@oneblink/apps-react 11.0.0-beta.1 → 11.0.0-beta.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/apps/auth-service.d.ts +3 -3
- package/dist/apps/auth-service.js +2 -2
- package/dist/apps/auth-service.js.map +1 -1
- package/dist/apps/index.d.ts +10 -0
- package/dist/apps/index.js +10 -0
- package/dist/apps/index.js.map +1 -1
- package/dist/apps/mfa-service.d.ts +29 -0
- package/dist/apps/mfa-service.js +30 -0
- package/dist/apps/mfa-service.js.map +1 -0
- package/dist/apps/services/AWSCognitoClient.d.ts +7 -6
- package/dist/apps/services/AWSCognitoClient.js +26 -33
- package/dist/apps/services/AWSCognitoClient.js.map +1 -1
- package/dist/apps/services/cognito.d.ts +5 -24
- package/dist/apps/services/cognito.js +3 -32
- package/dist/apps/services/cognito.js.map +1 -1
- package/dist/components/mfa/MfaAuthenticatorAppDialog.js +2 -2
- package/dist/components/mfa/MfaAuthenticatorAppDialog.js.map +1 -1
- package/dist/components/mfa/MfaMethodRow.d.ts +2 -1
- package/dist/components/mfa/MfaMethodRow.js +3 -3
- package/dist/components/mfa/MfaMethodRow.js.map +1 -1
- package/dist/components/mfa/MfaPhoneNumberDialog.js +10 -14
- package/dist/components/mfa/MfaPhoneNumberDialog.js.map +1 -1
- package/dist/components/mfa/MultiFactorAuthentication.d.ts +11 -10
- package/dist/components/mfa/MultiFactorAuthentication.js +20 -14
- package/dist/components/mfa/MultiFactorAuthentication.js.map +1 -1
- package/dist/hooks/useLogin.d.ts +2 -2
- package/dist/hooks/useLogin.js.map +1 -1
- package/dist/hooks/useMfa.d.ts +66 -31
- package/dist/hooks/useMfa.js +84 -61
- package/dist/hooks/useMfa.js.map +1 -1
- package/dist/index.d.ts +1 -0
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/utils/joinArray.d.ts +1 -0
- package/dist/utils/joinArray.js +7 -0
- package/dist/utils/joinArray.js.map +1 -0
- package/dist/utils/mfa-requirement.d.ts +12 -0
- package/dist/utils/mfa-requirement.js +100 -0
- package/dist/utils/mfa-requirement.js.map +1 -0
- package/package.json +1 -1
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
import { MiscTypes } from '@oneblink/types';
|
|
2
2
|
import { getIdToken, getFormsKeyId, setFormsKeyToken } from './services/forms-key';
|
|
3
|
-
import { registerAuthListener, isLoggedIn, loginHostedUI, loginUsernamePassword, changePassword, forgotPassword, handleAuthentication, logoutHostedUI, getUserProfile, getUserFriendlyName
|
|
3
|
+
import { registerAuthListener, isLoggedIn, loginHostedUI, loginUsernamePassword, changePassword, forgotPassword, handleAuthentication, logoutHostedUI, getUserProfile, getUserFriendlyName } from './services/cognito';
|
|
4
4
|
import { getUserToken, setUserToken } from './services/user-token';
|
|
5
|
-
export { registerAuthListener, loginHostedUI, loginUsernamePassword, handleAuthentication, logoutHostedUI, changePassword, forgotPassword, isLoggedIn, getIdToken, getUserProfile, getFormsKeyId, setFormsKeyToken, getUserToken, setUserToken, getUserFriendlyName,
|
|
6
|
-
export type { LoginAttemptResponse
|
|
5
|
+
export { registerAuthListener, loginHostedUI, loginUsernamePassword, handleAuthentication, logoutHostedUI, changePassword, forgotPassword, isLoggedIn, getIdToken, getUserProfile, getFormsKeyId, setFormsKeyToken, getUserToken, setUserToken, getUserFriendlyName, };
|
|
6
|
+
export type { LoginAttemptResponse } from './services/cognito';
|
|
7
7
|
/**
|
|
8
8
|
* Log the current user out and remove an data stored locally by the user e.g.
|
|
9
9
|
* drafts.
|
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
import OneBlinkAppsError from './services/errors/oneBlinkAppsError';
|
|
2
2
|
import { getIdToken, getFormsKeyId, setFormsKeyToken, } from './services/forms-key';
|
|
3
|
-
import { init as initCognito, registerAuthListener, isLoggedIn, loginHostedUI, loginUsernamePassword, changePassword, forgotPassword, handleAuthentication, logoutHostedUI, logout as logoutCognito, getUserProfile, getUsername, getUserFriendlyName,
|
|
3
|
+
import { init as initCognito, registerAuthListener, isLoggedIn, loginHostedUI, loginUsernamePassword, changePassword, forgotPassword, handleAuthentication, logoutHostedUI, logout as logoutCognito, getUserProfile, getUsername, getUserFriendlyName, } from './services/cognito';
|
|
4
4
|
import { getRequest, postRequest } from './services/fetch';
|
|
5
5
|
import tenants from './tenants';
|
|
6
6
|
import { getUserToken, setUserToken } from './services/user-token';
|
|
7
7
|
import utilsService from './services/utils';
|
|
8
|
-
export { registerAuthListener, loginHostedUI, loginUsernamePassword, handleAuthentication, logoutHostedUI, changePassword, forgotPassword, isLoggedIn, getIdToken, getUserProfile, getFormsKeyId, setFormsKeyToken, getUserToken, setUserToken, getUserFriendlyName,
|
|
8
|
+
export { registerAuthListener, loginHostedUI, loginUsernamePassword, handleAuthentication, logoutHostedUI, changePassword, forgotPassword, isLoggedIn, getIdToken, getUserProfile, getFormsKeyId, setFormsKeyToken, getUserToken, setUserToken, getUserFriendlyName, };
|
|
9
9
|
import Sentry from './Sentry';
|
|
10
10
|
/**
|
|
11
11
|
* Log the current user out and remove an data stored locally by the user e.g.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-service.js","sourceRoot":"","sources":["../../src/apps/auth-service.ts"],"names":[],"mappings":"AACA,OAAO,iBAAiB,MAAM,qCAAqC,CAAA;AACnE,OAAO,EACL,UAAU,EACV,aAAa,EACb,gBAAgB,GACjB,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EACL,IAAI,IAAI,WAAW,EACnB,oBAAoB,EACpB,UAAU,EACV,aAAa,EACb,qBAAqB,EACrB,cAAc,EACd,cAAc,EACd,oBAAoB,EACpB,cAAc,EACd,MAAM,IAAI,aAAa,EACvB,cAAc,EACd,WAAW,EACX,mBAAmB,EAKnB,iBAAiB,EACjB,cAAc,EACd,qBAAqB,EACrB,qBAAqB,EACrB,+BAA+B,EAC/B,qBAAqB,EACrB,gBAAgB,EAChB,qBAAqB,EACrB,wBAAwB,EACxB,WAAW,EACX,oCAAoC,EACpC,oBAAoB,GACrB,MAAM,oBAAoB,CAAA;AAC3B,OAAO,EAAE,UAAU,EAAE,WAAW,EAAa,MAAM,kBAAkB,CAAA;AACrE,OAAO,OAAO,MAAM,WAAW,CAAA;AAC/B,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAA;AAClE,OAAO,YAAY,MAAM,kBAAkB,CAAA;AAE3C,OAAO,EACL,oBAAoB,EACpB,aAAa,EACb,qBAAqB,EACrB,oBAAoB,EACpB,cAAc,EACd,cAAc,EACd,cAAc,EACd,UAAU,EACV,UAAU,EACV,cAAc,EACd,aAAa,EACb,gBAAgB,EAChB,YAAY,EACZ,YAAY,EACZ,mBAAmB,EACnB,iBAAiB,EACjB,cAAc,EACd,qBAAqB,EACrB,qBAAqB,EACrB,+BAA+B,EAC/B,qBAAqB,EACrB,gBAAgB,EAChB,qBAAqB,EACrB,wBAAwB,EACxB,WAAW,EACX,oCAAoC,EACpC,oBAAoB,GACrB,CAAA;AAOD,OAAO,MAAM,MAAM,UAAU,CAAA;AAE7B;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,MAAM;IAC1B,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAA;IAE7B,IAAI,CAAC;QACH,MAAM,YAAY,CAAC,WAAW,CAAC,KAAK,EAAE,CAAA;IACxC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAA;QAC9B,OAAO,CAAC,IAAI,CAAC,gDAAgD,EAAE,KAAK,CAAC,CAAA;IACvE,CAAC;IAED,MAAM,aAAa,EAAE,CAAA;AACvB,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,IAAI,CAAC,EAAE,aAAa,EAA6B;IAC/D,WAAW,CAAC;QACV,MAAM,EAAE,OAAO,CAAC,OAAO,CAAC,SAAS;QACjC,WAAW,EAAE,OAAO,CAAC,OAAO,CAAC,WAAW;QACxC,aAAa;QACb,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,WAAW;QACjD,SAAS,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,SAAS;KAC9C,CAAC,CAAA;IAEF,MAAM,QAAQ,GAAG,GAAG,EAAE;QACpB,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE,WAAW,EAAE,IAAI,SAAS,CAAC,CAAA;IACvD,CAAC,CAAA;IACD,QAAQ,EAAE,CAAA;IACV,oBAAoB,CAAC,QAAQ,CAAC,CAAA;AAChC,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,UAAkB,EAClB,WAAyB;IAEzB,OAAO,sBAAsB,CAAC,UAAU,EAAE,WAAW,CAAC;SACnD,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC;SAChB,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;QACf,IAAI,KAAK,CAAC,MAAM,IAAI,GAAG,IAAI,KAAK,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YAC9C,OAAO,KAAK,CAAA;QACd,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAA;YAC9B,OAAO,CAAC,GAAG,CACT,sEAAsE,EACtE,KAAK,CACN,CAAA;YACD,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC,CAAC,CAAA;AACN,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,UAAkB,EAClB,WAAyB;IASzB,IAAI,aAAa,EAAE,EAAE,CAAC;QACpB,OAAO;YACL,UAAU;YACV,MAAM,EAAE,EAAE;SACX,CAAA;IACH,CAAC;IAED,MAAM,WAAW,GAAG,cAAc,EAAE,CAAA;IAEpC,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,SAAS,eAAe,UAAU,oBAAoB,CAAA;IACrF,OAAO,MAAM,UAAU,CAIpB,GAAG,EAAE,WAAW,CAAC,CAAA;AACtB,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,UAAkB;IACpD,IAAI,CAAC,UAAU,EAAE,EAAE,CAAC;QAClB,MAAM,IAAI,iBAAiB,CACzB,6DAA6D,EAC7D;YACE,aAAa,EAAE,IAAI;SACpB,CACF,CAAA;IACH,CAAC;IAED,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,SAAS,eAAe,UAAU,iBAAiB,CAAA;QAClF,MAAM,WAAW,CAAC,GAAG,CAAC,CAAA;IACxB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAA;QAC9B,OAAO,CAAC,IAAI,CAAC,4CAA4C,EAAE,KAAK,CAAC,CAAA;QAEjE,MAAM,IAAI,iBAAiB,CACzB,oJAAoJ,EACpJ;YACE,aAAa,EAAE,KAAc;YAC7B,KAAK,EAAE,yBAAyB;YAChC,cAAc,EAAG,KAAmB,CAAC,MAAM;SAC5C,CACF,CAAA;IACH,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AAEH,MAAM,CAAC,KAAK,UAAU,MAAM,CAAC,EAC3B,UAAU,EACV,KAAK,EACL,SAAS,EACT,QAAQ,GAMT;IACC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,SAAS,eAAe,UAAU,UAAU,CAAA;QAC3E,OAAO,MAAM,WAAW,CAAC,GAAG,EAAE;YAC5B,KAAK;YACL,SAAS;YACT,QAAQ;SACT,CAAC,CAAA;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAA;QAC9B,OAAO,CAAC,IAAI,CAAC,0CAA0C,EAAE,KAAK,CAAC,CAAA;QAE/D,MAAM,IAAI,iBAAiB,CACzB,4IAA4I,EAC5I;YACE,aAAa,EAAE,KAAc;YAC7B,KAAK,EAAE,kBAAkB;YACzB,cAAc,EAAG,KAAmB,CAAC,MAAM;SAC5C,CACF,CAAA;IACH,CAAC;AACH,CAAC","sourcesContent":["import { MiscTypes } from '@oneblink/types'\nimport OneBlinkAppsError from './services/errors/oneBlinkAppsError'\nimport {\n getIdToken,\n getFormsKeyId,\n setFormsKeyToken,\n} from './services/forms-key'\nimport {\n init as initCognito,\n registerAuthListener,\n isLoggedIn,\n loginHostedUI,\n loginUsernamePassword,\n changePassword,\n forgotPassword,\n handleAuthentication,\n logoutHostedUI,\n logout as logoutCognito,\n getUserProfile,\n getUsername,\n getUserFriendlyName,\n LoginAttemptResponse,\n MfaMethod,\n MfaRequirementCheckResult,\n MfaSettings,\n checkIsMfaEnabled,\n getMfaSettings,\n updateUserPhoneNumber,\n removeUserPhoneNumber,\n sendPhoneNumberVerificationCode,\n verifyUserPhoneNumber,\n disableMfaMethod,\n setPreferredMfaMethod,\n setupMfaAuthenticatorApp,\n setupSmsMfa,\n generateMfaAuthenticatorAppQrCodeUrl,\n DEFAULT_MFA_SETTINGS,\n} from './services/cognito'\nimport { getRequest, postRequest, HTTPError } from './services/fetch'\nimport tenants from './tenants'\nimport { getUserToken, setUserToken } from './services/user-token'\nimport utilsService from './services/utils'\n\nexport {\n registerAuthListener,\n loginHostedUI,\n loginUsernamePassword,\n handleAuthentication,\n logoutHostedUI,\n changePassword,\n forgotPassword,\n isLoggedIn,\n getIdToken,\n getUserProfile,\n getFormsKeyId,\n setFormsKeyToken,\n getUserToken,\n setUserToken,\n getUserFriendlyName,\n checkIsMfaEnabled,\n getMfaSettings,\n updateUserPhoneNumber,\n removeUserPhoneNumber,\n sendPhoneNumberVerificationCode,\n verifyUserPhoneNumber,\n disableMfaMethod,\n setPreferredMfaMethod,\n setupMfaAuthenticatorApp,\n setupSmsMfa,\n generateMfaAuthenticatorAppQrCodeUrl,\n DEFAULT_MFA_SETTINGS,\n}\nexport type {\n LoginAttemptResponse,\n MfaMethod,\n MfaRequirementCheckResult,\n MfaSettings,\n}\nimport Sentry from './Sentry'\n\n/**\n * Log the current user out and remove an data stored locally by the user e.g.\n * drafts.\n *\n * #### Example\n *\n * ```js\n * await authService.logout()\n * ```\n */\nexport async function logout() {\n console.log('Logging out...')\n\n try {\n await utilsService.localForage.clear()\n } catch (error) {\n Sentry.captureException(error)\n console.warn('Could not clear localForage before logging out', error)\n }\n\n await logoutCognito()\n}\n\n/**\n * Initialize the service with required configuration. **This must be done\n * before using before some of the function in this service.**\n *\n * #### Example\n *\n * ```js\n * authService.init({\n * oAuthClientId: 'YOUR_OAUTH_CLIENT_ID',\n * })\n * ```\n *\n * @param options\n */\nexport function init({ oAuthClientId }: { oAuthClientId: string }) {\n initCognito({\n region: tenants.current.awsRegion,\n loginDomain: tenants.current.loginDomain,\n oAuthClientId,\n redirectUri: window.location.origin + '/callback',\n logoutUri: window.location.origin + '/logout',\n })\n\n const listener = () => {\n Sentry.setTag('username', getUsername() || undefined)\n }\n listener()\n registerAuthListener(listener)\n}\n\n/**\n * Determine if the current user is a OneBlink App User for a OneBlink Forms\n * App. Returns `false` if the current user is not logged in.\n *\n * #### Example\n *\n * ```js\n * const formsAppId = 1\n * const isAuthorised = await authService.isAuthorised(formsAppId)\n * if (!isAuthorised) {\n * // handle unauthorised user\n * }\n * ```\n *\n * @param formsAppId\n * @param abortSignal\n * @returns\n */\nexport async function isAuthorised(\n formsAppId: number,\n abortSignal?: AbortSignal,\n): Promise<boolean> {\n return getCurrentFormsAppUser(formsAppId, abortSignal)\n .then(() => true)\n .catch((error) => {\n if (error.status >= 400 && error.status < 500) {\n return false\n } else {\n Sentry.captureException(error)\n console.log(\n 'Could not determine if the current user has access to this forms app',\n error,\n )\n return false\n }\n })\n}\n\n/**\n * Get the current user's App User details for a OneBlink Forms App. Returns\n * `undefined` if the current user is not logged in.\n *\n * #### Example\n *\n * ```js\n * const formsAppId = 1\n * const formsAppUserDetails =\n * await authService.getCurrentFormsAppUser(formsAppId)\n * if (!formsAppUserDetails) {\n * // handle unauthorised user\n * }\n * ```\n *\n * @param formsAppId\n * @returns\n */\nexport async function getCurrentFormsAppUser(\n formsAppId: number,\n abortSignal?: AbortSignal,\n): Promise<\n | {\n userProfile?: MiscTypes.UserProfile\n formsAppId: number\n groups: string[]\n }\n | undefined\n> {\n if (getFormsKeyId()) {\n return {\n formsAppId,\n groups: [],\n }\n }\n\n const userProfile = getUserProfile()\n\n if (!userProfile) {\n return undefined\n }\n\n const url = `${tenants.current.apiOrigin}/forms-apps/${formsAppId}/my-forms-app-user`\n return await getRequest<{\n userProfile?: MiscTypes.UserProfile\n formsAppId: number\n groups: string[]\n }>(url, abortSignal)\n}\n\n/**\n * If the current user is not a Forms App User, this function will send a\n * request on behalf of the current user to the OneBlink Forms App\n * administrators to request access.\n *\n * #### Example\n *\n * ```js\n * const formsAppId = 1\n * await authService.requestAccess(formsAppId)\n * // Display a message to user indicating a request has been sent to the application administrators\n * ```\n *\n * @param formsAppId\n */\nexport async function requestAccess(formsAppId: number): Promise<void> {\n if (!isLoggedIn()) {\n throw new OneBlinkAppsError(\n 'You must login before requesting access to this application',\n {\n requiresLogin: true,\n },\n )\n }\n\n try {\n const url = `${tenants.current.apiOrigin}/forms-apps/${formsAppId}/request-access`\n await postRequest(url)\n } catch (error) {\n Sentry.captureException(error)\n console.warn('Error while requesting access to forms app', error)\n\n throw new OneBlinkAppsError(\n 'Sorry, we could not request access automatically right now, please try again. If the problem persists, please contact your administrator yourself.',\n {\n originalError: error as Error,\n title: 'Error Requesting Access',\n httpStatusCode: (error as HTTPError).status,\n },\n )\n }\n}\n\n/**\n * Allow a user to sign up to a forms app.\n *\n * #### Example\n *\n * ```js\n * await authService.signUp({\n * formsAppId: 1,\n * email: 'test@oneblink.io',\n * firstName: 'first',\n * lastName: 'last',\n * })\n * ```\n *\n * @param {formsAppId, email, generatePassword, firstName, lastName}\n * @returns\n */\n\nexport async function signUp({\n formsAppId,\n email,\n firstName,\n lastName,\n}: {\n formsAppId: number\n email: string\n firstName?: string\n lastName?: string\n}): Promise<void> {\n try {\n const url = `${tenants.current.apiOrigin}/forms-apps/${formsAppId}/sign-up`\n return await postRequest(url, {\n email,\n firstName,\n lastName,\n })\n } catch (error) {\n Sentry.captureException(error)\n console.warn('Error while calling sign-up to forms app', error)\n\n throw new OneBlinkAppsError(\n 'Sorry, we could not create you a account right now, please try again. If the problem persists, please contact your administrator yourself.',\n {\n originalError: error as Error,\n title: 'Error Signing up',\n httpStatusCode: (error as HTTPError).status,\n },\n )\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"auth-service.js","sourceRoot":"","sources":["../../src/apps/auth-service.ts"],"names":[],"mappings":"AACA,OAAO,iBAAiB,MAAM,qCAAqC,CAAA;AACnE,OAAO,EACL,UAAU,EACV,aAAa,EACb,gBAAgB,GACjB,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EACL,IAAI,IAAI,WAAW,EACnB,oBAAoB,EACpB,UAAU,EACV,aAAa,EACb,qBAAqB,EACrB,cAAc,EACd,cAAc,EACd,oBAAoB,EACpB,cAAc,EACd,MAAM,IAAI,aAAa,EACvB,cAAc,EACd,WAAW,EACX,mBAAmB,GACpB,MAAM,oBAAoB,CAAA;AAC3B,OAAO,EAAE,UAAU,EAAE,WAAW,EAAa,MAAM,kBAAkB,CAAA;AACrE,OAAO,OAAO,MAAM,WAAW,CAAA;AAC/B,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAA;AAClE,OAAO,YAAY,MAAM,kBAAkB,CAAA;AAE3C,OAAO,EACL,oBAAoB,EACpB,aAAa,EACb,qBAAqB,EACrB,oBAAoB,EACpB,cAAc,EACd,cAAc,EACd,cAAc,EACd,UAAU,EACV,UAAU,EACV,cAAc,EACd,aAAa,EACb,gBAAgB,EAChB,YAAY,EACZ,YAAY,EACZ,mBAAmB,GACpB,CAAA;AAED,OAAO,MAAM,MAAM,UAAU,CAAA;AAE7B;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,MAAM;IAC1B,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAA;IAE7B,IAAI,CAAC;QACH,MAAM,YAAY,CAAC,WAAW,CAAC,KAAK,EAAE,CAAA;IACxC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAA;QAC9B,OAAO,CAAC,IAAI,CAAC,gDAAgD,EAAE,KAAK,CAAC,CAAA;IACvE,CAAC;IAED,MAAM,aAAa,EAAE,CAAA;AACvB,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,IAAI,CAAC,EAAE,aAAa,EAA6B;IAC/D,WAAW,CAAC;QACV,MAAM,EAAE,OAAO,CAAC,OAAO,CAAC,SAAS;QACjC,WAAW,EAAE,OAAO,CAAC,OAAO,CAAC,WAAW;QACxC,aAAa;QACb,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,WAAW;QACjD,SAAS,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,SAAS;KAC9C,CAAC,CAAA;IAEF,MAAM,QAAQ,GAAG,GAAG,EAAE;QACpB,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE,WAAW,EAAE,IAAI,SAAS,CAAC,CAAA;IACvD,CAAC,CAAA;IACD,QAAQ,EAAE,CAAA;IACV,oBAAoB,CAAC,QAAQ,CAAC,CAAA;AAChC,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,UAAkB,EAClB,WAAyB;IAEzB,OAAO,sBAAsB,CAAC,UAAU,EAAE,WAAW,CAAC;SACnD,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC;SAChB,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;QACf,IAAI,KAAK,CAAC,MAAM,IAAI,GAAG,IAAI,KAAK,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YAC9C,OAAO,KAAK,CAAA;QACd,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAA;YAC9B,OAAO,CAAC,GAAG,CACT,sEAAsE,EACtE,KAAK,CACN,CAAA;YACD,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC,CAAC,CAAA;AACN,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,UAAkB,EAClB,WAAyB;IASzB,IAAI,aAAa,EAAE,EAAE,CAAC;QACpB,OAAO;YACL,UAAU;YACV,MAAM,EAAE,EAAE;SACX,CAAA;IACH,CAAC;IAED,MAAM,WAAW,GAAG,cAAc,EAAE,CAAA;IAEpC,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,SAAS,eAAe,UAAU,oBAAoB,CAAA;IACrF,OAAO,MAAM,UAAU,CAIpB,GAAG,EAAE,WAAW,CAAC,CAAA;AACtB,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,UAAkB;IACpD,IAAI,CAAC,UAAU,EAAE,EAAE,CAAC;QAClB,MAAM,IAAI,iBAAiB,CACzB,6DAA6D,EAC7D;YACE,aAAa,EAAE,IAAI;SACpB,CACF,CAAA;IACH,CAAC;IAED,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,SAAS,eAAe,UAAU,iBAAiB,CAAA;QAClF,MAAM,WAAW,CAAC,GAAG,CAAC,CAAA;IACxB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAA;QAC9B,OAAO,CAAC,IAAI,CAAC,4CAA4C,EAAE,KAAK,CAAC,CAAA;QAEjE,MAAM,IAAI,iBAAiB,CACzB,oJAAoJ,EACpJ;YACE,aAAa,EAAE,KAAc;YAC7B,KAAK,EAAE,yBAAyB;YAChC,cAAc,EAAG,KAAmB,CAAC,MAAM;SAC5C,CACF,CAAA;IACH,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AAEH,MAAM,CAAC,KAAK,UAAU,MAAM,CAAC,EAC3B,UAAU,EACV,KAAK,EACL,SAAS,EACT,QAAQ,GAMT;IACC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,SAAS,eAAe,UAAU,UAAU,CAAA;QAC3E,OAAO,MAAM,WAAW,CAAC,GAAG,EAAE;YAC5B,KAAK;YACL,SAAS;YACT,QAAQ;SACT,CAAC,CAAA;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAA;QAC9B,OAAO,CAAC,IAAI,CAAC,0CAA0C,EAAE,KAAK,CAAC,CAAA;QAE/D,MAAM,IAAI,iBAAiB,CACzB,4IAA4I,EAC5I;YACE,aAAa,EAAE,KAAc;YAC7B,KAAK,EAAE,kBAAkB;YACzB,cAAc,EAAG,KAAmB,CAAC,MAAM;SAC5C,CACF,CAAA;IACH,CAAC;AACH,CAAC","sourcesContent":["import { MiscTypes } from '@oneblink/types'\nimport OneBlinkAppsError from './services/errors/oneBlinkAppsError'\nimport {\n getIdToken,\n getFormsKeyId,\n setFormsKeyToken,\n} from './services/forms-key'\nimport {\n init as initCognito,\n registerAuthListener,\n isLoggedIn,\n loginHostedUI,\n loginUsernamePassword,\n changePassword,\n forgotPassword,\n handleAuthentication,\n logoutHostedUI,\n logout as logoutCognito,\n getUserProfile,\n getUsername,\n getUserFriendlyName,\n} from './services/cognito'\nimport { getRequest, postRequest, HTTPError } from './services/fetch'\nimport tenants from './tenants'\nimport { getUserToken, setUserToken } from './services/user-token'\nimport utilsService from './services/utils'\n\nexport {\n registerAuthListener,\n loginHostedUI,\n loginUsernamePassword,\n handleAuthentication,\n logoutHostedUI,\n changePassword,\n forgotPassword,\n isLoggedIn,\n getIdToken,\n getUserProfile,\n getFormsKeyId,\n setFormsKeyToken,\n getUserToken,\n setUserToken,\n getUserFriendlyName,\n}\nexport type { LoginAttemptResponse } from './services/cognito'\nimport Sentry from './Sentry'\n\n/**\n * Log the current user out and remove an data stored locally by the user e.g.\n * drafts.\n *\n * #### Example\n *\n * ```js\n * await authService.logout()\n * ```\n */\nexport async function logout() {\n console.log('Logging out...')\n\n try {\n await utilsService.localForage.clear()\n } catch (error) {\n Sentry.captureException(error)\n console.warn('Could not clear localForage before logging out', error)\n }\n\n await logoutCognito()\n}\n\n/**\n * Initialize the service with required configuration. **This must be done\n * before using before some of the function in this service.**\n *\n * #### Example\n *\n * ```js\n * authService.init({\n * oAuthClientId: 'YOUR_OAUTH_CLIENT_ID',\n * })\n * ```\n *\n * @param options\n */\nexport function init({ oAuthClientId }: { oAuthClientId: string }) {\n initCognito({\n region: tenants.current.awsRegion,\n loginDomain: tenants.current.loginDomain,\n oAuthClientId,\n redirectUri: window.location.origin + '/callback',\n logoutUri: window.location.origin + '/logout',\n })\n\n const listener = () => {\n Sentry.setTag('username', getUsername() || undefined)\n }\n listener()\n registerAuthListener(listener)\n}\n\n/**\n * Determine if the current user is a OneBlink App User for a OneBlink Forms\n * App. Returns `false` if the current user is not logged in.\n *\n * #### Example\n *\n * ```js\n * const formsAppId = 1\n * const isAuthorised = await authService.isAuthorised(formsAppId)\n * if (!isAuthorised) {\n * // handle unauthorised user\n * }\n * ```\n *\n * @param formsAppId\n * @param abortSignal\n * @returns\n */\nexport async function isAuthorised(\n formsAppId: number,\n abortSignal?: AbortSignal,\n): Promise<boolean> {\n return getCurrentFormsAppUser(formsAppId, abortSignal)\n .then(() => true)\n .catch((error) => {\n if (error.status >= 400 && error.status < 500) {\n return false\n } else {\n Sentry.captureException(error)\n console.log(\n 'Could not determine if the current user has access to this forms app',\n error,\n )\n return false\n }\n })\n}\n\n/**\n * Get the current user's App User details for a OneBlink Forms App. Returns\n * `undefined` if the current user is not logged in.\n *\n * #### Example\n *\n * ```js\n * const formsAppId = 1\n * const formsAppUserDetails =\n * await authService.getCurrentFormsAppUser(formsAppId)\n * if (!formsAppUserDetails) {\n * // handle unauthorised user\n * }\n * ```\n *\n * @param formsAppId\n * @returns\n */\nexport async function getCurrentFormsAppUser(\n formsAppId: number,\n abortSignal?: AbortSignal,\n): Promise<\n | {\n userProfile?: MiscTypes.UserProfile\n formsAppId: number\n groups: string[]\n }\n | undefined\n> {\n if (getFormsKeyId()) {\n return {\n formsAppId,\n groups: [],\n }\n }\n\n const userProfile = getUserProfile()\n\n if (!userProfile) {\n return undefined\n }\n\n const url = `${tenants.current.apiOrigin}/forms-apps/${formsAppId}/my-forms-app-user`\n return await getRequest<{\n userProfile?: MiscTypes.UserProfile\n formsAppId: number\n groups: string[]\n }>(url, abortSignal)\n}\n\n/**\n * If the current user is not a Forms App User, this function will send a\n * request on behalf of the current user to the OneBlink Forms App\n * administrators to request access.\n *\n * #### Example\n *\n * ```js\n * const formsAppId = 1\n * await authService.requestAccess(formsAppId)\n * // Display a message to user indicating a request has been sent to the application administrators\n * ```\n *\n * @param formsAppId\n */\nexport async function requestAccess(formsAppId: number): Promise<void> {\n if (!isLoggedIn()) {\n throw new OneBlinkAppsError(\n 'You must login before requesting access to this application',\n {\n requiresLogin: true,\n },\n )\n }\n\n try {\n const url = `${tenants.current.apiOrigin}/forms-apps/${formsAppId}/request-access`\n await postRequest(url)\n } catch (error) {\n Sentry.captureException(error)\n console.warn('Error while requesting access to forms app', error)\n\n throw new OneBlinkAppsError(\n 'Sorry, we could not request access automatically right now, please try again. If the problem persists, please contact your administrator yourself.',\n {\n originalError: error as Error,\n title: 'Error Requesting Access',\n httpStatusCode: (error as HTTPError).status,\n },\n )\n }\n}\n\n/**\n * Allow a user to sign up to a forms app.\n *\n * #### Example\n *\n * ```js\n * await authService.signUp({\n * formsAppId: 1,\n * email: 'test@oneblink.io',\n * firstName: 'first',\n * lastName: 'last',\n * })\n * ```\n *\n * @param {formsAppId, email, generatePassword, firstName, lastName}\n * @returns\n */\n\nexport async function signUp({\n formsAppId,\n email,\n firstName,\n lastName,\n}: {\n formsAppId: number\n email: string\n firstName?: string\n lastName?: string\n}): Promise<void> {\n try {\n const url = `${tenants.current.apiOrigin}/forms-apps/${formsAppId}/sign-up`\n return await postRequest(url, {\n email,\n firstName,\n lastName,\n })\n } catch (error) {\n Sentry.captureException(error)\n console.warn('Error while calling sign-up to forms app', error)\n\n throw new OneBlinkAppsError(\n 'Sorry, we could not create you a account right now, please try again. If the problem persists, please contact your administrator yourself.',\n {\n originalError: error as Error,\n title: 'Error Signing up',\n httpStatusCode: (error as HTTPError).status,\n },\n )\n }\n}\n"]}
|
package/dist/apps/index.d.ts
CHANGED
|
@@ -21,6 +21,16 @@ export * as offlineService from './offline-service';
|
|
|
21
21
|
* ```
|
|
22
22
|
*/
|
|
23
23
|
export * as authService from './auth-service';
|
|
24
|
+
/**
|
|
25
|
+
* ## MFA Service
|
|
26
|
+
*
|
|
27
|
+
* Helper functions for multi factor authentication and MFA requirements.
|
|
28
|
+
*
|
|
29
|
+
* ```js
|
|
30
|
+
* import { mfaService } from '@oneblink/apps-react'
|
|
31
|
+
* ```
|
|
32
|
+
*/
|
|
33
|
+
export * as mfaService from './mfa-service';
|
|
24
34
|
/**
|
|
25
35
|
* ## Draft Service
|
|
26
36
|
*
|
package/dist/apps/index.js
CHANGED
|
@@ -21,6 +21,16 @@ export * as offlineService from './offline-service';
|
|
|
21
21
|
* ```
|
|
22
22
|
*/
|
|
23
23
|
export * as authService from './auth-service';
|
|
24
|
+
/**
|
|
25
|
+
* ## MFA Service
|
|
26
|
+
*
|
|
27
|
+
* Helper functions for multi factor authentication and MFA requirements.
|
|
28
|
+
*
|
|
29
|
+
* ```js
|
|
30
|
+
* import { mfaService } from '@oneblink/apps-react'
|
|
31
|
+
* ```
|
|
32
|
+
*/
|
|
33
|
+
export * as mfaService from './mfa-service';
|
|
24
34
|
/**
|
|
25
35
|
* ## Draft Service
|
|
26
36
|
*
|
package/dist/apps/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/apps/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AACH,OAAO,KAAK,cAAc,MAAM,mBAAmB,CAAA;AACnD;;;;;;;;;;;GAWG;AACH,OAAO,KAAK,WAAW,MAAM,gBAAgB,CAAA;AAC7C;;;;;;;;GAQG;AACH,OAAO,KAAK,YAAY,MAAM,iBAAiB,CAAA;AAC/C;;;;;;;;GAQG;AACH,OAAO,KAAK,cAAc,MAAM,mBAAmB,CAAA;AACnD;;;;;;;;GAQG;AACH,OAAO,KAAK,cAAc,MAAM,mBAAmB,CAAA;AACnD;;;;;;;;GAQG;AACH,OAAO,KAAK,iBAAiB,MAAM,sBAAsB,CAAA;AACzD;;;;;;;;GAQG;AACH,OAAO,KAAK,UAAU,MAAM,eAAe,CAAA;AAC3C;;;;;;;;GAQG;AACH,OAAO,KAAK,iBAAiB,MAAM,sBAAsB,CAAA;AACzD;;;;;;;;GAQG;AACH,OAAO,KAAK,eAAe,MAAM,qBAAqB,CAAA;AACtD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAyEG;AACH,OAAO,KAAK,mBAAmB,MAAM,wBAAwB,CAAA;AAC7D;;;;;;;;GAQG;AACH,OAAO,KAAK,WAAW,MAAM,gBAAgB,CAAA;AAC7C;;;;;;;;GAQG;AACH,OAAO,KAAK,gBAAgB,MAAM,qBAAqB,CAAA;AACvD;;;;;;;;GAQG;AACH,OAAO,KAAK,eAAe,MAAM,qBAAqB,CAAA;AACtD;;;;;;;;GAQG;AACH,OAAO,KAAK,gBAAgB,MAAM,sBAAsB,CAAA;AACxD;;;;;;;;GAQG;AACH,OAAO,KAAK,mBAAmB,MAAM,wBAAwB,CAAA;AAC7D;;;;;;;;GAQG;AACH,OAAO,KAAK,kBAAkB,MAAM,uBAAuB,CAAA;AAC3D;;;;;;;;GAQG;AACH,OAAO,KAAK,qBAAqB,MAAM,2BAA2B,CAAA;AAClE;;;;;;;;GAQG;AACH,OAAO,KAAK,0BAA0B,MAAM,iCAAiC,CAAA;AAE7E,OAAO,EAAE,OAAO,IAAI,iBAAiB,EAAE,MAAM,qCAAqC,CAAA;AAClF,OAAO,OAAO,MAAM,WAAW,CAAA;AAC/B,OAAO,EAAE,OAAO,IAAI,MAAM,EAAE,MAAM,UAAU,CAAA;AAE5C,MAAM,CAAC,MAAM,kBAAkB,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC,YAAY,EAAE,CAAA;AAC9D,MAAM,CAAC,MAAM,iBAAiB,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC,WAAW,EAAE,CAAA;AAC5D,MAAM,CAAC,MAAM,mBAAmB,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC,aAAa,EAAE,CAAA","sourcesContent":["/**\n * ## Offline Service\n *\n * Helper functions for offline handling\n *\n * ```js\n * import { offlineService } from '@oneblink/apps-react'\n * ```\n */\nexport * as offlineService from './offline-service'\n/**\n * ## Authentication/Authorisation Service\n *\n * Helper functions for handling user authentication and authorisation.\n *\n * **NOTE: `init()` must be called before using some of the functions in this\n * service.**\n *\n * ```js\n * import { authService } from '@oneblink/apps-react'\n * ```\n */\nexport * as authService from './auth-service'\n/**\n * ## Draft Service\n *\n * Helper functions for handling drafts.\n *\n * ```js\n * import { draftService } from '@oneblink/apps-react'\n * ```\n */\nexport * as draftService from './draft-service'\n/**\n * ## Prefill Service\n *\n * Helper functions for offline handling\n *\n * ```js\n * import { prefillService } from '@oneblink/apps-react'\n * ```\n */\nexport * as prefillService from './prefill-service'\n/**\n * ## Payment Service\n *\n * Helper functions for payment handling\n *\n * ```js\n * import { paymentService } from '@oneblink/apps-react'\n * ```\n */\nexport * as paymentService from './payment-service'\n/**\n * ## Scheduling Service\n *\n * Helper functions for scheduling booking handling\n *\n * ```js\n * import { schedulingService } from '@oneblink/apps-react'\n * ```\n */\nexport * as schedulingService from './scheduling-service'\n/**\n * ## Job Service\n *\n * Helper functions for job handling\n *\n * ```js\n * import { jobService } from '@oneblink/apps-react'\n * ```\n */\nexport * as jobService from './job-service'\n/**\n * ## Submission Service\n *\n * Helper functions for handling form submissions\n *\n * ```js\n * import { submissionService } from '@oneblink/apps-react'\n * ```\n */\nexport * as submissionService from './submission-service'\n/**\n * ## Auto Save Service\n *\n * Helper functions for handling data while user is completing form.\n *\n * ```js\n * import { autoSaveService } from '@oneblink/apps-react'\n * ```\n */\nexport * as autoSaveService from './auto-save-service'\n/**\n * ## Notification Service\n *\n * Helper functions for notification handling\n *\n * ```js\n * import { notificationService } from '@oneblink/apps-react'\n * ```\n *\n * ### Service Worker\n *\n * To display push notifications and allow them to be clicked to open the\n * application, add the following JavaScript to your service worker (we\n * recommend using\n * [offline-plugin](https://www.npmjs.com/package/offline-plugin)):\n *\n * #### Example\n *\n * ```js\n * self.addEventListener('push', (event) => {\n * console.log('push event', event)\n *\n * if (!event.data) {\n * console.log('Received push event without any data', event)\n * return\n * }\n * const notification = event.data.json()\n *\n * event.waitUntil(\n * clients.matchAll().then((c) => {\n * if (c.length === 0 || c.every((client) => !client.focused)) {\n * // Show notification\n * return self.registration.showNotification(\n * notification.title,\n * notification.options,\n * )\n * } else {\n * console.log('Application is already open!')\n * }\n * }),\n * )\n * })\n *\n * self.addEventListener('notificationclick', (event) => {\n * console.log('notification click event', event)\n *\n * const pathname =\n * event.notification.data && event.notification.data.pathname\n * ? event.notification.data.pathname\n * : '/'\n *\n * event.waitUntil(\n * clients.matchAll().then((clis) => {\n * const client = clis[0]\n * if (client === undefined) {\n * // there are no visible windows. Open one.\n * clients.openWindow(pathname)\n * } else {\n * client.navigate(pathname)\n * client.focus()\n * }\n *\n * return self.registration\n * .getNotifications()\n * .then((notifications) => {\n * notifications.forEach((notification) => {\n * notification.close()\n * })\n * })\n * }),\n * )\n * })\n * ```\n */\nexport * as notificationService from './notification-service'\n/**\n * ## Form Service\n *\n * Helper functions for form handling\n *\n * ```js\n * import { formService } from '@oneblink/apps-react'\n * ```\n */\nexport * as formService from './form-service'\n/**\n * ## Approvals Service\n *\n * Helper functions for handling approvals\n *\n * ```js\n * import { approvalsService } from '@oneblink/apps-react'\n * ```\n */\nexport * as approvalsService from './approvals-service'\n/**\n * ## Forms App Service\n *\n * Helper functions for forms apps\n *\n * ```js\n * import { formsAppService } from '@oneblink/apps-react'\n * ```\n */\nexport * as formsAppService from './forms-app-service'\n/**\n * ## Form Store Service\n *\n * Helper functions for handling Form Store Records\n *\n * ```js\n * import { formStoreService } from '@oneblink/apps-react'\n * ```\n */\nexport * as formStoreService from './form-store-service'\n/**\n * ## Localisation Service\n *\n * Helper functions for handling all things locale.\n *\n * ```js\n * import { localisationService } from '@oneblink/apps-react'\n * ```\n */\nexport * as localisationService from './localisation-service'\n/**\n * ## Attachments Service\n *\n * Helper functions for attachment handling\n *\n * ```js\n * import { attachmentsService } from '@oneblink/apps-react'\n * ```\n */\nexport * as attachmentsService from './attachments-service'\n/**\n * ## Scheduled Tasks Service\n *\n * Helper functions for scheduled tasks\n *\n * ```js\n * import { scheduledTasksService } from '@oneblink/apps-react'\n * ```\n */\nexport * as scheduledTasksService from './scheduled-tasks-service'\n/**\n * ## Forms App Environment Service\n *\n * Helper functions for forms app environments\n *\n * ```js\n * import { formsAppEnvironmentService } from '@oneblink/apps-react'\n * ```\n */\nexport * as formsAppEnvironmentService from './forms-app-environment-service'\n\nexport { default as OneBlinkAppsError } from './services/errors/oneBlinkAppsError'\nimport tenants from './tenants'\nexport { default as Sentry } from './Sentry'\n\nexport const useTenantCivicPlus = () => tenants.useCivicPlus()\nexport const useTenantOneBlink = () => tenants.useOneBlink()\nexport const useTenantOneBlinkUS = () => tenants.useOneBlinkUS()\n"]}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/apps/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AACH,OAAO,KAAK,cAAc,MAAM,mBAAmB,CAAA;AACnD;;;;;;;;;;;GAWG;AACH,OAAO,KAAK,WAAW,MAAM,gBAAgB,CAAA;AAC7C;;;;;;;;GAQG;AACH,OAAO,KAAK,UAAU,MAAM,eAAe,CAAA;AAC3C;;;;;;;;GAQG;AACH,OAAO,KAAK,YAAY,MAAM,iBAAiB,CAAA;AAC/C;;;;;;;;GAQG;AACH,OAAO,KAAK,cAAc,MAAM,mBAAmB,CAAA;AACnD;;;;;;;;GAQG;AACH,OAAO,KAAK,cAAc,MAAM,mBAAmB,CAAA;AACnD;;;;;;;;GAQG;AACH,OAAO,KAAK,iBAAiB,MAAM,sBAAsB,CAAA;AACzD;;;;;;;;GAQG;AACH,OAAO,KAAK,UAAU,MAAM,eAAe,CAAA;AAC3C;;;;;;;;GAQG;AACH,OAAO,KAAK,iBAAiB,MAAM,sBAAsB,CAAA;AACzD;;;;;;;;GAQG;AACH,OAAO,KAAK,eAAe,MAAM,qBAAqB,CAAA;AACtD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAyEG;AACH,OAAO,KAAK,mBAAmB,MAAM,wBAAwB,CAAA;AAC7D;;;;;;;;GAQG;AACH,OAAO,KAAK,WAAW,MAAM,gBAAgB,CAAA;AAC7C;;;;;;;;GAQG;AACH,OAAO,KAAK,gBAAgB,MAAM,qBAAqB,CAAA;AACvD;;;;;;;;GAQG;AACH,OAAO,KAAK,eAAe,MAAM,qBAAqB,CAAA;AACtD;;;;;;;;GAQG;AACH,OAAO,KAAK,gBAAgB,MAAM,sBAAsB,CAAA;AACxD;;;;;;;;GAQG;AACH,OAAO,KAAK,mBAAmB,MAAM,wBAAwB,CAAA;AAC7D;;;;;;;;GAQG;AACH,OAAO,KAAK,kBAAkB,MAAM,uBAAuB,CAAA;AAC3D;;;;;;;;GAQG;AACH,OAAO,KAAK,qBAAqB,MAAM,2BAA2B,CAAA;AAClE;;;;;;;;GAQG;AACH,OAAO,KAAK,0BAA0B,MAAM,iCAAiC,CAAA;AAE7E,OAAO,EAAE,OAAO,IAAI,iBAAiB,EAAE,MAAM,qCAAqC,CAAA;AAClF,OAAO,OAAO,MAAM,WAAW,CAAA;AAC/B,OAAO,EAAE,OAAO,IAAI,MAAM,EAAE,MAAM,UAAU,CAAA;AAE5C,MAAM,CAAC,MAAM,kBAAkB,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC,YAAY,EAAE,CAAA;AAC9D,MAAM,CAAC,MAAM,iBAAiB,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC,WAAW,EAAE,CAAA;AAC5D,MAAM,CAAC,MAAM,mBAAmB,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC,aAAa,EAAE,CAAA","sourcesContent":["/**\n * ## Offline Service\n *\n * Helper functions for offline handling\n *\n * ```js\n * import { offlineService } from '@oneblink/apps-react'\n * ```\n */\nexport * as offlineService from './offline-service'\n/**\n * ## Authentication/Authorisation Service\n *\n * Helper functions for handling user authentication and authorisation.\n *\n * **NOTE: `init()` must be called before using some of the functions in this\n * service.**\n *\n * ```js\n * import { authService } from '@oneblink/apps-react'\n * ```\n */\nexport * as authService from './auth-service'\n/**\n * ## MFA Service\n *\n * Helper functions for multi factor authentication and MFA requirements.\n *\n * ```js\n * import { mfaService } from '@oneblink/apps-react'\n * ```\n */\nexport * as mfaService from './mfa-service'\n/**\n * ## Draft Service\n *\n * Helper functions for handling drafts.\n *\n * ```js\n * import { draftService } from '@oneblink/apps-react'\n * ```\n */\nexport * as draftService from './draft-service'\n/**\n * ## Prefill Service\n *\n * Helper functions for offline handling\n *\n * ```js\n * import { prefillService } from '@oneblink/apps-react'\n * ```\n */\nexport * as prefillService from './prefill-service'\n/**\n * ## Payment Service\n *\n * Helper functions for payment handling\n *\n * ```js\n * import { paymentService } from '@oneblink/apps-react'\n * ```\n */\nexport * as paymentService from './payment-service'\n/**\n * ## Scheduling Service\n *\n * Helper functions for scheduling booking handling\n *\n * ```js\n * import { schedulingService } from '@oneblink/apps-react'\n * ```\n */\nexport * as schedulingService from './scheduling-service'\n/**\n * ## Job Service\n *\n * Helper functions for job handling\n *\n * ```js\n * import { jobService } from '@oneblink/apps-react'\n * ```\n */\nexport * as jobService from './job-service'\n/**\n * ## Submission Service\n *\n * Helper functions for handling form submissions\n *\n * ```js\n * import { submissionService } from '@oneblink/apps-react'\n * ```\n */\nexport * as submissionService from './submission-service'\n/**\n * ## Auto Save Service\n *\n * Helper functions for handling data while user is completing form.\n *\n * ```js\n * import { autoSaveService } from '@oneblink/apps-react'\n * ```\n */\nexport * as autoSaveService from './auto-save-service'\n/**\n * ## Notification Service\n *\n * Helper functions for notification handling\n *\n * ```js\n * import { notificationService } from '@oneblink/apps-react'\n * ```\n *\n * ### Service Worker\n *\n * To display push notifications and allow them to be clicked to open the\n * application, add the following JavaScript to your service worker (we\n * recommend using\n * [offline-plugin](https://www.npmjs.com/package/offline-plugin)):\n *\n * #### Example\n *\n * ```js\n * self.addEventListener('push', (event) => {\n * console.log('push event', event)\n *\n * if (!event.data) {\n * console.log('Received push event without any data', event)\n * return\n * }\n * const notification = event.data.json()\n *\n * event.waitUntil(\n * clients.matchAll().then((c) => {\n * if (c.length === 0 || c.every((client) => !client.focused)) {\n * // Show notification\n * return self.registration.showNotification(\n * notification.title,\n * notification.options,\n * )\n * } else {\n * console.log('Application is already open!')\n * }\n * }),\n * )\n * })\n *\n * self.addEventListener('notificationclick', (event) => {\n * console.log('notification click event', event)\n *\n * const pathname =\n * event.notification.data && event.notification.data.pathname\n * ? event.notification.data.pathname\n * : '/'\n *\n * event.waitUntil(\n * clients.matchAll().then((clis) => {\n * const client = clis[0]\n * if (client === undefined) {\n * // there are no visible windows. Open one.\n * clients.openWindow(pathname)\n * } else {\n * client.navigate(pathname)\n * client.focus()\n * }\n *\n * return self.registration\n * .getNotifications()\n * .then((notifications) => {\n * notifications.forEach((notification) => {\n * notification.close()\n * })\n * })\n * }),\n * )\n * })\n * ```\n */\nexport * as notificationService from './notification-service'\n/**\n * ## Form Service\n *\n * Helper functions for form handling\n *\n * ```js\n * import { formService } from '@oneblink/apps-react'\n * ```\n */\nexport * as formService from './form-service'\n/**\n * ## Approvals Service\n *\n * Helper functions for handling approvals\n *\n * ```js\n * import { approvalsService } from '@oneblink/apps-react'\n * ```\n */\nexport * as approvalsService from './approvals-service'\n/**\n * ## Forms App Service\n *\n * Helper functions for forms apps\n *\n * ```js\n * import { formsAppService } from '@oneblink/apps-react'\n * ```\n */\nexport * as formsAppService from './forms-app-service'\n/**\n * ## Form Store Service\n *\n * Helper functions for handling Form Store Records\n *\n * ```js\n * import { formStoreService } from '@oneblink/apps-react'\n * ```\n */\nexport * as formStoreService from './form-store-service'\n/**\n * ## Localisation Service\n *\n * Helper functions for handling all things locale.\n *\n * ```js\n * import { localisationService } from '@oneblink/apps-react'\n * ```\n */\nexport * as localisationService from './localisation-service'\n/**\n * ## Attachments Service\n *\n * Helper functions for attachment handling\n *\n * ```js\n * import { attachmentsService } from '@oneblink/apps-react'\n * ```\n */\nexport * as attachmentsService from './attachments-service'\n/**\n * ## Scheduled Tasks Service\n *\n * Helper functions for scheduled tasks\n *\n * ```js\n * import { scheduledTasksService } from '@oneblink/apps-react'\n * ```\n */\nexport * as scheduledTasksService from './scheduled-tasks-service'\n/**\n * ## Forms App Environment Service\n *\n * Helper functions for forms app environments\n *\n * ```js\n * import { formsAppEnvironmentService } from '@oneblink/apps-react'\n * ```\n */\nexport * as formsAppEnvironmentService from './forms-app-environment-service'\n\nexport { default as OneBlinkAppsError } from './services/errors/oneBlinkAppsError'\nimport tenants from './tenants'\nexport { default as Sentry } from './Sentry'\n\nexport const useTenantCivicPlus = () => tenants.useCivicPlus()\nexport const useTenantOneBlink = () => tenants.useOneBlink()\nexport const useTenantOneBlinkUS = () => tenants.useOneBlinkUS()\n"]}
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
import { MiscTypes } from '@oneblink/types';
|
|
2
|
+
import { getMfaSettings } from './services/cognito';
|
|
3
|
+
export { getMfaSettings };
|
|
4
|
+
export { updateUserPhoneNumber, removeUserPhoneNumber, verifyUserPhoneNumber, disableMfaMethod, setPreferredMfaMethod, setupMfaAuthenticatorApp, setupSmsMfa, generateMfaAuthenticatorAppQrCodeUrl, DEFAULT_MFA_SETTINGS, } from './services/cognito';
|
|
5
|
+
export type { MfaMethod, MfaSettings } from './services/cognito';
|
|
6
|
+
export { isMfaRequired, mfaRequirementToSelectedMethods, mfaSelectedMethodsToMfaRequirement, formatMfaRequirementLabel, formatMfaRequirementMethodLabel, userMeetsMfaRequirement, formatMfaSetupRequiredMessage, formatMfaMethodNotAcceptedMessage, } from '../utils/mfa-requirement';
|
|
7
|
+
export type { MfaRequirementMethod } from '../utils/mfa-requirement';
|
|
8
|
+
export type MfaRequirementCheckResult = {
|
|
9
|
+
mfaSettings: Awaited<ReturnType<typeof getMfaSettings>>;
|
|
10
|
+
userMeetsMfaRequirement: boolean;
|
|
11
|
+
};
|
|
12
|
+
/**
|
|
13
|
+
* Check if the current user meets an MFA requirement.
|
|
14
|
+
*
|
|
15
|
+
* #### Example
|
|
16
|
+
*
|
|
17
|
+
* ```js
|
|
18
|
+
* const { mfaSettings, userMeetsMfaRequirement } =
|
|
19
|
+
* await mfaService.checkIsMfaEnabled('any')
|
|
20
|
+
* if (userMeetsMfaRequirement) {
|
|
21
|
+
* // User has met the MFA requirement
|
|
22
|
+
* } else {
|
|
23
|
+
* // Prompt user to set up MFA
|
|
24
|
+
* }
|
|
25
|
+
* ```
|
|
26
|
+
*
|
|
27
|
+
* @returns
|
|
28
|
+
*/
|
|
29
|
+
export declare function checkIsMfaEnabled(mfaRequirement: MiscTypes.MfaRequirement | undefined): Promise<MfaRequirementCheckResult>;
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
import { getMfaSettings } from './services/cognito';
|
|
2
|
+
import { userMeetsMfaRequirement } from '../utils/mfa-requirement';
|
|
3
|
+
export { getMfaSettings };
|
|
4
|
+
export { updateUserPhoneNumber, removeUserPhoneNumber, verifyUserPhoneNumber, disableMfaMethod, setPreferredMfaMethod, setupMfaAuthenticatorApp, setupSmsMfa, generateMfaAuthenticatorAppQrCodeUrl, DEFAULT_MFA_SETTINGS, } from './services/cognito';
|
|
5
|
+
export { isMfaRequired, mfaRequirementToSelectedMethods, mfaSelectedMethodsToMfaRequirement, formatMfaRequirementLabel, formatMfaRequirementMethodLabel, userMeetsMfaRequirement, formatMfaSetupRequiredMessage, formatMfaMethodNotAcceptedMessage, } from '../utils/mfa-requirement';
|
|
6
|
+
/**
|
|
7
|
+
* Check if the current user meets an MFA requirement.
|
|
8
|
+
*
|
|
9
|
+
* #### Example
|
|
10
|
+
*
|
|
11
|
+
* ```js
|
|
12
|
+
* const { mfaSettings, userMeetsMfaRequirement } =
|
|
13
|
+
* await mfaService.checkIsMfaEnabled('any')
|
|
14
|
+
* if (userMeetsMfaRequirement) {
|
|
15
|
+
* // User has met the MFA requirement
|
|
16
|
+
* } else {
|
|
17
|
+
* // Prompt user to set up MFA
|
|
18
|
+
* }
|
|
19
|
+
* ```
|
|
20
|
+
*
|
|
21
|
+
* @returns
|
|
22
|
+
*/
|
|
23
|
+
export async function checkIsMfaEnabled(mfaRequirement) {
|
|
24
|
+
const mfaSettings = await getMfaSettings();
|
|
25
|
+
return {
|
|
26
|
+
mfaSettings,
|
|
27
|
+
userMeetsMfaRequirement: userMeetsMfaRequirement(mfaRequirement, mfaSettings),
|
|
28
|
+
};
|
|
29
|
+
}
|
|
30
|
+
//# sourceMappingURL=mfa-service.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"mfa-service.js","sourceRoot":"","sources":["../../src/apps/mfa-service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAA;AACnD,OAAO,EAAE,uBAAuB,EAAE,MAAM,0BAA0B,CAAA;AAElE,OAAO,EAAE,cAAc,EAAE,CAAA;AACzB,OAAO,EACL,qBAAqB,EACrB,qBAAqB,EACrB,qBAAqB,EACrB,gBAAgB,EAChB,qBAAqB,EACrB,wBAAwB,EACxB,WAAW,EACX,oCAAoC,EACpC,oBAAoB,GACrB,MAAM,oBAAoB,CAAA;AAE3B,OAAO,EACL,aAAa,EACb,+BAA+B,EAC/B,kCAAkC,EAClC,yBAAyB,EACzB,+BAA+B,EAC/B,uBAAuB,EACvB,6BAA6B,EAC7B,iCAAiC,GAClC,MAAM,0BAA0B,CAAA;AAQjC;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,cAAoD;IAEpD,MAAM,WAAW,GAAG,MAAM,cAAc,EAAE,CAAA;IAE1C,OAAO;QACL,WAAW;QACX,uBAAuB,EAAE,uBAAuB,CAC9C,cAAc,EACd,WAAW,CACZ;KACF,CAAA;AACH,CAAC","sourcesContent":["import { MiscTypes } from '@oneblink/types'\r\nimport { getMfaSettings } from './services/cognito'\r\nimport { userMeetsMfaRequirement } from '../utils/mfa-requirement'\r\n\r\nexport { getMfaSettings }\r\nexport {\r\n updateUserPhoneNumber,\r\n removeUserPhoneNumber,\r\n verifyUserPhoneNumber,\r\n disableMfaMethod,\r\n setPreferredMfaMethod,\r\n setupMfaAuthenticatorApp,\r\n setupSmsMfa,\r\n generateMfaAuthenticatorAppQrCodeUrl,\r\n DEFAULT_MFA_SETTINGS,\r\n} from './services/cognito'\r\nexport type { MfaMethod, MfaSettings } from './services/cognito'\r\nexport {\r\n isMfaRequired,\r\n mfaRequirementToSelectedMethods,\r\n mfaSelectedMethodsToMfaRequirement,\r\n formatMfaRequirementLabel,\r\n formatMfaRequirementMethodLabel,\r\n userMeetsMfaRequirement,\r\n formatMfaSetupRequiredMessage,\r\n formatMfaMethodNotAcceptedMessage,\r\n} from '../utils/mfa-requirement'\r\nexport type { MfaRequirementMethod } from '../utils/mfa-requirement'\r\n\r\nexport type MfaRequirementCheckResult = {\r\n mfaSettings: Awaited<ReturnType<typeof getMfaSettings>>\r\n userMeetsMfaRequirement: boolean\r\n}\r\n\r\n/**\r\n * Check if the current user meets an MFA requirement.\r\n *\r\n * #### Example\r\n *\r\n * ```js\r\n * const { mfaSettings, userMeetsMfaRequirement } =\r\n * await mfaService.checkIsMfaEnabled('any')\r\n * if (userMeetsMfaRequirement) {\r\n * // User has met the MFA requirement\r\n * } else {\r\n * // Prompt user to set up MFA\r\n * }\r\n * ```\r\n *\r\n * @returns\r\n */\r\nexport async function checkIsMfaEnabled(\r\n mfaRequirement: MiscTypes.MfaRequirement | undefined,\r\n): Promise<MfaRequirementCheckResult> {\r\n const mfaSettings = await getMfaSettings()\r\n\r\n return {\r\n mfaSettings,\r\n userMeetsMfaRequirement: userMeetsMfaRequirement(\r\n mfaRequirement,\r\n mfaSettings,\r\n ),\r\n }\r\n}\r\n"]}
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
import { AuthenticationResultType, CognitoIdentityProviderClient, InitiateAuthResponse } from '@aws-sdk/client-cognito-identity-provider';
|
|
2
|
-
import { MiscTypes } from '@oneblink/types';
|
|
3
2
|
export type MfaMethod = 'authenticator' | 'sms';
|
|
4
3
|
export type MfaSettings = {
|
|
5
4
|
authenticator: {
|
|
@@ -14,9 +13,13 @@ export type MfaSettings = {
|
|
|
14
13
|
};
|
|
15
14
|
};
|
|
16
15
|
export declare const DEFAULT_MFA_SETTINGS: MfaSettings;
|
|
17
|
-
export
|
|
18
|
-
|
|
19
|
-
|
|
16
|
+
export declare function resolveMfaPreferredFlags({ authenticatorEnabled, smsEnabled, preferredMfaSetting, }: {
|
|
17
|
+
authenticatorEnabled: boolean;
|
|
18
|
+
smsEnabled: boolean;
|
|
19
|
+
preferredMfaSetting: string | undefined;
|
|
20
|
+
}): {
|
|
21
|
+
authenticatorPreferred: boolean;
|
|
22
|
+
smsPreferred: boolean;
|
|
20
23
|
};
|
|
21
24
|
export type LoginAttemptResponse = {
|
|
22
25
|
resetPasswordCallback?: (newPassword: string) => Promise<LoginAttemptResponse>;
|
|
@@ -69,12 +72,10 @@ export default class AWSCognitoClient {
|
|
|
69
72
|
getIdToken(): Promise<string | undefined>;
|
|
70
73
|
getAccessToken(): Promise<string | undefined>;
|
|
71
74
|
getMfaSettings(abortSignal?: AbortSignal): Promise<MfaSettings>;
|
|
72
|
-
checkIsMfaEnabled(mfaRequirement: MiscTypes.MfaRequirement | undefined): Promise<MfaRequirementCheckResult>;
|
|
73
75
|
updateUserPhoneNumber(phoneNumber: string): Promise<{
|
|
74
76
|
isPhoneNumberVerified: boolean;
|
|
75
77
|
}>;
|
|
76
78
|
removeUserPhoneNumber(): Promise<void>;
|
|
77
|
-
sendPhoneNumberVerificationCode(): Promise<import("@aws-sdk/client-cognito-identity-provider").GetUserAttributeVerificationCodeCommandOutput | undefined>;
|
|
78
79
|
verifyUserPhoneNumber(code: string): Promise<void>;
|
|
79
80
|
setPreferredMfaMethod(method: MfaMethod): Promise<void>;
|
|
80
81
|
disableMfaMethod(method: MfaMethod): Promise<void>;
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { AssociateSoftwareTokenCommand, ChangePasswordCommand, CognitoIdentityProviderClient, ConfirmForgotPasswordCommand, DeleteUserAttributesCommand,
|
|
1
|
+
import { AssociateSoftwareTokenCommand, ChangePasswordCommand, CognitoIdentityProviderClient, ConfirmForgotPasswordCommand, DeleteUserAttributesCommand, GetUserCommand, GlobalSignOutCommand, InitiateAuthCommand, RespondToAuthChallengeCommand, SetUserMFAPreferenceCommand, UpdateUserAttributesCommand, VerifySoftwareTokenCommand, VerifyUserAttributeCommand, } from '@aws-sdk/client-cognito-identity-provider';
|
|
2
2
|
import Sentry from '../Sentry';
|
|
3
3
|
import { OneBlinkAppsError } from '..';
|
|
4
4
|
export const DEFAULT_MFA_SETTINGS = {
|
|
@@ -10,19 +10,22 @@ export const DEFAULT_MFA_SETTINGS = {
|
|
|
10
10
|
isPhoneNumberVerified: false,
|
|
11
11
|
},
|
|
12
12
|
};
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
13
|
+
export function resolveMfaPreferredFlags({ authenticatorEnabled, smsEnabled, preferredMfaSetting, }) {
|
|
14
|
+
const cognitoAuthenticatorPreferred = preferredMfaSetting === 'SOFTWARE_TOKEN_MFA';
|
|
15
|
+
const cognitoSmsPreferred = preferredMfaSetting === 'SMS_MFA';
|
|
16
|
+
if (cognitoAuthenticatorPreferred && authenticatorEnabled) {
|
|
17
|
+
return { authenticatorPreferred: true, smsPreferred: false };
|
|
18
|
+
}
|
|
19
|
+
if (cognitoSmsPreferred && smsEnabled) {
|
|
20
|
+
return { authenticatorPreferred: false, smsPreferred: true };
|
|
20
21
|
}
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
return true;
|
|
22
|
+
if (authenticatorEnabled && smsEnabled) {
|
|
23
|
+
return { authenticatorPreferred: true, smsPreferred: false };
|
|
24
24
|
}
|
|
25
|
-
return
|
|
25
|
+
return {
|
|
26
|
+
authenticatorPreferred: authenticatorEnabled,
|
|
27
|
+
smsPreferred: smsEnabled,
|
|
28
|
+
};
|
|
26
29
|
}
|
|
27
30
|
export default class AWSCognitoClient {
|
|
28
31
|
constructor({ clientId, region, loginDomain, redirectUri, logoutUri, }) {
|
|
@@ -376,26 +379,26 @@ export default class AWSCognitoClient {
|
|
|
376
379
|
const preferredMfaSetting = user.PreferredMfaSetting;
|
|
377
380
|
const phoneNumber = (_b = (_a = user.UserAttributes) === null || _a === void 0 ? void 0 : _a.find((attribute) => attribute.Name === 'phone_number')) === null || _b === void 0 ? void 0 : _b.Value;
|
|
378
381
|
const isPhoneNumberVerified = ((_d = (_c = user.UserAttributes) === null || _c === void 0 ? void 0 : _c.find((attribute) => attribute.Name === 'phone_number_verified')) === null || _d === void 0 ? void 0 : _d.Value) === 'true';
|
|
382
|
+
const authenticatorEnabled = mfaList.includes('SOFTWARE_TOKEN_MFA');
|
|
383
|
+
const smsEnabled = mfaList.includes('SMS_MFA');
|
|
384
|
+
const { authenticatorPreferred, smsPreferred } = resolveMfaPreferredFlags({
|
|
385
|
+
authenticatorEnabled,
|
|
386
|
+
smsEnabled,
|
|
387
|
+
preferredMfaSetting,
|
|
388
|
+
});
|
|
379
389
|
return {
|
|
380
390
|
authenticator: {
|
|
381
|
-
enabled:
|
|
382
|
-
preferred:
|
|
391
|
+
enabled: authenticatorEnabled,
|
|
392
|
+
preferred: authenticatorPreferred,
|
|
383
393
|
},
|
|
384
394
|
sms: {
|
|
385
|
-
enabled:
|
|
386
|
-
preferred:
|
|
395
|
+
enabled: smsEnabled,
|
|
396
|
+
preferred: smsPreferred,
|
|
387
397
|
phoneNumber,
|
|
388
398
|
isPhoneNumberVerified,
|
|
389
399
|
},
|
|
390
400
|
};
|
|
391
401
|
}
|
|
392
|
-
async checkIsMfaEnabled(mfaRequirement) {
|
|
393
|
-
const mfaSettings = await this.getMfaSettings();
|
|
394
|
-
return {
|
|
395
|
-
mfaSettings,
|
|
396
|
-
userMeetsMfaRequirement: checkUserMeetsMfaRequirement(mfaRequirement, mfaSettings),
|
|
397
|
-
};
|
|
398
|
-
}
|
|
399
402
|
async updateUserPhoneNumber(phoneNumber) {
|
|
400
403
|
const accessToken = await this.getAccessToken();
|
|
401
404
|
if (!accessToken) {
|
|
@@ -423,16 +426,6 @@ export default class AWSCognitoClient {
|
|
|
423
426
|
UserAttributeNames: ['phone_number'],
|
|
424
427
|
}));
|
|
425
428
|
}
|
|
426
|
-
async sendPhoneNumberVerificationCode() {
|
|
427
|
-
const accessToken = await this.getAccessToken();
|
|
428
|
-
if (!accessToken) {
|
|
429
|
-
return;
|
|
430
|
-
}
|
|
431
|
-
return await this.cognitoIdentityProviderClient.send(new GetUserAttributeVerificationCodeCommand({
|
|
432
|
-
AccessToken: accessToken,
|
|
433
|
-
AttributeName: 'phone_number',
|
|
434
|
-
}));
|
|
435
|
-
}
|
|
436
429
|
async verifyUserPhoneNumber(code) {
|
|
437
430
|
const accessToken = await this.getAccessToken();
|
|
438
431
|
if (!accessToken) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AWSCognitoClient.js","sourceRoot":"","sources":["../../../src/apps/services/AWSCognitoClient.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,6BAA6B,EAE7B,qBAAqB,EACrB,6BAA6B,EAC7B,4BAA4B,EAC5B,2BAA2B,EAC3B,uCAAuC,EACvC,cAAc,EACd,oBAAoB,EACpB,mBAAmB,EAEnB,6BAA6B,EAC7B,2BAA2B,EAC3B,2BAA2B,EAC3B,0BAA0B,EAC1B,0BAA0B,GAC3B,MAAM,2CAA2C,CAAA;AAClD,OAAO,MAAM,MAAM,WAAW,CAAA;AAC9B,OAAO,EAAE,iBAAiB,EAAE,MAAM,IAAI,CAAA;AAkBtC,MAAM,CAAC,MAAM,oBAAoB,GAAgB;IAC/C,aAAa,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE;IACnD,GAAG,EAAE;QACH,OAAO,EAAE,KAAK;QACd,SAAS,EAAE,KAAK;QAChB,WAAW,EAAE,SAAS;QACtB,qBAAqB,EAAE,KAAK;KAC7B;CACF,CAAA;AAOD,MAAM,6BAA6B,GAAG;IACpC,GAAG,EAAE,CAAC,WAAwB,EAAE,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,OAAO;IAC1D,gBAAgB,EAAE,CAAC,WAAwB,EAAE,EAAE,CAC7C,WAAW,CAAC,aAAa,CAAC,OAAO;CAIpC,CAAA;AAED,SAAS,4BAA4B,CACnC,cAAoD,EACpD,WAAwB;IAExB,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,OAAO,IAAI,CAAA;IACb,CAAC;IAED,MAAM,eAAe,GACnB,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAG1C,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,CAAA;IAE5C,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,OAAO,IAAI,CAAA;IACb,CAAC;IAED,OAAO,eAAe,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CACrC,6BAA6B,CAAC,MAAM,CAAC,CAAC,WAAW,CAAC,CACnD,CAAA;AACH,CAAC;AAUD,MAAM,CAAC,OAAO,OAAO,gBAAgB;IAQnC,YAAY,EACV,QAAQ,EACR,MAAM,EACN,WAAW,EACX,WAAW,EACX,SAAS,GAOV;QACC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,SAAS,CAAC,uCAAuC,CAAC,CAAA;QAC9D,CAAC;QACD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,SAAS,CAAC,qCAAqC,CAAC,CAAA;QAC5D,CAAC;QAED,IAAI,CAAC,SAAS,GAAG,EAAE,CAAA;QACnB,IAAI,CAAC,WAAW,GAAG,WAAW,CAAA;QAC9B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;QAC1B,IAAI,CAAC,WAAW,GAAG,WAAW,CAAA;QAC9B,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAA;QACxB,IAAI,CAAC,6BAA6B,GAAG,IAAI,6BAA6B,CAAC;YACrE,MAAM;SACP,CAAC,CAAA;IACJ,CAAC;IAED,qBAAqB;IACrB,IAAI,UAAU;QACZ,OAAO,WAAW,IAAI,CAAC,QAAQ,aAAa,CAAA;IAC9C,CAAC;IACD,IAAI,YAAY;QACd,OAAO,WAAW,IAAI,CAAC,QAAQ,eAAe,CAAA;IAChD,CAAC;IACD,IAAI,QAAQ;QACV,OAAO,WAAW,IAAI,CAAC,QAAQ,WAAW,CAAA;IAC5C,CAAC;IACD,IAAI,aAAa;QACf,OAAO,WAAW,IAAI,CAAC,QAAQ,gBAAgB,CAAA;IACjD,CAAC;IACD,IAAI,KAAK;QACP,OAAO,WAAW,IAAI,CAAC,QAAQ,QAAQ,CAAA;IACzC,CAAC;IACD,IAAI,kBAAkB;QACpB,OAAO,WAAW,IAAI,CAAC,QAAQ,qBAAqB,CAAA;IACtD,CAAC;IAED,iBAAiB;QACf,KAAK,MAAM,QAAQ,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACtC,IAAI,CAAC;gBACH,QAAQ,EAAE,CAAA;YACZ,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAA;gBAC9B,8BAA8B;gBAC9B,OAAO,CAAC,IAAI,CAAC,iCAAiC,EAAE,KAAK,CAAC,CAAA;YACxD,CAAC;QACH,CAAC;IACH,CAAC;IAED,0BAA0B,CAAC,oBAA8C;QACvE,qFAAqF;QACrF,MAAM,SAAS,GACZ,oBAAoB,CAAC,SAAoB,GAAG,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAA;QACvE,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,EAAE,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAA;QAC3D,YAAY,CAAC,OAAO,CAClB,IAAI,CAAC,YAAY,EACjB,oBAAoB,CAAC,WAAqB,CAC3C,CAAA;QACD,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,EAAE,oBAAoB,CAAC,OAAiB,CAAC,CAAA;QAC3E,IAAI,oBAAoB,CAAC,YAAY,EAAE,CAAC;YACtC,YAAY,CAAC,OAAO,CAClB,IAAI,CAAC,aAAa,EAClB,oBAAoB,CAAC,YAAY,CAClC,CAAA;QACH,CAAC;QAED,IAAI,CAAC,iBAAiB,EAAE,CAAA;IAC1B,CAAC;IAED,2BAA2B;QACzB,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QACxC,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QAC1C,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACtC,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAAA;QAE3C,IAAI,CAAC,iBAAiB,EAAE,CAAA;IAC1B,CAAC;IAED,eAAe;QACb,OAAO,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,SAAS,CAAA;IAC7D,CAAC;IAED,WAAW;QACT,OAAO,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAA;IACzD,CAAC;IAED,gBAAgB;QACd,OAAO,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,SAAS,CAAA;IAC9D,CAAC;IAED,eAAe;QACb,MAAM,SAAS,GAAG,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QACvD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,KAAK,CAAA;QACd,CAAC;QACD,OAAO,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;IAC7C,CAAC;IAED,KAAK,CAAC,eAAe;QACnB,IAAI,IAAI,CAAC,eAAe,EAAE,EAAE,CAAC;YAC3B,OAAM;QACR,CAAC;QAED,MAAM,YAAY,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAA;QAC5C,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAM;QACR,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC1D,IAAI,mBAAmB,CAAC;gBACtB,QAAQ,EAAE,oBAAoB;gBAC9B,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,cAAc,EAAE;oBACd,aAAa,EAAE,YAAY;iBAC5B;aACF,CAAC,CACH,CAAA;YACD,IAAI,MAAM,CAAC,oBAAoB,EAAE,CAAC;gBAChC,IAAI,CAAC,0BAA0B,CAAC,MAAM,CAAC,oBAAoB,CAAC,CAAA;YAC9D,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,2CAA2C,EAAE,KAAK,CAAC,CAAA;YAChE,IAAI,CAAC,2BAA2B,EAAE,CAAA;YAClC,MAAM,IAAI,iBAAiB,CACzB,kFAAkF,EAClF;gBACE,aAAa,EAAE,IAAI;gBACnB,aAAa,EAAE,KAAc;aAC9B,CACF,CAAA;QACH,CAAC;IACH,CAAC;IAED,gBAAgB,CAAC,QAAuB;QACtC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QAE7B,OAAO,GAAG,EAAE;YACV,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;YAC9C,IAAI,KAAK,KAAK,CAAC,CAAC,EAAE,CAAC;gBACjB,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;YACjC,CAAC;QACH,CAAC,CAAA;IACH,CAAC;IAED,KAAK,CAAC,uBAAuB,CAC3B,QAAgB,EAChB,oBAA0C;QAE1C,IAAI,oBAAoB,CAAC,oBAAoB,EAAE,CAAC;YAC9C,IAAI,CAAC,0BAA0B,CAAC,oBAAoB,CAAC,oBAAoB,CAAC,CAAA;YAC1E,OAAO,EAAE,CAAA;QACX,CAAC;QAED,MAAM,aAAa,GAAG,oBAAoB,CAAC,aAAa,CAAA;QACxD,QAAQ,aAAa,EAAE,CAAC;YACtB,KAAK,uBAAuB,CAAC,CAAC,CAAC;gBAC7B,OAAO;oBACL,qBAAqB,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE;wBAC3C,MAAM,mBAAmB,GACvB,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,6BAA6B,CAAC;4BAChC,aAAa;4BACb,QAAQ,EAAE,IAAI,CAAC,QAAQ;4BACvB,OAAO,EAAE,oBAAoB,CAAC,OAAO;4BACrC,kBAAkB,EAAE;gCAClB,QAAQ,EAAE,QAAQ;gCAClB,YAAY,EAAE,WAAW;6BAC1B;yBACF,CAAC,CACH,CAAA;wBACH,OAAO,MAAM,IAAI,CAAC,uBAAuB,CACvC,QAAQ,EACR,mBAAmB,CACpB,CAAA;oBACH,CAAC;iBACF,CAAA;YACH,CAAC;YACD,KAAK,oBAAoB,CAAC,CAAC,CAAC;gBAC1B,OAAO;oBACL,GAAG,EAAE;wBACH,MAAM,EAAE,eAAe;wBACvB,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;4BAC3B,MAAM,mBAAmB,GACvB,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,6BAA6B,CAAC;gCAChC,aAAa;gCACb,QAAQ,EAAE,IAAI,CAAC,QAAQ;gCACvB,OAAO,EAAE,oBAAoB,CAAC,OAAO;gCACrC,kBAAkB,EAAE;oCAClB,QAAQ,EAAE,QAAQ;oCAClB,uBAAuB,EAAE,IAAI;iCAC9B;6BACF,CAAC,CACH,CAAA;4BACH,OAAO,MAAM,IAAI,CAAC,uBAAuB,CACvC,QAAQ,EACR,mBAAmB,CACpB,CAAA;wBACH,CAAC;qBACF;iBACF,CAAA;YACH,CAAC;YACD,KAAK,WAAW,CAAC,CAAC,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAA;YAC/C,CAAC;YACD,KAAK,SAAS,CAAC,CAAC,CAAC;gBACf,OAAO;oBACL,GAAG,EAAE;wBACH,MAAM,EAAE,KAAK;wBACb,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;4BAC3B,MAAM,kBAAkB,GACtB,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,6BAA6B,CAAC;gCAChC,aAAa;gCACb,QAAQ,EAAE,IAAI,CAAC,QAAQ;gCACvB,OAAO,EAAE,oBAAoB,CAAC,OAAO;gCACrC,kBAAkB,EAAE;oCAClB,QAAQ,EAAE,QAAQ;oCAClB,YAAY,EAAE,IAAI;iCACnB;6BACF,CAAC,CACH,CAAA;4BACH,OAAO,MAAM,IAAI,CAAC,uBAAuB,CACvC,QAAQ,EACR,kBAAkB,CACnB,CAAA;wBACH,CAAC;qBACF;iBACF,CAAA;YACH,CAAC;QACH,CAAC;QAED,OAAO,CAAC,IAAI,CACV,uFAAuF,EACvF,oBAAoB,CACrB,CAAA;QACD,MAAM,IAAI,KAAK,CACb,mIAAmI,CACpI,CAAA;IACH,CAAC;IAED,KAAK,CAAC,qBAAqB,CACzB,QAAgB,EAChB,QAAgB;QAEhB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC/D,IAAI,mBAAmB,CAAC;YACtB,QAAQ,EAAE,oBAAoB;YAC9B,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,cAAc,EAAE;gBACd,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,QAAQ;aACnB;SACF,CAAC,CACH,CAAA;QAED,OAAO,MAAM,IAAI,CAAC,uBAAuB,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAA;IAClE,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,oBAA6B;QAC/C,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAA;QACpC,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAA;QACpC,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,EAAE,CAAC;YACjC,MAAM,IAAI,SAAS,CACjB,6GAA6G,CAC9G,CAAA;QACH,CAAC;QAED,0CAA0C;QAC1C,MAAM,KAAK,GAAG,oBAAoB,EAAE,CAAA;QACpC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;QAEvC,0EAA0E;QAC1E,MAAM,YAAY,GAAG,oBAAoB,EAAE,CAAA;QAC3C,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,EAAE,YAAY,CAAC,CAAA;QAE3D,+DAA+D;QAC/D,MAAM,cAAc,GAAG,MAAM,yBAAyB,CAAC,YAAY,CAAC,CAAA;QAEpE,MAAM,CAAC,QAAQ,CAAC,IAAI;YAClB,WAAW,WAAW,mBAAmB;gBACzC,qBAAqB;gBACrB,aAAa;gBACb,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC;gBACjC,SAAS;gBACT,kBAAkB,CAAC,KAAK,CAAC;gBACzB,SAAS;gBACT,kBAAkB,CAAC,oDAAoD,CAAC;gBACxE,gBAAgB;gBAChB,kBAAkB,CAAC,WAAW,CAAC;gBAC/B,kBAAkB;gBAClB,kBAAkB,CAAC,cAAc,CAAC;gBAClC,6BAA6B;gBAC7B,CAAC,oBAAoB;oBACnB,CAAC,CAAC,qBAAqB,GAAG,kBAAkB,CAAC,oBAAoB,CAAC;oBAClE,CAAC,CAAC,EAAE,CAAC,CAAA;IACX,CAAC;IAED,KAAK,CAAC,oBAAoB;QACxB,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAA;QACpC,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAA;QACpC,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,EAAE,CAAC;YACjC,MAAM,IAAI,SAAS,CACjB,sHAAsH,CACvH,CAAA;QACH,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAA;QACzD,MAAM,UAAU,GAAG,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QACrC,MAAM,qBAAqB,GAAG,KAAK,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAA;QAE5D,+CAA+C;QAC/C,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CACb,GAAG,UAAU,MACX,OAAO,qBAAqB,KAAK,QAAQ;gBACvC,CAAC,CAAC,qBAAqB;gBACvB,CAAC,CAAC,gCACN,EAAE,CACH,CAAA;QACH,CAAC;QAED,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;QAC9B,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAA;QACtE,CAAC;QAED,IAAI,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;YAC5D,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAA;QAClC,CAAC;QAED,MAAM,aAAa,GAAG,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAA;QAEnE,kDAAkD;QAClD,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QACnC,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAA;QAEhD,sDAAsD;QACtD,MAAM,MAAM,GAA4B,MAAM,IAAI,OAAO,CACvD,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAClB,eAAe,CACb,WAAW,WAAW,eAAe,EACrC;gBACE,UAAU,EAAE,oBAAoB;gBAChC,IAAI;gBACJ,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,YAAY,EAAE,WAAW;gBACzB,aAAa;aACd,EACD,OAAO,EACP,CAAC,KAAK,EAAE,EAAE;gBACR,MAAM,CACJ,IAAI,KAAK,CACP,KAAK,CAAC,iBAAiB;oBACrB,KAAK,CAAC,OAAO;oBACb,oEAAoE,CACvE,CACF,CAAA;YACH,CAAC,CACF,CAAA;QACH,CAAC,CACF,CAAA;QAED,IAAI,CAAC,0BAA0B,CAAC;YAC9B,WAAW,EAAE,MAAM,CAAC,YAAsB;YAC1C,SAAS,EAAE,MAAM,CAAC,UAAoB;YACtC,OAAO,EAAE,MAAM,CAAC,QAAkB;YAClC,SAAS,EAAE,MAAM,CAAC,UAAoB;YACtC,YAAY,EAAE,MAAM,CAAC,aAAuB;SAC7C,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,cAAc,CAClB,gBAAwB,EACxB,WAAmB;QAEnB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,qBAAqB,CAAC;YACxB,WAAW,EAAE,WAAW,IAAI,EAAE;YAC9B,gBAAgB,EAAE,gBAAgB;YAClC,gBAAgB,EAAE,WAAW;SAC9B,CAAC,CACH,CAAA;IACH,CAAC;IACD,KAAK,CAAC,qBAAqB,CAAC,EAC1B,QAAQ,EACR,IAAI,EACJ,QAAQ,GAKT;QACC,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,4BAA4B,CAAC;YAC/B,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,gBAAgB,EAAE,IAAI;YACtB,QAAQ,EAAE,QAAQ;YAClB,QAAQ,EAAE,QAAQ;SACnB,CAAC,CACH,CAAA;IACH,CAAC;IAED,cAAc;QACZ,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAA;QACpC,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAA;QAChC,IAAI,CAAC,WAAW,IAAI,CAAC,SAAS,EAAE,CAAC;YAC/B,MAAM,IAAI,SAAS,CACjB,4GAA4G,CAC7G,CAAA;QACH,CAAC;QAED,MAAM,CAAC,QAAQ,CAAC,IAAI;YAClB,WAAW,WAAW,SAAS;gBAC/B,aAAa;gBACb,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC;gBACjC,cAAc;gBACd,kBAAkB,CAAC,SAAS,CAAC,CAAA;IACjC,CAAC;IAED,KAAK,CAAC,MAAM;QACV,IAAI,CAAC;YACH,MAAM,YAAY,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAA;YAC5C,4DAA4D;YAC5D,IAAI,YAAY,EAAE,CAAC;gBACjB,MAAM,IAAI,CAAC,eAAe,EAAE,CAAA;YAC9B,CAAC;YAED,MAAM,WAAW,GAAG,IAAI,CAAC,eAAe,EAAE,CAAA;YAC1C,IAAI,WAAW,EAAE,CAAC;gBAChB,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,oBAAoB,CAAC;oBACvB,WAAW,EAAE,WAAW;iBACzB,CAAC,CACH,CAAA;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAE,KAA2B,CAAC,aAAa,EAAE,CAAC;gBAChD,MAAM,KAAK,CAAA;YACb,CAAC;QACH,CAAC;gBAAS,CAAC;YACT,IAAI,CAAC,2BAA2B,EAAE,CAAA;QACpC,CAAC;IACH,CAAC;IAED,KAAK,CAAC,UAAU;QACd,MAAM,IAAI,CAAC,eAAe,EAAE,CAAA;QAE5B,OAAO,IAAI,CAAC,WAAW,EAAE,CAAA;IAC3B,CAAC;IAED,KAAK,CAAC,cAAc;QAClB,MAAM,IAAI,CAAC,eAAe,EAAE,CAAA;QAE5B,OAAO,IAAI,CAAC,eAAe,EAAE,CAAA;IAC/B,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,WAAyB;;QAC5C,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,oBAAoB,CAAA;QAC7B,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CACxD,IAAI,cAAc,CAAC;YACjB,WAAW,EAAE,WAAW;SACzB,CAAC,EACF,EAAE,WAAW,EAAE,CAChB,CAAA;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,kBAAkB,IAAI,EAAE,CAAA;QAC7C,MAAM,mBAAmB,GAAG,IAAI,CAAC,mBAAmB,CAAA;QACpD,MAAM,WAAW,GAAG,MAAA,MAAA,IAAI,CAAC,cAAc,0CAAE,IAAI,CAC3C,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,KAAK,cAAc,CACjD,0CAAE,KAAK,CAAA;QACR,MAAM,qBAAqB,GACzB,CAAA,MAAA,MAAA,IAAI,CAAC,cAAc,0CAAE,IAAI,CACvB,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,KAAK,uBAAuB,CAC1D,0CAAE,KAAK,MAAK,MAAM,CAAA;QAErB,OAAO;YACL,aAAa,EAAE;gBACb,OAAO,EAAE,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAC;gBAC/C,SAAS,EAAE,mBAAmB,KAAK,oBAAoB;aACxD;YACD,GAAG,EAAE;gBACH,OAAO,EAAE,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC;gBACpC,SAAS,EAAE,mBAAmB,KAAK,SAAS;gBAC5C,WAAW;gBACX,qBAAqB;aACtB;SACF,CAAA;IACH,CAAC;IAED,KAAK,CAAC,iBAAiB,CACrB,cAAoD;QAEpD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAE/C,OAAO;YACL,WAAW;YACX,uBAAuB,EAAE,4BAA4B,CACnD,cAAc,EACd,WAAW,CACZ;SACF,CAAA;IACH,CAAC;IAED,KAAK,CAAC,qBAAqB,CACzB,WAAmB;QAEnB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,EAAE,qBAAqB,EAAE,KAAK,EAAE,CAAA;QACzC,CAAC;QAED,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,2BAA2B,CAAC;YAC9B,WAAW,EAAE,WAAW;YACxB,cAAc,EAAE;gBACd;oBACE,IAAI,EAAE,cAAc;oBACpB,KAAK,EAAE,WAAW;iBACnB;aACF;SACF,CAAC,CACH,CAAA;QAED,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,OAAO,EAAE,qBAAqB,EAAE,WAAW,CAAC,GAAG,CAAC,qBAAqB,EAAE,CAAA;IACzE,CAAC;IAED,KAAK,CAAC,qBAAqB;QACzB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAM;QACR,CAAC;QAED,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,2BAA2B,CAAC;YAC9B,WAAW,EAAE,WAAW;YACxB,kBAAkB,EAAE,CAAC,cAAc,CAAC;SACrC,CAAC,CACH,CAAA;IACH,CAAC;IAED,KAAK,CAAC,+BAA+B;QACnC,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAM;QACR,CAAC;QAED,OAAO,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAClD,IAAI,uCAAuC,CAAC;YAC1C,WAAW,EAAE,WAAW;YACxB,aAAa,EAAE,cAAc;SAC9B,CAAC,CACH,CAAA;IACH,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,IAAY;QACtC,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAM;QACR,CAAC;QAED,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,0BAA0B,CAAC;YAC7B,WAAW,EAAE,WAAW;YACxB,aAAa,EAAE,cAAc;YAC7B,IAAI,EAAE,IAAI;SACX,CAAC,CACH,CAAA;IACH,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,MAAiB;QAC3C,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAM;QACR,CAAC;QAED,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAEnD,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,2BAA2B,CAAC;YAC9B,WAAW,EAAE,WAAW;YACxB,GAAG,CAAC,eAAe,CAAC,aAAa,CAAC,OAAO;gBACvC,CAAC,CAAC;oBACE,wBAAwB,EAAE;wBACxB,OAAO,EAAE,IAAI;wBACb,YAAY,EAAE,MAAM,KAAK,eAAe;qBACzC;iBACF;gBACH,CAAC,CAAC,EAAE,CAAC;YACP,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO;gBAC7B,CAAC,CAAC;oBACE,cAAc,EAAE;wBACd,OAAO,EAAE,IAAI;wBACb,YAAY,EAAE,MAAM,KAAK,KAAK;qBAC/B;iBACF;gBACH,CAAC,CAAC,EAAE,CAAC;SACR,CAAC,CACH,CAAA;IACH,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,MAAiB;QACtC,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAM;QACR,CAAC;QAED,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QACnD,MAAM,YAAY,GAChB,MAAM,KAAK,eAAe;YACxB,CAAC,CAAC,eAAe,CAAC,aAAa,CAAC,SAAS;YACzC,CAAC,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,CAAA;QACnC,MAAM,WAAW,GACf,MAAM,KAAK,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,eAAe,CAAA;QACtD,MAAM,aAAa,GACjB,MAAM,KAAK,eAAe;YACxB,CAAC,CAAC,eAAe,CAAC,GAAG;YACrB,CAAC,CAAC,eAAe,CAAC,aAAa,CAAA;QAEnC,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,2BAA2B,CAAC;YAC9B,WAAW,EAAE,WAAW;YACxB,GAAG,CAAC,MAAM,KAAK,eAAe;gBAC5B,CAAC,CAAC;oBACE,wBAAwB,EAAE;wBACxB,OAAO,EAAE,KAAK;wBACd,YAAY,EAAE,KAAK;qBACpB;iBACF;gBACH,CAAC,CAAC;oBACE,cAAc,EAAE;wBACd,OAAO,EAAE,KAAK;wBACd,YAAY,EAAE,KAAK;qBACpB;iBACF,CAAC;YACN,GAAG,CAAC,YAAY,IAAI,aAAa,CAAC,OAAO;gBACvC,CAAC,CAAC,WAAW,KAAK,eAAe;oBAC/B,CAAC,CAAC;wBACE,wBAAwB,EAAE;4BACxB,OAAO,EAAE,IAAI;4BACb,YAAY,EAAE,IAAI;yBACnB;qBACF;oBACH,CAAC,CAAC;wBACE,cAAc,EAAE;4BACd,OAAO,EAAE,IAAI;4BACb,YAAY,EAAE,IAAI;yBACnB;qBACF;gBACL,CAAC,CAAC,EAAE,CAAC;SACR,CAAC,CACH,CAAA;IACH,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,EAAE,SAAS,KAA8B,EAAE;QAC3D,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAM;QACR,CAAC;QAED,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QACnD,MAAM,kBAAkB,GACtB,CAAC,eAAe,CAAC,aAAa,CAAC,OAAO;YACpC,eAAe,CAAC,aAAa,CAAC,SAAS,CAAC;YAC1C,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,IAAI,eAAe,CAAC,GAAG,CAAC,SAAS,CAAC,CAAA;QAChE,MAAM,iBAAiB,GACrB,SAAS,aAAT,SAAS,cAAT,SAAS,GAAI,CAAC,CAAC,kBAAkB,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QAEpE,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,2BAA2B,CAAC;YAC9B,WAAW,EAAE,WAAW;YACxB,cAAc,EAAE;gBACd,OAAO,EAAE,IAAI;gBACb,YAAY,EAAE,iBAAiB;aAChC;YACD,GAAG,CAAC,iBAAiB,IAAI,eAAe,CAAC,aAAa,CAAC,OAAO;gBAC5D,CAAC,CAAC;oBACE,wBAAwB,EAAE;wBACxB,OAAO,EAAE,IAAI;wBACb,YAAY,EAAE,KAAK;qBACpB;iBACF;gBACH,CAAC,CAAC,EAAE,CAAC;SACR,CAAC,CACH,CAAA;IACH,CAAC;IAED,KAAK,CAAC,wBAAwB,CAAC,EAAE,SAAS,KAA8B,EAAE;QACxE,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAM;QACR,CAAC;QAED,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAClE,IAAI,6BAA6B,CAAC;YAChC,WAAW,EAAE,WAAW;SACzB,CAAC,CACH,CAAA;QAED,OAAO;YACL,UAAU,EAAE,UAAU;YACtB,eAAe,EAAE,KAAK,EAAE,IAAY,EAAE,EAAE;gBACtC,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,0BAA0B,CAAC;oBAC7B,WAAW,EAAE,WAAW;oBACxB,QAAQ,EAAE,IAAI;iBACf,CAAC,CACH,CAAA;gBAED,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;gBACnD,MAAM,kBAAkB,GACtB,CAAC,eAAe,CAAC,aAAa,CAAC,OAAO;oBACpC,eAAe,CAAC,aAAa,CAAC,SAAS,CAAC;oBAC1C,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,IAAI,eAAe,CAAC,GAAG,CAAC,SAAS,CAAC,CAAA;gBAChE,MAAM,iBAAiB,GACrB,SAAS,aAAT,SAAS,cAAT,SAAS,GACT,CAAC,CAAC,kBAAkB,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,OAAO,CAAC,CAAA;gBAEjE,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,2BAA2B,CAAC;oBAC9B,wBAAwB,EAAE;wBACxB,OAAO,EAAE,IAAI;wBACb,YAAY,EAAE,iBAAiB;qBAChC;oBACD,GAAG,CAAC,iBAAiB,IAAI,eAAe,CAAC,GAAG,CAAC,OAAO;wBAClD,CAAC,CAAC;4BACE,cAAc,EAAE;gCACd,OAAO,EAAE,IAAI;gCACb,YAAY,EAAE,KAAK;6BACpB;yBACF;wBACH,CAAC,CAAC,EAAE,CAAC;oBACP,WAAW,EAAE,WAAW;iBACzB,CAAC,CACH,CAAA;YACH,CAAC;SACF,CAAA;IACH,CAAC;CACF;AAED,sEAAsE;AACtE,2BAA2B;AAE3B,qDAAqD;AACrD,SAAS,eAAe,CACtB,GAAW,EACX,MAA+B,EAC/B,OAAiD,EACjD,KAAsE;IAEtE,MAAM,OAAO,GAAG,IAAI,cAAc,EAAE,CAAA;IACpC,OAAO,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,CAAA;IAC/B,OAAO,CAAC,gBAAgB,CACtB,cAAc,EACd,kDAAkD,CACnD,CAAA;IACD,OAAO,CAAC,MAAM,GAAG;QACf,IAAI,IAAI,GAAG,EAAE,CAAA;QACb,IAAI,CAAC;YACH,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;QACrC,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAA;YAC1B,aAAa;QACf,CAAC;QAED,IAAI,OAAO,CAAC,MAAM,IAAI,GAAG,EAAE,CAAC;YAC1B,OAAO,CAAC,IAAI,CAAC,CAAA;QACf,CAAC;aAAM,CAAC;YACN,KAAK,CAAC,IAAI,CAAC,CAAA;QACb,CAAC;IACH,CAAC,CAAA;IACD,OAAO,CAAC,OAAO,GAAG;QAChB,KAAK,CAAC,EAAE,CAAC,CAAA;IACX,CAAC,CAAA;IACD,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC;SAC7B,MAAM,CAAC,CAAC,IAAc,EAAE,GAAG,EAAE,EAAE;QAC9B,IAAI,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YAChB,IAAI,CAAC,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;QACpC,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC,EAAE,EAAE,CAAC;SACL,IAAI,CAAC,GAAG,CAAC,CAAA;IACZ,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AACpB,CAAC;AAED,sEAAsE;AACtE,wBAAwB;AAExB,qEAAqE;AACrE,SAAS,oBAAoB;IAC3B,MAAM,KAAK,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAA;IACjC,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAA;IACpC,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CACzE,EAAE,CACH,CAAA;AACH,CAAC;AAED,+CAA+C;AAC/C,oDAAoD;AACpD,SAAS,MAAM,CAAC,KAAa;IAC3B,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAA;IACjC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IAClC,OAAO,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAA;AACrD,CAAC;AAED,qCAAqC;AACrC,SAAS,eAAe,CAAC,GAAgB;IACvC,sFAAsF;IACtF,sEAAsE;IACtE,uDAAuD;IACvD,0DAA0D;IAC1D,mBAAmB;IACnB,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;SAC9D,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;AACvB,CAAC;AAED,kEAAkE;AAClE,KAAK,UAAU,yBAAyB,CAAC,CAAS;IAChD,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,CAAC,CAAC,CAAA;IAC9B,OAAO,eAAe,CAAC,MAAM,CAAC,CAAA;AAChC,CAAC","sourcesContent":["import {\n AssociateSoftwareTokenCommand,\n AuthenticationResultType,\n ChangePasswordCommand,\n CognitoIdentityProviderClient,\n ConfirmForgotPasswordCommand,\n DeleteUserAttributesCommand,\n GetUserAttributeVerificationCodeCommand,\n GetUserCommand,\n GlobalSignOutCommand,\n InitiateAuthCommand,\n InitiateAuthResponse,\n RespondToAuthChallengeCommand,\n SetUserMFAPreferenceCommand,\n UpdateUserAttributesCommand,\n VerifySoftwareTokenCommand,\n VerifyUserAttributeCommand,\n} from '@aws-sdk/client-cognito-identity-provider'\nimport Sentry from '../Sentry'\nimport { OneBlinkAppsError } from '..'\nimport { MiscTypes } from '@oneblink/types'\n\nexport type MfaMethod = 'authenticator' | 'sms'\n\nexport type MfaSettings = {\n authenticator: {\n enabled: boolean\n preferred: boolean\n }\n sms: {\n enabled: boolean\n preferred: boolean\n phoneNumber: string | undefined\n isPhoneNumberVerified: boolean\n }\n}\n\nexport const DEFAULT_MFA_SETTINGS: MfaSettings = {\n authenticator: { enabled: false, preferred: false },\n sms: {\n enabled: false,\n preferred: false,\n phoneNumber: undefined,\n isPhoneNumberVerified: false,\n },\n}\n\nexport type MfaRequirementCheckResult = {\n mfaSettings: MfaSettings\n userMeetsMfaRequirement: boolean\n}\n\nconst MFA_REQUIREMENT_METHOD_CHECKS = {\n sms: (mfaSettings: MfaSettings) => mfaSettings.sms.enabled,\n authenticatorApp: (mfaSettings: MfaSettings) =>\n mfaSettings.authenticator.enabled,\n} satisfies Record<\n keyof MiscTypes.MfaRequirement,\n (mfaSettings: MfaSettings) => boolean\n>\n\nfunction checkUserMeetsMfaRequirement(\n mfaRequirement: MiscTypes.MfaRequirement | undefined,\n mfaSettings: MfaSettings,\n): boolean {\n if (!mfaRequirement) {\n return true\n }\n\n const requiredMethods = (\n Object.keys(MFA_REQUIREMENT_METHOD_CHECKS) as Array<\n keyof MiscTypes.MfaRequirement\n >\n ).filter((method) => mfaRequirement[method])\n\n if (requiredMethods.length === 0) {\n return true\n }\n\n return requiredMethods.some((method) =>\n MFA_REQUIREMENT_METHOD_CHECKS[method](mfaSettings),\n )\n}\n\nexport type LoginAttemptResponse = {\n resetPasswordCallback?: (newPassword: string) => Promise<LoginAttemptResponse>\n mfa?: {\n codeCallback: (code: string) => Promise<LoginAttemptResponse>\n method: MfaMethod\n }\n}\n\nexport default class AWSCognitoClient {\n clientId: string\n cognitoIdentityProviderClient: CognitoIdentityProviderClient\n loginDomain: string | void\n redirectUri: string | void\n logoutUri: string | void\n listeners: Array<() => unknown>\n\n constructor({\n clientId,\n region,\n loginDomain,\n redirectUri,\n logoutUri,\n }: {\n clientId: string\n region: string\n redirectUri?: string\n logoutUri?: string\n loginDomain?: string\n }) {\n if (!clientId) {\n throw new TypeError('\"clientId\" is required in constructor')\n }\n if (!region) {\n throw new TypeError('\"region\" is required in constructor')\n }\n\n this.listeners = []\n this.redirectUri = redirectUri\n this.logoutUri = logoutUri\n this.loginDomain = loginDomain\n this.clientId = clientId\n this.cognitoIdentityProviderClient = new CognitoIdentityProviderClient({\n region,\n })\n }\n\n // Local Storage Keys\n get EXPIRES_AT() {\n return `COGNITO_${this.clientId}_EXPIRES_AT`\n }\n get ACCESS_TOKEN() {\n return `COGNITO_${this.clientId}_ACCESS_TOKEN`\n }\n get ID_TOKEN() {\n return `COGNITO_${this.clientId}_ID_TOKEN`\n }\n get REFRESH_TOKEN() {\n return `COGNITO_${this.clientId}_REFRESH_TOKEN`\n }\n get STATE() {\n return `COGNITO_${this.clientId}_STATE`\n }\n get PKCE_CODE_VERIFIER() {\n return `COGNITO_${this.clientId}_PKCE_CODE_VERIFIER`\n }\n\n _executeListeners() {\n for (const listener of this.listeners) {\n try {\n listener()\n } catch (error) {\n Sentry.captureException(error)\n // Ignore error from listeners\n console.warn('AWSCognitoClient listener error', error)\n }\n }\n }\n\n _storeAuthenticationResult(authenticationResult: AuthenticationResultType) {\n // Take off 5 seconds to ensure a request does not become unauthenticated mid request\n const expiresAt =\n (authenticationResult.ExpiresIn as number) * 1000 + Date.now() - 5000\n localStorage.setItem(this.EXPIRES_AT, expiresAt.toString())\n localStorage.setItem(\n this.ACCESS_TOKEN,\n authenticationResult.AccessToken as string,\n )\n localStorage.setItem(this.ID_TOKEN, authenticationResult.IdToken as string)\n if (authenticationResult.RefreshToken) {\n localStorage.setItem(\n this.REFRESH_TOKEN,\n authenticationResult.RefreshToken,\n )\n }\n\n this._executeListeners()\n }\n\n _removeAuthenticationResult() {\n localStorage.removeItem(this.EXPIRES_AT)\n localStorage.removeItem(this.ACCESS_TOKEN)\n localStorage.removeItem(this.ID_TOKEN)\n localStorage.removeItem(this.REFRESH_TOKEN)\n\n this._executeListeners()\n }\n\n _getAccessToken(): string | undefined {\n return localStorage.getItem(this.ACCESS_TOKEN) || undefined\n }\n\n _getIdToken(): string | undefined {\n return localStorage.getItem(this.ID_TOKEN) || undefined\n }\n\n _getRefreshToken(): string | undefined {\n return localStorage.getItem(this.REFRESH_TOKEN) || undefined\n }\n\n _isSessionValid(): boolean {\n const expiresAt = localStorage.getItem(this.EXPIRES_AT)\n if (!expiresAt) {\n return false\n }\n return parseInt(expiresAt, 10) > Date.now()\n }\n\n async _refreshSession(): Promise<void> {\n if (this._isSessionValid()) {\n return\n }\n\n const refreshToken = this._getRefreshToken()\n if (!refreshToken) {\n return\n }\n\n try {\n const result = await this.cognitoIdentityProviderClient.send(\n new InitiateAuthCommand({\n AuthFlow: 'REFRESH_TOKEN_AUTH',\n ClientId: this.clientId,\n AuthParameters: {\n REFRESH_TOKEN: refreshToken,\n },\n }),\n )\n if (result.AuthenticationResult) {\n this._storeAuthenticationResult(result.AuthenticationResult)\n }\n } catch (error) {\n console.warn('Error while attempting to refresh session', error)\n this._removeAuthenticationResult()\n throw new OneBlinkAppsError(\n 'Your session has expired. Please login again to continue to use the application.',\n {\n requiresLogin: true,\n originalError: error as Error,\n },\n )\n }\n }\n\n registerListener(listener: () => unknown): () => void {\n this.listeners.push(listener)\n\n return () => {\n const index = this.listeners.indexOf(listener)\n if (index !== -1) {\n this.listeners.splice(index, 1)\n }\n }\n }\n\n async responseToAuthChallenge(\n username: string,\n initiateAuthResponse: InitiateAuthResponse,\n ): Promise<LoginAttemptResponse> {\n if (initiateAuthResponse.AuthenticationResult) {\n this._storeAuthenticationResult(initiateAuthResponse.AuthenticationResult)\n return {}\n }\n\n const ChallengeName = initiateAuthResponse.ChallengeName\n switch (ChallengeName) {\n case 'NEW_PASSWORD_REQUIRED': {\n return {\n resetPasswordCallback: async (newPassword) => {\n const resetPasswordResult =\n await this.cognitoIdentityProviderClient.send(\n new RespondToAuthChallengeCommand({\n ChallengeName,\n ClientId: this.clientId,\n Session: initiateAuthResponse.Session,\n ChallengeResponses: {\n USERNAME: username,\n NEW_PASSWORD: newPassword,\n },\n }),\n )\n return await this.responseToAuthChallenge(\n username,\n resetPasswordResult,\n )\n },\n }\n }\n case 'SOFTWARE_TOKEN_MFA': {\n return {\n mfa: {\n method: 'authenticator',\n codeCallback: async (code) => {\n const resetPasswordResult =\n await this.cognitoIdentityProviderClient.send(\n new RespondToAuthChallengeCommand({\n ChallengeName,\n ClientId: this.clientId,\n Session: initiateAuthResponse.Session,\n ChallengeResponses: {\n USERNAME: username,\n SOFTWARE_TOKEN_MFA_CODE: code,\n },\n }),\n )\n return await this.responseToAuthChallenge(\n username,\n resetPasswordResult,\n )\n },\n },\n }\n }\n case 'EMAIL_OTP': {\n throw new Error('Email OTP is not supported')\n }\n case 'SMS_MFA': {\n return {\n mfa: {\n method: 'sms',\n codeCallback: async (code) => {\n const smsChallengeResult =\n await this.cognitoIdentityProviderClient.send(\n new RespondToAuthChallengeCommand({\n ChallengeName,\n ClientId: this.clientId,\n Session: initiateAuthResponse.Session,\n ChallengeResponses: {\n USERNAME: username,\n SMS_MFA_CODE: code,\n },\n }),\n )\n return await this.responseToAuthChallenge(\n username,\n smsChallengeResult,\n )\n },\n },\n }\n }\n }\n\n console.warn(\n '\"CognitoIdentityServiceProvider.InitiateAuthResponse\" challenge has not been catered.',\n initiateAuthResponse,\n )\n throw new Error(\n 'An unexpected error occurred while attempting to process your login. Please try again or contact support if the problem persists.',\n )\n }\n\n async loginUsernamePassword(\n username: string,\n password: string,\n ): Promise<LoginAttemptResponse> {\n const loginResult = await this.cognitoIdentityProviderClient.send(\n new InitiateAuthCommand({\n AuthFlow: 'USER_PASSWORD_AUTH',\n ClientId: this.clientId,\n AuthParameters: {\n USERNAME: username,\n PASSWORD: password,\n },\n }),\n )\n\n return await this.responseToAuthChallenge(username, loginResult)\n }\n\n async loginHostedUI(identityProviderName?: string): Promise<void> {\n const loginDomain = this.loginDomain\n const redirectUri = this.redirectUri\n if (!loginDomain || !redirectUri) {\n throw new TypeError(\n '\"loginDomain\" or \"redirectUri\" was not passed to constructor. Both are required before attempting to login.',\n )\n }\n\n // Create and store a random \"state\" value\n const state = generateRandomString()\n localStorage.setItem(this.STATE, state)\n\n // Create and store a new PKCE code_verifier (the plaintext random secret)\n const codeVerifier = generateRandomString()\n localStorage.setItem(this.PKCE_CODE_VERIFIER, codeVerifier)\n\n // Hash and base64-urlencode the secret to use as the challenge\n const code_challenge = await pkceChallengeFromVerifier(codeVerifier)\n\n window.location.href =\n `https://${loginDomain}/oauth2/authorize` +\n '?response_type=code' +\n '&client_id=' +\n encodeURIComponent(this.clientId) +\n '&state=' +\n encodeURIComponent(state) +\n '&scope=' +\n encodeURIComponent('openid email profile aws.cognito.signin.user.admin') +\n '&redirect_uri=' +\n encodeURIComponent(redirectUri) +\n '&code_challenge=' +\n encodeURIComponent(code_challenge) +\n '&code_challenge_method=S256' +\n (identityProviderName\n ? '&identity_provider=' + encodeURIComponent(identityProviderName)\n : '')\n }\n\n async handleAuthentication(): Promise<void> {\n const loginDomain = this.loginDomain\n const redirectUri = this.redirectUri\n if (!loginDomain || !redirectUri) {\n throw new TypeError(\n '\"loginDomain\" or \"redirectUri\" was not passed to constructor. Both are required before attempting to handle a login.',\n )\n }\n\n const query = new URLSearchParams(window.location.search)\n const queryError = query.get('error')\n const queryErrorDescription = query.get('error_description')\n\n // Check if the server returned an error string\n if (typeof queryError === 'string') {\n throw new Error(\n `${queryError} - ${\n typeof queryErrorDescription === 'string'\n ? queryErrorDescription\n : 'An unknown error has occurred.'\n }`,\n )\n }\n\n const code = query.get('code')\n if (typeof code !== 'string') {\n throw new Error('\"code\" was not including in query string to parse')\n }\n\n if (localStorage.getItem(this.STATE) !== query.get('state')) {\n throw new Error('Invalid login')\n }\n\n const code_verifier = localStorage.getItem(this.PKCE_CODE_VERIFIER)\n\n // Clean these up since we don't need them anymore\n localStorage.removeItem(this.STATE)\n localStorage.removeItem(this.PKCE_CODE_VERIFIER)\n\n // Exchange the authorization code for an access token\n const result: Record<string, unknown> = await new Promise(\n (resolve, reject) => {\n sendPostRequest(\n `https://${loginDomain}/oauth2/token`,\n {\n grant_type: 'authorization_code',\n code,\n client_id: this.clientId,\n redirect_uri: redirectUri,\n code_verifier,\n },\n resolve,\n (error) => {\n reject(\n new Error(\n error.error_description ||\n error.message ||\n 'An unknown error has occurred while processing authentication code',\n ),\n )\n },\n )\n },\n )\n\n this._storeAuthenticationResult({\n AccessToken: result.access_token as string,\n ExpiresIn: result.expires_in as number,\n IdToken: result.id_token as string,\n TokenType: result.token_type as string,\n RefreshToken: result.refresh_token as string,\n })\n }\n\n async changePassword(\n existingPassword: string,\n newPassword: string,\n ): Promise<void> {\n const accessToken = await this.getAccessToken()\n await this.cognitoIdentityProviderClient.send(\n new ChangePasswordCommand({\n AccessToken: accessToken || '',\n PreviousPassword: existingPassword,\n ProposedPassword: newPassword,\n }),\n )\n }\n async confirmForgotPassword({\n username,\n code,\n password,\n }: {\n username: string\n code: string\n password: string\n }) {\n await this.cognitoIdentityProviderClient.send(\n new ConfirmForgotPasswordCommand({\n ClientId: this.clientId,\n ConfirmationCode: code,\n Password: password,\n Username: username,\n }),\n )\n }\n\n logoutHostedUI(): void {\n const loginDomain = this.loginDomain\n const logoutUri = this.logoutUri\n if (!loginDomain || !logoutUri) {\n throw new TypeError(\n '\"loginDomain\" or \"logoutUri\" was not passed to constructor. Both are required before attempting to logout.',\n )\n }\n\n window.location.href =\n `https://${loginDomain}/logout` +\n '?client_id=' +\n encodeURIComponent(this.clientId) +\n '&logout_uri=' +\n encodeURIComponent(logoutUri)\n }\n\n async logout(): Promise<void> {\n try {\n const refreshToken = this._getRefreshToken()\n // Refresh session to allow access token to perform sign out\n if (refreshToken) {\n await this._refreshSession()\n }\n\n const accessToken = this._getAccessToken()\n if (accessToken) {\n await this.cognitoIdentityProviderClient.send(\n new GlobalSignOutCommand({\n AccessToken: accessToken,\n }),\n )\n }\n } catch (error) {\n if (!(error as OneBlinkAppsError).requiresLogin) {\n throw error\n }\n } finally {\n this._removeAuthenticationResult()\n }\n }\n\n async getIdToken(): Promise<string | undefined> {\n await this._refreshSession()\n\n return this._getIdToken()\n }\n\n async getAccessToken(): Promise<string | undefined> {\n await this._refreshSession()\n\n return this._getAccessToken()\n }\n\n async getMfaSettings(abortSignal?: AbortSignal): Promise<MfaSettings> {\n const accessToken = await this.getAccessToken()\n if (!accessToken) {\n return DEFAULT_MFA_SETTINGS\n }\n\n const user = await this.cognitoIdentityProviderClient.send(\n new GetUserCommand({\n AccessToken: accessToken,\n }),\n { abortSignal },\n )\n\n const mfaList = user.UserMFASettingList || []\n const preferredMfaSetting = user.PreferredMfaSetting\n const phoneNumber = user.UserAttributes?.find(\n (attribute) => attribute.Name === 'phone_number',\n )?.Value\n const isPhoneNumberVerified =\n user.UserAttributes?.find(\n (attribute) => attribute.Name === 'phone_number_verified',\n )?.Value === 'true'\n\n return {\n authenticator: {\n enabled: mfaList.includes('SOFTWARE_TOKEN_MFA'),\n preferred: preferredMfaSetting === 'SOFTWARE_TOKEN_MFA',\n },\n sms: {\n enabled: mfaList.includes('SMS_MFA'),\n preferred: preferredMfaSetting === 'SMS_MFA',\n phoneNumber,\n isPhoneNumberVerified,\n },\n }\n }\n\n async checkIsMfaEnabled(\n mfaRequirement: MiscTypes.MfaRequirement | undefined,\n ): Promise<MfaRequirementCheckResult> {\n const mfaSettings = await this.getMfaSettings()\n\n return {\n mfaSettings,\n userMeetsMfaRequirement: checkUserMeetsMfaRequirement(\n mfaRequirement,\n mfaSettings,\n ),\n }\n }\n\n async updateUserPhoneNumber(\n phoneNumber: string,\n ): Promise<{ isPhoneNumberVerified: boolean }> {\n const accessToken = await this.getAccessToken()\n if (!accessToken) {\n return { isPhoneNumberVerified: false }\n }\n\n await this.cognitoIdentityProviderClient.send(\n new UpdateUserAttributesCommand({\n AccessToken: accessToken,\n UserAttributes: [\n {\n Name: 'phone_number',\n Value: phoneNumber,\n },\n ],\n }),\n )\n\n const mfaSettings = await this.getMfaSettings()\n return { isPhoneNumberVerified: mfaSettings.sms.isPhoneNumberVerified }\n }\n\n async removeUserPhoneNumber() {\n const accessToken = await this.getAccessToken()\n if (!accessToken) {\n return\n }\n\n await this.cognitoIdentityProviderClient.send(\n new DeleteUserAttributesCommand({\n AccessToken: accessToken,\n UserAttributeNames: ['phone_number'],\n }),\n )\n }\n\n async sendPhoneNumberVerificationCode() {\n const accessToken = await this.getAccessToken()\n if (!accessToken) {\n return\n }\n\n return await this.cognitoIdentityProviderClient.send(\n new GetUserAttributeVerificationCodeCommand({\n AccessToken: accessToken,\n AttributeName: 'phone_number',\n }),\n )\n }\n\n async verifyUserPhoneNumber(code: string) {\n const accessToken = await this.getAccessToken()\n if (!accessToken) {\n return\n }\n\n await this.cognitoIdentityProviderClient.send(\n new VerifyUserAttributeCommand({\n AccessToken: accessToken,\n AttributeName: 'phone_number',\n Code: code,\n }),\n )\n }\n\n async setPreferredMfaMethod(method: MfaMethod) {\n const accessToken = await this.getAccessToken()\n if (!accessToken) {\n return\n }\n\n const currentSettings = await this.getMfaSettings()\n\n await this.cognitoIdentityProviderClient.send(\n new SetUserMFAPreferenceCommand({\n AccessToken: accessToken,\n ...(currentSettings.authenticator.enabled\n ? {\n SoftwareTokenMfaSettings: {\n Enabled: true,\n PreferredMfa: method === 'authenticator',\n },\n }\n : {}),\n ...(currentSettings.sms.enabled\n ? {\n SMSMfaSettings: {\n Enabled: true,\n PreferredMfa: method === 'sms',\n },\n }\n : {}),\n }),\n )\n }\n\n async disableMfaMethod(method: MfaMethod) {\n const accessToken = await this.getAccessToken()\n if (!accessToken) {\n return\n }\n\n const currentSettings = await this.getMfaSettings()\n const wasPreferred =\n method === 'authenticator'\n ? currentSettings.authenticator.preferred\n : currentSettings.sms.preferred\n const otherMethod: MfaMethod =\n method === 'authenticator' ? 'sms' : 'authenticator'\n const otherSettings =\n method === 'authenticator'\n ? currentSettings.sms\n : currentSettings.authenticator\n\n await this.cognitoIdentityProviderClient.send(\n new SetUserMFAPreferenceCommand({\n AccessToken: accessToken,\n ...(method === 'authenticator'\n ? {\n SoftwareTokenMfaSettings: {\n Enabled: false,\n PreferredMfa: false,\n },\n }\n : {\n SMSMfaSettings: {\n Enabled: false,\n PreferredMfa: false,\n },\n }),\n ...(wasPreferred && otherSettings.enabled\n ? otherMethod === 'authenticator'\n ? {\n SoftwareTokenMfaSettings: {\n Enabled: true,\n PreferredMfa: true,\n },\n }\n : {\n SMSMfaSettings: {\n Enabled: true,\n PreferredMfa: true,\n },\n }\n : {}),\n }),\n )\n }\n\n async setupSmsMfa({ preferred }: { preferred?: boolean } = {}) {\n const accessToken = await this.getAccessToken()\n if (!accessToken) {\n return\n }\n\n const currentSettings = await this.getMfaSettings()\n const hasPreferredMethod =\n (currentSettings.authenticator.enabled &&\n currentSettings.authenticator.preferred) ||\n (currentSettings.sms.enabled && currentSettings.sms.preferred)\n const shouldBePreferred =\n preferred ?? (!hasPreferredMethod && !currentSettings.sms.enabled)\n\n await this.cognitoIdentityProviderClient.send(\n new SetUserMFAPreferenceCommand({\n AccessToken: accessToken,\n SMSMfaSettings: {\n Enabled: true,\n PreferredMfa: shouldBePreferred,\n },\n ...(shouldBePreferred && currentSettings.authenticator.enabled\n ? {\n SoftwareTokenMfaSettings: {\n Enabled: true,\n PreferredMfa: false,\n },\n }\n : {}),\n }),\n )\n }\n\n async setupMfaAuthenticatorApp({ preferred }: { preferred?: boolean } = {}) {\n const accessToken = await this.getAccessToken()\n if (!accessToken) {\n return\n }\n\n const { SecretCode } = await this.cognitoIdentityProviderClient.send(\n new AssociateSoftwareTokenCommand({\n AccessToken: accessToken,\n }),\n )\n\n return {\n secretCode: SecretCode,\n mfaCodeCallback: async (code: string) => {\n await this.cognitoIdentityProviderClient.send(\n new VerifySoftwareTokenCommand({\n AccessToken: accessToken,\n UserCode: code,\n }),\n )\n\n const currentSettings = await this.getMfaSettings()\n const hasPreferredMethod =\n (currentSettings.authenticator.enabled &&\n currentSettings.authenticator.preferred) ||\n (currentSettings.sms.enabled && currentSettings.sms.preferred)\n const shouldBePreferred =\n preferred ??\n (!hasPreferredMethod && !currentSettings.authenticator.enabled)\n\n await this.cognitoIdentityProviderClient.send(\n new SetUserMFAPreferenceCommand({\n SoftwareTokenMfaSettings: {\n Enabled: true,\n PreferredMfa: shouldBePreferred,\n },\n ...(shouldBePreferred && currentSettings.sms.enabled\n ? {\n SMSMfaSettings: {\n Enabled: true,\n PreferredMfa: false,\n },\n }\n : {}),\n AccessToken: accessToken,\n }),\n )\n },\n }\n }\n}\n\n//////////////////////////////////////////////////////////////////////\n// GENERAL HELPER FUNCTIONS\n\n// Make a POST request and parse the response as JSON\nfunction sendPostRequest(\n url: string,\n params: Record<string, unknown>,\n success: (value: Record<string, unknown>) => void,\n error: (err: { message?: string; error_description?: string }) => void,\n) {\n const request = new XMLHttpRequest()\n request.open('POST', url, true)\n request.setRequestHeader(\n 'Content-Type',\n 'application/x-www-form-urlencoded; charset=UTF-8',\n )\n request.onload = function () {\n let body = {}\n try {\n body = JSON.parse(request.response)\n } catch (e) {\n Sentry.captureException(e)\n // Do nothing\n }\n\n if (request.status == 200) {\n success(body)\n } else {\n error(body)\n }\n }\n request.onerror = function () {\n error({})\n }\n const body = Object.keys(params)\n .reduce((keys: string[], key) => {\n if (params[key]) {\n keys.push(key + '=' + params[key])\n }\n return keys\n }, [])\n .join('&')\n request.send(body)\n}\n\n//////////////////////////////////////////////////////////////////////\n// PKCE HELPER FUNCTIONS\n\n// Generate a secure random string using the browser crypto functions\nfunction generateRandomString() {\n const array = new Uint32Array(28)\n window.crypto.getRandomValues(array)\n return Array.from(array, (dec) => ('0' + dec.toString(16)).substr(-2)).join(\n '',\n )\n}\n\n// Calculate the SHA256 hash of the input text.\n// Returns a promise that resolves to an ArrayBuffer\nfunction sha256(plain: string) {\n const encoder = new TextEncoder()\n const data = encoder.encode(plain)\n return window.crypto.subtle.digest('SHA-256', data)\n}\n\n// Base64-urlencodes the input string\nfunction base64urlencode(str: ArrayBuffer) {\n // Convert the ArrayBuffer to string using Uint8 array to conver to what btoa accepts.\n // btoa accepts chars only within ascii 0-255 and base64 encodes them.\n // Then convert the base64 encoded to base64url encoded\n // (replace + with -, replace / with _, trim trailing =)\n // @ts-expect-error\n return btoa(String.fromCharCode.apply(null, new Uint8Array(str)))\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=+$/, '')\n}\n\n// Return the base64-urlencoded sha256 hash for the PKCE challenge\nasync function pkceChallengeFromVerifier(v: string) {\n const hashed = await sha256(v)\n return base64urlencode(hashed)\n}\n"]}
|
|
1
|
+
{"version":3,"file":"AWSCognitoClient.js","sourceRoot":"","sources":["../../../src/apps/services/AWSCognitoClient.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,6BAA6B,EAE7B,qBAAqB,EACrB,6BAA6B,EAC7B,4BAA4B,EAC5B,2BAA2B,EAC3B,cAAc,EACd,oBAAoB,EACpB,mBAAmB,EAEnB,6BAA6B,EAC7B,2BAA2B,EAC3B,2BAA2B,EAC3B,0BAA0B,EAC1B,0BAA0B,GAC3B,MAAM,2CAA2C,CAAA;AAClD,OAAO,MAAM,MAAM,WAAW,CAAA;AAC9B,OAAO,EAAE,iBAAiB,EAAE,MAAM,IAAI,CAAA;AAiBtC,MAAM,CAAC,MAAM,oBAAoB,GAAgB;IAC/C,aAAa,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE;IACnD,GAAG,EAAE;QACH,OAAO,EAAE,KAAK;QACd,SAAS,EAAE,KAAK;QAChB,WAAW,EAAE,SAAS;QACtB,qBAAqB,EAAE,KAAK;KAC7B;CACF,CAAA;AAED,MAAM,UAAU,wBAAwB,CAAC,EACvC,oBAAoB,EACpB,UAAU,EACV,mBAAmB,GAKpB;IAIC,MAAM,6BAA6B,GACjC,mBAAmB,KAAK,oBAAoB,CAAA;IAC9C,MAAM,mBAAmB,GAAG,mBAAmB,KAAK,SAAS,CAAA;IAE7D,IAAI,6BAA6B,IAAI,oBAAoB,EAAE,CAAC;QAC1D,OAAO,EAAE,sBAAsB,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,EAAE,CAAA;IAC9D,CAAC;IAED,IAAI,mBAAmB,IAAI,UAAU,EAAE,CAAC;QACtC,OAAO,EAAE,sBAAsB,EAAE,KAAK,EAAE,YAAY,EAAE,IAAI,EAAE,CAAA;IAC9D,CAAC;IAED,IAAI,oBAAoB,IAAI,UAAU,EAAE,CAAC;QACvC,OAAO,EAAE,sBAAsB,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,EAAE,CAAA;IAC9D,CAAC;IAED,OAAO;QACL,sBAAsB,EAAE,oBAAoB;QAC5C,YAAY,EAAE,UAAU;KACzB,CAAA;AACH,CAAC;AAUD,MAAM,CAAC,OAAO,OAAO,gBAAgB;IAQnC,YAAY,EACV,QAAQ,EACR,MAAM,EACN,WAAW,EACX,WAAW,EACX,SAAS,GAOV;QACC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,SAAS,CAAC,uCAAuC,CAAC,CAAA;QAC9D,CAAC;QACD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,SAAS,CAAC,qCAAqC,CAAC,CAAA;QAC5D,CAAC;QAED,IAAI,CAAC,SAAS,GAAG,EAAE,CAAA;QACnB,IAAI,CAAC,WAAW,GAAG,WAAW,CAAA;QAC9B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;QAC1B,IAAI,CAAC,WAAW,GAAG,WAAW,CAAA;QAC9B,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAA;QACxB,IAAI,CAAC,6BAA6B,GAAG,IAAI,6BAA6B,CAAC;YACrE,MAAM;SACP,CAAC,CAAA;IACJ,CAAC;IAED,qBAAqB;IACrB,IAAI,UAAU;QACZ,OAAO,WAAW,IAAI,CAAC,QAAQ,aAAa,CAAA;IAC9C,CAAC;IACD,IAAI,YAAY;QACd,OAAO,WAAW,IAAI,CAAC,QAAQ,eAAe,CAAA;IAChD,CAAC;IACD,IAAI,QAAQ;QACV,OAAO,WAAW,IAAI,CAAC,QAAQ,WAAW,CAAA;IAC5C,CAAC;IACD,IAAI,aAAa;QACf,OAAO,WAAW,IAAI,CAAC,QAAQ,gBAAgB,CAAA;IACjD,CAAC;IACD,IAAI,KAAK;QACP,OAAO,WAAW,IAAI,CAAC,QAAQ,QAAQ,CAAA;IACzC,CAAC;IACD,IAAI,kBAAkB;QACpB,OAAO,WAAW,IAAI,CAAC,QAAQ,qBAAqB,CAAA;IACtD,CAAC;IAED,iBAAiB;QACf,KAAK,MAAM,QAAQ,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACtC,IAAI,CAAC;gBACH,QAAQ,EAAE,CAAA;YACZ,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAA;gBAC9B,8BAA8B;gBAC9B,OAAO,CAAC,IAAI,CAAC,iCAAiC,EAAE,KAAK,CAAC,CAAA;YACxD,CAAC;QACH,CAAC;IACH,CAAC;IAED,0BAA0B,CAAC,oBAA8C;QACvE,qFAAqF;QACrF,MAAM,SAAS,GACZ,oBAAoB,CAAC,SAAoB,GAAG,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAA;QACvE,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,EAAE,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAA;QAC3D,YAAY,CAAC,OAAO,CAClB,IAAI,CAAC,YAAY,EACjB,oBAAoB,CAAC,WAAqB,CAC3C,CAAA;QACD,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,EAAE,oBAAoB,CAAC,OAAiB,CAAC,CAAA;QAC3E,IAAI,oBAAoB,CAAC,YAAY,EAAE,CAAC;YACtC,YAAY,CAAC,OAAO,CAClB,IAAI,CAAC,aAAa,EAClB,oBAAoB,CAAC,YAAY,CAClC,CAAA;QACH,CAAC;QAED,IAAI,CAAC,iBAAiB,EAAE,CAAA;IAC1B,CAAC;IAED,2BAA2B;QACzB,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QACxC,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QAC1C,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACtC,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAAA;QAE3C,IAAI,CAAC,iBAAiB,EAAE,CAAA;IAC1B,CAAC;IAED,eAAe;QACb,OAAO,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,SAAS,CAAA;IAC7D,CAAC;IAED,WAAW;QACT,OAAO,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAA;IACzD,CAAC;IAED,gBAAgB;QACd,OAAO,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,SAAS,CAAA;IAC9D,CAAC;IAED,eAAe;QACb,MAAM,SAAS,GAAG,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QACvD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,KAAK,CAAA;QACd,CAAC;QACD,OAAO,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;IAC7C,CAAC;IAED,KAAK,CAAC,eAAe;QACnB,IAAI,IAAI,CAAC,eAAe,EAAE,EAAE,CAAC;YAC3B,OAAM;QACR,CAAC;QAED,MAAM,YAAY,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAA;QAC5C,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAM;QACR,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC1D,IAAI,mBAAmB,CAAC;gBACtB,QAAQ,EAAE,oBAAoB;gBAC9B,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,cAAc,EAAE;oBACd,aAAa,EAAE,YAAY;iBAC5B;aACF,CAAC,CACH,CAAA;YACD,IAAI,MAAM,CAAC,oBAAoB,EAAE,CAAC;gBAChC,IAAI,CAAC,0BAA0B,CAAC,MAAM,CAAC,oBAAoB,CAAC,CAAA;YAC9D,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,2CAA2C,EAAE,KAAK,CAAC,CAAA;YAChE,IAAI,CAAC,2BAA2B,EAAE,CAAA;YAClC,MAAM,IAAI,iBAAiB,CACzB,kFAAkF,EAClF;gBACE,aAAa,EAAE,IAAI;gBACnB,aAAa,EAAE,KAAc;aAC9B,CACF,CAAA;QACH,CAAC;IACH,CAAC;IAED,gBAAgB,CAAC,QAAuB;QACtC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QAE7B,OAAO,GAAG,EAAE;YACV,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;YAC9C,IAAI,KAAK,KAAK,CAAC,CAAC,EAAE,CAAC;gBACjB,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;YACjC,CAAC;QACH,CAAC,CAAA;IACH,CAAC;IAED,KAAK,CAAC,uBAAuB,CAC3B,QAAgB,EAChB,oBAA0C;QAE1C,IAAI,oBAAoB,CAAC,oBAAoB,EAAE,CAAC;YAC9C,IAAI,CAAC,0BAA0B,CAAC,oBAAoB,CAAC,oBAAoB,CAAC,CAAA;YAC1E,OAAO,EAAE,CAAA;QACX,CAAC;QAED,MAAM,aAAa,GAAG,oBAAoB,CAAC,aAAa,CAAA;QACxD,QAAQ,aAAa,EAAE,CAAC;YACtB,KAAK,uBAAuB,CAAC,CAAC,CAAC;gBAC7B,OAAO;oBACL,qBAAqB,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE;wBAC3C,MAAM,mBAAmB,GACvB,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,6BAA6B,CAAC;4BAChC,aAAa;4BACb,QAAQ,EAAE,IAAI,CAAC,QAAQ;4BACvB,OAAO,EAAE,oBAAoB,CAAC,OAAO;4BACrC,kBAAkB,EAAE;gCAClB,QAAQ,EAAE,QAAQ;gCAClB,YAAY,EAAE,WAAW;6BAC1B;yBACF,CAAC,CACH,CAAA;wBACH,OAAO,MAAM,IAAI,CAAC,uBAAuB,CACvC,QAAQ,EACR,mBAAmB,CACpB,CAAA;oBACH,CAAC;iBACF,CAAA;YACH,CAAC;YACD,KAAK,oBAAoB,CAAC,CAAC,CAAC;gBAC1B,OAAO;oBACL,GAAG,EAAE;wBACH,MAAM,EAAE,eAAe;wBACvB,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;4BAC3B,MAAM,mBAAmB,GACvB,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,6BAA6B,CAAC;gCAChC,aAAa;gCACb,QAAQ,EAAE,IAAI,CAAC,QAAQ;gCACvB,OAAO,EAAE,oBAAoB,CAAC,OAAO;gCACrC,kBAAkB,EAAE;oCAClB,QAAQ,EAAE,QAAQ;oCAClB,uBAAuB,EAAE,IAAI;iCAC9B;6BACF,CAAC,CACH,CAAA;4BACH,OAAO,MAAM,IAAI,CAAC,uBAAuB,CACvC,QAAQ,EACR,mBAAmB,CACpB,CAAA;wBACH,CAAC;qBACF;iBACF,CAAA;YACH,CAAC;YACD,KAAK,WAAW,CAAC,CAAC,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAA;YAC/C,CAAC;YACD,KAAK,SAAS,CAAC,CAAC,CAAC;gBACf,OAAO;oBACL,GAAG,EAAE;wBACH,MAAM,EAAE,KAAK;wBACb,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;4BAC3B,MAAM,kBAAkB,GACtB,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,6BAA6B,CAAC;gCAChC,aAAa;gCACb,QAAQ,EAAE,IAAI,CAAC,QAAQ;gCACvB,OAAO,EAAE,oBAAoB,CAAC,OAAO;gCACrC,kBAAkB,EAAE;oCAClB,QAAQ,EAAE,QAAQ;oCAClB,YAAY,EAAE,IAAI;iCACnB;6BACF,CAAC,CACH,CAAA;4BACH,OAAO,MAAM,IAAI,CAAC,uBAAuB,CACvC,QAAQ,EACR,kBAAkB,CACnB,CAAA;wBACH,CAAC;qBACF;iBACF,CAAA;YACH,CAAC;QACH,CAAC;QAED,OAAO,CAAC,IAAI,CACV,uFAAuF,EACvF,oBAAoB,CACrB,CAAA;QACD,MAAM,IAAI,KAAK,CACb,mIAAmI,CACpI,CAAA;IACH,CAAC;IAED,KAAK,CAAC,qBAAqB,CACzB,QAAgB,EAChB,QAAgB;QAEhB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC/D,IAAI,mBAAmB,CAAC;YACtB,QAAQ,EAAE,oBAAoB;YAC9B,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,cAAc,EAAE;gBACd,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,QAAQ;aACnB;SACF,CAAC,CACH,CAAA;QAED,OAAO,MAAM,IAAI,CAAC,uBAAuB,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAA;IAClE,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,oBAA6B;QAC/C,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAA;QACpC,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAA;QACpC,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,EAAE,CAAC;YACjC,MAAM,IAAI,SAAS,CACjB,6GAA6G,CAC9G,CAAA;QACH,CAAC;QAED,0CAA0C;QAC1C,MAAM,KAAK,GAAG,oBAAoB,EAAE,CAAA;QACpC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;QAEvC,0EAA0E;QAC1E,MAAM,YAAY,GAAG,oBAAoB,EAAE,CAAA;QAC3C,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,EAAE,YAAY,CAAC,CAAA;QAE3D,+DAA+D;QAC/D,MAAM,cAAc,GAAG,MAAM,yBAAyB,CAAC,YAAY,CAAC,CAAA;QAEpE,MAAM,CAAC,QAAQ,CAAC,IAAI;YAClB,WAAW,WAAW,mBAAmB;gBACzC,qBAAqB;gBACrB,aAAa;gBACb,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC;gBACjC,SAAS;gBACT,kBAAkB,CAAC,KAAK,CAAC;gBACzB,SAAS;gBACT,kBAAkB,CAAC,oDAAoD,CAAC;gBACxE,gBAAgB;gBAChB,kBAAkB,CAAC,WAAW,CAAC;gBAC/B,kBAAkB;gBAClB,kBAAkB,CAAC,cAAc,CAAC;gBAClC,6BAA6B;gBAC7B,CAAC,oBAAoB;oBACnB,CAAC,CAAC,qBAAqB,GAAG,kBAAkB,CAAC,oBAAoB,CAAC;oBAClE,CAAC,CAAC,EAAE,CAAC,CAAA;IACX,CAAC;IAED,KAAK,CAAC,oBAAoB;QACxB,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAA;QACpC,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAA;QACpC,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,EAAE,CAAC;YACjC,MAAM,IAAI,SAAS,CACjB,sHAAsH,CACvH,CAAA;QACH,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAA;QACzD,MAAM,UAAU,GAAG,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QACrC,MAAM,qBAAqB,GAAG,KAAK,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAA;QAE5D,+CAA+C;QAC/C,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CACb,GAAG,UAAU,MACX,OAAO,qBAAqB,KAAK,QAAQ;gBACvC,CAAC,CAAC,qBAAqB;gBACvB,CAAC,CAAC,gCACN,EAAE,CACH,CAAA;QACH,CAAC;QAED,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;QAC9B,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAA;QACtE,CAAC;QAED,IAAI,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;YAC5D,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAA;QAClC,CAAC;QAED,MAAM,aAAa,GAAG,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAA;QAEnE,kDAAkD;QAClD,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QACnC,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAA;QAEhD,sDAAsD;QACtD,MAAM,MAAM,GAA4B,MAAM,IAAI,OAAO,CACvD,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAClB,eAAe,CACb,WAAW,WAAW,eAAe,EACrC;gBACE,UAAU,EAAE,oBAAoB;gBAChC,IAAI;gBACJ,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,YAAY,EAAE,WAAW;gBACzB,aAAa;aACd,EACD,OAAO,EACP,CAAC,KAAK,EAAE,EAAE;gBACR,MAAM,CACJ,IAAI,KAAK,CACP,KAAK,CAAC,iBAAiB;oBACrB,KAAK,CAAC,OAAO;oBACb,oEAAoE,CACvE,CACF,CAAA;YACH,CAAC,CACF,CAAA;QACH,CAAC,CACF,CAAA;QAED,IAAI,CAAC,0BAA0B,CAAC;YAC9B,WAAW,EAAE,MAAM,CAAC,YAAsB;YAC1C,SAAS,EAAE,MAAM,CAAC,UAAoB;YACtC,OAAO,EAAE,MAAM,CAAC,QAAkB;YAClC,SAAS,EAAE,MAAM,CAAC,UAAoB;YACtC,YAAY,EAAE,MAAM,CAAC,aAAuB;SAC7C,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,cAAc,CAClB,gBAAwB,EACxB,WAAmB;QAEnB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,qBAAqB,CAAC;YACxB,WAAW,EAAE,WAAW,IAAI,EAAE;YAC9B,gBAAgB,EAAE,gBAAgB;YAClC,gBAAgB,EAAE,WAAW;SAC9B,CAAC,CACH,CAAA;IACH,CAAC;IACD,KAAK,CAAC,qBAAqB,CAAC,EAC1B,QAAQ,EACR,IAAI,EACJ,QAAQ,GAKT;QACC,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,4BAA4B,CAAC;YAC/B,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,gBAAgB,EAAE,IAAI;YACtB,QAAQ,EAAE,QAAQ;YAClB,QAAQ,EAAE,QAAQ;SACnB,CAAC,CACH,CAAA;IACH,CAAC;IAED,cAAc;QACZ,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAA;QACpC,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAA;QAChC,IAAI,CAAC,WAAW,IAAI,CAAC,SAAS,EAAE,CAAC;YAC/B,MAAM,IAAI,SAAS,CACjB,4GAA4G,CAC7G,CAAA;QACH,CAAC;QAED,MAAM,CAAC,QAAQ,CAAC,IAAI;YAClB,WAAW,WAAW,SAAS;gBAC/B,aAAa;gBACb,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC;gBACjC,cAAc;gBACd,kBAAkB,CAAC,SAAS,CAAC,CAAA;IACjC,CAAC;IAED,KAAK,CAAC,MAAM;QACV,IAAI,CAAC;YACH,MAAM,YAAY,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAA;YAC5C,4DAA4D;YAC5D,IAAI,YAAY,EAAE,CAAC;gBACjB,MAAM,IAAI,CAAC,eAAe,EAAE,CAAA;YAC9B,CAAC;YAED,MAAM,WAAW,GAAG,IAAI,CAAC,eAAe,EAAE,CAAA;YAC1C,IAAI,WAAW,EAAE,CAAC;gBAChB,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,oBAAoB,CAAC;oBACvB,WAAW,EAAE,WAAW;iBACzB,CAAC,CACH,CAAA;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAE,KAA2B,CAAC,aAAa,EAAE,CAAC;gBAChD,MAAM,KAAK,CAAA;YACb,CAAC;QACH,CAAC;gBAAS,CAAC;YACT,IAAI,CAAC,2BAA2B,EAAE,CAAA;QACpC,CAAC;IACH,CAAC;IAED,KAAK,CAAC,UAAU;QACd,MAAM,IAAI,CAAC,eAAe,EAAE,CAAA;QAE5B,OAAO,IAAI,CAAC,WAAW,EAAE,CAAA;IAC3B,CAAC;IAED,KAAK,CAAC,cAAc;QAClB,MAAM,IAAI,CAAC,eAAe,EAAE,CAAA;QAE5B,OAAO,IAAI,CAAC,eAAe,EAAE,CAAA;IAC/B,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,WAAyB;;QAC5C,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,oBAAoB,CAAA;QAC7B,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CACxD,IAAI,cAAc,CAAC;YACjB,WAAW,EAAE,WAAW;SACzB,CAAC,EACF,EAAE,WAAW,EAAE,CAChB,CAAA;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,kBAAkB,IAAI,EAAE,CAAA;QAC7C,MAAM,mBAAmB,GAAG,IAAI,CAAC,mBAAmB,CAAA;QACpD,MAAM,WAAW,GAAG,MAAA,MAAA,IAAI,CAAC,cAAc,0CAAE,IAAI,CAC3C,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,KAAK,cAAc,CACjD,0CAAE,KAAK,CAAA;QACR,MAAM,qBAAqB,GACzB,CAAA,MAAA,MAAA,IAAI,CAAC,cAAc,0CAAE,IAAI,CACvB,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,KAAK,uBAAuB,CAC1D,0CAAE,KAAK,MAAK,MAAM,CAAA;QAErB,MAAM,oBAAoB,GAAG,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAA;QACnE,MAAM,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAA;QAC9C,MAAM,EAAE,sBAAsB,EAAE,YAAY,EAAE,GAAG,wBAAwB,CAAC;YACxE,oBAAoB;YACpB,UAAU;YACV,mBAAmB;SACpB,CAAC,CAAA;QAEF,OAAO;YACL,aAAa,EAAE;gBACb,OAAO,EAAE,oBAAoB;gBAC7B,SAAS,EAAE,sBAAsB;aAClC;YACD,GAAG,EAAE;gBACH,OAAO,EAAE,UAAU;gBACnB,SAAS,EAAE,YAAY;gBACvB,WAAW;gBACX,qBAAqB;aACtB;SACF,CAAA;IACH,CAAC;IAED,KAAK,CAAC,qBAAqB,CACzB,WAAmB;QAEnB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,EAAE,qBAAqB,EAAE,KAAK,EAAE,CAAA;QACzC,CAAC;QAED,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,2BAA2B,CAAC;YAC9B,WAAW,EAAE,WAAW;YACxB,cAAc,EAAE;gBACd;oBACE,IAAI,EAAE,cAAc;oBACpB,KAAK,EAAE,WAAW;iBACnB;aACF;SACF,CAAC,CACH,CAAA;QAED,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,OAAO,EAAE,qBAAqB,EAAE,WAAW,CAAC,GAAG,CAAC,qBAAqB,EAAE,CAAA;IACzE,CAAC;IAED,KAAK,CAAC,qBAAqB;QACzB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAM;QACR,CAAC;QAED,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,2BAA2B,CAAC;YAC9B,WAAW,EAAE,WAAW;YACxB,kBAAkB,EAAE,CAAC,cAAc,CAAC;SACrC,CAAC,CACH,CAAA;IACH,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,IAAY;QACtC,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAM;QACR,CAAC;QAED,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,0BAA0B,CAAC;YAC7B,WAAW,EAAE,WAAW;YACxB,aAAa,EAAE,cAAc;YAC7B,IAAI,EAAE,IAAI;SACX,CAAC,CACH,CAAA;IACH,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,MAAiB;QAC3C,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAM;QACR,CAAC;QAED,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAEnD,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,2BAA2B,CAAC;YAC9B,WAAW,EAAE,WAAW;YACxB,GAAG,CAAC,eAAe,CAAC,aAAa,CAAC,OAAO;gBACvC,CAAC,CAAC;oBACE,wBAAwB,EAAE;wBACxB,OAAO,EAAE,IAAI;wBACb,YAAY,EAAE,MAAM,KAAK,eAAe;qBACzC;iBACF;gBACH,CAAC,CAAC,EAAE,CAAC;YACP,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO;gBAC7B,CAAC,CAAC;oBACE,cAAc,EAAE;wBACd,OAAO,EAAE,IAAI;wBACb,YAAY,EAAE,MAAM,KAAK,KAAK;qBAC/B;iBACF;gBACH,CAAC,CAAC,EAAE,CAAC;SACR,CAAC,CACH,CAAA;IACH,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,MAAiB;QACtC,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAM;QACR,CAAC;QAED,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QACnD,MAAM,YAAY,GAChB,MAAM,KAAK,eAAe;YACxB,CAAC,CAAC,eAAe,CAAC,aAAa,CAAC,SAAS;YACzC,CAAC,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,CAAA;QACnC,MAAM,WAAW,GACf,MAAM,KAAK,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,eAAe,CAAA;QACtD,MAAM,aAAa,GACjB,MAAM,KAAK,eAAe;YACxB,CAAC,CAAC,eAAe,CAAC,GAAG;YACrB,CAAC,CAAC,eAAe,CAAC,aAAa,CAAA;QAEnC,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,2BAA2B,CAAC;YAC9B,WAAW,EAAE,WAAW;YACxB,GAAG,CAAC,MAAM,KAAK,eAAe;gBAC5B,CAAC,CAAC;oBACE,wBAAwB,EAAE;wBACxB,OAAO,EAAE,KAAK;wBACd,YAAY,EAAE,KAAK;qBACpB;iBACF;gBACH,CAAC,CAAC;oBACE,cAAc,EAAE;wBACd,OAAO,EAAE,KAAK;wBACd,YAAY,EAAE,KAAK;qBACpB;iBACF,CAAC;YACN,GAAG,CAAC,YAAY,IAAI,aAAa,CAAC,OAAO;gBACvC,CAAC,CAAC,WAAW,KAAK,eAAe;oBAC/B,CAAC,CAAC;wBACE,wBAAwB,EAAE;4BACxB,OAAO,EAAE,IAAI;4BACb,YAAY,EAAE,IAAI;yBACnB;qBACF;oBACH,CAAC,CAAC;wBACE,cAAc,EAAE;4BACd,OAAO,EAAE,IAAI;4BACb,YAAY,EAAE,IAAI;yBACnB;qBACF;gBACL,CAAC,CAAC,EAAE,CAAC;SACR,CAAC,CACH,CAAA;IACH,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,EAAE,SAAS,KAA8B,EAAE;QAC3D,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAM;QACR,CAAC;QAED,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QACnD,MAAM,kBAAkB,GACtB,CAAC,eAAe,CAAC,aAAa,CAAC,OAAO;YACpC,eAAe,CAAC,aAAa,CAAC,SAAS,CAAC;YAC1C,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,IAAI,eAAe,CAAC,GAAG,CAAC,SAAS,CAAC,CAAA;QAChE,MAAM,iBAAiB,GACrB,SAAS,aAAT,SAAS,cAAT,SAAS,GAAI,CAAC,CAAC,kBAAkB,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QAEpE,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,2BAA2B,CAAC;YAC9B,WAAW,EAAE,WAAW;YACxB,cAAc,EAAE;gBACd,OAAO,EAAE,IAAI;gBACb,YAAY,EAAE,iBAAiB;aAChC;YACD,GAAG,CAAC,iBAAiB,IAAI,eAAe,CAAC,aAAa,CAAC,OAAO;gBAC5D,CAAC,CAAC;oBACE,wBAAwB,EAAE;wBACxB,OAAO,EAAE,IAAI;wBACb,YAAY,EAAE,KAAK;qBACpB;iBACF;gBACH,CAAC,CAAC,EAAE,CAAC;SACR,CAAC,CACH,CAAA;IACH,CAAC;IAED,KAAK,CAAC,wBAAwB,CAAC,EAAE,SAAS,KAA8B,EAAE;QACxE,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAM;QACR,CAAC;QAED,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAClE,IAAI,6BAA6B,CAAC;YAChC,WAAW,EAAE,WAAW;SACzB,CAAC,CACH,CAAA;QAED,OAAO;YACL,UAAU,EAAE,UAAU;YACtB,eAAe,EAAE,KAAK,EAAE,IAAY,EAAE,EAAE;gBACtC,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,0BAA0B,CAAC;oBAC7B,WAAW,EAAE,WAAW;oBACxB,QAAQ,EAAE,IAAI;iBACf,CAAC,CACH,CAAA;gBAED,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;gBACnD,MAAM,kBAAkB,GACtB,CAAC,eAAe,CAAC,aAAa,CAAC,OAAO;oBACpC,eAAe,CAAC,aAAa,CAAC,SAAS,CAAC;oBAC1C,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,IAAI,eAAe,CAAC,GAAG,CAAC,SAAS,CAAC,CAAA;gBAChE,MAAM,iBAAiB,GACrB,SAAS,aAAT,SAAS,cAAT,SAAS,GACT,CAAC,CAAC,kBAAkB,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,OAAO,CAAC,CAAA;gBAEjE,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAC3C,IAAI,2BAA2B,CAAC;oBAC9B,wBAAwB,EAAE;wBACxB,OAAO,EAAE,IAAI;wBACb,YAAY,EAAE,iBAAiB;qBAChC;oBACD,GAAG,CAAC,iBAAiB,IAAI,eAAe,CAAC,GAAG,CAAC,OAAO;wBAClD,CAAC,CAAC;4BACE,cAAc,EAAE;gCACd,OAAO,EAAE,IAAI;gCACb,YAAY,EAAE,KAAK;6BACpB;yBACF;wBACH,CAAC,CAAC,EAAE,CAAC;oBACP,WAAW,EAAE,WAAW;iBACzB,CAAC,CACH,CAAA;YACH,CAAC;SACF,CAAA;IACH,CAAC;CACF;AAED,sEAAsE;AACtE,2BAA2B;AAE3B,qDAAqD;AACrD,SAAS,eAAe,CACtB,GAAW,EACX,MAA+B,EAC/B,OAAiD,EACjD,KAAsE;IAEtE,MAAM,OAAO,GAAG,IAAI,cAAc,EAAE,CAAA;IACpC,OAAO,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,CAAA;IAC/B,OAAO,CAAC,gBAAgB,CACtB,cAAc,EACd,kDAAkD,CACnD,CAAA;IACD,OAAO,CAAC,MAAM,GAAG;QACf,IAAI,IAAI,GAAG,EAAE,CAAA;QACb,IAAI,CAAC;YACH,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;QACrC,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAA;YAC1B,aAAa;QACf,CAAC;QAED,IAAI,OAAO,CAAC,MAAM,IAAI,GAAG,EAAE,CAAC;YAC1B,OAAO,CAAC,IAAI,CAAC,CAAA;QACf,CAAC;aAAM,CAAC;YACN,KAAK,CAAC,IAAI,CAAC,CAAA;QACb,CAAC;IACH,CAAC,CAAA;IACD,OAAO,CAAC,OAAO,GAAG;QAChB,KAAK,CAAC,EAAE,CAAC,CAAA;IACX,CAAC,CAAA;IACD,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC;SAC7B,MAAM,CAAC,CAAC,IAAc,EAAE,GAAG,EAAE,EAAE;QAC9B,IAAI,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YAChB,IAAI,CAAC,IAAI,CAAC,GAAG,GAAG,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;QACpC,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC,EAAE,EAAE,CAAC;SACL,IAAI,CAAC,GAAG,CAAC,CAAA;IACZ,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AACpB,CAAC;AAED,sEAAsE;AACtE,wBAAwB;AAExB,qEAAqE;AACrE,SAAS,oBAAoB;IAC3B,MAAM,KAAK,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAA;IACjC,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAA;IACpC,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CACzE,EAAE,CACH,CAAA;AACH,CAAC;AAED,+CAA+C;AAC/C,oDAAoD;AACpD,SAAS,MAAM,CAAC,KAAa;IAC3B,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAA;IACjC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IAClC,OAAO,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAA;AACrD,CAAC;AAED,qCAAqC;AACrC,SAAS,eAAe,CAAC,GAAgB;IACvC,sFAAsF;IACtF,sEAAsE;IACtE,uDAAuD;IACvD,0DAA0D;IAC1D,mBAAmB;IACnB,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;SAC9D,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;AACvB,CAAC;AAED,kEAAkE;AAClE,KAAK,UAAU,yBAAyB,CAAC,CAAS;IAChD,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,CAAC,CAAC,CAAA;IAC9B,OAAO,eAAe,CAAC,MAAM,CAAC,CAAA;AAChC,CAAC","sourcesContent":["import {\n AssociateSoftwareTokenCommand,\n AuthenticationResultType,\n ChangePasswordCommand,\n CognitoIdentityProviderClient,\n ConfirmForgotPasswordCommand,\n DeleteUserAttributesCommand,\n GetUserCommand,\n GlobalSignOutCommand,\n InitiateAuthCommand,\n InitiateAuthResponse,\n RespondToAuthChallengeCommand,\n SetUserMFAPreferenceCommand,\n UpdateUserAttributesCommand,\n VerifySoftwareTokenCommand,\n VerifyUserAttributeCommand,\n} from '@aws-sdk/client-cognito-identity-provider'\nimport Sentry from '../Sentry'\nimport { OneBlinkAppsError } from '..'\n\nexport type MfaMethod = 'authenticator' | 'sms'\n\nexport type MfaSettings = {\n authenticator: {\n enabled: boolean\n preferred: boolean\n }\n sms: {\n enabled: boolean\n preferred: boolean\n phoneNumber: string | undefined\n isPhoneNumberVerified: boolean\n }\n}\n\nexport const DEFAULT_MFA_SETTINGS: MfaSettings = {\n authenticator: { enabled: false, preferred: false },\n sms: {\n enabled: false,\n preferred: false,\n phoneNumber: undefined,\n isPhoneNumberVerified: false,\n },\n}\n\nexport function resolveMfaPreferredFlags({\n authenticatorEnabled,\n smsEnabled,\n preferredMfaSetting,\n}: {\n authenticatorEnabled: boolean\n smsEnabled: boolean\n preferredMfaSetting: string | undefined\n}): {\n authenticatorPreferred: boolean\n smsPreferred: boolean\n} {\n const cognitoAuthenticatorPreferred =\n preferredMfaSetting === 'SOFTWARE_TOKEN_MFA'\n const cognitoSmsPreferred = preferredMfaSetting === 'SMS_MFA'\n\n if (cognitoAuthenticatorPreferred && authenticatorEnabled) {\n return { authenticatorPreferred: true, smsPreferred: false }\n }\n\n if (cognitoSmsPreferred && smsEnabled) {\n return { authenticatorPreferred: false, smsPreferred: true }\n }\n\n if (authenticatorEnabled && smsEnabled) {\n return { authenticatorPreferred: true, smsPreferred: false }\n }\n\n return {\n authenticatorPreferred: authenticatorEnabled,\n smsPreferred: smsEnabled,\n }\n}\n\nexport type LoginAttemptResponse = {\n resetPasswordCallback?: (newPassword: string) => Promise<LoginAttemptResponse>\n mfa?: {\n codeCallback: (code: string) => Promise<LoginAttemptResponse>\n method: MfaMethod\n }\n}\n\nexport default class AWSCognitoClient {\n clientId: string\n cognitoIdentityProviderClient: CognitoIdentityProviderClient\n loginDomain: string | void\n redirectUri: string | void\n logoutUri: string | void\n listeners: Array<() => unknown>\n\n constructor({\n clientId,\n region,\n loginDomain,\n redirectUri,\n logoutUri,\n }: {\n clientId: string\n region: string\n redirectUri?: string\n logoutUri?: string\n loginDomain?: string\n }) {\n if (!clientId) {\n throw new TypeError('\"clientId\" is required in constructor')\n }\n if (!region) {\n throw new TypeError('\"region\" is required in constructor')\n }\n\n this.listeners = []\n this.redirectUri = redirectUri\n this.logoutUri = logoutUri\n this.loginDomain = loginDomain\n this.clientId = clientId\n this.cognitoIdentityProviderClient = new CognitoIdentityProviderClient({\n region,\n })\n }\n\n // Local Storage Keys\n get EXPIRES_AT() {\n return `COGNITO_${this.clientId}_EXPIRES_AT`\n }\n get ACCESS_TOKEN() {\n return `COGNITO_${this.clientId}_ACCESS_TOKEN`\n }\n get ID_TOKEN() {\n return `COGNITO_${this.clientId}_ID_TOKEN`\n }\n get REFRESH_TOKEN() {\n return `COGNITO_${this.clientId}_REFRESH_TOKEN`\n }\n get STATE() {\n return `COGNITO_${this.clientId}_STATE`\n }\n get PKCE_CODE_VERIFIER() {\n return `COGNITO_${this.clientId}_PKCE_CODE_VERIFIER`\n }\n\n _executeListeners() {\n for (const listener of this.listeners) {\n try {\n listener()\n } catch (error) {\n Sentry.captureException(error)\n // Ignore error from listeners\n console.warn('AWSCognitoClient listener error', error)\n }\n }\n }\n\n _storeAuthenticationResult(authenticationResult: AuthenticationResultType) {\n // Take off 5 seconds to ensure a request does not become unauthenticated mid request\n const expiresAt =\n (authenticationResult.ExpiresIn as number) * 1000 + Date.now() - 5000\n localStorage.setItem(this.EXPIRES_AT, expiresAt.toString())\n localStorage.setItem(\n this.ACCESS_TOKEN,\n authenticationResult.AccessToken as string,\n )\n localStorage.setItem(this.ID_TOKEN, authenticationResult.IdToken as string)\n if (authenticationResult.RefreshToken) {\n localStorage.setItem(\n this.REFRESH_TOKEN,\n authenticationResult.RefreshToken,\n )\n }\n\n this._executeListeners()\n }\n\n _removeAuthenticationResult() {\n localStorage.removeItem(this.EXPIRES_AT)\n localStorage.removeItem(this.ACCESS_TOKEN)\n localStorage.removeItem(this.ID_TOKEN)\n localStorage.removeItem(this.REFRESH_TOKEN)\n\n this._executeListeners()\n }\n\n _getAccessToken(): string | undefined {\n return localStorage.getItem(this.ACCESS_TOKEN) || undefined\n }\n\n _getIdToken(): string | undefined {\n return localStorage.getItem(this.ID_TOKEN) || undefined\n }\n\n _getRefreshToken(): string | undefined {\n return localStorage.getItem(this.REFRESH_TOKEN) || undefined\n }\n\n _isSessionValid(): boolean {\n const expiresAt = localStorage.getItem(this.EXPIRES_AT)\n if (!expiresAt) {\n return false\n }\n return parseInt(expiresAt, 10) > Date.now()\n }\n\n async _refreshSession(): Promise<void> {\n if (this._isSessionValid()) {\n return\n }\n\n const refreshToken = this._getRefreshToken()\n if (!refreshToken) {\n return\n }\n\n try {\n const result = await this.cognitoIdentityProviderClient.send(\n new InitiateAuthCommand({\n AuthFlow: 'REFRESH_TOKEN_AUTH',\n ClientId: this.clientId,\n AuthParameters: {\n REFRESH_TOKEN: refreshToken,\n },\n }),\n )\n if (result.AuthenticationResult) {\n this._storeAuthenticationResult(result.AuthenticationResult)\n }\n } catch (error) {\n console.warn('Error while attempting to refresh session', error)\n this._removeAuthenticationResult()\n throw new OneBlinkAppsError(\n 'Your session has expired. Please login again to continue to use the application.',\n {\n requiresLogin: true,\n originalError: error as Error,\n },\n )\n }\n }\n\n registerListener(listener: () => unknown): () => void {\n this.listeners.push(listener)\n\n return () => {\n const index = this.listeners.indexOf(listener)\n if (index !== -1) {\n this.listeners.splice(index, 1)\n }\n }\n }\n\n async responseToAuthChallenge(\n username: string,\n initiateAuthResponse: InitiateAuthResponse,\n ): Promise<LoginAttemptResponse> {\n if (initiateAuthResponse.AuthenticationResult) {\n this._storeAuthenticationResult(initiateAuthResponse.AuthenticationResult)\n return {}\n }\n\n const ChallengeName = initiateAuthResponse.ChallengeName\n switch (ChallengeName) {\n case 'NEW_PASSWORD_REQUIRED': {\n return {\n resetPasswordCallback: async (newPassword) => {\n const resetPasswordResult =\n await this.cognitoIdentityProviderClient.send(\n new RespondToAuthChallengeCommand({\n ChallengeName,\n ClientId: this.clientId,\n Session: initiateAuthResponse.Session,\n ChallengeResponses: {\n USERNAME: username,\n NEW_PASSWORD: newPassword,\n },\n }),\n )\n return await this.responseToAuthChallenge(\n username,\n resetPasswordResult,\n )\n },\n }\n }\n case 'SOFTWARE_TOKEN_MFA': {\n return {\n mfa: {\n method: 'authenticator',\n codeCallback: async (code) => {\n const resetPasswordResult =\n await this.cognitoIdentityProviderClient.send(\n new RespondToAuthChallengeCommand({\n ChallengeName,\n ClientId: this.clientId,\n Session: initiateAuthResponse.Session,\n ChallengeResponses: {\n USERNAME: username,\n SOFTWARE_TOKEN_MFA_CODE: code,\n },\n }),\n )\n return await this.responseToAuthChallenge(\n username,\n resetPasswordResult,\n )\n },\n },\n }\n }\n case 'EMAIL_OTP': {\n throw new Error('Email OTP is not supported')\n }\n case 'SMS_MFA': {\n return {\n mfa: {\n method: 'sms',\n codeCallback: async (code) => {\n const smsChallengeResult =\n await this.cognitoIdentityProviderClient.send(\n new RespondToAuthChallengeCommand({\n ChallengeName,\n ClientId: this.clientId,\n Session: initiateAuthResponse.Session,\n ChallengeResponses: {\n USERNAME: username,\n SMS_MFA_CODE: code,\n },\n }),\n )\n return await this.responseToAuthChallenge(\n username,\n smsChallengeResult,\n )\n },\n },\n }\n }\n }\n\n console.warn(\n '\"CognitoIdentityServiceProvider.InitiateAuthResponse\" challenge has not been catered.',\n initiateAuthResponse,\n )\n throw new Error(\n 'An unexpected error occurred while attempting to process your login. Please try again or contact support if the problem persists.',\n )\n }\n\n async loginUsernamePassword(\n username: string,\n password: string,\n ): Promise<LoginAttemptResponse> {\n const loginResult = await this.cognitoIdentityProviderClient.send(\n new InitiateAuthCommand({\n AuthFlow: 'USER_PASSWORD_AUTH',\n ClientId: this.clientId,\n AuthParameters: {\n USERNAME: username,\n PASSWORD: password,\n },\n }),\n )\n\n return await this.responseToAuthChallenge(username, loginResult)\n }\n\n async loginHostedUI(identityProviderName?: string): Promise<void> {\n const loginDomain = this.loginDomain\n const redirectUri = this.redirectUri\n if (!loginDomain || !redirectUri) {\n throw new TypeError(\n '\"loginDomain\" or \"redirectUri\" was not passed to constructor. Both are required before attempting to login.',\n )\n }\n\n // Create and store a random \"state\" value\n const state = generateRandomString()\n localStorage.setItem(this.STATE, state)\n\n // Create and store a new PKCE code_verifier (the plaintext random secret)\n const codeVerifier = generateRandomString()\n localStorage.setItem(this.PKCE_CODE_VERIFIER, codeVerifier)\n\n // Hash and base64-urlencode the secret to use as the challenge\n const code_challenge = await pkceChallengeFromVerifier(codeVerifier)\n\n window.location.href =\n `https://${loginDomain}/oauth2/authorize` +\n '?response_type=code' +\n '&client_id=' +\n encodeURIComponent(this.clientId) +\n '&state=' +\n encodeURIComponent(state) +\n '&scope=' +\n encodeURIComponent('openid email profile aws.cognito.signin.user.admin') +\n '&redirect_uri=' +\n encodeURIComponent(redirectUri) +\n '&code_challenge=' +\n encodeURIComponent(code_challenge) +\n '&code_challenge_method=S256' +\n (identityProviderName\n ? '&identity_provider=' + encodeURIComponent(identityProviderName)\n : '')\n }\n\n async handleAuthentication(): Promise<void> {\n const loginDomain = this.loginDomain\n const redirectUri = this.redirectUri\n if (!loginDomain || !redirectUri) {\n throw new TypeError(\n '\"loginDomain\" or \"redirectUri\" was not passed to constructor. Both are required before attempting to handle a login.',\n )\n }\n\n const query = new URLSearchParams(window.location.search)\n const queryError = query.get('error')\n const queryErrorDescription = query.get('error_description')\n\n // Check if the server returned an error string\n if (typeof queryError === 'string') {\n throw new Error(\n `${queryError} - ${\n typeof queryErrorDescription === 'string'\n ? queryErrorDescription\n : 'An unknown error has occurred.'\n }`,\n )\n }\n\n const code = query.get('code')\n if (typeof code !== 'string') {\n throw new Error('\"code\" was not including in query string to parse')\n }\n\n if (localStorage.getItem(this.STATE) !== query.get('state')) {\n throw new Error('Invalid login')\n }\n\n const code_verifier = localStorage.getItem(this.PKCE_CODE_VERIFIER)\n\n // Clean these up since we don't need them anymore\n localStorage.removeItem(this.STATE)\n localStorage.removeItem(this.PKCE_CODE_VERIFIER)\n\n // Exchange the authorization code for an access token\n const result: Record<string, unknown> = await new Promise(\n (resolve, reject) => {\n sendPostRequest(\n `https://${loginDomain}/oauth2/token`,\n {\n grant_type: 'authorization_code',\n code,\n client_id: this.clientId,\n redirect_uri: redirectUri,\n code_verifier,\n },\n resolve,\n (error) => {\n reject(\n new Error(\n error.error_description ||\n error.message ||\n 'An unknown error has occurred while processing authentication code',\n ),\n )\n },\n )\n },\n )\n\n this._storeAuthenticationResult({\n AccessToken: result.access_token as string,\n ExpiresIn: result.expires_in as number,\n IdToken: result.id_token as string,\n TokenType: result.token_type as string,\n RefreshToken: result.refresh_token as string,\n })\n }\n\n async changePassword(\n existingPassword: string,\n newPassword: string,\n ): Promise<void> {\n const accessToken = await this.getAccessToken()\n await this.cognitoIdentityProviderClient.send(\n new ChangePasswordCommand({\n AccessToken: accessToken || '',\n PreviousPassword: existingPassword,\n ProposedPassword: newPassword,\n }),\n )\n }\n async confirmForgotPassword({\n username,\n code,\n password,\n }: {\n username: string\n code: string\n password: string\n }) {\n await this.cognitoIdentityProviderClient.send(\n new ConfirmForgotPasswordCommand({\n ClientId: this.clientId,\n ConfirmationCode: code,\n Password: password,\n Username: username,\n }),\n )\n }\n\n logoutHostedUI(): void {\n const loginDomain = this.loginDomain\n const logoutUri = this.logoutUri\n if (!loginDomain || !logoutUri) {\n throw new TypeError(\n '\"loginDomain\" or \"logoutUri\" was not passed to constructor. Both are required before attempting to logout.',\n )\n }\n\n window.location.href =\n `https://${loginDomain}/logout` +\n '?client_id=' +\n encodeURIComponent(this.clientId) +\n '&logout_uri=' +\n encodeURIComponent(logoutUri)\n }\n\n async logout(): Promise<void> {\n try {\n const refreshToken = this._getRefreshToken()\n // Refresh session to allow access token to perform sign out\n if (refreshToken) {\n await this._refreshSession()\n }\n\n const accessToken = this._getAccessToken()\n if (accessToken) {\n await this.cognitoIdentityProviderClient.send(\n new GlobalSignOutCommand({\n AccessToken: accessToken,\n }),\n )\n }\n } catch (error) {\n if (!(error as OneBlinkAppsError).requiresLogin) {\n throw error\n }\n } finally {\n this._removeAuthenticationResult()\n }\n }\n\n async getIdToken(): Promise<string | undefined> {\n await this._refreshSession()\n\n return this._getIdToken()\n }\n\n async getAccessToken(): Promise<string | undefined> {\n await this._refreshSession()\n\n return this._getAccessToken()\n }\n\n async getMfaSettings(abortSignal?: AbortSignal): Promise<MfaSettings> {\n const accessToken = await this.getAccessToken()\n if (!accessToken) {\n return DEFAULT_MFA_SETTINGS\n }\n\n const user = await this.cognitoIdentityProviderClient.send(\n new GetUserCommand({\n AccessToken: accessToken,\n }),\n { abortSignal },\n )\n\n const mfaList = user.UserMFASettingList || []\n const preferredMfaSetting = user.PreferredMfaSetting\n const phoneNumber = user.UserAttributes?.find(\n (attribute) => attribute.Name === 'phone_number',\n )?.Value\n const isPhoneNumberVerified =\n user.UserAttributes?.find(\n (attribute) => attribute.Name === 'phone_number_verified',\n )?.Value === 'true'\n\n const authenticatorEnabled = mfaList.includes('SOFTWARE_TOKEN_MFA')\n const smsEnabled = mfaList.includes('SMS_MFA')\n const { authenticatorPreferred, smsPreferred } = resolveMfaPreferredFlags({\n authenticatorEnabled,\n smsEnabled,\n preferredMfaSetting,\n })\n\n return {\n authenticator: {\n enabled: authenticatorEnabled,\n preferred: authenticatorPreferred,\n },\n sms: {\n enabled: smsEnabled,\n preferred: smsPreferred,\n phoneNumber,\n isPhoneNumberVerified,\n },\n }\n }\n\n async updateUserPhoneNumber(\n phoneNumber: string,\n ): Promise<{ isPhoneNumberVerified: boolean }> {\n const accessToken = await this.getAccessToken()\n if (!accessToken) {\n return { isPhoneNumberVerified: false }\n }\n\n await this.cognitoIdentityProviderClient.send(\n new UpdateUserAttributesCommand({\n AccessToken: accessToken,\n UserAttributes: [\n {\n Name: 'phone_number',\n Value: phoneNumber,\n },\n ],\n }),\n )\n\n const mfaSettings = await this.getMfaSettings()\n return { isPhoneNumberVerified: mfaSettings.sms.isPhoneNumberVerified }\n }\n\n async removeUserPhoneNumber() {\n const accessToken = await this.getAccessToken()\n if (!accessToken) {\n return\n }\n\n await this.cognitoIdentityProviderClient.send(\n new DeleteUserAttributesCommand({\n AccessToken: accessToken,\n UserAttributeNames: ['phone_number'],\n }),\n )\n }\n\n async verifyUserPhoneNumber(code: string) {\n const accessToken = await this.getAccessToken()\n if (!accessToken) {\n return\n }\n\n await this.cognitoIdentityProviderClient.send(\n new VerifyUserAttributeCommand({\n AccessToken: accessToken,\n AttributeName: 'phone_number',\n Code: code,\n }),\n )\n }\n\n async setPreferredMfaMethod(method: MfaMethod) {\n const accessToken = await this.getAccessToken()\n if (!accessToken) {\n return\n }\n\n const currentSettings = await this.getMfaSettings()\n\n await this.cognitoIdentityProviderClient.send(\n new SetUserMFAPreferenceCommand({\n AccessToken: accessToken,\n ...(currentSettings.authenticator.enabled\n ? {\n SoftwareTokenMfaSettings: {\n Enabled: true,\n PreferredMfa: method === 'authenticator',\n },\n }\n : {}),\n ...(currentSettings.sms.enabled\n ? {\n SMSMfaSettings: {\n Enabled: true,\n PreferredMfa: method === 'sms',\n },\n }\n : {}),\n }),\n )\n }\n\n async disableMfaMethod(method: MfaMethod) {\n const accessToken = await this.getAccessToken()\n if (!accessToken) {\n return\n }\n\n const currentSettings = await this.getMfaSettings()\n const wasPreferred =\n method === 'authenticator'\n ? currentSettings.authenticator.preferred\n : currentSettings.sms.preferred\n const otherMethod: MfaMethod =\n method === 'authenticator' ? 'sms' : 'authenticator'\n const otherSettings =\n method === 'authenticator'\n ? currentSettings.sms\n : currentSettings.authenticator\n\n await this.cognitoIdentityProviderClient.send(\n new SetUserMFAPreferenceCommand({\n AccessToken: accessToken,\n ...(method === 'authenticator'\n ? {\n SoftwareTokenMfaSettings: {\n Enabled: false,\n PreferredMfa: false,\n },\n }\n : {\n SMSMfaSettings: {\n Enabled: false,\n PreferredMfa: false,\n },\n }),\n ...(wasPreferred && otherSettings.enabled\n ? otherMethod === 'authenticator'\n ? {\n SoftwareTokenMfaSettings: {\n Enabled: true,\n PreferredMfa: true,\n },\n }\n : {\n SMSMfaSettings: {\n Enabled: true,\n PreferredMfa: true,\n },\n }\n : {}),\n }),\n )\n }\n\n async setupSmsMfa({ preferred }: { preferred?: boolean } = {}) {\n const accessToken = await this.getAccessToken()\n if (!accessToken) {\n return\n }\n\n const currentSettings = await this.getMfaSettings()\n const hasPreferredMethod =\n (currentSettings.authenticator.enabled &&\n currentSettings.authenticator.preferred) ||\n (currentSettings.sms.enabled && currentSettings.sms.preferred)\n const shouldBePreferred =\n preferred ?? (!hasPreferredMethod && !currentSettings.sms.enabled)\n\n await this.cognitoIdentityProviderClient.send(\n new SetUserMFAPreferenceCommand({\n AccessToken: accessToken,\n SMSMfaSettings: {\n Enabled: true,\n PreferredMfa: shouldBePreferred,\n },\n ...(shouldBePreferred && currentSettings.authenticator.enabled\n ? {\n SoftwareTokenMfaSettings: {\n Enabled: true,\n PreferredMfa: false,\n },\n }\n : {}),\n }),\n )\n }\n\n async setupMfaAuthenticatorApp({ preferred }: { preferred?: boolean } = {}) {\n const accessToken = await this.getAccessToken()\n if (!accessToken) {\n return\n }\n\n const { SecretCode } = await this.cognitoIdentityProviderClient.send(\n new AssociateSoftwareTokenCommand({\n AccessToken: accessToken,\n }),\n )\n\n return {\n secretCode: SecretCode,\n mfaCodeCallback: async (code: string) => {\n await this.cognitoIdentityProviderClient.send(\n new VerifySoftwareTokenCommand({\n AccessToken: accessToken,\n UserCode: code,\n }),\n )\n\n const currentSettings = await this.getMfaSettings()\n const hasPreferredMethod =\n (currentSettings.authenticator.enabled &&\n currentSettings.authenticator.preferred) ||\n (currentSettings.sms.enabled && currentSettings.sms.preferred)\n const shouldBePreferred =\n preferred ??\n (!hasPreferredMethod && !currentSettings.authenticator.enabled)\n\n await this.cognitoIdentityProviderClient.send(\n new SetUserMFAPreferenceCommand({\n SoftwareTokenMfaSettings: {\n Enabled: true,\n PreferredMfa: shouldBePreferred,\n },\n ...(shouldBePreferred && currentSettings.sms.enabled\n ? {\n SMSMfaSettings: {\n Enabled: true,\n PreferredMfa: false,\n },\n }\n : {}),\n AccessToken: accessToken,\n }),\n )\n },\n }\n }\n}\n\n//////////////////////////////////////////////////////////////////////\n// GENERAL HELPER FUNCTIONS\n\n// Make a POST request and parse the response as JSON\nfunction sendPostRequest(\n url: string,\n params: Record<string, unknown>,\n success: (value: Record<string, unknown>) => void,\n error: (err: { message?: string; error_description?: string }) => void,\n) {\n const request = new XMLHttpRequest()\n request.open('POST', url, true)\n request.setRequestHeader(\n 'Content-Type',\n 'application/x-www-form-urlencoded; charset=UTF-8',\n )\n request.onload = function () {\n let body = {}\n try {\n body = JSON.parse(request.response)\n } catch (e) {\n Sentry.captureException(e)\n // Do nothing\n }\n\n if (request.status == 200) {\n success(body)\n } else {\n error(body)\n }\n }\n request.onerror = function () {\n error({})\n }\n const body = Object.keys(params)\n .reduce((keys: string[], key) => {\n if (params[key]) {\n keys.push(key + '=' + params[key])\n }\n return keys\n }, [])\n .join('&')\n request.send(body)\n}\n\n//////////////////////////////////////////////////////////////////////\n// PKCE HELPER FUNCTIONS\n\n// Generate a secure random string using the browser crypto functions\nfunction generateRandomString() {\n const array = new Uint32Array(28)\n window.crypto.getRandomValues(array)\n return Array.from(array, (dec) => ('0' + dec.toString(16)).substr(-2)).join(\n '',\n )\n}\n\n// Calculate the SHA256 hash of the input text.\n// Returns a promise that resolves to an ArrayBuffer\nfunction sha256(plain: string) {\n const encoder = new TextEncoder()\n const data = encoder.encode(plain)\n return window.crypto.subtle.digest('SHA-256', data)\n}\n\n// Base64-urlencodes the input string\nfunction base64urlencode(str: ArrayBuffer) {\n // Convert the ArrayBuffer to string using Uint8 array to conver to what btoa accepts.\n // btoa accepts chars only within ascii 0-255 and base64 encodes them.\n // Then convert the base64 encoded to base64url encoded\n // (replace + with -, replace / with _, trim trailing =)\n // @ts-expect-error\n return btoa(String.fromCharCode.apply(null, new Uint8Array(str)))\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=+$/, '')\n}\n\n// Return the base64-urlencoded sha256 hash for the PKCE challenge\nasync function pkceChallengeFromVerifier(v: string) {\n const hashed = await sha256(v)\n return base64urlencode(hashed)\n}\n"]}
|