UNPKG

@orcden/od-authentication

Version:

OrcDen Authentication Library

280 lines (256 loc) 9.36 kB
import { CognitoIdentityProviderClient, AdminCreateUserCommand, ListUsersCommand, AdminGetUserCommand, AdminDeleteUserCommand, AdminUpdateUserAttributesCommand } from "@aws-sdk/client-cognito-identity-provider"; import { CognitoIdentityClient } from "@aws-sdk/client-cognito-identity"; import { fromCognitoIdentityPool } from "@aws-sdk/credential-provider-cognito-identity"; export class ODCognitoAdmin { constructor( config, cognitoAuth ) { this._user = null; this._REGION = config.region; this._USER_POOL_ID = config.userPoolId; this._IDENTITY_POOL_ID = config.identityPoolId; this._cognitoAuth = cognitoAuth; } _createCognitoIdentityProviderClient() { let logins = {} logins['cognito-idp.' + this._REGION + '.amazonaws.com/' + this._USER_POOL_ID] = this.user.signInUserSession.idToken.getJwtToken(); return new CognitoIdentityProviderClient( { region: this._REGION, credentials: fromCognitoIdentityPool({ client: new CognitoIdentityClient({ region: this._REGION }), identityPoolId: this._IDENTITY_POOL_ID, logins: logins }) } ); } get user() { return this._cognitoAuth.user; } async adminCreateUser( userName, email, callback ) { if( !this.user || !this.user.signInUserSession ) { return callback( null, "ERROR: No Authenticated User" ) } let cognitoidentityserviceprovider = this._createCognitoIdentityProviderClient(); var params = { UserPoolId: this._USER_POOL_ID, Username: userName, UserAttributes: [ { Name: 'email', Value: email }, { Name: 'email_verified', Value: 'true' } ] }; const command = new AdminCreateUserCommand( params ); let err = null; let data = null; try { data = await cognitoidentityserviceprovider.send( command ); } catch( error ) { console.log( 'There was an error while trying to create the user: ', error ); err = error; } if( callback ) { callback( data, err ); } return data; } async adminListUsers( filter, pagination, callback ) { if( !this.user || !this.user.signInUserSession ) { return callback( null, "ERROR: No Authenticated User" ) } let cognitoidentityserviceprovider = this._createCognitoIdentityProviderClient(); var params = { UserPoolId: this._USER_POOL_ID }; if( filter ) { params['Filter'] = filter; } if( pagination ) { params['PaginationToken'] = pagination; } const command = new ListUsersCommand( params ); let err = null; let data = null; try { data = await cognitoidentityserviceprovider.send( command ); } catch( error ) { console.log( 'There was an error while trying to list all user pool users: ', error ); err = error; } if( callback ) { callback( data.Users, err ); } return data.Users; } async adminGetUser( userName, callback ) { if( !this.user || !this.user.signInUserSession ) { return callback( null, "ERROR: No Authenticated User" ) } let cognitoidentityserviceprovider = this._createCognitoIdentityProviderClient(); var params = { UserPoolId: this._USER_POOL_ID, Username: userName }; const command = new AdminGetUserCommand( params ); let err = null; let data = null; try { data = await cognitoidentityserviceprovider.send( command ); } catch( error ) { console.log( 'There was an error while trying to get the user: ', error ); err = error; } if( callback ) { callback( data, err ); } return data; } async adminGetUserByEmail( email, callback ) { if( !this.user || !this.user.signInUserSession ) { return callback( null, "ERROR: No Authenticated User" ) } let cognitoidentityserviceprovider = this._createCognitoIdentityProviderClient(); var params = { UserPoolId: this._USER_POOL_ID, Filter: 'email = "' + email + '"' }; const command = new ListUsersCommand( params ); let err = null; let data = null; try { data = await cognitoidentityserviceprovider.send( command ); } catch( error ) { console.log( 'There was an error while trying to get the user: ', error ); err = error; } let returnVal = null; if( data.Users && data.Users.length && data.Users.length > 0 ) { if( data.Users.length > 1 ) { err = "Multiple users found with the same email." } else { returnVal = data.Users[0]; } } if( callback ) { callback( returnVal, err ); } return returnVal; } async adminDeleteUser( userName, callback ) { if( !this.user || !this.user.signInUserSession ) { return callback( null, "ERROR: No Authenticated User" ) } let cognitoidentityserviceprovider = this._createCognitoIdentityProviderClient(); var params = { UserPoolId: this._USER_POOL_ID, Username: userName }; const command = new AdminDeleteUserCommand( params ); let err = null; let data = null; try { data = await cognitoidentityserviceprovider.send( command ); } catch( error ) { console.log( 'There was an error while trying to delete the user: ', error ); err = error; } if( callback ) { callback( data, err ); } return data; } async adminUpdateUserEmail( userName, email, callback ) { if( !this.user || !this.user.signInUserSession ) { return callback( null, "ERROR: No Authenticated User" ) } let cognitoidentityserviceprovider = this._createCognitoIdentityProviderClient(); var params = { UserPoolId: this._USER_POOL_ID, Username: userName, UserAttributes: [ { Name: 'email', Value: email }, { Name: 'email_verified', Value: 'true' } ] }; const command = new AdminUpdateUserAttributesCommand( params ); let err = null; let data = null; try { data = await cognitoidentityserviceprovider.send( command ); } catch( error ) { console.log( 'There was an error while trying to update the users email: ', error ); err = error; } if( callback ) { callback( data, err ); } return data; } async adminResendInvites( userName, newUserName, email, callback ) { if( !this.user || !this.user.signInUserSession ) { return callback( null, "ERROR: No Authenticated User" ) } let cognitoidentityserviceprovider = this._createCognitoIdentityProviderClient(); //Delete User var params = { UserPoolId: this._USER_POOL_ID, Username: userName, }; let command = new AdminDeleteUserCommand( params ); let err = null; let data = null; try { data = await cognitoidentityserviceprovider.send( command ); } catch( error ) { console.log( 'There was an error while trying to resend the invite emails: ', error ); err = error; return; } //Re-Create User params = { UserPoolId: this._USER_POOL_ID, Username: newUserName, UserAttributes: [ { Name: 'email', Value: email }, { Name: 'email_verified', Value: 'true' } ] }; command = new AdminCreateUserCommand( params ); err = null; data = null; try { data = await cognitoidentityserviceprovider.send( command ); } catch( error ) { console.log( 'There was an error while trying to resend the invite emails: ', error ); err = error; } if( callback ) { callback( data, err ); } return data; } }