diff --git a/src/targets/initiateAuth.test.ts b/src/targets/initiateAuth.test.ts index c6278d97..13799eae 100644 --- a/src/targets/initiateAuth.test.ts +++ b/src/targets/initiateAuth.test.ts @@ -77,6 +77,7 @@ describe("InitiateAuth target", () => { USERNAME: "0000-0000", PASSWORD: "bad-password", }, + Session: "Session", }) ).rejects.toBeInstanceOf(InvalidPasswordError); }); @@ -100,6 +101,7 @@ describe("InitiateAuth target", () => { USERNAME: "0000-0000", PASSWORD: "bad-password", }, + Session: "Session", }) ).rejects.toBeInstanceOf(PasswordResetRequiredError); }); @@ -119,19 +121,19 @@ describe("InitiateAuth target", () => { }); mockUserPoolClient.getUserByUsername.mockResolvedValue(null); - const output = await initiateAuth({ + const output = (await initiateAuth({ ClientId: "clientId", AuthFlow: "USER_PASSWORD_AUTH", AuthParameters: { USERNAME: "0000-0000", PASSWORD: "hunter2", }, - }); + Session: "Session", + })) as PasswordVerifierOutput; expect(output).toBeDefined(); - expect( - (output as PasswordVerifierOutput).AuthenticationResult.AccessToken - ).toBeDefined(); + expect(output.Session).toBe("Session"); + expect(output.AuthenticationResult.AccessToken).toBeDefined(); }); }); @@ -148,6 +150,7 @@ describe("InitiateAuth target", () => { USERNAME: "0000-0000", PASSWORD: "hunter2", }, + Session: "Session", }) ).rejects.toBeInstanceOf(NotAuthorizedError); }); @@ -197,9 +200,12 @@ describe("InitiateAuth target", () => { USERNAME: "0000-0000", PASSWORD: "hunter2", }, + Session: "Session", })) as SmsMfaOutput; expect(output).toBeDefined(); + expect(output.Session).toBe("Session"); + expect(mockCodeDelivery).toHaveBeenCalledWith(user, { AttributeName: "phone_number", DeliveryMedium: "SMS", @@ -236,6 +242,7 @@ describe("InitiateAuth target", () => { USERNAME: "0000-0000", PASSWORD: "hunter2", }, + Session: "Session", }) ).rejects.toBeInstanceOf(NotAuthorizedError); }); @@ -284,9 +291,12 @@ describe("InitiateAuth target", () => { USERNAME: "0000-0000", PASSWORD: "hunter2", }, + Session: "Session", })) as SmsMfaOutput; expect(output).toBeDefined(); + expect(output.Session).toBe("Session"); + expect(mockCodeDelivery).toHaveBeenCalledWith(user, { AttributeName: "phone_number", DeliveryMedium: "SMS", @@ -325,9 +335,11 @@ describe("InitiateAuth target", () => { USERNAME: "0000-0000", PASSWORD: "hunter2", }, + Session: "Session", })) as PasswordVerifierOutput; expect(output).toBeDefined(); + expect(output.Session).toBe("Session"); // access token expect(output.AuthenticationResult.AccessToken).toBeDefined(); @@ -405,9 +417,11 @@ describe("InitiateAuth target", () => { USERNAME: "0000-0000", PASSWORD: "hunter2", }, + Session: "Session", })) as PasswordVerifierOutput; expect(output).toBeDefined(); + expect(output.Session).toBe("Session"); // access token expect(output.AuthenticationResult.AccessToken).toBeDefined(); diff --git a/src/targets/initiateAuth.ts b/src/targets/initiateAuth.ts index 74586fbf..9ec6f411 100644 --- a/src/targets/initiateAuth.ts +++ b/src/targets/initiateAuth.ts @@ -14,6 +14,7 @@ interface Input { AuthFlow: "USER_PASSWORD_AUTH" | "CUSTOM_AUTH"; ClientId: string; AuthParameters: { USERNAME: string; PASSWORD: string }; + Session: string | null; } export interface SmsMfaOutput { @@ -23,13 +24,13 @@ export interface SmsMfaOutput { CODE_DELIVERY_DESTINATION: string; USER_ID_FOR_SRP: string; }; - Session: string; + Session: string | null; } export interface PasswordVerifierOutput { ChallengeName: "PASSWORD_VERIFIER"; ChallengeParameters: {}; - Session: string; + Session: string | null; AuthenticationResult: { IdToken: string; AccessToken: string; @@ -43,6 +44,7 @@ export type InitiateAuthTarget = (body: Input) => Promise; const verifyMfaChallenge = async ( user: User, + body: Input, userPool: UserPoolClient, codeDelivery: CodeDelivery ): Promise => { @@ -79,7 +81,7 @@ const verifyMfaChallenge = async ( CODE_DELIVERY_DESTINATION: deliveryDestination, USER_ID_FOR_SRP: user.Username, }, - Session: "", + Session: body.Session, }; }; @@ -138,7 +140,7 @@ const verifyPasswordChallenge = ( ), RefreshToken: "<< TODO >>", }, - Session: "", + Session: body.Session, }; }; @@ -180,12 +182,11 @@ export const InitiateAuth = ({ } if ( - userPool.config.MfaConfiguration === "OPTIONAL" && - (user.MFAOptions ?? []).length > 0 + (userPool.config.MfaConfiguration === "OPTIONAL" && + (user.MFAOptions ?? []).length > 0) || + userPool.config.MfaConfiguration === "ON" ) { - return verifyMfaChallenge(user, userPool, codeDelivery); - } else if (userPool.config.MfaConfiguration === "ON") { - return verifyMfaChallenge(user, userPool, codeDelivery); + return verifyMfaChallenge(user, body, userPool, codeDelivery); } return verifyPasswordChallenge(user, body, userPool);