Skip to content

Commit 85cdf58

Browse files
XtenderaXtendera
authored
Add OTP (Software MFA Token) Support. (#220)
1 parent 02fc963 commit 85cdf58

File tree

4 files changed

+19
-1
lines changed

4 files changed

+19
-1
lines changed

client/cognito-api.ts

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,8 @@ type ChallengeName =
3030
| "CUSTOM_CHALLENGE"
3131
| "PASSWORD_VERIFIER"
3232
| "SMS_MFA"
33-
| "NEW_PASSWORD_REQUIRED";
33+
| "NEW_PASSWORD_REQUIRED"
34+
| "SOFTWARE_TOKEN_MFA";
3435

3536
interface ChallengeResponse {
3637
ChallengeName: ChallengeName;
@@ -648,6 +649,7 @@ export async function handleAuthResponse({
648649
authResponse,
649650
username,
650651
smsMfaCode,
652+
otpMfaCode,
651653
newPassword,
652654
customChallengeAnswer,
653655
clientMetadata,
@@ -659,6 +661,7 @@ export async function handleAuthResponse({
659661
*/
660662
username: string;
661663
smsMfaCode?: () => Promise<string>;
664+
otpMfaCode?: () => Promise<string>;
662665
newPassword?: () => Promise<string>;
663666
customChallengeAnswer?: () => Promise<string>;
664667
clientMetadata?: Record<string, string>;
@@ -688,6 +691,9 @@ export async function handleAuthResponse({
688691
if (!customChallengeAnswer)
689692
throw new Error("Missing custom challenge answer");
690693
responseParameters.ANSWER = await customChallengeAnswer();
694+
} else if (authResponse.ChallengeName === "SOFTWARE_TOKEN_MFA") {
695+
if (!otpMfaCode) throw new Error("Missing Software MFA Code");
696+
responseParameters.SOFTWARE_TOKEN_MFA_CODE = await otpMfaCode();
691697
} else {
692698
throw new Error(`Unsupported challenge: ${authResponse.ChallengeName}`);
693699
}

client/plaintext.ts

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@ export function authenticateWithPlaintextPassword({
2121
username,
2222
password,
2323
smsMfaCode,
24+
otpMfaCode,
2425
newPassword,
2526
tokensCb,
2627
statusCb,
@@ -32,6 +33,7 @@ export function authenticateWithPlaintextPassword({
3233
username: string;
3334
password: string;
3435
smsMfaCode?: () => Promise<string>;
36+
otpMfaCode?: () => Promise<string>;
3537
newPassword?: () => Promise<string>;
3638
tokensCb?: (tokens: TokensFromSignIn) => void | Promise<void>;
3739
statusCb?: (status: BusyState | IdleState) => void;
@@ -57,6 +59,7 @@ export function authenticateWithPlaintextPassword({
5759
authResponse,
5860
username,
5961
smsMfaCode,
62+
otpMfaCode,
6063
newPassword,
6164
clientMetadata,
6265
abort: abort.signal,

client/react/hooks.tsx

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -501,6 +501,7 @@ function _usePasswordless() {
501501
username,
502502
password,
503503
smsMfaCode,
504+
otpMfaCode,
504505
clientMetadata,
505506
}: {
506507
/**
@@ -509,13 +510,15 @@ function _usePasswordless() {
509510
username: string;
510511
password: string;
511512
smsMfaCode?: () => Promise<string>;
513+
otpMfaCode?: () => Promise<string>;
512514
clientMetadata?: Record<string, string>;
513515
}) => {
514516
setLastError(undefined);
515517
const signinIn = authenticateWithSRP({
516518
username,
517519
password,
518520
smsMfaCode,
521+
otpMfaCode,
519522
clientMetadata,
520523
statusCb: setSigninInStatus,
521524
tokensCb: (tokens) => storeTokens(tokens).then(() => setTokens(tokens)),
@@ -528,6 +531,7 @@ function _usePasswordless() {
528531
username,
529532
password,
530533
smsMfaCode,
534+
otpMfaCode,
531535
clientMetadata,
532536
}: {
533537
/**
@@ -536,13 +540,15 @@ function _usePasswordless() {
536540
username: string;
537541
password: string;
538542
smsMfaCode?: () => Promise<string>;
543+
otpMfaCode?: () => Promise<string>;
539544
clientMetadata?: Record<string, string>;
540545
}) => {
541546
setLastError(undefined);
542547
const signinIn = authenticateWithPlaintextPassword({
543548
username,
544549
password,
545550
smsMfaCode,
551+
otpMfaCode,
546552
clientMetadata,
547553
statusCb: setSigninInStatus,
548554
tokensCb: (tokens) => storeTokens(tokens).then(() => setTokens(tokens)),

client/srp.ts

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -255,6 +255,7 @@ export function authenticateWithSRP({
255255
username,
256256
password,
257257
smsMfaCode,
258+
otpMfaCode,
258259
newPassword,
259260
customChallengeAnswer,
260261
authflow = "USER_SRP_AUTH",
@@ -268,6 +269,7 @@ export function authenticateWithSRP({
268269
username: string;
269270
password: string;
270271
smsMfaCode?: () => Promise<string>;
272+
otpMfaCode?: () => Promise<string>;
271273
newPassword?: () => Promise<string>;
272274
customChallengeAnswer?: () => Promise<string>;
273275
authflow?: "USER_SRP_AUTH" | "CUSTOM_AUTH";
@@ -335,6 +337,7 @@ export function authenticateWithSRP({
335337
authResponse: authResult,
336338
username,
337339
smsMfaCode,
340+
otpMfaCode,
338341
newPassword,
339342
customChallengeAnswer,
340343
clientMetadata,

0 commit comments

Comments
 (0)