@hellocoop/cdk-client v2.5.4
@hellocoop/cdk-client
A Hellō Client CDK Construct for a Lambda Function
Quickstart
npm install @hellocoop/cdk-client
import { HelloClientConstruct, Scope, ProviderHint } from '@hellocoop/cdk-client'
// Create the Hello Client Lambda and functionUrl
const helloClient = new HelloClientConstruct(this, 'HelloClient', {
clientID: CLIENT_ID, // required = your Hellō client_id from https://console.hello.coop
hostname: HOSTNAME, // recommended - public hostname
// Optional parameters:
//
cookieToken?: boolean;
// - Set to true to enable if a cookie token is returned in the op=auth response
// Must be true if using the authorizer for API Gateway - see below
loginSyncFunctionName?: string;
// - Name of the lambda function to trigger on login - ARN is built from current region and account
loginSyncFunctionArn?: string;
// - Full ARN of the lambda function to trigger on login - use if lambda is in another region or account
providerHints?: ProviderHint[];
// - Override default providers to show to new users. See https://www.hello.dev/docs/apis/wallet/#provider_hint
scopes?: Scope[];
// - Override default array of scopes to request from the user. See https://www.hello.dev/docs/scopes/
functionName?: string;
// - Override default function name 'HelloClient'
route?: string;
// - Override default route (/api/hellocoop)
sameSiteStrict?: boolean;
// - Set to true to enable SameSite attribute to Strict
logDebug?: boolean;
// - Set to true to enable debug logging
helloDomain?: string;
// - Set to hello-beta.net to use the Hellō Beta service - note this is NOT stable!
});
// add Hello Client Lambda origin as a behavior to a Cloud Front Distribution
distribution.addBehavior(HELLO_API_ROUTE, new origins.FunctionUrlOrigin(helloClient.functionUrl), {
viewerProtocolPolicy: cf.ViewerProtocolPolicy.HTTPS_ONLY,
allowedMethods: cf.AllowedMethods.ALLOW_ALL,
cachePolicy: cf.CachePolicy.CACHING_DISABLED,
originRequestPolicy: new cf.OriginRequestPolicy(this, 'hellocoop', {
queryStringBehavior: cf.OriginRequestQueryStringBehavior.all(),
cookieBehavior: cf.OriginRequestCookieBehavior.all(),
}),
});
loginSyncFunction
You provide this Lambda to be called on successful login. It is passed:
{
"token": "ey ... ID Token for independent verification ...",
"payload": {
"iss": "https://issuer.hello.coop",
"aud": "2000a054-aa09-45a3-9f62-26e03ee9dc76",
"nonce": "4a6fc9b2-0f47-4105-a367-b9ae0ca12784",
"jti": "jti_MUYT099WI3g0h7MDiRuVMhHA_c7g",
"sub": "66752aed-9cc2-4d17-875f-379b1a578f9a",
"name": "Dick Hardt",
"picture": "https://pictures.hello.coop/r/eebce734-44c0-4c39-8161-ba77e08091f9.jpeg",
"email": "dick.hardt@gmail.com",
"email_verified": true,
"iat": 1727210134,
"exp": 1727210434
}
}
You can then
- create a user if they don't exist
- run a policy and deny access
- change what is returned by auth
- change the path where the user will be redirected
All of the properties are optional:
{
"accessDenied": true, // will deny access
"updatedAuth": { // will update what is returned by the auth operation
"role":"admin"
},
"target_uri": "/new_location" // path to send user when complete
}
Client Usage
See TBD for details
Login
/api/hellocoop?op=login
Logout
/api/hellocoop?op=logout
Get Auth
/api/hellocoop?op=auth
Sample
See client-sample-stack.ts in cdk-sample
9 months ago
9 months ago
9 months ago
9 months ago
9 months ago
9 months ago
9 months ago
9 months ago
9 months ago
9 months ago
9 months ago
9 months ago
9 months ago
9 months ago
9 months ago
9 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
10 months ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
10 months ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago