@vardario/cognito-client 3.0.1 → 4.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/cognito-client.d.ts +16 -16
- package/lib/cognito-client.js +80 -52
- package/lib/error.d.ts +66 -5
- package/lib/error.js +104 -4
- package/package.json +7 -2
package/lib/cognito-client.d.ts
CHANGED
|
@@ -261,7 +261,7 @@ export interface DecodedTokens {
|
|
|
261
261
|
* List of used and supported Cognito API calls.
|
|
262
262
|
* @see https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_Operations.html for more details
|
|
263
263
|
*/
|
|
264
|
-
export declare enum
|
|
264
|
+
export declare enum ServiceTarget {
|
|
265
265
|
InitiateAuth = "InitiateAuth",
|
|
266
266
|
RespondToAuthChallenge = "RespondToAuthChallenge",
|
|
267
267
|
SignUp = "SignUp",
|
|
@@ -279,7 +279,7 @@ export declare enum CognitoServiceTarget {
|
|
|
279
279
|
* Cognito supported federated identities public providers.
|
|
280
280
|
* @see https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html for more information.
|
|
281
281
|
*/
|
|
282
|
-
export declare enum
|
|
282
|
+
export declare enum IdentityProvider {
|
|
283
283
|
Cognito = "COGNITO",
|
|
284
284
|
Google = "Google",
|
|
285
285
|
Facebook = "Facebook",
|
|
@@ -306,7 +306,7 @@ export interface ChallengeResponse {
|
|
|
306
306
|
};
|
|
307
307
|
}
|
|
308
308
|
export declare function authResultToSession(authenticationResult: AuthenticationResult): Session;
|
|
309
|
-
export declare function cognitoRequest(body: object, serviceTarget:
|
|
309
|
+
export declare function cognitoRequest(body: object, serviceTarget: ServiceTarget, cognitoEndpoint: string): Promise<any>;
|
|
310
310
|
/**
|
|
311
311
|
* Lightweight AWS Cogito client without any AWS SDK dependencies.
|
|
312
312
|
*/
|
|
@@ -326,7 +326,7 @@ export declare class CognitoClient {
|
|
|
326
326
|
* @param username Username
|
|
327
327
|
* @param password Password
|
|
328
328
|
*
|
|
329
|
-
* @throws {
|
|
329
|
+
* @throws {InitAuthError, CognitoRespondToAuthChallengeError}
|
|
330
330
|
*/
|
|
331
331
|
authenticateUserSrp(username: string, password: string): Promise<Session>;
|
|
332
332
|
/**
|
|
@@ -336,7 +336,7 @@ export declare class CognitoClient {
|
|
|
336
336
|
*
|
|
337
337
|
* @param username Username
|
|
338
338
|
* @param password Password
|
|
339
|
-
* @throws {
|
|
339
|
+
* @throws {InitAuthError}
|
|
340
340
|
*/
|
|
341
341
|
authenticateUser(username: string, password: string): Promise<Session>;
|
|
342
342
|
/**
|
|
@@ -345,7 +345,7 @@ export declare class CognitoClient {
|
|
|
345
345
|
* @param refreshToken Refresh token from a previous session.
|
|
346
346
|
* @param username Username is required when using a client secret and needs to be the cognito user id.
|
|
347
347
|
* @returns @see Session
|
|
348
|
-
* @throws {
|
|
348
|
+
* @throws {InitAuthError}
|
|
349
349
|
*/
|
|
350
350
|
refreshSession(refreshToken: string, username?: string): Promise<Session>;
|
|
351
351
|
/**
|
|
@@ -353,7 +353,7 @@ export declare class CognitoClient {
|
|
|
353
353
|
* @param username Username
|
|
354
354
|
* @param password Password
|
|
355
355
|
*
|
|
356
|
-
* @throws {
|
|
356
|
+
* @throws {SignUpError}
|
|
357
357
|
*/
|
|
358
358
|
signUp(username: string, password: string, userAttributes?: UserAttribute[]): Promise<{
|
|
359
359
|
id: string;
|
|
@@ -365,7 +365,7 @@ export declare class CognitoClient {
|
|
|
365
365
|
* @param username Username
|
|
366
366
|
* @param code Confirmation code the user gets through the registration E-Mail
|
|
367
367
|
*
|
|
368
|
-
* @throws {
|
|
368
|
+
* @throws {ConfirmSignUpError}
|
|
369
369
|
*/
|
|
370
370
|
confirmSignUp(username: string, code: string): Promise<void>;
|
|
371
371
|
/**
|
|
@@ -373,7 +373,7 @@ export declare class CognitoClient {
|
|
|
373
373
|
* @param currentPassword Current user password.
|
|
374
374
|
* @param newPassword New user password.
|
|
375
375
|
*
|
|
376
|
-
* @throws {
|
|
376
|
+
* @throws {ChangePasswordError}
|
|
377
377
|
*/
|
|
378
378
|
changePassword(currentPassword: string, newPassword: string, accessToken: string): Promise<void>;
|
|
379
379
|
/**
|
|
@@ -382,7 +382,7 @@ export declare class CognitoClient {
|
|
|
382
382
|
* @param userAttributes List of user attributes to update.
|
|
383
383
|
* @param accessToken Access token of the current user.
|
|
384
384
|
*
|
|
385
|
-
* @throws {
|
|
385
|
+
* @throws {UpdateUserAttributesError}
|
|
386
386
|
*/
|
|
387
387
|
updateUserAttributes(userAttributes: UserAttribute[], accessToken: string): Promise<void>;
|
|
388
388
|
/**
|
|
@@ -392,7 +392,7 @@ export declare class CognitoClient {
|
|
|
392
392
|
* @param code Verification code
|
|
393
393
|
* @param accessToken Access token of the current user.
|
|
394
394
|
*
|
|
395
|
-
* @throws {
|
|
395
|
+
* @throws {VerifyUserAttributeError}
|
|
396
396
|
*/
|
|
397
397
|
verifyUserAttribute(attributeName: string, code: string, accessToken: string): Promise<void>;
|
|
398
398
|
/**
|
|
@@ -400,14 +400,14 @@ export declare class CognitoClient {
|
|
|
400
400
|
*
|
|
401
401
|
* @param refreshToken Refresh token from a previous session.
|
|
402
402
|
* @param username Username is required when using a client secret and needs to be the cognito user id.
|
|
403
|
-
* @throws {
|
|
403
|
+
* @throws {RevokeTokenError}
|
|
404
404
|
*/
|
|
405
405
|
revokeToken(refreshToken: string): Promise<void>;
|
|
406
406
|
/**
|
|
407
407
|
* Request forgot password.
|
|
408
408
|
* @param username Username
|
|
409
409
|
*
|
|
410
|
-
* @throws {
|
|
410
|
+
* @throws {ForgotPasswordError}
|
|
411
411
|
*/
|
|
412
412
|
forgotPassword(username: string): Promise<void>;
|
|
413
413
|
/**
|
|
@@ -417,14 +417,14 @@ export declare class CognitoClient {
|
|
|
417
417
|
* @param newPassword New password
|
|
418
418
|
* @param confirmationCode Confirmation code which the user got through E-mail
|
|
419
419
|
*
|
|
420
|
-
* @throws {
|
|
420
|
+
* @throws {ConfirmForgotPasswordError}
|
|
421
421
|
*/
|
|
422
422
|
confirmForgotPassword(username: string, newPassword: string, confirmationCode: string): Promise<void>;
|
|
423
423
|
/**
|
|
424
424
|
* Triggers cognito to resend the confirmation code
|
|
425
425
|
* @param username Username
|
|
426
426
|
*
|
|
427
|
-
* @throws {
|
|
427
|
+
* @throws {ResendConfirmationCodeError}
|
|
428
428
|
*/
|
|
429
429
|
resendConfirmationCode(username: string): Promise<void>;
|
|
430
430
|
/**
|
|
@@ -436,7 +436,7 @@ export declare class CognitoClient {
|
|
|
436
436
|
*
|
|
437
437
|
* @throws {Error}
|
|
438
438
|
*/
|
|
439
|
-
generateOAuthSignInUrl(identityProvider?:
|
|
439
|
+
generateOAuthSignInUrl(identityProvider?: IdentityProvider): Promise<{
|
|
440
440
|
url: string;
|
|
441
441
|
state: string;
|
|
442
442
|
pkce: string;
|
package/lib/cognito-client.js
CHANGED
|
@@ -1,39 +1,39 @@
|
|
|
1
1
|
import hashJs from 'hash.js';
|
|
2
2
|
import { BigInteger } from 'jsbn';
|
|
3
3
|
import { Buffer } from 'buffer';
|
|
4
|
-
import {
|
|
4
|
+
import { ChangePasswordError, ConfirmForgotPasswordError, ConfirmSignUpError, ForgotPasswordError, GlobalSignOutError, InitAuthError, ResendConfirmationCodeError, RespondToAuthChallengeError, RevokeTokenError, SignUpError, UpdateUserAttributesError, VerifyUserAttributeError, COMMON_EXCEPTIONS, CommonError } from './error.js';
|
|
5
5
|
import { calculateSecretHash, calculateSignature, calculateU, decodeJwt, generateA, generateSmallA, getPasswordAuthenticationKey, randomBytes } from './utils.js';
|
|
6
6
|
/**
|
|
7
7
|
* List of used and supported Cognito API calls.
|
|
8
8
|
* @see https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_Operations.html for more details
|
|
9
9
|
*/
|
|
10
|
-
export var
|
|
11
|
-
(function (
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
})(
|
|
10
|
+
export var ServiceTarget;
|
|
11
|
+
(function (ServiceTarget) {
|
|
12
|
+
ServiceTarget["InitiateAuth"] = "InitiateAuth";
|
|
13
|
+
ServiceTarget["RespondToAuthChallenge"] = "RespondToAuthChallenge";
|
|
14
|
+
ServiceTarget["SignUp"] = "SignUp";
|
|
15
|
+
ServiceTarget["ConfirmSignUp"] = "ConfirmSignUp";
|
|
16
|
+
ServiceTarget["ChangePassword"] = "ChangePassword";
|
|
17
|
+
ServiceTarget["RevokeToken"] = "RevokeToken";
|
|
18
|
+
ServiceTarget["ForgotPassword"] = "ForgotPassword";
|
|
19
|
+
ServiceTarget["ConfirmForgotPassword"] = "ConfirmForgotPassword";
|
|
20
|
+
ServiceTarget["ResendConfirmationCode"] = "ResendConfirmationCode";
|
|
21
|
+
ServiceTarget["UpdateUserAttributes"] = "UpdateUserAttributes";
|
|
22
|
+
ServiceTarget["VerifyUserAttribute"] = "VerifyUserAttribute";
|
|
23
|
+
ServiceTarget["GlobalSignOut"] = "GlobalSignOut";
|
|
24
|
+
})(ServiceTarget || (ServiceTarget = {}));
|
|
25
25
|
/**
|
|
26
26
|
* Cognito supported federated identities public providers.
|
|
27
27
|
* @see https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html for more information.
|
|
28
28
|
*/
|
|
29
|
-
export var
|
|
30
|
-
(function (
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
})(
|
|
29
|
+
export var IdentityProvider;
|
|
30
|
+
(function (IdentityProvider) {
|
|
31
|
+
IdentityProvider["Cognito"] = "COGNITO";
|
|
32
|
+
IdentityProvider["Google"] = "Google";
|
|
33
|
+
IdentityProvider["Facebook"] = "Facebook";
|
|
34
|
+
IdentityProvider["Amazon"] = "LoginWithAmazon";
|
|
35
|
+
IdentityProvider["Apple"] = "SignInWithApple";
|
|
36
|
+
})(IdentityProvider || (IdentityProvider = {}));
|
|
37
37
|
export function authResultToSession(authenticationResult) {
|
|
38
38
|
return {
|
|
39
39
|
accessToken: authenticationResult.AccessToken,
|
|
@@ -73,8 +73,36 @@ export async function cognitoRequest(body, serviceTarget, cognitoEndpoint) {
|
|
|
73
73
|
const cognitoException = sanitizeErrorType(cognitoResponse.headers.get('X-Amzn-ErrorType') ??
|
|
74
74
|
cognitoResponseBody.code ??
|
|
75
75
|
cognitoResponseBody.__type ??
|
|
76
|
-
|
|
77
|
-
|
|
76
|
+
'Unknown');
|
|
77
|
+
if (COMMON_EXCEPTIONS.includes(cognitoException)) {
|
|
78
|
+
throw new CommonError(errorMessage, cognitoException);
|
|
79
|
+
}
|
|
80
|
+
switch (serviceTarget) {
|
|
81
|
+
case ServiceTarget.InitiateAuth:
|
|
82
|
+
throw new InitAuthError(errorMessage, cognitoException);
|
|
83
|
+
case ServiceTarget.RespondToAuthChallenge:
|
|
84
|
+
throw new RespondToAuthChallengeError(errorMessage, cognitoException);
|
|
85
|
+
case ServiceTarget.SignUp:
|
|
86
|
+
throw new SignUpError(errorMessage, cognitoException);
|
|
87
|
+
case ServiceTarget.ConfirmSignUp:
|
|
88
|
+
throw new ConfirmSignUpError(errorMessage, cognitoException);
|
|
89
|
+
case ServiceTarget.ChangePassword:
|
|
90
|
+
throw new ChangePasswordError(errorMessage, cognitoException);
|
|
91
|
+
case ServiceTarget.RevokeToken:
|
|
92
|
+
throw new RevokeTokenError(errorMessage, cognitoException);
|
|
93
|
+
case ServiceTarget.ForgotPassword:
|
|
94
|
+
throw new ForgotPasswordError(errorMessage, cognitoException);
|
|
95
|
+
case ServiceTarget.ConfirmForgotPassword:
|
|
96
|
+
throw new ConfirmForgotPasswordError(errorMessage, cognitoException);
|
|
97
|
+
case ServiceTarget.ResendConfirmationCode:
|
|
98
|
+
throw new ResendConfirmationCodeError(errorMessage, cognitoException);
|
|
99
|
+
case ServiceTarget.UpdateUserAttributes:
|
|
100
|
+
throw new UpdateUserAttributesError(errorMessage, cognitoException);
|
|
101
|
+
case ServiceTarget.VerifyUserAttribute:
|
|
102
|
+
throw new VerifyUserAttributeError(errorMessage, cognitoException);
|
|
103
|
+
case ServiceTarget.GlobalSignOut:
|
|
104
|
+
throw new GlobalSignOutError(errorMessage, cognitoException);
|
|
105
|
+
}
|
|
78
106
|
}
|
|
79
107
|
/**
|
|
80
108
|
* Lightweight AWS Cogito client without any AWS SDK dependencies.
|
|
@@ -104,7 +132,7 @@ export class CognitoClient {
|
|
|
104
132
|
* @param username Username
|
|
105
133
|
* @param password Password
|
|
106
134
|
*
|
|
107
|
-
* @throws {
|
|
135
|
+
* @throws {InitAuthError, CognitoRespondToAuthChallengeError}
|
|
108
136
|
*/
|
|
109
137
|
async authenticateUserSrp(username, password) {
|
|
110
138
|
const smallA = await generateSmallA();
|
|
@@ -119,7 +147,7 @@ export class CognitoClient {
|
|
|
119
147
|
},
|
|
120
148
|
ClientMetadata: {}
|
|
121
149
|
};
|
|
122
|
-
const challenge = (await cognitoRequest(initiateAuthPayload,
|
|
150
|
+
const challenge = (await cognitoRequest(initiateAuthPayload, ServiceTarget.InitiateAuth, this.cognitoEndpoint));
|
|
123
151
|
const B = new BigInteger(challenge.ChallengeParameters.SRP_B, 16);
|
|
124
152
|
const salt = new BigInteger(challenge.ChallengeParameters.SALT, 16);
|
|
125
153
|
const U = calculateU(A, B);
|
|
@@ -138,7 +166,7 @@ export class CognitoClient {
|
|
|
138
166
|
},
|
|
139
167
|
ClientMetadata: {}
|
|
140
168
|
};
|
|
141
|
-
const { AuthenticationResult } = await cognitoRequest(respondToAuthChallengeRequest,
|
|
169
|
+
const { AuthenticationResult } = await cognitoRequest(respondToAuthChallengeRequest, ServiceTarget.RespondToAuthChallenge, this.cognitoEndpoint);
|
|
142
170
|
return authResultToSession(AuthenticationResult);
|
|
143
171
|
}
|
|
144
172
|
/**
|
|
@@ -148,7 +176,7 @@ export class CognitoClient {
|
|
|
148
176
|
*
|
|
149
177
|
* @param username Username
|
|
150
178
|
* @param password Password
|
|
151
|
-
* @throws {
|
|
179
|
+
* @throws {InitAuthError}
|
|
152
180
|
*/
|
|
153
181
|
async authenticateUser(username, password) {
|
|
154
182
|
const initiateAuthPayload = {
|
|
@@ -161,7 +189,7 @@ export class CognitoClient {
|
|
|
161
189
|
},
|
|
162
190
|
ClientMetadata: {}
|
|
163
191
|
};
|
|
164
|
-
const { AuthenticationResult } = (await cognitoRequest(initiateAuthPayload,
|
|
192
|
+
const { AuthenticationResult } = (await cognitoRequest(initiateAuthPayload, ServiceTarget.InitiateAuth, this.cognitoEndpoint));
|
|
165
193
|
const session = authResultToSession(AuthenticationResult);
|
|
166
194
|
return session;
|
|
167
195
|
}
|
|
@@ -171,7 +199,7 @@ export class CognitoClient {
|
|
|
171
199
|
* @param refreshToken Refresh token from a previous session.
|
|
172
200
|
* @param username Username is required when using a client secret and needs to be the cognito user id.
|
|
173
201
|
* @returns @see Session
|
|
174
|
-
* @throws {
|
|
202
|
+
* @throws {InitAuthError}
|
|
175
203
|
*/
|
|
176
204
|
async refreshSession(refreshToken, username) {
|
|
177
205
|
const refreshTokenPayload = {
|
|
@@ -183,7 +211,7 @@ export class CognitoClient {
|
|
|
183
211
|
},
|
|
184
212
|
ClientMetadata: {}
|
|
185
213
|
};
|
|
186
|
-
const { AuthenticationResult } = (await cognitoRequest(refreshTokenPayload,
|
|
214
|
+
const { AuthenticationResult } = (await cognitoRequest(refreshTokenPayload, ServiceTarget.InitiateAuth, this.cognitoEndpoint));
|
|
187
215
|
if (!AuthenticationResult.RefreshToken) {
|
|
188
216
|
AuthenticationResult.RefreshToken = refreshToken;
|
|
189
217
|
}
|
|
@@ -194,7 +222,7 @@ export class CognitoClient {
|
|
|
194
222
|
* @param username Username
|
|
195
223
|
* @param password Password
|
|
196
224
|
*
|
|
197
|
-
* @throws {
|
|
225
|
+
* @throws {SignUpError}
|
|
198
226
|
*/
|
|
199
227
|
async signUp(username, password, userAttributes) {
|
|
200
228
|
const signUpRequest = {
|
|
@@ -204,7 +232,7 @@ export class CognitoClient {
|
|
|
204
232
|
UserAttributes: userAttributes,
|
|
205
233
|
SecretHash: this.clientSecret && calculateSecretHash(this.clientSecret, this.userPoolClientId, username)
|
|
206
234
|
};
|
|
207
|
-
const data = await cognitoRequest(signUpRequest,
|
|
235
|
+
const data = await cognitoRequest(signUpRequest, ServiceTarget.SignUp, this.cognitoEndpoint);
|
|
208
236
|
return {
|
|
209
237
|
id: data.UserSub,
|
|
210
238
|
confirmed: data.UserConfirmed
|
|
@@ -216,7 +244,7 @@ export class CognitoClient {
|
|
|
216
244
|
* @param username Username
|
|
217
245
|
* @param code Confirmation code the user gets through the registration E-Mail
|
|
218
246
|
*
|
|
219
|
-
* @throws {
|
|
247
|
+
* @throws {ConfirmSignUpError}
|
|
220
248
|
*/
|
|
221
249
|
async confirmSignUp(username, code) {
|
|
222
250
|
const confirmSignUpRequest = {
|
|
@@ -225,14 +253,14 @@ export class CognitoClient {
|
|
|
225
253
|
Username: username,
|
|
226
254
|
SecretHash: this.clientSecret && calculateSecretHash(this.clientSecret, this.userPoolClientId, username)
|
|
227
255
|
};
|
|
228
|
-
await cognitoRequest(confirmSignUpRequest,
|
|
256
|
+
await cognitoRequest(confirmSignUpRequest, ServiceTarget.ConfirmSignUp, this.cognitoEndpoint);
|
|
229
257
|
}
|
|
230
258
|
/**
|
|
231
259
|
*
|
|
232
260
|
* @param currentPassword Current user password.
|
|
233
261
|
* @param newPassword New user password.
|
|
234
262
|
*
|
|
235
|
-
* @throws {
|
|
263
|
+
* @throws {ChangePasswordError}
|
|
236
264
|
*/
|
|
237
265
|
async changePassword(currentPassword, newPassword, accessToken) {
|
|
238
266
|
const changePasswordPayload = {
|
|
@@ -240,7 +268,7 @@ export class CognitoClient {
|
|
|
240
268
|
ProposedPassword: newPassword,
|
|
241
269
|
AccessToken: accessToken
|
|
242
270
|
};
|
|
243
|
-
await cognitoRequest(changePasswordPayload,
|
|
271
|
+
await cognitoRequest(changePasswordPayload, ServiceTarget.ChangePassword, this.cognitoEndpoint);
|
|
244
272
|
}
|
|
245
273
|
/**
|
|
246
274
|
* Updates the user attributes.
|
|
@@ -248,14 +276,14 @@ export class CognitoClient {
|
|
|
248
276
|
* @param userAttributes List of user attributes to update.
|
|
249
277
|
* @param accessToken Access token of the current user.
|
|
250
278
|
*
|
|
251
|
-
* @throws {
|
|
279
|
+
* @throws {UpdateUserAttributesError}
|
|
252
280
|
*/
|
|
253
281
|
async updateUserAttributes(userAttributes, accessToken) {
|
|
254
282
|
const updateUserAttributesPayload = {
|
|
255
283
|
UserAttributes: userAttributes,
|
|
256
284
|
AccessToken: accessToken
|
|
257
285
|
};
|
|
258
|
-
await cognitoRequest(updateUserAttributesPayload,
|
|
286
|
+
await cognitoRequest(updateUserAttributesPayload, ServiceTarget.UpdateUserAttributes, this.cognitoEndpoint);
|
|
259
287
|
}
|
|
260
288
|
/**
|
|
261
289
|
* Verifies a given user attribute
|
|
@@ -264,7 +292,7 @@ export class CognitoClient {
|
|
|
264
292
|
* @param code Verification code
|
|
265
293
|
* @param accessToken Access token of the current user.
|
|
266
294
|
*
|
|
267
|
-
* @throws {
|
|
295
|
+
* @throws {VerifyUserAttributeError}
|
|
268
296
|
*/
|
|
269
297
|
async verifyUserAttribute(attributeName, code, accessToken) {
|
|
270
298
|
const verifyUserAttributePayload = {
|
|
@@ -272,14 +300,14 @@ export class CognitoClient {
|
|
|
272
300
|
Code: code,
|
|
273
301
|
AccessToken: accessToken
|
|
274
302
|
};
|
|
275
|
-
await cognitoRequest(verifyUserAttributePayload,
|
|
303
|
+
await cognitoRequest(verifyUserAttributePayload, ServiceTarget.VerifyUserAttribute, this.cognitoEndpoint);
|
|
276
304
|
}
|
|
277
305
|
/**
|
|
278
306
|
* Revokes all of the access tokens generated by, and at the same time as, the specified refresh token. After a token is revoked, you can't use the revoked token to access Amazon Cognito user APIs, or to authorize access to your resource server.
|
|
279
307
|
*
|
|
280
308
|
* @param refreshToken Refresh token from a previous session.
|
|
281
309
|
* @param username Username is required when using a client secret and needs to be the cognito user id.
|
|
282
|
-
* @throws {
|
|
310
|
+
* @throws {RevokeTokenError}
|
|
283
311
|
*/
|
|
284
312
|
async revokeToken(refreshToken) {
|
|
285
313
|
const revokeTokenPayload = {
|
|
@@ -287,13 +315,13 @@ export class CognitoClient {
|
|
|
287
315
|
ClientId: this.userPoolClientId,
|
|
288
316
|
ClientSecret: this.clientSecret
|
|
289
317
|
};
|
|
290
|
-
await cognitoRequest(revokeTokenPayload,
|
|
318
|
+
await cognitoRequest(revokeTokenPayload, ServiceTarget.RevokeToken, this.cognitoEndpoint);
|
|
291
319
|
}
|
|
292
320
|
/**
|
|
293
321
|
* Request forgot password.
|
|
294
322
|
* @param username Username
|
|
295
323
|
*
|
|
296
|
-
* @throws {
|
|
324
|
+
* @throws {ForgotPasswordError}
|
|
297
325
|
*/
|
|
298
326
|
async forgotPassword(username) {
|
|
299
327
|
const forgotPasswordRequest = {
|
|
@@ -301,7 +329,7 @@ export class CognitoClient {
|
|
|
301
329
|
Username: username,
|
|
302
330
|
SecretHash: this.clientSecret && calculateSecretHash(this.clientSecret, this.userPoolClientId, username)
|
|
303
331
|
};
|
|
304
|
-
await cognitoRequest(forgotPasswordRequest,
|
|
332
|
+
await cognitoRequest(forgotPasswordRequest, ServiceTarget.ForgotPassword, this.cognitoEndpoint);
|
|
305
333
|
}
|
|
306
334
|
/**
|
|
307
335
|
* Confirms the new password via the given code send via cognito triggered by @see forgotPassword .
|
|
@@ -310,7 +338,7 @@ export class CognitoClient {
|
|
|
310
338
|
* @param newPassword New password
|
|
311
339
|
* @param confirmationCode Confirmation code which the user got through E-mail
|
|
312
340
|
*
|
|
313
|
-
* @throws {
|
|
341
|
+
* @throws {ConfirmForgotPasswordError}
|
|
314
342
|
*/
|
|
315
343
|
async confirmForgotPassword(username, newPassword, confirmationCode) {
|
|
316
344
|
const confirmForgotPasswordRequest = {
|
|
@@ -320,13 +348,13 @@ export class CognitoClient {
|
|
|
320
348
|
Password: newPassword,
|
|
321
349
|
SecretHash: this.clientSecret && calculateSecretHash(this.clientSecret, this.userPoolClientId, username)
|
|
322
350
|
};
|
|
323
|
-
await cognitoRequest(confirmForgotPasswordRequest,
|
|
351
|
+
await cognitoRequest(confirmForgotPasswordRequest, ServiceTarget.ConfirmForgotPassword, this.cognitoEndpoint);
|
|
324
352
|
}
|
|
325
353
|
/**
|
|
326
354
|
* Triggers cognito to resend the confirmation code
|
|
327
355
|
* @param username Username
|
|
328
356
|
*
|
|
329
|
-
* @throws {
|
|
357
|
+
* @throws {ResendConfirmationCodeError}
|
|
330
358
|
*/
|
|
331
359
|
async resendConfirmationCode(username) {
|
|
332
360
|
const resendConfirmationCodeRequest = {
|
|
@@ -334,7 +362,7 @@ export class CognitoClient {
|
|
|
334
362
|
Username: username,
|
|
335
363
|
SecretHash: this.clientSecret && calculateSecretHash(this.clientSecret, this.userPoolClientId, username)
|
|
336
364
|
};
|
|
337
|
-
await cognitoRequest(resendConfirmationCodeRequest,
|
|
365
|
+
await cognitoRequest(resendConfirmationCodeRequest, ServiceTarget.ResendConfirmationCode, this.cognitoEndpoint);
|
|
338
366
|
}
|
|
339
367
|
/**
|
|
340
368
|
* Returns a link to Cognito`s Hosted UI for OAuth2 authentication.
|
|
@@ -426,6 +454,6 @@ export class CognitoClient {
|
|
|
426
454
|
const globalSignOutPayload = {
|
|
427
455
|
AccessToken: accessToken
|
|
428
456
|
};
|
|
429
|
-
await cognitoRequest(globalSignOutPayload,
|
|
457
|
+
await cognitoRequest(globalSignOutPayload, ServiceTarget.GlobalSignOut, this.cognitoEndpoint);
|
|
430
458
|
}
|
|
431
459
|
}
|
package/lib/error.d.ts
CHANGED
|
@@ -1,6 +1,17 @@
|
|
|
1
|
-
export declare enum
|
|
2
|
-
|
|
1
|
+
export declare enum CommonException {
|
|
2
|
+
AccessDeniedException = "AccessDeniedException",
|
|
3
|
+
IncompleteSignature = "IncompleteSignature",
|
|
4
|
+
InternalFailure = "InternalFailure",
|
|
5
|
+
InvalidAction = "InvalidAction",
|
|
6
|
+
InvalidClientTokenId = "InvalidClientTokenId",
|
|
7
|
+
NotAuthorized = "NotAuthorized",
|
|
8
|
+
OptInRequired = "OptInRequired",
|
|
9
|
+
RequestExpired = "RequestExpired",
|
|
10
|
+
ServiceUnavailable = "ServiceUnavailable",
|
|
11
|
+
ThrottlingException = "ThrottlingException",
|
|
12
|
+
ValidationError = "ValidationError"
|
|
3
13
|
}
|
|
14
|
+
export declare const COMMON_EXCEPTIONS: CommonException[];
|
|
4
15
|
export declare enum AssociateSoftwareTokenException {
|
|
5
16
|
ConcurrentModificationException = "ConcurrentModificationException",
|
|
6
17
|
ForbiddenException = "ForbiddenException",
|
|
@@ -351,8 +362,58 @@ export declare enum RevokeTokenException {
|
|
|
351
362
|
UnsupportedOperationException = "UnsupportedOperationException",
|
|
352
363
|
UnsupportedTokenTypeException = "UnsupportedTokenTypeException"
|
|
353
364
|
}
|
|
354
|
-
export type CognitoException = AssociateSoftwareTokenException | ChangePasswordException | ConfirmDeviceException | ConfirmForgotPasswordException | ConfirmSignUpException | DeleteUserAttributesException | DeleteUserException | ForgetDeviceException | ForgotPasswordException | GetUserException | GetIdException | GetCredentialsForIdentityException | GetUserAttributeVerificationException | GlobalSignOutException | InitiateAuthException | ResendConfirmationException | RespondToAuthChallengeException | SetUserMFAPreferenceException | SignUpException | UpdateUserAttributesException | VerifySoftwareTokenException | VerifyUserAttributeException | UpdateDeviceStatusException | ListDevicesException | CognitoCommonException | RevokeTokenException;
|
|
355
365
|
export declare class CognitoError extends Error {
|
|
356
|
-
|
|
357
|
-
|
|
366
|
+
constructor(message: string);
|
|
367
|
+
}
|
|
368
|
+
export declare class CommonError extends CognitoError {
|
|
369
|
+
readonly cognitoException: CommonException;
|
|
370
|
+
constructor(message: string, cognitoException: CommonException);
|
|
371
|
+
}
|
|
372
|
+
export declare class InitAuthError extends CognitoError {
|
|
373
|
+
readonly cognitoException: InitiateAuthException;
|
|
374
|
+
constructor(message: string, cognitoException: InitiateAuthException);
|
|
375
|
+
}
|
|
376
|
+
export declare class RespondToAuthChallengeError extends CognitoError {
|
|
377
|
+
readonly cognitoException: RespondToAuthChallengeException;
|
|
378
|
+
constructor(message: string, cognitoException: RespondToAuthChallengeException);
|
|
379
|
+
}
|
|
380
|
+
export declare class SignUpError extends CognitoError {
|
|
381
|
+
readonly cognitoException: SignUpException;
|
|
382
|
+
constructor(message: string, cognitoException: SignUpException);
|
|
383
|
+
}
|
|
384
|
+
export declare class ConfirmSignUpError extends CognitoError {
|
|
385
|
+
readonly cognitoException: ConfirmSignUpException;
|
|
386
|
+
constructor(message: string, cognitoException: ConfirmSignUpException);
|
|
387
|
+
}
|
|
388
|
+
export declare class ChangePasswordError extends CognitoError {
|
|
389
|
+
readonly cognitoException: ChangePasswordException;
|
|
390
|
+
constructor(message: string, cognitoException: ChangePasswordException);
|
|
391
|
+
}
|
|
392
|
+
export declare class RevokeTokenError extends CognitoError {
|
|
393
|
+
readonly cognitoException: RevokeTokenException;
|
|
394
|
+
constructor(message: string, cognitoException: RevokeTokenException);
|
|
395
|
+
}
|
|
396
|
+
export declare class ForgotPasswordError extends CognitoError {
|
|
397
|
+
readonly cognitoException: ForgotPasswordException;
|
|
398
|
+
constructor(message: string, cognitoException: ForgotPasswordException);
|
|
399
|
+
}
|
|
400
|
+
export declare class ConfirmForgotPasswordError extends CognitoError {
|
|
401
|
+
readonly cognitoException: ConfirmForgotPasswordException;
|
|
402
|
+
constructor(message: string, cognitoException: ConfirmForgotPasswordException);
|
|
403
|
+
}
|
|
404
|
+
export declare class ResendConfirmationCodeError extends CognitoError {
|
|
405
|
+
readonly cognitoException: ResendConfirmationException;
|
|
406
|
+
constructor(message: string, cognitoException: ResendConfirmationException);
|
|
407
|
+
}
|
|
408
|
+
export declare class UpdateUserAttributesError extends CognitoError {
|
|
409
|
+
readonly cognitoException: UpdateUserAttributesException;
|
|
410
|
+
constructor(message: string, cognitoException: UpdateUserAttributesException);
|
|
411
|
+
}
|
|
412
|
+
export declare class VerifyUserAttributeError extends CognitoError {
|
|
413
|
+
readonly cognitoException: VerifyUserAttributeException;
|
|
414
|
+
constructor(message: string, cognitoException: VerifyUserAttributeException);
|
|
415
|
+
}
|
|
416
|
+
export declare class GlobalSignOutError extends CognitoError {
|
|
417
|
+
readonly cognitoException: GlobalSignOutException;
|
|
418
|
+
constructor(message: string, cognitoException: GlobalSignOutException);
|
|
358
419
|
}
|
package/lib/error.js
CHANGED
|
@@ -1,7 +1,30 @@
|
|
|
1
|
-
export var
|
|
2
|
-
(function (
|
|
3
|
-
|
|
4
|
-
|
|
1
|
+
export var CommonException;
|
|
2
|
+
(function (CommonException) {
|
|
3
|
+
CommonException["AccessDeniedException"] = "AccessDeniedException";
|
|
4
|
+
CommonException["IncompleteSignature"] = "IncompleteSignature";
|
|
5
|
+
CommonException["InternalFailure"] = "InternalFailure";
|
|
6
|
+
CommonException["InvalidAction"] = "InvalidAction";
|
|
7
|
+
CommonException["InvalidClientTokenId"] = "InvalidClientTokenId";
|
|
8
|
+
CommonException["NotAuthorized"] = "NotAuthorized";
|
|
9
|
+
CommonException["OptInRequired"] = "OptInRequired";
|
|
10
|
+
CommonException["RequestExpired"] = "RequestExpired";
|
|
11
|
+
CommonException["ServiceUnavailable"] = "ServiceUnavailable";
|
|
12
|
+
CommonException["ThrottlingException"] = "ThrottlingException";
|
|
13
|
+
CommonException["ValidationError"] = "ValidationError";
|
|
14
|
+
})(CommonException || (CommonException = {}));
|
|
15
|
+
export const COMMON_EXCEPTIONS = [
|
|
16
|
+
CommonException.AccessDeniedException,
|
|
17
|
+
CommonException.IncompleteSignature,
|
|
18
|
+
CommonException.InternalFailure,
|
|
19
|
+
CommonException.InvalidAction,
|
|
20
|
+
CommonException.InvalidClientTokenId,
|
|
21
|
+
CommonException.NotAuthorized,
|
|
22
|
+
CommonException.OptInRequired,
|
|
23
|
+
CommonException.RequestExpired,
|
|
24
|
+
CommonException.ServiceUnavailable,
|
|
25
|
+
CommonException.ThrottlingException,
|
|
26
|
+
CommonException.ValidationError
|
|
27
|
+
];
|
|
5
28
|
export var AssociateSoftwareTokenException;
|
|
6
29
|
(function (AssociateSoftwareTokenException) {
|
|
7
30
|
AssociateSoftwareTokenException["ConcurrentModificationException"] = "ConcurrentModificationException";
|
|
@@ -378,6 +401,83 @@ export var RevokeTokenException;
|
|
|
378
401
|
RevokeTokenException["UnsupportedTokenTypeException"] = "UnsupportedTokenTypeException";
|
|
379
402
|
})(RevokeTokenException || (RevokeTokenException = {}));
|
|
380
403
|
export class CognitoError extends Error {
|
|
404
|
+
constructor(message) {
|
|
405
|
+
super(message);
|
|
406
|
+
}
|
|
407
|
+
}
|
|
408
|
+
export class CommonError extends CognitoError {
|
|
409
|
+
constructor(message, cognitoException) {
|
|
410
|
+
super(message);
|
|
411
|
+
this.cognitoException = cognitoException;
|
|
412
|
+
}
|
|
413
|
+
}
|
|
414
|
+
export class InitAuthError extends CognitoError {
|
|
415
|
+
constructor(message, cognitoException) {
|
|
416
|
+
super(message);
|
|
417
|
+
this.cognitoException = cognitoException;
|
|
418
|
+
}
|
|
419
|
+
}
|
|
420
|
+
export class RespondToAuthChallengeError extends CognitoError {
|
|
421
|
+
constructor(message, cognitoException) {
|
|
422
|
+
super(message);
|
|
423
|
+
this.cognitoException = cognitoException;
|
|
424
|
+
}
|
|
425
|
+
}
|
|
426
|
+
export class SignUpError extends CognitoError {
|
|
427
|
+
constructor(message, cognitoException) {
|
|
428
|
+
super(message);
|
|
429
|
+
this.cognitoException = cognitoException;
|
|
430
|
+
}
|
|
431
|
+
}
|
|
432
|
+
export class ConfirmSignUpError extends CognitoError {
|
|
433
|
+
constructor(message, cognitoException) {
|
|
434
|
+
super(message);
|
|
435
|
+
this.cognitoException = cognitoException;
|
|
436
|
+
}
|
|
437
|
+
}
|
|
438
|
+
export class ChangePasswordError extends CognitoError {
|
|
439
|
+
constructor(message, cognitoException) {
|
|
440
|
+
super(message);
|
|
441
|
+
this.cognitoException = cognitoException;
|
|
442
|
+
}
|
|
443
|
+
}
|
|
444
|
+
export class RevokeTokenError extends CognitoError {
|
|
445
|
+
constructor(message, cognitoException) {
|
|
446
|
+
super(message);
|
|
447
|
+
this.cognitoException = cognitoException;
|
|
448
|
+
}
|
|
449
|
+
}
|
|
450
|
+
export class ForgotPasswordError extends CognitoError {
|
|
451
|
+
constructor(message, cognitoException) {
|
|
452
|
+
super(message);
|
|
453
|
+
this.cognitoException = cognitoException;
|
|
454
|
+
}
|
|
455
|
+
}
|
|
456
|
+
export class ConfirmForgotPasswordError extends CognitoError {
|
|
457
|
+
constructor(message, cognitoException) {
|
|
458
|
+
super(message);
|
|
459
|
+
this.cognitoException = cognitoException;
|
|
460
|
+
}
|
|
461
|
+
}
|
|
462
|
+
export class ResendConfirmationCodeError extends CognitoError {
|
|
463
|
+
constructor(message, cognitoException) {
|
|
464
|
+
super(message);
|
|
465
|
+
this.cognitoException = cognitoException;
|
|
466
|
+
}
|
|
467
|
+
}
|
|
468
|
+
export class UpdateUserAttributesError extends CognitoError {
|
|
469
|
+
constructor(message, cognitoException) {
|
|
470
|
+
super(message);
|
|
471
|
+
this.cognitoException = cognitoException;
|
|
472
|
+
}
|
|
473
|
+
}
|
|
474
|
+
export class VerifyUserAttributeError extends CognitoError {
|
|
475
|
+
constructor(message, cognitoException) {
|
|
476
|
+
super(message);
|
|
477
|
+
this.cognitoException = cognitoException;
|
|
478
|
+
}
|
|
479
|
+
}
|
|
480
|
+
export class GlobalSignOutError extends CognitoError {
|
|
381
481
|
constructor(message, cognitoException) {
|
|
382
482
|
super(message);
|
|
383
483
|
this.cognitoException = cognitoException;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@vardario/cognito-client",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "4.0.1",
|
|
4
4
|
"description": "",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"author": "Sahin Vardar",
|
|
@@ -56,5 +56,10 @@
|
|
|
56
56
|
],
|
|
57
57
|
"package.json": "prettier-package-json --write"
|
|
58
58
|
},
|
|
59
|
-
"packageManager": "pnpm@8.10.5"
|
|
59
|
+
"packageManager": "pnpm@8.10.5",
|
|
60
|
+
"release": {
|
|
61
|
+
"branches": [
|
|
62
|
+
"release"
|
|
63
|
+
]
|
|
64
|
+
}
|
|
60
65
|
}
|