agent-claw: automated task changes

cdk/node_modules/aws-cdk-lib/aws-cognito-identitypool/lib/identitypool-user-pool-authentication-provider.d.ts

@@ -0,0 +1,76 @@
+import type { Construct } from 'constructs';
+import type { IIdentityPool } from './identitypool';
+import type { IUserPool, IUserPoolClientRef } from '../../aws-cognito';
+/**
+ * Represents the concept of a User Pool Authentication Provider.
+ * You use user pool authentication providers to configure User Pools
+ * and User Pool Clients for use with Identity Pools
+ */
+export interface IUserPoolAuthenticationProvider {
+    /**
+     * The method called when a given User Pool Authentication Provider is added
+     * (for the first time) to an Identity Pool.
+     */
+    bind(scope: Construct, identityPool: IIdentityPool, options?: UserPoolAuthenticationProviderBindOptions): UserPoolAuthenticationProviderBindConfig;
+}
+/**
+ * Props for the User Pool Authentication Provider
+ */
+export interface UserPoolAuthenticationProviderProps {
+    /**
+     * The User Pool of the Associated Identity Providers
+     */
+    readonly userPool: IUserPool;
+    /**
+     * The User Pool Client for the provided User Pool
+     * @default - A default user pool client will be added to User Pool
+     */
+    readonly userPoolClient?: IUserPoolClientRef;
+    /**
+     * Setting this to true turns off identity pool checks for this user pool to make sure the user has not been globally signed out or deleted before the identity pool provides an OIDC token or AWS credentials for the user
+     * @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-cognitoidentityprovider.html
+     * @default false
+     */
+    readonly disableServerSideTokenCheck?: boolean;
+}
+/**
+ * Represents UserPoolAuthenticationProvider Bind Options
+ */
+export interface UserPoolAuthenticationProviderBindOptions {
+}
+/**
+ * Represents a UserPoolAuthenticationProvider Bind Configuration
+ */
+export interface UserPoolAuthenticationProviderBindConfig {
+    /**
+     * Client Id of the Associated User Pool Client
+     */
+    readonly clientId: string;
+    /**
+     * The identity providers associated with the UserPool
+     */
+    readonly providerName: string;
+    /**
+     * Whether to enable the identity pool's server side token check
+     */
+    readonly serverSideTokenCheck: boolean;
+}
+/**
+ * Defines a User Pool Authentication Provider
+ */
+export declare class UserPoolAuthenticationProvider implements IUserPoolAuthenticationProvider {
+    /**
+     * The User Pool of the Associated Identity Providers
+     */
+    private userPool;
+    /**
+     * The User Pool Client for the provided User Pool
+     */
+    private userPoolClient;
+    /**
+     * Whether to disable the pool's default server side token check
+     */
+    private disableServerSideTokenCheck;
+    constructor(props: UserPoolAuthenticationProviderProps);
+    bind(scope: Construct, identityPool: IIdentityPool, _options?: UserPoolAuthenticationProviderBindOptions): UserPoolAuthenticationProviderBindConfig;
+}

cdk/node_modules/aws-cdk-lib/aws-cognito-identitypool/lib/identitypool-user-pool-authentication-provider.js

@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.UserPoolAuthenticationProvider=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var constructs_1=()=>{var tmp=require("constructs");return constructs_1=()=>tmp,tmp},core_1=()=>{var tmp=require("../../core");return core_1=()=>tmp,tmp};class UserPoolAuthenticationProvider{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_cognito_identitypool.UserPoolAuthenticationProvider",version:"2.252.0"};userPool;userPoolClient;disableServerSideTokenCheck;constructor(props){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_cognito_identitypool_UserPoolAuthenticationProviderProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,UserPoolAuthenticationProvider),error}this.userPool=props.userPool,this.userPoolClient=props.userPoolClient||this.userPool.addClient("UserPoolAuthenticationProviderClient"),this.disableServerSideTokenCheck=props.disableServerSideTokenCheck??!1}bind(scope,identityPool,_options){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_cognito_identitypool_IIdentityPool(identityPool),jsiiDeprecationWarnings().aws_cdk_lib_aws_cognito_identitypool_UserPoolAuthenticationProviderBindOptions(_options)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.bind),error}constructs_1().Node.of(identityPool).addDependency(this.userPool),constructs_1().Node.of(identityPool).addDependency(this.userPoolClient);const region=core_1().Stack.of(scope).region,urlSuffix=core_1().Stack.of(scope).urlSuffix;return{clientId:this.userPoolClient.userPoolClientRef.clientId,providerName:`cognito-idp.${region}.${urlSuffix}/${this.userPool.userPoolId}`,serverSideTokenCheck:!this.disableServerSideTokenCheck}}}exports.UserPoolAuthenticationProvider=UserPoolAuthenticationProvider;

cdk/node_modules/aws-cdk-lib/aws-cognito-identitypool/lib/identitypool.d.ts

@@ -0,0 +1,365 @@
+import type { Construct } from 'constructs';
+import type { IUserPoolAuthenticationProvider } from './identitypool-user-pool-authentication-provider';
+import type { IdentityPoolReference, IIdentityPoolRef, IUserPool, IUserPoolClient } from '../../aws-cognito';
+import { CfnIdentityPoolRoleAttachment } from '../../aws-cognito';
+import type { IRole, IOIDCProviderRef, ISAMLProviderRef } from '../../aws-iam';
+import type { IResource } from '../../core';
+import { Resource } from '../../core';
+/**
+ * Represents a Cognito Identity Pool
+ */
+export interface IIdentityPool extends IResource, IIdentityPoolRef {
+    /**
+     * The ID of the Identity Pool in the format REGION:GUID
+     * @attribute
+     */
+    readonly identityPoolId: string;
+    /**
+     * The ARN of the Identity Pool
+     * @attribute
+     */
+    readonly identityPoolArn: string;
+    /**
+     * Name of the Identity Pool
+     * @attribute
+     */
+    readonly identityPoolName: string;
+}
+/**
+ * Props for the Identity Pool construct
+ */
+export interface IdentityPoolProps {
+    /**
+     * The name of the Identity Pool
+     * @default - Automatically generated name by CloudFormation at deploy time
+     */
+    readonly identityPoolName?: string;
+    /**
+     * The default Role to be assumed by authenticated users
+     * @default - A default authenticated Role will be added
+     */
+    readonly authenticatedRole?: IRole;
+    /**
+     * The default Role to be assumed by unauthenticated users
+     * @default - A default unauthenticated Role will be added
+     */
+    readonly unauthenticatedRole?: IRole;
+    /**
+     * Whether the Identity Pool supports unauthenticated logins
+     * @default - false
+     */
+    readonly allowUnauthenticatedIdentities?: boolean;
+    /**
+     * Rules for mapping roles to users
+     * @default - no role mappings
+     */
+    readonly roleMappings?: IdentityPoolRoleMapping[];
+    /**
+     * Enables the Basic (Classic) authentication flow
+     * @default - Classic Flow not allowed
+     */
+    readonly allowClassicFlow?: boolean;
+    /**
+     * Authentication Providers for using in Identity Pool
+     * @default - No Authentication Providers passed directly to Identity Pool
+     */
+    readonly authenticationProviders?: IdentityPoolAuthenticationProviders;
+}
+/**
+ * Types of Identity Pool Login Providers
+ */
+export declare enum IdentityPoolProviderType {
+    /** Facebook provider type */
+    FACEBOOK = "Facebook",
+    /** Google provider type */
+    GOOGLE = "Google",
+    /** Amazon provider type */
+    AMAZON = "Amazon",
+    /** Apple provider type */
+    APPLE = "Apple",
+    /** Twitter provider type */
+    TWITTER = "Twitter",
+    /** Open Id provider type */
+    OPEN_ID = "OpenId",
+    /** Saml provider type */
+    SAML = "Saml",
+    /** User Pool provider type */
+    USER_POOL = "UserPool",
+    /** Custom provider type */
+    CUSTOM = "Custom"
+}
+/**
+ * Keys for Login Providers - each correspond to the client IDs of their respective federation Identity Providers
+ */
+export declare class IdentityPoolProviderUrl {
+    /**
+     * The type of Identity Pool Provider
+     */
+    readonly type: IdentityPoolProviderType;
+    /**
+     * The value of the Identity Pool Provider
+     */
+    readonly value: string;
+    /** Facebook Provider url */
+    static readonly FACEBOOK: IdentityPoolProviderUrl;
+    /** Google Provider url */
+    static readonly GOOGLE: IdentityPoolProviderUrl;
+    /** Amazon Provider url */
+    static readonly AMAZON: IdentityPoolProviderUrl;
+    /** Apple Provider url */
+    static readonly APPLE: IdentityPoolProviderUrl;
+    /** Twitter Provider url */
+    static readonly TWITTER: IdentityPoolProviderUrl;
+    /** OpenId Provider url */
+    static openId(url: string): IdentityPoolProviderUrl;
+    /** Saml Provider url */
+    static saml(url: string): IdentityPoolProviderUrl;
+    /** User Pool Provider Url */
+    static userPool(userPool: IUserPool, userPoolClient: IUserPoolClient): IdentityPoolProviderUrl;
+    /** Custom Provider url */
+    static custom(url: string): IdentityPoolProviderUrl;
+    constructor(
+    /**
+     * The type of Identity Pool Provider
+     */
+    type: IdentityPoolProviderType, 
+    /**
+     * The value of the Identity Pool Provider
+     */
+    value: string);
+}
+/**
+ * Login Provider for identity federation using Amazon credentials
+ */
+export interface IdentityPoolAmazonLoginProvider {
+    /**
+     * App ID for Amazon identity federation
+     */
+    readonly appId: string;
+}
+/**
+ * Login Provider for identity federation using Facebook credentials
+ */
+export interface IdentityPoolFacebookLoginProvider {
+    /**
+     * App ID for Facebook identity federation
+     */
+    readonly appId: string;
+}
+/**
+ * Login Provider for identity federation using Apple credentials
+ */
+export interface IdentityPoolAppleLoginProvider {
+    /**
+     * Services ID for Apple identity federation
+     */
+    readonly servicesId: string;
+}
+/**
+ * Login Provider for identity federation using Google credentials
+ */
+export interface IdentityPoolGoogleLoginProvider {
+    /**
+     * Client ID for Google identity federation
+     */
+    readonly clientId: string;
+}
+/**
+ * Login Provider for identity federation using Twitter credentials
+ */
+export interface IdentityPoolTwitterLoginProvider {
+    /**
+     * Consumer key for Twitter identity federation
+     */
+    readonly consumerKey: string;
+    /**
+     * Consumer secret for identity federation
+     */
+    readonly consumerSecret: string;
+}
+/**
+ * External Authentication Providers for usage in Identity Pool.
+ * @see https://docs.aws.amazon.com/cognito/latest/developerguide/external-identity-providers.html
+ */
+export interface IdentityPoolAuthenticationProviders {
+    /**
+     * The Facebook Authentication Provider associated with this Identity Pool
+     * @default - No Facebook Authentication Provider used without OpenIdConnect or a User Pool
+     */
+    readonly facebook?: IdentityPoolFacebookLoginProvider;
+    /**
+     * The Google Authentication Provider associated with this Identity Pool
+     * @default - No Google Authentication Provider used without OpenIdConnect or a User Pool
+     */
+    readonly google?: IdentityPoolGoogleLoginProvider;
+    /**
+     * The Amazon Authentication Provider associated with this Identity Pool
+     * @default -  No Amazon Authentication Provider used without OpenIdConnect or a User Pool
+     */
+    readonly amazon?: IdentityPoolAmazonLoginProvider;
+    /**
+     * The Apple Authentication Provider associated with this Identity Pool
+     * @default - No Apple Authentication Provider used without OpenIdConnect or a User Pool
+     */
+    readonly apple?: IdentityPoolAppleLoginProvider;
+    /**
+     * The Twitter Authentication Provider associated with this Identity Pool
+     * @default - No Twitter Authentication Provider used without OpenIdConnect or a User Pool
+     */
+    readonly twitter?: IdentityPoolTwitterLoginProvider;
+    /**
+     * The User Pool Authentication Providers associated with this Identity Pool
+     * @default - no User Pools associated
+     */
+    readonly userPools?: IUserPoolAuthenticationProvider[];
+    /**
+     * The OpenIdConnect Provider associated with this Identity Pool
+     * @default - no OpenIdConnectProvider
+     */
+    readonly openIdConnectProviders?: IOIDCProviderRef[];
+    /**
+     * The Security Assertion Markup Language provider associated with this Identity Pool
+     * @default - no SamlProvider
+     */
+    readonly samlProviders?: ISAMLProviderRef[];
+    /**
+     * The developer provider name to associate with this Identity Pool
+     * @default - no custom provider
+     */
+    readonly customProvider?: string;
+}
+/**
+ * Map roles to users in the Identity Pool based on claims from the Identity Provider
+ * @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypoolroleattachment.html
+ */
+export interface IdentityPoolRoleMapping {
+    /**
+     * The url of the Provider for which the role is mapped
+     */
+    readonly providerUrl: IdentityPoolProviderUrl;
+    /**
+     * The key used for the role mapping in the role mapping hash. Required if the providerUrl is a token.
+     * @default - The provided providerUrl
+     */
+    readonly mappingKey?: string;
+    /**
+     * If true then mapped roles must be passed through the cognito:roles or cognito:preferred_role claims from Identity Provider.
+     * @see https://docs.aws.amazon.com/cognito/latest/developerguide/role-based-access-control.html#using-tokens-to-assign-roles-to-users
+     *
+     * @default false
+     */
+    readonly useToken?: boolean;
+    /**
+     * Allow for role assumption when results of role mapping are ambiguous
+     * @default false - Ambiguous role resolutions will lead to requester being denied
+     */
+    readonly resolveAmbiguousRoles?: boolean;
+    /**
+     * The claim and value that must be matched in order to assume the role. Required if useToken is false
+     * @default - No role mapping rule
+     */
+    readonly rules?: RoleMappingRule[];
+}
+/**
+ * Types of matches allowed for role mapping
+ */
+export declare enum RoleMappingMatchType {
+    /**
+     * The claim from the token must equal the given value in order for a match
+     */
+    EQUALS = "Equals",
+    /**
+     * The claim from the token must contain the given value in order for a match
+     */
+    CONTAINS = "Contains",
+    /**
+     * The claim from the token must start with the given value in order for a match
+     */
+    STARTS_WITH = "StartsWith",
+    /**
+     * The claim from the token must not equal the given value in order for a match
+     */
+    NOTEQUAL = "NotEqual"
+}
+/**
+ * Represents an Identity Pool Role Attachment role mapping rule
+ */
+export interface RoleMappingRule {
+    /**
+     * The key sent in the token by the federated Identity Provider
+     */
+    readonly claim: string;
+    /**
+     * The role to be assumed when the claim value is matched
+     */
+    readonly mappedRole: IRole;
+    /**
+     * The value of the claim that must be matched
+     */
+    readonly claimValue: string;
+    /**
+     * How to match with the claim value
+     *
+     * @default RoleMappingMatchType.EQUALS
+     */
+    readonly matchType?: RoleMappingMatchType;
+}
+/**
+ * Define a Cognito Identity Pool
+ *
+ * @resource AWS::Cognito::IdentityPool
+ */
+export declare class IdentityPool extends Resource implements IIdentityPool {
+    /** Uniquely identifies this class. */
+    static readonly PROPERTY_INJECTION_ID: string;
+    /**
+     * Import an existing Identity Pool from its ID
+     */
+    static fromIdentityPoolId(scope: Construct, id: string, identityPoolId: string): IIdentityPool;
+    /**
+     * Import an existing Identity Pool from its ARN
+     */
+    static fromIdentityPoolArn(scope: Construct, id: string, identityPoolArn: string): IIdentityPool;
+    /**
+     * The ID of the Identity Pool in the format REGION:GUID
+     * @attribute
+     */
+    readonly identityPoolId: string;
+    /**
+     * The ARN of the Identity Pool
+     * @attribute
+     */
+    readonly identityPoolArn: string;
+    /**
+     * The name of the Identity Pool
+     * @attribute
+     */
+    readonly identityPoolName: string;
+    /**
+     * Default Role for authenticated users
+     */
+    readonly authenticatedRole: IRole;
+    /**
+     * Default Role for unauthenticated users
+     */
+    readonly unauthenticatedRole: IRole;
+    /**
+     * Role Provider for the default Role for authenticated users
+     */
+    readonly roleAttachment: CfnIdentityPoolRoleAttachment;
+    /**
+     * List of Identity Providers added in constructor for use with property overrides
+     */
+    private readonly _cognitoIdentityProviders;
+    constructor(scope: Construct, id: string, props?: IdentityPoolProps);
+    /**
+     * Add a User Pool to the Identity Pool and configure the User Pool client to handle identities
+     */
+    addUserPoolAuthentication(userPool: IUserPoolAuthenticationProvider): void;
+    /**
+     * Configure default Roles for Identity Pool
+     */
+    private configureDefaultRole;
+    private configureDefaultGrantPrincipal;
+    get identityPoolRef(): IdentityPoolReference;
+}

cdk/node_modules/aws-cdk-lib/aws-cognito-identitypool/lib/index.d.ts

@@ -0,0 +1,2 @@
+export * from './identitypool';
+export * from './identitypool-user-pool-authentication-provider';

cdk/node_modules/aws-cdk-lib/aws-cognito-identitypool/lib/index.js

@@ -0,0 +1 @@
+"use strict";var __createBinding=exports&&exports.__createBinding||(Object.create?(function(o,m,k,k2){k2===void 0&&(k2=k);var desc=Object.getOwnPropertyDescriptor(m,k);(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable))&&(desc={enumerable:!0,get:function(){return m[k]}}),Object.defineProperty(o,k2,desc)}):(function(o,m,k,k2){k2===void 0&&(k2=k),o[k2]=m[k]})),__exportStar=exports&&exports.__exportStar||function(m,exports2){for(var p in m)p!=="default"&&!Object.prototype.hasOwnProperty.call(exports2,p)&&__createBinding(exports2,m,p)};Object.defineProperty(exports,"__esModule",{value:!0});var _noFold;exports.IdentityPoolProviderType=void 0,Object.defineProperty(exports,_noFold="IdentityPoolProviderType",{enumerable:!0,configurable:!0,get:()=>{var value=require("./identitypool").IdentityPoolProviderType;return Object.defineProperty(exports,_noFold="IdentityPoolProviderType",{enumerable:!0,configurable:!0,value}),value}}),exports.IdentityPoolProviderUrl=void 0,Object.defineProperty(exports,_noFold="IdentityPoolProviderUrl",{enumerable:!0,configurable:!0,get:()=>{var value=require("./identitypool").IdentityPoolProviderUrl;return Object.defineProperty(exports,_noFold="IdentityPoolProviderUrl",{enumerable:!0,configurable:!0,value}),value}}),exports.RoleMappingMatchType=void 0,Object.defineProperty(exports,_noFold="RoleMappingMatchType",{enumerable:!0,configurable:!0,get:()=>{var value=require("./identitypool").RoleMappingMatchType;return Object.defineProperty(exports,_noFold="RoleMappingMatchType",{enumerable:!0,configurable:!0,value}),value}}),exports.IdentityPool=void 0,Object.defineProperty(exports,_noFold="IdentityPool",{enumerable:!0,configurable:!0,get:()=>{var value=require("./identitypool").IdentityPool;return Object.defineProperty(exports,_noFold="IdentityPool",{enumerable:!0,configurable:!0,value}),value}}),exports.UserPoolAuthenticationProvider=void 0,Object.defineProperty(exports,_noFold="UserPoolAuthenticationProvider",{enumerable:!0,configurable:!0,get:()=>{var value=require("./identitypool-user-pool-authentication-provider").UserPoolAuthenticationProvider;return Object.defineProperty(exports,_noFold="UserPoolAuthenticationProvider",{enumerable:!0,configurable:!0,value}),value}});