From 2af4229b12e45d95f074bb45bd787543d36c166e Mon Sep 17 00:00:00 2001
From: anayeaye <alexandra@developmentseed.org>
Date: Tue, 5 Mar 2024 13:45:23 -0700
Subject: [PATCH 1/3] fix: unique export names for cfn outputs

---
 infra/stack.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/infra/stack.py b/infra/stack.py
index 64699e8..78b225e 100644
--- a/infra/stack.py
+++ b/infra/stack.py
@@ -333,7 +333,7 @@ def add_programmatic_client(
         CfnOutput(
             self,
             f"cognito-sdk-{service_id}-secret",
-            export_name=f"{stack_name}-cognito-sdk-secret",
+            export_name=f"{stack_name}-{service_id}-cognito-sdk-secret",
             value=f"{stack_name}/{service_id}",
         )
 
@@ -376,7 +376,7 @@ def add_service_client(
         CfnOutput(
             self,
             f"cognito-app-{service_id}-secret",
-            export_name=f"{stack_name}-cognito-app-secret",
+            export_name=f"{stack_name}-{service_id}-cognito-app-secret",
             value=f"{stack_name}/{service_id}",
         )
 

From 1f0ded0bbd0600e920faa22b9006814737b2aa97 Mon Sep 17 00:00:00 2001
From: anayeaye <alexandra@developmentseed.org>
Date: Tue, 5 Mar 2024 16:47:45 -0700
Subject: [PATCH 2/3] fix: tidy up client secret id export names

---
 app.py         |  4 ++--
 infra/stack.py | 10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/app.py b/app.py
index e0dc0d5..0385cf4 100644
--- a/app.py
+++ b/app.py
@@ -80,7 +80,7 @@
 # In this case, we want this client to be able to only register new STAC ingestions in
 # the STAC ingestion registry service.
 stack.add_service_client(
-    "veda-workflows",
+    "workflows-client",
     scopes=[
         stac_registry_scopes["stac:register"],
     ],
@@ -98,7 +98,7 @@
     )
 
 # Programmatic Clients
-client = stack.add_programmatic_client(f"{app_settings.app_name}-{app_settings.stage}-veda-sdk")
+client = stack.add_programmatic_client("programmatic-client")
 CfnOutput(
     stack,
     "client_id",
diff --git a/infra/stack.py b/infra/stack.py
index 78b225e..75bc157 100644
--- a/infra/stack.py
+++ b/infra/stack.py
@@ -59,7 +59,7 @@ def __init__(
                 )
             else:
                 auth_provider_client = self.add_programmatic_client(
-                    f"{stack_name}-identity-provider",
+                    "identity-provider",
                     name="Identity Pool Authentication Provider",
                 )
                 if app_settings.data_managers_role_arn:
@@ -332,8 +332,8 @@ def add_programmatic_client(
         stack_name = Stack.of(self).stack_name
         CfnOutput(
             self,
-            f"cognito-sdk-{service_id}-secret",
-            export_name=f"{stack_name}-{service_id}-cognito-sdk-secret",
+            f"{service_id}-secret-id",
+            export_name=f"{stack_name}-{service_id}-secret-id",
             value=f"{stack_name}/{service_id}",
         )
 
@@ -375,8 +375,8 @@ def add_service_client(
         stack_name = Stack.of(self).stack_name
         CfnOutput(
             self,
-            f"cognito-app-{service_id}-secret",
-            export_name=f"{stack_name}-{service_id}-cognito-app-secret",
+            f"{service_id}-secret-id",
+            export_name=f"{stack_name}-{service_id}-secret-id",
             value=f"{stack_name}/{service_id}",
         )
 

From 9e400ae9b4a7f26c12187865a1c4e4b5d43bad87 Mon Sep 17 00:00:00 2001
From: anayeaye <alexandra@developmentseed.org>
Date: Tue, 5 Mar 2024 16:53:27 -0700
Subject: [PATCH 3/3] feat: add aws_region to client secrets

---
 infra/stack.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/infra/stack.py b/infra/stack.py
index 75bc157..409f393 100644
--- a/infra/stack.py
+++ b/infra/stack.py
@@ -320,6 +320,8 @@ def add_programmatic_client(
             user_pool_client_name=name or service_id,
             # disable_o_auth=True,
         )
+
+        region = Stack.of(self).region
         self._create_secret(
             service_id,
             {
@@ -327,6 +329,7 @@ def add_programmatic_client(
                 "cognito_domain": self.domain.base_url(),
                 "client_id": client.user_pool_client_id,
                 "userpool_id": self.userpool.user_pool_id,
+                "aws_region": region,
             },
         )
         stack_name = Stack.of(self).stack_name
@@ -360,6 +363,7 @@ def add_service_client(
             disable_o_auth=False,
         )
 
+        region = Stack.of(self).region
         self._create_secret(
             service_id,
             {
@@ -369,6 +373,7 @@ def add_service_client(
                 "client_secret": self._get_client_secret(client),
                 "userpool_id": self.userpool.user_pool_id,
                 "scope": " ".join(scope.scope_name for scope in scopes),
+                "aws_region": region,
             },
         )