-
Notifications
You must be signed in to change notification settings - Fork 2.1k
/
confirmSignInWithOTP.ts
105 lines (99 loc) · 3.44 KB
/
confirmSignInWithOTP.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
import { Amplify, Hub } from '@aws-amplify/core';
import { respondToAuthChallenge } from '../utils/clients/CognitoIdentityProvider';
import {
AMPLIFY_SYMBOL,
AuthAction,
assertTokenProviderConfig,
} from '@aws-amplify/core/internals/utils';
import { assertValidationError } from '../../../errors/utils/assertValidationError';
import { AuthValidationErrorCode } from '../../../errors/types/validation';
import { RespondToAuthChallengeCommandInput } from '../utils/clients/CognitoIdentityProvider/types';
import { getRegion } from '../utils/clients/CognitoIdentityProvider/utils';
import { getAuthUserAgentValue } from '../../../utils';
import { SignInWithOTPOutput } from '../types/outputs';
import { cleanActiveSignInState, signInStore } from '../utils/signInStore';
import { AuthError } from '../../../errors/AuthError';
import { AuthErrorCodes } from '../../../common/AuthErrorStrings';
import { cacheCognitoTokens } from '../tokenProvider/cacheTokens';
import { getNewDeviceMetatada } from '../utils/signInHelpers';
import { getCurrentUser } from './getCurrentUser';
export type ConfirmSignInWithOTPInput = {
challengeResponse: string;
};
export const confirmSignInWithOTP = async (
input: ConfirmSignInWithOTPInput
): Promise<SignInWithOTPOutput> => {
const authConfig = Amplify.getConfig().Auth?.Cognito;
assertTokenProviderConfig(authConfig);
const { userPoolId, userPoolClientId } = authConfig;
const { challengeResponse } = input;
assertValidationError(
!!challengeResponse,
AuthValidationErrorCode.EmptyChallengeResponse
);
const { username, signInSession, signInDetails } = signInStore.getState();
if (!username || !signInSession)
// TODO: remove this error message for production apps
throw new AuthError({
name: AuthErrorCodes.SignInException,
message: `
An error occurred during the sign in process.
This most likely occurred due to:
1. signIn was not called before confirmSignIn.
2. signIn threw an exception.
3. page was refreshed during the sign in flow.
`,
recoverySuggestion:
'Make sure a successful call to signIn is made before calling confirmSignIn' +
'and that the page is not refreshed until the sign in process is done.',
});
const jsonReqRespondToAuthChallenge: RespondToAuthChallengeCommandInput = {
ChallengeName: 'CUSTOM_CHALLENGE',
ChallengeResponses: {
USERNAME: username,
ANSWER: challengeResponse,
},
Session: signInSession,
ClientMetadata: {
"Amplify.Passwordless.signInMethod": "OTP",
"Amplify.Passwordless.action": "CONFIRM",
},
ClientId: userPoolClientId,
};
const { AuthenticationResult, ChallengeName } = await respondToAuthChallenge(
{
region: getRegion(userPoolId),
userAgentValue: getAuthUserAgentValue(AuthAction.ConfirmSignIn),
},
jsonReqRespondToAuthChallenge
);
if (AuthenticationResult) {
cleanActiveSignInState();
await cacheCognitoTokens({
username,
...AuthenticationResult,
NewDeviceMetadata: await getNewDeviceMetatada(
authConfig.userPoolId,
AuthenticationResult.NewDeviceMetadata,
AuthenticationResult.AccessToken
),
signInDetails,
});
Hub.dispatch(
'auth',
{
event: 'signedIn',
data: await getCurrentUser(),
},
'Auth',
AMPLIFY_SYMBOL
);
return {
isSignedIn: true,
nextStep: { signInStep: 'DONE' },
};
}
throw new Error(`ChallengeName: ${ChallengeName} is not implemented yet`);
};