| 1 | import { AuthOptions, FederatedResponse, SignUpParams, FederatedUser, ConfirmSignUpOptions, SignOutOpts, CurrentUserOpts, GetPreferredMFAOpts, SignInOpts, FederatedSignInOptionsCustom, LegacyProvider, FederatedSignInOptions, ClientMetaData } from './types';
|
| 2 | import { ICredentials } from '@aws-amplify/core';
|
| 3 | import { ISignUpResult, CognitoUser, MFAOption, CognitoUserSession, CognitoUserAttribute, NodeCallback } from 'amazon-cognito-identity-js';
|
| 4 | import { AuthError } from './Errors';
|
| 5 | import { IAuthDevice } from './types/Auth';
|
| 6 | /**
|
| 7 | * Provide authentication steps
|
| 8 | */
|
| 9 | export declare class AuthClass {
|
| 10 | private _config;
|
| 11 | private userPool;
|
| 12 | private user;
|
| 13 | private _oAuthHandler;
|
| 14 | private _storage;
|
| 15 | private _storageSync;
|
| 16 | private oAuthFlowInProgress;
|
| 17 | private pendingSignIn;
|
| 18 | Credentials: import("@aws-amplify/core").CredentialsClass;
|
| 19 | /**
|
| 20 | * Initialize Auth with AWS configurations
|
| 21 | * @param {Object} config - Configuration of the Auth
|
| 22 | */
|
| 23 | constructor(config: AuthOptions);
|
| 24 | getModuleName(): string;
|
| 25 | configure(config?: any): AuthOptions;
|
| 26 | wrapRefreshSessionCallback: (callback: NodeCallback<Error, any>) => NodeCallback<Error, any>;
|
| 27 | /**
|
| 28 | * Sign up with username, password and other attributes like phone, email
|
| 29 | * @param {String | object} params - The user attributes used for signin
|
| 30 | * {String[]} restOfAttrs - for the backward compatability
|
| 31 | * - A promise resolves callback data if success
|
| 32 | */
|
| 33 | signUp(params: string | SignUpParams, ...restOfAttrs: string[]): Promise<ISignUpResult>;
|
| 34 | /**
|
| 35 | * Send the verification code to confirm sign up
|
| 36 | * @param {String} username - The username to be confirmed
|
| 37 | * @param {String} code - The verification code
|
| 38 | * @param {ConfirmSignUpOptions} options - other options for confirm signup
|
| 39 | * @return - A promise resolves callback data if success
|
| 40 | */
|
| 41 | confirmSignUp(username: string, code: string, options?: ConfirmSignUpOptions): Promise<any>;
|
| 42 | /**
|
| 43 | * Resend the verification code
|
| 44 | * @param {String} username - The username to be confirmed
|
| 45 | * @param {ClientMetadata} clientMetadata - Metadata to be passed to Cognito Lambda triggers
|
| 46 | * @return - A promise resolves code delivery details if successful
|
| 47 | */
|
| 48 | resendSignUp(username: string, clientMetadata?: ClientMetaData): Promise<any>;
|
| 49 | /**
|
| 50 | * Sign in
|
| 51 | * @param {String | SignInOpts} usernameOrSignInOpts - The username to be signed in or the sign in options
|
| 52 | * @param {String} password - The password of the username
|
| 53 | * @return - A promise resolves the CognitoUser
|
| 54 | */
|
| 55 | signIn(usernameOrSignInOpts: string | SignInOpts, pw?: string, clientMetadata?: ClientMetaData): Promise<CognitoUser | any>;
|
| 56 | /**
|
| 57 | * Return an object with the authentication callbacks
|
| 58 | * @param {CognitoUser} user - the cognito user object
|
| 59 | * @param {} resolve - function called when resolving the current step
|
| 60 | * @param {} reject - function called when rejecting the current step
|
| 61 | * @return - an object with the callback methods for user authentication
|
| 62 | */
|
| 63 | private authCallbacks;
|
| 64 | /**
|
| 65 | * Sign in with a password
|
| 66 | * @private
|
| 67 | * @param {AuthenticationDetails} authDetails - the user sign in data
|
| 68 | * @return - A promise resolves the CognitoUser object if success or mfa required
|
| 69 | */
|
| 70 | private signInWithPassword;
|
| 71 | /**
|
| 72 | * Sign in without a password
|
| 73 | * @private
|
| 74 | * @param {AuthenticationDetails} authDetails - the user sign in data
|
| 75 | * @return - A promise resolves the CognitoUser object if success or mfa required
|
| 76 | */
|
| 77 | private signInWithoutPassword;
|
| 78 | /**
|
| 79 | * This was previously used by an authenticated user to get MFAOptions,
|
| 80 | * but no longer returns a meaningful response. Refer to the documentation for
|
| 81 | * how to setup and use MFA: https://docs.amplify.aws/lib/auth/mfa/q/platform/js
|
| 82 | * @deprecated
|
| 83 | * @param {CognitoUser} user - the current user
|
| 84 | * @return - A promise resolves the current preferred mfa option if success
|
| 85 | */
|
| 86 | getMFAOptions(user: CognitoUser | any): Promise<MFAOption[]>;
|
| 87 | /**
|
| 88 | * get preferred mfa method
|
| 89 | * @param {CognitoUser} user - the current cognito user
|
| 90 | * @param {GetPreferredMFAOpts} params - options for getting the current user preferred MFA
|
| 91 | */
|
| 92 | getPreferredMFA(user: CognitoUser | any, params?: GetPreferredMFAOpts): Promise<string>;
|
| 93 | private _getMfaTypeFromUserData;
|
| 94 | private _getUserData;
|
| 95 | /**
|
| 96 | * set preferred MFA method
|
| 97 | * @param {CognitoUser} user - the current Cognito user
|
| 98 | * @param {string} mfaMethod - preferred mfa method
|
| 99 | * @return - A promise resolve if success
|
| 100 | */
|
| 101 | setPreferredMFA(user: CognitoUser | any, mfaMethod: 'TOTP' | 'SMS' | 'NOMFA' | 'SMS_MFA' | 'SOFTWARE_TOKEN_MFA'): Promise<string>;
|
| 102 | /**
|
| 103 | * disable SMS
|
| 104 | * @deprecated
|
| 105 | * @param {CognitoUser} user - the current user
|
| 106 | * @return - A promise resolves is success
|
| 107 | */
|
| 108 | disableSMS(user: CognitoUser): Promise<string>;
|
| 109 | /**
|
| 110 | * enable SMS
|
| 111 | * @deprecated
|
| 112 | * @param {CognitoUser} user - the current user
|
| 113 | * @return - A promise resolves is success
|
| 114 | */
|
| 115 | enableSMS(user: CognitoUser): Promise<string>;
|
| 116 | /**
|
| 117 | * Setup TOTP
|
| 118 | * @param {CognitoUser} user - the current user
|
| 119 | * @return - A promise resolves with the secret code if success
|
| 120 | */
|
| 121 | setupTOTP(user: CognitoUser | any): Promise<string>;
|
| 122 | /**
|
| 123 | * verify TOTP setup
|
| 124 | * @param {CognitoUser} user - the current user
|
| 125 | * @param {string} challengeAnswer - challenge answer
|
| 126 | * @return - A promise resolves is success
|
| 127 | */
|
| 128 | verifyTotpToken(user: CognitoUser | any, challengeAnswer: string): Promise<CognitoUserSession>;
|
| 129 | /**
|
| 130 | * Send MFA code to confirm sign in
|
| 131 | * @param {Object} user - The CognitoUser object
|
| 132 | * @param {String} code - The confirmation code
|
| 133 | */
|
| 134 | confirmSignIn(user: CognitoUser | any, code: string, mfaType?: 'SMS_MFA' | 'SOFTWARE_TOKEN_MFA' | null, clientMetadata?: ClientMetaData): Promise<CognitoUser | any>;
|
| 135 | completeNewPassword(user: CognitoUser | any, password: string, requiredAttributes?: any, clientMetadata?: ClientMetaData): Promise<CognitoUser | any>;
|
| 136 | /**
|
| 137 | * Send the answer to a custom challenge
|
| 138 | * @param {CognitoUser} user - The CognitoUser object
|
| 139 | * @param {String} challengeResponses - The confirmation code
|
| 140 | */
|
| 141 | sendCustomChallengeAnswer(user: CognitoUser | any, challengeResponses: string, clientMetadata?: ClientMetaData): Promise<CognitoUser | any>;
|
| 142 | /**
|
| 143 | * Delete an authenticated users' attributes
|
| 144 | * @param {CognitoUser} - The currently logged in user object
|
| 145 | * @return {Promise}
|
| 146 | **/
|
| 147 | deleteUserAttributes(user: CognitoUser | any, attributeNames: string[]): Promise<unknown>;
|
| 148 | /**
|
| 149 | * Delete the current authenticated user
|
| 150 | * @return {Promise}
|
| 151 | **/
|
| 152 | deleteUser(): Promise<string | void>;
|
| 153 | /**
|
| 154 | * Update an authenticated users' attributes
|
| 155 | * @param {CognitoUser} - The currently logged in user object
|
| 156 | * @return {Promise}
|
| 157 | **/
|
| 158 | updateUserAttributes(user: CognitoUser | any, attributes: object, clientMetadata?: ClientMetaData): Promise<string>;
|
| 159 | /**
|
| 160 | * Return user attributes
|
| 161 | * @param {Object} user - The CognitoUser object
|
| 162 | * @return - A promise resolves to user attributes if success
|
| 163 | */
|
| 164 | userAttributes(user: CognitoUser | any): Promise<CognitoUserAttribute[]>;
|
| 165 | verifiedContact(user: CognitoUser | any): Promise<{
|
| 166 | verified: {};
|
| 167 | unverified: {};
|
| 168 | }>;
|
| 169 | private isErrorWithMessage;
|
| 170 | private isTokenRevokedError;
|
| 171 | private isRefreshTokenRevokedError;
|
| 172 | private isUserDisabledError;
|
| 173 | private isUserDoesNotExistError;
|
| 174 | private isRefreshTokenExpiredError;
|
| 175 | private isSignedInHostedUI;
|
| 176 | private isSessionInvalid;
|
| 177 | private cleanUpInvalidSession;
|
| 178 | /**
|
| 179 | * Get current authenticated user
|
| 180 | * @return - A promise resolves to current authenticated CognitoUser if success
|
| 181 | */
|
| 182 | currentUserPoolUser(params?: CurrentUserOpts): Promise<CognitoUser | any>;
|
| 183 | private isOAuthInProgress;
|
| 184 | /**
|
| 185 | * Get current authenticated user
|
| 186 | * @param {CurrentUserOpts} - options for getting the current user
|
| 187 | * @return - A promise resolves to current authenticated CognitoUser if success
|
| 188 | */
|
| 189 | currentAuthenticatedUser(params?: CurrentUserOpts): Promise<CognitoUser | any>;
|
| 190 | /**
|
| 191 | * Get current user's session
|
| 192 | * @return - A promise resolves to session object if success
|
| 193 | */
|
| 194 | currentSession(): Promise<CognitoUserSession>;
|
| 195 | /**
|
| 196 | * Get the corresponding user session
|
| 197 | * @param {Object} user - The CognitoUser object
|
| 198 | * @return - A promise resolves to the session
|
| 199 | */
|
| 200 | userSession(user: any): Promise<CognitoUserSession>;
|
| 201 | /**
|
| 202 | * Get authenticated credentials of current user.
|
| 203 | * @return - A promise resolves to be current user's credentials
|
| 204 | */
|
| 205 | currentUserCredentials(): Promise<ICredentials>;
|
| 206 | currentCredentials(): Promise<ICredentials>;
|
| 207 | /**
|
| 208 | * Initiate an attribute confirmation request
|
| 209 | * @param {Object} user - The CognitoUser
|
| 210 | * @param {Object} attr - The attributes to be verified
|
| 211 | * @return - A promise resolves to callback data if success
|
| 212 | */
|
| 213 | verifyUserAttribute(user: CognitoUser | any, attr: string, clientMetadata?: ClientMetaData): Promise<void>;
|
| 214 | /**
|
| 215 | * Confirm an attribute using a confirmation code
|
| 216 | * @param {Object} user - The CognitoUser
|
| 217 | * @param {Object} attr - The attribute to be verified
|
| 218 | * @param {String} code - The confirmation code
|
| 219 | * @return - A promise resolves to callback data if success
|
| 220 | */
|
| 221 | verifyUserAttributeSubmit(user: CognitoUser | any, attr: string, code: string): Promise<string>;
|
| 222 | verifyCurrentUserAttribute(attr: string): Promise<void>;
|
| 223 | /**
|
| 224 | * Confirm current user's attribute using a confirmation code
|
| 225 | * @param {Object} attr - The attribute to be verified
|
| 226 | * @param {String} code - The confirmation code
|
| 227 | * @return - A promise resolves to callback data if success
|
| 228 | */
|
| 229 | verifyCurrentUserAttributeSubmit(attr: string, code: string): Promise<string>;
|
| 230 | private cognitoIdentitySignOut;
|
| 231 | private oAuthSignOutRedirect;
|
| 232 | private oAuthSignOutAndResolve;
|
| 233 | private oAuthSignOutRedirectOrReject;
|
| 234 | /**
|
| 235 | * Sign out method
|
| 236 | * @
|
| 237 | * @return - A promise resolved if success
|
| 238 | */
|
| 239 | signOut(opts?: SignOutOpts): Promise<any>;
|
| 240 | private cleanCachedItems;
|
| 241 | /**
|
| 242 | * Change a password for an authenticated user
|
| 243 | * @param {Object} user - The CognitoUser object
|
| 244 | * @param {String} oldPassword - the current password
|
| 245 | * @param {String} newPassword - the requested new password
|
| 246 | * @return - A promise resolves if success
|
| 247 | */
|
| 248 | changePassword(user: CognitoUser | any, oldPassword: string, newPassword: string, clientMetadata?: ClientMetaData): Promise<'SUCCESS'>;
|
| 249 | /**
|
| 250 | * Initiate a forgot password request
|
| 251 | * @param {String} username - the username to change password
|
| 252 | * @return - A promise resolves if success
|
| 253 | */
|
| 254 | forgotPassword(username: string, clientMetadata?: ClientMetaData): Promise<any>;
|
| 255 | /**
|
| 256 | * Confirm a new password using a confirmation Code
|
| 257 | * @param {String} username - The username
|
| 258 | * @param {String} code - The confirmation code
|
| 259 | * @param {String} password - The new password
|
| 260 | * @return - A promise that resolves if success
|
| 261 | */
|
| 262 | forgotPasswordSubmit(username: string, code: string, password: string, clientMetadata?: ClientMetaData): Promise<string>;
|
| 263 | /**
|
| 264 | * Get user information
|
| 265 | * @async
|
| 266 | * @return {Object }- current User's information
|
| 267 | */
|
| 268 | currentUserInfo(): Promise<any>;
|
| 269 | federatedSignIn(options?: FederatedSignInOptions): Promise<ICredentials>;
|
| 270 | federatedSignIn(provider: LegacyProvider, response: FederatedResponse, user: FederatedUser): Promise<ICredentials>;
|
| 271 | federatedSignIn(options?: FederatedSignInOptionsCustom): Promise<ICredentials>;
|
| 272 | /**
|
| 273 | * Used to complete the OAuth flow with or without the Cognito Hosted UI
|
| 274 | * @param {String} URL - optional parameter for customers to pass in the response URL
|
| 275 | */
|
| 276 | private _handleAuthResponse;
|
| 277 | /**
|
| 278 | * Compact version of credentials
|
| 279 | * @param {Object} credentials
|
| 280 | * @return {Object} - Credentials
|
| 281 | */
|
| 282 | essentialCredentials(credentials: any): ICredentials;
|
| 283 | private attributesToObject;
|
| 284 | private isTruthyString;
|
| 285 | private createCognitoUser;
|
| 286 | private _isValidAuthStorage;
|
| 287 | private noUserPoolErrorHandler;
|
| 288 | private rejectAuthError;
|
| 289 | private rejectNoUserPool;
|
| 290 | rememberDevice(): Promise<string | AuthError>;
|
| 291 | forgetDevice(): Promise<void>;
|
| 292 | fetchDevices(): Promise<IAuthDevice[]>;
|
| 293 | }
|
| 294 | export declare const Auth: AuthClass;
|