@vardario/cognito-client 5.2.0 → 5.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/lib/browser.js CHANGED
@@ -803,14 +803,12 @@ var ServiceTarget = /* @__PURE__ */ ((ServiceTarget2) => {
803
803
  ServiceTarget2["ListWebAuthnCredentials"] = "ListWebAuthnCredentials";
804
804
  return ServiceTarget2;
805
805
  })(ServiceTarget || {});
806
- var IdentityProvider = /* @__PURE__ */ ((IdentityProvider2) => {
807
- IdentityProvider2["Cognito"] = "COGNITO";
808
- IdentityProvider2["Google"] = "Google";
809
- IdentityProvider2["Facebook"] = "Facebook";
810
- IdentityProvider2["Amazon"] = "LoginWithAmazon";
811
- IdentityProvider2["Apple"] = "SignInWithApple";
812
- return IdentityProvider2;
813
- })(IdentityProvider || {});
806
+ var IdentityProvider = {
807
+ Cognito: "COGNITO",
808
+ Google: "Google",
809
+ Facebook: "Facebook",
810
+ Apple: "SignInWithApple"
811
+ };
814
812
  function adaptExpiresIn(auth) {
815
813
  return {
816
814
  ...auth,
@@ -1204,6 +1202,13 @@ var CognitoClient = class {
1204
1202
  * @returns
1205
1203
  */
1206
1204
  async respondToAuthChallenge(params) {
1205
+ if (this.clientSecret && !params.ChallengeResponses.SECRET_HASH) {
1206
+ params.ChallengeResponses.SECRET_HASH = await calculateSecretHash(
1207
+ this.clientSecret,
1208
+ this.userPoolClientId,
1209
+ params.ChallengeResponses.USERNAME
1210
+ );
1211
+ }
1207
1212
  return cognitoRequest(
1208
1213
  {
1209
1214
  ...params,
@@ -140,8 +140,16 @@ export interface _RespondToAuthChallengeWebAuthnRequest extends RespondToAuthCha
140
140
  SECRET_HASH?: string;
141
141
  };
142
142
  }
143
- type _RespondToAuthChallengeRequest = _RespondToAuthChallengePasswordVerifierRequest | _RespondToAuthChallengeSmsMfaRequest | _RespondToAuthChallengeCustomChallengeNameRequest | _RespondToAuthChallengeNewPasswordRequiredRequest | _RespondToAuthChallengeSoftwareTokenMfaRequest | _RespondToAuthChallengeDeviceSrpAuthRequest | _RespondToAuthChallengeDevicePasswordVerifierRequest | _RespondToAuthChallengeMfaSetupRequest | _RespondToAuthChallengeSelectMfaTypeRequest | _RespondToAuthChallengeWebAuthnRequest;
144
- export type RespondToAuthChallengeRequest = Omit<_RespondToAuthChallengePasswordVerifierRequest, 'ClientId'> | Omit<_RespondToAuthChallengeSmsMfaRequest, 'ClientId'> | Omit<_RespondToAuthChallengeCustomChallengeNameRequest, 'ClientId'> | Omit<_RespondToAuthChallengeNewPasswordRequiredRequest, 'ClientId'> | Omit<_RespondToAuthChallengeSoftwareTokenMfaRequest, 'ClientId'> | Omit<_RespondToAuthChallengeDeviceSrpAuthRequest, 'ClientId'> | Omit<_RespondToAuthChallengeDevicePasswordVerifierRequest, 'ClientId'> | Omit<_RespondToAuthChallengeMfaSetupRequest, 'ClientId'> | Omit<_RespondToAuthChallengeSelectMfaTypeRequest, 'ClientId'> | Omit<_RespondToAuthChallengeWebAuthnRequest, 'ClientId'>;
143
+ export interface _RespondToAuthChallengeEmailOtpRequest extends RespondToAuthChallengeBaseRequest {
144
+ ChallengeName: 'EMAIL_OTP';
145
+ ChallengeResponses: {
146
+ SECRET_HASH?: string;
147
+ EMAIL_OTP_CODE: string;
148
+ USERNAME: string;
149
+ };
150
+ }
151
+ type _RespondToAuthChallengeRequest = _RespondToAuthChallengePasswordVerifierRequest | _RespondToAuthChallengeSmsMfaRequest | _RespondToAuthChallengeCustomChallengeNameRequest | _RespondToAuthChallengeNewPasswordRequiredRequest | _RespondToAuthChallengeSoftwareTokenMfaRequest | _RespondToAuthChallengeDeviceSrpAuthRequest | _RespondToAuthChallengeDevicePasswordVerifierRequest | _RespondToAuthChallengeMfaSetupRequest | _RespondToAuthChallengeSelectMfaTypeRequest | _RespondToAuthChallengeWebAuthnRequest | _RespondToAuthChallengeEmailOtpRequest;
152
+ export type RespondToAuthChallengeRequest = Omit<_RespondToAuthChallengePasswordVerifierRequest, 'ClientId'> | Omit<_RespondToAuthChallengeSmsMfaRequest, 'ClientId'> | Omit<_RespondToAuthChallengeCustomChallengeNameRequest, 'ClientId'> | Omit<_RespondToAuthChallengeNewPasswordRequiredRequest, 'ClientId'> | Omit<_RespondToAuthChallengeSoftwareTokenMfaRequest, 'ClientId'> | Omit<_RespondToAuthChallengeDeviceSrpAuthRequest, 'ClientId'> | Omit<_RespondToAuthChallengeDevicePasswordVerifierRequest, 'ClientId'> | Omit<_RespondToAuthChallengeMfaSetupRequest, 'ClientId'> | Omit<_RespondToAuthChallengeSelectMfaTypeRequest, 'ClientId'> | Omit<_RespondToAuthChallengeWebAuthnRequest, 'ClientId'> | Omit<_RespondToAuthChallengeEmailOtpRequest, 'ClientId'>;
145
153
  export interface UserAttribute {
146
154
  Name: string;
147
155
  Value: string;
@@ -323,16 +331,14 @@ export interface ListDevicesResponse {
323
331
  PaginationToken?: string;
324
332
  }
325
333
  /**
326
- * Cognito supported federated identities public providers.
327
- * @see https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html for more information.
334
+ * Cognito built in identity providers.
328
335
  */
329
- export declare enum IdentityProvider {
330
- Cognito = "COGNITO",
331
- Google = "Google",
332
- Facebook = "Facebook",
333
- Amazon = "LoginWithAmazon",
334
- Apple = "SignInWithApple"
335
- }
336
+ export declare const IdentityProvider: {
337
+ Cognito: string;
338
+ Google: string;
339
+ Facebook: string;
340
+ Apple: string;
341
+ };
336
342
  export interface AuthenticationResult {
337
343
  AccessToken: string;
338
344
  ExpiresIn: number;
@@ -406,6 +412,15 @@ export interface InitAuthMfaSetupChallengeResponse extends InitiateAuthBaseRespo
406
412
  ChallengeParameters: never;
407
413
  MFAS_CAN_SETUP: ('SMS_MFA' | 'SOFTWARE_TOKEN_MFA')[];
408
414
  }
415
+ export interface InitAuthEmailOtpChallengeResponse extends InitiateAuthBaseResponse {
416
+ AuthenticationResult?: never;
417
+ ChallengeName: 'EMAIL_OTP';
418
+ ChallengeParameters: {
419
+ CODE_DELIVERY_DELIVERY_MEDIUM: string;
420
+ CODE_DELIVERY_DESTINATION: string;
421
+ };
422
+ Session: string;
423
+ }
409
424
  export interface MfaOption {
410
425
  DeliveryMedium: 'SMS' | 'EMAIL';
411
426
  AttributeName: string;
@@ -463,7 +478,7 @@ export interface ListWebAuthnCredentialsResponse {
463
478
  Credentials: WebAuthnCredential[];
464
479
  NextToken?: string;
465
480
  }
466
- export type InitiateAuthChallengeResponse = InitiateAuthPasswordVerifierChallengeResponse | InitiateAuthSoftwareTokenMfaChallengeResponse | InitiateAuthWebAuthResponse | InitiateEmailOtpChallengeResponse | InitAuthSelectChallengeResponse | InitAuthPasswordChallengeResponse | InitAuthPasswordSRPChallengeResponse | InitAuthMfaSetupChallengeResponse;
481
+ export type InitiateAuthChallengeResponse = InitiateAuthPasswordVerifierChallengeResponse | InitiateAuthSoftwareTokenMfaChallengeResponse | InitiateAuthWebAuthResponse | InitiateEmailOtpChallengeResponse | InitAuthSelectChallengeResponse | InitAuthPasswordChallengeResponse | InitAuthPasswordSRPChallengeResponse | InitAuthMfaSetupChallengeResponse | InitAuthEmailOtpChallengeResponse;
467
482
  export type InitiateAuthResponse = InitiateAuthAuthenticationResponse | InitiateAuthPasswordVerifierChallengeResponse | InitiateAuthChallengeResponse;
468
483
  type CognitoResponseMap = {
469
484
  [ServiceTarget.InitiateAuth]: InitiateAuthResponse;
@@ -770,7 +785,7 @@ export declare class CognitoClient {
770
785
  *
771
786
  * @throws {Error}
772
787
  */
773
- generateOAuthSignInUrl(identityProvider?: IdentityProvider): Promise<{
788
+ generateOAuthSignInUrl(identityProvider?: string): Promise<{
774
789
  url: string;
775
790
  state: string;
776
791
  pkce: string;
@@ -29,17 +29,14 @@ export var ServiceTarget;
29
29
  ServiceTarget["ListWebAuthnCredentials"] = "ListWebAuthnCredentials";
30
30
  })(ServiceTarget || (ServiceTarget = {}));
31
31
  /**
32
- * Cognito supported federated identities public providers.
33
- * @see https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html for more information.
32
+ * Cognito built in identity providers.
34
33
  */
35
- export var IdentityProvider;
36
- (function (IdentityProvider) {
37
- IdentityProvider["Cognito"] = "COGNITO";
38
- IdentityProvider["Google"] = "Google";
39
- IdentityProvider["Facebook"] = "Facebook";
40
- IdentityProvider["Amazon"] = "LoginWithAmazon";
41
- IdentityProvider["Apple"] = "SignInWithApple";
42
- })(IdentityProvider || (IdentityProvider = {}));
34
+ export const IdentityProvider = {
35
+ Cognito: 'COGNITO',
36
+ Google: 'Google',
37
+ Facebook: 'Facebook',
38
+ Apple: 'SignInWithApple'
39
+ };
43
40
  export function adaptExpiresIn(auth) {
44
41
  // Cognito returns expiresIn in seconds, but we want it in milliseconds from now
45
42
  return {
@@ -417,6 +414,9 @@ export class CognitoClient {
417
414
  * @returns
418
415
  */
419
416
  async respondToAuthChallenge(params) {
417
+ if (this.clientSecret && !params.ChallengeResponses.SECRET_HASH) {
418
+ params.ChallengeResponses.SECRET_HASH = await calculateSecretHash(this.clientSecret, this.userPoolClientId, params.ChallengeResponses.USERNAME);
419
+ }
420
420
  return cognitoRequest({
421
421
  ...params,
422
422
  ClientId: this.userPoolClientId
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@vardario/cognito-client",
3
- "version": "5.2.0",
3
+ "version": "5.3.0",
4
4
  "description": "",
5
5
  "license": "MIT",
6
6
  "author": "Sahin Vardar",
@@ -40,7 +40,7 @@
40
40
  "lint-staged": "^16.1.4",
41
41
  "prettier": "^3.1.0",
42
42
  "prettier-package-json": "^2.8.0",
43
- "semantic-release": "^24.2.7",
43
+ "semantic-release": "^25.0.3",
44
44
  "testcontainers": "^11.5.1",
45
45
  "tsx": "^4.7.1",
46
46
  "typescript": "^5.2.2",
@@ -54,7 +54,7 @@
54
54
  ],
55
55
  "package.json": "prettier-package-json --write"
56
56
  },
57
- "packageManager": "pnpm@8.10.5",
57
+ "packageManager": "pnpm@9.1.0",
58
58
  "release": {
59
59
  "branches": [
60
60
  "release"