/** * CDK Construct for Cognito Resource Server */ import * as cdk from "aws-cdk-lib"; import { Construct } from "constructs"; import type { ResourceServerProvider } from "../vy-cognito-provider"; export interface Scope { /** * The name of the scope */ readonly name: string; /** * A description of what this scope is for */ readonly description: string; } export interface CognitoResourceServerProps { /** * An ResourceServerProvider provided from a VyCognitoProvider */ readonly resourceServerProvider: ResourceServerProvider; /** * The name of the resource server */ readonly name: string; /** * The identifier for this resource server (usually a URL) * @example 'https://api.vydev.io' */ readonly identifier: string; /** * Custom scopes for this resource server * @default - No scopes */ readonly scopes?: Scope[]; /** * Base domain for Cognito service * @default 'cognito.vydev.io' */ readonly cognitoBaseDomain?: string; } /** * A Cognito Resource Server managed through Vy's central Cognito service * * A resource server is an integration between a user pool and an API. * Each resource server has custom scopes that you must activate in your app client. * When you configure a resource server, your app can generate access tokens with * OAuth scopes that authorize read and write operations to an API server. * * @example * ```typescript * // Create a VyCognitoProvider * const vyCognitoProvider = new VyCognitoProvider(this, 'MyProvider', { * environment: VyEnvironment.TEST, * }); * * const resourceServer = new CognitoResourceServer(this, 'ApiResourceServer', { * resourceServerProvider: vyCognitoProvider.resourceServerProvider, * name: 'my-api', * identifier: 'https://my-api.vydev.io', * scopes: [ * { name: 'read', description: 'Read access to the API' }, * { name: 'write', description: 'Write access to the API' } * ] * }); * ``` */ export declare class CognitoResourceServer extends Construct { /** * The identifier of the resource server */ readonly identifier: string; /** * The name of the resource server */ readonly name: string; /** * The underlying custom resource */ readonly resource: cdk.CustomResource; constructor(scope: Construct, id: string, props: CognitoResourceServerProps); /** * Get a reference to a scope in the format expected by app clients * @param scopeName The name of the scope * @returns The full scope identifier (e.g., 'https://api.vydev.io/read') */ scopeIdentifier(scopeName: string): string; }