aws-amplify · harsh62 · Dec 11, 2024 · Dec 11, 2024 · Dec 11, 2024 · Dec 11, 2024
@@ -133,8 +133,8 @@ extension AWSCognitoAuthCredentialStore: AmplifyAuthCredentialStoreBehavior {
     func retrieveCredential() throws -> AmplifyCredentials {
         let authCredentialStoreKey = generateSessionKey(for: authConfiguration)
         let authCredentialData = try keychain._getData(authCredentialStoreKey)
-        let awsCredential: AmplifyCredentials = try decode(data: authCredentialData)
-        return awsCredential
+        let amplifyCredential: AmplifyCredentials = try decode(data: authCredentialData)
+        return amplifyCredential
     }
 
     func deleteCredential() throws {
@@ -191,15 +191,15 @@ private extension AWSCognitoAuthCredentialStore {
         do {
             return try JSONEncoder().encode(object)
         } catch {
-            throw KeychainStoreError.codingError("Error occurred while encoding AWSCredentials", error)
+            throw KeychainStoreError.codingError("Error occurred while encoding credentials", error)
         }
     }
 
     func decode<T: Decodable>(data: Data) throws -> T {
         do {
             return try JSONDecoder().decode(T.self, from: data)
         } catch {
-            throw KeychainStoreError.codingError("Error occurred while decoding AWSCredentials", error)
+            throw KeychainStoreError.codingError("Error occurred while decoding credentials", error)
         }
     }
 

@@ -36,8 +36,10 @@ public enum AuthFlowType {
 
     internal init?(rawValue: String) {
         switch rawValue {
-        case "CUSTOM_AUTH":
+        case "CUSTOM_AUTH", "CUSTOM_AUTH_WITH_SRP":
             self = .customWithSRP
+        case "CUSTOM_AUTH_WITHOUT_SRP":
+            self = .customWithoutSRP
         case "USER_SRP_AUTH":
             self = .userSRP
         case "USER_PASSWORD_AUTH":
@@ -51,8 +53,10 @@ public enum AuthFlowType {
 
     var rawValue: String {
         switch self {
-        case .custom, .customWithSRP, .customWithoutSRP:
-            return "CUSTOM_AUTH"
+        case .custom, .customWithSRP:
+            return "CUSTOM_AUTH_WITH_SRP"
+        case .customWithoutSRP:
+            return "CUSTOM_AUTH_WITHOUT_SRP"
         case .userSRP:
             return "USER_SRP_AUTH"
         case .userPassword:
@@ -62,6 +66,24 @@ public enum AuthFlowType {
         }
     }
 
+    // This initializer has been added to migrate credentials that were created in the pre-passwordless era
+    internal static func legacyInit(rawValue: String) -> Self? {
+        switch rawValue {
+        case "userSRP":
+            return .userSRP
+        case "userPassword":
+            return .userPassword
+        case "custom":
+            return .custom
+        case "customWithSRP":
+            return .customWithSRP
+        case "customWithoutSRP":
+            return .customWithoutSRP
+        default:
+            return nil
+        }
+    }
+
     public static var userAuth: AuthFlowType {
         return .userAuth(preferredFirstFactor: nil)
     }
@@ -110,27 +132,46 @@ extension AuthFlowType: Codable {
 
     // Decoding the enum
     public init(from decoder: Decoder) throws {
-        let container = try decoder.container(keyedBy: CodingKeys.self)
+        let container: KeyedDecodingContainer<CodingKeys>
+        do {
+            container = try decoder.container(keyedBy: CodingKeys.self)
+        } catch DecodingError.typeMismatch {
+            // The type mismatch has been added to handle a scenario where the user is migrating passwordless flows.
+            // Passwordless flow added a new enum case with a associated type.
+            // The association resulted in encoding structure changes that is different from the non-passwordless flows.
+            // The structure change causes the type mismatch exception and this code block tries to retrieve the legacy structure and decode it.
+            let legacyContainer = try decoder.singleValueContainer()
+            let type = try legacyContainer.decode(String.self)
+            guard let authFlowType = AuthFlowType.legacyInit(rawValue: type) else {
+                throw DecodingError.dataCorruptedError(in: legacyContainer, debugDescription: "Invalid AuthFlowType value")
+            }
+            self = authFlowType
+            return
+        } catch {
+            throw error
+        }
 
-        // Decode the type (raw value)
         let type = try container.decode(String.self, forKey: .type)
 
         // Initialize based on the type
         switch type {
         case "USER_SRP_AUTH":
             self = .userSRP
-        case "CUSTOM_AUTH":
-            // Depending on your needs, choose either `.custom`, `.customWithSRP`, or `.customWithoutSRP`
-            // In this case, we'll default to `.custom`
-            self = .custom
+        case "CUSTOM_AUTH", "CUSTOM_AUTH_WITH_SRP":
+            self = .customWithSRP
+        case "CUSTOM_AUTH_WITHOUT_SRP":
+            self = .customWithoutSRP
         case "USER_PASSWORD_AUTH":
             self = .userPassword
         case "USER_AUTH":
             let preferredFirstFactorString = try container.decode(String.self, forKey: .preferredFirstFactor)
             if let preferredFirstFactor = AuthFactorType(rawValue: preferredFirstFactorString) {
                 self = .userAuth(preferredFirstFactor: preferredFirstFactor)
             } else {
-                throw DecodingError.dataCorruptedError(forKey: .type, in: container, debugDescription: "Unable to decode preferredFirstFactor value")
+                throw DecodingError.dataCorruptedError(
+                    forKey: .preferredFirstFactor,
+                    in: container,
+                    debugDescription: "Unable to decode preferredFirstFactor value")
             }
         default:
             throw DecodingError.dataCorruptedError(forKey: .type, in: container, debugDescription: "Invalid AuthFlowType value")
@@ -152,5 +193,4 @@ extension AuthFlowType {
             return .userAuth
         }
     }
-
 }