@aws-amplify/ui 5.8.1 → 6.0.1

package/dist/esm/machines/authenticator/actors/verifyUserAttributes.mjs

@@ -0,0 +1,106 @@
+import { createMachine, sendUpdate } from 'xstate';
+import { sendUserAttributeVerificationCode, confirmUserAttribute } from 'aws-amplify/auth';
+import { runValidators } from '../../../validators/index.mjs';
+import ACTIONS from '../actions.mjs';
+import { defaultServices } from '../defaultServices.mjs';
+
+function verifyUserAttributesActor() {
+    return createMachine({
+        id: 'verifyUserAttributesActor',
+        initial: 'selectUserAttributes',
+        predictableActionArguments: true,
+        states: {
+            selectUserAttributes: {
+                initial: 'edit',
+                exit: ['clearError', 'clearTouched', 'sendUpdate'],
+                states: {
+                    edit: {
+                        entry: 'sendUpdate',
+                        on: {
+                            SUBMIT: { actions: 'handleSubmit', target: 'submit' },
+                            SKIP: { target: '#verifyUserAttributesActor.resolved' },
+                            CHANGE: { actions: 'handleInput' },
+                        },
+                    },
+                    submit: {
+                        tags: 'pending',
+                        entry: ['clearError', 'sendUpdate'],
+                        invoke: {
+                            src: 'sendUserAttributeVerificationCode',
+                            onDone: {
+                                actions: [
+                                    'setSelectedUserAttribute',
+                                    'setCodeDeliveryDetails',
+                                ],
+                                target: '#verifyUserAttributesActor.confirmVerifyUserAttribute',
+                            },
+                            onError: {
+                                actions: 'setRemoteError',
+                                target: 'edit',
+                            },
+                        },
+                    },
+                },
+            },
+            confirmVerifyUserAttribute: {
+                initial: 'edit',
+                exit: ['clearError', 'clearFormValues', 'clearTouched'],
+                states: {
+                    edit: {
+                        entry: 'sendUpdate',
+                        on: {
+                            SUBMIT: { actions: 'handleSubmit', target: 'submit' },
+                            SKIP: '#verifyUserAttributesActor.resolved',
+                            CHANGE: { actions: 'handleInput' },
+                        },
+                    },
+                    submit: {
+                        tags: 'pending',
+                        entry: ['clearError', 'sendUpdate'],
+                        invoke: {
+                            src: 'confirmVerifyUserAttribute',
+                            onDone: {
+                                actions: [
+                                    'setConfirmAttributeCompleteStep',
+                                    'clearSelectedUserAttribute',
+                                ],
+                                target: '#verifyUserAttributesActor.resolved',
+                            },
+                            onError: {
+                                actions: 'setRemoteError',
+                                target: 'edit',
+                            },
+                        },
+                    },
+                },
+            },
+            resolved: { type: 'final', data: ({ step }) => ({ step }) },
+        },
+    }, {
+        // sendUpdate is a HOC
+        actions: { ...ACTIONS, sendUpdate: sendUpdate() },
+        services: {
+            sendUserAttributeVerificationCode({ formValues: { unverifiedAttr } }) {
+                const input = {
+                    userAttributeKey: unverifiedAttr,
+                };
+                return sendUserAttributeVerificationCode(input);
+            },
+            async confirmVerifyUserAttribute({ formValues: { confirmation_code: confirmationCode }, selectedUserAttribute, }) {
+                const input = {
+                    confirmationCode,
+                    userAttributeKey: selectedUserAttribute,
+                };
+                return confirmUserAttribute(input);
+            },
+            async validateFields(context) {
+                return runValidators(context.formValues, context.touched, context.passwordSettings, [
+                    defaultServices.validateFormPassword,
+                    defaultServices.validateConfirmPassword,
+                ]);
+            },
+        },
+    });
+}
+
+export { verifyUserAttributesActor };

package/dist/esm/machines/authenticator/defaultServices.mjs

@@ -1 +1,102 @@
-import{__awaiter as r}from"tslib";import{Amplify as t,Auth as s}from"aws-amplify";import"../../types/authenticator/user.mjs";import"../../types/authenticator/attributes.mjs";import"../../types/primitives/componentClassName.mjs";import"../../i18n/translations.mjs";import{hasSpecialChars as n}from"../../helpers/authenticator/utils.mjs";import"../../helpers/accountSettings/utils.mjs";const o={getAmplifyConfig(){return r(this,void 0,void 0,(function*(){return t.configure()}))},getCurrentUser(){return r(this,void 0,void 0,(function*(){return s.currentAuthenticatedUser()}))},handleSignUp(t){return r(this,void 0,void 0,(function*(){return s.signUp(Object.assign(Object.assign({},t),{autoSignIn:{enabled:!0}}))}))},handleSignIn({username:t,password:n}){return r(this,void 0,void 0,(function*(){return s.signIn(t,n)}))},handleConfirmSignIn({user:t,code:n,mfaType:o}){return r(this,void 0,void 0,(function*(){return s.confirmSignIn(t,n,o)}))},handleConfirmSignUp({username:t,code:n}){return r(this,void 0,void 0,(function*(){return yield s.confirmSignUp(t,n)}))},handleForgotPasswordSubmit({username:t,code:n,password:o}){return r(this,void 0,void 0,(function*(){return s.forgotPasswordSubmit(t,n,o)}))},handleForgotPassword(t){return r(this,void 0,void 0,(function*(){return s.forgotPassword(t)}))},validateCustomSignUp(t,s){return r(this,void 0,void 0,(function*(){}))},validateFormPassword(t,s,o){return r(this,void 0,void 0,(function*(){const{password:r}=t,{password:e}=s;if(!e||!o)return null;const i=[],a=+(null==o?void 0:o.passwordPolicyMinLength);r.length<a&&i.push(`Password must have at least ${a} characters`);const u=null==o?void 0:o.passwordPolicyCharacters;return null==u||u.forEach((t=>{switch(t){case"REQUIRES_LOWERCASE":/[a-z]/.test(r)||i.push("Password must have lower case letters");break;case"REQUIRES_UPPERCASE":/[A-Z]/.test(r)||i.push("Password must have upper case letters");break;case"REQUIRES_NUMBERS":/[0-9]/.test(r)||i.push("Password must have numbers");break;case"REQUIRES_SYMBOLS":n(r)||i.push("Password must have special characters")}})),0!==i.length?{password:i}:null}))},validateConfirmPassword(t,s){return r(this,void 0,void 0,(function*(){const{password:r,confirm_password:n}=t,{confirm_password:o,password:e}=s;return r||n?(r||n)&&r!==n&&(o&&e||(null==r?void 0:r.length)>=6&&(null==n?void 0:n.length)>=6)?{confirm_password:"Your passwords must match"}:void 0:null}))},validatePreferredUsername(t,s){return r(this,void 0,void 0,(function*(){}))}};export{o as defaultServices};
+import { Amplify } from 'aws-amplify';
+import { getCurrentUser, signIn, signUp, confirmSignIn, confirmSignUp, confirmResetPassword, resetPassword } from 'aws-amplify/auth';
+import 'aws-amplify/utils';
+import '@aws-amplify/core/internals/utils';
+import '../../utils/setUserAgent/constants.mjs';
+import '../../types/authenticator/user.mjs';
+import '../../types/authenticator/attributes.mjs';
+import { hasSpecialChars } from '../../helpers/authenticator/utils.mjs';
+import '../../helpers/accountSettings/utils.mjs';
+
+// Cognito does not allow a password length less then 8 characters
+const DEFAULT_COGNITO_PASSWORD_MIN_LENGTH = 8;
+const defaultServices = {
+    async getAmplifyConfig() {
+        const result = Amplify.getConfig();
+        const cliConfig = result.Auth?.Cognito;
+        const { loginWith, userAttributes } = result.Auth?.Cognito ?? {};
+        const parsedLoginMechanisms = loginWith
+            ? Object.entries(loginWith)
+                .filter(([key, _value]) => key !== 'oauth')
+                .filter(([_key, value]) => !!value)
+                .map((keyValueArray) => {
+                return keyValueArray[0] === 'phone' // the key for phone_number is phone in getConfig but everywhere else we treat is as phone_number
+                    ? 'phone_number'
+                    : keyValueArray[0];
+            })
+            : undefined;
+        const parsedSignupAttributes = userAttributes
+            ? Object.entries(userAttributes).map(([_key, value]) => Object.keys(value)[0])
+            : undefined;
+        const parsedSocialProviders = loginWith?.oauth?.providers
+            ? loginWith.oauth.providers?.map((provider) => provider.toString().toLowerCase())
+            : undefined;
+        return {
+            ...cliConfig,
+            loginMechanisms: parsedLoginMechanisms,
+            signUpAttributes: parsedSignupAttributes,
+            socialProviders: parsedSocialProviders,
+        };
+    },
+    getCurrentUser,
+    handleSignIn: signIn,
+    handleSignUp: signUp,
+    handleConfirmSignIn: confirmSignIn,
+    handleConfirmSignUp: confirmSignUp,
+    handleForgotPasswordSubmit: confirmResetPassword,
+    handleForgotPassword: resetPassword,
+    // Validation hooks for overriding
+    async validateCustomSignUp(formData, touchData) { },
+    async validateFormPassword(formData, touchData, passwordSettings) {
+        const { password } = formData;
+        const { password: touched_password } = touchData;
+        /**
+         * If the password is not touched,
+         * or if the password settings are not set, we don't need to validate it.
+         */
+        if (!touched_password || !passwordSettings)
+            return null;
+        const password_complexity = [];
+        const policyMinLength = passwordSettings.minLength ?? DEFAULT_COGNITO_PASSWORD_MIN_LENGTH;
+        if (password.length < policyMinLength) {
+            password_complexity.push(`Password must have at least ${policyMinLength} characters`);
+        }
+        if (passwordSettings.requireLowercase && !/[a-z]/.test(password))
+            password_complexity.push('Password must have lower case letters');
+        if (passwordSettings.requireUppercase && !/[A-Z]/.test(password))
+            password_complexity.push('Password must have upper case letters');
+        if (passwordSettings.requireNumbers && !/[0-9]/.test(password))
+            password_complexity.push('Password must have numbers');
+        // https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-policies.html
+        if (passwordSettings.requireSpecialCharacters && !hasSpecialChars(password))
+            password_complexity.push('Password must have special characters');
+        /**
+         * Only return an error if there is at least one error.
+         */
+        return password_complexity.length !== 0
+            ? { password: password_complexity }
+            : null;
+    },
+    async validateConfirmPassword(formData, touchData) {
+        const { password, confirm_password } = formData;
+        const { confirm_password: touched_confirm_password, password: touched_password, } = touchData;
+        if (!password && !confirm_password) {
+            // these inputs are clean, don't complain yet
+            return null;
+        }
+        else if ((password || confirm_password) &&
+            password !== confirm_password &&
+            ((touched_confirm_password && touched_password) ||
+                (password?.length >= 6 && confirm_password?.length >= 6))) {
+            // Only return an error if both fields have text entered,
+            // the passwords do not match, and the fields have been
+            // touched or the password and confirm password is longer then or equal to 6.
+            return {
+                confirm_password: 'Your passwords must match',
+            };
+        }
+    },
+    async validatePreferredUsername(formData, touchData) { },
+};
+
+export { defaultServices };

package/dist/esm/machines/authenticator/guards.mjs

@@ -0,0 +1,70 @@
+const SIGN_IN_STEP_MFA_CONFIRMATION = [
+    'CONFIRM_SIGN_IN_WITH_SMS_CODE',
+    'CONFIRM_SIGN_IN_WITH_TOTP_CODE',
+];
+// response next step guards
+const shouldConfirmSignInWithNewPassword = (_, { data }) => data?.nextStep.signInStep ===
+    'CONFIRM_SIGN_IN_WITH_NEW_PASSWORD_REQUIRED';
+const shouldResetPasswordFromSignIn = (_, { data }) => data?.nextStep?.signInStep === 'RESET_PASSWORD';
+const shouldConfirmSignUpFromSignIn = (_, { data }) => data?.nextStep.signInStep === 'CONFIRM_SIGN_UP';
+const shouldAutoSignIn = (_, { data }) => data?.nextStep.signUpStep === 'COMPLETE_AUTO_SIGN_IN';
+const hasCompletedSignIn = (_, { data }) => data?.nextStep.signInStep === 'DONE';
+const hasCompletedSignUp = (_, { data }) => data?.nextStep.signUpStep === 'DONE';
+const hasCompletedResetPassword = (_, { data }) => data?.nextStep.resetPasswordStep === 'DONE';
+// actor done guards read `step` from actor exit event
+const hasCompletedAttributeConfirmation = (_, { data }) => data?.step === 'CONFIRM_ATTRIBUTE_COMPLETE';
+const isConfirmUserAttributeStep = (_, { data }) => data?.step === 'CONFIRM_ATTRIBUTE_WITH_CODE';
+const isShouldConfirmUserAttributeStep = (_, { data }) => data?.step === 'SHOULD_CONFIRM_USER_ATTRIBUTE';
+const isResetPasswordStep = (_, { data }) => data?.step === 'RESET_PASSWORD';
+const isConfirmSignUpStep = (_, { data }) => data?.step === 'CONFIRM_SIGN_UP';
+// actor entry guards read `step` from actor context
+const shouldConfirmSignIn = ({ step }) => SIGN_IN_STEP_MFA_CONFIRMATION.includes(step);
+const shouldSetupTotp = ({ step }) => step === 'CONTINUE_SIGN_IN_WITH_TOTP_SETUP';
+const shouldResetPassword = ({ step }) => step === 'RESET_PASSWORD';
+const shouldConfirmResetPassword = ({ step }) => step === 'CONFIRM_RESET_PASSWORD_WITH_CODE';
+const shouldConfirmSignUp = ({ step }) => step === 'CONFIRM_SIGN_UP';
+// miscellaneous guards
+const shouldVerifyAttribute = (_, { data }) => {
+    const { phone_number_verified, email_verified } = data;
+    // email/phone_verified is returned as a string
+    const emailNotVerified = email_verified === undefined || email_verified === 'false';
+    const phoneNotVerified = phone_number_verified === undefined || phone_number_verified === 'false';
+    // only request verification if both email and phone are not verified
+    return emailNotVerified && phoneNotVerified;
+};
+/**
+ * This guard covers an edge case that exists in the current state of the UI.
+ * As of now, our ConfirmSignUp screen only supports showing an input for a
+ * confirmation code. However, a Cognito UserPool can instead verify users
+ * through a link that gets emailed to them. If a user verifies through the
+ * link and then they click on the "Resend Code" button, they will get an error
+ * saying that the user has already been confirmed. If we encounter that error,
+ * we want to just funnel them through the rest of the flow. In the future, we will
+ * want to update our UI to support both confirmation codes and links.
+ *
+ * https://github.com/aws-amplify/amplify-ui/issues/219
+ */
+const isUserAlreadyConfirmed = (_, { data }) => data.message === 'User is already confirmed.';
+const GUARDS = {
+    hasCompletedAttributeConfirmation,
+    hasCompletedResetPassword,
+    hasCompletedSignIn,
+    hasCompletedSignUp,
+    isConfirmSignUpStep,
+    isConfirmUserAttributeStep,
+    isResetPasswordStep,
+    isShouldConfirmUserAttributeStep,
+    isUserAlreadyConfirmed,
+    shouldAutoSignIn,
+    shouldConfirmResetPassword,
+    shouldConfirmSignIn,
+    shouldConfirmSignInWithNewPassword,
+    shouldConfirmSignUp,
+    shouldConfirmSignUpFromSignIn,
+    shouldResetPassword,
+    shouldResetPasswordFromSignIn,
+    shouldSetupTotp,
+    shouldVerifyAttribute,
+};
+
+export { GUARDS as default };

package/dist/esm/machines/authenticator/index.mjs

@@ -1 +1,368 @@
-import{__rest as t}from"tslib";import{createMachine as o,forwardTo as i,assign as n,spawn as e,actions as r}from"xstate";import{stopActor as s}from"./actions.mjs";import{signInActor as a}from"./actors/signIn.mjs";import{signOutActor as c}from"./actors/signOut.mjs";import{resetPasswordActor as d}from"./actors/resetPassword.mjs";import{defaultServices as u}from"./defaultServices.mjs";import{createSignUpMachine as l}from"./signUp.mjs";const{choose:g}=r;function v(){return o({id:"authenticator",initial:"idle",context:{user:void 0,config:{},services:u,actorRef:void 0,hasSetup:!1},predictableActionArguments:!0,states:{idle:{invoke:{src:"getCurrentUser",onDone:{actions:"setUser",target:"authenticated"},onError:{target:"setup"}}},setup:{initial:"waitConfig",states:{waitConfig:{on:{INIT:{actions:["configure","setHasSetup"],target:"applyConfig"}}},applyConfig:{invoke:{src:"getAmplifyConfig",onDone:{actions:"applyAmplifyConfig",target:"goToInitialState"}}},goToInitialState:{always:[{target:"#authenticator.signUp",cond:"isInitialStateSignUp"},{target:"#authenticator.resetPassword",cond:"isInitialStateResetPassword"},{target:"#authenticator.signIn"}]}}},signIn:{initial:"spawnActor",states:{spawnActor:{always:{actions:"spawnSignInActor",target:"runActor"}},runActor:{entry:"clearActorDoneData",exit:"stopSignInActor"}},on:{SIGN_UP:"signUp",RESET_PASSWORD:"resetPassword","done.invoke.signInActor":[{target:"signUp",actions:"setActorDoneData",cond:"shouldRedirectToSignUp"},{target:"resetPassword",actions:"setActorDoneData",cond:"shouldRedirectToResetPassword"},{target:"authenticated",actions:"setActorDoneData"}]}},signUp:{initial:"spawnActor",states:{spawnActor:{always:{actions:"spawnSignUpActor",target:"runActor"}},runActor:{entry:"clearActorDoneData",exit:"stopSignUpActor"},autoSignIn:{invoke:{src:"getCurrentUser",onDone:"#authenticator.authenticated",onError:"#authenticator.setup.goToInitialState"}}},on:{SIGN_IN:"signIn","done.invoke.signUpActor":{target:"#authenticator.signIn",actions:"setActorDoneData",cond:"shouldAutoSignIn"}}},resetPassword:{initial:"spawnActor",states:{spawnActor:{always:{actions:"spawnResetPasswordActor",target:"runActor"}},runActor:{entry:"clearActorDoneData",exit:"stopResetPasswordActor"}},on:{SIGN_IN:"signIn","done.invoke.resetPasswordActor":{target:"signIn",actions:"setActorDoneData"}}},signOut:{initial:"spawnActor",states:{spawnActor:{always:{actions:"spawnSignOutActor",target:"runActor"}},runActor:{entry:"clearActorDoneData",exit:["stopSignOutActor","clearUser"]}},on:{"done.invoke.signOutActor":[{target:"setup",cond:"shouldSetup"},{target:"setup.goToInitialState"}]}},authenticated:{initial:"idle",states:{idle:{on:{TOKEN_REFRESH:"refreshUser"}},refreshUser:{invoke:{src:"getCurrentUser",onDone:{actions:"setUser",target:"idle"},onError:{target:"#authenticator.signOut"}}}},on:{SIGN_OUT:"signOut"}}},on:{CHANGE:{actions:"forwardToActor"},BLUR:{actions:"forwardToActor"},SUBMIT:{actions:"forwardToActor"},FEDERATED_SIGN_IN:{actions:"forwardToActor"},AUTO_SIGN_IN:{actions:"forwardToActor"},RESEND:{actions:"forwardToActor"},SIGN_IN:{actions:"forwardToActor"},SKIP:{actions:"forwardToActor"}}},{actions:{forwardToActor:g([{cond:"hasActor",actions:i((t=>t.actorRef))}]),setUser:n({user:(t,o)=>o.data}),setActorDoneData:n({actorDoneData:(t,o)=>{var i,n;return{authAttributes:Object.assign({},null===(i=o.data)||void 0===i?void 0:i.authAttributes),intent:null===(n=o.data)||void 0===n?void 0:n.intent}},user:(t,o)=>{var i;return null===(i=o.data)||void 0===i?void 0:i.user}}),clearUser:n({user:void 0}),clearActorDoneData:n({actorDoneData:void 0}),applyAmplifyConfig:n({config(t,o){var i,n,e,r,s,a,c,d,u;const l=null!==(n=null===(i=o.data.aws_cognito_username_attributes)||void 0===i?void 0:i.map((t=>t.toLowerCase())))&&void 0!==n?n:[],g=null!==(r=null===(e=o.data.aws_cognito_verification_mechanisms)||void 0===e?void 0:e.map((t=>t.toLowerCase())))&&void 0!==r?r:[],v=null!==(a=null===(s=o.data.aws_cognito_signup_attributes)||void 0===s?void 0:s.map((t=>t.toLowerCase())))&&void 0!==a?a:[],A=null!==(d=null===(c=o.data.aws_cognito_social_providers)||void 0===c?void 0:c.map((t=>t.toLowerCase())))&&void 0!==d?d:[],f=o.data.aws_cognito_password_protection_settings||{};0===l.length&&l.push("username");const{loginMechanisms:w,signUpAttributes:S,socialProviders:m,initialState:h,formFields:D}=t.config;return{loginMechanisms:null!=w?w:l,formFields:null!==(u=p(D))&&void 0!==u?u:{},passwordSettings:f,signUpAttributes:null!=S?S:Array.from(new Set([...g,...v])),socialProviders:null!=m?m:A.sort(),initialState:h}}}),spawnSignInActor:n({actorRef:(t,o)=>{var i,n,r,s,c,d,u;const{services:l}=t,g=a({services:l}).withContext({authAttributes:null!==(n=null===(i=t.actorDoneData)||void 0===i?void 0:i.authAttributes)&&void 0!==n?n:{},user:t.user,intent:null===(r=t.actorDoneData)||void 0===r?void 0:r.intent,country_code:"+1",formValues:{},touched:{},validationError:{},passwordSettings:null===(s=t.config)||void 0===s?void 0:s.passwordSettings,loginMechanisms:null===(c=t.config)||void 0===c?void 0:c.loginMechanisms,socialProviders:null===(d=t.config)||void 0===d?void 0:d.socialProviders,formFields:null===(u=t.config)||void 0===u?void 0:u.formFields});return e(g,{name:"signInActor"})}}),spawnSignUpActor:n({actorRef:(t,o)=>{var i,n,r,s,a,c,d;const{services:u}=t,g=l({services:u}).withContext({authAttributes:null!==(n=null===(i=t.actorDoneData)||void 0===i?void 0:i.authAttributes)&&void 0!==n?n:{},country_code:"+1",intent:null===(r=t.actorDoneData)||void 0===r?void 0:r.intent,formValues:{},touched:{},validationError:{},loginMechanisms:null===(s=t.config)||void 0===s?void 0:s.loginMechanisms,socialProviders:null===(a=t.config)||void 0===a?void 0:a.socialProviders,formFields:null===(c=t.config)||void 0===c?void 0:c.formFields,passwordSettings:null===(d=t.config)||void 0===d?void 0:d.passwordSettings});return e(g,{name:"signUpActor"})}}),spawnResetPasswordActor:n({actorRef:(t,o)=>{var i,n,r,s,a;const{services:c}=t,u=d({services:c}).withContext({formValues:{},touched:{},intent:null===(i=t.actorDoneData)||void 0===i?void 0:i.intent,username:null===(r=null===(n=t.actorDoneData)||void 0===n?void 0:n.authAttributes)||void 0===r?void 0:r.username,formFields:null===(s=t.config)||void 0===s?void 0:s.formFields,validationError:{},passwordSettings:null===(a=t.config)||void 0===a?void 0:a.passwordSettings});return e(u,{name:"resetPasswordActor"})}}),spawnSignOutActor:n({actorRef:t=>{const o=c.withContext({user:t.user});return e(o,{name:"signOutActor"})}}),stopSignInActor:s("signInActor"),stopSignUpActor:s("signUpActor"),stopResetPasswordActor:s("resetPasswordActor"),stopSignOutActor:s("signOutActor"),configure:n(((o,i)=>{const n=i.data,{services:e}=n,r=t(n,["services"]);return{services:Object.assign(Object.assign({},u),e),config:r}})),setHasSetup:n({hasSetup:!0})},guards:{isInitialStateSignUp:t=>"signUp"===t.config.initialState,isInitialStateResetPassword:t=>"resetPassword"===t.config.initialState,shouldRedirectToSignUp:(t,o)=>{var i;return"confirmSignUp"===(null===(i=o.data)||void 0===i?void 0:i.intent)},shouldRedirectToResetPassword:(t,o)=>{var i;return"confirmPasswordReset"===(null===(i=o.data)||void 0===i?void 0:i.intent)},shouldAutoSignIn:(t,o)=>{var i,n;return"autoSignIn"===(null===(i=o.data)||void 0===i?void 0:i.intent)||"autoSignInSubmit"===(null===(n=o.data)||void 0===n?void 0:n.intent)},shouldSetup:t=>!1===t.hasSetup,hasActor:t=>!!t.actorRef},services:{getCurrentUser:(t,o)=>t.services.getCurrentUser(),getAmplifyConfig:(t,o)=>t.services.getAmplifyConfig()}})}function p(t){return t&&Object.keys(t).forEach((o=>{Object.keys(t[o]).forEach((i=>{let n=t[o][i];n.required=n.isRequired}))})),t}export{v as createAuthenticatorMachine};
+import { createMachine, forwardTo, assign, spawn, actions } from 'xstate';
+import '@aws-amplify/core/internals/utils';
+import '../../utils/setUserAgent/constants.mjs';
+import { isEmptyObject } from '../../utils/utils.mjs';
+import ACTIONS from './actions.mjs';
+import GUARDS from './guards.mjs';
+import { forgotPasswordActor } from './actors/forgotPassword.mjs';
+import { signInActor } from './actors/signIn.mjs';
+import { signUpActor } from './actors/signUp.mjs';
+import { signOutActor } from './actors/signOut.mjs';
+import { verifyUserAttributesActor } from './actors/verifyUserAttributes.mjs';
+import { defaultServices } from './defaultServices.mjs';
+
+const getActorContext = (context, defaultStep) => ({
+    ...context.actorDoneData,
+    step: context?.actorDoneData?.step ?? defaultStep,
+    // initialize empty objects on actor start
+    formValues: {},
+    touched: {},
+    validationError: {},
+    // values included on `context.config` that should be available in actors
+    formFields: context.config?.formFields,
+    loginMechanisms: context.config?.loginMechanisms,
+    passwordSettings: context.config?.passwordSettings,
+    signUpAttributes: context.config?.signUpAttributes,
+    socialProviders: context.config?.socialProviders,
+});
+const { choose, stop } = actions;
+const stopActor = (machineId) => stop(machineId);
+// setup step waits for ui to emit INIT action to proceed to configure
+const LEGACY_WAIT_CONFIG = {
+    on: {
+        INIT: {
+            actions: ['configure'],
+            target: 'getConfig',
+        },
+    },
+};
+// setup step proceeds directly to configure
+const NEXT_WAIT_CONFIG = {
+    always: { actions: ['configure'], target: 'getConfig' },
+};
+function createAuthenticatorMachine(options) {
+    const { useNextWaitConfig, ...overrideConfigServices } = options ?? {};
+    const initConfig = useNextWaitConfig ? NEXT_WAIT_CONFIG : LEGACY_WAIT_CONFIG;
+    return createMachine({
+        id: 'authenticator',
+        initial: 'idle',
+        context: {
+            user: undefined,
+            config: {},
+            services: defaultServices,
+            actorRef: undefined,
+            hasSetup: false,
+        },
+        predictableActionArguments: true,
+        states: {
+            // See: https://xstate.js.org/docs/guides/communication.html#invoking-promises
+            idle: {
+                invoke: {
+                    src: 'handleGetCurrentUser',
+                    onDone: { actions: 'setUser', target: 'authenticated' },
+                    onError: { target: 'setup' },
+                },
+            },
+            setup: {
+                initial: 'initConfig',
+                states: {
+                    initConfig,
+                    getConfig: {
+                        invoke: {
+                            src: 'getAmplifyConfig',
+                            onDone: {
+                                actions: ['applyAmplifyConfig', 'setHasSetup'],
+                                target: 'goToInitialState',
+                            },
+                        },
+                    },
+                    goToInitialState: {
+                        always: [
+                            {
+                                cond: 'isInitialStateSignUp',
+                                target: '#authenticator.signUpActor',
+                            },
+                            {
+                                cond: 'isInitialStateResetPassword',
+                                target: '#authenticator.forgotPasswordActor',
+                            },
+                            { target: '#authenticator.signInActor' },
+                        ],
+                    },
+                },
+            },
+            getCurrentUser: {
+                invoke: {
+                    src: 'handleGetCurrentUser',
+                    onDone: {
+                        actions: 'setUser',
+                        target: '#authenticator.authenticated',
+                    },
+                    onError: { target: '#authenticator.setup' },
+                },
+            },
+            signInActor: {
+                initial: 'spawnActor',
+                states: {
+                    spawnActor: {
+                        always: { actions: 'spawnSignInActor', target: 'runActor' },
+                    },
+                    runActor: {
+                        entry: 'clearActorDoneData',
+                        exit: stopActor('signInActor'),
+                    },
+                },
+                on: {
+                    FORGOT_PASSWORD: 'forgotPasswordActor',
+                    SIGN_IN: 'signInActor',
+                    SIGN_UP: 'signUpActor',
+                    'done.invoke.signInActor': [
+                        {
+                            cond: 'hasCompletedAttributeConfirmation',
+                            target: '#authenticator.getCurrentUser',
+                        },
+                        {
+                            cond: 'isShouldConfirmUserAttributeStep',
+                            actions: 'setActorDoneData',
+                            target: '#authenticator.verifyUserAttributesActor',
+                        },
+                        {
+                            cond: 'isResetPasswordStep',
+                            actions: 'setActorDoneData',
+                            target: '#authenticator.forgotPasswordActor',
+                        },
+                        {
+                            cond: 'isConfirmSignUpStep',
+                            actions: 'setActorDoneData',
+                            target: '#authenticator.signUpActor',
+                        },
+                    ],
+                },
+            },
+            signUpActor: {
+                initial: 'spawnActor',
+                states: {
+                    spawnActor: {
+                        always: { actions: 'spawnSignUpActor', target: 'runActor' },
+                    },
+                    runActor: {
+                        entry: 'clearActorDoneData',
+                        exit: stopActor('signUpActor'),
+                    },
+                },
+                on: {
+                    SIGN_IN: 'signInActor',
+                    'done.invoke.signUpActor': [
+                        {
+                            cond: 'hasCompletedAttributeConfirmation',
+                            target: '#authenticator.getCurrentUser',
+                        },
+                        {
+                            cond: 'isConfirmUserAttributeStep',
+                            target: '#authenticator.verifyUserAttributesActor',
+                        },
+                        {
+                            actions: 'setActorDoneData',
+                            target: '#authenticator.signInActor',
+                        },
+                    ],
+                },
+            },
+            forgotPasswordActor: {
+                initial: 'spawnActor',
+                states: {
+                    spawnActor: {
+                        always: {
+                            actions: 'spawnForgotPasswordActor',
+                            target: 'runActor',
+                        },
+                    },
+                    runActor: {
+                        entry: 'clearActorDoneData',
+                        exit: stopActor('forgotPasswordActor'),
+                    },
+                },
+                on: {
+                    SIGN_IN: 'signInActor',
+                    'done.invoke.forgotPasswordActor': [
+                        { target: '#authenticator.signInActor' },
+                    ],
+                },
+            },
+            verifyUserAttributesActor: {
+                initial: 'spawnActor',
+                states: {
+                    spawnActor: {
+                        always: {
+                            actions: 'spawnVerifyUserAttributesActor',
+                            target: 'runActor',
+                        },
+                    },
+                    runActor: {
+                        entry: 'clearActorDoneData',
+                        exit: stopActor('verifyUserAttributesActor'),
+                    },
+                },
+                on: {
+                    'done.invoke.verifyUserAttributesActor': [
+                        {
+                            actions: 'setActorDoneData',
+                            target: '#authenticator.getCurrentUser',
+                        },
+                    ],
+                },
+            },
+            authenticated: {
+                initial: 'idle',
+                states: {
+                    idle: { on: { TOKEN_REFRESH: 'refreshUser' } },
+                    refreshUser: {
+                        invoke: {
+                            src: '#authenticator.getCurrentUser',
+                            onDone: { actions: 'setUser', target: 'idle' },
+                            onError: { target: '#authenticator.signOut' },
+                        },
+                    },
+                },
+                on: { SIGN_OUT: 'signOut' },
+            },
+            signOut: {
+                initial: 'spawnActor',
+                states: {
+                    spawnActor: {
+                        always: {
+                            actions: 'spawnSignOutActor',
+                            target: 'runActor',
+                        },
+                    },
+                    runActor: {
+                        entry: 'clearActorDoneData',
+                        exit: stopActor('signOutActor'),
+                    },
+                },
+                on: {
+                    'done.invoke.signOutActor': {
+                        actions: 'clearUser',
+                        target: 'setup.getConfig',
+                    },
+                },
+            },
+        },
+        on: {
+            SIGN_IN_WITH_REDIRECT: { target: '#authenticator.getCurrentUser' },
+            CHANGE: { actions: 'forwardToActor' },
+            BLUR: { actions: 'forwardToActor' },
+            SUBMIT: { actions: 'forwardToActor' },
+            FEDERATED_SIGN_IN: { actions: 'forwardToActor' },
+            RESEND: { actions: 'forwardToActor' },
+            SIGN_IN: { actions: 'forwardToActor' },
+            SKIP: { actions: 'forwardToActor' },
+        },
+    }, {
+        actions: {
+            ...ACTIONS,
+            forwardToActor: choose([
+                { cond: 'hasActor', actions: forwardTo(({ actorRef }) => actorRef) },
+            ]),
+            setActorDoneData: assign({
+                actorDoneData: (context, event) => ({
+                    codeDeliveryDetails: event.data.codeDeliveryDetails,
+                    missingAttributes: event.data.missingAttributes,
+                    remoteError: event.data.remoteError,
+                    username: event.data.username,
+                    step: event.data.step,
+                    totpSecretCode: event.data.totpSecretCode,
+                    unverifiedUserAttributes: event.data.unverifiedUserAttributes,
+                }),
+            }),
+            applyAmplifyConfig: assign({
+                config(context, { data: cliConfig }) {
+                    // Prefer explicitly configured settings over default CLI values\
+                    const { loginMechanisms = cliConfig.loginMechanisms ?? [], signUpAttributes = cliConfig.signUpAttributes ?? [], socialProviders = cliConfig.socialProviders ?? [], initialState, formFields: _formFields, passwordSettings = cliConfig.passwordFormat ??
+                        {}, } = context.config;
+                    // By default, Cognito assumes `username`, so there isn't a different username attribute like `email`.
+                    // We explicitly add it as a login mechanism to be consistent with Admin UI's language.
+                    if (loginMechanisms.length === 0) {
+                        loginMechanisms.push('username');
+                    }
+                    const formFields = convertFormFields(_formFields) ?? {};
+                    return {
+                        formFields,
+                        initialState,
+                        loginMechanisms,
+                        passwordSettings,
+                        signUpAttributes,
+                        socialProviders,
+                    };
+                },
+            }),
+            spawnSignInActor: assign({
+                actorRef: (context, _) => {
+                    const { services } = context;
+                    const actor = signInActor({ services }).withContext(getActorContext(context, 'SIGN_IN'));
+                    return spawn(actor, { name: 'signInActor' });
+                },
+            }),
+            spawnSignUpActor: assign({
+                actorRef: (context, _) => {
+                    const { services } = context;
+                    const actor = signUpActor({ services }).withContext(getActorContext(context, 'SIGN_UP'));
+                    return spawn(actor, { name: 'signUpActor' });
+                },
+            }),
+            spawnForgotPasswordActor: assign({
+                actorRef: (context, _) => {
+                    const { services } = context;
+                    const actor = forgotPasswordActor({ services }).withContext(getActorContext(context, 'FORGOT_PASSWORD'));
+                    return spawn(actor, { name: 'forgotPasswordActor' });
+                },
+            }),
+            spawnVerifyUserAttributesActor: assign({
+                actorRef: (context) => {
+                    const actor = verifyUserAttributesActor().withContext(getActorContext(context));
+                    return spawn(actor, { name: 'verifyUserAttributesActor' });
+                },
+            }),
+            spawnSignOutActor: assign({
+                actorRef: (context) => {
+                    const actor = signOutActor().withContext({ user: context?.user });
+                    return spawn(actor, { name: 'signOutActor' });
+                },
+            }),
+            configure: assign((_, event) => {
+                const { services: customServices, ...config } = !isEmptyObject(overrideConfigServices)
+                    ? overrideConfigServices
+                    : event.data;
+                return {
+                    services: { ...defaultServices, ...customServices },
+                    config,
+                };
+            }),
+            setHasSetup: assign({ hasSetup: true }),
+        },
+        guards: {
+            ...GUARDS,
+            hasActor: ({ actorRef }) => !!actorRef,
+            isInitialStateSignUp: ({ config }) => config.initialState === 'signUp',
+            isInitialStateResetPassword: ({ config }) => config.initialState === 'forgotPassword',
+            shouldSetup: ({ hasSetup }) => !hasSetup,
+        },
+        services: {
+            getAmplifyConfig: ({ services }) => services.getAmplifyConfig(),
+            handleGetCurrentUser: ({ services }) => services.getCurrentUser(),
+        },
+    });
+}
+function convertFormFields(formFields) {
+    if (formFields) {
+        Object.keys(formFields).forEach((component) => {
+            Object.keys(formFields[component]).forEach((inputName) => {
+                let ff = formFields[component][inputName];
+                ff.required = ff.isRequired;
+            });
+        });
+    }
+    return formFields;
+}
+
+export { createAuthenticatorMachine };