@aws-amplify/auth
Version:
Auth category of aws-amplify
1 lines • 10.1 kB
Source Map (JSON)
{"version":3,"file":"signInWithRedirect.mjs","sources":["../../../../../src/providers/cognito/apis/signInWithRedirect.ts"],"sourcesContent":["// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nimport { Amplify } from '@aws-amplify/core';\nimport { AuthAction, assertOAuthConfig, assertTokenProviderConfig, isBrowser, urlSafeEncode, } from '@aws-amplify/core/internals/utils';\nimport '../utils/oauth/enableOAuthListener';\nimport { cognitoHostedUIIdentityProviderMap } from '../types/models';\nimport { openAuthSession as _openAuthSession, getAuthUserAgentValue, } from '../../../utils';\nimport { assertUserNotAuthenticated } from '../utils/signInHelpers';\nimport { completeOAuthFlow, generateCodeVerifier, generateState, getRedirectUrl, handleFailure, oAuthStore, } from '../utils/oauth';\nimport { createOAuthError } from '../utils/oauth/createOAuthError';\nimport { listenForOAuthFlowCancellation } from '../utils/oauth/cancelOAuthFlow';\n/**\n * Signs in a user with OAuth. Redirects the application to an Identity Provider.\n *\n * @param input - The SignInWithRedirectInput object, if empty it will redirect to Cognito HostedUI\n *\n * @throws AuthTokenConfigException - Thrown when the user pool config is invalid.\n * @throws OAuthNotConfigureException - Thrown when the oauth config is invalid.\n */\nexport async function signInWithRedirect(input) {\n const authConfig = Amplify.getConfig().Auth?.Cognito;\n assertTokenProviderConfig(authConfig);\n assertOAuthConfig(authConfig);\n oAuthStore.setAuthConfig(authConfig);\n if (!input?.options?.prompt) {\n await assertUserNotAuthenticated();\n }\n let provider = 'COGNITO'; // Default\n let idpIdentifier;\n if (typeof input?.provider === 'string') {\n provider = cognitoHostedUIIdentityProviderMap[input.provider];\n }\n else if (input?.provider?.custom) {\n provider = input.provider.custom;\n }\n else if (input?.provider?.idpIdentifier) {\n ({ idpIdentifier } = input.provider);\n }\n return oauthSignIn({\n oauthConfig: authConfig.loginWith.oauth,\n clientId: authConfig.userPoolClientId,\n provider,\n idpIdentifier,\n customState: input?.customState,\n preferPrivateSession: input?.options?.preferPrivateSession,\n options: {\n loginHint: input?.options?.loginHint,\n lang: input?.options?.lang,\n nonce: input?.options?.nonce,\n prompt: input?.options?.prompt,\n },\n authSessionOpener: input?.options?.authSessionOpener,\n });\n}\nconst oauthSignIn = async ({ oauthConfig, provider, idpIdentifier, clientId, customState, preferPrivateSession, options, authSessionOpener, }) => {\n const { domain, redirectSignIn, responseType, scopes } = oauthConfig;\n const { loginHint, lang, nonce, prompt } = options ?? {};\n const randomState = generateState();\n const openAuthSession = authSessionOpener || _openAuthSession;\n /* encodeURIComponent is not URL safe, use urlSafeEncode instead. Cognito\n single-encodes/decodes url on first sign in and double-encodes/decodes url\n when user already signed in. Using encodeURIComponent, Base32, Base64 add\n characters % or = which on further encoding becomes unsafe. '=' create issue\n for parsing query params.\n Refer: https://github.com/aws-amplify/amplify-js/issues/5218 */\n const state = customState\n ? `${randomState}-${urlSafeEncode(customState)}`\n : randomState;\n const { value, method, toCodeChallenge } = generateCodeVerifier(128);\n const redirectUri = getRedirectUrl(oauthConfig.redirectSignIn);\n if (isBrowser())\n oAuthStore.storeOAuthInFlight(true);\n oAuthStore.storeOAuthState(state);\n oAuthStore.storePKCE(value);\n const params = new URLSearchParams();\n params.append('redirect_uri', redirectUri);\n params.append('response_type', responseType);\n params.append('client_id', clientId);\n // Add either identity_provider or idp_identifier, but not both\n if (idpIdentifier) {\n params.append('idp_identifier', idpIdentifier);\n }\n else {\n params.append('identity_provider', provider);\n }\n params.append('scope', scopes.join(' '));\n loginHint && params.append('login_hint', loginHint);\n lang && params.append('lang', lang);\n nonce && params.append('nonce', nonce);\n prompt && params.append('prompt', prompt.toLowerCase());\n params.append('state', state);\n if (responseType === 'code') {\n params.append('code_challenge', toCodeChallenge());\n params.append('code_challenge_method', method);\n }\n // Using URL object is not supported in React Native as the `search` property is read-only\n // See: https://github.com/facebook/react-native/blob/main/packages/react-native/Libraries/Blob/URL.js\n const oAuthUrl = `https://${domain}/oauth2/authorize?${params.toString()}`;\n // this will only take effect in the following scenarios:\n // 1. the user cancels the OAuth flow on web via back button, and\n // 2. when bfcache is enabled\n listenForOAuthFlowCancellation(oAuthStore);\n // the following is effective only in react-native as openAuthSession resolves only in react-native\n const { type, error, url } = (await openAuthSession(oAuthUrl, redirectSignIn, preferPrivateSession)) ??\n {};\n try {\n if (type === 'error') {\n throw createOAuthError(String(error));\n }\n if (type === 'canceled') {\n throw createOAuthError(String(type));\n }\n if (type === 'success' && url) {\n await completeOAuthFlow({\n currentUrl: url,\n clientId,\n domain,\n redirectUri,\n responseType,\n userAgentValue: getAuthUserAgentValue(AuthAction.SignInWithRedirect),\n preferPrivateSession,\n });\n }\n }\n catch (err) {\n await handleFailure(err);\n // rethrow the error so it can be caught by `await signInWithRedirect()` in react-native\n throw err;\n }\n};\n"],"names":["openAuthSession","_openAuthSession"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AACA;AAUA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAe,kBAAkB,CAAC,KAAK,EAAE;AAChD,IAAI,MAAM,UAAU,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,OAAO;AACxD,IAAI,yBAAyB,CAAC,UAAU,CAAC;AACzC,IAAI,iBAAiB,CAAC,UAAU,CAAC;AACjC,IAAI,UAAU,CAAC,aAAa,CAAC,UAAU,CAAC;AACxC,IAAI,IAAI,CAAC,KAAK,EAAE,OAAO,EAAE,MAAM,EAAE;AACjC,QAAQ,MAAM,0BAA0B,EAAE;AAC1C,IAAI;AACJ,IAAI,IAAI,QAAQ,GAAG,SAAS,CAAC;AAC7B,IAAI,IAAI,aAAa;AACrB,IAAI,IAAI,OAAO,KAAK,EAAE,QAAQ,KAAK,QAAQ,EAAE;AAC7C,QAAQ,QAAQ,GAAG,kCAAkC,CAAC,KAAK,CAAC,QAAQ,CAAC;AACrE,IAAI;AACJ,SAAS,IAAI,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE;AACtC,QAAQ,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM;AACxC,IAAI;AACJ,SAAS,IAAI,KAAK,EAAE,QAAQ,EAAE,aAAa,EAAE;AAC7C,QAAQ,CAAC,EAAE,aAAa,EAAE,GAAG,KAAK,CAAC,QAAQ;AAC3C,IAAI;AACJ,IAAI,OAAO,WAAW,CAAC;AACvB,QAAQ,WAAW,EAAE,UAAU,CAAC,SAAS,CAAC,KAAK;AAC/C,QAAQ,QAAQ,EAAE,UAAU,CAAC,gBAAgB;AAC7C,QAAQ,QAAQ;AAChB,QAAQ,aAAa;AACrB,QAAQ,WAAW,EAAE,KAAK,EAAE,WAAW;AACvC,QAAQ,oBAAoB,EAAE,KAAK,EAAE,OAAO,EAAE,oBAAoB;AAClE,QAAQ,OAAO,EAAE;AACjB,YAAY,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,SAAS;AAChD,YAAY,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI;AACtC,YAAY,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK;AACxC,YAAY,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM;AAC1C,SAAS;AACT,QAAQ,iBAAiB,EAAE,KAAK,EAAE,OAAO,EAAE,iBAAiB;AAC5D,KAAK,CAAC;AACN;AACA,MAAM,WAAW,GAAG,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,WAAW,EAAE,oBAAoB,EAAE,OAAO,EAAE,iBAAiB,GAAG,KAAK;AAClJ,IAAI,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,EAAE,GAAG,WAAW;AACxE,IAAI,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,IAAI,EAAE;AAC5D,IAAI,MAAM,WAAW,GAAG,aAAa,EAAE;AACvC,IAAI,MAAMA,iBAAe,GAAG,iBAAiB,IAAIC,eAAgB;AACjE;AACA;AACA;AACA;AACA;AACA;AACA,IAAI,MAAM,KAAK,GAAG;AAClB,UAAU,CAAC,EAAE,WAAW,CAAC,CAAC,EAAE,aAAa,CAAC,WAAW,CAAC,CAAC;AACvD,UAAU,WAAW;AACrB,IAAI,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,eAAe,EAAE,GAAG,oBAAoB,CAAC,GAAG,CAAC;AACxE,IAAI,MAAM,WAAW,GAAG,cAAc,CAAC,WAAW,CAAC,cAAc,CAAC;AAClE,IAAI,IAAI,SAAS,EAAE;AACnB,QAAQ,UAAU,CAAC,kBAAkB,CAAC,IAAI,CAAC;AAC3C,IAAI,UAAU,CAAC,eAAe,CAAC,KAAK,CAAC;AACrC,IAAI,UAAU,CAAC,SAAS,CAAC,KAAK,CAAC;AAC/B,IAAI,MAAM,MAAM,GAAG,IAAI,eAAe,EAAE;AACxC,IAAI,MAAM,CAAC,MAAM,CAAC,cAAc,EAAE,WAAW,CAAC;AAC9C,IAAI,MAAM,CAAC,MAAM,CAAC,eAAe,EAAE,YAAY,CAAC;AAChD,IAAI,MAAM,CAAC,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC;AACxC;AACA,IAAI,IAAI,aAAa,EAAE;AACvB,QAAQ,MAAM,CAAC,MAAM,CAAC,gBAAgB,EAAE,aAAa,CAAC;AACtD,IAAI;AACJ,SAAS;AACT,QAAQ,MAAM,CAAC,MAAM,CAAC,mBAAmB,EAAE,QAAQ,CAAC;AACpD,IAAI;AACJ,IAAI,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC5C,IAAI,SAAS,IAAI,MAAM,CAAC,MAAM,CAAC,YAAY,EAAE,SAAS,CAAC;AACvD,IAAI,IAAI,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC;AACvC,IAAI,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC;AAC1C,IAAI,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,WAAW,EAAE,CAAC;AAC3D,IAAI,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC;AACjC,IAAI,IAAI,YAAY,KAAK,MAAM,EAAE;AACjC,QAAQ,MAAM,CAAC,MAAM,CAAC,gBAAgB,EAAE,eAAe,EAAE,CAAC;AAC1D,QAAQ,MAAM,CAAC,MAAM,CAAC,uBAAuB,EAAE,MAAM,CAAC;AACtD,IAAI;AACJ;AACA;AACA,IAAI,MAAM,QAAQ,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,kBAAkB,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;AAC9E;AACA;AACA;AACA,IAAI,8BAA8B,CAAC,UAAU,CAAC;AAC9C;AACA,IAAI,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,MAAMD,iBAAe,CAAC,QAAQ,EAAE,cAAc,EAAE,oBAAoB,CAAC;AACvG,QAAQ,EAAE;AACV,IAAI,IAAI;AACR,QAAQ,IAAI,IAAI,KAAK,OAAO,EAAE;AAC9B,YAAY,MAAM,gBAAgB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACjD,QAAQ;AACR,QAAQ,IAAI,IAAI,KAAK,UAAU,EAAE;AACjC,YAAY,MAAM,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AAChD,QAAQ;AACR,QAAQ,IAAI,IAAI,KAAK,SAAS,IAAI,GAAG,EAAE;AACvC,YAAY,MAAM,iBAAiB,CAAC;AACpC,gBAAgB,UAAU,EAAE,GAAG;AAC/B,gBAAgB,QAAQ;AACxB,gBAAgB,MAAM;AACtB,gBAAgB,WAAW;AAC3B,gBAAgB,YAAY;AAC5B,gBAAgB,cAAc,EAAE,qBAAqB,CAAC,UAAU,CAAC,kBAAkB,CAAC;AACpF,gBAAgB,oBAAoB;AACpC,aAAa,CAAC;AACd,QAAQ;AACR,IAAI;AACJ,IAAI,OAAO,GAAG,EAAE;AAChB,QAAQ,MAAM,aAAa,CAAC,GAAG,CAAC;AAChC;AACA,QAAQ,MAAM,GAAG;AACjB,IAAI;AACJ,CAAC;;;;"}