type PostConfirmationConfirmForgotPassword = BasePostConfirmationTriggerEvent<'PostConfirmation_ConfirmForgotPassword'>; + +/** + * @see https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-confirmation.html + */ +export type PostConfirmationTriggerEvent = + | PostConfirmationConfirmSignUpTriggerEvent + | PostConfirmationConfirmForgotPassword; + +export type PostConfirmationTriggerHandler = Handler; diff --git a/types/aws-lambda/trigger/cognito-user-pool-trigger/pre-authentication.d.ts b/types/aws-lambda/trigger/cognito-user-pool-trigger/pre-authentication.d.ts new file mode 100644 index 0000000000..a73ca46027 --- /dev/null +++ b/types/aws-lambda/trigger/cognito-user-pool-trigger/pre-authentication.d.ts @@ -0,0 +1,15 @@ +import { Handler } from '../../handler'; +import { BaseTriggerEvent, StringMap } from './_common'; + +/** + * @see https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-authentication.html + */ +export interface PreAuthenticationTriggerEvent extends BaseTriggerEvent<'PreAuthentication_Authentication'> { + request: { + userAttributes: StringMap; + userNotFound?: boolean; + validationData?: StringMap; + }; +} + +export type PreAuthenticationTriggerHandler = Handler; diff --git a/types/aws-lambda/trigger/cognito-user-pool-trigger/pre-signup.d.ts b/types/aws-lambda/trigger/cognito-user-pool-trigger/pre-signup.d.ts new file mode 100644 index 0000000000..c127012c99 --- /dev/null +++ b/types/aws-lambda/trigger/cognito-user-pool-trigger/pre-signup.d.ts @@ -0,0 +1,31 @@ +import { Handler } from '../../handler'; +import { BaseTriggerEvent, StringMap } from './_common'; + +export interface BasePreSignUpTriggerEvent extends BaseTriggerEvent { + request: { + userAttributes: StringMap; + validationData?: StringMap; + clientMetadata?: StringMap; + }; + response: { + autoConfirmUser: boolean; + autoVerifyEmail: boolean; + autoVerifyPhone: boolean; + }; +} + +export type PreSignUpEmailTriggerEvent = BasePreSignUpTriggerEvent<'PreSignUp_SignUp'>; + +export type PreSignUpExternalProviderTriggerEvent = BasePreSignUpTriggerEvent<'PreSignUp_ExternalProvider'>; + +export type PreSignUpAdminCreateUserTriggerEvent = BasePreSignUpTriggerEvent<'PreSignUp_AdminCreateUser'>; + +/** + * @see https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html + */ +export type PreSignUpTriggerEvent = + | PreSignUpEmailTriggerEvent + | PreSignUpExternalProviderTriggerEvent + | PreSignUpAdminCreateUserTriggerEvent; + +export type PreSignUpTriggerHandler = Handler; diff --git a/types/aws-lambda/trigger/cognito-user-pool-trigger/pre-token-generation.d.ts b/types/aws-lambda/trigger/cognito-user-pool-trigger/pre-token-generation.d.ts new file mode 100644 index 0000000000..bc705013cb --- /dev/null +++ b/types/aws-lambda/trigger/cognito-user-pool-trigger/pre-token-generation.d.ts @@ -0,0 +1,45 @@ +import { Handler } from '../../handler'; +import { BaseTriggerEvent, StringMap } from './_common'; + +export interface GroupOverrideDetails { + groupsToOverride?: string[]; + iamRolesToOverride?: string[]; + preferredRole?: string; +} + +export interface BasePreTokenGenerationTriggerEvent extends BaseTriggerEvent { + request: { + userAttributes: StringMap; + groupConfiguration: GroupOverrideDetails; + clientMetadata?: StringMap; + }; + response: { + claimsOverrideDetails: { + claimsToAddOrOverride?: StringMap; + claimsToSuppress?: string[]; + groupOverrideDetails?: GroupOverrideDetails; + }; + }; +} + +export type PreTokenGenerationHostedAuthTriggerEvent = BasePreTokenGenerationTriggerEvent<'TokenGeneration_HostedAuth'>; + +export type PreTokenGenerationAuthenticationTriggerEvent = BasePreTokenGenerationTriggerEvent<'TokenGeneration_Authentication'>; + +export type PreTokenGenerationNewPasswordChallengeTriggerEvent = BasePreTokenGenerationTriggerEvent<'TokenGeneration_NewPasswordChallenge'>; + +export type PreTokenGenerationAuthenticateDeviceTriggerEvent = BasePreTokenGenerationTriggerEvent<'TokenGeneration_AuthenticateDevice'>; + +export type PreTokenGenerationRefreshTokensTriggerEvent = BasePreTokenGenerationTriggerEvent<'TokenGeneration_RefreshTokens'>; + +/** + * @see https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html + */ +export type PreTokenGenerationTriggerEvent = + | PreTokenGenerationHostedAuthTriggerEvent + | PreTokenGenerationAuthenticationTriggerEvent + | PreTokenGenerationNewPasswordChallengeTriggerEvent + | PreTokenGenerationAuthenticateDeviceTriggerEvent + | PreTokenGenerationRefreshTokensTriggerEvent; + +export type PreTokenGenerationTriggerHandler = Handler; diff --git a/types/aws-lambda/trigger/cognito-user-pool-trigger/user-migration.d.ts b/types/aws-lambda/trigger/cognito-user-pool-trigger/user-migration.d.ts new file mode 100644 index 0000000000..a6d742d709 --- /dev/null +++ b/types/aws-lambda/trigger/cognito-user-pool-trigger/user-migration.d.ts @@ -0,0 +1,39 @@ +import { Handler } from '../../handler'; +import { BaseTriggerEvent, StringMap } from './_common'; + +export type UserStatus = + | 'UNCONFIRMED' + | 'CONFIRMED' + | 'ARCHIVED' + | 'COMPROMISED' + | 'UNKNOWN' + | 'RESET_REQUIRED' + | 'FORCE_CHANGE_PASSWORD'; + +export interface BaseUserMigrationTriggerEvent extends BaseTriggerEvent { + request: { + password: string; + validationData?: StringMap; + clientMetadata?: StringMap; + }; + response: { + userAttributes: StringMap; + finalUserStatus?: UserStatus; + messageAction?: 'RESEND' | 'SUPPRESS'; + desiredDeliveryMediums: Array<'SMS' | 'EMAIL'>; + forceAliasCreation?: boolean; + }; +} + +export type UserMigrationAuthenticationTriggerEvent = BaseUserMigrationTriggerEvent<'UserMigration_Authentication'>; + +export type UserMigrationForgotPasswordTriggerEvent = BaseUserMigrationTriggerEvent<'UserMigration_ForgotPassword'>; + +/** + * @see https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-migrate-user.html + */ +export type UserMigrationTriggerEvent = + | UserMigrationAuthenticationTriggerEvent + | UserMigrationForgotPasswordTriggerEvent; + +export type UserMigrationTriggerHandler = Handler; diff --git a/types/aws-lambda/trigger/cognito-user-pool-trigger/verify-auth-challenge-response.d.ts b/types/aws-lambda/trigger/cognito-user-pool-trigger/verify-auth-challenge-response.d.ts new file mode 100644 index 0000000000..aa6d9c3153 --- /dev/null +++ b/types/aws-lambda/trigger/cognito-user-pool-trigger/verify-auth-challenge-response.d.ts @@ -0,0 +1,20 @@ +import { Handler } from '../../handler'; +import { BaseTriggerEvent, StringMap } from './_common'; + +/** + * @see https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-verify-auth-challenge-response.html + */ +export interface VerifyAuthChallengeResponseTriggerEvent extends BaseTriggerEvent<'VerifyAuthChallengeResponse_Authentication'> { + request: { + userAttributes: StringMap; + privateChallengeParameters: StringMap; + challengeAnswer: string; + clientMetadata?: StringMap; + userNotFound?: boolean; + }; + response: { + answerCorrect: boolean; + }; +} + +export type VerifyAuthChallengeResponseTriggerHandler = Handler;