forked from fourTheorem/slic-starter
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcognito-util.js
88 lines (74 loc) · 2.41 KB
/
cognito-util.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
import {
AdminCreateUserCommand,
AdminDeleteUserCommand,
AdminInitiateAuthCommand,
AdminRespondToAuthChallengeCommand,
CognitoIdentityProviderClient,
} from '@aws-sdk/client-cognito-identity-provider';
import awscred from 'awscred';
import jwt from 'jsonwebtoken';
import { Chance } from 'chance';
import { generateEmailAddress } from 'test-common';
import { loadBackendConfig } from './backend-config.js';
const generatePassword = () => `${Chance().string({ length: 10 })}!Aa0`;
const awsRegion = awscred.loadRegionSync();
const cognitoServiceProvider = new CognitoIdentityProviderClient({
region: awsRegion,
});
export async function createUser() {
const email = generateEmailAddress();
const password = generatePassword();
const backendConfig = await loadBackendConfig();
const createRequest = {
UserPoolId: backendConfig.userPoolId,
Username: email,
MessageAction: 'SUPPRESS',
TemporaryPassword: password,
UserAttributes: [{ Name: 'email', Value: email }],
};
await cognitoServiceProvider.send(new AdminCreateUserCommand(createRequest));
const authRequest = {
AuthFlow: 'ADMIN_NO_SRP_AUTH',
UserPoolId: backendConfig.userPoolId,
ClientId: backendConfig.userPoolClientId,
AuthParameters: {
USERNAME: email,
PASSWORD: password,
},
};
const authResponse = await cognitoServiceProvider.send(
new AdminInitiateAuthCommand(authRequest)
);
const challengeRequest = {
UserPoolId: backendConfig.userPoolId,
ClientId: backendConfig.userPoolClientId,
ChallengeName: authResponse.ChallengeName,
Session: authResponse.Session,
ChallengeResponses: {
USERNAME: email,
NEW_PASSWORD: generatePassword(),
},
};
const challengeResponse = await cognitoServiceProvider.send(
new AdminRespondToAuthChallengeCommand(challengeRequest)
);
const { 'cognito:username': userId } = jwt.decode(
challengeResponse.AuthenticationResult.IdToken
);
const user = {
userId,
email,
username: email,
accessToken: challengeResponse.AuthenticationResult.AccessToken,
idToken: challengeResponse.AuthenticationResult.IdToken,
};
return user;
}
export async function deleteUser(user) {
const backendConfig = await loadBackendConfig();
const deleteRequest = {
UserPoolId: backendConfig.userPoolId,
Username: user.email,
};
await cognitoServiceProvider.send(new AdminDeleteUserCommand(deleteRequest));
}