UNPKG

@aws-amplify/auth

Version:

Auth category of aws-amplify

aws-amplify.github.io

aws-amplify/amplify-js

60 lines (56 loc) 2.22 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 import { Amplify, fetchAuthSession } from '@aws-amplify/core'; import { AuthAction, assertTokenProviderConfig, } from '@aws-amplify/core/internals/utils'; import { AuthValidationErrorCode } from '../../../errors/types/validation'; import { assertValidationError } from '../../../errors/utils/assertValidationError'; import { VerifyTOTPSetupInput } from '../types'; import { VerifySoftwareTokenException } from '../types/errors'; import { getRegionFromUserPoolId } from '../../../foundation/parsers'; import { assertAuthTokens } from '../utils/types'; import { getAuthUserAgentValue } from '../../../utils'; import { createVerifySoftwareTokenClient } from '../../../foundation/factories/serviceClients/cognitoIdentityProvider'; import { createCognitoUserPoolEndpointResolver } from '../factories'; /** * Verifies an OTP code retrieved from an associated authentication app. * * @param input - The VerifyTOTPSetupInput * @throws -{@link VerifySoftwareTokenException }: * Thrown due to an invalid MFA token. * @throws -{@link AuthValidationErrorCode }: * Thrown when `code` is not defined. * @throws AuthTokenConfigException - Thrown when the token provider config is invalid. */ export async function verifyTOTPSetup( input: VerifyTOTPSetupInput, ): Promise<void> { const authConfig = Amplify.getConfig().Auth?.Cognito; assertTokenProviderConfig(authConfig); const { userPoolEndpoint, userPoolId } = authConfig; const { code, options } = input; assertValidationError( !!code, AuthValidationErrorCode.EmptyVerifyTOTPSetupCode, ); const { tokens } = await fetchAuthSession({ forceRefresh: false }); assertAuthTokens(tokens); const verifySoftwareToken = createVerifySoftwareTokenClient({ endpointResolver: createCognitoUserPoolEndpointResolver({ endpointOverride: userPoolEndpoint, }), }); await verifySoftwareToken( { region: getRegionFromUserPoolId(userPoolId), userAgentValue: getAuthUserAgentValue(AuthAction.VerifyTOTPSetup), }, { AccessToken: tokens.accessToken.toString(), UserCode: code, FriendlyDeviceName: options?.friendlyDeviceName, }, ); }