UNPKG

@aws-solutions-constructs/core

Version:

Core CDK Construct for patterns library

github.com/awslabs/aws-solutions-constructs

awslabs/aws-solutions-constructs

123 lines 18.7 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
"use strict"; /** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance * with the License. A copy of the License is located at * * http://www.apache.org/licenses/LICENSE-2.0 * * or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES * OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions * and limitations under the License. */ Object.defineProperty(exports, "__esModule", { value: true }); exports.buildUserPool = buildUserPool; exports.buildUserPoolClient = buildUserPoolClient; exports.buildIdentityPool = buildIdentityPool; exports.setupCognitoForSearchService = setupCognitoForSearchService; exports.buildCognitoForSearchService = buildCognitoForSearchService; /* * The functions found here in the core library are for internal use and can be changed * or removed outside of a major release. We recommend against calling them directly from client code. */ const cognito = require("aws-cdk-lib/aws-cognito"); const iam = require("aws-cdk-lib/aws-iam"); const cdk = require("aws-cdk-lib"); const utils_1 = require("./utils"); const cognito_defaults_1 = require("./cognito-defaults"); /** * @internal This is an internal core function and should not be called directly by Solutions Constructs clients. */ function buildUserPool(scope, userPoolProps) { const cognitoUserPoolProps = (0, utils_1.consolidateProps)(cognito_defaults_1.defaultUserPoolProps, userPoolProps); const userPool = new cognito.UserPool(scope, 'CognitoUserPool', cognitoUserPoolProps); // Set the advancedSecurityMode to ENFORCED const cfnUserPool = userPool.node.findChild('Resource'); cfnUserPool.userPoolAddOns = { advancedSecurityMode: 'ENFORCED' }; // Add Cfn Nag suppress for the cognito SMS role policy const userPoolSmsRole = userPool.node.tryFindChild('smsRole'); if (userPoolSmsRole) { (0, utils_1.addCfnSuppressRules)(userPool, [ { id: 'W11', reason: `Allowing * resource on permissions policy since its used by Cognito to send SMS messages via sns:Publish` } ]); } return userPool; } /** * @internal This is an internal core function and should not be called directly by Solutions Constructs clients. */ function buildUserPoolClient(scope, userPool, cognitoUserPoolClientProps) { const userPoolClientProps = (0, utils_1.consolidateProps)((0, cognito_defaults_1.DefaultUserPoolClientProps)(userPool), cognitoUserPoolClientProps); return new cognito.UserPoolClient(scope, 'CognitoUserPoolClient', userPoolClientProps); } /** * @internal This is an internal core function and should not be called directly by Solutions Constructs clients. */ function buildIdentityPool(scope, userpool, userpoolclient, identityPoolProps) { let cognitoIdentityPoolProps = (0, cognito_defaults_1.DefaultIdentityPoolProps)(userpoolclient.userPoolClientId, userpool.userPoolProviderName); cognitoIdentityPoolProps = (0, utils_1.consolidateProps)(cognitoIdentityPoolProps, identityPoolProps); const idPool = new cognito.CfnIdentityPool(scope, 'CognitoIdentityPool', cognitoIdentityPoolProps); return idPool; } /** * @internal This is an internal core function and should not be called directly by Solutions Constructs clients. */ function setupCognitoForSearchService(scope, domainName, options) { // Create the domain for Cognito UserPool const userpooldomain = new cognito.CfnUserPoolDomain(scope, 'UserPoolDomain', { domain: domainName, userPoolId: options.userpool.userPoolId }); userpooldomain.addDependency(options.userpool.node.findChild('Resource')); // Setup the IAM Role for Cognito Authorized Users const cognitoPrincipal = new iam.FederatedPrincipal('cognito-identity.amazonaws.com', { 'StringEquals': { 'cognito-identity.amazonaws.com:aud': options.identitypool.ref }, 'ForAnyValue:StringLike': { 'cognito-identity.amazonaws.com:amr': 'authenticated' } }, 'sts:AssumeRoleWithWebIdentity'); const cognitoAuthorizedRole = new iam.Role(scope, 'CognitoAuthorizedRole', { assumedBy: cognitoPrincipal, inlinePolicies: { CognitoAccessPolicy: new iam.PolicyDocument({ statements: [new iam.PolicyStatement({ actions: [ 'es:ESHttp*' ], resources: [`arn:${cdk.Aws.PARTITION}:es:${cdk.Aws.REGION}:${cdk.Aws.ACCOUNT_ID}:domain/${domainName}/*`] }) ] }) } }); (0, utils_1.addCfnGuardSuppressRules)(cognitoAuthorizedRole, ["IAM_NO_INLINE_POLICY_CHECK"]); // Attach the IAM Role for Cognito Authorized Users const props = { identityPoolId: options.identitypool.ref, roles: { authenticated: cognitoAuthorizedRole.roleArn } }; // Minimize code in a NOSONA line new cognito.CfnIdentityPoolRoleAttachment(scope, 'IdentityPoolRoleMapping', props); // NOSONAR return cognitoAuthorizedRole; } /** * @internal This is an internal core function and should not be called directly by Solutions Constructs clients. */ function buildCognitoForSearchService(scope, domainName) { const userPool = buildUserPool(scope); const userPoolClient = buildUserPoolClient(scope, userPool); const identityPool = buildIdentityPool(scope, userPool, userPoolClient); const cognitoAuthorizedRole = setupCognitoForSearchService(scope, domainName, { userpool: userPool, identitypool: identityPool, userpoolclient: userPoolClient }); return [userPool, userPoolClient, identityPool, cognitoAuthorizedRole]; } //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29nbml0by1oZWxwZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJjb2duaXRvLWhlbHBlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUE7Ozs7Ozs7Ozs7O0dBV0c7O0FBd0JILHNDQXlCQztBQUtELGtEQU1DO0FBS0QsOENBV0M7QUFLRCxvRUErQ0M7QUFLRCxvRUFhQztBQWhKRDs7O0dBR0c7QUFFSCxtREFBbUQ7QUFDbkQsMkNBQTJDO0FBQzNDLG1DQUFtQztBQUNuQyxtQ0FBMEY7QUFDMUYseURBQWdIO0FBVWhIOztHQUVHO0FBQ0gsU0FBZ0IsYUFBYSxDQUFDLEtBQWdCLEVBQUUsYUFBcUM7SUFDbkYsTUFBTSxvQkFBb0IsR0FBRyxJQUFBLHdCQUFnQixFQUFDLHVDQUFvQixFQUFFLGFBQWEsQ0FBQyxDQUFDO0lBRW5GLE1BQU0sUUFBUSxHQUFHLElBQUksT0FBTyxDQUFDLFFBQVEsQ0FBQyxLQUFLLEVBQUUsaUJBQWlCLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztJQUV0RiwyQ0FBMkM7SUFDM0MsTUFBTSxXQUFXLEdBQUcsUUFBUSxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsVUFBVSxDQUF3QixDQUFDO0lBRS9FLFdBQVcsQ0FBQyxjQUFjLEdBQUc7UUFDM0Isb0JBQW9CLEVBQUUsVUFBVTtLQUNqQyxDQUFDO0lBRUYsdURBQXVEO0lBQ3ZELE1BQU0sZUFBZSxHQUFHLFFBQVEsQ0FBQyxJQUFJLENBQUMsWUFBWSxDQUFDLFNBQVMsQ0FBYSxDQUFDO0lBRTFFLElBQUksZUFBZSxFQUFFLENBQUM7UUFDcEIsSUFBQSwyQkFBbUIsRUFBQyxRQUFRLEVBQUU7WUFDNUI7Z0JBQ0UsRUFBRSxFQUFFLEtBQUs7Z0JBQ1QsTUFBTSxFQUFFLDBHQUEwRzthQUNuSDtTQUNGLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRCxPQUFPLFFBQVEsQ0FBQztBQUNsQixDQUFDO0FBRUQ7O0dBRUc7QUFDSCxTQUFnQixtQkFBbUIsQ0FBQyxLQUFnQixFQUFFLFFBQTBCLEVBQzlFLDBCQUF3RDtJQUV4RCxNQUFNLG1CQUFtQixHQUFHLElBQUEsd0JBQWdCLEVBQUMsSUFBQSw2Q0FBMEIsRUFBQyxRQUFRLENBQUMsRUFBRSwwQkFBMEIsQ0FBQyxDQUFDO0lBRS9HLE9BQU8sSUFBSSxPQUFPLENBQUMsY0FBYyxDQUFDLEtBQUssRUFBRSx1QkFBdUIsRUFBRSxtQkFBbUIsQ0FBQyxDQUFDO0FBQ3pGLENBQUM7QUFFRDs7R0FFRztBQUNILFNBQWdCLGlCQUFpQixDQUFDLEtBQWdCLEVBQUUsUUFBMEIsRUFBRSxjQUFzQyxFQUNwSCxpQkFBZ0Q7SUFFaEQsSUFBSSx3QkFBd0IsR0FBaUMsSUFBQSwyQ0FBd0IsRUFBQyxjQUFjLENBQUMsZ0JBQWdCLEVBQ25ILFFBQVEsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO0lBRWpDLHdCQUF3QixHQUFHLElBQUEsd0JBQWdCLEVBQUMsd0JBQXdCLEVBQUUsaUJBQWlCLENBQUMsQ0FBQztJQUV6RixNQUFNLE1BQU0sR0FBRyxJQUFJLE9BQU8sQ0FBQyxlQUFlLENBQUMsS0FBSyxFQUFFLHFCQUFxQixFQUFFLHdCQUF3QixDQUFDLENBQUM7SUFFbkcsT0FBTyxNQUFNLENBQUM7QUFDaEIsQ0FBQztBQUVEOztHQUVHO0FBQ0gsU0FBZ0IsNEJBQTRCLENBQUMsS0FBZ0IsRUFBRSxVQUFrQixFQUFFLE9BQXVCO0lBRXhHLHlDQUF5QztJQUN6QyxNQUFNLGNBQWMsR0FBRyxJQUFJLE9BQU8sQ0FBQyxpQkFBaUIsQ0FBQyxLQUFLLEVBQUUsZ0JBQWdCLEVBQUU7UUFDNUUsTUFBTSxFQUFFLFVBQVU7UUFDbEIsVUFBVSxFQUFFLE9BQU8sQ0FBQyxRQUFRLENBQUMsVUFBVTtLQUN4QyxDQUFDLENBQUM7SUFDSCxjQUFjLENBQUMsYUFBYSxDQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxVQUFVLENBQXdCLENBQUMsQ0FBQztJQUVqRyxrREFBa0Q7SUFDbEQsTUFBTSxnQkFBZ0IsR0FBRyxJQUFJLEdBQUcsQ0FBQyxrQkFBa0IsQ0FDakQsZ0NBQWdDLEVBQ2hDO1FBQ0UsY0FBYyxFQUFFLEVBQUUsb0NBQW9DLEVBQUUsT0FBTyxDQUFDLFlBQVksQ0FBQyxHQUFHLEVBQUU7UUFDbEYsd0JBQXdCLEVBQUUsRUFBRSxvQ0FBb0MsRUFBRSxlQUFlLEVBQUU7S0FDcEYsRUFDRCwrQkFBK0IsQ0FBQyxDQUFDO0lBRW5DLE1BQU0scUJBQXFCLEdBQUcsSUFBSSxHQUFHLENBQUMsSUFBSSxDQUFDLEtBQUssRUFBRSx1QkFBdUIsRUFBRTtRQUN6RSxTQUFTLEVBQUUsZ0JBQWdCO1FBQzNCLGNBQWMsRUFBRTtZQUNkLG1CQUFtQixFQUFFLElBQUksR0FBRyxDQUFDLGNBQWMsQ0FBQztnQkFDMUMsVUFBVSxFQUFFLENBQUMsSUFBSSxHQUFHLENBQUMsZUFBZSxDQUFDO3dCQUNuQyxPQUFPLEVBQUU7NEJBQ1AsWUFBWTt5QkFDYjt3QkFDRCxTQUFTLEVBQUUsQ0FBQyxPQUFPLEdBQUcsQ0FBQyxHQUFHLENBQUMsU0FBUyxPQUFPLEdBQUcsQ0FBQyxHQUFHLENBQUMsTUFBTSxJQUFJLEdBQUcsQ0FBQyxHQUFHLENBQUMsVUFBVSxXQUFXLFVBQVUsSUFBSSxDQUFDO3FCQUMxRyxDQUFDO2lCQUNEO2FBQ0YsQ0FBQztTQUNIO0tBQ0YsQ0FBQyxDQUFDO0lBRUgsSUFBQSxnQ0FBd0IsRUFBQyxxQkFBcUIsRUFBRSxDQUFDLDRCQUE0QixDQUFDLENBQUMsQ0FBQztJQUVoRixtREFBbUQ7SUFDbkQsTUFBTSxLQUFLLEdBQStDO1FBQ3hELGNBQWMsRUFBRSxPQUFPLENBQUMsWUFBWSxDQUFDLEdBQUc7UUFDeEMsS0FBSyxFQUFFO1lBQ0wsYUFBYSxFQUFFLHFCQUFxQixDQUFDLE9BQU87U0FDN0M7S0FDRixDQUFDO0lBRUYsaUNBQWlDO0lBQ2pDLElBQUksT0FBTyxDQUFDLDZCQUE2QixDQUFDLEtBQUssRUFBRSx5QkFBeUIsRUFBRSxLQUFLLENBQUMsQ0FBQyxDQUFDLFVBQVU7SUFFOUYsT0FBTyxxQkFBcUIsQ0FBQztBQUMvQixDQUFDO0FBRUQ7O0dBRUc7QUFDSCxTQUFnQiw0QkFBNEIsQ0FBQyxLQUFnQixFQUFFLFVBQWtCO0lBRS9FLE1BQU0sUUFBUSxHQUFHLGFBQWEsQ0FBQyxLQUFLLENBQUMsQ0FBQztJQUN0QyxNQUFNLGNBQWMsR0FBRyxtQkFBbUIsQ0FBQyxLQUFLLEVBQUUsUUFBUSxDQUFDLENBQUM7SUFDNUQsTUFBTSxZQUFZLEdBQUcsaUJBQWlCLENBQUMsS0FBSyxFQUFFLFFBQVEsRUFBRSxjQUFjLENBQUMsQ0FBQztJQUV4RSxNQUFNLHFCQUFxQixHQUFhLDRCQUE0QixDQUFDLEtBQUssRUFBRSxVQUFVLEVBQUU7UUFDdEYsUUFBUSxFQUFFLFFBQVE7UUFDbEIsWUFBWSxFQUFFLFlBQVk7UUFDMUIsY0FBYyxFQUFFLGNBQWM7S0FDL0IsQ0FBQyxDQUFDO0lBRUgsT0FBTyxDQUFDLFFBQVEsRUFBRSxjQUFjLEVBQUUsWUFBWSxFQUFFLHFCQUFxQixDQUFDLENBQUM7QUFDekUsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbIi8qKlxuICogIENvcHlyaWdodCBBbWF6b24uY29tLCBJbmMuIG9yIGl0cyBhZmZpbGlhdGVzLiBBbGwgUmlnaHRzIFJlc2VydmVkLlxuICpcbiAqICBMaWNlbnNlZCB1bmRlciB0aGUgQXBhY2hlIExpY2Vuc2UsIFZlcnNpb24gMi4wICh0aGUgXCJMaWNlbnNlXCIpLiBZb3UgbWF5IG5vdCB1c2UgdGhpcyBmaWxlIGV4Y2VwdCBpbiBjb21wbGlhbmNlXG4gKiAgd2l0aCB0aGUgTGljZW5zZS4gQSBjb3B5IG9mIHRoZSBMaWNlbnNlIGlzIGxvY2F0ZWQgYXRcbiAqXG4gKiAgICAgIGh0dHA6Ly93d3cuYXBhY2hlLm9yZy9saWNlbnNlcy9MSUNFTlNFLTIuMFxuICpcbiAqICBvciBpbiB0aGUgJ2xpY2Vuc2UnIGZpbGUgYWNjb21wYW55aW5nIHRoaXMgZmlsZS4gVGhpcyBmaWxlIGlzIGRpc3RyaWJ1dGVkIG9uIGFuICdBUyBJUycgQkFTSVMsIFdJVEhPVVQgV0FSUkFOVElFU1xuICogIE9SIENPTkRJVElPTlMgT0YgQU5ZIEtJTkQsIGV4cHJlc3Mgb3IgaW1wbGllZC4gU2VlIHRoZSBMaWNlbnNlIGZvciB0aGUgc3BlY2lmaWMgbGFuZ3VhZ2UgZ292ZXJuaW5nIHBlcm1pc3Npb25zXG4gKiAgYW5kIGxpbWl0YXRpb25zIHVuZGVyIHRoZSBMaWNlbnNlLlxuICovXG5cbi8qXG4gKiAgVGhlIGZ1bmN0aW9ucyBmb3VuZCBoZXJlIGluIHRoZSBjb3JlIGxpYnJhcnkgYXJlIGZvciBpbnRlcm5hbCB1c2UgYW5kIGNhbiBiZSBjaGFuZ2VkXG4gKiAgb3IgcmVtb3ZlZCBvdXRzaWRlIG9mIGEgbWFqb3IgcmVsZWFzZS4gV2UgcmVjb21tZW5kIGFnYWluc3QgY2FsbGluZyB0aGVtIGRpcmVjdGx5IGZyb20gY2xpZW50IGNvZGUuXG4gKi9cblxuaW1wb3J0ICogYXMgY29nbml0byBmcm9tICdhd3MtY2RrLWxpYi9hd3MtY29nbml0byc7XG5pbXBvcnQgKiBhcyBpYW0gZnJvbSAnYXdzLWNkay1saWIvYXdzLWlhbSc7XG5pbXBvcnQgKiBhcyBjZGsgZnJvbSAnYXdzLWNkay1saWInO1xuaW1wb3J0IHsgYWRkQ2ZuR3VhcmRTdXBwcmVzc1J1bGVzLCBhZGRDZm5TdXBwcmVzc1J1bGVzLCBjb25zb2xpZGF0ZVByb3BzIH0gZnJvbSAnLi91dGlscyc7XG5pbXBvcnQgeyBkZWZhdWx0VXNlclBvb2xQcm9wcywgRGVmYXVsdFVzZXJQb29sQ2xpZW50UHJvcHMsIERlZmF1bHRJZGVudGl0eVBvb2xQcm9wcyB9IGZyb20gJy4vY29nbml0by1kZWZhdWx0cyc7XG4vLyBOb3RlOiBUbyBlbnN1cmUgQ0RLdjIgY29tcGF0aWJpbGl0eSwga2VlcCB0aGUgaW1wb3J0IHN0YXRlbWVudCBmb3IgQ29uc3RydWN0IHNlcGFyYXRlXG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tICdjb25zdHJ1Y3RzJztcblxuZXhwb3J0IGludGVyZmFjZSBDb2duaXRvT3B0aW9ucyB7XG4gIHJlYWRvbmx5IGlkZW50aXR5cG9vbDogY29nbml0by5DZm5JZGVudGl0eVBvb2wsXG4gIHJlYWRvbmx5IHVzZXJwb29sOiBjb2duaXRvLlVzZXJQb29sLFxuICByZWFkb25seSB1c2VycG9vbGNsaWVudDogY29nbml0by5Vc2VyUG9vbENsaWVudFxufVxuXG4vKipcbiAqIEBpbnRlcm5hbCBUaGlzIGlzIGFuIGludGVybmFsIGNvcmUgZnVuY3Rpb24gYW5kIHNob3VsZCBub3QgYmUgY2FsbGVkIGRpcmVjdGx5IGJ5IFNvbHV0aW9ucyBDb25zdHJ1Y3RzIGNsaWVudHMuXG4gKi9cbmV4cG9ydCBmdW5jdGlvbiBidWlsZFVzZXJQb29sKHNjb3BlOiBDb25zdHJ1Y3QsIHVzZXJQb29sUHJvcHM/OiBjb2duaXRvLlVzZXJQb29sUHJvcHMpOiBjb2duaXRvLlVzZXJQb29sIHtcbiAgY29uc3QgY29nbml0b1VzZXJQb29sUHJvcHMgPSBjb25zb2xpZGF0ZVByb3BzKGRlZmF1bHRVc2VyUG9vbFByb3BzLCB1c2VyUG9vbFByb3BzKTtcblxuICBjb25zdCB1c2VyUG9vbCA9IG5ldyBjb2duaXRvLlVzZXJQb29sKHNjb3BlLCAnQ29nbml0b1VzZXJQb29sJywgY29nbml0b1VzZXJQb29sUHJvcHMpO1xuXG4gIC8vIFNldCB0aGUgYWR2YW5jZWRTZWN1cml0eU1vZGUgdG8gRU5GT1JDRURcbiAgY29uc3QgY2ZuVXNlclBvb2wgPSB1c2VyUG9vbC5ub2RlLmZpbmRDaGlsZCgnUmVzb3VyY2UnKSBhcyBjb2duaXRvLkNmblVzZXJQb29sO1xuXG4gIGNmblVzZXJQb29sLnVzZXJQb29sQWRkT25zID0ge1xuICAgIGFkdmFuY2VkU2VjdXJpdHlNb2RlOiAnRU5GT1JDRUQnXG4gIH07XG5cbiAgLy8gQWRkIENmbiBOYWcgc3VwcHJlc3MgZm9yIHRoZSBjb2duaXRvIFNNUyByb2xlIHBvbGljeVxuICBjb25zdCB1c2VyUG9vbFNtc1JvbGUgPSB1c2VyUG9vbC5ub2RlLnRyeUZpbmRDaGlsZCgnc21zUm9sZScpIGFzIGlhbS5Sb2xlO1xuXG4gIGlmICh1c2VyUG9vbFNtc1JvbGUpIHtcbiAgICBhZGRDZm5TdXBwcmVzc1J1bGVzKHVzZXJQb29sLCBbXG4gICAgICB7XG4gICAgICAgIGlkOiAnVzExJyxcbiAgICAgICAgcmVhc29uOiBgQWxsb3dpbmcgKiByZXNvdXJjZSBvbiBwZXJtaXNzaW9ucyBwb2xpY3kgc2luY2UgaXRzIHVzZWQgYnkgQ29nbml0byB0byBzZW5kIFNNUyBtZXNzYWdlcyB2aWEgc25zOlB1Ymxpc2hgXG4gICAgICB9XG4gICAgXSk7XG4gIH1cblxuICByZXR1cm4gdXNlclBvb2w7XG59XG5cbi8qKlxuICogQGludGVybmFsIFRoaXMgaXMgYW4gaW50ZXJuYWwgY29yZSBmdW5jdGlvbiBhbmQgc2hvdWxkIG5vdCBiZSBjYWxsZWQgZGlyZWN0bHkgYnkgU29sdXRpb25zIENvbnN0cnVjdHMgY2xpZW50cy5cbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGJ1aWxkVXNlclBvb2xDbGllbnQoc2NvcGU6IENvbnN0cnVjdCwgdXNlclBvb2w6IGNvZ25pdG8uVXNlclBvb2wsXG4gIGNvZ25pdG9Vc2VyUG9vbENsaWVudFByb3BzPzogY29nbml0by5Vc2VyUG9vbENsaWVudFByb3BzKTogY29nbml0by5Vc2VyUG9vbENsaWVudCB7XG5cbiAgY29uc3QgdXNlclBvb2xDbGllbnRQcm9wcyA9IGNvbnNvbGlkYXRlUHJvcHMoRGVmYXVsdFVzZXJQb29sQ2xpZW50UHJvcHModXNlclBvb2wpLCBjb2duaXRvVXNlclBvb2xDbGllbnRQcm9wcyk7XG5cbiAgcmV0dXJuIG5ldyBjb2duaXRvLlVzZXJQb29sQ2xpZW50KHNjb3BlLCAnQ29nbml0b1VzZXJQb29sQ2xpZW50JywgdXNlclBvb2xDbGllbnRQcm9wcyk7XG59XG5cbi8qKlxuICogQGludGVybmFsIFRoaXMgaXMgYW4gaW50ZXJuYWwgY29yZSBmdW5jdGlvbiBhbmQgc2hvdWxkIG5vdCBiZSBjYWxsZWQgZGlyZWN0bHkgYnkgU29sdXRpb25zIENvbnN0cnVjdHMgY2xpZW50cy5cbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGJ1aWxkSWRlbnRpdHlQb29sKHNjb3BlOiBDb25zdHJ1Y3QsIHVzZXJwb29sOiBjb2duaXRvLlVzZXJQb29sLCB1c2VycG9vbGNsaWVudDogY29nbml0by5Vc2VyUG9vbENsaWVudCxcbiAgaWRlbnRpdHlQb29sUHJvcHM/OiBjb2duaXRvLkNmbklkZW50aXR5UG9vbFByb3BzKTogY29nbml0by5DZm5JZGVudGl0eVBvb2wge1xuXG4gIGxldCBjb2duaXRvSWRlbnRpdHlQb29sUHJvcHM6IGNvZ25pdG8uQ2ZuSWRlbnRpdHlQb29sUHJvcHMgPSBEZWZhdWx0SWRlbnRpdHlQb29sUHJvcHModXNlcnBvb2xjbGllbnQudXNlclBvb2xDbGllbnRJZCxcbiAgICB1c2VycG9vbC51c2VyUG9vbFByb3ZpZGVyTmFtZSk7XG5cbiAgY29nbml0b0lkZW50aXR5UG9vbFByb3BzID0gY29uc29saWRhdGVQcm9wcyhjb2duaXRvSWRlbnRpdHlQb29sUHJvcHMsIGlkZW50aXR5UG9vbFByb3BzKTtcblxuICBjb25zdCBpZFBvb2wgPSBuZXcgY29nbml0by5DZm5JZGVudGl0eVBvb2woc2NvcGUsICdDb2duaXRvSWRlbnRpdHlQb29sJywgY29nbml0b0lkZW50aXR5UG9vbFByb3BzKTtcblxuICByZXR1cm4gaWRQb29sO1xufVxuXG4vKipcbiAqIEBpbnRlcm5hbCBUaGlzIGlzIGFuIGludGVybmFsIGNvcmUgZnVuY3Rpb24gYW5kIHNob3VsZCBub3QgYmUgY2FsbGVkIGRpcmVjdGx5IGJ5IFNvbHV0aW9ucyBDb25zdHJ1Y3RzIGNsaWVudHMuXG4gKi9cbmV4cG9ydCBmdW5jdGlvbiBzZXR1cENvZ25pdG9Gb3JTZWFyY2hTZXJ2aWNlKHNjb3BlOiBDb25zdHJ1Y3QsIGRvbWFpbk5hbWU6IHN0cmluZywgb3B0aW9uczogQ29nbml0b09wdGlvbnMpOiBpYW0uUm9sZSB7XG5cbiAgLy8gQ3JlYXRlIHRoZSBkb21haW4gZm9yIENvZ25pdG8gVXNlclBvb2xcbiAgY29uc3QgdXNlcnBvb2xkb21haW4gPSBuZXcgY29nbml0by5DZm5Vc2VyUG9vbERvbWFpbihzY29wZSwgJ1VzZXJQb29sRG9tYWluJywge1xuICAgIGRvbWFpbjogZG9tYWluTmFtZSxcbiAgICB1c2VyUG9vbElkOiBvcHRpb25zLnVzZXJwb29sLnVzZXJQb29sSWRcbiAgfSk7XG4gIHVzZXJwb29sZG9tYWluLmFkZERlcGVuZGVuY3kob3B0aW9ucy51c2VycG9vbC5ub2RlLmZpbmRDaGlsZCgnUmVzb3VyY2UnKSBhcyBjb2duaXRvLkNmblVzZXJQb29sKTtcblxuICAvLyBTZXR1cCB0aGUgSUFNIFJvbGUgZm9yIENvZ25pdG8gQXV0aG9yaXplZCBVc2Vyc1xuICBjb25zdCBjb2duaXRvUHJpbmNpcGFsID0gbmV3IGlhbS5GZWRlcmF0ZWRQcmluY2lwYWwoXG4gICAgJ2NvZ25pdG8taWRlbnRpdHkuYW1hem9uYXdzLmNvbScsXG4gICAge1xuICAgICAgJ1N0cmluZ0VxdWFscyc6IHsgJ2NvZ25pdG8taWRlbnRpdHkuYW1hem9uYXdzLmNvbTphdWQnOiBvcHRpb25zLmlkZW50aXR5cG9vbC5yZWYgfSxcbiAgICAgICdGb3JBbnlWYWx1ZTpTdHJpbmdMaWtlJzogeyAnY29nbml0by1pZGVudGl0eS5hbWF6b25hd3MuY29tOmFtcic6ICdhdXRoZW50aWNhdGVkJyB9XG4gICAgfSxcbiAgICAnc3RzOkFzc3VtZVJvbGVXaXRoV2ViSWRlbnRpdHknKTtcblxuICBjb25zdCBjb2duaXRvQXV0aG9yaXplZFJvbGUgPSBuZXcgaWFtLlJvbGUoc2NvcGUsICdDb2duaXRvQXV0aG9yaXplZFJvbGUnLCB7XG4gICAgYXNzdW1lZEJ5OiBjb2duaXRvUHJpbmNpcGFsLFxuICAgIGlubGluZVBvbGljaWVzOiB7XG4gICAgICBDb2duaXRvQWNjZXNzUG9saWN5OiBuZXcgaWFtLlBvbGljeURvY3VtZW50KHtcbiAgICAgICAgc3RhdGVtZW50czogW25ldyBpYW0uUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgICBhY3Rpb25zOiBbXG4gICAgICAgICAgICAnZXM6RVNIdHRwKidcbiAgICAgICAgICBdLFxuICAgICAgICAgIHJlc291cmNlczogW2Bhcm46JHtjZGsuQXdzLlBBUlRJVElPTn06ZXM6JHtjZGsuQXdzLlJFR0lPTn06JHtjZGsuQXdzLkFDQ09VTlRfSUR9OmRvbWFpbi8ke2RvbWFpbk5hbWV9LypgXVxuICAgICAgICB9KVxuICAgICAgICBdXG4gICAgICB9KVxuICAgIH1cbiAgfSk7XG5cbiAgYWRkQ2ZuR3VhcmRTdXBwcmVzc1J1bGVzKGNvZ25pdG9BdXRob3JpemVkUm9sZSwgW1wiSUFNX05PX0lOTElORV9QT0xJQ1lfQ0hFQ0tcIl0pO1xuXG4gIC8vIEF0dGFjaCB0aGUgSUFNIFJvbGUgZm9yIENvZ25pdG8gQXV0aG9yaXplZCBVc2Vyc1xuICBjb25zdCBwcm9wczogY29nbml0by5DZm5JZGVudGl0eVBvb2xSb2xlQXR0YWNobWVudFByb3BzID0ge1xuICAgIGlkZW50aXR5UG9vbElkOiBvcHRpb25zLmlkZW50aXR5cG9vbC5yZWYsXG4gICAgcm9sZXM6IHtcbiAgICAgIGF1dGhlbnRpY2F0ZWQ6IGNvZ25pdG9BdXRob3JpemVkUm9sZS5yb2xlQXJuXG4gICAgfVxuICB9O1xuXG4gIC8vIE1pbmltaXplIGNvZGUgaW4gYSBOT1NPTkEgbGluZVxuICBuZXcgY29nbml0by5DZm5JZGVudGl0eVBvb2xSb2xlQXR0YWNobWVudChzY29wZSwgJ0lkZW50aXR5UG9vbFJvbGVNYXBwaW5nJywgcHJvcHMpOyAvLyBOT1NPTkFSXG5cbiAgcmV0dXJuIGNvZ25pdG9BdXRob3JpemVkUm9sZTtcbn1cblxuLyoqXG4gKiBAaW50ZXJuYWwgVGhpcyBpcyBhbiBpbnRlcm5hbCBjb3JlIGZ1bmN0aW9uIGFuZCBzaG91bGQgbm90IGJlIGNhbGxlZCBkaXJlY3RseSBieSBTb2x1dGlvbnMgQ29uc3RydWN0cyBjbGllbnRzLlxuICovXG5leHBvcnQgZnVuY3Rpb24gYnVpbGRDb2duaXRvRm9yU2VhcmNoU2VydmljZShzY29wZTogQ29uc3RydWN0LCBkb21haW5OYW1lOiBzdHJpbmcpOlxuICBbY29nbml0by5Vc2VyUG9vbCwgY29nbml0by5Vc2VyUG9vbENsaWVudCwgY29nbml0by5DZm5JZGVudGl0eVBvb2wsIGlhbS5Sb2xlXSB7XG4gIGNvbnN0IHVzZXJQb29sID0gYnVpbGRVc2VyUG9vbChzY29wZSk7XG4gIGNvbnN0IHVzZXJQb29sQ2xpZW50ID0gYnVpbGRVc2VyUG9vbENsaWVudChzY29wZSwgdXNlclBvb2wpO1xuICBjb25zdCBpZGVudGl0eVBvb2wgPSBidWlsZElkZW50aXR5UG9vbChzY29wZSwgdXNlclBvb2wsIHVzZXJQb29sQ2xpZW50KTtcblxuICBjb25zdCBjb2duaXRvQXV0aG9yaXplZFJvbGU6IGlhbS5Sb2xlID0gc2V0dXBDb2duaXRvRm9yU2VhcmNoU2VydmljZShzY29wZSwgZG9tYWluTmFtZSwge1xuICAgIHVzZXJwb29sOiB1c2VyUG9vbCxcbiAgICBpZGVudGl0eXBvb2w6IGlkZW50aXR5UG9vbCxcbiAgICB1c2VycG9vbGNsaWVudDogdXNlclBvb2xDbGllbnRcbiAgfSk7XG5cbiAgcmV0dXJuIFt1c2VyUG9vbCwgdXNlclBvb2xDbGllbnQsIGlkZW50aXR5UG9vbCwgY29nbml0b0F1dGhvcml6ZWRSb2xlXTtcbn0iXX0=