aws-samples
diff --git a/‎cdk/src/cdk.ts‎
Lines changed: 3 additions & 2 deletions b/‎cdk/src/cdk.ts‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎docs/OktaInstructions.md‎
Lines changed: 3 additions & 0 deletions b/‎docs/OktaInstructions.md‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎lambda/api/package-lock.json‎
Lines changed: 6678 additions & 3441 deletions b/‎lambda/api/package-lock.json‎
Lines changed: 6678 additions & 3441 deletions
diff --git a/‎lambda/api/package.json‎
Lines changed: 7 additions & 4 deletions b/‎lambda/api/package.json‎
Lines changed: 7 additions & 4 deletions
diff --git a/‎lambda/api/src/app.ts‎
Lines changed: 11 additions & 6 deletions b/‎lambda/api/src/app.ts‎
Lines changed: 11 additions & 6 deletions
diff --git a/‎lambda/api/src/expressApp.ts‎
Lines changed: 18 additions & 9 deletions b/‎lambda/api/src/expressApp.ts‎
Lines changed: 18 additions & 9 deletions
diff --git a/‎lambda/api/src/services/dynamoDBForcedSignoutHandler.ts‎
Lines changed: 7 additions & 6 deletions b/‎lambda/api/src/services/dynamoDBForcedSignoutHandler.ts‎
Lines changed: 7 additions & 6 deletions
diff --git a/‎lambda/api/src/services/dynamoDBStorageService.ts‎
Lines changed: 10 additions & 11 deletions b/‎lambda/api/src/services/dynamoDBStorageService.ts‎
Lines changed: 10 additions & 11 deletions
@@ -48,7 +48,7 @@ export class BackendStack extends cdk.Stack {
     const adminsGroupName = Utils.getEnv("ADMINS_GROUP_NAME", "pet-app-admins");
     const usersGroupName = Utils.getEnv("USERS_GROUP_NAME", "pet-app-users");
     const lambdaMemory = parseInt(Utils.getEnv("LAMBDA_MEMORY", "128"));
-    const nodeRuntime: Runtime = lambda.Runtime.NODEJS_16_X;
+    const nodeRuntime: Runtime = lambda.Runtime.NODEJS_20_X;
     const authorizationHeaderName = "Authorization";
     const groupsAttributeClaimName = "custom:" + groupsAttributeName;
 
@@ -427,7 +427,8 @@ export class BackendStack extends cdk.Stack {
       "UIDistribution", {
         defaultBehavior: {
             origin: origins.S3BucketOrigin.withOriginAccessControl(uiBucket)
-        }
+        },
+        defaultRootObject: "index.html"
       }
     );
 
 
@@ -10,6 +10,9 @@ This walkthrough will help guide you through creating a working Okta Application
 
 1. Sign up for a developer account on [Okta](https://developer.okta.com/) using your corporate credentials.
 2. Activate your account and sign into your Okta domain *stated in the email*.
+
+**NOTE: THE Okta UI may be slightly different, but the steps involved remain the same**
+
 3. Go to the Admin dashboard by clicking on the **Admin** button on the top-right corner of the page.
 4. In the Admin dashboard, go to the top-left of the page where it says **Developer Console** and change it to **Classic UI**.
 
 
@@ -21,24 +21,27 @@
   },
   "keywords": [],
   "devDependencies": {
+    "@aws-sdk/client-cognito-identity-provider": "^3.682.0",
+    "@aws-sdk/client-dynamodb": "^3.682.0",
     "@types/aws-lambda": "^8.10.51",
     "@types/aws-serverless-express": "^3.3.3",
     "@types/chai": "^4.2.11",
     "@types/cors": "^2.8.6",
+    "@types/express-serve-static-core": "^5.0.1",
     "@types/mocha": "^7.0.2",
-    "@types/node": "^14.0.1",
+    "@types/node": "^22.8.7",
     "@types/uuid": "^7.0.3",
-    "aws-sdk": "^2.1354.0",
     "chai": "^4.2.0",
     "copy-node-modules": "^1.1.1",
     "dynamodb-local": "^0.0.31",
     "mocha": "^10.1.0",
     "nyc": "^15.0.1",
-    "ts-node": "^8.10.1",
+    "ts-node": "^10.9.2",
     "tslint": "^6.1.2",
-    "typescript": "^3.9.2"
+    "typescript": "^5.6.3"
   },
   "dependencies": {
+    "@aws-sdk/lib-dynamodb": "^3.685.0",
     "aws-serverless-express": "^3.3.8",
     "cors": "^2.8.5",
     "express": "^4.21.1",
 
@@ -1,6 +1,6 @@
 import express = require("express");
-import CognitoIdentityServiceProvider = require("aws-sdk/clients/cognitoidentityserviceprovider");
-import {Express, json, Request, Response, urlencoded} from "express";
+import { CognitoIdentityProviderClient, AdminUserGlobalSignOutCommand } from "@aws-sdk/client-cognito-identity-provider";
+import {Express, json, Request, Response, urlencoded, RequestHandler} from "express";
 import cors from "cors";
 import {eventContext} from "aws-serverless-express/middleware";
 
@@ -16,7 +16,7 @@ export interface AppOptions {
   allowedOrigin: string;
   userPoolId: string;
   storageService: StorageService;
-  cognito: CognitoIdentityServiceProvider;
+  cognito: CognitoIdentityProviderClient;
   expressApp?: Express; // intended for unit testing / mock purposes
   forceSignOutHandler?: ForceSignOutHandler;
 }
@@ -38,8 +38,8 @@ export class App {
       origin: [(opts.allowedOrigin)],
     }));
 
-    app.use(json());
-    app.use(urlencoded({extended: true}));
+    app.use(json() as RequestHandler);
+    app.use(urlencoded({extended: true}) as RequestHandler);
 
     app.use(eventContext());
 
@@ -184,7 +184,12 @@ export class App {
 
     app.post("/forceSignOut", async (req: Request, res: Response) => {
       // all tokens issued before this call will no longer be allowed to be used
-      await opts.cognito.adminUserGlobalSignOut({Username: req.username, UserPoolId: opts.userPoolId}).promise();
+      const params = {
+        UserPoolId: opts.userPoolId,
+        Username: req.username,
+      }
+      const command = new AdminUserGlobalSignOutCommand(params);
+      await opts.cognito.send(command);
       if (opts.forceSignOutHandler) {
         await opts.forceSignOutHandler.forceSignOut(req);
       }
 
@@ -1,7 +1,9 @@
-import {App} from "./app";
-import {DynamoDBStorageService} from "./services/dynamoDBStorageService";
-import {DynamoDBForcedSignoutHandler} from "./services/dynamoDBForcedSignoutHandler";
-import aws = require("aws-sdk");
+import { App } from "./app";
+import { DynamoDBStorageService } from "./services/dynamoDBStorageService";
+import { DynamoDBForcedSignoutHandler } from "./services/dynamoDBForcedSignoutHandler";
+import { CognitoIdentityProviderClient } from "@aws-sdk/client-cognito-identity-provider";
+import { DynamoDBClient } from "@aws-sdk/client-dynamodb";
+import { DynamoDBDocumentClient } from "@aws-sdk/lib-dynamodb";
 
 if (!process.env.ITEMS_TABLE_NAME) {
   throw new Error("Required environment variable ITEMS_TABLE_NAME is missing");
@@ -15,14 +17,21 @@ if (!process.env.ALLOWED_ORIGIN) {
   throw new Error("Required environment variable ALLOWED_ORIGIN is missing");
 }
 
+const ddbDocClient = DynamoDBDocumentClient.from(new DynamoDBClient());
+
 export const expressApp = new App({
-  cognito: new aws.CognitoIdentityServiceProvider(),
+  cognito: new CognitoIdentityProviderClient(),
   adminsGroupName: process.env.ADMINS_GROUP_NAME || "pet-app-admins",
   usersGroupName: process.env.USERS_GROUP_NAME || "pet-app-users",
-  authorizationHeaderName: process.env.AUTHORIZATION_HEADER_NAME || "Authorization",
+  authorizationHeaderName:
+    process.env.AUTHORIZATION_HEADER_NAME || "Authorization",
   userPoolId: process.env.USER_POOL_ID,
-  forceSignOutHandler: process.env.USERS_TABLE_NAME ?
-    new DynamoDBForcedSignoutHandler(process.env.USERS_TABLE_NAME) : undefined,
-  storageService: new DynamoDBStorageService(process.env.ITEMS_TABLE_NAME),
+  forceSignOutHandler: process.env.USERS_TABLE_NAME
+    ? new DynamoDBForcedSignoutHandler(
+        process.env.USERS_TABLE_NAME,
+        ddbDocClient
+      )
+    : undefined,
+  storageService: new DynamoDBStorageService(process.env.ITEMS_TABLE_NAME, ddbDocClient),
   allowedOrigin: process.env.ALLOWED_ORIGIN,
 }).expressApp;
@@ -1,12 +1,11 @@
 import {ForceSignOutHandler} from "./authorizationMiddleware";
 import {Request} from "express";
-import {DocumentClient} from "aws-sdk/lib/dynamodb/document_client";
-import aws = require("aws-sdk");
+import { DynamoDBDocumentClient, PutCommand, GetCommand } from "@aws-sdk/lib-dynamodb";
 
 export class DynamoDBForcedSignoutHandler implements ForceSignOutHandler {
 
   constructor(private readonly tableName: string,
-              private readonly docClient: DocumentClient = new aws.DynamoDB.DocumentClient(),
+              private readonly docClient: DynamoDBDocumentClient,
               private readonly keyAttributeName: string = "username",
               private readonly lastForceSignOutTimeAttributeName: string = "lastForceSignOutTime",
               private readonly ttlAttributeName: string = "ttl" ,
@@ -25,7 +24,8 @@ export class DynamoDBForcedSignoutHandler implements ForceSignOutHandler {
         Key: key,
       };
 
-      const result = await this.docClient.get(params).promise();
+      const command = new GetCommand(params)
+      const result = await this.docClient.send(command);
 
       if (result.Item && typeof result.Item[this.lastForceSignOutTimeAttributeName] === "number") {
 
@@ -56,10 +56,11 @@ export class DynamoDBForcedSignoutHandler implements ForceSignOutHandler {
 
     try {
 
-      await this.docClient.put({
+      const command = new PutCommand({
         TableName: this.tableName,
         Item: item,
-      }).promise();
+      });
+      await this.docClient.send(command);
 
     } catch (ex) {
       console.error("Error revoking token: ", ex);
 
@@ -1,23 +1,22 @@
-import aws = require("aws-sdk");
-import {DocumentClient} from "aws-sdk/lib/dynamodb/document_client";
+
+import { DynamoDBDocumentClient, PutCommand, GetCommand, ScanCommand, DeleteCommand, ScanCommandInput } from "@aws-sdk/lib-dynamodb";
 import {StorageService} from "./storageService";
-import {ScanInput} from "aws-sdk/clients/dynamodb";
 import {Pet} from "../models/pet";
 
 export class DynamoDBStorageService implements StorageService {
 
   constructor(private readonly tableName: string,
-              private readonly docClient: DocumentClient = new aws.DynamoDB.DocumentClient()) {
+              private readonly docClient: DynamoDBDocumentClient) {
   }
 
   public async getPet(id: string): Promise<Pet | null> {
 
     try {
-      const data = await this.docClient.get({
+      const data = await this.docClient.send(new GetCommand({
         TableName: this.tableName,
         Key: {id},
         ConsistentRead: true,
-      }).promise();
+      }));
       if (data && data.Item) {
         return data.Item as Pet;
       }
@@ -30,10 +29,10 @@ export class DynamoDBStorageService implements StorageService {
 
   public async savePet(pet: Pet): Promise<void> {
     try {
-      await this.docClient.put({
+      await this.docClient.send(new PutCommand({
         TableName: this.tableName,
         Item: pet,
-      }).promise();
+      }));
     } catch (ex) {
       console.warn("Error saving entry", ex);
       throw ex;
@@ -45,11 +44,11 @@ export class DynamoDBStorageService implements StorageService {
 
       const result: Pet[] = [];
 
-      const params: ScanInput = {TableName: this.tableName};
+      const params: ScanCommandInput = {TableName: this.tableName};
 
       while (true) {
 
-        const data = await this.docClient.scan(params).promise();
+        const data = await this.docClient.send(new ScanCommand(params));
         result.push(...data.Items as Pet[]);
 
         if (!data.LastEvaluatedKey) {
@@ -70,7 +69,7 @@ export class DynamoDBStorageService implements StorageService {
 
   public async deletePet(id: string): Promise<void> {
     try {
-      await this.docClient.delete({TableName: this.tableName, Key: {id}}).promise();
+      await this.docClient.send(new DeleteCommand({TableName: this.tableName, Key: {id}}));
     } catch (ex) {
       console.warn("Error deleting entry", ex);
       throw ex;