Skip to content
Snippets Groups Projects
Normal view Permalink
cognito.go 4.25 KiB
Newer Older
Francé Wilke's avatar
SL refactor
Francé Wilke committed
1 2 3 4 5 6 7 
package cognito

import (
	"fmt"
	"math/rand"
	"strings"
Francé Wilke's avatar
Update module and imports to new URL  
Francé Wilke committed
8 
	"gitlab.bob.co.za/bob-public-utils/bobgroup-go-utils/logs"
Francé Wilke's avatar
SL refactor
Francé Wilke committed
9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 

	"github.com/aws/aws-lambda-go/events"
	"github.com/aws/aws-sdk-go/service/cognitoidentityprovider"
)

var CognitoService *cognitoidentityprovider.CognitoIdentityProvider

// ------------------------------------------------------------------------------------------------
//	Groups
// ------------------------------------------------------------------------------------------------

func AddCognitoUserToGroup(username string, pool string, group string) error {
	groupInput := cognitoidentityprovider.AdminAddUserToGroupInput{
		GroupName:  &group,
		UserPoolId: &pool,
		Username:   &username,
	}
	groupOutput, err := CognitoService.AdminAddUserToGroup(&groupInput)
	logs.Info("groupOutput", groupOutput)
	return err
}

func RemoveCognitoUserFromGroup(username string, pool string, group string) error {
	groupInput := cognitoidentityprovider.AdminRemoveUserFromGroupInput{
		GroupName:  &group,
		UserPoolId: &pool,
		Username:   &username,
	}
	groupOutput, err := CognitoService.AdminRemoveUserFromGroup(&groupInput)
	logs.Info("groupOutput", groupOutput)
	return err
}

// ------------------------------------------------------------------------------------------------
//	Users
// ------------------------------------------------------------------------------------------------

func GetCognitoUser(pool string, username string) (*cognitoidentityprovider.AdminGetUserOutput, error) {
	userInput := cognitoidentityprovider.AdminGetUserInput{
		UserPoolId: &pool,
		Username:   &username,
	}

	userOutput, err := CognitoService.AdminGetUser(&userInput)
	if err != nil {
		return nil, err
	}
	return userOutput, nil
}

// Deletes a user from its cognito user pool
func DeleteCognitoUser(userPoolId string, username string) error {
	input := cognitoidentityprovider.AdminDeleteUserInput{
		UserPoolId: &userPoolId,
		Username:   &username,
	}
	output, err := CognitoService.AdminDeleteUser(&input)
	logs.Info("output", output)
	return err
}

func ResetUserPassword(pool string, username string) (*cognitoidentityprovider.AdminResetUserPasswordOutput, error) {
	input := cognitoidentityprovider.AdminResetUserPasswordInput{
		UserPoolId: &pool,
		Username:   &username,
	}
	output, err := CognitoService.AdminResetUserPassword(&input)
	logs.Info("output", output)
	return output, err
}

func SetUserPassword(pool string, username string, password string) (*cognitoidentityprovider.AdminSetUserPasswordOutput, error) {
	setPermanently := true
	input := cognitoidentityprovider.AdminSetUserPasswordInput{
		UserPoolId: &pool,
		Username:   &username,
		Password:   &password,
		Permanent:  &setPermanently,
	}
	output, err := CognitoService.AdminSetUserPassword(&input)
	logs.Info("output", output)
	return output, err
}
Jano Hendriks's avatar
Add confirm forgot password function for cognito  
Jano Hendriks committed
93 94 95 96 97 98 99 100 101 102 103 104 
func ConfirmPasswordReset(appClientID string, username string, password string, confirmationCode string) (*cognitoidentityprovider.ConfirmForgotPasswordOutput, error) {
	input := cognitoidentityprovider.ConfirmForgotPasswordInput{
		ClientId:         &appClientID,
		ConfirmationCode: &confirmationCode,
		Password:         &password,
		Username:         &username,
	}
	output, err := CognitoService.ConfirmForgotPassword(&input)
	logs.Info("output", output)
	return output, err
}
Francé Wilke's avatar
SL refactor
Francé Wilke committed
105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 
// FOR API LOGS

func DetermineAuthType(identity events.APIGatewayRequestIdentity) *string {
	result := "cognito"
	if identity.CognitoAuthenticationType == "" {
		result = "iam"
	}

	return &result
}

func GetAuthUsername(identity events.APIGatewayRequestIdentity) string {
	if identity.CognitoAuthenticationProvider != "" {
		split := strings.Split(identity.CognitoAuthenticationProvider, ":")
		return split[len(split)-1]
	}

	// IAM
	split := strings.Split(identity.UserArn, ":user/")
	return split[len(split)-1]
}

// Create a pseudorandom password consisting of two three-letter words and two digits
func RandomPassword() string {
	i := rand.Intn(100)
	var j int
	for {
		j = rand.Intn(100)
		if j != i {
			break
		}
	}
	return fmt.Sprintf("%s%s%s", words[i], words[j], RandomDigitString(2))
}

// Create a pseudorandom string of digits (0-9) with specified length
func RandomDigitString(len int) string {
	var str strings.Builder
	for i := 0; i < len; i++ {
		fmt.Fprintf(&str, "%v", rand.Intn(10))
	}
	return str.String()
}