async function retrieveClientSecret()

in src/cfn-custom-resources/client-secret-retrieval/index.ts [8:40]

• 32 lines of code
• 3 McCabe index (conditional complexity)

async function retrieveClientSecret(
  action: "Create" | "Update" | "Delete",
  userPoolArn: string,
  clientId: string,
  physicalResourceId?: string
) {
  if (action === "Delete") {
    // Deletes aren't executed; the standard Resource should just be deleted
    return { physicalResourceId: physicalResourceId };
  }
  const userPoolId = userPoolArn.split("/")[1];
  const userPoolRegion = userPoolArn.split(":")[3];
  const cognitoClient = new CognitoIdentityServiceProvider({
    region: userPoolRegion,
  });
  const input: CognitoIdentityServiceProvider.Types.DescribeUserPoolClientRequest =
    {
      UserPoolId: userPoolId,
      ClientId: clientId,
    };
  const { UserPoolClient } = await cognitoClient
    .describeUserPoolClient(input)
    .promise();
  if (!UserPoolClient?.ClientSecret) {
    throw new Error(
      `User Pool client ${clientId} is not set up with a client secret`
    );
  }
  return {
    physicalResourceId: `${userPoolId}-${clientId}-retrieved-client-secret`,
    Data: { ClientSecret: UserPoolClient.ClientSecret },
  };
}