Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(auth): Fix passwordless tests #2956

Merged
merged 12 commits into from
Nov 26, 2024
Original file line number Diff line number Diff line change
@@ -965,7 +965,8 @@ internal class RealAWSCognitoAuthPlugin(
username = challengeState.challenge.username,
session = challengeState.challenge.session,
parameters = challengeState.challenge.parameters
)
),
signInMethod = challengeState.signInMethod
)
)
authStateMachine.send(event)
@@ -980,7 +981,8 @@ internal class RealAWSCognitoAuthPlugin(
username = challengeState.challenge.username,
session = challengeState.challenge.session,
parameters = challengeState.challenge.parameters
)
),
signInMethod = challengeState.signInMethod
)
)
authStateMachine.send(event)
@@ -1035,15 +1037,16 @@ internal class RealAWSCognitoAuthPlugin(
is SignInState.ResolvingTOTPSetup -> {
when (signInState.setupTOTPState) {
is SetupTOTPState.WaitingForAnswer -> {
val setupData =
(signInState.setupTOTPState as SetupTOTPState.WaitingForAnswer).signInTOTPSetupData
val setupTOTPState =
(signInState.setupTOTPState as SetupTOTPState.WaitingForAnswer)

val event = SetupTOTPEvent(
SetupTOTPEvent.EventType.VerifyChallengeAnswer(
challengeResponse,
setupData.username,
setupData.session,
awsCognitoConfirmSignInOptions?.friendlyDeviceName
setupTOTPState.signInTOTPSetupData.username,
setupTOTPState.signInTOTPSetupData.session,
awsCognitoConfirmSignInOptions?.friendlyDeviceName,
setupTOTPState.signInMethod
)
)
authStateMachine.send(event)
@@ -1053,13 +1056,16 @@ internal class RealAWSCognitoAuthPlugin(
(signInState.setupTOTPState as SetupTOTPState.Error).username
val session =
(signInState.setupTOTPState as SetupTOTPState.Error).session
val signInMethod =
(signInState.setupTOTPState as SetupTOTPState.Error).signInMethod

val event = SetupTOTPEvent(
SetupTOTPEvent.EventType.VerifyChallengeAnswer(
challengeResponse,
username,
session,
awsCognitoConfirmSignInOptions?.friendlyDeviceName
awsCognitoConfirmSignInOptions?.friendlyDeviceName,
signInMethod
)
)
authStateMachine.send(event)
Original file line number Diff line number Diff line change
@@ -32,6 +32,7 @@ import com.amplifyframework.statemachine.Action
import com.amplifyframework.statemachine.codegen.actions.SRPActions
import com.amplifyframework.statemachine.codegen.data.CredentialType
import com.amplifyframework.statemachine.codegen.data.DeviceMetadata
import com.amplifyframework.statemachine.codegen.data.SignInMethod
import com.amplifyframework.statemachine.codegen.events.AuthenticationEvent
import com.amplifyframework.statemachine.codegen.events.SRPEvent
import com.amplifyframework.statemachine.codegen.events.SignInEvent
@@ -245,7 +246,8 @@ internal object SRPCognitoActions : SRPActions {
override fun verifyPasswordSRPAction(
challengeParameters: Map<String, String>,
metadata: Map<String, String>,
session: String?
session: String?,
signInMethod: SignInMethod
) =
Action<AuthEnvironment>("VerifyPasswordSRP") { id, dispatcher ->
logger.verbose("$id Starting execution")
@@ -292,7 +294,8 @@ internal object SRPCognitoActions : SRPActions {
challengeNameType = response.challengeName,
session = response.session,
challengeParameters = response.challengeParameters,
authenticationResult = response.authenticationResult
authenticationResult = response.authenticationResult,
signInMethod = signInMethod
)
} else {
throw ServiceException(
@@ -311,7 +314,7 @@ internal object SRPCognitoActions : SRPActions {
)
)
)
SRPEvent(SRPEvent.EventType.RetryRespondPasswordVerifier(challengeParams, metadata, session))
SRPEvent(SRPEvent.EventType.RetryRespondPasswordVerifier(challengeParams, metadata, session, signInMethod))
} else {
val errorEvent = SRPEvent(SRPEvent.EventType.ThrowPasswordVerifierError(e))
logger.verbose("$id Sending event ${errorEvent.type}")
Original file line number Diff line number Diff line change
@@ -46,22 +46,25 @@ internal object SetupTOTPCognitoActions : SetupTOTPActions {
session = response.session,
username = eventType.totpSetupDetails.username
),
challengeParams = eventType.challengeParams
challengeParams = eventType.challengeParams,
signInMethod = eventType.signInMethod
)
)
} ?: SetupTOTPEvent(
SetupTOTPEvent.EventType.ThrowAuthError(
Exception("Software token setup failed"),
eventType.totpSetupDetails.username,
eventType.totpSetupDetails.session
eventType.totpSetupDetails.session,
eventType.signInMethod
)
)
} catch (e: Exception) {
SetupTOTPEvent(
SetupTOTPEvent.EventType.ThrowAuthError(
e,
eventType.totpSetupDetails.username,
eventType.totpSetupDetails.session
eventType.totpSetupDetails.session,
eventType.signInMethod
)
)
}
@@ -87,7 +90,8 @@ internal object SetupTOTPCognitoActions : SetupTOTPActions {
SetupTOTPEvent(
SetupTOTPEvent.EventType.RespondToAuthChallenge(
eventType.username,
it.session
it.session,
eventType.signInMethod
)
)
}
@@ -99,7 +103,8 @@ internal object SetupTOTPCognitoActions : SetupTOTPActions {
recoverySuggestion = AmplifyException.TODO_RECOVERY_SUGGESTION
),
eventType.username,
eventType.session
eventType.session,
eventType.signInMethod
)
)
}
@@ -108,15 +113,17 @@ internal object SetupTOTPCognitoActions : SetupTOTPActions {
SetupTOTPEvent.EventType.ThrowAuthError(
Exception("Software token verification failed"),
eventType.username,
eventType.session
eventType.session,
eventType.signInMethod
)
)
} catch (exception: Exception) {
SetupTOTPEvent(
SetupTOTPEvent.EventType.ThrowAuthError(
exception,
eventType.username,
eventType.session
eventType.session,
eventType.signInMethod
)
)
}
@@ -152,18 +159,22 @@ internal object SetupTOTPCognitoActions : SetupTOTPActions {
challengeNameType = response.challengeName,
session = response.session,
challengeParameters = response.challengeParameters,
authenticationResult = response.authenticationResult
authenticationResult = response.authenticationResult,
signInMethod = eventType.signInMethod
)
} ?: SetupTOTPEvent(
SetupTOTPEvent.EventType.ThrowAuthError(
Exception("Software token verification failed"),
eventType.username,
eventType.session
eventType.session,
eventType.signInMethod
)
)
} catch (exception: Exception) {
SetupTOTPEvent(
SetupTOTPEvent.EventType.ThrowAuthError(exception, eventType.username, eventType.session)
SetupTOTPEvent.EventType.ThrowAuthError(
exception, eventType.username, eventType.session, eventType.signInMethod
)
)
}
dispatcher.send(evt)
Original file line number Diff line number Diff line change
@@ -29,6 +29,7 @@ import com.amplifyframework.statemachine.Action
import com.amplifyframework.statemachine.codegen.actions.SignInChallengeActions
import com.amplifyframework.statemachine.codegen.data.AuthChallenge
import com.amplifyframework.statemachine.codegen.data.CredentialType
import com.amplifyframework.statemachine.codegen.data.SignInMethod
import com.amplifyframework.statemachine.codegen.data.challengeNameType
import com.amplifyframework.statemachine.codegen.events.CustomSignInEvent
import com.amplifyframework.statemachine.codegen.events.SignInChallengeEvent
@@ -41,7 +42,8 @@ internal object SignInChallengeCognitoActions : SignInChallengeActions {
answer: String,
metadata: Map<String, String>,
attributes: List<AuthUserAttribute>,
challenge: AuthChallenge
challenge: AuthChallenge,
signInMethod: SignInMethod
): Action = Action<AuthEnvironment>("VerifySignInChallenge") { id, dispatcher ->
logger.verbose("$id Starting execution")
val evt = try {
@@ -55,7 +57,8 @@ internal object SignInChallengeCognitoActions : SignInChallengeActions {
challengeNameType = ChallengeNameType.MfaSetup,
session = challenge.session,
challengeParameters = mapOf("MFAS_CAN_SETUP" to answer),
authenticationResult = null
authenticationResult = null,
signInMethod = signInMethod
)
logger.verbose("$id Sending event ${event.type}")
dispatcher.send(event)
@@ -102,7 +105,8 @@ internal object SignInChallengeCognitoActions : SignInChallengeActions {
challengeNameType = response.challengeName,
session = response.session,
challengeParameters = response.challengeParameters,
authenticationResult = response.authenticationResult
authenticationResult = response.authenticationResult,
signInMethod = signInMethod
)
} ?: CustomSignInEvent(
CustomSignInEvent.EventType.ThrowAuthError(
Original file line number Diff line number Diff line change
@@ -108,7 +108,9 @@ internal object SignInCognitoActions : SignInActions {
override fun initResolveChallenge(event: SignInEvent.EventType.ReceivedChallenge) =
Action<AuthEnvironment>("InitResolveChallenge") { id, dispatcher ->
logger.verbose("$id Starting execution")
val evt = SignInChallengeEvent(SignInChallengeEvent.EventType.WaitForAnswer(event.challenge, true))
val evt = SignInChallengeEvent(
SignInChallengeEvent.EventType.WaitForAnswer(event.challenge, event.signInMethod, true)
)
logger.verbose("$id Sending event ${evt.type}")
dispatcher.send(evt)
}
@@ -167,7 +169,8 @@ internal object SignInCognitoActions : SignInActions {
val evt = SetupTOTPEvent(
SetupTOTPEvent.EventType.SetupTOTP(
totpSetupDetails = event.signInTOTPSetupData,
challengeParams = event.challengeParams
challengeParams = event.challengeParams,
signInMethod = event.signInMethod
)
)
logger.verbose("$id Sending event ${evt.type}")
Original file line number Diff line number Diff line change
@@ -62,7 +62,8 @@ internal object WebAuthnSignInCognitoActions : WebAuthnSignInActions {
session = response.session,
challengeParameters = response.challengeParameters,
authenticationResult = response.authenticationResult,
callingActivity = signInContext.callingActivity
callingActivity = signInContext.callingActivity,
signInMethod = SignInMethod.ApiBased(SignInMethod.ApiBased.AuthType.USER_AUTH)
)
}

Original file line number Diff line number Diff line change
@@ -16,6 +16,7 @@ package com.amplifyframework.auth.cognito.helpers

import aws.sdk.kotlin.services.cognitoidentityprovider.model.AuthFlowType as CognitoAuthFlowType
import com.amplifyframework.auth.cognito.options.AuthFlowType
import com.amplifyframework.statemachine.codegen.data.SignInMethod

internal fun AuthFlowType.toCognitoType() = when (this) {
AuthFlowType.USER_SRP_AUTH -> CognitoAuthFlowType.UserSrpAuth
@@ -25,3 +26,12 @@ internal fun AuthFlowType.toCognitoType() = when (this) {
AuthFlowType.USER_PASSWORD_AUTH -> CognitoAuthFlowType.UserPasswordAuth
AuthFlowType.USER_AUTH -> CognitoAuthFlowType.UserAuth
}

internal fun AuthFlowType.toSignInMethod() = when (this) {
AuthFlowType.USER_SRP_AUTH -> SignInMethod.ApiBased(SignInMethod.ApiBased.AuthType.USER_SRP_AUTH)
AuthFlowType.CUSTOM_AUTH -> SignInMethod.ApiBased(SignInMethod.ApiBased.AuthType.CUSTOM_AUTH)
AuthFlowType.CUSTOM_AUTH_WITH_SRP -> SignInMethod.ApiBased(SignInMethod.ApiBased.AuthType.CUSTOM_AUTH)
AuthFlowType.CUSTOM_AUTH_WITHOUT_SRP -> SignInMethod.ApiBased(SignInMethod.ApiBased.AuthType.CUSTOM_AUTH)
AuthFlowType.USER_PASSWORD_AUTH -> SignInMethod.ApiBased(SignInMethod.ApiBased.AuthType.USER_PASSWORD_AUTH)
AuthFlowType.USER_AUTH -> SignInMethod.ApiBased(SignInMethod.ApiBased.AuthType.USER_AUTH)
}
Original file line number Diff line number Diff line change
@@ -55,7 +55,7 @@ internal object SignInChallengeHelper {
availableChallenges: List<String>? = null,
authenticationResult: AuthenticationResultType?,
callingActivity: WeakReference<Activity> = WeakReference(null),
signInMethod: SignInMethod = SignInMethod.ApiBased(SignInMethod.ApiBased.AuthType.USER_SRP_AUTH)
signInMethod: SignInMethod
): StateMachineEvent = when {
authenticationResult != null -> {
authenticationResult.let {
@@ -96,17 +96,17 @@ internal object SignInChallengeHelper {
challengeNameType is ChallengeNameType.EmailOtp -> {
val challenge =
AuthChallenge(challengeNameType.value, username, session, challengeParameters)
SignInEvent(SignInEvent.EventType.ReceivedChallenge(challenge))
SignInEvent(SignInEvent.EventType.ReceivedChallenge(challenge, signInMethod))
}
challengeNameType is ChallengeNameType.MfaSetup -> {
val allowedMFASetupTypes = getAllowedMFASetupTypesFromChallengeParameters(challengeParameters)
val challenge = AuthChallenge(challengeNameType.value, username, session, challengeParameters)

if (allowedMFASetupTypes.contains(MFAType.EMAIL)) {
SignInEvent(SignInEvent.EventType.ReceivedChallenge(challenge))
SignInEvent(SignInEvent.EventType.ReceivedChallenge(challenge, signInMethod))
} else if (allowedMFASetupTypes.contains(MFAType.TOTP)) {
val setupTOTPData = SignInTOTPSetupData("", session, username)
SignInEvent(SignInEvent.EventType.InitiateTOTPSetup(setupTOTPData, challenge.parameters))
SignInEvent(SignInEvent.EventType.InitiateTOTPSetup(setupTOTPData, challenge.parameters, signInMethod))
} else {
SignInEvent(
SignInEvent.EventType.ThrowError(
@@ -127,7 +127,8 @@ internal object SignInChallengeHelper {
session = session,
parameters = null,
availableChallenges = availableChallenges
)
),
signInMethod
)
)
}
Original file line number Diff line number Diff line change
@@ -16,6 +16,7 @@
package com.amplifyframework.statemachine.codegen.actions

import com.amplifyframework.statemachine.Action
import com.amplifyframework.statemachine.codegen.data.SignInMethod
import com.amplifyframework.statemachine.codegen.events.SRPEvent

internal interface SRPActions {
@@ -24,6 +25,7 @@ internal interface SRPActions {
fun verifyPasswordSRPAction(
challengeParameters: Map<String, String>,
metadata: Map<String, String>,
session: String?
session: String?,
signInMethod: SignInMethod
): Action
}
Original file line number Diff line number Diff line change
@@ -18,12 +18,14 @@ package com.amplifyframework.statemachine.codegen.actions
import com.amplifyframework.auth.AuthUserAttribute
import com.amplifyframework.statemachine.Action
import com.amplifyframework.statemachine.codegen.data.AuthChallenge
import com.amplifyframework.statemachine.codegen.data.SignInMethod

internal interface SignInChallengeActions {
fun verifyChallengeAuthAction(
answer: String,
metadata: Map<String, String>,
userAttributes: List<AuthUserAttribute>,
challenge: AuthChallenge
challenge: AuthChallenge,
signInMethod: SignInMethod
): Action
}
Original file line number Diff line number Diff line change
@@ -18,6 +18,7 @@ package com.amplifyframework.statemachine.codegen.events
import com.amplifyframework.auth.cognito.options.AuthFlowType
import com.amplifyframework.statemachine.StateMachineEvent
import com.amplifyframework.statemachine.codegen.data.AuthChallenge
import com.amplifyframework.statemachine.codegen.data.SignInMethod
import java.util.Date

internal class SRPEvent(val eventType: EventType, override val time: Date? = null) :
@@ -44,7 +45,8 @@ internal class SRPEvent(val eventType: EventType, override val time: Date? = nul
data class RetryRespondPasswordVerifier(
val challengeParameters: Map<String, String>,
val metadata: Map<String, String>,
val session: String?
val session: String?,
val signInMethod: SignInMethod
) : EventType()

data class ThrowAuthError(val exception: Exception) : EventType()
Loading