agent-claw: automated task changes

2026-05-06 18:55:16 -05:00
parent 38905bb1e9
commit 732b00fb66
8494 changed files with 2018127 additions and 4 deletions
--- a/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/amazon.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/amazon.d.ts
@@ -0,0 +1,34 @@
+import type { Construct } from 'constructs';
+import type { UserPoolIdentityProviderProps } from './base';
+import { UserPoolIdentityProviderBase } from './private/user-pool-idp-base';
+/**
+ * Properties to initialize UserPoolAmazonIdentityProvider
+ */
+export interface UserPoolIdentityProviderAmazonProps extends UserPoolIdentityProviderProps {
+    /**
+     * The client id recognized by Login with Amazon APIs.
+     * @see https://developer.amazon.com/docs/login-with-amazon/security-profile.html#client-identifier
+     */
+    readonly clientId: string;
+    /**
+     * The client secret to be accompanied with clientId for Login with Amazon APIs to authenticate the client.
+     * @see https://developer.amazon.com/docs/login-with-amazon/security-profile.html#client-identifier
+     */
+    readonly clientSecret: string;
+    /**
+     * The types of user profile data to obtain for the Amazon profile.
+     * @see https://developer.amazon.com/docs/login-with-amazon/customer-profile.html
+     * @default [ profile ]
+     */
+    readonly scopes?: string[];
+}
+/**
+ * Represents an identity provider that integrates with Login with Amazon
+ * @resource AWS::Cognito::UserPoolIdentityProvider
+ */
+export declare class UserPoolIdentityProviderAmazon extends UserPoolIdentityProviderBase {
+    /** Uniquely identifies this class. */
+    static readonly PROPERTY_INJECTION_ID: string;
+    readonly providerName: string;
+    constructor(scope: Construct, id: string, props: UserPoolIdentityProviderAmazonProps);
+}
--- a/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/amazon.js
+++ b/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/amazon.js
@@ -0,0 +1 @@
+"use strict";var __esDecorate=exports&&exports.__esDecorate||function(ctor,descriptorIn,decorators,contextIn,initializers,extraInitializers){function accept(f){if(f!==void 0&&typeof f!="function")throw new TypeError("Function expected");return f}for(var kind=contextIn.kind,key=kind==="getter"?"get":kind==="setter"?"set":"value",target=!descriptorIn&&ctor?contextIn.static?ctor:ctor.prototype:null,descriptor=descriptorIn||(target?Object.getOwnPropertyDescriptor(target,contextIn.name):{}),_,done=!1,i=decorators.length-1;i>=0;i--){var context={};for(var p in contextIn)context[p]=p==="access"?{}:contextIn[p];for(var p in contextIn.access)context.access[p]=contextIn.access[p];context.addInitializer=function(f){if(done)throw new TypeError("Cannot add initializers after decoration has completed");extraInitializers.push(accept(f||null))};var result=(0,decorators[i])(kind==="accessor"?{get:descriptor.get,set:descriptor.set}:descriptor[key],context);if(kind==="accessor"){if(result===void 0)continue;if(result===null||typeof result!="object")throw new TypeError("Object expected");(_=accept(result.get))&&(descriptor.get=_),(_=accept(result.set))&&(descriptor.set=_),(_=accept(result.init))&&initializers.unshift(_)}else(_=accept(result))&&(kind==="field"?initializers.unshift(_):descriptor[key]=_)}target&&Object.defineProperty(target,contextIn.name,descriptor),done=!0},__runInitializers=exports&&exports.__runInitializers||function(thisArg,initializers,value){for(var useValue=arguments.length>2,i=0;i<initializers.length;i++)value=useValue?initializers[i].call(thisArg,value):initializers[i].call(thisArg);return useValue?value:void 0};Object.defineProperty(exports,"__esModule",{value:!0}),exports.UserPoolIdentityProviderAmazon=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var user_pool_idp_base_1=()=>{var tmp=require("./private/user-pool-idp-base");return user_pool_idp_base_1=()=>tmp,tmp},metadata_resource_1=()=>{var tmp=require("../../../core/lib/metadata-resource");return metadata_resource_1=()=>tmp,tmp},prop_injectable_1=()=>{var tmp=require("../../../core/lib/prop-injectable");return prop_injectable_1=()=>tmp,tmp},cognito_generated_1=()=>{var tmp=require("../cognito.generated");return cognito_generated_1=()=>tmp,tmp};let UserPoolIdentityProviderAmazon=(()=>{let _classDecorators=[prop_injectable_1().propertyInjectable],_classDescriptor,_classExtraInitializers=[],_classThis,_classSuper=user_pool_idp_base_1().UserPoolIdentityProviderBase;var UserPoolIdentityProviderAmazon2=class extends _classSuper{static{_classThis=this}static{const _metadata=typeof Symbol=="function"&&Symbol.metadata?Object.create(_classSuper[Symbol.metadata]??null):void 0;__esDecorate(null,_classDescriptor={value:_classThis},_classDecorators,{kind:"class",name:_classThis.name,metadata:_metadata},null,_classExtraInitializers),UserPoolIdentityProviderAmazon2=_classThis=_classDescriptor.value,_metadata&&Object.defineProperty(_classThis,Symbol.metadata,{enumerable:!0,configurable:!0,writable:!0,value:_metadata})}static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_cognito.UserPoolIdentityProviderAmazon",version:"2.252.0"};static PROPERTY_INJECTION_ID="aws-cdk-lib.aws-cognito.UserPoolIdentityProviderAmazon";providerName;constructor(scope,id,props){super(scope,id,props);try{jsiiDeprecationWarnings().aws_cdk_lib_aws_cognito_UserPoolIdentityProviderAmazonProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,UserPoolIdentityProviderAmazon2),error}(0,metadata_resource_1().addConstructMetadata)(this,props);const scopes=props.scopes??["profile"],resource=new(cognito_generated_1()).CfnUserPoolIdentityProvider(this,"Resource",{userPoolId:props.userPool.userPoolRef.userPoolId,providerName:"LoginWithAmazon",providerType:"LoginWithAmazon",providerDetails:{client_id:props.clientId,client_secret:props.clientSecret,authorize_scopes:scopes.join(" ")},attributeMapping:super.configureAttributeMapping()});this.providerName=super.getResourceNameAttribute(resource.ref),props.userPool.registerIdentityProvider(this)}static{__runInitializers(_classThis,_classExtraInitializers)}};return UserPoolIdentityProviderAmazon2=_classThis})();exports.UserPoolIdentityProviderAmazon=UserPoolIdentityProviderAmazon;
--- a/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/apple.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/apple.d.ts
@@ -0,0 +1,50 @@
+import type { Construct } from 'constructs';
+import type { UserPoolIdentityProviderProps } from './base';
+import { UserPoolIdentityProviderBase } from './private/user-pool-idp-base';
+import type { SecretValue } from '../../../core';
+/**
+ * Properties to initialize UserPoolAppleIdentityProvider
+ */
+export interface UserPoolIdentityProviderAppleProps extends UserPoolIdentityProviderProps {
+    /**
+     * The client id recognized by Apple APIs.
+     * @see https://developer.apple.com/documentation/sign_in_with_apple/clientconfigi/3230948-clientid
+     */
+    readonly clientId: string;
+    /**
+     * The teamId for Apple APIs to authenticate the client.
+     */
+    readonly teamId: string;
+    /**
+     * The keyId (of the same key, which content has to be later supplied as `privateKey`) for Apple APIs to authenticate the client.
+     */
+    readonly keyId: string;
+    /**
+     * The privateKey content for Apple APIs to authenticate the client.
+     *
+     * @deprecated use privateKeyValue
+     * @default none
+     */
+    readonly privateKey?: string;
+    /**
+     * The privateKey content for Apple APIs to authenticate the client.
+     * @default none
+     */
+    readonly privateKeyValue?: SecretValue;
+    /**
+     * The list of apple permissions to obtain for getting access to the apple profile
+     * @see https://developer.apple.com/documentation/sign_in_with_apple/clientconfigi/3230955-scope
+     * @default [ name ]
+     */
+    readonly scopes?: string[];
+}
+/**
+ * Represents an identity provider that integrates with Apple
+ * @resource AWS::Cognito::UserPoolIdentityProvider
+ */
+export declare class UserPoolIdentityProviderApple extends UserPoolIdentityProviderBase {
+    /** Uniquely identifies this class. */
+    static readonly PROPERTY_INJECTION_ID: string;
+    readonly providerName: string;
+    constructor(scope: Construct, id: string, props: UserPoolIdentityProviderAppleProps);
+}
--- a/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/apple.js
+++ b/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/apple.js
@@ -0,0 +1 @@
+"use strict";var __esDecorate=exports&&exports.__esDecorate||function(ctor,descriptorIn,decorators,contextIn,initializers,extraInitializers){function accept(f){if(f!==void 0&&typeof f!="function")throw new TypeError("Function expected");return f}for(var kind=contextIn.kind,key=kind==="getter"?"get":kind==="setter"?"set":"value",target=!descriptorIn&&ctor?contextIn.static?ctor:ctor.prototype:null,descriptor=descriptorIn||(target?Object.getOwnPropertyDescriptor(target,contextIn.name):{}),_,done=!1,i=decorators.length-1;i>=0;i--){var context={};for(var p in contextIn)context[p]=p==="access"?{}:contextIn[p];for(var p in contextIn.access)context.access[p]=contextIn.access[p];context.addInitializer=function(f){if(done)throw new TypeError("Cannot add initializers after decoration has completed");extraInitializers.push(accept(f||null))};var result=(0,decorators[i])(kind==="accessor"?{get:descriptor.get,set:descriptor.set}:descriptor[key],context);if(kind==="accessor"){if(result===void 0)continue;if(result===null||typeof result!="object")throw new TypeError("Object expected");(_=accept(result.get))&&(descriptor.get=_),(_=accept(result.set))&&(descriptor.set=_),(_=accept(result.init))&&initializers.unshift(_)}else(_=accept(result))&&(kind==="field"?initializers.unshift(_):descriptor[key]=_)}target&&Object.defineProperty(target,contextIn.name,descriptor),done=!0},__runInitializers=exports&&exports.__runInitializers||function(thisArg,initializers,value){for(var useValue=arguments.length>2,i=0;i<initializers.length;i++)value=useValue?initializers[i].call(thisArg,value):initializers[i].call(thisArg);return useValue?value:void 0};Object.defineProperty(exports,"__esModule",{value:!0}),exports.UserPoolIdentityProviderApple=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var user_pool_idp_base_1=()=>{var tmp=require("./private/user-pool-idp-base");return user_pool_idp_base_1=()=>tmp,tmp},errors_1=()=>{var tmp=require("../../../core/lib/errors");return errors_1=()=>tmp,tmp},metadata_resource_1=()=>{var tmp=require("../../../core/lib/metadata-resource");return metadata_resource_1=()=>tmp,tmp},literal_string_1=()=>{var tmp=require("../../../core/lib/private/literal-string");return literal_string_1=()=>tmp,tmp},prop_injectable_1=()=>{var tmp=require("../../../core/lib/prop-injectable");return prop_injectable_1=()=>tmp,tmp},cognito_generated_1=()=>{var tmp=require("../cognito.generated");return cognito_generated_1=()=>tmp,tmp};let UserPoolIdentityProviderApple=(()=>{let _classDecorators=[prop_injectable_1().propertyInjectable],_classDescriptor,_classExtraInitializers=[],_classThis,_classSuper=user_pool_idp_base_1().UserPoolIdentityProviderBase;var UserPoolIdentityProviderApple2=class extends _classSuper{static{_classThis=this}static{const _metadata=typeof Symbol=="function"&&Symbol.metadata?Object.create(_classSuper[Symbol.metadata]??null):void 0;__esDecorate(null,_classDescriptor={value:_classThis},_classDecorators,{kind:"class",name:_classThis.name,metadata:_metadata},null,_classExtraInitializers),UserPoolIdentityProviderApple2=_classThis=_classDescriptor.value,_metadata&&Object.defineProperty(_classThis,Symbol.metadata,{enumerable:!0,configurable:!0,writable:!0,value:_metadata})}static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_cognito.UserPoolIdentityProviderApple",version:"2.252.0"};static PROPERTY_INJECTION_ID="aws-cdk-lib.aws-cognito.UserPoolIdentityProviderApple";providerName;constructor(scope,id,props){super(scope,id,props);try{jsiiDeprecationWarnings().aws_cdk_lib_aws_cognito_UserPoolIdentityProviderAppleProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,UserPoolIdentityProviderApple2),error}(0,metadata_resource_1().addConstructMetadata)(this,props);const scopes=props.scopes??["name"];if(!props.privateKey&&!props.privateKeyValue||props.privateKey&&props.privateKeyValue)throw new(errors_1()).ValidationError((0,literal_string_1().lit)`MustBeExactlyPrivatekeyPrivatekeyvalue`,'Exactly one of "privateKey" or "privateKeyValue" must be configured.',this);const resource=new(cognito_generated_1()).CfnUserPoolIdentityProvider(this,"Resource",{userPoolId:props.userPool.userPoolRef.userPoolId,providerName:"SignInWithApple",providerType:"SignInWithApple",providerDetails:{client_id:props.clientId,team_id:props.teamId,key_id:props.keyId,private_key:props.privateKeyValue?props.privateKeyValue.unsafeUnwrap():props.privateKey,authorize_scopes:scopes.join(" ")},attributeMapping:super.configureAttributeMapping()});this.providerName=super.getResourceNameAttribute(resource.ref),props.userPool.registerIdentityProvider(this)}static{__runInitializers(_classThis,_classExtraInitializers)}};return UserPoolIdentityProviderApple2=_classThis})();exports.UserPoolIdentityProviderApple=UserPoolIdentityProviderApple;
--- a/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/base.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/base.d.ts
@@ -0,0 +1,187 @@
+import type { IUserPool } from '../user-pool';
+/**
+ * An attribute available from a third party identity provider.
+ */
+export declare class ProviderAttribute {
+    /** The email attribute provided by Apple */
+    static readonly APPLE_EMAIL: ProviderAttribute;
+    /** The email verified attribute provided by Apple */
+    static readonly APPLE_EMAIL_VERIFIED: ProviderAttribute;
+    /** The name attribute provided by Apple */
+    static readonly APPLE_NAME: ProviderAttribute;
+    /** The first name attribute provided by Apple */
+    static readonly APPLE_FIRST_NAME: ProviderAttribute;
+    /** The last name attribute provided by Apple */
+    static readonly APPLE_LAST_NAME: ProviderAttribute;
+    /** The user id attribute provided by Amazon */
+    static readonly AMAZON_USER_ID: ProviderAttribute;
+    /** The email attribute provided by Amazon */
+    static readonly AMAZON_EMAIL: ProviderAttribute;
+    /** The name attribute provided by Amazon */
+    static readonly AMAZON_NAME: ProviderAttribute;
+    /** The postal code attribute provided by Amazon */
+    static readonly AMAZON_POSTAL_CODE: ProviderAttribute;
+    /** The user id attribute provided by Facebook */
+    static readonly FACEBOOK_ID: ProviderAttribute;
+    /** The birthday attribute provided by Facebook */
+    static readonly FACEBOOK_BIRTHDAY: ProviderAttribute;
+    /** The email attribute provided by Facebook */
+    static readonly FACEBOOK_EMAIL: ProviderAttribute;
+    /** The name attribute provided by Facebook */
+    static readonly FACEBOOK_NAME: ProviderAttribute;
+    /** The first name attribute provided by Facebook */
+    static readonly FACEBOOK_FIRST_NAME: ProviderAttribute;
+    /** The last name attribute provided by Facebook */
+    static readonly FACEBOOK_LAST_NAME: ProviderAttribute;
+    /** The middle name attribute provided by Facebook */
+    static readonly FACEBOOK_MIDDLE_NAME: ProviderAttribute;
+    /** The gender attribute provided by Facebook */
+    static readonly FACEBOOK_GENDER: ProviderAttribute;
+    /** The locale attribute provided by Facebook */
+    static readonly FACEBOOK_LOCALE: ProviderAttribute;
+    /** The name attribute provided by Google */
+    static readonly GOOGLE_NAMES: ProviderAttribute;
+    /** The gender attribute provided by Google */
+    static readonly GOOGLE_GENDER: ProviderAttribute;
+    /** The birthday attribute provided by Google */
+    static readonly GOOGLE_BIRTHDAYS: ProviderAttribute;
+    /** The phone number attribute provided by Google */
+    static readonly GOOGLE_PHONE_NUMBERS: ProviderAttribute;
+    /** The email attribute provided by Google */
+    static readonly GOOGLE_EMAIL: ProviderAttribute;
+    /** The email verified attribute provided by Google */
+    static readonly GOOGLE_EMAIL_VERIFIED: ProviderAttribute;
+    /** The name attribute provided by Google */
+    static readonly GOOGLE_NAME: ProviderAttribute;
+    /** The picture attribute provided by Google */
+    static readonly GOOGLE_PICTURE: ProviderAttribute;
+    /** The given name attribute provided by Google */
+    static readonly GOOGLE_GIVEN_NAME: ProviderAttribute;
+    /** The family name attribute provided by Google */
+    static readonly GOOGLE_FAMILY_NAME: ProviderAttribute;
+    /**
+     * Use this to specify an attribute from the identity provider that is not pre-defined in the CDK.
+     * @param attributeName the attribute value string as recognized by the provider
+     */
+    static other(attributeName: string): ProviderAttribute;
+    /** The attribute value string as recognized by the provider. */
+    readonly attributeName: string;
+    private constructor();
+}
+/**
+ * The mapping of user pool attributes to the attributes provided by the identity providers.
+ */
+export interface AttributeMapping {
+    /**
+     * The user's postal address is a required attribute.
+     * @default - not mapped
+     */
+    readonly address?: ProviderAttribute;
+    /**
+     * The user's birthday.
+     * @default - not mapped
+     */
+    readonly birthdate?: ProviderAttribute;
+    /**
+     * The user's e-mail address.
+     * @default - not mapped
+     */
+    readonly email?: ProviderAttribute;
+    /**
+     * The user's e-mail address is verification.
+     * @default - not mapped
+     */
+    readonly emailVerified?: ProviderAttribute;
+    /**
+     * The surname or last name of user.
+     * @default - not mapped
+     */
+    readonly familyName?: ProviderAttribute;
+    /**
+     * The user's gender.
+     * @default - not mapped
+     */
+    readonly gender?: ProviderAttribute;
+    /**
+     * The user's first name or give name.
+     * @default - not mapped
+     */
+    readonly givenName?: ProviderAttribute;
+    /**
+     * The user's locale.
+     * @default - not mapped
+     */
+    readonly locale?: ProviderAttribute;
+    /**
+     * The user's middle name.
+     * @default - not mapped
+     */
+    readonly middleName?: ProviderAttribute;
+    /**
+     * The user's full name in displayable form.
+     * @default - not mapped
+     */
+    readonly fullname?: ProviderAttribute;
+    /**
+     * The user's nickname or casual name.
+     * @default - not mapped
+     */
+    readonly nickname?: ProviderAttribute;
+    /**
+     * The user's telephone number.
+     * @default - not mapped
+     */
+    readonly phoneNumber?: ProviderAttribute;
+    /**
+     * The URL to the user's profile picture.
+     * @default - not mapped
+     */
+    readonly profilePicture?: ProviderAttribute;
+    /**
+     * The user's preferred username.
+     * @default - not mapped
+     */
+    readonly preferredUsername?: ProviderAttribute;
+    /**
+     * The URL to the user's profile page.
+     * @default - not mapped
+     */
+    readonly profilePage?: ProviderAttribute;
+    /**
+     * The user's time zone.
+     * @default - not mapped
+     */
+    readonly timezone?: ProviderAttribute;
+    /**
+     * Time, the user's information was last updated.
+     * @default - not mapped
+     */
+    readonly lastUpdateTime?: ProviderAttribute;
+    /**
+     * The URL to the user's web page or blog.
+     * @default - not mapped
+     */
+    readonly website?: ProviderAttribute;
+    /**
+     * Specify custom attribute mapping here and mapping for any standard attributes not supported yet.
+     * @default - no custom attribute mapping
+     */
+    readonly custom?: {
+        [key: string]: ProviderAttribute;
+    };
+}
+/**
+ * Properties to create a new instance of UserPoolIdentityProvider
+ *
+ */
+export interface UserPoolIdentityProviderProps {
+    /**
+     * The user pool to which this construct provides identities.
+     */
+    readonly userPool: IUserPool;
+    /**
+     * Mapping attributes from the identity provider to standard and custom attributes of the user pool.
+     * @default - no attribute mapping
+     */
+    readonly attributeMapping?: AttributeMapping;
+}
--- a/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/base.js
+++ b/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/base.js
@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.ProviderAttribute=void 0;const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");class ProviderAttribute{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_cognito.ProviderAttribute",version:"2.252.0"};static APPLE_EMAIL=new ProviderAttribute("email");static APPLE_EMAIL_VERIFIED=new ProviderAttribute("email_verified");static APPLE_NAME=new ProviderAttribute("name");static APPLE_FIRST_NAME=new ProviderAttribute("firstName");static APPLE_LAST_NAME=new ProviderAttribute("lastName");static AMAZON_USER_ID=new ProviderAttribute("user_id");static AMAZON_EMAIL=new ProviderAttribute("email");static AMAZON_NAME=new ProviderAttribute("name");static AMAZON_POSTAL_CODE=new ProviderAttribute("postal_code");static FACEBOOK_ID=new ProviderAttribute("id");static FACEBOOK_BIRTHDAY=new ProviderAttribute("birthday");static FACEBOOK_EMAIL=new ProviderAttribute("email");static FACEBOOK_NAME=new ProviderAttribute("name");static FACEBOOK_FIRST_NAME=new ProviderAttribute("first_name");static FACEBOOK_LAST_NAME=new ProviderAttribute("last_name");static FACEBOOK_MIDDLE_NAME=new ProviderAttribute("middle_name");static FACEBOOK_GENDER=new ProviderAttribute("gender");static FACEBOOK_LOCALE=new ProviderAttribute("locale");static GOOGLE_NAMES=new ProviderAttribute("names");static GOOGLE_GENDER=new ProviderAttribute("gender");static GOOGLE_BIRTHDAYS=new ProviderAttribute("birthdays");static GOOGLE_PHONE_NUMBERS=new ProviderAttribute("phoneNumbers");static GOOGLE_EMAIL=new ProviderAttribute("email");static GOOGLE_EMAIL_VERIFIED=new ProviderAttribute("email_verified");static GOOGLE_NAME=new ProviderAttribute("name");static GOOGLE_PICTURE=new ProviderAttribute("picture");static GOOGLE_GIVEN_NAME=new ProviderAttribute("given_name");static GOOGLE_FAMILY_NAME=new ProviderAttribute("family_name");static other(attributeName){return new ProviderAttribute(attributeName)}attributeName;constructor(attributeName){this.attributeName=attributeName}}exports.ProviderAttribute=ProviderAttribute;
--- a/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/facebook.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/facebook.d.ts
@@ -0,0 +1,38 @@
+import type { Construct } from 'constructs';
+import type { UserPoolIdentityProviderProps } from './base';
+import { UserPoolIdentityProviderBase } from './private/user-pool-idp-base';
+/**
+ * Properties to initialize UserPoolFacebookIdentityProvider
+ */
+export interface UserPoolIdentityProviderFacebookProps extends UserPoolIdentityProviderProps {
+    /**
+     * The client id recognized by Facebook APIs.
+     */
+    readonly clientId: string;
+    /**
+     * The client secret to be accompanied with clientId for Facebook to authenticate the client.
+     * @see https://developers.facebook.com/docs/facebook-login/security#appsecret
+     */
+    readonly clientSecret: string;
+    /**
+     * The list of Facebook permissions to obtain for getting access to the Facebook profile.
+     * @see https://developers.facebook.com/docs/facebook-login/permissions
+     * @default [ public_profile ]
+     */
+    readonly scopes?: string[];
+    /**
+     * The Facebook API version to use
+     * @default - to the oldest version supported by Facebook
+     */
+    readonly apiVersion?: string;
+}
+/**
+ * Represents an identity provider that integrates with Facebook Login
+ * @resource AWS::Cognito::UserPoolIdentityProvider
+ */
+export declare class UserPoolIdentityProviderFacebook extends UserPoolIdentityProviderBase {
+    /** Uniquely identifies this class. */
+    static readonly PROPERTY_INJECTION_ID: string;
+    readonly providerName: string;
+    constructor(scope: Construct, id: string, props: UserPoolIdentityProviderFacebookProps);
+}
--- a/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/facebook.js
+++ b/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/facebook.js
@@ -0,0 +1 @@
+"use strict";var __esDecorate=exports&&exports.__esDecorate||function(ctor,descriptorIn,decorators,contextIn,initializers,extraInitializers){function accept(f){if(f!==void 0&&typeof f!="function")throw new TypeError("Function expected");return f}for(var kind=contextIn.kind,key=kind==="getter"?"get":kind==="setter"?"set":"value",target=!descriptorIn&&ctor?contextIn.static?ctor:ctor.prototype:null,descriptor=descriptorIn||(target?Object.getOwnPropertyDescriptor(target,contextIn.name):{}),_,done=!1,i=decorators.length-1;i>=0;i--){var context={};for(var p in contextIn)context[p]=p==="access"?{}:contextIn[p];for(var p in contextIn.access)context.access[p]=contextIn.access[p];context.addInitializer=function(f){if(done)throw new TypeError("Cannot add initializers after decoration has completed");extraInitializers.push(accept(f||null))};var result=(0,decorators[i])(kind==="accessor"?{get:descriptor.get,set:descriptor.set}:descriptor[key],context);if(kind==="accessor"){if(result===void 0)continue;if(result===null||typeof result!="object")throw new TypeError("Object expected");(_=accept(result.get))&&(descriptor.get=_),(_=accept(result.set))&&(descriptor.set=_),(_=accept(result.init))&&initializers.unshift(_)}else(_=accept(result))&&(kind==="field"?initializers.unshift(_):descriptor[key]=_)}target&&Object.defineProperty(target,contextIn.name,descriptor),done=!0},__runInitializers=exports&&exports.__runInitializers||function(thisArg,initializers,value){for(var useValue=arguments.length>2,i=0;i<initializers.length;i++)value=useValue?initializers[i].call(thisArg,value):initializers[i].call(thisArg);return useValue?value:void 0};Object.defineProperty(exports,"__esModule",{value:!0}),exports.UserPoolIdentityProviderFacebook=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var user_pool_idp_base_1=()=>{var tmp=require("./private/user-pool-idp-base");return user_pool_idp_base_1=()=>tmp,tmp},metadata_resource_1=()=>{var tmp=require("../../../core/lib/metadata-resource");return metadata_resource_1=()=>tmp,tmp},prop_injectable_1=()=>{var tmp=require("../../../core/lib/prop-injectable");return prop_injectable_1=()=>tmp,tmp},cognito_generated_1=()=>{var tmp=require("../cognito.generated");return cognito_generated_1=()=>tmp,tmp};let UserPoolIdentityProviderFacebook=(()=>{let _classDecorators=[prop_injectable_1().propertyInjectable],_classDescriptor,_classExtraInitializers=[],_classThis,_classSuper=user_pool_idp_base_1().UserPoolIdentityProviderBase;var UserPoolIdentityProviderFacebook2=class extends _classSuper{static{_classThis=this}static{const _metadata=typeof Symbol=="function"&&Symbol.metadata?Object.create(_classSuper[Symbol.metadata]??null):void 0;__esDecorate(null,_classDescriptor={value:_classThis},_classDecorators,{kind:"class",name:_classThis.name,metadata:_metadata},null,_classExtraInitializers),UserPoolIdentityProviderFacebook2=_classThis=_classDescriptor.value,_metadata&&Object.defineProperty(_classThis,Symbol.metadata,{enumerable:!0,configurable:!0,writable:!0,value:_metadata})}static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_cognito.UserPoolIdentityProviderFacebook",version:"2.252.0"};static PROPERTY_INJECTION_ID="aws-cdk-lib.aws-cognito.UserPoolIdentityProviderFacebook";providerName;constructor(scope,id,props){super(scope,id,props);try{jsiiDeprecationWarnings().aws_cdk_lib_aws_cognito_UserPoolIdentityProviderFacebookProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,UserPoolIdentityProviderFacebook2),error}(0,metadata_resource_1().addConstructMetadata)(this,props);const scopes=props.scopes??["public_profile"],resource=new(cognito_generated_1()).CfnUserPoolIdentityProvider(this,"Resource",{userPoolId:props.userPool.userPoolRef.userPoolId,providerName:"Facebook",providerType:"Facebook",providerDetails:{client_id:props.clientId,client_secret:props.clientSecret,authorize_scopes:scopes.join(","),api_version:props.apiVersion},attributeMapping:super.configureAttributeMapping()});this.providerName=super.getResourceNameAttribute(resource.ref),props.userPool.registerIdentityProvider(this)}static{__runInitializers(_classThis,_classExtraInitializers)}};return UserPoolIdentityProviderFacebook2=_classThis})();exports.UserPoolIdentityProviderFacebook=UserPoolIdentityProviderFacebook;
--- a/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/google.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/google.d.ts
@@ -0,0 +1,43 @@
+import type { Construct } from 'constructs';
+import type { UserPoolIdentityProviderProps } from './base';
+import { UserPoolIdentityProviderBase } from './private/user-pool-idp-base';
+import type { SecretValue } from '../../../core';
+/**
+ * Properties to initialize UserPoolGoogleIdentityProvider
+ */
+export interface UserPoolIdentityProviderGoogleProps extends UserPoolIdentityProviderProps {
+    /**
+     * The client id recognized by Google APIs.
+     * @see https://developers.google.com/identity/sign-in/web/sign-in#specify_your_apps_client_id
+     */
+    readonly clientId: string;
+    /**
+     * The client secret to be accompanied with clientId for Google APIs to authenticate the client.
+     * @see https://developers.google.com/identity/sign-in/web/sign-in
+     * @default none
+     * @deprecated use clientSecretValue instead
+     */
+    readonly clientSecret?: string;
+    /**
+     * The client secret to be accompanied with clientId for Google APIs to authenticate the client as SecretValue
+     * @see https://developers.google.com/identity/sign-in/web/sign-in
+     * @default none
+     */
+    readonly clientSecretValue?: SecretValue;
+    /**
+     * The list of Google permissions to obtain for getting access to the Google profile
+     * @see https://developers.google.com/identity/sign-in/web/sign-in
+     * @default [ profile ]
+     */
+    readonly scopes?: string[];
+}
+/**
+ * Represents an identity provider that integrates with Google
+ * @resource AWS::Cognito::UserPoolIdentityProvider
+ */
+export declare class UserPoolIdentityProviderGoogle extends UserPoolIdentityProviderBase {
+    /** Uniquely identifies this class. */
+    static readonly PROPERTY_INJECTION_ID: string;
+    readonly providerName: string;
+    constructor(scope: Construct, id: string, props: UserPoolIdentityProviderGoogleProps);
+}
--- a/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/google.js
+++ b/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/google.js
@@ -0,0 +1 @@
+"use strict";var __esDecorate=exports&&exports.__esDecorate||function(ctor,descriptorIn,decorators,contextIn,initializers,extraInitializers){function accept(f){if(f!==void 0&&typeof f!="function")throw new TypeError("Function expected");return f}for(var kind=contextIn.kind,key=kind==="getter"?"get":kind==="setter"?"set":"value",target=!descriptorIn&&ctor?contextIn.static?ctor:ctor.prototype:null,descriptor=descriptorIn||(target?Object.getOwnPropertyDescriptor(target,contextIn.name):{}),_,done=!1,i=decorators.length-1;i>=0;i--){var context={};for(var p in contextIn)context[p]=p==="access"?{}:contextIn[p];for(var p in contextIn.access)context.access[p]=contextIn.access[p];context.addInitializer=function(f){if(done)throw new TypeError("Cannot add initializers after decoration has completed");extraInitializers.push(accept(f||null))};var result=(0,decorators[i])(kind==="accessor"?{get:descriptor.get,set:descriptor.set}:descriptor[key],context);if(kind==="accessor"){if(result===void 0)continue;if(result===null||typeof result!="object")throw new TypeError("Object expected");(_=accept(result.get))&&(descriptor.get=_),(_=accept(result.set))&&(descriptor.set=_),(_=accept(result.init))&&initializers.unshift(_)}else(_=accept(result))&&(kind==="field"?initializers.unshift(_):descriptor[key]=_)}target&&Object.defineProperty(target,contextIn.name,descriptor),done=!0},__runInitializers=exports&&exports.__runInitializers||function(thisArg,initializers,value){for(var useValue=arguments.length>2,i=0;i<initializers.length;i++)value=useValue?initializers[i].call(thisArg,value):initializers[i].call(thisArg);return useValue?value:void 0};Object.defineProperty(exports,"__esModule",{value:!0}),exports.UserPoolIdentityProviderGoogle=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var user_pool_idp_base_1=()=>{var tmp=require("./private/user-pool-idp-base");return user_pool_idp_base_1=()=>tmp,tmp},errors_1=()=>{var tmp=require("../../../core/lib/errors");return errors_1=()=>tmp,tmp},metadata_resource_1=()=>{var tmp=require("../../../core/lib/metadata-resource");return metadata_resource_1=()=>tmp,tmp},literal_string_1=()=>{var tmp=require("../../../core/lib/private/literal-string");return literal_string_1=()=>tmp,tmp},prop_injectable_1=()=>{var tmp=require("../../../core/lib/prop-injectable");return prop_injectable_1=()=>tmp,tmp},cognito_generated_1=()=>{var tmp=require("../cognito.generated");return cognito_generated_1=()=>tmp,tmp};let UserPoolIdentityProviderGoogle=(()=>{let _classDecorators=[prop_injectable_1().propertyInjectable],_classDescriptor,_classExtraInitializers=[],_classThis,_classSuper=user_pool_idp_base_1().UserPoolIdentityProviderBase;var UserPoolIdentityProviderGoogle2=class extends _classSuper{static{_classThis=this}static{const _metadata=typeof Symbol=="function"&&Symbol.metadata?Object.create(_classSuper[Symbol.metadata]??null):void 0;__esDecorate(null,_classDescriptor={value:_classThis},_classDecorators,{kind:"class",name:_classThis.name,metadata:_metadata},null,_classExtraInitializers),UserPoolIdentityProviderGoogle2=_classThis=_classDescriptor.value,_metadata&&Object.defineProperty(_classThis,Symbol.metadata,{enumerable:!0,configurable:!0,writable:!0,value:_metadata})}static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_cognito.UserPoolIdentityProviderGoogle",version:"2.252.0"};static PROPERTY_INJECTION_ID="aws-cdk-lib.aws-cognito.UserPoolIdentityProviderGoogle";providerName;constructor(scope,id,props){super(scope,id,props);try{jsiiDeprecationWarnings().aws_cdk_lib_aws_cognito_UserPoolIdentityProviderGoogleProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,UserPoolIdentityProviderGoogle2),error}(0,metadata_resource_1().addConstructMetadata)(this,props);const scopes=props.scopes??["profile"];if(!props.clientSecret&&!props.clientSecretValue||props.clientSecret&&props.clientSecretValue)throw new(errors_1()).ValidationError((0,literal_string_1().lit)`ExactlyOneClientSecretClient`,'Exactly one of "clientSecret" or "clientSecretValue" must be configured.',this);const resource=new(cognito_generated_1()).CfnUserPoolIdentityProvider(this,"Resource",{userPoolId:props.userPool.userPoolRef.userPoolId,providerName:"Google",providerType:"Google",providerDetails:{client_id:props.clientId,client_secret:props.clientSecretValue?props.clientSecretValue.unsafeUnwrap():props.clientSecret,authorize_scopes:scopes.join(" ")},attributeMapping:super.configureAttributeMapping()});this.providerName=super.getResourceNameAttribute(resource.ref),props.userPool.registerIdentityProvider(this)}static{__runInitializers(_classThis,_classExtraInitializers)}};return UserPoolIdentityProviderGoogle2=_classThis})();exports.UserPoolIdentityProviderGoogle=UserPoolIdentityProviderGoogle;
--- a/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/index.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/index.d.ts
@@ -0,0 +1,7 @@
+export * from './base';
+export * from './apple';
+export * from './amazon';
+export * from './facebook';
+export * from './google';
+export * from './oidc';
+export * from './saml';
--- a/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/index.js
+++ b/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/index.js
@@ -0,0 +1 @@
+"use strict";var __createBinding=exports&&exports.__createBinding||(Object.create?(function(o,m,k,k2){k2===void 0&&(k2=k);var desc=Object.getOwnPropertyDescriptor(m,k);(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable))&&(desc={enumerable:!0,get:function(){return m[k]}}),Object.defineProperty(o,k2,desc)}):(function(o,m,k,k2){k2===void 0&&(k2=k),o[k2]=m[k]})),__exportStar=exports&&exports.__exportStar||function(m,exports2){for(var p in m)p!=="default"&&!Object.prototype.hasOwnProperty.call(exports2,p)&&__createBinding(exports2,m,p)};Object.defineProperty(exports,"__esModule",{value:!0});var _noFold;exports.ProviderAttribute=void 0,Object.defineProperty(exports,_noFold="ProviderAttribute",{enumerable:!0,configurable:!0,get:()=>{var value=require("./base").ProviderAttribute;return Object.defineProperty(exports,_noFold="ProviderAttribute",{enumerable:!0,configurable:!0,value}),value}}),exports.UserPoolIdentityProviderApple=void 0,Object.defineProperty(exports,_noFold="UserPoolIdentityProviderApple",{enumerable:!0,configurable:!0,get:()=>{var value=require("./apple").UserPoolIdentityProviderApple;return Object.defineProperty(exports,_noFold="UserPoolIdentityProviderApple",{enumerable:!0,configurable:!0,value}),value}}),exports.UserPoolIdentityProviderAmazon=void 0,Object.defineProperty(exports,_noFold="UserPoolIdentityProviderAmazon",{enumerable:!0,configurable:!0,get:()=>{var value=require("./amazon").UserPoolIdentityProviderAmazon;return Object.defineProperty(exports,_noFold="UserPoolIdentityProviderAmazon",{enumerable:!0,configurable:!0,value}),value}}),exports.UserPoolIdentityProviderFacebook=void 0,Object.defineProperty(exports,_noFold="UserPoolIdentityProviderFacebook",{enumerable:!0,configurable:!0,get:()=>{var value=require("./facebook").UserPoolIdentityProviderFacebook;return Object.defineProperty(exports,_noFold="UserPoolIdentityProviderFacebook",{enumerable:!0,configurable:!0,value}),value}}),exports.UserPoolIdentityProviderGoogle=void 0,Object.defineProperty(exports,_noFold="UserPoolIdentityProviderGoogle",{enumerable:!0,configurable:!0,get:()=>{var value=require("./google").UserPoolIdentityProviderGoogle;return Object.defineProperty(exports,_noFold="UserPoolIdentityProviderGoogle",{enumerable:!0,configurable:!0,value}),value}}),exports.OidcAttributeRequestMethod=void 0,Object.defineProperty(exports,_noFold="OidcAttributeRequestMethod",{enumerable:!0,configurable:!0,get:()=>{var value=require("./oidc").OidcAttributeRequestMethod;return Object.defineProperty(exports,_noFold="OidcAttributeRequestMethod",{enumerable:!0,configurable:!0,value}),value}}),exports.UserPoolIdentityProviderOidc=void 0,Object.defineProperty(exports,_noFold="UserPoolIdentityProviderOidc",{enumerable:!0,configurable:!0,get:()=>{var value=require("./oidc").UserPoolIdentityProviderOidc;return Object.defineProperty(exports,_noFold="UserPoolIdentityProviderOidc",{enumerable:!0,configurable:!0,value}),value}}),exports.SigningAlgorithm=void 0,Object.defineProperty(exports,_noFold="SigningAlgorithm",{enumerable:!0,configurable:!0,get:()=>{var value=require("./saml").SigningAlgorithm;return Object.defineProperty(exports,_noFold="SigningAlgorithm",{enumerable:!0,configurable:!0,value}),value}}),exports.UserPoolIdentityProviderSamlMetadataType=void 0,Object.defineProperty(exports,_noFold="UserPoolIdentityProviderSamlMetadataType",{enumerable:!0,configurable:!0,get:()=>{var value=require("./saml").UserPoolIdentityProviderSamlMetadataType;return Object.defineProperty(exports,_noFold="UserPoolIdentityProviderSamlMetadataType",{enumerable:!0,configurable:!0,value}),value}}),exports.UserPoolIdentityProviderSamlMetadata=void 0,Object.defineProperty(exports,_noFold="UserPoolIdentityProviderSamlMetadata",{enumerable:!0,configurable:!0,get:()=>{var value=require("./saml").UserPoolIdentityProviderSamlMetadata;return Object.defineProperty(exports,_noFold="UserPoolIdentityProviderSamlMetadata",{enumerable:!0,configurable:!0,value}),value}}),exports.UserPoolIdentityProviderSaml=void 0,Object.defineProperty(exports,_noFold="UserPoolIdentityProviderSaml",{enumerable:!0,configurable:!0,get:()=>{var value=require("./saml").UserPoolIdentityProviderSaml;return Object.defineProperty(exports,_noFold="UserPoolIdentityProviderSaml",{enumerable:!0,configurable:!0,value}),value}});
--- a/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/oidc.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/oidc.d.ts
@@ -0,0 +1,94 @@
+import type { Construct } from 'constructs';
+import type { UserPoolIdentityProviderProps } from './base';
+import { UserPoolIdentityProviderBase } from './private/user-pool-idp-base';
+/**
+ * Properties to initialize UserPoolIdentityProviderOidc
+ */
+export interface UserPoolIdentityProviderOidcProps extends UserPoolIdentityProviderProps {
+    /**
+     * The client id
+     */
+    readonly clientId: string;
+    /**
+     * The client secret
+     */
+    readonly clientSecret: string;
+    /**
+     * Issuer URL
+     */
+    readonly issuerUrl: string;
+    /**
+     * The name of the provider
+     *
+     * @default - the unique ID of the construct
+     */
+    readonly name?: string;
+    /**
+     * The OAuth 2.0 scopes that you will request from OpenID Connect. Scopes are
+     * groups of OpenID Connect user attributes to exchange with your app.
+     *
+     * @default ['openid']
+     */
+    readonly scopes?: string[];
+    /**
+     * Identifiers
+     *
+     * Identifiers can be used to redirect users to the correct IdP in multitenant apps.
+     *
+     * @default - no identifiers used
+     */
+    readonly identifiers?: string[];
+    /**
+     * The method to use to request attributes
+     *
+     * @default OidcAttributeRequestMethod.GET
+     */
+    readonly attributeRequestMethod?: OidcAttributeRequestMethod;
+    /**
+     * OpenID connect endpoints
+     *
+     * @default - auto discovered with issuer URL
+     */
+    readonly endpoints?: OidcEndpoints;
+}
+/**
+ * OpenID Connect endpoints
+ */
+export interface OidcEndpoints {
+    /**
+     * Authorization endpoint
+     */
+    readonly authorization: string;
+    /**
+     * Token endpoint
+     */
+    readonly token: string;
+    /**
+     * UserInfo endpoint
+     */
+    readonly userInfo: string;
+    /**
+     * Jwks_uri endpoint
+     */
+    readonly jwksUri: string;
+}
+/**
+ * The method to use to request attributes
+ */
+export declare enum OidcAttributeRequestMethod {
+    /** GET */
+    GET = "GET",
+    /** POST */
+    POST = "POST"
+}
+/**
+ * Represents an identity provider that integrates with OpenID Connect
+ * @resource AWS::Cognito::UserPoolIdentityProvider
+ */
+export declare class UserPoolIdentityProviderOidc extends UserPoolIdentityProviderBase {
+    /** Uniquely identifies this class. */
+    static readonly PROPERTY_INJECTION_ID: string;
+    readonly providerName: string;
+    constructor(scope: Construct, id: string, props: UserPoolIdentityProviderOidcProps);
+    private getProviderName;
+}
--- a/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/oidc.js
+++ b/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/oidc.js
--- a/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/private/user-pool-idp-base.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/private/user-pool-idp-base.d.ts
@@ -0,0 +1,17 @@
+import type { Construct } from 'constructs';
+import { Resource } from '../../../../core';
+import type { UserPoolIdentityProviderReference } from '../../../../interfaces/generated/aws-cognito-interfaces.generated';
+import type { IUserPoolIdentityProvider } from '../../user-pool-idp';
+import type { UserPoolIdentityProviderProps } from '../base';
+/**
+ * Options to integrate with the various social identity providers.
+ *
+ * @internal
+ */
+export declare abstract class UserPoolIdentityProviderBase extends Resource implements IUserPoolIdentityProvider {
+    private readonly props;
+    abstract readonly providerName: string;
+    get userPoolIdentityProviderRef(): UserPoolIdentityProviderReference;
+    constructor(scope: Construct, id: string, props: UserPoolIdentityProviderProps);
+    protected configureAttributeMapping(): any;
+}
--- a/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/private/user-pool-idp-base.js
+++ b/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/private/user-pool-idp-base.js
@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.UserPoolIdentityProviderBase=void 0;var core_1=()=>{var tmp=require("../../../../core");return core_1=()=>tmp,tmp},attr_names_1=()=>{var tmp=require("../../private/attr-names");return attr_names_1=()=>tmp,tmp};class UserPoolIdentityProviderBase extends core_1().Resource{props;get userPoolIdentityProviderRef(){return{userPoolId:this.props.userPool.userPoolRef.userPoolId,providerName:this.providerName}}constructor(scope,id,props){super(scope,id),this.props=props}configureAttributeMapping(){if(!this.props.attributeMapping)return;let mapping={};if(mapping=Object.entries(this.props.attributeMapping).filter(([k,_])=>k!=="custom").reduce((agg,[k,v])=>({...agg,[attr_names_1().StandardAttributeNames[k]]:v.attributeName}),mapping),this.props.attributeMapping.custom&&(mapping=Object.entries(this.props.attributeMapping.custom).reduce((agg,[k,v])=>({...agg,[k]:v.attributeName}),mapping)),Object.keys(mapping).length!==0)return mapping}}exports.UserPoolIdentityProviderBase=UserPoolIdentityProviderBase;
--- a/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/saml.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/saml.d.ts
@@ -0,0 +1,108 @@
+import type { Construct } from 'constructs';
+import type { UserPoolIdentityProviderProps } from './base';
+import { UserPoolIdentityProviderBase } from './private/user-pool-idp-base';
+/**
+ * Properties to initialize UserPoolIdentityProviderSaml.
+ */
+export interface UserPoolIdentityProviderSamlProps extends UserPoolIdentityProviderProps {
+    /**
+     * The name of the provider. Must be between 3 and 32 characters.
+     *
+     * @default - the unique ID of the construct
+     */
+    readonly name?: string;
+    /**
+     * Identifiers
+     *
+     * Identifiers can be used to redirect users to the correct IdP in multitenant apps.
+     *
+     * @default - no identifiers used
+     */
+    readonly identifiers?: string[];
+    /**
+     * The SAML metadata.
+     */
+    readonly metadata: UserPoolIdentityProviderSamlMetadata;
+    /**
+     * Whether to enable the "Sign-out flow" feature.
+     *
+     * @default - false
+     */
+    readonly idpSignout?: boolean;
+    /**
+     * Whether to require encrypted SAML assertions from IdP.
+     *
+     * @see https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-SAML-signing-encryption.html#cognito-user-pools-SAML-encryption
+     *
+     * @default false
+     */
+    readonly encryptedResponses?: boolean;
+    /**
+     * The signing algorithm for SAML requests.
+     *
+     * @see https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-SAML-signing-encryption.html#cognito-user-pools-SAML-signing
+     *
+     * @default - don't sign requests
+     */
+    readonly requestSigningAlgorithm?: SigningAlgorithm;
+    /**
+     * Whether to enable IdP-initiated SAML auth flows.
+     *
+     * @default false
+     */
+    readonly idpInitiated?: boolean;
+}
+/**
+ * Signing algorithms for SAML requests.
+ */
+export declare enum SigningAlgorithm {
+    /**
+     * RSA with SHA-256.
+     */
+    RSA_SHA256 = "rsa-sha256"
+}
+/**
+ * Metadata types that can be used for a SAML user pool identity provider.
+ */
+export declare enum UserPoolIdentityProviderSamlMetadataType {
+    /** Metadata provided via a URL. */
+    URL = "url",
+    /** Metadata provided via the contents of a file. */
+    FILE = "file"
+}
+/**
+ * Metadata for a SAML user pool identity provider.
+ */
+export declare class UserPoolIdentityProviderSamlMetadata {
+    readonly metadataContent: string;
+    readonly metadataType: UserPoolIdentityProviderSamlMetadataType;
+    /**
+     * Specify SAML metadata via a URL.
+     */
+    static url(url: string): UserPoolIdentityProviderSamlMetadata;
+    /**
+     * Specify SAML metadata via the contents of a file.
+     */
+    static file(fileContent: string): UserPoolIdentityProviderSamlMetadata;
+    /**
+     * Construct the metadata for a SAML identity provider.
+     *
+     * @param metadataContent A URL hosting SAML metadata, or the content of a file containing SAML metadata.
+     * @param metadataType The type of metadata, either a URL or file content.
+     */
+    private constructor();
+}
+/**
+ * Represents an identity provider that integrates with SAML.
+ * @resource AWS::Cognito::UserPoolIdentityProvider
+ */
+export declare class UserPoolIdentityProviderSaml extends UserPoolIdentityProviderBase {
+    /**
+     * Uniquely identifies this class.
+     */
+    static readonly PROPERTY_INJECTION_ID: string;
+    readonly providerName: string;
+    constructor(scope: Construct, id: string, props: UserPoolIdentityProviderSamlProps);
+    private getProviderName;
+    private validateName;
+}
--- a/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/saml.js
+++ b/cdk/node_modules/aws-cdk-lib/aws-cognito/lib/user-pool-idps/saml.js
				`@@ -0,0 +1 @@`
				"use strict";var __esDecorate=exports&&exports.__esDecorate\|\|function(ctor,descriptorIn,decorators,contextIn,initializers,extraInitializers){function accept(f){if(f!==void 0&&typeof f!="function")throw new TypeError("Function expected");return f}for(var kind=contextIn.kind,key=kind==="getter"?"get":kind==="setter"?"set":"value",target=!descriptorIn&&ctor?contextIn.static?ctor:ctor.prototype:null,descriptor=descriptorIn\|\|(target?Object.getOwnPropertyDescriptor(target,contextIn.name):{}),_,done=!1,i=decorators.length-1;i>=0;i--){var context={};for(var p in contextIn)context[p]=p==="access"?{}:contextIn[p];for(var p in contextIn.access)context.access[p]=contextIn.access[p];context.addInitializer=function(f){if(done)throw new TypeError("Cannot add initializers after decoration has completed");extraInitializers.push(accept(f\|\|null))};var result=(0,decorators[i])(kind==="accessor"?{get:descriptor.get,set:descriptor.set}:descriptor[key],context);if(kind==="accessor"){if(result===void 0)continue;if(result===null\|\|typeof result!="object")throw new TypeError("Object expected");(_=accept(result.get))&&(descriptor.get=_),(_=accept(result.set))&&(descriptor.set=_),(_=accept(result.init))&&initializers.unshift(_)}else(_=accept(result))&&(kind==="field"?initializers.unshift(_):descriptor[key]=_)}target&&Object.defineProperty(target,contextIn.name,descriptor),done=!0},__runInitializers=exports&&exports.__runInitializers\|\|function(thisArg,initializers,value){for(var useValue=arguments.length>2,i=0;i<initializers.length;i++)value=useValue?initializers[i].call(thisArg,value):initializers[i].call(thisArg);return useValue?value:void 0};Object.defineProperty(exports,"__esModule",{value:!0}),exports.UserPoolIdentityProviderAmazon=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var user_pool_idp_base_1=()=>{var tmp=require("./private/user-pool-idp-base");return user_pool_idp_base_1=()=>tmp,tmp},metadata_resource_1=()=>{var tmp=require("../../../core/lib/metadata-resource");return metadata_resource_1=()=>tmp,tmp},prop_injectable_1=()=>{var tmp=require("../../../core/lib/prop-injectable");return prop_injectable_1=()=>tmp,tmp},cognito_generated_1=()=>{var tmp=require("../cognito.generated");return cognito_generated_1=()=>tmp,tmp};let UserPoolIdentityProviderAmazon=(()=>{let _classDecorators=[prop_injectable_1().propertyInjectable],_classDescriptor,_classExtraInitializers=[],_classThis,_classSuper=user_pool_idp_base_1().UserPoolIdentityProviderBase;var UserPoolIdentityProviderAmazon2=class extends _classSuper{static{_classThis=this}static{const _metadata=typeof Symbol=="function"&&Symbol.metadata?Object.create(_classSuper[Symbol.metadata]??null):void 0;__esDecorate(null,_classDescriptor={value:_classThis},_classDecorators,{kind:"class",name:_classThis.name,metadata:_metadata},null,_classExtraInitializers),UserPoolIdentityProviderAmazon2=_classThis=_classDescriptor.value,_metadata&&Object.defineProperty(_classThis,Symbol.metadata,{enumerable:!0,configurable:!0,writable:!0,value:_metadata})}static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_cognito.UserPoolIdentityProviderAmazon",version:"2.252.0"};static PROPERTY_INJECTION_ID="aws-cdk-lib.aws-cognito.UserPoolIdentityProviderAmazon";providerName;constructor(scope,id,props){super(scope,id,props);try{jsiiDeprecationWarnings().aws_cdk_lib_aws_cognito_UserPoolIdentityProviderAmazonProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,UserPoolIdentityProviderAmazon2),error}(0,metadata_resource_1().addConstructMetadata)(this,props);const scopes=props.scopes??["profile"],resource=new(cognito_generated_1()).CfnUserPoolIdentityProvider(this,"Resource",{userPoolId:props.userPool.userPoolRef.userPoolId,providerName:"LoginWithAmazon",providerType:"LoginWithAmazon",providerDetails:{client_id:props.clientId,client_secret:props.clientSecret,authorize_scopes:scopes.join(" ")},attributeMapping:super.configureAttributeMapping()});this.providerName=super.getResourceNameAttribute(resource.ref),props.userPool.registerIdentityProvider(this)}static{__runInitializers(_classThis,_classExtraInitializers)}};return UserPoolIdentityProviderAmazon2=_classThis})();exports.UserPoolIdentityProviderAmazon=UserPoolIdentityProviderAmazon;
				`@@ -0,0 +1 @@`
				"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.ProviderAttribute=void 0;const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");class ProviderAttribute{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_cognito.ProviderAttribute",version:"2.252.0"};static APPLE_EMAIL=new ProviderAttribute("email");static APPLE_EMAIL_VERIFIED=new ProviderAttribute("email_verified");static APPLE_NAME=new ProviderAttribute("name");static APPLE_FIRST_NAME=new ProviderAttribute("firstName");static APPLE_LAST_NAME=new ProviderAttribute("lastName");static AMAZON_USER_ID=new ProviderAttribute("user_id");static AMAZON_EMAIL=new ProviderAttribute("email");static AMAZON_NAME=new ProviderAttribute("name");static AMAZON_POSTAL_CODE=new ProviderAttribute("postal_code");static FACEBOOK_ID=new ProviderAttribute("id");static FACEBOOK_BIRTHDAY=new ProviderAttribute("birthday");static FACEBOOK_EMAIL=new ProviderAttribute("email");static FACEBOOK_NAME=new ProviderAttribute("name");static FACEBOOK_FIRST_NAME=new ProviderAttribute("first_name");static FACEBOOK_LAST_NAME=new ProviderAttribute("last_name");static FACEBOOK_MIDDLE_NAME=new ProviderAttribute("middle_name");static FACEBOOK_GENDER=new ProviderAttribute("gender");static FACEBOOK_LOCALE=new ProviderAttribute("locale");static GOOGLE_NAMES=new ProviderAttribute("names");static GOOGLE_GENDER=new ProviderAttribute("gender");static GOOGLE_BIRTHDAYS=new ProviderAttribute("birthdays");static GOOGLE_PHONE_NUMBERS=new ProviderAttribute("phoneNumbers");static GOOGLE_EMAIL=new ProviderAttribute("email");static GOOGLE_EMAIL_VERIFIED=new ProviderAttribute("email_verified");static GOOGLE_NAME=new ProviderAttribute("name");static GOOGLE_PICTURE=new ProviderAttribute("picture");static GOOGLE_GIVEN_NAME=new ProviderAttribute("given_name");static GOOGLE_FAMILY_NAME=new ProviderAttribute("family_name");static other(attributeName){return new ProviderAttribute(attributeName)}attributeName;constructor(attributeName){this.attributeName=attributeName}}exports.ProviderAttribute=ProviderAttribute;
				`@@ -0,0 +1 @@`
				"use strict";var __createBinding=exports&&exports.__createBinding\|\|(Object.create?(function(o,m,k,k2){k2===void 0&&(k2=k);var desc=Object.getOwnPropertyDescriptor(m,k);(!desc\|\|("get"in desc?!m.__esModule:desc.writable\|\|desc.configurable))&&(desc={enumerable:!0,get:function(){return m[k]}}),Object.defineProperty(o,k2,desc)}):(function(o,m,k,k2){k2===void 0&&(k2=k),o[k2]=m[k]})),__exportStar=exports&&exports.__exportStar\|\|function(m,exports2){for(var p in m)p!=="default"&&!Object.prototype.hasOwnProperty.call(exports2,p)&&__createBinding(exports2,m,p)};Object.defineProperty(exports,"__esModule",{value:!0});var _noFold;exports.ProviderAttribute=void 0,Object.defineProperty(exports,_noFold="ProviderAttribute",{enumerable:!0,configurable:!0,get:()=>{var value=require("./base").ProviderAttribute;return Object.defineProperty(exports,_noFold="ProviderAttribute",{enumerable:!0,configurable:!0,value}),value}}),exports.UserPoolIdentityProviderApple=void 0,Object.defineProperty(exports,_noFold="UserPoolIdentityProviderApple",{enumerable:!0,configurable:!0,get:()=>{var value=require("./apple").UserPoolIdentityProviderApple;return Object.defineProperty(exports,_noFold="UserPoolIdentityProviderApple",{enumerable:!0,configurable:!0,value}),value}}),exports.UserPoolIdentityProviderAmazon=void 0,Object.defineProperty(exports,_noFold="UserPoolIdentityProviderAmazon",{enumerable:!0,configurable:!0,get:()=>{var value=require("./amazon").UserPoolIdentityProviderAmazon;return Object.defineProperty(exports,_noFold="UserPoolIdentityProviderAmazon",{enumerable:!0,configurable:!0,value}),value}}),exports.UserPoolIdentityProviderFacebook=void 0,Object.defineProperty(exports,_noFold="UserPoolIdentityProviderFacebook",{enumerable:!0,configurable:!0,get:()=>{var value=require("./facebook").UserPoolIdentityProviderFacebook;return Object.defineProperty(exports,_noFold="UserPoolIdentityProviderFacebook",{enumerable:!0,configurable:!0,value}),value}}),exports.UserPoolIdentityProviderGoogle=void 0,Object.defineProperty(exports,_noFold="UserPoolIdentityProviderGoogle",{enumerable:!0,configurable:!0,get:()=>{var value=require("./google").UserPoolIdentityProviderGoogle;return Object.defineProperty(exports,_noFold="UserPoolIdentityProviderGoogle",{enumerable:!0,configurable:!0,value}),value}}),exports.OidcAttributeRequestMethod=void 0,Object.defineProperty(exports,_noFold="OidcAttributeRequestMethod",{enumerable:!0,configurable:!0,get:()=>{var value=require("./oidc").OidcAttributeRequestMethod;return Object.defineProperty(exports,_noFold="OidcAttributeRequestMethod",{enumerable:!0,configurable:!0,value}),value}}),exports.UserPoolIdentityProviderOidc=void 0,Object.defineProperty(exports,_noFold="UserPoolIdentityProviderOidc",{enumerable:!0,configurable:!0,get:()=>{var value=require("./oidc").UserPoolIdentityProviderOidc;return Object.defineProperty(exports,_noFold="UserPoolIdentityProviderOidc",{enumerable:!0,configurable:!0,value}),value}}),exports.SigningAlgorithm=void 0,Object.defineProperty(exports,_noFold="SigningAlgorithm",{enumerable:!0,configurable:!0,get:()=>{var value=require("./saml").SigningAlgorithm;return Object.defineProperty(exports,_noFold="SigningAlgorithm",{enumerable:!0,configurable:!0,value}),value}}),exports.UserPoolIdentityProviderSamlMetadataType=void 0,Object.defineProperty(exports,_noFold="UserPoolIdentityProviderSamlMetadataType",{enumerable:!0,configurable:!0,get:()=>{var value=require("./saml").UserPoolIdentityProviderSamlMetadataType;return Object.defineProperty(exports,_noFold="UserPoolIdentityProviderSamlMetadataType",{enumerable:!0,configurable:!0,value}),value}}),exports.UserPoolIdentityProviderSamlMetadata=void 0,Object.defineProperty(exports,_noFold="UserPoolIdentityProviderSamlMetadata",{enumerable:!0,configurable:!0,get:()=>{var value=require("./saml").UserPoolIdentityProviderSamlMetadata;return Object.defineProperty(exports,_noFold="UserPoolIdentityProviderSamlMetadata",{enumerable:!0,configurable:!0,value}),value}}),exports.UserPoolIdentityProviderSaml=void 0,Object.defineProperty(exports,_noFold="UserPoolIdentityProviderSaml",{enumerable:!0,configurable:!0,get:()=>{var value=require("./saml").UserPoolIdentityProviderSaml;return Object.defineProperty(exports,_noFold="UserPoolIdentityProviderSaml",{enumerable:!0,configurable:!0,value}),value}});