feat: add more admin features and change password

src/targets/adminConfirmSignUp.ts

@@ -0,0 +1,34 @@
+import { Services } from "../services";
+import { NotAuthorizedError } from "../errors";
+
+interface Input {
+  UserPoolId: string;
+  Username: string;
+}
+
+export type AdminConfirmSignUpTarget = (body: Input) => Promise<object | null>;
+
+export const AdminConfirmSignUp = ({
+  cognitoClient,
+}: Services): AdminConfirmSignUpTarget => async (body) => {
+  const { UserPoolId, Username } = body || {};
+  const userPool = await cognitoClient.getUserPool(UserPoolId);
+  const user = await userPool.getUserByUsername(Username);
+  if (!user) {
+    throw new NotAuthorizedError();
+  }
+  await userPool.saveUser({
+    ...user,
+    UserStatus: "CONFIRMED",
+    // TODO: Remove existing email_verified attribute?
+    Attributes: [
+      ...(user.Attributes || []),
+      {
+        Name: "email_verified",
+        Value: "true",
+      },
+    ],
+  });
+  // TODO: Should possibly return something?
+  return {};
+};

src/targets/adminCreateUser.ts

@@ -1,4 +1,5 @@
 import { Services } from "../services";
+import { User } from "../services/userPoolClient";
 
 interface Input {
   UserPoolId: string;
@@ -9,15 +10,19 @@ interface Input {
   DesiredDeliveryMediums?: any;
 }
 
-export type AdminCreateUserTarget = (body: Input) => Promise<null>;
+interface Output {
+  User: User;
+}
+
+export type AdminCreateUserTarget = (body: Input) => Promise<User | null>;
 
 export const AdminCreateUser = ({
   cognitoClient,
 }: Services): AdminCreateUserTarget => async (body) => {
   const { UserPoolId, Username, TemporaryPassword, UserAttributes } =
     body || {};
   const userPool = await cognitoClient.getUserPool(UserPoolId);
-  await userPool.saveUser({
+  const user: User = {
     Username,
     Password: TemporaryPassword,
     Attributes: UserAttributes,
@@ -26,7 +31,8 @@ export const AdminCreateUser = ({
     ConfirmationCode: undefined,
     UserCreateDate: new Date().getTime(),
     UserLastModifiedDate: new Date().getTime(),
-  });
-  // TODO: Anything to return?
-  return null;
+  };
+  await userPool.saveUser(user);
+  // TODO: Shuldn't return password.
+  return user;
 };

src/targets/adminGetUser.ts

@@ -7,6 +7,7 @@ interface Input {
 }
 
 interface Output {
+  UserStatus: string;
   UserAttributes: any;
 }
 
@@ -22,6 +23,7 @@ export const AdminGetUser = ({
     throw new NotAuthorizedError();
   }
   return {
+    UserStatus: user.UserStatus,
     UserAttributes: user.Attributes,
   };
 };

src/targets/adminUpdateUserAttributes.ts

@@ -0,0 +1,31 @@
+import { Services } from "../services";
+import { NotAuthorizedError } from "../errors";
+
+interface Input {
+  UserPoolId: string;
+  Username: string;
+  UserAttributes: any;
+}
+
+interface Output {
+  UserAttributes: any;
+}
+
+export type AdminUpdateUserAttributesTarget = (
+  body: Input
+) => Promise<Output | null>;
+
+export const AdminUpdateUserAttributes = ({
+  cognitoClient,
+}: Services): AdminUpdateUserAttributesTarget => async (body) => {
+  const { UserPoolId, Username } = body || {};
+  const userPool = await cognitoClient.getUserPool(UserPoolId);
+  const user = await userPool.getUserByUsername(Username);
+  if (!user) {
+    throw new NotAuthorizedError();
+  }
+  // TODO: Should save the attributes.
+  return {
+    UserAttributes: user.Attributes,
+  };
+};

src/targets/changePassword.ts

@@ -0,0 +1,31 @@
+import jwt from "jsonwebtoken";
+import { Services } from "../services";
+import { NotAuthorizedError } from "../errors";
+
+interface Input {
+  AccessToken: string;
+  PreviousPassword: string;
+  ProposedPassword: string;
+}
+
+export type ChangePasswordTarget = (body: Input) => Promise<object | null>;
+
+export const ChangePassword = ({
+  cognitoClient,
+}: Services): ChangePasswordTarget => async (body) => {
+  const { AccessToken, PreviousPassword, ProposedPassword } = body || {};
+  const claims = jwt.decode(AccessToken) as any;
+  const userPool = await cognitoClient.getUserPoolForClientId(claims.client_id);
+  const user = await userPool.getUserByUsername(claims.username);
+  if (!user) {
+    throw new NotAuthorizedError();
+  }
+  // TODO: Should check previous password.
+  await userPool.saveUser({
+    ...user,
+    Password: ProposedPassword,
+    UserLastModifiedDate: new Date().getTime(),
+  });
+  // TODO: Should possibly return something?
+  return {};
+};

src/targets/router.ts

@@ -4,6 +4,7 @@ import { ConfirmForgotPassword } from "./confirmForgotPassword";
 import { ConfirmSignUp } from "./confirmSignUp";
 import { CreateUserPoolClient } from "./createUserPoolClient";
 import { ForgotPassword } from "./forgotPassword";
+import { ChangePassword } from "./changePassword";
 import { InitiateAuth } from "./initiateAuth";
 import { ListUsers } from "./listUsers";
 import { RespondToAuthChallenge } from "./respondToAuthChallenge";
@@ -12,12 +13,15 @@ import { GetUser } from "./getUser";
 import { AdminCreateUser } from "./adminCreateUser";
 import { AdminGetUser } from "./adminGetUser";
 import { AdminDeleteUser } from "./adminDeleteUser";
+import { AdminConfirmSignUp } from "./adminConfirmSignUp";
+import { AdminUpdateUserAttributes } from "./adminUpdateUserAttributes";
 
 export const Targets = {
   ConfirmForgotPassword,
   ConfirmSignUp,
   CreateUserPoolClient,
   ForgotPassword,
+  ChangePassword,
   InitiateAuth,
   ListUsers,
   RespondToAuthChallenge,
@@ -26,6 +30,8 @@ export const Targets = {
   AdminCreateUser,
   AdminGetUser,
   AdminDeleteUser,
+  AdminConfirmSignUp,
+  AdminUpdateUserAttributes,
 };
 
 type TargetName = keyof typeof Targets;

src/targets/signUp.ts

@@ -43,7 +43,9 @@ export const SignUp = ({
     UserCreateDate: new Date().getTime(),
     UserLastModifiedDate: new Date().getTime(),
     UserStatus: "UNCONFIRMED",
-    Username: uuid.v4(),
+    // TODO: Why was this here?
+    // Username: uuid.v4(),
+    Username: body.Username,
   };
 
   const deliveryDetails: DeliveryDetails = {