UNPKG

@aws-amplify/auth

Version:

Auth category of aws-amplify

aws-amplify.github.io

aws-amplify/amplify-js

1 lines 4.12 kB
1
{"version":3,"file":"getNewDeviceMetadata.mjs","sources":["../../../../../src/providers/cognito/utils/getNewDeviceMetadata.ts"],"sourcesContent":["// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nimport { base64Encoder, getDeviceName, } from '@aws-amplify/core/internals/utils';\nimport { createConfirmDeviceClient } from '../../../foundation/factories/serviceClients/cognitoIdentityProvider';\nimport { createCognitoUserPoolEndpointResolver } from '../factories';\nimport { getRegionFromUserPoolId } from '../../../foundation/parsers';\nimport { getAuthenticationHelper, getBytesFromHex } from './srp';\n/**\n * This function is used to kick off the device management flow.\n *\n * If an error is thrown while generating a hash device or calling the `ConfirmDevice`\n * client, then this API will ignore the error and return undefined. Otherwise the authentication\n * flow will not complete and the user won't be able to be signed in.\n *\n * @returns DeviceMetadata | undefined\n */\nexport async function getNewDeviceMetadata({ userPoolId, userPoolEndpoint, newDeviceMetadata, accessToken, }) {\n if (!newDeviceMetadata)\n return undefined;\n const userPoolName = userPoolId.split('_')[1] || '';\n const authenticationHelper = await getAuthenticationHelper(userPoolName);\n const deviceKey = newDeviceMetadata?.DeviceKey;\n const deviceGroupKey = newDeviceMetadata?.DeviceGroupKey;\n try {\n await authenticationHelper.generateHashDevice(deviceGroupKey ?? '', deviceKey ?? '');\n }\n catch (errGenHash) {\n // TODO: log error here\n return undefined;\n }\n const deviceSecretVerifierConfig = {\n Salt: base64Encoder.convert(getBytesFromHex(authenticationHelper.getSaltToHashDevices())),\n PasswordVerifier: base64Encoder.convert(getBytesFromHex(authenticationHelper.getVerifierDevices())),\n };\n const randomPassword = authenticationHelper.getRandomPassword();\n try {\n const confirmDevice = createConfirmDeviceClient({\n endpointResolver: createCognitoUserPoolEndpointResolver({\n endpointOverride: userPoolEndpoint,\n }),\n });\n await confirmDevice({ region: getRegionFromUserPoolId(userPoolId) }, {\n AccessToken: accessToken,\n DeviceName: await getDeviceName(),\n DeviceKey: newDeviceMetadata?.DeviceKey,\n DeviceSecretVerifierConfig: deviceSecretVerifierConfig,\n });\n return {\n deviceKey,\n deviceGroupKey,\n randomPassword,\n };\n }\n catch (error) {\n // TODO: log error here\n return undefined;\n }\n}\n"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA;AACA;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAe,oBAAoB,CAAC,EAAE,UAAU,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,WAAW,GAAG,EAAE;AAC9G,IAAI,IAAI,CAAC,iBAAiB;AAC1B,QAAQ,OAAO,SAAS;AACxB,IAAI,MAAM,YAAY,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE;AACvD,IAAI,MAAM,oBAAoB,GAAG,MAAM,uBAAuB,CAAC,YAAY,CAAC;AAC5E,IAAI,MAAM,SAAS,GAAG,iBAAiB,EAAE,SAAS;AAClD,IAAI,MAAM,cAAc,GAAG,iBAAiB,EAAE,cAAc;AAC5D,IAAI,IAAI;AACR,QAAQ,MAAM,oBAAoB,CAAC,kBAAkB,CAAC,cAAc,IAAI,EAAE,EAAE,SAAS,IAAI,EAAE,CAAC;AAC5F;AACA,IAAI,OAAO,UAAU,EAAE;AACvB;AACA,QAAQ,OAAO,SAAS;AACxB;AACA,IAAI,MAAM,0BAA0B,GAAG;AACvC,QAAQ,IAAI,EAAE,aAAa,CAAC,OAAO,CAAC,eAAe,CAAC,oBAAoB,CAAC,oBAAoB,EAAE,CAAC,CAAC;AACjG,QAAQ,gBAAgB,EAAE,aAAa,CAAC,OAAO,CAAC,eAAe,CAAC,oBAAoB,CAAC,kBAAkB,EAAE,CAAC,CAAC;AAC3G,KAAK;AACL,IAAI,MAAM,cAAc,GAAG,oBAAoB,CAAC,iBAAiB,EAAE;AACnE,IAAI,IAAI;AACR,QAAQ,MAAM,aAAa,GAAG,yBAAyB,CAAC;AACxD,YAAY,gBAAgB,EAAE,qCAAqC,CAAC;AACpE,gBAAgB,gBAAgB,EAAE,gBAAgB;AAClD,aAAa,CAAC;AACd,SAAS,CAAC;AACV,QAAQ,MAAM,aAAa,CAAC,EAAE,MAAM,EAAE,uBAAuB,CAAC,UAAU,CAAC,EAAE,EAAE;AAC7E,YAAY,WAAW,EAAE,WAAW;AACpC,YAAY,UAAU,EAAE,MAAM,aAAa,EAAE;AAC7C,YAAY,SAAS,EAAE,iBAAiB,EAAE,SAAS;AACnD,YAAY,0BAA0B,EAAE,0BAA0B;AAClE,SAAS,CAAC;AACV,QAAQ,OAAO;AACf,YAAY,SAAS;AACrB,YAAY,cAAc;AAC1B,YAAY,cAAc;AAC1B,SAAS;AACT;AACA,IAAI,OAAO,KAAK,EAAE;AAClB;AACA,QAAQ,OAAO,SAAS;AACxB;AACA;;;;"}