· 6 years ago · Mar 14, 2019, 06:54 AM
1//@ts-check
2
3let {sigV4Client} = require('./SigV4Client');
4var AmazonCognitoIdentity = require('amazon-cognito-identity-js');
5let AWS = require('aws-sdk');
6
7module.exports = {
8 login,
9 invokeApig,
10 };
11
12
13function login(username, password) {
14 const userPool = new AmazonCognitoIdentity.CognitoUserPool({
15 UserPoolId: process.env.COGNITO_USER_POOL_ID,
16 ClientId: process.env.COGNITO_APP_CLIENT_ID
17 });
18 const user = new AmazonCognitoIdentity.CognitoUser({ Username: username, Pool: userPool });
19 const authenticationData = { Username: username, Password: password };
20 const authenticationDetails = new AmazonCognitoIdentity.AuthenticationDetails(authenticationData);
21
22 return new Promise((resolve, reject) =>
23 user.authenticateUser(authenticationDetails, {
24 onSuccess: result => resolve(),
25 onFailure: err => {
26 console.log('err is ', err);
27 reject(err)}
28 })
29 );
30 }
31
32 function getUserToken(currentUser) {
33 return new Promise((resolve, reject) => {
34 currentUser.getSession(function(err, session) {
35 if (err) {
36 reject(err);
37 return;
38 }
39 resolve(session.getIdToken().getJwtToken());
40 });
41 });
42 }
43
44 function getCurrentUser() {
45 const userPool = new AmazonCognitoIdentity.CognitoUserPool({
46 UserPoolId: process.env.COGNITO_USER_POOL_ID,
47 ClientId: process.env.COGNITO_APP_CLIENT_ID
48 });
49 return userPool.getCurrentUser();
50 }
51
52
53 function getAwsCredentials(userToken) {
54 const authenticator = "cognito-idp." + process.env.COGNITO_REGION + ".amazonaws.com/" + process.env.COGNITO_USER_POOL_ID;
55 AWS.config.update({ region: process.env.COGNITO_REGION });
56 //console.log('userToken '+userToken);
57
58 AWS.config.credentials = new AWS.CognitoIdentityCredentials({
59 IdentityPoolId: process.env.COGNITO_IDENTITY_POOL_ID,
60 Logins: {
61 [authenticator]: userToken
62 }
63 });
64
65 return AWS.config.credentials.getPromise();
66 }
67
68
69 async function invokeApig(endpoint,
70 path,
71 method,
72 headers,
73 queryParams,
74 body
75 ) {
76
77
78 const currentUser = getCurrentUser();
79 //console.log('current user is '+JSON.stringify(currentUser));
80
81 const userToken = await getUserToken(currentUser);
82 await getAwsCredentials(userToken);
83
84 //console.log('accessKeyId '+AWS.config.credentials.accessKeyId);
85 //console.log('secretAccessKey '+AWS.config.credentials.secretAccessKey);
86 //console.log('sessionToken '+AWS.config.credentials.sessionToken);
87
88 const signedRequest = sigV4Client
89 .newClient({
90 accessKey: AWS.config.credentials.accessKeyId,
91 secretKey: AWS.config.credentials.secretAccessKey,
92 sessionToken: AWS.config.credentials.sessionToken,
93 region: process.env.API_GATEWAY_REGION,
94 endpoint: endpoint
95 })
96 .signRequest({
97 method,
98 path,
99 headers,
100 queryParams,
101 body
102 });
103
104 body = body ? JSON.stringify(body) : body;
105 headers = signedRequest.headers;
106
107 const results = await fetch(signedRequest.url, {
108 method,
109 headers,
110 body
111 });
112
113 //console.log('results : '+JSON.stringify(results));
114 if (results.status !== 200) {
115 throw new Error(await results.text());
116 }
117
118 return results.json();
119 }